From 546dabd7aa96fc4986b0f45fa6d6381cb14264e1 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 31 May 2018 18:20:51 +0300
Subject: [PATCH 001/504] Add 'installbox' configuration.

---
 installbox.yml                                | 24 ++++++
 roles/dhcp-dns-dnsmasq/handlers/main.yml      |  3 +
 roles/dhcp-dns-dnsmasq/tasks/main.yml         | 10 +++
 .../templates/dnsmasq-transparent-proxy.j2    |  2 +
 roles/preseed-installer/tasks/main.yml        | 27 ++++++
 roles/preseed-installer/templates/preseed.cfg | 37 ++++++++
 .../tftp-netboot-installer/handlers/main.yml  |  3 +
 roles/tftp-netboot-installer/tasks/main.yml   | 28 ++++++
 .../dnsmasq-tftp-netboot-installer.j2         |  5 ++
 .../files/store_id_regex.conf                 |  2 +
 roles/transparent-squid/handlers/main.yml     |  3 +
 roles/transparent-squid/tasks/main.yml        | 62 +++++++++++++
 .../two-interface-shorewall/handlers/main.yml |  7 ++
 roles/two-interface-shorewall/tasks/main.yml  | 86 +++++++++++++++++++
 .../templates/interfaces-static.j2            |  5 ++
 roles/up2date-debian/tasks/main.yml           | 19 ++++
 16 files changed, 323 insertions(+)
 create mode 100644 installbox.yml
 create mode 100644 roles/dhcp-dns-dnsmasq/handlers/main.yml
 create mode 100644 roles/dhcp-dns-dnsmasq/tasks/main.yml
 create mode 100644 roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2
 create mode 100644 roles/preseed-installer/tasks/main.yml
 create mode 100644 roles/preseed-installer/templates/preseed.cfg
 create mode 100644 roles/tftp-netboot-installer/handlers/main.yml
 create mode 100644 roles/tftp-netboot-installer/tasks/main.yml
 create mode 100644 roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
 create mode 100644 roles/transparent-squid/files/store_id_regex.conf
 create mode 100644 roles/transparent-squid/handlers/main.yml
 create mode 100644 roles/transparent-squid/tasks/main.yml
 create mode 100644 roles/two-interface-shorewall/handlers/main.yml
 create mode 100644 roles/two-interface-shorewall/tasks/main.yml
 create mode 100644 roles/two-interface-shorewall/templates/interfaces-static.j2
 create mode 100644 roles/up2date-debian/tasks/main.yml

diff --git a/installbox.yml b/installbox.yml
new file mode 100644
index 0000000..7f4e9cc
--- /dev/null
+++ b/installbox.yml
@@ -0,0 +1,24 @@
+---
+# This playbook deploys the installbox on a minimal installation.
+
+- name: apply configuration to the installbox
+  hosts: installboxes
+  remote_user: ansible
+  become: yes
+  vars:
+    hostname: installbox
+    di_dist: "stretch"
+    if_lan: "ens8"
+    if_wan: "{{ ansible_default_ipv4.interface }}"
+    ipaddr_lan: 192.168.0.10
+    dhcp_range: 192.168.0.50,192.168.0.150,2h
+    tftp_root: "/var/lib/tftpboot"
+    deb_mirror: "ftp-stud.hs-esslingen.de"
+
+  roles:
+    - up2date-debian
+    - two-interface-shorewall
+    - dhcp-dns-dnsmasq
+    - transparent-squid
+    - tftp-netboot-installer
+    - preseed-installer
diff --git a/roles/dhcp-dns-dnsmasq/handlers/main.yml b/roles/dhcp-dns-dnsmasq/handlers/main.yml
new file mode 100644
index 0000000..f549f18
--- /dev/null
+++ b/roles/dhcp-dns-dnsmasq/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: restart dnsmasq
+  service: name=dnsmasq state=restarted enabled=yes
+  listen: "restart dnsmasq"
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
new file mode 100644
index 0000000..840a4d7
--- /dev/null
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -0,0 +1,10 @@
+- name: install dns-firewall packages
+  apt:
+    name: dnsmasq
+    state: latest
+
+- name: configure dnsmasq
+  template:
+    src: dnsmasq-transparent-proxy.j2
+    dest: /etc/dnsmasq.d/transparent-proxy
+  notify: "restart dnsmasq"
diff --git a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2 b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2
new file mode 100644
index 0000000..a6ca62b
--- /dev/null
+++ b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2
@@ -0,0 +1,2 @@
+interface={{ if_lan }}
+dhcp-range={{ dhcp_range }}
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
new file mode 100644
index 0000000..326b857
--- /dev/null
+++ b/roles/preseed-installer/tasks/main.yml
@@ -0,0 +1,27 @@
+- name: make preseed directory available
+  file:
+    path: "{{ tftp_root }}/d-i/{{ di_dist }}"
+    state: directory
+
+- name: provide preseed file
+  template:
+    src: preseed.cfg
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
+
+- name: make installbox resolvable in /etc/hosts from LAN
+  replace:
+    dest: /etc/hosts
+    regexp: '(127.0.1.1\s+)installbox'
+    replace: '\1localhost\n{{ ipaddr_lan }}	installbox'
+
+- name: add auto boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/pxelinux.HEAD
+    insertbefore: EOF
+    block: |
+      LABEL quick
+      MENU LABEL Debian Installer ({{ di_dist }} ; amd64 + Preseed)
+      kernel ::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/linux
+      append initrd=::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://installbox
+      TIMEOUT 100
+  notify: "rebuild di-netboot-assistant menu"
diff --git a/roles/preseed-installer/templates/preseed.cfg b/roles/preseed-installer/templates/preseed.cfg
new file mode 100644
index 0000000..e544344
--- /dev/null
+++ b/roles/preseed-installer/templates/preseed.cfg
@@ -0,0 +1,37 @@
+#### Preconfiguration file
+## For more examples and comments:
+##   https://www.debian.org/releases/stable/example-preseed.txt
+
+## To change default values:
+#d-i foo/bar string value
+#d-i foo/bar seen false
+
+## Use this as boot parameter:
+## DEBCONF_DEBUG=5
+## Boot parameter locale?=de_DE
+
+# Preseeding only locale sets language, country and locale:
+d-i debian-installer/locale string de_DE
+d-i keyboard-configuration/xkb-keymap select de
+
+## Skip root account:
+d-i passwd/root-login boolean false
+
+### Apt setup
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+d-i mirror/http/mirror string {{ deb_mirror }}
+
+### Ansible User
+d-i passwd/user-fullname string Ansible User
+d-i passwd/username string ansible
+d-i passwd/user-password password insecure
+d-i passwd/user-password-again password insecure
+#d-i passwd/user-password-crypted password [crypt(3) hash]
+
+### Package selection
+tasksel tasksel/desktop multiselect standard openssh-server
+tasksel tasksel/desktop seen false
+
+# Individual additional packages to install
+d-i pkgsel/include string firmware-linux
diff --git a/roles/tftp-netboot-installer/handlers/main.yml b/roles/tftp-netboot-installer/handlers/main.yml
new file mode 100644
index 0000000..9aee0b2
--- /dev/null
+++ b/roles/tftp-netboot-installer/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: rebuild di-netboot-assistant menu
+  command: di-netboot-assistant rebuild-menu
+  listen: rebuild di-netboot-assistant menu
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/tftp-netboot-installer/tasks/main.yml
new file mode 100644
index 0000000..cb71006
--- /dev/null
+++ b/roles/tftp-netboot-installer/tasks/main.yml
@@ -0,0 +1,28 @@
+- name: install tftp-netboot-installer packages
+  apt:
+    name:
+      - di-netboot-assistant
+      - debian-installer-9-netboot-amd64
+
+- name: bind mount images
+  mount:
+    name: "{{ tftp_root }}/di-netboot-pkg/"
+    src: /usr/lib/debian-installer/
+    fstype: none
+    opts: bind
+#    state: mounted   BEGINN WORKAROUND
+    state: present
+  register: fstab
+
+- name: Reload fstab
+  command: mount -a
+  when: fstab.changed
+# https://github.com/ansible/ansible/issues/23487 END WORKAROUND
+
+- name: configure dnsmasq
+  template:
+    src: dnsmasq-tftp-netboot-installer.j2
+    dest: /etc/dnsmasq.d/tftp-netboot-installer
+  notify:
+    - restart dnsmasq
+    - rebuild di-netboot-assistant menu
diff --git a/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2 b/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
new file mode 100644
index 0000000..3e627d8
--- /dev/null
+++ b/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
@@ -0,0 +1,5 @@
+enable-tftp
+tftp-root={{ tftp_root }}
+dhcp-boot=debian-installer/pxelinux.0
+dhcp-match=set:efi-x86_64,option:client-arch,7
+dhcp-boot=tag:efi-x86_64,debian-installer/bootnetx64.efi
diff --git a/roles/transparent-squid/files/store_id_regex.conf b/roles/transparent-squid/files/store_id_regex.conf
new file mode 100644
index 0000000..3d88f21
--- /dev/null
+++ b/roles/transparent-squid/files/store_id_regex.conf
@@ -0,0 +1,2 @@
+^http:\/\/.+\/(.+\.deb)	http://debian.mirrors.squid.internal/Archive-http/$1
+^http:\/\/.+\/(.+\.udeb)	http://debian.mirrors.squid.internal/Archive-http/$1
diff --git a/roles/transparent-squid/handlers/main.yml b/roles/transparent-squid/handlers/main.yml
new file mode 100644
index 0000000..c103a79
--- /dev/null
+++ b/roles/transparent-squid/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: restart squid
+  service: name=squid state=restarted enabled=yes
+  listen: "restart squid"
diff --git a/roles/transparent-squid/tasks/main.yml b/roles/transparent-squid/tasks/main.yml
new file mode 100644
index 0000000..581acc9
--- /dev/null
+++ b/roles/transparent-squid/tasks/main.yml
@@ -0,0 +1,62 @@
+- name: install squid package
+  apt:
+    name: squid
+    state: latest
+
+- name: configure squid extra lines
+  lineinfile:
+    dest: /etc/squid/squid.conf
+    line: "{{ item.line }}"
+    insertafter: "{{ item.insertafter }}"
+  with_items:
+    - { line: "acl localnet src 192.168.0.0/16", insertafter: "#acl localnet src 192.168.0.0/16" }
+    - { line: "http_access allow localnet", insertafter: "#http_access allow localnet" }
+    - { line: "http_port 3129 intercept", insertafter: "http_port 3128" }
+    - { line: "maximum_object_size_in_memory 10240 KB", insertafter: "# maximum_object_size_in_memory" }
+    - { line: "maximum_object_size 512 MB", insertafter: "# maximum_object_size" }
+    - { line: "cache_dir aufs /var/spool/squid 20000 16 256", insertafter: "#cache_dir ufs /var/spool/squid" }
+  notify: "restart squid"
+
+- name: configure squid store IDs
+  blockinfile:
+    dest: /etc/squid/squid.conf
+    insertbefore: "TAG: store_miss"
+    block: |
+      store_id_program /usr/lib/squid/storeid_file_rewrite /etc/squid/store_id_regex.conf
+      store_id_bypass off
+      acl Ordinary http_status 200-299
+      send_hit deny !Ordinary
+      store_miss deny !Ordinary
+    marker: "# {mark} ANSIBLE MANAGED BLOCK store_id"
+  notify: "restart squid"
+
+- name: provide store_id_regex.conf
+  copy:
+    src: store_id_regex.conf
+    dest: /etc/squid/store_id_regex.conf
+  notify: "restart squid"
+
+- name: configure squid as package cache
+  blockinfile:
+    dest: /etc/squid/squid.conf
+    insertbefore: "# Add any of your own refresh_pattern entries above these."
+    block: |
+      # refresh pattern for debs and udebs
+      refresh_pattern deb$ 129600 100% 129600
+      refresh_pattern udeb$ 129600 100% 129600
+      refresh_pattern tar.gz$ 129600 100% 129600
+      refresh_pattern tar.xz$ 129600 100% 129600
+      refresh_pattern tar.bz2$ 129600 100% 129600
+      # always refresh Packages and Release files
+      refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
+      refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
+      refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
+      refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0
+    marker: "# {mark} ANSIBLE MANAGED BLOCK refresh_pattern"
+  notify: "restart squid"
+
+- name: redirect www traffic in shorewall
+  lineinfile:
+    dest: /etc/shorewall/rules
+    line: "REDIRECT	loc		3129		tcp	www"
+  notify: "restart shorewall"
diff --git a/roles/two-interface-shorewall/handlers/main.yml b/roles/two-interface-shorewall/handlers/main.yml
new file mode 100644
index 0000000..58e1a17
--- /dev/null
+++ b/roles/two-interface-shorewall/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: restart networking
+  service: name=networking state=restarted enabled=yes
+  listen: restart networking
+
+- name: restart shorewall
+  service: name=shorewall state=restarted enabled=yes
+  listen: restart shorewall
diff --git a/roles/two-interface-shorewall/tasks/main.yml b/roles/two-interface-shorewall/tasks/main.yml
new file mode 100644
index 0000000..e2a273e
--- /dev/null
+++ b/roles/two-interface-shorewall/tasks/main.yml
@@ -0,0 +1,86 @@
+- name: add if_lan with static address
+  template:
+    src: interfaces-static.j2
+    dest: /etc/network/interfaces.d/static
+
+- name: make if_wan auto start
+  lineinfile:
+    dest: /etc/network/interfaces
+    line: "auto {{ if_wan }}"
+    insertbefore: "iface\\s+{{ if_wan }}\\s+inet\\s+dhcp"
+  notify: restart networking
+
+- name: install shorewall packages
+  apt: name=shorewall state=latest
+
+- name: copy shorewall configuration
+  command: cp {{ item }} /etc/shorewall/
+  args:
+    chdir: /usr/share/doc/shorewall/examples/two-interfaces/
+    creates: "/etc/shorewall/{{ item }}"
+  with_items:
+    - interfaces
+    - snat
+    - policy
+    - rules
+    - stoppedrules
+    - zones
+  notify: restart shorewall
+
+- name: find files in /etc/shorewall/
+  find:
+    paths: /etc/shorewall/
+    use_regex: yes
+    pattern: '.+[^~]$'
+    contains: '.*(eth0|eth1).*'
+  register: find_result
+  notify: restart shorewall
+
+- name: fix WAN interface name in shorewall configuration
+  replace:
+    dest: "{{ item.path }}"
+    regexp: 'eth0'
+    replace: "{{ if_wan }}"
+    backup: yes
+  with_items: "{{ find_result.files }}"
+  notify: restart shorewall
+
+- name: fix LAN interface name in shorewall configuration
+  replace:
+    dest: "{{ item.path }}"
+    regexp: 'eth1'
+    replace: "{{ if_lan }}"
+    backup: yes
+  with_items: "{{ find_result.files }}"
+  notify: restart shorewall
+
+- name: configure forwarding in shorewall.conf
+  replace:
+    dest: /etc/shorewall/shorewall.conf
+    regexp: 'IP_FORWARDING=Keep'
+    replace: 'IP_FORWARDING=Yes'
+    backup: yes
+  notify: restart shorewall
+
+- name: configure shorewall policy
+  replace:
+    dest: /etc/shorewall/policy
+    regexp: 'loc(\s+)net(\s+)ACCEPT'
+    replace: 'loc\1all\2ACCEPT\n$FW\1all\2ACCEPT'
+    backup: yes
+  notify: restart shorewall
+
+- name: configure shorewall rules
+  replace:
+    dest: /etc/shorewall/rules
+    regexp: '(SSH\(ACCEPT\)\s+)loc(\s+\$FW)'
+    replace: '\1all\2'
+    backup: yes
+  notify: restart shorewall
+
+- name: enable shorewall in /etc/defaults/shorewall
+  replace:
+    dest: /etc/default/shorewall
+    regexp: 'startup=0'
+    replace: 'startup=1'
+  notify: restart shorewall
diff --git a/roles/two-interface-shorewall/templates/interfaces-static.j2 b/roles/two-interface-shorewall/templates/interfaces-static.j2
new file mode 100644
index 0000000..6c0fd53
--- /dev/null
+++ b/roles/two-interface-shorewall/templates/interfaces-static.j2
@@ -0,0 +1,5 @@
+auto {{ if_lan }}
+allow-hotplug {{ if_lan }}
+iface {{ if_lan }} inet static
+  address {{ ipaddr_lan }}
+  netmask 255.255.255.0
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date-debian/tasks/main.yml
new file mode 100644
index 0000000..81d2d5c
--- /dev/null
+++ b/roles/up2date-debian/tasks/main.yml
@@ -0,0 +1,19 @@
+# Update lists and upgrade packages.
+
+- name: update apt package lists
+  apt:
+    update_cache: yes
+    cache_valid_time: 86400
+
+- name: upgrade packages
+  apt:
+    upgrade: dist
+    autoremove: yes
+
+- name: install some packages
+  apt: name={{ item }} state=latest
+  with_items:
+    - etckeeper
+
+#- name: clean apt package cache
+#  command: apt clean

From d203da49c2de673a557a07823d691656395786ec Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 31 May 2018 18:24:15 +0300
Subject: [PATCH 002/504] Add 'kiosk' configuration.

---
 kiosk.yml                     | 29 ++++++++++++
 local.yml                     | 28 ++++++++++++
 roles/gnome/files/defaults    | 32 ++++++++++++++
 roles/gnome/files/user        |  2 +
 roles/gnome/handlers/main.yml |  3 ++
 roles/gnome/tasks/main.yml    | 21 +++++++++
 roles/kiosk/handlers/main.yml | 30 +++++++++++++
 roles/kiosk/tasks/main.yml    | 83 +++++++++++++++++++++++++++++++++++
 roles/kiosk/templates/wifi.j2 | 18 ++++++++
 9 files changed, 246 insertions(+)
 create mode 100644 kiosk.yml
 create mode 100644 local.yml
 create mode 100644 roles/gnome/files/defaults
 create mode 100644 roles/gnome/files/user
 create mode 100644 roles/gnome/handlers/main.yml
 create mode 100644 roles/gnome/tasks/main.yml
 create mode 100644 roles/kiosk/handlers/main.yml
 create mode 100644 roles/kiosk/tasks/main.yml
 create mode 100644 roles/kiosk/templates/wifi.j2

diff --git a/kiosk.yml b/kiosk.yml
new file mode 100644
index 0000000..dd5c6a3
--- /dev/null
+++ b/kiosk.yml
@@ -0,0 +1,29 @@
+---
+# This playbook deploys a kiosk-computer
+
+- name: apply configuration to the machines
+  hosts: kiosk-computers
+  remote_user: ansible
+  become: yes
+  vars:
+    auto_user: debi
+    #wifi_ssid: "YOUR SSID HERE"
+    wifi_ssid: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64613961373330306237356337323836343032646539353137363039613632373739326565613366
+          3339623632663536363339376638316434623035373538330a383634386133656639633932626436
+          36613139616136346564663363376266323131353037376237343434393136633035326636363666
+          3761623833343064370a633765653166393737326235383231313731623366323963393836616264
+          3532
+    #wifi_passwd: "YOUR WIFI-PW HERE"
+    wifi_passwd: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64633036633163363237373937313935653466346630363565313233393864306534306631363763
+          3035373034653730656238656133366566613266393536650a376431396164303861616432316338
+          62396133306136653861643336626539666433646234653161616265663631376637333561363730
+          6534633964353363380a313339383166383064656431633062396461376336646263346233303739
+          3435
+  roles:
+    - up2date-debian
+    - gnome
+    - kiosk
diff --git a/local.yml b/local.yml
new file mode 100644
index 0000000..f6851b0
--- /dev/null
+++ b/local.yml
@@ -0,0 +1,28 @@
+---
+# This playbook deploys a kiosk-computer
+
+- name: apply configuration to the machines
+  hosts: localhost
+  remote_user: root
+  vars:
+    auto_user: debi
+    #wifi_ssid: "YOUR SSID HERE"
+    wifi_ssid: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64613961373330306237356337323836343032646539353137363039613632373739326565613366
+          3339623632663536363339376638316434623035373538330a383634386133656639633932626436
+          36613139616136346564663363376266323131353037376237343434393136633035326636363666
+          3761623833343064370a633765653166393737326235383231313731623366323963393836616264
+          3532
+    #wifi_passwd: "YOUR WIFI-PW HERE"
+    wifi_passwd: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64633036633163363237373937313935653466346630363565313233393864306534306631363763
+          3035373034653730656238656133366566613266393536650a376431396164303861616432316338
+          62396133306136653861643336626539666433646234653161616265663631376637333561363730
+          6534633964353363380a313339383166383064656431633062396461376336646263346233303739
+          3435
+  roles:
+    - up2date-debian
+    - gnome
+    - kiosk
diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
new file mode 100644
index 0000000..2714a65
--- /dev/null
+++ b/roles/gnome/files/defaults
@@ -0,0 +1,32 @@
+[org/gnome/shell]
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com']
+
+[org/gnome/desktop/background]
+show-desktop-icons=true
+
+[org/gnome/desktop/input-sources]
+sources=[('xkb', 'tr'), ('xkb', 'de'), ('xkb', 'us')]
+
+[org/gnome/desktop/peripherals/touchpad]
+natural-scroll=false
+edge-scrolling-enabled=true
+tap-to-click=true
+
+[org/gnome/nautilus/desktop]
+home-icon-visible=false
+
+[org/gnome/nautilus/preferences]
+default-folder-viewer='list-view'
+
+[org/gnome/nautilus/list-view]
+use-tree-view=true
+
+[org/gnome/settings-daemon/plugins/power]
+power-button-action='hibernate'
+sleep-inactive-battery-timeout=900
+sleep-inactive-battery-type='hibernate'
+sleep-inactive-ac-timeout=7200
+sleep-inactive-ac-type='suspend'
+
+[org/gnome/desktop/screensaver]
+lock-enabled=false
diff --git a/roles/gnome/files/user b/roles/gnome/files/user
new file mode 100644
index 0000000..aca0641
--- /dev/null
+++ b/roles/gnome/files/user
@@ -0,0 +1,2 @@
+user-db:user
+system-db:local
diff --git a/roles/gnome/handlers/main.yml b/roles/gnome/handlers/main.yml
new file mode 100644
index 0000000..5274a2c
--- /dev/null
+++ b/roles/gnome/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: update dconf
+  command: dconf update
+  listen: update dconf
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
new file mode 100644
index 0000000..3607118
--- /dev/null
+++ b/roles/gnome/tasks/main.yml
@@ -0,0 +1,21 @@
+#- name: gnome hibernate by default
+#  apt: name=gnome-shell-extension-suspend-button state=latest
+
+- name: make sure /etc/dconf/profile/ exists
+  file: path=/etc/dconf/profile/ state=directory recurse=yes
+
+- name: prepare for gnome customized defaults
+  copy:
+    src: user
+    dest: /etc/dconf/profile/user
+  notify: update dconf
+
+
+- name: make sure /etc/dconf/db/local.d/ exists
+  file: path=/etc/dconf/db/local.d/ state=directory recurse=yes
+
+- name: modify gnome defaults
+  copy:
+    src: defaults
+    dest: /etc/dconf/db/local.d/defaults
+  notify: update dconf
diff --git a/roles/kiosk/handlers/main.yml b/roles/kiosk/handlers/main.yml
new file mode 100644
index 0000000..7c9de36
--- /dev/null
+++ b/roles/kiosk/handlers/main.yml
@@ -0,0 +1,30 @@
+- name: run update-grub
+  command: update-grub
+  listen: update grub
+
+- name: reload NetworkManager
+  when: not run_in_installer|default(false)|bool
+  systemd:
+    daemon_reload: yes
+    name: NetworkManager
+    state: reloaded
+    enabled: yes
+  listen: reload NetworkManager
+
+# fails in installer with stretch, workaround below:
+#- name: enable tmp.mount
+#  systemd:
+#    daemon_reload: yes
+#    name: tmp.mount
+#    enabled: yes
+
+- name: make sure local-fs.target.wants exists
+  file: path=/etc/systemd/system/local-fs.target.wants/ state=directory
+  listen: enable tmp.mount
+
+- name: enable tmp.mount
+  file:
+    src: /etc/systemd/system/tmp.mount
+    dest: /etc/systemd/system/local-fs.target.wants/tmp.mount
+    state: link
+  listen: enable tmp.mount
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
new file mode 100644
index 0000000..91d8cd1
--- /dev/null
+++ b/roles/kiosk/tasks/main.yml
@@ -0,0 +1,83 @@
+- name: check if gdm3 is installed
+  stat: path=/etc/gdm3/daemon.conf
+  register: gdm3
+
+- name: enable auto login
+  when: gdm3.stat.exists == true
+  lineinfile:
+    dest: /etc/gdm3/daemon.conf
+    insertafter: '^#\s*AutomaticLoginEnable = true'
+    line: 'AutomaticLoginEnable = true'
+
+- name: auto login user
+  when: gdm3.stat.exists == true
+  lineinfile:
+    dest: /etc/gdm3/daemon.conf
+    insertafter: '^#\s*AutomaticLogin = '
+    line: 'AutomaticLogin = {{ auto_user }}'
+
+- name: graphics quirk
+  when: ansible_product_name == "HP 500"
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=).*'
+    line: '\1"video=SVIDEO-1:d"'
+    backrefs: yes
+  notify: update grub
+
+- name: grub timeout
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_TIMEOUT=).*'
+    line: '\g<1>1'
+    backrefs: yes
+  notify: update grub
+
+- name: keyboard compose key
+  lineinfile:
+    dest: /etc/default/keyboard
+    regexp: '^(XKBOPTIONS=).*'
+    line: '\1"compose:caps"'
+    backrefs: yes
+
+- name: hibernate when lid is closed
+  lineinfile:
+    dest: /etc/systemd/logind.conf
+    insertafter: '^#\s*HandleLidSwitch='
+    line: 'HandleLidSwitch=hibernate'
+
+- name: tmp on tmpfs
+  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
+  args:
+    creates: /etc/systemd/system/tmp.mount
+  notify: enable tmp.mount
+
+- name: mount tmpfs on /home/{{ auto_user }}
+  mount:
+    name: /home/{{ auto_user }}
+    src: tmpfs
+    fstype: tmpfs
+    opts: uid=1001,gid=1001,mode=755,size=4G
+    state: mounted
+
+- name: add autologin user
+  user:
+    name: "{{ auto_user }}"
+    comment: "Autologin Debian User,,,"
+    shell: /bin/bash
+    createhome: no
+    password: '*'
+
+- name: check if NetworkManager is installed
+  stat: path=/etc/NetworkManager/system-connections
+  register: NetworkManager
+
+- name: add wifi config
+  when: NetworkManager.stat.exists == true
+  template:
+    src: wifi.j2
+    dest: /etc/NetworkManager/system-connections/{{ wifi_ssid }}
+    owner: root
+    group: root
+    mode: '0600'
+  notify: reload NetworkManager
diff --git a/roles/kiosk/templates/wifi.j2 b/roles/kiosk/templates/wifi.j2
new file mode 100644
index 0000000..e4bc20e
--- /dev/null
+++ b/roles/kiosk/templates/wifi.j2
@@ -0,0 +1,18 @@
+[connection]
+id={{ wifi_ssid }}
+uuid=a9064ab4-e5fc-49d7-bb6d-8a6073c0e757
+type=wifi
+
+[wifi]
+ssid={{ wifi_ssid }}
+security=802-11-wireless-security
+
+[wifi-security]
+key-mgmt=wpa-psk
+psk={{ wifi_passwd }}
+
+[ipv4]
+method=auto
+
+[ipv6]
+method=auto

From b1af7d31ec2c1968783eb0fbfe3eaef552a7edae Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 31 May 2018 18:32:53 +0300
Subject: [PATCH 003/504] Add 'cloudbox' configuration.

---
 cloudbox.yml                                  | 35 +++++++++++++++++++
 roles/ddns-update/files/ddns-update           | 30 ++++++++++++++++
 roles/ddns-update/files/ddns-update.service   |  6 ++++
 roles/ddns-update/files/ddns-update.timer     | 11 ++++++
 roles/ddns-update/handlers/main.yml           |  7 ++++
 roles/ddns-update/tasks/main.yml              | 24 +++++++++++++
 .../ddns-update/templates/ddns-update.conf.j2 |  2 ++
 roles/low-power/files/powertop.service        |  6 ++++
 roles/low-power/files/powertop.timer          |  9 +++++
 roles/low-power/handlers/main.yml             |  5 +++
 roles/low-power/tasks/main.yml                | 15 ++++++++
 roles/systemd-networkd/files/10-dhcp.network  |  5 +++
 roles/systemd-networkd/handlers/main.yml      | 13 +++++++
 roles/systemd-networkd/tasks/main.yml         | 19 ++++++++++
 .../templates/20-static.network.j2            |  7 ++++
 roles/web-server/tasks/main.yml               |  6 ++++
 16 files changed, 200 insertions(+)
 create mode 100644 cloudbox.yml
 create mode 100755 roles/ddns-update/files/ddns-update
 create mode 100644 roles/ddns-update/files/ddns-update.service
 create mode 100644 roles/ddns-update/files/ddns-update.timer
 create mode 100644 roles/ddns-update/handlers/main.yml
 create mode 100644 roles/ddns-update/tasks/main.yml
 create mode 100644 roles/ddns-update/templates/ddns-update.conf.j2
 create mode 100644 roles/low-power/files/powertop.service
 create mode 100644 roles/low-power/files/powertop.timer
 create mode 100644 roles/low-power/handlers/main.yml
 create mode 100644 roles/low-power/tasks/main.yml
 create mode 100644 roles/systemd-networkd/files/10-dhcp.network
 create mode 100644 roles/systemd-networkd/handlers/main.yml
 create mode 100644 roles/systemd-networkd/tasks/main.yml
 create mode 100644 roles/systemd-networkd/templates/20-static.network.j2
 create mode 100644 roles/web-server/tasks/main.yml

diff --git a/cloudbox.yml b/cloudbox.yml
new file mode 100644
index 0000000..31dd692
--- /dev/null
+++ b/cloudbox.yml
@@ -0,0 +1,35 @@
+---
+# This playbook deploys the cloudbox on a minimal installation.
+
+- name: apply configuration to the cloudbox
+  hosts: cloudboxes
+  remote_user: ansible
+  become: yes
+  vars:
+    if_lan: "enp1s0"
+    ipaddr: "192.168.2.50/24"
+    gateway: "192.168.2.1"
+    DNS: "192.168.2.1"
+    #ddns_domain: "something.ddnss.de"
+    ddns_domain: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          30653335326332666539326461623064383432653133383832313065386231663366383862393961
+          3339356432643139653939323832633839626631396431340a623438333335333765383035666133
+          34313631663938386432326665313331383865616361633465336333613534626262633864613133
+          3934376631343736380a353337303937656638633035666331646563326562363130633534376335
+          6636
+    #ddns_updkey: "138638.some.key.here.635620"
+    ddns_updkey: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          35333062366532643235343839313962393038313631663239336138393566643433326535313132
+          3761303730653339616333623534343131333838303036310a343634623739623663623566336233
+          37666466356363646464323335643261346563643564333631626432323963396136643039336531
+          3662653436373564310a663061613032343332373031613831343365643039313034353636613938
+          31663437393564656334663336633234666237386662323661623266396166616235306531333861
+          3831656434613434333337376262396631363336643766323932
+  roles:
+    - up2date-debian
+    - systemd-networkd
+    - web-server
+    - ddns-update
+    - low-power
diff --git a/roles/ddns-update/files/ddns-update b/roles/ddns-update/files/ddns-update
new file mode 100755
index 0000000..3285250
--- /dev/null
+++ b/roles/ddns-update/files/ddns-update
@@ -0,0 +1,30 @@
+#!/bin/bash
+set -eu
+
+. /etc/ddns-update/ddns-update.conf
+
+DDHOST="https://www.ddnss.de/upd.php"
+
+if ! DNSRESULT="$(host $DDNSNAME)" ; then
+    echo "Could not resolve IP address for '$DDNSNAME', no update."
+    exit 0
+fi
+
+DNSIP4="$(echo \\"$DNSRESULT\\" | grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$' || true )"
+DNSIP6="$(echo \\"$DNSRESULT\\" | grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
+
+REALIP4="$(wget -q -O - https://ip4.ddnss.de/meineip.php | \
+               grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' || true )"
+REALIP6="$(wget -q -O - https://ip6.ddnss.de/meineip.php | \
+                grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
+
+echo "Current DNS: IPv4=$DNSIP4, IPv6=$DNSIP6."
+echo "Detected:    IPv4=$REALIP4, IPv6=$REALIP6."
+
+if [ "$REALIP4" == "$DNSIP4" -a "$REALIP6" == "$DNSIP6" ] ; then
+    echo "IP address unchanged, no update."
+else
+    echo "IP address changed: $DNSIP4 → ${REALIP4}, $DNSIP6 → ${REALIP6}, updating ddns."
+    wget -q -O - $DDHOST'?key='$KEYAUTH'&host='$DDNSNAME'&ip='$REALIP4'&ip6='$REALIP6 \
+        | grep -oE "Updated .+ hostname." || echo "Update not confirmed, it might have failed."
+fi
diff --git a/roles/ddns-update/files/ddns-update.service b/roles/ddns-update/files/ddns-update.service
new file mode 100644
index 0000000..6c1da59
--- /dev/null
+++ b/roles/ddns-update/files/ddns-update.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Update ddns
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/ddns-update
diff --git a/roles/ddns-update/files/ddns-update.timer b/roles/ddns-update/files/ddns-update.timer
new file mode 100644
index 0000000..28e8e2a
--- /dev/null
+++ b/roles/ddns-update/files/ddns-update.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Update ddns IP-address
+
+[Timer]
+OnBootSec=0
+OnUnitActiveSec=15min
+AccuracySec=3min
+
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/ddns-update/handlers/main.yml b/roles/ddns-update/handlers/main.yml
new file mode 100644
index 0000000..a1700e2
--- /dev/null
+++ b/roles/ddns-update/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: enable ddns-update timer
+  systemd:
+    name: ddns-update.timer
+    state: restarted
+    daemon_reload: yes
+    enabled: yes
+  listen: "enable ddns-update timer"
diff --git a/roles/ddns-update/tasks/main.yml b/roles/ddns-update/tasks/main.yml
new file mode 100644
index 0000000..54e3412
--- /dev/null
+++ b/roles/ddns-update/tasks/main.yml
@@ -0,0 +1,24 @@
+- name: make sure /etc/ddns-update/ exists
+  file: path=/etc/ddns-update/ state=directory recurse=yes
+
+- name: install ddns-update config
+  template:
+    src: ddns-update.conf.j2
+    dest: /etc/ddns-update/ddns-update.conf
+
+- name: install ddns-update script
+  copy:
+    src: ddns-update
+    dest: /usr/local/bin/ddns-update
+    mode: 0755
+
+- name: install ddns-update.service
+  copy:
+    src: ddns-update.service
+    dest: /etc/systemd/system/ddns-update.service
+
+- name: install ddns-update.timer
+  copy:
+    src: ddns-update.timer
+    dest: /etc/systemd/system/ddns-update.timer
+  notify: enable ddns-update timer
diff --git a/roles/ddns-update/templates/ddns-update.conf.j2 b/roles/ddns-update/templates/ddns-update.conf.j2
new file mode 100644
index 0000000..cd84e74
--- /dev/null
+++ b/roles/ddns-update/templates/ddns-update.conf.j2
@@ -0,0 +1,2 @@
+DDNSNAME="{{ ddns_domain }}"
+KEYAUTH="{{ ddns_updkey }}"
diff --git a/roles/low-power/files/powertop.service b/roles/low-power/files/powertop.service
new file mode 100644
index 0000000..150c2ff
--- /dev/null
+++ b/roles/low-power/files/powertop.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Run powertop --auto-tune
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/powertop --auto-tune
diff --git a/roles/low-power/files/powertop.timer b/roles/low-power/files/powertop.timer
new file mode 100644
index 0000000..4cd5f71
--- /dev/null
+++ b/roles/low-power/files/powertop.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run powertop --auto-tune after boot
+
+[Timer]
+OnBootSec=1min
+AccuracySec=1min
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/low-power/handlers/main.yml b/roles/low-power/handlers/main.yml
new file mode 100644
index 0000000..601c75f
--- /dev/null
+++ b/roles/low-power/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: enable powertop timer
+  systemd:
+    name: powertop.timer
+    enabled: yes
+  listen: "enable powertop timer"
diff --git a/roles/low-power/tasks/main.yml b/roles/low-power/tasks/main.yml
new file mode 100644
index 0000000..7a2edd8
--- /dev/null
+++ b/roles/low-power/tasks/main.yml
@@ -0,0 +1,15 @@
+- name: install some packages
+  apt: name={{ item }} state=latest
+  with_items:
+    - powertop
+
+- name: install powertop.service
+  copy:
+    src: powertop.service
+    dest: /etc/systemd/system/powertop.service
+
+- name: install powertop.timer
+  copy:
+    src: powertop.timer
+    dest: /etc/systemd/system/powertop.timer
+  notify: enable powertop timer
diff --git a/roles/systemd-networkd/files/10-dhcp.network b/roles/systemd-networkd/files/10-dhcp.network
new file mode 100644
index 0000000..aec1849
--- /dev/null
+++ b/roles/systemd-networkd/files/10-dhcp.network
@@ -0,0 +1,5 @@
+[Match]
+Name=en*
+
+[Network]
+DHCP=yes
diff --git a/roles/systemd-networkd/handlers/main.yml b/roles/systemd-networkd/handlers/main.yml
new file mode 100644
index 0000000..8d3068c
--- /dev/null
+++ b/roles/systemd-networkd/handlers/main.yml
@@ -0,0 +1,13 @@
+- name: enable systemd-networkd
+  systemd:
+    name: systemd-networkd
+    enabled: yes
+    daemon_reload: yes
+  listen: "enable systemd-networkd"
+
+- name: enable systemd-resolved
+  systemd:
+    name: systemd-resolved
+    enabled: yes
+    daemon_reload: yes
+  listen: "enable systemd-resolved"
diff --git a/roles/systemd-networkd/tasks/main.yml b/roles/systemd-networkd/tasks/main.yml
new file mode 100644
index 0000000..28426e6
--- /dev/null
+++ b/roles/systemd-networkd/tasks/main.yml
@@ -0,0 +1,19 @@
+- name: install dynamic configuration for networkd
+  copy:
+    src: 10-dhcp.network
+    dest: /etc/systemd/network/10-dhcp.network
+  notify: "enable systemd-networkd"
+
+#- name: install static configuration for networkd
+#  template:
+#    src: 20-static.network.j2
+#    dest: /etc/systemd/network/20-static.network
+#  notify: "enable systemd-networkd"
+
+- name: prepare systemd-resolved
+  file:
+    src: /run/systemd/resolve/resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: yes
+  notify: "enable systemd-resolved"
diff --git a/roles/systemd-networkd/templates/20-static.network.j2 b/roles/systemd-networkd/templates/20-static.network.j2
new file mode 100644
index 0000000..04195a9
--- /dev/null
+++ b/roles/systemd-networkd/templates/20-static.network.j2
@@ -0,0 +1,7 @@
+[Match]
+Name={{ if_lan }}
+
+[Network]
+Address={{ ipaddr }}
+Gateway={{ gateway }}
+DNS={{ DNS }}
diff --git a/roles/web-server/tasks/main.yml b/roles/web-server/tasks/main.yml
new file mode 100644
index 0000000..c0d073c
--- /dev/null
+++ b/roles/web-server/tasks/main.yml
@@ -0,0 +1,6 @@
+- name: install some packages
+  apt: name={{ item }} state=latest
+  with_items:
+    - unattended-upgrades
+    - screen
+    - python-certbot-apache

From e37f9fa03ddb02f0b06136c4adced33d9facbc2e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 4 Jun 2018 18:00:25 +0300
Subject: [PATCH 004/504] Update/fix 'installbox' configuration.

---
 installbox.yml                                | 16 +++++++---
 roles/dhcp-dns-dnsmasq/tasks/main.yml         |  2 +-
 roles/preseed-installer/tasks/main.yml        | 32 +++++++++++++------
 .../tftp-netboot-installer/handlers/main.yml  |  5 ++-
 roles/tftp-netboot-installer/tasks/main.yml   | 17 ++++++++--
 .../dnsmasq-tftp-netboot-installer.j2         |  4 +--
 roles/two-interface-shorewall/tasks/main.yml  |  6 ----
 7 files changed, 55 insertions(+), 27 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 7f4e9cc..46f4466 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -2,18 +2,24 @@
 # This playbook deploys the installbox on a minimal installation.
 
 - name: apply configuration to the installbox
-  hosts: installboxes
+  hosts: all
   remote_user: ansible
   become: yes
   vars:
-    hostname: installbox
-    di_dist: "stretch"
-    if_lan: "ens8"
+    if_lan: ""           #  ← interface name here, like:  ens3 or enp2s0"
     if_wan: "{{ ansible_default_ipv4.interface }}"
+    hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "ftp-stud.hs-esslingen.de"
+    deb_mirror: "ftp.debian.org"
+    di_dist: "stretch"
+
+  pre_tasks:
+    - name: validate if interface is available
+      fail:
+        msg: "Interface {{ if_lan }} does not exist or is already used."
+      when: if_lan not in ansible_interfaces or if_lan == if_wan
 
   roles:
     - up2date-debian
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
index 840a4d7..c254a79 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -1,4 +1,4 @@
-- name: install dns-firewall packages
+- name: install dnsmasq package
   apt:
     name: dnsmasq
     state: latest
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index 326b857..3403f1a 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -4,24 +4,36 @@
     state: directory
 
 - name: provide preseed file
-  template:
-    src: preseed.cfg
+  copy:
+    src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
+    force: no
 
-- name: make installbox resolvable in /etc/hosts from LAN
+- name: make the hostname resolvable from the LAN
   replace:
     dest: /etc/hosts
-    regexp: '(127.0.1.1\s+)installbox'
-    replace: '\1localhost\n{{ ipaddr_lan }}	installbox'
+    regexp: '(127.0.1.1\s+){{ hostname }}'
+    replace: '\1localhost\n{{ ipaddr_lan }}	{{ hostname }}'
 
-- name: add auto boot entry to di-netboot-assistant
+- name: add auto pxe boot entry to di-netboot-assistant
   blockinfile:
     dest: /etc/di-netboot-assistant/pxelinux.HEAD
     insertbefore: EOF
     block: |
-      LABEL quick
-      MENU LABEL Debian Installer ({{ di_dist }} ; amd64 + Preseed)
-      kernel ::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/linux
-      append initrd=::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://installbox
       TIMEOUT 100
+      LABEL autoinstall
+         MENU LABEL Debian {{ di_dist }} (amd64) + preseed
+         kernel ::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+  notify: "rebuild di-netboot-assistant menu"
+
+- name: add auto efi boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: EOF
+    block: |
+      menuentry 'Debian stable (amd64) + preseed' {
+         linux   /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+         initrd  /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz
+      }
   notify: "rebuild di-netboot-assistant menu"
diff --git a/roles/tftp-netboot-installer/handlers/main.yml b/roles/tftp-netboot-installer/handlers/main.yml
index 9aee0b2..4cc836c 100644
--- a/roles/tftp-netboot-installer/handlers/main.yml
+++ b/roles/tftp-netboot-installer/handlers/main.yml
@@ -1,3 +1,6 @@
 - name: rebuild di-netboot-assistant menu
-  command: di-netboot-assistant rebuild-menu
+  command: "{{ item }}"
+  with_items:
+    - di-netboot-assistant rebuild-menu
+    - di-netboot-assistant rebuild-grub
   listen: rebuild di-netboot-assistant menu
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/tftp-netboot-installer/tasks/main.yml
index cb71006..aac8c29 100644
--- a/roles/tftp-netboot-installer/tasks/main.yml
+++ b/roles/tftp-netboot-installer/tasks/main.yml
@@ -1,12 +1,23 @@
-- name: install tftp-netboot-installer packages
+- name: add stretch-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ stretch-backports main
+    state: present
+
+- name: install di-netboot-assistant from backports
   apt:
     name:
       - di-netboot-assistant
+    default_release: stretch-backports
+    update_cache: yes
+
+- name: add installer package
+  apt:
+    name:
       - debian-installer-9-netboot-amd64
 
 - name: bind mount images
   mount:
-    name: "{{ tftp_root }}/di-netboot-pkg/"
+    path: "{{ tftp_root }}/d-i/n-pkg/"
     src: /usr/lib/debian-installer/
     fstype: none
     opts: bind
@@ -14,6 +25,8 @@
     state: present
   register: fstab
 
+- file: path="{{ tftp_root }}/d-i/n-pkg/" state=directory recurse=yes
+
 - name: Reload fstab
   command: mount -a
   when: fstab.changed
diff --git a/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2 b/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
index 3e627d8..2289ac9 100644
--- a/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
+++ b/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
@@ -1,5 +1,5 @@
 enable-tftp
 tftp-root={{ tftp_root }}
-dhcp-boot=debian-installer/pxelinux.0
+dhcp-boot=d-i/n-a/pxelinux.0
 dhcp-match=set:efi-x86_64,option:client-arch,7
-dhcp-boot=tag:efi-x86_64,debian-installer/bootnetx64.efi
+dhcp-boot=tag:efi-x86_64,d-i/n-a/bootnetx64.efi
diff --git a/roles/two-interface-shorewall/tasks/main.yml b/roles/two-interface-shorewall/tasks/main.yml
index e2a273e..30db436 100644
--- a/roles/two-interface-shorewall/tasks/main.yml
+++ b/roles/two-interface-shorewall/tasks/main.yml
@@ -2,12 +2,6 @@
   template:
     src: interfaces-static.j2
     dest: /etc/network/interfaces.d/static
-
-- name: make if_wan auto start
-  lineinfile:
-    dest: /etc/network/interfaces
-    line: "auto {{ if_wan }}"
-    insertbefore: "iface\\s+{{ if_wan }}\\s+inet\\s+dhcp"
   notify: restart networking
 
 - name: install shorewall packages

From e86d1a5903fb6b63a89f5353e5632c147c7a3190 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 7 Jun 2018 23:51:55 +0300
Subject: [PATCH 005/504] Fix 'kiosk' configuration.

---
 kiosk.yml                  | 19 +++----------------
 local.yml                  | 19 +++----------------
 roles/gnome/tasks/main.yml |  5 +++++
 3 files changed, 11 insertions(+), 32 deletions(-)

diff --git a/kiosk.yml b/kiosk.yml
index dd5c6a3..c01ea65 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -7,22 +7,9 @@
   become: yes
   vars:
     auto_user: debi
-    #wifi_ssid: "YOUR SSID HERE"
-    wifi_ssid: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          64613961373330306237356337323836343032646539353137363039613632373739326565613366
-          3339623632663536363339376638316434623035373538330a383634386133656639633932626436
-          36613139616136346564663363376266323131353037376237343434393136633035326636363666
-          3761623833343064370a633765653166393737326235383231313731623366323963393836616264
-          3532
-    #wifi_passwd: "YOUR WIFI-PW HERE"
-    wifi_passwd: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          64633036633163363237373937313935653466346630363565313233393864306534306631363763
-          3035373034653730656238656133366566613266393536650a376431396164303861616432316338
-          62396133306136653861643336626539666433646234653161616265663631376637333561363730
-          6534633964353363380a313339383166383064656431633062396461376336646263346233303739
-          3435
+    wifi_ssid: "YOUR SSID HERE"
+    wifi_passwd: "YOUR WIFI-PW HERE"
+
   roles:
     - up2date-debian
     - gnome
diff --git a/local.yml b/local.yml
index f6851b0..200ea21 100644
--- a/local.yml
+++ b/local.yml
@@ -6,22 +6,9 @@
   remote_user: root
   vars:
     auto_user: debi
-    #wifi_ssid: "YOUR SSID HERE"
-    wifi_ssid: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          64613961373330306237356337323836343032646539353137363039613632373739326565613366
-          3339623632663536363339376638316434623035373538330a383634386133656639633932626436
-          36613139616136346564663363376266323131353037376237343434393136633035326636363666
-          3761623833343064370a633765653166393737326235383231313731623366323963393836616264
-          3532
-    #wifi_passwd: "YOUR WIFI-PW HERE"
-    wifi_passwd: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          64633036633163363237373937313935653466346630363565313233393864306534306631363763
-          3035373034653730656238656133366566613266393536650a376431396164303861616432316338
-          62396133306136653861643336626539666433646234653161616265663631376637333561363730
-          6534633964353363380a313339383166383064656431633062396461376336646263346233303739
-          3435
+    wifi_ssid: "YOUR SSID HERE"
+    wifi_passwd: "YOUR WIFI-PW HERE"
+
   roles:
     - up2date-debian
     - gnome
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index 3607118..acf08dc 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -1,6 +1,11 @@
 #- name: gnome hibernate by default
 #  apt: name=gnome-shell-extension-suspend-button state=latest
 
+- name: gnome desktop
+  apt:
+    name: task-gnome-desktop
+    state: latest
+
 - name: make sure /etc/dconf/profile/ exists
   file: path=/etc/dconf/profile/ state=directory recurse=yes
 

From 7b310eba63846722a27d6a4796810189a9310a9f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 7 Jun 2018 17:51:18 +0300
Subject: [PATCH 006/504] Add 'installbox2kiosk' role.

---
 installbox.yml                                |  2 +
 roles/installbox2kiosk/handlers/main.yml      |  7 ++
 roles/installbox2kiosk/tasks/main.yml         | 80 +++++++++++++++++++
 roles/installbox2kiosk/templates/git-repo.j2  | 12 +++
 roles/preseed-installer/templates/preseed.cfg | 37 ---------
 5 files changed, 101 insertions(+), 37 deletions(-)
 create mode 100644 roles/installbox2kiosk/handlers/main.yml
 create mode 100644 roles/installbox2kiosk/tasks/main.yml
 create mode 100644 roles/installbox2kiosk/templates/git-repo.j2
 delete mode 100644 roles/preseed-installer/templates/preseed.cfg

diff --git a/installbox.yml b/installbox.yml
index 46f4466..02782dd 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -14,6 +14,7 @@
     tftp_root: "/var/lib/tftpboot"
     deb_mirror: "ftp.debian.org"
     di_dist: "stretch"
+    repo_dir: "/home/ansible/kiosk"
 
   pre_tasks:
     - name: validate if interface is available
@@ -28,3 +29,4 @@
     - transparent-squid
     - tftp-netboot-installer
     - preseed-installer
+#    - installbox2kiosk    #  enable this to install kiosk automatically
diff --git a/roles/installbox2kiosk/handlers/main.yml b/roles/installbox2kiosk/handlers/main.yml
new file mode 100644
index 0000000..e24c8f9
--- /dev/null
+++ b/roles/installbox2kiosk/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: reload xinetd
+  systemd:
+    daemon_reload: yes
+    name: xinetd
+    state: reloaded
+    enabled: yes
+  listen: reload xinetd
diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
new file mode 100644
index 0000000..fb2c515
--- /dev/null
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -0,0 +1,80 @@
+- name: generate ssh key
+  command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
+  args:
+    creates: "/home/{{ ansible_user }}/.ssh/id_rsa"
+    warn: False
+
+- name: slurp public key
+  slurp:
+    src: "/home/{{ ansible_user }}/.ssh/id_rsa.pub"
+  register: sshpubkey
+
+# The following seems to be necessary to get rid of a newline:
+- set_fact:
+    sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
+
+- name: set debian mirror in preseed file
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(d-i mirror/http/hostname string deb.debian.org)$'
+    replace: '#\1\nd-i mirror/http/hostname string {{ deb_mirror }}'
+
+- name: enable backports in preseed file
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^#(apt-setup-udeb.*)$'
+    replace: '\1'
+
+- name: preseed client - add gnome-desktop, print-server
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(tasksel tasksel/first multiselect standard, ssh-server)$'
+    replace: '#\1\ntasksel tasksel/first multiselect standard, ssh-server, gnome-desktop, print-server'
+
+- name: preseed client - add firmware-linux, ansible/stretch-backports, git
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(d-i pkgsel/include string firmware-linux)$'
+    replace: '#\1\nd-i pkgsel/include string firmware-linux ansible git'
+
+- name: insert start of managed block
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(### This command is run just before the install finishes:)'
+    replace: '#\1\n# BEGIN ANSIBLE MANAGED BLOCK preseed/late_command'
+
+- name: insert end of managed block
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(## When installing.*)'
+    replace: '# END ANSIBLE MANAGED BLOCK preseed/late_command\n#\1'
+
+- name: insert block
+  blockinfile:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    insertafter: "^### This command is run just before the install finishes:"
+    block: |
+      d-i preseed/late_command string \
+      mkdir -p /target/home/ansible/.ssh && \
+      echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
+      in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
+      in-target chmod -R og= /home/ansible/.ssh/ ; \
+      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" --url=git://{{ hostname }}/.git
+    marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
+
+- name: provide git repo if not available already
+  git:
+    repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
+    dest: "{{ repo_dir }}"
+    update: no
+  become_user: "ansible"
+
+- name: install xinetd
+  apt:
+    name: xinetd
+
+- name: enable git repo
+  template:
+    src: git-repo.j2
+    dest: "/etc/xinetd.d/git-repo"
+  notify: "reload xinetd"
diff --git a/roles/installbox2kiosk/templates/git-repo.j2 b/roles/installbox2kiosk/templates/git-repo.j2
new file mode 100644
index 0000000..61aaf54
--- /dev/null
+++ b/roles/installbox2kiosk/templates/git-repo.j2
@@ -0,0 +1,12 @@
+# Access to git repository.
+service git
+{
+        disable = no
+        type            = UNLISTED
+        port            = 9418
+        socket_type     = stream
+        wait            = no
+        user            = nobody
+        server          = /usr/bin/git
+        server_args     = daemon --inetd --export-all --base-path={{ repo_dir }}
+}
diff --git a/roles/preseed-installer/templates/preseed.cfg b/roles/preseed-installer/templates/preseed.cfg
deleted file mode 100644
index e544344..0000000
--- a/roles/preseed-installer/templates/preseed.cfg
+++ /dev/null
@@ -1,37 +0,0 @@
-#### Preconfiguration file
-## For more examples and comments:
-##   https://www.debian.org/releases/stable/example-preseed.txt
-
-## To change default values:
-#d-i foo/bar string value
-#d-i foo/bar seen false
-
-## Use this as boot parameter:
-## DEBCONF_DEBUG=5
-## Boot parameter locale?=de_DE
-
-# Preseeding only locale sets language, country and locale:
-d-i debian-installer/locale string de_DE
-d-i keyboard-configuration/xkb-keymap select de
-
-## Skip root account:
-d-i passwd/root-login boolean false
-
-### Apt setup
-d-i apt-setup/non-free boolean true
-d-i apt-setup/contrib boolean true
-d-i mirror/http/mirror string {{ deb_mirror }}
-
-### Ansible User
-d-i passwd/user-fullname string Ansible User
-d-i passwd/username string ansible
-d-i passwd/user-password password insecure
-d-i passwd/user-password-again password insecure
-#d-i passwd/user-password-crypted password [crypt(3) hash]
-
-### Package selection
-tasksel tasksel/desktop multiselect standard openssh-server
-tasksel tasksel/desktop seen false
-
-# Individual additional packages to install
-d-i pkgsel/include string firmware-linux

From 2c4ef85dcaccb77f821ea693301d66e29b0e2e65 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 9 Jun 2018 12:17:32 +0300
Subject: [PATCH 007/504] Add README.

---
 README | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 README

diff --git a/README b/README
new file mode 100644
index 0000000..a1ba3ac
--- /dev/null
+++ b/README
@@ -0,0 +1,33 @@
+
+        Run Debian in your Local Area Network
+       =======================================
+
+Installbox
+~~~~~~~~~~
+ • Debian installation:
+   - user 'ansible' in sudo group
+   - WAN interface configured and connected
+   - LAN interface not configured/managed
+
+ • Customize installbox.yml:
+   - set if_lan
+   - modify deb_mirror (optional)
+   - enable installbox2kiosk task (optinal)
+
+ • Run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook installbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+
+
+Kiosk
+~~~~~
+ • Debian installation:
+   - user 'ansible' in sudo group
+
+ • Customize kiosk.yml:
+   - WiFi parameters (optional)
+   - desktop environment (optional)
+
+ • Run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,

From 9010cf710b3c2f0533cd222ccfe3c08e2f0b71c6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 9 Jun 2018 19:48:41 +0300
Subject: [PATCH 008/504] Add extra package selection.

---
 README                     | 11 ++++++-----
 kiosk.yml                  |  7 ++++++-
 roles/kiosk/tasks/main.yml | 14 ++++++++++++++
 3 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/README b/README
index a1ba3ac..6f3c21a 100644
--- a/README
+++ b/README
@@ -10,9 +10,9 @@ Installbox
    - LAN interface not configured/managed
 
  • Customize installbox.yml:
-   - set if_lan
-   - modify deb_mirror (optional)
-   - enable installbox2kiosk task (optinal)
+   - set if_lan (mandatory)
+   - modify deb_mirror
+   - enable installbox2kiosk task
 
  • Run ansible:
      ssh-copy-id ansible@1.2.3.4
@@ -25,8 +25,9 @@ Kiosk
    - user 'ansible' in sudo group
 
  • Customize kiosk.yml:
-   - WiFi parameters (optional)
-   - desktop environment (optional)
+   - WiFi parameters
+   - package selection: extra_pkgs and extra_pkgs_bpo for backports
+   - desktop environment
 
  • Run ansible:
      ssh-copy-id ansible@1.2.3.4
diff --git a/kiosk.yml b/kiosk.yml
index c01ea65..e782774 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -2,13 +2,18 @@
 # This playbook deploys a kiosk-computer
 
 - name: apply configuration to the machines
-  hosts: kiosk-computers
+  hosts: all
   remote_user: ansible
   become: yes
   vars:
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
+    extra_pkgs:
+      - unattended-upgrades
+      - xul-ext-ublock-origin
+    extra_pkgs_bpo:
+      - libreoffice
 
   roles:
     - up2date-debian
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index 91d8cd1..288c461 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -1,3 +1,17 @@
+- name: add stretch-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ stretch-backports main
+    state: present
+    update_cache: yes
+
+- name: install extra packages from stable
+  apt: name={{ item }} state=latest
+  with_items: "{{ extra_pkgs }}"
+
+- name: install extra packages from backports
+  apt: name={{ item }} state=latest default_release=stretch-backports
+  with_items: "{{ extra_pkgs_bpo }}"
+
 - name: check if gdm3 is installed
   stat: path=/etc/gdm3/daemon.conf
   register: gdm3

From 27ac5a8d30d1b21407af58237921b482d5d83b02 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 9 Jun 2018 19:49:30 +0300
Subject: [PATCH 009/504] Improved gnome defaults.

---
 roles/gnome/files/defaults | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
index 2714a65..e612540 100644
--- a/roles/gnome/files/defaults
+++ b/roles/gnome/files/defaults
@@ -1,5 +1,5 @@
 [org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com']
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com']
 
 [org/gnome/desktop/background]
 show-desktop-icons=true
@@ -7,6 +7,9 @@ show-desktop-icons=true
 [org/gnome/desktop/input-sources]
 sources=[('xkb', 'tr'), ('xkb', 'de'), ('xkb', 'us')]
 
+[org/gnome/desktop/wm/preferences]
+button-layout='appmenu:minimize,maximize,close'
+
 [org/gnome/desktop/peripherals/touchpad]
 natural-scroll=false
 edge-scrolling-enabled=true

From 47f16792e83e26b362020b53f8d9e4ac69fbaae6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 10 Jun 2018 20:57:40 +0300
Subject: [PATCH 010/504] Add abstract to README.

---
 README | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/README b/README
index 6f3c21a..7544db7 100644
--- a/README
+++ b/README
@@ -2,6 +2,37 @@
         Run Debian in your Local Area Network
        =======================================
 
+The goal of the "Debian Local Area Network"-project is to make setting
+up Debian in a local area network as easy as possible.  This repository
+offers ansible playbooks and instructions for the following machines:
+
+ • Installbox:
+     - set up as gateway to some external network (WAN)
+     - providing TFTP installation on the LAN interface
+     - automatic installs: preseeding and ansible playbooks
+     - squid package cache
+     use case: orchestration of automatic installs in the LAN
+
+ • Kiosk:
+     - auto login user
+     - reasonable defaults
+     - temporary home directory on tmpfs, reset at boot
+     use case: school's computer, hackerspace, …
+
+ • Cloudbox:
+     - setup of a home cloud server
+     - dynamic DNS name
+     - …
+     use case: nextcloud server in the basement
+
+Contributions like patches, suggestions, pull requests and/or further
+profiles are highly appreciated!
+
+----------------------------
+
+ Instructions
+==============
+
 Installbox
 ~~~~~~~~~~
  • Debian installation:

From ff070a94659f02b8a6ae25a6af5c36a28e66a3df Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 30 Mar 2019 18:12:31 +0300
Subject: [PATCH 011/504] Allow print job management from gnome GUI.

---
 roles/gnome/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index acf08dc..591eb7e 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -15,7 +15,6 @@
     dest: /etc/dconf/profile/user
   notify: update dconf
 
-
 - name: make sure /etc/dconf/db/local.d/ exists
   file: path=/etc/dconf/db/local.d/ state=directory recurse=yes
 
@@ -24,3 +23,10 @@
     src: defaults
     dest: /etc/dconf/db/local.d/defaults
   notify: update dconf
+
+## Bug #698504  
+- name: allow print job management
+  replace:
+    dest: "/etc/cups/cups-files.conf"
+    regexp: '^(SystemGroup lpadmin)$'
+    replace: '\1 root'

From b119c75c98233f2938bc8dd4a6efe5f91ec045b4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 30 Mar 2019 18:39:12 +0300
Subject: [PATCH 012/504] Fixes for the DDNS setup.

---
 roles/ddns-update/files/ddns-update       | 9 +++++++--
 roles/ddns-update/files/ddns-update.timer | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/roles/ddns-update/files/ddns-update b/roles/ddns-update/files/ddns-update
index 3285250..00c4bc8 100755
--- a/roles/ddns-update/files/ddns-update
+++ b/roles/ddns-update/files/ddns-update
@@ -10,14 +10,19 @@ if ! DNSRESULT="$(host $DDNSNAME)" ; then
     exit 0
 fi
 
-DNSIP4="$(echo \\"$DNSRESULT\\" | grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$' || true )"
-DNSIP6="$(echo \\"$DNSRESULT\\" | grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
+DNSIP4="$(echo "$DNSRESULT" | grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$' || true )"
+DNSIP6="$(echo "$DNSRESULT" | grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
 
 REALIP4="$(wget -q -O - https://ip4.ddnss.de/meineip.php | \
                grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' || true )"
 REALIP6="$(wget -q -O - https://ip6.ddnss.de/meineip.php | \
                 grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
 
+if [ -z "$REALIP4" -a -z "$REALIP6" ] ; then
+    echo "Could not detect real IP addresses, exiting."
+    exit 0
+fi
+
 echo "Current DNS: IPv4=$DNSIP4, IPv6=$DNSIP6."
 echo "Detected:    IPv4=$REALIP4, IPv6=$REALIP6."
 
diff --git a/roles/ddns-update/files/ddns-update.timer b/roles/ddns-update/files/ddns-update.timer
index 28e8e2a..0fb72ec 100644
--- a/roles/ddns-update/files/ddns-update.timer
+++ b/roles/ddns-update/files/ddns-update.timer
@@ -3,7 +3,7 @@ Description=Update ddns IP-address
 
 [Timer]
 OnBootSec=0
-OnUnitActiveSec=15min
+OnUnitActiveSec=20min
 AccuracySec=3min
 
 

From 7d299549f845a3cb45db86eb09f632c93749f423 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 30 Mar 2019 18:41:04 +0300
Subject: [PATCH 013/504] Update package selection.

---
 kiosk.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kiosk.yml b/kiosk.yml
index e782774..408485b 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -11,7 +11,8 @@
     wifi_passwd: "YOUR WIFI-PW HERE"
     extra_pkgs:
       - unattended-upgrades
-      - xul-ext-ublock-origin
+      - webext-privacy-badger
+      - webext-ublock-origin
     extra_pkgs_bpo:
       - libreoffice
 

From ad70eb60349a585220cb06d02df9bb713a767b01 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 30 Mar 2019 18:51:27 +0300
Subject: [PATCH 014/504] Prefer simpler setup without ansible vaults.

---
 cloudbox.yml | 19 ++-----------------
 1 file changed, 2 insertions(+), 17 deletions(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index 31dd692..6580f35 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -10,23 +10,8 @@
     ipaddr: "192.168.2.50/24"
     gateway: "192.168.2.1"
     DNS: "192.168.2.1"
-    #ddns_domain: "something.ddnss.de"
-    ddns_domain: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          30653335326332666539326461623064383432653133383832313065386231663366383862393961
-          3339356432643139653939323832633839626631396431340a623438333335333765383035666133
-          34313631663938386432326665313331383865616361633465336333613534626262633864613133
-          3934376631343736380a353337303937656638633035666331646563326562363130633534376335
-          6636
-    #ddns_updkey: "138638.some.key.here.635620"
-    ddns_updkey: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          35333062366532643235343839313962393038313631663239336138393566643433326535313132
-          3761303730653339616333623534343131333838303036310a343634623739623663623566336233
-          37666466356363646464323335643261346563643564333631626432323963396136643039336531
-          3662653436373564310a663061613032343332373031613831343365643039313034353636613938
-          31663437393564656334663336633234666237386662323661623266396166616235306531333861
-          3831656434613434333337376262396631363336643766323932
+    ddns_domain: "something.ddnss.de"
+    ddns_updkey: "138638.some.key.here.635620"
   roles:
     - up2date-debian
     - systemd-networkd

From a72fae8d389bcc867b5758c4d54a8b59279a2c6e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 1 Apr 2019 11:47:55 +0300
Subject: [PATCH 015/504] Updates for buster and gnome desktop.

---
 kiosk.yml                           |  5 +++--
 local.yml                           |  8 ++++++++
 roles/gnome/files/defaults          |  8 +-------
 roles/kiosk/tasks/main.yml          | 16 ++++++++--------
 roles/up2date-debian/tasks/main.yml |  6 +++---
 5 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/kiosk.yml b/kiosk.yml
index 408485b..2df8628 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -6,6 +6,7 @@
   remote_user: ansible
   become: yes
   vars:
+    deb_release: "buster"
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
@@ -13,8 +14,8 @@
       - unattended-upgrades
       - webext-privacy-badger
       - webext-ublock-origin
-    extra_pkgs_bpo:
-      - libreoffice
+
+    extra_pkgs_bpo: []  #[ libreoffice ]
 
   roles:
     - up2date-debian
diff --git a/local.yml b/local.yml
index 200ea21..dba6a24 100644
--- a/local.yml
+++ b/local.yml
@@ -5,6 +5,7 @@
   hosts: localhost
   remote_user: root
   vars:
+    deb_release: "buster"
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
@@ -13,3 +14,10 @@
     - up2date-debian
     - gnome
     - kiosk
+
+  extra_pkgs:
+    - unattended-upgrades
+    - webext-privacy-badger
+    - webext-ublock-origin
+
+  extra_pkgs_bpo: []  # [ libreoffice ]
diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
index e612540..fce297b 100644
--- a/roles/gnome/files/defaults
+++ b/roles/gnome/files/defaults
@@ -1,8 +1,5 @@
 [org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com']
-
-[org/gnome/desktop/background]
-show-desktop-icons=true
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com']
 
 [org/gnome/desktop/input-sources]
 sources=[('xkb', 'tr'), ('xkb', 'de'), ('xkb', 'us')]
@@ -15,9 +12,6 @@ natural-scroll=false
 edge-scrolling-enabled=true
 tap-to-click=true
 
-[org/gnome/nautilus/desktop]
-home-icon-visible=false
-
 [org/gnome/nautilus/preferences]
 default-folder-viewer='list-view'
 
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index 288c461..c7d478c 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -1,16 +1,16 @@
-- name: add stretch-backports
+- name: install extra packages from stable
+  apt: name={{ extra_pkgs }} state=latest
+
+- name: add {{ deb_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ stretch-backports main
+    repo: deb http://deb.debian.org/debian/ {{ deb_release }}-backports main
     state: present
     update_cache: yes
-
-- name: install extra packages from stable
-  apt: name={{ item }} state=latest
-  with_items: "{{ extra_pkgs }}"
+  when: extra_pkgs_bpo|length
 
 - name: install extra packages from backports
-  apt: name={{ item }} state=latest default_release=stretch-backports
-  with_items: "{{ extra_pkgs_bpo }}"
+  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ deb_release }}-backports
+  when: extra_pkgs_bpo|length
 
 - name: check if gdm3 is installed
   stat: path=/etc/gdm3/daemon.conf
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date-debian/tasks/main.yml
index 81d2d5c..85b734b 100644
--- a/roles/up2date-debian/tasks/main.yml
+++ b/roles/up2date-debian/tasks/main.yml
@@ -11,9 +11,9 @@
     autoremove: yes
 
 - name: install some packages
-  apt: name={{ item }} state=latest
-  with_items:
-    - etckeeper
+  apt:
+    name: etckeeper
+    state: latest
 
 #- name: clean apt package cache
 #  command: apt clean

From 6f5556e37f8dfbad9fd2c2015d64168dc0981ad4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 4 Apr 2019 19:17:35 +0300
Subject: [PATCH 016/504] Fixes and improvements gnome and kiosk profile.

---
 kiosk.yml                  |  1 -
 local.yml                  | 12 +++++-------
 roles/gnome/files/defaults |  6 +++++-
 roles/gnome/tasks/main.yml |  5 ++++-
 4 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/kiosk.yml b/kiosk.yml
index 2df8628..b9cd5e3 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -14,7 +14,6 @@
       - unattended-upgrades
       - webext-privacy-badger
       - webext-ublock-origin
-
     extra_pkgs_bpo: []  #[ libreoffice ]
 
   roles:
diff --git a/local.yml b/local.yml
index dba6a24..cd01cab 100644
--- a/local.yml
+++ b/local.yml
@@ -9,15 +9,13 @@
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
+    extra_pkgs:
+      - unattended-upgrades
+      - webext-privacy-badger
+      - webext-ublock-origin
+    extra_pkgs_bpo: []  # [ libreoffice ]
 
   roles:
     - up2date-debian
     - gnome
     - kiosk
-
-  extra_pkgs:
-    - unattended-upgrades
-    - webext-privacy-badger
-    - webext-ublock-origin
-
-  extra_pkgs_bpo: []  # [ libreoffice ]
diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
index fce297b..3f6b1d1 100644
--- a/roles/gnome/files/defaults
+++ b/roles/gnome/files/defaults
@@ -1,5 +1,5 @@
 [org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com']
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'desktop-icons@csoriano']
 
 [org/gnome/desktop/input-sources]
 sources=[('xkb', 'tr'), ('xkb', 'de'), ('xkb', 'us')]
@@ -27,3 +27,7 @@ sleep-inactive-ac-type='suspend'
 
 [org/gnome/desktop/screensaver]
 lock-enabled=false
+
+[org/gnome/desktop/interface]
+clock-show-date=true
+clock-show-seconds=true
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index 591eb7e..01b6d7c 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -3,7 +3,10 @@
 
 - name: gnome desktop
   apt:
-    name: task-gnome-desktop
+    name:
+      - task-gnome-desktop
+      - gnome-shell-extension-desktop-icons
+      - cups
     state: latest
 
 - name: make sure /etc/dconf/profile/ exists

From 1e83a0f1f67b1d3ba747c2ed8bb804fb56841a2d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 May 2019 18:26:10 +0300
Subject: [PATCH 017/504] Add splash screen to the gnome role.

---
 roles/gnome/handlers/main.yml | 4 ++++
 roles/gnome/tasks/main.yml    | 9 ++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/roles/gnome/handlers/main.yml b/roles/gnome/handlers/main.yml
index 5274a2c..c29a95b 100644
--- a/roles/gnome/handlers/main.yml
+++ b/roles/gnome/handlers/main.yml
@@ -1,3 +1,7 @@
 - name: update dconf
   command: dconf update
   listen: update dconf
+
+- name: update grub
+  command: update-grub
+  listen: update grub
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index 01b6d7c..32b985d 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -27,9 +27,16 @@
     dest: /etc/dconf/db/local.d/defaults
   notify: update dconf
 
-## Bug #698504  
+## Bug #698504
 - name: allow print job management
   replace:
     dest: "/etc/cups/cups-files.conf"
     regexp: '^(SystemGroup lpadmin)$'
     replace: '\1 root'
+
+- name: enable splash screen
+  replace:
+    dest: "/etc/default/grub"
+    regexp: '"quiet"$'
+    replace: '"quiet splash"'
+  notify: update grub

From c1b498c973cf4eea1c3055c1bd7de964d49d1b76 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 20 May 2019 18:57:39 +0300
Subject: [PATCH 018/504] Fix graphics quirk and add HP 550.

---
 roles/kiosk/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index c7d478c..fd5e413 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -31,10 +31,10 @@
     line: 'AutomaticLogin = {{ auto_user }}'
 
 - name: graphics quirk
-  when: ansible_product_name == "HP 500"
+  when: ansible_product_name == "HP 500" or ansible_product_name == "HP 550"
   lineinfile:
     dest: /etc/default/grub
-    regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=).*'
+    regexp: '^(GRUB_CMDLINE_LINUX=)""'
     line: '\1"video=SVIDEO-1:d"'
     backrefs: yes
   notify: update grub

From f6471d8556164aff8ad895acfe035d36fd1cc0a5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 21 May 2019 19:14:21 +0300
Subject: [PATCH 019/504] Remove unattended-upgrades and make local.yml a
 symlink.

---
 kiosk.yml |  3 +--
 local.yml | 22 +---------------------
 2 files changed, 2 insertions(+), 23 deletions(-)
 mode change 100644 => 120000 local.yml

diff --git a/kiosk.yml b/kiosk.yml
index b9cd5e3..9c56c8c 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -11,10 +11,9 @@
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
     extra_pkgs:
-      - unattended-upgrades
       - webext-privacy-badger
       - webext-ublock-origin
-    extra_pkgs_bpo: []  #[ libreoffice ]
+    extra_pkgs_bpo: []  # [ libreoffice ]
 
   roles:
     - up2date-debian
diff --git a/local.yml b/local.yml
deleted file mode 100644
index cd01cab..0000000
--- a/local.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-# This playbook deploys a kiosk-computer
-
-- name: apply configuration to the machines
-  hosts: localhost
-  remote_user: root
-  vars:
-    deb_release: "buster"
-    auto_user: debi
-    wifi_ssid: "YOUR SSID HERE"
-    wifi_passwd: "YOUR WIFI-PW HERE"
-    extra_pkgs:
-      - unattended-upgrades
-      - webext-privacy-badger
-      - webext-ublock-origin
-    extra_pkgs_bpo: []  # [ libreoffice ]
-
-  roles:
-    - up2date-debian
-    - gnome
-    - kiosk
diff --git a/local.yml b/local.yml
new file mode 120000
index 0000000..ebbef3f
--- /dev/null
+++ b/local.yml
@@ -0,0 +1 @@
+kiosk.yml
\ No newline at end of file

From d7a1a146ddba81ebeadc68f60ba8f7be04692ade Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 May 2019 17:26:15 +0300
Subject: [PATCH 020/504] Updates and fixes for buster.

---
 installbox.yml                                |  8 +++--
 roles/installbox2kiosk/tasks/main.yml         |  3 +-
 .../tftp-netboot-installer/handlers/main.yml  |  9 +++++
 roles/tftp-netboot-installer/tasks/main.yml   | 35 +++----------------
 roles/transparent-squid/tasks/main.yml        |  1 -
 roles/two-interface-shorewall/tasks/main.yml  |  7 ----
 6 files changed, 21 insertions(+), 42 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 02782dd..8d8667c 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -12,9 +12,11 @@
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "ftp.debian.org"
-    di_dist: "stretch"
-    repo_dir: "/home/ansible/kiosk"
+    deb_mirror: "deb.debian.org"
+    di_dist: "buster"
+    di_pkg: debian-installer-10-netboot-amd64
+    ansible_user: ansible
+    repo_dir: "/home/{{ ansible_user }}/kiosk"
 
   pre_tasks:
     - name: validate if interface is available
diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index fb2c515..c2fe199 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -14,6 +14,7 @@
     sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
 
 - name: set debian mirror in preseed file
+  when: deb_mirror != "deb.debian.org"
   replace:
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
     regexp: '^(d-i mirror/http/hostname string deb.debian.org)$'
@@ -31,7 +32,7 @@
     regexp: '^(tasksel tasksel/first multiselect standard, ssh-server)$'
     replace: '#\1\ntasksel tasksel/first multiselect standard, ssh-server, gnome-desktop, print-server'
 
-- name: preseed client - add firmware-linux, ansible/stretch-backports, git
+- name: preseed client - add firmware-linux, ansible and git
   replace:
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
     regexp: '^(d-i pkgsel/include string firmware-linux)$'
diff --git a/roles/tftp-netboot-installer/handlers/main.yml b/roles/tftp-netboot-installer/handlers/main.yml
index 4cc836c..75ce256 100644
--- a/roles/tftp-netboot-installer/handlers/main.yml
+++ b/roles/tftp-netboot-installer/handlers/main.yml
@@ -1,3 +1,12 @@
+- name: bind mount images
+  mount:
+    path: "{{ tftp_root }}/d-i/n-pkg/"
+    src: /usr/lib/debian-installer/
+    fstype: none
+    state: mounted
+    opts: bind
+  listen: bind mount images
+
 - name: rebuild di-netboot-assistant menu
   command: "{{ item }}"
   with_items:
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/tftp-netboot-installer/tasks/main.yml
index aac8c29..31df608 100644
--- a/roles/tftp-netboot-installer/tasks/main.yml
+++ b/roles/tftp-netboot-installer/tasks/main.yml
@@ -1,36 +1,11 @@
-- name: add stretch-backports
-  apt_repository:
-    repo: deb http://deb.debian.org/debian/ stretch-backports main
-    state: present
-
-- name: install di-netboot-assistant from backports
+- name: install di-netboot-assistant and installer package
   apt:
     name:
       - di-netboot-assistant
-    default_release: stretch-backports
-    update_cache: yes
-
-- name: add installer package
-  apt:
-    name:
-      - debian-installer-9-netboot-amd64
-
-- name: bind mount images
-  mount:
-    path: "{{ tftp_root }}/d-i/n-pkg/"
-    src: /usr/lib/debian-installer/
-    fstype: none
-    opts: bind
-#    state: mounted   BEGINN WORKAROUND
-    state: present
-  register: fstab
-
-- file: path="{{ tftp_root }}/d-i/n-pkg/" state=directory recurse=yes
-
-- name: Reload fstab
-  command: mount -a
-  when: fstab.changed
-# https://github.com/ansible/ansible/issues/23487 END WORKAROUND
+      - "{{ di_pkg }}"
+  notify:
+    - bind mount images
+    - rebuild di-netboot-assistant menu
 
 - name: configure dnsmasq
   template:
diff --git a/roles/transparent-squid/tasks/main.yml b/roles/transparent-squid/tasks/main.yml
index 581acc9..f4a046e 100644
--- a/roles/transparent-squid/tasks/main.yml
+++ b/roles/transparent-squid/tasks/main.yml
@@ -9,7 +9,6 @@
     line: "{{ item.line }}"
     insertafter: "{{ item.insertafter }}"
   with_items:
-    - { line: "acl localnet src 192.168.0.0/16", insertafter: "#acl localnet src 192.168.0.0/16" }
     - { line: "http_access allow localnet", insertafter: "#http_access allow localnet" }
     - { line: "http_port 3129 intercept", insertafter: "http_port 3128" }
     - { line: "maximum_object_size_in_memory 10240 KB", insertafter: "# maximum_object_size_in_memory" }
diff --git a/roles/two-interface-shorewall/tasks/main.yml b/roles/two-interface-shorewall/tasks/main.yml
index 30db436..e92f99c 100644
--- a/roles/two-interface-shorewall/tasks/main.yml
+++ b/roles/two-interface-shorewall/tasks/main.yml
@@ -71,10 +71,3 @@
     replace: '\1all\2'
     backup: yes
   notify: restart shorewall
-
-- name: enable shorewall in /etc/defaults/shorewall
-  replace:
-    dest: /etc/default/shorewall
-    regexp: 'startup=0'
-    replace: 'startup=1'
-  notify: restart shorewall

From e51f6c5e2d20fc6b72b11c5feca8cd57e6e2a427 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 May 2019 19:58:20 +0300
Subject: [PATCH 021/504] Use systemd service for git repository.

---
 roles/installbox2kiosk/handlers/main.yml     |  8 +++---
 roles/installbox2kiosk/tasks/main.yml        | 10 ++-----
 roles/installbox2kiosk/templates/git-repo.j2 | 30 ++++++++++++--------
 3 files changed, 25 insertions(+), 23 deletions(-)

diff --git a/roles/installbox2kiosk/handlers/main.yml b/roles/installbox2kiosk/handlers/main.yml
index e24c8f9..3d30c45 100644
--- a/roles/installbox2kiosk/handlers/main.yml
+++ b/roles/installbox2kiosk/handlers/main.yml
@@ -1,7 +1,7 @@
-- name: reload xinetd
+- name: start git-repo
   systemd:
     daemon_reload: yes
-    name: xinetd
-    state: reloaded
+    name: git-repo
+    state: started
     enabled: yes
-  listen: reload xinetd
+  listen: start git-repo
diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index c2fe199..b42ea35 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -70,12 +70,8 @@
     update: no
   become_user: "ansible"
 
-- name: install xinetd
-  apt:
-    name: xinetd
-
-- name: enable git repo
+- name: start git-repo
   template:
     src: git-repo.j2
-    dest: "/etc/xinetd.d/git-repo"
-  notify: "reload xinetd"
+    dest: "/etc/systemd/system/git-repo.service"
+  notify: start git-repo
diff --git a/roles/installbox2kiosk/templates/git-repo.j2 b/roles/installbox2kiosk/templates/git-repo.j2
index 61aaf54..be9f853 100644
--- a/roles/installbox2kiosk/templates/git-repo.j2
+++ b/roles/installbox2kiosk/templates/git-repo.j2
@@ -1,12 +1,18 @@
-# Access to git repository.
-service git
-{
-        disable = no
-        type            = UNLISTED
-        port            = 9418
-        socket_type     = stream
-        wait            = no
-        user            = nobody
-        server          = /usr/bin/git
-        server_args     = daemon --inetd --export-all --base-path={{ repo_dir }}
-}
+[Unit]
+Description=Start Git Daemon
+
+[Service]
+ExecStart=/usr/bin/git daemon --reuseaddr --export-all --base-path={{ repo_dir }}
+
+Restart=always
+RestartSec=500ms
+
+StandardOutput=syslog
+StandardError=syslog
+SyslogIdentifier=git-daemon
+
+User=nobody
+Group=nogroup
+
+[Install]
+WantedBy=multi-user.target

From 8118b980ecb6b44f563a7fe13309b1e939e26d3f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 May 2019 22:17:33 +0300
Subject: [PATCH 022/504] Use variable for installer version.

---
 installbox.yml                         | 3 ++-
 roles/preseed-installer/tasks/main.yml | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 8d8667c..b4c0477 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -14,7 +14,8 @@
     tftp_root: "/var/lib/tftpboot"
     deb_mirror: "deb.debian.org"
     di_dist: "buster"
-    di_pkg: debian-installer-10-netboot-amd64
+    di_version: "10"
+    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
     ansible_user: ansible
     repo_dir: "/home/{{ ansible_user }}/kiosk"
 
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index 3403f1a..e1160e1 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -23,8 +23,8 @@
       TIMEOUT 100
       LABEL autoinstall
          MENU LABEL Debian {{ di_dist }} (amd64) + preseed
-         kernel ::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
   notify: "rebuild di-netboot-assistant menu"
 
 - name: add auto efi boot entry to di-netboot-assistant
@@ -33,7 +33,7 @@
     insertbefore: EOF
     block: |
       menuentry 'Debian stable (amd64) + preseed' {
-         linux   /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
-         initrd  /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
   notify: "rebuild di-netboot-assistant menu"

From b75f508adff00c0320de63fde0a558149dbde71a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 May 2019 22:24:17 +0300
Subject: [PATCH 023/504] Use systemd module to enable service.

---
 roles/two-interface-shorewall/handlers/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/two-interface-shorewall/handlers/main.yml b/roles/two-interface-shorewall/handlers/main.yml
index 58e1a17..7d41138 100644
--- a/roles/two-interface-shorewall/handlers/main.yml
+++ b/roles/two-interface-shorewall/handlers/main.yml
@@ -1,7 +1,7 @@
 - name: restart networking
-  service: name=networking state=restarted enabled=yes
+  systemd: name=networking state=restarted enabled=yes
   listen: restart networking
 
 - name: restart shorewall
-  service: name=shorewall state=restarted enabled=yes
+  systemd: name=shorewall state=restarted enabled=yes
   listen: restart shorewall

From fdfd702130737dfd81a588c03f2429d7d1ef3d23 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 May 2019 22:38:53 +0300
Subject: [PATCH 024/504] Fix ansible-pull.

---
 roles/installbox2kiosk/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index b42ea35..cef242d 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -60,7 +60,7 @@
       echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
       in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
       in-target chmod -R og= /home/ansible/.ssh/ ; \
-      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" --url=git://{{ hostname }}/.git
+      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" -i localhost, --url=git://{{ hostname }}/.git
     marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
 
 - name: provide git repo if not available already

From 7404d7ace4db0e543518bb5c54c4c9c39c1a67ee Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 25 May 2019 10:39:32 +0300
Subject: [PATCH 025/504] Cleanup and minor improvements.

---
 roles/installbox2kiosk/tasks/main.yml  |  3 ++-
 roles/preseed-installer/tasks/main.yml | 14 ++++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index cef242d..d17d0be 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -60,7 +60,8 @@
       echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
       in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
       in-target chmod -R og= /home/ansible/.ssh/ ; \
-      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" -i localhost, --url=git://{{ hostname }}/.git
+      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
+                             -i localhost, --url=git://{{ hostname }}/.git
     marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
 
 - name: provide git repo if not available already
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index e1160e1..f5c12cf 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -22,9 +22,14 @@
     block: |
       TIMEOUT 100
       LABEL autoinstall
-         MENU LABEL Debian {{ di_dist }} (amd64) + preseed
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
          append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+
+         #LABEL daily
+         #MENU LABEL Debian daily (amd64) + preseed
+         #kernel ::/d-i/n-a/daily/amd64/linux
+         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
   notify: "rebuild di-netboot-assistant menu"
 
 - name: add auto efi boot entry to di-netboot-assistant
@@ -32,8 +37,13 @@
     dest: /etc/di-netboot-assistant/grub.cfg.HEAD
     insertbefore: EOF
     block: |
-      menuentry 'Debian stable (amd64) + preseed' {
+      menuentry 'Debian {{ di_version }} (amd64) + preseed' {
          linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
+
+      #menuentry 'Debian daily (amd64) + preseed' {
+      #   linux   /d-i/n-a/daily/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+      #   initrd  /d-i/n-a/daily/amd64/initrd.gz
+      #}
   notify: "rebuild di-netboot-assistant menu"

From dd89bbb9a4c60d0a7134424d1f0fdaa834cf23e8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 25 May 2019 22:44:59 +0300
Subject: [PATCH 026/504] Generate IP address list automatically.

---
 installbox.yml                        | 1 +
 roles/dhcp-dns-dnsmasq/tasks/main.yml | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/installbox.yml b/installbox.yml
index b4c0477..ee58bd6 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -11,6 +11,7 @@
     hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
+    dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
     tftp_root: "/var/lib/tftpboot"
     deb_mirror: "deb.debian.org"
     di_dist: "buster"
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
index c254a79..9d553f7 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -3,6 +3,13 @@
     name: dnsmasq
     state: latest
 
+- name: add client hostnames and IP addresses to /etc/hosts
+  lineinfile:
+    dest: /etc/hosts
+    line: "{{ item.1 }}\t{{ 'debian%03d' | format(item.0) }}"
+  with_indexed_items: "{{ dhcp_list }}"
+  notify: "restart dnsmasq"
+
 - name: configure dnsmasq
   template:
     src: dnsmasq-transparent-proxy.j2

From 44a426c383abe6ae2d05dd0e7e65401d97753532 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 27 May 2019 18:04:01 +0300
Subject: [PATCH 027/504] Fix and simplify package caching.

---
 installbox.yml                         | 2 +-
 roles/transparent-squid/tasks/main.yml | 4 ----
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index ee58bd6..50718ec 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -13,7 +13,7 @@
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
     tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "deb.debian.org"
+    deb_mirror: "cdn-fastly.deb.debian.org" # SRV records ("deb.debian.org") do not work with squid
     di_dist: "buster"
     di_version: "10"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
diff --git a/roles/transparent-squid/tasks/main.yml b/roles/transparent-squid/tasks/main.yml
index f4a046e..d5df254 100644
--- a/roles/transparent-squid/tasks/main.yml
+++ b/roles/transparent-squid/tasks/main.yml
@@ -22,10 +22,6 @@
     insertbefore: "TAG: store_miss"
     block: |
       store_id_program /usr/lib/squid/storeid_file_rewrite /etc/squid/store_id_regex.conf
-      store_id_bypass off
-      acl Ordinary http_status 200-299
-      send_hit deny !Ordinary
-      store_miss deny !Ordinary
     marker: "# {mark} ANSIBLE MANAGED BLOCK store_id"
   notify: "restart squid"
 

From 0d534d893936900d3b69564725b76ae1d389c8e6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 7 Jun 2019 10:14:51 +0200
Subject: [PATCH 028/504] Define playbook explicitly in preseeded command.

---
 local.yml | 1 -
 1 file changed, 1 deletion(-)
 delete mode 120000 local.yml

diff --git a/local.yml b/local.yml
deleted file mode 120000
index ebbef3f..0000000
--- a/local.yml
+++ /dev/null
@@ -1 +0,0 @@
-kiosk.yml
\ No newline at end of file

From f0004b6fe962a5d4f1091cd307ef4165b9a4de96 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 8 Jun 2019 23:24:25 +0200
Subject: [PATCH 029/504] Make sure hostname can be set manually,
 cleanup/fixes.

---
 installbox.yml                         | 19 ++++++++++++++++++-
 roles/preseed-installer/tasks/main.yml |  8 ++++----
 roles/up2date-debian/tasks/main.yml    |  6 ++----
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 50718ec..27aeb82 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -8,7 +8,7 @@
   vars:
     if_lan: ""           #  ← interface name here, like:  ens3 or enp2s0"
     if_wan: "{{ ansible_default_ipv4.interface }}"
-    hostname: "{{ ansible_hostname }}"
+    hostname: "{{ ansible_hostname }}" # change this to not use the DNS-provided name
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
@@ -34,3 +34,20 @@
     - tftp-netboot-installer
     - preseed-installer
 #    - installbox2kiosk    #  enable this to install kiosk automatically
+
+  post_tasks:
+    - name: make sure hostname is set correctly in /etc/hosts
+      replace:
+        path: /etc/hosts
+        regexp: '(127.0.1.1\s+){{ ansible_hostname }}(\s+.*)?$'
+        replace: '\1{{ hostname }}\2'
+
+    - name: make sure hostname is set correctly in /etc/hostname
+      replace:
+        path: /etc/hostname
+        regexp: '{{ ansible_hostname }}'
+        replace: '{{ hostname }}'
+
+    - name: set hostname
+      hostname:
+        name: "{{ hostname }}"
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index f5c12cf..72e1de6 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -10,10 +10,10 @@
     force: no
 
 - name: make the hostname resolvable from the LAN
-  replace:
-    dest: /etc/hosts
-    regexp: '(127.0.1.1\s+){{ hostname }}'
-    replace: '\1localhost\n{{ ipaddr_lan }}	{{ hostname }}'
+  lineinfile:
+    path: /etc/hosts
+    insertafter: '^127.0.1.1'
+    line: '{{ ipaddr_lan }}	{{ hostname }}'
 
 - name: add auto pxe boot entry to di-netboot-assistant
   blockinfile:
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date-debian/tasks/main.yml
index 85b734b..8cb8dcc 100644
--- a/roles/up2date-debian/tasks/main.yml
+++ b/roles/up2date-debian/tasks/main.yml
@@ -9,11 +9,9 @@
   apt:
     upgrade: dist
     autoremove: yes
+    autoclean: yes
 
-- name: install some packages
+- name: install etckeeper
   apt:
     name: etckeeper
     state: latest
-
-#- name: clean apt package cache
-#  command: apt clean

From 4fdd640d6e620e5b2a1e84f1a2efc35d0298cfab Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 12 Jun 2019 22:24:16 +0200
Subject: [PATCH 030/504] Move variables only relevant for the installation
 before '---', playbook variable.

---
 installbox.yml                         | 2 +-
 roles/installbox2kiosk/tasks/main.yml  | 2 +-
 roles/preseed-installer/tasks/main.yml | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 27aeb82..fac5ea7 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -33,7 +33,7 @@
     - transparent-squid
     - tftp-netboot-installer
     - preseed-installer
-#    - installbox2kiosk    #  enable this to install kiosk automatically
+    - installbox2kiosk
 
   post_tasks:
     - name: make sure hostname is set correctly in /etc/hosts
diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index d17d0be..0da71cf 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -61,7 +61,7 @@
       in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
       in-target chmod -R og= /home/ansible/.ssh/ ; \
       in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
-                             -i localhost, --url=git://{{ hostname }}/.git
+                             -i localhost, --url=git://{{ hostname }}/.git $playbook
     marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
 
 - name: provide git repo if not available already
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index 72e1de6..3a37138 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -24,12 +24,12 @@
       LABEL autoinstall
          MENU LABEL Debian {{ di_version }} (amd64) + preseed
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
 
          #LABEL daily
          #MENU LABEL Debian daily (amd64) + preseed
          #kernel ::/d-i/n-a/daily/amd64/linux
-         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
   notify: "rebuild di-netboot-assistant menu"
 
 - name: add auto efi boot entry to di-netboot-assistant
@@ -38,12 +38,12 @@
     insertbefore: EOF
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
       #menuentry 'Debian daily (amd64) + preseed' {
-      #   linux   /d-i/n-a/daily/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
       #   initrd  /d-i/n-a/daily/amd64/initrd.gz
       #}
   notify: "rebuild di-netboot-assistant menu"

From 8ae165e842e459e830a4273d51373b4302983101 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 20 Oct 2019 17:20:37 +0200
Subject: [PATCH 031/504] Add minimal role to test only preseeding.

---
 minimal.yml | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 minimal.yml

diff --git a/minimal.yml b/minimal.yml
new file mode 100644
index 0000000..c31c0c8
--- /dev/null
+++ b/minimal.yml
@@ -0,0 +1,9 @@
+---
+# This playbook does almost nothing.  Useful for testing only preseeding.
+
+- name: apply a minimal configuration to the machine
+  hosts: all
+  remote_user: ansible
+  become: yes
+  roles:
+    - up2date-debian

From cce0dfcafb2cab268133373690d6e86ffde5fcda Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 24 Oct 2019 20:27:35 +0200
Subject: [PATCH 032/504] Switch from squid to apt-cacher-ng and from shorewall
 to firewalld.

---
 README                                        |  2 +-
 installbox.yml                                | 20 +++---
 roles/apt-cacher/files/apt.conf               |  1 +
 roles/apt-cacher/handlers/main.yml            |  3 +
 roles/apt-cacher/tasks/main.yml               | 13 ++++
 roles/dhcp-dns-dnsmasq/tasks/main.yml         |  4 +-
 ...q-transparent-proxy.j2 => dnsmasq-dhcp.j2} |  0
 roles/preseed-installer/tasks/main.yml        | 20 ++++--
 .../two-interface-firewalld/handlers/main.yml |  9 +++
 roles/two-interface-firewalld/tasks/main.yml  | 69 +++++++++++++++++++
 .../templates/interfaces-static.j2            |  4 ++
 11 files changed, 127 insertions(+), 18 deletions(-)
 create mode 100644 roles/apt-cacher/files/apt.conf
 create mode 100644 roles/apt-cacher/handlers/main.yml
 create mode 100644 roles/apt-cacher/tasks/main.yml
 rename roles/dhcp-dns-dnsmasq/templates/{dnsmasq-transparent-proxy.j2 => dnsmasq-dhcp.j2} (100%)
 create mode 100644 roles/two-interface-firewalld/handlers/main.yml
 create mode 100644 roles/two-interface-firewalld/tasks/main.yml
 create mode 100644 roles/two-interface-firewalld/templates/interfaces-static.j2

diff --git a/README b/README
index 7544db7..2c60c4f 100644
--- a/README
+++ b/README
@@ -10,7 +10,7 @@ offers ansible playbooks and instructions for the following machines:
      - set up as gateway to some external network (WAN)
      - providing TFTP installation on the LAN interface
      - automatic installs: preseeding and ansible playbooks
-     - squid package cache
+     - package cache
      use case: orchestration of automatic installs in the LAN
 
  • Kiosk:
diff --git a/installbox.yml b/installbox.yml
index fac5ea7..56cc456 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -6,33 +6,37 @@
   remote_user: ansible
   become: yes
   vars:
-    if_lan: ""           #  ← interface name here, like:  ens3 or enp2s0"
+    ## this interface provides the default route:
     if_wan: "{{ ansible_default_ipv4.interface }}"
-    hostname: "{{ ansible_hostname }}" # change this to not use the DNS-provided name
+    ## use the first remaining interface for the LAN:
+    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first}}"
+    ## change this to not use the DNS-provided name:
+    hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
     tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "cdn-fastly.deb.debian.org" # SRV records ("deb.debian.org") do not work with squid
+    deb_mirror: "deb.debian.org"
     di_dist: "buster"
     di_version: "10"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
     ansible_user: ansible
     repo_dir: "/home/{{ ansible_user }}/kiosk"
+    ansible_python_interpreter: "/usr/bin/python3"  # needed for firewalld module
 
   pre_tasks:
-    - name: validate if interface is available
+    - name: validate if interfaces are available
       fail:
-        msg: "Interface {{ if_lan }} does not exist or is already used."
-      when: if_lan not in ansible_interfaces or if_lan == if_wan
+        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
+      when: if_lan not in ansible_interfaces or if_wan not in ansible_interfaces or if_lan == if_wan
 
   roles:
     - up2date-debian
-    - two-interface-shorewall
+    - two-interface-firewalld
     - dhcp-dns-dnsmasq
-    - transparent-squid
     - tftp-netboot-installer
     - preseed-installer
+    - apt-cacher
     - installbox2kiosk
 
   post_tasks:
diff --git a/roles/apt-cacher/files/apt.conf b/roles/apt-cacher/files/apt.conf
new file mode 100644
index 0000000..d5e98b3
--- /dev/null
+++ b/roles/apt-cacher/files/apt.conf
@@ -0,0 +1 @@
+Acquire::http::Proxy "http://localhost:3142";
diff --git a/roles/apt-cacher/handlers/main.yml b/roles/apt-cacher/handlers/main.yml
new file mode 100644
index 0000000..2d70698
--- /dev/null
+++ b/roles/apt-cacher/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: start apt-cacher-ng
+  service: name=apt-cacher-ng state=started enabled=yes
+  listen: "start apt-cacher-ng"
diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
new file mode 100644
index 0000000..c54a3a9
--- /dev/null
+++ b/roles/apt-cacher/tasks/main.yml
@@ -0,0 +1,13 @@
+- name: install apt-cacher-ng package
+  apt:
+    name: apt-cacher-ng
+    state: latest
+
+- name: enable apt-cacher-ng for localhost
+  copy:
+    src: apt.conf
+    dest: /etc/apt/apt.conf
+    backup: yes
+  notify: "start apt-cacher-ng"
+
+- meta: flush_handlers
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
index 9d553f7..0a0997a 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -12,6 +12,6 @@
 
 - name: configure dnsmasq
   template:
-    src: dnsmasq-transparent-proxy.j2
-    dest: /etc/dnsmasq.d/transparent-proxy
+    src: dnsmasq-dhcp.j2
+    dest: /etc/dnsmasq.d/dnsmasq-dhcp
   notify: "restart dnsmasq"
diff --git a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2 b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
similarity index 100%
rename from roles/dhcp-dns-dnsmasq/templates/dnsmasq-transparent-proxy.j2
rename to roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
index 3a37138..8435208 100644
--- a/roles/preseed-installer/tasks/main.yml
+++ b/roles/preseed-installer/tasks/main.yml
@@ -9,11 +9,17 @@
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
     force: no
 
+- name: enable apt-cacher-ng for install-clients
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(d-i mirror/http/proxy string.*)$'
+    replace: 'd-i mirror/http/proxy string http://{{ hostname }}:3142/'
+    
 - name: make the hostname resolvable from the LAN
-  lineinfile:
+  replace:
     path: /etc/hosts
-    insertafter: '^127.0.1.1'
-    line: '{{ ipaddr_lan }}	{{ hostname }}'
+    regexp: '^(127\.0\.1\.1.*)$'
+    replace: '#\1\n{{ ipaddr_lan }}	{{ hostname }}'
 
 - name: add auto pxe boot entry to di-netboot-assistant
   blockinfile:
@@ -22,12 +28,12 @@
     block: |
       TIMEOUT 100
       LABEL autoinstall
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kiosk.yml
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
          append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
 
          #LABEL daily
-         #MENU LABEL Debian daily (amd64) + preseed
+         #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
          #kernel ::/d-i/n-a/daily/amd64/linux
          #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
   notify: "rebuild di-netboot-assistant menu"
@@ -37,12 +43,12 @@
     dest: /etc/di-netboot-assistant/grub.cfg.HEAD
     insertbefore: EOF
     block: |
-      menuentry 'Debian {{ di_version }} (amd64) + preseed' {
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
          linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
-      #menuentry 'Debian daily (amd64) + preseed' {
+      #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
       #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
       #   initrd  /d-i/n-a/daily/amd64/initrd.gz
       #}
diff --git a/roles/two-interface-firewalld/handlers/main.yml b/roles/two-interface-firewalld/handlers/main.yml
new file mode 100644
index 0000000..51bb215
--- /dev/null
+++ b/roles/two-interface-firewalld/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: restart networking
+  systemd: name=networking state=restarted enabled=yes
+  listen: restart networking
+  when: not run_in_installer|default(false)|bool
+
+- name: start firewalld
+  systemd: name=firewalld state=started enabled=yes
+  listen: "start firewalld"
+  when: not run_in_installer|default(false)|bool
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
new file mode 100644
index 0000000..4df3564
--- /dev/null
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -0,0 +1,69 @@
+- name: add if_lan with static address
+  template:
+    src: interfaces-static.j2
+    dest: /etc/network/interfaces.d/static
+  notify: "restart networking"
+
+- name: install firewalld package
+  apt: name=firewalld state=latest
+  notify: "start firewalld"
+
+- meta: flush_handlers
+
+
+## Do not run the following in the installer:
+
+- name: add WAN interface to zone public
+  firewalld:
+    zone: public
+    interface: "{{ if_wan }}"
+    permanent: yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: enable masquerading
+  firewalld:
+    zone: public
+    masquerade: yes
+    permanent: yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: add LAN interface to zone intern
+  firewalld:
+    zone: internal
+    interface: "{{ if_lan }}"
+    permanent: yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: enable services
+  firewalld:
+    zone: internal
+    service: "{{ item }}"
+    permanent: yes
+    state: enabled
+  with_items:
+    - dhcp
+    - dns
+    - tftp
+    - git
+  when: not run_in_installer|default(false)|bool
+
+## Use firewall-offline-cmd when run during installation:
+
+- name: add WAN interface to zone public
+  command: "firewall-offline-cmd --zone=public --add-interface={{ if_wan }}"
+  when: run_in_installer|default(false)|bool
+
+- name: enable masquerading
+  command: "firewall-offline-cmd --zone=public --add-masquerade"
+  when: run_in_installer|default(false)|bool
+
+- name: add LAN interface to zone intern
+  command: "firewall-offline-cmd --zone=internal --add-interface={{ if_lan }}"
+  when: run_in_installer|default(false)|bool
+
+- name: enable services
+  command: "firewall-offline-cmd --zone=internal --add-service=dhcp --add-service=dns --add-service=tftp --add-service=git"
+  when: run_in_installer|default(false)|bool
diff --git a/roles/two-interface-firewalld/templates/interfaces-static.j2 b/roles/two-interface-firewalld/templates/interfaces-static.j2
new file mode 100644
index 0000000..c9fe71c
--- /dev/null
+++ b/roles/two-interface-firewalld/templates/interfaces-static.j2
@@ -0,0 +1,4 @@
+auto {{ if_lan }}
+allow-hotplug {{ if_lan }}
+iface {{ if_lan }} inet static
+  address {{ ipaddr_lan }}/24

From 0ff0ff1c1bcc3e74a0ce201439601de5a94b3400 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 25 Oct 2019 21:28:32 +0200
Subject: [PATCH 033/504] Set hostname from boot parameters.

---
 installbox.yml | 23 +++--------------------
 1 file changed, 3 insertions(+), 20 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 56cc456..fa52678 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -6,11 +6,11 @@
   remote_user: ansible
   become: yes
   vars:
-    ## this interface provides the default route:
+    ## This interface provides the default route:
     if_wan: "{{ ansible_default_ipv4.interface }}"
-    ## use the first remaining interface for the LAN:
+    ## Use the first remaining interface for the LAN:
     if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first}}"
-    ## change this to not use the DNS-provided name:
+    ## Add 'hostname=XXX' to the installer boot parameters if necessary:
     hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
@@ -38,20 +38,3 @@
     - preseed-installer
     - apt-cacher
     - installbox2kiosk
-
-  post_tasks:
-    - name: make sure hostname is set correctly in /etc/hosts
-      replace:
-        path: /etc/hosts
-        regexp: '(127.0.1.1\s+){{ ansible_hostname }}(\s+.*)?$'
-        replace: '\1{{ hostname }}\2'
-
-    - name: make sure hostname is set correctly in /etc/hostname
-      replace:
-        path: /etc/hostname
-        regexp: '{{ ansible_hostname }}'
-        replace: '{{ hostname }}'
-
-    - name: set hostname
-      hostname:
-        name: "{{ hostname }}"

From fef999e7fe0205c7dbbd1e3929fbbde490bf3247 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 25 Oct 2019 21:51:23 +0200
Subject: [PATCH 034/504] Remove locale 'tr', keep 'de' as example.

---
 roles/gnome/files/defaults | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
index 3f6b1d1..e2f99d0 100644
--- a/roles/gnome/files/defaults
+++ b/roles/gnome/files/defaults
@@ -2,7 +2,7 @@
 enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'desktop-icons@csoriano']
 
 [org/gnome/desktop/input-sources]
-sources=[('xkb', 'tr'), ('xkb', 'de'), ('xkb', 'us')]
+sources=[('xkb', 'de'), ('xkb', 'us')]
 
 [org/gnome/desktop/wm/preferences]
 button-layout='appmenu:minimize,maximize,close'

From b3b8d3d342c3ccb3936c2e7bb751b6f71629100d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 26 Oct 2019 09:15:16 +0200
Subject: [PATCH 035/504] Add KDE plasma as another kiosk system option.

---
 installbox.yml                     |  4 ++--
 kiosk.yml                          |  2 ++
 roles/kde/handlers/main.yml        |  3 +++
 roles/kde/tasks/main.yml           | 21 ++++++++++++++++++++
 roles/kiosk/files/kde5rc           |  8 ++++++++
 roles/kiosk/files/kscreenlockerrc  |  3 +++
 roles/kiosk/tasks/main.yml         | 31 ++++++++++++++++++++++++++++--
 roles/kiosk/templates/sddm.conf.j2 |  4 ++++
 8 files changed, 72 insertions(+), 4 deletions(-)
 create mode 100644 roles/kde/handlers/main.yml
 create mode 100644 roles/kde/tasks/main.yml
 create mode 100644 roles/kiosk/files/kde5rc
 create mode 100644 roles/kiosk/files/kscreenlockerrc
 create mode 100644 roles/kiosk/templates/sddm.conf.j2

diff --git a/installbox.yml b/installbox.yml
index fa52678..850db30 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -9,7 +9,7 @@
     ## This interface provides the default route:
     if_wan: "{{ ansible_default_ipv4.interface }}"
     ## Use the first remaining interface for the LAN:
-    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first}}"
+    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
     ## Add 'hostname=XXX' to the installer boot parameters if necessary:
     hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
@@ -28,7 +28,7 @@
     - name: validate if interfaces are available
       fail:
         msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
-      when: if_lan not in ansible_interfaces or if_wan not in ansible_interfaces or if_lan == if_wan
+      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
 
   roles:
     - up2date-debian
diff --git a/kiosk.yml b/kiosk.yml
index 9c56c8c..e3e89a5 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -17,5 +17,7 @@
 
   roles:
     - up2date-debian
+    ## Choose either gnome or KDE:
     - gnome
+    #- kde
     - kiosk
diff --git a/roles/kde/handlers/main.yml b/roles/kde/handlers/main.yml
new file mode 100644
index 0000000..855b467
--- /dev/null
+++ b/roles/kde/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: update grub
+  command: update-grub
+  listen: update grub
diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
new file mode 100644
index 0000000..847da41
--- /dev/null
+++ b/roles/kde/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: kde plasma desktop
+  apt:
+    name:
+      - task-kde-desktop
+      - cups
+    state: latest
+
+    
+## Bug #698504
+- name: allow print job management
+  replace:
+    dest: "/etc/cups/cups-files.conf"
+    regexp: '^(SystemGroup lpadmin)$'
+    replace: '\1 root'
+
+- name: enable splash screen
+  replace:
+    dest: "/etc/default/grub"
+    regexp: '"quiet"$'
+    replace: '"quiet splash"'
+  notify: update grub
diff --git a/roles/kiosk/files/kde5rc b/roles/kiosk/files/kde5rc
new file mode 100644
index 0000000..d7525ca
--- /dev/null
+++ b/roles/kiosk/files/kde5rc
@@ -0,0 +1,8 @@
+[KDE Action Restrictions][$i]
+action/start_new_session=false
+action/switch_user=false
+action/lock_screen=false
+action/logout=false
+
+[General]
+BrowserApplication=firefox-esr.desktop
diff --git a/roles/kiosk/files/kscreenlockerrc b/roles/kiosk/files/kscreenlockerrc
new file mode 100644
index 0000000..0ac7312
--- /dev/null
+++ b/roles/kiosk/files/kscreenlockerrc
@@ -0,0 +1,3 @@
+[Daemon][$i]
+Autolock=false
+LockOnResume=false
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index fd5e413..ae75af1 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -12,24 +12,51 @@
   apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ deb_release }}-backports
   when: extra_pkgs_bpo|length
 
+## Check which display manager is used:
 - name: check if gdm3 is installed
   stat: path=/etc/gdm3/daemon.conf
   register: gdm3
 
-- name: enable auto login
+- name: check if sddm is installed
+  stat: path=/usr/bin/sddm
+  register: sddm
+
+## gdm3:
+- name: enable auto login in gdm3
   when: gdm3.stat.exists == true
   lineinfile:
     dest: /etc/gdm3/daemon.conf
     insertafter: '^#\s*AutomaticLoginEnable = true'
     line: 'AutomaticLoginEnable = true'
 
-- name: auto login user
+- name: auto login user in gdm3
   when: gdm3.stat.exists == true
   lineinfile:
     dest: /etc/gdm3/daemon.conf
     insertafter: '^#\s*AutomaticLogin = '
     line: 'AutomaticLogin = {{ auto_user }}'
 
+## sddm/KDE:
+- name: enable auto login in sddm
+  when: sddm.stat.exists == true
+  template:
+    src: sddm.conf.j2
+    dest: /etc/sddm.conf
+
+- name: kde global defaults
+  when: sddm.stat.exists == true
+  copy:
+    src: kde5rc
+    dest: /etc/kde5rc
+
+- name: modify kde screen lock
+  when: sddm.stat.exists == true
+  copy:
+    src: kscreenlockerrc
+    dest: /etc/xdg/kscreenlockerrc
+
+########
+
 - name: graphics quirk
   when: ansible_product_name == "HP 500" or ansible_product_name == "HP 550"
   lineinfile:
diff --git a/roles/kiosk/templates/sddm.conf.j2 b/roles/kiosk/templates/sddm.conf.j2
new file mode 100644
index 0000000..7d36fa9
--- /dev/null
+++ b/roles/kiosk/templates/sddm.conf.j2
@@ -0,0 +1,4 @@
+[Autologin]
+Relogin=true
+Session=plasma.desktop
+User={{ auto_user }}

From 0597d178e06c6ee0c94e45ac8a2a3d17b04b1397 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 17 Nov 2019 11:31:55 +0100
Subject: [PATCH 036/504] Implement LDAP server role.

---
 mainserver.yml                     |  14 ++++
 roles/ldap/defaults/main.yml       |   4 ++
 roles/ldap/files/slapd-config.ldif |  28 ++++++++
 roles/ldap/tasks/main.yml          | 110 +++++++++++++++++++++++++++++
 4 files changed, 156 insertions(+)
 create mode 100644 mainserver.yml
 create mode 100644 roles/ldap/defaults/main.yml
 create mode 100644 roles/ldap/files/slapd-config.ldif
 create mode 100644 roles/ldap/tasks/main.yml

diff --git a/mainserver.yml b/mainserver.yml
new file mode 100644
index 0000000..88a1401
--- /dev/null
+++ b/mainserver.yml
@@ -0,0 +1,14 @@
+---
+# This playbook deploys the mainserver
+
+- name: apply configuration to the mainserver
+  hosts: all
+  remote_user: andi
+  become: yes
+  vars:
+    foo_pwd: 123
+    
+  roles:
+    - ldap
+#    - krb5-kdc-ldap
+
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
new file mode 100644
index 0000000..8c16cfc
--- /dev/null
+++ b/roles/ldap/defaults/main.yml
@@ -0,0 +1,4 @@
+ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
+ldap_pwd_file: "/root/ldap-admin.pwd"
+ldap_domain: "{{ ansible_domain | default('intern', true) }}"
+basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
diff --git a/roles/ldap/files/slapd-config.ldif b/roles/ldap/files/slapd-config.ldif
new file mode 100644
index 0000000..4770d3b
--- /dev/null
+++ b/roles/ldap/files/slapd-config.ldif
@@ -0,0 +1,28 @@
+#### LDAP Overlays slapd ####
+#### Attribute Uniqueness ####
+
+dn: cn=module,cn=config
+objectClass: olcModuleList
+cn: module
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: unique
+
+dn: olcOverlay=unique,olcDatabase={1}mdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcUniqueConfig
+olcOverlay: unique
+olcUniqueAttribute: uid uidNumber mail
+
+
+#### Password Hashing ####
+
+dn: cn=module,cn=config
+objectClass: olcModuleList
+cn: module
+olcModuleLoad: ppolicy
+
+dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcPPolicyConfig
+olcOverlay: ppolicy
+olcPPolicyHashCleartext: TRUE
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
new file mode 100644
index 0000000..a775111
--- /dev/null
+++ b/roles/ldap/tasks/main.yml
@@ -0,0 +1,110 @@
+## Install and configure slapd (if not done yet),
+##  run most tasks only on slapd installation.
+---
+
+- name: check if slapd is already there
+  stat: path=/usr/sbin/slapd
+  register: slapd
+
+- name: preseed ldap domain
+  debconf:
+    name: slapd
+    question:  slapd/domain
+    value: "{{ ldap_domain }}"
+    vtype: string
+  when: not slapd.stat.exists
+
+- name: preseed slapd admin password1
+  debconf:
+    name: slapd
+    question: slapd/password1
+    value: "{{ ldap_admin_pwd }}"
+    vtype: password
+  no_log: true
+  when: not slapd.stat.exists
+
+- name: preseed slapd admin password2
+  debconf:
+    name: slapd
+    question: slapd/password2
+    value: "{{ ldap_admin_pwd }}"
+    vtype: password
+  no_log: true
+  when: not slapd.stat.exists
+
+- name: dump admin password
+  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_pwd_file }}" ; chmod 0600 "{{ ldap_pwd_file }}"
+  no_log: true
+  when: not slapd.stat.exists
+
+- name: install slapd and python-ldap
+  apt:
+    name:
+      - slapd
+      - python-ldap
+    state: latest
+
+- name: make initial slapd configuration available
+  copy:
+    src: slapd-config.ldif
+    dest: /etc/ldap/slapd.d/slapd-config.ldif
+  when: not slapd.stat.exists
+
+- name: activate ppolicy schema
+  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
+  when: not slapd.stat.exists
+
+- name: initialize slapd if it has just been installed
+  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
+  when: not slapd.stat.exists
+
+
+#######################################################################################
+
+## Prepare user directories
+- name: make sure we have a people entry for users
+  ldap_entry:
+    dn: "ou=people,{{ basedn }}"
+    objectClass: organizationalUnit
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+
+- name: make sure we have a group entry for users
+  ldap_entry:
+    dn: "ou=groups,{{ basedn }}"
+    objectClass: organizationalUnit
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+
+
+## Add user
+- name: add dummy user foo
+  ldap_entry:
+    dn: "uid=foo,ou=people,{{ basedn }}"
+    objectClass:
+      - inetOrgPerson
+      - posixAccount
+    attributes:
+      cn: foo
+      sn: bar
+      userPassword: "{{ foo_pwd }}"
+      uidNumber: 10000
+      gidNumber: 10000
+      homeDirectory: /home/foo
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+  when: foo_pwd is defined
+
+- name: add dummy group foo
+  ldap_entry:
+    dn: "cn=foo,ou=groups,{{ basedn }}"
+    objectClass:
+      - posixGroup
+    attributes:
+      gidNumber: 10000
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+  when: foo_pwd is defined
+
+## ldapaddgroup tom
+## ldapadduser tom tom

From 18067d8df358737c528a3e2e5c8f8b4c5ef8008f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 17 Nov 2019 11:40:22 +0100
Subject: [PATCH 037/504] Implement Kerberos KDC-LDAP server role.

---
 mainserver.yml                          |   4 +-
 roles/krb5-kdc-ldap/defaults/main.yml   |   5 +
 roles/krb5-kdc-ldap/handlers/main.yml   |   7 ++
 roles/krb5-kdc-ldap/meta/main.yml       |   3 +
 roles/krb5-kdc-ldap/tasks/main.yml      | 146 ++++++++++++++++++++++++
 roles/krb5-kdc-ldap/templates/kadm5.acl |   4 +
 roles/krb5-kdc-ldap/templates/kdc.conf  |  15 +++
 roles/krb5-kdc-ldap/templates/krb5.conf |  26 +++++
 8 files changed, 208 insertions(+), 2 deletions(-)
 create mode 100644 roles/krb5-kdc-ldap/defaults/main.yml
 create mode 100644 roles/krb5-kdc-ldap/handlers/main.yml
 create mode 100644 roles/krb5-kdc-ldap/meta/main.yml
 create mode 100644 roles/krb5-kdc-ldap/tasks/main.yml
 create mode 100644 roles/krb5-kdc-ldap/templates/kadm5.acl
 create mode 100644 roles/krb5-kdc-ldap/templates/kdc.conf
 create mode 100644 roles/krb5-kdc-ldap/templates/krb5.conf

diff --git a/mainserver.yml b/mainserver.yml
index 88a1401..a97a47b 100644
--- a/mainserver.yml
+++ b/mainserver.yml
@@ -9,6 +9,6 @@
     foo_pwd: 123
     
   roles:
-    - ldap
-#    - krb5-kdc-ldap
+#    - ldap
+    - krb5-kdc-ldap
 
diff --git a/roles/krb5-kdc-ldap/defaults/main.yml b/roles/krb5-kdc-ldap/defaults/main.yml
new file mode 100644
index 0000000..7ea992c
--- /dev/null
+++ b/roles/krb5-kdc-ldap/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+kdc_pwd: "{{ lookup('password', '/tmp/kdc.pwd length=24') }}"
+kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd length=24') }}"
+kdc_master_pwd: "{{ lookup('password', '/tmp/kdc_master.pwd length=24') }}"
+kdc_pwd_file: "/root/kdc-master.pwd"
diff --git a/roles/krb5-kdc-ldap/handlers/main.yml b/roles/krb5-kdc-ldap/handlers/main.yml
new file mode 100644
index 0000000..dd749e0
--- /dev/null
+++ b/roles/krb5-kdc-ldap/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: restart krb5-kdc
+  service: name=krb5-kdc state=restarted enabled=yes
+  listen: "restart krb5-kdc"
+
+- name: restart krb5-admin-server
+  service: name=krb5-admin-server state=restarted enabled=yes
+  listen: "restart krb5-admin-server"
diff --git a/roles/krb5-kdc-ldap/meta/main.yml b/roles/krb5-kdc-ldap/meta/main.yml
new file mode 100644
index 0000000..b19fb35
--- /dev/null
+++ b/roles/krb5-kdc-ldap/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: ldap
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
new file mode 100644
index 0000000..6f37107
--- /dev/null
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -0,0 +1,146 @@
+## Install and configure krb5-kdc-ldap (if not done yet),
+##  run most tasks only on krb5-kdc-ldap installation.
+---
+
+- name: check if slapd is already there
+  stat: path=/usr/sbin/krb5kdc
+  register: krb5kdc
+
+- name: prepare krb5.conf
+  template:
+    src: krb5.conf
+    dest: /etc/krb5.conf
+
+- name: prepare kdc.conf
+  template:
+    src: kdc.conf
+    dest: /etc/krb5kdc/kdc.conf
+
+- name: prepare kadm5.acl
+  template:
+    src: kadm5.acl
+    dest: /etc/krb5kdc/kadm5.acl
+  notify: "restart krb5-admin-server"
+
+- name: install krb5-kdc-ldap and krb5-admin-server
+  apt:
+    name:
+      - krb5-kdc-ldap
+      - krb5-admin-server
+    state: latest
+
+- name: prepare kerberos.openldap.ldif
+  shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
+  when: not krb5kdc.stat.exists
+
+- name: activate kerberos.openldap.ldif schema
+  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/kerberos.openldap.ldif
+  when: not krb5kdc.stat.exists
+
+- name: make sure we have a kerberos container
+  ldap_entry:
+    dn: "cn=kerberos,{{ basedn }}"
+    objectClass: krbContainer
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+  when: not krb5kdc.stat.exists
+
+- name: make sure we have a kdc object
+  ldap_entry:
+    dn: "cn=kdc,cn=kerberos,{{ basedn }}"
+    objectClass:
+      - organizationalRole
+      - simpleSecurityObject
+    attributes:
+      userPassword: "{{ kdc_pwd }}"
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+  when: not krb5kdc.stat.exists
+
+- name: make sure we have a kadmin object
+  ldap_entry:
+    dn: "cn=kadmin,cn=kerberos,{{ basedn }}"
+    objectClass:
+      - organizationalRole
+      - simpleSecurityObject
+    attributes:
+      userPassword: "{{ kadmin_pwd }}"
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd }}"
+  when: not krb5kdc.stat.exists
+
+- name: modify ACLs to account for KDC
+  ldap_attr:
+    dn: "olcDatabase={1}mdb,cn=config"
+    name: olcAccess
+    values:
+      - >-
+        to attrs=userPassword
+        by self write
+        by anonymous auth
+        by * none
+      - >-
+        to attrs=shadowLastChange
+        by self write
+        by * read
+      - >-
+        to dn.subtree="cn=kerberos,{{ basedn }}"
+        by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+        by * none
+      - >-
+        to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
+        by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+        by self read
+        by * auth
+      - >-
+        to *
+        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+        by * read
+    state: exact
+  when: not krb5kdc.stat.exists
+
+- name: add KDC indexes to LDAP
+  ldap_attr:
+    dn: "olcDatabase={1}mdb,cn=config"
+    name: olcDbIndex
+    values: krbPrincipalName pres,sub,eq
+  when: not krb5kdc.stat.exists
+
+- name: prepare password for kdc
+  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_pwd }} | xxd -g0 -ps | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
+  no_log: true
+  when: not krb5kdc.stat.exists
+
+- name: prepare password for kadmin
+  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_pwd }} | xxd -g0 -ps | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
+  no_log: true
+  when: not krb5kdc.stat.exists
+
+- name: dump kdc master password
+  shell: echo -n "{{ kdc_master_pwd }}" > "{{ kdc_pwd_file }}" ; chmod 0600 "{{ kdc_pwd_file }}"
+  no_log: true
+  when: not krb5kdc.stat.exists
+
+- name: initialize KDC
+  command:
+    >-
+      kdb5_ldap_util
+      -D cn=admin,"{{ basedn }}"
+      -w "{{ ldap_admin_pwd }}"
+      -H ldapi:///
+      create -s -subtrees "{{ basedn }}"
+      -P "{{ kdc_master_pwd }}"
+      -r "{{ ldap_domain | upper }}"
+  no_log: true
+  notify: "restart krb5-kdc"
+  when: not krb5kdc.stat.exists
+
+- name: add default policy to silence warning when using kadmin
+  command: kadmin.local -q "add_policy default"
+  when: not krb5kdc.stat.exists
+
+- name: kerberize dummy user foo
+  command: kadmin.local -q 'add_principal -pw {{ foo_pwd }} -x dn="uid=foo,ou=people,{{ basedn }}" foo'
+  when: foo_pwd is defined
diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl b/roles/krb5-kdc-ldap/templates/kadm5.acl
new file mode 100644
index 0000000..1ddf3ff
--- /dev/null
+++ b/roles/krb5-kdc-ldap/templates/kadm5.acl
@@ -0,0 +1,4 @@
+## access controls for the Kerberos KDC
+root/admin@{{ ldap_domain | upper }} *
+*@{{ ldap_domain | upper }} cil
+*/*@{{ ldap_domain | upper }} i
diff --git a/roles/krb5-kdc-ldap/templates/kdc.conf b/roles/krb5-kdc-ldap/templates/kdc.conf
new file mode 100644
index 0000000..477c9ba
--- /dev/null
+++ b/roles/krb5-kdc-ldap/templates/kdc.conf
@@ -0,0 +1,15 @@
+[kdcdefaults]
+    kdc_ports = 750,88
+
+[realms]
+    {{ ldap_domain | upper }} = {
+        admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
+        acl_file = /etc/krb5kdc/kadm5.acl
+        key_stash_file = /etc/krb5kdc/stash
+        kdc_ports = 750,88
+        max_life = 10h 0m 0s
+        max_renewable_life = 7d 0h 0m 0s
+        master_key_type = des3-hmac-sha1
+        #supported_enctypes = aes256-cts:normal aes128-cts:normal
+        default_principal_flags = +preauth
+    }
diff --git a/roles/krb5-kdc-ldap/templates/krb5.conf b/roles/krb5-kdc-ldap/templates/krb5.conf
new file mode 100644
index 0000000..8f231cb
--- /dev/null
+++ b/roles/krb5-kdc-ldap/templates/krb5.conf
@@ -0,0 +1,26 @@
+[libdefaults]
+        default_realm = {{ ldap_domain | upper }}
+
+[realms]
+        {{ ldap_domain | upper }} = {
+                kdc = {{ ansible_hostname }}
+                admin_server = {{ ansible_hostname }}
+                database_module = LDAP
+        }
+
+[domain_realm]
+        .{{ ldap_domain }} = {{ ldap_domain | upper }}
+        {{ ldap_domain }} = {{ ldap_domain | upper }}
+
+[dbdefaults]
+        ldap_kerberos_container_dn = cn=kerberos,{{ basedn }}
+
+[dbmodules]
+        LDAP = {
+                db_library = kldap
+                ldap_kdc_dn = cn=kdc,cn=kerberos,{{ basedn }}
+                ldap_kadmind_dn = cn=kadmin,cn=kerberos,{{ basedn }}
+                ldap_service_password_file = /etc/krb5kdc/service.keyfile
+                ldap_servers = ldapi:///
+                ldap_conns_per_server = 5
+        }

From 7e1332ee46a069161499bf8900748c873f79d3bb Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 17 Nov 2019 18:25:43 +0100
Subject: [PATCH 038/504] Minor fixes for KDC-LDAP.

---
 roles/krb5-kdc-ldap/tasks/main.yml                 | 14 +++++++++++---
 .../templates/{kadm5.acl => kadm5.acl.j2}          |  1 -
 .../templates/{kdc.conf => kdc.conf.j2}            |  0
 .../templates/{krb5.conf => krb5.conf.j2}          |  0
 roles/ldap/tasks/main.yml                          |  2 +-
 5 files changed, 12 insertions(+), 5 deletions(-)
 rename roles/krb5-kdc-ldap/templates/{kadm5.acl => kadm5.acl.j2} (72%)
 rename roles/krb5-kdc-ldap/templates/{kdc.conf => kdc.conf.j2} (100%)
 rename roles/krb5-kdc-ldap/templates/{krb5.conf => krb5.conf.j2} (100%)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 6f37107..63aaeb5 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -8,17 +8,17 @@
 
 - name: prepare krb5.conf
   template:
-    src: krb5.conf
+    src: krb5.conf.j2
     dest: /etc/krb5.conf
 
 - name: prepare kdc.conf
   template:
-    src: kdc.conf
+    src: kdc.conf.j2
     dest: /etc/krb5kdc/kdc.conf
 
 - name: prepare kadm5.acl
   template:
-    src: kadm5.acl
+    src: kadm5.acl.j2
     dest: /etc/krb5kdc/kadm5.acl
   notify: "restart krb5-admin-server"
 
@@ -141,6 +141,14 @@
   command: kadmin.local -q "add_policy default"
   when: not krb5kdc.stat.exists
 
+- name: create machine principal
+  command: kadmin.local -q "addprinc -randkey host/{{ ansible_hostname }}.{{ ldap_domain }}"
+  when: not krb5kdc.stat.exists
+
+- name: add principal to the keytab
+  command: kadmin.local -q "ktadd host/{{ ansible_hostname }}.{{ ldap_domain }}"
+  when: not krb5kdc.stat.exists
+
 - name: kerberize dummy user foo
   command: kadmin.local -q 'add_principal -pw {{ foo_pwd }} -x dn="uid=foo,ou=people,{{ basedn }}" foo'
   when: foo_pwd is defined
diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
similarity index 72%
rename from roles/krb5-kdc-ldap/templates/kadm5.acl
rename to roles/krb5-kdc-ldap/templates/kadm5.acl.j2
index 1ddf3ff..c21d6b8 100644
--- a/roles/krb5-kdc-ldap/templates/kadm5.acl
+++ b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
@@ -1,4 +1,3 @@
 ## access controls for the Kerberos KDC
-root/admin@{{ ldap_domain | upper }} *
 *@{{ ldap_domain | upper }} cil
 */*@{{ ldap_domain | upper }} i
diff --git a/roles/krb5-kdc-ldap/templates/kdc.conf b/roles/krb5-kdc-ldap/templates/kdc.conf.j2
similarity index 100%
rename from roles/krb5-kdc-ldap/templates/kdc.conf
rename to roles/krb5-kdc-ldap/templates/kdc.conf.j2
diff --git a/roles/krb5-kdc-ldap/templates/krb5.conf b/roles/krb5-kdc-ldap/templates/krb5.conf.j2
similarity index 100%
rename from roles/krb5-kdc-ldap/templates/krb5.conf
rename to roles/krb5-kdc-ldap/templates/krb5.conf.j2
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index a775111..6b4a5d2 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -90,7 +90,7 @@
       userPassword: "{{ foo_pwd }}"
       uidNumber: 10000
       gidNumber: 10000
-      homeDirectory: /home/foo
+      homeDirectory: /home/lan/foo
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
   when: foo_pwd is defined

From ece5bca5b52ea1398d8fe55e2f2010994514202b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 17 Nov 2019 19:12:22 +0100
Subject: [PATCH 039/504] Implement NFS4 server role.

---
 roles/nfs-server/defaults/main.yml      |  4 ++
 roles/nfs-server/handlers/main.yml      | 11 +++++
 roles/nfs-server/tasks/main.yml         | 65 +++++++++++++++++++++++++
 roles/nfs-server/templates/sssd.conf.j2 | 24 +++++++++
 4 files changed, 104 insertions(+)
 create mode 100644 roles/nfs-server/defaults/main.yml
 create mode 100644 roles/nfs-server/handlers/main.yml
 create mode 100644 roles/nfs-server/tasks/main.yml
 create mode 100644 roles/nfs-server/templates/sssd.conf.j2

diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
new file mode 100644
index 0000000..08061b3
--- /dev/null
+++ b/roles/nfs-server/defaults/main.yml
@@ -0,0 +1,4 @@
+export_root: /srv/nfs4
+export_dir:  /home/lan
+ldap_domain: "{{ ansible_domain | default('intern', true) }}"
+basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
diff --git a/roles/nfs-server/handlers/main.yml b/roles/nfs-server/handlers/main.yml
new file mode 100644
index 0000000..bc2c23b
--- /dev/null
+++ b/roles/nfs-server/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: restart nfs-kernel-server
+  service: name=nfs-kernel-server state=restarted enabled=yes
+  listen: "restart nfs-kernel-server"
+
+- name: restart rpc-svcgssd
+  service: name=rpc-svcgssd state=restarted enabled=yes
+  listen: "restart rpc-svcgssd"
+
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
new file mode 100644
index 0000000..5b6a28a
--- /dev/null
+++ b/roles/nfs-server/tasks/main.yml
@@ -0,0 +1,65 @@
+## Install and configure nfs-server
+---
+- name: check if there are installing
+  stat: path=/etc/exports
+  register: exports
+
+- name: install nfs-kernel-server
+  apt:
+    name:
+      - nfs-kernel-server
+    state: latest
+
+- name: make sure the export exists
+  file: path={{ export_root }}/home/ state=directory recurse=yes
+
+- name: make sure the export exists
+  file: path={{ export_dir }} state=directory recurse=yes
+
+- name: bind mount exported dir
+  mount:
+    path: "{{ export_root }}/home/"
+    src: "{{ export_dir }}"
+    fstype: none
+    state: mounted
+    opts: bind
+
+- name: configure exports
+  blockinfile:
+    dest: /etc/exports
+    insertbefore: EOF
+    block: |
+      {{ export_root }}         *(sec=krb5p:krb5i:krb5:sys,rw,fsid=0,crossmnt,no_subtree_check)
+      {{ export_root }}/home/   *(sec=krb5p:krb5i,rw,no_subtree_check)
+  notify: "restart nfs-kernel-server"
+
+
+
+- name: check if there is a local kadmin
+  stat: path=/usr/sbin/kadmin.local
+  register: kadmin
+
+- name: create machine principal
+  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  when: kadmin.stat.exists and not exports.stat.exists
+
+- name: add principal to the keytab
+  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  notify: "restart rpc-svcgssd"
+  when: kadmin.stat.exists and not exports.stat.exists
+
+- name: install sssd-krb5
+  apt:
+    name:
+      - sssd-krb5
+      - sssd-ldap
+    state: latest
+  when: kadmin.stat.exists
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
+  when: kadmin.stat.exists
diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfs-server/templates/sssd.conf.j2
new file mode 100644
index 0000000..0cea9c5
--- /dev/null
+++ b/roles/nfs-server/templates/sssd.conf.j2
@@ -0,0 +1,24 @@
+[sssd]
+domains = LDAP
+services = nss, pam
+config_file_version = 2
+
+[nss]
+filter_groups = root
+filter_users = root
+
+[pam]
+
+[domain/LDAP]
+id_provider = ldap
+ldap_uri = ldap://{{ ansible_hostname }}/
+ldap_search_base = {{ basedn }}
+
+auth_provider = krb5
+krb5_server = {{ ansible_hostname }}
+krb5_realm = {{ ldap_domain | upper }}
+cache_credentials = false
+
+min_id = 10000
+max_id = 20000
+enumerate = False

From ce6bd533195ff370ff141c61d082e625bd92db5e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 18 Nov 2019 15:31:30 +0100
Subject: [PATCH 040/504] Minor fixes and improvements, mostly KDC/LDAP
 related.

---
 roles/dhcp-dns-dnsmasq/tasks/main.yml      |  5 +++
 roles/krb5-kdc-ldap/defaults/main.yml      | 10 ++++--
 roles/krb5-kdc-ldap/tasks/main.yml         | 36 +++++++++++++++++-----
 roles/krb5-kdc-ldap/templates/kadm5.acl.j2 |  1 +
 roles/ldap/defaults/main.yml               |  1 +
 roles/ldap/tasks/main.yml                  |  8 +++--
 roles/nfs-server/defaults/main.yml         |  2 +-
 roles/nfs-server/tasks/main.yml            |  8 ++---
 8 files changed, 52 insertions(+), 19 deletions(-)

diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
index 0a0997a..d0e4bf6 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -1,3 +1,7 @@
+- name: check if dnsmasq is already there
+  stat: path=/etc/dnsmasq.d/dnsmasq-dhcp
+  register: dnsmasq
+
 - name: install dnsmasq package
   apt:
     name: dnsmasq
@@ -9,6 +13,7 @@
     line: "{{ item.1 }}\t{{ 'debian%03d' | format(item.0) }}"
   with_indexed_items: "{{ dhcp_list }}"
   notify: "restart dnsmasq"
+  when: not dnsmasq.stat.exists
 
 - name: configure dnsmasq
   template:
diff --git a/roles/krb5-kdc-ldap/defaults/main.yml b/roles/krb5-kdc-ldap/defaults/main.yml
index 7ea992c..8e22f30 100644
--- a/roles/krb5-kdc-ldap/defaults/main.yml
+++ b/roles/krb5-kdc-ldap/defaults/main.yml
@@ -1,5 +1,9 @@
 ---
-kdc_pwd: "{{ lookup('password', '/tmp/kdc.pwd length=24') }}"
-kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd length=24') }}"
 kdc_master_pwd: "{{ lookup('password', '/tmp/kdc_master.pwd length=24') }}"
-kdc_pwd_file: "/root/kdc-master.pwd"
+kdc_master_pwd_file: "/root/kdc-master.pwd"
+
+kdc_service_pwd: "{{ lookup('password', '/tmp/kdc-service.pwd length=24') }}"
+kadmin_service_pwd: "{{ lookup('password', '/tmp/kadmin-service.pwd length=24') }}"
+
+kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd length=24') }}"
+kadmin_pwd_file: "/root/kadmin.pwd"
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 63aaeb5..f306e5f 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -11,6 +11,9 @@
     src: krb5.conf.j2
     dest: /etc/krb5.conf
 
+- name: make sure krb5kdc exists
+  file: path=/etc/krb5kdc state=directory recurse=yes
+
 - name: prepare kdc.conf
   template:
     src: kdc.conf.j2
@@ -52,7 +55,7 @@
       - organizationalRole
       - simpleSecurityObject
     attributes:
-      userPassword: "{{ kdc_pwd }}"
+      userPassword: "{{ kdc_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
   when: not krb5kdc.stat.exists
@@ -64,7 +67,7 @@
       - organizationalRole
       - simpleSecurityObject
     attributes:
-      userPassword: "{{ kadmin_pwd }}"
+      userPassword: "{{ kadmin_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
   when: not krb5kdc.stat.exists
@@ -109,17 +112,17 @@
   when: not krb5kdc.stat.exists
 
 - name: prepare password for kdc
-  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_pwd }} | xxd -g0 -ps | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
+  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
 - name: prepare password for kadmin
-  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_pwd }} | xxd -g0 -ps | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
+  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} | xxd -g0 -ps | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
 - name: dump kdc master password
-  shell: echo -n "{{ kdc_master_pwd }}" > "{{ kdc_pwd_file }}" ; chmod 0600 "{{ kdc_pwd_file }}"
+  shell: echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ; chmod 0600 "{{ kdc_master_pwd_file }}"
   no_log: true
   when: not krb5kdc.stat.exists
 
@@ -137,18 +140,35 @@
   notify: "restart krb5-kdc"
   when: not krb5kdc.stat.exists
 
+- name: add root/admin as kadmin  
+  command: kadmin.local -q "addprinc -pw {{ kadmin_pwd }} root/admin"
+  when: not krb5kdc.stat.exists
+
+- name: dump kadmin password
+  shell: echo -n "{{ kadmin_pwd }}" > "{{ kadmin_pwd_file }}" ; chmod 0600 "{{ kadmin_pwd_file }}"
+  no_log: true
+  when: not krb5kdc.stat.exists
+  
 - name: add default policy to silence warning when using kadmin
   command: kadmin.local -q "add_policy default"
   when: not krb5kdc.stat.exists
 
-- name: create machine principal
-  command: kadmin.local -q "addprinc -randkey host/{{ ansible_hostname }}.{{ ldap_domain }}"
+- name: create machine principals
+  command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
+  with_items:
+    - host
+    - ldap
   when: not krb5kdc.stat.exists
 
 - name: add principal to the keytab
-  command: kadmin.local -q "ktadd host/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
+  with_items:
+    - host
+    - ldap
   when: not krb5kdc.stat.exists
 
+##############
+  
 - name: kerberize dummy user foo
   command: kadmin.local -q 'add_principal -pw {{ foo_pwd }} -x dn="uid=foo,ou=people,{{ basedn }}" foo'
   when: foo_pwd is defined
diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2 b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
index c21d6b8..1ddf3ff 100644
--- a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
+++ b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
@@ -1,3 +1,4 @@
 ## access controls for the Kerberos KDC
+root/admin@{{ ldap_domain | upper }} *
 *@{{ ldap_domain | upper }} cil
 */*@{{ ldap_domain | upper }} i
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index 8c16cfc..e3df005 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -2,3 +2,4 @@ ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
 ldap_pwd_file: "/root/ldap-admin.pwd"
 ldap_domain: "{{ ansible_domain | default('intern', true) }}"
 basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+lan_homes:  /home/lan
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 6b4a5d2..7d7eb84 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -37,11 +37,13 @@
   no_log: true
   when: not slapd.stat.exists
 
-- name: install slapd and python-ldap
+- name: install slapd, ldap-utils, ldapvi and python3-ldap
   apt:
     name:
       - slapd
-      - python-ldap
+      - ldap-utils
+      - ldapvi
+      - python3-ldap
     state: latest
 
 - name: make initial slapd configuration available
@@ -90,7 +92,7 @@
       userPassword: "{{ foo_pwd }}"
       uidNumber: 10000
       gidNumber: 10000
-      homeDirectory: /home/lan/foo
+      homeDirectory: "{{ lan_homes }}/foo"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
   when: foo_pwd is defined
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
index 08061b3..294950c 100644
--- a/roles/nfs-server/defaults/main.yml
+++ b/roles/nfs-server/defaults/main.yml
@@ -1,4 +1,4 @@
 export_root: /srv/nfs4
-export_dir:  /home/lan
+lan_homes:  /home/lan
 ldap_domain: "{{ ansible_domain | default('intern', true) }}"
 basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 5b6a28a..d9ea5a3 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -14,12 +14,12 @@
   file: path={{ export_root }}/home/ state=directory recurse=yes
 
 - name: make sure the export exists
-  file: path={{ export_dir }} state=directory recurse=yes
+  file: path={{ lan_homes }} state=directory recurse=yes
 
 - name: bind mount exported dir
   mount:
     path: "{{ export_root }}/home/"
-    src: "{{ export_dir }}"
+    src: "{{ lan_homes }}"
     fstype: none
     state: mounted
     opts: bind
@@ -40,11 +40,11 @@
   register: kadmin
 
 - name: create machine principal
-  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
   when: kadmin.stat.exists and not exports.stat.exists
 
 - name: add principal to the keytab
-  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
   notify: "restart rpc-svcgssd"
   when: kadmin.stat.exists and not exports.stat.exists
 

From bbcf45bbebfbcf95fe04327643e5277d4497e488 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 18 Nov 2019 18:45:07 +0100
Subject: [PATCH 041/504] Implement basic LAN client.

---
 minimal-krb5.yml                        | 10 ++++
 roles/lan-client/defaults/main.yml      |  6 +++
 roles/lan-client/handlers/main.yml      | 14 ++++++
 roles/lan-client/tasks/main.yml         | 63 +++++++++++++++++++++++++
 roles/lan-client/templates/sssd.conf.j2 | 24 ++++++++++
 roles/ldap/tasks/main.yml               |  1 +
 roles/nfs-server/tasks/main.yml         | 10 +++-
 7 files changed, 126 insertions(+), 2 deletions(-)
 create mode 100644 minimal-krb5.yml
 create mode 100644 roles/lan-client/defaults/main.yml
 create mode 100644 roles/lan-client/handlers/main.yml
 create mode 100644 roles/lan-client/tasks/main.yml
 create mode 100644 roles/lan-client/templates/sssd.conf.j2

diff --git a/minimal-krb5.yml b/minimal-krb5.yml
new file mode 100644
index 0000000..ebba3a2
--- /dev/null
+++ b/minimal-krb5.yml
@@ -0,0 +1,10 @@
+---
+# This playbook does almost nothing.  Useful for testing only preseeding.
+
+- name: apply a minimal configuration with kerberos LAN integration
+  hosts: all
+  remote_user: ansible
+  become: yes
+  roles:
+    - up2date-debian
+    - lan-client
diff --git a/roles/lan-client/defaults/main.yml b/roles/lan-client/defaults/main.yml
new file mode 100644
index 0000000..b52918d
--- /dev/null
+++ b/roles/lan-client/defaults/main.yml
@@ -0,0 +1,6 @@
+lan_homes:  /home/lan
+ldap_domain: "{{ ansible_domain | default('intern', true) }}"
+basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+ldap_server: ldap
+krb_server: kerberos
+nfs_server: nfs
diff --git a/roles/lan-client/handlers/main.yml b/roles/lan-client/handlers/main.yml
new file mode 100644
index 0000000..ec16fb7
--- /dev/null
+++ b/roles/lan-client/handlers/main.yml
@@ -0,0 +1,14 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
+
+- name: reload systemd
+  systemd:
+    daemon_reload: yes
+  listen: "reload systemd"
+
+- name: restart rpc-gssd
+  systemd:
+    name: rpc-gssd
+    state: restarted
+  notify: "restart rpc-gssd"
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
new file mode 100644
index 0000000..1008bb7
--- /dev/null
+++ b/roles/lan-client/tasks/main.yml
@@ -0,0 +1,63 @@
+---
+- name: preseed krb5-config realm
+  debconf:
+    name: krb5-config
+    question: krb5-config/default_realm
+    value: "{{ ldap_domain | upper }}"
+    vtype: string
+
+- name: preseed krb5-config kerberos servers
+  debconf:
+    name: krb5-config
+    question: krb5-config/kerberos_servers
+    value: "{{ krb_server }}"
+    vtype: string
+
+- name: preseed krb5-config admin server
+  debconf:
+    name: krb5-config
+    question: krb5-config/admin_server
+    value: "{{ krb_server }}"
+    vtype: string
+
+- name: install needed packages
+  apt:
+    name:
+      - krb5-config
+      - krb5-user
+      - sssd-krb5
+      - sssd-ldap
+      - nfs-common
+    state: latest
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
+
+- name: make sure the home mount directory exists
+  file: path={{ lan_homes }} state=directory recurse=yes
+
+
+## Activate machine after installation:
+- name: create machine principal
+  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  no_log: true
+  when: not run_in_installer|default(false)|bool
+
+- name: add principal to keytab
+  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  args:
+    creates: /etc/krb5.keytab
+  no_log: true
+  notify: "restart rpc-gssd"
+  when: not run_in_installer|default(false)|bool
+
+- name: automount
+  lineinfile:
+    dest: /etc/fstab
+    line: "{{ nfs_server}}:/home  {{ lan_homes }}  nfs4  sec=krb5p,_netdev,noauto,x-systemd.automount,x-systemd.idle-timeout=60  0  0"
+  notify: reload systemd
+  when: not run_in_installer|default(false)|bool
diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lan-client/templates/sssd.conf.j2
new file mode 100644
index 0000000..4b5b285
--- /dev/null
+++ b/roles/lan-client/templates/sssd.conf.j2
@@ -0,0 +1,24 @@
+[sssd]
+domains = LDAP
+services = nss, pam
+config_file_version = 2
+
+[nss]
+filter_groups = root
+filter_users = root
+
+[pam]
+
+[domain/LDAP]
+id_provider = ldap
+ldap_uri = ldap://{{ ldap_server }}/
+ldap_search_base = {{ basedn }}
+
+auth_provider = krb5
+krb5_server = {{ krb_server }}
+krb5_realm = {{ ldap_domain | upper }}
+cache_credentials = true
+
+min_id = 10000
+max_id = 20000
+enumerate = False
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 7d7eb84..36ca050 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -93,6 +93,7 @@
       uidNumber: 10000
       gidNumber: 10000
       homeDirectory: "{{ lan_homes }}/foo"
+      loginShell: /bin/bash
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
   when: foo_pwd is defined
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index d9ea5a3..3cb2f7f 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -29,8 +29,8 @@
     dest: /etc/exports
     insertbefore: EOF
     block: |
-      {{ export_root }}         *(sec=krb5p:krb5i:krb5:sys,rw,fsid=0,crossmnt,no_subtree_check)
-      {{ export_root }}/home/   *(sec=krb5p:krb5i,rw,no_subtree_check)
+      {{ export_root }}         *(sec=krb5p,rw,fsid=0,crossmnt,no_subtree_check)
+      {{ export_root }}/home/   *(sec=krb5p,rw,no_subtree_check)
   notify: "restart nfs-kernel-server"
 
 
@@ -63,3 +63,9 @@
     mode: 0600
   notify: restart sssd
   when: kadmin.stat.exists
+
+- name: copy home from /etc/skel for dummy user foo
+  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R foo:foo {{ lan_homes }}/foo
+  args:
+    creates: "{{ lan_homes }}/foo"
+  when: foo_pwd is defined

From ed8b7a7fa659d76b3af0c1f5c723efd3157a5337 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 21 Nov 2019 15:47:08 +0100
Subject: [PATCH 042/504] Use ansible_domain everywhere and bail out if it is
 empty.

---
 roles/krb5-kdc-ldap/tasks/main.yml         | 8 +++++---
 roles/krb5-kdc-ldap/templates/kadm5.acl.j2 | 6 +++---
 roles/krb5-kdc-ldap/templates/kdc.conf.j2  | 2 +-
 roles/krb5-kdc-ldap/templates/krb5.conf.j2 | 8 ++++----
 roles/lan-client/defaults/main.yml         | 3 +--
 roles/lan-client/tasks/main.yml            | 9 ++++++---
 roles/lan-client/templates/sssd.conf.j2    | 2 +-
 roles/ldap/defaults/main.yml               | 3 +--
 roles/ldap/tasks/main.yml                  | 4 +++-
 roles/nfs-server/defaults/main.yml         | 3 +--
 roles/nfs-server/tasks/main.yml            | 7 +++++--
 roles/nfs-server/templates/sssd.conf.j2    | 2 +-
 12 files changed, 32 insertions(+), 25 deletions(-)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index f306e5f..1de5dc5 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -1,6 +1,8 @@
 ## Install and configure krb5-kdc-ldap (if not done yet),
 ##  run most tasks only on krb5-kdc-ldap installation.
 ---
+- fail: msg="The machine's domain must not be empty."
+  when: ansible_domain | length == 0 
 
 - name: check if slapd is already there
   stat: path=/usr/sbin/krb5kdc
@@ -135,7 +137,7 @@
       -H ldapi:///
       create -s -subtrees "{{ basedn }}"
       -P "{{ kdc_master_pwd }}"
-      -r "{{ ldap_domain | upper }}"
+      -r "{{ ansible_domain | upper }}"
   no_log: true
   notify: "restart krb5-kdc"
   when: not krb5kdc.stat.exists
@@ -154,14 +156,14 @@
   when: not krb5kdc.stat.exists
 
 - name: create machine principals
-  command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
   with_items:
     - host
     - ldap
   when: not krb5kdc.stat.exists
 
 - name: add principal to the keytab
-  command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
   with_items:
     - host
     - ldap
diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2 b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
index 1ddf3ff..54c6636 100644
--- a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
+++ b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
@@ -1,4 +1,4 @@
 ## access controls for the Kerberos KDC
-root/admin@{{ ldap_domain | upper }} *
-*@{{ ldap_domain | upper }} cil
-*/*@{{ ldap_domain | upper }} i
+root/admin@{{ ansible_domain | upper }} *
+*@{{ ansible_domain | upper }} cil
+*/*@{{ ansible_domain | upper }} i
diff --git a/roles/krb5-kdc-ldap/templates/kdc.conf.j2 b/roles/krb5-kdc-ldap/templates/kdc.conf.j2
index 477c9ba..7a64706 100644
--- a/roles/krb5-kdc-ldap/templates/kdc.conf.j2
+++ b/roles/krb5-kdc-ldap/templates/kdc.conf.j2
@@ -2,7 +2,7 @@
     kdc_ports = 750,88
 
 [realms]
-    {{ ldap_domain | upper }} = {
+    {{ ansible_domain | upper }} = {
         admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
         acl_file = /etc/krb5kdc/kadm5.acl
         key_stash_file = /etc/krb5kdc/stash
diff --git a/roles/krb5-kdc-ldap/templates/krb5.conf.j2 b/roles/krb5-kdc-ldap/templates/krb5.conf.j2
index 8f231cb..11d3cf2 100644
--- a/roles/krb5-kdc-ldap/templates/krb5.conf.j2
+++ b/roles/krb5-kdc-ldap/templates/krb5.conf.j2
@@ -1,16 +1,16 @@
 [libdefaults]
-        default_realm = {{ ldap_domain | upper }}
+        default_realm = {{ ansible_domain | upper }}
 
 [realms]
-        {{ ldap_domain | upper }} = {
+        {{ ansible_domain | upper }} = {
                 kdc = {{ ansible_hostname }}
                 admin_server = {{ ansible_hostname }}
                 database_module = LDAP
         }
 
 [domain_realm]
-        .{{ ldap_domain }} = {{ ldap_domain | upper }}
-        {{ ldap_domain }} = {{ ldap_domain | upper }}
+        .{{ ansible_domain }} = {{ ansible_domain | upper }}
+        {{ ansible_domain }} = {{ ansible_domain | upper }}
 
 [dbdefaults]
         ldap_kerberos_container_dn = cn=kerberos,{{ basedn }}
diff --git a/roles/lan-client/defaults/main.yml b/roles/lan-client/defaults/main.yml
index b52918d..7c62cce 100644
--- a/roles/lan-client/defaults/main.yml
+++ b/roles/lan-client/defaults/main.yml
@@ -1,6 +1,5 @@
 lan_homes:  /home/lan
-ldap_domain: "{{ ansible_domain | default('intern', true) }}"
-basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 ldap_server: ldap
 krb_server: kerberos
 nfs_server: nfs
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index 1008bb7..74362a1 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -1,9 +1,12 @@
 ---
+- fail: msg="The machine's domain must not be empty."
+  when: ansible_domain | length == 0 
+
 - name: preseed krb5-config realm
   debconf:
     name: krb5-config
     question: krb5-config/default_realm
-    value: "{{ ldap_domain | upper }}"
+    value: "{{ ansible_domain | upper }}"
     vtype: string
 
 - name: preseed krb5-config kerberos servers
@@ -43,12 +46,12 @@
 
 ## Activate machine after installation:
 - name: create machine principal
-  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
   no_log: true
   when: not run_in_installer|default(false)|bool
 
 - name: add principal to keytab
-  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
   args:
     creates: /etc/krb5.keytab
   no_log: true
diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lan-client/templates/sssd.conf.j2
index 4b5b285..d55c2c7 100644
--- a/roles/lan-client/templates/sssd.conf.j2
+++ b/roles/lan-client/templates/sssd.conf.j2
@@ -16,7 +16,7 @@ ldap_search_base = {{ basedn }}
 
 auth_provider = krb5
 krb5_server = {{ krb_server }}
-krb5_realm = {{ ldap_domain | upper }}
+krb5_realm = {{ ansible_domain | upper }}
 cache_credentials = true
 
 min_id = 10000
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index e3df005..c84b93e 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -1,5 +1,4 @@
 ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
 ldap_pwd_file: "/root/ldap-admin.pwd"
-ldap_domain: "{{ ansible_domain | default('intern', true) }}"
-basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 lan_homes:  /home/lan
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 36ca050..de33367 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -1,6 +1,8 @@
 ## Install and configure slapd (if not done yet),
 ##  run most tasks only on slapd installation.
 ---
+- fail: msg="The machine's domain must not be empty."
+  when: ansible_domain | length == 0 
 
 - name: check if slapd is already there
   stat: path=/usr/sbin/slapd
@@ -10,7 +12,7 @@
   debconf:
     name: slapd
     question:  slapd/domain
-    value: "{{ ldap_domain }}"
+    value: "{{ ansible_domain }}"
     vtype: string
   when: not slapd.stat.exists
 
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
index 294950c..49adf7c 100644
--- a/roles/nfs-server/defaults/main.yml
+++ b/roles/nfs-server/defaults/main.yml
@@ -1,4 +1,3 @@
 export_root: /srv/nfs4
 lan_homes:  /home/lan
-ldap_domain: "{{ ansible_domain | default('intern', true) }}"
-basedn: "{{ 'dc=' + ( ldap_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 3cb2f7f..4eb52c0 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -1,5 +1,8 @@
 ## Install and configure nfs-server
 ---
+- fail: msg="The machine's domain must not be empty."
+  when: ansible_domain | length == 0 
+
 - name: check if there are installing
   stat: path=/etc/exports
   register: exports
@@ -40,11 +43,11 @@
   register: kadmin
 
 - name: create machine principal
-  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
   when: kadmin.stat.exists and not exports.stat.exists
 
 - name: add principal to the keytab
-  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ldap_domain }}"
+  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
   notify: "restart rpc-svcgssd"
   when: kadmin.stat.exists and not exports.stat.exists
 
diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfs-server/templates/sssd.conf.j2
index 0cea9c5..54868d2 100644
--- a/roles/nfs-server/templates/sssd.conf.j2
+++ b/roles/nfs-server/templates/sssd.conf.j2
@@ -16,7 +16,7 @@ ldap_search_base = {{ basedn }}
 
 auth_provider = krb5
 krb5_server = {{ ansible_hostname }}
-krb5_realm = {{ ldap_domain | upper }}
+krb5_realm = {{ ansible_domain | upper }}
 cache_credentials = false
 
 min_id = 10000

From 5d5f75e0c82157504d581e17422b8b19d0d20cb4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 21 Nov 2019 17:19:28 +0100
Subject: [PATCH 043/504] Do not preseed desktop environment, leave this to the
 ansible role.

---
 roles/installbox2kiosk/tasks/main.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
index 0da71cf..6fe4f00 100644
--- a/roles/installbox2kiosk/tasks/main.yml
+++ b/roles/installbox2kiosk/tasks/main.yml
@@ -26,12 +26,6 @@
     regexp: '^#(apt-setup-udeb.*)$'
     replace: '\1'
 
-- name: preseed client - add gnome-desktop, print-server
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(tasksel tasksel/first multiselect standard, ssh-server)$'
-    replace: '#\1\ntasksel tasksel/first multiselect standard, ssh-server, gnome-desktop, print-server'
-
 - name: preseed client - add firmware-linux, ansible and git
   replace:
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"

From fbf48f44f3f711fc5bc15aeddba0a8e564736600 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 21 Nov 2019 19:15:22 +0100
Subject: [PATCH 044/504] Fixes and improvements, NFS/KDC/LDAP related.

---
 kerberox-client.yml                           | 26 +++++++++++
 kerberox.yml                                  | 46 +++++++++++++++++++
 mainserver.yml                                | 14 ------
 roles/kde/tasks/main.yml                      |  1 +
 roles/krb5-kdc-ldap/tasks/main.yml            | 21 +++++----
 roles/lan-client/tasks/main.yml               | 12 +++--
 roles/ldap/defaults/main.yml                  |  2 +-
 roles/ldap/tasks/main.yml                     | 13 ++++--
 roles/nfs-server/handlers/main.yml            | 13 ++++++
 roles/nfs-server/tasks/main.yml               | 30 ++++++------
 .../nfs-server/templates/dhcp-send-domain.j2  |  2 +
 11 files changed, 134 insertions(+), 46 deletions(-)
 create mode 100644 kerberox-client.yml
 create mode 100644 kerberox.yml
 delete mode 100644 mainserver.yml
 create mode 100644 roles/nfs-server/templates/dhcp-send-domain.j2

diff --git a/kerberox-client.yml b/kerberox-client.yml
new file mode 100644
index 0000000..4861857
--- /dev/null
+++ b/kerberox-client.yml
@@ -0,0 +1,26 @@
+---
+# This playbook deploys a client for the kerberox LAN.
+
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    deb_release: "buster"
+    extra_pkgs:
+      - webext-privacy-badger
+      - webext-ublock-origin
+      - krb5-auth-dialog
+    extra_pkgs_bpo: []  # [ libreoffice ]
+
+  vars_prompt:
+    - name: "kadmin_pwd"
+      prompt: "Provide kadmin password to fetch kerberos keytab.\nLeave empty if done already"
+      private: yes
+      
+  roles:
+    - up2date-debian
+    - lan-client
+    ## Choose either gnome or KDE:
+    - gnome
+    #- kde
diff --git a/kerberox.yml b/kerberox.yml
new file mode 100644
index 0000000..e7eff0e
--- /dev/null
+++ b/kerberox.yml
@@ -0,0 +1,46 @@
+---
+# This playbook deploys the kerberox server.
+
+- name: apply configuration to the installbox
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    ## This interface provides the default route:
+    if_wan: "{{ ansible_default_ipv4.interface }}"
+    ## Use the first remaining interface for the LAN:
+    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
+    ## Add 'hostname=XXX' to the installer boot parameters if necessary:
+    hostname: "{{ ansible_hostname }}"
+    ipaddr_lan: 192.168.0.10
+    dhcp_range: 192.168.0.50,192.168.0.150,2h
+    dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
+    tftp_root: "/var/lib/tftpboot"
+    deb_mirror: "deb.debian.org"
+    di_dist: "buster"
+    di_version: "10"
+    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+    ansible_user: ansible
+    repo_dir: "/home/{{ ansible_user }}/debian-lan"
+    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
+
+  vars_prompt:
+    - name: "foo_pwd"
+      prompt: "Provide a non-empty password for the test user 'foo'.\nLeave empty to continue without test user"
+      private: yes
+
+  pre_tasks:
+    - name: validate if interfaces are available
+      fail:
+        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
+      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
+
+  roles:
+    - up2date-debian
+    - two-interface-firewalld
+    - dhcp-dns-dnsmasq
+    - tftp-netboot-installer
+    - preseed-installer
+    - apt-cacher
+    - krb5-kdc-ldap
+    - nfs-server
diff --git a/mainserver.yml b/mainserver.yml
deleted file mode 100644
index a97a47b..0000000
--- a/mainserver.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# This playbook deploys the mainserver
-
-- name: apply configuration to the mainserver
-  hosts: all
-  remote_user: andi
-  become: yes
-  vars:
-    foo_pwd: 123
-    
-  roles:
-#    - ldap
-    - krb5-kdc-ldap
-
diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
index 847da41..74f7e1f 100644
--- a/roles/kde/tasks/main.yml
+++ b/roles/kde/tasks/main.yml
@@ -2,6 +2,7 @@
   apt:
     name:
       - task-kde-desktop
+      - sddm-theme-debian-breeze
       - cups
     state: latest
 
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 1de5dc5..5252dc1 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -2,7 +2,7 @@
 ##  run most tasks only on krb5-kdc-ldap installation.
 ---
 - fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0 
+  when: ansible_domain | length == 0
 
 - name: check if slapd is already there
   stat: path=/usr/sbin/krb5kdc
@@ -142,35 +142,38 @@
   notify: "restart krb5-kdc"
   when: not krb5kdc.stat.exists
 
-- name: add root/admin as kadmin  
-  command: kadmin.local -q "addprinc -pw {{ kadmin_pwd }} root/admin"
+- name: add root/admin as kadmin
+  command: kadmin.local -q 'addprinc -pw "{{ kadmin_pwd }}" root/admin'
   when: not krb5kdc.stat.exists
 
 - name: dump kadmin password
   shell: echo -n "{{ kadmin_pwd }}" > "{{ kadmin_pwd_file }}" ; chmod 0600 "{{ kadmin_pwd_file }}"
   no_log: true
   when: not krb5kdc.stat.exists
-  
+
 - name: add default policy to silence warning when using kadmin
   command: kadmin.local -q "add_policy default"
   when: not krb5kdc.stat.exists
 
 - name: create machine principals
-  command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin.local -q 'addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
   with_items:
     - host
     - ldap
   when: not krb5kdc.stat.exists
 
 - name: add principal to the keytab
-  command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin.local -q 'ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
   with_items:
     - host
     - ldap
   when: not krb5kdc.stat.exists
 
 ##############
-  
+
 - name: kerberize dummy user foo
-  command: kadmin.local -q 'add_principal -pw {{ foo_pwd }} -x dn="uid=foo,ou=people,{{ basedn }}" foo'
-  when: foo_pwd is defined
+  command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
+  register: kerberize_result
+  changed_when: kerberize_result.stderr is not search('already exists while creating')
+  no_log: true
+  when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index 74362a1..f86861b 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -33,6 +33,8 @@
       - nfs-common
     state: latest
 
+## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
+    
 - name: provide identities from directory
   template:
     src: sssd.conf.j2
@@ -46,17 +48,19 @@
 
 ## Activate machine after installation:
 - name: create machine principal
-  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  register: kerberize_result
+  changed_when: kerberize_result.stderr is not search('already exists while creating')
   no_log: true
-  when: not run_in_installer|default(false)|bool
+  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
 
 - name: add principal to keytab
-  command: kadmin -p root/admin -w {{ lookup('password', '/root/kadmin.pwd') }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
   args:
     creates: /etc/krb5.keytab
   no_log: true
   notify: "restart rpc-gssd"
-  when: not run_in_installer|default(false)|bool
+  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
 
 - name: automount
   lineinfile:
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index c84b93e..141c21f 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -1,4 +1,4 @@
 ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
-ldap_pwd_file: "/root/ldap-admin.pwd"
+ldap_admin_pwd_file: "/root/ldap-admin.pwd"
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 lan_homes:  /home/lan
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index de33367..6f290d3 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -2,7 +2,7 @@
 ##  run most tasks only on slapd installation.
 ---
 - fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0 
+  when: ansible_domain | length == 0
 
 - name: check if slapd is already there
   stat: path=/usr/sbin/slapd
@@ -35,7 +35,7 @@
   when: not slapd.stat.exists
 
 - name: dump admin password
-  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_pwd_file }}" ; chmod 0600 "{{ ldap_pwd_file }}"
+  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
   no_log: true
   when: not slapd.stat.exists
 
@@ -80,6 +80,11 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
 
+- name: provide simple script to add/delete users
+  template:
+    src: debian-lan.j2
+    dest: /usr/local/sbin/debian-lan
+    mode: 0744
 
 ## Add user
 - name: add dummy user foo
@@ -98,7 +103,7 @@
       loginShell: /bin/bash
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
-  when: foo_pwd is defined
+  when: foo_pwd is defined and foo_pwd | length > 0
 
 - name: add dummy group foo
   ldap_entry:
@@ -109,7 +114,7 @@
       gidNumber: 10000
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
-  when: foo_pwd is defined
+  when: foo_pwd is defined and foo_pwd | length > 0
 
 ## ldapaddgroup tom
 ## ldapadduser tom tom
diff --git a/roles/nfs-server/handlers/main.yml b/roles/nfs-server/handlers/main.yml
index bc2c23b..224f948 100644
--- a/roles/nfs-server/handlers/main.yml
+++ b/roles/nfs-server/handlers/main.yml
@@ -1,3 +1,12 @@
+- name: bind mount exported dir
+  mount:
+    path: "{{ export_root }}/home/"
+    src: "{{ lan_homes }}"
+    fstype: none
+    state: mounted
+    opts: bind
+  listen: "bind mount exported dirs"
+
 - name: restart nfs-kernel-server
   service: name=nfs-kernel-server state=restarted enabled=yes
   listen: "restart nfs-kernel-server"
@@ -9,3 +18,7 @@
 - name: restart sssd
   service: name=sssd state=restarted enabled=yes
   listen: "restart sssd"
+
+- name: restart dnsmasq
+  service: name=dnsmasq state=restarted enabled=yes
+  listen: "restart dnsmasq"
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 4eb52c0..aede26c 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -1,7 +1,7 @@
 ## Install and configure nfs-server
 ---
 - fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0 
+  when: ansible_domain | length == 0
 
 - name: check if there are installing
   stat: path=/etc/exports
@@ -13,19 +13,12 @@
       - nfs-kernel-server
     state: latest
 
-- name: make sure the export exists
+- name: make sure the export paths exists
   file: path={{ export_root }}/home/ state=directory recurse=yes
 
-- name: make sure the export exists
+- name: make sure the lan homes exists
   file: path={{ lan_homes }} state=directory recurse=yes
-
-- name: bind mount exported dir
-  mount:
-    path: "{{ export_root }}/home/"
-    src: "{{ lan_homes }}"
-    fstype: none
-    state: mounted
-    opts: bind
+  notify: "bind mount exported dirs"
 
 - name: configure exports
   blockinfile:
@@ -36,8 +29,6 @@
       {{ export_root }}/home/   *(sec=krb5p,rw,no_subtree_check)
   notify: "restart nfs-kernel-server"
 
-
-
 - name: check if there is a local kadmin
   stat: path=/usr/sbin/kadmin.local
   register: kadmin
@@ -71,4 +62,15 @@
   shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R foo:foo {{ lan_homes }}/foo
   args:
     creates: "{{ lan_homes }}/foo"
-  when: foo_pwd is defined
+  when: foo_pwd is defined and foo_pwd | length > 0
+
+- name: check if our dnsmasq is used
+  stat: path=/etc/dnsmasq.d/dnsmasq-dhcp
+  register: dnsmasq
+
+- name: send domain to clients
+  template:
+    src: dhcp-send-domain.j2
+    dest: /etc/dnsmasq.d/dhcp-send-domain
+  notify: "restart dnsmasq"
+  when: dnsmasq.stat.exists
diff --git a/roles/nfs-server/templates/dhcp-send-domain.j2 b/roles/nfs-server/templates/dhcp-send-domain.j2
new file mode 100644
index 0000000..6933a9e
--- /dev/null
+++ b/roles/nfs-server/templates/dhcp-send-domain.j2
@@ -0,0 +1,2 @@
+expand-hosts
+domain={{ ansible_domain }}

From f158d8cae15e283ac339fb3c726d0541fab8f55b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 23 Nov 2019 18:01:24 +0100
Subject: [PATCH 045/504] Add simple script to add/delete users and their
 group.

---
 roles/ldap/templates/debian-lan.j2 | 140 +++++++++++++++++++++++++++++
 roles/nfs-server/tasks/main.yml    |   1 +
 2 files changed, 141 insertions(+)
 create mode 100644 roles/ldap/templates/debian-lan.j2

diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
new file mode 100644
index 0000000..e17404f
--- /dev/null
+++ b/roles/ldap/templates/debian-lan.j2
@@ -0,0 +1,140 @@
+#!/bin/bash
+#
+# A simple script to add users and their group to ldap, as well as a kerberos principal.
+#
+
+set -eu
+
+usage(){
+    cat <<EOF
+Usage: 
+         $(basename $0)  adduser  <uid>  <password>  [<cn>] [<sn>]
+         $(basename $0)  deluser  <uid>
+
+     <uid>:        User ID (login name)
+     <password>:   Password 
+     <cn>, <sn>:   LDAP attributes, if omitted, <uid> is used.
+
+EOF
+}
+
+#sss_cache -U -G  ## should not be necessary
+
+if [ $# -lt 2 ] ; then
+    usage
+    exit 1
+elif [ $1 = adduser -a $# -lt 3 ] ; then
+    echo "Error: Password missing."
+    usage
+    exit 1
+fi
+
+MINID=10000
+MAXID=20000
+BASEDN="{{ basedn }}"
+HOMES="{{ lan_homes }}"
+LDAPADMIN="cn=admin,$BASEDN"
+ADPASSWD="$(cat {{ ldap_admin_pwd_file }})"
+
+COMMAND="$1"
+uid="$2"
+pw="${3:-""}"
+cn="${4:-$2}"
+sn="${5:-$2}"
+
+if [ -x /usr/sbin/kadmin.local ] ; then
+    KRB5=true
+    pwEntry=""
+else
+    KRB5=false
+    pwEntry="userPassword: $pw"
+fi
+
+#############
+
+
+nextnum(){
+    local num
+    num="$(( $(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" -S $1 $1 2>/dev/null \
+                        |  tail -n -2 | grep -oE "[[:digit:]]+$") + 1 ))"
+    if [ $num -lt $MINID ] ; then
+        echo $MINID
+    else
+        echo "$num"
+    fi
+}
+
+add-user(){
+    uidNumber=$(nextnum uidNumber)
+    gidNumber=$(nextnum gidNumber)
+    
+    if [ $uidNumber -ge $MAXID -o $gidNumber -ge $MAXID ] ; then
+        echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
+        exit 1
+    fi
+    
+    cat <<EOF | ldapadd -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
+############## LDIF ##############
+dn: uid=${uid},ou=people,$BASEDN
+objectClass: inetOrgPerson
+objectClass: posixAccount
+uidNumber: ${uidNumber}
+gidNumber: ${gidNumber}
+homeDirectory: ${HOMES}/${uid}
+loginShell: /bin/bash
+cn: ${cn}
+sn: ${sn}
+${pwEntry}
+
+dn: cn=${uid},ou=groups,$BASEDN
+objectClass: posixGroup
+gidNumber: ${gidNumber}
+##################################
+EOF
+
+    echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
+
+    if [ $KRB5 ] ; then
+        kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${uid},ou=people,$BASEDN\" ${uid}" \
+            | sed '/Authenticating as principal/d'
+        cp -r /etc/skel ${HOMES}/${uid}
+        chown -R ${uidNumber}:${gidNumber} ${HOMES}/${uid}
+        ls -nld ${HOMES}/${uid}
+    fi
+}
+
+
+del-user(){
+    local KEEPDIR
+    if [ $KRB5 ] ; then
+        ## Remove all kerberos attributes from LDAP, then the whole DN below.  The latter should be sufficient. 
+        kadmin.local -q "delete_principal -force ${uid}"  \
+            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
+    fi
+    
+    ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${uid},ou=people,$BASEDN"  "cn=${uid},ou=groups,$BASEDN" 2>&1 \
+        | sed '/ldap_initialize/d' 
+    
+    if [ -d ${HOMES}/${uid} ] ; then
+        KEEPDIR="${HOMES}/rm_$(date '+%Y%m%d')_${uid}"
+        mv ${HOMES}/${uid} "${KEEPDIR}"
+        chown -R root:root  "${KEEPDIR}"
+        ls -ld "$KEEPDIR"
+    fi
+}
+    
+##############################
+########### main #############
+##############################
+
+case $COMMAND in
+    adduser)
+        add-user
+        ;;
+    deluser)
+        del-user
+        ;;
+    *)
+        usage
+        ;;
+esac
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index aede26c..31c9036 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -47,6 +47,7 @@
     name:
       - sssd-krb5
       - sssd-ldap
+      - sssd-tools     ##  sss_cache -U -G
     state: latest
   when: kadmin.stat.exists
 

From ea36c9beaf86aa444365c3b0a4ff1d77abe44fca Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 24 Nov 2019 19:44:01 +0100
Subject: [PATCH 046/504] Use provided ansible variable to determine debian
 release.

---
 kerberox-client.yml             |  1 -
 kerberox.yml                    |  4 ++--
 kiosk.yml                       |  1 -
 roles/kiosk/tasks/main.yml      |  6 +++---
 roles/lan-client/tasks/main.yml | 18 ++++++++++++++++--
 5 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/kerberox-client.yml b/kerberox-client.yml
index 4861857..3170e0e 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -6,7 +6,6 @@
   remote_user: ansible
   become: yes
   vars:
-    deb_release: "buster"
     extra_pkgs:
       - webext-privacy-badger
       - webext-ublock-origin
diff --git a/kerberox.yml b/kerberox.yml
index e7eff0e..1c34282 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -17,8 +17,8 @@
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
     tftp_root: "/var/lib/tftpboot"
     deb_mirror: "deb.debian.org"
-    di_dist: "buster"
-    di_version: "10"
+    di_dist: "{{ ansible_distribution_release }}"
+    di_version: "{{ ansible_distribution_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
     ansible_user: ansible
     repo_dir: "/home/{{ ansible_user }}/debian-lan"
diff --git a/kiosk.yml b/kiosk.yml
index e3e89a5..b68bbb7 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -6,7 +6,6 @@
   remote_user: ansible
   become: yes
   vars:
-    deb_release: "buster"
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
     wifi_passwd: "YOUR WIFI-PW HERE"
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index ae75af1..93aaea8 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -1,15 +1,15 @@
 - name: install extra packages from stable
   apt: name={{ extra_pkgs }} state=latest
 
-- name: add {{ deb_release }}-backports
+- name: add {{ ansible_distribution_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ deb_release }}-backports main
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
     state: present
     update_cache: yes
   when: extra_pkgs_bpo|length
 
 - name: install extra packages from backports
-  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ deb_release }}-backports
+  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ ansible_distribution_release }}-backports
   when: extra_pkgs_bpo|length
 
 ## Check which display manager is used:
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index f86861b..d779d09 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0 
+  when: ansible_domain | length == 0
 
 - name: preseed krb5-config realm
   debconf:
@@ -34,7 +34,21 @@
     state: latest
 
 ## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
-    
+
+- name: install extra packages from stable
+  apt: name={{ extra_pkgs }} state=latest
+
+- name: add {{ ansible_distribution_release }}-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
+    state: present
+    update_cache: yes
+  when: extra_pkgs_bpo|length
+
+- name: install extra packages from backports
+  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ ansible_distribution_release }}-backports
+  when: extra_pkgs_bpo|length
+
 - name: provide identities from directory
   template:
     src: sssd.conf.j2

From a0ee0fd90d3712ae2bdd10f65e2631f0bff08342 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 24 Nov 2019 20:53:54 +0100
Subject: [PATCH 047/504] Add firewalld rules to service roles.

---
 roles/krb5-kdc-ldap/tasks/main.yml           | 24 ++++++++++++++++++++
 roles/ldap/tasks/main.yml                    | 17 ++++++++++++--
 roles/nfs-server/tasks/main.yml              | 16 +++++++++++++
 roles/two-interface-firewalld/tasks/main.yml |  7 +++++-
 4 files changed, 61 insertions(+), 3 deletions(-)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 5252dc1..fc27565 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -177,3 +177,27 @@
   changed_when: kerberize_result.stderr is not search('already exists while creating')
   no_log: true
   when: foo_pwd is defined and foo_pwd | length > 0
+
+#############################
+
+- name: allow services in firewalld
+  firewalld:
+    zone: internal
+    service: "{{ item }}"
+    permanent: yes
+    state: enabled
+  with_items:
+    - kerberos
+    - kadmin
+    - kpasswd
+  when: not run_in_installer|default(false)|bool
+
+## Use firewall-offline-cmd when run during installation:
+
+- name: allow services in firewalld
+  command: >-
+    firewall-offline-cmd --zone=internal
+    --add-service=kerberos
+    --add-service=kadmin
+    --add-service=kpasswd
+  when: run_in_installer|default(false)|bool
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 6f290d3..c8564d4 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -116,5 +116,18 @@
     bind_pw: "{{ ldap_admin_pwd }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
-## ldapaddgroup tom
-## ldapadduser tom tom
+#############################
+
+- name: allow ldap service in firewalld
+  firewalld:
+    zone: internal
+    service: ldap
+    permanent: yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+## Use firewall-offline-cmd when run during installation:
+
+- name: allow ldap service in firewalld 
+  command: "firewall-offline-cmd --zone=internal --add-service=ldap"
+  when: run_in_installer|default(false)|bool
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 31c9036..2f5448f 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -75,3 +75,19 @@
     dest: /etc/dnsmasq.d/dhcp-send-domain
   notify: "restart dnsmasq"
   when: dnsmasq.stat.exists
+
+#############################
+
+- name: allow nfs service in firewalld
+  firewalld:
+    zone: internal
+    service: nfs
+    permanent: yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+## Use firewall-offline-cmd when run during installation:
+
+- name: allow nfs service in firewalld
+  command: "firewall-offline-cmd --zone=internal --add-service=nfs"
+  when: run_in_installer|default(false)|bool
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
index 4df3564..dd5a05e 100644
--- a/roles/two-interface-firewalld/tasks/main.yml
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -65,5 +65,10 @@
   when: run_in_installer|default(false)|bool
 
 - name: enable services
-  command: "firewall-offline-cmd --zone=internal --add-service=dhcp --add-service=dns --add-service=tftp --add-service=git"
+  command: >-
+    firewall-offline-cmd --zone=internal
+    --add-service=dhcp
+    --add-service=dns
+    --add-service=tftp
+    --add-service=git
   when: run_in_installer|default(false)|bool

From 284dadc2d3a76694b8475b3ab6669abbfa95faf0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 25 Nov 2019 18:26:21 +0100
Subject: [PATCH 048/504] Cleanup and restructuring.  Move pressed-installer
 tasks to other roles.

---
 README                                        |   5 +-
 installbox.yml                                |  27 ++--
 kerberox-client.yml                           |   2 +-
 kerberox.yml                                  |  22 ++-
 roles/apt-cacher/tasks/main.yml               |  13 ++
 roles/installbox2kiosk/tasks/main.yml         |  72 ---------
 roles/krb5-kdc-ldap/tasks/main.yml            |   2 +-
 roles/ldap/tasks/main.yml                     |   4 +-
 .../handlers/main.yml                         |   0
 roles/prepare4clients/tasks/main.yml          | 146 ++++++++++++++++++
 .../templates/git-repo.j2                     |   0
 roles/preseed-installer/tasks/main.yml        |  55 -------
 .../tftp-netboot-installer/defaults/main.yml  |   1 +
 roles/tftp-netboot-installer/tasks/main.yml   |  17 ++
 roles/two-interface-firewalld/tasks/main.yml  |   2 +-
 15 files changed, 214 insertions(+), 154 deletions(-)
 delete mode 100644 roles/installbox2kiosk/tasks/main.yml
 rename roles/{installbox2kiosk => prepare4clients}/handlers/main.yml (100%)
 create mode 100644 roles/prepare4clients/tasks/main.yml
 rename roles/{installbox2kiosk => prepare4clients}/templates/git-repo.j2 (100%)
 delete mode 100644 roles/preseed-installer/tasks/main.yml
 create mode 100644 roles/tftp-netboot-installer/defaults/main.yml

diff --git a/README b/README
index 2c60c4f..e13b926 100644
--- a/README
+++ b/README
@@ -41,9 +41,8 @@ Installbox
    - LAN interface not configured/managed
 
  • Customize installbox.yml:
-   - set if_lan (mandatory)
-   - modify deb_mirror
-   - enable installbox2kiosk task
+   - set if_lan if necessary
+   - enable/disable installbox2kiosk task
 
  • Run ansible:
      ssh-copy-id ansible@1.2.3.4
diff --git a/installbox.yml b/installbox.yml
index 850db30..a7418a0 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -1,28 +1,33 @@
 ---
-# This playbook deploys the installbox on a minimal installation.
+## This playbook deploys the installbox.  Add 'hostname=XXX' and
+## 'domain=YYY' to the installer boot parameters to set hostname and
+## domain.
 
 - name: apply configuration to the installbox
   hosts: all
   remote_user: ansible
   become: yes
+
   vars:
     ## This interface provides the default route:
     if_wan: "{{ ansible_default_ipv4.interface }}"
+
     ## Use the first remaining interface for the LAN:
     if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
-    ## Add 'hostname=XXX' to the installer boot parameters if necessary:
-    hostname: "{{ ansible_hostname }}"
+
+    ## LAN IP address range:
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
-    tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "deb.debian.org"
-    di_dist: "buster"
-    di_version: "10"
+
+    di_dist: "{{ ansible_distribution_release }}"
+    di_version: "{{ ansible_distribution_major_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+
     ansible_user: ansible
-    repo_dir: "/home/{{ ansible_user }}/kiosk"
-    ansible_python_interpreter: "/usr/bin/python3"  # needed for firewalld module
+    repo_dir: "/home/{{ ansible_user }}/debian-lan"
+    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
+
 
   pre_tasks:
     - name: validate if interfaces are available
@@ -30,11 +35,11 @@
         msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
       when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
 
+
   roles:
     - up2date-debian
     - two-interface-firewalld
     - dhcp-dns-dnsmasq
     - tftp-netboot-installer
-    - preseed-installer
     - apt-cacher
-    - installbox2kiosk
+    - prepare4clients
diff --git a/kerberox-client.yml b/kerberox-client.yml
index 3170e0e..e54b505 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -16,7 +16,7 @@
     - name: "kadmin_pwd"
       prompt: "Provide kadmin password to fetch kerberos keytab.\nLeave empty if done already"
       private: yes
-      
+
   roles:
     - up2date-debian
     - lan-client
diff --git a/kerberox.yml b/kerberox.yml
index 1c34282..764359f 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -1,46 +1,52 @@
 ---
-# This playbook deploys the kerberox server.
+## This playbook deploys the kerberox server.   Add 'hostname=XXX' and
+## 'domain=YYY' to the installer boot parameters to set hostname and domain.
 
-- name: apply configuration to the installbox
+- name: apply configuration to the kerberox server
   hosts: all
   remote_user: ansible
   become: yes
+
   vars:
     ## This interface provides the default route:
     if_wan: "{{ ansible_default_ipv4.interface }}"
+
     ## Use the first remaining interface for the LAN:
     if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
-    ## Add 'hostname=XXX' to the installer boot parameters if necessary:
-    hostname: "{{ ansible_hostname }}"
+
+    ## LAN IP address range:
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
-    tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "deb.debian.org"
+
     di_dist: "{{ ansible_distribution_release }}"
-    di_version: "{{ ansible_distribution_version }}"
+    di_version: "{{ ansible_distribution_major_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+
     ansible_user: ansible
     repo_dir: "/home/{{ ansible_user }}/debian-lan"
     ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
 
+
   vars_prompt:
     - name: "foo_pwd"
       prompt: "Provide a non-empty password for the test user 'foo'.\nLeave empty to continue without test user"
       private: yes
 
+
   pre_tasks:
     - name: validate if interfaces are available
       fail:
         msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
       when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
 
+
   roles:
     - up2date-debian
     - two-interface-firewalld
     - dhcp-dns-dnsmasq
     - tftp-netboot-installer
-    - preseed-installer
     - apt-cacher
     - krb5-kdc-ldap
     - nfs-server
+    - prepare4clients
diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index c54a3a9..bb9cc51 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -9,5 +9,18 @@
     dest: /etc/apt/apt.conf
     backup: yes
   notify: "start apt-cacher-ng"
+  when: not run_in_installer|default(false)|bool  ## do not enable apt-cacher during installation
+
+
+- name: check if preseeded installer is available
+  stat: path={{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg
+  register: preseedcfg
+
+- name: enable apt-cacher-ng for install-clients
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(d-i mirror/http/proxy string.*)$'
+    replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
+  when: preseedcfg.stat.exists
 
 - meta: flush_handlers
diff --git a/roles/installbox2kiosk/tasks/main.yml b/roles/installbox2kiosk/tasks/main.yml
deleted file mode 100644
index 6fe4f00..0000000
--- a/roles/installbox2kiosk/tasks/main.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-- name: generate ssh key
-  command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
-  args:
-    creates: "/home/{{ ansible_user }}/.ssh/id_rsa"
-    warn: False
-
-- name: slurp public key
-  slurp:
-    src: "/home/{{ ansible_user }}/.ssh/id_rsa.pub"
-  register: sshpubkey
-
-# The following seems to be necessary to get rid of a newline:
-- set_fact:
-    sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
-
-- name: set debian mirror in preseed file
-  when: deb_mirror != "deb.debian.org"
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(d-i mirror/http/hostname string deb.debian.org)$'
-    replace: '#\1\nd-i mirror/http/hostname string {{ deb_mirror }}'
-
-- name: enable backports in preseed file
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^#(apt-setup-udeb.*)$'
-    replace: '\1'
-
-- name: preseed client - add firmware-linux, ansible and git
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(d-i pkgsel/include string firmware-linux)$'
-    replace: '#\1\nd-i pkgsel/include string firmware-linux ansible git'
-
-- name: insert start of managed block
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(### This command is run just before the install finishes:)'
-    replace: '#\1\n# BEGIN ANSIBLE MANAGED BLOCK preseed/late_command'
-
-- name: insert end of managed block
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(## When installing.*)'
-    replace: '# END ANSIBLE MANAGED BLOCK preseed/late_command\n#\1'
-
-- name: insert block
-  blockinfile:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    insertafter: "^### This command is run just before the install finishes:"
-    block: |
-      d-i preseed/late_command string \
-      mkdir -p /target/home/ansible/.ssh && \
-      echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
-      in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
-      in-target chmod -R og= /home/ansible/.ssh/ ; \
-      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
-                             -i localhost, --url=git://{{ hostname }}/.git $playbook
-    marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
-
-- name: provide git repo if not available already
-  git:
-    repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
-    dest: "{{ repo_dir }}"
-    update: no
-  become_user: "ansible"
-
-- name: start git-repo
-  template:
-    src: git-repo.j2
-    dest: "/etc/systemd/system/git-repo.service"
-  notify: start git-repo
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index fc27565..59d289f 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -4,7 +4,7 @@
 - fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
-- name: check if slapd is already there
+- name: check if krb5kdc is already there
   stat: path=/usr/sbin/krb5kdc
   register: krb5kdc
 
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index c8564d4..131e8c9 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -53,7 +53,7 @@
     src: slapd-config.ldif
     dest: /etc/ldap/slapd.d/slapd-config.ldif
   when: not slapd.stat.exists
-
+  
 - name: activate ppolicy schema
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
   when: not slapd.stat.exists
@@ -128,6 +128,6 @@
 
 ## Use firewall-offline-cmd when run during installation:
 
-- name: allow ldap service in firewalld 
+- name: allow ldap service in firewalld
   command: "firewall-offline-cmd --zone=internal --add-service=ldap"
   when: run_in_installer|default(false)|bool
diff --git a/roles/installbox2kiosk/handlers/main.yml b/roles/prepare4clients/handlers/main.yml
similarity index 100%
rename from roles/installbox2kiosk/handlers/main.yml
rename to roles/prepare4clients/handlers/main.yml
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
new file mode 100644
index 0000000..4ae6d3f
--- /dev/null
+++ b/roles/prepare4clients/tasks/main.yml
@@ -0,0 +1,146 @@
+- name: generate ssh key
+  command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
+  args:
+    creates: "/home/{{ ansible_user }}/.ssh/id_rsa"
+    warn: False
+
+- name: slurp public key
+  slurp:
+    src: "/home/{{ ansible_user }}/.ssh/id_rsa.pub"
+  register: sshpubkey
+
+# The following seems to be necessary to get rid of a newline:
+- set_fact:
+    sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
+
+- name: enable backports in preseed file
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^#(apt-setup-udeb.*)$'
+    replace: '\1'
+
+- name: preseed client - add firmware-linux, ansible and git
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(d-i pkgsel/include string firmware-linux)$'
+    replace: '#\1\nd-i pkgsel/include string firmware-linux ansible git'
+
+- name: insert start of managed block
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(### This command is run just before the install finishes:)'
+    replace: '#\1\n# BEGIN ANSIBLE MANAGED BLOCK preseed/late_command'
+
+- name: insert end of managed block
+  replace:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    regexp: '^(## When installing.*)'
+    replace: '# END ANSIBLE MANAGED BLOCK preseed/late_command\n#\1'
+
+- name: insert block
+  blockinfile:
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
+    insertafter: "^### This command is run just before the install finishes:"
+    block: |
+      d-i preseed/late_command string \
+      mkdir -p /target/home/ansible/.ssh && \
+      echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
+      in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
+      in-target chmod -R og= /home/ansible/.ssh/ ; \
+      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
+                             -i localhost, --url=git://{{ ansible_hostname }}/.git $playbook
+    marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
+
+- name: add kiosk auto pxe boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/pxelinux.HEAD
+    insertbefore: EOF
+    block: |
+      TIMEOUT 100
+      # Use a temporary package cache during installation, install etckeeper.
+      LABEL tmp pkg cache
+         MENU LABEL Debian stable (amd64) + temporary package cache
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
+
+      LABEL autoinstall
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kiosk.yml
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+
+         #LABEL daily
+         #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
+         #kernel ::/d-i/n-a/daily/amd64/linux
+         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+    marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
+  notify: "rebuild di-netboot-assistant menu"
+
+- name: add kiosk auto efi boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: EOF
+    block: |
+      # Use a temporary package cache during installation, install etckeeper.
+      menuentry 'Debian stable (amd64) + temporary package cache' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+
+      #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
+      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+      #   initrd  /d-i/n-a/daily/amd64/initrd.gz
+      #}
+    marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
+  notify: "rebuild di-netboot-assistant menu"
+
+########  kerberox-client #######
+
+- name: check if we opereate on kerberox
+  stat: path=/usr/sbin/krb5kdc
+  register: krb5kdc
+
+- name: add kerberox-client auto pxe boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/pxelinux.HEAD
+    insertbefore: EOF
+    block: |
+      LABEL autoinstall
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
+    marker: "# {mark} ANSIBLE MANAGED BLOCK kerberox-client"
+  notify: "rebuild di-netboot-assistant menu"
+  when: krb5kdc.stat.exists
+
+- name: add kerberox-client auto efi boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: EOF
+    block: |
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+    marker: "# {mark} ANSIBLE MANAGED BLOCK kerberox-client"
+  notify: "rebuild di-netboot-assistant menu"
+  when: krb5kdc.stat.exists
+
+######################
+
+- name: provide git repo if not available already
+  git:
+    repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
+    dest: "{{ repo_dir }}"
+    update: no
+  become_user: "ansible"
+
+- name: start git-repo
+  template:
+    src: git-repo.j2
+    dest: "/etc/systemd/system/git-repo.service"
+  notify: start git-repo
diff --git a/roles/installbox2kiosk/templates/git-repo.j2 b/roles/prepare4clients/templates/git-repo.j2
similarity index 100%
rename from roles/installbox2kiosk/templates/git-repo.j2
rename to roles/prepare4clients/templates/git-repo.j2
diff --git a/roles/preseed-installer/tasks/main.yml b/roles/preseed-installer/tasks/main.yml
deleted file mode 100644
index 8435208..0000000
--- a/roles/preseed-installer/tasks/main.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-- name: make preseed directory available
-  file:
-    path: "{{ tftp_root }}/d-i/{{ di_dist }}"
-    state: directory
-
-- name: provide preseed file
-  copy:
-    src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
-    force: no
-
-- name: enable apt-cacher-ng for install-clients
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(d-i mirror/http/proxy string.*)$'
-    replace: 'd-i mirror/http/proxy string http://{{ hostname }}:3142/'
-    
-- name: make the hostname resolvable from the LAN
-  replace:
-    path: /etc/hosts
-    regexp: '^(127\.0\.1\.1.*)$'
-    replace: '#\1\n{{ ipaddr_lan }}	{{ hostname }}'
-
-- name: add auto pxe boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/pxelinux.HEAD
-    insertbefore: EOF
-    block: |
-      TIMEOUT 100
-      LABEL autoinstall
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kiosk.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
-
-         #LABEL daily
-         #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
-         #kernel ::/d-i/n-a/daily/amd64/linux
-         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
-  notify: "rebuild di-netboot-assistant menu"
-
-- name: add auto efi boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: EOF
-    block: |
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
-      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical url=tftp://{{ hostname }} playbook=kiosk.yml ---
-      #   initrd  /d-i/n-a/daily/amd64/initrd.gz
-      #}
-  notify: "rebuild di-netboot-assistant menu"
diff --git a/roles/tftp-netboot-installer/defaults/main.yml b/roles/tftp-netboot-installer/defaults/main.yml
new file mode 100644
index 0000000..2b791ea
--- /dev/null
+++ b/roles/tftp-netboot-installer/defaults/main.yml
@@ -0,0 +1 @@
+tftp_root: "/var/lib/tftpboot"
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/tftp-netboot-installer/tasks/main.yml
index 31df608..a70a711 100644
--- a/roles/tftp-netboot-installer/tasks/main.yml
+++ b/roles/tftp-netboot-installer/tasks/main.yml
@@ -1,3 +1,8 @@
+- name: make preseed directory available
+  file:
+    path: "{{ tftp_root }}/d-i/{{ di_dist }}"
+    state: directory
+
 - name: install di-netboot-assistant and installer package
   apt:
     name:
@@ -7,6 +12,12 @@
     - bind mount images
     - rebuild di-netboot-assistant menu
 
+- name: provide preseed file
+  copy:
+    src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
+    dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
+    force: no
+
 - name: configure dnsmasq
   template:
     src: dnsmasq-tftp-netboot-installer.j2
@@ -14,3 +25,9 @@
   notify:
     - restart dnsmasq
     - rebuild di-netboot-assistant menu
+
+- name: make the hostname resolvable from the LAN
+  replace:
+    path: /etc/hosts
+    regexp: '^(127\.0\.1\.1.*)$'
+    replace: '#\1\n{{ ipaddr_lan }}	{{ ansible_hostname }}.{{ ansible_domain }}	{{ ansible_hostname }}'
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
index dd5a05e..d61dc39 100644
--- a/roles/two-interface-firewalld/tasks/main.yml
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -24,7 +24,7 @@
 - name: enable masquerading
   firewalld:
     zone: public
-    masquerade: yes
+    masquerade: 'yes'
     permanent: yes
     state: enabled
   when: not run_in_installer|default(false)|bool

From 954ac5b0e687fa01f912cfdd33791a3ab5fd79f3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 26 Nov 2019 18:52:43 +0100
Subject: [PATCH 049/504] Do not deploy LDAP and KDC during installation as it
 adds too much complexity.

---
 kerberox.yml                       |  4 ++--
 roles/krb5-kdc-ldap/tasks/main.yml | 29 +++++++++--------------------
 roles/ldap/tasks/main.yml          | 13 ++-----------
 roles/nfs-server/tasks/main.yml    | 11 +----------
 4 files changed, 14 insertions(+), 43 deletions(-)

diff --git a/kerberox.yml b/kerberox.yml
index 764359f..edafcba 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -47,6 +47,6 @@
     - dhcp-dns-dnsmasq
     - tftp-netboot-installer
     - apt-cacher
-    - krb5-kdc-ldap
-    - nfs-server
+    - { role: krb5-kdc-ldap, when: not run_in_installer|default(false)|bool }
+    - { role: nfs-server, when: not run_in_installer|default(false)|bool }
     - prepare4clients
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 59d289f..72322f4 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -36,7 +36,8 @@
 
 - name: prepare kerberos.openldap.ldif
   shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
-  when: not krb5kdc.stat.exists
+  args:
+    creates: /etc/ldap/schema/kerberos.openldap.ldif
 
 - name: activate kerberos.openldap.ldif schema
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/kerberos.openldap.ldif
@@ -48,7 +49,6 @@
     objectClass: krbContainer
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
-  when: not krb5kdc.stat.exists
 
 - name: make sure we have a kdc object
   ldap_entry:
@@ -60,7 +60,6 @@
       userPassword: "{{ kdc_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
-  when: not krb5kdc.stat.exists
 
 - name: make sure we have a kadmin object
   ldap_entry:
@@ -72,7 +71,6 @@
       userPassword: "{{ kadmin_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd }}"
-  when: not krb5kdc.stat.exists
 
 - name: modify ACLs to account for KDC
   ldap_attr:
@@ -110,7 +108,13 @@
   ldap_attr:
     dn: "olcDatabase={1}mdb,cn=config"
     name: olcDbIndex
-    values: krbPrincipalName pres,sub,eq
+    values:
+      - objectClass eq
+      - cn,uid eq
+      - uidNumber,gidNumber eq
+      - member,memberUid eq
+      - krbPrincipalName pres,sub,eq
+    state: exact
   when: not krb5kdc.stat.exists
 
 - name: prepare password for kdc
@@ -169,8 +173,6 @@
     - ldap
   when: not krb5kdc.stat.exists
 
-##############
-
 - name: kerberize dummy user foo
   command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
   register: kerberize_result
@@ -178,8 +180,6 @@
   no_log: true
   when: foo_pwd is defined and foo_pwd | length > 0
 
-#############################
-
 - name: allow services in firewalld
   firewalld:
     zone: internal
@@ -190,14 +190,3 @@
     - kerberos
     - kadmin
     - kpasswd
-  when: not run_in_installer|default(false)|bool
-
-## Use firewall-offline-cmd when run during installation:
-
-- name: allow services in firewalld
-  command: >-
-    firewall-offline-cmd --zone=internal
-    --add-service=kerberos
-    --add-service=kadmin
-    --add-service=kpasswd
-  when: run_in_installer|default(false)|bool
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 131e8c9..eeb7b97 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -5,7 +5,7 @@
   when: ansible_domain | length == 0
 
 - name: check if slapd is already there
-  stat: path=/usr/sbin/slapd
+  stat: path=/etc/ldap/slapd.d/slapd-config.ldif
   register: slapd
 
 - name: preseed ldap domain
@@ -53,7 +53,7 @@
     src: slapd-config.ldif
     dest: /etc/ldap/slapd.d/slapd-config.ldif
   when: not slapd.stat.exists
-  
+
 - name: activate ppolicy schema
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
   when: not slapd.stat.exists
@@ -116,18 +116,9 @@
     bind_pw: "{{ ldap_admin_pwd }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
-#############################
-
 - name: allow ldap service in firewalld
   firewalld:
     zone: internal
     service: ldap
     permanent: yes
     state: enabled
-  when: not run_in_installer|default(false)|bool
-
-## Use firewall-offline-cmd when run during installation:
-
-- name: allow ldap service in firewalld
-  command: "firewall-offline-cmd --zone=internal --add-service=ldap"
-  when: run_in_installer|default(false)|bool
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 2f5448f..d54fdbe 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -60,7 +60,7 @@
   when: kadmin.stat.exists
 
 - name: copy home from /etc/skel for dummy user foo
-  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R foo:foo {{ lan_homes }}/foo
+  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R 10000:10000 {{ lan_homes }}/foo
   args:
     creates: "{{ lan_homes }}/foo"
   when: foo_pwd is defined and foo_pwd | length > 0
@@ -76,18 +76,9 @@
   notify: "restart dnsmasq"
   when: dnsmasq.stat.exists
 
-#############################
-
 - name: allow nfs service in firewalld
   firewalld:
     zone: internal
     service: nfs
     permanent: yes
     state: enabled
-  when: not run_in_installer|default(false)|bool
-
-## Use firewall-offline-cmd when run during installation:
-
-- name: allow nfs service in firewalld
-  command: "firewall-offline-cmd --zone=internal --add-service=nfs"
-  when: run_in_installer|default(false)|bool

From 1686bf44e7f72b0a0169ba8714b065d50d60a998 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 27 Nov 2019 17:43:58 +0100
Subject: [PATCH 050/504] Improved password management.  Make sure the saved
 password is used after first setup.

---
 kerberox.yml                       |  5 ++++-
 roles/krb5-kdc-ldap/tasks/main.yml |  8 ++++----
 roles/ldap/tasks/main.yml          | 17 +++++++++++------
 3 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/kerberox.yml b/kerberox.yml
index edafcba..931652d 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -30,7 +30,10 @@
 
   vars_prompt:
     - name: "foo_pwd"
-      prompt: "Provide a non-empty password for the test user 'foo'.\nLeave empty to continue without test user"
+      prompt:
+        In case you would like to prepare a test user 'foo' and have
+        not done so yet, provide foo's password here.  Leave empty to
+        just continue
       private: yes
 
 
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 72322f4..2d6e922 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -48,7 +48,7 @@
     dn: "cn=kerberos,{{ basedn }}"
     objectClass: krbContainer
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: make sure we have a kdc object
   ldap_entry:
@@ -59,7 +59,7 @@
     attributes:
       userPassword: "{{ kdc_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: make sure we have a kadmin object
   ldap_entry:
@@ -70,7 +70,7 @@
     attributes:
       userPassword: "{{ kadmin_service_pwd }}"
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: modify ACLs to account for KDC
   ldap_attr:
@@ -137,7 +137,7 @@
     >-
       kdb5_ldap_util
       -D cn=admin,"{{ basedn }}"
-      -w "{{ ldap_admin_pwd }}"
+      -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
       -H ldapi:///
       create -s -subtrees "{{ basedn }}"
       -P "{{ kdc_master_pwd }}"
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index eeb7b97..8a7cda1 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -62,8 +62,13 @@
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
   when: not slapd.stat.exists
 
-
 #######################################################################################
+## Use the admin password saved to file from now on (available also after installation):
+- name: slurp admin password
+  slurp:
+    src: "{{ ldap_admin_pwd_file }}"
+  register: ldap_admin_pwd
+  no_log: true
 
 ## Prepare user directories
 - name: make sure we have a people entry for users
@@ -71,19 +76,19 @@
     dn: "ou=people,{{ basedn }}"
     objectClass: organizationalUnit
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: make sure we have a group entry for users
   ldap_entry:
     dn: "ou=groups,{{ basedn }}"
     objectClass: organizationalUnit
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: provide simple script to add/delete users
   template:
     src: debian-lan.j2
-    dest: /usr/local/sbin/debian-lan
+    dest: /usr/local/bin/debian-lan
     mode: 0744
 
 ## Add user
@@ -102,7 +107,7 @@
       homeDirectory: "{{ lan_homes }}/foo"
       loginShell: /bin/bash
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
 - name: add dummy group foo
@@ -113,7 +118,7 @@
     attributes:
       gidNumber: 10000
     bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
 - name: allow ldap service in firewalld

From 9d9da31649f20536de153f5a4c94f965895f69b1 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 27 Nov 2019 18:31:52 +0100
Subject: [PATCH 051/504] Allow apt-cacher-ng in firewalld.

---
 roles/apt-cacher/tasks/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index bb9cc51..128d1fd 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -23,4 +23,11 @@
     replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
   when: preseedcfg.stat.exists
 
+- name: allow apt-cacher-ng service in firewalld
+  firewalld:
+    zone: internal
+    port: 3142/tcp
+    permanent: yes
+    state: enabled
+
 - meta: flush_handlers

From 7f49b191ac065e08ff99aa8f6dc2ea61ff8dc0a3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 27 Nov 2019 20:21:09 +0100
Subject: [PATCH 052/504] Make 'ldap', 'kerberos' and 'nfs' hostname aliases.

---
 roles/krb5-kdc-ldap/tasks/main.yml | 9 +++++++++
 roles/lan-client/handlers/main.yml | 1 +
 roles/ldap/tasks/main.yml          | 7 +++++++
 roles/nfs-server/tasks/main.yml    | 9 ++++++++-
 4 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 2d6e922..104f694 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -173,6 +173,15 @@
     - ldap
   when: not krb5kdc.stat.exists
 
+- name: "make 'kerberos' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	kerberos'
+  when: not krb5kdc.stat.exists
+
+########################
+
 - name: kerberize dummy user foo
   command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
   register: kerberize_result
diff --git a/roles/lan-client/handlers/main.yml b/roles/lan-client/handlers/main.yml
index ec16fb7..66f15d5 100644
--- a/roles/lan-client/handlers/main.yml
+++ b/roles/lan-client/handlers/main.yml
@@ -10,5 +10,6 @@
 - name: restart rpc-gssd
   systemd:
     name: rpc-gssd
+    daemon_reload: yes
     state: restarted
   notify: "restart rpc-gssd"
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 8a7cda1..b0d4ed4 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -62,6 +62,13 @@
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
   when: not slapd.stat.exists
 
+- name: "make 'ldap' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	ldap'
+  when: not slapd.stat.exists
+
 #######################################################################################
 ## Use the admin password saved to file from now on (available also after installation):
 - name: slurp admin password
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index d54fdbe..400a49f 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -3,7 +3,7 @@
 - fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
-- name: check if there are installing
+- name: check if we are installing
   stat: path=/etc/exports
   register: exports
 
@@ -29,6 +29,13 @@
       {{ export_root }}/home/   *(sec=krb5p,rw,no_subtree_check)
   notify: "restart nfs-kernel-server"
 
+- name: "make 'nfs' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	nfs'
+  when: not exports.stat.exists
+
 - name: check if there is a local kadmin
   stat: path=/usr/sbin/kadmin.local
   register: kadmin

From 3670bf65974aad16e6cc83138a222001633c0e39 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 27 Nov 2019 20:45:27 +0100
Subject: [PATCH 053/504] Provide keytab before touching home directories to
 avoid lock.

---
 kerberox-client.yml             | 2 +-
 roles/lan-client/tasks/main.yml | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/kerberox-client.yml b/kerberox-client.yml
index e54b505..7fceaf7 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -21,5 +21,5 @@
     - up2date-debian
     - lan-client
     ## Choose either gnome or KDE:
-    - gnome
+    #- gnome
     #- kde
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index d779d09..f4d7afb 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -56,9 +56,6 @@
     mode: 0600
   notify: restart sssd
 
-- name: make sure the home mount directory exists
-  file: path={{ lan_homes }} state=directory recurse=yes
-
 
 ## Activate machine after installation:
 - name: create machine principal
@@ -76,6 +73,10 @@
   notify: "restart rpc-gssd"
   when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
 
+
+- name: make sure the home mount directory exists
+  file: path={{ lan_homes }} state=directory recurse=yes
+
 - name: automount
   lineinfile:
     dest: /etc/fstab

From 2ff1354fe324fed36aaf1f5366cd7fb2273c0ede Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 28 Nov 2019 16:34:37 +0100
Subject: [PATCH 054/504] Implement better IP address/network notation.

---
 installbox.yml                                              | 2 +-
 kerberox.yml                                                | 2 +-
 roles/krb5-kdc-ldap/tasks/main.yml                          | 2 +-
 roles/ldap/tasks/main.yml                                   | 2 +-
 roles/nfs-server/tasks/main.yml                             | 6 +++---
 roles/tftp-netboot-installer/tasks/main.yml                 | 2 +-
 .../two-interface-firewalld/templates/interfaces-static.j2  | 2 +-
 .../two-interface-shorewall/templates/interfaces-static.j2  | 1 -
 8 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index a7418a0..7f64372 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -16,7 +16,7 @@
     if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
 
     ## LAN IP address range:
-    ipaddr_lan: 192.168.0.10
+    ipaddr_lan: 192.168.0.10/24
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
 
diff --git a/kerberox.yml b/kerberox.yml
index 931652d..d45c1c2 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -15,7 +15,7 @@
     if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
 
     ## LAN IP address range:
-    ipaddr_lan: 192.168.0.10
+    ipaddr_lan: 192.168.0.10/24
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
 
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 104f694..beeb4ac 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -176,7 +176,7 @@
 - name: "make 'kerberos' an alias hostname resolvable from the LAN"
   replace:
     path: /etc/hosts
-    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
     replace: '\1	kerberos'
   when: not krb5kdc.stat.exists
 
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index b0d4ed4..15e0665 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -65,7 +65,7 @@
 - name: "make 'ldap' an alias hostname resolvable from the LAN"
   replace:
     path: /etc/hosts
-    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
     replace: '\1	ldap'
   when: not slapd.stat.exists
 
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 400a49f..845944b 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -25,14 +25,14 @@
     dest: /etc/exports
     insertbefore: EOF
     block: |
-      {{ export_root }}         *(sec=krb5p,rw,fsid=0,crossmnt,no_subtree_check)
-      {{ export_root }}/home/   *(sec=krb5p,rw,no_subtree_check)
+      {{ export_root }}         {{ ipaddr_lan | ipaddr('subnet') }}(sec=krb5p,rw,fsid=0,crossmnt,no_subtree_check)
+      {{ export_root }}/home/   {{ ipaddr_lan | ipaddr('subnet') }}(sec=krb5p,rw,no_subtree_check)
   notify: "restart nfs-kernel-server"
 
 - name: "make 'nfs' an alias hostname resolvable from the LAN"
   replace:
     path: /etc/hosts
-    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
     replace: '\1	nfs'
   when: not exports.stat.exists
 
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/tftp-netboot-installer/tasks/main.yml
index a70a711..f6daa83 100644
--- a/roles/tftp-netboot-installer/tasks/main.yml
+++ b/roles/tftp-netboot-installer/tasks/main.yml
@@ -30,4 +30,4 @@
   replace:
     path: /etc/hosts
     regexp: '^(127\.0\.1\.1.*)$'
-    replace: '#\1\n{{ ipaddr_lan }}	{{ ansible_hostname }}.{{ ansible_domain }}	{{ ansible_hostname }}'
+    replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }}	{{ ansible_hostname }}.{{ ansible_domain }}	{{ ansible_hostname }}'
diff --git a/roles/two-interface-firewalld/templates/interfaces-static.j2 b/roles/two-interface-firewalld/templates/interfaces-static.j2
index c9fe71c..9724fa4 100644
--- a/roles/two-interface-firewalld/templates/interfaces-static.j2
+++ b/roles/two-interface-firewalld/templates/interfaces-static.j2
@@ -1,4 +1,4 @@
 auto {{ if_lan }}
 allow-hotplug {{ if_lan }}
 iface {{ if_lan }} inet static
-  address {{ ipaddr_lan }}/24
+  address {{ ipaddr_lan }}
diff --git a/roles/two-interface-shorewall/templates/interfaces-static.j2 b/roles/two-interface-shorewall/templates/interfaces-static.j2
index 6c0fd53..9724fa4 100644
--- a/roles/two-interface-shorewall/templates/interfaces-static.j2
+++ b/roles/two-interface-shorewall/templates/interfaces-static.j2
@@ -2,4 +2,3 @@ auto {{ if_lan }}
 allow-hotplug {{ if_lan }}
 iface {{ if_lan }} inet static
   address {{ ipaddr_lan }}
-  netmask 255.255.255.0

From 3b3303e96d515e5af809c0a4d3e2c8f619a56a7d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 28 Nov 2019 17:37:19 +0100
Subject: [PATCH 055/504] Kerberize LDAP access.

---
 roles/krb5-kdc-ldap/tasks/main.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index beeb4ac..13c9002 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -117,6 +117,15 @@
     state: exact
   when: not krb5kdc.stat.exists
 
+- name: add AuthzRegexp to map access via kerberos/GSSAPI
+  ldap_attr:
+    dn: "cn=config"
+    name: olcAuthzRegexp
+    values:
+      - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
+      - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
+    state: exact
+
 - name: prepare password for kdc
   shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
   no_log: true
@@ -173,6 +182,13 @@
     - ldap
   when: not krb5kdc.stat.exists
 
+- name: allow slapd to read the keytab
+  file:
+    path: /etc/krb5.keytab
+    owner: root
+    group: openldap
+    mode: '0640'
+
 - name: "make 'kerberos' an alias hostname resolvable from the LAN"
   replace:
     path: /etc/hosts

From be829760c6d145b7733b2a868861a36a9640ecda Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 29 Nov 2019 14:38:07 +0100
Subject: [PATCH 056/504] Improved DHCP configuration, no static IP addresses.

---
 installbox.yml                                   |  3 +--
 kerberox.yml                                     |  3 +--
 roles/dhcp-dns-dnsmasq/tasks/main.yml            | 12 +++---------
 roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2 |  1 +
 4 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 7f64372..48e5d9f 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,8 +17,7 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    dhcp_range: 192.168.0.50,192.168.0.150,2h
-    dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
+    dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"
diff --git a/kerberox.yml b/kerberox.yml
index d45c1c2..c1594ca 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -16,8 +16,7 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    dhcp_range: 192.168.0.50,192.168.0.150,2h
-    dhcp_list: "{{ lookup('sequence', 'start=50 end=150 format=192.168.0.%d', wantlist=True) }}"
+    dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dhcp-dns-dnsmasq/tasks/main.yml
index d0e4bf6..48bae66 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dhcp-dns-dnsmasq/tasks/main.yml
@@ -4,17 +4,11 @@
 
 - name: install dnsmasq package
   apt:
-    name: dnsmasq
+    name:
+      - dnsmasq
+      - resolvconf
     state: latest
 
-- name: add client hostnames and IP addresses to /etc/hosts
-  lineinfile:
-    dest: /etc/hosts
-    line: "{{ item.1 }}\t{{ 'debian%03d' | format(item.0) }}"
-  with_indexed_items: "{{ dhcp_list }}"
-  notify: "restart dnsmasq"
-  when: not dnsmasq.stat.exists
-
 - name: configure dnsmasq
   template:
     src: dnsmasq-dhcp.j2
diff --git a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2 b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
index a6ca62b..61f82c2 100644
--- a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
+++ b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
@@ -1,2 +1,3 @@
 interface={{ if_lan }}
 dhcp-range={{ dhcp_range }}
+dhcp-generate-names

From 61e4b1d852f7e7667231b093c555d4af8d490ff2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 29 Nov 2019 15:47:45 +0100
Subject: [PATCH 057/504] Add kerberize role (providing kerberized ssh so far).

---
 kerberox-client.yml               |  1 +
 kerberox.yml                      |  1 +
 roles/kerberize/handlers/main.yml |  5 +++++
 roles/kerberize/tasks/main.yml    | 18 ++++++++++++++++++
 roles/lan-client/tasks/main.yml   | 22 ++++++++++++++++------
 5 files changed, 41 insertions(+), 6 deletions(-)
 create mode 100644 roles/kerberize/handlers/main.yml
 create mode 100644 roles/kerberize/tasks/main.yml

diff --git a/kerberox-client.yml b/kerberox-client.yml
index 7fceaf7..201d5d5 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -20,6 +20,7 @@
   roles:
     - up2date-debian
     - lan-client
+    - kerberize
     ## Choose either gnome or KDE:
     #- gnome
     #- kde
diff --git a/kerberox.yml b/kerberox.yml
index c1594ca..2335fcf 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -52,3 +52,4 @@
     - { role: krb5-kdc-ldap, when: not run_in_installer|default(false)|bool }
     - { role: nfs-server, when: not run_in_installer|default(false)|bool }
     - prepare4clients
+    - kerberize
diff --git a/roles/kerberize/handlers/main.yml b/roles/kerberize/handlers/main.yml
new file mode 100644
index 0000000..9adbeaa
--- /dev/null
+++ b/roles/kerberize/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: reload sshd
+  systemd:
+    name: sshd
+    state: reloaded
+  notify: "reload sshd"
diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
new file mode 100644
index 0000000..6fcecc2
--- /dev/null
+++ b/roles/kerberize/tasks/main.yml
@@ -0,0 +1,18 @@
+- name: kerberize sshd server
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    line: "GSSAPIAuthentication yes"
+    insertafter: "#GSSAPIAuthentication no"
+  notify: "reload sshd"
+
+- name: kerberize ssh client, authenticate
+  lineinfile:
+    dest: /etc/ssh/ssh_config
+    line: "GSSAPIAuthentication yes"
+    insertafter: "#   GSSAPIAuthentication no"
+
+- name: kerberize ssh client, delegate credentials
+  lineinfile:
+    dest: /etc/ssh/ssh_config
+    line: "GSSAPIDelegateCredentials yes"
+    insertafter: "#   GSSAPIDelegateCredentials no"
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index f4d7afb..6882fa9 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -56,19 +56,29 @@
     mode: 0600
   notify: restart sssd
 
-
 ## Activate machine after installation:
-- name: create machine principal
-  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+- name: create machine principals
+  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
   register: kerberize_result
+  with_items:
+    - nfs
+    - host
   changed_when: kerberize_result.stderr is not search('already exists while creating')
   no_log: true
   when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
 
-- name: add principal to keytab
-  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
+- name: remove old keytab
+  file:
+    path: /etc/krb5.keytab
+    state: absent
+  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
+
+- name: add principals to keytab
+  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
+  with_items:
+    - nfs
+    - host
   args:
-    creates: /etc/krb5.keytab
   no_log: true
   notify: "restart rpc-gssd"
   when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0

From 6b3c2f0e0ff98111ed7f8ab78dc62b684af5c13f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 30 Nov 2019 09:56:40 +0100
Subject: [PATCH 058/504] Add commands: Option to remove machine principals,
 start ldapvi.

---
 roles/ldap/templates/debian-lan.j2 | 76 +++++++++++++++++++-----------
 1 file changed, 49 insertions(+), 27 deletions(-)

diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index e17404f..54222ba 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -7,12 +7,14 @@ set -eu
 
 usage(){
     cat <<EOF
-Usage: 
+Usage:
          $(basename $0)  adduser  <uid>  <password>  [<cn>] [<sn>]
          $(basename $0)  deluser  <uid>
+         $(basename $0)  delhost  <hostname>
+         $(basename $0)  ldapvi
 
      <uid>:        User ID (login name)
-     <password>:   Password 
+     <password>:   Password
      <cn>, <sn>:   LDAP attributes, if omitted, <uid> is used.
 
 EOF
@@ -20,9 +22,17 @@ EOF
 
 #sss_cache -U -G  ## should not be necessary
 
+BASEDN="{{ basedn }}"
+LDAPADMIN="cn=admin,$BASEDN"
+ADPASSWD="$(cat {{ ldap_admin_pwd_file }})"
+
 if [ $# -lt 2 ] ; then
-    usage
-    exit 1
+    if [ "$1" = ldapvi ] ; then
+        exec ldapvi -h ldapi:/// -D "$LDAPADMIN"  -b "$BASEDN" -w "$ADPASSWD"
+    else
+        usage
+        exit 1
+    fi
 elif [ $1 = adduser -a $# -lt 3 ] ; then
     echo "Error: Password missing."
     usage
@@ -31,16 +41,14 @@ fi
 
 MINID=10000
 MAXID=20000
-BASEDN="{{ basedn }}"
 HOMES="{{ lan_homes }}"
-LDAPADMIN="cn=admin,$BASEDN"
-ADPASSWD="$(cat {{ ldap_admin_pwd_file }})"
 
 COMMAND="$1"
-uid="$2"
+id="$2"
 pw="${3:-""}"
 cn="${4:-$2}"
 sn="${5:-$2}"
+domain="$(hostname -d)"
 
 if [ -x /usr/sbin/kadmin.local ] ; then
     KRB5=true
@@ -67,26 +75,26 @@ nextnum(){
 add-user(){
     uidNumber=$(nextnum uidNumber)
     gidNumber=$(nextnum gidNumber)
-    
+
     if [ $uidNumber -ge $MAXID -o $gidNumber -ge $MAXID ] ; then
         echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
         exit 1
     fi
-    
+
     cat <<EOF | ldapadd -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
 ############## LDIF ##############
-dn: uid=${uid},ou=people,$BASEDN
+dn: uid=${id},ou=people,$BASEDN
 objectClass: inetOrgPerson
 objectClass: posixAccount
 uidNumber: ${uidNumber}
 gidNumber: ${gidNumber}
-homeDirectory: ${HOMES}/${uid}
+homeDirectory: ${HOMES}/${id}
 loginShell: /bin/bash
 cn: ${cn}
 sn: ${sn}
 ${pwEntry}
 
-dn: cn=${uid},ou=groups,$BASEDN
+dn: cn=${id},ou=groups,$BASEDN
 objectClass: posixGroup
 gidNumber: ${gidNumber}
 ##################################
@@ -95,11 +103,11 @@ EOF
     echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
 
     if [ $KRB5 ] ; then
-        kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${uid},ou=people,$BASEDN\" ${uid}" \
+        kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
             | sed '/Authenticating as principal/d'
-        cp -r /etc/skel ${HOMES}/${uid}
-        chown -R ${uidNumber}:${gidNumber} ${HOMES}/${uid}
-        ls -nld ${HOMES}/${uid}
+        cp -r /etc/skel ${HOMES}/${id}
+        chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id}
+        ls -nld ${HOMES}/${id}
     fi
 }
 
@@ -107,22 +115,33 @@ EOF
 del-user(){
     local KEEPDIR
     if [ $KRB5 ] ; then
-        ## Remove all kerberos attributes from LDAP, then the whole DN below.  The latter should be sufficient. 
-        kadmin.local -q "delete_principal -force ${uid}"  \
+        ## Remove all kerberos attributes from LDAP, then the whole DN below.  The latter should be sufficient.
+        kadmin.local -q "delete_principal -force ${id}"  \
             |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
     fi
-    
-    ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${uid},ou=people,$BASEDN"  "cn=${uid},ou=groups,$BASEDN" 2>&1 \
-        | sed '/ldap_initialize/d' 
-    
-    if [ -d ${HOMES}/${uid} ] ; then
-        KEEPDIR="${HOMES}/rm_$(date '+%Y%m%d')_${uid}"
-        mv ${HOMES}/${uid} "${KEEPDIR}"
+
+    ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${id},ou=people,$BASEDN"  "cn=${id},ou=groups,$BASEDN" 2>&1 \
+        | sed '/ldap_initialize/d'
+
+    if [ -d ${HOMES}/${id} ] ; then
+        KEEPDIR="${HOMES}/rm_$(date '+%Y%m%d')_${id}"
+        mv ${HOMES}/${id} "${KEEPDIR}"
         chown -R root:root  "${KEEPDIR}"
         ls -ld "$KEEPDIR"
     fi
 }
-    
+
+
+del-host(){
+    if [ $KRB5 ] ; then
+        ## Remove kerberos principals from LDAP.
+        kadmin.local -q "delete_principal -force host/${id}.${domain}"  \
+            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
+        kadmin.local -q "delete_principal -force nfs/${id}.${domain}"  \
+            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
+    fi
+}
+
 ##############################
 ########### main #############
 ##############################
@@ -134,6 +153,9 @@ case $COMMAND in
     deluser)
         del-user
         ;;
+    delhost)
+        del-host
+        ;;
     *)
         usage
         ;;

From 43cb4dcf13787c48903f49b60eb66c449bf76ba3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 1 Dec 2019 10:17:08 +0100
Subject: [PATCH 059/504] Add user import/deletion from file option, minor
 improvements.

---
 roles/lan-client/templates/sssd.conf.j2 |  1 -
 roles/ldap/tasks/main.yml               |  2 +-
 roles/ldap/templates/debian-lan.j2      | 69 ++++++++++++++++++-------
 roles/nfs-server/templates/sssd.conf.j2 |  1 -
 4 files changed, 50 insertions(+), 23 deletions(-)

diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lan-client/templates/sssd.conf.j2
index d55c2c7..2d4f287 100644
--- a/roles/lan-client/templates/sssd.conf.j2
+++ b/roles/lan-client/templates/sssd.conf.j2
@@ -21,4 +21,3 @@ cache_credentials = true
 
 min_id = 10000
 max_id = 20000
-enumerate = False
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 15e0665..13123ae 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -92,7 +92,7 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
-- name: provide simple script to add/delete users
+- name: provide simple script to manage ldap/kdc
   template:
     src: debian-lan.j2
     dest: /usr/local/bin/debian-lan
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index 54222ba..f94ad23 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -8,27 +8,45 @@ set -eu
 usage(){
     cat <<EOF
 Usage:
-         $(basename $0)  adduser  <uid>  <password>  [<cn>] [<sn>]
+         $(basename $0)  adduser  <uid>  <password>  [<given name>]  [<family name>]
          $(basename $0)  deluser  <uid>
          $(basename $0)  delhost  <hostname>
          $(basename $0)  ldapvi
+         $(basename $0)  <file>
 
-     <uid>:        User ID (login name)
-     <password>:   Password
-     <cn>, <sn>:   LDAP attributes, if omitted, <uid> is used.
+     <uid>:  User ID (login name)
+     <password>:  Password
+     <given name>, <family name>:  LDAP attributes 'givenName' and 'sn'.  If omitted, <uid> is used.
+     <file>:  File containing lines of the form:
 
+                   adduser <uid 1>  <password 1>  [<given name 1>]  [<family name 1>]
+                   adduser <uid 2>  <password 2>  [<given name 2>]  [<family name 2>]
+                   …
+                   deluser <uid n>
+                   deluser <uid n+1>
+                   …
+                           Every line is processed like a single call to the $(basename $0) program.
 EOF
 }
 
-#sss_cache -U -G  ## should not be necessary
-
 BASEDN="{{ basedn }}"
 LDAPADMIN="cn=admin,$BASEDN"
 ADPASSWD="$(cat {{ ldap_admin_pwd_file }})"
 
 if [ $# -lt 2 ] ; then
-    if [ "$1" = ldapvi ] ; then
-        exec ldapvi -h ldapi:/// -D "$LDAPADMIN"  -b "$BASEDN" -w "$ADPASSWD"
+    if [ $# = 0 ] ; then
+        usage
+        exit 1
+    elif [ "$1" = ldapvi ] ; then
+        exec ldapvi -m -h ldapi:/// -D "$LDAPADMIN"  -b "$BASEDN" -w "$ADPASSWD"
+    elif [ -r "$1" ]; then
+        ## recursively call this program:
+        while read -r LINE ; do
+            $0 $LINE
+        done < "$1"
+        ## reset cache after mass import/deletion:
+        sss_cache -U -G
+        exit 0
     else
         usage
         exit 1
@@ -46,8 +64,9 @@ HOMES="{{ lan_homes }}"
 COMMAND="$1"
 id="$2"
 pw="${3:-""}"
-cn="${4:-$2}"
+gn="${4:-$2}"
 sn="${5:-$2}"
+
 domain="$(hostname -d)"
 
 if [ -x /usr/sbin/kadmin.local ] ; then
@@ -73,8 +92,12 @@ nextnum(){
 }
 
 add-user(){
-    uidNumber=$(nextnum uidNumber)
-    gidNumber=$(nextnum gidNumber)
+    local id="$1"
+    local pwEntry="$2"
+    local gn="$3"
+    local sn="$4"
+    local uidNumber=$(nextnum uidNumber)
+    local gidNumber=$(nextnum gidNumber)
 
     if [ $uidNumber -ge $MAXID -o $gidNumber -ge $MAXID ] ; then
         echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
@@ -90,8 +113,10 @@ uidNumber: ${uidNumber}
 gidNumber: ${gidNumber}
 homeDirectory: ${HOMES}/${id}
 loginShell: /bin/bash
-cn: ${cn}
+cn: ${gn} ${sn}
+givenName: ${gn}
 sn: ${sn}
+gecos: ${gn} ${sn}
 ${pwEntry}
 
 dn: cn=${id},ou=groups,$BASEDN
@@ -100,19 +125,21 @@ gidNumber: ${gidNumber}
 ##################################
 EOF
 
-    echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
-
     if [ $KRB5 ] ; then
         kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
             | sed '/Authenticating as principal/d'
-        cp -r /etc/skel ${HOMES}/${id}
-        chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id}
-        ls -nld ${HOMES}/${id}
+        if [ ! -e "${HOMES}/${id}" ] ; then
+            echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
+            cp -r /etc/skel ${HOMES}/${id}
+            chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id}
+            ls -nld ${HOMES}/${id}
+        fi
     fi
 }
 
 
 del-user(){
+    local id="$1"
     local KEEPDIR
     if [ $KRB5 ] ; then
         ## Remove all kerberos attributes from LDAP, then the whole DN below.  The latter should be sufficient.
@@ -133,6 +160,7 @@ del-user(){
 
 
 del-host(){
+    local id="$1"
     if [ $KRB5 ] ; then
         ## Remove kerberos principals from LDAP.
         kadmin.local -q "delete_principal -force host/${id}.${domain}"  \
@@ -146,15 +174,16 @@ del-host(){
 ########### main #############
 ##############################
 
+sss_cache -U -G  ## clear cache
 case $COMMAND in
     adduser)
-        add-user
+        add-user "${id}" "${pwEntry}" "${gn}" "${sn}"
         ;;
     deluser)
-        del-user
+        del-user "${id}"
         ;;
     delhost)
-        del-host
+        del-host "${id}"
         ;;
     *)
         usage
diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfs-server/templates/sssd.conf.j2
index 54868d2..40fba97 100644
--- a/roles/nfs-server/templates/sssd.conf.j2
+++ b/roles/nfs-server/templates/sssd.conf.j2
@@ -21,4 +21,3 @@ cache_credentials = false
 
 min_id = 10000
 max_id = 20000
-enumerate = False

From 8c896c90e65f80c4136636a78927ceb7b3776da2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 1 Dec 2019 18:21:24 +0100
Subject: [PATCH 060/504] Implement posix group for all users in LDAP.

---
 roles/ldap/tasks/main.yml          | 19 +++++++++++++++++++
 roles/ldap/templates/debian-lan.j2 | 17 +++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 13123ae..e8b9e65 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -92,6 +92,16 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
+- name: add group for all ldapusers
+  ldap_entry:
+    dn: "cn=ldapuser,ou=groups,{{ basedn }}"
+    objectClass:
+      - posixGroup
+    attributes:
+      gidNumber: 18000
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+
 - name: provide simple script to manage ldap/kdc
   template:
     src: debian-lan.j2
@@ -128,6 +138,15 @@
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
+- name: add dummy user foo to group ldapuser
+  ldap_attr:
+    dn: "cn=ldapuser,ou=groups,{{ basedn }}"
+    name: memberUid
+    values: foo
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+  when: foo_pwd is defined and foo_pwd | length > 0
+
 - name: allow ldap service in firewalld
   firewalld:
     zone: internal
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index f94ad23..3dbf3c7 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -123,6 +123,14 @@ dn: cn=${id},ou=groups,$BASEDN
 objectClass: posixGroup
 gidNumber: ${gidNumber}
 ##################################
+EOF
+
+    cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
+############## LDIF ##############
+dn: cn=ldapuser,ou=groups,$BASEDN
+add: memberUid
+memberUid: ${id}
+##################################
 EOF
 
     if [ $KRB5 ] ; then
@@ -132,6 +140,7 @@ EOF
             echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
             cp -r /etc/skel ${HOMES}/${id}
             chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id}
+            #chmod -R o= ${HOMES}/${id}
             ls -nld ${HOMES}/${id}
         fi
     fi
@@ -150,6 +159,14 @@ del-user(){
     ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${id},ou=people,$BASEDN"  "cn=${id},ou=groups,$BASEDN" 2>&1 \
         | sed '/ldap_initialize/d'
 
+    cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
+############## LDIF ##############
+dn: cn=ldapuser,ou=groups,$BASEDN
+delete: memberUid
+memberUid: ${id}
+##################################
+EOF
+
     if [ -d ${HOMES}/${id} ] ; then
         KEEPDIR="${HOMES}/rm_$(date '+%Y%m%d')_${id}"
         mv ${HOMES}/${id} "${KEEPDIR}"

From a485f5119d07129c691c9f7b80efe68218024659 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 6 Dec 2019 20:03:44 +0100
Subject: [PATCH 061/504] Add kerberox* to the README.

---
 README | 53 +++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 39 insertions(+), 14 deletions(-)

diff --git a/README b/README
index e13b926..e3506a9 100644
--- a/README
+++ b/README
@@ -6,24 +6,28 @@ The goal of the "Debian Local Area Network"-project is to make setting
 up Debian in a local area network as easy as possible.  This repository
 offers ansible playbooks and instructions for the following machines:
 
- • Installbox:
+ • installbox:  orchestration of automatic installs in the LAN
      - set up as gateway to some external network (WAN)
-     - providing TFTP installation on the LAN interface
+     - provides TFTP installations on the LAN interface
      - automatic installs: preseeding and ansible playbooks
      - package cache
-     use case: orchestration of automatic installs in the LAN
 
- • Kiosk:
+ • kerberox:  serving a minimalistic kerberized LAN
+     - automatic TFTP installation of clients
+     - centralized home directories on kerberized NFS
+     - simple script to manage users and machines
+
+ • kerberox-client:  the client for the kerberized LAN
+
+ • kiosk:  school's computer, hackerspace, …
      - auto login user
      - reasonable defaults
      - temporary home directory on tmpfs, reset at boot
-     use case: school's computer, hackerspace, …
 
- • Cloudbox:
+ • cloudbox:  nextcloud server in the basement
      - setup of a home cloud server
      - dynamic DNS name
      - …
-     use case: nextcloud server in the basement
 
 Contributions like patches, suggestions, pull requests and/or further
 profiles are highly appreciated!
@@ -35,30 +39,51 @@ profiles are highly appreciated!
 
 Installbox
 ~~~~~~~~~~
- • Debian installation:
+ • standard Debian installation:
    - user 'ansible' in sudo group
    - WAN interface configured and connected
    - LAN interface not configured/managed
 
- • Customize installbox.yml:
-   - set if_lan if necessary
-   - enable/disable installbox2kiosk task
+ • optional:  customize installbox.yml
 
- • Run ansible:
+ • run ansible:
      ssh-copy-id ansible@1.2.3.4
      ansible-playbook installbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
 
+ • the installbox can be used to install all other profiles
+
+Kerberox
+~~~~~~~~
+ • standard Debian installation:
+   - user 'ansible' in sudo group
+   - WAN interface configured and connected
+   - LAN interface not configured/managed
+
+ • optional:  customize kerberox.yml
+
+ • run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook installbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+
+Kerberox and installbox provide a local ansible configuration space
+which can be used to install clients and/or to check/modify the local
+installation.  To do the latter, cd into 'debian-lan' and run:
+
+   'ansible-playbook --ask-become-pass -v  -i localhost, -c local  kerberox.yml'
+
+The kerberox-clients are automatically installed using the included TFTP netboot
+installer within the LAN.
 
 Kiosk
 ~~~~~
  • Debian installation:
    - user 'ansible' in sudo group
 
- • Customize kiosk.yml:
+ • customize kiosk.yml:
    - WiFi parameters
    - package selection: extra_pkgs and extra_pkgs_bpo for backports
    - desktop environment
 
- • Run ansible:
+ • run ansible:
      ssh-copy-id ansible@1.2.3.4
      ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,

From 0829b1b2e89d74e441fecc5733ed855366c71043 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 8 Dec 2019 08:43:26 +0100
Subject: [PATCH 062/504] Kerberize firefox in the local domain.

---
 roles/kerberize/tasks/main.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index 6fcecc2..dc4d9c4 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -16,3 +16,18 @@
     dest: /etc/ssh/ssh_config
     line: "GSSAPIDelegateCredentials yes"
     insertafter: "#   GSSAPIDelegateCredentials no"
+
+
+- name: check if firewox is available
+  stat: path=/etc/firefox-esr/firefox-esr.js
+  register: firefox
+
+- name: kerberize firefox for sites in the local domain
+  lineinfile:
+    dest: /etc/firefox-esr/firefox-esr.js
+    line: "{{ item }}"
+  with_items:
+    - '// kerberize for sites in the local domain:'
+    - 'pref("network.negotiate-auth.delegation-uris", "{{ ansible_domain }}");'
+    - 'pref("network.negotiate-auth.trusted-uris", "{{ ansible_domain }}");'
+  when: firefox.stat.exists

From 98b8d5d6ffc94c7846d47bb337cce3dc1b094793 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 13 Dec 2019 18:35:00 +0100
Subject: [PATCH 063/504] Add memberof-overlay to LDAP.

---
 roles/ldap/files/slapd-config.ldif | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/roles/ldap/files/slapd-config.ldif b/roles/ldap/files/slapd-config.ldif
index 4770d3b..4aead37 100644
--- a/roles/ldap/files/slapd-config.ldif
+++ b/roles/ldap/files/slapd-config.ldif
@@ -26,3 +26,18 @@ objectClass: olcOverlayConfig
 objectClass: olcPPolicyConfig
 olcOverlay: ppolicy
 olcPPolicyHashCleartext: TRUE
+
+
+#### Reverse Group Membership ####
+
+dn: cn=module,cn=config
+objectClass: olcModuleList
+cn: module
+olcModuleLoad: memberof
+
+dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcMemberOf
+olcOverlay: memberof
+olcMemberOfDangling: error
+olcMemberOfRefInt: TRUE

From 572dd5a3b0bacaae89fdebe58f769209b12c1c2f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 13 Dec 2019 18:41:34 +0100
Subject: [PATCH 064/504] Add LDAP client config and enable pam_umask.

---
 roles/lan-client/tasks/main.yml | 17 +++++++++++++++++
 roles/ldap/tasks/main.yml       | 12 ++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index 6882fa9..24bfacc 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -33,6 +33,23 @@
       - nfs-common
     state: latest
 
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldap://ldap/"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
+- name: enable pam_umask
+  lineinfile:
+    dest: /etc/pam.d/common-session
+    line: "session optional	pam_umask.so usergroups"
+
 ## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
 
 - name: install extra packages from stable
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index e8b9e65..d2f7afa 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -69,6 +69,18 @@
     replace: '\1	ldap'
   when: not slapd.stat.exists
 
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldapi:///"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
 #######################################################################################
 ## Use the admin password saved to file from now on (available also after installation):
 - name: slurp admin password

From 81337ac0db11ac0faf73a4f9dd9c48efbb3dfdd5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 13 Dec 2019 18:43:42 +0100
Subject: [PATCH 065/504] Move hard-coded numbers to variables.

---
 roles/kerberize/tasks/main.yml          | 2 +-
 roles/lan-client/defaults/main.yml      | 2 ++
 roles/lan-client/templates/sssd.conf.j2 | 4 ++--
 roles/ldap/defaults/main.yml            | 3 +++
 roles/ldap/templates/debian-lan.j2      | 4 ++--
 roles/nfs-server/defaults/main.yml      | 3 +++
 roles/nfs-server/tasks/main.yml         | 2 +-
 roles/nfs-server/templates/sssd.conf.j2 | 4 ++--
 8 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index dc4d9c4..8f9b755 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -18,7 +18,7 @@
     insertafter: "#   GSSAPIDelegateCredentials no"
 
 
-- name: check if firewox is available
+- name: check if firefox is available
   stat: path=/etc/firefox-esr/firefox-esr.js
   register: firefox
 
diff --git a/roles/lan-client/defaults/main.yml b/roles/lan-client/defaults/main.yml
index 7c62cce..81690e1 100644
--- a/roles/lan-client/defaults/main.yml
+++ b/roles/lan-client/defaults/main.yml
@@ -3,3 +3,5 @@ basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | rep
 ldap_server: ldap
 krb_server: kerberos
 nfs_server: nfs
+min_id_sssd: 5000
+max_id_sssd: 20000
diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lan-client/templates/sssd.conf.j2
index 2d4f287..90e5410 100644
--- a/roles/lan-client/templates/sssd.conf.j2
+++ b/roles/lan-client/templates/sssd.conf.j2
@@ -19,5 +19,5 @@ krb5_server = {{ krb_server }}
 krb5_realm = {{ ansible_domain | upper }}
 cache_credentials = true
 
-min_id = 10000
-max_id = 20000
+min_id = {{ min_id_sssd }}
+max_id = {{ max_id_sssd }}
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index 141c21f..1400020 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -2,3 +2,6 @@ ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
 ldap_admin_pwd_file: "/root/ldap-admin.pwd"
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 lan_homes:  /home/lan
+min_id: 10000
+max_id: 20000
+ldapuser_gid: 8000
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index 3dbf3c7..cb9d790 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -57,8 +57,8 @@ elif [ $1 = adduser -a $# -lt 3 ] ; then
     exit 1
 fi
 
-MINID=10000
-MAXID=20000
+MINID={{ min_id }}
+MAXID={{ max_id }}
 HOMES="{{ lan_homes }}"
 
 COMMAND="$1"
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
index 49adf7c..456b8e5 100644
--- a/roles/nfs-server/defaults/main.yml
+++ b/roles/nfs-server/defaults/main.yml
@@ -1,3 +1,6 @@
 export_root: /srv/nfs4
 lan_homes:  /home/lan
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+min_id: 10000
+min_id_sssd: 5000
+max_id_sssd: 20000
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 845944b..950fde1 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -67,7 +67,7 @@
   when: kadmin.stat.exists
 
 - name: copy home from /etc/skel for dummy user foo
-  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R 10000:10000 {{ lan_homes }}/foo
+  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R {{ min_id }}:{{ min_id }} {{ lan_homes }}/foo
   args:
     creates: "{{ lan_homes }}/foo"
   when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfs-server/templates/sssd.conf.j2
index 40fba97..48eae04 100644
--- a/roles/nfs-server/templates/sssd.conf.j2
+++ b/roles/nfs-server/templates/sssd.conf.j2
@@ -19,5 +19,5 @@ krb5_server = {{ ansible_hostname }}
 krb5_realm = {{ ansible_domain | upper }}
 cache_credentials = false
 
-min_id = 10000
-max_id = 20000
+min_id = {{ min_id_sssd }}
+max_id = {{ max_id_sssd }}

From dd284d6abd8fb5453a84b0e61ed29ca5fc6c6898 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 14 Dec 2019 20:21:06 +0100
Subject: [PATCH 066/504] Use subdirs for user's homes.

---
 roles/ldap/tasks/main.yml          |  2 +-
 roles/ldap/templates/debian-lan.j2 | 19 ++++++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index d2f7afa..d63e3f3 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -117,7 +117,7 @@
 - name: provide simple script to manage ldap/kdc
   template:
     src: debian-lan.j2
-    dest: /usr/local/bin/debian-lan
+    dest: /usr/local/sbin/debian-lan
     mode: 0744
 
 ## Add user
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index cb9d790..562bc77 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -111,7 +111,7 @@ objectClass: inetOrgPerson
 objectClass: posixAccount
 uidNumber: ${uidNumber}
 gidNumber: ${gidNumber}
-homeDirectory: ${HOMES}/${id}
+homeDirectory: ${HOMES}/${id:0:1}/${id}
 loginShell: /bin/bash
 cn: ${gn} ${sn}
 givenName: ${gn}
@@ -136,12 +136,13 @@ EOF
     if [ $KRB5 ] ; then
         kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
             | sed '/Authenticating as principal/d'
-        if [ ! -e "${HOMES}/${id}" ] ; then
+        if [ ! -e "${HOMES}/${id:0:1}/${id}" ] ; then
             echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
-            cp -r /etc/skel ${HOMES}/${id}
-            chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id}
-            #chmod -R o= ${HOMES}/${id}
-            ls -nld ${HOMES}/${id}
+            mkdir -p ${HOMES}/${id:0:1}/
+            cp -r /etc/skel ${HOMES}/${id:0:1}/${id}
+            chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id:0:1}/${id}
+            #chmod -R o= ${HOMES}/${id:0:1}/${id}
+            ls -nld ${HOMES}/${id:0:1}/${id}
         fi
     fi
 }
@@ -167,9 +168,9 @@ memberUid: ${id}
 ##################################
 EOF
 
-    if [ -d ${HOMES}/${id} ] ; then
-        KEEPDIR="${HOMES}/rm_$(date '+%Y%m%d')_${id}"
-        mv ${HOMES}/${id} "${KEEPDIR}"
+    if [ -d ${HOMES}/${id:0:1}/${id} ] ; then
+        KEEPDIR="${HOMES}/${id:0:1}/rm_$(date '+%Y%m%d')_${id}"
+        mv ${HOMES}/${id:0:1}/${id} "${KEEPDIR}"
         chown -R root:root  "${KEEPDIR}"
         ls -ld "$KEEPDIR"
     fi

From 902a87e258df5f581cb79ba8ec02ae549e77f29a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 14 Dec 2019 20:56:45 +0100
Subject: [PATCH 067/504] Add optional posix group handling to script.

---
 roles/ldap/templates/debian-lan.j2 | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index 562bc77..7523d97 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -8,7 +8,7 @@ set -eu
 usage(){
     cat <<EOF
 Usage:
-         $(basename $0)  adduser  <uid>  <password>  [<given name>]  [<family name>]
+         $(basename $0)  adduser  <uid>  <password>  [<given name>]  [<family name>]  [<group>]
          $(basename $0)  deluser  <uid>
          $(basename $0)  delhost  <hostname>
          $(basename $0)  ldapvi
@@ -17,6 +17,7 @@ Usage:
      <uid>:  User ID (login name)
      <password>:  Password
      <given name>, <family name>:  LDAP attributes 'givenName' and 'sn'.  If omitted, <uid> is used.
+     <group>:  If given, the user is added to this posix group, which must already exist.
      <file>:  File containing lines of the form:
 
                    adduser <uid 1>  <password 1>  [<given name 1>]  [<family name 1>]
@@ -66,6 +67,7 @@ id="$2"
 pw="${3:-""}"
 gn="${4:-$2}"
 sn="${5:-$2}"
+grp="${6:-""}"
 
 domain="$(hostname -d)"
 
@@ -125,13 +127,15 @@ gidNumber: ${gidNumber}
 ##################################
 EOF
 
-    cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
+    if [ -n "$grp" ] ; then
+        cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
 ############## LDIF ##############
-dn: cn=ldapuser,ou=groups,$BASEDN
+dn: cn=${grp},ou=groups,$BASEDN
 add: memberUid
 memberUid: ${id}
 ##################################
 EOF
+    fi
 
     if [ $KRB5 ] ; then
         kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
@@ -160,13 +164,16 @@ del-user(){
     ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${id},ou=people,$BASEDN"  "cn=${id},ou=groups,$BASEDN" 2>&1 \
         | sed '/ldap_initialize/d'
 
-    cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
+    for grp in $(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=groups,$BASEDN" "(&(objectClass=posixGroup)(memberUid=${id}))" cn 2>/dev/null \
+                     | grep cn: | cut -d ' ' -f2) ; do
+        cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
 ############## LDIF ##############
-dn: cn=ldapuser,ou=groups,$BASEDN
+dn: cn=${grp},ou=groups,$BASEDN
 delete: memberUid
 memberUid: ${id}
 ##################################
 EOF
+    done
 
     if [ -d ${HOMES}/${id:0:1}/${id} ] ; then
         KEEPDIR="${HOMES}/${id:0:1}/rm_$(date '+%Y%m%d')_${id}"

From a58010d8d28c253a98981ad92b0e210922dbceab Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 15 Dec 2019 18:10:27 +0100
Subject: [PATCH 068/504] Fix crap in kadmin ACL.

---
 roles/krb5-kdc-ldap/templates/kadm5.acl.j2 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2 b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
index 54c6636..5e9c641 100644
--- a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
+++ b/roles/krb5-kdc-ldap/templates/kadm5.acl.j2
@@ -1,4 +1,2 @@
-## access controls for the Kerberos KDC
+## access control for the Kerberos KDC
 root/admin@{{ ansible_domain | upper }} *
-*@{{ ansible_domain | upper }} cil
-*/*@{{ ansible_domain | upper }} i

From 21309fb788ecd1d73db71f1a8cfb39acc0c9c873 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jan 2020 09:22:40 +0100
Subject: [PATCH 069/504] Improved determination of next available uid/gid
 pair.

---
 roles/ldap/tasks/main.yml            | 19 ++-----
 roles/ldap/templates/debian-lan.j2   | 78 ++++++++++++++++++++--------
 roles/prepare4clients/tasks/main.yml |  2 +-
 3 files changed, 62 insertions(+), 37 deletions(-)

diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index d63e3f3..51ac242 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -104,13 +104,13 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
-- name: add group for all ldapusers
+- name: add group for ldap users
   ldap_entry:
     dn: "cn=ldapuser,ou=groups,{{ basedn }}"
     objectClass:
       - posixGroup
     attributes:
-      gidNumber: 18000
+      gidNumber: "{{ ldapuser_gid }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
@@ -131,8 +131,8 @@
       cn: foo
       sn: bar
       userPassword: "{{ foo_pwd }}"
-      uidNumber: 10000
-      gidNumber: 10000
+      uidNumber: "{{ min_id }}"
+      gidNumber: "{{ min_id }}"
       homeDirectory: "{{ lan_homes }}/foo"
       loginShell: /bin/bash
     bind_dn: "cn=admin,{{ basedn }}"
@@ -145,16 +145,7 @@
     objectClass:
       - posixGroup
     attributes:
-      gidNumber: 10000
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-  when: foo_pwd is defined and foo_pwd | length > 0
-
-- name: add dummy user foo to group ldapuser
-  ldap_attr:
-    dn: "cn=ldapuser,ou=groups,{{ basedn }}"
-    name: memberUid
-    values: foo
+      gidNumber: "{{ min_id }}"
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index 7523d97..5572869 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -8,7 +8,7 @@ set -eu
 usage(){
     cat <<EOF
 Usage:
-         $(basename $0)  adduser  <uid>  <password>  [<given name>]  [<family name>]  [<group>]
+         $(basename $0)  adduser  <uid>  <password>  [<group>]  [<given name>]  [<family name>]
          $(basename $0)  deluser  <uid>
          $(basename $0)  delhost  <hostname>
          $(basename $0)  ldapvi
@@ -16,12 +16,13 @@ Usage:
 
      <uid>:  User ID (login name)
      <password>:  Password
+     <group>:  If given, the user is added to this posix group (in addition to his personal group).
+               The group must already exist in the LDAP DT.
      <given name>, <family name>:  LDAP attributes 'givenName' and 'sn'.  If omitted, <uid> is used.
-     <group>:  If given, the user is added to this posix group, which must already exist.
      <file>:  File containing lines of the form:
 
-                   adduser <uid 1>  <password 1>  [<given name 1>]  [<family name 1>]
-                   adduser <uid 2>  <password 2>  [<given name 2>]  [<family name 2>]
+                   adduser <uid 1>  <password 1>  [<group 1>]  [<given name 1>]  [<family name 1>]
+                   adduser <uid 2>  <password 2>  [<group 2>]  [<given name 2>]  [<family name 2>]
                    …
                    deluser <uid n>
                    deluser <uid n+1>
@@ -58,16 +59,21 @@ elif [ $1 = adduser -a $# -lt 3 ] ; then
     exit 1
 fi
 
+## Range of user and personal group IDs:
 MINID={{ min_id }}
 MAXID={{ max_id }}
+
+## Range to cover in a single ldap search (must be smaller than 'olcSizeLimit' in cn=config):
+RANGE=399
+
 HOMES="{{ lan_homes }}"
 
 COMMAND="$1"
 id="$2"
 pw="${3:-""}"
-gn="${4:-$2}"
-sn="${5:-$2}"
-grp="${6:-""}"
+grp="${4:-""}"
+gn="${5:-$2}"
+sn="${6:-$2}"
 
 domain="$(hostname -d)"
 
@@ -79,27 +85,54 @@ else
     pwEntry="userPassword: $pw"
 fi
 
-#############
-
+##################################################################################################
 
 nextnum(){
-    local num
-    num="$(( $(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" -S $1 $1 2>/dev/null \
-                        |  tail -n -2 | grep -oE "[[:digit:]]+$") + 1 ))"
-    if [ $num -lt $MINID ] ; then
-        echo $MINID
-    else
-        echo "$num"
-    fi
+    local id=$MINID
+    local bsta bend all uids gids num
+
+    ## Search for the next pair of identical free IDs:
+    while [ $id -le $MAXID ] ; do
+        bsta=$id
+        bend=$(( $bsta + $RANGE ))
+
+        all="$(seq $bsta $bend)"
+        uids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uidNumber>=$bsta)(uidNumber<=$bend))" \
+                         uidNumber 2>/dev/null | grep "uidNumber: " | cut -f2 -d ' ' | sort -g | uniq)"
+        gids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=groups,$BASEDN" "(&(objectClass=posixGroup)(gidNumber>=$bsta)(uidNumber<=$bend))" \
+                         gidNumber 2>/dev/null | grep "gidNumber: " | cut -f2 -d ' ' | sort -g | uniq)"
+
+        fuids="$(comm -13 <(echo "$uids") <(echo "$all"))"
+        fgids="$(comm -13 <(echo "$gids") <(echo "$all"))"
+        num=$(comm -12 <(echo "$fuids") <(echo "$fgids") | head -1)
+
+        if [ -n "$num" ] ; then
+            echo $num
+            return
+        else
+            id=$(( $bend + 1 ))
+        fi
+    done
+    ## something went wrong:
+    exit 1
 }
 
+
 add-user(){
     local id="$1"
     local pwEntry="$2"
-    local gn="$3"
-    local sn="$4"
-    local uidNumber=$(nextnum uidNumber)
-    local gidNumber=$(nextnum gidNumber)
+    local grp="$3"
+    local gn="$4"
+    local sn="$5"
+
+    if ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uid=$id))" uid 2>/dev/null \
+            | grep -q "uid: $id" ; then
+        echo "User '$id' exists already, skipping."
+        return
+    fi
+
+    local uidNumber=$(nextnum)
+    local gidNumber=$uidNumber
 
     if [ $uidNumber -ge $MAXID -o $gidNumber -ge $MAXID ] ; then
         echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
@@ -200,9 +233,10 @@ del-host(){
 ##############################
 
 sss_cache -U -G  ## clear cache
+echo "==== $@ ===="
 case $COMMAND in
     adduser)
-        add-user "${id}" "${pwEntry}" "${gn}" "${sn}"
+        add-user "${id}" "${pwEntry}" "${grp}" "${gn}" "${sn}"
         ;;
     deluser)
         del-user "${id}"
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 4ae6d3f..484d170 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -100,7 +100,7 @@
 
 ########  kerberox-client #######
 
-- name: check if we opereate on kerberox
+- name: check if we operate on kerberox
   stat: path=/usr/sbin/krb5kdc
   register: krb5kdc
 

From 2a161df7bb7f273df77098d916f175eaf4e87bb4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jan 2020 20:44:10 +0100
Subject: [PATCH 070/504] Implement nextcloud role.

---
 README                                    |   2 +-
 roles/nextcloud/defaults/main.yml         |   6 +
 roles/nextcloud/files/krb5-nextcloud.conf |  27 ++++
 roles/nextcloud/files/nextcloud.conf      |  15 +++
 roles/nextcloud/handlers/main.yml         |  11 ++
 roles/nextcloud/tasks/main.yml            | 151 ++++++++++++++++++++++
 6 files changed, 211 insertions(+), 1 deletion(-)
 create mode 100644 roles/nextcloud/defaults/main.yml
 create mode 100644 roles/nextcloud/files/krb5-nextcloud.conf
 create mode 100644 roles/nextcloud/files/nextcloud.conf
 create mode 100644 roles/nextcloud/handlers/main.yml
 create mode 100644 roles/nextcloud/tasks/main.yml

diff --git a/README b/README
index e3506a9..490c984 100644
--- a/README
+++ b/README
@@ -63,7 +63,7 @@ Kerberox
 
  • run ansible:
      ssh-copy-id ansible@1.2.3.4
-     ansible-playbook installbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+     ansible-playbook kerberox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
 
 Kerberox and installbox provide a local ansible configuration space
 which can be used to install clients and/or to check/modify the local
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
new file mode 100644
index 0000000..4b8122f
--- /dev/null
+++ b/roles/nextcloud/defaults/main.yml
@@ -0,0 +1,6 @@
+db_nextcloud_pwd: "{{ lookup('password', '/tmp/db-nextcloud.pwd length=24') }}"
+nc_admin_pwd: "{{ lookup('password', '/tmp/nc-admin.pwd length=24') }}"
+nc_admin_pwd_file: "/root/nc-admin.pwd"
+www_root: "/var/www"
+nc_dir: "{{ www_root }}/nextcloud"
+data_dir: "/var/nc-data"
diff --git a/roles/nextcloud/files/krb5-nextcloud.conf b/roles/nextcloud/files/krb5-nextcloud.conf
new file mode 100644
index 0000000..3b84912
--- /dev/null
+++ b/roles/nextcloud/files/krb5-nextcloud.conf
@@ -0,0 +1,27 @@
+Alias /nextcloud "/var/www/nextcloud/"
+
+<Location "/nextcloud/index.php/apps/user_saml/saml/login" >
+  AuthType             GSSAPI
+  AuthName             "Login to NextCloud"
+  GssapiAllowedMech    krb5
+  GssapiLocalName      On
+  GssapiCredStore      keytab:/etc/krb5.keytab.http
+  GssapiUseSessions    On
+  GssapiNegotiateOnce  On
+  GssapiBasicAuth      On
+  require              valid-user
+</Location>
+
+<Directory /var/www/nextcloud/>
+  Require all granted
+  Options FollowSymlinks MultiViews
+  AllowOverride All
+
+ <IfModule mod_dav.c>
+  Dav off
+ </IfModule>
+
+ SetEnv HOME /var/www/nextcloud
+ SetEnv HTTP_HOME /var/www/nextcloud
+
+</Directory>
diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
new file mode 100644
index 0000000..8996eac
--- /dev/null
+++ b/roles/nextcloud/files/nextcloud.conf
@@ -0,0 +1,15 @@
+Alias /nextcloud "/var/www/nextcloud/"
+
+<Directory /var/www/nextcloud/>
+  Require all granted
+  Options FollowSymlinks MultiViews
+  AllowOverride All
+
+ <IfModule mod_dav.c>
+  Dav off
+ </IfModule>
+
+ SetEnv HOME /var/www/nextcloud
+ SetEnv HTTP_HOME /var/www/nextcloud
+
+</Directory>
diff --git a/roles/nextcloud/handlers/main.yml b/roles/nextcloud/handlers/main.yml
new file mode 100644
index 0000000..9d2f7c6
--- /dev/null
+++ b/roles/nextcloud/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: restart apache2
+  systemd:
+    name: apache2
+    state: restarted
+  listen: "restart apache2"
+
+- name: restart php-fpm
+  systemd:
+    name: php{{ php_ver.stdout }}-fpm
+    state: restarted
+  listen: "restart php-fpm"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
new file mode 100644
index 0000000..d88f095
--- /dev/null
+++ b/roles/nextcloud/tasks/main.yml
@@ -0,0 +1,151 @@
+## Install and configure nextcloud
+
+- name: install apache, php- and db-packages
+  apt:
+    name:
+      - apache2
+      - mariadb-server
+      - python3-pymysql
+      - php-apcu
+      - php-fpm
+      - php-curl
+      - php-gd
+      - php-imagick
+      - php-intl
+      - php-json
+      - php-ldap
+      - php-mbstring
+      - php-mysql
+      - php-xml
+      - php-zip
+    state: latest
+
+- name: disable apache modules
+  apache2_module:
+    state: absent
+    name: "{{ item }}"
+  with_items:
+    - mpm_prefork
+    - mpm_worker
+  notify: "restart apache2"
+
+- name: enable apache modules
+  apache2_module:
+    name: "{{ item }}"
+  with_items:
+    - proxy_fcgi
+    - mpm_event
+    - ssl
+    - http2
+  notify: "restart apache2"
+
+- name: find php version
+  shell: ls /etc/php/ | sort | tail -1
+  register: php_ver
+  changed_when: False
+
+- name: enable php-fpm conf
+  command: a2enconf php{{ php_ver.stdout }}-fpm
+  args:
+    creates: /etc/apache2/conf-enabled/php{{ php_ver.stdout }}-fpm.conf
+  notify: "restart apache2"
+
+- name: tune php-fpm
+  replace:
+    dest: /etc/php/{{ php_ver.stdout }}/fpm/pool.d/www.conf
+    regexp: "{{ item.regex }}"
+    replace: "{{ item.replace }}"
+  with_items:
+    - { regex: "^pm.max_children = .*$", replace: "pm.max_children = 120" }
+    - { regex: "^pm.start_servers = .*$", replace: "pm.start_servers = 12" }
+    - { regex: "^pm.min_spare_servers = .*$", replace: "pm.min_spare_servers = 6" }
+    - { regex: "^pm.max_spare_servers = .*$", replace: "pm.max_spare_servers = 18" }
+  notify: "restart php-fpm"
+
+- name: increase php memory limit
+  replace:
+    dest: "/etc/php/{{ php_ver.stdout }}/fpm/php.ini"
+    regexp: "^memory_limit = .*"
+    replace: "memory_limit = 512M"
+  notify: "restart apache2"
+
+- name: provide nextcloud site
+  copy:
+    src: nextcloud.conf
+    dest: /etc/apache2/sites-available/nextcloud.conf
+
+- name: enable https
+  command: a2ensite default-ssl.conf
+  args:
+    creates: /etc/apache2/sites-enabled/default-ssl.conf
+  notify: "restart apache2"
+
+- name: enable nextcloud site
+  command: a2ensite nextcloud.conf
+  args:
+    creates: /etc/apache2/sites-enabled/nextcloud.conf
+  notify: "restart apache2"
+
+- name: create a new database with name 'nextcloud'
+  mysql_db:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: nextcloud
+    state: present
+
+- name: create database user 'nextcloud'
+  mysql_user:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: nextcloud
+    password: "{{ db_nextcloud_pwd }}"
+    priv: 'nextcloud.*:ALL'
+    state: present
+
+- name: unpack nextcloud archive
+  unarchive:
+    src: nextcloud.tar.bz2
+    dest: "{{ www_root }}"
+    owner: www-data
+    group: www-data
+    creates: "{{ nc_dir }}"
+
+- name: make sure data directory exists
+  file:
+    path: "{{ data_dir }}"
+    state: directory
+    owner: www-data
+    group: www-data
+    recurse: yes
+
+- name: initialize nextcloud
+  command:
+    cmd: >
+      sudo -u www-data php occ maintenance:install
+      --database "mysql"
+      --database-name "nextcloud"
+      --database-user "nextcloud"
+      --database-pass "{{ db_nextcloud_pwd }}"
+      --admin-user "nc-admin"
+      --admin-pass "{{ nc_admin_pwd }}"
+      --data-dir "{{ data_dir }}"
+  args:
+    chdir: "{{ nc_dir }}"
+    creates: "{{ nc_dir }}/config/config.php"
+  no_log: true
+
+- name: dump nc-admin password
+  shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
+  no_log: true
+  args:
+    creates: "{{ nc_admin_pwd_file }}"
+
+- name: enable APCu memcache
+  lineinfile:
+    dest: "{{ nc_dir }}/config/config.php"
+    line: "  'memcache.local' => '\\OC\\Memcache\\APCu',"
+    insertbefore: "'installed' => true,"
+
+- name: allow access from LAN
+  lineinfile:
+    dest: "{{ nc_dir }}/config/config.php"
+    line: "    1 => '192.168.*.*',"
+    insertafter: "0 => 'localhost',"

From 23605d69627bf0d0d1604872e45cb4606f595408 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 14 Jan 2020 14:51:52 +0100
Subject: [PATCH 071/504] Use occ to modify configuration.

---
 roles/nextcloud/tasks/main.yml | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index d88f095..31a71fb 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -100,6 +100,10 @@
     priv: 'nextcloud.*:ALL'
     state: present
 
+- name: check if we are installing
+  stat: path="{{ nc_dir }}"
+  register: nextcloud
+
 - name: unpack nextcloud archive
   unarchive:
     src: nextcloud.tar.bz2
@@ -114,12 +118,12 @@
     state: directory
     owner: www-data
     group: www-data
-    recurse: yes
+    recurse: Yes
 
 - name: initialize nextcloud
   command:
     cmd: >
-      sudo -u www-data php occ maintenance:install
+      sudo -u www-data php ./occ maintenance:install
       --database "mysql"
       --database-name "nextcloud"
       --database-user "nextcloud"
@@ -130,22 +134,26 @@
   args:
     chdir: "{{ nc_dir }}"
     creates: "{{ nc_dir }}/config/config.php"
-  no_log: true
+  no_log: True
 
 - name: dump nc-admin password
   shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
-  no_log: true
+  no_log: True
   args:
     creates: "{{ nc_admin_pwd_file }}"
 
 - name: enable APCu memcache
-  lineinfile:
-    dest: "{{ nc_dir }}/config/config.php"
-    line: "  'memcache.local' => '\\OC\\Memcache\\APCu',"
-    insertbefore: "'installed' => true,"
+  command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu'
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: not nextcloud.stat.exists
 
 - name: allow access from LAN
-  lineinfile:
-    dest: "{{ nc_dir }}/config/config.php"
-    line: "    1 => '192.168.*.*',"
-    insertafter: "0 => 'localhost',"
+  command: sudo -u www-data php ./occ config:system:set trusted_domains 1 --value='192.168.*.*'
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: not nextcloud.stat.exists
+
+## ToDo: enable apps etc., update

From e069171539a24f2eb5d7159a7859e57a2becb7a2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 14 Jan 2020 21:09:24 +0100
Subject: [PATCH 072/504] Setup fine tuning and app installation.

---
 roles/nextcloud/files/htaccess            |  8 +++
 roles/nextcloud/files/krb5-nextcloud.conf | 18 ++++--
 roles/nextcloud/files/nextcloud.conf      | 18 ++++--
 roles/nextcloud/tasks/main.yml            | 68 +++++++++++++++++------
 4 files changed, 84 insertions(+), 28 deletions(-)
 create mode 100644 roles/nextcloud/files/htaccess

diff --git a/roles/nextcloud/files/htaccess b/roles/nextcloud/files/htaccess
new file mode 100644
index 0000000..ad8b40f
--- /dev/null
+++ b/roles/nextcloud/files/htaccess
@@ -0,0 +1,8 @@
+<IfModule mod_rewrite.c>
+  RewriteEngine on
+  RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
+  RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
+  RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
+  RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
+  RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
+</IfModule>
diff --git a/roles/nextcloud/files/krb5-nextcloud.conf b/roles/nextcloud/files/krb5-nextcloud.conf
index 3b84912..10b9e82 100644
--- a/roles/nextcloud/files/krb5-nextcloud.conf
+++ b/roles/nextcloud/files/krb5-nextcloud.conf
@@ -17,11 +17,19 @@ Alias /nextcloud "/var/www/nextcloud/"
   Options FollowSymlinks MultiViews
   AllowOverride All
 
- <IfModule mod_dav.c>
-  Dav off
- </IfModule>
+  <IfModule mod_dav.c>
+    Dav off
+  </IfModule>
 
- SetEnv HOME /var/www/nextcloud
- SetEnv HTTP_HOME /var/www/nextcloud
+  SetEnv HOME /var/www/nextcloud
+  SetEnv HTTP_HOME /var/www/nextcloud
 
 </Directory>
+
+<Directory /var/www/html>
+  AllowOverride FileInfo
+</Directory>
+
+<IfModule mod_headers.c>
+  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+</IfModule>
diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
index 8996eac..d7cb013 100644
--- a/roles/nextcloud/files/nextcloud.conf
+++ b/roles/nextcloud/files/nextcloud.conf
@@ -5,11 +5,19 @@ Alias /nextcloud "/var/www/nextcloud/"
   Options FollowSymlinks MultiViews
   AllowOverride All
 
- <IfModule mod_dav.c>
-  Dav off
- </IfModule>
+  <IfModule mod_dav.c>
+    Dav off
+  </IfModule>
 
- SetEnv HOME /var/www/nextcloud
- SetEnv HTTP_HOME /var/www/nextcloud
+  SetEnv HOME /var/www/nextcloud
+  SetEnv HTTP_HOME /var/www/nextcloud
 
 </Directory>
+
+<Directory /var/www/html>
+  AllowOverride FileInfo
+</Directory>
+
+<IfModule mod_headers.c>
+  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+</IfModule>
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 31a71fb..2f51ad8 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -35,6 +35,8 @@
   with_items:
     - proxy_fcgi
     - mpm_event
+    - rewrite
+    - headers
     - ssl
     - http2
   notify: "restart apache2"
@@ -74,6 +76,11 @@
     src: nextcloud.conf
     dest: /etc/apache2/sites-available/nextcloud.conf
 
+- name: provide htaccess file
+  copy:
+    src: htaccess
+    dest: /var/www/html/.htaccess
+
 - name: enable https
   command: a2ensite default-ssl.conf
   args:
@@ -86,11 +93,26 @@
     creates: /etc/apache2/sites-enabled/nextcloud.conf
   notify: "restart apache2"
 
-- name: create a new database with name 'nextcloud'
+- name: make sure data directory exists
+  file:
+    path: "{{ data_dir }}"
+    state: directory
+    owner: www-data
+    group: www-data
+    recurse: Yes
+
+
+## install nextcloud:
+- name: check if we are installing
+  stat: path="{{ nc_dir }}"
+  register: nextcloud
+
+- name: create database with name 'nextcloud'
   mysql_db:
     login_unix_socket: /var/run/mysqld/mysqld.sock
     name: nextcloud
     state: present
+  when: not nextcloud.stat.exists
 
 - name: create database user 'nextcloud'
   mysql_user:
@@ -99,10 +121,7 @@
     password: "{{ db_nextcloud_pwd }}"
     priv: 'nextcloud.*:ALL'
     state: present
-
-- name: check if we are installing
-  stat: path="{{ nc_dir }}"
-  register: nextcloud
+  when: not nextcloud.stat.exists
 
 - name: unpack nextcloud archive
   unarchive:
@@ -110,15 +129,7 @@
     dest: "{{ www_root }}"
     owner: www-data
     group: www-data
-    creates: "{{ nc_dir }}"
-
-- name: make sure data directory exists
-  file:
-    path: "{{ data_dir }}"
-    state: directory
-    owner: www-data
-    group: www-data
-    recurse: Yes
+  when: not nextcloud.stat.exists
 
 - name: initialize nextcloud
   command:
@@ -133,14 +144,13 @@
       --data-dir "{{ data_dir }}"
   args:
     chdir: "{{ nc_dir }}"
-    creates: "{{ nc_dir }}/config/config.php"
   no_log: True
+  when: not nextcloud.stat.exists
 
 - name: dump nc-admin password
   shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
   no_log: True
-  args:
-    creates: "{{ nc_admin_pwd_file }}"
+  when: not nextcloud.stat.exists
 
 - name: enable APCu memcache
   command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu'
@@ -156,4 +166,26 @@
     warn: False
   when: not nextcloud.stat.exists
 
-## ToDo: enable apps etc., update
+
+## app installations:
+- name: check if calendar app is installed
+  stat: path="{{ nc_dir }}/apps/calendar"
+  register: calendar
+
+- name: install calendar app
+  command: sudo -u www-data php ./occ app:install calendar
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: not calendar.stat.exists
+
+- name: check if notes app is installed
+  stat: path="{{ nc_dir }}/apps/notes"
+  register: notes
+
+- name: install notes app
+  command: sudo -u www-data php ./occ app:install notes
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: not notes.stat.exists

From 97e980fbf7812e5ce231f6f491b44467124bee92 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 15 Jan 2020 19:47:06 +0100
Subject: [PATCH 073/504] Move content from htaccess file to site config. 
 Separate krb5 config.

---
 roles/nextcloud/files/htaccess            |  8 -------
 roles/nextcloud/files/krb5-nextcloud.conf | 24 ---------------------
 roles/nextcloud/files/nextcloud.conf      | 14 ++++++++----
 roles/nextcloud/tasks/main.yml            | 26 ++++++++++++++++-------
 4 files changed, 28 insertions(+), 44 deletions(-)
 delete mode 100644 roles/nextcloud/files/htaccess

diff --git a/roles/nextcloud/files/htaccess b/roles/nextcloud/files/htaccess
deleted file mode 100644
index ad8b40f..0000000
--- a/roles/nextcloud/files/htaccess
+++ /dev/null
@@ -1,8 +0,0 @@
-<IfModule mod_rewrite.c>
-  RewriteEngine on
-  RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
-  RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
-  RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
-  RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
-  RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
-</IfModule>
diff --git a/roles/nextcloud/files/krb5-nextcloud.conf b/roles/nextcloud/files/krb5-nextcloud.conf
index 10b9e82..9ccb2ab 100644
--- a/roles/nextcloud/files/krb5-nextcloud.conf
+++ b/roles/nextcloud/files/krb5-nextcloud.conf
@@ -1,5 +1,3 @@
-Alias /nextcloud "/var/www/nextcloud/"
-
 <Location "/nextcloud/index.php/apps/user_saml/saml/login" >
   AuthType             GSSAPI
   AuthName             "Login to NextCloud"
@@ -11,25 +9,3 @@ Alias /nextcloud "/var/www/nextcloud/"
   GssapiBasicAuth      On
   require              valid-user
 </Location>
-
-<Directory /var/www/nextcloud/>
-  Require all granted
-  Options FollowSymlinks MultiViews
-  AllowOverride All
-
-  <IfModule mod_dav.c>
-    Dav off
-  </IfModule>
-
-  SetEnv HOME /var/www/nextcloud
-  SetEnv HTTP_HOME /var/www/nextcloud
-
-</Directory>
-
-<Directory /var/www/html>
-  AllowOverride FileInfo
-</Directory>
-
-<IfModule mod_headers.c>
-  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
-</IfModule>
diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
index d7cb013..635f7ee 100644
--- a/roles/nextcloud/files/nextcloud.conf
+++ b/roles/nextcloud/files/nextcloud.conf
@@ -1,6 +1,6 @@
-Alias /nextcloud "/var/www/nextcloud/"
+Alias /nextcloud "/var/www/nextcloud"
 
-<Directory /var/www/nextcloud/>
+<Directory /var/www/nextcloud>
   Require all granted
   Options FollowSymlinks MultiViews
   AllowOverride All
@@ -11,11 +11,17 @@ Alias /nextcloud "/var/www/nextcloud/"
 
   SetEnv HOME /var/www/nextcloud
   SetEnv HTTP_HOME /var/www/nextcloud
-
 </Directory>
 
 <Directory /var/www/html>
-  AllowOverride FileInfo
+  <IfModule mod_rewrite.c>
+    RewriteEngine on
+    RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
+    RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
+    RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
+    RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
+    RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
+  </IfModule> 
 </Directory>
 
 <IfModule mod_headers.c>
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 2f51ad8..3ac9c2e 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -75,16 +75,13 @@
   copy:
     src: nextcloud.conf
     dest: /etc/apache2/sites-available/nextcloud.conf
+  notify: "restart apache2"
 
-- name: provide htaccess file
+- name: provide kerberos SSO config
   copy:
-    src: htaccess
-    dest: /var/www/html/.htaccess
-
-- name: enable https
-  command: a2ensite default-ssl.conf
-  args:
-    creates: /etc/apache2/sites-enabled/default-ssl.conf
+    src: krb5-nextcloud.conf
+    dest: /etc/apache2/sites-available/krb5-nextcloud.conf
+  when: "'kerberize' in role_names"
   notify: "restart apache2"
 
 - name: enable nextcloud site
@@ -93,6 +90,19 @@
     creates: /etc/apache2/sites-enabled/nextcloud.conf
   notify: "restart apache2"
 
+- name: enable kerberos access to nextcloud site
+  command: a2ensite krb5-nextcloud.conf
+  args:
+    creates: /etc/apache2/sites-enabled/krb5-nextcloud.conf
+  notify: "restart apache2"
+  when: "'kerberize' in role_names"
+
+- name: enable https
+  command: a2ensite default-ssl.conf
+  args:
+    creates: /etc/apache2/sites-enabled/default-ssl.conf
+  notify: "restart apache2"
+
 - name: make sure data directory exists
   file:
     path: "{{ data_dir }}"

From 0f9e8d212412a8b4c74fc9756ca352aef645e51b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 16 Jan 2020 18:56:32 +0100
Subject: [PATCH 074/504] Implement nextcloudcron systemd timer.

---
 roles/nextcloud/files/nextcloudcron.service |  6 +++++
 roles/nextcloud/files/nextcloudcron.timer   | 10 +++++++++
 roles/nextcloud/handlers/main.yml           |  7 ++++++
 roles/nextcloud/tasks/main.yml              | 25 +++++++++++++++++++++
 4 files changed, 48 insertions(+)
 create mode 100644 roles/nextcloud/files/nextcloudcron.service
 create mode 100644 roles/nextcloud/files/nextcloudcron.timer

diff --git a/roles/nextcloud/files/nextcloudcron.service b/roles/nextcloud/files/nextcloudcron.service
new file mode 100644
index 0000000..79f01dc
--- /dev/null
+++ b/roles/nextcloud/files/nextcloudcron.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Nextcloud cron.php job
+
+[Service]
+User=www-data
+ExecStart=/usr/bin/php -f /var/www/nextcloud/cron.php
diff --git a/roles/nextcloud/files/nextcloudcron.timer b/roles/nextcloud/files/nextcloudcron.timer
new file mode 100644
index 0000000..eda82c9
--- /dev/null
+++ b/roles/nextcloud/files/nextcloudcron.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Run Nextcloud cron.php every 5 minutes
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=5min
+Unit=nextcloudcron.service
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/nextcloud/handlers/main.yml b/roles/nextcloud/handlers/main.yml
index 9d2f7c6..17822fa 100644
--- a/roles/nextcloud/handlers/main.yml
+++ b/roles/nextcloud/handlers/main.yml
@@ -9,3 +9,10 @@
     name: php{{ php_ver.stdout }}-fpm
     state: restarted
   listen: "restart php-fpm"
+
+- name: enable nextcloudcron.service and .timer
+  systemd:
+    name: nextcloudcron.timer
+    state: started
+    enabled: True
+  listen: "enable nextcloudcron.service"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 3ac9c2e..3f3649c 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -199,3 +199,28 @@
     chdir: "{{ nc_dir }}"
     warn: False
   when: not notes.stat.exists
+
+## nextcloudcron
+- name: provide nextcloudcron.service and .timer
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+  with_items:
+    - nextcloudcron.service
+    - nextcloudcron.timer
+  register: nextcloudcron
+  notify: "enable nextcloudcron.service"
+
+- name: switch to systemd timer
+  command: sudo -u www-data php ./occ background:cron
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: nextcloudcron.changed
+
+
+## ToDo kerberox integration:
+# sudo -u www-data php ./occ app:enable user_ldap
+# sudo -u www-data php ./occ app:install user_saml
+
+# sudo -u www-data php ./occ ldap

From ee86d488bd9c9efa68332ac23ece50d842bf1a4e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 Jan 2020 14:31:25 +0100
Subject: [PATCH 075/504] Experimental systemd-networkd.

---
 roles/systemd-networkd/handlers/main.yml | 16 ++++++++-------
 roles/systemd-networkd/tasks/main.yml    | 25 ++++++++++++++++--------
 2 files changed, 26 insertions(+), 15 deletions(-)

diff --git a/roles/systemd-networkd/handlers/main.yml b/roles/systemd-networkd/handlers/main.yml
index 8d3068c..eaf56fa 100644
--- a/roles/systemd-networkd/handlers/main.yml
+++ b/roles/systemd-networkd/handlers/main.yml
@@ -2,12 +2,14 @@
   systemd:
     name: systemd-networkd
     enabled: yes
+    state: restarted
     daemon_reload: yes
-  listen: "enable systemd-networkd"
+  listen: "start and enable systemd-networkd"
 
-- name: enable systemd-resolved
-  systemd:
-    name: systemd-resolved
-    enabled: yes
-    daemon_reload: yes
-  listen: "enable systemd-resolved"
+- name: use systemd-resolved
+  file:
+    src: /run/systemd/resolve/stub-resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: Yes
+  listen: "use systemd-resolved"
diff --git a/roles/systemd-networkd/tasks/main.yml b/roles/systemd-networkd/tasks/main.yml
index 28426e6..f863fa0 100644
--- a/roles/systemd-networkd/tasks/main.yml
+++ b/roles/systemd-networkd/tasks/main.yml
@@ -1,8 +1,16 @@
+- name: check if /etc/network/interfaces is still there
+  stat: path=/etc/network/interfaces
+  register: interfaces
+
+- name: move /etc/network/interfaces away
+  command: mv /etc/network/interfaces /etc/network/interfaces_disabled
+  when: interfaces.stat.exists
+
 - name: install dynamic configuration for networkd
   copy:
     src: 10-dhcp.network
     dest: /etc/systemd/network/10-dhcp.network
-  notify: "enable systemd-networkd"
+  notify: "start and enable systemd-networkd"
 
 #- name: install static configuration for networkd
 #  template:
@@ -10,10 +18,11 @@
 #    dest: /etc/systemd/network/20-static.network
 #  notify: "enable systemd-networkd"
 
-- name: prepare systemd-resolved
-  file:
-    src: /run/systemd/resolve/resolv.conf
-    dest: /etc/resolv.conf
-    state: link
-    force: yes
-  notify: "enable systemd-resolved"
+- name: enable systemd-resolved
+  systemd:
+    name: systemd-resolved
+    enabled: yes
+    state: started
+  notify: "use systemd-resolved"
+
+- meta: flush_handlers

From 6d33f49fad6d90b5536fffaa0aab288e5cf13f84 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 Jan 2020 14:37:52 +0100
Subject: [PATCH 076/504] Minor fixes and improvements.

---
 README                               | 1 +
 cloudbox.yml                         | 9 +++++----
 roles/nextcloud/files/nextcloud.conf | 3 ++-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/README b/README
index 490c984..f6f1dbb 100644
--- a/README
+++ b/README
@@ -27,6 +27,7 @@ offers ansible playbooks and instructions for the following machines:
  • cloudbox:  nextcloud server in the basement
      - setup of a home cloud server
      - dynamic DNS name
+     - nextcloud
      - …
 
 Contributions like patches, suggestions, pull requests and/or further
diff --git a/cloudbox.yml b/cloudbox.yml
index 6580f35..1462cf3 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -12,9 +12,10 @@
     DNS: "192.168.2.1"
     ddns_domain: "something.ddnss.de"
     ddns_updkey: "138638.some.key.here.635620"
+    ansible_python_interpreter: "/usr/bin/python3"
+
   roles:
     - up2date-debian
-    - systemd-networkd
-    - web-server
-    - ddns-update
-    - low-power
+#    - ddns-update
+#    - low-power
+    - nextcloud
diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
index 635f7ee..17ee2ac 100644
--- a/roles/nextcloud/files/nextcloud.conf
+++ b/roles/nextcloud/files/nextcloud.conf
@@ -4,6 +4,7 @@ Alias /nextcloud "/var/www/nextcloud"
   Require all granted
   Options FollowSymlinks MultiViews
   AllowOverride All
+  Satisfy Any
 
   <IfModule mod_dav.c>
     Dav off
@@ -21,7 +22,7 @@ Alias /nextcloud "/var/www/nextcloud"
     RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
     RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
     RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
-  </IfModule> 
+  </IfModule>
 </Directory>
 
 <IfModule mod_headers.c>

From 31be0f1fc7b77e3acb7c4541214f39d82bfc350b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 Jan 2020 14:39:25 +0100
Subject: [PATCH 077/504] Only enable https if not available already.

---
 roles/nextcloud/tasks/main.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 3f3649c..0835562 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -98,10 +98,13 @@
   when: "'kerberize' in role_names"
 
 - name: enable https
-  command: a2ensite default-ssl.conf
+  shell: 'grep -q "VirtualHost .*:443" * || a2ensite default-ssl.conf'
   args:
-    creates: /etc/apache2/sites-enabled/default-ssl.conf
+    chdir: /etc/apache2/sites-enabled/
+    creates: default-ssl.conf
   notify: "restart apache2"
+  register: cmd_result
+  changed_when: cmd_result.stdout != '' and cmd_result.stdout is not search('skipped')
 
 - name: make sure data directory exists
   file:
@@ -109,7 +112,6 @@
     state: directory
     owner: www-data
     group: www-data
-    recurse: Yes
 
 
 ## install nextcloud:

From 0a32f99552e004b340e39fbd82522c6fc35d718d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 Jan 2020 14:42:26 +0100
Subject: [PATCH 078/504] App installation and updater.

---
 roles/nextcloud/tasks/main.yml | 45 ++++++++++++++++------------------
 1 file changed, 21 insertions(+), 24 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 0835562..cbe40c4 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -178,30 +178,6 @@
     warn: False
   when: not nextcloud.stat.exists
 
-
-## app installations:
-- name: check if calendar app is installed
-  stat: path="{{ nc_dir }}/apps/calendar"
-  register: calendar
-
-- name: install calendar app
-  command: sudo -u www-data php ./occ app:install calendar
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  when: not calendar.stat.exists
-
-- name: check if notes app is installed
-  stat: path="{{ nc_dir }}/apps/notes"
-  register: notes
-
-- name: install notes app
-  command: sudo -u www-data php ./occ app:install notes
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  when: not notes.stat.exists
-
 ## nextcloudcron
 - name: provide nextcloudcron.service and .timer
   copy:
@@ -220,6 +196,27 @@
     warn: False
   when: nextcloudcron.changed
 
+- name: check/run upgrade
+  command: sudo -u www-data php updater.phar --no-interaction
+  args:
+    chdir: "{{ nc_dir }}/updater"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('Nothing to do.')
+
+### app installations:
+- name: install extra apps
+  command: "sudo -u www-data php ./occ app:install {{ item }}"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  with_items:
+    - calendar
+    - notes
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('already installed')
+  failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
+
 
 ## ToDo kerberox integration:
 # sudo -u www-data php ./occ app:enable user_ldap

From 985cc477b56b642bfc426c1d23a6e0e878fb02d9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 19 Jan 2020 18:47:12 +0100
Subject: [PATCH 079/504] Minor fixes and cleanup nextcloud role.

---
 host_vars/blackbox.yml            |  1 +
 host_vars/bluebox.yml             |  1 +
 roles/nextcloud/defaults/main.yml |  1 +
 roles/nextcloud/handlers/main.yml |  2 +-
 roles/nextcloud/tasks/main.yml    | 40 ++++++++++++++++++-------------
 5 files changed, 28 insertions(+), 17 deletions(-)
 create mode 100644 host_vars/blackbox.yml
 create mode 100644 host_vars/bluebox.yml

diff --git a/host_vars/blackbox.yml b/host_vars/blackbox.yml
new file mode 100644
index 0000000..3fff54c
--- /dev/null
+++ b/host_vars/blackbox.yml
@@ -0,0 +1 @@
+allow_download: True
diff --git a/host_vars/bluebox.yml b/host_vars/bluebox.yml
new file mode 100644
index 0000000..3fff54c
--- /dev/null
+++ b/host_vars/bluebox.yml
@@ -0,0 +1 @@
+allow_download: True
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index 4b8122f..f55220f 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -4,3 +4,4 @@ nc_admin_pwd_file: "/root/nc-admin.pwd"
 www_root: "/var/www"
 nc_dir: "{{ www_root }}/nextcloud"
 data_dir: "/var/nc-data"
+allow_download: False
diff --git a/roles/nextcloud/handlers/main.yml b/roles/nextcloud/handlers/main.yml
index 17822fa..f514172 100644
--- a/roles/nextcloud/handlers/main.yml
+++ b/roles/nextcloud/handlers/main.yml
@@ -15,4 +15,4 @@
     name: nextcloudcron.timer
     state: started
     enabled: True
-  listen: "enable nextcloudcron.service"
+  listen: "enable nextcloudcron.timer"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index cbe40c4..1ed27f1 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -1,4 +1,24 @@
-## Install and configure nextcloud
+## Install and configure nextcloud.
+
+- name: check if we are installing
+  stat: path="{{ nc_dir }}"
+  register: nextcloud
+
+- name: check for nextcloud archive
+  local_action: stat path=nextcloud.tar.bz2
+  become: No
+  register: nc_archive
+  when: not nextcloud.stat.exists
+
+- name: stop if nextcloud archive is unavailable
+  fail:
+    msg: >
+      The nextcloud archive nextcloud.tar.bz2 is not available.
+      Download the latest stable release from 'nextcloud.com',
+      check the signature, rename it and copy it next to 'cloudbox.yml'.
+  when: not nextcloud.stat.exists and not nc_archive.stat.exists
+
+## We can start with the installation now:
 
 - name: install apache, php- and db-packages
   apt:
@@ -113,12 +133,7 @@
     owner: www-data
     group: www-data
 
-
 ## install nextcloud:
-- name: check if we are installing
-  stat: path="{{ nc_dir }}"
-  register: nextcloud
-
 - name: create database with name 'nextcloud'
   mysql_db:
     login_unix_socket: /var/run/mysqld/mysqld.sock
@@ -186,15 +201,7 @@
   with_items:
     - nextcloudcron.service
     - nextcloudcron.timer
-  register: nextcloudcron
-  notify: "enable nextcloudcron.service"
-
-- name: switch to systemd timer
-  command: sudo -u www-data php ./occ background:cron
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  when: nextcloudcron.changed
+  notify: "enable nextcloudcron.timer"
 
 - name: check/run upgrade
   command: sudo -u www-data php updater.phar --no-interaction
@@ -203,6 +210,7 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
+  when: allow_download
 
 ### app installations:
 - name: install extra apps
@@ -216,7 +224,7 @@
   register: cmd_result
   changed_when: cmd_result.stdout is not search('already installed')
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
-
+  when: allow_download
 
 ## ToDo kerberox integration:
 # sudo -u www-data php ./occ app:enable user_ldap

From 004919824c477823a103203cfc6ca3b41f17753b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 19 Jan 2020 18:51:58 +0100
Subject: [PATCH 080/504] Implement borg backup role.

---
 README                            | 17 ++++++++++++
 cloudbox.yml                      |  9 +++++--
 roles/backup/defaults/main.yml    |  8 ++++++
 roles/backup/files/backup.service |  6 +++++
 roles/backup/files/backup.timer   | 10 +++++++
 roles/backup/handlers/main.yml    |  6 +++++
 roles/backup/tasks/main.yml       | 32 +++++++++++++++++++++++
 roles/backup/templates/backup     | 43 +++++++++++++++++++++++++++++++
 8 files changed, 129 insertions(+), 2 deletions(-)
 create mode 100644 roles/backup/defaults/main.yml
 create mode 100644 roles/backup/files/backup.service
 create mode 100644 roles/backup/files/backup.timer
 create mode 100644 roles/backup/handlers/main.yml
 create mode 100644 roles/backup/tasks/main.yml
 create mode 100755 roles/backup/templates/backup

diff --git a/README b/README
index f6f1dbb..52a83b0 100644
--- a/README
+++ b/README
@@ -88,3 +88,20 @@ Kiosk
  • run ansible:
      ssh-copy-id ansible@1.2.3.4
      ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+
+Cloudbox
+~~~~~~~~
+ • Debian installation:
+   - user 'ansible' in sudo group
+
+ • check/customize cloudbox.yml
+
+ • download latest nextcloud-*.*.*.tar.bz2 archive and place it as nextcloud.tar.bz2
+   in your debian-lan-ansible directory
+
+ • run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook cloudbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+
+ • use 'nc-admin' with password in '/root/nc-admin.pwd' to log into nextcloud.
+
diff --git a/cloudbox.yml b/cloudbox.yml
index 1462cf3..ae46714 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -2,9 +2,9 @@
 # This playbook deploys the cloudbox on a minimal installation.
 
 - name: apply configuration to the cloudbox
-  hosts: cloudboxes
+  hosts: all
   remote_user: ansible
-  become: yes
+  become: Yes
   vars:
     if_lan: "enp1s0"
     ipaddr: "192.168.2.50/24"
@@ -12,6 +12,10 @@
     DNS: "192.168.2.1"
     ddns_domain: "something.ddnss.de"
     ddns_updkey: "138638.some.key.here.635620"
+    backup_opts: "--exclude-caches -e '*/updater-*/' -e '*/preview/*' -e '*/files_trashbin/*'"
+    backup_dirs:
+      - "{{ nc_dir }}"
+      - "{{ data_dir }}"
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
@@ -19,3 +23,4 @@
 #    - ddns-update
 #    - low-power
     - nextcloud
+    - backup
diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
new file mode 100644
index 0000000..fd66655
--- /dev/null
+++ b/roles/backup/defaults/main.yml
@@ -0,0 +1,8 @@
+borg_pwd: "{{ lookup('password', '/tmp/borg.pwd length=24') }}"
+borg_pwd_file: "/root/borg.pwd"
+borg_key_backup: "/root/borg-key.backup"
+
+## alternative: "ssh://user@host:port/path/to/repo"
+backup_repo: "/var/backups/mnt/backup/borg"
+
+backup_opts: "--exclude-caches"
diff --git a/roles/backup/files/backup.service b/roles/backup/files/backup.service
new file mode 100644
index 0000000..6f653c2
--- /dev/null
+++ b/roles/backup/files/backup.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Run backup script
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/backup
diff --git a/roles/backup/files/backup.timer b/roles/backup/files/backup.timer
new file mode 100644
index 0000000..866729d
--- /dev/null
+++ b/roles/backup/files/backup.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Run backup script daily
+
+[Timer]
+OnCalendar=*-*-* 4:00:00
+Persistent=true
+AccuracySec=15min
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/backup/handlers/main.yml b/roles/backup/handlers/main.yml
new file mode 100644
index 0000000..43950ec
--- /dev/null
+++ b/roles/backup/handlers/main.yml
@@ -0,0 +1,6 @@
+- name: enable backup.service and .timer
+  systemd:
+    name: backup.timer
+    state: started
+    enabled: True
+  listen: "enable backup.timer"
diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml
new file mode 100644
index 0000000..5cbd241
--- /dev/null
+++ b/roles/backup/tasks/main.yml
@@ -0,0 +1,32 @@
+- name: install borg
+  apt:
+    name: borgbackup
+    state: latest
+
+- name: check if borg password is available
+  stat: path="{{ borg_pwd_file }}"
+  register: borg
+
+- name: dump borg password
+  shell: echo -n "{{ borg_pwd }}" > "{{ borg_pwd_file }}" ; chmod 0600 "{{ borg_pwd_file }}"
+  no_log: True
+  when: not borg.stat.exists
+
+- name: provide backup script
+  template:
+    src: "backup"
+    dest: "/usr/local/bin/backup"
+    mode: "0750"
+
+- name: provide backup.service and .timer
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+  with_items:
+    - backup.service
+    - backup.timer
+  notify: "enable backup.timer"
+
+- name: run first backup
+  command: /usr/local/bin/backup
+  when: not borg.stat.exists
diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
new file mode 100755
index 0000000..9c03514
--- /dev/null
+++ b/roles/backup/templates/backup
@@ -0,0 +1,43 @@
+#!/bin/bash
+set -eu
+
+REPOSITORY="{{ backup_repo }}"
+BACKUP=({{ backup_dirs|join(' ') }})
+EXTRAOPTIONS=({{ backup_opts }})
+export BORG_PASSCOMMAND="cat {{ borg_pwd_file }}"
+MOUNTED=""
+
+MNT="$(echo "$REPOSITORY" | sed "s|\(^.*/mnt\).*|\1|")"
+if grep -q "$MNT" /etc/fstab ; then
+    [ -d "$REPOSITORY" ] || mount -v "$MNT" && MOUNTED="TRUE"
+fi
+
+if [ ! -d "$REPOSITORY" ] ; then
+    mkdir -vp --mode=0750 "$REPOSITORY"
+    borg init --encryption=repokey "$REPOSITORY"
+    borg key export "$REPOSITORY" "{{ borg_key_backup }}"
+fi
+
+if [ -e "{{ nc_dir }}/config/config.php" ] ; then
+    NCDB="{{ data_dir }}/nextcloud-database.dump"
+    sudo -u www-data /usr/bin/php {{ nc_dir }}/occ maintenance:mode --on
+    PW="$(grep dbpassword {{ nc_dir }}/config/config.php | \
+                   sed -e "s/\W*'dbpassword' => '//" -e "s/',$//")"
+
+    echo -n "Dumping data base into '$NCDB' … "
+    mysqldump --single-transaction -h localhost -u nextcloud -p"$PW" nextcloud > "$NCDB"
+    chmod 600 "$NCDB"
+    echo  "done."
+fi
+
+ARCHIVE="$(date +%Y-%m-%d-%H:%M)"
+echo "Backup ${BACKUP[@]} to $REPOSITORY."
+borg create -v "${EXTRAOPTIONS[@]}" "$REPOSITORY::$ARCHIVE" "${BACKUP[@]}"
+
+if [ -e "{{ nc_dir }}/config/config.php" ] ; then
+    sudo -u www-data /usr/bin/php {{ nc_dir }}/occ maintenance:mode --off
+fi
+
+if [ "$MOUNTED" = "TRUE" ] ; then
+    umount -v "$MNT"
+fi

From 8a821f501da2e70c9e91a4a974fe23f1ace73af3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 20 Jan 2020 19:01:49 +0100
Subject: [PATCH 081/504] Move list of apps to playbook variable.

---
 cloudbox.yml                   | 3 +++
 roles/nextcloud/tasks/main.yml | 4 +---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index ae46714..27fe60f 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -12,6 +12,9 @@
     DNS: "192.168.2.1"
     ddns_domain: "something.ddnss.de"
     ddns_updkey: "138638.some.key.here.635620"
+    nc_apps:
+      - calendar
+      - notes
     backup_opts: "--exclude-caches -e '*/updater-*/' -e '*/preview/*' -e '*/files_trashbin/*'"
     backup_dirs:
       - "{{ nc_dir }}"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 1ed27f1..8dfd682 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -218,9 +218,7 @@
   args:
     chdir: "{{ nc_dir }}"
     warn: False
-  with_items:
-    - calendar
-    - notes
+  with_items: "{{ nc_apps }}"
   register: cmd_result
   changed_when: cmd_result.stdout is not search('already installed')
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0

From 23766673bef50cf03fc3347ffd29d680e36c4454 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 20 Jan 2020 19:32:00 +0100
Subject: [PATCH 082/504] Add host-specific variables for backup dirs and
 options.

---
 cloudbox.yml                   | 1 +
 host_vars/blackbox.yml         | 3 +++
 roles/backup/defaults/main.yml | 3 +++
 roles/backup/templates/backup  | 4 ++--
 4 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index 27fe60f..9fcfeb7 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -17,6 +17,7 @@
       - notes
     backup_opts: "--exclude-caches -e '*/updater-*/' -e '*/preview/*' -e '*/files_trashbin/*'"
     backup_dirs:
+      - "/etc"
       - "{{ nc_dir }}"
       - "{{ data_dir }}"
     ansible_python_interpreter: "/usr/bin/python3"
diff --git a/host_vars/blackbox.yml b/host_vars/blackbox.yml
index 3fff54c..7e2e4aa 100644
--- a/host_vars/blackbox.yml
+++ b/host_vars/blackbox.yml
@@ -1 +1,4 @@
 allow_download: True
+backup_dirs_extra:
+  - /home
+backup_opts_extra: ""
diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
index fd66655..63b110b 100644
--- a/roles/backup/defaults/main.yml
+++ b/roles/backup/defaults/main.yml
@@ -5,4 +5,7 @@ borg_key_backup: "/root/borg-key.backup"
 ## alternative: "ssh://user@host:port/path/to/repo"
 backup_repo: "/var/backups/mnt/backup/borg"
 
+backup_dirs_extra: ""
+
 backup_opts: "--exclude-caches"
+backup_opts_extra: ""
diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
index 9c03514..11c75c1 100755
--- a/roles/backup/templates/backup
+++ b/roles/backup/templates/backup
@@ -2,8 +2,8 @@
 set -eu
 
 REPOSITORY="{{ backup_repo }}"
-BACKUP=({{ backup_dirs|join(' ') }})
-EXTRAOPTIONS=({{ backup_opts }})
+BACKUP=({{ backup_dirs|join(' ') }} {{ backup_dirs_extra|join(' ') }})
+EXTRAOPTIONS=({{ backup_opts }} {{ backup_opts_extra }})
 export BORG_PASSCOMMAND="cat {{ borg_pwd_file }}"
 MOUNTED=""
 

From e1766a7cfd60f8e20ce1bca84256545718766438 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 21 Jan 2020 16:41:57 +0100
Subject: [PATCH 083/504] Prune backups automatically over time.

---
 roles/backup/templates/backup | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
index 11c75c1..b20e97c 100755
--- a/roles/backup/templates/backup
+++ b/roles/backup/templates/backup
@@ -1,21 +1,23 @@
 #!/bin/bash
 set -eu
 
-REPOSITORY="{{ backup_repo }}"
 BACKUP=({{ backup_dirs|join(' ') }} {{ backup_dirs_extra|join(' ') }})
-EXTRAOPTIONS=({{ backup_opts }} {{ backup_opts_extra }})
+OPTIONS=({{ backup_opts }} {{ backup_opts_extra }})
+
+export BORG_REPO="{{ backup_repo }}"
 export BORG_PASSCOMMAND="cat {{ borg_pwd_file }}"
+
 MOUNTED=""
 
-MNT="$(echo "$REPOSITORY" | sed "s|\(^.*/mnt\).*|\1|")"
+MNT="$(echo "$BORG_REPO" | sed "s|\(^.*/mnt\).*|\1|")"
 if grep -q "$MNT" /etc/fstab ; then
-    [ -d "$REPOSITORY" ] || mount -v "$MNT" && MOUNTED="TRUE"
+    [ -d "$BORG_REPO" ] || mount -v "$MNT" && MOUNTED="TRUE"
 fi
 
-if [ ! -d "$REPOSITORY" ] ; then
-    mkdir -vp --mode=0750 "$REPOSITORY"
-    borg init --encryption=repokey "$REPOSITORY"
-    borg key export "$REPOSITORY" "{{ borg_key_backup }}"
+if [ ! -d "$BORG_REPO" ] ; then
+    mkdir -vp --mode=0750 "$BORG_REPO"
+    borg init --encryption=repokey
+    borg key export "{{ borg_key_backup }}"
 fi
 
 if [ -e "{{ nc_dir }}/config/config.php" ] ; then
@@ -30,9 +32,14 @@ if [ -e "{{ nc_dir }}/config/config.php" ] ; then
     echo  "done."
 fi
 
-ARCHIVE="$(date +%Y-%m-%d-%H:%M)"
-echo "Backup ${BACKUP[@]} to $REPOSITORY."
-borg create -v "${EXTRAOPTIONS[@]}" "$REPOSITORY::$ARCHIVE" "${BACKUP[@]}"
+echo "Backup ${BACKUP[@]} to $BORG_REPO."
+borg create -v --show-rc "${OPTIONS[@]}" ::'{hostname}-{now}' "${BACKUP[@]}"
+
+borg prune -v --list --prefix='{hostname}-' --show-rc \
+     --keep-daily   14 \
+     --keep-weekly   8 \
+     --keep-monthly  6 \
+     --keep-yearly  10
 
 if [ -e "{{ nc_dir }}/config/config.php" ] ; then
     sudo -u www-data /usr/bin/php {{ nc_dir }}/occ maintenance:mode --off

From 29fb8f9420138d2ce31513fb6ea2e90626f1c124 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 21 Jan 2020 20:50:18 +0100
Subject: [PATCH 084/504] Move extra_pkgs*-handling to the up2date-debian role.

---
 roles/kiosk/tasks/main.yml             | 14 --------------
 roles/lan-client/tasks/main.yml        | 14 --------------
 roles/up2date-debian/defaults/main.yml |  2 ++
 roles/up2date-debian/tasks/main.yml    | 20 ++++++++++++++++++++
 4 files changed, 22 insertions(+), 28 deletions(-)
 create mode 100644 roles/up2date-debian/defaults/main.yml

diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index 93aaea8..60ab55e 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -1,17 +1,3 @@
-- name: install extra packages from stable
-  apt: name={{ extra_pkgs }} state=latest
-
-- name: add {{ ansible_distribution_release }}-backports
-  apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
-    state: present
-    update_cache: yes
-  when: extra_pkgs_bpo|length
-
-- name: install extra packages from backports
-  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ ansible_distribution_release }}-backports
-  when: extra_pkgs_bpo|length
-
 ## Check which display manager is used:
 - name: check if gdm3 is installed
   stat: path=/etc/gdm3/daemon.conf
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index 24bfacc..9b793a3 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -52,20 +52,6 @@
 
 ## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
 
-- name: install extra packages from stable
-  apt: name={{ extra_pkgs }} state=latest
-
-- name: add {{ ansible_distribution_release }}-backports
-  apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
-    state: present
-    update_cache: yes
-  when: extra_pkgs_bpo|length
-
-- name: install extra packages from backports
-  apt: name={{ extra_pkgs_bpo }} state=latest default_release={{ ansible_distribution_release }}-backports
-  when: extra_pkgs_bpo|length
-
 - name: provide identities from directory
   template:
     src: sssd.conf.j2
diff --git a/roles/up2date-debian/defaults/main.yml b/roles/up2date-debian/defaults/main.yml
new file mode 100644
index 0000000..97d8c9b
--- /dev/null
+++ b/roles/up2date-debian/defaults/main.yml
@@ -0,0 +1,2 @@
+extra_pkgs: ""
+extra_pkgs_bpo: ""
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date-debian/tasks/main.yml
index 8cb8dcc..cd11949 100644
--- a/roles/up2date-debian/tasks/main.yml
+++ b/roles/up2date-debian/tasks/main.yml
@@ -15,3 +15,23 @@
   apt:
     name: etckeeper
     state: latest
+
+- name: install extra packages from stable
+  apt:
+    name: "{{ extra_pkgs }}"
+    state: latest
+  when: extra_pkgs|length
+
+- name: add {{ ansible_distribution_release }}-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
+    state: present
+    update_cache: yes
+  when: extra_pkgs_bpo|length
+
+- name: install extra packages from backports
+  apt:
+    name: "{{ extra_pkgs_bpo }}"
+    state: latest
+    default_release: "{{ ansible_distribution_release }}-backports"
+  when: extra_pkgs_bpo|length

From 456f5c9870af908b1b3fa9c36b7d0c507384e51a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 23 Jan 2020 16:01:15 +0100
Subject: [PATCH 085/504] Integrate firewalld, minor fixes/improvements.

---
 roles/backup/defaults/main.yml |  2 +-
 roles/backup/templates/backup  |  3 ++-
 roles/nextcloud/tasks/main.yml | 14 ++++++++++++--
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
index 63b110b..172d822 100644
--- a/roles/backup/defaults/main.yml
+++ b/roles/backup/defaults/main.yml
@@ -1,4 +1,4 @@
-borg_pwd: "{{ lookup('password', '/tmp/borg.pwd length=24') }}"
+borg_pwd: "{{ lookup('password', '/tmp/borg.pwd length=32') }}"
 borg_pwd_file: "/root/borg.pwd"
 borg_key_backup: "/root/borg-key.backup"
 
diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
index b20e97c..4d5c6e7 100755
--- a/roles/backup/templates/backup
+++ b/roles/backup/templates/backup
@@ -6,6 +6,7 @@ OPTIONS=({{ backup_opts }} {{ backup_opts_extra }})
 
 export BORG_REPO="{{ backup_repo }}"
 export BORG_PASSCOMMAND="cat {{ borg_pwd_file }}"
+KEY_BACKUP="{{ borg_key_backup }}"
 
 MOUNTED=""
 
@@ -17,7 +18,7 @@ fi
 if [ ! -d "$BORG_REPO" ] ; then
     mkdir -vp --mode=0750 "$BORG_REPO"
     borg init --encryption=repokey
-    borg key export "{{ borg_key_backup }}"
+    borg key export "$BORG_REPO" "$KEY_BACKUP"
 fi
 
 if [ -e "{{ nc_dir }}/config/config.php" ] ; then
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 8dfd682..a8f0747 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -20,10 +20,11 @@
 
 ## We can start with the installation now:
 
-- name: install apache, php- and db-packages
+- name: install apache, firewalld, php- and db-packages
   apt:
     name:
       - apache2
+      - firewalld
       - mariadb-server
       - python3-pymysql
       - php-apcu
@@ -38,6 +39,7 @@
       - php-mysql
       - php-xml
       - php-zip
+      - unzip
     state: latest
 
 - name: disable apache modules
@@ -212,7 +214,7 @@
   changed_when: cmd_result.stdout is not search('Nothing to do.')
   when: allow_download
 
-### app installations:
+## app installations:
 - name: install extra apps
   command: "sudo -u www-data php ./occ app:install {{ item }}"
   args:
@@ -224,6 +226,14 @@
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
   when: allow_download
 
+- name: allow https in firewalld
+  firewalld:
+    service: https
+    permanent: Yes
+    immediate: Yes
+    state: enabled
+
+
 ## ToDo kerberox integration:
 # sudo -u www-data php ./occ app:enable user_ldap
 # sudo -u www-data php ./occ app:install user_saml

From 8c72a4bec7be68c020ac1342276eb9592f026d35 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 24 Jan 2020 19:55:36 +0100
Subject: [PATCH 086/504] Implement direct download during installation.

---
 cloudbox.yml                   |  4 ++++
 roles/nextcloud/tasks/main.yml | 34 +++++++++++++++++++++++++++++++---
 2 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index 9fcfeb7..16d8bfe 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -12,6 +12,10 @@
     DNS: "192.168.2.1"
     ddns_domain: "something.ddnss.de"
     ddns_updkey: "138638.some.key.here.635620"
+    ## 'nc_download' and 'nc_checksum' are only
+    ## used for ansible-pull during installation:
+    nc_download: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
+    nc_checksum: "sha256:194095a5586d84040bc455f77b8aa6c80f9a6a6dd713c9aebdad046713d4267b"
     nc_apps:
       - calendar
       - notes
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index a8f0747..b247284 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -16,7 +16,9 @@
       The nextcloud archive nextcloud.tar.bz2 is not available.
       Download the latest stable release from 'nextcloud.com',
       check the signature, rename it and copy it next to 'cloudbox.yml'.
-  when: not nextcloud.stat.exists and not nc_archive.stat.exists
+  when: >
+    not nextcloud.stat.exists and not nc_archive.stat.exists and
+    not run_in_installer|default(false)|bool
 
 ## We can start with the installation now:
 
@@ -136,6 +138,10 @@
     group: www-data
 
 ## install nextcloud:
+- name: start mariadb during installation
+  command: /etc/init.d/mysql start
+  when: run_in_installer|default(false)|bool
+
 - name: create database with name 'nextcloud'
   mysql_db:
     login_unix_socket: /var/run/mysqld/mysqld.sock
@@ -152,13 +158,29 @@
     state: present
   when: not nextcloud.stat.exists
 
-- name: unpack nextcloud archive
+- name: download nextcloud archive
+  get_url:
+    url: "{{ nc_download }}"
+    dest: /tmp/nextcloud.tar.bz2
+    checksum: "{{ nc_checksum }}"
+  when: run_in_installer|default(false)|bool
+
+- name: unpack downloaded nextcloud archive
+  unarchive:
+    src: /tmp/nextcloud.tar.bz2
+    dest: "{{ www_root }}"
+    owner: www-data
+    group: www-data
+    remote_src: Yes
+  when: not nextcloud.stat.exists and run_in_installer|default(false)|bool
+
+- name: unpack provided nextcloud archive
   unarchive:
     src: nextcloud.tar.bz2
     dest: "{{ www_root }}"
     owner: www-data
     group: www-data
-  when: not nextcloud.stat.exists
+  when: not nextcloud.stat.exists and not run_in_installer|default(false)|bool
 
 - name: initialize nextcloud
   command:
@@ -232,6 +254,12 @@
     permanent: Yes
     immediate: Yes
     state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: allow https in firewalld, offline
+  command: "firewall-offline-cmd --add-service=https"
+  when: run_in_installer|default(false)|bool
+
 
 
 ## ToDo kerberox integration:

From f1008d778f1e5ae109d8550581fe9d05e6394b9b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jan 2020 10:37:29 +0100
Subject: [PATCH 087/504] Prepare database after (succussful) download only.

---
 roles/nextcloud/tasks/main.yml | 40 +++++++++++++++++-----------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index b247284..4210376 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -138,26 +138,6 @@
     group: www-data
 
 ## install nextcloud:
-- name: start mariadb during installation
-  command: /etc/init.d/mysql start
-  when: run_in_installer|default(false)|bool
-
-- name: create database with name 'nextcloud'
-  mysql_db:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: nextcloud
-    state: present
-  when: not nextcloud.stat.exists
-
-- name: create database user 'nextcloud'
-  mysql_user:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: nextcloud
-    password: "{{ db_nextcloud_pwd }}"
-    priv: 'nextcloud.*:ALL'
-    state: present
-  when: not nextcloud.stat.exists
-
 - name: download nextcloud archive
   get_url:
     url: "{{ nc_download }}"
@@ -182,6 +162,26 @@
     group: www-data
   when: not nextcloud.stat.exists and not run_in_installer|default(false)|bool
 
+- name: start mariadb during installation
+  command: /etc/init.d/mysql start
+  when: run_in_installer|default(false)|bool
+
+- name: create database with name 'nextcloud'
+  mysql_db:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: nextcloud
+    state: present
+  when: not nextcloud.stat.exists
+
+- name: create database user 'nextcloud'
+  mysql_user:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: nextcloud
+    password: "{{ db_nextcloud_pwd }}"
+    priv: 'nextcloud.*:ALL'
+    state: present
+  when: not nextcloud.stat.exists
+
 - name: initialize nextcloud
   command:
     cmd: >

From 849045bfae276b33bb24b18b6c29da66a0d00eba Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jan 2020 11:27:29 +0100
Subject: [PATCH 088/504] Add app update task.

---
 roles/nextcloud/tasks/main.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 4210376..f58e812 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -236,7 +236,16 @@
   changed_when: cmd_result.stdout is not search('Nothing to do.')
   when: allow_download
 
-## app installations:
+## app updates and installations:
+- name: update apps
+  command: "sudo -u www-data php ./occ app:update --all"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout | length > 0
+  when: allow_download
+
 - name: install extra apps
   command: "sudo -u www-data php ./occ app:install {{ item }}"
   args:

From df0afe3b71679b9d3fd09c9f9eb74d96a7bd53d9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 25 Feb 2020 19:56:14 +0100
Subject: [PATCH 089/504] Add default NIC to public zone in firewalld.

---
 cloudbox.yml                   |  2 +-
 roles/nextcloud/tasks/main.yml | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index 16d8bfe..6e89cdd 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -15,7 +15,7 @@
     ## 'nc_download' and 'nc_checksum' are only
     ## used for ansible-pull during installation:
     nc_download: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
-    nc_checksum: "sha256:194095a5586d84040bc455f77b8aa6c80f9a6a6dd713c9aebdad046713d4267b"
+    nc_checksum: "sha256:770faf34b8f0d81273623daed4d64ec7919c38dfeb07328b613058addbed19c0"
     nc_apps:
       - calendar
       - notes
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index f58e812..ea46e31 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -257,8 +257,23 @@
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
   when: allow_download
 
+
+- name: add default NIC to public zone
+  firewalld:
+    interface: "{{ ansible_default_ipv4.interface }}"
+    zone: public
+    permanent: Yes
+    immediate: Yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: add default NIC to public zone, offline
+  command: "firewall-offline-cmd --add-interface={{ ansible_default_ipv4.interface }} --zone=public"
+  when: run_in_installer|default(false)|bool
+
 - name: allow https in firewalld
   firewalld:
+    zone: public
     service: https
     permanent: Yes
     immediate: Yes

From a6feab0e38ab2b9ca11b34ab7be53d6dbe2bb3d4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 29 Feb 2020 18:26:20 +0100
Subject: [PATCH 090/504] Minor improvements, nextcloud maintenance task.

---
 README                         |  1 +
 roles/nextcloud/tasks/main.yml | 15 ++++++++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/README b/README
index 52a83b0..00e8c24 100644
--- a/README
+++ b/README
@@ -28,6 +28,7 @@ offers ansible playbooks and instructions for the following machines:
      - setup of a home cloud server
      - dynamic DNS name
      - nextcloud
+     - backup with borg
      - …
 
 Contributions like patches, suggestions, pull requests and/or further
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index ea46e31..e620a54 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -234,7 +234,7 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
-  when: allow_download
+  when: allow_download|bool
 
 ## app updates and installations:
 - name: update apps
@@ -244,7 +244,7 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout | length > 0
-  when: allow_download
+  when: allow_download|bool
 
 - name: install extra apps
   command: "sudo -u www-data php ./occ app:install {{ item }}"
@@ -255,7 +255,16 @@
   register: cmd_result
   changed_when: cmd_result.stdout is not search('already installed')
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
-  when: allow_download
+  when: allow_download|bool or run_in_installer|default(false)|bool
+
+## nextcloud maintenance
+- name: add missing indices
+  command: "sudo -u www-data php ./occ db:add-missing-indices"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is search('table updated successfully')
 
 
 - name: add default NIC to public zone

From 4d70971359d34b29c553bac84775cecba5b46343 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 29 Feb 2020 20:28:57 +0100
Subject: [PATCH 091/504] Make sure generated password do not start with
 dashes.

---
 roles/backup/defaults/main.yml        | 2 +-
 roles/krb5-kdc-ldap/defaults/main.yml | 8 ++++----
 roles/ldap/defaults/main.yml          | 2 +-
 roles/nextcloud/defaults/main.yml     | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
index 172d822..9956676 100644
--- a/roles/backup/defaults/main.yml
+++ b/roles/backup/defaults/main.yml
@@ -1,4 +1,4 @@
-borg_pwd: "{{ lookup('password', '/tmp/borg.pwd length=32') }}"
+borg_pwd: "{{ lookup('password', '/tmp/borg.pwd chars=ascii_letters,digits length=32') }}"
 borg_pwd_file: "/root/borg.pwd"
 borg_key_backup: "/root/borg-key.backup"
 
diff --git a/roles/krb5-kdc-ldap/defaults/main.yml b/roles/krb5-kdc-ldap/defaults/main.yml
index 8e22f30..0aa00f0 100644
--- a/roles/krb5-kdc-ldap/defaults/main.yml
+++ b/roles/krb5-kdc-ldap/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-kdc_master_pwd: "{{ lookup('password', '/tmp/kdc_master.pwd length=24') }}"
+kdc_master_pwd: "{{ lookup('password', '/tmp/kdc_master.pwd chars=ascii_letters,digits length=32') }}"
 kdc_master_pwd_file: "/root/kdc-master.pwd"
 
-kdc_service_pwd: "{{ lookup('password', '/tmp/kdc-service.pwd length=24') }}"
-kadmin_service_pwd: "{{ lookup('password', '/tmp/kadmin-service.pwd length=24') }}"
+kdc_service_pwd: "{{ lookup('password', '/tmp/kdc-service.pwd chars=ascii_letters,digits length=32') }}"
+kadmin_service_pwd: "{{ lookup('password', '/tmp/kadmin-service.pwd chars=ascii_letters,digits length=32') }}"
 
-kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd length=24') }}"
+kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd chars=ascii_letters,digits length=32') }}"
 kadmin_pwd_file: "/root/kadmin.pwd"
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index 1400020..d383ca2 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -1,4 +1,4 @@
-ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd length=24') }}"
+ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd chars=ascii_letters,digits length=32') }}"
 ldap_admin_pwd_file: "/root/ldap-admin.pwd"
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 lan_homes:  /home/lan
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index f55220f..a4dfa67 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -1,5 +1,5 @@
-db_nextcloud_pwd: "{{ lookup('password', '/tmp/db-nextcloud.pwd length=24') }}"
-nc_admin_pwd: "{{ lookup('password', '/tmp/nc-admin.pwd length=24') }}"
+db_nextcloud_pwd: "{{ lookup('password', '/tmp/db-nextcloud.pwd chars=ascii_letters,digits length=32') }}"
+nc_admin_pwd: "{{ lookup('password', '/tmp/nc-admin.pwd chars=ascii_letters,digits length=32') }}"
 nc_admin_pwd_file: "/root/nc-admin.pwd"
 www_root: "/var/www"
 nc_dir: "{{ www_root }}/nextcloud"

From 3eae7e731a886b785004f5255da67d2e153a5cf3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 4 Mar 2020 18:23:13 +0100
Subject: [PATCH 092/504] Fix backup script for remote repositories.

---
 roles/backup/templates/backup | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
index 4d5c6e7..1cc3c5c 100755
--- a/roles/backup/templates/backup
+++ b/roles/backup/templates/backup
@@ -15,8 +15,8 @@ if grep -q "$MNT" /etc/fstab ; then
     [ -d "$BORG_REPO" ] || mount -v "$MNT" && MOUNTED="TRUE"
 fi
 
-if [ ! -d "$BORG_REPO" ] ; then
-    mkdir -vp --mode=0750 "$BORG_REPO"
+if [ ! -e "$KEY_BACKUP" ] ; then
+    [[ "$BORG_REPO" =~ @ ]] || mkdir -vp --mode=0750 "$BORG_REPO"
     borg init --encryption=repokey
     borg key export "$BORG_REPO" "$KEY_BACKUP"
 fi

From a5f7059df05eb2bb77d414b01601203e4a866c0f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 4 Mar 2020 18:25:21 +0100
Subject: [PATCH 093/504] Provide default variables for backup script.

---
 roles/backup/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
index 9956676..680efc2 100644
--- a/roles/backup/defaults/main.yml
+++ b/roles/backup/defaults/main.yml
@@ -9,3 +9,7 @@ backup_dirs_extra: ""
 
 backup_opts: "--exclude-caches"
 backup_opts_extra: ""
+
+www_root: "/var/www"
+nc_dir: "{{ www_root }}/nextcloud"
+data_dir: "/var/nc-data"

From a1751397459dc3bb6689dfe78cca76d48026d57c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 11 Mar 2020 19:46:30 +0100
Subject: [PATCH 094/504] Do not try to git clone from the installer chroot.

---
 roles/prepare4clients/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 484d170..706882f 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -138,9 +138,11 @@
     dest: "{{ repo_dir }}"
     update: no
   become_user: "ansible"
+  when: not run_in_installer|default(false)|bool
 
 - name: start git-repo
   template:
     src: git-repo.j2
     dest: "/etc/systemd/system/git-repo.service"
   notify: start git-repo
+  when: not run_in_installer|default(false)|bool

From 118e9ceac6f358b2eee4e0f3714c3f66f715deca Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 11 Mar 2020 20:43:09 +0100
Subject: [PATCH 095/504] Avoid line breaks when using xxd with long passwords.

---
 roles/krb5-kdc-ldap/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 13c9002..e89fd8c 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -127,12 +127,12 @@
     state: exact
 
 - name: prepare password for kdc
-  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
+  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
 - name: prepare password for kadmin
-  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} | xxd -g0 -ps | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
+  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 

From 0b00ac560c22c1bc377d94acac6e75790a890f02 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 12 Mar 2020 16:47:22 +0100
Subject: [PATCH 096/504] Add clients to server's inventory file.

---
 kerberox.yml                         | 1 +
 roles/prepare4clients/tasks/main.yml | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/kerberox.yml b/kerberox.yml
index 2335fcf..ce8bbed 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -17,6 +17,7 @@
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
     dhcp_range: 192.168.0.50,192.168.0.99,2h
+    in_inventory: 192.168.0.[50:99]
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 706882f..2dccbfa 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -146,3 +146,12 @@
     dest: "/etc/systemd/system/git-repo.service"
   notify: start git-repo
   when: not run_in_installer|default(false)|bool
+
+######################
+
+- name: add clients to inventory
+  blockinfile:
+    dest: /etc/ansible/hosts
+    block: |
+      [kerberox-client]
+      {{ in_inventory }}

From f0c65d3cce463eae3a80aa281ae3a98aa4c5fff7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 12 Mar 2020 16:48:54 +0100
Subject: [PATCH 097/504] Activate firewalld rules immediately.

---
 roles/apt-cacher/tasks/main.yml    | 1 +
 roles/krb5-kdc-ldap/tasks/main.yml | 1 +
 roles/ldap/tasks/main.yml          | 1 +
 roles/nfs-server/tasks/main.yml    | 1 +
 4 files changed, 4 insertions(+)

diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index 128d1fd..b97120a 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -28,6 +28,7 @@
     zone: internal
     port: 3142/tcp
     permanent: yes
+    immediate: yes
     state: enabled
 
 - meta: flush_handlers
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index e89fd8c..cb6e78c 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -210,6 +210,7 @@
     zone: internal
     service: "{{ item }}"
     permanent: yes
+    immediate: yes
     state: enabled
   with_items:
     - kerberos
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 51ac242..589b07c 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -155,4 +155,5 @@
     zone: internal
     service: ldap
     permanent: yes
+    immediate: yes
     state: enabled
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 950fde1..eaab5bb 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -88,4 +88,5 @@
     zone: internal
     service: nfs
     permanent: yes
+    immediate: yes
     state: enabled

From 6f0197f693c6d00c6c57ce972f129f289f046e29 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 16 Mar 2020 19:36:19 +0100
Subject: [PATCH 098/504] Restart slapd when keytab is available.  HTTP service
 principal.

---
 roles/krb5-kdc-ldap/handlers/main.yml | 8 ++++++--
 roles/krb5-kdc-ldap/tasks/main.yml    | 3 +++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/roles/krb5-kdc-ldap/handlers/main.yml b/roles/krb5-kdc-ldap/handlers/main.yml
index dd749e0..098de30 100644
--- a/roles/krb5-kdc-ldap/handlers/main.yml
+++ b/roles/krb5-kdc-ldap/handlers/main.yml
@@ -1,7 +1,11 @@
+- name: restart slapd
+  systemd: name=slapd state=restarted enabled=yes
+  listen: "restart slapd"
+
 - name: restart krb5-kdc
-  service: name=krb5-kdc state=restarted enabled=yes
+  systemd: name=krb5-kdc state=restarted enabled=yes
   listen: "restart krb5-kdc"
 
 - name: restart krb5-admin-server
-  service: name=krb5-admin-server state=restarted enabled=yes
+  systemd: name=krb5-admin-server state=restarted enabled=yes
   listen: "restart krb5-admin-server"
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index cb6e78c..dec714d 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -173,6 +173,7 @@
   with_items:
     - host
     - ldap
+    - HTTP
   when: not krb5kdc.stat.exists
 
 - name: add principal to the keytab
@@ -180,6 +181,7 @@
   with_items:
     - host
     - ldap
+    - HTTP
   when: not krb5kdc.stat.exists
 
 - name: allow slapd to read the keytab
@@ -188,6 +190,7 @@
     owner: root
     group: openldap
     mode: '0640'
+  notify: restart slapd
 
 - name: "make 'kerberos' an alias hostname resolvable from the LAN"
   replace:

From 8ca41be45ad24c7958210352ed0adbaad92ef072 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 16 Mar 2020 19:37:54 +0100
Subject: [PATCH 099/504] Do not overwrite existing APT configuration.

---
 roles/apt-cacher/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index b97120a..7d33a9f 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -7,7 +7,7 @@
   copy:
     src: apt.conf
     dest: /etc/apt/apt.conf
-    backup: yes
+    force: no
   notify: "start apt-cacher-ng"
   when: not run_in_installer|default(false)|bool  ## do not enable apt-cacher during installation
 

From c78cff820093d93865e74437e11b6d16e3c94919 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 16 Mar 2020 19:43:42 +0100
Subject: [PATCH 100/504] Move kerberos integration to the end of tasks.

---
 roles/nextcloud/files/krb5-nextcloud.conf |  2 +-
 roles/nextcloud/tasks/main.yml            | 70 +++++++++++++++++------
 2 files changed, 55 insertions(+), 17 deletions(-)

diff --git a/roles/nextcloud/files/krb5-nextcloud.conf b/roles/nextcloud/files/krb5-nextcloud.conf
index 9ccb2ab..89415e9 100644
--- a/roles/nextcloud/files/krb5-nextcloud.conf
+++ b/roles/nextcloud/files/krb5-nextcloud.conf
@@ -7,5 +7,5 @@
   GssapiUseSessions    On
   GssapiNegotiateOnce  On
   GssapiBasicAuth      On
-  require              valid-user
+  Require              valid-user
 </Location>
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index e620a54..61d43de 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -101,26 +101,12 @@
     dest: /etc/apache2/sites-available/nextcloud.conf
   notify: "restart apache2"
 
-- name: provide kerberos SSO config
-  copy:
-    src: krb5-nextcloud.conf
-    dest: /etc/apache2/sites-available/krb5-nextcloud.conf
-  when: "'kerberize' in role_names"
-  notify: "restart apache2"
-
 - name: enable nextcloud site
   command: a2ensite nextcloud.conf
   args:
     creates: /etc/apache2/sites-enabled/nextcloud.conf
   notify: "restart apache2"
 
-- name: enable kerberos access to nextcloud site
-  command: a2ensite krb5-nextcloud.conf
-  args:
-    creates: /etc/apache2/sites-enabled/krb5-nextcloud.conf
-  notify: "restart apache2"
-  when: "'kerberize' in role_names"
-
 - name: enable https
   shell: 'grep -q "VirtualHost .*:443" * || a2ensite default-ssl.conf'
   args:
@@ -293,10 +279,62 @@
   command: "firewall-offline-cmd --add-service=https"
   when: run_in_installer|default(false)|bool
 
+#################################################################
+## kerberox integration:
+
+- name: install libapache2-mod-auth-gssapi
+  apt:
+    name: libapache2-mod-auth-gssapi
+    state: latest
+  when: "'kerberize' in role_names"
+  notify: "restart apache2"
+
+- name: copy keytab for www-data
+  copy:
+    src: /etc/krb5.keytab
+    dest: /etc/krb5.keytab.http
+    group: www-data
+    mode: "0640"
+    remote_src: yes
+    force: no
+  when: "'kerberize' in role_names"
+  notify: "restart apache2"
+
+- name: provide kerberos SSO config
+  copy:
+    src: krb5-nextcloud.conf
+    dest: /etc/apache2/sites-available/krb5-nextcloud.conf
+  when: "'kerberize' in role_names"
+  notify: "restart apache2"
+
+- name: enable kerberos access to nextcloud site
+  command: a2ensite krb5-nextcloud.conf
+  args:
+    creates: /etc/apache2/sites-enabled/krb5-nextcloud.conf
+  notify: "restart apache2"
+  when: "'kerberize' in role_names"
+
+- name: allow https in firewalld
+  firewalld:
+    zone: internal
+    service: https
+    permanent: Yes
+    immediate: Yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool and 'kerberize' in role_names
+
+- name: allow https in firewalld, offline
+  command: "firewall-offline-cmd --add-service=https --zone=internal"
+  when: run_in_installer|default(false)|bool and 'kerberize' in role_names
+
+- name: allow access from kerberized LAN
+  command: sudo -u www-data php ./occ config:system:set trusted_domains 2 --value='{{ ansible_hostname }}.{{ ansible_domain }}'
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  when: not nextcloud.stat.exists and 'kerberize' in role_names
 
 
-## ToDo kerberox integration:
 # sudo -u www-data php ./occ app:enable user_ldap
 # sudo -u www-data php ./occ app:install user_saml
-
 # sudo -u www-data php ./occ ldap

From c6ac5fec0f7719730e2c1e3c57a528da0586803d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 17 Mar 2020 08:52:06 +0100
Subject: [PATCH 101/504] Fix firewalld configuration during installation.

---
 roles/apt-cacher/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index 7d33a9f..5dd27c3 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -30,5 +30,11 @@
     permanent: yes
     immediate: yes
     state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: allow apt-cacher-ng service in firewalld, offline
+  command: "firewall-offline-cmd --zone=internal --add-port=3142/tcp"
+  when: run_in_installer|default(false)|bool
+
 
 - meta: flush_handlers

From a412984c0ba8a30623129e33a2b9a47e248500e9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 17 Mar 2020 20:30:23 +0100
Subject: [PATCH 102/504] Modify proxy only if none given yet.

---
 roles/apt-cacher/tasks/main.yml    | 2 +-
 roles/krb5-kdc-ldap/tasks/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index 5dd27c3..7439eb4 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -19,7 +19,7 @@
 - name: enable apt-cacher-ng for install-clients
   replace:
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(d-i mirror/http/proxy string.*)$'
+    regexp: '^d-i mirror/http/proxy string$'
     replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
   when: preseedcfg.stat.exists
 
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index dec714d..76646b9 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -176,7 +176,7 @@
     - HTTP
   when: not krb5kdc.stat.exists
 
-- name: add principal to the keytab
+- name: add principal to the default keytab
   command: kadmin.local -q 'ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
   with_items:
     - host

From 10010f587301df86a15403bd582b60c3486241c1 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@muandit.de>
Date: Mon, 26 Oct 2020 20:48:03 +0100
Subject: [PATCH 103/504] Updates for nextcloud.

---
 roles/nextcloud/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 61d43de..1b5a755 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -30,9 +30,11 @@
       - mariadb-server
       - python3-pymysql
       - php-apcu
+      - php-bcmath
       - php-fpm
       - php-curl
       - php-gd
+      - php-gmp
       - php-imagick
       - php-intl
       - php-json
@@ -252,6 +254,14 @@
   register: cmd_result
   changed_when: cmd_result.stdout is search('table updated successfully')
 
+- name: add missing columns
+  command: "sudo -u www-data php ./occ db:add-missing-columns"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is search('table updated successfully')
+
 
 - name: add default NIC to public zone
   firewalld:

From 7e34ab8081405a5715ab390866c13fbfb4d8df99 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@muandit.de>
Date: Mon, 26 Oct 2020 20:50:00 +0100
Subject: [PATCH 104/504] Services are socket activated.

---
 roles/lan-client/templates/sssd.conf.j2 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lan-client/templates/sssd.conf.j2
index 90e5410..91d230e 100644
--- a/roles/lan-client/templates/sssd.conf.j2
+++ b/roles/lan-client/templates/sssd.conf.j2
@@ -1,6 +1,5 @@
 [sssd]
 domains = LDAP
-services = nss, pam
 config_file_version = 2
 
 [nss]

From 9264deb90dbc4597a3ba3546957dd411af34bf98 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@muandit.de>
Date: Mon, 26 Oct 2020 20:53:53 +0100
Subject: [PATCH 105/504] Better group handling with keyword 'none'.

---
 roles/ldap/templates/debian-lan.j2 | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index 5572869..dba9532 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -8,7 +8,8 @@ set -eu
 usage(){
     cat <<EOF
 Usage:
-         $(basename $0)  adduser  <uid>  <password>  [<group>]  [<given name>]  [<family name>]
+         $(basename $0)  adduser  <uid>  <password>  <group>|none  <given name>  <family name>
+         $(basename $0)  adduser  <uid>  <password>  [<group>]
          $(basename $0)  deluser  <uid>
          $(basename $0)  delhost  <hostname>
          $(basename $0)  ldapvi
@@ -16,13 +17,13 @@ Usage:
 
      <uid>:  User ID (login name)
      <password>:  Password
-     <group>:  If given, the user is added to this posix group (in addition to his personal group).
-               The group must already exist in the LDAP DT.
+     <group>:  If given and not "none", the user is added to this posix group (in addition to his
+               personal group).  The group must already exist in the LDAP DT.
      <given name>, <family name>:  LDAP attributes 'givenName' and 'sn'.  If omitted, <uid> is used.
      <file>:  File containing lines of the form:
 
-                   adduser <uid 1>  <password 1>  [<group 1>]  [<given name 1>]  [<family name 1>]
-                   adduser <uid 2>  <password 2>  [<group 2>]  [<given name 2>]  [<family name 2>]
+                   adduser <uid 1>  <password 1>  <group 1>  <given name 1>  <family name 1>
+                   adduser <uid 2>  <password 2>  <group 2>  <given name 2>  <family name 2>
                    …
                    deluser <uid n>
                    deluser <uid n+1>
@@ -160,7 +161,7 @@ gidNumber: ${gidNumber}
 ##################################
 EOF
 
-    if [ -n "$grp" ] ; then
+    if [ -n "$grp" -a "$grp" != "none" ] ; then
         cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
 ############## LDIF ##############
 dn: cn=${grp},ou=groups,$BASEDN

From ddb8ff11d33f3aac2090f48ad3a0c69d73bc1bed Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 28 Nov 2020 09:23:44 +0100
Subject: [PATCH 106/504] Init fvs branch with LDAP auth and mk-homedir.

---
 kiosk_mkhome.yml                              | 23 +++++++++++
 roles/fvs-client-mkhome/defaults/main.yml     |  2 +
 roles/fvs-client-mkhome/handlers/main.yml     |  8 ++++
 roles/fvs-client-mkhome/tasks/main.yml        | 40 +++++++++++++++++++
 .../fvs-client-mkhome/templates/sssd.conf.j2  | 20 ++++++++++
 5 files changed, 93 insertions(+)
 create mode 100644 kiosk_mkhome.yml
 create mode 100644 roles/fvs-client-mkhome/defaults/main.yml
 create mode 100644 roles/fvs-client-mkhome/handlers/main.yml
 create mode 100644 roles/fvs-client-mkhome/tasks/main.yml
 create mode 100644 roles/fvs-client-mkhome/templates/sssd.conf.j2

diff --git a/kiosk_mkhome.yml b/kiosk_mkhome.yml
new file mode 100644
index 0000000..1c53bd0
--- /dev/null
+++ b/kiosk_mkhome.yml
@@ -0,0 +1,23 @@
+---
+# This playbook deploys a kiosk-computer
+
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    auto_user: debi
+    wifi_ssid: "YOUR SSID HERE"
+    wifi_passwd: "YOUR WIFI-PW HERE"
+    extra_pkgs:
+      - webext-privacy-badger
+      - webext-ublock-origin
+    extra_pkgs_bpo: []  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    ## Choose either gnome or KDE:
+    - gnome
+    #- kde
+    - kiosk
+    - fvs-client-mkhome
diff --git a/roles/fvs-client-mkhome/defaults/main.yml b/roles/fvs-client-mkhome/defaults/main.yml
new file mode 100644
index 0000000..836e748
--- /dev/null
+++ b/roles/fvs-client-mkhome/defaults/main.yml
@@ -0,0 +1,2 @@
+basedn: "ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3"
+ldap_server: ldap.steinbeisschule-reutlingen.de
diff --git a/roles/fvs-client-mkhome/handlers/main.yml b/roles/fvs-client-mkhome/handlers/main.yml
new file mode 100644
index 0000000..938f2c4
--- /dev/null
+++ b/roles/fvs-client-mkhome/handlers/main.yml
@@ -0,0 +1,8 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
+
+- name: reload systemd
+  systemd:
+    daemon_reload: yes
+  listen: "reload systemd"
diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
new file mode 100644
index 0000000..c682836
--- /dev/null
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -0,0 +1,40 @@
+---
+- name: install needed packages
+  apt:
+    name:
+      - sssd-ldap
+    state: latest
+
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldaps://{{ ldap_server }}/"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
+    #- name: enable pam_umask
+    #  lineinfile:
+    #    dest: /etc/pam.d/common-session
+    #    line: "session optional	pam_umask.so usergroups"
+
+- name: enable pam_mkhomedir.so
+  lineinfile:
+    dest: /etc/pam.d/common-session
+    line: "session	optional			pam_mkhomedir.so"
+    insertafter: "# end of pam-auth-update config"
+
+    #  command: /usr/sbin/pam-auth-update --enable mkhomedir
+
+## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
diff --git a/roles/fvs-client-mkhome/templates/sssd.conf.j2 b/roles/fvs-client-mkhome/templates/sssd.conf.j2
new file mode 100644
index 0000000..394207a
--- /dev/null
+++ b/roles/fvs-client-mkhome/templates/sssd.conf.j2
@@ -0,0 +1,20 @@
+[sssd]
+domains = LDAP
+config_file_version = 2
+services = nss, pam
+
+[nss]
+filter_groups = root
+filter_users = root
+
+[pam]
+
+[domain/LDAP]
+id_provider = ldap
+ldap_uri = ldaps://{{ ldap_server }}/
+ldap_search_base = {{ basedn }}
+
+auth_provider = ldap
+cache_credentials = true
+
+ldap_tls_reqcert = never

From 3c87bcbeee5d5f44b12e99e57a80e168f87e7b68 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 2 Dec 2020 13:03:44 +0100
Subject: [PATCH 107/504] Add package selection.

---
 kiosk_mkhome.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/kiosk_mkhome.yml b/kiosk_mkhome.yml
index 1c53bd0..1dbaa39 100644
--- a/kiosk_mkhome.yml
+++ b/kiosk_mkhome.yml
@@ -12,7 +12,27 @@
     extra_pkgs:
       - webext-privacy-badger
       - webext-ublock-origin
-    extra_pkgs_bpo: []  # [ libreoffice ]
+      - vim
+      - emacs
+      - vlc
+      - gimp
+      - inkscape
+      - bluefish
+      - git
+      - mc
+      - tmux
+      - wireshark
+      - nmap
+      - netcat-openbsd
+      - net-tools
+      - thonny
+      - mu-editor
+      - dia
+      - vym
+      - tree
+      - console-setup
+      - virt-manager
+    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
 
   roles:
     - up2date-debian

From 1c14ea3939dafd2b0d5d76e4e331f0b463e5f1f6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 4 Dec 2020 17:59:38 +0100
Subject: [PATCH 108/504] Add home page. Self-signed certificate.

---
 roles/fvs-client-mkhome/tasks/main.yml         | 10 ++++++++++
 roles/fvs-client-mkhome/templates/sssd.conf.j2 |  1 -
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index c682836..0d7657b 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -17,6 +17,16 @@
     line: "BASE {{ basedn }}"
     insertafter: "#BASE.*"
 
+- name: do not verify cert
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "LDAPTLS_REQCERT      never"
+
+- name: set homepage
+  lineinfile:
+    dest: /etc/firefox-esr/firefox-esr.js
+    line: pref("browser.startup.homepage", "https://www.startpage.com");
+
     #- name: enable pam_umask
     #  lineinfile:
     #    dest: /etc/pam.d/common-session
diff --git a/roles/fvs-client-mkhome/templates/sssd.conf.j2 b/roles/fvs-client-mkhome/templates/sssd.conf.j2
index 394207a..977426a 100644
--- a/roles/fvs-client-mkhome/templates/sssd.conf.j2
+++ b/roles/fvs-client-mkhome/templates/sssd.conf.j2
@@ -16,5 +16,4 @@ ldap_search_base = {{ basedn }}
 
 auth_provider = ldap
 cache_credentials = true
-
 ldap_tls_reqcert = never

From 8aec6687d785f5697c6197e4a864608c77f236eb Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 4 Dec 2020 18:01:41 +0100
Subject: [PATCH 109/504] Mount smb home next to local home directory.

---
 roles/fvs-client-mkhome/tasks/main.yml | 27 +++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index 0d7657b..a435c42 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -3,6 +3,8 @@
   apt:
     name:
       - sssd-ldap
+      - libpam-mount
+      - cifs-utils
     state: latest
 
 - name: add URI to ldap.conf
@@ -38,9 +40,28 @@
     line: "session	optional			pam_mkhomedir.so"
     insertafter: "# end of pam-auth-update config"
 
-    #  command: /usr/sbin/pam-auth-update --enable mkhomedir
-
-## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
+- name: configure pam_mount
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    block: |
+      <volume
+        fstype="cifs"
+        server="smb.steinbeisschule-reutlingen.de"
+        path="DOCS/fvs/home/"
+        mountpoint="~/winhome"
+      />
+      <!--volume
+        fstype="fuse"
+        path="sshfs#%(USER)@homes:"
+        mountpoint="/home/%(USER)"
+        options="StrictHostKeyChecking=no,allow_root"
+      />
+      <volume
+        path="/home/%(USER)"
+        mountpoint="~"
+        options="bind"
+      /-->
+    insertafter: "<!-- Volume definitions -->"
 
 - name: provide identities from directory
   template:

From b5f1e4b66f26ec893a1e6220f073175c814b6923 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 4 Dec 2020 18:40:07 +0100
Subject: [PATCH 110/504] Skip auto login user (kiosk mode), but keep useful
 tasks.

---
 kiosk_mkhome.yml => fvs_mkhome.yml        |  4 ----
 roles/fvs-client-mkhome/handlers/main.yml | 10 ++++++++++
 roles/fvs-client-mkhome/tasks/main.yml    | 23 +++++++++++++++++++++++
 3 files changed, 33 insertions(+), 4 deletions(-)
 rename kiosk_mkhome.yml => fvs_mkhome.yml (87%)

diff --git a/kiosk_mkhome.yml b/fvs_mkhome.yml
similarity index 87%
rename from kiosk_mkhome.yml
rename to fvs_mkhome.yml
index 1dbaa39..9b1ddeb 100644
--- a/kiosk_mkhome.yml
+++ b/fvs_mkhome.yml
@@ -6,9 +6,6 @@
   remote_user: ansible
   become: yes
   vars:
-    auto_user: debi
-    wifi_ssid: "YOUR SSID HERE"
-    wifi_passwd: "YOUR WIFI-PW HERE"
     extra_pkgs:
       - webext-privacy-badger
       - webext-ublock-origin
@@ -39,5 +36,4 @@
     ## Choose either gnome or KDE:
     - gnome
     #- kde
-    - kiosk
     - fvs-client-mkhome
diff --git a/roles/fvs-client-mkhome/handlers/main.yml b/roles/fvs-client-mkhome/handlers/main.yml
index 938f2c4..f334f3a 100644
--- a/roles/fvs-client-mkhome/handlers/main.yml
+++ b/roles/fvs-client-mkhome/handlers/main.yml
@@ -6,3 +6,13 @@
   systemd:
     daemon_reload: yes
   listen: "reload systemd"
+
+- name: run update-grub
+  command: update-grub
+  listen: update grub
+
+- name: enable tmp.mount
+  systemd:
+    daemon_reload: yes
+    name: tmp.mount
+    enabled: yes
diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index a435c42..1148859 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -69,3 +69,26 @@
     dest: /etc/sssd/sssd.conf
     mode: 0600
   notify: restart sssd
+
+################# from kiosk.yml ##################
+
+- name: grub timeout
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_TIMEOUT=).*'
+    line: '\g<1>1'
+    backrefs: yes
+  notify: update grub
+
+- name: keyboard compose key
+  lineinfile:
+    dest: /etc/default/keyboard
+    regexp: '^(XKBOPTIONS=).*'
+    line: '\1"compose:caps"'
+    backrefs: yes
+
+- name: tmp on tmpfs
+  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
+  args:
+    creates: /etc/systemd/system/tmp.mount
+  notify: enable tmp.mount

From 9c3d5e5f2e8687656f03f696b5517735c51a5069 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 5 Dec 2020 08:53:29 +0100
Subject: [PATCH 111/504] Fix booting from network.

---
 roles/fvs-client-mkhome/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index 1148859..c90be6a 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -70,6 +70,11 @@
     mode: 0600
   notify: restart sssd
 
+  ## FIXME: preseeding grub nvram does not work
+- name: reset boot order
+  command: efibootmgr --delete-bootorder
+  when: run_in_installer|default(false)|bool
+
 ################# from kiosk.yml ##################
 
 - name: grub timeout

From 7828de33479a400fbbe9d4fd0df93d642bb91f81 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 5 Dec 2020 11:07:43 +0100
Subject: [PATCH 112/504] mkhome must happen before creating the mount point.
 More privacy.

---
 roles/fvs-client-mkhome/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index c90be6a..5f5eb23 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -37,8 +37,8 @@
 - name: enable pam_mkhomedir.so
   lineinfile:
     dest: /etc/pam.d/common-session
-    line: "session	optional			pam_mkhomedir.so"
-    insertafter: "# end of pam-auth-update config"
+    line: "session	optional	pam_mkhomedir.so  umask=0027"
+    insertbefore: "session	optional	pam_mount.so"
 
 - name: configure pam_mount
   blockinfile:

From e1cea0c0a3c0304942f0131b3cfae4c0afdef7f6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 5 Dec 2020 18:16:43 +0100
Subject: [PATCH 113/504] Mount data disk next to homes.

---
 roles/fvs-client-mkhome/tasks/main.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index 5f5eb23..2da0050 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -75,8 +75,28 @@
   command: efibootmgr --delete-bootorder
   when: run_in_installer|default(false)|bool
 
-################# from kiosk.yml ##################
 
+############## extra data partition ###############
+- name: mount data partition
+  mount:
+    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
+    path: /home/data
+    fstype: ext4
+    state: mounted
+  register: data_mounted
+  when: hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)] | default(false)
+  loop:
+    - sdb
+    - sde
+
+- name: set sticky bit on data directory
+  file:
+    path: /home/data
+    state: directory
+    mode: '1777'
+  when: data_mounted.changed
+
+################# from kiosk.yml ##################
 - name: grub timeout
   lineinfile:
     dest: /etc/default/grub

From 4f73a9ead6af7de1cca6384b3b27f93fedcda02e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 8 Dec 2020 13:08:26 +0100
Subject: [PATCH 114/504] Use private groups for all LDAP users.

---
 roles/fvs-client-mkhome/templates/sssd.conf.j2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/fvs-client-mkhome/templates/sssd.conf.j2 b/roles/fvs-client-mkhome/templates/sssd.conf.j2
index 977426a..1efcfc5 100644
--- a/roles/fvs-client-mkhome/templates/sssd.conf.j2
+++ b/roles/fvs-client-mkhome/templates/sssd.conf.j2
@@ -15,5 +15,8 @@ ldap_uri = ldaps://{{ ldap_server }}/
 ldap_search_base = {{ basedn }}
 
 auth_provider = ldap
+auto_private_groups = true
+
 cache_credentials = true
+
 ldap_tls_reqcert = never

From c4b6d866388a826a6dd27bc2459fed6aa717c634 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 8 Dec 2020 13:16:00 +0100
Subject: [PATCH 115/504] Allow to use wireshark for all users.

---
 roles/fvs-client-mkhome/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index 2da0050..3f390a8 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -75,6 +75,12 @@
   command: efibootmgr --delete-bootorder
   when: run_in_installer|default(false)|bool
 
+- name: set capabilities (wireshark)
+  capabilities:
+    path: /usr/bin/dumpcap
+    capability: cap_net_raw,cap_net_admin+eip
+    state: present
+
 
 ############## extra data partition ###############
 - name: mount data partition

From eab730e0ea31d97ba10c57e40621660a8deaf748 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 9 Dec 2020 09:27:44 +0100
Subject: [PATCH 116/504] Mount share directory on login.

---
 roles/fvs-client-mkhome/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index 3f390a8..eaa2ae4 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -50,6 +50,12 @@
         path="DOCS/fvs/home/"
         mountpoint="~/winhome"
       />
+      <volume
+        fstype="cifs"
+        server="smb.steinbeisschule-reutlingen.de"
+        path="DOCS/fvs/tausch/"
+        mountpoint="~/winshare"
+      />
       <!--volume
         fstype="fuse"
         path="sshfs#%(USER)@homes:"

From f764745db61226f8f1c88c0cdf2b9399d0f38166 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 9 Dec 2020 12:08:00 +0100
Subject: [PATCH 117/504] Fix check for disk partition.

---
 roles/fvs-client-mkhome/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-client-mkhome/tasks/main.yml
index eaa2ae4..2b1bf91 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-client-mkhome/tasks/main.yml
@@ -96,7 +96,7 @@
     fstype: ext4
     state: mounted
   register: data_mounted
-  when: hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)] | default(false)
+  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
   loop:
     - sdb
     - sde

From a37164d01a0f07bb6e10c2dd5ce2e9c37d12d11f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 11 Dec 2020 11:58:23 +0100
Subject: [PATCH 118/504] Split role in desktop and infrastructure parts.

---
 fvs_mkhome.yml => fvs-client.yml              |  3 +-
 fvs-mkhome.yml                                | 25 ++++++++
 roles/fvs-client-mkhome/handlers/main.yml     | 18 ------
 roles/fvs-client/handlers/main.yml            | 10 ++++
 roles/fvs-client/tasks/main.yml               | 59 +++++++++++++++++++
 .../defaults/main.yml                         |  0
 roles/fvs-mkhome/handlers/main.yml            |  3 +
 .../tasks/main.yml                            | 54 -----------------
 .../templates/sssd.conf.j2                    |  0
 9 files changed, 99 insertions(+), 73 deletions(-)
 rename fvs_mkhome.yml => fvs-client.yml (95%)
 create mode 100644 fvs-mkhome.yml
 delete mode 100644 roles/fvs-client-mkhome/handlers/main.yml
 create mode 100644 roles/fvs-client/handlers/main.yml
 create mode 100644 roles/fvs-client/tasks/main.yml
 rename roles/{fvs-client-mkhome => fvs-mkhome}/defaults/main.yml (100%)
 create mode 100644 roles/fvs-mkhome/handlers/main.yml
 rename roles/{fvs-client-mkhome => fvs-mkhome}/tasks/main.yml (57%)
 rename roles/{fvs-client-mkhome => fvs-mkhome}/templates/sssd.conf.j2 (100%)

diff --git a/fvs_mkhome.yml b/fvs-client.yml
similarity index 95%
rename from fvs_mkhome.yml
rename to fvs-client.yml
index 9b1ddeb..e01b871 100644
--- a/fvs_mkhome.yml
+++ b/fvs-client.yml
@@ -36,4 +36,5 @@
     ## Choose either gnome or KDE:
     - gnome
     #- kde
-    - fvs-client-mkhome
+    - fvs-mkhome
+    - fvs-client
diff --git a/fvs-mkhome.yml b/fvs-mkhome.yml
new file mode 100644
index 0000000..e4528d6
--- /dev/null
+++ b/fvs-mkhome.yml
@@ -0,0 +1,25 @@
+---
+# This playbook deploys a kiosk-computer
+
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+      - git
+      - mc
+      - tmux
+      - nmap
+      - netcat-openbsd
+      - net-tools
+      - tree
+      - console-setup
+      - virt-manager
+    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    ## Choose either gnome or KDE:
+    - fvs-mkhome
diff --git a/roles/fvs-client-mkhome/handlers/main.yml b/roles/fvs-client-mkhome/handlers/main.yml
deleted file mode 100644
index f334f3a..0000000
--- a/roles/fvs-client-mkhome/handlers/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: reload systemd
-  systemd:
-    daemon_reload: yes
-  listen: "reload systemd"
-
-- name: run update-grub
-  command: update-grub
-  listen: update grub
-
-- name: enable tmp.mount
-  systemd:
-    daemon_reload: yes
-    name: tmp.mount
-    enabled: yes
diff --git a/roles/fvs-client/handlers/main.yml b/roles/fvs-client/handlers/main.yml
new file mode 100644
index 0000000..6a3b3d5
--- /dev/null
+++ b/roles/fvs-client/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: run update-grub
+  command: update-grub
+  listen: update grub
+
+- name: enable tmp.mount
+  systemd:
+    daemon_reload: yes
+    name: tmp.mount
+    enabled: yes
+  listen: enable tmp.mount
diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
new file mode 100644
index 0000000..2473b81
--- /dev/null
+++ b/roles/fvs-client/tasks/main.yml
@@ -0,0 +1,59 @@
+---
+- name: set homepage
+  lineinfile:
+    dest: /etc/firefox-esr/firefox-esr.js
+    line: pref("browser.startup.homepage", "https://www.startpage.com");
+
+    #- name: enable pam_umask
+    #  lineinfile:
+    #    dest: /etc/pam.d/common-session
+    #    line: "session optional	pam_umask.so usergroups"
+
+- name: set capabilities (wireshark)
+  capabilities:
+    path: /usr/bin/dumpcap
+    capability: cap_net_raw,cap_net_admin+eip
+    state: present
+
+
+############## extra data partition ###############
+- name: mount data partition
+  mount:
+    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
+    path: /home/data
+    fstype: ext4
+    state: mounted
+  register: data_mounted
+  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
+  loop:
+    - sdb
+    - sde
+
+- name: set sticky bit on data directory
+  file:
+    path: /home/data
+    state: directory
+    mode: '1777'
+  when: data_mounted.changed
+
+################# from kiosk.yml ##################
+- name: grub timeout
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_TIMEOUT=).*'
+    line: '\g<1>1'
+    backrefs: yes
+  notify: update grub
+
+- name: keyboard compose key
+  lineinfile:
+    dest: /etc/default/keyboard
+    regexp: '^(XKBOPTIONS=).*'
+    line: '\1"compose:caps"'
+    backrefs: yes
+
+- name: tmp on tmpfs
+  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
+  args:
+    creates: /etc/systemd/system/tmp.mount
+  notify: enable tmp.mount
diff --git a/roles/fvs-client-mkhome/defaults/main.yml b/roles/fvs-mkhome/defaults/main.yml
similarity index 100%
rename from roles/fvs-client-mkhome/defaults/main.yml
rename to roles/fvs-mkhome/defaults/main.yml
diff --git a/roles/fvs-mkhome/handlers/main.yml b/roles/fvs-mkhome/handlers/main.yml
new file mode 100644
index 0000000..c7c508b
--- /dev/null
+++ b/roles/fvs-mkhome/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-mkhome/tasks/main.yml
similarity index 57%
rename from roles/fvs-client-mkhome/tasks/main.yml
rename to roles/fvs-mkhome/tasks/main.yml
index 2b1bf91..b83436c 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-mkhome/tasks/main.yml
@@ -24,11 +24,6 @@
     dest: /etc/ldap/ldap.conf
     line: "LDAPTLS_REQCERT      never"
 
-- name: set homepage
-  lineinfile:
-    dest: /etc/firefox-esr/firefox-esr.js
-    line: pref("browser.startup.homepage", "https://www.startpage.com");
-
     #- name: enable pam_umask
     #  lineinfile:
     #    dest: /etc/pam.d/common-session
@@ -80,52 +75,3 @@
 - name: reset boot order
   command: efibootmgr --delete-bootorder
   when: run_in_installer|default(false)|bool
-
-- name: set capabilities (wireshark)
-  capabilities:
-    path: /usr/bin/dumpcap
-    capability: cap_net_raw,cap_net_admin+eip
-    state: present
-
-
-############## extra data partition ###############
-- name: mount data partition
-  mount:
-    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
-    path: /home/data
-    fstype: ext4
-    state: mounted
-  register: data_mounted
-  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
-  loop:
-    - sdb
-    - sde
-
-- name: set sticky bit on data directory
-  file:
-    path: /home/data
-    state: directory
-    mode: '1777'
-  when: data_mounted.changed
-
-################# from kiosk.yml ##################
-- name: grub timeout
-  lineinfile:
-    dest: /etc/default/grub
-    regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>1'
-    backrefs: yes
-  notify: update grub
-
-- name: keyboard compose key
-  lineinfile:
-    dest: /etc/default/keyboard
-    regexp: '^(XKBOPTIONS=).*'
-    line: '\1"compose:caps"'
-    backrefs: yes
-
-- name: tmp on tmpfs
-  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
-  args:
-    creates: /etc/systemd/system/tmp.mount
-  notify: enable tmp.mount
diff --git a/roles/fvs-client-mkhome/templates/sssd.conf.j2 b/roles/fvs-mkhome/templates/sssd.conf.j2
similarity index 100%
rename from roles/fvs-client-mkhome/templates/sssd.conf.j2
rename to roles/fvs-mkhome/templates/sssd.conf.j2

From c3ca8606d6471a571ec26e51b6e809e327c72373 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 15 Dec 2020 09:55:54 +0100
Subject: [PATCH 119/504] Use variables and add mount options for more privacy.

---
 roles/fvs-mkhome/defaults/main.yml |  5 ++++-
 roles/fvs-mkhome/tasks/main.yml    | 14 ++++++++------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/roles/fvs-mkhome/defaults/main.yml b/roles/fvs-mkhome/defaults/main.yml
index 836e748..26a03ba 100644
--- a/roles/fvs-mkhome/defaults/main.yml
+++ b/roles/fvs-mkhome/defaults/main.yml
@@ -1,2 +1,5 @@
 basedn: "ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3"
-ldap_server: ldap.steinbeisschule-reutlingen.de
+ldap_server: "ldap.steinbeisschule-reutlingen.de"
+smb_server: "smb.steinbeisschule-reutlingen.de"
+smb_home: "DOCS/fvs/home/"
+smb_share: "DOCS/fvs/tausch/"
diff --git a/roles/fvs-mkhome/tasks/main.yml b/roles/fvs-mkhome/tasks/main.yml
index b83436c..d0bad51 100644
--- a/roles/fvs-mkhome/tasks/main.yml
+++ b/roles/fvs-mkhome/tasks/main.yml
@@ -41,15 +41,17 @@
     block: |
       <volume
         fstype="cifs"
-        server="smb.steinbeisschule-reutlingen.de"
-        path="DOCS/fvs/home/"
-        mountpoint="~/winhome"
+        server="{{ smb_server }}"
+        path="{{ smb_home }}"
+        mountpoint="/media/%(USER)/winhome"
+        options="dir_mode=0750,file_mode=0640"
       />
       <volume
         fstype="cifs"
-        server="smb.steinbeisschule-reutlingen.de"
-        path="DOCS/fvs/tausch/"
-        mountpoint="~/winshare"
+        server="{{ smb_server }}"
+        path="{{ smb_share }}"
+        mountpoint="/media/%(USER)/winshare"
+        options="dir_mode=0750,file_mode=0640"
       />
       <!--volume
         fstype="fuse"

From 77c8c26e38fe8160c8895cbd4eba78932d245b49 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 17 Dec 2020 10:28:24 +0100
Subject: [PATCH 120/504] Exclude local user from mounts.

---
 roles/fvs-mkhome/tasks/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/fvs-mkhome/tasks/main.yml b/roles/fvs-mkhome/tasks/main.yml
index d0bad51..f7b9724 100644
--- a/roles/fvs-mkhome/tasks/main.yml
+++ b/roles/fvs-mkhome/tasks/main.yml
@@ -45,20 +45,20 @@
         path="{{ smb_home }}"
         mountpoint="/media/%(USER)/winhome"
         options="dir_mode=0750,file_mode=0640"
-      />
+      ><not><user>ansible</user></not></volume>
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/media/%(USER)/winshare"
         options="dir_mode=0750,file_mode=0640"
-      />
+      ><not><user>ansible</user></not></volume>
       <!--volume
         fstype="fuse"
         path="sshfs#%(USER)@homes:"
         mountpoint="/home/%(USER)"
         options="StrictHostKeyChecking=no,allow_root"
-      />
+      ><not><user>ansible</user></not></volume>
       <volume
         path="/home/%(USER)"
         mountpoint="~"

From 7238875d0c16af5635b320339f9ffc20d2791727 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 18 Dec 2020 08:14:43 +0100
Subject: [PATCH 121/504] Further split roles. Mount user home on the clients
 (sshfs).

The following roles are available:
 fvs-sssd
   Configures LDAP as ID and AUTH provider using sssd.
 fvs-mount
   Provides all private user directories on login with pam_mount.

Machines provided so far are:
  The server providing the home directory: fvs-home.yml
  A standard client: fvs-client.yml
---
 fvs-client.yml                                |  5 +-
 fvs-home.yml                                  | 20 +++++
 roles/fvs-client/tasks/main.yml               |  5 --
 roles/fvs-mkhome/tasks/main.yml               | 79 -------------------
 .../defaults/main.yml                         |  3 +-
 roles/fvs-mount/tasks/main.yml                | 35 ++++++++
 roles/fvs-sssd/defaults/main.yml              |  2 +
 .../handlers/main.yml                         |  0
 roles/fvs-sssd/tasks/main.yml                 | 30 +++++++
 .../templates/sssd.conf.j2                    |  0
 10 files changed, 91 insertions(+), 88 deletions(-)
 create mode 100644 fvs-home.yml
 delete mode 100644 roles/fvs-mkhome/tasks/main.yml
 rename roles/{fvs-mkhome => fvs-mount}/defaults/main.yml (52%)
 create mode 100644 roles/fvs-mount/tasks/main.yml
 create mode 100644 roles/fvs-sssd/defaults/main.yml
 rename roles/{fvs-mkhome => fvs-sssd}/handlers/main.yml (100%)
 create mode 100644 roles/fvs-sssd/tasks/main.yml
 rename roles/{fvs-mkhome => fvs-sssd}/templates/sssd.conf.j2 (100%)

diff --git a/fvs-client.yml b/fvs-client.yml
index e01b871..a363e7f 100644
--- a/fvs-client.yml
+++ b/fvs-client.yml
@@ -33,8 +33,9 @@
 
   roles:
     - up2date-debian
+    - fvs-sssd
+    - fvs-mount
+    - fvs-client
     ## Choose either gnome or KDE:
     - gnome
     #- kde
-    - fvs-mkhome
-    - fvs-client
diff --git a/fvs-home.yml b/fvs-home.yml
new file mode 100644
index 0000000..20aafa8
--- /dev/null
+++ b/fvs-home.yml
@@ -0,0 +1,20 @@
+---
+- name: apply configuration to the home server
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+    extra_pkgs_bpo: [ ]  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    - fvs-sssd
+
+  tasks:
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session	optional	pam_mkhomedir.so  umask=0027"
+        insertbefore: "session	optional	pam_mount.so"
diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
index 2473b81..16ea639 100644
--- a/roles/fvs-client/tasks/main.yml
+++ b/roles/fvs-client/tasks/main.yml
@@ -4,11 +4,6 @@
     dest: /etc/firefox-esr/firefox-esr.js
     line: pref("browser.startup.homepage", "https://www.startpage.com");
 
-    #- name: enable pam_umask
-    #  lineinfile:
-    #    dest: /etc/pam.d/common-session
-    #    line: "session optional	pam_umask.so usergroups"
-
 - name: set capabilities (wireshark)
   capabilities:
     path: /usr/bin/dumpcap
diff --git a/roles/fvs-mkhome/tasks/main.yml b/roles/fvs-mkhome/tasks/main.yml
deleted file mode 100644
index f7b9724..0000000
--- a/roles/fvs-mkhome/tasks/main.yml
+++ /dev/null
@@ -1,79 +0,0 @@
----
-- name: install needed packages
-  apt:
-    name:
-      - sssd-ldap
-      - libpam-mount
-      - cifs-utils
-    state: latest
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldaps://{{ ldap_server }}/"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: do not verify cert
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "LDAPTLS_REQCERT      never"
-
-    #- name: enable pam_umask
-    #  lineinfile:
-    #    dest: /etc/pam.d/common-session
-    #    line: "session optional	pam_umask.so usergroups"
-
-- name: enable pam_mkhomedir.so
-  lineinfile:
-    dest: /etc/pam.d/common-session
-    line: "session	optional	pam_mkhomedir.so  umask=0027"
-    insertbefore: "session	optional	pam_mount.so"
-
-- name: configure pam_mount
-  blockinfile:
-    dest: /etc/security/pam_mount.conf.xml
-    block: |
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="{{ smb_home }}"
-        mountpoint="/media/%(USER)/winhome"
-        options="dir_mode=0750,file_mode=0640"
-      ><not><user>ansible</user></not></volume>
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="{{ smb_share }}"
-        mountpoint="/media/%(USER)/winshare"
-        options="dir_mode=0750,file_mode=0640"
-      ><not><user>ansible</user></not></volume>
-      <!--volume
-        fstype="fuse"
-        path="sshfs#%(USER)@homes:"
-        mountpoint="/home/%(USER)"
-        options="StrictHostKeyChecking=no,allow_root"
-      ><not><user>ansible</user></not></volume>
-      <volume
-        path="/home/%(USER)"
-        mountpoint="~"
-        options="bind"
-      /-->
-    insertafter: "<!-- Volume definitions -->"
-
-- name: provide identities from directory
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
-
-  ## FIXME: preseeding grub nvram does not work
-- name: reset boot order
-  command: efibootmgr --delete-bootorder
-  when: run_in_installer|default(false)|bool
diff --git a/roles/fvs-mkhome/defaults/main.yml b/roles/fvs-mount/defaults/main.yml
similarity index 52%
rename from roles/fvs-mkhome/defaults/main.yml
rename to roles/fvs-mount/defaults/main.yml
index 26a03ba..775517a 100644
--- a/roles/fvs-mkhome/defaults/main.yml
+++ b/roles/fvs-mount/defaults/main.yml
@@ -1,5 +1,4 @@
-basedn: "ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3"
-ldap_server: "ldap.steinbeisschule-reutlingen.de"
 smb_server: "smb.steinbeisschule-reutlingen.de"
+home_server: "home.steinbeisschule-reutlingen.de"
 smb_home: "DOCS/fvs/home/"
 smb_share: "DOCS/fvs/tausch/"
diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
new file mode 100644
index 0000000..b27192e
--- /dev/null
+++ b/roles/fvs-mount/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+- name: install needed packages
+  apt:
+    name:
+      - libpam-mount
+      - cifs-utils
+      - sshfs
+    state: latest
+
+- name: configure pam_mount
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    block: |
+      <volume
+        fstype="cifs"
+        server="{{ smb_server }}"
+        path="{{ smb_home }}"
+        mountpoint="/media/%(USER)/winhome"
+        options="dir_mode=0750,file_mode=0640"
+      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      <volume
+        fstype="cifs"
+        server="{{ smb_server }}"
+        path="{{ smb_share }}"
+        mountpoint="/media/%(USER)/winshare"
+        options="dir_mode=0750,file_mode=0640"
+      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      <volume
+        fstype="fuse"
+        path="sshfs#%(USER)@{{ home_server }}:"
+        mountpoint="/home/%(USER)"
+        options="allow_other,default_permissions,reconnect,password_stdin"
+        ssh="0" noroot="0"
+      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+    insertafter: "<!-- Volume definitions -->"
diff --git a/roles/fvs-sssd/defaults/main.yml b/roles/fvs-sssd/defaults/main.yml
new file mode 100644
index 0000000..dd40e38
--- /dev/null
+++ b/roles/fvs-sssd/defaults/main.yml
@@ -0,0 +1,2 @@
+basedn: "ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3"
+ldap_server: "ldap.steinbeisschule-reutlingen.de"
diff --git a/roles/fvs-mkhome/handlers/main.yml b/roles/fvs-sssd/handlers/main.yml
similarity index 100%
rename from roles/fvs-mkhome/handlers/main.yml
rename to roles/fvs-sssd/handlers/main.yml
diff --git a/roles/fvs-sssd/tasks/main.yml b/roles/fvs-sssd/tasks/main.yml
new file mode 100644
index 0000000..3879cfa
--- /dev/null
+++ b/roles/fvs-sssd/tasks/main.yml
@@ -0,0 +1,30 @@
+---
+- name: install needed packages
+  apt:
+    name:
+      - sssd-ldap
+    state: latest
+
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldaps://{{ ldap_server }}/"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
+- name: do not verify cert
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "LDAPTLS_REQCERT      never"
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
diff --git a/roles/fvs-mkhome/templates/sssd.conf.j2 b/roles/fvs-sssd/templates/sssd.conf.j2
similarity index 100%
rename from roles/fvs-mkhome/templates/sssd.conf.j2
rename to roles/fvs-sssd/templates/sssd.conf.j2

From de52a1eb332149bb4026a294733a8e03dd9ac50a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 18 Dec 2020 08:52:25 +0100
Subject: [PATCH 122/504] Provide ssh hostkey.

---
 roles/fvs-mount/defaults/main.yml |  1 +
 roles/fvs-mount/tasks/main.yml    | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/roles/fvs-mount/defaults/main.yml b/roles/fvs-mount/defaults/main.yml
index 775517a..d27fc27 100644
--- a/roles/fvs-mount/defaults/main.yml
+++ b/roles/fvs-mount/defaults/main.yml
@@ -2,3 +2,4 @@ smb_server: "smb.steinbeisschule-reutlingen.de"
 home_server: "home.steinbeisschule-reutlingen.de"
 smb_home: "DOCS/fvs/home/"
 smb_share: "DOCS/fvs/tausch/"
+ssh_hostkey: '|1|vZQ8Yc2MBY3tYCzTCVOmaIRnep8=|kCp5RNmtBR7WSBX6L9fo9URSOmI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFil1umj7jbBfJ7o80WDXToPidypuD915VNM7mN6mMF/gSJ7QYKtYDgBOR5KDUSB5dvc/itlSobw4rYQr2rE5dQ='
diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
index b27192e..3933616 100644
--- a/roles/fvs-mount/tasks/main.yml
+++ b/roles/fvs-mount/tasks/main.yml
@@ -33,3 +33,15 @@
         ssh="0" noroot="0"
       ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
+
+- name: make sure .ssh exists
+  file:
+    path: /root/.ssh
+    state: directory
+    mode: '0700'
+
+- name: provide public key of home server
+  lineinfile:
+    path: /root/.ssh/known_hosts
+    line: "{{ ssh_hostkey }}"
+    create: yes

From 25dd1161e4dd8d0c216a9d3dfb3b80af898b0f98 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 8 Feb 2021 10:57:43 +0100
Subject: [PATCH 123/504] Nicer ordering.

---
 roles/fvs-mount/tasks/main.yml | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
index 3933616..c88df14 100644
--- a/roles/fvs-mount/tasks/main.yml
+++ b/roles/fvs-mount/tasks/main.yml
@@ -11,6 +11,14 @@
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     block: |
+      <volume
+        fstype="fuse"
+        path="sshfs#%(USER)@{{ home_server }}:"
+        mountpoint="/home/%(USER)"
+        options="allow_other,default_permissions,reconnect,password_stdin,disable-hardlink"
+        ssh="0" noroot="0"
+      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
@@ -18,6 +26,7 @@
         mountpoint="/media/%(USER)/winhome"
         options="dir_mode=0750,file_mode=0640"
       ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
@@ -25,13 +34,6 @@
         mountpoint="/media/%(USER)/winshare"
         options="dir_mode=0750,file_mode=0640"
       ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
-      <volume
-        fstype="fuse"
-        path="sshfs#%(USER)@{{ home_server }}:"
-        mountpoint="/home/%(USER)"
-        options="allow_other,default_permissions,reconnect,password_stdin"
-        ssh="0" noroot="0"
-      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
 - name: make sure .ssh exists

From 449b4ff6537212cdc70a24332a1aa96998bb4f2b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 8 Feb 2021 10:59:01 +0100
Subject: [PATCH 124/504] Disable extra drive for now.

---
 roles/fvs-client/tasks/main.yml | 37 +++++++++++++++++----------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
index 16ea639..9f90944 100644
--- a/roles/fvs-client/tasks/main.yml
+++ b/roles/fvs-client/tasks/main.yml
@@ -12,24 +12,25 @@
 
 
 ############## extra data partition ###############
-- name: mount data partition
-  mount:
-    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
-    path: /home/data
-    fstype: ext4
-    state: mounted
-  register: data_mounted
-  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
-  loop:
-    - sdb
-    - sde
-
-- name: set sticky bit on data directory
-  file:
-    path: /home/data
-    state: directory
-    mode: '1777'
-  when: data_mounted.changed
+#- name: all devices
+#  set_fact:
+#    all_devices: "{{ ansible_devices.keys() | select('match', '^sd(.*)$|^nv(.*)$') | list | sort }}"
+#
+#- name: mount data partition
+#  mount:
+#    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices'][all_devices[-1]]['partitions']['%s1'|format(item)]['uuid'] }}"
+#    path: /home/data
+#    fstype: ext4
+#    state: mounted
+#  register: data_mounted
+#  when: all_devices | length > 1 
+#
+#- name: set sticky bit on data directory
+#  file:
+#    path: /home/data
+#    state: directory
+#    mode: '1777'
+#  when: data_mounted.changed
 
 ################# from kiosk.yml ##################
 - name: grub timeout

From 6be0eefcaa69d88d42087b40df3daee7ac318f4a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 13 Apr 2021 09:40:57 +0200
Subject: [PATCH 125/504] Avoid mounting attempts when switching to 'root'.

---
 roles/fvs-mount/tasks/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
index c88df14..c75b4a4 100644
--- a/roles/fvs-mount/tasks/main.yml
+++ b/roles/fvs-mount/tasks/main.yml
@@ -17,7 +17,7 @@
         mountpoint="/home/%(USER)"
         options="allow_other,default_permissions,reconnect,password_stdin,disable-hardlink"
         ssh="0" noroot="0"
-      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
 
       <volume
         fstype="cifs"
@@ -25,7 +25,7 @@
         path="{{ smb_home }}"
         mountpoint="/media/%(USER)/winhome"
         options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
 
       <volume
         fstype="cifs"
@@ -33,7 +33,7 @@
         path="{{ smb_share }}"
         mountpoint="/media/%(USER)/winshare"
         options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
 - name: make sure .ssh exists

From cbc1e62659b7ac1b791a7a3e1b7c4fa718d37d10 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 5 Jul 2021 10:29:20 +0200
Subject: [PATCH 126/504] Disable backports for bullseye.

---
 fvs-client.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fvs-client.yml b/fvs-client.yml
index a363e7f..6152a40 100644
--- a/fvs-client.yml
+++ b/fvs-client.yml
@@ -29,7 +29,7 @@
       - tree
       - console-setup
       - virt-manager
-    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
+    extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
 
   roles:
     - up2date-debian

From 156d932bf4426abcb0191860266069f0bb60b1e8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 5 Jul 2021 10:53:05 +0200
Subject: [PATCH 127/504] PAM-mount fails with this option set.

---
 roles/fvs-mount/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
index c75b4a4..76520e2 100644
--- a/roles/fvs-mount/tasks/main.yml
+++ b/roles/fvs-mount/tasks/main.yml
@@ -15,7 +15,7 @@
         fstype="fuse"
         path="sshfs#%(USER)@{{ home_server }}:"
         mountpoint="/home/%(USER)"
-        options="allow_other,default_permissions,reconnect,password_stdin,disable-hardlink"
+        options="allow_other,default_permissions,reconnect,password_stdin"
         ssh="0" noroot="0"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
 

From bc012494dfd2222ef7bf7473e2307d50e4a3945e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 5 Jul 2021 14:11:56 +0200
Subject: [PATCH 128/504] SSSD is socket activated by now.

---
 roles/fvs-sssd/templates/sssd.conf.j2 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/fvs-sssd/templates/sssd.conf.j2 b/roles/fvs-sssd/templates/sssd.conf.j2
index 1efcfc5..bc39a46 100644
--- a/roles/fvs-sssd/templates/sssd.conf.j2
+++ b/roles/fvs-sssd/templates/sssd.conf.j2
@@ -1,7 +1,6 @@
 [sssd]
 domains = LDAP
 config_file_version = 2
-services = nss, pam
 
 [nss]
 filter_groups = root

From db1ed7ff30a1e37e6c20cb77da1faf1667c8f73d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 27 Jul 2021 11:54:54 +0200
Subject: [PATCH 129/504] Make sure gnome keyring-daemon is not started on
 sshfs.

---
 roles/fvs-client/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
index 9f90944..c428a5c 100644
--- a/roles/fvs-client/tasks/main.yml
+++ b/roles/fvs-client/tasks/main.yml
@@ -53,3 +53,9 @@
   args:
     creates: /etc/systemd/system/tmp.mount
   notify: enable tmp.mount
+
+## make sure gnome keyring-daemon is not started on sshfs:
+- name: disable gnome keyring-daemon
+  command: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.bak --rename /usr/bin/gnome-keyring-daemon
+  args:
+    creates: /usr/bin/gnome-keyring-daemon.bak

From e2abbb114b09b6d11f7823cb5551a25c655ef741 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 27 Jul 2021 12:13:40 +0200
Subject: [PATCH 130/504] Fix for buster ansible release.

---
 fvs-client.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fvs-client.yml b/fvs-client.yml
index 6152a40..0c716d7 100644
--- a/fvs-client.yml
+++ b/fvs-client.yml
@@ -30,6 +30,7 @@
       - console-setup
       - virt-manager
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
+    ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
     - up2date-debian

From 42d3fa4c2515302fb3370102e28aae88863297a5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 13 Oct 2021 12:33:20 +0200
Subject: [PATCH 131/504] Desktop fine tuning (compare netboot image).

---
 roles/gnome/files/defaults | 11 ++++++-----
 roles/gnome/tasks/main.yml |  3 ++-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
index e2f99d0..ffde793 100644
--- a/roles/gnome/files/defaults
+++ b/roles/gnome/files/defaults
@@ -1,5 +1,5 @@
 [org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'desktop-icons@csoriano']
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'dash-to-dock@micxgx.gmail.com']
 
 [org/gnome/desktop/input-sources]
 sources=[('xkb', 'de'), ('xkb', 'us')]
@@ -19,11 +19,11 @@ default-folder-viewer='list-view'
 use-tree-view=true
 
 [org/gnome/settings-daemon/plugins/power]
-power-button-action='hibernate'
-sleep-inactive-battery-timeout=900
+power-button-action='interactive'
+sleep-inactive-battery-timeout=600
 sleep-inactive-battery-type='hibernate'
-sleep-inactive-ac-timeout=7200
-sleep-inactive-ac-type='suspend'
+sleep-inactive-ac-timeout=6000
+sleep-inactive-ac-type='nothing'
 
 [org/gnome/desktop/screensaver]
 lock-enabled=false
@@ -31,3 +31,4 @@ lock-enabled=false
 [org/gnome/desktop/interface]
 clock-show-date=true
 clock-show-seconds=true
+clock-show-weekday=true
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index 32b985d..432229c 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -5,8 +5,9 @@
   apt:
     name:
       - task-gnome-desktop
-      - gnome-shell-extension-desktop-icons
       - cups
+      - ssh-askpass-gnome
+      - gnome-shell-extension-dashtodock
     state: latest
 
 - name: make sure /etc/dconf/profile/ exists

From 080356bfa487458d0c4b5312335c9c88e8e8ba2f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 14 Oct 2021 19:13:03 +0200
Subject: [PATCH 132/504] Clean up FvS playbooks and add VM server playbook.

---
 fvs-client.yml => fvs-desktop.yml   |  3 +--
 fvs-home.yml => fvs-home-server.yml |  1 +
 fvs-mkhome.yml                      | 25 -------------------------
 fvs-vm-server.yml                   | 28 ++++++++++++++++++++++++++++
 4 files changed, 30 insertions(+), 27 deletions(-)
 rename fvs-client.yml => fvs-desktop.yml (93%)
 rename fvs-home.yml => fvs-home-server.yml (89%)
 delete mode 100644 fvs-mkhome.yml
 create mode 100644 fvs-vm-server.yml

diff --git a/fvs-client.yml b/fvs-desktop.yml
similarity index 93%
rename from fvs-client.yml
rename to fvs-desktop.yml
index 0c716d7..d28b333 100644
--- a/fvs-client.yml
+++ b/fvs-desktop.yml
@@ -1,6 +1,5 @@
+## This playbook deploys a FvS desktop machine.
 ---
-# This playbook deploys a kiosk-computer
-
 - name: apply configuration to the machines
   hosts: all
   remote_user: ansible
diff --git a/fvs-home.yml b/fvs-home-server.yml
similarity index 89%
rename from fvs-home.yml
rename to fvs-home-server.yml
index 20aafa8..9ae178b 100644
--- a/fvs-home.yml
+++ b/fvs-home-server.yml
@@ -1,3 +1,4 @@
+## This playbook deploys a FvS home server machine.
 ---
 - name: apply configuration to the home server
   hosts: all
diff --git a/fvs-mkhome.yml b/fvs-mkhome.yml
deleted file mode 100644
index e4528d6..0000000
--- a/fvs-mkhome.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-# This playbook deploys a kiosk-computer
-
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - vim
-      - git
-      - mc
-      - tmux
-      - nmap
-      - netcat-openbsd
-      - net-tools
-      - tree
-      - console-setup
-      - virt-manager
-    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
-
-  roles:
-    - up2date-debian
-    ## Choose either gnome or KDE:
-    - fvs-mkhome
diff --git a/fvs-vm-server.yml b/fvs-vm-server.yml
new file mode 100644
index 0000000..351706e
--- /dev/null
+++ b/fvs-vm-server.yml
@@ -0,0 +1,28 @@
+## This playbook deploys a FvS VM server machine.
+---
+- name: apply configuration to the VM server
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+      - libvirt-daemon-system
+    extra_pkgs_bpo: [ ]  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    - fvs-sssd
+
+  tasks:
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session	optional	pam_mkhomedir.so  umask=0027"
+        insertbefore: "session	optional	pam_mount.so"
+
+    - name: allow all users to use VMs
+      lineinfile:
+        dest: /etc/libvirt/libvirtd.conf
+        line: 'auth_unix_rw = "none"'
+        insertafter: '#auth_unix_rw = "polkit"'

From d1bc338ef9b7a93fd9a3252dba6d0fdede18ed62 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 19 Oct 2021 20:01:20 +0200
Subject: [PATCH 133/504] Web server playbook.

---
 fvs-www-server.yml              | 29 +++++++++++++++++++++++++++++
 roles/fvs-client/tasks/main.yml | 10 +++++-----
 2 files changed, 34 insertions(+), 5 deletions(-)
 create mode 100644 fvs-www-server.yml

diff --git a/fvs-www-server.yml b/fvs-www-server.yml
new file mode 100644
index 0000000..d7a690c
--- /dev/null
+++ b/fvs-www-server.yml
@@ -0,0 +1,29 @@
+## This playbook deploys a FvS web server machine.
+---
+- name: apply configuration to the web server
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+      - apache2
+      - python3-flask
+
+    extra_pkgs_bpo: [ ]  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    - fvs-sssd
+
+  tasks:
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session	optional	pam_mkhomedir.so  umask=0026"
+        insertbefore: "session	optional	pam_mount.so"
+
+    - name: enable apache mod userdir
+      apache2_module:
+        state: present
+        name: userdir
diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
index c428a5c..6a98698 100644
--- a/roles/fvs-client/tasks/main.yml
+++ b/roles/fvs-client/tasks/main.yml
@@ -4,11 +4,11 @@
     dest: /etc/firefox-esr/firefox-esr.js
     line: pref("browser.startup.homepage", "https://www.startpage.com");
 
-- name: set capabilities (wireshark)
-  capabilities:
-    path: /usr/bin/dumpcap
-    capability: cap_net_raw,cap_net_admin+eip
-    state: present
+    #- name: set capabilities (wireshark)
+    #capabilities:
+    #path: /usr/bin/dumpcap
+    #capability: cap_net_raw,cap_net_admin+eip
+    #state: present
 
 
 ############## extra data partition ###############

From 98cfd86b013b879ffb1c56d63eb20d9e99db4bf5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 13 Mar 2022 10:27:15 +0100
Subject: [PATCH 134/504] Add packages.

---
 fvs-desktop.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fvs-desktop.yml b/fvs-desktop.yml
index d28b333..16fa1dd 100644
--- a/fvs-desktop.yml
+++ b/fvs-desktop.yml
@@ -21,6 +21,7 @@
       - nmap
       - netcat-openbsd
       - net-tools
+      - ghex
       - thonny
       - mu-editor
       - dia
@@ -28,6 +29,7 @@
       - tree
       - console-setup
       - virt-manager
+      - libreoffice-l10n-de
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 

From 8d357397f6ee63c08ede9a0d5b764d6f91d03abd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 13 Mar 2022 10:27:57 +0100
Subject: [PATCH 135/504] Prepare shared directory for ISO images.

---
 fvs-vm-server.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fvs-vm-server.yml b/fvs-vm-server.yml
index 351706e..90268cf 100644
--- a/fvs-vm-server.yml
+++ b/fvs-vm-server.yml
@@ -26,3 +26,9 @@
         dest: /etc/libvirt/libvirtd.conf
         line: 'auth_unix_rw = "none"'
         insertafter: '#auth_unix_rw = "polkit"'
+
+    - name: shared directory for ISO installer images
+      file:
+        path: /home/ISOsVM
+        state: directory
+        mode: '1777'

From 3059ba0cd69954c6243001df65638b84beb6c4b3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 21:59:48 +0200
Subject: [PATCH 136/504] Make sure ansible is installed.

---
 roles/prepare4clients/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 2dccbfa..8324881 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -1,3 +1,8 @@
+- name: make sure ansible is available
+  apt:
+    name: ansible
+    state: latest
+
 - name: generate ssh key
   command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
   args:

From c06aa6e519e6814ec8b0ef033b77cd100b49822e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 22:01:46 +0200
Subject: [PATCH 137/504] Fix ending up with no link on WAN interface.

---
 roles/two-interface-firewalld/handlers/main.yml | 4 ++--
 roles/two-interface-firewalld/tasks/main.yml    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/two-interface-firewalld/handlers/main.yml b/roles/two-interface-firewalld/handlers/main.yml
index 51bb215..81201d4 100644
--- a/roles/two-interface-firewalld/handlers/main.yml
+++ b/roles/two-interface-firewalld/handlers/main.yml
@@ -1,6 +1,6 @@
 - name: restart networking
-  systemd: name=networking state=restarted enabled=yes
-  listen: restart networking
+  command: ifup {{ if_lan }}
+  listen: "bring up LAN interface"
   when: not run_in_installer|default(false)|bool
 
 - name: start firewalld
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
index d61dc39..c3c2c9e 100644
--- a/roles/two-interface-firewalld/tasks/main.yml
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -2,7 +2,7 @@
   template:
     src: interfaces-static.j2
     dest: /etc/network/interfaces.d/static
-  notify: "restart networking"
+  notify: "bring up LAN interface"
 
 - name: install firewalld package
   apt: name=firewalld state=latest

From d8ab7bc73ee0887c9c3c1816bdec29be16b158b3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 22:05:55 +0200
Subject: [PATCH 138/504] Add data base maintenance command.

---
 roles/nextcloud/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 1b5a755..8e395a0 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -262,6 +262,15 @@
   register: cmd_result
   changed_when: cmd_result.stdout is search('table updated successfully')
 
+- name: convert filecache to bigint
+  command: "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('tables already up to date')
+
+
 
 - name: add default NIC to public zone
   firewalld:

From 1b2707b474a67efdf4f9f6ee02b29fae8e560884 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 22:08:34 +0200
Subject: [PATCH 139/504] Services are socket activated.

---
 roles/nfs-server/templates/sssd.conf.j2 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfs-server/templates/sssd.conf.j2
index 48eae04..815ea54 100644
--- a/roles/nfs-server/templates/sssd.conf.j2
+++ b/roles/nfs-server/templates/sssd.conf.j2
@@ -1,6 +1,5 @@
 [sssd]
 domains = LDAP
-services = nss, pam
 config_file_version = 2
 
 [nss]

From 6bdd207f1e90c632dc75eb85c09eaf2036fca135 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 22:36:06 +0200
Subject: [PATCH 140/504] Fix (not) reloading systemd service during
 installation.

---
 roles/kerberize/handlers/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/kerberize/handlers/main.yml b/roles/kerberize/handlers/main.yml
index 9adbeaa..d0a508b 100644
--- a/roles/kerberize/handlers/main.yml
+++ b/roles/kerberize/handlers/main.yml
@@ -3,3 +3,4 @@
     name: sshd
     state: reloaded
   notify: "reload sshd"
+  when: not run_in_installer|default(false)|bool

From fc67adddd554f90eee23883371de775378a32bd6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 1 Apr 2021 23:22:47 +0200
Subject: [PATCH 141/504] Fix for missing 'python-apt' package.

---
 kerberox-client.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kerberox-client.yml b/kerberox-client.yml
index 201d5d5..cd7b29f 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -11,6 +11,7 @@
       - webext-ublock-origin
       - krb5-auth-dialog
     extra_pkgs_bpo: []  # [ libreoffice ]
+    ansible_python_interpreter: "/usr/bin/python3"
 
   vars_prompt:
     - name: "kadmin_pwd"

From 318672dabc9836320951e9cc5e8c050e81b1f564 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 2 Apr 2021 10:34:16 +0200
Subject: [PATCH 142/504] Modifications need to be applied immediately.

---
 roles/two-interface-firewalld/tasks/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
index c3c2c9e..a5e9850 100644
--- a/roles/two-interface-firewalld/tasks/main.yml
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -19,6 +19,7 @@
     interface: "{{ if_wan }}"
     permanent: yes
     state: enabled
+    immediate: true
   when: not run_in_installer|default(false)|bool
 
 - name: enable masquerading
@@ -27,6 +28,7 @@
     masquerade: 'yes'
     permanent: yes
     state: enabled
+    immediate: true
   when: not run_in_installer|default(false)|bool
 
 - name: add LAN interface to zone intern
@@ -35,6 +37,7 @@
     interface: "{{ if_lan }}"
     permanent: yes
     state: enabled
+    immediate: true
   when: not run_in_installer|default(false)|bool
 
 - name: enable services
@@ -43,6 +46,7 @@
     service: "{{ item }}"
     permanent: yes
     state: enabled
+    immediate: true
   with_items:
     - dhcp
     - dns

From cef622fa33762fc2a6c02f6c589763c31ca865dd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 2 Apr 2021 11:07:45 +0200
Subject: [PATCH 143/504] Add README to explain the deployment of the keytabs.

---
 README.kerberox | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 README.kerberox

diff --git a/README.kerberox b/README.kerberox
new file mode 100644
index 0000000..9362321
--- /dev/null
+++ b/README.kerberox
@@ -0,0 +1,11 @@
+## After installation of the clients, prepare and copy all machine
+## credentials to the machines in the following way:
+
+## Find the kadmin password to be used soon:
+    sudo cat /root/kadmin.pwd
+
+## Then:
+    cd /home/ansible/debian-lan/ 
+    ansible-playbook --ask-become-pass kerberox-client.yml
+
+## Enter the 'BECOME' password and the kadmin password obtained above.       

From 51f01858c1abf8520d66377b0353acaad08c9826 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 3 Apr 2021 23:10:24 +0200
Subject: [PATCH 144/504] Implement self signed certificate for slapd.

---
 roles/ldap/defaults/main.yml        |  2 ++
 roles/ldap/tasks/main.yml           | 37 +++++++++++++++++++++++++----
 roles/ldap/templates/slapd-TLS.ldif |  9 +++++++
 3 files changed, 44 insertions(+), 4 deletions(-)
 create mode 100644 roles/ldap/templates/slapd-TLS.ldif

diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index d383ca2..e126f1e 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -1,6 +1,8 @@
 ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd chars=ascii_letters,digits length=32') }}"
 ldap_admin_pwd_file: "/root/ldap-admin.pwd"
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+TLSCertificateFile: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+TLSCertificateKeyFile: "/etc/ssl/private/ssl-cert-snakeoil.key"
 lan_homes:  /home/lan
 min_id: 10000
 max_id: 20000
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 589b07c..6e88311 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -39,27 +39,49 @@
   no_log: true
   when: not slapd.stat.exists
 
-- name: install slapd, ldap-utils, ldapvi and python3-ldap
+- name: install packages for LDAP
   apt:
     name:
       - slapd
       - ldap-utils
       - ldapvi
       - python3-ldap
+      - ssl-cert
     state: latest
 
+- name: add openldap to the ssl-cert group
+  user:
+    name: openldap
+    groups: ssl-cert
+    append: yes
+  register: ssl_cert_group
+
+- name: restart slapd
+  systemd: name=slapd state=restarted
+  when: ssl_cert_group.changed
+
 - name: make initial slapd configuration available
   copy:
     src: slapd-config.ldif
-    dest: /etc/ldap/slapd.d/slapd-config.ldif
+    dest: /etc/ldap/slapd.d/
+  when: not slapd.stat.exists
+
+- name: make slapd TLS configuration available
+  template:
+    src: slapd-TLS.ldif
+    dest: /etc/ldap/slapd.d/
   when: not slapd.stat.exists
 
 - name: activate ppolicy schema
-  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
   when: not slapd.stat.exists
 
 - name: initialize slapd if it has just been installed
-  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
+  when: not slapd.stat.exists
+
+- name: configure LDAP TLS
+  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif
   when: not slapd.stat.exists
 
 - name: "make 'ldap' an alias hostname resolvable from the LAN"
@@ -81,6 +103,13 @@
     line: "BASE {{ basedn }}"
     insertafter: "#BASE.*"
 
+- name: check against self signed certificate
+  replace:
+    path: /etc/ldap/ldap.conf
+    regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
+    replace: '#\1\nTLS_CACERT\t{{ TLSCertificateFile }}'
+  when: not slapd.stat.exists
+
 #######################################################################################
 ## Use the admin password saved to file from now on (available also after installation):
 - name: slurp admin password
diff --git a/roles/ldap/templates/slapd-TLS.ldif b/roles/ldap/templates/slapd-TLS.ldif
new file mode 100644
index 0000000..e94216f
--- /dev/null
+++ b/roles/ldap/templates/slapd-TLS.ldif
@@ -0,0 +1,9 @@
+#### ENABLE LDAP TLS ####
+dn: cn=config
+changetype: modify
+add: olcTLSCertificateFile
+olcTLSCertificateFile: {{ TLSCertificateFile }}
+-
+add: olcTLSCertificateKeyFile
+olcTLSCertificateKeyFile: {{ TLSCertificateKeyFile }}
+-

From c976c69bed0294b8a4c67cab1806f6c607d3ab3a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 5 Apr 2021 19:12:31 +0200
Subject: [PATCH 145/504] Move LDAP install/setup tasks into extra file.

---
 roles/ldap/tasks/main.yml  | 116 ++++---------------------------------
 roles/ldap/tasks/setup.yml |  94 ++++++++++++++++++++++++++++++
 2 files changed, 104 insertions(+), 106 deletions(-)
 create mode 100644 roles/ldap/tasks/setup.yml

diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 6e88311..4d0c307 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -1,117 +1,18 @@
-## Install and configure slapd (if not done yet),
-##  run most tasks only on slapd installation.
+## Install and configure slapd.
 ---
 - fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
-- name: check if slapd is already there
-  stat: path=/etc/ldap/slapd.d/slapd-config.ldif
+- name: check if slapd is already set up
+  stat: path=/usr/sbin/slapd
   register: slapd
 
-- name: preseed ldap domain
-  debconf:
-    name: slapd
-    question:  slapd/domain
-    value: "{{ ansible_domain }}"
-    vtype: string
-  when: not slapd.stat.exists
-
-- name: preseed slapd admin password1
-  debconf:
-    name: slapd
-    question: slapd/password1
-    value: "{{ ldap_admin_pwd }}"
-    vtype: password
-  no_log: true
-  when: not slapd.stat.exists
-
-- name: preseed slapd admin password2
-  debconf:
-    name: slapd
-    question: slapd/password2
-    value: "{{ ldap_admin_pwd }}"
-    vtype: password
-  no_log: true
-  when: not slapd.stat.exists
-
-- name: dump admin password
-  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
-  no_log: true
-  when: not slapd.stat.exists
-
-- name: install packages for LDAP
-  apt:
-    name:
-      - slapd
-      - ldap-utils
-      - ldapvi
-      - python3-ldap
-      - ssl-cert
-    state: latest
-
-- name: add openldap to the ssl-cert group
-  user:
-    name: openldap
-    groups: ssl-cert
-    append: yes
-  register: ssl_cert_group
-
-- name: restart slapd
-  systemd: name=slapd state=restarted
-  when: ssl_cert_group.changed
-
-- name: make initial slapd configuration available
-  copy:
-    src: slapd-config.ldif
-    dest: /etc/ldap/slapd.d/
-  when: not slapd.stat.exists
-
-- name: make slapd TLS configuration available
-  template:
-    src: slapd-TLS.ldif
-    dest: /etc/ldap/slapd.d/
-  when: not slapd.stat.exists
-
-- name: activate ppolicy schema
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
-  when: not slapd.stat.exists
-
-- name: initialize slapd if it has just been installed
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
-  when: not slapd.stat.exists
-
-- name: configure LDAP TLS
-  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif
-  when: not slapd.stat.exists
-
-- name: "make 'ldap' an alias hostname resolvable from the LAN"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1	ldap'
-  when: not slapd.stat.exists
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldapi:///"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: check against self signed certificate
-  replace:
-    path: /etc/ldap/ldap.conf
-    regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
-    replace: '#\1\nTLS_CACERT\t{{ TLSCertificateFile }}'
+- name: install and configure slapd
+  include_tasks: setup.yml
   when: not slapd.stat.exists
 
 #######################################################################################
-## Use the admin password saved to file from now on (available also after installation):
+## Use the admin password saved to file (available also after installation):
 - name: slurp admin password
   slurp:
     src: "{{ ldap_admin_pwd_file }}"
@@ -133,6 +34,7 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
+
 - name: add group for ldap users
   ldap_entry:
     dn: "cn=ldapuser,ou=groups,{{ basedn }}"
@@ -143,13 +45,14 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
+
 - name: provide simple script to manage ldap/kdc
   template:
     src: debian-lan.j2
     dest: /usr/local/sbin/debian-lan
     mode: 0744
 
-## Add user
+
 - name: add dummy user foo
   ldap_entry:
     dn: "uid=foo,ou=people,{{ basedn }}"
@@ -179,6 +82,7 @@
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
 
+
 - name: allow ldap service in firewalld
   firewalld:
     zone: internal
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
new file mode 100644
index 0000000..43067eb
--- /dev/null
+++ b/roles/ldap/tasks/setup.yml
@@ -0,0 +1,94 @@
+## Install and configure slapd.
+---
+- name: preseed ldap domain
+  debconf:
+    name: slapd
+    question:  slapd/domain
+    value: "{{ ansible_domain }}"
+    vtype: string
+
+- name: preseed slapd admin password1
+  debconf:
+    name: slapd
+    question: slapd/password1
+    value: "{{ ldap_admin_pwd }}"
+    vtype: password
+  no_log: true
+
+- name: preseed slapd admin password2
+  debconf:
+    name: slapd
+    question: slapd/password2
+    value: "{{ ldap_admin_pwd }}"
+    vtype: password
+  no_log: true
+
+- name: dump admin password
+  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
+  no_log: true
+
+- name: install packages for LDAP
+  apt:
+    name:
+      - slapd
+      - ldap-utils
+      - ldapvi
+      - python3-ldap
+      - ssl-cert
+    state: latest
+
+- name: add openldap to the ssl-cert group
+  user:
+    name: openldap
+    groups: ssl-cert
+    append: yes
+  register: ssl_cert_group
+
+- name: restart slapd
+  systemd: name=slapd state=restarted
+  when: ssl_cert_group.changed
+
+- name: make initial slapd configuration available
+  copy:
+    src: slapd-config.ldif
+    dest: /etc/ldap/slapd.d/
+
+- name: make slapd TLS configuration available
+  template:
+    src: slapd-TLS.ldif
+    dest: /etc/ldap/slapd.d/
+
+- name: activate ppolicy schema
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
+
+- name: initialize slapd if it has just been installed
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
+
+- name: configure LDAP TLS
+  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif
+
+- name: "make 'ldap' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
+    replace: '\1	ldap'
+
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldapi:///"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
+- name: check against self signed certificate
+  replace:
+    path: /etc/ldap/ldap.conf
+    regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
+    replace: '#\1\nTLS_CACERT\t{{ TLSCertificateFile }}'
+
+## Use 'sudo ldapvi -Y EXTERNAL -h ldapi:/// -b "cn=config"' to modify certificate and key.

From e5ae626936f3f73c285c7cf149afb5cd775e9204 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 8 Apr 2021 09:01:25 +0200
Subject: [PATCH 146/504] Implement LAN server sharing home directories via smb
 or sshfs.

---
 roles/lan-client/tasks/main.yml         |   2 +-
 roles/ldap/tasks/setup.yml              |   4 +
 roles/samba-ldap/defaults/main.yml      |   4 +
 roles/samba-ldap/handlers/main.yml      |   8 ++
 roles/samba-ldap/meta/main.yml          |   3 +
 roles/samba-ldap/tasks/main.yml         | 118 ++++++++++++++++++++++++
 roles/samba-ldap/templates/sssd.conf.j2 |  20 ++++
 sambox.yml                              |  55 +++++++++++
 8 files changed, 213 insertions(+), 1 deletion(-)
 create mode 100644 roles/samba-ldap/defaults/main.yml
 create mode 100644 roles/samba-ldap/handlers/main.yml
 create mode 100644 roles/samba-ldap/meta/main.yml
 create mode 100644 roles/samba-ldap/tasks/main.yml
 create mode 100644 roles/samba-ldap/templates/sssd.conf.j2
 create mode 100644 sambox.yml

diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index 9b793a3..e394016 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -93,6 +93,6 @@
 - name: automount
   lineinfile:
     dest: /etc/fstab
-    line: "{{ nfs_server}}:/home  {{ lan_homes }}  nfs4  sec=krb5p,_netdev,noauto,x-systemd.automount,x-systemd.idle-timeout=60  0  0"
+    line: "{{ nfs_server }}:/home  {{ lan_homes }}  nfs4  sec=krb5p,_netdev,noauto,x-systemd.automount,x-systemd.idle-timeout=60  0  0"
   notify: reload systemd
   when: not run_in_installer|default(false)|bool
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
index 43067eb..e01f556 100644
--- a/roles/ldap/tasks/setup.yml
+++ b/roles/ldap/tasks/setup.yml
@@ -91,4 +91,8 @@
     regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
     replace: '#\1\nTLS_CACERT\t{{ TLSCertificateFile }}'
 
+- name: enable pam-mkhomedir
+  command: pam-auth-update --enable mkhomedir
+  when: foo_pwd is defined and foo_pwd | length > 0
+
 ## Use 'sudo ldapvi -Y EXTERNAL -h ldapi:/// -b "cn=config"' to modify certificate and key.
diff --git a/roles/samba-ldap/defaults/main.yml b/roles/samba-ldap/defaults/main.yml
new file mode 100644
index 0000000..575579c
--- /dev/null
+++ b/roles/samba-ldap/defaults/main.yml
@@ -0,0 +1,4 @@
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+ldap_server: ldap
+min_id_sssd: 5000
+max_id_sssd: 20000
diff --git a/roles/samba-ldap/handlers/main.yml b/roles/samba-ldap/handlers/main.yml
new file mode 100644
index 0000000..99844ab
--- /dev/null
+++ b/roles/samba-ldap/handlers/main.yml
@@ -0,0 +1,8 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
+
+- name: restart smbd
+  service: name=smbd state=restarted enabled=yes
+  listen: "restart smbd"
+
diff --git a/roles/samba-ldap/meta/main.yml b/roles/samba-ldap/meta/main.yml
new file mode 100644
index 0000000..b19fb35
--- /dev/null
+++ b/roles/samba-ldap/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: ldap
diff --git a/roles/samba-ldap/tasks/main.yml b/roles/samba-ldap/tasks/main.yml
new file mode 100644
index 0000000..cf0e871
--- /dev/null
+++ b/roles/samba-ldap/tasks/main.yml
@@ -0,0 +1,118 @@
+## Install and configure samba-ldap.
+---
+- name: check if samba is already there
+  stat: path=/etc/ldap/schema/samba.ldif
+  register: samba_ldap
+
+- name: install samba and provide samba schema
+  apt:
+    name:
+      - samba
+      - sssd-ldap
+    state: latest
+
+
+- name: provide identities from LDAP
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
+
+- meta: flush_handlers
+
+
+- name: prepare samba schema
+  command: cp /usr/share/doc/samba/examples/LDAP/samba.ldif /etc/ldap/schema/
+  args:
+    creates: /etc/ldap/schema/samba.ldif
+
+- name: activate samba.ldif schema
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif
+  when: not samba_ldap.stat.exists
+
+- name: add indexes to LDAP
+  ldap_attr:
+    dn: "olcDatabase={1}mdb,cn=config"
+    name: olcDbIndex
+    values:
+      - sambaSID eq
+      - sambaPrimaryGroupSID eq
+      - sambaGroupType eq
+      - sambaSIDList eq
+      - sambaDomainName eq
+    state: present
+
+- name: modify ACLs to account for Samba
+  ldap_attr:
+    dn: "olcDatabase={1}mdb,cn=config"
+    name: olcAccess
+    values:
+      - >-
+        to attrs=userPassword
+        by self write
+        by anonymous auth
+        by * none
+      - >-
+        to attrs=shadowLastChange
+        by self write
+        by * read
+      - >-
+        to attrs=sambaNTPassword
+        by dn.exact=cn=admin,{{ basedn }} write
+        by self write
+        by * none
+      - >-
+        to * by * read
+    state: exact
+
+- name: customize smb.conf
+  blockinfile:
+    dest: /etc/samba/smb.conf
+    insertafter: '^\s*server role ='
+    block: |
+      ####### LDAP Settings #######
+      passdb backend = ldapsam:ldapi:///
+      ldap suffix = {{ basedn }}
+      ldap user suffix = ou=people
+      ldap group suffix = ou=groups
+      ldap machine suffix = ou=computers
+      ldap idmap suffix = ou=idmap
+      ldap admin dn = cn=admin,{{ basedn }}
+      ldap ssl = no
+      ldap passwd sync = yes
+  notify: restart smbd
+
+
+- name: slurp admin password for samba setup
+  slurp:
+    src: "{{ ldap_admin_pwd_file }}"
+  register: ldap_admin_pwd 
+  no_log: true  
+  when: not samba_ldap.stat.exists
+
+- name: make samba admin password available to smbd
+  command: smbpasswd -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+  no_log: true
+  notify: restart smbd
+  when: not samba_ldap.stat.exists
+
+- meta: flush_handlers
+
+- name: add samba attributes to dummy user foo 
+  command:
+    cmd: smbpasswd -s -a foo
+    stdin: "{{ foo_pwd }}\n{{ foo_pwd }}"
+  when: foo_pwd is defined and foo_pwd | length > 0
+
+########################
+
+- name: allow services in firewalld
+  firewalld:
+    zone: internal
+    service: "{{ item }}"
+    permanent: yes
+    immediate: yes
+    state: enabled
+  with_items:
+    - samba
diff --git a/roles/samba-ldap/templates/sssd.conf.j2 b/roles/samba-ldap/templates/sssd.conf.j2
new file mode 100644
index 0000000..eb6d50e
--- /dev/null
+++ b/roles/samba-ldap/templates/sssd.conf.j2
@@ -0,0 +1,20 @@
+[sssd]
+domains = LDAP
+config_file_version = 2
+
+[nss]
+filter_groups = root
+filter_users = root
+
+[pam]
+
+[domain/LDAP]
+id_provider = ldap
+ldap_uri = ldap://{{ ldap_server }}/
+ldap_search_base = {{ basedn }}
+
+auth_provider = ldap
+cache_credentials = true
+
+min_id = {{ min_id_sssd }}
+max_id = {{ max_id_sssd }}
diff --git a/sambox.yml b/sambox.yml
new file mode 100644
index 0000000..6160297
--- /dev/null
+++ b/sambox.yml
@@ -0,0 +1,55 @@
+---
+## This playbook deploys the sambox server.  Add 'hostname=XXX' and 'domain=YYY'
+## to the installer boot parameters to set hostname and domain.
+## 
+
+
+- name: apply configuration to the sambox server
+  hosts: all
+  remote_user: ansible
+  become: yes
+
+  vars:
+    ## This interface provides the default route:
+    if_wan: "{{ ansible_default_ipv4.interface }}"
+
+    ## Use the first remaining interface for the LAN:
+    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
+
+    ## LAN IP address range:
+    ipaddr_lan: 192.168.0.10/24
+    dhcp_range: 192.168.0.50,192.168.0.99,2h
+    in_inventory: 192.168.0.[50:99]
+
+    di_dist: "{{ ansible_distribution_release }}"
+    di_version: 10  #"{{ ansible_distribution_major_version }}"
+    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+
+    ansible_user: ansible
+    repo_dir: "/home/{{ ansible_user }}/debian-lan"
+    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
+
+
+  vars_prompt:
+    - name: "foo_pwd"
+      prompt:
+        In case you would like to prepare a test user 'foo' and have
+        not done so yet, provide foo's password here.  Leave empty to
+        just continue
+      private: yes
+
+
+  pre_tasks:
+    - name: validate if interfaces are available
+      fail:
+        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
+      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
+
+
+  roles:
+    - up2date-debian
+    - two-interface-firewalld
+    - dhcp-dns-dnsmasq
+    - tftp-netboot-installer
+    - apt-cacher
+    - samba-ldap

From e55997a01cf5372888609ae3c5b67d5c35dbc0d0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 9 Apr 2021 10:17:45 +0200
Subject: [PATCH 147/504] Draft implementation of sambox-client.

---
 roles/ldap/tasks/setup.yml                    |  6 --
 roles/prepare4clients/tasks/main.yml          | 33 +++++++++++
 roles/samba-ldap/defaults/main.yml            |  2 +-
 roles/samba-ldap/templates/sssd.conf.j2       |  3 +
 roles/smb-sshfs-client/defaults/main.yml      |  5 ++
 roles/smb-sshfs-client/handlers/main.yml      |  9 +++
 roles/smb-sshfs-client/tasks/main.yml         | 58 +++++++++++++++++++
 roles/smb-sshfs-client/templates/sssd.conf.j2 | 22 +++++++
 sambox-client.yml                             | 20 +++++++
 sambox.yml                                    |  1 +
 10 files changed, 152 insertions(+), 7 deletions(-)
 create mode 100644 roles/smb-sshfs-client/defaults/main.yml
 create mode 100644 roles/smb-sshfs-client/handlers/main.yml
 create mode 100644 roles/smb-sshfs-client/tasks/main.yml
 create mode 100644 roles/smb-sshfs-client/templates/sssd.conf.j2
 create mode 100644 sambox-client.yml

diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
index e01f556..d5ccfbe 100644
--- a/roles/ldap/tasks/setup.yml
+++ b/roles/ldap/tasks/setup.yml
@@ -67,12 +67,6 @@
 - name: configure LDAP TLS
   command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif
 
-- name: "make 'ldap' an alias hostname resolvable from the LAN"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1	ldap'
-
 - name: add URI to ldap.conf
   lineinfile:
     dest: /etc/ldap/ldap.conf
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 8324881..f83ad9b 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -135,8 +135,41 @@
   notify: "rebuild di-netboot-assistant menu"
   when: krb5kdc.stat.exists
 
+########  sambox-client #######
+
+- name: check if we operate on sambox
+  stat: path=/etc/samba/smb.conf
+  register: samba
+
+- name: add sambox-client auto pxe boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/pxelinux.HEAD
+    insertbefore: EOF
+    block: |
+      LABEL autoinstall
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + sambox-client.yml
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+    marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
+  notify: "rebuild di-netboot-assistant menu"
+  when: samba.stat.exists
+
+- name: add sambox-client auto efi boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: EOF
+    block: |
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + sambox-client.yml' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+    marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
+  notify: "rebuild di-netboot-assistant menu"
+  when: samba.stat.exists
+
 ######################
 
+
 - name: provide git repo if not available already
   git:
     repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
diff --git a/roles/samba-ldap/defaults/main.yml b/roles/samba-ldap/defaults/main.yml
index 575579c..37ab18a 100644
--- a/roles/samba-ldap/defaults/main.yml
+++ b/roles/samba-ldap/defaults/main.yml
@@ -1,4 +1,4 @@
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: ldap
+ldap_server: sambox
 min_id_sssd: 5000
 max_id_sssd: 20000
diff --git a/roles/samba-ldap/templates/sssd.conf.j2 b/roles/samba-ldap/templates/sssd.conf.j2
index eb6d50e..c5c4187 100644
--- a/roles/samba-ldap/templates/sssd.conf.j2
+++ b/roles/samba-ldap/templates/sssd.conf.j2
@@ -18,3 +18,6 @@ cache_credentials = true
 
 min_id = {{ min_id_sssd }}
 max_id = {{ max_id_sssd }}
+
+## remove this after providing propper certificates: 
+ldap_tls_reqcert = allow
diff --git a/roles/smb-sshfs-client/defaults/main.yml b/roles/smb-sshfs-client/defaults/main.yml
new file mode 100644
index 0000000..120b76a
--- /dev/null
+++ b/roles/smb-sshfs-client/defaults/main.yml
@@ -0,0 +1,5 @@
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+ldap_server: sambox
+home_server: sambox
+min_id_sssd: 5000
+max_id_sssd: 20000
diff --git a/roles/smb-sshfs-client/handlers/main.yml b/roles/smb-sshfs-client/handlers/main.yml
new file mode 100644
index 0000000..3c18dd6
--- /dev/null
+++ b/roles/smb-sshfs-client/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
+
+- name: reload systemd
+  systemd:
+    daemon_reload: yes
+  listen: "reload systemd"
+
diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smb-sshfs-client/tasks/main.yml
new file mode 100644
index 0000000..0e9391f
--- /dev/null
+++ b/roles/smb-sshfs-client/tasks/main.yml
@@ -0,0 +1,58 @@
+---
+- fail: msg="The machine's domain must not be empty."
+  when: ansible_domain | length == 0
+
+- name: install needed packages
+  apt:
+    name:
+      - sssd-ldap
+      - libpam-mount  
+      - cifs-utils
+      - sshfs  
+    state: latest
+
+- name: add URI to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "URI ldap://ldap/"
+    insertafter: "#URI.*"
+
+- name: add BASE to ldap.conf
+  lineinfile:
+    dest: /etc/ldap/ldap.conf
+    line: "BASE {{ basedn }}"
+    insertafter: "#BASE.*"
+
+- name: enable pam_umask
+  lineinfile:
+    dest: /etc/pam.d/common-session
+    line: "session optional	pam_umask.so usergroups"
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
+
+- name: configure pam_mount
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    block: |
+      <!-- volume
+        fstype="cifs"
+        server="{{ home_server }}"
+        path="%(USER)"
+        mountpoint="/home/lan/%(USER)"
+        options="dir_mode=0750,file_mode=0640"
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume -->
+      <volume
+        fstype="fuse"
+        path="sshfs#%(USER)@{{ home_server }}:"
+        mountpoint="/home/lan/%(USER)"
+        options="allow_other,default_permissions,reconnect,password_stdin"
+        ssh="0" noroot="0"
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+    insertafter: "<!-- Volume definitions -->"
+
+
diff --git a/roles/smb-sshfs-client/templates/sssd.conf.j2 b/roles/smb-sshfs-client/templates/sssd.conf.j2
new file mode 100644
index 0000000..f39b856
--- /dev/null
+++ b/roles/smb-sshfs-client/templates/sssd.conf.j2
@@ -0,0 +1,22 @@
+[sssd]
+domains = LDAP
+config_file_version = 2
+
+[nss]
+filter_groups = root
+filter_users = root
+
+[pam]
+
+[domain/LDAP]
+id_provider = ldap
+ldap_uri = ldap://{{ ldap_server }}/
+ldap_search_base = {{ basedn }}
+
+auth_provider = ldap
+cache_credentials = true
+
+min_id = {{ min_id_sssd }}
+max_id = {{ max_id_sssd }}
+
+ldap_tls_reqcert = allow
diff --git a/sambox-client.yml b/sambox-client.yml
new file mode 100644
index 0000000..8b63293
--- /dev/null
+++ b/sambox-client.yml
@@ -0,0 +1,20 @@
+---
+# This playbook deploys a client for the kerberox LAN.
+
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - webext-privacy-badger
+      - webext-ublock-origin
+    extra_pkgs_bpo: []  # [ libreoffice ]
+    ansible_python_interpreter: "/usr/bin/python3"
+
+  roles:
+    - up2date-debian
+    - smb-sshfs-client
+    ## Choose either gnome or KDE:
+    #- gnome
+    #- kde
diff --git a/sambox.yml b/sambox.yml
index 6160297..c24d2ee 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -53,3 +53,4 @@
     - tftp-netboot-installer
     - apt-cacher
     - samba-ldap
+    - prepare4clients

From ebcfd88ef4bdd9b48f0ff3b087a81b9b5ccfdb82 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 9 Apr 2021 10:31:16 +0200
Subject: [PATCH 148/504] Restructuring/renaming DNS, DHCP, TFTP and netboot
 installer.

Idea: The role 'dnsmasq' and a new role 'dns-dhcp-tftp' are
drop-in replacements and interchangeable. 'netboot-installer'
works indepently of the role chosen for DNS, DHCP and TFTP.
---
 kerberox.yml                                             | 4 ++--
 roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2         | 3 ---
 roles/{dhcp-dns-dnsmasq => dnsmasq}/handlers/main.yml    | 0
 roles/{dhcp-dns-dnsmasq => dnsmasq}/tasks/main.yml       | 8 +++++++-
 roles/dnsmasq/templates/dnsmasq-dhcp.j2                  | 3 +++
 .../templates/dnsmasq-tftp-netboot-installer.j2          | 0
 .../defaults/main.yml                                    | 0
 .../handlers/main.yml                                    | 0
 .../tasks/main.yml                                       | 9 +--------
 sambox.yml                                               | 9 +++++----
 10 files changed, 18 insertions(+), 18 deletions(-)
 delete mode 100644 roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
 rename roles/{dhcp-dns-dnsmasq => dnsmasq}/handlers/main.yml (100%)
 rename roles/{dhcp-dns-dnsmasq => dnsmasq}/tasks/main.yml (61%)
 create mode 100644 roles/dnsmasq/templates/dnsmasq-dhcp.j2
 rename roles/{tftp-netboot-installer => dnsmasq}/templates/dnsmasq-tftp-netboot-installer.j2 (100%)
 rename roles/{tftp-netboot-installer => netboot-installer}/defaults/main.yml (100%)
 rename roles/{tftp-netboot-installer => netboot-installer}/handlers/main.yml (100%)
 rename roles/{tftp-netboot-installer => netboot-installer}/tasks/main.yml (78%)

diff --git a/kerberox.yml b/kerberox.yml
index ce8bbed..edb56d3 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -47,8 +47,8 @@
   roles:
     - up2date-debian
     - two-interface-firewalld
-    - dhcp-dns-dnsmasq
-    - tftp-netboot-installer
+    - netboot-installer
+    - dnsmasq
     - apt-cacher
     - { role: krb5-kdc-ldap, when: not run_in_installer|default(false)|bool }
     - { role: nfs-server, when: not run_in_installer|default(false)|bool }
diff --git a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2 b/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
deleted file mode 100644
index 61f82c2..0000000
--- a/roles/dhcp-dns-dnsmasq/templates/dnsmasq-dhcp.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-interface={{ if_lan }}
-dhcp-range={{ dhcp_range }}
-dhcp-generate-names
diff --git a/roles/dhcp-dns-dnsmasq/handlers/main.yml b/roles/dnsmasq/handlers/main.yml
similarity index 100%
rename from roles/dhcp-dns-dnsmasq/handlers/main.yml
rename to roles/dnsmasq/handlers/main.yml
diff --git a/roles/dhcp-dns-dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml
similarity index 61%
rename from roles/dhcp-dns-dnsmasq/tasks/main.yml
rename to roles/dnsmasq/tasks/main.yml
index 48bae66..d5e7fc2 100644
--- a/roles/dhcp-dns-dnsmasq/tasks/main.yml
+++ b/roles/dnsmasq/tasks/main.yml
@@ -9,8 +9,14 @@
       - resolvconf
     state: latest
 
-- name: configure dnsmasq
+- name: configure dnsmasq dhcp
   template:
     src: dnsmasq-dhcp.j2
     dest: /etc/dnsmasq.d/dnsmasq-dhcp
   notify: "restart dnsmasq"
+
+- name: configure dnsmasq tftp
+  template:
+    src: dnsmasq-tftp-netboot-installer.j2
+    dest: /etc/dnsmasq.d/tftp-netboot-installer
+  notify: "restart dnsmasq"
diff --git a/roles/dnsmasq/templates/dnsmasq-dhcp.j2 b/roles/dnsmasq/templates/dnsmasq-dhcp.j2
new file mode 100644
index 0000000..29f73dd
--- /dev/null
+++ b/roles/dnsmasq/templates/dnsmasq-dhcp.j2
@@ -0,0 +1,3 @@
+interface={{ if_lan }}
+dhcp-range={{ dhcp_start }},{{ dhcp_stop }},2h
+dhcp-generate-names
diff --git a/roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2 b/roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2
similarity index 100%
rename from roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2
rename to roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2
diff --git a/roles/tftp-netboot-installer/defaults/main.yml b/roles/netboot-installer/defaults/main.yml
similarity index 100%
rename from roles/tftp-netboot-installer/defaults/main.yml
rename to roles/netboot-installer/defaults/main.yml
diff --git a/roles/tftp-netboot-installer/handlers/main.yml b/roles/netboot-installer/handlers/main.yml
similarity index 100%
rename from roles/tftp-netboot-installer/handlers/main.yml
rename to roles/netboot-installer/handlers/main.yml
diff --git a/roles/tftp-netboot-installer/tasks/main.yml b/roles/netboot-installer/tasks/main.yml
similarity index 78%
rename from roles/tftp-netboot-installer/tasks/main.yml
rename to roles/netboot-installer/tasks/main.yml
index f6daa83..e2e88bc 100644
--- a/roles/tftp-netboot-installer/tasks/main.yml
+++ b/roles/netboot-installer/tasks/main.yml
@@ -17,14 +17,7 @@
     src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
     force: no
-
-- name: configure dnsmasq
-  template:
-    src: dnsmasq-tftp-netboot-installer.j2
-    dest: /etc/dnsmasq.d/tftp-netboot-installer
-  notify:
-    - restart dnsmasq
-    - rebuild di-netboot-assistant menu
+    remote_src: yes
 
 - name: make the hostname resolvable from the LAN
   replace:
diff --git a/sambox.yml b/sambox.yml
index c24d2ee..85560e1 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -18,8 +18,9 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    dhcp_range: 192.168.0.50,192.168.0.99,2h
-    in_inventory: 192.168.0.[50:99]
+    dhcp_start: 192.168.0.50
+    dhcp_stop:  192.168.0.150
+    in_inventory: 192.168.0.[50:150]
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: 10  #"{{ ansible_distribution_major_version }}"
@@ -49,8 +50,8 @@
   roles:
     - up2date-debian
     - two-interface-firewalld
-    - dhcp-dns-dnsmasq
-    - tftp-netboot-installer
+    - netboot-installer
+    - dns-dhcp-tftp
     - apt-cacher
     - samba-ldap
     - prepare4clients

From d8366d2ca26cb13a23def3e0f426981bbcf9ad88 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 9 Apr 2021 11:20:21 +0200
Subject: [PATCH 149/504] Implement DNS (bind9) and DHCP (isc-dhcp-server) and
 TFTP (tftpd-hpa).

---
 roles/dns-dhcp-tftp/defaults/main.yml         |   1 +
 roles/dns-dhcp-tftp/handlers/main.yml         |  11 ++
 roles/dns-dhcp-tftp/tasks/main.yml            |  84 +++++++++++
 roles/dns-dhcp-tftp/templates/db.192.168.0.j2 |  11 ++
 roles/dns-dhcp-tftp/templates/db.intern.j2    |  17 +++
 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2   | 137 ++++++++++++++++++
 roles/dns-dhcp-tftp/templates/localzones.j2   |  13 ++
 roles/dns-dhcp-tftp/templates/resolv.conf.j2  |   3 +
 roles/prepare4clients/tasks/main.yml          |   3 +-
 9 files changed, 279 insertions(+), 1 deletion(-)
 create mode 100644 roles/dns-dhcp-tftp/defaults/main.yml
 create mode 100644 roles/dns-dhcp-tftp/handlers/main.yml
 create mode 100644 roles/dns-dhcp-tftp/tasks/main.yml
 create mode 100644 roles/dns-dhcp-tftp/templates/db.192.168.0.j2
 create mode 100644 roles/dns-dhcp-tftp/templates/db.intern.j2
 create mode 100644 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
 create mode 100644 roles/dns-dhcp-tftp/templates/localzones.j2
 create mode 100644 roles/dns-dhcp-tftp/templates/resolv.conf.j2

diff --git a/roles/dns-dhcp-tftp/defaults/main.yml b/roles/dns-dhcp-tftp/defaults/main.yml
new file mode 100644
index 0000000..d91fadf
--- /dev/null
+++ b/roles/dns-dhcp-tftp/defaults/main.yml
@@ -0,0 +1 @@
+name_servers: ns1.{{ ansible_domain }}
diff --git a/roles/dns-dhcp-tftp/handlers/main.yml b/roles/dns-dhcp-tftp/handlers/main.yml
new file mode 100644
index 0000000..8dec007
--- /dev/null
+++ b/roles/dns-dhcp-tftp/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: restart isc-dhcp-server
+  systemd: name=isc-dhcp-server state=restarted enabled=yes
+  listen: restart isc-dhcp-server
+
+- name: restart bind
+  systemd: name=bind9 state=restarted enabled=yes
+  listen: restart bind
+
+- name: restart tftpd-hpa
+  systemd: name=tftpd-hpa state=restarted enabled=yes
+  listen: restart tftpd-hpa
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
new file mode 100644
index 0000000..c3feb3c
--- /dev/null
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -0,0 +1,84 @@
+---
+- name: preseed tftpd-hpa
+  debconf:
+    name: tftpd-hpa
+    question: tftpd-hpa/directory
+    value: /var/lib/tftpboot
+    vtype: string
+
+- name: install tftpd, dhcpd and named packages
+  apt:
+    name:
+      - isc-dhcp-server
+      - tftpd-hpa
+      - bind9
+    state: latest
+
+## FIXME: preseeding seems to be ignored
+- name: configure TFTP root directory
+  replace:
+    path: /etc/default/tftpd-hpa
+    regexp: '^TFTP_DIRECTORY=".*"$'
+    replace: 'TFTP_DIRECTORY="/var/lib/tftpboot"'
+  notify: restart tftpd-hpa
+
+- name: serve dhcp on LAN interface       
+  replace:
+    path: /etc/default/isc-dhcp-server
+    regexp: '^INTERFACESv4=".*"$'
+    replace: 'INTERFACESv4="{{ if_lan }}"'
+  notify: restart isc-dhcp-server
+
+- name: deploy config files for isc-dhcp-server
+  template:
+    src: dhcpd.conf.j2
+    dest: /etc/dhcp/dhcpd.conf
+    backup: yes
+  notify: restart isc-dhcp-server
+
+- name: deploy config files for bind9 
+  template:
+    src: "{{ item }}.j2"
+    dest: "/etc/bind/{{ item }}"
+  loop:
+    - db.intern
+    - db.192.168.0
+    - localzones
+  notify: restart bind
+
+- name: enable local bind config
+  lineinfile:
+    path: /etc/bind/named.conf.local
+    line: 'include "/etc/bind/localzones";'
+  notify: restart bind
+
+- name: adapt resolv.conf
+  template:
+    src: resolv.conf.j2
+    dest: /etc/resolv.conf
+
+## stop dhclient from overwriting /etc/resolv.conf:
+- name: supersede dhcp client data
+  blockinfile:
+    dest: /etc/dhcp/dhclient.conf
+    block: |
+      supersede domain-name "{{ ansible_domain }}";
+      supersede domain-search "{{ ansible_domain }}";
+      supersede domain-name-servers 127.0.0.1;
+    insertbefore: "#send dhcp-client-identifier.*" 
+
+- name: generate rndc key
+  command:
+    cmd: rndc-confgen -a
+    creates: /etc/bind/rndc.key
+
+- name: copy rndc key
+  copy:
+    src: /etc/bind/rndc.key 
+    dest: /etc/dhcp/
+    owner: root 
+    group: root
+    mode: '0640'
+    remote_src: yes  
+  notify: restart isc-dhcp-server
+
diff --git a/roles/dns-dhcp-tftp/templates/db.192.168.0.j2 b/roles/dns-dhcp-tftp/templates/db.192.168.0.j2
new file mode 100644
index 0000000..3f942c1
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/db.192.168.0.j2
@@ -0,0 +1,11 @@
+$TTL 500
+@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
+                                1          ; Serial
+                                3600       ; Refresh
+                                1800       ; Retry
+                                720000     ; Expire
+                                6400 )     ; Negative Cache TTL
+;
+@                       NS      {{ ansible_fqdn }}.
+                        MX      10 {{ ansible_fqdn }}.
+{{ ipaddr_lan | ipaddr("address") | regex_replace("^.*\.(.+$)", "\\1") }}                      PTR     {{ ansible_fqdn }}.
diff --git a/roles/dns-dhcp-tftp/templates/db.intern.j2 b/roles/dns-dhcp-tftp/templates/db.intern.j2
new file mode 100644
index 0000000..3bc6776
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/db.intern.j2
@@ -0,0 +1,17 @@
+$TTL 500
+@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
+                                1          ; Serial
+                                3600       ; Refresh
+                                1800       ; Retry
+                                720000     ; Expire
+                                6400 )     ; Negative Cache TTL
+;
+@                       NS      {{ ansible_fqdn }}.
+                        MX      10 {{ ansible_fqdn }}.
+{{ ansible_hostname }}                  A       {{ ipaddr_lan | ipaddr("address") }}
+_ldap._tcp              SRV     100 0 389 {{ ansible_fqdn }}.
+ns1                     CNAME   {{ ansible_fqdn }}.
+ns2                     CNAME   {{ ansible_fqdn }}.
+aptcache                CNAME   {{ ansible_fqdn }}.
+homes                   CNAME   {{ ansible_fqdn }}.
+ldap                    CNAME   {{ ansible_fqdn }}.
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
new file mode 100644
index 0000000..95209ae
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
@@ -0,0 +1,137 @@
+# dhcpd.conf
+#
+# Sample configuration file for ISC dhcpd
+#
+
+# option definitions common to all supported networks...
+option domain-name "{{ ansible_domain }}";
+option domain-name-servers {{ name_servers }};
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+#ddns-update-style none;
+use-host-decl-names   on;
+
+include "/etc/dhcp/rndc.key";
+
+zone intern. {
+  primary dns;
+  key rndc-key;
+}
+
+zone 0.168.192.in-addr.arpa. {
+  primary dns;
+  key rndc-key;
+}
+
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+#log-facility local7;
+
+## The tftpd server IP address, for all clients.
+next-server 192.168.0.10;
+
+option arch code 93 = unsigned integer 16;
+if option arch = 00:07 {
+      filename "d-i/n-a/bootnetx64.efi";
+} else {
+      filename "d-i/n-a/pxelinux.0";
+}
+
+subnet 192.168.0.0 netmask 255.255.255.0 {
+      option routers {{ ipaddr_lan | ipaddr("address") }};
+      range {{ dhcp_start }} {{ dhcp_stop }};
+}
+
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+#subnet 10.254.239.0 netmask 255.255.255.224 {
+#  range 10.254.239.10 10.254.239.20;
+#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
+#}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+#host passacaglia {
+#  hardware ethernet 0:0:c0:5d:bd:95;
+#  filename "vmunix.passacaglia";
+#  server-name "toccata.example.com";
+#}
+
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+#host fantasia {
+#  hardware ethernet 08:00:07:26:c0:a5;
+#  fixed-address fantasia.example.com;
+#}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}
diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dns-dhcp-tftp/templates/localzones.j2
new file mode 100644
index 0000000..cb2a9a0
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/localzones.j2
@@ -0,0 +1,13 @@
+zone "0.168.192.in-addr.arpa" {
+        type master;
+        notify no;
+        file "/etc/bind/db.192.168.0";
+        journal "/var/lib/bind/db.192.168.0.jnl";
+};
+
+zone "intern" {
+        type master;
+        notify no;
+        file "/etc/bind/db.intern";
+        journal "/var/lib/bind/db.intern.jnl";
+};
diff --git a/roles/dns-dhcp-tftp/templates/resolv.conf.j2 b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
new file mode 100644
index 0000000..56bda43
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
@@ -0,0 +1,3 @@
+domain {{ ansible_domain }}
+search {{ ansible_domain }}.
+nameserver 127.0.0.1
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index f83ad9b..7124106 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -160,7 +160,8 @@
     insertbefore: EOF
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed + sambox-client.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
     marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"

From a6b408d86611a806eaf664e14f1e1de186df3e46 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 9 Apr 2021 11:22:39 +0200
Subject: [PATCH 150/504] Fix git-daemon service complaints.

---
 roles/prepare4clients/templates/git-repo.j2 | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/roles/prepare4clients/templates/git-repo.j2 b/roles/prepare4clients/templates/git-repo.j2
index be9f853..667fff4 100644
--- a/roles/prepare4clients/templates/git-repo.j2
+++ b/roles/prepare4clients/templates/git-repo.j2
@@ -7,12 +7,10 @@ ExecStart=/usr/bin/git daemon --reuseaddr --export-all --base-path={{ repo_dir }
 Restart=always
 RestartSec=500ms
 
-StandardOutput=syslog
-StandardError=syslog
 SyslogIdentifier=git-daemon
 
-User=nobody
-Group=nogroup
+User=git
+Group=git
 
 [Install]
 WantedBy=multi-user.target

From 16ac6d7169054ae75e94f2c0794caddb312c51b4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 10:09:57 +0200
Subject: [PATCH 151/504] Fixes for DHCP, DDNS.

---
 roles/dns-dhcp-tftp/tasks/main.yml           | 11 ++++++++++-
 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2  |  8 +++++---
 roles/dns-dhcp-tftp/templates/localzones.j2  |  4 ++++
 roles/dns-dhcp-tftp/templates/resolv.conf.j2 |  3 +--
 4 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
index c3feb3c..521f8b6 100644
--- a/roles/dns-dhcp-tftp/tasks/main.yml
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -46,6 +46,16 @@
     - localzones
   notify: restart bind
 
+- name: link zone files to writeable directory for DDNS
+  file:
+    src: "/etc/bind/{{ item }}"
+    dest: "/var/lib/bind/{{ item }}"
+    state: link
+  loop:
+    - db.intern
+    - db.192.168.0
+  notify: restart bind
+
 - name: enable local bind config
   lineinfile:
     path: /etc/bind/named.conf.local
@@ -62,7 +72,6 @@
   blockinfile:
     dest: /etc/dhcp/dhclient.conf
     block: |
-      supersede domain-name "{{ ansible_domain }}";
       supersede domain-search "{{ ansible_domain }}";
       supersede domain-name-servers 127.0.0.1;
     insertbefore: "#send dhcp-client-identifier.*" 
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
index 95209ae..b548beb 100644
--- a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
@@ -15,17 +15,19 @@ max-lease-time 7200;
 # behavior of the version 2 packages ('none', since DHCP v2 didn't
 # have support for DDNS.)
 #ddns-update-style none;
-use-host-decl-names   on;
+
+use-host-decl-names on;
+ddns-update-style standard;
 
 include "/etc/dhcp/rndc.key";
 
 zone intern. {
-  primary dns;
+  primary 127.0.0.1;
   key rndc-key;
 }
 
 zone 0.168.192.in-addr.arpa. {
-  primary dns;
+  primary 127.0.0.1;
   key rndc-key;
 }
 
diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dns-dhcp-tftp/templates/localzones.j2
index cb2a9a0..b0d958c 100644
--- a/roles/dns-dhcp-tftp/templates/localzones.j2
+++ b/roles/dns-dhcp-tftp/templates/localzones.j2
@@ -1,8 +1,11 @@
+include "/etc/bind/rndc.key";
+
 zone "0.168.192.in-addr.arpa" {
         type master;
         notify no;
         file "/etc/bind/db.192.168.0";
         journal "/var/lib/bind/db.192.168.0.jnl";
+        allow-update { key rndc-key; };
 };
 
 zone "intern" {
@@ -10,4 +13,5 @@ zone "intern" {
         notify no;
         file "/etc/bind/db.intern";
         journal "/var/lib/bind/db.intern.jnl";
+        allow-update { key rndc-key; };
 };
diff --git a/roles/dns-dhcp-tftp/templates/resolv.conf.j2 b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
index 56bda43..7118830 100644
--- a/roles/dns-dhcp-tftp/templates/resolv.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
@@ -1,3 +1,2 @@
-domain {{ ansible_domain }}
-search {{ ansible_domain }}.
+search {{ ansible_domain }}
 nameserver 127.0.0.1

From 4fab918db94fe7030adaa519984e4ee0aab86fba Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 10:11:46 +0200
Subject: [PATCH 152/504] Work around missing domain name.

---
 roles/smb-sshfs-client/defaults/main.yml | 6 +++---
 roles/smb-sshfs-client/tasks/main.yml    | 3 ---
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/roles/smb-sshfs-client/defaults/main.yml b/roles/smb-sshfs-client/defaults/main.yml
index 120b76a..19fe2da 100644
--- a/roles/smb-sshfs-client/defaults/main.yml
+++ b/roles/smb-sshfs-client/defaults/main.yml
@@ -1,5 +1,5 @@
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: sambox
-home_server: sambox
+basedn: "{{ 'dc=' + ( ansible_dns['domain'] | default('intern') | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+ldap_server: ldap
+home_server: homes
 min_id_sssd: 5000
 max_id_sssd: 20000
diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smb-sshfs-client/tasks/main.yml
index 0e9391f..adedc0e 100644
--- a/roles/smb-sshfs-client/tasks/main.yml
+++ b/roles/smb-sshfs-client/tasks/main.yml
@@ -1,7 +1,4 @@
 ---
-- fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0
-
 - name: install needed packages
   apt:
     name:

From 4b5818b883dc16e121a3f1ff6edb6decc4e2a955 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 10:13:58 +0200
Subject: [PATCH 153/504] Add daily installer to menu for testing.

---
 roles/prepare4clients/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 7124106..3cefa14 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -161,9 +161,15 @@
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed + sambox-client.yml' {
          regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
+
+      menuentry 'Debian daily (amd64) + preseed + sambox-client.yml' {
+         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
+         linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         initrd  /d-i/n-a/daily/amd64/initrd.gz
+      }
     marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
   notify: "rebuild di-netboot-assistant menu"
   when: samba.stat.exists

From 657185cd4619134368bd48738bbbf12aeb055898 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 10:15:18 +0200
Subject: [PATCH 154/504] Deploy server's ssh pubkey to clients.

---
 roles/smb-sshfs-client/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smb-sshfs-client/tasks/main.yml
index adedc0e..c3cd238 100644
--- a/roles/smb-sshfs-client/tasks/main.yml
+++ b/roles/smb-sshfs-client/tasks/main.yml
@@ -52,4 +52,13 @@
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
+- name: make sure .ssh exists
+  file:
+    path: /root/.ssh
+    state: directory
+    mode: '0700'
 
+- name: fetch homes server host key for sshfs
+  shell:
+    cmd: ssh-keyscan -H {{ home_server }} >> /root/.ssh/known_hosts
+    creates: /root/.ssh/known_hosts

From 013c250e50ff407cc6c8f87617b985013d2d42d2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 11:42:18 +0200
Subject: [PATCH 155/504] Fix/improve git-repo service.

---
 roles/prepare4clients/templates/git-repo.j2 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/prepare4clients/templates/git-repo.j2 b/roles/prepare4clients/templates/git-repo.j2
index 667fff4..8ac7cee 100644
--- a/roles/prepare4clients/templates/git-repo.j2
+++ b/roles/prepare4clients/templates/git-repo.j2
@@ -8,9 +8,7 @@ Restart=always
 RestartSec=500ms
 
 SyslogIdentifier=git-daemon
-
-User=git
-Group=git
+DynamicUser=yes
 
 [Install]
 WantedBy=multi-user.target

From 13993ef45e21eee7be9361f97e07dacb806dc6a7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 20:59:41 +0200
Subject: [PATCH 156/504] Minor fixes for the DHCP and DNS setup.

---
 roles/dns-dhcp-tftp/handlers/main.yml        | 4 ++++
 roles/dns-dhcp-tftp/tasks/main.yml           | 2 ++
 roles/dns-dhcp-tftp/templates/resolv.conf.j2 | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/dns-dhcp-tftp/handlers/main.yml b/roles/dns-dhcp-tftp/handlers/main.yml
index 8dec007..1f48f0f 100644
--- a/roles/dns-dhcp-tftp/handlers/main.yml
+++ b/roles/dns-dhcp-tftp/handlers/main.yml
@@ -9,3 +9,7 @@
 - name: restart tftpd-hpa
   systemd: name=tftpd-hpa state=restarted enabled=yes
   listen: restart tftpd-hpa
+
+- name: restart dhcp-client
+  systemd: name=ifup@{{ if_wan }} state=restarted enabled=yes
+  listen: restart dhcp-client
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
index 521f8b6..1d4d741 100644
--- a/roles/dns-dhcp-tftp/tasks/main.yml
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -66,6 +66,7 @@
   template:
     src: resolv.conf.j2
     dest: /etc/resolv.conf
+  notify: restart isc-dhcp-server
 
 ## stop dhclient from overwriting /etc/resolv.conf:
 - name: supersede dhcp client data
@@ -75,6 +76,7 @@
       supersede domain-search "{{ ansible_domain }}";
       supersede domain-name-servers 127.0.0.1;
     insertbefore: "#send dhcp-client-identifier.*" 
+  notify: restart dhcp-client
 
 - name: generate rndc key
   command:
diff --git a/roles/dns-dhcp-tftp/templates/resolv.conf.j2 b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
index 7118830..36d45af 100644
--- a/roles/dns-dhcp-tftp/templates/resolv.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/resolv.conf.j2
@@ -1,2 +1,2 @@
-search {{ ansible_domain }}
+search {{ ansible_domain }}.
 nameserver 127.0.0.1

From 89545ab4a73f667d78f8722510253d3751ef3c61 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 10 Apr 2021 21:34:46 +0200
Subject: [PATCH 157/504] Make sure gnome-keyring-daemon is not started, it
 fails with sshfs.

---
 roles/smb-sshfs-client/tasks/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smb-sshfs-client/tasks/main.yml
index c3cd238..0aaedde 100644
--- a/roles/smb-sshfs-client/tasks/main.yml
+++ b/roles/smb-sshfs-client/tasks/main.yml
@@ -62,3 +62,7 @@
   shell:
     cmd: ssh-keyscan -H {{ home_server }} >> /root/.ssh/known_hosts
     creates: /root/.ssh/known_hosts
+
+## gnome-keyring fails with sshfs:
+- name: disable gnome-keyring-daemon
+  command: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.distrib --rename /usr/bin/gnome-keyring-daemon

From 08cc1889fcdb87a627f1e98df2835224a6c42c54 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 1 May 2021 09:04:22 +0200
Subject: [PATCH 158/504] Fixes and shellcheck-cleanup.

---
 roles/ldap/templates/debian-lan.j2 | 56 ++++++++++++++++--------------
 1 file changed, 29 insertions(+), 27 deletions(-)

diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
index dba9532..b2014e1 100644
--- a/roles/ldap/templates/debian-lan.j2
+++ b/roles/ldap/templates/debian-lan.j2
@@ -8,12 +8,12 @@ set -eu
 usage(){
     cat <<EOF
 Usage:
-         $(basename $0)  adduser  <uid>  <password>  <group>|none  <given name>  <family name>
-         $(basename $0)  adduser  <uid>  <password>  [<group>]
-         $(basename $0)  deluser  <uid>
-         $(basename $0)  delhost  <hostname>
-         $(basename $0)  ldapvi
-         $(basename $0)  <file>
+         $(basename "$0")  adduser  <uid>  <password>  <group>|none  <given name>  <family name>
+         $(basename "$0")  adduser  <uid>  <password>  [<group>]
+         $(basename "$0")  deluser  <uid>
+         $(basename "$0")  delhost  <hostname>
+         $(basename "$0")  ldapvi
+         $(basename "$0")  <file>
 
      <uid>:  User ID (login name)
      <password>:  Password
@@ -28,7 +28,7 @@ Usage:
                    deluser <uid n>
                    deluser <uid n+1>
                    …
-                           Every line is processed like a single call to the $(basename $0) program.
+			   Every line is processed like a single call to the $(basename "$0") program.
 EOF
 }
 
@@ -48,13 +48,13 @@ if [ $# -lt 2 ] ; then
             $0 $LINE
         done < "$1"
         ## reset cache after mass import/deletion:
-        sss_cache -U -G
+        which sss_cache > /dev/null && sss_cache -U -G
         exit 0
     else
         usage
         exit 1
     fi
-elif [ $1 = adduser -a $# -lt 3 ] ; then
+elif [ "$1" = adduser ] && [ $# -lt 3 ] ; then
     echo "Error: Password missing."
     usage
     exit 1
@@ -93,11 +93,11 @@ nextnum(){
     local bsta bend all uids gids num
 
     ## Search for the next pair of identical free IDs:
-    while [ $id -le $MAXID ] ; do
+    while [ "$id" -le "$MAXID" ] ; do
         bsta=$id
-        bend=$(( $bsta + $RANGE ))
+        bend=$(( bsta + RANGE ))
 
-        all="$(seq $bsta $bend)"
+        all="$(seq "$bsta" "$bend")"
         uids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uidNumber>=$bsta)(uidNumber<=$bend))" \
                          uidNumber 2>/dev/null | grep "uidNumber: " | cut -f2 -d ' ' | sort -g | uniq)"
         gids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=groups,$BASEDN" "(&(objectClass=posixGroup)(gidNumber>=$bsta)(uidNumber<=$bend))" \
@@ -108,10 +108,10 @@ nextnum(){
         num=$(comm -12 <(echo "$fuids") <(echo "$fgids") | head -1)
 
         if [ -n "$num" ] ; then
-            echo $num
+            echo "$num"
             return
         else
-            id=$(( $bend + 1 ))
+            id=$(( bend + 1 ))
         fi
     done
     ## something went wrong:
@@ -125,6 +125,8 @@ add-user(){
     local grp="$3"
     local gn="$4"
     local sn="$5"
+    local uidNumber
+    local gidNumber
 
     if ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uid=$id))" uid 2>/dev/null \
             | grep -q "uid: $id" ; then
@@ -132,10 +134,10 @@ add-user(){
         return
     fi
 
-    local uidNumber=$(nextnum)
-    local gidNumber=$uidNumber
+    uidNumber=$(nextnum)
+    gidNumber=$uidNumber
 
-    if [ $uidNumber -ge $MAXID -o $gidNumber -ge $MAXID ] ; then
+    if [ "$uidNumber" -ge "$MAXID" ] || [ "$gidNumber" -ge "$MAXID" ] ; then
         echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
         exit 1
     fi
@@ -161,7 +163,7 @@ gidNumber: ${gidNumber}
 ##################################
 EOF
 
-    if [ -n "$grp" -a "$grp" != "none" ] ; then
+    if [ -n "$grp" ] && [ "$grp" != "none" ] ; then
         cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
 ############## LDIF ##############
 dn: cn=${grp},ou=groups,$BASEDN
@@ -171,16 +173,16 @@ memberUid: ${id}
 EOF
     fi
 
-    if [ $KRB5 ] ; then
+    if [ "$KRB5" = "true" ] ; then
         kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
             | sed '/Authenticating as principal/d'
         if [ ! -e "${HOMES}/${id:0:1}/${id}" ] ; then
             echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
-            mkdir -p ${HOMES}/${id:0:1}/
-            cp -r /etc/skel ${HOMES}/${id:0:1}/${id}
-            chown -R ${uidNumber}:${gidNumber} ${HOMES}/${id:0:1}/${id}
+            mkdir -p "${HOMES}/${id:0:1}/"
+            cp -r /etc/skel "${HOMES}/${id:0:1}/${id}"
+            chown -R "${uidNumber}:${gidNumber}" "${HOMES}/${id:0:1}/${id}"
             #chmod -R o= ${HOMES}/${id:0:1}/${id}
-            ls -nld ${HOMES}/${id:0:1}/${id}
+            ls -nld "${HOMES}/${id:0:1}/${id}"
         fi
     fi
 }
@@ -209,9 +211,9 @@ memberUid: ${id}
 EOF
     done
 
-    if [ -d ${HOMES}/${id:0:1}/${id} ] ; then
+    if [ -d "${HOMES}/${id:0:1}/${id}" ] ; then
         KEEPDIR="${HOMES}/${id:0:1}/rm_$(date '+%Y%m%d')_${id}"
-        mv ${HOMES}/${id:0:1}/${id} "${KEEPDIR}"
+        mv "${HOMES}/${id:0:1}/${id}" "${KEEPDIR}"
         chown -R root:root  "${KEEPDIR}"
         ls -ld "$KEEPDIR"
     fi
@@ -233,8 +235,8 @@ del-host(){
 ########### main #############
 ##############################
 
-sss_cache -U -G  ## clear cache
-echo "==== $@ ===="
+which sss_cache > /dev/null && sss_cache -U -G  ## clear cache
+echo "==== $* ===="
 case $COMMAND in
     adduser)
         add-user "${id}" "${pwEntry}" "${grp}" "${gn}" "${sn}"

From 708f6df86ceec4ccb97932ad5f625a675ff09503 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 23 Aug 2021 11:15:35 +0200
Subject: [PATCH 159/504] Updates/fixes for bullseye and nextcloud 21.

---
 roles/nextcloud/tasks/main.yml | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 8e395a0..240812f 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -36,6 +36,7 @@
       - php-gd
       - php-gmp
       - php-imagick
+      - libmagickcore-6.q16-6-extra
       - php-intl
       - php-json
       - php-ldap
@@ -84,10 +85,10 @@
     regexp: "{{ item.regex }}"
     replace: "{{ item.replace }}"
   with_items:
-    - { regex: "^pm.max_children = .*$", replace: "pm.max_children = 120" }
-    - { regex: "^pm.start_servers = .*$", replace: "pm.start_servers = 12" }
-    - { regex: "^pm.min_spare_servers = .*$", replace: "pm.min_spare_servers = 6" }
-    - { regex: "^pm.max_spare_servers = .*$", replace: "pm.max_spare_servers = 18" }
+    - { regex: "^pm.max_children = .*$", replace: "pm.max_children = 10" }
+    - { regex: "^pm.start_servers = .*$", replace: "pm.start_servers = 4" }
+    - { regex: "^pm.min_spare_servers = .*$", replace: "pm.min_spare_servers = 2" }
+    - { regex: "^pm.max_spare_servers = .*$", replace: "pm.max_spare_servers = 6" }
   notify: "restart php-fpm"
 
 - name: increase php memory limit
@@ -198,12 +199,21 @@
     warn: False
   when: not nextcloud.stat.exists
 
+- name: enable acpu for nextcloud updates
+  lineinfile:
+    path: /etc/php/{{ php_ver.stdout }}/mods-available/apcu.ini
+    line: "apc.enable_cli=1"
+
 - name: allow access from LAN
-  command: sudo -u www-data php ./occ config:system:set trusted_domains 1 --value='192.168.*.*'
+  command: sudo -u www-data php ./occ config:system:set trusted_domains {{ item[0] }} --value='{{ item[1] }}'
   args:
     chdir: "{{ nc_dir }}"
     warn: False
   when: not nextcloud.stat.exists
+  loop:
+    - [1, '192.168.*.*']
+    - [2, '10.*.*.*']
+    - [3, '172.16.*.*']
 
 ## nextcloudcron
 - name: provide nextcloudcron.service and .timer

From 89ff43e126c5d1b0080570f3763a9ec3aa4a9852 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 18 Oct 2021 15:04:15 +0200
Subject: [PATCH 160/504] Fix some '.well-known/' redirects.

---
 roles/nextcloud/files/nextcloud.conf | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
index 17ee2ac..7c8baa6 100644
--- a/roles/nextcloud/files/nextcloud.conf
+++ b/roles/nextcloud/files/nextcloud.conf
@@ -19,9 +19,10 @@ Alias /nextcloud "/var/www/nextcloud"
     RewriteEngine on
     RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
     RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
-    RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
-    RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
-    RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
+    RewriteRule ^\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
+    RewriteRule ^\.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]
+    RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav [R=301,L]
+    RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
   </IfModule>
 </Directory>
 

From 1e44ff34c394f4e2fd221f3ad7cfebd7d4207fa2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 1 Nov 2021 09:34:23 +0100
Subject: [PATCH 161/504] Move nextcloud upgrade to separate role.

---
 roles/nextcloud-upgrade/tasks/main.yml | 51 +++++++++++++++++++++++
 roles/nextcloud/tasks/main.yml         | 57 --------------------------
 2 files changed, 51 insertions(+), 57 deletions(-)
 create mode 100644 roles/nextcloud-upgrade/tasks/main.yml

diff --git a/roles/nextcloud-upgrade/tasks/main.yml b/roles/nextcloud-upgrade/tasks/main.yml
new file mode 100644
index 0000000..12e3964
--- /dev/null
+++ b/roles/nextcloud-upgrade/tasks/main.yml
@@ -0,0 +1,51 @@
+---
+
+- name: check/run upgrade
+  command: sudo -u www-data php updater.phar --no-interaction
+  args:
+    chdir: "{{ nc_dir }}/updater"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('Nothing to do.')
+    
+- name: update apps
+  command: "sudo -u www-data php ./occ app:update --all"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout | length > 0
+
+- name: install extra apps
+  command: "sudo -u www-data php ./occ app:install {{ item }}"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  with_items: "{{ nc_apps }}"
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('already installed')
+  failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
+
+- name: add missing indices
+  command: "sudo -u www-data php ./occ db:add-missing-indices"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is search('table updated successfully')
+
+- name: add missing columns
+  command: "sudo -u www-data php ./occ db:add-missing-columns"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is search('table updated successfully')
+
+- name: convert filecache to bigint
+  command: "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: False
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('tables already up to date')
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 240812f..5506349 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -225,63 +225,6 @@
     - nextcloudcron.timer
   notify: "enable nextcloudcron.timer"
 
-- name: check/run upgrade
-  command: sudo -u www-data php updater.phar --no-interaction
-  args:
-    chdir: "{{ nc_dir }}/updater"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('Nothing to do.')
-  when: allow_download|bool
-
-## app updates and installations:
-- name: update apps
-  command: "sudo -u www-data php ./occ app:update --all"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout | length > 0
-  when: allow_download|bool
-
-- name: install extra apps
-  command: "sudo -u www-data php ./occ app:install {{ item }}"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  with_items: "{{ nc_apps }}"
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('already installed')
-  failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
-  when: allow_download|bool or run_in_installer|default(false)|bool
-
-## nextcloud maintenance
-- name: add missing indices
-  command: "sudo -u www-data php ./occ db:add-missing-indices"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is search('table updated successfully')
-
-- name: add missing columns
-  command: "sudo -u www-data php ./occ db:add-missing-columns"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is search('table updated successfully')
-
-- name: convert filecache to bigint
-  command: "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('tables already up to date')
-
-
-
 - name: add default NIC to public zone
   firewalld:
     interface: "{{ ansible_default_ipv4.interface }}"

From ede02d476129064975551140ab18bc38a55d6456 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 1 Nov 2021 09:59:10 +0100
Subject: [PATCH 162/504] Run DB tasks only on nextcloud upgrade.

---
 roles/nextcloud-upgrade/tasks/main.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/roles/nextcloud-upgrade/tasks/main.yml b/roles/nextcloud-upgrade/tasks/main.yml
index 12e3964..497c9aa 100644
--- a/roles/nextcloud-upgrade/tasks/main.yml
+++ b/roles/nextcloud-upgrade/tasks/main.yml
@@ -5,9 +5,9 @@
   args:
     chdir: "{{ nc_dir }}/updater"
     warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('Nothing to do.')
-    
+  register: upgrade_result
+  changed_when: upgrade_result.stdout is not search('Nothing to do.')
+
 - name: update apps
   command: "sudo -u www-data php ./occ app:update --all"
   args:
@@ -26,6 +26,7 @@
   changed_when: cmd_result.stdout is not search('already installed')
   failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
 
+## DB fixes (only on upgrade)
 - name: add missing indices
   command: "sudo -u www-data php ./occ db:add-missing-indices"
   args:
@@ -33,6 +34,7 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout is search('table updated successfully')
+  when: upgrade_result.changed | default(true)
 
 - name: add missing columns
   command: "sudo -u www-data php ./occ db:add-missing-columns"
@@ -41,6 +43,7 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout is search('table updated successfully')
+  when: upgrade_result.changed | default(true)
 
 - name: convert filecache to bigint
   command: "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
@@ -49,3 +52,4 @@
     warn: False
   register: cmd_result
   changed_when: cmd_result.stdout is not search('tables already up to date')
+  when: upgrade_result.changed | default(true)

From b120a31c7d9f0983bbf71130922e5b2ce1b8aa28 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 1 Nov 2021 12:54:03 +0100
Subject: [PATCH 163/504] Combined playbook for cloudboxes and separate
 (nextcloud) hosts.

---
 cloudbox.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index 6e89cdd..81634fd 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -2,7 +2,7 @@
 # This playbook deploys the cloudbox on a minimal installation.
 
 - name: apply configuration to the cloudbox
-  hosts: all
+  hosts: cloudboxes
   remote_user: ansible
   become: Yes
   vars:
@@ -31,4 +31,24 @@
 #    - ddns-update
 #    - low-power
     - nextcloud
+    - nextcloud-upgrade
     - backup
+
+
+## Hosts in the the 'only_nextcloud'-group are only upgraded: 
+
+- name: upgrade nextcloud only
+  hosts: only_nextcloud
+  remote_user: ansible
+  become: Yes
+  vars:
+    nc_dir: "/var/www/nextcloud" 
+    nc_apps:
+      - calendar
+      - notes
+    ansible_python_interpreter: "/usr/bin/python3"
+
+  roles:
+    - up2date-debian
+    - nextcloud-upgrade
+

From b920bdf52b48a783150b05e703c97cc7914ba135 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 10 Nov 2021 17:01:56 +0100
Subject: [PATCH 164/504] Provide playbook and role to deploy containers.

The containers are deployed for educational purposes with
user 'ansible' in the sudo group and an empty password.
SSH login is available via ports 10000 upwards on the host.
Port 80 is forwarded as well (ssh port + 100).
The container's rootfs is read only with an overlay:  After
restart of the container, modifications are lost.
---
 edubox.yml                                    |  16 +++
 roles/educontainer/tasks/main.yml             | 114 ++++++++++++++++++
 .../educontainer/templates/contcfg.nspawn.j2  |  11 ++
 roles/educontainer/templates/hostname.j2      |   1 +
 4 files changed, 142 insertions(+)
 create mode 100644 edubox.yml
 create mode 100644 roles/educontainer/tasks/main.yml
 create mode 100644 roles/educontainer/templates/contcfg.nspawn.j2
 create mode 100644 roles/educontainer/templates/hostname.j2

diff --git a/edubox.yml b/edubox.yml
new file mode 100644
index 0000000..f952c29
--- /dev/null
+++ b/edubox.yml
@@ -0,0 +1,16 @@
+---
+# ansible-playbook edubox.yml -i <eduboxIPaddress>, --ask-become-pass
+
+- name: apply configuration to the edubox
+  hosts: all # eduboxes
+  remote_user: ansible
+  become: yes
+  vars:
+    contname: cont
+    containers: "{{ range(0, 9 + 1) | list }}"
+    extra_pkgs: [apt-cacher-ng]
+
+  roles:
+    - up2date-debian
+    - educontainer
+
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
new file mode 100644
index 0000000..1f503b2
--- /dev/null
+++ b/roles/educontainer/tasks/main.yml
@@ -0,0 +1,114 @@
+## Prepare minimal systemd-nspawn containers for educational use.
+##
+## Port mapping to the host:
+##
+##  container 0: ssh → host port 10000,  HTTP → 10100                 
+##  container 1: ssh → host port 10001,  HTTP → 10101 
+##     ...                        ...            ...
+##
+##  User 'ansible' in the sudo group.  Password is empty.
+##
+
+- name: start all containers
+  command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
+  loop: "{{ containers }}"
+  tags:
+    - never
+    - start
+
+- name: stop all containers
+  command: machinectl stop {{ contname }}{{ "%02d" | format(item|int) }}
+  loop: "{{ containers }}"
+  tags:
+    - never
+    - stop
+
+- name: purge all containers
+  command: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
+  loop: "{{ containers }}"
+  tags:
+    - never
+    - purge
+
+- name: debootstrap minimal system
+  command:
+    cmd: >
+      debootstrap 
+      --include=systemd-{{ contname }}ainer,openssh-server,sudo
+      --components=main,{{ contname }}rib,non-free stable
+      {{ contname }}00 http://deb.debian.org/debian
+  args:
+    chdir: /var/lib/machines/
+    creates: /var/lib/machines/{{ contname }}00
+  environment: 
+    http_proxy: http://localhost:3142
+
+- name: provide ansible user account
+  command:
+    cmd: >
+      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
+      -c "Ansible User,,," -G sudo ansible'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+    creates: /var/lib/machines/{{ contname }}00/home/ansible
+  register: user_account
+
+- name: provide empty password for ansible user
+  command:
+    cmd: chroot . sh -c "passwd -d ansible"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(false)
+
+- name: allow empty passwords in ssh
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
+    insertafter: '#PermitEmptyPasswords no'
+    line: 'PermitEmptyPasswords yes'
+ # when: user_account.changed | default(false)
+
+- name: prepare directories
+  file:
+    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
+    state: directory
+  loop:
+    - multi-user.target.wants
+    - sockets.target.wants
+    - network-online.target.wants
+
+- name: enable systemd-networkd service
+  file:
+    src: /lib/systemd/system/{{ item.src }}
+    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
+    state: link
+    force: yes
+  loop:
+    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
+    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
+    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
+    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
+
+- name: clone the initial container
+  command: machinectl clone {{ contname }}00 {{ contname }}{{ "%02d" | format(item|int) }}
+  args:
+    creates: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
+  loop: "{{ containers[1:] }}"
+
+- name: provide container configuration
+  template:
+    src: contcfg.nspawn.j2
+    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
+  loop: "{{ containers }}"
+
+- name: provide container hostname
+  template:
+    src: hostname.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}/etc/hostname
+  loop: "{{ containers }}"
+
+- name: start all containers on boot
+  systemd:
+    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
+    state: started 
+    enabled: yes
+  loop: "{{ containers }}"
diff --git a/roles/educontainer/templates/contcfg.nspawn.j2 b/roles/educontainer/templates/contcfg.nspawn.j2
new file mode 100644
index 0000000..c436224
--- /dev/null
+++ b/roles/educontainer/templates/contcfg.nspawn.j2
@@ -0,0 +1,11 @@
+[Exec]
+Capability=CAP_NET_ADMIN
+ResolvConf=copy-host
+
+[Network]
+Port=10{{ "%03d" | format(item|int) }}:22
+Port=10{{ "%03d" | format(item|int + 100) }}:80
+
+[Files]
+Volatile=overlay
+PrivateUsersChown=false
diff --git a/roles/educontainer/templates/hostname.j2 b/roles/educontainer/templates/hostname.j2
new file mode 100644
index 0000000..3c3ac55
--- /dev/null
+++ b/roles/educontainer/templates/hostname.j2
@@ -0,0 +1 @@
+{{ contname }}{{ "%02d" | format(item|int) }}

From fed5f71357c6a9212beaaa1e0bbb06f7f805511c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 11 Nov 2021 18:40:14 +0100
Subject: [PATCH 165/504] Instead of cloning the image, link to the rootfs.
 Provide more individual files.

---
 roles/educontainer/tasks/main.yml             | 21 ++++++++++++-------
 .../educontainer/templates/contcfg.nspawn.j2  |  2 ++
 roles/educontainer/templates/hosts.j2         |  4 ++++
 3 files changed, 20 insertions(+), 7 deletions(-)
 create mode 100644 roles/educontainer/templates/hosts.j2

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 1f503b2..6cc80b3 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -88,10 +88,11 @@
     - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
     - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
 
-- name: clone the initial container
-  command: machinectl clone {{ contname }}00 {{ contname }}{{ "%02d" | format(item|int) }}
-  args:
-    creates: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
+- name: generate links to the initial container
+  file:
+    src: "{{ contname }}00"
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
+    state: link
   loop: "{{ containers[1:] }}"
 
 - name: provide container configuration
@@ -100,15 +101,21 @@
     dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
   loop: "{{ containers }}"
 
-- name: provide container hostname
+- name: provide container hostname file
   template:
     src: hostname.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}/etc/hostname
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
+  loop: "{{ containers }}"
+
+- name: provide container hosts file
+  template:
+    src: hosts.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
   loop: "{{ containers }}"
 
 - name: start all containers on boot
   systemd:
     name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
-    state: started 
+    state: restarted 
     enabled: yes
   loop: "{{ containers }}"
diff --git a/roles/educontainer/templates/contcfg.nspawn.j2 b/roles/educontainer/templates/contcfg.nspawn.j2
index c436224..c15c32f 100644
--- a/roles/educontainer/templates/contcfg.nspawn.j2
+++ b/roles/educontainer/templates/contcfg.nspawn.j2
@@ -9,3 +9,5 @@ Port=10{{ "%03d" | format(item|int + 100) }}:80
 [Files]
 Volatile=overlay
 PrivateUsersChown=false
+BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname:/etc/hostname
+BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts:/etc/hosts
diff --git a/roles/educontainer/templates/hosts.j2 b/roles/educontainer/templates/hosts.j2
new file mode 100644
index 0000000..9767fea
--- /dev/null
+++ b/roles/educontainer/templates/hosts.j2
@@ -0,0 +1,4 @@
+127.0.0.1       localhost {{ contname }}{{ "%02d" | format(item|int) }}
+::1             localhost {{ contname }}{{ "%02d" | format(item|int) }} ip6-localhost ip6-loopback
+ff02::1         ip6-allnodes
+ff02::2         ip6-allrouters

From 7bbfd817f81611388f14b9f747f428e2bfa03409 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 11 Nov 2021 23:10:48 +0100
Subject: [PATCH 166/504] Switch to persistent overlays.

With tmpfs the containers' disk space is too limited.  Better keep
changes on the disk.
---
 roles/educontainer/tasks/main.yml             | 34 +++++++++++++------
 .../educontainer/templates/contcfg.nspawn.j2  |  4 ++-
 2 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 6cc80b3..eb9f4f3 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -9,19 +9,14 @@
 ##  User 'ansible' in the sudo group.  Password is empty.
 ##
 
-- name: start all containers
-  command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
-  loop: "{{ containers }}"
-  tags:
-    - never
-    - start
-
 - name: stop all containers
   command: machinectl stop {{ contname }}{{ "%02d" | format(item|int) }}
   loop: "{{ containers }}"
   tags:
     - never
     - stop
+    - reset
+    - purge
 
 - name: purge all containers
   command: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
@@ -30,12 +25,31 @@
     - never
     - purge
 
+- name: reset all containers to the template
+  file:
+    path: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta
+    state: absent
+  loop: "{{ containers }}"
+  tags:
+    - never
+    - reset
+
+- name: start all containers
+  command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
+  loop: "{{ containers }}"
+  tags:
+    - never
+    - start
+    - reset
+
+###########
+
 - name: debootstrap minimal system
   command:
     cmd: >
       debootstrap 
-      --include=systemd-{{ contname }}ainer,openssh-server,sudo
-      --components=main,{{ contname }}rib,non-free stable
+      --include=systemd-container,openssh-server,sudo,python3
+      --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
   args:
     chdir: /var/lib/machines/
@@ -113,7 +127,7 @@
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
   loop: "{{ containers }}"
 
-- name: start all containers on boot
+- name: start all containers on boot and restart now
   systemd:
     name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
     state: restarted 
diff --git a/roles/educontainer/templates/contcfg.nspawn.j2 b/roles/educontainer/templates/contcfg.nspawn.j2
index c15c32f..9f8b5ea 100644
--- a/roles/educontainer/templates/contcfg.nspawn.j2
+++ b/roles/educontainer/templates/contcfg.nspawn.j2
@@ -5,9 +5,11 @@ ResolvConf=copy-host
 [Network]
 Port=10{{ "%03d" | format(item|int) }}:22
 Port=10{{ "%03d" | format(item|int + 100) }}:80
+Port=10{{ "%03d" | format(item|int + 200) }}:443
 
 [Files]
-Volatile=overlay
+ReadOnly=yes
+Overlay=+/:/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta:/
 PrivateUsersChown=false
 BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname:/etc/hostname
 BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts:/etc/hosts

From cb5ade4c84740e0db9ba7d242733d192768cb0b2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 11 Nov 2021 23:19:39 +0100
Subject: [PATCH 167/504] Provide 'sources.list' from the host and upgrade
 initial container.

---
 roles/educontainer/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index eb9f4f3..e2b5bdd 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -57,6 +57,20 @@
   environment: 
     http_proxy: http://localhost:3142
 
+- name: provide complete apt sources
+  copy:
+    src: /etc/apt/sources.list
+    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
+    remote_src: yes
+
+- name: upgrade container
+  command:
+    cmd: >
+      chroot . sh -c '/usr/bin/apt-get update &&
+      /usr/bin/apt-get full-upgrade --yes'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+
 - name: provide ansible user account
   command:
     cmd: >

From e058def6674ee9830a0020d3829c1b9008943879 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 11 Nov 2021 23:38:20 +0100
Subject: [PATCH 168/504] Run in reverse order to remove the initial container
 last.

---
 roles/educontainer/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index e2b5bdd..52d31ca 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -11,7 +11,7 @@
 
 - name: stop all containers
   command: machinectl stop {{ contname }}{{ "%02d" | format(item|int) }}
-  loop: "{{ containers }}"
+  loop: "{{ containers | reverse}}"
   tags:
     - never
     - stop
@@ -20,7 +20,7 @@
 
 - name: purge all containers
   command: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
-  loop: "{{ containers }}"
+  loop: "{{ containers | reverse }}"
   tags:
     - never
     - purge
@@ -29,14 +29,14 @@
   file:
     path: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta
     state: absent
-  loop: "{{ containers }}"
+  loop: "{{ containers | reverse }}"
   tags:
     - never
     - reset
 
 - name: start all containers
   command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
-  loop: "{{ containers }}"
+  loop: "{{ containers | reverse }}"
   tags:
     - never
     - start

From 426a6e8895f85810f7fea57ce8323870e61db20d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 12 Nov 2021 11:07:07 +0100
Subject: [PATCH 169/504] Prepare the host in pre_tasks.

---
 edubox.yml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/edubox.yml b/edubox.yml
index f952c29..87ca8ee 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -10,7 +10,19 @@
     containers: "{{ range(0, 9 + 1) | list }}"
     extra_pkgs: [apt-cacher-ng]
 
+  pre_tasks:
+    - name: enable apt-cacher-ng
+      lineinfile:
+        path: /etc/apt/apt.conf.d/30proxy
+        line: 'Acquire::http::Proxy "http://localhost:3142/";'
+        create: yes
+
+    - name: enable and start systemd-networkd on the host
+      systemd:
+        name: systemd-networkd
+        state: started
+        enabled: yes
+
   roles:
     - up2date-debian
     - educontainer
-

From 1b5f7ea0b516686fdd444b82f8090c30b9e25aed Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 12 Nov 2021 12:42:40 +0100
Subject: [PATCH 170/504] Minor fixes and improvements.

---
 roles/educontainer/tasks/main.yml | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 52d31ca..46b8f5c 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -11,6 +11,7 @@
 
 - name: stop all containers
   command: machinectl stop {{ contname }}{{ "%02d" | format(item|int) }}
+  register: stop_cont
   loop: "{{ containers | reverse}}"
   tags:
     - never
@@ -18,6 +19,16 @@
     - reset
     - purge
 
+- name: wait for containers to shut down
+  pause:
+    seconds: 30
+  when: stop_cont.changed | default(false)
+  tags:
+    - never
+    - stop
+    - reset
+    - purge
+
 - name: purge all containers
   command: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
   loop: "{{ containers | reverse }}"
@@ -33,6 +44,7 @@
   tags:
     - never
     - reset
+    - purge
 
 - name: start all containers
   command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
@@ -48,7 +60,7 @@
   command:
     cmd: >
       debootstrap 
-      --include=systemd-container,openssh-server,sudo,python3
+      --include=systemd-container,openssh-server,sudo,python3,auto-apt-proxy
       --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
   args:
@@ -63,6 +75,11 @@
     dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
     remote_src: yes
 
+- name: configure locale
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/profile
+    line: 'export LANG=C'
+
 - name: upgrade container
   command:
     cmd: >
@@ -93,7 +110,7 @@
     path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
     insertafter: '#PermitEmptyPasswords no'
     line: 'PermitEmptyPasswords yes'
- # when: user_account.changed | default(false)
+  when: user_account.changed | default(false)
 
 - name: prepare directories
   file:

From baba55e05a7d065ed8ae3252d765c70092e32c6e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 12 Nov 2021 15:29:39 +0100
Subject: [PATCH 171/504] Optional non-empty passwords for the container user.

---
 edubox.yml                        |  3 +++
 roles/educontainer/tasks/main.yml | 11 +++++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/edubox.yml b/edubox.yml
index 87ca8ee..60c2e13 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -7,6 +7,9 @@
   become: yes
   vars:
     contname: cont
+    ## Password for the user 'ansible' in the container,
+    ## leave empty to log in without password:
+    contpwd: ""
     containers: "{{ range(0, 9 + 1) | list }}"
     extra_pkgs: [apt-cacher-ng]
 
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 46b8f5c..3ce27c5 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -103,14 +103,21 @@
     cmd: chroot . sh -c "passwd -d ansible"
   args:
     chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(false)
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: provide password for container ansible user
+  command:
+    cmd: chroot . sh -c "echo ansible:{{ contpwd }} | chpasswd"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(true) and contpwd | length > 0
 
 - name: allow empty passwords in ssh
   lineinfile:
     path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
     insertafter: '#PermitEmptyPasswords no'
     line: 'PermitEmptyPasswords yes'
-  when: user_account.changed | default(false)
+  when: user_account.changed | default(false) and contpwd | length == 0
 
 - name: prepare directories
   file:

From fcb2e99cc569f3767c0c2b3a599e4a2c69ab3ce9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 12 Nov 2021 16:46:41 +0100
Subject: [PATCH 172/504] Add some documentation.

---
 edubox.yml | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/edubox.yml b/edubox.yml
index 60c2e13..b1b102d 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -1,5 +1,22 @@
 ---
-# ansible-playbook edubox.yml -i <eduboxIPaddress>, --ask-become-pass
+## This playbook deploys a series of minimal systemd-nspawn containers
+## for educational use on a host, for example to learn ansible!
+## All containers use an apt cache on the host system and forward port
+## 22 (ssh), 80 (http) and 443 (https) to ports >= 10000, 10100 and 10200
+## respectively.  A user 'ansible' in the 'sudo' group is prepared,
+## either with empty password or an initial password to be set below.
+##
+## Modifications of the initial containers are kept in an overlay
+## directory next to the container images in '/var/lib/machines/'.
+## This allows to visit and compare the work of students on the host.
+## To manage the containers after installation, run the playbook with
+## one of the the following tags:
+##
+##    --tags=start    start all containers
+##    --tags=stop     stop all containers
+##    --tags=reset    reset all containers to the initial image
+##    --tags=purge    purge all containers
+##
 
 - name: apply configuration to the edubox
   hosts: all # eduboxes
@@ -10,6 +27,7 @@
     ## Password for the user 'ansible' in the container,
     ## leave empty to log in without password:
     contpwd: ""
+    ## Adjust the number of containers here:
     containers: "{{ range(0, 9 + 1) | list }}"
     extra_pkgs: [apt-cacher-ng]
 

From 85836e311e6547ab6e7989dc7885be19a5fce022 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Fri, 12 Nov 2021 20:23:58 +0100
Subject: [PATCH 173/504] Move container restart task to handlers.

---
 roles/educontainer/handlers/main.yml |  7 +++++++
 roles/educontainer/tasks/main.yml    | 18 ++++++++++--------
 2 files changed, 17 insertions(+), 8 deletions(-)
 create mode 100644 roles/educontainer/handlers/main.yml

diff --git a/roles/educontainer/handlers/main.yml b/roles/educontainer/handlers/main.yml
new file mode 100644
index 0000000..44ccc8e
--- /dev/null
+++ b/roles/educontainer/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: enable and restart containers
+  systemd:
+    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
+    state: restarted
+    enabled: yes
+  loop: "{{ containers }}"
+  listen: enable and restart containers
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 3ce27c5..3e6f1f8 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -6,7 +6,7 @@
 ##  container 1: ssh → host port 10001,  HTTP → 10101 
 ##     ...                        ...            ...
 ##
-##  User 'ansible' in the sudo group.  Password is empty.
+##  User 'ansible' in the sudo group.  Password is {{ contpwd }}.
 ##
 
 - name: stop all containers
@@ -68,6 +68,7 @@
     creates: /var/lib/machines/{{ contname }}00
   environment: 
     http_proxy: http://localhost:3142
+  notify: enable and restart containers
 
 - name: provide complete apt sources
   copy:
@@ -127,6 +128,7 @@
     - multi-user.target.wants
     - sockets.target.wants
     - network-online.target.wants
+  notify: enable and restart containers
 
 - name: enable systemd-networkd service
   file:
@@ -139,6 +141,9 @@
     - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
     - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
     - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
+  notify: enable and restart containers
+
+########
 
 - name: generate links to the initial container
   file:
@@ -146,28 +151,25 @@
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
     state: link
   loop: "{{ containers[1:] }}"
+  notify: enable and restart containers
 
 - name: provide container configuration
   template:
     src: contcfg.nspawn.j2
     dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
   loop: "{{ containers }}"
+  notify: enable and restart containers
 
 - name: provide container hostname file
   template:
     src: hostname.j2
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
   loop: "{{ containers }}"
+  notify: enable and restart containers
 
 - name: provide container hosts file
   template:
     src: hosts.j2
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
   loop: "{{ containers }}"
-
-- name: start all containers on boot and restart now
-  systemd:
-    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
-    state: restarted 
-    enabled: yes
-  loop: "{{ containers }}"
+  notify: enable and restart containers

From 90d340a1d5ca45720878be73dd90d4b1c729aa0a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 16 Nov 2021 20:39:23 +0100
Subject: [PATCH 174/504] Make sure stuff exists when needed.

---
 edubox.yml                        |  6 +++++-
 roles/educontainer/tasks/main.yml | 12 ++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/edubox.yml b/edubox.yml
index b1b102d..b490eae 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -29,9 +29,13 @@
     contpwd: ""
     ## Adjust the number of containers here:
     containers: "{{ range(0, 9 + 1) | list }}"
-    extra_pkgs: [apt-cacher-ng]
 
   pre_tasks:
+    - name: install apt-cacher-ng
+      apt:
+        name: apt-cacher-ng
+        state: latest
+
     - name: enable apt-cacher-ng
       lineinfile:
         path: /etc/apt/apt.conf.d/30proxy
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 3e6f1f8..70381af 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -56,6 +56,13 @@
 
 ###########
 
+- name: install packages
+  apt:
+    name:
+      - systemd-container
+      - debootstrap
+    state: latest
+
 - name: debootstrap minimal system
   command:
     cmd: >
@@ -153,6 +160,11 @@
   loop: "{{ containers[1:] }}"
   notify: enable and restart containers
 
+- name: prepare nspawn config directory
+  file:
+    path: /etc/systemd/nspawn
+    state: directory
+
 - name: provide container configuration
   template:
     src: contcfg.nspawn.j2

From ae0c26b117c658e93a0bd9a175ea068a47a1641d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 16 Nov 2021 23:12:45 +0100
Subject: [PATCH 175/504] Fix too many open files error with more containers.

---
 roles/educontainer/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 70381af..5dea0d7 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -151,6 +151,16 @@
   notify: enable and restart containers
 
 ########
+- name: prepare sysctl configuration
+  file:
+    path: /etc/sysctl.d/inotify.conf
+    state: touch
+
+- name: fix too many open files error
+  sysctl:
+    name: fs.inotify.max_user_instances
+    value: '1024'
+    sysctl_file: /etc/sysctl.d/inotify.conf
 
 - name: generate links to the initial container
   file:

From 245c08c125b7ca0a74f3337df82e4c60b14aabaf Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 18 Nov 2021 20:18:56 +0100
Subject: [PATCH 176/504] Improve container management tasks.

---
 roles/educontainer/tasks/main.yml | 27 +++++++++++----------------
 1 file changed, 11 insertions(+), 16 deletions(-)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 5dea0d7..0e022af 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -10,19 +10,10 @@
 ##
 
 - name: stop all containers
-  command: machinectl stop {{ contname }}{{ "%02d" | format(item|int) }}
-  register: stop_cont
-  loop: "{{ containers | reverse}}"
-  tags:
-    - never
-    - stop
-    - reset
-    - purge
-
-- name: wait for containers to shut down
-  pause:
-    seconds: 30
-  when: stop_cont.changed | default(false)
+  systemd:
+    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
+    state: stopped
+  loop: "{{ containers | reverse }}"
   tags:
     - never
     - stop
@@ -30,13 +21,15 @@
     - purge
 
 - name: purge all containers
-  command: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
+  command:
+    cmd: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
+    removes: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
   loop: "{{ containers | reverse }}"
   tags:
     - never
     - purge
 
-- name: reset all containers to the template
+- name: remove container overlay
   file:
     path: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta
     state: absent
@@ -47,7 +40,9 @@
     - purge
 
 - name: start all containers
-  command: machinectl start {{ contname }}{{ "%02d" | format(item|int) }}
+  systemd:
+    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
+    state: started
   loop: "{{ containers | reverse }}"
   tags:
     - never

From 0c48d933e711770c7348001f02c388581b15e71c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 18 Nov 2021 20:20:28 +0100
Subject: [PATCH 177/504] Add more packages to the container.

---
 roles/educontainer/defaults/main.yml | 24 ++++++++++++++++++++++++
 roles/educontainer/tasks/main.yml    |  4 ++--
 2 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 roles/educontainer/defaults/main.yml

diff --git a/roles/educontainer/defaults/main.yml b/roles/educontainer/defaults/main.yml
new file mode 100644
index 0000000..34b95b2
--- /dev/null
+++ b/roles/educontainer/defaults/main.yml
@@ -0,0 +1,24 @@
+## generate most of this list with 'tasksel --task-packages standard'
+cont_packages:
+  - systemd-container
+  - openssh-server
+  - sudo
+  - python3
+  - auto-apt-proxy
+
+  - bash-completion
+  - bind9-dnsutils
+  - file
+  - locales
+  - xz-utils
+  - lsof
+  - wget
+  - bind9-host
+  - man-db
+  - ca-certificates
+  - manpages
+  - libc-l10n
+  - traceroute
+  - bzip2
+  - netcat-traditional
+  - telnet
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 0e022af..74876de 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -58,11 +58,11 @@
       - debootstrap
     state: latest
 
-- name: debootstrap minimal system
+- name: debootstrap base system
   command:
     cmd: >
       debootstrap 
-      --include=systemd-container,openssh-server,sudo,python3,auto-apt-proxy
+      --include={{ cont_packages | join(',') }}
       --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
   args:

From 327f2eefacf2e4a18372f853857d2ba164625000 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 18 Nov 2021 20:22:00 +0100
Subject: [PATCH 178/504] Username variable.

---
 edubox.yml                        |  2 ++
 roles/educontainer/tasks/main.yml | 16 ++++++++--------
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/edubox.yml b/edubox.yml
index b490eae..5bee3f2 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -24,6 +24,8 @@
   become: yes
   vars:
     contname: cont
+    ## User name for the user in the container:
+    contuser: ansi
     ## Password for the user 'ansible' in the container,
     ## leave empty to log in without password:
     contpwd: ""
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 74876de..b175ff2 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -6,7 +6,7 @@
 ##  container 1: ssh → host port 10001,  HTTP → 10101 
 ##     ...                        ...            ...
 ##
-##  User 'ansible' in the sudo group.  Password is {{ contpwd }}.
+##  User '{{ contuser }}' in the sudo group.  Password is '{{ contpwd }}'.
 ##
 
 - name: stop all containers
@@ -91,26 +91,26 @@
   args:
     chdir: /var/lib/machines/{{ contname }}00
 
-- name: provide ansible user account
+- name: provide {{ contuser }} user account
   command:
     cmd: >
       chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
-      -c "Ansible User,,," -G sudo ansible'
+      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
   args:
     chdir: /var/lib/machines/{{ contname }}00
-    creates: /var/lib/machines/{{ contname }}00/home/ansible
+    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
   register: user_account
 
-- name: provide empty password for ansible user
+- name: provide empty password for {{ contuser }} user
   command:
-    cmd: chroot . sh -c "passwd -d ansible"
+    cmd: chroot . sh -c "passwd -d {{ contuser }}"
   args:
     chdir: /var/lib/machines/{{ contname }}00
   when: user_account.changed | default(false) and contpwd | length == 0
 
-- name: provide password for container ansible user
+- name: provide password for container {{ contuser }} user
   command:
-    cmd: chroot . sh -c "echo ansible:{{ contpwd }} | chpasswd"
+    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
   args:
     chdir: /var/lib/machines/{{ contname }}00
   when: user_account.changed | default(true) and contpwd | length > 0

From 0ed4230794add0c322c00e96b54328b8ae1196b0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 20 Nov 2021 14:38:22 +0100
Subject: [PATCH 179/504] Split container package list.

---
 edubox.yml                           | 16 +++++++++++++++-
 roles/educontainer/defaults/main.yml | 17 +++--------------
 roles/educontainer/tasks/main.yml    |  2 +-
 3 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/edubox.yml b/edubox.yml
index 5bee3f2..47eb7c9 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -3,7 +3,7 @@
 ## for educational use on a host, for example to learn ansible!
 ## All containers use an apt cache on the host system and forward port
 ## 22 (ssh), 80 (http) and 443 (https) to ports >= 10000, 10100 and 10200
-## respectively.  A user 'ansible' in the 'sudo' group is prepared,
+## respectively.  A user 'ansi' in the 'sudo' group is prepared,
 ## either with empty password or an initial password to be set below.
 ##
 ## Modifications of the initial containers are kept in an overlay
@@ -31,6 +31,20 @@
     contpwd: ""
     ## Adjust the number of containers here:
     containers: "{{ range(0, 9 + 1) | list }}"
+    ## Additional packages to be installed in the container:
+    cont_packages_extra:
+      - bind9-dnsutils
+      - file
+      - locales
+      - xz-utils
+      - lsof
+      - wget
+      - bind9-host
+      - libc-l10n
+      - traceroute
+      - bzip2
+      - netcat-traditional
+      - telnet
 
   pre_tasks:
     - name: install apt-cacher-ng
diff --git a/roles/educontainer/defaults/main.yml b/roles/educontainer/defaults/main.yml
index 34b95b2..b58b8b7 100644
--- a/roles/educontainer/defaults/main.yml
+++ b/roles/educontainer/defaults/main.yml
@@ -5,20 +5,9 @@ cont_packages:
   - sudo
   - python3
   - auto-apt-proxy
-
   - bash-completion
-  - bind9-dnsutils
-  - file
-  - locales
-  - xz-utils
-  - lsof
-  - wget
-  - bind9-host
-  - man-db
   - ca-certificates
+  - man-db
   - manpages
-  - libc-l10n
-  - traceroute
-  - bzip2
-  - netcat-traditional
-  - telnet
+
+cont_packages_extra: []
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index b175ff2..2d051c8 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -62,7 +62,7 @@
   command:
     cmd: >
       debootstrap 
-      --include={{ cont_packages | join(',') }}
+      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
       --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
   args:

From 2c0a1c539262f437cdef77688190b5964ca9825e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 20 Nov 2021 17:00:19 +0100
Subject: [PATCH 180/504] Implement 'setup'-tag to re-setup the containers.

---
 edubox.yml                         |   1 +
 roles/educontainer/tasks/main.yml  | 147 ++---------------------------
 roles/educontainer/tasks/setup.yml | 141 +++++++++++++++++++++++++++
 3 files changed, 152 insertions(+), 137 deletions(-)
 create mode 100644 roles/educontainer/tasks/setup.yml

diff --git a/edubox.yml b/edubox.yml
index 47eb7c9..919eb47 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -16,6 +16,7 @@
 ##    --tags=stop     stop all containers
 ##    --tags=reset    reset all containers to the initial image
 ##    --tags=purge    purge all containers
+##    --tags=setup    purge all containers and setup again
 ##
 
 - name: apply configuration to the edubox
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 2d051c8..0bd2fb4 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -19,6 +19,7 @@
     - stop
     - reset
     - purge
+    - setup
 
 - name: purge all containers
   command:
@@ -28,6 +29,7 @@
   tags:
     - never
     - purge
+    - setup
 
 - name: remove container overlay
   file:
@@ -38,6 +40,7 @@
     - never
     - reset
     - purge
+    - setup
 
 - name: start all containers
   systemd:
@@ -51,142 +54,12 @@
 
 ###########
 
-- name: install packages
-  apt:
-    name:
-      - systemd-container
-      - debootstrap
-    state: latest
+- name: import setup.yml tasks
+  import_tasks: setup.yml
+  tags: 
+    - never
+    - setup
 
-- name: debootstrap base system
-  command:
-    cmd: >
-      debootstrap 
-      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
-      --components=main,contrib,non-free stable
-      {{ contname }}00 http://deb.debian.org/debian
-  args:
-    chdir: /var/lib/machines/
-    creates: /var/lib/machines/{{ contname }}00
-  environment: 
-    http_proxy: http://localhost:3142
-  notify: enable and restart containers
+- name: import setup.yml tasks
+  import_tasks: setup.yml
 
-- name: provide complete apt sources
-  copy:
-    src: /etc/apt/sources.list
-    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
-    remote_src: yes
-
-- name: configure locale
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/profile
-    line: 'export LANG=C'
-
-- name: upgrade container
-  command:
-    cmd: >
-      chroot . sh -c '/usr/bin/apt-get update &&
-      /usr/bin/apt-get full-upgrade --yes'
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-
-- name: provide {{ contuser }} user account
-  command:
-    cmd: >
-      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
-      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
-  register: user_account
-
-- name: provide empty password for {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "passwd -d {{ contuser }}"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(false) and contpwd | length == 0
-
-- name: provide password for container {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(true) and contpwd | length > 0
-
-- name: allow empty passwords in ssh
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
-    insertafter: '#PermitEmptyPasswords no'
-    line: 'PermitEmptyPasswords yes'
-  when: user_account.changed | default(false) and contpwd | length == 0
-
-- name: prepare directories
-  file:
-    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
-    state: directory
-  loop:
-    - multi-user.target.wants
-    - sockets.target.wants
-    - network-online.target.wants
-  notify: enable and restart containers
-
-- name: enable systemd-networkd service
-  file:
-    src: /lib/systemd/system/{{ item.src }}
-    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
-    state: link
-    force: yes
-  loop:
-    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
-    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
-    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
-    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
-  notify: enable and restart containers
-
-########
-- name: prepare sysctl configuration
-  file:
-    path: /etc/sysctl.d/inotify.conf
-    state: touch
-
-- name: fix too many open files error
-  sysctl:
-    name: fs.inotify.max_user_instances
-    value: '1024'
-    sysctl_file: /etc/sysctl.d/inotify.conf
-
-- name: generate links to the initial container
-  file:
-    src: "{{ contname }}00"
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
-    state: link
-  loop: "{{ containers[1:] }}"
-  notify: enable and restart containers
-
-- name: prepare nspawn config directory
-  file:
-    path: /etc/systemd/nspawn
-    state: directory
-
-- name: provide container configuration
-  template:
-    src: contcfg.nspawn.j2
-    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
-- name: provide container hostname file
-  template:
-    src: hostname.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
-- name: provide container hosts file
-  template:
-    src: hosts.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
-  loop: "{{ containers }}"
-  notify: enable and restart containers
diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
new file mode 100644
index 0000000..391ad4b
--- /dev/null
+++ b/roles/educontainer/tasks/setup.yml
@@ -0,0 +1,141 @@
+---
+
+- name: install packages
+  apt:
+    name:
+      - systemd-container
+      - debootstrap
+    state: latest
+
+- name: debootstrap base system
+  command:
+    cmd: >
+      debootstrap 
+      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
+      --components=main,contrib,non-free stable
+      {{ contname }}00 http://deb.debian.org/debian
+  args:
+    chdir: /var/lib/machines/
+    creates: /var/lib/machines/{{ contname }}00
+  environment: 
+    http_proxy: http://localhost:3142
+  notify: enable and restart containers
+
+- name: provide complete apt sources
+  copy:
+    src: /etc/apt/sources.list
+    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
+    remote_src: yes
+
+- name: configure locale
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/profile
+    line: 'export LANG=C'
+
+- name: upgrade container
+  command:
+    cmd: >
+      chroot . sh -c '/usr/bin/apt-get update &&
+      /usr/bin/apt-get full-upgrade --yes'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+
+- name: provide {{ contuser }} user account
+  command:
+    cmd: >
+      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
+      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
+  register: user_account
+
+- name: provide empty password for {{ contuser }} user
+  command:
+    cmd: chroot . sh -c "passwd -d {{ contuser }}"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: provide password for container {{ contuser }} user
+  command:
+    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(true) and contpwd | length > 0
+
+- name: allow empty passwords in ssh
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
+    insertafter: '#PermitEmptyPasswords no'
+    line: 'PermitEmptyPasswords yes'
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: prepare directories
+  file:
+    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
+    state: directory
+  loop:
+    - multi-user.target.wants
+    - sockets.target.wants
+    - network-online.target.wants
+  notify: enable and restart containers
+
+- name: enable systemd-networkd service
+  file:
+    src: /lib/systemd/system/{{ item.src }}
+    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
+    state: link
+    force: yes
+  loop:
+    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
+    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
+    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
+    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
+  notify: enable and restart containers
+
+########
+- name: prepare sysctl configuration
+  file:
+    path: /etc/sysctl.d/inotify.conf
+    state: touch
+
+- name: fix too many open files error
+  sysctl:
+    name: fs.inotify.max_user_instances
+    value: '1024'
+    sysctl_file: /etc/sysctl.d/inotify.conf
+
+- name: generate links to the initial container
+  file:
+    src: "{{ contname }}00"
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
+    state: link
+  loop: "{{ containers[1:] }}"
+  notify: enable and restart containers
+
+- name: prepare nspawn config directory
+  file:
+    path: /etc/systemd/nspawn
+    state: directory
+
+- name: provide container configuration
+  template:
+    src: contcfg.nspawn.j2
+    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
+  loop: "{{ containers }}"
+  notify: enable and restart containers
+
+- name: provide container hostname file
+  template:
+    src: hostname.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
+  loop: "{{ containers }}"
+  notify: enable and restart containers
+
+- name: provide container hosts file
+  template:
+    src: hosts.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
+  loop: "{{ containers }}"
+  notify: enable and restart containers

From d3e732bc89f803fcd4097c27d545e09fac7f417f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 20 Nov 2021 18:06:25 +0100
Subject: [PATCH 181/504] Fix tasks that falsely report 'changes'.

---
 roles/educontainer/tasks/setup.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 391ad4b..b3bef38 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -39,6 +39,8 @@
       /usr/bin/apt-get full-upgrade --yes'
   args:
     chdir: /var/lib/machines/{{ contname }}00
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.')
 
 - name: provide {{ contuser }} user account
   command:
@@ -95,10 +97,11 @@
   notify: enable and restart containers
 
 ########
-- name: prepare sysctl configuration
-  file:
-    path: /etc/sysctl.d/inotify.conf
-    state: touch
+- name: prepare local sysctl config file
+  copy:
+    content: "# Avoid 'too many open files' error:"
+    dest: /etc/sysctl.d/inotify.conf
+    force: no
 
 - name: fix too many open files error
   sysctl:

From 5b2407329103bea93ba8af37add8a23f69777453 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 14 Mar 2022 13:45:25 +0100
Subject: [PATCH 182/504] Fix apt problems.

---
 roles/educontainer/tasks/setup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index b3bef38..42fdb55 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -36,7 +36,7 @@
   command:
     cmd: >
       chroot . sh -c '/usr/bin/apt-get update &&
-      /usr/bin/apt-get full-upgrade --yes'
+      DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get full-upgrade --yes'
   args:
     chdir: /var/lib/machines/{{ contname }}00
   register: cmd_result

From 6e350463e7492f3cb70516ebb9d933787d4622b1 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 14 Mar 2022 13:45:32 +0100
Subject: [PATCH 183/504] Fix preseeded ansible-pull run.

---
 roles/educontainer/tasks/setup.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 42fdb55..91ce6f4 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -7,6 +7,12 @@
       - debootstrap
     state: latest
 
+- name: prepare machine directory
+  file:
+    path: /var/lib/machines/
+    state: directory
+    mode: 0700
+
 - name: debootstrap base system
   command:
     cmd: >

From aa34a0a9104747185b66f6a421ab5922e1b74169 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 14 Mar 2022 15:24:50 +0100
Subject: [PATCH 184/504] During preseeded install, apt-cacher is not yet
 available.

---
 roles/educontainer/tasks/setup.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 91ce6f4..e3d1517 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -16,7 +16,7 @@
 - name: debootstrap base system
   command:
     cmd: >
-      debootstrap 
+      debootstrap
       --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
       --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
@@ -24,7 +24,7 @@
     chdir: /var/lib/machines/
     creates: /var/lib/machines/{{ contname }}00
   environment: 
-    http_proxy: http://localhost:3142
+    http_proxy: "{{ '' if run_in_installer|default(false) else 'http://localhost:3142' }}"
   notify: enable and restart containers
 
 - name: provide complete apt sources

From 9e2a6a70e3e478971dcb1e2e7465ef0c81a367bc Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 16 Mar 2022 15:22:17 +0100
Subject: [PATCH 185/504] Fix warning about missing pseudo file systems.

---
 roles/educontainer/tasks/setup.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index e3d1517..37dfca0 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -38,13 +38,19 @@
     path: /var/lib/machines/{{ contname }}00/etc/profile
     line: 'export LANG=C'
 
+## Use 'chroot' here instead of 'systemd-nspawn -D …' to make it work
+## with ansible-pull in the preseed debian installer:
 - name: upgrade container
   command:
-    cmd: >
-      chroot . sh -c '/usr/bin/apt-get update &&
-      DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get full-upgrade --yes'
+    cmd: "{{ item }}"
   args:
     chdir: /var/lib/machines/{{ contname }}00
+  loop:
+    - mount --bind /proc proc
+    - mount --bind /sys sys
+    - mount --bind /dev/pts dev/pts
+    - chroot . sh -c '/usr/bin/apt-get update && DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get full-upgrade --yes'
+    - umount proc sys dev/pts
   register: cmd_result
   changed_when: cmd_result.stdout is not search('0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.')
 

From 3d3f0093ff0f299608212bab66b75d7f0c70feef Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 16 Mar 2022 17:31:37 +0100
Subject: [PATCH 186/504] Run 'setup' only on setup.

---
 roles/educontainer/tasks/main.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 0bd2fb4..5280173 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -54,12 +54,15 @@
 
 ###########
 
-- name: import setup.yml tasks
-  import_tasks: setup.yml
-  tags: 
-    - never
-    - setup
+- name: check if container template exists
+  ansible.builtin.stat:
+    path: "/var/lib/machines/{{ contname }}00"
+  register: cont
+  tags:
+    - always
 
 - name: import setup.yml tasks
   import_tasks: setup.yml
-
+  when: cont.stat.isdir is not defined
+  tags:
+    - always

From f9e8560f7b48a412ae29544300b5b601eb5d321a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 2 Apr 2022 10:05:27 +0200
Subject: [PATCH 187/504] Use systemd-resolved in the containers.

If the host uses systemd-networkd and systemd-resolved too, the
containers can be resolved from the host.
---
 roles/educontainer/tasks/setup.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 37dfca0..3aa3b32 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -100,6 +100,7 @@
     src: /lib/systemd/system/{{ item.src }}
     dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
     state: link
+    follow: False
     force: yes
   loop:
     - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
@@ -108,6 +109,18 @@
     - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
   notify: enable and restart containers
 
+- name: enable systemd-resolved in containers
+  file:
+    src: /lib/systemd/system/{{ item.src }}
+    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
+    state: link
+    follow: False
+    force: yes
+  loop:
+    - { src: systemd-resolved.service, dest: dbus-org.freedesktop.resolve1.service }
+    - { src: systemd-resolved.service, dest: multi-user.target.wants/systemd-resolved.service }
+  notify: enable and restart containers
+
 ########
 - name: prepare local sysctl config file
   copy:

From 37c767ff0c4fbc62a32222ea39ab982da5ffea72 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 2 Apr 2022 10:14:11 +0200
Subject: [PATCH 188/504] Rework systemd-networkd role.

---
 .../files/all-eth.network}                    |  2 +-
 .../handlers/main.yml                         | 14 ++++++++++
 .../systemd-networkd-resolved/tasks/main.yml  | 25 +++++++++++++++++
 .../templates/20-static.network.j2            |  0
 roles/systemd-networkd/handlers/main.yml      | 15 ----------
 roles/systemd-networkd/tasks/main.yml         | 28 -------------------
 6 files changed, 40 insertions(+), 44 deletions(-)
 rename roles/{systemd-networkd/files/10-dhcp.network => systemd-networkd-resolved/files/all-eth.network} (75%)
 create mode 100644 roles/systemd-networkd-resolved/handlers/main.yml
 create mode 100644 roles/systemd-networkd-resolved/tasks/main.yml
 rename roles/{systemd-networkd => systemd-networkd-resolved}/templates/20-static.network.j2 (100%)
 delete mode 100644 roles/systemd-networkd/handlers/main.yml
 delete mode 100644 roles/systemd-networkd/tasks/main.yml

diff --git a/roles/systemd-networkd/files/10-dhcp.network b/roles/systemd-networkd-resolved/files/all-eth.network
similarity index 75%
rename from roles/systemd-networkd/files/10-dhcp.network
rename to roles/systemd-networkd-resolved/files/all-eth.network
index aec1849..f2578d1 100644
--- a/roles/systemd-networkd/files/10-dhcp.network
+++ b/roles/systemd-networkd-resolved/files/all-eth.network
@@ -1,5 +1,5 @@
 [Match]
-Name=en*
+Name=e*
 
 [Network]
 DHCP=yes
diff --git a/roles/systemd-networkd-resolved/handlers/main.yml b/roles/systemd-networkd-resolved/handlers/main.yml
new file mode 100644
index 0000000..6084965
--- /dev/null
+++ b/roles/systemd-networkd-resolved/handlers/main.yml
@@ -0,0 +1,14 @@
+- name: restart and enable systemd-networkd
+  systemd:
+    name: systemd-networkd
+    enabled: yes
+    state: restarted
+    daemon_reload: yes
+  listen: "start and enable systemd-networkd"
+
+- name: start and enable systemd-resolved
+  systemd:
+    name: systemd-resolved
+    enabled: yes
+    state: started
+  listen: "start and enable systemd-resolved"
diff --git a/roles/systemd-networkd-resolved/tasks/main.yml b/roles/systemd-networkd-resolved/tasks/main.yml
new file mode 100644
index 0000000..3033c67
--- /dev/null
+++ b/roles/systemd-networkd-resolved/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: move /etc/network/interfaces away
+  command:
+    cmd: mv /etc/network/interfaces /etc/network/interfaces_orig
+    creates: /etc/network/interfaces_orig
+
+- name: switch to systemd-networkd
+  copy:
+    src: all-eth.network
+    dest: /etc/systemd/network/all-eth.network
+  notify: "start and enable systemd-networkd"
+
+#- name: install static configuration for networkd
+#  template:
+#    src: 20-static.network.j2
+#    dest: /etc/systemd/network/20-static.network
+#  notify: "enable systemd-networkd"
+
+- name: enable local stub resolver
+  file:
+    src: /run/systemd/resolve/stub-resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    follow: False
+    force: yes
+  notify: "start and enable systemd-resolved"
diff --git a/roles/systemd-networkd/templates/20-static.network.j2 b/roles/systemd-networkd-resolved/templates/20-static.network.j2
similarity index 100%
rename from roles/systemd-networkd/templates/20-static.network.j2
rename to roles/systemd-networkd-resolved/templates/20-static.network.j2
diff --git a/roles/systemd-networkd/handlers/main.yml b/roles/systemd-networkd/handlers/main.yml
deleted file mode 100644
index eaf56fa..0000000
--- a/roles/systemd-networkd/handlers/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: enable systemd-networkd
-  systemd:
-    name: systemd-networkd
-    enabled: yes
-    state: restarted
-    daemon_reload: yes
-  listen: "start and enable systemd-networkd"
-
-- name: use systemd-resolved
-  file:
-    src: /run/systemd/resolve/stub-resolv.conf
-    dest: /etc/resolv.conf
-    state: link
-    force: Yes
-  listen: "use systemd-resolved"
diff --git a/roles/systemd-networkd/tasks/main.yml b/roles/systemd-networkd/tasks/main.yml
deleted file mode 100644
index f863fa0..0000000
--- a/roles/systemd-networkd/tasks/main.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-- name: check if /etc/network/interfaces is still there
-  stat: path=/etc/network/interfaces
-  register: interfaces
-
-- name: move /etc/network/interfaces away
-  command: mv /etc/network/interfaces /etc/network/interfaces_disabled
-  when: interfaces.stat.exists
-
-- name: install dynamic configuration for networkd
-  copy:
-    src: 10-dhcp.network
-    dest: /etc/systemd/network/10-dhcp.network
-  notify: "start and enable systemd-networkd"
-
-#- name: install static configuration for networkd
-#  template:
-#    src: 20-static.network.j2
-#    dest: /etc/systemd/network/20-static.network
-#  notify: "enable systemd-networkd"
-
-- name: enable systemd-resolved
-  systemd:
-    name: systemd-resolved
-    enabled: yes
-    state: started
-  notify: "use systemd-resolved"
-
-- meta: flush_handlers

From 4b4dad5bfee086d0011212dfcf5614819feb5dd9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 2 Apr 2022 11:51:38 +0200
Subject: [PATCH 189/504] Make the containers resolvable from the host.

---
 edubox.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/edubox.yml b/edubox.yml
index 919eb47..cd004bb 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -68,3 +68,4 @@
   roles:
     - up2date-debian
     - educontainer
+    - systemd-networkd-resolved

From b28542748276f0c11645e5287f1dcf743f915783 Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 00:26:46 +0300
Subject: [PATCH 190/504] Parameterize become_user

    To allow some flexibility in mixed environments.
---
 roles/prepare4clients/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 3cefa14..c3a2513 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -182,7 +182,7 @@
     repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
     dest: "{{ repo_dir }}"
     update: no
-  become_user: "ansible"
+  become_user: "{{ ansible_user }}"
   when: not run_in_installer|default(false)|bool
 
 - name: start git-repo

From 53b54edd1879607dd379de2f85f12c7d254704d4 Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 00:28:01 +0300
Subject: [PATCH 191/504] Sync role names to the ones under roles/

Not sure why these were named differently but in any case couldn't
get stuff working without this change.
---
 installbox.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 48e5d9f..6e1c4c6 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -38,7 +38,7 @@
   roles:
     - up2date-debian
     - two-interface-firewalld
-    - dhcp-dns-dnsmasq
-    - tftp-netboot-installer
+    - dnsmasq
+    - netboot-installer
     - apt-cacher
     - prepare4clients

From 1a9b3ba2e60703a664669063ae76317dc0944d4d Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 00:29:25 +0300
Subject: [PATCH 192/504] Parameterize most of the LAN config

So that it adapts to e.g. 192.168.50/24 instead of 192.168.0/24
---
 installbox.yml                              |  2 ++
 roles/dns-dhcp-tftp/tasks/main.yml          |  4 ++--
 roles/dns-dhcp-tftp/templates/db.lan.j2     | 11 +++++++++++
 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 |  6 +++---
 roles/dns-dhcp-tftp/templates/localzones.j2 |  6 +++---
 5 files changed, 21 insertions(+), 8 deletions(-)
 create mode 100644 roles/dns-dhcp-tftp/templates/db.lan.j2

diff --git a/installbox.yml b/installbox.yml
index 6e1c4c6..37610d8 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,6 +17,8 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
+    ipaddr_lan_threeoct: {{ ipaddr_lan.split('.')[0:3] | join('.')}}
+    ipaddr_lan_ptr:  {{ ipaddr_lan | ansible.netcommon.ipaddr('revdns').split('.')[1:-1] | join('.') }}
     dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
index 1d4d741..26f11ec 100644
--- a/roles/dns-dhcp-tftp/tasks/main.yml
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -42,7 +42,7 @@
     dest: "/etc/bind/{{ item }}"
   loop:
     - db.intern
-    - db.192.168.0
+    - db.lan
     - localzones
   notify: restart bind
 
@@ -53,7 +53,7 @@
     state: link
   loop:
     - db.intern
-    - db.192.168.0
+    - db.lan
   notify: restart bind
 
 - name: enable local bind config
diff --git a/roles/dns-dhcp-tftp/templates/db.lan.j2 b/roles/dns-dhcp-tftp/templates/db.lan.j2
new file mode 100644
index 0000000..3f942c1
--- /dev/null
+++ b/roles/dns-dhcp-tftp/templates/db.lan.j2
@@ -0,0 +1,11 @@
+$TTL 500
+@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
+                                1          ; Serial
+                                3600       ; Refresh
+                                1800       ; Retry
+                                720000     ; Expire
+                                6400 )     ; Negative Cache TTL
+;
+@                       NS      {{ ansible_fqdn }}.
+                        MX      10 {{ ansible_fqdn }}.
+{{ ipaddr_lan | ipaddr("address") | regex_replace("^.*\.(.+$)", "\\1") }}                      PTR     {{ ansible_fqdn }}.
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
index b548beb..aa724b9 100644
--- a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
@@ -26,7 +26,7 @@ zone intern. {
   key rndc-key;
 }
 
-zone 0.168.192.in-addr.arpa. {
+zone "{{ ipaddr_lan_ptr }}" {
   primary 127.0.0.1;
   key rndc-key;
 }
@@ -41,7 +41,7 @@ authoritative;
 #log-facility local7;
 
 ## The tftpd server IP address, for all clients.
-next-server 192.168.0.10;
+next-server {{ ipaddr_lan | ipaddr("address") }};
 
 option arch code 93 = unsigned integer 16;
 if option arch = 00:07 {
@@ -50,7 +50,7 @@ if option arch = 00:07 {
       filename "d-i/n-a/pxelinux.0";
 }
 
-subnet 192.168.0.0 netmask 255.255.255.0 {
+subnet {{ ipaddr_lan | ipaddr("address") }} netmask {{ ipaddr_lan | ipaddr("netmask") }} {
       option routers {{ ipaddr_lan | ipaddr("address") }};
       range {{ dhcp_start }} {{ dhcp_stop }};
 }
diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dns-dhcp-tftp/templates/localzones.j2
index b0d958c..180dbc0 100644
--- a/roles/dns-dhcp-tftp/templates/localzones.j2
+++ b/roles/dns-dhcp-tftp/templates/localzones.j2
@@ -1,10 +1,10 @@
 include "/etc/bind/rndc.key";
 
-zone "0.168.192.in-addr.arpa" {
+zone "{{ ipaddr_lan_ptr }}" {
         type master;
         notify no;
-        file "/etc/bind/db.192.168.0";
-        journal "/var/lib/bind/db.192.168.0.jnl";
+        file "/etc/bind/db.{{ ipaddr_lan_threeoct }}";
+        journal "/var/lib/bind/db.{{ ipaddr_lan_threeoct }}.jnl";
         allow-update { key rndc-key; };
 };
 

From c56745215e38ad7b60802c04e8142df0abfd87bc Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 00:44:31 +0300
Subject: [PATCH 193/504] Quote fix

---
 installbox.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 37610d8..6ab32c3 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,8 +17,8 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    ipaddr_lan_threeoct: {{ ipaddr_lan.split('.')[0:3] | join('.')}}
-    ipaddr_lan_ptr:  {{ ipaddr_lan | ansible.netcommon.ipaddr('revdns').split('.')[1:-1] | join('.') }}
+    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.')}}"
+    ipaddr_lan_ptr: "{{ ipaddr_lan | ansible.netcommon.ipaddr('revdns').split('.')[1:-1] | join('.') }}"
     dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"

From 1a0b2614bcd807038004f481f3f22fc2b3a77fa4 Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 00:44:49 +0300
Subject: [PATCH 194/504] Create /etc/ansible if it doesn't exist

---
 roles/prepare4clients/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index c3a2513..f1fbc97 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -197,6 +197,7 @@
 - name: add clients to inventory
   blockinfile:
     dest: /etc/ansible/hosts
+    create: yes
     block: |
       [kerberox-client]
       {{ in_inventory }}

From bf265a8309b9f2e79b87b3fb9159b60d0026b757 Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 09:25:31 +0300
Subject: [PATCH 195/504] Tweaks

---
 installbox.yml                                |  5 +++--
 roles/dns-dhcp-tftp/tasks/main.yml            |  9 +++++++--
 roles/dns-dhcp-tftp/templates/db.192.168.0.j2 | 11 -----------
 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2   |  4 ++--
 roles/dns-dhcp-tftp/templates/localzones.j2   |  2 +-
 5 files changed, 13 insertions(+), 18 deletions(-)
 delete mode 100644 roles/dns-dhcp-tftp/templates/db.192.168.0.j2

diff --git a/installbox.yml b/installbox.yml
index 6ab32c3..116b271 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,8 +17,9 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.')}}"
-    ipaddr_lan_ptr: "{{ ipaddr_lan | ansible.netcommon.ipaddr('revdns').split('.')[1:-1] | join('.') }}"
+    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
+    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
+    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
     dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
index 26f11ec..98d4b00 100644
--- a/roles/dns-dhcp-tftp/tasks/main.yml
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -42,10 +42,15 @@
     dest: "/etc/bind/{{ item }}"
   loop:
     - db.intern
-    - db.lan
     - localzones
   notify: restart bind
 
+- name: deploy config files for bind9 - special case where template destination filename is dynamic
+  template:
+    src: db.lan.j2
+    dest: "/etc/bind/db.{{ ipaddr_lan_threeoct }}"
+  notify: restart bind
+
 - name: link zone files to writeable directory for DDNS
   file:
     src: "/etc/bind/{{ item }}"
@@ -53,7 +58,7 @@
     state: link
   loop:
     - db.intern
-    - db.lan
+    - "db.{{ ipaddr_lan_threeoct }}"
   notify: restart bind
 
 - name: enable local bind config
diff --git a/roles/dns-dhcp-tftp/templates/db.192.168.0.j2 b/roles/dns-dhcp-tftp/templates/db.192.168.0.j2
deleted file mode 100644
index 3f942c1..0000000
--- a/roles/dns-dhcp-tftp/templates/db.192.168.0.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-$TTL 500
-@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
-                                1          ; Serial
-                                3600       ; Refresh
-                                1800       ; Retry
-                                720000     ; Expire
-                                6400 )     ; Negative Cache TTL
-;
-@                       NS      {{ ansible_fqdn }}.
-                        MX      10 {{ ansible_fqdn }}.
-{{ ipaddr_lan | ipaddr("address") | regex_replace("^.*\.(.+$)", "\\1") }}                      PTR     {{ ansible_fqdn }}.
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
index aa724b9..cca662e 100644
--- a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
@@ -26,7 +26,7 @@ zone intern. {
   key rndc-key;
 }
 
-zone "{{ ipaddr_lan_ptr }}" {
+zone {{ ipaddr_lan_ptr }} {
   primary 127.0.0.1;
   key rndc-key;
 }
@@ -50,7 +50,7 @@ if option arch = 00:07 {
       filename "d-i/n-a/pxelinux.0";
 }
 
-subnet {{ ipaddr_lan | ipaddr("address") }} netmask {{ ipaddr_lan | ipaddr("netmask") }} {
+subnet {{ ipaddr_lan | ipaddr("network") }} netmask {{ ipaddr_lan | ipaddr("netmask") }} {
       option routers {{ ipaddr_lan | ipaddr("address") }};
       range {{ dhcp_start }} {{ dhcp_stop }};
 }
diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dns-dhcp-tftp/templates/localzones.j2
index 180dbc0..7cd8cb9 100644
--- a/roles/dns-dhcp-tftp/templates/localzones.j2
+++ b/roles/dns-dhcp-tftp/templates/localzones.j2
@@ -1,6 +1,6 @@
 include "/etc/bind/rndc.key";
 
-zone "{{ ipaddr_lan_ptr }}" {
+zone "{{ ipaddr_lan_ptr[:-1] }}" {
         type master;
         notify no;
         file "/etc/bind/db.{{ ipaddr_lan_threeoct }}";

From ee15b0c27210c381ff7d0c17fa0f96c6a57fb43e Mon Sep 17 00:00:00 2001
From: Jukka Nousiainen <jukka.nousiainen@csc.fi>
Date: Sun, 25 Jul 2021 09:33:49 +0300
Subject: [PATCH 196/504] Change dns-dhcp-tftp variables to the right playbook

---
 installbox.yml | 3 ---
 sambox.yml     | 3 +++
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/installbox.yml b/installbox.yml
index 116b271..6e1c4c6 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,9 +17,6 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
-    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
-    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
     dhcp_range: 192.168.0.50,192.168.0.99,2h
 
     di_dist: "{{ ansible_distribution_release }}"
diff --git a/sambox.yml b/sambox.yml
index 85560e1..a8efcc1 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -18,6 +18,9 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
+    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
+    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
+    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
     dhcp_start: 192.168.0.50
     dhcp_stop:  192.168.0.150
     in_inventory: 192.168.0.[50:150]

From c7030c924566ed5ada6b983b3a5c0d7dca6c8b12 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 2 Apr 2022 18:19:45 +0200
Subject: [PATCH 197/504] Implement container 'restart' tag.

---
 edubox.yml                        | 1 +
 roles/educontainer/tasks/main.yml | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/edubox.yml b/edubox.yml
index cd004bb..8376eef 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -14,6 +14,7 @@
 ##
 ##    --tags=start    start all containers
 ##    --tags=stop     stop all containers
+##    --tags=restart  stop, then start all containers
 ##    --tags=reset    reset all containers to the initial image
 ##    --tags=purge    purge all containers
 ##    --tags=setup    purge all containers and setup again
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 5280173..76748af 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -20,6 +20,7 @@
     - reset
     - purge
     - setup
+    - restart
 
 - name: purge all containers
   command:
@@ -51,6 +52,7 @@
     - never
     - start
     - reset
+    - restart
 
 ###########
 

From 2cf34e8e558e31c92eec05c303e0ebbc8bfae45f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 11 Jun 2022 12:42:02 +0200
Subject: [PATCH 198/504] Fix some ansible-lint complaints.

---
 README.kerberox                               |  4 +-
 cloudbox.yml                                  | 14 ++---
 edubox.yml                                    |  8 +--
 host_vars/blackbox.yml                        |  2 +-
 host_vars/bluebox.yml                         |  2 +-
 installbox.yml                                |  2 +-
 kerberox-client.yml                           |  8 +--
 kerberox.yml                                  | 10 ++--
 kiosk.yml                                     |  4 +-
 minimal-krb5.yml                              |  2 +-
 minimal.yml                                   |  2 +-
 roles/apt-cacher/tasks/main.yml               | 14 ++---
 roles/backup/handlers/main.yml                |  2 +-
 roles/backup/tasks/main.yml                   |  5 +-
 roles/ddns-update/handlers/main.yml           |  4 +-
 roles/ddns-update/tasks/main.yml              |  3 +
 roles/dns-dhcp-tftp/tasks/main.yml            | 23 ++++----
 roles/dns-dhcp-tftp/templates/dhcpd.conf.j2   |  2 +-
 roles/dnsmasq/tasks/main.yml                  |  4 +-
 roles/educontainer/handlers/main.yml          |  2 +-
 roles/educontainer/tasks/main.yml             |  4 +-
 roles/educontainer/tasks/setup.yml            | 45 +++++++++-----
 roles/gnome/tasks/main.yml                    | 18 ++++--
 roles/kde/tasks/main.yml                      |  4 +-
 roles/kiosk/handlers/main.yml                 | 23 ++------
 roles/kiosk/tasks/main.yml                    | 35 ++++++-----
 roles/krb5-kdc-ldap/meta/main.yml             |  2 +-
 roles/krb5-kdc-ldap/tasks/main.yml            | 24 +++++---
 roles/lan-client/defaults/main.yml            |  2 +-
 roles/lan-client/handlers/main.yml            |  4 +-
 roles/lan-client/tasks/main.yml               |  7 ++-
 roles/ldap/defaults/main.yml                  |  6 +-
 roles/ldap/handlers/main.cfg                  |  4 ++
 roles/ldap/tasks/main.yml                     |  7 ++-
 roles/ldap/tasks/setup.yml                    | 26 ++++-----
 roles/ldap/templates/slapd-TLS.ldif           |  4 +-
 roles/low-power/handlers/main.yml             |  2 +-
 roles/low-power/tasks/main.yml                |  4 +-
 roles/netboot-installer/tasks/main.yml        |  8 ++-
 roles/nextcloud-upgrade/handlers/main.yml     | 14 +++++
 roles/nextcloud-upgrade/tasks/main.yml        | 38 ++----------
 roles/nextcloud/defaults/main.yml             |  2 +-
 roles/nextcloud/handlers/main.yml             |  2 +-
 roles/nextcloud/tasks/main.yml                | 58 +++++++++++--------
 roles/nfs-server/defaults/main.yml            |  2 +-
 roles/nfs-server/tasks/main.yml               | 14 +++--
 roles/prepare4clients/handlers/main.yml       |  4 +-
 roles/prepare4clients/tasks/main.yml          | 30 ++++++----
 roles/samba-ldap/handlers/main.yml            |  1 -
 roles/samba-ldap/meta/main.yml                |  2 +-
 roles/samba-ldap/tasks/main.yml               | 20 +++----
 roles/samba-ldap/templates/sssd.conf.j2       |  2 +-
 roles/smb-sshfs-client/handlers/main.yml      |  3 +-
 roles/smb-sshfs-client/tasks/main.yml         | 12 ++--
 .../handlers/main.yml                         |  6 +-
 .../systemd-networkd-resolved/tasks/main.yml  | 15 ++---
 .../templates/20-static.network.j2            |  2 +-
 roles/transparent-squid/tasks/main.yml        | 20 ++++---
 roles/two-interface-firewalld/tasks/main.yml  | 14 +++--
 roles/two-interface-shorewall/tasks/main.yml  | 15 ++---
 roles/up2date-debian/tasks/main.yml           | 14 ++---
 roles/web-server/tasks/main.yml               |  2 +-
 sambox-client.yml                             |  6 +-
 sambox.yml                                    | 10 ++--
 64 files changed, 357 insertions(+), 297 deletions(-)
 create mode 100644 roles/ldap/handlers/main.cfg
 create mode 100644 roles/nextcloud-upgrade/handlers/main.yml

diff --git a/README.kerberox b/README.kerberox
index 9362321..1e969af 100644
--- a/README.kerberox
+++ b/README.kerberox
@@ -5,7 +5,7 @@
     sudo cat /root/kadmin.pwd
 
 ## Then:
-    cd /home/ansible/debian-lan/ 
+    cd /home/ansible/debian-lan/
     ansible-playbook --ask-become-pass kerberox-client.yml
 
-## Enter the 'BECOME' password and the kadmin password obtained above.       
+## Enter the 'BECOME' password and the kadmin password obtained above.
diff --git a/cloudbox.yml b/cloudbox.yml
index 81634fd..0a78efc 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -4,12 +4,12 @@
 - name: apply configuration to the cloudbox
   hosts: cloudboxes
   remote_user: ansible
-  become: Yes
+  become: true
   vars:
     if_lan: "enp1s0"
     ipaddr: "192.168.2.50/24"
     gateway: "192.168.2.1"
-    DNS: "192.168.2.1"
+    dns: "192.168.2.1"
     ddns_domain: "something.ddnss.de"
     ddns_updkey: "138638.some.key.here.635620"
     ## 'nc_download' and 'nc_checksum' are only
@@ -32,17 +32,16 @@
 #    - low-power
     - nextcloud
     - nextcloud-upgrade
-    - backup
+#    - backup
 
-
-## Hosts in the the 'only_nextcloud'-group are only upgraded: 
+## Hosts in the the 'only_nextcloud'-group are only upgraded:
 
 - name: upgrade nextcloud only
   hosts: only_nextcloud
   remote_user: ansible
-  become: Yes
+  become: true
   vars:
-    nc_dir: "/var/www/nextcloud" 
+    nc_dir: "/var/www/nextcloud"
     nc_apps:
       - calendar
       - notes
@@ -51,4 +50,3 @@
   roles:
     - up2date-debian
     - nextcloud-upgrade
-
diff --git a/edubox.yml b/edubox.yml
index 8376eef..06ca4fe 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -23,7 +23,7 @@
 - name: apply configuration to the edubox
   hosts: all # eduboxes
   remote_user: ansible
-  become: yes
+  become: true
   vars:
     contname: cont
     ## User name for the user in the container:
@@ -52,19 +52,19 @@
     - name: install apt-cacher-ng
       apt:
         name: apt-cacher-ng
-        state: latest
+        state: latest # noqa package-latest
 
     - name: enable apt-cacher-ng
       lineinfile:
         path: /etc/apt/apt.conf.d/30proxy
         line: 'Acquire::http::Proxy "http://localhost:3142/";'
-        create: yes
+        create: true
 
     - name: enable and start systemd-networkd on the host
       systemd:
         name: systemd-networkd
         state: started
-        enabled: yes
+        enabled: true
 
   roles:
     - up2date-debian
diff --git a/host_vars/blackbox.yml b/host_vars/blackbox.yml
index 7e2e4aa..a1f3799 100644
--- a/host_vars/blackbox.yml
+++ b/host_vars/blackbox.yml
@@ -1,4 +1,4 @@
-allow_download: True
+allow_download: true
 backup_dirs_extra:
   - /home
 backup_opts_extra: ""
diff --git a/host_vars/bluebox.yml b/host_vars/bluebox.yml
index 3fff54c..dacab7d 100644
--- a/host_vars/bluebox.yml
+++ b/host_vars/bluebox.yml
@@ -1 +1 @@
-allow_download: True
+allow_download: true
diff --git a/installbox.yml b/installbox.yml
index 6e1c4c6..81ddb59 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -6,7 +6,7 @@
 - name: apply configuration to the installbox
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
 
   vars:
     ## This interface provides the default route:
diff --git a/kerberox-client.yml b/kerberox-client.yml
index cd7b29f..695c3a1 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -4,7 +4,7 @@
 - name: apply configuration to the machines
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
   vars:
     extra_pkgs:
       - webext-privacy-badger
@@ -16,12 +16,12 @@
   vars_prompt:
     - name: "kadmin_pwd"
       prompt: "Provide kadmin password to fetch kerberos keytab.\nLeave empty if done already"
-      private: yes
+      private: true
 
   roles:
     - up2date-debian
     - lan-client
     - kerberize
     ## Choose either gnome or KDE:
-    #- gnome
-    #- kde
+    # - gnome
+    # - kde
diff --git a/kerberox.yml b/kerberox.yml
index edb56d3..976db14 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -5,7 +5,7 @@
 - name: apply configuration to the kerberox server
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
 
   vars:
     ## This interface provides the default route:
@@ -34,7 +34,7 @@
         In case you would like to prepare a test user 'foo' and have
         not done so yet, provide foo's password here.  Leave empty to
         just continue
-      private: yes
+      private: true
 
 
   pre_tasks:
@@ -50,7 +50,9 @@
     - netboot-installer
     - dnsmasq
     - apt-cacher
-    - { role: krb5-kdc-ldap, when: not run_in_installer|default(false)|bool }
-    - { role: nfs-server, when: not run_in_installer|default(false)|bool }
+    - role: krb5-kdc-ldap
+      when: not run_in_installer|default(false)|bool
+    - role: nfs-server
+      when: not run_in_installer|default(false)|bool
     - prepare4clients
     - kerberize
diff --git a/kiosk.yml b/kiosk.yml
index b68bbb7..076e42d 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -4,7 +4,7 @@
 - name: apply configuration to the machines
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
   vars:
     auto_user: debi
     wifi_ssid: "YOUR SSID HERE"
@@ -18,5 +18,5 @@
     - up2date-debian
     ## Choose either gnome or KDE:
     - gnome
-    #- kde
+    # - kde
     - kiosk
diff --git a/minimal-krb5.yml b/minimal-krb5.yml
index ebba3a2..a7644c8 100644
--- a/minimal-krb5.yml
+++ b/minimal-krb5.yml
@@ -4,7 +4,7 @@
 - name: apply a minimal configuration with kerberos LAN integration
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
   roles:
     - up2date-debian
     - lan-client
diff --git a/minimal.yml b/minimal.yml
index c31c0c8..921b8db 100644
--- a/minimal.yml
+++ b/minimal.yml
@@ -4,6 +4,6 @@
 - name: apply a minimal configuration to the machine
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
   roles:
     - up2date-debian
diff --git a/roles/apt-cacher/tasks/main.yml b/roles/apt-cacher/tasks/main.yml
index 7439eb4..01b745d 100644
--- a/roles/apt-cacher/tasks/main.yml
+++ b/roles/apt-cacher/tasks/main.yml
@@ -1,17 +1,17 @@
 - name: install apt-cacher-ng package
   apt:
     name: apt-cacher-ng
-    state: latest
+    state: latest # noqa package-latest
 
 - name: enable apt-cacher-ng for localhost
   copy:
     src: apt.conf
     dest: /etc/apt/apt.conf
-    force: no
+    force: false
+    mode: 0644
   notify: "start apt-cacher-ng"
   when: not run_in_installer|default(false)|bool  ## do not enable apt-cacher during installation
 
-
 - name: check if preseeded installer is available
   stat: path={{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg
   register: preseedcfg
@@ -27,8 +27,8 @@
   firewalld:
     zone: internal
     port: 3142/tcp
-    permanent: yes
-    immediate: yes
+    permanent: true
+    immediate: true
     state: enabled
   when: not run_in_installer|default(false)|bool
 
@@ -36,5 +36,5 @@
   command: "firewall-offline-cmd --zone=internal --add-port=3142/tcp"
   when: run_in_installer|default(false)|bool
 
-
-- meta: flush_handlers
+- name: flush handler to make apt-cacher available
+  meta: flush_handlers
diff --git a/roles/backup/handlers/main.yml b/roles/backup/handlers/main.yml
index 43950ec..3a4f8f6 100644
--- a/roles/backup/handlers/main.yml
+++ b/roles/backup/handlers/main.yml
@@ -2,5 +2,5 @@
   systemd:
     name: backup.timer
     state: started
-    enabled: True
+    enabled: true
   listen: "enable backup.timer"
diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml
index 5cbd241..f263d5c 100644
--- a/roles/backup/tasks/main.yml
+++ b/roles/backup/tasks/main.yml
@@ -1,7 +1,7 @@
 - name: install borg
   apt:
     name: borgbackup
-    state: latest
+    state: latest # noqa package-latest
 
 - name: check if borg password is available
   stat: path="{{ borg_pwd_file }}"
@@ -9,7 +9,7 @@
 
 - name: dump borg password
   shell: echo -n "{{ borg_pwd }}" > "{{ borg_pwd_file }}" ; chmod 0600 "{{ borg_pwd_file }}"
-  no_log: True
+  no_log: true
   when: not borg.stat.exists
 
 - name: provide backup script
@@ -22,6 +22,7 @@
   copy:
     src: "{{ item }}"
     dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
   with_items:
     - backup.service
     - backup.timer
diff --git a/roles/ddns-update/handlers/main.yml b/roles/ddns-update/handlers/main.yml
index a1700e2..1022036 100644
--- a/roles/ddns-update/handlers/main.yml
+++ b/roles/ddns-update/handlers/main.yml
@@ -2,6 +2,6 @@
   systemd:
     name: ddns-update.timer
     state: restarted
-    daemon_reload: yes
-    enabled: yes
+    daemon_reload: true
+    enabled: true
   listen: "enable ddns-update timer"
diff --git a/roles/ddns-update/tasks/main.yml b/roles/ddns-update/tasks/main.yml
index 54e3412..a345036 100644
--- a/roles/ddns-update/tasks/main.yml
+++ b/roles/ddns-update/tasks/main.yml
@@ -5,6 +5,7 @@
   template:
     src: ddns-update.conf.j2
     dest: /etc/ddns-update/ddns-update.conf
+    mode: 0644
 
 - name: install ddns-update script
   copy:
@@ -16,9 +17,11 @@
   copy:
     src: ddns-update.service
     dest: /etc/systemd/system/ddns-update.service
+    mode: 0644
 
 - name: install ddns-update.timer
   copy:
     src: ddns-update.timer
     dest: /etc/systemd/system/ddns-update.timer
+    mode: 0644
   notify: enable ddns-update timer
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml
index 98d4b00..623741f 100644
--- a/roles/dns-dhcp-tftp/tasks/main.yml
+++ b/roles/dns-dhcp-tftp/tasks/main.yml
@@ -12,7 +12,7 @@
       - isc-dhcp-server
       - tftpd-hpa
       - bind9
-    state: latest
+    state: latest # noqa package-latest
 
 ## FIXME: preseeding seems to be ignored
 - name: configure TFTP root directory
@@ -22,7 +22,7 @@
     replace: 'TFTP_DIRECTORY="/var/lib/tftpboot"'
   notify: restart tftpd-hpa
 
-- name: serve dhcp on LAN interface       
+- name: serve dhcp on LAN interface
   replace:
     path: /etc/default/isc-dhcp-server
     regexp: '^INTERFACESv4=".*"$'
@@ -33,13 +33,15 @@
   template:
     src: dhcpd.conf.j2
     dest: /etc/dhcp/dhcpd.conf
-    backup: yes
+    mode: 0644
+    backup: true
   notify: restart isc-dhcp-server
 
-- name: deploy config files for bind9 
+- name: deploy config files for bind9
   template:
     src: "{{ item }}.j2"
     dest: "/etc/bind/{{ item }}"
+    mode: 0644
   loop:
     - db.intern
     - localzones
@@ -49,6 +51,7 @@
   template:
     src: db.lan.j2
     dest: "/etc/bind/db.{{ ipaddr_lan_threeoct }}"
+    mode: 0644
   notify: restart bind
 
 - name: link zone files to writeable directory for DDNS
@@ -71,6 +74,7 @@
   template:
     src: resolv.conf.j2
     dest: /etc/resolv.conf
+    mode: 0644
   notify: restart isc-dhcp-server
 
 ## stop dhclient from overwriting /etc/resolv.conf:
@@ -80,7 +84,7 @@
     block: |
       supersede domain-search "{{ ansible_domain }}";
       supersede domain-name-servers 127.0.0.1;
-    insertbefore: "#send dhcp-client-identifier.*" 
+    insertbefore: "#send dhcp-client-identifier.*"
   notify: restart dhcp-client
 
 - name: generate rndc key
@@ -90,11 +94,10 @@
 
 - name: copy rndc key
   copy:
-    src: /etc/bind/rndc.key 
+    src: /etc/bind/rndc.key
     dest: /etc/dhcp/
-    owner: root 
+    owner: root
     group: root
-    mode: '0640'
-    remote_src: yes  
+    mode: 0640
+    remote_src: true
   notify: restart isc-dhcp-server
-
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
index cca662e..9bb803c 100644
--- a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
+++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
@@ -56,7 +56,7 @@ subnet {{ ipaddr_lan | ipaddr("network") }} netmask {{ ipaddr_lan | ipaddr("netm
 }
 
 
-# No service will be given on this subnet, but declaring it helps the 
+# No service will be given on this subnet, but declaring it helps the
 # DHCP server to understand the network topology.
 
 #subnet 10.152.187.0 netmask 255.255.255.0 {
diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml
index d5e7fc2..00f73a6 100644
--- a/roles/dnsmasq/tasks/main.yml
+++ b/roles/dnsmasq/tasks/main.yml
@@ -7,16 +7,18 @@
     name:
       - dnsmasq
       - resolvconf
-    state: latest
+    state: latest # noqa package-latest
 
 - name: configure dnsmasq dhcp
   template:
     src: dnsmasq-dhcp.j2
     dest: /etc/dnsmasq.d/dnsmasq-dhcp
+    mode: 0644
   notify: "restart dnsmasq"
 
 - name: configure dnsmasq tftp
   template:
     src: dnsmasq-tftp-netboot-installer.j2
     dest: /etc/dnsmasq.d/tftp-netboot-installer
+    mode: 0644
   notify: "restart dnsmasq"
diff --git a/roles/educontainer/handlers/main.yml b/roles/educontainer/handlers/main.yml
index 44ccc8e..70b52ec 100644
--- a/roles/educontainer/handlers/main.yml
+++ b/roles/educontainer/handlers/main.yml
@@ -2,6 +2,6 @@
   systemd:
     name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
     state: restarted
-    enabled: yes
+    enabled: true
   loop: "{{ containers }}"
   listen: enable and restart containers
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
index 76748af..d5dfc93 100644
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@@ -2,8 +2,8 @@
 ##
 ## Port mapping to the host:
 ##
-##  container 0: ssh → host port 10000,  HTTP → 10100                 
-##  container 1: ssh → host port 10001,  HTTP → 10101 
+##  container 0: ssh → host port 10000,  HTTP → 10100
+##  container 1: ssh → host port 10001,  HTTP → 10101
 ##     ...                        ...            ...
 ##
 ##  User '{{ contuser }}' in the sudo group.  Password is '{{ contpwd }}'.
diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 3aa3b32..4296a72 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -5,7 +5,7 @@
     name:
       - systemd-container
       - debootstrap
-    state: latest
+    state: latest # noqa package-latest
 
 - name: prepare machine directory
   file:
@@ -23,7 +23,7 @@
   args:
     chdir: /var/lib/machines/
     creates: /var/lib/machines/{{ contname }}00
-  environment: 
+  environment:
     http_proxy: "{{ '' if run_in_installer|default(false) else 'http://localhost:3142' }}"
   notify: enable and restart containers
 
@@ -31,7 +31,8 @@
   copy:
     src: /etc/apt/sources.list
     dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
-    remote_src: yes
+    mode: 0644
+    remote_src: true
 
 - name: configure locale
   lineinfile:
@@ -57,7 +58,7 @@
 - name: provide {{ contuser }} user account
   command:
     cmd: >
-      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
+      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash
       -c "User {{ contuser }},,," -G sudo {{ contuser }}'
   args:
     chdir: /var/lib/machines/{{ contname }}00
@@ -89,6 +90,7 @@
   file:
     path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
     state: directory
+    mode: 0755
   loop:
     - multi-user.target.wants
     - sockets.target.wants
@@ -100,13 +102,17 @@
     src: /lib/systemd/system/{{ item.src }}
     dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
     state: link
-    follow: False
-    force: yes
+    follow: false
+    force: true
   loop:
-    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
-    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
-    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
-    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
+    - src: systemd-networkd.service
+      dest: dbus-org.freedesktop.network1.service
+    - src: systemd-networkd.service
+      dest: multi-user.target.wants/systemd-networkd.service
+    - src: systemd-networkd.socket
+      dest: sockets.target.wants/systemd-networkd.socket
+    - src: systemd-networkd-wait-online.service
+      dest: network-online.target.wants/systemd-networkd-wait-online.service
   notify: enable and restart containers
 
 - name: enable systemd-resolved in containers
@@ -114,11 +120,13 @@
     src: /lib/systemd/system/{{ item.src }}
     dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
     state: link
-    follow: False
-    force: yes
+    follow: false
+    force: true
   loop:
-    - { src: systemd-resolved.service, dest: dbus-org.freedesktop.resolve1.service }
-    - { src: systemd-resolved.service, dest: multi-user.target.wants/systemd-resolved.service }
+    - src: systemd-resolved.service
+      dest: dbus-org.freedesktop.resolve1.service
+    - src: systemd-resolved.service
+      dest: multi-user.target.wants/systemd-resolved.service
   notify: enable and restart containers
 
 ########
@@ -126,7 +134,8 @@
   copy:
     content: "# Avoid 'too many open files' error:"
     dest: /etc/sysctl.d/inotify.conf
-    force: no
+    mode: 0644
+    force: false
 
 - name: fix too many open files error
   sysctl:
@@ -146,11 +155,13 @@
   file:
     path: /etc/systemd/nspawn
     state: directory
+    mode: 0755
 
 - name: provide container configuration
   template:
     src: contcfg.nspawn.j2
-    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
+    dest: /etc/systemd/nspawn/{{ contname }}{{ "%02d" | format(item|int) }}.nspawn
+    mode: 0644
   loop: "{{ containers }}"
   notify: enable and restart containers
 
@@ -158,6 +169,7 @@
   template:
     src: hostname.j2
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
+    mode: 0644
   loop: "{{ containers }}"
   notify: enable and restart containers
 
@@ -165,5 +177,6 @@
   template:
     src: hosts.j2
     dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
+    mode: 0644
   loop: "{{ containers }}"
   notify: enable and restart containers
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index 432229c..ab80bda 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -1,5 +1,5 @@
-#- name: gnome hibernate by default
-#  apt: name=gnome-shell-extension-suspend-button state=latest
+# - name: gnome hibernate by default
+#   apt: name=gnome-shell-extension-suspend-button state=latest # noqa package-latest
 
 - name: gnome desktop
   apt:
@@ -8,24 +8,32 @@
       - cups
       - ssh-askpass-gnome
       - gnome-shell-extension-dashtodock
-    state: latest
+    state: latest # noqa package-latest
 
 - name: make sure /etc/dconf/profile/ exists
-  file: path=/etc/dconf/profile/ state=directory recurse=yes
+  file:
+    path: /etc/dconf/profile/
+    state: directory
+    recurse: true
 
 - name: prepare for gnome customized defaults
   copy:
     src: user
     dest: /etc/dconf/profile/user
+    mode: 0644
   notify: update dconf
 
 - name: make sure /etc/dconf/db/local.d/ exists
-  file: path=/etc/dconf/db/local.d/ state=directory recurse=yes
+  file:
+    path: /etc/dconf/db/local.d/
+    state: directory
+    recurse: true
 
 - name: modify gnome defaults
   copy:
     src: defaults
     dest: /etc/dconf/db/local.d/defaults
+    mode: 0644
   notify: update dconf
 
 ## Bug #698504
diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
index 74f7e1f..5ce612c 100644
--- a/roles/kde/tasks/main.yml
+++ b/roles/kde/tasks/main.yml
@@ -4,9 +4,9 @@
       - task-kde-desktop
       - sddm-theme-debian-breeze
       - cups
-    state: latest
+    state: latest # noqa package-latest
+
 
-    
 ## Bug #698504
 - name: allow print job management
   replace:
diff --git a/roles/kiosk/handlers/main.yml b/roles/kiosk/handlers/main.yml
index 7c9de36..cacbe56 100644
--- a/roles/kiosk/handlers/main.yml
+++ b/roles/kiosk/handlers/main.yml
@@ -5,26 +5,15 @@
 - name: reload NetworkManager
   when: not run_in_installer|default(false)|bool
   systemd:
-    daemon_reload: yes
+    daemon_reload: true
     name: NetworkManager
     state: reloaded
-    enabled: yes
+    enabled: true
   listen: reload NetworkManager
 
-# fails in installer with stretch, workaround below:
-#- name: enable tmp.mount
-#  systemd:
-#    daemon_reload: yes
-#    name: tmp.mount
-#    enabled: yes
-
-- name: make sure local-fs.target.wants exists
-  file: path=/etc/systemd/system/local-fs.target.wants/ state=directory
-  listen: enable tmp.mount
-
 - name: enable tmp.mount
-  file:
-    src: /etc/systemd/system/tmp.mount
-    dest: /etc/systemd/system/local-fs.target.wants/tmp.mount
-    state: link
+  systemd:
+    daemon_reload: true
+    name: tmp.mount
+    enabled: true
   listen: enable tmp.mount
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
index 60ab55e..accf9b8 100644
--- a/roles/kiosk/tasks/main.yml
+++ b/roles/kiosk/tasks/main.yml
@@ -9,37 +9,40 @@
 
 ## gdm3:
 - name: enable auto login in gdm3
-  when: gdm3.stat.exists == true
   lineinfile:
     dest: /etc/gdm3/daemon.conf
     insertafter: '^#\s*AutomaticLoginEnable = true'
     line: 'AutomaticLoginEnable = true'
+  when: gdm3.stat.exists
 
 - name: auto login user in gdm3
-  when: gdm3.stat.exists == true
   lineinfile:
     dest: /etc/gdm3/daemon.conf
     insertafter: '^#\s*AutomaticLogin = '
     line: 'AutomaticLogin = {{ auto_user }}'
+  when: gdm3.stat.exists
 
 ## sddm/KDE:
 - name: enable auto login in sddm
-  when: sddm.stat.exists == true
+  when: sddm.stat.exists
   template:
     src: sddm.conf.j2
     dest: /etc/sddm.conf
+    mode: 0644
 
 - name: kde global defaults
-  when: sddm.stat.exists == true
+  when: sddm.stat.exists
   copy:
     src: kde5rc
     dest: /etc/kde5rc
+    mode: 0644
 
 - name: modify kde screen lock
-  when: sddm.stat.exists == true
+  when: sddm.stat.exists
   copy:
     src: kscreenlockerrc
     dest: /etc/xdg/kscreenlockerrc
+    mode: 0644
 
 ########
 
@@ -49,7 +52,7 @@
     dest: /etc/default/grub
     regexp: '^(GRUB_CMDLINE_LINUX=)""'
     line: '\1"video=SVIDEO-1:d"'
-    backrefs: yes
+    backrefs: true
   notify: update grub
 
 - name: grub timeout
@@ -57,7 +60,7 @@
     dest: /etc/default/grub
     regexp: '^(GRUB_TIMEOUT=).*'
     line: '\g<1>1'
-    backrefs: yes
+    backrefs: true
   notify: update grub
 
 - name: keyboard compose key
@@ -65,7 +68,7 @@
     dest: /etc/default/keyboard
     regexp: '^(XKBOPTIONS=).*'
     line: '\1"compose:caps"'
-    backrefs: yes
+    backrefs: true
 
 - name: hibernate when lid is closed
   lineinfile:
@@ -74,9 +77,11 @@
     line: 'HandleLidSwitch=hibernate'
 
 - name: tmp on tmpfs
-  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
-  args:
-    creates: /etc/systemd/system/tmp.mount
+  copy:
+    src: /usr/share/systemd/tmp.mount
+    dest: /etc/systemd/system/tmp.mount
+    mode: 0644
+    remote_src: true
   notify: enable tmp.mount
 
 - name: mount tmpfs on /home/{{ auto_user }}
@@ -92,19 +97,19 @@
     name: "{{ auto_user }}"
     comment: "Autologin Debian User,,,"
     shell: /bin/bash
-    createhome: no
+    createhome: false
     password: '*'
 
 - name: check if NetworkManager is installed
   stat: path=/etc/NetworkManager/system-connections
-  register: NetworkManager
+  register: networkmanager
 
 - name: add wifi config
-  when: NetworkManager.stat.exists == true
   template:
     src: wifi.j2
     dest: /etc/NetworkManager/system-connections/{{ wifi_ssid }}
     owner: root
     group: root
-    mode: '0600'
+    mode: 0600
+  when: networkmanager.stat.exists
   notify: reload NetworkManager
diff --git a/roles/krb5-kdc-ldap/meta/main.yml b/roles/krb5-kdc-ldap/meta/main.yml
index b19fb35..36ca9ba 100644
--- a/roles/krb5-kdc-ldap/meta/main.yml
+++ b/roles/krb5-kdc-ldap/meta/main.yml
@@ -1,3 +1,3 @@
 ---
-dependencies:
+dependencies: # noqa meta-no-info
   - role: ldap
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 76646b9..50a3f39 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -1,7 +1,8 @@
 ## Install and configure krb5-kdc-ldap (if not done yet),
 ##  run most tasks only on krb5-kdc-ldap installation.
 ---
-- fail: msg="The machine's domain must not be empty."
+- name: check that domain name is available
+  fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
 - name: check if krb5kdc is already there
@@ -12,19 +13,26 @@
   template:
     src: krb5.conf.j2
     dest: /etc/krb5.conf
+    mode: 0644
 
 - name: make sure krb5kdc exists
-  file: path=/etc/krb5kdc state=directory recurse=yes
+  file:
+    path: /etc/krb5kdc
+    state: directory
+    recurse: true
+    mode: 0755
 
 - name: prepare kdc.conf
   template:
     src: kdc.conf.j2
     dest: /etc/krb5kdc/kdc.conf
+    mode: 0644
 
 - name: prepare kadm5.acl
   template:
     src: kadm5.acl.j2
     dest: /etc/krb5kdc/kadm5.acl
+    mode: 0644
   notify: "restart krb5-admin-server"
 
 - name: install krb5-kdc-ldap and krb5-admin-server
@@ -32,7 +40,7 @@
     name:
       - krb5-kdc-ldap
       - krb5-admin-server
-    state: latest
+    state: latest # noqa package-latest
 
 - name: prepare kerberos.openldap.ldif
   shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
@@ -126,12 +134,12 @@
       - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
     state: exact
 
-- name: prepare password for kdc
+- name: prepare password for kdc # noqa risky-shell-pipe
   shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
-- name: prepare password for kadmin
+- name: prepare password for kadmin # noqa risky-shell-pipe
   shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
@@ -196,7 +204,7 @@
   replace:
     path: /etc/hosts
     regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1	kerberos'
+    replace: '\1 kerberos'
   when: not krb5kdc.stat.exists
 
 ########################
@@ -212,8 +220,8 @@
   firewalld:
     zone: internal
     service: "{{ item }}"
-    permanent: yes
-    immediate: yes
+    permanent: true
+    immediate: true
     state: enabled
   with_items:
     - kerberos
diff --git a/roles/lan-client/defaults/main.yml b/roles/lan-client/defaults/main.yml
index 81690e1..29dadef 100644
--- a/roles/lan-client/defaults/main.yml
+++ b/roles/lan-client/defaults/main.yml
@@ -1,4 +1,4 @@
-lan_homes:  /home/lan
+lan_homes: /home/lan
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 ldap_server: ldap
 krb_server: kerberos
diff --git a/roles/lan-client/handlers/main.yml b/roles/lan-client/handlers/main.yml
index 66f15d5..ec063a1 100644
--- a/roles/lan-client/handlers/main.yml
+++ b/roles/lan-client/handlers/main.yml
@@ -4,12 +4,12 @@
 
 - name: reload systemd
   systemd:
-    daemon_reload: yes
+    daemon_reload: true
   listen: "reload systemd"
 
 - name: restart rpc-gssd
   systemd:
     name: rpc-gssd
-    daemon_reload: yes
+    daemon_reload: true
     state: restarted
   notify: "restart rpc-gssd"
diff --git a/roles/lan-client/tasks/main.yml b/roles/lan-client/tasks/main.yml
index e394016..adaee16 100644
--- a/roles/lan-client/tasks/main.yml
+++ b/roles/lan-client/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
-- fail: msg="The machine's domain must not be empty."
+- name: check if domain name is available
+  fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
 - name: preseed krb5-config realm
@@ -31,7 +32,7 @@
       - sssd-krb5
       - sssd-ldap
       - nfs-common
-    state: latest
+    state: latest # noqa package-latest
 
 - name: add URI to ldap.conf
   lineinfile:
@@ -48,7 +49,7 @@
 - name: enable pam_umask
   lineinfile:
     dest: /etc/pam.d/common-session
-    line: "session optional	pam_umask.so usergroups"
+    line: "session optional pam_umask.so usergroups"
 
 ## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
 
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
index e126f1e..32da1a2 100644
--- a/roles/ldap/defaults/main.yml
+++ b/roles/ldap/defaults/main.yml
@@ -1,9 +1,9 @@
 ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd chars=ascii_letters,digits length=32') }}"
 ldap_admin_pwd_file: "/root/ldap-admin.pwd"
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-TLSCertificateFile: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
-TLSCertificateKeyFile: "/etc/ssl/private/ssl-cert-snakeoil.key"
-lan_homes:  /home/lan
+certpub: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+certpriv: "/etc/ssl/private/ssl-cert-snakeoil.key"
+lan_homes: /home/lan
 min_id: 10000
 max_id: 20000
 ldapuser_gid: 8000
diff --git a/roles/ldap/handlers/main.cfg b/roles/ldap/handlers/main.cfg
new file mode 100644
index 0000000..93bbc44
--- /dev/null
+++ b/roles/ldap/handlers/main.cfg
@@ -0,0 +1,4 @@
+---
+- name: restart slapd
+  systemd: name=slapd state=restarted
+  listen: restart slapd
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 4d0c307..25bcf84 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -1,6 +1,7 @@
 ## Install and configure slapd.
 ---
-- fail: msg="The machine's domain must not be empty."
+- name: check if domain name is available
+  fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
 - name: check if slapd is already set up
@@ -87,6 +88,6 @@
   firewalld:
     zone: internal
     service: ldap
-    permanent: yes
-    immediate: yes
+    permanent: true
+    immediate: true
     state: enabled
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
index d5ccfbe..9bbf5e9 100644
--- a/roles/ldap/tasks/setup.yml
+++ b/roles/ldap/tasks/setup.yml
@@ -3,7 +3,7 @@
 - name: preseed ldap domain
   debconf:
     name: slapd
-    question:  slapd/domain
+    question: slapd/domain
     value: "{{ ansible_domain }}"
     vtype: string
 
@@ -24,7 +24,9 @@
   no_log: true
 
 - name: dump admin password
-  shell: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
+  shell:
+    cmd: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
+    creates: "{{ ldap_admin_pwd_file }}"
   no_log: true
 
 - name: install packages for LDAP
@@ -35,37 +37,35 @@
       - ldapvi
       - python3-ldap
       - ssl-cert
-    state: latest
+    state: latest # noqa package-latest
 
 - name: add openldap to the ssl-cert group
   user:
     name: openldap
     groups: ssl-cert
-    append: yes
-  register: ssl_cert_group
-
-- name: restart slapd
-  systemd: name=slapd state=restarted
-  when: ssl_cert_group.changed
+    append: true
+  notify: restart slapd
 
 - name: make initial slapd configuration available
   copy:
     src: slapd-config.ldif
     dest: /etc/ldap/slapd.d/
+    mode: 0644
 
 - name: make slapd TLS configuration available
   template:
     src: slapd-TLS.ldif
     dest: /etc/ldap/slapd.d/
+    mode: 0644
 
 - name: activate ppolicy schema
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif # noqa no-changed-when
 
 - name: initialize slapd if it has just been installed
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
+  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif # noqa no-changed-when
 
 - name: configure LDAP TLS
-  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif
+  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif # noqa no-changed-when
 
 - name: add URI to ldap.conf
   lineinfile:
@@ -83,7 +83,7 @@
   replace:
     path: /etc/ldap/ldap.conf
     regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
-    replace: '#\1\nTLS_CACERT\t{{ TLSCertificateFile }}'
+    replace: '#\1\nTLS_CACERT\t{{ certpub }}'
 
 - name: enable pam-mkhomedir
   command: pam-auth-update --enable mkhomedir
diff --git a/roles/ldap/templates/slapd-TLS.ldif b/roles/ldap/templates/slapd-TLS.ldif
index e94216f..236841f 100644
--- a/roles/ldap/templates/slapd-TLS.ldif
+++ b/roles/ldap/templates/slapd-TLS.ldif
@@ -2,8 +2,8 @@
 dn: cn=config
 changetype: modify
 add: olcTLSCertificateFile
-olcTLSCertificateFile: {{ TLSCertificateFile }}
+olcTLSCertificateFile: {{ certpub }}
 -
 add: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: {{ TLSCertificateKeyFile }}
+olcTLSCertificateKeyFile: {{ certpriv }}
 -
diff --git a/roles/low-power/handlers/main.yml b/roles/low-power/handlers/main.yml
index 601c75f..c0c1c9a 100644
--- a/roles/low-power/handlers/main.yml
+++ b/roles/low-power/handlers/main.yml
@@ -1,5 +1,5 @@
 - name: enable powertop timer
   systemd:
     name: powertop.timer
-    enabled: yes
+    enabled: true
   listen: "enable powertop timer"
diff --git a/roles/low-power/tasks/main.yml b/roles/low-power/tasks/main.yml
index 7a2edd8..a4fc825 100644
--- a/roles/low-power/tasks/main.yml
+++ b/roles/low-power/tasks/main.yml
@@ -1,5 +1,5 @@
 - name: install some packages
-  apt: name={{ item }} state=latest
+  apt: name={{ item }} state=latest # noqa package-latest
   with_items:
     - powertop
 
@@ -7,9 +7,11 @@
   copy:
     src: powertop.service
     dest: /etc/systemd/system/powertop.service
+    mode: 0644
 
 - name: install powertop.timer
   copy:
     src: powertop.timer
     dest: /etc/systemd/system/powertop.timer
+    mode: 0644
   notify: enable powertop timer
diff --git a/roles/netboot-installer/tasks/main.yml b/roles/netboot-installer/tasks/main.yml
index e2e88bc..4902791 100644
--- a/roles/netboot-installer/tasks/main.yml
+++ b/roles/netboot-installer/tasks/main.yml
@@ -2,6 +2,7 @@
   file:
     path: "{{ tftp_root }}/d-i/{{ di_dist }}"
     state: directory
+    mode: 0755
 
 - name: install di-netboot-assistant and installer package
   apt:
@@ -16,11 +17,12 @@
   copy:
     src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
-    force: no
-    remote_src: yes
+    mode: 0644
+    force: false
+    remote_src: true
 
 - name: make the hostname resolvable from the LAN
   replace:
     path: /etc/hosts
     regexp: '^(127\.0\.1\.1.*)$'
-    replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }}	{{ ansible_hostname }}.{{ ansible_domain }}	{{ ansible_hostname }}'
+    replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }} {{ ansible_hostname }}.{{ ansible_domain }} {{ ansible_hostname }}'
diff --git a/roles/nextcloud-upgrade/handlers/main.yml b/roles/nextcloud-upgrade/handlers/main.yml
new file mode 100644
index 0000000..dfe1270
--- /dev/null
+++ b/roles/nextcloud-upgrade/handlers/main.yml
@@ -0,0 +1,14 @@
+---
+## DB fixes (only on upgrade)
+- name: add missing indices, columns and convert filecache
+  command: "{{ item }}"
+  args:
+    chdir: "{{ nc_dir }}"
+    warn: false
+  register: cmd_result
+  changed_when: cmd_result.stdout is search("updated successfully")
+  with_items:
+    - "sudo -u www-data php ./occ db:add-missing-indices"
+    - "sudo -u www-data php ./occ db:add-missing-columns"
+    - "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
+  listen: update and fix data base
diff --git a/roles/nextcloud-upgrade/tasks/main.yml b/roles/nextcloud-upgrade/tasks/main.yml
index 497c9aa..7d6d0a5 100644
--- a/roles/nextcloud-upgrade/tasks/main.yml
+++ b/roles/nextcloud-upgrade/tasks/main.yml
@@ -1,18 +1,18 @@
 ---
-
 - name: check/run upgrade
   command: sudo -u www-data php updater.phar --no-interaction
   args:
     chdir: "{{ nc_dir }}/updater"
-    warn: False
+    warn: false
   register: upgrade_result
   changed_when: upgrade_result.stdout is not search('Nothing to do.')
+  notify: update and fix data base
 
 - name: update apps
   command: "sudo -u www-data php ./occ app:update --all"
   args:
     chdir: "{{ nc_dir }}"
-    warn: False
+    warn: false
   register: cmd_result
   changed_when: cmd_result.stdout | length > 0
 
@@ -20,36 +20,8 @@
   command: "sudo -u www-data php ./occ app:install {{ item }}"
   args:
     chdir: "{{ nc_dir }}"
-    warn: False
+    warn: false
   with_items: "{{ nc_apps }}"
   register: cmd_result
   changed_when: cmd_result.stdout is not search('already installed')
-  failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
-
-## DB fixes (only on upgrade)
-- name: add missing indices
-  command: "sudo -u www-data php ./occ db:add-missing-indices"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is search('table updated successfully')
-  when: upgrade_result.changed | default(true)
-
-- name: add missing columns
-  command: "sudo -u www-data php ./occ db:add-missing-columns"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is search('table updated successfully')
-  when: upgrade_result.changed | default(true)
-
-- name: convert filecache to bigint
-  command: "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: False
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('tables already up to date')
-  when: upgrade_result.changed | default(true)
+  failed_when: cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index a4dfa67..be2e996 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -4,4 +4,4 @@ nc_admin_pwd_file: "/root/nc-admin.pwd"
 www_root: "/var/www"
 nc_dir: "{{ www_root }}/nextcloud"
 data_dir: "/var/nc-data"
-allow_download: False
+allow_download: false
diff --git a/roles/nextcloud/handlers/main.yml b/roles/nextcloud/handlers/main.yml
index f514172..2446778 100644
--- a/roles/nextcloud/handlers/main.yml
+++ b/roles/nextcloud/handlers/main.yml
@@ -14,5 +14,5 @@
   systemd:
     name: nextcloudcron.timer
     state: started
-    enabled: True
+    enabled: true
   listen: "enable nextcloudcron.timer"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 5506349..25c6163 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -5,8 +5,10 @@
   register: nextcloud
 
 - name: check for nextcloud archive
-  local_action: stat path=nextcloud.tar.bz2
-  become: No
+  stat:
+    path: nextcloud.tar.bz2
+  become: false
+  delegate_to: localhost
   register: nc_archive
   when: not nextcloud.stat.exists
 
@@ -45,7 +47,7 @@
       - php-xml
       - php-zip
       - unzip
-    state: latest
+    state: latest # noqa package-latest
 
 - name: disable apache modules
   apache2_module:
@@ -68,10 +70,10 @@
     - http2
   notify: "restart apache2"
 
-- name: find php version
+- name: find php version # noqa risky-shell-pipe
   shell: ls /etc/php/ | sort | tail -1
   register: php_ver
-  changed_when: False
+  changed_when: false
 
 - name: enable php-fpm conf
   command: a2enconf php{{ php_ver.stdout }}-fpm
@@ -85,10 +87,14 @@
     regexp: "{{ item.regex }}"
     replace: "{{ item.replace }}"
   with_items:
-    - { regex: "^pm.max_children = .*$", replace: "pm.max_children = 10" }
-    - { regex: "^pm.start_servers = .*$", replace: "pm.start_servers = 4" }
-    - { regex: "^pm.min_spare_servers = .*$", replace: "pm.min_spare_servers = 2" }
-    - { regex: "^pm.max_spare_servers = .*$", replace: "pm.max_spare_servers = 6" }
+    - regex: "^pm.max_children = .*$"
+      replace: "pm.max_children = 10"
+    - regex: "^pm.start_servers = .*$"
+      replace: "pm.start_servers = 4"
+    - regex: "^pm.min_spare_servers = .*$"
+      replace: "pm.min_spare_servers = 2"
+    - regex: "^pm.max_spare_servers = .*$"
+      replace: "pm.max_spare_servers = 6"
   notify: "restart php-fpm"
 
 - name: increase php memory limit
@@ -102,6 +108,7 @@
   copy:
     src: nextcloud.conf
     dest: /etc/apache2/sites-available/nextcloud.conf
+    mode: 0644
   notify: "restart apache2"
 
 - name: enable nextcloud site
@@ -123,6 +130,7 @@
   file:
     path: "{{ data_dir }}"
     state: directory
+    mode: 0770
     owner: www-data
     group: www-data
 
@@ -140,7 +148,7 @@
     dest: "{{ www_root }}"
     owner: www-data
     group: www-data
-    remote_src: Yes
+    remote_src: true
   when: not nextcloud.stat.exists and run_in_installer|default(false)|bool
 
 - name: unpack provided nextcloud archive
@@ -184,19 +192,19 @@
       --data-dir "{{ data_dir }}"
   args:
     chdir: "{{ nc_dir }}"
-  no_log: True
+  no_log: true
   when: not nextcloud.stat.exists
 
 - name: dump nc-admin password
   shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
-  no_log: True
+  no_log: true
   when: not nextcloud.stat.exists
 
 - name: enable APCu memcache
   command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu'
   args:
     chdir: "{{ nc_dir }}"
-    warn: False
+    warn: false
   when: not nextcloud.stat.exists
 
 - name: enable acpu for nextcloud updates
@@ -208,7 +216,7 @@
   command: sudo -u www-data php ./occ config:system:set trusted_domains {{ item[0] }} --value='{{ item[1] }}'
   args:
     chdir: "{{ nc_dir }}"
-    warn: False
+    warn: false
   when: not nextcloud.stat.exists
   loop:
     - [1, '192.168.*.*']
@@ -220,6 +228,7 @@
   copy:
     src: "{{ item }}"
     dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
   with_items:
     - nextcloudcron.service
     - nextcloudcron.timer
@@ -229,8 +238,8 @@
   firewalld:
     interface: "{{ ansible_default_ipv4.interface }}"
     zone: public
-    permanent: Yes
-    immediate: Yes
+    permanent: true
+    immediate: true
     state: enabled
   when: not run_in_installer|default(false)|bool
 
@@ -242,8 +251,8 @@
   firewalld:
     zone: public
     service: https
-    permanent: Yes
-    immediate: Yes
+    permanent: true
+    immediate: true
     state: enabled
   when: not run_in_installer|default(false)|bool
 
@@ -257,7 +266,7 @@
 - name: install libapache2-mod-auth-gssapi
   apt:
     name: libapache2-mod-auth-gssapi
-    state: latest
+    state: latest # noqa package-latest
   when: "'kerberize' in role_names"
   notify: "restart apache2"
 
@@ -267,8 +276,8 @@
     dest: /etc/krb5.keytab.http
     group: www-data
     mode: "0640"
-    remote_src: yes
-    force: no
+    remote_src: true
+    force: false
   when: "'kerberize' in role_names"
   notify: "restart apache2"
 
@@ -276,6 +285,7 @@
   copy:
     src: krb5-nextcloud.conf
     dest: /etc/apache2/sites-available/krb5-nextcloud.conf
+    mode: 0644
   when: "'kerberize' in role_names"
   notify: "restart apache2"
 
@@ -290,8 +300,8 @@
   firewalld:
     zone: internal
     service: https
-    permanent: Yes
-    immediate: Yes
+    permanent: true
+    immediate: true
     state: enabled
   when: not run_in_installer|default(false)|bool and 'kerberize' in role_names
 
@@ -303,7 +313,7 @@
   command: sudo -u www-data php ./occ config:system:set trusted_domains 2 --value='{{ ansible_hostname }}.{{ ansible_domain }}'
   args:
     chdir: "{{ nc_dir }}"
-    warn: False
+    warn: false
   when: not nextcloud.stat.exists and 'kerberize' in role_names
 
 
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
index 456b8e5..4aea529 100644
--- a/roles/nfs-server/defaults/main.yml
+++ b/roles/nfs-server/defaults/main.yml
@@ -1,5 +1,5 @@
 export_root: /srv/nfs4
-lan_homes:  /home/lan
+lan_homes: /home/lan
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 min_id: 10000
 min_id_sssd: 5000
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index eaab5bb..65ad478 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -1,6 +1,7 @@
 ## Install and configure nfs-server
 ---
-- fail: msg="The machine's domain must not be empty."
+- name: check if ansible domain is nonempty
+  fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
 - name: check if we are installing
@@ -11,7 +12,7 @@
   apt:
     name:
       - nfs-kernel-server
-    state: latest
+    state: latest # noqa package-latest # noqa package-latest
 
 - name: make sure the export paths exists
   file: path={{ export_root }}/home/ state=directory recurse=yes
@@ -33,7 +34,7 @@
   replace:
     path: /etc/hosts
     regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1	nfs'
+    replace: '\1 nfs'
   when: not exports.stat.exists
 
 - name: check if there is a local kadmin
@@ -55,7 +56,7 @@
       - sssd-krb5
       - sssd-ldap
       - sssd-tools     ##  sss_cache -U -G
-    state: latest
+    state: latest # noqa package-latest
   when: kadmin.stat.exists
 
 - name: provide identities from directory
@@ -80,6 +81,7 @@
   template:
     src: dhcp-send-domain.j2
     dest: /etc/dnsmasq.d/dhcp-send-domain
+    mode: 0644
   notify: "restart dnsmasq"
   when: dnsmasq.stat.exists
 
@@ -87,6 +89,6 @@
   firewalld:
     zone: internal
     service: nfs
-    permanent: yes
-    immediate: yes
+    permanent: true
+    immediate: true
     state: enabled
diff --git a/roles/prepare4clients/handlers/main.yml b/roles/prepare4clients/handlers/main.yml
index 3d30c45..dc6f9ad 100644
--- a/roles/prepare4clients/handlers/main.yml
+++ b/roles/prepare4clients/handlers/main.yml
@@ -1,7 +1,7 @@
 - name: start git-repo
   systemd:
-    daemon_reload: yes
+    daemon_reload: true
     name: git-repo
     state: started
-    enabled: yes
+    enabled: true
   listen: start git-repo
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index f1fbc97..d5679e0 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -1,13 +1,13 @@
 - name: make sure ansible is available
   apt:
     name: ansible
-    state: latest
+    state: latest # noqa package-latest
 
 - name: generate ssh key
   command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
   args:
     creates: "/home/{{ ansible_user }}/.ssh/id_rsa"
-    warn: False
+    warn: false
 
 - name: slurp public key
   slurp:
@@ -15,7 +15,8 @@
   register: sshpubkey
 
 # The following seems to be necessary to get rid of a newline:
-- set_fact:
+- name: define variable
+  set_fact:
     sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
 
 - name: enable backports in preseed file
@@ -87,12 +88,15 @@
     block: |
       # Use a temporary package cache during installation, install etckeeper.
       menuentry 'Debian stable (amd64) + temporary package cache' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper \
+                   preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
       menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
@@ -128,7 +132,8 @@
     insertbefore: EOF
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
     marker: "# {mark} ANSIBLE MANAGED BLOCK kerberox-client"
@@ -161,13 +166,16 @@
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed + sambox-client.yml' {
          regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} \
+                   playbook=sambox-client.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
       menuentry 'Debian daily (amd64) + preseed + sambox-client.yml' {
          regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
+         linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} \
+                   url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
          initrd  /d-i/n-a/daily/amd64/initrd.gz
       }
     marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
@@ -181,7 +189,7 @@
   git:
     repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
     dest: "{{ repo_dir }}"
-    update: no
+    update: false
   become_user: "{{ ansible_user }}"
   when: not run_in_installer|default(false)|bool
 
@@ -189,6 +197,7 @@
   template:
     src: git-repo.j2
     dest: "/etc/systemd/system/git-repo.service"
+    mode: 0644
   notify: start git-repo
   when: not run_in_installer|default(false)|bool
 
@@ -197,7 +206,8 @@
 - name: add clients to inventory
   blockinfile:
     dest: /etc/ansible/hosts
-    create: yes
+    create: true
+    mode: 0644
     block: |
       [kerberox-client]
       {{ in_inventory }}
diff --git a/roles/samba-ldap/handlers/main.yml b/roles/samba-ldap/handlers/main.yml
index 99844ab..aef70e4 100644
--- a/roles/samba-ldap/handlers/main.yml
+++ b/roles/samba-ldap/handlers/main.yml
@@ -5,4 +5,3 @@
 - name: restart smbd
   service: name=smbd state=restarted enabled=yes
   listen: "restart smbd"
-
diff --git a/roles/samba-ldap/meta/main.yml b/roles/samba-ldap/meta/main.yml
index b19fb35..36ca9ba 100644
--- a/roles/samba-ldap/meta/main.yml
+++ b/roles/samba-ldap/meta/main.yml
@@ -1,3 +1,3 @@
 ---
-dependencies:
+dependencies: # noqa meta-no-info
   - role: ldap
diff --git a/roles/samba-ldap/tasks/main.yml b/roles/samba-ldap/tasks/main.yml
index cf0e871..e272ee2 100644
--- a/roles/samba-ldap/tasks/main.yml
+++ b/roles/samba-ldap/tasks/main.yml
@@ -9,8 +9,7 @@
     name:
       - samba
       - sssd-ldap
-    state: latest
-
+    state: latest # noqa package-latest
 
 - name: provide identities from LDAP
   template:
@@ -19,8 +18,8 @@
     mode: 0600
   notify: restart sssd
 
-- meta: flush_handlers
-
+- name: flush all handlers
+  meta: flush_handlers
 
 - name: prepare samba schema
   command: cp /usr/share/doc/samba/examples/LDAP/samba.ldif /etc/ldap/schema/
@@ -87,8 +86,8 @@
 - name: slurp admin password for samba setup
   slurp:
     src: "{{ ldap_admin_pwd_file }}"
-  register: ldap_admin_pwd 
-  no_log: true  
+  register: ldap_admin_pwd
+  no_log: true
   when: not samba_ldap.stat.exists
 
 - name: make samba admin password available to smbd
@@ -97,9 +96,10 @@
   notify: restart smbd
   when: not samba_ldap.stat.exists
 
-- meta: flush_handlers
+- name: flush all handlers
+  meta: flush_handlers
 
-- name: add samba attributes to dummy user foo 
+- name: add samba attributes to dummy user foo
   command:
     cmd: smbpasswd -s -a foo
     stdin: "{{ foo_pwd }}\n{{ foo_pwd }}"
@@ -111,8 +111,8 @@
   firewalld:
     zone: internal
     service: "{{ item }}"
-    permanent: yes
-    immediate: yes
+    permanent: true
+    immediate: true
     state: enabled
   with_items:
     - samba
diff --git a/roles/samba-ldap/templates/sssd.conf.j2 b/roles/samba-ldap/templates/sssd.conf.j2
index c5c4187..6e6ac14 100644
--- a/roles/samba-ldap/templates/sssd.conf.j2
+++ b/roles/samba-ldap/templates/sssd.conf.j2
@@ -19,5 +19,5 @@ cache_credentials = true
 min_id = {{ min_id_sssd }}
 max_id = {{ max_id_sssd }}
 
-## remove this after providing propper certificates: 
+## remove this after providing propper certificates:
 ldap_tls_reqcert = allow
diff --git a/roles/smb-sshfs-client/handlers/main.yml b/roles/smb-sshfs-client/handlers/main.yml
index 3c18dd6..d54b258 100644
--- a/roles/smb-sshfs-client/handlers/main.yml
+++ b/roles/smb-sshfs-client/handlers/main.yml
@@ -4,6 +4,5 @@
 
 - name: reload systemd
   systemd:
-    daemon_reload: yes
+    daemon_reload: true
   listen: "reload systemd"
-
diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smb-sshfs-client/tasks/main.yml
index 0aaedde..4dcf1e1 100644
--- a/roles/smb-sshfs-client/tasks/main.yml
+++ b/roles/smb-sshfs-client/tasks/main.yml
@@ -3,10 +3,10 @@
   apt:
     name:
       - sssd-ldap
-      - libpam-mount  
+      - libpam-mount
       - cifs-utils
-      - sshfs  
-    state: latest
+      - sshfs
+    state: latest # noqa package-latest
 
 - name: add URI to ldap.conf
   lineinfile:
@@ -23,7 +23,7 @@
 - name: enable pam_umask
   lineinfile:
     dest: /etc/pam.d/common-session
-    line: "session optional	pam_umask.so usergroups"
+    line: "session optional pam_umask.so usergroups"
 
 - name: provide identities from directory
   template:
@@ -65,4 +65,6 @@
 
 ## gnome-keyring fails with sshfs:
 - name: disable gnome-keyring-daemon
-  command: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.distrib --rename /usr/bin/gnome-keyring-daemon
+  command:
+    cmd: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.distrib --rename /usr/bin/gnome-keyring-daemon
+    creates: /usr/bin/gnome-keyring-daemon.distrib
diff --git a/roles/systemd-networkd-resolved/handlers/main.yml b/roles/systemd-networkd-resolved/handlers/main.yml
index 6084965..457c60b 100644
--- a/roles/systemd-networkd-resolved/handlers/main.yml
+++ b/roles/systemd-networkd-resolved/handlers/main.yml
@@ -1,14 +1,14 @@
 - name: restart and enable systemd-networkd
   systemd:
     name: systemd-networkd
-    enabled: yes
+    enabled: true
     state: restarted
-    daemon_reload: yes
+    daemon_reload: true
   listen: "start and enable systemd-networkd"
 
 - name: start and enable systemd-resolved
   systemd:
     name: systemd-resolved
-    enabled: yes
+    enabled: true
     state: started
   listen: "start and enable systemd-resolved"
diff --git a/roles/systemd-networkd-resolved/tasks/main.yml b/roles/systemd-networkd-resolved/tasks/main.yml
index 3033c67..2918d11 100644
--- a/roles/systemd-networkd-resolved/tasks/main.yml
+++ b/roles/systemd-networkd-resolved/tasks/main.yml
@@ -7,19 +7,20 @@
   copy:
     src: all-eth.network
     dest: /etc/systemd/network/all-eth.network
+    mode: 0644
   notify: "start and enable systemd-networkd"
 
-#- name: install static configuration for networkd
-#  template:
-#    src: 20-static.network.j2
-#    dest: /etc/systemd/network/20-static.network
-#  notify: "enable systemd-networkd"
+# - name: install static configuration for networkd
+#   template:
+#     src: 20-static.network.j2
+#     dest: /etc/systemd/network/20-static.network
+#   notify: "enable systemd-networkd"
 
 - name: enable local stub resolver
   file:
     src: /run/systemd/resolve/stub-resolv.conf
     dest: /etc/resolv.conf
     state: link
-    follow: False
-    force: yes
+    follow: false
+    force: true
   notify: "start and enable systemd-resolved"
diff --git a/roles/systemd-networkd-resolved/templates/20-static.network.j2 b/roles/systemd-networkd-resolved/templates/20-static.network.j2
index 04195a9..fbdc83b 100644
--- a/roles/systemd-networkd-resolved/templates/20-static.network.j2
+++ b/roles/systemd-networkd-resolved/templates/20-static.network.j2
@@ -4,4 +4,4 @@ Name={{ if_lan }}
 [Network]
 Address={{ ipaddr }}
 Gateway={{ gateway }}
-DNS={{ DNS }}
+DNS={{ dns }}
diff --git a/roles/transparent-squid/tasks/main.yml b/roles/transparent-squid/tasks/main.yml
index d5df254..63f1199 100644
--- a/roles/transparent-squid/tasks/main.yml
+++ b/roles/transparent-squid/tasks/main.yml
@@ -1,7 +1,7 @@
 - name: install squid package
   apt:
     name: squid
-    state: latest
+    state: latest # noqa package-latest
 
 - name: configure squid extra lines
   lineinfile:
@@ -9,11 +9,16 @@
     line: "{{ item.line }}"
     insertafter: "{{ item.insertafter }}"
   with_items:
-    - { line: "http_access allow localnet", insertafter: "#http_access allow localnet" }
-    - { line: "http_port 3129 intercept", insertafter: "http_port 3128" }
-    - { line: "maximum_object_size_in_memory 10240 KB", insertafter: "# maximum_object_size_in_memory" }
-    - { line: "maximum_object_size 512 MB", insertafter: "# maximum_object_size" }
-    - { line: "cache_dir aufs /var/spool/squid 20000 16 256", insertafter: "#cache_dir ufs /var/spool/squid" }
+    - line: "http_access allow localnet"
+      insertafter: "#http_access allow localnet"
+    - line: "http_port 3129 intercept"
+      insertafter: "http_port 3128"
+    - line: "maximum_object_size_in_memory 10240 KB"
+      insertafter: "# maximum_object_size_in_memory"
+    - line: "maximum_object_size 512 MB"
+      insertafter: "# maximum_object_size"
+    - line: "cache_dir aufs /var/spool/squid 20000 16 256"
+      insertafter: "#cache_dir ufs /var/spool/squid"
   notify: "restart squid"
 
 - name: configure squid store IDs
@@ -29,6 +34,7 @@
   copy:
     src: store_id_regex.conf
     dest: /etc/squid/store_id_regex.conf
+    mode: 0644
   notify: "restart squid"
 
 - name: configure squid as package cache
@@ -53,5 +59,5 @@
 - name: redirect www traffic in shorewall
   lineinfile:
     dest: /etc/shorewall/rules
-    line: "REDIRECT	loc		3129		tcp	www"
+    line: "REDIRECT loc 3129 tcp www"
   notify: "restart shorewall"
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/two-interface-firewalld/tasks/main.yml
index a5e9850..c21b90c 100644
--- a/roles/two-interface-firewalld/tasks/main.yml
+++ b/roles/two-interface-firewalld/tasks/main.yml
@@ -2,13 +2,15 @@
   template:
     src: interfaces-static.j2
     dest: /etc/network/interfaces.d/static
+    mode: 0644
   notify: "bring up LAN interface"
 
 - name: install firewalld package
-  apt: name=firewalld state=latest
+  apt: name=firewalld state=latest # noqa package-latest
   notify: "start firewalld"
 
-- meta: flush_handlers
+- name: flush all handlers
+  meta: flush_handlers
 
 
 ## Do not run the following in the installer:
@@ -17,7 +19,7 @@
   firewalld:
     zone: public
     interface: "{{ if_wan }}"
-    permanent: yes
+    permanent: true
     state: enabled
     immediate: true
   when: not run_in_installer|default(false)|bool
@@ -26,7 +28,7 @@
   firewalld:
     zone: public
     masquerade: 'yes'
-    permanent: yes
+    permanent: true
     state: enabled
     immediate: true
   when: not run_in_installer|default(false)|bool
@@ -35,7 +37,7 @@
   firewalld:
     zone: internal
     interface: "{{ if_lan }}"
-    permanent: yes
+    permanent: true
     state: enabled
     immediate: true
   when: not run_in_installer|default(false)|bool
@@ -44,7 +46,7 @@
   firewalld:
     zone: internal
     service: "{{ item }}"
-    permanent: yes
+    permanent: true
     state: enabled
     immediate: true
   with_items:
diff --git a/roles/two-interface-shorewall/tasks/main.yml b/roles/two-interface-shorewall/tasks/main.yml
index e92f99c..0974a2e 100644
--- a/roles/two-interface-shorewall/tasks/main.yml
+++ b/roles/two-interface-shorewall/tasks/main.yml
@@ -2,10 +2,11 @@
   template:
     src: interfaces-static.j2
     dest: /etc/network/interfaces.d/static
+    mode: 0644
   notify: restart networking
 
 - name: install shorewall packages
-  apt: name=shorewall state=latest
+  apt: name=shorewall state=latest # noqa package-latest
 
 - name: copy shorewall configuration
   command: cp {{ item }} /etc/shorewall/
@@ -24,7 +25,7 @@
 - name: find files in /etc/shorewall/
   find:
     paths: /etc/shorewall/
-    use_regex: yes
+    use_regex: true
     pattern: '.+[^~]$'
     contains: '.*(eth0|eth1).*'
   register: find_result
@@ -35,7 +36,7 @@
     dest: "{{ item.path }}"
     regexp: 'eth0'
     replace: "{{ if_wan }}"
-    backup: yes
+    backup: true
   with_items: "{{ find_result.files }}"
   notify: restart shorewall
 
@@ -44,7 +45,7 @@
     dest: "{{ item.path }}"
     regexp: 'eth1'
     replace: "{{ if_lan }}"
-    backup: yes
+    backup: true
   with_items: "{{ find_result.files }}"
   notify: restart shorewall
 
@@ -53,7 +54,7 @@
     dest: /etc/shorewall/shorewall.conf
     regexp: 'IP_FORWARDING=Keep'
     replace: 'IP_FORWARDING=Yes'
-    backup: yes
+    backup: true
   notify: restart shorewall
 
 - name: configure shorewall policy
@@ -61,7 +62,7 @@
     dest: /etc/shorewall/policy
     regexp: 'loc(\s+)net(\s+)ACCEPT'
     replace: 'loc\1all\2ACCEPT\n$FW\1all\2ACCEPT'
-    backup: yes
+    backup: true
   notify: restart shorewall
 
 - name: configure shorewall rules
@@ -69,5 +70,5 @@
     dest: /etc/shorewall/rules
     regexp: '(SSH\(ACCEPT\)\s+)loc(\s+\$FW)'
     replace: '\1all\2'
-    backup: yes
+    backup: true
   notify: restart shorewall
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date-debian/tasks/main.yml
index cd11949..d28bc9e 100644
--- a/roles/up2date-debian/tasks/main.yml
+++ b/roles/up2date-debian/tasks/main.yml
@@ -2,36 +2,36 @@
 
 - name: update apt package lists
   apt:
-    update_cache: yes
+    update_cache: true
     cache_valid_time: 86400
 
 - name: upgrade packages
   apt:
     upgrade: dist
-    autoremove: yes
-    autoclean: yes
+    autoremove: true
+    autoclean: true
 
 - name: install etckeeper
   apt:
     name: etckeeper
-    state: latest
+    state: latest # noqa package-latest
 
 - name: install extra packages from stable
   apt:
     name: "{{ extra_pkgs }}"
-    state: latest
+    state: latest # noqa package-latest
   when: extra_pkgs|length
 
 - name: add {{ ansible_distribution_release }}-backports
   apt_repository:
     repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
     state: present
-    update_cache: yes
+    update_cache: true
   when: extra_pkgs_bpo|length
 
 - name: install extra packages from backports
   apt:
     name: "{{ extra_pkgs_bpo }}"
-    state: latest
+    state: latest # noqa package-latest
     default_release: "{{ ansible_distribution_release }}-backports"
   when: extra_pkgs_bpo|length
diff --git a/roles/web-server/tasks/main.yml b/roles/web-server/tasks/main.yml
index c0d073c..f6b46a8 100644
--- a/roles/web-server/tasks/main.yml
+++ b/roles/web-server/tasks/main.yml
@@ -1,5 +1,5 @@
 - name: install some packages
-  apt: name={{ item }} state=latest
+  apt: name={{ item }} state=latest # noqa package-latest
   with_items:
     - unattended-upgrades
     - screen
diff --git a/sambox-client.yml b/sambox-client.yml
index 8b63293..305f81c 100644
--- a/sambox-client.yml
+++ b/sambox-client.yml
@@ -4,7 +4,7 @@
 - name: apply configuration to the machines
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
   vars:
     extra_pkgs:
       - webext-privacy-badger
@@ -16,5 +16,5 @@
     - up2date-debian
     - smb-sshfs-client
     ## Choose either gnome or KDE:
-    #- gnome
-    #- kde
+    # - gnome
+    # - kde
diff --git a/sambox.yml b/sambox.yml
index a8efcc1..465a5d8 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -1,13 +1,13 @@
 ---
 ## This playbook deploys the sambox server.  Add 'hostname=XXX' and 'domain=YYY'
 ## to the installer boot parameters to set hostname and domain.
-## 
+##
 
 
 - name: apply configuration to the sambox server
   hosts: all
   remote_user: ansible
-  become: yes
+  become: true
 
   vars:
     ## This interface provides the default route:
@@ -22,11 +22,11 @@
     ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
     ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
     dhcp_start: 192.168.0.50
-    dhcp_stop:  192.168.0.150
+    dhcp_stop: 192.168.0.150
     in_inventory: 192.168.0.[50:150]
 
     di_dist: "{{ ansible_distribution_release }}"
-    di_version: 10  #"{{ ansible_distribution_major_version }}"
+    di_version: 10  # "{{ ansible_distribution_major_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
 
     ansible_user: ansible
@@ -40,7 +40,7 @@
         In case you would like to prepare a test user 'foo' and have
         not done so yet, provide foo's password here.  Leave empty to
         just continue
-      private: yes
+      private: true
 
 
   pre_tasks:

From 4d791a65f119e4a3ac1001a15bcab9d43898f337 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 13:51:56 +0200
Subject: [PATCH 199/504] Fix installbox.

---
 installbox.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/installbox.yml b/installbox.yml
index 81ddb59..a87f8b7 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -17,7 +17,9 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    dhcp_range: 192.168.0.50,192.168.0.99,2h
+    dhcp_start: 192.168.0.50
+    dhcp_stop: 192.168.0.150
+    in_inventory: 192.168.0.[50:150]
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"

From 1db0b6ec318b2d66f6bbb198069ea99b183bad67 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 14:27:44 +0200
Subject: [PATCH 200/504] Rename some roles to make ansible-lint happy.

---
 cloudbox.yml                                         | 12 ++++++------
 edubox.yml                                           |  4 ++--
 installbox.yml                                       |  8 ++++----
 kerberox-client.yml                                  |  4 ++--
 kerberox.yml                                         | 12 ++++++------
 kiosk.yml                                            |  2 +-
 roles/{apt-cacher => aptcacher}/files/apt.conf       |  0
 roles/{apt-cacher => aptcacher}/handlers/main.yml    |  0
 roles/{apt-cacher => aptcacher}/tasks/main.yml       |  0
 roles/{ddns-update => ddnsupdate}/files/ddns-update  |  0
 .../files/ddns-update.service                        |  0
 .../files/ddns-update.timer                          |  0
 roles/{ddns-update => ddnsupdate}/handlers/main.yml  |  0
 roles/{ddns-update => ddnsupdate}/tasks/main.yml     |  0
 .../templates/ddns-update.conf.j2                    |  0
 .../{dns-dhcp-tftp => dnsdhcptftp}/defaults/main.yml |  0
 .../{dns-dhcp-tftp => dnsdhcptftp}/handlers/main.yml |  0
 roles/{dns-dhcp-tftp => dnsdhcptftp}/tasks/main.yml  |  0
 .../templates/db.intern.j2                           |  0
 .../templates/db.lan.j2                              |  0
 .../templates/dhcpd.conf.j2                          |  0
 .../templates/localzones.j2                          |  0
 .../templates/resolv.conf.j2                         |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../templates/interfaces-static.j2                   |  0
 .../{krb5-kdc-ldap => krb5kdcldap}/defaults/main.yml |  0
 .../{krb5-kdc-ldap => krb5kdcldap}/handlers/main.yml |  0
 roles/{krb5-kdc-ldap => krb5kdcldap}/meta/main.yml   |  0
 roles/{krb5-kdc-ldap => krb5kdcldap}/tasks/main.yml  |  0
 .../templates/kadm5.acl.j2                           |  0
 .../templates/kdc.conf.j2                            |  0
 .../templates/krb5.conf.j2                           |  0
 roles/{lan-client => lanclient}/defaults/main.yml    |  0
 roles/{lan-client => lanclient}/handlers/main.yml    |  0
 roles/{lan-client => lanclient}/tasks/main.yml       |  0
 .../{lan-client => lanclient}/templates/sssd.conf.j2 |  0
 roles/{low-power => lowpower}/files/powertop.service |  0
 roles/{low-power => lowpower}/files/powertop.timer   |  0
 roles/{low-power => lowpower}/handlers/main.yml      |  0
 roles/{low-power => lowpower}/tasks/main.yml         |  0
 .../defaults/main.yml                                |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../files/all-eth.network                            |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../templates/20-static.network.j2                   |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 roles/{nfs-server => nfsserver}/defaults/main.yml    |  0
 roles/{nfs-server => nfsserver}/handlers/main.yml    |  0
 roles/{nfs-server => nfsserver}/tasks/main.yml       |  0
 .../templates/dhcp-send-domain.j2                    |  0
 .../{nfs-server => nfsserver}/templates/sssd.conf.j2 |  0
 roles/{samba-ldap => sambaldap}/defaults/main.yml    |  0
 roles/{samba-ldap => sambaldap}/handlers/main.yml    |  0
 roles/{samba-ldap => sambaldap}/meta/main.yml        |  0
 roles/{samba-ldap => sambaldap}/tasks/main.yml       |  0
 .../{samba-ldap => sambaldap}/templates/sssd.conf.j2 |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../templates/interfaces-static.j2                   |  0
 .../defaults/main.yml                                |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../templates/sssd.conf.j2                           |  0
 .../files/store_id_regex.conf                        |  0
 .../handlers/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 .../defaults/main.yml                                |  0
 .../tasks/main.yml                                   |  0
 roles/{web-server => webserver}/tasks/main.yml       |  0
 sambox-client.yml                                    |  4 ++--
 sambox.yml                                           | 12 ++++++------
 75 files changed, 29 insertions(+), 29 deletions(-)
 rename roles/{apt-cacher => aptcacher}/files/apt.conf (100%)
 rename roles/{apt-cacher => aptcacher}/handlers/main.yml (100%)
 rename roles/{apt-cacher => aptcacher}/tasks/main.yml (100%)
 rename roles/{ddns-update => ddnsupdate}/files/ddns-update (100%)
 rename roles/{ddns-update => ddnsupdate}/files/ddns-update.service (100%)
 rename roles/{ddns-update => ddnsupdate}/files/ddns-update.timer (100%)
 rename roles/{ddns-update => ddnsupdate}/handlers/main.yml (100%)
 rename roles/{ddns-update => ddnsupdate}/tasks/main.yml (100%)
 rename roles/{ddns-update => ddnsupdate}/templates/ddns-update.conf.j2 (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/defaults/main.yml (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/handlers/main.yml (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/tasks/main.yml (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/templates/db.intern.j2 (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/templates/db.lan.j2 (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/templates/dhcpd.conf.j2 (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/templates/localzones.j2 (100%)
 rename roles/{dns-dhcp-tftp => dnsdhcptftp}/templates/resolv.conf.j2 (100%)
 rename roles/{two-interface-firewalld => firewalld2if}/handlers/main.yml (100%)
 rename roles/{two-interface-firewalld => firewalld2if}/tasks/main.yml (100%)
 rename roles/{two-interface-firewalld => firewalld2if}/templates/interfaces-static.j2 (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/defaults/main.yml (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/handlers/main.yml (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/meta/main.yml (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/tasks/main.yml (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/templates/kadm5.acl.j2 (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/templates/kdc.conf.j2 (100%)
 rename roles/{krb5-kdc-ldap => krb5kdcldap}/templates/krb5.conf.j2 (100%)
 rename roles/{lan-client => lanclient}/defaults/main.yml (100%)
 rename roles/{lan-client => lanclient}/handlers/main.yml (100%)
 rename roles/{lan-client => lanclient}/tasks/main.yml (100%)
 rename roles/{lan-client => lanclient}/templates/sssd.conf.j2 (100%)
 rename roles/{low-power => lowpower}/files/powertop.service (100%)
 rename roles/{low-power => lowpower}/files/powertop.timer (100%)
 rename roles/{low-power => lowpower}/handlers/main.yml (100%)
 rename roles/{low-power => lowpower}/tasks/main.yml (100%)
 rename roles/{netboot-installer => netbootinstaller}/defaults/main.yml (100%)
 rename roles/{netboot-installer => netbootinstaller}/handlers/main.yml (100%)
 rename roles/{netboot-installer => netbootinstaller}/tasks/main.yml (100%)
 rename roles/{systemd-networkd-resolved => networkdresolved}/files/all-eth.network (100%)
 rename roles/{systemd-networkd-resolved => networkdresolved}/handlers/main.yml (100%)
 rename roles/{systemd-networkd-resolved => networkdresolved}/tasks/main.yml (100%)
 rename roles/{systemd-networkd-resolved => networkdresolved}/templates/20-static.network.j2 (100%)
 rename roles/{nextcloud-upgrade => nextcloudupgrade}/handlers/main.yml (100%)
 rename roles/{nextcloud-upgrade => nextcloudupgrade}/tasks/main.yml (100%)
 rename roles/{nfs-server => nfsserver}/defaults/main.yml (100%)
 rename roles/{nfs-server => nfsserver}/handlers/main.yml (100%)
 rename roles/{nfs-server => nfsserver}/tasks/main.yml (100%)
 rename roles/{nfs-server => nfsserver}/templates/dhcp-send-domain.j2 (100%)
 rename roles/{nfs-server => nfsserver}/templates/sssd.conf.j2 (100%)
 rename roles/{samba-ldap => sambaldap}/defaults/main.yml (100%)
 rename roles/{samba-ldap => sambaldap}/handlers/main.yml (100%)
 rename roles/{samba-ldap => sambaldap}/meta/main.yml (100%)
 rename roles/{samba-ldap => sambaldap}/tasks/main.yml (100%)
 rename roles/{samba-ldap => sambaldap}/templates/sssd.conf.j2 (100%)
 rename roles/{two-interface-shorewall => shorewall2if}/handlers/main.yml (100%)
 rename roles/{two-interface-shorewall => shorewall2if}/tasks/main.yml (100%)
 rename roles/{two-interface-shorewall => shorewall2if}/templates/interfaces-static.j2 (100%)
 rename roles/{smb-sshfs-client => smbsshfsclient}/defaults/main.yml (100%)
 rename roles/{smb-sshfs-client => smbsshfsclient}/handlers/main.yml (100%)
 rename roles/{smb-sshfs-client => smbsshfsclient}/tasks/main.yml (100%)
 rename roles/{smb-sshfs-client => smbsshfsclient}/templates/sssd.conf.j2 (100%)
 rename roles/{transparent-squid => transparentsquid}/files/store_id_regex.conf (100%)
 rename roles/{transparent-squid => transparentsquid}/handlers/main.yml (100%)
 rename roles/{transparent-squid => transparentsquid}/tasks/main.yml (100%)
 rename roles/{up2date-debian => up2date_debian}/defaults/main.yml (100%)
 rename roles/{up2date-debian => up2date_debian}/tasks/main.yml (100%)
 rename roles/{web-server => webserver}/tasks/main.yml (100%)

diff --git a/cloudbox.yml b/cloudbox.yml
index 0a78efc..de52ea5 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -27,11 +27,11 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
-    - up2date-debian
-#    - ddns-update
-#    - low-power
+    - up2date_debian
+#    - ddnsupdate
+#    - lowpower
     - nextcloud
-    - nextcloud-upgrade
+    - nextcloudupgrade
 #    - backup
 
 ## Hosts in the the 'only_nextcloud'-group are only upgraded:
@@ -48,5 +48,5 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
-    - up2date-debian
-    - nextcloud-upgrade
+    - up2date_debian
+    - nextcloudupgrade
diff --git a/edubox.yml b/edubox.yml
index 06ca4fe..5bcea15 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -67,6 +67,6 @@
         enabled: true
 
   roles:
-    - up2date-debian
+    - up2date_debian
     - educontainer
-    - systemd-networkd-resolved
+    - networkdresolved
diff --git a/installbox.yml b/installbox.yml
index a87f8b7..e4155f2 100644
--- a/installbox.yml
+++ b/installbox.yml
@@ -38,9 +38,9 @@
 
 
   roles:
-    - up2date-debian
-    - two-interface-firewalld
+    - up2date_debian
+    - firewalld2if
     - dnsmasq
-    - netboot-installer
-    - apt-cacher
+    - netbootinstaller
+    - aptcacher
     - prepare4clients
diff --git a/kerberox-client.yml b/kerberox-client.yml
index 695c3a1..567676e 100644
--- a/kerberox-client.yml
+++ b/kerberox-client.yml
@@ -19,8 +19,8 @@
       private: true
 
   roles:
-    - up2date-debian
-    - lan-client
+    - up2date_debian
+    - lanclient
     - kerberize
     ## Choose either gnome or KDE:
     # - gnome
diff --git a/kerberox.yml b/kerberox.yml
index 976db14..e2194b0 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -45,14 +45,14 @@
 
 
   roles:
-    - up2date-debian
-    - two-interface-firewalld
-    - netboot-installer
+    - up2date_debian
+    - firewalld2if
+    - netbootinstaller
     - dnsmasq
-    - apt-cacher
-    - role: krb5-kdc-ldap
+    - aptcacher
+    - role: krb5kdcldap
       when: not run_in_installer|default(false)|bool
-    - role: nfs-server
+    - role: nfsserver
       when: not run_in_installer|default(false)|bool
     - prepare4clients
     - kerberize
diff --git a/kiosk.yml b/kiosk.yml
index 076e42d..4e2126f 100644
--- a/kiosk.yml
+++ b/kiosk.yml
@@ -15,7 +15,7 @@
     extra_pkgs_bpo: []  # [ libreoffice ]
 
   roles:
-    - up2date-debian
+    - up2date_debian
     ## Choose either gnome or KDE:
     - gnome
     # - kde
diff --git a/roles/apt-cacher/files/apt.conf b/roles/aptcacher/files/apt.conf
similarity index 100%
rename from roles/apt-cacher/files/apt.conf
rename to roles/aptcacher/files/apt.conf
diff --git a/roles/apt-cacher/handlers/main.yml b/roles/aptcacher/handlers/main.yml
similarity index 100%
rename from roles/apt-cacher/handlers/main.yml
rename to roles/aptcacher/handlers/main.yml
diff --git a/roles/apt-cacher/tasks/main.yml b/roles/aptcacher/tasks/main.yml
similarity index 100%
rename from roles/apt-cacher/tasks/main.yml
rename to roles/aptcacher/tasks/main.yml
diff --git a/roles/ddns-update/files/ddns-update b/roles/ddnsupdate/files/ddns-update
similarity index 100%
rename from roles/ddns-update/files/ddns-update
rename to roles/ddnsupdate/files/ddns-update
diff --git a/roles/ddns-update/files/ddns-update.service b/roles/ddnsupdate/files/ddns-update.service
similarity index 100%
rename from roles/ddns-update/files/ddns-update.service
rename to roles/ddnsupdate/files/ddns-update.service
diff --git a/roles/ddns-update/files/ddns-update.timer b/roles/ddnsupdate/files/ddns-update.timer
similarity index 100%
rename from roles/ddns-update/files/ddns-update.timer
rename to roles/ddnsupdate/files/ddns-update.timer
diff --git a/roles/ddns-update/handlers/main.yml b/roles/ddnsupdate/handlers/main.yml
similarity index 100%
rename from roles/ddns-update/handlers/main.yml
rename to roles/ddnsupdate/handlers/main.yml
diff --git a/roles/ddns-update/tasks/main.yml b/roles/ddnsupdate/tasks/main.yml
similarity index 100%
rename from roles/ddns-update/tasks/main.yml
rename to roles/ddnsupdate/tasks/main.yml
diff --git a/roles/ddns-update/templates/ddns-update.conf.j2 b/roles/ddnsupdate/templates/ddns-update.conf.j2
similarity index 100%
rename from roles/ddns-update/templates/ddns-update.conf.j2
rename to roles/ddnsupdate/templates/ddns-update.conf.j2
diff --git a/roles/dns-dhcp-tftp/defaults/main.yml b/roles/dnsdhcptftp/defaults/main.yml
similarity index 100%
rename from roles/dns-dhcp-tftp/defaults/main.yml
rename to roles/dnsdhcptftp/defaults/main.yml
diff --git a/roles/dns-dhcp-tftp/handlers/main.yml b/roles/dnsdhcptftp/handlers/main.yml
similarity index 100%
rename from roles/dns-dhcp-tftp/handlers/main.yml
rename to roles/dnsdhcptftp/handlers/main.yml
diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dnsdhcptftp/tasks/main.yml
similarity index 100%
rename from roles/dns-dhcp-tftp/tasks/main.yml
rename to roles/dnsdhcptftp/tasks/main.yml
diff --git a/roles/dns-dhcp-tftp/templates/db.intern.j2 b/roles/dnsdhcptftp/templates/db.intern.j2
similarity index 100%
rename from roles/dns-dhcp-tftp/templates/db.intern.j2
rename to roles/dnsdhcptftp/templates/db.intern.j2
diff --git a/roles/dns-dhcp-tftp/templates/db.lan.j2 b/roles/dnsdhcptftp/templates/db.lan.j2
similarity index 100%
rename from roles/dns-dhcp-tftp/templates/db.lan.j2
rename to roles/dnsdhcptftp/templates/db.lan.j2
diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dnsdhcptftp/templates/dhcpd.conf.j2
similarity index 100%
rename from roles/dns-dhcp-tftp/templates/dhcpd.conf.j2
rename to roles/dnsdhcptftp/templates/dhcpd.conf.j2
diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dnsdhcptftp/templates/localzones.j2
similarity index 100%
rename from roles/dns-dhcp-tftp/templates/localzones.j2
rename to roles/dnsdhcptftp/templates/localzones.j2
diff --git a/roles/dns-dhcp-tftp/templates/resolv.conf.j2 b/roles/dnsdhcptftp/templates/resolv.conf.j2
similarity index 100%
rename from roles/dns-dhcp-tftp/templates/resolv.conf.j2
rename to roles/dnsdhcptftp/templates/resolv.conf.j2
diff --git a/roles/two-interface-firewalld/handlers/main.yml b/roles/firewalld2if/handlers/main.yml
similarity index 100%
rename from roles/two-interface-firewalld/handlers/main.yml
rename to roles/firewalld2if/handlers/main.yml
diff --git a/roles/two-interface-firewalld/tasks/main.yml b/roles/firewalld2if/tasks/main.yml
similarity index 100%
rename from roles/two-interface-firewalld/tasks/main.yml
rename to roles/firewalld2if/tasks/main.yml
diff --git a/roles/two-interface-firewalld/templates/interfaces-static.j2 b/roles/firewalld2if/templates/interfaces-static.j2
similarity index 100%
rename from roles/two-interface-firewalld/templates/interfaces-static.j2
rename to roles/firewalld2if/templates/interfaces-static.j2
diff --git a/roles/krb5-kdc-ldap/defaults/main.yml b/roles/krb5kdcldap/defaults/main.yml
similarity index 100%
rename from roles/krb5-kdc-ldap/defaults/main.yml
rename to roles/krb5kdcldap/defaults/main.yml
diff --git a/roles/krb5-kdc-ldap/handlers/main.yml b/roles/krb5kdcldap/handlers/main.yml
similarity index 100%
rename from roles/krb5-kdc-ldap/handlers/main.yml
rename to roles/krb5kdcldap/handlers/main.yml
diff --git a/roles/krb5-kdc-ldap/meta/main.yml b/roles/krb5kdcldap/meta/main.yml
similarity index 100%
rename from roles/krb5-kdc-ldap/meta/main.yml
rename to roles/krb5kdcldap/meta/main.yml
diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5kdcldap/tasks/main.yml
similarity index 100%
rename from roles/krb5-kdc-ldap/tasks/main.yml
rename to roles/krb5kdcldap/tasks/main.yml
diff --git a/roles/krb5-kdc-ldap/templates/kadm5.acl.j2 b/roles/krb5kdcldap/templates/kadm5.acl.j2
similarity index 100%
rename from roles/krb5-kdc-ldap/templates/kadm5.acl.j2
rename to roles/krb5kdcldap/templates/kadm5.acl.j2
diff --git a/roles/krb5-kdc-ldap/templates/kdc.conf.j2 b/roles/krb5kdcldap/templates/kdc.conf.j2
similarity index 100%
rename from roles/krb5-kdc-ldap/templates/kdc.conf.j2
rename to roles/krb5kdcldap/templates/kdc.conf.j2
diff --git a/roles/krb5-kdc-ldap/templates/krb5.conf.j2 b/roles/krb5kdcldap/templates/krb5.conf.j2
similarity index 100%
rename from roles/krb5-kdc-ldap/templates/krb5.conf.j2
rename to roles/krb5kdcldap/templates/krb5.conf.j2
diff --git a/roles/lan-client/defaults/main.yml b/roles/lanclient/defaults/main.yml
similarity index 100%
rename from roles/lan-client/defaults/main.yml
rename to roles/lanclient/defaults/main.yml
diff --git a/roles/lan-client/handlers/main.yml b/roles/lanclient/handlers/main.yml
similarity index 100%
rename from roles/lan-client/handlers/main.yml
rename to roles/lanclient/handlers/main.yml
diff --git a/roles/lan-client/tasks/main.yml b/roles/lanclient/tasks/main.yml
similarity index 100%
rename from roles/lan-client/tasks/main.yml
rename to roles/lanclient/tasks/main.yml
diff --git a/roles/lan-client/templates/sssd.conf.j2 b/roles/lanclient/templates/sssd.conf.j2
similarity index 100%
rename from roles/lan-client/templates/sssd.conf.j2
rename to roles/lanclient/templates/sssd.conf.j2
diff --git a/roles/low-power/files/powertop.service b/roles/lowpower/files/powertop.service
similarity index 100%
rename from roles/low-power/files/powertop.service
rename to roles/lowpower/files/powertop.service
diff --git a/roles/low-power/files/powertop.timer b/roles/lowpower/files/powertop.timer
similarity index 100%
rename from roles/low-power/files/powertop.timer
rename to roles/lowpower/files/powertop.timer
diff --git a/roles/low-power/handlers/main.yml b/roles/lowpower/handlers/main.yml
similarity index 100%
rename from roles/low-power/handlers/main.yml
rename to roles/lowpower/handlers/main.yml
diff --git a/roles/low-power/tasks/main.yml b/roles/lowpower/tasks/main.yml
similarity index 100%
rename from roles/low-power/tasks/main.yml
rename to roles/lowpower/tasks/main.yml
diff --git a/roles/netboot-installer/defaults/main.yml b/roles/netbootinstaller/defaults/main.yml
similarity index 100%
rename from roles/netboot-installer/defaults/main.yml
rename to roles/netbootinstaller/defaults/main.yml
diff --git a/roles/netboot-installer/handlers/main.yml b/roles/netbootinstaller/handlers/main.yml
similarity index 100%
rename from roles/netboot-installer/handlers/main.yml
rename to roles/netbootinstaller/handlers/main.yml
diff --git a/roles/netboot-installer/tasks/main.yml b/roles/netbootinstaller/tasks/main.yml
similarity index 100%
rename from roles/netboot-installer/tasks/main.yml
rename to roles/netbootinstaller/tasks/main.yml
diff --git a/roles/systemd-networkd-resolved/files/all-eth.network b/roles/networkdresolved/files/all-eth.network
similarity index 100%
rename from roles/systemd-networkd-resolved/files/all-eth.network
rename to roles/networkdresolved/files/all-eth.network
diff --git a/roles/systemd-networkd-resolved/handlers/main.yml b/roles/networkdresolved/handlers/main.yml
similarity index 100%
rename from roles/systemd-networkd-resolved/handlers/main.yml
rename to roles/networkdresolved/handlers/main.yml
diff --git a/roles/systemd-networkd-resolved/tasks/main.yml b/roles/networkdresolved/tasks/main.yml
similarity index 100%
rename from roles/systemd-networkd-resolved/tasks/main.yml
rename to roles/networkdresolved/tasks/main.yml
diff --git a/roles/systemd-networkd-resolved/templates/20-static.network.j2 b/roles/networkdresolved/templates/20-static.network.j2
similarity index 100%
rename from roles/systemd-networkd-resolved/templates/20-static.network.j2
rename to roles/networkdresolved/templates/20-static.network.j2
diff --git a/roles/nextcloud-upgrade/handlers/main.yml b/roles/nextcloudupgrade/handlers/main.yml
similarity index 100%
rename from roles/nextcloud-upgrade/handlers/main.yml
rename to roles/nextcloudupgrade/handlers/main.yml
diff --git a/roles/nextcloud-upgrade/tasks/main.yml b/roles/nextcloudupgrade/tasks/main.yml
similarity index 100%
rename from roles/nextcloud-upgrade/tasks/main.yml
rename to roles/nextcloudupgrade/tasks/main.yml
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfsserver/defaults/main.yml
similarity index 100%
rename from roles/nfs-server/defaults/main.yml
rename to roles/nfsserver/defaults/main.yml
diff --git a/roles/nfs-server/handlers/main.yml b/roles/nfsserver/handlers/main.yml
similarity index 100%
rename from roles/nfs-server/handlers/main.yml
rename to roles/nfsserver/handlers/main.yml
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfsserver/tasks/main.yml
similarity index 100%
rename from roles/nfs-server/tasks/main.yml
rename to roles/nfsserver/tasks/main.yml
diff --git a/roles/nfs-server/templates/dhcp-send-domain.j2 b/roles/nfsserver/templates/dhcp-send-domain.j2
similarity index 100%
rename from roles/nfs-server/templates/dhcp-send-domain.j2
rename to roles/nfsserver/templates/dhcp-send-domain.j2
diff --git a/roles/nfs-server/templates/sssd.conf.j2 b/roles/nfsserver/templates/sssd.conf.j2
similarity index 100%
rename from roles/nfs-server/templates/sssd.conf.j2
rename to roles/nfsserver/templates/sssd.conf.j2
diff --git a/roles/samba-ldap/defaults/main.yml b/roles/sambaldap/defaults/main.yml
similarity index 100%
rename from roles/samba-ldap/defaults/main.yml
rename to roles/sambaldap/defaults/main.yml
diff --git a/roles/samba-ldap/handlers/main.yml b/roles/sambaldap/handlers/main.yml
similarity index 100%
rename from roles/samba-ldap/handlers/main.yml
rename to roles/sambaldap/handlers/main.yml
diff --git a/roles/samba-ldap/meta/main.yml b/roles/sambaldap/meta/main.yml
similarity index 100%
rename from roles/samba-ldap/meta/main.yml
rename to roles/sambaldap/meta/main.yml
diff --git a/roles/samba-ldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
similarity index 100%
rename from roles/samba-ldap/tasks/main.yml
rename to roles/sambaldap/tasks/main.yml
diff --git a/roles/samba-ldap/templates/sssd.conf.j2 b/roles/sambaldap/templates/sssd.conf.j2
similarity index 100%
rename from roles/samba-ldap/templates/sssd.conf.j2
rename to roles/sambaldap/templates/sssd.conf.j2
diff --git a/roles/two-interface-shorewall/handlers/main.yml b/roles/shorewall2if/handlers/main.yml
similarity index 100%
rename from roles/two-interface-shorewall/handlers/main.yml
rename to roles/shorewall2if/handlers/main.yml
diff --git a/roles/two-interface-shorewall/tasks/main.yml b/roles/shorewall2if/tasks/main.yml
similarity index 100%
rename from roles/two-interface-shorewall/tasks/main.yml
rename to roles/shorewall2if/tasks/main.yml
diff --git a/roles/two-interface-shorewall/templates/interfaces-static.j2 b/roles/shorewall2if/templates/interfaces-static.j2
similarity index 100%
rename from roles/two-interface-shorewall/templates/interfaces-static.j2
rename to roles/shorewall2if/templates/interfaces-static.j2
diff --git a/roles/smb-sshfs-client/defaults/main.yml b/roles/smbsshfsclient/defaults/main.yml
similarity index 100%
rename from roles/smb-sshfs-client/defaults/main.yml
rename to roles/smbsshfsclient/defaults/main.yml
diff --git a/roles/smb-sshfs-client/handlers/main.yml b/roles/smbsshfsclient/handlers/main.yml
similarity index 100%
rename from roles/smb-sshfs-client/handlers/main.yml
rename to roles/smbsshfsclient/handlers/main.yml
diff --git a/roles/smb-sshfs-client/tasks/main.yml b/roles/smbsshfsclient/tasks/main.yml
similarity index 100%
rename from roles/smb-sshfs-client/tasks/main.yml
rename to roles/smbsshfsclient/tasks/main.yml
diff --git a/roles/smb-sshfs-client/templates/sssd.conf.j2 b/roles/smbsshfsclient/templates/sssd.conf.j2
similarity index 100%
rename from roles/smb-sshfs-client/templates/sssd.conf.j2
rename to roles/smbsshfsclient/templates/sssd.conf.j2
diff --git a/roles/transparent-squid/files/store_id_regex.conf b/roles/transparentsquid/files/store_id_regex.conf
similarity index 100%
rename from roles/transparent-squid/files/store_id_regex.conf
rename to roles/transparentsquid/files/store_id_regex.conf
diff --git a/roles/transparent-squid/handlers/main.yml b/roles/transparentsquid/handlers/main.yml
similarity index 100%
rename from roles/transparent-squid/handlers/main.yml
rename to roles/transparentsquid/handlers/main.yml
diff --git a/roles/transparent-squid/tasks/main.yml b/roles/transparentsquid/tasks/main.yml
similarity index 100%
rename from roles/transparent-squid/tasks/main.yml
rename to roles/transparentsquid/tasks/main.yml
diff --git a/roles/up2date-debian/defaults/main.yml b/roles/up2date_debian/defaults/main.yml
similarity index 100%
rename from roles/up2date-debian/defaults/main.yml
rename to roles/up2date_debian/defaults/main.yml
diff --git a/roles/up2date-debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
similarity index 100%
rename from roles/up2date-debian/tasks/main.yml
rename to roles/up2date_debian/tasks/main.yml
diff --git a/roles/web-server/tasks/main.yml b/roles/webserver/tasks/main.yml
similarity index 100%
rename from roles/web-server/tasks/main.yml
rename to roles/webserver/tasks/main.yml
diff --git a/sambox-client.yml b/sambox-client.yml
index 305f81c..5588c82 100644
--- a/sambox-client.yml
+++ b/sambox-client.yml
@@ -13,8 +13,8 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
-    - up2date-debian
-    - smb-sshfs-client
+    - up2date_debian
+    - smbsshfsclient
     ## Choose either gnome or KDE:
     # - gnome
     # - kde
diff --git a/sambox.yml b/sambox.yml
index 465a5d8..9954225 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -51,10 +51,10 @@
 
 
   roles:
-    - up2date-debian
-    - two-interface-firewalld
-    - netboot-installer
-    - dns-dhcp-tftp
-    - apt-cacher
-    - samba-ldap
+    - up2date_debian
+    - firewalld2if
+    - netbootinstaller
+    - dnsdhcptftp
+    - aptcacher
+    - sambaldap
     - prepare4clients

From 8eb7c935027b74d77e542c87e6ac7696ee0d586c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 15:10:39 +0200
Subject: [PATCH 201/504] More ansible-lint cleanup.

---
 roles/prepare4clients/tasks/main.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index d5679e0..643e98c 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -101,7 +101,8 @@
       }
 
       #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
-      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical \
+      #             url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
       #   initrd  /d-i/n-a/daily/amd64/initrd.gz
       #}
     marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
@@ -185,7 +186,7 @@
 ######################
 
 
-- name: provide git repo if not available already
+- name: provide git repo if not available already # noqa git-latest
   git:
     repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
     dest: "{{ repo_dir }}"

From f550f530c66b82298a809d82fc97391bb55d12b7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 17:26:29 +0200
Subject: [PATCH 202/504] Fix cloudbox.

---
 cloudbox.yml                   | 5 +++--
 roles/nextcloud/tasks/main.yml | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/cloudbox.yml b/cloudbox.yml
index de52ea5..f67342f 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -2,7 +2,8 @@
 # This playbook deploys the cloudbox on a minimal installation.
 
 - name: apply configuration to the cloudbox
-  hosts: cloudboxes
+  # hosts: cloudboxes ## 'all' is needed to make ansible-pull work
+  hosts: all
   remote_user: ansible
   become: true
   vars:
@@ -15,7 +16,7 @@
     ## 'nc_download' and 'nc_checksum' are only
     ## used for ansible-pull during installation:
     nc_download: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
-    nc_checksum: "sha256:770faf34b8f0d81273623daed4d64ec7919c38dfeb07328b613058addbed19c0"
+    nc_checksum: "sha256:d32a8f6c4722a45cb67de7018163cfafcfa22a871fbac0f623c3875fa4304e5a"
     nc_apps:
       - calendar
       - notes
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 25c6163..565682e 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -160,7 +160,7 @@
   when: not nextcloud.stat.exists and not run_in_installer|default(false)|bool
 
 - name: start mariadb during installation
-  command: /etc/init.d/mysql start
+  command: /etc/init.d/mariadb start
   when: run_in_installer|default(false)|bool
 
 - name: create database with name 'nextcloud'

From f3d2d5ca9b958612101618d34d7440d46c57711a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 17:35:36 +0200
Subject: [PATCH 203/504] Add 'cloudbox' to installbox examples.

---
 roles/dnsmasq/templates/dnsmasq-dhcp.j2 |  2 +-
 roles/prepare4clients/tasks/main.yml    | 25 +++++++++++++++++++------
 2 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/roles/dnsmasq/templates/dnsmasq-dhcp.j2 b/roles/dnsmasq/templates/dnsmasq-dhcp.j2
index 29f73dd..77201cf 100644
--- a/roles/dnsmasq/templates/dnsmasq-dhcp.j2
+++ b/roles/dnsmasq/templates/dnsmasq-dhcp.j2
@@ -1,3 +1,3 @@
 interface={{ if_lan }}
 dhcp-range={{ dhcp_start }},{{ dhcp_stop }},2h
-dhcp-generate-names
+# dhcp-generate-names ## better use grub to generate names
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 643e98c..3bc1ffc 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -57,7 +57,7 @@
                              -i localhost, --url=git://{{ ansible_hostname }}/.git $playbook
     marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
 
-- name: add kiosk auto pxe boot entry to di-netboot-assistant
+- name: add pxe boot entries to di-netboot-assistant
   blockinfile:
     dest: /etc/di-netboot-assistant/pxelinux.HEAD
     insertbefore: EOF
@@ -69,10 +69,15 @@
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
          append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
 
-      LABEL autoinstall
+      LABEL kiosk
          MENU LABEL Debian {{ di_version }} (amd64) + preseed + kiosk.yml
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=kiosk auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+
+      LABEL cloudbox
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + cloudbox.yml
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=cloudbox auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=cloudbox.yml ---
 
          #LABEL daily
          #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
@@ -81,7 +86,7 @@
     marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
   notify: "rebuild di-netboot-assistant menu"
 
-- name: add kiosk auto efi boot entry to di-netboot-assistant
+- name: add efi boot entries to di-netboot-assistant
   blockinfile:
     dest: /etc/di-netboot-assistant/grub.cfg.HEAD
     insertbefore: EOF
@@ -96,7 +101,15 @@
 
       menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
          linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+                   hostname=kiosk auto=true priority=critical \
+                   url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + cloudbox.yml' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   hostname=cloudbox auto=true priority=critical \
+                   url=tftp://{{ ansible_hostname }} playbook=cloudbox.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
@@ -185,7 +198,6 @@
 
 ######################
 
-
 - name: provide git repo if not available already # noqa git-latest
   git:
     repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
@@ -212,3 +224,4 @@
     block: |
       [kerberox-client]
       {{ in_inventory }}
+  when: krb5kdc.stat.exists or samba.stat.exists

From 49d81c705d34ecb7119efe2da1b96f0aa70c4432 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 12 Jun 2022 21:02:54 +0200
Subject: [PATCH 204/504] Fix kerberox.

---
 README.kerberox                      |   9 ++-
 kerberox.yml                         |  10 ++-
 roles/krb5kdcldap/tasks/main.yml     | 103 +++++++++++++++------------
 roles/ldap/handlers/main.cfg         |   4 --
 roles/ldap/tasks/setup.yml           |   4 +-
 roles/prepare4clients/tasks/main.yml |   8 ++-
 roles/sambaldap/tasks/main.yml       |   4 +-
 7 files changed, 80 insertions(+), 62 deletions(-)
 delete mode 100644 roles/ldap/handlers/main.cfg

diff --git a/README.kerberox b/README.kerberox
index 1e969af..fd84d98 100644
--- a/README.kerberox
+++ b/README.kerberox
@@ -1,11 +1,14 @@
 ## After installation of the clients, prepare and copy all machine
 ## credentials to the machines in the following way:
 
+## Log into the Kerberos KDC (kerberox).
+
 ## Find the kadmin password to be used soon:
-    sudo cat /root/kadmin.pwd
+     sudo cat /root/kadmin.pwd
 
 ## Then:
-    cd /home/ansible/debian-lan/
-    ansible-playbook --ask-become-pass kerberox-client.yml
+     cd /home/ansible/debian-lan/
+     ansible-playbook --ask-become-pass kerberox-client.yml \
+                      --ssh-common-args='-o StrictHostKeyChecking=no'
 
 ## Enter the 'BECOME' password and the kadmin password obtained above.
diff --git a/kerberox.yml b/kerberox.yml
index e2194b0..084ec74 100644
--- a/kerberox.yml
+++ b/kerberox.yml
@@ -16,8 +16,12 @@
 
     ## LAN IP address range:
     ipaddr_lan: 192.168.0.10/24
-    dhcp_range: 192.168.0.50,192.168.0.99,2h
-    in_inventory: 192.168.0.[50:99]
+    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
+    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
+    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
+    dhcp_start: 192.168.0.50
+    dhcp_stop: 192.168.0.150
+    in_inventory: 192.168.0.[50:150]
 
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"
@@ -47,8 +51,8 @@
   roles:
     - up2date_debian
     - firewalld2if
-    - netbootinstaller
     - dnsmasq
+    - netbootinstaller
     - aptcacher
     - role: krb5kdcldap
       when: not run_in_installer|default(false)|bool
diff --git a/roles/krb5kdcldap/tasks/main.yml b/roles/krb5kdcldap/tasks/main.yml
index 50a3f39..16b7850 100644
--- a/roles/krb5kdcldap/tasks/main.yml
+++ b/roles/krb5kdcldap/tasks/main.yml
@@ -19,7 +19,6 @@
   file:
     path: /etc/krb5kdc
     state: directory
-    recurse: true
     mode: 0755
 
 - name: prepare kdc.conf
@@ -81,71 +80,83 @@
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
 
 - name: modify ACLs to account for KDC
-  ldap_attr:
+  ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
-    name: olcAccess
-    values:
-      - >-
-        to attrs=userPassword
-        by self write
-        by anonymous auth
-        by * none
-      - >-
-        to attrs=shadowLastChange
-        by self write
-        by * read
-      - >-
-        to dn.subtree="cn=kerberos,{{ basedn }}"
-        by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-        by * none
-      - >-
-        to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
-        by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-        by self read
-        by * auth
-      - >-
-        to *
-        by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-        by * read
+    attributes:
+      olcAccess:
+        - >-
+          to attrs=userPassword
+          by self write
+          by anonymous auth
+          by * none
+        - >-
+          to attrs=shadowLastChange
+          by self write
+          by * read
+        - >-
+          to dn.subtree="cn=kerberos,{{ basedn }}"
+          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by * none
+        - >-
+          to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
+          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by self read
+          by * auth
+        - >-
+          to *
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by * read
+    ordered: true
     state: exact
   when: not krb5kdc.stat.exists
 
 - name: add KDC indexes to LDAP
-  ldap_attr:
+  ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
-    name: olcDbIndex
-    values:
-      - objectClass eq
-      - cn,uid eq
-      - uidNumber,gidNumber eq
-      - member,memberUid eq
-      - krbPrincipalName pres,sub,eq
+    attributes:
+      olcDbIndex:
+        - objectClass eq
+        - cn,uid eq
+        - uidNumber,gidNumber eq
+        - member,memberUid eq
+        - krbPrincipalName pres,sub,eq
     state: exact
   when: not krb5kdc.stat.exists
 
 - name: add AuthzRegexp to map access via kerberos/GSSAPI
-  ldap_attr:
+  ldap_attrs:
     dn: "cn=config"
-    name: olcAuthzRegexp
-    values:
-      - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
-      - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
+    attributes:
+      olcAuthzRegexp:
+        - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
+        - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
     state: exact
 
 - name: prepare password for kdc # noqa risky-shell-pipe
-  shell: echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile
+  shell:
+    >-
+      echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} |
+      xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile ;
+      chmod 0600 /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
 - name: prepare password for kadmin # noqa risky-shell-pipe
-  shell: echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} | xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile
+  shell:
+    >-
+      echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} |
+      xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile ;
+      chmod 0600 /etc/krb5kdc/service.keyfile
   no_log: true
   when: not krb5kdc.stat.exists
 
 - name: dump kdc master password
-  shell: echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ; chmod 0600 "{{ kdc_master_pwd_file }}"
+  shell:
+    >-
+      echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ;
+      chmod 0600 "{{ kdc_master_pwd_file }}"
   no_log: true
   when: not krb5kdc.stat.exists
 
@@ -200,11 +211,11 @@
     mode: '0640'
   notify: restart slapd
 
-- name: "make 'kerberos' an alias hostname resolvable from the LAN"
+- name: "make 'kerberos' and 'ldap' alias hostnames resolvable from the LAN"
   replace:
     path: /etc/hosts
     regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 kerberos'
+    replace: '\1 kerberos ldap'
   when: not krb5kdc.stat.exists
 
 ########################
diff --git a/roles/ldap/handlers/main.cfg b/roles/ldap/handlers/main.cfg
deleted file mode 100644
index 93bbc44..0000000
--- a/roles/ldap/handlers/main.cfg
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- name: restart slapd
-  systemd: name=slapd state=restarted
-  listen: restart slapd
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
index 9bbf5e9..c0e207b 100644
--- a/roles/ldap/tasks/setup.yml
+++ b/roles/ldap/tasks/setup.yml
@@ -44,7 +44,9 @@
     name: openldap
     groups: ssl-cert
     append: true
-  notify: restart slapd
+
+- name: restart slapd with access to ssl-cert
+  systemd: name=slapd state=restarted
 
 - name: make initial slapd configuration available
   copy:
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index 3bc1ffc..b127b28 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -83,7 +83,7 @@
          #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
          #kernel ::/d-i/n-a/daily/amd64/linux
          #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
-    marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK default"
   notify: "rebuild di-netboot-assistant menu"
 
 - name: add efi boot entries to di-netboot-assistant
@@ -118,7 +118,7 @@
       #             url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
       #   initrd  /d-i/n-a/daily/amd64/initrd.gz
       #}
-    marker: "# {mark} ANSIBLE MANAGED BLOCK kiosk"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK default"
   notify: "rebuild di-netboot-assistant menu"
 
 ########  kerberox-client #######
@@ -146,7 +146,9 @@
     insertbefore: EOF
     block: |
       menuentry 'Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml' {
+         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
          linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   hostname=${oct4}${oct5}${oct6} domain={{ ansible_domain }} \
                    auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
@@ -222,6 +224,6 @@
     create: true
     mode: 0644
     block: |
-      [kerberox-client]
+      [kerberoxclient]
       {{ in_inventory }}
   when: krb5kdc.stat.exists or samba.stat.exists
diff --git a/roles/sambaldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
index e272ee2..b67b891 100644
--- a/roles/sambaldap/tasks/main.yml
+++ b/roles/sambaldap/tasks/main.yml
@@ -31,7 +31,7 @@
   when: not samba_ldap.stat.exists
 
 - name: add indexes to LDAP
-  ldap_attr:
+  ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
     name: olcDbIndex
     values:
@@ -43,7 +43,7 @@
     state: present
 
 - name: modify ACLs to account for Samba
-  ldap_attr:
+  ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
     name: olcAccess
     values:

From 4a6c5ea10da609300f9d97bbf76f9f3112349fa0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 08:25:56 +0200
Subject: [PATCH 205/504] Add 'edubox' to installbox examples.

---
 roles/prepare4clients/tasks/main.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index b127b28..bf89fc1 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -79,6 +79,11 @@
          kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
          append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=cloudbox auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=cloudbox.yml ---
 
+      LABEL edubox
+         MENU LABEL Debian {{ di_version }} (amd64) + preseed + edubox.yml
+         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=edubox auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=edubox.yml ---
+
          #LABEL daily
          #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
          #kernel ::/d-i/n-a/daily/amd64/linux
@@ -113,6 +118,13 @@
          initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
       }
 
+      menuentry 'Debian {{ di_version }} (amd64) + preseed + edubox.yml' {
+         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
+                   hostname=edubox auto=true priority=critical \
+                   url=tftp://{{ ansible_hostname }} playbook=edubox.yml ---
+         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
+      }
+
       #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
       #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical \
       #             url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---

From bc383ec232df65ccc28621a8fa6e066689caf54e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 10:25:07 +0200
Subject: [PATCH 206/504] Add gdm3 configuration.

---
 roles/gnome/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
index ab80bda..2ab9029 100644
--- a/roles/gnome/tasks/main.yml
+++ b/roles/gnome/tasks/main.yml
@@ -36,6 +36,19 @@
     mode: 0644
   notify: update dconf
 
+- name: configure gdm3
+  replace:
+    dest: /etc/gdm3/greeter.dconf-defaults
+    regexp: "{{ item.rex }}"
+    replace: "{{ item.rep }}"
+  loop:
+    - rex: "# disable-user-list=.*"
+      rep: "disable-user-list=true"
+    - rex: "# sleep-inactive-ac-timeout=.*"
+      rep: "sleep-inactive-ac-timeout=600"
+    - rex: "# sleep-inactive-ac-type=.*"
+      rep: "sleep-inactive-ac-type='interactive'\npower-button-action='interactive'"
+
 ## Bug #698504
 - name: allow print job management
   replace:

From 429ca35a75c4072a1fc72e86468367178b5d73b2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 19:27:52 +0200
Subject: [PATCH 207/504] Add 'edubox', reordering.

---
 README | 50 +++++++++++++++++++++++++++++++-------------------
 1 file changed, 31 insertions(+), 19 deletions(-)

diff --git a/README b/README
index 00e8c24..37fff9c 100644
--- a/README
+++ b/README
@@ -19,11 +19,6 @@ offers ansible playbooks and instructions for the following machines:
 
  • kerberox-client:  the client for the kerberized LAN
 
- • kiosk:  school's computer, hackerspace, …
-     - auto login user
-     - reasonable defaults
-     - temporary home directory on tmpfs, reset at boot
-
  • cloudbox:  nextcloud server in the basement
      - setup of a home cloud server
      - dynamic DNS name
@@ -31,6 +26,13 @@ offers ansible playbooks and instructions for the following machines:
      - backup with borg
      - …
 
+ • kiosk:  school's computer, hackerspace, …
+     - auto login user
+     - reasonable defaults
+     - temporary home directory on tmpfs, reset at boot
+
+ • edubox:  deploy a set of containers for teaching (edubox.yml)
+
 Contributions like patches, suggestions, pull requests and/or further
 profiles are highly appreciated!
 
@@ -76,20 +78,6 @@ installation.  To do the latter, cd into 'debian-lan' and run:
 The kerberox-clients are automatically installed using the included TFTP netboot
 installer within the LAN.
 
-Kiosk
-~~~~~
- • Debian installation:
-   - user 'ansible' in sudo group
-
- • customize kiosk.yml:
-   - WiFi parameters
-   - package selection: extra_pkgs and extra_pkgs_bpo for backports
-   - desktop environment
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
-
 Cloudbox
 ~~~~~~~~
  • Debian installation:
@@ -106,3 +94,27 @@ Cloudbox
 
  • use 'nc-admin' with password in '/root/nc-admin.pwd' to log into nextcloud.
 
+Kiosk
+~~~~~
+ • Debian installation:
+   - user 'ansible' in sudo group
+
+ • customize kiosk.yml:
+   - WiFi parameters
+   - package selection: extra_pkgs and extra_pkgs_bpo for backports
+   - desktop environment
+
+ • run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
+
+Edubox
+~~~~~~
+ • Debian installation:
+   - user 'ansible' in sudo group
+
+ • customize edubox.yml
+
+ • run ansible:
+     ssh-copy-id ansible@1.2.3.4
+     ansible-playbook edubox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,

From bfee555f1e1866ae4f6365a35636bb3b3aba928e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 19:30:56 +0200
Subject: [PATCH 208/504] Add 'ldap' alias in ldap role.

---
 roles/krb5kdcldap/tasks/main.yml |  4 ++--
 roles/ldap/tasks/main.yml        | 16 +++++++---------
 roles/ldap/tasks/setup.yml       |  6 ++++++
 3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/roles/krb5kdcldap/tasks/main.yml b/roles/krb5kdcldap/tasks/main.yml
index 16b7850..bee6ec7 100644
--- a/roles/krb5kdcldap/tasks/main.yml
+++ b/roles/krb5kdcldap/tasks/main.yml
@@ -211,11 +211,11 @@
     mode: '0640'
   notify: restart slapd
 
-- name: "make 'kerberos' and 'ldap' alias hostnames resolvable from the LAN"
+- name: "make 'kerberos' an alias hostname"
   replace:
     path: /etc/hosts
     regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 kerberos ldap'
+    replace: '\1 kerberos'
   when: not krb5kdc.stat.exists
 
 ########################
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 25bcf84..6acabec 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -53,6 +53,13 @@
     dest: /usr/local/sbin/debian-lan
     mode: 0744
 
+- name: allow ldap service in firewalld
+  firewalld:
+    zone: internal
+    service: ldap
+    permanent: true
+    immediate: true
+    state: enabled
 
 - name: add dummy user foo
   ldap_entry:
@@ -82,12 +89,3 @@
     bind_dn: "cn=admin,{{ basedn }}"
     bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
   when: foo_pwd is defined and foo_pwd | length > 0
-
-
-- name: allow ldap service in firewalld
-  firewalld:
-    zone: internal
-    service: ldap
-    permanent: true
-    immediate: true
-    state: enabled
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
index c0e207b..013ebf8 100644
--- a/roles/ldap/tasks/setup.yml
+++ b/roles/ldap/tasks/setup.yml
@@ -87,6 +87,12 @@
     regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
     replace: '#\1\nTLS_CACERT\t{{ certpub }}'
 
+- name: "make 'ldap' an alias hostname"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
+    replace: '\1 ldap'
+
 - name: enable pam-mkhomedir
   command: pam-auth-update --enable mkhomedir
   when: foo_pwd is defined and foo_pwd | length > 0

From b0e34434b16341a7d4bf17d00ce5805203d3f826 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 19:53:53 +0200
Subject: [PATCH 209/504] Split 'normal' and 'setup' tasks.

---
 roles/krb5kdcldap/tasks/main.yml  | 228 ++----------------------------
 roles/krb5kdcldap/tasks/setup.yml | 197 ++++++++++++++++++++++++++
 2 files changed, 208 insertions(+), 217 deletions(-)
 create mode 100644 roles/krb5kdcldap/tasks/setup.yml

diff --git a/roles/krb5kdcldap/tasks/main.yml b/roles/krb5kdcldap/tasks/main.yml
index bee6ec7..fc3cce1 100644
--- a/roles/krb5kdcldap/tasks/main.yml
+++ b/roles/krb5kdcldap/tasks/main.yml
@@ -1,5 +1,4 @@
-## Install and configure krb5-kdc-ldap (if not done yet),
-##  run most tasks only on krb5-kdc-ldap installation.
+## Install and configure krb5-kdc-ldap.
 ---
 - name: check that domain name is available
   fail: msg="The machine's domain must not be empty."
@@ -9,223 +8,11 @@
   stat: path=/usr/sbin/krb5kdc
   register: krb5kdc
 
-- name: prepare krb5.conf
-  template:
-    src: krb5.conf.j2
-    dest: /etc/krb5.conf
-    mode: 0644
-
-- name: make sure krb5kdc exists
-  file:
-    path: /etc/krb5kdc
-    state: directory
-    mode: 0755
-
-- name: prepare kdc.conf
-  template:
-    src: kdc.conf.j2
-    dest: /etc/krb5kdc/kdc.conf
-    mode: 0644
-
-- name: prepare kadm5.acl
-  template:
-    src: kadm5.acl.j2
-    dest: /etc/krb5kdc/kadm5.acl
-    mode: 0644
-  notify: "restart krb5-admin-server"
-
-- name: install krb5-kdc-ldap and krb5-admin-server
-  apt:
-    name:
-      - krb5-kdc-ldap
-      - krb5-admin-server
-    state: latest # noqa package-latest
-
-- name: prepare kerberos.openldap.ldif
-  shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
-  args:
-    creates: /etc/ldap/schema/kerberos.openldap.ldif
-
-- name: activate kerberos.openldap.ldif schema
-  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/kerberos.openldap.ldif
+- name: install and configure krb5-kdc-ldap
+  include_tasks: setup.yml
   when: not krb5kdc.stat.exists
 
-- name: make sure we have a kerberos container
-  ldap_entry:
-    dn: "cn=kerberos,{{ basedn }}"
-    objectClass: krbContainer
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: make sure we have a kdc object
-  ldap_entry:
-    dn: "cn=kdc,cn=kerberos,{{ basedn }}"
-    objectClass:
-      - organizationalRole
-      - simpleSecurityObject
-    attributes:
-      userPassword: "{{ kdc_service_pwd }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: make sure we have a kadmin object
-  ldap_entry:
-    dn: "cn=kadmin,cn=kerberos,{{ basedn }}"
-    objectClass:
-      - organizationalRole
-      - simpleSecurityObject
-    attributes:
-      userPassword: "{{ kadmin_service_pwd }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: modify ACLs to account for KDC
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcAccess:
-        - >-
-          to attrs=userPassword
-          by self write
-          by anonymous auth
-          by * none
-        - >-
-          to attrs=shadowLastChange
-          by self write
-          by * read
-        - >-
-          to dn.subtree="cn=kerberos,{{ basedn }}"
-          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by * none
-        - >-
-          to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
-          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by self read
-          by * auth
-        - >-
-          to *
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by * read
-    ordered: true
-    state: exact
-  when: not krb5kdc.stat.exists
-
-- name: add KDC indexes to LDAP
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcDbIndex:
-        - objectClass eq
-        - cn,uid eq
-        - uidNumber,gidNumber eq
-        - member,memberUid eq
-        - krbPrincipalName pres,sub,eq
-    state: exact
-  when: not krb5kdc.stat.exists
-
-- name: add AuthzRegexp to map access via kerberos/GSSAPI
-  ldap_attrs:
-    dn: "cn=config"
-    attributes:
-      olcAuthzRegexp:
-        - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
-        - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
-    state: exact
-
-- name: prepare password for kdc # noqa risky-shell-pipe
-  shell:
-    >-
-      echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} |
-      xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile ;
-      chmod 0600 /etc/krb5kdc/service.keyfile
-  no_log: true
-  when: not krb5kdc.stat.exists
-
-- name: prepare password for kadmin # noqa risky-shell-pipe
-  shell:
-    >-
-      echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} |
-      xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile ;
-      chmod 0600 /etc/krb5kdc/service.keyfile
-  no_log: true
-  when: not krb5kdc.stat.exists
-
-- name: dump kdc master password
-  shell:
-    >-
-      echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ;
-      chmod 0600 "{{ kdc_master_pwd_file }}"
-  no_log: true
-  when: not krb5kdc.stat.exists
-
-- name: initialize KDC
-  command:
-    >-
-      kdb5_ldap_util
-      -D cn=admin,"{{ basedn }}"
-      -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-      -H ldapi:///
-      create -s -subtrees "{{ basedn }}"
-      -P "{{ kdc_master_pwd }}"
-      -r "{{ ansible_domain | upper }}"
-  no_log: true
-  notify: "restart krb5-kdc"
-  when: not krb5kdc.stat.exists
-
-- name: add root/admin as kadmin
-  command: kadmin.local -q 'addprinc -pw "{{ kadmin_pwd }}" root/admin'
-  when: not krb5kdc.stat.exists
-
-- name: dump kadmin password
-  shell: echo -n "{{ kadmin_pwd }}" > "{{ kadmin_pwd_file }}" ; chmod 0600 "{{ kadmin_pwd_file }}"
-  no_log: true
-  when: not krb5kdc.stat.exists
-
-- name: add default policy to silence warning when using kadmin
-  command: kadmin.local -q "add_policy default"
-  when: not krb5kdc.stat.exists
-
-- name: create machine principals
-  command: kadmin.local -q 'addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
-  with_items:
-    - host
-    - ldap
-    - HTTP
-  when: not krb5kdc.stat.exists
-
-- name: add principal to the default keytab
-  command: kadmin.local -q 'ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
-  with_items:
-    - host
-    - ldap
-    - HTTP
-  when: not krb5kdc.stat.exists
-
-- name: allow slapd to read the keytab
-  file:
-    path: /etc/krb5.keytab
-    owner: root
-    group: openldap
-    mode: '0640'
-  notify: restart slapd
-
-- name: "make 'kerberos' an alias hostname"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 kerberos'
-  when: not krb5kdc.stat.exists
-
-########################
-
-- name: kerberize dummy user foo
-  command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
-  register: kerberize_result
-  changed_when: kerberize_result.stderr is not search('already exists while creating')
-  no_log: true
-  when: foo_pwd is defined and foo_pwd | length > 0
+######################################################
 
 - name: allow services in firewalld
   firewalld:
@@ -238,3 +25,10 @@
     - kerberos
     - kadmin
     - kpasswd
+
+- name: kerberize dummy user foo
+  command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
+  register: kerberize_result
+  changed_when: kerberize_result.stderr is not search('already exists while creating')
+  no_log: true
+  when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/krb5kdcldap/tasks/setup.yml b/roles/krb5kdcldap/tasks/setup.yml
new file mode 100644
index 0000000..158240a
--- /dev/null
+++ b/roles/krb5kdcldap/tasks/setup.yml
@@ -0,0 +1,197 @@
+## Install and configure krb5-kdc-ldap.
+---
+- name: prepare krb5.conf
+  template:
+    src: krb5.conf.j2
+    dest: /etc/krb5.conf
+    mode: 0644
+
+- name: make sure krb5kdc exists
+  file:
+    path: /etc/krb5kdc
+    state: directory
+    mode: 0755
+
+- name: prepare kdc.conf
+  template:
+    src: kdc.conf.j2
+    dest: /etc/krb5kdc/kdc.conf
+    mode: 0644
+
+- name: prepare kadm5.acl
+  template:
+    src: kadm5.acl.j2
+    dest: /etc/krb5kdc/kadm5.acl
+    mode: 0644
+  notify: "restart krb5-admin-server"
+
+- name: install krb5-kdc-ldap and krb5-admin-server
+  apt:
+    name:
+      - krb5-kdc-ldap
+      - krb5-admin-server
+    state: latest # noqa package-latest
+
+- name: prepare kerberos.openldap.ldif
+  shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
+  args:
+    creates: /etc/ldap/schema/kerberos.openldap.ldif
+
+- name: activate kerberos.openldap.ldif schema # noqa no-changed-when
+  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/kerberos.openldap.ldif
+
+- name: make sure we have a kerberos container
+  ldap_entry:
+    dn: "cn=kerberos,{{ basedn }}"
+    objectClass: krbContainer
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+
+- name: make sure we have a kdc object
+  ldap_entry:
+    dn: "cn=kdc,cn=kerberos,{{ basedn }}"
+    objectClass:
+      - organizationalRole
+      - simpleSecurityObject
+    attributes:
+      userPassword: "{{ kdc_service_pwd }}"
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+
+- name: make sure we have a kadmin object
+  ldap_entry:
+    dn: "cn=kadmin,cn=kerberos,{{ basedn }}"
+    objectClass:
+      - organizationalRole
+      - simpleSecurityObject
+    attributes:
+      userPassword: "{{ kadmin_service_pwd }}"
+    bind_dn: "cn=admin,{{ basedn }}"
+    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+
+- name: modify ACLs to account for KDC
+  ldap_attrs:
+    dn: "olcDatabase={1}mdb,cn=config"
+    attributes:
+      olcAccess:
+        - >-
+          to attrs=userPassword
+          by self write
+          by anonymous auth
+          by * none
+        - >-
+          to attrs=shadowLastChange
+          by self write
+          by * read
+        - >-
+          to dn.subtree="cn=kerberos,{{ basedn }}"
+          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by * none
+        - >-
+          to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
+          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by self read
+          by * auth
+        - >-
+          to *
+          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
+          by * read
+    ordered: true
+    state: exact
+
+- name: add KDC indexes to LDAP
+  ldap_attrs:
+    dn: "olcDatabase={1}mdb,cn=config"
+    attributes:
+      olcDbIndex:
+        - objectClass eq
+        - cn,uid eq
+        - uidNumber,gidNumber eq
+        - member,memberUid eq
+        - krbPrincipalName pres,sub,eq
+    state: exact
+
+- name: add AuthzRegexp to map access via kerberos/GSSAPI
+  ldap_attrs:
+    dn: "cn=config"
+    attributes:
+      olcAuthzRegexp:
+        - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
+        - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
+    state: exact
+
+- name: prepare password for kdc # noqa risky-shell-pipe no-changed-when
+  shell:
+    >-
+      echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} |
+      xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile ;
+      chmod 0600 /etc/krb5kdc/service.keyfile
+  no_log: true
+
+- name: prepare password for kadmin # noqa risky-shell-pipe no-changed-when
+  shell:
+    >-
+      echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} |
+      xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile ;
+      chmod 0600 /etc/krb5kdc/service.keyfile
+  no_log: true
+
+- name: dump kdc master password # noqa no-changed-when
+  shell:
+    >-
+      echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ;
+      chmod 0600 "{{ kdc_master_pwd_file }}"
+  no_log: true
+
+- name: initialize KDC # noqa no-changed-when
+  command:
+    >-
+      kdb5_ldap_util
+      -D cn=admin,"{{ basedn }}"
+      -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
+      -H ldapi:///
+      create -s -subtrees "{{ basedn }}"
+      -P "{{ kdc_master_pwd }}"
+      -r "{{ ansible_domain | upper }}"
+  no_log: true
+  notify: "restart krb5-kdc"
+
+- name: add root/admin as kadmin # noqa no-changed-when
+  command: kadmin.local -q 'addprinc -pw "{{ kadmin_pwd }}" root/admin'
+
+- name: dump kadmin password # noqa no-changed-when
+  shell: echo -n "{{ kadmin_pwd }}" > "{{ kadmin_pwd_file }}" ; chmod 0600 "{{ kadmin_pwd_file }}"
+  no_log: true
+
+- name: add default policy to silence warning when using kadmin # noqa no-changed-when
+  command: kadmin.local -q "add_policy default"
+
+- name: create machine principals # noqa no-changed-when
+  command: kadmin.local -q 'addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
+  with_items:
+    - host
+    - ldap
+    - HTTP
+
+- name: add principal to the default keytab # noqa no-changed-when
+  command: kadmin.local -q 'ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
+  with_items:
+    - host
+    - ldap
+    - HTTP
+
+- name: allow slapd to read the keytab
+  file:
+    path: /etc/krb5.keytab
+    owner: root
+    group: openldap
+    mode: '0640'
+  notify: restart slapd
+
+- name: "make 'kerberos' an alias hostname"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
+    replace: '\1 kerberos'

From a5e143b9001f1c7fb66ec4e2c27e09c0aa4c6e79 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 22:59:38 +0200
Subject: [PATCH 210/504] Fix bind configuration.

---
 roles/dnsdhcptftp/tasks/main.yml              | 21 ++++++++-----------
 .../templates/{db.intern.j2 => db.RR.j2}      |  0
 .../templates/{db.lan.j2 => db.RRinv.j2}      |  0
 roles/dnsdhcptftp/templates/dhcpd.conf.j2     |  2 +-
 roles/dnsdhcptftp/templates/localzones.j2     |  6 +++---
 roles/firewalld2if/tasks/main.yml             |  2 +-
 6 files changed, 14 insertions(+), 17 deletions(-)
 rename roles/dnsdhcptftp/templates/{db.intern.j2 => db.RR.j2} (100%)
 rename roles/dnsdhcptftp/templates/{db.lan.j2 => db.RRinv.j2} (100%)

diff --git a/roles/dnsdhcptftp/tasks/main.yml b/roles/dnsdhcptftp/tasks/main.yml
index 623741f..8eb02e3 100644
--- a/roles/dnsdhcptftp/tasks/main.yml
+++ b/roles/dnsdhcptftp/tasks/main.yml
@@ -39,19 +39,16 @@
 
 - name: deploy config files for bind9
   template:
-    src: "{{ item }}.j2"
-    dest: "/etc/bind/{{ item }}"
+    src: "{{ item.src }}.j2"
+    dest: "/etc/bind/{{ item.dest }}"
     mode: 0644
   loop:
-    - db.intern
-    - localzones
-  notify: restart bind
-
-- name: deploy config files for bind9 - special case where template destination filename is dynamic
-  template:
-    src: db.lan.j2
-    dest: "/etc/bind/db.{{ ipaddr_lan_threeoct }}"
-    mode: 0644
+    - src: db.RR
+      dest: "db.{{ ansible_domain }}"
+    - src: db.RRinv
+      dest: "db.{{ ipaddr_lan_threeoct }}"
+    - src: localzones
+      dest: localzones
   notify: restart bind
 
 - name: link zone files to writeable directory for DDNS
@@ -60,7 +57,7 @@
     dest: "/var/lib/bind/{{ item }}"
     state: link
   loop:
-    - db.intern
+    - "db.{{ ansible_domain }}"
     - "db.{{ ipaddr_lan_threeoct }}"
   notify: restart bind
 
diff --git a/roles/dnsdhcptftp/templates/db.intern.j2 b/roles/dnsdhcptftp/templates/db.RR.j2
similarity index 100%
rename from roles/dnsdhcptftp/templates/db.intern.j2
rename to roles/dnsdhcptftp/templates/db.RR.j2
diff --git a/roles/dnsdhcptftp/templates/db.lan.j2 b/roles/dnsdhcptftp/templates/db.RRinv.j2
similarity index 100%
rename from roles/dnsdhcptftp/templates/db.lan.j2
rename to roles/dnsdhcptftp/templates/db.RRinv.j2
diff --git a/roles/dnsdhcptftp/templates/dhcpd.conf.j2 b/roles/dnsdhcptftp/templates/dhcpd.conf.j2
index 9bb803c..1096ab3 100644
--- a/roles/dnsdhcptftp/templates/dhcpd.conf.j2
+++ b/roles/dnsdhcptftp/templates/dhcpd.conf.j2
@@ -21,7 +21,7 @@ ddns-update-style standard;
 
 include "/etc/dhcp/rndc.key";
 
-zone intern. {
+zone {{ ansible_domain }}. {
   primary 127.0.0.1;
   key rndc-key;
 }
diff --git a/roles/dnsdhcptftp/templates/localzones.j2 b/roles/dnsdhcptftp/templates/localzones.j2
index 7cd8cb9..e71d0a7 100644
--- a/roles/dnsdhcptftp/templates/localzones.j2
+++ b/roles/dnsdhcptftp/templates/localzones.j2
@@ -8,10 +8,10 @@ zone "{{ ipaddr_lan_ptr[:-1] }}" {
         allow-update { key rndc-key; };
 };
 
-zone "intern" {
+zone "{{ ansible_domain }}" {
         type master;
         notify no;
-        file "/etc/bind/db.intern";
-        journal "/var/lib/bind/db.intern.jnl";
+        file "/etc/bind/db.{{ ansible_domain }}";
+        journal "/var/lib/bind/db.{{ ansible_domain }}.jnl";
         allow-update { key rndc-key; };
 };
diff --git a/roles/firewalld2if/tasks/main.yml b/roles/firewalld2if/tasks/main.yml
index c21b90c..3147677 100644
--- a/roles/firewalld2if/tasks/main.yml
+++ b/roles/firewalld2if/tasks/main.yml
@@ -33,7 +33,7 @@
     immediate: true
   when: not run_in_installer|default(false)|bool
 
-- name: add LAN interface to zone intern
+- name: add LAN interface to internal zone
   firewalld:
     zone: internal
     interface: "{{ if_lan }}"

From ec66744db4dafd423a205bfc95f545af75255bc8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 13 Jun 2022 23:02:29 +0200
Subject: [PATCH 211/504] Fix sambox.

---
 roles/sambaldap/defaults/main.yml |  2 +-
 roles/sambaldap/tasks/main.yml    | 64 +++++++++++++++++--------------
 sambox.yml                        |  6 +--
 3 files changed, 37 insertions(+), 35 deletions(-)

diff --git a/roles/sambaldap/defaults/main.yml b/roles/sambaldap/defaults/main.yml
index 37ab18a..575579c 100644
--- a/roles/sambaldap/defaults/main.yml
+++ b/roles/sambaldap/defaults/main.yml
@@ -1,4 +1,4 @@
 basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: sambox
+ldap_server: ldap
 min_id_sssd: 5000
 max_id_sssd: 20000
diff --git a/roles/sambaldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
index b67b891..ce96c14 100644
--- a/roles/sambaldap/tasks/main.yml
+++ b/roles/sambaldap/tasks/main.yml
@@ -18,9 +18,6 @@
     mode: 0600
   notify: restart sssd
 
-- name: flush all handlers
-  meta: flush_handlers
-
 - name: prepare samba schema
   command: cp /usr/share/doc/samba/examples/LDAP/samba.ldif /etc/ldap/schema/
   args:
@@ -33,39 +30,40 @@
 - name: add indexes to LDAP
   ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
-    name: olcDbIndex
-    values:
-      - sambaSID eq
-      - sambaPrimaryGroupSID eq
-      - sambaGroupType eq
-      - sambaSIDList eq
-      - sambaDomainName eq
+    attributes:
+      olcDbIndex:
+        - sambaSID eq
+        - sambaPrimaryGroupSID eq
+        - sambaGroupType eq
+        - sambaSIDList eq
+        - sambaDomainName eq
     state: present
 
 - name: modify ACLs to account for Samba
   ldap_attrs:
     dn: "olcDatabase={1}mdb,cn=config"
-    name: olcAccess
-    values:
-      - >-
-        to attrs=userPassword
-        by self write
-        by anonymous auth
-        by * none
-      - >-
-        to attrs=shadowLastChange
-        by self write
-        by * read
-      - >-
-        to attrs=sambaNTPassword
-        by dn.exact=cn=admin,{{ basedn }} write
-        by self write
-        by * none
-      - >-
-        to * by * read
+    attributes:
+      olcAccess:
+        - >-
+          to attrs=userPassword
+          by self write
+          by anonymous auth
+          by * none
+        - >-
+          to attrs=shadowLastChange
+          by self write
+          by * read
+        - >-
+          to attrs=sambaNTPassword
+          by dn.exact=cn=admin,{{ basedn }} write
+          by self write
+          by * none
+        - >-
+          to * by * read
+    ordered: true
     state: exact
 
-- name: customize smb.conf
+- name: configure smb ldap backend
   blockinfile:
     dest: /etc/samba/smb.conf
     insertafter: '^\s*server role ='
@@ -82,6 +80,14 @@
       ldap passwd sync = yes
   notify: restart smbd
 
+- name: make smb homes writable
+  replace:
+    path: /etc/samba/smb.conf
+    regexp: '^(\s*read only =) yes$'
+    replace: '\1 no'
+    after: '\[homes\]'
+    before: '\[.+\]'
+  notify: restart smbd
 
 - name: slurp admin password for samba setup
   slurp:
diff --git a/sambox.yml b/sambox.yml
index 9954225..6bf8c04 100644
--- a/sambox.yml
+++ b/sambox.yml
@@ -3,7 +3,6 @@
 ## to the installer boot parameters to set hostname and domain.
 ##
 
-
 - name: apply configuration to the sambox server
   hosts: all
   remote_user: ansible
@@ -26,14 +25,13 @@
     in_inventory: 192.168.0.[50:150]
 
     di_dist: "{{ ansible_distribution_release }}"
-    di_version: 10  # "{{ ansible_distribution_major_version }}"
+    di_version: "{{ ansible_distribution_major_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
 
     ansible_user: ansible
     repo_dir: "/home/{{ ansible_user }}/debian-lan"
     ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
 
-
   vars_prompt:
     - name: "foo_pwd"
       prompt:
@@ -42,14 +40,12 @@
         just continue
       private: true
 
-
   pre_tasks:
     - name: validate if interfaces are available
       fail:
         msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
       when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
 
-
   roles:
     - up2date_debian
     - firewalld2if

From 06973c015b0e2d064e1de2f2b07cd0a1c6f9d659 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 14 Jun 2022 10:41:21 +0200
Subject: [PATCH 212/504] Fix sambox-client.

---
 README                                 | 9 ++++++---
 roles/smbsshfsclient/defaults/main.yml | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/README b/README
index 37fff9c..9760129 100644
--- a/README
+++ b/README
@@ -19,6 +19,9 @@ offers ansible playbooks and instructions for the following machines:
 
  • kerberox-client:  the client for the kerberized LAN
 
+ • sambox and -client:  comparable to the kerberox setup, but
+   home directories are shared via sshfs or the smb protocol. 
+
  • cloudbox:  nextcloud server in the basement
      - setup of a home cloud server
      - dynamic DNS name
@@ -31,7 +34,7 @@ offers ansible playbooks and instructions for the following machines:
      - reasonable defaults
      - temporary home directory on tmpfs, reset at boot
 
- • edubox:  deploy a set of containers for teaching (edubox.yml)
+ • edubox:  deploy a set of containers for training/teaching
 
 Contributions like patches, suggestions, pull requests and/or further
 profiles are highly appreciated!
@@ -56,8 +59,8 @@ Installbox
 
  • the installbox can be used to install all other profiles
 
-Kerberox
-~~~~~~~~
+Kerberox, Sambox
+~~~~~~~~~~~~~~~~
  • standard Debian installation:
    - user 'ansible' in sudo group
    - WAN interface configured and connected
diff --git a/roles/smbsshfsclient/defaults/main.yml b/roles/smbsshfsclient/defaults/main.yml
index 19fe2da..d2c6c70 100644
--- a/roles/smbsshfsclient/defaults/main.yml
+++ b/roles/smbsshfsclient/defaults/main.yml
@@ -1,4 +1,4 @@
-basedn: "{{ 'dc=' + ( ansible_dns['domain'] | default('intern') | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
+basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
 ldap_server: ldap
 home_server: homes
 min_id_sssd: 5000

From d7d767fea96c7389cd41f4dd3c197651fda7a150 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 18 Jun 2022 09:35:59 +0200
Subject: [PATCH 213/504] Improvements sambox-client.

---
 roles/netbootinstaller/tasks/main.yml |  2 ++
 roles/sambaldap/tasks/main.yml        |  9 +++++++++
 roles/smbsshfsclient/tasks/main.yml   | 11 +++++++++--
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/roles/netbootinstaller/tasks/main.yml b/roles/netbootinstaller/tasks/main.yml
index 4902791..1296b0b 100644
--- a/roles/netbootinstaller/tasks/main.yml
+++ b/roles/netbootinstaller/tasks/main.yml
@@ -9,6 +9,7 @@
     name:
       - di-netboot-assistant
       - "{{ di_pkg }}"
+    state: latest # noqa package-latest
   notify:
     - bind mount images
     - rebuild di-netboot-assistant menu
@@ -26,3 +27,4 @@
     path: /etc/hosts
     regexp: '^(127\.0\.1\.1.*)$'
     replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }} {{ ansible_hostname }}.{{ ansible_domain }} {{ ansible_hostname }}'
+  when: ipaddr_lan is defined
diff --git a/roles/sambaldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
index ce96c14..3176861 100644
--- a/roles/sambaldap/tasks/main.yml
+++ b/roles/sambaldap/tasks/main.yml
@@ -89,6 +89,15 @@
     before: '\[.+\]'
   notify: restart smbd
 
+- name: make smb homes writable
+  replace:
+    path: /etc/samba/smb.conf
+    regexp: '^(\s*create mask =) 0700'
+    replace: '\1 0600'
+    after: '\[homes\]'
+    before: '\[.+\]'
+  notify: restart smbd
+
 - name: slurp admin password for samba setup
   slurp:
     src: "{{ ldap_admin_pwd_file }}"
diff --git a/roles/smbsshfsclient/tasks/main.yml b/roles/smbsshfsclient/tasks/main.yml
index 4dcf1e1..922c34d 100644
--- a/roles/smbsshfsclient/tasks/main.yml
+++ b/roles/smbsshfsclient/tasks/main.yml
@@ -6,6 +6,7 @@
       - libpam-mount
       - cifs-utils
       - sshfs
+      - hxtools
     state: latest # noqa package-latest
 
 - name: add URI to ldap.conf
@@ -32,7 +33,7 @@
     mode: 0600
   notify: restart sssd
 
-- name: configure pam_mount
+- name: configure pam_mount # interesting options: posix,mfsymlinks,nomapposix,noperm
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     block: |
@@ -41,7 +42,7 @@
         server="{{ home_server }}"
         path="%(USER)"
         mountpoint="/home/lan/%(USER)"
-        options="dir_mode=0750,file_mode=0640"
+        options="idsfromsid,modefromsid,mfsymlinks"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume -->
       <volume
         fstype="fuse"
@@ -52,6 +53,12 @@
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
+- name: make sure umount is not blocked
+  replace:
+    path: /etc/security/pam_mount.conf.xml
+    regexp: '<logout wait="0".*'
+    replace: '<logout wait="3000" hup="yes" term="yes" kill="yes"/>'
+
 - name: make sure .ssh exists
   file:
     path: /root/.ssh

From de2a473cde4b428de0d5f8e4936bdedf75a13de7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 25 Jun 2022 10:15:19 +0200
Subject: [PATCH 214/504] Implement livebox.

---
 livebox.yml                        |  67 ++++++++++++++++++
 roles/aptcacher/tasks/main.yml     |   8 ++-
 roles/debianlive/handlers/main.yml |  10 +++
 roles/debianlive/tasks/main.yml    | 106 +++++++++++++++++++++++++++++
 roles/sambaldap/tasks/main.yml     |   2 +-
 5 files changed, 190 insertions(+), 3 deletions(-)
 create mode 100644 livebox.yml
 create mode 100644 roles/debianlive/handlers/main.yml
 create mode 100644 roles/debianlive/tasks/main.yml

diff --git a/livebox.yml b/livebox.yml
new file mode 100644
index 0000000..4f229fd
--- /dev/null
+++ b/livebox.yml
@@ -0,0 +1,67 @@
+## This playbook deploys the LiveBox.
+##
+## The LiveBox provides Debian Live and Installer images on top
+## of an already existing network with minimal modifications to
+## existing infrastructure.  It does not provide DHCP; the idea
+## is to chainload the LiveBox' menu (iPXE or Grub) from PXE
+## infrastructure already in place.
+##
+## To chainload the LiveBox in iPXE use:
+##  > item livebox Chainload Menu from LiveBox
+##  > …
+##  > :livebox chain tftp://livebox.lan/d-i/n-a/menu.ipxe
+##
+## To chainload the LiveBox in Grub use:
+##  > menuentry 'Chainload Menu from LiveBox' {
+##  >   configfile (tftp,livebox.lan)/d-i/n-a/grub/grub.cfg
+##  > }
+---
+- name: apply configuration to the livebox
+  hosts: all
+  remote_user: ansible
+  become: true
+
+  vars:
+    extra_pkgs:
+      - lighttpd
+      - nfs-kernel-server
+    extra_pkgs_bpo:
+      - atftpd
+      - di-netboot-assistant
+
+    live_images:
+      - iso: 'debian-live-11.3.0-amd64-gnome+nonfree.iso'
+        name: 'gnome'
+      - iso: 'debian-live-11.3.0-amd64-kde+nonfree.iso'
+        name: 'kde'
+      - iso: 'debian-live-11.3.0-amd64-standard+nonfree.iso'
+        name: 'standard-cli'
+    live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/11.3.0-live+nonfree/amd64/iso-hybrid/'
+    di_dist: "{{ ansible_distribution_release }}"
+    di_version: "{{ ansible_distribution_major_version }}"
+    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+    boot_params:
+      - boot=live
+      - netboot=nfs
+      - components
+      - locales=de_DE.UTF-8
+      - keyboard-layouts=de
+      - quiet
+      - splash
+#      - noroot
+
+    ansible_python_interpreter: "/usr/bin/python3"
+
+  pre_tasks:
+    - name: preseed atftpd
+      debconf:
+        name: atftpd
+        question: atftpd/basedir
+        value: /var/lib/tftpboot
+        vtype: string
+
+  roles:
+    - up2date_debian
+    - netbootinstaller
+    - aptcacher
+    - debianlive
diff --git a/roles/aptcacher/tasks/main.yml b/roles/aptcacher/tasks/main.yml
index 01b745d..64f56ed 100644
--- a/roles/aptcacher/tasks/main.yml
+++ b/roles/aptcacher/tasks/main.yml
@@ -23,6 +23,10 @@
     replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
   when: preseedcfg.stat.exists
 
+- name: test if firewalld is available
+  stat: path=/usr/sbin/firewalld
+  register: firewalld
+
 - name: allow apt-cacher-ng service in firewalld
   firewalld:
     zone: internal
@@ -30,11 +34,11 @@
     permanent: true
     immediate: true
     state: enabled
-  when: not run_in_installer|default(false)|bool
+  when: not run_in_installer|default(false)|bool and firewalld.stat.exists
 
 - name: allow apt-cacher-ng service in firewalld, offline
   command: "firewall-offline-cmd --zone=internal --add-port=3142/tcp"
-  when: run_in_installer|default(false)|bool
+  when: run_in_installer|default(false)|bool and firewalld.stat.exists
 
 - name: flush handler to make apt-cacher available
   meta: flush_handlers
diff --git a/roles/debianlive/handlers/main.yml b/roles/debianlive/handlers/main.yml
new file mode 100644
index 0000000..affc752
--- /dev/null
+++ b/roles/debianlive/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: rebuild di-netboot assistant menu
+  command:
+    cmd: di-netboot-assistant rebuild-menu
+  listen: rebuild di-netboot menu
+
+- name: export nfs
+  command:
+    cmd: exportfs -ra
+  listen: export nfs
diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
new file mode 100644
index 0000000..23dcd11
--- /dev/null
+++ b/roles/debianlive/tasks/main.yml
@@ -0,0 +1,106 @@
+---
+- name: download debian-live images
+  get_url:
+    url: "{{ live_url }}{{ item.iso }}"
+    dest: "/var/cache/di-netboot-assistant/{{ item.iso }}"
+    checksum: "sha256:{{ live_url }}/SHA256SUMS"
+  loop:
+    "{{ live_images }}"
+
+- name: prepare live image directory
+  file:
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
+    state: directory
+    mode: 0755
+  loop:
+    "{{ live_images }}"
+
+- name: loop mount iso images
+  mount:
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
+    src: "/var/cache/di-netboot-assistant/{{ item.iso }}"
+    fstype: iso9660
+    opts: loop,ro,nofail
+    state: mounted
+  loop:
+    "{{ live_images }}"
+  notify: rebuild di-netboot menu
+
+- name: prepare http downloads
+  file:
+    src: "/var/lib/tftpboot/d-i/"
+    dest: "/var/www/html/d-i"
+    state: link
+
+- name: export live image squashfs
+  lineinfile:
+    path: /etc/exports
+    line: "/var/lib/tftpboot/d-i/n-live/ *(ro,crossmnt,no_subtree_check)"
+  notify: export nfs
+
+- name: configure ipxe boot menu address
+  replace:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    regexp: '^(set 210:string tftp://\${next-server}/)$'
+    replace: '#\1\nset 210:string http://{{ ansible_default_ipv4.address }}/'
+  notify: rebuild di-netboot menu
+
+- name: configure grub boot menu addresses
+  lineinfile:
+    path: /etc/di-netboot-assistant/grub.cfg.HEAD
+    line: "{{ item }}"
+  loop:
+    - "set root=(http,{{ ansible_default_ipv4.address }})"
+    - "set pxe_default_server={{ ansible_default_ipv4.address }}"
+  notify: rebuild di-netboot menu
+
+- name: prepare debian live nfs boot entry title
+  lineinfile:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    insertafter: '^menu iPXE Boot Menu'
+    line: "item {{ item.name }} Debian GNU/Linux {{ item.name }} NFS"
+  loop:
+    "{{ live_images }}"
+  notify: rebuild di-netboot menu
+
+- name: find kernel version
+  shell:
+    cmd: >-
+      basename /var/lib/tftpboot/d-i/n-live/{{ item.name }}/live/vmlinuz*
+      | sed "s/vmlinuz-//"
+  register: images
+  changed_when: false
+  loop:
+    "{{ live_images }}"
+
+- name: prepare debian live boot loader ipxe
+  blockinfile:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
+    block: |
+      :{{ item.item.name }}
+          echo Booting Debian GNU/Linux {{ item.item.name }}
+          kernel ${210:string}d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
+          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
+          initrd ${210:string}d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
+          boot
+  loop:
+    "{{ images.results }}"
+  notify: rebuild di-netboot menu
+
+- name: prepare debian live boot loader grub
+  blockinfile:
+    path: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: "^menuentry 'Boot from local disk..'"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
+    block: |
+      menuentry 'Debian GNU/Linux Live {{ item.item.name }}' {
+          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
+          {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
+          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
+      }
+  loop:
+    "{{ images.results }}"
+  notify: rebuild di-netboot menu
diff --git a/roles/sambaldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
index 3176861..846bf69 100644
--- a/roles/sambaldap/tasks/main.yml
+++ b/roles/sambaldap/tasks/main.yml
@@ -89,7 +89,7 @@
     before: '\[.+\]'
   notify: restart smbd
 
-- name: make smb homes writable
+- name: modify samba default create mask
   replace:
     path: /etc/samba/smb.conf
     regexp: '^(\s*create mask =) 0700'

From 64385851281791405185a559bc0f58da2ccd69ea Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sat, 25 Jun 2022 10:11:57 +0200
Subject: [PATCH 215/504] Experimental IPv6 installbox.

---
 installbox6.yml                               | 36 +++++++++++++++++
 roles/dhcp6radvdatftp/handlers/main.yml       | 20 ++++++++++
 roles/dhcp6radvdatftp/tasks/main.yml          | 39 +++++++++++++++++++
 .../templates/kea-dhcp6.conf.j2               | 20 ++++++++++
 roles/dhcp6radvdatftp/templates/radvd.conf.j2 | 10 +++++
 5 files changed, 125 insertions(+)
 create mode 100644 installbox6.yml
 create mode 100644 roles/dhcp6radvdatftp/handlers/main.yml
 create mode 100644 roles/dhcp6radvdatftp/tasks/main.yml
 create mode 100644 roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
 create mode 100644 roles/dhcp6radvdatftp/templates/radvd.conf.j2

diff --git a/installbox6.yml b/installbox6.yml
new file mode 100644
index 0000000..dc66943
--- /dev/null
+++ b/installbox6.yml
@@ -0,0 +1,36 @@
+---
+## This playbook deploys the installbox6.  Add 'hostname=XXX' and
+## 'domain=YYY' to the installer boot parameters to set hostname and
+## domain.
+
+## FIXME: works only on bookworm (kea-dhcp6, atftpd)
+
+- name: apply configuration to the installbox6
+  hosts: all
+  remote_user: ansible
+  become: true
+
+  vars:
+    ## This interface provides the default route:
+    if_lan: "{{ ansible_default_ipv4.interface }}"
+    prefix: '2001:db8:b001::/64'
+
+    ## Find the IPv6 address: FIXME: not needed anymore?
+    ipv6_lan: "{{ prefix | ipaddr('address') | slaac(ansible_default_ipv4.macaddress) }}"
+
+    di_dist: "{{ ansible_distribution_release }}"
+    di_version: 11 # "{{ ansible_distribution_major_version }}"
+    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
+
+    extra_pkgs: [binutils] # FIXME: missing dependency in di-netboot-assistant
+
+    ansible_user: ansible
+    repo_dir: "/home/{{ ansible_user }}/debian-lan"
+    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
+
+  roles:
+    - up2date_debian
+    - dhcp6radvdatftpd
+    - netbootinstaller
+    - aptcacher
+    - prepare4clients
diff --git a/roles/dhcp6radvdatftp/handlers/main.yml b/roles/dhcp6radvdatftp/handlers/main.yml
new file mode 100644
index 0000000..897fb0d
--- /dev/null
+++ b/roles/dhcp6radvdatftp/handlers/main.yml
@@ -0,0 +1,20 @@
+---
+- name: restart radvd
+  systemd:
+    name: radvd.service
+    state: restarted
+    enabled: true
+  listen: restart radvd
+
+- name: restart kea-dhcp6-server
+  systemd:
+    name: kea-dhcp6-server.service
+    state: restarted
+    enabled: true
+  listen: restart kea-dhcp6-server
+
+- name: restart network interfaces
+  systemd:
+    name: networking
+    state: restarted
+  listen: reconfigure network
diff --git a/roles/dhcp6radvdatftp/tasks/main.yml b/roles/dhcp6radvdatftp/tasks/main.yml
new file mode 100644
index 0000000..17ecd17
--- /dev/null
+++ b/roles/dhcp6radvdatftp/tasks/main.yml
@@ -0,0 +1,39 @@
+## DHCPv6, RAs and TFTP
+---
+- name: preseed aftpd
+  debconf:
+    name: atftpd
+    question: atftpd/basedir
+    value: /var/lib/tftpboot
+    vtype: string
+
+- name: install di-netboot-assistant and installer package
+  apt:
+    name:
+      - kea-dhcp6-server
+      - radvd
+      - atftpd
+    state: latest # noqa package-latest
+
+- name: configure radvd
+  template:
+    src: radvd.conf.j2
+    dest: /etc/radvd.conf
+    mode: 0644
+  notify: restart radvd
+
+- name: configure kea-dhcp-server
+  template:
+    src: kea-dhcp6.conf.j2
+    dest: /etc/kea/kea-dhcp6.conf
+    mode: 0644
+  notify: restart kea-dhcp6-server
+
+- name: set IPv6 address on interface
+  blockinfile:
+    path: /etc/network/interfaces
+    block: |
+      allow-hotplug {{ if_lan }}
+      iface {{ if_lan }} inet6 static
+         address 2001:db8:b001::1/64
+  notify: reconfigure network
diff --git a/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2 b/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
new file mode 100644
index 0000000..305bde1
--- /dev/null
+++ b/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
@@ -0,0 +1,20 @@
+{
+   "Dhcp6": {
+      "interfaces-config": {
+         "interfaces": [ "{{ if_lan }}" ]
+      },
+      "option-data": [
+         {
+            "name": "bootfile-url",
+            "data": "tftp://[2001:db8:b001::1]/d-i/n-a/grubx64.efi"
+         }
+      ],
+      "subnet6": [
+         {
+            "subnet": "2001:db8:b001::/64",
+            "pools": [ { "pool": "2001:db8:b001::2 - 2001:db8:b001::ffff" } ],
+            "interface": "enp1s0"
+         }
+      ]
+   }
+}
diff --git a/roles/dhcp6radvdatftp/templates/radvd.conf.j2 b/roles/dhcp6radvdatftp/templates/radvd.conf.j2
new file mode 100644
index 0000000..2d52dc2
--- /dev/null
+++ b/roles/dhcp6radvdatftp/templates/radvd.conf.j2
@@ -0,0 +1,10 @@
+interface {{ if_lan }}
+{
+   AdvSendAdvert on;
+   AdvManagedFlag on;
+   AdvOtherConfigFlag on;
+
+   prefix {{ prefix }}
+   {
+   };
+};

From 829b8b4d3bba42ebe0a83f60ca80087a2dea0244 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jun 2022 09:03:26 +0200
Subject: [PATCH 216/504] Implement livebox gnome-edu image build.

---
 livebox.yml                                   |   8 +
 roles/debianlive/tasks/main.yml               |  13 +-
 roles/edulive/defaults/main.yml               |   1 +
 roles/edulive/files/gnome-edu/README          |   2 +
 roles/edulive/files/gnome-edu/auto/build      |   5 +
 roles/edulive/files/gnome-edu/auto/clean      |  10 ++
 roles/edulive/files/gnome-edu/auto/config     |  18 +++
 .../hooks/0001-plymouth-theme.hook.chroot     |   8 +
 .../live/0010-disable-kexec-tools.hook.chroot |   1 +
 .../0050-disable-sysvinit-tmpfs.hook.chroot   |   1 +
 .../hooks/live/0500-desktop.hook.chroot       |  15 ++
 .../hooks/live/0600-wireshark.hook.chroot     |   5 +
 .../0020-create-mtab-symlink.hook.chroot      |   1 +
 .../normal/0030-enable-cryptsetup.hook.chroot |   1 +
 .../0040-create-locales-files.hook.chroot     |   1 +
 ...0-remove-adjtime-configuration.hook.chroot |   1 +
 .../0110-remove-backup-files.hook.chroot      |   1 +
 .../0120-remove-dbus-machine-id.hook.chroot   |   1 +
 .../0130-remove-gnome-icon-cache.hook.chroot  |   1 +
 .../normal/0140-remove-log-files.hook.chroot  |   1 +
 ...150-remove-mdadm-configuration.hook.chroot |   1 +
 ...emove-openssh-server-host-keys.hook.chroot |   1 +
 .../normal/0170-remove-python-py.hook.chroot  |   1 +
 ...0180-remove-systemd-machine-id.hook.chroot |   1 +
 .../0190-remove-temporary-files.hook.chroot   |   1 +
 .../0195-remove-ssl-cert-snakeoil.hook.chroot |   1 +
 ...emove-udev-persistent-cd-rules.hook.chroot |   1 +
 ...move-udev-persistent-net-rules.hook.chroot |   1 +
 .../0400-update-apt-file-cache.hook.chroot    |   1 +
 .../0410-update-apt-xapian-index.hook.chroot  |   1 +
 .../0420-update-glx-alternative.hook.chroot   |   1 +
 .../0430-update-mlocate-database.hook.chroot  |   1 +
 ...0440-update-nvidia-alternative.hook.chroot |   1 +
 .../0500-reproducible-glibc.hook.chroot       |   1 +
 .../etc/dconf/db/gdm.d/00-login-screen        |   8 +
 .../etc/dconf/db/local.d/defaults             |  34 ++++
 .../includes.chroot/etc/dconf/profile/gdm     |   3 +
 .../includes.chroot/etc/dconf/profile/user    |   2 +
 .../etc/libvirt/qemu/netboot.xml              | 151 ++++++++++++++++++
 .../qemu/networks/autostart/default.xml       |   1 +
 .../qemu/networks/autostart/intern.xml        |   1 +
 .../etc/libvirt/qemu/networks/intern.xml      |  14 ++
 .../includes.chroot/etc/sysctl.d/sysctl.conf  |   3 +
 .../lib/live/config/0001-VM-MAC               |  11 ++
 .../config/package-lists/desktop.list.chroot  |  11 ++
 .../package-lists/live-systems.list.chroot    |   2 +
 .../config/package-lists/live.list.chroot     |   3 +
 .../package-lists/localization.list.chroot    |   2 +
 .../config/package-lists/school.list.chroot   | 100 ++++++++++++
 .../config/package-lists/standard.list.chroot |   4 +
 .../config/preseed/wireshark.cfg.chroot       |   1 +
 roles/edulive/handlers/main.yml               |   5 +
 roles/edulive/tasks/main.yml                  |  66 ++++++++
 roles/edulive/templates/livebuilder.sh        |  27 ++++
 roles/edulive/templates/main.yml              |  54 +++++++
 55 files changed, 608 insertions(+), 4 deletions(-)
 create mode 100644 roles/edulive/defaults/main.yml
 create mode 100644 roles/edulive/files/gnome-edu/README
 create mode 100755 roles/edulive/files/gnome-edu/auto/build
 create mode 100755 roles/edulive/files/gnome-edu/auto/clean
 create mode 100755 roles/edulive/files/gnome-edu/auto/config
 create mode 100755 roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
 create mode 100755 roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
 create mode 100755 roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
 create mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
 create mode 120000 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
 create mode 120000 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
 create mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
 create mode 100755 roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
 create mode 100644 roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
 create mode 100644 roles/edulive/handlers/main.yml
 create mode 100644 roles/edulive/tasks/main.yml
 create mode 100644 roles/edulive/templates/livebuilder.sh
 create mode 100644 roles/edulive/templates/main.yml

diff --git a/livebox.yml b/livebox.yml
index 4f229fd..771607b 100644
--- a/livebox.yml
+++ b/livebox.yml
@@ -15,6 +15,7 @@
 ##  > menuentry 'Chainload Menu from LiveBox' {
 ##  >   configfile (tftp,livebox.lan)/d-i/n-a/grub/grub.cfg
 ##  > }
+##
 ---
 - name: apply configuration to the livebox
   hosts: all
@@ -37,6 +38,12 @@
       - iso: 'debian-live-11.3.0-amd64-standard+nonfree.iso'
         name: 'standard-cli'
     live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/11.3.0-live+nonfree/amd64/iso-hybrid/'
+
+    # The edulive role generates customized Debian-Live images.
+    # Make sure you have sufficient disk space available (~30GiB?).
+    build_images:
+      - gnome-edu
+
     di_dist: "{{ ansible_distribution_release }}"
     di_version: "{{ ansible_distribution_major_version }}"
     di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
@@ -65,3 +72,4 @@
     - netbootinstaller
     - aptcacher
     - debianlive
+    - edulive
diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 23dcd11..bdbdff8 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -38,11 +38,16 @@
     line: "/var/lib/tftpboot/d-i/n-live/ *(ro,crossmnt,no_subtree_check)"
   notify: export nfs
 
-- name: configure ipxe boot menu address
+- name: configure ipxe boot menu address and headline
   replace:
     path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    regexp: '^(set 210:string tftp://\${next-server}/)$'
-    replace: '#\1\nset 210:string http://{{ ansible_default_ipv4.address }}/'
+    regexp: "{{ item.reg }}"
+    replace: "{{ item.rep }}"
+  loop:
+    - reg: '^(set 210:string tftp://\${next-server}/)$'
+      rep: '#\1\nset 210:string http://{{ ansible_default_ipv4.address }}/'
+    - reg: '^#(item --gap -- -- Customized Boot Entries.*)$'
+      rep: '\1'
   notify: rebuild di-netboot menu
 
 - name: configure grub boot menu addresses
@@ -57,7 +62,7 @@
 - name: prepare debian live nfs boot entry title
   lineinfile:
     path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    insertafter: '^menu iPXE Boot Menu'
+    insertafter: '-- Customized Boot Entries --'
     line: "item {{ item.name }} Debian GNU/Linux {{ item.name }} NFS"
   loop:
     "{{ live_images }}"
diff --git a/roles/edulive/defaults/main.yml b/roles/edulive/defaults/main.yml
new file mode 100644
index 0000000..5834054
--- /dev/null
+++ b/roles/edulive/defaults/main.yml
@@ -0,0 +1 @@
+build_dir: /opt/live-build/
diff --git a/roles/edulive/files/gnome-edu/README b/roles/edulive/files/gnome-edu/README
new file mode 100644
index 0000000..83e60e3
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/README
@@ -0,0 +1,2 @@
+This config space is based on:
+  https://salsa.debian.org/live-team/live-images/-/tree/debian/images/gnome-desktop
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/auto/build b/roles/edulive/files/gnome-edu/auto/build
new file mode 100755
index 0000000..f8d8346
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/auto/build
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+set -e
+
+lb build noauto "${@}" 2>&1 | tee build.log
diff --git a/roles/edulive/files/gnome-edu/auto/clean b/roles/edulive/files/gnome-edu/auto/clean
new file mode 100755
index 0000000..4b8ccaa
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/auto/clean
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+set -e
+
+lb clean noauto "${@}"
+
+rm -f config/binary config/bootstrap config/chroot config/common config/source
+rm -f config/control
+
+rm -f build.log
diff --git a/roles/edulive/files/gnome-edu/auto/config b/roles/edulive/files/gnome-edu/auto/config
new file mode 100755
index 0000000..96e38d3
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/auto/config
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+lb config noauto \
+	--clean \
+	--cache false \
+	--net-tarball false \
+	--ignore-system-defaults \
+	--distribution bullseye \
+	--binary-images netboot \
+	--mode debian \
+	--backports true \
+	--linux-packages linux-image \
+	--archive-areas "main contrib non-free" \
+	--mirror-bootstrap http://localhost:3142/deb.debian.org/debian/ \
+	--mirror-chroot-security http://localhost:3142/security.debian.org/debian-security/ \
+"${@}"
diff --git a/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
new file mode 100755
index 0000000..16095e0
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -e
+
+if [ -e /usr/sbin/plymouth-set-default-theme ] && [ -e /usr/share/plymouth/themes/lines ]
+then
+	plymouth-set-default-theme lines
+fi
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
new file mode 120000
index 0000000..996f766
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/live/0010-disable-kexec-tools.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
new file mode 120000
index 0000000..5ddf090
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
new file mode 100755
index 0000000..a051368
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -e
+
+echo 'pref("browser.startup.homepage", "https://www.startpage.com");' >> /etc/firefox-esr/firefox-esr.js
+echo 'pref("network.proxy.type", 4);' >> /etc/firefox-esr/firefox-esr.js
+
+dconf update
+
+#sed -i "s/^/#/" /etc/xdg/user-dirs.defaults
+
+sed -i "s/^#WaylandEnable=false$/WaylandEnable=false/" /etc/gdm3/daemon.conf
+
+## workaround https://bugzilla.gnome.org/show_bug.cgi?id=730587
+#dpkg-divert --divert /usr/bin/gnome-keyring-daemon.bak --rename /usr/bin/gnome-keyring-daemon
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
new file mode 100755
index 0000000..13ce126
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
@@ -0,0 +1,5 @@
+#!/bin/sh
+set -e
+
+## allow everybody to run wireshark:
+chmod 0755 /usr/bin/dumpcap
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
new file mode 120000
index 0000000..58123fc
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0020-create-mtab-symlink.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
new file mode 120000
index 0000000..c5ab625
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0030-enable-cryptsetup.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
new file mode 120000
index 0000000..036e7e0
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0040-create-locales-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
new file mode 120000
index 0000000..b0ccdb6
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
new file mode 120000
index 0000000..8b68c5c
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0110-remove-backup-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
new file mode 120000
index 0000000..4d55b27
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
new file mode 120000
index 0000000..54f6a9b
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
new file mode 120000
index 0000000..2b99cec
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0140-remove-log-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
new file mode 120000
index 0000000..0c3cd2f
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
new file mode 120000
index 0000000..e57b8d2
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
new file mode 120000
index 0000000..858a942
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0170-remove-python-py.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
new file mode 120000
index 0000000..6cecf66
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
new file mode 120000
index 0000000..ada76d9
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0190-remove-temporary-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
new file mode 120000
index 0000000..9fc0723
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
new file mode 120000
index 0000000..f893dcc
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
new file mode 120000
index 0000000..a6ee33d
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
new file mode 120000
index 0000000..380fdcf
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0400-update-apt-file-cache.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
new file mode 120000
index 0000000..dd7150e
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0410-update-apt-xapian-index.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
new file mode 120000
index 0000000..4da25f8
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0420-update-glx-alternative.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
new file mode 120000
index 0000000..13b49d7
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0430-update-mlocate-database.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
new file mode 120000
index 0000000..0a65196
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0440-update-nvidia-alternative.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
new file mode 120000
index 0000000..9d4f095
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
@@ -0,0 +1 @@
+/usr/share/live/build/hooks/normal/0500-reproducible-glibc.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
new file mode 100644
index 0000000..23408bc
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
@@ -0,0 +1,8 @@
+[org/gnome/login-screen]
+disable-user-list=true
+logo='/usr/share/desktop-base/debian-logos/logo-text-64.png'
+
+[org/gnome/settings-daemon/plugins/power]
+power-button-action='interactive'
+sleep-inactive-ac-timeout=600
+sleep-inactive-ac-type='interactive'
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
new file mode 100644
index 0000000..ffde793
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
@@ -0,0 +1,34 @@
+[org/gnome/shell]
+enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'dash-to-dock@micxgx.gmail.com']
+
+[org/gnome/desktop/input-sources]
+sources=[('xkb', 'de'), ('xkb', 'us')]
+
+[org/gnome/desktop/wm/preferences]
+button-layout='appmenu:minimize,maximize,close'
+
+[org/gnome/desktop/peripherals/touchpad]
+natural-scroll=false
+edge-scrolling-enabled=true
+tap-to-click=true
+
+[org/gnome/nautilus/preferences]
+default-folder-viewer='list-view'
+
+[org/gnome/nautilus/list-view]
+use-tree-view=true
+
+[org/gnome/settings-daemon/plugins/power]
+power-button-action='interactive'
+sleep-inactive-battery-timeout=600
+sleep-inactive-battery-type='hibernate'
+sleep-inactive-ac-timeout=6000
+sleep-inactive-ac-type='nothing'
+
+[org/gnome/desktop/screensaver]
+lock-enabled=false
+
+[org/gnome/desktop/interface]
+clock-show-date=true
+clock-show-seconds=true
+clock-show-weekday=true
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
new file mode 100644
index 0000000..c165d75
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
@@ -0,0 +1,3 @@
+user-db:user
+system-db:gdm
+file-db:/usr/share/gdm/greeter.dconf-defaults
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
new file mode 100644
index 0000000..aca0641
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
@@ -0,0 +1,2 @@
+user-db:user
+system-db:local
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
new file mode 100644
index 0000000..6a993f9
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
@@ -0,0 +1,151 @@
+<!--
+WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
+OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
+  virsh edit netboot
+or other application using the libvirt API.
+-->
+
+<domain type='kvm'>
+  <name>netboot</name>
+  <uuid>60ea84db-de6c-493c-8e3f-8e9a99ee19c2</uuid>
+  <metadata>
+    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
+      <libosinfo:os id="http://debian.org/debian/11"/>
+    </libosinfo:libosinfo>
+  </metadata>
+  <memory unit='KiB'>2097152</memory>
+  <currentMemory unit='KiB'>2097152</currentMemory>
+  <vcpu placement='static'>2</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-q35-3.1'>hvm</type>
+    <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
+    <nvram>/var/lib/libvirt/qemu/nvram/netboot_VARS.fd</nvram>
+    <boot dev='network'/>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <vmport state='off'/>
+  </features>
+  <cpu mode='host-model' check='partial'>
+    <model fallback='allow'/>
+  </cpu>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+    <timer name='hpet' present='no'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type='usb' index='0' model='qemu-xhci' ports='15'>
+      <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
+    </controller>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='virtio-serial' index='0'>
+      <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
+    </controller>
+    <controller type='pci' index='1' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='1' port='0x10'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='pci' index='2' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='2' port='0x11'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
+    </controller>
+    <controller type='pci' index='3' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='3' port='0x12'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
+    </controller>
+    <controller type='pci' index='4' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='4' port='0x13'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
+    </controller>
+    <controller type='pci' index='5' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='5' port='0x14'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
+    </controller>
+    <controller type='pci' index='6' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='6' port='0x15'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
+    </controller>
+    <interface type='direct'>
+      <mac address='52:54:00:VMMAC'/>
+      <source dev='INTERFACE' mode='bridge'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+    </interface>
+    <interface type='network'>
+      <mac address='52:54:00:46:a6:25'/>
+      <source network='default'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
+    </interface>
+    <interface type='network'>
+      <mac address='52:54:00:5c:fc:08'/>
+      <source network='intern'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <target type='isa-serial' port='0'>
+        <model name='isa-serial'/>
+      </target>
+    </serial>
+    <console type='pty'>
+      <target type='serial' port='0'/>
+    </console>
+    <channel type='unix'>
+      <target type='virtio' name='org.qemu.guest_agent.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <channel type='spicevmc'>
+      <target type='virtio' name='com.redhat.spice.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='2'/>
+    </channel>
+    <input type='tablet' bus='usb'>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='spice' autoport='yes'>
+      <listen type='address'/>
+      <image compression='off'/>
+    </graphics>
+    <sound model='ich9'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
+    </sound>
+    <video>
+      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
+    </video>
+    <redirdev bus='usb' type='spicevmc'>
+      <address type='usb' bus='0' port='2'/>
+    </redirdev>
+    <redirdev bus='usb' type='spicevmc'>
+      <address type='usb' bus='0' port='3'/>
+    </redirdev>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
+    </memballoon>
+    <rng model='virtio'>
+      <backend model='random'>/dev/urandom</backend>
+      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
+    </rng>
+  </devices>
+</domain>
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
new file mode 120000
index 0000000..8339868
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
@@ -0,0 +1 @@
+../default.xml
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
new file mode 120000
index 0000000..08b61d4
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
@@ -0,0 +1 @@
+../intern.xml
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
new file mode 100644
index 0000000..a0e5425
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
@@ -0,0 +1,14 @@
+<!--
+WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
+OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
+  virsh net-edit intern
+or other application using the libvirt API.
+-->
+
+<network>
+  <name>intern</name>
+  <uuid>399d67ae-263b-4aeb-995d-fe0a44f00132</uuid>
+  <bridge name='virbr1' stp='on' delay='0'/>
+  <mac address='52:54:00:93:e1:ee'/>
+  <domain name='intern'/>
+</network>
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
new file mode 100644
index 0000000..c038e6d
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
@@ -0,0 +1,3 @@
+# Uncomment the following to stop low-level messages on console
+kernel.printk = 3 4 1 3
+
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC b/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
new file mode 100755
index 0000000..784d836
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
@@ -0,0 +1,11 @@
+#!/bin/sh
+# Fix deployed VM config
+
+set -eu
+
+NIC="$(ip link | grep "^2: " | cut -d ' ' -f2 | sed "s/://")"
+MAC="$(ip link | grep -A1 "^2: " | grep -oE "[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2} " \
+	| sed "s/ //g")"
+
+sed -i -e "s/VMMAC/$MAC/g" -e "s/INTERFACE/$NIC/g" /etc/libvirt/qemu/netboot.xml
+
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
new file mode 100644
index 0000000..705dc8f
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
@@ -0,0 +1,11 @@
+task-gnome-desktop
+
+gnome-shell-extension-dashtodock
+gnome-shell-extension-dash-to-panel
+
+plymouth
+plymouth-x11
+
+gstreamer1.0-vaapi
+i965-va-driver
+auto-apt-proxy
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
new file mode 100644
index 0000000..d73ed96
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
@@ -0,0 +1,2 @@
+live-manual
+live-tools
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
new file mode 100644
index 0000000..1e6ef96
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
@@ -0,0 +1,3 @@
+live-boot
+live-config
+live-config-systemd
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
new file mode 100644
index 0000000..f952ab0
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
@@ -0,0 +1,2 @@
+task-english
+task-german
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
new file mode 100644
index 0000000..2c90ba9
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
@@ -0,0 +1,100 @@
+#
+# This file is linked to all desktop configurations.
+# Put desktop specific packages in the desktop specific file.
+#
+#webext-ublock-origin-firefox
+#webext-ublock-origin-chromium
+webext-ublock-origin
+webext-privacy-badger
+
+vim
+emacs
+vlc
+gimp
+inkscape
+bluefish
+
+openboard
+xournal
+
+freecad
+librecad
+kicad
+
+git
+mc
+tmux
+wireshark
+nmap
+netcat-openbsd
+net-tools
+thonny
+spyder
+ghex
+
+codeblocks
+gprolog
+qtcreator
+obs-studio
+
+mu-editor
+dia
+vym
+shellcheck
+xterm
+
+tree
+console-setup
+virt-manager
+sway
+
+task-german-desktop
+
+ssh-askpass-gnome
+keepassxc
+
+#nextcloud-desktop
+#nautilus-nextcloud
+#thunderbird
+#thunderbird-l10n-de
+
+#texlive
+#texlive-latex-extra
+#texlive-lang-german
+#texlive-science
+
+pdf-presenter-console
+
+libreoffice/bullseye-backports
+libreoffice-core/bullseye-backports
+libreoffice-common/bullseye-backports
+libreoffice-writer/bullseye-backports
+libreoffice-calc/bullseye-backports
+libreoffice-impress/bullseye-backports
+libreoffice-base/bullseye-backports
+libreoffice-base-drivers/bullseye-backports
+libreoffice-math/bullseye-backports
+libreoffice-report-builder-bin/bullseye-backports
+libreoffice-style-colibre/bullseye-backports
+libreoffice-gnome/bullseye-backports
+libreoffice-gtk3/bullseye-backports
+libreoffice-style-elementary/bullseye-backports
+libreoffice-help-common/bullseye-backports
+libreoffice-help-de/bullseye-backports
+libreoffice-java-common/bullseye-backports
+libreoffice-l10n-de/bullseye-backports
+libreoffice-nlpsolver/bullseye-backports
+libreoffice-report-builder/bullseye-backports
+libreoffice-script-provider-bsh/bullseye-backports
+libreoffice-script-provider-js/bullseye-backports
+libreoffice-script-provider-python/bullseye-backports
+libreoffice-sdbc-firebird/bullseye-backports
+libreoffice-sdbc-hsqldb/bullseye-backports
+libreoffice-sdbc-mysql/bullseye-backports
+libreoffice-sdbc-postgresql/bullseye-backports
+libreoffice-wiki-publisher/bullseye-backports
+
+python3-uno/bullseye-backports
+libuno-sal3/bullseye-backports
+fonts-opensymbol/bullseye-backports
+ure/bullseye-backports
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
new file mode 100644
index 0000000..094fbcf
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
@@ -0,0 +1,4 @@
+! Packages Priority standard
+
+task-laptop
+task-ssh-server
diff --git a/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot b/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
new file mode 100644
index 0000000..f885636
--- /dev/null
+++ b/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
@@ -0,0 +1 @@
+wireshark-common wireshark-common/install-setuid boolean true
diff --git a/roles/edulive/handlers/main.yml b/roles/edulive/handlers/main.yml
new file mode 100644
index 0000000..e56de9a
--- /dev/null
+++ b/roles/edulive/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: run the image build script
+  command:
+    cmd: livebuilder.sh
+  listen: run build script
diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
new file mode 100644
index 0000000..7da654e
--- /dev/null
+++ b/roles/edulive/tasks/main.yml
@@ -0,0 +1,66 @@
+---
+- name: install packages
+  apt:
+    name:
+      - live-build
+    state: latest # noqa package-latest
+
+- name: prepare live-build directory
+  file:
+    path: "{{ build_dir }}"
+    state: directory
+    mode: 0755
+
+- name: copy build script
+  template:
+    src: livebuilder.sh
+    dest: /usr/local/sbin/
+    mode: 0755
+
+- name: copy live-build configuration
+  copy:
+    src: "{{ item }}"
+    dest: "{{ build_dir }}"
+    local_follow: false
+    mode: preserve
+  loop: "{{ build_images }}"
+  notify: run build script
+
+- name: prepare debian live nfs boot entry title
+  lineinfile:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    insertafter: '-- Customized Boot Entries --'
+    line: "item {{ item }} Debian GNU/Linux {{ item }} NFS"
+  loop:
+    "{{ build_images }}"
+  notify: rebuild di-netboot menu
+
+- name: prepare debian live boot loader ipxe
+  blockinfile:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
+    block: |
+      :{{ item }}
+          echo Booting Debian GNU/Linux EDU LIVE
+          kernel ${210:string}d-i/n-live/{{ item }}/live/vmlinuz \
+          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
+          initrd ${210:string}d-i/n-live/{{ item }}/live/initrd.img
+          boot
+  loop: "{{ build_images }}"
+  notify: rebuild di-netboot menu
+
+- name: prepare debian live boot loader grub
+  blockinfile:
+    path: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: "^menuentry 'Boot from local disk..'"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
+    block: |
+      menuentry 'Debian GNU/Linux Live {{ item }}' {
+          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item }}/live/vmlinuz \
+          {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
+          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item }}/live/initrd.img
+      }
+  loop: "{{ build_images }}"
+  notify: rebuild di-netboot menu
diff --git a/roles/edulive/templates/livebuilder.sh b/roles/edulive/templates/livebuilder.sh
new file mode 100644
index 0000000..d8ef679
--- /dev/null
+++ b/roles/edulive/templates/livebuilder.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/bash
+#
+# build live images and copy kernel, initramfs and squashfs
+#
+
+set -eu
+
+BUILDD="{{ build_dir }}"
+
+run_build(){
+    local DEST="/var/lib/tftpboot/d-i/n-live/$1/live/"
+    cd "$BUILDD/$1"
+    [[ -d "$DEST" ]] || mkdir -vp "$DEST"
+
+    lb clean && lb config && lb build
+
+    for FILE in vmlinuz initrd.img filesystem.squashfs ; do
+        ln -vf "$BUILDD/$1/binary/live/$FILE" "$DEST"
+    done
+}
+
+## main:
+
+for IMG in {{ build_images|join(' ') }} ; do
+    echo "=========== Building image $IMG ==========="
+    run_build $IMG
+done
diff --git a/roles/edulive/templates/main.yml b/roles/edulive/templates/main.yml
new file mode 100644
index 0000000..cd5450e
--- /dev/null
+++ b/roles/edulive/templates/main.yml
@@ -0,0 +1,54 @@
+---
+- name: install packages
+  apt:
+    name:
+      - live-build
+    state: latest # noqa package-latest
+
+- name: prepare live-build directory
+  file:
+    path: /opt/live-build/
+    state: directory
+    mode: 0755
+
+- name: copy build script
+  template:
+    src: livebuilder.sh
+    dest: /usr/local/sbin/
+    mode: 0755
+    
+- name: copy live-build configuration
+  copy:
+    src: gnome-edu
+    dest: /opt/live-build/
+    local_follow: false
+  notify: build image
+
+- name: prepare debian live boot loader ipxe
+  blockinfile:
+    path: /etc/di-netboot-assistant/ipxemenu.HEAD
+    marker: "# {mark} ANSIBLE MANAGED BLOCK gnome-edu"
+    block: |
+      :gnome-edu
+          echo Booting Debian GNU/Linux EDU LIVE
+          kernel ${210:string}d-i/n-live/gnome-edu/live/vmlinuz \
+          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/gnome-edu/
+          initrd ${210:string}d-i/n-live/gnome-edu/live/initrd.img
+          boot
+  notify: rebuild di-netboot menu
+
+- name: prepare debian live boot loader grub
+  blockinfile:
+    path: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: "^menuentry 'Boot from local disk..'"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK gnome-edu"
+    block: |
+      menuentry 'Debian GNU/Linux Live gnome-edu' {
+          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/gnome-edu/live/vmlinuz \
+          {{ boot_params|join(' ') }} \
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/gnome-edu/
+          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/gnome-edu/live/initrd.img
+      }
+  notify: rebuild di-netboot menu
+

From b413e944cea449476fdbca641e292a6321027107 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jun 2022 10:08:55 +0200
Subject: [PATCH 217/504] Make sure ansible is not run without a defined
 playbook.

---
 roles/prepare4clients/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
index bf89fc1..9b1415c 100644
--- a/roles/prepare4clients/tasks/main.yml
+++ b/roles/prepare4clients/tasks/main.yml
@@ -53,7 +53,7 @@
       echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
       in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
       in-target chmod -R og= /home/ansible/.ssh/ ; \
-      in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
+      [ -z "$playbook" ] || in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
                              -i localhost, --url=git://{{ ansible_hostname }}/.git $playbook
     marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
 

From 280f42ae0b0a486bf75f2d6bc7f0ab85c7798556 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jun 2022 11:58:49 +0200
Subject: [PATCH 218/504] Make use of auto-apt-proxy to use local proxy.

---
 roles/aptcacher/tasks/main.yml | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/roles/aptcacher/tasks/main.yml b/roles/aptcacher/tasks/main.yml
index 64f56ed..b1f0ae3 100644
--- a/roles/aptcacher/tasks/main.yml
+++ b/roles/aptcacher/tasks/main.yml
@@ -1,17 +1,10 @@
 - name: install apt-cacher-ng package
   apt:
-    name: apt-cacher-ng
+    name:
+      - apt-cacher-ng
+      - auto-apt-proxy
     state: latest # noqa package-latest
 
-- name: enable apt-cacher-ng for localhost
-  copy:
-    src: apt.conf
-    dest: /etc/apt/apt.conf
-    force: false
-    mode: 0644
-  notify: "start apt-cacher-ng"
-  when: not run_in_installer|default(false)|bool  ## do not enable apt-cacher during installation
-
 - name: check if preseeded installer is available
   stat: path={{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg
   register: preseedcfg

From 93f9565c5513f8bd837eb40305149e1ea55361f3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jun 2022 12:59:09 +0200
Subject: [PATCH 219/504] Continue eliminating hardcoded apt-proxy.

---
 edubox.yml                         | 10 +++-------
 roles/aptcacher/files/apt.conf     |  1 -
 roles/educontainer/tasks/setup.yml |  5 ++---
 3 files changed, 5 insertions(+), 11 deletions(-)
 delete mode 100644 roles/aptcacher/files/apt.conf

diff --git a/edubox.yml b/edubox.yml
index 5bcea15..a850c29 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -51,15 +51,11 @@
   pre_tasks:
     - name: install apt-cacher-ng
       apt:
-        name: apt-cacher-ng
+        name:
+          - apt-cacher-ng
+          - auto-apt-proxy
         state: latest # noqa package-latest
 
-    - name: enable apt-cacher-ng
-      lineinfile:
-        path: /etc/apt/apt.conf.d/30proxy
-        line: 'Acquire::http::Proxy "http://localhost:3142/";'
-        create: true
-
     - name: enable and start systemd-networkd on the host
       systemd:
         name: systemd-networkd
diff --git a/roles/aptcacher/files/apt.conf b/roles/aptcacher/files/apt.conf
deleted file mode 100644
index d5e98b3..0000000
--- a/roles/aptcacher/files/apt.conf
+++ /dev/null
@@ -1 +0,0 @@
-Acquire::http::Proxy "http://localhost:3142";
diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
index 4296a72..aa117ee 100644
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@@ -5,6 +5,7 @@
     name:
       - systemd-container
       - debootstrap
+      - auto-apt-proxy
     state: latest # noqa package-latest
 
 - name: prepare machine directory
@@ -16,15 +17,13 @@
 - name: debootstrap base system
   command:
     cmd: >
-      debootstrap
+      auto-apt-proxy debootstrap
       --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
       --components=main,contrib,non-free stable
       {{ contname }}00 http://deb.debian.org/debian
   args:
     chdir: /var/lib/machines/
     creates: /var/lib/machines/{{ contname }}00
-  environment:
-    http_proxy: "{{ '' if run_in_installer|default(false) else 'http://localhost:3142' }}"
   notify: enable and restart containers
 
 - name: provide complete apt sources

From c7f7977622e6dba5f3e68e073d310b0690b5153b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Sun, 26 Jun 2022 12:44:07 +0200
Subject: [PATCH 220/504] Bail out if apt-proxy fails.

---
 roles/edulive/templates/livebuilder.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/edulive/templates/livebuilder.sh b/roles/edulive/templates/livebuilder.sh
index d8ef679..92f7aab 100644
--- a/roles/edulive/templates/livebuilder.sh
+++ b/roles/edulive/templates/livebuilder.sh
@@ -21,6 +21,11 @@ run_build(){
 
 ## main:
 
+if ! auto-apt-proxy | grep -q 'http://127.0.0.1:3142' ; then
+    echo "Cannot find the local apt proxy needed to build live images."
+    exit 1
+fi
+
 for IMG in {{ build_images|join(' ') }} ; do
     echo "=========== Building image $IMG ==========="
     run_build $IMG

From e99732634ed0d47f7819e1841be0ee91ba74b40e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 6 Jul 2022 17:37:46 +0200
Subject: [PATCH 221/504] Fix mount failure during installation
 (preseed/late_command).

---
 roles/debianlive/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index bdbdff8..b6bf005 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -24,6 +24,19 @@
     state: mounted
   loop:
     "{{ live_images }}"
+  when: not run_in_installer|default(false)|bool
+  notify: rebuild di-netboot menu
+
+- name: loop mount iso images after reboot
+  mount:
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
+    src: "/var/cache/di-netboot-assistant/{{ item.iso }}"
+    fstype: iso9660
+    opts: loop,ro,nofail
+    state: present
+  loop:
+    "{{ live_images }}"
+  when: run_in_installer|default(false)|bool
   notify: rebuild di-netboot menu
 
 - name: prepare http downloads

From feaf22a28b8b6ed0285e534a0f8bc090f3935be0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 6 Jul 2022 18:52:56 +0200
Subject: [PATCH 222/504] Do not build image during ansible run, it is too
 fragile.

---
 roles/edulive/tasks/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
index 7da654e..6d8c562 100644
--- a/roles/edulive/tasks/main.yml
+++ b/roles/edulive/tasks/main.yml
@@ -24,7 +24,6 @@
     local_follow: false
     mode: preserve
   loop: "{{ build_images }}"
-  notify: run build script
 
 - name: prepare debian live nfs boot entry title
   lineinfile:

From 68958b237179ce8296cb64873a1c4db06b4f1c8c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 6 Jul 2022 19:49:17 +0200
Subject: [PATCH 223/504] Show use of NFS in boot entries.

---
 roles/debianlive/tasks/main.yml | 4 ++--
 roles/edulive/tasks/main.yml    | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index b6bf005..8453fd3 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -97,7 +97,7 @@
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
     block: |
       :{{ item.item.name }}
-          echo Booting Debian GNU/Linux {{ item.item.name }}
+          echo Booting Debian GNU/Linux {{ item.item.name }} NFS
           kernel ${210:string}d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
           initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
@@ -113,7 +113,7 @@
     insertbefore: "^menuentry 'Boot from local disk..'"
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
     block: |
-      menuentry 'Debian GNU/Linux Live {{ item.item.name }}' {
+      menuentry 'Debian GNU/Linux Live {{ item.item.name }} NFS' {
           linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
           {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
index 6d8c562..f6c9c5e 100644
--- a/roles/edulive/tasks/main.yml
+++ b/roles/edulive/tasks/main.yml
@@ -40,7 +40,7 @@
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
     block: |
       :{{ item }}
-          echo Booting Debian GNU/Linux EDU LIVE
+          echo Booting Debian GNU/Linux EDU LIVE NFS
           kernel ${210:string}d-i/n-live/{{ item }}/live/vmlinuz \
           initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
@@ -55,7 +55,7 @@
     insertbefore: "^menuentry 'Boot from local disk..'"
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
     block: |
-      menuentry 'Debian GNU/Linux Live {{ item }}' {
+      menuentry 'Debian GNU/Linux Live {{ item }} NFS' {
           linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item }}/live/vmlinuz \
           {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/

From 66b1abe5212f78bb5a3b7412003305a54bc419de Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 6 Jul 2022 20:30:55 +0200
Subject: [PATCH 224/504] Update in any case, i.e. IP address change.

---
 roles/debianlive/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 8453fd3..5cbe8e6 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -57,8 +57,8 @@
     regexp: "{{ item.reg }}"
     replace: "{{ item.rep }}"
   loop:
-    - reg: '^(set 210:string tftp://\${next-server}/)$'
-      rep: '#\1\nset 210:string http://{{ ansible_default_ipv4.address }}/'
+    - reg: '^set 210:string .+$'
+      rep: 'set 210:string http://{{ ansible_default_ipv4.address }}/'
     - reg: '^#(item --gap -- -- Customized Boot Entries.*)$'
       rep: '\1'
   notify: rebuild di-netboot menu

From 67d5fc22da1aa0f28ed8c9888dc22b1cd7cea597 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 7 Jul 2022 16:14:58 +0200
Subject: [PATCH 225/504] Better fix for 77703a9d.

---
 roles/debianlive/tasks/main.yml | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 5cbe8e6..11a7f0a 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -15,6 +15,11 @@
   loop:
     "{{ live_images }}"
 
+- name: make sure loop module is loaded
+  modprobe:
+    name: loop
+    state: present
+
 - name: loop mount iso images
   mount:
     path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
@@ -24,19 +29,6 @@
     state: mounted
   loop:
     "{{ live_images }}"
-  when: not run_in_installer|default(false)|bool
-  notify: rebuild di-netboot menu
-
-- name: loop mount iso images after reboot
-  mount:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
-    src: "/var/cache/di-netboot-assistant/{{ item.iso }}"
-    fstype: iso9660
-    opts: loop,ro,nofail
-    state: present
-  loop:
-    "{{ live_images }}"
-  when: run_in_installer|default(false)|bool
   notify: rebuild di-netboot menu
 
 - name: prepare http downloads

From adaa730c0718d5d28ff2526fd48a0785b05a4d76 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 7 Jul 2022 19:18:48 +0200
Subject: [PATCH 226/504] Fixes for customized live image build.

---
 livebox.yml                                                   | 1 +
 .../files/gnome-edu/config/package-lists/desktop.list.chroot  | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/livebox.yml b/livebox.yml
index 771607b..76b9af6 100644
--- a/livebox.yml
+++ b/livebox.yml
@@ -29,6 +29,7 @@
     extra_pkgs_bpo:
       - atftpd
       - di-netboot-assistant
+      - apt-cacher-ng
 
     live_images:
       - iso: 'debian-live-11.3.0-amd64-gnome+nonfree.iso'
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
index 705dc8f..86881fe 100644
--- a/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
+++ b/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
@@ -8,4 +8,6 @@ plymouth-x11
 
 gstreamer1.0-vaapi
 i965-va-driver
-auto-apt-proxy
+
+## this confuses apt-cacher-ng:
+#auto-apt-proxy

From 62931a927fca3f63c8097efb61d426b9d9183d4e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Thu, 7 Jul 2022 19:45:47 +0200
Subject: [PATCH 227/504] Update customized live image weekly.

---
 roles/edulive/files/livebuilder.service |  6 ++++++
 roles/edulive/files/livebuilder.timer   | 11 +++++++++++
 roles/edulive/handlers/main.yml         |  7 +++++++
 roles/edulive/tasks/main.yml            | 10 ++++++++++
 4 files changed, 34 insertions(+)
 create mode 100644 roles/edulive/files/livebuilder.service
 create mode 100644 roles/edulive/files/livebuilder.timer

diff --git a/roles/edulive/files/livebuilder.service b/roles/edulive/files/livebuilder.service
new file mode 100644
index 0000000..ccb12d2
--- /dev/null
+++ b/roles/edulive/files/livebuilder.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Run livebuilder script
+
+[Service]
+Type=simple
+ExecStart=/usr/local/sbin/livebuilder.sh
diff --git a/roles/edulive/files/livebuilder.timer b/roles/edulive/files/livebuilder.timer
new file mode 100644
index 0000000..3051305
--- /dev/null
+++ b/roles/edulive/files/livebuilder.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run livebuilder script weekly
+
+[Timer]
+OnCalendar=weekly
+Persistent=true
+AccuracySec=3h
+RandomizedDelaySec=3h
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/edulive/handlers/main.yml b/roles/edulive/handlers/main.yml
index e56de9a..30aee83 100644
--- a/roles/edulive/handlers/main.yml
+++ b/roles/edulive/handlers/main.yml
@@ -3,3 +3,10 @@
   command:
     cmd: livebuilder.sh
   listen: run build script
+
+- name: enable timer for livebuilder
+  systemd:
+    name: livebuilder.timer
+    state: started
+    enabled: true
+  listen: enable livebuilder.timer
diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
index f6c9c5e..b9dcecf 100644
--- a/roles/edulive/tasks/main.yml
+++ b/roles/edulive/tasks/main.yml
@@ -17,6 +17,16 @@
     dest: /usr/local/sbin/
     mode: 0755
 
+- name: provide service and timer for livebuilder
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
+  with_items:
+    - livebuilder.service
+    - livebuilder.timer
+  notify: "enable livebuilder.timer"
+
 - name: copy live-build configuration
   copy:
     src: "{{ item }}"

From e61a8b899cac0838d6121b4336a0bd6fdda80b8f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 11 Jul 2022 18:45:27 +0200
Subject: [PATCH 228/504] Modify line if it exists.

---
 roles/debianlive/tasks/main.yml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 11a7f0a..4241ba5 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -58,10 +58,13 @@
 - name: configure grub boot menu addresses
   lineinfile:
     path: /etc/di-netboot-assistant/grub.cfg.HEAD
-    line: "{{ item }}"
+    line: "{{ item.line }}"
+    regexp: "{{ item.reg }}"
   loop:
-    - "set root=(http,{{ ansible_default_ipv4.address }})"
-    - "set pxe_default_server={{ ansible_default_ipv4.address }}"
+    - line: "set root=(http,{{ ansible_default_ipv4.address }})"
+      reg: "^set root="
+    - line: "set pxe_default_server={{ ansible_default_ipv4.address }}"
+      reg: "^set pxe_default_server="
   notify: rebuild di-netboot menu
 
 - name: prepare debian live nfs boot entry title

From 291866eb93c72c6b74f8fd108dc722392a591c08 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Mon, 11 Jul 2022 18:50:38 +0200
Subject: [PATCH 229/504] Find latest ISO images automatically.

---
 livebox.yml                     | 29 ++++++++++++-----
 roles/debianlive/tasks/main.yml | 55 +++++++++++++++++++--------------
 2 files changed, 53 insertions(+), 31 deletions(-)

diff --git a/livebox.yml b/livebox.yml
index 76b9af6..81d0916 100644
--- a/livebox.yml
+++ b/livebox.yml
@@ -31,14 +31,12 @@
       - di-netboot-assistant
       - apt-cacher-ng
 
-    live_images:
-      - iso: 'debian-live-11.3.0-amd64-gnome+nonfree.iso'
-        name: 'gnome'
-      - iso: 'debian-live-11.3.0-amd64-kde+nonfree.iso'
-        name: 'kde'
-      - iso: 'debian-live-11.3.0-amd64-standard+nonfree.iso'
-        name: 'standard-cli'
-    live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/11.3.0-live+nonfree/amd64/iso-hybrid/'
+    live_desktop:
+      - gnome
+      - kde
+      - standard
+
+    live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/current-live/amd64/iso-hybrid/'
 
     # The edulive role generates customized Debian-Live images.
     # Make sure you have sufficient disk space available (~30GiB?).
@@ -68,6 +66,21 @@
         value: /var/lib/tftpboot
         vtype: string
 
+    - name: find available iso images
+      uri:
+        url: "{{ live_url }}"
+        return_content: true
+      register: idx
+
+    - name: find and set ISO image version
+      set_fact:
+        version: "{{ idx.content | regex_findall('debian-live-(\\d+\\.\\d+\\.\\d+)-amd64-', '\\1') | first }}"
+
+    - name: define ISO image map
+      set_fact:
+        live_iso: "{{ live_iso | default({}) | combine({ item: 'debian-live-' + version + '-amd64-' + item + '+nonfree.iso' }) }}"
+      loop: "{{ live_desktop }}"
+
   roles:
     - up2date_debian
     - netbootinstaller
diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 4241ba5..8b8708f 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -1,19 +1,28 @@
 ---
 - name: download debian-live images
   get_url:
-    url: "{{ live_url }}{{ item.iso }}"
-    dest: "/var/cache/di-netboot-assistant/{{ item.iso }}"
+    url: "{{ live_url }}{{ item.value }}"
+    dest: "/var/cache/di-netboot-assistant/{{ item.value }}"
     checksum: "sha256:{{ live_url }}/SHA256SUMS"
+  register: new_iso
   loop:
-    "{{ live_images }}"
+    "{{ live_iso | dict2items }}"
+
+- name: umount old iso images
+  mount:
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
+    state: unmounted
+  loop:
+    "{{ live_iso | dict2items }}"
+  when: new_iso.changed
 
 - name: prepare live image directory
   file:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
     state: directory
     mode: 0755
   loop:
-    "{{ live_images }}"
+    "{{ live_iso | dict2items }}"
 
 - name: make sure loop module is loaded
   modprobe:
@@ -22,13 +31,13 @@
 
 - name: loop mount iso images
   mount:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
-    src: "/var/cache/di-netboot-assistant/{{ item.iso }}"
+    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
+    src: "/var/cache/di-netboot-assistant/{{ item.value }}"
     fstype: iso9660
     opts: loop,ro,nofail
     state: mounted
   loop:
-    "{{ live_images }}"
+    "{{ live_iso | dict2items }}"
   notify: rebuild di-netboot menu
 
 - name: prepare http downloads
@@ -71,32 +80,32 @@
   lineinfile:
     path: /etc/di-netboot-assistant/ipxemenu.HEAD
     insertafter: '-- Customized Boot Entries --'
-    line: "item {{ item.name }} Debian GNU/Linux {{ item.name }} NFS"
+    line: "item {{ item.key }} Debian GNU/Linux {{ item.key }} NFS"
   loop:
-    "{{ live_images }}"
+    "{{ live_iso | dict2items }}"
   notify: rebuild di-netboot menu
 
 - name: find kernel version
   shell:
     cmd: >-
-      basename /var/lib/tftpboot/d-i/n-live/{{ item.name }}/live/vmlinuz*
+      basename /var/lib/tftpboot/d-i/n-live/{{ item.key }}/live/vmlinuz*
       | sed "s/vmlinuz-//"
   register: images
   changed_when: false
   loop:
-    "{{ live_images }}"
+    "{{ live_iso | dict2items }}"
 
 - name: prepare debian live boot loader ipxe
   blockinfile:
     path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.key }}"
     block: |
-      :{{ item.item.name }}
-          echo Booting Debian GNU/Linux {{ item.item.name }} NFS
-          kernel ${210:string}d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
+      :{{ item.item.key }}
+          echo Booting Debian GNU/Linux {{ item.item.key }} NFS
+          kernel ${210:string}d-i/n-live/{{ item.item.key }}/live/vmlinuz-{{ item.stdout }} \
           initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
-          initrd ${210:string}d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.key }}/
+          initrd ${210:string}d-i/n-live/{{ item.item.key }}/live/initrd.img-{{ item.stdout }}
           boot
   loop:
     "{{ images.results }}"
@@ -106,13 +115,13 @@
   blockinfile:
     path: /etc/di-netboot-assistant/grub.cfg.HEAD
     insertbefore: "^menuentry 'Boot from local disk..'"
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.key }}"
     block: |
-      menuentry 'Debian GNU/Linux Live {{ item.item.name }} NFS' {
-          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
+      menuentry 'Debian GNU/Linux Live {{ item.item.key }} NFS' {
+          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.key }}/live/vmlinuz-{{ item.stdout }} \
           {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
-          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
+          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.key }}/
+          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.key }}/live/initrd.img-{{ item.stdout }}
       }
   loop:
     "{{ images.results }}"

From d9d36d5c9234e54c035f36c5c6af87ce7a01af1a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Tue, 12 Jul 2022 22:03:26 +0200
Subject: [PATCH 230/504] Fix/remove leftover.

---
 roles/debianlive/tasks/main.yml  |  2 +-
 roles/edulive/tasks/main.yml     |  2 +-
 roles/edulive/templates/main.yml | 54 --------------------------------
 3 files changed, 2 insertions(+), 56 deletions(-)
 delete mode 100644 roles/edulive/templates/main.yml

diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
index 8b8708f..1def349 100644
--- a/roles/debianlive/tasks/main.yml
+++ b/roles/debianlive/tasks/main.yml
@@ -103,7 +103,7 @@
       :{{ item.item.key }}
           echo Booting Debian GNU/Linux {{ item.item.key }} NFS
           kernel ${210:string}d-i/n-live/{{ item.item.key }}/live/vmlinuz-{{ item.stdout }} \
-          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
+          initrd=initrd.img-{{ item.stdout }} {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.key }}/
           initrd ${210:string}d-i/n-live/{{ item.item.key }}/live/initrd.img-{{ item.stdout }}
           boot
diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
index b9dcecf..4ffb7c8 100644
--- a/roles/edulive/tasks/main.yml
+++ b/roles/edulive/tasks/main.yml
@@ -52,7 +52,7 @@
       :{{ item }}
           echo Booting Debian GNU/Linux EDU LIVE NFS
           kernel ${210:string}d-i/n-live/{{ item }}/live/vmlinuz \
-          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
+          initrd=initrd.img {{ boot_params|join(' ') }} \
           nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
           initrd ${210:string}d-i/n-live/{{ item }}/live/initrd.img
           boot
diff --git a/roles/edulive/templates/main.yml b/roles/edulive/templates/main.yml
deleted file mode 100644
index cd5450e..0000000
--- a/roles/edulive/templates/main.yml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-- name: install packages
-  apt:
-    name:
-      - live-build
-    state: latest # noqa package-latest
-
-- name: prepare live-build directory
-  file:
-    path: /opt/live-build/
-    state: directory
-    mode: 0755
-
-- name: copy build script
-  template:
-    src: livebuilder.sh
-    dest: /usr/local/sbin/
-    mode: 0755
-    
-- name: copy live-build configuration
-  copy:
-    src: gnome-edu
-    dest: /opt/live-build/
-    local_follow: false
-  notify: build image
-
-- name: prepare debian live boot loader ipxe
-  blockinfile:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    marker: "# {mark} ANSIBLE MANAGED BLOCK gnome-edu"
-    block: |
-      :gnome-edu
-          echo Booting Debian GNU/Linux EDU LIVE
-          kernel ${210:string}d-i/n-live/gnome-edu/live/vmlinuz \
-          initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/gnome-edu/
-          initrd ${210:string}d-i/n-live/gnome-edu/live/initrd.img
-          boot
-  notify: rebuild di-netboot menu
-
-- name: prepare debian live boot loader grub
-  blockinfile:
-    path: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: "^menuentry 'Boot from local disk..'"
-    marker: "# {mark} ANSIBLE MANAGED BLOCK gnome-edu"
-    block: |
-      menuentry 'Debian GNU/Linux Live gnome-edu' {
-          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/gnome-edu/live/vmlinuz \
-          {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/gnome-edu/
-          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/gnome-edu/live/initrd.img
-      }
-  notify: rebuild di-netboot menu
-

From a0503a347fd51a09e244dca2014c9e0ac09a52e4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 21 Mar 2022 08:13:41 +0100
Subject: [PATCH 231/504] Generate more containers.

---
 edubox.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/edubox.yml b/edubox.yml
index a850c29..76b188c 100644
--- a/edubox.yml
+++ b/edubox.yml
@@ -32,7 +32,7 @@
     ## leave empty to log in without password:
     contpwd: ""
     ## Adjust the number of containers here:
-    containers: "{{ range(0, 9 + 1) | list }}"
+    containers: "{{ range(0, 49 + 1) | list }}"
     ## Additional packages to be installed in the container:
     cont_packages_extra:
       - bind9-dnsutils

From 47df035a3ebb6bdaa73265258d63b3af40f09f7b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 2 Jun 2022 08:41:56 +0200
Subject: [PATCH 232/504] Add more packages to fvs- desktop.

---
 fvs-desktop.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fvs-desktop.yml b/fvs-desktop.yml
index 16fa1dd..d4ca258 100644
--- a/fvs-desktop.yml
+++ b/fvs-desktop.yml
@@ -10,11 +10,15 @@
       - webext-ublock-origin
       - vim
       - emacs
+      - elpa-magit
+      - elpa-color-theme-modern
       - vlc
       - gimp
       - inkscape
       - bluefish
       - git
+      - gitk
+      - gitg
       - mc
       - tmux
       - wireshark
@@ -23,6 +27,7 @@
       - net-tools
       - ghex
       - thonny
+      - spyder
       - mu-editor
       - dia
       - vym
@@ -30,7 +35,7 @@
       - console-setup
       - virt-manager
       - libreoffice-l10n-de
-    extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
+    extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:

From fd7f34e3809fa46e1d0fb49b2d35a411e2fc6438 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 2 Jun 2022 11:01:56 +0200
Subject: [PATCH 233/504] Add user 'virti' to run libvirt VMs.

---
 fvs-desktop.yml                | 10 ++++++++++
 roles/fvs-mount/tasks/main.yml |  6 +++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/fvs-desktop.yml b/fvs-desktop.yml
index d4ca258..07aa8f3 100644
--- a/fvs-desktop.yml
+++ b/fvs-desktop.yml
@@ -46,3 +46,13 @@
     ## Choose either gnome or KDE:
     - gnome
     #- kde
+
+  tasks:
+    - name: Add local user 'virti' in the 'libvirt' group
+      ansible.builtin.user:
+        name: virti
+        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
+        comment: Libvirt VM User,,,
+        shell: /bin/bash
+        groups: libvirt
+        append: yes
diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
index 76520e2..6b84542 100644
--- a/roles/fvs-mount/tasks/main.yml
+++ b/roles/fvs-mount/tasks/main.yml
@@ -17,7 +17,7 @@
         mountpoint="/home/%(USER)"
         options="allow_other,default_permissions,reconnect,password_stdin"
         ssh="0" noroot="0"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
 
       <volume
         fstype="cifs"
@@ -25,7 +25,7 @@
         path="{{ smb_home }}"
         mountpoint="/media/%(USER)/winhome"
         options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
 
       <volume
         fstype="cifs"
@@ -33,7 +33,7 @@
         path="{{ smb_share }}"
         mountpoint="/media/%(USER)/winshare"
         options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
 - name: make sure .ssh exists

From 147fddc7722b18c0df0170ac6be6a938e2842ade Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 25 Jul 2022 09:06:50 +0200
Subject: [PATCH 234/504] Fix renamed role.

---
 fvs-desktop.yml     | 2 +-
 fvs-home-server.yml | 2 +-
 fvs-vm-server.yml   | 2 +-
 fvs-www-server.yml  | 2 +-
 minimal-krb5.yml    | 2 +-
 minimal.yml         | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/fvs-desktop.yml b/fvs-desktop.yml
index 07aa8f3..a97a744 100644
--- a/fvs-desktop.yml
+++ b/fvs-desktop.yml
@@ -39,7 +39,7 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
-    - up2date-debian
+    - up2date_debian
     - fvs-sssd
     - fvs-mount
     - fvs-client
diff --git a/fvs-home-server.yml b/fvs-home-server.yml
index 9ae178b..1369dd3 100644
--- a/fvs-home-server.yml
+++ b/fvs-home-server.yml
@@ -10,7 +10,7 @@
     extra_pkgs_bpo: [ ]  # [ libreoffice ]
 
   roles:
-    - up2date-debian
+    - up2date_debian
     - fvs-sssd
 
   tasks:
diff --git a/fvs-vm-server.yml b/fvs-vm-server.yml
index 90268cf..f8fe613 100644
--- a/fvs-vm-server.yml
+++ b/fvs-vm-server.yml
@@ -11,7 +11,7 @@
     extra_pkgs_bpo: [ ]  # [ libreoffice ]
 
   roles:
-    - up2date-debian
+    - up2date_debian
     - fvs-sssd
 
   tasks:
diff --git a/fvs-www-server.yml b/fvs-www-server.yml
index d7a690c..edf75e1 100644
--- a/fvs-www-server.yml
+++ b/fvs-www-server.yml
@@ -13,7 +13,7 @@
     extra_pkgs_bpo: [ ]  # [ libreoffice ]
 
   roles:
-    - up2date-debian
+    - up2date_debian
     - fvs-sssd
 
   tasks:
diff --git a/minimal-krb5.yml b/minimal-krb5.yml
index a7644c8..225abef 100644
--- a/minimal-krb5.yml
+++ b/minimal-krb5.yml
@@ -6,5 +6,5 @@
   remote_user: ansible
   become: true
   roles:
-    - up2date-debian
+    - up2date_debian
     - lan-client
diff --git a/minimal.yml b/minimal.yml
index 921b8db..9cdf982 100644
--- a/minimal.yml
+++ b/minimal.yml
@@ -6,4 +6,4 @@
   remote_user: ansible
   become: true
   roles:
-    - up2date-debian
+    - up2date_debian

From f4f0795e80ddc0b2da5ac14c888ab67264c99f0c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 22 Oct 2022 16:44:05 +0200
Subject: [PATCH 235/504] Implement home exam server.

---
 fvs-homex-server.yml                         | 17 +++++
 roles/exam_homes/files/archive-homes         | 23 ++++++
 roles/exam_homes/files/archive-homes.service |  6 ++
 roles/exam_homes/files/archive-homes.timer   | 11 +++
 roles/exam_homes/files/copy2students         | 26 +++++++
 roles/exam_homes/files/examode.py            | 75 ++++++++++++++++++++
 roles/exam_homes/files/fetchexam             | 23 ++++++
 roles/exam_homes/files/mkDownloads           | 12 ++++
 roles/exam_homes/handlers/main.yml           |  6 ++
 roles/exam_homes/tasks/main.yml              | 49 +++++++++++++
 10 files changed, 248 insertions(+)
 create mode 100644 fvs-homex-server.yml
 create mode 100755 roles/exam_homes/files/archive-homes
 create mode 100644 roles/exam_homes/files/archive-homes.service
 create mode 100644 roles/exam_homes/files/archive-homes.timer
 create mode 100755 roles/exam_homes/files/copy2students
 create mode 100755 roles/exam_homes/files/examode.py
 create mode 100755 roles/exam_homes/files/fetchexam
 create mode 100755 roles/exam_homes/files/mkDownloads
 create mode 100644 roles/exam_homes/handlers/main.yml
 create mode 100644 roles/exam_homes/tasks/main.yml

diff --git a/fvs-homex-server.yml b/fvs-homex-server.yml
new file mode 100644
index 0000000..28d4ada
--- /dev/null
+++ b/fvs-homex-server.yml
@@ -0,0 +1,17 @@
+## This playbook deploys a FvS homex server machine.
+---
+- name: apply configuration to the homex server
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+      - systemd-journal-remote
+      - python3-ldap
+    extra_pkgs_bpo: [ ]
+
+  roles:
+    - up2date_debian
+    - fvs-sssd
+    - exam_homes
diff --git a/roles/exam_homes/files/archive-homes b/roles/exam_homes/files/archive-homes
new file mode 100755
index 0000000..b5932dc
--- /dev/null
+++ b/roles/exam_homes/files/archive-homes
@@ -0,0 +1,23 @@
+#!/usr/bin/bash
+#
+# Backup and remove all student home directories.
+
+set -eu
+
+HDIRS='/home/'
+DIRS=()
+
+for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
+    H="$(basename $DIR)"
+    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
+	echo "Skipping home of '$H'."
+	continue
+    fi
+    DIRS+=("$DIR") 
+done
+[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
+
+tar czf "/var/backups/homes_$(date -I).tar.gz" -C "$HDIRS" \
+    -P --transform="s%$HDIRS%%" "${DIRS[@]}"
+rm -rf "${DIRS[@]}"
+echo "Archived and removed: ${DIRS[@]}"
diff --git a/roles/exam_homes/files/archive-homes.service b/roles/exam_homes/files/archive-homes.service
new file mode 100644
index 0000000..311a449
--- /dev/null
+++ b/roles/exam_homes/files/archive-homes.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Archive students' home directories
+
+[Service]
+Type=simple
+ExecStart=/usr/local/sbin/archive-homes
diff --git a/roles/exam_homes/files/archive-homes.timer b/roles/exam_homes/files/archive-homes.timer
new file mode 100644
index 0000000..829e8f0
--- /dev/null
+++ b/roles/exam_homes/files/archive-homes.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run archive script every night
+
+[Timer]
+OnCalendar=daily
+Persistent=true
+AccuracySec=3h
+RandomizedDelaySec=3h
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/exam_homes/files/copy2students b/roles/exam_homes/files/copy2students
new file mode 100755
index 0000000..ad501c8
--- /dev/null
+++ b/roles/exam_homes/files/copy2students
@@ -0,0 +1,26 @@
+#!/usr/bin/bash
+#
+# Copy content to all student home download directories.
+
+set -eu
+if [[ -z $@ ]] ; then
+    echo "Argument missing!"
+    exit 1
+fi
+
+HDIRS='/home/'
+DIRS=()
+
+for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
+    H="$(basename $DIR)"
+    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
+	echo "Skipping home of '$H'."
+	continue
+    fi
+    DIRS+=("$DIR")
+done
+[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
+
+for DIR in "${DIRS[@]}" ; do
+    cp -va $@ "$DIR/Downloads/"
+done
diff --git a/roles/exam_homes/files/examode.py b/roles/exam_homes/files/examode.py
new file mode 100755
index 0000000..459ef35
--- /dev/null
+++ b/roles/exam_homes/files/examode.py
@@ -0,0 +1,75 @@
+#!/usr/bin/python3
+
+import ldap
+from os import scandir
+
+HOME = '/home'
+BASE  = 'ou=schueler,ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3'
+#BASE  = 'ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3'
+LDAP = 'ldap://ldap.steinbeisschule-reutlingen.de'
+
+def fetch_ou(uid):
+    l = ldap.initialize(LDAP)
+    f = '(uid=' + uid + ')'
+    try:
+        return l.search_s(BASE,ldap.SCOPE_SUBTREE,f,['ou'])[0][1]['ou'][0].decode('utf-8')
+    except:
+        return None
+
+def fetch_uids(crs):
+    uids = []
+    l = ldap.initialize(LDAP)
+    #    if 'Abgang' in crs:
+    #        b = 'ou=Abgang,' + BASE
+    #    else:
+    #        b = 'ou=' + crs + ',' + BASE
+    b = BASE
+    r = l.search_s(b,ldap.SCOPE_SUBTREE,'(ou=' + crs + ')',['uid'])
+    for dn,entry in r:
+        if entry != {}:
+            uids.append(entry['uid'][0].decode('utf-8'))
+    return uids
+
+def assign_course(user, crs_uids, home):
+    c = fetch_ou(user)
+    print('Needed to fetch new course', c, 'for', user)
+    if c:
+        crs_uids[c] = fetch_uids(c)
+        home[user] = c
+    else:
+        print('No course for', user , 'found!')
+
+
+if __name__ == '__main__':
+    home = {}
+    with scandir(HOME) as it:
+        for entry in it:
+            if entry.is_dir() and entry.name != 'lost+found':
+                home[entry.name] = ''
+
+    crs_uids = {}
+    for user in home:
+        if crs_uids == {}:
+            assign_course(user, crs_uids, home)
+            continue
+        for k in crs_uids.keys():
+            if user in crs_uids[k]:
+                home[user] = k
+                break
+        else:
+            assign_course(user, crs_uids, home)
+
+    for usr in home:
+        print(usr, home[usr])
+
+
+    for crs in crs_uids.keys():
+        print(usr, home[usr])
+
+    for k, v in sorted(crs_uids.items()):
+        print(k, sorted(v))
+        for item in sorted(v):
+            try:
+                print(item, home[item])
+            except:
+                print('No home for', item, 'found.')
diff --git a/roles/exam_homes/files/fetchexam b/roles/exam_homes/files/fetchexam
new file mode 100755
index 0000000..c28d0fc
--- /dev/null
+++ b/roles/exam_homes/files/fetchexam
@@ -0,0 +1,23 @@
+#!/usr/bin/bash
+#
+# Backup and remove all student home directories.
+
+set -eu
+
+HDIRS='/home/'
+DIRS=()
+
+for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
+    H="$(basename $DIR)"
+    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
+	echo "Skipping home of '$H'."
+	continue
+    fi
+    DIRS+=("$DIR") 
+done
+[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
+
+AR="homes_$(date -I).tar.gz"
+tar czf "$AR" -C "$HDIRS" --exclude='.[^/]*' \
+    -P --transform="s%$HDIRS%%" "${DIRS[@]}"
+echo "Create archive $AR containing: ${DIRS[@]}"
diff --git a/roles/exam_homes/files/mkDownloads b/roles/exam_homes/files/mkDownloads
new file mode 100755
index 0000000..556d376
--- /dev/null
+++ b/roles/exam_homes/files/mkDownloads
@@ -0,0 +1,12 @@
+#!/usr/bin/bash
+#
+# Prepare Downloads directory.
+
+set -eu
+
+HDIRS='/home/'
+
+if [[ ! -d "$HDIRS/$PAM_USER/Downloads" ]] && [[ ! "$PAM_USER" =~ ^L_ ]] && \
+       [[ ! "$PAM_USER" =~ ansible ]] ; then
+    mkdir --mode=0777 "$HDIRS/$PAM_USER/Downloads"
+fi
diff --git a/roles/exam_homes/handlers/main.yml b/roles/exam_homes/handlers/main.yml
new file mode 100644
index 0000000..7db5f01
--- /dev/null
+++ b/roles/exam_homes/handlers/main.yml
@@ -0,0 +1,6 @@
+- name: enable archive-homes.timer
+  systemd:
+    name: archive-homes.timer
+    state: started
+    enabled: true
+  listen: enable archive-homes.timer
diff --git a/roles/exam_homes/tasks/main.yml b/roles/exam_homes/tasks/main.yml
new file mode 100644
index 0000000..445e405
--- /dev/null
+++ b/roles/exam_homes/tasks/main.yml
@@ -0,0 +1,49 @@
+- name: enable pam_mkhomedir.so and pam_exec.so
+  lineinfile:
+    dest: /etc/pam.d/common-session
+    line: "{{ item }}"
+    insertbefore: "# end of pam-auth-update config"
+  loop:
+    - "session	optional	pam_mkhomedir.so  umask=0022"
+    - "session	optional	pam_exec.so /usr/local/sbin/mkDownloads"
+
+- name: deploy mkDownloads script
+  copy:
+    src: mkDownloads
+    dest: /usr/local/sbin/mkDownloads
+    mode: 0755
+
+# https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh
+- name: only allow sftp for most users
+  blockinfile:
+    dest: /etc/ssh/sshd_config.d/local.conf
+    create: true
+    block: |
+      Match User !L_*,!ansible,*
+         PermitTTY no
+         X11Forwarding no
+         AllowTcpForwarding no
+         AllowAgentForwarding no
+         ForceCommand internal-sftp
+
+- name: deploy archive home script
+  copy:
+    src: archive-homes
+    dest: /usr/local/sbin/archive-homes
+    mode: 0750
+
+- name: deploy archive home script service and timer
+  copy:
+    src: "{{ item }}"
+    dest: /etc/systemd/system/{{ item }}
+    mode: 0655
+  loop:
+    - archive-homes.service
+    - archive-homes.timer
+  notify: enable archive-homes.timer
+
+- name: deploy examode helper
+  copy:
+    src: examode.py
+    dest: /usr/local/bin/examode.py
+    mode: 0755

From b7a2cc664ff0279bc8cddf2b237abd2e528eb2a8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 19 Jan 2023 12:56:47 +0100
Subject: [PATCH 236/504] Deploy scripts.

---
 roles/exam_homes/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/exam_homes/tasks/main.yml b/roles/exam_homes/tasks/main.yml
index 445e405..784b0f8 100644
--- a/roles/exam_homes/tasks/main.yml
+++ b/roles/exam_homes/tasks/main.yml
@@ -47,3 +47,12 @@
     src: examode.py
     dest: /usr/local/bin/examode.py
     mode: 0755
+
+- name: deploy exam scripts
+  copy:
+    src: "{{ item }}"
+    dest: "/usr/local/bin/{{ item }}"
+    mode: 0755
+  loop:
+    - copy2students
+    - fetchexam

From dd2dd74a886e20445daf4a1c5d9f6901f07e6a52 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 13 Jan 2023 13:43:31 +0100
Subject: [PATCH 237/504] Start LMN KDE client.

---
 lmn-desktop.yml | 58 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 lmn-desktop.yml

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
new file mode 100644
index 0000000..3ecf29a
--- /dev/null
+++ b/lmn-desktop.yml
@@ -0,0 +1,58 @@
+## This playbook deploys a FvS desktop machine for LinuxMuster.
+---
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - webext-privacy-badger
+      - webext-ublock-origin
+      - vim
+      - emacs
+      - elpa-magit
+      - elpa-color-theme-modern
+      - vlc
+      - gimp
+      - inkscape
+      - bluefish
+      - git
+      - gitk
+      - gitg
+      - mc
+      - tmux
+      - wireshark
+      - nmap
+      - netcat-openbsd
+      - net-tools
+      - ghex
+      - thonny
+      - spyder
+      - mu-editor
+      - dia
+      - vym
+      - tree
+      - console-setup
+      - virt-manager
+      - libreoffice-l10n-de
+    extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
+    ansible_python_interpreter: "/usr/bin/python3"
+
+  roles:
+    - up2date_debian
+#    - fvs-sssd
+#    - fvs-mount
+#    - fvs-client
+    ## Choose either gnome or KDE:
+    #- gnome
+    - kde
+
+  tasks:
+    - name: Add local user 'virti' in the 'libvirt' group
+      ansible.builtin.user:
+        name: virti
+        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
+        comment: Libvirt VM User,,,
+        shell: /bin/bash
+        groups: libvirt
+        append: yes

From f88626ec7ee3d5c4ae78c68fd99fc6cef2beed74 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 17 Jan 2023 12:10:39 +0100
Subject: [PATCH 238/504] Install lmn package.

---
 lmn-desktop.yml | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 3ecf29a..2dc1795 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -39,13 +39,13 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
+    ## Choose either gnome or KDE:
+    #- gnome
+    - kde
     - up2date_debian
 #    - fvs-sssd
 #    - fvs-mount
 #    - fvs-client
-    ## Choose either gnome or KDE:
-    #- gnome
-    - kde
 
   tasks:
     - name: Add local user 'virti' in the 'libvirt' group
@@ -56,3 +56,17 @@
         shell: /bin/bash
         groups: libvirt
         append: yes
+    - name: add lmn key
+      ansible.builtin.apt_key:
+        url: https://deb.linuxmuster.net/pub.gpg
+        keyring: /etc/apt/trusted.gpg.d/linuxmuster.net.gpg
+    - name: add lmn repo
+      apt_repository:
+        repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/linuxmuster.net.gpg] http://deb.linuxmuster.net/ lmn71 main
+        state: present
+        update_cache: true
+    - name: install
+      apt:
+        name: linuxmuster-linuxclient7
+        state: latest
+        

From db054949a57d49cc040b8d7636372cef8863d584 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 18 Jan 2023 19:32:43 +0100
Subject: [PATCH 239/504] Implement lmn-sssd and lmn-mount roles.

---
 lmn-desktop.yml                       | 29 ++++++++++++---------------
 roles/lmn-mount/defaults/main.yml     |  2 ++
 roles/lmn-mount/tasks/main.yml        | 20 ++++++++++++++++++
 roles/lmn-sssd/handlers/main.yml      |  3 +++
 roles/lmn-sssd/tasks/main.yml         | 21 +++++++++++++++++++
 roles/lmn-sssd/templates/sssd.conf.j2 | 19 ++++++++++++++++++
 6 files changed, 78 insertions(+), 16 deletions(-)
 create mode 100644 roles/lmn-mount/defaults/main.yml
 create mode 100644 roles/lmn-mount/tasks/main.yml
 create mode 100644 roles/lmn-sssd/handlers/main.yml
 create mode 100644 roles/lmn-sssd/tasks/main.yml
 create mode 100644 roles/lmn-sssd/templates/sssd.conf.j2

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 2dc1795..93dc6a9 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -4,7 +4,17 @@
   hosts: all
   remote_user: ansible
   become: yes
+  pre_tasks:
+    - pause:
+        prompt: "Enter global-admin active directory password to join domain:"
+        minutes: 5
+        echo: false
+      register: adpw
+      no_log: true
+      when: "ansible_cmdline.adpw is not defined"
+
   vars:
+    domain: "pn.steinbeis.schule"
     extra_pkgs:
       - webext-privacy-badger
       - webext-ublock-origin
@@ -35,6 +45,7 @@
       - console-setup
       - virt-manager
       - libreoffice-l10n-de
+      - krb5-user
     extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 
@@ -43,8 +54,8 @@
     #- gnome
     - kde
     - up2date_debian
-#    - fvs-sssd
-#    - fvs-mount
+    - lmn-sssd
+    - lmn-mount
 #    - fvs-client
 
   tasks:
@@ -56,17 +67,3 @@
         shell: /bin/bash
         groups: libvirt
         append: yes
-    - name: add lmn key
-      ansible.builtin.apt_key:
-        url: https://deb.linuxmuster.net/pub.gpg
-        keyring: /etc/apt/trusted.gpg.d/linuxmuster.net.gpg
-    - name: add lmn repo
-      apt_repository:
-        repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/linuxmuster.net.gpg] http://deb.linuxmuster.net/ lmn71 main
-        state: present
-        update_cache: true
-    - name: install
-      apt:
-        name: linuxmuster-linuxclient7
-        state: latest
-        
diff --git a/roles/lmn-mount/defaults/main.yml b/roles/lmn-mount/defaults/main.yml
new file mode 100644
index 0000000..488b052
--- /dev/null
+++ b/roles/lmn-mount/defaults/main.yml
@@ -0,0 +1,2 @@
+smb_server: "server"
+smb_home: "default-school/teachers/%(DOMAIN_USER)"
diff --git a/roles/lmn-mount/tasks/main.yml b/roles/lmn-mount/tasks/main.yml
new file mode 100644
index 0000000..294e2f3
--- /dev/null
+++ b/roles/lmn-mount/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: install needed packages
+  apt:
+    name:
+      - libpam-mount
+      - cifs-utils
+    state: latest
+
+- name: configure pam_mount
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    block: |
+      <volume
+        fstype="cifs"
+        server="{{ smb_server }}"
+        path="{{ smb_home }}"
+        mountpoint="/home/%(DOMAIN_USER)"
+        options="sec=krb5i,vers=3.0,cruid=%(USERUID),user=%(USER)"
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
+    insertafter: "<!-- Volume definitions -->"
diff --git a/roles/lmn-sssd/handlers/main.yml b/roles/lmn-sssd/handlers/main.yml
new file mode 100644
index 0000000..c7c508b
--- /dev/null
+++ b/roles/lmn-sssd/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
diff --git a/roles/lmn-sssd/tasks/main.yml b/roles/lmn-sssd/tasks/main.yml
new file mode 100644
index 0000000..04b4f7f
--- /dev/null
+++ b/roles/lmn-sssd/tasks/main.yml
@@ -0,0 +1,21 @@
+---
+- name: install needed packages
+  apt:
+    name:
+      - sssd-ad
+      - sssd-tools
+      - adcli
+    state: latest
+
+- name: provide identities from directory
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: 0600
+  notify: restart sssd
+
+  ## Either one of the variables is defined:
+- name: join the domain
+  shell:
+    cmd: echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" | adcli join --stdin-password -U global-admin {{ domain | upper }}
+  when: ansible_cmdline.adpw | default('') | length > 0 or adpw.user_input | default('') | length > 0
diff --git a/roles/lmn-sssd/templates/sssd.conf.j2 b/roles/lmn-sssd/templates/sssd.conf.j2
new file mode 100644
index 0000000..dc15730
--- /dev/null
+++ b/roles/lmn-sssd/templates/sssd.conf.j2
@@ -0,0 +1,19 @@
+[sssd]
+domains = {{ domain }}
+config_file_version = 2
+
+[domain/{{ domain }}]
+default_shell = /bin/bash
+cache_credentials = True
+krb5_store_password_if_offline = True
+cache_credentials = True
+krb5_realm = {{ domain | upper }}
+id_provider = ad
+override_homedir = /home/%u
+ad_domain = {{ domain }}
+use_fully_qualified_names = False
+ldap_id_mapping = True
+access_provider = ad
+ad_gpo_access_control = permissive
+ad_gpo_ignore_unreadable = True
+ad_maximum_machine_account_password_age = 0

From 0532ed1e17078424dcfdb3911dd1d6d16f3f03fe Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 20 Jan 2023 20:17:46 +0100
Subject: [PATCH 240/504] Switch to NFSv4 homes.

---
 lmn-desktop.yml                       |  3 +++
 roles/lmn-mount/defaults/main.yml     |  2 +-
 roles/lmn-mount/tasks/main.yml        | 21 ++++++++++++++++++---
 roles/lmn-sssd/templates/sssd.conf.j2 |  2 +-
 4 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 93dc6a9..b986d06 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -16,6 +16,7 @@
   vars:
     domain: "pn.steinbeis.schule"
     extra_pkgs:
+      - thunderbird-l10n-de
       - webext-privacy-badger
       - webext-ublock-origin
       - vim
@@ -25,6 +26,7 @@
       - vlc
       - gimp
       - inkscape
+      - flameshot
       - bluefish
       - git
       - gitk
@@ -46,6 +48,7 @@
       - virt-manager
       - libreoffice-l10n-de
       - krb5-user
+      - unattended-upgrades
     extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 
diff --git a/roles/lmn-mount/defaults/main.yml b/roles/lmn-mount/defaults/main.yml
index 488b052..86e9368 100644
--- a/roles/lmn-mount/defaults/main.yml
+++ b/roles/lmn-mount/defaults/main.yml
@@ -1,2 +1,2 @@
 smb_server: "server"
-smb_home: "default-school/teachers/%(DOMAIN_USER)"
+smb_share: "default-school/share/"
diff --git a/roles/lmn-mount/tasks/main.yml b/roles/lmn-mount/tasks/main.yml
index 294e2f3..7f8d8ed 100644
--- a/roles/lmn-mount/tasks/main.yml
+++ b/roles/lmn-mount/tasks/main.yml
@@ -4,6 +4,7 @@
     name:
       - libpam-mount
       - cifs-utils
+      - nfs-common
     state: latest
 
 - name: configure pam_mount
@@ -13,8 +14,22 @@
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
-        path="{{ smb_home }}"
-        mountpoint="/home/%(DOMAIN_USER)"
-        options="sec=krb5i,vers=3.0,cruid=%(USERUID),user=%(USER)"
+        path="{{ smb_share }}"
+        mountpoint="/media/%(DOMAIN_USER)/share"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER)"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
+
+- name: Mount NFSv4 home directory
+  ansible.posix.mount:
+    src: server:/default-school
+    path: /srv/samba/schools/default-school
+    opts: sec=krb5p,_netdev,x-systemd.automount,x-systemd.idle-timeout=60
+    state: present
+    fstype: nfs4
+
+- name: Kill all user processes on logout
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/logind.conf
+    line: KillUserProcesses=yes
+    insertafter: '#KillUserProcesses=no'
diff --git a/roles/lmn-sssd/templates/sssd.conf.j2 b/roles/lmn-sssd/templates/sssd.conf.j2
index dc15730..24ab69a 100644
--- a/roles/lmn-sssd/templates/sssd.conf.j2
+++ b/roles/lmn-sssd/templates/sssd.conf.j2
@@ -9,7 +9,7 @@ krb5_store_password_if_offline = True
 cache_credentials = True
 krb5_realm = {{ domain | upper }}
 id_provider = ad
-override_homedir = /home/%u
+#override_homedir = /home/%u
 ad_domain = {{ domain }}
 use_fully_qualified_names = False
 ldap_id_mapping = True

From 0828e77e7b26aa51884e26e0ba54a9f0820d063a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 21 Jan 2023 08:48:09 +0100
Subject: [PATCH 241/504] Some more cleanup after logout.

---
 lmn-desktop.yml                |  2 +-
 roles/lmn-mount/tasks/main.yml | 23 +++++++++++++++--------
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index b986d06..5fe1c6e 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -6,7 +6,7 @@
   become: yes
   pre_tasks:
     - pause:
-        prompt: "Enter global-admin active directory password to join domain:"
+        prompt: "Enter global-admin active directory password, leave empty to skip domain join"
         minutes: 5
         echo: false
       register: adpw
diff --git a/roles/lmn-mount/tasks/main.yml b/roles/lmn-mount/tasks/main.yml
index 7f8d8ed..c15d6c0 100644
--- a/roles/lmn-mount/tasks/main.yml
+++ b/roles/lmn-mount/tasks/main.yml
@@ -1,13 +1,14 @@
 ---
-- name: install needed packages
+- name: Install needed packages
   apt:
     name:
       - libpam-mount
       - cifs-utils
       - nfs-common
+      - hxtools
     state: latest
 
-- name: configure pam_mount
+- name: Configure pam_mount
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     block: |
@@ -20,6 +21,18 @@
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
+- name: Clean up all user processes after logout
+  ansible.builtin.replace:
+    path: /etc/security/pam_mount.conf.xml
+    regexp: '^(<logout wait="0" hup="no" term="no" kill="no" />)$'
+    replace: '#\1\n<logout wait="1000" hup="yes" term="yes" kill="yes" />'
+
+- name: Kill all user processes on logout
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/logind.conf
+    line: KillUserProcesses=yes
+    insertafter: '#KillUserProcesses=no'
+
 - name: Mount NFSv4 home directory
   ansible.posix.mount:
     src: server:/default-school
@@ -27,9 +40,3 @@
     opts: sec=krb5p,_netdev,x-systemd.automount,x-systemd.idle-timeout=60
     state: present
     fstype: nfs4
-
-- name: Kill all user processes on logout
-  ansible.builtin.lineinfile:
-    path: /etc/systemd/logind.conf
-    line: KillUserProcesses=yes
-    insertafter: '#KillUserProcesses=no'

From 0cc41715d806133dab6d0d36b2eda4ee5e23fffe Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 22 Jan 2023 11:49:57 +0100
Subject: [PATCH 242/504] Configure KDE, move package installation to extra
 role.

---
 lmn-desktop.yml                               | 41 ++---------
 roles/lmn_kde/handlers/main.yml               | 10 +++
 roles/lmn_kde/tasks/main.yml                  | 71 +++++++++++++++++++
 .../defaults/main.yml                         |  0
 roles/{lmn-mount => lmn_mount}/tasks/main.yml |  0
 .../{lmn-sssd => lmn_sssd}/handlers/main.yml  |  0
 roles/{lmn-sssd => lmn_sssd}/tasks/main.yml   |  0
 .../templates/sssd.conf.j2                    |  0
 8 files changed, 87 insertions(+), 35 deletions(-)
 create mode 100644 roles/lmn_kde/handlers/main.yml
 create mode 100644 roles/lmn_kde/tasks/main.yml
 rename roles/{lmn-mount => lmn_mount}/defaults/main.yml (100%)
 rename roles/{lmn-mount => lmn_mount}/tasks/main.yml (100%)
 rename roles/{lmn-sssd => lmn_sssd}/handlers/main.yml (100%)
 rename roles/{lmn-sssd => lmn_sssd}/tasks/main.yml (100%)
 rename roles/{lmn-sssd => lmn_sssd}/templates/sssd.conf.j2 (100%)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 5fe1c6e..00d5f68 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a FvS desktop machine for LinuxMuster.
+## This playbook deploys a FvS KDE desktop machine for LinuxMuster.
 ---
 - name: apply configuration to the machines
   hosts: all
@@ -16,50 +16,21 @@
   vars:
     domain: "pn.steinbeis.schule"
     extra_pkgs:
-      - thunderbird-l10n-de
-      - webext-privacy-badger
-      - webext-ublock-origin
       - vim
-      - emacs
-      - elpa-magit
-      - elpa-color-theme-modern
-      - vlc
-      - gimp
-      - inkscape
-      - flameshot
-      - bluefish
-      - git
-      - gitk
-      - gitg
       - mc
       - tmux
-      - wireshark
-      - nmap
-      - netcat-openbsd
-      - net-tools
-      - ghex
-      - thonny
-      - spyder
-      - mu-editor
-      - dia
-      - vym
-      - tree
       - console-setup
-      - virt-manager
-      - libreoffice-l10n-de
       - krb5-user
       - unattended-upgrades
-    extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
+    extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
-    ## Choose either gnome or KDE:
-    #- gnome
-    - kde
     - up2date_debian
-    - lmn-sssd
-    - lmn-mount
-#    - fvs-client
+    - lmn_sssd
+    - lmn_mount
+    - kde
+    - lmn_kde
 
   tasks:
     - name: Add local user 'virti' in the 'libvirt' group
diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
new file mode 100644
index 0000000..6a3b3d5
--- /dev/null
+++ b/roles/lmn_kde/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: run update-grub
+  command: update-grub
+  listen: update grub
+
+- name: enable tmp.mount
+  systemd:
+    daemon_reload: yes
+    name: tmp.mount
+    enabled: yes
+  listen: enable tmp.mount
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
new file mode 100644
index 0000000..3b80d0d
--- /dev/null
+++ b/roles/lmn_kde/tasks/main.yml
@@ -0,0 +1,71 @@
+---
+- name: install desktop EDU packages and some more
+  apt:
+    name:
+      - thunderbird-l10n-de
+      - webext-privacy-badger
+      - webext-ublock-origin
+      - emacs
+      - elpa-magit
+      - elpa-color-theme-modern
+      - vlc
+      - gimp
+      - inkscape
+      - flameshot
+      - bluefish
+      - git
+      - gitk
+      - gitg
+      - wireshark
+      - nmap
+      - netcat-openbsd
+      - net-tools
+      - ghex
+      - thonny
+      - spyder
+      - mu-editor
+      - dia
+      - vym
+      - tree
+      - virt-manager
+      - libreoffice-l10n-de
+      - xdg-desktop-portal-kde
+    state: latest
+
+- name: set homepage
+  lineinfile:
+    dest: /etc/firefox-esr/firefox-esr.js
+    line: pref("browser.startup.homepage", "https://www.startpage.com");
+
+- name: tune SDDM login
+  blockinfile:
+    path: /etc/sddm.conf
+    create: true
+    block: |
+      [Users]
+      MaximumUid=999
+      RememberLastUser=false
+      RememberLastSession=false
+
+
+################# from kiosk.yml ##################
+- name: grub timeout
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_TIMEOUT=).*'
+    line: '\g<1>1'
+    backrefs: yes
+  notify: update grub
+
+- name: keyboard compose key
+  lineinfile:
+    dest: /etc/default/keyboard
+    regexp: '^(XKBOPTIONS=).*'
+    line: '\1"compose:caps"'
+    backrefs: yes
+
+- name: tmp on tmpfs
+  command: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
+  args:
+    creates: /etc/systemd/system/tmp.mount
+  notify: enable tmp.mount
diff --git a/roles/lmn-mount/defaults/main.yml b/roles/lmn_mount/defaults/main.yml
similarity index 100%
rename from roles/lmn-mount/defaults/main.yml
rename to roles/lmn_mount/defaults/main.yml
diff --git a/roles/lmn-mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
similarity index 100%
rename from roles/lmn-mount/tasks/main.yml
rename to roles/lmn_mount/tasks/main.yml
diff --git a/roles/lmn-sssd/handlers/main.yml b/roles/lmn_sssd/handlers/main.yml
similarity index 100%
rename from roles/lmn-sssd/handlers/main.yml
rename to roles/lmn_sssd/handlers/main.yml
diff --git a/roles/lmn-sssd/tasks/main.yml b/roles/lmn_sssd/tasks/main.yml
similarity index 100%
rename from roles/lmn-sssd/tasks/main.yml
rename to roles/lmn_sssd/tasks/main.yml
diff --git a/roles/lmn-sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
similarity index 100%
rename from roles/lmn-sssd/templates/sssd.conf.j2
rename to roles/lmn_sssd/templates/sssd.conf.j2

From c8bd147d782747e4d6aec3a6bd849714ff66dd57 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 22 Jan 2023 12:02:50 +0100
Subject: [PATCH 243/504] Start role implementing the VMs.

---
 lmn-desktop.yml                |  1 +
 roles/lmn_kde/tasks/main.yml   |  1 -
 roles/lmn_vm/handlers/main.yml |  4 ++++
 roles/lmn_vm/tasks/main.yml    | 14 ++++++++++++++
 4 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 roles/lmn_vm/handlers/main.yml
 create mode 100644 roles/lmn_vm/tasks/main.yml

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 00d5f68..c1d3ce6 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -31,6 +31,7 @@
     - lmn_mount
     - kde
     - lmn_kde
+    - lmn_vm
 
   tasks:
     - name: Add local user 'virti' in the 'libvirt' group
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 3b80d0d..197a06b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -27,7 +27,6 @@
       - dia
       - vym
       - tree
-      - virt-manager
       - libreoffice-l10n-de
       - xdg-desktop-portal-kde
     state: latest
diff --git a/roles/lmn_vm/handlers/main.yml b/roles/lmn_vm/handlers/main.yml
new file mode 100644
index 0000000..edfe719
--- /dev/null
+++ b/roles/lmn_vm/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: reload libvirtd
+  systemd:
+    name: libvirtd.service
+  listen: reload libvirtd
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
new file mode 100644
index 0000000..12d98ee
--- /dev/null
+++ b/roles/lmn_vm/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- name: install libvirt packages
+  apt:
+    name:
+      - libvirt-daemon-system
+      - virt-manager
+    state: latest
+
+- name: allow all users to use VMs
+  lineinfile:
+    dest: /etc/libvirt/libvirtd.conf
+    line: 'auth_unix_rw = "none"'
+    insertafter: '#auth_unix_rw = "polkit"'
+  notify: reload libvirtd

From 52bb5b4fbc531b8065257af5db2473569a2aa1c5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 22 Jan 2023 19:46:22 +0100
Subject: [PATCH 244/504] Add packages from backports (bullseye only).

---
 roles/lmn_kde/tasks/main.yml | 20 +++++++++++++++++++-
 roles/lmn_vm/tasks/main.yml  |  3 +++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 197a06b..eb9df07 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -27,10 +27,28 @@
       - dia
       - vym
       - tree
-      - libreoffice-l10n-de
       - xdg-desktop-portal-kde
     state: latest
 
+
+- name: add {{ ansible_distribution_release }}-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
+    state: present
+    update_cache: true
+  when: ansible_distribution_release == 'bullseye'
+
+- name: install extra packages from backports
+  apt:
+    name:
+      - libreoffice
+      - libreoffice-l10n-de
+    state: latest # noqa package-latest
+    autoremove: true
+    default_release: "{{ ansible_distribution_release }}-backports"
+  when: ansible_distribution_release == 'bullseye'
+
+
 - name: set homepage
   lineinfile:
     dest: /etc/firefox-esr/firefox-esr.js
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 12d98ee..0afb7fc 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -5,6 +5,9 @@
       - libvirt-daemon-system
       - virt-manager
     state: latest
+    autoremove: true
+    default_release: "{{ ansible_distribution_release }}-backports"
+  when: ansible_distribution_release == 'bullseye'
 
 - name: allow all users to use VMs
   lineinfile:

From ec7b77411bb6fe272b773cbd6f899de12e174d8b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 28 Jan 2023 14:28:38 +0100
Subject: [PATCH 245/504] Fixes for bookworm.

---
 roles/lmn_kde/tasks/main.yml | 7 ++++---
 roles/lmn_vm/tasks/main.yml  | 9 +++++++++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index eb9df07..c926b57 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -4,7 +4,8 @@
     name:
       - thunderbird-l10n-de
       - webext-privacy-badger
-      - webext-ublock-origin
+      - webext-ublock-origin-firefox
+      - webext-ublock-origin-chromium
       - emacs
       - elpa-magit
       - elpa-color-theme-modern
@@ -23,7 +24,7 @@
       - ghex
       - thonny
       - spyder
-      - mu-editor
+#      - mu-editor
       - dia
       - vym
       - tree
@@ -33,7 +34,7 @@
 
 - name: add {{ ansible_distribution_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main contrib non-free
     state: present
     update_cache: true
   when: ansible_distribution_release == 'bullseye'
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 0afb7fc..92112f3 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -9,6 +9,15 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
+- name: install libvirt packages
+  apt:
+    name:
+      - libvirt-daemon-system
+      - virt-manager
+    state: latest
+    autoremove: true
+  when: ansible_distribution_release == 'bookworm'
+
 - name: allow all users to use VMs
   lineinfile:
     dest: /etc/libvirt/libvirtd.conf

From 396a91fb40314c5c4a3c98a0b4067e8ac2f7181b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 31 Jan 2023 08:23:20 +0100
Subject: [PATCH 246/504] Allow access for VMs (virtiofs), support new
 hardware.

---
 lmn-desktop.yml                | 2 +-
 roles/lmn_mount/tasks/main.yml | 2 +-
 roles/lmn_vm/tasks/main.yml    | 7 +++++++
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index c1d3ce6..cbad29a 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -22,7 +22,7 @@
       - console-setup
       - krb5-user
       - unattended-upgrades
-    extra_pkgs_bpo: [] # [ linux-image-amd64 ]  # [ libreoffice ]
+    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index c15d6c0..e71e674 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -17,7 +17,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/media/%(DOMAIN_USER)/share"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER)"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1001,file_mode=0770,dir_mode=0770"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 92112f3..5b1df6e 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -18,6 +18,13 @@
     autoremove: true
   when: ansible_distribution_release == 'bookworm'
 
+- name: install squid
+  apt:
+    name:
+      - squid
+    state: latest
+    autoremove: true
+
 - name: allow all users to use VMs
   lineinfile:
     dest: /etc/libvirt/libvirtd.conf

From 18928f281886cfe21022891c55716ebd7cc9059d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 31 Jan 2023 21:18:24 +0100
Subject: [PATCH 247/504] Implement VM configuration and deploy the images.

---
 lmn-desktop.yml                               |  4 +-
 roles/lmn_mount/tasks/main.yml                |  2 +-
 roles/lmn_vm/files/create-clone.sh            | 37 ++++++++
 roles/lmn_vm/files/create-vm.sh               | 34 +++++++
 roles/lmn_vm/files/images.list                |  5 +
 roles/lmn_vm/files/lmn-create-clone-sudo      |  3 +
 roles/lmn_vm/files/lmn-mounthome-sudo         |  3 +
 roles/lmn_vm/files/lmn-proxy.sh               |  3 +
 roles/lmn_vm/files/mounthome.sh               | 15 +++
 roles/lmn_vm/files/pulseaudio-override.conf   |  2 +
 roles/lmn_vm/files/rebase-vm.sh               | 44 +++++++++
 roles/lmn_vm/files/run-vm.sh                  | 67 +++++++++++++
 roles/lmn_vm/tasks/main.yml                   | 94 +++++++++++++++++--
 roles/lmn_vm/templates/squid-usermode.conf.j2 | 11 +++
 14 files changed, 315 insertions(+), 9 deletions(-)
 create mode 100755 roles/lmn_vm/files/create-clone.sh
 create mode 100755 roles/lmn_vm/files/create-vm.sh
 create mode 100644 roles/lmn_vm/files/images.list
 create mode 100644 roles/lmn_vm/files/lmn-create-clone-sudo
 create mode 100644 roles/lmn_vm/files/lmn-mounthome-sudo
 create mode 100755 roles/lmn_vm/files/lmn-proxy.sh
 create mode 100755 roles/lmn_vm/files/mounthome.sh
 create mode 100644 roles/lmn_vm/files/pulseaudio-override.conf
 create mode 100755 roles/lmn_vm/files/rebase-vm.sh
 create mode 100755 roles/lmn_vm/files/run-vm.sh
 create mode 100644 roles/lmn_vm/templates/squid-usermode.conf.j2

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index cbad29a..9533177 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -14,7 +14,7 @@
       when: "ansible_cmdline.adpw is not defined"
 
   vars:
-    domain: "pn.steinbeis.schule"
+    domain: "{{ ansible_domain }}"
     extra_pkgs:
       - vim
       - mc
@@ -22,7 +22,7 @@
       - console-setup
       - krb5-user
       - unattended-upgrades
-    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
+    extra_pkgs_bpo: [ linux-image-amd64 ]
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index e71e674..ece685d 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -17,7 +17,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/media/%(DOMAIN_USER)/share"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1001,file_mode=0770,dir_mode=0770"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
new file mode 100755
index 0000000..73ecfd2
--- /dev/null
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/bash
+# create VM clone
+
+set -eu
+
+# if less than one arguments supplied, display usage
+if [  "$#" -ne 1 ]
+then
+    echo "This script takes as input the name of the VM to clone"
+    echo "Usage: $0 vm_name"
+    exit 1
+fi
+
+# change to image-directory
+cd /var/lib/libvirt/images
+
+VM_NAME=$1
+
+if [ ! -f "xml/${VM_NAME}.xml" -a -f "${VM_NAME}.gcow2" ]; then
+    echo "xml or qcow2 File does not exists."
+    exit 1
+fi
+
+qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
+
+cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-clone.xml"
+
+# and actually rename the vm: (this also updates the storage path)
+sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "xml/${VM_NAME}-clone.xml"
+
+# set Username for mounting data from correct user
+sed -i "s/USER/${SUDO_USER}/" "xml/${VM_NAME}-clone.xml"
+
+# delete the old vm
+virsh --connect=qemu:///system undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
+# finally, create the new vm
+virsh --connect=qemu:///system define "xml/${VM_NAME}-clone.xml"
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
new file mode 100755
index 0000000..be187e2
--- /dev/null
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/bash
+# create 1st level-Clones
+
+set -eu
+
+# if less than two arguments supplied, display usage
+if [  $# -ne 2 ]
+then
+    echo "This script takes as input the name of the VM to clone"
+    echo "Usage: $0 vm_name_orig vm_name_clone"
+    exit 1
+fi
+
+VM_NAME=$1
+VM_CLONE=$2
+
+if [ ! -f "xml/$VM_NAME.xml" -a -f "$VM_NAME.gcow2" ]; then
+    echo "xml or qcow2 File does not exists."
+    exit 1
+fi
+
+qemu-img create -f qcow2 -F qcow2 -b $VM_NAME.qcow2 $VM_NAME-$VM_CLONE.qcow2
+chmod a-w $VM_NAME-$VM_CLONE.qcow2
+
+# virsh --connect=qemu:///system dumpxml $VM_NAME > xml/$VM_NAME_$VM_CLONE.xml
+cp xml/$VM_NAME.xml xml/$VM_NAME-$VM_CLONE.xml
+
+# hardware addresses need to be removed, libvirt will assign
+# new addresses automatically
+sed -i /uuid/d xml/$VM_NAME-$VM_CLONE.xml
+sed -i '/mac address/d' xml/$VM_NAME-$VM_CLONE.xml
+
+# and actually rename the vm: (this also updates the storage path)
+sed -i s/$VM_NAME/$VM_NAME-$VM_CLONE/ xml/$VM_NAME-$VM_CLONE.xml
diff --git a/roles/lmn_vm/files/images.list b/roles/lmn_vm/files/images.list
new file mode 100644
index 0000000..1129e07
--- /dev/null
+++ b/roles/lmn_vm/files/images.list
@@ -0,0 +1,5 @@
+win10.qcow2
+win10-SolidWorks.qcow2
+win10-Elektro.qcow2
+deb11.qcow2
+deb11-virtualbox.qcow2
diff --git a/roles/lmn_vm/files/lmn-create-clone-sudo b/roles/lmn_vm/files/lmn-create-clone-sudo
new file mode 100644
index 0000000..7c79a2b
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-create-clone-sudo
@@ -0,0 +1,3 @@
+%examusers    ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
diff --git a/roles/lmn_vm/files/lmn-mounthome-sudo b/roles/lmn_vm/files/lmn-mounthome-sudo
new file mode 100644
index 0000000..f60cc5b
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-mounthome-sudo
@@ -0,0 +1,3 @@
+%examusers    ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
new file mode 100755
index 0000000..122a10d
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-proxy.sh
@@ -0,0 +1,3 @@
+export http_proxy='http://firewall:3128'
+export https_proxy=$http_proxy
+export ftp_proxy=$http_proxy
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
new file mode 100755
index 0000000..ea3c2d8
--- /dev/null
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/bash
+set -eu
+
+share="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's/.*default-school//')"
+
+if [ "$#" -gt 0 ] && [ "$1" = '-u' ]; then
+    umount "/media/${SUDO_USER}/home" && rmdir "/media/${SUDO_USER}/home"
+else
+    chgrp 1010 "/media/${SUDO_USER}"
+    chmod 0770 "/media/${SUDO_USER}"
+    mkdir -p "/media/${SUDO_USER}/home"
+    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},username=${SUDO_USER},uid=${SUDO_UID},\
+gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid,user=${SUDO_USER}" \
+	  "//server/default-school/${share}" "/media/${SUDO_USER}/home"
+fi
diff --git a/roles/lmn_vm/files/pulseaudio-override.conf b/roles/lmn_vm/files/pulseaudio-override.conf
new file mode 100644
index 0000000..5d7783e
--- /dev/null
+++ b/roles/lmn_vm/files/pulseaudio-override.conf
@@ -0,0 +1,2 @@
+[Service]
+Environment=HOME=/tmp/pulse.%u
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/rebase-vm.sh
new file mode 100755
index 0000000..184f615
--- /dev/null
+++ b/roles/lmn_vm/files/rebase-vm.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/bash
+
+# Rebase one level down
+
+set -eu
+
+# if less than one arguments supplied, display usage
+if [  $# -ne 1 ]
+then
+    echo "This script takes as input the name of the VM to rebase one level down"
+    echo "Usage: $0 vm_name"
+    exit 1
+fi
+
+VM_NAME=$1
+
+if [ ! -f $VM_NAME.qcow2 ]
+then
+    echo "File not found $VM_NAME.qcow2"
+    exit 1
+fi
+
+shopt -s lastpipe
+qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | wc -l | read NUMBASES
+qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | head  -n 3 | tail -n 1 | cut -d' ' -f2 | read NEWBASE
+qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | head  -n 2 | tail -n 1 | cut -d' ' -f2 | read CURRENTBASE
+
+if [ ! $NUMBASES -ge 3 ]
+then
+    echo "Image must have at least 2 backing-files"
+    exit 1
+fi
+
+if [ ! -f $NEWBASE -a -f $CURRENTBASE ]
+then
+    echo "Backingfiles not found $CURRENTBASE, $NEWBASE"
+    exit 1
+fi
+
+qemu-img rebase -f qcow2 -b $NEWBASE -F qcow2 $VM_NAME.qcow2
+rm $CURRENTBASE
+mv $VM_NAME.qcow2 $CURRENTBASE
+chmod a-w $CURRENTBASE
+qemu-img create -f qcow2 -F qcow2 -b $CURRENTBASE $VM_NAME.qcow2
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
new file mode 100755
index 0000000..cba0de4
--- /dev/null
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -0,0 +1,67 @@
+#!/usr/bin/bash
+# create and run clone
+
+set -eu
+
+NEWCLONE=0
+
+show_help() {
+    cat << EOF
+Usage: $(basename "$0") [-n] vmname"
+Create a new clone, start the vm (if not yet running) and run virt-viewer.
+Squid-Proxy will be started too.
+User Home will be mounted on /media/USERNAME/home
+    -n   new clone will be created, even if exists
+EOF
+}
+
+NEWCLONE=0
+
+while getopts ':n' OPTION; do
+    case "$OPTION" in
+	n)
+	    NEWCLONE=1
+	    ;;
+	?)
+	show_help
+	exit 1
+	;;
+    esac
+done
+
+shift "$((OPTIND -1))"
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 1 ]] ; then
+    show_help
+    exit 1
+fi
+
+VM_NAME=$1
+
+if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
+    echo "no base VM disk '${VM_NAME}.qcow2' found"
+    exit 1
+fi
+
+# check, if we have to start squid
+if [[ ! -f "/tmp/squid.pid" ]]; then
+    echo "starting squid."
+    /usr/sbin/squid -f /etc/squid/squid-usermode.conf
+fi
+
+# check, if we have to mount home
+if [[ ! -d "/media/${USER}/home" ]]; then
+    echo "mounting home."
+    sudo mounthome.sh
+fi
+
+if  ! virsh --connect=qemu:///system list | grep "${VM_NAME}"; then
+    echo "VM not yet running. Try to clone and start."
+    if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "/var/lib/libvirt/images/${VM_NAME}-clone.qcow2" ]]; then
+        sudo create-clone.sh "${VM_NAME}"
+    fi
+    virsh --connect=qemu:///system start "${VM_NAME}-clone"
+fi
+echo "starting viewer"
+virt-viewer --connect=qemu:///system --full-screen "${VM_NAME}-clone"
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 5b1df6e..6224e6b 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -18,6 +18,19 @@
     autoremove: true
   when: ansible_distribution_release == 'bookworm'
 
+- name: allow all users to use VMs
+  lineinfile:
+    dest: /etc/libvirt/libvirtd.conf
+    line: 'auth_unix_rw = "none"'
+    insertafter: '#auth_unix_rw = "polkit"'
+  notify: reload libvirtd
+
+- name: autostart default network for VMs
+  file:
+    src: /etc/libvirt/qemu/networks/default.xml
+    dest: /etc/libvirt/qemu/networks/autostart/default.xml
+    state: link
+
 - name: install squid
   apt:
     name:
@@ -25,9 +38,78 @@
     state: latest
     autoremove: true
 
-- name: allow all users to use VMs
-  lineinfile:
-    dest: /etc/libvirt/libvirtd.conf
-    line: 'auth_unix_rw = "none"'
-    insertafter: '#auth_unix_rw = "polkit"'
-  notify: reload libvirtd
+- name: disable squid
+  systemd:
+    name: squid
+    enabled: false
+    state: stopped
+
+- name: deploy squid user mode configuration
+  template:
+    src: squid-usermode.conf.j2
+    dest: /etc/squid/squid-usermode.conf
+    mode: '0644'
+
+- name: deploy sudo configuration
+  copy:
+    src: lmn-mounthome-sudo
+    dest: /etc/sudoers.d/90-lmn-mounthome
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: deploy sudo configuration
+  copy:
+    src: lmn-create-clone-sudo
+    dest: /etc/sudoers.d/90-lmn-create-clone
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: deploy mount home script
+  copy:
+    src: "{{ item }}"
+    dest: /usr/local/bin/
+    owner: root
+    group: root
+    mode: '0755'
+  loop:
+    - mounthome.sh
+    - create-vm.sh
+    - rebase-vm.sh
+    - create-clone.sh
+    - run-vm.sh
+
+- name: deploy http proxy config
+  copy:
+    src: lmn-proxy.sh
+    dest: /etc/profile.d/
+    mode: '0644'
+
+- name: deploy pulseaudio fix
+  file:
+    path: /etc/systemd/user/pulseaudio.service.d/
+    state: directory
+
+- name: deploy pulseaudio fix
+  copy:
+    src: pulseaudio-override.conf
+    dest: /etc/systemd/user/pulseaudio.service.d/override.conf
+
+#### VMs
+- name: deploy initial image list
+  copy:
+    src: images.list
+    dest: /var/lib/libvirt/images/images.list
+    force: false
+
+- name: rsync VM image definitions
+  command: rsync -a --itemize-changes rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
+  register: result
+  changed_when: result.stdout | length > 0
+
+- name: rsync VM images
+  command: rsync -a -i --files-from=/var/lib/libvirt/images/images.list rsync://server:/vmimages-download/ /var/lib/libvirt/images/
+  register: result
+  changed_when: result.stdout | length > 0
+  when: (ansible_mounts | selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000
diff --git a/roles/lmn_vm/templates/squid-usermode.conf.j2 b/roles/lmn_vm/templates/squid-usermode.conf.j2
new file mode 100644
index 0000000..1cf931a
--- /dev/null
+++ b/roles/lmn_vm/templates/squid-usermode.conf.j2
@@ -0,0 +1,11 @@
+acl local-servers dstdomain .{{ domain }}
+cache_peer firewall parent 3128 0 no-query default login=NEGOTIATE auth-no-keytab
+never_direct deny local-servers
+never_direct allow all
+#access_log stdio:/tmp/access.log squid
+access_log none
+cache_log /dev/null 
+logfile_rotate 0
+pid_filename /tmp/squid.pid
+http_port 192.168.122.1:3128 
+http_access allow all

From 0c9711a1da815e9db54c9e2f266e634c7a10989a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 4 Feb 2023 21:48:54 +0100
Subject: [PATCH 248/504] Configure default browser and favorites in menu.

---
 roles/kde/tasks/main.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
index 5ce612c..bcdfd6f 100644
--- a/roles/kde/tasks/main.yml
+++ b/roles/kde/tasks/main.yml
@@ -20,3 +20,19 @@
     regexp: '"quiet"$'
     replace: '"quiet splash"'
   notify: update grub
+
+- name: switch default browser
+  blockinfile:
+    path: /etc/xdg/kdeglobals
+    block: |
+      [General]
+      BrowserApplication=firefox-esr.desktop
+    create: true
+
+- name: add some favorites to the KDE menu
+  blockinfile:
+    path: /etc/xdg/kickoffrc
+    block: |
+      [Favorites]
+      FavoriteURLs=firefox-esr.desktop,org.kde.dolphin.desktop,libreoffice-startcenter.desktop,org.kde.okular.desktop,org.kde.kate.desktop,gimp.desktop,inkscape.desktop,vlc.desktop,org.kde.konsole.desktop
+    create: true

From 89ddaa0138f29bdf6c5d28d4f9b93de1dd722316 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 7 Feb 2023 08:14:11 +0100
Subject: [PATCH 249/504] Fix external graphics card.

---
 lmn-desktop.yml                     | 18 ++++++++++++++++++
 roles/up2date_debian/tasks/main.yml |  2 +-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 9533177..a9ae690 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -42,3 +42,21 @@
         shell: /bin/bash
         groups: libvirt
         append: yes
+    - name: Fix 8086:4909 external graphics card
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX=""$'
+        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
+      notify: update grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+    - name: add bookworm
+      apt_repository:
+        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
+        state: present
+        update_cache: true
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+    - name: upgrade non-free-firmware packages
+      apt:
+        upgrade: true
+        autoremove: true
+        autoclean: true
diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index d28bc9e..3d7ba68 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -24,7 +24,7 @@
 
 - name: add {{ ansible_distribution_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main contrib non-free
     state: present
     update_cache: true
   when: extra_pkgs_bpo|length

From c1ff7319f4c63c8de10412128a9a27858f09de0e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 7 Feb 2023 19:09:47 +0100
Subject: [PATCH 250/504] Sync VM back to the server.

---
 roles/lmn_vm/files/lmn-sync-vm-sudo |  1 +
 roles/lmn_vm/files/sync-vm.sh       | 64 +++++++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml         | 19 ++++-----
 3 files changed, 73 insertions(+), 11 deletions(-)
 create mode 100644 roles/lmn_vm/files/lmn-sync-vm-sudo
 create mode 100644 roles/lmn_vm/files/sync-vm.sh

diff --git a/roles/lmn_vm/files/lmn-sync-vm-sudo b/roles/lmn_vm/files/lmn-sync-vm-sudo
new file mode 100644
index 0000000..5144e28
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-sync-vm-sudo
@@ -0,0 +1 @@
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
new file mode 100644
index 0000000..a44c98f
--- /dev/null
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/bash
+# Push VM-Disk-Image on server
+set -eu
+
+show_help() {
+    cat << EOF
+Usage: $(basename "$0") [-u vmname] [-d vmname] [-a]"
+When using option -u (upload), the disk from VM vmname will be synced on server.
+Otherwise the images from images.list and xml-directory will be synced from server.
+EOF
+}
+
+upload_image() {
+    # check if VM-Diskimage exists
+    if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
+        echo "File not found ${VM_NAME}.qcow2"
+        exit 1
+    fi
+    # check if VM-Machine-Definition XML exists
+    if [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; then
+        echo "File not found ${VM_NAME}.xml"
+        exit 1
+    fi
+    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
+	  rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \
+	  rsync://vmuser@server:/vmimages-upload/xml/
+}
+
+download_image() {
+    rsync -av --password-file=/etc/rsync.secret \
+	  "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2" \
+	  /var/lib/libvirt/images/
+    rsync -av --password-file=/etc/rsync.secret \
+	  "rsync://vmuser@server:/vmimages-download/xml/${VM_NAME}.xml" \
+	  /var/lib/libvirt/images/xml/
+}
+
+sync_all_images() {
+    rsync -av --password-file=/etc/rsync.secret --files-from=/var/lib/libvirt/images/images.list \
+	  rsync://vmuser@server:/vmimages-download/ /var/lib/libvirt/images/
+    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
+	  /var/lib/libvirt/images/
+}
+
+while getopts ':u:d:a' OPTION; do
+    case "$OPTION" in
+        u)
+            VM_NAME=$OPTARG
+            upload_image
+            ;;
+        d)
+            VM_NAME=$OPTARG
+            download_image
+            ;;
+        a)
+            sync_all_images
+            ;;
+        ?)
+        show_help
+        exit 1
+        ;;
+    esac
+done
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 6224e6b..cdce481 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -50,21 +50,17 @@
     dest: /etc/squid/squid-usermode.conf
     mode: '0644'
 
-- name: deploy sudo configuration
+- name: deploy sudo configurations
   copy:
-    src: lmn-mounthome-sudo
-    dest: /etc/sudoers.d/90-lmn-mounthome
-    owner: root
-    group: root
-    mode: '0700'
-
-- name: deploy sudo configuration
-  copy:
-    src: lmn-create-clone-sudo
-    dest: /etc/sudoers.d/90-lmn-create-clone
+    src: "{{ item }}"
+    dest: "/etc/sudoers.d/90-{{ item }}"
     owner: root
     group: root
     mode: '0700'
+  loop:
+    - lmn-mounthome-sudo
+    - lmn-create-clone-sudo
+    - lmn-sync-vm-sudo
 
 - name: deploy mount home script
   copy:
@@ -79,6 +75,7 @@
     - rebase-vm.sh
     - create-clone.sh
     - run-vm.sh
+    - sync-vm.sh
 
 - name: deploy http proxy config
   copy:

From 354075f53003409f98a74068925076aeab911df4 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sun, 12 Feb 2023 14:38:29 +0100
Subject: [PATCH 251/504] shell syntax optimized and more options for
 rebase-vm.sh

---
 roles/lmn_vm/files/create-clone.sh    |  7 +--
 roles/lmn_vm/files/create-vm.sh       | 23 ++++----
 roles/lmn_vm/files/lmn-create-vm-sudo |  1 +
 roles/lmn_vm/files/lmn-rebase-vm-sudo |  1 +
 roles/lmn_vm/files/rebase-vm.sh       | 85 +++++++++++++++++++--------
 roles/lmn_vm/files/sync-vm.sh         |  0
 roles/lmn_vm/tasks/main.yml           |  2 +
 7 files changed, 79 insertions(+), 40 deletions(-)
 create mode 100644 roles/lmn_vm/files/lmn-create-vm-sudo
 create mode 100644 roles/lmn_vm/files/lmn-rebase-vm-sudo
 mode change 100644 => 100755 roles/lmn_vm/files/sync-vm.sh

diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
index 73ecfd2..d0629d0 100755
--- a/roles/lmn_vm/files/create-clone.sh
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -3,9 +3,8 @@
 
 set -eu
 
-# if less than one arguments supplied, display usage
-if [  "$#" -ne 1 ]
-then
+# if less or more than one arguments supplied, display usage
+if [[ $# -ne 1 ]]; then
     echo "This script takes as input the name of the VM to clone"
     echo "Usage: $0 vm_name"
     exit 1
@@ -16,7 +15,7 @@ cd /var/lib/libvirt/images
 
 VM_NAME=$1
 
-if [ ! -f "xml/${VM_NAME}.xml" -a -f "${VM_NAME}.gcow2" ]; then
+if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.gcow2" ]]; then
     echo "xml or qcow2 File does not exists."
     exit 1
 fi
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
index be187e2..55cd835 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -2,10 +2,8 @@
 # create 1st level-Clones
 
 set -eu
-
 # if less than two arguments supplied, display usage
-if [  $# -ne 2 ]
-then
+if [[  $# -ne 2 ]]; then 
     echo "This script takes as input the name of the VM to clone"
     echo "Usage: $0 vm_name_orig vm_name_clone"
     exit 1
@@ -14,21 +12,24 @@ fi
 VM_NAME=$1
 VM_CLONE=$2
 
-if [ ! -f "xml/$VM_NAME.xml" -a -f "$VM_NAME.gcow2" ]; then
+# change to image-directory
+cd /var/lib/libvirt/images
+
+if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.gcow2" ]]; then
     echo "xml or qcow2 File does not exists."
     exit 1
 fi
 
-qemu-img create -f qcow2 -F qcow2 -b $VM_NAME.qcow2 $VM_NAME-$VM_CLONE.qcow2
-chmod a-w $VM_NAME-$VM_CLONE.qcow2
+qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
+chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
 
-# virsh --connect=qemu:///system dumpxml $VM_NAME > xml/$VM_NAME_$VM_CLONE.xml
-cp xml/$VM_NAME.xml xml/$VM_NAME-$VM_CLONE.xml
+# virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
+cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
 
 # hardware addresses need to be removed, libvirt will assign
 # new addresses automatically
-sed -i /uuid/d xml/$VM_NAME-$VM_CLONE.xml
-sed -i '/mac address/d' xml/$VM_NAME-$VM_CLONE.xml
+sed -i /uuid/d "xml/${VM_NAME}-${VM_CLONE}.xml"
+sed -i '/mac address/d' "xml/${VM_NAME}-${VM_CLONE}.xml"
 
 # and actually rename the vm: (this also updates the storage path)
-sed -i s/$VM_NAME/$VM_NAME-$VM_CLONE/ xml/$VM_NAME-$VM_CLONE.xml
+sed -i "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "xml/${VM_NAME}-${VM_CLONE}.xml"
diff --git a/roles/lmn_vm/files/lmn-create-vm-sudo b/roles/lmn_vm/files/lmn-create-vm-sudo
new file mode 100644
index 0000000..b823c6f
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-create-vm-sudo
@@ -0,0 +1 @@
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/create-vm.sh
diff --git a/roles/lmn_vm/files/lmn-rebase-vm-sudo b/roles/lmn_vm/files/lmn-rebase-vm-sudo
new file mode 100644
index 0000000..28c1c43
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-rebase-vm-sudo
@@ -0,0 +1 @@
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/rebase-vm.sh
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/rebase-vm.sh
index 184f615..5accc16 100755
--- a/roles/lmn_vm/files/rebase-vm.sh
+++ b/roles/lmn_vm/files/rebase-vm.sh
@@ -1,44 +1,79 @@
 #!/usr/bin/bash
-
 # Rebase one level down
-
 set -eu
 
-# if less than one arguments supplied, display usage
-if [  $# -ne 1 ]
-then
-    echo "This script takes as input the name of the VM to rebase one level down"
-    echo "Usage: $0 vm_name"
+show_help() {
+    cat << EOF
+Usage: $(basename "$0") [-n newname] vmname"
+This script takes as input the name of the VM to rebase one level down
+    -n   new name of the rebased image
+EOF
+}
+ 
+while getopts ':n:' OPTION; do
+  case "$OPTION" in
+    n)
+      NEWNAME=$OPTARG
+      ;;
+    ?)
+      show_help
+      exit 1
+      ;;
+  esac
+done
+ 
+shift "$((OPTIND -1))"
+
+# if less or more than one arguments supplied, display usage 
+if [[  $# -ne 1 ]]; then
+    show_help
     exit 1
 fi
 
-VM_NAME=$1
+# change to Images directory
+cd /var/lib/libvirt/images
 
-if [ ! -f $VM_NAME.qcow2 ]
-then
-    echo "File not found $VM_NAME.qcow2"
+VM_NAME="$1"
+
+# check if VM-Diskimage exists
+if [[ ! -f "${VM_NAME}.qcow2" ]]; then
+    echo "File not found ${VM_NAME}.qcow2"
     exit 1
 fi
 
-shopt -s lastpipe
-qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | wc -l | read NUMBASES
-qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | head  -n 3 | tail -n 1 | cut -d' ' -f2 | read NEWBASE
-qemu-img info --backing-chain $VM_NAME.qcow2 | grep image | head  -n 2 | tail -n 1 | cut -d' ' -f2 | read CURRENTBASE
+# check if new VM-Diskimage exists
+if [[ -v NEWNAME ]] && [[ -f "${NEWNAME}.qcow2" ]]; then
+    echo "New Base already exists: ${NEWNAME}.qcow2"
+    exit 1
+fi
 
-if [ ! $NUMBASES -ge 3 ]
-then
+NUMBASES=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep -c image)
+NEWBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head  -n 3 | tail -n 1 | cut -d' ' -f2)
+CURRENTBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head  -n 2 | tail -n 1 | cut -d' ' -f2)
+
+if [[ ! "${NUMBASES}" -ge 3 ]]; then 
     echo "Image must have at least 2 backing-files"
     exit 1
 fi
 
-if [ ! -f $NEWBASE -a -f $CURRENTBASE ]
-then
-    echo "Backingfiles not found $CURRENTBASE, $NEWBASE"
+# check if base Diskimage exists
+if [[ ! -f "${NEWBASE}" ]] || [[ ! -f "${CURRENTBASE}" ]]; then
+    echo "Backingfiles not found ${CURRENTBASE}, ${NEWBASE}"
     exit 1
 fi
 
-qemu-img rebase -f qcow2 -b $NEWBASE -F qcow2 $VM_NAME.qcow2
-rm $CURRENTBASE
-mv $VM_NAME.qcow2 $CURRENTBASE
-chmod a-w $CURRENTBASE
-qemu-img create -f qcow2 -F qcow2 -b $CURRENTBASE $VM_NAME.qcow2
+# rebasing disk image
+qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
+if [[ -v NEWNAME ]]; then 
+    # copy and adapt machine definition file
+    CURRENTNAME="${CURRENTBASE/.qcow2/}"
+    cp "xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
+    sed -i "s/${CURRENTNAME}/${NEWNAME}/" "xml/${NEWNAME}.xml"
+    NEWNAME="${NEWNAME}.qcow2"
+else
+    rm "${CURRENTBASE}"
+    NEWNAME="${CURRENTBASE}"
+fi
+
+mv "${VM_NAME}.qcow2" "${NEWNAME}"
+chmod a-w "${NEWNAME}"
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
old mode 100644
new mode 100755
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index cdce481..dc659eb 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -61,6 +61,8 @@
     - lmn-mounthome-sudo
     - lmn-create-clone-sudo
     - lmn-sync-vm-sudo
+    - lmn-create-vm-sudo
+    - lmn-rebase-vm-sudo
 
 - name: deploy mount home script
   copy:

From cb9f5fdb23e7869f0e96c3d55c489ca020eb096c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 18 Feb 2023 10:00:23 +0100
Subject: [PATCH 252/504] Skip time consuming VM syncing during installation,
 cleanup.

---
 roles/lmn_sssd/templates/sssd.conf.j2 | 18 ++++++++----------
 roles/lmn_vm/files/rebase-vm.sh       | 10 +++++-----
 roles/lmn_vm/tasks/main.yml           |  2 +-
 3 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/roles/lmn_sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
index 24ab69a..cb7a301 100644
--- a/roles/lmn_sssd/templates/sssd.conf.j2
+++ b/roles/lmn_sssd/templates/sssd.conf.j2
@@ -3,17 +3,15 @@ domains = {{ domain }}
 config_file_version = 2
 
 [domain/{{ domain }}]
-default_shell = /bin/bash
+krb5_realm = {{ domain | upper }}
+ad_domain = {{ domain }}
+id_provider = ad
+access_provider = ad
+use_fully_qualified_names = False
 cache_credentials = True
 krb5_store_password_if_offline = True
-cache_credentials = True
-krb5_realm = {{ domain | upper }}
-id_provider = ad
-#override_homedir = /home/%u
-ad_domain = {{ domain }}
-use_fully_qualified_names = False
-ldap_id_mapping = True
-access_provider = ad
-ad_gpo_access_control = permissive
+default_shell = /usr/bin/bash
+# default: # ldap_id_mapping = True
+ad_gpo_access_control = disabled
 ad_gpo_ignore_unreadable = True
 ad_maximum_machine_account_password_age = 0
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/rebase-vm.sh
index 5accc16..336c1c4 100755
--- a/roles/lmn_vm/files/rebase-vm.sh
+++ b/roles/lmn_vm/files/rebase-vm.sh
@@ -9,7 +9,7 @@ This script takes as input the name of the VM to rebase one level down
     -n   new name of the rebased image
 EOF
 }
- 
+
 while getopts ':n:' OPTION; do
   case "$OPTION" in
     n)
@@ -21,10 +21,10 @@ while getopts ':n:' OPTION; do
       ;;
   esac
 done
- 
+
 shift "$((OPTIND -1))"
 
-# if less or more than one arguments supplied, display usage 
+# if less or more than one arguments supplied, display usage
 if [[  $# -ne 1 ]]; then
     show_help
     exit 1
@@ -51,7 +51,7 @@ NUMBASES=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep -c image)
 NEWBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head  -n 3 | tail -n 1 | cut -d' ' -f2)
 CURRENTBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head  -n 2 | tail -n 1 | cut -d' ' -f2)
 
-if [[ ! "${NUMBASES}" -ge 3 ]]; then 
+if [[ ! "${NUMBASES}" -ge 3 ]]; then
     echo "Image must have at least 2 backing-files"
     exit 1
 fi
@@ -64,7 +64,7 @@ fi
 
 # rebasing disk image
 qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
-if [[ -v NEWNAME ]]; then 
+if [[ -v NEWNAME ]]; then
     # copy and adapt machine definition file
     CURRENTNAME="${CURRENTBASE/.qcow2/}"
     cp "xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index dc659eb..2adf629 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -111,4 +111,4 @@
   command: rsync -a -i --files-from=/var/lib/libvirt/images/images.list rsync://server:/vmimages-download/ /var/lib/libvirt/images/
   register: result
   changed_when: result.stdout | length > 0
-  when: (ansible_mounts | selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000
+  when: not run_in_installer | default(false) | bool and (ansible_mounts | selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000

From 5640c3e76b93e6f62d195547a066dd37bef30f60 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 14 Mar 2023 17:12:53 +0100
Subject: [PATCH 253/504] Get ready for bookworm by default.

---
 lmn-desktop.yml               | 14 +++++++++++---
 roles/lmn_sssd/tasks/main.yml |  8 ++++++--
 roles/lmn_vm/tasks/main.yml   | 12 +++++++++---
 3 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index a9ae690..37ae331 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -22,7 +22,7 @@
       - console-setup
       - krb5-user
       - unattended-upgrades
-    extra_pkgs_bpo: [ linux-image-amd64 ]
+    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
@@ -49,14 +49,22 @@
         replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
       notify: update grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
-    - name: add bookworm
+
+    - name: add bookworm firmware repository if needed
       apt_repository:
         repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
         state: present
         update_cache: true
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"
     - name: upgrade non-free-firmware packages
       apt:
         upgrade: true
         autoremove: true
         autoclean: true
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"
diff --git a/roles/lmn_sssd/tasks/main.yml b/roles/lmn_sssd/tasks/main.yml
index 04b4f7f..082af5c 100644
--- a/roles/lmn_sssd/tasks/main.yml
+++ b/roles/lmn_sssd/tasks/main.yml
@@ -17,5 +17,9 @@
   ## Either one of the variables is defined:
 - name: join the domain
   shell:
-    cmd: echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" | adcli join --stdin-password -U global-admin {{ domain | upper }}
-  when: ansible_cmdline.adpw | default('') | length > 0 or adpw.user_input | default('') | length > 0
+    cmd: >
+      echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |
+      adcli join --stdin-password -U global-admin {{ domain | upper }}
+  when: >
+    ansible_cmdline.adpw | default('') | length > 0 or
+    adpw.user_input | default('') | length > 0
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 2adf629..d013156 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -103,12 +103,18 @@
     force: false
 
 - name: rsync VM image definitions
-  command: rsync -a --itemize-changes rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
+  command: >
+    rsync -a --itemize-changes
+    rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
   register: result
   changed_when: result.stdout | length > 0
 
 - name: rsync VM images
-  command: rsync -a -i --files-from=/var/lib/libvirt/images/images.list rsync://server:/vmimages-download/ /var/lib/libvirt/images/
+  command: >
+    rsync -a -i --files-from=/var/lib/libvirt/images/images.list
+    rsync://server:/vmimages-download/ /var/lib/libvirt/images/
   register: result
   changed_when: result.stdout | length > 0
-  when: not run_in_installer | default(false) | bool and (ansible_mounts | selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000
+  when: >
+    not run_in_installer | default(false) | bool and (ansible_mounts |
+    selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000

From 7a3f106ee34ed03be2cb4d989c7b84af4387b8c6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 15 Mar 2023 08:33:37 +0100
Subject: [PATCH 254/504] Switch to cifs for home dirs.

---
 lmn-desktop.yml                     |  1 +
 roles/lmn_mount/defaults/main.yml   |  2 +-
 roles/lmn_mount/tasks/main.yml      |  3 ++-
 roles/lmn_vm/files/mounthome.sh     | 23 +++++++++++++++++------
 roles/lmn_vm/tasks/main.yml         |  1 +
 roles/up2date_debian/tasks/main.yml |  4 +++-
 6 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 37ae331..bdfd4d1 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -15,6 +15,7 @@
 
   vars:
     domain: "{{ ansible_domain }}"
+    nfs4: false
     extra_pkgs:
       - vim
       - mc
diff --git a/roles/lmn_mount/defaults/main.yml b/roles/lmn_mount/defaults/main.yml
index 86e9368..cf3a823 100644
--- a/roles/lmn_mount/defaults/main.yml
+++ b/roles/lmn_mount/defaults/main.yml
@@ -1,2 +1,2 @@
 smb_server: "server"
-smb_share: "default-school/share/"
+smb_share: "default-school/"
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index ece685d..edbf515 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -16,7 +16,7 @@
         fstype="cifs"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
-        mountpoint="/media/%(DOMAIN_USER)/share"
+        mountpoint="/srv/samba/schools/default-school"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
@@ -40,3 +40,4 @@
     opts: sec=krb5p,_netdev,x-systemd.automount,x-systemd.idle-timeout=60
     state: present
     fstype: nfs4
+  when: nfs4
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index ea3c2d8..685e598 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -1,15 +1,26 @@
 #!/usr/bin/bash
 set -eu
 
-share="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's/.*default-school//')"
+share="/srv/samba/schools/default-school/share/"
+home="$(getent passwd "$SUDO_UID" | cut -d : -f 6)"
 
-if [ "$#" -gt 0 ] && [ "$1" = '-u' ]; then
-    umount "/media/${SUDO_USER}/home" && rmdir "/media/${SUDO_USER}/home"
+if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
+    [[ -d "/media/${SUDO_USER}/home" ]] && umount "/media/${SUDO_USER}/home" && rmdir "/media/${SUDO_USER}/home"
+    [[ -d "/media/${SUDO_USER}/share" ]] && umount "/media/${SUDO_USER}/share" && rmdir "/media/${SUDO_USER}/share"
+    [[ -d "/media/${SUDO_USER}/oldhome" ]] && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
+elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
+    read -p "Username: " username
+    read -s -p "Passwort: " PASSWD
+    export PASSWD
+    mkdir -p "/media/${SUDO_USER}/oldhome"
+    mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
+          "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
 else
+    mkdir -p "/media/${SUDO_USER}"
     chgrp 1010 "/media/${SUDO_USER}"
     chmod 0770 "/media/${SUDO_USER}"
     mkdir -p "/media/${SUDO_USER}/home"
-    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},username=${SUDO_USER},uid=${SUDO_UID},\
-gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid,user=${SUDO_USER}" \
-	  "//server/default-school/${share}" "/media/${SUDO_USER}/home"
+    mkdir -p "/media/${SUDO_USER}/share"
+    mount --bind "${share}" "/media/${SUDO_USER}/share"
+    mount --bind "${home}" "/media/${SUDO_USER}/home"
 fi
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index d013156..1d838ad 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -108,6 +108,7 @@
     rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
   register: result
   changed_when: result.stdout | length > 0
+  when: not run_in_installer | default(false) | bool
 
 - name: rsync VM images
   command: >
diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index 3d7ba68..013d8d2 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -24,7 +24,9 @@
 
 - name: add {{ ansible_distribution_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main contrib non-free
+    repo: >
+      deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports
+      main contrib non-free-firmware non-free
     state: present
     update_cache: true
   when: extra_pkgs_bpo|length

From a502d37c61c28674f02afb848dc05aa5066bf407 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 17 Mar 2023 19:46:22 +0100
Subject: [PATCH 255/504] Fixes for akonadi, however, it still does not like
 the smb working dir.

---
 lmn-desktop.yml                | 9 +++++++++
 roles/lmn_kde/tasks/main.yml   | 6 ++++++
 roles/lmn_mount/tasks/main.yml | 2 +-
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index bdfd4d1..9c8b6fc 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -12,6 +12,14 @@
       register: adpw
       no_log: true
       when: "ansible_cmdline.adpw is not defined"
+    - name: preseed apparmor
+      debconf:
+        name: apparmor
+        question: apparmor/homedirs
+        value: >-
+          /srv/samba/schools/default-school/teachers/
+          /srv/samba/schools/default-school/students/*/
+        vtype: string
 
   vars:
     domain: "{{ ansible_domain }}"
@@ -23,6 +31,7 @@
       - console-setup
       - krb5-user
       - unattended-upgrades
+      - debconf-utils
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]
     ansible_python_interpreter: "/usr/bin/python3"
 
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index c926b57..6923e8b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -49,6 +49,12 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
+- name: Add home dirs to apparmor
+  lineinfile:
+    dest: /etc/apparmor.d/tunables/home.d/ubuntu
+    line: >-
+      @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
+      /srv/samba/schools/default-school/students/*/
 
 - name: set homepage
   lineinfile:
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index edbf515..34c7421 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -17,7 +17,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 

From ba7eca15fab80b02f7fa3b36822c3725989d8191 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 19 Mar 2023 17:41:21 +0100
Subject: [PATCH 256/504] Prepare a persistent local cache directory and define
 XDG_CACHE_HOME.

---
 roles/lmn_mount/tasks/main.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 34c7421..9d26510 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -21,6 +21,33 @@
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
+
+- name: Prepare persistent user cache base directory
+  ansible.builtin.file:
+    path: /var/cache/user/
+    state: directory
+    mode: '1777'
+
+- name: Create user-environment-generator directory
+  ansible.builtin.file:
+    path: /etc/systemd/user-environment-generators/
+    state: directory
+
+- name: Prepare generator for persistent user cache directory
+  ansible.builtin.copy:
+    dest: /etc/systemd/user-environment-generators/50-xdg-cache-home.sh
+    content: |
+      #!/usr/bin/bash
+      set -eu
+      ## local users do not need the extra cache dir:
+      [[ "$UID" -le 60000 ]] && exit 0
+      cp -r -n /etc/skel/.* "$HOME"
+      DIR="/var/cache/user/${UID}/"
+      [[ -d "$DIR" ]] || mkdir -m 0700 "$DIR"
+      echo XDG_CACHE_HOME="$DIR"
+    mode: "0755"
+
+
 - name: Clean up all user processes after logout
   ansible.builtin.replace:
     path: /etc/security/pam_mount.conf.xml

From 76562b503b112de1d32b234b10ec6bdf694e8491 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 4 Apr 2023 13:05:50 +0200
Subject: [PATCH 257/504] Disable /tmp on tmpfs.

---
 roles/lmn_kde/tasks/main.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 6923e8b..2300b8f 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -87,9 +87,3 @@
     regexp: '^(XKBOPTIONS=).*'
     line: '\1"compose:caps"'
     backrefs: yes
-
-- name: tmp on tmpfs
-  command: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
-  args:
-    creates: /etc/systemd/system/tmp.mount
-  notify: enable tmp.mount

From 91aab8e75bd1af047077ee5c7f65e5fa717b1222 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 4 Apr 2023 13:07:10 +0200
Subject: [PATCH 258/504] No modifications by default, keep them for testing.

---
 roles/kde/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
index bcdfd6f..8f49677 100644
--- a/roles/kde/tasks/main.yml
+++ b/roles/kde/tasks/main.yml
@@ -25,14 +25,14 @@
   blockinfile:
     path: /etc/xdg/kdeglobals
     block: |
-      [General]
-      BrowserApplication=firefox-esr.desktop
+      #[General]
+      #BrowserApplication=firefox-esr.desktop
     create: true
 
 - name: add some favorites to the KDE menu
   blockinfile:
     path: /etc/xdg/kickoffrc
     block: |
-      [Favorites]
-      FavoriteURLs=firefox-esr.desktop,org.kde.dolphin.desktop,libreoffice-startcenter.desktop,org.kde.okular.desktop,org.kde.kate.desktop,gimp.desktop,inkscape.desktop,vlc.desktop,org.kde.konsole.desktop
+      #[Favorites]
+      #FavoriteURLs=firefox-esr.desktop,org.kde.dolphin.desktop,libreoffice-startcenter.desktop,org.kde.okular.desktop,org.kde.kate.desktop,gimp.desktop,inkscape.desktop,vlc.desktop,org.kde.konsole.desktop
     create: true

From 7871936a67bee8d0864b3ebce6eb579262a4d7cd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 4 Apr 2023 13:29:00 +0200
Subject: [PATCH 259/504] New scripts and sudo rules. Implement qemu session
 mode.

---
 lmn-desktop.yml                          |  1 +
 roles/lmn_vm/files/create-clone.sh       | 34 ++++++++------
 roles/lmn_vm/files/create-vm.sh          | 21 ++++++---
 roles/lmn_vm/files/link-images.sh        | 14 ++++++
 roles/lmn_vm/files/lmn-create-clone-sudo |  3 --
 roles/lmn_vm/files/lmn-create-vm-sudo    |  1 -
 roles/lmn_vm/files/lmn-link-images       |  3 ++
 roles/lmn_vm/files/lmn-mounthome         |  3 ++
 roles/lmn_vm/files/lmn-mounthome-sudo    |  3 --
 roles/lmn_vm/files/lmn-rebase-vm-sudo    |  1 -
 roles/lmn_vm/files/lmn-startvirtiofsd    |  3 ++
 roles/lmn_vm/files/lmn-sync-vm           |  1 +
 roles/lmn_vm/files/lmn-sync-vm-sudo      |  1 -
 roles/lmn_vm/files/mounthome.sh          | 12 ++---
 roles/lmn_vm/files/rebase-vm.sh          | 22 +++++++---
 roles/lmn_vm/files/run-vm.sh             | 56 ++++++++++++++++--------
 roles/lmn_vm/files/start-virtiofsd.sh    | 28 ++++++++++++
 roles/lmn_vm/files/sync-vm.sh            |  6 +--
 roles/lmn_vm/tasks/main.yml              | 30 ++++++++++---
 19 files changed, 176 insertions(+), 67 deletions(-)
 create mode 100755 roles/lmn_vm/files/link-images.sh
 delete mode 100644 roles/lmn_vm/files/lmn-create-clone-sudo
 delete mode 100644 roles/lmn_vm/files/lmn-create-vm-sudo
 create mode 100644 roles/lmn_vm/files/lmn-link-images
 create mode 100644 roles/lmn_vm/files/lmn-mounthome
 delete mode 100644 roles/lmn_vm/files/lmn-mounthome-sudo
 delete mode 100644 roles/lmn_vm/files/lmn-rebase-vm-sudo
 create mode 100644 roles/lmn_vm/files/lmn-startvirtiofsd
 create mode 100644 roles/lmn_vm/files/lmn-sync-vm
 delete mode 100644 roles/lmn_vm/files/lmn-sync-vm-sudo
 create mode 100755 roles/lmn_vm/files/start-virtiofsd.sh

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 9c8b6fc..da46224 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -23,6 +23,7 @@
 
   vars:
     domain: "{{ ansible_domain }}"
+    rsyncsecret: Muster!
     nfs4: false
     extra_pkgs:
       - vim
diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
index d0629d0..939b638 100755
--- a/roles/lmn_vm/files/create-clone.sh
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -5,8 +5,8 @@ set -eu
 
 # if less or more than one arguments supplied, display usage
 if [[ $# -ne 1 ]]; then
-    echo "This script takes as input the name of the VM to clone"
-    echo "Usage: $0 vm_name"
+    echo "This script takes as input the name of the VM to clone" >&2
+    echo "Usage: $0 vm_name" >&2
     exit 1
 fi
 
@@ -15,22 +15,30 @@ cd /var/lib/libvirt/images
 
 VM_NAME=$1
 
-if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.gcow2" ]]; then
-    echo "xml or qcow2 File does not exists."
+if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.qcow2" ]]; then
+    echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
 
+VM_DIR="/tmp/${UID}/vmimages"
+VM_XML="${VM_DIR}/xml/${VM_NAME}-clone.xml"
+
+# Create User-VM-Dir and link system VM-Images
+[[ -d "${VM_DIR}/xml" ]] || mkdir -p "${VM_DIR}/xml"
+sudo /usr/local/bin/link-images.sh
+
+# Create backing file
+cd "${VM_DIR}"
 qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
 
-cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-clone.xml"
+# Create machine-definition-file
+cp "/var/lib/libvirt/images/xml/${VM_NAME}.xml" "${VM_XML}"
 
-# and actually rename the vm: (this also updates the storage path)
-sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "xml/${VM_NAME}-clone.xml"
+# set VM_DIR:
+sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
 
-# set Username for mounting data from correct user
-sed -i "s/USER/${SUDO_USER}/" "xml/${VM_NAME}-clone.xml"
+# and actually rename the vm (this also updates part of the storage path):
+sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
 
-# delete the old vm
-virsh --connect=qemu:///system undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
-# finally, create the new vm
-virsh --connect=qemu:///system define "xml/${VM_NAME}-clone.xml"
+# set virtiofs-Socket
+sed -i "s:VIRTIOFSSOCKET:${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock:" "${VM_XML}"
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
index 55cd835..cceb199 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -4,8 +4,8 @@
 set -eu
 # if less than two arguments supplied, display usage
 if [[  $# -ne 2 ]]; then 
-    echo "This script takes as input the name of the VM to clone"
-    echo "Usage: $0 vm_name_orig vm_name_clone"
+    echo "This script takes as input the name of the VM to clone" >&2
+    echo "Usage: $0 vm_name_orig vm_name_clone" >&2
     exit 1
 fi
 
@@ -13,10 +13,11 @@ VM_NAME=$1
 VM_CLONE=$2
 
 # change to image-directory
-cd /var/lib/libvirt/images
+VM_DIR="/tmp/${UID}/vmimages"
+cd "${VM_DIR}"
 
-if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.gcow2" ]]; then
-    echo "xml or qcow2 File does not exists."
+if { [[ ! -f "xml/${VM_NAME}.xml" ]] && [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
+    echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
 
@@ -24,7 +25,15 @@ qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.
 chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
 
 # virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
-cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
+# copy machine-definition-file
+if [[ -f "xml/${VM_NAME}.xml" ]]; then
+  cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
+elif [[ -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; then
+  cp "/var/lib/libvirt/images/xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
+else
+  echo "no machine definition file found" >&2
+  exit 1
+fi
 
 # hardware addresses need to be removed, libvirt will assign
 # new addresses automatically
diff --git a/roles/lmn_vm/files/link-images.sh b/roles/lmn_vm/files/link-images.sh
new file mode 100755
index 0000000..4e63e07
--- /dev/null
+++ b/roles/lmn_vm/files/link-images.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/bash
+# link VM in Use-Dir in /tmp
+
+set -eu
+
+# change to image-directory
+cd /var/lib/libvirt/images
+
+VM_DIR="/tmp/${SUDO_UID}/vmimages"
+
+# link system-VM-Images to User VM Directory
+for i in *.qcow2; do
+  [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
+done
\ No newline at end of file
diff --git a/roles/lmn_vm/files/lmn-create-clone-sudo b/roles/lmn_vm/files/lmn-create-clone-sudo
deleted file mode 100644
index 7c79a2b..0000000
--- a/roles/lmn_vm/files/lmn-create-clone-sudo
+++ /dev/null
@@ -1,3 +0,0 @@
-%examusers    ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/create-clone.sh
diff --git a/roles/lmn_vm/files/lmn-create-vm-sudo b/roles/lmn_vm/files/lmn-create-vm-sudo
deleted file mode 100644
index b823c6f..0000000
--- a/roles/lmn_vm/files/lmn-create-vm-sudo
+++ /dev/null
@@ -1 +0,0 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/create-vm.sh
diff --git a/roles/lmn_vm/files/lmn-link-images b/roles/lmn_vm/files/lmn-link-images
new file mode 100644
index 0000000..15a6a14
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-link-images
@@ -0,0 +1,3 @@
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
diff --git a/roles/lmn_vm/files/lmn-mounthome b/roles/lmn_vm/files/lmn-mounthome
new file mode 100644
index 0000000..ed958ff
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-mounthome
@@ -0,0 +1,3 @@
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
\ No newline at end of file
diff --git a/roles/lmn_vm/files/lmn-mounthome-sudo b/roles/lmn_vm/files/lmn-mounthome-sudo
deleted file mode 100644
index f60cc5b..0000000
--- a/roles/lmn_vm/files/lmn-mounthome-sudo
+++ /dev/null
@@ -1,3 +0,0 @@
-%examusers    ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
diff --git a/roles/lmn_vm/files/lmn-rebase-vm-sudo b/roles/lmn_vm/files/lmn-rebase-vm-sudo
deleted file mode 100644
index 28c1c43..0000000
--- a/roles/lmn_vm/files/lmn-rebase-vm-sudo
+++ /dev/null
@@ -1 +0,0 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/rebase-vm.sh
diff --git a/roles/lmn_vm/files/lmn-startvirtiofsd b/roles/lmn_vm/files/lmn-startvirtiofsd
new file mode 100644
index 0000000..a56b156
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-startvirtiofsd
@@ -0,0 +1,3 @@
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
diff --git a/roles/lmn_vm/files/lmn-sync-vm b/roles/lmn_vm/files/lmn-sync-vm
new file mode 100644
index 0000000..fb28ab7
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-sync-vm
@@ -0,0 +1 @@
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
\ No newline at end of file
diff --git a/roles/lmn_vm/files/lmn-sync-vm-sudo b/roles/lmn_vm/files/lmn-sync-vm-sudo
deleted file mode 100644
index 5144e28..0000000
--- a/roles/lmn_vm/files/lmn-sync-vm-sudo
+++ /dev/null
@@ -1 +0,0 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 685e598..d10fe8d 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -5,19 +5,19 @@ share="/srv/samba/schools/default-school/share/"
 home="$(getent passwd "$SUDO_UID" | cut -d : -f 6)"
 
 if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
-    [[ -d "/media/${SUDO_USER}/home" ]] && umount "/media/${SUDO_USER}/home" && rmdir "/media/${SUDO_USER}/home"
-    [[ -d "/media/${SUDO_USER}/share" ]] && umount "/media/${SUDO_USER}/share" && rmdir "/media/${SUDO_USER}/share"
-    [[ -d "/media/${SUDO_USER}/oldhome" ]] && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
+    findmnt "/media/${SUDO_USER}/home"    && umount "/media/${SUDO_USER}/home"    && rmdir "/media/${SUDO_USER}/home"
+    findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
+    findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
-    read -p "Username: " username
-    read -s -p "Passwort: " PASSWD
+    read -pr "Username: " username
+    read -spr "Passwort: " PASSWD
     export PASSWD
     mkdir -p "/media/${SUDO_USER}/oldhome"
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
           "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
 else
     mkdir -p "/media/${SUDO_USER}"
-    chgrp 1010 "/media/${SUDO_USER}"
+    chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
     chmod 0770 "/media/${SUDO_USER}"
     mkdir -p "/media/${SUDO_USER}/home"
     mkdir -p "/media/${SUDO_USER}/share"
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/rebase-vm.sh
index 336c1c4..63cd335 100755
--- a/roles/lmn_vm/files/rebase-vm.sh
+++ b/roles/lmn_vm/files/rebase-vm.sh
@@ -3,7 +3,7 @@
 set -eu
 
 show_help() {
-    cat << EOF
+    cat << EOF >&2
 Usage: $(basename "$0") [-n newname] vmname"
 This script takes as input the name of the VM to rebase one level down
     -n   new name of the rebased image
@@ -31,19 +31,20 @@ if [[  $# -ne 1 ]]; then
 fi
 
 # change to Images directory
-cd /var/lib/libvirt/images
+VM_DIR="/tmp/${UID}/vmimages"
+cd "${VM_DIR}"
 
 VM_NAME="$1"
 
 # check if VM-Diskimage exists
 if [[ ! -f "${VM_NAME}.qcow2" ]]; then
-    echo "File not found ${VM_NAME}.qcow2"
+    echo "File not found ${VM_NAME}.qcow2" >&2
     exit 1
 fi
 
 # check if new VM-Diskimage exists
 if [[ -v NEWNAME ]] && [[ -f "${NEWNAME}.qcow2" ]]; then
-    echo "New Base already exists: ${NEWNAME}.qcow2"
+    echo "New Base already exists: ${NEWNAME}.qcow2" >&2
     exit 1
 fi
 
@@ -52,13 +53,13 @@ NEWBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head
 CURRENTBASE=$(qemu-img info --backing-chain "${VM_NAME}.qcow2" | grep image | head  -n 2 | tail -n 1 | cut -d' ' -f2)
 
 if [[ ! "${NUMBASES}" -ge 3 ]]; then
-    echo "Image must have at least 2 backing-files"
+    echo "Image must have at least 2 backing-files" >&2
     exit 1
 fi
 
 # check if base Diskimage exists
 if [[ ! -f "${NEWBASE}" ]] || [[ ! -f "${CURRENTBASE}" ]]; then
-    echo "Backingfiles not found ${CURRENTBASE}, ${NEWBASE}"
+    echo "Backingfiles not found ${CURRENTBASE}, ${NEWBASE}" >&2
     exit 1
 fi
 
@@ -67,7 +68,14 @@ qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
 if [[ -v NEWNAME ]]; then
     # copy and adapt machine definition file
     CURRENTNAME="${CURRENTBASE/.qcow2/}"
-    cp "xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
+    if [[ -f "xml/${CURRENTNAME}.xml" ]]; then
+      cp "xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
+    elif [[ -f "/var/lib/libvirt/images/xml/${CURRENTNAME}.xml" ]]; then
+      cp "/var/lib/libvirt/images/xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
+    else
+      echo "no machine definition file found" >&2
+      exit 1
+    fi
     sed -i "s/${CURRENTNAME}/${NEWNAME}/" "xml/${NEWNAME}.xml"
     NEWNAME="${NEWNAME}.qcow2"
 else
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index cba0de4..49e7d44 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -3,29 +3,40 @@
 
 set -eu
 
-NEWCLONE=0
-
 show_help() {
-    cat << EOF
+    cat << EOF >&2
 Usage: $(basename "$0") [-n] vmname"
 Create a new clone, start the vm (if not yet running) and run virt-viewer.
 Squid-Proxy will be started too.
 User Home will be mounted on /media/USERNAME/home
     -n   new clone will be created, even if exists
+    -s   qemu:///session instead of default qemu:///system
 EOF
 }
 
+exit_script() {
+    echo "run-vm.sh ${VM_NAME} terminated by trap!" >> "/tmp/${UID}/exit-run-vm.log"
+    virsh --connect="${QEMU}" destroy "${VM_NAME}-clone"
+    trap - SIGHUP SIGINT SIGTERM # clear the trap
+    kill -- -$$ # Sends SIGTERM to child/sub processes
+}
+
+QEMU='qemu:///system'
+
 NEWCLONE=0
 
-while getopts ':n' OPTION; do
+while getopts ':ns' OPTION; do
     case "$OPTION" in
-	n)
-	    NEWCLONE=1
-	    ;;
-	?)
-	show_help
-	exit 1
-	;;
+        n)
+            NEWCLONE=1
+            ;;
+        s)
+            QEMU='qemu:///session'
+            ;;
+        ?)
+        show_help
+        exit 1
+        ;;
     esac
 done
 
@@ -40,7 +51,7 @@ fi
 VM_NAME=$1
 
 if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
-    echo "no base VM disk '${VM_NAME}.qcow2' found"
+    echo "no base VM disk '${VM_NAME}.qcow2' found" >&2
     exit 1
 fi
 
@@ -51,17 +62,26 @@ if [[ ! -f "/tmp/squid.pid" ]]; then
 fi
 
 # check, if we have to mount home
-if [[ ! -d "/media/${USER}/home" ]]; then
+if ! findmnt "/media/${USER}/home"; then
     echo "mounting home."
     sudo mounthome.sh
 fi
 
-if  ! virsh --connect=qemu:///system list | grep "${VM_NAME}"; then
+export XDG_CONFIG_HOME="/tmp/${UID}/.config"
+VM_DIR="/tmp/${UID}/vmimages"
+
+if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     echo "VM not yet running. Try to clone and start."
-    if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "/var/lib/libvirt/images/${VM_NAME}-clone.qcow2" ]]; then
-        sudo create-clone.sh "${VM_NAME}"
+    if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
+        create-clone.sh "${VM_NAME}"
     fi
-    virsh --connect=qemu:///system start "${VM_NAME}-clone"
+    # delete the old vm
+    virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
+    # finally, create the new vm
+    virsh --connect=qemu:///session define "${VM_DIR}/xml/${VM_NAME}-clone.xml"
+    trap exit_script SIGHUP SIGINT SIGTERM
+    [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
+    virsh --connect="${QEMU}" start "${VM_NAME}-clone"
 fi
 echo "starting viewer"
-virt-viewer --connect=qemu:///system --full-screen "${VM_NAME}-clone"
+virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
new file mode 100755
index 0000000..b7d17b1
--- /dev/null
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/bash
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 1 ]]; then
+    echo "This script takes as input the name of the VM " >&2
+    echo "Usage: $0 vm_name" >&2
+    exit 1
+fi
+
+VM_NAME=$1
+
+export XDG_RUNTIME_DIR="/run/user/${SUDO_UID}"
+
+if ! [[ -d "${XDG_RUNTIME_DIR}/virtiofs" ]]; then
+       mkdir "${XDG_RUNTIME_DIR}/virtiofs/"
+       chown "${SUDO_UID}" "${XDG_RUNTIME_DIR}/virtiofs/"
+fi
+
+[[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
+/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/media/${SUDO_USER}" -o sandbox=chroot > /dev/null &
+# Wait until socket-File exists and chown to user
+until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
+   echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
+   sleep 0.1
+done
+/usr/bin/chown "${SUDO_USER}" "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index a44c98f..51be74f 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -3,7 +3,7 @@
 set -eu
 
 show_help() {
-    cat << EOF
+    cat << EOF >&2
 Usage: $(basename "$0") [-u vmname] [-d vmname] [-a]"
 When using option -u (upload), the disk from VM vmname will be synced on server.
 Otherwise the images from images.list and xml-directory will be synced from server.
@@ -13,12 +13,12 @@ EOF
 upload_image() {
     # check if VM-Diskimage exists
     if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
-        echo "File not found ${VM_NAME}.qcow2"
+        echo "File not found ${VM_NAME}.qcow2" >&2
         exit 1
     fi
     # check if VM-Machine-Definition XML exists
     if [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; then
-        echo "File not found ${VM_NAME}.xml"
+        echo "File not found ${VM_NAME}.xml" >&2
         exit 1
     fi
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 1d838ad..b1947d6 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -58,11 +58,10 @@
     group: root
     mode: '0700'
   loop:
-    - lmn-mounthome-sudo
-    - lmn-create-clone-sudo
-    - lmn-sync-vm-sudo
-    - lmn-create-vm-sudo
-    - lmn-rebase-vm-sudo
+    - lmn-mounthome
+    - lmn-sync-vm
+    - lmn-link-images
+    - lmn-startvirtiofsd
 
 - name: deploy mount home script
   copy:
@@ -78,6 +77,27 @@
     - create-clone.sh
     - run-vm.sh
     - sync-vm.sh
+    - link-images.sh
+    - start-virtiofsd.sh
+
+- name: Deploy bridge.conf needed for qemu session mode
+  lineinfile:
+    path: /etc/qemu/bridge.conf
+    line: 'allow virbr0'
+    create: True
+    mode: '0655'
+
+- name: Deploy rsync.secret
+  lineinfile:
+    path: /etc/rsync.secret
+    line: "{{ rsyncsecret }}"
+    create: True
+    mode: '0600'
+
+- name: Allow users to attach to bridge
+  file:
+    path: /usr/lib/qemu/qemu-bridge-helper
+    mode: '4755'
 
 - name: deploy http proxy config
   copy:

From 2d6f1973bd3871a6d0cd7ceffdb78157ca90f395 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 4 Apr 2023 13:52:10 +0200
Subject: [PATCH 260/504] Circumvent LMN firewall.

---
 roles/lmn_vm/files/lmn-proxy.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
index 122a10d..153b30c 100755
--- a/roles/lmn_vm/files/lmn-proxy.sh
+++ b/roles/lmn_vm/files/lmn-proxy.sh
@@ -1,3 +1,3 @@
-export http_proxy='http://firewall:3128'
+export http_proxy='http://aptcache:3128'
 export https_proxy=$http_proxy
 export ftp_proxy=$http_proxy

From 5f59910cf2239f86abcb6bc4dc088ecc33981994 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 19 Apr 2023 12:47:32 +0200
Subject: [PATCH 261/504] Fix XML comments.

---
 roles/lmn_mount/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 9d26510..586ed79 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -11,6 +11,7 @@
 - name: Configure pam_mount
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK" -->
     block: |
       <volume
         fstype="cifs"
@@ -52,7 +53,7 @@
   ansible.builtin.replace:
     path: /etc/security/pam_mount.conf.xml
     regexp: '^(<logout wait="0" hup="no" term="no" kill="no" />)$'
-    replace: '#\1\n<logout wait="1000" hup="yes" term="yes" kill="yes" />'
+    replace: '<!-- \1 -->\n<logout wait="1000" hup="yes" term="yes" kill="yes" />'
 
 - name: Kill all user processes on logout
   ansible.builtin.lineinfile:

From 3240d00e98390678280dac030e7d136bb279af12 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 19 Apr 2023 15:04:40 +0200
Subject: [PATCH 262/504] Revert "Circumvent LMN firewall."

This reverts commit 2d6f1973bd3871a6d0cd7ceffdb78157ca90f395.
---
 roles/lmn_vm/files/lmn-proxy.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
index 153b30c..122a10d 100755
--- a/roles/lmn_vm/files/lmn-proxy.sh
+++ b/roles/lmn_vm/files/lmn-proxy.sh
@@ -1,3 +1,3 @@
-export http_proxy='http://aptcache:3128'
+export http_proxy='http://firewall:3128'
 export https_proxy=$http_proxy
 export ftp_proxy=$http_proxy

From 50cf61844c74c0f6cae7fde6afaebb5a2e2c607b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 3 May 2023 08:06:58 +0200
Subject: [PATCH 263/504] Fix marker quotation.

---
 roles/lmn_mount/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 586ed79..5f7d1d2 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -11,7 +11,7 @@
 - name: Configure pam_mount
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
-    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK" -->
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
     block: |
       <volume
         fstype="cifs"

From 399c3d0d66df03e5a88ab79a2b1be2fce6f8cd19 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael@netboot.steinbeisschule-reutlingen.de>
Date: Wed, 3 May 2023 17:24:27 +0200
Subject: [PATCH 264/504] sync-vm with torrent support

---
 lmn-desktop.yml                           |   1 +
 roles/lmn_vm/files/linbo-torrent          |  33 ++++
 roles/lmn_vm/files/linbo-torrenthelper.sh |  31 ++++
 roles/lmn_vm/files/run-vm.sh              |  12 +-
 roles/lmn_vm/files/sync-vm.sh             |  37 +++-
 roles/lmn_vm/files/vmimage-torrent        | 213 ++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml               |  14 +-
 7 files changed, 329 insertions(+), 12 deletions(-)
 create mode 100644 roles/lmn_vm/files/linbo-torrent
 create mode 100755 roles/lmn_vm/files/linbo-torrenthelper.sh
 create mode 100755 roles/lmn_vm/files/vmimage-torrent

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index da46224..d312aab 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -33,6 +33,7 @@
       - krb5-user
       - unattended-upgrades
       - debconf-utils
+      - ctorrent
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]
     ansible_python_interpreter: "/usr/bin/python3"
 
diff --git a/roles/lmn_vm/files/linbo-torrent b/roles/lmn_vm/files/linbo-torrent
new file mode 100644
index 0000000..e22ed0b
--- /dev/null
+++ b/roles/lmn_vm/files/linbo-torrent
@@ -0,0 +1,33 @@
+# default values for linbo-torrenthelper service provided by ctorrent
+# thomas@linuxmuster.net
+# 20220317
+#
+# note: you have to invoke 'linbo-torrent restart' after you have changed any values
+#
+
+# Exit while seed <SEEDHOURS> hours later (default 72 hours)
+SEEDHOURS="100000"
+
+# Max peers count (default 100)
+MAXPEERS="100"
+
+# Min peers count (default 1)
+MINPEERS="1"
+
+# Download slice/block size, unit KB (default 16, max 128)
+SLICESIZE="128"
+
+# Max bandwidth down (unit KB/s, default unlimited)
+MAXDOWN=""
+
+# Max bandwidth up (unit KB/s, default unlimited)
+MAXUP=""
+
+# Supplemental ctorrent options, separated by space (-v: Verbose output for debugging)
+#OPTIONS="-v"
+
+# Timeout in seconds until rsync fallback (client only)
+TIMEOUT="300"
+
+# user to run ctorrent (server only)
+CTUSER="nobody"
diff --git a/roles/lmn_vm/files/linbo-torrenthelper.sh b/roles/lmn_vm/files/linbo-torrenthelper.sh
new file mode 100755
index 0000000..2775dcf
--- /dev/null
+++ b/roles/lmn_vm/files/linbo-torrenthelper.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+#
+# thomas@linuxmuster.net
+# GPL v3
+# 20220317
+#
+# linbo ctorrent helper script, started in a screen session by init script
+#
+
+torrent="$1"
+[ -s "$torrent" ] || exit 1
+
+# get ctorrent options from file
+[ -e /etc/default/linbo-torrent ] && source /etc/default/linbo-torrent
+[ -e /home/raphael/git/fvsclient/etc/default/linbo-torrent ] && source /home/raphael/git/fvsclient/etc/default/linbo-torrent
+
+[ -n "$SEEDHOURS" ] &&  OPTIONS="$OPTIONS -e $SEEDHOURS"
+[ -n "$MAXPEERS" ] &&  OPTIONS="$OPTIONS -M $MAXPEERS"
+[ -n "$MINPEERS" ] &&  OPTIONS="$OPTIONS -m $MINPEERS"
+[ -n "$SLICESIZE" ] &&  OPTIONS="$OPTIONS -z $SLICESIZE"
+[ -n "$MAXDOWN" ] &&  OPTIONS="$OPTIONS -D $MAXDOWN"
+[ -n "$MAXUP" ] &&  OPTIONS="$OPTIONS -U $MAXUP"
+OPTIONS="$OPTIONS $torrent"
+
+[ -n "$CTUSER" ] && SUDO="/usr/bin/sudo -u $CTUSER"
+
+while true; do
+ $SUDO /usr/bin/ctorrent $OPTIONS || exit 1
+ # hash check only on initial start, add -f parameter
+ echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
+done
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index 49e7d44..c726a4f 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -10,7 +10,7 @@ Create a new clone, start the vm (if not yet running) and run virt-viewer.
 Squid-Proxy will be started too.
 User Home will be mounted on /media/USERNAME/home
     -n   new clone will be created, even if exists
-    -s   qemu:///session instead of default qemu:///system
+    -s   qemu:///system instead of default qemu:///session
 EOF
 }
 
@@ -21,7 +21,7 @@ exit_script() {
     kill -- -$$ # Sends SIGTERM to child/sub processes
 }
 
-QEMU='qemu:///system'
+QEMU='qemu:///session'
 
 NEWCLONE=0
 
@@ -31,7 +31,7 @@ while getopts ':ns' OPTION; do
             NEWCLONE=1
             ;;
         s)
-            QEMU='qemu:///session'
+            QEMU='qemu:///system'
             ;;
         ?)
         show_help
@@ -49,14 +49,15 @@ if [[  $# -ne 1 ]] ; then
 fi
 
 VM_NAME=$1
+VM_DIR="/tmp/${UID}/vmimages"
 
-if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
+if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ! -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
     echo "no base VM disk '${VM_NAME}.qcow2' found" >&2
     exit 1
 fi
 
 # check, if we have to start squid
-if [[ ! -f "/tmp/squid.pid" ]]; then
+if ! killall -s 0 squid; then
     echo "starting squid."
     /usr/sbin/squid -f /etc/squid/squid-usermode.conf
 fi
@@ -68,7 +69,6 @@ if ! findmnt "/media/${USER}/home"; then
 fi
 
 export XDG_CONFIG_HOME="/tmp/${UID}/.config"
-VM_DIR="/tmp/${UID}/vmimages"
 
 if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     echo "VM not yet running. Try to clone and start."
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 51be74f..471ee69 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -4,23 +4,42 @@ set -eu
 
 show_help() {
     cat << EOF >&2
-Usage: $(basename "$0") [-u vmname] [-d vmname] [-a]"
+Usage: $(basename "$0") [-u vmname] [-d vmname] [-a] [-t]"
 When using option -u (upload), the disk from VM vmname will be synced on server.
 Otherwise the images from images.list and xml-directory will be synced from server.
+Using flag -t all torrents and xml-VM-Definitions will be synced
 EOF
 }
 
+VM_DIR="/tmp/${SUDO_UID}/vmimages"
+
 upload_image() {
     # check if VM-Diskimage exists
-    if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" ]]; then
+    if [[ ! (-f "/var/lib/libvirt/images/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
         echo "File not found ${VM_NAME}.qcow2" >&2
         exit 1
     fi
+    # link private VM-Diskimage to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
+          &&   ( -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/var/lib/libvirt/images/${VM_NAME}.qcow2") \
+          || ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2") ]]; then
+      echo "copy private VM-Diskimage to system-dir"
+      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/var/lib/libvirt/images/${VM_NAME}.qcow2"
+    fi
     # check if VM-Machine-Definition XML exists
-    if [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; then
+    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}") ]]; then
         echo "File not found ${VM_NAME}.xml" >&2
         exit 1
     fi
+    # copy private VM-Maschine-Definition XML to system-Dir
+    if [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" \
+          &&   ( -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/${VM_NAME}.xml") \
+          || ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml") ]]; then
+      echo "copy private VM-Maschine-Definition XML to system-dir"
+      cp "${VM_DIR}/${VM_NAME}.xml" "/var/lib/libvirt/images/${VM_NAME}.xml"
+    fi
+    [[ -f "/var/lib/libvirt/images/${VMNAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
+	  "/var/lib/libvirt/images/${VM_NAME}.qcow2" rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
 	  rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \
@@ -43,7 +62,14 @@ sync_all_images() {
 	  /var/lib/libvirt/images/
 }
 
-while getopts ':u:d:a' OPTION; do
+sync_all_torrents() {
+    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/*.torrent \
+	  /var/lib/libvirt/images/
+    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
+	  /var/lib/libvirt/images/
+}
+
+while getopts ':u:d:a:t' OPTION; do
     case "$OPTION" in
         u)
             VM_NAME=$OPTARG
@@ -56,6 +82,9 @@ while getopts ':u:d:a' OPTION; do
         a)
             sync_all_images
             ;;
+        t)
+            sync_all_torrents
+            ;;
         ?)
         show_help
         exit 1
diff --git a/roles/lmn_vm/files/vmimage-torrent b/roles/lmn_vm/files/vmimage-torrent
new file mode 100755
index 0000000..c9a4a20
--- /dev/null
+++ b/roles/lmn_vm/files/vmimage-torrent
@@ -0,0 +1,213 @@
+#!/bin/bash
+#
+# starts tmux sessions for each valid torrent in LINBODIR
+# thomas@linuxmuster.net
+# 20221103
+#
+
+# read environment
+#. /usr/share/linuxmuster/defaults.sh || exit 1
+#THELPER=$LINBOSHAREDIR/linbo-torrenthelper.sh
+THELPER=linbo-torrenthelper.sh
+#. $LINBOSHAREDIR/helperfunctions.sh || exit 1
+LINBOIMGEXT="qcow2 qdiff"
+LINBOIMGDIR="/var/lib/libvirt/images"
+serverip="10.190.1.1"
+
+# start of functions
+
+# help message
+usage(){
+  echo
+  echo "Info: vmimage-torrent manages the torrent tmux sessions of linbo images."
+  echo
+  echo "Usage:"
+  echo " vmimage-torrent <start|stop|restart|reload|status|create|check> [image_name]"
+  echo " vmimage-torrent attach <image_name|session_name>"
+  echo
+  echo "Note:"
+  echo " * Only qcow2 & qdiff image files located below $LINBOIMGDIR are processed."
+  echo " * The commands \"start\", \"stop\" and \"restart\" may have optionally an image"
+  echo "   filename as parameter. In this case the commands are only applied to the tmux"
+  echo "   session of the certain file. Without an explicit image filename the commands"
+  echo "   were applied to all image file sessions currently running."
+  echo " * An image filename parameter is mandatory with the commands \"check\", \"create\""
+  echo "   and \"attach\"."
+  echo " * \"check\" checks if the image file matches to the correspondig torrent."
+  echo " * \"create\" creates/recreates the torrent of a certain image file."
+  echo " * \"status\" shows a list of currently running torrent tmux sessions."
+  echo " * \"attach\" attaches a torrent tmux session of a certain image. An image or"
+  echo "   session name must be given as parameter."
+  echo "   Press [CTRL+B]+[D] to detach the session again."
+  echo " * \"reload\" is the identical to \"restart\" and is there for backwards compatibility."
+  echo
+  exit 1
+}
+
+# check torrent
+check(){
+  local image="$(basename "$IMGLIST")"
+  local torrent="$image.torrent"
+  local tdir="$(dirname "$IMGLIST")"
+  cd "$tdir"
+  echo "Checking $torrent ..."
+  if ctorrent -c "$torrent"; then
+    echo "Ok!"
+  else
+    echo "Failed!"
+    exit 1
+  fi
+}
+
+# creates torrent files
+create(){
+  local image="$(basename "$IMGLIST")"
+  local tdir="$(dirname "$IMGLIST")"
+  local torrent="${image}.torrent"
+  local session="${torrent//./_}"
+  # stop torrent service
+  vmimage-torrent status | grep -q ^"$session" && vmimage-torrent stop "$IMGLIST"
+  # skip already running torrents
+  echo "Creating $torrent ..."
+  cd "$tdir"
+  rm -f "$torrent"
+  if ctorrent -t -u "http://$serverip:6969/announce" -s "$torrent" "$image" ; then
+    [ "$START" = "no" ] || vmimage-torrent start "$IMGLIST"
+  else
+    echo "Failed!"
+    exit 1
+  fi
+}
+
+# starts torrent tmux sessions
+start(){
+  local item
+  local torrent
+  local image
+  local tdir
+  local session
+  for item in $IMGLIST; do
+    image="$(basename "$item")"
+    torrent="${image}.torrent"
+    tdir="$(dirname "$item")"
+    session="${torrent//./_}"
+    cd "$tdir"
+    if [ ! -s "$image" ]; then
+      echo "Image $image does not exist! Skipping this torrent."
+      continue
+    fi
+    # skip already running torrents
+    if vmimage-torrent status | grep -qw ^"$session"; then
+      echo "tmux session $session is already running."
+      continue
+    fi
+    # create torrent file if there is none
+    if [ ! -e "$torrent" ]; then
+      START="no" vmimage-torrent create "$item" || continue
+    fi
+    echo -n "Starting tmux session $session ... "
+    tmux new -ds "$session" "$THELPER $torrent ; exec $SHELL"
+    sleep 1
+    if vmimage-torrent status | grep -qw ^"$session"; then
+      echo "Ok!"
+    else
+      echo "Failed!"
+    fi
+  done
+}
+
+stop(){
+  if [ -n "$SESSION" ]; then
+    vmimage-torrent status | grep -qw ^"$SESSION" || return
+    tmux kill-session -t "$SESSION"
+  else
+    local item
+    vmimage-torrent status | awk -F\: '{print $1}' | while read item; do
+      tmux kill-session -t "$item"
+    done
+  fi
+}
+
+attach(){
+  if ! tmux list-sessions | grep -qw "$SESSION"; then
+    echo "There is no session $SESSION."
+    exit 1
+  fi
+  echo "Hint: Detach tmux session with [CTRL+B]+[D]."
+  sleep 3
+  tmux attach -t "$SESSION"
+}
+
+status(){
+  tmux list-sessions | grep _torrent
+}
+
+find_images(){
+  local search="$(basename "$1")"
+  if [ -n "$search" ]; then
+    find "$LINBOIMGDIR" -maxdepth 2 -name "$search"
+    return
+  fi
+  local IMGLIST
+  for search in $LINBOIMGEXT; do
+    IMGLIST="$IMGLIST $(find "$LINBOIMGDIR" -maxdepth 2 -name \*.$search)"
+  done
+  # trim leading and trailing spaces
+  echo $IMGLIST | awk '{$1=$1};1'
+}
+
+# end of functions
+
+# check parameters
+if [ -n "$2" ] ; then
+  # trap torrent parameter
+  image="${2/.torrent/}"
+  case "$image" in
+    *.qcow2|*.qdiff)
+      if [ -e "$image" ]; then
+        IMGLIST="$image"
+      else
+        IMGLIST="$(find_images "$image")"
+      fi
+      if [ ! -e "$IMGLIST" ]; then
+        echo "Image file $(basename $image) not found."
+        usage
+      fi
+      filename="$(basename "$IMGLIST")"
+      SESSION="${filename//./_}_torrent"
+      ;;
+    *_torrent)
+      if [ "$1" = "attach" ]; then
+        SESSION="$image"
+      else
+        usage
+      fi
+      ;;
+    *) usage ;;
+  esac
+else
+  case "$1" in
+    stop|status) ;;
+    attach|check|create) usage ;;
+    *)
+      IMGLIST="$(find_images)"
+      if [ -z "$IMGLIST" ]; then
+        echo "No linbo images found."
+        exit 0
+      fi
+      ;;
+  esac
+fi
+
+case "$1" in
+  start) start ;;
+  stop) stop ;;
+  restart|reload) stop ; start ;;
+  status) status ;;
+  create) create ;;
+  check) check ;;
+  attach) attach ;;
+  *) usage ;;
+esac
+
+exit 0
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index b1947d6..1feed81 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -63,7 +63,7 @@
     - lmn-link-images
     - lmn-startvirtiofsd
 
-- name: deploy mount home script
+- name: deploy vmimages scripts
   copy:
     src: "{{ item }}"
     dest: /usr/local/bin/
@@ -79,6 +79,16 @@
     - sync-vm.sh
     - link-images.sh
     - start-virtiofsd.sh
+    - linbo-torrenthelper.sh
+    - vmimage-torrent
+
+- name: deploy linbo-torrent defaults
+  copy:
+    src: linbo-torrent
+    dest: /etc/default/
+    owner: root
+    group: root
+    mode: '0755'
 
 - name: Deploy bridge.conf needed for qemu session mode
   lineinfile:
@@ -137,5 +147,5 @@
   register: result
   changed_when: result.stdout | length > 0
   when: >
-    not run_in_installer | default(false) | bool and (ansible_mounts |
+    false and not run_in_installer | default(false) | bool and (ansible_mounts |
     selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000

From 78abee37a4e0cff337ecccf3c73c4dafe34414e5 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 3 May 2023 18:16:56 +0200
Subject: [PATCH 265/504] kerberize with kerberize_uri

---
 lmn-desktop.yml                | 2 ++
 roles/kerberize/tasks/main.yml | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d312aab..37b123a 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -23,6 +23,7 @@
 
   vars:
     domain: "{{ ansible_domain }}"
+    kerberize_uris: steinbeis.schule
     rsyncsecret: Muster!
     nfs4: false
     extra_pkgs:
@@ -44,6 +45,7 @@
     - kde
     - lmn_kde
     - lmn_vm
+    - kerberize
 
   tasks:
     - name: Add local user 'virti' in the 'libvirt' group
diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index 8f9b755..aab5553 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -28,6 +28,6 @@
     line: "{{ item }}"
   with_items:
     - '// kerberize for sites in the local domain:'
-    - 'pref("network.negotiate-auth.delegation-uris", "{{ ansible_domain }}");'
-    - 'pref("network.negotiate-auth.trusted-uris", "{{ ansible_domain }}");'
+    - 'pref("network.negotiate-auth.delegation-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
+    - 'pref("network.negotiate-auth.trusted-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
   when: firefox.stat.exists

From b412535de35aa927189e4c09f7f87c467233ba92 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 3 May 2023 18:28:35 +0200
Subject: [PATCH 266/504] no_proxy section for internal domains added

---
 roles/lmn_vm/files/lmn-proxy.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
index 122a10d..c5a1efd 100755
--- a/roles/lmn_vm/files/lmn-proxy.sh
+++ b/roles/lmn_vm/files/lmn-proxy.sh
@@ -1,3 +1,4 @@
 export http_proxy='http://firewall:3128'
 export https_proxy=$http_proxy
 export ftp_proxy=$http_proxy
+export no_proxy=firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule

From fb1283a54656902ba63bc0ff32eb22f1f593e47f Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sat, 6 May 2023 11:50:29 +0200
Subject: [PATCH 267/504] (re)create torrent file before upload

---
 roles/lmn_vm/files/sync-vm.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 471ee69..0b74b38 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -38,7 +38,10 @@ upload_image() {
       echo "copy private VM-Maschine-Definition XML to system-dir"
       cp "${VM_DIR}/${VM_NAME}.xml" "/var/lib/libvirt/images/${VM_NAME}.xml"
     fi
-    [[ -f "/var/lib/libvirt/images/${VMNAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
+    # (re-) create torrent file
+    /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
+    # Upload Torrent, qcow2 and machine-definition-XML
+    [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
 	  "/var/lib/libvirt/images/${VM_NAME}.qcow2" rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
 	  rsync://vmuser@server:/vmimages-upload/

From dce05711b452337445be2e93517900a902b855cd Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sat, 6 May 2023 12:04:07 +0200
Subject: [PATCH 268/504] systemd vmimage-torrent.service added

---
 roles/lmn_vm/handlers/main.yml | 9 +++++++++
 roles/lmn_vm/tasks/main.yml    | 9 +++++++++
 2 files changed, 18 insertions(+)

diff --git a/roles/lmn_vm/handlers/main.yml b/roles/lmn_vm/handlers/main.yml
index edfe719..ec8466a 100644
--- a/roles/lmn_vm/handlers/main.yml
+++ b/roles/lmn_vm/handlers/main.yml
@@ -2,3 +2,12 @@
   systemd:
     name: libvirtd.service
   listen: reload libvirtd
+
+- name: enable vmimage-torrent service
+  systemd:
+    name: vmimage-torrent.service
+    state: restarted
+    daemon_reload: true
+    enabled: true
+  listen: "enable vmimage-torrent.service"
+
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 1feed81..7454a43 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -90,6 +90,15 @@
     group: root
     mode: '0755'
 
+- name: Deploy vmimage-torrent.service
+  copy:
+    src: vmimage-torrent.service
+    dest: /etc/systemd/system/
+    owner: root
+    group: root
+    mode: '0755'
+  notify: "enable vmimage-torrent.service"
+
 - name: Deploy bridge.conf needed for qemu session mode
   lineinfile:
     path: /etc/qemu/bridge.conf

From 2887c94e13d3d76c25d3574205cfe93e901727ec Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sat, 6 May 2023 12:05:47 +0200
Subject: [PATCH 269/504] vmimage-torrent.service file added

---
 roles/lmn_vm/files/vmimage-torrent.service | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 roles/lmn_vm/files/vmimage-torrent.service

diff --git a/roles/lmn_vm/files/vmimage-torrent.service b/roles/lmn_vm/files/vmimage-torrent.service
new file mode 100644
index 0000000..10e6fd2
--- /dev/null
+++ b/roles/lmn_vm/files/vmimage-torrent.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=VM-image torrent service
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/local/bin/vmimage-torrent start
+ExecStop=/usr/local/bin/vmimage-torrent stop
+ExecReload=/usr/local/bin/vmimage-torrent reload
+
+[Install]
+WantedBy=multi-user.target

From a0fad9b45a66029ae6cb1172f1051d7d05ee0f5d Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 16 May 2023 12:32:53 +0200
Subject: [PATCH 270/504] fixed params for read-command

---
 roles/lmn_vm/files/mounthome.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index d10fe8d..21a37bc 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -9,8 +9,8 @@ if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
     findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
-    read -pr "Username: " username
-    read -spr "Passwort: " PASSWD
+    read -rp "Username: " username
+    read -srp "Passwort: " PASSWD
     export PASSWD
     mkdir -p "/media/${SUDO_USER}/oldhome"
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \

From cb67998666ce2bf961ae8dc694c38d177cdf7090 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 16 May 2023 19:52:35 +0200
Subject: [PATCH 271/504] mounthome with option to mount linuxhome

---
 roles/lmn_vm/files/mounthome.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 21a37bc..678f06a 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -8,6 +8,7 @@ if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/media/${SUDO_USER}/home"    && umount "/media/${SUDO_USER}/home"    && rmdir "/media/${SUDO_USER}/home"
     findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
     findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
+    findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     read -rp "Username: " username
     read -srp "Passwort: " PASSWD
@@ -15,6 +16,11 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     mkdir -p "/media/${SUDO_USER}/oldhome"
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
           "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
+elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
+    read -rp "Username: " username
+    mkdir -p "/media/${SUDO_USER}/linuxhome"
+    mount -t fuse -o "allow_other,uid=${SUDO_UID},gid=1010,reconnect" \
+          "sshfs#${username}@home.steinbeisschule-reutlingen.de:" "/media/${SUDO_USER}/linuxhome"
 else
     mkdir -p "/media/${SUDO_USER}"
     chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"

From f8e993154d93130a162cb0cf5585276cacec8975 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sat, 20 May 2023 14:45:41 +0200
Subject: [PATCH 272/504] ansible-role to install additional packages added

---
 lmn-desktop.yml                   |  1 +
 roles/lmn_packages/tasks/main.yml | 10 ++++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 roles/lmn_packages/tasks/main.yml

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 37b123a..3f22114 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -45,6 +45,7 @@
     - kde
     - lmn_kde
     - lmn_vm
+    - lmn_packages
     - kerberize
 
   tasks:
diff --git a/roles/lmn_packages/tasks/main.yml b/roles/lmn_packages/tasks/main.yml
new file mode 100644
index 0000000..e098144
--- /dev/null
+++ b/roles/lmn_packages/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: install additional packages
+  apt:
+    name:
+      - ttf-mscorefonts-installer
+      - sqlite3
+      - sqlitebrowser
+    state: latest
+    autoremove: true
+

From cf06dcf14232b249dd5aa2154373b628f1142a3b Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sun, 21 May 2023 15:05:43 +0200
Subject: [PATCH 273/504] bugfix

---
 roles/lmn_vm/files/sync-vm.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 0b74b38..4e896dc 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -42,7 +42,7 @@ upload_image() {
     /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
     # Upload Torrent, qcow2 and machine-definition-XML
     [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
-	  "/var/lib/libvirt/images/${VM_NAME}.qcow2" rsync://vmuser@server:/vmimages-upload/
+	  "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
 	  rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \

From af3c1fc1b1498e3ea8f1a4a6933eb36e87056d77 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 26 Jun 2023 18:33:56 +0200
Subject: [PATCH 274/504] fqdn for parent proxy

---
 roles/lmn_vm/templates/squid-usermode.conf.j2 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/templates/squid-usermode.conf.j2 b/roles/lmn_vm/templates/squid-usermode.conf.j2
index 1cf931a..a9dd458 100644
--- a/roles/lmn_vm/templates/squid-usermode.conf.j2
+++ b/roles/lmn_vm/templates/squid-usermode.conf.j2
@@ -1,11 +1,11 @@
 acl local-servers dstdomain .{{ domain }}
-cache_peer firewall parent 3128 0 no-query default login=NEGOTIATE auth-no-keytab
+cache_peer firewall.{{ domain }} parent 3128 0 no-query default login=NEGOTIATE auth-no-keytab
 never_direct deny local-servers
 never_direct allow all
 #access_log stdio:/tmp/access.log squid
 access_log none
-cache_log /dev/null 
+cache_log /dev/null
 logfile_rotate 0
 pid_filename /tmp/squid.pid
-http_port 192.168.122.1:3128 
+http_port 192.168.122.1:3128
 http_access allow all

From 00d5229f004fcb2580db23fad874634b0a7b9396 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 26 Jun 2023 19:44:40 +0200
Subject: [PATCH 275/504] use fqdn in proxy

---
 roles/lmn_vm/files/lmn-proxy.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
index c5a1efd..e0c4e15 100755
--- a/roles/lmn_vm/files/lmn-proxy.sh
+++ b/roles/lmn_vm/files/lmn-proxy.sh
@@ -1,4 +1,4 @@
-export http_proxy='http://firewall:3128'
+export http_proxy='http://firewall.pn.steinbeis.schule:3128'
 export https_proxy=$http_proxy
 export ftp_proxy=$http_proxy
 export no_proxy=firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule

From 354e1fb6fbf6ce0facd6e5153d0579b11a4adbb4 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 4 Jul 2023 10:43:24 +0200
Subject: [PATCH 276/504] add proxy

---
 roles/lmn_packages/tasks/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/lmn_packages/tasks/main.yml b/roles/lmn_packages/tasks/main.yml
index e098144..83611ee 100644
--- a/roles/lmn_packages/tasks/main.yml
+++ b/roles/lmn_packages/tasks/main.yml
@@ -7,4 +7,8 @@
       - sqlitebrowser
     state: latest
     autoremove: true
+  environment:
+    http_proxy: http://firewall.pn.steinbeis.schule:3128
+    https_proxy: http://firewall.pn.steinbeis.schule:3128
+
 

From 4e5eebe36780e0967391771c6f3e4950f2f10688 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 4 Jul 2023 10:43:57 +0200
Subject: [PATCH 277/504] download vms by torrent

---
 roles/lmn_vm/files/sync-vm.sh | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 4e896dc..3d92482 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -50,12 +50,18 @@ upload_image() {
 }
 
 download_image() {
-    rsync -av --password-file=/etc/rsync.secret \
+    if [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
+      cd /var/lib/libvirt/images
+      ctorrent -e 0 "${VM_NAME}.qcow2.torrent"
+      /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
+    else 
+      rsync -av --password-file=/etc/rsync.secret \
 	  "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2" \
 	  /var/lib/libvirt/images/
-    rsync -av --password-file=/etc/rsync.secret \
+      rsync -av --password-file=/etc/rsync.secret \
 	  "rsync://vmuser@server:/vmimages-download/xml/${VM_NAME}.xml" \
 	  /var/lib/libvirt/images/xml/
+    fi
 }
 
 sync_all_images() {
@@ -72,7 +78,7 @@ sync_all_torrents() {
 	  /var/lib/libvirt/images/
 }
 
-while getopts ':u:d:a:t' OPTION; do
+while getopts ':u:d:at' OPTION; do
     case "$OPTION" in
         u)
             VM_NAME=$OPTARG

From 983e915090e84908d96bfd539f8a6dcc709840ed Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 4 Jul 2023 11:42:32 +0200
Subject: [PATCH 278/504] fixed bugs

---
 roles/lmn_vm/files/create-clone.sh |  9 ++++-----
 roles/lmn_vm/files/create-vm.sh    |  6 +++++-
 roles/lmn_vm/files/link-images.sh  | 10 +++++++++-
 roles/lmn_vm/files/sync-vm.sh      |  4 ++--
 4 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
index 939b638..973c616 100755
--- a/roles/lmn_vm/files/create-clone.sh
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -14,15 +14,14 @@ fi
 cd /var/lib/libvirt/images
 
 VM_NAME=$1
+VM_DIR="/tmp/${UID}/vmimages"
+VM_XML="${VM_DIR}/xml/${VM_NAME}-clone.xml"
 
-if [[ ! -f "xml/${VM_NAME}.xml" ]] || [[ ! -f "${VM_NAME}.qcow2" ]]; then
+if ! [[ -f "xml/${VM_NAME}.xml" && -f "${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
     echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
 
-VM_DIR="/tmp/${UID}/vmimages"
-VM_XML="${VM_DIR}/xml/${VM_NAME}-clone.xml"
-
 # Create User-VM-Dir and link system VM-Images
 [[ -d "${VM_DIR}/xml" ]] || mkdir -p "${VM_DIR}/xml"
 sudo /usr/local/bin/link-images.sh
@@ -32,7 +31,7 @@ cd "${VM_DIR}"
 qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
 
 # Create machine-definition-file
-cp "/var/lib/libvirt/images/xml/${VM_NAME}.xml" "${VM_XML}"
+cp "${VM_DIR}/xml/${VM_NAME}.xml" "${VM_XML}"
 
 # set VM_DIR:
 sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
index cceb199..13ada98 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -11,9 +11,13 @@ fi
 
 VM_NAME=$1
 VM_CLONE=$2
+VM_DIR="/tmp/${UID}/vmimages"
+
+# Create User-VM-Dir and link system VM-Images
+[[ -d "${VM_DIR}/xml" ]] || mkdir -p "${VM_DIR}/xml"
+sudo /usr/local/bin/link-images.sh
 
 # change to image-directory
-VM_DIR="/tmp/${UID}/vmimages"
 cd "${VM_DIR}"
 
 if { [[ ! -f "xml/${VM_NAME}.xml" ]] && [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
diff --git a/roles/lmn_vm/files/link-images.sh b/roles/lmn_vm/files/link-images.sh
index 4e63e07..2a465ec 100755
--- a/roles/lmn_vm/files/link-images.sh
+++ b/roles/lmn_vm/files/link-images.sh
@@ -11,4 +11,12 @@ VM_DIR="/tmp/${SUDO_UID}/vmimages"
 # link system-VM-Images to User VM Directory
 for i in *.qcow2; do
   [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
-done
\ No newline at end of file
+done
+
+# change to image-directory
+cd /var/lib/libvirt/images/xml
+
+# link system-VM-Machine-Definitions to User VM Directory
+for i in *.xml; do
+  [[ -f "${VM_DIR}/xml/${i}" ]] || ln "${i}" "${VM_DIR}/xml/${i}"
+done
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 3d92482..681178f 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -27,7 +27,7 @@ upload_image() {
       ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/var/lib/libvirt/images/${VM_NAME}.qcow2"
     fi
     # check if VM-Machine-Definition XML exists
-    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}") ]]; then
+    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}.xml") ]]; then
         echo "File not found ${VM_NAME}.xml" >&2
         exit 1
     fi
@@ -36,7 +36,7 @@ upload_image() {
           &&   ( -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/${VM_NAME}.xml") \
           || ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml") ]]; then
       echo "copy private VM-Maschine-Definition XML to system-dir"
-      cp "${VM_DIR}/${VM_NAME}.xml" "/var/lib/libvirt/images/${VM_NAME}.xml"
+      cp "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/"
     fi
     # (re-) create torrent file
     /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"

From f191b0c1783db1550173f994d15c65158bb770d3 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 12 Jul 2023 15:47:35 +0200
Subject: [PATCH 279/504] allow students to download images

---
 roles/lmn_vm/files/lmn-sync-vm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/lmn-sync-vm b/roles/lmn_vm/files/lmn-sync-vm
index fb28ab7..284508b 100644
--- a/roles/lmn_vm/files/lmn-sync-vm
+++ b/roles/lmn_vm/files/lmn-sync-vm
@@ -1 +1,3 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
\ No newline at end of file
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh

From ec7c5678c3b964f095fd616cfe2d26e074cc2639 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 12 Jul 2023 15:50:46 +0200
Subject: [PATCH 280/504] infrastructure roles

---
 roles/lmn_network/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 roles/lmn_network/tasks/main.yml

diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
new file mode 100644
index 0000000..58b5c15
--- /dev/null
+++ b/roles/lmn_network/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+
+- name: set aptcache
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf
+    content: >
+      Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
+
+- name: set ntp Server
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/timesyncd.conf
+    insertafter: '^#NTP='
+    line: NTP=server.pn.steinbeis.schule

From 982ea9464df68a1f4f069d76d1625eedd391f387 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 12 Jul 2023 15:52:09 +0200
Subject: [PATCH 281/504] add software packages

---
 lmn-desktop.yml                   |  2 +-
 roles/lmn_kde/files/policies.json | 74 +++++++++++++++++++++++++++++++
 roles/lmn_kde/tasks/main.yml      | 37 +++++++++++++---
 roles/lmn_packages/tasks/main.yml |  1 +
 4 files changed, 108 insertions(+), 6 deletions(-)
 create mode 100644 roles/lmn_kde/files/policies.json

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 3f22114..b51fc21 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -39,13 +39,13 @@
     ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
+    - lmn_network
     - up2date_debian
     - lmn_sssd
     - lmn_mount
     - kde
     - lmn_kde
     - lmn_vm
-    - lmn_packages
     - kerberize
 
   tasks:
diff --git a/roles/lmn_kde/files/policies.json b/roles/lmn_kde/files/policies.json
new file mode 100644
index 0000000..4edf004
--- /dev/null
+++ b/roles/lmn_kde/files/policies.json
@@ -0,0 +1,74 @@
+{
+    "policies": {
+        "Proxy": {
+            "Mode": "system"
+        },
+        "OverrideFirstRunPage": "https://www.steinbeisschule-reutlingen.de",
+        "Homepage": {
+            "URL": "https://www.debian.org",
+            "Locked": false,
+            "StartPage": "previous-session"
+        },
+        "DisplayBookmarksToolbar": true,
+        "ManagedBookmarks": [
+            {
+                "toplevel_name": "FvS-Reutlingen"
+            },
+            {
+                "url": "https://server.pn.steinbeis.schule",
+                "name": "Passwort ändern"
+            },
+            {
+                "url": "https://dw.steinbeis.schule",
+                "name": "FvS-Hilfesystem"
+            },
+            {
+                "url": "https://nextcloud.steinbeisschule-reutlingen.de",
+                "name": "FvS-Nextcloud"
+            },
+            {
+                "url": "https://moodle.steinbeisschule-reutlingen.de",
+                "name": "FvS-Moodle"
+            },
+            {
+                "name": "Debian",
+                "children": [
+                    {
+                        "url": "https://www.debian.org",
+                        "name": "Debian Homepage"
+                    },
+                    {
+                        "url": "https://wiki.debian.org",
+                        "name": "Debian Wiki"
+                    },
+                    {
+                        "name": "Debian LAN/Live",
+                        "children": [
+                            {
+                                "url": "https://salsa.debian.org/andi/debian-lan-ansible",
+                                "name": "Debian LAN Ansible"
+                            },
+                            {
+                                "url": "https://wiki.debian.org/DebianLive",
+                                "name": "Debian Live"
+                            }
+                        ]
+                    }
+                ]
+            }
+        ],
+        "SearchEngines": {
+            "Add": [
+                {
+                    "Name": "Startpage",
+                    "URLTemplate": "https://www.startpage.com/sp/search?query={searchTerms}",
+                    "Method": "GET",
+                    "IconURL": "https://www.startpage.com/sp/cdn/favicons/favicon--default.ico",
+                    "Alias": "sp",
+                    "Description": "Startpage Search Engine"
+                }
+            ],
+            "Default": "Startpage"
+        }
+    }
+}
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 2300b8f..00a1604 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -29,8 +29,22 @@
       - vym
       - tree
       - xdg-desktop-portal-kde
+      - task-german-kde-desktop
+      - task-german-desktop
+      - kde-full
+      - ttf-mscorefonts-installer 
+      - sqlite3
+      - sqlitebrowser
+      - neovim
+      - qtcreator
+      - freecad
+#      - librecad
+      - kicad
+      - keepassxc
     state: latest
-
+  environment:
+    http_proxy: http://firewall.pn.steinbeis.schule:3128
+    https_proxy: http://firewall.pn.steinbeis.schule:3128
 
 - name: add {{ ansible_distribution_release }}-backports
   apt_repository:
@@ -56,10 +70,23 @@
       @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
       /srv/samba/schools/default-school/students/*/
 
-- name: set homepage
-  lineinfile:
-    dest: /etc/firefox-esr/firefox-esr.js
-    line: pref("browser.startup.homepage", "https://www.startpage.com");
+- name: create firefox policies directory
+  ansible.builtin.file:
+    path: /etc/firefox-esr/policies
+    state: directory
+    mode: '0755'
+
+- name: Create a symbolic link firefox to firefox-esr
+  ansible.builtin.file:
+    src: /etc/firefox-esr
+    dest: /etc/firefox
+    state: link
+
+
+- name: copy policy
+  ansible.builtin.copy:
+    src: policies.json
+    dest: /etc/firefox-esr/policies/
 
 - name: tune SDDM login
   blockinfile:
diff --git a/roles/lmn_packages/tasks/main.yml b/roles/lmn_packages/tasks/main.yml
index 83611ee..66ef006 100644
--- a/roles/lmn_packages/tasks/main.yml
+++ b/roles/lmn_packages/tasks/main.yml
@@ -5,6 +5,7 @@
       - ttf-mscorefonts-installer
       - sqlite3
       - sqlitebrowser
+      - neovim
     state: latest
     autoremove: true
   environment:

From d88d9fb42805757211da8265b373729a876ab74a Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Thu, 13 Jul 2023 15:44:17 +0200
Subject: [PATCH 282/504] restrict upload to role teacher

---
 roles/lmn_vm/files/lmn-upload-vm |  1 +
 roles/lmn_vm/files/sync-vm.sh    | 47 ++-----------------------
 roles/lmn_vm/files/upload-vm.sh  | 59 ++++++++++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml      |  2 ++
 4 files changed, 65 insertions(+), 44 deletions(-)
 create mode 100644 roles/lmn_vm/files/lmn-upload-vm
 create mode 100755 roles/lmn_vm/files/upload-vm.sh

diff --git a/roles/lmn_vm/files/lmn-upload-vm b/roles/lmn_vm/files/lmn-upload-vm
new file mode 100644
index 0000000..599e9d8
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-upload-vm
@@ -0,0 +1 @@
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/upload-vm.sh
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 681178f..b2ab12d 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -4,51 +4,14 @@ set -eu
 
 show_help() {
     cat << EOF >&2
-Usage: $(basename "$0") [-u vmname] [-d vmname] [-a] [-t]"
-When using option -u (upload), the disk from VM vmname will be synced on server.
-Otherwise the images from images.list and xml-directory will be synced from server.
+Usage: $(basename "$0") [-d vmname] [-a] [-t]"
+The images from images.list and xml-directory will be synced from server.
 Using flag -t all torrents and xml-VM-Definitions will be synced
 EOF
 }
 
 VM_DIR="/tmp/${SUDO_UID}/vmimages"
 
-upload_image() {
-    # check if VM-Diskimage exists
-    if [[ ! (-f "/var/lib/libvirt/images/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
-        echo "File not found ${VM_NAME}.qcow2" >&2
-        exit 1
-    fi
-    # link private VM-Diskimage to system-Dir
-    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
-          &&   ( -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/var/lib/libvirt/images/${VM_NAME}.qcow2") \
-          || ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2") ]]; then
-      echo "copy private VM-Diskimage to system-dir"
-      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/var/lib/libvirt/images/${VM_NAME}.qcow2"
-    fi
-    # check if VM-Machine-Definition XML exists
-    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}.xml") ]]; then
-        echo "File not found ${VM_NAME}.xml" >&2
-        exit 1
-    fi
-    # copy private VM-Maschine-Definition XML to system-Dir
-    if [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" \
-          &&   ( -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/${VM_NAME}.xml") \
-          || ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml") ]]; then
-      echo "copy private VM-Maschine-Definition XML to system-dir"
-      cp "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/"
-    fi
-    # (re-) create torrent file
-    /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
-    # Upload Torrent, qcow2 and machine-definition-XML
-    [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
-	  "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
-	  rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \
-	  rsync://vmuser@server:/vmimages-upload/xml/
-}
-
 download_image() {
     if [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
       cd /var/lib/libvirt/images
@@ -78,12 +41,8 @@ sync_all_torrents() {
 	  /var/lib/libvirt/images/
 }
 
-while getopts ':u:d:at' OPTION; do
+while getopts ':d:at' OPTION; do
     case "$OPTION" in
-        u)
-            VM_NAME=$OPTARG
-            upload_image
-            ;;
         d)
             VM_NAME=$OPTARG
             download_image
diff --git a/roles/lmn_vm/files/upload-vm.sh b/roles/lmn_vm/files/upload-vm.sh
new file mode 100755
index 0000000..5f981a9
--- /dev/null
+++ b/roles/lmn_vm/files/upload-vm.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/bash
+# Push VM-Disk-Image on server
+set -eu
+
+show_help() {
+    cat << EOF >&2
+Usage: $(basename "$0") vmname"
+Create torrent and upload disk, torrent and xml-VM-Definiton on server.
+EOF
+}
+
+VM_DIR="/tmp/${SUDO_UID}/vmimages"
+
+upload_image() {
+    # check if VM-Diskimage exists
+    if [[ ! (-f "/var/lib/libvirt/images/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
+        echo "File not found ${VM_NAME}.qcow2" >&2
+        exit 1
+    fi
+    # link private VM-Diskimage to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
+          &&   ( -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/var/lib/libvirt/images/${VM_NAME}.qcow2") \
+          || ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2") ]]; then
+      echo "copy private VM-Diskimage to system-dir"
+      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/var/lib/libvirt/images/${VM_NAME}.qcow2"
+    fi
+    # check if VM-Machine-Definition XML exists
+    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}.xml") ]]; then
+        echo "File not found ${VM_NAME}.xml" >&2
+        exit 1
+    fi
+    # copy private VM-Maschine-Definition XML to system-Dir
+    if [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" \
+          &&   ( -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/${VM_NAME}.xml") \
+          || ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml") ]]; then
+      echo "copy private VM-Maschine-Definition XML to system-dir"
+      cp "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/"
+    fi
+    cd /var/lib/libvirt/images
+    # (re-) create torrent file
+    /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
+    # Upload Torrent, qcow2 and machine-definition-XML
+    [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
+	  "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
+	  rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \
+	  rsync://vmuser@server:/vmimages-upload/xml/
+}
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 1 ]] ; then
+    show_help
+    exit 1
+fi
+
+VM_NAME=$1
+
+upload_image
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 7454a43..ebf9609 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -60,6 +60,7 @@
   loop:
     - lmn-mounthome
     - lmn-sync-vm
+    - lmn-upload-vm
     - lmn-link-images
     - lmn-startvirtiofsd
 
@@ -76,6 +77,7 @@
     - rebase-vm.sh
     - create-clone.sh
     - run-vm.sh
+    - upload-vm.sh
     - sync-vm.sh
     - link-images.sh
     - start-virtiofsd.sh

From 264b493a986d0a25973aa2e637522c2e0974f283 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Thu, 13 Jul 2023 20:51:22 +0200
Subject: [PATCH 283/504] install additional packages

---
 roles/lmn_kde/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 00a1604..441c74f 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -32,7 +32,7 @@
       - task-german-kde-desktop
       - task-german-desktop
       - kde-full
-      - ttf-mscorefonts-installer 
+      - ttf-mscorefonts-installer
       - sqlite3
       - sqlitebrowser
       - neovim
@@ -41,6 +41,12 @@
 #      - librecad
       - kicad
       - keepassxc
+      - tmux
+      - curl
+      - default-jdk
+      - pulseview
+      - sigrok
+      - sigrok-cli
     state: latest
   environment:
     http_proxy: http://firewall.pn.steinbeis.schule:3128

From 0b1bae17a343ae69ca1af683871248f7526939c8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 14 Jul 2023 07:37:39 +0200
Subject: [PATCH 284/504] more packages

---
 roles/lmn_kde/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 441c74f..da7bcc2 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -38,7 +38,8 @@
       - neovim
       - qtcreator
       - freecad
-#      - librecad
+      - librecad
+      - arduino
       - kicad
       - keepassxc
       - tmux

From 764fd3a3bf81478182266b09970b27c1d1f8011e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 14 Jul 2023 10:45:20 +0200
Subject: [PATCH 285/504] fix for machines in R217

---
 lmn-desktop.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index b51fc21..c470094 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -57,6 +57,7 @@
         shell: /bin/bash
         groups: libvirt
         append: yes
+
     - name: Fix 8086:4909 external graphics card
       replace:
         dest: "/etc/default/grub"
@@ -65,6 +66,14 @@
       notify: update grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
 
+    - name: Fix sound
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX=""$'
+        replace: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"'
+      notify: update grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
+
     - name: add bookworm firmware repository if needed
       apt_repository:
         repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware

From f101787e2df3eb4c7332559587bce0d0db28a0e9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 14 Jul 2023 11:09:08 +0200
Subject: [PATCH 286/504] fix wireshark dump as normal user

---
 roles/lmn_kde/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index da7bcc2..781a726 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -70,6 +70,12 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
+- name: set capabilities (wireshark)
+  capabilities:
+    path: /usr/bin/dumpcap
+    capability: cap_net_raw,cap_net_admin+eip
+    state: present
+
 - name: Add home dirs to apparmor
   lineinfile:
     dest: /etc/apparmor.d/tunables/home.d/ubuntu

From 0347ecda0eb40f1ac5cbebcb45703e5171e6c707 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 14 Jul 2023 13:01:46 +0200
Subject: [PATCH 287/504] wake up from suspend fails in R217

---
 roles/lmn_kde/tasks/main.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 781a726..919618b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -111,6 +111,22 @@
       RememberLastUser=false
       RememberLastSession=false
 
+- name: Create directory to avoid suspend
+  ansible.builtin.file:
+    path: /etc/systemd/sleep.conf.d/
+    state: directory
+    mode: '0755'
+
+- name: Avoid suspending
+  blockinfile:
+    path: /etc/systemd/sleep.conf.d/nosuspend.conf
+    create: true
+    block: |
+      [Sleep]
+      AllowSuspend=no
+      AllowHibernation=no
+      AllowSuspendThenHibernate=no
+      AllowHybridSleep=no
 
 ################# from kiosk.yml ##################
 - name: grub timeout

From 962cfa69d65e7be74e275b29497d6510d6e3887f Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sun, 16 Jul 2023 17:52:27 +0200
Subject: [PATCH 288/504] unmount oldhome and linuxhome on logout

---
 roles/lmn_vm/files/mounthome.sh | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 678f06a..078096f 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -4,6 +4,14 @@ set -eu
 share="/srv/samba/schools/default-school/share/"
 home="$(getent passwd "$SUDO_UID" | cut -d : -f 6)"
 
+exit_script() {
+    echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
+    findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
+    findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
+    trap - SIGHUP SIGINT SIGTERM # clear the trap
+    kill -- -$$ # Sends SIGTERM to child/sub processes
+}
+
 if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/media/${SUDO_USER}/home"    && umount "/media/${SUDO_USER}/home"    && rmdir "/media/${SUDO_USER}/home"
     findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
@@ -13,14 +21,28 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     read -rp "Username: " username
     read -srp "Passwort: " PASSWD
     export PASSWD
+    echo 
     mkdir -p "/media/${SUDO_USER}/oldhome"
+    #errcode=$(mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
+    #	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome")
+    #if [[ ! "${errcode}" ]]; then
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
-          "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
+	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
+    echo "Mounting successfull!"
+    echo "Dieses Fenster bitte nicht schließen!"
+    echo "Um weiter zu arbeiten: <Strg> + <Z>"
+    trap exit_script SIGHUP SIGINT SIGTERM
+    sleep infinity 
 elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
     read -rp "Username: " username
     mkdir -p "/media/${SUDO_USER}/linuxhome"
     mount -t fuse -o "allow_other,uid=${SUDO_UID},gid=1010,reconnect" \
           "sshfs#${username}@home.steinbeisschule-reutlingen.de:" "/media/${SUDO_USER}/linuxhome"
+    echo "Mounting successfull!"
+    echo "Dieses Fenster bitte nicht schließen!"
+    echo "Um weiter zu arbeiten: <Strg> + <Z>"
+    trap exit_script SIGHUP SIGINT SIGTERM
+    sleep infinity 
 else
     mkdir -p "/media/${SUDO_USER}"
     chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"

From 406b79bec4620e340a96acf2cdc3a48c0f192582 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 17 Jul 2023 16:27:28 +0200
Subject: [PATCH 289/504] default sync by torrent, rsync with option -d

---
 roles/lmn_vm/files/sync-vm.sh | 61 +++++++++++++++++++++++++----------
 1 file changed, 44 insertions(+), 17 deletions(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index b2ab12d..61d1d26 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -4,26 +4,35 @@ set -eu
 
 show_help() {
     cat << EOF >&2
-Usage: $(basename "$0") [-d vmname] [-a] [-t]"
-The images from images.list and xml-directory will be synced from server.
+Usage: $(basename "$0") [-d] [-a] [-t] [vmnames]"
+Images from vmnames-List will be synced from server. Default by torrent.
+Using flag -d VMs will be synced by rsync
+Using flag -a images from images.list and xml-directory will be synced from server.
 Using flag -t all torrents and xml-VM-Definitions will be synced
 EOF
 }
 
-VM_DIR="/tmp/${SUDO_UID}/vmimages"
-
 download_image() {
+    rsync -av --password-file=/etc/rsync.secret \
+       "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2" \
+       /var/lib/libvirt/images/
+    rsync -av --password-file=/etc/rsync.secret \
+       "rsync://vmuser@server:/vmimages-download/xml/${VM_NAME}.xml" \
+       /var/lib/libvirt/images/xml/
+    rsync -av --password-file=/etc/rsync.secret \
+       "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2.torrent" \
+       /var/lib/libvirt/images/
+    /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
+}
+
+torrent_image() {
     if [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
       cd /var/lib/libvirt/images
       ctorrent -e 0 "${VM_NAME}.qcow2.torrent"
       /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
-    else 
-      rsync -av --password-file=/etc/rsync.secret \
-	  "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2" \
-	  /var/lib/libvirt/images/
-      rsync -av --password-file=/etc/rsync.secret \
-	  "rsync://vmuser@server:/vmimages-download/xml/${VM_NAME}.xml" \
-	  /var/lib/libvirt/images/xml/
+    else
+      echo "No torrent-File found"
+      exit 1
     fi
 }
 
@@ -41,21 +50,39 @@ sync_all_torrents() {
 	  /var/lib/libvirt/images/
 }
 
-while getopts ':d:at' OPTION; do
+while getopts ':dat' OPTION; do
     case "$OPTION" in
         d)
-            VM_NAME=$OPTARG
-            download_image
+            DOWNLOAD=1
             ;;
         a)
             sync_all_images
+            exit 1
             ;;
         t)
             sync_all_torrents
             ;;
         ?)
-        show_help
-        exit 1
-        ;;
+            show_help
+            exit 1
+            ;;
     esac
 done
+
+shift "$((OPTIND -1))"
+
+# if less than one arguments supplied, display usage
+if [[  $# -lt 1 ]]; then
+    show_help
+    exit 1
+fi
+
+for VM_NAME in "$@"; do
+  if [[ -v "DOWNLOAD" ]]; then
+    echo "Downloading $VM_NAME"
+    download_image
+  else
+    echo "Torrenting $VM_NAME"
+    torrent_image
+  fi
+done

From b7a0c9fa308bdd22f84702821b5c46c4ea4454b4 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 18 Jul 2023 13:19:45 +0200
Subject: [PATCH 290/504] download necessary qcow2-files automatically

---
 roles/lmn_vm/files/run-vm.sh  | 30 ++++++++++++++++++++++++++++--
 roles/lmn_vm/files/sync-vm.sh | 27 ++++++++++++++++++++++++++-
 2 files changed, 54 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index c726a4f..3e48545 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -48,14 +48,40 @@ if [[  $# -ne 1 ]] ; then
     exit 1
 fi
 
+# sync vm-torrents and machine definition file
+sudo /usr/local/bin/sync-vm.sh -t
+
 VM_NAME=$1
 VM_DIR="/tmp/${UID}/vmimages"
 
+
 if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ! -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
-    echo "no base VM disk '${VM_NAME}.qcow2' found" >&2
-    exit 1
+    if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
+        echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
+        exit 1
+    fi
+    # sync vm-disk image by torrent 
+    sudo /usr/local/bin/sync-vm.sh "${VM_NAME}"
+    echo "sudo /usr/local/bin/sync-vm.sh ${VM_NAME}"
 fi
 
+echo "qcow2 seems to be available"
+
+imgfile="/var/lib/libvirt/images/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
+#backingfile=$(qemu-img info -U "${imgfile}" | grep ^image: | cut -d' ' -f2)
+
+backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3) 
+while [[ ! -z "${backingfile}" ]]; do 
+    echo $backingfile
+    if [[ ! -f "/var/lib/libvirt/images/${backingfile}" && ! -f "${VM_DIR}/${backingfile}" ]]; then
+        # sync vm-disk image by torrent 
+	sudo /usr/local/bin/sync-vm.sh "${backingfile//.qcow2/}"
+	echo "sudo /usr/local/bin/sync-vm.sh ${backingfile//.qcow2/}"
+    fi
+    imgfile="/var/lib/libvirt/images/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
+    backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3) 
+done
+
 # check, if we have to start squid
 if ! killall -s 0 squid; then
     echo "starting squid."
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 61d1d26..0a551b9 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -48,6 +48,30 @@ sync_all_torrents() {
 	  /var/lib/libvirt/images/
     rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
 	  /var/lib/libvirt/images/
+    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/desktop/*.desktop \
+	  /usr/share/applications/
+    update-desktop-database /usr/share/applications
+}
+
+create_starter() {
+    if [[ ! -f "/usr/share/applications/VM_${VM_NAME}_starter.desktop" ]]; then 
+        cat << EOF >"/usr/share/applications/VM_${VM_NAME}_starter.desktop"
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=VMstart: ${VM_NAME}
+GenericName=VM starter ${VM_NAME}
+Comment=Start VM ${VM_NAME}
+#TryExec=konsole
+Exec=/usr/local/bin/run-vm.sh ${VM_NAME}
+Icon=clementine
+Categories=VM;Engineering;
+MimeType=image/vnd.dxf;
+Keywords=design;VM;diagrams;graphics
+Terminal=true
+EOF
+        update-desktop-database /usr/share/applications
+    fi
 }
 
 while getopts ':dat' OPTION; do
@@ -57,10 +81,11 @@ while getopts ':dat' OPTION; do
             ;;
         a)
             sync_all_images
-            exit 1
+            exit 0
             ;;
         t)
             sync_all_torrents
+            exit 0
             ;;
         ?)
             show_help

From 57c5e35c5718960b38877382e48d976f46ba6463 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sat, 22 Jul 2023 13:59:53 +0200
Subject: [PATCH 291/504] create fvs-menu in starter

---
 roles/lmn_kde/files/fvs.directory |  5 +++++
 roles/lmn_kde/files/fvs.menu      | 12 ++++++++++++
 roles/lmn_kde/tasks/main.yml      | 31 +++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 roles/lmn_kde/files/fvs.directory
 create mode 100644 roles/lmn_kde/files/fvs.menu

diff --git a/roles/lmn_kde/files/fvs.directory b/roles/lmn_kde/files/fvs.directory
new file mode 100644
index 0000000..359630a
--- /dev/null
+++ b/roles/lmn_kde/files/fvs.directory
@@ -0,0 +1,5 @@
+[Desktop Entry]
+Type=Directory
+Name=FvS
+Icon=face-smile-big
+#X-KDE-BaseGroup=info
diff --git a/roles/lmn_kde/files/fvs.menu b/roles/lmn_kde/files/fvs.menu
new file mode 100644
index 0000000..b2fa6af
--- /dev/null
+++ b/roles/lmn_kde/files/fvs.menu
@@ -0,0 +1,12 @@
+<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"
+"http://www.freedesktop.org/standards/menu-spec/menu-1.0.dtd">
+<Menu>
+  <Name>Applications</Name>
+  <Menu>
+    <Name>FvS</Name>
+    <Directory>fvs.directory</Directory>
+    <Include>
+      <Category>fvs</Category>
+    </Include>
+  </Menu>
+</Menu>
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 919618b..40d0796 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -2,6 +2,7 @@
 - name: install desktop EDU packages and some more
   apt:
     name:
+      - atftp
       - thunderbird-l10n-de
       - webext-privacy-badger
       - webext-ublock-origin-firefox
@@ -48,6 +49,7 @@
       - pulseview
       - sigrok
       - sigrok-cli
+      - codeblocks
     state: latest
   environment:
     http_proxy: http://firewall.pn.steinbeis.schule:3128
@@ -128,6 +130,35 @@
       AllowSuspendThenHibernate=no
       AllowHybridSleep=no
 
+- name: Create directory for local .desktop-Files
+  ansible.builtin.file:
+    path: "{ item }"
+    state: directory
+    mode: '0755'
+  loop:
+    - /usr/local/share/applications
+    - /usr/local/share/desktop-directories
+
+- name: Copy fvs.directory
+  ansible.builtin.copy:
+    src: fvs.directory
+    dest: /usr/local/share/desktop-directories/
+
+- name: Copy fvs.menu
+  ansible.builtin.copy:
+    src: fvs.menu
+    dest: /etc/xdg/menus/applications-merged/
+
+- name: Run update-desktop-database
+  command: update-desktop-database "{ item }"
+  loop:
+    - /usr/local/share/applications
+    - /usr/local/share/desktop-directories
+    - /etc/xdg/menus/applications-merged
+
+- name: Run update-desktop-database
+  command: sync-vm.sh -t
+
 ################# from kiosk.yml ##################
 - name: grub timeout
   lineinfile:

From 648988986028bc4c8985ab393711e3b0e3b325fa Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sat, 22 Jul 2023 14:00:12 +0200
Subject: [PATCH 292/504] bugfix

---
 roles/lmn_vm/files/mounthome.sh | 15 +++++++++++----
 roles/lmn_vm/files/sync-vm.sh   |  4 ++--
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 078096f..9aaf587 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -18,6 +18,8 @@ if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
     findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
+    echo "Einbinden der Daten des alten/bisherigen Systems (PaedML Novell)."
+    echo "Bitte den Username und Passwort aus dem ALTEN System eingeben."
     read -rp "Username: " username
     read -srp "Passwort: " PASSWD
     export PASSWD
@@ -28,19 +30,24 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     #if [[ ! "${errcode}" ]]; then
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
 	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
-    echo "Mounting successfull!"
+    #echo "Mounting successfull!"
+    echo "Einbindung erfolgreich!"
     echo "Dieses Fenster bitte nicht schließen!"
-    echo "Um weiter zu arbeiten: <Strg> + <Z>"
+    #echo "Um weiter zu arbeiten: <Strg> + <Z>"
     trap exit_script SIGHUP SIGINT SIGTERM
     sleep infinity 
 elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
+    echo "Einbinden des Netboot-Home-Verzeichnises. Daten des alten/bisherigen Systems (PaedML Novell)."
+    echo "Bitte den Username und Passwort aus dem ALTEN System (PaedML Novell) eingeben."
+    echo "Bitte auch Groß- und Kleinschreibung achten."
     read -rp "Username: " username
     mkdir -p "/media/${SUDO_USER}/linuxhome"
     mount -t fuse -o "allow_other,uid=${SUDO_UID},gid=1010,reconnect" \
           "sshfs#${username}@home.steinbeisschule-reutlingen.de:" "/media/${SUDO_USER}/linuxhome"
-    echo "Mounting successfull!"
+    #echo "Mounting successfull!"
+    echo "Einbindung erfolgreich!"
     echo "Dieses Fenster bitte nicht schließen!"
-    echo "Um weiter zu arbeiten: <Strg> + <Z>"
+    #echo "Um weiter zu arbeiten: <Strg> + <Z>"
     trap exit_script SIGHUP SIGINT SIGTERM
     sleep infinity 
 else
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 0a551b9..71c6a53 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -49,8 +49,8 @@ sync_all_torrents() {
     rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
 	  /var/lib/libvirt/images/
     rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/desktop/*.desktop \
-	  /usr/share/applications/
-    update-desktop-database /usr/share/applications
+	  /usr/local/share/applications/
+    update-desktop-database /usr/local/share/applications
 }
 
 create_starter() {

From 3b5c78e1a32155f9b77b10d90b60f3e012d87af6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 23 Jul 2023 09:30:39 +0200
Subject: [PATCH 293/504] Simplify wireshark tweak.

---
 roles/lmn_kde/tasks/main.yml | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 40d0796..c231ea3 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -72,11 +72,10 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
-- name: set capabilities (wireshark)
-  capabilities:
+- name: Allow users to dump packets for wireshark
+  ansible.builtin.file:
     path: /usr/bin/dumpcap
-    capability: cap_net_raw,cap_net_admin+eip
-    state: present
+    mode: '0755'
 
 - name: Add home dirs to apparmor
   lineinfile:
@@ -85,7 +84,7 @@
       @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
       /srv/samba/schools/default-school/students/*/
 
-- name: create firefox policies directory
+- name: Create firefox policies directory
   ansible.builtin.file:
     path: /etc/firefox-esr/policies
     state: directory

From 1f6d262ad479b13036766edd56185cf4e6c7230b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 23 Jul 2023 09:49:05 +0200
Subject: [PATCH 294/504] Do not run commands unconditionally.

---
 roles/lmn_kde/handlers/main.yml | 12 ++++++++++--
 roles/lmn_kde/tasks/main.yml    | 13 +++++--------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
index 6a3b3d5..13c1716 100644
--- a/roles/lmn_kde/handlers/main.yml
+++ b/roles/lmn_kde/handlers/main.yml
@@ -1,10 +1,18 @@
-- name: run update-grub
+- name: Run update-grub
   command: update-grub
   listen: update grub
 
-- name: enable tmp.mount
+- name: Enable tmp.mount
   systemd:
     daemon_reload: yes
     name: tmp.mount
     enabled: yes
   listen: enable tmp.mount
+
+- name: Run update-desktop-database
+  command: update-desktop-database "{ item }"
+  loop:
+    - /usr/local/share/applications
+    - /usr/local/share/desktop-directories
+    - /etc/xdg/menus/applications-merged
+  listen: update-desktop-database
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index c231ea3..58df607 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -137,26 +137,23 @@
   loop:
     - /usr/local/share/applications
     - /usr/local/share/desktop-directories
+  notify: update-desktop-database
 
 - name: Copy fvs.directory
   ansible.builtin.copy:
     src: fvs.directory
     dest: /usr/local/share/desktop-directories/
+  notify: update-desktop-database
 
 - name: Copy fvs.menu
   ansible.builtin.copy:
     src: fvs.menu
     dest: /etc/xdg/menus/applications-merged/
+  notify: update-desktop-database
 
-- name: Run update-desktop-database
-  command: update-desktop-database "{ item }"
-  loop:
-    - /usr/local/share/applications
-    - /usr/local/share/desktop-directories
-    - /etc/xdg/menus/applications-merged
-
-- name: Run update-desktop-database
+- name: Run sync-vm.sh
   command: sync-vm.sh -t
+  ## FIXME: do not run every time
 
 ################# from kiosk.yml ##################
 - name: grub timeout

From adc9aa848960006f602f2de520b6463c5cd7fa83 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 23 Jul 2023 11:35:06 +0200
Subject: [PATCH 295/504] Protect the grub boot menu.

---
 lmn-desktop.yml              |  2 ++
 roles/lmn_kde/tasks/main.yml | 10 +++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index c470094..20f6482 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -25,6 +25,8 @@
     domain: "{{ ansible_domain }}"
     kerberize_uris: steinbeis.schule
     rsyncsecret: Muster!
+    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
+    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
     nfs4: false
     extra_pkgs:
       - vim
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 58df607..fb9d98b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -155,7 +155,15 @@
   command: sync-vm.sh -t
   ## FIXME: do not run every time
 
-################# from kiosk.yml ##################
+################# general settings ##################
+- name: Protect grub menu entries
+  blockinfile:
+    path: /etc/grub.d/40_custom
+    block: |
+      set superusers='root'
+      password_pbkdf2 root {{ grub_pwd }}
+  notify: update grub
+
 - name: grub timeout
   lineinfile:
     dest: /etc/default/grub

From c39ca21a470738e35158a4a3aad2c6013ee89026 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 23 Jul 2023 17:06:08 +0200
Subject: [PATCH 296/504] Allow to boot the default entry.

---
 roles/lmn_kde/tasks/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index fb9d98b..681b285 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -164,6 +164,14 @@
       password_pbkdf2 root {{ grub_pwd }}
   notify: update grub
 
+- name: Allow booting default entry
+  lineinfile:
+    dest: /etc/grub.d/10_linux
+    line: CLASS="${CLASS} --unrestricted"
+    insertafter: '^CLASS=.*'
+    firstmatch: true
+  notify: update grub
+
 - name: grub timeout
   lineinfile:
     dest: /etc/default/grub

From 23dc4bfe93a39e254204b4abb62e8a37dcba0a17 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sun, 23 Jul 2023 20:43:47 +0200
Subject: [PATCH 297/504] run update-desktop-database only when rsync-changes

---
 roles/lmn_vm/files/sync-vm.sh | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 71c6a53..157150f 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -44,13 +44,13 @@ sync_all_images() {
 }
 
 sync_all_torrents() {
-    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/*.torrent \
-	  /var/lib/libvirt/images/
-    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
-	  /var/lib/libvirt/images/
-    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/desktop/*.desktop \
-	  /usr/local/share/applications/
-    update-desktop-database /usr/local/share/applications
+    rsync -ai rsync://vmuser@server:/vmimages-download/*.torrent /var/lib/libvirt/images/
+    rsync -ai rsync://vmuser@server:/vmimages-download/xml /var/lib/libvirt/images/
+    RSYNC_COMMAND=$(rsync -ai --delete rsync://vmuser@server:/vmimages-download/desktop/*.desktop /usr/local/share/applications/)
+    if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
+        echo "${RSYNC_COMMAND}"
+        update-desktop-database /usr/local/share/applications
+    fi
 }
 
 create_starter() {

From 08d1bccace27fc2dba691220b8d4c61884d9dc08 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sun, 23 Jul 2023 21:06:47 +0200
Subject: [PATCH 298/504] moved block to other role

---
 roles/lmn_kde/tasks/main.yml | 26 --------------------------
 roles/lmn_vm/tasks/main.yml  | 27 +++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 681b285..2e5e257 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -129,32 +129,6 @@
       AllowSuspendThenHibernate=no
       AllowHybridSleep=no
 
-- name: Create directory for local .desktop-Files
-  ansible.builtin.file:
-    path: "{ item }"
-    state: directory
-    mode: '0755'
-  loop:
-    - /usr/local/share/applications
-    - /usr/local/share/desktop-directories
-  notify: update-desktop-database
-
-- name: Copy fvs.directory
-  ansible.builtin.copy:
-    src: fvs.directory
-    dest: /usr/local/share/desktop-directories/
-  notify: update-desktop-database
-
-- name: Copy fvs.menu
-  ansible.builtin.copy:
-    src: fvs.menu
-    dest: /etc/xdg/menus/applications-merged/
-  notify: update-desktop-database
-
-- name: Run sync-vm.sh
-  command: sync-vm.sh -t
-  ## FIXME: do not run every time
-
 ################# general settings ##################
 - name: Protect grub menu entries
   blockinfile:
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index ebf9609..30d350d 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -136,6 +136,33 @@
     src: pulseaudio-override.conf
     dest: /etc/systemd/user/pulseaudio.service.d/override.conf
 
+- name: Create directory for local .desktop-Files
+  ansible.builtin.file:
+    path: "{ item }"
+    state: directory
+    mode: '0755'
+  loop:
+    - /usr/local/share/applications
+    - /usr/local/share/desktop-directories
+  notify: update-desktop-database
+
+- name: Copy fvs.directory
+  ansible.builtin.copy:
+    src: fvs.directory
+    dest: /usr/local/share/desktop-directories/
+  notify: update-desktop-database
+
+- name: Copy fvs.menu
+  ansible.builtin.copy:
+    src: fvs.menu
+    dest: /etc/xdg/menus/applications-merged/
+  notify: update-desktop-database
+
+- name: sync .torrent, .xml and .desktop files and run update-desktop-database
+  command: sync-vm.sh -t
+  register: result
+  changed_when: result.stdout | length > 0
+
 #### VMs
 - name: deploy initial image list
   copy:

From 244a1cad2e7d2249feaa5c5c6183a11d85c44f78 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 24 Jul 2023 07:39:55 +0200
Subject: [PATCH 299/504] Move files and handlers to corresponding role.

---
 roles/lmn_kde/handlers/main.yml               |  8 --------
 roles/{lmn_kde => lmn_vm}/files/fvs.directory |  0
 roles/{lmn_kde => lmn_vm}/files/fvs.menu      |  0
 roles/lmn_vm/handlers/main.yml                | 10 ++++++++--
 roles/lmn_vm/tasks/main.yml                   |  6 +++---
 5 files changed, 11 insertions(+), 13 deletions(-)
 rename roles/{lmn_kde => lmn_vm}/files/fvs.directory (100%)
 rename roles/{lmn_kde => lmn_vm}/files/fvs.menu (100%)

diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
index 13c1716..bd82576 100644
--- a/roles/lmn_kde/handlers/main.yml
+++ b/roles/lmn_kde/handlers/main.yml
@@ -8,11 +8,3 @@
     name: tmp.mount
     enabled: yes
   listen: enable tmp.mount
-
-- name: Run update-desktop-database
-  command: update-desktop-database "{ item }"
-  loop:
-    - /usr/local/share/applications
-    - /usr/local/share/desktop-directories
-    - /etc/xdg/menus/applications-merged
-  listen: update-desktop-database
diff --git a/roles/lmn_kde/files/fvs.directory b/roles/lmn_vm/files/fvs.directory
similarity index 100%
rename from roles/lmn_kde/files/fvs.directory
rename to roles/lmn_vm/files/fvs.directory
diff --git a/roles/lmn_kde/files/fvs.menu b/roles/lmn_vm/files/fvs.menu
similarity index 100%
rename from roles/lmn_kde/files/fvs.menu
rename to roles/lmn_vm/files/fvs.menu
diff --git a/roles/lmn_vm/handlers/main.yml b/roles/lmn_vm/handlers/main.yml
index ec8466a..37be389 100644
--- a/roles/lmn_vm/handlers/main.yml
+++ b/roles/lmn_vm/handlers/main.yml
@@ -1,9 +1,9 @@
-- name: reload libvirtd
+- name: Reload libvirtd
   systemd:
     name: libvirtd.service
   listen: reload libvirtd
 
-- name: enable vmimage-torrent service
+- name: Enable vmimage-torrent service
   systemd:
     name: vmimage-torrent.service
     state: restarted
@@ -11,3 +11,9 @@
     enabled: true
   listen: "enable vmimage-torrent.service"
 
+- name: Run update-desktop-database
+  command: update-desktop-database "{ item }"
+  loop:
+    - /usr/local/share/applications
+    - /usr/local/share/desktop-directories
+    - /etc/xdg/menus/applications-merged
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 30d350d..f4f13ad 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -144,19 +144,19 @@
   loop:
     - /usr/local/share/applications
     - /usr/local/share/desktop-directories
-  notify: update-desktop-database
+  notify: Run update-desktop-database
 
 - name: Copy fvs.directory
   ansible.builtin.copy:
     src: fvs.directory
     dest: /usr/local/share/desktop-directories/
-  notify: update-desktop-database
+  notify: Run update-desktop-database
 
 - name: Copy fvs.menu
   ansible.builtin.copy:
     src: fvs.menu
     dest: /etc/xdg/menus/applications-merged/
-  notify: update-desktop-database
+  notify: Run update-desktop-database
 
 - name: sync .torrent, .xml and .desktop files and run update-desktop-database
   command: sync-vm.sh -t

From 6514d084f8dabd074446c6b8a55ec555a140925e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 24 Jul 2023 07:41:49 +0200
Subject: [PATCH 300/504] Move relevant kde tasks to lmn_kde role.

---
 lmn-desktop.yml              | 3 ++-
 roles/kde/tasks/main.yml     | 1 -
 roles/lmn_kde/tasks/main.yml | 9 +++++----
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 20f6482..4b2c532 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -45,7 +45,6 @@
     - up2date_debian
     - lmn_sssd
     - lmn_mount
-    - kde
     - lmn_kde
     - lmn_vm
     - kerberize
@@ -76,6 +75,7 @@
       notify: update grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
 
+## bullseye fixes:
     - name: add bookworm firmware repository if needed
       apt_repository:
         repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
@@ -85,6 +85,7 @@
         ansible_board_vendor == "LENOVO" and
         ansible_board_name == "32CB" and
         ansible_distribution_release == "bullseye"
+
     - name: upgrade non-free-firmware packages
       apt:
         upgrade: true
diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
index 8f49677..f09eb42 100644
--- a/roles/kde/tasks/main.yml
+++ b/roles/kde/tasks/main.yml
@@ -6,7 +6,6 @@
       - cups
     state: latest # noqa package-latest
 
-
 ## Bug #698504
 - name: allow print job management
   replace:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 2e5e257..d2f97a7 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -2,6 +2,11 @@
 - name: install desktop EDU packages and some more
   apt:
     name:
+      - task-kde-desktop
+      - task-german-kde-desktop
+      - task-german-desktop
+      - xdg-desktop-portal-kde
+      - kde-full
       - atftp
       - thunderbird-l10n-de
       - webext-privacy-badger
@@ -29,10 +34,6 @@
       - dia
       - vym
       - tree
-      - xdg-desktop-portal-kde
-      - task-german-kde-desktop
-      - task-german-desktop
-      - kde-full
       - ttf-mscorefonts-installer
       - sqlite3
       - sqlitebrowser

From 14454673877c7149658912108faa0bb6a06ed039 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 24 Jul 2023 08:25:18 +0200
Subject: [PATCH 301/504] Add splash screen back.

---
 roles/lmn_kde/handlers/main.yml |  1 -
 roles/lmn_kde/tasks/main.yml    | 13 ++++++++++---
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
index bd82576..2b7f71a 100644
--- a/roles/lmn_kde/handlers/main.yml
+++ b/roles/lmn_kde/handlers/main.yml
@@ -1,6 +1,5 @@
 - name: Run update-grub
   command: update-grub
-  listen: update grub
 
 - name: Enable tmp.mount
   systemd:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index d2f97a7..bebfa48 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -73,6 +73,13 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
+- name: enable splash screen
+  replace:
+    dest: "/etc/default/grub"
+    regexp: '"quiet"$'
+    replace: '"quiet splash"'
+  notify: Run update-grub
+
 - name: Allow users to dump packets for wireshark
   ansible.builtin.file:
     path: /usr/bin/dumpcap
@@ -137,7 +144,7 @@
     block: |
       set superusers='root'
       password_pbkdf2 root {{ grub_pwd }}
-  notify: update grub
+  notify: Run update-grub
 
 - name: Allow booting default entry
   lineinfile:
@@ -145,7 +152,7 @@
     line: CLASS="${CLASS} --unrestricted"
     insertafter: '^CLASS=.*'
     firstmatch: true
-  notify: update grub
+  notify: Run update-grub
 
 - name: grub timeout
   lineinfile:
@@ -153,7 +160,7 @@
     regexp: '^(GRUB_TIMEOUT=).*'
     line: '\g<1>1'
     backrefs: yes
-  notify: update grub
+  notify: Run update-grub
 
 - name: keyboard compose key
   lineinfile:

From edf71a436854802d1abc3f441c0719031606aab4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 24 Jul 2023 08:38:39 +0200
Subject: [PATCH 302/504] Try to work around #1039472. Use full path.  Fix grub
 update.  Cleanup.

---
 lmn-desktop.yml              |  4 ++--
 roles/lmn_kde/tasks/main.yml |  6 +++---
 roles/lmn_vm/tasks/main.yml  | 18 ++++--------------
 3 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 4b2c532..f436971 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -64,7 +64,7 @@
         dest: "/etc/default/grub"
         regexp: 'GRUB_CMDLINE_LINUX=""$'
         replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
-      notify: update grub
+      notify: Run update-grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
 
     - name: Fix sound
@@ -72,7 +72,7 @@
         dest: "/etc/default/grub"
         regexp: 'GRUB_CMDLINE_LINUX=""$'
         replace: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"'
-      notify: update grub
+      notify: Run update-grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
 
 ## bullseye fixes:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index bebfa48..e50b7aa 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -41,12 +41,12 @@
       - qtcreator
       - freecad
       - librecad
-      - arduino
+#      - arduino
       - kicad
       - keepassxc
       - tmux
       - curl
-      - default-jdk
+#      - default-jre
       - pulseview
       - sigrok
       - sigrok-cli
@@ -158,7 +158,7 @@
   lineinfile:
     dest: /etc/default/grub
     regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>1'
+    line: '\g<1>3'
     backrefs: yes
   notify: Run update-grub
 
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index f4f13ad..d6dd915 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -84,7 +84,7 @@
     - linbo-torrenthelper.sh
     - vmimage-torrent
 
-- name: deploy linbo-torrent defaults
+- name: Deploy linbo-torrent defaults
   copy:
     src: linbo-torrent
     dest: /etc/default/
@@ -120,22 +120,12 @@
     path: /usr/lib/qemu/qemu-bridge-helper
     mode: '4755'
 
-- name: deploy http proxy config
+- name: Deploy http proxy config
   copy:
     src: lmn-proxy.sh
     dest: /etc/profile.d/
     mode: '0644'
 
-- name: deploy pulseaudio fix
-  file:
-    path: /etc/systemd/user/pulseaudio.service.d/
-    state: directory
-
-- name: deploy pulseaudio fix
-  copy:
-    src: pulseaudio-override.conf
-    dest: /etc/systemd/user/pulseaudio.service.d/override.conf
-
 - name: Create directory for local .desktop-Files
   ansible.builtin.file:
     path: "{ item }"
@@ -159,12 +149,12 @@
   notify: Run update-desktop-database
 
 - name: sync .torrent, .xml and .desktop files and run update-desktop-database
-  command: sync-vm.sh -t
+  command: /usr/local/bin/sync-vm.sh -t
   register: result
   changed_when: result.stdout | length > 0
 
 #### VMs
-- name: deploy initial image list
+- name: Deploy initial image list
   copy:
     src: images.list
     dest: /var/lib/libvirt/images/images.list

From 00896a3b6e774001429613c894f42146847a16f6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 28 Jul 2023 07:39:28 +0200
Subject: [PATCH 303/504] Fix sound on 312D (R317).

---
 lmn-desktop.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index f436971..d1a0b08 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -67,7 +67,7 @@
       notify: Run update-grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
 
-    - name: Fix sound
+    - name: Fix sound on 312A
       replace:
         dest: "/etc/default/grub"
         regexp: 'GRUB_CMDLINE_LINUX=""$'
@@ -75,6 +75,15 @@
       notify: Run update-grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
 
+    - name: Fix sound on 312D
+      apt:
+        name: firmware-sof-signed
+        state: latest
+      environment:
+        http_proxy: http://firewall.pn.steinbeis.schule:3128
+        https_proxy: http://firewall.pn.steinbeis.schule:3128
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312D"
+
 ## bullseye fixes:
     - name: add bookworm firmware repository if needed
       apt_repository:

From b8f536c162f6cae5160f53a822428b70b13a38ba Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 29 Jul 2023 21:22:37 +0200
Subject: [PATCH 304/504] Disable libvirt user for now.

---
 lmn-desktop.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d1a0b08..bd52d66 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -58,6 +58,7 @@
         shell: /bin/bash
         groups: libvirt
         append: yes
+      when: false
 
     - name: Fix 8086:4909 external graphics card
       replace:

From f1c67852da9ff731d4c081e65b2357d1e617ec9e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 29 Jul 2023 21:23:55 +0200
Subject: [PATCH 305/504] Boot parameter not needed anymore after BIOS upgrade.

---
 lmn-desktop.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index bd52d66..78fc8e4 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -71,19 +71,21 @@
     - name: Fix sound on 312A
       replace:
         dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX=""$'
-        replace: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"'
+        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
+        replace: 'GRUB_CMDLINE_LINUX=""'
       notify: Run update-grub
       when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
 
-    - name: Fix sound on 312D
+    - name: Fix sound on 312A and 312D
       apt:
         name: firmware-sof-signed
         state: latest
       environment:
         http_proxy: http://firewall.pn.steinbeis.schule:3128
         https_proxy: http://firewall.pn.steinbeis.schule:3128
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312D"
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        (ansible_board_name == "312D" or ansible_board_name == "312A")
 
 ## bullseye fixes:
     - name: add bookworm firmware repository if needed

From 9f6fa677c481e43de44402c2d4ca2439ebf00cfd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 6 Aug 2023 13:51:16 +0200
Subject: [PATCH 306/504] Implement shutdown-if-not-in-use.

---
 roles/lmn_kde/files/pwroff         | 47 ++++++++++++++++++++++++++++++
 roles/lmn_kde/files/pwroff.service |  6 ++++
 roles/lmn_kde/files/pwroff.timer   |  9 ++++++
 roles/lmn_kde/handlers/main.yml    |  5 ++++
 roles/lmn_kde/tasks/main.yml       | 17 +++++++++++
 5 files changed, 84 insertions(+)
 create mode 100755 roles/lmn_kde/files/pwroff
 create mode 100644 roles/lmn_kde/files/pwroff.service
 create mode 100644 roles/lmn_kde/files/pwroff.timer

diff --git a/roles/lmn_kde/files/pwroff b/roles/lmn_kde/files/pwroff
new file mode 100755
index 0000000..1245335
--- /dev/null
+++ b/roles/lmn_kde/files/pwroff
@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+# logout idle users and shutdown machine
+#
+set -eu
+
+action="systemctl poweroff"
+uptime=$(cat /proc/uptime | cut -f1 -d.)
+maxidle=3600
+
+u=($(loginctl list-users --no-legend  | sort -hr | head -1))
+una=${u[1]}
+uid=${u[0]}
+
+talk2dbus() {
+    local display=":$(ls /tmp/.X11-unix/* | sed 's#/tmp/.X11-unix/X##' | head -n 1)"
+    sudo -u $una DISPLAY=$display \
+	 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$uid/bus "$@" 2>/dev/null
+}
+
+########
+
+## shutdown if nobody is loged in:
+if [[ -z "$una" ]] ; then
+  exec $action
+fi
+
+# FIXME: find idle time independent of running screensaver
+if ! t=$(talk2dbus qdbus org.kde.screensaver /ScreenSaver GetActiveTime) ; then
+    echo "No graphical logins found."
+else
+    idle=$(( t / 1000 ))
+    if [[ $idle -gt $maxidle ]] ; then
+        talk2dbus notify-send -i system-shutdown -u critical -a 'Important System Information' \
+	          'Please log out, the system will shut down soon!' \
+	          'There has been no activity for too long.'
+        ## shutdown:
+        #talk2dbus qdbus org.kde.ksmserver /KSMServer logout 1 2 0
+        ## logout:
+        talk2dbus qdbus org.kde.ksmserver /KSMServer logout 1 0 0
+        echo "Log-out user $una after being idle for $idle seconds."
+    else
+        echo "The user $una has been idle for $idle seconds."
+    fi
+fi
+
+#w -s | grep tty | sed "s/[[:space:]]\+/ /g" | cut -f4 -d ' '
diff --git a/roles/lmn_kde/files/pwroff.service b/roles/lmn_kde/files/pwroff.service
new file mode 100644
index 0000000..1fe36d3
--- /dev/null
+++ b/roles/lmn_kde/files/pwroff.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Run pwroff script
+
+[Service]
+Type=simple
+ExecStart=/usr/local/sbin/pwroff
diff --git a/roles/lmn_kde/files/pwroff.timer b/roles/lmn_kde/files/pwroff.timer
new file mode 100644
index 0000000..299bc4b
--- /dev/null
+++ b/roles/lmn_kde/files/pwroff.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run pwroff script every 10 min after 60 min uptime
+
+[Timer]
+OnBootSec=60min
+OnUnitActiveSec=10min
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
index 2b7f71a..1a21074 100644
--- a/roles/lmn_kde/handlers/main.yml
+++ b/roles/lmn_kde/handlers/main.yml
@@ -7,3 +7,8 @@
     name: tmp.mount
     enabled: yes
   listen: enable tmp.mount
+
+- name: enable pwroff.timer
+  systemd:
+    name: pwroff.timer
+    enabled: true
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index e50b7aa..f8b4fbf 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -137,6 +137,23 @@
       AllowSuspendThenHibernate=no
       AllowHybridSleep=no
 
+
+- Name: Copy pwroff script
+  template:
+    src: pwroff
+    dest: /usr/local/sbin/
+    mode: 0755
+
+- name: Provide service and timer for pwroff script
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
+  with_items:
+    - pwroff.service
+    - pwroff.timer
+  notify: enable pwroff.timer
+
 ################# general settings ##################
 - name: Protect grub menu entries
   blockinfile:

From 4b85ad1f149d4a3cae0f79f4b42dfcdb110726aa Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 6 Aug 2023 19:28:30 +0200
Subject: [PATCH 307/504] Fix sddm listed as user.

---
 roles/lmn_kde/files/pwroff | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_kde/files/pwroff b/roles/lmn_kde/files/pwroff
index 1245335..a9e6e6b 100755
--- a/roles/lmn_kde/files/pwroff
+++ b/roles/lmn_kde/files/pwroff
@@ -21,7 +21,7 @@ talk2dbus() {
 ########
 
 ## shutdown if nobody is loged in:
-if [[ -z "$una" ]] ; then
+if [[ -z "$una" ]] || [[ $uid -lt 1000 ]] ; then
   exec $action
 fi
 

From 82d525fd57fa1a5825637181145be3585d896bc8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 7 Aug 2023 22:31:25 +0200
Subject: [PATCH 308/504] Fix typo and ansible module to be used.

---
 roles/lmn_kde/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index f8b4fbf..66ad45b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -138,8 +138,8 @@
       AllowHybridSleep=no
 
 
-- Name: Copy pwroff script
-  template:
+- name: Copy pwroff script
+  copy:
     src: pwroff
     dest: /usr/local/sbin/
     mode: 0755

From 548368d661090061538001d4828a89ccfaa35b87 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 11 Aug 2023 17:49:40 +0200
Subject: [PATCH 309/504] Fix script when nobody is logged in.

---
 roles/lmn_kde/files/pwroff | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/files/pwroff b/roles/lmn_kde/files/pwroff
index a9e6e6b..56b9d22 100755
--- a/roles/lmn_kde/files/pwroff
+++ b/roles/lmn_kde/files/pwroff
@@ -9,8 +9,8 @@ uptime=$(cat /proc/uptime | cut -f1 -d.)
 maxidle=3600
 
 u=($(loginctl list-users --no-legend  | sort -hr | head -1))
-una=${u[1]}
-uid=${u[0]}
+una=${u[1]:-''}
+uid=${u[0]:-''}
 
 talk2dbus() {
     local display=":$(ls /tmp/.X11-unix/* | sed 's#/tmp/.X11-unix/X##' | head -n 1)"

From 1221f7899fce7607062e79f24c961195a6874b2b Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 11 Aug 2023 18:12:27 +0200
Subject: [PATCH 310/504] fix problems with nss (thunderbird, chromium,
 firefox)

---
 roles/lmn_mount/tasks/main.yml  |  2 +-
 roles/lmn_vm/files/mounthome.sh | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 5f7d1d2..67e51eb 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -18,7 +18,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 9aaf587..3c2dd8b 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -2,7 +2,7 @@
 set -eu
 
 share="/srv/samba/schools/default-school/share/"
-home="$(getent passwd "$SUDO_UID" | cut -d : -f 6)"
+home="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's|/srv/samba/schools/default-school/||')"
 
 exit_script() {
     echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
@@ -23,7 +23,7 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     read -rp "Username: " username
     read -srp "Passwort: " PASSWD
     export PASSWD
-    echo 
+    echo
     mkdir -p "/media/${SUDO_USER}/oldhome"
     #errcode=$(mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
     #	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome")
@@ -56,6 +56,8 @@ else
     chmod 0770 "/media/${SUDO_USER}"
     mkdir -p "/media/${SUDO_USER}/home"
     mkdir -p "/media/${SUDO_USER}/share"
-    mount --bind "${share}" "/media/${SUDO_USER}/share"
-    mount --bind "${home}" "/media/${SUDO_USER}/home"
+    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+           "//server/default-school/${home}" "/media/${SUDO_USER}/home"
+    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+           "//server/default-school/share" "/media/${SUDO_USER}/share"
 fi

From d8aba1b879ff078fed9870fca0afc3977045fcf7 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 11 Aug 2023 18:15:11 +0200
Subject: [PATCH 311/504] kerberize nextcloud

---
 cloudbox.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cloudbox.yml b/cloudbox.yml
index f67342f..b487d1a 100644
--- a/cloudbox.yml
+++ b/cloudbox.yml
@@ -33,6 +33,7 @@
 #    - lowpower
     - nextcloud
     - nextcloudupgrade
+    - kerberize
 #    - backup
 
 ## Hosts in the the 'only_nextcloud'-group are only upgraded:

From 28009113c2dabb043746bd201b813b53ae4bac3f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 11 Aug 2023 18:23:32 +0200
Subject: [PATCH 312/504] Configure to use sqlite in akonadi.

---
 roles/lmn_kde/tasks/main.yml | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 66ad45b..8026074 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -7,6 +7,7 @@
       - task-german-desktop
       - xdg-desktop-portal-kde
       - kde-full
+      - akonadi-backend-sqlite
       - atftp
       - thunderbird-l10n-de
       - webext-privacy-badger
@@ -73,18 +74,36 @@
     default_release: "{{ ansible_distribution_release }}-backports"
   when: ansible_distribution_release == 'bullseye'
 
-- name: enable splash screen
+
+- name: Enable splash screen
   replace:
     dest: "/etc/default/grub"
     regexp: '"quiet"$'
     replace: '"quiet splash"'
   notify: Run update-grub
 
+
+- name: Create akonadi config dir
+  ansible.builtin.file:
+    path: /etc/xdg/akonadi/
+    state: directory
+    mode: '0755'
+
+- name: Use sqlite in akonadi
+  blockinfile:
+    path: /etc/xdg/akonadi/akonadiserverrc
+    create: true
+    block: |
+      [%General]
+      Driver=QSQLITE3
+
+
 - name: Allow users to dump packets for wireshark
   ansible.builtin.file:
     path: /usr/bin/dumpcap
     mode: '0755'
 
+
 - name: Add home dirs to apparmor
   lineinfile:
     dest: /etc/apparmor.d/tunables/home.d/ubuntu
@@ -92,6 +111,7 @@
       @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
       /srv/samba/schools/default-school/students/*/
 
+
 - name: Create firefox policies directory
   ansible.builtin.file:
     path: /etc/firefox-esr/policies
@@ -104,12 +124,12 @@
     dest: /etc/firefox
     state: link
 
-
 - name: copy policy
   ansible.builtin.copy:
     src: policies.json
     dest: /etc/firefox-esr/policies/
 
+
 - name: tune SDDM login
   blockinfile:
     path: /etc/sddm.conf
@@ -126,6 +146,7 @@
     state: directory
     mode: '0755'
 
+
 - name: Avoid suspending
   blockinfile:
     path: /etc/systemd/sleep.conf.d/nosuspend.conf
@@ -154,6 +175,7 @@
     - pwroff.timer
   notify: enable pwroff.timer
 
+
 ################# general settings ##################
 - name: Protect grub menu entries
   blockinfile:

From 67afa03c67094f94a08fd98850934b1e781d2f11 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 11 Aug 2023 19:42:12 +0200
Subject: [PATCH 313/504] prepare nextcloud mount

---
 roles/lmn_mount/tasks/main.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 67e51eb..9649d97 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -19,7 +19,15 @@
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+      <!--<volume
+        fstype="davfs"
+        path="https://nc.steinbeis.schule/remote.php/dav/files/%(USER)"
+        mountpoint="/media/%(USER)/nextcloud"
+        options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>-->
     insertafter: "<!-- Volume definitions -->"
 
 

From fc410dcb2d77cfa9d250d8fcde043918e38e06b7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 12 Aug 2023 08:29:56 +0200
Subject: [PATCH 314/504] Add missing package for webdav and activate nextcloud
 mount.

---
 roles/lmn_mount/tasks/main.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 9649d97..8d60597 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -6,6 +6,7 @@
       - cifs-utils
       - nfs-common
       - hxtools
+      - davfs2
     state: latest
 
 - name: Configure pam_mount
@@ -21,13 +22,13 @@
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
-      <!--<volume
+      <volume
         fstype="davfs"
         path="https://nc.steinbeis.schule/remote.php/dav/files/%(USER)"
         mountpoint="/media/%(USER)/nextcloud"
         options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>-->
+      </volume>
     insertafter: "<!-- Volume definitions -->"
 
 

From 54a731ff65277a032736a4e770810d24c85ddb01 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 12 Aug 2023 19:22:15 +0200
Subject: [PATCH 315/504] Allow screen sharing in video conferences.

---
 roles/lmn_kde/tasks/main.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 8026074..4c9db1e 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -6,6 +6,7 @@
       - task-german-kde-desktop
       - task-german-desktop
       - xdg-desktop-portal-kde
+      - xdg-desktop-portal-wlr # share screen in browser
       - kde-full
       - akonadi-backend-sqlite
       - atftp
@@ -57,14 +58,14 @@
     http_proxy: http://firewall.pn.steinbeis.schule:3128
     https_proxy: http://firewall.pn.steinbeis.schule:3128
 
-- name: add {{ ansible_distribution_release }}-backports
+- name: Add {{ ansible_distribution_release }}-backports
   apt_repository:
     repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main contrib non-free
     state: present
     update_cache: true
   when: ansible_distribution_release == 'bullseye'
 
-- name: install extra packages from backports
+- name: Install extra packages from backports
   apt:
     name:
       - libreoffice

From 4d9388d6f663e7cc58d209714d3ad43570402b21 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 12 Aug 2023 19:24:08 +0200
Subject: [PATCH 316/504] Run an extra install task to provide selected
 dependencies.

---
 roles/lmn_kde/tasks/main.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 4c9db1e..ae8a6e6 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,5 +1,14 @@
 ---
-- name: install desktop EDU packages and some more
+- name: Provide sqlite backend to skip mysql installation later
+  apt:
+    name:
+      - akonadi-backend-sqlite
+    state: latest
+  environment:
+    http_proxy: http://firewall.pn.steinbeis.schule:3128
+    https_proxy: http://firewall.pn.steinbeis.schule:3128
+
+- name: Install desktop EDU packages and some more
   apt:
     name:
       - task-kde-desktop
@@ -8,7 +17,6 @@
       - xdg-desktop-portal-kde
       - xdg-desktop-portal-wlr # share screen in browser
       - kde-full
-      - akonadi-backend-sqlite
       - atftp
       - thunderbird-l10n-de
       - webext-privacy-badger

From 68239b56cb0638c66ca9af6304ffb5f38edf8383 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 14 Aug 2023 08:26:06 +0200
Subject: [PATCH 317/504] Mount default-school by pam_mount and create symlinks
 to home and share

---
 roles/lmn_mount/files/lmn-linkhome.sh |  4 ++++
 roles/lmn_mount/tasks/main.yml        | 14 ++++++++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 roles/lmn_mount/files/lmn-linkhome.sh

diff --git a/roles/lmn_mount/files/lmn-linkhome.sh b/roles/lmn_mount/files/lmn-linkhome.sh
new file mode 100644
index 0000000..cae89fc
--- /dev/null
+++ b/roles/lmn_mount/files/lmn-linkhome.sh
@@ -0,0 +1,4 @@
+if [[ "${UID}" -gt 60000 ]]; then
+  [[ -L "/media/${USER}/share" ]] || ln -s .default-school/share "/media/${USER}/share"
+  [[ -L "/media/${USER}/home" ]]  || ln -s ".default-school/${HOME##/srv/samba/schools/default-school/}" "/media/${USER}/home"
+fi
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 8d60597..c4a85ca 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -22,6 +22,14 @@
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
+      <volume
+        fstype="cifs"
+        server="{{ smb_server }}"
+        path="{{ smb_share }}"
+        mountpoint="/media/%(USER)/.default-school"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
       <volume
         fstype="davfs"
         path="https://nc.steinbeis.schule/remote.php/dav/files/%(USER)"
@@ -70,6 +78,12 @@
     line: KillUserProcesses=yes
     insertafter: '#KillUserProcesses=no'
 
+- name: Deploy script to generate links in /media/$USER/
+  copy:
+    src: lmn-linkhome.sh
+    dest: /etc/profile.d/
+    mode: '0644'
+
 - name: Mount NFSv4 home directory
   ansible.posix.mount:
     src: server:/default-school

From 9e3d0b70bcda7570355ee557c135c43382ef1a8b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 15:40:10 +0200
Subject: [PATCH 318/504] Add inventory.

---
 inventory/inventory.yml | 86 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100644 inventory/inventory.yml

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
new file mode 100644
index 0000000..456d41d
--- /dev/null
+++ b/inventory/inventory.yml
@@ -0,0 +1,86 @@
+---
+ungrouped:
+  hosts:
+
+R319:
+  hosts:
+    10.190.5.[1:13]:
+R217:
+  hosts:
+    10.190.6.[1:29]:
+R202:
+  hosts:
+    10.190.7.[1:21]:
+R216:
+  hosts:
+    10.190.8.[1:29]:
+R314:
+  hosts:
+    10.190.9.[1:25]:
+R317:
+  hosts:
+    10.190.10.[1:25]:
+R406:
+  hosts:
+    10.190.11.[1:19]:
+R407:
+  hosts:
+    10.190.12.[1:19]:
+
+K200:
+  hosts:
+    10.190.99.41:
+    10.190.99.71:
+    10.190.99.81:
+    10.190.99.91:
+    10.190.99.101:
+    10.190.99.121:
+    10.190.99.141:
+K300:
+  hosts:
+    10.190.98.71:
+    10.190.98.81:
+    10.190.98.101:
+    10.190.98.111:
+    10.190.98.131:
+    10.190.98.161:
+K400:
+  hosts:
+    10.190.97.51:
+    10.190.97.91:
+    10.190.97.101:
+    10.190.97.111:
+    10.190.97.131:
+    10.190.97.141:
+    10.190.97.151:
+
+L200:
+  hosts:
+#    10.190.51.[1:10]:
+L300:
+  hosts:
+#    10.190.52.[1:10]:
+L400:
+  hosts:
+#    10.190.53.[1:10]:
+
+PCroom:
+  children:
+    R202:
+    R216:
+    R217:
+    R314:
+    R317:
+    R319:
+    R406:
+    R407:
+Kroom:
+  children:
+    K200:
+    K300:
+    K400:
+Lroom:
+  children:
+    L200:
+    L300:
+    L400:

From e64008c71421b76564fcf7ec6fc76c894eda80cf Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 14 Aug 2023 16:18:34 +0200
Subject: [PATCH 319/504] store vmimages in /lmn/vm and mount media in
 /lmn/media

---
 roles/lmn_mount/files/lmn-linkhome.sh      |  4 +-
 roles/lmn_mount/tasks/main.yml             | 16 +++-
 roles/lmn_vm/files/create-clone.sh         | 12 +--
 roles/lmn_vm/files/linbo-torrent           |  2 +-
 roles/lmn_vm/files/linbo-torrenthelper.sh  |  4 +-
 roles/lmn_vm/files/link-images.sh          |  9 +--
 roles/lmn_vm/files/lmn-sync-vm             |  6 +-
 roles/lmn_vm/files/mounthome.sh            | 21 +++---
 roles/lmn_vm/files/run-vm.sh               | 87 +++++++++++++---------
 roles/lmn_vm/files/start-virtiofsd.sh      |  2 +-
 roles/lmn_vm/files/sync-vm.sh              | 39 +++++-----
 roles/lmn_vm/files/vmimage-torrent         |  2 +-
 roles/lmn_vm/files/vmimage-torrent.service |  2 +
 roles/lmn_vm/tasks/main.yml                | 38 ++++++++--
 14 files changed, 150 insertions(+), 94 deletions(-)

diff --git a/roles/lmn_mount/files/lmn-linkhome.sh b/roles/lmn_mount/files/lmn-linkhome.sh
index cae89fc..59e0800 100644
--- a/roles/lmn_mount/files/lmn-linkhome.sh
+++ b/roles/lmn_mount/files/lmn-linkhome.sh
@@ -1,4 +1,4 @@
 if [[ "${UID}" -gt 60000 ]]; then
-  [[ -L "/media/${USER}/share" ]] || ln -s .default-school/share "/media/${USER}/share"
-  [[ -L "/media/${USER}/home" ]]  || ln -s ".default-school/${HOME##/srv/samba/schools/default-school/}" "/media/${USER}/home"
+  [[ -L "/lmn/media/${USER}/share" ]] || ln -s .default-school/share "/lmn/media/${USER}/share"
+  [[ -L "/lmn/media/${USER}/home" ]]  || ln -s ".default-school/${HOME##/srv/samba/schools/default-school/}" "/lmn/media/${USER}/home"
 fi
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index c4a85ca..ea542a1 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -26,15 +26,15 @@
         fstype="cifs"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
-        mountpoint="/media/%(USER)/.default-school"
+        mountpoint="/lmn/media/%(USER)/.default-school"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
       <volume
         fstype="davfs"
         path="https://nc.steinbeis.schule/remote.php/dav/files/%(USER)"
-        mountpoint="/media/%(USER)/nextcloud"
-        options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,file_mode=0770,dir_mode=0770"
+        mountpoint="/lmn/media/%(USER)/nextcloud"
+        options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
@@ -78,12 +78,20 @@
     line: KillUserProcesses=yes
     insertafter: '#KillUserProcesses=no'
 
-- name: Deploy script to generate links in /media/$USER/
+- name: Deploy script to generate links in /lmn/media/$USER/
   copy:
     src: lmn-linkhome.sh
     dest: /etc/profile.d/
     mode: '0644'
 
+- name: Bind mount lmn/media with nosuid directory
+  ansible.posix.mount:
+    src: /lmn/media
+    path: /lmn/nosuidmedia
+    opts: nosuid,bind
+    state: present
+    fstype: none
+
 - name: Mount NFSv4 home directory
   ansible.posix.mount:
     src: server:/default-school
diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
index 973c616..1da0640 100755
--- a/roles/lmn_vm/files/create-clone.sh
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -11,19 +11,19 @@ if [[ $# -ne 1 ]]; then
 fi
 
 # change to image-directory
-cd /var/lib/libvirt/images
+cd /lmn/vm
 
 VM_NAME=$1
-VM_DIR="/tmp/${UID}/vmimages"
-VM_XML="${VM_DIR}/xml/${VM_NAME}-clone.xml"
+VM_DIR="/tmp/${UID}/vm"
+VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
 
-if ! [[ -f "xml/${VM_NAME}.xml" && -f "${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
+if ! [[ -f "${VM_NAME}.xml" && -f "${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
     echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
 
 # Create User-VM-Dir and link system VM-Images
-[[ -d "${VM_DIR}/xml" ]] || mkdir -p "${VM_DIR}/xml"
+[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
 sudo /usr/local/bin/link-images.sh
 
 # Create backing file
@@ -31,7 +31,7 @@ cd "${VM_DIR}"
 qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
 
 # Create machine-definition-file
-cp "${VM_DIR}/xml/${VM_NAME}.xml" "${VM_XML}"
+cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
 
 # set VM_DIR:
 sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
diff --git a/roles/lmn_vm/files/linbo-torrent b/roles/lmn_vm/files/linbo-torrent
index e22ed0b..958b2bb 100644
--- a/roles/lmn_vm/files/linbo-torrent
+++ b/roles/lmn_vm/files/linbo-torrent
@@ -30,4 +30,4 @@ MAXUP=""
 TIMEOUT="300"
 
 # user to run ctorrent (server only)
-CTUSER="nobody"
+CTUSER="lmnsynci"
diff --git a/roles/lmn_vm/files/linbo-torrenthelper.sh b/roles/lmn_vm/files/linbo-torrenthelper.sh
index 2775dcf..8f6d4f1 100755
--- a/roles/lmn_vm/files/linbo-torrenthelper.sh
+++ b/roles/lmn_vm/files/linbo-torrenthelper.sh
@@ -12,7 +12,6 @@ torrent="$1"
 
 # get ctorrent options from file
 [ -e /etc/default/linbo-torrent ] && source /etc/default/linbo-torrent
-[ -e /home/raphael/git/fvsclient/etc/default/linbo-torrent ] && source /home/raphael/git/fvsclient/etc/default/linbo-torrent
 
 [ -n "$SEEDHOURS" ] &&  OPTIONS="$OPTIONS -e $SEEDHOURS"
 [ -n "$MAXPEERS" ] &&  OPTIONS="$OPTIONS -M $MAXPEERS"
@@ -25,7 +24,8 @@ OPTIONS="$OPTIONS $torrent"
 [ -n "$CTUSER" ] && SUDO="/usr/bin/sudo -u $CTUSER"
 
 while true; do
- $SUDO /usr/bin/ctorrent $OPTIONS || exit 1
+ #$SUDO /usr/bin/ctorrent $OPTIONS || exit 1
+ /usr/bin/ctorrent $OPTIONS || exit 1
  # hash check only on initial start, add -f parameter
  echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
 done
diff --git a/roles/lmn_vm/files/link-images.sh b/roles/lmn_vm/files/link-images.sh
index 2a465ec..17bb1bb 100755
--- a/roles/lmn_vm/files/link-images.sh
+++ b/roles/lmn_vm/files/link-images.sh
@@ -4,19 +4,16 @@
 set -eu
 
 # change to image-directory
-cd /var/lib/libvirt/images
+cd /lmn/vm
 
-VM_DIR="/tmp/${SUDO_UID}/vmimages"
+VM_DIR="/tmp/${SUDO_UID}/vm"
 
 # link system-VM-Images to User VM Directory
 for i in *.qcow2; do
   [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
 done
 
-# change to image-directory
-cd /var/lib/libvirt/images/xml
-
 # link system-VM-Machine-Definitions to User VM Directory
 for i in *.xml; do
-  [[ -f "${VM_DIR}/xml/${i}" ]] || ln "${i}" "${VM_DIR}/xml/${i}"
+  [[ -f "${VM_DIR}/xml/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
 done
diff --git a/roles/lmn_vm/files/lmn-sync-vm b/roles/lmn_vm/files/lmn-sync-vm
index 284508b..1947e30 100644
--- a/roles/lmn_vm/files/lmn-sync-vm
+++ b/roles/lmn_vm/files/lmn-sync-vm
@@ -1,3 +1,3 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/sync-vm.sh
+%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
+%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
+%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 3c2dd8b..f41c958 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -14,7 +14,7 @@ exit_script() {
 
 if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/media/${SUDO_USER}/home"    && umount "/media/${SUDO_USER}/home"    && rmdir "/media/${SUDO_USER}/home"
-    findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
+    #findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
     findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
     findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
@@ -51,13 +51,14 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
     trap exit_script SIGHUP SIGINT SIGTERM
     sleep infinity 
 else
-    mkdir -p "/media/${SUDO_USER}"
-    chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
-    chmod 0770 "/media/${SUDO_USER}"
-    mkdir -p "/media/${SUDO_USER}/home"
-    mkdir -p "/media/${SUDO_USER}/share"
-    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-           "//server/default-school/${home}" "/media/${SUDO_USER}/home"
-    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-           "//server/default-school/share" "/media/${SUDO_USER}/share"
+    #mkdir -p "/media/${SUDO_USER}"
+    #chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
+    chgrp 1010 "/lmn/media/${SUDO_USER}"
+    chmod 0770 "/lmn/media/${SUDO_USER}"
+    #mkdir -p "/media/${SUDO_USER}/home"
+    #mkdir -p "/media/${SUDO_USER}/share"
+    #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+    #       "//server/default-school/${home}" "/media/${SUDO_USER}/home"
+    #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+    #       "//server/default-school/share" "/media/${SUDO_USER}/share"
 fi
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index 3e48545..1f5d496 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -8,7 +8,7 @@ show_help() {
 Usage: $(basename "$0") [-n] vmname"
 Create a new clone, start the vm (if not yet running) and run virt-viewer.
 Squid-Proxy will be started too.
-User Home will be mounted on /media/USERNAME/home
+### remove, old ### User Home will be mounted on /media/USERNAME/home
     -n   new clone will be created, even if exists
     -s   qemu:///system instead of default qemu:///session
 EOF
@@ -48,39 +48,56 @@ if [[  $# -ne 1 ]] ; then
     exit 1
 fi
 
-# sync vm-torrents and machine definition file
-sudo /usr/local/bin/sync-vm.sh -t
-
 VM_NAME=$1
-VM_DIR="/tmp/${UID}/vmimages"
+VM_DIR="/tmp/${UID}/vm"
 
+check_images() {
+   # sync vm-torrents and machine definition file
+   sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
 
-if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ! -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
-    if [[ ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
-        echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
-        exit 1
-    fi
-    # sync vm-disk image by torrent 
-    sudo /usr/local/bin/sync-vm.sh "${VM_NAME}"
-    echo "sudo /usr/local/bin/sync-vm.sh ${VM_NAME}"
-fi
+   BACKINGARRAY=()
+   imgfile="/lmn/vm/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
+   BACKINGARRAY+=("${imgfile}")
+   echo "Imgfile=$imgfile"
+   if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
+       if [[ ! -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
+           echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
+           exit 1
+       fi
+       # sync vm-disk image by torrent
+       echo "Try to sync VM ${VM_NAME} by torrent"
+       sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${VM_NAME}"
+   fi
 
-echo "qcow2 seems to be available"
+   backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
+   while [[ ! -z "${backingfile}" ]]; do
+       echo "Backingfile required: ${backingfile}"
+       imgfile="/lmn/vm/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
+       BACKINGARRAY+=("${imgfile}")
+       if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
+           # sync vm-disk image by torrent
+           echo "Try to sync backingfile ${backingfile} by torrent"
+           sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${backingfile%.qcow2}"
+       fi
+       backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
+   done
 
-imgfile="/var/lib/libvirt/images/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
-#backingfile=$(qemu-img info -U "${imgfile}" | grep ^image: | cut -d' ' -f2)
+   echo "VM-Image and required backingfiles available"
+   echo "Now, let's check the images."
 
-backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3) 
-while [[ ! -z "${backingfile}" ]]; do 
-    echo $backingfile
-    if [[ ! -f "/var/lib/libvirt/images/${backingfile}" && ! -f "${VM_DIR}/${backingfile}" ]]; then
-        # sync vm-disk image by torrent 
-	sudo /usr/local/bin/sync-vm.sh "${backingfile//.qcow2/}"
-	echo "sudo /usr/local/bin/sync-vm.sh ${backingfile//.qcow2/}"
-    fi
-    imgfile="/var/lib/libvirt/images/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
-    backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3) 
-done
+   # Check VM-Images in reverse order
+   for ((i=${#BACKINGARRAY[@]}-1; i>=0; i--))
+   do
+       echo "Checking ${BACKINGARRAY[$i]}"
+       if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
+           echo "check failed!"
+           echo "sync ${BACKINGARRAY[$i]} again"
+           sudo -u lmnsynci /usr/local/bin/sync-vm.sh $(basename "${BACKINGARRAY[$i]}" .qcow2)
+       fi
+   done
+
+   echo "VM-Image and required backingfiles available and checked"
+}
 
 # check, if we have to start squid
 if ! killall -s 0 squid; then
@@ -88,23 +105,25 @@ if ! killall -s 0 squid; then
     /usr/sbin/squid -f /etc/squid/squid-usermode.conf
 fi
 
-# check, if we have to mount home
-if ! findmnt "/media/${USER}/home"; then
-    echo "mounting home."
+## check, if we have to mount home
+#if ! findmnt "/media/${USER}/home"; then
+#    echo "mounting home."
     sudo mounthome.sh
-fi
+#fi
 
+# because virsh has problems with long pathnames, using diffent configdir
 export XDG_CONFIG_HOME="/tmp/${UID}/.config"
 
 if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
-    echo "VM not yet running. Try to clone and start."
+    echo "VM not yet running."
+    check_images
     if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
         create-clone.sh "${VM_NAME}"
     fi
     # delete the old vm
     virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
     # finally, create the new vm
-    virsh --connect=qemu:///session define "${VM_DIR}/xml/${VM_NAME}-clone.xml"
+    virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
     trap exit_script SIGHUP SIGINT SIGTERM
     [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
     virsh --connect="${QEMU}" start "${VM_NAME}-clone"
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index b7d17b1..83926eb 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -19,7 +19,7 @@ fi
 [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
 #sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
 #sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
-/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/media/${SUDO_USER}" -o sandbox=chroot > /dev/null &
+/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/lmn/nosuidmedia/${SUDO_USER}" -o sandbox=chroot > /dev/null &
 # Wait until socket-File exists and chown to user
 until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
    echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 157150f..e0ee196 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -13,21 +13,18 @@ EOF
 }
 
 download_image() {
-    rsync -av --password-file=/etc/rsync.secret \
-       "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2" \
-       /var/lib/libvirt/images/
-    rsync -av --password-file=/etc/rsync.secret \
-       "rsync://vmuser@server:/vmimages-download/xml/${VM_NAME}.xml" \
-       /var/lib/libvirt/images/xml/
-    rsync -av --password-file=/etc/rsync.secret \
-       "rsync://vmuser@server:/vmimages-download/${VM_NAME}.qcow2.torrent" \
-       /var/lib/libvirt/images/
+    rsync -av "rsync://server:/vmimages-download/${VM_NAME}.qcow2" \
+       /lmn/vm/
+    rsync -av "rsync://server:/vmimages-download/${VM_NAME}.xml" \
+       /lmn/vm/
+    rsync -av "rsync://server:/vmimages-download/${VM_NAME}.qcow2.torrent" \
+       /lmn/vm/
     /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
 }
 
 torrent_image() {
-    if [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]]; then
-      cd /var/lib/libvirt/images
+    if [[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
+      cd /lmn/vm
       ctorrent -e 0 "${VM_NAME}.qcow2.torrent"
       /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
     else
@@ -37,16 +34,16 @@ torrent_image() {
 }
 
 sync_all_images() {
-    rsync -av --password-file=/etc/rsync.secret --files-from=/var/lib/libvirt/images/images.list \
-	  rsync://vmuser@server:/vmimages-download/ /var/lib/libvirt/images/
-    rsync -av --password-file=/etc/rsync.secret rsync://vmuser@server:/vmimages-download/xml \
-	  /var/lib/libvirt/images/
+    rsync -av --files-from=/lmn/vm/images.list \
+	  rsync://server:/vmimages-download/ /lmn/vm/
+    rsync -av rsync://server:/vmimages-download/*.xml \
+	  /lmn/vm/
 }
 
 sync_all_torrents() {
-    rsync -ai rsync://vmuser@server:/vmimages-download/*.torrent /var/lib/libvirt/images/
-    rsync -ai rsync://vmuser@server:/vmimages-download/xml /var/lib/libvirt/images/
-    RSYNC_COMMAND=$(rsync -ai --delete rsync://vmuser@server:/vmimages-download/desktop/*.desktop /usr/local/share/applications/)
+    rsync -ai rsync://server:/vmimages-download/*.torrent /lmn/vm/
+    rsync -ai rsync://server:/vmimages-download/*.xml /lmn/vm/
+    RSYNC_COMMAND=$(rsync -ai --delete rsync://server:/vmimages-download/desktop/*.desktop /usr/local/share/applications/)
     if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
         echo "${RSYNC_COMMAND}"
         update-desktop-database /usr/local/share/applications
@@ -74,6 +71,12 @@ EOF
     fi
 }
 
+if [[ "$(id -nu)" != "lmnsynci" ]]; then
+    echo "$(basename "$0") must be run as lmnsynci user"
+    show_help
+    exit 1
+fi
+
 while getopts ':dat' OPTION; do
     case "$OPTION" in
         d)
diff --git a/roles/lmn_vm/files/vmimage-torrent b/roles/lmn_vm/files/vmimage-torrent
index c9a4a20..4ec8bd6 100755
--- a/roles/lmn_vm/files/vmimage-torrent
+++ b/roles/lmn_vm/files/vmimage-torrent
@@ -11,7 +11,7 @@
 THELPER=linbo-torrenthelper.sh
 #. $LINBOSHAREDIR/helperfunctions.sh || exit 1
 LINBOIMGEXT="qcow2 qdiff"
-LINBOIMGDIR="/var/lib/libvirt/images"
+LINBOIMGDIR="/lmn/vm"
 serverip="10.190.1.1"
 
 # start of functions
diff --git a/roles/lmn_vm/files/vmimage-torrent.service b/roles/lmn_vm/files/vmimage-torrent.service
index 10e6fd2..576e6e1 100644
--- a/roles/lmn_vm/files/vmimage-torrent.service
+++ b/roles/lmn_vm/files/vmimage-torrent.service
@@ -5,6 +5,8 @@ After=network.target
 [Service]
 Type=oneshot
 RemainAfterExit=yes
+User=lmnsynci
+Group=lmnsynci
 ExecStart=/usr/local/bin/vmimage-torrent start
 ExecStop=/usr/local/bin/vmimage-torrent stop
 ExecReload=/usr/local/bin/vmimage-torrent reload
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index d6dd915..395e528 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -18,12 +18,12 @@
     autoremove: true
   when: ansible_distribution_release == 'bookworm'
 
-- name: allow all users to use VMs
-  lineinfile:
-    dest: /etc/libvirt/libvirtd.conf
-    line: 'auth_unix_rw = "none"'
-    insertafter: '#auth_unix_rw = "polkit"'
-  notify: reload libvirtd
+    #- name: allow all users to use VMs
+    #  lineinfile:
+    #    dest: /etc/libvirt/libvirtd.conf
+    #    line: 'auth_unix_rw = "none"'
+    #    insertafter: '#auth_unix_rw = "polkit"'
+    #  notify: reload libvirtd
 
 - name: autostart default network for VMs
   file:
@@ -31,6 +31,20 @@
     dest: /etc/libvirt/qemu/networks/autostart/default.xml
     state: link
 
+- name: create system-user syncing VM-files and others
+  ansible.builtin.user:
+    name: lmnsynci
+    comment: lmn sync user
+    system: true
+
+- name: create vm directory
+  file:
+    path: /lmn/vm
+    state: directory
+    owner: lmnsynci
+    group: lmnsynci
+    mode: 0755
+
 - name: install squid
   apt:
     name:
@@ -136,6 +150,12 @@
     - /usr/local/share/desktop-directories
   notify: Run update-desktop-database
 
+- name: set owner lmnsynci for menu entry directory
+  file:
+    path: /usr/local/share/applications
+    state: directory
+    owner: lmnsynci
+
 - name: Copy fvs.directory
   ansible.builtin.copy:
     src: fvs.directory
@@ -150,6 +170,8 @@
 
 - name: sync .torrent, .xml and .desktop files and run update-desktop-database
   command: /usr/local/bin/sync-vm.sh -t
+  become: true
+  become_user: lmnsynci
   register: result
   changed_when: result.stdout | length > 0
 
@@ -164,6 +186,8 @@
   command: >
     rsync -a --itemize-changes
     rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
+  become: true
+  become_user: lmnsynci
   register: result
   changed_when: result.stdout | length > 0
   when: not run_in_installer | default(false) | bool
@@ -172,6 +196,8 @@
   command: >
     rsync -a -i --files-from=/var/lib/libvirt/images/images.list
     rsync://server:/vmimages-download/ /var/lib/libvirt/images/
+  become: true
+  become_user: lmnsynci
   register: result
   changed_when: result.stdout | length > 0
   when: >

From 316091dd7c5b876eb5b9c1efe37cc4fb04c52df4 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 14 Aug 2023 18:42:47 +0200
Subject: [PATCH 320/504] Fixed path in directory check

---
 roles/lmn_vm/files/link-images.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/link-images.sh b/roles/lmn_vm/files/link-images.sh
index 17bb1bb..c9dd084 100755
--- a/roles/lmn_vm/files/link-images.sh
+++ b/roles/lmn_vm/files/link-images.sh
@@ -15,5 +15,5 @@ done
 
 # link system-VM-Machine-Definitions to User VM Directory
 for i in *.xml; do
-  [[ -f "${VM_DIR}/xml/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
+  [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
 done

From bdbd4f8ce5e87ef17a062878e27f4b45d4d73a34 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 14 Aug 2023 18:44:02 +0200
Subject: [PATCH 321/504] symbolic links to home and share don't work on
 windows

---
 roles/lmn_mount/tasks/main.yml  | 1 +
 roles/lmn_vm/files/mounthome.sh | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index ea542a1..3927d1a 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -83,6 +83,7 @@
     src: lmn-linkhome.sh
     dest: /etc/profile.d/
     mode: '0644'
+  when: false
 
 - name: Bind mount lmn/media with nosuid directory
   ansible.posix.mount:
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index f41c958..d2755ae 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -55,6 +55,15 @@ else
     #chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
     chgrp 1010 "/lmn/media/${SUDO_USER}"
     chmod 0770 "/lmn/media/${SUDO_USER}"
+    if ! findmnt "/lmn/media/${SUDO_USER}/share"; then
+      [[ -d "/lmn/media/${SUDO_USER}/share" ]] || mkdir "/lmn/media/${SUDO_USER}/share"
+      mount --bind "/lmn/media/${SUDO_USER}/.default-school/share" "/lmn/media/${SUDO_USER}/share"
+    fi
+    if ! findmnt "/lmn/media/${SUDO_USER}/home"; then
+      [[ -d "/lmn/media/${SUDO_USER}/home" ]] || mkdir "/lmn/media/${SUDO_USER}/home"
+      home="$(getent passwd $SUDO_USER | cut -d: -f6)"
+      mount --bind "/lmn/media/${SUDO_USER}/.default-school/${home##/srv/samba/schools/default-school/}" "/lmn/media/${SUDO_USER}/home"
+    fi
     #mkdir -p "/media/${SUDO_USER}/home"
     #mkdir -p "/media/${SUDO_USER}/share"
     #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \

From 8eb9748f93348fe3c5bbb551aa5a90f0464516d8 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Mon, 14 Aug 2023 21:07:32 +0200
Subject: [PATCH 322/504] new vm location: /lmn/vm

---
 roles/lmn_vm/files/create-vm.sh | 22 +++++++--------
 roles/lmn_vm/files/mounthome.sh |  1 -
 roles/lmn_vm/files/rebase-vm.sh | 12 ++++----
 roles/lmn_vm/files/upload-vm.sh | 49 +++++++++++++++++----------------
 4 files changed, 43 insertions(+), 41 deletions(-)

diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
index 13ada98..5f858bf 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -3,7 +3,7 @@
 
 set -eu
 # if less than two arguments supplied, display usage
-if [[  $# -ne 2 ]]; then 
+if [[  $# -ne 2 ]]; then
     echo "This script takes as input the name of the VM to clone" >&2
     echo "Usage: $0 vm_name_orig vm_name_clone" >&2
     exit 1
@@ -11,16 +11,16 @@ fi
 
 VM_NAME=$1
 VM_CLONE=$2
-VM_DIR="/tmp/${UID}/vmimages"
+VM_DIR="/tmp/${UID}/vm"
 
 # Create User-VM-Dir and link system VM-Images
-[[ -d "${VM_DIR}/xml" ]] || mkdir -p "${VM_DIR}/xml"
+[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
 sudo /usr/local/bin/link-images.sh
 
 # change to image-directory
 cd "${VM_DIR}"
 
-if { [[ ! -f "xml/${VM_NAME}.xml" ]] && [[ ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
+if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "/lmn/vm/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
     echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
@@ -30,10 +30,10 @@ chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
 
 # virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
 # copy machine-definition-file
-if [[ -f "xml/${VM_NAME}.xml" ]]; then
-  cp "xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
-elif [[ -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" ]]; then
-  cp "/var/lib/libvirt/images/xml/${VM_NAME}.xml" "xml/${VM_NAME}-${VM_CLONE}.xml"
+if [[ -f "${VM_NAME}.xml" ]]; then
+  cp "${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
+elif [[ -f "/lmn/vm/${VM_NAME}.xml" ]]; then
+  cp "/lmn/vm/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
 else
   echo "no machine definition file found" >&2
   exit 1
@@ -41,8 +41,8 @@ fi
 
 # hardware addresses need to be removed, libvirt will assign
 # new addresses automatically
-sed -i /uuid/d "xml/${VM_NAME}-${VM_CLONE}.xml"
-sed -i '/mac address/d' "xml/${VM_NAME}-${VM_CLONE}.xml"
+sed -i /uuid/d "${VM_NAME}-${VM_CLONE}.xml"
+sed -i '/mac address/d' "${VM_NAME}-${VM_CLONE}.xml"
 
 # and actually rename the vm: (this also updates the storage path)
-sed -i "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "xml/${VM_NAME}-${VM_CLONE}.xml"
+sed -i "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index d2755ae..3c0f3bd 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -1,7 +1,6 @@
 #!/usr/bin/bash
 set -eu
 
-share="/srv/samba/schools/default-school/share/"
 home="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's|/srv/samba/schools/default-school/||')"
 
 exit_script() {
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/rebase-vm.sh
index 63cd335..d97a778 100755
--- a/roles/lmn_vm/files/rebase-vm.sh
+++ b/roles/lmn_vm/files/rebase-vm.sh
@@ -31,7 +31,7 @@ if [[  $# -ne 1 ]]; then
 fi
 
 # change to Images directory
-VM_DIR="/tmp/${UID}/vmimages"
+VM_DIR="/tmp/${UID}/vm"
 cd "${VM_DIR}"
 
 VM_NAME="$1"
@@ -68,15 +68,15 @@ qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
 if [[ -v NEWNAME ]]; then
     # copy and adapt machine definition file
     CURRENTNAME="${CURRENTBASE/.qcow2/}"
-    if [[ -f "xml/${CURRENTNAME}.xml" ]]; then
-      cp "xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
-    elif [[ -f "/var/lib/libvirt/images/xml/${CURRENTNAME}.xml" ]]; then
-      cp "/var/lib/libvirt/images/xml/${CURRENTNAME}.xml" "xml/${NEWNAME}.xml"
+    if [[ -f "${CURRENTNAME}.xml" ]]; then
+      cp "${CURRENTNAME}.xml" "${NEWNAME}.xml"
+    elif [[ -f "/lmn/vm/${CURRENTNAME}.xml" ]]; then
+      cp "/lmn/vm/${CURRENTNAME}.xml" "${NEWNAME}.xml"
     else
       echo "no machine definition file found" >&2
       exit 1
     fi
-    sed -i "s/${CURRENTNAME}/${NEWNAME}/" "xml/${NEWNAME}.xml"
+    sed -i "s/${CURRENTNAME}/${NEWNAME}/" "${NEWNAME}.xml"
     NEWNAME="${NEWNAME}.qcow2"
 else
     rm "${CURRENTBASE}"
diff --git a/roles/lmn_vm/files/upload-vm.sh b/roles/lmn_vm/files/upload-vm.sh
index 5f981a9..d028305 100755
--- a/roles/lmn_vm/files/upload-vm.sh
+++ b/roles/lmn_vm/files/upload-vm.sh
@@ -9,43 +9,46 @@ Create torrent and upload disk, torrent and xml-VM-Definiton on server.
 EOF
 }
 
-VM_DIR="/tmp/${SUDO_UID}/vmimages"
+VM_DIR="/tmp/${SUDO_UID}/vm"
 
 upload_image() {
     # check if VM-Diskimage exists
-    if [[ ! (-f "/var/lib/libvirt/images/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
+    if [[ ! (-f "/lmn/vm/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
         echo "File not found ${VM_NAME}.qcow2" >&2
         exit 1
     fi
-    # link private VM-Diskimage to system-Dir
-    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
-          &&   ( -f "/var/lib/libvirt/images/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/var/lib/libvirt/images/${VM_NAME}.qcow2") \
-          || ! -f "/var/lib/libvirt/images/${VM_NAME}.qcow2") ]]; then
-      echo "copy private VM-Diskimage to system-dir"
-      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/var/lib/libvirt/images/${VM_NAME}.qcow2"
-    fi
     # check if VM-Machine-Definition XML exists
-    if [[ ! (-f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" || -f "${VM_DIR}/xml/${VM_NAME}.xml") ]]; then
+    if [[ ! (-f "/lmn/vm/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
         echo "File not found ${VM_NAME}.xml" >&2
         exit 1
     fi
-    # copy private VM-Maschine-Definition XML to system-Dir
-    if [[ -f "${VM_DIR}/xml/${VM_NAME}.xml" \
-          &&   ( -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/${VM_NAME}.xml") \
-          || ! -f "/var/lib/libvirt/images/xml/${VM_NAME}.xml") ]]; then
-      echo "copy private VM-Maschine-Definition XML to system-dir"
-      cp "${VM_DIR}/xml/${VM_NAME}.xml" "/var/lib/libvirt/images/xml/"
+    sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2"
+    # link private VM-Diskimage to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
+          &&   ( -f "/lmn/vm/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/lmn/vm/${VM_NAME}.qcow2") \
+          || ! -f "/lmn/vm/${VM_NAME}.qcow2") ]]; then
+      echo "copy private VM-Diskimage to system-dir"
+      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
+      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/lmn/vm/${VM_NAME}.qcow2"
     fi
-    cd /var/lib/libvirt/images
+    # copy private VM-Maschine-Definition XML to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
+          &&   ( -f "/lmn/vm/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/${VM_NAME}.xml") \
+          || ! -f "/lmn/vm/${VM_NAME}.xml") ]]; then
+      echo "copy private VM-Maschine-Definition XML to system-dir"
+      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
+      cp -a "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/"
+    fi
+    cd /lmn/vm
     # (re-) create torrent file
-    /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
+    sudo -u lmnsynci /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
     # Upload Torrent, qcow2 and machine-definition-XML
-    [[ -f "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
-	  "/var/lib/libvirt/images/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/${VM_NAME}.qcow2" \
+    [[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
+	  "/lmn/vm/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2" \
+	  rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.xml" \
 	  rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/var/lib/libvirt/images/xml/${VM_NAME}.xml" \
-	  rsync://vmuser@server:/vmimages-upload/xml/
 }
 
 # if less than one arguments supplied, display usage

From 7ec3bac2b0b2823a4eb0a9c0ac5f5e2ef3fd349c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 16:42:33 +0200
Subject: [PATCH 323/504] Give arduino a try and add package available again.

---
 roles/lmn_kde/tasks/main.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index ae8a6e6..6e0a277 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -40,7 +40,7 @@
       - ghex
       - thonny
       - spyder
-#      - mu-editor
+      - mu-editor
       - dia
       - vym
       - tree
@@ -51,12 +51,11 @@
       - qtcreator
       - freecad
       - librecad
-#      - arduino
+      - arduino
       - kicad
       - keepassxc
       - tmux
       - curl
-#      - default-jre
       - pulseview
       - sigrok
       - sigrok-cli

From e4639f3418892418d3216e7190e7598141855f53 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 17:26:24 +0200
Subject: [PATCH 324/504] Drop this, it does not prevent installing
 akonadi-backend-mysql.

---
 roles/lmn_kde/tasks/main.yml | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 6e0a277..1d95ced 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,13 +1,4 @@
 ---
-- name: Provide sqlite backend to skip mysql installation later
-  apt:
-    name:
-      - akonadi-backend-sqlite
-    state: latest
-  environment:
-    http_proxy: http://firewall.pn.steinbeis.schule:3128
-    https_proxy: http://firewall.pn.steinbeis.schule:3128
-
 - name: Install desktop EDU packages and some more
   apt:
     name:
@@ -17,11 +8,12 @@
       - xdg-desktop-portal-kde
       - xdg-desktop-portal-wlr # share screen in browser
       - kde-full
-      - atftp
+      - akonadi-backend-sqlite
       - thunderbird-l10n-de
       - webext-privacy-badger
       - webext-ublock-origin-firefox
       - webext-ublock-origin-chromium
+      - atftp
       - emacs
       - elpa-magit
       - elpa-color-theme-modern

From 6da010f89b7e71faf5336838688ce2b3f7fc4301 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 17:39:57 +0200
Subject: [PATCH 325/504] Comment outdated stuff.

---
 roles/lmn_vm/tasks/main.yml | 54 ++++++++++++++++++-------------------
 1 file changed, 27 insertions(+), 27 deletions(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 395e528..abc99b4 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -176,30 +176,30 @@
   changed_when: result.stdout | length > 0
 
 #### VMs
-- name: Deploy initial image list
-  copy:
-    src: images.list
-    dest: /var/lib/libvirt/images/images.list
-    force: false
-
-- name: rsync VM image definitions
-  command: >
-    rsync -a --itemize-changes
-    rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
-  become: true
-  become_user: lmnsynci
-  register: result
-  changed_when: result.stdout | length > 0
-  when: not run_in_installer | default(false) | bool
-
-- name: rsync VM images
-  command: >
-    rsync -a -i --files-from=/var/lib/libvirt/images/images.list
-    rsync://server:/vmimages-download/ /var/lib/libvirt/images/
-  become: true
-  become_user: lmnsynci
-  register: result
-  changed_when: result.stdout | length > 0
-  when: >
-    false and not run_in_installer | default(false) | bool and (ansible_mounts |
-    selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000
+#- name: Deploy initial image list
+#  copy:
+#    src: images.list
+#    dest: /var/lib/libvirt/images/images.list
+#    force: false
+#
+#- name: rsync VM image definitions
+#  command: >
+#    rsync -a --itemize-changes
+#    rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
+#  become: true
+#  become_user: lmnsynci
+#  register: result
+#  changed_when: result.stdout | length > 0
+#  when: not run_in_installer | default(false) | bool
+#
+#- name: rsync VM images
+#  command: >
+#    rsync -a -i --files-from=/lmn/lib/libvirt/images/images.list
+#    rsync://server:/vmimages-download/ /var/lib/libvirt/images/
+#  become: true
+#  become_user: lmnsynci
+#  register: result
+#  changed_when: result.stdout | length > 0
+#  when: >
+#    false and not run_in_installer | default(false) | bool and (ansible_mounts |
+#    selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000

From fdda28f16f1534b02a10b2357adc51f4bbcafffc Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 19:55:08 +0200
Subject: [PATCH 326/504] Fetch fonts from local mirror for reliability.

---
 roles/lmn_kde/tasks/main.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 1d95ced..b1a6bc7 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,4 +1,16 @@
 ---
+- name: preseed packages
+  ansible.builtin.debconf:
+    name: ttf-mscorefonts-installer
+    question: "{{ item.q }}"
+    value: "{{ item.v }}"
+    vtype: string
+  loop:
+    - q: msttcorefonts/dlurl
+      v: http://livebox.pn.steinbeis.schule/mscorefonts/
+    - q: msttcorefonts/http_proxy
+      v:
+
 - name: Install desktop EDU packages and some more
   apt:
     name:
@@ -53,9 +65,6 @@
       - sigrok-cli
       - codeblocks
     state: latest
-  environment:
-    http_proxy: http://firewall.pn.steinbeis.schule:3128
-    https_proxy: http://firewall.pn.steinbeis.schule:3128
 
 - name: Add {{ ansible_distribution_release }}-backports
   apt_repository:

From d125b07b5d1c6a9b1aeed4103c952029fb140d83 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 14 Aug 2023 21:28:16 +0200
Subject: [PATCH 327/504] Proxy value is not empty but the apt cache. Try it in
 an extra task.

---
 roles/lmn_kde/tasks/main.yml | 31 ++++++++++++++++++-------------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index b1a6bc7..078bde2 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,16 +1,4 @@
 ---
-- name: preseed packages
-  ansible.builtin.debconf:
-    name: ttf-mscorefonts-installer
-    question: "{{ item.q }}"
-    value: "{{ item.v }}"
-    vtype: string
-  loop:
-    - q: msttcorefonts/dlurl
-      v: http://livebox.pn.steinbeis.schule/mscorefonts/
-    - q: msttcorefonts/http_proxy
-      v:
-
 - name: Install desktop EDU packages and some more
   apt:
     name:
@@ -48,7 +36,6 @@
       - dia
       - vym
       - tree
-      - ttf-mscorefonts-installer
       - sqlite3
       - sqlitebrowser
       - neovim
@@ -64,6 +51,7 @@
       - sigrok
       - sigrok-cli
       - codeblocks
+    autoremove: true
     state: latest
 
 - name: Add {{ ansible_distribution_release }}-backports
@@ -84,6 +72,23 @@
   when: ansible_distribution_release == 'bullseye'
 
 
+- name: Preseed ttf-mscorefonts-installer
+  ansible.builtin.debconf:
+    name: ttf-mscorefonts-installer
+    question: msttcorefonts/dlurl
+    value: http://livebox.pn.steinbeis.schule/mscorefonts/
+    vtype: string
+
+- name: Install fonts from local mirror
+  apt:
+    name:
+      - ttf-mscorefonts-installer
+    state: latest
+    autoremove: true
+  environment:
+    http_proxy: ''
+
+
 - name: Enable splash screen
   replace:
     dest: "/etc/default/grub"

From 0d4923d3facf4369a94ac0d30f79d14e63160c8a Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Tue, 15 Aug 2023 12:12:46 +0200
Subject: [PATCH 328/504] proxmox added to inventory

---
 inventory/inventory.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 456d41d..08a7d6c 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -2,6 +2,9 @@
 ungrouped:
   hosts:
 
+proxmox:
+  hosts:
+    10.190.5.[51:54]:
 R319:
   hosts:
     10.190.5.[1:13]:

From f06c63f8f591888e0cb03e098ed040d09533bc19 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 15 Aug 2023 13:25:22 +0200
Subject: [PATCH 329/504] Nicer fix for the local-mirror-font issue.

---
 lmn-desktop.yml              |  3 ---
 roles/lmn_kde/tasks/main.yml | 29 +++++++++++------------------
 2 files changed, 11 insertions(+), 21 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 78fc8e4..1112ed1 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -80,9 +80,6 @@
       apt:
         name: firmware-sof-signed
         state: latest
-      environment:
-        http_proxy: http://firewall.pn.steinbeis.schule:3128
-        https_proxy: http://firewall.pn.steinbeis.schule:3128
       when: >
         ansible_board_vendor == "LENOVO" and
         (ansible_board_name == "312D" or ansible_board_name == "312A")
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 078bde2..7dc1836 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,4 +1,11 @@
 ---
+- name: Preseed ttf-mscorefonts-installer
+  ansible.builtin.debconf:
+    name: ttf-mscorefonts-installer
+    question: msttcorefonts/dlurl
+    value: http://livebox.pn.steinbeis.schule/mscorefonts/
+    vtype: string
+
 - name: Install desktop EDU packages and some more
   apt:
     name:
@@ -51,8 +58,11 @@
       - sigrok
       - sigrok-cli
       - codeblocks
+      - ttf-mscorefonts-installer
     autoremove: true
     state: latest
+  environment:
+    http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
 
 - name: Add {{ ansible_distribution_release }}-backports
   apt_repository:
@@ -72,23 +82,6 @@
   when: ansible_distribution_release == 'bullseye'
 
 
-- name: Preseed ttf-mscorefonts-installer
-  ansible.builtin.debconf:
-    name: ttf-mscorefonts-installer
-    question: msttcorefonts/dlurl
-    value: http://livebox.pn.steinbeis.schule/mscorefonts/
-    vtype: string
-
-- name: Install fonts from local mirror
-  apt:
-    name:
-      - ttf-mscorefonts-installer
-    state: latest
-    autoremove: true
-  environment:
-    http_proxy: ''
-
-
 - name: Enable splash screen
   replace:
     dest: "/etc/default/grub"
@@ -154,13 +147,13 @@
       RememberLastUser=false
       RememberLastSession=false
 
+
 - name: Create directory to avoid suspend
   ansible.builtin.file:
     path: /etc/systemd/sleep.conf.d/
     state: directory
     mode: '0755'
 
-
 - name: Avoid suspending
   blockinfile:
     path: /etc/systemd/sleep.conf.d/nosuspend.conf

From 67a9d1e6ef3549cfe0d7aed6452cf8f8e2858d1a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 15 Aug 2023 15:28:10 +0200
Subject: [PATCH 330/504] Fix wireshark for all.

---
 roles/lmn_kde/tasks/main.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 7dc1836..8a1caaf 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,4 +1,11 @@
 ---
+- name: Preseed wireshark to allow users sniffing packets
+  ansible.builtin.debconf:
+    name: wireshark-common
+    question: wireshark-common/install-setuid
+    value: true
+    vtype: boolean
+
 - name: Preseed ttf-mscorefonts-installer
   ansible.builtin.debconf:
     name: ttf-mscorefonts-installer
@@ -105,7 +112,7 @@
       Driver=QSQLITE3
 
 
-- name: Allow users to dump packets for wireshark
+- name: Allow users to dump packets for wireshark without group membership
   ansible.builtin.file:
     path: /usr/bin/dumpcap
     mode: '0755'

From cc4010b1bbb5d6c3f10c042af4764d64f9743de8 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 16 Aug 2023 10:01:37 +0200
Subject: [PATCH 331/504] umount all user mounts on logout

---
 roles/lmn_kde/tasks/main.yml           |  2 +-
 roles/lmn_mount/files/lmn-mounthome.sh |  3 ++
 roles/lmn_mount/tasks/main.yml         | 18 ++++++---
 roles/lmn_vm/files/mounthome.sh        | 52 +++++++++++++++-----------
 roles/lmn_vm/files/run-vm.sh           |  5 ++-
 roles/lmn_vm/files/start-virtiofsd.sh  |  2 +-
 6 files changed, 52 insertions(+), 30 deletions(-)
 create mode 100644 roles/lmn_mount/files/lmn-mounthome.sh

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 8a1caaf..6f3f963 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -3,7 +3,7 @@
   ansible.builtin.debconf:
     name: wireshark-common
     question: wireshark-common/install-setuid
-    value: true
+    value: 'true'
     vtype: boolean
 
 - name: Preseed ttf-mscorefonts-installer
diff --git a/roles/lmn_mount/files/lmn-mounthome.sh b/roles/lmn_mount/files/lmn-mounthome.sh
new file mode 100644
index 0000000..44f81e1
--- /dev/null
+++ b/roles/lmn_mount/files/lmn-mounthome.sh
@@ -0,0 +1,3 @@
+if [[ "${UID}" -gt 60000 ]]; then
+	sudo /usr/local/bin/mounthome.sh &
+fi
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 3927d1a..9e22dfa 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -25,8 +25,8 @@
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
-        path="{{ smb_share }}"
-        mountpoint="/lmn/media/%(USER)/.default-school"
+        path="{{ smb_share }}share"
+        mountpoint="/lmn/media/%(USER)/share"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
@@ -78,17 +78,25 @@
     line: KillUserProcesses=yes
     insertafter: '#KillUserProcesses=no'
 
+- name: Umount all user-mounts on logout
+  blockinfile:
+    dest: /usr/share/sddm/scripts/Xstop
+    block: |
+      for i in $(mount | /usr/bin/grep "/lmn/media/" | /usr/bin/cut -f 3 -d ' '); do
+        umount $i
+      done
+      umount /srv/samba/schools/default-school
+
 - name: Deploy script to generate links in /lmn/media/$USER/
   copy:
-    src: lmn-linkhome.sh
+    src: lmn-mounthome.sh
     dest: /etc/profile.d/
     mode: '0644'
-  when: false
 
 - name: Bind mount lmn/media with nosuid directory
   ansible.posix.mount:
     src: /lmn/media
-    path: /lmn/nosuidmedia
+    path: /lmn/media
     opts: nosuid,bind
     state: present
     fstype: none
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 3c0f3bd..1ad2796 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -5,17 +5,24 @@ home="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's|/srv/samba/schools/de
 
 exit_script() {
     echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
-    findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
-    findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
+    findmnt "/lmn/media/${SUDO_USER}/oldhome" && umount "/lmn/media/${SUDO_USER}/oldhome" && rmdir "/lmn/media/${SUDO_USER}/oldhome"
+    findmnt "/lmn/media/${SUDO_USER}/linuxhome" && umount "/lmn/media/${SUDO_USER}/linuxhome" && rmdir "/lmn/media/${SUDO_USER}/linuxhome"
+    trap - SIGHUP SIGINT SIGTERM # clear the trap
+    kill -- -$$ # Sends SIGTERM to child/sub processes
+}
+
+exit_script_home() {
+    echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
+    umount "/lmn/media/${SUDO_USER}/home"
     trap - SIGHUP SIGINT SIGTERM # clear the trap
     kill -- -$$ # Sends SIGTERM to child/sub processes
 }
 
 if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
-    findmnt "/media/${SUDO_USER}/home"    && umount "/media/${SUDO_USER}/home"    && rmdir "/media/${SUDO_USER}/home"
-    #findmnt "/media/${SUDO_USER}/share"   && umount "/media/${SUDO_USER}/share"   && rmdir "/media/${SUDO_USER}/share"
-    findmnt "/media/${SUDO_USER}/oldhome" && umount "/media/${SUDO_USER}/oldhome" && rmdir "/media/${SUDO_USER}/oldhome"
-    findmnt "/media/${SUDO_USER}/linuxhome" && umount "/media/${SUDO_USER}/linuxhome" && rmdir "/media/${SUDO_USER}/linuxhome"
+    findmnt "/lmn/media/${SUDO_USER}/home"    && umount "/lmn/media/${SUDO_USER}/home"    && rmdir "/lmn/media/${SUDO_USER}/home"
+    #findmnt "/lmn/media/${SUDO_USER}/share"   && umount "/lmn/media/${SUDO_USER}/share"   && rmdir "/lmn/media/${SUDO_USER}/share"
+    findmnt "/lmn/media/${SUDO_USER}/oldhome" && umount "/lmn/media/${SUDO_USER}/oldhome" && rmdir "/lmn/media/${SUDO_USER}/oldhome"
+    findmnt "/lmn/media/${SUDO_USER}/linuxhome" && umount "/lmn/media/${SUDO_USER}/linuxhome" && rmdir "/lmn/media/${SUDO_USER}/linuxhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     echo "Einbinden der Daten des alten/bisherigen Systems (PaedML Novell)."
     echo "Bitte den Username und Passwort aus dem ALTEN System eingeben."
@@ -23,12 +30,12 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     read -srp "Passwort: " PASSWD
     export PASSWD
     echo
-    mkdir -p "/media/${SUDO_USER}/oldhome"
+    mkdir -p "/lmn/media/${SUDO_USER}/oldhome"
     #errcode=$(mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
-    #	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome")
+    #	    "//192.168.1.2/DOCS/fvs" "/lmn/media/${SUDO_USER}/oldhome")
     #if [[ ! "${errcode}" ]]; then
-    mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
-	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome"
+    mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid,nobrl,mfsymlinks" \
+	    "//192.168.1.2/DOCS/fvs" "/lmn/media/${SUDO_USER}/oldhome"
     #echo "Mounting successfull!"
     echo "Einbindung erfolgreich!"
     echo "Dieses Fenster bitte nicht schließen!"
@@ -40,9 +47,9 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
     echo "Bitte den Username und Passwort aus dem ALTEN System (PaedML Novell) eingeben."
     echo "Bitte auch Groß- und Kleinschreibung achten."
     read -rp "Username: " username
-    mkdir -p "/media/${SUDO_USER}/linuxhome"
+    mkdir -p "/lmn/media/${SUDO_USER}/linuxhome"
     mount -t fuse -o "allow_other,uid=${SUDO_UID},gid=1010,reconnect" \
-          "sshfs#${username}@home.steinbeisschule-reutlingen.de:" "/media/${SUDO_USER}/linuxhome"
+          "sshfs#${username}@home.steinbeisschule-reutlingen.de:" "/lmn/media/${SUDO_USER}/linuxhome"
     #echo "Mounting successfull!"
     echo "Einbindung erfolgreich!"
     echo "Dieses Fenster bitte nicht schließen!"
@@ -54,19 +61,22 @@ else
     #chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
     chgrp 1010 "/lmn/media/${SUDO_USER}"
     chmod 0770 "/lmn/media/${SUDO_USER}"
-    if ! findmnt "/lmn/media/${SUDO_USER}/share"; then
-      [[ -d "/lmn/media/${SUDO_USER}/share" ]] || mkdir "/lmn/media/${SUDO_USER}/share"
-      mount --bind "/lmn/media/${SUDO_USER}/.default-school/share" "/lmn/media/${SUDO_USER}/share"
-    fi
+    #if ! findmnt "/lmn/media/${SUDO_USER}/share"; then
+    #  [[ -d "/lmn/media/${SUDO_USER}/share" ]] || mkdir "/lmn/media/${SUDO_USER}/share"
+    #  mount --bind "/lmn/media/${SUDO_USER}/.default-school/share" "/lmn/media/${SUDO_USER}/share"
+    #fi
     if ! findmnt "/lmn/media/${SUDO_USER}/home"; then
       [[ -d "/lmn/media/${SUDO_USER}/home" ]] || mkdir "/lmn/media/${SUDO_USER}/home"
       home="$(getent passwd $SUDO_USER | cut -d: -f6)"
-      mount --bind "/lmn/media/${SUDO_USER}/.default-school/${home##/srv/samba/schools/default-school/}" "/lmn/media/${SUDO_USER}/home"
+      mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,nobrl,mfsymlinks" \
+           "//server/default-school/${home##/srv/samba/schools/default-school/}" "/lmn/media/${SUDO_USER}/home"
+      trap exit_script_home SIGHUP SIGINT SIGTERM
+      sleep infinity 
     fi
-    #mkdir -p "/media/${SUDO_USER}/home"
-    #mkdir -p "/media/${SUDO_USER}/share"
+    #mkdir -p "/lmn/media/${SUDO_USER}/home"
+    #mkdir -p "/lmn/media/${SUDO_USER}/share"
     #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-    #       "//server/default-school/${home}" "/media/${SUDO_USER}/home"
+    #       "//server/default-school/${home}" "/lmn/media/${SUDO_USER}/home"
     #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-    #       "//server/default-school/share" "/media/${SUDO_USER}/share"
+    #       "//server/default-school/share" "/lmn/media/${SUDO_USER}/share"
 fi
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index 1f5d496..d368262 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -108,7 +108,7 @@ fi
 ## check, if we have to mount home
 #if ! findmnt "/media/${USER}/home"; then
 #    echo "mounting home."
-    sudo mounthome.sh
+    sudo mounthome.sh &
 #fi
 
 # because virsh has problems with long pathnames, using diffent configdir
@@ -124,9 +124,10 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
     # finally, create the new vm
     virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
-    trap exit_script SIGHUP SIGINT SIGTERM
+    #trap exit_script SIGHUP SIGINT SIGTERM
     [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
     virsh --connect="${QEMU}" start "${VM_NAME}-clone"
 fi
 echo "starting viewer"
+trap exit_script SIGHUP SIGINT SIGTERM
 virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index 83926eb..83d9e0c 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -19,7 +19,7 @@ fi
 [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
 #sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
 #sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
-/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/lmn/nosuidmedia/${SUDO_USER}" -o sandbox=chroot > /dev/null &
+/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/lmn/media/${SUDO_USER}" -o sandbox=chroot > /dev/null &
 # Wait until socket-File exists and chown to user
 until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
    echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"

From 2fe52816e47f7fafcbe7df4e5b11462c88af5e15 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 16 Aug 2023 12:17:17 +0200
Subject: [PATCH 332/504] install printer based on GPO

---
 lmn-desktop.yml                               |   1 +
 roles/lmn_printer/defaults/main.yml           |   2 +
 roles/lmn_printer/files/90-lmn-sudotools      |   4 +
 .../files/linuxmusterLinuxclient7/__init__.py |   3 +
 .../files/linuxmusterLinuxclient7/computer.py |  57 +++
 .../files/linuxmusterLinuxclient7/config.py   | 136 +++++++
 .../linuxmusterLinuxclient7/constants.py      |  46 +++
 .../linuxmusterLinuxclient7/environment.py    |  60 +++
 .../linuxmusterLinuxclient7/fileHelper.py     | 133 +++++++
 .../files/linuxmusterLinuxclient7/gpo.py      | 291 ++++++++++++++
 .../files/linuxmusterLinuxclient7/gpo.py.orig | 290 ++++++++++++++
 .../files/linuxmusterLinuxclient7/hooks.py    | 219 +++++++++++
 .../linuxmusterLinuxclient7/imageHelper.py    | 220 +++++++++++
 .../files/linuxmusterLinuxclient7/keytab.py   |  52 +++
 .../linuxmusterLinuxclient7/ldapHelper.py     | 148 +++++++
 .../localUserHelper.py                        |  19 +
 .../files/linuxmusterLinuxclient7/logging.py  | 130 +++++++
 .../files/linuxmusterLinuxclient7/printers.py | 129 +++++++
 .../files/linuxmusterLinuxclient7/realm.py    | 195 ++++++++++
 .../files/linuxmusterLinuxclient7/setup.py    | 364 ++++++++++++++++++
 .../files/linuxmusterLinuxclient7/shares.py   | 256 ++++++++++++
 .../linuxmusterLinuxclient7/templates.py      | 128 ++++++
 .../files/linuxmusterLinuxclient7/user.py     | 158 ++++++++
 roles/lmn_printer/files/lmn-printer.sh        |   1 +
 roles/lmn_printer/files/onLogin               |  33 ++
 roles/lmn_printer/files/onLogout              |  38 ++
 roles/lmn_printer/files/rmlpr.service         |   6 +
 roles/lmn_printer/files/rmlpr.timer           |   8 +
 roles/lmn_printer/files/scripts/sudoTools     |  50 +++
 roles/lmn_printer/tasks/main.yml              | 102 +++++
 roles/lmn_printer/templates/network.conf.j2   |   5 +
 31 files changed, 3284 insertions(+)
 create mode 100644 roles/lmn_printer/defaults/main.yml
 create mode 100644 roles/lmn_printer/files/90-lmn-sudotools
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
 create mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
 create mode 100644 roles/lmn_printer/files/lmn-printer.sh
 create mode 100644 roles/lmn_printer/files/onLogin
 create mode 100644 roles/lmn_printer/files/onLogout
 create mode 100644 roles/lmn_printer/files/rmlpr.service
 create mode 100644 roles/lmn_printer/files/rmlpr.timer
 create mode 100755 roles/lmn_printer/files/scripts/sudoTools
 create mode 100644 roles/lmn_printer/tasks/main.yml
 create mode 100644 roles/lmn_printer/templates/network.conf.j2

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 1112ed1..3c30831 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -47,6 +47,7 @@
     - lmn_mount
     - lmn_kde
     - lmn_vm
+    - lmn_printer
     - kerberize
 
   tasks:
diff --git a/roles/lmn_printer/defaults/main.yml b/roles/lmn_printer/defaults/main.yml
new file mode 100644
index 0000000..cf3a823
--- /dev/null
+++ b/roles/lmn_printer/defaults/main.yml
@@ -0,0 +1,2 @@
+smb_server: "server"
+smb_share: "default-school/"
diff --git a/roles/lmn_printer/files/90-lmn-sudotools b/roles/lmn_printer/files/90-lmn-sudotools
new file mode 100644
index 0000000..1c82b4d
--- /dev/null
+++ b/roles/lmn_printer/files/90-lmn-sudotools
@@ -0,0 +1,4 @@
+%examusers ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
+%role-student ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
+%role-teacher ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
+
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
new file mode 100644
index 0000000..bf319b7
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
@@ -0,0 +1,3 @@
+#
+# linuxmuster-linuxclient7 is a library for use with Linuxmuster.net
+#
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
new file mode 100644
index 0000000..701ab81
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
@@ -0,0 +1,57 @@
+import socket
+from linuxmusterLinuxclient7 import logging, ldapHelper, realm, localUserHelper
+
+def hostname():
+    """
+    Get the hostname of the computer
+
+    :return: The hostname
+    :rtype: str
+    """
+    return socket.gethostname().split('.', 1)[0]
+
+def krbHostName():
+    """
+    Get the krb hostname, eg. `COMPUTER01$`
+
+    :return: The krb hostname
+    :rtype: str
+    """
+    return hostname().upper() + "$"
+
+def readAttributes():
+    """
+    Read all ldap attributes of the cumputer
+
+    :return: Tuple (success, dict of attributes)
+    :rtype: tuple
+    """
+    return ldapHelper.searchOne("(sAMAccountName={}$)".format(hostname()))
+
+def isInGroup(groupName):
+    """
+    Check if the computer is part of an ldap group
+
+    :param groupName: The name of the group to check
+    :type grouName: str
+    :return: True or False
+    :rtype: bool
+    """
+    rc, groups = localUserHelper.getGroupsOfLocalUser(krbHostName())
+    if not rc:
+        return False
+
+    return groupName in groups
+
+def isInAD():
+    """
+    Check if the computer is joined to an AD
+
+    :return: True or False
+    :rtype: bool
+    """
+    rc, groups = localUserHelper.getGroupsOfLocalUser(krbHostName())
+    if not rc:
+        return False
+
+    return "domain computers" in groups
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
new file mode 100644
index 0000000..bbfbaf9
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
@@ -0,0 +1,136 @@
+import configparser, re
+from linuxmusterLinuxclient7 import logging, constants
+
+def network():
+    """
+    Get the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
+
+    :return: Tuple (success, dict of keys)
+    :rtype: tuple
+    """
+    rc, rawNetworkConfig = _readNetworkConfig()
+    if not rc:
+        return False, None
+
+    if not _checkNetworkConfigVersion(rawNetworkConfig)[0]:
+        return False, None
+
+    networkConfig = {}
+
+    try:
+        networkConfig["serverHostname"] = rawNetworkConfig["serverHostname"]
+        networkConfig["domain"] = rawNetworkConfig["domain"]
+        networkConfig["realm"] = rawNetworkConfig["realm"]
+    except KeyError as e:
+        logging.error("Error when reading network.conf (2)")
+        logging.exception(e)
+        return False, None
+
+    return True, networkConfig
+
+def writeNetworkConfig(newNetworkConfig):
+    """
+    Write the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
+
+    :param newNetworkConfig: The new config
+    :type newNetworkConfig: dict
+    :return: True or False
+    :rtype: bool
+    """
+    networkConfig = configparser.ConfigParser(interpolation=None)
+
+    try:
+        networkConfig["network"] = {}
+        networkConfig["network"]["version"] = str(_networkConfigVersion())
+        networkConfig["network"]["serverHostname"] = newNetworkConfig["serverHostname"]
+        networkConfig["network"]["domain"] = newNetworkConfig["domain"]
+        networkConfig["network"]["realm"] = newNetworkConfig["realm"]
+    except Exception as e:
+        logging.error("Error when preprocessing new network configuration!")
+        logging.exception(e)
+        return False
+
+    try:
+        logging.info("Writing new network Configuration")
+        with open(constants.networkConfigFilePath, 'w') as networkConfigFile:
+            networkConfig.write(networkConfigFile)
+
+    except Exception as e:
+        logging.error("Failed!")
+        logging.exception(e)
+        return False
+
+    return True
+
+def upgrade():
+    """
+    Upgrade the format of the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
+    This is done automatically on package upgrades.
+
+    :return: True or False
+    :rtype: bool
+    """
+    return _upgradeNetworkConfig()
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _readNetworkConfig():
+    configParser = configparser.ConfigParser()
+    configParser.read(constants.networkConfigFilePath)
+    try:
+        rawNetworkConfig = configParser["network"]
+        return True, rawNetworkConfig
+    except KeyError as e:
+        logging.error("Error when reading network.conf (1)")
+        logging.exception(e)
+        return False, None
+    return configParser
+
+def _networkConfigVersion():
+    return 1
+
+def _checkNetworkConfigVersion(rawNetworkConfig):
+    try:
+        networkConfigVersion = int(rawNetworkConfig["version"])
+    except KeyError as e:
+        logging.warning("The network.conf version could not be identified, assuming 0")
+        networkConfigVersion = 0
+
+    if networkConfigVersion != _networkConfigVersion():
+        logging.warning("The network.conf Version is a mismatch!")
+        return False, networkConfigVersion
+
+    return True, networkConfigVersion
+
+def _upgradeNetworkConfig():
+    logging.info("Upgrading network config.")
+    rc, rawNetworkConfig = _readNetworkConfig()
+    if not rc:
+        return False
+
+    rc, networkConfigVersion = _checkNetworkConfigVersion(rawNetworkConfig)
+    if rc:
+        logging.info("No need to upgrade, already up-to-date.")
+        return True
+
+    logging.info("Upgrading network config from {0} to {1}".format(networkConfigVersion, _networkConfigVersion()))
+    
+    if networkConfigVersion > _networkConfigVersion():
+        logging.error("Cannot upgrade from a newer version to an older one!")
+        return False
+
+    try:
+        if networkConfigVersion == 0:
+            newNetworkConfig = {}
+            newNetworkConfig["serverHostname"] = rawNetworkConfig["serverHostname"] + "." + rawNetworkConfig["domain"]
+            newNetworkConfig["domain"] = rawNetworkConfig["domain"]
+            newNetworkConfig["realm"] = rawNetworkConfig["domain"].upper()
+            return writeNetworkConfig(newNetworkConfig)
+    except Exception as e:
+        logging.error("Error when upgrading network config!")
+        logging.exception(e)
+        return False
+
+    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
new file mode 100644
index 0000000..34d8243
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
@@ -0,0 +1,46 @@
+#!/usr/bin/python3
+
+templateUser = "linuxadmin"
+userTemplateDir = "/home/" + templateUser
+defaultDomainAdminUser = "global-admin"
+
+# {} will be substituted for the username
+shareMountBasepath = "/home/{}/media"
+hiddenShareMountBasepath = "/srv/samba/{}"
+machineAccountSysvolMountPath = "/var/lib/samba/sysvol"
+
+etcBaseDir = "/etc/linuxmuster-linuxclient7"
+shareBaseDir = "/usr/share/linuxmuster-linuxclient7"
+configFileTemplateDir = shareBaseDir + "/templates"
+scriptDir = shareBaseDir + "/scripts"
+
+networkConfigFilePath = etcBaseDir + "/network.conf"
+# {} will be substituted for the username
+tmpEnvironmentFilePath = "/home/{}/.linuxmuster-linuxclient7-environment.sh"
+
+notTemplatableFiles = ["/etc/sssd/sssd.conf", "/etc/linuxmuster-linuxclient7/network.conf"]
+
+# cleanup
+obsoleteFiles = [
+    "/etc/profile.d/99-linuxmuster.sh",
+    "/etc/sudoers.d/linuxmuster",
+    "/etc/profile.d/linuxmuster-proxy.sh",
+    "/etc/bash_completion.d/99-linuxmuster-client-adsso.sh",
+    "/etc/profile.d/99-linuxmuster-client-adsso.sh",
+    "/etc/sudoers.d/linuxmuster-client-adsso",
+    "/usr/sbin/linuxmuster-client-adsso",
+    "/usr/sbin/linuxmuster-client-adsso-print-logs",
+    "/etc/systemd/system/linuxmuster-client-adsso.service",
+    "{}/.config/autostart/linuxmuster-client-adsso-autostart.desktop".format(userTemplateDir),
+    "/etc/cups/client.conf",
+    "/usr/share/linuxmuster-linuxclient7/templates/linuxmuster-client-adsso.service",
+    "/usr/share/linuxmuster-linuxclient7/templates/linuxmuster-client-adsso-autostart.desktop",
+    "/etc/security/pam_mount.conf.xml",
+    "{}/pam_mount.conf.xml".format(configFileTemplateDir)
+]
+
+obsoleteDirectories = [
+    "/etc/linuxmuster-client",
+    "/etc/linuxmuster-client-adsso",
+    "/usr/share/linuxmuster-client-adsso"
+]
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
new file mode 100644
index 0000000..e25b622
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
@@ -0,0 +1,60 @@
+import os
+from linuxmusterLinuxclient7 import constants, user, logging
+
+def export(keyValuePair):
+    """
+    Export an environment variable
+
+    :param keyValuePair: Key value pair in format `key=value`
+    :type keyValuePait: str
+    :return: True or False
+    :rtype: bool
+    """
+    logging.debug("Saving export '{}' to tmp file".format(keyValuePair))
+    
+    envList = keyValuePair.split("=")
+    if len(envList) == 2:
+        os.putenv(envList[0], envList[1])
+    
+    return _appendToTmpEnvFile("export", keyValuePair)
+
+def unset(key):
+    """
+    Unset a previously exported environment variable
+
+    :param key: The key to unset
+    :type key: str
+    :return: True or False
+    :rtype: bool
+    """
+    logging.debug("Saving unset '{}' to tmp file".format(key))
+    return _appendToTmpEnvFile("unset", key)
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _isApplicable():
+    if not user.isInAD():
+        logging.error("Modifying environment variables of non-AD users is not supported by lmn-export and lmn-unset!")
+        return False
+    elif "LinuxmusterLinuxclient7EnvFixActive" not in os.environ or os.environ["LinuxmusterLinuxclient7EnvFixActive"] != "1":
+        logging.error("lmn-export and lmn-unset may only be used inside of linuxmuster-linuxclient7 hooks!")
+        return False
+    else:
+        return True
+
+def _appendToTmpEnvFile(mode, keyValuePair):
+    if not _isApplicable():
+        return False
+    
+    tmpEnvironmentFilePath = constants.tmpEnvironmentFilePath.format(user.username())
+    fileOpenMode = "a" if os.path.exists(tmpEnvironmentFilePath) else "w"
+
+    try:
+        with open(tmpEnvironmentFilePath, fileOpenMode) as tmpEnvironmentFile:
+            tmpEnvironmentFile.write("\n{0} '{1}'".format(mode, keyValuePair))
+            return True
+    except Exception as e:
+        logging.exception(e)
+        return False
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
new file mode 100644
index 0000000..ad9b55e
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
@@ -0,0 +1,133 @@
+import os, shutil
+from linuxmusterLinuxclient7 import logging
+
+def removeLinesInFileContainingString(filePath, forbiddenStrings):
+    """
+    Remove all lines containing a given string form a file.
+
+    :param filePath: The path to the file
+    :type filePath: str
+    :param forbiddenStrings: The string to search for
+    :type forbiddenStrings: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    if not isinstance(forbiddenStrings, list):
+        forbiddenStrings = [forbiddenStrings]
+    
+    try:
+        with open(filePath, "r") as originalFile:
+            originalContents = originalFile.read()
+    except Exception as e:
+        logging.exception(e)
+        logging.warning("Could not read contents of original file")
+        return False
+
+    newContents = ""
+    for line in originalContents.split("\n"):
+        lineIsClean = True
+        for forbiddenString in forbiddenStrings:
+            lineIsClean = lineIsClean and not forbiddenString in line
+            
+        if lineIsClean :
+            newContents += line + "\n"
+
+    try:
+        with open(filePath, "w") as originalFile:
+            originalFile.write(newContents)
+    except Exception as e:    
+        logging.exception(e)
+        logging.warning("Could not write new contents to original file")
+        return False
+
+    return True
+
+def deleteFile(filePath):
+    """
+    Delete a file
+
+    :param filePath: The path of the file
+    :type filePath: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    try:
+        if os.path.exists(filePath):
+            os.unlink(filePath)
+        return True
+    except Exception as e:
+        logging.error("Failed!")
+        logging.exception(e)
+        return False
+
+def deleteFilesWithExtension(directory, extension):
+    """
+    Delete all files with a given extension in a given directory.
+
+    :param directory: The path of the directory
+    :type directory: str
+    :param extension: The file extension
+    :type extension: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    if directory.endswith("/"):
+        directory = directory[:-1]
+        
+    if not os.path.exists(directory):
+        return True
+
+    existingFiles=os.listdir(directory)
+
+    for file in existingFiles:
+        if file.endswith(extension):
+            logging.info("* Deleting {}".format(file))
+            if not deleteFile("{}/{}".format(directory, file)):
+                logging.error("Failed!")
+                return False
+
+    return True
+
+def deleteDirectory(directory):
+    """
+    Recoursively delete a directory.
+
+    :param directory: The path of the directory
+    :type directory: bool
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    try:
+        shutil.rmtree(directory)
+    except:
+        return False
+    return True
+
+def deleteAllInDirectory(directory):
+    """
+    Delete all files in a given directory
+
+    :param directory: The path of the directory
+    :type directory: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """    
+
+    if directory.endswith("/"):
+        directory = directory[:-1]
+        
+    if not os.path.exists(directory):
+        return True
+
+    existingFiles=os.listdir(directory)
+    for file in existingFiles:
+        fullFilePath = "{}/{}".format(directory, file)
+        if os.path.isdir(fullFilePath):
+            rc = deleteDirectory(fullFilePath)
+        else:
+            rc = deleteFile(fullFilePath)
+        if not rc:
+            logging.error("Failed!")
+            return False
+
+    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
new file mode 100644
index 0000000..43d08a8
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
@@ -0,0 +1,291 @@
+ # Order of parsing: (overwriting each other)
+ # 1. Local (does not apply)
+ # 2. Site (does not apply)
+ # 3. Domain
+ # 4. OUs from top to bottom
+import ldap, ldap.sasl, re, os.path
+import xml.etree.ElementTree as ElementTree
+from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, computer, printers
+
+def processAllPolicies():
+    """
+    Process all applicable policies (equivalent to gpupdate on windows)
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """    
+    rc, policyDnList = _findApplicablePolicies()
+    if not rc:
+        logging.fatal("* Error when loading applicable GPOs! Shares and printers will not work.")
+        return False
+
+    for policyDn in policyDnList:
+        _parsePolicy(policyDn)
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _parseGplinkSring(string):
+    # a gPLink strink looks like this:
+    # [LDAP://<link>;<status>][LDAP://<link>;<status>][...]
+    # The ragex matches <link> and <status> in two separate groups
+    # Note: "LDAP://" is matched as .*:// to prevent issues when the capitalization changes
+    pattern = re.compile("\\[.*:\\/\\/([^\\]]+)\\;([0-9]+)\\]")
+
+    return pattern.findall(string)
+
+def _extractOUsFromDN(dn):
+    # NOT finished!
+    pattern = re.compile("OU=([^,]+),")
+
+    ouList = pattern.findall(dn)
+    # We need to parse from top to bottom
+    ouList.reverse()
+    return ouList
+
+def _findApplicablePolicies():
+
+    policyDnList = []
+
+    """ Do this later!
+    # 1. Domain
+    rc, domainAdObject = ldapHelper.searchOne("(distinguishedName={})".format(ldapHelper.baseDn()))
+
+    if not rc:
+        return False, None
+
+    policyDNs.extend(_parseGplinkSring(domainAdObject["gPLink"]))
+
+    # 2. OU policies from top to bottom
+    rc, userAdObject = ldapHelper.searchOne("(sAMAccountName={})".format(user.username()))
+
+    if not rc:
+        return False, None
+
+    print(userAdObject["distinguishedName"])
+    """
+
+    # For now, just parse policy sophomorix:school:<school name>
+    rc, schoolName = user.school()
+    if not rc:
+        return False, None
+
+    policyName = "sophomorix:school:{}".format(schoolName)
+
+    # find policy
+    rc, policyAdObject = ldapHelper.searchOne("(displayName={})".format(policyName))
+    if not rc:
+        return False, None
+
+    policyDnList.append((policyAdObject["distinguishedName"], 0))
+
+    return True, policyDnList
+
+def _parsePolicy(policyDn):
+    logging.info("=== Parsing policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
+
+    # Check if the policy is disabled
+    if policyDn[1] == 1:
+        logging.info("===> Policy is disabled! ===")
+        return True
+
+    # Find policy in AD
+    rc, policyAdObject = ldapHelper.searchOne("(distinguishedName={})".format(policyDn[0]))
+    if not rc:
+        logging.error("===> Could not find poilcy in AD! ===")
+        return False, None
+
+    # mount the share the policy is on (probaply already mounted, just to be sure)
+    rc, localPolicyPath = shares.getMountpointOfRemotePath(policyAdObject["gPCFileSysPath"], hiddenShare = True, autoMount = True)
+    if not rc:
+        logging.error("===> Could not mount path of poilcy! ===")
+        return False, None
+
+    try:
+        # parse drives
+        # Skip Drive Policys (fvs change)
+        #_processDrivesPolicy(localPolicyPath)
+        # parse printers
+        _processPrintersPolicy(localPolicyPath)
+    except Exception as e:
+        logging.error("An error occured when parsing policy!")
+        logging.exception(e)
+    
+    logging.info("===> Parsed policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
+
+def _parseXmlFilters(filtersXmlNode):
+    if not filtersXmlNode.tag == "Filters":
+        logging.warning("Tried to parse a non-filter node as a filter!")
+        return []
+
+    filters = []
+
+    for xmlFilter in filtersXmlNode:
+        if xmlFilter.tag == "FilterGroup":
+            filters.append({
+                "name": xmlFilter.attrib["name"].split("\\")[1],
+                "bool": xmlFilter.attrib["bool"],
+                "userContext": xmlFilter.attrib["userContext"],
+                # userContext defines if the filter applies in user or computer context
+                "type": xmlFilter.tag
+                })
+
+    return filters
+
+def _processFilters(policies):
+    filteredPolicies = []
+
+    for policy in policies:
+        if  not len(policy["filters"]) > 0:
+            filteredPolicies.append(policy)
+        else:
+            filtersPassed = True
+            for filter in policy["filters"]:
+                logging.debug("Testing filter: {}".format(filter))
+                # TODO: check for AND and OR
+                if filter["bool"] == "AND":
+                    filtersPassed = filtersPassed and _processFilter(filter)
+                elif filter["bool"] == "OR":
+                    filtersPassed = filtersPassed or _processFilter(filter)
+                else:
+                    logging.warning("Unknown boolean operation: {}! Cannot process filter!".format(filter["bool"]))
+
+            if filtersPassed:
+                filteredPolicies.append(policy)
+
+    return filteredPolicies
+
+def _processFilter(filter):
+    if filter["type"] == "FilterGroup":
+        if filter["userContext"] == "1":
+            return user.isInGroup(filter["name"])
+        elif filter["userContext"] == "0":
+            return computer.isInGroup(filter["name"])
+
+    return False
+
+def _parseXmlPolicy(policyFile):
+    if not os.path.isfile(policyFile):
+        logging.warning("==> XML policy file not found! ==")
+        return False, None
+
+    try:
+        tree = ElementTree.parse(policyFile)
+        return True, tree
+    except Exception as e:
+        logging.exception(e)
+        logging.error("==> Error while reading XML policy file! ==")
+        return False, None
+
+def _processDrivesPolicy(policyBasepath):
+    logging.info("== Parsing a drive policy! ==")
+    policyFile = "{}/User/Preferences/Drives/Drives.xml".format(policyBasepath)
+    shareList = []
+
+    rc, tree = _parseXmlPolicy(policyFile)
+
+    if not rc:
+        logging.error("==> Error while reading Drives policy file, skipping! ==")
+        return
+
+    xmlDrives = tree.getroot()
+
+    if not xmlDrives.tag == "Drives":
+        logging.warning("==> Drive policy xml File is of invalid format, skipping! ==")
+        return
+
+    for xmlDrive in xmlDrives:
+
+        if xmlDrive.tag != "Drive" or ("disabled" in xmlDrive.attrib and xmlDrive.attrib["disabled"] == "1"):
+            continue
+
+        drive = {}
+        drive["filters"] = []
+        for xmlDriveProperty in xmlDrive:
+            if xmlDriveProperty.tag == "Properties":
+                try:
+                    drive["label"] = xmlDriveProperty.attrib["label"]
+                    drive["letter"] = xmlDriveProperty.attrib["letter"]
+                    drive["path"] = xmlDriveProperty.attrib["path"]
+                    drive["useLetter"] = xmlDriveProperty.attrib["useLetter"]
+                except Exception as e:
+                    logging.warning("Exception when parsing a drive policy XML file")
+                    logging.exception(e)
+                    continue
+
+            if xmlDriveProperty.tag == "Filters":
+                drive["filters"] = _parseXmlFilters(xmlDriveProperty)
+
+        shareList.append(drive)
+
+    shareList = _processFilters(shareList)
+
+    logging.info("Found shares:")
+    for drive in shareList:
+        logging.info("* {:10}| {:5}| {:40}| {:5}".format(drive["label"], drive["letter"], drive["path"], drive["useLetter"]))
+
+    for drive in shareList:
+        if drive["useLetter"] == "1":
+            shareName = f"{drive['label']} ({drive['letter']}:)"  
+        else:
+            shareName = drive["label"]
+        shares.mountShare(drive["path"], shareName=shareName)
+
+    logging.info("==> Successfully parsed a drive policy! ==")
+
+def _processPrintersPolicy(policyBasepath):
+    logging.info("== Parsing a printer policy! ==")
+    policyFile = "{}/User/Preferences/Printers/Printers.xml".format(policyBasepath)
+    printerList = []
+    # test
+    rc, tree = _parseXmlPolicy(policyFile)
+
+    if not rc:
+        logging.error("==> Error while reading Printer policy file, skipping! ==")
+        return
+
+    xmlPrinters = tree.getroot()
+
+    if not xmlPrinters.tag == "Printers":
+        logging.warning("==> Printer policy xml File is of invalid format, skipping! ==")
+        return
+
+    for xmlPrinter in xmlPrinters:
+
+        if xmlPrinter.tag != "SharedPrinter" or ("disabled" in xmlPrinter.attrib and xmlPrinter.attrib["disabled"] == "1"):
+            continue
+
+        printer = {}
+        printer["filters"] = []
+
+        try:
+            printer["name"] = xmlPrinter.attrib["name"]
+        except Exception as e:
+            logging.warning("Exception when reading a printer name from a printer policy XML file")
+            logging.exception(e)
+
+        for xmlPrinterProperty in xmlPrinter:
+            if xmlPrinterProperty.tag == "Properties":
+                try:
+                    rc, printerUrl = printers.translateSambaToIpp(xmlPrinterProperty.attrib["path"])
+                    if rc:
+                        printer["path"] = printerUrl
+                except Exception as e:
+                    logging.warning("Exception when parsing a printer policy XML file")
+                    logging.exception(e)
+                    continue
+
+            if xmlPrinterProperty.tag == "Filters":
+                printer["filters"] = _parseXmlFilters(xmlPrinterProperty)
+
+        printerList.append(printer)
+
+    printerList = _processFilters(printerList)
+
+    logging.info("Found printers:")
+    for printer in printerList:
+        logging.info("* {0}\t\t| {1}\t| {2}".format(printer["name"], printer["path"], printer["filters"]))
+        printers.installPrinter(printer["path"], printer["name"])
+
+    logging.info("==> Successfully parsed a printer policy! ==")
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
new file mode 100644
index 0000000..20f10ba
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
@@ -0,0 +1,290 @@
+ # Order of parsing: (overwriting each other)
+ # 1. Local (does not apply)
+ # 2. Site (does not apply)
+ # 3. Domain
+ # 4. OUs from top to bottom
+import ldap, ldap.sasl, re, os.path
+import xml.etree.ElementTree as ElementTree
+from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, computer, printers
+
+def processAllPolicies():
+    """
+    Process all applicable policies (equivalent to gpupdate on windows)
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """    
+    rc, policyDnList = _findApplicablePolicies()
+    if not rc:
+        logging.fatal("* Error when loading applicable GPOs! Shares and printers will not work.")
+        return False
+
+    for policyDn in policyDnList:
+        _parsePolicy(policyDn)
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _parseGplinkSring(string):
+    # a gPLink strink looks like this:
+    # [LDAP://<link>;<status>][LDAP://<link>;<status>][...]
+    # The ragex matches <link> and <status> in two separate groups
+    # Note: "LDAP://" is matched as .*:// to prevent issues when the capitalization changes
+    pattern = re.compile("\\[.*:\\/\\/([^\\]]+)\\;([0-9]+)\\]")
+
+    return pattern.findall(string)
+
+def _extractOUsFromDN(dn):
+    # NOT finished!
+    pattern = re.compile("OU=([^,]+),")
+
+    ouList = pattern.findall(dn)
+    # We need to parse from top to bottom
+    ouList.reverse()
+    return ouList
+
+def _findApplicablePolicies():
+
+    policyDnList = []
+
+    """ Do this later!
+    # 1. Domain
+    rc, domainAdObject = ldapHelper.searchOne("(distinguishedName={})".format(ldapHelper.baseDn()))
+
+    if not rc:
+        return False, None
+
+    policyDNs.extend(_parseGplinkSring(domainAdObject["gPLink"]))
+
+    # 2. OU policies from top to bottom
+    rc, userAdObject = ldapHelper.searchOne("(sAMAccountName={})".format(user.username()))
+
+    if not rc:
+        return False, None
+
+    print(userAdObject["distinguishedName"])
+    """
+
+    # For now, just parse policy sophomorix:school:<school name>
+    rc, schoolName = user.school()
+    if not rc:
+        return False, None
+
+    policyName = "sophomorix:school:{}".format(schoolName)
+
+    # find policy
+    rc, policyAdObject = ldapHelper.searchOne("(displayName={})".format(policyName))
+    if not rc:
+        return False, None
+
+    policyDnList.append((policyAdObject["distinguishedName"], 0))
+
+    return True, policyDnList
+
+def _parsePolicy(policyDn):
+    logging.info("=== Parsing policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
+
+    # Check if the policy is disabled
+    if policyDn[1] == 1:
+        logging.info("===> Policy is disabled! ===")
+        return True
+
+    # Find policy in AD
+    rc, policyAdObject = ldapHelper.searchOne("(distinguishedName={})".format(policyDn[0]))
+    if not rc:
+        logging.error("===> Could not find poilcy in AD! ===")
+        return False, None
+
+    # mount the share the policy is on (probaply already mounted, just to be sure)
+    rc, localPolicyPath = shares.getMountpointOfRemotePath(policyAdObject["gPCFileSysPath"], hiddenShare = True, autoMount = True)
+    if not rc:
+        logging.error("===> Could not mount path of poilcy! ===")
+        return False, None
+
+    try:
+        # parse drives
+        _processDrivesPolicy(localPolicyPath)
+        # parse printers
+        _processPrintersPolicy(localPolicyPath)
+    except Exception as e:
+        logging.error("An error occured when parsing policy!")
+        logging.exception(e)
+    
+    logging.info("===> Parsed policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
+
+def _parseXmlFilters(filtersXmlNode):
+    if not filtersXmlNode.tag == "Filters":
+        logging.warning("Tried to parse a non-filter node as a filter!")
+        return []
+
+    filters = []
+
+    for xmlFilter in filtersXmlNode:
+        if xmlFilter.tag == "FilterGroup":
+            filters.append({
+                "name": xmlFilter.attrib["name"].split("\\")[1],
+                "bool": xmlFilter.attrib["bool"],
+                "userContext": xmlFilter.attrib["userContext"],
+                # userContext defines if the filter applies in user or computer context
+                "type": xmlFilter.tag
+                })
+
+    return filters
+
+def _processFilters(policies):
+    filteredPolicies = []
+
+    for policy in policies:
+        if  not len(policy["filters"]) > 0:
+            filteredPolicies.append(policy)
+        else:
+            filtersPassed = True
+            for filter in policy["filters"]:
+                logging.debug("Testing filter: {}".format(filter))
+                # TODO: check for AND and OR
+                if filter["bool"] == "AND":
+                    filtersPassed = filtersPassed and _processFilter(filter)
+                elif filter["bool"] == "OR":
+                    filtersPassed = filtersPassed or _processFilter(filter)
+                else:
+                    logging.warning("Unknown boolean operation: {}! Cannot process filter!".format(filter["bool"]))
+
+            if filtersPassed:
+                filteredPolicies.append(policy)
+
+    return filteredPolicies
+
+def _processFilter(filter):
+    if filter["type"] == "FilterGroup":
+        if filter["userContext"] == "1":
+            return user.isInGroup(filter["name"])
+        elif filter["userContext"] == "0":
+            return computer.isInGroup(filter["name"])
+
+    return False
+
+def _parseXmlPolicy(policyFile):
+    if not os.path.isfile(policyFile):
+        logging.warning("==> XML policy file not found! ==")
+        return False, None
+
+    try:
+        tree = ElementTree.parse(policyFile)
+        return True, tree
+    except Exception as e:
+        logging.exception(e)
+        logging.error("==> Error while reading XML policy file! ==")
+        return False, None
+
+def _processDrivesPolicy(policyBasepath):
+    logging.info("== Parsing a drive policy! ==")
+    policyFile = "{}/User/Preferences/Drives/Drives.xml".format(policyBasepath)
+    shareList = []
+
+    rc, tree = _parseXmlPolicy(policyFile)
+
+    if not rc:
+        logging.error("==> Error while reading Drives policy file, skipping! ==")
+        return
+
+    xmlDrives = tree.getroot()
+
+    if not xmlDrives.tag == "Drives":
+        logging.warning("==> Drive policy xml File is of invalid format, skipping! ==")
+        return
+
+    for xmlDrive in xmlDrives:
+
+        if xmlDrive.tag != "Drive" or ("disabled" in xmlDrive.attrib and xmlDrive.attrib["disabled"] == "1"):
+            continue
+
+        drive = {}
+        drive["filters"] = []
+        for xmlDriveProperty in xmlDrive:
+            if xmlDriveProperty.tag == "Properties":
+                try:
+                    drive["label"] = xmlDriveProperty.attrib["label"]
+                    drive["letter"] = xmlDriveProperty.attrib["letter"]
+                    drive["path"] = xmlDriveProperty.attrib["path"]
+                    drive["useLetter"] = xmlDriveProperty.attrib["useLetter"]
+                except Exception as e:
+                    logging.warning("Exception when parsing a drive policy XML file")
+                    logging.exception(e)
+                    continue
+
+            if xmlDriveProperty.tag == "Filters":
+                drive["filters"] = _parseXmlFilters(xmlDriveProperty)
+
+        shareList.append(drive)
+
+    shareList = _processFilters(shareList)
+
+    logging.info("Found shares:")
+    for drive in shareList:
+        logging.info("* {:10}| {:5}| {:40}| {:5}".format(drive["label"], drive["letter"], drive["path"], drive["useLetter"]))
+
+    for drive in shareList:
+        if drive["useLetter"] == "1":
+            shareName = f"{drive['label']} ({drive['letter']}:)"  
+        else:
+            shareName = drive["label"]
+        shares.mountShare(drive["path"], shareName=shareName)
+
+    logging.info("==> Successfully parsed a drive policy! ==")
+
+def _processPrintersPolicy(policyBasepath):
+    logging.info("== Parsing a printer policy! ==")
+    policyFile = "{}/User/Preferences/Printers/Printers.xml".format(policyBasepath)
+    printerList = []
+    # test
+    rc, tree = _parseXmlPolicy(policyFile)
+
+    if not rc:
+        logging.error("==> Error while reading Printer policy file, skipping! ==")
+        return
+
+    xmlPrinters = tree.getroot()
+
+    if not xmlPrinters.tag == "Printers":
+        logging.warning("==> Printer policy xml File is of invalid format, skipping! ==")
+        return
+
+    for xmlPrinter in xmlPrinters:
+
+        if xmlPrinter.tag != "SharedPrinter" or ("disabled" in xmlPrinter.attrib and xmlPrinter.attrib["disabled"] == "1"):
+            continue
+
+        printer = {}
+        printer["filters"] = []
+
+        try:
+            printer["name"] = xmlPrinter.attrib["name"]
+        except Exception as e:
+            logging.warning("Exception when reading a printer name from a printer policy XML file")
+            logging.exception(e)
+
+        for xmlPrinterProperty in xmlPrinter:
+            if xmlPrinterProperty.tag == "Properties":
+                try:
+                    rc, printerUrl = printers.translateSambaToIpp(xmlPrinterProperty.attrib["path"])
+                    if rc:
+                        printer["path"] = printerUrl
+                except Exception as e:
+                    logging.warning("Exception when parsing a printer policy XML file")
+                    logging.exception(e)
+                    continue
+
+            if xmlPrinterProperty.tag == "Filters":
+                printer["filters"] = _parseXmlFilters(xmlPrinterProperty)
+
+        printerList.append(printer)
+
+    printerList = _processFilters(printerList)
+
+    logging.info("Found printers:")
+    for printer in printerList:
+        logging.info("* {0}\t\t| {1}\t| {2}".format(printer["name"], printer["path"], printer["filters"]))
+        printers.installPrinter(printer["path"], printer["name"])
+
+    logging.info("==> Successfully parsed a printer policy! ==")
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
new file mode 100644
index 0000000..52430c3
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
@@ -0,0 +1,219 @@
+#
+# This is used to run hooks
+#
+
+from enum import Enum
+import os, subprocess
+from linuxmusterLinuxclient7 import logging, constants, user, config, computer, environment, setup, shares
+
+class Type(Enum):
+    """
+    Enum containing all hook types
+    """
+
+    Boot = 0
+    """The onBoot hook
+    """
+    Shutdown = 1
+    """The on Shutdown hook
+    """
+    LoginAsRoot = 2
+    """The onLoginAsRoot hook
+    """
+    Login = 3
+    """The onLogin hook
+    """
+    SessionStarted = 4
+    """The onSession started hook
+    """
+    LogoutAsRoot = 5
+    LoginLogoutAsRoot = 6
+
+remoteScriptNames = {
+    Type.Boot: "sysstart.sh",
+    Type.Login: "logon.sh",
+    Type.SessionStarted: "sessionstart.sh",
+    Type.Shutdown: "sysstop.sh"
+}
+
+_remoteScriptInUserContext = {
+    Type.Boot: False,
+    Type.Login: True,
+    Type.SessionStarted: True,
+    Type.Shutdown: False
+}
+
+def runLocalHook(hookType):
+    """
+    Run all scripts in a local hookdir
+
+    :param hookType: The type of hook to run
+    :type hookType: hooks.Type
+    """    
+    logging.info("=== Running local hook on{0} ===".format(hookType.name))
+    hookDir = _getLocalHookDir(hookType)
+    if os.path.exists(hookDir):
+        _prepareEnvironment()
+        for fileName in sorted(os.listdir(hookDir)):
+            filePath = hookDir + "/" + fileName
+            _runHookScript(filePath)
+    logging.info("===> Finished running local hook on{0} ===".format(hookType.name))
+
+
+def runRemoteHook(hookType):
+    """
+    Run hookscript from sysvol
+
+    :param hookType: The type of hook to run
+    :type hookType: hooks.Type
+    """    
+    logging.info("=== Running remote hook on{0} ===".format(hookType.name))
+    rc, hookScripts = _getRemoteHookScripts(hookType)
+
+    if rc:
+        _prepareEnvironment()
+        _runHookScript(hookScripts[0])
+        _runHookScript(hookScripts[1])
+
+    logging.info("===> Finished running remote hook on{0} ===".format(hookType.name))
+
+def runHook(hookType):
+    """
+    Executes hooks.runLocalHook() and hooks.runRemoteHook()
+
+    :param hookType: The type of hook to run
+    :type hookType: hooks.Type
+    """    
+    runLocalHook(hookType)
+    runRemoteHook(hookType)
+
+def getLocalHookScript(hookType):
+    """Get the path of a local hookscript
+
+    :param hookType: The type of hook script to get the path for
+    :type hookType: hooks.Type
+    :return: The path
+    :rtype: str
+    """
+    return "{0}/on{1}".format(constants.scriptDir,hookType.name)
+
+def shouldHooksBeExecuted(overrideUsername=None):
+    """Check if hooks should be executed
+
+    :param overrideUsername: Override the username to check, defaults to None
+    :type overrideUsername: str, optional
+    :return: True if hooks should be executed, fale otherwise
+    :rtype: bool
+    """
+    # check if linuxmuster-linuxclient7 is setup
+    if not setup.isSetup():
+        logging.info("==== Linuxmuster-linuxclient7 is not setup, exiting ====")
+        return False
+
+    # check if the computer is joined
+    if not computer.isInAD():
+        logging.info("==== This Client is not joined to any domain, exiting ====")
+        return False
+
+    # Check if the user is an AD user
+    if overrideUsername == None:
+        overrideUsername = user.username()
+
+    if not user.isUserInAD(overrideUsername):
+        logging.info("==== {0} is not an AD user, exiting ====".format(user.username()))
+        return False
+    
+    return True
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _prepareEnvironment():
+    dictsAndPrefixes = {}
+
+    rc, networkConfig = config.network()
+    if rc:
+        dictsAndPrefixes["Network"] = networkConfig
+
+    rc, userConfig = user.readAttributes()
+    if rc:
+        dictsAndPrefixes["User"] = userConfig
+
+    rc, computerConfig = computer.readAttributes()
+    if rc:
+        dictsAndPrefixes["Computer"] = computerConfig
+
+    environment = _dictsToEnv(dictsAndPrefixes)
+    _writeEnvironment(environment)
+
+def _getLocalHookDir(hookType):
+    return "{0}/on{1}.d".format(constants.etcBaseDir,hookType.name)
+
+def _getRemoteHookScripts(hookType):
+    if not hookType in remoteScriptNames:
+        return False, None
+
+    rc, networkConfig = config.network()
+
+    if not rc:
+        logging.error("Could not execute server hooks because the network config could not be read")
+        return False, None
+
+    if _remoteScriptInUserContext[hookType]:
+        rc, attributes = user.readAttributes()
+        if not rc:
+            logging.error("Could not execute server hooks because the user config could not be read")
+            return False, None
+    else:
+        rc, attributes = computer.readAttributes()
+        if not rc:
+            logging.error("Could not execute server hooks because the computer config could not be read")
+            return False, None
+
+    try:
+        domain = networkConfig["domain"]
+        school = attributes["sophomorixSchoolname"]
+        scriptName = remoteScriptNames[hookType]
+    except:
+        logging.error("Could not execute server hooks because the computer/user config is missing attributes")
+        return False, None
+
+    rc, sysvolPath = shares.getLocalSysvolPath()
+    if not rc:
+        logging.error("Could not execute server hook {} because the sysvol could not be mounted!\n")
+        return False, None
+
+    hookScriptPathTemplate = "{0}/{1}/scripts/{2}/{3}/linux/{4}".format(sysvolPath, domain, school, "{}", scriptName)
+
+    return True, [hookScriptPathTemplate.format("lmn"), hookScriptPathTemplate.format("custom")]
+
+# parameter must be a dict of {"prefix": dict}
+def _dictsToEnv(dictsAndPrefixes):
+    environmentDict = {}
+    for prefix in dictsAndPrefixes:
+        for key in dictsAndPrefixes[prefix]:
+            if type(dictsAndPrefixes[prefix][key]) is list:
+                environmentDict[prefix + "_" + key] = "\n".join(dictsAndPrefixes[prefix][key])
+            else:
+                environmentDict[prefix + "_" + key] = dictsAndPrefixes[prefix][key]
+
+    return environmentDict
+
+def _runHookScript(filePath):
+    if not os.path.isfile(filePath):
+        logging.warning("* File {0} should be executed as hook but does not exist!".format(filePath))
+        return
+    if not os.access(filePath, os.X_OK):
+        logging.warning("* File {0} is in hook dir but not executable!".format(filePath))
+        return
+
+    logging.info("== Executing script {0} ==".format(filePath))
+
+    result = subprocess.call([filePath])
+
+    logging.info("==> Script {0} finished with exit code {1} ==".format(filePath, result))
+
+def _writeEnvironment(environment):
+    for key in environment:
+        os.putenv(key, environment[key])
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
new file mode 100644
index 0000000..e0924b7
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
@@ -0,0 +1,220 @@
+import os, subprocess, shutil
+from linuxmusterLinuxclient7 import logging, setup, realm, user, constants, printers, fileHelper
+
+def prepareForImage(unattended=False):
+    """Prepare the computer for creating an image
+
+    :param unattended: If set to True, all questions will be answered with yes, defaults to False
+    :type unattended: bool, optional
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info("#### Image preparation ####")
+
+    try:
+        if not _testDomainJoin(unattended):
+            return False
+
+        if not _upgradeSystem(unattended):
+            return False
+
+        if not _clearCaches(unattended):
+            return False
+
+        if not _clearUserHomes(unattended):
+            return False
+
+        if not _clearUserCache(unattended):
+            return False
+
+        if not _clearPrinters(unattended):
+            return False
+
+        if not _clearLogs(unattended):
+            return False
+
+        if not _emptyTrash(unattended):
+            return False
+
+    except KeyboardInterrupt:
+        print()
+        logging.info("Cancelled.")
+        return False
+
+    print()
+    logging.info("####    Image preparation done      ####")
+    logging.info("#### You may create an Image now :) ####")
+    print()
+    return True
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _askStep(step, printPlaceholder=True):
+    if printPlaceholder:
+        print()
+    response = input("Do you want to {}? (y/n): ".format(step))
+    result = response in ["y", "Y", "j", "J"]
+    if result:
+        print()
+    return result
+
+def _testDomainJoin(unattended=False):
+    if not unattended and not _askStep("test if the domain join works"):
+        return True
+
+    return setup.status()
+
+def _upgradeSystem(unattended=False):
+    if not unattended and not _askStep("update this computer now"):
+        return True
+    
+    # Perform an update
+    logging.info("Updating this computer now...")
+
+    if subprocess.call(["apt", "update"]) != 0:
+        logging.error("apt update failed!")
+        return False
+    
+    if subprocess.call(["apt", "dist-upgrade", "-y"]) != 0:
+        logging.error("apt dist-upgrade failed!")
+        return False
+    
+    if subprocess.call(["apt", "autoremove", "-y"]) != 0:
+        logging.error("apt autoremove failed!")
+        return False
+    
+    if subprocess.call(["apt", "clean", "-y"]) != 0:
+        logging.error("apt clean failed!")
+        return False
+
+    return True
+    
+def _clearCaches(unattended=False):    
+    if not unattended and not _askStep("clear journalctl and apt caches now"):
+        return True
+
+    logging.info("Cleaning caches..")
+    logging.info("* apt")
+    fileHelper.deleteAllInDirectory("/var/lib/apt/lists/")
+    logging.info("* journalctl")
+    subprocess.call(["journalctl", "--flush", "--rotate"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    subprocess.call(["journalctl", "--vacuum-time=1s"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    logging.info("Done.")
+    return True
+
+def _checkLoggedInUsers():
+    result = subprocess.run("who -s | awk '{ print $1 }'", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if result.returncode != 0:
+        logging.error("Failed to get logged in users!")
+        return False, None
+
+    loggedInUsers = list(filter(None, result.stdout.split("\n")))
+
+    for loggedInUser in loggedInUsers:
+        if user.isUserInAD(loggedInUser):
+            logging.error("User {} is still logged in, please log out first! Aborting!".format(loggedInUser))
+            return False
+
+    return True
+
+def _clearUserCache(unattended=False):
+    if not unattended and not _askStep("clear all cached users now"):
+        return True
+
+    if not _checkLoggedInUsers():
+        return False
+
+    realm.clearUserCache()
+
+    logging.info("Done.")
+
+    return realm.clearUserCache()
+
+def _unmountAllCifsMounts():
+    logging.info("Unmounting all CIFS mounts!")
+    if subprocess.call(["umount",  "-a", "-t", "cifs", "-l"]) != 0:
+        logging.info("Failed!")
+        return False
+
+    # double check (just to be sure)
+    result = subprocess.run("mount", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if result.returncode != 0:
+        logging.error("Failed to get mounts!")
+        return False
+
+    if ("cifs" in result.stdout) or ("CIFS" in result.stdout):
+        logging.error("There are still shares mounted!")
+        logging.info("Use \"mount | grep cifs\" to view them.")
+        return False
+
+    return True
+
+def _clearUserHomes(unattended=False):
+    print("\nCAUTION! This will delete all userhomes of AD users!")
+    if not unattended and not _askStep("clear all user homes now", False):
+        return True
+
+    if not _checkLoggedInUsers():
+        return False
+
+    if not _unmountAllCifsMounts():
+        logging.info("Aborting deletion of user homes to prevent deleting data on the server.")
+        return False
+
+    userHomes = os.listdir("/home")
+
+    logging.info("Deleting all user homes now!")
+    for userHome in userHomes:
+        if not user.isUserInAD(userHome):
+            logging.info("* {} [SKIPPED]".format(userHome))
+            continue
+
+        logging.info("* {}".format(userHome))
+        try:
+            shutil.rmtree("/home/{}".format(userHome))
+        except Exception as e:
+            logging.error("* FAILED!")
+            logging.exception(e)
+        
+        try:
+            shutil.rmtree(constants.hiddenShareMountBasepath.format(userHome))
+        except:
+            pass
+    
+    logging.info("Done.")
+    return True
+
+def _clearPrinters(unattended=False):
+    print("\nCAUTION! This will delete all printers of {}!".format(constants.templateUser))
+    print("This makes sure that local printers do not conflict with remote printers defined by GPOs.")
+    if not unattended and not _askStep("remove all local printers of {}".format(constants.templateUser), False):
+        return True
+    
+    if not printers.uninstallAllPrintersOfUser(constants.templateUser):
+        return False
+
+    return True
+
+def _clearLogs(unattended=False):
+    if not unattended and not _askStep("clear the syslog"):
+        return True
+    
+    if not fileHelper.deleteFile("/var/log/syslog"):
+        return False
+
+    subprocess.call(["sudo", "service", "rsyslog", "restart"])
+
+    return True
+
+def _emptyTrash(unattended=False):
+    if not unattended and not _askStep("clear the Trash of linuxadmin"):
+        return True
+
+    if not fileHelper.deleteAllInDirectory("/home/{}/.local/share/Trash".format(constants.templateUser)):
+        return False
+    
+    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
new file mode 100644
index 0000000..ce8556a
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
@@ -0,0 +1,52 @@
+from krb5KeytabUtil import Krb5KeytabUtil
+from linuxmusterLinuxclient7 import computer, config, logging
+
+def patchKeytab():
+    """
+    Patches the `/etc/krb5.keytab` file. It inserts the correct hostname of the current computer.
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    krb5KeytabFilePath = "/etc/krb5.keytab"
+    logging.info("Patching {}".format(krb5KeytabFilePath))
+    krb5KeytabUtil = Krb5KeytabUtil(krb5KeytabFilePath)
+
+    try:
+        krb5KeytabUtil.read()
+    except:
+        logging.error("Error reading {}".format(krb5KeytabFilePath))
+        return False
+
+    for entry in krb5KeytabUtil.keytab.entries:
+        oldData = entry.principal.components[-1].data
+        if len(entry.principal.components) == 1:
+            newData = computer.hostname().upper() + "$"
+            entry.principal.components[0].data = newData
+
+        elif len(entry.principal.components) == 2 and (entry.principal.components[0].data == "host" or entry.principal.components[0].data == "RestrictedKrbHost"):
+            rc, networkConfig = config.network()
+            if not rc:
+                continue
+
+            newData = ""
+            domain = networkConfig["domain"]
+            if domain in entry.principal.components[1].data:
+                newData = computer.hostname().lower() + "." + domain
+            else:
+                newData = computer.hostname().upper()
+
+            entry.principal.components[1].data = newData
+
+        logging.debug("{} was changed to {}".format(oldData, entry.principal.components[-1].data))
+    
+    logging.info("Trying to overwrite {}".format(krb5KeytabFilePath))
+    try:
+        result = krb5KeytabUtil.write()
+    except:
+        result = False
+
+    if not result:
+        logging.error("Error overwriting {}".format(krb5KeytabFilePath))
+    
+    return result
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
new file mode 100644
index 0000000..c9856f4
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
@@ -0,0 +1,148 @@
+import ldap, ldap.sasl, sys, getpass, subprocess
+from linuxmusterLinuxclient7 import logging, constants, config, user, computer
+
+_currentLdapConnection = None
+
+def serverUrl():
+    """
+    Returns the server URL
+
+    :return: The server URL
+    :rtype: str
+    """
+    rc, networkConfig = config.network()
+
+    if not rc:
+        return False, None
+
+    serverHostname = networkConfig["serverHostname"]
+    return 'ldap://{0}'.format(serverHostname)
+
+def baseDn():
+    """
+    Returns the base DN
+
+    :return: The baseDN
+    :rtype: str
+    """
+    rc, networkConfig = config.network()
+
+    if not rc:
+        return None
+
+    domain = networkConfig["domain"]
+    return "dc=" + domain.replace(".", ",dc=")
+
+def conn():
+    """
+    Returns the ldap connection object
+
+    :return: The ldap connection object
+    :rtype: ldap.ldapobject.LDAPObject
+    """
+    global _currentLdapConnection
+
+    if _connect():
+        return _currentLdapConnection
+    
+    return None
+
+def searchOne(filter):
+    """Searches the LDAP with a filter and returns the first found object
+
+    :param filter: A valid ldap filter
+    :type filter: str
+    :return: Tuple (success, ldap object as dict)
+    :rtype: tuple
+    """
+    if conn() == None:
+        logging.error("Cannot talk to LDAP")
+        return False, None
+
+    try:
+        rawResult = conn().search_s(
+                baseDn(),
+                ldap.SCOPE_SUBTREE,
+                filter
+                )
+    except Exception as e:
+        logging.error("Error executing LDAP search!")
+        logging.exception(e)
+        return False, None
+
+    try:
+        result =  {}
+
+        if len(rawResult) <= 0 or rawResult[0][0] == None:
+            logging.debug(f"Search \"{filter}\" did not return any objects")
+            return False, None
+
+        for k in rawResult[0][1]:
+            if rawResult[0][1][k] != None:
+                rawAttribute = rawResult[0][1][k]
+                try:
+                    if len(rawAttribute) == 1:
+                        result[k] = str(rawAttribute[0].decode())
+                    elif len(rawAttribute) > 0:
+                        result[k] = []
+                        for rawItem in rawAttribute:
+                            result[k].append(str(rawItem.decode()))
+                except UnicodeDecodeError:
+                    continue
+                
+        return True, result
+
+    except Exception as e:
+        logging.error("Error while reading ldap search results!")
+        logging.exception(e)
+        return False, None
+
+def isObjectInGroup(objectDn, groupName):
+    """
+    Check if a given object is in a given group
+
+    :param objectDn: The DN of the object
+    :type objectDn: str
+    :param groupName: The name of the group
+    :type groupName: str
+    :return: True if it is a member, False otherwise
+    :rtype: bool
+    """
+    logging.debug("= Testing if object {0} is a member of group {1} =".format(objectDn, groupName))
+    rc, groupAdObject = searchOne("(&(member:1.2.840.113556.1.4.1941:={0})(sAMAccountName={1}))".format(objectDn, groupName))
+    logging.debug("=> Result: {} =".format(rc))
+    return rc
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _connect():
+    global _currentLdapConnection
+
+    if not user.isInAD() and not (user.isRoot() or not computer.isInAD()):
+        logging.warning("Cannot perform LDAP search: User is not in AD!")
+        _currentLdapConnection = None
+        return False
+
+    if not _currentLdapConnection == None:
+        return True
+
+    try:
+        sasl_auth = ldap.sasl.sasl({} ,'GSSAPI')
+        _currentLdapConnection = ldap.initialize(serverUrl(), trace_level=0)
+        # TODO:
+        # conn.set_option(ldap.OPT_X_TLS_CACERTFILE, '/path/to/ca.pem')
+        # conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
+        # conn.start_tls_s()
+        _currentLdapConnection.set_option(ldap.OPT_REFERRALS,0)
+        _currentLdapConnection.protocol_version = ldap.VERSION3
+
+        _currentLdapConnection.sasl_interactive_bind_s("", sasl_auth)
+    except Exception as e:
+        _currentLdapConnection = None
+        logging.error("Cloud not bind to ldap!")
+        logging.exception(e)
+        return False
+
+    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
new file mode 100644
index 0000000..f1adcc8
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
@@ -0,0 +1,19 @@
+import subprocess
+from linuxmusterLinuxclient7 import logging
+
+def getGroupsOfLocalUser(username):
+    """
+    Get all groups of a local user
+
+    :param username: The username of the user
+    :type username: str
+    :return: Tuple (success, list of groups)
+    :rtype: tuple
+    """
+    try:
+        groups = subprocess.check_output(["id", "-Gnz", username])
+        stringList=[x.decode('utf-8') for x in groups.split(b"\x00")]
+        return True, stringList
+    except Exception as e:
+        logging.warning("Exception when querying groups of user {}, it probaply does not exist".format(username))
+        return False, None
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
new file mode 100644
index 0000000..f73cb68
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
@@ -0,0 +1,130 @@
+import logging, os, traceback, re, sys, subprocess
+from enum import Enum
+from linuxmusterLinuxclient7 import user, config
+
+class Level(Enum):
+    DEBUG = 0
+    INFO = 1
+    WARNING = 2
+    ERROR = 3
+    FATAL = 4
+
+def debug(message):
+    """
+    Do a debug log.
+
+    :param message: The message to log
+    :type message: str
+    """
+    _log(Level.DEBUG, message)
+
+def info(message):
+    """
+    Do an info log.
+
+    :param message: The message to log
+    :type message: str
+    """
+    _log(Level.INFO, message)
+
+def warning(message):
+    """
+    Do a warning log.
+
+    :param message: The message to log
+    :type message: str
+    """
+    _log(Level.WARNING, message)
+
+def error(message):
+    """
+    Do an error log.
+
+    :param message: The message to log
+    :type message: str
+    """
+    _log(Level.ERROR, message)
+
+def fatal(message):
+    """
+    Do a fatal log. If used in onLogin hook, this will create a dialog containing the message.
+
+    :param message: The message to log
+    :type message: str
+    """
+    _log(Level.FATAL, message)
+
+def exception(exception):
+    """
+    Log an exception
+
+    :param exception: The exception to log
+    :type exception: Exception
+    """
+    error("=== An exception occurred ===")
+    error(str(exception))
+    # Only use for debugging! This will cause ugly error dialogs in X11
+    #traceback.print_tb(exception.__traceback__)
+    error("=== end exception ===")
+
+def printLogs(compact=False,anonymize=False):
+    """
+    Print logs of linuxmuster-linuxclient7 from `/var/log/syslog`.
+
+    :param compact: If set to True, some stuff like time and date will be removed. Defaults to False
+    :type compact: bool, optional
+    :param anonymize: If set to True, domain/realm/serverHostname will be replaced by linuxmuster.lan. Defaults to False
+    :type anonymize: bool, optional
+    """
+    print("===========================================")
+    print("=== Linuxmuster-linuxclient7 logs begin ===")
+
+    (rc, networkConfig) = config.network()
+    if rc:
+        domain = networkConfig["domain"]
+        serverHostname = networkConfig["serverHostname"]
+        realm= networkConfig["realm"]
+
+    with open("/var/log/syslog") as logfile:
+        startPattern = re.compile("^.*linuxmuster-linuxclient7[^>]+======$")
+        endPattern = re.compile("^.*linuxmuster-linuxclient7.*======>.*$")
+
+        currentlyInsideOfLinuxmusterLinuxclient7Log = False
+
+        for line in logfile:
+            line = line.replace("\n", "")
+            if startPattern.fullmatch(line):
+                currentlyInsideOfLinuxmusterLinuxclient7Log = True
+                print("\n")
+
+            if currentlyInsideOfLinuxmusterLinuxclient7Log:
+                if compact:
+                    # "^([^ ]+[ ]+){4}" matches "Apr  6 14:39:23 somehostname" 
+                    line = re.sub("^([^ ]+[ ]+){4}", "", line)
+                if anonymize and rc:
+                    line = re.sub(serverHostname, "server.linuxmuster.lan", line)
+                    line = re.sub(domain, "linuxmuster.lan", line)
+                    line = re.sub(realm, "LINUXMUSTER.LAN", line)
+
+                print(line)
+
+            if endPattern.fullmatch(line):
+                currentlyInsideOfLinuxmusterLinuxclient7Log = False
+                print("\n")
+            
+    print("=== Linuxmuster-linuxclient7 logs end ===")
+    print("=========================================")
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _log(level, message):
+    #if level == Level.DEBUG:
+    #    return
+    if level == Level.FATAL:
+        sys.stderr.write(message)
+        
+    print("[{0}] {1}".format(level.name, message))
+    message = message.replace("'", "")
+    subprocess.call(["logger", "-t", "linuxmuster-linuxclient7", f"[{level.name}] {message}"])
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
new file mode 100644
index 0000000..d4e42a1
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
@@ -0,0 +1,129 @@
+import os, subprocess, re
+from linuxmusterLinuxclient7 import logging, user
+
+def installPrinter(networkPath, name=None, username=None):
+    """
+    Installs a networked printer for a user
+
+    :param networkPath: The network path of the printer
+    :type networkPath: str
+    :param name: The name for the printer, defaults to None
+    :type name: str, optional
+    :param username: The username of the user whom the is installed printer for. Defaults to the executing user
+    :type username: str, optional
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    if username == None:
+        username = user.username()
+
+    if user.isRoot():
+        return _installPrinter(username, networkPath, name)
+    else:
+        # This will call installPrinter() again with root privileges
+        return _installPrinterWithoutRoot(networkPath, name)
+
+    pass
+
+def uninstallAllPrintersOfUser(username):
+    """
+    Uninstalls all printers of a given user
+
+    :param username: The username of the user
+    :type username: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info("Uninstalling all printers of {}".format(username))
+    rc, installedPrinters = _getInstalledPrintersOfUser(username)
+
+    if not rc:
+        logging.error("Error getting printers!")
+        return False
+
+    for installedPrinter in installedPrinters:
+        if not _uninstallPrinter(installedPrinter):
+            return False
+
+    return True
+
+def translateSambaToIpp(networkPath):
+    """
+    Translates a samba url, like `\\server\PRINTER-01`, to an ipp url like `ipp://server/printers/PRINTER-01`.
+
+    :param networkPath: The samba url
+    :type networkPath: str
+    :return: An ipp url
+    :rtype: str
+    """
+    networkPath = networkPath.replace("\\", "/")
+    # path has to be translated: \\server\EW-FARBLASER -> ipp://server/printers/EW-farblaser
+    pattern = re.compile("\\/\\/([^/]+)\\/(.*)")
+
+    result = pattern.findall(networkPath)
+    if len(result) != 1 or len(result[0]) != 2:
+        logging.error("Cannot convert printer network path from samba to ipp, as it is invalid: {}".format(networkPath))
+        return False, None
+
+    ippNetworkPath = "ipp://{0}/printers/{1}".format(result[0][0], result[0][1])
+    return True, ippNetworkPath
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _installPrinter(username, networkPath, name):
+    logging.info("Install Printer {0} on {1}".format(name, networkPath))
+    installCommand = ["timeout", "10", "lpadmin", "-p", name, "-E", "-v", networkPath, "-m", "everywhere", "-u", f"allow:{username}"]
+    logging.debug("* running '{}'".format(" ".join(installCommand)))
+    p = subprocess.call(installCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p  == 0:
+        logging.debug("* Success Install Printer!")
+        return True
+    elif p == 124:
+        logging.fatal(f"* Timeout error while installing printer {name} on {networkPath}")
+    else:
+        logging.fatal(f"* Error installing printer {name} on {networkPath}!")
+    return False
+
+def _installPrinterWithoutRoot(networkPath, name):
+    return subprocess.call(["sudo", "/usr/share/linuxmuster-linuxclient7/scripts/sudoTools", "install-printer", "--path", networkPath, "--name", name]) == 0
+
+def _getInstalledPrintersOfUser(username):
+    logging.info(f"Getting installed printers of {username}")
+    command = f"lpstat -U {username} -p"
+    #logging.debug("running '{}'".format(command))
+
+    result = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if not result.returncode == 0:
+        logging.info("No Printers installed.")
+        return True, []
+
+    rawInstalledPrinters = list(filter(None, result.stdout.split("\n")))
+    installedPrinters = []
+    
+    for rawInstalledPrinter in rawInstalledPrinters:
+        rawInstalledPrinterList = list(filter(None, rawInstalledPrinter.split(" ")))
+        
+        if len(rawInstalledPrinterList) < 2:
+            continue
+
+        installedPrinter = rawInstalledPrinterList[1]
+        installedPrinters.append(installedPrinter)
+
+    return True, installedPrinters
+
+def _uninstallPrinter(name):
+    logging.info("Uninstall Printer {}".format(name))
+    uninstallCommand = ["timeout", "10", "lpadmin", "-x", name]
+    logging.debug("* running '{}'".format(" ".join(uninstallCommand)))
+    p = subprocess.call(uninstallCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p  == 0:
+        logging.debug("* Success Uninstall Printer!")
+        return True
+    elif p == 124:
+        logging.fatal(f"* Timeout error while installing printer {name}")
+    else:
+        logging.fatal(f"* Error Uninstalling Printer {name}!")
+    return False
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
new file mode 100644
index 0000000..3847529
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
@@ -0,0 +1,195 @@
+import os, sys, subprocess, configparser
+from linuxmusterLinuxclient7 import logging, computer
+
+def join(domain, user):
+    """
+    Joins the computer to an AD
+
+    :param domain: The domain to join
+    :type domain: str
+    :param user: The admin user used for joining
+    :type user: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    # join the domain using the kerberos ticket
+    joinCommand = ["realm", "join", "-v", domain, "-U", user]
+    if subprocess.call(joinCommand) != 0:
+        print()
+        logging.error('Failed! Did you enter the correct password?')
+        return False
+
+    logging.info("It looks like the domain was joined successfully.")
+    return True
+
+def leave(domain):
+    """
+    Leave a domain
+
+    :param domain: The domain to leave
+    :type domain: str
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    leaveCommand = ["realm", "leave", domain]
+    return subprocess.call(leaveCommand) == 0
+
+def leaveAll():
+    """
+    Leaves all joined domains
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info("Cleaning / leaving all domain joins")
+
+    rc, joinedDomains = getJoinedDomains()
+    if not rc:
+        return False
+
+    for joinedDomain in joinedDomains:
+        logging.info("* {}".format(joinedDomain))
+        if not leave(joinedDomain):
+            logging.error("-> Failed! Aborting!")
+            return False
+    
+    logging.info("-> Done!")
+    return True
+
+def isJoined():
+    """
+    Checks if the computer is joined to a domain
+
+    :return: True if it is joined to one or more domains, False otherwise
+    :rtype: bool
+    """
+    rc, joinedDomains = getJoinedDomains()
+    if not rc:
+        return False
+    else:
+        return len(joinedDomains) > 0
+
+def pullKerberosTicketForComputerAccount():
+    """
+    Pulls a kerberos ticket using the computer account from `/etc/krb5.keytab`
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    return subprocess.call(["kinit", "-k", computer.krbHostName()]) == 0
+
+def verifyDomainJoin():
+    """
+    Checks if the domain join actually works.
+
+    :return: True if it does, False otherwise
+    :rtype: bool
+    """
+    logging.info("Testing if the domain join actually works")
+    if not isJoined():
+        logging.error("No domain is joined!")
+        return False
+    
+    logging.info("* Checking if the group \"domain users\" exists")
+    if subprocess.call(["getent", "group", "domain users"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) != 0:
+        logging.error("The \"domain users\" group does not exists! Users wont be able to log in!")
+        logging.error("This is sometimes related to /etc/nsswitch.conf.")
+        return False
+
+    # Try to get a kerberos ticket for the computer account
+    logging.info("* Trying to get a kerberos ticket for the Computer Account")
+    if not pullKerberosTicketForComputerAccount():
+        logging.error("Could not get a kerberos ticket for the Computer Account!")
+        logging.error("Logins of non-cached users WILL NOT WORK!")
+        logging.error("Please try to re-join the Domain.")
+        return False
+    
+    
+    logging.info("The domain join is working!")
+    return True
+
+def getJoinedDomains():
+    """
+    Returns all joined domains
+
+    :return: Tuple (success, list of joined domians)
+    :rtype: tuple
+    """
+    result = subprocess.run("realm list --name-only", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if result.returncode != 0:
+        logging.error("Failed to read domain joins!")
+        return False, None
+
+    return True, list(filter(None, result.stdout.split("\n")))
+
+def discoverDomains():
+    """
+    Searches for avialable domains on the current network
+
+    :return: Tuple (success, list of available domains)
+    :rtype: tuple
+    """
+    result = subprocess.run("realm discover --name-only", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if result.returncode != 0:
+        logging.error("Failed to discover available domains!")
+        return False, None
+
+    return True, list(filter(None, result.stdout.split("\n")))
+
+def getDomainConfig(domain):
+    """
+    Looks up all relevant properties of a domain:
+    - domain controller IP
+    - domain name
+
+    :param domain: The domain to check
+    :type domain: str
+    :return: Tuple (success, dict with domain config)
+    :rtype: tuple
+    """
+    result = subprocess.run("adcli info '{}'".format(domain), stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
+
+    if result.returncode != 0:
+        logging.error("Failed to get details of domain {}!".format(domain))
+        return False, None
+
+    rawConfig = _readConfigFromString(result.stdout)
+    try:
+        rawDomainConfig = rawConfig["domain"]
+    except KeyError:
+        logging.error("Error when reading domain details")
+        return False, None
+
+    domainConfig = {}
+
+    try:
+        domainConfig["domain-controller"] = rawDomainConfig["domain-controller"]
+        domainConfig["domain-name"] = rawDomainConfig["domain-name"]
+    except KeyError:
+        logging.error("Error when reading domain details (2)")
+        return False, None
+
+    return True, domainConfig
+
+def clearUserCache():
+    """
+    Clears the local user cache
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    # clean sssd cache
+    logging.info("Cleaning sssd cache.")
+    subprocess.call(["sssctl", "cache-remove", "--stop", "--start", "--override"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    return True
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _readConfigFromString(string):
+    configParser = configparser.ConfigParser()
+    configParser.read_string(string)
+    return configParser
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
new file mode 100644
index 0000000..85994fe
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
@@ -0,0 +1,364 @@
+import os, re, sys, configparser, subprocess, shutil
+from pathlib import Path
+from linuxmusterLinuxclient7 import logging, constants, hooks, shares, config, user, templates, realm, fileHelper, printers, computer
+
+def setup(domain=None, user=None):
+    """
+    Sets up the client to be able to act in a linuxmuster environment
+
+    :param domain: The domain to join, defaults to the first discovered domain
+    :type domain: str, optional
+    :param user: The admin user for the join, defaults to global-admin
+    :type user: str, optional
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info('#### linuxmuster-linuxclient7 setup ####')
+
+    if not realm.clearUserCache():
+        return False
+
+    if not _cleanOldDomainJoins():
+        return False
+
+    rc, domain = _findDomain(domain)
+    if not rc:
+        return False
+
+    if user == None:
+        user = constants.defaultDomainAdminUser
+
+    if not _prepareNetworkConfiguration(domain):
+        return False
+
+    if not _deleteObsoleteFiles():
+        return False
+
+    if not templates.applyAll():
+        return False
+
+    if not _preparePam():
+        return False
+
+    if not _prepareServices():
+        return False
+
+    # Actually join domain!
+    print()
+    logging.info(f"#### Joining domain {domain} ####")
+
+    if not realm.join(domain, user):
+        return False
+
+    # copy server ca certificate in place
+    # This will also make sure that the domain join actually worked;
+    # mounting the sysvol will fail otherwise.
+    if not _installCaCertificate(domain, user):
+        return False
+
+    if not _adjustSssdConfiguration(domain):
+        return False
+
+    # run a final test
+    if not realm.verifyDomainJoin():
+        return False
+
+    print("\n\n")
+
+    logging.info(f"#### SUCCESSFULLY joined domain {domain} ####")
+
+    return True
+
+def status():
+    """
+    Checks the status of the client
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info('#### linuxmuster-linuxclient7 status ####')
+
+    if not isSetup():
+        logging.info("Not setup!")
+        return False
+
+    logging.info("Linuxmuster-linuxclient7 is setup!")
+    logging.info("Testing if domain is joined...")
+
+    logging.info("Checking joined domains")
+    rc, joinedDomains = realm.getJoinedDomains()
+    if not rc:
+        return False
+
+    print()
+    logging.info("Joined domains:")
+    for joinedDomain in joinedDomains:
+        logging.info(f"* {joinedDomain}")
+    print()
+
+    if len(joinedDomains) > 0 and not realm.verifyDomainJoin():
+        print()
+        # Give a little explination to our users :)
+        print("\n===============================================================================================")
+        print("This Computer is joined to a domain, but it was not possible to authenticate")
+        print("to the domain controller. There is an error with your domain join! The login WILL NOT WORK!")
+        print("Please try to re-join the domain using 'linuxmuster-linuxclient7 setup' and create a new image.")
+        print("===============================================================================================\n")
+        return False
+    elif len(joinedDomains) <= 0:
+        print()
+        logging.info('#### This client is not joined to any domain. ####')
+        print("#### To join a domain, run \"linuxmuster-linuxclient7 setup\" ####")
+
+    print()
+
+    logging.info('#### linuxmuster-linuxclient7 is fully setup and working! ####')
+
+    return True
+
+def upgrade():
+    """
+    Performs an upgrade of the linuxmuster-linuxclient7. This is executed after the package is updated.
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    if not isSetup():
+        logging.info("linuxmuster-linuxclient7 does not seem to be setup -> no upgrade is needed")
+        return True
+
+    logging.info('#### linuxmuster-linuxclient7 upgrade ####')
+    if not config.upgrade():
+        return False
+
+    if not _deleteObsoleteFiles():
+        return False
+
+    if not templates.applyAll():
+        return False
+
+    if not _prepareServices():
+        return False
+
+    rc, joinedDomains = realm.getJoinedDomains()
+    if not rc:
+        return False
+    
+    for domain in joinedDomains:
+        _adjustSssdConfiguration(domain)
+
+    logging.info('#### linuxmuster-linuxclient7 upgrade SUCCESSFULL ####')
+    return True
+
+def clean():
+    """Removes all sensitive files like keys and leaves all domain joins.
+    """
+    logging.info("#### linuxmuster-linuxclient7 clean ####")
+
+    realm.clearUserCache()
+    _cleanOldDomainJoins()
+
+    # clean /etc/pam.d/common-session
+    logging.info("Cleaning /etc/pam.d/common-session to prevent logon brick")
+    fileHelper.removeLinesInFileContainingString("/etc/pam.d/common-session", ["pam_mkhomedir.so", "pam_exec.so", "pam_mount.so", "linuxmuster.net", "linuxmuster-linuxclient7", "linuxmuster-client-adsso"])
+
+    logging.info('#### linuxmuster-linuxclient7 clean SUCCESSFULL ####')
+
+def isSetup():
+    """
+    Checks if the client is setup.
+
+    :return: True if setup, False otherwise
+    :rtype: bool
+    """
+    return os.path.isfile(constants.networkConfigFilePath) 
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _cleanOldDomainJoins():
+    # stop sssd
+    logging.info("Stopping sssd")
+    if subprocess.call(["service", "sssd", "stop"]) != 0:
+        logging.error("Failed!")
+        return False
+
+    # Clean old domain join data
+    logging.info("Deleting old kerberos tickets.")
+    subprocess.call(["kdestroy"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+
+    if not realm.leaveAll():
+        return False
+
+    # delete krb5.keytab file, if existent
+    logging.info('Deleting krb5.keytab if it exists ... ')
+    if not fileHelper.deleteFile("/etc/krb5.keytab"):
+        return False
+
+    # delete old CA Certificate
+    logging.info('Deleting old CA certificate if it exists ... ')
+    if not fileHelper.deleteFilesWithExtension("/var/lib/samba/private/tls", ".pem"):
+        return False
+
+    # remove network.conf
+    logging.info(f"Deleting {constants.networkConfigFilePath} if exists ...")
+    if not fileHelper.deleteFile(constants.networkConfigFilePath):
+        return False
+
+    return True
+
+def _findDomain(domain=None):
+    logging.info("Trying to discover available domains...")
+    rc, availableDomains = realm.discoverDomains()
+    if not rc or len(availableDomains) < 1:
+        logging.error("Could not discover any domain!")
+        return False, None
+    
+    if domain == None:
+        domain = availableDomains[0]
+        logging.info(f"Using first discovered domain {domain}")
+    elif domain in availableDomains:
+        logging.info(f"Using domain {domain}")
+    else:
+        print("\n")
+        logging.error(f"Could not find domain {domain}!")
+        return False, None
+    
+    return True, domain
+
+def _prepareNetworkConfiguration(domain):
+    logging.info("Preparing network configuration")
+    rc, domainConfig = realm.getDomainConfig(domain)
+    if not rc:
+        logging.error("Could not read domain configuration")
+        return False
+
+    newNetworkConfig = {}
+    newNetworkConfig["serverHostname"] = domainConfig["domain-controller"]
+    newNetworkConfig["domain"] = domainConfig["domain-name"]
+    newNetworkConfig["realm"] = domainConfig["domain-name"].upper()
+
+    config.writeNetworkConfig(newNetworkConfig)
+
+    return True
+
+def _preparePam():
+    # enable necessary pam modules
+    logging.info('Updating pam configuration ... ')
+    subprocess.call(['pam-auth-update', '--package', '--enable', 'libpam-mount', 'pwquality', 'sss', '--force'])
+    ## mkhomedir was injected in template not using pam-auth-update
+    subprocess.call(['pam-auth-update', '--package', '--remove', 'krb5', 'mkhomedir', '--force'])
+
+    return True
+
+def _prepareServices():
+    logging.info("Raloading systctl daemon")
+    subprocess.call(["systemctl", "daemon-reload"])
+
+    logging.info('Enabling services:')
+    services = ['linuxmuster-linuxclient7', 'smbd', 'nmbd', 'sssd']
+    for service in services:
+        logging.info('* %s' % service)
+        subprocess.call(['systemctl','enable', service + '.service'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+
+    logging.info('Restarting services:')
+    services = ['smbd', 'nmbd', 'systemd-timesyncd']
+    for service in services:
+        logging.info('* %s' % service)
+        subprocess.call(['systemctl', 'restart' , service + '.service'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+
+    return True
+
+def _installCaCertificate(domain, user):
+    logging.info('Installing server ca certificate ... ')
+
+    # try to mount the share
+    rc, sysvolMountpoint = shares.getLocalSysvolPath()
+    if not rc:
+        logging.error("Failed to mount sysvol!")
+        return False
+
+    cacertPath = f"{sysvolMountpoint}/{domain}/tls/cacert.pem"
+    cacertTargetPath = f"/var/lib/samba/private/tls/{domain}.pem"
+
+    logging.info("Copying CA certificate from server to client!")
+    try:
+        Path(Path(cacertTargetPath).parent.absolute()).mkdir(parents=True, exist_ok=True)
+        shutil.copyfile(cacertPath, cacertTargetPath)
+    except Exception as e:
+        logging.error("Failed!")
+        logging.exception(e)
+        return False
+
+    # make sure the file was successfully copied
+    if not os.path.isfile(cacertTargetPath):
+        logging.error('Failed to copy over CA certificate!')
+        return False
+
+    # unmount sysvol
+    shares.unmountAllSharesOfUser(computer.krbHostName())
+
+    return True
+
+def _adjustSssdConfiguration(domain):
+    logging.info("Adjusting sssd.conf")
+
+    sssdConfigFilePath = '/etc/sssd/sssd.conf'
+    sssdConfig = configparser.ConfigParser(interpolation=None)
+
+    sssdConfig.read(sssdConfigFilePath)
+    # accept usernames without domain
+    sssdConfig[f"domain/{domain}"]["use_fully_qualified_names"] = "False"
+
+    # override homedir
+    sssdConfig[f"domain/{domain}"]["override_homedir"] = "/home/%u"
+
+    # Don't validate KVNO! Otherwise the Login will fail when the KVNO stored 
+    # in /etc/krb5.keytab does not match the one in the AD (msDS-KeyVersionNumber)
+    sssdConfig[f"domain/{domain}"]["krb5_validate"] = "False"
+
+    sssdConfig[f"domain/{domain}"]["ad_gpo_access_control"] = "permissive"
+    sssdConfig[f"domain/{domain}"]["ad_gpo_ignore_unreadable"] = "True"
+
+    # Don't renew the machine password, as this will break the domain join
+    # See: https://github.com/linuxmuster/linuxmuster-linuxclient7/issues/27
+    sssdConfig[f"domain/{domain}"]["ad_maximum_machine_account_password_age"] = "0"
+
+    # Make sure usernames are not case sensitive
+    sssdConfig[f"domain/{domain}"]["case_sensitive"] = "False"
+
+    try:
+        logging.info("Writing new Configuration")
+        with open(sssdConfigFilePath, 'w') as sssdConfigFile:
+            sssdConfig.write(sssdConfigFile)
+
+    except Exception as e:
+        logging.error("Failed!")
+        logging.exception(e)
+        return False
+
+    logging.info("Restarting sssd")
+    if subprocess.call(["service", "sssd", "restart"]) != 0:
+        logging.error("Failed!")
+        return False
+
+    return True
+
+def _deleteObsoleteFiles():
+    
+    # files
+    logging.info("Deleting obsolete files")
+
+    for obsoleteFile in constants.obsoleteFiles:
+        logging.info(f"* {obsoleteFile}")
+        fileHelper.deleteFile(obsoleteFile)
+
+    # directories
+    logging.info("Deleting obsolete directories")
+
+    for obsoleteDirectory in constants.obsoleteDirectories:
+        logging.info(f"* {obsoleteDirectory}")
+        fileHelper.deleteDirectory(obsoleteDirectory)
+
+    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
new file mode 100644
index 0000000..64a879f
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
@@ -0,0 +1,256 @@
+import os, pwd, sys, shutil, re, subprocess, shutil
+from linuxmusterLinuxclient7 import logging, constants, user, config, computer
+from pathlib import Path
+
+def mountShare(networkPath, shareName = None, hiddenShare = False, username = None):
+    """
+    Mount a given path of a samba share
+
+    :param networkPath: Network path of the share
+    :type networkPath: str
+    :param shareName: The name of the share (name of the folder the share is being mounted to)
+    :type shareName: str
+    :param hiddenShare: If the share sould be visible in Nautilus
+    :type hiddenShare: bool
+    :param username: The user in whoms context the share should be mounted
+    :type username: str
+    :return: Tuple: (success, mountpoint)
+    :rtype: tuple
+    """
+    networkPath = networkPath.replace("\\", "/")
+    username = _getDefaultUsername(username)
+    shareName = _getDefaultShareName(networkPath, shareName)
+
+    if user.isRoot():
+        return _mountShare(username, networkPath, shareName, hiddenShare, True)
+    else:
+        mountpoint = _getShareMountpoint(networkPath, username, hiddenShare, shareName)
+        # This will call _mountShare() directly with root privileges
+        return _mountShareWithoutRoot(networkPath, shareName, hiddenShare), mountpoint
+
+def getMountpointOfRemotePath(remoteFilePath, hiddenShare = False, username = None, autoMount = True):
+    """
+    Get the local path of a remote samba share path.
+    This function automatically checks if the shares is already mounted.
+    It optionally automatically mounts the top path of the remote share:
+    If the remote path is `//server/sysvol/linuxmuster.lan/Policies` it mounts `//server/sysvol`
+
+    :param remoteFilePath: Remote path
+    :type remoteFilePath: str
+    :param hiddenShare: If the share sould be visible in Nautilus
+    :type hiddenShare: bool
+    :param username: The user in whoms context the share should be mounted
+    :type username: str
+    :parama autoMount: If the share should be mouted automatically if it is not already mounted
+    :type autoMount: bool
+    :return: Tuple: (success, mountpoint)
+    :rtype: tuple
+    """
+    remoteFilePath = remoteFilePath.replace("\\", "/")
+    username = _getDefaultUsername(username)
+
+    # get basepath fo remote file path
+    # this turns //server/sysvol/linuxmuster.lan/Policies into //server/sysvol
+    pattern = re.compile("(^\\/\\/[^\\/]+\\/[^\\/]+)")
+    match = pattern.search(remoteFilePath)
+
+    if match is None:
+        logging.error("Cannot get local file path of {} beacuse it is not a valid path!".format(remoteFilePath))
+        return False, None
+
+    shareBasepath = match.group(0)
+
+    if autoMount:
+       rc, mointpoint = mountShare(shareBasepath, hiddenShare=hiddenShare, username=username)
+       if not rc:
+           return False, None
+    
+    # calculate local path
+    shareMountpoint = _getShareMountpoint(shareBasepath, username, hiddenShare, shareName=None)
+    localFilePath = remoteFilePath.replace(shareBasepath, shareMountpoint)
+
+    return True, localFilePath
+
+def unmountAllSharesOfUser(username):
+    """
+    Unmount all shares of a given user and safely delete the mountpoints and the parent directory.
+
+    :param username: The username of the user
+    :type username: str
+    :return: True or False
+    :rtype: bool
+    """
+    logging.info("=== Trying to unmount all shares of user {0} ===".format(username))
+    for basedir in [constants.shareMountBasepath, constants.hiddenShareMountBasepath]:
+        shareMountBasedir = basedir.format(username)
+
+        try:
+            mountedShares = os.listdir(shareMountBasedir)
+        except FileNotFoundError:
+            logging.info("Mount basedir {} does not exist -> nothing to unmount".format(shareMountBasedir))
+            continue
+
+        for share in mountedShares:
+            _unmountShare("{0}/{1}".format(shareMountBasedir, share))
+    
+        if len(os.listdir(shareMountBasedir)) > 0:
+            logging.warning("* Mount basedir {} is not empty so not removed!".format(shareMountBasedir))
+            return False
+        else:
+            # Delete the directory
+            logging.info("Deleting {0}...".format(shareMountBasedir))
+            try:
+                os.rmdir(shareMountBasedir)
+            except Exception as e:
+                logging.error("FAILED!")
+                logging.exception(e)
+                return False
+
+    logging.info("===> Finished unmounting all shares of user {0} ===".format(username))
+    return True
+
+def getLocalSysvolPath():
+    """
+    Get the local mountpoint of the sysvol
+
+    :return: Full path of the mountpoint
+    :rtype: str
+    """
+    rc, networkConfig = config.network()
+    if not rc:
+        return False, None
+
+    networkPath = f"//{networkConfig['serverHostname']}/sysvol"
+    return getMountpointOfRemotePath(networkPath, True)
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+# useCruidOfExecutingUser:
+#  defines if the ticket cache of the user executing the mount command should be used.
+#  If set to False, the cache of the user with the given username will be used.
+#  This parameter influences the `cruid` mount option.
+def _mountShare(username, networkPath, shareName, hiddenShare, useCruidOfExecutingUser=False):
+
+    mountpoint = _getShareMountpoint(networkPath, username, hiddenShare, shareName)
+
+    mountCommandOptions = f"file_mode=0700,dir_mode=0700,sec=krb5,nodev,nosuid,mfsymlinks,nobrl,vers=3.0,user={username}"
+    rc, networkConfig = config.network()
+    domain = None
+
+    if rc:
+        domain = networkConfig["domain"]
+        mountCommandOptions += f",domain={domain.upper()}"
+
+    try:
+        pwdInfo = pwd.getpwnam(username)
+        uid = pwdInfo.pw_uid
+        gid = pwdInfo.pw_gid
+        mountCommandOptions += f",gid={gid},uid={uid}"
+
+        if not useCruidOfExecutingUser:
+            mountCommandOptions += f",cruid={uid}"
+
+    except KeyError:
+        uid = -1
+        gid = -1
+        logging.warning("Uid could not be found! Continuing anyway!")
+
+    mountCommand = [shutil.which("mount.cifs"), "-o", mountCommandOptions, networkPath, mountpoint]
+
+    logging.debug(f"Trying to mount '{networkPath}' to '{mountpoint}'")
+    logging.debug("* Creating directory...")
+
+    try:
+        Path(mountpoint).mkdir(parents=True, exist_ok=False)
+    except FileExistsError:
+        # Test if a share is already mounted there
+        if _directoryIsMountpoint(mountpoint):
+            logging.debug("* The mountpoint is already mounted.")
+            return True, mountpoint
+        else:
+            logging.warning("* The target directory already exists, proceeding anyway!")
+
+    logging.debug("* Executing '{}' ".format(" ".join(mountCommand)))
+    logging.debug("* Trying to mount...")
+    if not subprocess.call(mountCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE) == 0:
+        logging.fatal(f"* Error mounting share {networkPath} to {mountpoint}!\n")
+        return False, None
+
+    logging.debug("* Success!")
+
+    # hide the shares parent dir (/home/%user/media) in case it is not a hidden share
+    if not hiddenShare:
+        try:
+            hiddenFilePath = f"{mountpoint}/../../.hidden"
+            logging.debug(f"* hiding parent dir {hiddenFilePath}")
+            hiddenFile = open(hiddenFilePath, "w+")
+            hiddenFile.write(mountpoint.split("/")[-2])
+            hiddenFile.close()
+        except:
+            logging.warning(f"Could not hide parent dir of share {mountpoint}")
+
+    return True, mountpoint
+
+def _unmountShare(mountpoint):
+    # check if mountpoint exists
+    if (not os.path.exists(mountpoint)) or (not os.path.isdir(mountpoint)):
+        logging.warning(f"* Could not unmount {mountpoint}, it does not exist.")
+
+    # Try to unmount share
+    logging.info("* Trying to unmount {0}...".format(mountpoint))
+    if not subprocess.call(["umount", mountpoint]) == 0:
+        logging.warning("* Failed!")
+        if _directoryIsMountpoint(mountpoint):
+            logging.warning("* It is still mounted! Exiting!")
+            # Do not delete in this case! We might delete userdata!
+            return
+        logging.info("* It is not mounted! Continuing!")
+
+    # check if the mountpoint is empty
+    if len(os.listdir(mountpoint)) > 0:
+        logging.warning("* mountpoint {} is not empty so not removed!".format(mountpoint))
+        return
+
+    # Delete the directory
+    logging.info("* Deleting {0}...".format(mountpoint))
+    try:
+        os.rmdir(mountpoint)
+    except Exception as e:
+        logging.error("* FAILED!")
+        logging.exception(e)
+
+def _getDefaultUsername(username=None):
+    if username == None:
+        if user.isRoot():
+            username = computer.hostname().upper() + "$"
+        else:
+            username = user.username()
+    return username
+
+def _getDefaultShareName(networkPath, shareName=None):
+    if shareName is None:
+        shareName = networkPath.split("/")[-1]
+    return shareName
+
+def _mountShareWithoutRoot(networkPath, name, hidden):
+    mountCommand = ["sudo", "/usr/share/linuxmuster-linuxclient7/scripts/sudoTools", "mount-share", "--path", networkPath, "--name", name]
+
+    if hidden:
+        mountCommand.append("--hidden")
+
+    return subprocess.call(mountCommand) == 0
+
+def _getShareMountpoint(networkPath, username, hidden, shareName = None):
+    logging.debug(f"Calculating mountpoint of {networkPath}")
+
+    shareName = _getDefaultShareName(networkPath, shareName)
+
+    if hidden:
+        return "{0}/{1}".format(constants.hiddenShareMountBasepath.format(username), shareName)
+    else:
+        return "{0}/{1}".format(constants.shareMountBasepath.format(username), shareName)
+
+def _directoryIsMountpoint(dir):
+    return subprocess.call(["mountpoint", "-q", dir]) == 0
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
new file mode 100644
index 0000000..b634fd2
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
@@ -0,0 +1,128 @@
+import os, codecs, sys, shutil, subprocess
+from pathlib import Path
+from linuxmusterLinuxclient7 import logging, constants, hooks, config
+
+
+def applyAll():
+    """
+    Applies all templates from `/usr/share/linuxmuster-linuxclient7/templates`
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    logging.info('Applying all configuration templates:')
+
+    templateDir = constants.configFileTemplateDir
+    for templateFile in os.listdir(templateDir):
+        templatePath = templateDir + '/' + templateFile
+        logging.info('* ' + templateFile + ' ...')
+        if not _apply(templatePath):
+            logging.error("Aborting!")
+            return False
+
+    # reload sctemctl
+    logging.info('Reloading systemctl ... ')
+    if not subprocess.call(["systemctl", "daemon-reload"]) == 0:
+        logging.error("Failed!")
+        return False
+
+    return True
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+
+def _apply(templatePath):
+    try:
+        # read template file
+        rc, fileData = _readTextfile(templatePath)
+
+        if not rc:
+            logging.error('Failed!')
+            return False
+
+        fileData = _resolveVariables(fileData)
+
+        # get target path
+        firstLine = fileData.split('\n')[0]
+        targetFilePath = firstLine.partition(' ')[2]
+
+        # remove first line (the target file path)
+        fileData = fileData[fileData.find('\n'):]
+
+        # never ever overwrite sssd.conf, this will lead to issues!
+        # sssd.conf is written by `realm join`!
+        if targetFilePath in constants.notTemplatableFiles:
+            logging.warning("Skipping forbidden file {}".format(targetFilePath))
+            return True
+
+        # create target directory
+        Path(Path(targetFilePath).parent.absolute()).mkdir(parents=True, exist_ok=True)
+
+        # remove comment lines beginning with # from .xml files
+        if targetFilePath.endswith('.xml'):
+            fileData = _stripComment(fileData)
+
+        # write config file
+        logging.debug("-> to {}".format(targetFilePath))
+        with open(targetFilePath, 'w') as targetFile:
+            targetFile.write(fileData)
+
+        return True
+
+    except Exception as e:
+        logging.error('Failed!')
+        logging.exception(e)
+        return False
+
+def _resolveVariables(fileData):
+    # replace placeholders with values
+    rc, networkConfig = config.network()
+
+    if not rc:
+        return False, None
+
+    # network
+    fileData = fileData.replace('@@serverHostname@@', networkConfig["serverHostname"])
+    fileData = fileData.replace('@@domain@@', networkConfig["domain"])
+    fileData = fileData.replace('@@realm@@', networkConfig["realm"])
+
+    # constants
+    fileData = fileData.replace('@@userTemplateDir@@', constants.userTemplateDir)
+    fileData = fileData.replace('@@hiddenShareMountBasepath@@', constants.hiddenShareMountBasepath.format("%(USER)"))
+
+    # hooks
+    fileData = fileData.replace('@@hookScriptBoot@@', hooks.getLocalHookScript(hooks.Type.Boot))
+    fileData = fileData.replace('@@hookScriptShutdown@@', hooks.getLocalHookScript(hooks.Type.Shutdown))
+    fileData = fileData.replace('@@hookScriptLoginLogoutAsRoot@@', hooks.getLocalHookScript(hooks.Type.LoginLogoutAsRoot))
+    fileData = fileData.replace('@@hookScriptSessionStarted@@', hooks.getLocalHookScript(hooks.Type.SessionStarted))
+
+    return fileData
+
+# read textfile in variable
+def _readTextfile(filePath):
+    if not os.path.isfile(filePath):
+        return False, None
+    try:
+        infile = codecs.open(filePath ,'r', encoding='utf-8', errors='ignore')
+        content = infile.read()
+        infile.close()
+        return True, content
+    except Exception as e:
+        logging.info('Cannot read ' + filePath + '!')
+        logging.exception(e)
+        return False, None
+
+# remove lines beginning with #
+def _stripComment(fileData):
+    filedata_stripped = ''
+    for line in fileData.split('\n'):
+        if line[:1] == '#':
+            continue
+        else:
+            if filedata_stripped == '':
+                filedata_stripped = line
+            else:
+                filedata_stripped = filedata_stripped + '\n' + line
+    return filedata_stripped
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
new file mode 100644
index 0000000..aa838f0
--- /dev/null
+++ b/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
@@ -0,0 +1,158 @@
+import ldap, ldap.sasl, sys, getpass, subprocess, pwd, os, os.path
+from pathlib import Path
+from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, fileHelper, computer, localUserHelper
+
+def readAttributes():
+    """
+    Reads all attributes of the current user from ldap
+
+    :return: Tuple (success, dict of user attributes)
+    :rtype: tuple
+    """
+    if not user.isInAD():
+        return False, None
+
+    return ldapHelper.searchOne(f"(sAMAccountName={user.username()})")
+
+def school():
+    """
+    Gets the school of the current user from the AD
+
+    :return: The short name of the school
+    :rtype: str
+    """
+    rc, userdata = readAttributes()
+    
+    if not rc:
+        return False, None
+
+    return True, userdata["sophomorixSchoolname"]
+
+def username():
+    """
+    Returns the user of the current user
+
+    :return: The username of the current user
+    :rtype: str
+    """
+    return getpass.getuser().lower()
+
+def isUserInAD(user):
+    """
+    Checks if a given user is an AD user.
+
+    :param user: The username of the user to check
+    :type user: str
+    :return: True if the user is in the AD, False if it is a local user
+    :rtype: bool
+    """
+    if not computer.isInAD():
+        return False
+    
+    rc, groups = localUserHelper.getGroupsOfLocalUser(user)
+    if not rc:
+        return False
+
+    return "domain users" in groups
+
+def isInAD():
+    """Checks if the current user is an AD user.
+
+    :return: True if the user is in the AD, False if it is a local user
+    :rtype: bool
+    """
+    return isUserInAD(username())
+
+def isRoot():
+    """
+    Checks if the current user is root
+
+    :return: True if the current user is root, False otherwise
+    :rtype: bool
+    """
+    return os.geteuid() == 0
+
+def isInGroup(groupName):
+    """
+    Checks if the current user is part of a given group
+
+    :param groupName: The name of the group
+    :type groupName: str
+    :return: True if the user is part of the group, False otherwise
+    :rtype: bool
+    """
+    rc, groups = localUserHelper.getGroupsOfLocalUser(username())
+    if not rc:
+        return False
+
+    return groupName in groups
+
+def cleanTemplateUserGtkBookmarks():
+    """Remove gtk bookmarks of the template user from the current users `~/.config/gtk-3.0/bookmarks` file.
+    """
+    logging.info("Cleaning {} gtk bookmarks".format(constants.templateUser))
+    gtkBookmarksFile = "/home/{0}/.config/gtk-3.0/bookmarks".format(user.username())
+
+    if not os.path.isfile(gtkBookmarksFile):
+        logging.warning("Gtk bookmarks file not found, skipping!")
+        return
+
+    fileHelper.removeLinesInFileContainingString(gtkBookmarksFile, constants.templateUser)
+
+def getHomeShareMountpoint():
+    """
+    Returns the mountpoint of the users serverhome.
+
+    :return: The monutpoint of the users serverhome
+    :rtype: str
+    """
+    rc, homeShareName = _getHomeShareName()
+
+    if rc:
+        basePath = constants.shareMountBasepath.format(username())
+        return True, f"{basePath}/{homeShareName}"
+
+    return False, None
+
+def mountHomeShare():
+    """
+    Mounts the serverhome of the current user
+
+    :return: True on success, False otherwise
+    :rtype: bool
+    """
+    rc1, userAttributes = readAttributes()
+    rc2, shareName = _getHomeShareName(userAttributes)
+    if rc1 and rc2:
+        try:
+            homeShareServerPath = userAttributes["homeDirectory"]
+            res = shares.mountShare(homeShareServerPath, shareName=shareName, hiddenShare=False, username=username())
+            return res
+
+        except Exception as e:
+            logging.error("Could not mount home dir of user")
+            logging.exception(e)
+
+    return False, None
+
+# --------------------
+# - Helper functions -
+# --------------------
+
+def _getHomeShareName(userAttributes=None):
+    if userAttributes is None:
+        rc, userAttributes = readAttributes()
+    else:
+        rc = True
+
+    if rc:
+        try:
+            usernameString = username()
+            shareName = f"{usernameString} ({userAttributes['homeDrive']})"
+            return True, shareName
+
+        except Exception as e:
+            logging.error("Could not mount home dir of user")
+            logging.exception(e)
+
+    return False, None
\ No newline at end of file
diff --git a/roles/lmn_printer/files/lmn-printer.sh b/roles/lmn_printer/files/lmn-printer.sh
new file mode 100644
index 0000000..e103068
--- /dev/null
+++ b/roles/lmn_printer/files/lmn-printer.sh
@@ -0,0 +1 @@
+[[ "${UID}" -gt 10000 ]] && /usr/local/bin/onLogin
diff --git a/roles/lmn_printer/files/onLogin b/roles/lmn_printer/files/onLogin
new file mode 100644
index 0000000..565b80f
--- /dev/null
+++ b/roles/lmn_printer/files/onLogin
@@ -0,0 +1,33 @@
+#!/usr/bin/python3
+
+# DO NOT MODIFY THIS SCRIPT!
+# For custom scripts use the hookdir /etc/linuxmuster-linuxclient7/onLogin.d
+
+# This schript is called in user context when a user logs in
+try:
+    import os, sys
+    #import traceback
+    from linuxmusterLinuxclient7 import logging, hooks, shares, user, constants, gpo, computer, environment
+
+    logging.info("====== onLogin started ======")
+
+    # mount sysvol
+    rc, sysvolPath = shares.getLocalSysvolPath()
+    if rc:
+        environment.export(f"SYSVOL={sysvolPath}")
+
+    # process GPOs
+    gpo.processAllPolicies()
+
+    logging.info("======> onLogin end ======")
+
+except Exception as e:
+    try:
+        #traceback.print_exc()
+        logging.exception(e)
+    except:
+        print("A fatal error occured!")
+
+# We need to catch all exceptions and return 0 in any case!
+# If we do not return 0, login will FAIL FOR EVERYONE!
+sys.exit(0)
diff --git a/roles/lmn_printer/files/onLogout b/roles/lmn_printer/files/onLogout
new file mode 100644
index 0000000..9fe8a00
--- /dev/null
+++ b/roles/lmn_printer/files/onLogout
@@ -0,0 +1,38 @@
+#!/usr/bin/python3
+
+# DO NOT MODIFY THIS SCRIPT!
+# For custom scripts use the hookdirs
+# /etc/linuxmuster-linuxclient7/onLoginAsRoot.d
+# and /etc/linuxmuster-linuxclient7/onLogoutAsRoot.d
+
+# This schript is called in root context when a user logs in or out
+try:
+    import os, sys
+    from linuxmusterLinuxclient7 import logging, hooks, constants, user, shares, printers, computer, realm
+
+    pamType = os.getenv("PAM_TYPE")
+    pamUser = os.getenv("PAM_USER")
+    #PAM_RHOST, PAM_RUSER, PAM_SERVICE, PAM_TTY, PAM_USER and PAM_TYPE
+    logging.info("====== onLoginLogoutAsRoot started with PAM_TYPE={0} PAM_RHOST={1} PAM_RUSER={2} PAM_SERVICE={3} PAM_TTY={4} PAM_USER={5} ======".format(pamType, os.getenv("PAM_RHOST"), os.getenv("PAM_RUSER"), os.getenv("PAM_SERVICE"), os.getenv("PAM_TTY"), pamUser))
+
+    # check if whe should execute
+    if not hooks.shouldHooksBeExecuted(pamUser):
+        logging.info("======> onLoginLogoutAsRoot end ====")
+        sys.exit(0)
+
+    elif pamType == "close_session":
+        # cleanup
+        printers.uninstallAllPrintersOfUser(pamUser)
+
+    logging.info("======> onLoginLogoutAsRoot end ======")
+
+except Exception as e:
+    try:
+        logging.exception(e)
+    except:
+        print("A fatal error occured!")
+
+# We need to catch all exceptions and return 0 in any case!
+# If we do not return 0, login will FAIL FOR EVERYONE!
+sys.exit(0)
+
diff --git a/roles/lmn_printer/files/rmlpr.service b/roles/lmn_printer/files/rmlpr.service
new file mode 100644
index 0000000..e89b994
--- /dev/null
+++ b/roles/lmn_printer/files/rmlpr.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Remove all printers
+
+[Service]
+Type=simple
+ExecStart=sh -c 'lpstat -p && for printer in $(lpstat -p | cut -f 2 -d " "); do lpadmin -x $printer; done || echo no printer found.'
diff --git a/roles/lmn_printer/files/rmlpr.timer b/roles/lmn_printer/files/rmlpr.timer
new file mode 100644
index 0000000..a8097d2
--- /dev/null
+++ b/roles/lmn_printer/files/rmlpr.timer
@@ -0,0 +1,8 @@
+[Unit]
+Description=Remove all printers on boot
+
+[Timer]
+OnBootSec=10
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/lmn_printer/files/scripts/sudoTools b/roles/lmn_printer/files/scripts/sudoTools
new file mode 100755
index 0000000..7459135
--- /dev/null
+++ b/roles/lmn_printer/files/scripts/sudoTools
@@ -0,0 +1,50 @@
+#!/usr/bin/python3
+#
+# Script to do some things that require root permissions as a normal user
+# Currently used for:
+# - mounting shares
+# - installing printers
+#
+
+import os, sys, argparse
+from linuxmusterLinuxclient7 import shares, printers, constants
+
+
+parser = argparse.ArgumentParser(description="Script to do some things that require root permissions as a normal user")
+
+subparsers = parser.add_subparsers(title='Tasks', metavar="<task>", help="The task to execute", dest="task", required=True)
+
+subparserCache = subparsers.add_parser('install-printer', help='install a printer')
+requiredGroupCache = subparserCache.add_argument_group('required arguments')
+requiredGroupCache.add_argument("--path", help="The network path of the printer", required=True)
+requiredGroupCache.add_argument("--name", help="The name of the printer", required=True)
+
+subparserCache = subparsers.add_parser('mount-share', help='mount a network share')
+subparserCache.add_argument("--hidden", help="Hide this share", action='store_true')
+requiredGroupCache = subparserCache.add_argument_group('required arguments')
+requiredGroupCache.add_argument("--path", help="The network path of the share", required=True)
+requiredGroupCache.add_argument("--name", help="The name of the share", required=True)
+
+args = parser.parse_args()
+
+task = args.task
+
+if not os.geteuid() == 0:
+    print("This script has to be run using sudo!")
+    exit(1)
+
+username = os.getenv("SUDO_USER")
+
+if task == "install-printer":
+    if printers.installPrinter(args.path, name=args.name, username=username):
+        sys.exit(0)
+    else:
+        sys.exit(1)
+    pass
+elif task == "mount-share":
+    if shares._mountShare(username, args.path, args.name, args.hidden, False):
+        sys.exit(0)
+    else:
+        sys.exit(1)
+
+exit(0)
\ No newline at end of file
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
new file mode 100644
index 0000000..79f90b0
--- /dev/null
+++ b/roles/lmn_printer/tasks/main.yml
@@ -0,0 +1,102 @@
+---
+- name: Install cups and python libs
+  apt:
+    name:
+      - cups
+      - python3-ldap
+    state: latest
+
+- name: Disable cups printer browsing
+  lineinfile:
+    dest: /etc/cups/cupsd.conf
+    regexp: '^(Browsing ).*'
+    line: '\1No'
+    backrefs: yes
+
+- name: Disable cups-browsed
+  ansible.builtin.systemd:
+    name: cups-browsed.service
+    state: stopped
+    enabled: no
+
+- name: Configure pam_mount sysvol mount
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (SysVol) -->"
+    block: |
+      <volume
+        fstype="cifs"
+        server="{{ smb_server }}"
+        path="sysvol/"
+        mountpoint="/srv/samba/%(USER)/sysvol"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
+      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
+    insertafter: "<!-- Volume definitions -->"
+
+- name: Create /etc/linuxmuster-linuxclient7 Directory
+  file:
+    path: /etc/linuxmuster-linuxclient7
+    state: directory
+    mode: 0755
+
+- name: install linuxmuster-linuxclient network.conf
+  template:
+    src: network.conf.j2
+    dest: /etc/linuxmuster-linuxclient7/network.conf
+    mode: 0644
+
+- name: install linuxmuster-linuxclient python libs
+  copy :
+    src: linuxmusterLinuxclient7
+    dest: /usr/lib/python3/dist-packages
+
+- name: Create /usr/share/linuxmuster-linuxclient7/scripts Directory
+  file:
+    path: /usr/share/linuxmuster-linuxclient7/scripts
+    state: directory
+    mode: 0755
+
+- name: install linuxmuster-scripts
+  copy:
+    src: scripts/sudoTools
+    dest: /usr/share/linuxmuster-linuxclient7/scripts/
+    mode: 0755
+
+- name: install lmn-sudotools
+  copy:
+    src: 90-lmn-sudotools
+    dest: /etc/sudoers.d/
+    mode: 0660
+    owner: root
+    group: root
+
+- name: install onLogin script
+  copy :
+    src: onLogin
+    dest: /usr/local/bin/
+    mode: 0755
+    owner: root
+    group: root
+
+- name: install lmn-printer.sh in /etc/profile.d/
+  copy:
+    src: lmn-printer.sh
+    dest: /etc/profile.d/
+    mode: 0644
+    owner: root
+    group: root
+
+- name: Provide service and timer for remove all printers on boot
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
+  with_items:
+    - rmlpr.service
+    - rmlpr.timer
+
+- name: enable rmlpr.timer
+  systemd:
+    name: rmlpr.timer
+    enabled: true
+
diff --git a/roles/lmn_printer/templates/network.conf.j2 b/roles/lmn_printer/templates/network.conf.j2
new file mode 100644
index 0000000..5cd39ce
--- /dev/null
+++ b/roles/lmn_printer/templates/network.conf.j2
@@ -0,0 +1,5 @@
+[network]
+serverHostname = server
+domain = pn.steinbeis.schule
+realm = PN.STEINBEIS.SCHULE
+version = 1

From 10967afaf7ad6aaa0740219279e87b23b3dd1f9e Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 16 Aug 2023 12:18:32 +0200
Subject: [PATCH 333/504] lmnsynci without homedir

---
 roles/lmn_vm/tasks/main.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index abc99b4..62a1918 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -36,6 +36,8 @@
     name: lmnsynci
     comment: lmn sync user
     system: true
+    create_home: false
+    shell: /usr/bin/false
 
 - name: create vm directory
   file:
@@ -169,9 +171,11 @@
   notify: Run update-desktop-database
 
 - name: sync .torrent, .xml and .desktop files and run update-desktop-database
-  command: /usr/local/bin/sync-vm.sh -t
-  become: true
-  become_user: lmnsynci
+  command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
+    #become: true
+    #become_user: lmnsynci
+    #become_method: su
+    #become_flags: '-s /usr/bin/bash'
   register: result
   changed_when: result.stdout | length > 0
 

From ad7d1da61d1ef1beac877d6a8e4858651051e612 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Wed, 16 Aug 2023 20:02:00 +0200
Subject: [PATCH 334/504] provide script to reset places in dolphin

---
 roles/lmn_kde/files/lmn-reset-dolphin.sh | 222 +++++++++++++++++++++++
 roles/lmn_kde/tasks/main.yml             |   5 +
 2 files changed, 227 insertions(+)
 create mode 100755 roles/lmn_kde/files/lmn-reset-dolphin.sh

diff --git a/roles/lmn_kde/files/lmn-reset-dolphin.sh b/roles/lmn_kde/files/lmn-reset-dolphin.sh
new file mode 100755
index 0000000..6558b6e
--- /dev/null
+++ b/roles/lmn_kde/files/lmn-reset-dolphin.sh
@@ -0,0 +1,222 @@
+#!/bin/bash
+
+sed -e "s|HOME|/${HOME##/srv/samba/schools/default-school/}|g" -e "s|USER|${USER}|g" > ~/.local/share/user-places.xbel <<EOF
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE xbel>
+<xbel xmlns:mime="http://www.freedesktop.org/standards/shared-mime-info" xmlns:bookmark="http://www.freedesktop.org/standards/desktop-bookmarks" xmlns:kdepriv="http://www.kde.org/kdepriv">
+ <info>
+  <metadata owner="http://www.kde.org">
+   <kde_places_version>4</kde_places_version>
+   <GroupState-Places-IsHidden>false</GroupState-Places-IsHidden>
+   <GroupState-Remote-IsHidden>false</GroupState-Remote-IsHidden>
+   <GroupState-Devices-IsHidden>false</GroupState-Devices-IsHidden>
+   <GroupState-RemovableDevices-IsHidden>false</GroupState-RemovableDevices-IsHidden>
+   <GroupState-Tags-IsHidden>false</GroupState-Tags-IsHidden>
+   <withRecentlyUsed>true</withRecentlyUsed>
+   <GroupState-RecentlySaved-IsHidden>false</GroupState-RecentlySaved-IsHidden>
+   <withBaloo>true</withBaloo>
+   <GroupState-SearchFor-IsHidden>false</GroupState-SearchFor-IsHidden>
+  </metadata>
+ </info>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME">
+  <title>Home</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="user-home"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/0</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Schreibtisch">
+  <title>Desktop</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="user-desktop"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/1</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Dokumente">
+  <title>Documents</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-documents"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/2</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Downloads">
+  <title>Downloads</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-downloads"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/3</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Musik">
+  <title>Music</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-music"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/6</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Bilder">
+  <title>Pictures</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-pictures"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/7</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-schoolHOME/Videos">
+  <title>Videos</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-videos"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/8</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///srv/samba/schools/default-school/share">
+  <title>Tausch</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-publicshare"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/9</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="file:///lmn/media/USER/nextcloud">
+  <title>Nextcloud</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-cloud"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/10</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="remote:/">
+  <title>Network</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-network"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/4</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="trash:/">
+  <title>Trash</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="user-trash"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/5</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="recentlyused:/files">
+  <title>Recent Files</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="document-open-recent"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/9</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <bookmark href="recentlyused:/locations">
+  <title>Recent Locations</title>
+  <info>
+   <metadata owner="http://freedesktop.org">
+    <bookmark:icon name="folder-open-recent"/>
+   </metadata>
+   <metadata owner="http://www.kde.org">
+    <ID>1682498425/10</ID>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </bookmark>
+ <separator>
+  <info>
+   <metadata owner="http://www.kde.org">
+    <UDI>/org/kde/fstab///server/default-school/:/srv/samba/schools/default-school</UDI>
+    <isSystemItem>true</isSystemItem>
+    <IsHidden>true</IsHidden>
+   </metadata>
+  </info>
+ </separator>
+ <separator>
+  <info>
+   <metadata owner="http://www.kde.org">
+    <UDI>/org/kde/fstab///server/default-schoolHOME:/lmn/media/USER/home</UDI>
+    <isSystemItem>true</isSystemItem>
+    <IsHidden>true</IsHidden>
+   </metadata>
+  </info>
+ </separator>
+ <separator>
+  <info>
+   <metadata owner="http://www.kde.org">
+    <UDI>/org/kde/fstab///server/sysvol/:/srv/samba/USER/sysvol</UDI>
+    <isSystemItem>true</isSystemItem>
+    <IsHidden>true</IsHidden>
+   </metadata>
+  </info>
+ </separator>
+ <separator>
+  <info>
+   <metadata owner="http://www.kde.org">
+    <UDI>/org/kde/fstab///server/default-school/share:/lmn/media/USER/share</UDI>
+    <isSystemItem>true</isSystemItem>
+    <IsHidden>true</IsHidden>
+   </metadata>
+  </info>
+ </separator>
+ <separator>
+  <info>
+   <metadata owner="http://www.kde.org">
+    <UDI>/org/freedesktop/UDisks2/block_devices/sda2</UDI>
+    <isSystemItem>true</isSystemItem>
+   </metadata>
+  </info>
+ </separator>
+</xbel>
+EOF
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 6f3f963..d922a0d 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -189,6 +189,11 @@
     - pwroff.timer
   notify: enable pwroff.timer
 
+- name: copy lmn-reset-dolphin.sh
+  ansible.builtin.copy:
+    src: lmn-reset-dolphin.sh
+    dest: /usr/local/bin/
+    mode: 0755
 
 ################# general settings ##################
 - name: Protect grub menu entries

From cb172935c7a96cfcd03257b291d4e12c6f0a5192 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 16 Aug 2023 14:46:55 +0200
Subject: [PATCH 335/504] Include backports.

---
 roles/lmn_kde/tasks/main.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index d922a0d..d7030ef 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -57,7 +57,6 @@
       - freecad
       - librecad
       - arduino
-      - kicad
       - keepassxc
       - tmux
       - curl
@@ -73,20 +72,20 @@
 
 - name: Add {{ ansible_distribution_release }}-backports
   apt_repository:
-    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main contrib non-free
+    repo: deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports main non-free-firmware
     state: present
     update_cache: true
-  when: ansible_distribution_release == 'bullseye'
 
 - name: Install extra packages from backports
   apt:
     name:
       - libreoffice
       - libreoffice-l10n-de
+      - kicad
+      - kicad-doc-de
     state: latest # noqa package-latest
     autoremove: true
     default_release: "{{ ansible_distribution_release }}-backports"
-  when: ansible_distribution_release == 'bullseye'
 
 
 - name: Enable splash screen

From 54ccda1abfb95be8788a7d8316592c30462d498a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 16 Aug 2023 20:50:44 +0200
Subject: [PATCH 336/504] Try some ECMAScript to configure the desktop.

---
 roles/lmn_kde/files/fvs-config.js | 110 ++++++++++++++++++++++++++++++
 roles/lmn_kde/tasks/main.yml      |  10 ++-
 2 files changed, 118 insertions(+), 2 deletions(-)
 create mode 100644 roles/lmn_kde/files/fvs-config.js

diff --git a/roles/lmn_kde/files/fvs-config.js b/roles/lmn_kde/files/fvs-config.js
new file mode 100644
index 0000000..a032c0b
--- /dev/null
+++ b/roles/lmn_kde/files/fvs-config.js
@@ -0,0 +1,110 @@
+// configure plasma defaults
+
+function forEachWidgetInContainmentList(containmentList, callback) {
+    for (var containmentIndex = 0; containmentIndex < containmentList.length; containmentIndex++) {
+        var containment = containmentList[containmentIndex];
+
+        var widgets = containment.widgets();
+        for (var widgetIndex = 0; widgetIndex < widgets.length; widgetIndex++) {
+            var widget = widgets[widgetIndex];
+            callback(widget, containment);
+            if (widget.type === "org.kde.plasma.systemtray") {
+                systemtrayId = widget.readConfig("SystrayContainmentId");
+                if (systemtrayId) {
+                    forEachWidgetInContainmentList([desktopById(systemtrayId)], callback)
+                }
+            }
+        }
+    }
+}
+
+function forEachWidget(callback) {
+    forEachWidgetInContainmentList(desktops(), callback);
+    forEachWidgetInContainmentList(panels(), callback);
+}
+
+function forEachWidgetByType(type, callback) {
+    forEachWidget(function(widget, containment) {
+        if (widget.type == type) {
+            callback(widget, containment);
+        }
+    });
+}
+
+function widgetSetProperty(args) {
+    if (!(args.widgetType && args.configGroup && args.configKey)) {
+        return;
+    }
+
+    forEachWidgetByType(args.widgetType, function(widget){
+        widget.currentConfigGroup = [args.configGroup];
+/*
+        //--- Delete when done debugging
+        const oldValue = widget.readConfig(args.configKey);
+        print("" + widget.type + " (id: " + widget.id + "):");
+        print("\t[" + args.configGroup + "] " + args.configKey + ": " +
+	      oldValue + " => " + args.configValue + "\n");
+        //--- End Debug
+*/
+        widget.writeConfig(args.configKey, args.configValue);
+    });
+}
+
+// configure task bar starters:
+widgetSetProperty({
+    widgetType: "org.kde.plasma.icontasks",
+    configGroup: "General",
+    configKey: "launchers",
+    configValue: [
+	"applications:systemsettings.desktop",
+	"preferred://browser",
+	"applications:thunderbird.desktop",
+	"applications:libreoffice-startcenter.desktop",
+	"preferred://filemanager"
+	//"applications:org.kde.konsole.desktop",
+	//"applications:org.kde.discover.desktop"
+    ],
+
+});
+
+// kickoff is the default menu:
+/* this does not work (anymore?)
+widgetSetProperty({
+    widgetType: "org.kde.plasma.kickoff",
+    configGroup: "General",
+    configKey: "favorites",
+    configValue: ["applications:libreoffice-startcenter.desktop",],
+});
+*/
+
+widgetSetProperty({
+    widgetType: "org.kde.plasma.kickoff",
+    configGroup: "General",
+    configKey: "systemFavorites",
+    configValue: ["reboot", "shutdown", "logout"],
+});
+
+
+// prepare a folder view on the desktop:
+var allDesktops = desktops();
+for (var desktopIndex = 0; desktopIndex < allDesktops.length; desktopIndex++) {
+    var d = allDesktops[desktopIndex];
+    d.addWidget("org.kde.plasma.folder", 50, 50, 456, 600)
+    print("Folder app generated!\n")
+}
+
+widgetSetProperty({
+    widgetType: "org.kde.plasma.folder",
+    configGroup: "General",
+    configKey: "url",
+    configValue: "/lmn/media/",
+});
+
+widgetSetProperty({
+    widgetType: "org.kde.plasma.folder",
+    configGroup: "General",
+    configKey: "labelMode",
+    configValue: "0",
+});
+
+// /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index d7030ef..afd969e 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -194,6 +194,12 @@
     dest: /usr/local/bin/
     mode: 0755
 
+- name: Copy fvs-config.js to configure plasma
+  ansible.builtin.copy:
+    src: fvs-config.js
+    dest: /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js
+    mode: 0644
+
 ################# general settings ##################
 - name: Protect grub menu entries
   blockinfile:
@@ -211,7 +217,7 @@
     firstmatch: true
   notify: Run update-grub
 
-- name: grub timeout
+- name: Grub timeout
   lineinfile:
     dest: /etc/default/grub
     regexp: '^(GRUB_TIMEOUT=).*'
@@ -219,7 +225,7 @@
     backrefs: yes
   notify: Run update-grub
 
-- name: keyboard compose key
+- name: Keyboard compose key
   lineinfile:
     dest: /etc/default/keyboard
     regexp: '^(XKBOPTIONS=).*'

From a11c6e309a120ca31fc9fe8c1ec209ca0654372b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 17 Aug 2023 10:48:34 +0200
Subject: [PATCH 337/504] Currently, the folder-view is not of much use.

---
 roles/lmn_kde/files/fvs-config.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/lmn_kde/files/fvs-config.js b/roles/lmn_kde/files/fvs-config.js
index a032c0b..71c65ab 100644
--- a/roles/lmn_kde/files/fvs-config.js
+++ b/roles/lmn_kde/files/fvs-config.js
@@ -86,6 +86,7 @@ widgetSetProperty({
 
 
 // prepare a folder view on the desktop:
+/* 20230917 disabled for now
 var allDesktops = desktops();
 for (var desktopIndex = 0; desktopIndex < allDesktops.length; desktopIndex++) {
     var d = allDesktops[desktopIndex];
@@ -106,5 +107,6 @@ widgetSetProperty({
     configKey: "labelMode",
     configValue: "0",
 });
+*/
 
 // /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js

From f854b3659cf89d450fd21640d1587d633a14d5fd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 17 Aug 2023 10:51:19 +0200
Subject: [PATCH 338/504] Defaults for 'sandbox', as there seems to be no
 reason not to use them.

---
 roles/lmn_vm/files/start-virtiofsd.sh | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index 83d9e0c..1236274 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -1,5 +1,7 @@
 #!/usr/bin/bash
 
+set -eu
+
 # if less than one arguments supplied, display usage
 if [[  $# -ne 1 ]]; then
     echo "This script takes as input the name of the VM " >&2
@@ -16,10 +18,12 @@ if ! [[ -d "${XDG_RUNTIME_DIR}/virtiofs" ]]; then
        chown "${SUDO_UID}" "${XDG_RUNTIME_DIR}/virtiofs/"
 fi
 
-[[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" -o sandbox=chroot > /dev/null &
-/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" -o source="/lmn/media/${SUDO_USER}" -o sandbox=chroot > /dev/null &
+[[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && \
+    /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" > /dev/null &
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" > /dev/null &
+/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
+			-o source="/lmn/media/${SUDO_USER}" > /dev/null &
 # Wait until socket-File exists and chown to user
 until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
    echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"

From 793b37853e36e310513ee5c717b483352e2866ca Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 18 Aug 2023 09:23:14 +0200
Subject: [PATCH 339/504] Move VM mount functionality to PAM for better umount
 handling.

---
 roles/lmn_mount/tasks/main.yml        | 38 +++++++++++----------------
 roles/lmn_vm/files/mounthome.sh       | 25 ++----------------
 roles/lmn_vm/files/run-vm.sh          |  8 ++----
 roles/lmn_vm/files/start-virtiofsd.sh | 22 +++++++++-------
 4 files changed, 32 insertions(+), 61 deletions(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 9e22dfa..6b81675 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -14,19 +14,12 @@
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
     block: |
+      <!-- mounts for home, share and nextcloud -->
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="{{ smb_share }}share"
-        mountpoint="/lmn/media/%(USER)/share"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
@@ -37,6 +30,20 @@
         options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
+
+      <!-- bind mounts for the VMs, setting gid here does not work -->
+      <volume
+        path="~"
+        mountpoint="/lmn/media/%(USER)/home"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+      <volume
+        path="/srv/samba/schools/default-school/share"
+        mountpoint="/lmn/media/%(USER)/share"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
     insertafter: "<!-- Volume definitions -->"
 
 
@@ -78,21 +85,6 @@
     line: KillUserProcesses=yes
     insertafter: '#KillUserProcesses=no'
 
-- name: Umount all user-mounts on logout
-  blockinfile:
-    dest: /usr/share/sddm/scripts/Xstop
-    block: |
-      for i in $(mount | /usr/bin/grep "/lmn/media/" | /usr/bin/cut -f 3 -d ' '); do
-        umount $i
-      done
-      umount /srv/samba/schools/default-school
-
-- name: Deploy script to generate links in /lmn/media/$USER/
-  copy:
-    src: lmn-mounthome.sh
-    dest: /etc/profile.d/
-    mode: '0644'
-
 - name: Bind mount lmn/media with nosuid directory
   ansible.posix.mount:
     src: /lmn/media
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 1ad2796..184624d 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -18,6 +18,8 @@ exit_script_home() {
     kill -- -$$ # Sends SIGTERM to child/sub processes
 }
 
+##########################
+
 if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/lmn/media/${SUDO_USER}/home"    && umount "/lmn/media/${SUDO_USER}/home"    && rmdir "/lmn/media/${SUDO_USER}/home"
     #findmnt "/lmn/media/${SUDO_USER}/share"   && umount "/lmn/media/${SUDO_USER}/share"   && rmdir "/lmn/media/${SUDO_USER}/share"
@@ -56,27 +58,4 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-l' ]; then
     #echo "Um weiter zu arbeiten: <Strg> + <Z>"
     trap exit_script SIGHUP SIGINT SIGTERM
     sleep infinity 
-else
-    #mkdir -p "/media/${SUDO_USER}"
-    #chown "${SUDO_USER}:1010" "/media/${SUDO_USER}"
-    chgrp 1010 "/lmn/media/${SUDO_USER}"
-    chmod 0770 "/lmn/media/${SUDO_USER}"
-    #if ! findmnt "/lmn/media/${SUDO_USER}/share"; then
-    #  [[ -d "/lmn/media/${SUDO_USER}/share" ]] || mkdir "/lmn/media/${SUDO_USER}/share"
-    #  mount --bind "/lmn/media/${SUDO_USER}/.default-school/share" "/lmn/media/${SUDO_USER}/share"
-    #fi
-    if ! findmnt "/lmn/media/${SUDO_USER}/home"; then
-      [[ -d "/lmn/media/${SUDO_USER}/home" ]] || mkdir "/lmn/media/${SUDO_USER}/home"
-      home="$(getent passwd $SUDO_USER | cut -d: -f6)"
-      mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,nobrl,mfsymlinks" \
-           "//server/default-school/${home##/srv/samba/schools/default-school/}" "/lmn/media/${SUDO_USER}/home"
-      trap exit_script_home SIGHUP SIGINT SIGTERM
-      sleep infinity 
-    fi
-    #mkdir -p "/lmn/media/${SUDO_USER}/home"
-    #mkdir -p "/lmn/media/${SUDO_USER}/share"
-    #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-    #       "//server/default-school/${home}" "/lmn/media/${SUDO_USER}/home"
-    #mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
-    #       "//server/default-school/share" "/lmn/media/${SUDO_USER}/share"
 fi
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index d368262..30deedf 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -99,18 +99,14 @@ check_images() {
    echo "VM-Image and required backingfiles available and checked"
 }
 
+#################
+
 # check, if we have to start squid
 if ! killall -s 0 squid; then
     echo "starting squid."
     /usr/sbin/squid -f /etc/squid/squid-usermode.conf
 fi
 
-## check, if we have to mount home
-#if ! findmnt "/media/${USER}/home"; then
-#    echo "mounting home."
-    sudo mounthome.sh &
-#fi
-
 # because virsh has problems with long pathnames, using diffent configdir
 export XDG_CONFIG_HOME="/tmp/${UID}/.config"
 
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index 1236274..4c6ae0e 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -9,24 +9,28 @@ if [[  $# -ne 1 ]]; then
     exit 1
 fi
 
-VM_NAME=$1
-
-export XDG_RUNTIME_DIR="/run/user/${SUDO_UID}"
+VM_NAME="$1"
+XDG_RUNTIME_DIR="/run/user/${SUDO_UID}"
 
 if ! [[ -d "${XDG_RUNTIME_DIR}/virtiofs" ]]; then
        mkdir "${XDG_RUNTIME_DIR}/virtiofs/"
        chown "${SUDO_UID}" "${XDG_RUNTIME_DIR}/virtiofs/"
 fi
 
-[[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] && \
+if [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] ; then
     /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" > /dev/null &
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" --socket-group="${SUDO_USER}" -o source="/media/${USER}" > /dev/null &
+fi
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
+#     --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" > /dev/null &
+#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
+#     --socket-group="${SUDO_USER}" -o source="/media/${USER}" > /dev/null &
+
 /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
-			-o source="/lmn/media/${SUDO_USER}" > /dev/null &
+			-o source="/lmn/media/${SUDO_USER}/" &
+
 # Wait until socket-File exists and chown to user
 until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
-   echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
-   sleep 0.1
+    echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
+    sleep 0.1
 done
 /usr/bin/chown "${SUDO_USER}" "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"

From 2f7da9c1b49cd37ce0a3cf19da3109efe1fa2335 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 18 Aug 2023 09:56:19 +0200
Subject: [PATCH 340/504] Move PAM mount config for VMs to corresponding role.
 Cleanup.

---
 roles/lmn_kde/files/lmn-reset-dolphin.sh |  4 +-
 roles/lmn_mount/tasks/main.yml           | 18 +------
 roles/lmn_vm/tasks/main.yml              | 65 ++++++++----------------
 3 files changed, 24 insertions(+), 63 deletions(-)

diff --git a/roles/lmn_kde/files/lmn-reset-dolphin.sh b/roles/lmn_kde/files/lmn-reset-dolphin.sh
index 6558b6e..10f6e75 100755
--- a/roles/lmn_kde/files/lmn-reset-dolphin.sh
+++ b/roles/lmn_kde/files/lmn-reset-dolphin.sh
@@ -186,7 +186,7 @@ sed -e "s|HOME|/${HOME##/srv/samba/schools/default-school/}|g" -e "s|USER|${USER
  <separator>
   <info>
    <metadata owner="http://www.kde.org">
-    <UDI>/org/kde/fstab///server/default-schoolHOME:/lmn/media/USER/home</UDI>
+    <UDI>/org/kde/fstab///server/default-school/:/lmn/media/USER/home</UDI>
     <isSystemItem>true</isSystemItem>
     <IsHidden>true</IsHidden>
    </metadata>
@@ -204,7 +204,7 @@ sed -e "s|HOME|/${HOME##/srv/samba/schools/default-school/}|g" -e "s|USER|${USER
  <separator>
   <info>
    <metadata owner="http://www.kde.org">
-    <UDI>/org/kde/fstab///server/default-school/share:/lmn/media/USER/share</UDI>
+    <UDI>/org/kde/fstab///server/default-school/:/lmn/media/USER/share</UDI>
     <isSystemItem>true</isSystemItem>
     <IsHidden>true</IsHidden>
    </metadata>
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 6b81675..3f3dce2 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -9,10 +9,10 @@
       - davfs2
     state: latest
 
-- name: Configure pam_mount
+- name: Configure pam_mount for LMN homes
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
-    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (mount LMN homes) -->"
     block: |
       <!-- mounts for home, share and nextcloud -->
       <volume
@@ -30,20 +30,6 @@
         options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
-
-      <!-- bind mounts for the VMs, setting gid here does not work -->
-      <volume
-        path="~"
-        mountpoint="/lmn/media/%(USER)/home"
-        options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
-      <volume
-        path="/srv/samba/schools/default-school/share"
-        mountpoint="/lmn/media/%(USER)/share"
-        options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
     insertafter: "<!-- Volume definitions -->"
 
 
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 62a1918..c56df95 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -6,17 +6,6 @@
       - virt-manager
     state: latest
     autoremove: true
-    default_release: "{{ ansible_distribution_release }}-backports"
-  when: ansible_distribution_release == 'bullseye'
-
-- name: install libvirt packages
-  apt:
-    name:
-      - libvirt-daemon-system
-      - virt-manager
-    state: latest
-    autoremove: true
-  when: ansible_distribution_release == 'bookworm'
 
     #- name: allow all users to use VMs
     #  lineinfile:
@@ -25,6 +14,26 @@
     #    insertafter: '#auth_unix_rw = "polkit"'
     #  notify: reload libvirtd
 
+- name: Configure pam_mount for VMs
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mounts for VMs) -->"
+    block: |
+      <!-- bind mounts for the VMs, setting gid here does not work -->
+      <volume
+        path="~"
+        mountpoint="/lmn/media/%(USER)/home"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+      <volume
+        path="/srv/samba/schools/default-school/share"
+        mountpoint="/lmn/media/%(USER)/share"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+    insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
+
 - name: autostart default network for VMs
   file:
     src: /etc/libvirt/qemu/networks/default.xml
@@ -37,7 +46,6 @@
     comment: lmn sync user
     system: true
     create_home: false
-    shell: /usr/bin/false
 
 - name: create vm directory
   file:
@@ -172,38 +180,5 @@
 
 - name: sync .torrent, .xml and .desktop files and run update-desktop-database
   command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
-    #become: true
-    #become_user: lmnsynci
-    #become_method: su
-    #become_flags: '-s /usr/bin/bash'
   register: result
   changed_when: result.stdout | length > 0
-
-#### VMs
-#- name: Deploy initial image list
-#  copy:
-#    src: images.list
-#    dest: /var/lib/libvirt/images/images.list
-#    force: false
-#
-#- name: rsync VM image definitions
-#  command: >
-#    rsync -a --itemize-changes
-#    rsync://server:/vmimages-download/xml /var/lib/libvirt/images/
-#  become: true
-#  become_user: lmnsynci
-#  register: result
-#  changed_when: result.stdout | length > 0
-#  when: not run_in_installer | default(false) | bool
-#
-#- name: rsync VM images
-#  command: >
-#    rsync -a -i --files-from=/lmn/lib/libvirt/images/images.list
-#    rsync://server:/vmimages-download/ /var/lib/libvirt/images/
-#  become: true
-#  become_user: lmnsynci
-#  register: result
-#  changed_when: result.stdout | length > 0
-#  when: >
-#    false and not run_in_installer | default(false) | bool and (ansible_mounts |
-#    selectattr("mount", "equalto", "/") | list)[0].size_available > 80000000000

From fac98e9f091ed76c6449f4a8a4454677c8b7f5c6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 18 Aug 2023 13:23:22 +0200
Subject: [PATCH 341/504] Attempt to umount properly.

---
 roles/lmn_mount/tasks/main.yml |  4 +--
 roles/lmn_vm/files/u-mount.sh  | 51 ++++++++++++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml    | 25 +++++++----------
 3 files changed, 63 insertions(+), 17 deletions(-)
 create mode 100644 roles/lmn_vm/files/u-mount.sh

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 3f3dce2..ff633c8 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -16,7 +16,7 @@
     block: |
       <!-- mounts for home, share and nextcloud -->
       <volume
-        fstype="cifs"
+        fstype="lmn"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
@@ -71,7 +71,7 @@
     line: KillUserProcesses=yes
     insertafter: '#KillUserProcesses=no'
 
-- name: Bind mount lmn/media with nosuid directory
+- name: Bind mount /lmn/media with nosuid directory
   ansible.posix.mount:
     src: /lmn/media
     path: /lmn/media
diff --git a/roles/lmn_vm/files/u-mount.sh b/roles/lmn_vm/files/u-mount.sh
new file mode 100644
index 0000000..9537167
--- /dev/null
+++ b/roles/lmn_vm/files/u-mount.sh
@@ -0,0 +1,51 @@
+#!/usr/bin/bash
+#
+# <cifsmount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT) %(FSTYPE) %(OPTIONS) %(SERVER) %(VOLUME)</cifsmount>'
+# <umount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT)</umount>'
+
+set -eu
+
+systemd-cat echo $@
+
+LANG=C
+usr="$1"
+uid="$2"
+mtp="$3"
+
+if [[ "$#" -gt 3 ]] ; then
+    ## we are mounting
+    fty="$4"
+    opt="$5"
+    srv="$6"
+    vol="$7"
+    case "$fty" in
+	"davfs")
+	    systemd-cat echo mount -t davfs -o "$opt" "$vol" "$mtp"
+	    exec mount -t davfs -o "$opt" "$vol" "$mtp"
+	    ;;
+	"cifs")
+	    if [[ ! "$vol" =~ "sysvol" ]] ; then
+		home="$(getent passwd "$usr" | cut -d : -f 6)"
+		vol="default-school/"
+		mount -t cifs -o "$opt" "//$srv/$vol" "$mtp"
+		mkdir -p "/lmn/media/$usr/share"
+		mkdir -p "/lmn/media/$usr/home"
+		mount -o bind "/srv/samba/schools/default-school/share" "/lmn/media/$usr/share"
+		exec mount -o bind "$home" "/lmn/media/$usr/home"
+	    else
+		mount -t cifs -o "$opt" "//$srv/$vol" "$mtp"
+	    fi
+    esac
+else
+#    for VMname in $(sudo -u $user XDG_RUNTIME_DIR="/run/user/$uid" \
+#			 virsh list --state-running | grep running | awk '{print $2}'); do
+#	sudo -u $user XDG_RUNTIME_DIR="/run/user/$uid" virsh destroy $VMname
+#	sleep 1
+#    done
+    #killall -9 virtiofsd
+
+
+    umount "/lmn/media/$usr/share" && rmdir "/lmn/media/$usr/share"
+    umount "/lmn/media/$usr/home"  && rmdir "/lmn/media/$usr/home"
+    exec umount "$mtp"
+fi
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index c56df95..28658c2 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -14,25 +14,20 @@
     #    insertafter: '#auth_unix_rw = "polkit"'
     #  notify: reload libvirtd
 
-- name: Configure pam_mount for VMs
+- name: Generate bind mounts for VMs in extra mount script
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mounts for VMs) -->"
     block: |
-      <!-- bind mounts for the VMs, setting gid here does not work -->
-      <volume
-        path="~"
-        mountpoint="/lmn/media/%(USER)/home"
-        options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
-      <volume
-        path="/srv/samba/schools/default-school/share"
-        mountpoint="/lmn/media/%(USER)/share"
-        options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
-    insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
+      <lmnmount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT) %(FSTYPE) %(OPTIONS) %(VOLUME) "~"</lmnmount>'
+      <lmnumount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT)</lmnumount>'
+    insertafter: '^<mntoptions.*'
+
+- name: Prepare umount script
+  ansible.builtin.copy:
+    src: u-mount.sh
+    dest: /usr/local/sbin/u-mount.sh
+    mode: "0755"
 
 - name: autostart default network for VMs
   file:

From c59fb67ed0b8f17bc585914e98f099097df77c4e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 19 Aug 2023 14:26:58 +0200
Subject: [PATCH 342/504] Try smart umount as a simple solution (no credentials
 needed).

---
 roles/lmn_mount/tasks/main.yml   |  6 ++--
 roles/lmn_printer/tasks/main.yml |  3 +-
 roles/lmn_vm/files/pam-umount.sh | 40 +++++++++++++++++++++++++
 roles/lmn_vm/files/u-mount.sh    | 51 --------------------------------
 roles/lmn_vm/tasks/main.yml      | 30 +++++++++++++++----
 5 files changed, 70 insertions(+), 60 deletions(-)
 create mode 100644 roles/lmn_vm/files/pam-umount.sh
 delete mode 100644 roles/lmn_vm/files/u-mount.sh

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index ff633c8..195e85e 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -12,11 +12,11 @@
 - name: Configure pam_mount for LMN homes
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
-    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (mount LMN homes) -->"
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (mount LMN home) -->"
     block: |
-      <!-- mounts for home, share and nextcloud -->
+      <!-- mounts for home and nextcloud -->
       <volume
-        fstype="lmn"
+        fstype="cifs"
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 79f90b0..e6ce966 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -30,7 +30,8 @@
         path="sysvol/"
         mountpoint="/srv/samba/%(USER)/sysvol"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
     insertafter: "<!-- Volume definitions -->"
 
 - name: Create /etc/linuxmuster-linuxclient7 Directory
diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
new file mode 100644
index 0000000..d6a33df
--- /dev/null
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -0,0 +1,40 @@
+#!/usr/bin/bash
+#
+# <umount>/usr/local/sbin/pam-umount.sh %(USER) %(USERUID) %(MNTPT)</umount>'
+
+set -eu
+
+LANG=C
+usr="$1"
+uid="$2"
+mtp="$3"
+
+lmuh="/lmn/media/$usr/home"
+lmus="/lmn/media/$usr/share"
+
+for VMname in $(sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" \
+		     virsh list --state-running | grep running | awk '{print $2}'); do
+    sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" virsh destroy $VMname || true
+    sleep 1
+done
+#killall -9 virtiofsd
+
+if [[ "$mtp" =~ "/srv/samba/schools" ]] ; then
+    N=0
+    mh=true
+    ms=true
+    mountpoint -q $lmuh || mh=false
+    mountpoint -q $lmus || ms=false
+    while [[ $N -lt 10 ]] && ([[ $mh = true ]] || [[ $ms = true ]]) ; do
+	if [[ $mh = true ]] ; then
+	    umount "$lmuh" && mh=false
+	fi
+	if [[ $ms = true ]] ; then
+	    umount "$lmus" && ms=false
+	fi
+	N=$((N + 1))
+	sleep 1
+    done
+    systemd-cat echo "Tried $N umount(s)."
+fi
+exec umount "$mtp"
diff --git a/roles/lmn_vm/files/u-mount.sh b/roles/lmn_vm/files/u-mount.sh
deleted file mode 100644
index 9537167..0000000
--- a/roles/lmn_vm/files/u-mount.sh
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/usr/bin/bash
-#
-# <cifsmount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT) %(FSTYPE) %(OPTIONS) %(SERVER) %(VOLUME)</cifsmount>'
-# <umount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT)</umount>'
-
-set -eu
-
-systemd-cat echo $@
-
-LANG=C
-usr="$1"
-uid="$2"
-mtp="$3"
-
-if [[ "$#" -gt 3 ]] ; then
-    ## we are mounting
-    fty="$4"
-    opt="$5"
-    srv="$6"
-    vol="$7"
-    case "$fty" in
-	"davfs")
-	    systemd-cat echo mount -t davfs -o "$opt" "$vol" "$mtp"
-	    exec mount -t davfs -o "$opt" "$vol" "$mtp"
-	    ;;
-	"cifs")
-	    if [[ ! "$vol" =~ "sysvol" ]] ; then
-		home="$(getent passwd "$usr" | cut -d : -f 6)"
-		vol="default-school/"
-		mount -t cifs -o "$opt" "//$srv/$vol" "$mtp"
-		mkdir -p "/lmn/media/$usr/share"
-		mkdir -p "/lmn/media/$usr/home"
-		mount -o bind "/srv/samba/schools/default-school/share" "/lmn/media/$usr/share"
-		exec mount -o bind "$home" "/lmn/media/$usr/home"
-	    else
-		mount -t cifs -o "$opt" "//$srv/$vol" "$mtp"
-	    fi
-    esac
-else
-#    for VMname in $(sudo -u $user XDG_RUNTIME_DIR="/run/user/$uid" \
-#			 virsh list --state-running | grep running | awk '{print $2}'); do
-#	sudo -u $user XDG_RUNTIME_DIR="/run/user/$uid" virsh destroy $VMname
-#	sleep 1
-#    done
-    #killall -9 virtiofsd
-
-
-    umount "/lmn/media/$usr/share" && rmdir "/lmn/media/$usr/share"
-    umount "/lmn/media/$usr/home"  && rmdir "/lmn/media/$usr/home"
-    exec umount "$mtp"
-fi
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 28658c2..7c4423c 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -14,19 +14,39 @@
     #    insertafter: '#auth_unix_rw = "polkit"'
     #  notify: reload libvirtd
 
-- name: Generate bind mounts for VMs in extra mount script
+- name: Configure pam_mount for VM bind mounts
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mounts for VMs) -->"
     block: |
-      <lmnmount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT) %(FSTYPE) %(OPTIONS) %(VOLUME) "~"</lmnmount>'
-      <lmnumount>/usr/local/sbin/u-mount.sh %(USER) %(USERUID) %(MNTPT)</lmnumount>'
+      <!-- bind mounts for the VMs, setting gid here does not work -->
+      <volume
+        path="~"
+        mountpoint="/lmn/media/%(USER)/home"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+      <volume
+        path="/srv/samba/schools/default-school/share"
+        mountpoint="/lmn/media/%(USER)/share"
+        options="bind"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+    insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
+
+- name: Use umount script for proper ordering
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (umount script needed for bind mounts ordering) -->"
+    block: |
+      <!-- Provide special umount script here to handle bind mounts and proper ordering -->
+      <umount>/usr/local/sbin/pam-umount.sh %(USER) %(USERUID) %(MNTPT)</umount>
     insertafter: '^<mntoptions.*'
 
 - name: Prepare umount script
   ansible.builtin.copy:
-    src: u-mount.sh
-    dest: /usr/local/sbin/u-mount.sh
+    src: pam-umount.sh
+    dest: /usr/local/sbin/pam-umount.sh
     mode: "0755"
 
 - name: autostart default network for VMs

From 431acebfa3289c07f8ef4dbe62242caf97fa3703 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 2 Sep 2023 15:46:27 +0200
Subject: [PATCH 343/504] Make playbook more general: Split into general and
 specific roles, use variables.

---
 lmn-desktop.yml                               |  13 +-
 .../{lmn_kde => lmn_fvs}/files/fvs-config.js  |   0
 roles/lmn_fvs/files/lmn-patch-dolphin.sh      |  61 +++++++
 .../files/lmn-reset-dolphin.sh                |   0
 .../{lmn_kde => lmn_fvs}/files/policies.json  |   0
 roles/{lmn_kde => lmn_fvs}/files/pwroff       |   0
 .../{lmn_kde => lmn_fvs}/files/pwroff.service |   0
 roles/{lmn_kde => lmn_fvs}/files/pwroff.timer |   0
 roles/lmn_fvs/tasks/main.yml                  | 126 +++++++++++++++
 roles/lmn_kde/handlers/main.yml               |  12 --
 roles/lmn_kde/tasks/main.yml                  | 152 ++++--------------
 roles/lmn_mount/tasks/main.yml                |  23 ++-
 roles/lmn_network/tasks/main.yml              |   4 +-
 13 files changed, 247 insertions(+), 144 deletions(-)
 rename roles/{lmn_kde => lmn_fvs}/files/fvs-config.js (100%)
 create mode 100755 roles/lmn_fvs/files/lmn-patch-dolphin.sh
 rename roles/{lmn_kde => lmn_fvs}/files/lmn-reset-dolphin.sh (100%)
 rename roles/{lmn_kde => lmn_fvs}/files/policies.json (100%)
 rename roles/{lmn_kde => lmn_fvs}/files/pwroff (100%)
 rename roles/{lmn_kde => lmn_fvs}/files/pwroff.service (100%)
 rename roles/{lmn_kde => lmn_fvs}/files/pwroff.timer (100%)
 create mode 100644 roles/lmn_fvs/tasks/main.yml

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 3c30831..d6e3c01 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a FvS KDE desktop machine for LinuxMuster.
+## This playbook deploys a KDE desktop machine for LinuxMuster.
 ---
 - name: apply configuration to the machines
   hosts: all
@@ -24,6 +24,15 @@
   vars:
     domain: "{{ ansible_domain }}"
     kerberize_uris: steinbeis.schule
+    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
+    ntp_serv: server.pn.steinbeis.schule
+
+    ## PAM mount nextcloud, remove or leave empty to skip:
+    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
+
+    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
+    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
+
     rsyncsecret: Muster!
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
@@ -38,7 +47,6 @@
       - debconf-utils
       - ctorrent
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]
-    ansible_python_interpreter: "/usr/bin/python3"
 
   roles:
     - lmn_network
@@ -46,6 +54,7 @@
     - lmn_sssd
     - lmn_mount
     - lmn_kde
+    - lmn_fvs ## school specific customization
     - lmn_vm
     - lmn_printer
     - kerberize
diff --git a/roles/lmn_kde/files/fvs-config.js b/roles/lmn_fvs/files/fvs-config.js
similarity index 100%
rename from roles/lmn_kde/files/fvs-config.js
rename to roles/lmn_fvs/files/fvs-config.js
diff --git a/roles/lmn_fvs/files/lmn-patch-dolphin.sh b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
new file mode 100755
index 0000000..f5b060e
--- /dev/null
+++ b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+#
+# patch 'Tausch' and 'Nextcloud' into dolphin's bookmarks
+#
+set -eu
+
+file="${1:-$HOME/.local/share/user-places.xbel}"
+
+if grep -q "Tausch\|Nextcloud" "$file" ; then
+   echo "Your Dolphin seems to already contain 'Tausch' and/or 'Nextcloud'."
+   exit 0
+fi
+
+id="$(grep ID "$file" | sed -E "s|^.+ID>([[:digit:]]+)/([[:digit:]]+)</ID.+$|\1:\2|" \
+	    | sort -n -t: -k2 | tail -1 )"
+
+IDENTITY="${id%%:*}"
+NUM0="${id##*:}"
+NUM1=$(( NUM0 + 1 ))
+NUM2=$(( NUM0 + 2 ))
+
+patch="
+--- a/$file
++++ b/$file
+@@ -98,9 +98,33 @@
+     <isSystemItem>true</isSystemItem>
+    </metadata>
+   </info>
+  </bookmark>
++ <bookmark href=\"file:///srv/samba/schools/default-school/share\">
++  <title>Tausch</title>
++  <info>
++   <metadata owner=\"http://freedesktop.org\">
++    <bookmark:icon name=\"folder-publicshare\"/>
++   </metadata>
++   <metadata owner=\"http://www.kde.org\">
++    <ID>$IDENTITY/${NUM1}</ID>
++    <isSystemItem>true</isSystemItem>
++   </metadata>
++  </info>
++ </bookmark>
++ <bookmark href=\"file:///lmn/media/$USER/nextcloud\">
++  <title>Nextcloud</title>
++  <info>
++   <metadata owner=\"http://freedesktop.org\">
++    <bookmark:icon name=\"folder-cloud\"/>
++   </metadata>
++   <metadata owner=\"http://www.kde.org\">
++    <ID>$IDENTITY/${NUM2}</ID>
++    <isSystemItem>true</isSystemItem>
++   </metadata>
++  </info>
++ </bookmark>
+  <bookmark href=\"remote:/\">
+   <title>Network</title>
+   <info>
+    <metadata owner=\"http://freedesktop.org\">
+     <bookmark:icon name=\"folder-network\"/>
+"
+
+echo "$patch" | patch --fuzz=0 --backup "$file"
diff --git a/roles/lmn_kde/files/lmn-reset-dolphin.sh b/roles/lmn_fvs/files/lmn-reset-dolphin.sh
similarity index 100%
rename from roles/lmn_kde/files/lmn-reset-dolphin.sh
rename to roles/lmn_fvs/files/lmn-reset-dolphin.sh
diff --git a/roles/lmn_kde/files/policies.json b/roles/lmn_fvs/files/policies.json
similarity index 100%
rename from roles/lmn_kde/files/policies.json
rename to roles/lmn_fvs/files/policies.json
diff --git a/roles/lmn_kde/files/pwroff b/roles/lmn_fvs/files/pwroff
similarity index 100%
rename from roles/lmn_kde/files/pwroff
rename to roles/lmn_fvs/files/pwroff
diff --git a/roles/lmn_kde/files/pwroff.service b/roles/lmn_fvs/files/pwroff.service
similarity index 100%
rename from roles/lmn_kde/files/pwroff.service
rename to roles/lmn_fvs/files/pwroff.service
diff --git a/roles/lmn_kde/files/pwroff.timer b/roles/lmn_fvs/files/pwroff.timer
similarity index 100%
rename from roles/lmn_kde/files/pwroff.timer
rename to roles/lmn_fvs/files/pwroff.timer
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
new file mode 100644
index 0000000..c9b331a
--- /dev/null
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -0,0 +1,126 @@
+---
+- name: Preseed wireshark to allow users sniffing packets
+  ansible.builtin.debconf:
+    name: wireshark-common
+    question: wireshark-common/install-setuid
+    value: 'true'
+    vtype: boolean
+
+- name: Preseed ttf-mscorefonts-installer
+  ansible.builtin.debconf:
+    name: ttf-mscorefonts-installer
+    question: msttcorefonts/dlurl
+    value: "{{ mirror_msfonts }}"
+    vtype: string
+  when: mirror_msfonts is defined and mirror_msfonts | length > 0
+
+
+- name: Install desktop EDU packages and some more
+  apt:
+    name:
+      - atftp
+      - curl
+      - elpa-color-theme-modern
+      - elpa-magit
+      - emacs
+      - git
+      - gitg
+      - gitk
+      - neovim
+      - net-tools
+      - netcat-openbsd
+      - nmap
+      - pulseview
+      - sigrok
+      - sigrok-cli
+      - tmux
+      - tree
+      - ttf-mscorefonts-installer
+      - wireshark
+    autoremove: true
+    state: latest
+  environment:
+    http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
+
+
+- name: Allow users to dump packets for wireshark without group membership
+  ansible.builtin.file:
+    path: /usr/bin/dumpcap
+    mode: '0755'
+
+
+- name: Create firefox policies directory
+  ansible.builtin.file:
+    path: /etc/firefox-esr/policies
+    state: directory
+    mode: '0755'
+
+- name: Create a symbolic link firefox to firefox-esr
+  ansible.builtin.file:
+    src: /etc/firefox-esr
+    dest: /etc/firefox
+    state: link
+
+- name: Copy firefox policy
+  ansible.builtin.copy:
+    src: policies.json
+    dest: /etc/firefox-esr/policies/
+
+
+- name: Copy pwroff script
+  copy:
+    src: pwroff
+    dest: /usr/local/sbin/
+    mode: 0755
+
+- name: Provide service and timer for pwroff script
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
+  with_items:
+    - pwroff.service
+    - pwroff.timer
+
+- name: Enable pwroff.timer
+  systemd:
+    name: pwroff.timer
+    enabled: true
+
+
+- name: Copy dolphin config scripts
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: /usr/local/bin/
+    mode: 0755
+  loop:
+    - lmn-reset-dolphin.sh
+    - lmn-patch-dolphin.sh
+
+
+- name: Copy fvs-config.js to configure plasma
+  ansible.builtin.copy:
+    src: fvs-config.js
+    dest: /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js
+    mode: 0644
+
+
+- name: Restrict some user actions
+  blockinfile:
+    path: /etc/xdg/kdeglobals
+    create: true
+    block: |
+      [KDE Action Restrictions][$i]
+      action/start_new_session=false
+      #action/switch_user=false
+      #action/lock_screen=false
+
+#- name: Disable automatic lock screen and user specific modifications
+#  ansible.builtin.copy:
+#    path: /etc/xdg/kscreenlockerrc
+#    create: true
+#    content: |
+#      [Daemon][$i]
+#      Autolock=false
+#      LockOnResume=false
+#
diff --git a/roles/lmn_kde/handlers/main.yml b/roles/lmn_kde/handlers/main.yml
index 1a21074..e2b8cdf 100644
--- a/roles/lmn_kde/handlers/main.yml
+++ b/roles/lmn_kde/handlers/main.yml
@@ -1,14 +1,2 @@
 - name: Run update-grub
   command: update-grub
-
-- name: Enable tmp.mount
-  systemd:
-    daemon_reload: yes
-    name: tmp.mount
-    enabled: yes
-  listen: enable tmp.mount
-
-- name: enable pwroff.timer
-  systemd:
-    name: pwroff.timer
-    enabled: true
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index afd969e..74bed30 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -1,74 +1,39 @@
 ---
-- name: Preseed wireshark to allow users sniffing packets
-  ansible.builtin.debconf:
-    name: wireshark-common
-    question: wireshark-common/install-setuid
-    value: 'true'
-    vtype: boolean
-
-- name: Preseed ttf-mscorefonts-installer
-  ansible.builtin.debconf:
-    name: ttf-mscorefonts-installer
-    question: msttcorefonts/dlurl
-    value: http://livebox.pn.steinbeis.schule/mscorefonts/
-    vtype: string
-
-- name: Install desktop EDU packages and some more
+- name: Install desktop and educational packages
   apt:
     name:
-      - task-kde-desktop
-      - task-german-kde-desktop
-      - task-german-desktop
-      - xdg-desktop-portal-kde
-      - xdg-desktop-portal-wlr # share screen in browser
-      - kde-full
       - akonadi-backend-sqlite
-      - thunderbird-l10n-de
-      - webext-privacy-badger
-      - webext-ublock-origin-firefox
-      - webext-ublock-origin-chromium
-      - atftp
-      - emacs
-      - elpa-magit
-      - elpa-color-theme-modern
-      - vlc
+      - arduino
+      - bluefish
+      - codeblocks
+      - dia
+      - flameshot
+      - freecad
+      - ghex
       - gimp
       - inkscape
-      - flameshot
-      - bluefish
-      - git
-      - gitk
-      - gitg
-      - wireshark
-      - nmap
-      - netcat-openbsd
-      - net-tools
-      - ghex
-      - thonny
-      - spyder
+      - kde-full
+      - keepassxc
+      - librecad
       - mu-editor
-      - dia
-      - vym
-      - tree
+      - qtcreator
+      - spyder
       - sqlite3
       - sqlitebrowser
-      - neovim
-      - qtcreator
-      - freecad
-      - librecad
-      - arduino
-      - keepassxc
-      - tmux
-      - curl
-      - pulseview
-      - sigrok
-      - sigrok-cli
-      - codeblocks
-      - ttf-mscorefonts-installer
+      - task-german-desktop
+      - task-german-kde-desktop
+      - task-kde-desktop
+      - thonny
+      - thunderbird-l10n-de
+      - vlc
+      - vym
+      - webext-privacy-badger
+      - webext-ublock-origin-chromium
+      - webext-ublock-origin-firefox
+      - xdg-desktop-portal-kde
+      - xdg-desktop-portal-wlr # share screen in browser
     autoremove: true
     state: latest
-  environment:
-    http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
 
 - name: Add {{ ansible_distribution_release }}-backports
   apt_repository:
@@ -88,14 +53,6 @@
     default_release: "{{ ansible_distribution_release }}-backports"
 
 
-- name: Enable splash screen
-  replace:
-    dest: "/etc/default/grub"
-    regexp: '"quiet"$'
-    replace: '"quiet splash"'
-  notify: Run update-grub
-
-
 - name: Create akonadi config dir
   ansible.builtin.file:
     path: /etc/xdg/akonadi/
@@ -111,12 +68,6 @@
       Driver=QSQLITE3
 
 
-- name: Allow users to dump packets for wireshark without group membership
-  ansible.builtin.file:
-    path: /usr/bin/dumpcap
-    mode: '0755'
-
-
 - name: Add home dirs to apparmor
   lineinfile:
     dest: /etc/apparmor.d/tunables/home.d/ubuntu
@@ -125,24 +76,6 @@
       /srv/samba/schools/default-school/students/*/
 
 
-- name: Create firefox policies directory
-  ansible.builtin.file:
-    path: /etc/firefox-esr/policies
-    state: directory
-    mode: '0755'
-
-- name: Create a symbolic link firefox to firefox-esr
-  ansible.builtin.file:
-    src: /etc/firefox-esr
-    dest: /etc/firefox
-    state: link
-
-- name: copy policy
-  ansible.builtin.copy:
-    src: policies.json
-    dest: /etc/firefox-esr/policies/
-
-
 - name: tune SDDM login
   blockinfile:
     path: /etc/sddm.conf
@@ -172,35 +105,14 @@
       AllowHybridSleep=no
 
 
-- name: Copy pwroff script
-  copy:
-    src: pwroff
-    dest: /usr/local/sbin/
-    mode: 0755
-
-- name: Provide service and timer for pwroff script
-  copy:
-    src: "{{ item }}"
-    dest: "/etc/systemd/system/{{ item }}"
-    mode: 0644
-  with_items:
-    - pwroff.service
-    - pwroff.timer
-  notify: enable pwroff.timer
-
-- name: copy lmn-reset-dolphin.sh
-  ansible.builtin.copy:
-    src: lmn-reset-dolphin.sh
-    dest: /usr/local/bin/
-    mode: 0755
-
-- name: Copy fvs-config.js to configure plasma
-  ansible.builtin.copy:
-    src: fvs-config.js
-    dest: /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js
-    mode: 0644
-
 ################# general settings ##################
+- name: Enable boot splash screen
+  replace:
+    dest: "/etc/default/grub"
+    regexp: '"quiet"$'
+    replace: '"quiet splash"'
+  notify: Run update-grub
+
 - name: Protect grub menu entries
   blockinfile:
     path: /etc/grub.d/40_custom
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 195e85e..969f188 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -9,12 +9,26 @@
       - davfs2
     state: latest
 
+- name: Configure pam_mount for Webdav Nextcloud
+  blockinfile:
+    dest: /etc/security/pam_mount.conf.xml
+    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (mount Nextcloud) -->"
+    block: |
+      <volume
+        fstype="davfs"
+        path="{{ web_dav }}"
+        mountpoint="/lmn/media/%(USER)/nextcloud"
+        options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+      </volume>
+    insertafter: "<!-- Volume definitions -->"
+  when: web_dav is defined and web_dav | length > 0
+
 - name: Configure pam_mount for LMN homes
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (mount LMN home) -->"
     block: |
-      <!-- mounts for home and nextcloud -->
       <volume
         fstype="cifs"
         server="{{ smb_server }}"
@@ -23,13 +37,6 @@
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
       </volume>
-      <volume
-        fstype="davfs"
-        path="https://nc.steinbeis.schule/remote.php/dav/files/%(USER)"
-        mountpoint="/lmn/media/%(USER)/nextcloud"
-        options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
-      </volume>
     insertafter: "<!-- Volume definitions -->"
 
 
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 58b5c15..0cbd144 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -4,10 +4,10 @@
   ansible.builtin.copy:
     dest: /etc/apt/apt.conf
     content: >
-      Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
+      {{ apt_conf }}
 
 - name: set ntp Server
   ansible.builtin.lineinfile:
     path: /etc/systemd/timesyncd.conf
     insertafter: '^#NTP='
-    line: NTP=server.pn.steinbeis.schule
+    line: NTP={{ ntp_serv }}

From 7d7301f67dfdc59cbaf56e9d2c85ebd03dcc2b95 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 2 Sep 2023 16:06:15 +0200
Subject: [PATCH 344/504] Try umounting multiple times.

---
 roles/lmn_vm/files/pam-umount.sh | 45 +++++++++++++++++++++++---------
 1 file changed, 32 insertions(+), 13 deletions(-)

diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
index d6a33df..1f02ac5 100644
--- a/roles/lmn_vm/files/pam-umount.sh
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -4,25 +4,35 @@
 
 set -eu
 
-LANG=C
 usr="$1"
 uid="$2"
 mtp="$3"
 
-lmuh="/lmn/media/$usr/home"
-lmus="/lmn/media/$usr/share"
+shutdownVMs(){
+    local VMs VM
+    VMs="$(machinectl list --no-legend)"
+    if [[ -n "$VMs" ]] ; then
+	for VM in $VMs ; do
+	    machinectl poweroff "$VM{VM%% *}" || true
+	done
+	sleep 3
+    fi
+    ## Check again:
+    VMs="$(machinectl list --no-legend)"
+    if [[ -n "$VMs" ]] ; then
+	sleep 3
+	for VM in $VMs ; do
+	    machinectl terminate "${VM%% *}" || true
+	done
+    fi
+    #killall -9 virtiofsd
+}
 
-for VMname in $(sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" \
-		     virsh list --state-running | grep running | awk '{print $2}'); do
-    sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" virsh destroy $VMname || true
-    sleep 1
-done
-#killall -9 virtiofsd
+unbindmnt(){
+    local lmuh="/lmn/media/$usr/home"
+    local lmus="/lmn/media/$usr/share"
+    local N=0 mh=true ms=true
 
-if [[ "$mtp" =~ "/srv/samba/schools" ]] ; then
-    N=0
-    mh=true
-    ms=true
     mountpoint -q $lmuh || mh=false
     mountpoint -q $lmus || ms=false
     while [[ $N -lt 10 ]] && ([[ $mh = true ]] || [[ $ms = true ]]) ; do
@@ -36,5 +46,14 @@ if [[ "$mtp" =~ "/srv/samba/schools" ]] ; then
 	sleep 1
     done
     systemd-cat echo "Tried $N umount(s)."
+}
+
+######################
+
+if [[ "$mtp" =~ "/srv/samba/schools" ]] ; then
+    shutdownVMs
+    unbindmnt
 fi
+
+## Just umount:
 exec umount "$mtp"

From 2078fab902701cdf4551fc6f0abdcee24b9a4f84 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 11:37:59 +0200
Subject: [PATCH 345/504] solve conflicts with multiple parallel ctorrents

---
 roles/lmn_vm/files/sync-vm.sh | 35 ++++++++++++++++++++++++++++++-----
 1 file changed, 30 insertions(+), 5 deletions(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index e0ee196..195ab92 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -23,14 +23,39 @@ download_image() {
 }
 
 torrent_image() {
-    if [[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
-      cd /lmn/vm
-      ctorrent -e 0 "${VM_NAME}.qcow2.torrent"
-      /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
-    else
+    if [[ ! -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
       echo "No torrent-File found"
       exit 1
     fi
+    lockfile="/tmp/sync-vm-${VM_NAME}.lock"
+    if ! flock -n "$lockfile" echo "try to acquire lock"; then
+      echo torrent seems to be in process.
+      echo waiting for completion ...
+      flock -w 3600 "$lockfile" echo "...completed"
+      sleep 5
+    else
+      (
+        if ! flock -n 200; then
+	  echo "failed to acquire lock"
+	  echo "Bitte noch einmal starten."
+          echo "Beliebige Taste zum Beenden."
+	  read -n 1
+	  exit 1
+        fi
+        torrent="${VM_NAME}.qcow2.torrent"
+        session="${torrent//./_}"
+        if vmimage-torrent status | grep -qw ^"$session"; then
+          vmimage-torrent stop "${VM_NAME}.qcow2"
+        fi
+        cd /lmn/vm
+        ctorrent -e 0 "${VM_NAME}.qcow2.torrent"
+        /usr/local/bin/vmimage-torrent restart "${VM_NAME}.qcow2"
+        if ! flock -u 200; then
+	  echo failed to drop lock
+	  exit 1
+	fi
+      ) 200>"$lockfile"
+    fi
 }
 
 sync_all_images() {

From 0b93fc2ba50b334668c9beb3c5813f60bda5e3c8 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 11:38:39 +0200
Subject: [PATCH 346/504] kerberize chromium

---
 roles/kerberize/tasks/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index aab5553..b117895 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -31,3 +31,11 @@
     - 'pref("network.negotiate-auth.delegation-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
     - 'pref("network.negotiate-auth.trusted-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
   when: firefox.stat.exists
+
+- name: kerberize chromium for sites in the local domain
+  copy:
+    dest: /etc/chromium/policies/managed/idam.json
+    content: |
+      {
+        "AuthServerAllowlist": "idam.steinbeis.schule"
+      }

From f7eba29ba4a95dc6822c3663e73e3a2d373c06f7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 2 Sep 2023 18:57:41 +0200
Subject: [PATCH 347/504] Add some IDE packages. Thanks to Rolf Haist.

---
 roles/lmn_fvs/tasks/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index c9b331a..5a1fd9c 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -19,6 +19,8 @@
   apt:
     name:
       - atftp
+      - codelite
+      - codelite-plugins
       - curl
       - elpa-color-theme-modern
       - elpa-magit
@@ -26,6 +28,7 @@
       - git
       - gitg
       - gitk
+      - libnotify-bin ## needed for pwroff script
       - neovim
       - net-tools
       - netcat-openbsd

From 51cb0a28041a41255f6c0905b92c411f9dfb6b99 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 3 Sep 2023 20:25:34 +0200
Subject: [PATCH 348/504] Fixes and improvements for power/logout handling.

---
 roles/lmn_fvs/files/pwroff   |  2 +-
 roles/lmn_fvs/tasks/main.yml | 13 ++++++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_fvs/files/pwroff b/roles/lmn_fvs/files/pwroff
index 56b9d22..f95d5b7 100755
--- a/roles/lmn_fvs/files/pwroff
+++ b/roles/lmn_fvs/files/pwroff
@@ -30,7 +30,7 @@ if ! t=$(talk2dbus qdbus org.kde.screensaver /ScreenSaver GetActiveTime) ; then
     echo "No graphical logins found."
 else
     idle=$(( t / 1000 ))
-    if [[ $idle -gt $maxidle ]] ; then
+    if [[ $idle -gt $maxidle ]] && [[ ! -d "/srv/samba/schools/default-school/teachers/" ]] ; then
         talk2dbus notify-send -i system-shutdown -u critical -a 'Important System Information' \
 	          'Please log out, the system will shut down soon!' \
 	          'There has been no activity for too long.'
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 5a1fd9c..e1c7102 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -108,16 +108,27 @@
     mode: 0644
 
 
-- name: Restrict some user actions
+- name: Configure some KDE aspects
   blockinfile:
     path: /etc/xdg/kdeglobals
     create: true
     block: |
+      [KDE]
+      SingleClick=false
+
       [KDE Action Restrictions][$i]
       action/start_new_session=false
       #action/switch_user=false
       #action/lock_screen=false
 
+- name: Shut down when idle for too long
+  ansible.builtin.copy:
+    dest: /etc/xdg/powermanagementprofilesrc
+    content: |
+      [AC][SuspendSession][$i]
+      idleTime=36000000
+      suspendType=8
+
 #- name: Disable automatic lock screen and user specific modifications
 #  ansible.builtin.copy:
 #    path: /etc/xdg/kscreenlockerrc

From 7fd6c769960648152a176576bc7c732ac335cb6d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 07:59:43 +0200
Subject: [PATCH 349/504] Use a service for virtiofs for better control.

---
 roles/lmn_vm/files/create-clone.sh    |  2 +-
 roles/lmn_vm/files/start-virtiofsd.sh | 26 +++-----------------------
 roles/lmn_vm/files/virtiofs@.service  | 14 ++++++++++++++
 roles/lmn_vm/tasks/main.yml           |  7 ++++++-
 4 files changed, 24 insertions(+), 25 deletions(-)
 create mode 100644 roles/lmn_vm/files/virtiofs@.service

diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
index 1da0640..04d7a78 100755
--- a/roles/lmn_vm/files/create-clone.sh
+++ b/roles/lmn_vm/files/create-clone.sh
@@ -40,4 +40,4 @@ sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
 sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
 
 # set virtiofs-Socket
-sed -i "s:VIRTIOFSSOCKET:${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock:" "${VM_XML}"
+sed -i "s:VIRTIOFSSOCKET:/run/virtiofsd/${VM_NAME}-clone.sock:" "${VM_XML}"
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index 4c6ae0e..f346397 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -10,27 +10,7 @@ if [[  $# -ne 1 ]]; then
 fi
 
 VM_NAME="$1"
-XDG_RUNTIME_DIR="/run/user/${SUDO_UID}"
+## Make sure VMs can read the base directory:
+chgrp 1010 "/lmn/media/${SUDO_USER}"
 
-if ! [[ -d "${XDG_RUNTIME_DIR}/virtiofs" ]]; then
-       mkdir "${XDG_RUNTIME_DIR}/virtiofs/"
-       chown "${SUDO_UID}" "${XDG_RUNTIME_DIR}/virtiofs/"
-fi
-
-if [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]] ; then
-    /usr/bin/rm "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
-fi
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
-#     --socket-group="${SUDO_USER}" --announce-submounts -o source="/media/${USER}" > /dev/null &
-#sudo /usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
-#     --socket-group="${SUDO_USER}" -o source="/media/${USER}" > /dev/null &
-
-/usr/lib/qemu/virtiofsd --socket-path="${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" \
-			-o source="/lmn/media/${SUDO_USER}/" &
-
-# Wait until socket-File exists and chown to user
-until [[ -S "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock" ]]; do
-    echo "waiting for ${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
-    sleep 0.1
-done
-/usr/bin/chown "${SUDO_USER}" "${XDG_RUNTIME_DIR}/virtiofs/${VM_NAME}-clone.sock"
+systemctl restart virtiofs@${VM_NAME}-clone:${SUDO_USER}.service
diff --git a/roles/lmn_vm/files/virtiofs@.service b/roles/lmn_vm/files/virtiofs@.service
new file mode 100644
index 0000000..2a436b6
--- /dev/null
+++ b/roles/lmn_vm/files/virtiofs@.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=share home folders via virtiofsd
+## $I is split into two parameters: VM:USER
+
+[Service]
+Type=exec
+ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/lib/qemu/virtiofsd --socket-path="/run/virtiofsd/$${soc}.sock" -o source="/lmn/media/$${usr}"'
+ExecStartPost=chmod 755 /run/virtiofsd/
+ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofsd/$${soc}.sock"'
+ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofsd/$${soc}.sock"'
+SuccessExitStatus=1
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 7c4423c..072517a 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -137,9 +137,14 @@
     dest: /etc/systemd/system/
     owner: root
     group: root
-    mode: '0755'
+    mode: '0644'
   notify: "enable vmimage-torrent.service"
 
+- name: Deploy virtiofs service
+  copy:
+    src: virtiofs@.service
+    dest: /etc/systemd/system/
+
 - name: Deploy bridge.conf needed for qemu session mode
   lineinfile:
     path: /etc/qemu/bridge.conf

From 5f5e9c53a684be3d4e445750c87a261e184d7e80 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 11:52:26 +0200
Subject: [PATCH 350/504] create chromium config directory

---
 roles/kerberize/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index b117895..25ec4db 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -32,6 +32,11 @@
     - 'pref("network.negotiate-auth.trusted-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
   when: firefox.stat.exists
 
+- name: ensures /etc/chromium/policies/managed dir exists
+  file: 
+    path: "/etc/chromium/policies/managed"
+    state: directory
+
 - name: kerberize chromium for sites in the local domain
   copy:
     dest: /etc/chromium/policies/managed/idam.json

From 3ea922c263eae3266a5a1339216c0b8b8e996737 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 12:31:51 +0200
Subject: [PATCH 351/504] Clean up proxy configuraton.

---
 lmn-desktop.yml                   |  2 ++
 roles/lmn_network/tasks/main.yml  |  8 ++++++++
 roles/lmn_packages/tasks/main.yml | 15 ---------------
 roles/lmn_vm/files/lmn-proxy.sh   |  4 ----
 roles/lmn_vm/tasks/main.yml       |  6 ------
 5 files changed, 10 insertions(+), 25 deletions(-)
 delete mode 100644 roles/lmn_packages/tasks/main.yml
 delete mode 100755 roles/lmn_vm/files/lmn-proxy.sh

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d6e3c01..b079a23 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -26,6 +26,8 @@
     kerberize_uris: steinbeis.schule
     apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
     ntp_serv: server.pn.steinbeis.schule
+    proxy: http://firewall.pn.steinbeis.schule:3128
+    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
 
     ## PAM mount nextcloud, remove or leave empty to skip:
     web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 0cbd144..3a51738 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -1,4 +1,12 @@
 ---
+- name: Deploy http proxy config
+  copy:
+    dest: /etc/environment.d/10-lmn-proxy.conf
+    content: |
+      http_proxy="{{ proxy }}"
+      https_proxy="{{ proxy }}"
+      ftp_proxy="{{ proxy }}"
+      no_proxy="{{ no_proxy }}"
 
 - name: set aptcache
   ansible.builtin.copy:
diff --git a/roles/lmn_packages/tasks/main.yml b/roles/lmn_packages/tasks/main.yml
deleted file mode 100644
index 66ef006..0000000
--- a/roles/lmn_packages/tasks/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: install additional packages
-  apt:
-    name:
-      - ttf-mscorefonts-installer
-      - sqlite3
-      - sqlitebrowser
-      - neovim
-    state: latest
-    autoremove: true
-  environment:
-    http_proxy: http://firewall.pn.steinbeis.schule:3128
-    https_proxy: http://firewall.pn.steinbeis.schule:3128
-
-
diff --git a/roles/lmn_vm/files/lmn-proxy.sh b/roles/lmn_vm/files/lmn-proxy.sh
deleted file mode 100755
index e0c4e15..0000000
--- a/roles/lmn_vm/files/lmn-proxy.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-export http_proxy='http://firewall.pn.steinbeis.schule:3128'
-export https_proxy=$http_proxy
-export ftp_proxy=$http_proxy
-export no_proxy=firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 072517a..4e8a0a8 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -164,12 +164,6 @@
     path: /usr/lib/qemu/qemu-bridge-helper
     mode: '4755'
 
-- name: Deploy http proxy config
-  copy:
-    src: lmn-proxy.sh
-    dest: /etc/profile.d/
-    mode: '0644'
-
 - name: Create directory for local .desktop-Files
   ansible.builtin.file:
     path: "{ item }"

From da71eed94b1d26e132cd9e5c3b552b4a0360b9c0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 13:20:17 +0200
Subject: [PATCH 352/504] Clean up VM scripts a bit.

---
 roles/lmn_vm/files/create-clone.sh    | 43 -------------
 roles/lmn_vm/files/run-vm.sh          | 92 +++++++++++++++++----------
 roles/lmn_vm/files/start-virtiofsd.sh |  2 +-
 roles/lmn_vm/files/virtiofs@.service  |  9 +--
 roles/lmn_vm/tasks/main.yml           |  1 -
 5 files changed, 66 insertions(+), 81 deletions(-)
 delete mode 100755 roles/lmn_vm/files/create-clone.sh

diff --git a/roles/lmn_vm/files/create-clone.sh b/roles/lmn_vm/files/create-clone.sh
deleted file mode 100755
index 04d7a78..0000000
--- a/roles/lmn_vm/files/create-clone.sh
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/usr/bin/bash
-# create VM clone
-
-set -eu
-
-# if less or more than one arguments supplied, display usage
-if [[ $# -ne 1 ]]; then
-    echo "This script takes as input the name of the VM to clone" >&2
-    echo "Usage: $0 vm_name" >&2
-    exit 1
-fi
-
-# change to image-directory
-cd /lmn/vm
-
-VM_NAME=$1
-VM_DIR="/tmp/${UID}/vm"
-VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
-
-if ! [[ -f "${VM_NAME}.xml" && -f "${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
-    echo "xml or qcow2 File does not exists." >&2
-    exit 1
-fi
-
-# Create User-VM-Dir and link system VM-Images
-[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
-sudo /usr/local/bin/link-images.sh
-
-# Create backing file
-cd "${VM_DIR}"
-qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
-
-# Create machine-definition-file
-cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
-
-# set VM_DIR:
-sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
-
-# and actually rename the vm (this also updates part of the storage path):
-sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
-
-# set virtiofs-Socket
-sed -i "s:VIRTIOFSSOCKET:/run/virtiofsd/${VM_NAME}-clone.sock:" "${VM_XML}"
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index 30deedf..45f5685 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -21,36 +21,6 @@ exit_script() {
     kill -- -$$ # Sends SIGTERM to child/sub processes
 }
 
-QEMU='qemu:///session'
-
-NEWCLONE=0
-
-while getopts ':ns' OPTION; do
-    case "$OPTION" in
-        n)
-            NEWCLONE=1
-            ;;
-        s)
-            QEMU='qemu:///system'
-            ;;
-        ?)
-        show_help
-        exit 1
-        ;;
-    esac
-done
-
-shift "$((OPTIND -1))"
-
-# if less than one arguments supplied, display usage
-if [[  $# -ne 1 ]] ; then
-    show_help
-    exit 1
-fi
-
-VM_NAME=$1
-VM_DIR="/tmp/${UID}/vm"
-
 check_images() {
    # sync vm-torrents and machine definition file
    sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
@@ -99,7 +69,65 @@ check_images() {
    echo "VM-Image and required backingfiles available and checked"
 }
 
-#################
+create-clone() {
+    local VM_NAME="$1"
+    local VM_DIR="/tmp/${UID}/vm"
+    local VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
+    local VM_SYSDIR="/lmn/vm"
+
+    if ! [[ -f "$VM_SYSDIR/${VM_NAME}.xml" && -f "$VM_SYSDIR/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
+	echo "xml or qcow2 File does not exists." >&2
+	exit 1
+    fi
+
+    # Create User-VM-Dir and link system VM-Images
+    [[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
+    sudo /usr/local/bin/link-images.sh
+
+    # Create backing file
+    cd "${VM_DIR}"
+    qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
+
+    # Create machine-definition-file
+    cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
+
+    # set VM_DIR:
+    sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
+    # and actually rename the vm (this also updates part of the storage path):
+    sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
+    # set virtiofs-Socket
+    sed -i "s:VIRTIOFSSOCKET:/run/virtiofs/${VM_NAME}-clone.sock:" "${VM_XML}"
+}
+
+QEMU='qemu:///session'
+
+NEWCLONE=0
+
+while getopts ':ns' OPTION; do
+    case "$OPTION" in
+        n)
+            NEWCLONE=1
+            ;;
+        s)
+            QEMU='qemu:///system'
+            ;;
+        ?)
+        show_help
+        exit 1
+        ;;
+    esac
+done
+
+shift "$((OPTIND -1))"
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 1 ]] ; then
+    show_help
+    exit 1
+fi
+
+VM_NAME=$1
+VM_DIR="/tmp/${UID}/vm"
 
 # check, if we have to start squid
 if ! killall -s 0 squid; then
@@ -114,7 +142,7 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     echo "VM not yet running."
     check_images
     if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
-        create-clone.sh "${VM_NAME}"
+        create-clone "${VM_NAME}"
     fi
     # delete the old vm
     virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index f346397..da06c74 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -13,4 +13,4 @@ VM_NAME="$1"
 ## Make sure VMs can read the base directory:
 chgrp 1010 "/lmn/media/${SUDO_USER}"
 
-systemctl restart virtiofs@${VM_NAME}-clone:${SUDO_USER}.service
+systemctl start virtiofs@${VM_NAME}-clone:${SUDO_USER}.service
diff --git a/roles/lmn_vm/files/virtiofs@.service b/roles/lmn_vm/files/virtiofs@.service
index 2a436b6..a54865c 100644
--- a/roles/lmn_vm/files/virtiofs@.service
+++ b/roles/lmn_vm/files/virtiofs@.service
@@ -4,10 +4,11 @@ Description=share home folders via virtiofsd
 
 [Service]
 Type=exec
-ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/lib/qemu/virtiofsd --socket-path="/run/virtiofsd/$${soc}.sock" -o source="/lmn/media/$${usr}"'
-ExecStartPost=chmod 755 /run/virtiofsd/
-ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofsd/$${soc}.sock"'
-ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofsd/$${soc}.sock"'
+ExecStartPre=/usr/bin/mkdir -p /run/virtiofs/
+ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/lib/qemu/virtiofsd --socket-path="/run/virtiofs/$${soc}.sock" -o source="/lmn/media/$${usr}"'
+ExecStartPost=/usr/bin/chmod 755 /run/virtiofs/
+ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofs/$${soc}.sock"'
+ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofs/$${soc}.sock"'
 SuccessExitStatus=1
 
 [Install]
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 4e8a0a8..4c09f69 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -114,7 +114,6 @@
     - mounthome.sh
     - create-vm.sh
     - rebase-vm.sh
-    - create-clone.sh
     - run-vm.sh
     - upload-vm.sh
     - sync-vm.sh

From 6c69d4ce4dfe776f7c8f6c04791c63f33b7c9aba Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 13:40:24 +0200
Subject: [PATCH 353/504] Fix permissions for VM access.

---
 roles/lmn_vm/files/start-virtiofsd.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index da06c74..32dfae1 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -10,7 +10,9 @@ if [[  $# -ne 1 ]]; then
 fi
 
 VM_NAME="$1"
+
 ## Make sure VMs can read the base directory:
 chgrp 1010 "/lmn/media/${SUDO_USER}"
+chmod 0775 "/lmn/media/${SUDO_USER}"
 
 systemctl start virtiofs@${VM_NAME}-clone:${SUDO_USER}.service

From 7756c30bb50734adbdfdf2c3a6329a8c2145d334 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 13:53:08 +0200
Subject: [PATCH 354/504] Avoid lmnsynci as owner for /lmn.

---
 roles/lmn_vm/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 4c09f69..82ddd0a 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -62,6 +62,11 @@
     system: true
     create_home: false
 
+- name: create vm directory
+  file:
+    path: /lmn
+    state: directory
+
 - name: create vm directory
   file:
     path: /lmn/vm

From 11042c2e522448dc6be91223594589000909c2d9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 4 Sep 2023 19:43:51 +0200
Subject: [PATCH 355/504] Reduce system load and network traffic on login.

---
 roles/lmn_fvs/tasks/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index e1c7102..ebd519d 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -129,6 +129,13 @@
       idleTime=36000000
       suspendType=8
 
+- name: Start with empty session by default
+  ansible.builtin.copy:
+    dest: /etc/xdg/ksmserverrc
+    content: |
+      [General]
+      loginMode=emptySession
+
 #- name: Disable automatic lock screen and user specific modifications
 #  ansible.builtin.copy:
 #    path: /etc/xdg/kscreenlockerrc

From a1e47cf64bdeb76a03958fbd18934acfd886cf93 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 5 Sep 2023 09:41:44 +0200
Subject: [PATCH 356/504] Umount script: Kill blocking processes and destroy
 VMs.

---
 roles/lmn_vm/files/pam-umount.sh | 56 ++++++++++----------------------
 1 file changed, 18 insertions(+), 38 deletions(-)

diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
index 1f02ac5..22b88d9 100644
--- a/roles/lmn_vm/files/pam-umount.sh
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -9,50 +9,30 @@ uid="$2"
 mtp="$3"
 
 shutdownVMs(){
-    local VMs VM
-    VMs="$(machinectl list --no-legend)"
-    if [[ -n "$VMs" ]] ; then
-	for VM in $VMs ; do
-	    machinectl poweroff "$VM{VM%% *}" || true
-	done
-	sleep 3
-    fi
-    ## Check again:
-    VMs="$(machinectl list --no-legend)"
-    if [[ -n "$VMs" ]] ; then
-	sleep 3
-	for VM in $VMs ; do
-	    machinectl terminate "${VM%% *}" || true
-	done
-    fi
-    #killall -9 virtiofsd
-}
-
-unbindmnt(){
-    local lmuh="/lmn/media/$usr/home"
-    local lmus="/lmn/media/$usr/share"
-    local N=0 mh=true ms=true
-
-    mountpoint -q $lmuh || mh=false
-    mountpoint -q $lmus || ms=false
-    while [[ $N -lt 10 ]] && ([[ $mh = true ]] || [[ $ms = true ]]) ; do
-	if [[ $mh = true ]] ; then
-	    umount "$lmuh" && mh=false
-	fi
-	if [[ $ms = true ]] ; then
-	    umount "$lmus" && ms=false
-	fi
-	N=$((N + 1))
-	sleep 1
+    local VM
+    for VM in $(sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" \
+		     XDG_CONFIG_HOME="/tmp/$uid/.config/" \
+		     XDG_CACHE_HOME="/var/cache/user/$uid/" \
+		     virsh list --state-running | \
+		    sed -nE "s/.*\s+(\S+)\s+running/\1/p") ; do
+	sudo -u $usr XDG_RUNTIME_DIR="/run/user/$uid" \
+	     XDG_CONFIG_HOME="/tmp/$uid/.config/" \
+	     XDG_CACHE_HOME="/var/cache/user/$uid/" \
+	     virsh destroy "$VM" 2>&1 | systemd-cat || true
     done
-    systemd-cat echo "Tried $N umount(s)."
 }
 
 ######################
 
-if [[ "$mtp" =~ "/srv/samba/schools" ]] ; then
+## This is the first mount we need to get rid of:
+if [[ "$mtp" =~ "/lmn/media/$usr/share" ]] ; then
     shutdownVMs
-    unbindmnt
+    sleep 5 # leave some time to write caches …
+    sudo -u ${usr} killall gvfsd | systemd-cat
+    sudo -u ${usr} killall dbus-daemon | systemd-cat
+    systemctl kill system-virtiofs.slice
+    # debug to find processes blocking umount:
+    # lsof > /tmp/lsof.log
 fi
 
 ## Just umount:

From b518b9a2062f9b60f5bc5b6592cf1abd2cff53bd Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 08:50:52 +0200
Subject: [PATCH 357/504] Set sticky bit (restricted deletion flag) to allow
 PAM mount as user.

---
 roles/lmn_vm/tasks/main.yml | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 82ddd0a..dd934cf 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -49,25 +49,31 @@
     dest: /usr/local/sbin/pam-umount.sh
     mode: "0755"
 
-- name: autostart default network for VMs
+- name: Autostart default network for VMs
   file:
     src: /etc/libvirt/qemu/networks/default.xml
     dest: /etc/libvirt/qemu/networks/autostart/default.xml
     state: link
 
-- name: create system-user syncing VM-files and others
+- name: Create system-user syncing VM-files and others
   ansible.builtin.user:
     name: lmnsynci
     comment: lmn sync user
     system: true
     create_home: false
 
-- name: create vm directory
+- name: Create /lmn directory
   file:
     path: /lmn
     state: directory
 
-- name: create vm directory
+- name: Create /lmn/media directory
+  file:
+    path: /lmn/media
+    state: directory
+    mode: '1777'
+
+- name: Create vm directory
   file:
     path: /lmn/vm
     state: directory
@@ -75,26 +81,26 @@
     group: lmnsynci
     mode: 0755
 
-- name: install squid
+- name: Install squid
   apt:
     name:
       - squid
     state: latest
     autoremove: true
 
-- name: disable squid
+- name: Disable squid
   systemd:
     name: squid
     enabled: false
     state: stopped
 
-- name: deploy squid user mode configuration
+- name: Deploy squid user mode configuration
   template:
     src: squid-usermode.conf.j2
     dest: /etc/squid/squid-usermode.conf
     mode: '0644'
 
-- name: deploy sudo configurations
+- name: Deploy sudo configurations
   copy:
     src: "{{ item }}"
     dest: "/etc/sudoers.d/90-{{ item }}"
@@ -108,7 +114,7 @@
     - lmn-link-images
     - lmn-startvirtiofsd
 
-- name: deploy vmimages scripts
+- name: Deploy vmimages scripts
   copy:
     src: "{{ item }}"
     dest: /usr/local/bin/
@@ -178,7 +184,7 @@
     - /usr/local/share/desktop-directories
   notify: Run update-desktop-database
 
-- name: set owner lmnsynci for menu entry directory
+- name: Set owner lmnsynci for menu entry directory
   file:
     path: /usr/local/share/applications
     state: directory
@@ -196,7 +202,7 @@
     dest: /etc/xdg/menus/applications-merged/
   notify: Run update-desktop-database
 
-- name: sync .torrent, .xml and .desktop files and run update-desktop-database
+- name: Sync .torrent, .xml and .desktop files and run update-desktop-database
   command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
   register: result
   changed_when: result.stdout | length > 0

From 9d11c957944b2c9a5beff8d6abd09befa98fee14 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 10:07:16 +0200
Subject: [PATCH 358/504] Make systems production ready.

---
 lmn-desktop.yml                   |  9 +++++++++
 roles/lmn_security/tasks/main.yml | 20 ++++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 roles/lmn_security/tasks/main.yml

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index b079a23..69a9c74 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -36,6 +36,14 @@
     mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
 
     rsyncsecret: Muster!
+    keys2deploy:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
+
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
     nfs4: false
@@ -60,6 +68,7 @@
     - lmn_vm
     - lmn_printer
     - kerberize
+    - lmn_security
 
   tasks:
     - name: Add local user 'virti' in the 'libvirt' group
diff --git a/roles/lmn_security/tasks/main.yml b/roles/lmn_security/tasks/main.yml
new file mode 100644
index 0000000..7ddb591
--- /dev/null
+++ b/roles/lmn_security/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: Deploy SSH keys
+  ansible.posix.authorized_key:
+    user: ansible
+    key: "{{ item }}"
+  loop: "{{ keys2deploy }}"
+
+- name: Allow sudo access without password
+  ansible.builtin.lineinfile:
+    path: /etc/sudoers.d/95-lmn-ansible
+    line: 'ansible ALL=(root) NOPASSWD: ALL'
+    create: True
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: Disable ansible user login
+  ansible.builtin.user:
+    name: ansible
+    password_lock: True

From 1004922a58a73d657d274b156a3423a84da51c7a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 10:12:09 +0200
Subject: [PATCH 359/504] Patch dolphin bookmarks.

---
 roles/lmn_fvs/files/lmn-dolphin.sh       | 3 +++
 roles/lmn_fvs/files/lmn-patch-dolphin.sh | 2 +-
 roles/lmn_fvs/tasks/main.yml             | 5 +++++
 3 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 roles/lmn_fvs/files/lmn-dolphin.sh

diff --git a/roles/lmn_fvs/files/lmn-dolphin.sh b/roles/lmn_fvs/files/lmn-dolphin.sh
new file mode 100644
index 0000000..7b5d3a3
--- /dev/null
+++ b/roles/lmn_fvs/files/lmn-dolphin.sh
@@ -0,0 +1,3 @@
+if [[ "$UID" -gt 10000 ]] && [[ ! -f ~/.local/share/user-places.xbel.lmn ]] ; then
+    (sleep 30 ; lmn-patch-dolphin.sh) &
+fi
diff --git a/roles/lmn_fvs/files/lmn-patch-dolphin.sh b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
index f5b060e..301899d 100755
--- a/roles/lmn_fvs/files/lmn-patch-dolphin.sh
+++ b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
@@ -58,4 +58,4 @@ patch="
      <bookmark:icon name=\"folder-network\"/>
 "
 
-echo "$patch" | patch --fuzz=0 --backup "$file"
+echo "$patch" | patch -z '.lmn' --fuzz=0 --backup "$file"
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index ebd519d..028c951 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -100,6 +100,11 @@
     - lmn-reset-dolphin.sh
     - lmn-patch-dolphin.sh
 
+- name: Configure KDE dolphin menu
+  ansible.builtin.copy:
+    src: lmn-dolphin.sh
+    dest: /etc/profile.d/
+
 
 - name: Copy fvs-config.js to configure plasma
   ansible.builtin.copy:

From fbabce80c7c14c2f3575c451b4bec9a669339146 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 10:13:49 +0200
Subject: [PATCH 360/504] Update links.

---
 roles/lmn_fvs/files/policies.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_fvs/files/policies.json b/roles/lmn_fvs/files/policies.json
index 4edf004..1afb738 100644
--- a/roles/lmn_fvs/files/policies.json
+++ b/roles/lmn_fvs/files/policies.json
@@ -23,11 +23,11 @@
                 "name": "FvS-Hilfesystem"
             },
             {
-                "url": "https://nextcloud.steinbeisschule-reutlingen.de",
+                "url": "https://nc.steinbeis.schule",
                 "name": "FvS-Nextcloud"
             },
             {
-                "url": "https://moodle.steinbeisschule-reutlingen.de",
+                "url": "https://moodle.steinbeis.schule",
                 "name": "FvS-Moodle"
             },
             {

From 9e16c216a745a8a6e2443cbc9c53e5baf1042ce7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 11:41:20 +0200
Subject: [PATCH 361/504] Use latest virtiofs. The distributed daemon sometimes
 causes issues.

Binary downloaded from: https://gitlab.com/virtio-fs/virtiofsd
---
 roles/lmn_vm/files/virtiofs@.service |   2 +-
 roles/lmn_vm/files/virtiofsd         | Bin 0 -> 5839648 bytes
 roles/lmn_vm/tasks/main.yml          |   1 +
 3 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100755 roles/lmn_vm/files/virtiofsd

diff --git a/roles/lmn_vm/files/virtiofs@.service b/roles/lmn_vm/files/virtiofs@.service
index a54865c..c070a77 100644
--- a/roles/lmn_vm/files/virtiofs@.service
+++ b/roles/lmn_vm/files/virtiofs@.service
@@ -5,7 +5,7 @@ Description=share home folders via virtiofsd
 [Service]
 Type=exec
 ExecStartPre=/usr/bin/mkdir -p /run/virtiofs/
-ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/lib/qemu/virtiofsd --socket-path="/run/virtiofs/$${soc}.sock" -o source="/lmn/media/$${usr}"'
+ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/local/bin/virtiofsd --announce-submounts --socket-path="/run/virtiofs/$${soc}.sock" --shared-dir "/lmn/media/$${usr}"'
 ExecStartPost=/usr/bin/chmod 755 /run/virtiofs/
 ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofs/$${soc}.sock"'
 ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofs/$${soc}.sock"'
diff --git a/roles/lmn_vm/files/virtiofsd b/roles/lmn_vm/files/virtiofsd
new file mode 100755
index 0000000000000000000000000000000000000000..471c24d964156fb00b898506f91c9920d4d41d1b
GIT binary patch
literal 5839648
zcmeF)d9)*CwfOyN=!PJ}DUcz|K^qK?X~(n()KQdbXe1~?#Hmz-s31W=A|jMDXpU`b
z1kpH0uXrOM#tGwqrr`p?iGWj7lmHH4xDp&7iqdc8JbO3P_x8T8{#@(*<6S@3y>!>7
z_t~{;KTnMr&biND{esPwEb;Vzn|lX&v!x&Hu-PI7@(<DWFO|P}Uf>nIt&;yf&f9M>
zcIn1{`JaEuz1`*3KRw^Y%yil8ud%Efe_nL%9*cqc=Ocg4t#7ZzfA_rfpC3EG{j2`@
z$e-IH`HAN99<%s!{4+dd^F?p0bARg3&AKrAxpsTs#ee6YDBH^{MtR<r$)B@I;>(sV
z3jeG~Tv0Y(f3Eb~(~qD1+&%xDTa4hJ+mzi8>Yr|FJ@2UG=Vo>Ov;UJ}@LnYAV?T7c
za+2$Z{wd`yj{EHIy8O?sSL4Rg7v1jBj<ZgC-UNQT?|cfcN__5e*I&)^q`~fsc?$4n
ziPzwVi^uRci`U_icmsa6_z>O@AHhE*K8Al-d;-5rJotQid%q)Ig5MzCgzs^a>rV@Q
zsCXN`Lc9Y%N_+~}{N5GmIyHX=uK9hq<}brfk@ZIK*NIo)>%^<@HR4^k=I_BZe;=;-
z2XM`w`$D=8pOf_#;9nMx;n#~d;5Uhn;QQR{#&-gLf_S!*t|!>v9cOcf=iw8HFTit8
zae0dH=*i9lcuDev@W$g^d<i}fFT*>(bMX;8mi!fXRlEw1#B1=z6I}in9$oFc4lg{>
zc>_Ma%AG%2@W!uli^r?B;T^-fhW8Bb8$N(fWO)eJI!A_&>9VZ(^!U8`YS)J;;zu3l
z-WSvJvv#BN47{+rJ1^wmlbe?<_A?LH_yF$z$i;_n%~OJF9c6gozTFnr8^I@c?Xu_<
z_(<xk!Zl9~J{s(_m?wtob~WMgL9Rb7c<DgrZFu~aT^I9r;3pmLuCMy=$(dU(#*g6D
z+gv}#aDNxKUhhlk@f|(kQHyyp@c63j7d;0ryvy}751;Ji@(1w3?XGVje6WX$kKm=B
z%JmMsx899!44;VC;of6h{uVsC#nsb>k5)SG!Q-#FKJ?**hjw=Thig4!_{RQ!Io<z)
zF6*C*Sv{{h@9OvAlY^aS;RT7$!Fy}no}Y)8B!1)iWxZNwh<Nn~u0LOaSD)+ZtinC1
zzXtcEo*1t6*Wr=GH{f5B{iOxJUAzN-{_EWS)q}tHmwPXEWN7#VewO6%zLFka&672}
zV0dVFWO&W+2K)}GvjzW)cn7Za_YEHzJ~iC`>ZbdXH#{)BY<Si1y5TLuyM_-89~<sn
zncm)&C%F0M!;cit!4LbOn}-GXOC>&lYkUd*!V}$kBX~)?3V)S&41cwF1O68A7W`D5
zSBCfCI^Txy_euUST=P#2&wMT2f6bqRe@F5c;6D-%;JV(D;SpTdTQj@?|Ecy9uH)N*
zYdt-~2XL)t41ZF^&66qo0P##W-A`R_*6=)B*BiiJF8NDv%^w+Fg=_vg{2h|N3D^8>
z!@F?JKY(8%`A2ZgKQY|<db*#QKMTK3^5@~2zi4;}*ZdLukCML%FTUQ*hZz1&@dkW@
zcnhxU?ZV&q2A97N*X<e_K89<4?;A!x4KKjIDfI+!t*2yo1lM|MhBpjv!ylA-y72wp
zD1C!#okPRNaIMq(X1Z?&Nq!&x8u1+beDMNY^M{5<@J~vfD*S5k7_QsfFuVoVdb;oj
zB!3^S@gw-^lU)BNa6Mmm-%9sW>+}uJ!F9bw`0Hf7Azbs94X?m8e+)lI@;Bg`zh!s_
zuKD}$OC<jguKCA?PvM&1zbf75t0aF8uK5dw2XM__hW|wJSKykzW_TU0`CIVbXWac}
z7hd|g+@HcVeh6=5-SdPIT;r#3|5fh(+WU68pBkTqcfRA|a`47CU7kEVxWst@o*TG2
zi*S7o6TnN7KZI+Y5nSu6(7UdlD!lqh=QVh6rSllBb=Kik$=`r$oo%?**@5@I=GNPV
z2bVhU!E;h)AFg!{;IZT%!nMu`T<e^|TVHqecrq{ad1LFt&NJ{x>h$4SXBHkw{v2HE
zEW)+U03LtK)f2)?UvyrAH;!}jvkccdBX}VBD{!qdhHIU5cu)G%fEO-vbvEIi#JAvD
zXB!?%yslrzOY7_-UVQ}DpC7{;-*9zK;H8f9DSY%*=Uy*;{L%U|@RH>B;Va+e&dYhj
z1Ne>Sx%jf-Rrp)ixcC^Zd76fI4DTC0GJI;dzdqeJttW4IV0hW^s^N8b>D%u4a|<3^
zy>#(;S{v^D*m)1`i}&Fh=ONs`-sKs?HQu{A-Jjq`E<OX-_#8aG*~RDK8XwSaa`7Qu
z&hHU?G;r}1xaN=Hp2XMT8sCEFZglzEaE<T52j6$`eYnPt;3bJ4!!_Q!X8Gdy>v6{W
zuFIc+YkUq~`hknj!!<sD$C5vU7k=pSMDReo0*}7u;$wJKybjm=EqLq0?sb+nT<h<_
z2RFF=s1MhAM(~N`AHy}j_g~9X{rA7;@@L?kmpIQEUW5;haq$6M^OWJbzR2*3;Z?Y<
zw+7d`V|eRWS7#j_l$|%=xf7f>;Vto&;cd9SKG=iD>)pKS!+W87XVA#-DcnEN)#+WE
z9$(Fqh3ooqhUX10z;(SvxYixOCsJn!k1MYJ5_}+DhEGm)@sZ&bxb`77ya_M7(dBQ!
zHBT3=>+2cbH+%rs^$y`$_Xs|aI>+$VNv{40T>CkNYd^i~((^|>1J^#}3@^f?H@SKO
zxaKLtb$yZH6~n7=U2hGpb;of36jx^*J`!)hwVzG6_N`@j8@}><cRkrNd}#Q@@XYn;
zan$@d!;6NO46nd-9Am?q@M=}|FSzFE!gYN;!~2F0;JV%+T<ade3v!$p!#m;=xXy<u
zT<3$=PmfFIG}ng=T>FqSya@N+Ec+K+^OWJbzR2*3;Z?Y<w+7d`WB5qwtivPeLj$h;
zY{IplEx7ix4c9*O3?I^^o)KNn%Tu_n&$}T#zUmpneRxmSo2AS8a`51EH|}|OPrLxv
zeiq@{&j7Cd4B>h_i43n9-Y~pvc+c=5T(55@@W$I*f2MGq5B_)4<CQzv#b@D~zW|S}
zckxBI<}blpuXpifxaP0IM{@mBgD=0poi7@2&C`Z^e|GEbz_rdkJSTk{z%_mh&;7vV
zpTIRf^SyMR3*UF~K3wb1!*kzt@ddc%58>6bTzm;$ILCPfKKU=_RruiT&g<~rb<P{`
z=xpb0_(;41*X`}YtJf`EyiXgze=p-cHr)Guy3ZP)HN0SWXn16J&G3fdZMZ(K>lr>Y
zd}4U!2kAa&{v7;M@|>_}c**dJ;j!UO!#nUJ>vA0k*E)xWPYloeFx>~;UvhBW-}7*N
zju*hao|~T`T<>!uxOa_<ufTQw$MDI1?m0;vuFnZuaD7hLhHL&FT#tu+xNh$V-jnSe
z)8#pycVoKGjXmA#cNw_WlY?t~9<K2LT<Z_v8Xv*qy<I&OxW>ouk{ti*aE))lgPY{I
z2iN!>T*tQ$-)_Op|B>NS!~H?J|C%Qc*Lni@<Q7+d2rvE0c?lkgm*M*U*eYD#UtNQ1
zd;?yU=Xg!{Dbk+~e64sN{yFg>eD8O=K2PA!63^U}?x%VVex$?~;U5tX;a7;4;lKR3
zdw*jEevZV)@N2~z@QQc~uK7D~oezDu&d&i{<Hzuhyx)ET*Z9oM>3-_|>%%oZ53k<t
z=3xP@@gY3AL*^~qd&7>4*A*3b={GLE3jf8WZl2T)Z^5@%>*BkH58y+I9~<udDBU-W
z&l+BU2U%B706$&41YhwU7azfE5?_TsOX6er*%IG?A1LuHcr5W9cxzi%PY?bA$uoc-
zE<S=ECq999B)|9Lbe|)M_u)N>&%sZS_yYVS@c@2^_8)$##7FQ@`wu@;;$!$~?LYkO
z65oQCwEu9OZ+*D#cO$s&*JJo)zjDVn?<eU#t7i=_z~8O?gnw1M1fPgU@Ez8<c~ylU
zEgr+)Dc*ozC*FdO#XIo(#e49r-s|caz?X}U;D?J(;5sgupQig<{i{2^`EZTT!>iAB
z@3ShvH9mxUTewesm*5&-fe*HHpP#D2_4>IE_dnxaF>S!B;!SvP<5r8u`4(KSH@a}W
zKIy@?dY>DYA-pO+hHJd{vvmK}vxXN84-JnDuNmGjylr^T@S))o!!yH8_aSF^5w7#0
z1lRdchU<KY;5r{FaGeh^T<1d_9yZ*3Xu@@#ci_S1?(>OVxPRDoi}SMwk7eHW;p=6-
zjo^n%JrlUbXMUdUfA?N@9L~ZI{;Kml{PwZ)B3$#A;5uFvxQ<s9uH#jM>v+X*9j_)_
z$EyW@n|yAl1HbrUw_QEBj^hxn<2ZurIF8{18OI4+`|tfCJub^W=;oCV*Z7>_1^B+7
zb=wudbsS6Zi{9_nTY>-d1I}x3%~OXjxlr~CxYpk`ybIr4^7P?H$T$w++e-WxuJKd2
zzn!Zy^UHMqH9ia9Me^t28efEe^!u*=A^ff{J1@hvKNYy<slng<PM4<+*E~(QuD1=>
z{j>+y{j?9){d54={d5S|{d5A?{d5Y~di-0`<D&Is;aX1)uJz>MT2BDidP2A!2O`63
zaQ*oho_m$MZmGk2;thB!a`8>LzW=iY?@4?cuG`x)d<fT{AHj2Hx_ZX&f%pX8tGW0o
zd?fDuDm}i1x4QTYT<gynUWDt<2k_urmp_CLV&^4z=N-<=aQ*ys1RqFz1+MkShBx8*
z^DX#jjjN{(&t2fW10RWZ;aYzW?!D9H>BF`Dk>OLg{=E0=^!WOcKLc;Q%dOXk$93mf
zxYnP8w<JCf*W*b5*YDE^;Tj*o^?NxgaLrSNYaKPX?!Pfyzn7y9*YD+Mz%@@3uHVbi
zf@gMh=erL4G&!I4;CkE}!UNe)NAOsD3~z}~-~;g~Twj;*Z%xmi(*EvskStu|3-H0a
zTznC(c>=iB5yA)ZeGw)4%jI(r@L1}M;F_lb@9g2;=U;{EepiR*B!2_0@ol&#edxe7
zPZzFr^x(SR_2C`q!vG#gokO_h8Np-8GlqZZR(GA_jneaBf4LsZ8eT9wgm2v6;d;GM
zf$Q}~6|UDCHMovT1FqK_O}OrN9k||ibm4m6(Sz%KM<1@&?L)X;H;&;)%k#h~T<;Sz
zx24DBD>^Q4&7X%~De*<P<`3cDlK3)Q^H&V7!G9uo>hOESn{dtFHoOaeQ1bNQnrCSE
z7_Q%MFokb_k=(!Bp6<Wq&l;YG?<aYR@F$6faLr#fyaLzyYw#CH{yJRqHw|yYHGda=
z#?RbwqfeLh4&l1qvEfs=j&J4;qyL8I;qTJ^!?m8!@Ur0*_$89R2G{&`!<+EVZf?G{
z;hLvwc;E1$;bX(6hG%}0?*DgWd$Vw@GjDhi{u9X)!ZlCX@QUFz_%9`Y9j^JChPUB&
zN}ewKA@M$3^A8Ol!*&0f!u33o`E9!Ynm=oJ-tZz^`xC-7f7$Q~{7L%!3a;B#him?(
z;cfW2lD`Yr{`BFecHMDl2-oA)82)R?KZR?Znco@xhd(HJ@^H;lG(3ds^*|Z^kmRqx
zx4PIJH)?QQZ{6@FT*s>o*Y$SckCyfJ;d_V=;g1&|!*#t=xYnQfz0rTT=E=jKChH9h
zFB@Jpybk}k<Zr>X{tjH9Klk8zJvM;r_39X|*Q*n_UawB!dcEq6H{DMkzO_6j&%w3M
z0$lgI0Itt(OK{B-!4H(zN2>6H#AA3@&YKPR-co<t@E%;pYXH~hz$3WUKY{CdGk0#f
z&sq2dQfD5n`HOJPUoyO6cx-qRUYB}0aP3bIuKgLnHGTxw`8<W|eD>~2_f6+>2Cnnj
zhwFNCaD6^sfNOjJ&wR)oSIcmXuNYo4yl!|C{v>%`)Q0PNyKvpV`f%NkhH%}F#&F$#
zr*O@mxjQ{B$KK-3vpK_yhL;Sl7#_oQ{xsp<aq>O{xG&y@PsBTL&EJQ|FLU_^@P_yh
zUVXWXAHh$Rc{PRqSUhu2y3ac9S;O=2UrC-KT=RtRm&@~qGF;;;a6Qk~;M%taT=(lH
zT=(l1T=(lXT>I07Yn^?=hj8uB7(UT)fouNEf2YSq`;dj}@h}h9_##~Mhwwj1J!QDY
zSKvK457yxKOP)Gh^E3@_!#8WX<6#%B+uMgfR^o^7CyS5ahlo$%dYzy7L%RRRNqiPw
z?YsT10Plzw;of~NK7cpGL-<7Ul;F_~E>9WWk~|T-`d1fUffpoy3?E4TIy{#A4Y=0d
zgm=E{*4u)6-*euExBlY11CRdZybIUoy#sjfXcs@E%jX;?aPM#K^{FXbUytzbP0xow
z;<IqArvUfmeIrG<#+Ts1yInnHxE}Ya@SN0BgKK;PKDfs9rwP~i4qT6`UAP`sd+=D_
z?*!NUBe>=t!!`c|uE*^uT;JF2PtxP1o`+XI=U!I|;Dcjae?s`=CC*FmK+el$xaP0I
z8)cWL2Jal}JcjpP>bwqr@OF1y)H1va|HftRxH^DmE_XgQ+`BK`PmRyQPnSFe!$ZR(
z!)tJzKMnZg18y9f@b61K9mD(ZeLwH|Ffx2<xc|p=e>6|t@WAl0;Z?)y@ak7w{VjO+
ztIj*{kBj%=Px*~J*MjG-lz9RV9_`%wQ@Rf&iO(8dFg!FoGQ0-Y>y0{G-$&Opybagu
zs4o2G&$#~d;rjaE2tM)L`>x0Ev!p-XpVNJdq@O<gLlU2Z>wZy$kL2@)0sJP(Q-a?m
z9>M=EUWI4A=EgmSYyJjY^S9udzXRX=<F3y=xNh$d-Z{`62S#xJxz5M%iTDJr`7?h>
zk4yCem&b?iB7Mjk9>6t!8D4mv%OAl5@d`Y5h>NenHGdu6S?=N+@IT9Oplx^${zBQ_
z0Xz~P!E^Hd%n4lMz5COBK2P%a@TPbUeu;Piev^0r|DAXVuAiri;M;fIJg>qJ_`37D
z;Vr|vh7SxM8}2=j?%Q!vPZoZrcpk3t0sI_^FToeYBltk>2dnTeNPG;}<3<DiRf%uG
zqpa(52VRhQ)q`vP0bI9h1iwbsJArE+Z<_A&&m}$!|Fd`juIHlwzT-FCc9r0orvhL0
z3wJ!M!Sj-*VR##U!*|?zdxj6;_euQ3@XTM+{n6u34z8a+&BHZ5fLG6O$Ey&o@ew@u
zhWlJb1+MWiyis@g>u`;4!K1Y<z75y-9=!TK7vG0#{0JVr-^GvN8t?rr-RHr@E<OX-
z_#C_;pTEw-$8z0RfNv+~g(Cb3;sN|9@eqEdcnSW@JKa1i!z;4CNAQ!xEAXP^sltc)
zoC-b?kKvzPaQjyse#_X^*?^D5oA5u0x8TQ1{cX73C-&fjrEWg=;S>4%(EuKA<Kl;K
z%|C%hTe$csJYMG9doVrUyse#Q;CkJggSX^;gL$~d2k@T6hw%P!Zd@Y6Ylb)AxlhXe
z3$KcI;3M&_;XSz4IfU!$Yh$>c7p8EH&-^{z|NUO(`jCUaOS}O8tat#|_!9hDiI3p1
z+>cb@`n)uT>-aX|)vvqx(}K6Y>c*vO_<%0ULwMmzmuCd;iI3sIEiQfn|FQHT^N)1@
z)pPLM<n`jB;U&2CrvlgcUxhdR?&_?=_4n~L;J<shn<s6<dxj6;`h0Q%*Z0#-;rf1B
z@1b<xJUL!v;2Y0VaD5(_hwJme0=y;pi*W6839j$gEyJ~*D%`u*eQ#|IuJH|cAjioj
zyd>U&7v#9zhHL&FUE=%jf%pL4+1BlML-@I`aPwpW*Y##Lq{lJd%;oXnk$4uac?xiE
zKbNNn?=5#;g8TbAFT*u|72c9OHTbr#blcl7ylr?7-dW~8=RSn%{y2iaQr0^)-1qif
z{M@j6>hF0PpEo>!A1cp*%Z67Cufuh_T5#R2HvA6x9C6R^q2Uw5GfUEa(EK^Wi-wmB
zuNWR1-ZZ>pc;E1m;Zwu?%{JYKyy1c2Ww_3hs^N8bN9JvdF7v+&*Ll)|>wY?f7hdG{
z>k+)VyZao?7#>Lc1g_V&na$IE8|~`y_;61=3!fb2>dC=%zbL|WdjoiMnjEj-osT(>
z=+e&`T=U0pJ+C$4)g|sZa|^EVU3lZ8uAUxz>8spva%lL(@XXS5|20p}@FHBVheN~5
z@IlShUxj;TIj_O>_ewY5`g^6DaPM4~rv)#Z<Gc;eNqh(HOMDl8vh;ZXze;>;xVJ3b
zXN}Lo4~yJ57T~%+hH(9!pAvlY*SI_t!(;fd65oKICf<f?Jw3R-uGfca{0QEV`9FqV
zFYEQTNcT-W3)lUnV0Z}EpD)3quA3)icvU=t$Kn<ED_-mRUxP>Db@=)6oS_M?>+=Wr
z>m*MX{s!?rd}IIN`uuGSUvs>x-`g_XfAy^41;azbBg1QkHw<qZ-ZOk?_{8u`Cf$cU
zq(3>h_NQog$?ytX$18^CMs9xA;jwrFu6f#U{l4f9T;uz2y`LJu?~p!>4fnQ6_f6xo
z@KawW$34SC!z1`u^3>pmpXl<};gNXD@UGzl!^ehuk4pDJ*PAuGV0dVFWO&W+hT(0)
zdxj4UpBSFmdeeQ#8D2EJWO&8!*zl&|9mD&Ej|`t0?r*c{KI9D#3@;mAHN0+k%kZw@
z1H;FLd)sb$d$WcY3=a*D46hm9FuZMe5B{w)-SK1y*Zq0|*Z9nKo9;u-@S@=*!z+fz
zhBpoG7~VI0Wcbu@e{R!#$irJT*XIDP@1rZj_k631ufp~EunyPnH*Uc7JlKZEgJp})
zeL8Tx-|WNnesBO^F>rN`;cq<4x#y?*qn<UqV0dVFWO&W+27K-vuFkgMJ^1ToT!wJ%
z^8{Xf`!<Vxp27#>-uCJKXr3%wuUm3(eNJA4>vQq|uFuIs_+XX${=gDk=UWA?&#|j;
zt-lV}`PP8H_gv{eJSuMMzRwWec((ICd?Y?Fd<efy#&HbSdb}Od<Fb#;XCJQdd3bc5
z+pfUyGQ2POtA^L%+UFKrzX!Dq-|KCzo}S@D!zYGk9-Z!w=Fb^kG`wVZ#qb#ZoU`3_
zHQ;X$Z^5<BuHgg2$A)`5Zn_Uy_y?q(JY4Gu;9r#Z5?tde@IBw|`cQ*we8cdz;XU{}
zCI0}f`NxKPI~n~kykK}}cm&t|q6XLJOEFyIoABIc-SMym*Z3|x_>vs2;2J-KPcCu!
zM{tdw(&hI}csr;2sqtBOXMcCz$-(t=B}KUY9;E=T`O9#<?~dR{o+I<n@P^@S!+VAg
z4WAgE*(KdKtutqM(eRSt6~kl0n}&A`?;AdX>-l;L*Vp&G?56vWHN0SW2){+fJu<vz
zc*F2E{8@6H&@+5!_{8wcuIWB#{v2HUS%hmp1Nb#^-Y*+oHN0+k%kZw@1H;E~y>9V#
zOZP!NYj^>!$A=KE@1rQe^?ej&cyPEo9!7A@U!%+MFoqux%k=;}5^uqOBlD^YKT+Zb
zhK~*Rc2D<H?=Q0O*U5cH!SK-V$ncus4a3`p_u%@v*Z_XD)IWmjc1;cU_el3g<MW0G
zhL;Vm!iQ344A=EG4euD<H+*FH)Np^#bRYD7A#Zp9*ZRwbSK)eGsvF)iyleQt@Uh|E
zUg_=Cda{NW3=a*D46hm9FuZMe&+wt)6T>rmZ@LdT!;6NO46hg-8{UMkT;q<PZTLar
zUAT_p0IuiFF<j4^6ZlIde<qjik9yAVqTwaOD~890H{p6d>cI8>q6^pf0bD<iFobLT
z1m3#bogb%gjraFS_pNuCi_g;K_v;nlqf1?U5w7`5a8KgPaE-6RbDwkhYjBNkz#DBB
z--K&?2d?*1UAV>%=yLrqq)UG$@TlhQ@1}6QpYk7*?!VqoW#L*+0j~E`MY!%qC3s8T
zuU>|0d=;+yU5zf^OVEJp_Z~OlPd(oqA3BEj4Iddkg<mZBGmlO8Q`eg_yl8mI@QUHF
z;Z4IkhW8C089p`KU%u%+<P8rDFB@Jpyl!~Q@UGzl!^ehu`)+!BvxXN84-JnDuNmGj
zylr^T@S))o!!!GBx(_+Si-wmBuNWR1-ZZ>pc;E1m;Zwu?$8EX~dBX$4%Z67CuN&Sn
zyleQt@Uh`ue$(5VHN0SWXn16J&G3fdZNqzp4-KCfp4orXeaIPJG`s}QzRR7zBDj9v
zLKUv(ox0&I_yLl?YxuzMvEkn1(|xF1<m%7DJ^B1#!SK-V$nYBcb6<Dst;6;8#}>S^
z(tU2F4cF_X9$c@N`tbNF_j{H{@WIR6=aR;7|EX@h-V@S&^PlcK1J~=Z9K5u`#pmG~
zAHb{gE<S{7d<1VD?BXkMjgR3~iLb*oz6B2?z75y-9(*9<)rV{R2tIhGtA7mFc<+hn
z{(Bi0pMh(9jxN{ddAeMm2XMW94&j<Vf_DPxKV0Kuc;_iDz7E&;7To`vi*Lg<z6T#j
zd>`I<mdi7O55&iC&F?)a-GBctE>8xo@j1A@j+}?<{usa;&vyAkxbE)}Jd*edT<eM9
zg9BXtI$Y~%!TkeWd>gL$dvN`I@qM@+-$rnKf5jNC@2{A^bJG7QT<_QXC#T0t-(Qi1
zuY0#U4j16}hzIZu;w8AhyZc;u1m9w<%U^}hiN|n_Z@~5YOj>ZQziarw@G)Hb<~=3d
zH@z>;z%@Px*Zbl;d@tGFBK%PC68sAB2(Ixp_(<aGaE))l=icMSr32UazTqRor-u85
zbU!tJ-tfTivf)+3>xQ=s?;1WZd~CS4V$<83HN0SWXn16J&G3fdZNqzp4-KCfo_Xq~
z`;ardXn4u+is7;0O~X5IJ)ZaBgHzn`e*o9`F}zxE@e{blXP%bsk6u6caE;Hy_4=Uz
z*YjgY&$;W~5?!u;D)50^FIC}3yw4psVz?fk8}M@^z6HNRyaPXZoy*^Ye^7h?zf<yz
z;17vU;5#*3e(&k&{y$mVhhHJ<&B0$K@dfzx5+A_t5HG<ud#|e}f`44{SK;3hkKw-L
zX~6dpZ@~`~@4$a8`Frq}Nc;d^6(7OR5ud>SA^E*$r2DV)$A>@b{jNVb_-Wz=_<Ll%
z0sKG3OYk3vM{sXPcRf>uw`9FB{2s~EG`wSY-|!J!j{{TqU>~<%d(TYwvm>5?&tK^J
znT6k>{WLr@JTkln*ZLc9eP2ftuJ7w;!6UiuZNv3?tOpPN>W;&G_+;vQ1h3w)Z1H`<
zWB3~BoA<1ApVhO57Yq*#j|{KDx0dHN4Y>BX4cE^zcHsK_r*HVk@TuW`G2I`{pEo=(
zyli;Y@VenG!@GtL3?Ccrt=#nXW(_YG9vU7QUNgL5cpI+sqz4bSl>G&+@gurChZ)o5
zy25*Qx<5U+uE@|OJ_py=!SisfCxFM2KZI+11lP|&RNxvP!{hh4<82+@6K~KPF1`sr
z>I3dL+=1(HtPj`w_W@kv$M8t%nZWh>Fmph9T=ex>AFlcH@aikvb`{_smF)@*j|{IF
z-Y~pvc+c>m;S<9%&q?=3w<~9O(eRSt6~kl0n}&A`?;Accd<uV1#?e18-3Rr&;ep|0
z!>fkZ4R0CVHGBa7;Kgpg8^Ldp?-Q87Z<KiNpmZPZ6Zhd8`(t=uc-io(;dR4XhIb7g
z7(RxdC%<3GJ2>43^{n9q_%g{;gpZ{E0sJ@OAv`a6O7P9Z%kX{0Be<@&0^dpEt8ibu
z2G5DdaLr$bKT6^o@ZH3l@Uirv1;0nU4S%BK>A<y~uHilSmXfCr-$i@?Kc?ySuOVE2
zKi3GZ^^D=$O8yCaPw^@I3F2Omo}a(^wcPK(Gg4;(?!95h#q0kN-g%Dm65Kz~c^MuY
z<UE4wbwv#xAK~I-ctgAnufEX5H{hDT4exZ^`MLw|iFe_xFS__1T=Ng%v25=MJ`x|p
zC*l*h=FiNh$FcBIx4k~RA)bY|#B*@XUxeq5a`^*zK|F-}FLLoE`1Ce6-ztX3hBpoG
zz{@gkd+<|rzk|Pj<m#Cio_TJ%&l;aIyl8mI@QUHF;Z4IkhWFumy*h$-KJDi77_RZ&
z^U{6L*KsoROI)5DJpP*VJY4e!aJ`-n;Tj*oTkm!6PpH5(K86n-?dE44-dHBzs|MHa
z4Qs=7f9b(DexDUw<45q)=UhEwxW;>jr2F4!yZ8)T<8yFti!Bz9+j+Pi{{#5XWq&Cf
zUNyW9fBlEu{?&qO{x1A05<h@%`4N|A4A<@To}ccIKF`U(_4t#6A1C>XhL;Sl7#<tm
zG`wSYAAYISIWl|--yre+3)21B@uRMvIryRC1^Bt*0X!$qfy;2ckFLV?eF!zU|1noj
z1O6oO7W^FX4qWr};Xjx7A^acWW4Qi4nkoDmiT4jp_fxNn@^JszZa*!+w~*g=6T<W2
z5xgW`GrVDV+wh*@L&GPAXTo$J-Y#|K;2#k$!u9<mC3r*LhgODfoLBIY#Mj_DE)BT8
zU#<z)<4Ffzko;Y^eqOH+e`(9j=OJ8Q#~H(qmw0bgx}WM<!wZIohDV0i3~#{Cl{(w-
zPl$KnXZ+0dp%2&X8o{rUJX5&NEB~-`e>6UCcwl%L{!>|R1+MvH_&+4R0ndHPZEqW{
zd3x~9=iPPD5FQ`vjvFKRNPG;RlwJG;uK6>Er~4LM;nwTJ8((mqg;(W1C<oX4MYwmQ
zt0$nBoQLp{cnPlgEA+!%o+><A?YssL^!^ckkc?LoUJ>uW7sUJUZ;Ou%pTd`Y+RYPx
zb$VR(6wezT7+yBKYIxo7mf>B)2ZoOg_m0@~_GS$)7#_l(E`5s(uNmHezeV!2;TMbd
z;NKA+z$d?O^KeZ6z4Hk?Sm}HUA4vYp3)6km-w&0A>-i`TKk+}@d<zUO8(xKfMDo-P
zZ^5sT_zryY&$xPe@T~X%zMuFAUKXFg^}L@sGTpb_A6=h)ctbo3AN|S2=in3ZJly-U
zi!Z<<@gh7v#>EG4y>BhU8-H-|5qu(EftT)e@l|*vUV~S~WBMU3PaWR)fID9_;E}xF
zwFSRM#;XI@-?Q0+>+hWzz<;9i0e+$Q6t45ZFQw;${=VicT(1KQaD6?r2-o-$+?VgE
zF2f`7h`zz~xdxBLV|Z15-)J4K^QQ&Z-%r|x>v5wCf9xf0KkdVh79YajDL#gOS$qoD
z@y#5S9vAIr4(|Wb^(PO{i5K9SCxlmTad}GcSiB4$OZ`>2_AQ3*@mbfm27GVv7W|cZ
zoP-B+?tNB0xc+|I0bKhzf@>e9aQ*!(-itQf|13P(%sn5=!JpE0+gpUcP&|a|{use0
zH!oX!PE~<xd<^%0<l^ga&C`Hu9Zh)QKKJ`0TJXtT?)Sg6;UlTD1J^uV_-Nqz)`Ooe
z{TaaDDL#gOM%;UGdb~6~Yj^>EvyO}5k>NG?-k)>hUWW(rT&QJu*YE-SRLMVrpCvwl
zUo7q&o$k-q#eMi#JP+UDQkl<ijW59ukobz>vEfa_JMdRX{vKS{J2ZS^c;+SP{%D>Y
z{B-RDJd*J(8D4?kDtT(~XI>`r2Y#G*%kVDza*6N5C*mV`?sB)@30&hd$E5pnsKjUC
z8ef3FN#X;z#+MDR!rvo#Vz}mM8s33lB6<4o{}La<{~$hwKj-tVZ&UbsasSwK-_-MP
zJs$<|#+TjoWC(AGmkck%HGdUel{__gEFK$PhwpoZ>qE=%F8tLJKQMd@|B%Fc<#a#Q
zv+$Ape&ihdoATT>5C6V+0X~sDMYt!|Ap!i?k|%`UCtiYY{t4H&GTaxB;CqQz;7=2;
z!Vea&!4DIU;ja>}!%r7)z}JX3;qMo3!9OG3hJRPQ1K;eEu0LJ)?&3Z8Q^ou6gTx2$
zL&b-1U&eO?KT6`q@QU~Z{tode{C(oyOVjiDW8xWjS?(Wwct_&1@b8J|;5pf@JpAVp
zUx42$UW6}|=e+@ZPCSI~D_(*>RlE#8P&|T%Uvl%I20!u3&g<}##hdWc#oO?v^tlUv
zyTte5Er}n(*GT*rz98-$mmc?f#C>>M^5@`xlK29ADjvZ9Azp$%eOLJ$F1#pSg?nFd
zeU9N<h&SMK;w^YbwyOj0iud5!w;^1AU%&*ezb{}4*VoJZm!<n(ZMgSKWa0Zt{RP8A
zc=U94UlSQ#gX_=7@ZOVMo;rLW-hjtXb@5HO*585a^N>EgA-{)f0N402Tz{|e1g?3e
zaIM38dAk3-weB~7X5jGwZo7PV_2s)R-WO-#nkNU3B|Z;ttZ?}Qxc^$`Azb4lc<(hX
zz5>@gRk+qsgSTGo^2G3ocpY9k-o-cInx_fZ`|cKfrOVTWmp<#RKYQ?z#1G;6zNQge
z^NitI#{?cd*FBG#(q%q)uSn0ILEz#u@Pg#=;o65R{QbJW!@ZZf{)F(s7o3;iy1!K5
zy;EI$6+S9EufwaKciw>iM(S+C50u}>-Gv_{-iPb&TOS%ehM(GX$Nwojko=ifrpHC=
z%)zzJ0$l41;96%1uJuH4t)~jtdg^eU&n>vl+csR|dvKlqeYoZsz_pGcT<8CYF7tm3
z*ZDtz>-?X>b^d#=+Vps34KKj;_s@p#_(a(+;H?v!m*KfLIFI0(zXlIp@8V;4RB>L1
zx8CTy0e_y%+cx}o@gCfl<NOfbljHD+E}v7I!W++a^>|Ub|9YREg_nNr;&X6~FT$&m
zKY(j|86Ii>;Z^Ypyd?ds!Zm*#KGOcfC*n=`;3T)bE%<FRE?u~;cK{FMcsqo*#7A(=
zGllExT;8jV@q*{%ypV&x_-pR?Sv0%^-%^gZ6~klr`z5{!*X`=SH@=SxuJHqS^$d5N
zJcMif1g@X2oWeEUe+~L6uM1@9vL6-Tx?dFGn!g0s&xe-b`aMfkxV|s0Mwj1P-GJ+T
zM-%?)Z@6*qz;(TSxV~O9fNT61uCMz{;F@O&*E+n{ru(n2*JR-Ox{nXn*L|{Z&69)c
zc_$Co@e1JjKJ5^Gz4WsT|G9Vtevfz!{*ZVbzWX=bcs1dV7jMH?ig)3MiTB|z6Cc9Q
z6d%LiD?WvPOgwXZdK|A1&%&=0&%=KqUWDH(9>V=^x&D;lPZh7gUoT#Re^R^-*ZI(*
z%kiO2m*YbZUg)~>NFT2GM{xg(E`AKxc<*)TKI`!(1Mgqu`jdsX<aMGvd?fKj_}|4t
z_-@~p{=<vn6?jR!27ilq9o`gg!nF?_xb~q7*Z2Xvbc^fr5U%kP_~aKZehSxk|Ah3o
z<ZgHIS-8d*;H_V~_##~6OYoA!m*G7b-wJ#n&s}Tq#&_H}*5Q|nH{sWdx8Y;)F5K(6
z{C)Ut;zRfo#mDdy#Ha92h-Xer_x~pGEPVI%uAV$x`y9Y?r@HqWgz(A_U7iTO;%etL
z!yE8#Nqh^gdAf!V3?CcrRnq;@{8_^bhKGhnhSv;l7~VF#XZR4_TkqaCGJ)%L(G;%t
z(f;ex{n7jAEWGuKofn_`72t!{x_MHBYds~n)>DS-Jgma?^J_JD;UQN~1Frd-aIL2U
z*Z3~|{VxB2E`1)twVnxF^H1Tg{H@zx{5PcgubwwNFuZJd)$qFEEqEw(b`0;qwf>>u
z6T>raO!wha*Sh{>;Wvus;o0k4d=akol;E$G_z14?HNzW*w+-(ZJ~Vt{c;=*Zf3(h=
z;YGtshF9Q|Gq+yc-($ExT(;<SxW>2O8$YiK*E}7#*3pIQeN7MU-|db+eYp2aSLXn(
zd4_PkKN`Wc&r^8jdN<!PC#T2dQ1L8W_oKYwMYyiF1V3ByM{vzwH9UrE{wBO5`P*>K
z-!;4s*Zd=RU-D1jn%{d<x}WMkT=VA*4-79GUNyXKc+2pv;RD0RhI^-^`=HyKHN0SW
zXn16J&G3fdZNqzp4-KCfo~drS4>`k&hL;Slzz^%Y{kjI%d002R3D@!J7~VI0Wcbu@
z|I|(QCvSLQcp2W1K2+du`mXc`{&k73!~ZVcG`tPp`v#Z42R~4J0FT5+@HOHScw5|i
zbGmQ(`A{D|koX+@*Wv~E-QodU^OxW|OFtvH=C8uFKXv%yBu^8r>utj|PY<roIfrol
z-un?;zxRF&kL3O86S%%Un>j7rfBl{fAFl5+$;0)!x&YVf@DQ%?CAi)fRNxw4g=_vg
zT;m&X&EJM=d<Xtw8OI)6_qzf7tr9<m>*qnHaGejC)6@O`faJ--FB8whuMjW7HGc@#
z{AKv{lBWXyv3L!x+uJa_4gZ<s>B6<2efS?GehA+nK88Q`d+vBOg+En1b4I$)2Z?9l
z`g#03{8bWPguhKZgr6;5hQCj|0{^&p4X*j?@UKgJ6aF*tHeAQ62mg)458xU<Hr#tl
zx}SRAk%jAhM-Hyf8H#ZIy(a-&<I8Y;Ju8B1d=0LzW5)0of8WiYCj3p}9mD%@?ZXJJ
z_gQ1O#(QU``>B1)z%`E#*E+Irz0b<Q^?of6*ZZ{sT=Nv+dcPLH3x~V=!7|)i<vfCG
zd<`B;d<@q-b-32ifNT9tcvb3b!Q;E#bG$ZO^K{_ahc5g*GJpE;_lXbT7mJVK9~Ym(
z|3f@eOV6K6#Ix|WcpiS4cwl(h@T%c;!&`=T4IjXl{lM*~W4K-~d2dbkL0`Yl!1ef$
zgX{Z7@^GD>0bJ*22-o}({WLfKEAYaL+<c4S(JOa%&w1dQzXjLVi`#IG@4@x=cJ<-<
z`oajVd8TkZ4tr;%`>*j?xE|+o@V>mRQGoAwqZ{`Cet>uhew=s&f3tWMUKfwyUlMP?
zZxC<8{iEDC_Ta&r<oOs}<45qqNiKd2*E|!r)-i?a@ydG}#zp2^2Cm0FAFg?_a6Rtj
z;5zO_xW1khz%{-M*Vk1exW?Du-aW2wF?`Q~n?DWs3h}n#J@{D?KY)Kvd<5U(Cb!<H
z;r`j_anbm^;ep|0!>e%ZTOIB_%Jr=Q*Z4MEk24*(et%aVuD=g%0N4CuxE@a?aLu22
zd%AD>{a`*^&kK3D-bWYUdLLbc>wR<p*Zb%)T<@bJy1Z|^2G`g7Vz^!(HsN}G*n)rP
zW;fqD@Q!#7euMY`zWa|{o)LVl_yoS^k6nD`ob<S;=L|0zUNXD_KTg(LgP$p0hig48
z!@GtL;1^5&5nS_64foI8bbs>jFG>C){4VhjuIr5quNmHe>;Bk=>v6aP*Z4kMucHQV
zeI7D`>-SVl;JW{2;&k8ieSJP$<MVKRe_#Qwd5UzYBY^99Fof&-150pye_$D|c_O%;
zPb=_if9m$H7(Nhhz_*p}*=xb`;vM+m;yt(?--dASUG9CbBe=hZ`#jwQuFs>qccjNL
zEAc*D<8$ycrOpEUJn;bD5--8~;t~88;#K&vq4eMI27G6UZ^Iue-h~I^efXQjM{wQm
zru1#xdE7fM-RG8g2CjK>aQ!_~dAR<bsRFzu&zXyGJ%5$pdj2ZIzb@NbHM|aA@^d#X
zEyKHp58&E|F<g&(6S&4_)};H~lj|s-F7MCG!{a;McopE9KZM6yyZ93PwbF+OzV|O&
zf2#2JN_-6euy_OB(mulvll)!72k=izo)P>?@d^AYaqs+epY=Jd57*;W9<Il$0=)Fw
z?Be}(2-o|s68sjarvl$X`cQ*w|LgF5B)$oMym%Y_H0?9|Sn)nQC&$$xT<f10p1C01
zXN}LnKP>Al!1a3w1NhYvUxI6V1lRS};J=kTb-2d2;D3|&4t(EVy8WUD&x;S?xn=J2
zwiCF&h4U$Wm(3REmH*CkKU>?$=XT)}@tom#c(k?46TnM9-Q3M*_>p6`y%AjV)ZnAl
zuKpOV@lCj{w*}WcZMfFaf$McqmwuqDrw7;P6@9qo8Nl`WY6yR?jQhm!%)8R#sPQ?&
zi-worf0XrB;K$zL#w#|wX?Vx*KK$E~e+1Whrf_}z*RQAhps$~1;g9{5tG{4)2)|6?
zBluRoc6n;>H;C8a8sCEJ`Lqky*MoX+jUU2W1GnFe;QCx*3J)aSTS)g!zlR|UFYN5*
zc@D1mi*(5!z%_pv?#uVuMR4ypw_P=OFy}mmYduYPB=xl5T2B`qe^{QE!Z-FG-jF&+
zaE+hBbK3uR8~ulS2fOXf!7r8hR)FhzL%2R4E5S9s0@vqVRk;2>j=JG3_;YS``%4G@
zCGkFdzmba{!5_Tc`4q18`)kwv^pACY%fcteNI&6vpI(H=2f6tlz)N!c58?4!T>cVV
z>#V>FFLLjvt-`CjyLniHm-dj?W#F2>Ntb$B@Z6cM&NjSMbKZf^%eeI6`um1PhEEOm
z-;*9M&677gFuZJd)$qFEEyKI;#^+pr2JqbXw_3c;8N&7Ye*)L%u~YcU+uS_&*QNW@
z+1rhK9`3!|y&hM9YkUYFlwEuYu6fFEts{c#^-KjG$nm@i*XyDhT=T?my)LT5KPvrc
z!Y>!^!1ed(^x=of@ni(o>xwB{uPeOwrpM)0$&-ca@u~pV?@tKfqg~zjmf)Uv8D5a%
zLj*tM4mW>l@E40W3~w9WgZsz1I*0I<_y`^!?c%5K>Pwt^?@RYnpU-6B`g|q_*Vn0w
zaDAORfZr&6D8Y~Tz3W>Aew+3aez|=9r2*I1Pup;PowNhj_&!|k_XlvzGlXj$Be?Eg
zV|Y(qZ=Jw(Kb^ugkJm_#m+q$-xb`Op*XQj8_=?}S{s(Y9FPGu^oIHYSd=0M8+he%q
zsl&C723-5lgzNM67F?gVx8a(n1J{0b;d;F~fS2}{?|*=6`~<GQCwdCkJl^}$<GZmA
z_&~lN%%|)3fWc#_GY8i^d3Z;za|&=hpN8<9<S)TBz5>_hZ&kSFslm057_Q%MR)=?_
z4-I%AbvEIerv=yVNo&J(p7-E-z1oNC_38kw*Q-PLX|g{~;NKR{T$r9G+UFcxuXFNn
zegAU+*Yj)$*X!E|9(=&nQGxfabmx~Uyl|QG8r+lk7_R$i9Ue=31Fm(p;aX=0-us%X
zrwb1*b>4&LWW9a3);WO3l79%-Iwx?ga|-WtT|M4K>2a@q(s>3RNS!`h>&(Kdl0OI6
zI*V|vGk~|g?&=BYa$jG9M^a}Qu60K6Nb*<UT4xN`I_vPpH(Z?!c&X#O2_Jpcc?+&}
zw&5ko-+^nLeRxauqX9fV$*p$?FP!Xr1lQ+LW4P8if%|WAd8Tl!)0ev3w^4eY_A?7_
zeADI0!GlYj=i&MsrU2JEi|~@<*Y#^XT4x#Y>Q%V@d<`Cd%hegfOJ8(ehwF2v23+fJ
z!UM_Qf@_^!!v}Ev`5`=hhpTf0&z<Ld4ENSJpTM>LDLg0f-o@$TPgbtOefZ<WbMU8$
z7vM$l0DiD|34XeG#qb!e=f@_zFUu`>b>2O9YQrZ7JMX{?65oaEbwv+el6YOe&S$N2
zgn0ESTz}sCV0v7t&vkWX;GWd)!+ohI3)lK{@JQnGaJ}yc3@^iP)p3Mx|2ua-62lw6
zck{Lh*XJiKxW;$k`W&VQ*F1f=)-izV{xXE?bC?la@9)NN%`<`P{m2xq{qaAP9(VP;
z;ep|0!>fkZ;hj6(xU}GnpSbT4YQr_Y2an`?9s6+2Gk|LyL%8;H1drr%9AmhS%LJ}@
zrf?k>ues^|XALhH9vU7QUNgL5c-!zEyfJp;IE3qc!3eJRxl{PY``Hht`=jw$xZW4%
z;F>27*E$Mty`L@8<$f@L>wR$u*E}V--WQkQx?NTHq~_kAQ-f=K1Ma=k#W&%arv=wK
z+HkGE1MkUweHY#m@4+=sAFh2E!1eox#_)!Gu4)3;_{>Mr^F+VD$cJm5EL`iz!AHBf
z*9-FSiFg67$AKbT^8|GH{=E>c=j#aGk?)hQz%@RGN8fO-Pu1a?rvcYGns7ajx8M!g
zFWPYZKKTw@^K{|*oTLZ;uAIk*hEL#^$#dY$N7M5`J!g0kzEa-b62di4WOxm(^*7-9
z{+YJnJ;R5FPYlm|EZqlPZ_e<d;U&W>hR23C4euD<H+*FH)Nudfo9;v2@WAl0;Z?)y
zhPMpw8a{wuCG&Fx-}t_F_#G0T`9!)8`g&OouIKAKd~~O~t}eo#aF_EC{sQsH@S5Qb
z_^Fbo1^=*k7q0ik1Ni6|_xkA&uJIGNzF&6=*LeSv>3&Z3lizy+*Z2Zl-=|T8Kkjbn
zC;TY!GW>Po75Jy_b$M#=%f##OHIk<Zze2nX*X`=Tb-Vg-jUT}^ehk-mua)kzj!Oo9
z;5}}8v+%cx=iy%#FT!sX58=!I+vP9A^>wid{CJ74!QUlbhwJvX;HBf-ylulDl004b
z%l_c%?88qLAHpvYAH%gC?^Egi>paiEm&?4$!k;XjhiiNhez3%c@YUjF_{RRjUncQ2
z_{rjRxYpBzpD*!k_=m*1aNY0vaNX~QaIJp~zeVzUpHBBbKaqJ3?}!%+58(?JxX;&=
z;2#t(!!MWL7ZAbEeYvZr0{^&p6@HO;4gO8>7``B0hksGL0sl|&Cj46Q7QDLF^`Q+v
zL%ah&OS}s|SG)&5U%U@r5FfzbD?Wr@BtC+lCEGQIH^nFL_li&9SBiW8k)Choi)Y}M
zi~I0Ti)Z0I@f^G<+m(lZLc9R~jCc`#sdxbIh==ei#Y^ySiI?G5i%0O>SKWP91zr%Z
z!UORdyd)mOZ(nfxR~>%0cmw`N@h1F1@fQ3l@izRfHEz8f_+Q1l@JF5R;(PEPN&Y^3
zvv<4r0ent;2;WhB1lRtI;o6@GT>CSHYk$1Yr00L;T32TV{)xVGAO0EfEd15-`TZRH
zMDaZQWbp$0bnzm5BERo1fWJ-RL%7ycf}bbxW%#?qBlvs7EAR`&tMCtr*Wky??@5f|
z74bU!B=H9P<C4D#|Fn1u-WG4ewLcyB7bLz5pX%>hgnRP&sXqKGl4k(FN_+_Ki;v({
z>BAWQ1Bsu&e=I(Q|5Dt$1oL0&&%l2x@jm=6@htpa@f`dw;(7Rk;sy8;`JRCy{B-F<
z0DqLkhw$yiOYoZHDZ_V`_z1p_cm@7M@hbco;x%|69>Wh6uftc1H{dT7Z^B<E-h#hb
zybZ6358=Q0nY$ku!RH3f$M8FT>3jm;RpO`c=l{yZd!J3u!&AkJaIGhR|6cNkaIL2V
z-|Qy0-ZEV4iQrmK6R!2N;95@`uJv@_T2B|Q_4MFc&lIlpc>kI1=Wk_uGjOfPhu<sl
zS-94dgKIryxYiTFH^15SzXI2Ks_<<kz6RHNVz}1Rg=;-MxYpB$Ydr(F)-!}_JtMf*
zlWnKRMeE7I50>rC!?m6Qe3ir(;aX1s*LrGjttW=RLh{$)T2BLhqQp1hT2BkE^#qru
z`}4Ao?dd+33SaZ*Jr=zLzgWBs|MfX8PXzaNcX=xCwOc!{!asSK%Tt5DbsOg~{OQ{|
zufsp{Y3B`iA@A1PgunVO=Pmesb(g0N|HzKcJMj5+&b#pFh0c5M*Inei5C7!3&Ij-x
ze!}?>zUPAT5&TmZI3L5G|A5=x3H*=SyZ9;my^nV8U6!6dZJlTEhoo;l+<%-~Zx(*+
zADrjl|FN}OZyx?z>1P3co%E*&-%93H06*(wcbp92@vg3(5`6uKTs>v@UeeD9zVgK`
zz5>5d>aW6AebU9(;3vP))fvP8{s9+Xhi~@|=MDH3QfCvs_x)~rTkzL>+~sM*Pmy`m
zf&Z%I;(PGtN}fLaC(?%j{H4-|A^byASLX=+YKb4i|19%x0^dc}JB9ClpsU}zJU!3X
zOMf!(<NxC7@!^k?d6<QtCdaEB{CcTB4<8@l>M6i)mE(31{*fJAd;mZGQ_e$p?Ly}z
z`0WQcFT?wC+>7A<xYzZe0>4(y7ghL9dYp&<MCNA<KUa=Rb@=W(xjGy0x5)9o3ICDI
z!xp?;a(UYDBmU&Js{?<w)Zc}lCH?8aUn%wU;Xjl4Gk|yGyg7vbK*oIpKTi5KhF|z1
zw_Ou>EXUy~{9_y3amM?6dj7|<UuWQNlH-pLzeBDEvhaQ7c$kCtr2ahoQt3|tezeTz
zBD^O1bpZd8)E~mH(fJQQT+XLu_<zfO5y3;54;A?Pr2Z;=wakYa`~caHV)%8>k$DdP
zgq$Cn@QU=I1+Shf^Bn$yU7dH}zm)S%7w(5Hz6XyV<Mx+6eC6iO2k`gEI1cHnT>cUK
zI5{4U;ZM|g4xe7OeDOMV3UA1Dpm#-jo?j`)hYb8WIp6tk&7XyTPLAg}_)&VChu^-7
z>rVmxQ@x&n?{K*5PXNC~@`v!NWgeE{Pm=A8;3rn){t^Bhsiz8m-jS}J8ayZC62tG7
zJazcS>lU~#*JDli4`sh=!QUpwlQ#UTavj@&KV6UK@P9~udhlRBndk5e<@#^{59K^H
zgr6<*e*}Mp^lc1(K(0e3@V%w}Dg0S-obkSpp66rPzcTPYY~!}ehd)p1$->|I4>wP8
z@SSA4^6-1*_*Q`TeD^;2BK-9-jsg732fF!Ig7^OD>Mz5um-A)>-%|Qnfmhz)@>k){
zko-0HMN(%BZ)IIQb+{+T&j$PzGC!N}r%C=6{KNaZI@|DHPuzMta8HgKUHEh4Jl=zU
zOvbSfKSj<v19+s@E%1Bf_%nk4MaE?e-$CZ{1b%7LZSNGmPVNi5PI{hiT!!oW1bld5
z3-|Lmc<<Nlb;&&3ztwpGUKJ1E1Npwe5?t$y;Qsr!Up#+x;NIo#yw-(}zUAug(ZAxn
zZ}@;N%TxHvk8%Cae=*(X1CMoHfImaL2#>Codf+2jp29b-_e<&Z9(seU7rt@5@QSQ=
z0N+vO;bOD@?|=Sp2mXKBfl~RJ)Rt{{#%_;a?rqq2kL15|dk4wiE_%Xp?}Ua1&3)~<
zaN&pH{yz;DwhR}}%!CU^`q!NB<hi}iUyNwXAM@hU+}GBJD+hCHKA%vycJ=by5ewg4
zwf}eL&iir#tJiH49Jco8ANs3T-u#xOEAGGh+!wCh=7+16^uslO+w#o)SKR;n6*r&o
zaKa?&^i_w>UAf2htJWR2<j`mD;jdcw#p!q6y=wKk7fp{?m++cvrbk?G^Etb(xPSG+
zHH{<Iu2_A*)6RJOsx|8~;hJkQN38t$o9|w=_GyP7@O1x-_lHYv3KtGdiayp)3eSFf
z$*jVKXN7D2EAz7XS6&mY+xC{jADhVa;X<;3-yJ_W`S{=5*5SIHu3bIj8&@y<aQu-)
z(+v*S+*1x0&R(A6JAHX}&fjd#Kg^%=UzD5M|LEnx-2SVV7v}aqWO*)J*k*Z>=i(!h
zJnK$R!q=@{o?V^%C%0n5s)fP$1IgDU&24=`<6q48IxF8HlCL!WMQLf0S?f*4Cs{=?
zT=LVo^FFe;^$&(?la8$0#tT>87tS4eU%2L>t>(Wy``qK|x#uN4y+3^5r{VfP92{QI
zJ3Sk&-8x)Yy*v|Mf5>v*b?=bn*}Jz|Tuy!@*|@WljZL;IvwGo=;~ysL4%Z}-%!9L+
z=TF}y?9P5D`ClBay#9<`lExPo8^3VC>V?yi0h7fGHk`5L__iZwg@<cTUtSnLW5b3G
zvyDiy-BX$MI~l{pE*>)bTT()}ZrOboW|A?Q^*UL7G9Ig!=VyzB<ey&n!rAa0vb;E}
zGnjqz=Ik%!Ss~%N*-t0`7S5<NyXp+rJ>!Vk4<wsX9N)ccabUE6|I7MMwb#G%zqtNn
z#mNjDpW@cNaqn{5UrsjY6(8DTaf6c0JbO0nwwUu@m`uB4{>QXiw`{YcX4}4WHv4{7
zGG^b-Th2Cew!c4eespKOSlGn;ST_IdrOCg|=12JTV_vfOzhx`#U$ydw!Q6${9ky<p
zza;;f^l!&i;ricgKASkX*~D2t+B{shG<bLd%_iBb^_!kRWB-AFWA^;V5f9Iv2mbD6
z&mrE%?b~qO-1(ndT>byPeY2y=ec}2$4+!Qya9uK`!}Yf>)s5Q2ZPe0#dV>zW|KHf4
zn^!-)LHo%DJv?6j>h?VQ;q6(5?OFCuZ_g=z`8T#_vqx;tF%P-{N^j4l|HAk@XSO|u
zt=rMfJehSeK%4*58}x}k{~H^$;_!zD=z_n=@#>NL)Bor5?Z!X-8=Lc*!yew8EC0&z
znVmoWx#L6s)IF|G{%^^qjt@8J)O*D7q4!UZ*5r@>#^$YA_3-BXY`XFIkR0Fh$?^5$
zC+w9RnPvygWuJb7J9i}KndDHrc-pxxIms*u7k)qf!^w}HowYX}pcl{ImGt>3IYhhj
z(^2nv#Q7=7_K5S-TVx&X{Iqxu`d`maa(*~+@vQjp>i_ri<4ws|Q_X70{m=8`m2Y(0
z_%E*i#)oEo`)AjGl)e6A{?FEb<R;f2ru(0Cde;A>pSi^gmUYW|$Ik}$kmdQgV|#Pk
zFJ2)mj_gmz5B(#(LCJW&<DTK-VQ3Pr{mSyu;$M?#v2gV4x+A&FSUpP~oWCKNDDe~a
zOwM`Rp7&t#$J`<P*+1uItIf~GbJd!a-Wli4E;e$rRnIO;ZhL5p#WIpp{b*)EVtanr
zjZwI9j7qbAnw|15thh0%&T`gf=il)9^Ox&|`7CoGTsVJuEdNkX{#?A!Nv>k5<9!!5
zY<|vPlKlTFKl#s5$)&;vmiLmVx&7a>ytDY{`O90$pQ$3Bvxy>WO{+*rkW?Hc6-N?R
zN&dd$zh3>~CN5Tg;=||f|K<AYzPdTTcYgi<(fq!5@wCMGU3<j*O6EawNSF<D(*MPo
zHamK3`42a;$tcgJUeb<YqVpee_07il<lni19&yo`jA|w6{$l&{ZqO5o+y&{`%fr<R
z*NtC^f*!tKNY>5k;dlJqRgu)T?BpGmyD2}LJcY&mAo)wE>ysK23fw-DT&&M7K>x6K
z8hf|_i|d<h;oD!m@%VV&>)fU!70mXcb<5r_;Li?|$y$FuzP|Ek@9t$|KUrP+a1nT=
z@$7Sb58t08<D1O=W!vSGoha#>yV2NB+LEjSyYgS6P3_9#W8`*WmjA4NCY`?+E<BX1
z;xQ*`-N|OVdzp31E|Gj$IW#1_OYSwszuS2J`=9e~<MI8}cRphNC8a*%_<r39kDP!1
z@An^i{lB={huiOt@3Xmdi6nf)jo7+n<5#(6Jfiq#oPT+;=EZGz%wn>a%pW^{%=}B{
zk9N0#ZvG}SXZ6}sva1)y;fCJa`Oi!4239TnJzRTACS3QD<U}{S|4S~SZVK1jHVyYr
z?hyZx3Fn^sgV}?CoBj~4oV?}n;fCavzn|PbCb#i_O>X^`FF);hD|*S_m(E?(TfOc%
z7tD6%JKvrB=ZLjWPY$0qC70AoSM=_`dT#FGUbv(`cm6Yzi5IS!E}6UF+9Ybl{daCP
zgN1&$eth8E1)VLDh4r^>KL4G?`MKt=+r2pmzj4v>RTs|wZx;5z?cx46g*V+fyTxCB
z=VsxC8^XD(Zg}9PRo7piOok1sesu4u4cD(;m?rrSn7bfK@*T18(5m&nTXw{{6O*I(
zpH?rqWA40Fv(<Dbvme;7;oNZLHFNKJ=8P`*<?4l#mS;|X%-ogBj(cpfE3J8OZtk52
zCL0wl+`3_>_wBYkY1p-Qz9fP9t7g;u&KEEK+xnzq53Sg6!rUp#o>to<d7$E*Fn8|_
zC(O?szs*4>%-!8j{&wy*2Zig-%&D(F$k%^J{u(Yk5UyGO&>1(hmz<tWLVB|wUHZ%<
zV%Z&M?%~aTeCacj2Pgh%yRBMxPO=&IZ`kQkyUyzS$A&X@Skb$4T{74HG(UIB7Ri6k
zUAps%U*7%H6K4P0c*T;mV`aGR@JYDOo%8jjdp);)$cp6I#PgPfEAI{$u9-VOpCp)%
zpR-qd#+~89Fu8?WcErM8R_%Z7sx{Y+RxRAR>VaEVFH9bhZ}q}olW|%Wu01+4N}l~>
zlGEnw;Ye~5pB*>ewpG%vJHvg}&q`Xl-3fC)8zgh+f}79S=R32eC4X;(OCAdM`NQJB
zC!3l4`<m<h3vNDr{HM8Z-5f6YW4O;<Ni{orwQZAaKV^$q#Nxj!{5stKhvCA{!u@Xy
zS3D5zb8on2gFkoPUdb>nPPU|?2Y$YKNiucUkLKsDeEQCAyU$9t``%=`cTTqZS$+^d
zv|;Z2M<qwxB;@(t+?CtU*I(k*lT+rE&tEck<xxwL#U=Im#pTVC<;{}i&Fb@;&HjD!
zWO?&sdGq@G=CkFc$@0=<d1-xq>1=sfvb-!=URIx9He22zS>7U9-l9Ig#cX-YWO>VE
zdCU6zmb2wdvYbhlGxhn*Y<a6>d8=f3tNQ#_v*kx6%a2NyA61`!)NFa{WO?gkdF%T8
z*0beplI3lZ<!$Qo+su}?O_sM!mbb0XZ#!GwE?M3#S>CQbzujzkE?J&Smgnm8bF*bX
zS@x4<zdoN_EnNBh?UUtMJGQUSZ$De!Az9ubS>B;Ozr$?#(aG|oljTR(=N~;=-Z5F;
zF<IWRKELB^d8cG~r(}7j`ut9_<(-q|os;FA>+?I$mUl^(cS)9asn72+Th1oS*<?9e
zpU=*gcTJXeO_q19&+j^0-Yr?)Em_{JKEK;+dG};__hfnZ`uy&*<vo(+J(A@;>hpWd
zmiJ7S_e_@etk3T`Tiz>K-YZ$&t3JQiY<cfwdGBO-@A~}StJW@Ee&^F>S4_$CrghIt
z=E!*dx}|$<c<yzF6#Nadx%vFXo$3hxPjlz4n*C?Vo&DqzWmWR5Gjqh+lV)eZ`Q)&9
zb-4bn&BHaL<d~Vv<G;?1nd?{YKVFrb#QZzg&kk?NnJ1S_{KX@5?%Qr3_{D~uo{}6-
zF6hl&FpF88<jWm#!GF)4|K((9)w)-0a0ju?SFQQ|bk+XXCx@cU>bd7Wc*K&wtX{bH
z+Z&Q>s~2wHu+tN=%e~c4NKRg>lhbm3c0iarf5~i}$;Pc-n_HD!nT%$q)BlIPZ;y|n
zI{V*EHYCA>373_Kpo;`e#7kB|69LIWfEn0Ttf=%YDvCs`6p-u!7L<fd3gfz#wzgVZ
zTWf1y+ge|3tz3m{fFvN70CEvj0xHb9Tp|bwQrX}4duC=YN$^sA-@kr*bTf12+|P5K
z=Q+>q6pn-p_O7y+d`sYiF&Oi^uEnKx3pPdp@Jf@r0GRV&nj6~}XtrhVNoht&6Mp1o
z%*TRKJDwLP%}Q{TRVhBEsF1Eajh>9C7&6c@H|$Ycl+a-y1vJNs0ze2d{*PgX*>i{)
zLTHq;Tbd0txw{c~;Yu+lN%#tTI4PIxuOosutRskxa^JnKius6bB`tPh^Ak&qWNi)j
zzAa3A;11;FDS;vQAMAxky(&*pCxXww+T|<c==qevr(6oI`mkF>XcSPlZuMpp!}#l)
zqV^S--~?LXuj#6bFDJV0cHQH;_wKdY%s!pLd4NJ_e-=+|<!j$W9`K#WYu0>d18MjV
z#j)SJDSlx7b67txm!P^MU>=9$5tK77BPa_#6inZV>P(J4CLhNEX`wE({Bn8a52uk=
z67tHQ^06andD)3r`vvFLf3dr!y2jTZe?wR?EJK|Gt6iglv1nf3I%h3D)EXa3l0Td|
zUbFs-2aw^B=5)OpZ&&6(6_aAcmpM4B#FRMsTq3K@azX3*FCrn7Z>ZkjgAlvMvHs&o
z?fOrTZ&-io0W_djj*s4KRK7vo0AOOjmb2p68@6C6r%$g>)O88!+<-bS#NUnh+eOs<
zegqwktdC@@KNUgk|3OPJ>JNUt0KBm6!nLveU;OFpRA<dv;H%U*eVnJE6p)^-@pdbf
z-n8B54&Gudy~%bR)F9qN(3aRFbm-rpssEO%H#~k37{w)}f%MYBoqTU$kJvD0Hi-FW
zMFN(=w$7+#tvEmE@B%Oak361&`or3tBe_$!KjQF$3}2>C38wvFdJItNe$)<71fxjJ
z%1vPB63!O|CjvJ{>s-r#38F5kv>Bu53=I%>dDs!S%Vw>0Ny8g4@RoNkI-R*oonuQ-
zZ<SHMg)aV|=}#&;V@CeN4f}^1;v4qV$ND5#68QhhBNIpuKprvzY3`mN7r_Veirm4W
z6V%>dV|hw(2M1k`4|1?io$q4&xq8*@7h57-6ZpMAS~q0yx7wsdFJ=LnYm~{hMQ&?r
zw8>esoM+c&>Gka67v@=f`yw+yPnU_bQt9=p_cF0goJWxjym1Bp1k!4e?r%-?z2qjj
z@Ko1$q>=0DZFyX<H5-uyT<!`Lf0wg|Bb^(ZHPIbF)si}sS$6u1Y~JPJ2k=OG1H^8r
zD6-U{fvUmiAkb71ido9=Fa)Eg4Ab(am<P0m6Kjzbijo8SD9Txtr{N<JP~mb~U1-va
z-7JABkqWA*hFabodC}?83*N{(g0H|Z*=8BdH>b13<tID&SO%JYGc6CZw8rAFSfcj(
zx?o1p->P?DDx$23p40!yD=UnD@>^FK|H^O-Et9%d<u$M)5cg0P#eXs+J?uKuYM9`#
zSV~o0KozkktPjtAh1##s9rleUe>wPuD60Kz0f9?T#O%C?>2yQJRfIflY(5Ats)RV8
zOv>R&qpK~?Q+?X|s*D++lt4d=<3;8R`oYQKKlZH|f8FR$tMP6z@?_vI|1l5G+$@)i
zzf6{w-GpEM&#w+7mEmi?_-alpJC>o1z5wh3XYg@Alle(=nyFKniuEl-Rj6w`m1&S{
z@JW}qnCTOkYm#Vt`Bg~d|2(%(C3MWRqH0;3<8wwjYrrLC0e(kTZIG(c(SRFD;^Gt1
z!rM_CXhtb$hGx4^@weub59Wue>+oTubDubF#R&#DqKmGQsy3h{CA!vAyvKJm%t<lv
zuP1n0y5c|B>M7Xhz1~w?>ybt@LcQ(10#y+|8s!Q9qWoUpQBQC}v!{6P><c2EvL$?h
z2Axbyjyrgjb8NtEZ&lPS3Y56cu-ke@>HC3Fy~TGKKcM67K4dEX+8kE5-c#J@#<?xS
z`)~q0q5ZB`c{?l7T733>8oAY@?og~J-8g_nVHx1f8z)tL1hK4Kyh~cN4-dnoH?wkY
z!kkLgo0v|>a=mU<)MlmNtl~eLDpkLX^hkk8|HkKy10lgqe8h^)t*Gezj#$>mkX2fm
zRaE)u<eA)8^NUjaExxkMty1;<tlikNTK`Nklyv|S?;Hj43(Vkr=LW#9^y?aF@igp7
zMLo4RgpC>Kj@?MU58BJ}dt+cD6yRd>K<O8?KaV|2j=UR6y47QH0J|zu!t(*Jb1rtz
z@4)}N)t0FJkH{Hbg13>*qxwhRpvcXF8bu&sL5}-6vqi`vj>*+P5Nm|A<qOfwh5RIH
z^g{6s#2mHXj`{@qKLm9~Qc<fAMR4QR00=DdO8ydqdArDgRbp#L?R`)RFHQIqwYO&L
zwL%V7b&R_lYmfs7FJeg(5rPShp}&^vAV@N%Qb&J1kW<TfK8F6BM~VF|I(oq??Q!3u
zvpQSEabpJB!VDKc_GqBKvP|@Z8~0O4RlX5&Q(qB-aRYe~&qTT!^g_pPZ=y+dI0?VK
z{^KP4b~`sM=0wMDSig?&Ta@_i6&=5QDQa8w4N;o|o#y}TQ5#@Fo88GkXf&B&!W1*%
zw?@KvGa+Ckj6ecpPK5AzvbuwX3YiB;4h&XR-Z(%6Ki(q{P>kbaz6`xC?+8eatiGca
zMOXVYrZ=aFUU&x}y_2thAY;Yk2WQQ2Zj+Xl*arEq-!dD#m$$)ZGEb(J*m`a?8nyrV
z0sw!xcx%!AU{v=W>wemJ*&5qnUlTDeiz8+T$YY2Z>!+3IbxKupNbLQer}_>{OEXN=
zP?F+r24-mRZC8Mta0q*3r%g-`j(O|!{U`R^i=6<I*lW4kIAp-lRZ(}+0tlo~%wYf%
z8nw@7uIi)SOfk;Y+^0O~b3=X<+lz@i@Hfa3+kvz3;;H_~J4tM6O2crbJ}9g2YFXFk
zpv`)*DM;MKQUXPClY?wc%PWBx743E*?adrsF@I3>T8d1o_j$`)6~nIeO(H_z@(JlG
zkw=agPKLKr)J}Y|43bF8qO^yB1jtrh0_&E0@hn)W6_xn59J99oOq9LJhEY|nBUktX
zSL_&D1r(~cpcEhV^%Wa#1+owiYT1{g%b17~4y=$2S5ckq+H2+LdeL{eK$DC2%o-WF
zTklv5t35_UfWGEiIHQN7_Gw5EXwHM)a5TfjUk*&Kq`a4CSq9cr_iBu`ZZyfpt;gMv
z>8lW(yn`{2Y8ATCp`tdernhbNbOu{JEmiF%@vy!R*6#-o_O>j~5yNXiW7@?tz{&l~
zDi&xRlCeO@wQXA;i{J^_Kjb<!9k_;w?GMaSy<Mt$77t~zH2rM|f9;*_hp<+<e`A@H
z->0*9o{04PP?=;8oscGkm=PbDL44ST58Lno|KC#^wa-b-vz(Bnt7^nC<;*Y?Z8#xK
z%pNwYw@BY6_uVLG)`B(wr*0^dt_dwe>(D}usKrZ~1KE`Nb(qkoTN>3A!H}bzcF>|z
z=>jluHgjdHm#P~f^wQCCfv(Cclkl*FL*YY({s7(xui%`-?>O;WB7T8W$LAHUW<E$?
z>^EZ500s40Gad<1dwvQRy)|Vyp+}ZH4G|akstqu-gP^PvM8@wFs#{7b4&7WLy?NRh
zm8CzPfISf;T%nYbiY->AGOcT?TzQ5~_|~f-rFfGf4c{a$%3cUq4@(#T)Fa3K&Z8kX
zKw=vrd{Bq94WllxL;yu;O&xrNAWkrehTaD{s6m<3u>^@|4)5pbNe&Ku?`9H4`=$7@
zdH`zGf(Jm9Zy+RML!Z{3+Jo0C1hHRjap3!7Ot?_Hu)t=CND1jvkWSIiS^z)MLB4i!
zqGSpG9(9JF;m^<UgU<$xdtr#S9T}WQBRxc+7QlO$AcnURKqoqYlMc{|_BUjURr));
zlvDvjvtlebwrpfdq!@+N<632Tt|j8pe*BTql~SPTA2H3Rm6>Ugt0O~T-KVaNOp06|
zVQavD1o%?a9Dz;<QUIOj(6&E}EfDWVKV}%f3}#xcCNZtEmSNT&EBh;!4Gyixb`&<5
z+Q&Sw0B0ZlaW4o4v|S&vkBRa#+B<z4`=Au;R&RUzAmU2G!Fepw9&fY>wB-;Z{f738
zU9X6r$EWPl2NbhM`wBBV(+ur95d$vU`YlE=_VV~Be!r8Wh#zji4-5Ii?Xa521@or>
zDMO0eb)+-utZ7!H*Jl?>RqtbpmEb)&0t+D7CA|*Q#p=DB`9RtcAS7s+1ir04h&1O>
zi04Q3r~>mHVadR#d@dbC>@o~zZ^>5zx8wrXhgt#WzWX90mB0<i1H~n|=W+SqKmUR%
z*W{o(QTw5D*wRGPhglWKF3$EDEBFl*KWcvlpIJ>WS%`;#FBiyx?C-Nn)gh_+H|$Q$
zqEw(TUoSyFW%UD{gc8M&gg*a8KkTz+xB58<DW?F|t&{~5mYsdY2s<Z?u<8=Dq2*o%
z!O8lPic{1qiJ?~6kuFm%U9xx@L}bCCe;Z89ll{egs6Uvt>wco9@p&0K7J3l)DRQ~i
zhz2-M6HwSyH>!s<d<&k|;K*WG%`s}ncW}MH;)vPNmi(?Wx8tKtMk)~ODRwmfvL2R5
zb}XBEmz}snyKfHnV&ZC3UTMmIc`zqSC**m%wwUs~1bGuR`yv-q&9b3t{--$n?1J_=
zL+MD>tU%Qa{2o^|%j%H4+4*hN%|LwR!`kVaBlF#XVIAq3$6&d1UGpZc+v#v0CYZYB
zOVOt`y5{Tu16}j-T+~fnP0InP;%%IFz;-JBb&}%$sM!;o1A6hH+j>%3C{)|YI_Kw+
z8yp^4s9d3QK19w;=$z|-p|D0#`^EnziCZ83013Lv`F-(8sGK3Mpw4;C_rZ1~^Z!E6
zJVJUPD_y9WM?n9at^{W~%yf6Uu7Ab{JmQqzf&TeM>YpdGZYq^wJrDi!B}#AshIB4!
zf8uj=jQSN*2c3?7QLU3sO_8mqvfMYNeCCuN%_s-Oho;53O<wk+84paqZ`O<l+|Fjj
z3Q25Dw!HklSyQG@dGOI`ZfAoM3OQut!!aE^F-18cXj@3%o%`fv<x{+m-v7W9FA6g)
zKXPq?yu#FPyM=!HQmC_vv7JU(-G+W!#=d|?`BFo_-O?xrZ6!+31`hye>BJV4Td)!n
zVXd#WLVgXw3UE)B;tq^&z&_t8Uq21%HH-w3)81Fgq4iK8c^fph^L-`QqrjayF|Wj<
zexQWv9PaBUf*}d5x696*Zs+z=b%+1Mbhp}w#gd^U^va}fZtGqpv^IN8z}+cFaqf^q
zwHWzk#d?f2yPc<G>nE(jV?~u~yLy}_Su-k>of{Q@O@>ljGiw!uDzmQ`6?mXij^O>t
zH2OC{qyO%#%OWG&zyppiXg-#syg#hB0kvC8rKRpJIl-*;0Ah=><A5h~lLFN~)>Za5
zq=2a}@1a<0Al&hG%7I-sD%f#I$^1+X0B0$ogGIVv6=gFNYppRTPv${mNN(rO^9>1O
zF-C<sG71`{l*-doZ=SDYd@|Y;`^w2P^T#t{iqWVs%RuM=IEUN0M|NUivFb4!21(c`
z2pfj0UCVfEfDr?xIDX!?*0~LP25g(%jaZ~adj_|#XXt6zGhk09+A|2TVuRvr_Vm>#
zSd<oCL-rQNGcDT)f=V!JD=5amo&<7ta5(e9n4#y0#id2Un8E83JfR!_bB+CSp{#;a
z1Z@o522_0~{&(Sd6ae-%K>D5d--YM&aIR2&S79(14)ot{q5r;=`tPC~NY#nt1H(mj
zXn<3M{`+M}r{ut`s1L~fyxMOb<<!wR;olSAf;D&OO+djBSAJi2wx1BSi9A$(3lYQ5
zP~!Z`Z@2YhIi~!ExbB)WAd>@drY90|2dMFWATLL%I)L`5@4llWeK*zJ)OITYY=BRV
zIhI?t!;j&6+|wAacPF&{Gi*>MFDTuK{*1DE3~l!!)Qp0|D~1$W<{lE|-{l%%wi+}b
zjfQ5y2fNinTINRbwnEu0CFr{Q=u@EUw__imLlf}AK|py38yKp%4Gs4&kaytu1O@li
zNKpbsN<fAR8-k7r&~VSiYJsCw)Dmd4H+V1S@~j|nqRo`Q20FZ^W*J!5f9AM1Q!W4>
zv>(&gPPHv3$ON=so)gMlFbi*sr`UY9rT62pet~;I@AnAPvSYgB^(#%wlsG{&jm)U1
z%9%YNne+?9Ts}O3^bgcc%_ty05A`2H;1iZ+HOK_&FEPQS{%-V8P=9d{!K8cxOS3x6
zJ}k|SDN(qJ0B6wB?BC!fJnCmk=%X|xcqgg8Y~3L({20k@+LyhD2TF6UBJ%{RpR~_O
z*afXmBO5?kf9+@e1h-0h8SaBrm#~)#Uo0{tQvA)g=@dVPe@wdmt?7L^YmU?VOJnr@
zxf7)KH03Y}{*7r#1Ycfe5`4E4+n+kQ7{Mnw1^H@VGH6De=8KGlapG>|$%jgy9er1V
z3hY(FBNp2vLEjYsxKbQe)R0uAg86{XLIQpFsGF3QceoH9>%ZOLB^(ND!tj@r-PFJ6
z^c@Btpzj$??!d&1=8@{VF8={g>OF!?KgPip60sIhLx~=p7L1IczkrQes4jbKAnQ8W
z3A@Q!hvIB-TkDlj4d{8R+ggh!yKHSiuCB84oE)l0jz&Sg>p;HiX1(Qt>V5XW(SfV3
zOC;a!;tjJ3BeH0!eGgb>&L#+eV#FNz%X@*C7rLaSy*nF(T;B1alKDO<xVyNayq{vN
zgKK4v>jVK;b{zC%?u>L#<`+G{821bhW^Kk+vA9+U`pb-;DE>3)QgsQo&T<|wXq$&|
zy9+iL!}d5E+YOroO&U2!d?dxW!6nXuO2LLwwZY#6{nvq3bYJrS6cxAOSB!Q%Fs?GD
zxAFu#<+kqjNPnuu9DnY%ZdXFJ<{W!eOm1wN^~~UDGdQ3B05ky;z(DU8A^ur`iXaYU
zb<&7!O6Wieb*cOp+fUG~p^#gBJ2of6<Vx9bNcO*N^{AT_|7Ng9YlT(@wVZ?kFYL+O
zh3rRJdu$4o;`R8v!;^VJ34Iu6m#m6)tvSZb9kIFG({3(}i4?FShUa$fH3}M~<jNL(
zX1)^m^tCgJov)>YSv1x<2Gs(ju^h(Q(#W<3ySmv8XmqwFn0&_BC4n*A-2J}17~=%_
zf!kVV+JAP$FX{H5?f4}aq`>|&#xE%*zw`m@<qdv`TiSXiiCsdrWOnH~_(j<Aq#RgS
zcFoF@x>|)bS{`XW%>01-pe6+A*SVzasJm<la1HGPN7UIQgFj*!&}#hZxeWus2iX<D
zAb}cw34^qU43fOkv_TI4nZyaKQVF4l=k}5~tCSAZTU{eif>iw+GE(SW0_m<)^(5XP
zWq~N2bO^?RhhQvNXBZ2f^jHr=jwc{DYPU9%S%S3<5x8I&rK&I*!_gpen|^*W>;Y{(
z_48AplUqGN28o7oV31%KNVX^gKkf{DqI!xyIPC>X^MH(x;P5L|{enXXbOMv)u+06K
zb+Ceh201XU2^N81tdFyOhj!<h7>mT&6kwBR4jA8$a?Bo3&t>vUVjOXX2}iu1FbTYd
z3=@x{F^j<7NRb0KlPz|uH_Pfh_%j;}6Hj^SEi?g)uf>-b1O6Rz2zPTZ*&q_@l31l5
zo-$db7sOM%@88hgY1>4!p$fyeE#Jc<WLG%Kl6>LEA%x4ccN+7yE?U(2_e6W8|9g4q
zEi1o;r13!4xTJAVNFP*8UP}MN-w~WBIK{CeXv>5n0vr$^usE0CpG?6iDAOm<DLh>_
zHrV3^vcTWOja_?U#kUwkpM)_yQo}JME`KTLL4rNmQgb|Q{qYmVBQM{)N&ExjYWQ0V
z2W9M|U=Ov8J0;R=6_lFjZX$wCgV8#VaQhF-zr{cY=EN6k@ftBuVb7R2zJGkJ@r{_5
zd9?o<&&0>4JhW>MOBznSm(uI{p&F6&b%$05PKvrfhu~Ddq1^uaQhaECU!A;$N%nwW
zZ~gxESMe{U&HC9oaF<7#t>kO3-+`syVvyc0@j*7c)qee`Z~1!Td+yibU)<kUhfj{L
zEqro(UmrfL-)4MIXUE5<t%{GYWBGNbE2VF0kE-hNJ-qD@vmW2$jrF3<C1`JgILT5J
z{$=*9dVN#QSKk9heM#qSQS-P!n*S)Z1kkR#gZ<Zd6O1{3hz~I4JTq1pa~>~%F=vlt
z{x*;{3VDP*X8;B>!k)9rZEZ@j=j?|p?d&<bFj3fZI<Q;g_ME4Wus*|{)1ljQ*8j)$
zoZ}MgIrGp#*opOo(dbUmh|SxX98yp1O?;`qgGH*&CjS&jn~w|+$bqc>?3)}^7n1H5
zH~6jyWd9PMq9LCGEz8Zq?$bW!C(!R+j*Qy#IMRndM-`^F3f8RmA-`1pFMLLYHlxA{
zQK6dF10U7w;rJEuEtIqvD&>3{mjVk7ZH@FpVs!;OR-bklZ|DoO)<ZQsYLT4)y&Q<f
zq#VYM>6(2IsZ!UpxA8}grmbRjk><MrrT>6e{)1X7Z3CXEnxcirTX;^e@L)Hno;r6B
zl?3`+!R|rka9d0U2L@BPDKnwa;@}hkTRP!R_V$N_r9p!(yV$aZS9!UjyX1nkvB%(R
zA~&TJe?jGju}O;Pif(Lj`je!tV5q{_q?}#xubYq{Rf1}M&{IeSiE^+bH2p+J(sHga
z6!%wj@D=2Y1qzK>F2dj)kD(IwU%N(-Tug1hONHY8&MH%J{|*?6NFKfn7zL*U#Qk}c
z!%W+`fJI^PBbaQh3yda&nm%bo#$iNQkz)Ko1y|ya=G&MJm6=e7v)#+zk@zW{pZ4w$
zO7HGs!-^b3KMW(imU$pR>pYQawV3<?@dpBFolp>a(3gf8%7^lh(v@J^G8E%jG2kYB
zlE7R;DoKe7hMS>DoG+G$GZ{(vK^8Ry(*7G25kEM9AASSlkhid1xX3?c1HnFfM_-J$
zs~h_RJ+wXl2GV|rOaeb#faQS!#^kIg-PQxq12FWy`WAfi9gNJ0w=e9yg{3wP!LQ->
zTCOeSkH8Vwy1hhw27bu>ruf078+<PdPv#ziJO;cw{_6|@HJBcb3y=<z-DmMoXSE6_
z!L}>OA#6!qOLFT<^7&rKoCfqR)^v=;jWi$62^-0T-hb`KOeHh=SfE7#bAd2IhYr15
z9IQ}6tbsvVC8wDdXHN-A3rO+f8Xy>!9Ksh}r8{tq0eSe?dKlpHi|snN?EAjZ!Y05A
zus%-$H2i~qKi&Iv@BXCtQ*Qm>V4usTlMW6%Gh8TIGtMK}LTS}M)<=@$U%a><I!X95
z_L>9pGmRMq@YM>cn#k`xhbiqae$aOoU+UPa--6|-OpCJwJKx}R10IEYv~Z4w^c)fe
z;AQTtQ=QNdbz4N6*I<ICRZt{5I>S|;F4kGt-FXLMLvsTXsX^}_?f*-Ga3{h#2nq<u
z86l1M00$E7juVolE)|AYANe*V6j-~2?bCeXHOw8&C*U0OsA#))9-F=%O@9g;rKqDa
zl=@C))3ofR@QTe>u47qYcM$DwH`>pjWFUv@W*Byvc3q}f7wx%b3ZpLmjN?xUe~jp5
z02zl6MZeO-y%F_Z0e@p)9VD+<g65+3AH3fWBt}s?iD5;hYI<Wt@}u@zln8)(Z*oxX
z$c`^#w-a)XLe9i)C!jAeAG))8K0qmu4!OOr&+_L{LYKFmToQmihSirDyv<s@LEYv%
zR$b$}C{C>}@MR^=uNytad3k8daH6>WM;#aI0>+qp4+PYEfk0Y|QekGYmbfYh-Hq`x
z!usPTN`7;6TveCI%g`W%st4iv0zsj(#ueQySJyn6;flUP&y+QKcb^qQ0KBpP=sJf`
zrT0Jls6IIT{QiLKAJTs=QY^avR04d;IM@P01bp6MOMuTp3~&=@pvzEUVC7+EDV8q{
zi(%NO#K9CMS|)^2n62(7-9Nie=o}0nt&PB}kp5}r{^ogL83x+n{!Tit{_n*HYyRuE
z*!_NMeE08uP2c?(pMD-VA#eL6k}dEdZ8_J7fi}v~jqV^!grf~gadY{{@b^Gimk{>o
zwm7{*LW)xSX?c&aIJ(^`6o9t+F@tSe6@MdUzJ~sE{@-E)Kw2UB|HKCx6CkrYkhS%e
z!CCd?Pa<XOEigfF2NdXwAVnlvFM#_EoMs`R1lh8>RYeG?V4)%BNcpxrNGt)+P~D3T
z)<D0AK1vIJ1jq>&;Rk+&x_@D`L9{$rZ@EMcFccy*x>8O$+kh}}E1qpzrLKtYh;KsM
zt1=O-zzGQ6udON4!dEaQ!U`BbF04(A0Fe6lL*+d%i0|p+&)Pa>a2ASf2e52|fkOFQ
zxi}>G{ip#MN-)x`ZiI?M@UGnm1<5(sE&0cz&m6B9zZf(+=MFHoBK+;ULZyap+=Om*
zxY4x~j6V~n%uG32t3aJsTx*O!gX8zF%Z06?ec}vm09bd_X}7&8NNmtP326xK$h4tm
z+CV)`yUI)$EE4Lqi_L`3h5KQ>)>$MZ&|`>qN5OdYtp*0400T;uAk<leDFqXNh!9X%
zaY29+vmqr{)U`?|lCC({dQ=#H9E4TJUYLcr`_{nc2a5$Y!3P3t9>AKp3-*Zh8)iTb
zB?Qn?ZN)rb4~vBp6E(4(FZEn7eA%i43q%P>*4GjKCynfY+u5k7P)dD*4%E6CnBzcK
zH*IYiL<hF(9oPk!mi+s$WbT4S(Sg<a^5N8EE4hV0<0cdhkN04_-h<)n!Yu?KO8dE<
z@h%9ZE9anr`tVRVU3P}_G^obdKGZW5>W$bU`!~XX<wW^?lon(2jUadl=?I%P02n~4
zLvVcT_|nnXO=#FPjVoWTjS}SFt!|)6D{L$5Z;20EwX4O4`1W3s#7~0}KS?6(KX+aE
zSXdqA>Uylfouq~LV|^5VUEvC{pmM?97<>c=c1C`yR5g?<7!A>0(O;J<7sGq1xx6V{
zz=Ehsk8}dtUieB4?lfzt61*i=S%N-lOmN^$dVLBkndE>Ix~*J9Ix*{0iuX%D2QJtz
zRSiG}C3qK(y?Z79%XpzH+fw|6pBT1k-h#1#(qrN{kuw6zc#M;Yq(eDlRircN&<HFh
zoS(4mkakFb5|a)o{-|~Kg~Gu2oE9G24O@&B%GzpoHw)S>pA5<CF<`_)IK97al?SKH
zDjFNig32s}&2oD*VLa~Q&keV}wnO<iHWc5b;d?QyaG!up6Xd$<!wlOAUonnyBpzd<
zti=mQxeb56lToJ3GDn#jALSlAa+IUmjq--XQ40Jk#`ile{dvYmeW)17d;)^GTxamY
zfn<F51G#BTY`G+3Ag*=;aV8E#j6t{8Z3Aw`8pXyy4k0#%LB<$L@%KAkjM++T3}Z1I
zF2-%`#(+`9K@MZ^_G-5VVb1)|Ly-%y?_i+{nvo!$5bNUAjPaB|RJFl7A1LU1sCI!8
z@YZ4L;9x}+VjZ^*lD2?6Bb`ZG=s;U1whrQdY!O?BNn5aW;z0GP92<upLvkJs&nE2(
zrj49RM7102CBlkm&-{-;xvoL7eyGs=BF#8I_>VXY?hxmP;?Gk7Z7|$}*GD%T?_V!B
zS;H_-Xu`)+91j9%=icpS8HyH%&FQ0tDi6RZW?1DJ{(7^62&RA&{CmjZ&BCE{2OhLn
zQ645MTk(t?AGOytvYTrmB#%a$rO=>P@gcfJZSIfvHA9iP0_=Ej=rb&P5Mbb{>y+S(
zGIb|PqoZU((N{z}z|qS>Kc-vog_=xtFV@5%&Nh&Wz!yPanYlGM8vBRjS-d!EW4wHY
zVCD5O9oQ@D_*)$CO2mOe4A<8?kssHSVke3t=AohX261Ru)`MbG!~am9mJ6h+8jOx}
z#@VYp^9ARyi&|TG5XmJz8%_W_^_i5a{>Yr`D``<t@)z;B6J~aRFBCg#B;dn9YO&_K
z@vDv-YPh4b#@axt7>ZO);fNUF663sKq>n|qICW^@5<FsZON^r{OxA;GcRkAG1hy9v
z8>|<Y)wG4(bt!<ukOJgG3UD(s;vkZvt$Kx^87G*xx6mkRm{k2YmR8SJp2Ob?-*wIn
z#0?b~_yxXx&CwAE7O~dWkxl&%qW$G9kg3**k~Q8!@wdb`QLmvy)NpHZNwf$VBT9Bb
z$>nILgpJjRtdRMY+t^@&REHy@cy#|}45PZ{@jv|lqaXUv76t*Z{}>{Z)p^LFz3}(s
zvGIJMpVzV9=w+-Q$N++Mr&9sR`jNdq1Zy|XM8!HZ>*uh?w(9^Lhh_>F#4ZF-W1DOJ
z?gk!H>-5vKZ)0Q|?eW$9q^gVGqKi+9);PK?fR`l3cVHw_9+|6a<_<I=(|e_Uc8;BQ
z2@lB7ouJBv^2Wd(=bLhy3qqafFv<#XYQ8#jJs`h#l08hRdLT2ziIu9}#vJ`c)bR;w
z?1CmYAVpu|!-0owfmBi38tjEVvHom{1HFE}40Hm(C!Vi6)D^@4ekTvt7ewt7fq9Jc
zHT*jkd(jWG4XLUOZ~C|e`~#K_v7ZzfAg_#P`T%kVh|RDs%y8q_3_^}$MDsEBd%}7P
z;mmuV#aH?&?2hp`6&S)94BlMyYq4@M%oXjwfM~Mqg1-pdZ>;vVSl+eqRsZ=)ebx7l
zY%ed~wS!Wbn7lZc7DR#&)yWVM11nOZjwc~1hbWmlwVUW(lCT)^h$Q}2Hsr-~P@5?)
z9`K{My!c+W672I=r;r!FAay7&zDe(!wCD<Kvo`YLOYrT><i+Q(P1?$fKS5edpY)x`
zi?J4n56k7ERz#O;fT}%$&aJW7DBOB=BL)gssiF#0;60oZMgT32$Ylonb+B~Z2+ER2
z6!O`SB@Z!rOIdOuo)fSRU`%L29@>D)+sTp#`^**mQd#nEALbHJmOT8wb*5nGjh%!n
z`8j;iWy#vhki?nZhv=?$`1c|!o%e?RW*cbn4XbpL`S^%rjDmPKX1GX2-KwbXD7X%Q
z78fug$BAvgEx5(uOnF}-qkgOc5;Jf?BOo<SB~A^~fDeZm7~8eZzS0wz4%_OR-E`K4
zh4kl9`xO|u$NGgwosM(iJeK0jMJB>|Dc35mzy$H%0;PC2e1LWf3l|iP+INc?gA~#R
zYtYN0_Io!85hDYx9dzKR2o~DknkoG<<d#N$4&zSNhwT7=%Mlqdh7KW*O2L6}eB*B)
z2lTBF@#@jwIksDK<l=4Ru;|&ZjmFl)*nC6fzzB?`d3IlSU^0%>gWa^FIw#!7f6&0O
zeCAds=QwL3-Rnl=LP!JitJ7M+z1Y|Q6s)mm9fIMt$@bC=DU=V>K~tKys5w=~4;1-c
z4XkqRp%_*XR9KfbU#DXgU@7{TMf>Mt8Vpe$@wM8b`${VdV~7RkXd*RcPrxiiOLfdr
z;Ywb8LEjAfly4bdKGEGWA-+6-QAbl9-XNh#&wL93--}06p;x0FSfO_Mw*+`YzcB$5
zI%we6zCYmvX}2oOuAaGvcrfiX{Ar^^aYnW6FR_hr+KSh7+kq;=GUcV?w54_W-k1cQ
z^?`~Z{r!Myi!V)+mclgb&9scIzzakgQTxa`RE=FU4){o{bbW~knIo$cg!CQ?t3)k!
z6)KWd8R7lR3rvQ-|1ZI{{B{y{|2?Qv+bi&b?ghw3wD51(QJt`8zs0uY_N^Kw)_%$D
zFpolDRxm)YVGpFc1K0+E1)v+PvR|`F3mK0B9b7QN6&M0r)f$-CZNwp{i>r7DCDc+C
z<w9ky<>z2$w<A<m+IOSxy)X^W4EkBN248m6m-YSJ`)g4aayM%WY)&BpO!ug72QGCD
zzS#FJ!-wH!7n{3y_pBqXz)h~fL#)2FuUUVvR+uZq`OC6ptgoi5Z!M1gn2p!qIU4m2
zVb!Ry3vZ6e8F|x1zTF52YW3#fePWJv<W1kV`qm>Q#oG-j<8x9*-gH}v@1ICX_5B@f
z#MmQopN+h1{Oxyq&+=cldgS7CA4E@S6C;@9;?WM@5I8sFy909yqxQc70W{0e>?=3Z
z(jb~8r1lTg+4@&-wP6@YLo{QZqIU0kpxync$>HM-{S(oFBhE}ddL$LwI?hafIt4J2
z$V?WZWuA^YU?zbfqV~mTi#nTZ9IOluqdu|){`mF%ETw@$1i^JE{w*oSr&l8XOc;L>
zKafv_2AEUnMS0Ol=ROidY%+^W4Y|~YGHE)Z4NTu9v^(_b*R!d+)h)12PoLEt3_E-s
zFca^yd_--C*mQe!a43j<&<MlK={3%M;#|PMKYOGX-HX;%*OWp8Zu53!y%q6v6#*2c
zHM-POYO^2i!l9;&QuUL{gDDV@l&ay%0~QCG3LWU{Q8gu`Wx6VxELpH=Rl_cPvy@n1
z-F@*$^%ECQXcc%n*wv+;bcG@px%?kmN2<qMm50z-hlmiI`GH40qJ)n0cKJWDc``q9
zsmDF)SqN<<WX>3=o)eifP|Km-p3DzMs%Kr5A6n?@68f;eC-bCBJqPD{|KS`tbGMvX
zFK2FbXV$y<yPNA4(z^MZ9PZ4fQuR}I&Vu0_=qhK1l+dy6sJaG8O6C?N6O@MWi*x#O
zaPG`KrRo{~feelknM>8y{=^xWiav5?!$|etuF8)rm=1V66eyYN(C?OAEp@0XORD|}
zGL}gTAhFe+%j=FcscUI`xsy~q73r0Snvkhf)o9v+%TAhdP#W-N%Yv^FO3c1tSvI~1
zStsC&i+NV9QA7R%?Dqh*)_*Vsg!n2sbECfry=y9vGaFF_qlm(DE_9%$5<1#N$=ocu
z??6IlWffM06K3)BJ)*$XFmqkyxhA|y)$id~3=LyLfzSaPr^sP3N6g2dty07t4yW@Q
zqHt%1^qI=U5I{mQ8}!c?@N)`3E1~0^U6qF|7DQjk-0H~$8E=&_suD}}QAJXqdU+rZ
z0Cm8B07E&@vs69kKZu?lycmNL$t6hcA!lwwUBcCof;l$iYFQ^1K`O<996)=Qa77Mu
zcZEK>fa`(w_3=dzyqL48?!nq)lKNu(MTBQ*2BLucumK@K9^c5HZSrcD&pUO>bnip5
zbBkPgVzSFqDrcVX_AirW)*fS)TAV%C$d5iaWBTYR(`DyYx$?B{q3KiP%yYhr)pz{|
z*x62iNX}L0!)|is+j8dG$RK$&vNNM1J3m#oqw4A2DbwVYz*o_&_+Re3mcuE*2&9pF
zFmmyS`;-4F<jg&?nl=E)N4I(gV-X7)6XS2<{MGIR-f{4#9N#4*JAI}D_(1PqIuqj>
zBVMwM^w64pxf19E2Y*P=-t4)!M+U{^>Mdlub)snSi=~2JbOj#o?OJ6;&y46a@I`)g
z4N)afUmA_sbE5V^wTa4T!56yKexh-KnuXdv5&y^W-+5U?5Xb#m>9p=R_pQTNV2O`D
zn4IEe?Kwr~>KLcUUd<q@$ml-z1|IGWo%9c1=x2#sX6g%~_Jtv0>HJbe?D+jZB+HO~
zzFV2wsWRpbXv%UfP}J^6tzxK~IiHYHe<~M*W;qo&X{cLJz_%5RkqyN*)X7k6v6Rrq
zAOM?FfaD?!fnz}rpcNtS`gg%AbVv`*J0Es)KE!1FK4CICV4L&aicJRCW}i71Wta<v
zvIqWK5a}0#r>K2aO>91X`ns5pyEq>MF%_QTL$gv5SV>Gx)czXk7E`j3Q<85?$qn%-
z+2pKAWXz3|KIr?Q-(d|tGUo-+k0QG<FB(#fdHLmYIzx&25&t%rHnR>40hvS`)-o>V
zka6F`Bg{_e86-kaR|-=9P3=Fc%TY(Ny-v)~|GqYBqn~FI?8&)P%@a-1{ccJ6`GMDq
zf2lEhWH^nP_jk25*i8kht@zpo$>Rdwf_?w+K%9NQ@n`yMmkNFwQ?AEf{U-hlLuvmH
z6*J8?fdmgF9!OH+BeIDpgP^421Igo0e2WovO&HOXCCTtJn1-h&{D5TO1u_}}&Tm@m
zjJjds0}Ot`H?a45X;C})p}p7Tzt)>CA^f5~(bm_oNA|U^Pq%M==ULWRmaHEw!qtMn
zj@TBwR^pf7{uJskPR7H1@UDhbT`S%S|38NN@F3hr-2E3iSzhXZyCu-cjM)Q}Xb7&0
zZd^102Sf-VCg$bS{TDC1X+jQOrMv$=g(-9guAnlv?L`wp?+W4~Rc}Qmxc|}=P!=i+
z;F?RJyobLM>=O=kBI|S@^(~SV)Zb;+5P7+I<AfXb1uX}Zf^EvSuwsR)U^qpIZcxOH
z6LLLFJwZKp9Ay}^;#1P1-=HdYaNto?gqrFkX`#x>{f7`UbP7Zt`sEWo=AujRG(6zs
z&%o^t5&q*aP@e7*>;bzic>3PUgn3SQ3i)r{8+fw#CcJ_5D<^8~aM?BQn;0VEeZYq;
zYe>?46GP(nO$-6Rb#&jvK*swhXJz#N1)_yvvIzQdu|i3r5Xn6KCi+7MV6gdNT8_uu
z;1<|=$Scek9r7B}7g%=gmsiK*ew>Rt|H_E7Ake08Cxmr??!AeCp@{lH=S%13k*m!8
z02aBJ{=bOtF?#X9tWk@-eRJ>*zkK-rLScFqs|WwzEaCsVQEAzZGp5qAFSeg<4a|S9
zmE0jr9s<PG!QS9vLpieZU94C!9_?=Dr?T}VjxBEIdO5V#;c=eRLr@?@&Q^rv5D_>`
zt_bl=>fP3}iuB6XLdCh?W5pdK_3%ZFAZiB;J6dGt`>aE8)){q}6;z(ooi%Z+sD~G8
zo03K`RFGVZO?|!mv5f4G2qYr9gxHAezv4W`VL3l=s}XnKlVb6D!%0qqlD!&H|8x+;
z3w$Us)#5vj1G^EI0{3$q#r+(m(yA{M>sC+S<CyLtmbnuB>}+|$(GK6va3dGM-TDi;
z;C)0iarZ@Z)GrXyVldQ;od1?>BXCw9qOa!+tmjdz=Mb!C|D1}mQE$(&f!^=n?wC!t
zsskZ~?7b;G90eKg_WKBX5rO|@R&+#NX}_H4t$`lzc+?)7!l$5wqa$CTJOI8KSX`hB
zIVT?1Ap9x7RA{!iFNF{_?ppZ@_7{1%!^lIm3<S;as(hCvf_FpaqS32T_J54K9Uw?J
z%ex&S9tbiFuS#(R!^_wc@_?&wJ<T+PmlcsHaH^21`m&Z-*czD%D*nrmSD2fF`o4U(
zvo>Lezzz!$NWkaEedOzt{e2ly*W4kE5d;aOe3SF(3EtkU^xcd3yma(p?@c+LK#x2R
zj9XiFDJ?rNT_<i;d+bNxVQw0ax=pI8z@}j)tYl|6YTgp;y_p^K6zuf`?#FKVSaz<5
zbmdyWG-A^1#71G@8$y+0J%ND09w#iCYOzrc=@C@0QH~hVSrq3ckM$t7$B{yh^Bs@%
zkP=#lXf_ObgYEH|$GL+g73UVCq*+XN+-A|xx||M5iejul1jflWihce3v5G~1obZs<
zy9BW?wui_00SDvU<xx*yCQpt4X!k5Dm3HqLS-sEK-?fS+qGG<;Vp0Z#e9A#4@1c_;
zrB(Yp)*VXUeVA8xI`fDrE&c()Sh%F3x<+Q&8y<}`{fY_%eDJ7<r35;cA@CE72Y{pk
zFfYIZ+*7y5;n@q-X4cN0=m~BeLPU>^z|qIO5-+S!*Wz9vLL=Q%+h0^szru7;{X#r-
z$nOibOVD%nfCT*wlc1k!N6-=HrU?WcL|PE^_3~=dq1g@DdW@jw;)EBiaTnKspw}q=
z)(oANBbq#Ec@LeIFUE+@L(82c-GY|aA`@u24GFZe6qiQzVE+)?K%56rJ0p1{Q1BW-
z!5furnqqB)j0hCG0Tdi&dvblPPQgEcDWR;wPEH$wd#OmX2@i*C?%@3~vi&Nlb@54Q
z(Mx>5R;P_PX?LNl?iA!Zf4ND%XPV^u?$>nky*N(3f6|tGTf6kOEcwpp_dm1a^qZ)V
zLAw&@_dBm9(C=4(puU=ZA5XwepwY459SD-7D;&QI`rR8{NuuA7)Y-7f3^KmN4I?nf
zggk-yS<P`W?)d*?ydyGxWsHo+_@D2bo)3u8bFK?KgT9okI|ycoAT<L*QfWbF5lX6n
z7}4bK+S7NV1nyjV#~|<-@&H(t5<TLukwoF6q_jAa=L0(k3ZEaR@EfrON#Rc+4=H@U
zpzx&kU!TI)Vb{n5K;60T9VUs-m8z~`HD5{MGun~(!f!(25istn=sR!~XgtKwHbJwl
z!|wvyrHQn@Dw)=EUm>?n>anB#KdDb5^;hboK29LN8NJVy7LV<K-rsm$dhamkJxFc`
z1RsJ++H2c%TEE}hUB8^FS<w4lgw2lW{qBF5^gjEae2Nbz$)Ek3$XC9b`?oJ?z7X^r
z$6m-!u_L`bWuZ;N=B>a*LcX35Toyrn4couLZnYdl%y_Mi`qH)6x5gz#X$uVbis`Sy
zco8(V`zm>u8EE%Ax$phf<KJR92e-tBbHn4Nye4rxUr)aGzvq85^Vqi-UTVVd?s`lg
zUV?n@>-!h|@5wKh9Q_vK>$f?+d~@cv8z13O=m`vqlO*}<cjh0t<;b@f!F`+JBly=m
zV?W^(03r)xViC!gE*}(9&fW-D`?!6@*Y`*LyB|m@S-wsA<WFGOkXRq(lfksP5J8c%
z{PO$bo}hQFD(p38w69&4R$d;fKd#^5`35RcSjxF!@Zh$dlNLUe34{@t0YAq(aGfKM
z0WkZ5aUO5Mg`7>l1vf6Mr0dEyTzF82D20?(icp1H5R(RGH)k@+W$4b$3vrDog$sd^
z-0Im50~IRj7lxCFIN;PFD@1EOc;Z1j;()_wiopM=rlTKZlwUhiG0k#~ScOKU;%1zO
zq>ATQCoIGKYY`aoL)_?iCn(SRigl;7Z~;Dfiq}hvX7d43pDSgxM;;7VM!zBs54aL{
z0nR{(;)MG${>TH)IvG-g@H0r%>1Ozs;*5kiREN$v;ZZmvt+y4&k_3C_*m(yrpCbDG
zxOmd<%ymm~S*4T%=Me{@J)QGyO1d1E<<jab#$g9z&@aa|f)gM81AxPfQ@AQEDNZ4}
zgE&f1s)kC@V%m$Ts6(2$;TT@BU(#Q;;bj-j<oKm%YZur~WNFk>5sWyJ2T3sQ(;dN>
zU?Uf2T{>#9y9l5gzfbpav}wj04%*(wq5}SHB_8$PO2InF3UGAVBew_vr~^9bC3=8F
zx(FhMs0L53hSrhlUYGx1I!``;M5*f6tOLw%p%GIJr#oH%H84-uJK;XvP<=KeXK<-v
z&_T#Dn%&kKNQxk3tU<Un5xmU`yMlV;sAuFhM4WZQ1m9nqAs26)^;Vf8P2U4G^Yq=Y
zxY)smCjNYYxA$DQb!GMd7it&wjx-8Hs9|^Uwpo`)Zf5(K)IIorn{zv}&e`caO$!n;
z7cce5f_8W5kjz+w!oyHo>k$eY%lpb!T*vojkFG|D;e&GKE)kL-W}t(+vGf^0fW4iZ
zO_zw@hls^W=BJAPbHph8HMWe1QRptfy&5wQ3YGam4B_!zWzstcv0RtU7la9{<LKQ^
z=-+4V5V>~C*4>EV2x;)=vK9LuQ3WBCi-j=cH0<RMDw>9h>QR`A`{{@IgK<xLkFGF6
z{va1@R2vc8P{!q6Ff5e(jE014k7FK<J{`tPKfYaW98cRge{L%T4z&=VwJJ_VSac|r
z%@h=StRY4EQ!7Mah%PDC&_gvuZC5xqdJqdbgw28V)*~ikt6(X&&H4wswV&&WR<M+K
zIKU*alz<tAb@)Xserd#|2SSAN-KVg7NQrdT<%w9o?QldfCwm$DqU>mr{adYyx?O?o
zB^b3eEDpEDdi=j#$!u=FHpR901iK5|fHLz#G1Y{r#}n2Er;s99^aFLl((I%s6Ba*Q
zu244TX`36iKp3S6d&s51BGp0_BNhplwT41)W86rGLaeFB`L1H!z@kPec@R6UuW9>&
zMk$nUQ%b<V*T^5QnB75}ygn8^LP%2fSwYvG+Y~xGYVN)bJkj=GNV<)1?!h&m{ft9u
zEzWlo@%H^h<mf4KFdpy*aUV7+#l<gSU=zuRA1!jg^bN*Wd*uR1uC~aC`3IqK-(&C*
zgs}advk-{~Z9<w$v;$0oyBZ-9)VRwe9eF(h<aG?lO9Jw`Ij7?DsCSGKpadO+pa%$l
zhPdY#G5Zi=7`PBeZjpim_&DSc9Dxi&-;tK^Ff`Z3UeCO1yv`=#Nf+mcTa&>=$P5@b
zqX&W<FUSdR{G0+%59+-e+V%6@r7RchQPh!%!4m699dX{zB>=`H`fl};sD1AXday)L
ztZJHxh=>dbz#vt<iZ@SidYf2@hUgL^ZCqe=*oc+56D9y|us@yxm|l3nm4KE=RV{1{
z7#Jd2xJi_2xbGrzpT1u}s6h|LP(OuOlRXeWv2V_ppzRC2gN*L=E_sR2L8{ij$4jBG
zZY_Ht5pijlkOieSO%AwPWp#L~5*!W9<Z)bEAyrkQJi;gr#^uViTmr$sYC>dOCmhkF
zd~h+E>sA^)hZ5B_yi>WqfG$(Mg7}F^8O->JfFj14*5i}+K<LEl!7e1Iba<Px14+iP
zq3M+oIT0jlDked|z&HQ|!DSqyPA3FW{2KA6@BKZgv>8niC%%}eiq`v2Jg|br(7q?0
z$d7{8%F>SR?*-FV{5Wg0e;&Emg7agR_UB(-Y;ldhg8?;`V8&oNYwMrS#Zs&C7UQq8
z#y|A$;8b8|_9B1)$PL@Wej<F4r9SQFNJpAQ8$ah_i+|`sX7d(nD?UIIxZDrE$!ZZ8
zCFgdMv^5mFYg<0*W$_P2Wps|LPn%@a5T<7g2x@TXuYPq2`?sp8mqmqT<J{@weKX*I
z{87op5Jvg#k}JVCzVLh8ZRB<b|CCpOf-4}!w$SnCkY@cUb3N{qpRKF1@tZ{(!0w!0
z(HYNxQne6QLO4%r(P`-NW2mK*nzr#pcu(!uG6I;BK5yX#E)Lana9Le~LT~X$9rO~?
zA;b3fLAp5_3q}*L2Uwy;Qua#nC&7UOwjGOX6CVE@w|W7mVa>&;LfihK7`v}?ecA&k
z!kJ^JTzp5q?)bZX%@xe|*Lc1nGanq?nQyzADk4^(1J^R^f_T<UBdZ+H7w!RhfWDI6
zH0`N<y(|bH!Ug`p-L8piWn8?7Ta|)?8h%MI`lwmM7vwmy1f2?`gOo;V<Y$4zYJj_H
zp~(Pz`oQRpZ-nJOu*W(=23)giKo1>0xH}755j);4os%gC#-NmY-D0puIgt->f2p25
zp+tnP{Rl#YJ129&eqK5!i<?7MpL~ZE1KH+8n#ii5-Kg(MKE1{*^D?*63$$LoP>yc(
z7p3?z<pDE+8CxQ_eY`R9u^f0>zcUqckc*+nRxl+%@`%SJF1kcu#9K0i1L6XnH&8s#
zMYf)it;I0i&WY@j15f7Fum>pLz`y(k610&h2L@8W@Ut?6XB5hx%kXt!xCJ?IodT7w
znsqZO$&J7_J`HBHfVDbKIeHOol7qNPAaDaU^TD(s5r&q_e(7NnnxU^gpMv`U-|Yo9
z(1;IFG4vszP>b(g1VX#<89ddcO+bPbL3R8`P|eVXe*?qlpRl-p=rzxB&%v!~=*Vjw
zn7MTs;eU66ojUj;e9aMGFT~d?@HKo8UvNJMGQqRMg8wVfPfNwn?~C@XK!N?wiS}gC
z9?A`hJ`Vsv+_h^^{B}{XCBgPD<{v`zF$n@)5fBLWD`!bridHaSTGT%ISN&+iUka2Z
z%rK(%N~F;At?FsCuWLdmg657OZK4f6=C8=D&ct}>n5E*diidpWjR#!fRhN{0iQ5HP
z*tlJgb8a7sp|A`HF7I!kIuLg}pg4Wch*b3M2~&{}w?XAPjzIUEHEsk#mD>B5Xc6E{
z3`tx4Q780xzcyQ<H-L680?#B$2g#2tyY}q7_h$cV-yQObv9DdZGMxY1ZxiNhi5wUf
zZiR`Ox!xi;YyId94w|7?yW@fhZh;l4NI+<Z*Sq4v_CPue=QD71Its7EX*8k2q;G59
zNctw=AhGPN|7`a?ymDMmOM-k8js-d4dSGh<KEi>qN#7Hij;+7z4m|=9kn34@aDf9>
zP2vtJN%R`qY+k<hr&n?<fq5lSdjL?Wn4MAr!?e!mG^{}jxy9lo3bp&+ge_)ZauM%^
zya&{-s9A}+^GbX-cmmV%WFD`t@=!8D$2%N2jr~Ii5|at*S=fJSy+`93(CB90VU*6w
z^U?MaTc9vTGQ$ycEGdPKKatDvgYIgNrQyCe08L$l4k55!&;pP}%fWet+RytE_SS;N
z?bqJC3~pK7v|Hhg9`hXGcbf2y$riA3z4(UpPgu(}7-G_dmS85*IT2mr3;x5uF_Sqy
z`pd|HOX>JjAp7UR{TuT;IBItTSD;(DT7U-CVvumAx+mKIdVavBr&t(6U~e;uGeyr{
z%Mv~<v9qEMFSlZgeFJzLurz55?4LVuBP~t`5fcO!z^XX<bGUve(JqAG!CIyYZyz{{
zi6LTh!m&;7UwA9(GW%-4-#6YLze%1`T^>9Y)qvn^K%WA4A-eHs2jPT9379KHh-QEk
zktC20ld!Ca4<~H+;f5jHI^5*t-8veQ<>17;addpo5Da{54l%#93w~)#PmB?P!nl~Y
zM$er$2{f!>62{!ww+}R}VUpJM9=j!ixIgQr>LPo18v>HGy>1l6Ds{U+z|Glmfn&_|
z55GMsX+H{hz&!gQd@?}6MSK<*ksI56x!UZN+)L#SF3a_pak%3={4--sxIZ15cad0>
z{Me%8n~QQ2Ce&OM0+4^LgWc<neL(PjxU=Zyc)gpTFGfd(Mf)#%x?eJQLw;?*w_UU&
z@hvb1(^?-s`7+@s?oX)$PYLOLHUM1~aSqB*Bf2}mOr0cB$LXmv&D6Of^(K+JQt%Y0
z1V@pTWP!xDOYqGd_~*-b<&@m*4y>fIfcJjh><O09mwU;3y>R*45{R7gmFQN)a|0g&
zYp(gYy1g#l;!Q<hMJBZ>46MMEok)o^qLtS~EBgJR|M~?xys`#K>>WGNAU-2#!>{oT
zo!EnScEXKLXnYQqWuW~Wwx7oKaY@f{>#VM#A@6a~D4Y5ibv22)x?vq+2rb&*g?eMJ
zN$7?81H+$_Ganpx3j9~+<&ZhTgJC%AVa{Yoi<<csw5NUuMrCr=6F5Xi59sT!8~=ks
z7#mi+hyN>wt2#P^4lX#P-3H;*=P9#bWxv7OAO|PldZC&4e-h+zEv_h}ooiWtyZp~H
z|Fa$C7eVp;HK?{Vb2+4g>}mtLnkFrp!UI+?ZT>;g)y3e}(ABn8OABviHU_yAZtLy4
z6v38g(|>7Urdh}$8fiBUf&#Z3h84AM!DhmyNSLN*{}oJYU+?RrAM6Zob?;!jkw14(
zXues9cSm<nC_J5=^e^B|>*JUOXjh~~G9sNKwn$0@%vn9ozF>fO`sBtvaUE~N-miU*
zza(rglEJ$m2|i@tl`~m$I^h>l1tDhl5qGv(=`@T+1Q7&@F(9P<6erEr3rpJ1){{tU
z*Tq|nF5YEyF`CwvVCnEI_zw~ruuiR3??@nB-)$r@$uM~{VGI|6%_ThI|EYk<!>;HZ
zFwA{SUrJoGoQjTMIwBVU=^!j10;SHwE%Qfz%Dp-d2sG-wOb+}2&JxjRcbx!Z`$c2>
zE!w{pS!1sxxk|u?S-%65epq|VsZVw_{u1xXf%1H9&*fk;dTCv;h&uNWfa*4II|@W`
zotjRoZTis7c#q?-3t@^JO_vt&ER9X@)BR!-EEAi6K7ZJYGB(W_1fyHZEabQuk4EOL
z7lGOMzbv*VY4zWxj9)L~eY~Um6t5)ZpLG`r9U_jkt2;6=Ipa0VSkO_%>ytAAu4>xC
zRlC}g;7Wd~JzNb$+IhFY@oV)h(1O35?BAz$3}5hn*I~;x2g-`<(hoS*wn_*sqfOip
zpkX+N)+cQL@OZHc!Ak{igKRN$94BYU_kp?~+DCjqT`57uRn<CuqNVEBadK&kTz~X$
zZsvOt`GhU(cSSE${Euf?d`j5Q+-*0bv~U`eiC!l2;VU*`&tUrrOJ!PMbWYONkroQQ
z8tY|L;|}U2+5(G3`$t^0BrR&>sDk#Z-%p?-ZK@23ful;Hr*GfY@Hil~Hf4flnJQ6#
zJFFb;-L}lEySeKpbkOB+Gu9}n{#j1u#d*4Yz3bZL{aSc0{3OanI)4coe)wt~2Fvj`
z(p{jy*+3V(ZE(MK3la&KovZ{*^5=>8+27h*TC@u!5it4AzC@VxFF+K`s+If{SdbC^
zSUj{r+|t6|Fqv!mb5Te8LI1kra+A$+|8<^n_jO!ufLZRc^OP&-xZFvb(a%r#(81z-
z%JlYo0hg=j<NL>X%Hcwfj>`GXaz8##xyp{qjWx>+KTkQO<8s~2a-Gjp4ws~K)X#m8
z5s3BM&W8@><z1$?pO-(H<(@lFxj%GV?qRds{pTt7P{-x2H_Kglo^sBP%bkTpMvU(S
zA37M{8K$=%-&(UAgG+W)F4S>3y5)%W7M`b^+Htwt&2nSTQ|`8o%Ux`i>vo=U7j<0j
zLlejE?HCt_4=}y`y!_29M_GPH^YWLD%axnuet4d8k91s4#Ly*vx$ZpWiaRdH*f?Sx
zK0gnVw{~2PY6MZP_B`bnZ>xiO5ho1x^NI76`&mcjX5EXny#Lj~JVu~LX@hKMUB}D_
zRnrd1Ms94M`D>AuB-Y1M-JX&cBQ0`Wq%d+#<f_P(k^IQzk-W%d5l7^bNbg9mNN(i9
zNRLRjNKT|nB<o8_RKw*uiE6}OQlq(_Uj%BT>+fRpNXQ`ab%xmywXecW5|B9H3dnh~
zIKSrV`FZlli1q}_4OKnPwdLTB=9TEhilX*v6q5sR9733Jak*F!ZtwoN;LZ(3`~kh*
zaXc~ihInv-ajZ<5jbW^%&2el1(%Ky`j`i0^R<}A^jO=%3#K>aO9LOUmZ)-EQCO@3y
z=M^DJ4P!5^5N|`s{4pg{NZnpSq9Jh$%p0POg8qpkzgg6;U2#7-eIY-M_WwskzXSoS
zm{0RO<6jV;(1%eYP7Fn+kOOmu#_vEXrddqK1DNYcJfMs<L>Qajh6tf&vV7{B%QNOp
zFi*MKLeYh(h9qO&Od<C`FSg=CVBTC~LjEG&=JQR89fYF&e~#qXE6+uNdGj^!H)3M?
zw{qgOF82vxSK|C9$SeG<X>%T1K7gB1`eUe^f$QUEPC$(BdI+DaJ`EcxnSGswD0myZ
zjUDa2vi7_0WoG_kN12OJzs<L}UH#I+M|l1w3Yp4>_Paa@JYNtNc*)X&Cz00SF@0=5
z9Yk-(Uv9p$r;W{5g?S)4OOPiYe<4X0Yx0YXmorJo(|-B_i(q(z<-ji}{gMNIimPH$
za|$@YdE%-JCgtN3HWFO~kyMl<4TZr2J~*h8DWM!xR@B4Le*nrUc7JJ*F8`Ey+7t56
z3GL*cxBV5z-mP*_h~Bj8i%=rClII4k=k+Wdppw+=ECX7gv%(kI6!Cw%&c^T&`+I8O
zSNHcmS;%XHD;?;IHu(Z5OIJ?7W7NJBH%<grP8837!?TWiCIJDs?hRjwBOIVTavy(g
z<By9!3-~h~KeP`$bVE-|<PuG~$CLmdt=5S&mv;7UGtFrD6W|iPVQv2r-0dXV)!xA)
zPYkPIQbJ7g&SwM@R&UI2cZ75_=l2TzxtVjlPs0J_kJ{6s84bRhNgAyLe{};5Qcxl^
z4tpObHW&ffIRno>4EK<uUeGccmQIBLb?B}2z&@F>e|--0FWx@xz!aG0`QS1Ek&Awc
z^&S*2yCaBNJI`U^wSzF6H8!;#Y$DpfoXsSq0e3)@r5}<gQz>v{#`ULc>q2+Xhok6Y
zt#ZI;(SEo$6;OGK`r&d1ThLy9r;FH1ubmV~=hqWCW<%c)w|5oe4Xi07;2EOZB0LMU
z`vGo`fLK>f_%_b`R;z!b?$<2$toiNF`nQ)8zP)CCdqV$Klkly<{5D<xwkP3Rllkp?
z`nTqUZ>{FH8}x4szGL<!2hU;*z4*;PZ=6nA<)}SVPnfDFOp4lD=QGF33KY=O=0@!w
zF)gstkx(P`yrRYi{aaDOw-WQ)EBZGEA~$<7!Th#F|28$@+f4JD7vCTlUxFswfxo?g
zKT32x@Sv#=ffbU~+ru6FZ}tL<ubn;D6N`H|atJ+t7TE>yibm}N*oY~d&&Cjl{-X9C
zdi^zcLH)!&=c&KJsDIy?c>N8?Zr1<yJa$w_^W%bi8G`)L>#z^9;{9DWN$^8Xl7vQt
zWTrsBf!YMTYsPz%cxS}stuc8&+^7wCzb<qBFEoh#=K!yi=Isxo#90n700_1=xe)V1
zQG1-|aQw_(xt4oAfi=>1S@=R7M<oh~quRFKnU*kpLV!hL`bX|ByApgQkMqIZ_jW6o
zIRwTzBnSS<`5=uNy{(HSa<^9UeFJqR*e}P*bG=x8>=*I!TrZYSM|op~Q0r?*)jn%P
zQcx&Tw5j44xsr+#?a2>Qkq!k`zdi^(5*wdZYT&_5$HgB1*93M&dsY02tGji5)9nl_
z37x7gW7Gap-Q9v<Nx6u3%&^VSwAzKx4fX}<eu2}Y{oltI@knG8$-)myXtx~3V1Sy4
ziC+YH<6y?<J-A*pz2tTo%p~{|(#14N)cfhUkL)d4tY(Y;c|{g4A~Vh_M2O~cwiMU@
z>O5Bekw}FJM+v%j8hl`XkNIx$tAPcD+-Fpsp)&Aj16VUSYqZ-<DBoap11_LELwhs`
z1z!NsTJfou_|yY!1A&%9mM0X);X9c{e<tS!9Uz#5{o1u3>BQ#2V`7rW-IYu{*uOUT
z)YJ|_WBuG*!Mf&>c8ERK!u(=CcXbCJoXX97?4-Wg!ullXfPWtfLIjWT?eiAmLyRKH
z{6HP}A~Iod{@)}e`TX9FlyD%YFM{yxdaU9S!e=)nI4y4~fpa?ACvb;JJ4jZ4v;|=3
zUkiR{zxGHIM<3N5Ix0s0y*mYnjTL`l`^7)3o6ov7{1PZ`8+!@5H9QD~!bjc$aPWwK
zP?sU}jkx7Lx(Of`7}Y8k<ERpNyj2_cJeZ|}7;UbFHX`$KVytwu|F}8HoOONDe%s{j
z3gb-}AGT-<PV}^R)MJrP%=Oit->j3umyU=rJatF%3MR&@8K>_OxUz$wug3(4@tF8`
zjfo#ue#Rw>MsVi^1l90RYrhUJ%<f<v*6I8h=f8&%{2v{?M73$CPEn6X4x8I5vWY!D
zteuRA9>0f+a1u>$D5nP;C)iK)dOFd5!sM6J!Y7_UdLn-V8G8nfl~NU{0DWA9!|RiH
zkptJlMt>x@jNLUYjUpyZ@ah?>VOFPJl^5xr=%1nP;R$Sf8FUwY3C}T;&>FdNeFcQU
zIDqApG346EEsZcDMVOp-VdJkr$Ba`$U-*^G-`s5RE`z=5W^iUv*^1*#5%s+<k$1uU
zD}iAOLhuNm6gZ^7RtP>EP0b37-2LZ{W4;SwdI%Hl3mGao8SZ2789#6Oj}#(`0O4^G
za1_inXlzp)Gq$-l!Pq7NzG5c_gYka_#}usL`R#4ysREV6EpP-v!FIYIlS3fw^@&*6
z)Z4kR`uSU5(=qIpVFxu>EB`qSieSialNX~SzB14qHVDw&5RuxEk;#}}B;zsz)oCaG
z#PqcSci;J*-j}Cf>6!>#iS`M)5zbWX3cw2PI*WQoxPy~vI&jA-P<;5=i1;Gk(0)MQ
zHQlgl5;pjZ^27}uCto;k#n(^o4`~_ugRanuVB<>Bm3Waau_x%T>Ca{*HNC{#KhSv%
z3vc~NyYr^J?7|&4J-FoA6+7h>%kG#iU0mHyORz!E_uK8`)Kgf@%5xRiT;&Bot~v7H
z@(gJE00+I6!zYg^fz*=4R}~`8uB?{lgzJzM2R}%{p?cIRzd#sEOZg=sty5ObVkDPT
zd_1hAVsk~w;%RvZ-v;Kw5_uT8aE2@&5Yn=;nwU$~P#|wuRs~+t5{q<ltp-zJi4-B$
zXkL0&vza-|%$!)VQ)0<<*J}2O+Gem{Iqrg11i+q^58~>!;=tw2vmx*v;_v^6ar|&L
zo<}2Eos=@lG)9c`C$eZM^?*6l5Lp*rEd$=De^hrM{<c8DqtVcVXsAgpZkz?X6hsU^
zj5^@c5VfD01}T^IJ&#%zYev_}i|u&`d9>%?+2#q9<wVvC{(-i*IJV&?GZ^7Kbuc|a
z78Rr46d>e!px{)`dIE)>Knb*<uzsLvt-29m1GUqbJVmGNXeer5J+mM07Y6?CCaf@J
zJ$fbP$rAa#^yaj@Oqhf^ftJ?fA}MO0j&2iek8Kmyxn%KF^b4Bov^NywU@gl|^{qVo
z#6TGihd6sKdsJ$w*G>W27;c{4+`N)T#P41M0I{rQ{aVlA#3e9BSAgP)WByzRG7eaK
z_2Z8AH-`(4v&7-TUOF~d6$a;tgWWcR=oQSmRJ9PT83V>;#<<o7H^R|y6@Z(|GZ`N!
zJ)lMGb-++-^6?zC&tQ;x41Y2W#b9|R<8ot^kZ{9szSI>L*mXs3ISX54a~4*7y!5f0
zt);l(kh5^@i(Q|%^W!IAdpja0f}K;!#ld9h0YLS6Dbe{=eOlPAhP#UOY2j+-YL&SV
zI7kVzRIy&4rNtkKSrYgxVa8XOE0MUr6Z*2k>|@gRp#5i$TxMCuNuV7vbi@Y|-^JVm
z&S;@-%y`J7HfTNQ7^zRPilSe4k~af=8I#=khx#N#;`il~{LtvHo@8@MaW!PebG<fU
zo}V3-G|w0H)I~MU50imU%rAT~ga@&(p^oh^F$L5@eC4Kk?~&N1x(Gq>300%dyQ%IS
zWscNbN*$a!+EjNNBN7{`?q-fCh967=;JJ#r(}-dVhyoyQajUi3uMeeT>F{pxji*yl
z33-e$3@HN5Kr~gVx(mR7C!19L5T0C>L-MB2m_9|Sx(Zl@Zx25-ZJJbdx$)+mb>B>>
zn)my?mKyF(#Ix#|U;WPu3vYVLr@XblDf8%<lGOiJ0#EUzs|0=p0stT2gEqMy_?6BZ
z5KS$3u(xU7j9U=F?*s-~-Ogi(DrU{_IGbpHEl2C&nCEL!0&jBX%Ec{`|L>qGs8|<8
z&bI<_mReh*<4SOD0P>7}PiGj{@nGwO;SQWJYjF=cU+E0akVpDOLFgFa{`-GJOiRp@
zLpZrOH)tg*I$730tZ30rUrw%<wbGdM*?a&DCeQ&4V?}j@xk3tF$LZH@1I3i^@^qUp
zZ0C_=)PSCr@GefKwA7Y2Xxa=uz3I+N@qhYYS!PJ8+KF!z*v%6B8(z#?*hLSgI*@=G
zXQuLV5ncr5lEnkgMu5v{c`&I+yJy;Ez)YnuZUv!(#r|>4ot|!~Le!W&oHVgF0D(Aa
z(&!9!+qsd8U2kE{ENl1!Pn;+JcA=%L-g3<~btNg+uqp>d&G~LLP)MGtRQffpprMeg
zRC-eb+B`cQgtYj0`E~KG5!O}{+lxyxx?!Kg)~Whh(SvDuMUn0zL}kQ|nSp&*8DW0C
zTzyok%3>A<!_}|bST=>9Fg&qT{K-XwPoTjyy-<79Ue64)qk0{$Qcha<QovEylFoR1
zM?9i9=8HWmVF^CSd_XlLSdC8YD)ef+3y6tiy7qA$i-_fe+5h|@rZff>yv=OGm5IO*
z0BG<skk_n>p(a~5H^wI3y%qt2JH3_?Nx`QPR=j)wAbY0-?jnl>{S$$4acBX2bs7wz
z@8kpudFm!4z`c$!lQoSmBjNaw{Rcv*y#{sYH>Io|Auw5RXy51gCA$utg;UG_jKRF%
zR(Qwi8(DiRE*glWX|6yjm}k%v4yQ;vxC5z(4<KGMv>ki}AgvWYGN8(VrO;L}8HYw7
zR_+Wy03;*cynOBCYMmIJecvEPy8a_BUw{(|cWM#}LX`pqT?oEL-$B0nh=L%j{>Xb5
zQBa{AT$Q&Bz1D$1J7Tk2{CY}?R85gS-GOSDA+Sn!3nBnK1MsE45RZx=&Ej?zb!<-f
ziT?;69l!rS!bjJ#v9H8O`N)-kk1paX@X<`d_gwgA<yBw|{D+mU`!knSA3nGAOkkzI
z{>#KllP*gH#FRW@B|R??Q?)=$Rr(Zh7f3l(Vqygc1Z3h6=*dC!^xuHt@OYy@E1OoU
z@+jtumC1QhR3zm*owrA%{}!@Qd@uNI-V5UI(|Jq8-zW1b#9tsQ;4?#ok8MXJorKfI
zIgo&EOb|GYFJgNZiie;e;@GvoX-_<;<20D~dlBmbFgZ6x$7yK>?#&=o&EuX0%UP92
z3L|x`5={bS`Njxz6K2=}?EA4mM*`X5o{9Sm^l=0wi0=gAlk(G^c@xH4?Q8PBDUjb%
z<Tj8W@3|rJ8$itB(7TRp5=VY^pcW!O56Z~Ew~k1bz<Swi+Q51uC}14x)lTB4B&<h}
z=W+<tPG{MfQob?K`NqWOn+pLq2&n+B5>f%wguD^mfkEGiey$<8h}wU_>bYfp$_lY%
z^or$@FR!=jghHw7IETso2D2yMf_ea&f}Ue#fI4cmSNjWyq(h^il+*j_$kAkcE7uVv
zB%nyZc<o?dMBh*%G93Z3pW0`z4UaqooOjW01<u=qTsqF%D0m$MHEw3M;mGEARv^Ij
zQv?EhbtF6YwCJ3U13xQ4#*4I}h*}uwhTAfA<cqy$(NxqC!;22>rmj6umYyFqTfm<j
zjlf6Az>)uhgh(H}q5^a5+H*`K9xbUlN<-TDc{8;?hmDLfkQA|*E({60AuyM=bh(Z@
z*X(J_abgGS@vU?H!+Q8`7UrkG3l14O!olT-0c+ZXHRvIpaj<yYAqQsXBh6c;?-Fsg
zDa6Kr{FH^D4%7>E-#{5`a-sCw32MfHs1PfIfg3wdCz>LOL=&Iz4UB*`b~jP?x(O74
zms%3!$-wtS4SKK_hgAJ{=tbdy=u&sOjEkyZ4Gu;Q?G@=1s4)u3g6JMtjGVGkRi7(q
z>Dc_T(&97HPi7LKsv&9Vh&<=^vX)P!rL~aFt>^jP#b78FIdyEVwD1-rlw!y926t7D
z`W&Uer?`FmHhA?v;&81Ip%YXcgDL7}1e=bZ=pnC{s#I7#zzNp5T~SYpa2@gQxa?Xk
zXq-KWfpV;ko`9{^xxrIBH3ye<xuoG+E6!NG?@4cNs64|)d?ob4RdFr#9u%7MHe70@
zDu(iqgTrx+F)mQQ3oXHucRN&}w_*8|LdHahZg3ZerG-nFk(mmR$rI>}YBXiQ2!ufx
zBoanIk5miaSLr9PlEE58GbKO2;0Zx`??Y*qKs-vpIi+|P;#J@<8d^aRcUwP|7S<ty
z8-c<Xy(K!-0~Rv14kdL&K0^dS=-C%HHm*geX{GO4ck#P!Y52Pe;slppf?r$tCD7R7
zA*KA1$T%9X#4JJ}<jg1^gI`<uc;rERfs|SE6241IJC~_28Tul{`+ex1VE|v70x-b;
zUs&fH6qwnAkhF5RJ7A6H&p>BHYzTJ|Z-B2rXBC6v<SN1G|3+zCyjg?)zp%~v1;2$q
z!YAiZ)S=6X1s_?DH0jOGi`gzLy14;MgCimR@ti}P*L3*q0vZ}wa03we#Lm{z#S=5E
zyse|S!FQCgFA$8jU~`P2;B`Q=<>+SIZ$2DsdoSzo#qM0Icue7Aig--rW2$(x@zEw8
z)A*Ps9y{@|lXy($W4d_E;9~|ZkHSrD@B4l)%!A_dD+J&oN)e*Ch=rbulQ(ACV?8DP
z9B6#-7Zi=20*_x+h)1A;uH^p2F2l|((RX#){NDjTB2h+kAY6iluu<dSP<&b;o+LN;
z#*NWv*aJz597uCa#)Z49uzhtxahwl9oq1pt4z%&{VPF9~L#~$gI%yfqeUSXr8^A(R
zX<FGmtaoTS8<k3j-pW^WW~$zq>|2SfVXZQgiF3P)`t4)f$fQ0k;vA3-T7qOfKYao5
z;aTRxhZoEbczzkr{Ktxl!~?1=;hQX~#ltv}3@?Fa^hPJ}>!f>FNEpyisZV&QU<wFX
zQFI(eMY9{^%RwS$VT0GMAD)suf%QZo0|!@3lJWP)axE_Zzq?6QMW|K*HigShYc}p^
z#viNn%bKc?Z!|JkeJ)i?@Cl(kVvYA|chCo!<74=L3VcD@D~(T2gpQ5^y`y-*)Xz4i
zURt<;{S2h_Cw14?BITd@TI^-kVD>!H(ZJAke3M3=;ozo{On?Gk)Qxe<#v984jDo~L
zBPNlcywQF+FjZU$1CI3NU~R_qgZ1E>EULkSIsMxfB~Cw2)%x@^tWewO9|=l2PKI(c
znO?kbCXrr9OCQdYUTv<JcO|&p0BRxKkP$V<AF_ci<Vb!MiOWbP!cF)I%=>?|y$gI)
z)wRc;1Oh?96D-mAXd7%)sHmhuOGGr$ATv5q+Uo<Y)lh+AYb8PgSgQsz(M;p`XtC8>
zTVu<u+}2in6ai5ZL<rUgKJigCRn#+%5AXp&h53JfYo9ZjfZF^2|L>g-<m~red+oK?
zUVH7e_a4J$try=Hj%e^Y;?mJ`7$TBU#S~D3WOSWwSjCR;?A)h!+<@X4>4h{SIpnM7
znw)XOc_4{tahwxPt{cZ7Dq=Q5t{suDO3L(VX{v=kkv8r|Xq#MS!;SkR{O{e${st@Z
zar9SV<3YHpwr$9Nc*gjj95Q3w35U?0Uj{R?6_P%|yHBLe%KdnahGkafX<Dx?EZ4n5
zx^BS*-s}8Kf@md9EB~eq+8GRt|L=7D?9WQ`r199haULqK5ny}+=nGN0Mngy>uq#Sm
zIU_)+ESxhXKRWC4P}=k>L+K;u7)n3<K_8SJBfcb^4aD6lHlks4RY2|E`GEz9^9)<!
zsQn$PpnsA#8?`?t-!9aCnD;r<exqvrU!?Ze<DXCM)<L^48;3=Xv3(u}Z#kV7K$O?c
z7mgtk2&m67z>`5p<B5tH(f90(vv7_jb=q@2|8?SXcaE|MqBoB6TT%alHP1syx$?PQ
z5x7#+#oW_a&wF_%aF5(vuEN{SRalpwfTh_9oQLfwn6pO>%bNpJtGNk@h)yIgq_6Kf
za<4W<>u+Yy+)_ERCw-M@zj~zxNz9wror;q?(uOe$0ToZB_tAlYJjp8@{nZ_DE{1nq
zU1g^$Ir@;}vDM`GY{{)SSb6w|RzNgO<YEqb;W|-Q$tI%QApOO+kj-Zhv|K?d+n-1J
z^nZ}JhD*nZx%2x6<vln-F%Q@i+L@BSLdb3CEqVH^xvL;#25YZ3$}K+ID0eEka+txD
zW3;SD0}$IBy$3xr{-EteLb*SbZ_3@d5vXJ`-FxS;NVzFokfeELEQs1flvoGrlUD(@
z&Yxq6{0qahiY)RcJV4|L{u#NU<NVuI?%{q_7`jSKQJT!(Z^w#Z5C70G!WGi9QcHzb
z{jx{3Jn;uv>~8jW$os9(Bsa{9$rRZeyINNsVSyhBNA(dz`o-#pwgFmCJNCo{Afb9;
z>51j+>~ZG&qEcbxxM#%RA7aTM3aJm-zwK@n`?r0lSZ;J-FOr34x5{PB`R9*xmfrbU
z?tAext&1h5mCu}*cqfvKb3j~#aE;AmF-XYA?{OZh7(L&}czGT0dLyqXujgwzm{{VD
z@+PGj8fB-)7J6cAk`3njgSVFEHLWa{BC4Qq77N`Rg^ejZB%bM!k>w_MCwewVy}N38
z$MH=sUN6ZFF=0NN`5tO^ys2~e6InM<at5J$H3o9T-y4`57OWA1b4O!aynKp40k@;2
zn-N?dx|xW+EcnZ`;Afg)E=MXU@UGQWmYN_sC_lpTQ$0Y;fEXn$!R=k!XesWsAy<nG
zvIk%gd@jK;x@m(lL^A`tYhxC2ujzl(ieiEXde@Fse(@#Y&Q1MfF%X%;YsyCn*mH1<
zkivTmo++)d@@Xcg@1UoYW@aQgzciA(!zmL0S6!rtx=3PTnH*J4HA}-LM-rzO^PQ47
zy_C;6iPH}x5%txgfw<Q?TX1(%LJWToUvDWi)*3G#36|EzgPU!*tww1?p<4O+N8Ju}
zA@-Gu4VMyQVjsM1oxA&mYs=jAFC}5)J=a;q{<1lm$pZ;8haQj{CnnyAG5BXX`EkA|
z+E!#iQEJ-!Uiopp|5J)W`f1#s>F$Oz;bzOVNy6`nNK2R3qJwi49as00asB@GG<PKN
z%8CU5YaF(sBUAE^T6Uc6JwmtEo@on;?0QYm*p}<l8*<0mO!ZPQ&MI}O_3q>B_$|AP
zvu2nxLo6Ipk)#`H|C6Dmw5>p$RVS@9Qg%b^zdz_5VqUzMaU}iM|A_9<kczs!Yj0I9
zy1zsH2y+PNp7()6y1&d)tlX9EXAs<%?oYFj-RORT^3#1~&<vz~S~>4beaQeo`kK;u
z8gvg(yHPhZJ+YXwrX(ho@;N6l5fgn8y$BlzGTua}d*%O}x@oegIucO1fBK>?q;3d1
zmn3(i?icI7jJp4)guRebMA-X4*vn4ag|Hh(1w@U8pEc~~6ZQuzYf}@5_HUY%$;3Mv
z|FQOj{`u*LMI44vCl|5STCMvLP|(C5X*^BxV&f@FqiLY8g!COP?7k%u<_dyH+f0O{
znFHDM$hm?5U#6t#RLMx}Rn5b}h?b@lb!kkR*1q$H>RIgQx|EG5HvIEEylOZ$oQ12T
zZ|mgsU*^e{P9pxzSkACKw*jlE!HfTEJ7Ue7{E_-GhtFu<X=x>#S%#DWUz+ci%@WSH
z%J#mnrnl<Gx_?t`tF!_^OR)G*D@p)XlvpHY#ndH8&f$+gm`f70zlczkQGcXH;_$cr
z)OzSQ)<ZY=Z<*I?sm2J{5{<*be)XP+T$NXue0JLR5V;Pc7XR%Lio>ckyr)6iP|v<E
znJMGH%r`wZeQ`P}vsXl(D*wm#NeEnN^OAqrqt2sg%WvA~JYDjff3Nd&$g}oE#H2wS
zxf`1PMo>_(Kb(Tx-BQDYu=)OFO9>kQi4ek$EmF;^{_>yl1}s$<`5v`NZrQfl1f}l7
z1bMISW|#f=1@A0oNJbNo+KJk-@Z!gqpXb5Qn>lVBu;8U{iv>$ZgJ?B{n?<pvThG)S
z$>e+2E@o*h?MW40X6l>qMv+a>3~NI>fr8Tiby{Qg9K3qkXQeIJc@2!Fi<~fIfp2Mx
zM6wT8cOp%o5{jD$6iM7tKAB)mp2l-2wN89Qf&P$pjW@?BiS4+92@)YHoqjq5cz}$N
zP58kkL&DEq1hu&`0eH_wZ2ecd!kR7wO0th2dlA{?7T3~GZb>&`xb#?ZGdaf;Z;zox
zo#2$367XVV2wNL{0S}<jeHp;f!s^(6w?tZSa<D|2F9*QiMEz8)k?q*D`tmo-hBi1_
zlDMP|s`8J#pfoRaIbMmB*ONS!SY)!AMpu)v)5oBm4ycoHQN77<cBy+YyEg5xn^o;3
z%apt<%Mev_FG!FjLQp_7F{w<w>9SXQLr>*)>Y=RkR+{7^EJ}%n*kBkf!p%SRdEELy
z!lQ^l8+-Nojyz4fMo5wlifYr)R<9hP0uazNu5{HF_KZ%pN>}%lFR;rMG%&~d5XO@e
zHHVg+;0=u(T5Qj`9BS6(ci8@1w0X@4#y3)ofA`x)S|3qEK|_{fM-mQG2C-@v#NGM=
zB<oQWnRT)8PI7F#lED~DyyySu_cGmcC`kPnhP1n2XR14{f7)FhD^@RtqTS2%pxPlZ
zQX-zPCq;`88A*=$CI2@IM3JzxSR!BfMY@{mtMuj3GqR}v(L77PeT^BNc}q_!M-=uT
zT5xcU<v|@izr4B$(Y@tH(udR@Ql0pms`5|&WS>0Pajd#^QW2yWvgayjq#>sPRsJ0_
z)BuDJiM3NG(!^S8J$KgZ-ulVCt)J|_I+M%`)-0yR+*L?&Vfn)p)D|fN>JD6V4*jC#
zl-o|ETby37rgdfc8WMO*BZs!0RN&oLb?}S?pSWqLz>|<7M#UX<i^|*aFn?jBckLP|
zR*Xc#<r0Exg0+j*b-hMAvPvnFR$!%y!81xbKO<^de_lRD+z`IS#*&EZbWX)+tk&5e
z(hgF%Js3&G%4gDme6N`09u4TGENg(MO?|1p_lBNS42vuXz&n@%bP+ixpLT<XYxY_7
zd=VhAPkRB$_A2Z#0*<}-lg7yIHS*BS#)2QFmII+d)}+LMdOcrJWvRaOMUx<9BpbxV
zw-}XrBhL|EIZbORMEtNJda)71uZ~EPFS-{TD}&Lkq*Mvs93cMu-<42}TMHsj?a3qe
zz*+GWnm{klyK%KZc%G`69O))?ssG078g$pV#Xn4FF@gGt;T{leUK6gVy4^yEljGU$
z=T=CYBHBsr|G>!Cji<Zvne<}2?9T}<8*Jm_HrTxQ^PHX9Wk}UCq;_)2&jUpLkEr(E
zEY*rkMC@Nqy`n+E%ix*FlsrH)Kp*N|<a8g9=q}VN8W8nr@c_|G6ZJNP)SJL!2m<zh
z^KmcHc=3TMoerAm755=p38T3*8%a9mA1ty0*mP%vF4D)CZ8u;-(*1lWZpax!yOZud
zqCr6wj-~&<lq$+Zh~}Pk?+T{fFCtecuFR?q$<|;0pSzOl;UxG{a{czdzL;FUt|PNt
zeBZlB^5R!%r>(coYxBI8ITp0CTx8(?>3k;ssf0Ko7Y#=)i|i&zFNc9I7i+J|Hsxrr
z)bz;-Kl!<-7EhmOs>K<ToNBSyiO7d?lX+@6d4!{XQ?zueeTy!3MSoJ`^zA41Df-c`
zBk)emj%ens&8i16)D%wLcw|6SX3RuVDC}v%gO?hxi(QFN_AT*eD$#SM9qnZI_Zud>
zq@%kjMmN9i6r(+SQ)!Z>YttvEYtoZQnR*<*zAwA43A_G9f1zwCNz<36>|l`8rGa$0
z`p+Qgzf{UVE~F;OvHEi&e_Y-x|3=>L_=kbZto28+f1yH$`z3ut&mdF<i?R9_T#Rsz
zr(K?Rs6`%|mERXQWBuo8u@#vf8PrziuOXdTiMYxS4zgK+<JL30nXan*#~)E?KQEu`
zH{6bk#l|g5ZE4YBMf#V!&pi8>{Y8Y^^qW_+$@ocs@9H=ZvH20XO?OWXyMbNo%xlXp
znm%{>QG0ny&*<O$!R$egH2!dHRT07<NwN4|UO#*K3}Wv)qyK^rrq9mHBSAF@3c>`D
z<uj&Uc;OGHp8u0b<z9`45XI8d<&7-=>C}s+O>LMpJ7VRt+y22NkwK4e9xgfLqOCHa
zV(C~_^mSE4Mhv}N#@-c@-RFTKxu;N_%aW@1sd&*=nRjM~$1-IJ`Sk4yzTLss<~hQP
z8Q+RmC+I7wOW!HMSCTDzL=_)9v#y)SF3Gr^FN-I0Yf9CR;8G^HygZCQachRvPi~1p
zp}Ql;y&=clo#Wn|<1T_{hk12YJ9O)8cIcj*<F>6?BCKA%Nd4yS;EU{G?&tZ2;Y~St
zZ_05m$-0q!NN*W+mM?T4XpME@8tGwyMF1bV%W~YBYs2vFY&j_F)mX`x^TU!iXJeU$
za%yQJ0o^T4Y`KEfL@D|7lY4Sb4KqVGBWyHjq#&&Gpa0K%T!C$qjGrcz4uE`EN@)Uu
zhU`2669!R_o}i6A34XvfGpw)4YEyYNa9g6CC4wN<@Qb*5+DWg)RYY3#I*E@{Tv|a<
zk@4H}8Mk65_d4L%d3x*!1-<HjT&M@eq(;CqbD74z=@eWu{6khb#leGj+vvXi0Glaf
zPsMp*8B+Bb55Xw79_U2Xi-T`R@D&{>T-~Ryx=vqpo4)EYeT7&sa@YqN1$2~<-9(;n
z2-Fd;AHhA=cWww+&l0TUtw9pG+jHDYa@-v`?hQF^KgXSyLmQ<zZZlj9>Wbuqw-Odo
zT|4e@2rSD9uggh4KgWH2)(u6F-Wswv8yGMDEXTber$9f)od@tC0HrzZj%?l<!!L!0
z%Pdf|AsfqvMAi*01@zxPq{rN`GCHUDNa%+CO%V>|Rr$~V#?e2Nu0a6(mpJ+_!@Xy<
zBls#oVmOqej<y)Jn?2xUgOak1+8IGA_3r78+DC}mt3>S_7@<`bYvz*vojawLGJ-c~
zAozcBvOzT7zh4f)&-;50!7HUdmMukT${xGZ2!3g)Blz6&=#c#s_L6j@F8S3Riy%@O
z-2~RmJVT4P(QBYcESwd{V(A(h5J7xy#Vh;Dp^CHK)`8Q1RH88vnL;aSY1Uq4F#(EL
zLbfs@;6uxBGCMIGR5Cxgtt7b-qg9BOg6*m*S-9<J;h2$#SI=t`^yqa5vF$Qu0N42r
z;GpLsD@y00|M6#Mto-re2>EUIT2Ydo1%|C|t>|0IM+aby<10#&{w<I4r8+87wadPD
z`hT2uUhGt)AqNnEs}Q8S%j4y@;c^@E@AFnx!v>nmvtV^>(qG)oZT$6*@J8Il|H3t^
zWPRcQlD@QhhW9G(SEWgM@duoaJ)e9VS09t{TIK?3bis}*K$~~fwZ?WAI=G#BWf}K8
zYaQKk8VPkM1na<U>96#nf3L7xG9@+RTsNqB`U$g>LpQ3%DYz9@$2S~cGsAeoTSIrU
z@W@Rv+@NEEEI0Apiz26S4(;IXOeT}pSm@s|2jM?i_;IV7>YoR5*`Dtf8YwdzZPPdq
zc(4w2Pm5%nLu|4qNL8f4$qzJ}M4+4^6eA|w8*p3fQ*tO))T3CrMU(;^SPrX4Iu_gn
zDe9)2WFjd22wtLKvQuA~s@DFlnyO`89dYtE1^&r_zdrC+;b(<``jh}1*OXT|$3jE4
zhb}+}mbw0DlCt<%SYGBF*OV7K2eUK|4Z13A=`yLw@4s|3(jqH)3)GET%g}p9+T!IA
zrJ`A_z$*V_^P}3LB8898mv)5`L$({LXrv<Ag)3zy@nVIc!O&!*uO<|QFVmN_9el&I
zT|t;87X@>~k-z${9M2OpgB;x!YjQd+f6b9auokA{r?WwKS<sqjVq-Sw_XL@SNOP$M
ze%P39^B2D2iP47pO@-GjaJ<&7>A@DTB8Bj^%-#CJLdz67!azm1DE7y_Hq`Z&P-6?h
zGT}}*B|znm4sa_lEP;xeSg|#A6;_#owu#Cx;IN0nZW#TIyyMr#M=6Y*fZBZSfY{5s
z`b~&Pk2n=x{M11d6251%a*U<(;su9L6o<Jhw=}+;IvmZ2nVM$EB`vikLg^$BjNE2A
zen4}_KE#_0L->0XP8#cqAWe~)L0B<g{?S9D_^bbFTq!~7p)!lD=n#tPVknopl^}^$
zB0b+a!6$(_p`L~*<7D#}p0$_jgelJZ%_hf;uUBr0y@{{u3b$~;Yo%CjN@<s$bc^{?
zf}vA+{oA^S(&YF3n-33&;7zL+Magsi#2!rUrGM987c35@h2`_*=jEie>f>UHAyzs&
z>vmku9zP5pr&Lu|>#_+1>c5gkW)Kd5+UnY0)nhXxyPEg?!44SR+hKsL+%`=5e@vj#
z1GT@z(``!j#wfvz4fLZs)sa}itiWMRS`Lm^dGYmBrj3F5)UPgXvM<x}oBn`tTx!?c
zGr()PQxJi3CCb718-x4ceCg%?OE^FL)uDN*s|Biir{l8k49crE^CW@8D-WC_X~TZP
zQOV2*?z+@%z~~Z9tk@*MdYv|&zH5hbVk2O4OS{-T`Qf*jc~}b6MJpelGhRKeUe?cy
zzBGyyV7CEWRN;>4WDcd(OwNi(f5n6z9aF^M_MF32+B)P6_R*Azu`v^&#Ik#eWNz2+
z)z}yz<c)XQf1bFZrg4P$O&=F$lWDXoFp}W8%6}Ec631Xcb()GitqA*!h9Wj?7rKH7
zDYaV{*lD2oQp>uEz)R|6luQ**Ey>p&?CU`7wY<#Vimkhk_q`9Iw#?ebcPl!SSQhrt
z<isthdxV5GM!Iyc8}JyhtSBTkL|LXuIbhvdD>*7}x46>0yfSl)`-DW;yjC%;Ys#zh
zB@}q^e-dbYG6hb<#>Qqk<*_k3FvZ#3wM42<y7}rSBz5!cJv#N`k*-hj#HY}ZD>n68
z{s?M}0Uyllbic@|rr^i<0Sr8biNV$Ka^<!sqxqYo!?)MAbT%HO2u;enMsOqE>S9hE
z&wUtHdE#TxHIJRfzq$<pRqL^)l~x?$<`ZSWky%YN{Bp<EOy+(tm=~O4op6}Q;~^V@
zryfi~k+VC+`oT9v9J0k7&)!5M+dZ=4E3YgFLfbS!BnQupBo6F?<96w^Yge&#IGLEt
z;Vb+_8^TO*jq%;=ln^0vm4>M}tvsXU5nGc7`Q5Dsg+2@9hNep+%fc7d#XBk=(kTK2
zXA!|7$JLXAMMHVjt?QzlZ}p2MM@7xDZ9R${x^R!9?97{Y)jRkDdcdKXE$BQRul(u}
zuJa~Su0Y`pD@*MLVGd0>ey!1<G3VGO9x-uwSe&0zKAM0c+T`7bu%hqMh2?wmWyC2H
zgW?2l>AmGLrL01EJ_#Y$5f*r&YKj?02|8Si^B5UIS7C~CJOmpVD1tpH&y4&G0G2|<
z{-GJzA?jTVY2MMVk^PB#9ZVF|9>7-rKtEjRgFiP;Ez%65F4({~M6N`CbwxCJ4t7|{
z!<RR5A<SOA8ZovF-1{=zA~Zg)VKX=B^ys#sw<KL_uC@E^co!o*>Kl20rbFEIUVJZ2
zLy2&c*}<xnLpvG7NCblH01YIDohC#6g(KUk%G8-vWrPYdb}X|PkM*%aZC+4DbquPO
z!pP4w3y98i(o<)!b=;<<9Y!NAXj5b|oGODUC0Y2%4Fk!AEUS`|g@5_An@YM>0g(B8
zX^d4CPC}c5IJI9;E1fwk-Pn#xC<6Xru(4m$O|bvRcDL?I4HxoVq&i`Ws%1RX@l975
z*~${O{C6(-iZ4k{GaL6}C<KqpT)>z&M(6RwmnK%#tBF-jkf>x}g8+rA#n<bbEZlE}
zrn`W~Io~?ZVet!uNXrD0%hWrXSSUh5<cAyGVpx?0PwjQ%%9K0>zd=-#%&uud(zL`$
zTOMe}G3F5poLb~4g+T4)Dr_Q`**>ss#3_wG=4J#8&}ggqNry^Ne{Z>BL}jK7pgsX0
zYBK~d08}bMH%sKgX#V4xjM+$8Xvcs8DG9Eo!_N$J>~jGwns~y*tZvaWB`C~pYe<g`
z?r-XRqfil})ikOUMovo9aLW%YmMIi0D+|Zy;tMGQ%dWCW8=C3u1K71up+bih$}F#M
zTOGL~z~#;d;^qcChMF=n=%u;D@W^EC*VKY~|B|asK+}NqNtM@#z8mu+WpFnKMF!Eq
zz-B>|WsTuTpq|#H-#f^IA$<qS^NtU^`VKt&i6t-Y4y2qwBsMc%!KF4@=j5@ZiVgpi
zt{l7{0qzVNt9@4a8~yY!$%C;$7#eRxpyIsSa6j?z49N9l?lpTXlK(<%_;!vzMz_7}
zB#zCIkzEn458~+kdR<$%CNh3<aU<t;-?ExBCH_I0xlSvu=kl~AsVfEc^*Xg*mv7IW
z8k-eJ4Ts_kf!Wwuv9+b6%DZtbwRS}EpN|diF>1F)WRo=v`Q9Z`Lu~A9=?MF=afTCc
zm@j5V^0|7ATMe57E7nwh*6Gae(J$(Mnqefs>&DuNqjS0dn0edBOPew!%MZnX@I^(6
znFEfuw0}jsV}3Ev=j$pt07gdXUs0a#E$xVmgcs4Lk>rWU5N2@GL3yqHE2>*-Fm}i|
zJwgQ9jwHGwBR5C3Aq-Bd=vHe~HTOvPye13>56wa%J*hLOzE)ZkWB}e|Za5~|`Cg%H
zjL~`hZ5C5O=`QF0h%1X`9&h+cwC#!>X}R8uHXoPQ;AfsrZ&D*?(vD#GYpi5So<4+5
zBchdXdT*sIsihEGp@`(Y<>RbTVj+2lX-wl%xtC~~=Eh$}q((~v$3wRla>Zuz_Wq60
z1;<ToY?zg<cAH6_xAaW6nS_z$)+d{I-e7&}HRZN6f>cJP4_`j@!g*7V^1S=bWLxQy
zIoej@DsEn}tjI|ypbi#L09huWLLJ@+Ja%c^z@RNQAvAnV35#+QN^@ZeUpd$nGbJ~+
zE{yF^EGSXS^IS1ixd|g-!rv$%W4Rro7OI+vSh1K)nUYb%xj_rn2x2iZ_VWEqPa|JG
zp?dFx&^uhHd{EFG<sYaRIMVZc8HQ(y?z(Y{zxaw{8dIFQkmU{r3Qsy0ljz$jaVa!r
zdA<16B(mA{LSU+R3G>&Q>Xq=OJWjuBU7E_~Jdl*D)S^tuon<D4Eqo}qrlx-s0J6%>
zYgk#mQk9!(i7YS{j7o68T%ZFff+c!pg(;`A5sxJkoJ`Y+jCmw^&A=~vMr4}25u6`2
z7Ll4jVPS3F!Vbv^kCND0@}D>=UP|fgT9~BTTewzfeoaB7X}rARrMANVX54a}uGf+z
zG^IbbFw2x|_`3CpHAOjdTX|0blh|=>g%<{y<EJb0$^7}UUI^g;)O-4+551>fTj610
z0eW#MwFiIhDbV_9H9R(T34iV>fLp|pbp`(~u?VJVIqcnG@tOdO*MwNqcy(B$y12~Z
z5QXcQZ8zYIww(vd_z7}^&ux?3&eedXCV9+gE(|EF&g>iQH>*fjV)4%Ua1wl4sF!s(
z33tLjbhudus5$V>fr9udEDvOVRnLMYQ}P=z{KP9rzN&-Zy7U$I^iyk}fp4YS_;XJ|
zTVW}X(IGr#eZ==N8O&nW#*!FBOF#L)M?{x077=44W~fw&8LfO}do6}7@<drHV#T`Q
z8mF0OJS`zWKbxG|=`CWN-nR7?yCWI(>UyPtiiLQn_7N2e6^nXB#gF4R6&PPFwrv`h
zc!$5LmGeV<A(U~B6+D6M9c9XAM%n7rA_KtASvxULl0-2nOvNU{jXpZ-o^wi!C-l%s
z5>fL=iJVw5+v%_soK>DGZg;)4C|~94C$yB})=j4aZ7qKtp%K-pUy%+abJl%*q_S(?
zq1+H4VIbPPW@t43(b@Y(R)7TknphUUAFX`GyQ*ub^a;p7k&#cNPZ4`m6S*qtu1!*B
zIA)+puAN}L&fWQ1VPswZViknUS}bI+aOUA|mn2m&gk!mit=Jk(&Z09nZb&@2?a5d^
za)J}0g>|0<>V?hrb!#83aKtSm^imPu85F5{L?os1H-Ey2&`_Wtk#IxtGDc`-<c9Ro
z!TB}l!tRajiY{1}N1Tj%W;AclG`txW9@@^joL$?VtWG>uJ^W#=r$Er95@zGDJ_LsK
zPL}F1S!xQl7@wj<`vX<0$6%vSt95z}Iho@h`4Mycu$=o5EV4kbPh^T1T8-FNGu%&)
z3H3J)-Wue)T!5>acVrqiEmzxWMy9H_JzJCThj#&4O(G?rs<~Rmv`P-H`Q4gZ7c%g>
z-Qz6@#D^9{-)^{jm2Y6yN6`hZ>!8F;)SJka(j3fuKwN{1Bzzl)J_78~a7M3X)G+B$
z-bXu7Slue|zMrjweo1N+1Sz;kZRJkys;lv9)l$rt#v^F-YIi>Ss#6d=U<`<bL3(Bu
z!=h$&r)3MeJnR+8pY>e1EUDGDnbghLM^oG~QJP4jgYW(Fq&{V+avx@J>CR32iM@4V
zgXqO4s@}wYvBcCOck#{8YFh({Wr)`-R)2|~@D(W8Y0&0K5hV_H!HjlSL>RKPta39a
ze=(SH-7nL%h<6|6J$BQT&5K&Kk4_(|`!2Zev$Go!augS6o|9iBQ>}cb{khjFuSsmf
zOw)@$N0l?^#jn*Q=Vhvg?~G=;z(M0NsTUQIJ>R8KZv@^GU9d(39yJ2z?Uy$kLHBIi
zSe@8eJ$x+%Kq?zGTw{rD?knL04D`E$h0-r5GSW81QAecmUc-jhqWAx3lT&C&F~glz
z59v-4v|^5OB3{h~6QDo`*Q5Fm_H!#CVKvHpq?v|Ak}+p>Txtgp%7%7?T`)HTvA9YU
z6Co}y^>_ZD;mwJcRc%#_)o{dcBDsS>)i}*A)ir&ch5wvz#?w}A+J;Onu1=oFpxT@s
z4ZZ{XFrYT)BB;7~XQtuxU_foD-u7HgV)O8>n#2}2nuIJjpg<IhCO4pd)jObCxt=uh
zbZw$1bty;^k=niBIx=rp$3y#>l5qz>e=tm8Bc#&^`T@}z)C9{AyO46?dK#cPqn)pG
z+ux2Qxym+qaNGH`w1g!>w!g#m!LVJ{2i2Kp(yz-%-!y3mzxtv(vU&c_{T(131PKsT
zN1ssnht=K{147G2h@oW8D7!=Ds-F)Os;{wq0h=QvjJy2r`M3WBgT1qr0#p7c--idh
z@ih&#mF1;ykO*udQ*yvQgou#0d!mJPB<dj1Dvhp8$&M0>)w+n|MITxcJK1GbBqLKa
zd-Moz;$eVXk9%2h0RK!p6)#1Y*cij{@?uq*EWG(+r&-!eEMz49-ikB*ja>XW0a!S1
zRbiEBuek|rNhI-hWaNvH#0%<m^_hbMB|VQR&-qy-k>YBj=*U;REB`WB*;3xsf5722
z-=R`?#Mx{91Fl$d&K}Xq_h6wPYtB#=mg(=xL`gOc@(Ae$^a~+&{j+|Ic4hn`TiP`=
zruGHq-u~uM1fG;Q6_p!Pau?$bPJKlYw@EJSh>V|9>iw#trl{kX{Kk1I-fOwcP;qjB
z9i&f1G=S}wr61u{V1*TWEw|%4IoY4*gyIH*^a1oB{Z$N;ZTNPkWb!bMm}=7{(|A^@
zYfr$-fzPU)*r(d7<qPM5VDp6mQSlV_Bk${`fh#G+P9EAs(jZ^rHC+>Gx|jDdC3k#9
zhj2KI_aQlI6FZa`O?fxWvwv-(p%8%1DdeX9HPPnJcwzT2<12UAGC$QMv?o3bvh0kE
zq%*eB!<mvZC{^p;nX&wCi7<JBG?8yo4QP)fSP(ng&PZ||Ba@BF$Tk>dpis?UEf6y$
zllIoZplRjxRGu%Rj+>O3ujtLY>Ly$C|Em`IgxN{p>K|>Z8KR4zh7|EWFyzDKhbB4o
zKdG(Zo86JhwR2C5>fP2WpJk0#oBZyM7zc7KUu+1peawJJ<@ULiB<b&6`2a~G`H!De
z+3?Mdxd*3o_Nuo(RLbm<-AbtJoZX+mowaOsTy-`UU}CEE(d6;@QLc!(>IW8LHP*H@
z03=w(vZat~siuMD{AX$tZ`F?6=3UuH!f53?-qo!*q|=)j<4;`-suF)cDLD)iShtTw
zewv(&6_U<jI+oAcq=SVD90){dgmkH^P^rZF1!s4;3IL5yZF1BR(audwRG&shKCKc*
z3&WL9d(HQgBa%R+^+sXP!Ql8k>)rW7>6ZK*>Ml#pZCuyJl#h+lYfn&({T4Zk1BSn9
z)_mMH(T7bn^vBV|JJdc096F=pC-$&SQpUDoM<_9KJyiZ<NRQodf_y}#hsDDAkHI=j
z6p2Qk{^hlmAI}{WZC=wItK2c~Hui0K@F6u9ig5Z&O^IOORWSfj<eFkAGXG_for5{!
zUE40CRHC*DpuF}-vJ3VOB0{PT<lAW5M7s`=?wVK{(UT84pfUc$Qs9pzQe_(&xvGv?
zZB{=2qXy$Cj_d0Mz(i-$7E~7|)Iw5`%J=4=?CFq%63u_Ow(^bHw=$4YE3g&_>$3*w
z*ktec3gArrie!;~j&D~lD*)KE7v+Mq=FYO(#FH^@`aM^-6SrNwIo385hE|(+I_A~9
zq6zQ$+RA^-c{*L)H@ozIUyxy6W!Sq<>5bgbz9E_%%+(UBwT3-Ow}n)`;9Ys1W-77l
z<Kz&-y7CC(qVUti23_=)9Q+mI`@mi=dXdBu*iU%H1H9r>I4BhAN5VrGLkS!@z|Erk
zB^pr<1bbKHbCRcwMt4UtU5%??0I3d6&Q`A!LQ+?nQ;M9_Je;+OM^m%-!s-xgZu$QH
zd6}nSftjaGZXlHg%MxJHYFpE`H`2)y^k%$#1j{}Nt@`Tc*1n`>x%w2WEzfHiN0XJe
z9j}hkEzx(R+W=5m-K4VlPMi>q*kxb%oxT*Ud=zNz#klzgKN>sf<gWr65^IobSx&MJ
zrQt_zm6DH<6C<o~zDa@IMBvEoK!CSE3}V6<t!z@dvy*um8iu8XNu-EX;|R@^JTfE@
zD1M<{L~mJz#&xvm2Xy?9VrC(OgM!>!D{HyuCx*zSiC1XQnqJMW(-;4Sz&|<gcLe^b
zz~5wFrzF!!t9J9>Vrqxby2=~rjH`s!;vjz>U-2Om{SfRV@@b5#E30*50x(Qg7!v;M
zSlhR_ZYRIt!f1BUeoC@GLx&aK`r6^0Fz!q>mxo1p!Q5+ZA=|`?rx1J_#zzt6Ym<Zb
zjxxle3|hi>neR_+J8)=i<tw$`i62IrSC`dRZfJZb-H-L1HzL4-h(J)|H!R>ctl+N-
zTGJ84t5w!{Y9@}L-6Ncpneeg1BCs}Vca8val-Wdp82M)Va+uV<Y>sOB5-|%MM!;^5
ziX|a2nmS}12Ps^M6tZfuk;1Ay15%hR@^c2ND&KUsSZ!oVeoBhqiVU4N8?u8LTheID
zWmf1{|LWmS7M{T!RFOpC?f8seMXoM<T6241>|kmORm1+Ip(xH5tdY5D&bi3ik)5&R
ze>MRTXy=_z@9Q=2ZEh@#Hm933(Z;7}J=XU9_GslR^A3q7Ucudgd+s-IboT}xAm`e&
zy;l<?nfJ0wu2gehjJ8>lKN6PyeOs@#PG$!6srBz<GI!;-W)<>Y%R-DCQ#bPGK}pQ1
z(eH`D^zhPc;<;Gmdt5fMi_Y6W<7Uiq_InO~nJoO)9S7y5hTt~w>$E)rRL?b32ihMt
zJ8hjI20;z_K~iR$WV*!~i3ASL^y#9=to&(46wH5-#CvAUwq_8rC3n3yuR-)8+ewK7
zN1u|oaCDLW=uswuwTP_bwI)}f7k}_o7-!|jUi|MkqHUwN`tw4mUEXcD&FoL=Aq8g>
zbc(tieljy!`PiH>pCgkR40Ui8?PI7WouKzxzK`IX-p}^eB!iv`kb$*FOBGQOgi!>a
z_xxjD-I+-}4oTG}-i#(*PR)DGQ25qc;TCUl>;b8RFf9VFPvr!DjX<%3Vj*?iq#{UP
z<hU*-t~v=7nduTImHI>8q=KJ{W|JlPWI~XYor#2D|ArKC-*s_s_=<Z=Shcv4w}=~S
zaT9KuK&i=+qsji@C@S*jE7C?+a>Ac$Eb?9Q+gUT0{S2kpsu7wje48lELYo0H{dEee
zuz)A1%m16elm1lWRLctWEbPvlus`K-C2sObxkxFSxuE0V?EK1A6;m}973zI>J>KsH
z-i9p{=HH^BCtY<~V?Ll;f9ViHlM@bDrt7<gOqn7kU-$x_2<8Cusr12P)zJ5;RF_VS
z{S#5TF>Gwh*-A5^-|_?V{C|B2NJFiW6F#t##{T-ugYx|K3g1p4Bz)0@e_P>qDV)8p
zJa@KDtjM46GGUJq=0AOSzr55#E?4t$Lh6taLkzB=@8-Z|7qp)#WMI@!qQZw33%y#&
zGEI#R2AMI-WZ|p7X3rngw;GTL(E+Bfw=b$@3lCPo?dB;wAm6h*i=8)qn~HbyxaM=s
z;gE&R=ix*xwQKG~Zt=;nmndt9@%Zb2yoroPfjj-0f8u`zze9$mXn(ZAI^<eA3S=zB
z1qvg_8-;!U&G5pH?VCt;vx_{;MV^t3{3ns=D}qX1eF@KOw<PqRl4rXA6N*ls>rd0?
zOp4$4Si|*TM+5(r-WAtrNHl!}3D5tU!Etf}aEuU;7pp3+X<>s~79q1$exbi71?w;$
z+6WuuTm7?+=5VLFAk`$CDke}{L+QRs+IZexd8rw_k!Ccp_W-Ug+26mPq2$Vw(7)6F
z3u)8mQHqv7eGDo<bvLD@4t53Ut(>Ud1p<zGKfVVlmzJOkQfjvJy#}!xr=a)m{yr&0
zo`NvRdfV@Qfd?d?a3MAdQ~SFDQuVpXmTw!FXZ_)OA*>vBI=_-ue-fr+bpqk|rwpc!
z!9gKOfTga~vn~;nI7>=S$zQ$}PUL@s{DMtQ^0zjS@2_EDV_!W@M9KSw$5O|VFnFcO
z2>zcL+o|6Y=r_@I4t10xNy>j^B5|`_hLlb=XWP1Phn}T_IqvkM=h7QLQu5>a6rcvY
zJe!%(b_LY|Sv{ob8KvRmx?DsNEoH4C4);^WsVTzf5wt^%GGOlN2QbeENH7(u5bu<E
zv`(O0d-=ZB&>1uP^&%tsJdYiYPk&pmqiMR{nt{QO_%{^QC4{~4ov_M(^cNWk&sP(X
zj#!HW1JfgcK*VU>8L(adq#tnEI56hXP5$p78+k;zep3-eeb*oPMu1i=I><FssCs67
zG59l63F+|sY1>)1lTm99e_cUNDf{byfN-E>hf}24BVTIgd>&^=af9GG`<Og5IoP|s
zrtljKE8a7VB;M$KGp%`36UTs>Q2zx}UXB<juuL9o3LVn2Scpi*99^NKJ9PAfj$%=1
zvheWx-KN?&!o~lp_@cTncNt0aBY2s3UT_9<bP%lMksNnjj$0yzeo7<UhHi1@&@B!e
zx;t{*&*!)|=eWfT!t@cqEW)Gm>u`f>b8Bu3!zCB%r!?bo+>>+Md87~1K!aJgnG)br
zUJ+ne=HeW8M~?gX9CuSrImLwY&&ny4BXD1zlcqh#T}B!$R@p&aqhQs)Bqx3|@gXcl
z;Ktk{W;+Lgc^2`0R~;+Lw!+jvNoDYyh}6tCQd+F-;719xP0$vVo@4sDHCnmGOkaPo
zNqVZmZxD~ktL<jRlE+~3iV3rJ-C1hvTNLbQZ3hH_*e;m)8QtUV-PbDb=M<Wolv10b
z#A?H-MVlE;Gz#*E%~~9mMfft@3b(B+bk@~2o4RY=H6m>HrHuX481_cX|MF+|)3cMD
zYw1k0(pW2_(rG8NO)w}}e;_e8r}Jlf(dJ{ZC)MMnW>4x0HPjSAO;R$H{H6d4sZT&Z
zduFyv_BFKvQBG)<R8YiM?N>MJhmc>v1yj>76gVc-XSrS8Nai7w$a7<fQJuthqN<(N
zS<DurW;x}Sy0k7@`A;wY2g;GCkNx>EdaToni^r(ecD@GJtb8e)*U+yGM|!QLSSM@!
zH$V$B?7BL4aP$t|iO9ZhDuvZ~?)swo0f7o<gZ-jX&Xk-_>KL~9Y6|aiNO~7N2_z={
z<emlAZRUp;3e?nS5`}iV+Mid}ld;&2Ci_33eM$APu%n)oY^7ebecjbmU7MVT0t(Ft
zfl+%C(u-HH4n#XRYZB-2f}3(8;rpU}dbRWI{^+OrJ4+vS5nk)1V3bK<KP2LbSl|c5
zds4Fh8=@hIxC(SO{1jZB0k>sKcJ2&yp4z5g*zR89{ZXDH-dne;OI)|7kF8DYOkE+3
zqe$em&oour9%{>L7HD(q#HWzqegI;6cU!;Nn=*b11)`g0!&Pd9b}ILVR-^VrL1MJG
z$ZZq>Tp51BXZkE576)1?9H5Hi#2L<%NRySLr8{iDSo7CNZpmNgJG&WMf3hM@AK$y)
zRI^m4EtQ#-ZGIO(rzECTmVS6VTX2;a+!>t;7WUT|KkIz3dTgxH*CRz`+EknbTvbIP
zBu$TvSYU=7nZO#Sr|;lYH?l_xow??2_20m7CRGnzost}NEL*gY$Q{-eNdRJ;v5|h?
zGQt7=FavyS^CSj%k=CQiYvY@>@nvlAy&rA6i~;_f-dkU3lp0tE3SpU&zwd<lg*Ksp
z1%`m9B@U;?SRmEWOo)aT1=zgG@u0k|@$v`Qwkq;kmVmB`m+-H`&nD9taf$J_lvk0;
zYyO6OU|FRY6WLn<$zk7*wDo@yJ>8Qmsn<6QygR>X+>s3h9OPicSZ_iN8d*#Q>eK<P
z3(Jq@tCM2m_~voTw;O7*%u@!x%H#SWY~(~H#|-jXhFHxg*YLxCj@iR&=|@m%A&G?z
z!Ix(W2QPjsxVJIN<;Lg?IJbMs{~BD2_Yz#_ynv%(ebXm{)TsuPSJTzR-e9}~24J|k
zPY(J+1RiPLS<qPQ-B)Rwbqg{_96^7gquHFx&%^_Hfo2`Uzv<_dnIjtCi(qPT<@Fiz
zw{&pV`Q}K1cR#xDc=5ATdcfTxiM9T%a|aqCgguzw(L{&*%qD`77T^YzAxEOM*Lnkm
zW3(FGwlUiI{&BFAf$(Elcr>3S%ziOT;hoiCZ~;JRY5a_oYz(OCl&*-TgRDc15b02x
z(AlUF)g)f<*SyH{@uZhu1gpNoAQ<AGa8(V&&tr#8G(usVmv}GVyE1Lce9la~<IYTM
zOuvp5yvU&8*D`OuLHbw2bAS>5`o=!!;F8L|=s1S}(M^Qy$Y8Fpu><smofc+Fr(oJ?
z2b_99%{!Tc9BM8l^2<@P{S$|pvp-c6?{KJ*ux2D0oIBgJRs7Z+EUF-(EhIQt1Zr=#
zs9VazVLL){frc+%(UhS~&)eL;!-1jzV9(-Jdns(`k5F&WiTdg%_h{Uf6ds}SHApoI
zO(|hr<VLB|id`vfU>H?q$qM&8n&owNXghnYhRbA3B4*;X#8neLp$;~K0{=-S<K8Y`
z<ls;8=za3i(Xuf*IXP@@rsSoMKuAz4gBu3;SwZ6u!TfAkn_;fn9+|CP=_Wz9ed`v&
zL3KPr=bv^3Po5oP#J6h=m+Vr5GZ8?VnZ}g*kc_pX&1-h1$5>_7AE++rk3rZQL=)$2
zu1(DAsZD%G7UIIVW)S8+2EAGgCop_hIvjJHT6B_(VEq&HL|c4~Fdb`SpTAzlV-3Id
zTEG2)`gTiX8+)=T4Z%2KOeiDifMca_B8H=1u*V)sCcu{L5v?_j5Pp@)w3<>~24r@b
z+U&@zWn?f8+9?SEOJdQCN0{C(r<bjN)WL_{V(swa0M<vY-V`1wYu=)Ug-6NOuzkx>
zvN6cjP~@Xzq7kcL4z-mZ#po9yW$tlmM3?%FpNK>5Ks=!lUEAD%`H{vYh*Ydy`{abY
zbQuf&Ov&9JqT9Q~oVVjdGPKicA8k`>+}o0rbq-NlDr;<K4bLZQpvx@%T58gatXK^x
zMd&+)Z)zf!*P4JH!kr$5AwuXe#`~}sFT`)tEXr|Bvuc|p3jNeJCkpKJANe_Nq%r(0
zE%T<*iYqIvh%S=s|FH6~TP~2S_n?(_6~kBaio%VvQKf{>SR!rwoSin(NVMjzw>pWi
zPF!-<lIlwh){~NBj*7NTD&h=7tg?H~p2&Gf%Kq^uWiqEGM;#JvI}R}BMv`OJAq2f^
zpd`ms#dwdX^Ywn3*fS+3ZgKb$E1)QJRGhnwB>sWK#EFxJdC@jc2Y{0OtN7n3QeZGo
zt5^@9k;+FJsv>PiiA5iWWkZoyd_s{oGQ{0?Ob`)n5Jb4^GDG38e6~|1mX*dTw>3V%
zBgxtmNEe-yJaDANf^x%$mKBka&-am}I9Sc03*>5>Oe&9MGTH6?-FvK;a?jswbm#Ac
zb31>>9>7mzT|{?@^@)&*4A*9F`C#wD4As1wP9v31G{nMHTHCRak=r#%Z+kN$*)ZAv
zd$1NZJ=QV59sH*WIrE#7Ki&F`b04hVu0Xtd26%$rV<b0BsBOC(oClI)WlzJw(YC!D
zw#RhRc~^kfPW&vKM0>-kG9?S&r^oU?jV8`T(Oh`$7{{!~X%>b~tN2>lFB~Bk229fC
zMk^I=Lob<dmNS>zrklT&-Dl0DnxX=ERI>`_KU54Y`J8F~)?+|}y2<AE&+QM*Btda1
zAXD<3Mm1y028qN(AX(AHG(msSV1XbY^LPd5DRrCMk&ZBIs*J+W^(o%1Ih<o*c?S-}
zdt?*mU<cAU0vZkK^S|53pvPkrLFFP^|D6LI)3iVyP~(0|4ta<wj9`>ZghMtF?1~<M
z%ap8o4_KjLHA8I2WJi)%iAVp;O_SY3s`G!SalILjt)1^y>-0qL15alUT~C3V*`e#-
z5vlGKF#3hi_O1Y@f8bc`8=%Kb(Mg$Zl=U2))Z=ROT7E%Z9a2LVr68h;WizL{rtffu
zG%Y$P;gUSB363NqToMe-vQbmWojQu{aZ_w?mU;{OBdqp~gZ)5oXdjESRi9)^{-mvw
z97y7GZLZ>m917QlU#+$MALI%SoS%b`#NMF00N@MSjoHmlVPFzdchET+%}SYb0RZFu
z`>Hy)0AQn1vGBLn3p7gDGXQN@OvJZpE`U+kk;|6#;@R3OZ8+ONJ-QdvyWl9X$}Mvu
zU)V*GV3jvh^1x;x!j&Yrr{}_bfV;SWWx^Agl0UxFn=*v|I|2OGHC!^9cqCJDvZd?o
zCbxK?igDI&z|FR4!)XTet>h2z`xygRKp+1lKw}jKehgyD5V+5wQO}~e)Pajm8*o3;
zh7GgF%n;VUC@HuWtw06_>#ZbW>}slm2FLNirw1YNMU)P2mB7Zo8OESR;`R7jInoz+
zZwS0boLs12jojK$DHLm8KO7o<dIl<c%CligdBw04_=6inP8C5&da$)0mwq40l;l=Q
z(LB~cjU4xkm;aIg%djDU;nzyB^qO)#($b2O193)-p$;!n62R6I(r}Ubxt=f<j3ORs
z#~P+vKU9DlZ|U<$QjKDKl`qUW?Mu4BT|u2GSs?C0nJP$~alsS9SU~fKx<NY`ET+fh
z($V+d?#&hU&5_DU-zc>iut7)tES+1?dP}i826DZ+VZ4l5O<qCVnQyJ+te197Vqm@1
z0(dafZu;!2sa<W>YvKDBi)@$8YmQMpn%ie7AXI)Ka7MwC86k>dISGPk3AaR5wXQ5@
z84H+@1b$g4`h4B%R$%ZbI3I$vch!u2Xw(-m$>3z{u{PK#zNI6^0ogjQC8k_7)A&4+
z_W0D%gj95-I^ZN>adamX5S$AV|2Hu*)rc#`IRH8%-e2Vaqsob49%Hiv(1`r>t9S{m
zpAsy=lb&>awe^t`*)k<pu@#T<%9KI?qcpL^F({X&l}ZC!YO<3-TwD2ph8b4}tRj)j
z;^Iqj@a6(Gp3_-&Y-(6!;wFJcYj><8Hu15uqZk0Y6fL$YOXZ_;qH3XLPW^gU9|V}r
z)q}TyDH$Umz>=hKoF*-0(4^HeK?{+Cy|33OJsREjF^$m8FTEKo**+%syQ8hTwPwQu
ztV;Y3dl7FlA;oLv^7(2Ntj-r5TIYik>wM@?oi7C2xW@0~H{@!7(&%vG9eNG?T`CtP
zZ<Tcn3y0u4nXj0Jn+sqb@`IYX;5*aeISejNLwJ4Q7ax~@evqyy2zPuA)SBNIAwxAt
zbQ51-6UQT~q-}iSc=&YgQ-F)%so-|};x6KNaF@-Y7dY^42~vxlDfKc%qnnk)<Z*&*
zao`vC`cMIxAVAE^0zOax<%>yC;MTw^E{1m-UO^+)pz=EcznG5vUGnqYU|%N%X^i&Z
z*BH&SZ`dvFS}%I<W|)Mjkm(gc)lD)|%Q{0x_<l#Uj_~ckPwEaTH(tF)C}R0Vum<Tf
z7LLNUTmeLkaq0i*lIb9zU>A!rEnT$O<r9mtQ94cm!D>eNtuwLDxK*2rn3Jc!7TSxd
zoL04Yyqm1O_-E{H#@Z?(ZD*lye5v7F8(qyE8eNYusY;1-JM0Aur#as<#t}>^*<od>
zvc!v-l4Xo`G4S6rgt6^4d5y&BZ|2xn1(H=+79QEoT(`+2Eb^F;buRgBK}CNER=4Pn
zsEV<q6xC~~Es1nP@O@riu_gLJKgHR?m9&zM<sYFhX(Tp>X~qR%ReZtnE;oZk2$jBf
zvc*PMhBy4Ax$Pjdzg>Du`FDwqW0iHihA=~16>8|KB5@d1Qd_yhyK)|)rTW_-(K<L<
z`LK8OR6;c)35IBrr&x%o6V0^)5O#a|W$n|foFkPZ;m1byu<dg!ul6qNKZ(p3DHYE-
zLMh^fq^QvS1mlKPdU0Kc6v?cMRQ5E!pL&~i_Ldh(Ud%JtZ?aB&yx}P9{5g{g<KNoA
zlZD3rEdPoy|IS9tfO#N{t((E=nbP;m%eD`O&C4;QwO_4wXJ<?c?%MqA*Vne4R?$;i
zu^L<I=(eY8^IwbHAKs1>9sW{n%hQd+YukoZ<faJ1xd@2|2dHT!k5Jo;4HRDdFoE9-
z|F~flyyv28<2E;bXwNkF#a9G9aef91K5dLyha|SgMs|8v-h&t%P4?eQ(+wMN*sw&r
z6MMX?f2(i~8?p-BdGG%0AH0pxE2;x6Bt;JxZ)Y}y;E39PtPF`4HL!}+gCieNRdQCm
zRGU0zFRWsVqsu1*KkrH*vlsqoauWFO?x8QexJTP!l^deo39D^bYmRUhv)TTyZaQY)
z30Q8D(k_46(D-gN`8|4MgLm~&1f~#$bMd1&Q_W@<Lu9Jk0VeY`ej*qp>1d!d4vJQC
zC&FVWlxV>{`JV%Mv(DSq>Iw0SmjPFY(FgDh1fDJxndyjDu5Ns{Ht{S6H{3hJS4T;T
zso7Z*;Y8>6U%+wiOm}tLz~%F&HZ)XpaaQ}({>@uv59;(<baDbHH813+{%RKeH5w4#
z+g#DXgW)g)Hkg3BLFaO}MYe5>RXiTce>1u)q^B6SVzg{)935#JgZ8pFMG%gDhPyi|
zH_Tm`9@2|{2ecQTMBA(_ytkbrJ7`8;EHu%jPI}>Mejc~wtF#?_^$Sj#EOa*NL~I~}
z*1%LI@K^uEo1Z6COr_gmCD*s(^6z;W<-atZ2wmguqv45-aNfgVsjI5UnJM}4tH?Nt
z9YCy30*Qgd67#t(#ucW*r6{o(MrH1<HXsC^DFD1HP;!vi6bWU{0RcOQn|2+mRx1te
zcD_!P4MWe;BVv(lmdhNrN5-*s<Y{fO5T+cqZlP5F>3<HSP1+Ur;%_N}4MYG}8a9m^
z@1r0_sTcpxdx*>Lh*kE)yh)sR$rR2RP`ye(AZK!MwfzQ0E7w(dzh+nT6P<YC(vyB+
zVN}pirt?82PHIXI_Y1TSVFGTtz%44I{SkblC7~o;LjR?5?i5BZqd=$)OC}tYD1k)3
zrby*FuO)rAhK_4u>Qk+#IVo75+JdVu|FPp=Etg_#VQ7l9@d#UUhXzN#-ucA4`fMdg
z4*Bu%Il}}}hbgrUXe(NA{?zklRy^q~t?J*rdHNt8Ui_vNcm_(gQ%WC1N&w{T98{EC
zq1#ft_%EG{TPh|nt`;1v`%*ASW>0Ft(HG6SXu8)@=EhqAGeur%pf;;|>zl(x`V~*M
zRrOmj?T54GS8Sll_*nYDLG#mD)6RFX=TEJlW3eqa-z$X71)y_F5hK_~006IbIdDc3
z|BP;XCffOq_6g2;L!!j%UUP+H7lwhP2mN*zCobrA;>1~2H2YDcObt-B0MLkWk=Z|;
zS|6#T@vqz3c|c_Og|mKiA&(4PsL+-?a!1+%Od%x*KmE9@ImA!=EaxipTDHOI+X|LX
zoBqSb3XWEt1ZVn@IFqj#08on|0TE*A1!c*>)~v?a^v-=%{l}g^9rG>v=NC|MA9Toy
z#U!iSfd{dw8(d75Fe6+XF4TT0E`Gq^*JM*`<p#JYAe+oK26E+6;X|Vj;N-@AGS0rJ
zi+~}k3E)~~+#5St&}i<g0`6>vyLZiS*KQeFeh&ABCrh->PwmGYgxTC<Eceph>W<ny
z_ewgS+!B8CQZH@QzV^V#@{4AjH*fX@4bvmA|F%<$A`7<IYYref{#P2r(h)o8XKy?J
z7iz4Jo_7t;XTVXGmI-;O>nJO-jDj?a%#KzL^x{`!v;H{}WL@sE#;1}x)p-|$7*t<B
zYt9ApsXp3vYGGsr?(;63#d{JJPeug9x0HOa=vK)MQ~(sTOjZouEkChj2V^VUFN8G`
zz<N4$1+eC)UjH~~H_ukgns?r`3tYtmBP%YLJ^lQK^DdYbRNOKT${?E-F8QfD!fdmr
zPn|aHg4y*hTffK(^Ih0DCxll|i#nv$FAQ3~YNJEiqfA+p_^Fk6c32{KvqD{o19mU*
z>}-igxDwrVO>*qJf7w3|TMn`C`Pno_lSXQYIv3M&rmIxFo}YT-BPkn$(FczSxKkmy
z8Hd<N{DoD1q^$t5nEKP{bLtJz3_am_y71hxklBtlXt|e{l8GZ6ra0C%gKb#YFP&hz
z*w_63xMWyfpiajG<V?*XuyoDckv3hWkkyoNwH7NaF%xNSwXTF;<?!P8K?F&R7st2V
z!5)MAq0+QB<9hV}BiLAm+bFQ@Qa{ps>E^t(18tk`t(T;ey0k}IH41tvQ}PT!=|_SM
z!5_d~bQ2Za<-U{pFW6!?QPIXd-9Qm5?w9(xAX@g*=?znP%VcV#lGgmoQHJ94Q|BmN
ztERK)<#0D~?42S4b`#OXuuR&ED9v3}N{h{vT}2<kV_;SRljK5+WnrWUEs!SjO?^lr
z2X5+*)@}qI%V@V-2wj<y%!?}CVbri}1ysX&W;x8VH<oV~xh^>Rf{SJ_@ti@51xL@D
zI{PB8<uh6vvQwLUenCCneFbCn-V1$SfIv7yUH?O|?tt$Kg!D9P_tfWl+dbiLecHVb
zQEGRG01DgPrM%ijjR3aVZLzdh5w?ir+e-kpDMJqU<<~zD^)j(%N(PfR<>3!TC|55z
z&&Mh~wPTCLNO;XlZFU~TF#etABa3;i*OQ-Gj|YM{f9C92AwkS)VEUlt|Lr<lM4zAf
z2_g@*s`m?0=Q@vuG#3?9LWm$nR9;Fu=zZl6wML6%T9dz7t#O;!nUe7@(4hC;Cx~&>
zVUmzDV_H!}*}PZq45-u)W6toes>x(nIo!trmx5m8FUzCvzB(NA(cz>Q6v`*CI4Ju2
zQtjWd4TC?cU@TQSN>n2M-YYpek}Uk{7nSj)ndiC8n_u|?0KPQy(U#e@+5hVaLcsLr
zbB@i?&gE*S$()Ty*B}t|NN0Z!;jO3xK#9EfJFhfkWLoBs^H*U2VX!XS)a5an3ac?Z
zNi^zE5)B_A1aWoXUHMJpWqY<hyAMYTEIH^ETIqfz9?*Ktzq3JGi5@YuL1UXtW@x{)
z>fEkf^#dAlvP8R)Z%TS5f6(uk@S-IGn+=bCPiqLFi8ZyX#PycXQZlyWhJwfacNe4L
zEPT~5NI|CUK#>UI%mUbo*#~Dz9(;;IG)<(QRk2*kGMXJUM8Gl!06pK_4E>$;6^Zp(
zpyG=Jstht5%)8h})lVLXh3_Vjv=Lh4d?{1~g)|mFkvuLe*}mf}+G+CECm7&H6CWXR
z`M~%x!??EceXscp;zhJpkZKJGvv=$9?PuL2diV=!<(r}dB~BeiPFcYWGG_D<sV2rZ
zHSC!wnfl~GdDV$E=|M7-Zr(Alao#G1F+-_-gE1_1^$!fD#b8DIRoV!w`w}RSf2IXc
zTp>i}646D5*;jQF7RfH7*V0Ft1yEWq5FLEwL8u>6+lL}p12hd_%diUo!zJdCE;}l1
z^mb$hwh`Pv!Jw~clXX*BwE6J@GgR3u>}b9j1SqN3@ab^xyAAu;`oHOzujoRV%<5?6
zvyC4BiwXY-%!W}>2J^Fj#*PA`c=Mwuu?=L*19<?!tJ#t@gyUgS*4yo5mX1&BZ7=?|
zih{^m?dw#VAknt}yw;0f%1YA(Ftk|ZYhH7QQhrg_W=i&^jZ_Wgs7QD%>`dd%I`<}m
zxDX*XyC~dfj3Uc~OMW4>_{r1vmeF}iE810xOtZOxS@Hu<2-PT^-eekL7(Ay&Fp=1<
zaXpdM4@erSzBgYIM$27TE~oy^A7?0>W~+2#rer?p^hQJgs>vds8Z~Z{Znd2PY&)Zj
zbRm>NoCblu#&82fnCt}!TMvXYqq@On#v`Br`c$O~>j7<-5^Bl>6=+hE>pvN>NS-nY
z*xjk4<$f7{7*!1)Hh1ndEvGYQrW!Nb9ZggXfK~C;5IS2Gjx*1uhVyJ_+~|gew9XX>
zF}0PS&8f}pjS%y}IK_beczBJt)B<*{!x54`7~LD!!AuS$ncHcU8ywu8&xX#|9uGzW
z+&HRycHxB~^XbQk5_1MDr(ywXY8vG=EHN1Skwe257?TJbm@??>?w9eB-!t+A<J=9R
zHI{E6G`IxpSJW3uac3%8hn`sY8>Q&}cVH2|!0a=8&<@{XnkRK|2Lbwa*_W*>`v!0M
zNMnVcj@rOSs{P}&i*_ndZ)7C%2>lm>3|iALErEPA3dL}Eqz{4Ch1Zh}nW;a6)_`Ii
zUe`Wq6l;{4uZ)^Cut%W0ONp}WHo*u=1)EU%cSGq4TJE;;#sizQHtm!ht$gC&VYVg!
zbCkAz1O6CbwvrkH8^ZVyMXQrBjl^!_y?+>9g&6QUhP8lEY$*=mQ~EG{NAMNCwO9~^
z7X@Fb$-t}hXPh@)KAr_oFnvUl&d6uEL@xil)Alypsb2(~X%cC>bZR1f^<OZV^>4gb
zoAhEdrnb}A#o?~1@kYXWkU>mYSLGZSwByiRs2KPdL}>^XVl`PwyOrqSS_bq=2eCNM
zs$V@;?WtRohYBZCkBZ;S7?r;&@ORsol{g<lBqm@Gi3#FBe~1H+&?u7FVC!&>>;Vb%
zdxWItMmpaw^M|kEWa*)DHfKh7SKoe{l*j;g<B<Yx*m8Rwa!G!=KL8>md2!n=!QeMQ
ziYnFXtFtDT!A(%J8i*XikgCb}i})EttvW%1kr(%)Z_@qf@Z_ilJ;MMWW|`yh)qo}?
zu5QktD3f(Rr90Dj9AUw9f~v9xs_i)3b}SBuABI#MF0^Vim2&=Pz3Kt}qaPQ2xY>^K
zf*WqUS>F}>)(H2QEFf#MR6p@m)xi}0_9Y_Uz&tk?s)!z(qdC0bsRN-$rv=g|7F|kR
zDYdd_^Q^vS6A1CkFOv}JaAUx2wA$DkRHzWAx-=tdurI+c0u^R!E8q0uET=g-pwpwm
z7e?>Duh`#)$n`{|rUG#dY;BQ>*`+vp4NT=3ww44Hs9>e+(3gta3D*b_qE)ddN<`eP
zZ#Z4~cx<}5f{|_gYI4cN8t3E{@Tp2BIvZ-FO&>9_;$4jp#RS*hVfj;Sx!+}(awaI|
zrlgla>75%6<P8^5P3m2VhLD}(s%|`s3%JpLhhbRUAeURvy^aKpWh6^JeL^SygXuQp
z32e0H`6o}_+hR0o{Znf9&a=yx)Yf*QF{M=Vg;m{uq#aSA|2wSfQ0@(wVYf2RVDOqT
zNp;&9!>Z8$!!Cu`iQat|9Z0fM_SQwD;sa9GomgO)7Y~|&ly@Q$mZY3jP=#c}BE-2&
z$>Hl9v9%M}+=Ik|T!j_ff&87ZY!5dq{y+)HZpxglwi}(Z+232cOLnoB8t*<x!evtJ
z)hmmwxB^Ilql49*4;N`~Tm)rTZT<lVaEpktqZtxW%Sa}QvHc&1D5jN~#B0@=je@r2
zzetlQxru>S(>9`p_lN$zVz0bozR|$>9+x~*a?~T5e;jJlgRsAJiMhWWQTMR|Go<0+
zBrhIEho9JBd^55WB^9?ZT`UE^M)XWMlE<4Zbvt!N+J43njUNs)*{(V>tUSsMi`<r%
zJow_h**lCMtn_Wjee`RpRG!_a@g8vtU20F|(BYwvADGur-KYN9-_pwA@JRA(>Y8o!
z!NGcK3mDpuRgmQLsW{+BA0Rud$}1CMj(nIX!JofDl=D!ebCFS7S@kNZ4Z_LGUv<*n
z^v$fo`}UXW80IG2JLdRzrDG6iDCw&XWdtpFOmE=frFX=M#7Hz9g|zQqI8oa^YpS=d
z$w$9SjM$4(N&fpu$dRJSQ!?ICt{LqxW}w2L1SM<w<mkp4v9<g>&BA>Id#3JT1lwaN
z27m?{0sg#G2Xgl=H+Bq8?<?uNoK~`lh)k*?H3|-iEX!j|X@fO7Tnp18?>;Wi>t^Y*
zsW>`ljdXu`Y3?i9M7}}YD$HxSyo>tjKo!D-`wP6{!nth^xv&_X!-4>kRG?J;@8>x#
zY=P>KR}~9&U$4{<yDc=>*qa$HW)*01Jc%^&*!Y4QlPkJl6J5)?d|G)uV5Sd1aD>XR
z&*n0-k7DE94Vzy4I?}=u20GSpIlhT)^WYlimBKD&iCvs(>_YQ~*u^BrE`)3$s>1P!
zf`CsHK6H@d5BCF0V%>^945ENM>G6&;gc+V$9c1{0WiX!5pL8`^aq(SIO!$mtyYK|z
z$9RHnBCes|`tvoWAOt~ghLWJW6Q9Dr0=Qb9{j~`GS_qzXtVY9lSX1wMc2ncmQ!g+M
z8UHRxP86nR#MC6Z`;7g+Xw<5!{(z%4d0{!b80VB{xOlLfVgG9HFl5mGd@l|9Im)4!
zXHv#5f^JQZf)vyJxQR#CvCa(a#MSYclD`2A1A<w9&1{>Jco>jXmYa~I@}LZjyd218
zSBfi)31cG3DR72*{?8m}+~IU4kjskfbO6#$tvG<tQG)}01r{Q|vg6WrQbBXKh)b4C
z8uH#(oY<ieBOy<fv=c5$9cMj(lvE4{Fe$0bIh;MZbyAh3K}wqJ99W~_P$^Yn8<bLy
zKN!`ND<NDXnXYD9#i6^cB@&6Xl<7-a(FFg@Eh>;3Hn%6-Zq<C;=yy8;HaF%WWqn8$
zs-j5ZgnG%gb-2BuC)8!--k~Q<&dR()PpG0b|5o0mec#t5ZvRonpObZ+9`_eIWgWm=
z-j!8>-M=aT=Kj?TR=xCCYG)5BI_$!)!J2SIR!5x*fUuWFuGgx;*;cqklc_@7eM7GW
z-i9q43*8*a6ghR7t-u<&f#q1gw1H)YWZEAw3Pdf*!m+cY5(s#cw0R*vmEdC19bZkU
zz}~?}t8&{srf<6NYtpLo-*1JI5nzqOwH4kZm;ubYN{_XvM2%o-8#ou4hMba+XuxO(
zF+ynJkp0Nw)fBz~8{m$cs|wHydo>dtmzO>jaY?3S6;(c;RRFSy=u1&md~FLpIiz&G
z^t_Im6g7n?{*fzyfH?K7;%0_%xYhUiDcmy1O%<XZg%$I)DsYSH^kY48-@BUAFb4>d
zjo^z}OkTwLuSe1$u@S`v94Ipxog0FNSbSRrcTp}aYyby=GW4zoXso*W+kaHnhny*a
zguzIH#hE**lhu;9QZ7{Go~JU$%rHdlwh+~A4k61NBSMGTVIf60kkb#mUvq?0UDC`}
zLK%V#mX{v1^?mCn5+;Lom<CJY-~fmhh+AGJvZifLf8AK!-1GI><-F&z66Mv(eJG=b
zM~$vqLyAnvxeBaY>s|MEye^g-tOt4V|B}CX=U33^;!-2S1_R{PO_aiSQoa7v>Ca^S
zsnQ<}vPot7qd^8w`<yoH8?@oulpVH#`^nXU8W+`afTG0sP8M@u^0p^>xufkiWQ&#M
zE1lB52S6a)`_?E851(B5mJ67{fKmXIe8N6Bq2vQpPIAb~3`Ej4p-?_=;&zc!FENij
zvr)v%(NfT@s4BjWm`e^@FJk5$+#pJw%0I#!5oZZuW{{wla(nfVUqHD#-u^PmZ9@wB
z9Lf#%JG^*+g}Z`AXR%PH(dw`;p~PXKMBFVoWa&=BLIz}i4i>)K@P$|y+x35kg>9)X
z!@{+nj|Gv&O?`;r&q1rRXgI4gi-vCxb7<I04NnfabBCd!M+1F#VmN8e7oy?Vb^mv0
z*zA898gBS}G(ZfUU;$w_AcjRjqqA7}4;x1|Bu0P5VWCLvP7e9+&kPG6zzaSH3pMt7
z$mb4;$lCuqEWG{JmtkSy=VL({_nDx<wxR}T9AYIoUjcAyjYog_QM;VNVbPNnADmu@
z5D6e!4uRFXL|b;Q+-8x+fvlvL5Ejio8yd|%8>-2o=1F*jna-0iqN*vYPG9C(iGsS&
zVKshj_T9_3)g3&7Q(f>iH<Lze9`C<FIb?JXg+C84c@00LsDI)jTvL{<_lNvN?D?WD
zm{mJzv^J`E$(hOBgg<o%GoUz`t?me@=-9ncUi?t9rF32!GxcT1k!+Rr9lV+z^vU-f
zq~|VCH=#IGJJ7^k5KCg6il?@%(LGCI7d+^=;2O4&(6M(jm5zkhNDI>ZgIzgd&>O*C
zzz3O<Z?ACk)_9CYw1QG!rM{(XZG|stteW%^F!zMW*0Hr2#iH4o!ehw~CBM4eD0zf@
zyN~Ce&HBRe{HKTi?<l$KjW46*6<<Wjtd$(Lz4#DJkA-msgcxtRmeq<ov=bb?FZjE3
z__|G>hYwixON`W_KsH9f`@(nLE9ugqw|C>I_von5zCvP#&g!4E7v!LUVBO#}r|bF`
z9Z`P)_ZM8ih58gv+P<Twoe*WRua-iw<kUh;fIpVrtM2m#O`0PGHDu!67s<C?yakM8
zwLfE*sbk&xdd9jcN?!+fBwvQ=Kd(ukF&YFSOOZi*^7-n8*4>l~rmI0O=N~_5s2Lnl
z8OnfVNvloDD-hF8*n?OqA{zAroi@Va*Ej*lxPxjmM}6q13mp;+EUGGWj1C=Tp+ob(
z<1#pcMuq}Vrlg4Ou_}jBrN*0N!RUe=SMZt3Rg+FqjkMV=)7$>~XLec#i5H~0RC11e
zeaP{`)ZAxq_d)i&dmbrSWA4~%-eDCT+4B%hEBjl77r&cmv#wsl`^2Y{*!o8=LpMZa
zJRT=r;9X-G^ib2br?B&m4gVz4@<`*^iV)npMpT;__xPIfy15Uf$53-$dzY~OhHq1M
z;}*JCitG6LhF`n)$sI&k$`T%?ZG5}eo|zj0+>;Zgqm&%p#G=M^Rp_V-9g{;xRp`)`
zkR>h)9n!0~uELSUrUY*MnUY(=zUl;^719PMjWkTwpO&WTE;jQ!M4;-TijMRlz3{^C
zhyMq(O{6j{Q>TO}ZPAg|rT2^^#U?tN|HX>qyQnpF$^0vd(&IzV;^1Xc(wP#$={5F=
z>b8C^cly(g{m{CbM&mh{0A_xlH~v!BQwaC#(4ID)Sm`c{G<OxGrV++_6ieX!PGg`!
zD9wQlH^WHbeq4JmudN=Fg+GhC=7@|m<A?}sjfh(VKtGit{3)Bpg3@W_qv$Ms2a6j2
zf>#S1FA-A3OG0$WQx|S`*q)^(*61q1%<l@+vA_D${uEfa&o3QJnhNb<jr2Ey`+hPd
z2i-%9OSvtydXaR_Uds%6QQFO8xrK#WiDvg>%P|<E*aL9c9g|L`VXgJfNu<?1DkC|O
zvM=sv{u&-~A$Q|yd)YMDwZH(ajcRP)R3Nq;$L*`d{+$C@ccTS5p-;!o9z&-#9I2IN
z<{wTcROfU;p?*5h7>}b!TN@pT!`6OTh5lFX3|PqBe}!xwine{nu6hl{pFdq>yw8pF
zmfJ`Jg-J)JQ!wf<sa4c5+FBIR%CF9o-`F#Lu{HTSg7~Vyzaj8X4*cDLzb^1^#*aK!
zj~5v!4>pUhLB3#;VI?J4>|7pc(P$%UImbe)jS#nK>2YLFT%HxCJFtjjVfiQ*a*Msd
zr&0_8lIpPzvuF?qB#oEL7*hxR1cf#;F2o-)Vy!xF{9Ay>-`oa#uRdsmRWd8Y?gBz<
z+YYUzGqWRCH0CB`5z!BAd%R<bNkg(=I$)`!q4&OYUmQtj6g)#K_>=!8igi=9_QlZ>
z4gYKJ1V2jAx?jaz;q=@cn%H>(%r6V)cWGbMqcl#K(sZwm4Rx^eJFwC3+=E_aX0~>)
zw56k0oaNwwB)S2v4YHazlQ~f$wUWjvKbTXY@hdXXFC4!n)p0)}yh9E7B}8Tt0m;(X
zUTw^jOaWTm{Re15nhmI*STd*lMqCMN$&`Hh7u9)-&GDfm5Il6Cnr)j>ECgOH79ll1
zY%0*wN(^CM1(Y^ax7d#eg;~j6L@yB?(lAXMc8_Rxj8I(B5K5_qJjb0%I57KJVizpc
zQL}O2<EdHdEGOwZd*v!pA{9A%<<WSS<kM1^ge;CiEQ#0@=O0zZiUg<)jb6*ew+daD
z9H<6$lD=Yo)%Q^|l-UerN-YU);|ncu4i-OB0F`NgE4Mo=?09j=bGgk>!ldd8DV{9|
z|1V$f1IHtjB>EE^+I|xpY+G_ZC=(2ZxBu)qcrz)hv6^OMw->d+*8Q~ryS5+gV=GPA
z3k;Oz5nPc&X#si!amSFLy|Ov!k|$Ys*RztK1ECU%QwI+Noj5i3=%*d@!RD4^n3uOy
z2oNF&Ln2f%ZQ~ctpeQ%1lYl%L60_>3Ulb~`nXZ=~SwDN$`A5#V1a*6M<6QS1HIBGD
zKmJtXK^5!S&um&bSV-2j3YpHvEfQ54_Z2}Yl;?^nxMGWUvLh`|Htf;dQ_^^3>M~M?
zY&KUoqRN&>^z0UApGes-#pJC}#*vL)2NO?8<Gbl&HE5c*4{IEoOGVb#Tu-m2`X8eh
z%Mw$(bDTQw4(r79K&HjNo#fQZHj^_KJ2BmjVGup(>O#Ys5ns-PZ$y|ZjIdr6Qq2f}
zchN4>Fb;@KeL>52oABW`!f`m!JEbvf4PZm+^P4sn7|knCG^gGY%}E3kO$ge)Gv%?G
zDJ!||jHL~81epDjJ(NLWHx#R60YA}O46i21h0MPhW|kEi4IvCoeYMr4QEO{q?A88c
z^d8?pb225Hp#ENYNoWXhx{H+b`fUzrft0l9=er|~0u4cBa>)JvMoK#2IU(=!kW?Wg
zjrunmOz+SR<14Sr0pk&02x%r9__7Ucxtm3a8Lbrop$%x>L>IJe4H!+!`1cJ{vBTF;
zT0|?idCl(yjS-5&(FmDU755Pw_xoQ)N!V}xh-ZZw*CaI|UIT!;wk`Eyn+sHztHI(f
zyR@^Vl=+{9*m1{mA?MXQ>89v{OckC7^(X2bkF}g@wg#pMAPYmozlIqMMipj6PHw?a
zN~!>jEf*~o8VffwJ2_2<nNdRpcES<ba?HALpyv?h#wV8_s4Fx8#LIgJX5G)!r+o(|
zJ+K>%S*fC2K<Ya{OKMd_AT>UyLF@naE*2G_$Lb`;(8c8$zv`xeVmY*j)%(+`2Xb7Z
z=BaGPu&D?XpR=BFtXV0_9Fsp8TN!!X;m*QgpVI~n55bu`PAvB>ZLo9#QD_NQ69+t9
z0Q_!0f7gjk@Y_t{o`Mx0%9K2HyY20IEql{DGMsjX<M$J+a<m^I;wsh`otV2Zs^I3V
z`s<sL$tqu;bBsV1lh!YbQ+f{kaO7t^<w;IzzfN=!2z<jr&5jMt5r6Cz{4P;434ZRt
z(93^d!`xfCs2m$Ti0+Q^Zm<dZH}MHqNj`4tg3UOr3mjrxUEF649DeLdk8&H(^Epd9
zR)0^z@M@U&Sa&(`OU)LOx3M(01qZUA5l=uV2yT9J88iw$t;ODr9inw*l1=);&Z17{
z$@A4t<!hWSOVS1tGh>S&pQRk%EZkx&$+2}=l79aS5ok7{pZu3Y;PgNkQpM@f(N&^a
zZFe>N)|QCt<A^B_D3E)o)893*J-s)m#J>JEh+Xp3L4o+BnZm5Voz>}l;<Hj=mWC;{
zrVZ@G;D0j%;`lwVaD;%{+0LXo?S^Z(w6R=;L?6W|F<i%btT@q`tw!t?3=JBq7p<?Q
zWNHe&J$wxbFjlQZYFZbS7vUz0T8q@tj}KK0A`pHsSm{bqw+b;0dsH`lh7HecSKBR3
z3s=jE;Kt6PC-qKrQJfp)ZzhHw77$`kw~$%EQM1TcL?PO1CXgL!s@Q-FT;2GP01_by
zpimxpP+GZ6$*WMMDY8Cf&HzXyBdglWr;Aov?0!j$HQiefi=x@0zC+ZPRB(A%LBti&
zw*sNjO1WtF3P3Kb&|<Gq9RcMcT}!g3qpFwY`^P;s%u#-pj$3XbvBsAcs0fQ<%z0qY
zi{C&*b?ZN?J2xFzz2H$Kpt?R~)yQo9t=~HmZN64m%=Fg8I1o0l^I(YM5p0=~Dm<K}
zeRth~wrug6UV+7mM_fXFF*MaqYPHjU{e>X%dLq&7D~_XwH{%nl96}m?$|W~8cG_jV
z=ywR<87|$&y}I3$JmSw91BcQ;=Avn^CFUZuP5UT-xkw4bpdIrl{C-Q$T+~+h5tOg=
zOz%(jpiD<8|KD^HwgV@<hV+i@z%S(mq|ub8VTiu|R9dL{Yn-Yes*3O47F80z`2XSU
zJm9M=vi=`RsKO1%rK>@Lf{KEI!UCE|z#9yTii#^LHpH^ZLZYlSm_&&oigm5KuD$M}
ztB4Ik5fB@86bts}F&6Atmizzy&dhW3Bm`gH|NDRc_XBxm=FFTqbLPyMGo9E?Ew^In
z8U?_n_+-=g^3PCAm&3a)P;Rm?y+syMJC+4*4IA}?l6EULpQP_7kgfV?jzvgP`uYxq
zy#o;k=QPQ|9Z{dZ%fTKM4LJDl9WFi`yy7Rv!BeD|YDTsBz;SSbybU?n!PDIY2M?W2
z?EilpT($i7IA{-8ZO*}{`2{b$Xs3X!#uAk|QX5ZMThp~(z3|d6yaj_6vz$c>>3TC|
zleD%2lo_#|oT_Rwb!C2=Gp0&Tg-hI0%`27Ms(q9YOm!VpkiDY0F-Z+i6K_>3QDM0Z
zPSeS8(tHfOb=+w(SF_D|7(<Z_FJCU}?VbQEcswhgUAXBngKL8?-|wRBlGaKebn#XY
zkILJ&ZLh3FG@Y!+QG!_o98t_A=EmU3Sc)1;G3o|Ok*wjfNbT0A$jXt{s12%ODgI<B
zhMr(4oTc-G@CSv<D3HuC`4W{Ai5FSCW|k2w=17Y(>dzGR7}HQ%(~+i6%sGQ}Rm-RY
zZGR}|)pw5J-b)<10)@yDuuh5?>YQN31R>NL4$PhwSN$x4*P^!~rtIYip1)K~@dQ&D
zS;5sy8xXvY;(^snTy=?_;Q8dDD*~tUh3d9eMR%jdkb*gf8nqE#Y$FVVpxuigjtmnT
ztvC`q(~((@nxWgDv10}n{NrIXC=F!;<k*HU$$-mXtj}O~GAO8erfOv{5qmx=(;!!-
z1=3<ZBX<M&;w8#@=$g}Gxs33+1eVLn#b)Abd)ZP6+cDP@RYlo!8H|5F_!6r+%4Uvb
zla#VFZ4{Tg(s%3QRT3}wI3^@F5TH%fx5kj&<-*uUL=)0{(yMApHA8n<5-S8XoE7|1
zYlY|=FT~joiB-#rs$Q>VMu%g7gI^K#>6=_VoCb1EQmX0Ji_Hu&&^9#%F&9*CN&gvu
zCXOVo;tKUnJJT4WmZ*LPsn{a5vPi0+Xk+9MkxfRD2aiJ{V#f@+Tbh=6mPnFriRgz#
zrwC6c-^FDUQ?Ab?f?3+{5zN^G@XjYyI=R66ZSwG5JlNU{6+nsO0b9o}C`&g>T>2Zb
zjEdTup1>WfvT1qlgZ-<&Oy0EB1LY)~gUz@ii)nt;k-AiMM10j4<j(bO$S~9uC(v0k
zM<m<CjyP~B<WA~&(#dHzIJUQAuT)8A7nVnc$Wi5ff1@fA3zkbs?#;~@T0pNH@2H%I
zX480q0={sale>yF$Rmn$=E-MF-D4`}^;6jm)M{geYJH<us8Ust{0EO9H3%*e64#}h
zj8fb4Y<E&5=9G}1lr*eF`Yv1?Qwy5f3(jAJ^wsOJDIzbU7Ti*?Ht$cvhCu-TX85(C
za}|jbb7nj25;<EBe|QL?n#`VXt5uyQvoAxP*=@$BPX#w+u_}m_#cxmG*x6qlqbtj`
zDa{Xt!hDitq(CDYDMUfdTF;CKXJJMYO*wWa$Kv7N{Z}Kx0Y0}2XG_uEVRY4X@fYwV
zO-{RBs}Z5Q+W1JKnNZnvdm7B8lPj(vC)%6|7+kT*2EG!mj0i^(R{1v$ux_~kPrCwW
zN5_$<Lk($1Y>{1-`!tl9WH7kWRhk%^xdhqhKLYxY4?APKRIzmM-bSKSt*StUXhtMm
z45^JxwI8%t#EZ|(U;RoU!%*cvzFhW!ZbeJshV3*a<WOR&nFlw#BESuI388)@YlTFV
zR9FG{+Gr}V;Da%V!cT-*+kK2dkK#yhN8kb%@JQa%ILK}hpDYG(CTEqEc;;XiLPH@9
zbQ&F$XrtY;@JNS&Xy0-$yH3<QV0S#hYExD)J8W*J2MK7OsO(AcH5BVbm#Pi+UU4kH
zQbVX_1&M2(scTX2XtRQ{ADR(E*-{i`Qpm7!nrK$;RL&EqC-FgBhQtS%`$)CsQ}k1i
zP9738%m*bFVBXBB$h!}J;T$?;zP11ezqG=Zk6#!iHA+6g{OBQhCV8N%u8O=V@)JId
zFKISF1*rdlFH;#d)}8LtMb%X%KSa&ps~;@99%mt_Zsx0PQWGfPkY-@Jjez_)kL2B}
z2y^bpyPfZxoAd7Q@g@<ESa&LPZr)uM>5;s<?aL%M-&A5zMP4mcXzDoKUidkdtALsg
zZQs;*YxZyH<dHBxT4R~W=orHWlOTQ36S+w8;Af?AdLx{Y@zHVcHqh_D|GC<M2gku$
z0dU~=Ja~sV_`(c$u?KgEgFnuIZ}s3`FNu-HRKG_)+k?Y6SVvD>-Y0nQn{hDauLqCz
z;Ai6Cv6<9)9{le(I5(3z+k^iR2Xi#sBmb0UA+B8!2lve&U+KXY#KB=E^*tVZdK}y%
zle)@-kBWnXOzP7-_<%TAcLq7O9O%JA<KU5*)Vq0b-#GZQ47h^_cZ!3z%OL*>fl|5C
zm9ZK-B$N6j5B@R^J~{)Q@4@ThU@hu8%CGd`XX9YaQ#kMp4}L5TPGyiE=D~Ny!3So*
zLp=EEICx10ob=$?aq#jC_{Vv!+-JqXMH%p$9(+t3yfOn`=)niZ!8Al)up2yhcpRLa
z0iWx^JIBFT*FN>p9-NGW$7R4HJ-9_2JU#>7&V#?Hh*jw740zKOuH5g(!3Sl)?|bkI
zaWEG|c+zS;_{li<j12f69(->ce0m0au?PP(4&FHfKGB2qa8gFE?VFL7LJyu92kYun
zCrtf3`1m+@N(S7@gAa~_7iYkqUGCU2Dh}4JJ%@ai2k#mOFU_RB*Mob+!EG|&%RIPs
z9NaqtKHY<Vzy{BhyD*b?u?K$?2kR7@BW<7uzZ?f^($#@Gdhp^nm>$rBzpioRelQNE
zulL|J9(+?A+#>^i$b+lmV7e}!`YI1TCl1~tL)uIaJ~<B7-e^bpL=QeJ4%YOX0}u7!
zf;d>u0XcA258fjVel!FAX|5~xc5$%g|6J;|9^5_-z9p0Q;~xC;#jzUG^rTCDqX&N$
z2Y1S(KF@<+kApRV=TcAh;AL^JCI%gNlm|Z)12fjOuD_3m-4=sA(LRH@xd+dUgZIc_
z{;1mV<lHz|b5subau1#s2an8v@ATj!;^1d8$S?8W!Z;Ya$0I+*gZGSsWzf33Qy!cf
z2eU`Tg9mtU$2j=;47i;K|28{TUEMR_y31U-KaYcV&w!uz;I(mZNe29&2d{{O&&hx<
z_uxn3;L;5EEDydd4(`+}D%b=Mo)-r{l}SC=gKaz(S%QeHXG>=fJ|mu5JI)+azpHZP
z{$m_$uiBU}z2?EGI9NO1UFt_Yc<(s)*-YNod2n7F{CNg^jt6&+gOAIACwXvI9DHO3
zJluo7DvMQU>t+#YJw5oHI9L;`j`CmUxN@(KgEiys!0&kQ!Z;YH2S4q>cg4Y)7;vfo
z=E2thu2@&HLq?(RmWgtnk8*)iF3jgvI)eV>P%@u+>5h!lmQ^rPTc90U8a~KK>)(^|
zGS(`iW!Spu92^WJ87wid(Flw|#vD2x23=!N{EI;dqKm<A!-~FiK$=Ug$zEKb69+9)
zD@V5hH)D+KJ#S;8qiS>xLESZ4An1IHG&+}{{;gb4wx&a>Mh_xrm=BulV&xN*@<9i?
zpa}#`@<IE%peY1R^EnQ2LDLDE)f)6#ft&~NjLImG4au&@ds3==WWV(chsk(y-t^M!
z;J)QuvQDD>E&BxopOi{F2NbV=i_Nt#OyhcX&O8f}`URF~QN=K8ycA6h*>p-!@%|>}
z8g@-pAKj*Y)%@dA7|*#wBj2MvGppt{iES)#GscF(<_5BT?VdeVb>*PUk=Wq5&drg0
zTVB6vez2lx)%+_<eK#O&{Skgm8r|c+Zl4olbtBtP8DG_nDPzXkEc8y}n&e5kCb?un
zV$L2A-QbGk;af-gIK)n3_T<T1Bz>P4>DMS)J?URu{NEt`&93#N=R$gaPkIULXh8af
z=<coH`W2Tr(zCWq`uWfookDr*qz0r9{_l|9J4X5-NFU}&f1IovkiHD{yA`Cr=3D<5
z(bTlSESX(T`t}V;KO4|i3(WD!dama~ddic&37ic`Z?koz_wb}&cH$OEZxti`L`AC?
zm?z8r8>HXWrJnQ&kUq(iKDsgK<5B)w!S!QNu9EeaPS_&p2SQ&YF!v~0J?UBh9n$Nz
zttWj7q}xUon&}+a(SYk$p*psL^xJ8JBE8F&NuPI7J?UQ_-+=TnfVNs-2E|Bcv(2Pg
zp6f4=bpz7hM0IQh=>ZK*q#q@knwIs~FRUkh&xWL52575EFYVmT^^sDUbQbQI7>;Xf
zmsV!_6$cx7T3SDPjoqJC-{BN%7Y%pPRK40Wi+*R%MNRfQ^&JfZCrudY8Ylhi8VB62
z!@<GE9A@FwPbVtwWe{e4xa;!R(49kwCN*!R(^DswYkug~7qlvfeuBv?*Sf!~8u`_?
zDUQ0eC{BMLreTeOQw#sVU;S5#VFYP!a=t<9ddJRN<rOHp6`q@-MGaIdCsmnp(A>YU
zbC+V`;+D-7!IJ=DO}p~`LgLaoi|Mviq-sXnD>T!JwOUlyC3YUnkf?hs=84$>8+q<*
zguOqr4?*lwu=i(vOH^EoxBmSZnW>rgXU@eFKfjcDe<rr;dwA?6nt_A4(m3<p#Q)$u
znrThFNAqpb(`EiQz7Ma|ZvGz4w?4eldo;FV3+^BrurN~}4d0`=Tp;~2^f!2qMzzB(
zvhf2}Brd+4bC~05TJEJ;4&I}2D~Ik$nmK^<Bu%3Hu30dWHE4;09->LU{udgV_JygP
zP9dJ^R`OFcfX6YM1yWZK%U`QG%9g!Hk{hjj<nuL|P`YSup5B95!LB3>LQtieEwjyU
ztC>u+^{>ZpU}@=^&dX469CMmER1zIoTF$~^xk3T<8ud-60}*-9AC-waH&EAM9u_z6
zKe0(Ox&w1}!MOv|A2lrmr0oP{hKD;_{dXSUqVi46N-i|Qj)k6rvJ09mu0M8?xcs+c
zgz7sbmlZ4ert?*Cq5BoI8waFHFW4g8X5)QyfusAR$&N`XP~D-K`fdt&gisl2N4RMe
z*@j^sT3=&%VD0=0YSFDEP>fXhuQ@Z@41OhimGtulKie?Au4pRkz?qQgYrn$uer{@_
zZq?LO;=<L%mA@n^Zy||%O98E!nwa@Yu8TAC<?e|Ut3QrH2jTb#@N4}OD?a=<(SOt%
zuW@nF#Lp5FUz(aY<@qQY_qoq}wM}Bh+aL2P@Gwq?zmiz7=HtY~_Y)J}B;KpUTQ4l#
zp(ZHA_pTD;ew)a7Cj#}y@dKf63?lUVsfmd{@&A1izZb=51N8MApkE|bd>MS3nEpvH
zH8JI593SIY*Y7|`Bd**74>ot*7x;%B=E6Unnt1;c@V(;yuj9-AncqRwIx?wKIe+1W
zjI#y~b}1n8{kH*<O2AW|b^q7(>tpblKeq=U9wc)uVBKmGz|6Xr34^h}Wp{UoR!vR3
z-J!R+OK`92;NpM1n)=?R4aY2b-Ec`RPZ_4FUQS#xn#NhjT|uj*&Lu?k0|tN1_3*dd
z%DS4cjUb4)-ZxE`fc-Y!??xIN%)!s{{212w29~rf-?(d{GEXwZu+v4o#-X4kYV&+B
z{smhzl$$lft0%=$pKPh`r};INTFZ{X*W1W8@>HqwpcpX4k>&bm6->>ZE?SC8bO+bB
z>y}mbN19Aw)3_BmxO%H`i<AuRk>EBB@ZCmTbi*yzC!jIHPw-iO2iJ_;{h*q>UG(C;
z@`qWy^D5TO+J}Ie(SINO?8u&ptClSJAbapzdgIF}EVduNc6W1in58d;f1={*^>@|U
z^7T7_WMW>k@(=eb`}O^^55QNP*L=x`t;#>xukFiaziyaOOwi=K7Uk<(FInGt$p@{<
zKiaSDb8VN+{xvJB6UIa@)91@u&i=KG>PuW)!nn9@kD~JB&6lii)pku45e1mpJNzRM
z!dom^zfIdERnJ8UxU@dKa2>22{L16{)Fm_eNJo1HtVvwLEkx<m%R#Ey8l4pz^}*M@
zvWEBO&7^BrEKV!a{eQ|YLwl~tPb_$2_Ad%5-Bu@rs+Q^<@BwSiSsH$&?xd!}T_mlZ
zyrgBykzdlSYVFW0<c@s5PLIlJ^L08=zKp1|KT4<fqheYfO`@XhSpyw1o1HkbTQbZY
zlB!y(Lxr~cL{}L)J_l#s)!c~-$YA<$@@n%=I0J-L--V|e2|jWG(C{dQu%DwlW|lvk
zCyR^w+-9*S$D3>YX<^7zqQA2h6aAg3m>A%!$;1F>iX{fPzS8<k36&17+L!I<_T^!E
zzIJ$3enej8S!Sy#o4wR|>d;1tukcOaYht+W9CjT*h`Jlvh|3X2WYE^%pGyeH&9YUl
zMwPxK7B=~7;g2;mWoHe|H9hX$RSV<s!HP>1bwT!T=P{9_xz==Y_)OocTz9r;<ld>m
z;|?2BaOmh1b3(206^uUa&@lytnptA<BEE@82-J(^ii>i?@r7iB@M?KUq=}?O24kC9
z*PT!dNFKUD^k_f7(@-y_mV7mwo?`_%y%wEb3-$a-)l3gC>k?-_o9gp2c6FCFlx{7r
z7QH>SF!AQHx@|M^JchGbWBM!^Q?+X97&f8je>W!a)T*Lp&ldH0x#*|24(55?apmW~
zn3E`d<Di;tUL0TDwzzuR@q2YDu0Fc;_`Qy5J-+R$rB8+V<DhwmGAJkel9!doQm~cg
zq?-MVjz&+f%n4_x#ZUm1Sv4&aT7I|prCw6p9vE-bBgm0DQbh+3W_OFO0sf^#rWprx
zs7oDMs2EBF+2l$vRnIn!uQ`P-_RY0Z%YRLm_Hp`AfR=d*Et<Wu3}G)SU!J1~C7+D1
z8H0waRV!V&1Y*<NO|pt}eA#x@1`jvBT>m~Akp`zz!}U&aqWl%+zpLK+>5cCaPraD>
z>8+xwH@Nk%W&WI%sU@Fr9YD(>9%)<|6jc|l+-R!wdiW#`45KRb0Nw<?eyd8VYN9sS
z*p89xc`{q<R(lR<U2?YgB@+<-=@)eae)|(m#L#gzc^;gRDVRJ@9OimCQpkwqZWyqq
zs@Yj5GgR@z5nz3iK@D5i!kHSoRQ()km9e;LXccIfMSOb)QITDaZy^z~QkQ1`i?*k!
zwkd>vgkA_wf0(CM*x&)i%n`jZuvk-?9yz8&4mCRiWt!WdC?q#>NIWb~7LI5$w>Cmv
zHeEYzxI86ie^=j1YrDrf5n$HyGv{XJDT^U*{P52b<t+e4hGT|((CgX9?y;k2&tlsI
zQb#Q<e7!)tz=l5XEU|%yHyiNLZ}rhDkE%r_Q?1&W<J<p2cen@<OBW1yub>Z`T|1?!
z3K;mg!>8KHs)6ew{*%Q6HdL(J&CJpI{!ll=753SXs`}O*;;S0jsko}RQyX67EYPM@
zcUZirJZP4<_zv*Uh<_~IH8vjc@=lA~5Eppvj7yh%RDjGDB%WH4`e`j<nqO3X{>or{
zb@9rLsS)l3QE3^ushSa)@m0?-B+{dpD{EcrC|n~MwEC&~F4*%KU322fHlD{*X_^}R
z+97e1I1q&c)vS;dO9ZpT0Cif^xhJ?KcVUcuraOLZ<M#KLXdCL`sp`E_)rVp7x!i)!
zmNjQvmGcxb`qm~2uF=KfdX60tHo3eA3yjT4++h3$PfF$RLiUEr+P^$hVArjN%ZcU=
z^>J>O_ArI}AO4JDA4DSB4-zIpxZ_X6qJ~Y?>fodf%}K*ZRhz_JV+G`%7nMnx88zDi
z<x>08n&O%hb2!QS?BhLLf$BOWb|@4{8+4ZHQ0{&$&E<S@MjzFtW-qJPM_gd>$xmxg
zD63E?DYS4=`lZ5}>FI(#E1>(i4Ot}%sIlj`t0hQP597{@y1P=<MhAtdYojfg)=|`q
zZT5I~5&6>x#7*!L>V{M^P;B~|owNg1rjyrDR+Z8EWtH(IUq+`^X=d}{Wi;K|xQw4H
zjLO({-v7VyxqjilD&HeCTYsG2IvQ-|TozjGCYW?`?CES3Mu6s^AyKXRNVE&ef8(B7
zj*FEJVQ1idSI4$oYmxTxtgKzKf^S>Jk3u|i8g=VMku=leY1F_iO`$Fm4jyli@O8Eq
z(GVoUnhavT;0CC`5SYtf2|4%oh&Fv3ZS3+tSMru3gc-<0#XpIuNvKH#aJt_Gm?Hc)
z63jG$HnomMyNw_IeWLsZVoMRK3F;TMDz6B6N@Bv9PX5QRSw+oQG3)-!b2pvP{}gUk
zyl`6Vqj2rAf)BFe47pNSL%s?Yr?&D?O2L-a`gz6D{pyDK2i)8%7wb>0pRQN}U!&;?
zNV^tLEM<1^z`b2G*J7(#DwVno{m>;JEYcPF)HgwyX#!2uDV}C{^lM_}%%&6aeLR(2
zQI$r@N^ZFMgS5p2-09?=kYtk!t4}0a)iPPLN}cGGpKnu|N`u2$s5qR3io?C|Kz5UK
z8E5Rl0vQKN)u5zH?}^X1IwMsDh!*^y>bQEUZl30;N{OnKMt5puzKVc1KZj4&iu~>{
zXnL+^PJVv?!vru>cs>ru%Fj<c=9IcFy)Q$@X)mjG+{~Gqcd`09I3sIWKe;!=+|oh%
zQA1Lq_0>>|&-lC+hhac=^^?0c=8mi#VNh^1i!2sNXQ|_qRj+wBsVtj+;|rSpeDovf
zZgT1#8PTtMWCjwTEvqWPoQk|X@ak^lL41v~b`l;OS)LS_+Z;`~m<B+V?{|u4?(PSH
zK5KUoGsw?N>p5G+QbF=@8^h_i1P}JTvbjX0sOq(1f|SYPM~P6dP&#_i&9n>#h@8sN
z&ed;ERx8j2BD30Z=_==ZPqVWS^$#<wB|tY{C=XdkQgH5yE7?h>O{Kx3(Gf>gLn4R4
zntiXav4zRs8U?U}cpexMov;+`%X|r6s^?~V%1;>9`-p3l73xZrtWvL+pOOZARcgx(
zGAuWJLB0W)kSl`Hs(O_+M}E?FS3-VJ1jDHT95fc^aDz7!m0aTC;9(Z$U~ni5U{tjU
z;{^QJXVY;`a?U9@C*w@qP?0x<FWDW>M?a2;)m~VCoZ)dPG98Tm!+Tu%1X3|g=K@O)
zkx$~=;BJe=#e1vly54J`9GUyU8{Gw!sQ4blW<vHyQ-q%?8??6&$_iJVFwxqj^n8ll
zg8v6%K$LVST%u{YlI&vpu3Lgpv1<0u?wQ$}ghB?&0vudMU;p~=v44`1|8(Y&;;Rav
zpA@{@Ucoa!I1A-~{V_H(PrMiCN>8`J$=togEskL9dY1Ja>k<9d4(*J4tr!I-Wz=)!
zNyN7E3_k{Y{(-0K#!WZUO19IX9ZBI3vKqWj_Q*72SGu%QUEc-)C0#W7oeng5<}*vW
zixIO@NP!DRzgVRxiHh+QMHWjgUJZl?>FbN=dge*#Z8Mjvlyr@lZCzy!iNn85QP=c{
zdrrltEaWD|tO8C=)t_aVN;Da?+S(Ci5Di2MtG*3h{!oJA>^>%yIZQr;6zYi0V5C8+
zZk1AP|A{$J&wHgOFnalwGd@zUQdUxMiX-hN?6J7_5Vvv0DV?h&YS8yHy?sP_@~}?-
zvE!7vyF^BaT;|L>&^Rn}tB;A`RJLko(w)+w1=Z*0<s$k|WM$<-Vu<3g0oLwtwh9|@
z5}G7@7-c1msal{}P=XaF<Eqa7P+CX<mwZN%2)I%mqB~-I=2Px~>{u``YxUWkw72R}
zgXHt~ey)LhHAq_HQ8#Hf4YyW_Ysl|<zFiG8bZj3|APE~hXd_?fAPlua^<=vDHma+*
z?1Rs0gD^3~@ZpvPuOCEhyiwWCHKnMetD<Oji0>?j6Eq-HTot=HQcRy>;utOf?jGy<
zV6f`9gvQbEzL_;-(~xlkP6bzW_Pw4@iHkdmr!{`|8I5JVPfhlOqurG>8(}^1hpSmQ
zzIJ`m@%1ZmWA^ciJ17E2x8IbPBGfarLrY(}&6%3K*9P{Sr&Q5M6*1M;wLBliPh&Lj
z9NhXf<ga^1L}6Rt@AWtQ9)G2ro8T|Sz04K2Uap3#*Y)Lp!k7O<mA}Ikx06NnsI~HK
zE?3QrfF|W?!S<y1Uy`d^um8PrAJcTXBe_zSBf)9V<;;lR6g0~}MZtZMv8O1~+!G+J
zA=Uf19N<w?*SiL#9i)ck3+|fR4SNTh;sW9@m7RR>IK_3QgjA#KM2WjjFGvL`)f2jm
zkM|vqWh36~O<AjN9KkEiECEVYt6AtKJE!@c%6q_?3;3dRsF!r|&11*~1uIpECV!5<
zi`Du$hXurR&V!Ta!n2Px71WY$#F5XH4~{mY1u}xy#%s2r!$2ac53c+eT$!mSbr@#G
zO^F;6B1eAYP`6=mawA7h<dDQm&+5CV48-D4`zh)(OLkv8k$`max1&{*jm=F-q!Qy-
z)t#(1u%4!>pI*f|hq4c@bqkEK_370t_O+tpdQIr7Ud%81bl?2Mf*+YqOx*r$e&VW?
z%$PRMFMF|>LKW6&V`}!#WgsnG$`mjcKa);!zC<QZEqy^o`>j$R0u|~Y^s`p!-E`ym
zFl%uR;ne$N@vSydF^PSojfV%I6$a-1&fc47c&&3nlvHu?T#bRMV{?>64q0|)vh|mg
zOMD<%;$-3=5APqtKu9&^4^}F=C6SHfHaIjTDe`l@8~8As%@kH9hlkJcZs7B9qG_{_
z@>)>luzn&yZmY^Cyu2arvY`HS1aRcu<_0vDo~!^-N(L6!n$q@;SV@R}WM<E)h!~AL
zjTj^}7Y9N8>!a;vAi^YW<|dlPo=Tb@g~d3V@-Ri_pW}yjQ??6GaemzS#2<YXK7BaF
z{(m#*%%|B7eztDA`uWF{J#I2$u2ns&AZ$&Qx-O%BWW6fEhN5(<#N~-SWl*qz0En5-
zk|0UgIH*VcWF;>Df*#WLISE9WB~|Kdth+<XTt7!g5+&8?2$%FBOUjI*PrA^Oa=AH{
zl>}0wt`t+1cCq9dfT$N$k@c!dLmcVTcrPnqM8?lu(bd2<14bvTqA9xUCcq<>ai|@y
z2A6p6c!-_{uPR4%C`Bo`lRFo;e#*p<3yY5@F|l}F7$X@Ac140S5(rbG<&XIwl6{v8
z^>qhj)@ziH_@y6L)QF7{yDDGS+8uB)#lgR9#FNS|h$8D7GsigS292_EU9so7{PC+Y
zR5{9DHQrxeS;HWg;W)^L57U=S*Rc6oKk8h2rKS`o#suT5zK(4=D!~G`Q{^S+7nT2(
zlPF&gPc)j{4jmcI_m+)pubx3j(@TnmKVQmDV6XaBRAm5H#dTS+#$B&pf)8dl*MONL
z?RDE{@CCbG(}_@yFuS}<D^Sfeq#>wtKi&K1BYi{KhzK(}Po)_`Hqwbqlko8Hv|Q|x
z6Hpzo_JK-HFX1+(ffCikLmfr~E)7#v2j;9C-QO4j{nOM;Qt1|n%Y)sO$IZ62TXLcj
zc>Qf`lw9#IBU^GqZY5Yfxl51m<hB^%+P&gyye(9T95=g^=rkcW(J7Ua;5{@+A(iGD
z(lpB-DTgBP{)c{-3&V%6$o>{rGn;U_m1zj-;3{%HDOKIFpB18}>>h%{YCKw@sPE5I
z^@_nST+E+F>ldjSmO{(dZ%hqX%Ufx*fa2lnixQ*l29}D8@Hgroef<M~t*POwO1~<q
zDbCvv-a<%Xhy1MIy#M4ly;3@qI9!Xn(()Eht%0)|KEkp30;+_{UXk6cVbMzVZCtFn
zKV;+uo`m#`@MI*X4F<1Uk^L6l7-LG81{;6#B-~C7F#VpYVy}6+q&?Xt*cjRNf^Mdd
za}Z+Hi&~KC#aawiE=>}zALLrQ9!;xA$>6t=sNTF^wPkXTUt>JgXHoS9IZ?I;bWdD9
zLefjxe5E06KH?z1X(Ae~={Ls94rjxacab@WbXvI|BrzJ`w3&uu*2Ylm(qKlTeZi-A
z3$p8A&*BtykWTiW=q2+4w6%1FBPEspyE8kQ1|@6kg~rpMY%$gg<~7NKALx@6?D()`
z`Bn8Pl_%^WKJbW$@daCVJF=!9>R8G<!#@Q(kLxJk_^d?bNajqKKMp2tY@HSEfv1st
znsmkP*H2Y<VYU8^)K6~|H~ThK|71v?O{vN^O7mDjZNUm&1b3kw?aKV&tIl4^2BdVY
zwtH5L{WYB~8`&aD`U^wtzffW5S7UF@s0S`%)KJsmg8Tb0g`IuZP&gV{qLeu+=skp4
zmXD8h#aHjEK37(!tQ=Ww!MX2Z8Ph6N@A?f+FUmr^7!MrEO)|@1-<;~<F1}T*AJjfE
zjrwH1hDb_1i}t3UVFJRx#yaU643NcTmTGsUQfGe#n5Ata3rb)vkVq%rImFC83739C
z+uysV;?~-|*;U%-8Yx7l9jy~06r*d1fGV&oD0nInC%90-ze8wBggOzegbX9}O(wdf
z>(yXL&W;T)rFh)@qjPLNS>M$2bPHiHZQ=c+$fy&<aPL5r(Zys0!tCvGdP&BabkE`1
zmWl>DCY8jPPJPPl^w-n<MHiBja8T72`P6gAL`F3YfPana=MYf?4yd_&f-iO(6`Pis
zOMEVm$#pFgPpr%rxmS}-sHKB|l8G|Y4}SNS^LO~Yb`lxq5+|KZMj79}kLBTrZ6Y(u
zSxe!>nOS^c=2gO?@}`q79qh^fGguI>g>*&fqN>)SL8?-*GJ~MCcvP)I<NCakosk+O
z(h5xyNlz9{1!sP}Q{~hzW86cE3e5`nMXicfj?EE}Ej6_Y7@J45iAwQ1d{~2Fv3L@3
z(#Z}{3Fdek0|F<I9J%{{@<bwoYL(l`3wTS~4Su%ZDe<Ll2WbXzY4DH1<<}(5sI>kC
zF<4J<QC08fWq`_^N^`ZEcQ#<*;GJAa|9h;nI{Ck5-<23To_#Nl_X1Ev&!R;U&%UCn
zu^ILiBsz`FZ%UpwTX2J-V+W}gkI2>EgL15jrB~F9^umpJS(+O$POAbFua0xhv1okN
zkayGziJLOjje`i4?DGa9X#*PoGRy_Av9S$V2$Y$S36%BE&Pmy}!p7C{{N>Hu7WUx1
zwi>#zDhsH^+LTdO*r-2K;}%AnA?I6MHS(Lt&887ecF7(ot|oC&`kA8g<r_=(DynW>
zoVY!h`PISIBfp~KY@N6~KTm1>$erCFBCPab2E)O)tCCrD*Gpn*A={~{&cs%o2(_B9
z+LBd;NO6+{ChRCPdL_(6-9Gx~ak_hFxlQ{#uov0Y%*?4CoimEIz27-KtCr0EfWgXs
zvwzm#l6EzzW*Z6;4|OcD9{%-nH}MMO=<XF51MiTw`n-JXkAv(oAN6ouu*?=oOOR&C
z-su;sHuS@@cof_$b2dVY^Eaj8{;jB7NV8_F?Mv$Rq9-}I6Vx{66jpuCJ!}X18LH-H
z^wrx{N-imoJ*4#rm0e0<kkIneooZ?}x@A@e#3TM_P$m5$xy!ZiYphHB9ffkyVYG;R
zaHf+_!9458uBY^LWV#c0%2rAL=604ST9_FjjNMTPdDMt*2Q}PYdFlu(@4rTQjv`OB
z!i8tgIQ7g^jyvb9qN-K}E628(ar((KlyqSS$AXO@)i1c~64`Ec6|KxrJ5ejq_ik%?
zxXp&45~8W1V9_GR=JhKw@1Z=SB@Q(>%{W8iG^`IlIJ&ba>gYU)4OhMy!ZD1SlFKme
zCOT-nckah;gOOkxzm*eS8WvR@ltYR7i+WKf3yX%qJjc#`T!?HhRh6n+Ke<(%CP26)
z76K_;q9Hf5J_UMD>(41qYbnM0-KuN6H=xWlJf>7`$R!7=&mVK%o$i*QOTQJ_eR0J`
zEhV{|jd^;Tpuu(h>W&O{+~7ww9g4+e4mBGjsv8yuOZIdu$jjBh>f;sJi|Ezjne4q;
zCVNuk8;Au_qj*=shGTOYrYc<>-2JuBy2Ut(Q$4J>YEU$?(ST~<S#DdriIs*GVm+-#
zZCCovMmYE-4kpVM?wBIKCZ*Lv#kQjA3mc4@mhUedP7er|O<>cC9WLLR@oT|IqajtX
zaH>8<gQ}J?enOeN$+P1DzFHp}<f~P5QooKsbicQ+YLf2{AZpe7403|PJ82;r+T2Jg
z5o9(!8QqEoRUOzAECkG#ibeUV!J2g_LMU98!co-fYf6)9N$Q4zo98C$!Ju_>ZM{+3
z))!bRf(<LVneq}lge@v2ewVwGWaXxv4a!ZOn9EIlTW}_QLk3JT1*U4YIa_+sWifG8
zPG*llr<SWc8HSGd>QMw1l^TPViR-FiBWG^jJnuIXk$CEP6;I<~<*^>WYRL`@!n9jG
zKGC6g8fPbttd&#qRZ3zgNs@w(?0aD%%xa5m22$GU0w;*WwBkv8`DgAaG50jw;I+LD
z({XF}wg^hF_n{2Ga&ZKa8-CkeBTCE+xZcMQsUrOz`KzcA`_9c<$QN6)mXGaVc@es`
zgJlH)aBMYRd`lG@8gmtmpWOX%N7`tR!eJu8IX+6p&LymSeb^E?O*P<%+-<xYN&mGN
zNnb^rbaGgsm-L<tP1PSnqdtLc)c5IVVo-lJPKVm*R)06=&C*v}C%(7oC~vY*4mbPB
zOggkm>TT8$0teyOFQz6rBWiPx)!9=ZNoz5QOTHxvx;;T(?N<uFxW%m$E?29p>2UI;
zwo>>{`C>0mB5pv3X8lJOCN%kmYVSie@B6>=tnghk+)AM;FRHlqqR1APhI-jg0p)_h
zh{-HMOQ(rJ>I(HDk}*dQA@SIfdkD$t>yn-lx(lCUmwTe(U1r5(EKC=B)h=Xfsu`O!
zsv%BIyun-Gg48@<daf>~e!h?Cm4dYGUXoVJ47!emIJ5I6M2`H(A<;9Cif0Z<V8$q<
za)s$k%3Jk57e8<%FuOQpAKr_2vB??xu;i$W4N&nIB5f~%fux*W2Nib_U~8EVjbUp;
zO}}$L=#w>uci_rDW$%55k$3mZ8h2vLhf>W}rPp(8s4y=lluaGYH?v+!Higx>7<<9{
zL-oR3>F$jP$t8xUcvaLe%L2K~ES-Zv84e(G%=6r$^5>h^XS$MC?J}8~fu5N!H4+ka
zU84NiJd;}Tb#8Ey%X(~4%~)O!)P3%^V)xpPoWJ4-ODL}9KZ~nANG%C-%YW{lxK!G2
za4qv=r|1>E6Sui6)$HZ;2lJcNEl4b=E#KHm2i7_yD*xUC8Z&5%BDDEJdkARf_p7U%
z-?wh|{Jij7$~3=MI8&b;!!z{B2~XCiV|c7SeZnL4X&+9|r)5~APycX#eYOcl=+ibF
zqE8Ro>pj1FxRZR%!yWWVgnFT6ev7b^KCQ!c`s@(4(5F-Q8x+kS5dNS~7dsv`KRf(P
zzGS#wpAO+$`m_pP(Wi6xoIdTs<@&S<pVnvlaDhI#;lK3h8s4MN&f!1w**3gUpKjsR
z`t%Ox>a$%~sn1T~h5Gai&*2lB-yUC6l9wLOXo){3<?+lP>+R7qe+b*>)jb%beWv#v
z1$ixe2WQi1>Q<|5tHtT(*43l}kJv@>%P5kTj81+{n$83q(@cu~bpo`1q&faM6?t#s
z%{04OJZeBn!_S(q>u0fK2#gk%q$#9QWyHA$P<HzRx%&5iQHI(yw&e#<?11qf_IFFB
zk3p{;vq5y~uX3@SVLR`uonh{2+j)vs|D^3ZqtLkY04k-rH#g<WhCk8nj3eh@cOnkd
z1D&QgpbdW-Cpd+HLtIpUqF*rnTpL(uOZ`DoXl~WYSwrf(&D_BjQk#|LG@EGJ!wp6i
zyE12~0y#6$jVkI|u((EV*MZTHH`m9h1e)Vq+TZndjfWPqqM=2;Q$#OT^~jnRjW5=B
z^W%%Y05>0B$Q*FWdSw^!?Gb0vP*f>PfL3g&QvH6Xd!7vX#lwh`PTnxm6WkAi)e9>*
zlYVSA)<#P_#&>0a19qEZv#|!8bJJ)8p-fe0M%RMurS$D?tnnDG_%L7#V-4|MKgJph
zKJo_tEBlG}@v(+t#l{*7x3zW771@V2%B1PB#z05ZDBkw4u}1HPsTgaFh_YVCWWeTQ
zjp7sCSVQuu!Uh!I3^oli%szC&D1H$_i*p-`aPZC(k*y8dXaQ-L87M3!e)vrs@!RM^
ztpRoj?nI9f3J4gXWJW()*Li1e(aC@SnBwNE7V(QR`DGW#@A7Cgf}!1u7OU}E=a_5T
z!>nCNAgo=f>Sf(X7Gwa)9u#f~No<spMg{oY2P6OBh3lPus3%Nuk(b%>E?P{uR8SKx
zpSgP$6dpBR>!BC>rZ*_vXlU>2wP^b~&8;M#X3^1YT`B`vu<LOgNalVhN^FgWjZNB1
ztsGq}g$Dh2_54Z6TODH$x7w;EE;CZPVx)FL<>N^wKN@Z;M+ui$5rSY3_T7PB<|U%<
zH%`eHJb0`QVzOd|N3B$WS`8PjC$&E=qJ;@MjlrbugIRy-#-7hsiOS`9u(LXQegOqF
zd-ZeGe|7e8`7VI{1tYI^_G%Yto0<-fo^ST*CN<^F?bQk2ZqZ&{e!%~pz53%Rzh|$G
zgcXt*$)#}tZHyCpRXi2rtRLj7pJ`M!3zNi)Fe{|uDpJFLjC{2XRhL9bx9Q(D!u3Nt
z*gRac{ctHJL|S7do5eYVvtr5NJ(=ODyv(ApZ>T_n81bF0tECng;hvPE6A`9l%YSW?
zsF(nh?DM<xSfLRu;gTTGR@fTAL2k%VSg>edM=1sE7ocpS)a0eB%1s;v1m{lf7R4$5
zwRNIWi&#&p^pYcC$&^w8<upfj&3=-IU$YaH<wVz&6M9h+5t1E98CoPRX19Z6r!Rf3
zgbCTny3)zcTD8rZ4u3h<WM`>-o6Am@4O^6*>&N`>$<7le|DNoq8AY-a8|Z}BTB&J5
z6*oB-jFGt~#?(@JPX7H9FH2TG;cK0^)Yw$h;oF;J7`L2l*1t|he`P5e?5a#$e1LGu
z6w|@i`i=av+@sFj!iS{A)$?ngu1$)obEwI#J(&&Qh^<>$&$j;7)x_CXxSBW!<--2l
zuV+zc_UG;+FMYc7F8=@}Yrax7Tw{|B0_77f6OsDsQ>bcSC`OP#lQOC5r@W?k*t7^n
zyy>|0QyR-gZnBX4D=devWq~^y_>*1kNxxS!1x?qCS98`F4!KWP1|q_=q@tQ*a|)`*
z`pNtrjVANkYBE3ZQ2UbhO3#`?s}nb+85xbW`TW~=(3bQI^SR%h?T3uHG@<`Gfs53}
zHzbzq)p$N%DE2zZFMCIvh$bV{u5El+Fa+*130+xxVHfe?Ry9I?*b3o1Ql*oRkzd2j
z+lr$qR`1Vt(;v}2CMjLT%h)zAF#w5pabLG%+v%+AOV#w8M4VLPBx2+~1l5ds_iQH-
z{p5v~K^dx(=Y6q7i8y%wrX@l$`TtN7x}NZRk}$q$Nss~*mm0LK8C(bWY{_25HQKE_
z#qU`Dtig_Do_ooG?F<#t$<}hz^t<-L9@^VxmG+M9fN&c)gDV&lD<4T%ea9?c@cqGb
z%nZ&qsJh+rkO9tg^4}mp6-(m%`$$zTB=+>pIWFW@lKMC&D_hV_p<c7t_JQ+yTv;VO
z<XkJu!eye+bn+lYS1!!PY390<Vzt3z@7xUX(C%?)ZUpV@p;#>SX@^D7?<KSuLbg{X
z_J(zo$%H84b3|0@n?``_=c8rs%rZ~9WN1<OitcsWu-<{AKWB+c`eJ4VMdcT6utPU3
z7`hU$v8a4s^S_0^?lt8*-SBr*zQW9V;p9X3Br&GM=+XVFnL^L8_`E_j!qam-0iq{m
zLo7T{&_<+GfWUm+i^{)lHY1_DOE!oKW&W8mztxag=0cNBe!3UjV4Lpc_Z+Qr<gN{y
zYW^z$4MZ<-afRYYt)C~ymd<DC{USEP&lP6vnlHx@7Lmdv^6)(rjLu+d@IV>j*rzag
zK9t*|me~epS(EmwRwx~-uXJpK)hztMhT9vAI~QPP)Q>ws3QH~12?L#l^9d0cgI1v<
z7Sq{N{uR5c{PaYv+5F}oCsNi@A<9~@A{CF<NDw@DW>RyN!#($tPF@Jvps9R~92&g!
zRJkV_*B%M~Q5VJ7qnT6u6HliCOED8N&A;QciVRG?Cjc-k93L;g4ql6oBM1yj<wJCA
z8aEPInSk#7Cn2PoyDNaFI3aZKI>~Sj0rU*vrDt*$`)L&<Is(k$wX5JxaaEm3Bp@U&
zQTfEP%w;{xpLFuOLEKZJBxn$}GVf$_sJJbxuA4FVB2c)E`{LykhRdeoNfp&$#6<9*
zk?wGVE8n9qWmom~c%Fu<JqT?tF;!d8x}>TAZAS^z0qE)ilU>z7I=RbW_mEdRzT>NY
z&`Q1%hFvO<HF#tqq{0(h4E&ISXsq%EB=b~S@bC}YQrK4#6)7Uvrm{D<+b*$ysmXzf
ziWdm93#OhIH2q?tVwmj1^pa4glLoI7I}84V#k3_OXn$^Wveq(Oj!bLG7(owE#w{k!
zjuQX&Q&WlSW^6I#b4s8_y0qz(!?u|6$|&WWCQ}xbU(_aggzR6|O5y2UIHD0+IDvF<
zkc&?eun1#Zx?HzHO!K;Z9{zN425GcQc}!u|`ttS6DW{mA{ki#!p)|yjK}9u_H8p6H
zgf>6O^msHs=vB+$DEIz23allw6dKMsReP9T2%kJb96*R=h6ZyFX`U6fWSbL@kLvop
zbJ(q2zNyp9{)206MygA*@}+Cae`$Np<O6F)F0Oi|xMt+Jy0K>Xiqa3m?;+SOxZqVk
zViylzQBpTHv7k${;;N0QpFT^>TUtQsg7RP5jY;gkdS(yi>gG4Ec%`&+Vb$uQbnTd`
zmy4RcIdfHA^Z9zkN3BpcPGkdl8)tQ!Y-=uN;{dj3m`FCKQIp-PRciy=K!)*bS|*D#
zL>p_VTnemTW+%5dNKK0|cs8TUH@cw3QD`uR@(NUQk<o1nAAIflpO<D!Xa5u~;Tx?%
z2DhaDlMWw6Sq96P_zv&KHNRh&K9;H8zTrlF^1^TQ=@ovi&yL|o`s9S~=+iNLU7tST
zi~6(=SL)L;tktJ~__#i8!-w_RCcIyt?%^H!^ayX!r+IjtK8f%OeOiQb^l2T=)~8c=
zu0A`2GxZq|o}o{6c(OjN!ejO65FV*dmvDkU$*@SDHsSvIv<pY*(>WZX&-UR!eR9K{
z^ywPzpwG5pcYSsaJL%IcY^P7}u!TO`g})ucXQ%K7eR_sp@j*kFruizE_BE_3qieA3
zcZ>3=qF~}C7<mR^vbLyEhP*62P_ehlOMR$IOwkUe1Ot@3fT)S~iS}CGVEa^3$p;d~
zkms$oJGz%Pi+QK<j8;U}ZXJfQ*Q4>Qce_uxVxpy46#4C|JWVpQYp-!9H*BUGupK>-
zBs%a1<58G+7dr2ad;Qmv7#DZz!W&3r@*JU%U?RA-Gbk81q>a08Cg^);r>yWmcAcb?
z(|5t-><&-Fn{=|rt`uv@N4cr;=bCHGFEtZx<WKPT@ig{sq)An43ISSGLXC-{siRRx
zcjFErMBE)RjiwAVQ=s;zmgCHZ2cnsS!=!D{Oy^lyh-0k}3=B^aN5%%MHQAGfZq5-k
zNww3cZ3>IELx_uW#NyQ?`w2w@j`Z3q;z*}M;K*?8cl2{3qQrD8e*5A#+|}8)M25|c
z%AY(NDV^6BV)+w2QaTYyUg_+FH7&4LI(Iiwu*fuu7tAyo$>Ifb$|qT|S;6+-Gb-4y
z2^4G!I}vRQUU2FdMEDTA!EtgOU;wCnFWBK%q<$a#1y8don-$*7;!wfU)Jax&r8zsv
zd5JmMGL;pchf~~IFOh|?eCjQ;U4lLOl58C%sI@PXsrn9Z8|dx!J;fj37EH9s!PrzY
z>iw&Fy3_yMxXJ=za83Z7e;)+J+Z~7mUW>~$bsSm2slPz=Y@E!zj`x$QIml&@^DL?z
z>ZVbG`r(&+!J|Dpnl{cCs3={WmtR^io?}2M8A1DKL5$0gT*GO&9x7Q=bJ7p(&D(-O
z_(p5?K)z7=F^IOwV_ueo!W-nu@Wdn82(D(rr@%I*X=|@)lH@_nUD_8|k@pMq(uM6T
zesJxFHlk@Qt)JQfC5WU;M=|h9fdI|LCj-z47dzk-8~QZkuOF*(d2*tvzEqp0mCcN|
z4-==F>;bGt*2`-4RYU&kR;KnG7ee2<PEpbZt?TJMA|d?uc!Y4>?hR`0UmK~pm6@;<
zv<5dR?B9gh4$|-n!XDQ|by&%tf~Pyn+42{}u6$(<JA_B>LQAU2e)Op=5M7hK<5bNK
zxJIMBH0*NGEE3x%<|&aUH#kf^?+E3q!7?aMnAbC_uBW|~jBlcR+dK~A1-twm&3P2+
zhC0lz;LT5v&omnqR9A*vwIf+)p+QErWZUcxthMP`nLE5z_G2lZ3RLxK+vOd6ZSh8N
z-83r>Ar&%H80OF39*teEG(F7qI@xcZ(cGeHj|8ONKX412X{0oxzN(38oh1|vs`b->
zQMJBvAl2HEqCZY{S)tDBx$625m)&euT=i+N;zyYK-fmRy<O68HugP_&T&r<KO#SBa
zo>?L7Aw8zz$I^~8*!HCyU3ouvYZZ%cHKRrxNj=tdIPoz%X_B`{G+pDmwy|U#Jlu>*
zI2U|={BfxAJPki-(??j^on6}C>Bec#R@!}u%X~p!zrEs)NY_8qKgMj=)@YG5V7PnC
z8(Lq9^nCW^yKEh^Ewz_PwOGlFZ$n25MFVF4Ww(ggXN`l|f8A9%C+}|tRaGlB(wg)i
zN?NAiM!mKM2UEPb@i_4$ik9i+_reqI$N{6^*)dc^0m-ep=m%{1eBJiohqN*ZD$>;C
z=it_No(hlsv$JE&1Q_wo09SG=8OhY~xe{gn!=~q)!JXL&;CjB~qe@0;mCRWv)w@Qe
zon1s}@7=}LHr!IAEzxBm?zS4}_WrQqVxn7}-PVzlsJPD>Y5i*DnvUWaetpGtHJF<0
z!PU+j({Ntks0CPCtI59V)aDl3<^pQ6M>kQxsE@9Ndi{jOkduk^^e{pN^?h{iW`+IR
zE>U5xNm1CR28h3AfL`+*b@~AQs8WK96>=jX8dazVP(LCb+rk5S{)tuOW0ONWY^N!Q
zpMv9Vmu7!IX#IIID?H98ZKEUv&N!XDk9<E50qzfQyt*@|jHuiv(M_AF7^~fy>{GhM
zrj2W|*KDPVvD8gV{VkiRnDPM;YyNTotocWOl@0CbI{ry;JDC109GL?kXf+xUz7Q8}
zeb=FC>&ZGcJ})99D;O@T=6I#A$?mXYA2*Z21Px7R@GHTt()&93N|{&Y#mX!@Ato*5
zzqB;3la}l|Krg73$;<oJii2wx$=O2DK=!ZbAC<XsEM<OB=YX7zQTYv2-eUec>``;o
z)CNjt@UMcC1;3zac&h5fV2t3$Y#H89@KH^`kr1WN7JNJ4!A%9QdRw`!l&ftMX@YYE
z`I;j*viAd{(oq{6BgpGbK}HMmWK)m<g8TzWu!CHG#kCmmcNSuB`UWT~Cye@QjZTxy
zN+DJI3bGbL1xf53<Fj*)t+xm=3dz|7$&-AgD6UgTzw8uM%7#KJr8`-Tuli5@$mW3t
zBO9ogy<<#@BAIuVZT8a-I9tn1wVLdMwz9v7dYvXZ=U$uj7eyI@_Y=XV^kWdb9sH8G
z&fy#0kW0w+@sLXiky;Ux*jUIpI5bFjZ+EYL7D=*$W?#eU9$-r+_hsutb$3mZ_mZA@
z^TXD%qP6V-dDc$wVEJG=M&BJ3EY|MOu;mX}1Z{9FDkGcV;jciqI*%+YETt^|rmzJH
zQ&la}a3i=(VYg-C^;g*03cEZLmaDK66n1VVOh|)+6gHJG?n~_@l5NreEn+h<<e{6W
zD)ZU1qj^!4-cO~e`qRmswZjAJOYE;7K*$#i*}J}cb^+{@W|@9SI#W|z;+i|PNEcnF
z5@+%%!x_8?z>XWIKt~Nc-0YEkwl`a*tdA7IHLeq+AI=Isl@a{Uz8+UP`662b8ZGom
zJJpQ(c%mWN-61-7Geoxt(a9j<9%A9>UZ^Ya_kkA$PpeX`visu=F=3gG$|%@;k&*b4
z)H_FHxH{QJfFHjA&@lqgEjvYM{j)kgE31SRhZ`?J>+FM!*0+DQLZ8PcW5Depq~H7m
z(#Lo7g?3V51H3uP?bap$X9;j=LqM)j9U;J(09Zh<LV4-L`YA&&g6qamdsM6)lgaFu
zF~PlQ8~Qdt3){Lne-h#FgGvPj?f31*$kA;@j;8I@1`hkHTP%^;9nIr@)<bJt7?Lf$
zq<!1fNt(9(c}de2t90^dA9Fq7CX>6-_9T;Q3Ggx3;7TX2CT6OddP*nfm@{*7)bIP5
zr2?Kj&=s&2Prc;I7o58nATUp-o;+rCb=(gRy1}(|+dIy$0vdFzgO5A)k;eOB@Uyy{
zV~VthT89*%8jM|NDSx%yuN@7pMvXhvYP+PD)plv$SZ$k#w~%@MTrMI~l(_Jj@P#iK
z($$Q5Zh}%J|M>%*w?#W&R?i(oi^;>R&k38C2^%I#Pg2<VnXm~8o1n01goPzwXB{tB
zjd7Wp<%^jXX=SMyb<-h6?wvi2+^L(9JMjl_^#)fuS<tO<WAr$VbU6OuaQtC2967?V
zmW=_(i>6!Vhxk|F*9}(lpxE1f*DHL!#rsV5{T%sk#h*?-({&4ZuQSGVc=uzYf72(8
z*?rCT;Ft`K_yh)=4$8Q6wkCTFbDWVKspEtyk+t_=-6V!aeK$||FPCteEhfB82|uTs
zNhcFqqPm}>dS^%Vl+CDqPqlv+IO0^>p@QTdF8{f0wnX@j%Kx-RX({oK7g>o9+hW4-
zND>Yvp_;BlT<tz99D<8In(V${se`fq6dK{Qbh0j~R$~Ef6Q`eB=Kj-qh*+!PMJ9%|
zuCn4TTqk0!$^jV91qX5~F_%XwHXFYl?aeY7$Du_*$uU~ld!9C&PCmLVx&COg3B`%R
zPl-~iC{n2J5P=g3c&xc53g1wttWL{i!g#!DNl@r7KPEUgQF$-f_(Cu*5)SWOPicUD
z3XYh-O_N%HWiBO(=&%h=2XBqQ%4mj#kxuT^#RkvO2?Org78%a$fG@(uy$(d84&h~Z
z9EvfcP-;eXbv;D)4^4=deAHNoUy>F2S4fD`I1!yB0?HJOohQlFk8<>(9LyLzWOy7)
zqaG)icm$PPOqvFj9MKxqs?@cGU9!Ud#Bn{JjF{lJPavTSVdzWhps+eOQ&@Er83YqS
zu&`A;WG{ti)-)5R4<X{ZH_JNX-O8@?ODLygi4TlXv-m^>b6WE*8O3Mz5|vkXZb)Sp
zD5%R`C@w`gtGko<tRN^7HufAgN9Zr)&sNfOl%wgq^+wZgd>Yc!Sv0-P(VlcN-Kil>
zGM(bYOh<%0G4pY<*8U3ghWFv*{7a+6G7>2e%*)^?Siv1wlw<>8BtDPCb>rzT8>LJ(
zNWxq#NdlK-C`p({N+<JRUn6w88H_y`ZGee)o0Hp@C|YC^B%NGOzD@I3Z$*ba`Lhr{
z$H;F$%e{cYv$S0_E>GI^5F@xkk;W+!8~2;WRB~cCKoJ^pDu$(G|F8`a(#hj;8q^Pa
zB^Ktyuxk0TvV`W)kcLVfZ)wP@%GU^Ll0}v8dPrlzb6XG;noiyg9Wr&awPQ*;S%w!{
ztkfz*W*+q-04Al<a%OUB7KZzfF!wX+cz=fsl|2j>bBu|~c{EwztH6~`?nr2OAt97M
zq4E#nRTK_Nz1Tcl3))7yW&U570j}xLp}D#rH-8n0dob-_bjt?nVJllspVfw|s*|;x
zKlX^V9JP#Kt=YfeV{n;=^3)LbFow7(#f;3chC|$e2csYWIUC$RIoDlMS(EHz8N^lv
z(d0pw?tYXjPwTx=sC$qhi}Dy{dmkWeW9giF`Ah~$V(SZd#j{qxdvdIR-*k@^P)alS
zNoM9^*~Zn`qtU9?)%=KnIsHCsDCFD<II@$1u7jBfxSWuM7$zBM4{Ol{){=N(s5bnl
zwS?iU?6y;wS7wdIJln{_x{!Gi@;v1|o#pwL_ax=H&3n4bbFKIEl4p+hY%kAw-qS~(
zGrcEIp5wh|XL%-i&o1&D;5`H7`GfZil4qdz>?KdG_v|gtw%#*b9(FBQ5k|`MGm1ea
z-A|q`yk~!T-uIp{^1R|bDS4jpo&)8PW)Xse<hkE_4w2_?-ZN1iz5b|ZN6J&-J%5zv
z9Pc?sp3}T%iaf`7&x!I(@SdsijP{;W<=NYN&X8w-_nak9Z||8QPr`dj<!SCcv*h`~
zhMi|+pC?b?Jr~NO7tuuZY<XVvo(g%Ec+aKsJmNi<$#b{&)W~zA_so-rZR>{ZYI(}M
z=Q??2de05=O!c0d<vGfG{w`0k_uMAWe%^DZJbQZ2J@WMPp8MtL?mhpMr@i+)B+n)k
zoeKAeJl}ZFWAc3LJx|EvPT`%E{j@x*J)~Bir@d#HJoCM0g*>-=&$IGe=RMEMQ)Qm7
zYs0d5{F(9iQ{(ZE@}8HJxY&DMk!L^ed0n18y=SdF{k&(LJeqV>Dc_T)z4v?|&n7wo
zK|Yq}8}Io{o{zofb9vtMo-gHD?L8ahdD?rvlV`s7{3y@u-t)6O*Llxx@>F?GTAuU0
zr}^=C&hnmYc~0=2Hu4<qJ?-U5c~3`qMtDyrd3N`nF7n7gRN=bG)5Uvw%F`OpLex26
zG~Lfw4{m&H<K9W@P^Z(;g|V<gg-s?bot(|chkFP!lXJ2N!&5$pCg;@C2T4UAC=_LQ
z7ik3}Xr{0p4bgu2HeuO>X-Y(<x9yhgpua`w=Mxooe!;-IdhAA<g9x=*HaNFGuRpTJ
zq<-D4;m*>OOHKASf7@brc5G^k-PzF9N~RGGxd$~LKu;+}2)^5eF5+}tTiFSJG{Q{k
zk)K%~_3o#!KFVgN4wK>E3w)mFW$lgVky|GEUUi#I_rXJxaiZ6*2X!qwE>cU@=cdY6
zvFnEUG^AYXN%mDIFB_yL`-}f{Fr<D0c@#GdHfaK24&+Kc_z8=p_O!^7ktrZBqoj61
z5%F)lNEs?pYLZKAI6i9Fe!cx%%my)6=k;v`3N2(i-al{UOd#X`b{BPag9cld*c805
zmL#9p`dji!M)`{<6^8Z7AWyiS2M~-KKt(N86mP0&PsO!L_aK3ON~BW$TNJ&QqF;?m
z4P*Ob_3FeMZq$dR@;bC)m0i@vDlx#`h>S94xLp1bXpSIp##+RYIj`$3JTd#x=4q?5
z7qoNMR)ft+woX`+J%i0qV!bB(sF+tfZe2}S>LzO<d8<(Pns93m7j}%+9!hq@2D+Ky
zBMUOzkC&}cNz8O-BlGucDK7dhYQ<&nIXL)DihBx)*e~9)fk|7JqXw(V4WZi^bj4L0
z>_tw5Lxo4$s9v{g3u+%A2;=N7&Gu|zv(~r$8f@0u6>Ii?CYi~NR(~-=H8`_F#E+A9
zg&%X7jE<Hq#5h^~LC=4Qj+<S>sm}gR^E?@n)u<?rn}*MRNo^Rf7OSbk`H8I~*-|%M
zg%=1#gDQM-n~3Cxc7f!#uxiC(wF7?e^w6dVv{mGq?2c@A5`livap!HejzCM@G=bl@
zZ%km%41qZ!a2Nzy<NY+qc^&cTZ+@GH%#y!5{@}WPG{TMs(K2fA>1#kXAv2oUM6h(=
zBzReYp#llfG<T!E;k#h7zTuy|8(PQ3`|q*2q2YRmQ-Ae}%-7(%8=X4zHTci1U{Gel
zx`7%@mMdw4nrqg+jSHa&LCd-D=1(-Q;Kn@4-dSPu<dPz`&TLG@$Lw0k-09l)F59(I
zIm9&5gV&fwI`bxF65qA*+j}r+IVxmKMLM4R<2x<+SeN`vmwb=Sl0U8Fl_VFB*C0@h
zc>MThoALOUT-X2F-nD_Rl75Ud7|Qon(o6YvSD^Hivma&=9JEwe?@X9xWr7W_5Y~pU
z;F7*@ViSRyP0K~L!*@Q6G?7JpMp56z862&sugZ0ZT+hmNfLzLKvHGL}dqy_w!U!j7
z+|}%3Vf>%9BjX946}Iu=u}BoX)Uqf0U|>t$nhDEaz~XF+no(`{GTsm7h%!^$-`>!e
z_hs)wREh-j9PjRFakE|A6`RGKsJOjF?2S8;O=rsn7Je0c{xXo}f|Louy}hhY%Jmg4
z+l$2hC&hUWzZFnBq8?Gm^HGc+gFEEcP*fWb+nSQUH{C}o&AeD2UY@be28r?KDDo9V
zPCQo2Lr7hs#c1{HY6+TUWb>bTWcL4$T0G3kcGP{24}3B*xU103dIxm*pd;?MeH1tO
zpLWp#%&%_&><e%qf}Rx?%G6XXEut6A3cg$eG#e=AMK<-(bm&5vlhRpp6#WdMZlwX%
z!%;cnd84w+i;by#Mds&?4EfT@#s6_xVU1<7()!c175JINTSYiWsXrD4pYvxcDfp|E
zy~E?r83p&f(3pY=qM*A`Fv?RPH69h#pF?7rUK59P#Mq3c(usA)IPPh_FZkC>AY4g>
zrITO$W<}Ce8~zMVn`+yQTs-p9+c(4MX2F=&`U^QmlhKMb-MFD0U|c#RoU|fV4G$$+
zc%A$;$*DD5RNX^XLIJsYo2`ea8jPO^H4DXrQEzs_2JA1Azfj~Z0E4S`K*rm-Xn%XV
zkDse47W{h%4rU1cIWF63vng2mB9OQ7`yKgCLU=dsS1Wlv<qjaOO37;riDVjc&uy-<
zeUY}isye%?Ho;{&chN#B*HvU6`mWnf?=9t-Z7GSMNTk|{Y#+(7+_`ed{kxWOGG8bf
zbP?~hj5_z%cBFs!4K<{D5-MMydg<EFL19T(*+Fa}mxdM*cCSWF_72~=-b>5DL~lcb
z_s4HPIRs~-F#Bnk1OJcJ;DiI&cgYLEYbdG_U(?~$L4Y`Qy;h|Mw4N^$W28#XT0m?L
zQg85}jXss_8Agna4SXXu{9itpbc&~-)@QRSqQH)<9WPcuUm&R8`D}M9WFMvCiaVc)
zT=wswKz#8(oq&_#FZzXVO^4(DKpCq?-6LP@y(Gth<jZ@A15Lh{blsz*z>00m0TJ{+
zeTQqhWjl8Z?{J;4rDC%Q-iqtwRO8}A<s;u}mK;M@R>c#2yD{}hNHC~3E$ALfX)RYh
zd<rJY-a7j^+S27fG&~~wR!|1VEATIhE}Q=JpZi2gBT=#PR|W?s^Cx(x7dR&pDR@P$
zak!j9%E~2dd!f)ff#8)T&{6)K@FRn-c7V+_$@Y&#`|3WBNzfKxaH&wGMZ*Ph{eVld
zWrBsfer0jScEZu&rIo7IhAVPzIWc(Z56qoEqC|}sMmu+4HBQGZwrcD~V>1&`S_GYg
zb-({xP9M0_H`#qf!&c~nX#B02bQLN#a^A4Q6+`6=wxv%_wC99cQFTdPo1*H8oFHIZ
z$Wu2kN@JJha=zgd8e37-aur>~1^;3Z)~$r{SnXF#h1a#JYgyO4PLYbL&jHJkhU6TN
z<RT$CpCz=-vN_zxI7Tssp-v1#DHsk1Lpm7h;iCj!Zg8$Y^klR-oJwoSBo2w7Ic#fW
z#tLHc7kqO)Me$~0@V$9h0hjoxs}C+7-vP1tIyh}0`$-=~{DbL?7d%TMN`4CNS3(%_
zZ@%GiE+<i<SB`^&W}!vL5f}{dX^l!7*UgyOH7h)pE}z0@$mnnqfhlFyqCT^T|H@`0
z*@&t_qxUJ>W|5+XrUkDQi{77tCw7D073#5S8L%`_g+Kq*QQQm^<EwrP2hd94RQMvL
z=3AG;AC<tw;J1I}Fr*HKw(gh}&TuScj%DmWFe%9Et6gc^Z?o>m+2-(MR>yV5IsJS|
zr|~rx+C9<7lx)%&&$`c5LZ>JgO^LmIAvbJGlAwo?sg%_bTR#gXLZm8sGT(3_43QA6
z2uCnm<H-}YVAMr0cscT_K(e@=K*x^04835OEZT(!l2r!{3K~&&+*w`WfTzy-Fe+c2
zS5T=W$9Bhc9$F#MUgevGSJ^NYA7o}g!|R8_yI4TlOpxbZ=a_vB-{PuY!@8!V{S+VR
zEWWA{4sJ!Iv`RPyLpto{T0y2}4ppEgQK2c^#(n?YEPRB{QX#WgYLjF|6}hYwPAyj1
z?q%#^Vv&K}EtsZ<gBlMrW}4vvM`UpXGsnS^r>F>!*H;ws&q9*PzrJcs>K92Q8z<OT
ziCmqT;9G}KbwMXs!AZsNGO`qB*EyPv9_97sjm)~;g%#eo!aB}~iIZ5PoMia~uN9Hg
zGPSwYUUAi{rC}$dgOlU|x=bD|po00n;HD{EwJaEZO?KkjE>4)(2Xg#hbF#u-$^;VC
zvAA(q)iPjX1XIVNBw9ICoXez``99*li?#L~9QYS9f0PhnDsxkmmz)p7Z=;5S-VwEN
zo*sFP<K=vb_#g3vKT$HFz7Hw(h-`P?KyFbF*&CM?yvoQ$wTi~G<LbAMK?!~Y0w3K3
z>GHG5cNgV*M-)9H1P`ADtfOFa45sY%r)iVE&f)zjIOsZ!;@OBGS?Q!5f_SVUF27c6
z{4w0FjS<RxoK1-9V)UPaZa$e+|J&EOWI8Px{K+TNPCgOp8tf^bP??hvATPk`vw}m<
zgT77TNPt0aMGcp@N=sFH#l1@4dl}Oygk^SwEVvPG*u(1$hyU&az<&pmZJsxVe@5$V
z84fyK=BjQUcTt8jyms81@gdPM+Zl=I7NZp^+0%WxWvyhOM!xK*a@-P6td?_yag^G@
z-Vw!usU|`m6Ibc#2Jr_(8bbdWTy@*3$fEMo;CT5_#@2?7#DmY|wnZ>l|FJ)w`OS1_
zi;V%&8n+njZnUA(SGr)uGxWOA&21`Uj>x>tl>{}GMT~G2Ufb?vg7ax`8ga1;=BY^h
z!rPe^lPm;IhSg?HIfh<pIieC(a#XC~mZ?Ctq2~`qGd$AqW7UIic9c8#;#61rR-UsI
zo9CWcpRw5C`LSx^J>aoalY*4}=SWDnOTGFxdEU2_8afqWq-N-)UYZQPKT0;Ac|p08
zu8=-tp@R1$cj5ViYn<Uu?u*6}pMpDtsk7wlGD{kljD;UV$AgM>W&@aNcJkHW*4m~|
zU}QbEfF_H6QDBH}RmK^qc;b3eywE7cGmnsBlK9p>o`qq%;bveX1^fDWC-__)ZW6M%
zfNEtr<tVFZvKaNJ{d(%1kvI0(764P3p9Z~l&{L!7;NM3(#v97B2W*>F*Vj{JA&=~y
zNfB=EQp_d=&1gz63x}=!tBf$r#Bb)Ubp2Drl%q0KdEpKod$e_2gq*TJnz(T$T}341
z*GZaGM?gyxNvL$KL8y6c8V%=H=QK=s6bZx5^{v<FFKjAshjUOFR}eFJ6vN+CMn+Ow
z2sTr&8zLC(2<tUG$)Tp8rhm`<W7n*@Zo$kbRtCcol&Rv65t4}!m}I7fMw2YOO}*Lh
z2$V^AsnqZ#f^8SU7%qfGu0OHL{V`~+vZsBobYVRYOtoZBMqH0q#_Lx5l7)LAXu<R5
z-K^QYej4#Fr}YH)NAXkC?Q{)_ZrGoUlCIF3_26^KsIFa58l|Fmx1tq-la8Wz>s)h`
zN|-4B4Ybi<oR7M~W;hhtv?Zkq_8=!Q!HRG~5qf#J7m7%#w)-1W)s8|3EiyUkL~1r2
zKXHbs$^HCi&YTE~TI(6;Xq9A&#K!7tm)_mnJ|8crr?E5A>q#oB3yeg_>T<mBn=C(e
zxWlNKoM81K&a+CM|4g-ft;n;LFSBt|AVQb!Lyt2z{rbQ|y|6e5%#uQtUBWlG*#~y_
zfgF_A_|nB3<O7E(aE1ai=)23AB0Q_a4xz{y{N2+z&ElWEDNUS7qNc>CDI-`J&k?w<
z(7`2L+!VY)Tp<+8m_3^c6PTY*R2(C2M6CQ~CQ^AIA@NrF4uPuwRZ;t)8du$ndG?GK
z7*bmUy!uxJV7?@>D2m%~B(W#^n`mLmu1wW<RSgzH#g8Qe6f#fDzV#s*_7tIL6`>H!
z&{q&!o*ZeMbBLHpb(&Ibr&McJibyKf_hhy2b)YQogx}GFQ6_H~wd;w9t#?6^+#8R8
z@XzrF^P=>bT;J<T+#2C7F<8{DGU8*j1y|LVOy#(KZmeWxrmdI{je+vmZL>T+ztWW~
zUrf1$h|1kk%~Ps7mFmY8nUa}O|MXp&?1ezQ6dM@@ihe4A5tZTOm}e2CFrC`22W8sd
zrL{oJ*&n+*VbPm2LD2~?WJDw6Eq5l>UIYfG87)yBoWBXCor!YUlc9m9#+vu-e@1W;
z!N>-&rPD8yao<uy+}x;CDzPOx=x4GHWGA$YVBz=90L#?LxWT-C)GhevnMfid5&6ei
zuHovvwxH!f&NEG1J>^gc{DATY4@RlNSMbIKeJ>J(8&trmC{8BJ&v@(_xt~7KccIeU
zhp{O#Q&S624dK6)xVS-LMcgGGu|^RuAfl5;oto%5in{FPxL1uz4%+%`Of~hsva_2~
z;jW^0!Xro-aXwtts04>_KtTP`2sM%A%N={%uuB|$_!6gdG%+D9(O-k5TSk)k-DW_^
zs0aog&mEFj6tkR7MSFFs)2bet!yC~c`u1|Qg6up&8?g$MI(|V7<`y-A(MCYy1Cv;@
z;Vjg9R0!Sr-{Y{DWpZ;nhs}lx`xV2jMPTz4Wg35+#wiEX3x&0te#avFx=kW@Zdpby
zI95#U8*P$;f(L0^l(9z@Le@$&{@von+t8@fm^_&(Sa}4aPNoE<hng)kJval0$%XPd
zcrHuxl3f-3mB^#KuB}1H_hCzLM7aXjBMCD2mxp^e_J;e|ccpC|gp5%1Mk$2z*o=)I
zZ50hysV+ZVszU0jg?R{pS?`og<DKcjefu=`;{u)Tc(fUoMKM?BPYHLozIJ6;XPK<D
z?S`rk?LpL68xuvu2*=y-?0T{2dYluBfhzT>mbr?t11ZLEc2wJ$@zeL&>59}LU9&3I
zB`SM?Aly-Z)<Luq{24J1bpw|#q}B4N6R730#q&f4^C?#8yfepOtGL-lE|%@C$xXNY
zSEutRwjYFj7OWla%nH+j?XihfC)Rp8GPn<4Z`4kTj;3x@{~|*DHN;teEzZsbSGcbq
zR)R*$#=((4ch0Ko5=>truGh6uN%HDzY7O{J--HPth{*WC=P1yTg~$yCPk@+vjM>XG
z28ryxYrT;-iLVz%qrUc381sY}^J8tSH5*AM9nCFZ&}SSxfV)?1SygdY`?$;Nb{3&G
zyVBE8ue^jgiyG%OsfF6$fsAz&UTNjG)Inv0Bz(ZtR#ElYOuin0+4O#}u-whf)$$GR
ztY?Jr|NhfArJ07>-|LC~AcYK@K~UOlAVQfN(_Xs7HKsCA^5K20Z3cn;P)b2>tx5^R
zxi^PsoMSsNHpsscziLj$5fo{@%Kfkp)K+^1u2Ie1LZE6Rc;q0g_!i(z;hkcb5zOEM
z;B^fKsP`l4BGAcCE7aL2wZxLeUaf?SU4iWku}XCADb&&%j;&z_Ycrb1FuFwSjh(=8
zgi1Il!hu??-^m~JfHWCGZJ}&h&>o+YjxiNqmbP~dI6Q{*6nK>ohT}0etX+p=2}WZ4
zP;brN$nGT7;)+G0R<fi9q?RM0iO=MxgKuZ67JmwU;j6yoGspMvNdJA>)u5Nu1<h<G
zLkxsDCUp<p(>kl}JVL@*E~=hG_eS`gIZln6thPDOvD9XbejVpLHvMxZA|Fn4sSU4)
zKT3G}2F<MuQHBECdN+W<LHM+<3U5v3sG{#6k(k(7Xspvel-QxIL=s~5Wj-Mp@LmEx
z@2U$nXr6f9Yw+&@UxOqvljK)vr?q77Tc!#5r>8k7Ha<K%g&5naf)6&zqKML!9W?c*
zO@iS9S4z9-*cZyWjbFb<8)<zt=oFPJRc#_FW&WQbkn}G>zkAA+n%SV6oyyW2z>mTG
zhtq}-!}9%Ho0uSxpc>RM1luz;X?zte1&jgJYBXYSbL8ocfC*VknUzMvnc#CDIK?9}
znS0#_2E<TIYlgK1YEHYIuRt(~WrC|C3-Tdexm)x8DCOIgYU>T}G5-C92E;9kVmOF`
z)9`9-P*qm3uB5Y0<=YU*>hNY#$|4{aHS2fx>QF!b_6W5EYbDf=zT&brNtknStj~UK
zSLZRwJhp?zieD;kYw!O&z!7N!!6l=qyALFI=R7Ii2h;6i?Tz!%K8KAe&rUuEorep;
zQ7#7^vkZP?bRqPXT>^C?k2Qotvz^B@;hoL8x$7BRv070qMVv)RgDScKdF-_FZV;s^
zQ^CaO>0<Podv=gUP%GY7bIvQDFnVk414rtH@<+9!`n|6RO_&$lZa@kX?&}(S{b)_X
z^6|-Ts?n-sXV^kxtCoH`5G&K$ggb~gM@N~6L}TL5V;#NLd~T)z2x2vT1)gZOw5}~Q
zIYffna#@;_s&!|D)!?n`QrDRXmQ>lCbUST-TakM)UO|xgm)1Bo=^~uqwlc?Qqv6pz
zTvN{%d#?Yx^H^EdVc`m^QTN_aW-{BcAhfHv-5weuV=H3WrKI5utD2M_YBw18FKmw#
zReb5BR1bj#ccBs(V7m})Uka8pk)V2OFgb7$2^H92a^N%{*kE$taLeMyk|w7G=8SPg
zvT1>%$*7EqYHCg(A=H%J<^+}!vAF7^y2-)y3r$?Ebf3%Ir`$eTyp=wyHjBnD%ugHS
z*zWk{GdI1sulE>p2g^e(6&>7NS5fXzCiWE^aagMS3tn|-jZOCh+auc9^;)UK{;N_|
z-?6Oy{s_)iow&`MRI?@N57?W|m09QK<)*67<NxUXtUaD^UC*p1nCfDM07+;nMrv<j
z<S51;6eCJno!_10LzJAEa#Akue{{jI>Gh2w^j8E{RJIsldqvP_dP^AEDgv|Gu?UUI
z@bk4EMS22u?c}_iIfZ%MQ#1`}wyYI}c|EA7Wd5hQS)oZ<6Kq%tiaNw$a|Zoe$QdZ|
z<j3zIZvpbUeVa;uq0-Z$em{NrC%MpgejYD<l;q_Gg=cU?6=S1KVnH!QVGq;c|87?C
zZ0RAz3`%mS=Vqk?5X&A}B|8@UICe<O(q0^%$mJ-7s<h^*URh62Rm!oVwsgA~=*VWh
zGa#nznpZu?$l}^s&-!Ka4lg*e;E0053nm_xn*GH+rpbPg#0*Q-Y`5$h9n*8uxR0aM
zkmR?6Uh8yC)Xi?{j&+V(2^WmnvH5)1?DU&12hfcfcr~=@ZyPjf@!3}TTFF$+cGKg?
zG3x0FzY_i@Sq^WEU*LND6LTBl@7@r98Ii%?HI84k>G2=k1b%_*@jsN?5Pwb_zs$j!
z?Ur91<BXdaGU7MAwK?$u*CS^ad;{jRX^4CZ$SYU&Vt*?8W?|Ih)CiQb`Nr_SI2rt0
z$1n&GIQ3~>Ty;iXZfUo{wK7vR_oMH6zRna|G;i(E|M>X-u=g$SQ54y`6G$K+*g**d
z1Q{i)K~a(wHQ{A~L3>~VC?Ke)@fGn2LIUU_1d?cmaTHxw@rCHRyQsM0V*$~{1QG~{
z3b+c24?w|=0R&MDKA8J`Rn<K`nVygY|M$9=e||7sU5`^$r|Nul>eT7(58u1g^Y)4R
z&ipC=kvB(ha7dgPiOIa@KEo`i`?GQx=5A3-$QmKu#3{p>4DUl3G&@F1@Ze*p7rV8D
z%ToCk&uxh3TRb<2D?Fia6+^xl0jgc%O10}SUMXihvy^Yp`p}#99o`1+O*^Ew+NhNb
z=`PzNvch*R|5n|<Na*eS0vIVn7MkOv=IYfaxe9Kx<{6f9R_8@mwlI?qM6vr}ugdqj
z8750OvonbkbP>VbI{KGs#Sh}Hx(YQ%G7;nPL*+>@t0D_4+s1PEAgUp*Qjw!qa;><>
z`Xp+>MxIwJP4Vh}F4F^jrr`fR@>cR+eK8yN97?t_omYreCa(NrIM)p0TNH2w#tVDq
ze}Hd9rhTOc&g|KxlM8PowZ6~j?f0A*(|o*NJN9~SpwB9=zZd>bUzOk~s*JBWvCj9_
z5h=f4(7{u5H&*9wJ^s6EgCEv>t=1cS%pG4@hzDaa%krP`_y;2KaoWP!L%i4qD^xJ?
zc(lhv3O(?;=$)}qe7aYSIzK@07z$7`B{1+6*k$7SoE%+1%05u!>jZ0Y1+pdR!79CI
z+de(epE#Y66}&V_f5V!@X;u0g=G@lP*6FQQY9)V8rlZ(0wu~RcKCa+ge30Fo)>+~i
z8hn)~m_HDHc0=O}&J&Hlc+)AanqDyWm>Fxj*-9bjak8X*`{d6%p(dgG96)upz@YKL
z%tX<6G4Mzi11J?3293YYhUg+bm*p_4o?dm5D$W?An8{elY_l`a_5HK>Y7&J63FMZA
z1QlZwEd(fNiI?N=gr??M;p_Cl`X@RKnBsYRb?(BA^XJAtR9D#fp8pioXu`<<C1HR4
zH41yB?%Uu^g8)<uc`w&W{^CYcAXlcmYsFIMxKGWB`;sRL$qUK8n2A{3Up=!ke7dPa
zhd^MFm{Zj2B?ydC{3P#$sF$=j1tGkzpm;s@N*IRS_t=meECh=M(muQ;63Lm25oA-b
z%*EoRAKDVUw;H#Zg}*i{=m1nY6u_H`&qItc@-MK2a$}E5I^Jum1iKoulHLxLFga97
z9Gc7b0ke|Q;^e2%+y1Cqn7ac5R<gE!tZnDRsEzwbyab(+ib@~qh37)wZ;l2;g{?&q
zutm}NpMWj#9SM#kz6$|Qez9lldRxa%E^og@60gP#3B=xpuDHB0hBwf^l0i?*w@`m7
z0T$O+0>1Fwm00`&uXe{w0$!QlTM2$pV_4r~30BH4C;Z*xKOYHCQ|1I9DCoRSJV+o%
z(SoW!ltOs%s0xRcuiGjX3<j)+LzP^JXp<*YQA;6IL9aHUYDl2Jn@|-T38b<lkVs_;
zrioPNxQSH%MsfMv?mmz9N}FVS1`IJC=z#*Y$S_aQFWAn@A$|LFO!?y1kOj{bd7&$o
z`~zWt0-oo?(+Sm&;SM9e_&hn?+_)8QO;&Sy?x+xEWR_y)BE29U>qzw(1dq3u?_7F!
z!u#3Z>HqHiY`Zy^?wqr^E_m=>fCpBrEuu2@RnGqzjX{l)_^7fm>E&3tZv}$X@-xC|
z)p{!+$azZL3?T>^#C4_$%;h?>0at1bc&`!Lj6TR=eNLeToaLFrLSJqo@O2yk7!+_6
z(uzAkxT^VSuaJbL_QVz<C2X`XE^U&{;YvVy0o*vhHdcS(ylBk7Q!WZzA=GNXpfP2-
zjOWr|UnQ<$yw%PGwwmu==>t!0fKOi^;9w9UjgRIcpWh2D-j@}xuZh7t0tc|!aOIyQ
zJg{<U{4e7+<2de3<AaGq@sta*B$!!*lU688LNGB!Wl6$^lZ10ZA;^XkN(v@6V=mB4
z;Ww2!iF{?~hLsQBR{CNcvdpUBcH@eyaamVpU6pn9m8&oj1)d^v_2Wni;TE12U<aUf
z?ZcIVS}X3=`);8!h{=c{k4IsuQFECdXnzU*ZwRSd_^7x@H`T51&(@(xn7YM}*T|16
z^+tQ4A9w=;mY*QhExW!YE6cwU`qmUrpi4!LzZV=lZ>@-~Z|OyQ1b$iiR#tFx&8|GH
zTQ;OHxLPmzlcjIz{(ek+j3~xFiZ=;D+@D(Opm60Danu*dwUlezLiWf)F;hd9W^moN
zC>n}E;YzVk%z^@<n1v8Z-+IX%rf=bG`-8py8}KY~0lqzXH=yuW%*(Fsvpc);6QD@t
z#1}~Y_46t`$_AWO(p8XGgEw(nw>2X?zP)A|ou4vsdXj+C6D(^m{(%ifTxJI`4+IWV
z{YIqt2odIuc;>P-r(mYh^*{%J#^-3n6MqCKf{Sj!MPU$S&^T#|6t&DyJcGu8X)-=H
z6wjcsmGPDcN~m})c>$8Bx-Jw~;1;gXQD)4rAu&#;xbPdThKFFdAU<np^XgxDsP*=H
zRc%&XF{nk6=dDSZD+WK7KK(ilrkfNov&GC+TfhGyolU|moZbL_M)Mb_u&ojbTdnT<
zn5!OVpf_#1fZZ{8n;0c@G3S`rMZGUtYHrr#Hc-OuI&uTsxA4^z^jH?(@wgjYf}ud_
zzGM?WP-IR3t>m(<WC51ItioV(t#~gMEATd>#DTXj<%IEeNo@67<n3EOoHFa{IeqjP
z&x$*>ZEK7lmVapS*1n`k)cC)!q~YMf>)T;Gjb~33k1g(Q6THTE@Gz6TY5N7QSHkH%
zoY$8y6|<v?%mOZMkfVSlE=M4z$!jU|mO>neYhGMGuP2+luAT=rV{!_{n`2Quk_xS*
zPnx)FZi6HBN%rE%`ea>PKGHUL6LA^a;72QjDhXUZwJpA5PyDp>$+0$lQV(<y`lKFH
zLsb%-%cnkBA@s=#=#zT|9`{cc``_uw_=4Z&nw<)dD+M0s|6M`xe1ZtOCHB5(#0h8w
zaY+b*x%d6>ZYq@2+U$7Dv*4q}V+$LI$0lT$TIEd;O56T72OFdTs54tzayM*<uu>Nf
z!mU7JC{An***IbqbVnW=XDx{hAMTmhKJe+lY0TP)VJ{T<k7WI5>aZ_ZX%71t$I0c`
zz8<Un#Q*5{vwzn3qcxG^|0gy6T$CjDZ0qt;frsYqqG{{0g=3rtCcK&RU?Bjb&OFdj
zC+0zcm<ML7wBj5@tNAd9t>S#hEXRD{>rEm4HSNXZVHW7JNH%`@k4={~fk7HNxK<hK
zZg*Z#pS{C*L7l_+K-|cwb%9BseaQ*@wo72Z33yBEiVSew_^AZ>>*}^p0k{N<?_Bbc
zN3NJ$gK_w&74z{%Z{SZ!_%!QJ@tt7xx7o`)MQiXqQG9N&H!^wrGx1H)nf7mr&aCwm
zoiDyA`XN8-xd9?l(?#%6u*77fWX%^J)X$oiZ*ykNy%U{TGlB7exZ%_y!q&&E!o#sz
z$uk7~z<~3RELrnKalNd`zt+Z<{4B+iuUmp8?X3N?<Ojd6S`RNm-&du=V_E^@--aZJ
zU4~Zj2wsg*y$C;0y|xs{m6{0o2G4cWel&Frnp@{6fyn?^W`&*OSv=(dW@8VA`z+JQ
zG86j33Shm<*b9xf8VC1aL*h%+B7no3gl~ugDx93Sjdxa)hXWoEsSk_P6-+fA(h^<1
zRsE&iri3IfV)PRvxf?W0T0H7^8~Muwndj_e*jB@TTq3^lT+u&P*nb`&9nrLrr1M+^
zoi-Z;oh$R%Sk)XXwD9)>9awngBCKfLPg=s3)RMHu3R;OnMM>37o-)byeN`#wo@uAc
zRO7|t1zoCcs;{?^ZYI-ShS9OwCFwS|)1?tg(!Ed8-8tFTUZxr&C0(wBitcFA71pRR
zq$@Tbfy6gON!4DQ?JBx`B;BX%beU@W+*Y)gm<hTkV(8LIH;ZY(S#Vv&n=TXc5M_>!
zm{GE^UsMPt=pt1yR}9kMB~ijQh@KCk=aQ%xs24yq0#7iHh$lu49WB(9UbPQX`eXcX
zvQ4rzKxnLDmK=VY4LIikl{$~zh0e|?xtzI-chL~D;j+y&I7~HTjDc-%1KY|1PU)iB
z7NY-K@Px1AYp@XgAD3PFT=INS<bGowGX@g(A&W^wo(GHOyuXUH2W%3liXS{nGaf-b
zV8nSye3R7E8TkyTM=%1*m*@pQ@cBKofofMQB+)0_V%aU(iPbNQivD4*2&eY&-)Sv7
zG?(qfGx?>w!o20y{pq@YVuJC@W3jGcJoCR9xy>F(ny-FDnsUFV2VNIUG~SIzB=CXz
zJ{V;d@fY9J8UeCe&*J1lMDspV-A`2asp>u#_u{~f<u!be&cy_LkS;-7pG<a(j8BSh
z*7GPUllgke9f3H?5`C_#?VZ*OxR3pfPyw;>5Ur^7mf>2{mgh~G2)Sx{;34*sweo!z
z+Te0s%ifRwha|RRpR4nH3Lh&;yz@`C@#F!bWJ$1Gu=xs+s>YM4#%i#cASA);BBZYv
z$oThWKoC2iPoO!$PBSEkFG`vh+i40xoCKOURzDA?&gV(G{Yf{Abf=Imk5fRm^F&))
zd6FvII#Sa8Wdc)GTbXKfmUPbr-E$?~9;7>fX(y9zo}}xwx0n73lJ3uCf(K{W+sjmA
zWh>F%b3peTN%thuy?|+}p^jG{FX_G@S`-1Gf0cCav$t0O=*^ODAJFY1>9!!<Owzrb
zbeA9$K6QV5k8M2XWYq&PEy7^n?=6`@wn295djVbNe0P^*Cg*23a!eLQ64$r4aXW!E
z3rXK8fM>uzMXKU9Q;kIs7@ioM2(g8<KL+~JMEDv_iFMVe0Bt7K%0)`az5E#b0uU1)
zz3z^0rm^V@&_d%ZW>xU`Tn*rHIexfN*nr#wGAUQmN<eulLp<e4$Q=Y$_S5{FCQShN
z{@{b$72}Ln52y^d;U|3D&&7#^u?T11hi0GxA&)pCrFjJNTo~{uwEWWpB#2C@<R&tu
zo0$UVB(uC40prF8=)hCA-2x~$c6A#rfWWEc6Xr%~dEQ?`EuZ5*x|ZL}@@C6lx*zY{
zh=IHwedAw!AWGw(e>T+kcjp{k<6mNVv+?@^XnZz=?C2Z+!~Ibjzx$a`;}edu@%wzX
z#-Gi`--|`==o_CNt?|8WjUUO%k7B}~ZEyUP`_TAxSUQLRa3&kYlY$|cT1s(p8DvCj
zH%Mm++@FSwWn>|xpxvNcM&e{@$V4p#jxdOs#u#i1=ae!BB6GENv*#i#mP3l2Zw^;O
z@ex=-dA86Cu~>?$Zw`@ysYDx;EyIO0N1&h~k|4u~-y*^aNZJi@TdO!;|1>C-waw)+
z=Y!q%KB;B+hQu?xKtvBoVAwzld_$5L+$Mru7@R0_%vpdMGD~0B$BLHRCyrW6=j_K_
zcIgY>;Zpke0hL5ux^&L>>W&(4>6{<b9rf1IIS18Up}6}IciE+{){4usheVn;`MlCO
zKdIokrE`8(!E;LI{Gx(=O6UBFVCif=w4YtNoG;YjWTVbkI@?8V;$)bbVCn1_bw}2h
z&TfXg>L+#qiZNl>X%<W1759bAiZK-gdKM>7RQICexX;DCIJH>}T3U+2>=fnJlVZC0
zG(blpM0$bYZeDS$4m%~=XR_az*bhdMz&U?;_9Slkn7f&@BQR)OJCF;MYJa)mX4|(3
zN;nX(e0b8zJj*OEkmZ(h2=bDMS(RSC-EER;RmGzZE*7L%%Un=Q<8klBJr}I%b}CZL
zjQ{7X6Dz#QJg=|XNbf87_DY-1PJBCk08)8qB6ySlhQq7LatyH@OItj`98lblT!9%^
zFyKDH6&|OND|$e!rkod8foJ2b-{c_0JG4>*KxFddCked8(n1}Gd$>3RUmiMYf})E7
zH?BCMfe$C|k{AuusRY@1aQg1O0IE~s5$6wADjL5yZz_$lM67)xv_$MF3N@1&Lkbun
znuKsB!u+!skxDLws}=9Eyt%$5u<_Sp-$x?{r=#iIBwn}%vOH5EBcPad|Li1O+LmC6
z!n-M_2(ZR+Ckm~&4s{w|%>k_>(5mZw5Tdonq_z1|K`TSjIz58cJknava}nQ1<ZA-^
zfuSnI_5V3C5L}H*&lATu?7kfmhGXJ~pS@vfhYlr|TW6JOYLi!-%H+G8+EUQ@x;LjO
z{qjBaPU!`Yg-z-5Sq+&h>Vym}N<~ZROqcm2VNRFr#Tb@z;y5fH;(a9l??*-gkMA3=
zZ@*D-j^l{@JDnr)xmR0+$NI|mz?r%29K4U7pPG{RL#s#H+Ul3kcXaFb(<iPBT#Sqw
zymiK5_4x`juujLS#yfOOyw~rjvFY66DA;u7qakd%cxFT9Tl6hY8q1rLEq^v9Ta~~d
zIOF~t8bGXt6hVpz#m}QX_gOr?4G^EHEqPCGg=1iI?YvK}66m|kUo7B<BIhJpql)Sk
zt-+6kiB{f>hIF-F(Yk;n%--HJ3%&hBbSvEJ!9)h4s6yh$HVgFpnJW<9uP*@Ij>MOj
zfEM4iSl5HXfmV*B^|GY3AcEHMq%}y;l0GcrVE91TXpH9q(TLHI`Q>O(-ptW)8kH5Z
z>K&Dr9}XLp4bzW$R9+$pb5!=t{54o}Q3Kf6;v+F6<H0`+$z`)i!#*Tyc(jQJi$kwV
z#8ZAWWt@CA9*AmF)3PS6dJWjfcR`s3O_=ExQ2zUE##6;FA+h>z{8_-CC;0OSeo(-A
zgA|v4<H`kq1++hxHzROUJxOL`B<00;;%V4uvy5VZx%HAbk#KDe5>kv?M1paBD4h+x
z0g2V|C|`}Y<cfBhOu7a1s@o#cNHdFsH)$O*SWWsjbAJIk?5f$Mct$?J&h8bAvZt;0
zqE%Cj56y&d+PB+jUqdnr>(E{_ALTDG{$iH5DxFNi8OC&xU=+y9?c!41FGR$Rpm8sV
zRQF^k$4*D2-NH1!e9B0Zg}EE5<|Zm)aLSO?;>2q##|@Ufw}+oX<Q#J1E8t)F_^cd?
z2H#=4V<v=i;(9ynF{C}e4((?_yJm>tH_Ka`xQT?*j7cKFxJ6#Bw`UU_oz3!IV`xOe
zO-wl3_@hX`17$r_j~0+Ai+W>*cc^Jsqmdn_^5>8I8H}HhrypJf04G0VIF4>bq<jGz
zBNL3iG7{<^Iz%r$kvYjY)r>DgJyv{*(Hil1xZHR(iI1g)JwN2aZbM%an+!tm@7sMe
zx23352PmiG*&=ds10+Cv&_0-W@%&R<+L$uh`}aY;;B|w#x{=!(II}gr!{hb!O6CrT
zFJA<OI2Yn*RZL(cU)s&c{a4FKHzWCF14e$WB2yWePWw6zj`#f;59Ro-x9vQUvv&~B
znF-@0a*pLz3z3hHl{9l%oR66@GVwAQIgydm#PM1nE*={=p?5P6_7SDHVynaag9Q=w
zcn*?i9ib|Pq%6^q;^YOqMbg4h(gamX?9h<Jtr^e1Q0f6ys*JZts=`$qk_O^7sH6=l
zX$!8Z)RHl>h1*n;fvf7#DwVWPCDr08jw1tc%T$t!V~DzlYpTmHsiXvzl!Pl!8*obe
zkkA`(1f!Bta8=DXUzJK#N$I#MZoDc=$;}z-(vhU<+NzR9s8VBbRpWkGCFQE5@woE5
z3XIyPk|wI8X}GF>eW{WPRZ=Og;&3Jqcfz%jQFB$&JX~eJ;(oeRCM{4&3vpF5?Iu-f
zu}WHot2pTh#Ko#Em#L&GTvapHs8SnL(iU75H(pao+f<SfO8WCJoU6(#0!Gy$Nz7P;
z#THkMBeftm!i!_PICNW#(H1V`%W?Jx_MG!LYRGz%83w0q65oT!66aZiq2xc!Eakgm
zbziSEyr3p6UJt??01EU!<0Gv!V(`g!D&M4>r6pV#Z^|)O<|-BGHieqcb8S<R>5Qa=
z!y^F7Ct_*;I)v+BZRw@M^0J}2?gk?U`!5~Buz|1_HL`bJIEb)kIT;^l#VgUyoWSKV
zUTn*m=qcY3JH+3s{V@OZ_ONBDwt|9aD^xGGl^bKiO_tW~LS&L{WhAkOk#3rg*j7fe
znT$-&E|pC!l`Ykl7K=9KW%(`~hQ6_l2o52K1gHAp^pG@4Uc<|8_$2;|JMgJp#V<2g
z^&?0$8>F=Zo|z5dO{&=d-ssuj0BgzijY_^eTU#o51ZIs&zDoD?N!AfSe}r8ZPTO9<
zS!Q;rH+d}1{w`yM%P{gfnza~LytNHjybvLy`!2RiC8H;d)B|m%z|<C}CE&mYwa1TO
z2<F>tY#$P0leGj?qa}<=c54aa(9U+_;_)*o-mSIs#wTd)V#SOR72-YSn0_|Yzha(+
z`Xf-4)~+~tJg=A&h3bBux@Sw7UZw8&GBDoPs(U`+&ifQzQ9e`Mk5%^*)jbSGa&^HR
zA+~J8m4AYkii-zL{xRK+Fvbq+#G>SMgc+BKt5|^$))5x?j&QCmJk1uKYYQ*5h0AQ=
zEw=DJTR0x=HR-z%#y`=9bX)ugTX?)JTxbi=LzsVT|6&yu{6v^>Tg>!-OSr<D4$xx*
zu}Ivf67vw|cOP29)jIA*e3wgr4<;fh)Z!}FWgH}eW#(85wH|544SP7dK#hq-wQ>1p
z6xGH~`UCx!DEPwF8(0nj$qIIq5Bx}1{o=>5Ibbu83kV0wQg>httZ8{N1}>P`_7Th`
z$YLcb%Y)nsMFOa@2KV?<3L7rse?R~d{39-;N(!V(^#c<~-~%cUgt?mH)uC4``8DVb
zED~vKuIL_mA}}N&?#3&DpP1<_^fx9<y3;-Jn*8w|pSML@Jk6g-4lx^Gaj=+pvMf9>
zSUsLbXh+wF1#DYBo}zf{G1^Gs1A+*OJae;E%)oAo(xwn`MF=K#_zSoLoaLyJy~|h>
zhc6saN`hbm?m3pc=X7Gl$MH!KRQU&136lK$uf<W4#y|uUmpu%oq9KAx3J!Tunhh$$
zGOo456MVRmi}Sdw;|~+#wsCS|ELKU&a5X0eg<q#L`gg{KsU1v}uMh=Elo}D6xLDm+
zsrzl}p85#W6VN*5PvI5!nd*M5x}T`-OV#}Xb-zs9#|j;i>m-OkMHDI_?-&>XhO-lY
z8_iBY*<<8Hp<+<WGevPOa+%?Uws4s(Or6Wjv(FZeM=Q*Dw=JA*3y(k;<0V)--WFeI
z3(vEK7u&*B2=kA_vQ34_ty+W`$2C)=`xXh?JfhqxiULky5(576<&gp|buBdyeY-5#
z_Ek4gwiiNZ*(gi4<s!j(uEhG>hw2q;Hdlys4+J3Ar{O|^q`=NQiFJ3xL#&Hmg;+<5
z^SjXNA<o$?u&l)`mN&62vesm`=$3!O^;bfw@s{8yQcd1lQoVuoQ^Zz5L@CuwwM#WK
zSW@lVwVb0BOdR~66lmU2pbeIS0CU_p+f9MyxeD(&nd|~Rnt)(qqon%nTxUTRR3XTu
zW}h*TfoCp}6TqA})T_h<K%){w<6ak^%Fui6<1-<XJF_qGNDzvp@vpD(q!8Gfr24@W
z-M1ggM6A~b{bWscyqJn`^&fzmpk2muBNxxF&mrTucsK7-2rPQh>gH79NQzjMdk%B#
zTAqRy37Be!-l;wlVu&xh@KPhSrTqOX7uXbI(I@|@TnGjr{QsSD0mP|KrN~p;D$a27
zf+~gFR)w#87VMm`vx%^i22f!Q7VJ2y6wC4LtlwCrz$X`oJ@Nl^#GVOQc9be{%MJOK
zDsenOr$bcGaaJXU0Y)0BO1wh{s-sXPwo(e~a#F(2M38pUBZQU$_~EqRfS9@|;OEX!
z5`L;w(gs|`YykXhqqG293|{T<Lp@r;&$(Yp_z_u9gegw&19!(|Ijm`vf*%2Kj_^ZL
zgr8D)aGUCF2!jI3iOZ(rTzi^@L4_Fi-<giH$;)n=I*zb<9BVp`TP<;R#F6HoNFC>I
z+nNYA6+n?Nu(2)9a_e%5uU?#KijH%d#F+)pJK{|C#Wo%1G<n1Q%Ov;Y3D*I6xPR#e
z&^awC=u~kvH}@}8WQ3;kF~q##n$8ua5^tKS>D)rRvN2OaO&q8?K}|iHj(0?)rX!{S
zaH9}iBh-}gDxjv><c@k^dh)d8&@|wWjnA`M>2QOe<_I#t6RF%Nbq3%6mL!Em4i7<v
zsWXG_wK`_1Gab8IQ1bg%XPygFXUHbb|6@&^X*NvGDm%CcUewvhTk6aOpSFknGp^VD
z_|m2uObaI7RDy}X?<c-Hji+9#^)-klH#50|EW}mpV{uKwOD<=InODxId8M!JtMU5q
z0-3jzkp)NnSm1EjlNB6|7m?f@53+l7-)FGaf91h5{V=)U%ckuBNG4=)A4-{~kp|21
zlG`{pvF!kvh{ayQSy6GlaMlz{ObQwSwQ1vXj&Sw@Rx)eL7LYfDvm0%2<_4UlM1?bF
z9jY~;q>(z*y>tjT3LWZEioUZB)eEGZfGwI1MZXQZ@+9V76y>Qq>kKJRhww#UoRIb1
zj{^p!X4SMrL{AYBrc6P9nwHIp4m&%ybV7X!B;G9IOr0wFmQJW=bp%4_RKdjlbP7Ow
z-JEG?MGCJ9fyG{vM}887J!r3$1x1*ma2W0T`~qA1<c1=#Ld2QvLw0U51uC-|qVg6z
z_huQytexgRX4%F^TC%2hwV=5Wbbe=A-c>u~fu^)%5iT%H$Cf4QPutZwnQdPw7-7yk
zn<eY*kJ`HmpGz)7*29zu0p6Gm!Xm|45KMdyPFH~G5`cp^Eej^Dq#G7ty6<EO(=?B_
z0J65={3TWkgLfYya&Ka>jwrtKW(2Rq;`YfN@yrcmta1<D2r6NC4#5N~Cn=aP%%Xtd
zsSmmZ43mP=f!I`KG>c&qVGB=$;gz;<ww@<!9dQp^cvBS0zL+^c;NeeG(w>x-XmpOo
zZP>|fz6h_eYM0&obc9E#FiwQx(p8wYv@RkX+Z;fQWvNjXv{{4#9PLr-JhBC?IsL@I
z<)-SDC!#hF=Y$$|(h+8+7w&dO;CfU`?F%{g>_#*>_Y$8jp$nAUXuLrUn(r=udl!)x
zzO4f}%(i(a8qgCBsAK0koMfTT?_Dv(v>kDt)QRloF3cb?%a1kv@ItXfN`o$?oaQdU
z3lo+w{KA+($2g=J-8UT(o8te(sc*xa&>@?|oVOI_)IDVDMhH_-gYgg(Q&#@Es9XWd
z!n^7P7OHm52sn*6WcveZ1F#%?+!0vL#X3!3A%JuiVF1V*`IBzCwjlq8$vEV0elqan
z4^i>NS+PqaLhv;OXs;bl>N#io=bhwi)6dyfKy)eC+juNy3butTBS76rw=?jz1fH|i
z;>zJE!<By!rMNy)l(wiOm?y01W3xeh-rmB8LKOU+X(t=-9<h)ON_hDkYud@pnQ|QM
z+eGQ^6lsGx<-H>!K#QqOM1Zb@4m$!!%Zg2_cyUU-!cVP22!A7v;(B9BLii6o;wb!6
z@##(qe>VvKI29%kWQwrRBzi}cd}j;Qc>u76YZ7l1NTF}4Cb1S`O`*pV+YUm11*kg-
zJw6m8gx-xSN5tTv0sbKL1q0<|ajB$uT*YLOgJoKasuL`s|Gg^(+@;#J0qC=$)5n@N
zu-9ReB6tx^8%SK&M0<1}A_S%t55KspV3@`os-T!+PmQC5)N9~*c9H~w-_X@&JSqne
z?0d)&2sZbVKrjNr|E3COBK))pry^XW!rXS;sKNw`p&~4_hMOkjO+Kq{PihUh&>F@^
z#SUk!;b)>j<FtlpcSrzfs&`H)sw9A<Qr;u9hR&ew1R&|1B!K9+a&!}L<sW4&Ma8A!
zYR)g4y6|!v3pol=;&-Ml#GGMQ7oZcPd&ihD<E!*YbwMz~#0i@*<GacustcQM#}rx;
zw+xt|j2S;5Mi?_@Tx%LLe!A?$2xG>XG-jmKYs^qqj0&IyXQ6`?<4~bnV2!gCqaWM$
z+gdR^m@<GFAKtOyV8y7y?v(mQ24Leg6(+Pis=|bpKdCUG<!TWYdWa_~mN@GnFB2FV
zY|%)g(fuea8d<2#(W0^CR%ZmM$D(ofX>tPEEgEtHChmCHX3?NpLW{<p52ZyTCDR6B
zmOXV08c@fg(JS79px?Xlg5|OVA9Uc@+jSTTOvm1d*F3c)wQps@un8-eG%6^I#>M4F
z1gLXw=G1S3MI(neW`iAuX#-JePKQyPc*VjTVn1-P?RVb1sb2h{v7@mb#lt23w8G>1
z4)`-4yJ6zb`M{PU6(;`NsKUgbp(;%L=`F$ne}+fJA7@>rw>ZXYlm%qbc#cHVEg)|}
z)TztJ8Bo`@It<jEbeSzQ(KveuwHDd{9tuDfjxIff6cUyG2WD5(w#soL5?!}ZBGHIJ
zPDu3bjp!bV*p#7Xn_Ea!2pYdLWoXo?c4bI7794BJ(A}w#%8+1$gEF-9ts`R1x*Isd
zn}9XjffOdzV4|2Snhi@Pfb<b`na0{q_+C!vGXKT{=MGr%bZ?0zX8<QkRham3s|pi8
zMu@P$kA6|{!&!g%mSE6e{pF79$=If!$jm}*gpRS?yhLn+P6Tx)=*T@uLdQg0IXdaM
z@(-)_gKE_tp_0bpDke_29p#x|;(v=1F*-Hl50R>fcp#K3AAA?Zb`RnIFCJ9#)$dEZ
zvR5QB2ws@TU@b&S6<NLPi16^@HBE$vmBbY=o;x5p0YgtP*)U=#=+}c0)HfP?xRQ?Q
zfDw=3Wf=|_u?Y((^$p^}5)~#cJTAh*Wa6GU;ilX3#X(CdOeT1zT$F=bXEmdWg5Nlk
z$>3ax6-_mnjAoVQI&Q~`VB$AdI|D^MI>s7&pNW08>lk7l!69WLU5fD-<#=4>W0aIE
zWBo!J=2S9P6Gn!dQRa6hLFFtXAP1j^fqNB+5#pw06QI;{lGZjU6)m?qCEZTqezvfw
z5TpD%Q%;8cuX6HCN+bkDQ%>~PkBB~JUWv)OB<}b;%ThBGF~U-_bA)NBndm+otm}5t
za7#^R0-VArsWiVXwoF)C9-ZJ8a^P&Kc@Q?^dXTFr{w6m|<oaT|BXYe0BLtD_a-h`{
zDm((=nJS!#@O3Jjitt4$Or$$Qg^6^U2n!A9=BUu-tO4zzNH#zNq6`NUCtN|+#wK(3
zDV|Bo<|Eo)FP{yu2SC^UiCdHF5$ErMkB#B`!1(Um*?2gA3)XazDVW#`Bs{ZLvjkrT
zn1E+W@%(kq*ko!}h1mF5{@A751@Xx<k7^@RwG`yWbAU{=+k$Av5zZy+FUKI_L9>O-
zjEuAaQ5#-{d-8^lh~c&Zx47e&E-OSm$Kh0(IRb6}iI1c4wMKT!5GOox^9e(E;+0Rf
z8HniXz-`(3RdQRl;6mo9>+*6gT2;qDblgD;`Th$GM1%PPXRyF-AQEmK$Dmd=AL2${
z*bPL27tyq`)R&Kli-}_eE*^y1pe)#DBSzrj=R-|g-12_A2n+Vvv|yiw@4eS+#P;|;
zRd(!Oga|v@vCD6Ei+%}owCNr;<?i+|^+F_-yT%%ma!>@=@zzvFh|C9a5F!Tv=B`j-
zLgD!;OepNG!i2(>A}pXVCn^*=Yk50_j5f-cboHeeqoXh;O+b~=jY%<}?zAJUN70*~
zAg88X(UVg%am*?QV^W8=C2CdaPN-El8r?G|g4EYW@3&B^5Ciu+)7RE$?7sOhn0PJC
zv1Uvf**y}R<okId9dYKpa70|Xdn9Lg6O2g@11U@`3=;*zB3_(g!;(`$`UvV)V~t6t
zqat9*#L13Wk_&B~Skf6dF+_!l8E1*Gz>L$QVurK&^iKjn1JtK&P)~x1sh5zMO*bHA
zqBg=sA?-b;jzQ8w^VxK<GhCE*rJUZEJP%inNG`7YgFbxKDRQz*Q%QxmipdggK+4@?
z3H^V8s<P=g*(tlKBD{-^K~=@yEfNg`FQTa`C4WC6B-}i_iI6ahSfVy&asoOUkXnO&
zJ-9#}qp=1g^}PDn368ih;bh_h4Mo@8;=b;h>&D+e-<qa8uKqLyym5x2F2f`yG}Tbl
z3sn*m7E**GFkwZGGbSv?_o9gjWw>%kN^zA#68GnLIb{~8q=mSeQ^t0x<gK<ap%5j1
zXNth*E!hcE5fCrDJJu9|mrsfmefj3UNJZcQe9x}1{^y1Ahc;2_{e%m<)JG@+oj|%C
zfp3aOZU&|#6oDIWaTNIVuwGIT=!wODsS0x=@q`LfDVQn3LMg~-q*Cx0MY_RC!AV0T
z0B{|rre)yTm^bB|f!f3#g7O*x0RQ$l1HhJ3Bmfw=a&#8s%0DOtD>})EQ>BtNFe{V7
zm4cx=Edcm0Pzv5{D?4RZ3WOOGeLvPtm3DWGM20YvE@n}fgUiJEM}&vb7c~(cZY8eR
z;lbQ*q7k;u!VeeLixEvx3i@GA10ycD(GeqJ!6ae?PoDR5kYQrPMinMT{7ZxdMnpe(
zb~ZK?Q0g0}DSS6r0!33bg=VOdKv7G%jsS{>LEXvN;7XQ2k$@}5X-jv)gaC^DiE17p
zib=J&n)Aq}DV)090*XQu{GDkE)77hz<&(uQ0i!F&m@{raW!tseGX*2eO@hrC_lC!t
z=&xT)fWRcNUREVn6Y)ecS9pA{`~oTBQT*|na{Mv~!wC`3z0Og@?>bS6bt**pDix-P
z4^m-@_#Z?#wt3!~?B<zMZ^z;Bphju~ejr!FwSl&Sq>wjN8|aGKDCBO6YlM)$oaHR!
zDR_L5+ktdkIY=%(&WJx~1LM@|nUhqK8&@$o!nJ_`pIJiwU!V;nwusaQj#U%EJ<4Qk
zmwt1<N9p7&3eyIzedLJRz(wa{o-K(>(XG>r8xSK-Gfp|%Jk9t-Z+X<G8D{}AIAI;U
z^7~!lhTPTb8oOYiM4Tuu7@$(o*wc(u6anJwy~+`BE`WWSN(E8oG!-Vw94Ep;kw}dS
zFV2cYF9Js66p7~tNQ`N!BJl=LMC>@kacEr^*rA~Aq)60rYSI6ADUSA23poW7JH6m=
zYLWYQd1|q5h@75c5wW~X*7ZmCOf6ELT0FhQLZ?Cu(C<tIc_)V5H;ol7(7<C(1-YP&
zQYCo?PgN3E!3YNxWXFR?#Gf^NIm4T9YVkP`!Ne1c1BRvUsl}}z{TmxAXnO-@EWg|l
zGX}t%P0Y}M6Q_!>z=>{Aal-keB9=XCuu<Zk3^K6kCl!wX1PBp2wT1{aBn8x+AYw#{
zR6}xc<tU`!%0H+f|2Qn)K$5AFbX>&*30Fgw{KpdX{{l56L3PS*ln`J0K;MrwqePxE
zJKNO|`Q;O3uB@wuYz>I_%vC_KQ16+GIS-STFEDx!=YaA(b6BA;lQI*;6@b9qhj@!o
znA?PWbN_Rpm&%zhG77m(R1#4zEav0Jws*;0dom@f-bankJ6D26l&wuu6pcyf89<}t
zQb*7zf&H7HkqgkcNrgusoTI{-2&btqw?Bz0OvU67lw+2qV)B^?%k9s^o_uZiq^P*#
zte@ORBx#&}(&`)(ISQ|ePN<ULGm%&k0X{GGaR#4hm^9o2mEy{g9)T<W06reIT^O&D
zCgN(&O`D-3V}k`gg(&zt(=rwxB7&M)#xdy|aer*2mJ!W2V!E%1hK?s7>n2jfaQ;LX
zI(q)GUNoSgBZjXZYQ!5zhM*##!PH9}(ctsuQlk4pqN`MxQol%rDfM$zm{OlF!a~g$
z5>?!t)r_YoyA4(|x}`};uWRk71>@{r37`|F^_2j8bEpgM>7%&;Y9emQG2CsT@@V@g
zNISHJIFQ+zQe1bR^4C-c9O%jK010PQ`TZpJ-i_j@gw#<<3W)(8+<dhz{wU@A78{{M
z#}!FqahZT5<h~w3(ikVM)~AE`YX9TbTWIlLpsE!9AoVZ1s)9ZVRvc@p%G0h$7!kZM
zH!GNHVHT6rk|XX|63?O}G-1cm3t+<ec!Z~N{&l9roO(<hjdiN%f#C<{G#}=OIgh}u
zZfX&Ci7@cwjY&6Lca8Y|2plZBLYwFj6<(aRiGc)+#%U98_L3M=*V;j2gB@dpeWEAS
zxOmKJ$op=j+c1VYnghnX1Qa30jHiG{V9fcbJ7S~L^FHyxF4iq(2}Yeb79DDIu2J|S
z)Z`*esF{c>M!gW1>yd<(-G?A)6!RKx{#dZaf|^1_XCAL;!D4k^rS7+>`&xCMKqN-J
zDGHG@)%{p?KT+M6s`~}%ewnz3S3eF@_@+qCg(zPsn!wlbT8har>8mlr{01WD0fv?4
z4-BIiM`44toxprqctkL%>e)mv`2r{r1||{akJ~`{H#UDL9C_2@h$FLp4&lfRB1{~)
z{)W733U1B6l8##S<46@IqV-702Hc28N)8ef8my*FOOX&#S4}b167E^)vJvfLMy05Y
zATjTB4ryIQq%){TfCNNtK`%-TKJthw2W1+r{KJN1)=zRZo~x4P;VR}!xHV+qDogJF
z3sj7o#XFwEA2AW{xklfQH5KEZwQ_*%))4v5?<m%gcc&i_6<+PpL{wNyIKdzsLB+TP
z^y`5JE})H7F*;+qL&aDy*by4$|0toMHMT6JA}qEnog1lBd_(DOoKA6LvIK;>I)$l2
zn1EoQ&(^-hwlkT^D$O<84hX@-HX!YU27)xufFwB>teSs7gTEh?lf`~~A|{LZ_-^FW
zy?bx1@9Eyps!32i-76O4@TYr|@XQWzjOt71(?OSXw{=RMyPWp61we&p>+j4WQY5-*
zT13S6jgK|gk15|r;*9*zbEK2#&C`wuF~d)xTr^=9lSgc_LrjF?@x8lVbfF2Lu}_Qi
z!IT8L49apum-`M#bfIx%q6*VEGD?JFo5LX_ReegaPgKNl);^{YJ{qij{M3z1jXaC_
zZHy$lA+^*^=8A1YUEO2`>W)C8h8syH3e{f<eksCKXXfFGkzR;P9tHqAm)8*_2N#KJ
zn2}`HatlEI3p5zxV<}B`BZ*MU(BETCgSlp3B(j8UY1H~*eK+X1{3F84zAjCKmzKmO
zJG|J|Uar;Zz3_8E|2NiP?vxnwd4ETYdF@+?F*gBM=Bscn!n0L)1j2bLoQd!d6{hj_
zEEOg`ouI<Rr-OS*Q)ohWM#Uv(>&iAFP2)77D^HT()KpFAHdIOYDdSECSK-RReU^Bn
zE!f!sey}yFI!j{77F;>53vlHhl%a{}KD)h4C6(cNyhsXrDOzBO1uTU~{hethcZ=63
zo0<tGD0+E}Ii)Vy9f==;5vGyVW)j&jK^z6Y0V!7x&mT;}wB%9nf7+PtW?OfiV7i+%
z`4sqV0ubh#!zpn4UT!h(#23XPj(pBVdx$Ji4uGk>2v4&{9Qj;{BG6un(;boJof?TO
zIY5M0RhS6!hzb)y?oweQ$W<y#1Q{g40zqJ4iSni-XU%3l;h+JU4V|@uiSCYMXXNWd
z*2}Ive;&IQ{w9&;Xxnn82NQR6IE8N#;Y~x|Btkr4^Xk4ygb0+7M*L6+MBPdt(A}uS
zdYwqZed0AD1dAlNF;bgJ!4;^Jj%JZn@w~+ZNx)Ui)^LMN$5$=X`7cms4u2{;Wmjh;
z79D%)%vEBq2+0QnIKZ^f3SO9Sgqag|=F|Tcfk{2OT9|ZgdrUrJ(#1GopnFOn?%q9-
zm=t=^QB=1S^(v1vf}ArN?K;gJLL-~9BbHa9O)&AVC)Nu|G}koN`Bg#E{<9q+X@U`g
zq)SzpkknU&2}vibFd?a#3KNoceQhZ<(ILrMsX2}y(@>>G;!^1elCd06T8zc3j_~LU
zZcVF=z#zbH9Qzu0QlxodZ($L>iDetELj(N>;^jy8qU{Q@dV{cM)*1;}GLx3jJaiKD
zmOv)UTy4Dp=^~&IJ&q)9$#Wy35Hk?F(gh0D#jf&p&e)ZCj>N7JxMC8%hV~J=QhAH%
zl#Z)8wZ)W{wwx<ovaqX=JVEupqeG;eN$iBFF<~Q#t{h_;(_MGSakN8}V1x-#HjQb1
z-VrxjMH+;lDYl%)0W6$Hmbo~>mXiX~_3X2nV$1m&BMxz#(i@)P5JTb|#c(mM6hjCd
zb3hu`e+6k|IGFg%@sui=39lg=EKIfHxD6$p^_vwCU<x8rX%}H`N&*j-2o0jNZ`X3}
zV1kL6sKCi`)6jFH5v&d3ZE!DRswURvXh&Oc5p590=9K%y!8O~mFI9@SiwX_Kp$hl>
zgQ(v)K~9lvh+>j~YXXzP)s%_PCyM0y@DHybA;aU&k_;C>f!RXb(*ycR!0b`rwD_Lw
zak%L(Z}2@^7<`zi4(`n*1I;gS&%=#4rW+0fBfFW(uCf*ZJj~7M-1WI#Nv`D+am!Ip
zhi?wGwhzdxLPUB3D|lJnA3wnl(7Xx|$nxF8i@prYFc14(`f<g{Z!sp&cJY^;ur%LK
zf}S<^Ov42OjF@{w`mBo5i(RfOvc_dynRQjx)mN?(yNwlYWHIjB@k_A!9)x5Z=^E1z
zS5sh%xRDXp+afMy#7JAjU`7nGMf71rnv4(?b!UXzmg59QXtszLL}<t9zEvLo)Oe47
zOagdfeELd@aH+&><;*cwT^{SI{toRmZrW>=%TGqZQOPJ7G@ex@9X35PySc^EAvQf~
z`Wur-Fd5Hp7)j0qFOE*|y^|dXo<f3yNpQ^`tA(MSHH+4>>dR1W1j{|(RBqkkC>(i(
z<t}EqF;3+kidODUmK(=%-JHr@9<5v!%U#KGU+;G4->K2cwPLyPEcdcgxo=*U{o}Y{
zB4c_>d@?qUMY)?;ZfdBUeZ&{rN>UB9IXf5Z4-Js0yUsK#P(>~9H>cS+R_bG=&73Rk
zXDew|sy-7tv5TzKd@-Gvx5ts-%P{R2uhckjZTCN;^!|e}C|Ase-04*AbyY5+15dEr
z11y*2RBn2-a@VokT$XF)R4zMOxieVq36|UVjYI$1L@RgTQj~j=<sJ)_vybkkmqPQt
z4x``h?7-+}NpK|moekZY;H>Bb|KLRMViMFy@W*P0p8e5A4wFyJTQTCDSZ)b>_O?^G
zpB9Ds6;^KhXp~#Za`!rwTWKptesE#5ePZLaeGWXipCqqp1Co70B<)PTtqxI&kebcw
zk{k#QAi>Tg_@&{%lam!W6NA}C+t<!s{#KF<!{Kj6fn))@J=clkJ1<6I*Q+cyh2_RN
zmHTtFa(A)ZES7VJ%Gr5xnXP1<iFbQP2cGmK!6cky8}EN@@uUC?(`d0SwN~Uzp4d=o
z^PUhts&7M+>Y&v7FGK-{B_mPg{p`cIP?e#j=Fw>7X0Y62ESKz5?&@geE@ZjKS#I|(
ztBaxfPK#FVc$WJc%e`)vGk2!Ocb6dTL+CTcyoj`qm^K*?P8rkfX;fQ{<xIPbia@SC
zjXIYxpJ@Y_mTjf^zBcY<^wo?$(~1V*iz2r$?H;DJv(ivx6r&e1`lp?$$Iw2F&vrHw
zf-Z`V@ckOB9?IT*WaWWM&NRM~ocnO&tt;D5Z8egaw;S`mV9zTQapYadp3PNxw_F_S
zs%dS^vND=&{h|~^K0%`}PpGhm)pQ9<n``G^NMeXF&?14{VRa>|+@d2lGItjv!OCrt
z8ODU>tPNebhP96~YwwRYAwz16t?(JQsy&(c2ODd?GFeu)+LxFcw0;;NYMgInG;92n
z38F@`)8E{SYIi~fRGkj%#+9me(TxQx+uHD0L{ZTqmi|YS(%n>RZj=QRtb%6Ux3lz3
zQA%&WLiSwLoh(Vb`=!}))Sb%GXGAIeSC&Smn&G0+4_gJzy1%;zrT0Jvoceu(z3zpQ
z#Kjf~kbRw{p{h8RK26m<K^9E13Yv9KVd*=fl&-$q*6&^<(cSpa)a9+IaH6FBmX&};
zbtBo%QOG_-vdHwwFu{-_tDxDa?fCXe^`{UNCx(o&H|kN4sP0FR8epd)R_8x4ty>f-
z$E!A6D%%j;ZjPqehAY{Iu~ABIxXi|w6D5haEE4QLOLvY^`XQEP|8r#jt%7FV+l$$M
ztVoXix7YosB#~*60NKB?^!zBLJE*#^k_B5@1<kr|VCmc_rMKWo5)0N(0*UJNcx}2-
zzRkux!TX>WX^W92dSD{RW2(47_fMJSaTcF#6|V~-<5>V*TFkt+Gw-EVUNl%#^)S;e
zF{`Qrey7<Rd^2(aHBPihfbx_gboY)ZrK`ut>eFPwPrk5qQ(!?lOP?L3^ouNQvUTrJ
zv~mU4iH9vJb$ff4s%|CoKFz%2t-NM$|IV}`t~+vJ2*bz>dyUhP6TR(Wkw9-tXQRE*
zO8<PR?Ck}z;O@`s_I3zM4~|mzzggPstxJ-4-Xejz+pu)YD5Ynry4MUr_m*IDXxwI%
zHM{;I(;i2fQ`ZODtDl9OfU48&B*dH>&xF=SJ1YV0%Ew1sswYGt`}Jtalisr6me1<)
z<Xo0ci&FY|mNt2^+av1!i$wx;*A}Am0jl^8qj`&}`!!i`oK?`IxSXZ`6{Yl<_PQrZ
z5}hm(sCzm}*WAU5aWjE8x2c<Jd6UZ<v!)S@8K#mi;7yi2IgK&+WO%4RH^y{TF@p7h
zPi^{?3(30g3uE5ojxOyuW7el+Yu;H}w_@&-Tw1qmSjEO<U79sIYt%@6*6ziklLx%l
z1$jCvvZTcIyHp(Cz%YdKfIyG;<|V;4dFFEil4SW65K9{0(l%uU|5H>O)JiH4krn*V
z@4_4E^S2e%cF^w4My5AhNtrI~ujN|NxwuOUuE1!z(#r7ur(fO38Z0<Hn0W6m2&T6x
z=%xn-j6c}fMM-w0ZDOw1nFR91wTOG0Wi0|5WfBQoXd`f1IDyF~fu$rs!WMzKioncZ
zVw@z9Ke}ep!R+J~?tC`ovme5m($l1L8>k@H@iN!a@LbK!To=h)9b~Qt!*hN1v+C9<
z$R!%|Ha5txA>Vh%%_r8;VGSufiRxLLT!<vCXLj;L{^as!1b;I5lgb}Af8>*l*eT9M
zcK+$U9dFYyIPG9C@l!#!f3mCKOynp<Y%Hvyun{-kK^crqhJ96L-V{uH8JSnd?F+hH
zF{A;_OVF4XjmF#CLo`HY(6~j=SVS7e(_b+?ZXRyDz5#dOqWii|!sYFgK{}ZD;}499
zD@6=mBeb0fSlp3t@{dU18R{U6{2JG7*W7fwXe-Wo;+aD{ZiJ4Y^w&nuQ(|DcUE}e6
z1R_t8NU9+6@j*r8cm*VDq<w5nW<2MU*EcQ6>znA-{c-OfMgzJPA`%44^<a7ajD5QH
zO53G~FW95|h9<1JAVs8_a)PHo79fI8JMqgXy6<yi$Idpcw5^yvmwo?h(5Sc~(dCc(
zM9lTr{4T3y{un(V1CsM!8(kBA4f?j|vnnWymc@CMF}edJeS9$SDf9t0-ay=wPopy&
zF0z2lCyKBMx^FsW0Okvtl7zuD9{-$7Ut`SvqK(UFyR8k%OZg$=jP>t?tjJ`O@g^c@
zMP5_=A*sDFYUJokT$c~e(KF%;#=%s6aTk0AB|~=?jP?2_;uFf#@aCd5!Neyq%=`3U
z+b&?y^?I;Pk7>bR@cPxUJqmFpKx73wzIg*EdWvSoyR_nchl4@d>=Um;!Rj5j6J&DG
zKVw;+1a{K53K_h<!$!(3_TUR+-)${L9m~MQ$U3m!WZyi#3RtiCX_g1~wsF-Y;J${D
zBrpLnUd)hxC_)pQ2`$9P0VoANj?jHS=|zVVrfPb|M^jttzRhEUJs$WT%vVE?#8%=+
zLDw$8x3DnutAmMG)w*3JWd$vCe{Aw)tJ2CYTV;Z-z}rzHM|gbid3-<WzMu7?pAx2a
z@n(ECwIiB{cI!nI@f>-aGz5EmMv1U$`l;0lY!_Xq={wYfr-_4!-$OEd<!NOlYYWcs
z`jeA$O1{cJH7Dc89BmMI$B8Jiy>tL{d|$}?Uf(ubC9CW!f@_3v`K9E(+1}CC0s&5Z
zfF^r<hxL+8TJc&mBuiV;vZ%IqeygI|aaxHFF@w{-(o42#kCkbqw_;Xil~zColK_RD
zj8CVWX7$APwd{!RlVIW>(F2HfNpIx$`g<kUv=I$G11<LWDsxKqXvOWB<ogzLL1&3=
z-yx}JM!YM(mB&92{zRaV<2%day9$fcRSDH^lSf5AH=C4_RX8)IZ2Bp<X+EVDZkm_f
z9b0ok0lq%8^rDyneaAs!i#?d2Ad}<IOCa-F7oI<^pmpZI#?|yjXKF@e{;RjA=$B@b
zP7$O|Lb&;qctxpg!EqL${PkIVZ|xt<@1D~yFTUUeF?DwtPvs`K6!Af&y-xE4D{_2!
z2_FB2@!p=>^o%W&dU#_nkg{L#>{raE%wdj?I&hNI(0SulY$X)I8ccM7H1SmwS>u_c
z7*5+d>-(i6^`hPBdT_N?yo`LojPqXvz=ud>?ANu6_G1FaWvw81dbJA<>Tg^+TKvVO
z9rR?pm#ICpdPtzn4@d>VwD;)cyP5-t^MR7b>E+v+>w(xzJd6j>0}dsK$>{^`)U*=!
zvefisw;n(iBegsR<APh5bEYS!<agAUVPN@JsAsGx=!j0IUy*ecRHc4i-{g4fwj@~4
z(pc4zy`zmJ)#$i}9hUlwt$)velIY)X^e?uRo&nIlXkU2$(hfo%^zv^8W@-<w9vWzW
zt{!txFIk(P#12^<!IBF~Q9E*D*->=lrw*Zx3|k$plI6_}_P7M#5*ox2dSFlxJ()aB
z&-iZg9q88>JU@N7CdnIUGsaU?emHNiF9tEqbl*A*X#Q|LFeD~hTk0Ki7{9S&@&;#A
zP5#0gXpfMuHNYk&zcOn%+3xX`Yu#LfwWXJVM#h%OOOT<HC%BSCy&0Pdc6xk=YMvPj
zZF9h;WPbT7F?WO8wE}0-F5{l}<N##41U`&3Td5WOOwMI|rxm@%fImj}L#Xj#u*?Lu
z!Be#Ia7`C)pbtW;59ek1PS#oB%4RH5T!<pt(k^4PrSIq&RoXodi2GYbPb$3`W!gQ2
z7))JHj(^<RgrR{pnK}Isn6eykWAc1GMfaY`60<4?%YU~_K-ALP4{J-`1;Ht2iK3!J
zG3q|c6D(shycsJCwgA?uZv_%a!4s#v=<&g3Zp?%Cf$7GH>)B<*t&?#ztr7kRVXtou
z(+|jXGce$9-37DGe&1x)W$&^iG!g;t1|9}QnV`{ZJhgJ&f1d6i6R-FDPWR7D2=<8G
zYaji*xp}^UHh|8XYr!$3+O7Kz=>C>ozuW5{pP>6^Kq@axfwM#DPx$T{$2d3wD!{np
z_)-Yx>g?opF2HI2Ku`J3Se&76Zyf_w9yUjBV0v<r(s#VR>ywi_MHM_embhg2?u`T7
zR_-hKQd<H#uf!CW6`ZX5sp<Hqp~_5Fxqox0N?*CJ3Vd{j^q0_lZczKH4uyzCw!c5x
z{uk&xp|<CR=*#v80gYz!*WH8W2j4B&Sx@WFZeZ&h$p83y+dnWTW)Hg14ChFpE|}}B
z$^T}d4zywiiYgD+%l|t*3bCv){P+4#^ZKXSC(qE@5T&}zKbW88!3r=u&}#~MkV+lS
znm|%tGTRST+8h8+iD<u3Z~I^QFjVW&wcr0^h*JISU;Imh+V3lFK>PRqCsb>r+dsk1
z|97x&jV`?4|4yvBU7wo+6bbR(TJ%l+$A|d8wn((UwqE|H9Zmbg=Ff5Uv_E|QG?4$T
zWc%x%KX-f(;@Z*ie<*h7_3&Q`?_e0VZS1d$KSdQb`Sr|hfc(C)DO78H?GNeWSO9eF
zaiNTJ%jeF&Ltkd8Zd*MWtF?#9w4yaw1)#K>DqQI*z5L7O-axX4s_t~?=F@S^?ala7
zyJsqL*459wz8%5DhiasLKAst{pMm;UFs%A=m7OY|`AJaWj<5T@$!@Rj4oqnp6QBTa
zq3~r<oztxq;YuiZTf~mO9SLD0%feEN1V!v4_N47$R3_E1RL<)38V~f9EMX+kgO#45
zH4<ZXi9NykU0A76Rq8NbpOhiKaVhcqNdRspd7(3AdNTHU{UD+hUy4;eCu6r(oWp?s
zG>`x41ngPz|0Z@VLg!dg1<qV64%fYSdr8JSlhdisCb4C5<H8kF)SLf}*y)|gN|JI)
z4r(R2AY0Sb#B;Hixf+dw=eJ1CqLM-Nmo|c7Z(;Y1u74d&?8gppAM~x*3u7m^%jk_{
zDE3uts4*Jl;(~24EpgmC?lopylL%enN23E8hMJ6jUQL}MG#hQ}758oaZeA!E-oSNO
z^3R<4$0RH(-^NVtP;+Le1eSg*|KG+;>f|Ycl_>vP587G_d!Csv`D?lLIsx@r!x`-H
zWVPF7uL#kzulEVMZ=cuSF()u*8`|sjje=2e*2-G8y=XU@)b+HVyFtAh2miCcIS*Xi
z2@*Eo`=7eu(&OuL-krG`cThHhE8x!<X!{Eym(z-owT#v#7!a~Xj=VV*2F)>9m)v}O
z)~Kw}#&m!OW?rt<RGT&>^h2?Kz+h05(w1Q3kT`lMs9)D+jvliyxE-oBnhndE?*9}1
zUqD^w=C@F9JJhJus|2W5Nx~3=I2ZIRwl485w6(e|b`l`ru1g}lK_teI#5xLy1Bqt`
zqZJ89YDFKCxL1;h=*X%!8`6<>B#|AZ6%RIu#NI<75fg<(b#_BK@(xL?KzE%+q)UTZ
zu@EF`W;pS3&+>*aqLk$aI+Z`SL0uS+@;Z<MlPo{kZEU{_Q<LbZE%9RhU{^i*wV2|y
z1s4-bU;(I&Dd<@^9g`{l)U1OS_K7Vx$paN1wgb+=)87fL7tqJM+LFH4PO=s-->RBs
zzIOn%MHMOBTFd<d>`y`zwVc4knVx{JkZkp}NmgR$679sc0b;oK4IzeSA_`)-6?dro
zq6>ulRpCy|z^rAILM4B3O8(*?e`AbaW(xTmOZmgDYE_nyH(=)hum3zx;6fo8cJ(Jf
zq7-K#TwRhOTk#O7R;>3n(U>^VKHrzi<t`max!))#KsAALhRF=US~42%^fR*<qmd3?
zwt`(5^zvI2mo1LT=aQ5p3=UYT4rYSG9c(+ANymeYtfHp9E%xGdA-<c%Lui*bHw<2~
z0Zmqa3BZAiBKrH(vgrN28)@D^Tmrij-rtgZ(ci0N1}&n$Hz2){{hi&`slV5(t-rql
z-;Xe#79Zqr$oVvXshCfnAqw-!k2?(8?c&mQ8ZH7?>zPlB?yfVRcz$KC-|Y!_GHsLj
zL|f&j$jUQi<;Tm)w=EHq`Da{?RC(_@l~W(F##hc~fwA`a{3_{2na@ul4dc7-hluh0
z+axi*Gh~KunIUXGmms~7<NNG!PUAakP5tA0r1>1t-<AK0-rtvyhW@%D`}?muM1Sv>
z8G_%}?eAZZ-pKyG+S;kV53a7izjenGQwcT?n{B1vK=jXAcEj;$>Fct8Y(C^wf}+5u
z4=0NLJs~qZeZcIW%3}Nr>5c5)rdCe<d!_Oy`&agwk^=|)-HbGhpPS7O@81s-ME~BD
z8Q%V`ZvQ?+dL#SyUA$BOHdZvQf9|^D_x`KV`}ZT#*grNuynl(Ze_LgSxA)iW-w(Gp
zx_>7)_HX~H`uj&~KKev$l|6&mdIr=|p%OgU&ptElRzE;&7uoV2qUAybfzBajsF5Mt
z-cGEI32JR@fyK>z1-v4$T#BW!t8Eb+(^3r$=ZMNT4b2diz~13K01^B8SWo+tU$Ku&
zo%WAIB8KLMedK(2`|rF>@V*i4f3!tC?VqqRYy=wK{*jC8Y5$W*MEgs=jcorLw>Gx@
zo8#(f|I6j|wcj=v;`{_|AEnT7{1^6Fm{5?n(5;och+A!G%K-_e;X1oJly+@tRe5#n
zO&c$Q<3{;6C*HJ<Nj<9&ebd@MwMSg_iMJfOzGtnrv<!y@8K2{=(@Wb7&%<fT890Kt
zC=c`W%s0A&tZzg034&frZ$LU93{G2Hb4s4gew*pqoK-q4=m}PNg5`NdwF$neNw;cC
zH~2Q9357c}ah6~BQ|n0|y*-Ay+52d!omeu69f@8SXL{!edT$rv;_dmqJ}Wp2A+6{Y
z{9-$I>sOs!Z%B>vM`437W@Q2M@N5{;SG@s_xX|3|rko|X)$FE?f-~Q=yJg+=WED8m
zw%cdqOl+29NDq|oZ9tjUlaFhYTAJOar5;>c(@|ti{Qgssbr7<)fhgicCJ@`kQ&bk8
zC2I2YT#F_dop93NldVZxYwXVqwFjxEcEbTgAu2JpyhbyEw9nFN<n@(#d{rLbcm5%n
zfjeTfr3ZCbS`xhe%VG70+<7t%XeC`RP#nVeysV5l+@s4AS{!wFd%ma5z8%Rp{%wt2
z`^TM6a(Vjoc}JUl8zO-<>HVQmUDxJ*J!XG!yC*OSRNKJFu@NUu22X_n8Tu;3!%Sqw
zkAfk|DZYQlP`sVa_h6q>{&8nI$0rX6#oOtu_lDx_?RkBabNue>RlH>o!obcH`WgH#
zxUs|TZd7uT(ftK^UKIC}0g)F_4HJ?Z-3N=}&P?La;nldxc9v=yLIQ0+VSbB_*SFay
zeO{7EoQWi_JdTQeRmKe%|031b#OX*{(VwIJjYu)=Pd0nutlbNd?v<;?tbJ?<!V|I4
zjMqvY5njZwBYOEXC(=BDJNN0nTG|#<y%{*-8kL;R1JYd1mGN59UyvsUr*uVoadgaO
z0!xuMIrV@xp$*Q3@I-c=HX#B3Gx^gsF13>j*X?=Q)-Ut4bk~3Kv^zG&;_e;Zl_Rh+
zPy2Rlo|a#gr)@4D0G|;Y&Hovsy<!e}v>9S8%GLdaY#m#U<NB>y@rA1Tblsm+JroFq
zYFgm`Feq)atgK%DsiKWAgrclBdBl)FHr$>-B@=lQ^Ln#+-)<F^iHu}Z%7H=JgkB`L
z6Aj#f>pr&jd$j#Sw*4E#phxL0Chx+{ZnVD!?XOhrzZ!Uvr)x95tZ8G8hpxT$Gd(1V
zn`0&%(6zUI_SF_`Yl)M|OxBA==U2fTc`*MYI-Zn&)10v>kp5;~us1%ZXSp`}bJb;J
z?p1}71z?CvkEymAt`7_Jap}!RC6B1-;_(l54eb{@P%Hi!HO|$GDskBQu2wu5c1WBM
zkH&M-eJ;Uy>h}pb8ShNpmgA58-c$5*%c*}zJ4pK&v7i{|_7wKmRBvELOyAf);$Sd;
zSIz58&k6jg7RN!b8CKTjlmutYg$Iire?5Me-mgVLDX~j0S{<L0VN9y2z7ds6Jj&B1
zezjNdNO0v$)FgTgD~lMOu{E8;@ErX6AdG(>_%=l2-)6o1Tfx7v;9q)(fAcX*6tmla
ze|_!<F>Xkp7Z^7^IkToa88@U~_5jSoa`4ym2P-NE|Mpw_Yd1U)d&zMBxC+6(?Zf@C
z6@q=I4VL`NA^&Ef`~~D+4)`~yZ|r$FVBpT0*RX%A%RisTx3>=eJSP8eSgrU+8?!oZ
z<MaS?VK0I=p!mg6dq3LDIbXDU@St|EdL&M|bUfIrdt&gA^jpb=Xi&EABd_n{>d~B|
zAq~v~{tCI;i!28`+FSMTcY|JTG}oJ>E*i9PhP_6cJq6^voX9!;HdQ%+Snw8#CQkfg
zYP#n5N4tjiYyStWcoT+MwjbUG&2loz^Y6t$eHvT@rVR0WKS<Cs4o%%T%-{b5z35QO
zsb>sM+hod*H)A7k0mZ@3UN9wJ8*@S5ULA6LI}|^?fop1W0=+ajAHSO6_xgUY^E1ca
z(c5pdtKeRoA7DaOf}!6|`lk9C!O)3iVk)lT6X~5fDUhQK5GZ<>4gB*brERL|p0<gd
za#v@e8FI2}ud$4X)rwC?G$k9DiLr5<oNHw<lYL^SJQVHoP*$-o7VPUkQL(RmOwFk|
z{*!Y0bva!tei%bz@&iK;{?*F)2p&R2yO4)l6TBH~r*0qS@3mF%5c6>><<*<<asC+a
z?$)lDdXve#&N;pV`9{qWr5^-tsvQ>S($iD4s#Y)AGh<GU??2)ED{$rX>yun?4>%l;
zLjf@Gvq{y}SA&6iOu0F^bl*y&{Fz_C66uC2Sc6lbB)(LsknL}m6)#TNbYD9tQCyiU
z6aAHN{98l)W;^Vyf8;_t4ar#L2HcM=4%XYRk-#N#BA41}#<FMC`nZ(wC<^;&ys<+p
zz+vkjRW-T(VO2}P`d}`CBjh6ZkK@Vx;^Z=s58{JGa9f>4Fq6v%R>J&bT`Qt_pTZWe
z6?I2hfg|i{YUSYxv0@q2D}S93kN+dwl{@d)5Q|Wc%g*lPs{D0pMa7N+S6SuGt?Mgx
z+~!(avE%NJRa)_<aR06RVQX1M`60RDVbZA;FBVUTVZDM!O-)-2RxuihC0KjyfRNWY
zP@oRvXm1_J_U$j)&IQGz``h!OvUPGjk$z8**HM&LsCjzN5473yP@nGapX~Lwc^~u5
z6xZZ-H79%g=|lVV@1+&rh&*O}QeF>9dDR2`r=YvFkk^l=?gW`y%r)?0DH;Z+Dy{fT
zl+1>c;NZTo$psZijM0ia$+(MR2KUWQjw$#jVw+((RI$w%+pJ(7Vw-Eld+=l|%3su+
zvCRu+BQ{nm-mGF{85^sWjOW}dIuxfB|68TRF(pnb875O&XvKd;ine5Ci>$uWlUryd
z=g5SXTFDs*RhJ-D&VMiFKUNFiM;X?$J=*;Tg`?_Dv;R21B7SHk2Y5`UFa-M1q+QkP
z5rgq<f&atYmhyp<P5-HgO1w6$6HLiMxIx@4Fj~8J1>jjs8_vswif3j_=;EsU?2Zp&
zF)=>DoN#Te{A}wEPL;1XL%z&kf%~nT9iP>-#QFie-XnY@Clhsm*L!@1fE@Vc`C-xb
zd&@EWYx6hjzHfv&f#HYVU=IId@C(=deK`E9J%LzE86HIh`nRj;ru$pz{o0(T75@k$
zl{Mcu{vP5r9LL(h1B<G|`UFqL)~P#l{C(DA?Zf#0gA<cV&RZx7#o_qATES{0Vf0^+
zF~ef|4v#5#6>%8*M^s$1zQdap%tstX9%tq(Ijni#;mr%?AP(aWJB5gg?K>Q!J_!Sd
zc#Qg`Dn737aE$roG9F_-P{p_CI~+qkNXBEx(>dg)Ad&nFOs+*YPR1S!cy~~{KaSaa
zwdQ!|z%#U8x>gb^O0Ndum0^GM-lVUqKgDq8&8=8<sKaM5Vgw#k%K;W)sk^vqj-QM1
z`7CUFKJ#sfGCrS};{zR>*wb^PHv3R3IX=2S7B3F#udDIth4JzDQ}urNZK0mv`FKk{
zQ8)CH+WdQ=+tEW#jt^D4ou0_?>B5p2o*b7sKCMLzh9@Vc;59isKSEu?NHpu4)2v{D
z9G$OZRP(+$%?ko@a5l=Q*uFU!n<<jl7@OrXI<9XHhURJ+O>vabE&AqQWONygkr{|k
z^}R?7&9}f%tVgjYQyvK^YJB#Z<KyM{43y(T{gOJ8H)C~Ze7?LpV{43%7cmS^+6GD3
zuH7}A?CaZ6j+X~0OnItzy#9_=!)$-!#_Lv=3>&Y@MNHUu@qv>%<JCt-*~g0yoFG@-
z@oFuj>yFm}unoB#$7?gve!KAs$<xN4Bs5Z<lBi3C$<u2{CEhhoo}TA6_ekT@f}K_C
zYlFt;Q4{ahBM?45%SBAs_z)fIjE~Uh2zDWPnk93Ek5B&XC@9C~Iwec_S6JgR!jhv4
z5vmy^_HT9NCy|+a5%SX>(c$v58~7%+3)7Qx<zAt(cB--aQ7Uyb8vvu=Hj$N7S(|`|
zkt%DU(7gf1xvEbBvQ~U~sKc5V=)^#LL^3mU>2ib0Q$kJ0(0&8^xi3VvB4nf1{Dtph
zC-nvEmxYh8R6)V>^!!Mh{W0Lm>yJ&AyA4Zy=>mMr@k3FKJwq#Ah&-YBDfSymf5Ade
zUAYXp@_z0&dX+(qu<I|kq3B?3$za#uzRgYj1#jOGanN5bh$(m(C9s5Lt4OFX7c?t)
z9FbVVdaFoiFBdc~C_y9^vCb+I%F6{nO6hY<-6cjPKzF$SSUFM*$RS{*0X$?QS|9;v
z*;gh2EmIMyUPrXF@l)vUvC!X%m(X8+z%b_cJ~ihv_h32w+9zuz-*J2`9lmnX&gylD
zsQ_M<#Z+uRG=n=Dt$2}b^k5I-=!N0sQI20HwEjrrX8@9#IDRjoXx;I9OvQzbU$Ke|
z8@~xEGHm<^xFi`depxCZV*L1W$>`%p!2K=95BRwX`UsRSsgFp(!zPwPcOvzXtw?<X
zf(p%nFFYfNZgmzqcoy1)4tso0&&}HG>&2Wf_YBE$&mfe>&Jem`{bHdso{c;Le}uek
zH~06JykUPo#F956qS!C|iU9Qe!LIDSElqi=R&g=eeJ`@)?LR8A86qut<8wbO-5imY
zyuF|zV-Xo9Zx5=3I3(EQEq^*mv_K?eZJ;G<eGsa-CU34ca0mAXLcZwFcYkXncznN_
z^5qrs#SKC;QI>n;N@ygMuP-29X=>~5i&sYnp<OTFbrpQhc)XQcJ(r7LAa3U-?r1lQ
z9WD0MMBvs>irp@D#beO}?uw`N61(DR=EbfU4`Yl<9&0@NXXb18{x?A@nd-3rt!o4h
z+y8dO<W>9M1K7ZY_P^MxTpo1;JQhApQ8&OZf{xe#1Bl9FDi7sur1JIwNjq+ZPk{Dj
zlOJn8{CL=YSc|qFj;*sF9xJ+G&TVT!3EK~!hCJqYH*P<y_OoI8;g8jxHGDt3O2vln
zhhI{$;rro7Rcz#b_->UFxgWj`Dbe@CgOLiz&Bo~dkL`yqIn}-&mNrZ6-hYPgho8Os
z@&@gPF<Cy1sob8so0Daa%|7D1KgM)$-XDwUVA~&i{&#<T^!wvIk^AG=2z}nPUkH8P
zaeTNGiSe=RkDveF{qfQ5k1My2|1`8ao-bB*9z$6sjFZCg)p>v1;PE=tlB>l3?vI;p
z&j{_0%WeB(JTqNqfBaYb{<y*8bJ_pykA*(h<o)sb(j)GV-@!(Y`{T`#`{VB$xIe~t
z)-ms^{jprXLi=MM>N?W?3NKV`>i()Liq_p<wNi0m`>XHO9yV-$^@WNI+h1`%>$tyq
zMI}V+ujZ))=l$_rNVVyQ`cdwWD-Vq?5ABZsDey9Ei&Y0No%hEL9>29zu#aHhn8zKY
zqds~>`^J?hT6g?BDlTmNXh3Afu<`4rBE!ay`&q~F+YeqbA!7Wts08Qn<00X1IDWL(
ztNpP&zLkUbi@86>{^6a_{+RAMJXCup+qbr8d*rBX^x~;|rIpyMQYWIAJXGtCL$&0o
zp;MJk*dTlR#dgz*cVO?v^M|4}IKTZ`?2pe2A1`x%JoyT-H>Mw&wKuMUF$t$BPpLS$
zH-1gpqIk;5jB;;0pSGy{siA#wfOe>Yduy(j{(phXto<zgD(=4`+J5$ui2W?>PYvDA
zZj<}j#EOXhY~MiL{p{kdVn3V4yrKQ<rs9bG>_YU^%Z1N&lsi!#<#rH?hID1}21dl>
z1hV$!WUQn+6Reh_aEuCrNUrXqFVj7hpp%oaPAh^}z1YOM>G=asA#6Is{FuhN;pLN?
zik~yjK2CTv?T72n52iEIyL1Nn$mY?M?)sc}%I#?i{G0k}<r<1qICwk#K&(cq;`89`
zw32n_T4%p>sNh>yXv<^@9TUFgnxDkGO!_`OO`tP<pAfi|ZM_Ody}oVeo|xal3(5<2
z1={0<PCN$=WXA|M8y$Ij<hEv)rtCr6@RkfTguETg3fz2HFX_OA+JxAIyew@(ExPav
z0yxpm%Vuw~wFy=DNq4=^;Ksbc2yVdd){VIDt9__3dY#IlP52pQ(_OXr-Fk>WKQVa?
ze)3o2c5|8XpP~VdzCqGs>J%YW>~gS*T~Dvk^5z0x-wE>vddF8K&e!^YDc~B;Tlax=
zW%Q?_s0x3ebU2zI1wG8+A)C#gs{cM5HeF<Oc?2A(5`=|7`U6QvsyH;u#9JHzH^cF-
z<qy;`%$;gG&fKIs75p!P!e1)mXRWvbJsAXlpn*Ao3G@f*o8$Y|<_|P1&<pyZ^r!OG
z@n6yXE%bha;lDy-J^fd_8GGTsay3Lz$TR$@f_p<eGySRHrd=i+#?u?>Po?+=&z^la
zKn{|B8};&Pi+}MU{#pK1SgH1T0==e%_%|fbAN=zs>!v?d?D<+T#m(d&?9@0<HYERW
zri?R7n>$(<|Aar9@TV#U0rKx$<xiCs?oSoQKRkA2w-14T!k;R1*0C4<Xm)=pOmw`F
z1Un#j{fJ+klPGyC&_i@ty9cjB4_2@LnWs~5v5R!6y2Lg=uwU9FBzG^`OjGNo=>BS!
zKNTKX#@rMRLG-7hcNN+Yi?yVWICpWw$p`*ay8mvt_VvdRhuxow{y_W0dIIql{uw_D
zU!a{{e=^=SMSrR^I**Zwpq+6@`cvVsy;py4U}j8K-(GnAPSEnFx~UdJ+6GgN{tz?#
zIleFK{Pe(g#MAG5`cqZF)VT(S<GaKBsfcA@K**o!N6Ic>Ny1jhpDM-jr%D3TSVkN%
zDSs+(4&V*pkM2*EWVxe-*hhaV8~da`74WaW^r!On>(cu-^`{!tw^z6N{i!^@U+nzL
z@i*9?>W=B*{#01U8tzZE8U9rB-m2?QHL!zNX}>^%&7W%g-C{)!B;Lq))1T_0l8E(}
zng-VhoX$G>Qx)PP;-)_pUbe$EC4nwgo(!Bvs5Lm9Yp|}}a{(qgP00ybkzu-0(TfU3
z-|S?Y7uBy5#%98uCO5b8L+MX-POIaEIe9gmWU4AZ+`5<kR3BFE*$SVk8(d`-JFXOW
zWtDrTY^wOO;KEJK@T;xUl*iRwsLk}a600t1EZj!X@Wq-QSLs58`wC-|w2pki$rxYL
z7E|>Tk=PZ9l<!Y$M=30?+<EQimw-;V+l%wdL87bl5u&#w&CTE@q&tEB9q_8>`DHE4
z&6d1|*_)NVxW+oaTm$*GpI`nPMIqROU0I>?%jZ=b1U+<q`LK#?hDhr?Wu}U3j!5e~
z<z^Kbi^#C^l#5kD91?8jDOz#5N`UXx1(D~MosrrI{hnUAU`y2VOUnTZflE12uF9?B
ziuK`?J&5k{0rWRc+tixwc6lV!yRj&_i5jVxsM@`GFiE4tuX1cK>~6Yg^>S6d3pen}
z(QxEjdAG}`e0S^j71tKH-mCoA);$%2ZsWwe!F90m-&+q>d^z~SUr(v{a<mo{lkRZ-
zW0jSNhN=1o;gs^I(rnyHvx%=sH1XNl-lqJ;Ilo5HU3?S$ySAA4CzfW+FZh$LRrYJ_
zM&5(gH%9G5dc|;l#q0gN=in6Z4>0<e^--VEGd2tVA?Px8{~-teuHDd=g?|?ui10=Z
zI(U67qol{fE7F6gQpE`uqNk(_(JLxW_&oTe57AR9PC7l@0i6c%I2tce@zV3*G8vDP
z@!M3qbW7ozHIN?%<L4n%Jpze&bLrnT-0~k%{$0AS+Uzg<yS)7}G|RsWP73g7wfPTW
zzxac+Uq54wlG3H(?fzZDe*yAu`lHaFKV1Hu#;0d%u21bTj_udMrZb5Leel2Q)q>-b
zuJ@bH@wo>|zu8`0yew^<7@rfubS3)VQP))RFOGomMs1GIxtV<nTm^JY#{i|vxG6D+
z#Ca+r;lI#bMK(hu<R6jnUpQVxHb*4nACd51ID~BmNKT1Gq>_ImV34+{gg7K9`9}gq
zX^l!~fdnQ0NHF~up69kD<i8LxUi4qkeczh>7vpulR`NZf>FY%oOgUb3zl1*?PJ#{!
ze=jLo(tiOm3k6t{m>uT7V98h0#_uMaG9GdKR@?N!#*N>7C|P&>rpdVQ@w-k%hK=7a
z6&W^u87eYj{M;%bV*L0vagMn2_*FwHe#`L-$=e;uzRjWQD2LAGPdU<V-?rglXuWlk
zw>N}+`v~%e7c@3b-sry|<n2=g>W){Hj0+zxz8#S~4I8idDl%-md@8cec;)A_xEiZ5
z3K8?KwvAJ`ziUmlJkO1gFZ#PW$d~Ew8j>&iyLw{qI!Ngc25$sBK0=3tkMB65$vX*H
zOv~F!AStXE|4>NEW2Ud=$hKF{*I4?LDUY8hf7wVpwOmuo^$uJ4?*LiEU9Z0n^(lC#
zN9t2`{J~aZzjRpam(I26Q)`7kSY3UJ{$OBnm_9{+Fvf-HQ~!s(cL9&8y4uHQNJ0Vx
z&Y%oL1sQbIL{Sq<Y$Bm#Ab~S515psDS5!=?mx^Q(sel9~ft(J<QmfUr_LJ|^w$@U`
zRue>o1Ofq6ZeBpC8n2vjxCB%PAk6=L_dat=!cD*ap6~xW=6N#boPFPGuf5jVYp=aF
z?ZFtBAWzXAjDZRA6z#zn*iN3JJs2a}$y2lkV?@XD)EU}?ol2fE?ZF_ba77le2a__e
zP(Y<6+Jk-1@w*CrJJtBLu?IVo@uNK$K^HF%(;kdr3FAk5Fa{=!AJtI|Oc+1fgE6q(
z_|YDW5$(p0_F#<Yc>K=L9_*Ck7t?pg+oy{~c-l$q!K9ITn@JaM4;DA+W{c^}NmqbL
zM|HQDbiHh$bFqkl&g`mqd$9KUZmwT2-=Oa{=Nsv1)E*3w!f<seUyHR3#FsA-haimB
zFl+gX2!r(Ut_;Iq4eM0?Cxk(GSuMjbR>P9YHH1NSd0vKLsD?pwp?ryOh%UdA;TWl5
zkX$HVA{>&-Loyr#H4K7_@Z1LdiIgu*{dtG>U|#K=h`geT^$PBo{hsz<zZLp(`#Vdb
zD{>oY@3C^ZR8LtUB7~tB%-V&a*vB$1&QNS@XR+K*`$vLe{g?N$43qwzk-gaDj@S1s
z9j))j0qf26{rbrIURa5pdV!yLJcIUPr@O#6m-Y=x)va9GAKTeLA{MhHgI=jaTQa%G
z=Y^w8K;C2$xQuxDro;8Vxigd~??>%b;@10ToyK~9Jy*mL{5iArzHTnH<LTQk&9DUe
zHpL7~pl@T%zy$hsjTzXEz6~%V+R?W(GooYq_9acrV)Fi}_G3>)->@*32d?mP()IqQ
zM>9^g-iOUsWW7J3{dyl}XlJzEkF4|$`JRGa;1Kcekaewla#N%0@I%t4{clYfD7NPB
zDePrCJTFB2DkNWQyWYosKh#jvcgppC<UH38>wRJW{vFo)!w>gf+kU-|8}z8|i(7w0
z<kN_~T4a0@*B@=iN1o?8#rori_5SIv_t$QidMKtyllB;LwJ)~2(n4+QF*;uF$IY*k
zk6-=|>wVCzIQrdgJ$a`3nvU1|xQn69d`npGpZ0iZKdkpV)PJ_qr=7uiKX}_I*ZT(6
zu3YbLYro$AN{;Nw*ZUogZ@fGu_#M{!t5Fg8;>p(gGms`uo;s8D;t+EU9xqR2nPCa?
zR4+3yL7obm3-ttf>Ps`Qojk<@v>mP&mzfbA%Tv7DF>XG7Z+Yr4?AxNN{Rlm!Fl;Uv
z+tX9I{}thfLSJ**<JSqTKh^jx!^+`1j^Au^sU1IlKR3e?#&5hCm@s}r&A^25yVMM9
zH-0_Mh<5UDD=6lP*Zc1$($nudesT6~x0w<q2k)qyb!RU!&&QbOzY3AWbQ;m(Z*D(o
zuy5mKIl`(mB4uLMc|^$_E%?uoyO!rFRh^LL1omxh*862M#ae%>Tx^TA{syeSvDT-%
z=jdAhWrSg^&+}XelWYC|Mi|!m=K5W(^@V*K90<sC=32izvevJ@8*d>Pbw%tS+S<Pj
zMtq0s_p3w^@#nd02svH*w>5J8ZvRu_`h7^LxqkolNk$~B-v`LJxb^$v2eF3HyH92z
zF~hi5Za&fa{aL_(`}2<W_Hn;Uw2$j_Qv0~wC`Z`G9e^H}i(_FQ*Gs(8J}v|QD*b#-
zcHpOw_Hk1S@iVOiKSR2FmSLfN*J}LiY=W)aHagGRE=<67&^&G<K3^A~&HRKXFj$n)
zK+NFh0er&3u3{UF=Qj4h*CxKLrWqX^hqZGWHU@1xl^LDY><7*0_Ht@uuvdjNqiZES
zZEr@0pi*|}7bT}_P*<!})FVS~*H6)XWnUQ9a1|S3W_9?y?>+u(5de)E*g0(s+)Y^R
z1rY9kTUgkAK>)5tOrGUUzBY*0M*IQ>_&y-Mzv1ia;`I$iZQ}RWv8X-bbvL8-;^)3*
z{9L1a(t`n?Gk}JB*C=l(40xLX@1q3YM`*|PHKtA8Opv)!kAf3<JYyPfUxrJ}Xq4B^
zU)O)qK5taKeO~8LgOjgNsyefU(fQrhK5s1S%iym|x;ulvu7aq2Ud+CX_IdQz^<%I8
z3)<&h<<<5^?ep%&e)6FH*n1TAP@0<PU&;-?tinDo=3nYif_+}GGHu)57yt(fQc48$
z*LRixOxT}<ePhS|&i(`Td4wO#q1IuxN8xu0`#f(Hesp(M1h;|ocUFZG!10n{&|Cq3
zaXIh_7xNd_4t@#tc>;dIUmV?Y(cjsj>1S%62ftI{pyvnsJd6S^A3Rh0JU9dW!9Fi~
zpVArF=WQMTJ?-;aA8l)&_g{Mj!(Z^2Wca4Pv-Q_Yp~2pS3{m^M140Zqef>S0ezwHx
z?_r30QUkr|AgiVVe<JdcYh|3=K=0Un&sG8jp_yH}n9sE|*qeP{%A_x#&wmX*&V<3<
zYdga<*xMd4*xS+wgT0U7{%Tv}C)d-8$}7I$DXn5><EMA#eQc%q-WxsSA@O@hybg1|
zdzB5svI;u?S0g%qE@Ifo6PokQjMMagNTfIQdvZN<^LMi6n|B)e{XC?Jqp$RTnCOq>
z#P)p0Ox1e)dM0RwC9G%OHUksZGrU@w3z3BN%yVX7yY<X(%!qdDnHgq8$LrA>5c|Km
z9&NAR2R{A9#H;6tS8eS3)>hD3FZU~mU5&0G74_1{?|gHAs{{MKOQ7#>bj`kR3vhF@
zKx-j0)5xy?czXZ#<h8{+Kctc0(X~T%e$hCr+|mg24b#YPP2;dTExQ|Cc3|_cn=LyV
zhg}axZLWTB(RN4fh|L2UhZidwdNjIncfQ^@{PGc75HLj9rZf(l-DjgxbsrWGjN8a<
zfj1NUQ_<)}2vqI&*E{wn7STWdU=J8^Q}v&*2gLrso9*`pgy?qS{ejcAPx`?g@PFGL
zaQN)}4c6HFinj;sA&Gv1yxsBsz-f=)5B7ln+xCF5`R0nV2kafkuO&Ua@CSRq|0DK*
z8{DVdA2^9UAg*(yBzE%sfez>65B7i^ov-+RXb&hfY3=2e4)zC5d;ET|2mF6y4=5J>
zKiC8Q|IQw8ZB<kQAnXD6c+LHUB_bkWKVhqki`!2a`k_!S6jmqfC;YtlMEeOfSZ$r~
zydV6>HJ?DA(4j$KoIYV>M4xa9gTNCh6jI+kV}-)8ool2*p<H>rhqMvAS9v|6M5v7@
z5zfGHa8{f;!K8#ZpB}Y`PS7WCrwzWgPi-$a{WSCmncrQXu*Y1=$LkZ`Gs6<}35{l8
zf<EB|GcZA)@CP%nojzf%8PQIkFx8CcSf4NovHutJ2~WRuQhh?4{osl82{0o3uKI+F
zcK$n}Nw^5dTH|#HGov~LtaLVFrIR!HeJ*#TRQxA%dm&Dpkhnh+UGKE@zt*unp{+gJ
zD?gks?9jgE^v@S!ePjBMk3V17sonY}VqbA)_J-&DaK13nKIVJdtGRNf#;NQ65jVd~
z9ncBp*LNGgpZ;KP2nff~|L;A19qSXiwwrGW`h@nDG27*N>$dbz`j<b2eeVzF3zfL@
z){*nOCp=&H%luR76VlA{g&o)%9ylF+LWkqqk-gz3u=Atbb~1azCy*v?f9Fi>4R1zP
z?$E@`V{S7nK^_}q1}4a3{msAxd5jl&u*i1u*nSX3MzoX1c9;<z%VWIIBW^x^Uwbv-
zPp?CJLvu;`ziV%J0a|~m@!Jt^KLR_CGdLgmCuD6qewrDUFn&HWFk$?7T_AHOjNd3T
zu-*9Om=W#9FT;%Jc>Ine($nudesT7Ob4^}Id&47g*0uFFKN(4+zj>T5Y(MGD^M!5A
z4eu2NcVuoDJ70Jq(nx>vr*XcJ_jL%H!##MB(=B?w@O>GC(Tbffq(uypVX$K73;!v@
zFjleig*?EGbQr3{^M&(eI7TYrd|~xi$nK$g;C>`_9;)4W!gG<PLwm%t5J3lEG5_-W
za6<cZ?Gc}r_K4NKME$`(hM4+;dqhNn{@^z<E>3@tx=H8{GRhP52U)ps`h)oUo^cf<
zbh|LMd&ps4S=~PmS0-cmY7v)><5H>`9K2gs<m?Ii#@qs2Ba17OZ=cQ5arc0#^U7*W
zV2d&Tt7Kj$eg;=QKeG_GB4c8Rn*8!=>ltW<xUzbd+V0Bai2ayrqHBWdde``Im2*6u
ze5I;()D!rzCosq6)l1Vn`sMk5?_&w|h>aiIV8MOZKI`<JZhwK(;@juOxw2MQ_?^(_
zs()sh#n;879SYm;z1?BKx5MH)TMf+2h+YB^zGxg`qMvIPMeA=@^Qz}ibMk4{ckH$k
z)%Pi4;_ACz)jp5a>Hn-57ep@x%;84O6L^6~m)-tjNfi&}>~vMG>_&hpRZoG%cmpdf
zA~Kw$EO;0J7{y_hQXosA#gbE>6Q)a>B1}8pPc_8C*;@4#a=R)EI$L}_Re!jXvfvJ|
z@tUH7LN(mvs+@&uczj!A#3)4Qs<p-=;zG;af%!Jp7O17y3fzIL9{T7NVn)u+oNWp7
zNu7H*NmO<>65@P6E_Q2$#c(eaSUD^07|!M1DI(Gp+&AqO*2Jx7J>rfd?v_X#Z#@%{
zI}z#D-gf)nNJ5%0(v%<#91JQ|^@xIdk7SSTO0FzOgQl#(R|)&MV{ZSqbCmf7NEcj-
zDT*!uMxD?CT=1}aEvC>N>C13;V)$c^c8@a~o;vSw7Q+0n>I#AhGopu5oAUM)hlPgl
zVhUxh;#=6BdXocm3{`Uk+*)H%O{P+d^e$ww0yz~<Oqgj_r=g%=K7QhAU`i%r=@p`M
z#B+k8bi9S_f4k8v-6czR>$Pmqa{j>TC~TjE1jRK=oMJR(y;V*tVo~*=NYy%88l)k2
z$5jJM&;|u<IB*Ag$gz@b;9J;!QKSv82^?%}*M_%mI6)iOJ;ha1<z#2jpy9GXzN<a?
zIOsY38dqR`8ldQ}zX}&z&(Fqd#l@=jk%zwaT;V=${~S(MgoN$&w>T{D(CE=V4K6`C
zkG9Jdz8;Rvkkaj+od!&POa_PTk0EJr0luQMqxutCBhF&KaE-UPcN^IA?VO4$gUb*D
zWC21j0(a*j^qe3rvqZ?oPF}59AR2II!NUl1=i@4lLvCecYdpVj&uzt3$rfe7NBBh&
z#ZNqQ!{h0&N?Zr+*0%Wmt?Hvt;$f6CLe#jNIbhTKizYQ6;_)F>8F?f^@6@?RWO@DA
z;`{@Oe>Y$BQP#==8-`}1?*mo87R4PwaffJQX<d)+QstqhLZvpW)NX6|B(2MlQsoz`
zaZRo){4ge=EL5B)!R@(z;qfZmP??9K3$4BnarL=u;WI2!x4&G`-?EAmdL@61-(4+O
zN^Q!Uw>d1U&>)~j*Pl8h^7H;NRa;Y3<G_4cA@~-!NNfOZW0BQ6eO<+f1%t?q$VC8?
z#h041Gq^(r(B(rX-vIaAb$NJG^%c%$6b#c<W9nrf2rHbE(Uhd}d|d1s{3EgeWryB|
z*07wgebywiH8(_CQ&cm<iWY4|i-JEVvj!6@RP~ocxyu(LUD$3%HWYMlGIE1f=AkT9
zJ<FN5(t$TKkqy(ly1qP>ZsYPoNoW9Xo~hzYODIlomNgR{K=&czr}3(A9Jbow!9CLY
zojam5{${vvvA;YW*M$?b0w%`QVA;WXd~(2adw<Lo;{w6POO-hQCYm@7O%x*%wl6{z
zg6u33Io80+9ch39^)+{NYG_V_4EsixhElB?dQUkbcsHn?7&W@L%9K@(yZqa52v^k%
zId9sz=!U%;Ta+1XkrN{x$`P4XqMsJyLZnx^$pC`fI7<dN@V=73G^}wc1lF_+WEQuE
zn-c+fgASBKN&M74Vnb}kScK$+4V4jDh``MDXnR9lWE$LZZG5oE4)z}V?uVoRvr)XI
zw?*k@T!E#j(k;gQO9j6kM}MjP+!|IeN5j3{{)a$GU~BTxjjmf<w}vmeA0$h>u5rV+
zB1jHUtQ_^g>87z~Gs}$?*oObt<)NdVz+Y87V4DsBWXQ7rffx|G4;IoO<d5Cf=_E}+
zaL6CCA%1KReWChaEhHpO2_(en<9~IM2<ol|UM;~}*#0(xJ%N8&@ZkwOZNr20#O^OY
zY58O`k@5p5sB&-@-*}YPOsEB(=54#8v;=wSB<(ej!Qwj$0FPpC_@b*&aP)JHYXT)q
zxWWXg<M#SE+48l^AzOAv0j6we1E0y@B!fy#h$r-gVQ&Q5nbM`t=`g%|lCeHS8l{#O
zp~7$Q_5ZR~Z79E1xNL-LX=`~F1kZCUz6)FjM+{0XKhF(m)*Tp;34!%@Lt<iNRegEC
zxTwkVVo}<fP$%tmxa;#bW&#h^#6}zErA&Dlr2eQ<+Z$xIi_h)>W@c@geh((g%fH8D
z89ZovS)Qsd<shjkL<v=c8>Q8Tau;5O*m;$(V^p=_xNw=h={Y=Y83!kHo~kd3=2&O!
znGL$c9OavG>QxQL+}SM0jieF3Sw<4F8MPa~%MtXqf1#x#`LG_d&8>m<FQ`NvkRS%(
zm8(I#X5)39e9gnFU%nPV$f<h}?`lAxv>JGvC{3cvB8=WRrR5IP5hcBW7bf#jy~l$A
zw)tkjk+MfK;Op=w%A@s4bq)MUc(jnm8gkV%d98xd->zzdoS<1xL3(iKf27RchZd?$
zRn8g?J^ok`-&YbBaLHNNzGMPvEUzX}s^3RyPv9Am!dv}WdH>*ghR8}*kobgpdbMv6
z1(z}+E&cOy2vE@Q>l|3b*DaWVMi<q*<h-3#2NpUP;ak-fI<xUDF2TmPl2zq&h@ziy
z=85MLXQBC2@hsJ<1lMsXwgpqo^d$%fOvKE@{eD#svj@v2Trd7oa(24&*D8<HEB*(t
zGvf~YTHuJ5?i{73bFpiwS)(?5nuPn<-GYY@v;b5ENRkI9H|Fmn>jR)T3jB+VhyWB0
z1BUJX>j@|Ti7C-9rsP_>dH`O6jdA%2TV-Os(i3oJB3!I35~EYo&<TEvaD2}&J6$Ql
zaYM0EH!l-;6x+NEK3D{z2#+W5RBEqM{l~kMr@8971glVwC-6@}T*wx$WfKwrvQ7Zx
zL9rF`t7i5}0^}RKMgdX)fWQ&jOU_CJDpfy4DFDpPB!_U>J)gexPKZHZv0?jN<0W8H
zL_KIQ$_dKl$$LWC@GOA<3?L9Z+7j7$z?zuBKOi>eAf~GaE^#v{FFWYAJtK5Sj6`^}
zPt=A_l3nJ2ggk+J;3+x`=SU6k!kg|CGQg^_4uBUq$7qA{$7oaX)A$39(3F9x!-C;9
z99dC|Tl+w%x()mpPSBL9NnD-;cx`l!CvY45rhn#pxHtzhuNm`gu$XVV32w6yHEZ1s
zpC{4%=p+zefa?l~Gw%F%Dkj8(N=`C!#<{h3!}g)$09EY(=UY1F+d>qnY9D$6FPT&B
zVEK=O4<Hcq5GSvIsO6Uge<l)b7x@+R5BbTK*;wsEfy>2Aft#%z!CmYICHF7Jpgme6
zr!{A5^>vhgHN<^ryyb+*b2qXGh`ok{s@5P7SpY$@<>#4b1j{w&1YSGFX>ocmg3v`y
zl|xv9JDC63iX4!GdMy*{yrp8D2Pzwa9v~dH7qecj;5PF-CeT|V2LM52i9?Q@oy9qy
zkpiZP<q?Z_go;ZSjn;b&b-f1Uw7A2#U_F8a`@;6+UK9;h21FW&VV{+e#vdr>)?|3|
zzn~D7rc~`<Mo`GA&1`05<bR2g5Br{hps6lHIR6UWaB@$&VnIVir8Vok)`J}To9Mwg
z1EZe}8tTq}w_?&sM*p3#-E}QT?@KxQ6vQ%=>OX-|djgmfs0yUMJU<vfh!}tR@hr~@
z&crtk$htL@prC6g!L6;8O-2z&q*P55r2sNPs={Ja7K0<kgZ|oWaf33a7K1_>hFY-*
zuMvZz*oN5@+bD<9bD@)t$VhysFvRo>ZXof=9Oh6mM`bIS*A*(6H<Tz@Pdb-kw3Mtz
zor}d&5_=MNj;4}%`!pr<Im*gP=Jd%*=JHCjR9X5$XPx+d)Y&ASPdc}Y=S$9A;`xm8
zka(_ern0o2OPqc1bk!vX2eUOcw8n<k*w7jqTGKO<KT=+#{3_8KS6!!IlI(>Iy>KX5
zZCiUCdUiu$q}MShJZiS{NzqPMT~hE>(#SK0#xOwRR{|OU&=wP5Edo%(0G(e|vbShe
zvxus4){CflOBtN`t1Tk7%1QMPQ*q(0WX@YGW9voiLMO>C;cvl{ER2v=b<lQ{wVa8<
z_CJmSpRP*{9%S)n3`A>?tCBPC{C@@&Qi9pCH76g^D1w>@n|XVQl6lwUQw_D!^BEH*
zmk5+})pZUMhG*XU|06@cSmn^CkvNu+=F+dDk_jR~NN^KI)t?loLX;sz^5_@+=z<K(
z@{jNizTyhM9T6axb8dp2APD?6n|F^`u>!6<-02nKo>IIXmtPD5*~#Oz4~Vi=9_h3k
ziUve&>9P@d3d}qi$nz=+>!cL#=pwE=#gz|>Ij$6xCS%I7sjZ@^QfgE(O=&XoQ6V)d
znNK<?9g+mlN2b#AQRfcvT<Baco>fk&5S2_RfH6M>E(Q4)iF`%Q5lT;wbAr-yyt9;D
zq!1qgg6L}4e#b}$<XS1Gmli=@n!zHm$N>5AI7<}Uc&EUq2hEy)C7zEu|9~eU{tI^F
zS$uf3XPis%)Sh%&Si4P%Op0xxQ(T9Ru}BuJTIjU#S(~zjVhwmAhlGETL5SCte1>Ta
zUC9(R@T5pb#m~g()L+d0P%!w@2o$B;uecSfKP-6?^&=h)j{n{@UhE4MgvS_lFXa7V
zNC^!46T|Y1s~MKF%7I2m-9t6Q9me?#Kga09$5~=&f84l>Q7J|e!W6hQS`!+HA2yxD
z$mrXGEui}ud~1Ag3gSXHAjD%*E!6MPzA*HLUI5%7<09Nx!ZIjG8&7OWwS*jriB<5`
zG~*UC`N3OdatD+DZI_UajJc~4bq!KKANciT0?AyE1r|)hmr_?pY1|W7V8f$wXqWP2
zDD?Y-lm1$WH-S|xVmJ!ss13W4aOcZd;YPmUi{!DmXBB7kp@Hdjood|xv&XGqvZ{5z
z3ROJz0&EGZ-y&`mB!pO^dlA@xPy_wB^WxF(;Lgjc-<)FqLn>Z43{iDK_@b{d_oJU{
zpsx}71BlLFu>yT0?nQzwD^88@D_lmk9BWLeM(FE=79kCL8(n}txep=^J5<fL6N^4w
zo<bl{aNKWvz5{v$J@?)P=Q6=ZOn}`ho6tufiLn;(&?9sKTBAH)=c@XpRv!+$H)1R3
zmNjZ1*?F)K+J)X~Ai7EQ$^GUIR;X88Xv5_(#X=-|Y_%ZuQP{mI@oJmA`Rk`ofnLFz
z)#6jBS_VpCAOb0AfQeH36II*f(N>4IQ0tNDu|m8a@63QMZ=@BQidm~wW%x#S{w64(
zH>uj_G*S{vs8gKQAdPT^hKss`>RYHg0Lrd2ZWthS2USRKv0Oi{M5*ns)ZS;sgbt66
z>Q4)XV?v_hUNsqoHB+HCwO@A=faY&ZyYc2VaazB==Ok*}+Tu(6ej`RQezWnP=bdD;
zadUq$l;2F|NF{DIp0oW-HyeKpmF5XI8<l|xBL-bd{CHuzjpQvbV$id;a`jn<QavA^
zN^L51Pj@Ku4~viWdM^z#NvYe~@MZel8>eKhS8D6w7-l8*F_pSxS1Eda`72JO)wTpF
z*(1M4mxQx8XTvMmj9D$_yVg`#xl5`4GP$ra+|{*wB4Ub^VOw36BgHi(VRv{vw#5o;
z+Lp3+Lt{EDg}ZHW``2yC`|*j(TUCiTPu6C2Zg?)<$|^ACsbkNzyh6l+9$Kn>`!2ym
zn%hX2ta;^P{1$XAOH0qLDN4sB8R+usBjdY#5fWgNFCDvXX|7i;!IwJ=M903e3TiX6
z$eayE)8Au-BDPh7>bVk$jpxr##4dCGaQ_!tMmW}OachS?`r{UmK~?{?(7<cBstJ)G
zN&V`8^{RdoltFrK#W_T%A&r~}`b8z;>+%YbAa^9b&~^_Vg0#4nrJ{E1skz3DyDJ47
z&J$hN;W^%Qy|Dt9lVKK2j-y#o-vqRGh@JNrQ(SApELZ0Jfj!sW#ANrNy;=Kxx2W1X
zZtZI<+^)cc?_b0TzmmOBYHQgGIqUN<>(#;6XH?*N=Ib*&`A5ozVEz}`X_b<kd<InD
zX3_y}G^8xK0U*(~Lzhkk<tFe#FhSiu8^MA;95=4%mp~s#@W(+cgZlFYHV~S^Rcs;o
zKSU36Z?gMPNiKd29YAD55@J}`-uM&9b~Vp4XK~F+F+jTguaj6?i=Za5WhO;IDq~}>
z`1%FE5u;6=GI>H%vd|a{O%`Z%&Ox`f3v2PvrDFb!){`%mN{D2TQfw-yVeBv9iRHL^
z?ze1*uix;>f{QJ_J?dca<nlME=YJU&5s2iWmDvAxsDa^BARonbOv@FFovE_U0JCv`
z*$e=-<PPX7c*&;|B!vRY`dAu6{BoP1PXhoVC_jAHEVWkcEXOc|`sHjR8v&~Q`EG8q
z<o@;&Jd~pS%A>2*FuWs3=7QQ-5u_47D4)gG72ac=VfzM`!xGU_OTr$)P_BWl+4y1!
zO!C0Seo~hxLX<9w!^ec#;?e8mVEmf<vD8$_IWxq6BPYldXr%PZuNT)*UA{;J^&2F<
z`q{-J_cHP5o`Hw37>Ui9iLUXOEZ1M}nt;c+>p6AC0rR?|loI2fe~bAuBRYR>jw83w
zFT}N%EYh4m|0Aa3QLolYX8Ch5l{kMSzcdQlP9MyVN5w|-e{3E-Ix&78%@<q{^XN_l
zoAc;^2$TH*0=Jt$m`Hym>@krRVE(U?8|;mP<wPoIJCSB0B5@)W*Zf6{oo+vLy_ioX
zzmM=|7HG`snMgsS{1~dMcxHTGFN|aN7^){&{#<}ah)q*}DpB3E{GoVdEZlsi%=o#f
zCt=3(oF`_+Vt$+QA#ek-ktb{8^s#`f?-Gd!n?Y=(;3UW0M*69ZOH-SYgmi@MCJ5XB
zxeXUqVGD+H5=>+`<}SBcq^t-26B)#H#^o7_;9E3KNJ}a248w>4zEE78b&VXcZZ)_l
z$o>X~;zm<IV!Uxw5hX<S^Osr^@%@zY?x$zP4@{!G`zyp@Tv`M!Cdj+ryoqV1=gyT0
zUSI+t?{dsYDBeN*8Opl{O3iUgkaxFUkT75Zgz@rI{CL%Sver+Z$nm-o<K+pYTrxzA
z7cNeLn7<MFUf1^;w@DzyrjT3STQZSE`L@3+D&O9eCr2$N-~MwvfaGs0-xl;pM1Z#P
zt;wIjAf+fW5u)-~oEC}D(|$h^{NX0j)7+GvLIx>hJN1h`vr+2ERS-y75nqDWxR%L5
zYA1Y5G={z_i07n;U=Mnk0AFt+e7kQ3&A@z6YDYl2pU_EL=L&D7Q2!n0g-wtdth?74
zc6&U0uT<)8MGYydAO)B<3Ey5V;oDz(ui@jgLZ$YdE*ooRbSl+sm?XQ#wE;C}rLi?V
z5!7P7$MFLojv8K2gP9C1w^H?YqH-XR$#0s1EufIa*&pyz-KgTKxcR(E))VkkISIqI
zJd3Ye<*QfW!%}`l=ohYa$$3^a+@NZr5Rcw{dCNJL5lU@3ZpXC-sL3=_`-T<iV^_H<
z51(7srLc0d!=)V#^+C{6F71e`@_>UexJr9tkurQUSkGZm_wA@#RH{^s6-5c_Jl_Dc
zPpCm*_x3>dh<VTaxoFfnzck>h_0#sHfEQ`tS%uBLO?YD8Ud6*b_jn~cI`49PtP?4%
z>-^O2AjPYBc&bf)CgdNT-T~8`^RP7UBH+nAC%1pERhf4q(zyLYExz6Ez#Nz)ydC;f
zz!f{t*gF1+M^En!wEXM7b13rlQt;#F+2<mNCaJ~P*VGO|17D2Ri5))I!8KN;dL8Oa
zTz|OdhQkO{7EHky14b9)p4cT93PCdO*aJyL+Oc6Z^4q1~<6Ko(dF<S>^NO_33oGAr
zpvpZ=ewmrPVqoZUrh2LvHj$OzIG7mV-s4h+?{1qmQnbhm)2j<D<@dV7>yUh4dQsjx
zXvsFLtKI=(hF!|AZ{1-C>YJ2mFFGGQhmeW1n-*qlH}Jx2r&7DmmA9uz8L?-C+4N#I
z-NmK@72a^5d7&#&847j%%PPwK0Q(=o1~3FBMf;mwl`TknjA&yNqx~{DzSg3mXOh@s
zSKe-yGIBTIBR)krkFlIzGBOc)AzvNaa}LlyIknX4m#8a|sd^#YDFvU!5BG-psdLu|
z9D&IVX&p2Ka%~X2aKve&(>rs3PF-=NqDWwvz^Caj<OD9YL~v;ruy8U!$3MJI#VbG?
zE^YEtKglT@U;CN_XjMId1VpIv35%lR;3V+c;Ezigu`hx?a*XRvImYGx2o*#N<yxGD
zdU5YFa>nCkkuvhwh?*4wRlV9i0sX1yfkgC4*ti7BZAPu#EW_3%ce9rFQN#7BCgwJZ
zOzr|2;!i_g!DdsjfqgM^=p%t9t#MSO7lNKDtULr<Xg!z62&5Dwq_SYJWnJ=M%&9#z
zmx~sSk`;_F3l6>|ZS!)*f|`ORTZN<nqm<fvxwx?Z(t~C6W$2;tGn=H=7_S6+8ev%;
z{eezkTd+2Xu&p7!67ndy4CuqFIrYn3BB<XH+)A$M{m#Z0xYx(xt9$W(K^@<j!?p}$
z56x);V;p~17r6{ju#V<309aaw^sq8Zc?pd!F>cv%($xUkOHGU3{dX1UQJ_}?UeCV7
zf!E{)sS+HMsRrB--`0h3r#tac4Wufy)LcQsSuGeT{PT)7ri|~7hATxK<czN1+pd>9
zfuUag*Ofp$ul_jAblmz=oSJU^*J39i3a@^RV+b#-CqZskrIXEH{vyXkzx-eq!Yg+s
zAcW?>hp**n0#F2(&@o`4)Q!po*TlQJT@TnyB5cOp)djChk(}VVh(Q1$MDLU=l*F+8
zsItTuOc2g(<dlicW|#n){*;A$BJAadcJcibEYuUIYerg+)DfFj^GUNXqtoPhjg#2R
zziJ?7I|HzsA0?=8qrep7A>|XU-KnMq^PA}qi|arkq~+WOVAk?3C==v>wpZb1(`w92
zrRP4Ah7=sflUj|H0u*spV||(c6Ug@8$!ctJpO{43#%k=+n_^LIt;S4$c2Rh@(~m#(
z;CIoFznzl++&1=y@h2aKo~r!#^A597Y{%yv?ntOGPJaMRXeM|#`c?Um$KpHJwQfEq
zMiP*Z;c>_ZSy&BB5ZB<ouhdQ*rUtUPH?jz$2n$PNLlKS1ZiNlR3Mc23H*jC3Fek(2
z9>|(+N*jx^xAKq%W+&FY(xME;B|a~t&1-WV@Pd7)Vg&b~3I$gIBB3I_#|)%y&z5#T
z`=I;e)*WL*=g9)4(!7sHYo+}M&VdvU1YBtU(ZJMD+hUDK?K7-lXl!-xGDM4jz@wt=
zO5L!+!kQ({1Ly}W7ZwwjwS{t%96M<2vx1H9rHn^^*W*cBqb=rh2cEQ|YQgg><-TEX
z)jg-m*^Doxb{HChDB6!R3+ax}3yVjk`gJxA`eRuty~FDKL1K0e2SV&+Bk*fg=I@2}
zO4S#N@Z~4~CG9nK42DGTHey6dmrU7+?`VqNOz}_VUDisr9S+Y?^%<Q3^nYWrdj{<D
z{WxqthrrO*hHh?`s7@wQs!~De!uFO+MZ(~v_!2fWXb1lyNFl~5XIt1_cZD3PH?Brx
zV2Oa9N<)%Y5rE2XMY*d8hp_!gmI*2kz*M3rr79ONfoYKk21jXbeRzw229n}k_-&lF
z%*HAKqY{KdcMAA%bQnULHW1Xjt|$|qHhcmHrF=t0!<TB-MvwN9TQ3+53(!twJ{mk?
zFEHyXW!^2h0BXLWEVv#oivKu^^dIS}_`k-RTfe0%EW6yw@DEh%t2$7y$W(^3ENK}6
zz>|h;0fI$_$;iJ3Mp1)Th;}MfYmg$i5$Tk=k)4QQ9AY)lMGf3<Q}fp;^VfjIW9Ki`
z!w=g))PP8A^SJ|_1{>6&h2B6>18($dQ06a_jZ4Df0VLHWwnT)u9$T>w!+ym?QSRL+
zcZ5=R)5PPR{127+cj8kPi_*sGeQz8+xad8bGQW=946pX&Z!2FD6m}hepy+6%3)SiD
zHgvEhXw6Upm?J>jDTljZR|>{;L5>3>I1eQWBdq#N2ZnMTjmWB5VzAF30WP$ADWnV8
zZj;`|+WYFI3GICupY7ZGKsU3kO>S))nsb#$+a^GBIR$G6N{>g-sHGecg$UXk<N?&7
zdj5|H=9dHl30t>v5r7`ix*zs{LJjdn*uECh3M^5>_H^X*LSYG&bP33f+R&Wr*7_!U
zHD5B!1)JPFZ#9o*vD}7V&rWOjDP82%K3BE9w0>ov$NH(TJ^=i@`k-XosEPw;aLk=`
z0DI(N`$Qod!HNe-c@bHOTkFj9&G>d}5TwemlL}(P=tEnC^_6N}&Gtek6t<UKjK+ex
zInWv_t-m<cu*U_2^J<5^`bgO7HK+|AC%XgK(g}Fd)3A5!$q)K&@IZTmQbq-Q7c>KT
zD%|35);!t?c=c<Kd9<xETY9>x7j#zh4=eK*2}*T1Sxi`E9^Im;)=i`GeHYYMID_l(
zX|690Cy6A}d$lbozhOEcaP4t#{#IrF6WN??qpa@y4a)qd@!`?lf@Lk5I;(G5q|M&I
ztn@UuwaKF$Q?rgK^EQigP_=vW_bCfLz!z!vWb~R?x&>hJXpahTNl(my<h~^01gBRY
zIMbs$i}7mlT6ep(z3!}a?tJVu0PKqY9Ry=@=W0^1O1$GnUziJo?Jr;Cu#D1sl_Ln<
z{gUKs5nrL`FR>^O_W%|WpB_%ZOKh?iIj3RMeg@?;rS3r-{OjTlxG?*n;i$851yfh#
z#4N2><{!kTI{+ONw*CXNS}{?v-ybNdw-x8qW2aHgZ*nQWt9L1nH+ZcZyjgE}t@R#k
zCFkSZ!xro$H!5{tN1eU-yOsI#xMcLNJFez``G6Mm;fwV{tQMGGiB=0F-y60!I~|}%
zL^r+H2o(^cFiI}^@PF|I2G9>b#urLtqxAF{9+L~lfU`FyuPSu~PH({G4h)kW+y^cM
z^47zHeYE*U@!<`eg?T;48@OpTx;MxTN}W?bcJNIHZ0H)g_xNfo-8PpNYhLiTwVeRC
zht&Lc6+cgR71eCPg{VdD{5PimF8EgjEQ+)t_&a<FL{mX2{m*dG{4{=CLdzSP<km-Y
z67<r8GhOq3n~mO+=$GMzgj|`o`!J*$?#66Uw;Bktl?~0=5d3fSJDN4P9%)?SfKs%-
zvPzJ3K{E4$%Di78QSdqPUQD)?QT97vzgr*FTYwJuiT7z3($Ym=4O8w*9tqI_7jaD6
zFy;V$&ihLI3{&Q$k3?WS1M3;cpE;em7mIOi0of~WQ1jROMyZE(z}7%L^dT%lFh2LI
zu#rmh>dC0h<D3Q*a>e)qhN27bt=BZz8ubK_)2FH7O|WzAq~^Djf8x=01V2TST|x^O
zbV6|OYMX<7@r<Xd?HK<`P#)6Nx2_<X#4-NW2mpg9g{WaN{--Z+L>NCQA}qtN1UR%N
z4~)9N_=gF`Plk?nFn-C4qP)Kl5j3NXWB%m!VE%(Up<E=-1YP2GVlTO#6vcY;_bUEJ
zuwL_OUqKr1klbz`trtw^&<oC{_@72&AXMUvmnUndGOrGdnAsLQkC(C^BVpIF9Isy1
z6@gx5_&1Ssn-I-X;w1s&@f?YZC7!|0IN4+m?7GM_mFfeihOBcMm=`RqA@PamT`=?^
zCmnLB!{WOmY@a>AL7>2FSg8&mOVEvaB>hNL>c(~|&2K2fjvo-W`Z6#*G)!W5upD3U
z_5(7_6$xoF+6-qqHn|T3fy4PWWCl+_O8#t06=fCESRI_+tHJDfigTKvjDK`E5VZ?D
zGHm|{`N>{|oB)9i91{lbf@7w7wVP7GF&l9@6SMAS&`AM~&}`xjF+#A*DKOPHnc^@M
z9AScjDUz;E2Gmr|8s&xvsuXz<v_kSv{Q)pb?hhT>;<m1H!+1(80WRwg$ojvH<BuBz
zfBeD=89a_bDqxUGghBokSxp9cjbM<f+kYJ5%+*PR{TMLF4JLzx69$t(-Xs|0aWF_A
zwlePvB$W*En)-?hgDv=!>-FQ{k4QoOm{^eHk7K|eH!1V4x`2=et8?ovFiD7tc_PHD
zcNUsT00(-ddIM7cVC&l+NFHR8<B^UGVZp6<A$4yCpv;>IdMOOpf&g~_C${xosr)8z
z-Fi_fmQ7X8N<@-rw%`e-`Jk%z_2LzxOvtV6b7yUK=WkYFvjL{L6u~rQkBubk{$N8;
zdA?wpvzd)d(`1$dPz|x_VIjVQr#KKWN>83l8D<(W%Tc;WsT*}%sVh5Pn!kUQ$bU{4
zuP#c$7{)F9K#OLACl6C0r6|K*2Z1Zqcpjsoi}3jl_O~3TGJsaWzkwmNk(X7yR~MqV
zkj^xWKltI6evT+V90@-7&>ZkU(J19%US?}D!sN-ZjzYpibCv#NbxCA*#W~w@Hk20U
zuXicGU0tX=(p0Pr!+k?BrZzz^wLU1Wu;wtjFj~!DGrb|$SvE1Mgh9(gSi{Cm4ZtS2
zQ!qPVjbL`$ktg^reo((_1%Qajhq%ZLBpI963A)DMuMxMh6XIRkdQ<)`)*8^<<OkT)
zvdd^}k$<54%h36eWbyISyG7z*x;aK4biS$`03lNRO>lnU#Uf+gflG*Mpqg*uMUb9(
zf2U)N7*ovzQ(eRsh;v`<+j#?$2X`Ss2i)^)a!<(`1o!0p`TqP<sY+uL6M5)QBRmv!
zO5RR3D#!OE{4@9(C4?22+fn)_pkIaHP%p85kW^8G{sN&Oqfo{UpW4R~ehWfo_$|uq
z^<rjV-FyMTh)y>nK$wbv0PxVHuY@@0po~`aTc*)f6jO4Xw$HF^JCa(K`YQ1tbgt_E
zxK+HG;|-Y_(nCXQIgXmt`?@Srtvl85`tnxro`ws_q`@V__T%R|gaBAY6EThi2mwcp
zLI8!sLi2qwp8U%>h#R@;g?!nRoRfwSNGe4+lv6U)xyOwZ?AUz{%O4TNq%s;}k1SW5
ziq2N)-J%eg(c>00A08@{x(yWR7XxXjLz#w9cmA77buQW^j!8>}i)b5!okAvVK?x!g
zpIi=+d_5}yVW^KM6*eRwM5i5uES^jGr0mZRYI*p96JEz8XNLx0ErGB_lo``JH1iwF
zL4R{=gjl+?<1YUf*kZ%j!q6N=h2rEdt`%{Gy$W`uY6G(&g-yu@J1n+QW5Ci$s@P~Y
zj+vFJZ2Wq0TBzz~fKjkCEbE;!a452ohZE;t$6%}zQ~&_Y_ccK9KBO$jy%51XIBkYQ
z<?ausm7SlnCsY=b2Xpqwg=$3KOy*jNX5{RV@{>|)1Btv#shx&JNv{cbVy8holguZ~
zp~N?K2gI|p`2-$9P}K)c5a?D{c(5teHvlwI{6*;-wkDbAF6`sN7`D7cGyKg%)xmO+
ztN7<ZaKS-Q*}a95b?F1K1;Abo_BG(ro#%uIvCp{OmJTjfZVUb%0l<w2X5A;XdbG;t
z;PY6~WS|pJZlSY8zDT_rM?Q}bubt+0X@^|?UAQvwIRs#%NFAlr&KT{g?E?E;K&T%1
zRHzV}h?mGly{B6%NpowewOHvn8B3X-ssleI+4z}Mh@Z(N_$i!>pQ+REvy?!_bJ-$1
zk)?96eAcjy_+C^mpHC1cc*39=RUmz3Grrk`7ExtQ3qDI-+Ow@pR=3dE7s2?hp&kpV
zGMG!NIf5@&!>+W#%H#4Ng-a>kT%>KR`~=(n@Gt@I4u?Cfl*cFzXh$N!88Bk)M7E1V
z6i1R43RPy8{ap^T>ztr&ZP5$@49(;G;Q<JeE`oZCcs?m87n=RVRD9#PXp(&5XqfB{
z0WJoskPTNbSR50Uz(HaT2U2|HQs&gy%$G_FUW#k7-CAWf-q5{DJc5IQpyK`&q6LNI
zeH;{J{$_SPqUsJjDb#Od_^d`+zUQvJJ$^s5<NcF&>2GL-Q$?<b8<WH5I4~0O><>$1
z*Kry!Eu_TR@A7z{oBoSnoj(}+tJpxnUj4hFT`X-Ga?q6lG82Ab`(IcjA_zUq{M!r)
z8&c~WwrhwCjzJI>6H-uaP-+WD(STm5{rPA$(C;G(F4a5B(~RnCX;28m_mtN~Sbcel
zaX-QemD)FPxVVb>dHrYg$9T~i=6-Ccv{>eTYC-qZF0b>jJ`OX|xeo9`sXiagDFv^o
zS&P(gKC~@(DMF~}T8sb{BI6T$>fMiL;>ImlbV<z`DYi(UcmJFbS9cKc86t2fK6Gve
zrL7lnP;EdfvoWI2im1|zZTpXggCB#)9a_U?n{DoiHs{nYM{_J_dilM<O1!b{JQtv7
z2OuRCbSnQ@1W^V+It$%`bxW`U%U&-IK<f6KT(tFkw^on$?tDKB@2sA44Ph>Xd9YxG
zCVmXta5LJV)YUf_O4SDCvDLnww5iZgQ79E}kF8#61s`}604o9?;^uu}%{|WhqHG;@
zBrfSXL>bm1l#w$X7!#Z!Viu+L2t?vzsF^f=ZJ~Jf#W1Fv)z<;gL+y9%*?6HOFxi1b
zS_9LQ1(OFZ5>Lsr$-Ecin}5O>oQ#+fU6Ykq4VLVpXpliofMEujyc!Yc1E*O$%f_)M
zgkU8Mp@Mr0mFJl)T6LD$qUQc=2KF|%$j%e|owZ}}gtgxgWOnNl!fw6dxVF{*F&M`2
zRApWm2~__lt!CAQ*=SgygFiO>u$hI0{3+qjWd2OUPh};t@yQ<Zx!8OzHJ|n7bBp<G
zHlHo#Gh1|SPNl<q+RUfLe6p)7ce42`F`tFzv(kJnGM|gh=Th@oZ$7t}&t~)4f~T4y
zCZ2zFt5V&Ci}UIYzRVN!A6ymwyf&177V7MZjv^Y?7EV+-)T3_{7{t~R0l|+v4&^d_
z=n=8UlxOrMVjc@}JWV#w#2g9*Y$q^E2vQUS@y$PC)w7Xzl)MPIB*aAG6ywP*`P3kt
za2Bxuv0b>tS&3Jr>eI8yL|2Hqb0Efccf3J^2vo_U^zIkY$QqwCJfTSgcFQE6;RfVn
zR1LxcC4)`OD3mx#s|wi=%*t2;!$qrDhbU6TfdZC;jh6h)iocx7y1=wdicS9UXYr#X
zL#Z3|pi=j)O69bhVc{l~4)^5xS=H08^8^O1$Et9>jq)W6E(OSmUVJWQWAS`eJVD=C
zG3489f=Wz09YcX}1Flnd>?;+_0RGkvh6cs+4>5e$bto*X{9Gxl8HiTn!?cRWbB&r0
z1&i+zoH~aO6_`hzPqX;E@+}~0#)n#GOK3%cJ_zL%MkaF<H#pi++?XLg7K#xTjus|}
z01yv8DHf9kGmC&Q19cJz4;H|6+Fc@%DTV9lZ=$=1@9TCqH374QJCPezeJX61(UTGz
zRBrC9cik}M65A|Zo5P|$QC;s*id%9vkQzSLu#6NzQP+c&8W5jV&8R$V_0=l14LF$C
zCp3ftWmKLdB5_Jn=ykA5IG_*9nt6{fjBOtkSa_Ii4~|4@N*6JSV^m;8t1Z$WB=qF(
zQ_abs`0uc>1Icq(GO^9A_k{@WYqGfq`<l|q(`k;o4jNK5z}=Z73Sklns9GJ4>Q^`k
zQ6PF5c!KEVs-EEFck(NWqH<RP6;JP?wdQPd9r^}`Jj@!^L)$&pxEAr6N#a~H`$Sc`
z?u>6ycaHoZv<R)l5+(p!>9{tz!(sqm5(7x_g^lBYiV2R%`UJkku=8vb>9#|~)+f6}
zp-SL@Io$9na)RL=h~Zw#;a-I8Uo2MjNwM+X<<8oU@qSyZa>Di-dpIH^-pUaVCye-7
zj5rovJ2>Jm$r0}w8bq+Qh|Wuj6$KOq9cwmPM^Xa7PzS|Ok0#<#tU@3lmY50GqSFqG
zYcBZ51O5e{$2U;VcMo{ll3rL8vyiYo*bOZupKZ)QDNQU34jC(n@Kyk78m7P`n@5|B
zuF92)stK8uvrPb%{1=J&w~S9lkaPyGLxmnTiyyiCz{ok+gzGR893-|}sk#UKQ0jg!
zrkMX|x9QiqYOStSSR#R=9!pW?^+$ee+T$1Bot0`HFL13&K|FNk@H-OZsvuHPgj`07
z4>nSZqnBGp>B;vZ9W;D~M=yXA$EGxQ{)ZLkimAeFNYGQZ$E}S_^J+h{g~~YpN9*Z0
zaaOP%gXPJBJE3M+qnTTkdapv9R|?ygb^!o6-#REnOx02PO9tnm`BBiK&TW$4au*MN
zK1C52Wzan|qZ!Q@rBwx)s8kbxiA<?rMJo7=wlCBjyGVy!tDx5)6fmUkK{_#qw0Bpu
zh(mf?yCG#O;N1cqM+k15Tyay6+=2zW7;$uW4sd281|14HB;5!$@Tk~vb^BX!F4<hc
zE;tV*yY*YGYSxF`;jebGrocU*OL{RBd!9F8{U$X`s;-O9;xi9b0(*}|zDw{;Zdb^s
zN#Wf39ITwvK}-j&cLUrWRGEQzXkZJmUo8M77qm#R!>z9pg<<8!L}7a<4PDoQgd$5V
z)vDRg;;Mrlm}x7;A3!VkFNV1Fd)r{d8ex^3|INuU0;e<dbb&{zHAuw3fw4HmV4YAD
zNW^$N6>T{IVqpI-q|RL@8m|}NHHr}|0`x=V1x7^XwF?q$3^jx#fI$;|QL(ei(Vm1U
zle3NEl}+|+65-G}WE!C1OcV)Js)isjfbk+%uvEkf!h<moV}gntBK##W^hB9yO5GEY
z87eqVRA$g%Hv}vs>1NwGU>s;=UI<mld0gu9A5Y;jiGx&@ywnQz#vtE$`0ZTol(U(K
zgsV(5mxG}Tm*Vt={Pb#vLcQQ(+r;-+I-vb03ebKFiVfTQ6J`X&b-g%^*P2wmfeSWv
z&)rmvUm%66Nniy#F6P2KITyZlA9~wuZG<}e&kT@r!N<AaYd06Z?WQaUL&Edw4_G}}
z*tKki`&3kW$~lmUp=mn@-1=;j&=BW8O9HM>3ELf=(H)G0$e|BvaqF)UU9eFVwkI=A
zGk^iFi9s<35CbZj?$&2Ht=JAqSNw}8hGrdA;hn1b4|rF@RRTRw+BB2~JOnvf$5(p%
z628g)n&QB6I6?lv`U_oD{aetYN8c2wwM$F2UlDse`5%|1AhzOtc)w%|Ef8}+39uh4
z8Y8K`{*ZOFo(x*rcWoMzSVP|YT@@EaaGFl#&{yIIPCkKxm~&hkZVOFwgQkel5cBPG
zZ`RilDA58=&)xT79}Bb(r%{%ij`~Y$*-m&M5TpoF2!QI=cB2f@SQbQ7rd7Xnv{v;E
zQ@iz>oSnF7uIBG3>+jZeLIL2zE=K`S>=SIiVlOQzY+sy&u|Wx(6wEvW>7cv%2L}q`
zY-B<!{wdh*DAJmXvRcCR=o7T9Nxn<5<s))<tY5+~A}|ORURSvE0;N=2DW)n8hUBj=
z|H5tEjPb=@U4IlZI#6|tt?_7?z=&l`#~@aWAeTPYTB_l+ybP_3hT_;uG_)ofnq-E8
z944c=<^L000oE<&Ts&PNgM9+IpqWv1Qxt$x5~b>DEGs;L!4a_vbMz<a(K$Mkz~LOd
zoQsbHX@iYj#%{RvF;?(WOjF^`4(aG|5c*EGaqvshnNPI^1t@hj0{#7myD9#IJ)v8_
z7F}H=!eE0z>1P@^Sqt!Kg`{No04ZD{$s0Z()yS<2P^a}AW_}A=h;IT=)jF4IzZ0Ox
zm_Eypa6JhVUn3G)@V*0(wXo-;kG6VEOotf`gp9_t(jt1ydmG4L$`f<QHlPppW_?4y
zXc%x)F8R`<eS`BW*mo}Csv~TlV08#gYDQ+amh6OC7K{nBy`<NI<eIa@%@u$tUA)vH
zdw~$(cdN-*Xda+n)U=cH1R|<PzEI%!C~aYUj+a_F0%lo4Qjz%bWrTAef00~-fT@If
zyR}|UH=E@Zs}OC)eo?(XywfOc$$o+QMVb(&;TbH3`b(kD(%vh|+8=I!<so)+l6=`T
z>wsn8p#7jn%m`K%D0tVSDaCqnAK<k>2A)UG-&+2;+qzx#9|iuGq9noKA}b(4(^Xi3
z6lt%>VMDQu6r)Lkk4Tq35s31egm`u|k{R)s9f|QZiSd{xB3{muCZ)OpVr-C`mZM^l
zrdLmIGB<{+LKsC41eK*6P5&|I_$k=B{i_{n!xU#pXBvN|_#IRdK$xU@?jw|)alFBc
z)qK_JB+iec?!ZV`FxUG&@dT1^ipRC>)5^oCFcRxdRy3$EvfqJSlssZ`J=+YIee-97
z?YQYwoef~1J_v$d@&PQn4*+$>JK+~#JB>@L&^no?>RK$wps91_!P?K||4bQ~cGD%z
z{AqDF>`5M(*7r($T#2LXuoG-5girJOavWD`DW4bQo!XJ=DXBKWmmK<VoQ(*KMF%$c
zzH|rrz_16_Lfl`2y<`ChD;i37pKK`YfP$e$uYN<e1P=j))PT_g{Ub0s&xDcdcs(kJ
zqL=At8^D?<%)Q?$(i$p1PF-r<)~sspc>+HweA$Yi!fiOO)v729-c3iHdin%>rIpPF
z>~LBy4t95oCapUa?Bdt!>`GOa9wz*FFwFnCGCb{`E1TU7yOW2f4ZI{CYFoKSR1>@s
zP-|B?wFJCfge{T-M;p3c@N(lj4vhtrEMD#3IqmlUS-%FP!1xWkrbyd^>Ro9?15y1R
zRG&OhRNq*Lp{Xz5#_Hz>IVYh9-hV#4I(v3P1AHU$BfxSNl*L_PLxuNryyI|)F_7_t
zW&93g2z7_|23l+B_7|Byo$=?%_~w3y?}wPj8FS!$#8?sI(dtA0K<Iu%Q|bI3BMgiL
z!tQ0t^$gf918!nK9Rt>hfRv*<*^r2aFL&Svr~?NBQ$B4UPI51ZQq#yZj3mlWd8d%N
zw~=s0E%t0jW*FzO?7L)T3JRkarN4fFun98k=)W1Zi=$vcA;x9w;58y{h0uzrI(7$u
z-^R6ILrg{$nMzyXC%UmtxjI*M=+v11@8>gBF=$a$L;+n41sbgEry-iWm1KhaWf_|c
zLSN6PA9nUtw=;#m6$ddJWLT0?eM49546G3PcnefAs2g94kPu%#!%|t+1tl3Y-J&As
z><AbV2yhgo4k9vMF%CU#$YblK*v7%X;f)T(b_cu$-VKjk!wZ!xT9MjjPE%}UlZzBv
zU=hm4(_bl{e`K5S{oBQO!rQUvoegb)XWGt6mUOh|s!bF2UjsnUf*;@~*6eO*L9E%7
zdr!aFH-K23PP0$ktQ65KIwA{>NNCnJ^d{D<v@>ef8qk0?%{p-lI*Asr0_h=F;K%8V
z+0BB|*e+CTqcLFP3Ndh#Ph3q>a20xV`k)PCwqjI8=_e``I*8Ccr(fifxFRDBR%}mK
zqFq3z#e5LgPE?z#wzB}$2S^zFJ+S8VYrYCKw;7NQ(fh<zC!^}}(%=PWRPC!E6>X|L
zaSc{>PEKy^BP9#6ppwOfYSxoNG*z;maW)GONik5#dP&+;WUX*kBD_dUH8c+|u$0B`
zqe9-r%adY#kC$hJ@E5js`<BLCner1akp!8MESaJNY=x8TDVeecCDW`i(`*3>XhzM<
z-y)uDF0wjExz53CqVkY#<w)<ga0Wr1-;O6Y*||$3nk>>`$uHvZ#5c0jz8Se3OjTFq
zqzM;IU7UDgV*ozmx?c>B>JVmNKe1324k3qyvyyu8lr{~FXQ2#lLAa<K->kfu-%u#C
z*iyvP;(%?&178`8t)1n(uLv|Vk5O{78tj#O%9+5`;PMYC^pK>V&Xj!)1iKAFbcl!F
zoy?|+DY6^_X|O`F_7Q!+MelzboU4*7K~H)4?F26R#XBY!{ZspJGK&nNe2k0!I=>AU
z<r;x#!u3fd(7;%`4R!Gn9q{y5P&oZNMdIA=BCZuGBE<bk#EE?a=7%^CO|}}xiGy2_
zOxV-n7;)jHs8zRrf-EZsvJwY7^nxg8$aOg)@-arjsMlg7G4hdE_LN5uMI<D52@Nm{
zwZDxH%X0(9wXAS*GzTRtT)jZKnOTfS-a$04x}lr>EK%FUXj2|zUZ;#~$`+AbqfME?
z$W&1<_Dc>LGdAM;5YP`5V=NAvFsG;zl*>i?2X^%1BJ=~5{dP-+Mc5dwqW)whE!vD+
z7V#1>8cKLFWBy@6*pZK-#$vRXf{BnRbnLw&+E}^)ndUH)ZZANk0#K-+HyRwe%9wjD
z>Yps5U+#tIOi|{LKcpl2Y~;yiqx#Fhk2YsmjHfutSI8WJw+LQgMUckeJ_u(20C9)F
zjF-&kqe3QYhcQ3mczq(8J*4_d0l}pxQV!<TEOD)joGK%K8;v}Nk<TI$+Cm8;_S!g$
zz5R{MGxJRzcDARUjRLa?iqE$ql9%j>3{WN+pRPy9?F>O?^yEWhD?>^mX;yAwp|3Hl
zKon|!<$06_5f9zmW%Oc!7mA1>+q#J6&t*JeXgt8k&N9~@848|YF+Sdc&=$f*AM%vU
zGA5d(h*{oZB&Od|@stY_tP^ZTEpR|M$M~bjZeI!Md}Uv@TOX2yzJ_u;$kyAK6UjD3
zW_ya+`pIm@8w8OQR*iLR+VvvQkUw@6z4=$qNN@he$UH>G0sGHQ2%}2`K>5G_fs_(1
zO~$vI5kc_|EnA)@O8PnD1zc`rNqc4ezk#DlWNuu7NHKwjF>)&+Wi<l)KVdbmAxw;7
z=)#o_kvZk!8_;-Q+6)2Xl*dsBKP&kO_=#Z5V}2W7qD7%uVmT~QuP_B~Z08&26F|s7
zNu8qnV)1;`OtDZ1?8aekS7NL78g%LA*9BtrAaL?UTTBR6v6kLA3WT#A<_Z97ZHKY@
z&7<^i7sx|j>usE@GB%=R34RHMQjh~4>Jds0bq%G3I){=&ok9@S!SQf4mC@zzU^jFl
zdOWDGL+7mP4$rY6I}(IOGL?uk{yD0fC3FYBLCK~?)-S=KD7tN+F&}B!Z?bUXl`Fd9
z1KWqpvjrhy{E#O|MM$t0e-v3tNM%u=H`DNKOnVMZpDSa;sUqBjbT2+-+v8hd*yAfy
zMTO@6FX|+>2|kXBS!a$ck9Nh{hrzjK=!^2%mWl*N%hVE3l`LnZ3=v3_bI^Fw-OUpG
z5hMP>p7~`t?1CVX|M(laKtq03EzgMpcp=#42{2;i1X~1SA_|ENT<GV)XHbYaK5{Ta
z*PH1D*b7md@!8AW1x8u$p>742lP3DXr<wOckvxKkaGA^;2ULt-dMGuNg4ocVOoCPt
zGY!H9#??mnSqdJY5Bvt;xMDPxBOg;15;u;mg4xzc<1d&?=1oUtN2_MQC-4<!p`z=L
zgpYGKpXHRWlB>{S_trh)q~Kno>ezAU2qY;oQtP?#f5^D?XNm6pU{4-=9kU~5z7X>d
z(9Zur|7*UB|AF!Q;m<7MC5HZaBlj=T|E4GKGaH;L(!-CkfZP45_7=R@qH5>_e^#gl
z9>`P&Kj0|u?$#g5Fg`wd93}-7nGnY_5RW+m7dcu*CS5`oDZht#;0GuIf}R0Qw(pz%
z(BXej@go|&kPidKIEXKg8u4D2Kudpd#^^~z@$f`isFysu5b7zc+Gg%X0a_!k%$Nl*
z3x}7;Hi*H23K(Bh!1jVbz3Yf*77QIatJs6~Xin@w-?Sc^Q8&RfM>G*}BeJm@0hhbD
zBWgsp+j>i$>Tk5g00YuAs7a8fx6(nHa2DNS?1#*tbQ8|2KQz8>;D@18m(DA&IP&0m
zvqy9z*EXu}<j7(?0ajIqyRN!=O1EglET~cQTgy|0yG(Tr!GRrMf}{Hrs7gRZ)qO~%
z!#%K3AnJ)BM2S)dJ#I@G&K0F&K$15@1-aSwQ~CtHpV{e;0X&v<SF+d=HP9QEfkKZz
z3iYlpEA#}0W#VXQnF}u&*l9{H#1HnU8Y+gXfv(&v_5_l*LNUA*z(S)(Ko74e9_;O_
z+F08pG<c*KKD_Dn-m*%%As#1cMc9|!C=tReXOl5hgvA;Uc*OkG05aI>K1%<em@e|x
z4?+kk&Kup@CO7Y*_<9+ma`s@2e4(^IcfsnZ$h3OmXbNATYIv<Xf3MH!&fn+j4`)3C
z2TE6<*wWo)d^x2vCN~b(f%MoytE3JeyJI4Zn`dHJuyf|8!@!9DBpm#NML~hcm1g{<
z2s8n9J<s2fIAP=c%b1>p0c^35fuT=pp;CP%sEAj4)2lV$YQn&<LY!g1UgK7tL#{;E
z#IRt`0(K(UDfYm)thzUH(7~{+G=D^<Qk{)YPvDk}(R%V_I5S(3t~RA2qb2wPK*KYu
z^M1-Is&{&{o1Bx0Ul~3-5@!}^@4<%B?LV4U)*XirLZ$c#K7^cZ|EH~Zm+-{&#MVLI
z2k|Vi!j$O-zF@abz9dCnk|QrEk(bVq7no_*<8*1k4Q~IM*76rPe&@yX;V7<G-dMfh
zLE6jZA1>dgVp^hi4#3I5mq}^>?)8eCQ_c2htu**Ik1rtAJuvKt&Ct)dRpIaioH(%l
zc`}qHyk%!b=p3&Wbi=|VfDeWKf}rt*Z-j4rKOUQ3FsOY0@PKC!?qwP1<h;rx3QVQW
zews&HgHbX53p;e&WyrMnYD2l=yb91^GA&&&SBkv(Z<gJRn?lnwRpkYba}rj~$rc=O
z8>1J@fE`kh_X`t$3fVXyvrF6tmaX)J`CF5fs2fUWJp5F0$SkI#<#;U9?YDQ~e8EQQ
zCPP`vnM;yD@eZ_LNWTdrLfs!inh;8fMs&X?jkH246{6%K)9C)1C_ztgA_u{m$xPX7
z3RX&eE`yASz&z90F18-lWuo|0Cf0#+q&b<qqYx8%I$(pw==Q&%Dna$u8Ji$K#$TV8
zfdBs8Gu+xYsy=cUd{4m}(8O$2f1uE#kIdsiMKLK5n(_%-jsS;>ePL9_alt*UW@t7o
zF=3MG!H=GD&<sT>vz)4mIie!eV)m`X13Ed06krlUyPBbsWlvDURD||2L#N@MJ_k<P
zpsw64<Kf(jL<~NNh#Rz+kGP!ojLU#U)a8G^l8yXa)iJKivGT;nKCfmN_dW<uM0)Pi
zt5E`0=M2Wi2xG>{n1|zHJle;M$(J#|WDLc6ArTyAOn(`37h|A^lrj4mlOkhoVGL{!
zL_KKBRK^8=nGBT*+AJJ?`i9WAeff{oKnFhUdz{^okIy}u;Dd=MK_5*1#u;(=80R0T
zB<cb)!=pcd(He`viux1#HWf&Lp@M&`%b#l?l3xCE5!CNZ@zt*kfCQvo5MSM2#6viS
zN^~pSL;4fzBHaq7(XFr_rIZ-<s`ie=#Qcs@+0?+8K?fUb<?e$G4yAf7dP6^9!ioFW
z;$!^@oVXwU5`OjCI&t49^S5{6-p1ehM5H^3|8{@`hkuYJ<^`VCAaVAnZOWryaf0$X
z^4~sk|2b{^x8F2IxC>*Q9r|zYme5;jL_8h%Z$Ex934?SA5C83{afN~a<PC%fREey{
z-ukxlKjse%_jbo!>#zhR!ovy>3~Wg_A10$m8N9f<r<E2)I0v&1wAn{WVBej>3HK>U
z8M1t2IA?OA*<WTb!W;~<F$`!<)ghQd!rhTz-{#$sJv+QR@`l%AIN!z#nA3J*FJOzL
zl+vOGAaGrqMhXNXX+J-kt?dP_k~?gX@Yy>M1jB<FYFke3Ofl@Aeu2Un9r*{wO!^9*
z?JDy+wR54?XDnulpg8`h3pK$mXM!0DFXo5Gm?=)`LhaRLLJlIf0H5(Th=ve#2)r}B
zc(dQe69R8nj}rq=^3$Qg9h*R~%>D5M`43>gnjVJ|m8zY98l*lFbF_G58m>MO#we7H
zAnLwJ%)z-pw-9hV`U~8UbT>7E0gD~nsJ%C3g}Xia449{6)1I8CQL^5GeKCxjghlVs
zj{z50l*6WR2Mh;rdw0A=IqZx5Yw3;vK7D9oyj0j2`yd)qN`&Qj+4-R##m{FhRUk^5
zvD5pIvq9K~6b2*mU0l`&FGm~2C4UBpExh7IMNGmcHh(IIwnv7p-uB2K6bn&g*zGwT
zWO%+)0x~o`@I8>hw*G|3@IEx15yo;Ne|pjTWIO8bxsl#TNOj;p@Y~U+)87xR3H{w(
z@jd$MXgXnkzwCC({wCmih9__(j=K2lYT!N~2@Fz*E%Mk-s4FeS@Cn&AXD4p97<y?R
z_=}=+${Wyc118Y`{7RnZyOc*@{d=s_dn{4|e<YIetL!VWT4Eu#oISv}kgaqP=__s<
z#J!y_A(>L=7shlrWTE{VP7J1B<_TOV?pZBEEKPi;;wen*aSIo2mH4!@7<OaKQ}&Ly
z0+7q|(Sawwriz7L)57b04`Rx|GYgIrf6NoT+Y<O)q<zx*Xuq1Z1r|K1(?>+;0X#m7
z_6M}ne*9i`xW2V~HTr00b+IL;TmJ=^%cp7>yGvLFRk;1L8f_LAb)Hy80TxQt->|3S
z){}9YBhDiS^3YG3!v7Yb1aJ`n+&cnbT-+Q7UmWKk+sTfv4{9aeShgMN2GSbnHFx7`
zs>HRVo9+e=B?g8s+VByOln3_e`JxZm3`dpVEtf8jXmBf+O9_0)%Q7Z28dEA_j9Xu%
z<}%iKtglaWAHeEwfyI<q<5@CUF{;d+s8Z-nS%3U|d<m8j5qphU_nql|0Dpj%T6k8H
z(k1UYj$N`ey)ibK0FQ*rd4zmt`ahTaQT68m_2+ZwbR4Jf*PAQrh|^JcVXXr>pnxp8
zmFP|XCd8pvXR%kfJqr6N1UGMw`s*)15A@t?WrF*UvD;+b*x_apV*%o0-t^0FlOu<F
zqlht_UQxHFdhRaVaT&W)B(VkWBMvRFu>$CaL>+8~adAQgzNdr;|9dsife1f3)dXjP
zoBm7JB*0O)>6h}ce>WFS$ABt=nsE7N!(2rVQ!@Hd%ENNhT>d!#gU>|gG3Lf~wZt|^
z{jKH#@Y>IhCoJ}4`2n2wm}pxQoxk)A3c(NdVp>!1p)tvE%1g=rQ#~Yffe8>_#(?2t
zhihH10+O7m&xzMR3U%Xg*#7vgQ2oEeO)0n~_vfHqdvIS?U;y=sBc+}#Y<Ip-bzl?c
zn=kaByNQ>`V!1toiOz+-F_~<hlWX{nXu{E<YfblGE`mkm5cnQ-SlJoIN+|JCnupQY
z#^-?E92QNm0>ynT+qn*g?>`$-d9{bqa_V8ChnfjqL3-WVEjBk?^!ejeiSg4j{yrf}
zmQ-?u;mP4S6d^RGbj^V)c%k`%YD{WQufd^ND7MNji3rd@CDCAUEAn`lZNVzI`bK2*
z1O_@o(1C`-b}!lrLw-TBsXrGA26O{HPdhQnf816!P_Tvf(Rg@ah>RyZ+^1vCiA^Qx
zf?-dv4oTqu#|ceObE_w-*_Q{WY4Cutj>K@FaN!V@zs&s4BMV*e!{T}mtdd*sQjr##
zz*n%j<>BM<PhDAQ{zd9{2jBux9IjEV+uZ|N+|{k+{o(WvUKQJf(wh%eniX%LHNM`a
zz7zE)Tfim5^>B(*zMso`ZdHqQ22gaDaW`8=LwRkS&AdK@R|&!p{W6a>6X|ejPaDm3
zaiTU53Yz1_@xPlC`NFdVtzLQLd~>($?Uxv1%!cwjo+1nVI%#sYaMe5qPIw-$!O3m;
zY;3k-=zUYD$UgM0+OT&hxlbRm7!Arw;wQ!p14pf8mjryp0_kH6zEO|LC?8;<P1)9W
zfhw>NxhmlS(AS@Wb@i|DX?y`g^dR3<Z7_R@%c#p0K@1NXe_$>0tRftrXM_7gnO$a6
zY)MKM8WOk>@Zf1$94k$$xLD{!F~=^1wmWS9uXi!aFku|gP2Yb%hkd(DQnFAt+z*Y(
zX9^|n1ESe*3C;WKz=t!9e<G#aQ_*&XI&&ull=rnqdZ5dPjN&n-{#^2dJZO5ADz=mw
z;{bHgdOFN=_p8dt{k*B%ysldr4z=Jx6P!d&tO9WK3Zg)a43hpyc-l}L$Rg!wP-cw$
z0pk~d6Cvsl5Y5DJ#6uJ=;r)$y;sQZ}u?!r^{DfUosxcSm<)AP_=dz7={>ILMA7kiM
zT-Jyo0}_G;KZ)Z*q`{zw4}l_Lw?t1_)Jpz<cCnQXjyhFXg44vQ?+}+KTg-idDIS#L
zZ&VXjm(YJE$eU9^N(eCEkjkZ2iP>9x8f$)&jA5U`V}+mjCXnD|vgf!{V;m9jc0rE9
zXbd#C+`#!42#ptqyh=nPqo6Y>5$MWB-~uTT51|Wu4CTOb{+ZtALKy-YiaRB>nUNV6
z{1p-joC(=6+_*1v8_6}uIhKO6SwL*gqTgbJgs!2_6Xcr8-y_DnXQ8_#ou*iq5lW&?
z*oqqwLFI5;d|wpkwH_CG1}@KRIBP`HPvUan1ARm}LL{I;$&XQ#D200DwBhTDayz|N
zI=rbU*RpRFloU8hhZ=YXtE%*b#+rJsNudFPAD%3SfHv)6CoaNZp=d01_xP}N4!tJ<
z4nuRZVK^9bu4od`S9{<1%U{_bv_-TEo(ZpjyE1XasAwyww-w?fT0{o*$7mU}Yh7?J
z)|yh%p&ZA)-6)De>fp7AV`@wa;Tg$=ISw>adRl=<Q{&d9f>|6idLk!C+H;49)*%cD
zCN7bfQnc~tWpYR4$x(?rB0%TO&qE^W4Ge*hAnz9y_q|QR2@NrOE3n6d^#~acgl26&
z&M;sOCzqw>Y~wyfmg@iFTX?6=6Q7=>Ia~1GjQ<u-(oopSCu2Gl!dY7RXWVKSD7@Xm
z>8*dYa0?61Qwi$<Pg22E&~k%(?JxfdH<o5teCMhD8CX(1S`W9lHsz59fN@5NqoLg6
zwPFPjHuo+Mp?N_4W}yBuP%)gjD$DH<^?_`gVM{~QuSFh0*bzEg&<%FyEWwXo+bjqr
zymK*$mMobP%ac?H{t!t3Xzq*uG4K~;n;>i#3u%d%O`A?iYwNzEs0xZtMZLqgRZYfq
zGUa^*4uGj)KzR`sz}Yy7<0&r-9WwqOViVyNWQH_))z>To*;oDuZ82sp<tWP?Rpb0W
ziy^Q3Mo_Z&9k6Gz<ajSp6USTZALIU0xl;@sAhuT1yn#~8w`Mhe%k)d!fuDG+(e2vm
zO+?>+d$m#<<N&|CGlb0q6~Ig(?mzd;(J%`Lt)=`}q6UT<)Vk)>|CIP7=qc`mfLS!a
z6oC=|gxw)R3CxP5Q_ub50SPL+j|aXE8hH|WIj#iz7TQsH6Hi%|IJrN#%sk8gAiT1f
zXZeM@1@1YP*@ElPCJY}nbr#K-d&~lHvh4f@qjP#a_7ia3=jTIl=S?MjyQH{;_q@>E
zNCo?avdbEb^z>$?(hOv94o$DbM@oDa`10UFA(Yo(oaIbSZ;2#Mk0g%I**QLEs%xdt
z9tMVkc+A8wv_d?Z4!%9uV}%8R&zUTwz;E9meFV%wlf^K|3nhi=3pt_lX;Pq>w$Qqh
z$*&aEJ%Uqwf!2x%4hmsTo4M~`tn<IFxH^XBKwVpmV?41%PMbd=FX^Ez)JMwaw28i7
z@P%qLQ~EviJ?L7O>X0S@^cOQ7+~x9Pf9?Zu0X|&6iO7%Y);%DXmq4n*$wF879k2B>
z9Cw0mwNTk--u$n9U^fRmS)X{V-%6AZ+Yh`BtP*@g8|u*>0MUe_P=A8-Cz2jCEdL{B
z$M0cb6y0A>u%C#UOYmx*LIIa*^v#6F{V*AH=l{FnO2VVf;zQ8(8W0HxQ>vi+Fn@Rr
zjL>45Kg>car9h9h5O)iqae?_mE`q%p>`-oje0&Sr9cRRVX459Y{okV5pX_I|+qCzn
z>i>zwcedQLCjICP@)4{Q1M(0MsDiqq_Fef42%b0pi?WWoBGBtK%<~SqBF6N^jcvOk
zvfPDWA%vG<2q1*F?FyOMLyJXM`iQPX*1M3cS|~3-Pt0vcySs(rlu*te%o7XnJ_wP@
zd4e5shGD-)kb{gh@$hg+t%E1v@C2rs0@?@&Xt__k8@Jky>}Lq&3D>3taM*a~=k(YB
z-8DBVGvf3^9&HLXI;c;^T;rG-f4BpC$l*83Kj$8v?L{jH`1vH@V5~D7YM_u6CcPA^
zP;1cE0~n4dgN_sVV80X9r>eZKX+TsnAunWk?K1FUvKW+LUdZBaf@GPfM4sLm)p2X`
zq&o^d_eCixHe`%>w^67;yT8kh!s{=_I@o4A=COmZsJ2RE`ezv$ta&lEpAgd*(LhQc
z31lD>5W=+>yD5JK1gO~QKtnVfao~tg>?Oh^+_zYL6FR5ouG%X$cP27{(B4pk#&yb_
zh>vNAPV0X0dEcO4Fx9XmC~|I#0|drMC~{&HH_<+e_~{8;;tAXr-@&7A#o!g)Y>Of%
zOey-U|0EGP<MpNO@$(2wxKD+jcf_^&<oKDe9-;ml3t%iizfr1sgSts0A2E5A+8(Ay
z2r_VJz_mT0+|otpNN11*!MQpcJvw7;I}0H`7cNY5roWgz3T831Qwp!4BloJM9G~!7
z7;22~2ZwKpZxsa6tbb)-b2zzERlTo=wyv=93#GhYXvB+3Xf-0!MPyYc3v7yIr0+6U
z%^;_?AI=e#^8RMssm3E1d*pdIQNFA<k}HqQ@ud}{D^=4VU>7J#)l@ujVYt6FrF^82
z11pa>9_Xd6v|LU0j|M7FzpKm}hEzB}7RrVo1d|j@f2bfmT2AQyqwQVbqb#n!@q{EK
zl*ki=Kva}fgC+_XD%wO)vJ&7~*g#aoSW%-OhJqSl7h*+N+zn)1wnj@Uwp!DlH(II1
zs)&l3a1D3??^LTqRCv|}#2W-u_W%8!nP+zsf<OO#-<OZ(*}2c0IdkUBIcLtK!&NYO
zqh$F5yz8EggSmZ{j=p8@ckSS7mIq&>&pI6SN_prjCS*YpZ^asQQVE+GN(FQWD&I`2
zoau<_>JH~-{R`_L*uvK!PzvJh1P0<1Z3G@ir;Sy8AZ_mt50Dw2Uzg%#Gk*+26`2A&
z^1u!$&;w)h9X34kvEOAE!fa-E&(c85Q|=75Ieo2$r)yb#*RtT+(xxxd;a+lq=NZ(M
z?R_#jKDj-lIOhJte8q;9+jw~E><9T6bO4=TH}D?E?ksoe`<Ub5CAx0!Bhlqbo;YML
z*acVNm&Tp@(H%3j#Z1LB-8e}py1-Krq3y7y;Ccu4YmCojl<ja8?tt43!N`3OA-avS
zZ#;OqOCNV&z=C&Y{~aS(MIS?cA;){Mnfejm{(#q%5=bQgIlywwN+6rKN`w)4aD(oR
ze->stay7ezX@=Fwby*RrS|nr!Z_ARIja-2!<4zucU8zUP3-@7<H5M;Gu)Ofw^3?B0
zZXGB;FepT~YrUCH;+t7-g3Fx@N{n5(?lU8Bp8%>W=IdnN;SA3>JZ0%WgxOk%c(Ik+
zV+6>*4mUiv0*vlKxJJCHch3Nrmf-t*uileUT7OZn4bRqdqF(eJ&i1Z~jwV0O=~-jG
zU{4QFdCTk-(X-?7Lu1u8oX9XgZ?Q&IoA+PQXYKhLvbQ|A8}l=3B3{{Wr@}mzr(A53
zVBB}8nZdmSxCP_1ybsq<vntKhcgur6xPp7ZRoPIU^iM#!&HzxOC&96~s&n=VXi@$d
zI{~yh_cQC1l<3(S*tbGdOYiWIm&A8bzMg*JohtKIWPbT{0K_^@cqNp72T^36et3u+
z2O>U1ggT^Hmc%K1Yq$Oi%;2jca={6iOAp+@Z}9(x%W)#s^2u_0Jpt~cVA%-J@n2ki
z+WCB8b-kwN3v26a&Q=L#>*C;hq-LJ3&U$Z3aKE0eHJq;JqGN<V`q}e!SmsOW^RA3O
zlRRJRU4?sQ{o0kf9r(`q0{Y5v6to2wj<7bYKJ=I^Q}&Ll@EyG24F0zS9!t(r5(79<
z#~G{~hg^>S5HxMkliiR`2U+v%$1o9xew0}oyc@IDU#MTQq8u5vs|*8>LCw?@nS=&o
z)fm3NUUC+WxKq*>V!_8+18>#N*w{67NK^fo^mV?&P4nE5CjdSEI$d7yz^};thzV}X
zZyny~=@D5X$&E(X&mTKS7^~Jcw|4E8xiXDagfFfcUNkE+I^B1;;f|?xayF8?sN{==
zpFB6ix3hnA6G-1$=fWlj5Yy>z>pk~`r@F38$4j)&7v`l*K>x~9Tb!}hl^M~2;j#T!
zcJUp`o^@LAP2VR+e24aV^1>GzPo)k|o8?d@o{2H+G_Zu5KgsT9u)(J?eLL|gBD#2d
zx6EJ*qvGpN@R0&%Fhbu5OLX3$L4Zwgw^+PcOG<ly=)kTOf({6GvDM;AKZ#mSsyEX&
zqNvpP!v@Tf2g2LJbuc<iD}A;L-ev9LG?s26_x?7WnbMlknFSAY=e;{PsqUhrx=&Xw
z7=>DTy2f(<vz7vo4<U6a3$%H=M@Y?`2R5a8=9AqWsA}QC)%s#YqKCjAGREv)x;Ja#
zh^gM2uJ`-`{qv5H31m-E`2tj4dSC-yQe(BK@UsV1g=Dv^`;#ifu>#97#dB>ecPt7;
zuR!L%>CCjivt}k`{>9TaWcmSI;1zzc5m;)B+GMQC@*OHN{;-ZvJXKeTejIG>pRzJ7
z@S&&6$}XCjb6$J(x|M0j4Ylwd(B}%i@{+XP-Ju@i!s!@d+wpS;VqK?qaixAWvc4<}
zZ=aOHnM)Hq`g=bxQ+pUWqjQX&W7H8XQ>?G6KEq;A)`6R>xBo;!)ldOMfr+i}(9~H2
zS*fx3F$}9LoE{t<PH%>(casy+2dA&42oL{u#a`G|th}MKLI-9}-%LXryas?w-N%Hp
zefU2(Dz(|!9LaS0Kj|vLf|gE;_nLivbL1EPPmZ8S!4}_^qWX!bKL$CC>bMyGLU}kE
zTk)7I8Nk+0vD|4-^)Y|oJ*(VD@gqK@6d6*2Hgf-IM{iAq<HmEhWP{3XMp?e}(kmIh
z@YCQ>uZwh_>nJlG{(SacS7>e<eQ1D<e`5#*Xr2#Nrbg0%d`{m*X>hBK{ni;8><sR8
zHt)?U4ea&c0{^NFv@g3+Yfih1Y9ySyV<yiB6rBfmJx{|gaEsOnpl_h=@4AAYDH%g#
z15%Ppx{R0MSopZ2e^K(lS5S2gJY7V1HOCqJ(%JlFPI4IlXMwafHMzCj))U}kRBNA$
zTws@Vh@4G0_u@bEaD&{>V?5~CZu*M218J_H&RGU2`fG@g5$Ify)bB&#3>3C1kk-5x
zN=iMB;1|||s_u{fg!RQ<>r%U{d?tXgf)e3yZv*c%aUFsqB9yC((&1BjWh&eu*FA^?
zr*D2b;LJ;O&d|;2odNo$4nx0XMkjz?3H?`lK)>2Kpckh=TNla(pmT>mB`^o)uVDTY
z;O-`Eb^!PAc$+r3@1hniocs3uoq!vU&9?{l)rjZ>+<!!2+^0DT+=Er!w;;JaxSu7D
zlmNGQWVOM4XmA4Dg9&5b{H!!@=8&ccbxVMFmNU4=*}O+kyPJ*L7j%I556d_nDC!cZ
zebBlH%>v@@xQI<al>>6k%o*J0Y~I%qTh~bi9oEK=U=&mZ8mFvrs1l2JspOs+$0$g+
zsK~KiLjfBB_mzRwI7#xOUmEo&HfF|$kx`IU_YBCopIiz2ccbcL=pC`<GQo!4?0#`X
zePxgm61QU#GydHgr%CUd!L`=(Ka$dFer~@Rn^2o1k?ClkY}EY+IC-GiVbt+joEgem
zeI_Ezg@<zRHSS!(DS2L^UKw}gqT=^9+%yy-iHR@6NV$I*GD7%s5U)Xf(S7<_mT(5Q
zI1AT~n*PD<@R{dqj`niSST~h1#&d7sDWD(57|->qoHjZ*IXfLcdspD+#B69+o6%yd
z^*i_yd~@y-Sff+s3^tzI(j4hBeKTunj`W;yXlmhM)B<Mfy_aYr-TR7Z!HMbE8JZxs
z+JZ881oKPu-M1E`Jv|eqUlCeb!wYgpt7kyT<{#1XbY=65)7~$fFHn?!l)*DLAMnfD
zX1^63-+66`J)mQKzxv7gI<uipg9*~}WDIPBXDjbiO#8z1^@zi@AC7d2vG`+9@kl24
zI1uWMYY30*OQr?g3LfroIv#3l%2G4uDkNoj;SiXEgbnpNM^dHX+;3rp^s)~vSbzV$
zLLag!azE?1Qd|nBE^F+Nx0DC(B>un*IjaGlE?(T?a>BZ$$$Q*tc7DHUJatL+w1y!~
z{B>)!_IeR=)u1NtW@xRtuvTqzO_PyQlzPF3Kk)bXyhvxef+priyU+?2PXH`J5^k+f
z?O<+lX6Y}zJ}{i8zjQ^xFrNtKw@81B^|ut!j5ir3Nhx$fW9;NvHwC|I;L5EM7iFsO
z5`pWb{wWRkUBeL^Hw+=~S3vhG*S%7T%nDfHy9lhr^fyrd0~4h1aW9^NRc&+pNy_vm
zJ~|~O@;H|o-0+z}aJo2l;JiYssI82~@6x3FA?81a2?>S#V#ZBrALnP>1XV9Mn0EE<
zcJw}~-YLxgJ_gcBKX|9MV?RbR|KrS`=*I}g(K5P|I!0z5T}OZ9XT8eYfoKw))=AM~
zNWnWc-y217UOpOT-8;#A@IT4zU@)MsgfN;;vSEOhqX0=rgLKP!8t>Ba01hSce1|rC
zxVw{jGG;;kD>dm2$)U>6w#z4wf&8Gz@1b8_xQE_<lmI`Jf{vuCc0>lexIbjT;O}ht
zwh6gc1tg1?pl|1OT`n@-+s9+MfGIF3=uH<vt+iludP*7OI*_ttJPnJwS457SyPrG+
zPqGuhut6>EnzGS+{+!u2%$#=4w5c#2%0Q@Q)-6*IWd>n?0?CZ1z*w3;^6Vd#1f3pc
z6+Kb#0<r`DZ&Y5Z(ilgw#DC&MU;RW!aU0EqdzIx(2<NUEg&u*%AN)5D;VzibD{pyf
zuL+-*u^KS7x14{Vj8mn=x19L-@#y_#v$L>y)buyie)9$Po3+?)c#_zR6Uq;GdZ_m#
zZZhfp@H2Zne!A1;v5b!U&6&s8Z=?d0KP73SncY`yGX1g1;NF{}$#Y+heu^e0kqS#@
zO@$qCD(pP?9vG4S0LY+kG2rkT0bW_~0PeJ$dlFfFqizKV6YU-<MW;@+V>J!L;6xEh
z4P(`~Y?=Vz{hN!<@%~~pCyGakVe-qlhGE~Kb38@Fl&qH-6nl5;a$FGSi5CYds2^xo
zlLup})6Wsj4+7AJyGz>QMjpbkoNAYm?0gEC+E?1P#B#6xXa5vDhB{o?ui(sz8;US3
zg4!mQd(YFDY_{cEc!aV++7MBnBX62pPwZ5-EU@c=k;P?5=V%Ke{AEK#WyN_F?lLak
z7#J!j2Bm6`xo6`rIvgj$A)7US<6Dz0sYYNk2CGf_zKCo`U`P{`SDU>9y=Nua4<_<c
zz=HhVy+bx5*Yz;{`wC`W_zUq)rv`vN6u`jNq_e?})_$ikp`nw6xEbIE)SZgcvS&o{
z`Ol}SOM%oNCTHn=(f+jdgE@#80XfVtUIs$F)~vI7q(s(Y*T+Wj@dU0XfQ`%5fmG<H
zfgS{D-9ID?0B%+6giQox6V#y6-&9$C4fM&N4)kkOL(S<WeDi_T8$Feu84#QwPb6oZ
zvC~8wBsgx}1EEkfPtLlSq*6H=(9Z#}idgP_s2VtsF17(fnqs-<Bf{Sn^VAGT1Kj|d
zFn1a}f4`7|yQjhCx4!^4k(%=MzS4U1y?&|m1MM$F`_KygeGG3b(J~Cg#GxC<UH|P?
zJ-qZF-&KF(8d@U7#B?0;A0|&nGL$fvKo$=&>bXdam&KOJJWx6`ot#Q7D7+{#!yj~}
z^qTp{B$d^|^`zXkxr!Kt$-=Vkxs!W8*wN2EV@HnLJdz#Gm~}7V1`)oxmH%Q`azRsg
zDlL?_66jNLo%~_2(yIOqj0!PQ$e9mXS0TVd>8Ar|$kL!}Gr>_z!KMyYdpmd`$UoeM
z*#u_Jrk@-BbwY}3VVh#vsbg}!K$hM0yv?%5=_i~sx(<Gl;MYe5*EtK<Ij4UpTz0gV
zaO>+pJwL>Iwm*Pbzh>IS!O6WdKs@mie0%RqS8y%bBD3xaZkzk0FzbVGH)Ab?GF?VZ
zZ&H-l>N#pg%ha;MEnwMg63VOCuzP?p6key*BorbTkWdvlW$tQ{P!Md;Ta{Tcvfbh&
z^x&J#5facn(0m5p0NwmPSN83qt6+V@^N4>>0T?j*7!$tm?@$HCx0a^~8ad6lR>whu
z<(SyB0c6)fJpTG~&ohL}wS-IdkKAgm;8v536XDV4nZgeHOWBNOfM=}&j~r!S+8IB}
z%<jV-rgwU~4d$ijXV_qn*PSkTWrK+|#eoC3yt5a>O>p@i^%m$9#O>kR$)^fjK^&Fg
zniw<%`-K&IljlzSQqosNIv_WE1s;8zn=*xk_P4ttCQ?)}0tC*+ayLFf#=Z6gXK+k9
z3Q%RgF%3E&kR{T_C~Vn2^NbY3lSdIYR<(e0IYf3Pn4J%I<8ua+pk*NmO9=hYwm9&M
zo{cWxa50r;idoTK+VlicqgZb0-&h_};k}+w%A1LJQh#B&bee3HD|m~%{D9XV@^pU!
z=kn+Tl}@|y#0I>x0+m7jj8nU{az1Q@Gc4Cu8m7>gU-m!i1k^}5n)9^wre=bF8#BRr
z9e~hxz+I?mU6TESoC@ANzTK(dcF-Z*nN+qApWOv65I#o9hQ@6na75tVnYdB1mASaF
zNB)Od?F3cDD@>G|+VLvdXIQ}uxgFX7Woh5WpP9=*uAj8GXnqsi|H<68g)47g#f_}u
ze>K^-hE>qevcourvNTOJe-ae=_F#Upn-`#s=xrSu*pP(=a{jjl{)t>*?>ZUYqjve9
zY<kBw+GTJ(fx0`a{TE>|Qep7lSfrHPo!FB)Sfr%AlSon)DFNIXZPKty68=EG&y$Ex
z0In~n8+CgSJkSgQ&>+rb(moU1Y8qynmIuYu=0d}0y}86GDD+2VE8_AXJUr5let!QG
z`wN_%^}A9w7!eFzDI3fYY%u1+n34v)4`n;0K|_q^4mW?<WqM5ZsV{q$&Df-=C$`*;
zPn-ack(4H3-#DVE=wWU$hM$8|yn2iRp|22B@*p36CEbFz<v~A390X|)ghB5{$9Gy2
zx0A$v(xJXi#X-8h&V)e+uzR%^26Z=pL<`rm`?$Fl<S=b%&@V(9bm8j1C!}Kn3~m$g
zJ;L5VpV%!Mh3uiv^+>KWoV$CEEev{aVF&p}(*Ch<54mh?Axg{P4*eFU9IzV4WkaxE
zwOzc!U7Na+mg5A8hcT&F!9_%Pl@}G45%`N7h<9KxtS2GUj18FZIEipsel4B6ZDS2M
zA`}}rZWy@dOvKSBXL5cueV#Tktx%mMjY2#mAYsMHx=?|G9dh6}!HR@O-A0Djhit6h
zL7sb4Gr$%zjZrP8{}4=Jxna1CkzbjsTW;;Q3IC<SW&<zb+}mXM=>TwSIQu(f!K;WH
z;OZsK9Uh2Rp!T|h`T5w{R%M)xEzn)E*I4u>SCh@2OF#5(hO1f^J;vS4s9TFX_9X{z
z&&bmV;<XB~kq{9PVZb*4N;?ApU^+RU@3n&0#9vtF;4dw=r;?MTil1kBREg`Q^7myE
zzs>N>{Nm`<HomiUxH(lI<AbP;$Ya1s>`M765St<U(TlR7r6bYo&?5YuIMji^?x8vO
zn?4kma_RDhP7_S=I`XlN2S&h$y8e&n(>-h^ZpYSD2$HK=jp;K34QBX$z$W-D<5ZSy
z6RJyv((pUrQLry#v3X-(cgFg<{0p)Gb%h3=Zb*pbe)NdKI4F~#4dk^0z_RO6s0lOh
zFJrk4jWiIYt1qMON}jf8?}``I^Yg7c<_OEs2XDv8-681mvcy?EIQmOQXQV{0!$l&#
zbB0)$9H4FM0!B|nbQE{<#0Ojhz-3)Vn33VwW!2&*{C76Xc_TT`IZQ}n3~f_}=3C=g
zh#QWz6u)?!c;EywDOR1775dK$N(<lwE#^7S^xs~TLIw554`cZL+j02-hxprbu8IwK
z4KY_~|7(}2n-Q@-xSs&sbPu#97o}nY9%C*s<EI@_Xbwg-Nd|Sps0`tePL}2q<S^mS
zjk^C(e|KmB-Zq>9!=yo9M*E~hA+=s_%KNit;8I<F8@u@nmw$MEiYE=$(j*;Lisu8S
zwIUqFZEbc57v#_-?YJN|z>sd~VEg?qLBA@5Y{7_p4&))z@?gPaKL5nu)jv06vIjqL
z1>dDteYwv?o5n(TU9x8L!US%+;L4@-3TE5Il<@GI0B@LceF@{QG*{XPk&}RJJ?}3-
zl~mXi-2&6O*<dAZM{jY7ZWuP_tay*Fjt!XnKb(Q&ICy@OD`#*gEHn95U(TeKC!+J;
z6L#nuWH)Vzo=dmib2aY+BsamfXTY*A0M_H;=RZE#z!&Fc87@EUare7I3-G@0JAB`l
zUF)6HHCWuo2CV;UqF=lRk$@j1-Gor^pc(wp<l_&)SIxq24F3fnHh3%yVJxHa;1O5h
z8|9%JaF^z4kR?!v^3YA__oythutl-``)5Ph4aZwULA$=Te&eO63PqudQaAhX8lya6
zly)^QhT<hwY7KEiz6W-6Hd4%s{s&>#WsP9aVTRPD%2IdXk1!|0Ef*RT7V$<DwtNV%
z&UFW8pf59EZGqR0V_V%NKN^9pfHRLLAJJyoH0m!wBcSJ3Jqmgb(&Lytob<GS^DKm%
z>#RU7-qwH~kec%zGtWW=(Uarw*3J`P)(^sQ#RDW98%6T<shU>N4q`{hMpEQ@(kZ;Q
z?hf7oKLB)PAOH&f$TyPQd^gPxk2K*6*ISs=9&+A5Or9Bg)icu-nlGzmpNkgr7Km^3
zQ%Vm@O&H_>LO;4ohUa_nEE6Fc#O2}7XvUxCIaf=FaJv*|sdpcO(TT$ygn10jlyMJL
zz=WH!x||d;O9tl8>I08eIO~9nxcqkjbwEb$Lunv!J0mu90rl;(rrau&@dxa-5SnmD
z1~J`@=OcKFho*^zpa-N}TXKH^0KiWrb}(zuHfk<*Snu{G@?-wm;s0E$+yz*<2VKoy
zW&jc(B?Ff4?tt$b9qK)6feY|`{!iljJ6N#xIwZbJdzU*Wf(9nhD@?+m5om}t&+Zc)
zlpt`RU+Vqr6BO0@QplK)E|oBQcc&z4GTM#PgCvsGZoPpQ;1xCdauMznRd8M^ImH#Y
zec>v69Rw?bg1%C$F3%M6`6f-#xClyGgo$|)XbL7~FEQC!zsUuPg(r<%!1Y@|g!p*Z
zFFWO1K+YCDs4)E+RKZ4Zk?eVLc)TSE?3sH%fCteB)pf&|1<Ov>ykbS9LHh<-;@%ip
zkRqPzi(PPHR=As!Szhwv?6YJiQ<o_(2llW*5QT}5Rs%O2#KZzu$sTX7sCUR)?V>zW
z&2ajqxP#k__n~2^1e##;JF@rkgnllrumQy}Uve+2$_(DxMzLrW?;C=b;KS1XCI=gM
z6%Vq3EtAd3VHSez+Y8Yb9IK%#C=c>K=$D@Z>oS3#tWWR_HFMWe^N*cs7s*ODnyBU0
zV6AiBpg7=_7A#10C$2V*09Rvez<gnsH3&C;A%fWWvRXAterO#OvkNYkt6|m>mn4>2
zA2R{V<*}Y>xwNxKTDXTCFpX4k+{bvqNPBLFg}b?W(&h3mb;yTi$y&jYzkv(JC4YDD
zklFl6M*TX{Ul1UdkgmH>4Y0)tvghU#SWr(3rz^Bk$fD+SaqD*CpB2X7)FNXB<I&`;
zjHK8_h&@`v1RNkPlb~~|(L*Qp36NZx#^PIqh%BuKPl6O4@Dyd&KOmlB;cET?VTR6x
zXk1LJgVtaHp7_jgr?xV+2Ka(>Jg~Dn@<${mo!11N`CwIrE4G=)2JtgcDYh0?A#<<9
z?peipNU5sb;EH`H?GC2HhXgovn4M;Vwoc9jSpv#22*GAqCVtJ#M31Is7V%FpmPKYM
z3{^8t{;4RdpO{$*8F=QEZmgGza;~1Qz*f44!8NfF*d-h$I^u!^DX5ynV^L^`hl9`<
zhw~)@@kRb&oI{}TGD1W4%GttPjo<u-XHnP7?7oC!OgS$4<FUPTeT?DG$K%UP&>?rp
z=X1&kyBwB^Z+75dKmz<&<J|1V@$@FoSi>L9+2S*u`c7PAgBhjw#K_r57ou?eA4n8n
ziufV!R3H-S6;ckZzd@Hgxx7|N@{Mx@?uNo^0^SSX1wW}*RF;QsEap~)Gfkcm;8748
z_|XIU2E+!8SOEv*tl#Kr-j&7yT?)|V!!$MHkDyzyRi88dSfl#KGL8z?vCLl=M0F%D
zbnW3iFY;RiZTe9j{Em^1$PLUxqIc&~Zt5FUS)>_(u}D&*%xmEI`WiW-u&Hd|`K&Ah
zztjk^0b^9?b_GP2M&M2?<#vOE|09_#`dJ{lmX?PWl!6X*7-YFU$frP7ILOh*8f43T
z$%DKPz~oH8Q{857VWb{G&@bqB7(O9-yA1Bp-wQ=ogF}L6Dh3w(B5A+V^9M(+n>c^4
zNag6Zcy|f&Aw!I;pj8<u-y~K??72)4D&CnJJ6$PAXi;Tdh(L4@@-k4wfI|mPXP}q0
z=6MjjZ0lKmGOQ=@!Rh94`GB*MBNSLIG7ouH!(KQ#=gEk|H$MXEtQ4M1k|NQjHN1yn
zFkoYZu^+T%W|MLz#@G4&51rVc5j#Ngd0wd!dOw6`lWi#;9D(NL!-(2Gt4Nq<6}2C1
zwfTYQhEDl_iGOUz2PDo*V7I}K!QD0d&%EWi4lbcc_?oR@Fj+S0sMrus*#A-3v4IZ|
zatXjxJY(6Ph!~&GnM1@NnNVj$O{B4=|A{54gzIDu@vCRFay2tX;mONFgvSLVoZtuC
z-%4JS^=i*IEQ8?ym-7wBGRM5;8Oxn~kIcOHIc)?w@kY+Nwf8wrU;^Ap{yib6q>+xk
z<H<*8TVx@qXA(SKbM+@(`mS!u7@RWXLt8#$<gvhD*Yx*VKxx#rB^#cSXLu$98h4RN
zDS6viGz0?X_)_7vrLO+solmT2A}KU*s15N@xqAmi`bhpjKCL1M9ND%4@<30d5i)f=
zS%-}9O@rTj{FwPDZK}eT#t~v;gmUiG6(U{1N(vA9a5}uGCG9`%VJguGluI>m7EeM8
zx?h26;2;*e2iim&ewXrhrTng=?IeRWDp;U{)d)I6b+pNHg&r(oY~6>*MxWN6>s_Hg
zlu8tMf~EP5=$vQ1XlG_&tXTB>0k2<!G`dT^o;@=TtHh2F%k^+Yhg4a@>~r**yJJqY
zLe3{77Xfh<gXT@uy!Q$f3*~Q0gyx4y<5x~Ma4L8|mRoRlqHf#yMjh)1aI;tyT)e!S
zsMhm042MA1Gro+&nIOY?3Z?XLLLh=1&V`*0=TRzeF&viVa7M<5b1IH>Wwuig)xY}R
zB{JLnJ6`vXW7GYstHN(rD9rh%O^hjXA+O9bNI(8at<|Z;D(KTey4OZ(y$%*g@WBQK
z@jNR)%Lhz6(=qZ!iIa(>0LchI$*!C>wSc(k(T71^FnYruMV3w>@GuuDAiz2ZfoEXA
zFB2N!4IkL^vC%gC1mKseZWwj6BU35+RZ5ecLSuE6VyTqvcFL#mlvb6p-%go^A*nLk
zRZ12j$UoG58BZZA;0l#jVoxFv^HA2P^MYOoaz-uye|gk=ZC{cYnmu3d^0ivv6Gvp@
zlRd0JA<pA~>}u(lK(-#)a9@p&2lxOO4b@+PeiEljI)&&Z4XRm|B}DIKld?okp4O0z
z@5Q=*%xL%T2Hiix)$X4S+`z+N4bi`CiT?SJP4{mfO6vaI2ZDC&{yn9a8OySNzdTm|
zmW9+nn9=TEhVCC{*Y2M^#etJm|17(I6Z305;{|xvCOUT*6oj1<@k$P=N#ZzTxxJ-x
zD9E0zg?3ay4(wxqS+$d%6NO&1-NpVPuid$OnIDteii~#WY%B}>3H%mTR*K*jkO<GA
zc`lL8%|kH_xvQmfU(FuT$;`4T*wf4sDuB}L;U6&o)x%Sg=>__?HI`c`{X<T>f7Q&5
z{t?a5KiH88J+sk0&{K6WFVV$n4Zqzesk`_BNEXb6I)xv*SPlO#VFCv3x!J|j<6S%n
z`?<nD)xXt2oz3oF8+5?z-?n!BYrp6MA+U17x9U@525g*!Z>>RT2>x(@QtojzV~%Tg
zE-Ypb`1_0_AU3X&k2_^q#eYODdd^O-fKr=hK)O}-o)vizK?Psj$!1jF$X(1qQU2HU
z7zN4%Y9(ePC`m{Y2%b+$)_I^Ufgc(i=pcc2L0$v4wJR<IK^oWuS=wgrhY(d(fw<HN
zad{@+B>s|8<LkK@_I9+yX|{$7=XE_=!O8e_fC$o*^<cm7*y91u6&RfZqk~V6IhCCt
zkGPch6&5^4w-5S!!5WCuyycM{2-^5<SN#eIT1s?C1GsW#Du~bqKzQmd9Itjw^(Z3S
z>mNCN#nONHWcr%u6&CWM$Yu^lG>;>)WdQNn`wOZn4|!`7v&XTe*|W#-m4dL*VMtXc
z<CEFD0tAEOJCe=uarUrxEGIHy%E}_U5iM+{9UYyC@wM6^X6heV%d(u;6Bl!w@$yDs
zIa1W*av1tN$@x8l=SfWOB+M?PqtNuQ&5pB7&cUHJ7Ve*6?zA%D5Iq<H>Q96i1ONxD
zv{sC_0<;K5Du$o0RCG3GthTCH?sa;ZS8?e5P+SoNsNBFmsC}&k6`*<U^;int8&zzR
zisg<jyB(F)SXmLT46g&d13k%Fq}FSdJ^lX_SgDtXlIV$U#&bVLN#;Y3veI*@jBq7N
z=@H%xT80tME<MKRDsleTM52<Tdkz*JYIOZI{FCWPb)D)TWID=oT0OG^Avw^b{@DW#
z@V+$qNbXkmu|m_k6BB*h0+PT!cE-Sw-c`hMcW_BihQmINM5B}r=0y8}-f4NfB6ynu
zI-f0+@5{VYXxOy)a!ivKN4N*8)ufQ0FOuc7R9=w8<MR0=&z>96@7hGaP0uueZ4D~a
zusvS)d*U%*YsPZV)cq#;s(TTN9|c=D^p4-ZR+zFH095aRB*VMSuZ9D$l7e?Fs{p*2
z-5%4|SR8e0&{Lx@kk8u@uF$g$NGAu$Y+?P_*W0rGpJh?fv$^zmu^&|L0-<_yy0OGR
zxUR~B--0k`86l3GMu0em<#H;ho4e#wV-X*K>15C%P8y0;&C!0Jg*;jsVbt*jzKDgW
z29d{6|LhZ}L%e0=;E=-=Q78n(O<5oH2l!L$3P0PV2a$rISx>?d55~v+72~sX67Pyw
zpMC*<%Asd{XsJB(XgxkSPzizBkIL~okHm(o3&z<X$#u){VQiKPHtJxC3NF{dHYszp
z1Ad({h%Y&ahcPcsfMhH)(23}fxPAz}pJsK3CZzx^7R4$`&ENx)jm@k?cAm?~e}bHa
z*GoHpSSg=p_oE^VAO(q-Aa@WCwMzaK`Q*Rq-T82!xio(pej9;5A}^$YGJ#59uo>4g
z)XXJG0FA(d1QGgNz+$U1t^p~7G|*TiZ{lJE1U&!gBcQ?+naCMf?C@F-Vk>3qF5vx-
z&;wFJs96^jjpQS?oqde%gGetUJ5aN1UkQANTMLi^@8HM>aIJ#%tK^F~mLO~7J;aHa
z>WGgiO7ZX%B8N0#vxAa0dR|#*Vg{b$*~}-3;AhWK7R<&A@e@;NSC<OiL|H1tnv+vS
z){k?e5ojRK1vzP8F@8X>5xR&vuGRinsuymk=4HU?R9QxjQ*QS~vl}GJDJDA6KTBU`
zNnfDUQjp--1B1{f#jjv11GsST-+5)<6mG}QW&tih&OChLi*MBc0?$Tz7-tZ*5LR#8
z>W6j_<}D||6rD~?VR%2niFJZ{7>05~J>6>*Or*;`obiyIW;0w{BnO;b7USAsxJg&T
z1;a2Ap6SG6hFcNlS+N3PbNbpA2`&-B=n7`zE;aZr#JM2vhT;ZK^CBMu5bG~dOACQK
zTA#2cN=Gvtl1~?cMqr7Obs!&<0!x&z1A$ToOkJJH0O7~Fp$BtkLL;_B*d7L|7%0`r
z)r_fO3~3hwwG8A)@{&xSL@vp!$Cv#Qh!kiD6)1?IpGz}WA_IOb$!t_V0+}SDtZJKd
zeo5vwgjofFh@64UCLKX2N(9LgOUQx_F3BW)as?mAl$9NPCbJFUa(ubOS(DE$NR(kg
zqJ;|u1$Pjx(P4*9uh!uL9cDS^FVf*gX>dtqv5qH@ST7r7J_4BGWjbGlj<3}56}tW^
z9X55iT8B$@m{4Rr#X4N8!$msm)8PUguGe7#fc<FDVS<?9WeD@zsN)GRhL`IwXOH2P
zI^Sv?uK>Ixvq^`2I$w*<w@t^l>iF#vcGCuHNoK3gWa&(tJ;v|XnQ9nl)0t8*5{{Ti
z!1yc);{?V)jvgl01~awjOb(r?ikWO!5Jt?@q%#qQ+$bxV$p$b1&rC(Sc}|QlK+IH$
z0KZi_(`sE)wax@9jwP8jI#aFAWcSgh!}jRwb(o-Gxdt81!k6J?I-H`zjXG=tX1NX%
z)XcvUVRW40NGF1;5hSXUF>xBb0-3_8z=x3GtY4DJ4Uo38$1|{rf#;yVn8t#<&`+B#
z_TLqI!?kcj3x1j5i}B<-tj{0CZchR#Gapp4SOGoSReDAx*A-QxlIdz~BW2L-w2cr<
z-u+vud^S<qTX#HbrZ(Xj5$amES5UC6m`Lkp1R}L)gU7bu$JR9rSF12}ALALWls;fv
z*kxVBuqk0thYV)87-4IDBd+_>?!|h6zX&gDC4ZgBUyt!u4u3tsUtRG_dhnjLX98+C
zfEkzY8`ggq-X&r5=nd;NhTpT(-?P>*ywMK7VXa_zRU-cb3_oV4zh^CBnCyjaZyv*o
z68UE$9KB5^UdzBt9k`T%YXvZGSfd!Y)cW`#sCC9!@AFe;ZR6)cYcoIRTWk3_$9j>U
z0_z!mPPP8Q&xzJ!{PeOO;wRf$#!rTI4?a*a+$A4OmpB;bm-;+@H=&#SF3{n<I^3+k
zkLh@i{+^=0O4+h0!pE6ee!Bj00uYY=ihoAnk8Jh_tgN@8ddgztXhwp=UXGlW6Hje3
zAnfQ;IA~-**jBOqq(Z{_s2{k+99^o0rA|VO8PYsGjy0y$?H^EKA*Kk))OA%@2Un<=
zCJclzmDcAvhNOluRo2@&X1T<GOJ(KPyv3)1wZs4zUCKz8jugB^WF8}j>PQkeR#<J_
zsVgL1WK4}!qhnfiOs#c|jv*oDit*uVxpX9{I3w#BIaEh-3t(geBm3*f6dCC=vM*V`
z(2-d>vXMEzdjb#$KOj07y*ew{?eedCVZHCLMj;dLaNMy!m*$bvuH>Qxm?K9hvc$K0
zOnvk4wZ=%YRVtqZZ`$793m6Y&A#_WQdZ0$m`*=+z)zjM@eud-+ZVRnHJEZ04E~Wm1
z<s0vyw6g`Q0C{O22V21Piho2Ep5CtTKUp0I;6`<@MTzdF^(9C4=WSv>Wj*|*jBH6I
zN0#Vwl06aZw+S-ZgRIfVtEKWZF<#7pU-s3j(q`{%nmi2ZHQOp=YF{uU)AtpiZKYci
zb@!uyC2U1-TsUVwj|)*_(ch>AfwHj*Ntg$in`mVtEZr`?O`Z52L>|yQD%h&1V7n<2
zl2VHLW}%=~uvN>%2Bd3bZn+FdyM6qMjfhRKVJ4zUyRsDF_>yS1t)M$yT3#cHIUdlY
zfuzHYEA=~d%qB`PL#2FI<k#aH;pN5zJZUCSDs~V?&f+Wp#>kmaVB}m;Y^+*5071Mw
z0`^p7zVwp~!}Thoa59WEfYYqroc;#ENn4VY2$l!a4gOv(zsn4qHo$i40L)4P@<4QX
zu*`rF6wU=Y#Q}cOZ4}_|L<3e-6AjZSfQ^O3R!}HX#K<c0>f2C+focX?bN~!74NMSS
zTOM3t_yBx<xe}Splx#~4E<zEpxPnWKWeD)wDBlN+<vJ0J$x>sbP9(3v8o0I@-=xEg
zXShXwx9NCGhqvpnT~DiyXFBV%!>pHKHqQFm^jA@cr6O5pynq_{8g+V(9ua97%a`h~
zLx-2?d<8nbNXIwn_+lNl>#@rdQml{p*=~gnGe5(`Bz~)OJjcy&wGKDvaE;DatK)4r
z`E<Bm=d0KG8t}zY!C0o#eLB5Sr!SZ93S*_@TVkx%-zI$7-xNv5d`NhOQZ@qvwn_X7
zW4q30!?#t!P_?l0mSkFL?AMuCDdXF8n2j+^o{$G0gX;v1IuP$fe4YyS)4_f!s93_K
zh66#0>iawEmm2v9IO_w3T3R>{vI!V!g%@)b$$QIsUD0@2r`O^1uNJQnc$)5cO7`JN
z8~zAQgB91!!2Z9;z^PG%X};&zX6Q*7F--Q9K74XQUo{r=3orO8eRvh%Yzsp`$6y)*
z`L9P2xE@-MRuwHz&<jOa2yQegP-LSD;NGiLDuFDw;vnx(^1WQxN5^vWYAEGUqP?fI
zYD;ROxDpMw+=6uMyf|xjtlIOa8TzBl56L~|%`;l$lc9vFYgR4C_4Vwbal#$f^Fye;
zWH#$YK?>`fY@BpEnirQpf-SC<_L0Z#<O#Zy91z&wSne5i4~<oeIF<Ef`Tfn%H5E!!
z_J|NCH=x1U@b;FDWS}ezY;AoA<z+c=oq-en=qk#~WV~=;0oa%2S95GN?$DE5A6m6g
zmT$^7wG&b8?5kYbzUsUj(%)$?-;2V`(Y7Ch+y?S-*niJeDk@RpI8aAox*ekAm^DiY
zz5sWlE`u5~8vn63CN&ttBVQ?Hm6G3624^Ro8hOuFT3vXvJ#{+K2=E>!<yet+@-pf-
zP7?i<%fB9g0NI9O1K#|UO<8Mb5!VZLNiH8Vw5SmsW`h;z3$5=<m9=0ewshRYDp0-X
z?#5vp?$Bc-M;%}?9xxd*N5NzQXUKs(9bt0Ktw}Jsjv6v-lMWirogcZB;E2n!wLM+`
z$S@lezr2Zus|_--GI6I0Amlg;|JoQopP@*{HL~>`4C+3`cvqt{N@k4JzaN3PT_j8e
zpcLGKsCHPuVOQG2?k8P+jJrvPVUNMEE4*sh=COu-BNixSpn?h~9>)n#_L$y*k?sg$
zJ!^eszsUEZtASqY;+gi;vwxpS^jZ)Cp7GUq`^3kaJk_7mJ8)>xHue?s&4FWta$~{>
zaK$AL6PH*XP+9Z@Peykz!A&gH{Aq@*n+4LBW2DnS!l;*>bgYryfrT6&X)BZ*8tEZ=
zWR1Z43nH5l4SgQ)JrSE9d77E2&l@|#9(N)gdN(9<@Jpn(YW#&Ve*D2<AG7Y@hQ($G
z4e&i(sJO-bugzY#-<=F4V`!0u)HoKjvPZxMMzSv}`6aB=utbgmlB8-N#n2f5X*&zF
z2T~<~<OE41kghuxkSejL<3PfDGzlO{R{*3@k=}^L0*|i;4KF)Ge&id`;ZXnin<RMY
zbR+N%k`=tz@nge_1&$3bwTr}ct0ciDfMW!ha1@A^6CN5wT@{Ep9UVY)IY4v@Xd^*%
z&9Ojq9u|8XM601xisMl$YXpccj{FtTar&>}W2fdv{47L#I$WIuADs>-j!0JUVXu!3
z9~L+^eDVN>SF(^Lj#PpZK&D1S3Nm%?04Z$352#cPsYlQgAX66db)YR*0aD+BbP!Tg
zj|HjjAQN#&9YJ5>kdm$dQf6c~qC4nMG`#FQ`H^)jN_cI#F$rEe-3UB_WCbsdOvZfF
z{&Py49&shIXfj>;$X<j+94SDw%mz^_ek3E4fJjm`i2jAf0V2oIATj}>H$ig<BG<7%
zWMPHGK@<}GlP14|BJ&XBd7bb8tolV}Fr9E%JI#gzX~IN_-lRalzIA{n_n&t3m~KkM
zVEuC$cW4p0S&Ui+5n9xyfzZTnXc1Xp!eq4sf5$~8n(j4n0wI;kL6i}w6Hs+xmLdHM
z{iT=%<90P-nc-H~Gdx!VRF8r3(DGzjC!i9`lb5C^fofY<_Kl!I&zjIOAv8AfJfa)o
z_8E+i-eTKl*tzl}zeg@e^kTWcy}^cKq820IL9zlS2R04%@Ebk(e7kQIo;SqpJ4%~a
z889dl_aNdnIPVKI-Jw+#9BJrxRs1NU6^`9=V+S*w>Fh>$;OnR=VTQBU19!t2_k+fi
zm+YByNvFU7-@Fo(19M+j3tm&f0pmYEG9AGNyUx{Oe{-sgAE|kfaY&U*eRod9xQRL?
z%uf(1#D_a-Xk}6T5M}_k40M+Z94lo+yuhK(`DSQwEu!M2r3FJECTx>04*C3od!wWQ
zH$xB-gB^VN4-x_;9kXqqgEESTs!=8GL4chV?4S<+G5})<$OtiGa;Lz+g`I~%7PyGe
zU!$%MMjgit=?}(U8i_#!qU}Ajy^fuhANdq%f)Br$Vh<bR)agcGJ(3kZa99c-`T-w+
z3)r|Jo<M9eHGyDVw)8Qgnr~E~6V?1O^;?j(0l!0wd2mEqJVyeij3bEaQKQVyLHsxh
za!j=$*H=dSkPihrK<-LF?o#k8gxvMVg4}cvk~rkt7-t-EGNXXp=*W49Zbwfw{Olb0
zkzO|Z&bmGcemdO<e2XzE__60l!;cv|gWrA2F)Fzzq~4;`Hqt(355(|SAfxX;cd-S2
z=g24?5>N-<#8ogGov<u$7fh|M5|G`WTwfKS3>q+;VrjE(1_mOR_JEn*;>ctKNuSGu
zxF~nPduD|9i)4MBb{)t*PV;I7sp8b>1PT=>f^Pz#asCO1I!__#OU^i4t-B0H80+XF
zAszN$J>6Y-V3^nykxfOyFD9gS?$F&N(Q^6fmwRZ@2;vK{@E`6?DT_vnC>45$3%ERp
ztCpYJ;2<b2cVo>KAPKl~2FNQxBKM6PtRsGwb_h+l5Hvx9#0_3oiq%z1^*AWuJ`k=Q
zU5Oy*&F2gO9ta6Mj;{h<@O*?7YL}G@M1{z~1LNin@Gt^bM4<^$YpmT3q@9rqks`IO
zxt34{%>wwL)%r+jwRmy&@8=~cv>rqtB5(Q9!}0+u%&_Vjt){Fy80OVaQSy9j-Nf+O
ziSX47pOgrfGfdVAdLTA-A;aGTUb_4shNBXe_D*J)9!GWhaSXqj2>&<~;TIG6_cHv1
z9o}bs#PFXJ;nx`sA#6>lgW_x<e_e@R(cfB^@-y2S$IncwjGr5<3;DUmI-j2_taJFO
zunPEbS*P-Iv2`Lp!>nHX47IZP8DwSfbB1(!pH+!QqbEq<J!>2T+16(PWXP~S!Uy_@
z_vAx81U<U)OJv}8n)<RZ=)RBr{o87FvuP9eQXv#bA$73sW=bxKk%*RZwV9C!5+p{O
z_3GWjnvz^g5n5sW+-faXa!M15GbM*9=OBfRmg?-}m#h<Y<aV92k&ziXvQ<YeXXO6p
zRB=m3u4Lqg5@~nW9ePAgB3!5yydw;`&l+{cL?^gFt-nhFD9d2)V?Bs~Mx}e@r(oq`
zW(h-HWxXy0O`H1z9<|o1_b6RiiXKA+2eyil;Rn>!9i`mOVtkM7N`0gho-ym9_o!sy
zynLtiMqRYtNK6?K-%o`T6Hp%96B*n|WMYKJPL7<aYd;5H>nV6U2d?~GKDK-;q2Kvm
z^ih<TQXh4a>^HHW(nmFcHvDh;C{bcSAN3lmP1Z+sU#0X>z1|gl)DIUPOCMDsE-ik=
z*Tck@%)xg0v&ZfJ%Dw@|0lSpL3U#CU6zSpZjugJAd^?P}+AGvz*K{&~O{#wA({f$m
z75QoayRGgrfIX-`#E1S4T4SFjmZH+oY=?Cr0#v(=dPhbxxWj0sCEs6zCqnAc)O~A*
zXGVJiylmhTZtNXpgXfuq{bLvQezCh-&!qt&TNb{8!bvXi4qeSX#Hf1~NyHxbblB_7
z7v;PZVHth38n?0VK9NY%7Be>lffyTXVwo`yF;Mai*~|SG_S~L)S7-!p7{@B`t~IVH
zZpwiVqLb0vi6`T_-?|)E$v*G<EDo4J%j6E;3f2vM)c3Tp5OGi2-_B1U)+FvfT**B~
z9(}L74Hztbb9Py-a|DlfE+FZnTZk~^XPQ(#_)ahM_Mmmc+@9F<c37{!C2(Igj78XA
z-p{;@j5S^}^Az~o(r3YS#kJTN;TwhSrj)lIPm<4?uO}yb*1#1{!avVbNATh_+L|tH
zX#O_I--H=@rG-QS=72b+ytoa&#p}giQK1=nu{9~pveW7$ZDfUXZveaJz^kQ|?$DGf
zpi#mb7Ci&Ra6gvW{V)1BBk%|ty1f?iK@~^ZngW+Sp%=+G$8yhB(WIFwdbvdRR?#i-
z=q8E&@hYjfH6BgsjQ7t~bXz=nzeI0U(WLRJZW6y(?rIfX5RZ09^j}ppHvyHKyGAVc
zE)`uFk0xb}<<3^oHSy?biJq*Y>*LWri5{h*8{^SrMPs>xRrG3!1{S`!62I(KFMeyX
zC5Ivd^y2{zGU0ZKD|p=x@OcIRo1v$D=(siIDK2vXE}{r+t3pK)u!xe~=|UCNq@oCA
z>ns&TfFf5bqxz~S0uxb$u9dE$2uMT`ves8Cr9}b}QG}}Xv5F!95k-hvuc{~l4^f1s
zwOU0HaEKx#tw&W9frcnT(YjYf5nzZS1g!-sN`Mu5n$WXmB8o`w*~*2LOutBvf$~Kx
zuTh@;5|n=uD;dBtlhW8hNxN62H6*3650W-Vr7cfNV`n7o*D9?kDXqm$yGW&NPfBaG
z(@s-q`;*ez?6j^bEekZ=9s>>Aq`faHxg>6{Pzw##_y1NA)heP2`ZS4XzZ#!mT<AqA
zS?n6Qb4ZQLR9bOTTB)5jPo-5PrB&K#RVuAIDXqp%D`Q$%(9+u0MwR7@O=!*?dU_i^
zcybZA+>YP(9}#<#$6HVX4B@P^!I*&ha=(00Q3XY6qE}#x2|Z1;MV%Ht<>6_(*M4Io
z?zLyz{DjN@U*B&>gRQ7GMSDH@EgFQkQ-_ek(@6?X0VynShh`TEDb(J@RPV}}+5aM!
zj-n}wFr6=T__H|I!SsAH^hBOa`(Dq5W(cnD!Zmr(KJCuebSq(Ek3Shtc3b74`TGHj
z_^z;10`EpYKvOw_GoU4SIiUml&@_piNoFZPPBz%?&PYt=w56v+{)xU)aTS&svUYxm
z1H~d0XKyoT&l-!oiSsJ^mRla4pF_t)uF&~b=wG;(5IjQuL&yX>WNlmlM*ceM6`U2w
zZf;1F#}q66h4anohv7ONoz<{B=bPPIjN<4P=h`~^6&jk|?y%MZo6Lplgh*j$JzesC
zY0Y?5cG!v1lvOUDL~}{}jnD_W(t``V(6CtUpDvgAg=_{B5t>oJGx4uDD`vPl4^FF$
zzW}e`4SfUHJIseWbc5v%dDVRAxmWY?KIcR8az{_bxooE6WW;^X5dx6|0B{_C(N-UK
z*b5Hjjy5yoCB5c?_$~^0?QDlYxB3ai)YWW}p<j8fVlI4uNb-AL3->HX1nvz`nJQXz
zhv&A$#kqu;)XiY2VGsrR?7OT&nM!H#tP!{iQDE`XK$^sRPFEgDI%Dx5jO#N|v3QjF
zC>9G+q{_(W45CPJ7VE+zCOzfN5Ru?g?F_CAv!lG{6l<=mRNJ$13`sUow)dQSStazu
z#lq6@Hf$+dFp(Rm)7#|=_lBQO+;1C#k>mY_vi!;@fUJ7XZZLO_<i@e8+KjzH*B><?
zA6QauINS)QyXc)CntEV}(u^qAM}=C#2~~C_lGoCU$XY(BKpD@OU=!WLrt(G}Pg3jw
zZpu(1h(}Q26sCp-8`Va@i$qZ^Brc&UMfQhS*5zE&;p~stJFV!n<yWPciQ7O_%1idm
zamHsMF026?3IT4zrD_)LB&{K%O^HlFWHy43&wR(wiP|3wtTbkg2UI`?=+mWwCCF@x
zT9)<au@ew3v9ka}Jwoo_ihLiw%vcn?l;kV1;9f)xB=hv!2ZmPq(^}p?Wo&TrfRypU
znFF%;N3O9_;Ux8y;1y<7r4hIp<R892jKB>%poV@`j^h<q=Hp`i@i%GqJLQM_R+2eP
ze66eG_1R;1U#S7f{HNieJpM};?zlwcS9psJ@F?=0&$gLcZu*pCGNPvgJIXjXfaF?q
zm@a^HcF9!0>4XdmW*7Uc(WgTQQVc#MmU}Mq@>p{-@85952dp!ZjFWEDY}5<)i*OFJ
z&+5e@8P*EKA?Z>1ppEEBa)O|2OdbHUu4>^4B4)k)I=(nruoY_P3oNIk929@vXvn&C
zqp(16QKIxeah`?)7NBx}u761KDUSxiV<xd>4!s{vWBU6DDk5u+$2~5b4j*I#*SSMO
z@&7!Wnfx2GqFo`c#f?<)7Xy+9KYiLC-Mi7<x;!4_FvXqTDiEv`y14v@TKN82P+Dy*
zn)LE=Y`|$102r28(xOhF&$0Z+)FkK@J;`YO+a?Tv{v6|LMcl~HIUHTd&^=T+2olk0
z(L!X6uNTTzk`AU-6Nnt%TjCU}XLO3_k)r2mcQO;TJDF0PH(&Gghdwcr{<Q$5O}ver
z1#ehcIAg&D8$8SW=chf(bQvcI<6Qw%gZR=q>=0!6{jEfdr2UHiD)nK!lys!nGf&K1
zZHkeg-%ij%fB`=8zT=eI^jjp}xEF>fKw{)&q~EZ0{WsS*RyK)XyCXU%$0X1K;_?>c
zp-(Uz(VM)NN4Th^2+P<<bV3Wn8YF@Q6J1pFyW^=k*|{QKyO8&KXRvyd>~N+B63!_P
zXK$hlJ#mSK!+Ny1J$;dR;e`p(mvHtRn9#X`=`H2KsV(r`Ikg4E0%W)fi?zIDD<sMM
z5xNnvpLy1s!J+xQ7TOxW7Mg;Nl;aI`2(6nx*H=P82t9Nzcs!`6SrVNymLo4Bu;OI4
zNX*v?vGS?rVpl0wFzOy5L=i3mLBOs5KQJiX-n=J^zbdhc>*69KYZpRJPYtg71$Qd?
zW0t(`8G<{!Df{u%=X^MF+k(rMaPFHk3dpv>fgu3E^RnQ9uS_t`0Tl7#h0>w<5jtKI
z^3`ZkZqY<g*Zl#JLY4Me_nabpLU#%+c2M}}Lj*|D3AYGII$l1>@(fgJy|zvXG~kj2
zW7%Q-&@4R1=VvLNBZ=Sm3He=5cX$E(mcDNBB07j$G;(ZX@-(-Qha>}YZA>0OS#B+_
zdwROUx8#vVp2G+T@4m2&$;bbX65dTxy&NIEOi&l>|8f6VI4!z0VhnPJ&IO%wL~)+v
z*A;usbAl^0x)pPf<;DA^^IOq?Wo^5*cS`hQCC57+JY<}L#RimPQOASmFobn>e_!+T
zEDzu8;GvcMEypd-FX*)v;yUXue^s2^V@(3py9)``cKwB@NP1yVW(466Ocf(0`hf>B
ze5fsHJnj5#-4OS;rS3md&m8x+1?#D}zbz8U0?<Dpl1q@QQ_=vRTf@c*k^F5Ek-S+E
z$x=-uuN5LG%QZ2CBzl=Mf%MWrdI{Z@#@_#(UcNO-(aXPTdbtHJR$>R8GV^G936A4?
z)4#x>PQ-b!+*PvHa9|6~C{;pQx!(YMyixFRANFjp;L!*swb(xREmVa}@<7-*M}o_X
z@0^G4>C-_Un%F;G;en9Z^xIe-nujx-f1T`~`0D-B^bf=S2@wwbx&EyE6DR$?-2B_^
zm9YWx&QZHKFe)Dj%7K63`Z(Sd2G`1?MGuV675opz7mVUCL0-Z->meMj{Od40yw`h>
z<BwTqye#-<oOu-f#n+2Gy+UuUF8EL`{H{FsCH$UhU(<8pYkEK4<1+570|vpTpJ$dC
zN&~2Kyy-(WN5{MTyN{T`uknz5x|zE674nqw#1;FCw~@hDUu1!xU0})2HvVkGZVD?=
zJT_di)%$@vbt5iAcX1xrkOQ8AYF$`VLPq)(e-oj^l6rPdVhIY(J8YfYpMF?p=b%qU
zT{Zc<?Frnp<+0AA{N=(i?;xY$82)mVztm3r<x0Xa{N)ZDlT08IeK13Pux$K?yO=Qa
zG0K|p3+CMZV(cRod7gnx10!Yp0e8jU@;LGGio-12X1-uM{x%Qp<O`l=>YGtKLH?HK
zWIIRPH8>n><Bd|YIg&0fQ-((un4w7pcr}}ix{R_Wws>8<#a~GZnso9-4%9f>uCZgA
zuGDR?X~xmA$$NH`oC;6RM|TfzF1ea5Ac|!5^fyaJS9(r>-ZvG8D_r>>leLab>Y6?o
z8-`29;Fz4%*qPyZE}qAxr*V7)dxYKad$Z&{&oJ;sByI~gQMA>bUx4%cZ7JS?&V>v1
zr=;{u@t)>VruXF~czbJ;x7FN~7H4WkW<^@iDkx$f5W80#_#Ml=4A<Vs-v_9rb%pQV
zE^I#NFxVH;%A9n>^9Ln6!2N@so1AN;^I@E$>^{Yrbk(1e;{Cy1b~k%1{n_emjh-VM
zxi?2syCtA@LUMJ}V}seP_9J*G<NXU0LH9=5DvdNofY~2Om4+j+AjCB8We56b)%W2t
z=K)9AC_t}b_5L%c0w_X1ytb3P1$6>%BS6;(?O+~-YbL$lC4<)pP=up~yemHB{{X<x
zf<@5){(6K4Fk%0*0Q{Sy0UYgPpGT6x=_yrhe-UrHwLNqPpZL?z{p+!z8|~2^b&d(`
z6LXJ-_G9-eXg|5SJ+zbM+4|*U3TA-jII)z1gj%nCoC@v{uiVk>AwZ=Zw<$<Lpn;}*
zqJnNl9Dwj;AULo108+>UF47SGkr3uZ6KoE(S#+>~-MCavhMnN@H%{Xgx}BmKGreEe
zOfwdg<ySf73dKw0h}}T(s_5Y4^FMg-!TVjo$%EUb8MmN*RI(s_uqy^jjd{RRvalQq
zPQ*BuTSq=h1)-bFn+G3y&Y}b+X%O@$oa22`4r}h<5$mbG>Ltdk=%3WIfa%5o#A&;v
zPCaT$)EmU{HE{JhwFn3m%ioLB0%)jyPBV@9lucXRmqBznpnW_S#y9sVs|CDxfy1M<
z{t$Q0gVvr^?PoA~y#TP^lg?h$1+TSi^ju6L>v6b4wNUrfK$Tfa$^#P~*ssX#2OeiJ
zpZ;3BYth3DnR(_g6Q_y;jNH@}L;`8^D`5ZhJN^ufuP}#=uQUQahQg!s<os`j@1bPX
z3{I*rLzh6bc3Y(x9=-toA9jasD|Ux&1?=abXOloQ<~vX?X_dKYbfPcIBm(w{i1*J&
zU!d3<kG_m|cxNT|L*k_m-XL-mV23W?a1Y6F@i78#NF5k;zfMN&h1+&EqDE{4{=}d5
zr~|@_(!p8y67&>T2}{s-oJS9MN<|dJ!<F__R9!~?b=T~3I^|s<mRtZ5gKY|GOpxSg
zZ}q%Pv?t~d`n_SclGg+F2q$tp_=h3`5$z7*kpU{zXXg;L)C_Eb_>)~;pTul{)uPy^
zs3%d%+I$^3Q%#TB$zyQU5W5aop@Y`cJ-~c!E4x`6-n<RIBN}R~-1|pj<(48kmiyiX
zdgbmw&|bM!*nHCSWvuqzBgz1%z>ByoRba_NJOOqaf39#Cg%h!=uzuk}1q)IwU*}6?
z!rbAhIANcfyne?8XAW)~7wl&*S)Mwv7wxv5j-ta96E=AqxXHoAndN=+1;HK;AL|o@
z4)UY?=!<F#!t%t-ae1ca!%2PA==i*ne|_aqYm?))b{lb$2}vk~Us;xCsiK(ko^HS1
zlHj{=4>1={4!H2X2S9w!E&(x)a(wFrs|D_$Ps6dUk`H-+C5iTRZ5owAyoX2whIXT}
zBKKf8MB%pdmpIL)G14+ugKOl!ObT3-hwFz)c429td|TUBi{bTqW`2REoWdGX;5WfJ
zh(D=vX19e1Bp*d0Nf0+gpA9E!@?I2H`bEe{94(?{L{E7|+ZE*d9!B7FB$Ws6!0;{y
zLW+cTCboH-@4!rt2I&vv`_OF$Fym$UHTVTX!kqEMgh>wkxduppyJy4+WQW*>*@~2t
zG3OeE6X;*`6nj4hJ`4apKzJ*<JJ?V_L=J?AS-<>Tfp;vif(QXN!n=*Ha};42tDX>B
zdeVlnp3p2@OI{Uh=v#cSfMk@b=C>fkYGM99PSy*O$vRx<b7GTF1^5`tec@NKa0PS(
zQQb$jsAHG)*m1HFM_j{|*q+fj`(A}e=fcNsdwJW!JuPTPJz2rtm0A-(No7+KH(|GP
z8oAkWpEd1$HVWGEN)-yi|1WwZYx)7?1k$;K4ttM17QYB|tfJ9xBPzi3s5zuyngL9X
z0wZ_g&gQX(^N7iW`b75TQZ<n;IZ%N+{D|Bf;vQWZJ<Fa?@(ytAF!`M1{Ta_HWACGV
zjDG{qjg(i*`^KRM^zEY$J-8&UE^W!c)oeefmcKodRXre20z)barx>;{;6kNnng^4P
zA-)DWXzusLDzR1)drG3_VwH}iXBsA*vyn9E?b$5|Wpb#{#$ztrqVSl@mJ;AYXnql6
zn-Pm$=Y^wci4Axd*%TX4h5D^|-4z?KsT~`z+e&Xx+dU@npmiUJLG&EVXi_Hf1Uv55
znH0LzP%}ngSabfQ&ed-`*`8Xp<L~@?a2pvXY7i?AY-sg>t}PGU?11vO01_Fz4~mmK
z9&f>$G<rXQtc4W0Ja{uofaf=XSvyF5PY<L4#5|Nx?Dv=)DL(gZBb?$Odb}7Q+B7-`
z0|%#lO`ZT7ly5XdxPU+25`(fz&S^$qBXKx1zLFXiT(fL30?%mt$0h?hhcsX=I54P6
z&&%waLT`mQ&$FURa~O6Z#Gj0KBS4qRT!XxKg6#>LAeulnFs;kCqbFv_XYs@LF2Vy#
zp`vK_{?qy@LSoF=(8K{*=CI4MynD>hxno1~20+{JK6dqw2=XfK62-XRYITR#6DoPC
zxNxgUSZbmp66bBu<r0wGR|tbx?woUzRxIck4Y6ssMK<>(bUQ_#G$1{}O<Q+(_}Mnz
zfvQo?OO6h>H(qGb&6t*HfFkBEIG_4tP8?<ro2(J|l++0`*HJzu6M6Z5GgRINs!D~x
zm3Jm)(rd5`#5Mc9??xI?1*a^BOR$uKEKojS6zWI>S67iITZB#M*t6#+W?bf&Cq;XW
z*{kJhpj;_X&Lp5mCZk*_cpw|!&|osYJ-slgmlvR<_Z_=Fu1N)#^HuXaE5OkNkdw%U
zc~{704rz+^N(_j!vXtAf85~6hEBSdDwPHDG)|O1JSeu?*#={Yf=ST}6#Z$E4<?~2y
zZWmerGDO*4CLW1<9MO0rE`AuNJb2P&6|4fqi@{gcR)MFa7x~^GO1!*vmbocCpWQcu
zyOsPu_yO#>P!Uk?3^SCTA62pnaEQE}l|Mu<3h&YdVHH3djBD^Vj#%~fl#W|}hfX5V
ze_8|j_rPv(qY+pk&0sjVYZK0f^5HAf81t3sKazOm@qqdK@TYnW!+)tm4!BC*C^hcg
z=$i3fwTTx*xY_nIL*308P1RhP>PVL*l>*?fWuUl1#zKN(hLOc`GZ}Q+0eInkFi6)#
z@`6~OS+WUkApPr$IR-O0jJ$9>2nQ&c){aTCzhdbXS?6};v?S@T09N(-!vPQ62tkZ_
z8x(>rGc+A@wbz5?S?Kb|a*V}yqb*m-4r4KGPr!l8#rr=1jP{d-Um{*yK7n*`G$|2E
zvw32qnq~%RnpDJ75h|L~FG5iS(+iP4PN&bEg|xXh$s{c}CsF%7$Q!-AJop3m_&PsB
zH`#NJdb`P_yNr>TLO7tp-2W0Z19NY>L;3ksD~(Varl^Dt4Cbi;8srO+DGK-M3U@lK
z=Zjym9#41BiY$S76rNO6m3u%(vW7I_c?wvvc2#JkUkALp9r~6Mf8+S`FAkf_;V1DY
z{t87Lf7I&}HVXA83QccPr^ug)MO}rs{g+sD|HK3q?M)*VC03|@k6NvdpEtg^8=$1|
zQNq??d=m9@SIHR^`u(@7<oU}I<2&xB#`oOMn!ottSN8b$1P&g(qScE%MhEAR?>>do
zOMf;gaKaMnzaHc}mnH^T&_yOu_<?rkv*i#fn89yMTs+F+jL<3}RKJ?T#@Vc|JJhh8
zzx{{OXCFW00K~$PhY;qM!dKey_;>wK9v)jY&G@njyjbqd^>~fMxaH(I__~7o5zWg)
z_!lSf)11c5*ER9)^u}q%^?Ug1RQ|cO6~S+(88x53GtHO-?dyl1PBY$t*Q%Ob$q}!)
z{1Kna-}Hm`StPe0xp^OcG*5FG^P51SaYdyN;NO+uO8uJpgdqo<{tLR48cR32Qun+3
zYvrE*7jCfl)f{n{&rXt|3e`7oNYj0d_z)L0e`i8G2ddEbz`|1znQDfEf~es|lskJM
z%6}%mHG{B#2+#~cYY-4GnslA(6Odkv1_J64mN1@b$M5CRFbo;-dl`NUv0;Ex19un|
zN`{P6C*k#PL^mRc=l5thwN!jQVcV!iFOeuO5#h9_e1LK!H7v0jB`Dvk!hLld8M0X4
zum@Bpa9fPVp@u&^6tR3OEWjV(^sCHJZ;1CHoB%)2j9!DE!qcj$^bE`z4xrUkxRpK&
zxxp}0xI+cb19f}~tkin~el^Q4@JDDj#i(0~4q`v&*|-uLE*Za4N*S@M6}f|lt=~Tm
ze#MWs6;Mp{DL9o{_zlGcJVa-;c)PnpxT%8}D7cJOO|)`iI$y?NEXT>RL*DYO5vZV&
zwcImJ9%3^VFvmpl(C~ND#MUc~x~6jxi~bdLG3uxu;5bT+=Ta^lG>8En#OrvO4DMu7
zJvZPl@=+uP|J}rn^6Aeu;!}WDF(1_984a$5>lxO1h4PXkcyMhd_dW2r-ko5JhgFjm
z#<akkqwkrrRlOR$2F3;46n~=X-pc-<llm7Ov;ODKQ1xGYATZ2<UO8-RGU~=dmasAv
zbBgW|YoPoz>UNNfhDPF@JG!y}z@Tw?RpJPWJMR+*L`fhr>KYIwQwYs5hPu$sVTNnE
zI0cb~x%vh(Y=)2frXVlH`pxgim}+OgSW3|DuTe7%R8%v$B;Uv85pF}TiO%)%-55O%
z(jQE;BnR;V0d{?y&4@pjJ(`3+V9SB$L=UhT-fq#}kPU&~IL<~Pt`rAny9%<TE+YCC
z#Pm!<7)ZSi&BGVAn&g)n5mJ-<8QjZ6PfVs?a15&ETc#b4T^fO3-o*L7smA;1xX`>a
zlBT<0fK110(ecNuyGJMW?UecLq`vL>s=kp20%xe{C0cVj@{GF8#9R7`J_Dy-v`5PA
z!oyAY5P~TJ8^||l@<Cup1e}uac-JdIpI!d-4hYFSzaHryenzTy|AdlxXXJPz99b3-
znXt$CO7-L|M&kuKSr%r=LBpSmzPqPyC5Xz?!i1+8R%=|)E;1?;XSk5~k4LArgK`F%
zYGJ#9W9R{26H58iBYzTugJ>gbpjbAQ{f7jz(hLQq+UZSfge0%nOl{#1>ybBlnrt_T
z@hEK!h#yno6iKi8Vl%u<%7<3A3E&QR&Ssl9c(cNig#^zmgvgjf7zo>iU!P9s8-Y*Q
zC1l01$)_$bG<oiqV(!pii&<H7D_?cT!5L3$(k=>*ks1LQ7>eRBZ(K>)@T^(8$AyLt
zPp<y^(`0hD${kV~Pqv~5fDe|NB79s!TrR|EE)(9{r?*d`@c8noqxkm@!<jY0-x#-~
zLJ9?s49IMTT%hR6xil8$s^9fZd4ZLiQ+nTHrfwOsIcD2CEnFvXi9>82vcVMGhSF&Y
zN+o^)5T1KZ0H{PpK<8(E8!k_|Ll1WZNk{v7fsbdg)T>|<?FgG4rwVM|KB!QJR${c+
zs`S=65BRw6q<U|5g?!sMAWqSfz%o~;zKLPYIVVs=)=T7l0tKikxTNvgdT0W~L;x=%
z3EoD0MXz^~fKa(2iL3|LWVZ&i^C6S8Izbj*V-v!1JRWiYm*QYa_K2*t=rG~GOkF+i
zz%FA+O5ZqjgeNH=@sx(n!xT|80!qxOdkS_#N@)vd_w=t?P;Oi}eJED|*ZhRgilGhw
z2;vUUbEKA#!l+s&gw_l#Abt{`T_x|&I)#oq>!n@HA~xq(uGgWE{2%NEWvk;tlZTq)
zLS;jtwn{GrTCbA@7U$<^!YEeOaE?ja8W{IwQKy?X>+|vu3=pK^19}PdmD=$hE(cAH
zgkyney*&@O0KVk#;h5MG0^4P7;J+U>C2rW+!CpHHh9x-qva}6>;P;VQSy~)v$v0dj
z9Fq5ByH=~@gzgx#Z6*GI%&Lfwf&(F3otFo?rv325u-R~71C)*EStKUMsPC~s_yIR}
z=uA1vAxj>O%j>owGV&(=a0zlKBC{2PM;hgeTC8ZgsKqG4xTKIm5WpT@@(ll_=_p4V
zX_V(bZOn*yMg-nF6bft9{jQn~tJug{EF%PJVKe8QNFw-x48$KJ@NO1!JWm9G2t}x)
zXR5p8dCt4HPlAAlPf_!{7%dAibBC&GLC~Z&O}~bG7|m!9d#RF-JoV)z^ZI3ZVQ)Mf
zG7Wnl7%kO!KZsuJ4qb=x3y)Ra2$W%xR2_TT*U?4Q@t)lc(ACmX&O=_bR;{BC$pm0t
zq8SRGA^L+F29~45u4qppWE>ySU)(SK$O!yJk1WqDDeIr*-Ho$+f9U!|H~>GpLedwX
zOa}EJqz5fz3zdxQc+h!<@&Hb%dX4&-Hxfu(G_Y$q_@1kIA79116U>~<<aV}nENk~z
z?!7`5jk@*ISjz)~)sdAf6L0b%WD$Z^9$L8^DX!4!)%Zld;T&UewDL=~P54+Ew-&?P
zc_BR@`r9&%#SbI%^M3p>9&R@L)WpJ`2T1M1FIt`cq3J0Y@!*gLEC3)O(Ca5^JX7=q
z?qD-BbJbXbz#hoscXDqa3cr!?%h(DqQD98&;>Zo?3MJfdyz8M+8+5Y`OxHUWT12|y
z#UlU2Dp2}Oabiw(-^UC_U?nh_uN7k-1~Z6mQN_`45=F%$OU=-@3NCt+=0*YK2?@Oy
z+J&l%B>M_+E?|b$8!OCLig;E><hPc-mWqP|&u)<8p)tHujX8S*9GO<-c4w!VdXV$N
z$K-J=sRd}%lH_=np&}HOu{Gj1{zLzCL&(QT#4f9Ph#yO&YuIy_<ToNoHeb>(t<Dn_
zZ`2_;fU3p^=bha)KA3;DD0{HkAdaepINf^lRStp27rcfJNKz#|4D=uQylb_lM-c{|
zc-9>}9E(0I^HtQ3;xutD9~eKCumvUfI5A(XClT%U+f#<k5<$(AV_3puV53n?#{XsJ
z<9W7bhR++is4tlhc(D4K%!e#x?v1hyHt)`$Ba*LheuU7|2(+*aZuIz@9dy-)1HE^*
z?L@*XnU&@JH(tf<itBGH8<~@g=#uNWjC`_%D1I~)$Z`P1g*Kkr;%{?!JvIa~Q0o5$
zn>C^CXf{ic7Ptnj&z*w49z|Bp2Kk{IRR}B9mW940Z4L;;az`lYU3csC?Dr!=QeZ|Q
zW^Q`T4m>d~QVon{Hn9mv;J|-QNUT|f0FUV7^)u}dK=7MT6#Q;fKh$fuvi1PcZ;S<{
zdH7=%;190+gNYG><v-NT2pl);zX9!1n}h9=#KB$)4i*lc&?4~XTYo$Jk>_-vFyg5W
zXKgpsO<^TSi5%V+i>Xmy;Yf8g_`yAuD~^co!<Xn(D_?9hFb9IBs;b5XObXnOF-PR0
zlb(<)L~!if@hSMisDYilQ)a6sKp7Qjm3Mv0gDr0G<OHI1(;Ym9lgN-3w*yt(yWln=
zAC({)4Y7}QL+n?)A)Y+!{^1T7=pD0K6LY%DnABL*vq|n?8_pu+ozlQNrDciLmmV(4
z$=blMedw6j1OT$u1K6iYr<s`I0mGwNBlMW7CyovR$Q;B(HXtLRDGX4YX+D6rlKIMM
zCg_hg3%Uf{AI*Zs31*|y{MU}{k=^8aP$!VQx^>qp%xOT*=;^XO3YCa_1kcObWGENA
zcPzKGFL7P`LIlDrl`tFnt`AAw3VB0|p4juyV}3an5@H(_2sU#3f&!dpgxN!xXZ(nR
zA8Ad9ci{hx0r8fTmb_5;yAf&p$Fi)4v%ONn8H1flq{rRe41wb?fu({N`OkI1Q5esG
zR51mWu%JH4DdP)O84P!rEd58a#c{x<2SQiK4-o(|0=;m&$A-ayX32MrIvJvKt;i#L
z8U`=>E(YDkw!pjdei^<6F8{vNS;r^r<72r;KrN!55ij;5uUNyWZ9A6xDUuQx{r`fB
zcJqOXN}m&lRZ`I+@Db{C3K5mBco44qfsj+pT!b4VxO9Y&iRFS*OKqytH)0Up#AcL6
zeX%UtX?6d-k|PPiQ!-TSndIhO6phirR(D|=r_hIi8+T@3L%33ZNFmf4_a+IUj5;Q|
zQg;xsWMVK;+)T;5I-+@u<|0X~DMUj^z!PFU;zcaQ4p%856-AbT&sjiZRMdYn6#}0|
zcGf+8bt66nXaJW>;P))r6Z@rW;YP-2u~K=-mv~S7*9e!~tmIPzljKwN$IG$$HOP|&
z5}_PMU4Ot?*VfDEU&e}#s_*Z|s;{_1eWgY~sGMS^>we%+0DPh#;K!}cVNKqVmJ)df
zDV>SPFsg5(C$;16<ML1u!^!x1NPk4$3VGDvqyawOQwI1d1~^y`@FJ`S8Q{0k<HcW%
zEx%3Fx8+L0tF!v9=ulrNghnzr@99Sk%>Qv(3MA7UEbx?%4RP`yksSz&aFJszT#h7H
za4RHQLJz>;H1Evdz1~ep=NX(819ULv0x|b*0{^qo;q(`G@q+(W&OXaa%q;JAP?I7s
zK+iQIt1v*JN@CPuSLi+>i#h!u(c(bhmxM#9XSnY7(4+eO>PN}_HjvvLJmd;3md=Lm
z?$}e4{Uc}o|F?h9D=_Clc3Jf=#{Pw#xrqIH#eoV>J>owCjC_r~$7-X`{b%soSanfp
zAXb|J4Sn=hXRyubZ|#o_W>TutzjH*XFScXOg$R!C;%wg8)#?9a#Hem>B6k0*Um2_B
zry+Buv$^$nXY(gr{kun$b=z9jZPUUSZzAxP$Hw&NDRQr+xwY%4ZrjT6;ts48Hm0FS
z_NZ>nWx=hyJrP`+bl#Nvlk|yJ9(<GPC8(xao&J&(?=EM_ZRy_D$Vdt&^a^O^SU`k1
zJlWjIDB${s1NOcSq~Sn<7X*uB4K_tjBz~IVYg2Je(^c38{S|H>8i655mJ`@Uk-hXl
z5ChH}6==HcEvK)ob(R}{_s^Pu$O!<-CnNCViY|l>>Pko8+GH?f6HcSLZE^ZP1*qO0
z)oq<~;rDVgBN(~&IJ6YLwoBx8jv;()T4WY}*o+kqq@Yxkjy#@&jKFTF(LjG!s|j7!
zhyf|;^jXx1>pRqXqa9`-V-iGHB{R>g5&80&Neg%1ak6kBUw-DyEFc8LE#yU@ks3EF
za3=RTFUToP@Ige1V!1C%emJEEU<qKZx^9FgR$76-q>HzRM0Yu26B{|Qs$PR%#8uhg
z^gMHu)4^%k=q!dmQEo7JhM7!^7q|+*QHZkyyoNLi9^HgwwgGkWxm)bctPlSZ91Q}o
z+}{gPH0r*^VCCqC*yu@eytd10mi@LKs9GPhH!?RJ$9dvoJd4QyL4g^nDKdxE6c7a1
zq|gCtQokb*F3)4y+#-lc)Xy;vlQ(jM{aU2Q(1*3)d^@oP#@lnTMZ&~zZjpaP7tbkp
zWF~Liu!)$6UgJU@PQ-$oSnl*}PJ$;5t_H^W=bf1YGIl(=^&%QfnNZ?6(=jLan~}yX
zWoK4{=}_#j8Wz|OK>>iA6M^lkn~gM>bWTyY0_q{nz2Lr+aVPDmVdbmdO_mey>xhYL
z#~*t>*(_&Ks>FV5H({{}gqI;**i&w~a#|q|gda<V`N59|@*Ri~&b1Ml@dJ8O^<!y%
zllt+1ay5&sTGg*+IC`n@KI{T-0;sccEO&PfrUXn8nJf%S$=y8=v*8?zs95esX3+7<
z;0C@<N@BTBN<k<YVb4P)<0+SmN|EP*ZD3KNs6xG(NEB&A<w}aehdzjKBFRTS9&~CV
z$M1~Aa7DW$>KzdI5?D_~F@#mHJYihV$cKn?2Nkv0ir>bnUV*o2ySl@(Q=>D2@B4R?
zevT7T;XACz=SYyxPe49fK@(bhhxgAqAO4op{JS%ocY}7eb_Fph>$bMr;f04uD)3Y~
zn+VTNkDi3TU7B}y1!WB$jvj|lTJ!E~XScSp;99z>EBucu^;?|c_Otgel91hwl%&|!
zx0ifn1YW|3+wUhrPb)xAf!gi&xz{d1UU=)}45)*?JDi<mtO{hs#bW`WTtYlH2O+rY
z@LUWLT2~Ow8-};ex^DRXSyv-GJ{9y5-$`9CLVV|>VZ*?F(fmm^$Yi%I{#_%wz1MBy
z|Ht0D2S#07fBy*t4GL~hqw$8T#u8f8#4C}D8wK6fjmC<K6>a>g7%keUiQ)}|Ni5rC
zEv-~(tNo^}ZL#%f@kUWm0)l{6Me7AG)p-A`D~PosYIT3F_nFyCKx@Ch=XrjA{nE;Q
z=6>ePnKNh3oH;Y|3*(UA%IVlNEx|W;0=av~1xrkjq#;e+V#J#M6P+~;8!$GG><e9Y
z0@DcZ0Q<0b#6lBRwS_wB$F&cQrCQ;#4W${*<a+tv)0zjIX@@3qy!Bz6D=Q3Zxnltd
zE*#`UDJ>#(PY0J=pjMp3Ap@uO9U7J}EW|k#PI?6Ud>IXE0@?iV6NT4%+(fy>CQ4|e
zn_FaIrOHj1HPpm}xg|GGoC?6EP!CCd$2c(5eIBPH0!;%F3`ZB~&Rd=%sF~af_HF4)
zVHCl4o*x@$Lr^a4qWkx+cq^?+g1s-YW{uTb8}0Z6a$PO#M;r>$hXRzkuI{LR%~W9h
z`x;zWkDCn4Yv-DR(Ry6#V%$OwErq&T!8G);lO|RyHKR0hc47^JiAbmvqS3snCvg0L
zrEhNqi4Fchlj>k%PRUc4Ce`3a2QSObsXeHYs>(7|{5yb2H+Vy0S!P=T0})3CFGXBr
zw-SyfHpNG7h?OqS%_<PdIt-m`E??%RTaGTVmO(%VBme1Cd*b-7ooW&f3sdb68g$5$
z6Xo@7<K1*SiRpF%)9pAv+x%qvy1B-MrLO7@t1my-5DVM)V!Dm(H@ViFq(;$_FvGyk
zE4fLw6O$~|eFs(KCR+Me1Z=LQZ&uC!Bl3*9)tQ;M1!d0q-e!~;>iRFUs+jF`*{Ks*
z{koh!+g86}&=W>h7<mf}+2kOSmZY~K`s?{X0g&MPsIrS$K&a~zbS3}y=lrE`l(>yE
zf=5;QT{B!;Y}#<YUTTMst^CViw_ZjG!6dru`7O6zMl8ck%HZSeqP2X3jm}oiApZZ>
z{58PShXQkfZLpy90%Gj^ABpd+(vr(rME$C^6Os!S5poMaTY3F+p{`e~FAFSFa(Z(-
z8EK7ig2tQSlHVICw0&dh#PTD@>=<H?(7rzH&Q>>2UHhHttgVFzFaaotrUrd;Avy(u
z8(eUogPqFA#2zSA;tnZBt>WAIQ!Q3n#RM$*q`kL%o)^bCTs`3+oo^#Us0{N-B9ofx
zQ&WU{d^k$kh9y!9r?qKE-8ed$oE(u@8P$BQ2`Ya;353I)SoIu_we0{}xb$}fK$06d
z(QJfsQqGK)QHROVAD&=x^d{u!2?&?*`p-h0nvgjWkI#bmY#o+??}=MW4h?l5N@<B!
zN-!&l9J?3j*6pIMsQc=gx?<?z7mhDQ_4lQy{(jSFSh>@g8BY(Bfe)VE<D)<c)~)pQ
zASnNm8dl{`41i8`G{c?W{}xwF{EIUfGe_=Jl69ZE2)sd-j0<NCY%WS|ILx=LP8XFa
z+&&D4^X)@iftBh%^&&QCK=>8(Xow7m#>87`<c^$pr_En?-9`;4wV9PdR;BX8%^~O9
z>JAD7tMC^s9N4gflO}3~&^|a152gesyWstG{~4iKX^I)fHzPDh!cOrXyjDxIjF&a*
z?in?6`wUS*bZ7T8em4jz(4sBKHHy~n0zsN)(vPAeND0Pa>t}x^ddcxH(6+5*w>rT|
z>sqAyai4k`Q|nPB2p^OADCRy@%HZRRxlf6pOnJLZ+SjN^!U}aQ*;R1Q_2b3!kb;b(
zN~1b{=M&DWX88bi%JSjJOpVPWi=CVBkDZ`II8+5`L`!k4WX5Xb_jWEh_Us{x>_~J?
z_O)mtu&Xp84u9&A-sU;<;&x(g^dh|0s5E#LE(#NUcK+y8>Hqnx$l<{H-d%<+ApOuT
zT24=}^~^x!n(-x#WGHLf2AXU;GX3KF(tj{(Y05mhV2%Ihfo>!gDNaaO#fKY-1$<>I
zZ%_sw?;LJ){Y3R>Ex3fVbQhroJk703CeTMYrP8HZV|_rYpvWZs0f#F6>;u3?1qty~
zOKE(}9n~$2N2q(D;7B?J2ByG03ThetrN#SG#HVV=TemUujehlwS?ue$S$Y|#Ek!9N
z%fiLAn`o(|Jw0=AZ53s0)9^Byh1!aeHjLh`uC3x&qc$Av%$8oZLndq-##vD+>he&W
z8z0+rEUwi~rnLRnDp8}GF+bE-ZKe}_FQyT27>scTHzX5!?EJ3MjY})qw?nl2aWBD+
z*DHG8Ez9*(cF+^(XG_Dz-ckZ9BjM*F;V&ZP8*~_ty7?-Kh+xX~I|dP*-%#i27VC`f
zdgzAX=4eIAo*nvcwG0O@lR0#UG9)J~L#5(u@`TvQ(c~QC1Lv<cEWU)BRnsryK~xdZ
z`WJYc1Z;t|T^-imnz?w_Jl58NwOwmU+SUj-jUQGWyVkZZ)f6eAJSts`GqfLOABJ8z
zQ|b4U{q@)J`gEx4I}_N3C1<p9WqQ}vcFx7m*|h~j-EX$Ys6p0^t)IaOrJWXPtJu@s
z&+%FHXsl|#sp-qc&hY}xFf|_PzK=fFy#xfAJ*2HJ(hvIfi@W*QQQCmcKp)RA?%JXS
zb+om+>C?^HUAD1nSG5?)wb-_c7^=gtf1}~_a|Uv7)PDFD3BR_4P`9Ju%}U+t6K4WA
z#~GR~s+BVl>8NJ$sk?jcUr~I#A@l0l?qGwtfsOW>_HC703ju0uv(a{%5iMP|JU{_`
zq<*=L_F3%QB}1HG2Xu^SW}?Wl?T7_N!b2h9nZ1;*uILTQx_UM8Ed&LGQ9y`&u^0=x
zYi@>Xlk5^?A2T`Tw?AIDuDuUxkw<v{@u^VPtJ<UL3e+Ray=7r^V6qSLjG_J*><Ji|
z3Ut$V_NZ>z6MU;dM01~LIDY;+BH5#ovqyyaHM@9m+-UpI#HxKu=t!vh?%f5bDeJf`
z`00R$C<l-eaGS)fOCt3B@zN5?18qxa;p&GdR}z}|1SH&YLTc0qOhH<-Ip_+Jfb*ep
zQ_zLFRloev883Wf({K}wGL+5f=pNN~a>9tJ<C5_aVLP6^pQsWCLgy!?Z5Kp2bif5v
zJk?>7abw-nd3*H6)GXa>XqY*DgV+^Xheu<b)7RKX!^}mw2^mj38VgNW6YE@LlQkBa
z_>>gqv6;P1VuLusS-5d&DLPyCJT>D~?q+r6%*ExoO4`fKa(5Xw;iUJz9BFprb$fx5
zQmCuCG`%;QmqkL0JKg6L?DE|tH6wJs>cr3+uBI``hTF0b|EJ30AAf8}>)MW%BzbB~
zr6}>^1q<3VpnZ%`*cwYV63z3_Wc8Yg0pbibQ61<|BylWk?ns2YBc0~>$k7Af$gqsv
z#bv8;r7a#(g8+z;eLn#Z<?;z86ra$LS1un=%CaYowhTZ<f2CBMtsMU^H}1U=fsMQf
zG?^WWZMH^1898P0&y}mcGWqY|!1vcHlfz;l^Qb2n%<Zup!*QKWUQ#PvUQPm1|C2|C
z3(Dm-Zr&!^q+D)WRT0e|S?g%AZTkWp>J0O;?K4MgHl7D)JimEV$KnyT#^H`C>!zVe
zy<TKRe~hRFA!P8xIFYV!o(`ZkLJBM*(6EGm=u&Z!*%ZmCnr*9No9!>iXR7AARRH4Y
zdXJCvca_;wL%*s#4^!2-{Zc>%#3r|4;=`$t`EY7vKAakv{X|~p?6lCf)zG$$4=+N)
z&NO`ZRWT__b&ElSuDeTsBGi7*mfPC|<evpHJg<jeFWU;HY~>kRI!IWgglKBEStfXi
z$})^q1|RP<(HEO0x|;aR)CB{WZg=B+PIZWL_fvD1_{zPSyUUDoT;=LYw(`|aRJn^U
z7MxcqzA&K0yDB$o;^i93^r4T@Hm1ERdyy)$aC5ADofOh=PpRJl)ua#6ffVzDZ6*97
zMcZJiEYzLkt6}C5E$2>a4Rt@Jz{c)}sFoM#9(18)E+m6Q4P*zwXtJduilylFFOOHi
z$g08?hC59Bfz(FlsEhANj_kNpA<0s~SyV&Nq-=t!mCFqxM?&Hm9BS8+*Gz)@Bq}Gn
zBUV;AERo(bd%^U7)@z*#%{qP@p@nPN9`E}(n5%y=)H!M&n(}1n#@219?35{6d5B*C
zzCBiba7pPh$~0`8sjFEaN6uXd$xNQm8ET&Tnh0v))b5cRQ;62u){noO^=O)|>0?9z
zfNf0amBG9T+m}Q(t|$$4JvT&hPT|58Z>@Myh}D!DBKS}V5>o~uNMP2m5fS3*811R2
zzo4i%4!X&zD4SHnVXnwG!VEgnlp-aI2%|E`5%LgEg148-Z{l)pf^k=wH3=6DID&AV
zfwuo}IC*aCw_}p!OOJZ$8mv`=nq<M}69z!3mFo}Pg&)5)^<Ai29XvTvsaWKwXlkzC
zFuxj{`sx5A9G*<`U~Aj|($3^zwg^-f{6`3;SMpCR)xZJ$6=Cjr4$VG?k(wlv<Sv}^
zlwHEn(G}&a1-O0A>g{pFB#nbeX|ny!t#0<eVf{j>x%3JjcKMiU3KyeMBvcy=J>5xc
zLL}!hYmMF+VK=<rZKqIfRF@sOeGWf1Ai@vo(%{9T3`LI}@}(%c!w~3<mRM7Qu{_uW
zYSQbu3FhovGp)LO^|Y;R*BmbQ$I$c1Vj=Y}UOKLLQOk{rr{(iMa*Nva^=|M55QpFk
z2UStnADE)*$W}IeFq}3Yu~~JRGRvbkg6k9s|0s+~NGGu&G<P{yB`4doNxayY_;|vs
zbD(Y0nmfXP$QJdI9zB2F8h%#MV!TuyHD%8i$!v%J*_kU9tI8v~72lOPOw;=E2upPP
zF5GrNGj_EuPrRM29R0p1@m&zijABhBHHs6c$?ihX!4VAV%bY#^D{a4zjhW=^=?})9
zo*J^1pRD)A+h0_@aV7_jhc@z{w$7j*8Es-h06xlLtDHJqI`%7(X@+#W{L|rcFG}XL
z!dQvgE;HjS=eF7)Ogc;9PwANRcwwa<u+HQZ5zg#*vuQQD;oj1XKhUPLw0#I?h=1<o
zv!UZHEY#ekQ#VC}mcKJC63dMZ7_Wr?grQ8G19_<mZMaC4gwa01&XglQvWZ{)<vL6|
zz<OJCkB^fGr#~w+pN|gnbi=_mddLtb*CU-=z{+f<s_v?c=uagz<&FBKFw<ZsUI?C9
z21jBfcSMMq*oDI<S)hsFlSgdN__JlxGXfFQZ}K3A({KI)6oQ97#^@XbEEzd;zM*no
z#lVeRFaC!cr$aRWIUc@9#b^POe~5!hp<EGs_dYC9=~4V6{%F_)+2WG|?xDrvlPj?l
zHwNi6k{_%SUFAmdHm6d8_4H$qK&TneZ%Eb(HzWi;!LYl*N0x}g_-`RmLy|`*)L#|M
zWYh|aE%O8)doa~<at7y~JWx|OTF-`_PKLT>Q5_y?POjU9pWEE(ppCpLFy5D{JbyCW
z^z0$m;anAs*g?b9t1nQ6r3U?g?+iE7oPDQ?glQzR14(~X($;+Jv!~^cC5N;3$6*!*
z<OmXVtK|bd@kzEREN1T6=I5XnQlT24;-kp0e*+bp>?VSd{^@v|of8kv&&~^AW7wrR
zR%aE08Dnu~gN=TngIT9d%llkMmie|aamzF$d%K(wH#0F?dER@Pp3BYK)iPz4%L^GE
zW-E6mNi#rYHMpV#{Td~Bx(1(vYQbmX3--RqegZj%+{Q#-(8>VmJpnn70?`_W?%BHX
z1OiK_PwSFqo=#pg?3zWIk#?Zu!?ivv;!(QhwbDfrp$c~qB2?i{i%l->CBfw43gsN>
z4xd9K-Bn=KASgvh>RE1P2G5Qi=&B_$p9wH~JeV4mEk}$PcWP^tyUFrk^C3Bwn7Jm$
zs<TbL7UMxVX25iM|5#D5mQU72oi|Ge(8!e_%*15E=+mZNUPya$Tj1VY(4qWYOd~j}
zsrUOs%T6Frr-8&xWOsU_N}4qWh6w_#3fPoS+>sw>hpu}pQ!t!OwqOK(iVwD%0kb$s
z012UVJD5fcm#3h0Wk9{~H)7+M7chBB^yzPrLKj8vO}tkcx{hnyPz!HPaDQvYrflWA
zu$4?-ZaIPbaK4u=EGI1os$NNf#^k1vqz<Z8yY5JB+F5HXq(?JqfNpeiRRiqk$1MvA
z_ZU67<w4;EJ{<M=dwqDGen}V3M2A`o6c%EQKo${U6F8zlXaBK^2&s;Y2-y0!)k}j|
z+n8#@H)WaTN33%l_Rxj*HnNrLnSHW{HXAWsoWlLxOEw|>f&zCHAR6l)YtQo%I|2|W
zb_5^@@+%e}vu*oklxaW}QKqqCC{t*$nJRAIMCUbb^Qfo)GU1Gr<`B>Oe*k8LDuRU$
zzr*Qtj*iphur%Eu`c+#YVT~meq;+eT!t360z0xomI+b93$WgHRD>~I|%Ture+f%T^
zjI(RXQL0JZlw^Vgr+wsz*cnaE?QJMu-tJ!Yx;&$<IOA${+}e=g`p~@o>dWod$5YVT
zuLBl>vAnEGoEOyT4+XNHvFIK<wQ&l!4+$;A<vHrdaBnauzvbx~LrDzvyAI;lHbvcU
zk|~-@_NW#e8a!j+PV2K*cR!t}h|XMAqXg+6@6t!-;tFOf#{($3D<sa_@xWRQM?`MN
zUO#?d$(^OT6VPoH`smMyPApAd?5c34XN;^Ham`@l<9AK|^>0ERNyw-}s};v@I(zg<
zBb1Z~@X9AoFh#!o@@Ge|jWqxk9CD?ZG^kJTjDXx4hXn*R4!!(>`10I+QSJ|fuKR;B
z$;Uqa;jV&T+z$uH^l88iGl)=h^Y!3c+ZUfnyLlris7H0<)-rRqL>e9yd4?O!=o$a6
zb639z?);YEcf3!FVZTK%$AXic2HyEeb!3&$#!)^}jqyLC^erw#iV?0>H1PuoqJlPH
zkn*c%f~QbE4G!b>IE!+Ar|e&-TN{Wxeg7P?i_SXlS1Nqh1|5e6LJ!rujh#ov@L_Hr
ztVkh2WFZ8H^~*l^6&`o{s(tV_Z#s#f6?mmlpKiaL#|VB{iQ3h~?BUm@t~zF%P<+DE
zKdmi@612V5u2=v>2TdlJ-kDE5Co!eEHSw5@p_TDqpI70)Rz(7Pp8dKlxWFFqZ@@n3
z4F|S$8L+L(8dJKQ8zx332cT``ML@xUhuA)KpAl}K8WupFL$Z}GJ9Gf56hOVli;r{N
z(v!+9r&m|E2H#zt-`5)sw6B-@c@2~Lz`lMx9Z$c{KSHTcD-=#w{}8rvs9hsii5JXp
zcCHB72kW{U-TVgpm2=6M+kiJ5#0LDqn{WDa&vl32&>nm6)xN>&j*Sfby$wY?iNM_D
zTJVFW<xCK0IWurc&$V1jeE*h(k67|Y8|Vdh07?kia}O(5O2NkM%GA)rYsk~}%i7M1
zCJ!!+*WsFHLTP!dE{JAV>Xafjctd+1=J{1Bsw0p~Yplj{g_BofjZXeerp91G!rQao
z<~S3B)J8GE%KbnQb=AEa9lR{my_JGstPjNKoqJm?n0Olq>(5BaeslVyf5a271>+Cy
zuaI$rJli;kn8SEBpSG4^Wx}g_NE;ug_qE?U@@6%g2Dzq7jA>1iF!z2G?o$&qokPR9
z(YU*Admv*$*A>FBrg1s2*%;U_n-`q>T=z@dAH|d5cxu$OC#1%{7qusn%9b~BM=1Zq
zLp;%IuRPr2s?d87^*EX4eLB6P)Dr4G5!TXRTLN8TpN8AW%K%OkX5-3u+YAC<Jr3D9
z1<o(eE`qoeh+|9g^s~4h{Yc9OeOP(w6MeY#nh%@whRS48^bt+oSfY0H97usa4mtl-
zM<30OKDclKeKgi>Dy9!SgXHPsoNuVA<QDXyeO_WE)L~3zmv7P2y1sbbr$!jt5X_0h
zV&z*BMrFf3U#f}P`#?t<){!D*-IafK8mWEo2%l5`z_fWFMN|q9>!cX++nsmUVZ`tX
zRy3OO5)HlLdjVhB%B|r|d0tQ~Q>}k}xJ+I(yURk?-KUo@Sq_W2HS$?Q);&uZ>YAqv
ziC5D<<X20pI+^ZNB+o!wqvsS05a$}f{W}2y6`cV4QUSurFWkx)PNt0}!VnndO1S%b
zp{^sP>xag*24pMuq&w*Yh%$4MSKaJ5@GRP3c5G{rD}$fxU(gpSN(;HDMhm%9J~nTo
z?zw2KS|UD#j`s50nqUO*!ZxrlX|ygInb(#a`nLAWZ-+XcAh93Urxo!GzkkNrz)`Qc
z&GX_BnuvE;YWg=6<5iRKoWXZ)8W{RXZ-ah1FB8YYXT#FB%bZhi6f=)WW~l!#bo~@z
z#LEF119hl>Q)~Owl-)cHb-!uU?Zk%k{**PVxX#`PoLa2ts6XbHX6dFSC*aTaWw*GA
zMm4=_?APzooq$r%O`k=r=%&9N{!(&3=m1CVt-`s;-F}@hRGd|9j=I36;J82K*ECyv
zw5A=PywIyjnW64o38r_m@_w7GF_bX&%W{#$SL@-={6oHzTj=3`_>$|Z08?Kb3;PN^
zeEWXZ*QtAcX<v^qOt9NA80o9;+n?{r_swQ~PR0^i&7SO(SN#S-Fld9I-_%vMk6Xz;
zPWM`4ok!TaiPs{NeuMnQ_gV*o!E9xP)#7#UybB-ddj6l;tj-Ltdx8&5^~pv6_jq-^
zrh2*p3(~q?@tA1(mz*cF7G*1c`yxnTpeIXh(A86|F~W?3Re&Wn;83*c(jk5gko8Dh
zOGjtl7ssWByoa}g8rigTF01l6qRETd9$XPb6PNJcl`Oy)^B>#QOEyIlha-UVK-1D%
zSu{lJ*S0@p#uQ;zsMBM~A$Z)Mu#&Ut7scgci6J}15)*bZZ#n=Ij<Q6w+WI&_N4ZEi
zKG0OKBzML&1$zqbox{e66<x!fn?jPh92r1Y!3$UEi4-@vU<aYD{m3d|Mr=^7lUtdV
z2g8DvG&79Z%8OrM5QVNg_tEs_n$l>wB5vhrlybpl)WF2mJ`yddP2wJYsny9qYC6Bh
zIfYuok}#>!lq2m7T2&w<=7hww@y_#lD|eZ$EgNrd`P^3BLz=lE@=QU`^9{3pIF2Ll
zO8fWgLwpRHRZ6wrQE<&cP&>J`3vkVm%5Rqqv?g&MEzsmqr<#qR&_dWRB7wX|M|B1e
z$?PRIr36G%I%XaRx{L%H?o$+0haFZdRkqZ0n$hGBdsXZCKUu@iDm7HfU4cnlt-!bh
z6qecD5kn*OhmCpTZ39hcFmx^R60j^0Qf{?@upK*ef=Dq>i==72JNYm!uLvb_mNH-8
z-l^Q+Sm*MvT*;k*E4dNoO0I2$b0s%|Loj?I+Bw6(=fq^&<w|Y@^;;tgdQ^{OPWUGs
zdA>%S80aj>bh&@M+1v+9rVz~tX%$nARYBvkj2nlw7;b!(3mNgIS}UNoK>cV1s6{L#
zn8G8yW;X%-Z3GJEH|8cd!jcHVY~|m8*N`$|FQZQXc#kTwsUX6nqC8>p&HtV7r4}HA
zuTm%HNVSUmB2}$MW^GtxPi6$mdmwp2rAi2up?yE-nduZKEZU>&1qdjT<o3r36iHAN
zdDESrvQoQAnz_U7A(EnjSAonn4~net4Cwe-SW1IdlBeKkuuG`7^}oxp3_5NLO=?gC
zkMzQWmKike>7Bq7L3KkEtm#he_ANz){-P;gntU64zD>D&jESK%<@N-@986AQg$>g~
zIe}O6P#Lu`YW4l-(Jz&D@SC4`hWj3x<s*NA$!VaOluiY0v(rHSYT-DV+9Upq6OPYy
z!tq8g9QWHiMcEBO(sxz~7E$v_yYZ1slpBowc2Jl*NJ6%WwPTn;s@o9vTc<$;-MpYX
zh7V~MRRy>+$|v5s3%=Y)xPisxsP<5weq(^HCOs*pY}i3~Q2!(}SoY-AOq@ygx}}wo
z4(mmBIn6F#yX9)C^GnV}i~VhViNA;^p6|b|x;vA=oUOc@B(0!L0s#_iHc(ii2Zzkx
zK<AgO(=+n*Y2h{aSf^W56#%z@WVB<K;9vh_i$cl5rmrN_wI|}e#9UpmNDr|<K~Hy>
z-N`8yv!gSY%J_}blALTUgV`eW96N`V4dIVN-CyX6OX@D;OZ89j5Lo+P?b?g?OR}dO
zvZi(M(8PdWJ}t$#^H4Hy4`%G*+_o*6-}V=IEjfbhVpAF(ZHhFZOwYw{Kamx7iRmv#
zk^g3&f5@+%a-`ZUQjPk3eq&u<@jkA2pZ^^EhZ?t_(*FCnL&TZuf_UBQwvYP;L2dB0
za0paeGMMx|g!PADdqw4!YHGey?F3s#x&_({i^LPJqRUx?zErz>zqPPi7ZWoKKtWAY
zOE6uhI5{jk;3;t)cRgb?W;f=YStk)X^249m8b%{|Yg7&3CHCA{@~4yS+b+(wwl&-K
z<h9*xd!kF<H%lU+Y^&_@Vj2N;Q-4}F^zBU;e)o(PGs_z4j@oQ@>6vP=QfH{1InW)!
z?`p7i0*qi)_13dtDh4JE|A|+!m30PgceCLGb_y-WlHDyn*aJ-vw3#gi;eykBsywWc
zDlVwzb-9?}EFX+o=39-actjW@={7`!JtAHQAP%5~h#QO}OwxtEe~*Y;|CU2UIMjUt
z#+f#FAS#E53P9+Oh%2AWBO+{ws8TTyp{!_pdC!L&jN5#LJ-CbP+rX`DJHy6pTmjry
zjn{CPBXE!YH{-UR3FpSGHq^a96eC&_xO=%JaCGK?;z4`ji9D>BNg>i+?WqilF#x@m
zWB~0g0(4CQ(1^$DFX^Ah>!BXd$k*X@Vjj>)sC(yPKs|xY643n!Z0`cB5regl`E8y*
z$!g%PdECHVTLf-U0Jp`1`w6XiaDN~f2!d_-I&g1dB09XH_2L=50$x419b15VDZu#o
z&|=^=cyN`~z}?G%yP*i&5-~<cwap&fNd<7%KI_13{yK2qVWv57n?v0%?7StoEws}g
zyUYKY2e;Y4{k4igwaRMXUP2Ctq1-@p+{OeX2X2iA_s{gwV|Sznx901>9i0c4gZsn3
z1YDt|Ke&|zaCMUeb+-rCFeuu6_%VUoj^WbDlf~V%P6r#W)wAvG&4|@7Db4}d?-Ad2
zadZ*(0{X-6d+z{=h4o8Ozl1vX+llU{c7L2fD`}XuGPd-c0h+TXz(is&Nxcga{mKbx
zC&u4lw(G3@s>-5q2<PftA^|(IE1H+g5Zknm0qz{nkE#e`&<Ba+4xlrSTEC{l>@`Q!
zH4%BR+qDRl$y>vIcus3fK3L1Q4$Dq6ezGSR@+0#jxEhbVUV6+|LT*~09%h^%|4T9C
zd%6W+6&yHIo43Kj$m2Qy%K_f)0aq@F$7(y!0Kav#15j&hK&q`;;@_U^n>-y|1>QZh
zufZ!cOPjuqjy5o%9N9PFfUFp3KTCTBbU&u@`06~_HyIthw4+10vKrZ6MGo*P^3lNK
zpZTZFIdJFNy`r|MhTk<b=pjD9Aa<z&I{uY-=KXUIw96gpzCZxvxb_H#>_vk65QpqN
zY_+Y-!R?9}=(Qen<u=fJR|)h+O@nf}U^BV<B@um#)FMbX&HP%IrWd-@%BSyAS)of)
zB#QVOQeW4l7AB|0VXk|jq5JncY}us+TXgA2pf!f+idmN~R7ogBxvfj<Rt_)W)w&tx
zdEK@+9drTD?ONm*njSwT!kQ9Q-_~q@a1n8u2H!*dBu|2Yd%FG%EIk{O|4Uo_#>5xs
zRtGuVD$3oqW0~F;z?D$2UUt-14xa7%uVTJxlH4&&opeV!ncYmEkxmJk#0!}rCOn@7
z>|8Upv-KI|mTS;Y(E()YCMG8hD&wMcJb5Nh<vkLfkQh=rAu*}641uq-oWqt<485k5
zlGYn$p0phltAC_zf4nFq$AhM}UM|_SZ;$KHLFJ9f34<yc?4AiO78KK9Du&E$=5kj%
z<65mZ+G+uu?I?vSL#1#i>JUmaKNt94AuyJ@x0fHWn^xg=${}Jm_pVh^@~44Ms(^Na
zA9GC?w0H20-S{ki&}6W&N7Z9vHPN&cP4?YAhh!y1T~ORu!H5g?_~2+4obQ9R7CeLf
z{AYvOc|q0fC!vv&OpWZ5>G?H0Bsa0v8z;~4U7lyZb8VN&R<fI8(~?<T)q4_+G`Yan
zUS+l4x`FDTj}j8mk_jI*B-r+a-!@)+!oHrbI?@8DY7CcsIG?BxIjxtfJ~C@Xbm?0I
zMNe8Tc7>b9>pybKg>bGv;Zxs*bAfL$vqewSLNo>+P--UZt8~|5GkeDp?|Y&evVuA8
zEnn*?A{~gJVnH#+%Spq1%QbbSyG<@Ar#7xIR_Vt#9h`W94jeI%K$oH2nvAXW+sAJ)
z!E7Qd6@?%Q4P(#l(--CN=EFHWhJ9ERpfQy$N%e^^6fP%BP=iWno~AfZMwO(;&-1#1
zDg}rP`|{QY!Zkiqs}kjGOuwUjChaa1j`(nnlA=DGqdU9i1r*v~DF0-it{sNL%|0CU
zK)3jCg)m5ZtA)MldAb5bcKAr7Xf9XyK&=9Ee2#e*>F<>i-{Uhylxe=tw7_TT5TOvi
z$Y*L%px0+w<ukQ-0N40T&C0aaXX^8rN_?ikXR1-A4L;K*pQ+hrlHrKPyNR&IyT*@a
zpYM9ahjVilD=q`G$;WT<`C15@irLf6WS{PY1L#7iW(Xt>2%d8PTjAr~Qj9vz!e|PV
zDeN=V_)KomgARPy7BupW_W2?{zJ<A=@_p(gjcNr{IPhV&(!h^={#K8SCST8FenT}~
z)mnB!J9Jgw;=|&d7%n(NQ9hhnPH1bTyJi&E;XdY8&+!Q8@CaH!SO^khRf!&-9`<do
z^63?XmA=TQiysO0X2C{Z!am&M!(z8e-{AWumaFh4ACCHPtIsc{tMutUEUv3?hYySG
zDm=@Fdp!IVz~gk2M3@m>i6CC+I4cbHHeW!TRTa!39IMCZ;1(N)_9MlMgh5!A>3D-w
zFM$-OB60~vs!9pUFEjm#KeW{d1|Ol^NSD5t%^sI3<LsG>vuYy615l~53n|8tLBJ>e
z*C%iQfqx1%(a|xJsv~W)qlq=~<l*t;e__qd%||lSMw5T+RhjcU*YLASXrj1`g_Mko
z{^-mV7K;YCRs4wqsuiKG!|8TB*&b=E|7Saoja{g7RMvG4BD0n6Jt%hGc9K1*KpHn#
zCfY>`HUJSk(q*=B_R?m*T>oL)ttX5*=Mdf}z<=E#V&YcG@2!${Y%DGuE$wxy&QoND
z;O|uYqTEDJ+3VkfkRj*9cBewv)1R#_IUJkRvSOKAWj>NcP)^$Hf2ZQEhYBmp6J|K%
zI>m}|9!Xj;RDVuMrr#dIY-0R%iTXPf!reYc5GPTAotj_CK8tSgJ~|Mjr^!m&kG++8
zJ$U0?TmYgFGuYckh^}3={2F<EANrvkC$SKdzL{~726moWM<Z+5<*#KA5==C|gJX3>
zbNOqT`-oOy{I%?>(M56yQ-%I=%b~-SuHXD>sl(A(l+KyAr#~gTtmsUX;0Bb)S@RhB
zcdyiF5=WDHOR0Mz1ar1IJ8xGoJt#Jm$Ox8Xu?DwpGfT_W%8^s%Zf0p2xwka^N2@_z
zI6KGlfLJf&I=PJ(Y~ZF!Nky~KrJo!Tz2CZ8!W*1*k4CerqRHdSqoK$$bI}$Jov=m)
zI;^S)W<t1ZJ8F$R)@D&hSLuQCY;QDibXdZD)M8<!^f-O)-!+o`@gn|}$BUR(5ngUN
zf?y6W*&#)E*{qV<V&rPDG*FuR;s_gu+VT54S=`X%ScpGmLEpM+JExI#r5rPXJcID;
z0VU~Qz0B=!=V|^xl)7c_>_HXd4t~F?<e{^{Qt*pgKh376GqG$}{@VvM8Qcwq6N$7d
z5Y8g}J0#`q?a2bj37L=~u*M$B>BnPBa;H4v8!(Sq8$@);IVI{+vBeUHGJm;$XAWAH
z@pPM6w0+?ZW$>F?uxQhv4Am44Wd<99zwS_`Su?qAQ@rjUrtUtGpaV#3SrFw+zWeLE
zyT5Q4cBtfBhOA(Cs^OoYjmun{Od90Y;IB7s!K-5^Akrs4!@0z|ucs86*C6XJKe7z?
zpdmKk8$bV2aGobM5?c7Uj);ujSV2^aj))9$2LGU67+|<|+4}O(qKBzJ9{SCu&~=Od
z=2;P43HF}|sDH4S%I|!%M@g{9%}~PywzgEp6fr~*r@4sMxArJWFVQJXs`8mP`M%qI
zhn4Y-o5*M@XR30~pAIhxo>s)3uH<%#SgMHaT*T*diCCbB&sig>Z<Ojj+toK(->3R^
zl<^13_>9YV_djXuGDSS>BJNU-a}{xyMU0#Lo{(1gUqEOiZpPHX-9IOX7GzF3e?*cP
zT8~I6HEsk2ET?9>;)3gy`D`+~L!RKK8wj7|+B;AHeDqTyjwB-3?bR=`X_LNE<04O4
z%h5Mzxdw~}#|wMAxkisAR*h<)#E=7i83O=tqNma%!Q>4FOngZlvbV~4UJ#5^yN@Ek
z8ep7aa{L!;N)dT4k&+m+Vrufgp-73_?8)6(`%{X!LBcQdKVy)-@-L60VD8UIytt6P
zHu$x&e^)Wq$U(2r&!*xGGnHXHF~QDCJ6K;s^<~c<rN$k&#@bl+dJY>A4bo7nLieJA
zh${FT5h{4@?-cuxFM1HHR^V+#FVWY_d;xL8hgREdstp^&lHeag#S)je@<~e!<(qm|
ziN7Y%F|gp-*@SWauA27vr)54;ecwkl%~$4jOLW8HZy-7*Fs{P#5B(<j<EcTX^CO8(
zi4Ks}8stMM9)tw%DA&r8^=f74?yp&?##`8%QmTmoe&{eYdZS87euPxt{|u7adoB_0
zlWuZf<x9lb{jv2yxl*1b#hgVw6jAXqbx7A8Ob*!?{4+`TPQq?O9K5OUuL|kUDEwm!
zV~?>hSg!C)!miF{)ww`%7v|%vom&)l8gU+xvlWgJ4)%VT&K{w!Dt%$y&HW{Peamv=
za{syDOy%CK5I$bvZ42S?3V#MBMWp24U*Sw4JY3<I3gPV(=9!&b{x5z=_yHG2t_s#G
z{KrE2D+>Rj5Pm}8WFh>J!dDRvCcOmY7hB3Z!q06=Ig2m^^T-Axm@DQC_alD!jU-NR
ziMPANDfz_jC~<^Kob3{i$S00dqWnZs?N2|jYVZFfM~7i0u45$p7={G{cX3OCg)ai#
z-}H5dzE<n&*ZNwbuX*~qS6?^i>yP^C($}x_b)~*;)>o^(q^k?2>Z?;<Q~1hU9h|J6
z_TYH^TofFmpYwu<ewu-F1=0d!I{imE1YGtLEToPm<&Q4q%zVlerHmrwFRtq^Z_4%V
zNTqD=yEYMP%gmtQl^4F?xoQLso+vJXO{Ui(a}X52)54a%ybzYanLe)&79S1v8!uG4
z%s~VPG*t8#I86E=mofc;N=+k>9!32bRh~IE9p>9NW7XVrG#L&>Mo7O4Qb=KEi}W%z
z8k&JQTQ)d!=r(u@Al(;|91uLU*Joy|U~B@pyhf4J-r1of{kA~=E<v)V=Q79B@4B+-
z1wQgY|GU!vKI4BS%B#=_|6AvO$N1kP{cqg=p5lIiQ4ezcXb52b!}TCt=Bpg+e+8zh
zp5cFc{O@#DWX1o9-}Gb;=RWTD?$Y$neDY%dyVU*WRQI`e5ra$LrsG@r;xBse7P((#
zHaP_>RS^{&t<1dukiJRS`Ky|~oi7_7lY>YLTEie%+pLYjz1wb680X2vr~kkx3+!LJ
z-+ZB$PIdB)+6(p{?gFBnpmeCC70Gl#HJj}WufrRu2{pl8Jfki^7ihT#&{kD&>svbz
zz|`DFPFLhCAK7b>ZPiV|Wj<z=&ld0-oaG~RY^4e}sFnA&p(9k-=OgE-!smTt69MI%
ztjJ|Pvcw{F|DnQH*y3ZFgD>86;C0X?E%GhFdp>5CkBI~?T8!SVAwzBOn9opQ0ANlS
z+~;GQ&a@4o_V>OBn|P#&U>?DAgSxaobJ*r<x{)(Pk3ID-sJ?J;NjeE&HiYS+#A$Rq
zA>>9U{rkdb*#M=6e+K31d6wYm!ET5(R_SXC`D}2`RX$X{Cc3lt)gCxAkQR`GRQRJe
z01>HJjap-*2elKZ>7*Q4rH46~v~^Y+LiBX~V(2e~`;yk&#yy}s*vcHzgV?meMtdq0
zysQ+)PtdD|Dt?2@)%p!2rw0IcdWQn=R>6E<MpdhfF^Z#9<~yqLg*hIn3rbB|uR&}W
zx{Lfr?s%VMfzn5_uj>Y*lXcupr}UY0D+giv=3F0hT~F`rI+Wg<6yGspbf1rQ#SHls
z9xeeXxU{1S{`fj@EdzZNON&a2i@$Ot-4oD6#*&wD+I9+>fmeg6CzX|?_w;QgUUigK
zTE0!r&-mc>vrX2am=*w|sv~Jg@ETl|4OE<VK=<Rl?+5p9y-i7GO4<%D7~EX#zacuk
zBcP=B;-Ac^9!wEP`UkEev@4oX*n@ZRqqY<bcBv=JC48mtcHPWjEy!}6&-$EJ#`JOg
zL$#S{s+%$Iho^mLUj>c&PdR|>DTkLWa(=Q^QO;4y`H{<+KHZndVd4FT!k`A1>?TTM
z{+axpUQXWNPwYc%{#heHZ^Nc8i;@LvTc*-u!tnYavZi^%RoeLU6@><kGPhG3xz>NI
zRnjQ(n0zz2w0qBSjMR8%v>43Cc6C)4MM<<x?@S|UdBIEnvw&ZN=GsGD|19rMRB&^w
z?$-zPJx8(NVKxV@t2r1NeCbxI4kl3=zcub^SUC9UpduWv+K(&0ye6I>*R6d?8~!U>
zn9fP;4~5*x!Rfx_2KXCCiA4*-2fKWh%`_Iryh@B!DhQq?;91ws)REaoIW=CH-HXdS
zb_n%uof%+!k?AaP;+R)=kUSl{zfWaJXxoBuCjLQBZaB5!l!lWVCY=<W`QB*Sk)o^p
zh&YoiZhkQA=7*`>j;Tn_k~5dc!qShImV_}J4uuvj(4HXD@pd@UyM9olYh&A<T~D{|
zhG}p-(Wl!4GncE<qN~FcC8B+(f0#Mc6^47s0FU)zRxcwFJ%9chepXR$G*vcITh~Q|
z2|C-x+&2fRwt}#Ytq|O7Ypd)REwq$t7C>LuBp+0&A)cDX83%^>XGc>%v+B{wsESZU
z1C2MZ`ou7484}~aRk>zKwzGj=ezjv3XgbSX%P*rLDJZrM-O0=qqoqLLHDZ)+KhGSJ
zD=)C&3w``>F?t{@E1F^jw@E-;Fhqr=$<_AUyJksUtqcz6AbBpvGu(f;GjCyj@qG4n
zDx&?SyZ;bRG?$wyJ<5%?8W0Mq(7OwGsU96F3QiHM(<7Y%SO+AV$S31y%{GOFEji~{
zWxsQ+v!RMx%+X6|<So@5iXS<ND;FbqNl{lcnw+19XllO~uG~pR>AClOq)`u>c|c!T
zW1@PiSYpan?x8`hQfkZ=P?r#^#R^;9rU7lcMRN#HT<~tjVW@jDp}g8!{a3QiCgxLx
z&H*^gzgqVfu&U1N;{Chwj;TPX5K}9cZjbkVSGi}?;wf{=o>Q>%pd(Z;ITBB{aIa$e
zWKKS=jin~6FjO|t6m6WtVK2uP&AJ2HB7~zU^j*LMXSDurmsH?)Q_h~A6@V`ZPp9@8
zg7DW_g_YAlZiQaUo5VT%Saj#gz%IU=fRJNV$C77k*u3Uv8<Xb-h1%O!6#9jyTKQ)A
zDO&%`(f$3)iVnnvgxl!@P+f!D=^`$}?G5i5ZrhF$2TA<R*VE`v4-CJe)?ll%#g5Va
zXwy6RTDFPR%9Fc3nZ6jn#pA-#d1CL4-NgR(9QJq1jZ)v|&TY1G?d=>*yve5~M;|cR
zoaWqRH0}>%*uqyEM%oL=r_M1H#(0im^yc@Hzlb%&OV>pigsMzc|NhDxgE1f_R*zSv
zOKA;c$~9N}ZXl4cVa_@?zPJCz&LO(KEr=M^@>r_dv4siM739Ult#G7Nw=PpIfBjL0
zF<PH#ySZ`9)uZga>w`yGo!sV|Y!$Y@taj9y^7O}_X0t^~lqFYcjnUbS!<B^W<FYId
zh%_e+7jK?Z;KxmRpeK1)Jo){KSeA!NKlb+TpW`$%p89=__(k^d;DO^rGw)>Hj&@#E
zZjKwcR(6qCMCVoElC~<GD`4NUyu84Iv-_T4$;ELG!+Ko(*~i-|V_Ys#{aQ0lr~X*t
zJ?c+hipk8!!Oy?YdPb$mOT$5mfL55F?jh)d8P}_Wg#~76aerd+!M3OG4_)rppC!V)
z`tuT!J~d|Ej&;tUKRZhR+YJ0UzgO=z1D`Fl-46i%9b>6Kt2zNTo9blM@s7kt;rXS{
z1@Sw<8@n6Cf9>uMaew?rlS{-zWekK@-UmjD3y4Cu69mZzqD5)OA(Zxy-&xw6qO^Ir
za?iQ6`9*09a%uOwwBDk$Rk^fZy0o=LX??l0>s;D~qO?u9w5cww9AxDBAX&)zaIDfg
zuWBl3+lJwcW-IGmM2m}P#-7?D9_XNei<_RU+|kt-E~-(KVl{61t@V6#QCcLI_OeS8
zE6PElO^}uAb!ja{X|1`m+mx1iKr2(w$EAvR@_}By<H<j2CANvt&wqQY)6WkPfaob%
zm>&;lJ<ItvIgX0s$-8YGPd*Tk(3qMUji>foxvsJ#Go-+ump8{c-!HwSE(Ql(Q_{vB
z<m&2G4cTWE4t%)J!egsT+MZPMCW4t25KLdLLFVL(w+TB(g}Kx@sBK?vi(V3rC$HkB
z;n}zp$TnnmtX7R~3d1b_sO&Qz-arjoOo8-s$BU{TiNPd+hnssM^%IXSE6JRpTNo+B
zQP2UtGKUdSbUzG~xcM#oXdZm;*!=vyTli5;fB959&<BK@;Pjzz$JABf;2%fxkq0O^
z2@u2%ezA+qqps^TkAiFLr@#P;=0EbK<c`L~6OHmf_tyq_QT$AHRS}}`Kq{K*2zC80
zTE(4?=2l6l`@i`YPN2u-?v%LGIirftsU&Lk(F$cN>@b!cttt`)!u-eEyAmvTdv`+h
zbUsXUoTU%`qA5yB=9p)JL5o(qlad|_wpCA8zwSoWEay5?C9<)q)kYIXRfQ@j85(v}
zd35DKbVw!XZAmrvYuBqRNA;pg#I<f1#F8q$vz5z!$v{dPP+lHmV5OhH%C&o_>olNu
zR}x4GEnG#pMllw|OB;#$PeRv^^F4K)(Bkb)+O*#M+8w07r=euYo9-@cOTDo^xN$F9
zquK78sG;*3q|feSG$oQpx5Sdiw@NG-HW8dn1W3U(k&SgDj;be`qv{E>E*zcSll(%e
zXt13Btc;Tuwf5#;;=<(bS(7XDjI}bGX=Gz!L-0##kl=xT=B?G)oNS52*eqO5mz1et
zkqbDDhNR5-`W-o?x=A8tL?ULbB&cv*uP{BgH`=*jU^KxisT#%3O<RY4&@CjThF)FH
z@$T7WGw~Xp?JK+h&14#XtB#r7{VF+9x6>>q1$@X!Njz~O|6RlKb`4m-QV$4nG77ov
zJK)#85%@%~lK%1-2rZmcy?Y)7Rvi6?Xd#b^8!2O`(6fwP)g7ckQ6ePnf;$b!{~mg%
z32Ym!8d@&D1e7GUE<%auzQ+77w;!CD<h_&Oq95TAd+8o14*;VjZ59=Q|0{|zlbz3I
z94L;?R_;J#X6GCk(WoIsJxLsg6RYK#;{{pcVKnoj-C^0@FQS=08wi7W*N9g*xu{AJ
zzrR=!Wc~DSc8GQABX)>2Yo^+F+Yfh$^~BYv@pq0U7rP09FglH*DE0>}lVV?z757{x
zH^2ya_k+fDT=}zY*hRDQf3TxCRe?8|yii#0;ZHTdu7@td^21WW$E3vHqKOZ*JDn`e
zM=R+IN=f5NK^#;jo(x9mnj2fbN!nYmIcQ)+OEsdVMTsT%#20LZTnxlh`(F4CE6eu%
z<yBoGm*0WVb-Q6VZN3NapLZ=Q$TOKY*q=(Pj<eE91FSy$2vfDHbb>ZdyCj<{8a8%S
zYh#XIRR<$?l*p#&UPXtxe??FLBE(!FRw{S+vE<hA<P{L(X<=Cqb+0g1#+8r7;!|2w
zLJP0s?j6q1nPS&sF@9es)r5YtG}L)9p=j#Zrp_yy@MApa<1VNyG?DA&*nEw<^Y1o@
zcRi|u%R`PDBnsT|rfBIuvadstpAnsYz-+`p3|y-w2eqa}Gu;(uuHrYA`fi16u`X3#
zE0P_%1Isu$L1X8~Cl^pE?kwGSov9?+hlUpZP@U~~Ez+CbN`_9VqNHtyuGMYaJy~4c
zqF|`&ZGK>By#(|(u7iIrJr7&DUOse6Qj#8sX2zPt*Hteuf?)*9BKOxNti|guht_W~
zrNgCDcvv&>k6<ULFq+&pa{`uUTS9vYrA&dHSUOIOG}PGuikGIh>R8=7YqqsqeZ-Is
zfLJOZ=tW6-2Ag;sY8j7{?{Tl}Fzv*sRqR44pq%p9$J_zA$M_Y_gD0ZTaXyw=z;cFi
zJIoV*Yu^x0oV$tt@VEY$_AquQy#5x)>T+b$C05*+{QjoK<Oq0e+g-Lg{b^@Fw$<s+
zVhDf|rbDs%zg~Kvme*#=<SgN?*47y7yoY|Fm8pG%c5%%{UD!f1bEnQh<luduo5haJ
zL38(swsl-=b?WN*FD_(vc@Atrre|U%v61-Ebm)#J4yx<Tk%vtPPe7Z|M|YoeF^+0P
z!F8+0ZjGDm&_c`?hu$=xh$SLuXoi(uzO7BN_Oe(OGkTT8eM<{!fL1XZ&3jITxK<Fn
z_fLrh@_$~_Hcl>nD>inD0?XSE*vJhheSE{pV}djX#Q4{OY(TyU#=li6p`z<Gt|^2T
z!e2l~f&7_r!4M2DHB-ZK18y3IP(`Vhzh+P^gH7htB;0<AX-oSDBbaUQ1>fEuvbjzN
zVz{C19xjk^W79QC#_Ldg4@HT~E#g{a6)hOU{D;6aj~^45n)x6R?S_4%Tw&q8LkalP
z?R5f^$R(O$hy_kX(1A}iiA<rLXojV}hh%|XtC=m1r2a&>H3OG`Qi3_};13{GIr9ba
zi^Z1RYQq5P+(1d3AIZc>^$1ak7x6+7T+oh{+40*MFDPX$?NF+@G^As7pPx&KrJ7o=
z9nrD6gP5fh_OojlpARzgO41@=E^39Y{|uD=pT^GlOTH94|AobZu(LClfBqBfTmq{C
zJ7=%m5<ABj;`(F9?!0^uyv)uiUCYVi()9Knt2Y#(WJo`h^hc5~<B{~RkYpM}&*Q}Y
zrbZW?a<csm!i7@(BX)&vA&UTSXnsTioVerGV_-ZrHl`avJmop4Q*u@PXO|t8=MgsO
z1?lzYFagP@r)e!=#x-Xu7r`76E~1IG8RyXR`Ws<5lARA$Ca8z460WsXWkk)YT-aRD
z$n^`lNablkb9b59DihNx$0pM?#2qTYpV(2?Ajm+Ho(Lf`xoCf+ITca0C?|Ov8v`wq
z<`O%u(zo~#6|O>3JV!5?;JD1Po5`TsNvw(`o-iMtx5EqKsf()wFifNlvuN!PtTsWA
zAe}i5*w~U%Z9I7vJZEur2O!2$$CN5w-|@s7(UF<Zb${VocFl+Pmmf5>ROhj&gMoN)
zbuZsIcF0yfh7CyFYH&AqDNlKGIjVg^tp1g@J<-ea9&G5k-|JpgeQ@bRxVX0Tw!X~X
zQ|Ckn`ZXb67fxZR?rN%oqaVz@w+eiq&UC9TK2T?h=~YL1gQ7)uzpmc4k#W6zM#tLs
zbU4L{^k^gz(=DR=4VL})=U9g*2zOT(xbBlVFo*in<B74Wz@1QSkH#R`O_5?hqa3h4
zH+GGQ_qaV6>Z;Jd<ah{gx+dOY9g4CY5k6vxASl~}rW0KC5SF}lxt14Wg4875q|@F-
zN=!T~ia*PizS}GE2H<!9%o%{6nPV5^%`JP5cbNhBa;yVI)!(J0hO>uUnL`UgXWcrk
z9MM4ge>;si2FcZoXx?823q`i_M<5%892J^ccn8&G_l~la6G)P7F%qpuTN>*AD+s)w
z&eMA-)H#~|VG9fBy+pI&k>DfZLhv#BMgS6~vz3j2nVw)L7HgnbD5Bt=(0mjAExOd4
z8zZ-lyZ2?})*^fQXlJJMl2F0laYOd`%sb|2qonOrEd}U~-qXxwq#{lZP8?IA{a$TD
zXxP?@Mx3jLZu%|EpMSbjZu?eP6Wzj}?fW0rb?3jU>q{4XzZ~QGQOj_*-4^|SvkX7>
z4I{9e3*r8og7k4)i7a^7`^`|-_6!WqKiDcCX$Vzp?bk}M!#M=PM{8@{y7U}!<w}%-
zGFQTF%3UF+OD8MNF!Nd8`1e_Ng8wlaB>Q}^s_yBr_{3XQSeVbdfj+otCZGJs8+KPD
zcon~b=@E#>$Q)L5wQeAGd@}IT{SbFLs7w!gbp1liH92b*;q;H~TYJcrC4f|tj!~S<
z5~(b6x63?TnXl4!=OYoLkQ@$d+3;)sjEl4;O8#+XI>*nj^9!W9UGHI;G#PJXFmI&h
z{L07|D<YwVD;~;<{wHp5GRGaHse0B0CzFUQn?oZVXNW<kB2jbnsa0k)V3{Zs(FZpI
zywrJzmkDJIq7A^aI!KW;D2cbm(~@Lx01rm9+cEle@*KX(Org<iJz>II9qHi5)npUz
z7zd)1KZmmj?@M&+vQl~o3v+N^4awTv9&+<1%oyf<vmT!)2_h8qeLKpgTXSd_nvz?p
z`>Ye#n)2&9<mkuuNoBrD-u+ivQcGKd^1yW`|BuAo6JB)U?(ImWh7&OdG@fpkibQQF
z6N)PBmal`#W66=ViN0>gRn}1TK`?b6kRiqv+%Y1DjE~wSC<z%*SV?fu*#Gm$ct7~x
zK*o_TIAk34wa6%k-)pVfpkYIxY1PHJJ_28kjMMfeoBU9s><D!|Y+IlHY{v+wl_ycn
zmX%v6$pvoyZEOoilZ!O>GP_u`o5LI1qC{){W*XSg;)x<O@gGr1Ew>V9;R#Plnh{Xi
z5Q?yv@wJw^x_x3a86C}~>PT_%5JkE-Mne;xK&nkWZqxNS9n^n$C2bEx2WisT%Uf<8
z*OXnQmQrrJu5gcq2fcM3jDg^M3(n5hxj<p!ZDmglnz~S;ITK!UTlXhT`0wCXf2y}f
zzrwk4Oc%!zO(9yb%Lxv^n}sc7ZXlQv5tr9ZjvTLKZ&DK6Jzn(Je;nZBZaL%_EX8SB
zYTS38WoZo+t^e*lf%m>-eWeZbdee140QbvQ{%|%c?9Amg;HaOzZD`$J!7YQ*2N?3n
zz4`Ejx_^yyke<vx+97tzJQ#<P2)k{o0+zp3n;fgW^B!)DrMyUK{m%-^|9gAMTRetu
zsqO$g_L5`n`qJIf!8Mv{LLdj*+mu85U%8>g%_WPJHk3y&#UQTQ$HWPo?3LS4?g%T2
zrtYckwN`ao5#g|hfX+a6{x8NV@o>79@wNd<x2}_1I=vi1uHbMwHT1Scd)PZMLqFpq
zd*W!xkQZ62yc!xD{RU4W!ugv;9WA-lL~`V@n!9Qz#066kuk<y&`b|35`PwgyJvLSL
zIdMQ()?4>dL&w#_BZzFelYl?9sJwM%*cO3#l>`~NUA!t(bYK7IfS~gqEqgu)SrapN
zPQvc#Kil?e55&~zpeW;X<AN_8r`dRq)2{Y8Th?tt6xLOiIX|O-p}7c#78{nLy*+Da
zJn>0zQG*RcW9lO5OUFI^W%^R-t~ifF|8))ez4viRV9HX?zcG#j*4!ER1qmJSZHDaB
zMYWlVVtE_;i>TGNk1Ep9<TkG2foNd);)L&IQaIpyCi6EnA(ZEu*xH)#W)CQTC!_qe
zr$W;M--Uj1a|gnx2tLH^RPaSuk_iWNP^)%Dth&-rKTn#Gx>niNSmJ26dLxN!rR^h6
zgKjQ~6lngq=ZxmZuG*63!_R*O%}X18l&z2b`BOTc-W=?)0{fUR2Rm$F|HlxU03jZ!
zsXF&r1G{_WmSCT6J^GTVDzIl`nV$YNL(m_)KSiM(^z8Yi*u8?Z{{dqAfw>Mtc{s`|
zk8BC%GV8%tfce(pTXKIv+y~^r+H7fwEy;g>2R=L+8xh@e)W)naIcj(;Ic+#rGwa$;
zv@Pf)n1Iv1)+J&1cJ5IBxVwkkLlOPun4Q04%XWR-^==!wHKldOwufB2?dI-fR+{(5
zZ(dipdf6w&m*64_@+zfY<=_PsPVW!%K6gLYQH&HZza=M&1;oAM<BL$;#uMRaq6IAm
zk7ec;R#P8Avl22;GQ1e-5_gNIMm^q2k%o@N!)FmL33dOSe|d%r9#<5p8P=G*dU&)k
zdCu@A>7gAa{zPpK6C(i3Fd-%MnB0n_Djfzq?>ANSLER1$XHr^PgC25ac6d;b>5)6M
z(R-<HdbkODA<6q-$K9FERzBAu9>TrLc>UGYE$!RqciPP|gbJS~tv{R%gj^d<j6z>=
zj#mxEvh3a|7vllZ?%jnatA)GWCe*2rcxxX}sD>5=#Jt3?6sa*2L8Qk+9T4DyD|9<c
zrc1#EXR^OP3OH@RHU<}*LRhcO1SP-cmd!|gZTuZyvS7}gR=p~CBg(1k87?+hqg<cR
z3Wqi~-Yp8RJmZesA>D^(k@;npc=jSC4(<Je9m{=iF8E>-R^`s*4p+vzm60yi2*R}|
z6Z0!#f{WC`&90K+u9B-<C3p0%<fCSe@h%3AO@FbbPIkGj@1N^Q<vNaBPrF<PxLnQs
zbKS07`xf0ZivmxEhn8*sus*0)a8U5{Z{1xWOsh~WuMd{Jz>R`~!A|;A{qt@9L4%TB
z&2OfJ<L)7Z7=qx_YEBnV@PTy-oRv?PwZ)3ei7MwV_VCo!l<HdD99SXlwcUD}J}{qM
ztgtpXZLF*<oSYTBw+`HCTBw92A6}gNxRMWbpc$RM9c%;KnUiJi>kHhjJW?+BI41}N
zKT-5&u4Wl|90=&?3}KfI=)#J5!R5$=eSOWrX$Uu&;hFt2qw-B0O<e-HkIcc(#uUMS
zwJv1-lxSfrQ{(YwJ;@9!>bNia_@|{MnL(K`)XV|QkdpQ@GUxKG(>8A59I%$I;gkp0
zp6)Cts<WWQcJvnP{p;;Y0LuDJoMuZdTd?tYfuwcjUs4>WOq4NIv6kD(G>Qd4(6@2N
z%?^YkC3$n`oVD7uoZg;Yg<a5}S0jz^-q&*M8<9VT#X4p0gZ$y`eco~gYuhu<d3ij$
z@0)OteDL97dpK_o6HRUvUAYxp6;Y3O#kb}{*(L=NABvyCSWO*t^k{wXROQj-p^D?N
zLph};G;9(Iz+n=Qv3{wFCdO7r(I#<9IfwFgLZ#EOaQyrQJwzZ+gNXeOKLPXHs)D|e
z_e+%$oB4=5+nR1X2I(}`pV!*{1_#kC{u~i|*7m=l8e?Pll|o+Ud*wMgmL<r1bps)%
z+}l8GIw^~8g#W_9^?h))&gEg`sYT=(+`g;!yS*x~g#|(0D&i{*lCf}ACZSCNr@FtT
zm9pS&a^@mGW9I`qd+_bNzA@V;8gX_G?c>wal>u9bW^W5InfDa0h3UzD!$-AdD+eno
z<$VolV;1T<LIq_dv2F(X)jDfu+~_|UYkl{3Io3LFikUk&`-IwH^~cB<OurNVxj8vb
zDCuvXua%L9u3}OdLCB$nFCY#~>iA@Ujv;E%kK><Dw^d_k)O*M)$9ji0GIxX$4rt2a
zr61byLDBdp59Lw~O7?6pY%MqVJ0Gdwn4mq7$k|*@F*EvMg+lL$@jMcMR0NI5Ya_f`
zOMRPSY|&W0AVV{cMtZ4kH7{)(Rv^Pa8VAXVvTDv2LbA`)E{OxyvT7}eY_G6Mh}EwQ
zb$uZSsRc_mGH?K5;shCN*5WlIInT&Cb!kid{P{iP7TIPhu}Jgu>wZ=^GG5nqQ#5%}
zYi!J^<?YDthsBcPk>H_W?DNj7;f2r9*ka=vZrzsl7%M7xofFS0EZWD`Py1GR`+LVG
z$9_wMT!V1rYI#AyswhVqE!G9jIE>qj|7RH_U(~r~Wo*q1&PT=*2Y(<Ov~uX8t|B3<
z40R7M31ONx1sIkKHMN?+lQVl6Cwv<X*-<aB(R!(UN_spZU4wVPzOil{9?=HYy;QI#
z=Zt4p-g02GmaL7+D82Jx8{LDR8&HyYO>!kiYdG&d?rPZuz-HgRA4K9$fzdC*_AE&w
z=2Gtou?K;LOePOG^NrJ{%3=_}pt$__h)pq0ye!chQ79~X|Bu(;yX^=Kz1fOoPBD>7
zYZkp{l-&a;?UzgTnpTZn_D2$!BKjxFY%qNDSaLMQsh%Dqed8quUzL`FF*M1cpdd?4
zY*w39Sb1Z#-5!>QIIf=*&MTHPo^Q7;KfeCzeX!SNEcaoxH_w^#+wDvX`j`k1$o-AU
z3w=+LEfJKRJQ47QD$}`}o)Cn7;s2OpKcaUFCLCWsZQt_tb;l;J-WSwCAHbWf{I;w0
zIfqQDrB8AoqdgorEy?U#y#LJS8m%uV%<}WJ0|)X;$?Yr{H4$w_s)A_BZOUzC+V)>F
z!{+L+NR_1F`Gs)pBasM__c_AwJGSc%5_=3lj&3@Oxi_ifQ|#!FP;5}zFrs;sel$f!
z|08tt6SJac;Wsk)IcAD%2JVKVEeTU`wsHeKG*+;JAUj?d0zVPyV<D+l26sBkkwo0o
zpb7U$Z6FDE(bygDIW&0l;vNO3M;Gn=!1FUYC++lO1$h$;!=o2jfkLxpQVZ=JMSJlv
zW2-OSKaV+ocFZ;f<Hyslu)*6`GX`x88uA{BOQgr%?|4B7ohUkC3emCEl7Pn_hx}E;
z8ncQ<^2_oW4?AHoOk}VdSukY1=NCDHGN`^;quUbnJc&30Ih$Qsb1)2ljG4;dho^dO
zZdXIs2S3ju8^O-6TQ7EglG(T(A;m(qv(U#x{K@HnClh*Nw{v#-Tc4iYcM;L2KV0C=
zx^Hk&G`Y1_t;<hVMX8}ReZ`9wbK6yVSTs3?8ZJ}ComW*jbM5kM<+(1R#zlm)m6I&u
zVYIW{7HD7Hzd7jJw>P-$^x{^Ze)ZqATC#bo?`u|fUR7xI6^kftHD_NfdF!OkBg!t>
zCz||jc|3V7e4poXc8+yki>7ls0;e~e+3?-$zQ3Rf`{b$uhR>H{_k61I2H)AG466G$
z*nXYx-Orvc3PoyZWLj~JmC==e<SlZHw;jWATr}BX%cFaW(_XEa?W~bf`wcl7X=&7!
z^L3CGo9LLXT)sCa?!@Z<iRr-R%~z}P2MZ@`JHw_mR(cUsiA`>{FMX{{OI@wl$_|^a
z$1K3{dRFsL*N*}Cxa6dR%cEnOTHCpQ(b{rca_qs_mg}wzmA5|)H=aXl_|Xh?oyQtt
zjlsAg93HyH96QWrw)OX+WcSs`Lv>wxBJ9}Yq%p4cK()gg$7Cyi(yEE&8h9$r4b^`3
z_0i<~dFmgp21x)gKW<&7U-WH9Cr6W!7VT$ygz(O#=*4&}lQNm%*r(;}y`y99$d?N9
zIG=z|O{`TpY5n!0(LGiQ4Q8gYFeeaDT3FKH!7FtFUfcF3?B92%6DOCqzY$Hgvs8`U
z-B8s2j4TiYM5yzcGC(nBsW4$<U4I}xhUm??Nov1+CusQ20tQT@H_*2T|KZ!N%dSp~
z0P^Sax%*~xjP-xEWuS&Pj#3SKsu%QD{MYQaP!d0pD-loD<IJuKtPPBskGgf4ZKuxB
z{jWIpiGF{=n6?8d<e%=~1ER1T*fkE}w)(y?xfgLz7iN%cP(oeTh)*sYv=<!E+nArp
zm|3@;M>v2%#qrZ>EcI=5UyrHDtBv=foMyVp_^Fd^kS!kz$fUo#@<b8FWH(-__Cwt|
z#g$4z3F#*(mX|lAV9whH#qiqq6P$bVEVe9z)~QnG+}l}eV^AsSF`lZ%Oz6$FBk05w
z1LmE}juV%UsDOvUWC2VGFZCdB4hc?W_|W}Q`+;`RKMqGEuy6Wt(wuH9Jx29Qt8*Nv
z6RVbW$p2DV&Ou$jyq$;FrmIPaN^(+#T+U8oyM9z*yqy_&k-hlC7fEjV-iCPMs!j34
zm}qu|WM)d6*<dXuHKDE_P-kOuDrS`9rQUzQMqn?1aO$fT6MEv+qhs|?UON6uJI(@k
z<s}aHFRDi@auLn)?n@xC^h%=g_ZwO6z6(r<MV3MKl<D7*!O1Jy7^&OZ7-^vvQCIMr
zIl&gneXXSPzjg=Frc-j#(Tf+Vqx;ZL<j1REwYRtmz?)Wj{%^#i%IrHQzT}PKwHH*=
z+Lep>-Var9AcfO4Bt-UyDi&P*G%u&Qd|VQEfE;;<+3)pQc&@uu!PS61g-1dt%Cx}(
zUKZlMK&$QxH0!<qtS=6sq)z-)+q!79^V0#B9Nqaz88@A}SGSE#A10+5n>p@2nXNmQ
zpT=ISB?~1VtPSymduLkrvz66~SB%HEoxp{<KH~96+vt^%o_>c=U2g{2(VsNVT&|_3
zNWeg~c4gEAZegPb$b-F)HMzmf^)G_o9EoT$J{Wr=%9g{NU>^L4IAoC;;`-UkUvBZH
z5BwsyKm`W{11*yd7g!Td*&ekN8XQg<{P`UUt`FvHM^_xKgX(p9&h+Ep<+u88I{WKC
zY(+--VG58xEkXgZ<$Cq+^dSf$o9RQIVOr+#(oY}KBmu`(eRfN%Lw_J=Jb5YZ2)<X7
zy8szss&c<;SUh!Ji!OKlX<uoe-^rwrHp016nTs{^lc(1*_1oB!*sVybak3IpS5*Z+
zFh0G-y~5E-@7(NOA#c~d8f-NTd>({N$sFCE+CG-jE{%i3{b^s9Bh$JJDRf@50>xA3
z!>nVk2J#cZKn7R5DHI3))o6oxy8Yz&XCB|3M+|5?1r)@SmxmF9cwc@hXJGr)^GHDP
zdrGm+<?j4zOZ}6RxbS%NaUQ|hea~Tn=Y!xo-=1N6WhA%?B}M0$0d2>EYZ|^P*KqGb
z8Xm;@^gnCwpKy&rd!8J32H(QY_uuGGY_eBB<s@e7o*Ju>#bb2`_1IXwB=Md7ppDC!
z*?n(Rf(u9z6rx)~P6DjhqI$2-n?xJJEW%~-n5ua3Tf7*%@rYt<>3TGKD|P6&>R$R?
zcrTt<yPqL@x7@psIt#?!O@xJ3c}$LEOicafv>bR-B)2|%Qnd5E=4fJr(9H@b&Y4rG
zz$j5kg^73s-IHzf6o9L;m$nb~zU7h>BMAOG+^CII9B!6EgQktyu)#WdZHH5t`p=pC
zl*{C&b9wXWY*NPkvB#9@<rKw}T>bHYmU!K1?Ym-r*CNG5dC>m6+q69XTK^I1e}69!
zbZpR>lY7ULSHkbE<Ty{)<afl+$~nA8NMe)efn;`Dp?}!Czr{Ys`94s3IGUQlke`B#
z$n~yh=L}sTsl4agc7^2mX!39g>rR5A1@8?vn*27k&8?ng5ZvQd^5l$GZm&e*$@8i2
zM60h>;#ZF{;mbkOl-71!5oo?kU?Wj0QEcg3WrC6odtW9d3A{+Y8&w@kqO`!oZILxL
z1oxmkFOSl~?tY^KW%INQf!PLURdftWt5BD{pPP!(1kpSIZ5Dnr8Ey5Fy?vCf3_<C|
z`KJw6mYq7Qh4nL4`ID!$zZ!B~wDc+V%+qgXs8ffW|A(rQ>}!Nq5zcV?%Bvb#K;{4$
z1_7x-L+3fOghA)<L777+Bgm-yL_2A1QAe~2qeE#-e2{GlyHzgKCDp$(SEz`yyp5dg
zR$1hPUQ&b}%7O^CF|E>IOqb@pha_!=BZ!C5lv|+VERQY0QIDdZNsIz<qQ)fML(&ii
z5vr268QQhq*>#Kk&T`~=ZnJ=6UD%%n$~bI8?e<pGtKHOAw(_&HO%#4Ij?%3*)LBhF
zU4N~J5iSpPPk@byBQNfg22Nv0TKYi6B0H65uCN2RsOjucfFU3rdp^@4|0cJ<9$m0}
zji(M-a%Uy$4@A<>KF4T4_ODRGH5dY5FDm<k=XC!b+Ae9k!YW_a!Y#Rr)HK?VX*}$$
ziUdMf4OPTP21QMO{2IO&oW1P|SkNI8X}O@kT2W>8w*BoLXit)*>q!TVnWvXcXf`xQ
z^9=Zmht(XUC*^jk^1R>JDWV1tf13@+4Nz4fecTN<o2EK^drnimeqxSG<g?K|yysR2
zH$H?igvGt6g$%}qrW=U{_pZQp2-bYf-#6nYP00K$@JPRL`7NW$#-(k*X<i3Y1^B_u
z^=j7iZ6}L?RwX`ye^PRPm6RBnt^A%V8S45u!Ds?P6?;`$q~r6!mmSK#=Uj4d1h2KJ
z9TTY`Plf)nnp+~N6KiJ~-<8-}^1apPL~0(tU!QhHk=eFxb>>_5DO~q7Mc1AG(c^qC
zUB7MO<4DJowUJq4;X=&!(v7Jd7e;EHjdVOt<S5?BWw%JY?m&hr%Bmd`t~wpfk}7*h
zU<FG#>Hqil55=3JiO-{*4{cJhQ1^BGJM*C`b`HAt)_z$$xo|ouvCc0_d32aa9oTeh
zF5s*Oz42uz(y-F|0TH(62-7gTzCKX*;RR;D9_oCCV!~CJUswht>Gf*bZ%%c4juj-?
z;Zgc7Wm;LLCUWZ*MlN5oZprlzLOT3u-y59zk5!8nqdK^FB$zzF*$hpgUp5_d``Dpv
zB1f<mdwq*_YBU_P-1?*wX6ut&5&Ayu>HBouC?{a>zT;Viosf26P^%6Sk4EC>dT4&5
zicU9oi{*3LVXtbpSQ=(6k1c(Zz3MNm_0%Y~spe*6I&a4<9JBzA(OCc9Wv6^8`cVC@
zJjbDLfx!-DGlv!JAHT3IeP^?_0lII@yXT4a3iIpPhz!ePHmK$2l8l^boA>io4J&4|
z*l&v(ZKX?0bzpi+I^8h$HQ1JQ5E)ImjgYvmEt0807jrX8K`j;x#W(-k4MkWLNq=Qj
z5aHJfyOmX1e3GTEp)7U~ZwH6}h^fr<uaI%HMo9+J2;`=PK{{%zUmxmjX8^n<HK!k1
zEaOSeBU3}ab-q{%sAyQEI?b@+AHhOArm4<atyR;xHA}_NM`&0nmp&zh9eD>VaBJy{
z*jU@U++5-u!@Jz5P0ifP?i(P0xqCu0#0+LG*Ze8weW`J`8%G=ZMA9Un!zPkV=HpHV
z>WGLcg4NyHUKypV4|YGqC<Q*oVzOj+c-#mvH3Hv$0)EMxjK<+u5!VMjo!U?_KEa{O
z9lN_>ZGU#R*?I41?qwx^psO>t18F$az2tDA`SWP%M~ZafUGl#d=zHZ4^rJshVeCL4
zo^r+^_peewb7_6H@}M*6)5?i1=gNu3*9eP`DqfyP0dmmpzh)c~6EXgq81YHbaz4EG
z=ZQ@uG@~WcI};P3wTYZ(TA;gw-{{J2QBf|+_|(eo`9)C@G04?h6t&7ltu2b`b5R?L
zqBglG3C60PI%-8I`~gX~x<gdhNAVdgd^Q(8TMM5Zh0i&K&-sPV-ooeF!smv<XL%0s
zG+g)`UHEJ&e6|!mI|`q33ZFfN&)k5n>|SJ%!)y*jABmLHN9(e-=MhE>o|Wb1`TN0z
z_aV75?25EuCo)@k#FXJBNqeem+wNYfN-UfCy0DjcWabkk19mLo62^oLiH~Q#QxYcf
zlc&;yKN$Qx_p=jLrt_NcpthkiSC^PlbOI6{%C8642!M7)Q<LVVqEj}YV&*l`WVf=2
zp=kJcf56h*bI3|441P3qtH$1wR=2)$c1_f%(yFmsBFp)=S#6%6GZW^-o$H<tLo;li
zObuO>QV*wwT30ts4P{nM4L#@P%FLCj2=fJ%l|)k>^j$vy%)Q@O|F2NjOtqq3Y>W&D
zx7`l(A`yui+aA}sc)Za|8>c4SA{RwpuV|y4Q1|89FC<g5NIEXjWwFO4W{+1meY#82
zGORRJq%?&KwYA@sHjQ@j!Cv5qC+`*N5OJmN{lfWg64<fq6G4VYtKmJ8AIDI`6z&y!
z{f8ztGQY#uQ5CqUbOvM03$}O<8bvQC)#)jmWPf3y^Fbr%kdZB+aw3r;wl@rQ_Yg28
z@p@p5Cx1If;q%wjkQy)LvfO@;|E`jenN(eo8Ijjdun;+40NpDn6~o?~?6LZ1LS0f9
zHUM9ki1}shZ^lsL^$|ydKj$a0bmnU%wF=E9G{2(#VcdjtRacYSonD(;fv3rTU#AMm
zt-x|V8l;ySgyS{&z#Dq&1Z@i^;8_4-JmlIH+9vII1HJ@EJMo9w@{Bw3R<=p<EbuEA
zK2TvZ&~E=`rafoG?PIDkXOr`Jm$N*dv#n7xuaD*>pG@cWoG@=;NP|_%+t4H9vA4O!
z#sr0HhGYMs@4Ct!xFz50-E}YNn!5HusWRDe0cKfmJdtKSV{I3;u{(N{9cdIpheaJ%
zMoQXQ&#tT~Y3plDwb%C7_dJ6BlKsXvV#yh1pImMi?*_;L(Tt#^?G@tta5wav)Awo@
zA`dxkKlFa~+4SM;fly9X0214gaEAML{46M)WzV!ZHUg{_EJ<aIRuA{ZH+C;$n94%k
zHxke^wprdoN9<$GK>wiy!(t-2k8tjTx?GYTVX{10iR_~y_feAj&`VjC)R+5Mll$o9
zLr!A)Xk2^Lifvt33{l|@pAHXoVdX2zZ}Eh4`4^DC<H6;04<wz#@t<p#pbpM8*Yp>v
z@huITZDvLG_)<A^tV~rRa-YeX2aK>!tK}EStbz{xQo(4Yr3M}TFvJV@jQXri`~r+s
zIhk)dV8wd$OO?$&pEyh|O_*1e(|wvaQZB7on4sJopVm{97Ev1I#52@|MMY_0U#{1u
zttm<qfGW4vrv*i68d$Zr!Kamg(;O^ejSl6+fDC0tX&Qc&6W>r;Ex$BleHZRjPHU~w
zqDAFIBr2!HS82^fX?-5f7N0h~C{3iKaveTRYjY0HUSDpWPn*xL{xtp(GO3(aZME0y
z)8NBIQV^oRQIk>`)wMoXAHSqoiNKej@FqT6eDuF8dRWO+;>$qdprNW>1PUfqEBz*r
zlLhYIhuFG}!9Ut$bIEBA#ie?&JjuCMP=^Xl!d=CnwWD_ig%b`$q8_x^zRM0=IpM%P
zr?rki!TJcsFD`5T0U<Rk)tdTF<N0<acJ$Ho{WT<TpZp}rnT{z6PQSW4v*jH3yuaGP
zdbEc%ASmrmAHQOvnqR<mDsZujm@q^@9_|8VLmF027!uyEMPM#P`pD&G5IieJ{}kSu
zicowE(^ZTb0_H&O+EcZsy3JDacjdTmqYMhGi@I;)P&B*R9-Cum#Z17%?CKWb0FG}j
zw25(tYUbMWY@w0-GM-ADV~B!NnzJebmS{agk>?XxD;Odlh$vvL+^Mrgb@uvVJ-*l)
zpL4Y8T<a4x%T+S)iOnjx!6!C*Xi8+dK(&)qQZG{qnut$y55lp8s-&K;Q)1XB=AN6A
zV6MV?j!x+%K0Wt*-5RA+zR9O+!V9cs!Xo)qzI;oret}E69Q-T2*O%|`=@se$?alMy
z5{0RMfe+gRCw-L<_W_U6`+V3YGU=OqxYwswXq44?O<2-x)Cp^jO5`|)^jQ;7aq@kx
z`)-vka}M=r;>@?-TdI5QmtnA976bc*iBZO^5%@Lp1q(9)?HBy;J0W>Twcav_BOFXo
zIP{mU>ZyFB&!d<BpRF;^E&l)47+bqVT1@b;cqL4$mS3m=a^l!oY5)Hk(|?WODL$<+
zH(cb_7~7Pmc!~~OiEoR6=GK_#lBP?}zo;$Ta&9y+wr=Xm33cVuT3K1P$*nA*iUDHT
zRt7GvbtN>cLn23xH;Wg$rJ!7+lxM@`5+zvDs`Sf71UvVp8cppE22Tn94{vV+A6HfF
ze<y8HQkrs7XdqyL5hEs2FyYOF7MMWVo+%S7TCge?gF<N)rMI1wA_!?`0v(5es-RUt
zbN`_B`bPCask|nIwgD6h2oz9ALEsDn7(hyR&GY@OeI}Wdf_R_*^YjCmv)}h#d+oK?
zUTf{O8^Q!g@SLb6&~GL9VFKir1sMjS3d{=w3n;?P%qwcU!y=2q1W50yPU4j2C@*TJ
zFs+@m)nQtD*az`d>Kuf3)!HyE8m4KGN}EHPkw@x`glStW&H0ldxj!sg5+;ka(l%^V
zw`!GUKs|Cq7vd~TCfO0)RaN9xazw~nwW=-*Iug4o8U_v3t5yjF%IpZNxn5APpOz`B
zu`1}u>naUT!5){Y5h>`1>naUG!2)d+|5Bi><?b8W3Xg2vb$ftltrnmV$hY6CjCs@S
zEVD3sE5BkC#AJ!q8ao9|6+0Ez>C1i@0>7fQ;-^Gw#Y-8j9Y^EBI)PPBXc~I4_1k#?
zRzUDHhOL4TND)(`Ts0aFxjHpiN=L#(ls5Fakf^Dkil#8JL5Y4Ch$=8A3}6#*iy@rq
z>{c=AY!4H$=(@#j#3@mTraG5}iS0_XnIN$}?9Hk$ah?)wUPz28k&<h|#5qc|St2nK
zmh7=acPU2cHf^MrgoU?;=|VQ82ZYrvVVn9q5T*;;lrHR3x}h75R~Y!6X^GM`-AXt7
z6C4Rkb*pJtydk1MXz>mW6mJ+w{y7%!&_eP3VLumGyh9Vk8;+8{)8ZZ4D847mzuMwM
znnS$f;T_K`2C;{9lcNZKjnnQU#$4!G$q?b7T841x5aH4x!XaxH!g=f9CRRG;UEhoN
z7V^(;O{Z#wh<3t8!qP49P5ZehNXMRj_SRJjBT|24AE_mO-c2yJ@a;M^J=PL;;JGiK
zg)(3W)w*RJIjX-76IxP&BgZbE*4$~m%IlhDO*=u?1QTp|sZXe1g%f-a)WSwBPScnY
zag`QR0kdN<5k4%YsSqRn&tk;rSsrn879&>9V#LE)jF>lz5!Yrh#;z4k<m|iiXi_Ki
z!uhH*47-(zg1*qVC?DFq=kTk4t`A}4vM^E^R`IPMhwLjGkry!w#*UM;mUy@@t7kpm
zu!#1(rRZC1b|JomUKhS=ioP3)zWt)__M-1)Mc=FV2F0wcHAV3~Mc-SCz6XlF#c%3g
zu^2-<u7;}fkN(-IMGyoi7@;baQ8$ITqWmhON{CC<KR(5vp2DZ1#iUB7s6(h2<Z*Tg
z?I(_<??4^!F?_H?b0G%d8}l85VEy3`YI&gJ{mKj77TNW0k1RcN@sfq-d=p!dL(2>N
z!cy@Ihr%e}nbl<+K7v|l7Mn)SfQDNgmV9f83|0H6Z$4mEEyv90!>p?2)(=`$T;uAx
z7Qnhyg=N7H2@D^08-R}Cq3FMTh`if}NV$E8Y}<!Ow0(#i+lT0`eTcw<t_S|!@#{4T
zG7}Mg3uq&ntA9kVW)W+$l%*<+*0;c-fBKFVeT$qH;@gY97ZrW4Ec)&)`d(l3y`|_o
zDEh9Wn?S|2Th!%wMe%xSve1W`qVI;H?|zrX>JcT=KaJ(8qVGjTb*?P>?k@UXU-aEx
zR94tXlGP~&K>t+#qM|&VMc>K{F_1INYZa}$tBTUM6txo+eT!159h+L?nL|C!O+5Xi
zWpm_L-Le_YPs6EF5D`e~6DG5nRL}Q0;dg}Z&xPL-lYH8~%Mg5QXci;rin8o4wU^_J
znP7^vV2yAVq&Iy;4pmP)jvM{h%=XhCZSbA8{~`Gh4S`-G9wSBL?dMnj^!<MD(_m49
z46!WkV$2+oiBJLIvHqzykua`-UjbG7bZ3~>q_k}Ld3BCj`(f5O{OTm4stUMd^|yx^
z3dmrQ%fiS4R#@b!FtVFpp{PZ!2_x4RNA`q~TZ$vMhLJ&W<Ukmy6**jIg@COg7e_|I
z$OeA3j;(cLddTS)=hPBaaV^i`Iv0eI%ZejA!^l;|k*mYVHT>$I=C)hE0Df(l))S^d
zW*x&xZ;;v$Yu(x!W(&e>{(6xZBQtCzgT&Ik!YVGvDoeQ{R=x&H=G$RFz^iADMJlLU
zp{wM#mU6-;jZ4a9z-HfbG(df4Cq7=U8OMSoYP+0{3RZ%W+W!?+N!3)NFf~Q^wVJY5
zx#I(pKS2-MZM(KLRNZ;J)08PEKGmyKi`6D4@nJ=BP_Ct+$_q=Qj#_xH<CqU4*o@Gi
z_P;N?g&b%&oIm>Qw;-x4Kjar&1DVu1K?`<w`!1V+G&Ax((o7z#8<A#K3G?-U$nROJ
zGV4&PF~h`bUX?*-BaK04B>_tFF7OuCw8HIScoi6^@h>7QfOZp>mrH5(CCBQt->Yg@
z>KB--vR`i31IC-QWbl7+v><zZZIik})lvP{yLGIp=MYxatLS1Y$Gmw86Mt$L-%UKh
zGYFDv4IxPrM7ku&7AJ^7zVv&EJ>_1kE5LJb%W@p{;pDsPaRRvTh^7CD6;8*V&XPtQ
z?}1Ga@cZ}`@7}L^A&CLMMr9bNN$CXvK~8kca9)U{{s|Q7cNO7y`ZuA#;Wv(E0s1=S
z16>;I_xfUx+%etBnzelFDADOEhjJ35$^{HnK0vsYLy(q|H5$h22thVMgIqd6n}{4>
z#HZo)gI}-fNTD(v5TB|O!_Rk<M*3_nPDq+gWNvTe$Yi&u(yqI_)PLj2m=#=6@-b%;
zkgEMBHT#*Xdz52guhzX^x>X|MX#OL^`d#i%Tgo(U)^O!a^Oih6TGsI~bmvtcSABlw
zgr>#^mNzdr^Xx_5l^Z5pVHJ<xkhn9RaVMIEKkudut){lpxBYC=0RV|N_kiQg{fVE%
zv+I?*y)(k!F~lYUeEj;EpA>Rd6gep{^QOP$Cx`mX<r`Hr=6<j>N*wKHPUd3w4}J8S
z9sRM)jZr?hgL}{d@U_{DMDI3GNts@eTc&+##J)F{xlZ|GnV+dVp7gu1E=&9emkHO(
zuN|_Rro<AnGyB<I5-qF?Ab2-IVB*csFF9TGNV}{44d0eh1o{z?5g7;Tz7#4A0&XYH
zPe=0#)Z1xnJ&kE;Z>4-k+{Mq!$s*6}1Z7_I$WZmFqr$4N@;1}y94kR~*X^<kscs>8
zhq@Bi$1<Pk(^^79-H@1T19*l~;Q+QnQsT|ICC9z*0Mzw{q3UuQ1$Af?7pd98C~Ag#
zc;8U<OTbyCTbNtB9?lJWh^T@A-aS-(6**A&&w87)v2YZC*8y-p`Br(yZt8_Z4T5C;
zkmOrsc+=peC7YK^n)n%-6BU@0M=NQ){UVd%mkFO^8GqQW`dA~{X@kS@ePa{el9@F~
zkv?nl#sw~`IdmXvL|Mm^m0CJo(yFkQsFGg7Urj7?`5MJJVAdqQWeC~FZT6#he8lTI
zx!OjvTE)}%a=)^?W#vXJ%Et<kz5uqQTVy8q+R`t+FR;xJ@W&7m-Lu4`!0X}`4gf{W
z21vlej;7p$#H_Di6vCZ3`LF0MJPG^fZXyBWuc7LNO-w?1gVjKim+B@(IEDOiczt8$
znD{6hz*zo20h{GJA`rr|G5m>-A=ne~hwkcl%peC$);gH<gfM9rOlH4q;OcWpTf?L+
zOhxc1m(=f)2EwFnIvre#cO5DmbV(IVsivw^NokVgd%K4Kvo*kMy=@aaYl|kki9zFR
z0!oG4-o9_FqIfLx!$_ePbt{=y1J~7A(&bG`ax=CpanA6JO}81l5+5+}?BRc=J+32a
zuEuDtKF?hJ4gN)Qg{#%~S=lyMFR|pbB0ef_GU19~Wp=dWyrQ~qr(Y%cgLMy_w2$Xr
z#qX=l)a^%Vrrb(-g2*Czq-DLx91>uDdlvcHGB=tFi_CR;!~hUR-QeehgV*jH%)HhH
zA6Sk{2JDIq$3cVEC4*rwLJ;`=6F3gKg)`4pwIHl2N`~OAYgE<eJ45PMr<tiC!Ao7i
zXtX(25z;o>1a1nl>wo<#`!~jK-eA`~r!yqhw|sl~>HB@IH-{?%pkqP19eT8`d<m3A
zkUsf?A)PV`E^36|#|`Ec_BY|Gc(LQK+*)GH_eFk5JpCf~`&kfI5ochYcZ9%<vmgrV
z>VIklDOwQsi|x@cu)ktG95lQhysFP}AL5P%mP2c~ScG_a6@GQfiR@|6%GhEn!?b^l
zo@?hTfz@iEvQ}zv8=f>@ZSl^T)vv#omw@f~Wd325{jQt!4zwhqRl&;c0h(e`d}BeJ
z8o<tR7RDx3fi-M(wuvZUd_2GF!^nAx6jN`sT7f<V_}#*<x6bJfR$gH&g*C~ni?K5<
zCVdJ_sUxZ0r2Uj!1-km_Q_z2Kvy*Rc(rI->_t8=66z8v84K5cNjjNn^dD3Z7#m{l^
zs8y~CWzwh3Q^)40L*3z^Fmqy13h=u&9Qh(E`GeK8qrxIG-lU(d6nv<+U+t!Uur^E;
zoguY5OjR_g>Z8gknpF56E9=;aAM`7h)K2|Q`l+@bDi)2Q7mgdd!pMwzB|gr^33@2(
zxVS57SGisest(oVdKnPZC|R<ACY+093N(dt5#_hQlxp?35@>3~ucdz=&QkSh8Pm6#
z5GGo2s%60HM~5AT)x3JAwXAe8umrW935k=mxv<n9M8mqZuBqEiJN$mwO_nyAw6L2i
z3q`fzq<^reP?R7=+X=E7FhL+2AMS+jO)9A7+`acu?9D5B-E=cP?SC|-9Ut*CT%(oM
z{lHkEzA>$qBVTTz*ur<~)cRO^)z8dJ3P&>dh6V}eaE)UnayPxEDq6W!RKhmM$*xOH
z>BQO9M<3(a8`cnxXKxh><VuVuromyUy5pb=)rY1mP1Xitb;nBEY8C`pDq7WMXUlti
z<QlOcJ(Z>fBpL4=Amfv@<7rWs@3JO`fXFIF2fg+B9WgAm+&#m&SE>?nD@M8d_{G|l
zJrLe|XXdV#T1q^7ZEXWt?fQ+3U0?kYCiLQ?R5SndZLRQ)W5#=iKIW>NSW+@s=L}Wf
zd2Q_&K=h<W+^;ekF(VI09DGV6Hd|GH+6{eV=$NF*tP5tAY8qV1!gr1Aj5X8NVaO_O
zsQQURRD(N|=t_)zjp!|OQ0e;otE#K3TkSKCsU`>{Oi<MXGxY7v?UmeC3Kz=-g5TPD
zUf3gS2^|g9VL-f9CBcRoiF52L%8h~3$Ka}?a#eiV+3XxC$?kbiLU*q!+A=o?JJ^W4
z)U851@QEvW>xDUTkI`28ZvLWzKN3b6sMd^YMsAUNx0UPcyULbEYXy`rRofW`q9$As
z*6`s@wlYC!S2C-7k!3rzqJd4NBBK4JqKdy|To~$7GjhX_s@L$+Z^<(UW46&{EEV4n
zRdTZAXQxK73HA1GrNhaM?c71@W`9e3l_#(U{b`@8=-~eGVR)$>aNemNw-L&JzMomJ
zNN)XO(>f|TbipKuAGj;q7%}pB#Nhq(lm<+Q8+em>2Fr`Jqds+=&0cO#4+vFsUJoVU
zvnuHRERAFq`^H$0!?gx4<WsH+fsXG5Mc)FI;w3^_&9{Kd1gLvFwY*5;1%b=)y3?*V
zsX#|vaLvbgVO{;v(OGpDGV*wGG5=&)c%#jns!XY1#w&m>_kvxub|6=2mVgMN>~hqL
z`GlJYQ~8ex5;`hO{b`tbjKY$65FRzTHmTYYNRXeoh%(l*pYp5bG#WK0TCK2vp>PFZ
z6Sa!SON!EOuyFV`?FNOsuB4bZ)?7{Sy&*g)euLns`>9f0S8%YpM26JUcj-6{M>*WG
zKZx^R&Dt@s37?51S{r*}$=e5Mt)!!=W%=zj<dj6ELzyD^{fd(Jw!3b{d2lxL#t>X{
z%SvnEX8I0m(Z}V%Jy*;4y7D{RQRR-}C41^}>dowmP~RhV`_Z0Y=IyJj%?t8--mDMe
zA3dyQB>oJzz;7HrEIRzvLC^{jfRBS67*og7AmTi%n{OA1EJ;k{NZ85OP<1zSsV#k-
z0<q1PC{-EwRD1d?zytg0w(NBx7v8!a>)Rifkc@5llFzp!FPc-{@lmo~F3>e@zv-(a
z`Q9~md&$jK-K;rQZRRs9j!TTFCkIQti{(bu2-him<XZSsjDHMr5`e*VW1`Z4Ma0*u
zZPY!guHzEXpal$l@nOS5zwVRa&_9U;Yt+z<q}kBdQhKQR=MYqet^ngzsw(AEmFrWt
z^cLjyXSq81a1&x68<iGW!{R0ye&bLYju1UmePp5GEzrksNwZ+1Rix^-MsH=@rb&&Z
z&xMnt3T}OIb+kP7#eIpJ)eZ`c0?#Ge#NYC|(6p9Jh?9R*WythE8ygO|v;E3p+!@*i
z{%xLBW#dTC!kyc!2(CZD;r$EKD0f%87j6YCsc7lEJi?4|0oEZkPiW!4qX=oeu5m=L
z5b9V!Z{drB`s-A`U=XDNSot0eCYt-3`R%x}+Y-Ch+K=rHJ}=-jZ}C=qpO!{*6?U}#
z1<`D5t5jg&24NVFjH=2i9`I=`qDS&6WYnm9b6Ex1Sox<ykkWH2YU~>Mr~RSu#IAee
zM&P`ZPsUjK&++VkS<T7w>L@msO^Qp{HHoRXwrgNt(k8~ftWI~V=D-td8JIw)$cKZ&
z{KanmTQXN`y)S=DD?Sn3p%`{8uLnOWDmJRSR9r%D*%O9)8_Qfh2qfj6p{*_R^AZhw
zbWg0xneSJn&4M7nP%5g5D%PsN-`>yL$su1rXKAjuA-zV6P!1cphsl$M_3!QA*`qqh
z>8&Ex{MW=MS~6#I9fV3E{<O6QBN)8bgWvq42u6S4z9g&$cbRx2R-=OYoNec`A2lhQ
zErXM&y+hzUs^BlHcs|L)POS}wKgFZbEk#@cda3=WEuO(!<k#8Yiu$r%eTfwJ<riFO
zfhDoa$8oO}_xDfvUhDmKleogkyuDNf{@8PSn^X2%*U)${ad-3&nJc^1kx{&_u(a!o
z>=v=iZuFn6y}YrfacGs_{B9!VXFnfFPH)Cd=p!93(XUB?U;l98&{%pP)*F<^MCQ7F
z#^4%<qT4q`5_|i-&z1Y7ZzQMhI;Nu%i0xY8H~0D8Os?VFs-{gS`6dNg9dDPpvIoRy
z9ls&{aPrwP_rH{Us;u|<G2wb?b$8TSw)aH5)TJuDa7buAqp_#O7CF-BBKhoc$L`4|
z=xSPsrnV>co5|s})NT$X-`wR~Z-#fx{Y%Cl*Li8F=t3m*z`w{5ot?a(l*={O%x-Qi
zZRog4CFPB2O#Zv7{>%Qt&FWAJ5!wL#YkUAd1$!0z{Vd;PYqEKO*`Pm}TN>4oXy?!_
zUhA9ul%D%n;?$AkeUY^L;;wi!y3&2;Z&kgLJ%!CQK5$!-P`=vuIe)pMCeWUgX4qSI
z%Oo|B9NOjFr@d?5UGhZdrIS>9H2;@)wi2%|z4#yQe^*}7<R8#aZXQEiG}b)mrH%pn
zT9W5&9n(?MmN}_E-n=E|&D=l?j)fnV3%DrPs}#7aEi)-h&EHz+P?gm;+@Hjh;=Vkm
zzC0E7C6Y&Y&!Mc-9~<G?t**5eUAu+N)ambmH{KY^tz<}Hcmv`5`C;G&1-==aI2&(A
zX9ctL(;h_i^96GF>4$^wlS8+13EUf8tn9}+FO5}H8FW}`up1?~!MlqJMv9y`o?^*G
z`Da)JTW#U!6MSrOX-RGk>`ic2xvu;wtsvQhC6%T=xbEA|vvt3keC0nWaIT_P4;O$r
zwzN$bu};6Fv<u#ob`#~)s`$v@YGpiBU!Sv#LHs@WzoT|MWoZ~rqho4EEO4N{>=|~<
z>imKVJi(?N43!m)WK@A?E^s5U0(C0zTNSvsxPa2sf(`xpuz+d_USC9k3sm6h;sT3w
zgr&eTeuJk^*@FN^jA7&|Mcx}mZV4mt=gs?7VPp_S4k+^4FjD$|)hXp?aCsP66Glc9
z`K>UrA&iu6GB`7g^utIgCWAR)q$xP5b5#YAkDm`D=w~+pHMB;No5DyPLKNAf$lr&N
z?O~k@ROj0#yJ0R1BRduOTo}13j9jhA2g1lTVdPpx-l|BDVT&55x&YRRfSwEq9t;CD
z3OviZh)QW!w(~agxC|H2x82KuU^}EBMAcCfT&B(n%T!|4Ie1myD;OA4KnD_RA`c<K
zatXaAeH&a9V-sv1&bZ?W`0clfRzN>p%yp>153E3N`Ea>n(TQDAzG{E`qQzWib6E&y
z@!I<(&$#8Ls-m_+4Y_45PySpo=3W5n^m|kI`^hlz97X;;jQm6R+Zq1u<1*y}7p5D2
zCV}uGcOJL+wZ3!WO!>8S4xBX8zTmZ)9Ey}sPLVP_2>xJ^lFn1hvfvukVt)L|C~2TF
zuGE@Hho#jIi{v**gpu80<QheOIgFH0Q#rTt8_W(PB?ndH0@ZnhMP49Jb_vdc2Zni~
zVIE(3CWVoaFtSdOZ?hORl#(#ALXpoY5*&~|E%>Bdvt;Z=^8{{S4*HxB8r`B=Y6_+h
z%zc;60w?VUTv1L`w^6o_=@J%BLlM-LemnoHTn5+SR~ykoaIv-O6zwsduQA1VKeZqh
zzi3>(H8`_mM^t?JJiO-~6vQndn6YEJP1rE1qFvNB5*+fw9sMhqf8FFoHO|3p75*YW
z%GoM;euInPVf(MR2;Y4Dogc+Z?i^xpd~5sfd;G=5()XE*b<~(|;jbi^b{mTn(S;@u
zTyaiN5WDedBDX>`l90YIP9hxr^YNsy0I<>ZPzX;w5wKMMBsy_SCu&LJ{472`U;_0F
z(z&S8xF{@{pPDs3bx-oNY`^#x>MQNom9HLsC3e%H=^--J?mNA*<1~3|^fxojZnEAb
zkDMBg@lt2<DWi#%N&?MR^DE|=N5~#pFye1WoNV|Wy$Z<Z#tY8p#v}Qs?TEz#Ntufx
zL)E)Rq^vrpDV8~h8_F-1F5Xl4qFI{v<J~2viYRu;OB9MS85F`V{zH(3n0YiFllTbZ
z!WIBk3;qX|Rk%F(EdD)tsF;^uUX&~IbI>XOW9Vf1@@?`s=jE4?#r#)x@ges#!!skv
zl7MJWr3^8IIL?Z6NHVWKk)nKcnw}<$;QfTCp9M~SHZJew+k@(FAYCOU5}coKu1XMA
zvAG%Wt~C=6>68RS$%wl3TMxglfKWq$1_gS;KvaP(VE_>#hn<25NP#8=29!*|SD-{V
z!C?ih&!tYZBpE}Se5>Fd{~Y;=+V?ExZFh61HR8W4srRv%jraJc;*_N&TNAoWIblB_
zhjdB@ag3%KhAoZiLTjcvr)}^ieJ<in!mW|~${~9yN$dx7^=J<_=;*MVG>4EGs@}dY
zmA=>cB|cL!9UO>G=CJsW;J@+UB)^Ei=Qn>$=ul-r@XGHX2$(jSf0alub_xFK_XwuG
zEjEx?9&nLgTTLe7Zyl#5B}CPjwcrt<D&D5N?~6PHgUA4Iw6w$eMw~IqzvOKC`mg*;
zp7@|`y`%k0PSPNE=3jDf3JD+JUvjI`lRNV-`3pQm?aaUAy$^^G6#19jcL`%gVX4vn
zr?4A1?)^O*^%xs<@Yb8*;8U8M;`bwxFVx8yc0@0mAYG_2_z0hnA6(o`UZXQV(Fb^k
zg#5oXzy87jI{>){LU=G??@{tdAB&u?`_4M2Wqayi9aY98a=aCA@Pb(8)Pon{T``{d
zN>zN?S1J;CW#d7!ZIac-)6-d~2nM*{(3YNGMLlTRJ8sDD=T5}(Zj+Gnv}c3yufD;C
zMIhhf&hHVN`vC#7cTrEh)SYxRo{1n&uJRZDNXtyy6_f=9B&#x>`F)Ral)j2t(dhMJ
zj_-N#!b^3MqixzZqaBlDnWar^b>_`KRV~eb;?!97VyjXjpIGLbeh9aj^W@JNJ$F=o
zs>jK{hdd&^oA~94)6PEH-Wy09%`CafK5dnCAfE^PYPlkJfr%do<`(NKd1qbGNlN}P
z@sHkea?4z|&uxwd2XV&VnZM4euR;v|eSe*;`|QMD=UKm&Pm<Sz+b<uz-KszD<FE7W
zy+hp3yv;C*{B=I91Vj4M3jR9R-z);~deHu!>Z7Caby+O^h&_Y@BZMHc0g}~nizs$z
z_<0uaG^BmXmO_&W<V4nMAZoV#N{?FbTZRlRV;GHg$@eqg*EUU5pdWNRezr0u^Qi^?
z!b~@DhV_IOnJ`;^J6JUB`6;9ENA>{`^U(CJ5z?*x&^>yoJkpkar!AA%JSe=_tw_F+
z+}v)DiFqlxbdmtD9XISpSHz~BQqi$3mN^nrwxbc%PT0dt+3uU2i62b^SonR{8hBpm
zsD<z$U;0Lyj>na?cqlLEucRM{`k6||B*eNcJ@s`zD>>8<@37tHrP>e_$K-Ho7UC=I
zm2@Aloys<2PhD)^aX*oBYhDRWeA+zG$K+=H1@uQark{TJQ1$%Xt&`Xfg$>e3$Io)l
zfy$x$ME=XPHiYed-dn{(Ljr90?2sU_DDfp06c&Bou<`!~FkuU1luZkG?bqI;8=7Rz
zu!|(<s2o7rFgxao{MQA`CP-Bj_P{(X8ZVna27J{Q5<&JouS<4HDp3{u;4*oM94<kW
z<;&?c_2GD_$71OzhsV-q<AWb4Hib~^x`}MLG5ndoN;80q@h*j&?-g~wNfeX~$N4qm
zfu>S~YD@^5@}0{@7WmM|H|}YxqbQE;@91$e%@1R6Y{3uX{C|q5J9&mMI_L-#k!RNf
zD8NA7ZwQ9Y7V{sDrY0Crkd0z6W6OAl{gC&kv`lP?U2p6Lh`}nm8;W4IenZu}Fuk_E
zWY4>)BqEeqCa$-WKDZ^8GM-4^NS?)<zJ5nZmG-6IIBuuwF5=e95l~BLnEEJwfg-&5
z)a!NqRx9A<AO7IF?iEK}))Bkq$^P*#&W?`#Wh|2&pvG9{O5=ihpDOb=Zw7PmV*}gs
za@AhwF7|i(8#YLZb{tZc#v3`2w3b%H8d-vyA^lac@dL6Cy+Nb&<?sGfj@DEyF&<DV
z9bl$P2Qf7?H^Q5TK3iid;{PF6ys_VJe9RxefxAEo%Eyu@zVVEVg$lCOcg>YcHG5Pg
z(s&o*%;3wHalFoy;k*LN31wn+SD7W!0=1bf`-T-Q4P?cu46$t4oysgGEZ<=KGpzYa
zD+;KO+f>%T(seM7CGV_}fw1y=sl8MoGto_6KB?RtQ3{X3U^5sY`h7hMyONsFDB7J1
zrz1P(+voKJ=Q`ET&V~8?-AT?<<6$73X}Y_q6CEbjtYUxH5)y0{iHtA{4l#7P&=BJF
z1M%iy2~LoBHVdYj{WLhZ;Y~<EVTg(^WuxZ_b-X7o^x*qTVFSWs9b8KA^pWPV<Ex>D
zg>rF}#GTadbv>d*7uFt(`3|qw-KrS+A>jJidE$~^{}LNx<uJZ*zOmEFD1U+v%b&9`
zx5mt>^iXxZwdwFUMDCUeSL@i-o1c(;x)i&D9x}Eq{P`Asj6294{Ma^H8}+{0CZ*sw
ztBH+UnvRp(nlFrYJlB@_CQJq*3b*#;<5q91-B)n78EWUC(Q@<(oBSN_X{Fx`@`p$R
z;Ch9JTwDsD0cUiG*zr!fVW(W+I#m5N7B3!ma}iX1ww`f%StuAUg&}cn{$HIasJ|^$
z6O7Hp5#g2eBHh##%Uo8cFqqNqr?oZ8vnQqyq=_IB8RAj4{Hw@p6kKCz<rf^~Fe;+$
zSd|!tcI%hgikwW693__IBj%}0)*UMx{#}SiH@z<WBJ!%1%*E@0<k6<e-YfS#$`nUo
z^Fb?x&N&aH?OGMq*^z$cZ{s{S($A^?i+-+cRzD>&u|@J|m+Rz7bkYDMz+}rG_!$$$
zSUFUdUp%T6Mq$iJlwT?`IF5n|FzB`<_O9TjX~?*X&zQn*tvm-vhqk*46^5#pRza}Y
zf8dT=YbAwY>u0&*k~4d&ubE8R5A@^jRG^#NZYm2<5~q+YuQ_jbtGrHqTjrX{mX8U?
z1G|8~;y84JHhi+5K3h{AB0?xBkp!Y39^unQ8Br$dIGNTHX_*`x!#5G`#aWpU8d@^F
z7J_5g|93AnMBfR5f%ARu!X6Mb(O{+&qJ2Zv7eP7f!iR#f%xz6TSSGkNdHl!Lsv=Ga
zBk_p?V#(X0nuSD7Q7z5IwX~&wp;{!rx=dLmw4l{$lv?v>#11K-Y<zMJ?)d@2EhpC4
zW9yq5xkP|FD2<ted%yjL_hK=>8zd}K(V0z{&=eL@A-hg0*`xQ#X=b#igS-RekEPio
zm{UbIjbJqEMlqU!C;fjt1M#fwVUB2PYIZ&Y@n%T}TV>!#lafZXn_wfB{hbg9AQ~P)
zlF-NBHisy?v-A#BBt*O!A>J{-8Hj;yYfv7q>wJE6`DY6u^skCdJ)W2WQ2i{DP~}N|
z$MU43{OE0P;buHLv6Ru}<FWMHOmW}HEOJQ(VxRk*DE>$#9jt^F9JKdFadfx5cZaIh
z%>q!F@jK2CHo`F2SJIQ}11E{~n)qUzA8*FpnnTTjO6+Xzbe^`!68&^D6bEo_X5tj?
zR^j(q6k?LrhUq(>joUuW`9JF{Id?KCdVC<9i6&rXGqI#{cqYteBuK?fjMaH-(SM6a
z-Ep5djskHWC|G`{2<QlN3L`r4*%QR#;QuY`Wk0|ACq8U=eomjcZ%Gb830raXl~3<m
z68O)c`4f8vD_a*ec(xsG4tUqSD9Y)~T%8Zzw_#-SU$Xt_HVq;82__oo{j%lXqDX!h
zK7PapHNDYlHI21USj9mq@kdnwmvQuE$16v53w^lFQjUGrxMV1ndGKAe6c4_KC?KL^
z&dc+=J03cuxWPBbB4@uxq|l&@4YMu_PO<1GgWq+IJ`nHV-&d0u(*>CDwJ~b#R1ZJ#
zvaAAJK-61^joiRJpLv;uAgJ@$Zo8GjcT;>}PUj>H8&^JBO%(i`6u4CXq}JISdo)we
z{KT?fMoNN@eU3&W=PM*Kx<w!>!9Vl9C#NeO!sI<y9>TnEfwK~PNKinKwmn#Ojk>4f
zqTXpZiAuHZtK367>&pMQ8wY}RI);3&JUkHGr@p0|Y=?=0Ur~fPVkP<GcKk98guUHX
zzrT<pk%pu6rWTv+e7&7VPT=_nKRwmlr$?#IZ6nm!+KXstv(^?SNPqLWpEk$&dXHuQ
z13O7{72>Yvz2`h$xGz?C&o+V4g6@myeJ~wd@z);$;4cOMJ^g&{{{d9gRv~ybhl6)L
z(Fv8)72BQHr7IXA;YTv8_XPI?S(O;c9Zs5HXf$Avs)z`Fu*nGt4Frnz3SctK)-7nU
z3uGLPS!dtphL`oGWxW=GG0SfTt5A_?vTFo3?kH$GH0C=J%bq4L*;7t}*_1ith<w4x
z?|Gki6n|^)l^8pX{G6*pCsr_zP=b{-77B1X`5LM|LJ9P>LfshdYgP1yQtO_Lo@=o4
zYsJQMs21ao5CLrAta8|Nv)m?HkU;8ohAet`P%AtM>{GxvodiBc6;|5nnVp?}nE3|h
z9B}&B@EkxzVwjza@1N`fnc`u*s*e4*gCf)o1%=y#tsg6{N*zHdC9pZGFFNU-{V1Hr
zc_XD1a;Mc=MDE<_x}C^iuSZ2USpA4sC4v0qf4FlsBc%hmOUOf_Lw+$Nn5z#3E69}p
zGV%E@hIFGnxUi?9ga^yrA>EY@zDT}k>P1=Q0Holp|AZ(V?W%JqXEn<CbAxIu5TQtL
z|5@6a3sl4%l7dQgjWhn_3yd<2yzisCX_B736<_$Qqa+6(^APB=qx@?59ZKbVVz-U}
z_uld5C5!M!n>inKlzi5^*YqCFk7?vh!>z**yJJUrLh^+sBYrFx#0be<p&ETaYN)!W
zG^84LfK|d}R8(LL?6Ton4Zrxou{$2>OIzj_B8glziaQGROn$GC^L}A{+qF==oVV|G
zb9Y>t`1=W&#8jS0oI7=q=Hm~mAmLj$(gbQpN1EMe9vW+#8Kz!lT3y;_i!1+;g1wJc
zGwegV-gRl<O;QzxAV)gSn^%(9CS;8uq|=+phJ?WhG=p%^JuAGFXN8|F<E`UieT;0a
zS(6;CX0WVl2V`cAOl?5dqP`zmifN(LfM@Y(XMo<jTfIWNhKqFj)>fHdmaSYDPfw-4
zXZHz!eO00-7!|q~n){#<T6xXyE<N#tY~}6o?9@IpAkQTFBmnC}0JcO#3dH*1`5cwM
zLclE(hFmvlZ6xn(8lGmJ5Xn~GcC;Q284A8>o3mRfn%m&Thir$f&hL@upzhxAfIck!
zViD$61ixHCQy}R%=Z)Sz+0RDlUsqBkMrpbew;*=Quw3ZYf?TNcwmZR(5;(QUmX)ow
zcryO!fMAgMofv<gSAB})L`UEC?w%#szimv+_cN7a<Bb@}&mCJ4Z+uF^A<2lw-!1vj
zTCqJQ9~uKdW0{qreIxRrw)7?w5h4C{A|kfP*D%{{OAo{w1Jx!e(bL3;@dNWXe2d}h
zq+|LgR96cHDRiVQvwn`S9LDXCw#?dg`{ruGtI7<**XW%8N-%bR5jBD$l6ASik{Zjd
zTtMzvrqh0Iul&^kzwbZr7mH)JtvTt@A0B_mkv|b5?6vlJsk>AeXp7b}6r2_Cn<pAm
z#=;v+UJhaMW+*cgOn47@1SW6WMGDaGJ%F)0y6j8pWCOx8?Ss6zX7Br<lF6%JBQSc?
z0Q6Uaex?+G1n<h0w(Y$=Hhxp?2f)Rc0Vqr9laAUz|K9=GN?(;!x-K_C<wnN9MA3hw
zQdFin{g?fp{;&Fv<QIWy*nfm|h5jEjy8lyl+JDW)ZMF9tbI9fEzuGw5&Eox7YW(JR
zINC5Fvon>`=(2ltb^VEZ-*ezse)rMO`;8j_eoPX1fY1BnBf!515-F_uFu+Itiwgxk
zt_bkIse+9I{vSsgx!b1UWD<N#T9bokwA^+EeTsX>4g66bpibOteVNYc2djck`2epi
zZQ0(5#H6GYi+Z~(0D6H}5TId!?9uIS;q_uz9=ntE=H#*OS#RAiiSab%wmU4j_pG;{
zkujFuTD0D>#7H_}tWi`jLL(=08RG2dI!}OrMzl+8ixoW7g3#&4s<@ZY?Rl)GAOl2l
zKSva?lZiBb`~SuK>8YX*oWCOEgRvNyzu&3g&gSn*5<blQ&B&~mFn-2_^^#Y%^!}r&
zCHY+G@T4KR`1Ko_G_9w^!X4@3`^?t>RlU!A>2`B^qgGM+B@=kRK;F?)_L!9x-#&WY
zv~3m5TkA^BX1Fbg*Y47~GG2RnEVHWH&=V`#MbHbVpB<PM-Ys6Car=zaT^;-6&ltwP
zg1zp`UMiz<$y*u*MSeS;S$<1{Oyf;{xHWT2Lxezd`{uHadzL>}5y57DsD!_XTl2Gv
z`RU>M6333zl`F0b``?ke?xU_MtBb#h-rtvEn9U<U;x!xZva1BY<<npIz)0_><agHI
zD_$z8oWuQ}Skz|XgZiKQAIiN49<T7)#m?*cp#JB-)_4~)uth!TdLY3OwX;Xx3m@n+
z=*xCn|AzS;f4RxK{pME^2O&~#z?H~EC~QO1@?+&dB=O|-RD<YAwBsSZL}H>H_vFh`
zcO`ba=_J*hJ>pM))lI&eX1LIKgtRR-1>2ZL+aQA<eq0A5sbe@0L^>v0tQ`k}KXEt2
zCFul!{segt0_gB4U?;f+1zxAdodd*mjAnQ4djKiMioe()AY0w5P=ZkYP=pNiTxo(M
z`YVx6$nco4K%{ssWy5evk4tgfKl>wn4Ng7D@#|+S8sXRV#90-bI-Ei!eJNS~ZYO`2
zR7F=NYAahzEMg{k>4D|%mcXMd*{?SkSJ?wStBiI&du+7x-cDtm*doA|<QI|)erU--
zy+LJVzjCDqC{TNBWha4&#YJ{&v8T!MNA?E0R}K`iRu-}rm)otloY!KPgkbZpdRLqw
zN6N=vLrQ~$v|gI>EFFg=nD2z|k-$UA@$?de4NIf}t#a?U+s-ff!<u^p=^gEL&`++`
zjHlrQq|$_^TFvnEPZycH^_#_h*TPqYzuYocI23R4X?c6XxITWVvczA1K7aMUk6cg4
zt;>lz7dZ3Se!hYYdyvc-S%H$oY0^Fgd`W&YV87v^vh<!<{k^J3y|eu#o>|6@J&TK{
zXH~`PF~cA5R{Uyrk*;G=yqLNRXAj@{=e{Uj{@Ip3t192zc}wl16ff!c6u#&5RZ5IH
zM2%Nj&1%1!u-Ek&RfWY$*GxXt9pzI8B8&|wf$Iq$?jdsBM_sRiTv-$VbY-!MoVv0o
zXqW_CBjUr|Nu=qIlAyPHc~gt8;?==wLj1Cb!>rHl#dDI(MU*`D<YTgDiaOGyaCZ4J
z{SY*EGrN3c7;LcAmZ*~ESe*EY>~gDxxOtX-DrRoC554RD#cu5k|M|B@!hhP>{oFP5
zQ%0zzPnr`A#0LkwD)uoSOP^LH3qpjwyqNSKuY;X{s-3!HrFTjqut3e!_v%FF$1*dS
zvD2#j`mNk_@m9P6Q}Ds9yEZwc#nOK=hc~}|Ma@2~X8kOkF96Z&x)IT+6uyQvi0?pJ
zeFmpbq64UJuwAW}MNq_1D!SIML6!c=uSfpurX+tt$iI(N+fKD0i)Kp565$sW>9tl^
zP633h9pmH8PkE^$)Pwq`;$vMWB&%klR*R6FI`T11S2%zWTcn&@|83IrzYfV!k=bRS
zZ}7`1*Yjn_>?hkXGF98DT=adV<#x}P=!Sh^)>jGK$-%OYZ?`O;Ui;0{zj3CQI)FG$
zW4oV4$E^%BvkZmCo?G-CR+=rJwLh~*QjPknZ5!+gHB(L_udyqwiC@x8HFrd#m3k~_
z{@R$5+z`@GyWf%=9NTeVi+5vX?edquvJl?LTQ|3MO!Ad)&L4j_cd^G(UM~|}(VL$d
zet2CIslO#Nx%M{sHEn#Q1(X?kyBwT0zB~S5FZD|?qshT??}`olO!QKi0Vra3uj{XT
zN#9deJKsx`U)Q!L?cE5g$3_2piJACYV&;2~^Q_e)FE3}7w7%D<v<@XGZ$Awp3N2V}
zYi-?t!?r%Uw(D-bB`j(ZX4^{2u#G$!_(CjBjfmlN$xfb7KFYYvDb&o}%qi3$q<h;S
z1c<XqvQC2rddmd8(5;nJ^HR$HlhuUmq^p#25|J*;nS<lx;2!7@)w$&0ZeD7N`x?hX
zfSi*IRHt_&762-Zwru(Ka~5Oq@vztR5MvCxy;^J0ET_IIlQE5j>wj96*5luf4|}|Z
z+eOX|R|6f^BeBWv=}HA1t{K%~L@0Fl_^`ugP)uUTn%p9C$1)g>-hTR5&gn=TyyQ&3
z@!c3n<+1eyzM5bn<Bf;|xQl-)pm2FRmYjapnFr(KekAXLGfzKb;Wy7J<h_BRa`$YC
z4OiJU+;t2$x&2I`#T18274RoFoqqP&2cN$9tR=DL$+ceU2~yyA_HW5l*4}i^qQt_+
z`&%FYV{fA;;Fl0_51luYgA=^2UBP#MxTAjg@o!HY7dxyBGmUudSpTMl>i+3xFYz1i
z_pzx-RqIM|rmWWg<C2cAeD$1feB*S#u`kSP!Ec^1ocFWCdB1Yz{BssF+>yK%gkuZq
z?V4+o1Xc#)&)~##9XD>niCpPxA~_V!Gcz^ap!GAIhNa0tPwRG$cgc^mMqm%>8hb|b
zi;QAk=k(Hum%51=7oXNl0m&bSkz3Bdo(vWn29Cn&zf-AU_0J~^WA%jXAy)6g;NB0b
z_j}o4_2($(u=*L`eJkTA$sY<k1CjI7*zw&RTrd%SGX1DFhurgA9+oY7^*>$^J=$mo
zoj|yV9Y<)ya;=ge>XFb8qh_dj+W<Sm4!aD7F<!FO>I>~(g57CJ&5Yj7=2Bm{o8=BA
zKR7Yg>-sea#L_COJtA?sk+3)<?B%b_mr>QPnVFkJBQ=if5&J*5XGt(_A4uTagTqs{
zdXc6Ks$o;t^?1j=g+<vJCK$27ur0NTQt^zVBKxq+4c?O(v|E!`!Nu5`tP=@%pEY^i
zKODGq4a}{{amp=K77j?%Vz&DHPf39u#0gp!<YOXVkv6XtBbm8eHSt;>Sx;U>7OjJf
zP5PJLp&=2q=z5Xq%YDQK2#OlZ?9KzHR+BKs5=18*Dt!Vrdj|sfBOqo&JDomq{1k!g
zfs`15d_c(iJ_Pc?m)zK@g}p`~*DAN@cfhrjl3ds8x|BP)*1t_8@tnm6v;1Ds^VH+~
z+Y96eBIAoZuG0)V#2+D#tyEx<A$bgOX=zogc`33UQ3~v;b<~Ls%@oh$rP>P%<LecL
ziFy_O#3t&?;b3+~JjaED`2@w>L>*1;kqzvLnR{9Y%A?)uc7oyVb^mhEj<&j9EyA*4
z3cq~&=pk4q?*NGn<eONj4x3IabaLDWbn<kR$l8)tP|S7m?~c-H1NOSkqXTXSg4&Oe
z<b>dRl2I+&S{ok-qHy@RXU)Tqh*!1+=NJ8hetn;p5|iO<ICb&)_+ChtmzqFi<6S$P
zcR@|)*RIg7H`Qmn-Zb~gAB*filf47EI~AK8+?8h-4G~0{PoJMSbFu9$eXL?}zsp}f
zdlC7xe)9$^q0hjn^lv8pGs2WR-TLHsfmN&nf1yc6BuLPMh>*z3abIW<u?1r|$SOg<
zc=5;KH~$MxFLxv>NEUXE09@f%^$d5lXXCfv(%K8P7-77Y>9-Iauf5P1GmHsq#`0&1
z{zS&|^h<3mwQ<;kR}dKso&ch$9vVCohmb7lUmV0?88eE*B|b#o!VUB|+#XxP0zVtJ
zLO?9v#|}cfHO%rMxKqHG$!z&9n_RDK)Y<Zt)jP6-Bet0U!<K3jzx3c18))vO(2bPX
zsGWoE&i4b|*INMH{7+DsQFYLcCUR@di4hx>pY;bCdvezj8S1rpRMgE;k9rWwPK+GP
zp{m?cO4=s!t7qj=!@cx;BS?aN#cd+I#QE`_>XM;{cDiXi!^}8nON;t9JYS4#8YV%9
z2il*i3!BD+mY+@QC?ega)v-_Ri`F2qwZpMq>a#-Ck*(~}XWp}w?fE<vr}McBwf{IZ
zeqH!`w)@RZD71Gs#S7zmg#5+hn{oU5jBm+#BV#LNZ28#+s|$<j%Ir|r8@Ih*U3g+F
zY_2zOmHNGKdj0RiaLRMjOsB{Ygbx*+AScrEq3Vz17>>5*=F=d$UCgZ!-5Mjhxo%l_
zh&A{NRTf6Q4WuX@^=IC<r+bX_bOJri)x##gUw^#RVb<7C?&JK1N^o0!TezI9E}Cku
zkPzHtu}iCRkJ#p77e6QO!WDb}^@sh&=i{Ys#y^V8_Ti3CKs9!$*h#`}rZ8*nTiS~@
zI%Lqi)R&A-h1?tb8q`4ao<+y%4owHZ|5hj~OC0f+RtsMd<%ARo*Q7oo)MVw>M~Kt^
zijO*U;w9A=^N}L?qR3l&%cipZ5B7&J>N!;!x7Xak6gpHBR04CYR2@w_sY_<c?$;^I
zWA!hpCkr^~%Q)Fg658Fm3s#MlRf7(X9G({WW6#DUM;O7n#8#GdwfQN-7i-pUJ{7k<
z<|xZR?M|K0z}eJd739oiC;P)3zyA3`qd1vaGNq80yHUYMMm4G%#t%zUIL|MA$u(|5
zv^Hz`RWTUtVv80G(}uRpg$S7j{pPJpb_a_@@6(S38@X4l6p$!hs{Rv+JwLTjX<Pb2
zV-vczy@UbXGyI9wKjDvcGPGRti$Z1odsb@53#_8Es&dB`qF)LIZ$uW_5`4D;uM0;(
zF!UDs--+Yu-M5L8*9MBe6l_txy~DsA3RDKCs!(}wvgON9$?ub|$sd!S9NuI=LQ3}F
z)6-EOAAvrZK)y0xhLsivTc+EZ+FPl6DJ*Si9*lJcUBTKp;?<uFD!yd0)t%TU#53PS
zcs0MKv8S#11#iXk;GIksGAB|A+RIq;pS(*RB2p4Z#CN;3WoBY)v$QUjZ6Sx`$Tts*
zq;4;Wq~a7soWiL-zw0Wi_gbomr~Bje0h;*w<B%|n6XRaBq*2K!opBpOe@#u3o4wTY
zAgUCw&4V5P$jv6TNS>Zu2v_n9T*;pkhoP*283|;i^od5q8LcHHR{mFo^6zv2p-p~v
z8P1H}Sz4L@`l>M4_+l)*CHBYC@L!vE9fB{^{%xhX(fmwXW^VmpTjPed^n<b2AB>eg
z*7ni2+PWU>_-I>Za{W%?$K#BS%X{xE-Q+h1=<ZdkiMp%Y`fHk8pP1keZ6vkh)%<_1
zVh&@a@5F{SwxyX0?AGcxdMj{nfSF@i{q2kcKayud6}*{)-X+&59>L0zFUQjxq)3Yl
zRloW-b|n@F^GFz_r5g0QQYKhn*8DVgW7FqU*-;@sL3ax=?_^bz0whOUHYl36k)MH8
zd9??DJ{uqtw>h}@R$;T`MWgH!21$;kAHoz>RI7rCDrohQ`At0f3GqD6q`E~et3e}F
zTS4r5JWGy1ZnY{$Lbk?!L$Pfp^z4D4S&Rv-pDi;w?D~anaS7?X)K6^7I|HzAWLrxv
z;UaW^hrbkn#P!+lRVMT+$Qt#AHtV5Ps?mNS>4JEDUxCGnWsf7xaahji%$=?3x2VK2
z^z^`GAMQ7mK6kv17NR#b!{%Mw+9nt0DOFyI55lrqFF92QZv5Br=oF9<2aFw1S*bqS
z@w3*u_%l>CTtp`#oZck2b9@m+i)vEQ&p>{`$YFhwx2|#=h3{KjMd5g9KV=r@bDdCm
ztiY%_;y35~bl`ildT}+s1PIaW?CfMN68CEUV%ftzf7;=6Pq*T|b%#%g9(DMx9rIw+
zS?wMDYOr{J0hPVvS?d4Leeve!yre8nW@pQebz{7j5M7#P4E9l#V-okp$6~CaDd=Ph
z^1CXyELM7-dRGLT6)%FHxm_8nEw_>JX`1JS<3F6s9GY|uE6%>b47>aK`F)4&pNc_<
zULm=Zt|E0RD~Wm6Y*@0bt$Ev$V|1zh^(~N|rg-}99oma!r|)IPF47fw>!$A!J!<--
zjxWk9*-#(vx_59F=e{EN`$=pGzt)CttE9F$gM`}MN<e^UIjXWG@mL6iaKO@c$j5X}
ziVXktt<ne;fT6Uw(rzUU{WIHpP4RsDn>UimHVjy}LK#2kY@wM9S<-#+db?0GRdk;<
zZWoIF%B^R^O|yJZGvveuARp?JMAu;v#D#!gP5xL`<O$j74Yr@Z{uukYwWMoDW@wcl
zcQY?hlp!x3-q$OF4r_)rZ*AqCMHnWlt%h6+B%|f^Ud-G|5}vIZTN$}}<E01NP@3Y@
ze=uIZWohN{ozts&zC9uLZPL81bCm;$SnPPFuZmkP=^q1<bZ>Io{=_7zN|VnXJH3DL
zDFo(Ljp==MT=J=7$G<XtVDUM`v{sExZri1I+wQ$jjZ5|)JATXfzWiyZ!oAcopx4s*
za%o%op?Lbw9JD)5%hfVj?B`IqjptyiEt|I9ZR5tjobJolOLOnyePpD$+caes^#^6W
z&azgHzdOB!+7m}ot15Rjd#QVrTeBgXrRRgsaQEEKpMnx+ty3|Ulrs8g>D;~4-&h0g
z6_2AkiCsLUMebNhtsvl$skEf!R-nSIfxpp-!M4(e5-kS2VCi81ude6YhvwWPcZb*J
zF=_9Mm13RoZrq#2A-8&OIxOztE~F^ABemMQcH^&Lyq92H*Yf*Pfq5Dbn%-{~yE7W^
z3Ww5lgy3d^qsGTE$^}O-A_Z9tQSRL;T^)NX3`e~Atq$YhoB^tiy`RUslnvPp9`#BC
zMDrL&H1qox<F}T&L!#q1wH{HjYg_u60#)@hWwp##;sAZXJ1pJ9h}m(S)9ZV_Ju!D2
zu$sTh>pF^G6GtouQX*e<Fc@W@Vq_~XCx+u0)}>z8$C&dF?ovnCC1wZqeQq9s`fdjG
zn+0?~`8d_la%tX6{le-ltA$PWF8;m+psStJ_wMns-yxW@^}l~qmaJatU>b;az6M(4
z4P%Pvhv73FOnfTD=Oe@peX1Crzer5$r{06lZXjUqk<3hpu3_Bl+yTUSU7w>}P48r_
zdu=u~sh;!3Oz+2BIe#FO<-p!;hPok4QZImjJJ3UQJC^=yygskFgCk+7!aQwtCj(I#
zvC~UmcZdzsAsb6h2H?d@HkTj@R|;URfAz4KYse=#%!lqrXl;aqz?cW0qMF>BP!{d-
zTulN`jP!?8PMTFm;;M^D+#B0N5@+}*3I;_K1uTWz=Ty>2!**|yhGlq;d)P@}68)$`
ze=DA)NPp|DvS!OqWw99Y_!+K2r|;E<776zIquD%gtcv6x%a4Qe9uwY=puJ$u498!u
z`ON$9*EKMW>32IXs)wqcRh2la4Gv`ub0k~GFJfY>Z#?dGe7%jKa|GdL*QIpNgn;Lf
z7QR;EKOwp63roJGyO5+q3!XEz6z*~G=kur&|4q~6XQtNXzpQ3fxn{U3Mt+)7SkC>f
z<P?Nz_gv2H=T<oXeq7~p!qQn)ZJFt{!+q&WfK*NgP>siiq3Vi<fKe#s|Fd-i3h=IV
z;?}<?X)0XW8QO{%jc$!xG!Ahz?Zu&_nplosMOFZT4ruON^?XqK+8Z3u&LW3w0^DZC
zeR`^GD}6yW0bGtcu&wzlv`2<Ru4M2c7r|YzU9fYH>>3-wY>?xw^NfQTMgmF&ms?Xb
z<%ROWS_%skxi`T~q!qF;p86|0w`~L~&Ej1b?}TR+!5<EBmMS;3X|@aYMBX~jTel}p
zg2yHf>U?u-;=rc+y{?Nj6>?GV8=#bY18<U|`n>*9deqF)#9oa(cQp2NzJcE2WuhtN
zbp@9GnKEzPDP>k!y(+6!WzDX##CWTy$5m8*)Xeh4-no5A3#$@^vZ}6jRaH<GeuU`P
zGF7!iRlP(K{R*r4t*dJMQ8UMTT@Mn-e=+PLmSs#m-SlppRf=l1$GdT+eo@ON_`kjP
z6>m{b`+WY)neWZ%na%)26Dd9RsF`EE)S<4l^{k_c<~t@(Q|0_=Gb?eWtXj*%TJ`(B
zwRXVB&D!OtnY-}(%O^$PZk#nfET`Z1FE^fY6ONiWA(3VbBfO;teI9jwsR4ZP%sJR?
z%;Lc6P9S)A)xjecdSqYNCwX!_JDuwfJY8j@{Cxe&xwT$AdySHu#n&)@&Qdc0^zvSJ
z-v}f)fmUMR<d%|-Z7s_$kg)^Kryq`S#L>eTD8}?zqtA{W={*OxZz$_nhZA5AA5iIs
zmp@w)!T4lfi->wxY<hh|NfoQvyJB-R^=?Ob@~Mi%O4KtSg?kJA8lQGQST7O%rirwj
z<-(dSKk?37TKphqwHobkw!2GQ&0>|&0e>Q4|6^GmWfEa-e#=YgI2{h4e`Ej;?Q{UQ
zx4@hZZtpGYxS=qByO%#@1DIkF=p<kdUH>;lQ?JnfZS-Gjj5`L9><)=-g1NueO(ONy
z64Fx!u<Xyx1q=QNcLc3*Hz%<n<O_(}Wm67Td5%mf#cXa-J_0ti%Ch6sI?t-v>0^2H
z%cj!9pN{+V%iZ(=!ef{|9H=pS<CmXLHMkLe%un9zrfyfh+{|stoM6Mg?cW*pcbT@Y
zL7~EF`{jM%v_+(lOZW12n47p#vF$sbxYumjhR;J`|3OZbY-@ho5uqIh@aRqkurYJ|
z;F_|I;r?$3r|lz!Y5VWdv({gc_?`r5h$m_~U=&^ty8qkV{sQ_OA8KFLjD3k2lNU*b
zld@B}-k)*)2sje5?JvRuh0PQ`vm0{fhI3{U*jGG(qL4e}PsCZJJ&Ip=S076e*VC2w
zkJYE&e18HT02fp_d&@*s)AC~q_Lfz{_Lfzly=C;qQf~9Gk^FoWwdopa6_eh!@VDIr
zg&A$7&uG=y4HI|0q_(ETu6+mrc?+w*OrwHfr;qX4D7$q>bxvZea6OrvOXm!&qo$HX
z5Mw)xN^tcAJoG#~<8W~q%DgC+P1!THs;-~>_<Y`{m|xc28Nc}|YbtSETXSOnijF*9
zD)u*+V@CJ%Jz@ts9ucn`g)QPR?QEdbr{(!C?7;77c}3m2GqcgE;HZt`A&T&RN{Xn4
z0!=gjFH=7aC-rF#Gm<svO$&Z=de%zp8)a<0alDMCh7zBYNJgNHWiIK~tZ*HJBfO}n
z*n##$ogNn>A^%Ye!|fN+z100+jr>OEx~V`nl6yGQv`s^%<jvUPP|BM@`*Ts30jy3c
zH8<1X)B@?zw_3zFWSQQLr&P`--(31SM<mdf$#~{O)9_uUY?NQgFKWCh>GCG)PmL+`
zril254md<9h36Gg>1HQB>Y3&1cbfK;j?bHMf00(tnHZ|x9@UTJ$uBg5Zf}<7bbG=!
zrP%;hTcG?PsI9VgTaedN^b3t!W51!eD_eg38&ilDr7KW#G1^X-z#-3cehvIm{}D~f
z%c&F{<6P9J&8=gYkQ;kQ<PkAjdkBf|KqYEw=(LbHGlLoCrWU+E*Hg}&WCj$-DuWC1
zTH~Z}e{23`1YuCX8C7E#)Y7#~4LusZ?SlaT5&xgh#<!$*$xb|BH=B*OkNmf1<Bt>H
ze>ScL>>pw_4jlaOv+=9fN6p5sImgod$uRbz0f=Tq(u2}niGo}#LR66Xz)5*7_kNS|
z{O@*{6l9YBe@x0V|FlV2S80=S))D{qq|{cv|D;s>@<UC^cej7|NvT%ektMQci%rUx
z%ZDeWPjG`bTNHe)!pIR56J=s%!$^Vji{ho%I`W_S66c?5O&H#Wh>2Gl`zb2t<emH?
z&3FE7cutOG+Lk#Gzc;+`fm1OKO_&WhxvAvZqMPx|dZQ5wS9eoZJ5ek<b^p*=Sbmc3
z<19B{?QHvwVR<}pH8fSsNi2JbI1_diUk}QnMQf6CgnQ%73o1JLOr6DH`TC8vU98tL
zk?j6!3*1Yu^GcQ2JKX(yZTE+HOWhC0#@>H1tjl%qD<SLh!lsaQIi6v~vX?u)#Td@^
z(R4}#E5g`HOu(+RXpwv*98WC!GpnH)*~|6h-T9av2*-4{jfwXSP|-1_{yS|<*N0>J
z&4(V-ijmz=`&+xaNl_JS?k+Gkwp+4|Fs3QuZ^V2>jRVv6x2&LD%}IJ@8>03#94t9x
zkw1^^APYJGhZY?TeujsbGh74Mfzm!1?2fYrOUbYiIYN6pgce!E|LyI~-FxRm?Poco
z!$<@NqDeQqmESf>hg1Dh#e3{l3Om!zcepdrXNqnb_U^F5#jg2K%lCm--n)F!O$dEt
zpj*7d+17T%Nmk(b;0s5ycwsz@&0q<#YNJrt?*aTkUf!u-5#`-(ceW(g5^kK(hj{li
z8FeyQ^H_Oq4ePc&sRxs)%MXDHIuEa+2t(DA!-Rp6ge{iv)@Dk)*N2GFbByrC*qn;>
z)!Nb!Il9)pRcO28(){<`o#F^p1wZ-`n&M(_{ws+nc)zn8=URmHz6HLmCV$@O;6<Z@
z2aFDWnqWSzKfCeA+;hGZ^zMtm12{^rr-d;uxUUTh6c9u?T+G#B9!DNSZ~QC6NC85e
zm|znuQ6zlE`O`yTS&G;l{ju78`L|j#zthFEmgVo*N%?DSncof42jfm8NNLO5RzkXY
z=jb58<YlXgaYl1{!vV*d|KTN1SI3!c2sR&3_li(z_U2IaROpqA=H^mN3$-G5EV)~<
zZMV0kgXBOY`Nlpi-tikL4aOij?&QxBZzaLdu15{0dremFC8enC&5i54t7m1rwk*6Z
zRNitsm6zmn{)bquxO-n`QEPTWL)AC+h7?m4O!zd~RC2zEq4NbmlyzMa3W(p#1xkvr
zS1fYPOD>KREBfsY@#au9cyimYzJU}OM^qt>oo<Z0QN}%K6S;jXc}&Ur=U7BuR~-%H
zq@O%m>V_p}_vR`)@9Nhm(!CndwqrZ*>Lgem4r*MBE^(IR&uh6wUCSdG#2Dx$l*J6e
zB$#7}cNioeZq?V26i>fX)Z`76%ZaG>=63JAYoO3p<w#qjn=ahc+NH%Flm(QZzRNTl
z`1hi6lXF~5b@B@Zi_S@mi&nH;Z!H4|sVUfBrK=FctaI-MPaRdp>mM6`){=Z@AD(SJ
zywT9WG#1CNEW>pNN;&{I-0?)2ZpFmYUu9GKI@O(zTmfekTahjn`>1tRU?fO38vN}_
z6DKZxR^miUviS-&TD-}U=}s{2Q%;h6TC**VVQJD1{&e~Ptqxqghx3l^bTtqba@&zK
z<!l%AXtyKiUg|>d&)sXuPJI|*T3h{kVWbFir~SU_oUXVtxvgPLAp??DR@QQl)WZ=+
z@(v!mVHbWv)0+8M3!F)WO5hd#{_%>4@P<E$t@%UTeYN5IzuQ^<D&^--0;t`gXWLS>
zwN$1HCYOAk0)I@>HmY$i86#A<;>M?j=yNpg*5@Q!8Ve$Pb52_{R%^V8fJOWEK~_6Y
zv1%}6E#H)Pdr7+p7dX-s{Qb02PHkS-Y+feUu5G!YRck1&Q){<=Iq&?2)vIeforL}7
zUhFXXbQ)7oQhas?jNH5ppds`H{qnOzbHOmkFzO6W_|iWVxi7!o879C3HZdry%(J)H
zBnBr>ub|oMEg+H^CE3rGt!qn9-_({qdsBtnk+VS2ZBJ_5RMnO~V-u%u*pIMAeyvC|
zYMbBKSr%n<t=EOWtfBmYlGKTUvfkGa(Xt$IqY%NgkUt<McMSZBm`-8T@V-q=h7-wm
zs+Zu>{+&{3dm>Be^`&Oo=9D=AYZX<AZP*{iTs}j)B%{mC=Q6=4e9O%x#!u({`|~W~
z#c-Ys@o(yfpPk-0RK4aFTg}#rm%_~xnRUX2<*A`S3k7Z$42G&NbUD4$y=2n5r|Z^<
ztPiE+(v^mh^&|T3cHe{gUajwB&sGg_4d3g*MH&I62_VXWQ)#l{Tbc4*uA)O)EJ_{9
z<Ivx^XApC^3_}Yqc|GSTaqe|^C6Co}^9|)uc5-^8Kb2cz$+zL!F16Y7l7FJXn6w^G
z`x(@U2p_SYiPhiftysGUU18h0<d=L5&tmfH>PqshUEOvT&$jOxYknc_9si6S7_8)h
zymL;LG3&{SbmX|L+O-8J&=FN!VY-6OpDSu8KJ6A8uh;c))h%0&5CU{ePhA1)hwj*y
z!_ALLAF7^ov!HN?x%HLHgWREXu%Q1Cc|mEnur5BW-s^h8jn2=U2V={P#>{`R3!Ma^
zyu+`5ke+QBs?KQYRwK;uW^AQOLBU(8UEQ>>0Bfwb;u%m<Ahc-&)(tom@5}p=-{Y@q
z07Fw;l5>gY6ee<`U;mJ+xpAasnS>S0fR^otWh5u8I-W)IQpa+ni>Cv2(jdlF|Fuh=
zGIYy*lO|QaEZsPUjQ}b2xOGOpH=ZkuPS!p099`7q66$?#mt(6wpufunR|kpW{(9+O
z!*Ue&c{SmpKL2L%Q@NGOQXqT7SJavs9~i3s?5&Qoxiq}>#;K2MD;E-CSJW<8;md(=
z`bkl#IyR}H>Y?@Femaw~rc1@jz#Ourxl)ypLNq>>S421a$)Pc5hrJbV8ruxs=dJ=M
zMd!D8`WX>E6t{V2o@lz@pVEM!(@*Aj>3|68RzCeSC!toEab0RYQ7!BkcRzb>l}ZSW
zG2ZcI9#y(QJs+xGd1IlM$suTxqjxrqg*n$&Ugur>8G0E@zY)*QV!`#wM>sdZD!Kes
zS>cy*F(H?jgGG=kot;S>(C;^IT6$~@m6^9fh7xVrlirED_uFHc%1YMiIKTOgrH7KE
z%v-UB9DeD&vzrqK^eo*kcMU<qPl_*|ykpVk-o<6az1!A&zjyJ$9wZ=pTxqPi*Sq)#
z0>h15K)(<rb32Cr6J>Pr;aK|hSpAT<;uP}nCV+Rz0)22h)j-LwTj!N#A6F5}POenq
zAi!<Q99|jARx;BL*s*LYHL}v{1XA#zfu(=DK<_B$)ZP==aNv+OiYBa6&H+_}-}d^~
zc&Xk?s;Sx8vKNUZ%al%&5^Jp(nHj2HzYa7i#XNGmciBIsec<ZNWqE0l*q*ki5ECl0
zt439~mbGEah>ni)@YdM0*4nKt-uE_l9D>)aexg|NiQ4`cC%FNPr(*SwxD|h_(25ll
z_ht;ndjD}O3<YjCdi~cQ^|O`fwruU6`0b>t_rPv!<v^R>8uMnbTlkS!`oxG=#U*gR
ziY@g-{TT;gT{;m;fhBa_yJWGB@WN)-_uMBL$oy4||Fx0v3(<8!z?l=Tzd_^A+xXuG
z^<?#M*{ilvM#gWzE*k$1@_1cUj7^)tKCj{HRwmkdgwgoT;^X9+;^9ZN4vL09BSnXU
z!U+9zTVaIWq&D6wnZYKpv92{e=;YMdvd*^b*&8`3{cTCLLC#`o?`&)Sr?*17|KXv3
ziZQse%ow|(_q3y#M->HZH{$|Z>1J=m-4mH&?PNdI2OE>OVlUa+!z<q(XzsfW2XwPK
zTX}yBQj?twBJu{0;<J+<E}|!1RZG8DHM`%N6yyKn_-+{>JV2QLkAsvn`WcL_v2Q$-
z`$ctras&R(`#LxRz`vK(=B`FqZ%3BgOujJY%N=9C@PYfjP{LJ-2kp>2^q{6K^#|A@
zz|5iI0dM6Wm}vOUSAFl38(xL)vWJFe)VFkgn}=2HjSak;jcvRu)zeX(|6GCp#ZP1N
zy%;r9Q{mb<)N9wwAH+8Eo@80a<IA5F=Zsql{wDsMKc;BBjKP(cu<rxPS6O-fCjRWL
z8!+ZGSR3U)#?_=PfH{3X&xY&%l<R-*tKPhx_l%)yI<uVWNi1;V$V>lOXy2_<cWwTI
z`#;=%1MNF$1}4s8frqMJgCwjiO#`~zmo>TR$+gzj<6L4ed+ix1Ty;7M-tn*w1@`vH
zL53hsO&HHiui-7-@X+zskIS8mJ49@;VLLbA*B>izVMWw(11_2@cZJt=R|!OhSf96(
z`&4JwP{<^;4k915sO-emzn4;}wb#!qstRs?S^n$pbemW3+hYk8-r2pfxA>9WD>qc!
z?XA08bJR&Qpz?PBUK#S%WqTH&u5AmyeK;;yQkRF#y4%11`SiWXXPKFY!#tZbGb8yH
z@BONG8sPE{DSvU_JxiAE>TG;lydQ2XND=Q6L!x8HYUoYwW<oFmFx&#b2nTQbE0B%a
zurW&eELoJHQyG&z@T87sZp(Zd$}*#7hPUn;^-PC%W$ytTF;|W_`mIwH$(~QDgmxBx
zcn>J+^qJc#>^yO%-ntS)^?bb%wBZx1On=0DnX5_()wGFtsg3Z>vE&P-i@#8?Me3L|
zY?o7Wzq89J7$#w&!&xVmKDP?L4g++c1dr92FBKJeX3OXzG6Q0)0>bRfsSOe68@FP3
z@l8X)fUOI0hm4WbdMJ90r!i7Oa<2}C3NQAyATv_4#ITWw6-jP_4?4Fhlhiqix-jTC
z8J+qdWf|RGFaxUH)jXEkBt%keM~~EIl~G-CR#ll-g_ezyyn!aMf9`7jxb*?ZeFAb#
zK8Ignn@vICF5;!NdI(K3qk_X%6fdp)DJ?2`HNTvao21g5u0K)JYqo0lz1G>_BRtA-
zCYI}&gC7qCzt?}n1i!DnvKLEZ)P+TN_EXgh)FLNsYdLI+!}h{g-T^-g8cf%Jh1aM@
z_%UurJWFt`1ygpCRCv8hJ}B$@-Q$9PdcmFCo5bx#fh(Xm17#|qIST1x9>3HaLMVHL
z|JNzxdL@|i2?>G?vL+<zGzeu%L|JLjb^FrV8lrc=h2r_YcNnuY|5I(k#%Mk?FFTo!
zQxr}0Zn}nVlK$`J<LXDl`KaB;=HtwlKg4`k%k)4~55ONC7(E|_=?drLri|;an~%cm
z?kL_bfBN}<V<HSR*&}X$%uU2*{8O1EAYZ<IoH|A4`mJ+p5*Q2%igkePkIYO-@C8Vg
zh&B=wtRgfsBaVYcOa@;GUj9?T_RpCNVsnE1!(qRXh|}B%g?o{c(R_XFzOtu;L>Z0i
z*%g|Zn1thQXwpiW&0R_dwEu;RxN8HE%Woc*lXQt2D3(YKi=#f@^S_Wt9sX!2k&@C^
zt1tL$+)1QLblMX$r1tpLG--?M)-Tov`(O~r1|<nFBg4e;yVtqH)hcDE@6X-9FT^9o
z&;QLHuh_a{kGqkLNrv_<7UBo>ctO(+J$~|cuE(8pkRJPE!;@h+6>gdeYe-AYP?meo
zKcgJD)2=0!omi6QhtrLtLzjlmlP-04xw8|$%Y#x%UZ&iTi6&u}K7^h2p@m`}j)IWX
z9w7!Ixc~ufxPXweb`xn?A$Ha_X|{Su)3ULOv!U#0JrTl_p5a1;{vUDOBY-gLZaxKn
zIABZ(sF=Xj#P|EDUH;@6{cKX-`FX?hm-&95OYDe@WbAkZvqR&bhzrwEDrJ-U&VR%S
z=Cb9tufZR|j{EWTwh8LuRgWshZI!%1N-EAuY)cOeU0>Tt*XIP^{RGL$JF%zbUKLr{
z*bXt)8Jyeqx3C@&LWNz{&(5pjahV^#Hn{{gvgkaQyaS$`_ZLU`-?sN<ZZRQfs7>2S
z{X^B8SiC6BG>RgFU1-?JmuTh%;p`FVl{muRgUD!6<fTN4UewrmQUb758r|ku73w*e
z4|)O0nVwYz+vQD~RTC`f!uI@^%9E`=YgFN2a3x712PDNw;@MMKR}I%5oO>}DOfZ){
z`pv&mZ?^g>^4&I-rbe=v5F)rodEp|-bo4t<Ti&Sh9<-CZKU3a4T;8E4m3QLwhajQZ
z@@$rFfH}fG_fWut>ZBx6)cc^zTjlbe{+_(QRNk8%93D5I!3I(j#**3U11zFwc&^{y
z7kn;J8A-$nX3%`V?oxEeVcvNOO3E+MmszeaslQmiAG&nMet(3%nB%~KrwkZlY2G;w
z{4ZLxcMBeNDW$_HmyqJDu_a^=wpMc`{8sB4FJKntJlE}F%xQiJU7YVck^dtY<U#2i
zY(+`_l+b$Ly+;sSPDS~1^HF<sbEGB%K)$ue+CR+yW##Ak5_(qD{!$NIP1SbeHs7G=
zki!g)RL1>?(W-)mN9az__>Bn=aMVKEgJ&<-yoIv=9~~+nKN+09|7hipTi=|HGbh%`
zHn5BjT0ub=HKaC7j#iB_a2{>nJV>*lzraO)<{a!0Hhxm1Nffcdpml}wp0&^!O+wbT
zkc74KIIG-YiS67XhkX=r*0<0>bpfV7p8bt+%+f@3tE`0K`8|gBAKtg?gFMF5ubL_G
z(`;_B^b^~Y&IWT^Ec;U>^L(!}#eB@vTk4}`kpG-+3vo!*%qFqNYpspKb5DpgGHv5T
z<ju65J_Z^VwrPd<55smj?T@A=dxq(7f&;e{>>sL}{ljzM>W*x16I~HlqWT3Q)-++;
zxU=P7d2Te@rJgJM8uc(+e*6j-EU;a!w)e1Ilb?Do+r@cS+t_>g-z`@45&r#RyPgW>
zOc{gkv5{Azywq{@fi4(nq{jlVx@6^wfcAeEn2+8Y0<+ySVE)&$|2{CQQJ|`)-8RB-
z1S7ya5H-G%9WYZ)6H3_j;%xaNoo<{xR=T_!__)mkD28W>e+AQj-sfQYHlCwKo&^(0
z77)GE@%$Zr9;|>1g(LJ84&p@+epo%BgF8b0e}}H;{yBv3yAut<$3F8RAZ$(3g%Dl;
z=kKE-T)^fKU9Y(4L!oQOmVX1Z4h@g^(Y+3||FyS{Yff_|qFDt<gQ@*a|Jo;jjp$z$
zlxDu=7MU?5%GxsX(YiWPq{qQToxJ)`*a5Mw^Yus`ky71NIK``|VDQ)d^rk?_B+}?g
z<&hkmH&~=|?W7?@f4%TWXY|%!W7}KMyDDca{ZFlYwN@a6xi`(H(k(`0QD;>zIh?=f
zIdGw|lzVK>OKK?Vcs6)Jr!N?+c~pUV_TmaoBCpBt6Rx*T)uJdgb?NbIw38OAOV2ZI
z7}m`Wx35UugSBBFg;3y4CVQwXJxTd=86-y*p0O9prm9hpnzD3_`;Lf=0&T?)>U*oc
zLuF~e_pq|Goj{SYw8zSnKXxI_2%iY*kyrPgvW;6nZ-_T<^OEMH3Wfru?md`C%2RB1
zs;Ns|k1B&$@?B2XI95~_1pOtIZRyu?XHcv3EAh;E(fG6r0$d#Ql8C0U4ozc|iGfe5
z(#tqSy2kyx>C%X<k!z3M%I{Lj-Ls`7G(8j4duf;j76*zcL4Lmi|BW(|0{CY@Hd)t(
z0w(nUVO@*NOykX=jwjJjAk#jcU3y86pZVODVvXd_1o;sS-+AkET5Mv-hvj2l@*HHa
z#T{BxzOxRs72Ye@p*c>1vHHI_bx1?lT-=+{k139^F<$y})K}d9DB<D$C$3xkbgq#Y
zV63UC;o+HsOs~VmMZBPREB2Ivii`i3Oypxpdo20Ru1mfc&o0@ut@+tD@A!Yp?7YEp
z){%i^r-sIlK47_}w$q@c+t3Bn58hZwjp(3-M&j0&B@W2_AF_q~4vMK!sa{tXiGKQT
zCxn`6D>tmEKIrHBmL&EVs{Xp^>ZPUbI5L;qjS>*|CQ6QY@HF-4Vc>)ezuJ|B5j*wh
zX9=MmEoes5FAY^c{}U-i5wkW@!VoJD*rcE10z^46r<UtQrWh(wZ$&lAAwzXTU3-kt
zozG%AIH1I_$!M!bp(vL$W{j1l0U=$#hQ|@OQ@@a+1%{DOj8y2AjBTV4<yc0i9Br+Q
zm}Yb?xLZ(-e&feF2C=^AmZLcaVejI@A(L(CH`<C-p{*0yvf>k^3uSR8=8ot>KWVzq
z<DD+FOht=zq49~(2&W7^(kVk%lf@}RKiRYNfSgR5Lwr>gi>u#Le3U};)7*9%R)`);
zU_>EG=S(3w7l3CH<;5D&la;agS?`kn;A2E1I#(`p;+z8|n8xu17y7R-vlg_6j5ixE
zC$j@G8c}M5WI6EO5(*BSQdIN^{Ump=%D#uuHBMxvV2y*R#$WIXp*l5PUh)P0&d!!S
z!w=b~cDl(PaglWGk0g$IM<l*edA!S>H_hnZz00;4&cG{Za<fym8j2u^AMmHm7%=_c
z)L7=*TZv&Mb!_F?uAo@^cbw3tNc%Th`H3m-pQ*J{I=(-n`b04Z0}Jh!QOpS=iop|5
z433RAzqXX~`5jy3Yo@}x<XlKn0daG)r1u=ASAgRojl+%gjL@1+>l^*=YKPFBr0d2M
z%j~itREK(-?XvBBjO;ubEvo`~8=8mMv{^Nb_s))kc#MoCz>7e7nC<hB^AY0qIWRjM
zZhx%zg=1%={;uU1j%larT+|M&>HZ>Z=k(2OvI|{ASAZ7Qf@Ph+X(Noq-@Fyl_vTI}
zX%u}9tv#jc49z(|#b<$9LLcyv=B=2^j%`Hp2tGsuy%jh9KeW9Id{o8x|DQlsf(Flm
zM59HG8Z;<qqM)RJY~<ou*<e&us-UqdhI)&#izq08P0;PSO6#TeTieoVt^I0STP;QF
zCE<>(6>Ys&!5f@)RZuI&YyR)g%-PK@;N{zYf4nq%&YU@OW}bPTXP$X(gBT#7TZ`vL
zGsk7=JY%O>UX8J{U_JPc?VX}}jGjK<j=Ow6{hhuncGmhi2W3qI*3TBB!eOg3;@#H=
z7S(qX7r;d5Hz$R(McI<I&aEzrULrYciTVyRTF);>IhlVw_~4&!5Eu!XIBiPCux*ju
z+`W<A)V*Zvblwldag8T@&OG=mlWNR^mFZI6H0M9H`A%mYB{=9fH!0QRoFjc>SqEBA
z`Od3LSB}@B^3+@76YpjXYU^aG{W}J=b(tgF#Bv$iR%f3XGp;eV<+U;AVdwO9AB3Gl
zpTO$YiOucGUYr8*BZ3^9w!eYJ;UTMttXM1n%)HmgXxgpf0h2k@=Wpbn0jJ~>bL~;0
z8kASm;J85xk3)I2ep_4B;rxaO|K;*XbNOsIMbb%G@{CF&)=#6C5r)}7=S|Rgo~aTc
zkd#GegWkOv`95o@?Ej2WtJ)RC>rH|S*hAJxcpjZG+TmF+p!8|n`2&f}yfZftGArIr
zi=@-Z%_lMv70oE^5zW!>ZHwF9Z{8NSeSgJG-QUyohs1|-UAISYE@O=9XqVPaXZ*{G
zWAM)TCwhIGr}i{5o%^V8gX!fHu#QZe6}yrbY3>25wPiJIr75GM=NAd!&Ty(^wfsqn
zxX&_j{g$d8<v~+!q7d7RX-CS0N(xQGRM^Ocaa0~3pas65f=KEz<VeD7tvDSGxk)@r
zb#MXFrCB3dRVz6Yv*OH3sct;(<@5L#`838K5snl^NieZWSD6E9*QNi7u7f9c>xr9c
z*DnA+>?Td&1n<i&PJ2I4U~#Ifv{lbW5xWAbBfmCRA92!eVN+DXl}-2S6`nw*+8Sl;
zyES~1j0!ppfEi*B1D76flkrkfLj=ZDvg!CtZ-@&hN!?$bwi_<J%5eY!t#*pi!rx~`
z5Ln=A5J#HZepg*aMQVl2t$&~`_pW`s+h?@LZKG}_l0hEkLeI^Go|ucN{F;lVN-n-q
z3va&7%6+$a;~Qz=N7Qym`<@+!uZ15<65HJ3Z23}YcloimY9-6254+wsx#AX*#E}MV
zd8NSBQoD^4eNdMhh|`%l45ZOJBgi0pwfR=MSEM5sII{h%TlOuI`=lY33hfD<wm*nh
z_#$8=)zX;xmT^>!uLKz*Y?8V=bp~DqN8gC;Bq!qUnBDKq)~g6Q!G_d~=Nk~Cv1Q|q
z6h@>4VQhYnJOla4Kje@qo9v?pi(m0REY%d>Th&VcFo7*rKcjp2EF=H?J{}r`j--a2
zvv^PP6HrG55c-#6^zl6(&)U#sdN06e65<)-p3H#+KMpjnoXvQ0*h_JD`IN=Xj83!I
z5qm|ApFjCE*xPSK8x4Su7JCB^Um`H}DDkpd5sSTnhL454zA^Vdz+SuC7YkYfL<Lpp
z3;qM_&7$py3m*{{``CL4tLBc_+X{tmkG*ng3WL2nATIbTy!Gy21u8&Wl7L7+73v;A
zgX!;bXLaN`E_=OUtYVcF$`bV86MwV++>c&$6aR2KGXc<<gIUMKUm9qb_(lMb3FgZ?
z!gn{G!9FB)PIN2&vR(Dv&t*1iSj_^MAAxnx4;d8cdnhV24SoA!O(={7)6gZC_@<%3
zd4-ozsI6!RujUzq_IVm5S)M`YyBA{cc*V?6`Dwi3y>|%(PuPM9YC~(+Chw|?C|+uc
z$9%q=Hd5t3=c#Y}VLR(RuNpVo8oNGjYBZ>ZOg`RUc$m2g1@OtHNvki(e2Z3oOrQCH
z*|2#7RqYh(riq0Z?p-6(%WaIoRyc*;89U0|>&zGa!rS%>-_ffTm|||QPae!Y8Osx6
zM=>^%R=Sh3k^FOWX;J!OK`60e89xT3!L-pwvKp&y;S=SXp~S=vWvVj+3!nahr{+Lu
zE8ZOZ84z)7>*+rBS5qR2kce5zuXmEV@Rn^hw~~Wfu)z+|V5O;Sm#NHnzUOxHu&}0I
zEpsMI*;m#O9h7>nY~noH(O+LteQc#?-fwv!%QwA7lHln^qwrow)HY3-=`qLDYInek
zO?o_>qZQ0IRkBtkuf-TUZyV}cwWpxD!J8f^v;p;;U(1<Tl{S;q6~X8poFfnEi#RZ_
z=qgiA(N@|;7ri$>6zk4So{a=k5Mt^qG80e`Roaj|wjnv23{=~q<4rW3s$hoSh$iuI
zh#y_gtfRDgvrMShz|Ie)!{g%B8>~iUHIFp-(#$}c)lR`-*ovR}zVs)n<PF^ROVu%<
zQN~$g5s#!XLGm!U6|m)*#=Qwdmx<Y!P#RQo<G46CXbz9+nl%7OiBJ-sc<+#|Nly?v
zvuUG<{5pbW8;U<8RtuSlZIR(2^yC713XiMIF_0C0UV{zZoirpVHT^m=IaWJa=_;E{
z@YaL(<#ItWZjoZp`_&uZ0rU0S-d{CeoMEOZBfU^CdUhmv-}69KFg}I!GF&2F0`l(Y
zxd!Cpdq93Vysn{c^Q@D13UUT`Ny>t}w`oNnKZ@o%Z1cowX_5lE^*<5&Y0r!ht~WN(
zGb0_@8DS4k%m2nU?azqWPtMEE$o;6SBgt8ef0||msYKy$ezs+$8uha+%kXqMiD2@x
zEt3R}L}fpwX>FItwrnElhIE<S5(CW~_#1<Lb8qf4<G3{?BX`|39G^(kvp<VwHTs2Y
z$_2A%=IaZu<t#H_eSg2>e0}(uov+V}x0|nmd{7eP2tidC3@i3x?u74t?rz^wl02(L
zVJnEk9XxZ|`a^s~lQf~newhLsz~AARVboTy_m;jIXW`F^Vk~YH#aAew@kXYlJ~^Qa
zR@F*<$phv$Q9?LSU|O9lSrYP6fvJDC#*~oIKmv&sj`^j^M%8N6ld0wjoaAmjNMV`w
zZe990WO1h{VXvbRIBgeDPqvZ!sHU^nTOjUtZp2K`L_v4?p%Uw5Cb-DhXmOy%MfXyw
z<&Lwj)YqzcYWh)QJ{$j(EOM_=WaB{>Gv1P-*zOuHr)$Kvro|N)uFQ_DTy8hqi`foj
zhdXoWe>&V>{|Va_;<^Dq`%BSN3x*k~JFlubwwLb|!<I*@cobaGUb|8~WnXz-I5B9A
zKi+z0{`fWMc2~-nO%iOfM-J8onzab~yA~v_DqT$&7uBZ!VDwa=7pqLy0v9Ff6Y2mu
zrqX}rw8>Qyx^Uf8Nr?Yfd1{pgTX3Kq*E;VQ;t|@EBR0=IaAI=kF()R^JEoLrjGk;5
z#VRn)S^7M)cLe;5sHRybXktRV*rV$X8Iqd_p-b7_&MWec4rLD8PJi==W-+s0&R!2G
zab7~Zq#b*n&k1@}92@sKi1?oppJ4$cA%YLYf)=XAcgU-pE*>g0E<4lZWNyH>7S4X&
zT2}BCvatl^1>6!HfY4XrkGK6>z#y|(Zo-<5AWDw&ekFm1j0yF|^T6Z+{KUKIUP<;s
zc>q?!X?~2D6Z$j}LfRD!!%dlK$s$^yNoQYzch{L`f$;tL_{FgD$SIX2!Y`+(<L>{w
z+ngpSEHhsYY3sI3?a-x0t>t1F9QXav4?Y7B57@vOq_!ohlPWn`n>zX*S<QK8>ObgF
zvRbKzQ75ZTrjJ=wYo7)Ry;3<SXo|d>?#YfHl|=_7*;6}1I<*u2h`P>r-B)&(&xe%5
zsk4y02lri%L)Pv+`W=`Mdrxv07x-iSQ}Q;8TXvy5R=fa$(s-ndS)$+6+|o=*IKGDW
z-!=03SR=2`M_xDYTPGQsFkJf6MKpmnj5l-3EoY~jmD^iA6%ln$@9f`v-kou5s)Hsf
zdcULG*)5z{Z7I=6r&?x@ei=E9NJ+HtkgWF{t`(Wn3af#*o}+5VQl6>v>xR60-s4j}
zuimcPJ@iyKy~+F6zp^d!{)Vwuy3??|r@3KO@*e+mkGy=3^{3aLRzKwwX7STVaz32k
zc(y)W1zR6ZEC_eL%hqR&Cg8fiGXec_^hIg)m%wi>;3sqIDAu-8f$XgMv%3dBAX4lp
zSW&QERfEKl#9w9Vs0k;Y)Q2%hn`DN#GU6<ctF;gXm__H|0L0===BBzBEPI2LQ?O+z
z1NgO16i`eBn~KC)^ps!6?%8v-@O|&8*2h`Y;a77X%pOJQCdz7*7OJ%V5%l3jnaLuQ
zX8Ix~wtr7F^3BT&LXmIotb8id>kqwZpWfD4OsbjIkI5@lc8eCA`bWf0F>I#8#j8YV
zT1BO<ng>-PLrG+*jy4$nxQTBfyLvFl-Qj<nST%c8)}x3<phPRO`w}cd&;Bqq!zOuC
zA%sOVp4r2)Mw{TEUn|q#bHuY%OW0#2rsebX$jGpT64Qb|h+;1igCYQPrTUNTSRn!M
ziq@-#6gjt`&VGY%i^@)CDR!oQcQx+`l?^LR?1fvc#u`b@!HB0#j?&<E&B{xI`-%7d
z&vR*Tp<I*v78cEDYUxlzF*Zg?)Bf9J@V$IMW-#kaUP(`T3W@mT_U+kCr&9TDz_g!D
z<tx4>;A=N(b{N_Wcq5E-*dwn`2caahlPF<`r><L>T^;o5%!e+tGJ6h;bNL2_vIw~q
z1eG>9)ncS+>q!ux>^VIN0_JgtHLt3%9>&!eKwMfd(`Z&ZT~2*WjTvRO=KV(hUh0w&
z<!_f4x#teNm4l(WUjx+b6ywQf^t*15oF=J$Ppha87enqFRMdSEc43wk6I|iri<?;O
zUHqa1tL^<vSi#Ni#$%41YDrcEi?IUZ!!87H&B1uD@lg8zN(L6><VRs5vs39Toijw7
z=s-4*cvH7MtOs%E_fWU<&EAnz)jJdb{<pCvasGf{^A^!Fs0-b2eC4v%IUxvPYmDs>
zsD}Dv8L`nF-oJO1;%c?2K0?#=;Ek`3yg~oTlJL>1I<}$non7D;nZ38u$GG9{C!98I
zE$UmZ2^GcO=Fk+{EcKSqX1H!;#F@A;^PEJEks?atDaddwiE^+;YC7@SBNnfN?*$gK
z-nhp9mn`0MyOe;66Ea2>MSB~I(_F78ig94>M(#5I)DjdjOAuD~zlh=}VDn~{HMFvK
zn<7;2bj^1g7AAI=->3&R@oL^$<BKL+ytTJWF5%Si-AJ+H@A$TOf6SKdtx}ByqV{gj
zmL5te&@m#QC;>4qO6DaoKk%W8?|MaSG_(_{G?{2NnHHu=5D1*rBA(#8cclWSpP|P6
z6D|-^nsu{L^;3b&8=5HJW6bw^1VfNb+KeqjW7Ty97uoAdUHIkITvu|<(YKPwd(-6B
z-&jGXMRPPqbzS6}_4?&Qt@@?G>-aSv;+b03GcA02CN~xP-iS}{76CzGZc5qDKKnpS
zEnlJF5G)had#uxE{lxB~-DGbk7$|zV9N(!DmV(tmm!q!3@s-v1miqXN36kueSVU?s
zMQK-=&5tH{W}ocE6J7$(*DNzIewekO9;-z~QEW3Vp@a!L_=Hw447ol9^_!eh)sz<o
zrR|4C)}h~Q&{U*qwh_C5nTFY$-xB|~RKGg?x=iDTvgoEYHc2C}`(3`H-7TBoC#mvh
zA3;bf^b0i-9-A_gtCYz&6RU<kHb?$1rWYumTWK0jGxibr+>x%r+!Bdo2I2=~(`ikE
zD;}pxOLRlw-KNk-qWjEE;I7v!5*cBX&TCY(wNoV0a;iD5Gy}BPJ0KCyN9MKR=3P(a
zTCb{&CN3(u27t|6l8L3wI8kK3-AZBhdU4+MZCv~BE#cC<cX!_NWqH?YRl)z>danKV
zo>wvO-Q(9nb|1a@{PR@R5M|BS$gjHO@f$E@HW`)5y0|x>fSL{Bq(%hq5~|;9D8<`@
zI8Z|9Ie}nXgEQgZPTMT>--^e^A%j?S@1}qV0lzliNY+7n+T$=+zISpeaQ0~`%hJ7%
zgxqgbUFdY<f1UIv{O-R;`iAC5e0rz6GvD%hv)GFnR?1{5jblTS@bpW9%3(Xj$X#vB
zNI3C#XX#obubYij#2E>0-4nCM3gAUN);}Y5Wo0m9(^+zr6~Bg4Ls|>f%<M%|*&I_a
z=I-+E&xRTJIi^^M=nP6al)M;)#_}i|x+(CN@>st?{rao7_x`UnVGkJAoh?+9;8jLU
zvrD?ZZeGe4UQlhBZHqR*-n?5Sb!CMYg@tHW{Af(V3n^K6fZamhXDeUB5@Nc(<x1=)
z2kMT8h9GPTxi0FVALXg^rdC!+KkPebkUi?>lh~|`K$to7OhlVhdG{TIiXPpcw!QOD
z=gGIc{cdL?#GZlOpR8Y(s(!#LrPSF?hlxqEowU-fhOT~jZ#}6UkDdS-^}xIC4PLV)
z3a?oA42_mj!7A`+9AQpM&--{&FM+m2-YL8!mVeK?+8*WhH)elyDmx_nP~7DH+9O3$
z=duwRHop^rfc@i2_CM@D`-kJBtBRsqL{jV^pUJ!#j$gwLNU+W=;_QFs?Ax<{Tv3n@
zEB<zck_=zyEL~IuJ|f%xr4-nhWK!abJ+k62xpPw!8{^kVQ0zDLY$GVHb(8&p?SN(4
zXb1NAm56^t(Q5^QVqhA@-Hj3kV?#1$)V^cS@JR*k>?!Y`Iga-~$Q5udne-v6z0i88
zrO=0PBnOc2rDK-D6`4J8Tm`E2LBH)MObB&1o@AfXS2|MCflN-mA>Iu+x2%d*xMU)U
zFGrT@Sk`(aQrRXqer0u0bOX>u+!}U32hiPR#$w>hatVA7Hh`7Dg$h-WM&cr6`#hLo
z^hG^G=6WWxUb_*yVL#!DeT(o{iWi)f&|`lnm`~<(*zX_vPv-LtNHsUTh4Z=K?U5iB
zn^^3Nw+jg9SZgSe6w|Dk^%b$m*U5#N@!EBx`#2NUvNmqzsdkGwx4b3^3fmSPK&=v|
zT?cuRG;lGE88PBG?%idloofCCYG0Cr+7CON__KJho{%atQ*hl1sc;*TOIvvhDLjlQ
z9X$%p_7L1EQuq4op*uZ|<DYN>Z6&XvDL2V!9R2ZJ&6F9n+S<z`6<W30S$YnO5~9kt
zBD->TaIb%44Tz-9V>S6p(Xn>D&5V;iSzCrC$rC||KaI|ik}8nqV!aY6_Ou{@Uy)T(
zFqKqE{kTfbzdE(q?5O0CW*jPqlR|0AE@<aAdoTP{Xeud#6zl<AO%=U2xuC{kygD;g
zI;<A^<PY~M+Ex<eG>bz3N!A~^?maZi=<uAS#cdsPaE|YccU3xzWd2P5h(Fuu8xzap
zukFw7yuP@ebDBnPm_6EAdS$Qr&W*doH;*0PcMaz`jp1qU_-lPSUmMW5c^94L)YW(W
z7@Mr@b9qdWWr1(Z9?oHl@y=eH_%y!n^2B--9gsPMqTZdamGylt(M8D>d+qRjPEY&C
z<;^CcqqA@fJx?s}e5*A6$^P>XBI!q4kdpW(dphkpQfEvnb~&egFD^49oc+hcT|TLd
z?iv52#%b@R=S4Mo{t>+*!>@tTtREOC^>W%?rF5~DrS*UT4)KddO?g%t2z>iIVFTO&
z^fn8IE-I-?-K@0EG^?}%cvFgJw97{E!Jon2nfw|}zVIPr@Ik8pQ-~9uQtoK$G?g`I
z1J~G#X0ZVMlS`w(6wVn1W{uK8g{01{fh{hc10zgqu3u)prt{lB@uuITMN{1X<(hcA
zq{_V6D4k1c*gbz4SQH(CH+U&Qp9Vfs?S{Lbj1H6`U)<+iW7qe@Y+hHVNPchm&5M`Y
zMO(cAI`<b_WvwBERAAmuCCK>Dfr<?msN~l`$GjsV*bzEE0h^6>xQ31vzz6s>qntfs
z-e;`fzDb**H4EdB&Ig9gD#tc&eU5rc*83^$=U8~!t!N|huXH|~T;u{OarbY-UBtXl
zSA`l<L!XqE6gopb9TYMMnDeizZ=K&&6eA-a72+$r*p}=u0%C4<QVjgl-)GPb$t&;^
zyL2mDXFPnf{^1bge@uV6%jaU%=hIG`BL}oZXCwh~G_!2`FoVSzm`R*rBmF5(M2omG
z=U#;qo3il@^e0#p;{=j59MZHUwl#wx_z=EX>W-R*e&0a@DhIQ{6Sc7`Bb5jJCXWw1
zB$BAYU+$t}@`73AzTUr&Y%SnqL_sMiy`-qn-bDg9K9b?iH%hR}X7;hQz<bey9yX*d
z2%4_B%b*(l+aK6Xbq^qdvP=AN36;eEurx*wB|;_W_MXbyYiGU768^0pYY8v+j>83F
z1QorBlkqngCp{h3ppcPH_wUgPc16X(GqaA^o`aiQWdqo|i-WI6A0x8_)@+lrGgFRa
z(p}#BB8j0WR>&6gTUAL6Cp{Xl5-JAyICybH0|3+)fYoMu6x{ghB{%v;j!f_DiE5G`
z5n!*mQ1aszw08JW5hWmf=@Oc9Q_a{+-i)4@ldr6EaWNl8qrv~DmSVvAVn+R%U4~YM
zhdkpf#6baQj^2}*>IE?pOM~HiKib#9qz!}~)V&#d$Yf`m2Kh)jVS`!fz}APrQnG}R
zO@S$4U-P4R5*IRhd8{w<?fy|=sU#tQ!<4aAmvmb#baUF2(9ccTcf>lR6nW}%NsQVW
zrvi`s_{+&#wW+of+J5ZEUq;)kS95fVMN7;PpKSJ`b7X>{G&>@3F%Cc|n=K6i>}<-~
z9x7k!XY!r{88<NiBP5u7Ma)C1hLXIyk@Cr@s?WKTG7e~#hC4U+w&q=P7hltby;A^4
z#=3O;Rn07UOqnet>k8%K+NI7AJGT(^rEn47`g-q7pPXkHk^$}EUzggNfI9@PGd;qw
zky*+P(IV=RZnXI~aAmPHoY*XeljAqW9J`zPr-^?ra{*YRL^L<!?jAutL2ns7rJ!H3
z(T&VAm$FD~^Cr}b{<Tif(xg<$>_}qhiu?|aCv#Ibj=749=0n#>+zsirNq~nnX;!%!
zsVn3QHp)0XF`P#5wMVj>YD9RcsZ;%?p$9kXkzxN@kKXrE$Z*=EwepghV<OwkjxD=1
z*?p#LRV+_se?mm<UjPp=upR9$&sh7{)a=@HEJQABHq6s$yGLJ3*{1DCQi0xb{xM@o
z1)LxKC)oVnt=|}%?~3`@tTBHr7W-L}ik)laxLv3upLTM-l6=p5#5nuyb(`7yR6J9#
z_vzO}@pek`->OJT@)8I*t0Z45@YpR+!wSiggOEHg1=a0(W>$hbsguV%q@|I{Zau%E
z(2e{WmU;^pd0KKUS<cdj&3-^i^3P3T`q<@4B6eb`YTF5^p$D;=_29d|UX{;BZqc^K
zX`clQq=gQnEa!aNFGsob#UPqA73x$TR$7S-plVYBxB?ekYM|Ep4t|{RY$K=H^T+2H
zY!y|qWC~k1q_WZzY_vxGNYo>@lRmURc`G0GM}MaoeK>V#jnS8{qNgOrI*3>pBS3M$
z%GId5wSD7?-P^x-Vm5F85Q++tMrRHazE(_xG9yk}6+;nUMgH?2RH}3Kfw*~h`KdfG
zhFuP{YgJ2MNgpj)`q)qH5g$Msxy{^kaxqw`DqZuDm<xIXg9h+fmJ78G%bSPT;<LO5
zB>+o;NdkA4)JS5a;V7#4)hzEb*J=AHwKT0ZKqs8Q$wl%x8yd+g<yZUjAA|Q{fvC&G
z-ppJq>M<gRJ|U(T6f@q+O{5OVw2<k2;Wdu77B-mP3Kym~U#p>B4JXQEp|-DnAa{|~
z3I(*%G`S<&XCuIT0}cosUD389lk=|4q7BTggYWe)xBIx$mVL0DH0}4{XWf67ygffF
zZ)2D5k+*X^?RyshZkU*w$TG2GIZ89j#J=~#|AdJR{oyxeVy_Z+WtQY`#KeTh+6y2|
zEHI&CctCU4UH;1%>}4)dQEJT7KNlsI_o+khJBX*=bk?a%gIPq3&Tf-;=159LdH=o+
zrPgqHWP%;XtL%_Gzk{Pyu&4K=D&_kl>_>Tz!>ka+x+Flmt@_*-w+<*uzs!}?X{`9i
zK1DkRaFau1Q(p`2KUDSKe$|v6jJG@W(;Kpd?BBcyzI)c`*l%PBPyI%=c!xiX?oO_@
z*?cUe>BFEw6(IH0c#p3BygU6n+n(t{-rFB}TY*b@v3;uEE+!dWPVd*~E#Nl&s{dHc
zrGK4w<Nc9wW{&m;da7O>Wp6U0GK08E-(_oOYW?msdN=MzcMmkTmf3k1cLL$8@=?6W
z+l`i_R1`n*zIc*m&(RBJGm8u{)%%}Y2KXsf(5o4xWd|RU?Z2kIAG7a+au0RyVDqYW
zASm0sBE~EA=Mr@c-XuZR%V6rWBI0}da)kyn{epGyXytJcF4v#B@%a^sY)H-xl21%r
zDmj-7EZs29_}rSJXrD8?2M?n7%tHND{B49AX<|8CY}7=gvfCIE?u7WipI=vwAfo+?
za#x#&b9u-<rZSw^JwCEHMw*zGQa9NcRNsQ$gzL4A63-#UaHVwYeMB`C8RXgX<U{aI
zbe!4NTt_q38SKDjHYVh9JyJ`YmanX)9X@O}8FlB{jg6}>(`;#;iv#-gL(gWQzIJM`
zsu%|u-ozbWY9nMFf@;+p{@}qWFV5K&=-(rWw706W48HWv`!amj_+67Ho9)`QupV`-
z$A#E80%W`Pv+vrj{g_uYK)Ddx^CkL2vfbr3oTW{d&X<T@X*j&LP4r8<a;C}{h?%Qv
zY36;S8ks>X-#LFPFS_DjW0+sWrqZb3&ZkCt4tIiPwKC}lP;BjV8%eO+N;Fq63h=9`
z6kX`ZyyeX>ly|*dhl8U5?~XR>Wr`>AyWX~=jOXc%rp(VVq-i|-3Gvqr-lFF$iiL`D
z`f>Sl3)jp^bfxSE-MY0-+ZuXPAg{WqMyl-zibVS<vuoYsvA5H|pjJM<lzQdgmnmA{
z1oJ_UZi_F$%w+;+P)o*WYoy^--#O;J^VxLPy*ul$?YF_kHG8*nG$pYUv{h#|9s?sl
zVY8bony%ScqputWYeOzGZ#+0n3Z1QP0>=-my^(}GnJRMtWJ@Dw5AX3K4Xn<M3w}nw
z49)S@r>^{{?)hK)&$uYakBZ}PS0Kxe3H@du!pXbEv-Zji&D-Db)XMXF8MlJ1@-i@p
zVT)&_&y*h({MgTjmk)n74}T3Oo->+l4mZcc;fqJhq%r^jN~(NMcww;*unuS*G@gBC
zj>1H&))U^S4xWRAq&m2bcPtu@wrFgiN8G=u^@B4FmP(U$c;Ml6AZcBA%|wfcfC3%E
z&#B>~dn0I@eQ|33i*a6@y~q2?TiuYD!HFPe1^K@s(?8pm!S|SmI=(VkFbi4&$Jd%!
zczJ<lp+|gPoabMLeZ@_Pm-_5X9w9oQC$;ab!(nG5jl5-?r2OF-Ti8Dg0V4Vz9@w}R
z`~S7()XOZ_dko0H^+;pAdn8#MNjBve2?QNUyz0$+M2zGO!$?Y_zc4tv)=ohe;^P>2
z7>An9GU-5rl=m<>5DrV+6gY*Z;97l14Ai){^bF8IW$YPQRu}!QVRPH}{9t;11!^5w
z&rxDMe)rq!k?Y)~G;BWO!1l%o@rfor-emZO(ZR(FY$%pQyr&5qcXsnGY&8(i;$s24
zN80m`FjY07ppZ=uZW=$fSG3X~nmjOIQro=Ew`T=J4fTH+YIqGtZ6g{cFF`Z=PV^!y
zvr}<gj-DG4hRTvqot2Nh@Pbuqsoapbq|ph6usXV~n+&0qF;2;yG$mRGu_l65lbNcC
zm1YRIyS?UJl=taaqg=dyoBej`n(F%aHPyYM)%m^s!mG=BC0b^bgW}N@nf=0R`l#3L
znsFBUE3D>_VRCSLFQ@-FD3o)T@ir;s#68nlh_4_Nao>15;seQI%2`$<g22P%)Wg`=
z0!v)dS2=Bu2wtfMDxq&z6~0p1kizj%E3BIYZz>FCqODXSo9*J&)&xPo=piR0r;I8M
zk2<wN{!vGtkQ_a#`x*G<hRozb{%zZw3S$P>{TB25agpCmdxw8ndlCRl&rIjr$AN*U
zN5p621?LX=`?mso`ZD@`w&okrZ{@20JN-WV;8)V`)$pUQq~Dt%&99~3`KNsi{mxjK
zqu*IH_+O#l0YeS_-ZSqj=+`XheS~V2k>nN3IXU-|$Ae^2fyrIiIKiV8V}-;vSg!mR
zim*Y0fTU*(#6w}Y2w9}$u+o5=n!sxYQ_0h@#c6vS^o^wEH**3N!s3We|4?4!JzFP<
zn3f<^^0_}EOh%V`pAq(F-nN8S<SQ(rA|J2L?3G&&i4)Tkc!GX(@Il*5P>d*rmdL29
zOJf@%$@3uyq@xp(^Q!qMYdt=uSD#{}1AHxca@@AI>Pp@&*~ws>_F*(9h4&jc9`f#X
zq|7F6^J24!JMd<l8%&7gZAO~1{Hg$-N4iM^TmjWrh$@KK3f;$p?FLNK5Fh(x`Kv(7
zJRlTBP!HEQZPJZ|Q<Duz!C=K8NU4~-FytoBY{cXX$-hHqMfkhxe9idE+t9EFwY{&)
zMDK%4he7tImB!vQWIt~hThdEUHqhWC0X{|)S#y|^AL1rPG&y%_WC&*sj5y^!=IQW}
z*2nWgvyP~@$=ftXk(qaA=ZI|aLXyltJAT5eH8JEBFw+D}ua6|>wls{orZo0C$A@YH
z7)##Nympf5%xd$bXJ+V`)BXXHZ>G$gI(kj%S4~R!zYdo$*X><jBdqUXxCQeu6%P-@
zB|P9ZIBf*d!(>sTU=9SPjDg(}!uj5A%Eb14<Ta9#L@6pn-(N5dMq3Q?uK)tbOLIpW
zy}Ncaco>E>n~hw!x?qLUIJv6Ex3qn*__^kJR|&l}c9KW2e|Fk*a9B7+`giKquy%km
zydFs|*&fa>akvM^9a_NpU`D!&{uZN3OL)}jz}KXqnK!5z?^Ia(KO2(w4(gz*;pFv$
z*7M7OGJ!~OS|5O(n;Eo{>wr<=Ivi-f%N%Ey83q&4TEjAPwU2pbnQ@cNLA-pyxi>O>
zef#N3WAV}Ya!_u4IfnJ+Alr*qGAHNj_x15=H`%kk)V{M_{#|gl?ro<nr4A>j9A?|Z
ztayx@9DSH=^F_PM#B67}-adh@r+=wkQg(7uv#Oa*{7rB{_h)k<eoA&WW5W>vXrA_&
zes>KP3|$}J=*HJzk?wFw1QOjlk{lZuHNP|(w6oKP?Ed8VDdphx4tT=UoP;_(FQMsn
z{yxm5lOuf?ETGI$z1etMRtpy#UX}Gv7=??T)Aj=)Rf1z+I(_gnA8-)GFNTPGZA713
zBDxppXZFn7UqJh}Ve^3gSB91SO>UuhP8@-K^pw)rt8VfrlC>PsU4GGILv`yTNzOY+
z&V~d0+llXQDqjN!*a8PQ>0UU%(BYN?NGjIcu}&B+9htdo2}L4u%cO&u0Y+b7`E!o`
zSpa@dJ@OsGpU;Iq(*w05MS<8eTP&pDR~k%jmYXM89uPZ4w}>{-O9-^vh;#Yq)*bPs
zn!_`rLmKMNJG?ZumC+r}4%f7Loo)4B`S@4+l1AKP@x5LgCRoe4URfLPRc5!{o7{NY
zi*dCbnRn3MU3REg&1UZav%vPS8bc2S{03HlX|!j3%}#%a3#d!hrR4E2bwd)C1ys-#
zm=f|it81p;V)(kaO#7isjd(|;S+jIfPg}WW%jX=lHlfIcqlBC`X{OxN@y%)%8lRw5
zxBY*a%O(={vfAD&u=3@*Er+=;H;;VzB2L8ECm&wh^P5+kwgmIZDhp4)fcb1dgrz;^
zXkG>LX(7LRq-Q>BwzXB5)mHOqWW(t-cHP>B{Q#3M{Nn>;a2lzeTz6hgX)I%|VIeiy
z_8y&N+It#kXaWIEdK1&cdS^;ZySDgA%_oGqzi3sK|M*Hbk5pN{t7WE3m7jZkcKLqc
zFfAEb`a@6^(Q-=9NxZ)%ec|%rqMkWkeCjDELV)V0X3yZg46O0*E|ni31AvPo{IBT^
zgo-lXQTG16YywA~iVZ=FMt6A(z`$Xm$GdB!O=K%!b0deYgRycvXDTr3Mya)FW!a|L
z<2tT?;MM?l74EW^F1+*5>*q{s;EtLaSH+prS6H2}+V&1SP{T0zXZqN{%9Z%EAz9Nv
z%5>9PlBIh?g*5T`bl4{2FKOKO>j!Yfl-vLwU?wzxNnbjEKi=@o2OwQX!62p|ph2J&
zB_#}N)JNXizp_ftf3Gxdn~U=R@lX~(c?@{5^r3)!74qI=l?LR!{2uS+1ab0L{x~wo
zb0lY~yk+hnbfOl7s_Sj2EEFEVuRMBQ@U~>JhQ!|*&^jibAY%xJoyqA>`+Ya{a8)b6
z5!r<v_ikA$dyXwCa?IHb@{zbsH4!J;ly5@T8Id4P2~OLyH0>-6#y=V6w2>1AzpcY!
zWo|c5{>~j4C2F@3W*PrDIBQJ7e$81rx+cD6eZ0G`bM2j~nHu;*!ogDmPnVBC-FvZD
z(!)T<ocv6Y)AlV&^rCy=)4SF?i#xInoJ#}sOM6YwAqi)2O+z$N{K;kO%%Q;HM}Ktd
z@0Tq6_6@P{V;eU1edmNw?_c93<0g|^&2VlKN}H6FYu2zLce7BY_U#>3PXC;J->qAY
z4kJ0dI8ysXBsspgw4s)rVFwYnYr=iE#x{o0dm9EOiS*z7jqqaZgYcJPNOOE~S9fDb
zYV*XJ?vpEwt#-%&;9lDmseRw=yWDBtN4I!>LnhN;fM}O1>7FM1x$8yxav_sYP`l21
z^e6Zy;g3}0jqj$0X;o(18J}>6t~P`<=O)RC&~~Ft_qS13$^e2`?Q9ZB&`Mc}{P1;w
zKI~CkC5ya+h|ox%&b#b>Gr{_$#JqltD`K+&aWNWlr){C?(>-goSDt?{Yz(^h@t~6b
zX?z(!CfuNv3;ok`VU7MtS;9);TMSZxW9EqT+We3UYurRB<o((+i+KBUK|7S7D7cSR
zY8(c&{0JssvhEQteY~M>&eEjr>QJx4XRIkY{BWl_@cQkNVM$kO1}_OWhw<Y1-nb|h
zfGoyG_ZPOSo2p-_@b*@2<gyb?f6kSx$%Yt`HfWc5jJig7wutYdzuZW-is%-et4>@{
zH-O^TOkmLJ;}z?-hglk&_G5X^=pH!g*(mukR~a`bLpA-K_#Xj0^qfyGS7@a#CV1J9
z%#crfiusp|TP_eoXgS8%`2Watef$e%Pgmi((@UM}@8&A~d*Qnjpg)@^1*lCK@+YR>
z$Te1bdJ2zZhVZcwl&oZEgHHtFyv>sET`Cx!Fpw9=Usr>X^~Nii#~hxL8PFSC1wS$9
zDZlwOAMsrPyp{&s#MIK&Ma5XR#hvn&I@8Y^t^9{<A+GZw_2XT|v0d3NR5+=vdVRqs
zqFQI+zVHNtm1p3u^IyfvU&MBfmHjtath|A7+r?9Td`Y}X>bCS}TrD>I>Ov+8oG8gM
ztj_v)$NKts7tHIpE+>Ak@?$RTJ)v!#(|!lnmTe9BWPD=HWsjwaZSOYYy+N+BW{5vz
z;3At20pPz$fJ>u0AL_wx+M%xL*E3X+fI5&*h`S@P`h+-XypI<Bc_*I`&-k%Vh}N7h
zM%1No6q4fuB*V&)BZsL8Q*$I~BYJwM(z=isTpz>iTU^H%gq_3uQbfsOx3g=k`ygM@
zzgD-lQ)jC>p^pW;5cRS_mE`&V=G@Co8CT$}=V0K<Spwe2It|ltpUm>HWrxr_5^OI{
zzIGRU9OTwncm#a4{y{wnFPrq8MI)bGb@6at|BzT4{%E7y`PObTm#c1l;_><+%O}iy
zaqd8FIx~CJU%28tl{kNXI-IKiY@+k$L1)dFn3z^p#^u1%xSUe9dzeEx7ku2k@k4~K
zr>?jsjSQG0xa%5=S3~<r(2BE0<=iDkrr8v~Gb(|*=$>I_FOX}}#up8j6oO}Ihx%Oi
zq!Uk2$KW0Xc|6T%tH#0-q;%+%tE^<^^aXzH{~EB%F7LtA8O-8{nvpR1cYme`$njOU
zYmBd|BBNnd9n0pDb}gG$n5lno5BiHRvd;U(z2-Qjwsvuj)R-@>RIPrmUq<{@DscTF
zj2FdtsXhJW8HCgH8w>~DH{^sIlFz93k$foLuK7qFyY;JAn`bUAK<}pn!yJ0=u;Tnc
z?x!4P82{wl*+ZN^Ki-+{HFKR1qBGrp{Dqz8jUTccbTHGOm{Nk(yaV2?>buS=Yh7M*
z-INl??OuzL?$2eX%}7LS4SfFEyYbas9Z8iCCe#u15t1B~sq%~ECgXz)P|YS8hGM19
z&@^)XjXc*={g$;DP@Qvd0jT~L5jg!I@Yu;3iSJRVk6J&ZhQCfe@A~WHY##0er;HUZ
zGtS~vgK1efHHF%CrL;K%UKlGBwc#Ge8;G$vx9Zay%p)5oD8~6b@Ye4}!5t6a#1=7+
z_7#dj7R&f=vW4$n+JmV*?7^}H%MUKU%!1y1G|LM>z^5ndrS%?{Yxko~-<%&D4?mb{
z`2m*$8+XbN<Pl=A>G18a>B9HU8}dH5B=w0pAdd1?C^Zl?s5TYLPWon;wa3B&%o_9?
zd#2eveZUJNm?C2}`SL1}N4jd3ZMQ`Sm$CR?v6m!^CO?T4{zfLTke<V6nr4h!Gk!1v
zA8KSgu_+}<CVJ5>!b3h|u6f^Sf66WlMza2|@uPVcf88uQ3$KEDb~4l6xV`fBH~%l@
zJKg)g&3;oC^$gdt-(z6Em$J0)$bJuK?U`}Qeyw1;&fA|5QSH^93*=2cnl%*5vaVDb
zJB`JFAsfkR;l#@f17iLyWqZ@7!ED|!6M8llhx4kMV-`QO3u;-~+lbUn27kt_1~bO^
zS*BY4t0X@E!X9Y2i5IK{@Yj42cNVtN$$DFqBXd}3rk=^q-(T)9|Lf|9bWWK0lwJSd
zV*Ovv`rpa=zb>2#Y5gB~x`@0)>wnpaT*BYOiH?HxUl!(XK=NnNnQuh$BTU6_O7fN0
z^dJC>$&g>!S>F{=El2WSG3&GTF%<95_=RW4Nfc5ylWKy1<zr~%j$h-KXz~z3_|{d)
zX;bJjdz`e${~Lhd%+NOk!I7rob|84^%huC<uPy+=!KgZf_)=~3fI#TZE}b2gNFbO+
zd~(V3fPl5oYyQrTAjtZx+&Pk+T=BmQ@7vB>>xI#*kFe7g?P(j8H>F7%+K`*FF+nOu
z(H2Oc?bJ1vd?Vl@j!+u^t94z)*&y)eL0W0;o>&sI1V{*zwc85ATp}N+H7ZG})B|mT
zO(n5!H)VJC-n0uO2+gZ<eXp_*`E+{vY2Oxv=&HX5UmCbOgaB4SbKT`{9z##G?NScT
zoI)yrhOFAJE=^g#!@mcCBF>l{BcEQ+%jxs*ZO^7@G`ry2Xe_%6-b8zOyWj>MZMO@i
z+5JWL3@2ptF(&^>x<9QVK$Y!5M%%{*N*`zT$%f^5$M%C={gkF{8M9yH9ZDH0!_=6o
zt(*IIFECQoZu>H_9szVp1#e2fMa6?>37N`Y7?90C`&_x2K&LNHqZiAlSw~H;Wjfxe
zN9b!vN=1(fV&21g`Yqc|nf>5<Gt3A7N0Zv~!PhxLKK(wgxa<r%_yxnfYxMTZDol;}
z`z7i{zx(am(+c1ImEL~9R{WK%_<dXPsKSc#R558Q&a)NIu@!eMtau6)Gw1W&(`>C#
zw$>ZpD(Lkv)f!8!8e6N})_SzCRv*>c+iRSLb1Z2z4cPA3jk16@nlfVfdu6}`ll?5{
zy>O>IW<lCaedfx{yu4>2?~&ZI!G8Uw%(pWAGft+Txwo5+430gfv5<GYdBOM2ozG3g
zN6XA%nL*Ub-ReeP4SL_9mTAHKi3s0hDLzgwqhbD^-$}Eq+Axif+-9+ma*(fg*^M@#
z+Lfk4)?cMS|L-QAg(pT5oehb#-g{8z*V+Pxj>*y9%;ARizQPu8{1sXkWeccSe$bum
z!;bs6wFO+W?;pzVOMiU-m)ZjM+*JrId)!X#0a(+30_F|d`}e$~>3Y6Z;9bb|Ylm{q
z=-g0#c9b2;ms<tq&Hm;?*}*Dsd|yN2JywBdQ`Rc*%Du)akkc;XpRz0moQJYN%eN0S
zvH`t&6deyjGw{D7ZO8Y65`S^Nx`@7`-=EEu%Vqh!Tz<#55$F}~FQw{Bk3KzBo;Y_<
z(K0wf(F(KQ=#nGXsL7?#A#Um<IQX85RXlwiW`_!M?s6z7Zi3;bnjbd3p`sQ1=_Qv>
z;z8U5?@umu58K`COqaL`Czk;{aUw@&E>@5`-s{##b$TiKv8UwbjhUFL-D_i8YCH0V
zOMSJsyPLd*0N1CZ1E~LTRAK1U-`(wgJhnvzL%(rPX(Zd(Hg&(yKC+gA2F}1qJQ0p}
zmBgI-1y>hEFOQuct4d4o<P3p8Z0}_=&beq-{ZSK?Ev=y>{@(e0JDoO(pt5^nwETyT
z=DeGhn5i!iNFJ-<y1RT-t(hsO?Lny<WP!np!EAPE+3b47pR<ank*u<HC^J;6Qnh;0
zz*^{|z*cos98LPrEqti{Q3R@@$MmPW{BJe>=g#DFxDBi^0}+cLJDTyVN60RU?$TYp
z95RkzPZ+6Xc%;7!*L0WvugViw)3phuYLnlfe#t*3Cs;bz`&+C4xeg-3n_<-Kw1fXf
zE~$T1bsp27?()O39ehlXO{`fRDmi~mkzl*CPVOsSQ`o;<ZU5NDO{lcro=~k{Ned?E
zbFt}=l}HSX;Te_IBI}(Bn^$|4MbQb8iE6UqjNY!4Sj2wvP9wW0{oE2YMSyktqg<rN
zG1=fkiF5Pu#jE=irJvzmB5Acm(i%C<+gO2#eAVVf+$PDQ?(IB>e8a$u6~LJK`@w*u
zF_TxRF$DKSK^qU+&v6fe#TykTxu=*Ia^qWD^&gGr5TUq|`Q|A9K`WiyS?}Av&jTTo
zH0@bTGhx4tl@x$WQ!&*res1hknhOLuSgjEh1Gk(d9%HO0Q4kYX``w<js^I~&>82u9
zY_;*tR+TDS%|MA`_tBbmht&pWGNVA-SB{20Bn5Sse~V!lNlr3HPL<Y!UaF<e)tCz;
z<z@+8EmHKcPqfLH0i}W??oLycWoLEo;&2MDB|MlezlzAzKH_i2fBj3&$Cij{49n!?
zy+`!AVEcTkR+17$dzbeXBbDFUF4kLLUcVJau#?a5DLl?ZkVNh}-^fYH=|;*Lj$9~P
zn}A_ei&yPV#e?z$!oBq-X?di*^2&4*@P2iQ#1bqhNEUm`kfQa^8>{4bT(x*3xXQ)(
z2=To*xd8lFAkf@<g8&yWNkZJrlN83I_q%@p6)=aV-(|xk#uxCz_}gwn;_rqZJ|{~&
zvFA2f{Sc<wchTQ>g#1fCoZS-yV_NnRn`HIFA#)+NN1vn$&JThiP=4@Gz~SrcR;h{~
z1jCyz9;QdUAy*Qtgt!!{ZR|^EWi<{Gh8bFc;<iO+if~7Ya4W&9Mev5ls%fvge1)0;
z1+Ur8;2%k}ut`w${vrG!<ht<uCD}FJ-TMId;FsTCYQ>cg{(SB&7reh2o$5HHu7q8T
z6ngo75<5C+_<<KE6$?SUw@%X3S;SG7ygF0PBoZ;k_x)hAkG#%yD-^7|)6PaKm5b_6
zlfVYa7>5m3y=Nns)3)(MY{CSZT%e&>C^-ouzaB>7k9-||J{tLVcRF$f#byV-!6>gJ
zr+wYPfz);buO{HbmoLod&Mfj}9Y#mUg*_AeBkzqiJGi&+D3o~IWjW|Rl>K;~0I(Pl
zCVXa|e3IwS5Py3r2_uy}K1pWL<KR(*1|+{{WW!3M5_rpdLP^LhpYMY}Sko&uFr2`+
zTT&HH9ADayxHOnPQjF`7oM*tJInMyx8@2-HaMGSRT;Lc$u=`upI0hh(<op4)8GnFq
zttaCW`t%+B0iHF@UB9D0fKG`u{s1O=>JiN@ZUwb(8Giu97mBxsv;oCJ#paz7NVt5>
zMPe<IgkgmtR4c!m%lc~k0frOhXj>H*ISuzWfdRLf!-T&~qo~EKl;X&+{z_Z`%vp|G
zeEa_!dSx_;tZe$2pFpX=tCSc5^Yua(LOQcg2|L~=0`MW|bj-r@)V1;v6j~?aqxuLh
zSm?F9Bg}P2@lpbVy~h{YjL>-d;9NJn%6pIkZE!k&QHUx=zAT6*A{R4WLc|mG@FuMu
zK5tq8>rwbnPZV4aZ!#u@+h7giO>$<@(%lmUXH$<{hYcv30Z;CnmVcU8$M6Vh+mBE9
z)OMx}Mo`;nJ5XB_R67-jPpu3mBsTR&89|VTJfwn;{qF_W?D0Bxcu0Nt)AvIcoigHZ
z?qGL#mE?yJ<?)Y?KkEXLFd6Ok-!?a1dxMya_K$Wq8(U!aepfFkgrUtZMm}u;Ejcob
zBdfy7zS}^w1ml@}L~cAuS#=oCIXjGJju{UDIR1F*XMX*7GW6{%aL2f<+QDUWZs#+P
z{mf|0Fj$yg@qX88hq3hMmL-NrBbEh|`%o5q+wqGlPyaH0!Fu*2&QD}I3@12K)GTSo
z8$+iOH&{dGB*`I(vZ_ek$97dSV!1G<!e7;J$3JU`#T*0;v#M3(g?5q`;Kadd!&;)S
zwQ|i`j<m*`CFapZiX1S~sN87ns)jSLQE|TSdHD;Q;qEMKhP(f6SZ;nYRd#-MzOLnS
z_XC=<%i7C--r%fU^iIYuYfJmh>-&e_|C0U6H(S>5UncbG3-8KLgn!<EN!zV!=a_Q4
zuH|w5x300A|NWn84tHG7tOCOOz!2fimb3@qJU)?aJID_D>zA~lXwl4Cwe0H#{q;-Q
zbsuZMI}EJ9Kd`;cz_R|A%W`0SDEsB@@U!mJJp2?t(+b~YVk5sG$sh@siE<l9bm2sD
zSM=6iEBzk8k+U9K;ES~Y{O1DvKTj?c;GgqOSYZWtC6CkE0B`o4tAZIhSA82U>C5O>
z9B9DrwB1PEoQ#g)XVDdGReSn{vOpUF))=HK3H+(@K{K=-;P`3;cGx?sRS~iGVuV?5
z_V`@6b&`?4yL_0qPkd#QjV5J1X*$D5(G%!C#?g2C@Hp|B6`<=RB0G5k^z$ESzN8V;
z+UV{51Ifm^CD%VE>UdM<S+3IblS1YweUtlj^C#5>uKaS&U6bDZNBPdRdS7!{gU@s%
z$#T(&B`EB;YdOg*>jv`aA&evI2J%P1SpN`S9!22?v!-8pM;6+H!kq4w=MVDN`XMXo
zXTD_2|Cv3EH^>UCK`(Kl^Jm5x<haDNfq|S~$iO~fPG;?K2Kn8WcoD3_i{SA*FM>Y#
zUIcqtF9K4Jtz~t$w&N=v&b*#=C@__4w>2nvX3n9YZ@xppAmjn2d{|QQ*vgtS(KWR)
zZZM8O`x8suWVlii(5nUNANFh8-xsX^l8SYT-5zdoBIq^_dfA2JmD6fDg32i3pRq-!
zI-Kj;DfK-LW>jn2vPl`qKzPcn809l~HXm2RXb3?ejzwFR?D<+Y9Q(5UB^Jn8E?R9(
z1STB&P>Lf70<>qbJDG*iIe+;!qQf@t*bfcsd~SkRr>`&j*yYGYGLs?_#fa!qn$puM
z(V-#puTDSFS%_fy`YQamIfO!itBhT7!}}>^x*4>>D;^0kEE8GvjtOpR(=Y-4s^&0V
zGf65pIc=LMn_M^VAmXbO^I}9Yvrx(Y00f@2EFsxKl){HjoarkHKb&=34nLOj>Q1tk
zh|jC;D015Vq0c0zRIjD6>h(AvMQT6RS$?&f-M&vc?Uv6(s-dHjYMZpLBvku!79Z-?
zBSNJvS8M%)5c&Jjx9I{xbrQgkmP;ucx^Z53ZEGYooK&m0-;;5zu_99Y8a}jc-}R)2
zqyt7%@~-KL0)|^kGep9c<N}EiYK%%KUJyBKYw!{SNHjv>Ei^udWx1)6Z28HuYUN*>
zi<nR6Q)S_BYV_LLbq&d&Jk;@^sR$FGv>p9QGCe4qJej!b%L$xcj?DByL+$IR2_v<i
zhU1+ZBYj_rzQ_qFbzQMP$&<SMuQ&^)U*gY$z#0*ZBIW2yujNneI&*)w?o|k5y`u|`
zh>z?kcJ)n-2{(#UmcP_Ue89Q1;Qi(cAzc=}3cTrXA3XQci(Af#o_(qN(Ak%^L}y-l
z$*fGN;eTvg+`84#{eXX;(%oZQBFU0I4aw551{&HWT)V!Z@7mZ4RN*)c^ts}9Q0}LO
zkVHxT@dRv>uL!xLt{55X=ceY?cvB8lGMZT-RyKC<HY*&QgsgD>E~LaJg`<W@vaqFD
zQ{7Rs8cj>Cx2tVwDlNHR+0s-<u<}eCt$l6DtEhJ}{c^VllAlw`k27x3D&UPXP%4aX
zp4vM9oT6x*BJx?wv@kktL%<uNUZ!f5WFvVZeJBa>f2XP-Lm%IC-S{fl|LoGt;M$J#
zXG~%~KL_>-`*I1B3UY89Pvzm0WYq(&K_Rum{)w}T{3a_i75VSuUNE7Jc$#18O&X~r
zelGQ$3LEgD1BUxRfqnFlwJ+pd%xUu4+5mU<j;JOZ5^qMF@$VQP3stEW#lx`P_l~2g
z_GZ-)!f-}fUtwwAVM`>bMe$}_1GR;f;u~o>n7Zt-Q0o`_gq$C)4s~n_j87f+Sbb~P
zJ{&FIQQxsK5Gwt9ed+q~BUi`17fziH?i&26d)#TmYh8^*`xV2F$Cnn5Pfg~{kM(9}
zeaEYT38_ZzKhgd2`i|EE^`-AkC|yo!&<P`-iavs5UhmvQSYvnWvdq=n(Hr_WJ(!v~
zFKdr@AyW6g)4pERf&}G{7X5RDM2Hu(|9gOEnJM*u#;d(MwqNGZNaEw3Z$!VPFXSvV
z+C`I+2EF<BVUPfn_+2$EfA}UYVD!YN@+f^WclY5nUl3{s_L&{pyWUZg2k`w3-b+6;
zLP$1#)<}aSlwxzNkops0?T<^t!fi+>H$9R(5dtb9?P*CTu~o^v8<Ho%d^%x1uLX2o
z$<xup!V({oli)Wipv}L!wM2TX4s(2ReEG(3-&f!_PWF2Zb)B(?GJTEoL};LZ=Q`sb
z=YP&7GGFc)yXMd8U#5ucgNaX*fuWWA;#E}=4S2^zP(~&Lud@uE2d^B=9D{_3g>qW1
zTN|rN4*QHp-K%1g5$ArjyJ1qVJP4CIn2KJBVPD3bueM{W^M_%7r83zIQe&2L;jQ}i
z$KAAA;<wsrT1^CI^DHs!PX4;_F)jQQktbNlzb0@tcM9T=?8v2e%C3D0LkUDw7dVbf
zbjDvr>30$$_b0tBA1=;*grL;@cg}ExW}5mSq}F#2Bn7L{o7l9Qw_r%tdQ*Nq7v24|
z=EsiaYw7*?Hveint_}335RbDMHn|Z2t{;1x2M;aakKyRG9o^*<_oNrez(>5bGgvhz
zhi&CiH^~!(w~1k|amNV%uCF-lH_#N{d_;G;OpW;+mtN<CyA^>@kJp#M&nP_LDui;*
z+4-#znLpKOY{tAF<Q=c1tE)S6Q69YK(u9Hc<!bBHx}Cy%BF_@Trtp{Eg!qBkkl0c{
zzW++|we#%Po+<p=twtgT`E`~9=kp=5NW-)L!@UGe?+|`7!whF0^E$NSZCkdRA&y6H
z6mi%GKh%SlKi?&rOn=OkDv0!9S{e1trsj;r-GkrXd*8f(w*q}3R<+|m#;r~qv5ME8
za$ybey9~E1NkCQ7+dVH94B4<1l|`>KGtOwN!U}~{S(2>0iRnxqj5?f{0Fko8;euqZ
zG59cylAB7MC{)Q|3`8qUq<sl$-JK_<hCW74(=8_?2W>fF)U++nlhH%kum&3Dcu$VG
z5NNhW5+Axlo(Vh0Vcu4@0<;n6u?@<UA?ERd?a6Hl^_}3sd#+q;QVgKKpS37V7Z6?O
zooRM*YUmb%YB@!N<w?cWx?+5Elp|ea#tb$D*=3eg@rP9@oScA=LKRY-a%8#*I-mzO
zv5w^7%1l!aPY5R!^K@!{pXp!)aV_d^UJr+dQxl$dlS;tVQ0Z{;V$juB&8H`jGaaid
zY1228TNR8CkDC5`^v=uw=0ltjr`sronHD67N{y)q8$NQ^zu_Z?3$Oq7zJ#5g{{26h
z|LoiwB+%TWNsh5$pZ<;Kf7+G`A;8wyi3I#sX`+C8RA-$`sq%I{{{w+1xc6oAzo%XA
zH2;XX%%7S5VE*(QtoT1pe}7T;cGG`O-g?OV)9F+5`|QuZ`uqQ5{<nU!`9I#y|NFW5
z-}<HVzu;|8+>-s0>q23W7F7C0ISJh2pBFoe2B6orM_4fc=;K`pYAz-~z10(!l>R=l
zDGELJsVyi+_T7h3(o(bAxjE2Xep-KSB_+N_W9Yi6@hR-+u_9PNclk*BRGL4s)xBV<
ztP(C&lA<Z(5+Wah|7_IcH7*mEHsp%TpYkoKJZM6Jym715;f!Q=Ckt6iX5XAYhb2>W
z9Wg%b#P>quioTPyaqf`EC2DqVG)E5b$<YWWpY)n_v8!ZrD<VTaa2Ec7+HRfaTzfYc
zPJF)lpeTYXIo)zsl6tz%I3nn#!M#=cA=Rb{<2>Rz$FbLY#Q@DyQe}DLR!2`v2N-(~
zJ(8`e5C5N7Ny4hmD=yRPPWzM+I+>c-%Q$tXF9qdt;}HmgrYWcWFLcM)0Vky_idV}l
zQbU%X0D%4>0$p^Zk-wgFvexq0Iq6RV`QNu698mDViQHuafA~a^Q3JRso9M9iY2-PK
zwh|P7Pg6>|dLNa{2J>g8fIeV(mVL;Y<;nj|2iTN#m!Hp@4T%qBt798UT+hamaAI13
zvS>gj-r`2k%URd}Z<BFnPC9OeNM=`11YK)*$cLs$QkMU9chSFfqjZbmr2a8h2~I4u
zJ`O5s<$YI0Hk!vxDQANpQ2EjNaPdl|L^2)+_xGcV@>ie>B**3B+9I?#iyq?Gf`-)i
zDtgpO#*Gq|i+&ivBK=C;;!bcXI?W&K3CZZ88`%iXo<tM9orSkznQur%syI_{oqaJP
zL-XieaM784tZ|rFcr|r6;^Kt5=%F364^2<uTSkD-$=7P?@;!HKrmpkyfJ(n;sQa6<
zXf4eU{Z!29c+R2=x$!><Bc+?>z>O&ZIz25wrxAWPGz|I3S$Kv%PR5;UFV+P?lCt+l
z2x_|9{GO*NVpTjLHE@WYE~XTI%-~az0QD`vb?QgF16JBr)oNa|r?sMS2}FA16JZYe
zdowU8HS}<@1OyrqpM{5DYnW0+ez1QM>&H9n!NQ$y2K-5ey<!?*hSO!>N-<Ifb<y-X
zH&jA7+F{(V7Z+}CoP#xC+71@b(}ay=r3*G}tnH{>C#rI8?QnjisSCJ6o)Eo<hpbY$
zl1e(qa~UMufYo<~(|?lwkml&a*_;x%Vk5_vT=6>-7yfSg8m0#Qo4yDp;y6GKEIK*f
zbn;DfAXQUQ_c=GjHK4jRrf1F#A>L9?E3+7k0ta&6g@CIL`Y@p=<lMSiy-PetUp}WF
zefa;x;0#28$>#4asB|h_py?Jr8zEcb?$=qK#WAFHFJFFNgv6(t2wltWUu<tPbTLOX
zrYq@AD!IM!T6s{4o*7Q{Q%2v$#fx-^aUcHT6=QYUM7*O?SspiK4lk^3*VFv^v++>t
zsgL-0LaL-zkY%UjELujkod~k!!nK+$F;Rl141aVM-flASbSR<ZQ(ib#wx^k$-sYsa
zFAC;U8qDBi@+8|(J9#~e+sFqm7$)wYNBwu9Q?{53TaRfBYc65wKo7N&eCh6wBs$Uu
z@acNwYy6freXL7xzbO3@m$D$H_MLkAz@qMdAdSn9Vf)3dd*cp8C{qH*q_qI~i&APt
z>sur#XIEE#BNy;1+1|y#y!|s>-RZu9LaKZg&t%~R+0C;%Jf6KnUubW$SI}OCs#2*b
z=R24R{HuY5K5;x_JRL;pe|&{^;AR>SIkEY8^H?JWT+54(4yDLjrPgJo;NeHaC((g#
z>)~N~csCC-F?BQ*7;U<RF`S&bsq#f;U|6Ex^?IvPqZy3^XGv(H%#pVD6W-$Kku?54
zw(;NcqHTN<@0smat9^1$?n$kE;v;HiK!yP+NvGPb_TuYz1$OM9qnxI&r+Ut==Fx?P
z77Fce2Ee#`=%0N!>LPzvvqi6IOY^FEf4y1ki@QMajhQ1XJ}ZHxr~v~VSJJ0WLG(;C
zqHl!`(Cll+@=Lv*I-xk6SRaOeynmb%jP%*4pAyLR@U^p_o}4P{6E5yT>A4a81ALQK
zU_xOW@5<CNM-e;0Mnlkj`3`=h@lT4Q3+v4enCO(;`YzVxZd9Yrq9zvphE(H5y-#R#
z@MLWeY$L3d_$aTBK&VfI6J6;M5=-MNE5ODv1IL*8{Uu0b_W)}*85yw0U%;Fnt!x)2
z_2}`a$S**G+341-znrsIj*S${FUr{U&&RMt_yid~gS8!eAZMgD%kU;eU%Yk5$EaOq
z1T(90`jAr^B~O03;EPrOH){xb&L9fQQW9V=hi@(D4K`Df>>avpXpK4gVpcG{nyP3z
z5k1IL;Vt;Q2(fb3ex2SfWgRFGOG2%0jt#Xw(Hgq$qN+gsqoUu;h15cloOM{IS5~%B
zwGtjLRE;fb<tC8-$}aVfiq115JG}u_eag0GE0<*}=fAm2{+oTQ8!6gVz%&;yb-~mw
zuf}#3DQ2G^twMajKr(t4Emk-o&dmYJ<U(P@z*73e<p(QDWo|IDvIkqY%P%#@SmH?t
zYozh&Nb)YNx$exLE#b$eW+G=_0e{Tq^HJiwqku|7U36$mEX_80XtVurcX=aDC(0kj
zj%w%}iHIXjVjvuOhF+)kQF{ixIOj`-lh!Xy68pI{CgF9YD53^3?B6UM0B)f3`nQCW
zKYiZ3Sr#&!yZ8kwtwS7GAwsZDl2}=L4hy5}j$++m>#QabqT(G*5@X#+awa?Qh_>%D
zS>kLOvH^wT3&&TQd}Mz<v2NaA@<B~X&Kpd>jC&{U1F_y_XfJ5j!2B>R&EztEBU6@L
z4|%@{%a%QT?1Z|DFzmc7!w&uj=IF-Zwt?pn-VO>W=UJoiYbt)<LS;<H=iSG(&O7Kk
zsF`Y^u@jQx4}vX7qaYydXNsmAL^dnL0;N%tWYe4(o1<rSwNkxfr0+=zbQ42aoG&WH
zc8Eq%0+JaauM5!4<X1%aot(VrK<;6~nu40hsEbNlV#8^xwE2YOP%@h1KY{RZMK6tB
z=@#`7@(WhPZq6J~fFGuM?y=K;nHYtc@TWf|8~b!_{mINuzL~?JAv2bjQKJ;j2llci
z3)45FH4%<-kG;cj5O8YYIR5v=c0TgJ$;TSK!Iu$Qa<WVr=DZc(C^D7Ml-wZQ<O8J!
z-IF($3f~Ln;ZKiB8Sm?9nq(qDB%m>Yhe;pL+Q`usx@a`wKGGNkO87OWXR9jaIO=G_
z98WzK=6Eh&@qY4#n4^MNq*h~<r4<0_jhk-WG$zd}&`0O#PZqo_IavvVBsa^;eF?u3
z0^7va@x-cc9ogGyC#;^-BNvbr8|C=Vxxt^_xW%)2vf_UC7%ldql2pInZDe+!h(<T%
z?`(L$NFt0c74Sycn$}HT{LE!v!sZ?2hCoZ48bw@G^UJdlKRQ~fPPwvMAJLDzN3P-s
z?Iil8WCJ#wNYyoZc@FMwrM>x6rawWBA0A&tFuiq8z?60yDKzQaOuK;Zb4fX|dMMhS
z8eXg;=Q=l<a}NzCN!S22bADHH0w_NS{Y(SH6CdGAA$53;KiWXYcv+m7GHqg~GQcN^
zWmiFyhHo1*$IS$8-5|IqR4)}+IQDCxU;vYY0{&kbJkUst7(~3+l>mSpUJSoK)}Xps
zXdbGW6IP?uB{kFCZnAMLSgDE4!<$K|lJnqes|40?@w?DK1sTEXXpeJ0bXat0TFErD
z{?X2iH6=Ae5jw{O0gM1Jfzk$mA#w&1g+TbrI3EZCjRBG%vC72j?*tOpztRJVIUuoG
z{Zf1=fP~q!K&5Ya%jU@GfH5e?>xZx#Ep7%JL-4XAB>dW=VGBn2par`xS+w*tU8z!F
z#YZ=IAMEd!E~kN>6|ILph|KBp?OmMq@A1a{#b|U8P(BVg*G?0(Q|0$uihlguvhTaa
zPj$aKnlSY7l()_=E^=<}XuXD?TUOMpNGn=zG#ZgZ_)SaCKN^DCha0jl65l+#!f97P
zt5H5EKe+XBxBw2j)&1ysH&Ie$RQmOg1bMgirAf(wLnn<Ic!bj~yWON@^aw2|L$`L9
z5B+?QQE4ckL2$VVUQklyvbpW<aJyHbF-9UJ)y^Ynox(GkLp^Wi7rz%wm#5K-Hgh){
zFwW<s_*XtNt=+sLbJ^%X?BZ-^W9P^<`>b!+$=Hbe4kk^Lu>-!UbE~jez0~@8u}LRq
zM78NQ_G<JlG0zy#bo2wgdMUR)^~{&M;O(^x0{?cIui5V}(~$fWC*pETbf3CpBF-iJ
zKRF^?K1=vFHNRxGN?PC}6=EiX^rzBrlqvuVsX)R;_p`;TA0oC=KA?Ut9*kHqQ*0%|
zBDwu}=I9o*e5L{;kF@wMF3|RprGq(&|C_4Z6|JUw{Vrt7oz+b!{(`r+KhQkj_$=3Q
zO;L%oP1RzZHk^Wsk(4sr5vSDh(NuQyQ&<_Uj1|jTTT&J8>TQ{a@+q|MLp!XDpdL~8
zI$LUq8nDD~cx@I|h8>uauY#2pX$Go{XE=VASNjLQzcChQITPN?@m}%HEQD-&F@dWB
zetpi10ud&0DOjt4S>ssCYHGx4=%V;dD)3M<A;DaSRBBps^;RQ~_G10eBa<Cq4!S+=
zZm(+9uOH<sab4G1xb+W!9avKcuolmak~-~Ektxe7M%eD+7-{dP@iExE#WKs<fB%9%
zseC&FceNv7GR(@>Ge<OK*17B){r(7jk{z~KeTDZtM{Z?i?(_={d0+U=|KSS_g<qJ>
z7mWFTuo=~PQVHE@6chStbI+__Uv-!I%DT8jzdK;V&gn#BVHJ=VGU#AUyvTy{CAG2p
zGV1WZU}h^7IDd?t>Nx`OeSQ~O^_vQ;o1qE!7g#&zb^>`e?0L<AFMFf{cMZ><1T)#Z
z(4u+SIkgNv+|ER^or%epYqe#*2e7D$yW}mZ&`Jdh>-<P+^eT^)Ma-cheKY_?;>^>3
zuB_O8P5o~{m_2~^a8(a{uN(c1;TstJ<?x+({+Gk|iDwJoJMpOh8+>J0NsZ_jDz(yE
z-qsdDca7(?{fsp@hk@HK<`42Px0sJ6Zr&{BcTkEx^Ay<r65$0rU&jv{)hc@!#Auzv
zY^XFj@lg1EjY=k3PLWqKLnTe%aZs#&p#D@Cem_XaHchgeR7FS(CmqDtQ~eGcWhC%_
zoV!yo((C|o2q><k=E2OHzHK260F01tImXq`<Tyr_%V(ATSp*NfDuzTWCbF->ATh(L
zG=g$gLaG4-ba%x0hgtkJoFwSoa4C|~f|UXgj#IwCD0gHDi@W;5qJ5eZj9%Q+LOAn+
z(T9*E7w;!xYqT#|0Ct~{;*6J6`Cs<}43A|G*Cs((X5R_U(x>aUl?*@_Qb?uQKZol`
z8F~VDJnTQA?dduDq4}xj6liDBFX&bJSNzGRmkEh~)W=`npY>^Gas17(cnxisJ(0Wb
z^y++bm-y>r`(`NGdU=@UPU=m~KJ}fi59oY-m-_f?W9$3AIHB*0^<)q%>R;rv{gb9~
zq$$zYW*?KmV$sP#*;MVDnUHwVlpc_&rnEPuW#jw4RBubK7??-D^e5unvElL<&9>5@
zv+z)8UA^qgl-9>T-GBbD2|B4)zA4;t?)9#^qB1%^r(Nf5XX^6WqfTXXZ~k%u_C_A6
zw@jYX{twl3vLGbCk>t`I*U>d3ay@f;I)#I>+@2H|vYh+rNT)r_26`xvhi;?8CO<4O
zHH1h!<C{ql8%oIE$X9KSPZrIMLa<8QRte1xb3j^lXBAFP+&!F}Y)b6<4}DaNNQUZ9
zjiHp`mQoDIuNI{of}{<lbRA<T<u^?`r4+kA%5rXhTSXgzna5a4fockOQH@VqVv+px
zS+ymKJT?wdj1*CXvfD_PA&Mv(RhK2HQcS(tyYeDnn3SwQ)M?Ni@_eMuo3)2Ifb$ix
zr5E-P0q9W@FWlk{S$odjAHcSX3AW%7d*SGO+sKgTO&Y6m8t}Q)E8eX=O`w=vQ&O=j
zr=jsh+2wHVT174^T_lH+>zvjiLp&vgQ6G$6=SA;S8ZedBhe$D@L8yDkE_w@w@o@3W
z=5+=7oK>H^R>pwekn*)CR#Ct0+U4Ap#CC^5fBaH;(Sw+DamA^9Ivjs&y}<FH_(ycm
zV4ctzE3buK%^UEGK>93pG|u?-rWf11Ut(xbrvZZ;9D7dQgrNwr@|HrQd6364qMY}5
z#3~-1zEFyX0(|VEZ#hStYPpIh*rPCIEu}Q56TCUMQkdXNXDT&kC5x*@l9z`f$*V{;
zznMd@KZ+#33wvj09J%m&&CTQuB2js2*s#gvVkbQ$(NOmVM=OBr4NBtw*-;Xe$q(|b
z_d1+c-o`BB%_JdzE}T4VE12FTSy|?NH%aK)ei^BkCT<mVjO3zA7d39O=O|lTU)oIg
zhE2Vb^po78%bF82d5&7VA!z`TeUQA}YFhwoOID*MGlZKM2tG<vnV911*0N36jI{V7
z(KAaluXxXV@hOv&Z7aJ}l%1(2Drsx2iA4<woNLk4;WTUOrr(CEm{UbtoS<E4oS-$0
zIzw(Yq$5*R4HIQf9hKl}(L5QVzkX^@VFf3uIqiyUlFE_;6hIR=LnMhmO1q}3VdkHf
z@FT4+x`yejOPL`2$qkruI2Npa9?PQH_I5ERZr#+D*c&+MHQU(%*9B>gq?_`tcA^Fk
zV;EQPRx;herw?RkG3O5Wj`8mhxm~u{`ophM{$|c*!z+V6Osbo91pe@DVszCc4jUjU
z%h1xt@4yxyFI3Cx{4usPyUO$Y^I8pyBb}1NaS`XB@_DoZXsfp--jkPM{EL!VyO8?5
zBQw;EZ~82fI&P}&v|fgLhnDgGdj9vq7z*NRl#8*+t@|SOhI|r9Z83bln;Q7O8()sr
zRW6HVcyi|Uvu^Ja{8v_2V7G~VARVp0GZ!7k=ip}5)_Ej-iO=C=kc$mioTaT*06E^(
z$GP^LeW36-optW$bmFIQXR4sQXpGNk3_#?!zaS!?z`-*?w27x3DGuH5^!>#kM{E@X
zICtQ!Zt?rZFRc4Dp8bSp>5n7~X?|T))Ff5z;uCabOBOqr3Z`RDmNr3$sgVntnwv4b
za3%yQV_f#(zb5L{94MBPk83+bgcz%-i@zAe`eT|_mgTmqYxpP@#?*+@Pbe?)j)eO|
zsDC%SFOq!3@PwJaT0(W9lsTK{b3A9vzg+v-gCFcMB`^W9m6-EMIDv-qNsdN+azt}?
z`8ye*S?sCW4)KXwI$T(@EQ6IYJ~K49b@~(*c5{4ud@sZ<A7k+INlr!Q{(6a9{8zwW
z$K6o;Zy#KYzzBh?O~$#!?_f{=;Q!bl(SPepP=ADpu6x00+uiUi6#q9JA)bY8b3|hp
zFdX)j*s^NHJ7Hd{#k|&O6J4n<(pCRBj3rsXa6my~I7bj#dxn2rQSQ8!e>rVeGA^B0
zr1x>nnNu2j(O$|N0e{XNr0@w@=E*N&EUamub-zDGFzMl{X5m8W0khR5X+uMz%j-Cr
zo+s@iW!;!V6{2jkw&o4lY5$F|E0GprwNM4bl2Q-jX?OXDTeQrl({C7I$RJ?peZ|`r
zJVL!-tjt-upp&brV24*i{<XGuG%-E+`HFul{P2%$7DFRHwwi@~j^s`bK(2l{^E?Bw
z+Vjnwg?lmq;W)0_oKH5ttGoPryp!3OY}ax-qrGEJ-)-&sc5Cz!fq|vHrBQgVP@Twy
z&CSgiAYgpAA73u*Ui3&mUc&^0-!V)BmSN4C_9W8@_M?fGH&1-^R-Kr_8?k4MzI~6q
zsp?an{q}E)_-d@5{W@~uTscN0f9i@AOA`I*eq5y5r*h9xC5FZRj3N^<^(TBP{gA1n
zkY;39iYHWGYcMe4MYJ|OVN(+g_a(0#?}-Rn(if;U5Dw9aY$$mnwa6-;-hwsWhecDU
zhaGS<tJpz{*Z~68JPv2tJ;(1vWIDi&L*f|+CvV^)jm4j{g)He$n+VPy^LK5p&o^uW
zbYCyDjAYLXS+<0pXoht_Z1y0o@PajVf$5I^6nDlJchsrSyPJ$*Ik*~n|9rEh_xf$^
z2k<Jrr5jG$EJ#7ZhXerr%Zem+h1UaptCIi8gnu_bCcTOU91mM5(LXnpl@GGgZQ$yC
zg~wUFgt7i@@s=bMsToODRXOd?gAzMC&w#bsHfGL(2gBM-dVX=0CUvNlZsrM3NCFga
zz|xneI>1Mydoy`G{dm2ed<Q+}AADK9gTYL&+AifAu!Z8S%=S*sKN!te^3FdPCTuq-
z9PcpNMFfdyvZ7dsA*nujn3f@5?qa*$LS*6n-xeUF(&OE1M(L)mH}iso;63|uwvHio
zSO(pQwF%*g3>TJp^5&|w>R$0vQk;rbcr?|$Fx1?v0%OB1UaOCHm{EwQ&@UBKP+8o-
z)PXygc1GQ98gbeJh|-Z!517}SHuq2=skrh(<G|2c{tDuxCI$5gy%tVQ&V3Gy{f!tj
zwot>s_=Y)5OP?$?{cBw!tYJz+k(ph>+xkbFDba!v%oN6}gcqz7uKR2p{nIh*KCrq@
zfz`>`7)<9}CG5#Z>1#n9TGL(bylJp~MLxo~AnA4V)R(%I{h$&KXYvwsmrvgWzG}z+
zk0I*WD!IZ1BMH_gAGJZfQr_l2%RGdG(rnDhwpVX5B-WeuYCANz%FG@!7905Tmf=gI
z=`@xO#b{uC)Ugw+4Xe7;^U6r7Y87p2U58!d)=Ri!saEkrCM8RbVB+mLQfV{Zk>sCw
z!;JKW%+Is<t)<mv+BDYKzQQt*jQ2*9a>?2o3FnI`3?~K=P=p>v9l<jU?^>4QO3kT?
zA~Vmc3JLf+KT;9_CtEJ|5B~G#qk&Va+V+;5V0aEQv7u)s=GDM>+FmyuTx(`$a`Mia
z4#qe+d2h{ne&t1|45;*((_vdFvD=n4W;w(;W0N;@of>D)7>=*36u-ZvvvTd|;@ESM
z#Jx7}J~DERLIT*UXz{i<=5tFonU88)g=&vjOw(}k_-9sZN|hXL@ykYel4hlDLW?gS
zAUjtZ58;7?Gu-={8CQoHmm)`-0WZVQx-V%l>I%wcikS?dPK=|_EXjMPpN*uPecYR_
z<nOS+xuIK)vq2U`vKu4zSke75hZlTD&9w48c@xY*ZL9Un`}IrtJFvW+S7K19n;clR
z!=8)Ttw}Ec>Wg~-c;EACHreXw$2b{Og_JF-f5Cne`Ju@yXZMqPd{T1Cu@*r+(15+i
zvEAkIR}G+^o0Ob(>`1d<C#ZR1GJ0&aq{v9|2SQ7+B4_{cqUodAnZh=^z1qvU)sD69
zm6(@4g|`H3m??ZiS8!BWL||O4>LQD@!0gLCqSWs4yF}JJ5Ha`<L=D~LDLs%7OFJRA
znEm23kqvYho2n4GkqBk48ifE+h~&$ldip8ufsb)uVDq0USqcHIX-HhOh717X*Vwdz
z-Kz~lsAnU(rov5J#{XTW-RRxyO5m4@fT)O=JtW)_seu`Bsby%7AnJ9|X%?qaC59hh
z$8JTmf-A6{3_+*ZHdj_7$wY^rSa;DO_;Uc~L*%k350mnZmLIrDXu%98ksb<t=Hw5x
zT`k209$qAnYS%;8p8&7>|0D0s<D;&w|NjIM2o{_mM5CgnHfnH9>H-naM1sudM5Cf&
z-O`F0E7b@SP3sm+qD+TTT2ZOBEp2T})wWovB5q-k#jUt+RpSQlaYS$fT<7<Eo%?=I
zCJ3Ku`|V#p9-4W-@B6Ojo_p@OXS-+iXT}*|)ZDl)Dot(YGYH+lPbAN$c7DKJ>Vgk!
zVm91nq{|JVAR~?WG3GEIgL-Qaq6!a_9CO*25=bC4N~@3g7BWNo#!RwwmIAgj5Q7d$
zT#P$<_dCq3;~mQ$R$rs!Nn(i9zC=fXM>W#yAz;BAiaC<?7G5an(9B?AyKMvqomf)m
zAqV174Mi>1K^9;oC!;+fSWmxd5L`ZXL&u&ztK@pPcr;8z$3%md4Jpjb;WeHtXme!K
z9A2HoV1aE9+B?8&w;NRI$8EytLq&DF>8b)rV(lG{56cgBZ-A5UY>n1SbObe+Z@i69
zA050PDIzkQWe{)Sc>rAkbu}pFL%e7cN7J|MhC(iE!v-y9KUqE-nE~>GCA#mqfjxBJ
zp8H90=Giw>vg#EB0UqPj$G!0g2|f(9@BMB1n`oUF9nQ{w@cdD50oN_j5jE6#E<nld
zKW@4M0!+VZ!acW@ihvBsl~=*IYQCb?UxYfk7!qV+47X{X;qFU4HZf_86OkYbtajac
z+@CwveyDS;&Pk$q!BI>Cp&Bj*kHlZ_Dz%qq$-`ykt$uLGX4XICTg0gI4*#G94m(OG
zCg2i!baWy*rb)|HeE?r%2a<>zO~iZES*EgP-FA~AOqZiy>KyQ2uo>|TCx_Lf@nMIc
zEpG&M=NKhCfW~!CUiN<2NaFBJ$#MTO@IULu#rj}8_Zyc*U;}Sw{OIjyB1+u`#DqXH
z>eu>WFRa=8{^^HVQu~%8UQk{)qfPYC$&#QfObIBmoj-r{Z#D!*_#qn8g^ArBx&qYZ
zqa}|^efNNT{`F<+;!}QoK8Adxvr-mAeqIfR{AiJ3NJop74Rke_0%+<sYz)@3&I-0=
zjb;TvG~(C{)(Q1NbL~E%&c}4-WB2Ul&0G15+uhdllKMMea`DL~^?5rY`W0fpILgfu
zdN+!MleLYSH`kgh8fO>>98FwQro$}2$l<@3D{VlrdC}@gyI{{4PFyBGmV<yb_h$a_
zC4&R<1CA*m4M85F3i9w3jP!2ZQ(uFvN`MG;G#D)bc{!iG#s*WvyYRn>-BBo)1A>;_
zvcrGmX$`-_(GPZifgugR9I?UkK;#6n;oc!9m3(yPqaG%Y?=A^4H%4R*;pT6(gSTHc
zrh+Sxj!x8#skEzBDcYrZsa_Ng9SOp_*Hp~kjw|f`^XW4M*z=6p(sH(4AncAEB2+e(
z^g)t`20ag~D~GYy$BG=qbAv%d?|Rg+0P5z5APmaL@F>Sxg*qNpx=`7PMH?Y@x_X_<
zST`_xGJ(vYcgw(Mqjx3|mo*b?$^oz`CpPOo)|Mv8NHZlbzhG0DjThpGUc>}}B6>Rd
zJah;see;9D#bkDvB7mncb57nA&YI*(3h3^CjVAtJ<UmYRez!C>fP{fTveSFgS^j1F
z>jZI}gEYP}`3H48N#;mW^qmsLAJ&F0)Q=Pg;D`aCXFUrBTFygy>}hl8{d=)F(0koS
zjUJ)ptq5q0;jwO{e&u-^{gb^H^l%f#_#~fWs`u*$G8s|A(A_ILy3B1ZG;Reueod+l
z2pE5o>~xSZ)+{hjHdu6i1i9-Oy%$dWMYs#$6|?3jDr8Ipt;TbFnZ70QM7B|fE*#f;
z%#w$@U5;57gT%5m`l|c4k+6z>eH?3Ku19FDB@ag$!d#EYl&pKsM*DQ{(OzWYV~rLQ
zM2&Xd{h~|oB$!WXHbR|eX`VNmFEMn}N{w{=tWrN%_(o(l-T73@Q7Of82`9+Yey>KE
zr|k)~u@AddD0FJRQoLnR4n9c9|9z|7_?$95%2N-EX9`2xVdX*{hg**9is;$?1()9U
z6EEF-|34si|It!d^{jzsv;F^^EHdbN^7#j9|G!TX;$^@m)G1Mtt#2K|raO4(ajuwh
zlT<k7P^ZXTeAn89<zoy#Gf-_dhV0}H_T{<lz2>)Ti}M?D1K4bSFEsgyKfecm_+19@
z#6q_{T}<aUurBcz{~3fWr+-ltCXvLMP4$UOdQ)WV%S8f%P3fQ~ayF$M_(C{$2x&j=
z@A*IJ=q{=R<Psg-&?Z?cOu4v;4Q*X|5&oe%zuD$@`W%5s*OmU%-e)?pyU12t{;F`i
zpd6<jP>f>!27#E_q(oUVOQ6m>Y|jXf8VY@?RYf{Nr-vFp?n>LI@*#XmUKK27IPQg;
z$eq{1J;l#XTc{(O3=dlHa<@qn-x+WfJ{cM~)A18N{e3Uiz<llNXs_0zXfF)snNM$N
zJ?^vv?PuAEu~p31uJ<~I^CYc9*WdQb0W(^BU%pj6u5v18!qc0gi54b|foa=tT*MpV
z_52BwO0?}U&6$Hn>S2Af{02Wkpz}@Ah(Qd^GAnrh@Ph%R7_hRG`D0oUMNjFw9b|e7
zH?;Ol1!P+<>Wm|En)hg;?B9tmYo3<)vP0lzAI`>W{rB?Aoxu37A-^0_3IpDAe`|qW
zF^}^MHEt<iZ@A{fg<>m&1X&KpG8x3;DLGXZc{ewxcsWa7(m9xzRt>sMeNW<kk{pd2
zw=d!3d{d$G&2(!CyL^5l@#hrWQf&CgoT9?W&quO1aQ8TVD#_ERQZ$n+>3vQAn8bcb
z+<9Y!eF*nDHpd3`$SV~gSNa94t$sy4^{ivF0KC#(FacM*0!)lxlW3Ly=w63O5CVzb
ze<S~XC7<&Ju$oQ1=9~DE_q!qP&YY1YaI`4V)u!(g(a|I0Hhsxnptq@mRzt{AlCMdJ
z1c^9M=&OQNPkDWw`jTYCo<V5`<lX{w&PB|^Lxbps_x)=G-DRnVK~&aN5vO*AgH8@A
z>WikQKM!Z}kU0)1O&3ZY<6+~=yxaCu2qw5xQ==pAywdeu<``k%?cR(Z!LAqQ5%skZ
zK0G!ioGf^SmVs<RSJhfuueEKL9Z&=BdpXi&&Y@u(O<U6GAzN5u0{<$8%6#>R9bO>e
zKBchZ2hv@VdNLR)QF0E6W&Hnd6&Gz3*Gw5HO%^UK=$Sa<0>TWv*n7L#1(|$8G!cl;
z^h*`<YY<m8S<skziG-kAl2wVLh=O67JvmLrU*eSNJ&>?Di6+k{u;iE-!-(>}xqR(m
zEO6h=pMn6C6I^T^`kYO*ndj51CD#%-0<F|Sh^RnsPS%aoSefpJycQT+d4jlIu3%U(
zV$P|ezEr}KmlyjNU%FN0(>kF|WO9CAESS8Ox<S7HvjI}yYZ@k!Aa`s#dT!G4gN}XM
zCWH>@pPuK~lXCi3y#nSHq=~q!QXasesznT&CHx0U_m{UR#rUs=o8;o=A_3@LYSpK`
z1}e&b;Ue$Y$5;ZQ6h)dA0@kvmLF*%HFn@H~5j_4AC!r0w7;Q*C;b>SRfJ~<tM{_U*
zvG@5#d(^QxysN`=?e~uIdHPLq5LLe9Emq#VYG3t=ug7o;WUx=1lZ-HGx6Q{_eZD`_
zPAVyBwQxmXDdkuH^jr}<)3cHKPS0xiRZqh94v75piTVXVjrQy6_uf?>SgQEstoE+l
zjT`{TG(5Ik8w@8``89R(D}{vBK!=<C8oSjS#;AO9ecY>zchIYechHOBW=c+d67(W%
zy`{0?-f!d1lpLWC45f_^`j!<DPUlS@D*2^CEkzB{Zqv4$r0IJxiTWp-oid)W+BnQ7
zp8}6MrtCP;d1w5{EyIHcI~v+XdX|RHv`o?yYJnPFxrJ&M?eZQP?oU78*IR?Gaa+LM
zB=js`@NbKXxO#SBXs7_8HQ>vXg~Z6GRyhbY>qDsXM2K$c6#l@CjN~8#cVyb>&L6yv
z!pq!T(p>xrXuBVkW0JeQ`mT_sK%ueCKko)U33oikCY%!V^}9)9wV6)vJH3k*Ieu$V
zt)O+CyaDWN9@Q5;i<z`%5X|F2OJTi!K`4VRP*#3#pKC?#9mq{-^$%(=2o=#L5Yqay
zy&)(ue7cr_PNTTqEJxtOcEzz!-b1x^n@cn__LJ~}lTNgMg;4HD^>SkDh1$y)EatUe
z&_Z7Abj9{yo8LELd*DAwLq~TRR80r>t8Y_hx1_d5>V4f4;vYkuS8q!mNMLhny5;UL
zOz%axnixb%;ea{(9zeK_12FW(;HimBk~9>V*}x?F<)UeS@f33!Ct_Ch6QTB#lnGc0
zUiufnuE&0$pLN8@P^fbaz0ox$%AVSXveEdPsdc>6gI(|}cJzb0VGm}H8HsN<9E&9@
z1_wbm?!Ems_fL^m2%?K=E@BAu2^$e_J|A9$^~R!g1?tiCphrAwO=!qU*OCaHXZz3a
zM959b%U!%o-q>H(<xklzqDZuu1YUvd#|4kW5g<Xo!zUFYDIko1r&Zdl-^9P6wIEiR
z<?rx+XBf2;^H*u<^Bu)QPVI;~5i)2)(9(udCQ>MrQ)03G-eIIuq_Ku~?@l7ODIP!E
z${4YXtZFOF+El~rV<RLd(*AIq9wbMQB&<}G?K8tFO;za&kg^hj8g$KS>CA9lu$Yv@
zEZ2NcQUM@G3KQUUSP4fI2OW$i4#h~bD5V?JS;Co;q7_1(B_`@ke@i7~7j~d-?H~#U
zE_^7Rpxg2t0kIpc&oG8so+4FU8Uyby`0w+0w}q&6Dr?5M_KV|}{i46OjLwls){Qe&
z!SEU7ZT#B8Z4Q*wWu!!tx4O+NiJeP&S6}{nRDANNO&=Zs|2!&^!RR^$W8J>I)SMCD
z^S1q|miir5j<9X9Q>;J2KFJ{_BDnDBg9D-*Hon!NBC{M&GmFE^yBvYQ?$&Kv8@$rr
zY$6M=Fz&rL)k+R3hLJadEWiju8U<*Fde{*^l)drd{@}(7BZyGhNa9+N_ekPKn@OZ4
z;pNNKDk_-dE+0IM$!w3jjq_9^^4$Dr)oRW!`9<{v;q7G)a<}1&%p`S=pl(CTty_bf
ziBoK}sykZssoj3jARpOaPZm5IH0=|Gjg6RsEFG|e(UDaeq;?%lLFRG*3&+z{YagO)
zo;Mt8O!gev6%yIwRWEXh!wZih3QvBCFyA%=-~*2jZa|ECHoLm=D+Rgh42&*^-m$FD
zQydn7H(QN?ck^ltiVVT332j!598j=~Z`PmIKI)1!L><%Vir&?b8Z>mI!8X6aAHxvn
zeAJiUIr>#*tDek4cD<{56<)x5?qQ>&{I{gk`~yc-G1dfO>_fCK?aP8BYyY)ES3$R5
zfqG-us_%AMksEch-5R3u?$(gCRFb+?MWHIY`Xs}rKLG(4PHdu7L3)4`daPvPo3(#Z
z@BoV*L({RT@B(2P|N3K~jT}?^+z}!dC~o8LNx?9E37Y4=Y&)?LY;eDPj2*uE!;34o
zxVhn?|M%r?b5p!EQ~aa{N8+!f2O8_}hb29%!vZqYbKzNi{A^_ElZ9xLb4ZJzS>ppk
z&^2IaYDG$l?RS=u!BFunMxjH)zYZw@SM$=9009FMe?b$5#hdl(O{S)5I68jXm`z8=
zCyyaUVwRpDOLA;|9+%;<Q3y4>*C)d`h+KBXxFYIVM^U=cC-j!LYF8t-{%PB6){zE_
zM9@kpXnHi!v16RF-O)aDN;2BE3PYXeGdJ1hWrW&nhKGkLnJG4`Wp}XZnCBE;P=V@-
zsJRoCF<rE4r>u#oC?wZOjSvBKezDe7?a>8L@FF>nv7dDFmMPhZlBqLDav|>0dpKJm
zyW864^2J4(OE>^FR_oFq*?x@hf(0}92)6v_5logEt-jkxvCZuQ?NZ5sxC0D*T*w!V
zmqiH}&i`ypptumLm2J-Uxi)^8Yvf4pggOQZ9g+o)H*1JwEvjw1{{R61_Elp@51pwq
zdQR$7q+*V9K)60J>3{}#g&b=f(+AY=IHpHeY7~!0svny=I+s~8CMn>UOnLU=Qis@o
zq-?-(Zgy?lvMyETu8q4=*|0zpXN>CYQa)uBYSq}+wQT2Hx<JBak;%ogwX10S$$_Uv
z;|Hzagt-E!Oj;r3fY_Ke2BREBigwj0QwOnYN)?Y`gu}{1end2swN<p}1$(*09hXcJ
zc+ollm@Ikzm)h`O^RD?7(VGqv6-kyX@zbU%ZEw=tv<m~Zkyt3^46E1)x`oKis-9-l
z0b8VvJlIZXz0e}lnMmXxg)pwB-X%zM*ewQ7o%dNw&Tf%7sNCD>A}#U%XLLSabiQvc
zDXuI3vAP{lZd*XS2b5c@HJ46*j|2%CxV^DbAZ^rGRmg4mTP4lM{{->|!nr`kk1Yn&
zz_5Y^=%2#Mc+8aCr4NZ)d{gK9eN*SN5U=dF-?tF2d^KK;<9`Q7?6N52E0>icV0kwE
zwyLkO>IX2XnUYheS#b)cE!{+Ft~*e&<dt8znNR+bS*~L*VCGl)X+Kt){M1SNho5$~
z(uTRT-}-6CDXqw*CH=H9O8bcBDEnj5ynU7Mrb}q@GnFdspDt~JGWA!2VlLtGaPKGE
ztMEsk@9YQo`r$2n{H@Eqr*gk|GYNKHPL4^q+{?1LM=SSKSJegX<Dau1chkp{Tvad6
zrmAaI)i{^C#^t^=oBMtBO7lgpzT-Zgk^T6LK7Px6?B_n#W<TDekMDu+QiEbE<qkGf
zv(3jE+@RmQyEE);;q2cr3CUT;(YUKsUe%)e2L)@5{Frg3J$bR8^W~R(p_Zi|SuLNe
zw_1+>N-eWh%Z0Yw>`udxDtjjH-V<+po=Kf(Uld``+f`r21@G|7dOuk2$uU3pbZ0g8
z!*$!cNH#L&ctSOo@ErtG`B#6&dm-;$Of`R|1^q)ky|1T6J+0x1YTnpr(|W^ALEN_M
z1^P$a$9}ZIoUh-&oS&tV=ct{(xR1|$Xruj>8||duZVt2CG^x{E-pgDo2V`5>k5<y>
zIyg3}=6&gL`Xsp(+4%Jqrh6B;M*g_YK$@Aec_ZU!B)yw=?dzYr>(++2hL+tJ3}@*t
zEDW6j%o$`Sl@R?X1b$%ZKnO+gjr#q&|66Y`Bw&y`czACQ=UVO^*)fz!^g49|3oErw
ztBaJues;)|c0=RiQh#-Isg5=hz28ztuziP-h-gRjMz0&3hmMVlEcfG&K8rf*bCb$E
zFjOifCmK`YdL_<PqH3l4-tCw4w;YlgDaS-5UTwwZn>z@Cf72|bj_^DCh;j-LW)OQS
zSuJ{vH9y}Sk)c_|-f!O<oR^xR-uPED7H4lS+*5_Fa`lAC++c!WaT*i7ZTMExu~xTJ
zIOf?aqKotbiDK%>pp5&ZVuRFcfz(?y#7c%b=P4JZ1q$zxi`@XVKLsF2#a%tbA_r*N
zp}n!Y5@D*=qBz;Huf{s7&XswWP;qKL<x_|G?NhnU$)F16B<N?OTGDpt9l0Yn#qaI%
z;+XNaiuU!Jgb7-*8Qt)aq>D&+HqQ6FLRwVYH4>xFK2^K9-{L+yQT0%bMS&0Ds?*!0
z=Bj=lhm3<1BwJ;uzsp);2?(qR0K9qIxp_CR+||NOyVtmS+&R|`n0(X8mmZcnUbPC5
zQ(^s)OL^+G04Fud;$7&<{iLKG*Pq>$VHf?mSFiK+=WqIRoBsSke^UH0i2H-tpH4W4
zEhV~LYLoIzb9tQM`UdZ_!9FB3jFH~JBgnUkEa{WeC#FwGAD6mah5qOY31rArFpy0B
zNqJmjnqKRT`rtQjF!)<c&AZj%9YGJckN!+Dq^Bqsbu}9xy-TbQz90r{D`Jq|4@eZ7
zC_E5eP3M<2k*-P)OYf8}O>ghlQRC`3knHI~*CQ5Wx4J?pTf{r4e)=Jf!TYIo@-=U}
zO8M{h+|NXSg?5yM{)JwrEfn8B70caAE9#Tyh@E(~5A1}D8Tpr$Cq&wpZk?aFv@9>S
z9evL74w*d)s5kq{eKcEZ|6lihrTsJhU$oyry}9l8@?RE}jp|$=d#)NOUfFy<l;EpT
zhl;WyzWYA)=zsRqbyYgx9-S;W$W9&>#R<Et`uG}bP)+{_d^r3`r-kQN2ATH;cY$?L
zq?&dVi{JTGGm8_-i-^~Imzf5vAee)@!Kp>dI&lIgy1KpB8{x*hX7BWon$I@+quCFH
zt3(s>j{d6-VIA(9&g*&+yQ#7hb>b6)>S~-?5l$8m<OkEsg2npY<cuex<*mL&Z(VuV
z9s5U`C?{Pgd)x*IuZrCGbooqksDpr5G(dn9*|y-WBF>#q%Jm5@Agz9-rMw=pMNh=d
zB%4ZQh$Zv~#MrqW_je6B_K)6qI3GBD-ZJ7V$`b&w52HDzdU9ov;ztgn2HxcWV@D*!
z;zd@G>@!%&auBF!*<P!^%)9z_Epld1pDNQtRA*p4rh~j7K#<*F6#I#+XUIsQL8bBn
zVA-%U+X@1?Aw7t}cK}8>wDx7Vw-KjIwiC))bX0ZSfkiEA=oq@{n9QAQV$Z+RCib7|
zx$Y03v1~6xu9w}nsh6^Xbn@UFTj{8J*vn9w&XLomBQ@D?+X^;1SAGUdcwz9Z1zRks
zIpr9uN!Z-GKeI>k-LNa0C$nvpY)t9|u+IC_b#O1t+?dneGe+yC_XFm75DZZ0TaN13
z8K-5aYlUG<^nNo?SH=2t%3xpNB}mhm@%nv4erARjT(QfYCG%3B+!bC}y7)V{cJ6n?
zN4@S}T(J9n&tK6#Vf&wj7mgk}{}Au3i{|wHp1sm+VQ|e^?)Mz}@~D|w5L5PZbHqsQ
zcSZ*U4P&w1^lTaHb;)|^^S7_Bz5;&(MVyVVhJEFfgjeh<l5gM8l|w|b#1MNhYtQ1>
zeilwVv_i`Q9)c?G(~_{$Z~i|3cjCV8oNr$6?d|#cHnst$oWj^1T+}nA3<`|>%~_4?
z++Vrg=5A$gzpqW07$XG5rLCEg-?=o=vOF;__i4RnN)j%4UN(8ICC6OyifnS1C7<q+
zyR*qJSn`oBS^KD~d%Yze;F61N6lzi%Sf-@ZC0AsV%PcwHCD&w=M_TebP(H>oF`L|A
z$xplF=4^74CExFor)QJ3O=e2|;F9NLlV@A<wJv#qC9|0Co5xeQJsU1Kv&Ur1kxf{F
z6h;O!Sj}Kv2I#%-oY;q%xwJK$xT}ppdrJmru^Mnm612T}E=hnTNs#t_<&wHwlA!GU
z)Fla^<my(^B`!(8BuUWqCb=X5k|aUaJI*Buh$IQB-eE3D03=Be_4aW|0v<_%rdR5c
z1UQleNw3f)31}n<irxoBHXs3vBtg)7%_SMI5_buD-eV-OqkGTnWno8q_U}l1Lpc6f
z<o>Lh;(;DDg{ddPTToAMOg!N)is+GDLbCUo;Pev&9yk3&H~yQ5u$KGxa|il~sYh-}
zHz5U?e=~O`_T6Ze$327SC0h1E5k>IhqVV#u#lSa*2Y}9n;+*9d|I|)k$uXCtjL7Xx
zq6-mTF+*S6e%C`!roB6pdWeOrAl2+LrCyhTP7(3sr%e<ZI4E`>am<9V*<whZFu_jQ
z3Bu6khTX+*up39k7AmENl)Cbhl+u6{YAXQ?5stwDh)mCX0rL>z>aDl_Z@1$X!}7Gz
z=|BP%M!bOR5XBQV2v4o!#y{f`l0Do*BOmVlDLb1n2g$;<YdF;NOo$;i7!GV8!(@%F
z&SHuna>WjsRM^df-&bA$!}%CS%6o&5M7BZdRH2YK(dzCXBn}cz?}*2o1ijb}*9wW_
z1fN&kjz%1(N!sD=LA&*+Uw!<7V%cMDXM(DEf0I2|a4YS!rJ9!>@+|WOpUEon2KBSu
zN1pk8coZgYvxhJ_*w1_MgIcd3HLPAeN<eYXsOn?K)x%d;+6$WWIC)GYJP&B#d%p>(
z^*s<1VqHun&`m)(->GCxkJ9|fzdAYa6bhJP`gCra((=I<?kADN1-Mg;+uO9+lmv+!
z%jtASvThtHj<9p36w4wtv8D(zpfHK)D}7PBGqd>dZ6;qg(Rx3%WzmPs%wm5&MdJjS
zc6Xnqo>i45crcl=w>{Z4SDYnvNozrQN=IHb9u|(%(QVYIs7rbq?ixXx&m7l;6HLeq
zKV;&p@-BK8PHq<WECISV5M6RYIg!~EH&_WZB-E83qJ+w21?37oRiHmb7Jq7>s^J>H
zFlW^}o)wOlT)uXDWK8?*zr72}nfglDK|^cot4!Vsa)QV2zv~bj<CLDTjx~IE;TnhF
zAgb1$mYcs23jbmFUSL6tB&wt%s*KLMXl<6HrNAe?9sI>x!g-%F2dUS78>FW>p(My=
zxH#XxzvR=Zl|<I}7Balr4ISkQdC{jOq{l^i^yB`vKTKdEDj-RkBA`9P3|G<v??wMb
z<%ReB92Y|bZSS(|=~$x%&?KXodHS9W={TeOYP};&Z0nUC72Fxr7U3R+wlG|{pN(GC
zGhgEURv#L-E+@Drx^$HW(mg~&!0t$Af$dL04XGDgy;Vq$73AVMkk)}?%Rrv}rUSB#
z4<Ju36J>EqRfn(+;9QjgTdPH!r3R-XRze1{!JBlsXu9{s<Dc_m9IDgG>C9}K`J4HU
zPfeHEMz=-!pgovXI7{%vgw8X#9?9v^KXIYE(+bU5!>-F%o>|uY!--C}n!7l5CzG~_
zcOlWOGM8wJj5RV2ysc-6&2p!?_QiXP0%&x)j+7=#wKQ3NKtoG3)ZuRO@NW~+6sxc+
zfa3Zn*4&J8^AMx3#vD%g$w3^&Euw^sl50Q-G4Z>~CO0`~o!c?zY`29S2Xovkf><MT
zM5u69${`4gF6g@3hmPuSI5IK28XHwX6J_?=97kkYuw@*Hz3w(2koOJm++9JCb~h;_
z0q-0QR(3LPX;md|n8`bl87g>-<UcQmfi9&mrR(`kADkHc;KgT8nOgNhBGUK4sa(EW
z_5Oe-V}oRmy`fFpLSgK5!FH2MReu`ln4x;(tHRS3t4<8oHn}-z88~f0DJk+Jh!L*O
z6%jqXC!Cm>r@ZZ-_K#i1--4D~r&TwdJ-NB%mh|t#iKHQyX0=LHB^sJkT6|$N(Fnib
z%x7>6eu2uv$%2Udi=z4Kg&3Bk>xGoedyz`TKTHoZ|CPXTVu_T=${Ol;!s-|c+}+1$
z;(T`H^UK^F2$@`eL5yWMpMMeK{)0(l-2De*=-zzSH7PEqpkLtF^c+DcRi9QvIB{wb
zVg>fpE?Sa5yx?r|l5n-_U#Q~;=qIrfj8vc2uc)O0#|c(TU>S+jU}vi~G;2{LIj*r|
zWefLKXg;8+_8z-?Y};k~bL#zT>IXU<gJfEYM(MI^D8Tpsb{XvOPg@4wYGb^95&8zp
z;505rQm0r3IlS1B)3R%z@TFIC2%~VP2kGrCXZN{MS=~<ghBswrQAG!0&_hH@bbAF`
z#o=^R=1>L^pf73!OH}n#eZ1S-Tk7>hQfWd=5WBNW&*!aNL3>qCZFax$w8cseS3em$
z5II9}O#y=SM67t^w8MnFvDY?q6iYK#)AB4&3SL;#@@U)r)}6eT?KgC4+oOyNcT~Wp
zXRJqOu-|dfa&k6VdbYb238I*RNVC-`DA*i+gUCt6c<bz%NOn;mzIfUjd1d@QF>SRX
za1MAb)Uge9qYyXx(>E8a;3OZAj`-5OQnvE%zT$vcBMP#|PWgGRuVwB=bk|>AoH&&j
zNRFuEsPN(^QmjkDCE^6==c#sPVu5~LD9D|~BnbR|Jjij2#QeG}VP?cW<)eMuU?Q?B
zP$*egNIwUnmLk@vG-vG0_$S|rt%Y3gq{wgM_bZe>*yX=DjXzXI=gC1!1`4Yqp>hAr
z?*3vl0^;s-MWXESH?t_+o3b}wk;Q7C&uR=PdwuR~7*n-X%6{|9nwK6H>!<8{xx=1r
z!_V$yj=A~f!ye1M?hN~}Z++ci{~T?lzmfywbQ{`_FW>60kI`6inVz1tZ9vFb+rNLQ
z_pq<W-XK6C@9xJm<vv#ngXjqc7SYp@JtTo}LSk2PIH3V6EYw)2^K)|l4<MM&O))_5
zr`vp82sWS{-68}>T((sR{_DlB4Z-g#YYyTZM+CT(f=~Ys#$LG6#(wR9uRHb$-CG&^
zs7tpx_TsNU_OoB;J@yk(!lxck90Dn#kaLN_U%#P$Ag*;3NJLG<%X^M5;`d%HF=jX`
zt?6|?)U<a!qen|13zNm2tfHvSwYnJ{f^AG~Vtg^2mu9&khBD#s^a%cF&%!40OYhZR
z05<Trjgl&|iVDq4rrGR)x_H%2uHR@}DtM&KvTW+s2j8l>h_YFq457UIzKkDkmVO-D
zxTM`3jY(98aVhC=j{HePxXh~GByXSG%RiTkA*{3t1EVG5nZ$&JI)<ro)~kiZQTy7^
zOR?^e8QUL!pN+ir=FNyX#d{7PN`d&|aB^&gdeW?l8A^lw?xX{9rAbqGw~8%>t}5*b
z!F9jBIa80Sm15^=*k`o8N#!6VLZco2o7fI9sgGnHbDJMk^YygFo5JzOqsh@yu40b0
zHr*e7(8b?c7aKwREf}uN<8S=|s~4C#uG1nU7u8UI%dM&YG!Vo?LH|?QGF&rSET7ZU
zN)-A@uG~7!$#`rte`vlDR_Hya@{sC9G6DXS5maO*9gF4$Q^7?4i}X&p^7_r=-Mk&@
z_{6j!iV5h)=OWV0UPQV{Vbww3A3rv6$6j63e01WLy@aA@1K^a?zP_&dl~Bh$Mie|?
zQ5J3=nb-0T=9Hk&+890wARA>6+X20Ro7M0v<eOAjP2uxq&moIA|8z+<o|}bzAuOk2
za!I*>AlVg{BCxrI_{4`R2sEdNJZ3dhGRpP#A^fVFfS_wOR;9&SBi+`>7SkG4dY=vv
zgiX=pZ^A6*(d+%|yTAoh$aKd7X2o_)4-e|<^&yC)b^1&Rf&CH*<4Ci&f(3m8HM8+6
zRC9_5Ex5uveVCaCNW#bXZYkGiX`e>=k!Xlj*Y_5Q`4N};NyV9x^)eZh$P{B_%?8f?
zZ>keoYxVKf=@B{WQ&7|T^kXYCQfSNMY=2ZlDmjHPIjBByn2FN}t0FqkV&*a`>|K1F
z8>X_S@5sd`3HY$MTazjIo_a-Vwjibc!^9NMOhuxjFvR0G)cLsF+1XPZ$@tRSg^Gh*
zsd;>?eL(bxAQh_0C}4XR2X{w#M6%{mPcM=+j|6>a^*^|H*xWh^IW+hXKZ&J1(GNGG
zG^h+TQ|00-qVcuzW9cSY94+_2t!>#oO}IIKe&XE(iV~Hx90`{r#$8Ka#D+wZx)ptC
zdY>G5yhzojRHoCR+6r~NtE!WY#VA6<@<9~#&$TmVA}4s-=o%t16wXAK))=XNEp`ox
zlwDk4ig#U@PU6aBN=}^R(-Wf?QtEOgH8I-vXw&{_GCzBNm|Nz1cN!@K$6m=20A?Fq
zvVEeGeL`5vln8#*=Kb()e#uzYD`Rm_M$LdS9(RvGCh!2WQ0F^fbxQI5O%&@-Ms{PF
ztwPL_I4w<|O~HB|Xle36`O_Ui7b;lwOx^;Ou;5p2-D`Fl3EOM`vOB6Y22ky_vF#NY
ztSA=ZI9psFe=p6*cB^wEnP~fmu5Ig?lwb2E=^`=Lq_77+I6G@@h)6M$Zbi>qFoz!_
zN;~GRCl@%mC!VT{7mN>|i%Rtx0qUZOvzu5Fb`rVu=Qd$0n0)K%SM5usuXpG4*zQE;
z9#PbiRumFcs8+#Qu7c-NJ8-@~XJ+W`8E)%ylWhc0%f$OmIm1)1gHXrM={OxitT>jN
zvRx=J?y;V_r}oEYJ{nu6nc&`pa1x1=_x8uIQ$bd!QKfuDMuvv_%USWgj+a=Od9iYs
zOox-hR-h<Y;cULzFU1r__V1A4aC{%L{}m-*p2rrYP8C}GU&uF8las_#!%N=<h1|#T
z6BQ*fZH~Ix*@f`>+Sg#FI^N~D9ZmdJa}++WOY=j_9Pvj*X&j7o3g~rzhFZm>f-pIE
zsbKs~e}h4Dx`{UPTHc&?Um#&>d45BC85I_^td!A0k;M;yIA-T(H$R%l3C%4WV5cfN
z1<_&_&9o_gHhq1#{ZhgIM)`6j&IkVEzApUF{wN3jm`AjKyp8I}Li<M=S6C5J1eAd*
zbdX=ABuTi`=MC+COr)uWq?%(#f~?5`=7>OaWY=uSCL_FDbvfQk5C|vXyZm)(FYqD$
zIh4({SQFDD_c=_jd>)yb9GsO=Kr~AW5z`-Rz`-_LlT0KIyBtoM?E5`$#|I=A=cF^|
zi=i}F^7=D~fqGwqG{ad<(omBcO8N~l%aWB(e8%zq2zWdEj7~;+_=TVunGg;YUjMib
zI-+fKqg8kz5r3No3>livFHo~*p_2ZI2$ouN2cPqp3cur>fk;>wRBD`9SUNawDseg;
zv!=^2?w=<w0@$=Lgs3=-8je+@nXzz-8?Hldl#gQ;8H}UTPETdQnuHw>wU5CrKReY-
z8Z2hd!h)S~3+uD%(UHYR)W@+9ieHF<#Qip-OeqAA)zSQ~A=H9HPpG4r(T1U<>IOC#
zDMGsj_|bB(I*$;7u!bnX7%l!}-fpe~Z2|%yE6W}sV9!$z11E=2y%0sLJH>$-5C0pC
zi3(%nBe-Uvk1-c~W*GCgr@kS^?D^DIFlNw?dNAhCkNy`JbI>DLGJ_BM_LrEUH;C<0
zXzwbb-w6lUh3_agPz$ky5M?Ih3J}XAT<>^i{ne>=9b$3iiOIIG+WH+vMv;7&79kys
zVJj<azbP*bf&8+{nD77LjAYmFiO2zL4gc#Cn~`0f{Dw0!Yt>d}<Wl^vf;D_kuNl#L
z{RV6JcPrc)z8R^XEeu<L+Sf|8uNn2sE<`BqA4E6<io4k|BqoNIAu%zYWewWqrt*p-
zquaJwfm!;SK$_WhS@~r4fi@m{);dj8ZPrB27D|XN<<>SD>Nto;E!=&T#6qhS$K;b}
zw&i*Gu7S>9kgP7-?kPQ|s2A&cj#06p$A^<cS2-F8gVU--+NKhS8btrh=|(K0?YqC1
zwwJnEt&SPK87(=#R$Vxsg7kh>6RE1I3qr!Fna~7kl8V>cFHtb`%OxMt<fO-K7iuN}
z9M%yC$~;qV{F7E`p8W>O=RnJJtLfybUXH}qrP&N^PZ)S{G=7jSd2zfVT!-EBvP?#Q
zH99_y*X+{(dx2_~UFks<_kkCoL!J#gdsdul!||?|t!rgSP2Uup*I_kl6()9cBssoR
zAnl@tNa9!y0`(SrufMQjT;6?D2#2}+EA6&SPcO`2#2^*k^M)688WjV|6szJ@R3O}{
zvDuD|lX0_~Y5Xp!U1rA0+@SUU+z?DUOdhecG~AxfpHjY=zmnxlcLxP(Rp5N>B0?HG
zq)aY;Becckpe=_9w-^Sft={!-zm@u_Q75aQ#=4+JH8syZAl6{PWJ-qTeyXrfL&9uZ
z-IUIhd@K7E8AMoP?;?v1$*cIKKczu`h-Sigx9p#_!m4!<O75L8EbnM8C=Bb^lpKgW
z%Z@}oDF9trA^s7Z<zhUOmWf4$GDG<UlariSn%*_{JkY*Gw#wXHi%>AsF`oh$AbM8l
z4tqIkJ?g+s8bCLl;YuZJ<SyV&lT=Ho8IOoHVvn0TcN4*E+(#@ZmlYgPW-h^G9iEC-
zrzCXEqk^e2R-u44o5QV)4(%LyK8hx%dN3f!1&#Ok$u-7%L}Ujf;H$8<it*2gjaEEH
zvygl?Rn4PWC})QcQWbFzSWkcnizxA2WYK#CoKK5#^_jdg{`c~ygu?Bkh!26upLxfv
zQIo=8v$GscMD#-w;MTOI9^J?hs>A>NY^ezKYu-hZu$pZlp=*f})_ILem_)+KmSdfF
ztP)NjVShj2FeMy8!m}y@T21u!QPKfl@#nhrG?Eczj#;_bl#X>2aMo%+Ia`(u9OJdn
zanji6mA;N#cVy}pnl6$>*t`ySsH&IEv%|8A*&~0cm+r=I<504u&hzur4gcFe`39A}
zE8n(=)cHLbDph!-_g57@R)zQF4@W-L?IWR#D6i$a+HdxjuEDqK7QX@^ZkE<%op`>V
z&1`NY*6qjHG~qCc;%V1~kC_nKNNKsHq+jEOqt3ZXTjzh12bucOGmif1rY18zgmW$5
z#FTAUjORypPu^yOpZD@>beW?52p{9sHeQ1k&`r&CMR-&#0~g96X1*^qawy~7M4|L3
z+R5&;!64IRq!J@~M}F*&<!E3uS#Ozz_YQVI4=0_835$ZLKrdt4OM(cfcMpGXX^O$g
zJGqDV2U2>34@mL#&IAmy(KvaPx+%DMn_gvza9#~uJEIyzn7r@wN8*BqPx_1PFptaH
zyZ6{X$}aAb8f`p3#5}nnoH%--#81P!!wZ8rF5!)DM5|wq9ZK{TMQ(|-FO?t3jjJHl
z1b1%(a0u)0AIbbPw!QhG>g>JN5#rS_4C&WlAi_aJrj-x?Ta??gD3NQ)HLLy7Vmqe)
z#lFekWH&x?saGbpJs&IcVxjEf%<ORuxw5ZIOrDY*kE}QoyG0XMnqlFHXwqD0-}xtf
z&Al)3-}E=qeg%A$%o4NhWcDcT)ohP!P3Q3~wC^{4p_&%Vw&q{6#kOv}I(LYh>1XB|
z77%uZSSr9?j8iE|vRx7$5lPG`X95wcixMWo@@*wjYEB;>P8=c(ag2<_8~aL72RGDZ
z^*Qkh$1SJyHl<CCYEE{zSPcGAwTRqVQQAxubvhcI%Njx*+Z+E-9G0TSlojTlf`J!R
zrH_`tEJt2;t1*9mWO-Bx1@-Y*K@eYgw$)8Z{jwz@fppb`I&@Q__!h;svCf2(oVww(
zq_FuI<6rX-%anX~8fYgeXu%-Wu~_^>5puQ)fzj35N4<0=vGmXm;ewDV*2qPd0)d1d
zk;bIL=xoZIF)YNhLX2*kN+8^=WLa_NC^Q-eY`Z>18JI4Y!BjWo>QUajmEOkJU$Dl+
z&T)TA-5%8CD{wrEoX7<#Z(U)+ofpzG19_qh{MhVk@Z5mJj`VK(tPi9^@u%rk*vxLx
zf_+R~5=0R43NTjcPgp6<m>g*Wqvy?;!;j=w2)paKi-3^K$Sbq=r<nf3Zq67W!=Bvx
zQ_#;GhJGgEx`uw{*2B7}>*z$sVXOFcmQ3Ahvem%F4RhJ~*GY)j6tXBr^VJv~HL1Ln
zyQYx0;e^HFDbp2Sp^ocR53KHM(ttHa6F;gUUMgX<34c!LRs{{tiMN}*FCd5??WSC}
zCv>|<#oVzt(l=ag;9P0lP=HsvI^Y*3?7Cc$m8I33NEl_^0~K^K)N!J5EA)hLxd<C@
z%&JdZi5#T|o{{7kO*t@?a<7ds1Q!DZ_q$D7>aM|hD|R8yD$VNOD9s!Gn4e}!HeP1E
zdlX98#GKMz>>z!u(1e#c1yZSZ?<ewXFbw1@DNbE2h2z5l9TKPsx2iNWDMDt{Nc&oK
zn}2Y3z6kfdAs0Ipi<N^wC^6?kO!kVQ=&3HtYHpM-HHLZXEe{uitfJb?)U+|q{A#~~
z+J7sYK$Vm!`HL1QNi}{Fn0_-!+MO=fEORrN`Z}AEk@&yT2WR&)(XQ#L&&6kt#);OO
zqffE|?Mrd-`bhdD;xI9b5D`u;6lx&^jJvbbD{pbbRe|(vJ@_drb*wW9r?8E>$P5>m
zFIh7`u0KI#hC-pveSD3QI^{hP>!~$0Sn8zvMO09{KuEQB>n%%2D@o9YM*o8x+@krb
zHN?5(Gvx!PY9smiD>TtcHqAv7MZ}TMQ9jO?t%3idQ6tTDu~4KHeQ#`71YqnCfm#~s
z@&{6s)lW!(`-M6(%55^-BB{4zt!1`bK`0oBTNGt@tl2N9$z09RK{Zg29(tzxcDOcD
z@wT~~VU!=teT{qw@v$3~DH;3|C$Bd0rCuUqd&7J4Y&IsvDSn6g#VkV4M6>)5o~${c
zpB4(sBE5Z}ACo<!Pg6*jcO$1D`T9DVakhotuX-7IItueaiZ{B9_~J|OPr*|0U$HJz
zb45m-Z1+cufJ#Wqb>WY#hZdh3MoHI4AU)|YL%Sf>{t3?y&GYs@vnM`xE;>)llspP`
z%$*F#p3O+=Jgu1?dI$}NkoZ8jcB<59ZUt%h>>+NeHi;-wa`c9_FhOHsjnrU={!;TH
zQ03+w*(<M5PkDE}MR~!Co}Q&%l!6;9)N#8PdbX)hu;EIgfg}UeoULSCA`uWC(p>$v
zR(w&pDbCD+wP!QuMyqIi6dZG1c_a0WMZrN$r-7E8FKYy?vBBZ$C9#3%jf&HU1p8fw
zTL9Y8k7TzJL!f0qkUPD}UEitD{DlIdfDlHQO~oHQZ{8fTn<CBb2Mg|NbA*^}`^R8v
zJqXtv9d)VQx3f<@L<0?)Zh1DkeC8#F4@<bZ6W~qU?EGoU>k(?RC|Z44Df%;eMmL3*
zkE>u;SHV-MLA2G2A98$rs3SoiRgAr{88Fun9=4mSJ}~n@70s9`#er*oZhzRv-{o9U
z9Xq+c`m$Z|uMJB%iElC?!CZ@XTrBh>5#t@It!%-mhT0u66D#gTcoi4Cd>yuvS3d(X
zf1g_-6e(W_s<lb)p+$~|aU$fy!H)=3TS}%5I!ury?lyz4pk{*i@O69+Mfq$;$C0Mv
zn`LP0efgq<d}34R8pbwYLYXOc(K&w<YCq6A1&eodav<mKtbQ-lu~bOvgp>F3m?@cj
zDHfD}RVu^!zm|#6I-K<FqPB(Hr{ae2Y@IpSPCta(mKl<3sL#-+Tj4;E8ElGy$4tOQ
zJ0tzO2=%759JKWmx4fuMTc^}1k}YsHe}g)8hjwnAS6H2=IoepGMU1LRqRjF~wS+|)
z^e>w9?M_Ks<&sz_L`vsb%XX9f-eMvd?IJ~V$*cojVO!XIKNpXYlzelvyTn>cw@0{H
zp)LEUV7FH%7WfTnC#{l*vx@`;!EMyc`>c$~H%q-=w>$Y}MUH&)<ybgc{dR0D+Dl_@
z@(gbEPQDqsaGXiK$6-cAI-_}bD{Z%Qr0>dwNpKAE-dP_Y4U=NWC^Nidn6kP=YNT!1
zXG?JK@5^4G)R`nQfA^Qq(N{Fh@3guPWy;<%UW`u-k79Tl^qai26nhHxrwWr#5x<nX
zYl&Z~yKDbS+4NhgHmuS<$1z(qPFp&cr0i+*boq7f*1!iORR25<AyOR)+gidp??ELH
zbiL&5JEi_v<NZYmyOZ$lvA9V7MsGtc9=RQkTxg*kj|v1%!Yyy__uX<I>CFK$9Z+KJ
zp`DV(q%!<L(xD{Vq{_U@o<I~M`b%<Zj{l40y50jHCP(3Ykx9mjP$Uce$rg!B?f%{7
zfwodoBTzg&fj>k?dDwq#R@(XeQS&2-?{P)?XuY}1)`omZ7@*&gHGOXSY~|dZKby6D
zz+8ko405FRur=!oTSn4ydON@3iNeYn@7Bj%C$(C=9jt54W=L$GFd}`B74Xl}Bnr>H
zAE{Umbk49>Tb~l;Gi6ar@h^&}l+ef<p+qL%p^nLLggV}t9~0Y{S={Sg$#9I`hx5Oz
zT8T2_kwE@WpwEuG$Q*wX=f(cxI=Whi;cNT%{Mz<SWuf-J2p})#oVV-Zi`(DWjjSh=
z<Bh{>+ctGisps|BKDCS9=vUkR`r+dSJW1;MDaVmIzHj>*{TIElUG1XR`PR+16}1Ca
z)lP$842I^9qFvpf?pm8VHgy4{n1nu5RX5<N+W0E}%kb0$_oeTmHwM-Ycye5Ph2O)g
zM%fOS<$vh*m7$J3N!+lA+f7!`f0BL_>U@wVUH)$O?1b(Pb*yY1%s|^eVU#!VE%gE0
zRBe0(-Rv1&+b6GGT(|k?+CEu7WjrJ9OV<9ii@I%e47_f@%DMrIrhQ`0J!ffLR6g~v
z6gI6kD6;k&H(*s=e38=kwEHK?)tB^v;|46Mi?38?uKHmwey;r!hI2AWRV(9<w7rqv
z_9--FRbFZoNl38ra{N`>-z}A(4Z(Th0PWwfEyu!iuMmHZxNK#tUV9s&3wP0CIJs||
zF|xWqDhoe?R>IC!gsWeP?Fuiz6=1|afQfYx5HcmVUSO=t3+bp>7g*@`jpK@rnp%Vn
zp^NG@_q~3Qt$mOPnh2*pKIvgp{g*wgYa<^v`&eRZ;Av4y7}kfO$w%X0zdqc)v^1AW
z#g`a~soLP3@(9=s>VH3FlE`dV4WHfkC!7$T_U=4pkwA>PPXmR*XM`%=`zv18iEB3r
z=X6NH9U1M#O){Ghgc>Bn;Z%x=r*^@>O?6iJAB8x9sHewS^&I7E#4u!wZrPk2!b!yG
zT793~EGB%=BY!tR{iQDt#g78}kSBBeC|vAfZKbo-TC#`7rJBN#T>2)Sttkv^L_c9h
zN!`63wBornoZQUCmTIP3HHF9AA<YAQ6yNQ;Yfoa&<V^wk96Qc0O&)x_@<QC;01#$*
z2O>644F^WGiR)xg<nS8V97zTtLCP0^1;Co%JFDmT^nQIXJtf=k<e=Z*X<(Z0($@f!
z4-LU+=$$z*;^^XFwEu4C${mcHCRQMBv+)+bakSu<1y%d)UmsL^DR0tk-40rXtC7Hm
z?ta|ZE7Mqg;N3|(S|r#+z~b84vx77u@@VxY-}PN_MZEDz*+$qI8>9Ao1%R`2!ZnlS
z`u@3&sHnV5;Net%4>q%bvzS@l&Oh6^x@rYz4V_VYCi}dz>@SlBX#3?TAaK9K)_-)l
zHmD-6FG*Te-&);EzMn%+roCIC>5o5V>&fjdEGigqU&RP>=FuXV0vGl5Jk}-dE(c$#
zx@z0L>|Yxiw`_EuQ2U9bMA{$H;>&9pTs!Tdz(y_9af*GqvY7qgc^R7F*gCGN3j>AH
zyxP#LF6MUJ$#{Gv2Nk!-CZlczDF<81!Ea9HL#S@O*r-+1%ro~SJ1@p)ybEDvZQDa-
z)X$g5`}~h@=Rug58Wr?y(Rg9CXWfM^cBm61%qYK6rKxi!zgu4II$-OoEqH;n=qAJD
z7yoLQ{8JA0Us>=*YQ(~_qML*28Cd;ag~oyZP`4iESk;9GMjX0|SCVHeq-uscyOT$}
z1Eu@_d2<|=PI$}9{j9mYmV4csOm*AmeOijfh3@{7U{>4qR{rMnlUXTtmH-PhlQC4k
zXA;e6e3?30N)iOMl^^bcs{?5#=#U`%z$2FIk;FYs`UsJk=-p*Uj|mX9_D|WUMP(z2
zzX?Go9P0QDMr3suxGg2!4#{$-HQCL2wN*sEl#X`+QW1=poVkeA`7Q~vg?0F#!G$_@
zgE2_$&L3p_gQp<lFD6r_<e2kVPm&1K(QIv~czja`P7l<WC{o!-V@4{~dv?P6ofCEY
zXMNnY7Touc<|wcGVZ2eGY^ZZX5r^6MySk>)MZeZ!g)^+s{m01Af{_t&pDO7~=S3*D
ztKSS=-APHcSxQR=sZu|11fI0BAqRA_6UnM0EYcEmY9C9TMbhYkP$y9%Db<78%{n34
z(g-j*THY@lFMtU6DE}W}_@1*2!#Cb;7(SQN{?;*^yBwGTw?GPibbAhdgZp4{7Q>G_
zG8e-OfB45-WVS_|MP_>gN+TVV4!-dZ4w=~(wRc_84M?`>4|c>~HBCw#&%SX2#KPfZ
znE9)N=uQY-bu-mOk|$;&$(AqUPqx3_-}sR)`%n2^xc!Yyy!7x#;dn(f&RtURCYYAi
zQhp(@tq2U7D*1&rayMnXl?|w=fnSE#)W~lWzs>x%hTFY1DBPx&d$4H`PqzE!=VQPA
zc7?oI*|J{Qf+VCbd5E;wO)&0$K2x&bhl=7sL}ZiqPllSn!qC*_3q>c|6&j+yzR)8T
zgEVrvxS`A6-XSK+qPoIz8TipOSH^C<Ypg5lZoxp>go18ot=loneH4}n`Yaa5Wo$M#
zM&Be-5znFZqm9#H16!jv@CG8Hp3<x8RB2Duf4KEOulmkepR=ppYK_Tvz*s9Le~voA
zdNf0~;^^>A2)<;U)lIs;D}RZpx_4)%c4gzEk^3h{9}t+Zub(7~MN~<A>+u)a8yaF%
zQ719M7a`URpZdvGUv4R4Ja6d2acV-@V&-Z>db=p91Q9c(;Q+%^4&ceF%G9yE&<$L&
z#N-sAb6_5do{UX$TUD}f0jBhNh7&A|{r*1(Slji?#Sb=<*HEvx%?UYeRQ?xj45N*$
zO^Qj|Q9~*a&6nN}UX@yk8$>h(M=YxwlULR=Ymv-y1HYTS+*$jq-Jdmsw=_06Gk3^Y
zy=IPU**HeQqa*)27x~|Xys3?*I!@Nwd1UV==u43>Yf;Y3)P!a&gTKiS%~~u0vbMe{
z{cFnJFMEVr;DlRZvaodGShK0mB^->_EM&9F^G>IC?o*<md|6#(pZ(8SUQoIJ{^9mz
zuxI8XXI!1*QWbeelCEYkf2@7ecA*P+=p44IWDk{xf%#uh`5K&V5d94PqoM^Iy!Z)G
zc^&wA+qN4k!X_Ds6Qk)4e`)X6@dpulf6)a@&K!X<S?GNP5TN^Wd5wx0(3U#SUiOG`
zDYQh0K1Xx#oLqDk2)EAB{OmX6r8@rrGvy^R1GiQmZrnP3&Dq29h&}KE)xeUN4O|Ws
z|3`b}r!#!h;+3}o$I!U<v*$kFeHGYc0p~+Z0GUH41qne3pk1obu^4lR>{hqKYkut@
z;ctgcFH%Fo7t=zM%D~pZJKPf}w&WddtKyJG){DE3p!5DsqB2mu)!tr*AO{>*o47_?
zJQJy%qpB<Q+~=8$cl*^4k>O4}SWLS2>A_@1<U6MEdgB(3qH_<Pr7vBz5*((7BVg3Y
z1dWN7Mr-;oULT^5=s8{J>F-*A$uveNE<E;o-nfOFUMOMGwnpy|dku~@74{ay<8ha4
zdqb26bH4M7z0NzeCrNZLoyNk7^!g<%ev#Zg2I^0-`F!A~%k%b1*hznOwbb1$)k0NO
zD0N>;t+dqdD&Y|QIn+`Qv(y?T)ag&yQlpl7j1rF5pOY;0dzN~d5*qbqlBG5Y2LvGa
zo1%NQ#d>`ZL5ed5X!Fb4Na3KTZENp2%*hfT^WAarx*rV7i@$&<SmQjk_Ke_c*s8PP
zr`)3=!1Q@Rfa!Jq)5c`+aHXzgzbZ4aQZ&H?v3G|PXK?=1`2v^C2O6o`T}j^i{$<IN
z9&SR-gxgU%)bSqK2o-Yx`cb@%4$y>`+5HwrpJsw3yN{fzn~8qAA=JJDLq&T<0%z7x
zalcS;v|<ioBmLPnRD2}C$)XkWl)#^3cssI8DP2n8&oR6miSJjmVwF<(a|~}s)+nW0
zDf~Hxw<8;rvR*0t;V#9*Ko0CDHDaUyYj;eeNIGK;H(J)gHDsrf!8H`6OKSI|vQY6E
zm7&2C`M;qoG&o$$2_ki*RvH>fwu7-$=Gfp+@z@5LXtx0ho@<Q4hl=}#ijStE6R7Ca
z%FyuB${Rz&CtwXVT=$Q&2~?UaL4c@;jJmj}C8Wvw%Y-7dW?0N#O!r*8Sd=(rk@&#=
zh~4_j3@Q@mo8P>h#r)>iXPb9He!kKJER&UGxC`W_i?!z2yJOgCQvE1v85BugQR)rd
zM|W3}lsK|9eEt(n1Q=$(6N(ybw1ex402xE&p=R@j2A@_0&?XcCwP+DwEAV^G3<&DW
zC83iZL)e%rAxxHBI6@5YMz4Rh(?H<-=jf(4jw0#3y<HE>evr}Y0ZJX}6=hSQAVuDe
zq^g$uXSD#lcgCnpU=NV99+0m}tk`~KnTxernkhNtOgfO5%G8`+Lv&|qiL`%_9~&G^
zo{LrE<K6{BOaPxwp=-nk+O5WXSBNu$LktcHj1wy)Y$Jd2ry+9p>p5@8ps6?(Jvv!1
zDU#fmn54s&p<9NNY{zc7-#Ig#y)yUNVeZ(=UOBKA$}Gi;5}U-k!->n~J(d28<4@XK
zxsYTBdfZ#^n%UzAXTV&vZzha=1<QYvw=$~Oc9G<1PPBRLcFa2VH0X;_Qn!p07;l>o
zJ!xOU@Luzd8Km)Nygxo|puKLiK-)7olV3xC+uwz<JnbTBCNANA^h=6bbl;PA#xs35
zwGd@H(XVFuzLh>U2MEN<C=LxLen4+jOnrMB6>_L(W<7;LiOmrV`!LAi>5BFmj=!1i
zYrn5~d#wo>Myz{E-R{+2_6w*(e@tJC&|<csRQ@M}EshLd=CpDeb?G+6f`IAiroIO(
zi$rss{lV8M|H6R(qx{LWC)FbEZhx19-iOh|2s_`d5eg@+<V15WumWBp5C*{+4MhP2
z%^WB`x)O0>Wl<z^WN|$U*HH%c8b_6os0JkIE9(@J1YKem5J~C{c$&(1gZKJ>NCKcE
zP~Jr-3L^1iDsXo>e|=MZ-x2u4Dw+sZy4oVp=S<x#dj7_yXy0bmCin&i;&cg3z8qBQ
z&Q&+=oaeoHkZ=z+WVT~Neovw^n2*5C$Y356SmO<(hV*vc+gXZ2t(!2s5;k_PGAv$c
z-va&Ff{%aoLCxe74&Fb!aCPxRx1D>%kT*AvKdsq<Jb$L(>Q!CQWZ^?MZ=a2qQN1WO
z63X7ENKtO3{9a4g+dk{tt{7Mps|Y8L0nJKAe6dX)!>b3G+m{xDOtojG4*c2Y8FcK*
z*YW~evUzm1OpPobUxauo6KT(^kDVP}sAv9N8L56Q5<23!heS)G@nxBkAt!5@Z_309
zFhkudQ}WAGhUF#l+BXeo8KkhFzUy&%C_=ZgaQlirX0Z{D6Dx5n$io~2JpsaF&be1!
zbAxtRYuBGNe<=17M&-d`TJs_!96@d4C9eT7K!F~nec8s}soU2~kChjgY)10a0`ERj
zPgxRQKkZ9d4^7=`k=Jiv*K`Wiw5>k8rtOI~6)0S2dx8~E0IpM(ke$tK>OqUVfdjjh
zJ-(ij<%bV!<E1dSY(G1RxyFvMvWvX!%KHyoACwvxl*+B5Uv3rs7itKu3Pjd4pS36K
z*)JL*2x6Eq<~?zE+m%dHNjUyQG``rI`vC+Bbi)y7C;5Y%%p4zlJ&E3{KmQzhsxPr9
zD-*3<SL|@~g|GJwCy)CQNok)cm696m6HT_l{55ixY(iMICUYWlDJstn!(sL}6SXg5
z)pDafOhx3l!DI<8zV+!&L0|y_T3Adc7E{VQ;#0-Z%6LcFuL8ra^WJ;BHvv3n=Kr7P
zZ#1EbY?*~R|HQ24F11j{4N7TWUKEc1llA4@`i{+UB-0<*=S=gypEAuGXWBGtwSS#y
zZt|yjUG6k<-|B*s{AvE1J#1x~S)R-PVau~MWy>?4n~;cU=N9K32Rh=1QAB_W>%0+&
z;e`r^+wat(wA_i5u<fB}cEOeB9u;25e*x0QP7fQE%L%hduv5T?if=6jxo`ZLJCK6t
z6S%qO`A1ki?MuVl|H0ZwO-Jk!@LO!IhyObgF_HY=h(zpV1^zP<k;b~~lqLTaiI{6u
z`1Xf_SEB#_0WFw8(Sx&Q_5#_hD+7@A)_;FJ_#fH3vXirw8T`ZSZ{Gy|rR4uc@L%((
z3jAmAzun6ISMYDLD!w87hg{bS{*rMxl<f`wtpASN<DW)XDo>)$r(!i06}%I&fB{K2
zI-cLM<6<Lx@c|Nrv$s(pNBSbu?^tM*1;^VF7-L3k%()rz0m(qpgW35rC3hSnNsR7H
zkD-8&Q=}C+o8<cV{*m|@L{Z>4ZkzIHwMOA3E0K}zkIS{hz3o~Q>NvN*7(@}l=Rb(q
z|C{=f9{weJpKwpS{;k|6Jcv#E-^J_?b$l$LLlCz=)VZ41NTNR;$>^=3<;Z{l9xBIe
zNkLQ`Egz;7+{eZbBLzuPw4C@#b>*B2#_vr^rBX&J<-4R1OZ!-)7eRnyQn*Fn*r+}q
zqvQ#s@c*&jQ_5*d`9bI&1j6UUF}ktfJ`>~ZU79-1rhIRgl$gg!@%G2u6KQr#rc{(t
za-daSYHueHQJ!i$iS!5cjPE{lGm52P@r3e<P%(yHp~1hLqfdjcpJ_jdHv1XdT${N1
ze&82hd}p7Ud-@RDG%v5XWvAN2-Cd+^TxPG|8nA59dppCa<i|JGOuz4G6925YAT2}u
zeDRIbI4blh9`Jl@kLihL-1maKmde@<S1UGaLCc=7aWw~*<Sp#S$Mm?K3g6GkA6rG3
z-S!6skvwCCV#D^3v3E;J)k?o6NLXR(0=AtH3j6rc$O2Ai3L}GRU)r2K!;3ecwHJ1U
z<A?hq!q2ZU5#irRbiDar_RjL=uX$xOCq8`Q!^Vf#?yqmTr?Wbgw>qE2Kl2VEFAInE
zbok2bF$4QW|8#fW``X<$dV{T+&C9#<mFnQ6U*S&rWtoyF<vHoYs-G3E*D?Ry{3#`z
zU$raFURkWIzf6fb?_F9G9QC)Sl;R$v1c-4fL{~ToPuJcGqo&JRum=5@^-Hx4Vg>fF
zn_d+1Vh7_gVngYr8-ST~WcFB2?wkaP@gf{VBZ-sY;5K?~>t*fonm2N(acy>9$NqbK
znPM#;TRDzN8@_U(pcq-cSf>K|k7e{=?sLw>c1JDQ9Z4RQKXzoSI6o49q~)z};u37I
z-=8{wGuO!Q@KvX1!rt72KE(g&UB8#0Z})$kz~LQI;x(&g?%znzNd~+#1CGWwajpr*
zjIk<X&KD_LPFxYKfW8=k=|DHOI1(RU3N*2OaR;2^*=00ia%h@b<ehM9f19;am-vJ0
zpnP7Qq_^Gt)=a;@{1tvhTPv*Ule>^M;i*PKji{~O!bW;Qbjvr9U#HjC1G3gu30yDJ
z{oHLNAb9O4cdd|ewNm)iaYMh?200X+iqbB^vc5>qs9$^|Tpe?GupGbRM_**@px@i{
zt5*KXgXIwE&=-*n{YnjDIqv7da)@x~%VPgmE8lX!Q}K^4B1Foe<*8pSbIW0Rk36;a
zGD&^<@C_Xakh#0C@HlKC^gUB@M3@QY++jj_PFO_?m99%wN;Zzy+)I$$P132(LhnI+
z_J-~%bO0f3PxJo4F<PkjmqoTzZ?t7BezE6##Kg^}BzIqcJ`yOigMDFo15f;#tYe8b
zflGCSs38d0Ox3!d<ZCU51h=?^6GT|(LvKSJ4NN+u@$P(T;*PGhxaaI%dv|`-+Ijhq
zavgGaXC>a*7yorIqJWke%1h)36(3O)h+{3LWvIB1aAk*Z;`m}oz4sEGM&5ytMBjH)
z+J$=BOHY^RPWd)!QyE>;Qmh+;OZ$W>Bvc`7M`gWGSu6B(iJmISGP2KfyJSvS37G8+
zw!bzz*>&&BK1Ac-GS(>lRZXd?*5zZyLbJ8I3*7ewnRT1x;nBo_$a5gO`yFyUj>9nL
z>Xhgb{=;kYr)-;JFaB)WGv^0iAlZDB&Jo>At0p8%o@FXN=7(1qMLziIKw7f%9*!a-
z>|Enr3ulG2<emyY4dAA?g-yu;{J4${vB3&%DMvU_D=$8$e;y$~*mgp4T1N)C&g*<g
zcp{9sv@bCR7!dJA*&V})kqCN<yb~#-e5YH!9-8g$A2RdL>GU0{oy%EEB0n4zs)Y4S
zAAfp@utW?d2E;)4!%CpdTGKs^?jMU0fufACF6HMT8fdaeJBfqJWwlx!(%S$Y3(7Sg
zO(MTlX>gt@8&sugs;o6}3pMQ>R8S-FeNPQly=z$a4tT$4P2Xda2NC!4%ZAv{nMWl@
zALK3nIK)IQL!kI&LkrQjdQ>^KF*xz%8n5li5D-9Kg{Dp&s(jEE-;PG9z3uGB-yg9%
zF7w)G&h5!2p!B!Lg?{M|9<b6c@2R=nf_#JZYtib^YD@%naw6~2ue3w+eJ_<G!C_zD
zh+7E)(?{gQyuz~2^1Zxfm|2L5FYv1wX}=xLW87)Ig3Ql(qux~{NOMKR*Xm@l%0Phd
z5qO5Q0r+z?(+!Zc??xeMO2PkbtdX=($J~%Q3S*3<y17V8v;i%SEwnOCU4`g^9xAC9
z&&UfqtdmsEwL2tHxijf7Z@Bg33H-S$d5$J;br(kL+k>FT#4p=t{ZaAB`)o2_f`$)|
z2whpQ4_4Mv{#IIqS&h)ltKaa>NTYFw`)`%6@_sh3U|cpVMP;dIxm`52jE&N}VwlVc
zP9v!9P4p2HUpk1A$$&BmjZyqo^O=|RixMO4pO;KMhQIlttH0l$kzzTlLHMRooGMm(
zrxHFTC3`73yQq-%&U3KVJ|{HTIqL->P2WoGLN*;To?HjK7ehrfi}NTGUbLn#Q?jYn
z2YbV|B*h;l)33<%khD;ll9$|9x%}f|Ii4)=4w2-z8tKWJ)Z65^Zap{iyr7s~=%tjG
zs;6WE)2!FIyuxW-@olx;VU9A8NR4|HU*x=An%=FKJ_YC^^hOF1t$riaeiUqOG@gpY
zpG6579sZ6P@pW@k#%Rp!KkYM>iJ=cmqQldns~#Ol-s<kqHH&!&wO^$kwST%zsJ)e^
zNb>Y;FyM=X#{Nrs9n6X-@iZA#jSw47_=r`CQ|H6n`(OmC6zd<2D0Xz}L$bh+eE_-V
z|6`fS{TE$wkxGX;uL3QBMjw-UrY6I=W!Izjh~l7{P^bJgH0lNvMnt}M@WLBkoFsF?
z4D1{kmKUqal$=^)46&qB6H<fdXmCDOgGcmg@M7MyD4MA}&mC8VvsF)JN($?oN#bLO
zK}{J=eW8vA^@icvqBja?n6ql8<o?5bSyf+3z(5nyRL9%~N$WA|ByIx=%gOx_Eu%>J
zvQOx$6W{@q1D+6z4PcZKfv*=sC=cxTdy(O&yI*tulvHj84x01)^|HJ2cnrre!GbF2
zk)-Y*iR(u6m_*aW9@7-wxJn2S4(Bgck259V!^D(x&nZ12)Qyiz3D=F#)hXyZqWJpc
zkx<!166!}11tD(13KfO(7b)P$_oDGfRMk<5*rDBcF<u;rw13h!bk&0xu+%4y`yv{D
z(iIy>4Cm4P!quN#JenK@p{xExj&S}HM^(oT?Yg)k^?P1>+heJsDML4}q<Ybm0@A*$
zuYNLg^|b>8eMnm*c|?AsdQs@=pIM6E=4EtK5Kj#4&po6-JpVa`ydC~U=&IYuS6{t4
zbj?B@M5#9crzrdi`x{OXk>t>jQUyJV6Pk8lf6;frI+CpG&#a(I7HF9=gSvDc7F-*9
zMK-p=W0K{gaK|r<#MefK+x<7KDqH<*sC|je?mFf2XISLOrnhYjsH#Ymvz$XE_QBWI
zQ4V29=vw&@Mf=V-Dq;B28(ts4Kh>3Y>*v_+s;;V)T34YPyFxc<<_aUj9|IWtELS?G
zl}KnjUSGwmhT?GXIc(3z*x!B<+zen3?v7NiyW}>UObET2x){NpHP=J$O?CsP!b-Qk
zFC8rt{&i9CP(!VURlRm5LycDBXb5(Pt{qM#_4x$8b!fd=ec|{Akb{1>n|INh{R?1X
zZd|6$1JKa;&*^4={y(-D>U^~RaMoN>hNiDD%(QX^-L}(L*Z}jF62f50ovfeK5_t10
z{cs~m7v(H0>sRVm<boc#{Vnwfj9$2}qswM~a!#n?N%8aizC;IUdjFR$Ib3(=ws)0<
zs~>4uo!);71$yPbIFy?|9DnktWWjLFLm2n8t2=3u@T8%uuupMxceZvV5yY#`;~RIU
z$<*~p@2KR!y)~ENzB3F9u;S^NkANLy-);l!+C`f~#W4L5EDbQ+7~GE$kj7t^0~kgG
zNa+8vvT*yN?r>&B%e{CLq(0&tQmeac@>2KNBa1UHHIK*o_!FtQ{BnE^CwIB~njv`^
zPBiQIv+$%7?H@SpHqR(-GxRl@pOVd&HeW58P5kOT4;0agDl$}gD|Rwb0jr-0{k$vG
z{v|sVBYm5kdCsOhnmi~1K|c!SCR+XB#ox`6XtNaZ&Bi~-lzbm@CbRLMQG;B3o6|$?
z)ux_y*90DasP@i9<`Z>+var<4<Z|LncGaFSLh3817VtklK+W5_Sqw%S-(_j+$n=->
z!`~ymS|M0BbwA@*v@L(&4ckr}i&~Jcw|JLkV|ePTzi8PZr2z04Li9?G{Yb_S@Q$F?
zq9V4zGL}eI2umOtv}8}k4rPIlD;7T`4hWeS<2X({mwUm-I6op&h()DBP_@PZW>Y=a
z2@qoG;W7vS5vmI76>E-unYmJO%)6bOqy}q6_Oz$WiVsIym$PxNizF^5K-}}`)neIP
zq>nP_mG+M^Ma$ToYZo+tNMaxgW~eC3xVUZ^*JsmD5y|v63P97PjU3GY=2Z2`3(&Y^
z&u_Xr9AVQI+I!hQzs-Zj+?8LI@z%YkWwD%db2#DR3wi^^<AZw>X$i8Xv&$tIRKfCg
zlwSk1kpWcjDWBg;e*1`8HjC49*NoMbU#Xlmd{Qkcq4%)=-pKD(Y8AQ^QmatA4|rp1
zjCyg8q$<B&;dySo#k|Ymxr|?l#LmHCeL=8<BGt=S2{QX_3bk)w@v$5}rZ)KQ@`zg!
zEQe9>H85fqkK5vMz>DJeQEoY0M-9edr(GQJ96lFG5ax_rk;0-xomz>R5n#0#h^MF&
zU4SuE*b8{%Hg$o2wWd(hJsL;k;ET!dp#`=d(E9vC2-+B*JYxN^@kt{#9UCtnf!z@M
z3IX`<uwjQfv^@wYD`@|y#A%i5k4Y#X)LXH;OrvlpxXm?Q47EXQ4=B|TseWuKG7<QH
zbtKE7m6>7P4_M!5nsLXRi~*k_+Y=)=liu0!dp5vh=@k6AeQe;PEGyy6R(ppH#3_2I
z78Cu^qzGVk5(Y<vNj?^7LgB~hfSy|Qgs{UVxvm@|zW{UU%86^?qYp(jQk`#vfx!_=
zC#*K54_B3B7EY+01%Bqu=+Iz4%#02v<N)Kk_$lCb1;2gOivv{r1>W>BLNDFC7~L;}
z(sz`v)Hh@>OsXBH!rsG7v%;)aikWXEt6Qs<yN%okW19OYn!*Gt^dS6mp82~=;K@x(
zfUK7srEvZbfmlOI9_$UpTYm`0mfz$grb!G#KIdw<%g1YF=wvgi75PhiJUfz|z{Zz)
zFAZi+v{n(uK0zVHQ5NsueZPbc+zO=+|F93R-bCEcx3?j?sn68OZ=Fiu#rLi9F=w1-
z!kxSl#O?d)<6%R{CV3%}pXO%!co#J}S^T&4kvkG-kr*F^e^-ZrWdkjyccaZuY&3}M
zR(lt#xfy;|MqMnkMgGjP+^$Q1ABxcbd}HA^c+U>t<qUgS?XA$uan6LejY_<Glu+X}
zd=Jy&YA>Rn@6y93F0>xLPP?v$SJJGR8qarMUdw(tn=gJ)Ou%7&tq2%XB61Qm>Nw+7
z&BkP%r!wy*o>IHJZ|>NBPB?T0NA`{0V@cu_NOrB_zo2va)y-@CrkkuTcblR2#!Xc6
ziu)3OB^^us);;G`sGy*iQlSjbtP^Eklv|ine{wlx&Dh4HgrJj79>}Dqo1apzzGxkI
ze|Zy;4=-9l-W<JXfqENOXEN*vYl#vG4}(d3UaZvi!Zz~RSd=g9eL2Gk+p5!(ybqWU
z1CcEPcP{mQ^~nGx8P?l{ko5K&4t1ctnQE_w9%zMXZwUl-cTl6!v@=L@CzM{G%-8cl
zBEw(aF0oRU|IF$md*Uw=|F9TS$P2IV;~%o$V&C}Hc(_}Re|T{3_=i@%$p`1Ew_lYH
zLdGfyd<gaGD4#<XgoTK01KNaPFwbo+y+$+-!Y9+*!7|MqECH^>Mo<eoA&W$s=x<~o
zL=1H-Bq<Oi=1-S2l8v6_P}w5}taf5RBoJWOJI?`P(Q;^r)zz34BTn&)H&c9KPx0^P
z7Qa0xu0DnCcK*$^59tj-WTn;MNF{UHMru$`M|s@672qLjJ!w=`N#KK$=pnex6_NIh
zeQh$dd32ClxVh1*cs&qLu9N=D#FK({V1g&XqOGfpDnvke@>}ASH+t9o*+h)3wm7|u
z?5Bs-GX0g)7ns2#235~t^B9SLUbWW7<7M79eurS)(iE)rc6*&O3x?E8Q%EW$5!~Gb
zZv^}{&64VqcDObI<oI>v<00fl64)d2=NM3_qIlRT3t!9hG+s{?7F--11&hO*&e$UD
zhvmhFW2I<~l)=;WQ`utGSD<Y{Ih}|;4hyDjp?ztC4-pxhE+;55GI1vZm*UHtHdoNV
ze6z?qC+^mz7ihmuBtdyjw>&*Cnu$CY%L7b^vx0B+0)#G8w;2ztwy??VCtOD!U}!1W
za8NjTY1wpC5rWZ<>VLIHT%n@yq5>ID4Mw{e(n#-^XEcG*;!c!Ft4WO4c%G%c=C!@y
zrgg!eY+8R?EP~?QY(D|M^w$4?;!#vaNElH6ZHUA(kq2(N@o#gkI`rC>$o;Q%4_JFt
zP2WF76W58>g^ATb=OtGOFJBIqLQHnF9YgjjVOd9Y<;QMye6GeGf!J{Q(W=$;iMsrv
z`YMkwA2P0t3|QaNjSq6EY9SIx`=1J#$Ha944dhUAqq_V}nT8s%La4irM`KI;xH;sC
zR&__K-U$y_%qfaj6YG1^-W2vJtK8Lo|EfSEi|*vO3Aj8QX=~V^?KF`U^4exrW*B2)
zArf>C`mFNjG&qu1*&v~q?l$xbG^!@}7%@Q7;|=wH)qm6H4O8v5D>Q|Z^DUn@1LG*p
zpr^BWN0WPO`wQo@^*TOVk7oUj)R;jOk|*{&_m1$@diOb`p7dxry+Ks=b$X*vXY3H_
zH9Lnuvx)d6c#eg}y_xNTB(yf0G-dElI(?<J0&_9$Lb;DYZ5^AP95nwy`HVT%Fq}jN
zW&I?gmO-GTWE(->52FDry6v+cV9}@SI$U8Te2ep_qON&XmII=7)p3}rq)X{=_8NkS
zu%1QPgXc<~^-t*|c`oA_$kg!IS7~7$g1i%Ro||~)KP%VFgI}(dM=RIHLr`vJ&hwm{
z=ea!l<>v8d<rd_8Uy<|tf-?B+b@S|(^OUT9uIC|WPY=O!F%O7*t)KGn^2?R+XywG+
z@}C=j&U2V&s<d<|!TfSkv01ssoV?9B&uu)js;t~}p8aw&dF%@=Jb9k%6`@jEQKrh5
z&cIap4ah5?Ao2s_TO;xzmczkiKa}Z~@1<{a>zv<dpA(7hC>Mw9=ypf>UOYpwN9s=v
zXJ0qxB80VKVu&7MEjQ>zdDV@HB8)idaF%wJ1;=T>vZigQtQl{fp2{xjsjQ>CO`Xiv
z=k{j~bL~}VMoRgXDe0<!vzAU<D_+79$T0py(C9Lpiu4P?Mv@>2LNQr%WGeHsvJ*Ik
znzC_H<DLxlbEL9yR0><R8E)B-b0Y7cZX-Y2^4r93p_YHM@_{0){PLeYw*}8Wt&u+V
zR~uM&^biY=>O2LPRhZA<K$owUODW}(4fe%Z)?rGzt?>d#sIQ4;r^}SA-bd#dPnu{Z
zzt;(><cEE+6xyW_4&V1K6tKKozS!tk{zYfmVIW2>cNmz`Puq`Zxw9Zi{aNFPKa5<G
zH29Gw@4^?vJu9Bq**s}H54^1La0W0xEAQ25{qt(?L5l!gPghx8*>8*arXoM3h~4j}
zJcGR3IjdN+mNtqlUK^%J57Hs2vVTgsU|YX}=W!jG79yJC<m_GfRzFZv-dsiAS;|KB
z=g;ZIFK>+>0$h3Cx_|ZNhe9v>NBodh!#ClFS~t?{*XM_R443wG_@Rq_ljVm_YTJw-
z8b^Zop?b@c%MW3{<vSF?DP|s$dA|2NQ)Ik~?bM%$3zf6f9s!St{hcw5Mav4x3mo(7
z@bigob#*=bPMH}c8OH-USx{eDB|UJZ`mxb__}A(y^77vN4UJ>p67a2Gz_*IddE>1=
zOMSleJ?~t46mXDOIy#<mhrs(A>LY#@(sQPsjDtPb?{WWN2-)1t+1yw9xqU$&tRM4Q
zMA#2iL~W=+>&nm7Q<<*`$E1NQ6@~n%w0u|UYmKOtll;LJnzURLvPvwmG&F0xOW=LX
zykyV7Y^9XpnAu7XNPUBqOJ5U6w_t3-5!jiDWLe@h-UYvMD1g<-30L?i5G;@*NC?)^
zAv~)ihgtp}bl5!pJ;0Zu1I7wtBlJ%nhT~r#eSJvVh<E3Uwt6IgmJIbhZxwv44`;+y
z?l>`CbQP--R*1lNxB#@9p6r;gmmnuFkF?`Nah9dtP5F$a-b+ui6Pj4WpT>UD){3uc
zqYM4`6+_cc6`D3}CU3R#i3G}dQTV<e!4-QiwQztqBh|JYJ(Sbo@3u^glSl>Uv8?Y$
z_WUuf<1McLr0)D%vg>X2Wui-OwPep9&yt`#ul!PZdH_7L7rv_zT!kHIwfe+Gc&9*x
zwE7ZF4U&;#oja@??OA=|95$<UwV9z@?SmaOCI1yp3@euq9p{FZu`{fXU(iq=|NnS<
z7x<{EtN%L#0Rje3xCE(CjT$tmx5Ppv2%3?AXJCRsL22s+t0Gpbl*|Cu3&9DN={PO*
z(LU|-X#e)H7h7AU+Tx|wCR_tn1-ulcO28`TIEskMRhakt+xtv10qoQMKkxg}nmK3h
zefD*&wbxpEt+i($>RMnrCI?<!OtJz|?q*Gzncca;qG7>h7cEyjxA~ecn#+Gc?}Cq-
z%M}BV84Rqqlzg*RszOibIko5rhzR~jN|YNZB&h{Sf@-v=dQmkhJuTlXEUfh_5uK<9
z^F>gI%1Oce4UTUx<dhYhj1xrpf4?eZW&p$PY5MkrSEaV~CUmzO%uvL1zF`ZJ=xgj<
zQ-x?2Mw(rw{MKG<CFdD~tHC^LgDLWk`!6k@*UMC4<R$4xF1B{yS*}331Jl%_5z!5`
z%MQDwT-p@e&8)yWht6F>-!^-t^iA;a!cYD;csL@yiBa>yP(9?}PJElb{{K^a>&1%w
zyZH9!5B@ED`{^712EP69#~t`K=axh8?OGBvzuz)tJ`dl-B$<=`<O`Ca5pK{6VMXcw
zsY8l>E+<91pD#s6(_>!vqAdDz^0RB?XD)a}evVXc>?%M1Q5>C-pWi7GC!H?Rd%pZ^
zkD!pB&56kil!{jGaI4=i^0Q7SjDejOhP+DeX{|i3eu=mAm59xS#yKL0Y7c~C4Twnz
zf(*8dQ#zz-6F?l9n%zqrXDyxRa1*$@{444c$yHsGe`&DOD*B+c;)W$zM}yx6{mMRe
z3J+9(4Dq1({evm$of(mEeR{!FCLqf1lbr!kUg(f)#ebLad5#U1`FCm}f_~RPTY1U<
zUZ<kz-<nQI##a9g{vY)2bpsju(~h1fd~O#pKW*njJ+s5=@z#|RvoWL6C}HD`^kBu}
zzUMz?CGMxp4CDrNcX^9>@B7d`=7K@Bnb%wZ%ODI5Rc<ut2$}ljz1{p`ETZ54MM$QI
zDI+PQjAxcef`}0!C54FDRUM1-o*(3y|C{uOc?iB+!lU`_DIRj)wdFl;%zJL<Irz@w
z(R{ZfFJBep>X49}6R!XN5|VR5`4NQV%f4=f<mp0?nWC>^EbL{m;yGnS)x@u+Z4tlX
zco3C8{hAe(YZ;}qmeaj+{)5777G+{|D#Ym2${++AGY(GT5dUpDju=s~-&kjrM6rmS
zkS_cd)nR(&)h9=<G6x*Bx;2nvZW9%O&ojO46=s}|YDb+G$j`bfEGIu-$+M(pLA6BN
z2h~NkRM~h6f*uRrRZj0ZiVBce$JY%cbI^RV{SfldTs~PPslj~77t@1xeW@B|@-FcX
zfmV&e(29xtHTqhN#;t6v&NjG-kp;$#yf!vYXu?i!<y=*WaYV?prVa%C;Z_;Rx~h~K
zEiZN_<W33<+NM*ApMuEbG*1DJ+{7J&dAvuD>GAO8lbGiqb{I;F$^eUWM-r@S6)kdl
z$^8jsM(aT%ynfhXC?c9bb~z2Miu61xlOM-2FZtgiJ~@imNqi1^$JU7`_RW0V$lv!j
zA0Zaty<I6HbVz)yI;j~##d8UVl6ut?c98UGHt(6=hz<pdm(FP}gZTHP&oafDJDL!s
zpvvyMM4#aJ?CZ1BgdYJ=fdis=IlM3gk2F!b9E!E@tbgFh`b#a2m<eT7A0*iu$Owcc
z)2*JR(n5<x5*xv6yH_$yNHUxVW+1@fNMb(;@WhnKA&ZXea6K~NzRI$t>yAYqL>#z1
z>JaQ1M{1&~+0rM;px-47QU7%D5~2J0`NK#6u4NzB`~{64AO>{o90EOs<%a?+7O$P)
ziYab^_cF|wznv#@D;S*SEI!0o3b30Vz?c9q-Q(C_YkkBir+bXoRMC!ER(huOROdu>
zX6ixD0BD&Cne`<@NMs5fy4~)m`z%YNc?hlgToBr<STLRd<+|mMz)1c57=dPTW-yb}
zv!!=^VQ4T*&cbaNm?|5N7iTQp=s1(yKr{st^O<wv-{Umx{hytIvT4d>1MIy%%6Ucf
z_++;^JY8uBkQO93G0tW#;EX^H)W%`r@-<e!G+h*6rgz89@O{-;Usy;9OF28fbalEQ
z7_)^ZQ&_KMdadxzH?I~HbUrKS@J=@s?#c`aJ`KtaA{n0yOT!fAV&M<PsBZIKXhV6G
z++COa7!aw=g!!y`lcL{g2qx(a@AX|88@oxZD&-@WkLBU9$rR{I>XH!eK-?3d<`(?E
zNQXp@l$r!+H7_W>et47mZ}bi(YdD%On-9e!|J&rtTV!ZZi0GQR3RIxXYoGup+U9(2
zT29b8heWC2#-_zhca=xQYvhzKpGE$XV~X8B|4U5q=}-0NXo>TrZ-^gut8@OXd%E(&
z_N3e}#6@CKu{16+V48QLWF}50N(LpxH@Na}-Df!Bj{r8y5uXWkSms$G-Q*Qm7N)PA
zf-xFgvE8<*I2UUf0t7DE<Q!#-q{h*Kdc$o#s(f%nl&&*9T8@<k`!AX<IlC3=PZ2yX
z5zkbeH0d-w{#?W89&?Ep-P7Cdu#B$HDN<KPw=HO6ooPdncuaWNyUXRJrp855v5wAV
z{O_$tlK;@yS8@}WIWqbnkDdLkWh$w*UDY#ojm=FKmP2|5OtmLQs7)}xXG6O4=b}p-
z47zL@wxc?KOZW9Z)XoqU!MfLU(0F8NRz|AMjiyepL1kQOUVo8@8gpiLTQN?u5uB;F
zS=vJMFppn)G~ySN?OySqc_qrTm*G_XFl8N+K22((>6|%W5r9tNDmN7<`DW?KDEa1b
zEN~+<DL5ARbxCk6U>PB<$5tceWWYi}a5w;O#lfL*e5#B}O=a%NX6!UraWsFbQ1NT9
z;zk5edJx5?GSqol@8Pw9(2F{6Jo^SHn^Q7%s`CO3({G>8NxU8vbfuY3WuTcid;rbN
z*Vw=JPC!JRs3D@uC}lPFE!!;-T_HEJ%L9{`Y2KO^>E^TE3E+eFzD4ROBuWV2js7NT
zL5kx7zv8gW<H^*Q+m@p_>Eo3^zKw-THFp|xIeg#d6(&1`asT>5l+7DS5V34u)K%GG
z;$P%~2aZM^gZ3sds$0C+O`TtaibowKuHpG*!h|MX<XKoU0arqdaK%|qcjaB8y*b_E
z;tvFsqK=k<vzu!@Uny0a>$g1%hsLFKBt*k3Tm!#Ap4s39v|3A(mmV=)AAr(T-Y+v6
zx#_P0N6Evm)=k~P?l4C+&u_3b57yUZ1`^oUFJgJrG?r(A&??CXgS{bWg3*W1#5oYZ
zUGh2lS&im_^NWsN2x|rmvpsLnu{Q;CVM6no-FRVsvqqR=9IhQNJ*mo#aikrin!o?9
zp!vW)wu}C;h!5m@P{j~1^2X{^rrafyvGObVDoR^cfgIz+wb(w`yX8sYjx_U8xK_nl
zOm0cI!C2|8<4rzo?dJDh>stb|Vkz*wmc>lI<~2Ma*ED<RZ2VxB@qtXDRgf-NMusZQ
zWahrd3Ws9e%WDYFu(Zc**y06VYfl#k_`VEwrmNQ)b{*Dh&90bbT3IS8Dv;t)J<W*?
zde;c_-X7#@e0pDJI(BnzUMlPbMwmP1=B2{Ui<zJnQ@GMzy+w+>{K0s_X@G}%!YM6t
ziaGf*d`(rSD_j>RIJ_EHLYA$?sc!D;{WzEa%REim;^AVl8{h)L7J0vw#h)@fD9{+#
zsQy<Qgr665*t@)MiMXVgYY@q-T>&GNsd<Gg4oY}YNM9uyU$_a@7w%N#Wr1mfjYDNM
zsuy*G0q&<9_FjEaWX2yj!fA^)m$;(7^fPP<5D4oB_lz-vv?h7h4{k@FU?KbUp<Uw#
zcOQiUKe!DxH<~=H+-dG@O00I%<7$Nl^LS{_QIEg}4h)e4T&E0GrctGPeCIujO|t?A
zxRFYRYb)t`zq@1+HzoTd`M;IXb2mx&KKZ}7mG8M6zTywl;r}+>`oFpIW_z3oF#d19
z=Am(peBT;pxn2F<xMrP_%P4TT-y8Gm9VlSCU>V)mcz+-BxftJ(!~Na90YEeIz~AjQ
zOno}+%?!mcH8=~OrUH!+`!qSbF)=tYp(zhM-KzWJ>2`Lu^xM5VJl(GL`_Q#~dw%O+
zcVd?YFVP!|E(q4Yz@XY9ti0ZwzSe~N&p?L|UIh)p|5o6V?Be*gyhuU?vAFv1ks?PV
zjjIo5G#!p_Txp-@`1Uo)C0Zq^Y-(9VKdtJMtD-4_VaxCB6Y4Xj-PcjK#G&bw3jE$0
z%&Hr|x0!l`8`aisT;ZOzBA4-d3*=_Gz6D-YIq$a#z34C!22K#x`%Qo(DyF_Tcl`+(
z`_H}KqKA6FonyV<eguU-)Nw8Femlc@zs;vahxgmD{;j<J3;u4Y9`ujZ=jOnizne+<
ze1A6_A|vv5`yJ(szuU7s$nwWbB)_vXWHd0+CFH!`B(COry=kT+Ij=W6$IlueS7vN@
zvEi{6Nxs4r5IrWQhn^y@w`lSM*LuAzVntnfz5R}dh`A`Dhh5$dM}bsNIgY)r<uRq@
z^maT=$|mjmx`angZ%wL4u+o7a;M3T4dAmi+kKpd+Rz7dt-SBafyIZ^KTtMu)!`<DY
zHT$i*TYb&@b00y5iX=Dt^YK)30YVO^FzYf9_)ZVG=DjcXHuciDw=K{^4U#MUa=t&7
zk0K#tCj-2T^ZnVJGrD(rv(c0N^d#_R!zdM>HvaZfV3iJkws&*>Y;I^dK2O%4Epv!J
z8(q!dOq#<N(+_`@ac8T|`LpfAfz0g=fz5Mf(`2$u|1*EK{12?XVSf3;{Mp=mf3`oW
zN%^y_0jv!j{jI>=__O_lybgahH_x9<efm6qwg<`6CNAo8m`j^Yrgynr`UqZaPspq7
zIGPT;+TQ8(YI`H_YTMA^)z;o1uQnuYyxLf8?SFwUn;T;PxDkmT97K9F_fQ~!$YbT3
zo!&e0WLsf8*$Nr<gd=&fHNo)6lkJ>*;wzP-MrepI9%R|lA3~ty&-PPsd(b!Kc6Di+
zj}cJLrEQ+!2@wM&w3Ug$t)RTLw&*1QxM=zG!+9Bzy9X&HzqW_@#ap?)@?g%NjSCWC
zH>^KfbklBdLQ*DsDu>1Qo9@VISkhU2&4=-!{w+MQWgni0W+7d85$heewp~!RSO>N)
zo=@^;y8xfB)n!`Z9n7|y{PrHBUD6BsyO5h**6Gjoq5RoUzkeuyHbN0qu8g#PfIr)I
z3AeCVt7TF@^ui<fvng&7{%lTXd=Nzm-lpZV?rf8xM3PAvoi#19vE$*eY~Xlt-CYE~
z9;@5MiUb@=dc>YBLkcp3U{M}BJl$oc%QU*x7YL-p$oy=a1dn`|mu+wD&iXx7DqXsX
z%HZ@wPrRGAl5TXA>C)vUT^=tc>yyo7DF7CJB6GiD1kEpOMbI>EE|<2Gsc2keCdZh}
zzw)`2LPsf6o*j@mdh<LPg6vtDp|oCV-Y_G2*Sm)nGBFh*w@5lU{>U9jJ$rQvnU@-W
zmR;VS*Lazb=g+cD2{m5RDS;zP58H>q9er4;x{(COWJa6b4eH3bpB$N&Emt#sv+3q?
z<7z`%4p+Px*9JVX_g9`Wx07di@Ibe?+bjG!ZYS58Z{VZ75h`{G?0T1ivO?JOwcOQV
z0($Sa&r<Moiot_u%&zyH)xB8|<04YQ5_x@gOLz3FVVS)zz6jC7Uf>tENOV5bKB|rK
zQNf9pHaPH*{HCo{L`H{g+J;L^ezUP9lpyw?dADwY+O{7y@An${M@=s=OKWWnT?DfW
zer^S`r${$^n$CBH<0=RZus&mu0hSpVY!3t`kikY|S$&ye{%WAQm>)T0R!#=9L<OD^
zAchN}YEhSF(`zcXC#Q$gn9rA&$~q+_vud-t$V>2Ll9z1f1@4GUGai!26kO7a)O2cY
zaJjLWq1osm|0C*ECSj>|BT)8zx`@zkgeCP|+hvt*?hv~t=GG)84wN>!F0q%KyUsN{
z?v@~C$Zi=*o$~3ytbcMKDye*tnb$y668~rq|EfRm3(VIaT2bi-qAaX;i`s={%9gG?
z5X|=_1H>39WXLxu6o^W{vbj<Am?EdS-V`BZ$oN_jn;%mN&+U3%!gEK+5HW66Vlr?+
z_ETyv-NSv;lBq?!a^;)`UBshI&PQgxVE1=%!Xt&(4Q|bQPNK?4dLJ33@_W(BotBI5
zl$T~nfKt4WkDWVT=|?MU_}_h=hr{EAT+zp^$+*tgH>I#_Fkft@U_E-QLqmonw|FZ)
zK8Txndz8y&G@jT5<8(IT^W`U|;`8E#G~{Y=7Cz2G)h9ngfMOwR)ncV*MX`WmL74tb
zp^X=E>Sse(5FCpkaoBalFZcV=TjI|vUWnwU&IWVxlcrn$I^-uMNPc<=tkON=ROKvO
zThfV(#$e=W5^U%Yq?~uNr3?0(yNI);ZG47Jih9=q8yf@-Q3#7{ON5AX&YhExoy>|!
zcACySWo}_Ub+(3`)ONQLdq2qa8`;v+sZ)E}^k}GE+cyw|%v6U~mlv2AUht30g$NlO
zga|3=2oW-DU(glWrECB=P!u)l-1QoSt3KHp$+jIKLWo=A$1vzx+a*HC1y)9S9Ny@2
zWTa76M*43tjkyRRC;R`&YrZ`DFUU)eaK6_eDlO%uBOFPW&>-9%5edCgpM1xNN*nZ1
z&HK)GxAGvKV!Gmjz*I#gsIn$jOqxQJkdDY8Olu$@8OD&4ILs~G)^~`0@Tp?HDKtoW
z^r;e&U{oTNcz0Q0hhXJSVi~{^#X?i1>;g*aFspa-US>bUjRSeI(O4#4wEg>|c!+lY
zxuF3D7P|QFOEkKm9Vuzz5yYcN<x58UQORzpC=?qBu|Z&vJn@LpN-E(%qvk^iNGsa8
z)nqR5KwgO^5BNVmQalj&0_h~gi2-<j*rTo!xIa%|TFgihm`rD#?@u)GK)A%$0<C(V
z=TDw5KM@b4SEm3)Us03f1SqFpJwjo>aR?af7B(J;Tk}><eu{)v*Vk;5{ItS<r>p#=
zktiNW2ill^`F}A2R6$s@v%r7P$WNB&=7~_X|BL)|*auz8A0|IdNEcRj!~^*SO-5^W
zICpN*NtNhos~(K}lr-`aE2elLgrymjiwB~O;Pd3C76u~bT2$!>@{^K{{G@VB<>665
zke}N8qa{B*1-=*fuS$M;3WO~1*Bbe$&0p3bKRr0Mi~Kawbj-K0Kt7VGmY~4wWBls<
zLGy0C+ocKZB1^e7D~&95f;qJ-{(!Pwqk;?<t<1?%8jAkqxQ0$yY8-S-vecteF~i=g
zWLH`0%e%Bm+VCKYj3Qd6Xzaj;ga=Xg4Y%{4c|bedVjeKVQKgcIlpu+!jb9{{`pRvJ
zxe={7&}by8GD%eXynQcNiK<NdLzOrXeJ|<Bux~Z*BT>mywR*!5@?x{yE)tbEn=bfc
zOl&1!odY4@&;%4V64orU9)X0Vm%}8i_v3JXNLcSn!dg+*Az{J!{uXx$J2ZO&LBA<d
zqWf7)QTZ<qj3h>vn|L9&5s$g_Gw48Ot3nLeOJUyU-N>Y6Mxk!HgVP9{*!}i=Vc{m4
zj*WM-&*zdfd{Zu6{B_P)UxZJMoec25NIhX>k-H5a%{X{rLt7ml%&Zmom%yAwYu<61
ztMtH@wV2VOup(3!?&X<^uJaX`qR>ffvM->M+60<Eg^SaP*rfY(<wx#}`EGlfs!%+k
zR$@z)6Kxr*0Rgq3Lma+@VsZ8ln(4L&B6_zRd~l!(Z(E}Lba2Mk_6OY=XcGlLWn>x^
zC?s{Ow|0woUn?9$*j(yE#McUB09qE%=)J}KTHrGru&Nhid6i!!8vlY7Z7iWqE4W}`
zlhgbUa+qsTVVLbgCOEp15kUV<pq#%dJGe+4vo|;8GRNW^OlTEE<NEaN=6)U|Zw$RM
z+|Sb~UuR1Xf>fD**z-7J>SO13n{W+7AFT+?7M5}rvh3{w7>ZPH$_zbZeX`4qa9_jP
z0sPEE0UuAQxp8Ds{O#Q9gw*Jfl9};DE`1wA7Q%t7&V1e2`<ek(Z>mo#`oC>0<K*o(
z3QeN^J9qAsB2QjE??+O10Kua)hIYZnG;G)2Ay+(8iT|qhFX&ahiB|FwkV5?PJ#dmg
zgVqpur_rc)H1qm*2uY%YkAG@O(jrL;bV(&M18gjGA{GIL4`OyBUo4q7eZ$HVxzSBk
z7Ly=+l)kBXkW|5y?cB`U-F^D<_HM^K)zae(cQ-+p-YXOvGqQS(@M#f^7$H`+_du@E
z78N0{DpNgBr79#~7D(yak`8B4I7gVq=D^H=&n2a<GsTQL%vvr;ZkeetPwgg03?_i-
znHPAa==C271}75nQ|UWM_dfXHf$YRo^YDjxnV7nJxM|uV*oCPZhmX846&qfwmJPyy
zV1tD?^fiZI!WF&e5UfJ)5&#AM`pEkxH>VqePb2wBtQV`Y)tmj6@JebQ!?78pT5S5t
zF3zuz>Ou2vb!1w}DpPxaw(GIT5ZSLK5p9wU(MvQWEvgD4bX)_w4O($4YV*1JlmSQr
za|6tBLmsrOmRL#bBGbu;3ad)MfV_B2if>DNq%QdNQ*NNi;n%aq`H_g+@c!A-W^$@O
z;LuJ(o|P#vL7`Tbz|J|%W)7LF0<}~Vt0;<Z(bVY`1F;Gu2%~@e8MoYkK`6Mb8dTG-
zi80DK_0kyEX^M=lp&uy*6>dXFa+Z2v!hh}-9o_CE4ru;3X;RDj*C8n>!8G>sofaF8
z<>MR;^fyp6IRDN~rbYw~3!P_Xj?SN-RUPvK?(VR-dk3{1d48@TN9Uzb0{}cz)iEe(
zj#{+E82dx5QnvK$E`?3o26?PRMOUVaB)E$5b`C-KVKZPN{l$E1!(#*y$ks8Th?Yk9
zI}7&7(sncag=9%ZsQDG?U&60!KMWo)|1IX-+V_a3UT59|bVEF7=RL|!Xpn4S)@fFO
z`kHs}KjJ#1Hzh%6q2QfA5z1N&U&UDj40}un{vyvi^*k-=TwwPri8~<pc0Mwtrc-1+
zG8FGGY7>}Q&w~k=sK8`jq%{ici3Z0@#6O2dMQK=|qOLd>9N>$cX84aHzydX91%mlx
z7R4iQg4hP>Hp|jE$^L)qv@qy-G?{Ue%gjDh&w;L1k*jFTVnm6u-LVSTZf7&x@&xB1
zA|`UDo}MItZlF_v46H3}7E>@2VmPzR<(BJAH>t6MLP>1D0|o@%tVx3*{&c2)*Zrwu
z|Lfmn|NBtzr>$-t-{qp^d!%AE(?(KPee&G3WPoL6_0uCBex9$TPrmZ-bODP*lstX%
z<TKHscF`yQXB#SB$%$xmQ&eV@#)w<qaepP_1e-D2WNc%hwGc(#|EwXehshf=tjwro
zS5w4llzXft(*Rj|%-N@y%<m}kRDm0e(mVRNjTd@-3mF>CBI+_q<rXuH)wJY|QMm_I
z4j^lg+{o%Q7(tiPwj;MZkJ@g2pj*Dbg_qfoHYxOepqFd&6wP-iVTyN5Ka{rhUWtCj
zqgB4|WYfckY1it!$J1=)G;(gWIlt`4IZZkJEk=50s=6LtTZwKGk(x^r<A*dSD4(_a
ztGm;@UlBjpx2N;V{heksMmMeX^VV`no7sW9stbvA)NZq_qO(IieXVL(+4<#SeOd5T
zoWI#;JN4XmP?!JH&SD~)-mjkoywA;Wg$D)M>AW8+p^VqOMx@#<pb?|;&H&||9sC0E
zYPFfoQf2S|vS&f&ypF1V_Y0=5idXHEfd4d=nYW}v1Ky(dqIO$Bm0pI>xHRAoeZ$zN
z=6sXgR4*+t$40Wk8jls$h!2Ma*KTARATO7d7ZI67@nre|G$S^W$<1+7zXI$qs3JGb
znUm4MdcAKiP&{=a11#l(SkLB`C81bPY_!V0&Z2NOv8#4?Vf>43Y91}ss-;r~4Jt6P
zgw;||t|K$Mo^H_df{x72-9+~_arYsHU#Ux|Y*K}B-dg3q_C0NX@*nFMAHqcb;QIfw
z!R;?MgPS+v@WGvS+rK-w38nvJa3}tg!I}OWd$L?eou)f#3u3(p1-OIxa8tPDPU3KG
z4HnAj(M7DruZjjChDM$)IJclcGZslM%bZfZ!C%75IA`gmvAYVphn$6qRhx@{6RFup
zgg={q?6~Gl^Nx#TmxUAi%bdG@Mh*Ti_><4y)Ft0cymLI2eJ2!7Y&$R9w14v)m)F_d
z!mZnSh7<3eH?H?VQg_V0fYh&bPrTEs^_~9V)_2K!o4k+1y))qjM1BK2n#CMO63YtJ
z-kcE`Vh%6s*7{D*y50xE$&5)X%bY@D_ttlc!@akUOMa}xxdZd~t#Qe>>Yax^n%zjH
zP4v~d^GlfL(96~jiV_EopMR#9a*TYki35Y2g-7$Cf`cfyFvLsd9J4)iLR8{FS!{6P
zK$Wv_D?6EbTBWkD@{)0KbJ)#kUSamR;j;9-MWP0{0}k{keM7WVOlt1vMGr0=Be`8U
zd1kKQ4K|9ho&V85Xpr6f3=SHV#>MP+@)w>sSQ`l66HC{`ISOBS`SRTQ2{edRv_k=x
zmM+7Z__3*6a&vXz0yor_Z5L}mw?>>SdlI3kcmFW8gbvVIx=v)^StfyMOF+#uMp)*M
z!We%)H(&|_?~yqpn(V%MY>`H=YHTt8l@$N8@|30+HkhVLOYw@luSk}qwKJ~hYOy+F
z@nQYXPB}vV$HQ&f{{OxFU+6!r75qE>&ntiA{@(=`sQ%w{`Jw%HQ)j2f56rgdLdE3x
zf$-s{xvM#pK_Are-SH)y0>p<9xwqsmYe{-$0e{TJmDMfTVGB6_g&^|%@Z9&q5Ba_-
z_kGn7z7Okre5Kcziyilyn>Pp0ORjW`Cf9iXbGt6-+^B_xN~BBgG4Gqb?|qRORJx%r
z=Kck4!${2Mx}-8UePxk26@UV$SY6^>{%SAO4gx%LB?CM1QR7*kbl+!hflW#GcxS%g
zJ-EAX$8u}WOhALpUgO#x@G-l+b1pMemV;M&38lGyk{uhibeUh-L`UtVlgIJsUtjiF
zo_$^F?ChlBT_*LPPRePVOds*S(@65gym^Y`ZYXsY-ou)7y*japlz(zl>GjOJxv6w0
zm$;l4%x?Lj+?A+a<xuwIv$CbH|6|C%cY~=3WM;2ZWzoj`tj^5zMf1!|KXQjQBT&@d
zli0jWbItvi+PHOtQ~X$Wb#1V4dv?T%^~N{=LtT?JW{Rz>hplXmD$6Zfjj1Y--vkeN
zYjl>II^G1tiJ!+EH$nCLcf_g*>kWB&Nmolo<}vhq7%}&UzWiNME!g<~c^n{@9<y$&
z8PI~cW<Y)N`|!usJkS~0W<jUmYhAI;=%)k^1G~V(KSi>ko4dk;rf`p?a(P&<BlUY*
zzz8$NLB5D?Kt($9Z8R77A)>h)%wv}Bo;0xF8BO?M%n}+asQid|Zw(Z}3_MB82qk_7
zk_>`;<h{{&1dc)kbg)9&buvuE<mupvb`=La1^3~0roP(Ng;O%$=h>rkUw9<>iJLmp
z8po$DL}1c2?QN3K3?K1L(^`kNBR#Yh9bcw2fB%>KgfU+1yh$~&F(vUG^_YE3NZmGu
zp;&Fi01mOCVt=zSG-6+sSZBr(+yZ!ccGzMNNZ-|4x&AWCrWd*AG;)i)XvcN$?_-l9
zLU1E9S2zbf)k^BWW+mcdY-I_zZo5fxy40$>$7o81Fi($!W>HJ)rH6tK{9u>)s1Og8
zEF?(9cz{`3r954w{jnao`!zY-r{Jb26XG}r9+xYwx!Ia&WAn}oTP#KOg~`*-C5H03
zXgh92frB;9tq2}<=(NsZH;>&EP0`Rymb8V>Nalc>GsZ%cr#(2Y=CbaZzsF9A)ZBPn
zQ5=29=;L%WEY)b+CNq_P&ph7ApGYH&@AIui@r8_0(d<S+qPc8IZTmMFx(##@UlkQm
zIdfFeDY|Bd$!@1>ngVH<lHv)xpI*0zGw!T+*Cm=dgKtlL{N&a5UAJ@FLH8N=3n#cI
zzxn>seEKT#qYxjp%w26+7X9n{uI8pF7wEp^63#O?far4n>KSDL76=_nyi2D-a1-|a
z)qnLq(#-K)su<W&MTaWR>~E$&|H}QQ&v&hF1>BGAQrG&rzz-wEZOh)T=`{ZtgsxYl
zo>wE>Um-npy6{!f!1v->o@)UB&wb{R-`Icd?ybfi_x-|p=dpH<a%_Kfo3fjh9MtMX
zyH5vV)-}Ed@!ZzS$jE>AJu>nLD)svRStJuhrkfmI9=p`2^maqjoTVF4>8*HMD!soq
zny`;0wiiHbaMDKL?@e!6Mc$KqVnk&)?bWhrlRqCv%Hxatk-QmRP<k=qjz49X+tqkM
zI?YY`4E-^9L$$JHw5}g&DU$jY|6L9yeGo6?rHGEmh^4A=h)7=vcZMb3@V4&Lxtcyk
zYA?%l#}hxwr5eGx^ibN0gx;)AzFS|pJ=*<7os4DSyPr_~i7Yk_#h@)H>nuErZkp*$
z4_)aA0XW3EF2`@UscKHw;-K)ijUD48qXT_dpQI*(tS_pP3TJ6ScoD9Om9IH>-mSbu
z>);9L)4t>q3!VRKpF>x>=yj=P_JXpW4nr1hivO%$#_!jF>C{pcO-?sa@d&eIV5bxF
zEE(_8N%fzOK6i-xacF;kYHy#}&9F^}6RX&D)Z-@$W`vVLmtR+IuFHv)-LS~&mh1G(
z8xQUD{r-4nNvCTgZI24=w57jz)8hlIb=fcqSozsa^+Ok@`J2rAp>0E4k*a#6m8x{?
zP-{ph_NcR`xT)&_*karQpv3!RnTusY<@VX<0Q!T?L6~o>bBoI%JK7njj?dqdA@5$Z
zoWc>A60+mQ6aE8|veIMz8xa}~cHN`E{z;70JNZe$z9E3`dX<mr#ani8ze!`R0V>rz
z*n9LWyA>>*oTF!5@z=^nAaPX=iH#!n-@#z+k@>JN>O2O?1BVw&9M8kwc^&wBN}(CU
zC%?<#??q2r{Dm3sz+WMw#ot0qQzJE-E&dK>%uE0pi~xW4WlM*c&B0kXH^AS)hvTnq
z@9V%{^tF3lgJeRWguk@`{?b3H6);${LA8{_U)mSi)>^d1z*uN|>TZj+Y=oS-ABwiu
z(u6@<-M1mMg^n>Z-3+uj&5vjtN&tV+4GH|5g#!%!THGb{kN=o}a8qomp@*QWP~B;c
z8<efi!`iBRti2?_T0vhY<^p2eg^`D_OQcI48Lj-tP;PYs@UyWju^v7W)|yVb0coLo
z6N2t7wfG_QG#$M26^#vQBeD`;X;l|273net(zz}Mn0i<zAMq~{f~H3syd-SyYmW}#
z?1oi4S9qy^9h*}0RQ7G5+3ZW*6np+mXt6=7D(Mr7!r51HIC!>j&`lPWYgq)VoMs7g
z%?I2AmVA%Guy>#z)RyMr5BV=z{2S8Wz;44MIsE(O6CL<>(EIgo4E~+JKM()t3BGaO
z8E0Dj`^uyv;$H<?3#-N|F>ID)u^^_C`2G?O`UtHY;)=d0fKmEVI<F(3FLxO~A=OC#
zNS{ZOnh6F?xuPP=C00OJWD^M^R^~J-K(S7K20P8djc9rnR_M2|0a^YmMYQQ~QMO^E
ze0OP!+PWJaG`TZB%JZ81`R8h(*sal2q2fA6Q_&*gQ~AapzqO>kcWb<z?<<TizIBoo
z(5Iv~FWSNJW)Y__*XSweG_N0KrvfCm7ipuR<4$wf&}w#{ul;REfq!}c03GY!$uyt!
zJae7vu$d6{=OPyRv|ui1nZBIUSmrETrF9jV^gdgwuNo_Sd_|=Q%3~K18%rO6<a#5Q
znAJ{?`QT^+2NnH+1DzyzKmEOh16c2ETJa+9vS_ygu0|N~$3rv5D&rJyXlI7@dhf>N
z=)569oi!XwL9y@MqJkMO^9R)gvNh8n2X!6yA-^14ZI1Rgn!2t;hw3%!W)H)YIvU!R
zv&?&Sz39>33EC%l0Ud_Dpc2Idl7h(DW%ytd`L85{U7hsBo%=%rzzMVOa+$F#xR!+2
z{+#A-0yhXnY)Yd(E-f%V7nySOf-T`)g(E{wv#$R-1U{VR8z8n3?pRBHis?bOam_9B
z21nA9L;epKkf1papX-vV67NdC`c?F+Z=+w`vw2RK*U9Kt-$sYJ6&>mur0$qKiYf}p
z33pGt+pG0mbgWy+Zzq3Uxc83mf<4l)#?SPd)p&YxH&n27z26EacMyytJ-K`9yQoxm
zj!UlV+CJv#(aIOy(Drd@cXv3kw}*3Q4KNo@>;Zqy)YF1JO>}$q)N#qyaI0TLnd9dl
zH%>wmR@W5VJ1AbGLejA|A0R37B@)YGrTndmAE%B<rP?h0s!^$$sl#Y@Jqgt<tg5c-
z8sv+uGxMwIu376e+jFon%RVYC$eh5yx!Sw1hAEe-y8}K<NpVY&WE+zm$&PDYGp|o1
z?Q#$$d4}&A&`<AcxqTRq(+;4jZn?dj{Lgru{#iKjk6z){e+0_vw=@08ImoOZpBcc@
z0hYwcUk5YgTbT0o;RSm&-?91Q(vz9Deazdp&Ajbp-mWwAwl_C#Ys0PYF>m|Kya7{H
zrr<s^Z+q>$jUY+$w$IGlJ~MB7?YteUEUBW+_?frfB)FBYMMJBYJK~*mtNtKt%u^zj
z9|l%0I+9{G+7S#Mfs9~k*?5uy+mQ^eZR_MJR&FpN=QU!%GR5YUciD@eP;#X)p^@X9
zIodOK$;~4tKU(rrd>l=liueoFK?DvEE(q}{&YoplSi>^=Q|U7_L-Ol4e=Y>~x__$e
zqiehro$7PF0y@%Y>gEz@(o0CO0Y{LmQ9~wQkV?rKeppjSosCb&vdFt<fet8f#^4Jb
zxr?*Yk-Vodr-C>&ocKP-JKeq!y8yT#dTuy*oRpmAJ?8NL8X4RNNBd;Xl-Wa@sU!#h
zlDgjnyOC{)U=bVRa&sWifJ39s-RDIs+uXn?14Cz%H%lIO_tcg5vIeY1!ym0&r(%n!
zdqTQ!02jUK^~b#8LS5aG8HRpJ_U3F@Y_9d8ZDUszR`oG2!3C~m3a&~YYsJ|#L_>SD
z@fA6V$+AjH9Dsv3jSh+jf_W;03Bx+TbslP+T}N#l-<a*FW}TBbme0fuxT5V<+AwB1
zON)E*#Y?kG_(I0&(A<o_5*njGY6@afgZG_>g#kBDwl~5K(bk0Yz#42eg@2LsaL2{r
znojLwcAcfekE$Ityifc(%mKJID!y5*RCMw;Zp{HF@m+N~`%<)Ko0FJGQ_RkJ!N|Is
zN{YFY9Ua4{;%>1Qqup=APaWF~ozVv7X`S^&yW4;rk<d#v@>}OD-T4ne=E*4U^XRd_
zVOqx=u+uP{C~Z|lQN+y549uT5jDZt>qN`!eZNzzKdE=J)nyroJYEgEt<I<9vXmW!g
zx1Ifoq(>iP_=Arbm$P*AfZ9=``^D$TmoD4JU3>Ajb^#<%xf-)@7`Af*vw=s!1y&x1
z)aNGr(ClxT8b9L;XDRBkwrKi-Y<Sc_nqM7zE0~`EK4icg1sVNrs(<%JqYlc;6K(R}
zrKvza%ynXeX|j|5SiO=G*i|u2++G(wRR)$!5=>cJv~mX*CN^@8FDc*H`+4ubx0}L%
zuK{F%93`8}n`l9I%t4LrHZNx01$MP=cMuvQv?^mRScoNnZA_$ydUWcoucI})oP{3t
zJm##}H0jN!F@G&-uI*+0LTq&DsM9=|J`2)ji491X-gG6rmFyp6q%zV!t&m0B-HI}|
zAm$j{Gf3qRB;DnfK8#b2<rjRNQ#`h5bV<wYNBQ@W=PdkzN??=}84C=QG`BcOnFc3Y
z6I+faB~}vRfOK^G><f6AQlc%H4ZZiy(K}{eK}uao_r#W7ty}uDt+0{zUe~)VQ_ue8
zG|!{E;iiv5GNVbp04a{w`wGV2x}|6DkCJUN8X!hP>0hpZATwu0{<E}7!lNYkOL%VG
zQrvrOavhb$zCtCc%U0wxThmciNSp0@-b7yuggB^Gf@Qp{e6arqY8YdWY`23Wc6S-m
zMC$CJ;Xebo<QDPbP$*Oo{xg$+lIBe_SD{y9=bO3m<_u@9Dq3#;vVRRoYx<e#9!;*p
z_Me+UF*`a)j|b9YX&_hpf~C7s$i46@D$Sf8qdBbz|30K?9mR}{Zuh^;&$#L}!B`d!
z*E~JP#1vF-f^7h5&Q&|p4d|>{&CbWwr;>G1VaGW&XVey4l5cqzc@{FEt}1|5XC(CX
zTuWaw#|H2(Qef%t*j05S3i`+&#a^BbBtmPoO`c$$qLtnpLW4ms&TkrBDG>RVP<-Ka
z{MC6v^8&gl7_2&<ah=Ja7KtCkXi5QQ7oNl@f;s;_kD@CDcFK=c$b(?Uk2W*@Cr!AU
z*hF=70Z$aCS?BiV&8^(Xg}dgBt~8DQLW`5u4&xV6%Z$Y)nC<CQUfc93Ad&GUr{v+c
z0bM#6J2L>?5xh(}Gaq!nMoQh8hk>pgNc;-_D=bO?s6pBU|3uQ9g$rm`E6X7Un=Z33
zxVhz)Zll{3K<Q*C&B+1S26NKPRqKb|Z>w$-sGIApwQMLdz{(wN&Bn%Kb5uuM{+xF$
zP@}XE=|KPnB#a$Z2{3X7MY5&8St(KBEkji5xsGSy5L)XbCSq02q#A!8$Ngd#Y7MP0
zTSGwgpk)EcE6p`7jM_^K7}Kr+MUk^wEqh5cgb;$7znX@*a92JSLRI4i;8a@MzTgz4
z561!o1iW;O@Y~v*Mc9~16ieqpzA-L9n5v0k%F{Zkn-v^7ooVO-kS1^}k`bYHFmK1N
ztdMpYdYsoYJu`)wZW(YkUxD_m<E;Q6Ki3NIdGe9F;Qfbb8pkOkh#i2pyzqq~K|lke
zb|Svv3OX!UUkwhgD(GW*6In#iQRAN4U>;ES7;LOHxT_Ug@eiq);AAv&h+@d^Y<%ni
z*5m5H@{YxtrWI>YM7etDoT*&1kYf@NEzy?h52T)}6QhA~b<U;VH2)M)ZVL2Yj^8rf
zhpt4P%^tM>BF{Ai{~~|s6Z}JAo!n#s%$x`=MU!YP>2U>m6{&}5a;BSnU9FDHoRE`W
zO$lS6Z}d=p6ra*NH`5C@v9|<vNpjRWUL#4b`UCbuC}tm`O{;I&mGD;a?fwd~JLR2p
z1Lwb6_qdhIVqb>8#({Iaj3-Yq70g&{zrQ2*{d@84Zu;9G2%e%V=k(89thee7o%?w-
zHL#=}n!I~mef7Tj(AN4BcGNFi7sr8jN(oL_hh_A46U$1dZqBMqFLPc5<HDui&Bb(*
zov}}RI~`FtpU?-oWIIb#fZvuk(H*DxBk(I)b0ezcJKyEe%#0}fD9iIY3)iVYC3el1
zu@NOVii?JwI9|8~n~rVkd)@<h+>0keUqqrk9Fsa%tUSJyFA3#X1+eV-R=YP=A=^qu
z7%cBg&|sQd^Kv7`n|$tFNNut@ry>eudgyt&3RhuZb%qkl)WkGHFTSG+5r#zJBO%tA
zUJy}5l9PDDkpXNZ{sFzn6e?LGL{GseHqIV|VU0@SHqe=BiIyGP8(u3u`({|d0MWeD
zcMU4}1~)vT&us~iz;Zw$9Oh!VSzHCID56{ij8XK7kQWgRO?o6b4w?ZjKrqGuau`Dw
zD83~d-eFe&WQTde-otJNFt}mx)O+klA|M?!!%SO=S2F~aPG3VujCvK+)zl$G(2O^P
zT&Z_X8YPOdxZ}P>PSh1BDm~_$-wiB?JX`P;Yr=*m*lE5TU<&r%$BPk!26e)#n{9Dx
zmfNd|kWG5A7Y(mL)LmBFyeob*<|SzE*b(=U+%LJaX{%G)vc0f*gR^u)*r{7r+jOuv
z%*lV#-uYqYzSgF_Ew>FN&4~>fSJoQu$77H915JC&=KdIV{;!SqsHr>u$V9rK)ovwc
z&TqxOUA+q%<4%5<!|9rjW77cSv*}Cm$mTWi-aOnrvY@!2pv5n2+FR`0yKJ=DYZ={g
z+e=M*o!HuN*}C}3roBDleMXnf?MYiJW-q0h#(|mHhw}GmYVj7E1oTGJr=9IR3-cZc
zt&-B0nOgWJD3htq+rPmZbviMT4Hu==<j)8pnl3%Mdrp)4_Xo6uXc{}V4OxqP$rj6Y
z%N6^hDF!|IH}!8*pA(4w6aCxY38nG5`ZsnK&KwQ`6emBD4-|RhGsk)Lz=r{hzKeke
z-OFsQs*<eA)Q=9}A=?!mM)ynZGw|?XK0IWP01w$tc*u5z2Q?MI!>ULntFRMz*w7Uo
zmf<~Y;9=0`!9%Tc@9GYKcu@ecCS0~BzM?BY{E>PZ2V`zB0MP+&Gzqz{b?#dko5b-Y
zFfmBj^~bZcA#I1LY<@!^aaL~sVWrjS96W^g8F)BYkXz`#{<q*k^+C21R%4n|;H1a&
zx5c-06o0@J?*#vR{Y~Qik&)!z>|Gv;Egrjw+d8<hV^WEN%0yO=M`Qq#*sRV{6yN^S
zt$z>4j4fC%U{8$nF_7y?Lry=LK@RY>i{(D!tXf~!r*2XV+gM#BbyHcS=7ZQd^{M$q
z1a0jcug7WVU~X<<i=aXm>T1+Z4_(>WT-@Q)_$#t-Ql%KdbL3=96BHq{QfCLI3!FHP
zm1WMz4rIAJ&lciP{jrQ~INwlkOIc?i8f0T^4UG)Hki7t++`!5BYqRMUo5jIw>Bgs}
ze2d*|0$g(Pa06}-AH>{f>V~rVRC&3nKgt-n_=~k!iQs$#4DBqYl-_batI9S<WsQNP
zPkoC_eeu6$ie$#a0Xux_9s$fD>zW((7V!IGb(zDI>K54(A1pmoKke4E#;Vznx-kze
zoD!{xvE$Ws+ac>i1RrZ^c*;~`4Cft>PS2Pc!b%zQ#Lec&)|e-DH)SwG>;xY14{G1L
z^lFHeOcZA<u5Rg4AfNw~rHEAW<0KyjTqxY(I)!4WUQ?Yl^92L#U>sK*oXNN~ZSnWr
zn$6C4Pt#YG`<>>VdccY&5+b@WH{IL2&$8<{fZ+_?>_2bA-XUZdqn(zn_=i(p?CbTZ
zXs^!s;F`}~JHlo{E&{Mod`PaH(g%d}z2Z-p661M0$#5D;FVWr|Mdsiyp~%dc?K(@x
zmH00Ki8B^UxJ~ys?m%gQsWJYjtue6ieC}cy+2O|<e_U*YP{(PG&|8hadKc@-?LAJB
z8`??S=(+uJlR)@1RBivrbjN$&t=aF~c|4y$Xz|N0<gDXt<|TeKnmwnPOEt27f8|!L
zqpGuu;4_^&2aymB9mK|^$W0D%Lm|@#R0)(eqhjKan3s-oGR3e+ZtI6--p9lu9DS0r
z@F&pfV9+i#>?KOZJ^D;N2WZ)(#<BKB$$2f6eXEyDPl7Ws46Oaa0kDo=rJ&MF$2|*+
zlJ4;`sXlT4`4Sg)zbvu0V(u4o9c$^j3e9Wr_uSC>?3N`V{}%SaC6)ec{dDth&`)>&
z8vPXdm+Pm8IecBx)4xz}y*SL{r^wea+>+kD)DBDf7`4Naqx{qKR_x1KVo6{BIQ<;$
zAEO_~FVRnlFXjA_em=1~vrGE>`|0A60sbfY8R!#XH@l?N7xTMhkiS_!$M_rdGuYQ*
z$dWJkYxQ%izg#~<{Acwu)c>P?zUa$0Ysqo`uk>@g|Db-#{GaIO1Yc9S<U~KEpOgG%
z{gnH+>t~ohM?WX~H|ysVf2Mva{HypuA!>-en@8TbUdI11?oID7moxVt3zWR&J$$c`
z8`C{bnJO08XyQj)O{Td-epFuK41ED>jcrgzIIWAchv5EXs2uml|JQ%0wul_V<nueV
zgoX9ST^52qA|!hgd6FIR$7dRTvGaV+Sau2j2mN2+|3L%P;Q!zBVDUeiz6KmhpMKsc
z0}C<(Exqle0*?yn4L)=Ffn?_`xdMQbHA6uRbufCNIt$oW*DZuW^s?<Jf<a^*Jao!y
z;`R-&$JB1}bwg}-RinjfG5T>KS(Mn99r(JcME1Bf9|>Q@&kA3|=G!CSYXflR4_9tJ
zzA8BLA^56ZbEHOb({my05Oo)f6)!1_4gcC=tPIwJk#QJiQT83c#f;+bdPu%WU=&QX
zA_jL0G3>k+rp};l7~D1D2v~Z0Xh1<s%bP7tKV|TC2q~^q8=|)L$xkA(L&&fKe;zil
zz)w&&G_xy0KS54DLVrz|Rq0=>pKiWX*&y^d{S^A=>ZgZ)wtjm0Qe}hCmHH_%8YmEY
zh~E161NC#1-&a4yeoy`M^|Q1OLhsR!<4arxq2JR_KmTq0^!GJ<5L)gbAhgUSK<L%_
z8RWO<=NSKK{S5XAA}oY{L_f#+KiAI?W8VZq|446N^nakA<NQVXIo@BOpECbD`Z>XG
z)X$0jjruvszg9ox{uTNe=5w8~5V}D>r}z>5RQTufBa^zrFq*h~$J`fS^pAF1jDBr#
zfYDPYcVhGp$ut-}GcWO8eQ^jzH|^?*(QQ94wI!EF!01ST(T&rD(WA?~@8|&*^~BSJ
z(1AQ*%|<a;mHI|J*grKNoxe-n-e!$QkHr$f=(RZdl<_Wr_Mi7M3TIqvW`fMI#wOP$
zwszNUFdOJS*lqT3@tkM6>8}F&xA5Op>@nHSd;bFO*7yFXso0z?-NFN3Csr7`XfK~z
z)p<3ZwADZ2P9Tlxr~K+}4GfgGc_*Ms73HcqRRi@-G*t8dYP^5>G;h3L`qE+J{ndZ`
zzcAi?e+b6=5fA^%cz=nxmB#xhza8VPe$<XP@+C9gvkYC&qt^@G*O8U+!}y!@Gw{85
zutD;%9cB~Z;R~|L;^5(Wh{TQMgNdF|h#xuRpe{k6NWve~LQ7VZ;G`TIiv9UX*h>>i
z;v|?|IcL9$$zZ!*3bm4Ew#?{oB06e}_tTcr|6$!gIFzd&%(;e9gqo1Y(d1|dYplD>
zWFjbgQ1AatXNT_fKY5U!3W#TBP)?p8FozP{1<N<e?MvE;RtnYE#L8#Iw?^2qX6AKg
zz2Lcm9_7@L#LBk^yk(?uQ;gc-S})F|crXglndX5b<O)s7JfQjaZ)^3f0!Qv*(=?h_
zU{9J`;sorJwu?=rLV{AI6fTGm1B4LBOd%<IYMp-JA{a5V^Q>0&(&}g}y6p2~8nzl)
z@S^vQEqLx~a=j%1RTy*9Hs$o4Mn_;qe=qF9ZoBrmvsG$e4%<Z*D!j}Wb<M?QZ)}Cx
zuRHZSsqwSe_N$zd@wHCLqz0$t5-zX26v^sB>}7i;&g~Yv6de#Q2>`$yRrTo^cr>2A
zZ(sj{L*jp|AbtSxYx?EKuTg~1cQ8e$D2U-3yt`vu*<t0659u5x@<bPSgc32c=CBg|
z6mgPe_0?d6it%D9n8XHSS;pq>Mio{zib5LDt;h_`I}fVTHA^U}Nq3t2@*(>mlh2Vx
zeQIuPed@XfNe+l#)h*ck>-e-&=0S>@sembNc6oixXR##{Q&Y|@ikvgGDE^MjFej!s
z!IDYz6abnUONd8;6`mBAWr|owO8i;bVI%YjWKy$cqBn99YkH{rwP-4H1`mRVP+Nd#
zV%bvgEVD|81FfEcW^}Eui4WA-pM$Yk6KbZ6DT@2X#X}f1lJknr4#d})Qy1iU&i!fj
zBASh)F2r`a@C39S(G#w6vB2;Ial$%Ij?TKOX>a#fS<}Amu^}VZJNGO@?Up&Eb3UZ*
zFUp)kK01h1lqDa1S#8<Q+NzICX7h%KGj3J$ny52w2UajMuHt&?!RP@h&;y8Ul+-PP
zi$f3dfh*2S|M0M|;i=x^plm{Vs0mM1yJ#hmM7o2*u_=h^9A7LJ1*~~<&P77VS^6-D
zf5ADiQThJrF>5pb8>-R4F)Ka`YuflI|HpY18-MrA$r60XJI+^}4YQHV)5OW{`CVgz
zdkyJ}W!|FGr_;!*Pn{7-T~Sn@x&sx#oGP>>wZf@s-lfxt2$Y&bD7#Chx#`~qcNl)?
z&HvhG+|#^t{B%L;OgDXR`Ga)YO>(6Ny5MO}KTK2YwQZz9And(uPQUX9YocZ;VoH<w
zz#NSH+=iR5l*5KG&V@)?WFuL~p}UCZ_2wgEW(ph;v_|chMIl<Vyos=2a%OJ?6#Tb1
zdyk~9WRf;%?XbIiQ=g{Bx&q90o(T`mZPyd&+{GiEe)hUXT@2r%Jg#eB!Y_K6!D0%G
z#4r{+<*^DCMfO;nX~()e8p=5fx(s2`n$VW3jy1@^syCgm&DeNixoVw$6KQ%ZO?Nie
zLKUQwHg=@a*O~WV^!+9>P}^;;&}0aAn<1bSa!s?|OTzucYD*#_@-0GjWEEaF4UXJ!
zNySW26E__gAL*>;Xgb}69!R1YsvQP=h7y9(c6+RaIlpR=LEOvH`osZubfbpKvjDNV
z+9>njeU%Bvwhsa~DLwjAMuCIF3dm4*X`#Lbus?(&2^43}*R><<PyzmR8iGChTMO!s
zh(xAx9nQut^d-P|;%lyU3-r~C*_#CQ75;3B!5U>t?|j%my#aYC^1JF!ba+=KZlDOs
z(pZ(9Nckuy7jEkEqG;+`xP&+x+|&RSqL<76H_qx#ofb{o3q{3b#V#d1!IVK{#!W{%
zhNTjOebL<(Sb<L(xVr<wX|gMXi>iYVKQC`$8Wind-oK4g0g})g!CwVuyQ-qrqQ&rt
zWSQOGWoBuGGKpnBRz7BOtvmD$(6I2Jc!~upv@dn+VVBDe_rRT+#LeFCnk}O~<{NLD
z&H9h;vRNBb+yQqfhv|p?@CMzk7w@qbtVuSOwr_deOq%R_gd(2o3o;jZcPCXcNS)?A
za0R}reY`ojR4pfiDaoAFQRF+e$i=xLqJl*#ROOu)>ZLXJE-2I9f2cmxC_`~GCh}40
zoNVd$exr461eR~8Fz151Eq`|)6zdmF&z~8|zTkZy!bgP}pS``TAa;!ADUq*~&JG((
zHC@wiY2!M9z+RYIV*MiNo8ii`-g%;<gd}HS8q2gA-zWU9xTzl<Z&=p(i!>RXz@0nq
zm>Qm9^rE1)cPg?Wy_uz9q;G}Zv7m`_y2U0i7V!1f9OqKI6V9cF;_dxg{7UTC`TPo!
zM5b8cgj)I`D<&97jyhmKY0Gh@(`&!0PUps($KT-ZnK%!ZsSgcAqlli*6mqrTt%I|r
zeQAacS26juxycvgL%!_%UpH9ue=gX@{FwP4nG1`v-XJL9m%$Piek@D|YzXuRer>`>
z{SAV5o===}4KYBX6N#-ANuP$;G;~#c>b6xt{c;nJj$b=JgWSY9#Dk)HdrZ9dfWI>F
zuymTa)P*J}=XauvXj|tsbN~dNuASbcXNlf0>z!$w)4d7!T759^fKe}2O<MOWE)zif
zo$;Y{NX17ACcbm9C*Ln;c$>ZBpeh2KIbSqWeWk&%uJD1sw0xxDBGAWg_C7O{z1c$K
z71?1w|5Xk=uK+HQ3paa_tvvub?oT(B=GRsSl@97l+}eRCSE-8ht%JQKvSdr#>RQlq
zy>$Y`WM^9=DVPT_u6Ly^;QeijZSk?8W*9$SXu#aehiMO$`xIMuRROX?Vmah7SFQg|
z1Mt@WUn8)&UU!l;im%%`>ujBigZfN7fdJ8e_RFCEJBah-roN8Wep9THfpm;;ey)V^
zU+ri*J8XtB48nKJ-cgJt<JgXvHIjlv9oaC%4DL^cLU!PP9zHC1e~(!l(dN{3wSfqF
zL4&||unrASmv97aj!CZ3cEN6<yNdL$1D?TWx%lGY1Dm|E#F%0c`!8Ban33@yXryKe
z0_W?p*9mrk{pOOL*RrL1|Bp=DcGf2kawCZO&~or)@!v>b9n5a*++~~@1>jh_R7^+@
zuTby^wzD0^h~eA^S>fzojmoY*d2IuVHV9jLv~rJgm%<)#*Wxrjte%t_U41@0VD&T^
z5;ZYw^X8hc>*jH!9;chf3OzQM$H7K|G>=7k#Bz5yuKufLx;LzwsU0g@`X@#~7igUc
z$aafOkqwes5L+cq-`E%EWn=JC<y5c@Iu)>EPQ_*1P}}c*V?Ql+PaKQby@!Jee#~!_
z6DX{77W3#P_IGpcV*|7i*SzC^AP%$_tk6p4BY3*>kz3Je^<t}hh6ivKF5A0u?vd&F
z6va3oRvIBwdi*!!;x7$U$N3vWlk_|d=u%kbS|aM#^3aR_E-c~CrDgoNlFQDf@n1uk
z(+|(Fe$dfd6@i>x3rg`Bc*JkE^pS_u4KAcI;A`DZ43qSn8uMatb&Z`$AD#V{@UwB2
zR4FE5si|d~cW|(Q>1_)viHAOPfoIJYk|D+=cg&QT3Yv=<v)uFrz%~%%rf#lvQ&%Fv
zz8!#erilHB;DQ(|)?{LhlWMLxy(s<xvfb%4j}8U5;3*Fn2Y`*1$Wl$2I5ZQ^W-zV6
zmBF&4eqAOuCLL}_+|od>`4LOGdLD%v)Vn9v1G9`Gq3^d}lB%%umnBlz7T)QG*5Mv*
zXgAeDegiAZiX&Hfb(bo?XsbNVR(WxkD$`@KTa12UI=Pt&I`E-=U!r$TlE-Ye?*;34
zXIk#yzey$8$yF#|WEp7`Fs>0PE^X1(f(;S?tH3Ar+d5b^=D1c#(@hx)%+wn}H!!UI
z;HcWBcQ~T9NKm`T+MSEXqGd5fZ`2`vEOjOK#(Tmh6=wP(2bUK*OFu#Y9>248(X6Xv
zzI&)j#^2J!33YP00h;Pv-qzjhOKczS4H8V`_WO%5!)sDUS#<(ovEUaPm4&-{83a1J
zSPIZH?aeGZB8n4IpRO&5v)>6o7#9X})(vFWT{7e?jFo53bd#J<r+fUmomn;I7;Fh`
z6a;1BeRti}s=^$en5HL{CGIE#4ti{FGH}qUqxSTenW`Y&_xcwE2O}OoT5vG%M;u0G
zx03ug$(dsbU%_g)CHR1)`(~8{4)?v}#bXOtAF~X3>tbRj4bH7gnfh-a)2>}^;W}4I
z*T~Led8H~w`t&XwtEFhT>i6BGe>e&wAQLOx8M}6o8>~SS1Nyo@W4<D$jXC!v!(@BF
zk=2O()bP-Gi&DSKF3QwWyD0hinRp-C%uGs1izHvg`-{L4wc2*zdFP@NdbjXT(`XLP
zDRWG2J&i6Xu^igEY6rZJF>jHvWPQ!eMba;xhc?JqjXv@dgQ!@zY4<|!6RG*cN%W#<
zG&Oyi*&!fS<1h^^sV`CR1tKtj&29<@&=gv@S_r)E!L1v*kyye*Jvk1bj)DGRj<T}0
z=v8N-VI0%N5j;`by4KZT_6at)wvxy>bBp5g6!Jn>_hti{i|(SA0=(ya(JxvBp)9P5
zWVu2pRj7+=R<Ocu!Xu8a=)8KcLlRK)oxHi}!dg6TfudMziE(h`6nV2Z`C&x`A@B!I
zj_G2ef(&nSD$H%QZK!TB5lO6=*>z7i`*jqSl3*|(^k%aeWX={?zF<~$>s!I9+U(`G
zk`2n1_E*o+W6r0PUG!g*V@P#|tEE>6vunLqFH(%6n+wZl5QY@HpWWWrPYBF+p*Q-r
zpm5jRVdP?J9Xmsxmw7+p^UR5!lPj!M$z345?_&#6vneAUbzgt82fS^1k*B|eZyAjn
z{om><SI>@fy_lPP!B|0jf`MFR2mdoMJ^VCTDe9uCdH;!Ge+>ui_qL*;#Gi3ZJQA(h
z6Dx~gg;=w3?zfGRrAJWv#x`tUZIRfUnQ|%_ovY-_RDz=i+hkwUYpYPsoE)inb1q&)
z+aon^&28ZJkopk%F<>pp1~RiKY9e<|Q*=M$gxO(IRQk}HS|cN&Hq6o7u>`;BOnWw$
z_J~Pi(|*gVFlh{t{SfB6n_IJEE-NRXDMY$0p2L3_Nn%yBR<VytTlf?T>+LXmZYM7%
zc@ut>v!}t<(9GCY?DRI40)w)uz%o!w9A*`};6lolH|-C_F%J>dWMLLuZJg?cmxr5n
zg}5jjgTAumCWe!Vykq;P1E)p~pO!mM_8N2g>BJV*3(lmZ$B)V-@+rX}H69uF^=~@w
z^mt!NgyMa8RAycUrfdg4D*d`fz#4KVo_HETSdll-jDe>D=e}iD&j5Pe+fuYnL3tsD
zocQ9kYJK&<DHB|-jEF<wEAtF)W-KPYOBen(bFl0Dxv66~E0WUcb}%>f16?`3aLv3%
zcXf;QpTyq&bFWi@HL=q<;m%;1h4Jx6F<ek*h1^gJE7laLS=Z=|N4MCEgYTBin^-Z=
z`7#~{PLZ*{JU*HZhbR*t)by8PYA=Wnptk<I>S}t0;zgO>Dm1%0c7KF#s%72YhoNwu
zI>peDF@L=uTwk!agjeUzUyv4lS~-!YCVus<k*}@%7Ll#nBD)F4{oYa6FH@;-a&5SB
z*|_W9xOE^et(gJg8<t<A6z9nek#zX8@y?S&ubeSHd0FuR9tU2^<CJ1#$W~g(wtvb^
z*6Zg!!X*$_&#82tT-)k*yMB#oYW4fo-OzeX9o92XZZO{^rxYU0wP3Kcmg0RH2Q@9L
zS~RfG&9*^>Oxo3R|4dBeCyOtgk&N21(R5)UcgqB0sB8tc3twk|$=%lHWsTQY!%nQI
zU@n?@?7}ZHGnfryam>=QAE9{$*2aX{KZeW8BlL_se2g;5soM$DR~!v}^l)LU3f2(z
z)@go<>J)k<UR}MRdY5nFrllu^Oa*MT#Q=A~!-es6h*9Qj##t!R?yusH3?>p=56*Bt
zY^mM_W$b(3M+2~lxViLn{pQP8Vdu%)Mv!&W<{8d4ug`F%Z`$e1+Vsi{`)AV|Gn`kJ
zBandeJL4~t+P0mPHc{ahqc!_t$5dy-O}CX6u!%je+QmdEi}~f>;CDhF+4G`vB5Vd&
zF+D%0T8wSk!*D?yHO6n?D1p-rc$njQ4lI~(b@37t@M&Xqi(Hc5GMB^ZQ!MeWf$31_
zrFS6&Y<zxwa*rqPuke%dOfrr;Y^!X_2(sF&Wp7u}xiMiDLT*(Oo+`|=RaG%RDDmMl
z(e54<Ccx^*knSm<B{AN{-8QeKQ#)IFnlCvw>N0=a5fCfoqvuSu*-Oee70(z)a}q_&
z;1xJK3TH3D*CzfQdQuXmD>&b%ae6Qk`8V?oh8$VHoyy(y8JQ5Pw`Tb2S;aW!fX#fB
z?8~w*#vDdk$IVDn)!6pTiQxrkLGXp<I9D@}*ZG^kU&@p+RdqN;c9|EnG@Cm+n4L=h
zC>H;lPMAs}yEjKxuM$N;lSCwoJ=s|Qj#lXjmA;$dULMIn9Qh)w-LpD#f1tm^$>CD#
zB!MAKC9V>yk~<RZ#JgSZR_={s9NFUEuc=JzEo|g%jR@7;I_Jp?x^cJ8O)Y}gceV>&
zuW1D!TL8!w0i^!iTzZ4a*|d!Ey;OW-9^5{!Vr%%bX{~`$XI87gwRJ{>*yZ7;S;>Of
zFfCsvO&wRg0e3N{CG0$~tUk0ZlEsa74e%@TxJBxuG@#q|U{5)EREzUKYhq6*7MFSD
zZKFc^s5Kf|L(s_BRW_|#XIl4Iy-n-hnN}F9v1x^!X+2`YY+8@bw4Skk)h#s9lO|h0
z3<7Vji4v`&b$j>7Q(4?3^*<NS0Q<ig&KxsqfBAr8`%zuSC%$6f>ux1>KF>!_SdMK^
zQS^jXH}tyeJjP{5KJFQ<^|EAt#0<7gTW@nETy2EaT5zz1)IaHu>zq$4gH1T(caJ3B
zh%DGD#arxWoTWj_yJ7U-qk0Y0ZZQmWEd6oVxp|QOTu}mFUB<F)g%q{(o8i}+;WWO=
zJ+F<g=+DbNXE>QRdDx%_tsPWo(|VRo<mL^n-y2%L&Cw8%pq91AAMh1%R+g|c-Dg6<
zzlo_r!ab~VcfZCQ!47*p-QGLg6V?&GHWWL5Vk)*Cy7RHSn@gt<cv`oU{g!*eYi?)<
zCA!7RR05&lqsZ>{kyhW7i1vQbmSFN*h^rnw0pA9X*<(T0F?*|dWA@tY9-gEBfxSsX
z6l<I$5il{a$}ZrhYtWOE@@(?8a29fqY+Vw<QQ<_*)(}Iy$dlnJ)7h!N$hOmP=d0Oo
zjXvVyhG^;-ykcPjSSiA>B(|K#-t^fI1`>7P$>Irh$+ltHUid72u?PDwTtCa%>cjm^
znb2*)R^=ccHY`Ry46VYzG>VUW_)kMA8>w7gy$PD!aNj`C&+tbzZ^W*O)NG1f7U5}%
zOMqTziqm`>bvjGW!1E(^d{KDh_IOpKW@GH^XnGF3!>ZUB(e$mM`kKGRPIQ*u1oO43
zn<?4bMC;p6`PeV{6G^;Ykm(-D0;5A~P;~YpnDU=q_^bVg*baYj{-Q#T&^E*_kuTJO
zeIYfTkbiW2x*^MvcdS=0_vLrp&}%M+_PgJ{Fg={x;9dkKky#4+BS|%pfxa%X;GjA_
z`!Ok;9$ocaaW<jMFJSum5c4VJfW~kXD)N;60Pd}BvR7TmFj)F#5S#+^t?9O2m^b$(
z4`w1edxu>gxVX!gN7CQU9_IhPs16%mI+WPkXZDXp0p-&5c4z+z>0ev4vISf-{lfsd
zCH7*je?&uTV_~1%fas)b9Ll|8zZr1t)h{2*#fYSuEU#NGJw*C*T21lbH=5K=ddInn
zffhnMq{quZ!aB%z@V73D7jeg^TBkWB=t>W~hqc4t8bUG|st|eE2l?V-A~h|s<2!PD
zE0-xD4q8wm_6MXt!RROhqwCz4J&g^Y#2uOAU>`GVS34HFA?~stc#qsjn3<P7Zjg>;
z>QdhoUmLD$31?gClJ;f6p3t6b_VzEjtAXEwg4HHfPj<2j%&i!a)vemJA}?<dCIb?c
zEpwt_6DTx*XFIe+8y`k6Vt+XkJz=eS;4HnY7b^vaJn-W2i-sOUSZ?Mb&U$RX8!y?5
zj>X-~w|R}-qz&sBTi^MMV58v?%^=7-Q3mlZd#W_FAwujG#xeU1w#&D2Yl=sCuOMUY
z*ID1L`_cIUfT@rG>_g%S+W{-EaOp}^YI$pZ^vnPjly1O4Yrf|?BNH3Yxh9t((AjJ<
zI)MRr&eLxivFsHjGa2TfQ%GHin6k|6O(>X?q<)mTK%vYdsriGEP*29XU7p}OGi<3H
z@Doj66ml!qM?>6*u_4U(p?nzW2n4b(In82XVI`erB9bdYih}dp^1MRZ;IU8q@=z`Y
z&v-Jw*3E?AAu3PrO(q0S9f{|6rzkOFwh(|v0eTdGXXCiuZ5?g>jGF01p&thjcp#9^
zmY(6>uaD!hwr|*^?j#kD>rJ~GjoCRpihavjdKNxxx6~rvw9g*J-yO4uE9^Q^*VSw{
zHRUY5D2V>kx~(|e+D^TDh$v9kds*+D0hJ#n*{grFW=rEy;il0?x7^+n2c;hIed0?A
zhv1Cc!hbx%U%Vg~OkG(NNqknuxoooC+>(=0YT~m{d;m@bEtzkk?2vB#p<TEY&DNFM
zi7l3~H(UO*?^wou3cp6aM%ZB^y$Qzs^V#_p*!kADn59m3zAaNyy}|StPDnePjSrH+
z?QYH~^3I3HTY3T9D)xbWzq1cJV(UGDNj3WvF|q%isRlC2BB=`y2x}P*;SIJz9`g<c
zv+eTgSpR;G&wX9GIxJSNg!jI=BAmJzCU-?weBkKAaGuHSST-Ae7bZ1xHGdWyFuUqB
z*i!ABaJ?lI5tltqENoFH3!BgHbzx_1rCr$BBC)eYVrMPGoY#9R?;6BFg&INLSe@PC
zB59c`9OhK`EL>N7a#0XTr#iBX90ZM8qxqJC)fmtWHV^10kvh;^M^oP@GY}w?O3ryJ
z43ON&OEh&V=Lkja4IcBa1G7$i!`v6l+yL*-n3;G)3#@?m5EWUn(KWWF5+XT7hgU7)
zSZHD@${82aJ`&5f;U#)Cm%p5t*cXcTx8^dXb3f$Zu!f*+u|j|sOGX0Br+Qo8e00FD
zQm9xbrUnkz=V)snd-<P_{O6xDaab?u(=yXuYIKp*#YI^fRHrfH1pzoVNvs+vexc@5
zXJILbo4GEUx*G4Zf5c{RjE-7TH-~c4VkRWVe@#eD8DV;4+=}dkOi0B>C{8q>ammCK
z;;w0KY?hKFjisFu+NrPkB;IPhwg~q-`>4zrI+^6LaTpp<#T^c&7}f5C)bNqCG_oi=
znOb9oOG1W8OjwiUK-p&br__1A(WnRd0gewORuF^!;Sy(IJC6^SISWrV>lA2Fa_SS=
zA6V6c`<I;h1ar{qQ#grr&|5`J-o5Q#*QZ>7K4qHGrxfxyu)*k4dLBuia>gP0lpFS5
zQ@Iaq3cA{NzgJq2Q>t*$NQY9zNl1k)#mbbzUhqr)C%m$iMAOy?7dhu?$;oUhx%Hyw
zg~`>mP1~H>rfi?^GnbNG=bXPjT(EE4qJ}K{BO)2{CtK0F#tj*qxQ<j?-h3QVpG;;y
zzdm!zca&RS7i1Suun|pW>3|=W7MNp-oSMh0*bX`@SfO=8XqNiuYUjJ$j+XU%0hW-%
z*OHo#;>l7RnfWk^qeM$lzUFA{sxF$Nmp{m>6ur`4*}$7<!Fy)9cJGe)LH<mS_(6(j
z=Vy}ZN8y1wM~l8N-D7qx69UE5?r@em3?oxTbE$#wHX~Z#0o>GZ9QarJ#fN<FEY<nX
zbG9%FuD<_a3KzEK^rN}^X&~uTb=lo?<S06lMVd46LD&2Xl+O*p9r;sHm+FeWbsRo8
z1WRaxS~$&*1KRMPusH2|B9%Mj{Mh&O@8fd(OfKpJQP55OIy;pLljvBIb)2O`dva;Y
z_2ZJu!<Ea!yO#Hg;bqs7d8=c-6!g2Mt?`)X!ht<8L|-_iXHo3E&KaYo#^2}hD@~(&
z7R-B4d|%D7_)h-|w9!R=M#MPnsPGe^#DT)t>4^i~V;3b35Ccxpo1&;xaRGG_I~XrY
zgs=SNi4fQK0usKqf{tuiZ>pNFa7#;U%!2(wig;aZ(}5q{5jD3Yb(H*7XUX>1)CK!L
zP|2@S^8eg%gV8C~Hm#h+Yt`%leiM03%blkE-R90CspWQVKApzC{&M3rO{0(d%lt{y
z+FdTpQ%%>L@5>=3GnvEFc8Wh3J2n%pOE(@L#v^}rQPbN8oAz&ypJ^(p<jZdQa!Byy
zJidIQTjm%yITzA@X$f4(ka3tV_k04f_XNj%7ZlYky0T=^mHnP#S^&Xb$i%ubrB2v?
zN13_b$imMJKO<y5qDcpQNPjFCOzgRO4ob1M^uT1gc)j!F`quY~Z&-UxMH@<UpfYxs
zFsv{<1I5_MPnT0ca$TnP(<k#Vx=&+Kan+)_;!uV#FnuR<DLIS+AY*Z!78i$=(sP%0
z!Nm*S0~b+_b+K2E>ZYR$@gj!pRR{vupCTeEVjP`lMd!K+i4HaaSN{jdL>diA{(FKb
zlKZ*x=f6oqLCs(1yAvgfNv-ldTg#UcE7w)GBo6e!WVErT<c#c#sFmXJ@X|iXw(zcZ
zou<Kjl5DLl@F}w3fUTyGG;NQcp~f=R{ffz^Q~A|7iF--3Rr*ODt2fY7Vt3RhmjzvG
zz7_!GB8}d30bN$AdQ)|a>GORpu(_L>iPJD{x!Som*G`IuaMP$Wh##aR)F|jYze>v&
zg%bO!2<Naov20!S2PoBRoqJX`*6CIuBz`pQAJ;AgaYFIY3-;MD)S5as#m+?gdsaBH
zig^elfomdk4-yq;2GL;@+Sz6H+t>;?kSk4J<Clb=?2}v<-nGqX+KpJ1Tvk`GlTX8V
zZkdVRN}_uH2EW)mIn7dh9M+PPcsVym&--nfBVzs0OU`+)`Q62xOfq+;n*YdE^F1Ey
z1T^s!Np6Z{pLd!Qb~R^*5(levgv)5)MHmfGv8wS~b{3Xnd$cKYwdp@spMXfg3M<Ig
zp(}hMX=?abe$5KsMehz<;l^C=U-W0H_p+g4y0p9pL)=!i%a;U^o0Auj+|cjEhA<DK
z!im*p#<OO|`|uSb5$7WCyCnRFKFJ;7UH@>Je!@q|Rdodi&Fp6F>^76A-rZ(vbebQa
z^}}j)5{qpAsM#0Aw(xaO(+hYh{FMc-5xHtk<H63ZqWaXM2+zLgGz)<k`uU;69#C$1
zefk?jSznIL46?|TMTr&x+#U;XbNxFh987Vwrr5%WmiaIk(ZP*Iv6No}Bmcw05nv=u
zvV}<hP9B5W*JCH-->P>DqtPTLvU7{-<&F7D_;CSy%&l$_bvO_r;>dDp-q5^hoHOnX
z!PUZAK82vQwhtDlwZ2=@dldy*w-)u@=`3ySy$-85EG^qYei;SF*m+lEA8BZtwXF3p
z%Axx7tywBoG@DrYo@nyyXmURBO;-y3!q621fLCW`1)aW4Q(_mkg(?nP*hfgzlsu&R
z)ewGVM_SmQkZeK5|Gr8new|s3dP!i{l<yG$#_PjR^a<~Jd)BnN0#EcYZ0XlrmkEfE
zmEG2rIyTsY!x00yQUf_7sOQij)MUn^o;QBi!B8$Xc3Qon$qS3BTRM+;IIabP!7qjW
z*{qInV8X=EyZJ26es#=QID>hB#6n<a{mFK2RjzZ7aGV_frSPQU&>24B<o3w)=^VbT
zy@=ZV>Co0rUc<=aHh!|UIUAXSi;%DyE0S+TrHobHHOeVjG#Gp1#2#)~_z$L+-LBku
zGFsjZtu4k&PsYl7a#UAdgo3xOybph)<;DD+QhxM|)|R3ft*!jGjQ>{g-|C_nVI_u@
z8dfp~CCl_@%?#(Nw&0ZIroZvBZie#>l<haI;y(^e$aHQ(0k2b-t6%}Y!3oTb%kbmB
zk1p+6#w;cT1;IUd--)CKHH{h-pN)Dm6uS}2`h(m|hq`weYQRB}<RqOakBVO`8TdH9
z>y&z*kq!^l^K8zFI3v^Wr5ZA}S1tw?Q(*{-VtCt)zRjFk>l`h)EL$3%OMt~KOm%(o
zT!Ksk1&g|K-R@Z0v}b-gPlqRd^*PvS(?;@deCWM1HBgkjq6`US-dWRvq}NHZmV)}g
zd&U&a@snNjW77=ts;RK&xf0vqh+cIuaz0MJjygib_F|j&$KBcN!=d=xNRmXA>d0j(
z%1Wp~b7G?F>R~YZq7($>Ax%e#YWNtmpP?Q4=#DyOpc@@x3?ybSyV_W9vG?eLBzI6;
zn|;=g@uY(ao=w?$t~O50S8Zlh=gUD6R}EBPMUbN2Z3cYKPZr)0NzV^ORrm^1n1aO9
zuPZ+*C{T9?6nJ&F$3uR9^5xJ}QBRPu#L9!V6PYgw-gSB#44Lja%~uH{&QA`!!x-_d
zJQ!%bYCdfIYR8o56a+(|v2ak6uooK;Nn$7^%}~?6QSsw688c9RnZdvzYHYh&+37Mz
zBkxG_6tqX8vrs}>e#Jx(rw5-?xwEjI%>QLYXx}V~ca>I63#?^v7RrU)mqULwK~B-V
zDC%rN_XXxm<IVM`6`KA#<y-#$Q1>q2QB_ytcLp+$K=1@eAR<c8phQJO1x++a1`;@<
zGZ^a)@2Hf5SjA+9peRh31elJa*s8Uyt+chRtyO8Y$W2H9lW<W22%@M2yq#eb5i1EG
z%>TFcIde$>Yx}<M_dFlZL*|@)_I2&O*Is*FAv?7dqI(lX0u{<WO+D{3uKb}aLoPct
zRNsMrR0s_U8y0@XI!~3uS180*eQEIeOa}xNr$g1Lc&zR=eL8>hw7H6HB-Cmf^CK+j
zDBM}3u9Oei?^!N7IiiFZUw0w<B};@1X89>gFVR*D4ZlV*DwUS|ua=%!&53s~&Hr0!
z<`OThR{fM%z=0+L@Nn8CaGqm@j6xXwXF5Z-+qg=I#T+V*1LUAoXVk}~McX(T)>aUL
z81=fb=%{eV14(}iRD06`KGGendo-VDga%emvh5{z<4_@l8M8L;H0eYQ?kr^;IuV)U
z>&OMGKd{SFZT`A0yDd$dEB?U4pVJ$wqi@jB1+T}tcReBR>D~-EfPO@I6VHck$!qo>
z=~kKZI(4I*^1c<YGR|*t_&4S{{A-`(f4Ai{5QVw$5j0rQ+d}-xkQl2BsnH$SCtI}4
z9L=;zjHJ}IhZ7N+x0-W|>ARLAu{=J4Hh16~t>$LxWGV4%jzaE}k$gFt@_e(hL`BNU
z4MU7I9l2jQa_f=x4YRS4#no(gq2*$8?r-NdDYm}UeGAnn(Y>i~Yp*rchf}9)9t*`;
zzqj|4^^%<5L~=}xrnj(t+O*fWgpK%ehGKJE1)Br!NUx=iHE&~Q0V!@{BbBBPd*iO@
zu#Tv=)0E9h6=!cxE^<<-T;yI*b;K@may<h+P;!;sxWlDpux8QCl$_bsX3kMGlELk)
z9=Bx2-Q%YJv)w&z_WQAWTztM{yb1NBA=DXHPx_P0a0m6I1uW_RU+X7Le6<}!ezMbo
zNNoPi^9=JU|L4<`oaeS&Ou$j%9^UdGtQ&mhff06zx(ZHVg(@5@n=CjMCb4)4Qy2uh
zQ%*fGeGl3D^Eoog9Xy9Ta`H(yzNHht{Ci4upA|>-p_}z(^)t_S^O>gK*Xu(?mgJov
zq#_t8sSZOmT8as2$o|A@CZ0l18ob1XAVsp4NOQT8B;8SGr|=Q^2G`#d02p(KMFl%|
zCLKYyStnV_`RlS+O9$Pe+I=l8uyo5=hM$PxAJ5|@*93W*Oyi#|PHvn%(XnxrL@$nO
z+)m>G(}mkKIRTVFSk6QA_2Tk@md~Wo{Yab5xHSN=F+B6*WRh`##UDN~n^X9E9r&By
z%`ff9-^5{9_C=^`wdZf@@6xXre>0T*08?PHA}@5QvnjrrI?4-meR<qp>+3Pjo&I{v
zU#l)N0elM>jr_umAFCElt}>p`Lu1sNXh4arzD!VB#3Agr#ChU-=m*?Zp8%_UBwCdP
z^KEfKM=om(!m*}KWIt(0KKg65pRhb+)xImMw&<Pd{jvTDi+N{k{fluBJiB=!$b>72
zW`I)GRLUi7nU!cUyrb3R@lm{amBL~x9*RHM4`nHcr^)^JgO#9d@$*^_U2XY;UGKTb
zGZbyR4*gf<<?5u$AMoOz^;<nO4VLDC>D?nYS#KOs&=7?#TStG(ID6~MVNfsP?4gF!
zw!=LT@q4{@pevZ#_XO$b5Z^FB@eix~iLIq!c4ZPgi+grM1~0<xX77PWA@N5P_}rmk
zm%wXv+5pcxnqM63h%hM=7GPmFt@aJxk=+fg1Ah1(ia>?}bEO0O{vzC@w@N%Ogk5NS
z+`&xa(2r^NVZwOMvQ!y6Laq{X;zGl>?GPtK>}SChjJkwfTOgV*`H0eJQV$I)6t7FQ
zDKv_%m`(M?Y>u%+9)bVZNi=#pNLzd~)L#BJ1NB_TVw-O^mT&z^=U1jRj83<SdYymm
zj3heE)X!A*0%s}hN^S9#>CdN%OZ+tN?4es~#K+Bs>p-lb;h!OW(Y4b3umN@d`cC42
z1d%6eo59c&L-|D_&9WU(k|$qMa%lL2Pr(Nj>_#zJueYmHpMxJIZd#Sf0u5non4_o(
z<+m%k)eD{$L=<aLs}(9#b(||iSNIM%BOnN*0;MaDt%tbHA)5zE3`=N+HIbwV^RLaD
zOkS>;WaS&BFkDb*U7W=*WnfDCX|I?#5lo40<z9oRQ-WqutRMc*Cj}(rRU<KWn_s}U
zBFq#W0&^q?$kG5!c&3_1sg)1oDW4%Dv49}My@?FvU{_f&FtB|5t?W}W9}^x^^hmv_
z#!OndaZO-9`Z8SOD$haHE29oQ%G46yrz1;zZ~3HvT~#X`Nj0ue1;`EsTRE)W$jE4s
z?1BB1%o~~E<Hep_wu=I;S@slFw%+KK*EM5*tW-v<RB{zvlB?)yE_&7c1}OC#MVL|}
zqeAHsFN%OR?K>SVo&67s2sd3W{dqULk>w75T1TEZgDPY70nCyA4rIFO!hZm=zN)}~
z2eO@qWW4_)kUg!cFy%iAUf(C4=+}$dfy~nq16k7PRSLl;{1|0l4gmyu@XgLl@eDw~
zzQ{IzG-6=<WuIqa2z8DtQ7)Q%qU%p41kh<}qoH>_8e~YYdrTIPU6m{3uzsFG4qut8
zFMoAn-?CRNoxfiyO}|ft!it2bz<X{Y7kk21k=PSv39T0Iobm0gC2eoErz;O-VD@tR
z?OjSz3ENwbZ|}^+_RbZ8s@y!6L-yjA&FzgQwqiWsmrFF2wOaB0FW8yG8wCb>cH8}l
zo`uC#xH=y#eMhEgGSFOP;@Up*M<=0LWh5kgnHU(8k*v3Xd&|IfAgDot6GICY&|Z!K
zZF}T75Mq0f{rdNbFw8NK&HO(ES^7)IfowZCt}9%!RGMuEwESsFKoiH434RhfoM)ov
zlSMoju(_xPE{R6#?mIB|EHtDVwYd)pg|h618NL60;g9}UL`V-6z_!_0Z(JmfN9t8h
zr}lCk{4#ynPhP6&cW<wosK?B=#aX{MPhVE{{A;O`ZX07IJF52_lUnQdo-t*$x|<oj
zr`Ao(7iH?b`m*J(zw_>{hp@?2b;xmEk9XE7Yw~Y-3=Ll+SF*0rmz_Q)=l;eO;&Ik&
zN+NQe;+)c$l+7Vs8ov0QIUk-jI-XB7YrE;M-}>0<Zw6DNOEecg(WkDS=*+Koqkg$;
z$msr&Jr@gb&5E}=QG9lBT*tDlaocvPkDsuVM5b(gn7W-h8r-&ndj31QE$U=}@5dPz
z#BTB3*|4%-%j#uvKu2k7Q}4D-;_pqJCdtc#o%z{bdiH)dH;Fb@Flut)HG-$BqhelC
zHMBaaaVOU1?IUrLKZ@l4GNJ$cP^JDUJeBww3r5X<=xkIKHioCEIXn8+9W_0xHojoN
zv3_qqeah;T-59InH@c>5+C1~FG(d5Iqk6ZRjVX=GmxQ_i;K8L+>P#~jqjwp=F3qpA
zA(VS<higi!0M}W+FV{JxAqmc9QyVarX(+QDEX{8ef4Z?jH0$s^L)jyysNtvfM9m|$
z4}eJRJ*g~EI_$7K_EC@D0-fH3w!L;3qN=slXy^7~AqU!)-PrfF&8Rvfm)JYRwAaaR
zoYH8moKn@rM(s7U?Ce`7<1v>?OJMeup8c&n&Y;#(YW1)EHt>!D-CQ9fwbvT!jZWrB
z>y4gMn<wVKqrFCNM?6LyO08s6;M%jL+_6BT0`#0;nB^GJRFx-nlxjxhaRml)Hnz8N
z8}ZIPC^v_)8~(~wrav=hOe|4XnIwBYP*#pR@TNor2yB3S6`8>V;pB0oiW=J(A?ZZI
zlE%TG31x-lIXIF_t{BDP9>6k1`RO;puu(o}#*4-qgw|xJc3i$pOMICjez|;fL>xp3
zk5VF|E#TL<l1#pbs9Y>UGCh~q)Ge}k3l;5juw+=O*uTxlMWIfv==VKpVa9f0=*L}=
zz<)p@S!1o8|1~w<O>T*`DdQE#!HoBw?>AmXrd);^#;^XB7%xyr8m}+$<>ceNIhN^F
z6=_Z2ve1Id^A=nd30y8B-}i;f4WSdk<znZ_;Swhb68P9$51W$KgM!b*?*|{X9&oAJ
zVm$bD0zQ^cB5OTNNPIatd@hS+`Zw_Doyf;&z`A-OuTK3wqMSX*`f3(9Mh<*`IBJia
z2#)*4o*a%z@g%T`bOknG7^|*R-zKdr^LC_kNZCp%ZaJj85_p`-o|>pcCZ-oh;}$sm
z!f_YpRC|qaito=gLOGWb7SwgGh~dQ5%JK*qk<FXWA~`k1bEf0q7<LQB6tmRcWw-od
zOrqc1SWZv+bO*OMb*B)zY)zz7V1v38VvlJt?@?Yc>GgK&14k96%`ey8Z}p%f7c9H-
zOo2Lgs=?7_sDPg8Vwx-kP_}%txaNq+Bp3ZtOnV`~l>BhF@)%205CKj}<lIRMBrp*;
zNEd8WB3K~DnNP?PF=@BGDY10RwVHdVOk13fEL~{7oEez#I=I$?J|fe^BQlEASKCla
zMw@5X^b#V@bS5xoCkb-4dt~}%QukLBBXz|jtG=Zd%F+H$My9`+{)VYgi?TM=tCnG&
zrAGb?>$Q`#lZm=>dUN0naWM|5Sl^P7UJp39{}lxG0ZdzpaXTfMjsl+<MprP}W#^XW
zU0O^$J@E$2l)CZ{Xmbv7Op4H_ue<12r9^ZaCgHkTNJV)=efvVb9aZ1XUp2eCiov7R
zu9R=sIa?aPCJRA`)p?u`LZ$)(G*yM;6iCf0_IdAjyylDiAeo<p{3ezAl3IT;R}3O4
z!|^Q64WzEisLSDt`aEx=592}9dZ{O`yXN;Z&5qC*8!NaQN>iNv{pbyPUBiY&>J$7G
zW!Fc+hbUOs=FrA8^3p<m-5o0>;!&A4x;42!;)L=%M`*077jS4bLVZZJEECly1ZS+P
zcfx;wWjSeqLtv0nebmQaZO&VyIaUI7Qsg?U%~?T;OeA69R?0ov>Hjb#{AUtbZ;aDz
zBSyk5*bG>Rn%dG@?G=0_(Ok#?4;MJeVytM3OjRHHCR;kUvX9Kys##aL^IIc}l&qc9
z$e$$CLH>Skp>ns=7<r1*H}lV&zA|VL@7{HZ9KcWt|M-J)5@7Ck&QRmsV(W{q{g*?=
zD)l7^xWq#-?Z+KrD|N(w?3}98OW~-7dbDkbYow!^*x31&g78m(6tekSykq43mhi2-
z%abR3jrDYI*l9gggh%q!x>^9|=_9$$3=c6=_^Z_ln;Y@BC!>_1h(lTsN;fLc)%<H2
zAk;x7b(iL$`p9$Nhf4!r)rYhEyV1n7-?$vr{KXkI)USK0^i0yNgkCBkBazTsC8Q-1
zvQ$E9A|aau^_D7YrjNt_7FWX8kNI2s*MEuLRU<x^qpa6E=y5}7app|AReZ`VUJX%h
zpGgu=gDE}*`}30dGrKj6?%vHL8E#v{Xl843M7V}Rm135Z$p*QQ1d!?MDMC>7XyON5
z&6c~l)(mFgjwJ*59&ri8&cQjPEJXk@x?2ie5mJPDrM6Bfl_R9K)n;wiOj5Ny#}BpL
z@ndQ`U)3hS6cA@C5NkDmU^9m2$*0iV%wu0gM`YqhUYqj>$&*lLKx<)I9n9Ec_P1XZ
zJBTms@2lVYdVH*YCpBs1^|GmNmQ5X+`_Iq6jr!Y&6?~=nUjF{K(GlezbfZcMlgm=_
zx3r9C`4er_42~rn8*#=GN$5*LLuX%UpfWW!HWqpB=d49;*oJrHmY3o$A#kkz)9y<K
zG6Z<Mp&m~x%mQel+2dF$iNscte{p(5G_eVD>CiVD7-5tK`&VP;(j7GzM-c{<PhuB8
zs+n-gHqUmLd0Wt1HC5|yUx0-oH>&*Rs<jel0`BDDTy5TqG!aaFoXbVFBzQAciu?U#
z1El4iLC@o<*g|Gw&ZPVI+A6xyvFL!5(z7T)H(EDi#qGJAn*|DrDlEp$be^h{`>R(U
z-cF5GXW~#Gqf@DEUD2T`O|h4^dp|<hk!QmtM4(yyjMzcWrON-mnAZ_M^Y_3`y$2eN
zQ5OmLNPV2tRRWup^2az=rN_?WxP2wI;RS&s_4pSGWnHhrSc7P%!xe7mG%l1?;3yn`
zW`7aEGXw-~9_A@B$<_oGOoBIP&2zdt^kdto!eVgOXWo60`;y031-;*_7j5_c)@|FM
zy|!tQO{ObpzC!o2{TBDE*)k&w`_cT(51bPzNc!$7`p|Pd8Sb|^IY<3_X4mgQ*(-nZ
zjPAp*k9^m=N<_AK!pv4T7*l;Ed;0I>7To9xY&U{xRRNYeNpl6>aRnNTz80uPY+N9G
zr|b*)WO}81Sba%!Pvl8E0DvB_$V1$4HpzSSG4WqkanBMEUW#v({9QHs0<|!Gt7Lhu
znw`6ZjmtOryJ~i?C7dd}$=_Alqn(*b;bUeB-I22d-Bj7hf4+kaO%n@w)dMxk&6o%y
zhK7~nA~V0}`-FNd{{`XP>rRkan<olsIIYm;{a!t+*XHKaJv~&DSEuR~_EpF}=XE)@
z6ermllQ6<01yLUOSe~Yl?=UKX@;pNi#X9y#o=;U|S|yOD%d;j+#}qNjxhb;75`Jkm
z&MhOUP<?~u$(4Dysz5E-q636qUN0U_<>n&&RKK(-{d{jlyq{LDCXhPO>J@#B^~yze
z&3@V!|2DZlu!m0CAN4KPpH&yC{$P)z0rko>Uvb~Mhf}dW10m2q)7!5|AhE#n|B6~;
zn)#iTW`1atO;qPaVEQA~flZiH8{O2B@=SGwGBn-BA>Tx`t7b{K?8x;?WjPGpVq}}E
zv}m(uv~D}>doa3cmNJBh4AZ0Qog|+hPdggPwbF9pY2QLrn)yJjbw|W;Hnct=arRe^
z@D+DmHESeJ1h8C15rzwKXvEuG_|$?YK!*`fv!E@`>dGcO3n600QkF|f__qQ!%H-F3
z8U-QZn)u#f0-(TVj19pSE@UN;#J<D3re7kK#L7~TfWf8dZ}|@IuNZ=~q-!k9suejn
zeZ6Vsr`1e{o{jW`dM-_07g!%5jBrN!TY&@d=Bp3;XuqPr617qY>a0SO!nPFUh(O2o
zS-HH3trjz4x~v|#x5-M7)$`1<q}2oEEz;_c{V6L4t0z|6T<oH@Vl5)I*lO~8k~L)i
z*9Ec*VhcXD<YGQ~%?OZWd-2!F3r}|S$u@%e7F&2@h6r3m-rerLgwq??47b6)7=!G$
zBv+_Rm}zLwy^(ZTN@iF%f)^|0BMkdN{TkOl?h|P~?_DMT^hJosl>+^q!9L8S7S%Pt
z$^zsfgwDb?h_V;C-uOK4GP|C<UP8L}uAFX>?Y&I0eKrN4uRR#9S%o|s!j;UXknX)H
z_z(q8M!GK$dVP>ZulJI}<07dG3pQ1kNvrP+=TTj3ux3P%q(S19FO>Z+03D}|$DVJ3
z4|>6*ZxPFW4eX4!)+u4zNW8QH#LB_U(9fSVXQ-Vb*S$aE9AIrEDRLn%HSTMa;+}5m
zPFg6$7`ARP2A0wfx-C4FCX&tzm|tD=?qf28UA+WT7Tb++Or0|~&@eu_8^8<xGvgvx
zo&x!4O6J0INetAhpwyM8)`z?J*407nrp5$iiklyqI6_gCgX_Z?zI83~Jy0)s*@5eP
zyxOhorT{K7yguB^w{CwdUq&Kd`(iO6UQFmlr^IOom@9XU61~M~D_Nh{B$*v~F2v1|
zOB=mfjLy#*x=y~A6c(SN)huN^$^f=W;<t_>gkRnC^vF--QHZ6bajl1?F|7yI%`Ru$
z9feza8SfRMKQJ!Xzl(e5RtZkpy47jJ2ge3i?N0BR<AS$zNjt%Zbf>=#_xW|x8=z?r
z(Iei$XTbWKVMzGsR0?ED7Y}l(I+xfh#Xc&#8y7U2<Ww(KnWX(_x}@01vT_RFq)KVH
z4XsnSQrHkhhOUhX6BgXSwU{<9$OhK~S!gI5gwNIH%#-(`9ooE~@gNb1adZZwhAVwE
z`>`vO^YWS!g?&E2IV<t~oZ8qg@F$w8`FBGr;Avo8_*qUXhw7e~Hao1Qx2T>(2-yp~
z2oJ5orUj1b`6%pd85c_J>m()=5vH$mhKez8+C{VlRv|Q1aq;NF;?#<b$b-b~&|WwC
z99n6;ODn_p{2c<fV)YVP*^yp*z^2-xZs_I6v$0+fzx)fcZ+uZbi<||%p+Cfm;QTn`
z$`7mlWYC{BXVJTKg9`!Q&sBXIp46v|swVH*s!!|Pfz58Mbc0(fV-3(J)B@K>mL)cv
zGc>~%gM%C9%CqWzFPgj-d@$7+l0;8l70SZh0HpqQJ^w8-IRhwp;(2AWUbIiEsbz)0
zVd5CyQTdP(urz~)Tu|`DPZh{L%?!8#b$V;FZrh>fOK4op{|Jfh(A7f6rlvXyQ;REp
z={<)f<}BJTd9~8jfOIv$blcWD19g#LQh!u;=|`dywIX|qk7Aue@!7}`Ia~JERiXYp
z(Rg&h-$QO8K4Yl3*^Tx`QvbVI{YSuK_J32X|8j${#%0?fZZo9+8%cDBZc6mOO7*|q
zS@f0UHT%y@Y;fC%a9V$&{?m_GCshAkMJ%JS^+c!O4n_5dgrzm)y)~(_$T0`h{AoPl
znrof1B2q%*mT$R(veLy-QN^E>W&WULf0W-FcJhB6{2K%u8E9go)B4)A8J&1KfV-Q$
z{O5N9u5s=#v>T#dYnexR-OnpAH*To=x>U<-m{h9Ww~;?zZxRPOxwJuRUmrbyX!p=0
z?Rp$|-S;_{;;+TO&i2^nV+T}K*KdN2mkM>K)jr7dkbMJJXYq~%^9pBPjC6;G2yC*g
zaEhkAuvwWzuJL{;VX#e4P?n2R&NJnmYbYF;_t?i@C>>jo1o-zP4Zl(i`@TWTpGyp1
z)&JTs8UH@U?@{B&KiU6x<6nRB@o)2{5?VOd)ZmJr8G>fAfX5+qr`-lTBpCE8T@Q*g
z$XVqWA&hqhZks@SR8|A#OZTD`H73(Z{8Q{7atWU*Y!VRWtO93XdZ9CLJvxaUq*d83
zKaL;P-cSWA<)Ir7Z}PweP`odmo2Q8SP_~0KJU2$p<-1#br!x)4-RD@}i_9{rd|B-K
zhsIu2K6ZajqR&kK+=^R|Fco^^IF@#9wAs=Ey#?$h(Hhhp8fVdUj7blzFz=F~S5>;P
zP%;IdQ;EuvftWRjz)KOd2qes#s70~z-XgU?whUIjMgFSxnK*<%(KmK`1S?BWwcQds
zWg*$66HoJtvk4oKP_0B7l|(%V3B<Xf_~p9r%PmjWHCKY-w8f{^AU+n3`Kbwx`K<Qm
zLtsaOf9^Z7Yx>BJ>~oBGg?oNRf_wha$n*{AYjBLDT%E{aXZAz5=fCd2Jzo=n^%m!z
zZxH)!B3K1J6v`pR7!XnP?qvAqLoI@|68?FG@XvD<NeTaauQsQRHY5t~sS?gTZMtyK
z&sQ9D(&3;>59F&(n54AI44ir>9{Otab%m6*eF96Cc*TzB4NBSLZW4jrH0DBy9?|81
ziC*l(+7GZgUiC%T5I!D-{vIaxV0o6SL4iC-ECRw);MhudZKqS2!}qPvvlXJ~p1ey-
zFTE%4GR-gcJq~=FLN#9M@L~PxKaGq+J)e)Zm{r=-5dM&TlsF%i41szkQcqzE{PeZF
zv{8L`$Lkh9{qtmgjJxPF;is48sdk85rq#Skh0=^DrKx6cG6Ge+O<Bq~6fsbJ#7FP6
zInToicZgr+6sD7_g*N9YQe<l3r@zi>hM)dHN?0rrWMOV`+dfx-M4iV3<S^Qj5S4?K
zTnkqPLoSn*SJRBb|InS_Kb>X2NZMMQngb*-WqVF}ad!o*Fhc@U=|JM%MT#CvDd$Uy
zz9g5wa`TaC8V|#H0^Y9d>q6$uKsn16O$2tR=^|dT&5*b=J`&9jN=9N`2l=qT`k+R0
zOtj7>8$*|?%g03V)>3o}v9@YQvIfI;hN2dq>@w~>O|E=ndVg7ht3VdB`$ZlAG(0H{
z(eQiFNW6F_D$&_$6=0S3$SJg>Bo4|QnrKd+$jSU$kH&9FUm61k2%<xRu>TPyK~T0h
zB4I^_@T5X=eEXaAO&o9THD;;g#A-qwehoJoF{sgMelBwr#61t(s6}q!L}#a>T@Z2j
zK5FqDS*X>z$bfG&Y~h<+p<6OLxwX;nVJ&hR8R{IqBkYcIr3(LQT;esui6Ecm?@JO(
zw0|Zg@lw0<flqP1(!V=|uxF_MNN3MA;$pw{E8smY)E^z?rsHdUn~!2c7kQr8S(3#`
z!>U~z2#j=C9t28!M;@DXMflHTJ}z5}RwF?;$@&GKy;FQgp4A=|loFZgTQkjfq@bc_
z<bDV40~ki9svrA~)IEIXca79r%2&JzC^&TP*kkY6^fooz%2Yc-QwMMZ&w!VVPXTJ*
z=S`<}?U7gcI4+ct;>xdg1;Byh(wzCwc3s8OP~ZlZ(b!B^U~JCKMBlO8U5NvM5*U@r
zUkWY)Iyw;%A0j0wrtgrty{LbR`;Zg5`zX%DcgXftK0uM=>qB(m&vAFug)jaqH}`}t
z{7>ey0HvUD*6FhPlJ!T-o{7#-&<wEP3ci|GCyfXib#c&?i24Y!-CJPgEGe-5$!1Iw
zfe{XW(2vKNmUzVI#}4Nj>R6U86=-GeDEEFDqz0OYZfX506%Pk_X_9jQX^y}q#|m+j
z$3^oqXZ`1AIq|=v)re&>ZV9wG`#@Dv&e8fWRWMx&?&GU_%4Y*=BUe*o5Jd=9qpKnl
zwK>Z>6zL{K)|f@My6+@#-REahq_b8dc4pOw48d!2YCDwbE~TC%gJXs04q4qBLP4C@
zzt7NO&TU*B3T8+_aaR;*syFPeDJ^f@^iVh2Jcpuot>$;C=t2zQwK+XI6zw5Jhf<Wm
z`B6Bd)DI}t#dBZvp^{M=C3ewQ0S9JfCOl4=BxUSonW^h<pGujFDbv+cSbfO%)YFuC
zp<@|Mm3fzr&`#j8Pp_j)5oNH~-AE#yaa=I}az=+zpA)ge2c$W1tf(B`BruS~#aVo9
zYFcUNPMH36QL!2Wr+n-?TvV!!-aTgi#NxCHJEDE>Hs9ewZLV<oBByilR8lZG6mm#O
z38e;#ny1@Ik5pk;fCVmJa^(xIh`i>VD>B|;GG59ZN~JlXJCt5>q{N|Ia6}3n%eqh^
zQs7YLxRJpQWs4li#StRfYTBGXTgxvFw@hn&%0PvVQPBW$0VDT&#E$7pW%c4aaT80~
zsg=TWM(bQolUy<GK<8Tmaq%=ko(kj%4knx`d736q)OxLO>XoUEr7=aEBCTdBjfml!
z7ax&GaPS2st};y*$0E_eXYAjfRu`^pr~0+@H%4o(oqsv^4LppV%paOqwc^V-*&iDI
zMmM?ecbT&Q(gymePaUpa*Sc+=DgVY>y<u1I<}|l$(=uF5D|-_$h*vHfd^{ir(wD8;
z_QmUO9s3l5bH6BVit1zi-ho`$s}CLO^d!<hp<XZ^<bFD8J5n@R+ZFxEW7k)Xp7HAa
zYgzwF#qm?px;lt38Jcr2YEKFM;~5-y4r~a`$@#WNO7-gfJ9t|?^g#XIo~5?+^e<vp
zH*RwV4h!#s7`<BQA>H<l6BWVyBh$~+7LUg0<_pA;cf1%En`6ZvZ4niLzz6tege)B|
zw+~s`k()?!ZpJCc8t3MSSo^EcTXzi(PAx!VS_tU)eM#bffyrBiwp8?>=Znaxre+DA
zdSbOsr&dU?EEtm}u8k|++`0y5_s-T2^hTI>#M2<M<$37&L_NI|l|qnE_!9}weZ+;K
z$j|B`OArcNJxYYi*{f?o*{9NgF)c?>cA{@`Uc~g3t3Q99Ecj;ye~WpNA6u2lvDklT
zXCWsCPnSSeEko`r&$>v0X2_H9<x~G)@#V$j8~1gPe56iN*DesXY{yJ?4;_+PD5TV$
zawRD;Ho5wnW7W5-D4Rh@sgqVDdrlfrw@bB$Ow!Gm`FAuom3vvOmQe0cI7Dg)7OHT7
z2c?kGT)o=-!gjM*|JL=&3GJGh;_ZT>du}Av>0g^e{0Mk}O1coss$^;Q-}f;k3O=cn
zQBIS(=BpR`#lI8im}I5&GEISkhn!fy71BryfKSRXH|Js@wb|V@=J-n_i=0ua2@Cop
zjgP@rP16L)HQCHX=okwU_b-Y;!h1bX7%ZbGq3&>Yd_wKp&J%U#7@TA6Bu!YXzsJG3
zH?^~PWffTlf8w9>VLyvckf2eSt>}fAzqb>TFQsC2`|sVK;r$E(X4{Dfm`SA_37DAz
z`UC;<x7jfQ=FTkXP%M6p<$zB7wTT0|;fxbY64;!2E3TpSO^#(EsEOOkKE-#(awWTo
zyYh!@{-79NbnW*4iS1_{33c-wC@jAR^XENx=o+Oa>=0Gn{_62Y^?1yU=6S-q|BK>p
zZTf}UYpdI-4L429Uyp}6U_PEs;C<~13cIpkZm-4?P1GN_VG5azJGxQxugyX~dwp1K
z0Mmn<k5B)5{^&Z?mcTh6?{*V>LIM>8mkF+~+|qH1A7ps`Q5~oF>1WjxOPe@_jX9*-
z356ZDgELv;WtS;;S>*yx6C|9^#1!~t9sKkx)9BfqznR*HiA6N%x?$)#qoiHEq3mf7
z$JWl-y=3hO{%prTDujGcE-}Q#8KF@`sqpA|9=reO5HBvb@b^maI0PvTgfU>F!uQbT
zh<8VQN%JQ2pT0CEK+%_tvHm%iOeBv`ZcfD+7n^kFGSNwp{~XAum?2!L;RRATcm~d+
zdpm7wT<JUY+6~_E&MEH;^>S4x@7LH5r15)~JMfWv;8uvy9nfr<?tyRfxZ7=epSN5m
zKmG<>H#Fdf^;p-cm(X?-*Q=4?4P$L7;XDRlHmUs7FMyGd+9g!p>^q!ZRSc{BIka$G
zp}bMB%iXvOZb7dOQ3tAaFsB$V-n9LPv$W88;44JhTJ3nq%J3`vAyO`Pq2ddKM1q9e
z%UA;UAi4@UqAt90V{9s}VCFnSy1pz1E@vEE&IGuY$H1j87i^`#^?D3kdhh~gDC1n+
zwoOkDyAYpW<D9Zl;6tZHGbY7p`&_U8B5hnK??=|FEAWYHAmW>sBPO&ycWEzwL^cyz
z8=+biwCG>gs)Zt_FGVj9ncD%pi7(*l%hj(Q9i>C*RcAwvAh3820(TwraJ3$7@_vXU
z;8aE^^hW??oOO|NutAM<8CoZ`02So*Zqwcsn~*@gEB~u;q4RCZGV3tfqb}Qemu<BI
zu2$1cz>0tK%C6XnzDobK#i#h!<@yi(NUL4QE7A%lpS3x=1;61+Fm%0*9-iR{UAe8b
z9xe_>tzRLZS&s*_As)O5A34vfAzMN00sW-a{8iANwm6*uF&=H+uXsn4L9eN$kHfcG
zbg|N_2FVhKXok0PWhf)SaEV=#afM5BAw_VllVNWX5efe3Kjcn4gn-)nowjcxT}@fo
zLB&b2mdYdB=$2X(T&llt6YxX4B)J2~0tRqiP<N&qA7cK)7f62(7kCMWv-d(exn3K!
z0XXaV>)jz8ZKH_I4Ru*zXCU5nvP&OTyA&0#yZ-#j;ubtr9MM~mda<3pO5iJ;`_sg!
z@CF##k@TwJ&S*Vjk}2Hj4&`0x0yjt3h|@QB(b_6I3=Ypmo~Ek^SZPk%2heVj$<EgI
zRK^XSA5tC{!SVe{Jw4-ayVMn$5=9~;wQpg8+$41lmJ;|ALN(O8Ins|C7O_y~bY=cp
zcj6$<`w}Y$r}2R|o%tUCL>bw$Yh)Qt0LySaT_^JnzA?SuN>u2jyR3gYkq@d5ImeCR
zLLr1LFXJ5JcsWOw#}Ym`$2qUP5$DKStt6S%oX%7D50ZT)3x<CKQpA^+sFx74i8!il
zmud5afrddlyrQ+Ht}y<2`e=`RPBPI8?%jwhr5?UV<brZbkNN6%Fs_xd>knw-iNElL
zHorl-5VF5NJS*kEDDB2nBP=P*>nR+TV{FPZSbEb5$5K0tPRZcCUZg$tUp~`2MLGXd
z_(W_?ks62#>1l$l0}X*~bid{|^i0}S-i)GaRY<6>CD#=y*N1x18eFy&Z6h9h8sHFZ
zq3~HCL)A_XX(wOW8AvBVls1gt&KF!C>e26F(E)3@qV>6OIsKaE&{@Mso~jBFG~J7T
zsXKdA1x-NAR=){A9MEpGfAni=-C%Yu@Q+l;<uf~u<9QmY-7<sg5n~BIN**yH$QinG
zSr3I+KO1_Gc#s#K#%9dAT#+Y9>$_-|=LVKrDlX{PIDBmdo-Z7slIG&{s{7Fb$LI@;
zQk6cxv^ZDn_;Qr!mtQBv9#q97H${unrz2!;)AM)WYXZkb!_J75;Cx9`^PLjqK4kAT
z3^?Q)2ejL;5j#3WtF_Zngn;%bKV^h%s;9~2aW-rd*NSusSBsh~2b`rL|F4f+$QQ(n
zu%Q94ZbKbY!aA`>w3=<Csn|}@bq?PQ8$zc2o=^CcR>3VAz8dPGGNP$TXULM+k?UL<
zJ91sYK5WBoPTLlD`c`-C8gB`pFk>xzqdIzRajpxC{~TxNK@M^OjKAJG1!$@VL{}!!
z8I-g8SGaF_F6B5N#GtrzM2IE%NxVQ@tos_8aSE1Rbr!B(V(@+kn{5l=kqx4gb|8|9
zM~HQSxAGeTujb{_1+hj19K_H7W=-0hxukj1V1MMo47iS8eD~8>lLt%J#hxxv|FH`^
z`|-@^F<`h$1@IX$4wSCg+PImhI;*47<LP~fOPMEG<QkD9Ny^2(iqJRb2>`4u?(A>M
z^|x`V)XE$%mb+O4B!{ML8@i?BV8c=I2Y{N}4SMT)dZ^Ndt~ht@uXWpI=xI(2VOp$1
zMK-HT9Qj?~Fi(uJq5kT`7#qsE$)UNnlxeQ@B76_5ciUEbH*hkpi*z5lC9t{m-Qpoy
z*?QX}X6OCUUR9@YJwAs6Ic-^Q=@$+Z0*$ixUpk*_4dS`Mj71E4bCzZD6wSW)Tq4q;
zm0^AX@m<9-13(4r`4KB1AhkzEkn*|;9wK)F?Xe;Jg)2~7H|qvH^o**}v9g%f{B6Ce
zaszeRV0+U%6x@jhnZxbv+{;7_e(>-@4oFWb_e+co4jOZRgMEh8j6`wJ9;v5>GFxkH
z-R!@|ss)8#*t#Q8`K7AzsVA>IlA|rAQbtysT6KPLC&x-E1wn1c7)CX_=~sznWk|E{
zD$A$ISx-8mn;a}~BpI_uI#$SNVx7R6g4DA7W2nOyW2|ACOB^)TK0~VQSXrPIeRj!G
zu`SY-gQ#a&;24VKQ93c=7){I?fn2=)lVN)LH-hfoKz%KBh&K(j0Q>!O#qR~^_<+`P
ztaz^L$~{d;=p^PxtQ#wbOP>O}j0}b#zo|cy-v+S}mVXG6iW;U5k7s9+RQA*9rexpt
zxXMn?QouT@XWC;D{lEcXY1N^b$fW2k2R0&(>INBuKCq!Q@J;wqa&kGCcP|$J*$>8`
zE^+}N>1~o$Nozz%&5R{hk*L&_j~NfCv;@9|L%D?99JSHEs`aJZ(}_1+;pjP*$+YlI
z<Yu#=0ZRj0ILi;>p+tL~pebLCjM$f!Q2ZK#ytqQoUQaeB;dS-U>02)oU36l;<eer|
zUSKnhu+SE%Z@ENtrbwT78stc`)4!Qvj&0(U{@cw}y-<CMdNa_iStd}F)<i?3-WWOM
zox6Y7Ii>z^X8wBHYX9nypj}X0x_sSgR3DZZf4FD$;WbC1(aL)nl+{&#W2zXut#NMs
z$p2|)chLrk^$7J!j0W7%xwO(ITu-{RvL+htgsK_+i1wFXdh2hoxlnYaq5AN}g3bN!
zMXOiKEL0zsr8K?3Y(#00a#`b2yLGRw{ee2RF!W|j1n3AC%;91fpdg3QfJLKxDN`wz
zKH>c}I09SbyT~6csYS4BaNMwi^_gDh!Fulh)xcO=3@zPump1ob>g8mvn8W9*yQOl)
zJY;Dec>~Si^=A3wWi%b+GbeOcWXfkE<LJQg6?8biJJff=>-34`J>uK_l8ZXtrCkeH
z=@z@By*ueN<xcv@dC8+4#4ugrh76P&^X)GFr1v2=jJb>FBHj8}qEfyNmTlytsPSPZ
z*+z-ofj*G3XBv$Dg`7<g9inoHwrptl@6n}SrcnwTMI8}RCIX-iwv*JITEW(Xt(qoi
zKG!(?by`M}|6dtQPU?}citJ!8S@6TerzC^P!J<=|7!K=8#m2Nolan->k0vmh9*NN;
zjH(%G*T;JUR{Qw-<6}WdL&++P^FdbN(3p927cr0apjy5*7uJUiR2fO1o@69_#np5b
znn%IS$``kwJ~L^EW+lnJF9jFjYlM9e>d|=%_$8QynM#ix(yw4D@o{Bx#)&>GGtv;<
z&3KU~<I#mXd}_#X%-?pVHt#0EQS45%@cU|uyZGCNcyj!0=Xp;hmVrlvH4#m57R(C<
z4nFU41lIWvWmZiDNA#?`ZRi#e;mwung^8tbTNufW@jKvLyo)ZHZ3pCz;2j*}*ZhL4
zP_%tQ<HdJj#rs05)IIC3!x8YP)qyodO%>~eL=XRyd|(W!pMIYM;l6lRau+pwZi1=N
zzmKzZx3*w)XlgSage!XcH{|-)JnLU0b?gj$P_&_PMa>p(MPM(=hsbOz8zYmbYSIE}
z*I(C+*}yY&ZF8W`1)(KfLmJ-f-HlwAlMd3j&e9)|_Vy;V=U>xYv;i^5PR&1_4$;Ob
zrNozut|r)=w6lqx<LrsE(vQ0*q{DEU;WY@yHe??lJXoGHdA??{oI%zWiF21tJr&A8
zwL+E%fhS%inc(3+kOJ(S9Ao~mgR(2t{aU82A8NJ9Gj}GWswYckE=SFr;>m!oz3B?9
zA*s)QsAr`^j)e~R3Nk1a8@;+_hrcboYLgyH^_6j4g;Gm|UM<?}#gl+V3<TQNKq;Dn
zp*XxyMD%<B;n=^6IX?~n2AiTAc3@j8eI~fJKrWUc4g*}xad1&vT;8Gl-Bf?B?x-Ld
zaVnZd2<x=qXrhpKM+pOXhYSMfq@BZq^YyKZuGo3`AZ@yYB}3Ch^Q%x`+H-FWQD-au
zH^l45d6<8OHvvz@w-jv?X<}Ice`4!Z$sIDu;(%%4YtbA^9?Bi3TSXVgQaKLFQtC_R
z>-aZ1gw`A}({~_z{YW~&i}qX-Dsx{UJxh~7v55J7hZZ`PTc^l-Whq-r=a0wW5u-<l
zX<E@CW%N+VF?6BvdS6+s0!<#@yTqoKONHlzeUqc*_`X$K`5pa|BCO?q->(3)V^r=(
zvB)Eu|3QJ#QlAVw{}5+Pu_%Ir;A=Q;Eq8splvZu{QgS+%Ri1jW@zuYceo`^q_h5+b
zT)8DSY2w53Q;DZ08sU&adz^tSAPe<OdZRevu^n>vY=l-u8SGtm&v(?5_P5r{aWZnb
zb45x@&h#Vi7kXWRD2%{wbsH-ecBT?E8HG#5l)KH9zF(`EONV6_5l&m=xc=3jt4OHP
z?DKMoTdh5JY=~M_A}1B!tgWn^ZO-~H&I4I|;<n)lFIFqM<i;+Ly}o3`;}bp}-;*&G
zHB_MM2=X`Uj;^<=ZXUqxM%F5oqG|SKLFxQ^=$o7d01l~DU1scX7AwQ6?~udU1RjU;
zP4m^^EGsomc#G&}&ZO8WU3esc4^DnQkG+W#jc$JT`8@IN_?af>^TYrAADqt(_QWCF
z;e1|@<OAe8&*!A^SW?e{rf~`KF*8KRvRS=TmSr+7Fs_{Mn5#hT2>Rsko5_E2;)>)(
zM&JG4jsEh9?M6TQ)&Ifhn^I3Y`ky6v`uMKVbG|2yzXQFsXgnjre*3%UGiyq_5xw}z
z|6oK1JD+q!b$a5{cZ~?T#G+TuS{J8R+T>(A3BB?k$|Eg|wz*w6rtgqPZa*iEt;`tN
zMx;h<HxUfWF6)0+Y?p0mm0gy&k8~vcx$nq*<$okU6CJP7$8~9Z`z{6UjCE<G>Qdrx
zu;|$W{VuMQc&pmMb&9jXrRjB0`&P{J;X4Lorx4Il<SyErR~V-$J9RFN1?_?)i0eln
zS>PaNRNYN~N>(7FDLa)@rATiT{hY87ukA#62;WToZ$pN6OO{>Ypx-8OyRy0pZB^YS
z-l;(GRWB*==n&jQt#%+FEsML5>RC3m2^UfbNhJXK^^*vI4iQzy(Wr!@m3_@PUGU9_
zfNmz<RkbAYQTxm$K249~)7H)P;Q>JP+ncjf0$7C`-Tln3e{F$SD6zkU97eGXy;cm!
z-*sv_7u-0cUOEFz9Mb^%<B1@(KpkgE@Non-NT8?x5I!^#3l49>=lJ08>rMn4Q<&PV
zJ!~uqYt;&YO$LB;nSdO65YbAB_DiHn>d;953HZE!6Xwn9j4$9Q$Dre5z%l<7O5Ywm
z+p!9<a(2b9eV1Gd8WIfxb?xh)Cu)E2)zXDz&Ep&Qq-OSz9{5P1Uk)~8W`_L*+6fIm
z#mw-SLc6$ZQ56Y4=o8c$xkjaPPoO@Jd5z+@HeED;Eb@+XHq{B$0#ko1E9rK%J4*K;
zK&;!9^6-#Y-R<tP!LB%f)oK=zS&T_K93Xf3Ic8F0<2>2*_RZVcq1($}Vwml&x6_qB
zpo;I~4`|-8MAtb!FHiCZboJ<V==QAmL1!L`ugtOf8b1;(he5~Re=UCxXE8A4?;(eC
z61NJxI+jY}|E0eNE}tUOP565_6Mqj=;U_H{C@ufz{vJN#NCXWh<1YjXcT?l{^Y?HM
zIhRTYR5;~O_NED7TJ;`iG=BJ%!vCS{-;uiNEPA+7{ur04^w|Buf@dGTD0tT0oPeh!
z{$Ii~yCXcaf#+o`ex>&JU%>NbI)6Mog`WR@@GK_hQt5yN&)K&FPxTHwJMFjNc{Qo4
z1U4(>kFoblNsqxZj%m!5{g*oSgd*cwtotwiWq0g^LvQI<h*vc34Wbw%;v}>)<x(<^
zDO1Lwq2U$O08YAvMqMF6IdCrd)@bYz(g+08o<EfAe>K;PHS7xgn9Ka_)H{}@<OZL>
zhNnsYq{d`ld@;XGphfY?H@pQT;Y4Xcq?{aY2aLX8J5%N<Z|UY6+Klpc<S&9Lvmc?q
zN-{z|<1<ME2a1=mOc5m~c^LyqT3*Ho;eG-yV?z(O!z#&M#*SRx4y&BN%UH61zH+5W
zUR8+xiB_|iA-jSzb3_kMdu?g~h9tM&+AAfJuD(9a*GX9ToEa*M4m5D;gBm9G4waOR
z5~TW}Bzgmb!2443CTZ^&&gw>SsEtlv<|O~os0Vo6mFo)3%vnlmG(X(BEnp06N~$an
z{#skH4)=)lyX~gfjdP$yUFgO60ki}+gBdUfYJSWs=J(;-Rq{-{ZJ(k0XX02F-}jfX
z29#?PGb(CyP^T<zZ|%~OR!BR4a!kb*&#j`M>Bmd2_b$_aEMA5(X@?0LJs9v5xbj;h
zsAFGOh?uaUnG6Z%RtJo)@r5Cu1(myO*eT1(h-MGdxR%=f#n=n<=;%yQTV9))d=DJ)
zs|v(4p&mgN73=zKbpUa-T`5;0<6(1?1rQs2X{5BKveI`MP4i(-TKuD!eyMWvT$~rb
zrhccp=Vxz~?L?Rvc9*eio{SBpAaq=TfcPH2<SV{wW%ZFOMD#d1u-?C?Gd&Mg!1_4W
zsbZMG=|VkpBLjYb|93!rF&|lZqRq)<AjODAvwzx4R2_Fkv#WVf<JMz}iv(bCqOC-b
zB04~3<6?AaWMr4~8|ltxdS}#wCs3_4-km4IHC8K7nD;52NzxWyr7L|F|DjIW98rkY
zYEACI@M~rYNa>5o(=B`qYDNTM!hD$|=Xs{sOy#6{)2c^K^#0^d&luT+U833Bdx{)$
z__Ghk%FC7CXnQoB%|U;~F<DP3%2H#Ht<mg1Qb7DNAH*+nq=!|@0+r~WS+2q_=THTM
zlk2QVD#4~HR`{C&?McxP70!aB%7bvOpqcESWS^F@s)Xlg_L)8ClgKK?VLEQSVO49H
z_>R*uZ^<jvdX6v9dY0#EJ@rgYnAX=!W`P0d+t!#Nrlbzzvpot`!;ul77*AK2(Duz$
z>nMI#i1F_*S-L%!V0GfBdiG%E#S!i6^ovt_3~6>zx8wHcpcgVvgP&o#S!On?n9Lhc
zD%@q<{SR~6&Q!I_`n-m~AI4pDL=UWS2di=gjQ!kH4G7~^oAA7jTCr?4D<*raVp#`0
zsW{S|L|HM{%8sP96}4({{BfUo=(N`t94|+g@+t7Ow)nn_;Emo_z@Mt2DkR2OfH^j^
zWd7gsBnVI`zXJWz`LE{n<QEye#QUK<@^2pG*HG^@N~>7ZjrXhfSM%EV)q2+C2}cm!
zi&Sq<c-4e>(`t|MC0qwZGBj#j-KQ(H)Z{HB4c|D=^COK5y=paP<Dl5sHyb=almbR6
z3h`4}f-YDG)7Y20Zk2wNq7@G7Q>u~beDWKzcfQ|zoo~Ln6wS_pQL9SC6KeJGOJ=1!
zEe9VfPN|5?$;4s1%XkraBMdu8cfFJ60_7Ca8O_M^V(^2;d5WjI@|+#be({vk2!#aF
z@G@_oMYDgyyEvY#-GO|Wz=SgRnkJf+V-7|SXtBE<MStW?zAGyb!fmbsE{wGVf4)7&
zv*oTL!n@nn<cPMI_kax3e8jXb7<y15tC_aFCCrg9kTE0_`xyBL1V7-%hF<xH=Ib7Q
zSS>Y{&9L>$yDqaCvTsqqtjQ~vSJ{IxAekFhKx3zh1lUL^$d$S+o$>Tzf<*<Ee3?Nl
z3bKGPriX6oubUsNW@Gb3&t;<In=BZu_EV|YTynAs8nR^-Sk}hoLbwyiiB+;-5W2th
zW`3xyK)qV(@P+2LcjOkxw-WQU<PNi=CDKtnHp~gMNJTYfg^Z(IK3j_J9x)==W&9S;
z__7>UsMXrZGgQp27gFwoi{j~w_KRXZ@2mw%%Vc%(dc$&EC?$TKxdN><9I~Hd^;fn8
zLn|1c++W6^CSd}<s=o{6H{M_MndPhcyRS|4*AdtoYt%DBy4*|=)#VGVb=*^}W4aQ}
z-qW34ikwMSGs>8ssnm^Ts#?>jTpP;>B&q~oYC-!8F=Y!#Kg{LL$x`QeNDpSP)}3I%
z*zPpV!OLp4c<|*COEj$lwh|IZMxis{kvEtFHaBZ*z=Nru0ZVrBnVU5>TD4hI%+ZFo
zl8-jDT6qY2$&<8_9_rm5pPa^EV)*2-8%;=_2%lV}`e!avy7;ZoC3NFI#3#2Bm+<@G
zlUuvBUpj8y73}8=4hd!dY`;+b39NV>s3SItb>risu-mWyzTIpG$;CK+`aa!UoZh~h
zf8t$rQ}lgZq36^IAnHzXVnC>hZm3MWA-}Oz5lkE)YQf7A^4CF*TU#+{OA69I_bJ)T
z?U24jHR#kzt3!N;ARSR!Oj<teQM?)}o7-AZ!#7<6ltQ<#u%H0dQu^n^CK0G(P_MkY
zK=`>rBQE%inzgb+VH;KG@s0|%iM2o-_IXd5UDU;`a5)JF_n3=&JkP6d`OYaxTHFdV
zStpTcehBqBQWRG@>!EUJ&%>Q63S_69=OXmA(4Km5iqM|X>!9!-j#HkQX{P}XsI#s-
z=)o20d{!Qh>CVko*XV0Ih{eH!>O+UUX8ht`YI(?|q<XCo6>$O{qv7r_m7%PHUPPSN
zDQb4|Uu1E%8q@fVjE|JbXIZ<3SieNZ8f~9g<d}pwr=*GIgRd$iYg{U8g*3rgqzUSb
zoDyOAkdsQFLv=$g+Jc`~KGdFqo3!8>lpQ;H2FN8Qs(JfzE#lPfCYO?Ec3T&~5xp|a
z(@D%YcHJBu^eHI`Zko`4;*Kj=Aa3kLk2=jWOdMS5fdbEYjblYQgt2yQ9GfO5*QCa=
z87a1gv8T|L8vxl@wdg6NU}DMNt@}y23dP0LWd-W}yP3|b&FQqW&b%41>zV0|ay(Nz
zjsFvvTIj>%YXx(9kqjcRE2&6y&;ZidzR7orR%6efO&IOvS187x%@kNA*^>~d&o|q_
zt>Iq`MtP2dClI_3#nT@Tb{2iE%~>ny!7++SkSmJT^Zp?zq3MP0;FtnEWZLZII9J6K
zT*VL@><=v!$+X6=Dw;_#RFw66Ll0$~hc?2sUAWE?{_7n1Tq7$=OiG2HU6@s*)rfJ1
zD6$r{dB0TRSM=7qI{lxtIrHE26gi9DK%>hLp9n+5x2XJ!)9|YNU(NE)qNDha3C+Nr
z*iqbxO_oQL*+p4oCH_CuKWr@;T-^S0oVKvc|5d?j^V{4*agwyv*}4_&u4Cpur|p1y
z;1PH2R`0;8f?4_T9Eo&1iM@d*v7^&h;M&U-6iCRO$@6f#{*5Zk%J*~=>xv?ScwiH_
z*Xp*TIQ_wc4g8re-1%>4a~k0gh#}@G#*rdkMRIW!)~3ySS@9Fv?3ELdA4Id~3jro=
zsMf^V<x$DN3bw7mi@7s!LF5el<>WdV#yD&a->ed5vx_@;Z<@D1F!c7t0s_?*96I>T
zSiUC5V2xQi@)5_*tlcoYglSBe4x{IXvTYNfR`V6-FR2A27p6=O1kWX|&|P?B7}C!L
z6D2EYew_ZbxmYTB`UnBiCKpmd+7{=fcyQ^lEwbC`p9LE0CA%}`8a_Ixq_bSLVxHoY
zJ5Z7oUr77{%!YyU<H5{v-2TB`^ttDhD}%*f0&+w93AhAx+?ly1PRNO7f7}UN8N3Y6
zMH-u={chtD{|297auga_tkL$p`YWHfsYiZz+--jHb2Re<l96Y%YyYu(RQvFma4wi@
z>>uBS`MZqgG~<cej=(0Pp%-MzL2aE!*nxVhv9n5D@Yc2n@Qv5iPXYuc|K{3jI6WDD
zRi=Qzo!{yij<$#$J1gd3&{J112l4&rZ&2{hf*Y^Ezt2fHSC8R{zRisLg_nf*A<jfn
zSKT@rK=3CV<|dj4-wLJ`c9BA|Y0>PTtISDQcaE8Wy|19*f@t>rX2N(gp*)&B!AzKD
zCQOcIU!@Y3`v8TRHY1vSnVGgwrS;H*%b(^cnw@7RFNr71buyaW!%UVlB*i1Sn^f|_
z6q(NDExZ`L_@h^^X|pCaET?abKS;bzh84WZbX;OG2P<<FFVIIe7L4%uy29qGYi-7x
zai+vZmM<v*@X|rgO~hjM;$W{NCC(4T5WUf-_OI{*F|humwK+67I`9oxiSYe!5w}A}
zOUW5@H5&W%Xu9{G&QNM2gpncE#3&CLo9|`yJgWz<gnR3-Ez6-bEZxbW>He1e;@i}J
z=u1zA%wB$DG`kyP#c;et`jZcDvmlbedc^o1Z-#Gq`Z|MMX(r9P&lwykTn3{;s&8Ql
zBxb5H3WD*^Ow80`Ghv1~E7RcrsD$MUWatXc^LdD7KWZjFA5UJWlB>+*j<YhsOg7@V
zTU2hRncNmn-mj8>U?wY0ktds}73Pt}S-Ukls5hTuZ^UnloxlE(ohojJuLG_GL$Oob
zp-J$p8E?xGqMl=4(P)Pk<L>-p@BkhJcDM$%V4rALzGLwR^OpF?#lw`C>((~0M>-tA
z&j>C~+9L`nB$z_kbX|6H4^Ml7WdU>E2Z^vamZWCvrEtHoL@+KMf>HbvrD)nj5MB>|
zZqUWFlEl4bJ`?A;i2`O%5PH1kb!jhn*EHo8>@oFHIbPOc7hz4eZgYq3g;X1sC%C!Y
z`9uNFE%3U%XPM`*lqtiEM)=tcCO`WPi=QnFY-<H?WCf$vEqv?!n2T6^YtKJ`7!ZbM
z?fG*w`+=i4TVwqe=S5P%1mlIAtZ%V9ZKy?YBJ_~BTK>kCXm&Xn^`Kvtl2E&6sCCM^
zUM?xd-l-%9)si!gaX)9lcB;661zy5{b+PJaZtrDo4Vl|3LdAvV+-BvuJ45ltX4m+R
z*)<us>%N8fhj5hh>>NFK^I)O0dz(12FVC^*jxpMQN&fa}L||)(b@dv$8oAi`_C3Ml
z#~m5pV1yVMsIpf=M_;4p=v;JCBd1ED91K4oi_o#+m)7w9TvO}m_50Q7@F!KP;2RTh
z&4zs$1)_@jg|B<;h;;2TLM>2(Vgt)JkT&1;$Ty}VR$_um-Ka_kE<mO*vqV0gLJ>X1
z(-pe;CBBLRLh|{G9s=?uUGU~~Lc(0nP353B)hWS_VP?Nt3lCZy^!?(j=;0PCc}O(-
zRw|4P(xIAQN<unGTujD5d>3snPg+l*H9LpvSpe$1`k^~G3wCtW!^3nFG1u}9gKKTR
zP=9ba4cN%P1sS-D_EnCHiLmI($~3+!*~F5={Zhcwqg=tfyvQYbqp;&rA`_?@454cE
zTttmCZn0`BH*2f-2Rj-5{y~v~t!2Y_@s)un?4U7wqfD-21qg{2;xdo|a=HR%AuwX~
zRl<8mdm~QH7<>C4p-@czXYq@V8J#Z>QhU}k<I+Mr-~?AbO`Y!G;)SYe2$eo2sf1sz
zsKt>!mEj~Yj;F(szFw`P9lvH+IF(o<p=8#mN<Tr-$Z1yUG%GcFT@M8U;c@qUYDrzQ
zL&lQie~Bwh7d^mTJ$M^Pbdr!7(_F!qeRK#5Jo}ZQ^Djg;_+S&nMy~{gp!?qdkG|0&
z)cU!4@L@w%Qg3dGxO9EH0)6EV9ntMf!aH)izOtzF!WQl4gqv0Jk|Z$}YpsTc+Qpl#
z{#>yFV~z@g(+lWYp^gFD^JH`d?*$?Jc$&_4IdF8dtJn(J-J#<1Bd3`7jq?x;^+t<w
zHTvOc0+rdSj}WLg(8p~RAJE5WcK@%{T4{C{dCqUq=DbQy9Y%)K><TSZs4D1FKecr(
zt+Yj}*@RCN$s(Q6GE2&}OnriuSw2mc_5>{-@AF#z6L~(qiu7r+to<2cm4YmfJ0XAS
zyr-JcXRy9GdI{<+Uxd*UO_5yz(_w|leTQ8z!MNlsrjDlMfHbG*Z;BJ+4ubF|vh4;<
zKwQ90uZ|31A!nqu33?DZbTa7R3s0%qIog?O=j><aOcdl-^iAb(VT$Hb0=fx%3AK6f
zJsQoP*(w0hYVRCq)|MOTZT1!;EpCioMzf~?GCHf(jFc=G=>!_sI6zaCKaH>8VmX9d
zOqtpBzbRIQ9ynq5y>{aad<9O_gTn?*W<1W|bp;YB0<TO5#lPK`#(iHOgpI|;2ZQqG
z6z4$P{I$?|X~N*w8SI~@S0A;dWTsSH>RbLBIcYtJLw??rK_3z84WjE9E^2d*^_FqH
zQYY!1i}Rw{{SXSufIpEB!X(ia`wM$;bKQyb^2Hw^F@t?CRD$qTqO#~kw2UKSDC~z>
z0<~H$1((vG;(NOYsDXLsa&hA6Y%EJ*Km=0!XA56V%akROk$*m6ewD;TW-#9|NL8+&
zYQK;@qt)z4qxQuqfz`e}yL_uxm0~dKJKRrSCWQqPp}er(fdaVv7T>O8eUEJ<n(yHk
zC@5FQ985TUMGS?3lqUwl7=pfq)Ijq6?USEwmSo)PY4cX(NCx{vl_BG4NS5eswV57)
zNkav7<kS{J!P<ZKjT|(?Kty|^&EcT5Cync&`AY=I$Toz5qT3guf1tw*6bes9sE2eA
z(<4giG!z4R&X~P=K4zc8SiUB!(XeOR%(XTavR=2nXVx5Cq^1>NQ=P!Uwq2Z~w#Xx!
zMV159RUu0hS#J}riQM`B(&lVAon(9?&-*|g{6$RMEAm7~#Jk*heE${b#D3(Tn4xgN
z`ir_kP^0QFla(v+Le)QW?u7MLAQQ(joG6~^?!hub^vDpL?=f!rtTX3GBNw&;(>Coa
z|L$BdKEn-_e@~}Cga1>To{q;@Njb&8Csj|!4|#(GlJS3<7XQ-Uzb8|^q^~ax9ID%G
z_w6p>*!s#zNz}*XAJZ}LEx|P~CjLHy>yE4Fpf<MwOy&wbUdOv03{2){R50W3Vk(>B
z(`todXBKI!Zswc(lXoEh`221>16w(ngnq3L=MplkzhqdUV1dI^cVL?<uo;6vqx0&{
zd{A7GMP_3Qq(YV+s_tMG7NoIiU1zqKC!5O1nd@6}M4I$y?!ey2mC8+M_&pA3J(!7*
z`uaO%%Vj;K!<k`4?SVyFfCxHNo)hV+hZdBm6?!Smguwdh^;A>hTk@?`CvMWHeXt%}
z<l|KV;iG<1Yss`xfs943QxLa#{Pn5+VmV2hOm&GX^t3?@637wa26;%mdb8Ns$nwX#
z@Lq0uICTd0VSpjd!k<$DxX792c|-qjezu>zxEFi~ry|g#u9Xt74g+PTX@EBG2DS2K
zAyFwEoiC8mgFh_iMvq#>{v>{iD>Ti9<!@*H3>#V+z;SnLaM&`;NX(kVbW{jkZO%V=
z!nZP^>57ZQq{7xVCYUh?FB+1uYOK^jM22BQUB}h&s4DqT=VR@QLfe0<OsZ3IwK-mD
zA)!-g0EOMJ7+GsQP|Ve8#H`90y4NNWRkqSs)K$Hk%)0<+se%tCD92D>_=p~>Sr?8L
zV^*sJQnEa-Nk$wy|HUUjS1wGL=%jWs2Qjw{NLLeoI=agt4!3_PHK9aQwKXjKu=e*G
z)xmnJceP@nTf1%s#xCo^l~RnYS#J8HJp{;oT8#uOlS4!<neL)bHUG2VJ8AqPhZ@HK
zK??9fS;6kW+qg2pbsMhoXvVnXU0Kaq&6yN+1U6S6=9d~}XF1Fc$Vw{rUO{Fz;XaYm
zHSx_Ih`54ggW+A!{DH4xu>2vt4GRyD@h1bh_Sd9^hw(KD((_bRd#KIq=q?FTT}o4|
zxmZ)-+0<{YSMg5A7?dxT_Z%upk+E=x+K&Cro)hcQf7GTh8)t~2KouFFfE5`fk=#;p
zt&e5qN0(M+xB_25)(cc23;IW({mqf#&>e@h$XuOR%gO;)F0yt=OhFJ)@a|EYXq=4K
zYWFh_(AWa1G_6K<utX#T!_?8D@^)}UFZxoQgmXV)F~haYxsih=u+L~|Iv5TANo{S;
z8Ex?*Ipe^?6F9I;nXJfvCWzS588Do<wY_|Hr<CwWPNU;b@0a?@7Nj0mXo;Lqu`}Bh
zh`2+4lp{doaUD^=3|*mq&g^>x^-q+wjh<3qAE%gc+it=AZ(yMFzlQt6Chix{H0hh2
zD_Io$qq~CoUx{P=EDmSf#JEDgHgR#VBjSGo<s-e(|GjYjscZ?ZA)II8t1$4cp!=*9
zg6>~2YyY{0>EDcF`fY2>y|I<~Y>(}=8c~aI2abgQ#reWYgotr0O#!~Bs$)6MHEO*a
zjRZ0v<aV|*9ZRdXFrw=3@PC@=PT%fK$NSY=c4x45g3L+Ler+yV@Zg}|JkLAH<@}5a
zW-XG~Kyt(#vdd)FE+JX|IfFl+uLzLX!G?{y!NE2Uh`G|&In$e*)lCw86Yv=qENA|L
z|1@iUQmRlRROFTM6(^qTf1s~cPV79>YNybom;{D~zj?D9Vi}JT`3<ruq!)yT%Qyeg
zPS%1)bt~l+o3L?eN3(hbGqkAsOaeyMDFlpcHH*sp3xoZ?pfbf{z<)($cBP;@@TKYI
zJNzUxr!)BULZKZ(_5(Mm;hR(=#9}ka(9;67s}w=bAv;F4V{m?*ln7?!Aw0^)wfE42
zg;_(jnm-CTfQyBq{oXIb{nf^;%XRn*?J8?cM1TQan;^cR*x$!~*NIAQ$(s<~&-#{r
zs4270>evsGt$sAhMv%jPr7AJMPD-eL^osXlKyojhBA+$b_y2cRFwoQHJ^^8S@<rUh
z+V~!exDC6&;}-FhCEu}#&qsL+lFY4+W{V)xYA;p9yDZ?3$9G)7UDP+B(B4<yEDG(2
zNuh<iu(>SooP{-?JGf{GP*OC|P4W<2_&h&|iSXqX5mvQGjMV25k`Ckrcjj-e_*f)J
z`}NMlxSP#_faAWrIs7EEBexkfOIQGl57Zvd<5NH{I=^0<`yji?8B+A8v%0Pg<YTRl
z)z%@v&B$1H_;55_LPgHt0_mHMS7E)#(EMWE;S4TWBx(8E)K$i|FPd#rjcc{P=5tu&
zL^3A%5yj%UB)Wr36o!EH9v@SqIi@M9%D#Hh-YNsm!+xnWn*H(~HJt6?2DW-KgbGz{
zCxy^ys<snC=oYie&5`L0TzZ2<&$^5mO>9y2ocHFiTqR}He2<TMtx8+6NYYgAdaA0l
zTDd+(&Y?O5?AR_-6BIU{_$@mPow*4qI1?k|a*C&fALJ<+I+NA=NuhHkpPj*u(0Lr8
zB)#1pc>#o}i2eC8TXI)}*xy{ej+PR{K355soVnFLlGSlA7&$({q#^dR7AeFeU5im?
z;(keae+b~%R9xeR<~2*@kSK693`P5!3_iW+4b5L6+0pm7PACqv$9P`0RE!RwXabuf
zz3}cf^y9$0Dl&xTA46^&L@6478;x4Y>*W#BBG)2)EpmT)IgBZE4`{R)wD(X~MSwdn
zGq$yj3ih9?SEH;b*99|L<7AsvT|fHkf~H{~Tx)}-&*~|{3fnuutd-)PN)_o$9=;Rk
zLR|-rt5WWLsyrEz%ZDbXnpITw5^`U^Of;ebgsT!~0(AFS;N8I1)-{yQ_4ZZ2CElBB
zcWU!D(qQ1d@K;c()>S}UcU6Bxv0X4zN@eJ|x_{;Kq}sH(7YWQ|;#@(8u3Q7o1g#J>
zJorF~tEjHxM)9@2KXR?`k^vh`1#U|8By5}q)vXQ?zZ|52ZK{b?5=7>xN#a90<J;wp
z@bxq;y_M%H<au*=G(T`2i`q1QceO~I1xP4TsoMsZ3=iggRcf(~;E4zo&~mL)$-kqw
zPEi<uJF&%~oM=i+BGG3+*`ZV;DBJ^Q`demiZE>Wp_SbjCk0simb;|J`#tu7`hr@_{
zYfC8szw0-L@l?~gV`!7ZR_DG8lrVPzKv7G#6DJ&Twp{sKVdwftb=H4szrtT!z%Hwx
z^LnVvoD<DIM~Ms6(w{5j7m9i1SY)s++R1yE<g9%DXL5}WW<9Ql9=5T<;@7DiUby~m
zbXF@%4;-y%=1(|Z-5RKqs2%+EX*I%Ya)rE6*JWrUXnsx3?qF&j42aUfQS+XpC}Bk%
z$yCFFz`L1o`9^iR%nEEZ_n+rFbM0s~5-?aT6z^DOF0oF+f5kHp*=6Aj=ulnYUF+iV
z*#=c@FYDsc%N_V6(vN#jB-=cBB0YF9uPkn@^m9dOIip?0FJR3u_NZKRy!f}%(LXX6
zns^$o-OPtDi|Yh82v|~yJH+9NPAQ_RlvMO7Df(Of{CC`m-^+nxaVH!}><I!80R8}+
z3DM&S{Xv)$a%(DZD34L<{OL^^Na>GPng}XWF(oW0^yJ!$t1*iM5f+pX<3I@6ZK0$S
zav)qn0m=Fn{sU{s(+NazJOiR?rZ68Wypo+<#hu!-5MtbiGF8I~*$-7C`1Vkz@8Uf?
zAPYavdx#M88y-Y`BqQ*ZIH^m%DSI=CLoy#`Ecfws;Z(|5xad5_o?uIu42fN=z+@2k
z%w6=u^1xe3{1?H^?D2;#!Qb&)jIIy{OldG<8LXJ<&uCy*(I&0-7gR;1wyMoxiKJa^
z@fHNg){Y5r(#ehy&O*U)oCTNg6tJe+BW#6kCX;MdoTcEo)?z1kyYt-{h=k9LZ=UOT
z?Qs7Or^~?1%f8fU?U`4a)Sl^K?U^3zx=253q4Y}LE?-7E^Q!iY9_=i9rgkHH@)hp$
zNlX3@j4k|vKw2%>@Y7@w%1bciNhz<}?ND9~sLYB;;;K0FSU6n5K%Try7|252gkd0G
zVdXm~p0AwcRj4hVMo;XeDzCcOllKhr3O&D5dop=vipIi<ycT+Cl;V0;6j$4L5jzjk
zMI;f;Uh`o;aX(rkk<=$LMS~;*4;h0BWZi|HE|eeT_Um1bL##%eB5BoX{zN{hMnptL
z*+w!!6ik?}LNKhzTPR;ec%uhRQwZZ9?DEJ6<Gd^R0RA9o<!kZcUH*OXN`)l2+UP{1
zuT|<w$-0l<egN#yedN9?EsI@Jn51w--WoeI2CNV&abq<)v$!+iE$Fy((RgITzwP)T
zs7@E>@C1oIHQ6^av$JQgJ9x1(dWts}A?09{Ma1+snmvOCozZd1W&#1~6kf51ODmZ_
zH8XNoti?;mPWD`GWYa86@xV5Bkid>7Fu*up)#ZvCVDwL_Ot?GJc|@{t=w3@FS+3}>
z4rU_b;@4ZTu$gaO-xbZSOC*HV0uB5Jvma3nITsglXjJS(2Ubu~CcagVX>&`2x`?j!
z6+?8sr+5e9rR4bUDAH7^%%Vsw1aC15Q;-gQZ*sKqJTU!K3)7eLeBsMNidtd3L-zS)
z7L^KRI^*A+p?_Gb@Ij`94|;QkhJV5lX5HQH<S`j5d>$?*#X_f}cuXAG$uw}~Ph%A5
z|04bS3^S^S;`DEb*MCR<PA3nuc~biKPV@V<Hc-!hN&lMGcqR?3)yhq-cIN~4nc$1j
zP5tG>PS8yQf!p_@o4Q!+v-jy{jCRs$ZUnKL^b^QitG$m`NbWhY!$7MQ_u7eh=|FN9
z@UcC~Jzc1a??G}edD9}fpO7lrliaCt*u+R~;qk{v?sw#QbGVrwi{xG_YdzSJ<ld@M
zk0ZHv0ng(|ZuFu4cj;{*>`z8-E0ITn-tKc!dYg6jACuVYIWA+TtVNmDPWlEe|C89f
zz~X-0A-EG^dV}%c-{EqLi5<z?NhaJo2XPbdA>l<y&`g{X!SieOMzf#`c6z2UQi|4^
zMSm?h{|3_dnLHH9;z&a&CY1dvdH=bJ@FKS@c=QOmjGBK?^a@q9#{|jYq3C@)$SH@`
zNvmYbG(K2FwzJf-mYZTI`|}bsa=1f`1jX|D$tC?#j3tukm?BhroG*0^wpz28{M1x#
z^p*zSl}y}}sj0{BsY!?UMUPD2pt?oP#@$leBDJyXlgMMnr4MEIqh_)ie|?4Ta-*X8
zE~>*6-)CGTuy{Zv$KtM7fito1D5kUEQAHJp?B!$3VNMX;2w|Lag4X2u_?3TpC^<wt
zIcBhkNF81z#X_8u#=MtltB2Xe7e-3zh$n`_M+^0MSiK>XFwLK5NnbyfMJQw3XPoi8
zDCI~CPfMM2X_2bi{>f$Sdiaus>HotX{z8hW9)9u?4U5NE<H|Pt!FOMIp4rX@{5i@D
z%jxpFQWFg0!yn7q4`r8(PWY;wC__A#3Qo}3!uFlD{db++E6uCU7D{JVst%4gS2`HV
zK6*Kd>(Xaqr*!0Z>f>=xdl|pGN%K0x8qj|TwL9V+dHKbI(MVwoR?lV#tm3C{1<+BT
z3!i0ztLLZ$xP~(Xt$XCE$PE!3-m#cvnKZ*H70>&yu6G%)$jh_{NYDEE4@tN^(mj%{
z5+frc8GKV4J90(@Uqua(0sIj<UW;_&$w{CoyUHuNGOxUbF+GIR4gu2Qdqi4esT6@d
zgbFsUKDUe7FgH4tLf9xapw_*e_9^$jg#Ia>D<;Pj0C9M@M6FO1NT@1WJ{V#Su8imA
z(m<OsXVS5M5xaG9v8UKIBA<4Kh`bQ|G5=>{`|??`Z8SEvMOy`c5UvG0h?RqXMkaLj
zPbnDQ&MDzsA#@x6W;=ry=)tl~C;l<u+%{?Ro`Jw}1tE`aMY>q02g))X{)fvudvA3G
ze^emCl^Vrxf)Rz%+^uv7g5SmdBmf#N$SLd&KFpV{itcAXKrS$cmZb99YBD;4W3!@l
zTFsBh>j;d^3jc~kY@)!$*WpY8w26Ssh{9QR2FuDBun=`=o*NKTYqg(Ip$HF4*i`+8
zQH~9!^Zfj3bH!u|p2=aD;F(f00<0cFCrI+;N|KPYbP2nBqyOyml!z-<+gleUYP;#b
zsBPs;({lhlR{Ea=DO1{^FKwo0$WgdoV-ao5MD5jr=Nn53=#2bks$c)w$?d4^TgSVD
zKbc_i$m;fMf9J9?Qk@U>-P=IWwJlohSl)+z!Br#`YrI;aD*+m3ih@v&!#|KQxdcKz
z=GF^@M5E;d5K?>*S2Bdqvrba?mg`rhBYK@~u1&3`3v(us0AWtquZ?wPxOAp&UT6GC
zd;6_YtXjecS2H$i4AJbTHwZN3XlxIq`OOxT!arexPQHY^y;wfOWci#;V=SLxk=tSb
za%g|Qsz9s#IbDn2KJ}1K7N0ZF)zLUs<Z>yI3zG9^YPI*DG{4*off){<1fV%c4GYYv
z^f(|?%A9z?D0BwB1!&i?9%V^6L*2kSvVFbdIL4ky6Aa6TWm1!IUgB#3Mu<67=FKIH
zg5(hOrtW+v2(#$wsoIV_606N~rw|!v-jg%M(?2>c%d6{+Sa~aekI58>UxN8vW~5(q
z+%WI?N#6?O+i83&P&3kgI?~qz_GtI;<FLmU*&K7roXPF{h<3EvQbED(+tO+;ltgLo
zuGlIV2c}U=vW&4>tAN-+5N9V|36HLW-q^rrI;_?1;vuOK>9kfWl-)@>UQX%c4OR29
z<PD9OF+|Y@Q%<EbA^WfR5xs>>lSH`r1w|5YLezhL5QdfgS6j?J*DR&9@wYDyMgwn@
z_`cyHqxMtHBB|7z|9kRsO6Fr-21Qi@vwbx9WFWhVTknYTy2>o~7;&0v^Ll>FHr1K>
z*<U$Rf5ALCL$eDEC+&uB2X?$=8kfnN1Z*~j(zI;gl{DBeIu(D&(xKC=)R!RqRq7vk
zpuuPU!d*4gV`7eK@HhOJ4d%!qn@)q!J%VwJ2Qyluk<%$ry-G@CFT>;K%CpI3e%`6F
za@>_@i@%YB^NKH6fW1gC*I)3|*r93?vnZJujYl;|UdcilyPs8Qd>x?JAUQTI-yR%D
z#-rHCNS#lKtqfLba$cCFu%Gd!s^jw9QF2_y^p*5z*Q6s;?4>YE#o@6SO$ld2H2S02
zw{4V}Pqs{Tks|u_?atT#N8X!&M^R;c<7vpoS^)`!MQAk9L_re`n#h)h1gf!vsHn`~
zf`SNxAVN3lfDr5srl)OXaNlMam(dv=1yMjmOjr^Y7r+h0(YR7&%i;!zN`JrKxmCR+
zL7jQu|Nr@(=hKH&^{u;}d+xdCo_iK3H$%G~UIl?jxA4+gFlryS8p{|nt7@(@MXP2K
ztnWS=cpPI%K;R#<kA(F=4tD9v0?06GvDWH`JE3VaF_XSwL(_0iR-uGjfF~-oH#uKU
zs6q(TD99;;6~&PO_V|iwh4O%qSAtA2f^$<ch21u#p+d-1!W{r;Zz0G7ed)b-Wt)^}
zWwEbVZ>V6iTxb=t!cV~6gIeKWev=n@ZoPsJ`Y-p4&J=GhRfzH{f?q%rr1iNI%U{6J
z&4@OFs^LTux!BUb1Fq)_!@(FFust!q1pZ-e^}78|=yRl}MEZGxaENFks#U&rYkOJv
zK(j~Bk&Es>A;d`ZV+4IomwL59Cu-GuvFW?RBf!ycULHVwB6|NbUocK=`Pb%xr<s(S
z0p;Sji6M6QA3JwW@n(s(^mtM&1WQB;n0?4BFOYR{bD?1xSW$n+uVs0W#mi2N+_o$?
zQnRdQB(Us+NY%0|lk)Fn9ZlZ<EbD7d<D;E9iH}tCGCuO<u4`F)^F01)W9oc#H(h+>
zNbHGat;{p|OEdfN(b~-8Bg5>?M<25rADv9Pfm&8zw&A0T*@}-e^G9|p+x(7?4(47y
z(#<dU=xkDizO1dei;qlm2Oqs9BKb0>xq-jBnhb)n>}2x=K8`a<6qa=}pWvgHxs;FN
zP3rS4JIP$aM-MZEM>4hto+7S_IScj~%ry+=qS@_8OkwrLJ(<QXuw;R;%lDg^Ivh8v
zhg*BE!F<iS3N~^GrZsnhJ9Gt<c_#uF8ZE;i>}N5fFx;>xqcCVaE2A(NXl+Y23WHJ5
zAsBa*#QB|QUVsfIrEP%l9J*jRHa^OFbQkQ?7F~fAZLdeffAe5Hg7Im2J-R{_!f^f-
zjIS$L(IqlK)n~6q@C}vV16H=MAl+Dyu7(O>1hD<Xp;+~qWS<)<GBKqXKP+T7Wod!l
zNYo{62T~WfOW$!La_%djEI`mNqS?bXa%3=M>;)?rP#Jf$BGVPE?BcsNQWB>((d_52
zQbVAc2)psIQ}=Iag}l(rKn#rrk5=(@W$?RL$up=_$N%7#{niR$0Qy)PZIk7n2WD38
zpSb?T;_crUskQd8jog3saVeuFrY`3MVfE$2$iPLS4jS*Dz4D7!Vda-hUYxl0)9kfB
z9<@PBE4KEt;^pI1fYP!!703me3Ki(d7g7NlW8lxcTpVpc1(ZiA_?S4<5i}rO(%uCE
zxuWlydt@`cIm_7h8J7MaB7R=vK`i}yvGni6(!T>sKeQ|>a_h2=5kD6FJg&udCPh+M
z^fUO#H|Zq~i=L(*SoFW+qq|8RQY`v&`DkU9^P!o8`DksP#YcvDIv;(^d_FpvefcOb
zd+^c4JdTevvppZ#CZk_s(H~_8(<L4~7X1PKYHON&WSXDw(c5IOOf34h_~>fB#>dHK
zJs-!Jukg{$T+K%>b2%T!oB!nFB=b=|dYBL4VJU&;s5s&t$LGRN$lOQ4=~<iFExf0J
z%Q~_RI2?YCFQ5X5Oar_=8tE^ZT-#N4uDM$tOUk~|%1)E~;65=Dd+HT1B*ED^<^%W!
zYwB~o5MY6(z-T14lipI9P>UGMSq(}JQ>_}xgN;c?UpE`0s#_UeEEJh%Z4@{y#y1Mf
zp<F2z9Jhw-LcEymRCm_S#wx^ZncW>3)EgMP4FlDkgaN(3P7SDOch*2PM7pyaFNxi`
zmKclfT!edZp%%n1*>1pueQ<*CreXM<0dM*ReVu?ebt>NUm8Fn}j76?@UJzDIyV7FS
zi~)bcmviuCt@`r)1p7-*esN;M{c<V$88sew7zsE}WWR?5Y?Ve33G_JvF(3{q_;*nj
zzN?=QTE?8}eLRVj>X2dLX|4cB=tKmC%qIw*<ov96xt0G#Jke{FL7DKfnhQ2!)Jx(;
z?JxU{8?Ay>EI338MqnU}rXo=5rL+>YZ+Mo*{&FZfYD~r%IdY=0AMmk8LXnIUj8Fmx
z>Ov;sE)Xrt*qFoO*v>+;ON?&cB9@eY!x*xn+t?%2n`taRTjVqkNTtS|@<{OSNCyFD
zi}f?G_iUIyW4G)7$F~2Oe+F!%Fy?I|X!s8vzC*)vfHdB|Vx!vzJ<KuOs^8AoHfUb5
zE(#+>+kt~{%yXTF3#kO`4`)fgKlv+xVcTmfHn+8R68GpU{y#L_{<IdO@W-7Spm#RM
zPw-xf%RqK=taMV@lUp%&;DNCf9Q2f7yJ>p{HwZERiZ+(f_uKoaoEBKEV)FEY1K21t
zwMECv9c^p<#h&BOEEzapV2Sx>u#PDIm!hWS>zb8M)fRorOUzK~`trim=?$rcsHM;x
z1u>wu@&d=y^{)XF>Tup}Ulnd2bkx<E8UByc!-Imsy0ZKq9JS#=Rl)6L`G=)@6#7GC
z0^1+dh!@zjNkV(}48JvYuj<G|?N;V=twSRzfh~|j$S-itDdu9lLcwPk4wj>E@jk4z
zYwBU?!v1#QF0X{UEO8tW3#Rn)aQh{}Bjx#99Z|f#QXXt5&woRDG3nQPamGNHt|3O2
z4{c(vJy0G_T{$dVT(7M<ShufzS=H->Wi{Shm>%L_l44$lTvGE>s5u$@ZL~#Okq6+5
zfxpQ7JF-ds<t^o3)-3<icK%h(@?(1MX_CLxe9q1fJ@MxKnb#zLk-5^&U)NIptD5D9
zlD+CbZI_#kS8tXd8tE!OZtR-pKdo7Q=!B^JZ#K&hbnK$?C!k}o`4aF}AiA}s5{H3D
z$q0Og8MI3@A2Ztcpjn9`^AfuR6qlQf0wrpjl{m}HvrBLSli`FCk2NbX!2A{&WgJUe
zDj^mENel5zliimRcePaF+GcH>ZQg;5$5@2LNsDmNTu4q3vNv43B;4g21Q@9MvVGOo
zLg<oMh+nk@G1ooC?b}1h=E-gEswwa2aMhQ0Y&G3H7Zm1K8nM?{S3v34*Vxf!!vpF+
ziiKw_tzt#lR$)ChgY*)WEsin8g=P?Zb8<#3)dfxJE7F7Q3lZtEF!PM*ke;<QFKMaN
z6~`=9s7m#1RtkL|+N4w|+d>yJS*DG-m%LpPB}f1IHYpSDU$JUwRZFED$1HWGDz&hs
zQWDc$ku8C3ysaWt>fDw})p2KOvD5%n3Kp|X#)YNuH&rTOf{IO}rJ20FS;jNWS6a$A
zw^_y_^PZM6PHC3$tjNq{z@vlXn&lb*FU?8QgIs#ETxY@oLepF&&2mxPoTe)u4d7qs
zkImZqp#19w@?g~ss~KC2jpq$4wXs}k^SU~Q)t47{9Ei=Z&NcOb?1B5*g$Jz+4|>IM
zsBV9Te-HP-SAvJI?>P?Qb!G7N^8DAUewa9?*Klmtu5kO!+Nv#eW_xQLYq0Zd9f3o!
z`c`Fus8?DWRx_`-gF9N!EzecswHwt|9-jJ!G-<XA7YD<|D;=-b?aT0gfhJR>oqER>
zyn+iT&#xOaaZdMe>ML+8q^+v0Ge9qf)sz>j<`7hv&4G7m3(R0M!)m<69Za!TR15%s
zzyP+t1O#p64^t1>AZWjmoXFRT6Om4QjZP2*=-Scpd<-T!anAAh`O2{HAoM9(w?8&m
z)vHYQDzL@d&H_z~AUH7fbsGe!!EkDoV{@I6;co=<Qx)6{mdCM$Y|z(WgWw%-;+&qG
zo8qH!7J>s!Y_8VZRzZfXp<!2zrz`1c*H+UxGejgvjIulhhoO}{%L$K59tVU{-rV+b
z;46C$M?}XV=(c5<D{zztA89$te|_gcIQE;H6?xUQ4zwV}d>)^zSIWL(@k1U*MzW6P
zYf$=F13bln<s;(`JM|D#!Awf(O?IjiT8^>QiFWEaOa<d8c`NPIv59%lwo_*$ruMZ{
zYZ6o2*{P2trhdP}>hD^n+Wq~=PJJgab&H+)O=9W_JGCP;Tw*mmY^R=*n0l+7IwCRk
zdOP*1#MJS2>U^f!aHz0TN5W(@*4pWI>Nuv_@a=A=PD@N}ZKsBqYS+7Wy9I}*67#-m
zr*271t+P|j#MGzk)HXPV$NF%$om#+D8@>zdRCi+PR6F(3#MBGz)aw#c2ivK)B&MEh
zr!GlM?PRAul9>AA8`g-QLn;pRp3QR9e>DYqJRR|Skox@?ey__178;{&=Q+>5KY*|G
zK2?l10I6--N2_oat7~-NMCm)pzI5%`(p4LL5S{Q0eGnPjfRBhSvx9d@k!^C`y|8Kl
zFF|Mr1JCQae<%b&9k|;CzpV`4kXbc9EyWAT>c}h{^m5eUthKhN9kYi<X3D`z_=Qw=
z@P?c!cui`a`8$jxmRYu8m3eOKmU4fPm|GYaD|c#3xi==}7RJEJ-KwSBPbcOU=EKUJ
z-VWZ;!WX7%E6;V{1WQGW6l3t$(0QNRww*6s?QZ-CNkUs>pkIymCDrVPT;hA2C*K~g
z!>I}YCDQy@YO0-jkYo#tqljAey=LX@2oX^%b(fubQex_QJ9P+BA-oQt4qKlD{`dS}
zWx0cg;8haa>NSv{9ClUx)XLYI+6M54M~{PA^$REfzpE0S0?NL2j<a+|H}N;%YPmks
z_>vSjih^@;;1J14k<tw(K=*Ky$_`CsDl7Zv0|ytl!<T2d8%9WlkU>|?FG=ya@GU3B
zdk#FI0uSJ1NKW&u5!*UE-zj4>4!z1@&%vGf2&aWUZvTivIKLX9^i5jR8JUWE0iJ?U
zRR=$+iQsJQ&)q3F>u|Jt3gaISzD*@Ru97<<nQTU;lBZo4=F(9*K-dlr+^KFHSLacH
zqU8Va`@%5_d>%x50SK?dWqhNn>gQH;$u$CE2^)soIO8z<!p;JVsze|@jsu7QF<lIz
z!X0|0Q}|PiipFNbt5wuE5rSgElr2<-CTCW{C`+KKf?fZYkbQXDZ-Q*1rzik%WJiJR
zgr5Yq%kdD{7OG^oN`4LxJ@|=&Z1!zQkiBP#g6!oCgq+~=H11DOnMWSb{Cfz$(r+}x
z2q%SMMD#S>aTo?Ejgj7y7rTRS!8#(dGI%l2c{DJx*2&y~$B-LA)S*IN8Qkiw`y_32
zsJvU|sF0@{yqVRygWF)3v}=@qUN<AfyLI%yOS>JOy<v2CP`A<HV%!|mH@ZW8DiLtP
zg*YepHySUUGVt%bEH_<91(gL5Wm*3D2FM?81}X<$4#PIy4?_5dYtgJ!*yJFb2FpqX
z>F#JlC5-q>fADR_!ZXW|HBmGM$Zq~nsQbl#0yT$&vJ_)p4FMOw55dja&=feKg#7kL
z!uRm+HW<4k{D#6$M8g;Zk`G^{@YanpF<=IhiT?07_04jq!%=4_ntl2|fLxF&9<K*;
zJi(dN8-0kiiJ0#44aTif;VTe7q^RjjU!eAsGUP$?jt$Bs>0v#zATyem@-JQ%Df$As
zqSL<;+{~pDZd%sGPOV^UZXrE#;f>da;Q=2W;krXE(Lpfo1#Y8pJ;9%(4s*ZYAxKoY
znt<<FDlE<{SfdP4;cq}qquB$VgsPh319;(8p>G6Hd8`0s#Vs207;E6Af)zwI@xEXB
zhZvK`?wtsf!vh8;ckw%?-No2dzub?F!P%eGIc4F|D*T<@mEy8gQQaZKnrgg+)Zc9g
z9zft>z;pJ=bw+yo+8PuptNLOnP61UckR|~sRDnN90mdnIq|7enA)=Alg9lJDcWC=6
z{76eIo4y7D13;6Fjh3=?M(5m&_6O`z?d?*DRir0Yks)MORnbnWXtG~0;4-A)q8t$_
zF;2dh_d)eUA&;E;@G>;n@iy*-x6qIJjdZjPR(lE+4io*TL*a1qKjj7@n*EBr%!b3k
zgWBD-_L8vNCBuJ5-1+$)W15FsVbqu{PkQ{@Z*+5#jQl?~ABZ$cHBvE<g)Iqa0o<NI
zc?I~3&DoA{8^q?O2cd8SJ8AfB(}Uk5eEEPlJ+UtIvDcJ=Lxchh{HDBbjJTT<ylEL2
zo1eu3?JjUP6#+QOxBxA=o`=JXgWlYt-IEtr%{xA&t+!N<B6RzQK6oaAqsDJ>VdfiV
zo{X%E;Z6)`v<=(qJKgMpq-1|V@baM_+TnJ*4%benf<B^~a)<aOgaJ<?p39}AkxJ<R
zeY}w)gPpjt1U~>9T)t0$g#Uy4K+>RFHH8TfYfy6&Z#P2a<E9R%0(!z#gq9T;1+~jN
zm1ynvC-Khzm}eQDPW(fli`94_(2~+Kw)1XBA{joW@50kgZ%jxx@b1Jv)Nue0IHgbP
zDtjU|WI#3wrBFB^ky_YUXy-xmTcvV@NGf4c8K5Q$Jl~jp7skRn&2q4Xn4$7u#Q!O3
z?$D(>w&aPa_v1od?&2%5;4cvRhFSz?=KZ34v;5xl6spraf{sJOL)2+z6>)p$=MGN?
zgLN6`qz?%6k?s8w{w81Ck1%oRk_P0#z4|+_CV{~K?X^Xb3-y5kG#^K$o}g*z_1w@E
zxx(3Z<giomd;NvD=>8)n6gT6u`Dkrk%SWntH6Ll_<$R=@m++Bcj^QKIbo0^19L7gm
zb08n>#2FLr-uv@c2a|j+G<5p#p_w^+WSO1#=w!C#qq9j1Jluu<1hC<n{d+#L&3$}y
zHTUq*&1~c&$9#{E?&eNDdYIez=xJ``qnG(IAIF<3`RFaKqHvM_B!4;0zwy!6q<Ye_
z6U;mLI8n?|m*tw({FP_U=i?;v20l(UXY!G6PQ`;dnz;8%#oD|Aw}z|y!u(-5gOdbp
ztw^S=XOXrR!7>;tgTV|Ys5$Eri;srsie~@eaZ*=YXJ3gIn(%vqGcuPsV4+8{5xXvg
zg<fK00~9qfN2=3C7M^;De)*<kMtVv%<@A)9J{^INpuG`1NssUBK^naHx9$I<zfIo%
zyAuSm|Lcg?n1ic#o1XwPGxXQCSOX{H|7eR{B?bPwEq1Py{U2?yB~pdr*M2iU(({`n
zkWB)XE087gBfky)N54+0tXr(I#e{z*Bsu>H{C7dl^dG_h2`TX3!GD^R{U5<UU#j>I
z;lJ%b639O5+A{pbzc3~N+|oAgx2t_u&z^bp^y_BpMThklr(ZW|#+9?Ko1_<gt*^Oq
z*3~nvzUHQD^`ay0)w8em-gMQZtG(``1El-dv!Q{^4Gj#s>}3d##(lida#SiCgN}s^
zT`r4l3Z~*rNuE0R#Tu}hDF!VLxlx}?0|_1?X|Rjkou&@;sW9C@M!d@MO~nhX6LYBR
zP@>oEDbd@}9ss1?$=x)QnqGBv9ne|52&!f{W<iY?UM=3y>(*!KMc?QS9L?5e>yFov
zt&?7~o@1=5cXHfzQB`i?LGjpi%#v0ycxSg-RK<RC{&+_A2c5OL6g(i^F50XYZPx*2
z|Hd&&NE7FVs6Xtuq|g&OudEU@_H@^30<yATv!@j2$PFHC*!ymHWu4QzJk(Wrk%!uy
ze~ZIY`rfRbk<;k(m7D{-lwkjheVU!Et?HE?ZodhiQuH@Jb+>t6_iu)q%3ZUwAUf!k
zUf0+f?t9<-w6e|n!@}(;F-UR0`H839B_*EVB_;0C?Q`0=9XmY1^UB6=K;JM&=Yd(v
zumDt9w8NSb5B%>}I<~p%>ar?}-t#y%<1O1=ROfbV<D{U198b}E?z#=&jn0F>0^a%o
zieQGPU_HDYxcnbO_4yMxW!^sf53C;X8Bilaeq53jI}dmq+ue2RJB$kTN_S(9fd}rQ
z-5v)k&2krQ^Eh_lE!*SRfn1&3MQ|loha4O9qFrwAq^Nq<%V-x!eF?A|@gHDg;s2ra
zoNn+Km!1sKEwegDPDujfmf1Z<h1)|ZVpW%p7BmT_HaitGH_txK?Wl!;YOw;S{^l2S
z*a`?L$jSL2rWU@y8O<B{mnQE1%dn*#&_ieI7_zum*LjW(HkglVB#Gsg{EX7GDUfz*
zD@Woq+hNL|xxt<tx+K$sQ`i`8x?SqXxaD&u@hs#scHYgWEAzlO`fKN|&sCRIj&+u!
zRZqZ)o#EM`*ukCp$Sp?Hr`<}e1%1t`QNda16{oG&;ieB^DeAt=(x<MkIv;Ko3hEZF
zKlB#p(Zu!o)a@^)Ps0r>mgT;o$mFa$qB*{q`pxolTBQ^m@Jy_AhpYHr0U?Oyu65NN
z?&ET753aBKvXwsd$O0$I*6oKO*Wxjoz+5jp^7QSH0SN!84Lhn&eRu5j)Y5C;s&e9c
zl~Z@mUN*gJW$;6|2OR3Ii#T0%KW0=ozO9_No75ofLgdv4zW{0a>Kp(7Q64sUrtUfy
zyWe@?;&$$d?|7yjS^mRqE8v>fS?)Lze7kOMpSmNNjxY6zJ1c=w3+p_{3nwNt?}10x
zcl4>>kgxJM4nhjlN}m>;R57)7F+RGMw?^dH-V5NWdN-8Y{6`1RZUf=u$F3EQ2m-1e
zy;Sp4`4>qWTq~d;d$1y98{FEt7S_@R(Bo*(9St7GAvke@`^xtH@kisI&SUW>`yBkq
z;h&zT>8lH^|45{JLHq*eg{}29ZydVt)5jm&=)}ahgWGYBo|{|vdv~3Y>Z+<ORJmH|
zYc_nJf9W0Tzt5LkSRiIA_qqq}m;btZf}7okz9`3;J=3u>oVvtSQ0KzUSb2>nw~fB$
zwO7@DtV)_d-K{;rS`?Ao<-zp@>y^er+X_eRaNN-qH1H0!tY%(rJD0X@!?f+!Xse(w
z)V6NFR+jQ^_!4S2bbt-VyQrYclKkzdg=o8@zUCUGz&n`>;n0^Na5I2NM_TEQ_2FU6
zlqF3T;Bv8El!H12H?P^W;*me=+OyaKzC3l^+ZUvo_yKae@AQ}kk+$-isRv2g>h`tu
ze{mESsb%@!s4jO|6RfGJv5M#EQxCkbaCA=;J_+4BIyFl5^Sb?Q{Ckdu2Q4VeKWbOm
zRa?a>UuBh@Rh0!+jok!dR*ffWtJY7ged?do-s<FUJQ_|d3%<kdE8V8<YB+U(Hh|rO
z)(jJ1Ht20rQN7a#b1h#5r~da6Bb{qFpK_8+<6EfeaslT<PEM~y+zt!5U6w#e51Zrg
ze1!PM9s}z<5lPc_A@D7R0?l|B-2rLKA<Ue*dDHRVo`O?TiE6$VQXc%~-5y9Op0?wf
zx-Z-KKRL?z*`dB4kMI5udk)9<Gp6o%0Jb)DUur5#ft95<vIJi^+yz<sA0ta2WO;Yf
z^kQT=RY#ut@9$1hA(&uS<J70tzFB!y77+X-WLJ4iC$4(i2Mad0CnEF(U{3h`8Y;Po
z9x@i%A2t7LT&({3$FRy=D_WaNAld#eM_Q{!YMg=QIZ{*ee|$9Fd~Y=0=l5$!TFi+c
z3;$&+|Np^rvx27ycy2Ga^o~}9IiRdSYd8@KX2$x-+KkPUwX5)N#!mdJ!#mQh#q+uj
zW4`W;NHN!KpR9eiW3o1L=U)8T^*w&QhnH>mbrq6l?QG4w#gcdC`}{1K4LcuRnC}Rx
z-JN#4WV@zzvc`WA>-T)j?V8?%Ydc=<EIfKY-e)6>Ui~81id1tgs4@~)Gf~qQ)=Rkb
z6=~*UD*YWhopvy;73t<}D*byq{S-;hFuf|B(UGN|c9NcH@?I77pJAud=*6|7jaiO#
z*YZPF(1wLavG=KhuS<ru=1Iul3I9c0I4?XpgNPVjNxK$UR($JP(awbbBXGU&YEv%k
zb$IX$H|6aeI({WL87JeRu7gfQUyTW~Me2=sDUe>%9ymPsN|k?IMDlA^{xb2WU=&LJ
zI5$aobF=teZ{7`NA<=WtdX)hC85*l0e%Er9083ydAb!_Ul@O2Lb%!LpRE18eOo-n#
zSEVhLH27Vz;&)9_$($<{K#KfnG`mtIZ;vH!mgKXTY{l<70V#Mt3@F<1AaN_)1v%m)
z{J%P$mjhHe^4H%S&+DAKATRk3;(0v+L0yx0UWe|KxsA`<7b@XKHA{%+^|mCuv^WO$
z8iD&dmHcEZd8s5np^}@<(qfft#Bw)E?weHd;aKtkNxn)YXJH;wT8QU09G@u+l1*yz
zVsqep+!n`V3X3nC1dnNX6va^x)rK2mK~e4a4GC6=s|)!xJm7C=z_>J!o-(Okm2f0v
zswzPy{O*;<TQ7;3!eS|?zI`4E#Uz9f5|>}>r~F_Eyi0Y=(b{`X)eo(`17O1I1CN&w
z0&l?*z#ZnDzBVHHnu(uHn;ySGo%b1gJ_~$1w&tOb-h%tXS$L$gmDf3_wYL|m?v_+_
zu2pqBrfFxS!~rDtZ8&51liLxfJm5;O;NYx0n1^JsZpPvns5=l<;2Yd?+(wa{L@2^V
z)#bRR&YpA~x-Je@j84}kU-hZ`41;PiaeWS)JaV+G46PH7<U9t32i(+XNhaVMb2Xu7
zta`7FeIG*STHa2u9yl-4*A@gEqdS^8+p!^<Hwvegg!@*SFRXHQ05=?Zr4SEXg5o%n
z_u_k<pl1>vFOp%?zTYtm`do->cz|IJ8QXA=?tdvC#T1cYJ<)7qF@_tS?F1EBihdcC
znDZU?Wd;>I_>KuMh{z~Dp*@SEgD=gLHxjWac#CHLRVsQ(oLc)|Vl)$#kI_d|gA5}R
z&Ax&8Ad5U3OVi~alIDfb<B)L^d{4ltFzW3IFaSxK#g;2WF>q?JyF*AiBgOpV<R1-x
z>|PIHPpw|VO+pId8%n1j51oy{v9%wuZLtsjG|EGbYiA@+s@PxfIt};&fLEcX065*{
z(CFz*%WP!$E<n8l_Yb#U#q;d$0<U=>&9`4g^E4#9CqsIE2zb??xNS8u`wkA~rKOT2
z`vBge*_R^O6I!thKRltAYVlxug=i16-2csY6WYu9h4`VUd9~E6OjOd@7=k|{39!|C
zX~siv^@vQnBomw8j<;y`zi*db)e=2rinq%fGi=6NG<&VekR#=Y1NpHUoKnMs%#aYa
z)Vu&y+3_)7Id;Vpf34zSR>kzsnUZABW7)`Pw~9V3Z0A$tj)g&pqK%*u@T$Na8bLXa
zhB-V?BrWg^s=+qmH1EU<(qR4>ctE}8;PnpmIm`4iEetcA_X~kA2vG{X#T;uo%HP3s
zw2}2M^N;nW-7*LT)Z|BElm9WMbez=q=oCB<mk+Z!IE}^IDtZS8_E@i9Ic7m|;by>o
zzdLj@7VNu`F972SC}ZQzKpDbIH%b!cWhUMb{}ah*#EBoC(4*+8G{R7q>c0OM>leQ%
zmNnCE&^{Q?xABfbbt$U4EW5f6=<IK(FBAFg{)R|P1#A-mwi%f*cx`eXYrLGW&RC<d
zyN_sI1!{@?lyHLn4G{QzWaJic86Ps%I+8V1lJtL$il)T^nl&>ht{(3Hr?&w5&I$ei
zFn>Bi;|j^V$c;6;E5&;%pU^uQfEdJkF(TU0>)})=Rn+31CHa2T%G%Zqhct~eynb8Z
zz!QQ4SpR>41`4i@x}noH4YLC#P6-h!6<xC~(;?rVkHhJReBAdUGSq;g(k>}$;3hsL
z+NkhF$*)6wcr6Gmk_7~YZA=Tdom_z66ry?UQMZzwHZkbh)(_(W;QT3aAB6o8TUI`V
zWlB%*UucW^A?U<h{2Pwb^nm>DI;V&R0#D5JoPo2Ygh<aMaB#}w{+7Mwy_f(VuB?sL
zeZX{3Fs-em)EdmmoE4717T+v-=*2ZL{5}`JU1IkX?+LDhBZ^ZIUIjykHVIqwT!&#3
znb0Cm_(Kvtb$vem2@(BHjP+9i?8a}cz5=lM06?@cxDBT3>Id{!L~aTZKpA%DGMGg-
z#g{7}yd8<_-;wzo8^U#$dBVBd(0wg1p9%gA2!PW6$q3LWTj{H80IRYo$5Z;b7N9N(
z$b>=CeW4znX6T{H%%a)@ZaA^Y@pXb0VU{oew~olC;ds^oH)t~Ctx@CcC*gr(1@`~^
zW)5AjiAcV?BZ%tOs2A+gUwrDH>OcL^$L`V(yd&MgcOj#LV%r?3bABtP`XA%)nhK=7
zKo9q-2gcj$mjmGb0k)?#wgkk#1^;7Q%;rC9f{RKXYlX=LxQ3diBU^$u4~{<$KS3i%
zr3tEq1Qpd$fS=Ifj&ApaXG2asEe9j1Ec2b=4o%l-wOddbz8NgpXL0_;4pa%CKtIUn
zk2sBb^fjNsf+;@X7p9(sw9s&;biW4%<Wy@5(`}hpUS<wBnRAsC)|<Qnf{B7xfQ{w=
zbTEQ2qzzmOJbYQz7>qE;37PaW6fD~rm6ORH7$fAt@y7WB#QVe$J)x7)HMm;xokjz9
z_-fzl&877)hz_L3iz#N7WrBvF1aDk=7Ip~?Xb(!kt!uXGdORMc8OoEM$5Vvrf#P+R
zo*go_{v<tHaW#8Jd=@yQnHQkohJ@c|08ASa;#XpRbfJgWVJo`^9;1Y}7FS<e!ST_4
zJp3{Ve}XHeFn?>+kK&|8Z%LTUw1FgAN=F%vo$&$g44}wR%?m1eyP>@p{Ewki6)D>7
zRj8RHL&${_Bfu|sUPR289OQQoe1Thx?>Kk(W$qou=*2%k&p~|)RWk`IaE`j<3Xa_j
zZ8eBDwN9y<-O*}R;Op-8zsyZ9MZ2rkwWzuTuN8r)@03VKsISI<Bkoe#EzsGsL%~HC
zAc(P6O_${KbBmF=Zq0xM(DHDFiAwgiva*UE*DCNYT*Wcq(h6#ZH^BE-HGe<p@OH4F
zro-_>P6cROrVAISTOSzc8-N`nc3^{p84^QZM`Koy7R~a@`wd)#f+WIw%Co4>%mqhP
z85)%92~VQ9QswDpF2uK@XwgCA)<4CH`mPgS=f-y-IIAl?JWtcAX?j&ojZ9&6Fm3te
zyqFYq6^K>JC?v(X1X0H5pX$M(>Y^hnWu5dk6<v3#o_m+@vN6ZVi8tr{v(-}pn&$r_
z+OkIumm6q(7g7N2F2QEdZp4?Oy@|L&mJT4~JXeNZ=7i$@=x2-))856cH#Fc>2{)hz
zi?+bQrP}}W(yd;XCp;pDp|AXPIeICgu?FjXd)%c_ZPDof9O5Eo!fkOT6rc_4HJOH9
zuoZFc=hOG{8<jz6h6FmBiZYjCniQJQ<yA?fR{}mY{YoSnT+?h=JXqMe`p0mPb^{vc
zC2+upyjb`heH9=Fpig=N$=dmd76YXqkpgkxVaUheRvE%<`U|{+zer*)LRHB%K&LWl
ztcCjka|~p<#&eGxjJkpiuBt<HP;al#zyxYC%Y`v+NV3Xt{{TK?@SwFKXZy=ek(-Tt
zQ_0z~lncqjSD?;MF)M6fJQ@HXif?TSh=3DaGX|km<!>vo(QfQ@tWo;hVxtW&Nuvd-
z(MRwQbyL--AB{$?H@-r1Br6x8+pc;Ug~QZ2zMa;WD%2hOB0=oJgL82k0G8z5x1jml
z8HaPY3>}=M(jMK>-SUiCcPS|-vW-JF(&ns-RKnnzd!+aTW+fkB+#^}RNztiRq!V>3
zxrmGpp^1TU!r3cGh|%~rxXjX&db)fb`ffW^e8}i_h$OrDe)`eUX8WlQ%tWB`%7wW3
zY+-*5{%Ef@S!^VIn2aZ?F&Q>ZCJijAg<(S~4b}(a7bY4C$&4V48OP2k+}JcQDw!zM
z8vIR}^2!YU_>E6GfuJ9Zbh7yc$`dL}zw-_{H`M-YureNP`P3Yrd2T2bm#{Mv*%{wk
zEwV3QfnOqcvW!0;1QPh?<{+SDQ7tZ2+b<ek0*3JP$Z<$5Bn6Kr_Rv>z?c=`%dZ<G~
z0OPB!1Hr~**lSI3N(iT$NUD?f{Ak|Ke?-Y-J^(weanD}_iLYb57Tf}xiM}_(2}7~N
z0$zYVnq>C^!|MbJb!BLqaEG$(vPy2c45eY5kfRWGCvYTksxc5X2*RT8;@{1K7ab1m
zfe|@I|F_#=2mHuL`(9y0GXI1aeIrX)_+id#lewnzYRvUZ)IGE3`Z>;Z%u^&|48hBt
z)Ie(<FkR}@S`Gj0UjTHIss`mj-V{xNAizJ3w6~+XZcpoT!(A5Oc!Z6d0jCg+p6u+G
zT7W)7MumzC5@mG(j;3@(zW1F`p?L*lZb7T&=lB{%g~|(XCtvGL)q^9P2wa(j8}wD!
zoV7*V^P6}|oCtk`MpzSSi-yP`&&@>G`hwA+K?S42#RVt|YLQxoJz<l9=A+r&P|6*B
z)f2?g66>WSNUBEOFlvM!R&n9;=!;%(ZBkJ!@Ql<w8K-970yq+<XhidCIF%Ep)6u+t
z+=!C?jR|Qu87c&}T3Qyli<4aVkYHIGwq#@3XkuA6cyLK}N?2iG8iE0UJp!sdwNg;+
z?big={(^_P_&624HLm$RP%Yosj{1o$LjV&&wE>)*aP~}u-UcwpKMx*5l4cPu_G!?=
zpivzx0+wk!yi-vq-#0DcqYmy?EEOP=wfIGG7W*t_3EKaa;b+Q-X4EN0DBmN-M@$c;
zyF<5Ep_}f|J&QS=hj!|Hx9X+qePH_*$%pDi{NTlJO-^|Vi_Xs}hrGZYI^AZR`oW)h
zoL?GN6=Ql5_$3~>%q;0eKPW;@B9GdWtT*`YN#Jn8h&pL=P}!0Bi-mt0xiD6hZ<^wt
zp1%c2rMt*KJ%}oWe_DbUF8?O{lLD;=;VZ8=>)5>0J&JewAfeZH$9N}n(-Z2KJNx&t
zjUY}iIk79rypU3I54ZvhwB|b}d51Tjd7v4OU{&RP!R8TWJ;ha6np_g(XRx+HcC}l8
zOJbQAeNKLVven)Ym&NwKJLJnUeo_0Me2MKx6dAya;=9V-ang=NG6O1=y&#VB)%%bZ
zr&5RT3$BDQKAaEw%gljU<~d0O@_H~e7iY#Cec<dYAHo^W%`{2^KY)8c5)Ig`^8mDy
z<UD`?;5ZKG(cw8hMC3|Zg(pSY9%Jp3ACt9zAA4pwx6N(I&Qh&&-n~Tgmc#Q^{PzZ~
zrqTDw3O||k*(<y=7NIfV{-!IOUIX=DuUsy0jAHOsfqsYYw#Wj18xI;|$?~qbn2Xl<
z8kKW-kGGdMeV37$;p&Am&MOZ@qvS`}k*n{=vbH~LeqAl<rTe(3<7bc9{JBKHt>zGt
zAJ{s@=dhzz-G{3-ly?5j@ljQujI{V1lJ9W8i0<$|?9j9apO^#Y{c`{mlq!LF-)l4P
zN`6TGy)uD+_ms}J`S+i+MLkh(B?2%fvGCVs8aVf59?%Ma8RX@2X2;2Y@CQ&NQOpLz
zADjNl;AvVu&AU2{$h3Xg-ZBqc4NrYb(M5aGkHthJ5cg=_>RI;0+wujO{PXXT$v*}4
z#wMT2=|;)DO(&mG9ug=2wPixx4>ic-KZ!?d@<U@m+w+X?P&p_6LI7B3J43XAwm(gL
z0b!psstIAAcy9s*)W51Q;4fb#V}N}hY|a0%=sQWGqVGKa$LYKHnX_m(SclfP*DzxO
znP0D$?)Z<%{4vhQ7yL0sr2nV%{*t+|s%(0{ao&GH@2@NTReJwbLa%>?-d`^#v0tS3
z>+bp=(EC3B5-Pp~*d_E{Q@>BxWYhcF^Q`mEeL=~2V53d%|1Mve(F=%)lg}SZG5??x
zCxaiemq7KCNQ<98{)JyvbEn`Ikl0MRVRphFoJ6|R4@bxv>sW$aTOCWTZhkC*l}ib3
zOc1`V9ptyXFDd=XJJ=m+e|r2p;tr*r{@czYu#kzYQRlUkFS(?K!>9@}I&=Uc$y)Cu
zbO8F*iRU78VAb2wfwupv?N^!6C=SJ4AmL8tP2ar%@cggNI~`^SsY(!q3aR=#&R&?O
z1+3TJr^b;~g_k6rcP<n%1!<ji-Z|-MAyZR;F|g5IJ^`iU=bcZ0BRKDziyAn!7ukd=
z>AW*|vpVl&8_oI4g<o;|<z)jDx`%i|b1(<67gvYW`8W%WaMq7-wnASt1kMZGmrkPe
z7L_+=rZ~til%aSE_=r~8?RVoNC6vxsU;qfWCPB&&x<S_m-cZI?N_@uwe<2nsF}|29
z9EFap6XO07o2dYPTSCSh#Z`<%4wlF?-a;@tTvuo*n5t0PS#to2`2NRT<v~a~?Ommp
zVkIC+D@i<@Mzd#J+XJBzF3()}qsZEFVIK_y;CWoDehq^$E`y&pJIVXC`6ALP5zGNx
z?2VrA^J0k>`+Tzb06r^q(3pHt_}gpd#B1^0s2JQgZ=itCnAZt^v}$tjrSEJ0C-C$@
zB70--q1-CeMmxM3JcD=TF6K`jT9qeIW7esP_~j%B3iB;NVUP>TY3xtzeGTt;w7@2`
zAfnCcNqDpP3`%sf;4{0eR{a%Zuz=`iWUi7SdXUoDy`p}tt#qXl$)b|kRpJR<uY=p5
z##$n`p;!$<BnA)g8(LsE=B5Rn<5M>ynbH4RGQ%;+k{K@h1Nn^CDY$|%{!GaB5h&vj
zx}aqD;9K?>z3$N9^$fkdlvoV0zu-sL=A*ftqk&uB^h7c9!DRF}4-M82cQ}?gYM?I-
z^Ntj)`e{JTTpkA<FOzVg=AB9KdjBAx4TukUN(JfHjvBHv0j)q-K+kGot3?Y`2?)z`
zr%;xzOTV>F!(k3yo;waNnC;>DMYZwv`>}mowze>J>sWs%tpMy;ld0Q`FHNRyhh+Zc
zspEN%^TjYk$DFTcn#p+W`AV7E!hH2d_JsMmHr&#DO(utzjC~Cp!mrHNU#G}?rNrk8
z3I|v+y7BpE*jg5DB!P>I4mL;-Xo%OK1K`c<%pENUSN+jVGGi{shyD$%h~+xSu>a?b
z*`MMr=@VCY1l&bu%<5SlJm7CU{O#i8|NXUxeG%8e`V8-C$&k^69(=nvy4iOm@}Ti3
zJUp=SaWLK!hVneT$Z^xC3CZqo<@HU05GdguF%>11v?6gW22PjF0;nh<6mX(B{J88E
z=e#1j#e**^k%c84d)^HhGEaM|$!yi+zM0LMY)jehL40nZNe4M5sE5XytX54nK)(|k
z)VSm(U2Kw(d5tGf9mn1eU3S%vKq!V2IIzW5^3|wTC68wV;lZCjs`#O`Hm7vY2<&yU
z@MW9&l8%<tS#2J_jKi1Z>Ps%VqP|>(FFdV@i1~XIpjpYkh9G+Z`1lX(x>0lviW+CK
zBD(qAYGu6zS*2_#v+@{@tos&pNr}7}X+_m1kwNDe@7K0Vi4??sp8E-7kw$tTA#$9^
zqUDSz64;@kwka_628NayccQ|;Zm)*ewYeH6rNnUJGsV?Y8o5~;=L3Gp$H(%NlndcO
ztd(~Vwnex~6Q@O|P(w~J6~FGZX!_OSw5aQ!I3c#vqBylCe+T~+unlR*H2?N-G`b<-
zep&Gg?%>a!(ENO`3x!}8gm;5Xdp-s^La!g8$Jm7};0VAjAdizQ1<0N9chLzE)2N-N
zCo&SiON)_s`q+#FL=rcEJxO3BAU~UJi6(@Rh)E}!GZLVyiuDM6l*mZzo!)c-R6qAy
z7>T?|iHrny@Iv27<kxNPz~U!5OpkK{|2;p^ZAQEno1gGsm&i}71q8`YJdfvZ<R?xz
z@mKkYzb5wH;wQ+tD1PF4yfx=1ev<ty?JjUyO(=Rg0h`QEXx#flE=Vt~r}W~t@)H-L
z*fIB~8rGR4z_9nH30EcUPmo=MpU6P=g#GE&MY2D|S&41anhk{4@%Gjv8+h#6x(PoK
zg}-sdM<g%+KiCWa!rlUcDdvN5INHobr7#yG6?1VP2|bw$n$aXP7vPKv^@bE|u~s`;
zU?S&7_P~$-4Zj0p<CP~ceV;K?C~ZIZohFmC4_}&0(jm$GE0bj3R|)@c|1a?muOE|t
zsKo&%f!|Z}Q<=;^^s8<%Kc_Yy!&e-G#X9`r{9M5kmGF59^D~tF17N3MegM}L;nSM2
zXurr@bW0KDq9^#NmiP-^HvF&i7sCT;k9FDnMM;dm$oC6>;Q)J<JllcJ+=knrWDA?U
zgy~M)?C*P6_>1>f%4YxL3rYONSQj??vjkIk*Z9IM(&X)6(3&)P1l=<3L62H!@@sZE
zvB^Bu<Ta|v?a57kT!tn$V1|s5sE+(a28N>;iJxJYV-#A+ypC7NBNTs8{h;s{V^E*s
z70x1CFc<s#H1%bE>`O0xxe{N_S6?>9zO)klz~V3NMl$(}%CnID3~&+ckr2VPS@vA(
z%bEPbgmdf~Q0Y$(fb)29u*GOBem>4<RNnwb<FnXZc8)Q7HQ0<(V{FD}?+KgHOL8=0
zG~T%-&S=ncWfMkY6+V;Eh`uX~h5<l=(UALb>g!i6&|7&cA(b}%f>zw2%gf-2PFF4x
z*G|TaTHMAN_IbPSF+}&7Q~=ETfk7GkRI`NZtcMl~=dp<_aO4%-%R;rV%oUoW8z-Ps
z6s7+`I%U%nu^)iCr6rz1OcsZ)t4_V(GhjE1Fb7bRH1=fTmCpa2#zS~TX1G_X^>$_E
z6Og&Y$ZLmW=(zh%U`$ygNIY&Pbc&pWf+faqP37=*gG2*b@ZdBog;5M)h!Ao$1Wti}
z12~M2j6Og<!g19*0>`C8n=))==*viPQPPop!3{}6mWitZ^aU^5rLPOJ%!ZC2GkvO1
zTk?H0xU93qaUGc`4Cp!lOMC!Ew?h-Uq%t(W1Y6g6WxgVJ=sHp8%Xgz<ckuJLzF|XZ
zF6)&`vwg;893}PnAh65DKr?x5yT`Z(3kRy7Ws=ecjs?pMI-v1{23qx3qJFB@S@nO`
za{XTzKVu|RuQP1*#!SNLY*z0-8uj)@b%?*-4L}1%BuL4kdAqL=EJ;YC<CVxMw%Q;%
zRbm`{HyX9n2KN{Xcd^#`GR{CX-r3T>nZapvm9=ST>X9iAsvaW8xyZ?z>eg?|oP8yW
zFU|prexY*a<v}<(=G=lyAzYYo0y-*?xkE#ZN9QvJ2DK^jAhC4v9=sPWVIcNu9yuj?
zImh-378V~$hC~Ys1cAV<Tr8Hz-I&5iH=rInl$k2wH^9<<Wb~4`J!BNWCBr$s$#9fE
zQeo=z8N|X?TPAk5q_%t!I?|%rau=(eSKnkiad^QC0QF^#M>)}#iRN|2Yr^;6<nQk9
z%ea|P!4dM!EaM3{7Xp6J-yPLnpTzpG>4DOs{0;u;E=;a+Y^=(dXiCw$OI#Pz+C;hu
z2Vu6lsC`^%(LLYEtUI_zb@mA2it%8ciO7|>I^F^|RyPd9d}|eT@C*(w8N-8H{hzd^
z!>3vBDRs2ftYY|v@}91Te}@Hj6aHPP;@iai6Je60*;`3AgK$(-hZmFvJSfV*T_`nD
zlhI=i78tRC4wPcokdBLq>4%K&I|Vgb4J36+IL}e-Jk$pm9jd~<tyNQ*1==KQo~puJ
zr)al~!f#JlY!TwulOf(nY1NE&1qSjNGEkO4yZUpa6>afA*AY7Bep?@PFH*6kLl@dl
zJwr>p?5DCJSCki46Ot|x|9)kzbzr}M3;j2}Oiie0q?-s-Vv`2?27RcXMIUOAx_`J{
z=|c_rZTAmxeW-;y05tzg?1^$M)egUSLqb(39sn{itEr3pROo`9RPq(U^CVZiB5>iW
z&1@d)9B}BO9*|Kj@-Jph@CgXIieXowC0b~>VY%=2e|EI8bdRr${%Dl#(AM9hh44!R
zj&TzHV1Ap@%qN&7iH>f7a{Nh;LOI@P?I-TgGuyFI0uP|a?hft){909({^Y$Efsl6?
z{>DE3!+pH(LtnEDK5bIr<H7hRz!KR-#5r)IFmYQ*oa|c*h7&X1y$S4FUDelcf0s1b
zf#ZmW;GIGBAy%(}M@uj{6Ydngas5ApZ`^>0>j}3Qz0M|98r7(g9NcrLpk8ptAt482
z{Eqious<Y#00~jhIPS#`1c@>JF6Aoq%r}VT7QLfh_zhWv<*9&m<hVFJBL3iv;XO{N
zKtTVV#QdEbmHxd17lJ~5G~4q#F`vm-{()e66zM4RqUG}U*yWv2t^+%P>ua$BNk=V;
zoZ9s3Laev*X8H;tjxd}MQW7nQ2tbQoU`#TNfpX6bhU5&sz@8+US38bE8^xco{2e^-
zY1K6-hHCWCt*k%~-9hxygX{G+Td5RwCsTd<^=d&oZv|V*LP4~2J`kN(hsrkaKD<S<
z$D<J&-BxiL!!PNC^HY46Zj`DVWla729o2PJq3_x8ApUGGfqxle5tmHWS(Jid6Z7by
z5PPb|1G`W3*AqMt>oVrpXX+v8wWs<3E{&`izaDMc>4>Eb_d#%s*!Oi13D{vi_6?A}
zJNAq4AUHI^h0&+4$8x(7Q82pM(-%xhs0J;=({urD6+#?1bR~fKpQP%cex2Omn;m-T
zegyW7*6IWORroyXS$E&>J*}T&F$5-zEUhfv=bi5IM>A$$RDmu3!t&q`+Ou22=SPE^
z{f%k<BN?+!@PB+bj&I4*;%^uG>mV-%-Roh&%aRYr{E@>})CJ9IHGH!IIFK-JBU+fZ
zM-lnVp0}tRZ`8bf%XgcFwe=>Vd0u80X53CoGAK!yKk69iAr1Hz<mk2P2XGwb{_qb@
zA`q>8?(9kE+(Jdww7?(nT@Q8lgkEF@h;*P4@+m0Wo}-@9AGPW~;B%b1eFc)JhkC&y
zm!fdxvF;|Rer#g4@cpb%548(!KC~Uv{p1j>`ZlDzjBZg|7Buhi1J-T<Dkt!hye`K+
z|E5+?4)I+nGxjNG>|<M?e~J?5H<Q;V&sbc(|Ku;p_e1&);A|>1r(k9?6G3_Z?cRYf
zo8SuErLSoL_*M}G^y<Iir9Akv_Uzt~;oPCF=*GyY$@^P0`%hyDnfAFD24Pt4_}t~+
z*b0#IT_dCTH%7tl-VehSax>942s(Z^hEFZ@zwF?q4DYkdmSN%BBQ`x!*8wZH0a<YS
zq5AC^2o)*Z0s*`(|L1+&{-68!;8%DNHxlgGTHp;1C$!GmSfbf|(B(>mH(Wb;F--QR
z<ExnL)itKN!|mZ56Aql*Ay0b#!8(WU_R4U-bf~!IyC}2d7LRL~+}L>n<G-*+3Jd~a
z?NQ;_!=b~?soZW;WYVavWJb!sp%-`<BPRf3{6X^QvEJ1EOhbnEDan0|`<dI7!)ka}
zMQ=_?s4tp*<O0<n8GeQ1Cl_{5LZSKyC?osy0s8cz3-*W7sS_oxA*LfhFr*x#KO3b#
zjhK*T_$T*8x5rn?dbH1l#5va+TsSjw@pVsFdDV-!c#<_@K@xjE2$I;ZN&S@x{J>k4
z@Mg<dFa1ahT!}h@yJ9TCyNN8py<5N%fO|lEYFV)<m^ov~a<u`!f1BEXpKIU-Ec@Gy
zYJV$(0Fu<J3O$bPZ{s13kQ4X?e36Z%@%;Gy7UxgLU~lt;hI&FzusqdZ6B(sb;{f^_
zio?)66P;>C@XW8^%MkRT^8<iIFUaGL#SbkzCO`DRX7WQE{K5?!INC7oS=NCpm9efq
z`81TI--Y`UWOoO@!$9H;G!$G<>3~{7Y1fms+0649NCPRef}~dulq^uU#8!b2gjfLs
zDAtB8A1@f3WUtB+JgC!oxcFdkdP2`AaIGVI;5xVoMNdF<5Sk#hr!p;+n~(S0CsqcK
z^CC6J^yAJY{v9mouQdXvzB-0R9SXWzEPzKS{u#s5(@dm8f{ZKHPB7ApsUnNUu^4?#
z1O{6du~2#cEYcq$()jwd3V<?#;BaSgIsOe4m68Q0>GJ=Sz6Sk8ps-<YY0vJYN^jrI
za4cAP>LPAa?$AoLty>IjsQnO6=@wrJwsiNvMcmRg|C1>03A-Hd6nCIfTfV3YzqRUT
z@Yg&GvY8}$QmK^ebYypzg5Cd$d7n8zE$i0OpkBIJ3-A!Yo~^cewvkk_2%C3!R5Z99
ztK9!X#;oq}9oXdd81!kq@B><a4tRl|iav`2Ud3<r-CSukl-S!q7<1aJMMknsZ1H5Y
z*kt`Tqepi85YHsE?~`BU(nf~n{~dl-@V4YKytu4=r=VOm9%<m$=<lWsEzlQbr3h$V
zLVnUaGY#KD4+&N&-5f7uUytRM0j^4Y=B}~4?rNm^Orutv3pn$-s~4WsI0CH*<Zj2*
zc!JN1ziB-jkitxFM0(7G0x#|JY5;3b_{qh1;DGMY%1vLU(Ych1brYpr6XENb@u*P{
z^~2KpCLQ`YOZmf!?2D%pKhgMFX;+7G&{F(1dVxuW3jx%08A`(L;|S;~cqlCU19&s8
zy;e&xzu?;i5Rs!j_K+o;)wJ_%(49Qv)L+T=6tY38RtXHg1J&xGwW=en+0e~MX>nyM
zZ{0~0<Ti2Ytre*5V2N|}#g=#=cMN{=E9Zo6y(jQ9{<BFN%nzZv+?vA8P}<#NK--cP
zI@;k2);r9#Mu;v^7yO278Dh)bT7Z{giPkY!m+<3gC<4-ZcbD-+yD1Ck41Fz{9m3=r
zvmX$z?xEuDvB}lLRdM?ma5mi&>|<~&?f#$J#|$0;&L%WN_XG{GkMY8fiu5Zy2#oHa
z?zkN4o=K?8Bviu1-J2WBd|AO;t=B4pGax|)LUhDXJwb&wTD~f&by9B9^^ihWA_d_K
zm-3>|G~&Ew;M@oB{hHii0h(r&wU{Q^GT7cy{Lu34*|zr$W@C%O-#tQUc|!_*A}6*R
zEuYysm1Sz3besubZLJ4&L{BS(8ejkp87=?rsDf({*q*6X?}d3Yk&!9JoT)&@-AGyN
ziq^NZMe*9PBKVbS$5$@@XMI4}`e@a!prjsrI=2Mh%Hd4(+1<m#{mzPRN}|s$|Iv)u
zqbhLH9}^xf4A=?5UBV9k0{?YzLx#66vt@uD3%_-o&96nX+qwxf?29e+^9cHaA;i1t
zh~R`F{SCmICzhY;FE-gdi#w4*_x2Ugw|_1oj4ZB1gb`GbvTheR>FAr%iVhOM-QoZU
zI)%tn-QmhsKsTO;Z?8gTEpR*lhjFIAXzebqS8suF7$|0wlV=W2p3UgHI&W%$7U=uR
zw4<ITJz`Jhp(hZQ(>xbYpv9r^623m3;QY*Hy{o<o!#1IH4b<674;cHS*_v*Hkjf&@
za1@?UoFS2GN33U119LG7;&y2YhM9(i5y#d*ZXrO`3}HLnmg{6X7EBhNHvSQ+D*gf>
zYo3WeayX<c3b<<56-VXdT1@DtqiM+t4kiKT!B;8P#_WYARG)dJ42QJjr|j8|jXZm#
zHS%AsO$fnO^!eOy>Ll=hsa#Yu-9b+V)*7}mF1QJ>p73NaI8JKD0k_|ikq^7bMO+LN
zlx@TiJ>ivHqsavLLK#Y0mvhmPWCA<^UjTAcV#{V{ASI#B{!-^UVWdNU$wAdZo7qMp
zZQcUUPOuzPq`7!}(N5SdM%*0m%tTPDL1;}TOic?`HCr*W(IULR=>GMf=<jF&UUTT7
zL7kdY^pUW5^n}Vgk)i`5N5bL}Eq1ag`bZ}<jenEH<FqmWCfwoGdwJua$P;XjX-&4U
zkd0gWIaXpjZriZbd~p(O8l%SfFL8ZC`%U-1NZ<fvzXZy{r}aK!Za7s!uaD8Abv*Ho
zi(?TLFMx$(hvZ{Mhd{Ntd<X=jneK)4WvJ$5$j9U`as4JNq_2|}fgodZl5KI@F&?L!
zaXg?njM_K@RZ^kSRwhHV7{AMF9?PXRWDK%+u^FLdaYpECFhXqr2OM{Bz|sPhsIoFN
z#N7Z)5&EPB-oy*{FYb8mhLJh^fTxpB-r+du+5k?Tj~KObdpx8vID{5;HaPz<Q4^gC
zCu2VqYFU7dR&bYu0MQC=%WXt8+)%l1nDnd3^Va06L=ruebj3O`1z!IKOjPAW8rj#o
zst#gt3@2X^*o1T*bjFm|cyp;4*f>w*&!5~Q^5=mv@ndtxsGI+XoKPa@4Ky^?L)y(#
z9*$NRf`tYg3Ph^L_qa6#m(>wI;-ISMG#<YSS8&#Tr)8<ln@1oFDgf6-90FByLbv4}
zmLYJ<gkxLZNMpR+j2a?ak_BhC6tY`_k11>SEJ0&cYi0Uc`G%O(9JDs!+bkk^EW$=?
zVC{BkuNXXzG3r4XJRyY{);FbC|8MX+O~^(B<$sOQ=sFn1Kn!J3QwxNL<K+`%(*D$}
z%E0&EW9pV%$*J4us`}1h^Mrw~@PT&<n7c_bce!(A?k3+Qb2s!(F51}KHTK5bU4;cB
z+pJsS;tb^a2|iN;7#-04a<qd~>sb+9{UU*Ptrdr^)93*;PT;HeYSkwq$?V5;|BKv{
zcs;aeAqla~o;^W6E1B3%{tZxT#5JL;esVd21o4LbKey7Vhe{g<q3{q&8{V`H-w0d%
z;?x$^FQEO5;&JWgXx>a-OEyj3V6?$JK^b(psAN249D(Bp?l74=>WQ-MQ7F@JLK`pV
zgn}nPcb+eAI^@98A26$HQCjj?QybrH0!#3n<cKSq<Y*W1I6T;OlT7iWcgPeMFXj~A
zC7IL;J<<!aJP$)LCRja71D2?s{RlI2!!1pMF0<D)=ym-<Zg38B9^T`pAFfOSS<AXD
zm*iW^x+^!IPps5248b;&Qj`hQ2OE>(J03lAjAhTV9Y8*1hO6~JSH5Pqfl4<jj#~8g
zLCL1XWiTju?Ts?1(Mx1dAK^i~b*d5Nb433{HAQ=0fk;EKgU0$Sq~3*}32DzTtqN)A
zMvp(EE?SlEGxl_XF446lw&UUq6MEE~TVlVUY&(vUnK2k_im~klAaZ!{EpudSX#ltC
z)S2Cte$wD6>dUsU{iQp;(CD=R%k(?q!Ht)<O)*EHHl&#ZDfFTFPFl8<ZQQ#SD~7v{
zB$8fMGvy&W#iDCV?`)T19*rk*M={1DXT)dKMpQ9=cphcnwX%UGvSQFK?q<f`%g`0t
zpre4@z4wq7xiGPY4A$8<)|t($a1o2|>uC)w@<;3I7~{zM$UMz>)BZ#-k1@Vm0z)c$
ze7B;4h;A&4WkH;u4df1x)oD!S*Herov9FRk5$#2~81oWS#~A;@d6F97U?r(G*PC7M
zWn7Y+=|;3oEuBJCK}JM>PA>F|Bv)LNBJv_p^++?T0m_#Am;7)02kQ{QsGIl)a|3`-
z!E*8(h|_C}{=u?$BTw?pH74K~{=x18K&@(whwx4qlrI+;^v8<C_3=sap#Js$)IZoD
z*d+d<f3RuqNza@62m5A)qLTkyCOx}TR!y@1FDQ-0eX<>w?33*@+b3I|?UPN-XQKYr
z7skUdS!@dL_rNjy8oVD@y>6;q74yfo38XUSk1Zb~vEkiMMin*QdR9jDa*n`zr95nS
zQ+uWmvkgTwMAm@NegP#N-u|cqULc?$kRb1iDcFFmqr&8?2I2jN5B_mC0;be%NyO+B
z(f=dV;E@=z@I?JT+%DMqe~oyx^#AZ`>;L6Y=k6r*0#*tiq5e$NZ}$9D2A7zm!_Yye
z)v1-G1h$6c1pP|OuN3el+1v4qfM88Gg20v+;D%IG{BZg}9F*wC$@nKBY!^T&fEE?7
z&*MfKIuVQ{_(5O)n8Ugg;|}X$@Ij08iS#u4@=N~ecJo$TU}s(E+WzXk`3XSjY_yZ^
z3S$d@3Cq<`($!G*cjZu$;5~*Xy>U3w(?`wzTy^sM9e;b<(Qmc9j-xw^i3YsAhO>ur
zpXg3v`gP}~wLyN2crx(5iMbgX%{vU$kEGe<_eB4OLr+Oh&Y;$__yV?+@dl-W);Cke
z>w1Z;j0b-yN*S-W9vV+&yePdJp$i@HZfRxAL_ZX&5iHQa(L)!Crr+sUB{40#M?UC?
z-b2)g^T$dH1zvwzP+(QILILzYhM&p}AgUT@+*pu~aSfNVDeuoS;deVUH_NE~J$gy+
zht~jH$dD=DU_ApzP!{Ul4E;sxUFOm9w%S!F{~=?vYX9tb`^oS_=_CLHevEg^^<(!B
zqj~Zz;=AhKanc8zHRhrpvvZ8Kqj<0x?&M<YA>TyB7T@yiKHkqPs=w@Gq&=Y+#`tE!
zBN!m&B*Z4+or~t7rvzfvT@=KU^$Wm4v1d@+!s0&Y9R-)5PU}J`OZjTi)<9vEv2C_f
zXAXB)*d?RcR}>+jF61Ox<lV}m+1C|=83my!;}Xm^3#qy@7wSJzUpt81%#t3westHT
zeTX+WUH1>lTPhgcId&R`<oHP>MLHUhT?jcuG1yx&Nr;V9l6ZRkX&g_l!{KB6+<YzT
z!V)r$6Uh33g+yO)rN%BA1D3$JCUj=m3$U=~?~9!2(&I8pb|4v%LQSInGT*~Ei9*Vx
zho%7~ZiaH{iJs7OC+{SBctSqlGa^iORUU1jB?eL3V;p)zg~%g3!JD0);MLITn@iN9
z?4tkMf=@Tbj{zG<niD)WJ;?Ef2md@-7}h-H5#tN^s1fbPbt3=;;|B1XFog@2=VnGa
z$b(z(pIH)9T?#@YXidf}a<zPiD^w`2UW`?>-*}IGXwt<9WF-xTHjPK_1~C(}2CP*x
z%7s~gKT;9FS7w|A!bv|OqD{QzM~+FkA^w?dgLTR@&iscUTCXNV$ovsG;uOx>k451V
z*us5<cdTXF-J2|pF_(6C1ChTkFPN#(3*T7Kol8{CM9j$kXA<ng$-QHqTT6j*=g;2M
z`ZA{ju-D;kwuwHXw*wYUnWe&s5bXXI9C9V*fZkVs+#DnZpX7oHaq(I$a~8Hu#iD~6
zJtA6#)6zSmTbL$zi-P_gctFe|wQ6aZZw1E7=R(OcQaLG@f)A#2!2IR_JIUc=I=Lx#
zLqXR4(GvpG%{Ya`>;s@L3*H)W@_w`tF~RF`*E8ajwZX;#;>g=?a^r!&1F11#KE~+b
zkq7jkD5IZufD^pOIJ`X?9cSyik+;ypaK{vc>H%g;q@5BDI+BI^($yR!W#yM-dPj@Z
z)Lu-6Z@6-41*iTI6aqL#W+5LJws(-0H4@ABJPP9g6`YQ+a|5%nMNuoC;K?)wfQ`U3
zwo@It1|7oG6prV<r%#oWQ|m?c`RIpsYIVTV!ye<Oe-N%88IS#4Ko`~obg}Es#i(@T
zf%))ynD(b?tg+yc4YVMM0|djx`b`>UcU*YHDo7mfx$*Iq9ecc|B#xKDN8$rDmDF(I
z%SQi5hL_LL{b7oXE)Shk=fa*cx|n{By`TGGAWD!XZ8z8t<N6yi60R`I2l0Q!@BZsU
zbgjwx!h8*BzjD5Kf!cq+aK3oq2@rc?JeO1nNWZ;r4Z=GS^|Qxh{$A_A`7`R}(ZnCi
z!mnz8d@#`vA_7Sp57=OSv5_)>-&&E)@#44y={kPvcw#b~6mRkpBazh#^h{v2Km@S_
zZFUR6q|v3dx#Lj8d!8paD3{_*;45};x~*+I0B?O@UV*!z=cN<T3-iHaYQCHm4$y&O
z!Tb=4L3WdAygy81%soksq%U&-_lw=(5&2vMW9YBV3FORPK;#U_WiJJCy3OzMRtP(o
zxQ&AYiB4MeCpf}FAoM7feiIqkSNMXK%Gf?deEle(S(!}+ZbTuLqPhze?UswuDQBKj
zg6l*IOcSo1m*N)z#?6JdJ<IUqf8ytEex^$<6mYG<`(fyRMzcqeYSIZFJ|bSW12>AB
zT9pSsM)bz=;3v?CfEHc)I<!X>l0)v`diRbm%Y$$FKkWk(jXu87{CvY|stUdsQ|js+
z!~bUYYt)}`9fUqtNX~1xPuv21hPl|k)cGwu1qy7wQ=l_a84_`1B|=&5Fe~Y2fqHcA
zqS}h0EpGqeGM9E|ou|!f<TfVJ5cD)Huug9NqA|Ua1_G@Q>wflNcyyE=2}HG|xBrX7
zN}sk_|LQIM5)&u9xPHlQ{Ng~hTN%I^gVn_UW^BO6+w<M5K6|`c;9ivE{VB&AlG?HU
zS2$b;YoT*=HJs){Ak4{J_%o+dFpF9pYem$rv^v(Ep}ZzTtK%^A7l1GDd+EQG7!|gr
z9HdIL%$aZiwaNAt<J<6}ZZY)mebz08u9d&%{T;P7u7vKlWyDFQX9gYAOlWpxK|2m_
z?gZn4$4FKNdV&Kn16trAupA)P(A!voH{*FQy=D#Hz63Ll4Hpgg{%V9N<HirHoe5$Q
z!kRKsQ>2G+eM{fIdQ@#JTJ=CwM%HD5F^+Zj!%xvqoADnk0{FMLb*T<w4MciJv(G&R
z<~Q;Ef;pf}rJP$pPM)MZ<q1_UCT$A6a33D-=w^4{&3fo%k~OUJg2U(9W&zZq3ZL%)
z()#ARqqUxa)m6wds{>T8^w!nP?}j=y6qIl^2Thc~N}STzSdu;z@5d9hlYUtrYPhT*
zTOVqG`~rTtq0BWGi%D0WztMFW0qn^Ry{q?a&`aL{CUb2!ZT(wdXkzO<K?!6%Bx86?
zA8UhPwB7y-Hh!aC=tJF&pP~;%=g_u7G4!G6A>=pdL)Akc>PnQgb&6yAyQTj{6JbR^
zs_UV^2dlbr&~~mS%Q+_v8xmKN_jI+Ax~xF3U96?y)cK<m@^kQ#xR~hw9cEVl&0;z;
zwwMlbF#*-x4I^^UC*1#yaPk>j0t2417Soxsn8pIR)nXdOC3MY5Abc6$9zHH%F_m4`
z!eWa2Qx;QhOW)qWH&okBs}^l{SxoI%_h)4K1%B?3tfwhJ(b%TKTh#(CSZpU%Naue=
zwZd3pOQR;$tyF*srM+=#vpww&d@0(kt*j6oroK3x;#>wxb=;Nm>NfG7{BIl^0#LZ?
zzMzZWIifvqFmim7{)#(VPm>Z)=@Bik3>CoNZ)uFWCFwK4-*0JxJ`?=?mfE-9Bb>k0
z-|zIkJR463djfr?1KOfHfLZJ#IEd2GXnGhFno32XiL@5pf8ocp9#+e#WzfR1y#IDb
z9S})*g3~!}q3c@UJKSR1cg?(p5K;{+yARc9ozRB5#U@Wtg`~i4(QBFkV%3Cc_<;bf
zy|n^yK<#h<aDbKUr|AhNiiIAMnnXo`x@1*zi$HnKz?<$L2vz~WMALz;7$H<zvGL4x
z%4v>A>(I2U`r(BR^J?TyUauG`j;7Y$(>hGjrU!46Vc;5n2)HC%;{ZrQ;IWB!`8fGQ
z3ITRHn5i$^L{$lBz!-mj9B0_e0g}ZC2IBv*HxFRrd|(uBjp@+$LH~6B=TPgeVOr5n
zXd-HNuZJtNQ{Y!0ca|eyMbL3IFD1!4E|q5>_enm(spF|M;t3DR@PvyqU<8XZLwQC%
zHRT^fhB!~OH&T#1zG(I-xda~i<D!;*y36quZ6qANt6fxP|EL18hR<VsK%UZOkMAeR
z)H0@D5B>)l)W_CmztiR?+@X<9?v_sI9%kU*d4Qe`!tl8cIN68h*LN5LED6brMtUXp
zpRhru-cT7-kZ>#YnXwu92iLcPv^U%(1L`DzM=M1?DaU<1l_$hAeBV3?KXwf)hZxcR
z&5+FiuSNUDD*m^G;);GC@Ii9<>OW#DGH*d8Qh(LWR9*TKKPQ8l)Z*!ISjhe7lba#;
z6bKA#<W|u;tgG97=8eDyOot3QasP%rmw#(3@`GK`|5R@~|Bt=q42xzzbpodmfYigc
z<#NZ<gDxl!!5=RqOo-9p#y>~VZu1<}n^+&TQvg2iI*dITbe|`VJ+>b;9lvi~B&dgl
z+lepo34->Db?05SS_bM)yXGNL)QZuxV{mL*U^mAAUC`=J@nX`EP0S{P3Pz`@`G{u!
z0p!QVUu!`nT4g*5(l40&HZgg343pu%3+UNgKTg?){3`yk#WBW*L$O1J(pKd)o!LN_
zZ?T)bQbuo%z;5vJ>bMi=gmiN~rrmgsT&?hpTHqZF(GyDCPbYIfEopH-eO`zu4CRcW
z&m`=sF@>7$WfVzb;&BU&2rZ;f(5K-!iTX54<*5i-<V@oOc#;-|6(lRH?o#!zYJqw#
z|NfWSQ7N$=lxwUTimF#y)DU<k)I7`egO=rPqh*~B@`q++{dO9g+h<TKpWB#gH(-}q
zE2|>0ksIwsM8#z>I%r&EHI#*EM>S_h=F{y;9~-x|POh9p+-`$}A8OQkWB*h!ubZ1f
zCaMsRo}o02r0zwmSN^9$&ICwnEsxX3h!*1R0qOF}hosv9;N!n>RwT2<MMkBWMm)(t
z@wb)*rC6L!XQELyZXgYAD$A5M%^fE;Yriv=qjiS9)xj+;?yGW4@+P;wJ5-N(68Ra-
zG|&IFY!6$jv}L!CtrZf695gQoq=z9C2zNMbHjnSOSqCO-VWNoa%GlkwU{~W`ihk?x
zoFslkw+3n}H*wyW8-c)r8>o`crf`lAFnk|`44D7h7XqfVmoAAFLK92bTc}*r@(BoW
znk&PQLn;Fn9%O5f#4v4eX@U4S2vUV5Fph!Ta5;xH<VHNF60mm&SXBfj3wMeKaefR>
z&q9ae^eJ{fx?hJV>*iN^UG_TSRiRvp($*?7R^e`*&6Xh*0RXYBu)E`Yh#E)fa?M&U
zE7fIpaAX#N%<e+<GNY2qvJ$RL%LHCUTPzn%TA&pGpw4{^98~=<W=XQRZ-wYp2I+?I
z!-;y-eZm#Upa<y`8<?Gszn<I@v`~2%e<}<eAge`I^)-fG<eX3)WiC!OMtHQ*sxQXz
zfTH!+F)-7OA0Unawv@6O_?04EVE7u#J;)iAp=$uX&lvCP27<38_#Gnr2Ez~#ksT!7
zmxkL5UtbE4OAOx{GzggKgcDJKko0zooB&Iorpfdgzg99Cr=fpbLiKwIVYP%Pq}q;7
zM(>gVoBzZ&qk5oHI{FyYn<Lii%lbLYH~9<0yyhGsyJckil9qGe`tML!N8#Xxs&5?@
zTOOE-RI?h8s1M}Up(#4_RN!UzIkoJ*R^1i#oBzO1=nfVVsXxSf68E?Tm9)e?dV>AH
z^5G;!FSoemfSXoguakvw+et(2tCq0y@ZaF*37#9fBIyNpM-JW-RQgX`*NyV~d7&MM
zhDG#jvA0uxR6u0^jofo^%()mTlHVMQH+!%v9A*W68byE_C2k>@z|~j4>EbPTu~<V$
z3!;(UIR8eodw|?QP(~0ads&t_1e}6=Nch31x6wZ0o@5_!W9#o2{2=^c!rqeNDPmg!
zzFGSAw;Okss@`391igbZAagQajGL|0BiJ^j&tKz(MAr$NlT((keVE03BzS_wm<5sD
z>sfkqi|+rJve2R=S?CzB{_}Em(ca90_eJb$N)WoEzlNh+q7XI;LdM^6$*l$G5W^P2
zvT+}{%7FBQ_Xv!Zn~4B&Kx=l6Xw5zue?+y+SI9)<g93t*-KO{wipW<KDPfV3C?Wz|
z*${OmrLMwcFWgvz_k_DU9PT-mSf91(O6+W=$V$Y~<=}sg5&8Yi({1_v_;0_Dny0WY
z7Nz8Zp1`%fBL&K3S^N?ny!L##{`+v6=&RjuEw>LV8p0o;t!bLTIj+kwIw%;PWi^C)
zcyK_K8==aboLFuc%PnU)td$xHtiyvZQrYkQgEX^wN<uToG5amd9?m|U->Ltw&-m%f
z@1v0!N=l6ix~K{+R_*;254)c$9LDzVkarkzZEg_NgeTD*rJ8W@H~4~^ue3aAGN6o@
z!h`3X*F{}(=%KqL&FF`myb6O|)<?$aAU3?zx%YO+AjTWD=%RcxyS4(64Q?{`1A3Bo
zk8$U^4!|apM$P;}{?+<&6TZX+@#X{ZFW23TdZ#lR2&OFS4rodA*&^kVOxo*au91;5
zBSn$ZS@q?r0&OKCP3|`$Fj+K%fLmfUU0I|HmGV$EMT}`on9QF**GyCZ)Z^3}PeV`>
zsf_6O1afbFU{!=cKN7~5GmUKkss)fe#=dFr!qJD$O*fhARMtoz){6W)`K>d4P@k<#
z@ynypIgq0#tgM&eYsAg`=v0YOOR%13Oto9!Zd_vYU@H8nTA5CLA6LIGI3g7+JA}zt
z0cA!2xnvVpTX;2oa?vf7mX5WB^LF0anZ}~P3J30#aV?9qT9h*iKL7>#5r5z=4NCrM
zUDHPfGH{6-&#r~ZGt#+uQ@mZk=oMR^nPM#FXTVn$@TUMDx9A7|Bo|2mEJIu*-K-vS
z)Z;q!m?95#z7c(m(B)Zr>6>#ryk`w{gjpG)h^BrG^M|jo)nIU0sb7ONLHgGsok4&f
z$NO+%K})#{aH$*3o}*!>jBaxWQITJ{Ez^VVB373k+-m$|54&Rd3uqGWHn8!ylr<2F
z#NyqKk@)uafy&Ssr7yLp_ID6{*ZT5e2Rc2xx`v;_1F8tbxoIlEJ&QPu>F{9-PaO%F
zt0<<&??HL$1<DvKu0q=Ljj)}h2iwbcuanmyq?^=cIQ>j5ZomNH7;E@l(hVfY!C|>^
z^p}9(p(gMEWm&DDIf7~|3k1_R17Y8+@lTrEkSZ~`97<nOepCO+`fbgJ6Mk$#{Us*w
z7aIU0NLA6+M^Jr<ZijM7+hq`4Sbz=>$m@X|87c={n^<3>jo5D!?nf7Xl?m<waXvhu
z857)LUzGlBXP>mf;f4=hEwGg|#=ijA6L^KMxJQj<zkmyVa~Xc({#~o)vWIpP!)jAY
zA2)*H%0BR+{5aRSCW;K@+Nvu0${QVSzX?A9mIe$D(&Z}ts)U28(<+K~dP<)@+z1X8
z>JRJ7wUMx^MjW!b!>+0$4)5*?ZRPq3OnRm{7d3mJC*U^`ar*{oCUCd}wMXvrp!G`Z
zcRr|}I9Ib}J@|tsxXBX^??T1s#tZDmsBjl?^XhKc$Zk-rr(e;*(WOs+&gP+rQLl}}
zUbqoLoWt;S?C}1(Ok4R*^-eADDR`1d>q^+uOY7^<`l!&;pG)fxfNvf-f#-|^01kgZ
z9|yLS){ip&*sgvksS~nX;>4dT3bg_p_3%j!&GN*dS)O1O`COUyZZ^#1*iJONO9!kh
z9$wx-JXpP<YCAg3|4>!4iV@(slMXS=7-$)cD`cn2U_@EQmoa!5!<PwonJ~FQW{45B
zpCqi{10DfehdWs@p7|JQin*FU&~o)|2+mbe42rvkst`Y_tREOIWZXz@)}?|=sjUPH
z3ZB{}TOk5HW%}S6;3MOJ2&`x08o9MT?RA!C_sTOTs0Q#RUB)2FGdYT8wRgHSvry|a
zHq!~!icAbVHB*nmpk_AMF2sOdxRLmtz|E)z(C`2CIg8c27@$+VCwQzM7`Hk_w=@P|
z!vy3bHjI(yZNeC^2#Ne;7-F`a)6ebyDUD*;8X$-#h^po3f!h@S)0~8LM2lq(^L7+D
zH(dNNLO5#vRY=2?+Q(o|ac(%^DQG0~it~DxP51)jdZkT|l+nSbKPL{vhk#G<Ay_|T
z>VE4CyQgiOiOmB1&mbuAHO$nf!O7mtX!aO17n!XEcA!!WC|#?5lhv<F!(YfK(6=0#
zX!4fY6FlvIu|u$+WuNSG_W$ATUBIKNu7>|iE|6g01WdRnLeTJ<si;J;5<tm;iJZY1
zM8QfcwY0WTU#wy>6YxsHObDmrDD~B9Tie>ZwYH^}0$P+zAU9M97Xd*LP+*2p1QZg2
zWWL|pXC|2dw*8*I|L6Za9}k&x&c5%p*IsMwwbx!7e9D+3A63*O9~j7izw(B?oP$GR
zs5E&Kv@H|_?ms(2@GL{{ECW1qWTcciOhsO}iL5XZWQIVHr2}sB0QZIZ)}7SVmVdlk
z%;_{JX?#wX00%Xvm$IFcG^e$d&j`hGn@5~&txj938Z9bPlXYsqf83g@mQvoyjA3Qp
zcaC6+%u4xCL`e0D4{OXMm^fEoQPuU$*K%g}g#?{FEwKnVPbBV4t+tQsGMOjXDstJ6
zxr*z>Ye%70lO?T1F#rO+DlK8RhSiUSOD_5jyZCA*TQze}%rk6<WzaL{iO7Tufd$)z
zL`nIDWoC`^66rz?tXVrYqKy!VM-(`srI9}6sBbxC!beK{gHtb-R!Ni^v*crs)paaJ
z_-KuPjFpc%J`kA(r?|Az<GQx;38~h}u^1aO<bYA#sK8mgzH-L@F1AHvMmmFwRq??I
z3}bVA>RG!viTNim!`hcg9Lu|=*99pznJ*uZJpYS`@0|PjJeTc+F&8};FKsd?h0Mgp
z3>ge+mQffS3nkAE)I*M5UDHE-S@T1^o^yf_GrQMlerNW|=hxLMhu`#GWxA<g-nEJ~
zA%hSunR;q;8KgP!Z#BStPmh1g;EC4&HKK)2Tf<!VywWHN2Q86w(9F^5`FKITdQvV=
zP&pNavdqlSPFixhR4Yi9BFU&;RZDe81h4p3)$+Y3{w>8w^{QB^AFaL<)jnU)D(R@c
zPCapMpq{J;cw#CbTw2ZW$w*~#OU>g2!cJX*?=l+#FRNWO1eD-tFp>lLLeZte0w`&r
zf$H1R-sp3rb*h#9b%r6{!v1=Ryi0A$wSs!aTLX|(>-v8knsqZIOYO{1n<6ewU&nc(
zL&CIoX2D=>(fCZEz%*Al&B=_4{zAtrt0$MBW^{%M_uwPpWH0aK-Nf2TW6`(F=;dc*
zbDJADT;mHNkWolCEliY*&Iy|MX*M+RIbaaW8<ifXi5IdOP?n(~XH#uL+R;`jn&CE&
zJKNrI+5i~F%VnkJUt~&84LlyFjE^h8_N0sgnl8#1|9~=D4Efx|@t<>K+>@QB)!vRk
zj!$G8Gh1D-w196TSR?b-8C)X|$m1T!<0pWY{tZnN%J{iZM(5mjpo{kkUBsX|jfey@
zkue<|AJdZfm`+zut4T%>jV!y{$zq=5nI~zG^yIzDdRMrz)Ow#Ic=e*-7Zhi7skZV@
z7A1TX$^Ue=<~son$eHoMkb48efSP6ri1`)H(i@RP>5Y<ng|f5q!|o?ld5IPJo~&<U
z@dZ2#Un?a(y+Lvs<|{IcW#$hA+g-(xiVRXz%ISI(@2W?#sgYw~Bs(1&_gRW~D=@H~
zq`=T68^uQ^r$kYE)$N=T#RjC?te5T<<dtr7%6OST9@>AJ9<Q`m4!GzJ-XrvXW1RlG
zi;pWhTzQ``r+mZY){r<a0!J*q+D)yhC{f~51h96I84^1V9P+f7Pn=ZcBuLfSoHnw8
zQk=nB3rQw~Sz);CZ-FZN2?tf|DHf;96bha1G#_u0l>eVM%b1I`CQPE!IrlV=m~-w{
zIK}fZRAXJ7LJv-}Ip>Dv38D#XAoGsiibPc<zPfouZ}9PKVTvrXdn;biTk(px#|h?A
zsxzpk;%=#;2%3@a3_cmhy9jb*i0w$1eZ7TxnY2kj)7>s5Slnp(H<o~6u$?DmxZTD3
zHQ(Q87m8try*XCr#tWx!PnzcntYaAedPxj%4vfJc=o^BglemSt%zQ&pW%jL$o4xy-
zwzu&lo>qR}jRF6s(jb?)N};pEd{NR#u#^)I)`M<anYknpWAungO^TV`BPJ~#gP+25
zn(ci`W~`vGptJC<u9*!|D&Cct^?WPd#kZO=@GLcD;91iJN#O=_6tX6G*O#+Q&EL}g
z{~Nbdf+90PHa>+^xy{pR@wtsAMF$C+vB;4nP<AC+2N(GRvQwOk95{`FR#waN8O<cg
zI=<i)60uyZoeXoCqD`n_Wl3cOr^5CYtATA=ETbo&XHjh4m@nLNw7~xb1<yFI2flT2
z__oRuGj}Mn3o(?P=~>`72cgNcCmyGcN*_@lmV_&=8WgKXG>~0xWBk*K+;Wc(i&kyr
z62V|BC(hG+n+V`IF7}XR=2At+%+<|85{$V==ef*(t8t?<Y20Y6@n??a9K!6;W0M*;
z+K>;cagNcP@LnBn*(0Ox#>A>w(AyaYj&A-)prd4~XOD<2;#8YE_@J$<6#L@E$D|_`
z6NF#9t=eci%nnJr+uWK&<HV>5^?XJO*L)%=Fx_)vtt><p8+Xq=JWsA56h;|?Uw$ft
zNF=AiSYE$VLlhybqarz1e=d?ciLtmmg<sd@IsDGNJfGj$myb@+Z53Z4Upb72`kI~~
zuIg(JZ9lEBL$&?5Ok$cL91=-A(4mMAVjK+9Z61x@MZ;BB6=6&;57vlt5_QlZmY4~)
z!H25-pY?$TpS9w21}CLXGk^28B5`I=5W!j8r1^4>i&^I;hrJ~hazi40d(%8u3iu@<
z>>5k2z=UlEJ}E$%(qQ@^q>Wl@5Y_d)d!4rJNQG(IqV;TJB1~C*H~$bPbFWHT30CD<
z!FupEknx9!7zLrO7|2{#%yel(R}5rM#bAM$PTRdtMQ)=?%m07?JbXnfn=+Q6Ro+*)
zgyjv4^T7R2xo?4pJ$zV+pOeHkN&FUJ?7&>vUu{F}mb*?02?}qO41cjA2UwAzuE>=V
zscw4@=IxSDOl4BSBM6NyOlr*w8)Ywu{h?n-8mlQy;g0Quil3K%<fuCTyQ|naQo!{|
zE&P@ga5)7WmYY^aTdg^vanlM;rt?A)m~RDM^PK@H;e7I=vmdgtH>abb6`0LL2Z`-W
zkQ-COK1mpmGkcM1)9JFcD-gX^C9pOWqDEJ0FR7zB@wn08d3bVH{y)U?*GZbZc$%e9
z!Dwbzehy7AZXbl*<+7X5y?t-p*M`Sy^u*kKC_3ViKm1~d=(7D}A(J|PD+xGEC<$`#
z17anpl6dsn9Mr)*W~1hpb#mfNTriufAdec_6t);TGprSfOPhSccy*-nsRI7nicUC-
zH<V~kp~~4d&%nkNLXQvgz<I{pItT`$og6~TL3E{1R<#_^mT#$4Aee6iNfLg(se_#b
zJ{2$vJ%bEoL_wk|1B@JG_|}c(tS%PzSmtw5H}T2Y&feiGhjlPOvYX3zye)&Zbh;rI
z*s+g#8%7hHJTlwauL#^m#*SVUatfP4kf313&gl#{cuVWp8L1Dy@{ZaTS-G*O&KK(R
zot!_PCg#2H{Q)V)o!LJyY@1?xm)X`<ALvB2UB)#Ic!81oDFk@IjNek2^wR1x<4Yei
zn#X~V()IY!JIcG}aY;z`GsCG{rM~Hg*||o560UzszGeTyyw<!evvEp}P0CODPCes0
z?TqhqzLmwj44LNve$zGodBRSSn6#R$BDbv2f;ayn_`sg3jtfMuu1(%l)p3(nvr5I?
zWIH?Z224t=$kcO2K1O6wOT_bKg_nB2udO&&!MAv45^;_~Z}E;NBJJ$jZt`ACMEaQ#
z%5b}?;}*>?+p*{Dq2tRMQTk<#nDk|hxb;gK0WnXh>X@SW|NF}tF;lC#S;d_b8d}X5
zEAku=(Y2aER^&OLG8s?Q)O}9K2zpm_lxqHWc!`L1_nhFl%{!g!=NNq5do2;?Xwfa+
zVMLtOnpeRBDxBuI`<(SSy)({T&ouA2bJuf&cf>jCK?I|oo4jc#^O80I%a#@~DZ7kQ
z*l+9c<v9Di;u-s&Z@t9M-Bb#X?TOp}1|G{#+WR{p@i!#La|)2pz*OX!R4r#}j+S!^
z88T)gmdK7NB&68QtLDh--zHN(<CU*M6*Nai#|e?0hHE)@k>~z=QR*VGVp<`>DiZ5=
z#dQxiLkrauB8p5ax?aBWtuIuEd`t&1<bsu%a*7Fh*A%;@Pz*;1g$cyzd!b=sEFeTT
z(VgHm4@g%qju+ED<rsR2s6P{xH988UwRySHc%fHPe17;(Kak6AL@T|*MQSMit$(v|
zIm*py9U$jXy>@iGLsC2!>nCm)lkUBcb9k8iv3VN2=EP2Fl;%<+7Md3&Mb!<@?TUiU
zrkZcEVdRq=qVDK1g3!}8O3L0%NrG#UQFnDF9q%q%YVosk_4mm?kO!6dKksjWt4Dud
zH~)kF_WJVvwhsF@`#XaJ0Rv%P`4w05tIfZg4O7i8B(G?*oJTDgJ7FNsK>0R;=>z5B
ziWpL4bNRu@GlVsqysv59zDF1AF{(SN==vJ@!J9%y!~33I4X3x)F@WPfb7-sU{$}HK
zyu+;5R;<0fp?&^ZE9-*`>KaaZ`Zb)~9+DImA^A*O-73k}>Z|f8Pa?dSfUwWKXOH2l
z%a2!9KE(*$3>R;me|`6qq~a9*jC_8km+&)dPQ&qNxZ#uNXASQ}4>vrzy@8!(O!K5i
zwsvw?zC|&6q?jVG+pxFwuqRXHJ-WS4WfJ9rYJjgPUvlmf=iI)>2_>1n$Lg^5%v!^K
zO#1RP5%i@_xvDac`Sxjs*=n@yK)=yTNeV&z2tvsGQHntu_U+6kppkt&;Mi2N*?SK=
z2iLPtoud*L*Ha%V{o;)k7m-RoLaJst(?NAdsAiL4Q@~v-$A>H!{|$>p!1$RCKn+_*
zB3MDytc$0Y!5}*}9x4Hn5SE&a;fh_yv8?DCu7tdYG<UK@UsXcaT-u}%NYRIo;qxcT
z@e+Tr;7yD2z8>HIcW5ip`{-laJp=WzM?C#qr00MiJ}jNZb>;gomt!89>u-;v1DFI}
zGzv<E8#?b#Z8+_Di@yejuny=RQ6*!htI^;M@vPE*1MdXB10Y9ZzO=6#BQ2xODBdu?
zxZ(8u{rI~hzu~xNUBiCQR-SM3e81sz^k~EWXh*}_(Kd?i#1gvZ$I>fXBN;1kHU?G~
zch0}s$@ZMRHPL@s1!DJT6@%bKENsko3T_s6R_-#28!L)PSprJ*NLp943&fBS+fEOf
z4cp12PILhyJ|ZnHTPP_SF*1C|P8pQs(CNClNe=g_5pimh>ZS#AQS-JBpYO(4Li7Jz
zMr3pM{E+eJuSDR|u{f4rM>M0O`316!kY$v}sP?y}x~sUg{4KG`Nz8Px&KjTgb)g6E
z3$6Rkqs-vW`};S1;%Ve>W5es7%}ll(fc9O$x&`x#0=`?U5q#iCZvvqTnm?NgfkB;F
z9~sB1VWO+EMo_v_ey1~d3nRE~{x@VgcDJ9g9LV2&`KrQqJiAq;?|2TXieLA9((ovi
zeLuQ&oqkPpeZ%*n@2Hn`p+~o$lp)^15F0YY+bWk+1w*`T{#c<c_GWe7hQ18^lD?c`
zP4FEH#blhfRc>(=Z>uO-7kcdeTlRcOp0!ZDVTOJEIY8i<Al;9S2f8xg)}*YDjy^Lf
z=;g^IX^Xi&n)7Nt?dPR;_Z(J(sfsYnjp4^xQ!;I%k%aw~ucLdq%IPm5_S*cb6qzpq
z@I`f?M>l*edVe7iOx1yEs@6M&-s3OhzNRv5PTetWULBV!@$;E>f4?%#(_E%)KdD-Q
z4O9j#-Hx}AqfTsP*${$ub(EB|sJ^+*S-fff_jL29?%S)aDWM-O`^KeZ+Wp_XzLipt
zhwh(!J-?nEyv@A+2ycYnpMAYm#r@GTE&4G5$9Nv)?|7L*+rFWc$ye#JHMxS>*Hc|9
zl~n%G2tIhkS$uN-Xt&wyv>!>vA86tISyqXP#@-}tWa8$KzH%R@e=CO5EvM8j{c0(y
z6B1hoTcBf**p9VGfU2_qWcyo;O`ePml$w)_^{tAMx@`3l`6iKllOp#>;QBKHj}Z94
z(cV%OF?}Stxn8P?kF>mYkB+PdPv+|?4)V(pHbs85`8X$q{8q?#w)B`U%=hd*s=fNy
zlbT<QL-nyoHUAHJQN&vjV;98u9Z|Zjr#WX1Ga(xo_!b7fMFze_27Uk|u@fLMSe{Lc
z#uj>T%tC?_3SA-3>(}b$W*xTYf;_kFhV5OYI2m0i|Bf?gF!?sl|N0xUI(6B%S@JN&
z=3d3m?5lG46?E9gGt86mmzq59Qrr849pWkY@R`B|O(?kcVV7-#s-}2j<=>sbd9c^E
z`PVqjlTJHXha;cU^g(1gv*`?r_YP^CLfPWB%I&V=ri%X(Y?&^&P|x3bD(Z<7+hn++
z_(`<@xBYE~@Dc#ARR%h1QyHHZYb#q+s$uf$vavTTFjmNst0K;~M!LnY9hJDmS1`9o
zSbx&stM*&uKL53RfCjm5jgxyVPVO&})pGKDK7-!>gm^{of2dxd_m(>R40``>VL_R$
z-3L_XYz8ql3u0^*=net89|A3gPNu9U!XMC9!}NK4s2ZV)T*)NE7<~`?|4i^7QmOgH
ztu0Uyu5d_D)oc-J;o>-@h)rWKf^1}n+VizV!mFLZhrpputyV;^RTdsK3;HL`814Qs
zHmd)wP4EdP7M@O?g0=5KKkg6l<7p&Bnh7>}pe|q>F>mt|eXFcgyT4W5w(}O<BoQ0r
z^G*3&4+OR!<!E-zKd9fpfJa)00Pq7i3#hkk{xplTB((<!;q2pILP&`tKb2DHFd`@R
zy4xz(3cqm(PJTmhl0ovk$sbcs@HtASqD&3}q~bYz%FJv9z{do@^@Kkvz>Pj4G%TOe
z0kh~CiENX;kaYV7&LK=FL;AcH^z||oWrSp;tWgr8=1_P$*$VC+K%%_;q64yyS(u-d
z!2FCjDNANrQLP)#8Ps~qwL1ExB>Pq0$Ftn#Mwj@WdMn{f+7-BMtQ(o)a;MoENEI|<
za{Jn^))q|yU9do9`zWRt8|j))n44~y=o-H3QUBe*>J?`nfobUSZy2ok_b>&V#k;lI
zRCFs&+?_as3oxlZ;j%a07)(!Bnl)Z}ixV7Cy}4~o926BB?{vFSyhHP?=inX(G1JqX
z+OOHLJfiu60MlK3q+*<`VF$Z{qY9nD^ulEM%N5Lp)o``UF?1)`z2*)o9XB&C#XDE6
ztG0PRa22;{zUL^JYOWNs0ZjSoyYboZ9l|npJegG!L@`b&x2gm4!CA4=ak=R(bBAY#
z5lAnfwT7*M7F;1|7drq=q_^a>y<@~0i0z6JcW9B11q{AWi3P1`Kuh!ifJ<Jut>O+~
zwmAW_4e|oaByPGpI2XVjb=luldf6L;*~1MpyMX6V2`Etk9G~Ic;6RtjxjVJXCOh#M
zrpzwLXCx~b#`1x|^!N~#q*r9chc9}&QT)DEyHA>KzH8Vc&S35+tc2a*g}K3PvfFgj
zZE`OkXWXG7#q@(N#yclw2Ze5Puk0ux4;*sg1Dl;>nxNHcl9Kr8@Qgx(TgrSBsY8a8
z%U<cTkr>x%HLjmkTqCJV3|rV4oN!rD3+pu)zb2Q(_^MP{xdjYqpK-aFNQ$zfj0)QO
z9ySLUT@cUCh9MhEoIi7!?<#t3*&5G9-=yldlS*5`S)*nnI6tP3%bmb-jQdl`lG8nw
zm4hQQC5P>8#xXI7wK_q1AO#TA{1sE?$i)n*!taZj31ZC*mu+;juYOssphi&(N3_o8
z0=+AWVpD_ZMS>%>VKu&}h})go6xiC^F1QjSSNyK#dr-<poX7^<TPhk|;CYdZ1PhXG
z{B#9}+MUI_G@odE!OWqWW8Ba_-uu*wZ-W=(nWl;{?%+_yuTJy}l%n}wA}yjRLqIiu
z<wL6Jt&hu2^G*;@6t~ZZA2TnmmR>V26z*SZwI_F?3k7?C3k|`2@9@ZQDa>|MIv0;f
z<_Cr?lIZN>^9Acq02rWDnF&ZD5k8a<<Fd0XWzLIr{bd4sQ%xtJ2BL#V-IyD_xCg&+
z*^c90(L6*YS1E}8NR@vITXi7%rZqnPA21k#?jw@XJvV{w_b2fSh4~*ym;MdRpGaMC
z%(u|oe0L2s38^@98tAV}gjU<eufiY!Gc>J_1%1e$>~}H&>NQ^>aB>wNt+<+mjQ08-
z@C=UmiUASzT}Ryv+n7Nm<HqE8?}eN>i?_*me<1l}zV7H6@7JVFiSZ8cp~ib$cB=Qf
z_;Bw~!|jm%B!*i~y-2!=)(JaIj6sle@33f*k;YD~jCWT|H$ED+Lx%ZIVl)<)i;aIT
z%c&PWN*E}#fU}Zp#=(N<0VcRnyq3)=_Hpv+$D*-AF=XxzfBKr*LJ8(IT4CbLa91L1
zy$ahX>6#K@cNBN!{hJlmRqXlQQO{XX%;w@Kl}4%5tqSAF@$T?LiNZ#7S5TG+JFUWY
zhi{FSev163$p80v_;rbd4g#dPqY?o(suZeQgA-wQb%&)V!v1(|R~L@FD&4n$r<4n?
z0Zl5K6EC|}#S<`Gm9sm%rbh;@;X>Of8LpIg_BP=HC&E8T<g!y!lv77}&8kY(`O_-0
zdpLW_2Zc!9zJ+5`SfDXk^U*CAfK1pg-35=`DpR^Haz3ooX>Mjkit9W~tnl;ftK**Z
z_Kep-bx~G^bv5Ntoqsk%ZN|N5*g~<rB4)f1ScpnHqv-<y-UgSsIo29E3Ldh5o}>AG
zMt)8`tJArfe=fyYE=sU<$4<Y3Z@E0yY>71Ss;!v9S!W~1RlG@C?CX)U_>7#BAZ+oR
zKjT&9L<B?^qb<IJ+PmxQeMZi~u#b4o3SQwM92+jc69Y~gXo%Zvb(<%{&z*qo$&pQM
z#ln1N@fX_S76DT6I_pJEG8TQIo~wN|M+t7}xfXQWu%==%${Np(FO$Y2RHUpxUBw$T
z-v%`v_Yz+m(R_0mf3CtoA>u0Dr!AVzr~N1*aqji}4DE$5iwG(!yj=*i+t+RhZ`mUp
zeGKW`_WdrCqYaUCZWV<YiQvQVgGHhoLG;cZC|BVwI;kSiUHhq7q_M4<|9!%yz|{x2
zF<-f1TzY@Ex!$usXv9W@%w~*C^;MG8yE1YBaI*>oRx;Qw^Q7C{6K)~56LqQiPNb1|
zp`<x(`yONpC#}(Z5-8$=_^uU&NAXduHVcv|{VJAzvHs}MFHwrUgMsdPQOs^aBJA%*
z&9=6*Xjj=%ckz3gKaa7S4DTH74p!JEj~jY{+x$$N=G+`}j9AYK(AyY&hGC98Nvq}g
zEMqCpUw{rSbDx3hF$)XImTD`CCI!b-vJBL1dT`7<c}Y#Yq$OU`6E7KwmtKh%yxoK{
zOUa3p-tJu{TQV0S&?evu#qWOu6)5qw)qBJdSXdJHmP4dGkb=8-zfxM<=DjCskL#nr
zBAfP?we&7~gl=yn>jO>%CGM|_C%xV!GXG)AJ{7SInK3i`)yCs7YnF-`4)QyJa*Vt;
zpcnSrO(3wQoBz|ug=YbxyS@J}z~jFf&JB+?5aC?#IFIn2i1GgxJO-{iH#`n9LCygW
z2nXV)#r%`6EVv0_o&$^86LOO3%qjg<d>;JEDZSHjzt)Y9dT<7lcBgJ`ahsodUXdBU
z#Rv}V?=0R?{u`&c8@tCI_^Su5)W=`pZB`~zzDBG=x0grtz*i=XA9bGh6-Dk)m51}z
ziki2<niG*Lp*BX_`;klKc?Km~h}(mI-R!RU+@pc7#VhvIc6Y=3e)QMQ;7|>PqiW4U
z(FU}Nve;eRpe_0(q}mZUuXKENrstmE^w@}cvo%g$w?}G;jE8kmUCsXhp*_lwOJMP0
z>NY#dmX-!CC>=k<iv!d8bQY(Wk?kyx#w+mt%`lHf!lahxex8w$@)6AISA;0hhnI_Z
zL3nfFj^L`liuBS$zcAQozR6MtHfS?~H{~0`n#H34XP~r2rOX*Zq34^l+9@zdZ3Pi^
znr|5IEMqj^2wv9JKe!-0O@6b-8@6L&>6jzphP{IpAE8~c@6ILdcuE|pm<JYJuHuuL
z?|{@}b|_XzZQJ=|N5zw#x-Rs9CwrX3zNz8pE;dKEw{Q7$%R%wevz#PuJAJ{ocND(!
zEL;KsXKkXvvfY?y<3sQ))y7A8Sy%t4YU86xZ8Yp15cEBX1{%dQeVgVJ(=kpAi^-EP
zvWm%udCY2JIl@{8+bEv&-s?hMPxeF_c$@~FPBhRnh~;Hh;}%$rlZB2_k0NFd?iRCU
z!^6_Y25*av=rFf?-jiM8jVKEGIEy!yZ&2dpD9V6eoIkF=cLz#8o94g33YlRWceBmA
zjxhYK^@@k3j=MS4yNs|j?@Q{MJGH)!m#_I32uF_B!HRu@wy2B{RZnSmJ*`$fS0~rA
z+Nx)Gay>7qdVUq@L!i3O%Vl5d4$k}Hrr?A$rtTNkEYw6_9|EtC2!01<vKyFdV*_$%
zal`&yo7s!rhm%jwds0^A4Dmklq&Pk3K@UDF)mFcSk~hm$yrujVJuqnU_}r^Bzvy{&
zq&jHJKHc2v-4Xqf1<z8f-eRRA_LiD&d3^EAqsSc97KwjU)!zdQGE4LGOUK=s;@x2N
zc(WBY!$zRZ`>NGtappq88L0%OdViz({PW1~3GJd6NsZ9_n!wm<aJ<gb^x9>9;x>0C
z_<vx)cxr{d)u$Uiv3~Cm`bM{AUX$YeYh)^gcLCJIcjaL){W+kLMAt-wu6+gHI&6aj
z&!Ym*y}<M2_RUCE?;}|qi*n&=6}bS?*MQM6-Q4C`Cr#ThEjR&ioGM?TK(R}b01AEF
zAn#TS63tf744XdgHk)^i1qs>tC*6!x0#m&&DM<V#A`1XU{Az|yHE-dt$g2b~fL$g+
zA`z<grv9_`?u+JjwYO_fJ!_L;S^jt6=rVUIcGg{f;HvT76fd4>EO6rIv;5;OaCY$v
zm${xP7ye+i+CEmxoyc7@Na3f|zVE=^z7(G9!Nlch)g;cYWZ^)fyj~AnJ8Arwt31yp
zp@H|k=u7Tk`h`sUnq3R8Nz6H!*V>|E)S?G+#^(<4+#H{p-uEN#5!y9THwvFkA_m%`
z*9mcoM830ZY2Ye-{8zo3rN6kPOoviSf2Bb0>n?Lsq>mu^*|l3U-qT(C%<kInNUr_n
zq}r`a6Rp}63YVZ@8=#LL=-p`XBjL~Wg1@Q(ud!f=#Fw~_e?>7KwVr*BcNZoV%U-h7
z2iIL*tNh1E_!}JaPYJL1hs0R^-!Ygqx8RwB0}+9YpS?pdh}@&fYU)^^Ua?QuTi+@8
z5HU0-YU#eCHVwh4!HUzYqz!W?=1kv=?F|pg;;yx~75!8EPOfOdS;sb3Iwk@_#*}!e
zsQ9JS7e8c@1~W$N=Ak(ejWTw(4iR*ZQ8LG+U=8m=zvX%({afGEV|&6YGO3{6YA+Wy
z=rcJ|i<*7|N?0zlFd=^#A8xf;UToFj*e`YTb$_7hXm*)>7g=?DK|O8M^9~ARr@2FT
zgjLJl@N}uAt{c~-zUg7k3u2<2z(?$3IY-u84BJ@T!>xnYe7lgE#iXogvn3yeFCCnv
zvN)K;a$ikgIG1r?O3PtQ2n(LPFXvdvEi_me;>7ZveA8<CMTW`xc^<ZDc{8O@3kGY$
z2h+uCzh(HXY-`JYnHaz6%04)o92ZLtu>}sVQpqj)Jl*L#nW`-kl`I<)tj4~U<rv#q
zYHq<P#tsJ?dVpiCD>#dF`J0u!!xxe6>uU+)TsEueH)*d+Y>w2jI+)wXjrE5;gkZEs
zG5OK*n+*qVWgonJBv0Ykxub<+4^4?Pot>q)7QbDLRounRmAhGcRt#2*y+|>37?fh`
zSZR1C1qQ|HS23kxnxoakIGqz&hw?rBnx>>nVBB;e?WS~XQnPuJIByZoE;1x?)iyRR
zqOzk6p7O3JkQ;pt<_U@diIsHT&`SkMZAw@xRPP8l8^Sfek584yd}^wUB<hXf^gbL|
zB{5y}Xodw(p9N2CMP*jW*dw}m3~;t;la7E`yMZ2t5A%>`HdKyr6~C$ZMhTOV4fB(f
zNc043xij|3oir#h%=NKW!`#F%3br$_U%s7fH}crXqd=c7nS*2ch>e2+{SjDX?qJys
zWtTYFK7#OcPN!-2v1^>XeI6ekoGrC31y=Xx4wm1cFx4bA0mcnmO4)|{rWhy4K)vHc
z;hwM34^ipQR4cIW=bdow0Xwg2z;0igG+LHv*!r`FD*W4(-Qy&;lH|RN&7~q{b4Lo8
zK2QTTU%jgV+xpx1fW2L<2Fyd0HDEheSaZV<tb5$wQT?&7T2wKjOdpMUMFdZLUepn4
zn2#4!@nk!p50m6~k*^RISiGl@Y4b!_et(p0mt^S$q97nDU41$VvXQ`Zjo{+^`1b<d
zt2pl=>ioMU`~vHJ9`ALR%DZ2k9OW~oul2c98bGf2=Mp|ehDF23wd)^FL`P`8Y@P3B
z>#9UF6ovZVV|vvWgSFZ<6c0wNGww|H8MYl_=KE<~nYIvjsHi7}Sm4aO_G5Y=|MaHX
z&v^x-<TZsRtJmeW=${kvKvV5tg3l)fKGo#rke4n7ENDS+J4fxh*-+}|5?K-c<+O-C
zevPEBXp&{1Yyx61l2&oCiw!hC>?TF_3fVL=w(K*qKy!%?WhxNj2sm^o%`kHde4*14
z!nSh8`vn8ok6-A(VWOkp8(JBCnAOkbi=D6eD)Xf@*94=Wx4y)$2`qzC#5rvaI&^81
z|6WK0uxJp`z2@X#`WX5oldJ6`8;}YesL^uy!zIC(0(z2zZK!YGL>3;|W}EL|nzJb+
zBnJAnWv{bslWx|R+UqMusg68CSzv|gi5YTk+2_uJz>F#I)n!tDrj@pQE1NgwCSwa)
z{`3L|XrT^I7_7oLD#)f^;$@bc^zp^gH2+Y#<Q}oXmFD?^BMs`v7k)6fo*Q&{7<YNG
zW`;+r?MpKH_4q`=u?YU)ah@-oks1OM3S{l%FzbAKCMNno6RkdMmOhM4mJd~bmJdqm
z4;|j;%Hqh#gaTiErZgKX8uFEI)kmCk*fwDPw*}q!1glG|E_3wdnnH+3C4NcHY)bY&
zYs%$IRs9qGqx!S;<pZtyPasmN0_z3}Zj=h9>88SVeR*nRdm{RmMC*ZPWfqvNp>R6m
z=G!yc+~nJ<`Hp6W_F?_)weqe!LYk~&#yuT1Ig>Jt(5Lx2`UHEszA3ER+I8|e%%;%6
z3<<Ke`VQo0H9E2yvo@@{h%wby%Md%X(mj#cR4vPjySohuURIt*&M{4Xt{VSuPZKlb
z+iT+payu>E6z04!J^q4sh4mdmc~<3vHsB0=xi$xs(F!x388HBRdtViSTK~zoqM1C0
zzv=vy@P{LZ$@%={X#LYjynw_UqrPE|{7jdh68Vus)i>nJPYyr5j8(nk|D0xN4%u$D
zvM~y)GUNYfz;jSFnc0(xH9*^WOz)B$eiHO$>M)@%kQNlI{`Z-wW~h2^3Wt)k6?JM6
zKAI9D!#FV}v)2q&?d@%B8C8JqYngiqBBw9Uh#W-qB<fm8ClkZhk)b?KXp@gcOXBn`
zjwQyHJw_IrQTWb`(<6P!>On&R7Gs{N=0d1lh!U1Sv3gOmU=XAEZ(`~q9bdp0v}abl
z1@3wO9GRS(v_3`CC#0{0=4vb43aOSnt_qH>kT^C**gfKaSWZgNQI)E%CbL2r&0k3K
ztpqg}@ftZyl*`;@*rS?X-rWcbklcKyy^{@O4zGRY5Pu);;sb7N^5<&j{rf{D*>R`s
zw6@4A@5S$EwU6>*q;bYiPQ9APVtGgEhOh^FLyWy+wjCAho!Sl2Qv2r)_L`aAy~Jc9
z-<o4L!wQ7L2vA+ncMf5#5j58(cZw;Lb;#~jv_2{FX8<!r?9fxB1ZFPBYQ192S@b81
zGNGpmJVH<Ry0ehbDcho_Y)<SzA19<Z;xe-f?5#4=!V6sKasiWJLpX9a)eF6bc<F7M
zOGmV-)@mzV9>ZY^>E`1r1@k!uC<F_$OlfP)OftMClfwvD?i-3u#PTN9iwA-Pf9t|0
z-<n(s7_P6*q9>~^<j0{+-lJEqk#dJqhI~dm*#F2pUm)j2?q+XZ=O{xNo86b_+M1BI
zqM1iS76R#U**<8`j5E!^vr>v4sFgZwt=K5srI6Owu4z6I5;51n?gU<H(`rBE+X&<q
zn47Bi#sED<K7LaPEkdGP@(C@`RvxYHl*8WIqRaRVMY2R>-%2*MF(E7XF8u&{#F{O1
zsk&o?<n*nBN8>+<jo(<_4xEcZCZ$ard9dRDM7$nQz{J7;<B3I_DowerMKagE&MSuj
z7-X%6ix#m3*ew`}TZf<&6?;<XQe2F<Qv?-U(a20!;FjtBDbqc&k7ZGpd@UV~4%JrP
znj(CMt)+%k<GkDgB_`D62p)jN2}qP`Yy1iloR(NH&|!w?x?a6UTrOf8W<>6z_*Z59
z*4=--tra7K^*Rnj^y>DB0<_w%_m}OuHU23jmvEXUB!%t3r-xYL`Y)phV+(uwxdrxS
zsoud)w(e`ssmQO6DKPko5f4h2_!WEZ5=mO3rTA#{o+lWQFX=tk7-FN6B9ljiJ2g${
zI-9t4MsUFq!xu}{YEvjH;P8uFkt<oxqahK!dVk7gjOL5*Tij@s8|px@T5mgoH*~gb
za$z^&+mzzEGt||oB6#d%FhzB$rscu&NNFoR;xHR4-o(;QGndmdYDoP;(De(bmgf%U
zWGQfWLL7r$n=1>?Tmt$~f=2q<xnS#mXtFRx;7nI6xPgoUwUIQIhz`L;HOA%hV3}Et
z;!wq$==WUa?#Kc7BHG9DS^8^msuc9?!EbajCUjt@jEVcsx~?AF4`1vW7K(o`o5VIp
z@upI9XGK#PA>GKdptso^*$;SJP)2jN=6{rm;Of}=fk0ah7+J?6t0WrX&mlY*^AN+1
zADQ-aZILbtb|g25K)zw$#H?e*Ttpzan!~)#hK5YwiO!6PaWW0`D(4hRdta^gucX3r
z(Xfh(0`NUw1L8poyv3Q-DDt6>GS(qn1P>u2<5PF&lo}49P}70}ZROhQtZ6$OBsJd!
zd!skVY)zW47W#JMZ`&5Ep*Hxoq*R}>kXINZ6yf=Ar9fO_p_*L_-qTj@Vxf@Z+yc3$
z5%w0<hPJgL>}xgU)Rokp2~%of3og)BHmRm47-);0ghH4nr9EF&4X}d6p1Ezis(*V*
zb<C<iiz9c`zj|T3{+QGcS?*D{t9UbhCg5Qr0gPTU6t&4DTU(RWpa_+Tt$|N?p-ND)
z<dGb)(o9Vrr59i+GD`6Q@`-6pBtRfV!n5+OLu6nw?>i<G88+!E-p*|~6sh^Xp$c|U
zb9yn3Kn*!Ls4vfstRStTyAU15v!7P$1vp)_H&yd3q5K53QFQkOgb|^;UZ9;scmKj?
zobJkvJ&|AVoh0gI##cl?gz^206%q7JRzynpKmt<KX8C}~c|E!{T*~pGs-QH;ktl<c
z`-XUtnPS~lwi?<7t8(n&itZeFMnXqLXa}nu7$stF$uctu-((>C4<qKd%q@l;9ost8
zC-`l0V7w%@M3b@fM3lh#0_zC$XW`3`d@c5A?osoRRVc94?e9AfB67Tc7Fw4d=|hqF
z@-*GIM&#BM%|DK22(cF^naxOZF8li~ywX$=>#{YN8$yTEiVtg(j|V3lCn&|P#681)
z+{LzE?HanS1i?c_Q=`ZM!YvLMZQG0yXjJf`o@T9>yV&{iL6K(si3qNUd?_q~i3#51
zR-aU8=>LPb8(BW0`lRT<wA!EWiBOw8Py}a3!7PzsH9oA>X^a*RXEmCRT1VHOUPoCd
z0s8jypAS}~>vTCsuX?LrWTw>Vf?+J@{%%>&bL?l)L;_{m1n{8)Q-eeCO0;GEU}2++
zjv_@Fh%0Saq_OuWHmGbItP*0Wucp&#EF&V6khe=HgG0-@9)Wia2#aji(e^=flISnH
z<y~i1oyb@TTF!#9&KU|r2$8!ibPFBG%xW~7byF1vjmnAD2eSu>5aRza#UlCUTas_R
zNWQ;`IBCWi^eQ3$G6~`Wo|L*F`chn)ulY8466^Bg%n}?YJ}GiH&u546Y};&&%kVOG
zU21Yal|jiBhUL%X9Z*1V0Yw6>BgYO)iouaXJjHgWlW6wo6iT8#`OOuKU(G236R1%3
zYD#A0Fag}igtet@hqmYklxD<bnx}YYf5mfwj2FtB34^s2N0rz-WK~>H<nlp>wGQs1
zFg|iQ{ZL~GE9j?)`}`ZAC(w^}SY#5hO`k#&mt--h+RA1S4?am7Q>2ZHN(hBn>ct_=
zHx#)ba;2a`@S=T}4@ileM}W4{tArw9W{Rx|p|E74$m^ulmtPS1wa8Mhrlcpj|64Lg
z(+L?8im<MKE3%f`DJ-hWBvmwT(aq#hJS-O;X7MlKWbiPHe|51g#VQIDtU_CKh>VI$
zn5Urk@EME6cpMR7k&1CFJ&RwwE47`;FFr`luhpz$bdsQ^>do)2w>(j=aGB!G<=00l
zVM1S0-#zE5Pw^+=N!JPYvSV3rCR_4euUL|ucomt%l3ERWt8txlQCpO!M2EO2(NFV<
zP!&lb5UOdOGIxv=LUWx(VD>Ub*9mb^7^2m#f|WpFUh1DjVgAHNoWi`x4X(JJA8N2;
zvSOjom7%lLFcr#80=o_SVdVy6aT`rM*T9*bVDW`UQ=KA@N0Ca}S{);fC`cc*?J(CS
zL3s5P#n)mB^17kipI%rpz$gXUvqn-Qff~sd5J8YUx;TIJLFqMM^~EmIYDFbMH$Tit
z>gEAHtZvf73DUz{)x-1!P|gXo+kLK{_WjbHen~IWC`<~30#7h-AhpO#TXb`W3mxnW
z;Fw}%=JJB)c^7*^A;&H>!7uV1{tiL|-n>*?zzVZwl}aVc7$fazRgB9_LJ8l`kvt=(
znfKbt#B^dRF_DLS1q}$|Xk0QxX9w$x6p=E)Qp1O#@D?+b@@0m~VTFje?9!KC5^3Nm
z^1q{7{trHe_|J-_1M%Ou^JGFQ`yXMqNdF6EY>@u5f{!8mo1GOKmFzEWob|tp(69Mx
zrKu|(Rix#h$o)oEhsYpj%Kf*J$K1}?N@HXKTPUL~k@YEi;7thbmNeT*%Fw4-Vs(<w
zYvi!hwmdJ=i=2pFIZ7gsfaB0V2AbQ$FZ!ZzKuUSZtHS4kH+SNmSo`%haq@U)d!kEq
zuoUX`D?yXhKpz~I>BTMPriu-0`DtcYYKiyhZ;G&%+C<h;6m6f=(%9-jr_w%CD@&Qb
zki}shtKJvyQ|@gzBUmCHDA>|ZEU5=kR_IU`+{m|(n26ZGLf5rL;=)8%oVhe;bhd40
z4YS_2ohHW;P3~(o8Bob6#AE?uuz(4bn$5BZi)l-?&|kQ{c|1wTTzyk~G7eJHFFu==
zU&4}hawIJrU(&|)S=<t9Rhy{uL4m0np5$2x_6Q4YIC#ctR$qRxnxroi!6d!DZ_*^y
z`LHIb?;w=OF@cR?W)pHwM%lwk&XL)gy^3WT3|Y1slzjPZieeR}`L7T-uJ~$XDn4?7
zHxPS^GzxVEYd15*oxaV$t0U3&_mw=b=4oq)H(OYH)WTW@CMXrLzA_t<NS9&`XG6*v
zdG|nK@t?e&I*W=qWfafkM@SS3Ue8d5Fqx!flpwIayl><oqFlv0JU3zjWv%!k!<qU2
z5L%DKqG-J2Q?nfQB7`VgmSso|fbgR8{tLE#4TXTS`tr<Z8c(dN`bhS_r@nH&m<(<b
zqt^WBG?nDMXg~Gr$9V$Dk|QY)nbBNDwkzPT4C`5Ms{j$O^s3V~d^+*?LVG4OI>cq+
zn*Yxv6xV=NlEMCNaEx8#Z#niDilphqM^S2Rz<&2_qEqZgvGh^r^{6lUL)D{KF8R_v
z71c$5%f?+rA2#AjK*Dg*53DV^yg7*=&QOIfRH3g7mTSU4iOhpJ71hzSNSS(jrB|uB
zKa#56sg({&`?ye?-L651tnaL$<P^=(Ar@mS@wRED9Vn9cw)h+)VW8o;gwr!ielMGN
zD9UB~PF6_SPV-6Gwc|CHVA;<@KP_8)C4Q!&9Bq>VYjZ_n2&mmL$l4xucl6L9jO>m(
zefz)A&Chh-hiqFNF+$;9#;YrzyYnBvd+kA+(YDvvbjWp2ecjiDmmJ16%~{=UeYgtd
zfi-u_!LtRTVJ)oaFBZ+8e#GBqIWj<>4A{^Ty5?f5Pxb>#@A*hF%WfW~)%xoXRQ0Z6
z36huHXMm{FFUsYK083w3i*ZK0t3Y)eyIWtt@~GqwN%yI-NBn$|l&srin}2mth<DpY
zq;G#wy{hoOFuTY6eVf0|j~%w1x{V{Ooo|!cU$jngvK3X-z>CAS!*-IKtBV?~oCnFd
zhn)O%?zh$JHqLQ(zJ-l`rnlBv9g=E|>b26IQrkX^t+c-!H$sQ6yywJG*6#Kr=7uvu
zj?z;O$$rk!>v^Ai!q4Z&`Qpgzyc2wV=Wv-;{*K1iaS7(|@4QcF^XDAUo_B&5iSO8N
zZabq;ma->$2I=+_RK$tg?uw57UsuHa!DrN@+m9L5r=-)G&nwC{b$q$vSbmvy?^fBS
zKTxJsd@f%c7PLlP6#9kYLsU?K^mVjr{byQEGw*V!c^&V{*+KQ*FBS?`vlQpJ0yM*E
zYp2^gZ!Oav+r`U!^1``>c{>5Zysd{_!OAb3pzevrbnj%$H^d4CPt7al*f=AI*6!|9
zw*Av>M;x{frDgk_Vhu#$;2)5lv!6lbuk$@yy^T^kx8Sojz5F3CQ=xH^{s2S!F{5pb
zoPPN3Xq#?(Z?d-1F*=pzGaz#q%Ww178MPgA*!J@B4#^#()A^k}Iz!b?de3MMX56=%
z^qd6#Hh-P(cURk(=`KF%{V@qX)N<d_267<zzIV0Uwc5aXGxUbc5<~mT1|t-?@}3rj
zRn4f3dWNi5P)3B-wZD9>+XS69-Ab<?+w`jB#~g$VN4pVIw}XfCHXW8ETSW3cBUbRO
z1y!o{7@HW4XT}~Owpm642L+!I`K}R)UU|<h)wbO>yb#Q5W{4iceq|@Io7fY-@}A8q
zmUGtg>cE=E>M^BqQK^%;Qff^Why9psr|sAqlF(sq<UoYzYkHKf+jmY54*fb0`lttU
zpQ^6k5=&*$?s3?fOHtC;(4WpMSRm()CQib1<Vr#u%vxUux3VcMJ%kG~d$;Ebq8(Q<
zobmWn&rlVTYK27m^-M1cZS5~12;`Ob)JY3<dmSQjk05(}XkU&at6n#s6*C0gJYM3*
zs1c&>#o+B((Pp4mX(&zkM6YV-6m?D&Q^IX~*JXcOoEO*e<ydkz+Ok5!#MY*IT{9uw
z7QbtSi4KUYko}op-tM$GQxcz(KlTY<lK8%n9}%y(Y5&MVE9r-cq{6K3Q%Nb{Pni@T
z>X-2CD(ICF=Gw?n$-!CBVBU(}ar^H-@uKX%w}r2=5?&lxPqJ5rMb=v7`x51c`zH#o
zlEP&xA>6qr&N6Q$C@NN6kMObvxjE$x`3b+DNFd=>p7rsdj0dF=oM+2e!pj>Xc}wH)
z1o>j3qFU8DHhUVwpV!1|s*uD|In53~7EjsNt5TA?5&NX@lqD)L+eE><05Ood@Qg&E
zn|n!s>>!0FCc?I<u*2ae616m_0FEMi3JSx66Ui=BwGg_zph|kTFwr}KCqpF-y)jY5
zuL$dE=sSs&LsNl|=)A)9Dk#a`zWU=;go{1=;6QwboDG&g!RDQ2rx^acNHnN=&km8d
z-NAxkrGeFp)rR?Pb>e-U+fE#~uj7XsO+<Nz3TX~`QeG1SA6zEO_F>xZ*i5aC3AnM;
zU`ed*xUC@-r&os=8IlwqDGB>QjKA>R8RImcoG6PqR_Cje${W209L%`_Xl|h>XGifd
z8mV!NVPZ=nr^iKMIDx+sSv_Ssn7Izw$PmFsPKZsHVA-sgNz5z)W=Fp&`ah8jicZKC
z5okM$T9Bl;97|3Nqax;53Nn~{OeiSY1u-v*aVBhXaMXopZtoTdEu$Ngf}_3_eB^Rj
zx!tP=C)^htHIe9f!3hsrZyqBssv!8tqbb(s0=@hF5z;S^U~Bdo^dmD7`*MMw!b$Lu
zl|VQiUk_SekMq^_A@Y#q&FRkjw2FVsO8lJqh?gVlb!xT6X#NYlS3`enDW0*Vw%uvZ
zs}4DApE=S-6_naA>Db|rv%ICYO%7WN`^IT(7Tb>5T5Zi@c~JW!=3Hrwy024k#TC4~
z<(n*g{8I=odjrXJb9Ah^!C^MHVMh7dK3kcrShY2EO1UR8u;$w@Np*9zL$*iQKf+*I
z^T{zXnVZ!e3T=GV@{P;m8xXNB6@-z^Ezed&tGWsO5gv$Uto?J$(1~}o6)nEK!}Zrh
ztK-~qs5JO>o5P&#pHs?7J$Bxh3KbVl3Cw&ZMc;BLB1>7NpzYfK75j-aP(ZJeov(hx
zi+o$P?+b25OZVPTYOd!ab4qY%mR|K?`lR5{x9NCF)rXmm%w47Cn|f=M@Kil>mtJ=$
ztu%8dGQ?)q4(a|Dt)`Wfk@xwbtW2w{y83i%P04b#UPrdNL#Y&hwd7Nwx0a^t(pwJ^
zc58Q8nNpS@N92cAS=n06dfsSTnI5XgqHBv@{h@{#lpgvp9oalxuihu0rCF-j>JP8J
zTH>gydY`;b3FiL9$~65}A~qc&T;2%(hRPm_WGCjQzr`~wdA%ro_I+q0=?r~Sq_f3)
zcmgide<=;C?hv(sR%=JLW9xZuR@O#c8JemcRELQVw-Ooq2@aR7&bUs7ru<0c6uXfB
z3q85Dt0(ei^(2xbkedo(L~i59k<ck1-(|Z%sTR)wykVisVDPi?U_wixLulX_S8!UV
zILhjZx|AqKu;h635{Q@s_uC+EnVA`UpcClH4nYg4JDW9s8VPl*<rMbo=%Acp_OS9u
zb*F{?f)Z5!xI%x`gg?uKX^E~(*c%2Gi;)26eiaIH&%_vos}QAPxdS^Gj=~4?zW2r8
zI0xMIu<)X?RVhQG7mH?ga8pSRm81}ojYsO9A$^!ZzGfTJfv|!k>3|}CB}Gcs@Df!d
zL03wUOv$h}5i~}EWV1oo<F^u_(<D@SD51_oXnu0&)rrvhQ}IH@nDU}WRO`E@<I?F)
z+0tCE4tUJrRFviub($DoFP0ZML_BFpx+eRjhPbZykU;LSus%LeDO`hWOR_mOTc4`(
z?~)Y0P^yztK)!uRWz52`czyYKUAs%=r8rufUxKd!G9Ib8R$|9X5w)+Aivx=;8=F-j
z-eqU1_APm_Z*vtlTBpbG6y~&@j9$(0>sgVJ0L^9RkW-^%?Mfm$TGB`{WUl>$7jlq~
zBe#|f@T}O#JD-Qu2Qy}#9-I>W3S)4myj;UexxC2n{AykV&U+uUM3#&tDnN-gZ^y&(
z9w&@q!>i)~*FF2LvI~}QxkESar&a<HDcaQ_uw7TH3SvK4tgyq?4_W2sN%>I@&tEsg
zDq|_%Z(Ks_!@Cnno>8SWh28OhzR#<o5(3kY;x**es9<HWe6dQZTgMl~&9+;dJbb2P
z5stF6JZP4U1#MDe<s3F<Y~F9+RxYNzwB$i&<m{erAB(uHPTO1BqG3=ICug^7#e<7n
zI+=run0~D4JpE#^y!(D87G9j}(Xng=x~aJXQl{QHW)+?Y*|v=x;EZAAT~v}*`E92!
z1|uku@xwKDD4dGv=@&`*gJ5}@a;83>Hi!+}q7wCj8>1W53x{mJ#)}>pGZ0GB&pH?s
zN;hK7-nHtQWvc>(1&Cdt!>Q9SBx1Fh#s!{5AZl7sUDEoI4L7h6&p1D(MSOtheEf_L
z`u0f5X?@8fw$myR`}h*|KZ$hl@23+<J0)qSO6qH}$}|&clLJ(_F-goyfy#YNX{zAI
zx)XN?ka$9hzJzA6TsC4Gw3-{Cw0Jhfg+m<HKN`>lYXLN_dhU{va5b}N88`$g&cQYr
z--#kI_nohBPEx6pXyTA&hSh`gf%=m4e(Ib%vEryqdH8v^{QDH~Xm=6oE4zxwiC5$+
z=ut%QAq$F^Ni>&fsP0{9C2<V2QH^+g1w_<imo!ih<r?Se9>pkE_3E^Y80bITCY{(F
zzR{{an71e%FfI{b#sln$fTi((!HIxp;{m-B0Y8riobbk{;&0;t`x5~##{;$|0^W=V
ztc?d`93mikFG%0NotHa#xm#YCO?iWOi39%WME*Ow!>STR^p*^EGTfmecZbUoslOKw
zxHXaVUKPN+=PKg*@b!sw-&etEh`$mKyDs$Tkd*N1IKjv`bwb*rh}hi=;=Mhn!rBC^
zpC>9f|G1<RyEoauW<Z2mUcU?CMqsih{+A@P^2EQu6ECkxm4|zS1L5>U9e*Q?rHj<D
zRMpWv*F|25)2Hcj>i~<3DHz;x;Ro(CabePtTAqQugE!wgm}H?sU}1XFXKdt~KM{I9
z3!!-)e{*`XG}L3c1x{s?;>qHZdqE`)%R8T(@lwUaM*fj7?qzebgvoTWhQYx{Tll^S
zvcmo#T**_|=dhff*G1qT+oGo|f7*=zPJv@`)AfSP6py_}>29epP;#!`unXSR3=sRD
zw>-mYdGuFjHFfQHtEq4Dl%`f_($u9Kt~+JjS&?M~#>ev3{g~@r9xl8+Hu6`zo#B5D
zRfZg!GuQwv)qaenz^~O}wGC~Ywj#`#v0*=_8^y;frx{J@1)u^@JopB(nQ(_#-dIXx
zC#+@;xm<yQg6P$fOi(6%VMC@a*SX`mBc@kff2HM;$vZW=fcD1n`aB~8unuQ0ntzy-
zU>+1bwiLYPX<6bI6o}^;3`S%Jg#6wNab7fja@8Z3#;)}C#j}9h{;9M0gYs*lQ)!p-
zjP5c!!}h-)2NTH6;uaHP)^U>?(??zDjB(8#A6BM{L1Ym>9Olk&`|?BviMD;LS|Y~{
zxyO>0IBoA6fuUA$%n9j!iWmp8ZZbs7OIblDW!=mXl1vWTb44dMsAPAUk?`Y}X37fP
zlLcCFpXhUp2GfZ9d_!&T4%v0y?1G_)qMYO>Q}_t`IlfbzgkMadXM!?b?mp(xlI0oD
zOmd`n?h*l1jAWALOc8U&Gs-2-{sMFOyPG+2P><n5&-W;Z%9J=5%X|4*0WrhyYhI)<
zVz}O9LP0F=hlDU>k=tRjiKoQK(jP;*T#dUCWpi&9-Nye<Ft2s_`6O&{n(fgctj~5$
zK9PPtCOksgmpT#2{5K=Hx=loZ7NQ52`gbiD?8Z7&`FA<Po~P7&S7*IRy2orVxQTkz
zsShf3*x-Gsdgx#;-~Ne?tkVP@DW5<Q>7=^@Bd@)^_0Zk{q5ZvBJ5AKHqNQ1H>eU$G
z^iT0#p|1NTE&2EMD$P2{3M)E<?=-%%9a(SdW;9725WfueqfT3k9-Q0eJDs5|8VAGG
zeW&s@|7dxuK2^o&l;7kq-)GaycY653p*5TZlJkPT(*wQNN`isR0KaT1MGJkW^F6t~
z)1$q^q(P%4BEtGDswDuGiqB>OWOHo;!14}^3<qu&IOU2Mz$dF_z<kf&&QFOBCf^AF
zJP-gY0ap^J7dc|NqC8gWKe3>X6R#Z6?<o4Jt(e<cQgyoSQH*6*JPhb!b&s;jn(+mn
zcYdM!J_2+f0k?w_OS2Ag)o*Y{r*Hr8=m1_$6RLGXU4i!i;61FfR}E}E=w9x#faFy`
z>I6u06_7d;Ksufbq>^qRby`5W?kpg6T0kn02mzAnEI<-xc5Zt}G_vLfZj4Vw$HW4_
z|4W%Gwv)Ks@wH#>Ip5cQnKxGiCI1qMh=roKqURR$NBQkvakXfmP9(3lIofFR)wlXO
zvgUu|reOLCbMv&|m`UOsytvW3Z<#H616nIx8Kg)~&J#6yBIr$qvXQ~H#(TA;D6rSI
zf*^fLwMknl^8A~<{hekb%W<4bV>#@!HCC)=%TZg=9-n5tVtH3UR)ik(Q-rP^b1#@e
zVbXfhX|~AF*JOYi5hQH5(x*b(-v6Gk+HmEHlRT)#8SuirZiRUr4FB~Sixa%cGnz)E
zHEH2*;TsO6Q(t(ZtzSy?;_%pVDMS*G>yPftlxRQo@qyHEAxVW5UXrEwiQ;#+asZkY
z1cnqG-0l>1ajW5b5Q=e`D{xPayXF(m#jd~zIcV&qA+Y*b-bYIndlltm%}b0#)CD`)
zD71!DBNQ>rda^r7tt7EKn{H6lHF~KCAL>;}7>eZ-ZRVcer-b8pZjppc3d@&abjFvY
zeom$KZdQyyh%oyl@X7;t=!)gt{)7-fDB-V26~(X)5-4eY<2E15EUI&wcd!Ku?ySq{
z8Wy<^#4zV4`z-G1uWf;-IZMu>+<{&qI~fKCq65<kQH)M7US&w--$HI!U<uYN>e5-R
zz<r#_D}#G@(60vW$XD7O$%~6s>x3q8Gv#0nRyxr>GQa7O9>bF8-U0*HP~}tT1}-&~
zd#PFA7a(TY74ys%;+=04<62+*{=F-o(~TxwsWJ>xr`)gSE8|;AhRt&Aw;O{mC|k{X
zAx8*RYGv1VY%f`Dq`zv|nqzw)%Qxgijac3jjJ6{%+8H{K@APd*?M|MRoIFmCZqTB6
zUHWNIjT2D$VNZ2N%7ja_n(JT{&fpYrV24q>9S{i$`SW>+h&0M6dN$kgeJ2a&F9amP
zyp<VPIdxw!6@6{l$moh?mqcG#RuKL3vJ0axExS1SyJb1iUoGnw{rR#H(Vr|kFZ!cp
z>CvZ_6-J*}mL2`UvaIOhWkaHimJN<POfAb&BOZBZk?+eRO&JO->mB))d<~Dxl1Kl@
z&GN8EMEA8UH!@is84-lW*s{C`(=WEHZ{!Mj^in>HmJNtV2bT4T43S4>WPm(|Mb48)
zenfc3vVjrtC9>?&$O(CzACaRf%LXa$Kg)(j_R7~qk)87RugDg8To8GShdcOK%o(^Z
z<_=W$hDPYIfll9JnXrp%zO{o1?0*l1nF`+)*~IHom+cci-@s4^P;xeF_2X(1iVucM
zWkIgaC}1efKELMwI{@dXh)p>$6(?-W{%D4Z6uBc4>tdorK+CWAFNg`An<zBAgf)i|
zNVf!r=m6pHT?#14huA4UL3Sq82{EU+F_!n{4`e=exNOJVw&S2OXUsm9#DiV7BS;~F
z_h{R|T9<iGPRZX{5K}ADkrdtw#J5b%Uc{%UrmwV#b2c_%#Jp~_(2qHCVv0(4BkP8L
zn#qkc!M-1He!J99GnE(6QYf?(I0t>AgDq7DXU19mcyB53f8uc??MS*3&%*+yf~rT-
zVtu^$PQb03wa?+nA*{16cXW&EMad~Ghg?p=cSCxC)}N!DO{u^yg+n@0lF>BDqHg9?
z%QLiLq6knz7<O>7P+8DLb-o!J84C_kC$!^fyzli)Aj{)|Ph^>e|I53%qK}Qd>&_=2
z{Kma%WyXy_`Aq!ih5R@Jm2ix&(YQ~;3vsLk0SVXgWcZ3sgfGGwNH^QiKH_FR_{N|#
z;RWjaPwlnbg(jVEUn4ql)LXAr^Avi<e2k5BE#dOK?%`hQlp6|KwWr{xN3~}|nIXfr
zy{OLLVrZr9-r1O%du~G)S@K#5g^0iRsln{t1ZeYzDjSofRh-@RfGcALp%qffi4EmZ
zZXviIkKdoN&82QJ2vJObaj_-V;PueAcG|a=o8h=}gL6*GrFu#ELRS#yA6%MJX?FS!
zXse`3PLoki()}SAJ$$z}P8#o@-FpweuHMAopH5|B7~;V&L>#?~7j^DuP&OPY3|k0K
z2VtlA!+2$T8&1aWvmB<QC~a(|)=G?(bdIhy&bKSi3MZ+zu52ki=@;*XT#54ytF_`~
zv9a<)JUUbqkV2P6CORwkC}@Vgo&L&|IFU?1FSm9{H`Hwc>ehyfh?ZL$<XB5<<Rd5r
z0h?X6^%0RaNhl5|-=rvkTO#3}$Um$|t^!c^H6%wKiTvD(#0v!XoRFfK?7bv=G~ohW
z+Ot4Xb<KC>k7U)%8Moe&@{OC^MsaU1dX9{@{)9fEcuKw(mHM{|aaJ-qmUlq_UM04&
zA`7ujzhiAIud@~v#yyRh3j3-UFQqS-5&IgR&5&NUAX7XHi(506m{{Jb#UftRc}k2|
zyDBs@nd~cxHcTT^ElW#S!}PsT8ekgvct3$K%z~pfDeo__k+*}u@jElg6~1@2B`Y-v
zqhjqflt7s>=_xWL!k;kRdfX=|^3n{v+pr9elVT4R`X9s#|0+aIy<${@>LD=`KL{Vc
z%$kXRifI(v4L<H;L>A*{T}t?sbpnR)!&Z%n{iAMu#3{fCDDN6gOV84Pylx6`dul-b
zK-gJog?nj;OnFbdK|{}Ikaa(pb>HPr6j)D*)&}>a3~1uM%Piee5^&$8`0e48Oz1GW
zk~(xHTyKe}lcZb{0)Eb`ErpZ3G4nsT-SXx?ijXWO0Hedd{f3Ma@>_EIMJ^R}$yx1B
zy023l+=|38p+tMS5x-E!$-|lLq}w_}d$7(+bV;bX;z{T1Quy$U|DZqBFLn3lov;5d
z_a{|`XQ&KMkN%+S|7ZOf_Mi0UuYc(7PsV@RpX=h|^Y{4pB=;w^dwl*yf2Q5?AB@l5
z7rXm&&8)=uh`unse##e%tUzy9ARna+BEn<&ED7Lk*F5(`_r-o9+h;C8dO(}RZPKi*
zu6Ks^qY=I6=&)4eI+k-T(H6z`GsRo`U?&8VS<muK)LB2iurtQR>+RkT<*;7PUv1nK
zs7{07q+kJ6mPnPhd%LSN@e&Np&F>O9k{EbmzA#6iFGvj`m;I=CPJGB|JE1KKD*QN=
zm?i%^qtHD4KNyAEf8RX{fB9NZ>MZlWOMeT!T&Viw<~p3qQI^UntglQ97N{xCGBK7n
ze34=(-r>sPN7UNiR3#dLwCI3X-rfEoDXT1uN|VcVyI7Z{sa7j+Zr$w+H|@06)EiIs
zr0)N>?Rl~~(H@~Q(w?_(l^(|1v%^PwEDH3`+jDKaJrmDvPb4}#HR<@erSBH}m4(0f
z6<f%9Kjs<d3f`H6eM-lhIVsWHB>5gx%y-5%dWPtTvqv(#pE`XL3Q{~_CkxYdJ@!s?
zw_2Zg1}LUDTmPnbLyL{Ph^C(l{krS#(m$Y`Mg_6iQ=&B1H2?zL${r+v2M`w6qO82~
z9O?k2%w588;zP<%w~j<}El2Os{<I{P_sC<y3>##=6=I@lO(pcd1iQ^E&<13RMu1t8
zqz<rj9bxB88H4b?-w5J$+k?Tm(Uv4ydpnD2q#HIoufs@QtNEP_V6fn4JlNlBV2Y=r
z3HM-`n(+t37#2X4cb~0v-xteU3l7i;7WAVESf6``L~l-%^Sa<-6g2#V2+ueqe7b>K
zWcFv-3Uc=7hS~^G!2jl2r3QJJB%E}RB2m<m^FVms4ArqL)v-9e>Fyr`VyMl7&7$?l
z_mmawlJkwB@Ho}MJ!-jl+zkZqU$bPb5&AGqFy|3^*i^$>ulSU<Snk+7yO-<$ykBK)
zEi9G<0hW?<d0J#aJh|X_Vv9kRdTL>aEcXB}q&02U>eSRReOqUA;ng=;66~NP%`cmg
zhMCR=1LRa~bjdiB7JXzb9ZO_MJ68Dk=;$3vLESCSzCl*>iVg1Iqtu8@$S#5Qh;k=b
zig?4id73$9#8h+kh)ns(nY6?)LI`v|`xP!^krHR|VNo`X)%-e=ySw<H<{!%on!FTe
z;F~$3ANz?y?PsY71j4BYAbT2GBW$eDD1MXccTkTFmL@AXE50>ALw>hVA;(oR?$k9{
zt&4A>^yu*T_$g$6@?k*-hPhKE5KV<xU&|6X{P4{zAOQ?p19y{5z*Vyek)DjC56>nV
zWIz5(LH6)r^^jGiXw?A5;qV_%^o26Dg~fQ4JmFoRE1K6sUhPRwASJN0%m31p!w$u#
zwu*t#%ew_&MNbGVA7T-bPZNYB5m9mQoCM`9CT`cjC-Ji+{H^}@MFrvQ%4E}`DuT*$
zJe9_(<_Cs0@!wXo%ZUq<r#KpYGqa1;>1hGGh0ff6)B?fK{6d5nqa)B4@kG1$1F=+K
zhzcdGj835?4~yP0jfM$K<&2%6X`!I@jEI=qN){stw^4OGQZP$!YL3f%Q0WwmIC4W=
zK<?^w(u1yUcH{RvDGl^Bqy+SQoF`XJ@zs?`@ZDg#s0=w2BcI^$BY2cyb8KGZ_oPeK
z*T^oLbn!Aubh3a5PNoS+6{1qfH)7BZNCkSN><2-qz?89C4qei6T;R9;adompv-=CG
zC{_A#_arW19?{CLV?^CF^WG7Art%Y(pCeOE$B1?Sk~zstAHnFNFJ(JUrpf}DwxaT6
zvrlOEJk7rkjD$vN{&xj6eUHk%idgRnL<dg|c=9u+@uTqHpT&$tgJcmWi~7o?>zspE
z!lJ&U2?~Y0$o(CMr3j%3jON7<S}N2QtH8u)c1<`Yi|h|F^JO%LP@pueFd}A4N&N6!
z4HBWLt3eYKwG_8HG)Rda$qo8NQiFa7O;infQUbrELBC<nN`sbAplVQbUJw0SSFbH*
zaV6s$9nn>@73fk#;=kt$k!X<h6N+(A;2J5C8=j=!7ZItn)6vVN1dE4`Ju`=#Sx)4L
zR*DWwkc<T?S9QyeLdL>?yTk~v$!|uD!1qVPfMhl0sZ>h8F#Ke^g3vlT?KBUgVotXJ
z1UEUM`DZKrCM<vvn+Nq1Va{zdStv)A1ch8(P{oHr)#`@?MAEMu?`?7tMq(lZDF}Hi
zQN`;r4<mgDgqX$hzDeujz{rV2Q8d!6Sl$#u6@gqzh$4`O!{c2-Afcb4jk|)6=ny`H
zvW}3C?C@*PpNvH_!hhod1$|jPL^;=&A4MzV{FoB-nZ3$Wd4Bk7M=hed`xBIx5Y@$>
z3Q-k(y0~LyzduLq-Y(3HjoiXSJU6}LzBxn^L?^XNq4|AOqmbQL^|f2ozYHAVa!W5B
z0fgXL$Hau?1hd~JZ5P!W<5ZwuL=aH#KyYwz56I$WjJBYqwWk2p%ZXDx$U|RRC209`
zNy8k4&DD9QN1jY%Nuqj#)l?U10eXC0Q9YI&ilq~!SbFk>MhTYgkfIWliOD$|1u%`t
zmxhbgxzY(kHX(}9nce)wZGPbleUxq~EW~l7FGMXMAh1`W)72ivm=+tb^}=c9BZZmr
z!zGOkIM9d+mz}Qpor;qm#t)lfrJ@Z86uANqDp~n?5sbvt%|c`$I`LW)Qqe~qh$?Cd
zp!qTc#Z~-ar7n#ZwN?Uw)onr||1rq~dsQ9e@!l?N;L^Yo-oofj=v#No>qSwAlInh2
zA$ZG9U?Mq@n5u|ATx}~V<gOx-LgUp5K7S(YaS9qMoIVh~iw{sX<tGYdPySdQV5=-f
za|B0W`^yho80rePD-8YUW5xE9_Q!h4!(Z!?hp$)D`)BkNIrc(iVYlrQ5rroLjh{o!
zL=^t+*+L?qSjF@Mjo^@$D4Z8{OA+ecqjQSEca;k?lBM~x#9$9e&Jcs|F_g%Ys=D1R
zKlJQRw|s9A^tgQgzKq}*@_h^R=gZ~$551~WXUO-eoG+K}pLpP3cI>AlIiq7sr>KtE
zpOf)Cr+nW{FGhPF{1P&eB0F}11TJRWxhRDa`L{v<6qWd?n(}8_6G0*lG0}uXD4Gz+
zM&xfn<gbn=Pa+VRGP$7(h}sr`NdM;||GUasWvrqP6btSv5|b?V$H@Z(2f-yeHHm-U
z7|bou-=K>k^K<jTU^Qcg%@d+PT8M&un)zKjMB%&kWTH@_`EN}S1s5;Qz_o6!?GnU(
zS?IwY=z)d#uTr+u0x_`dl7%homt$#Q{|gJKrFcta={cA^E3a7IN+vEW&0=Qx-tP$|
zD3s}cW%TRu@r=`hVNoc|c9rR=`&A}I6{trD!YBol$OW`hb?<(X$o3XiJ~hqVG+|C@
zoF-tv9G<}kG~wfC6iwK#9?*pDg}|>4SrlQMX;FmDVW9{;=Fh3{pEA-@0%^hNr!l~I
zwHJ`kCaw3K>^=W}wzQrJ_wU}>we|$!`T_)9-@}=Vz~sTuEzgIpKt)bOmP@<{;ST?Z
zo<zioN(BVw4pzorZNlGur)?hH6})S-Gxm1)KGoxc(MZp9N#n25_fMq1K9QdKb5gvQ
zM!rXY*iQFX0b)V*aAqv;CWr_n=1Ws#kC$i9_Qyt!B1x2aBl`;B?JuXLL>KTOy!{6>
zJ32S~Khp)+g!Np1(rV8nXHZE|2g846aGd7H(Mb5aJ(73xH%X5zPdxo&iSz~#lbSDY
z7R^*Fe9b`_obWJJN_XyLdqL>ksX*_uhswiH^*Q)|HB^?56KklVh**)pIflwl7?h>Q
zc)g+Iv44NOo=BumjMtoVj@K`k&WZ85-4glE9Ir=6(luU}{*m#TC1bO+=XeYwvo#)D
zrzH<xH$;1m$6@3~l|C^ZKWntc<G1_Ocs!v>>CS!Tc;ForvX&)wZUe!co{f%FsYS_n
zS72_A!ha>-3OsXN!Qa0iz-0=^@eM=;E`^jSCDwtg{GSjS5qy|6A^x}*r>9i^L+Z&?
z^@ud9Hs}(QF(NLf&kkKA6_|}lS^G$F7m_%7qr82a1W`TwlG}n*quO5<_~bc*FBiOE
zwJSVc74tFeQ*%2OeyD*>Y2RAt*$3e}q=%q!<wpu!-%>?|XQ>A!CXQr(?9*A{Lu)^c
zr9Jr^W%^ELD)*S$q!4Z<=MQI7@Vg%g7N=J$+m@bvWZQh08}l6CNWEv$2gHspcn0Dm
z;sC}my@Wcg5c;5VnMY=HI;FUR6)b?-!ZT_Ftj)9}0oJy#xG{<rD}9Fds>nkY<p>w^
z<Y1KVF%j~efyW>)hrbWM_ci9Lq?&&^DJc3Z42X?vkc4JabOb+1wJ{QH;U7wEid=5D
zXngpl7s2bR!-Lflh8#jK&m50G#!1Kl*}jx9IJDM6*<<_E80@-HhO^7QN9~6~Il_1P
zrN07s)!!>z0aW9$@O!G0pxlMD)Ck<Jifkf~qT`#UHi?OUMMkOW+57z<{LA0dT3zX}
zV&SLx04r4XLg`px_-54-g@Rqx_K}S86;&yBTa!KfRjcj8t+sb5`{Md}bl;ead<$vg
zgYfgdbWY-}=^8gyZB{!YlPI<8qec;e#^jW$>WjLnzB69+KlUoH{bs5Ho6>iSuH6-w
zDByXW?(&S~eK8lI5s1scy{H1);^5gwj0odIJo!5yGDv;I!i)G2tdj@~Ql)L-X;x*|
zs>;;-V1H*idVPt!nPPcbh<`_Hq)EXdB@p#h%93*Wsr+9~j~sz(@zjv!z1jsIgzi{;
zH+JTHaWG$Y&?KQh;~6YPe_VloEG5hp_~Q#I3Ttid?@{#sD@p0CtNtu{1q(LLn5TwM
z;aGx@HT*YVL&C|^F#_$uqyI<@t(+xL7W)96J&THsTtbpKdR_BdAp0O6UGqWOPrJhp
zOJiZd(5Jr%Vo7=1>;4aU?*boXb?yBpA!wrLlPGCp>t(QmhF06eYY^0o1ewu9(P~Ad
z6{{j`y--NJR4c(rG}B=$r=_j!p_X$>t*6pfTZ)KO5=97V74LYD_nD3tREoh1^Z)+V
zexAt$f~D2-e%|-<&j;q&`+4?d?X}llYwf+)UfbEt{1En(9hdHL6NqkmP)6bU+E(R#
zslPml=v?{-6eisN=y@ZQE3B0K_}W6B`sLixqTBzGdowpADH4ru+G*)fp2p<LF8u~f
zZpHK4W^(!7&$IReX+d&`*w}E`*Z>56`&%|(Cy72T5sNxbL%KlLv{A8>-{%(e-|;r!
z19{`MU#_v99FskP!EYn%i*E2|kKCfT0)0U8E1;hbY%uhfH_FQ2sxOyMbMo8B`TSoG
zDau#@iB;Ri)}CPN!siOHl^i1>l#y>rwR%0IYiEWP(OOqVFe-A5I{teK&EZXUx<Yq}
zD@{$`ajY-yoP1LMkC(g)=t&Nsjh@o~kxyATegb|Rq}TagpZ=s!<<e*1gI@IV&1a2X
zj<-_s^kU;(irk=m`qT6K`}Dsl7`XH7;Cp=Y*}?w*?bt!?8CB8G4g!7&zrX!G5#bLV
z5tam!7CQPObkx!kNWtc-21r2;cRIF~*}zF$Z;4Uf1PRdnjJcbNayaDT^S)Q7GKhmL
zm2!9?y*yCEd-zJWkZCrpYx0ISTMEKX>T-hcf%lBvruVakr9GSQ3}|1$c+-x7c0@1s
zwF0NV`1;j~fIiQ(#ll?nRkuw6clJ>ljIrFvkiqE=1^HWYnBw-+$M9I{kFL9O>0zcZ
zzLk9~5WnA9uI_#<J@aYn?#YcNNAe=f@pmV?*2=gqs2&D?(|P$GJ#~TW(F3iN{ucM2
zcY=wY<BpGN={hyC=nw4t?gW2cRU6IS*D@iJ+%?|40UNjC_@<#TZ`^8G@V0<^y8Ckw
zTPqh}y_fz7FTC0N3hCL@n%kw;L~@U2ZwYuXyTWE8MezgHuT@uNb84#TQ2Q{ruvE_e
zU35R=DMP@S;|Ay-Nzb4<skp8SxG=T8ON76dfwiYVY~9~2pN68C1LQ`|J9m$w%xUr!
zT)3!u6>qWrMxPAq2ZD|8n1m-Z21edo1V*ZDy4H_CebavUi1-z~B{SZJ?$g4<U&Q3%
zSFA5;c`lYbN-ckUV9QyuyCMy@S)cyFGA>!l_ovEYI(kk>EJf{aO1z}@zn7lzq-*~%
z1KO|tj~`t!V?V}ZQ|eOF2DIJi21*5$=Lh)D&(Uykrgs|Xh;U6y(&Yf43M#FFeozb_
znLEzjTwv~3u-?c1FzYO`vS1qq6YiA)HhB)~6CC*ZDG^)7VcJ!JE2E2X!SqDeduy9h
z7h#@v;ID74ph`9#vY*)kpNVx^LOB5sjIATI{;j;@ab5L9S8VpGBJs}nJrz@B^8U(u
zYq3pS8|{8^s7$y<Jrv8`&uP06tQ}mQE^1lAN^fs8IU19Mo3;GGf)e((*;1N~*k!r4
zcWA75HHV2GY}q9`3Tj^6o2$Cyn?lhCxt6`xM{~!QwfdvE;O5WV$dfHi;ccJ=%kll=
zNtn4Uw2N@ELN|_>s+Jo0Kfi;BcI`(puh~6j|I>@bk1A?e&p^S9;?eADC^|J{D+0RY
z9V&<W6wcPHZDuH%x?=&tCSAmj!li^a2;qcxB%D?_e#aCJuobm@me6zysi0|uxF606
zx?=%W;(Rrila{V0pRUW&ov(BZy$OiBNc^awEk<77qCP{?=N*#pP568Papy+XlC9u{
z#(DM-{e<-6@e@FOQ~}fnDLngb0}9%Y(>PIO)=fUsGaq;S@8~V~U*7)85bmbLE9L^Q
zj1dlolgNza;Qs;ZyNI4_Tlr({SHMUo*-gV_XXu<MYRnxA?3GY>J)vAx6R(?+f4+qX
ziftDU)mKY>+Uvgirh@uVk{@jOjO}adJn0*5qx)4E%e)};TgmPq>&COFEE(_N6}T;H
z#S{A-iljRb3#46VX$8evLY$XT`uH7P;L7#%S_>&b520MuZ(M?E%O_H($(Ina655qO
zQygDhWzM9ie)9Cso37Y)4deb<4g2~vWCU7)y^jntcZ5R^!7mP9P{wK=D^$h`CH-^X
zP&==vVHfxh6r;7Aj2+aM!r-<4f_HqbCaBeA@tjPH-leVxrFCwUH%wQq;8db@Px!ZV
zPq{D8v1elZc~_4mo$H!xV1tmwk=~ytS^i&7;{o@gcaMDKMzZhZ%Ww9HV)56DXRtW@
zeL4aAh3_+fpU`^C9aG2?(9!3u33tfE#f|CdgmP7-yrz;6k*4IYYk8=W?6AO|Li<qL
zEMF7hp!_?&zDH5p6`}GL)bu|Wx#B8<;&#dFhaX#BSwVT<p*)ASb3hv)1^BuLd=1`S
zsb;$|X7j|98#$6v@=+MUDpT_q-lb5VhWGr3HLUvyE`IdT*5bP}HmTWSeJ7guAbxbI
z*KsqAX3Pm#jX5;5U#p=os)1(F%&KpkY}gfA$<d%3si`&Eno1qG&u{2O&LXUgvgqST
zKqnq_uzX!n%l>*IM(U1BmA=7i?hr`hy9W5X%CevBhu2TWiOj|@;-)_Ln4_WJ8VxbT
zZ`e*yKRDBdvS4)dp$!er+3}hVo#<LH#kD{zX39dqABujq(#a28V2s5OFK<7SeFXwk
z8AUB4Ky<*5o&K2{ImcBe;x1~<v+uli%E3dVvwv<rmp+WMOYjsG$23?lrXRVLIq>Ye
z1(;No4VCPAhw0#f89(}vjI-}n2PoBMZq8G$-?&!2Zs)}U{vBxBv*6ceFEs1dG>}Vj
z-T0hQxmEj|!o7u|;o>t239fKGHR|qbbO(*(Cnd*OJd}|`Bfr=kLV6j4x+MGhY~1t?
z?eAY{lV73Jd)qFTJA_!M<qc<4gU!Uttt09l&O8SO{a3`+665?d+t5nT@;s)SXzx)>
z<k&l_uX{L_z&lBSevCx$+W(VGQb1zy%POGIhENNt;Y2vfhsCWN$EwYKzbO?B5nzue
zyU&39b-CE+J`UFODMf7bnwDc@3H&?uH6?nQlgHI^jVc#=-P_Dbj>nplCx_}-s~M1=
z6S#XG(Rjq3N44I@O(wC?n_AgOe=z&ID7T$l+r%J^Cf+yuv-FP?NgcZT&mFdoVV34&
zi(@D|+VODahv3U=f56()HLyJ=y7p8?lZSKo{3c;-O=cmFrqpS)?eL~lDaTaTWJ3et
z!zu0Po+j^@9wm#7ez@hEF(iGWrz!D7bMmXT@;3Q&bMnkkb1}X&AB(>CY|LHY!3k^8
zR}(1t65c}(IC#Pl2h_IyIhN~=<sOJ}rFZe)T3_V)+3bP=^$CLO@afSs3P&_<?P^U_
zZeO^DN=|*|K*`Ix_<`M+iAk>N?XNO&W!MzyymmTBl8F@O!Z57xDo(*ps$z0D$_01V
zDi_Zmu656!^}6S;*7H=JNlH{CEK}Gt-L+@o_HY+SB09~=cDH>h=_HGD1D;ngC)`FF
zuVS9F$f}qhUO=2gzlxHG=g;ch^M{iE$}EkbDT#h`m6*xy3m9u<PCr`h_&fS2E<4ai
zXPH?q`lz-KJ||W(dkf!~xsgYm1`4)(tz&Ditd+Ns2h#tjWjAp*P6jQv7x+iID}8pI
zR5_`HyO>Id(R=#Boz;9yOVW=pRTs-R^IXkb@qcl@)Bg?~sQ>lP*BRe7Cr>;YO<i5Y
z6sYbE=aC|EC%E7~4jtH!;>B+%G4JXfh4m#n$PWRk$J$}|;af7?J7Rd*%&N$eVnhTN
zF7z=1hs^wJ=4m1GFTC8Ccweu)tJm;`nHjlDuud-Z`03$_$ni&%md`97kNb5pXZLHU
zU){1dpYGLr_6r`1nC${ivH#xSEqNls?Y!d?%&Et+Yk<Fk+fj8niu-DImwx^udL7-@
zGLCV|GDMe#t1gu78-K)}-i*&h>hIEh@k`!Ubmk-D6MrLpW8&fLeZVk2@xb`R{k%xr
z#cB2I(#Fn3;Vx=u>^wK@jjw+*mUsqzsay?V`;eQv_!e0KTEq>tN6lV1`^_yi+UStw
z4L(C6e-(_zn7(KZIqEnGg%wWbN4)mKme#cthIlz2I7VEYI$&DFoNX^vJ+aX%TRtOt
z^Og+TA$7pF#^Wq0*Tvh`H&uAcSaH{BejyuUsqs26tYwFL=&XwS@_HgBJlfN*&`-!U
zA=m4}!MB2p-DG^?-h4(5HygS$pQFL_Bo`>ZJqaT2=xV}eGG}Akm`TxP5Agrd`iBya
zdlTOFj(NzW2Z)QNj^E52_403Wx!2y8PHw2jQienG+SsS0-@1~#_V*}+WYGQaYaqVV
zp?_`X;l<WR{;JLJ06YgctrL(3^#dsbrC!zGUCTahk=5e0|5fuZzosLDnl8!L^t%qL
z>8tsgq)QE2Q_q?_I;^JVL<XPmcK0Ga;cdGfdxfUNLUVH&Tx227;tMFU<wUb$K8T7j
zs)Go7F=_Z4jG$@si^|hUnwj-^GbeG-dNUY{B_7LFJ#(_N2Kfj)$PlzXyXSaJwGwas
zRRoybn?wjZ{M(#Br*KCwcd~aNnf~sz_b3Nesbqpcp<+^9L@HgOWA4ze6#uO0Y!A0l
zlESrwXIr@4_#*^+2Id)|sRX{ERf;L{0DQet@CLJdEVBeflyT7@+u5kTFYv!lS484V
ziP>9WU~rrVBPE6bfzzWYcLlVZ&m`v=>e4rUZxh<aVjF(Z<os|C+1a)bGxZvo2Q3au
zZ@`5`s42P77}U%vxnW=(Yjf$$edN_5myws1^rAaHVmWwqM$BI?C-Ri@_;~M!-fj3U
zzX)%MC(1uI$4M`)`or%kSvxs5f3NqWaskcH#d{rMU!LYz>A4&Rb+>!#>l%KZzK_9H
z>b0)|36xe!X)o}U7wrt`UnKp@?|9Q+R(kzB{St3EIy>bJ-oBx?`gs}$>W{L@`RLy$
zt;}n`%#~K=m&W|*-!5$!cR{<-hWVv&#`fPXt%6hZV4oIN_@(Xk2}&F8wO{8-8}66(
znNLt!bqiMpoLKFb^ttUS=`r=d!|DM%ep?UF!;g0JQl7yd?U@?$u6hs;jV+%=U#nZw
zHg?A@@0Z=N;s@ct@{01hHq>_2IR&>UarTLOn0|5@dV~BIqpG0PG=-y5Zzf5-nZ_6V
z3-fylTo@B@96EWGrQv3?PM^I}aydT>{QBLoR8tslqP^TT409VYvmBdLjIFA(D3mYC
zDWM;C@}bUKf{QutW}Kbh{DHURyCn+qBrk3O^*(;rhpkUYQQxiZVcf-6+RNNsc$sX4
z(LyK^Sa_R=6XFU?esQ<4#w1;2sYN%+b9r@kPxd2I4aN3FN8Y-dQp0M|*qcYcFmrMg
z{j_OxuNOanA%|2bEkUguwo|0Od&a$-UFUfTVrad5v$DW7>cP5=S<tze0sf9O4jlP5
zuI6L*X1{7DKD#nHWgGEjX<e5E9FRDskstKx?5KkIf_!ya8oo9s9ylR29PZoQES9@|
zW)t%-sxT;ZvPMu20m|XKqbOXu68(Ya%u45q6BUem_$Vg33|BNw_(cf7ybDL2+21&!
zB$p!I1pXh3m(5qBqgFvUQI=c12|W}LwaR=6JkMCD7yk_nLI!x(o(c%MC--V|Hi*Y|
z<`h?7D^#%RL+(ot5z}N5nJY3g#WSV>Xniy_z4!>>u_c>5E4^#SKXMKZGkwc^M_WLa
zhsjhlb<Bs+V)Aw)8@jIA%X~c~4>@AYL9HWkC~yQv?Qtb{S1G6LXQY$3OQVa&3@d5H
zPc=ui&@qj7%MOma%uInmC{VQ%5{U8MiKY;=?C(VQNmrR*eg8@)!lBj7e3aDmx7z=a
z%d`Pm`Yb{Y-0c17ll3|$EjCqk$wH~Y*n+*9{?14#u<3ah$*xXPF1g%9CE_Ce{9gJt
zKxE>n)fXGM->gqxc$lR~9a+}F0rynZ8@~=*iT-#$_oeC`UZsb+n6o&qPah_vqfCFf
zd*Euz)VZ=RZ^62)z{32y$J=H|J9*SqTYW#N@H;xsE4F9i&cMFhiyGd`;<2XlOwG{j
z*G7{k)!^)Jk4tbqj!kE5wNxJjGaSQBD(D(K*}Z=p*p6QjDr#XD_KNCURfZSYue4oW
zi?{7)GQvPS7QR#LRm3X1ij%}=zE;D}3Dx`@TSl=O%F)z$>k3&764ol!9^-`=X~vSL
zG3Q?%?j>z{#k(S>_OO;GC>>tb9uC>KsXP|$)^4dZyIN0b&8~|0=rOyhaEZQAzcmmr
zhoa0rntnXZID?|xak;+Tq-H{DFZgHWFurU;foKqT^-?RRwH${6HAni+==&}ir!x)$
zQhx!!?r=)t-dxo$V<eM-s`OPc<&Gavf!fkb`YdB=U3Pb-vAL@Fct543v+4O+2Fqg8
zg+%Vk(!?{(Q`M@q`r{Ol4HdMT>?yvzX~fRQNpaCJk&TV)Fy`)o&rDzyYIR5;P1?r!
zIIF*TG%Fi`?QRZg8vTOTE_PuZbC#WryFsdLnW>gn;wRaij=Q9pMkFxq<#3#x{#cI=
ztUrel`cp3qq<B<{rJZVN9V?wnUyx{C#{@b>ymY{PpHY#kI!n#aj+h;VA?co)DkgD>
z$FYv%KF2sdN}vP;F^W02@YMzY^6E0J#QQNdLfdVZ*A;p5x?}OabG>UHf=J5nX}v~7
z!wmqH?cqLP(X(PG_eZve>v<HFl$5M$506#QkWZ2_KU~I3(UabX2m@74;Tk38Zz|zh
z3sb^D3aG(tJk{X#YAV+Gs_7i68QNUD8F`W#Su?kyNOy<p)Kj){E*|2oZoSepSLbDl
zC@D7kBb75F>cdtX)FAcMkWJl6s6Q?0`s>34p@cVzXIvbOk750Qq3rgvY~aBWcB8LF
z&nhE*=c%k3p1<8y>>z&Sm+x&+zVK2Vz(Y8|S3izKpd26aI^<C$7*b-d2Fe$zHs#uu
zho^w=A!_4X+U0fN-O)y$C8>BBOJ|C{g-_}h72U<NxR`*1XE6w;F?T5#v{4l(L%QU(
zVyM|6ukC{pul@C1vAt;zzYQX|L2Cn##GLTUB!#qI;Gw=0!89TvglUcLQaxcCA;QB5
z6Xf{LVk0QkC<e8xcZgPw&xq_%)H&ZD+>32+H?sPn!EJLDjePAI!aiyUeyI1sK%&H6
z;&l(Ful##4$^9;m19r#z>_rZe@T*%Td}#25U)(C;O-krrB4)Py(`<^@qaih2%dr@2
z3R=yYw9@M4YT5myA1a^JOSAxvEBdpzF>@@f*S-%0H6=$yL98W8o`leE59=0Yv_q7d
zyHuJ*$vc<V6sIHqc8cm0oy%NgQ!}r99N1<r;EOgzbnCqh?opqO#!`noA7v?x&FCS`
ziIusks-v+>V=WovvMgBod~#Sgl4yFq6cwyFacp(r`p!K~W4IlIBac+e^3Hihi3c~r
z(Ti`DQ4Az-ivhdYyQbCF#+ZoeMQRxPfmim_7I7CFcMR;NW?@KH)OJ}Jo+Dpnqnxr<
zj>nPWk<F>;Ftf$sb$pJE-sr_o_Y2aR!ZE8#Ym1vv8%J-vbpOo$eA$9O`WadKB8hj+
z&@J=!SG+Tn$)T>6nUPduc*WQ~F5Mj+e^@A6Ly39&27UWgW8#Ijw?kt;=Pl`G4Xg{^
z(>{y=1+SOKEx$%Nl#1W1Eox@b0(DjCPQ~2%%M``C<_ddHH{1JSPLCBJs)>)1t!2?1
zQx#E&P}Y<ho1+6a9Ty+FiT#~ua(cD3Xe_C5{9<QCqeCW^We+NZH=2x=;Zg%9z-XCr
zox(KZ^SCeO<at+LWBu8sXs@k*Pwu3n6t!Soishs&hlf<p`g9!(AQ(#YmWFnMqb)Y5
z-enms-v(IrB<ao9%(1tw$MJ672k3o8EeFMt-xcW4ly}XIB!Rt`G!OZ1StPM*VQ+XH
zN5Ks;zrfC`Ir-hP=41pz4N$$D;eu)+{iK_%tS$N*9c9$IOGZZ@N^_NQ-NWPS!>hcX
z+;wM;Ox`h%x4mE7@(fpWa94$1bi7Xunl_?n%H90BOIJ6KiC|yhR!FpDw19N2=QgLl
zE879?vr6AP<{!XwnC|AjiEmBn9zB^&jC$(QV_LqMN&3hT!Pa&8U4HE@U^f$oAJ;uS
zSRF0%T?v=m$zXgg7>v29<QQ$B`E~epj_(XV=SJjnZbafA(U8t}H;8sF^4ia4&)t#o
z=VtEA?b{*wVkyh+X(SwJ+W-Nh_^edtmf_h<Ivk`@K!<;0X-pj=>ci`(-+d$SJFl&^
zOE_OhAE%Xw^U1LxSCu8a%<I^2HDfH*oIF;&)$;v(Phq~$NK)57M+E(2I!mPfkkwms
z(i8bkYMn8lgH|<<Ikuwp%eL^J$ib}CCx;!OJ~<kW<&fxI`$gc$4i~DAt!QBlP@Th7
zhP?IK_v1J7DsY3xRn4hGR$;_a3O)^onM-6>2<L|H4O`760y3@9*Ua9C-MImRa96L^
z|4y9VN0ITg)Sf+v_z=zNsf~_l>8Zg6f{DvxXg4xe60)bTr-p|nEP3Ymi+00mL4Ga6
zeVnm(*M;SD;d7e`Bt2cT7DBTk(u;>|%4Jp*d`>_7iiYQM$6ozzOh0R5HlT`~idw(p
zEoms*+%vXh<|!KGy%d<P|3`6A_GB3wNEGYUvIUHbT-6h!SvjfE4o&4aNTWU6#<ysK
zQ%$RfKofZ}nqKmBUoP|aclv=%&&vW$P{EGaPWT#RFJed<<U{_m+kf8bKmW^r{)hj>
z?WU#wuKzsSf1cz&BmT3_e~$2<mHxBXe@aUcb~GkYaikAP7Sjb{!OTR*e7%|pLl<i(
z`pfhCV>;VQ-%*O(su+tS_*!Uxljt#Rm|L`zZpL0zDO7rlnSXTlX7QDlgG3zd90VcZ
zm1tEhOE-75F2?I&w#BBsuTEy#`z2DQ=YJOMd;vfTS(gpb(<yYzqzdJ#PN~=Qr=SB*
z%wzS|r~0&%%Aq+ex?V<Q+Ofr)U{Sb@2-~(>I@LaHEW89AN@<%|23Innz(h1#tVb7+
zvV89KuoDrl*NmWTO$pAKs-us*hCr!h7FZfBejB&ONRcS}V_K?uEGw7CaLnti)cMvL
z(F~1}oFLe)_956R2+z@Lt)9@{xz_IG;p-93%MP@5Pd=O#aqi;`Yqx+k#D!tZhS8Fi
zhx??uvc5-Wt|yqQnhl3U^JSl{2(9!=zE0Jxq8Q994p;M12&v)eTd=(rXRmNrzkQ1A
z*U<O3wqIKw4w1{RN(JSrK0{T4p<W+=idq~bwf6bFBi!e;fa>QHb>*s_(+6}ZR%aT)
z1kL6-5ntB;{1%O90tpq88a(qzK;F>*hmkWeKir4lXyhDmBMKb{s;o3Hk48;|0w)q2
zMzFDSdH6^)0#L9pd=vpgqI3jMbQfU3RpfBOTQV=)O$;1$@d$`2nwn!(r60Yvn6hB>
zqOD#_;nZ!GB3W7w(_ZNUX}&aqU#FF`3dLFjE!NEfPD4<OM9FGl15hlRqzIBUg)gqk
zA}o!dg+8*7eu3#`t^^|_;+nKhx96O2o1UZG;Fb3dH>qIHSosq3+$18wMjFUvR^hnY
zGA)ka>wuc{N_b4aMuWhM>?se9rhFVm%g9<2O&W!Uw#=TZy7v&A=wQrDX&`Mb&*sF`
z5MGyR#wRYSRi_d;_7I*mk;JiMW2vhe)Oe~YG8l4Ios{6!`0&>__*sCtW;zh^ysnL>
zhKXj^vBWiViH`5Q^Lie<6!I9V<9I|8*UeX!#5Hy)3?JL5gvzUpSqIBWbWu^})HlSG
zt5PiBWhW3=tiVxPEJ#(=P9ppnt%anjHt79+F@|!gs)+ZzO}ACTn@R-~Zgq7ei*GNJ
zE`7c}WGSAiHKPOHC?L$iz>baY0DI{pH%TaMN%(pL@oE|<$^~PM$wOGIaI?KeIFsng
zP%09CT{XE`o--3Y@{Q?Yqr2?$GXPBuoz5egnrEnXT=mA`Y}YrZ-#VS?`LW1f=?J^+
z#JkZzY1HNzQXb%fhGdS`^cs^;w*7Z4w?o9gr5x5Zp?Bpattc;18YZMktXQa<*s^h8
zxPX$P=0v%FjKI~^3~A$z!i?GiiaZr7oQ#f&potdxO#eRKP`BjR*)yfC201@Z&g|FH
zrBzx!%~G^|(jZJvr^4(Q-eeoHU>AP~jvO`oSgrl9-`fG`Ea&p>&JNF(<TLk@FCBkR
z0-VK{^d3(GR+7ta)853Lso?qaZ*MkRhPhz5(DqI9+5WXu*|Q#QX6Vjn@nX&gnmrW!
z7JK2X?V<d|RG`aM{r*sKQZ1(LuEo^+ifC@+kNJ|1-aWT%g-lk8T5ur9-B`P<xmjDn
z!#N^(Z|+4LXX37<%lk<e7ee1{J0*TJn!L6_bnQNpPUp0h4*gEW{B*El<`tAdxS$M+
zxiSd$D-SwvqVsEJDryF?^!}Li^$$A&i<>QbZe$mHfe~qIfy>}ehU56-&eUwo?`+9C
zkXL3eB4_t_nBC~k{Z+Uvp|17bttVD^9lulo$)WE`ap>;lDhyV}e#1M=Nm%9_u7$Ec
z5RKuDH8$qbQ0p$S)U4`s`^`F{$t!TtlsII4EH|MB=hCg8i!Nn2=x<guxyubIw4>YW
zn6Co6t{tKS3Sr;V@^i~(^VSC@8kdDRrzCI>z3$8E%plH8>-lu+$#TIx^n?N++s~wu
z^kjUxCGKfx`$usAZTrc**DiNiL+1rZ(A1G{;Tw`piu~9{|3ULK`kA}9p?`CQh%!B#
za@5q*$Q)TUVR&(-nGoud7~2HkZ19%+Ly#oDT3(dhGrba)X2v|C`LgsYojVx|+>4a5
z-ucT-M)5aTs{Rh<z8%-U=~L>=^9{|EYvA0-*AH?_vedBVQP-2-wKDoM+k9wZ8isDR
zgzY@(IeONs*ik!`(8`Ij@0(3K4JvM_G$Kwv@jbcPwft7UPWfDlzX+x@BI>7G4rC?1
z1Py9M1ut?{N2>#vjNulW&YfNcA3sHfI$-Zk|LlA<-gy;Pj`U|r^+Mx$qHUn)=G}dj
zBhh#I-RWtT+}RI{6emWPww^b0`gs>#JTqF?7h8Ja#phmh_Kb_qjn%D>-G26r^Da8?
z{L3$h)oqF`n|WT#<=;H_yp~wqJ7WJ#so|Jf>HsXZUbXm8qxJJz-+P{!Uqr1{DG0#0
zGPYOurceEk%{d&9?ucw_3GZkdit5axc&)jcO^555mexmi){O_ux<V2sWm<{r?%pL@
z_kOgF&5SPIV)+s+#slzO6;Yrn=0L_>RncOu%<is?*4-7Y!@KUP5bermb@^s*l%~J!
zoPIX882uVuwr$q5W%~Yvf(KxIkg$~y*mXV8y0y`|_4MJyGYeRb_^<1e#C-$0C3<_%
zEi@^%w7*;WVz>8q%iDgpn8XH;>Y$J7mZsDUbXqPS(x~B9A!A<}FpGaEqURs>RZpdF
zB=-Nqei8pG=$irZ(d>oK!hhVXkZ&-2!lekv-EI2W&m>~-&27j_?1#BwX$$+|7KVDi
zc*K5qu>DOB!VNCWn*DkaLw?)Q1!xi`XO5+#+ii=2dq6^XT$3SHCsNe;7mO~w`FHkL
zBA0~sn1`-=v8szDHgM0BW{l38R8z`#&-EGPHf-ul7^OMh8PhB<*v<Qb#yep&9ED9R
znq#zS2RfUpFDNCtm%f^KdjcpjyZHGV(8wf2{RIauYjs8K4PU$J&=QMuks<wEKhn$e
zA$_hQ)INo*1-YjY)@yE1D|%l*5pE+aroAPw4ST4j#a4u=qkxwlD_IY$69oqNtEdAq
z<}`v*bD1LIYH8a@m$?@(@ueItsVrJnGz8}Th<&YbUj=vJ>o574XhGrYFT2+QXjvO*
zrV!vR3KvOl)$&I*weAqWPnp)1H1H}+r>v?)V30+q(Vz7N;X6Y_mNo1mq4Lz1TyM1e
z2j5YRmDZdTo}(91H7U>1!kJme+@B();qz9k`p<t9ZJdSM+6fi0)w%(i<(G|_%TQVa
zmuX{;m+<A*ZJ-kFG$GQ4hGs;9Zh@fXPnQq8>&==Ip5}j;!jn$2M3)iH_Z(sMoF%Ri
z<|!q_Ge}%dI7r+;Sc#jF8_1|d;Yp-AE>(IV@BGsgU4kkEmLqLfh7V#ZqcMCj2mUT<
z3?IM^23Raj>6+@D-Q`W}Q3CCCG=?wYx+Ws*v;M>aV_05k3}2YIH~wPr#_p0kwKKOu
z{lE<ro1^7VZ0s&wrtP{r)j7O-CxS4mVYaIs*J%0XjooFp15gQx*tGM;KNKy02fc5E
zBw5Y?tN}nRfTq|XS04fMM4G~44R5U1cq6}_ig&4I;thVhVNVyYpb*SJpS@X1Kzmp_
zyQY6=o~|w2Xo5>A-s;l&!FqZa3>OF2_YjVRh|~&kiZl?J7(}KJq0jBh>^A?|!!saH
zf)*Be0+fZzAmt!jQxJ|8gr^avF_ylKu>MqLXTkfqewf$S`$?F~39~e7K5x7wr-U!+
zoEKhT;imA#opZwfMVMFr%|qqg#4{-S7QzM>D+EHjERDDgh)nnM1%BDX!&}l6zK~ac
zBOFb#z%sppWi(74*bFx;`<#vVT)~V8o^Hz_M6_zRKrgBIpEb${JHR9AFPw-etOg+2
z_0(U)l*In?V5@Oiku9FVJw1W_e6DJ58k2q5_AA+Ev?0tYm>3FsDDgS2Kt)|8%fn^X
zw)x>|J*iAj{o#>y;QA`tN1VTIO0DR%ulJ>|7=su21n1G6eyKfC6|7aakP5-L!LLuz
zpi%WoLOpuwuZh*c8p2CMkbus~CZ5fjy|#{`ud6S?K47&zH6^mP`ZujP_1j*i-;vp~
z*2`T{%M(g?A`6zW_=+?i%(abfAKV>2M&e1-tRx2<C4Vck)|=B94v)Q-UUqm%QFcKv
zU(=iG597^s{p}Ip!9a;7XD<L=$%{T4oX21sG+X`dRkGyjK0*oW`N&Nx_GPL!%MDx%
zVOd4OT1llzL@~NzAsc&$9A&{FrEMv=ve_mAM^i{BBGq`+a9qy;ireQiZ^ohtyAZeh
zoW%#(fxphbg`Tyf5c^in_MwMhXh0FmEFxA<Rk^C0M#!3m8P@XfbiPVxs3GY-x>TE>
zZL~YamC5awVmY7%I|(Scy~V78WvKOB_v~FWGQm>i*xkFlIiDva@!oy_0W1M`Z|}N%
zqOOwMho!sSi@6bSEZ%SL6RMW9>|UbV7hgTPeDm1#-qlUagt%N__aWT8sEZe0-67t4
zbou)7o+EWHpx6FXr<$+*s8n=aeAB_+wF@aGc1~kToITeoiM>Eg0P|wVVBX=4z#MBF
z0UAUS0vKBmpjR+6fTjqr7UcqS!fRc?=d99c)Ggr5#x~vFMS^tesU=03TA=0*$ns5z
z9v`f0z6F^L*pG<!U4g#Eu2a14%GU4wABXeVZvkhgnK#S}GkM>t`=(xN-M7NKZZaY3
zz6y}dYU|kDxzFnIQyUX~@m_kcg&yRx#<m=Nc)E306MaZWy>N8-+q|Y1zXD}znU-$s
z-LboOH*mu(Z(Q*BV5EF?WH$3J_2sS96N%@}^nMto7(!vM{i{Go=*wQmDZCRQ2FjTc
z<P#hSM+>?M_)GIt`X`PWWzJIa|E11n=m`phi$OFP9cUaYP5L*N0!)ac|69NW8r@cu
zxbx}Md?RE1f2(F64MVmE4L4i@Fnj#(149k}yiY0x%pBkr?lfux+@%lyP6@jp92v1G
z&7AOOd3L{0;oUYbTt%?_UhHZ@GJ~ol7At3Odrp{ZEP^z96{Kko%T;%*e67+TNrE&?
zPyBKyrj7`zA#`eBuzpfQ_<n&zxc*)5s)gZ|#I*Az{-ds3=YKVEAnqiNoVG-$Z1zMq
z;K_(%Gm0AYtmX-aTNDo23v@l6=q~GpFq8=~$0iCY<EdqEBr6A5&J9;bW`DRd!&Ax&
z>z}8Dqh9;hK1UiD-W*GN+=hsbj$tBZV(Pk^D3O|uS<KIIEBQJ3QGU*N83}d6_4aMn
zPhljanRUWt{2V(id0biIIvImRllU&XZn1^f!a;S@*qZ7+zA*f<3THv6o|mr^mL6|%
zk$22z+3d2~;qsEAX!=pH{4yf4{iv`fT8ut2cL`a1Ubu#5W9Q;<t;IK?;?;ta!}Bpt
z=FABnszivwI!nATTyLLQ1+v6P=VO-mNK4!v9?g@+EebafkZq$7-HF0ZG@1x%IxQcw
z%%>8iqLcKNCV=nu@FXIHs|nsjQ2LN$a?_aQVa;j1j=f}x4k1g9>*9pnf5|z;)Pc9m
z3lsrg<Y(r?OSy@-{DH*!Kq@^#-pmXcAN((|%58F|)aBg%!e4%WUc*kk9f^M!@;Wxd
zzBRk{wI!z<K}Pee>j+@_Y*^}_3aR}b1_{Cnn9u7`^TVC)4aWiqWWH>c@LLFy>mnvd
zro*yjU@Cz!M6jEbIs2Fr17-nlHMJ7mdzB6I1>juX5uT%Pn}ypj%jXU}^b83A0&~I>
zU0_~#iVMsSt0I8B{sK!oYwl$C?34#z-nWhA34aw=2thcR0|<2Y?ohryl2~mr^15f}
zIzp4V=9vV9zR`M!AXcS$es)_!zFC2s>~Gc&Xmj?6t@6alBXSprpaN&f_7qA=@+dih
zylV0StL^_7O1Q6gOP0L>NJKkAm7|@*4yH>OapG{|)jfP^gtdvS$^gqTQY=V_%L=HF
zhl=%yhc>1fHe<KAjtjs`BTFS!#(U$|$y7|7l`l_Y!MxXxDvM4$XV3Y~#V<v2F9~NN
z;70UeaVzm1H%-UB!I)FPA~D|=?eg96Cl-^4FWm(;yUkI4{02tqy=sw6cO_3E-7g`S
z=7%Lv8q1&N+8ZR(d=n|L@~4%`q}NLoW^^I(6)ArP7xW<#NqjYxzeHIJO@47Rw~{Ri
zOM;Cre}!9uC~TpLu;%jDVJBzLtu(6mBrOzjC1=!f<HW>G-Vhf@mZX%tf(45)b4P&B
zW2HaBwMXe?H|O#RAE>bAIm#sAMkdF_Unt<>vYimyj&;8tGD8aSavPf=vM|t?Xz~WW
z9Ocnu*Cy$Z=841_sU^lUrWzG#CbCp>%58SijTla4Mv8p?O<GvG>&F#8LB+3v7XRJi
zWe#biw$sN|(<|3$-~7aNcpq2Cm2!MmAhf>mQ-qc;+A?SHvAcIzd3Pl7pksD#aXu!q
zE7pGf@}f{;wZVm~S0w|C<4Qyl7;I)IzGgE!F=GObJri&YTTqF}10E_xM?5wC9h5b=
zg@mxFbUc04P(;<Q8XCPh)lj;DpGJCtOT+M!au6-&QqehKX#jo_Nq;|yuLGE7Xu$ZI
zp){X<&CuyY{`vr8$*Dlvh|@r$H1R8AF$`rVF8zVWfa?_<c}o`As1YPK5Ey`vFPIAy
zmwBeKGy$|ms5C?ynp7agWcKDNdf9YC7OAA-cpc}6{yQ%SdpdhvL`2(yXk+Lw+Js_Z
zf^*K=C2WvB2dw9YYXqnO%6Q0qH=j4%S1sgIzS-(@$4e<q5!Ynabro@36)Q(Y)NWN8
zRm2((@f$eA9rt0$*H1J>iL7DdXpr!b4%pobgLV2}IqKdEutcW?#>yX58tYz{#=6(i
z<h%DiC9&>xNvwNalAwF76mhN2#;~X4J~P^)51iI0+zaQKkC;tz{)8E(TF)jc$bBH1
zOxy$l^J;nGxDE8;vD5gGmVL3Wa$g*%;HHmDGoK|LebzCHlcs?uj$^ahY2XQb%sVAq
zqScgeO+^AF+)Yy2eQBy50KXEcl6w-Vc96@S3r(a7#p+|FlMro!rAit!AulBb<P}2P
zzbUUBOMbbSX~z;_;z|-;LYA-uuNL#~7ZsX~xtQgVJfj{>#b{+P`+<l6guGG_`n7RM
zRTs0o60B5bbF@Gk*R+VR+Mqe&V9Y|;N?(O~J5ZzLMX=1)&tQ}`S2cQ9c2rmv)p9HY
zsP0nQ$%xfDISl7@J<v*cNQ>FPQ>e7nUkxg)1O`j$Zsnflk%;y(UKbfN6GJdvgp9%X
zi3*1r2m$f!6OjD8@LmMV?+PZndl0k9t{X7mO{iD){rj_w%x7T)j35GoGd`kWrL_6c
zGB0eS#fk?W#|+mBrS%k>UqDS>Z3NBhHd{Wq+UA8sL!?Sxt@$F68XppW<QNO0vWZj*
zoWuAE5XWd39H(LMqfWB%{Do$s@O(6JjV3MhO>qIlfeRoGR4>@Iej&Y~-8gW-NuXf0
zlvV`nW{M(?-M~o{X;2C}YN8@hivTu7%W_lv!Mm+JEam`n(acZ0P~%+VXDRSE62FOf
zWOkpJt$d_l9JEupQgE8Xc&cn@g*=@epD1Jt53vN7BCg9k!~1untBaXxr_$^?KV_z>
zwuzS1i@iRow#{4vmS^%uoYwSMo|Gc-sZ!K*wZ!jOpCvkUny~IgD^~))tJPx4TW)lQ
zF1y&Mi~^0mD6qjVP$(xV(g-lG?x`WE(4VJ6;_3$1b^fd){nO8tpm@Jh(O909!mVZt
z&}jL(NcU?M<I6X51ctZst+uA}cNur82nnzAk2S1#as?a-{O&5p8ApIHWFb~f>;x>d
z9wNZl)ruKHliURz%g*Fgui!;t<*8G>tGc6nnv!_jr*=@_P6f-skk%bzi6@(qEpi{S
zJiM0T8WXFVF`j~nAtsG&)Am^RTO1ktJ1#M%-}5Gir9^w`#>9OMtd0ox64QuM^a?c>
zkSK7TwS8*TyXsBb1mKId#60Qu>!>QhP4$mET95bb>veo<46EHA4CCO>0hB@IH9~gn
zzKZx*AYM;gszU=$Sa--iH?r{49uE6q+hVIxy5t1{WKlRuB(m|IVr{`zG$zvV-bQ@0
zHnhgn7gGds$I~)^*4D4rZej-3I$aG*T~U_hJf{w2#^P@l&$y&;zwFIn`Ta7#pr90a
za+vXLtE!Y^`7LMJmiZEuSXlC~VE-sz{($|s>-x(_0BGAA0iZ|b0)7hDN38hMc&QZ#
zrSK}m$f6jQ!T&KffZs<eu*9~#c{4unr{y~FYYPhEWnJV12g-^JaoPMeMQGfR%~GCH
zrSIKCI=PETH($$3`8jO%z1DI92y2d@eVmtUIhey~z0vshDgg52P|NGM!$p~Er#f{2
z8$dr-2jasH&$vnx3$><Y%<u58TPCn4-L2pMEdF$M7XBq1d#K$v#TRtBs;}}%;H{?-
z)`^t^)|2x1ro4jv&wP1887?c$q@j$rxcY$FL@JCtxP?s)E_RcH0Of{a$yK_2q$J6a
zZTz%03Jh5v*kR{;SY{KtYV`t(*}T6>-+$oLLjQresyRE+!WXB`4azXO`er2lO4-!$
zT&_FG%KYw@WtzW5hcD=9Y~J5uu4=4bo^U412<YjH<j#DVpF(=Fa`)h+8mENYq9<)6
zI%AekNKZeQFvJGB=*XyHh~z6QMg57TgHG3GEA#Zi<$&$C=}Y2XJ5!s)KrOzxWX7va
z$&zT|o#;b<Ct5LcM|=;d*W|Ovi~ocM<B1Rza>aU<(D<9hsjsr=2(F}hr+L)9&Bb@c
z;&=6-Cp|1`DOi7ecbs=sY1zB5RvZFN!BNfhH7DRjXwB!})z4J#{54a@d5;f+MNYws
z(ey5T?9#_Bee8lKKVA}xcbBR7rqK_!{xLfGeXsp6AjotBlrF`(Jpid`#DmRp=o0T<
zKfdl^fO&fAT<X8Lw1WCCE{6agq8gm$On+F_JgjOSrkZK@Z4K7FWSlh&hd~$jkZ0=z
z)9|dcCA8gCGpiU#@r2mTS*RykXB)Jg?2k8WT!nhEjL<;*MBjS~nCqkOJ>OKkDw=zM
zHLzlY&G4hfcUCrbmL3(&J&1=lifMf%(?D(w0d=hSrQ;kgd+mD;;f3>TY24%eg84iL
zSKB`<QAZZ?kTeqjZ=Xh9i+?;NzBZ75WO~TcC;{G_NNWf;s8XK2V7>drigN5gdqdH3
zuDo&rQBJCO!%5qaq*gTpJ;tt1bK<dB`QO0RJ#R{)aUL5VYx7KwNir%d@fj;#8H=yP
z-n9#l8We!C2NgFZ?u%g_B3-N=<-`f@Y(*h`kqdi_3&PdKGxl;L_6_Hmwdw~u>>-}x
zXL<sIJbYk-JwcYMx}fl@<fLiC)Z2zZk7HE;Kp;?DS@dwKENkSxa!bGxOUrcu61xDL
zj)2MyX%JCvlqb;|9>gZ{5I)jUUuNe_14R{>qJ`5UzIh$bf`9W_!BGh*1_<XC&FEQC
z;CmF^W1=Y~QqVLX5x$}b{|cGpcv1}7Ut>u=b3DtodE7O2wuHSv_u#G5i8QrTrBY8^
zH-k?pXw%JkTF~omae?l3Dlz)9EiwqFwn+l$S|5t#RuznYu9M-us%Yw0GKIi1XL`)}
zu&c!L@}KOsT7W*#)dDJ`X!7{wa(F#g_199Jw_l&v@CN8@Tj_S0x{duK1urKEt$umo
z`@b9@zrI27+mMIj_@qH6d1!KHOL^$apWy@L#W0nKv#aH%L<CNpHxAiDR(#_95^Or`
zB#G$N^b16j8I`7Tm@*;VfdI>}F2J%G0s77@cN1U|%M^qFXe1zD7pOPc%DSFsD@O>~
zak2j0oPOpiw<2gMARE0uK2<u4v0JLy%;43Dv7ItBq({?G`TlAg3Np?wmO`nLY{LEp
zl$+EnQ6a!WjXR-WYZJAW7DmUg#iW*YWY<BIPUD<ogH1D2X${fD50*kBZtU48(%5r>
zV1Q}t@djPt7dMfX=a2lo&mTx{Ab!kc)UMH$_`&_W5iA;c6u#1;z@&u~)yF3d8lo=~
zg|!(JEY8?wsHL#62YwAa_8I(ay(&tBW*-fjh2b)uTEJ=0%L*c<uXnO4XbFOC$$j!M
zw}?Vi3om<E1~LLCc|uA>&$y9@Ww7ms?r(V&v%DiM@1pPsp5iVwdNPhQKj=jHw<vou
zM0Ie#JFVsS!!5C5l+hkOlqm4l@d)O&B&zqb8kfmuJ$hi)BVE?fmbTIDs5V#xP{fER
zK1y8WYNAHD6YVq2v(EuYr|GTLVj!JL6p&7`wEi5Bq9*C}^6*W1jk2vF1EYad%s`8(
zL}7fG<bQw;Fh|l$lrY&J3ZA*v|Hjmu8<D_PFtS{Qag>+DMi_9u>SS9FFH@bmi-}v9
zmH~AUj+W!yAH+A6de`cJD`!5gxs-{)Im3Q{o3h*sM`{zpi|@uK&K_xoq$<57<HBP(
z#`*wg2p4-Dt3-{!Dwavm8ljqf^R$Nb8cSVD#DqbK(x)GfCvN(7t-TC(zakaJ9+Z;i
z%0rC?KbFTd_Ic%1G`-78Zc6$-qC}zrCl~mi_S&Z_o_N>KQlTvH48u>5@3Fhdm*$JL
zgsky;tnFMPuj5@Rm9vD3<cXo=gs{^DdNgBZ_4qi>ilK9yq%_Hs%bLFPWPRk;l0V~J
z_vMBqC6QZ7{#0^niHr@~D4zL2EWWb7dGt$O`)r~(v%7L%G`QRjEw8XWcElyx3cT{K
zMa{);MRKo25>H0jUMSAqpLnY6#p3KeiRT*HUM<f4HIiUQv9~z8IPs)D|Gu!Xx@V%l
zu~_zR-PrV95=qZxCXqD8`9gN4bWE^2%Neqj>~XPxa90dvCDOKuj=X^)GV@iA-;0c~
z?dZiHpR)bE$odEX_4ncg0L<u;vyX$WAGwi4cSGCe5>(0e8@weOBVOZsk+wd?Kjc3?
zh8tJ6y<fs+D?TK=#z$xsuZgT7<$aBvCx#k2FCEd?Ibq+<)4tGoVtDKj$@z-b-I5bR
zjmgu(QtM*nh7rcKmcO(&`wCB=qOe{x>NN^Xb|Y{!9RB&Bs+EhgRMpp8wjNYf=KV}s
zQ0nyBBV|k)@#f*sD=+~@Pn8R^28J6dP@H3ZaCfnTXlnQ+EV$yvrIbtVCs(3ko?D5z
z`jwTCYNI@}HCBccLdj~Ztig?ej%`dMXH(+c@rgI(BDo^6aTQK?{zJ_oCH|5dY)FTo
z7Y*rZk(f^m1h<12u9>j?#9%{OYGQs+*LOh<yHgYAC*75dJBah-FK5pKxR(!L)xQkj
zE608k0Drau042`YPx+Sy$wen^f3-G92H+(`wfH>eT4ClD^k`)Eozf0`YPlz}9KOd8
zdR~26pV_SL{Fk6xJMoi1clDh^ijr{wbh~abE$+c<?(Kre8`mB0+p*<Pt}*pG^j&uf
zq%NzSy;LH|45vrqojkG}grWp*&Q2)MuW2l9^}1Tl;kLbKt|ylI;R2PwgrOdWo2}%B
zV+lu%=0qqcsdpZ&qLd=fe`xHY^ynBQ4NtG*PF&(h{%GW+Z*9@Sf=iNF=zr0e79pCn
z;N;p^?(fmssJ0{8J}C1#&SRt&z$a}~b+E$awVw!Q;IbU8nc4``$|2v5_w~=_<N@3V
z@ew?BKP5~JE9HWUQu^`~)^L+ome$~DQU^XKP8Wk1{?lmjI~-!B;Er-?XM)#SXNqVc
zh{&Xh^w0i25Xg4j8=bkMlKX13KBTsAn)X;5)Nj)z8q^t{S~BxGR)3w)>K(M|5yNYb
z&6r1g6EuKsd<w*pCvaeNc!Ri1va}NSxs@RggDLF$So~?M9B!KfM3C2wl{j1W^>p7)
zX1uS`Yk%@=6dbpTC?#B3wGrtoqGq2$&88L$`8Fk$!jIHXMESyVc0JE{-!Aw-1Xir#
zW$z@NN9r@x&X(PiRjgU5Yt{9Gv})rwKGjzJf#N=uR#k7&DwMH-t>T4i)wc#|)rZRc
z>GjoOiu+Vrm6<%CuYB8z{=Sm(C$bEUEos?1tXudPnd-pwr8h7#6`|efZ!3aWV&dP>
zV8nSS8Yuoyy^fOzXraihMPPG4<{+PZ)&A-mrA3)!9(m85u{EKOI_pzK-kMK^B!+n%
z7Y{_<#}IlKDYqQHdw;rw{`jXt611vei&kx$(EnqQR)s%ZLVt!TJ~^S&s>*?_`dC6A
z3!&F**+e}G^IfE)Fah2FF@^xvH}Jx@Wx+QMgCFbLfMM_~iEJ2bBJgp;p!zh1!O^Jk
zAD8IIUnS952nC5m4Ll_lAUKus+V@5_%i&%xlk20rd0k$|@92!?#A}^*Hy6L=wM!Gz
z0v>~OXkueE$9$gm;(^{Mwyr-r$*acdMN{JaT-8tCt}g26iYAq@<0wiDEDthokpAPq
zoyT+|^Bv7nw+6Rm7Q)}bI@Vy_KnJmK`-*^wbl!uRVu{WivHa&Ce&Qd3_%ZJqok^C?
zG$_Q;#3S5iwO$Z=9Xr4`B>R;z^Cqo7F*P>qoV90<%-6L-bEix%pLGCjPfBP`yp=K2
zd|jIT+t;Z#agVhh@$R*c0njGyh7fMf;G^~^9kQ_NFr=}fsi)8M1VO;`T)J1un_lg!
znRfP>dAhn0=Y~zA`)1<%(eYI#gi88hksNWjB*&+QAI)VhpN|f4NnoM5sz<VbQT&0H
z$gP-wEe{#Xt(!gqv<hbSA^u0%lYilKN6P}+mIrC?6K_!#c|=}8rJCc&_F6r!k<&CP
z9UZ;S!6^x$YbemeP65s!3EIf#g{9)R1gT53Iaf6bNMps%3TG-v4b`{w>0_K)>t6P+
zFPO@q6kDt>n4=?qec|_iM$?yKO4r$a9vl9yE?ez)8A`}g_|p>MT7U9U%HO}yWh=M8
z%P!x%A>U<C+DD>ly6ste7Is~=z!{|LqT@fl>(VE0-F17u`EPgKnvXUVcAdd_TxzUF
zc+r3koR%591Fvt~{tncvsjvfIzZLBPma3r;km1BP<okqo#)8{NV<XKm&0JMI?=xQ_
z=KPT0Z&Y)N>07DLf1oI-&^M|9|I)npqI%bo?Op0BY{|Z~B=cWX8B0zs4dICeoliP&
zub@c97w7@FHNJ0OZEZ}~iTb2I{7dt|o@2Hj$}RDI<t@_ICbQ{d_uL078B5{R23~`f
z?KK%|4QYUCdL(W!l3f!qHH*U`G=0iXn-T}$E0cxoSfYv9lGdRWV(lHXP=#3Oz~WG$
zkd{SysY;O=|17G?%G~-U-HP}m?IihW_uBtk5a~@*l4X(mVyTXGK8zLaqNip!4>QLo
z*}e9O@PN!Te(c_!=49(6chyurMaS_<F^ZqUYUEOJ8&wD+1FFz~$PA@`!u`KMT;}Jb
zT7*n*{Nun0U&n)#CQdpLU`<E9$HYC7oEJ^0Da?9H+nQ4c;Og|AzQXdGli$adB3J6Q
zC&>{@e!Z7i38%l4<NHKTOiagHi5>WBFrF&rmWKw;{Ov7a83Qa-vo022nVa#eOszq}
zjvGj;<;tG`W379cC<4CpgmYc*3s}i>YelMbiTaf_%3&+Hh-GD2bK-)P*6AVyyrLu~
zuM7pLu_*DEwk&UAZRRr>xqG??8KxZ!y=@x3&^oiA;s?%A#STkBQQUa1m0l*|R~td3
zhAoLD_Iv;k9>7_}DGyM4;{(+I^FXLMu_4<jv`fNkEXu5}VA+}t9*y*^_pq#2_jY&`
zKGT0G(Xe6nnU}b&YCq#yEmQ;+Iv1<ZD4X?LTAgQRDcz?5z##x2OauUAUfMnYDqqg!
z%uG;9jjaUG-2imIVMGg%M2y`*OboR}{`r{zXJ$`EJN@KQC0}n5XDq3BpC9iP1rm3M
zK^nE2j0L4sHp*rtxZNFHady)(`|UTst|aE0U)#Y;mu9bg8VcG&1(h31ZJ<IGC(GWz
zn!7M*U4PPgKdEfP0*hEXSJH0#T}BK#G~$*;z>Uh4{V+?*>;3k~I#^AZn3?;6M3GOf
z;L64tu(<<4#=Xd<0Z4L|i@=RVoD>iP6$PpvWmsx<jWQ}V)bRA%Qbo|Ah5{;y_|5JF
z9wn7UCT-bY;k<S49B19@EYZPMf3`{L9!heCn`}t=DADm7zeXLq$=7J-aU7z}_pT%{
z!;=Y5BRMn8{IIImj|R7Z6-(|A&0E4??6GTfbdPs!Vj^|tx?+hPZ0X9M&T&5v;`!<m
z>GRyKZsFvA6!90iRv%kUbuhaV%932i5-C{DiWIJ9MFwBY>Z2&XqEE1xHH_Z5GJLof
z|1!mCTy*(p?9o$$MK}#cj`j6A`_kXn;yUVU4W2*a(A~$Q^GGXRnyWhRWoe{oXLO>`
zNFqsJ-y}}rHdoa^BGxvwY~0{=w6Sc6TMRjWwTmvq5z?*uFx|TJaq$Gycl4(85Yws=
z5O|j_OLl5qclIV*%smWKn~Lm7mJ+Qi{p1l+CoE-AVM3NQ)gTgQMi7|Yt!3l*rm|%W
z2kk|&Rr0kn3${w|m7@LUUcQ=Fd)9#A09Y~-Xz-Rqt2>**hhxG!WiL=WeV=4>4<&a*
z9S!kue?DF|(pxfV|73K8zB$Tms1fTH)k*}YA;SCuJ#CaR-D^LAuXd-)|D2%LHf`)-
zuKUZ^P$iKTHPO-c+M=`<FH%9<nnUKQe*L1GK;8@Gs@pZhGZHj|wf~Yc{;z0%%gJ8n
zEzN$zU2`#Wdha22>yHKr*S`u9g7(|hr8ZSs^Q=F+<<Ns66|89yd-u!(ki45K3)A`-
z>3$V6=nXn&*i_!D{?J>FDn`nmm+5m;F}fm%W!h);=c>j~x~N%mM{zo+)fp_y%*YLa
zDSXORee(rh+qW5j`Hj~6GglQ0K4==?4;q5Gs#-q$nR|=HVr?J>Bg^afZ?*|CH*2o|
zk3E@h%T;{5t3GqK`HU~hobFy!XC`9GW?v>KkYxGAo+bh>z|1M}Qs%TU2*p?9G|BmC
zqA&KYM=`n~2=SH6L`Nb>o>*PBoU3%s;<8NMk9E8N@q)b+mNwb5nJVO}zV-}l)$+tW
zi>X#SK^xP@{b@rkvkbD8L$sj$nxXF=QCW0{a92=A>wHWOxOfpYL!~o8-sOIhMQq{5
ztC{CutDG0^1V+B{f@FyvCPQopT+d6{9Nff{DfPVYEiQniCIOANTJVm7{v=UW44&b^
z%ZK!s7k<>zKqA_ooK8dn;4*tT-#kBSUO$aEf^)52!-!OS`ggag4G@gsi+XI=6Dd~X
zC$hw7HY8rwH$)wrdkQqM$@A3yE{S;MGR@{#-_a*vRB3IOA0aPYJ0Y+EoJKB*je(6s
zJF!#u43H;z2#}|ES^+B6ao+#5I{Hl=)UDkA*_3!8U2}(ncpbnXs!Cc9m!XvSzioc>
ztBi17>oIAHwD1;EfLODg$}E-AAROo;wJQ5EX&yqr#9Y<q{WkWh64FiKh}^PXYh#fQ
znudYPLVlH#t9s>0HJ<`B1SgRtkLGc=5aA0u${&l{UsHk<hbO@;O2kCL_H-ehe`7FQ
zY022cq&tO7?Q2gYER1q|TnM!*h@KW^m8BoE5y41{)MC9Y!0ZFJ3rI@*B$$<D$H!r|
zd!3`60JCj)iSsdgqkVGgPFr9$sZRlBFC$AHvl-SCwg<B@N(eA(L{8hE@iF_1(6rDn
zyD!O@H`UKxBS|E@1~`^i3Ln2htKoMLBqo+Zsi=}dqFp@M5mG__GKs2zV!>(K-XbD;
zOYi)3mAbkFPA+=}W}C$=l})MhYuPwWUp38^VzL=sOIBg)HE-pr7Ci0Np5|%@rOqkK
z?%Hqv8;cKapLhXzoPDBrm97Ys6T+`qNsdKny0w&Vc9RIr)rgmW>eV6he>T8=a&MJp
z=Ly8qSPr-!Q!V4TrF_ZUshB^828=~pzuD`wTPn<tBcvJ(#?J>NW9}V||7h&OuX9`j
z&pHSRw58lJn<+zN<M>fb&@WLi{{5nzy^ik?l#Zd^6A$-&UG@-VzV5bgFNHK>$!7L$
zOWC{a<-!K$HjH0Q!I30lhsG)tF)H9=G&@>zZY<`zYo%H0y_R8`6Jf5un7m4J@KxO7
zZ9cwCHys0|dF_=VL#S&C=>y$|px{#RX^_SdlVowc>!WyI`7(|Vpy1twRe*G+ik4$c
zU%z3zSZ*oUJqlEKOHLnZLxj9_8`H2f77-V^!H(Lrp4a0#_dI~x`!f3qt6Hs-rZ!3}
zFnKz+!jEl0b101!KkqCH*b~T(oI9cOkOQQ4DL;87R21aSmfEJ#A8@UoTEJSj%va-M
zO1+K)j{>SIN{d?RP%>r?Z5p%4n$x-@08XyduQ_pR=(6*$(~uqrqV;!V8$UDmgU9KO
zyN6J`O2}c+yJ<8YuX;(6*~m|#`$%={%)`4gJG8Co>U08`Luzg0f5Gz8P8vEe{{rP-
z!q1U1zMFYWcV<}InqEJ5qFaT%aCF<6Hr}WZzq}W%ydhhaH{+D-h25Fm+SaTuC}G%u
z5(bv3g8VXHvN9plEnsvD`;KK}eDqHG^BdgiuzDfr;Nw$c4=~P7A*9Jwo$yFCCUXDS
zvbQ=;wi5#ZRk*W8na|UO$;j5I4-G(l=1;(ur;N<2!~&#;J|5}WD;#zY`d6`=r9VC~
zHsPbfo{X&DNk8|FkQcPyk@8l^t9*DM^5A<$b1cM)VK5EzZC^CnwHRB|`yQqG*wlqi
z8qyjN@NetR1sXA^0aH+yrK+|OH&t{l0k=w}FQYJJ<!Rnb?b^*;)v3T@!?ZQxiZC`r
z@j8kO$r|_2G2|eu^UAyqI9ySf3P@hTQ@5tgw;D8{wGC!_XuFV{9loKrE1!SWFt)FU
ze)CYO*36BIjk(g=KVQZ<GA>p8hu6N6O1L6L1>+n3C#z3LHXh75mp=T^&+CqaHZ?K^
z^syOZq<fD`jy)K|oR)5Q!qFHPzNVW%ui0(1T?`Z|YW*Kv-CZ_JE1d$kWq9^0=rolo
zI(X+6A=SEc?08KP@c&3e%6J*+8au}xBsEm12;TV%oce6l{j6T!96R9}yijrGD>94m
zaiS816K>^sSg8cN`pnjY=rbYS`b<?2z}%h`blw(r_v%FvoY-BLIw%D%vi^TAy`od~
zIXY0;vKKd-f9f?=Rsa}1$im!8GHsQ0PAk#ZTCG@#=kp(wX65vH8~;kp67zePQ4f=_
zq8-6t%N`0=SkPv3Wdw6oSHL3lK}xHiW?Fw5X}`Iu)08GqM1C~MHA-4Zz-*ki<f`W%
zkft?1d<(hq^{Sz&N{ChM^1RLIpvTj(s$Jc!2f6@B?iQ-~8cTg|b2OeC8Zi^Nm^W^d
zy0M-wTv)Q=xXPmDbM{=?TzoekfFidK0c4#)4)HnDP)!|3Aep+e4rBNL59xPyDaD;B
zDMc5yaE8D&19;-Ll0m$I9+Kd`iKmS8_ZQU?ZcMzd5#34lk3V8VFRE{J&5$f#b!tFe
zC54jW&7%fkHpZY$`yj(jwmfYe5<q$dARlcV5=BPqkjmYlm!iE+@WZ3uU4vE_?U(>h
z4iw92&T?C8ly?!qP7}1Ws6lSclQ(g9X25cCNWgNwp`44tawwo#s0{XmDLXO1)YGEw
zFqY0}^}B3i?rDd|yZ?@f{ygWlt#iH|Aa6>n@e|4mK_e~Dsc;?HqN+J|Qe3mu2EQtI
zGJpda#09*a4B)heedc_K2rXZ=ohP5?&W`(4>omVWUP_~dE}bJ!P3)~(6Mr8US|{V(
z`Ivi+74w~cj4c0rK#elUDE&9WetZ*)pO21FSx!69khS)w+}MuN$x_VKZ(2T4UA8$+
z^JS*5I@);ZFCagS5amga`92#3DSwMyV_z8n+6szqs+c*&Ao&a+aYk`&+t`Yo*dd3)
zqq@=lq1HDuAE;Oj6E)Wd4J$#}f3cPcQN{aq_1fP@Ni>tcw+IAZGA~<X;*Qbyi+#~i
zceT`M-N_sGkjyzo)@@XMwbb`>DS?<ekAA21&1mYo>j`+*UPZmx9TbHluE=e6f3c-)
z{$K3&o&3K6_MO8kniG%2-g~6E?%r7O`^_WnZti%b^-xaMSD+1V^<htLY_FiYOIGPj
zY6Grpt^Ed%Yd_|yJ2p!c`D!=FmKaut@~LH4S+cr?-+ceBQ~#z8?fQyiUm=UmGj^Ol
zbKFOE(a98bc%Dc5ops$6Y%8S@l6&Z*W4BC%(#OtnyFF6j&4`1i9sXke<KH*1#d)ti
zVTo=&C18T{UOVts4064_Gj5zFn5%l@Z)zbG8*?4HYBE+Pw8{)pQbWIT=eF99#$cnw
zAwYzv>QuVIy$UFtI&|@u2f@XO$2eU43dty4(XTy<olrsTKR^Bx*M8VwwLcVbwU3Zo
z1}Sb+qy2_miOT4OKFA~$p(R~@tMXke5(v6)*@?7~IZsh$LoT*@)vYGgx%|<R%(uMR
zFZkz6G{#jJ*Wg~|D+o%*A;p$GrE93%)~D3xFCHUd?TX3vD4!K5TBABN09O#=nt&mB
z=vl{Y3sXby-+9|~T7BRkee>srg1!+cQib@m(1KIEg=b*jgS-&Z7zQ2xxpmEqAyPU-
znp+CtW7`z+qXPzk;y@pYJ=8}GjJeiOxB4X{9eAZk#SNGOaIU&zYjCKY1~@JGW5C#X
zFfeXB+9Bie!wZnm-}-BRv2}IU`hQ;C{4WjC>cjo&cA`3UypHXe7Ji0AI4G2wE{2~c
zN14V*leCk6@w-D>Kxj%G(h#vrf@FCgb^f-FPnDjFs^@4&a=@rB(X?7;(r1<8F~nER
zQ|H-fO0!mr-^~%IRcpQWA4_<o#-*dF<JU)%U*!f=c2VZ}CmQ`SQ$weH<s;)BHb#(D
z0o@u~q_e~pG`_`pBv7IjM?vx5_u2cQw@z?aHD*YoMQSh`L%<Zm`s-f|X?Io#q|+uD
zx)|S}J>zGNYSW<&eZI#|-nwz4nn18w%4uW~ZyEztgHEqwt@Z#^2r-!_cRlRpSr%s&
zC){LiCJ|@#z=9;JMu<sPt=OouDAb8+=crWbN1GuLt=V*IpYzXa{U>7jKoiq%(JsVv
z|9YB}S5HE1d3k-GwY^{F9$6rB>yWwn%ll*fe?tCVJAUi&MNiSgLpSWOZNAn}GsxI_
zdW;*&-#SG3gE^Al3%lxw$sqD~)usQc{GGpQF!_58ZwHmX7wSX5{5|&60rK~cOSaYi
z?UuiX>^}%D9z4R~Vhn2q1@ia$R|d%6JsLl8?MwC>r1q2i+W%ThPxQ;*y)`@n`Ma|s
zjOp!?zilsUTmF72FMoZ(ylpu=e4rdYV+?*Ww@>~)f6TTpHMFU8+jM&U$U(4k@MzaJ
zH>q#7mcL={%PSCgLv^VhyheBuzQlU}MftniU{L(N-a)Z1Pz)x2f3E?vwfx=u=dHof
zfZY!Hn+y+vjQxBtu7*_dN=U!_-SNj;SGS$=chAA9yX|n->fJ?|h4S|)<jTJ(e<wNl
zYv$CFC%*jnWb$}#@%?`)kJs)0smS9ItaOORJ~eqf_w`REk8AIHkIjACs7C_?sd;`b
zTlp8$3*Le_>Apb!kWt}4z1f<AsJ5q?X6nMw)h7;Mzc<YtoV=ubSPpVp9Spo}On?3|
zVi2mHc<4vDKtaZcu;bbTXhOgU3$21q>|#SLHM5KjknC;)<u`hn-G}X6y)Oeywo@&y
z$C6j|<*GhMrfhG1c`*=m4mBNb{+p;-bix4Cq<;8`QS*z?AgDR?kb$WA-Iun3nnPCf
zqh?3WANS*9w=M9o6Dh%m@C&IhBeosJ4NPr=<q;Es&<JY9J(GPA=%SxFa_eSpCqKJm
zpFx`UwSygl8Ra+YdI0iGS~SDSRefDEZb0qn|IlS08ubB1-`t@wJ2aOc@@<DZEBQ}i
zKNNa+v)H?OS8G2$(V&M}(8EsT9Hjk!9kl&Fd3Ip?$Nu~6-+Qq3ALQEqr!Ts0-MamN
zHF*2=VLRF{|8o8Q;C3aK+Ygq@l%VhXmb*&iA;rhO=1;k*=lP(CPzV%?fz;^9Anzre
zDz7EZ)JY0{yt_A=I;ps>E550O^}f4g%GgrHWUaME?7`N|$T`uJ8vhw*(GK!U*5|5P
zsmUDxFt0dT<WE1zTvuztzN@*G6C^Y8ZsxWc|AX(R?@7UK{YNH9`Sl-b7|JdUkd4wf
z6+K;%6dvr{_!+#s`<YR@@}`kIC~paG1?pVhNun*_8OyC?8@+$O=0md=n1#K-{pk~;
zvKPq7Ucfm63JSVV6Lv6tiwa6iE7Q!>u$_>-;3PXSz#_KYZr@3o=44AaWTIIdJ6SEy
zfUHW~F@!5QxA4d1#={J+pB^H)N3*Xfvr57T3Ab`OX7JiFph%s!E`K5C*Y6IN`Pn#X
z507BIKXN-unnl^>tv+aDZC?`Dwh8^Hb^BWFA20)clX!FDq3mb3$`!et2H^aaNi=EY
zxS|FU)UHH><z*R~xHf4-8y;p`CH{AnDd(J`UZtN%daVrGv=WkYK8!f%1;q;nQGP=w
zn=+(t>}(Gg^VD?I`2@l(lHzoWZO8~a+Jotw9IkJfpk*j+&ai=!-uc5_-0q3mH=UQw
zsmNyb-G;6(jmsOySt|&F4^646U)0&v30F54Kf=a|7Liqqc3u8?-fs-Ziz@}dRwrCW
z3EA`WK?3u_m-B9g^~(uce^AGKj|4%-XmZg>T+8VWi4SH!yLGk|u4Cqe7m!xl2eMoj
z;MWs37iGi?JLW~vF5g|5ZaG8oo2)M1{~;aIBdVk0*4oouP@xX#CEnOMFZ_bN$Ga0x
z)gx1NjR#*jIinUEQ_L`;IQr>~7I)`f5W?NjL0pHM2E*b4yeaJ+>Xs0v*dUo_e&VDf
z8Jl_MkX+92$wz8m4}KNBTv043ZJC)u#P4kTnM&Lak|RagqF_th9{xLYXeSD^CG3rA
zbhc>XF#2j6qBMFc@yz*^)`yG2z4R3rUl@MD1(t_jbb-a;mk4Mt?<t;Y*!A|D7rseP
z!LEkwfaa%<xA-5sf{%cZe)4D<hO^~$yzHDGz8YyS5>Q5wfGLWg(;5SMwTffk1wP|z
zk`zgOC$8}{jkw%XwfX6KC|2c6w{-AQABO3LFg%8b1HquH*YbsvN$$)F3zri$eZNfU
zsJx!IDvRnpSg@Xpe^B0-xIjm4_W_HMzm#W=l|7m?89Iyd+)+<4Vs*dQ{!Jm@S(8rg
z+lAoWvBcx<{8J`o9W&1_`F$MGoPsZ%Q|OIF;YC0p=l8;O9x9+V+5k#xjrA~zrjba_
zF4|)yf&ql^A~!Lr0;@Azp(s7-l>^Nndaltab+G)ZvboRXp+V{}GV0L>Dw!?_2CwlR
zqsxIc;+rsYi@j&Hk0NY8T~BC6#F(Dplf@)nPK9`}bR4>`1MhmkYlIc5ow*lOZ=3K)
zf8<0oFyHBZ{4L@bCS|n7C&MhUNj^nWQFf0v4ZV|A7nwc0p_QGk2e67?e?Wm%xJsX<
z(uBvQL)3o&Q;|s#S_)`I*_nohd>WC<w^aw+Q(zd6H`<&RepNKf&gEsi?}TK@uBeS+
zj@Xg&dwhY2jrh6b;3}drE7V@G)tjwe$}1P%vfg&z31uVh$J)blRTA7wsfl(HwG{_H
zE}kM#1(Mzy1E3}ie3A<Q-bzu>xKRC~^LfOjX<bigndmOahAx4H$DsM)-&-#tOYF&=
zu6hRCs~zs89WtRQU<=ENC@oj@&>ye{0LzXaQ6~^`&4goHtbI3yCr<S)z>VrGLYY?>
zO3q+f`kHw-sW3On>VC;ktv8rV^|elJKpipjAguxfCN{E2G)qJrnq|?vWvOJ^hOc?g
z{gY|l{xX(GL?$s}|HZn6>R|$MRVBGl%>U@@4?1@*D!R1H|7LcdhF&cLkwAy%5>KYz
z#yti+KwpM>?U9f}gn$xa^m<tvsdH6bzsI0x0E`2*<Mp=&+OgUT|LA#IY8v+GkMkw7
zjM%3(bQ2PW&_f}!(9ms>ko~my!_;k5a?+<+$*gTu@@?LWWr&5CQH=%;0SMRyuv2k?
zh2ga>fIuYR)xd%5$*Q!TmCnn(SGhQRF?;Wrk}nFM<pK-s?jqjI59`>LneWRmgTS1y
zM<8Hck-wB??ijLN5N%g!C7BET(xyAu=L8L%XB>it&bNjN0C7u$NNm(#6lhkDfQ|fR
zNM@hygN?z8zx%KdDT5~$a56ej>x6Sd+bBjR2^1H8^}W`Q8=8qX_;Euw@ri!C2o|IC
zQ~Y>^AD`~WLw>x?kJtL~xx~eV)Xx0i>tZbBs>c1UnuhLZ0&zRYV!Jw_IFn{zZ%1kL
z#{U^28=Co=579p%3xi1AL|~B(gzX>{kg_PC^M!WvL*y?zWL_4p+Ma>-|0?N}-6Yas
zE)2T_yOOF8itvzalCDDB3M0Jv#_f&pAi!nMgBYoQsY6q<D~cky$MXX6J^S(;uNtM!
z6XO;Lyc2f!;!N_xlH0Xs;EnGY(xlrJxc8S272NHs%j&rZaQxcxdm9t$?R9kokB+xf
zKndx~ACe9#IgP-dGSYR6^lWn^Y)=$Up2i)dI1Bb_C9IqiuCXWA6Z16kj}lO$rE#m#
zlazptmhwyqOsidhIWhqo|DXZR07GyASOj@=)sT~$%guZ`k07BTSM@(Pq9@#j7A8ex
zoe;@JMupYA^?XXLNuM}M^QnJ({-f!Yj7B^AXIq;TMc<*&_Xz?>pdoE08fZwWv&aBM
z6;nhurGfHAw1OyErJ4~Nu2`e|U@UU?xuXq)l);}pEfeu%{yIb&EPgPzo?=;B<NLe0
z<1O^6RL?Fw{Swj}v0TmEL3JNjLgeF0SWF4oD?cuK$;V}HRrVu4F8kg4eGL4EkzEI7
z8+3-2g*vB4PW3Lri@x09(K2f*ec&sVS1xo)rEp^s0vu|pq}k)U8j+{?A1d_0yKQ0k
zYkI+lVBYDbessNL1id994iK7`8AasIRe7omg11pV%4x8{08r%uLS$e?P?Sw!Nw2!~
zeJyI7P3RPmD*cdqvDoIs(WGYXWDCZI6y^Nba1f+^t@StvQ|Zzo9wIEj0X`AIVsi~f
zai7H*MH<p&{z#R|9Sm`qhiZsxG#<c{Dfxjsu*h5({<5FmuuA?~;%b;0q{<rXJGAWW
z&YW10C5_>RP7?ST)l+J5g%|<z3OzMyPU5?6{1xjMY<a{;yltfK3!#7Ig1WVy(LY5W
zIFb3kWdt`EnWX<qtFO*JMGRQ`8d?M}?1?;Vg%9%aDbZFEK~|d|*Q~~?fN9zjo=JMI
z0v@R6DCgST8|65+POuu8k>7d?%I*@mk$<f{=h*_5@~`*FP!z9xB2$&)xHXFvij&`@
z4dqQCu3oo=E;?_z9~b$nCp3lBtoNrHmV6g=k$f(%iA7Z#U9YL6y1q%N`P}8F4iP6R
z=E&C?ef1}id74*6xvHNpaN7YPW`w>)daVV`PO^qzuIe5}rWRgwAka_K*`G!y3v*Tf
zMVh7*hhd4SD%l049~~vA8s*lP2J=Q+;m(*BL|c5ZGv*COr_6-B8V#&bjJ6T3k$S3;
zoqSXyg$ki4K+O;I9#qX$X2gv~DZ}M@i!z)E|C}&6g*FQMg}#72VNC_!Ks-Oz7r3Ot
z8J}*kPl#cnYQ;_Z%Ge~hn4osgmMRHN?y{#p3AJua?N!WOK)FW@Xy^~8Ea5)!5fNiV
ziy>*njI?TeQmgSvuf~xgsV0Zl@q0?Rhu@~~Qp<OfiWJGH$cZXM^rSlh@G?NmsE{H>
zg=i0s3{4Rc9m?u$a=6wm6bOgNh3dm^X;_@5z7t-mUZe)Gabfy3W8c`R>pe|>h^Mwb
zI>AZ|bd>4k#DK@sIAy9Hs%ONw?pnIUt0-2lcB%J7j0`{#V*|;S6%B!i?3iJf5Y20m
zOTlZ$wn@$2WbhgQd;B_YvGVC2;&xy}hbB!qTA(jfE21ep<TL#Sh+1dy7P0^%@U5+^
zNNC-+NI(#l*b2frJizPxAs^;)cF2dPJLIDpq<$>mX@`9NL13#xJ{;`%np6vS7Qy#{
z5*(zV3NdawkKmkOD`*F44mWH%Fzq0Xe<&#EhL+28Fo@Jp!B4u5OI~>}2PAWLFlc<J
z+YSct(bg_sq^J{;r3W92LxLT1`IA97Fe^HyZ7e5)7IHG^a;?P3?}|GOM8NAfMMl1K
zonTKN{#n$agY-sfu+q`01w8YIc~l>WogQ#ra#`O9s|4V^q_DZ|6p~nP6>?kEBs!M0
zq=pF20MqXPf(TRnt+Lzb5z)KqH!WEJSV`0Mg?^vHQ${@2y;2G(aaosM>M+kQ{u3&o
z9xGo|XCIzQe{sBPX+9SVOt!GplsfXjR?RP-P_<purb>FNDG#vL5*JwbUxXV{oM?-u
zXx*rm1tzkp#wiu<lR&Xg!FyK0EQ_gO3=4bDqWEXrdqHX^fPkM*bW$Ic?GU+bXr%4R
zaQ)EMopD#&7#^KDOHF}mujdqXQOhA3kpfF6FIvB>B{X_rXzO=@C_VXGIn480zAxrE
z8Ms*F&4kDvxow9`HBZ(j$uJSfSSQ<2<<iyb@i85p{XPUR%e(d+HCzlsFS}nHijF<{
zotC|mV{7BD?GTNx3gNx0_4UjelHD>y#dj+Mpj>iM<hIhxt%_mU{Kzx|WH$lwbpR>q
zQd+zCst|;BC0Bb4giQkB(wTzERsRCj1M=v%TPl-d4=My8+sq(Q3yWGS30V~_JJxkY
zZY#+iBmn*!03x>)w|BLUP;+_=VSPhp>>eEhAyZw%``PO8MY%}ZgKU2{va=}c!!b80
zCEaQ>7WFvTT^6GIb5)1^92$d}h=qYW3rqP@7{??z6dHXNA?Qz~D12v#$g&12V)tJ<
ze=Nhe8B@be-_1YV2Zb_6X^pB^UQdzC>x^mAs@Ew>__{^e5~sth;mWIvAudy$rU9!|
zs>^uVvFZ2B+@{}N)}4Qkrp|Kb-!&oR@*vyKo=zT!;tul(^<L)pJX!pI>BG+!W#*{(
z)X<AP0rNbk#<?;tefAYN`jGgDrVxBGG-0?{b5cV`mK2z5rG}nh86C&d_GMIUT|J>p
zc;Xr2VKmpE_lXI#Xo859k`Mg?S=0NqQq@$es_NSSg!{z*kGgk(kE*)*{u4+vAb5fj
ziT7B84fPf((xigTK)^FH(X`%Zy*#uk;-!^Bf>^BtCPBt=EVb&R)mom`R$8sqYSD^9
zBA4I|QLCb;1TS#L@q(8^@WTARzje+`CKqh`^nKsY=g&to=j^jDYp=cbT5GSp_S#$~
z?47LSlP$S$50Y(1!2f0;)x4vW;iv$_stkx$apAoD07U=wu07Sapd)msRmpm{Vd?6i
zKu;<@IQSSwnbht)9HzpFvA_OQ*98u49jrH&oK&$)6za{N4IIDMh$qJW#LsjqnJ77Q
zNYA|AQ{JDD*IV>xXF56EFZGq@_o8sg*w2RLEjwIQKCiBwVjs~FWHcAB;;o$bInRHU
zLe1;Fh8mx0!RUQ@jbF(IQXeBwY)I-F0q?Gvw3DLK%gfXq5vF&+C8WJ%h#7m=4(s!k
z`&xHiIG|^D;+K*4t^kQf9l$A#0Kk5IhVP{_&3|1?9qNT~>Og$^6oRgee9=GAnw2J>
zgpa0MMx4{PMpePAQx)FU88lt#gIVB%`9i6Ic~mbj-<n0<g1*7*JiQy3`TseXYXKt*
zW>{d_zCvQ`*`0>XqkJ&0-oGa{#|q4|Ww{rL8V|@~^V{9Q{GQtQ&#?K`Trhw0W17}B
zcMxbFQckQhqMWv0X+V_6i&&O*%X6Wh=ZI{c{gmgIW{v69h3ii1hUrU({l{Gxqbf24
zv2i+0A8bvJ{dk*UdgVSw5C;NY_bK~)19?A|rq&zNTTbl;<{Ikw4>5hCs>py@B`~!m
z3W_5>m<Re`&NA}O<t#@C%t#L~TWz8g)&yX#@m~-57s0gBeNV6VOLD;c`K2`dEShE)
zL0q}k2;$e!jnAcy6w&;tTb{{&o^!K#1}IOAJaB|#1EMXWN2z^CD9=ggYG){QSOd}&
zl-FA+oJs99@hnNkKN!L%+~fjFemVf$7f)yx;t!Q~QKpzO@Zkg0PGaz1hXT1+HmHC0
zlj1y!+Rz6Dy#1YS6mUDm{zD45SXE>wVDyiGY!*TtFe;uloPI3G4hJ&tW#Rq1d<5)O
zR%-C;d-D;sMfnf?vGV&g;tdvWIZ_p&^#un6e=oKnvkR;~`3t>tecQWV&NtaNsPM!;
z7yy6Vi#93*z+?fiULU0k?DQs2<z4q%dhahmV#$fXdrMCb@U&bUd|4iUy-MX<)IIG0
zrD@kXN4yj%Z8mAf>;)jy7>Kqb&h}pe(e}kZB=xhRZ6~kEGPKBSmvY^Z*WhNKaYN?d
zsqc6^<5Y7x-s(FY|BfuaqopA$xAZlAm3HRcO80Wzmd{lU9o9b5H{+RCN2=0pCaIgF
z?5N;_=4kMtl_%n9=>z(qxxcZHlyR%?`-202+3P5lyKDc-^?d=dlGHu{xhwe43y|ye
zp)Wv+{CG-%e_}U()pOLg#V^YBS9OCXWS{HiuX?mTB*tE{T7)+E@{dvQ5`~}6RARvE
zI7pc1)j)Tta|zIp8tBG}fvC{PTrB^Af+GC=T)yGxhc<AiPa)C{WTnfvQJ7Yd7<==X
z*2pNokve|Vh(0bGszx?2^_)F)Us={N$!-cm=?(Gv=cW4dg>{x2Zy+r4@`}O!4cOj4
z0Ily*8@BW;6;r9vnh?u(S?YJaN}ZxoHjQGtEOlwGQU|Kk6YAF~R!X7dk!NPG!QA8~
zH%fHSSvZfD)7}BYV7w9Qz9KDHH`jlaN?KIOp4q0wsX(+BQT|JU8Z6}}$FQ~WJ@3sd
z9?7c7>*XKSnNEc=S;c@qm`KXe)|jud$zmd-jrY6FV67xM8R!VAoP1X*d~8Ju1C)U(
zHtzknHdxrRBKOYYCAqN(U{pZe5qt9ne+Da&4^eW4{`}DDBbpS;hu4#@!}^n}B{Te5
z4g4pef^0jMGD2&`2f1%=TT-@1Z$PGJ$*l%fEx{(@|7*)=9$1$FQ@{Uzw2Y=p4!K4Q
z0>cf1{QuT0+Iur~7j{v*X!U<#7}afG@w3WnlJesVs6<B2tW~E8DU~icIEI_i56F_-
z%6l@!A2KKFm2#9{GWj5+qeQ)@^b}f>pM1$)0)jQ7zHKZ~_pO#CqRul^-*@!q0?KPD
zT!Ju9?Wd=EN!IUTevRsrckvX|ydk${lk_(Q*?$rI#{FMS6>ItHb+jxE%B#3o%#5mK
zP`X&jN0O|j_N4LT&zO9?WDD+ykYlxG<Odf81+(8?(>JLA-t)b_wdvdQ)aX5E-;5{b
zR=h|VeyGAX^(x$~Z`xS#e$wmPG=2MtDn7@)`78l;ZXzJVV#d8eu211=NwVjq3X_lU
z>|;-ss(a{imX{cU+P1+<j-tr`Mq>`Qp)4ll>6e?hokeo;W)i*EF3iD*DV<lakWKZ^
z?dFBKDdNnYVzp%Rh~B*4)dK89YE0h1uqA)#k6mh7s*sve-`AfL?3$1sojiLJdTRX2
za@UK7I@6F`B=%Xdf3|Dj#1_-wL~C&GD9aA-6pfSUs_lI<iOg?H6f-X%F{$fovd9&V
z^m&a2<!vGlrjE$s&-nkQ@xTJLEtDi__y?DYi1hSwLGWUo|K&IRY-OsaF7rh~p#u<;
zn|xBtp3g`>qi~MrR-%h~f8Ixae{ZJV5gamSiGaTcC`oN#c=gjX7|FA9hEUaBcw>HE
z@*1j5j_>+nBkufnzdUdzI0f3s4XFcj2W~4<>i+Ck<b(G*Davi4^v44CG#}jL*RU8-
zHaX9Kx2~&$@3QTeB+`=TN9SR6#xJ=Hq@)T`{krfcS@z?<k@aI}HGsj$X^<LuTC_gn
zf`HVLT#QJb)sCH~0zZ3&6KoM7^t|gz1jVbVq{THRHkmhOqmS(-VdCHbd~LmWd+|~i
z`$uw}Dlf@YZn)6rV+8p5`nCgg-PnaVnieeqd?tV&L3noI$otib{=#VT_^xc$jkj5c
zB!{WCyR0_vj!dOJ?U(7N8is^1Uvdn`TRv3X+31h=&7f1`ebMWT_x`GCN~VtF-Tr*h
z`MUJlhM|$f()FNNB=dQ)AEiFid72(`;VY_VCI!9HY(3}s^@QWgJ2<u(jz8$}<8{8)
zpZHtLD;Q$$kzdl0EgIQ3&d;D_?wqX_sC=-7U=QFlZmE~|Z{mev&GR0x+{qy{01q-O
zA4>Az{~2fmWfQ20xo`JRLSPvDygZ1?S4<`}ztvEwLbCsQ5(pETw>1n_iVf^Um2Ae>
z{cE(v)lf;D1<}{m{mEa^A4Q7pujfTGr$dQ{(kbQGs+WDzpV@3J($s%E2ryF|@Pkq%
ze)6iH-3I*(<)CZ_`jPiUKfm@)DNEFzClFT!*^Bk^&`!Vh3cXw$)LzMpvR5hbrXahR
zmA6B-alwum%)2D0eZ6_J0=p6~2(oY0%lCrXi&S=S26kRld#MtuGO&wD+)C}n|8*{x
zR%|ZphR_t+RzfvUcTW5XZgOcDT9<fG+)5;QH{)Ly+YUWZR$fb~qrCO3O>BZdf0_Ip
z)TI2MLk`*e+HvsSnI^8nBuO3M-JU7wPa*666HJv1Qxb_>M9a+^{J}P|_ygU@4*wJp
z*ME~Dc;s>5T_eh8w2dX!F%jVf-h@y0%yahej<WVL1Srg3d%I77#<bHv_t{&A+WkvV
zsd38R1uw?IZ_a$7B`-CW8UH|jaw4J1y|q6OCcJk0G5&N~=#0?mq0>UAo>Cu<?R4V@
zN8*<f@O2e))8}8&FS6(Fp7z!j2j}m?(W^LvIE-9wbY)T3dAIcNH=}5y-O@NbvXaB4
z%|OHGrJol6xYYQ^9I6Y)K1jV2j?ZEzWutf0D?-N>Z}bjB$H4|?*X9Z1mjkaG`z#W_
zj3a$>N_G5@>$N|B(#cB=5y#5LCkaPay5Z;t`7?%uqhreR8b09S)$-0z`i0cnZuAO2
z<S>rvM*?*uegzAzi>q9PiA`tXJ*fXMtUEgZ-c3L4-O64qAf`4`ywZ*za?#oQ^Q^c_
z@yVIuet+Fec@e0}Ke<;|`T9)xd#wD-X@D@>j#3WF;w!qce%J6%w+ev&hg9H3mx@aA
zAjSC71w0V{*y>%nPO!)C@8Cx?|Ih(Ut*EhJ#*mcm<CPwMu+^43u8bkKQ{OMHts3SN
zD>``>FC?3Q$l{wWHk8y6FV3HkTf7ZJ(&@U`yWlH6vtDISq-^R0Z~PR0Qtqm}59}82
zaCC}Hc_W&Ely?(X)ObHGrdNq8rg)`8)IIAmFxpIc`z12XU9kobMORbFA=&i$HlwTd
z|FUV&>i_)BeuD9iJJFseatQ#spN{1=9_&Wjxprd?lt0vse=9wFdy}x<&Mh0HHNLx|
z7kzqX@69F2{S)<HL_Zy12R{kv7u~V@WtXy-bfmUK&K-1(oBu3l@VZYKh^vS`jaQ80
zhBqVenZ?Qf7VhISxwd1wcN3y6IX{ySzqr&w8*^wD3l#JkidcN@r@ey)`^1*Cg4ulC
z=7&GO6_5LA@BKkRew!POUrnA*L+bhvf3jfrxuS@8`g26?Gs^_Z9^~M+JN)V4uaZUT
z6KnnL-qjpwO3jvj%vgL42A{gv8-I>J{_WlANBm)2IB|)uFP#HCVTdQ`4egdaXMU3(
z{VK?RR3<;fR;-p^dqE5(?Y;ep4gA`()o54gsSC6057wvK8BT!<!cmG9cN~uL$96c1
z(+yw2`R3mI#OH}b3Ei0Ghw0&ezp6AZ`??~xJ#nuGwSJAnmoMap@ZSx`F!^cv$Ya#(
zVBfw+d+3n+hKP{9wXpF6pN)B0HugF*c>%>UoZws<BuQpopA+27Q@SKVawLAg)~u2E
z(pG-dUS+^ISFFxy4`O<zfeXRllZtu!p5NkT@l42c=|fiY0I-`b+4fT!i$~XxwAD=)
zH4b7L>cwl>&u1}~SNv!lPwA4?${$@SktOL7UAoSmltIgubjk1h45e0187i_hlvxeU
z%8-NM<WiEm1~g|p4Zm_50Kb*|1YKRfN?q-eN6{euVej!&>y*nNb|5Wdy)JVTOBVsF
z_jOZHmM$vb`LN(w`p$lOjxL>|4O8pmbbC@Cr}307X}eMtEnOsi40LAmt;yzVwS2cI
zAGG^2t%ah;7d8&;A|$Y%eMv4jShJ)(HA;WV^vBU$qY1%wjqWJnS+HHD=eaAaX{O@Q
zeAg`b1{J8K<saHCS^PblB_{tvr=Q}^eOG558Q|TW>sslR8{>M=F?hHYUIznQUPMy5
z<jKnz7&(FchF3|8m_;OTSqQkX)!qZt;3n{@k?BT>4;S+%U2-19+VLl*P~Pg=@}cY>
z;V7&sEyjIqIZS3$IU7;Oz2^HD6e&ZcveW*aYG1XbOD6g4H+)0dQ*86Ye#7nQl79LS
zTkp<Ysa~8JI%kEmhqH%4ZTFmb`_^H)cKigD@`_0CjmfAYw~~@N%)8;cL7MP2Y$7Js
zy}YJOnoGV@$S3x8#a6@NdG>AULN~s<&5R-hM)GH+>GX;&V%7Za;y)lYPMp)u{?66c
z(>o0DM|>;+Q81TC{^^cx4EU;_(5L7X6}XEmC$D&M@(vY}*l?O9nR&zsym^uTx!CN-
zZsLkE?|TO_*peghD>8c1%Ey=!0|I?7;BVjVtuLwctA2gCrRS^k9)bKs-zwX+zJk8B
zS1#$Mhd*$6E`Jo=L|2$9_=|%~u6T!kAbe)$YZhM_Z8giP(`|s!70<NyeD0G!kLuQb
zFaBJ`+>6BTbor@E{0NCK_GUGc%Rg4J|MPDC3}T1>lnIZ1`BT)(m!uyqt)W<keLOi^
zL$-9XC5ai-^OP=mfMob`9xsvjZ;Sa+JE=ik`rnt-Z~i+CJ}bVMikgla&~PfXb=V;N
zb}K(tTetf&zN9{n0=-6PFDlORniZ#L@<*5NnuEWo=@wnOYYzUH&Bu*rCh`ACcb^|8
zV^8QYKf2AIlQEz4_@1Q);L=JU62G8=1J+r3sjGgsVb4kNF(05IdH=QPi*)KeW=5Hf
z3X1!&027HH7l|Y7W9d+OXn7bptMDqkrc3s*&aB`LoGzK3yc{G!sA2YIio)!Jp=hMN
zm8Cm5P?AxHyXJVe_BVD|`=&Xiy%1(2H+~$dN|E>WbDancYskaaWL$aVyT(cOJ58L&
z+uME?`uJ}z@=hU_#0NjVoWGX`_~|S||GI4Q8cVKIa$;!*FW!ZXI9|<N(Fv`oU&-(C
zp2e46KkBRk%p8|48EW+jVbc9d(<S}=1eQKZs7RN5)TkD(U@fBrH(j#HPnhN>Oi7ol
z^Al$K3DeUh%PnDPb~D!2EoY{O-%0wJ-3B<XCp^u5UBI)4;GxhAE0mcp$g6rIh0!KA
zh`RYr`n;8U0UPPi7<RYzMg$@bOy52SQNe#(yc;DL;ogtFV>ti)DZ+V%KT84@OMZ#O
zM$5rL>!7TRVmpslt?!lWJ-l_NU7*lc9(Kw#DHXk=Q@>QDnQv9;_=|>wv{HWc&wMG6
zE1B<}WDM<KQO)zdW9`(M)4vJJ5zXaIDnug-?e_-T?slknvEHfpA%68wr!EAaQ+z|Y
zXTP@@Ku+-;286uhE9EF(BcFLr5S-^<zA3=u<TqWFEux?x({pR^tj5+@S^=|&2JoUc
ziCv1SVQ*#O#1iQx>PIKP-lt>p^TKmiOFzl<P1l&cNwWNY1*V&5U_Fo+yVEVsdw4Mk
z$Pjp}Q;eH^F%I`m@u}ryYPt#dbR<xQ7KeMw771P&y4QXQi9&-9s}tr4On5AmN83vR
zp<U@$6g^x-0#GPhJCEct4MJ3a1`+x%qnk_*N@p;w`v;UXNtA@5Q|aBuH5;iTNjB92
z>va9&zKu>@^2SfkXJwJ|_3Qcy34YTP31;Xy$KHX&i|^ihDcQhMa<9~`my#y-?6yoT
zCByM^ij%hi01qZ-Cw<6LG9Dz<#ebxwBw%FP@4lW~yK|=*KawilmATvcD0e-1dp3Xc
zs^UD>lT$M5NuWX*7>L&g>&ZX=n41IR=ai}YOSjrg?75!2mMpfORGx2OPfkrn$DO*c
z`+D&x+Vj_oZ=I|etSr6PmtE_{onHj`F+j1mz0vy<qb+v+*UiQUZns*xxcStD-N(a?
z{}-CjrCFTS`0H=%Ma#>eGA*e$<e6@r+U)nZFO%85)5Sr1m|J8rtF<Z`hK3V=R&@gG
zTB?)DY)b~>&sO^;v;IEB@1CT7cR`$$kESmPT4bcZwq5%Wn#|rk@w01tliz_J>)TH*
z&D9Qk{Yh(RVaAPL#*x2`o;whjZM^s7)#gun_);sVsl*^<I&+kDChd)W+n)n9Ircu7
zusDk%8ZENlRpHngH}-rD2Z<Ywsd1L9)<uZ#@CltkcYG%%<cFO<x9C1<u4cq|)6wCM
zEy^p)o4JR1&->ZJi5tZw@bquFg`Bb|y780I=2lk`F*)K)_%JlE<(H}hFL3eC2>g%T
zu2Xdn)_c7B_syP&+X8j`>Sl7{CkL6Q!-UMJi$ALN>*BwgVpaGXZa8fzzGTxSaK6M<
z$Scg;R<k8vNV41Vp3{6eoX3re6EDf<kgwxM;JG(n9JoGtk$qK9>k^OtYh7@fhtX9Z
z;CnfOpibuiY>i&)Bcq6m5395@LcfUwBMb7C*|KL-_Dee{T_ot_trurHiN|x0b~S0%
z*n?vFahRpcrCMz}>>ewwsTB5{3F~7o&;2kDX6fIQ3hsya_xlL>6?1pw6@8F)#;<VZ
z{ghh9HVIU;u_|X?9bVaX4U2(p7i;-woL9w{u{tjB5TgNAtfzOJYD<=p?xW=v_RAtM
z)~P}N3{36X)Wrx(hXLz-Z{G}@5BqSgi#^*5PJgI;7-P?J_n9+qL<UM{-a$P2cg`Dd
zb+Ha--e7$eXrbkTEgapLm)wE4VZ&+U<JOUI;yNF%9N!c4vAa#qFW`6{uL63u8#}9f
zvKGiwY~&J!C3oX(MHi<jaXQ&}ySBWE-*Ef<R(|vki!~GFPyR$%b+Fs^UST+X6Nu-Q
z*LP+N49D)V=h!>Cb>rx8e3|AUM^pNZ+=f1Qk$Crf%Q0frWy4ZegdP!Iw1+bW_(!(7
zBUa6t8cy79rPwe4g`+pacjHS`C{-m6l(ioRsnn?K?FH&F^;=f%I|#>ur>7hC4j;E<
z9UmK?7mqphE%filLQRj}ChR%Qv$Y38pNmyq?m-noLn$d`g06PKdF8<oz1s5OlGl@^
zWE6XMC)v+k?ZZuhdb(k>6Hd&(Sv4^krnv;unoeZ9+00Fm+$0h&hbFI7PSy$$Dx>U_
zaQnnkHP7!9{W6Y;BcFVeBTtW}d1Yjc(qS_V6&ZP}DkeAm?Q;|pPKj;iZ}JxYWc73V
zUf1$g!{BVD-?LBT#@Poy_Dt$_&mB77&HpI<hMNdgy3wk<#zCp?@l0%?s=S6z<WV+F
zKu=evx$30D8?cq8IOkL@pzFu<bDB@3#t8T77Dt$yr8wY}>HBc;AO$=)3}%jPp`{)~
zMq<ha?Uh1$WrD6A&H-v8<qi+S6)Ed5AHQt(wbB*Tl{t8{j(mK=$ks>#?ag~=8hdd0
z>;Ox#B!5Mux>I}c8v9wtD|y;DXGuX7?brC+53fVK;~w(a6YRJyepM;<%*G><w}H4^
zdV>6@vC99+<a3%E$p-#YXGP*QL_`S4gLrht+j9s-DQeh=rG|%qSm?}R!1Ft>{et|w
zjQu0Mvab4br+Fw1Ak|94)t@*~-3WvRR>U=89o$0hx-l-X`SVL|Y#pW@XP(?u$Xnxb
zCE(RB^P)y4yYYKv7Iv$5I`gZjfC*O+?tgkE>9QKTZCeW6L;>g-b-a6S!(a2<{P)wF
zt0xoXjoY)Z@YEp3{=<G9Oux)?g5z-YOsa#a*jdt0?$lIGFLthG_b&T7#F>}>f2!HV
z_!TAZml-uaoleZgB3|$X$Y#VI563=YcystgbVpf3O<nbxhT}rj`#D!%NwEndH-xIc
zSHR)T6%(8jUYpRof$<<c9DS@P9BnJ&nC6Di+|M)z8<!_PmBOw#bRjEB3!SNw?0n-b
zGU6F$e!0MT_Jc_NGZRKWSAD=v4zE2{eb&x`3C_3|LQS9MH@rx#PlV>~P_0hO?^J2J
zJsjJC(4d0LRwUmbN%p|t#3hH|7Ab3Vi-dtwJh7fXCl&GM^fLaOQ^}vHH5?_LNZOE-
z>Y<w{Bu&(xlcp=Zls~6W<8^)$6)95%f6kc=?_B67OsopWCb}g4egO#?Hl&$dVRUU1
zUQ=6y?P#)BW;l}5GUGEA1_}PSiMch*H1Q9o<q@Uc#UFo0RV-!DeGX~DH~FG+!ZBv6
zqiR)c)aaOiV5*CM>me(U7`*$&;=B{j9rZUif34(sWqNaX?y7Z^HmL_+3dNp+>52z*
zu~q3_Q^bDZ!Dnd|%JP>Y@RY%a|4x$5mu*^+s%`ztEQkNM^6rox@^0^QyUDu&sf&FH
zcV2f1ck0G22{$^IUVTyaZ_Bra*K*}s!%<n;X1upHc3ycI=JRqekricaA9C!zEqRdk
z8SvDGp&0VS;dlar;to7jx$#Q+kQf|!&BVujZvGSLH!`DfDzZ=mP??p0rv~D!OBVJL
zbTIZK|MDt=?h#Fgk?(02bGWT%7_k}~mTq#cpT_+@(wQHUo-Oa?$T#y4j^}4fCXO9X
z)xG81&`gfhMOk_GZV!1Ej(OgI?SZ@#WlG$gFV!3j6$=}zSis9JWgc$M>0JIJVx$}@
zve02dke8Y-k%30hiIOXR(@h4}!t*o%E5iBQc;6sFD4WNKol^58X`J~#=dYCIX_5T2
zcf<P(?qev7L-K4!Iki31P%Thm>+C+v9DVt3D&UN3n{l`)%rnY+=*cto?n6BmiB*O%
z4KOZ^UrSzy^vUu^a9*Vu9k7ESm(yHJCUmFNq>O+?#YY<xhQSnQ7UA)mOSN>n-WRB&
z&(BvAwJ<H1X!Qq9^CwV<FHg5S(E%uTfjsT(L!QooWV7=0`$oS#<f%?geTh5`OP)sh
zl&AkzH!eL7LH13sgZ!*PeiAh(D=?9t(nK@j6#0pxL{@D7Tg?=yndc>-{(X6Qn+d&K
zdHJfz%L%0SEiVsOLz0)@x1zg{m$k~(x4is&AM*0W-tw{^HTd#U<gY{Hi!=?Q5As)n
z@Sn;{6P5pxyu2<)UY^uTUWzqT!Vs_rv^p)vNdTVCpKfCDMx|cKpZoF&2+kf{%bmtl
ze3R?yy!_;U^FH$N<U)R6tx{c6dj}86t#pa!4(5!%i!{lUbMb*1B6XrDd*{7nA(_rA
zFIS+o#@&e_dnN_|v5Z`{#e|aTJskd1<vbWEKP;sX0h++*@|U1l!>&p-?Yb|3khN1`
zUxA`-3!&e#(-&JsD1%~kY3X8M%XgZeRhwKS><@*mjjGH4LXw}`wBK>&-$}P3vE+nU
zhbB5UnSvrTi;8>mgW$o}^SxU~38HHqfY+%OSVL01or>tPCCM0db%TEt4{Z1gl3Em)
zGB<H*`EcjKfr8t0mYmp+E}xhxP`H9{>>qaVZ<lBU2vgusbXjl=Ul8i2WsEyD#-b@J
zF0aRQ6kCz$@S{P8H72?P-0$%F)?pa5f%+os*_r<;eNt~LPfU!d@;>(hBgWsD%@{G(
z#MaK;W=4$Fd3hhCA2x<fiM+Wxef!0;&b&K#pZjSOiO#&6c{UG=xu510DdB4S*v)2<
zoJktXs0B|A%S(Mt>nT03PKPE-;ylYxc>l3@%m0Op;n?RSH(2r(?=~ghO0pKVv1doN
zGFD+mzia(@j6u$Eu*+YNlpXb;o4=FjCgm0B&2C~QOUmPk_+SaC2_&$t<j#-}vg0U%
z)vEITP1zxInkDmc7L*ZD>6PWfiE~z4ept>Dk`EfHngx8EfS+eAq?${Vd%lv#Wz9?8
zYi_l*pEJR$X?~AGf?4|10O<m@MKm~bEQ?Ckm@%&6g+RlxzelP+4K3$O-h`Ov%oo2+
zo+`$ZxZhWBk7wR;dMcefkU!L%#L|;z=nzr8<i;DhJPp<68-Fj(%g6|v8-<vXnNJQw
z*KGHW1Hq}WXj4D11QvO?LOkI$e}iPYQZgyXx3}_@knfw_@|{IKd=C<1pZ^=!PYk}~
z2|J9}!jE!~eZ)^b|1nEm&5tI+WIxQoudQ%uzf@^zpVZJ4y8@{_Q-e|iQ$?xWe1CTK
z8|1*S+wnM(Vl`R&jO?u8^ln&E=dN5sZ?ikSTwQQuTk5Um4XN#J;zr?zp1RR*f}(0(
zQbXLtX{Fhu!$<-(#%It)OPQ2q3r_v#lkUJRqLL?@TbEKno>TiWp0o^SX7(vwc^A8x
z&ZyMof8I6wHaqjLq*!M5m3dda9gLSLMh*R9ZLu}SYWATp1d|Vo+Xv|x{bElT1<eTi
z6K_T+XVT3W#pKJ&H4@suXGXj(w#5eB^ph-g{GDW<Kr;CP$~X<m^AXqliiBb>hF2Hs
z^cvq49za;rrzoUXlg~K2=1eL2B;2k++-^6SQ{Z+J`!P*UOkPXA`|^`x_(^_+KfU}9
zBk>36hh5ciFzyA~U$m{W+-+{$xQ?D|P6!qH9A8?c5{aqWM#o;YcoDk<#aaFkmOm}_
zLb=qQroHm@c@2l_*UM`-_QXWNdyEIFlNU}D;L6cjl-eI{Id}czXB`+$)RrS8s?sm`
zekOOCzZouOw=<b5fxtXdd$|?1oYBWt3EKx<Tk+ey>K(Sft=@>nzxgCr0l^U8cuKV1
zwSU8Y!p*YF#MXvmFN9;C82d!BA)vk8IyD@(*-O)B{TfFq7}a9F#0kEvpXTyM_)#F3
z2lNZM7cnx$dZ<Xw5*`t>SgG!?Wv>Y$%KVRtUR!<#Kde;mpp)#?{*MqAX9qwZ32DoZ
z*3N#tSj2+1sD8Gaz=Wpn34b5qVQmDbOUk}es;G#IR8g>%z@ov{8OWvSS^+=6H=bwn
z_y~`xz~6*@z>1B0&Kv)kz(CMZKbwC28rfIumFb|KnNIE_(+(z2x0=4jRWY`Pcbb2X
zHa;m)Fw0F8v<a>zfbo|OZc^(T@GCqB0e9<{UKa((5Pmf&%&lw@dA)V}u#G^kij=K_
zhhly!>tdG{g<}8ZFEzrk6Nd7kG88-EfN=ZnumRkHS8CjI7@fi9M%zl=G_%V+&Nm`B
z%{$2M#z$ySStEz3vANt8RMl%-XQIJxuj%IUdXlkm%+}Wy%=LE%whxwqPII~HNfc0#
zZ>sk@Jk9@^lBzo~F^X&7uPS0i(!VaYI$d)0$pl=FZB^gO#w{pFA-)R6#ZJY$DcxEZ
zJE1gZK4H6eQBP!>CUg+Z*E&mnniq=weH%;s{QL4757RM=>3oP(!!EBdV?cBH6cQ#S
z2606E$~BdFaQf!Qx!<1tHSwWob`h!`Ci*lRM99H(Lv<u^8LJCIz4AF+z0HZ97gV%>
z1Y)RF=7-tSs@`_lp~<iFrOQ5-Da7e4K0EV=_AJ-c=pHtYrZxOHlsIAen0+rBN(kXW
zWvQ=r;~#wcb!}`%(}!ha_H&lBaa{~IpEZBPjB}Q(anp}y+9PC@6Mckj9hsg4<m!Tf
z`OcD7w|ccR|5{7GHb_^<xf~Qt)<*<cnW$lkrnrx+1Kwf`Uv{HoUe0S6!Ah&t`lG$3
z6B9%K3jXul{`EzvQQi5S8+S2bVq=cBea@x2{bdQ+pBta>BX8}jt-751GoEdHC%#w9
zb52Vo81FfsB<!YmzsF>enNsv;u||P8>a_eC2G9-q#VCzJsbF>!WAJks1BX6ZTd@Z3
zqkIpyZSEK8e;Ko6pIq!aEr)`}<R8(9Fdh{6XDd#?t`36lrhAcCD<UBhYvT^N?0$_K
zYm1EVW>ve-dT{-b&rPTrv)Z}wv1Mik9rvOvqpvzko+G%KD6}O-3vL=^3Lk?t6uhiG
za@+~*A836J&g&b$3#G}$J%Z0@edLpLU3_$eX@K#{whteRjCkj=u?=S=2UtISf*jcz
z4D8ikl_b0egQ@`SR&m3fk(dh4S}`dxiaX-{*_JLjAc8=#y4A`F3&y;!$u>TA>ie2(
z5hhzV6g6LqQ-{&#elzzVa#@*Jds%9Kk!7f9J4DHpX%|B&bH=R^=P2toJOh9&Gdz*(
z@RT!YS<-}UkeH?WlPlczR=>Lb7cfXe%ai-is>USDu6kWO7?U~O#$-?5UJ{JQH#6g*
zHDp;$)hM*NZiDhtc2F8G?KU8*>%d#%(RKbX*skYlZ}o}Xj2b@(z23*7bG6G_H&p_f
zmA&EFO!7#Qo#ydc4POAOpRi!e>bk_J)$FDh2(QVQ)NNsB!Jrk9MEQzvbfy0R&pu-?
z;#6=iV^*&k|LtN{Tu8l!n!sqono9S$hBXz9gCG@e+V}$5d*IKQS;Fz%+_udHYQ%M8
zgD|9AS;@tR6ODWO+-(4?vWRGVZtPQ=ZkoDqfCc<|k)gy*N$m(GqEar}rq3Ks)Qk!k
zh1ZCJ&_x&n^BS@K*A(qsGp66nqcU}R>k4u4IU@FajsR1ctYAwXncL2HKBvkAB3F&B
zV&!2D(D-tJ1!qWe`P|_5$HDLSgWqolzoFoFWbk`P@H-^<%@2M*q#vqpQ}8QWnBLoh
z-}{1JDJzPIDV9%Y#6|o_RKpL&PFcz9_~EcTEPVTQ<IfA4$NWa06>@WXSUX`ucx@U}
zo!3yXv$cT$vSU=So473Box4*^p<$#3yZIeBS<{s)EgBx#+1mIJOPxQrC{jqtA8E!9
zyfdYOwd?*?`jPS~aX$1R!4<^VE)8ogHwQ9|LGiT{;j=NdT`uxmW27!sQAT^H=)`xI
z*YLuDu2A|k8DD(Y&n?7%sgw6T?bv6crShxJi$JwwJ3cdw-NYdFb%(AQxlR6pwo7tD
zThrtH*tjZnpJz?rR=RDQ3f%k;-TWPJeW-G+TfMIF1%i8`DO_7VSuFsFdIa<}{J;;P
z;O25poo98Rh@W1pPS-0PTG4UShmVA(0<X)KEGp|ysm*!t?((YyClPOKUE{~m(czDD
z$v8M30UOJyqF=+siub%;i)JX?<CpoRi}3z(16qIAeV8cw+<(V9-@^3x_uo;sj3YrH
z8P$<4**r<=IgWi@AGX?ur-Kg*fhs5=D#HI+A7H)RbvWtVdz!L`-K`)wVw*o7TgCM0
zeonW`x#V4ugC+N<rT`Vok27p`W<Rnp>6N5ELKf8I_mJ3ADe*qPLfE^K_uyJKz^2)I
z<uzR3EU6z7pAMq^$>=7owd%cl(XwnsCZsJQdpNqYpz#6~euy`zclQeW#m&COeuO`3
z6q7@Hb#yY^ULa+VQ}q0az?w_Ll0<Y#@IUO@NPZiy0lZIysnCMkXOot6{~_-9<;|#;
zR>}zMBD5_0CD$H|zvN^pkh5fk4~+v<TZ1kOT0xx`C}oo&r!eohCR#6a_E)Z=F28gD
zO-OZ#S=93oW+iK|t2%?7X6j<2%0pmTU<(rU%ez26hRvU75KBJ(E0&DfNNjWJTfCJl
z;cavn8%d(%=NIz4PhIR2o=;QyL9ESq{yynq^P9ec#pGcBdmZ1IwBFN7+XH1mhiJ<V
zFxv^YmBkzJ%svghg7bqZE&saD<J4E=teJuCaXb!F2YP?`s!C_gB$?6oE*i)xgLUL@
zmTCRy#VuQQJ=|?Qxd8Ordh&TTeq97nw6mb`6gNJ<R0utzRbi@GBcj!_S66BNDHRlf
z4CgC;Hn)J`1iqu66P>4VWG2eCLoc3*$fmZ{TfPT|{y&?8z;)fLM51=D64TMsZL;45
z$44TGiA6M{k?m@R7!tf?ngEB^%HvC+xUgE0z58_@;<t-3Bk^Tgm`CEjmo*4ckQlTf
zoEY>>xcXJsIiby&-)>OPW<Akti_CaUnZq8SGb9Azhf3AcaJz1(%1ge(3M|5*-CiIa
z#PsL_X>$P5EcEN-5-Zb3H@-mA=qi)x##dS?GjCVzTn}A#mC3Yo{GTav5@i^(A^_D`
zu^Wj3Y?m`?na`Kv;7k3;$45RFioGVKnC$^a`&E(Ze>hPE%Vf(3M6^6bZ{2Dv@6Oe2
zdW?QrF=KyQ*x>>4n48anq;2Lvja`0n5g9_&uQ@F`>M1+X6c-kOW0H-K#wHv~s%(9_
zzDB=O?6%m-XeTRyM&_u}rlA44BgjS}H~pCQ{)$~LWMN;^{;Wz>D%*5bJ-d6Ze3bGJ
zRkkbp2*mh5BHH{2{9CMl$J17A%nMhqbmos?@}u*PIXrcYomY&{C^eUrzZnY}^eA1)
ztLuMa(S-O2B6&BS9E#Vr*I3DZ;zEgn*1E*dc8oynd5w?N#m6ymXK<pXmDSSb{_Ov7
z%j{Ei2^LY&)t#ZL*#&j6HI472?#tM#L!5VYntw)PoV0M}e<DtnUUg!QAu4)hyD0Kp
zmIlOEZx=}l0Y%ObJY-_iO5Jvu$O!dAQEnDx-PrsIkj2&;kY__D>fRoyQ8vDArhhM!
zCz2?z{zdwaD+<Ng9^H`JzpogH6|{!C`bTL9=sT<iSJS^YtbflnJf+F$Mjz{}sk*8F
zUY6Ux=x22AJlbNGIrGO__u9bP25fHDuSqD*nSS|GEfy}#OtYv^tXW)2!P@ve)97h!
zd>Ia=c@wHXn8BvaJ!0vzz6w=~rJtA>^g|6;B%g@HSFXWBo0CcfYpjZqtU-EBi|?>f
z(dx~O^qd=R{GKXmbmL3JJ4UvSe7rW6!sW`QineEJ44-xKk6H(&a^_2<`n<0Bvcu*J
z{{76CXWjhgP@Qt;OKo-POXf>mjLS{?o-ZeAbeJT}mvxa59a=9iUoh(Ew?7hFa~}iu
z-!)(4F6YmeoLu4jzq_%mDx1yjj(8DEqRkiOubH~g`nMl#jdzv|JrwW9wk<{OfS25A
zwy_<O<7Yj}9{0*n^+snN2RhO=-mSJulys#M;_XFZo4lE=(CGd8pz(Am`X7$x_q77*
z$>y}=>NS*+_<Ri|i`46O=Qj+Nx{YeU|3n8hx)HcZ6a*e!?9s+Aw!)x;@nw;d;fL(;
z!4JP=eAkh|#@7VPzswI$fFH_cP!rJ_&}lhS;vpDmcZ9c#k#=J*1mos+Aa&X<hTYA7
zfnirgxx=1elh&}7iA?}+0Ccwp89sJ`Wths)!}VuqY$M*cJKTJqD2jkK6hGi0xR?>e
z(hO1DCCM0vDA1i^udq?-O(9NEa*>in630@oFOrCPZkt!+R?oMYUgpNH(@ckj)G)<S
z5p0ULSrsRB_CXR8P!j*QQ#_#mtyJ;<dVXI-o0(DnzdgUdNn4ru9Sq~iB<0TSPcp;!
zmUJ!+W6s>(g1VF>Vue4Dm#FCNIjkBwn87i@>okDQl4Y8M>Gs(Ak<V@4j`lF?ONaCd
zEuDJK@)uZ>?P`|iOzqffX75Azi(kXynNxMrZ^{5Q7|(Y_=DvQjiN`OU&#h#TdSi>F
zzNT|sU+T@bGSk^<xfQs(#&lORneCh`2X<2@?P3~-Z5m^O>^6;Y9q1}+bJ?bEm%Y>a
z{~O@Ycn9<MgUsBWMtUfI#6xV5g>YJ$_lyQz`pE~HahbXM4jvL-L5v}POUa3n&OZ!8
z(<D;HX77s<Tf+DZH!~EE=h*wh)obz3rkq&E9<>Bt%@HWeNUx=R<e0?!^S*MVy;)mB
ztWKSazAf^>;^)S1%9YQLXZ)8{|0fKTDLq)V3dX1r=g*yy{C1OC7x;}l95k}lZ={VP
z*2v~s&I!z2xq$bsEtce8aXf<zd$d?9wTAYZ{r3F+1QTdaznM&5UQ#m+=lK2Tvx(pI
z(FEtis@FE)77MNdUYi*!tx$~3wrP5;NA5NbLv128FNNKx<oP>?<#|6Es^Rea1<&o(
zt>dqz2P58371fQ{oa$dU;(hHI6i4z|*qe@tZmEC03bObt>Gvy*`Uj~W@VxCdTh4Nw
z4fd|z(C|O@HabX@JfOENnYU$ndpYygv52=PGjC4-Fsoou(Sw<^+pS*Gwt2tJr2U3`
ztY?+)XF=N7Ehm|&?F_Ons{ml{AJ%c?cl|>`$yV2CD;)7nOf_s@l%D6d7Yv_*-l<RL
zxv_%bT=kKjOsB>^JJ2fHd`HG+cR-ao(lvkTrO^KX-=1%9P0H+k-=)yR^vLJ5@Q5Z0
zxbXT}xB4;H8TXi*IBBQ!heRkpT)l4AA-18@CZd2QolsLpE4w|Rrp~5@S50kOW8U-k
zk-;6Yx^Z`S%#ghAu5gwN+P(Sl*?U<OY{=J=o$+noT@ibt>5Y!2Pg@(0b)!4`&3Fco
zcF&JJ*7Qbe)2B_1t<g>2YTLA1v}4YIw&l#~JS!O8F~^x7rmv|7RD5gGryY$mDc*m^
zLN@Pr&kx1c2{1wBwETp8s<dCMy{2hPYfV#{M2n}h>EO0agQ9QDX?tV00Z-6GtZl%v
zIw}NrpC|v)xgW`8VL43JZ#HlRijLu1@(FkfO%^!w_T^PzbT)mu)oD>2p58$GgWMnt
zC?>?(LQR{1Z3keyPO?(_=fd{5xYZ`7ZPQ)`+n@nYB(6cyr15D_J9*C4f8cuva6@e!
zLQL&|Rso*tU}3%$&b%fv+94)G8a<QGY0FilCI|5c8b9clqQPgpJ%<EjKHL)8y`Ne_
z7rErbbBVrN=Egp@LwjYB_%!6_Rb_5`BIo>$^}e;2e=;mxkJ^4#xtz|5SyK<e%KKi!
z@mw6$-%T7CLZ6Hz@Dzw3drC9wS$V63qbt#>*mJ_$_7yMr)aST9uIg-j6BL!>{>BwH
z2l>-EKAR?M)a17h>}pb8CT?_PS(e}B9AQ`3kJ2}}{4|JvmSZo9zFQUhhqg`QN824&
zcQM}bYW<t6;vwh3(?+|AQ8)68)uf%##l5433AnA{@R8~9)t5XvsK&Xm-8o?gF0xur
zLSXp~9W~C9m)J{ezKvq3LiitUOHnU>#_lJ_FZrS>wO9z5K;>tT<{t7roM=?lCr-$B
ztJhz4KsZrX#Afv0*f^Z4Wygq5S)}$$mu#;r%}cKsAG_qyqN$<S*`t%%fF%6N&)^8l
ztEeGe^3+IU4(vfoANASZ)b^Uu`FXKvMd8?PxQIjF>dHi!Pf!$AR%P*Z_6p7yYV#V4
zYPwK&YL?D8j00ZL^lpuNsY3Si-jX-*5QT~y6pps<Sc<l*RG=8p1;xY+6vt9XR>dwr
z45brB(=B)Vb8h})bmVk!@aZ5Y`U`=an3V61fQhVgT5eO}!~~Y~4ZkV^7|!3yNIPnQ
zkB$4l1_2*2MAkVI-Zq4Q(6h=%XYhDnIDw(4FGSvRbb!c5gh&;MPcWsg`7baT|D0c0
zYH&97x1_R&89Kpva01bNR^c!=Wpp_DIU=cnCGxxx@QC~Kr-q`Pg<7}H9Q3G=C`GL(
z^$kmI*oTk1HSYJQusCwV$W|?Di&Fbpo(N%UIqBNUAr%rI6-q~L0HY69F|IfBmM-}O
zh_yCoK9QQ)LDBT81hY6(@I7y8sQrY|S=7FhMeP{@YBvBNOBFY9HrQQn*u9G+AG?u6
z5m1BOIl}JEK6X!0gE0^EOc)JXf5asCDGsP#Fir%1L)xy?u2ReGsu*EgM(HX_za}!o
zWt(l&{+z8%m+V13BU=~B8dmMO(REC%Q`h2=^Yy8*6Gyq#$(e<u&+0HWmT~-owl1};
z=Ayd96hzLummR`*Y80Dr>|Er=-ieHO%m>jsQtnb<EK!%wPx1Iz?bY<)?0(@yO+O~m
z%n=%laN^`DN^fE^VO0o9_fMDnk<v0YSPfz;6_a9^#OUzJqh;iY?$idnS39DW{pS&@
zIJVrs;h0I-kgyQdj6@gIzpnlF_^2l$vExIDF@vVYt{Np#SiPn(8P0zSob`9+-A84)
z`6tC|w}6EzTq~!H(n}35A?P)KYRt6+^n6R`mr1A(68b9vR#^a)jSnWzpk|+(;E9+@
zTr+^VoZEGp8=zarH4;CRC_@-|3(p^&rKsP~f1@a!Bhc{V&e2G0N|mNjI5wyp+Nv!d
zr94~*Fuo{q96Rk!iw+hz4~C$x&VkO=^}HqOf&JT~F_jFBHOz&PH?-A+V|#+o(?`|C
z-q+r*ons1NN6oKG%+6<2TEvVXm#Gt~SI#<9<j5dDR2SP^H)1swQ{H@+4rWN~N#dLx
z&Q02}v;HJ<_#&V*#`QhdYWV<%3W)Bbbje!sVQGNjd0P8dqzda|AI8|pvYnpV@_r}B
zBC9mir!my+PE<-%ZERERh_-ZF-3Yt{H}!9*pp8{EK6ofb@i8w(Vn<I%6bxg?PGEo^
zbE}_i^uqZs!3P-N1F2$CJn{vDI)WURGlr2b7}OD=#2Lbiy)&kIXGr~bhE(s2=(ics
zc1E<l@!{lilG{SeGIi0*@8=8Wv0oo=O5LU{8SU_;fo#O0Zo@ST-&890V1@}_*T=l$
z^zB#nZS0P5R&a5);O+X@#7Dmwu^8`{`GF2_pR!>&&-1nqU{~iXDxcq@^4IlYJbLD@
z{hCk8)?7=?sS$j+`~qw9?#&qu^lN;{#QU-aM+6OyeJW&G?^D)FwVS4TbH3f}28_h`
zRqIQczPxQ;yw~$~V-HAyp#w+SM<HTu4z=8&%^~zv#amF!8uOk(?SAA=qQS%`6}$0M
zN+U8Gt<#eIJDL{uy2gd8NWaz5_z_(7_u>qka*lx-mx$Q}!4i)D8e4)R@GIFHR(A~_
zAI6ucALve(oH;@ppjQ<8VM$D1%56VVwLNHmJnesEtvx&IT)%x@pD>6Xn>8ZS{^}X%
zI`Er8_~?yUYc5NPp)~;<OK2=S0!L`{sX<|2SwqG-WLyKVqz(N}y5xz9T!2n<V{iL7
ziN4i=%VnzxgwJ$*ZL&x$i1IciyWRHWvH7eiqGN`4K-hVWh2BLMDgtid{lp8A?3x~w
zn4Npb?>s`m4EHE-o}2a`95yMnqr1H3VCY#IN4jJU&>QEuU#kS_suUPi7FCCb8b7=a
z`!?RT#fl3ecL8|UA5bcmx1OyUHq$q&VIDQe^`}yT81o3FRhOHotDXjJf3H*mIRLp#
zdpe~Af_do<5ry$gm;|e-HJ07CK3BN0cs-?@Vlp^GqBVME?{G+TtEw6j?eKrr`9H1x
z&%OT7BL8Qh|I=hY<EJ}A#!umYuGk)5!~d21U&jB%&XE3UWipkTPX{1j4v*eUi*916
zwnf~8ztipC6I-(6t2h}@V!C#Pt#$$k`HlUeOmGf~7u!!XPj$3MEBVns9;@tek(IAh
z*d9QMPO;qa>B>#(^|aok=l1Ai%g$rse9x%wY(I|9G7YGA{udu-WA<riyi-ZAn0=`l
z?d@V~K_KD!<ZYO%pgS7W??ZYi)(3dNvm?CCJLKSkyi^hIsr^)hJk!0iC6f|?6V6rv
zPV!`r3qx(1-@eH9fUh=gVEY$c`g}dAyv0wRQ>@UMR}f{T82cG6)aTE{nPOPrpXIwe
zudI+0HE}ji)t$dvZ6B{3%4&Q|aXvc>8(;O~kVRr0jZdYX>5})lnY6Qi<D>rPhQG4Y
z^(P@1=Q~WgEATHVPTk7+eEeAY3N<qUMuO^{6R|mGt&)j%W#OQWhwUmp=`Uu`qyJre
z(iNJ7z2lSKEjG5x_@syCw)bzuCp}$_#rud)`t~YjAR&+$Za;e3I-b%chxx#@ieK~@
zpR~}=P-^A+ick8MI7Du=I6|G|xWneg50Z$$GumnXi^fk;tVK3%{AeywnZWVKms+>4
zizLqH^!t&A{@9_`Bg#{|$JQ&?$x|VfLo{AfL(ZiI<;v{NU6qFbM?ou|8tqIsyuE$h
z$Ic_`V9bTmz(+g_xg{p24}nH5$60>~9;qE}yjo#h|A>}RP6Vs?w<MF=Its)2xa{qG
z22WLlPPDzFJISPn?}QI@Pb2nm6W!<)ukG)alTefvudSGPZI6+1CfS>nJ;?th@dSTi
z6?{oN!5PY+ICdJeT>L`8SPPh1{VzKfcZju%a@-*ZSf}t)gpecrRHYB2qG@hpU@e;F
zi}rB;WGdz0gpBc-_>Y&0^t1jS7z!-@qciU<n)grdr7|%f-=G=A<6J~#Ji<GhZ}b}|
zPB!vDAi@Ht<qT_MX@%NgY;{nhQb~QpBb<Mj%@S?ka8N`00bK_*(m#^R7Q>%8pW)0?
z{2nn1Jb=HdUxs~T?$&tbjK;7o{t{&S^79#L*g_<7cI4yXB88>1ElF`Lr}LC9d6i`5
za~Ur|e=HIu@j1UF{-jWlsrObYXu6_ofYYq?K_4M9Gx16@_)qkKe~|RAp!I0K4}Q1Q
z2Mv3=q}1<&Iz&ZH`~)$CZ}=go&a@xI4?e4RywvE@qMQyrQ7()q?&`V3T_wh6aDUsX
zGK(Mj{XXJ{3Jk?>**lA1Ki21*Y*pD1uK5CKH|#ywp}sW!D)HWXovJyS`g%-fE%A|`
zT>&oNT*avxA2S457plA_?)X7Z5PrNnUfG^b9n!1RpHwPgu};1F{+s6@y6a!pD3IKC
zukIEJ)GqQ{n9&z~8RYAXH8?MzipfD7@qL|i3f*_@v@8KVlGYvkKD>xz;#D3@SJ1@D
zNaEXBQm;_X^u`9jNfog*tzN(K`~}VBuadtt*}rL1{(@`EU*l!u<G4k>!UNOv*Yt_E
z4ffXZbKW>+&=TWU?KNRck!I9EUhgM^dBHK%5~Dl%J1s|(O-_Id$R<Te_c17<;uQIR
z)hD&P5{^C71Mo8sf;{jVldEWAOc({l^b0rEsUX~YZkt#^`m9PfF?(GjftXsI8~iSy
zgp>Kh3_o?z@i7tZxh+(INg_=C8J7P!<yS9-j(Q-lhv|CA?ROnqsjJ`L65o>XXS5!A
zc6=^tH8~~v9Vc#a%f?-FoKTXCh-tje5Er$R#+xKV`43-6L({I%Wj^%IkV#TjRYQ#%
zYc5}-j$mZrC|uz{c;fO>DoU4}a3F&(cxTG*1)a_}Eo4qk$o4r#j;;$S&azjIu8&{H
zyxF^p07*u_c$%1d@i~V1_w7zcPd=}2+Qp3`3E!Vq)e!%*j7EtKr#G!hq&<TNdlpUF
za}V6<sN{!U2b3dQbVUvp3mT{NCLID=QlUIIn^ZAaU}4Y`kMMW5pEK_lG^yimZ{j$>
z2EUxpn&$|#I1MFTp8i?=3PIf>$OV?g(PDWsePnC$_e#T5G`V*T7A{m{OxAj5NSM*$
zR82&O&#v`H%d~q^D2(Hp`Xa}64W`i#*)(0;IESe83&J|oS7w>Md!rm)f}o?MtBWpY
z5S@9q?9K=LJJ(z8f;p%!1(E!%0>qt^IDq#z3*b8IFds`_66lM_s(E>@en)^@8ZhL3
z836ZlbB%n*{lH?)29?Mc-y9t{o=(|DJDN6)CvC3%;1)~+@C7RXCY8>rIi@Zy(sS(8
zHDv-v{S!F8qkm)#xWna&LuD$dBZLcRMtyJMch}T(Jw})eAqh}xBjKafDb5e3Ag9=v
zH=N?`#HxsUs?$7HbDM#w)KIOX38#XA6h2yc$qWc{#OFuB0O1&g@sIAQght6mFLqL~
z{ESu58M0e;aC;8s1;#Qd13_tW8j6l%q<L@Tl=CBYkk0G4LCa)6o6(}O$BrPLI?TeJ
znaV<*R>z=+M`h2{W<z4N3H9D{Tqc(N+%+Cc{=M<A0aN!hVEXMrKYqwWCUsdxK)8t;
z3^WeU5WmXX16GBTJu6^gnPo7{F(65*5=q*A&I<M+>ano)<hrs5!uPy8#NoP_FKVO-
zLsD)Q8kklFT}BGgL=#nOz>F?1QX)#nL26i$PQ(XtUWOgxy}yW@{btmu>BT&HH$Ny=
zLKIzIIOXfYL6y$F(EbEv9WH)^kDPgzh8TbKYX}$JeV=OQW~$9hXixWhvZi03v-u;a
ze5eDQ_JG<L(oQHpLyYjEVNk6|tqDM!ilE#Og7eAGezLKltTex|H7n9?Xe(>uMY11#
z;D*(qvb7DPbB7|BhQgQd2%e^AK+p1`#poj`)I_+V5G`S(D(W?wQ+g6a=&vxsT`;x(
zq9P=ii_T&O(R4}6K7j;#PP0;mjDVhFOj#5U!QFs?(4QgclE(eWpUs2YJsFHu@N29>
zk+6biO_NN&NY>2JKbMKuW2)TAb!FLFbEb+-G<Z{cEv}&|8Zaq0ahs2>KqoR?j5Qhk
zDPgY+BS_p-x7WQR(HVR}^^4ZfwiiRqtDWZeA#+Krk$>%ySg(lmDMWnn>$!71`Gma(
zj1zJZad+{nfDGtdtEGzqvusEQLFmJ};7gSqgy2O~BZ}@hV7-R>Z$<w2W@c+o64}Mz
z&ZC%+DD><8<_ufv!Q?*sS#Kui#tz6bIl*qS4NCjhncdsh_dSCD9<$r^xc+Hx(Ood8
zlOf||1@6JVRbRT8w=#)=?qF=_(VuWiY@1j9QJ29E#N>IuB?Fg1o}+0kI`?^s5T-%#
z%74TSQ}R=`kESCLBgPx7WS#a^GW<!C)LRTMWSXT;wM5Q|dN&b0F!ht}MW6d2_fAa>
zvXpr<$&%zeMPBj)+RK(aOUcsElRnZ{=q9%VVRC+Ziv(Mh^7!<$LepE^-aC}U3C%?9
zm2;LrGokZZ3fk7J2ok423|`eQH01siR)<9q-Z6luVp1c$!+z%9$hTN8FW;`Y0Q==d
z*&kA30ok>HdgOh)Dr7+NKKdlEfM)Ts5JaaA3LrO3VHV6w?Q6RiL<h+tQN_>w3qWPS
zKCCaW=U(3j*jHYX1NNoY<$(Q_zQC>{yTC34Y_-;*zIgBYFEtv>rSJK@E#pPKtx)2u
ziGu-lqjyl;?6139S4|)B_ZH^9tKkU8wqf&WTGol77p=FAzZ#ng$nQqtoWW^dhnFm`
zB%SkeLjq3w5JMyOT_N^erBL#&Go&67W(qc|rAlDT!<%FbAdoEr*o&-cw&2CLUcR5X
zMmv*PvqfT`dKc~|t%ideIv(aUw~|-&Pf`8TwGJ$HMii8Xa2s-3-m{9vu8i1D)UPkg
zY+5yb@Nqh+<-c{n_Ak6=AF@8|*VTtJii18B{-=E?>CuPZ?VHnw#*ux%&ytKq$oL}S
z;|tvy%ticqsk0!l@AXkY9d4NJR1}mu6^4UAXiFqfFk8VNsUQ+Nrnhh(&ykHurTEfm
zto`jSpW$dgy;I(X!HmdB7^eg@^0608GUR@5RtCAH?`LNU)ZtYN;%|9>`7oOrbfrum
z4hvXAg*Qa6!@O&H<?B2X@S)D81xB40T86+L+O<Ex=GS8NGxoGkr*3qaC@bH&`dN}g
zP0KztvTa$x8`^bU;vPwky7)3JC?P-YgR`?d93f=1K~ZPjam&Ol8o5#j7r&j})@%FW
z<uG6Q!}04(?j#DDq{Ea^v<>+M?jb_7zDS!^8ExUT<<|MQg@R4m0>7%CTQQ(#92dM>
zhVd3JC}+)3(0GDIwn(*<ij<*eQFa$C&~{$3k_teGU!DO|zq|Ckq)UZ;RfC?_SR9Vu
zqz<UBlSj6u_LV+4MHDj~sI|6~34ks!+b+?Xg$+Dgj?#p5@|*RWnPc1oC1%rU-z=j{
z2AQwfmfj|lqEd^lIEzsizbA`wi%rD_U4Zgr-EsFA%DMl~HviuDuHYVTu<av#zK?V*
z@_eLgh1Z32e`yyWor&X*<HhU*Us2WzO}b)&kWZ33SF%aD;%-D5<4E$`xQ%*DSmN^7
z=SOVNy#FDG$Z$uCk>MLg<vH{heRrD9B+5Qw;wZ)`#htp`@29xZVdz_8c-O&{bpQq-
z1)W*WLH#vC1WNuOi?Jaq*VS6-JmgRPl6f)N*6k`ou4zqg!qg@zAtFbjWLDR=^rkxa
zVsYqEbvzu~nEWaak@!@6`E)-2B#zrWjk8`M-Y!Q(V&xotp%#A#AP3G@J>Gz8?j_~*
z;poaTSx(%A_Emdm9k!%3f^hZT>Bc4$6DP2?+;fIZkkAR-``+<4NwAWx>S%1$<u7ag
z2+ckXNOcTqQRq=Hi|bH0_Ih%WC1M8cO5A9dW#AayP(C2^sQRBea{|2@6f)nd)JZa%
zLdA@K*eAd5-t5~thg_4{R1PznLgtYL(D@AqF(!?pweeR}*sy=<2)w<la`|I{B_Ek%
z`ZwYbhsMQDiee=dr%Pt<DHo@3tf0J(xlmMxeUyOSay7w8tIUnAoYpnzprVq8evH5H
zty_%ECA4PK<Y8-lnl9z#xrXOUX2>&>$&TPN>$M)r00aiD++-_OQmKXzKgfvX-{KYc
z)rvf~c$Zm)8@)@TMv0T(Rg)R}!S3|7VX)}#;HEi6{Tqr>!?-@PP*+UOp>yoXa4qcc
z+Xk2Bb-zy&{;5Xs0kw@*pE~2$X*x#y89OO)>YspV=sK;+#K*KkFuumS7=!NJS;Vgl
zfzwV5&In?YX>!|=V-*lDx}(s!zEyvtC!lw5?<oFcg`oxQ;kGUP(I0L{X{f8-GVAL(
zSV8%-d*saP?5~4L^O#^QpNoaDBrZ$st>pu;+c=AyF8O^C0vng7mdBmumyOHeC@4l&
z+?$78YgYql#kN(TvkcI9xQ91ey8GzUPx=4c?Qh$FkcpV4?-YisUzoYCcm`YBFM6-;
z&OPq{!nOmnW6>acH<jVz3K2Qog??v;tN#(<B$pVs)12UMByk=SFu`h9FEKfW7IJYZ
z`wc(MD{S}yr>)C`-44Do=_cq;9ePe+QKA#Ae9;nCzjy<m%*<g1qIAKw(X?R7m1d#}
zjE80fX)6Pc#@jfQp^dFo6_MEcI*9^^5zek!02z93(X}GgNvD}J6-=1FhuhvQtV{f~
zm~(0P2A_g~cmM2u9U;d;=@+r`R_N9PE;FATj-QaT|NeF;I*0A|*TcHf6&c&OHuYSt
z|6HhP4pM5leQtQj4R+sM+kIc9u4yAa$|n3xGQLi;ZBGvJazElg-*uv>%NDN5RH>aM
zaKQ%GLVnl}ZaBU!ae+2{j}qj>deXnFzh4;6r#sYleIIBfala~L%V+^Vww=aJW)Ye<
zLk$tZeH#sjMRyCCX1QDf-=5MXckC9Zlrr29xGv)Rfgp)9`(3O1jbBhZDm||0%45=g
zP><5_3kpVsgJ>QV<C?}Clh^PPK|G#E`Fh9qu{!Y5jPiBsTWGd+9)|6A15g`oy5v4x
za_0c;f&5l4c!1bfk$gKYko1H{r`Q}zoMPY2q&RRoIaPXrIh2U2iD8kKa%k&%VB)?F
zJ6T@CbGqa!h1NsGaPZ0dTjZgq5*0{m(IIPq8mIUy)jGK{XEEU7N&qCR&4a5>dGUVv
zJF)lQ>VtX7_>v}Fa!mp4M3+uun)@yWTKlC-R)__#Uz$yxZpn8mIli=p7wz{PLKfGu
z3_~#x-|J%K>EUyfxo0vQK4bp~Ld+)$cfxzb3?Bjpn7czL6%k!o7BzYhTKF0i5=|<#
zN|@86gUN5XgmQ3{GVj1mDAl9vG{rIvi1+HtBpm9i-KxlYQVD3J;AFG6OfQAr8DHx}
z0I)eIC12buRc9}%aS|4xk?*CZkf1A_EXx8_)UO$ZXJU}js+3j^B8XW|hnGs<Ev`T(
z2COOGi%~6JVR_!GJmJ$ETW#Pe0K_Y2_s^@*D%~8Ky!~IZ(4Gy0lmLdki(c32bE!th
zJAR`UpZ+Ms@7Dl$pM7Jnln3v(SDGxlmQ_XWhGjSXs+8qtB>tfErbv9b)G0Rfo#vkc
zJUhpMH_#a;Gp+Z{?$`a_^9Kt1+xz$fK}-^pnXUC2&G7&ogI-mS<3)TnskDM@Y}l6?
z>~C?ho_FmS;I4eX&?SG9-F)8^HnEA3a^%$~IUoofNq2w}7NAp+b<9DfjCbYtomsf!
z&G%1P)yqGH%`o#%d8#%sI~_U%mlJuYJP>%O;GpscaeOpHMmV)Q10+b`|8iAv^V<;H
z&v1&>cU4K3d|wm1_ryEVPwqMKj!|;g#5*WE@rI&6mFCX60aih7n%#;XkkO$+WI#sS
z4XNG8=z(K>GCJ!gBBL&To<l$W`Y^(DZ35|BJmJRsNmshOF7~vo8n;Vny3CFLq{wb1
z(r$D({-9507@j7>vF(JOjwgoWKNA_E4J}7VJ!^Vfbj-5^invGF{Ebn!y{3pa`hTsp
z>Bd};d~JD$(qb-Q1b9F<);_R~2+VflC!(v5BNH(UU=qdf7jnKxtOf>Rt=Wgs4Mi}x
zF`A00*oja_O-SK)pfS#-><{2Fib*vaxgm98u6(m7!7c$O%5>u%<14o8iY-q@U_}a0
z>4y{)xM}oE<$)}!+~dUh%}vBjgeWIHmHTkCZP0w50T`%*@eryp;;%SVB<Uxes>8mc
z@4`J?tq>A71gax<ru!qosZ{SY77gxkXR+vQIS)5e<!0^mx;M7Hkmx+5*a@EBca4Y*
zgqAnE9*C#;%0MtmHUNSoxtc#CH>mmwZ{+QK;9O$E-U=*nwxl;suVjFKb}67*OZZ*2
z`h3kO-xfaDONhKeF$RSDe+0Al)UV)_{xaecQ%R5M#~#l2Rk>kvwz3N6#VYK!=Zij4
zA-Xg3qFr~z47Kffh`?N0!VP{lkzXVyB(4_o(>0&8Ai48=79;~V_zRMf3-$K-E5X}L
zy}cj2Y0<&3B8v(YDA*^hMBx_l=-Cx5)>|_?OrsqLU)lLKS>LAEx5TllDUckj8WM$%
zo#z);r8jN(l%=!iHBtC*kp3@MdJ6@TzJ$$zbMG8DzxD6Jc@hOu(@>x8sxsTvO*G-h
zKszhIR!&QQP<I31U-)-{e@X>J``$QYwSVh13jln@w|I+A$723<Obn?*&CZ})W4JIN
zHPCB$J(Jl;b-rO-^mT**v(am4G;w*h<?CX13w0h&1C)_}!F{dXs9Qysc*`}wT#keF
z;-Y#^diafL!1G^>*#_6;?gnHM%6nQXUDZ!rnEdRQ-TW=(jURm%O3=wcyZ}F+-OUTI
zokbE_h#SWM6CW>K=g^CYnI%>goFyz?p!ow0DNS~`eZf~ri^kkeKty|2amdqLRL7pk
zmsjxvsz_a)ZCNow6UUzW97S1qs?!z1KnL!Zy<mLesUh-Y?&Hf6zC0|u!IwgR=eho%
z7r6<!NH4zrb94ZDsH+38va~jwc7J~J<Bi{z6}wm_ipCMR9q*gh@RiWEiK7Y{_vhNq
zGL9+=Umv~^+{#Cb9F#mT=hM=!=A4mSk?I$FlAD-rYz?}`>b{o6qKyv>O5@`!0iu#0
zUY0c`r8lvbqWhxut|2O&$`FZdS|<-EXM~Cvm;nsTv7P4^BU=hr{Q%^CQ^(wUl->PV
zz-7Ovud+}1Ws{V}is2?uIjkA)g2d;#!h^VxX4Yz%#N19kVx!br(6fcBsAX5sy}NFR
zpu01-1+gZtuty6?5>sdQ)%laDqHBb^cmClHtA1K;^&$rE_k=CY?Z7n#yHuHT2*WuY
zS=ovoKzA&E{sIk&6#KyP^?air2U|mL`UER`?}y$PT4ESx`56vU2E(I?28@#jbcdvQ
z7P7Os^<JF$E|FY~7nE<Sfx_70&K|X`9u66q7{cnBO)cHjMR!n?bp?I1OP{L8zZ#cn
z{Hs^c3H+-oOc}pgU5{T%MDw0b*2~5RPS$(nthfI!`dbs>k<07<HHYiOrx`wYR_JV9
zKz#NJ-=5ahU+iP+p(X4egbJyW?iZgwnV*QigOIh^aNOvLS(P6<mm={$cIKP_b34Je
z^u<obw70t^7SdXE<w$GWvw*?>P4py%Zgwa>v^+86i|Eb)&iD_bJ9ldw6#cYc<JaqS
zIY;UZH2OrzgEPC&<g#$gKoYZ|Dbp8HzmQJYvYvWFsC|UEUD67%xYe&;HkunAWnsqf
znOJr&58hS%3FGN!2*>9u3G3ag%mEq<>sB;>Ll`v(h7P>82cgIf-TRX~Z?i?WR-Dbm
z;8P6FAW|MXF`rQ}E0^|(0~8yYTAb!_cvn%E-KUg1mNly^yn%AXuE}BwNI*<=K4=B0
z!CIORtt9Fn5mY<$OPmkiZ|zh3V4UW)yDRCD@?x-UcC2v1-?%}8o{inT2KysE(<|47
zY>AC41==BYHqWYhA;nz@t19&!;}`97dxEZi(~^Jz_FLz{x57<z=3w05uT;Gl7U;lN
ziCuJR6QU9rt#MJB_A!9~{M3FkxH~e~U--GUtx1>Kp4TwWjr-~8lC9fewqO7927}EO
zgtjkp&fB7}Ww#4b3D+{sZ*C3=A9s7#{tCM2>)!q|cD27!V;*!FLcWx~fqC5L_*<|h
zv&n*E=45cIoh>Pd{0GS(@%_Ci?@_!KeBBo=g)uVUDaLnkM6+3tWWKCaVe^w4359A?
zvWyg%NAM|ugB^9!rtk9@^VbZfk+;mTFN}klwsDXmY9ml@qcH_dydK`SU@ux>Qkb%;
z%-|w;Q*-uKp=)UF<;7_^h%^n$V&1TcdJn>ZwQjTb_}ymiNq){p|Nf*Vp7hxV6mT?x
zv=6AN2#}}SFTRTU#aCq!88Xc^ekHf5NFPn5IQ+^Ha^g&}TmwU@P2M%Coi$rN=9p(#
zwdHf<NugS$DjTu%#7dSrvrcsN8LAA&*2{TrEulJX!0Y*ovz2wCmHK$_iJZ%Vl8k8%
zKr-uDZX=JrfDz{FwUnG}bx#pSRH?QP*7%kC{zLb}4Z6nnvVn{;3+l^7Lzzi($-<mT
z;xwOa^p%+??Vq4Eo=B25a&$06$IaN@nZE;u6B;;QJHSqJCx69V*hI?ZV!c?{kfSMt
zR4<^+n7%5yv)F2{EiXhv(#1N5*bMivE4Bu9y(f=Cml;GXI07@47bn~=*xY*<2)HHg
zSy*G~kHo@<{@lM4P&^NKBjpFULHXXC^%ZD2!$Y0s9|4&9q0KwGh6S&VO$OAwOIV)a
z>kf|#*CiU)$yHzWBDVh6ao=d05Z=LLx7n%9iy8(;mL!oa;JNWS)`Y?Sj(G^4Tu4)}
z!p5c2TW2Sy`Z)1f{FEQ&=>5yTO$B&`96f3eOv;7nWkaA-Jryq3Qw<h^!h!xH7U4q2
zf5a|aIMjcvSzS|qo^O+C4;4`vv=RcGZzD`YWvZQ(vjl1KFN9Q^0Q3cQ)ypKD2m{K>
zz;K{lJkY|zlV7Za;xD(fItvbUcv!L?tM$<^R+q?t(I+J)#3rfI=U=wvq+RCHbV<!e
zWYeNeJ5Stl!pkM)Wyw1z^smrSH3upsdNs1$De+t|I`^|C+O(B`6ICE!H0_Fl1!t9y
z;Qy}~P)u{!&<>eyX4i2!m~n6-8$<TsK$hCmFA)=Gcb@k!Q^+?>`P<|*#>R83??VC?
zXk|3{kZ_3y;1@=~?KW<8?V;)X(CUH%@(Giy#_MA2U&khvC2O}!s${6`8s2P6*QhO$
zI3mpEvQ8lR)aH9A$YbY03z7zU)rEgbXNu6r1`=X-)jDorSl74&kvo~5CHJL4-_C`g
zPU^081VwWXiJ@tRxNuAPLj+Ra08|(IJUN5>VaB1@R47?d2eHX=ZaU9dFl=xz{-UWs
z$6y%h^51$$DTFPROiPu+@1raF)y77xiCwbBV&GR=a3nY@GlNJo%nMaK(pj>%v*hCZ
z>UTo1_ni~osddJEBr{q?<8mzbZfvbLY8reDP|HN+m8r#=fjs+6LpbYyARxiUbZYKt
z!c$X@^U)u`;Fj~Y;I{G(8<@{+-%)Od9`Di_is`1C@E!Gu!;+E4-q$V0HQo1{mCS9?
zhMw`{3gh5a#^x&xudo4$Mvyp3m^4Qu;Ud^#>^I{u@no@YZ#^6DQe4*Y5**!7db;Er
zfU8`KmFq7-E{RzBw1aTfW+2;3eM<2r672~`R#m|Nd;#Tv#P>mw3~3_4R|Fo16&WeC
zl4Qz*V4*izk(ZUWWf_1Z*kAukAye;;Zh}1!wA8}r@Ruq+4pCD<v3?4;wjwKK`;t~A
zEPmC5p!Jr;x=E`YMg9=!TXG+`l?}p?(7S3{NUG2CWFkb)H<2JKVI+2WS%%*|hVGc*
z{@pd`WromgBcDrdqg*DBE0StB07+y*C;3XRZ$ymUX3M`M;VzA#{ZkP%3=V4g`9G6Y
z#}82-xpC_k^btFU)A9!%CP4R`|M?eW-A+82WQV#5vzPTmuu_BV_iy*+<R-(7d#|gK
zcOUL^)P9(=kI3bwfpeEk;l+*numH;N(t#IzxkB70C$%L3fxls-=Bku+KDq+y%J{P6
z9v`LC=9Obxd)jCBMawDzY-r3&eV?7=N=@F34%DYgxkx!6{)P6-WUvx<moK9GeG~bP
zKkt&rMP;f;+N3JZ*#gKRa~%3RsGUhW5Zr(HJku#^v7CBSh5RKDgNAN7gB79Fan4YE
zh}=`A$=<K#Yl5)FNaY)p3b{^Bm+X88p712^HbLxM)R#|??`J2-|DeLAOMXRU5fj-i
zH{rCfc~c?@FE_pn<|kPWX$DIQzbZb(_4Zv>f8(0DI=~npvVoEg@EmB6FGpEw&vePx
zts;hyfIPNK@qoS((^1Y8PozuUczYO=#TMPY*4ul2vMsaTmXF|8kepq251qwXoORYF
z`#tNRqsY4AU<uC3t_)_3^I`=*CTQ&<V~+~tQn-W@C4du-E-Mz#Zrls{_V@H&mu%UN
z_bVVNg_?@^F{bBLi?CeiV5;+@)~U{v){mU&t-SEZP5h{1WUIdC@!fwie;LuSiz`bf
z?U?e|%J=XguYEkuxpdG`CQu}iraBF6Q)``<I#UO9^S9t)pLFdZogu<=N_bA4z~=n8
zk0&^fY_B8O)FFWTA!;lq>^(&fJFdRC@oBEpc9C<|SAP~A{iX&7K=AXrCwZ-qfH)F(
z`KFBfB+F~VVLV=IB9cAUwvmrBnm4v_jK5WGC5Nn6|7r}{Y_5jEw^SDc{!48wt@4*v
zKb@APFmGwcJ_>xKg!4i8D(tzfXsUiv@?$x}ZGW8rMuj>UsR7pXRwXBKaZV?;8SA%y
z;89&lm*jiHxb@Zatg;N#)2I!30ax_L%zZoKcEx!d>su2A5sg~XvaYQsauI$npwnqy
z#TTGjWcq(<&oKJCzWO&#$q&%i(!8NoFA~pI0sN`Mf`<;!N_iVZ2~-K&hDS6fo3BRV
zs;x4y5M>ezQ66Uqen~h4np)AdjPxP4Dx1iq(W)_H1@8I0dk?%AtULukMrsF(_~b-0
zU1k=MDmz7!8#JGeHe)fyPlpIO5O)&7@~X1rZFszE|C0aVMp#{p4Ah>m;@!D7@^?0Q
zOcG5H|LsE@rS{*Ipd!{|?{(Qnc0TZ*jEpge{h%-@xc-<NW|-=u+Zi3$X_mFROPjus
z!vm(nQPA+b%b|MIhU!%-{eNz#28a$%U`YOnB+%Z6P!2zO@$UjTbHB=XHb8xoUf|#k
zEy01VC`-Qej^DL<vAxOvY@nx>CGV#|PYM)nAVC-R`K<nLBFWoG<jiD~weg6}b3&aS
zPnc9l-FLcx6Lc!AJf9oS!XxI3d%6ky*NEx?_+pI<3XWe;dyE)ysXn%Cfj1F$s?*)R
zQ8pl-14oYUaAWlz|8LDq`$%kdXL7iiG77(ihqhS6z0}8!=<H?M9R)l7>n$hfE8`_~
zrGhkDn%3}3=AaOtyS#|l5BNf5kf_Atc?6fB5XRxXNMa4X$1>hWveh}_&m0R+lw3TK
ztxoi&JnzSR(T3zk@3Oz@$y5`qO{Uqam%p35iYU3iUoxzc<tq6NE1A@!N=3AFDXFcg
zHN|_Xngc|GjXAIb&03W_-UV~OyOwL-pW1TvHOst{^kJhu+|d2Qv7)i(`H+;~oHgMu
zHpGI(X1sIN&>dYLeR04dJ!x0HC<+nxNb~O9viIOT3qdq8?In0lUg4KY%1=U72N{$8
zmNH-qkB1&g<KNEI@1L4ty^?(Y|0C{A;G?SU{{I9L35w4RHo>T<sYV-=YNBW}1$71{
zcn2n$Dq31MS}oE?R0=ad>q1~A!0mKeTGu|>id`P9wUxR6kGLdk2`&ikOI4(`-f<Lh
zV^f*m`*ZG{$poU$(_f$8|DV?j?woVaJ<Ioe&v!fD^F5jdJ~D-NA3>qvej##N-Kz=1
zn$ZGxS9bVA^-a^*wmhvsLs+CCEN)`|x4)^(^V@V!)z?q;w9x7fSI%Q9Jw0Eaz&cGW
zRPs)VRweqY;PomP=_#mzynT&Isc)P3m5sT>3h(#qkfjb0-E5Vwjrs?0c6^QOh(G97
z_m`^XtM2AUHNNbZ3&5EBjIONnhhzG5rAp=pc&GYy`5P>7Fz$hK&Gz-LO&!Ji%iey=
zgtOUgS<DAI%<*hQL<Gk#&w-vrQRxwkt<jN7jV%Q6{ZUVR-{y`#PvZLm88!<36lHB9
zB@O-|4N(XDU1~9%=1*yu;&QT@qBS=Oc$(FO0dF^M$L{twJ+h>|+OqhGA~5xa(MlKK
zoQ7PxrN$%bduMi>@wK5x=mAvi#LRhAr`LR<0~Uo(bR6RxzpJ4~5GasAJ7Q1Tx$cPL
z_usg>*=hB^YAtoF#XIQgweY;~TDGTm5&2wUyb&VexWnRAos>M1{jow{A|uh7WR#n!
zS*JXLmajyM*0hnSyS*{G>HG)qm?j_LS`DUB=n@p)tn~TjZW)LF@-p*#LSN;hPMHz<
zy>IeD|8BmyhHntC*CL=j8l=fwb^lkORE#q&9?(Ws;iR{BAWZcK)t^?#H*>`8Ze9H~
z--=Obca1S~&r|-hfOkeMoOm%mwU=i0?b;L~1mDIStysyc_>rsr^J|LTePZ^RB1g)3
zONvNQ&|USTB3x~wLiaDq8S0~VrTd!=41a$=Imx|_x5DJ?*#?uJh3w*Y=Ep}e_^V3(
zdHhY`X7<00zhC>?zk<Kq0{s6Df7bz|BK%!NQuupG0e`h^<RP!|vohF;=w}>YKX9*k
z!t*vgt}nFQ8;!jf0okwiRXXZOR?H)QF%mC-!81<f(bB|9@lj8c+#B^2=G&lNhe5p)
z|LUV&)+(UVH`n(<C407qN{hc?P|0~vsMPCx8~BuXr?qghjb2u`-xVokp>wklL}|Ew
z)`}?6OHnx1u^|CaogSj}U!qAIS%oxER&ITTvi~IlB$8A?JlKqG5fc-rSJ9w~BIr}2
zj)(OeAyeZ>dC1(`-47p=G59}4cSS>u-y_lWT1Nh7o<#c=mVdZ+o+A`DCX+qR(a~9R
zj*jm|0wAUZ5^ai$V%3}K=^rcl5|36PNn=d%Y1KCFdxu<QztX#0)EQ-_*DIT!UKu7{
zLe>x*Acca67YfH58B45gEzGSyc@^$|fO1;+ADpS#>g69G>Kk^RY$m8}wC-w;Z8gi~
z8a}LD<!;mI_uUt2wW2g%nz}~)Y|_+CQa9=~bw&UN?mbfn71ZQqvdohvg;RNyH3oGV
zNf+}@#C{3SP~hEoorF;(Y=?8C=x8cn#BGP&#EWY)zoi~c_kJy@J2YvH9h`nEeB&RE
z$$v)!TUD1Pwn7zsv%_FQo|C8n6)12Rgk{+Y^j_?T9$AT_q1XzyvRoOQ{7Ekm&sLER
za$1Ic6fy=EO#9hj;XH}dSkBf=mB*a70m`spqHIpeShbJwSKY@Lt0=>P6YNN|vlnxL
zw|VDZBB`4+T$$meptvKuwWV=S9&i1P@=RppJqB+Nv{RmJrUQ)coh8KmnaV<<P47*>
z8Fbmt-DJrbR<0Y%Uu2ZpC*Qym*cb_;774>nd6?lY!gbzkEs1}_ON9#@-|^5Ph_(xc
zn5fgqOZh(W8EW_+1Y}B2veVxFv-ZifQsJJZYP5}p*u%WKBzBHqqPE3wH|be`iCH<q
zQuc%K&_!Pszwdk+3;oEc(2{oaCL=?#(zm#OxCNiwOUTK``{}z<2?gFV>s2!qPwA;x
z7fS23skl`Y@24Elr;Q#89~YXZ7X=j{i>O`iA2yrdt(sbqr+P)f$X7IgiuOhvpaKyC
z5BflysB@X|%EhJE>~wg-#l^MRIX*9z$a2m<Cz`dZ=ZI#wyzeZJ&B@|(rHRs-_9lp!
z+t`L}=UCHm_vb%=4PXl;aH1E6ZpU+oN^@6>suXz&eLiZN$<lU)R+yE17f5Du{D(vo
z|D^_SJ?D?8Gy4+}GZq$Hbh~@-a1^O|>T6!BSx!f?-*-#zFA|Vi-QOtpcsF}ruiT#~
z_aOJV;@nzyCif{ofK{RA=i*+Xa(U%I2;-im98WnAJ3AXHEV6pbIKu>!rovwG)FQqT
z3w$AB;t+%}!r(-kIz*hRt`4gfqPd8o&pN>FNoMWrae5kvs-^;A@9UEgp}*sUeIBKC
zXLA)ow#u6~P-qgQN2~&-AtqEGw3c#&KnJ>IsN3<eP#BR|)O}QO{rGIqw0bpdk6zIt
zhH=F!7cw-s$t!`**FNW4(e1Cn5X7>*55H3Qa6BIhi<-cI!ODe;H{`1Ceg=zrsnRS<
zje|%5es35GjMl)-P#p1=0`R0b)rwL=8t?~RC01EDa9s!*XM@$XncskGo`lT2{0$qM
zryQyS!nP*&9_~{ph|u+J2SqgHciLvkfBqLELKlwW8UNK@{M8n<lb^$1Woy%^4USlE
zi#VV98|!%w4;@Mnr*V0TXEhb^te`Slc_9%bC`#UC9?CId+uhWSmzZ9Oq1LEPc$DZ6
zU)Uzw+pOcuHj?_wlUj}w+v&2bKB(oxNZLC_OL8lv9#%gZUy0(JQQ6p`LU$@-UFP>Z
zbUs!r&K+f4&mO~R8e)3TyS(9=VjYm}haz>&^K2#ro>Ir!cwx;?YhQyARg$7S)Wh4g
z(9XlcjR%^;vfX$@h=o>WE~B)}?>!o~Y))o;>WS#BSd(m4_3D0t7=Ab$Xec;Pu(SCA
z2OkDV-cT_yGjVtQ6&%;JkD+g4)e+|jgo^s!?U5;(AZTKoIxYgTLhMybp4dy4Q0>;2
z$~ujMu`fa_BjnY4cA9`c6n4Xv@=$++-FLWKC7e))MC3kPv(TKQ0U}zr(?a)SpYuj#
zkMx1ou5%-y-t~QC_1Dcu5-6e4gEcohXeZS6Dcj`R^~;oJg^NE<b1z|MQzc~*;22DE
zIZ0mBaDs=1e_})$tFoU!wS=!FOE(Y+tkMJo(`OuZ3C0i9j3N5H=1#c2ocgAcU_+AS
zR5+VcDOsl$dQ;A~VG4OibL=8o#A2-#O%XYVL5l=^?@?BI9?>;7nqK2wwU{3ftC@>N
zJee?be;I?sbnrAl$)x$O7k(7J%|~-!wp4{}HFNi^FIE;rvK|ux*zEPjefbe71}4ge
zK~#^m7J_RS0ZWSm(Zl^|<nuHGfahxl1%Tv@H{RZ>221Cu23zDFleLWf>Y~ZISt9hm
zGFf;0;-8(YJ|N@^U0&EX!#UpeG#A%i2OVXnO8)!dg$5-(Y!pTh7D~p)XU1Sk#-B^l
zfDlYVU5B3FL8~F(n$>v69%#P*{&_Svn4SFWlh0i>Ote|#BRyHnYL`y9M|F=3%2(IN
zs@Z5}gDqEo$ut_zslt*u07UqgX5q^}|7T|bw$~~N5V>IQC3C_<MN6izDjt#$HH-gz
zecWFLeXYJ8lz(eQUnsvbA5W$i%HJ|pDBo9n6QR7~n*gyq4cH^V$rqsf>Os9wUJT}6
z0`~ns`(FU|=cD{NYXNhEg3zUrM(mWF{rr8!O32pvQr<l6MfsaF8i?8=p1#A8m_n|4
z?PCWj{9S9m>4%E4PIOP1>`6nD{6GQt7W{@XhU~hv{>vZ&H=6*t>IJ+K``JKcYOeu|
z7kk=7TI~i+I={(-la7w?Ip3<yJLec}%y}wTeb`#qwC@fuPShsx*-$HSE1!$)ciP)G
z2Dhy#)y=R~9J`vZh63HCc4;Pt-{&B5qU5Bat8luDuED;;;gP_a_}{4o51QZ7nGn}n
zg+?~Rnr<NF`+4IySkn&*G1QP*+M>?|hwr?Hi+D{vcl`XbDCe1LiacB*e$XDpLZP4N
zR<P$>b$A_e=Iv@5xV7<&l+K@skW|!1><?4xYHj|*+%pxnDDmYBy8FX1|4+J$9w2$L
zNVAf-g*$1E+qoM%6!2nRD+`}X+sZiR`!4jBH*a&g!<yGbzMXE#DXxjtevDGi%Qk{v
zB(P>i6+evFCZ7WCJ6lj;-V?TB)2DmgFNHMy7_0j+*)hUT8V8&wktsUMbj{ReuF$gD
zA7@!)bhKMynZ(gZ>NL5v;z#ZR;8-PY9uiASV*BK(S9gKkfL;<+#5o<x;fbzP&%tgK
z8SxOz3JArL`OV2Y&!p}P2?%<R^Q~Xj!+o!~zW{r!uUEgj*ZLYw5B}Rlls9borhPiR
zSdB`HkYz!ej@Oy(%Av>PHyu~rF7-fm8}`rIDD8IKY*f+oDR1sJWtShDKgD??WwVF7
zr)9SD36-t(3fxmD5I2<>H8{U@nf<=609U%p7!@H6GTzR)+3UmpznmFB0(G`zPvas{
zPg$;XQ)FkJpgWlb{MV~S_tBxK*8fR%c1-r$<`oCE6<q2+_2MS4e0Em0m3MGfv-QT)
zi1F?TbRrvaulk(^nf+?^M6ZzdvRW_e+zZW1)eN<(baTsaY2X?^Hg#9&X|!vQM#NE2
z6TNhgq3z~mE;iURn6$d<zQbsf@5cA_sN!R5gw3zJ2aGgY*(bj>T3P-)X)k?D=oj^3
z18ETlD@gmML0cJ<NJH8(gpr;J6*PLg*BhNvXwyqXWh4A!9aZnF<Zck01vJiv-YzDm
zphDr?vO*0oFzyo1_eZEXN$hc2FP<)q6><1&_x$@AjR=gyPT~#q3NS{Dvn}qyoWA!B
z*S<A+e7fv+|ILQs>K4bCx;2g^)GSr#PM&lg-|}W@lE#s`A%`cyIsAJXf9fHnBGF|i
zC<iT^P<L>F?zK2?=FQ}XNL{B}|8Nth8mcEFqaQGBT+vlDU%Z{Uro}NK)?}OTR=E15
z3*Kx`<p@gHeq%v7Sb-WM<plM9M?M@tLEPw%%2C#zP(c!^TSZDVMv0os^(+Wc1-{;`
zW;}V1NLia?MZD?}WGBAVD}DK*`BIa{=hHY|)z9YK&0^)YAJ5XyRupC#ZPeff20w!v
zOUuS_Hewvm+*kzPJpdam0xTCn=jS`m|1{(Er|iv8st74Z08~!iZRjm>Z4eALplAA?
zonl^}57YGge-fsMq?06)7NM_?yQp$+yTAGi=nL6qKcHaWHHJ!zPlfOSc~*<<SG%Du
zu<XUvs^6=FDL7A|aDR4-A(?rCvHk+c$RX~5i+klRzmI7s&z|Mel}YX$DmJ!2W^UH|
zo{dpQNm#j0gnmR}srW(__i}wX$X$AyA!3F+LaBo8_c}cy^QV&yk-5>l&)<)v&8`N|
z$QLbyXRIt`%?#F>sW8aw?1=i|8GEL7x7#vOQ`>uMsj5v=O9x{c&D0jQmNsf?IfV0h
zUb}W;b%PfN(;r-g`>T7set&$D`dv5=JK^lcZHhS)<m$wggymaXW|f|j6HX`O&B65%
z%hsME;_#r!9J8@)=S4xnV~5kB4WYIj`-ZGvbcQP4PygVyVB7A4Np&<=bcfU5cr@fZ
z9vb$H^L%bCYsq;$yRX9KUKYxAI@z%E>f~_glQBDeS!t+km%dutT(Nd+dep$?^ref@
z?+%{6vDx`F)VBIJvF=b?*Tzs=Zs5#ERDe_mDSgw`+^{?LXJ?D^@?=@oMj_>_4L9XV
zGbiwC@}kk{s)3`^BL?Qy@;d%zW+=Hmrc>_YJNN9?#A!MWfQLqUme~sI{<eeyT>!*Z
z;i*8;i#0IpQLxZUc(DfXjZV#|bbndx1sk}1gkaiZn%dL;M|{PI^Ss$r!)W54B8{1C
zz92x>L9cx{QMIk9=p<4kx7Jv=vZwlQ-96s=e%BW4L1p1mCD{Y?O9EB4Lchd0BI%)H
z*|3^Kt^}xt!sZpil-&i#6k42LHz|9#F?aP00#-#d`hJnXYgY0H)J|Z-qxpA5slN{;
ze`)FX72$<b>joNQEm1YyH5A3NR2qAfn{Z>`$I{gt%VAphwFZhefFtFf5&CE$eKTtU
zpJRH4jZc-;sIr3;R+C)TgNb1i8M(~tXbn~)_3n{PS}ER}!d@1^`ep9*^v;5rw{Tv_
z+a)8eo8$dTyjyA|4rT0_>r6YhX=e-`S5c;33{)@n%?I~1y2x#&2PU{D>+v=B*I!d7
z`r1(YpLarnhbV&JZ;PKzvQ59*JvnmSM@BY$;>&s2@JBZhAnosb!QA=*CacU(Gvfoz
zPffYN8sy2`_dV||rSJMvpB+-zuQc<$X1A40(!v;P>G{X)J{_~-aqKageMikV2fLVV
z092Un=P7KayMqH*1Ffa23X{FMXtIrfDFRrSY-(bzFZu80`fJ=T^S?6JU)EfU7yGrD
zxuz3L^(Dnq{eB+VFm=d@!1>U<@1(+1GxK|FpZ?#>c8u9J6a5o!qBnhDCi-uO=O_B-
zH;Cy-KnzMigoPTV$Aq1>ohh}@qT&Fa+&XH!d)T{Jb~hZYN<^Q;T}m9v+aW#|2)Z|&
z3s<XhH+lMp$M}NoTyiBizjVCeX)DcJ6F)m5$KzQ<l_FSzIb@^DmOg1o4PZ6T(P^7A
z2inVzI`W9*-*5fk@hB#O2k#R`3n{F7R@#j_yhpblTu`xnTQs#F;Z!hH&!}xlRc(v}
zKA3TwM51A5az*GF>7g510{!DdLrqsz#D|2M#t)2Fj!RA0P-#e^$I&9rh>iBh88w6j
zO<z^%wy)ZToZ;1o8a&gO`3IME;}h3iY3J73I9fG!_{=bU%H#zG);~K8SO@5-d(`y?
z*2VE5{CLb7JJKVAUl%();;dKvg!I(9N!kRNIC&8o6|$(D?0$ius42pc^n5(mE1MB8
zp|svPR5_t&*Xs~sGsYi}Bo@e~P^;qjgq0Yo9n)?bZVybi{39w%pe4kshCQq_+3|WE
zG@HgU<MCd4u!D|3K=IP}sj33d8atGzA;JTdd7kE=a>3Kwb}p2-B{`=^-0~Po*2>!p
zb8A`xTVj8dZiQTLMtbMN{z%OrO&m|(#yYI$ylrd^<B6TGeod4*-9|IovNMvf?_)3A
z_JwtX>7Wm<2}CyVyc-(a3+|BgttwanQ_LoT5!*A0vbATm2Aq31PHR7!jmau8IEGN;
zX3z38{@N0BHLW}rIA>&|%dq=wQJUqTEP<`oeHeRlK~$XRuIB(}VFR$zJ@agD#oRI6
zte8b+!S?V@$x}W0CQ9-r?&WL{r23~@KTGTyXhLOJqaRD`95CxjJev<~6yrBRk`>pc
z*Cm`L^brVdqVN1Iir8V)Z+;kw<wnu9`9RoYq%OmeghPJYk?%NwS{e&Q)0Z}IYn6N4
z7{#J|D@*J$T{M?3SG1pI$`8($-#ywdZ^WVaS2EwDA=tWt@fKZ>Xf4G@jI~UY?tYZu
z*}MO_quzOdeS0)$RI%;uO<PM#va?Bu+$h#e_A>WuvjWN6W512Nwnj%-YYp_<y@LKk
zoOiMrx2{+59+>NHE=~*i<xkC*m!PJW-`!8LTF(9W7&Bw9U8iN=^L2i|{+!T+vvpr<
zYQWx8g}_?<i{n3ks?6o81V8eoDw4XeGIJ|K<Oiz|e@j`zQhr8D>IzL2`FVRl@A<km
z<ilTI_Z0rz`8uOeKEZX!%$GLg&3w@-U1&-4B`&nQ=zbmPV)fIX^XL!HJ?Co_Ma+Du
z%v)QSFM@A&aerX1`FJgupO5Q*AxP$@uLq*N=i|@$@{!a`Eab1d7wqfJ$M=Sr`8dPW
z()0D?MS&YHfsM=<(2PaX8GvK=PbZRQr}IW>BB9($UN{>XpAK#RAi~AjklPz&6~zJ*
z<PDAlD;f5|cB*Wp_{(7VBMm;Ci8!++WVnecEpAWxKq$~XL-O`cYw0|-!Y;10bkNts
z;H!1d4!iUzJ9V!_HWS0o>`bKQ$<&@ITke7JLiB@OsvvumL4?4LnbYj_(1)q3B+~!F
zid26NdOdr3D!ejCThnh2I~{gl>x_}nbXmul=@Bc(Cq}I-i4$o4LL$hF<^IrBpJLnS
zFM6U;tc|44lU033bJO^;i1SMP?d+dGN(XL6_!#%4l%|4=21E(lS?hM^Gv2BpX5ND)
zmB+Up`UJnjeV!%yloP9)DxTMxd^%?C$3oO5b}b`>0T|axtG@i1L7r<Dei-F1nBRFC
zU;d(>G^D=1{3SoRn9)=CWk0#ZOTOYKJG|sy{p1EO`Kq7X<RxG8lUu#y>wZ#QqvlP1
zQpR|aZ}`btFS*%IYNmMmH$SO~B>8tg*-DbrG$w6Mdrcz4PCry97|60Q%>aUU&37Lt
zG`zo#!vzw>BdOb(C>piy`A|Wcr{m9MVmG;`7<Y(oa1wZ2diVo$9CwH{1R5ZA=ex19
zBX}0hKTDfk2*%U&R%~jT?*#F7t~#;AbAqrbBX7xRoX@wCUsuX`t5Fv)<f?D`GmEt<
z^pMd22FXgOGDB2r`ztb{Rm5WU@^jBIf93Kt3#>v%w-PIdsJ%h2_VlX1O&A3A>=L{+
zo)Vo<2Vayk$LDl#^F3Y%*QyMn$23qhenMth{*wwSFN7qREkk3Qn&U5fxqKq!<^E$8
zMpBq2C8$>!0$lc+PF#}loYs1;gZKqqC906af}D*?bkx|nb@6Q0M17=(=AGXd?+NbH
zMqz(yddy5Xw`ev^XED>twyMNz*=%b_uypSUGnpv5cQo@1r4|THBw}%f{>lYHFpxuf
zbjk$BW;;VSLN1VLC)aADfSTj93a4(o`dIz<8w~Q1=cjkEGHH=6VkPDy6HMKIF5#)Z
znm+Qro3un7b<^Sqgy>dqA^w;=!wY{`_YzOe=)BCMggPtvWCOp!Vmb(*060l=1tm}5
z|Ex;#XZ&CM-!cSGQ!#2lm`s{bKa5B?ZDcqzPfd8@SWA-z=NDr6V|c_)=da-OB*6op
z%ZXf-jJr*k{RZsz8i5_yZO#8V9#i=1s?tc{Q`;eHft;uqtwx0^U9Y0)Dl~*kHr66Z
zZ^Yku(9CFhL^rB^HwKrf$n(S4#d>)LL8Nsp2Rm2pwxkXO6K>dfnZWae+<T9MZDo=E
zr(%iDRoDIjXqUbkajvKgJ6j6ve`L-75{)y+e4{kAA)E?t2*NKm;FmKA&WIg8%*0n%
z$&Koouyvuq7j2ya?P%&d9Krrc-IaQq>x4tB*KjncdXF4=y*Vehq!bI-orvdAf*mbo
zW<380dv4B{)E2Bl_Jp1!M;Sts>k2n@#5PCMXXZf0&PZVOtl^o{iJTLeyVEOAu&vx!
z$`4ZcNcxAetf-tdzm{T<{V1l8%1~<fy!LnFItW@3a#n={?u^T6#p`Y)*U9e*Bc_F&
z7bDg^ozc<_QOvZ$zi6P_N_>xsl%cUu(OmAd7%`17zINbwD{-OkKvd%lU((nSadw75
zh=w~k(sPJ}(Fyz~e$|q?NwXbBC#uMvi2NYI$oUv{XU(6YD$>LMBwUR2zoH^_c?o^}
zWpnEMSAxxftTpc}DpB78E3Ns%Dcq8}&6}#B9WCh*uW+OCD<$ziQ6;j`Ob!%ve9A%P
z{=M)~wD`|<dP)UWtR3Md8{BZ=m)Ga{pPA6l%!Ga)iTFD;jjveCRvBBTl{_BV$cUpo
z_zl3ewgf<(Gb>9<MyJ9L;Gq_;hYYA=SQX5A!8Zq(W<t(O?%ik%QY9+ED+SOjAj)V1
zd4n#c8}mqF2R2%XQfgL)!0wd&IJYX_q4>Pauh_-yH9lMoBxqX6^C13q>Kg_rZ99#;
zBkXH#e1#=?SWo}$#L9}?nh=qyMna>k<bLHwn%Xxtx@>Yd@T8TvOs&c)2o0;XmR|28
z_DXvCd;zgp)54N$<sws;`7&8cj<xJFAoPL|vr35Bj6JA4+|(I+K`JfQ;BX)_W4yKW
zR=?U+fFW81uwJMBPY|u-{_7#&TUO!?JZ_>sBtog74|1V|9eCfGcRL7^d5D*j7x}B%
z!><D-FG?LkEad59Q|G@V6q<emHA88v`Av+|Coj?T(A*j65igBPjC!dgb{HaYO*HU=
zHUC74j7txdM}m>kviC`ULSXigtIHsl@ac9teUZVZVAGZ0)9c{VLT?;?2NSjQ%^A87
z7vCQEv~SW1$LUkpVC<A&L_K%8yaBX4?jUFl3^%=RB^6H^#5z_UqJ83)K_~YN<Eg9q
zoR@p!7BYl~TZCQ8L-Y+R@#Fo4CEQ=7SuXoo*m*zmwiJLo7I~!Yha8J3LpcM18s9Yw
zpg`ZPrB>?nGUxHh!WDBe5J3?<Dd4qf75q>Od9=<FN8#|K;0pJ+dK5I|DLe3jw;~dy
zbSdmqJ(629Iq<5L{DeZykg0Qn)>7e8fmE3<o1KmpC{?6%M}Al>flXH8RU;gEl<M?U
z)!d>6rvEl`8*lUN`}hK$QhzRcVoU1VHIcw4*8Ek7aj=<()ybCr(<_=&Lz)$May&E$
zNxd6%a;<rnk>d1xOW+A>{zu?<i^n|9Ob=Rz>8cySy}Km-M=Awr&N6~~q;oSAsQ|y0
z_NQY@TGBJXpOrg8O_!CmI3I#PKhO8idDX`cpb7#UhZ5R10*JVr`C&0}fgM`Qp2<TD
zUIc}y^08oJ9$e7?Sdf&sg>P&zm04r6y-N7<L%=+1*&2@m&btO^Wa@D$nY^OZ6L-z3
zZv1=WyPwysjJx~;ssN=umbg}w&S0bPwDkF&p8Uf~9AbpVJgvJId^A{*(XqP5cg_0i
zo3duyv((D6C)rFbYAZkFKAKvB?1HLYAguT1M`>D&-<SzOs>9Z@H$!tj^;m2J8KLy~
zb)|&`D#vuY#7fHbfpu!WjMZk|7t9WCBeRHb-|J+|`yTpjC0`?u7}Q)$1gP9SLck0*
zWnu&*?R%InxtG1a7cgPM);)WTaC$QHq(m<9naoA>$lTas{KDQ_j2!Q*mR8XIHaO$C
zfw;k$Mp2a8(^n}WHqt)xqr&Si^E&ekP(w~bn>?lx3)!`_5Ovm*JVePWO_DvWPs!<2
z&IRP?VqI208{*gKYy5l`i5MWsTl2moegk>fKu$F9;mk|&vR~BsATKJ8N8*D3b;HnQ
zv>}8_&-xMlPyB#J>_k&Z>_|ym(gFgH$KQ-Nujz!w?iS~-^yWnM<|%XqY_=SJFdoUi
zF7}LiogV%x%~xpQYC@>?(~VE9ErEAtwn`}8s^0S_y-&Z5HpX^#uKMHOc*@RAsscKy
zw<c`xd}TPfMh;L=?B8xjAv?SUOWR;G3&yqV`?qNpx=itJY6R)4a#5~Rn}3{0Pl~{o
zR3>nA>k08iTu6G0h%H{(dkKo-Efrlou*5G_3#i(q`RSATNP09ZDOu<8Hj-|JjpH-b
z*kLyJwDmtRdqgk!0qEGdr@)z-94=#Y=5|mr<a{DuZuYP<P}|2_K%HSv$ncMPJNh4D
z3)?r8zGyoV3Z9GN4>)Y2ZH-=!E=tCRC?Si6Jx9hCk(3H6u@tX;WcoQowR{e1%+GXC
z9if_o4<Dm08&loN=&-j}r~y8E1}Vt4#yloFdaWIJiQkWhOzRv(I^LT9swsAl8SGHP
zQr}wFK%b+W`X83{%0;Zvui1fDsq0l8qpAhbBG#DK^t+xGw~bE^KLG*q*U|p>8$d+^
z_nSIq;Ll!mv)$hVpWkL+&GakS0OGsz6;baQP|oS*#vyY)-nPPPwJ9)cZ6xq4%@SJ~
z&s==$==4T=*h)LMvathz7wEtA$FhWC#I%<v9@`*(&k47K&O{0itc<_T=8|sq&}0vL
zzoqo!meTjlrl3z>S^}L`;@2#qmcSY-@gMvcldAgh>8YW2o$d_%@ffG-E;KL%d+Egh
z5+u^7E3NtGu<2$8*b1=be@j0xkQvR2dFG0%32P7`uCFW6<YRAN!`_9r40!b<zI~OR
zZyzt@?uqz<b2Vl0n|xBiN4&Bc59Lfm$}-w$c1Ap^jpKxgh?pK*Y6lQ1P?1i5YK${#
z8PR)YMj5CbNmp&m^FLWq&=eDwAeBT%s=JAU8Kj-~I$b`iCjNS+g*PokRf3#&emkH?
zGrLOZ>h675bzkZ&uS5cm#jXrH&qH#(wG>GQOTp5$<I>#Mn(GqHF)In&U!ePwBe|8>
z+WH9zB*KhKk1&f1V`6rYv8Q*GMFVSNcZ^Q)y#xo{Z4pY1dK44D=F!fmlI&lh3mddJ
z^>#Q_hEipZVzwK=vQ&O3w=Rs^n6z*xMy`6}uVoDI7c}aYS^nv&i0KA<VcL26stOqT
z(D?=?nn97qr+xh~6|1b|dX+M}^h0EODB;F<RubMc^+2}^rL|o6dNvuk)>c~!7yn99
zXt+~hW^EMcA=x^VC1;&Q`aZE!(axCYN058q>Ap6Q9$lIq)d&=Ka0^YO)2+q41PN)i
zooS%aY}|{26?`s(j3G>Eq*1pYkjOkuT~MPv`Venxe1#s!l9sb>z{tyStw{P>b2xk2
zgBnS$`aG@~%`D<`k+O=+J^H14Cg;`j3&UwU?SXNfp~M@TLM9%d%y?hjX<-PNxh`9o
z-_OGRHTf|$Hfs-a6>9Hmc6wC*UTAO={QwQ3FfO4$Bt7aD*h<^30oJ@5NkbC1I;#?Y
z+hM0i+}2Y1VKcrn)dl=btgUT<M<p+&<cDLdE2~bVA1~8~7bjcSzPkN6<2W7R_jA@g
z?ign{uitxVvb84LPjBL<>SviLbS8nzHgBQio2KN{6D#y?AFo)p#hd?LU&mJJlXHqb
zDJxVL|4ZTP*kFo1jX}-t!_*T8sizZ8)KcEFt7jAy<9%^oM;9uOoxNvYYYMGdNf%+n
z9ElDaOJL7vV~_0F->O2D@jn&S@SoJMXP<{=2&J5}120-h?-cH+1=;-<McJEY-6gAd
z7foMSmO4x~<YcUSUUUx2ZuZS&rQo+#qIFL<3sJww(0cST^s5LVukRZnAG?udoA|JQ
z#5s&zRGH3;c2P0%DC#wP!%$#I(*vbi<B&6VWDKe58d``r9}%obn~S@3f6DHxWjqh7
z?-~FVJBU|ir@8t%zRd0$)hYbyuc#IYME`I<nn5)uQ;k?fg&h!8?W9OuKNac9{sIe7
zi?*t(r;94CL;U0SVbm=L;0O8rZS#9=7VAj$VSJSx&X2ST-^z~(`f(jUQnZ-~vHCIK
z(S{_!8nWCO>VVAIiddhneyD_E2dfxHxpeiPl+;$BS*>K8uWEK_Qe?Da1(P>PdH>KP
zs;^IYpQo!g@~yYXAJe;Z^^0V<{efH7CiQitKBo2T*WJS&l7qB+Adl>Dw^EOzFpJAc
z^5V-V!Idee9F3WY&yJ+AM;hp_`v)9o@JK#`0}c}KWL9;{Tlw@$*{^4t$TdM$a5n6C
zkBht63ucRTn|mLL>{qfi*&*2~?nbYq9MoG*K)=)*(16-R=eXS)y8fQ~i+?j)T35|d
zYX$vR{uCi?FR~jPO)V>724zw>oIBM-GJ#GgSH)pqTFoD${>#n4Be9~1*WN{e4gAVg
z{|DJzx@POE)QX8bxI?ajdm)ElHql*cZIoyKcQtD0d!^F{V=b#IiM^+&(mO)jnf4}i
zwwgL+NG;%Q?x+wI7n1B`b?L@hHlik&1A6YRz-QPCR;Uwp>OS?#y=e=8n!8F}!5rc)
zKVv)7oO2iLF9`I=KE3zD*>93}Y>R^c^%RRC;(TVO{w#oK`(cdiPc(X~7ordy<?M;c
zj#vc9HnUhKQLLGl+8k^SJRWggR?Go}g}*9;;L0s9o=~A+(iGIb-dR}0GS{jRCJTmT
z!f7(WJ6oKs7-(~62R%*(zdnqOQ>*=BD$*Lmcdvy&!dK#pAUUU*Gb7C<nZtM+L4*+a
zF~B}lC(SX}MI%mk<I~%>+kv&#e2bS6BzFTJvoZOKw=roYKccwpZ%*QC1ovdrc1n8}
zoJa|wbPFeNivvll<g<boih^LTR)gkww`rZdil3O)ajtCf8zXX~siCn$)zxGVn!Jdf
zMbc%5>0l}cF*U-ZI46A%A1+gKS()>cUD{=~HeZCMg;LRn34hT&eO+Q_Y3u@xDzyE5
zj`PfXKq4fFstwjZaLd@rkSD+cxnF(GNVKYJGFL+u3S(*?PRj3}AdkX_$=tZV*Z@Mp
zw7GN+Z<frTSgDE<?gRUN57>B?z8f~s-Ub=8=AZ4C>VfvVK)aLO%B0k7pw0cd9WkH{
zkP)-<&~EZPU$pV*LAyq!oxAJWfRCE(4fUkyhJh<!OL~3j(5xvgxwjO&qbus(<K7Ta
z$B=imBR4zDuW%TE1hvO7Eqj2+&lyZK@UfNn4O1Ixn_Y_%ol*ONDK*xD*G*3#20QAf
zAC2fjOpVfxNFZ1-qb9UASX*i$AorGk!-2=G_B;4a8$646dUy}=w3*D6EgbW5wzkN#
zhc&QTDxdR0D0h~>4$KV(<LHbgXQHI{VHxQ#MB2BlE7l<}RKN6|WUQ$hCtJ^M(9$>u
zs8Q#x7H4}4H(ax4IlIMi!^~w^X4;@sUDFfD$}~-}U8EnG!C$VygNw&|2>E&*Ax|ei
zHT1u@nKu-8#hUjF>_Oc9ht7+vHS|2`J2lq)<%Vsb->?i8YRCpjt>j|m3sH@c&sfck
z2vI-;y0RBGaLOz5@A@#07ws+zNPap!jIGxw8bDNou}yi5Wwz}aWCM}80ztiC6%EIa
zj|_Xqpg9z!baKSH;t4_WXIqLOY0bgYH7e6?Dg3%WE@w(k0sb-`SMXuK!W5j_`@;iN
za-y9k&M0TNRUA+8(bUB4j84DI_r;g7*X$Tl;@%CLG|mE7<%TeC2rS#&oBg~~w*IGK
zoi?u?sb>)G?x}{E6|~u6f0-|&=l=DJ4y<htl5QnM#o*W>W~-R2hXMpgfUFO%v*vNe
zlqGPzS#sF&%?kGyS$Ys8y@M(4)(W3vs5Pb|ZHauzEO)cYYxDD3@40<w%~gn|wtq_N
zMf3+&0IGXr$IPZC5q($Qbj)Vv1;CK!D<KxT7!Z49^K@7^67Xmf#$=^@B8-+0fwR!V
z57fiQAgXq%>H{LHSjk^g&Q5WK-UuB3&Z4KxR6exRRKJ75VANZ&x2Qvx2G!9K(={fP
zt~sqW*|1hMgamF@RktTI3yR!%%<N6mIJi+@W_AxV+Z$8qwg|NWRB|?01CzPcP`XHN
zl_s*7B#JSKGDmod{K0%e5Avk*+1i5qLzUyxqlTb)OVLhnyeKKBTs)1hK2X({jY1e;
zD=6yopuzMwHE0D4s2c_Z!(=H&0#D9dhSnAVrk}xm{)mwFSxHFO?Mda0{n}0)XoG5Y
z>YKem`gArST*=RUvdpY&kHQ!DC&rU6qV|=0lXvHtJOV+}n+$c=OtPzWe%**Dc~jKn
zB>7Y#n_y;xzAu7^gxap@q3@R$=zFtA;Ew_f%^rbou9$IPXl*kDUX-hs{Vwo~)qW?L
zQFQt|c@IjPZ8Mo1$^Sgs9)yi>J53o=B;>ODr0t(&iYQXwv|Z$7nh5&{StZp68Fi*e
z+nJ<w)6}cKX7J)C#q^z#?#$EpTHY1W_@|g6XuOrYh@DS6aK21gK7BvWPWeXz6IXX>
zY5DZME3}+WfC-R*BKlryI<prY;53v+-=WIiG*o#|T`!`%%Pj(dPn1Ec(##X|sIWZR
z-yoHlpibt|tNnK7IJ1}t1)|=qYJQ@j-c@R#hj{<8cLRoaqv+_;a*ucu)TxJfpQ|R&
zw?2Y+zxO?#ct5hUK)he^^G-SOc0;^Vyz+>5=+fTA+fsanUjAPqHJ&_f?pw?Y<HrBl
zN=n&7Cyl25SRtHo-V5c<K_<77l5bPjiFSumDG|g_U}KB(wlz<e!`gxCL>1UB<9|Dq
z@WirSM7v)x(cWN+0bt|5oEL<blPg8ZYM0H=TW(NgLlddhqt1pX*5>K8sAEm$LB30+
z)VEY3PpgF<b|B?->yJvLuJgLpi&AqhIB!NksS&+(b|ISLO5k%VJOWK;;y;qz(I?DN
zM}2KYeuW;NE_#d{KrEBZ1#%3yf-2nvW*QbAJJe_xb9|!Q3V-%Aj374Q(bU!tlB_u?
z5+0zRv>clsP2D2miv||tf%d4;*r{9cl-FF=K=-mo^_B-c`g@$AziT}D`*n~0PCY({
z=->HPg+1^+BmS>p_Cg-*eZtUQg=2~Yo|w79r@fy*d+)JRqdw^&y}yleiz;N-hmph1
zCKOK-mpt7N+o{~nzDL*p=yl!03<T)eC{NG%Q>?9m28qhVc_+GU6pA`YYi?qXybL}4
z&`NAI^ps6g1m+h3Sp-r6MSW5~Q)LQeRX_bm=nNW$k(t4q8D9!<{sW>a`kA-i1)j6o
zC9jE|wwb3iL(Xk^Gb)jlIgL0kwK&h^rQ{}$l72{W%`bcyDfuNy$z^o~5$(Re7m*Pt
zDeTEv#VTRnOZLtN$;ZR<S4xX`PKiQOCn@gH#9s0-gAFj(qMwHwKPM*4)7Pq$of^IZ
z%`T+V|9=zhB;-Q!8EA&_<6EyeNS9qsPw|LywQy#`M2&KEuil{?6;aRMn5;h6qExxc
z%v=fp4iGwih6MeF$gsZ}+Lo7SAO2g>sI57MwozYc<_PA?tmhL&B=4t#CiRL^hl<4Y
zH>aU=>;+I3lgoeaqspMjrQH{~e9$A8@%JE?9g}==`7?+oh6>5Lcl&v#l-+8`<@vnw
z$mIdwRq20%K0X9c`=pPDGB177$1>4JXCqM<u;BUhXscPrc`}LQSdeYE8#>|3wojO1
zeNK%5<O96_C&*+ceczKzJ}M+(d$4m0y}Pe3YB>{Xl9y}8|9?a+FaLi^Ef4I2J}NR7
z@~KB3OZTFU8w_ncl0qC&wmaXez~5-*a!BMHKqC@)cW)B8crOz9(>#eBuk{9X`(GlF
z1$h&avHkyl`uLvk>2vAhb*~puihq$lo&@se>7%bl>`5En0@Q{!z9s@;;?^;7YpnT?
zYYwzIT1*?4Dzi6j)Ru(pSq?B*^^#LO+NkrJUq~Bof30Z5#k6rmo;Eg%8m`UL#?4CA
ze<5u=qmL>-pEgQ>MU-^jhBp50JfAksfKvLjagm>QihHA>jX_>{v~k<{DlL1icRpkK
zDb5BvFkduc<_U!(7$bs)c%k;j4)Rsr7{|T(<xgNNr#Nj5SS3O=V3m<a{rXPrd>f*3
zW4^+ro_JPumZ|W0zryFyp})Ao;`3L&eZmX4Xs0f!*O?%W5LUzo$!L9Db2->aPO3lK
zspTB|ZJ>9cQRO}yuxr2+eFhR`w1LS!n-hh&SDsxNuk}bQ$O7B1E8Sazj_?A*0YaaC
zQ2{=(EnrqtOZpq7Epl*(q{&kL>=uauMpz*=Mdcyy_{58z-w>|b$8SptWqlO=vR2Yi
zjU*(ST@Na)m&<Rh#0GZXe1ALBTbUZZB?6UuOx=!Zh?~nJsZm@dIJJ_YMJw6kUplpN
zXyUVev1sBmA_5LG1Pw!M6b5D8^AtgaY^R&>j^#k9UjDm@N6KM%=@ERoY(nK>lj+is
zFwT_L(sK`8IH9gQBg3+84Q#R!an;6ko&pr39Yw8ED=IP<Dx01oxf`fQoe>SZX%Js)
zz(wThhMM5QsSQJQrD*xWXv3k_vS{6q$-KmZJqA@=n=^pTww;{_caQba$%E*mF+)7F
znU2?lQ)Tl*)^D-cY-W9i25tyDW%DDc`^?TVJ^+bb#-g8S6Km#j6z(5wvQuSE9L#^1
zy=41h{}yOXR;3&i@`Gc?rU4yPwl(k0ZpMmHkoZW%|MC$Hch1+XVV+>=9x<lexb?RI
zB{OIK>@kl;cu0f?AQEe+TpMn{*~K3;c#D341Ew@5Jl#F8c9k`0MFGI3ij2HXn*-Rg
z<!oMUwSNfp@Zg0qS`m7be&$*NnVAN?lD~kf`pXftgWC-{PT%e0tXXIvUss*^B^458
zhnUUOq?hHPCQ#a1@JrJAIoO)_Q+`HOziK|zR0#IQ2(IAOT6J9Za5iT`wAT1;i}R$1
z()c+|s2h-F8B)q`)^xScSruw!3l_-YYCiuPgRVr#>>CqagbwzB30pydNNR6PNbJ}r
zeu06+ZG2b^iJz$=4-!d!<{@FtKNnyZpkb(hU|e<_F7xGC0(|z2JM%S)f^1W_7a^NB
zTc#zx7*K?J^O8V3^O4$pln=e$6w2fg&uYJk5~6Z{3YPbUY?)bm*B~_uqXk`4|0c2+
z>n5=n>n_Rn<9pV!uoh#uZgL311LeFLZ6b~DhI=%4Da*iQj353Y?M0q4(Y@O<1W%W<
zR^lrry^R2?>@7d69krf4L_4v&Hg>fg_#ieb95~HdFq9S$pTdDTWg+W^j<9w5nr8M1
ztBreWVr>Oxy^he_9jYXb$?|FlW-t7==KqOTBC*Mz^5YBFKvm`j8FLh7<oCPS1E714
zWe@JHUz24Id*7O$q=3CKW0$_)m<tC+bqB4Ry2630yUVQ6p9R};rLpJnKi-c1M59*w
z#hP@Swve`=w!_|^wK_9~3VM3uuZm0+9l$S^)mJ6l@z)P4DYJ|69?uvF&zM1M28?iP
z%Sua^ltvOO?gW=n1kdBb<R!Qg!mTo!b$N2SI=fl?zRUgX*}ed97a8si`PBV-4XtZ(
z=b0?Cf6eZ7;+^^yc7_$tWJAla9oD>Rqsw#~uZB;?r3Y~goryf@p^t>eqd1hgJ@=NK
zYHi@!m;Tm*2@opY-fP}g@%Dq<<`(?El1ua=#l<O0A-m<T{qR6Kw?68u%x&<lJ4$qb
zj(CwN&z%G5k(sakKY(H;&ZpMW)>>K^NNB?JNmCvgToMhGJwNjdJH149MZ0{WX&0_x
zJDeO{=eDG_=MdA`Y>%Ir8KIYnj#{bu6d-88V>maufd&BOl{q$3X)2gjyLVLw+(rlj
zQ_M=fO@CzKskM*gltr|3S2XZ}m5?n8Han=w_=GYq&hweO$TI_9W<Jrtr<Hnx&&<}~
z)rH)K?3YcUUla;)4dv1%l?6)O6wGa4BCtE9TH&SBYP9_}?1M;Gr-%X`hy{9y@tteQ
zbGg`19FVUbh)dq?nP+11ZX5OWlGtXCM#1LUF&GAf{hrU$1$K=ca&9Gx+l-2?F_o%!
z;h3t0<Eyh}YsXae<KSz(%v4-qLmZ{*YhDD2TEF3=RBqD{xDtGEoBNQ->*-IAe%*@A
z5pQ>EDOdjP|A!BX$e*1$g!974gCAN8=0n64ln1|yji)d#?XOtZcP4i1%OT5(?##D%
zYbQpQWHCbZkBl5!L3SprOs@)pIYfrNZp{ml)si~d_@cb#E~KJUN=gP3^ZBF_j7LZe
z?~zgQUd~D^X1*h(uThe-ukNXQ=X5r9%-yNtR{Ov6HuHBdKbksHUBsicW!RgZ%UmRN
zoY_zN2l2Wf&rX+Vf@pj4G7s;FmcD6TZ*enx?{xOOwZcR@(rN8uLQGVApmE!7qou^o
zTzp7l2Pf}yR=X}vZ@a3BPF%vTu(M;2u7hlY@z@`|i%RBL3$%3_O3%7&NvR?<S@Vnu
zsV#RAhn&1O8_3_+n)hX;+PWT9bR~|6W(JeCQzJe2@AkayBG^Goci6*rTh|j|q|22D
zo<9XIW=trU-q2QL<{oGtJSq?E!FzOh#>qX9ewJ^X&LyQjq?2<<&wXFBGq+RIL%!x`
z-lgQbcRbP$N0U9~K%2-tbMU*7UpNQfqi~;d@FOz^-(n786B;`*J6M1mIA1?^o9W70
z)0N$(D`Pe$cFmbpm!5vxUkr?=AJVq#qS%o1bOYJx`?sxplqgpO%F6a@T-VS&qBJAZ
zbFVoS8S~~;+bI9doX#57GoRBBXTC0q9Yl`TnpHH1wD-T#<K7_xw92hljjrfkdWOHy
zcmGuj{Vn(0e8zKRxZN#!?fEw>7g`#Ny6o1RCQ7cG-QVe6<viB5c~jf2jyMcrH%_NV
zn77|7b)FBl{i6fiY_r;RS6JeW(>mYSC$V|Xz{dc$b^1#4<<_=co8p(6FXy{}&RW|0
zOF7P1OK0_Swg=nZqP85hb&!{M<M7Tm22oq*=6$H}A9DsiKbP60@Vwi3J@*4M%ezd@
z=&jCH6S#q9%B*>Fd9P0IXxp_lKC5?w@k?<xKAn5k*XBDPKZoY~_cR}GPP}1tzHxwQ
zdeFef(m%#+2&6`WD`8?2o92W%H|;}*!UNY1eBRl*$4W6!w8pGm<=@w39Lf^!%r?p`
z8r4NG&tm0v>B;|N<(3#a_y##+D&vQG(uFM<&_=mUte#!85fMq9i6R%R3-Y60KhSH>
ztn}2{!^wkzqWSToRzIfk13eg#1dAaLTUu<Tv{)3_^Tlm(uFoDXEf)1uxoEL)GIIBj
zuN34*JA0F%qjs)aJ+)I`Qs~EMYB;_QQ~RM2hWk}A1DEt0YHpWE-hnvEFSJ@%Ic#Vn
zy5f_BEA|X_zCw%cw^8a;dPG0=!1z4e?@*m-9f18GNw*&gZn*AfDY)6MdcroxN)SDx
z&XdGxl=j(2jq*n@O!b*fXyP@g5f56wU2n}hnQjbR>x_8N*E}QI68;WleSL%Q0OcG}
ztRI&utA`t|$QE%!!hoQ7P9<DUqJ{+_kwc2-AbxvS4E3RSjzadgootjqoz7}S(P?#m
zJ3{Iwzld{5NEKTL&w#dpyFUXG#d|Cwo+diAmnM3xQAFv<Qt{Y56;Vu?O%>Uh>Tm%a
z@pb6wiF+8G_@B1VZPFkdwgG%<ecM2I;U%7JU_jnBaCE^oK&us*i_uv*l@fLS#<-hP
zV~vi&4*mMDv(w!OpO=!d02NB5_dq_=ufH0gWOOL5IdE+yW)Z-gnZ+0K>}}Q2V`CU9
z)>uLh8KK@k4~D*CC9lv#Ap$1FXN=w=8()#$(rlf+`g8S`74)vg>>=yu)vztr{Hys|
z%M!E1sCxHKME||y3r1MXFTqv#iRb*{@lM<&5Mf4lTJvOFJEaYJX6D_R7gbs`&xZ&r
z(MpUZGqfB|j|;=!GyAIhNrFsFMUj&_G9c767F)mt((9VWVhT8$Uk0kB_{n;`mL;>N
z*B?Oa{*_)!7B;=M=4o@*ba=)UUKg`*qoqA1ZOLe9RRw#Pub<s7O|CEfEM$%T)F^1r
z1&b6kE=%mKpsmVGrv`+!QlP@Z#nJXfL1qsm%Dh3T9x!H}?(?I}3bH-^7)5(yJynwt
z>D=TQcFu5ymyC0!mQ-YR8zpaSh5ZFO-UP~cI-Z?b&u{qjfal=CE1P{Lz3y2t>G#~f
z<TEyqAssL1{@P^qNavFm_4q3%-l;YIfu6><$(lDEWWXe70;EafJ35+zSXCeMmQ^zD
z;t_Xo)HC;w9*s{C;n2xyd23%>(D?qr33OFc(D>fDtVrYgk-q7r@ugFq#+Q7KR}tsA
zmeMy{pq=x6#SCQbBCnSMc+a1G1rT?NVg=B7%UA!-xJK$9e$nwrCgC*(yW(wL_dDeX
z0B8!-XTGZf>4NH4sN|rZOYx%;D|s44yvyE>or)K!*SW+2<hBgk(o%|dol%0ea}3nT
z`~L+W$XU(Zy#-1mx*M(`VFW36%*N?;b9c2d#_2=N5}a#9lIa#t5YXVC4gR$_TQYZ3
zswDti@8gFD*Stb`^S}32C@CbHhgYarp`1lQPoW&!qfl<{rBLSAQ(yYz8GY)LN6XXH
zpDqPjGh-L~M5P>4;f$|DjVviBleGm=LxSdUkAc9YV|)aj^0bjMrA}UM@_G<<k>WQw
z_=7)>qTK=O>|ooyV6=?{wpj~?fp7Zs7sq>h&PILA4%9n-e&T78o~(P}Dhxxo_Ulzg
zKFd_{cTF^vv`~qe$=F`X%z3DZpNPiB1KB0!qkH_1YCiv?qtSTGM^^HOpvK$}jR3mJ
zs2QJl8qasgcOUqRG#*pyxBOaH9_M%EK@X`mI2-nm8hwf{J;hp(WaiOTJbiHbRnk>v
z=5>|J^SVk$_PeHyk14F-Uii<nF>7*9{THbIiTV1^?5RJDZt}7(XRkEF1hs|ok0*A{
zp@tvacCV*RT|mfTYWRVt-<;Xj`Doitw5gTZFRr1Xr-rYnh9mMd9Mn_8zcoJHupvLa
z`aMFzu7dsw_clKzY}@Y63km&N34~c`cb#4dM5M=X^G0e;g&RL%cWxp(Sc)es+ZeWt
zXzFWr>e^a6H5RIP(%rbyHa?weMF@tSB34pKS)D4u2W2o<L&b;~lvrD)AGLP+(7KI7
zpl|<>ITZ<+BQr0%U;gA1h&iwQ^kAh^M7d>iL^5&gocl_X>*C+gh6u5dh|)KV6Mk4V
zjtFfVJEDx(lXM4(Mcp}X{9w-(PLGlu@k5JV9kr<Em9r|_&v~57oQ!qn!d1jyO1xux
z{$T8jRi43i-nq5bunD@~1gBXOppoiN-T+52Ry6!FD&4M^>1krM&G*LM!xH`2P8~jX
zcN^oMadbgAG#hc_{;KmOW+N`R5Rs29j|_Tt3E`*2XG<J+?q?ECW*pY(?lY(ZP?iPT
z-aIYX_GFvP)8!$I0g5O{DQM%2V>{hJgEpy@<MKh>X@lBGlox-pk9T`@wyD!Spl-mR
zt@*-(@`a1P+^6`<0p2ay1ZG5fys9!fY)3S(bvpYuBcr8eu9(jch|e|Yz>=0yEJ#;X
zqEmUO6}kvdaQUF%c>jTW)Z7md6RxVvuI`~_W<S)xJ2gPNke>r><j@L0zG{6hkWY9i
z5AuTP&(zn$&vpK27RuJ8H7&zFBF19pJLMo?EeD96yPE?<mM4!Wi(5&-p~SVD`c2>3
zlD^i}*`D9!KFbkPaBE5IRj%{Ud7|e`jLH};J|hdXJ9pGa7w>hL=vo(R(pLAo9MV)g
z!6#yaThdnusoflv!o#v}Ypdd{s{L4ZId|Mk`$Ov76Gv<L73sU!3mL&2M0#nK-N4>{
z@X05<KYRP;Xke$6On?cpQFm@BZ%JQT$>9n+{nc%MWOz0H`6xTplq16R>Uwi*dVOqy
zZ0K9Hde~LOt?BO}^s61^@xOXUvbYgA{zUevo=FO^#E9$quzzCffpI;T9B|I23+bgY
zdy5AdPMnPNCjb1<1?H~r+)>Yc7nW=gBA-_jjj;E5DJYMnqreRKbg*q!W#}O&e@S*9
z&YvQ9>RP^24$;uQjK*A;bmGn0>E=>MKVm`qyH@)x<_Fsyvh>NUbqY4rc$4isZYSK*
z=?58gyXSj5bsp|*Zt09|UUOK1*Kx+WP``|mNtxQLWoMtvxsQl$HGG|GW2U!z_?tRh
zHrnJdrpT2e0COn!0!1c|yzJx|Z)DDgSrzveeJdLzh5{Cjk`mKvHm$AXIEqCQYj)fC
z86-9hh#km9G=BZ`kDU{4oB7Bd_E^tn1k&WZ?g3u)J^f{=VjBs5&cBI_b>)uu%Nk|o
zd4v=J=mZ838-+nxG<N(R@QFxNe4Qa-6pcC`3T58O4%=f&^T1sJ{Vc#U`zHcch?Mu5
z{@hV3Ar`snhxnhvi;v%owJcqI^vHZr=&MJ1LeMFH@!r%G-h9`*anCyey}swXp`9AA
z)y`GKEq<67&Q4cm$NEnRO5*9KJ@f$i-m}1qt6iw2qD%bz+Z?wr8*GKYs#)>E7xouu
zP9sR*U6(-I0&mV7s{nz}WeLew*H!p2GdAa{J1_ELX8ej*x~iih`<2k6DwrKFj5O!Z
zmMh)jyq7%%^I@*~*XQL!WyJnn?Hu7p(csmQ=K~m^TxF`zQP>|g3M8fmvy*DvZ}eY{
z>4+P_sj$U4HR2FWvumtj+!2SUn$Eekz`jV(L@82z!%Thd%DFmQ%KSovwB2y;1O1>!
z+uaAB6+Oz!zdidG_?L7KVDSDf#uXLlk54Wy>DR9x6Zox{C5HO3ec|{M`eny2FXdhS
zCTaz7u9rzcFHNjPb5XTmS}T60A59YM^dm?{$z*=mMtm4oVuBDF80D(_0XqO>B@e(R
z!|6?8H{cpc+`t>O1WEY!M^sMGJxb^69;I9B+VyVm^>t<sZSYU(WT((K=kT=C57jlu
zi(+3o(zq>G-M|!BOULZDFj@C?M$Dn=kvx!L9;yop0z^=;dBT0o@7AK<6ZM<F$&{I7
zepAVJ`JpRTTGc35tV}Y`>rDs)tMb;mHl^vz#VSYVW|-&obqVvlweC9q`$c}a-;!1c
zgI|%hIpDoSX&PM4Q-3ts!B0$lSM5va&w<M=6Yjz^UthkjpESLwFW=8kPE+Oe<%9gB
z=~I3A{(jOlU0?ohesZx_*z%K0ykw=H?C_F<{p1EOd4QkX<R!o4C%1aZDnF^H8+4=E
zPwMb8$svAHs6z5UKiS|VYy4!8q%W1-Z-DJbqb!+tpb01`yN~9M2PF;2D)_BGgQm$k
zV{oKMy`LRk_)uL7zXja}o?6A4sV06G<Kz{zU~uwh6aXiq>ED?S*y;NXY9VxtZnR1s
zyqR_(0EiPpI#)(T1l|e)zd?3#&$T#@C@<1Ae=Cm?GWof~|M}o1ey~7U!W4}-zg8NL
zEG^1{KytyVNBOGc5q;|hzseDDt0?1mGR%Ej+pjcacUe5|@K%1Zc|&Y)(KdH!KiO5h
zW#RtvP)J#o`-?!YA}8*^Du5W1+8}ZPvy#HaD0KeY?4R3(o1pE~eACxJ<;-t9s)!l>
zN^bh54>cWX=8C5cW`J+tE{sVLEfKJ5>?KB%ww>`<(GfUS+ZrwVu(_jVeH+r8|85h+
zycWj@?;EoZDaAW8gUa)|h#}#Uvh!pq)b_}$YQtC~;sZjd`8pH~oeCPt<jpsfOBXC*
zSKY)tP~8-W>rR^veu$n1*b?MU8}&Yt`l)hp@aQlGC!G2>274}Kh9uRBBoWe{z@OIO
z2^(v<IM%=BCf5;hOeLA6bg1WA4hWk1QmHA`j~e~>pY;2i9fs)oU4Nsmu3w9pi9UN>
zpYL~lUB2rZKBwy&)OD_58XPUYd`Xpror~#gf3v!JCTi8A0{J7FdH3#Pghg5C7TUpE
z?*4}`D6pt`y~lKl&g-;>Qwua1c50bH44pI=qMVto>ma06|7ia^)ZxZgLjNUuw63$y
zh6rc#83~;Kx7Z4>LU6iVb<^1ga(d1bLY*ADaO!6zW1aA4WyIoXkzQIXpXFmwa-KtA
zc3usoFW@eiG6~DE6EM1bChsId>Ji#i{uB|;FQA?bdf00<lMNdIsvtj__vRBj9shJ(
zx=N;oVt*f8JP)?hXQ0roB!1@=1h-lre>)Li-}?vRhO~O1S~U$m!KYy-{BTL;9Nx+E
zEQ&9lx!3gl?Eap-=yakf%>0_Y(T$ewXnZ={G<8jhb;C-`z8l+imBwD@s<XMf1dI4_
zY=l9pJl$f}dIj^%wcznr89P#kHiqr87W@ejkt3b_pN(@{%o?@6rY!RU84(c*Y$im*
za__+D!2@u_LHPk9`3k1$(}!8KSQ`o&0P;e7)et!`q^pzskmaSU!6Qx8{Y^%f`{D7*
z@C}M%hbhrpUqExLVXLy#ny-+aC`;%GcKUSGCKikFs>%kK-9ezln}T_?7$uG(UN!SL
z==6oLH%rEJh2PXML4x8CzW=I8A!i#dpWcN~R`Ok5gwiuHnOtQf-(58+b}SRJI}*rQ
z^EdGhiMzF{%n%Sh%&zG@|6D@QN<_5SS=`?y^SQG#TUCs2oTZ5l+cfiJGhdq;pKfl7
znfbCtKd0&1)H7XQHPf})OxLDagkMp0Bd?kmJBACTqr)~^3;qqH@ElvSS2QoAo=_LF
zrGe40jB$8HJgp27mJDBy4~VWvxL|cKU%`|4*{bP1Td#L&l6Jcn9p_Kdg=84M;zmuD
ziAl2Cz3nS{-=mCRFY1vW(eD;)V!^h}-nYa`zDl?HSl~xOI`&-P?-niaAhY>N&&s~=
z%-$<|_$Q;g!k_qaSy<e~@XiNCw30ug2O)<rkKWooy7$^{<88$3(WVEj$evc<Zzj)Q
z&oe$}J)gSQdQJ@tr7tfH6TYGSDt}cUQ&`o9(NtHN31pGEfVYk73Wd)gncb*`4*uj9
z`ri1n!^a=9-iNO$TJA;o)7Wdd8~pK?JKW7%?zb`joP*^5%>7_Zc;WC>UEx&*oS9YR
z_N@6;?tM5t<k$R*1}gblz9lSLZY>Q~?Cu^_I_sFdrg>%rR1obZ5F+NHtGn6XZU0PL
zetXf0mPdU$aXvppC;ob@kAkl};=lO~KcaZ)tTb<Yf>C{xM=*-;5B){bp3nJf4Nnzc
z@_4FQ$Uc7VCx3o8E!v0odZK=q6)s;B5tv}_LD}i@L(~oNsFNg(J0t3%sbv~tl!JEi
zb{Wsz2R6Sq@Vg~F%Dcc!RW*4vHh9~r=%rq|f<VoO2QfS3gEdQzi6l-di48@t$JO&p
zqWTgJ<a-37V<)X&OaId=vd1ina5&NUA|zIFrvkCm<jr{pZAR0axJ-2JX!<rbyOr^`
zLaF-PDsFaE-(tViE<24SuOnsrA&fNJZc?04vzARenXOozkOf{V!OB8BP-xpoHhKe7
z7Y&kwsy2FcdLYro#da8(UI)#$%KP+0zR^{qGlpavi|jWxVKK?&K4{{SH)U^Ze7Ddm
zE144}YCpgnCyfT)j$_+}g1I+xre1kiB4ue76wS7jlC?@U=vRYH!0&)-tSrPwe9|7)
zEw9lgXZT!mz+nQM8xM{8{NT-DYU<})t2^N!nw~@ZxI$>q>GE%{kTVdzr`d+0{zE=-
z^VqDY?5NkqMWFvkD#%s;c)X0FZ$_QVuxP0%ol;QP9<P&<B5cLI47_hU_tz~{BhLF?
z7)ZsM<b9>R{Uy7!(>TuRAR{g%wdRO}`ph?Nd=tjsA0N;<YrfnoG#q#@;PB857__A8
z))Es(`*$+^)x=uFpbGMdZc0cT2%Z|G3Um;ZnuLNORg5OKI!7%DR`hZ>eHoJ{6p1%v
z{y?(@dT73X0jh0$bE#zbi>awEmYLu?Dj&O6!?h*H5JRtTRO;2Az4585PkcJ22cL-0
z-!mQ`pD+dqpMLIv9%b18IPe%Drws;8IJ`FoB@Hyy!y0dX0OD-@nhg?ReM2nstabUh
zvc|CK4?g|GeAqWi#RjP{p;P&R_!CfD(3>j<fUz*1%vxmb_A_H-vfbFhk(1pmsj}TI
zz^s-7*~C12%$k2OZ`o_9NQ_!o5?hxYSFrE0Tdp$c5zjF%Y|*dlHNVlo`q(XaEme$d
z8eY-jY>aOiow&O4(~{VHs<)Doj7;@qsy;nvA)Lx_y-wPuKV=;uC%QH$&us!82)Cwi
z_BL4omQ1H-BZyuipH(Y)G{qG(d$?EAwn%!=dWN#r#==hEc9!M!=8{={H{b@pww|*&
zYa613dkJiuag@TUNiNx<VzP3&{pz%3a5<}+s2^UQkiJ7bcAo3C;PA!f5(Zx6s;g`)
zYh3(Cs0NjcI#Vh$Ir(J}JYV!w#=jw~J7}Te<xfH0?vB5mDF>V2yZ+D@D2Z=-NeT8$
z?^<RvdYu5kl6*BFz?J(OybtW2ai|>_1rTKAh!4xSG};TF4TK~sS;?1prz1G8@f4<U
zOXbk@c48Ia@%RFwGtm`Om#hUq;q?O0dH}?9Y_bwJ;W2@x1cV?r?wdytovuw;W>v<_
z-O#rCXSNuWQ&SS-0y-#VuKH}q5LN=QzG9)y#M`@aDLfSIqx!;S@{kx&m)$>tbF>bF
zS3g6R*y?3WLq?W(RzUVGUL3(krtBMyaz05{->zD!{6tg<3HIml!#z$P&(X*DP2}77
z1MI?lSgW$P@alN|Afn&OY})3y*d+1En+2qF`T0xO=OMY+Bu%K1pO~v_mAS+#)5PaW
zzNjRYnoT@GLi2kEPyN|xze>t!j#O?dPg5>^QnjkU;GrtqrX%U~I`dKa-4Cd4s6NK(
zaAI)DBS$J9@;J@isKNcl6zkpRJMa1L`<yiO{!4xSj;hG_ISE3TaDcbXGp3!p@5i*G
zzPiWIO^iNlbyjEh$(C_ZA_FpZo}hc}ei{sTB6d^b-g6sq?$E}UJz}<`7Vjm_?{VI+
zo|*OKsh|X=h6+K0A5A=|cn^7Mipk~mZ2jmZPfZG^mK7=cO#I^vAc|wc{2x%MRv%>U
zCQoQA1M7yal%u6i<q-S|`SFI%FvMZGn#Ce|r=HBP5JZ0k<9VwmTtP0&U#0<J%|hOj
z47C9_l5HgS5XEYBSNo90cSE@@1SYi+zr0}YvX<faE;uAV6Q1LoA3KCYIooxa9h;@r
z{8`9@T-(tv+J8nxmc3xiSi0vf(P{3y5@Y;*H2nkUQ3v$she#3c$KMX6j_YYGc8eEh
z$WC~dHlwv{iB&6ltHFPk`=pY1Yvx}174-rjzlBVQ0I*GX>H~<~zEpH&tq})LrAPQd
zu55}P`z>zJB}|^FV*f0cIz8<rVwZ~dO;PVI5UHBhrvw;g!0_v1|0nXFjv-~s7UktV
zpFiIz?^yJY351TJvv^=-3SwS^dwdP#jBHz-Y0xrkm9H6_TQbm*G`zaTh<V+HJ#$hB
zNpGDvvwz09Rj54?fxJ^ckegzi70%R7?}#fc3W;og(1u-4fnA?#;nn8B@|N;EEainj
zED1TI?t@?`uvB)1JA+JnN#-Ne7h`lVFfWovSY1FJwaTI*({V*|Y*1&KisZk=RMJcS
z>k<9@Th@{Of`l>``>{2+NDAeN%vKY{IJpGz50={zPW`~F<_fcT_EDpJQJYsoU@SUe
z#DO=1ARv5)T4p`z0-wKU8(UIw1lnC5f88#DHq!qZIu3ovRWA)nrX>P>JRfhE^#sa;
z)!enRh?<C>!eM*_0@lDsk-&N@afT6j&#oAo8g*|Zx4IdGdAT_~wa$0qV<ix%vLrsI
z8BYNZ<n?^92l`q`MIQ+n!*LHH$4%AYl}+}s+*TyFZcMe_T*k+nP-crve=emzEV>Hr
zIT*faZ0hPwnEqCKK7@YrvAOxWflN^~R`TZpkG~eY4fp?cJxCwoES#qh>BL^K0Q*{A
zAzCRMl0sCCLa~?p>gz){`}9h-Ewf6k_A4d$YOP52T&&(9)gC87v%%fXJ)p%4#*dj*
zv}SxRh`@2PKHW>UH5K}@tyw`oF&ZKVmy6a9XC?byK%7cLI0|Dbsv0D}Q1&RpsTs((
zkZ)^#E6kSBb4LX$Cws8Jzs>J(Dz-CU=vWFN1w-OTaJ5U>PD#PsZzw64Tapgpt(`gp
zDR^#4Y*jY6NQwWc{5vo&{|@%$-`H$Z=~@x)blKb#M`XC72Gfv01IBYCYrQr9@4Pn1
z2{THYqE*Cr8^IM`=$;(8+zR?#4c-y*Ej?l@a%C_w^6CvuGxzJ-htegPmk>XF0e0k&
zcp!75#sK;E#_!3aps$ffzmGiHi99OXFP>wjJH`;)vpQs#CbT@n9SzY5KOYps>!u;y
zv9^I{IIsinI!aAH*bYPi{Jc*|Sjn&Qe<;vpB~IW6<HgP|l9n#(<g$p3cprdK(`v<P
zIh`;Y3KianyL@aTBIwpAbtc|K-ZXp27=3rS->pIXSx;6kedA6J?7?)bWPb^#z7!7X
zibp5k!(F#)j7Kp4Cf8kq(w^`-#eM%(FNb?CjPTl!tG*F>gYYUjqnGfC&qwvWe?(|(
z;K%KE!^kyT*&~d%f~42#Kk@QQ@^ejB57cjoq*M4pJKQ%PM9;r%fKYvX;bZRCP_<{1
zk$p+B=(8+3Bd5+*OSnPkbyB|{eB@YzArIBHnWq<q)9pBzdi$Arlb)&rd6nRecyayj
zJ(;l5Bnir`51F_cr72eH6}z13m3&dJzd)2VwNlRY%WdTeTG7%;<5WdnEWDga%1-x$
z)^vGdc8`ohpBCQLBLQXbd}Pb7{MJ4?K-V;cb=P`dt4)8uRL$Dy>%H#Mreq`c``+Ow
z1kS-l!saB`J8B1+(quKcqi^tp&2je|Ve`a8C8ienV>_SNiAQTRC=R=(R%j<USKWT<
zfhBD#lKk!$`##a3oA^a^XsN1xbm$%PaS__TV4sL2z9>F)kni$gsE?s)LPk$CS!z+_
zDp&m_Wv5qY=hnULP2H`$Vk_*V1T8YPLc6sE#LOM_)+xQ6!Pfdk?9_ew#y#_T&&A@K
z_j$WrVW20A-awt^&b<F}F1Jc?vz2Ej=5RuCUpsXb_u2l8df9%cHw)vc+VgTpU89za
zKW0(9?LOdj4(0Ojn%*b8y4(LR;k9d25xfKp!K(-uFY~^Tq^n7Q)+-)g;+-iRM3M-D
zj{l+Ud=~Y>V;iTL7AiBrrd9~mp*o@5H%&0UZv#keY1+0kye^zdiJE``A`y1#k4-$_
zzDN)2BDkkT1BioTJ7x~G6SGBt+WA=S;L#K$uC*d$bP#hmewL|rYF)7LmF7a+2IIAw
ztuEH*O)$1^P*{#}wb-p6XHb4HwhsMFv7L~QUo6|C0vNM}J7b6+j7|P&MfR#@OeXCM
z$de$<Mht?mY%G&Fl+_}FBk7Ul5|oWm<eJEAl1A)YYf#Tx+9Js1v1VKne)<Z{R&!HP
zAfBGkL+{Ix7C6wF4#rFryKXh(yMpS%j!P75YyN*Q5vFBp>8OLU$J?nNz=_%Xyi581
zePVY1A5?@>$1!p7GefCxSI~Sp$&@I=o;9co`(sy0e5JX-FBL)P@~qSNi{bJ2gq@xa
z|LfclZ2A%W?}PZ;*}vrRC1ipaZPFy`qE=UR=2qc_sBJm+^jsVhyEL^r3Wadn)q8G@
zH*!Xy`BE!{DMUi_FvSFR2UB2wkUee_4D9ZODPK2*g(<j@+QpbMoHrmz<16OA6u~Pw
zlq{U61eOcTcT7CtFKV)liz2BO;Dw!jGB5BjYge~h`hTy2D^=K2&c)9dow|A#0OMPE
zEJo9#xV&%pE-vreRT3vs>ou73sRDbt%=rdhPe#+18hACGj=K0(Je$3@K<`Y%*`Lsc
zsqrTD1_e)p^m(xEdjoS;_8u9xEN2=G2Qa#VY)od-K|?HxtUVvw5XQWqj>fCP$d&o9
z@%03CY(}+cF3Cm#tX5U~vj84QMahgh=U|y`LASV|CM%866mXD@m;^8$DXy%J;KWg9
zBIQ~u)jYKkU^=mSN`a2xQ_MX$zsI!n%wT^b=s{Apwz0RkkLL4+<nz|Mf6V9g(^tPT
zDUA*nyGDidtJyQ8-`m#}triouN)d@mGckdOsC}?6si1pA?Yn=kuN3DdEyr;MIjyQI
zj&W+XV!3BRJ=!ndzn6cfabV!v=5DX_$F_|;Z7VRgzxjEmjEusD)797U$_rK%IY6a-
zd$7kp=IC+-+;MZ&6TW6xN3F*?YG56s$r0-)rpM;G1{{sqq+q*9{wG{_Ut<Vkn@NnE
zOti-VldTszwr`N9arWQ*_8gZ|v2RZXoL`oGRpp2ZNx{h6t~Ra7#Olh)i5<Dvo7*>}
zr{uoO<xT59v>xiPx4#HlqQyqLTs$}j#vc&D#tP!%vWy^F;WqyM(_Hp8V=zgFN*}Bd
zQg7c(2@4n5t=bq#?0gRsJ6^}bx^mV3ezNY1m=RQehOtlI;NNG|RY{An10%kp=oZ|$
zBdJ*x?$f`c`c1G^<W2Ee#Lcfz1sM~)jMiNB5HDl4moY6@U2ZZ~ETS)-SR(6Du6oN!
z`f$aaCc7G5xR_r;THKT_$Q|_*uk)!r{GapwQgh#tB*^(@JGFF^h@2lfW&Q&q?an81
zFd~}`mc`nS!Y}oJuOEmH8X9n}`pia}mpT6y3d<$3zWn;1;`GP)$H75DqZ4&wa1f`R
zV32>U{F}tTY1ZJjHdQsaO~c`_*n2GT9v$9egZJ3vJ+^v}68g#q5@vbSdJj3skrJ8Z
z(ds=Wd5>w{qs@CP@*a!5#}e<+;XO8Zk4@fVtM`y>tM<G{t@mi~9zpLR>4PGZyvH=}
z(dIoCd5^{3V~O|Z@E#ky$0qNw)q9ixN44iYYQ0B;_Xv8AR_`&%drb2lZQf&%_gL&b
zmUxd2@3FyqZ1Nskd0fKbx}!EhT}tBR?$um5$dbwX%^KG)VLsi#tg8Qz4|MsdF{1(<
zX$fsApx^28pCql4ORUO4N3j!-yTs0wnIE>p4&h*JALgyJisEf6)d~hdV=lqiM@>R!
zWys0V!wTF=N$cHWo-|_K3Da9rO9fcz8r>vCxPJPylnAa3^wZaxv{$WMbHTYW)AVB!
zKPKr1*f^$DKZ5+|+u!WG25a!ywbtPAmDb??RweBx)J>~0SYuV%_156j5+w&G7Mt9p
z>5cqsU-YuoISMHyh1Av4Ntg%8O2N%Z=pi3ngW!Ctk@AuENGR9tO0@AXaPCUnte^am
z+o2~wLs8Wl_7}Ps)lIkICZpx*9<`rnbdew2@A?}O@2oPens_a^CoJTeokNXj-UF!H
zfQp>$?|aIfEqxi={2_NpcPQ}t9{(Dhq;c>I{UCw{k$yxVil+apenL|8h>W~<kuqVn
z$cZ3BAv^){_o%w~k*;-@jwX%5b>aL%m;#kUM68db;^r10tOf(P5*wie$)b}u`z83^
zCp@Q2@6-pEjy<@E&8zR!Ms)42czYyu5WivPSU&ktY0Y~S#8<gmYu@SQNYmRp1lZWn
zX!@iZ?zT!Y3i@L9>+n%iQ;3PbwA0_nMVxaO&j_s9LsHQnbH(}xp=}+d@dGl4YQnhB
z7)>gavhbE6&b}^2o`NmhlO<Avb|Q(**iXkD_F>cR@!0Qm&bYx!T&yzAs8!MQw9*zw
z_ERH!l<h18&O<tDpim^05=p@-O5nUv0XsD)fW}=*hjD)YDZ#LEZ-i1;Rz_0y76Ckt
z`0#>z-<^Ujw-<a4Y}Ii))lZ<!aq*6P;Wd8jWoK5Jcj=R!{bO-EKn#!(HH4Cx=is#e
zhq`x<kE*)*xDyB%5Il(zK*c(0(BP#F3T-H$GZ5g6Opq#7yj0Vw6ucE75n3+<Cc#XH
zX=$ZaTiPeBR_)`Z+A88bkxNjkQd=wa8ZX5&PF2(jL4|q0zje+e69lbqpFiF=ADDB_
zK6~%8_u6Z(wf0(TuPqpo#E}m?n7_{M;4u?u_kahRZeD-^0uPj(lnh{UlJb2XOoowZ
z_b_pLv~>?K`JbD=5KKnV({6Zx5eF(XZPPzcy?6Cpft%9pxfH=?r=W2UDZaj~3!j`u
zg&*BLPG$DZ$wzK{T`~BF_g;WcLp9S4KlY4I`zepXZXx*e{oUh}I6xlkI4IumDGDOR
zgh<sW;&+Eg7u@vOKvRoBr0T>d!z3nD_3xQbin|9sIIC)~Vvr*>I!bak+UC#+%SYC>
z26cgShXA;iAI&tUNqd{q@)4uvdACpn3)gUFNX{Q255CeDeja>-`AUS^0KTg=zdi@P
ze^MUc%enUi8Jn|v_-dl&!8bQwyWq=iCXVl^N&IWl9<a0Ucb^65Q5<4sGq&2MY*BfQ
zf{$>@*UJj25l$cB!@C<_Q=@Bd&I5Qr{D_JJz6!Xx0qBBn*8sdIh~J<*HURR{Os@!v
zi0U;xpp+&2FeC@^5wY{C3^5_X(CF5Hesbu#SjcW^=x5-&zg!kQ+%vu(Mk_uS-^D}o
z#^Y1?4)FGb@(XVGtdXck^zMQ3469alRcZO0NjsgVZ^^^|fj8w1M;G|b=WKldT_dM&
z3%YkJ#lZiv9)A~PF!29bDcA4=%m3R7t=KkuqkR6JDtqDQEb<Nyp2jcxs6>mmYsvNS
zZ~)>hEAp3m<Ig+ZmUU~%?l0@+*_%B6zW86ODIxYfUEJGZ6aJfR#<K5Ku~W2|SiV=c
zki{8MR32@&TiPdGZNw?P`W9{_@Re`{Vt8*;7j}!fBF^`8aK<0G)w|<=1ZeCE#2P9`
zVKthZSyXhS*kbS)<`lX$4t9iZj^xnA&6#5m4nhNpNI*`YQ1eBjyUGxw1zEN@HugNY
zY@=lP8c7#?buI)|`!$@VQO2L+k|bqhSo);#CyPqzn;{8bRD_kHY~SB$xQdA8vN79H
zo!Bwr$yD_*1#LSH9=UGujt2VV#22e)c(51O50sw2<JbAU$!}Q010VA}X3iO4h!$=<
z71CPg>X_!^WDTpoe^7lgh$OrL4UuLbVoy1!Xy^1^i+5yCKmmlZY>}$725eLV&Y=OB
zhj!Q2`7z7pG;IKFlyy|Dt!c&L?zRX12cNy{ZvT^iQ$7Fs)eh`#L7Ou;MSL1g^G^@H
zJt6q^YRXuz(v|vlkNMJ7*MHKGoAVlSE|q3jqVFuMFA<8|QdnPxfjNDx#;9qllAOkm
z;DM25ltaQfVOaAWVx75-Yz?Rm`=S^ukp^wa4ZMn`E*av+|Jhl0BrD*OqgeLpboY}E
zwe#Pl(-~^pCZ#Z$(D^>Ik}{D8i}_}ha0HqSQKo=Y%2b8li@8&=gZ-sLq&&EY1F%yM
zwb;uhn=f&c1O3n#WXtwGoR86JG_X@joQk4y=G0!=yE#SFHY`=KYsRt7_(6L=<GTrt
z4o^oO(zoISEBMNmXm&uk)ATI3<|grt6v$m~>WWXY={C~*oXXyiCi+D|;v$`go@k|b
zEa}gW<TXN64ye)E)lJ4X*wexa6yI9EY71{_VBg<ro(x*-7CxRui8ry*?LBd5`WdRB
zL<7~Ml6I5H*}CJPW&Uq)?)A@ONM2KEse?`?-dGXpnT=>$O5EPb<!aUCp?>veaN-Jn
zoK(12-MTzfRDUt*4xdRRU6sbZf3B7ntW#&mVGy4!(X0?(SM40pto1}ljvTY4cdiw;
zpP3oy+<T3dPuNOIbV-f6j5y_VXwa!>i+j0+8<_Z+eW+zRuQPo{wp!A<C|i68C)OL4
z@WnJqD&ZJbZT)VjDQu4-sz(dkV`Cq%rTx;e_6eD5lP85u+ogzCV%gIr2V-eofU_$8
z%Gy){JPCJD&f$AoGqfKv>wN;o;-lTz3bH`cDwr_oH~B2hNgcD}OlUZ#rNzHwqd@>U
zz!*!8D+IL)iy8mDoFD0xDBwaJSlB>Gzup_Em$<$&bUZ@EYBMkTKx5S(gyBc=IGZID
zdw2<{@RoNh6$!6Sq+X|<6%Taeoy4==M?d)_OGq#nU|7@2%|tB&aSIf_7<Wc})cYH`
z=!a!fSJG!o7$ysDHfVo80(CuYBGpkoz{Y7*DA2@yngO)O6m)1&aaQtvL9R$*UE*0R
z28p*=1dB`MDQsyj)Vt^>(r)78x!&9V6DB5seZ&a+Sn`(48{8NEba27y{grM#PxWd2
z5N63eV`T$YS03`t+CkxmtgxK&5{<sESE|o(&Ax&4PJ7qq6RTM6yMcZLXqgs63p4$>
zsh}uTH0zmsS{~C)-i>}y<)IJ@y(2$<Kbx6```@EqH4c5j@*IcWNJlcGVyQmui<Nm`
zEtkwbJnuEpo@Y+bWqhTu0!{Ejvl@FJ?R?+-@p_JPs_eJao7R4Qbh&#2jsx_}K1^2q
z2)b%X3DIsdd*jBpAC^@(wk3zX?X4u2>JjEDqEhT_Uf|nS-?`S51zp}HJ<c;!q?7of
zq1aCL(-cT>9O2ez;uGS%gmfZq1$4|!{KNYNM-QP>#NDVI*Hq*{A_mWLE@_?R)V99w
z%x%RNoF6we2UE;?2r4!uCIiEURspebma~Z2UUSHsA53t*H-M6haD1KR)V0m3cAoQ=
z&zgjP`H7%THOk@0A?u_XX5(7ykPZ~YvDB#WiDS<Cu(*B`)B8h42IA$p$x56h5c=_R
zC2mZ%Y~umifM0)iX8f$>95ab%Lj8S~Tq-^ObFIAjs!zC~2Jv=QKaezQo>m!_KV)GV
zlnJNz8CyEdENELjdMY+pKjq0|76wN_Mv9>&EY+3@@v+DCW-|j(*p517=)6Hh0tvf?
za%Nej_;^cKC`)4MP}_@R1qiPP!9nZ(BPc*}VrV!c{)iRhOu)X7p7*RFI*&j!BAPta
zs0z|JW`*ir#puopogbND6L6clC6t_4?vCe6q4~q8$){&gD?ANL)0TNdjiL>bG$__s
zkog*+U;o7nVc<l*&foKghVjbA)j(K7v`9LxITh`_w1Ep0uNV7RTe&3|K`j@8aNzy6
zUN_0ZyUhc#BV2?VkgThD^118@*<I`joW*MPgtfjsVco9wgr|Gj6V`Uy6V~S26JA{=
zdjd`7yvJ<azC>A$rcNt;So*na*|=ed5bcwPs=?9J6k>?Cu@AX7mIeX=Z-~aT#ZhMh
z@xUi@q{LN(0-Y5mcUZZR0qPG02o2mz0vT^{Z*%$sVVq*XeA@nSvYOL@#RBbEu5jIa
z#ury(H|stO9_a4`_Ye!39^bjwyzwS>5>eyLPT2PS7|}rAKEJ<Ah#uH;m}QHKmgu*7
z33{Ve+yL9_-@+JJHwb>dWO=*jTLUsx5i(UhCgAzRTDeGO;Pb?j$09=pF6Ij5C;qa3
z;#n97YCbk&TKtIXlb;}Bj?EnC@3n###S*W2*N8tnD<i}}?jjA3n1o$VWMy1$1~y%9
z!aG9AhHMA$Wd>Ij)DOrE;~oniQr5l+Zy-$zQ}PoqvB0VJ5*N}U$eAoUC#iufOD@DX
zNGtF_dd;g0T3BW++@~IjrQPvf=MRCb-#S>?`)ZwNhuYS{HSuiX!g9R-;(kQ$oYFFN
zb(n^$El$&10H0}qc8`D8)@!qp(0s8b@5QY~z3~&uC6Q|gxx7btlR4Ta-s3+w#dyV2
zKZGNUC&%ml^VvN6Twq16o?CNC<a&r)nN{4}?Ps5od*_|+XNShy!cBvzKqH6)#sr3X
z|Gr<0;uY_c<vl5W9=-C<Bgd&iF0WOZ#9=picCEV@FlG<F?4XfvGtL9b6-q_h9Dsb-
zyBz~<IwW#{dWHkcQ<qF<6Ut0Cq5W-_aaivre4OV)b+Azq?B#uLC1>im$s+hrxK_>E
zq`^Z(tU)uovv__V@?<76er|koXLaKJ_-kOtxW$;a@sz;SYzVz+KDMhoe6GHFi=p+^
zK0dFne~X}Pb$oO^{sXDWh3!RmF*FVG_R2n9k4(ezHxaIlG(5CZm{fPxBMn?&saGe&
zko(-pC0Bnmd5?+CvcD6s3HqAa$b~5OW1`8qwQk`**r4UauP4n#1KwWrBkmgT^;?{k
zs8A274$qDzn_Kw;2F$A^l*U{6euGl9G?;7B9-zep^P{s>k3zTT4XA8OkTo^<-9?kL
zg})|!=}blM(6sn2XBb{yQc%B-Zy6@mtM}Fr?Ta~%Ks%K8#EnIYr+=Cy>k}azzhmrf
zrq7fs{0kg%QDb=nO^hD$(gzda%wIOnT$|&}9T_})tC`4@&sHDO5lO6tRTB}1WB(pp
zi;(RevdK)iM~7?1T=CA9`oGircYJc&#hzILe3UI4xu3D;dol~)pTghD!utRnH0yhQ
z6Y4_T#>)Bjb8RCZW19Y~%@+ggBXrIcveINfQ{BLu=NM~mYic#J<un;vg?(2<3)kVu
z*u~>3(g%Utl3<5M5@)^BY1#9z9L~+c(`#P}Me80A%nM?`(Xp3R)enrOuBs#sTW>If
zq~v6{?`FI%SetQr58m^W!?wah_I)1NSDY|U_BCHzRDeZ;8(SCdE9Tc%tc>1mwAAuK
zMR82xU@#(rj$^_W_YkBwMl;e}G<ZUD^>MhVV?x>XJhc1dn#6hQy_&=o>$l`Ow7xSv
zN&Vwow#1`e+ZK@~BS1b?DE3}n#ak!^$FB#JqMK$^d98X2&DgLkFex$KJ?MoAGzfGd
z+nj6*)P}{|8M_9jQDT2I@mCjD@g#Ar7jY8Fy&EG0?9{9{!VRWX&WinO<P102<WH^D
zV!2GA%)tPG;@vawhxysY5nX#hZG@vR3b)yTorm!@nw&ylh@)3W7VpqRtee0MwKX_R
z{b&$qGD`3Zx$R-ob5VmY{`9u8CxxLLB7fm|oW8Wh#Grm7Ur0ZR5=x;uHCH46y=u7^
zRYntSQBHL_F<Ivn+p6$2Ua&_Z`&3{%8-{J?B3x`6rBaaWTTzqfoR%EmMB{CCyg3}K
zG?qLaM2m#n<mp54DeWQeaGpqX+lwRLw%zn2A6t&w{1syeJ)Hgi@JRg4MUlV0S>10(
zylpSG438r`ft-wS@u}a$mJ~Lnlq@HMJbjj2r&U<LcWcJH>@?2f9%a^F($r8G+4f3g
z<kQuKAGzl~J~c7mePYqE9L3A0Ch<M%?9x9-12<x4v~YVYG3p88)2XL+WD69~hu%7}
z=s1+58y0wVJXR1x8vr0aAVc7rHm}40I>6SIJo|zx;QXm@CFw7RApnKNtT}GiSMlLU
zG6ljVImDTHOHuu-DCci5rXUO>8B120LtrBsm1v4!=%NQ~9DgU4`kj=9Zt7PJc4?Bp
zp|`l*G)YflWD)PBwDu}e?~q8tc11tEt1um5w8E<jM?Ut)!VJf+KGyK+D_!9-BdO>{
zGKQU>uBX5`1WgSWzgPSh6%IQq){lIqyLs}JN`B3nm!Q2hiBHOVZS*QPxSBYc2nDX~
zO3|%L7~HV4YCQt-P`BR(XVvp=+v~+{zco@`Fq(nBacXi9hkvlWOp)MBLHcJ?h+43X
z%_0@i#3rxrYjUh<=NPIT^-so<!&sTI4OwGQlXx?;mkq!$IP?tYo<Aj_sX_Nc8$|R#
zMo#*5N_y8Mj&n-;MiZyNO)lZ6vyzEe)u#=0N+%CR!!<QmzMfHiY$T+V!Oo1dOSO&%
zcqJF=^wCHVc{B$&fYlx@-WD!?E?ki9hS?0k>{x@DoqC@l5+?J;-E}zc@rP4ec2f8F
z!^z1@jVzSReI3qOCH6U61hlQg(4ux);1-BpBQ^f;AIlH|NHncy64TGO|HapF4x;BY
z>HrQ-i2JfRY|1PCZmn$4_$0RDXou2yP;vC!K|kk&7-`YadJJGqV9F0Ltf9(~6IrOB
zE+QAqc{gV!!uqSL+>!+=`7NDyt({cEunF3;HE`x>=}pDcLwC4a(zf(PqTh(w&eDlO
z60+f888YX+3DzLUe{xi(n}nJ~nXgaH$6ou4*=q^6Zcf{<D|hU)VkiCs6-bPG92*Z_
z_`uXn40aO(I@5dck!WJOW=%9XKNKZWe+}oyAWXC2EAqfJ5LL9RB-5Y$GEX^;KPN%U
zqa<>iKqKjg#XVi=9Ze9o`^`QC?yrhEH>{cWwET{me$JO84Uh5FU4Vm|BEb3I3|idI
z!pkODzb??+Ocrrw(8l?DYkNoE=$LV>bxqMRZxLvpms1ntHbzquj7$+lYOh#g&_~h4
zqv=|@u?yKrJZ-Au9Qn8;GpuI@6J>L6r@Qfogh{>TO_t6v1WoRq0vHk}>S-cV=t5TW
z6GKi(lxYB8PDDaB6~gxvX7*tY1hve+e<aaEjsuz{Ozfv)NJ<<LZ@#+Qyz0%_Y+?<a
ztB)j}RWPbYB8N>5joFC&ThB4b#}dHFUmzVUt^H-sO9KyEB3A7_yz*B-76Z%YZ_F8X
zyUoAUO`gaod>^XJn))kXjNEjSm$ItwoOdYHmu-jClG#78sd{(1IIZtdB=oWoi290z
zfF8?#qMIJaI||!64vO?!$2oBIf5e;|S=^c9?01^Loa5|kMdgwWK4)+6IeV*dc97Q3
zD%sl9a=C0ptS(M0h6%x}FGa@ok9WS^YKlz9pt?Fe7LY|2KS@&9x~}u+nhqy1ZTp{6
zWn;gOET4GVHg-(8Lig*vN8St;XPd9Y=yq4`DNI)HhTv)Z1+UtY?i#ZAOS*pPpwx7d
ze0QD8az($Xie~4Yet!Aj0_}75PR*s9ulH`Q>N{Sxs#h<h>ftn<{n$a(lPKx61o^5(
z-KCmL^|^AsueEGY-&1`iQ=N30&3X(Jl8lwz-@;XY+9ADAnIvoG`(>fEJY3~d4_bNe
z(#`(I$M-wb7NcWmgKt_K5;SXkY?8e>0{HpM(jB>ut^Gj|;fLOOR*_FXr{6`yiudaV
zaw0jOZx}ZOj!JaW_vg<=${i9(v_={_UWqicJ`!o@JRrhpK-H=6M(+D_|LC}LBJkfy
z#TzFTZx9u$M&!k98jRFo2UM_EqMZY5UI}wR6K51004r&)PPvrduJUc;;Kr@h#T&xK
zotgeD7OA8DK{k_9$NOS8)s?LXXGkwA9&K#RW5O0yBVfW?jIoLbZ*f*V2B|M``=RQ2
z4OaZP+wVCfQt^|KZokgcSz4F<8#v%y?49>dADDffummE!KI%=kv~F9S?Cpw<9U>ko
zr<FxVa0=&bnpO!yd~|9lNyzNf_}@3fn9dz=F9KI2`zo%kte19jW}HIEhVLzmr3U_z
z9MN+}-4!c*iX#TbJnuA`#=Gkfft&XpLZ!%{IyO$*x>$Fy*2V`~X`Xu&)CAJQGX3vv
z;maeT{aZ3u^*A};p=rU%0r)TN_T+#;2W>;QO}%vHO|7i`v*HG_YcX>Wt;~FRcSi-h
zQyCl;pwX~-8#@Y_I$F3X+_0?>DoK1TV#5%WbPe6AdrNyUx(|fg)L-3t+&>WRbY;NV
zOd0ZH_dh@;&WroHyz+q^VNRcqj(8>rN;9%Gni{vSfBqYSbSb#H^D>T7eKgWAZcOg{
zH--l2sD<fsAt(&;A1+{aE_po|;gLpJUJ>vBX2z1c^lNy(Ijfjs1J~3rb&`YHxLvpd
z9O3k2KOFkB3OKct6WLc;?{>#aw*a;H-IP7KRJyPrR;oX8TCpTA=l?{cozbViR8nw1
zQXjT5>cJJSSv#F`%31=b?oR{C4ge9;S9cA5&niAd`F%eU^JiBvL{(Jpp^8l}{wJ;Y
zH^534?xBibsEU4{*NVTW3Qf`7!J_g%>c|~bk-2Jj<wI%$OO4M4#E(?|_}!J?3b*+D
zvABftrjb)P&yaW8N~k&vo5NnEl4mOBg|0_A5rnSaf48CQTmHot0jOHMOX&IwM(#Ou
zeXxGWk9UmZ!ZOWK^p|KV+RsH8MjrcDaV&Mvx2(bP@=T3>yrTq9(eX!;6iW@i*Pf1f
zae;a?dh!e6Xan!~9_XZj^v{BU)I?4><$~UX`aCUi@&$b&Ga}#gzVjP89ba49rT$=#
zK{&vF&{*dMn2;$eQQpA;&p%Ih`{xE|SUI>}42t*D*T2SRF{e#eTN1AuKARrwJ@46T
z`B-Z7V{fVHeNKYmx+%nI8)>OD?%_QfwEDqRsIRVXW9yxTb##6$k?lD30Ks-^m?Hz&
zwziO27uKwM<|_bK%r-M9FZHfW_h{sbcT;@MkFoO*g8oHQlOe-WB6J^&@cLXpht|MH
zz@Gg(?Go$X+{-@IzYjTyl{P*255Ipl80w$!Lj8M|_g}Do?|*rB{rd|L%wgOAtNv};
zL<Q2^8?oxyzXcat|CSSGc9-!h^ZR#(pW!3{z{XD`Oa1$B#TV}1zPs(;d+GnOfB$@r
z3c6@m&;C8bJJ9dWI=_D+*#Ulzru~fHDnG;bl)?HJWbw+rc>j()W_ROP`rr0%EI7C)
z{Ji%<8^4Y7KQ(^eyvF+XLqEfhm7&M@jpqFq#LttD-d+DjdY?UhyY6>7uNN`|ekuNr
z9YR)|;wM!48=xxK02Luc8=x8(E<avzaJ*n8hee<q_&1x^#n5CB-^PipZXsIEbHYa7
zz1x1{2hGPR==f~e)<Ud?@vHPTP8i{9|0KZ{!B`4eK#B#Fzyer4PD8hXp2hjYEAlfr
zAB~S6e|{_?t<%&(Q=*9%iECRFX_nK9g`b~NGv>|9rgU+BYe9G1`6%DQ-uOM)@34`*
zU3WgFF`Z#cO!|wnFto!W4~g((4y;M+$dp>_47Lkq%UY3Fuq>#^v9uo0sPz@>f1<{k
z#3dDkl1KG<b`=DnvYVWH%MVk;c(eL#_FjKR;!@su6~tH65=APP$`}f0aT`KFn{o%Y
z0@=w?p_ialFRmY;Mekkxx3XiClw@D5nU@jqSpH1F{j3e-oQCR~?FG|H>i0#ju9~}A
z@~t&8Ai-Y|oc&-Xv-RY1mQ%=-yRl>#gJz|j?Sw9EAt0$qma{MSQCOmMYsrOSURLN~
zIyY6iL2R2{;$lX#Kin$_isK%FdYVDxya(5ru+e=4cOU)ncB9IK+(YQ#74mhGh?XFN
z)(~8o(b%BIp$C|6WZKta*3A;Hh@|9TIva%pJ&qRtanp~~eI1d2!y5_Sf!J`x<96sE
z`kZxIrYitTqUeNZ;;a+kEnep4p7wGd3`w9S-Bf~LYB(PU(c*}OlPubVLVLa=D_sBR
zm|^RkMx99Ea=zk1C;me|5KRnw$K?bKX+&I99r(8$O*~Jcp6ToCZjH<7Gn!mh-k^j8
zYRlKy{BSh-r~#$y!0TOqmfFC#eg7Ff%x0I4oAOtvY(k49ze&HfX(>gujHI`DsjmbZ
z>ZWQ68?npEjDg{%I4xy<zCQqh?tPc%$;;8yw?Gc+8#{x!75|GN44Tpojz=#kBC3#F
zU^u~O?1EyBTGbQ7RN{<iEN>vIH@<jl)~WCx{Jgxig^HDut$M&^oCLXnVjIA~DPZT7
zx$!XfHjPJn(Fw+g)$eGc`h?<4%-Vz^w(G2)1K|YrZSS$YSQMd_$$e)&cKLP1=B$^G
z^)ogQ!e(MgERo?bXE(bp{bi7CxeC_0&L5t~zRHPn&Jr!V<z@-Gf_Ki<@9CMb14kbR
zM;|wYyIjs(ZLb$;zbaZU^wf;+sPg(E4mTNde+fl$=ZgTf>LFX$SGM04oC10Yh(qZA
ze#{lLkWbgYvXzAeC#xT0HNI+4cF3@I`aq?m%3lAjn8Pd5H-^3A|L(7$%0^#osopWU
zgaJw*PqBAEE@?zp(q2K*_=}%31<C^I^c5%<KNnOuD5!AUKZ1nbmVmwsP<ZRD0?C^_
z>{mH@G&dJ#AfQLn*-&Y;p283$S|x|!H@$=ViXtfu0WqH@A-IYrA%PiD;<`Jkq_LXr
zCMQ6IphmIe1c=a)JTq?tl}_>~mUxhb90C#tjI0aY<UHungbF>(<c7(l8TAO0LVr*j
zsgMt$vu2>`WSmj1odLD#rbnHkLzN;}AbhRpQOHc1nf>82vU>*Yhcb&K9Z$WGq$pIH
z-VRc4jVPhO42aTbpD2|nV~!}5IPo>20s&DXdb)_xrp%3b>tkuRlBD8ZkPH)`ru=BU
z$P@v{b(WrEB;<*y$)YVHOSt^LUAK457(!LEJ3${ByV7)5PJ9VDss1JC$V8(}j9H{)
zYGT+H?1dstI=3x8T=gYWqD&}OeackcO_?Sr<YtMRe6YO1W=WkujeeAYJlgx?a-Rl;
z+|*Q~K{IJUG`_ajma{qk05JTU3-ahs4GTOV$!rz{0v^w)X4z`GD3Iy=0}^zsW+}kH
z5F;97#P7b|J`K`?|C;JR6<fhmZns1TM*(*%KTh0^EZKz$g?%bC%^D^hG))XxEq*ZD
z?E7AX@2dO$rz``#{S^0w4q??s3%;2%%?Tcm9uJb`jqeQHcAY=qRkPLTk>YZR9#yF;
zwa(T5wq9wb<k2IY=SmE`qF8UmVlx*2LrEh@Uk?b9?{8rA2vMnea5q8Xv1o9PBE1Af
zs@#<#DaStP1ALM+{alOlBhuh{xBev{7{8rusopPg3Ew9{c}l#ib4k~BCDjE<<DcJP
zB<YRs<Ve!<Cis9Ci-QV(|F_@^b5$B>Q)iWTTp%C0iGONMj$ZJM4n(9@Rya@}lj$U!
zSs)!DDe9e&CFr1>^YXU@&pA$u;XZ$KK|`j~+@Oegwl-6R{@C(cG`z=_-`oyfRa|S_
ziksQG!E^raAEVt3b5DGm4`{SpqoTZvCe}-6t(DNqKHU}N4dl@gHNsV=bS67-r-z(U
zmz}t@rKmjr43rCU6)DaS4x{>TRbCgvN|<hbzue5!l3&{E4(6`@B;3|YeNyG7R#>XH
z<(IOGm|$i8@4h@;YI{T2cdL**UG>LXcv1$M7r&Ex6|7`qZ!7n)#GfQuQpV$=zgXe{
zSu9A|q!e1rtu=+)_1LUPYmaXaa?fgy%iDlVw6FI52JT^b*|MA819t84E%q+N+w(ot
z3p)AEb|E|*rigccJAPsLr?C8<1V11rlreArZ;buFx!u11yb?X@z`$pt);s(o0uKS8
zkT>9xkFr)ddierM*qXrGd?}D(*}U_Dp59-kpAfh6>P{}yx`?<C5SZYYwzIRtM}J5U
zpaRm0F!*|fN1%7pR6kJB9eb(|8iiJC5SlFWPs#-<+Wc>-OP)DXZIMb}f`MOqcKGAG
z(<gYf0LztD04MEIJ^Ir8ih~G9i;A<uQxwkWldM0ZcB%cM?%MYcYJYD|Phc2*>6Q<y
znjHu9D!A{%>^s@s$qm#P-`;<<mgpQC9q%k&a5k#1pQC{6I$+iBO!q++x$fms(ocdu
z*pPPzo5wXj0@z#ztI3=wcT4Q{92v)&Dp-$ltXpB-d9l>Zn`lNf`=s{*^d8wHv)M+^
zKQ@(N!XrI-Ciwk|XMwO2uW+(h&*~bffGSkqpuGB$yVR#xBz(SS&$7dZ(b`OIyxOrb
zq^&`T^?QcaFrYOFZC5w6d~8ZzPdn67?IKD4BzU-iYg%p88^w;!{6KdrA>o<1y3=vQ
znOWX}Mu<Ti-~I$h>Lx`~x0S0olGz@Z!4Woze`Pj%?`_n)QqDYoV&yN(&!5cY7oyW~
z?|#?E^+&%ebn$MrTDth1PrDNz-?vRj@?#%KdTEoYkc4qQk~vUU7fa1&(YwtX*soW?
z;s=zgSSRBiN19QDG?Bj`yoMQ5r2jpfxX&#9G$Fsna9XD9@S7kgT}2dMy2tEl7P*P9
z30blF$E*yqwmt8I{ndyHL6g31^Y)<%^>Ono>)X>$3qsxM%O3vh)1~T29vstd*z7t+
zz~)O1e;&!<<J41xkJ-#-GzT=E<!&&=b8{d&ykkp_sN~XU<=XD?8x&3b!5_Y?_X%_<
z%DH%NB99;^z2Y4;MZ@u?cbwnkVY@ULPCDI9o@1C_skq*`&qK^+^WA{LlpW<$n77aG
zNdqjtoODL`<-E&yUdKqqw-@KeGv3*E0qgUD>(NVgp|KBVwe2f4g$0?@f?@PDj0nkV
ziZj)$*kY;6!GNr{_g+0PfC0&R@~6m*(A|}q_y_kG)jz(QH>!0%)#5MlN`Md7@{S&5
z4&kTgC}+J1s?;#Jf=boA5EjJDU@!e-Fb{IneA6T!!#mFF2@KQEOEzKTW62ZLKH1>8
zX3K{0<r;=WSR^3jurfQmm)e^^1+&fj!w5bI2Jn#ee#?WLMD${-P?r{6Vqf%5vlbaX
zo#L!A)`8RN#{ytk_dGaU^B_C?x9<oZIKAeW%1<mIhxX5(nHNFFKfhh$>0Q&OS3%Ok
za*VgB_hoZt&w4NT^etO<qN>4ZR_$8vLo9%DC2yem@8a%We4jtFH^jFaCiK~ah7)65
zGp-TYSGzG`_*8m+Mm{E>ECUm!<Y7V~E!uU^QpnPoCV^`{gf6{M?a1%z@7~Twh96T~
zdIotiV|Rl95!E$ZbsZt1d7!uDiCqT%m5GQH(}F3{tAZv+cu<KCkB~S31p*jRAyS3+
z$6V>f4`{#*i2e0m@fGCC{fhSp6HdeX^Y0irX|NLc<izYf%+G_B``fgSYnK4<*uT1_
z=Vg3e6-~2>x@!o=6DK1#<<Id4d-p1cEPkYmq9POdlOsKWW_3Lbr)6|4Kc}_*psu#}
z4%+_0x2^4KA2(8%r@xduP@Vi5ZtA_E+r(XjHxKoBb3Q*2KdsK=r(>rD{Fxwxl9Jh-
z*}^3#xZLRHk$L&|&gHjpuXlSgUi|wF`WBRuY521Y(-7TVS%i(WJuu~R-q1=kkBtAe
z-SY66WC_N*&*2RI_j&jfKfD~8X8e<lm;OZ0dN)T9EEz#(D<ePAyY4Z;%KM33sN*yF
z>rvhH%}1G)_0FI&jrDhG4e(Q~mQV55#gAy$XFoB`?jb(dC-C0AQ*y#<KWId@Y|&fv
zJ#{&H-K_V^Ld`N2HjG7&leKA@K9p?@T@QT-eL&0eG8$ptNpj|BRrAJn?hf^C->}OR
zS{Viu@inf%Q42DuC)b^0Jy~pdyODPn`BLYl8a^BmX?U=_mD_^4K}Km8p>bJJ-a<lb
z%txk3QpP;>b~LrpUe_cq!E#$I1p;d~^XHFge`sd^F8HZE-ab&<<bG6E_b1yOv(tNa
zKtVyu-4@^8XWmQk&QRT^@eO=p-Zv6$ZRz6p_JbGgOZb#S;@bz;A3wffFfF?`GdjLK
zR2PbGudF|6d_g5iH)al%GfZk=L*LSZtwqI!^*?1(fTdjGr}V0C(06T1s`ni}8SgyI
zX*ya&El<sblc~;4w~$qGlV;7rg4b5Dh8QEdnqNQAeCcstP5+LJ!HLXoXO8FwvZ)Ow
zH6ML68dAAl5A{3l?@yHqqCy9i{e5prClIT*c~4-QB#2~xr%~!#yy*mp`4!TDm(<^7
z%O~v?znlH9@@gHL`4#Bh{XLedz{33O<cU{I*>SmZ*()QQ%O2rec8<m?9~pT_tixB)
z>C6t#S)#q}wi~RwK6B^e*!D5GW7}~*_PWn)ADLg}v5|-HtIV%*-jvKa9O7<Axcdcj
zXSk2-Q4Q{e-7PyV@{pNTSrC`F*0TAW`C)1)wnx3?B?wMoV730^Ky$Q~xd=0FWy{vR
z#!TZll{`o{T`RgSo0AMrtR@3xCQ8i~TI*CuMG@$_3=LAb13QTO1S;T^<FDy~tW@zL
znyN&FUCa!(SS6flt7o>&67=lEkeirL;wDbSA5*&?vAftdttMq@R|pjvG<T>wc5aDG
z`gjF<H?n+Cr*L+yV^I49_nJ$o0c-&{dIK|Q1J*gU0&Pdw;c(9BsGT;T+lXyIi!ftD
zrL<+WD9<*8qgm7t+QOqgqk7k5bDDk(eM*lPkxGp}Y!ZS(YGCzDk)}T9pAH{KkD<;z
zT*8mndrgkAXu7=PO&kYdp{XHn#Qtno8v%9l_W*3o;M2r1S-Er`3ybo=i@3zwheAT?
z!DosBeM;Z$ngj4(V@bT4n+$%531L+FO)a#50F;%{_?02Hw=KpYMjH?C<xNcjwm>D?
zJ}D$PMw64OOda$nMcnL$Xkt=TY|fSro@#pQ_$@!k^ZiOd1(+?np<{4C(mxd=z5^rH
zE6lR^jv}Ygf{>E^Iuh;|94vbs*)=4^+DnZ7m($g+q1Ddytxof))~pYmRd~nuIW7$Z
z6FwSP5dS7=&X|t1R0V9&7Im9KkAGvZw)ZuCj2Nfwi+rFqeJ%x1Fs&xLkN*?H(!96u
zEIceBo?HoW<w}SzHzLq*jR-VeBc%R<X4R^{>VPSJypxdal`@x^?xybcyS9n?vSlk@
zQNIG%4bc1l0CwM{5SXtP#ybI-!A_RI0rVsH>2BCnkzFzBI%$yN+ZFQ}Dd~plIzpjF
zX?IBNW|J!Ovm3-(5gLg91tgqR9`OC^n>2XLznu8NYV021x|!)OxL!*!AE-O{b~M%0
zLX*{$R=fJ)%+-_*J@;&iBKFawFm5(XVN`$+h5vRS)+1W0J)szy=b^Ar&;em%t2h4J
zn)bYi&e^GfaeGT~-gBtldx@TB5rfGlYDF{;Ox8{Xh5^wn4X!hSV-M^KpB8+eImm|`
zC=)y|X&`&SLxmoic>vq0K<53BVsg09q=P~7v5>at3-_ya2p-w8@6a68kM*w`8G6@+
z!HBwV$C7v3dDXGxjpZ{1`s`Zfe;$8|#y=^nJKRnEkLqKiv3D!`2oP2>n{{MFFk8LB
zA0pih(g89Go?*h}HqOO;l`k(|E2@zveE0`pWJ3Nmjo?T-@fvvRMZlI=k2LBuE~N*w
z!`~^KE&Cr{eOhmfPJRmZ!qSrl@pD=^h%PD+NlY2l1$E#L+UoUOWvu0A%JfM4US(vg
zNi3+UNqjfVe>c*8wM3*c082GCAyK^yV*zQ0;#i*u4f0@l3%A*_b09K;+!ky5HgB(g
znc$W!o6L*F585E9uKGh&Tw{v;X`!(-j@aRm^)ETo=PN0g@7|*si2W&~7&Kmd!Jq*I
z3?NJNrPOUUH4QNMU?j)_@tvff8ttt4X2|bf&{O*SU-z^gl91oigJ>k*&z7BKFK!Hw
z=e7WOkci%tc+)M9<n%lD`uOvtcOiSDs6qP1JZxe7`%_~MPuYLkrMUzfcT-=N{_;Sp
zuS<W~w1oMPUdm5oRUvHiU*nB!4*Z6(&1t9b4cO*tM#N{Ee|`Y%`6Mz{e_(c)YI68a
z>?hyHo1=_RZuY);Cl6l|28iux6Zk}>4Denoz>m3)_beCb2HSH~)%zgLlo;kc_@K|0
z+cS%JOUJ$Ehq6=}Wm%ye-V5MP`X(w3UO%AMlX=iuy1TkJFuugs?VwYb3Y;acQb3=Q
z%;{aHDxUVM==%PjDA0vlTi+6mfz5jtwV^=Hv4q}4I22zn8(Xfn6IENTegVp>dat{F
zW_{+nYTZTrpx^t{dM}CVg1_El`Jeug%C82-2Am*2`nfxV4uZy6mi--0eq%m~ct|&Q
z^>Hl989r<A{jEgAY1~@(4K0zLL?p{h@n%_#-Z{C7^YD#W2&kiPRsAaP$?-zBj82wY
zY4y9H7T+!B6Iz!YeX^~!%B&{Zrzodx0(&*v2lm6i)g7_%vJ$o-JhG_7G}I(z`Z`Td
zs(MHS%DSQ<?7i*7GTU8~Xp6skFd>wyhZIKQ9Vd)?#aWspqqC}RNUum+N8kA76RP{I
zAGgI>ve=TVhxCrWx>wt)`?hWFOa6Xa`fV6rAi8mvo9HmH3A^0=5nSQmYp|I<o2P-l
z+?%&{2xu8+t>Owc1nam8G22Remm0lJ1z=u7y)}1h5ZYetTivfMvB8?#_UeFsPtip+
z9hve{tNcB0&i%?6*b92vGm!jZif@s;r-e_(lC!h|XEtbOKA!to+js3R1rIPy*LbaH
z=IukT3JdNtDJlLB&QE-5-UZR*?V3s~v+6FPl3ZM@<j+)dP4ae$>6&L3Qtimc;+@(D
zvf6q@<c1hqES-|Qh}X-0UAVs7S`;N<YRFAoSV4z+9tS>t?Y`I(Q)NG<hlF?{{(=Ae
zbDsTuDd*qg_c_nMV|pyfHsf;;bs+mRCOYO7r&0buHHf2XU6iX)13b?_DGN~Wk@o<k
zht}2~WJ^udH1*gm#!vJ=IIRY%e=lX}wjV5_Yo%@#cvn)|++_nGn!|8D5Pc`*`17oq
z*t6!Z@@o=7gSe_e@ax1TA?}fEOBnpfqTvi~5nuKjshB%USF5|qg@fPTBU>~5>R%8#
ze`sMVb^+eir3SqJjpcw<WvJxq+q>}teS{b%azBbLSBP>6PDnPKgmPej6jsAq$!Z2^
zriEt4JI`{OqPV`sf|zJFlmQpl=#D@HBA+ONIHml!;yg!_LloQUI(uc6PN7nk<HS;l
zcUC%0Y2GwE)W$Dt7ZoK_=1rkecq6xgm|!z1=c%QDhGIRHU{aN&HI`>n3H&^f4rt;f
z@T1`d1e+L2?@uT9Sc{L9TFY5yFtr=|en(Bw5@ZR}p(gPzG@=6;`47l7HDfkA%n9m5
zifiGjKN0R0uE7d~0CEpL=S#}f2vac-PjAzA@WZ-1-mx>@S>-gn$YWQ(Z!i(+O^>}g
zEM9|Uu*gV$r$61?NNQ3?yz^}5>gQ~UFmT2<^DGq#ODFJ92fm3!%?3ss%m$pQ6Bkyk
zpE#~?{lvMw((7mkos8HF$drM0*|GtDl{_P#P^VFHt*_L9Ze+{ao*7)w-dpy1&N8lI
zB8U0!_WV}*SCpY`55_x3Iail!L4IFhLvexryUq=5PJ9RDgK>7D&U@_ge>%?eq)&VA
z5VfY|px9lXf9hj56#Y>PKK&#LKYhVO_6-!4*b0Pvj%&E^WAMjt;WCz^0V3S=e1HfT
z4-FBFwyQ@Vg6_K!;ZM){h@e1oLIk}{V;Zro;54*g-vA&9rTK{8em_jVs2oL|)5H;+
zbVesku=xF3&_dsfSSpGN%{tYoC5pI+!<sd0RV@qnr>}L;IlA_~!k?wNau8uODyN{s
z@XK2?D(<VSj;UbH#A0DdqIddPb+8LHKNGI?s82r=u61J#riX&H0ZdQ+hY!;wx0y^0
z4mNMh;b1*VMM%O{@5-A*2z^WiB_)LTbOpQ|LH73E2hqr$c<B$gQ{n3loQf6YtpcOs
z%$H8BrSEeUsDtk2Eqd6eUqUAS``G#&DRun8IpBfr!TE^*4#vzD#uV8Du?wBjW#w{v
z()hSe>5B3<?BOgqf1d|-m7p?mO7LuPO7HfE6n%p~hBpRdc$<x(Gs2g#G^VwxoiUzk
zSH_U5#%wut3pHjdJvX+rW@heL*V2iz_0GzcPMoQ7s*kaDb+5AAPgfpm2e9&S#m6P5
z!k5LI(lZTLa#RGIXk)Mhfg&l*2C2v8P6>yiIHfDg|EzA)^j5nD;0Ik>^h}w#v<t5y
z`4{aW`hTNeN9jbC<9iy$Q#i?B>L6+;qB+OX941R004Y(&sr)=)dVxK}%4Z0KTkQKY
z%B$754tqFD9XL-NxJVtSD<37;Z`8XHw*?)z(U`S#LoK9hPA)`kug@e-spI?S(T*9Q
zQ?*k%f0R>tA?-SscAZ%SXcyA9YoY8754BRZpzi3N<T9T$w@<7Jk!4o<#BqK4rq6^x
zN&YQbxebHG+9)Sov&zUv`(vLJ+N0nG?azfAUl>kbM4>%@VEx3ZUd-s;X%WBA%+|-U
z-SnB+XfDw_{N@&<Z)4tnW|c)&r4BFHb2h5PcHmc8m_Ge8t0b>DkwL3>`k2qli}K&k
zTa+&Ryu3&{e%@Z`XFETqy#l|rp-=kvpP3in_cjnr=ksiFD5oG?V{}86t$Qz?EcxFT
zCR{?AJ^6;{op<>AxQLp57kl}X*+o0Y70rtvwgtxXukPM*KKp4Z%eN+<W(jN1mg8qq
zFUxtJy%TwG6S&;9%_Ww^0Dl$!puW)RA`^N)df%i$tztRT%xNlxd~3N<D<jKK7D5<N
zw8nQ9IZb|iSy4u`f(`UhGMny2uS_MWhnC<Wq=!3$2lVfOB5?$2LOuBN&{T!Xf(Z-t
zh$i}?Kbc&-3nEoOeUxsSY$~`rwThp!5m2a2FJ|g)y6$GPpJZVVHz~8vI*n^-N}i4O
zyAVSdQ06rjxaY|TFk7>Kt{B`xwXeZi{(sOv*_!8?y8Ubo#f4j{MiP~^HP60BWVEVD
ztOtpq(D-%oz&vMsy)tqa3)qkP*1gJaAE$9&UQ9}~WjMT<fp!`XmJo^!eeqh2a5tOF
z4xa?^P!BrjLBdxpCLS!0>Ep-?)9t#<c!`^6^m!2SB#d)e`D$KDxD4yz7JDF^F@h%2
z=2_CDo+mDFqiN^F4Vsk&X1LI<0mFh(ZQz+*_CA%3B;Jkh<N&*`DG~lIM^s#QjMG_b
zE^MtD`HY>v?XPF>0<Ma%78|qCX;iQY?eeZ9luta{x9;_L7GR7*fZ_z&%(IcL1P<sZ
zoYd@Nm-)rZEq%7u7IO_L#Kuhu6t3uDwW{nXMGL>wA1x`>AITpAL9<=K2-XD^G<g7u
z0Sxjbv9XsI6GKlYdF}LWKT-PV%S)njvYW{7_8x1N1k?Uz%f8!=z>`JmbU9|UiDCAP
zxmYI5Xr=>|OOVD&P7!h&N>5{7)?{o$)1*e6T%1-M9AL%)c;%r2r|Bdfqo@|ljFZ!`
zgUF0`Ph$stF{V#nO7xn(7`vqVThvC)Z>h{(UYhYCTlVn!!3E*w+e}E5^`=UjCMxSu
z6fyD&q+Q{?PImuQV7zwc?ChYrC>nUoM$n1-^_VT2M_p0OX;u0OO=|XS<JM_V&Y&tQ
zp-nY29M}5qL;>0-7Z+0rwqt<+#FL4JS;^FdJG+ps240I@svhMD0W<cpO=F+VsQ~yg
zRLOlq%Cqa-SQFX$T%_U6!T_9&cOhAz7>JGV>GU{XKY6^!^$bi;CDh@4<z{q@Bl3(V
zqknR&Wk25X`RYH*@BRB_5q4Sg1YWP{CCQhscvs$zzU)%(tGD!cd)l+6n+$cQ2AagH
z{>BSp@R%2EWD^ggy^m;w)$IH0?dtFNOQuuc-{Jc^K90dh62>#fn`Z3+E8gW#&_iD^
z6OE9j4ST{cnfgkDt5|dYtVIwsr2)P0f$e<<y(9zJ!K--Z2&ZW~JTeAxX&}LDEed6T
z?#C>UB{2M0>f(^w?wcKB$t$ZYPOOezmXE{Gn$-6Ygf6a%CF?6{=KQmR^ohwLG$*Lh
zCL-q@&U~#dzsPP8-arJqE!XXIyB(z4u-z8vwsLCftiz{^+s+kc3q#NeWy@Y&!=Qph
z#kL9WXC$L^m7RB})AUV<iAogc3gU;nB;AxXM#V8-*3I<SigealwF#ZU<$ngf$GoTz
zYi!myhBc&lxszLes;h%*x9Ktt4UmcL2!RX4)!TG0iuv{zt0yhHrkYqMs%(=NL3fly
z@M?+RGbDl|_pbCOG*Yfj=$z;~!XFh|+i$04B8L${{K~56oOXRJS_o45U9>4`cG^Eb
zYNko+cS5jf-GR_ytufFTFr1}NseddHHwr##TW`@D2rkc(!%Ko^*;q_251w0s=PkOD
ze|hlS5j+>!by@i!yRIlNx9iGs5qH&7se0&N*sgFcyRIy+4eAdo9|Y~9;CZ^0XBA}E
z6~2*=eGLs(-^%hkgL+!*$|}pQaC%)=HI{E8pGIBqQhSGraMF%2GepnD!E<Hs+^KxL
z4+YO&@La-kT6&<VsiMP)$AuekTamM>!I%T&YYX*=6NmI&>b+C-V(M+R>x%M?c3oNC
zp{vH*+R1p^m8FjLhw-+4781e=BlkB#PRZ#Qhd&Q&k#XH1>%FUe{IeibUdYJ~h8u<!
zgyd_Xi&|-_A6l)NM8}fO+Eo#>vm$6Wt4+TjE6ZCcr&ZdWc3oE9V%I=B28}PKt`4P9
zSEc$)U17ThI6z&sdS>k3P(GNOEzMzewqA$%4Kf%8xIsRfPt?~C)VDmSuf?tbZji51
z<)|-gS6^C^U{K3*EOBG`2Fnl5Ys_hvjXixdoS<EXE7Y@5`KYJEu8g@|SC$u0uDPj|
zR*T_r%tRQ@4G)`AiLHg$V{9!l7cj3=rlY{YYPNL-e(7rfph$#RTI)1^7X*l=rkHGP
z4Ficb=|dRlJzX)<PnW+y*hphwq_52x>F1&!4QoOR0i}iH|4Fi8o`&#Iat_GEs#u?9
ztd`q#nQ175WOI4W5fsT0diDlw#w<-7*04MFtnw<~VvjoaWiN?+(0?)KV_!tlHb#mS
z(1SouI^kg`G{@M&K*Az}*0KhDh6l_+hz-HR++3R_8lXgw?23q5t9JVBWp0zVtDVp;
zt4M<9Jif@LN6xr<S$D{FdZj-%xzf5(o&3`V9wUo)%6#lJKG=tMIohc=#!!|&G#Cl=
z?(z+)B^j4mM9um$kIA@HdOZBizV)C<#|UrV;xT<UKP)@&Z=`~psomidG7P{P8YpVJ
z`@h0_Q3ruY)S<+#Pz|mE32I**^Xb;IU2AT80seiIn~ScXHq3ul2h7zFw=(%%JpFg)
zPe63(E`NeEIot_JMgIPaw6>6ggK3OEYQ<J^Bu~}N=V`y;e}yk2-_C)t3u9h;ozvS^
z^*L%CTh)XZ*|OOWf(9C>W0)znH!2THP?K<8D>=kOs~9)QIQ#rLn`OmB`_jK8i4hgZ
zC|$5xKPF7<!qe0aO&IUDZ}edFPNVS<83}ZDq0j7pwAPrt6UQ&h5N0{G>QA-kzMIeg
z@)4iUpC|ayM7>Ry+JNQIH$Y7W_Bt9XY4#Rf#SSbVWHER)f1VML8l{6x>XpcBF;_Y%
z#M>JLl?h+VFG66uNnh;AmQA1`nV8VTCQF#SU6UoO$-;~|OEYF=d8OVlbM$#}Tf;Lx
ztIq|Wk*^D*)PxKbjMAg`2ctBHT)Q2mx#Y+nrP+@MP760{o+noNy69k92_HJ>La-7U
zMcLrf`>Kab%og5i<M4G{>xn4fLteDyE8|65f*d*W61?t7VP3i~pfEvZi8QJfmV>Dv
zf-)h{WK`^`RsIGV(kR+=U%5eEOi{U$MIs^MM;5mihNw!Djzxz=>h1;kn!wox8w}IF
znMUNMJuMdo_n7uoyw|kf9X<aKrakM#;@)^y2Y~eo|KcNf2d&d^Y_V427ln&R*NGvx
z!?S;^iyl1XO+7fE2SP51HPD1x&DEM7Y-awYf5nrCr?5nSXuGZ&Zp)(6MgnC%-(jh6
ze{y)wv%xE!w3P8LA87fqU$)g&iDmb*`3tUxuV=ya9a~#(_P&jFD)UY6qnEdGK8wHM
zQgp(LDt&yAX`CJ^^WGk%goC}cDh0BPkN(^IO8y+lSx-N@)?ZJVZ-?=&P2gwxH>&za
zzX;x?S+_A(mdAQ=V>^qn%e;#%L+0!GuOLj>%=zBQxw2gYFqapRdkROsJ&AMF7I-6b
z8AQ2eY}MrPr^3j$GYj)8tWt%8yuw_5Eh#I#lg}fn!`s^K(Z1_Q4|!T^Ss(6RfA!|q
ze)I9Pmg@$aaIPp1=|F2T8S(q)V;tO0=uaGlgJS2hXGTOsq}97j54;f(^X?<Bo0Jd3
zAE;IVLu=Aq%Q#wN&NP`Z+?jvLQ$77ZhUNS}z(AoB=;s{)UG!`G7B%Xw#G8LEE9J4?
z05AXrX&<{#rOwvK_b0inyFP5Gcm>P!@BJOhC2x|KzhZ0N_UlxMt(SYOcURLl&PVW9
zyZBQ0`p}=X&@5AjE@IWrVyGnEc?Ad8iI68omDi;1Q3gW8BeNl!ARkFjiTDxCi7F!7
zB<svDmTVHEW|T{gl4j|11gXGd_d{mNr+sx(H5EBO!$v{eO^%4o>FnSx5`XY3QUvv`
z|3T0SQ-SWG2?`n0(`hp|xKiAdc&EKsSWuHH|4MZ6T2*Q;)zSc!5GGt81OJM>N73QM
zlH&-Sk4t9Sv{A&RhZY($12UL?d`>5cvzG4nH7$<-Cmz;Jv*9FTk!=D_vhePJlZ1?u
ztouLcN$Lft7o=Z^Yr-Y|W7)D-{sdu_E=dC8Tv-eo)EI%pP57P+IqN^&HAa66SKUkS
zzSFKO((KA2jVts|-vCFzjC%BC^_BJe3I!h+odZ*SRR%S~xbiMV*_G(Yf~Iv)E?YK*
zcELBQG8I8S(Kjj7aAMEvL$>TomJv&~*nk{K^`*bOsG;(KyPASN#C_gm_i%ExF_))>
zd$)aJPQ!+Ut0c$vy4V{_I`v$#iFz&eq^ijq!ubMdO~r0~O4!9gz&Fmr@-(aRSe_uM
z&*~4>aOS~A^4A_I*1$y1dChx|vb!upFo5xom06CrDvT-o$uh36DtxB!`)kPP<dJx{
zS<~A@kAOt=eH4mW={>z7c#$D25Yb(Ox1A8M%)Z`TxwqhiS2XhzBWlIo^VdUoj#GZ<
zP_g%f9&MXG#f?4Ox7Lc!%M}*|TX!~{L%(<NQATi1wRfNL*RKFQ%pV8hX&yOU$~E63
z2L;$xum3+xuclAMJI{2Qim`viQn$ANJ|@3S9SsR1I?1r{y1W;HbMQg|Wx9lvYK57}
zNhzj7^~Xd4F&1LxECuy2UCPZ+F;79%2~ZTRiQcCA6dc2tkqK<<b5jyF$~}HWSLnzS
z;!8>CH#>8RP_kANyp>Wi(1t_=S(wV-8WPAVlr^^AX^m!A-^#5uS_98Qix7Ks2<?k&
z)P*PdJmMPI7(tiVLPZ?(skTTmaJ}%H{JYM$YL<Z2cpK&8o!@dA?=|pU<uqlWB^se?
zB6>r@^CVbBc-l2RgH^%kx*Q9grEhbOkJgY@C*^UQz7$Bv-L+djigzCFG@eQo@y=tM
zCLIo=%D-xrlW^rOl@CY!<7{%PT&F|_mG8rCdJvVntD&#@TjY+J6n5e(u(hHxomo)#
zC84X3K%P=JO)4m0Q`v8L#CUQKAL)W}0}rBQA<?o*$@5{!^9JR)dIywi?TWvMUD0B3
z_2nhaK0SGL^Z+~%{LL+;N{YVJGT&5`TzmyhRNgvTz}_4Na`8BloRUP$E<ZWTF4teA
zOX(RHP)<e`KCy)TJ5CAzxGN#0gf}D9RumE3sjVYuD<P1=LZ;gEzS6?y5Xic=2L$>8
zU7ItOHEZ%Vvv05+OLiNl@jHyb{Tt|Q4$QWaUw^x(Qm)r%U>Z%^L)>`oq<W#e7FwL@
zNqJ2iv3hH|n4N}8>vO3Qq<C3wSC$yMs-r=dt@D5(H@Bo=U6>w>|A3GweZ0ot@cL2t
zSgNy3bBHAKpAhL0=f?xNO+UeG=!#z?JJe=x-Ix774^`I1JG51j6XzJ{`!&;Ja1$T3
zwu!Mc7#I#(zI300EHMz@1y)E^epZ2}nQ~Aj?X#Gj{cANGGQ{M_HJ-<En?gIZvYzYD
zUTRe-Z~U|3e(GJ-CmLB+P1G#78U@%B%=SPT;3Vo$Z!H9UBJr~K!rzEh@d8T_r)iDG
zgjg=lk|cK#=iZ_r;}1U^*fd?vvp{<Xh8A6K;+j6i3jL_7&?Q}kuDVKv&JGHFKPYr5
z*Dl;_1!n&ZaWhBK^nuody}O$5u;`Dq`<P?YggXqdZ+cs?1F7BbaQ(k)0-!8NUx%xP
z2DyO;Va^jrs$+p^keN6X-I7Ui9c19XRxdaD_tSOX>feWT-=KRYfcTImK#N@ia^EwY
zQ2IuD=YL3~zk}weY=_cOK5VpSU%C<zYqjT`%9uLs`Nr}F<uAD{_~zZ^E%y9iz+xT@
zCLiLH@{hR9pPVCZv<V<s`W^I@XDHEThMm%d(671Bui4PAP<w;OgsE4AbKU`aBT}+{
zs$fR_l{#IpK7`mK=H4y#5dQ{Rk^|)bKl+!J##{tJw81BiXmIheCG^p4w?G-0zO~Ad
zFdZjPB8dr8aaJd86`0a(2K^jXG?ptKzM#-(>C4Jj*mXs@Kl&@n@7D9@tch|^ly-*E
zisYeVq*gC|bc`4}+6PM`Fu{NxR|NDJDc?{4&Ae!kQ+hg1T;ITnD~c0Wq$p9?zPM|k
zcO6Y+$MIvEr8pRP+?Px&z3nh@3V-47@K8G8?Thbh<}5^`^Oppo5%>3yEwdjt6?uux
zDl0kaVThCA4-3~B$eQ0<N)`L#9ln!~2(Qe}jsL<^-g!SXQ5Fi=KpFiZOCLDMB;^Kc
zi!UwY+T_h|%?ZVZpV00K?-BOSXNF{oGkr5fnO+$hVW$a(y!H1$1Q1{E2$}f$bGov-
z_3}bUdNlE*n_xdi;zNrc^CdPNU?IMyg%+_D0dWvN&Yj+*r>Jo88l}cNPpBg*qVM6k
z(>sbc@y;U&B-52N)RK;Jnr?!TNtB!|y9Y4o4xK2U1_TG-p)I+yEs)^h>~)DHh~b(n
zh|c+N6Q8P1-dL$Ij4b}d^z}_kc*s?=ntN5l0`8XJ7OEpkmCMn>y&0ts5q?PXyAKUQ
zpRE0p*W4lZ)pwmZ)1PG%+?(7C0+T;b`f~K$O~3b*zK@Bb!}daH`M#Tc;1;e=E)9$U
zb->Y0F3lMVF47|;SZHa}E?YMKcQPs5SU#IqkyK;3LRNt>?11a##Mz?L)#fkItNFQJ
zEueKluO5O(S+BnJ8NJ%b+(!-HbZl3z<m~(q{|n?z&Ys4HZxluo{1$KWC!vF^s9Z1(
zYyc>i@-nxul%1@Fa$0lW$yF{Ja@Cqv%g?E7kn4LOsnNtGYz4fEt$<gtI?;%;mYGQ`
zP6eLnDUZAHkGtbtx!EVYU-p-RN&C+z=*Abyh9S~y?ffb|Ngv=h(EH7k+3a0~I0y~k
zAnxIyqh=gU-sxTagmCnPdKO#ndOsi=!;J$25^{_o=#Ci%IS3!Y6g;;`2c1fA)DUJn
zbf;Bt`VW-Jhtst;bi?Tlje0(uqP+Ys;1nQ`*Z)t*HtWrsWm&mLD>Cfw$K{95We$xj
zUaP=Xk@zQmOsj}9VJ$~~gJGM<={nULa+BdYo`dPqY`2ACV&V)Oqhzbl2D|qOk|eqo
zI;)k)TxIknfW2k+)NISuYUnybqOU|jy#T8#^<cSpuvM#2LvO-*qcVB`739p7v~#(p
zOD5N{mTub|hHcsW*+lMa*^b`;%T;||{@*U;(t*DP^fD%$NwZNTiqCZwFk{kVDzhi9
zk?RtINef?)K%z$OcI5?y5fxJ3)fzdGd3Ie{-pN%?GOb*ZJq9#4nkxZheJ0H+m0+9X
zAh)p>7S|8571}%A8HoOFa&PUw%y3K@=VnId>`=XK;nV7bdLP(L_o4?Dh~`2O&+r%X
zFY9)c5}EIoWSDbo>e=bNb{Wj6+Pl0RMY@i-{rLN)NPpn~6zQkZ2Jfy#WH>BOFLS3#
zpaiqxH|U{{H;&?gUsRxtIpa>$DWko^;^H~xFcrLr=*2LvfBp-Nm{*|}<`soD%{vl&
z&rI-MUlNqxg+64Ts4J^Ub;pmpyf3;<#gB87&<E2OXT6&~64BV^-Lb#V|E#W0>x(@A
zql10|-p7_I@xGt6(0lPdv)s|Z7>EBfJ)@Ak#dSyNfvsPMuwWbX$f98|_v;5EK^U9V
zv9C$Km3|3d<oY*2&$?4_l`I;>)~dvP)M^_TNx5QBVf;<ozqpcA66yx^YI{@r7yIqh
z_Qh{N(nzfyw1@qRtjZeA??LmlgkB(#ykD$+jI5~q#{+4VKjk2HF1;`&SId>mK_Pl%
z3L@busiU`*Q3ehe_CCCvUJRiZY-sGaJ+UF)dAZZ{glb;Au0@$mb0rhKv{oY^0Gy*+
zq7Ii^;Dj(Caw^?9t-|Z%%D$RDi$C^x_|m-McpFn3UHi;jJx~bg#Aujt?s2rtIQO@U
zyLj9`ZZaMxrvoC0Yk#{`k|Fg$RYO2@-_68dWfqCul~RS9WU<TJ^vBBD#lnpk1^io7
ziaG?<fO)T8Ik*5*j(mu;zz7S<FY>^>ZbkSPuMtO&e+)N&S2YKn_?-UvU1&5hw)q-V
zMFjefZhJP`_Vx)7yZ4Y8jF&I?+%E2H@w+%d>ZV*5<rQqq%03ft_BZHDj<Xjiw`Mc@
zOX2I+^GftD-0gPp`RqJBg5KNC9!A6a5_Tn+uV{q#M^2}Wjk%IlucP(@tV$bKpTvSP
z;jY2&0+)^X-vOYFxx$<Ta?L-HISdv;)z2R8_y5O-#aAia1&d=S7Hr2ADmRWsHv`T4
zR=v?Y91jXicK06o0eF8fCG)xboxkjcSqBni9?Z_?)qe!Dv^a)Un*LuQh-MkV2fSFR
z*%~&{K5CZPK_qd1%i<%lOgLcV3ZJ9H`IW(|9t!^XSa15h3rv=iI+eIKudDcf1aR3I
zPM@<an|?hfQmy$#cV|CPrQHa!kXN7E*#r1?4|y+`OWuV41s{5bIISjYe3$s9w-)5&
zJqxbc&*Z#mzot=(*NR@}F*5ouH5$ZXSg=g_bz2|;4vlvnU4N|5@F-xZovrdfbfs_h
z7c_O`jCWq?G@U>?6jDoN!ZGTO8$TzYZ2Xm>x2=I9xgrTmd)M2@7?{9W0?xyGx+))H
zIgvNjfc|St-YoH}wOQb+8H0)7kGMY<5RPbvKOGP{xMvgxjiH0iwXKK>LyOy-MnyG_
z1yI%a?ca){O<+8zvf?#R&}ByS%`Yrq6&Amx(cIt+{Y=O}5+MG^bqwsPJ`E7cz;yQz
zDJESNffs>vWfai_6}jqMs4_@bA-<?pK&4&LKI>|;8=bHzNNbg?CCGMXkc~DQ;a@1J
zsu|eiT=VI05k&PClDHklt!w}S1Gf^<%s|0&39{B|o|!VmRA#c4O%>L?vxW$YT@q8i
zFC--GY;7<(Ra;G_Y17H%;y_eNUoWaa)t^tO1ouN`F>h|A1znSQ(ZK(AlX=0Qo|E}k
z>Twrx4-!%`=0a02t{XX<&iz8|z4Ux-Nh9i-wxs2V{*BlEhjW^9W$?kjB%D41#V=+=
z%{-YAuj7huzU`~g!a@MGO+*WW2UvTcYv&F7BYe?V*{bv)(L@gwdJy{RVW=J|f`{S=
z8;26piqdzXT@~POId3-|dEsY1KJE_DRAtXqso<C%fpLQwDq;B93z24z^e%Z2Vfe5h
ztxaizy)%@SZ=U=;>CWC6c5~QffUr0FcP7}5T$m^EYO;7I>4h)Y%Jew>79PiV{c`za
zPYmLFAYITRXp?s<k_jgXNuEXC%n7v5zUvFLFYRLj?fM1!)Tix{K+J}h2x?MkR3h=@
z41ZNha4i9OYr4y!JrK^hZgO(5ZfdzPxvRw8rh}_bP+|rCCCMcls3g^F^3C@Cc9xzq
z;V(#w<A-XgJm^}t@ck%<j-%%(&b}5))eprio~o~nC<Mb`6G&#1&#g}0{~+~Pu1RBd
zI9GpzH!Qt#^~E3kIQ~(QbM<XvIjPb8y6euqHeO*RO{3<-m)ZMyl@=scuCkG>YjOB|
zA8?y|pImyKHP^zyZZ9^qJk4dZ)w~h)M3MWd8h6=HYuszQG|t*p28f6#>=&H)czpX_
z)%2{qZZZ*N(P*g;$-c4F!pg;~1sDrjc?K&8&RdAwUHAYaz%cHRwq&M`RhaHH?Ig{7
zLp5G@tPrsqYspWkSn_zC;*q+#MHNHg8n}*pLED@bW)6|Rjnzy_s!u--BkRi2s`0@@
zy93Yd{Eumeb9xHU7~dD5&ELzwmMNXo^tKPc#%t(bB>SWmo-^$vkuO8xg=?;xx)hm+
zV?^3sEz(KC@wU#)!QBP-3kt^DHoEckSttGuUvZPCZ$f3$%V~U#r&#j)9WmDP$!~ZF
zSEmm){P?-6Be*#yy8aYS&Z@tI7_S;4HP4zf?{>aX|GV^`7!3n;Ecxv%Ix%HtWbta{
z6o?t=_4m<G0I<xA+ck;~xh_N4L<YxlQ>-&e&^FeFEo2<YaZP^K7+}@xs!9A)F||0!
zWIBs+1Tfb-yHsm&_1(rxr&y`;iD7shT~W;J^S6t!ho%@_eqJ%U^NWf@N>+tRu5hz#
z=Ap4QiGL%{RVQhVp=9Gch;!y!RxwMt^_<8om;>cOeB?DgQdEj=w3OL*Rw<QVQ94x0
zkp`=`x|EMFz6^3{*B3CM=T*NS)f*O13dWBqwpvrnusA`Yfd(|gGa)z27cPD%529-y
zV9bPJoRcO$nFgNnaY=_d`EdGb2}Ze*dX!$<j;?8X!Qa5gS=gxQYEm}|B9TW_V`hR(
zi?|eDGBfgsCWI=*ah!c;_2($?eSRGe@P3y%G|sWahux*>4#*sltFlrjuXWewsDYK<
zJw!_PQvn<9=L1&xUr7ww0BAQboOK&Cf*TmYvo?f+K?^6FG>3Ob+-mpR4RHf|G}L<_
ziEQPZH#Gj}N1|i#@$?(Kb{ap1VA*`r!cqFFukuEiQ0aqa1e&X&hFGeoEgEm_d{~Qs
z%yHfR36bPdYvOXFzaRB?CjOo8%&&5@?c`_fWjRXabqYn3Gd*S^(Wai|sU|tML-TUp
zBQ;5F%pyMQ5k?>V_RZhN+V&;CZJ9szkrEMI^t@Z(JA{$n_Odz}jwWX_r8pV=cZTjb
zE>-z6r_!q)D1g%oAL^;1Rk6gVHh|j(LSNJ-Sho!Y^lkqEtp8oQ8(8O><izhm_nCe$
za3q-BUJ#;xGT2qwk${YTw(QG4MO-CmdXVI1%MMf$b|0Xfw`52yS5I^7D*h3+<ppf)
zPM^e2<Pi|uFdRk3Gj*pp&8KT>B|bnjJ|8hj2L@F*@fY;@E>R5Z8)~YCY}xmJ;x9by
zboRu{w#_PSOb>)tmG!s#fiTh%V|#uLA6(L$X3<nWw-sT=J~w}=7Q4;7)1UMbx(_~B
zY#*#2qc9~(&R~}Dzf@Q2G%G+2Ro$AaYTi9=;<;?u>&xV%tUxjK5jUy5olK?@?{D8>
z;rnBXSf+>lO!!dPrZdU*(0m5<U3@Fkg#0SV3+chuP-z&D9-hyZ&7h>5)A+9w6H87F
zNqgKv>l{?A>bTi{xr)Heu1+i@kV9ZJ##mfH)iN|gZ&(q8i`fK$g>ZTWcA+XaF*D46
z^X0Y*D|Yqeo<7&#G!dTOUcd^VApNX}WY1x}oFGA}d{v*HtjGa*!fwa&_dnKn)_>Io
zG7q+6oaV4!!%4Xs<~?j+yE@qg+XM1oyYSn<_Be{{31|mX?$bcqV!+D5gbmsD%-%7(
z?jERGYU#ZJ7XVh++DipK1+4BJCi%ei0jFU}UndWbZLjEDGV~AQJJy@7<dou^qxDbb
zARnJ&6p`0${_9a)ujlEt3f}C$IiTy!OuaeWE4&NA`e5&)JGsb{dy${-{k?J@s3aeP
z_JB<PPnkF?y&Hydqz+5HCwfaF-u?bpPmrMbXwUa?<M%c2h&t*fDTZJ#sl`f=95vHz
zw|krasl@`cl8FMhSnN`NlE^rC`K}i3r6xB0aO$Apx0YZJCaCt-qM?O#b7n0^UE&Qz
zgB?u{Ry^<10(C>5yRzBc#PhD|5zl+I;&~6x#q-866{_1u@x1pPUr@;&kQ+1o{15f2
zzdqmRQ<$Skww$K<pRFI2Z;rtsHn87}K+d<^tN<3~s!(rjBa8OHb?}fGlII`iSLihU
z5%dlEG6r?M;(#srHEDY9Yg7)k<gYvNt9vBxO>$z*_y#JT&uMD5rnys4b;sVR7T4Ek
zrVRBy=%oPO0NG96rPrCS8^40khIlGSY+C$rK{0h4pNrldYIyyGh9?@D&niE}<e2ml
zvMmp)urX{NR_SJK1k<KdJh)m~X!-rlKOz^tJCxYe9liUIt|||G0McKOIW`xp+p^_i
zbsv&n=FqM(hdls0HKs@(7OQWu<nPs$*a*)ZvuQpWB07qY2%+@;#<pz>+O24J*5Cft
zUrUQ7eL5d2d{^4PkWto;mO@+#Us5nSt2F74mJse{U@RTiNn(;bf9*H0v<W;gI$sbI
zKw39-(6n1h3hHf-5nXB4=WMC)qV-P`BU$OJ>MNH?J9aGIiLrk&!_Hd9Y5arTtWS^T
zy4=T~y1N4;*>QVr9?T!EmcIQ5QyBk4_lsK)n4dOtPq+Moa<lI5hCR*_IU{yWnEhEq
zeT50b9&eKUNppKT%Dv{zVayw+X{_GZ+_@(G74Cz1THlmDr0WU)%lSN{9i^cCMqAax
zhdk%76u5^o&+Y^Yrl>Y9(5ypPV~LO5ZGUy!GSb_R`4Iy}FvIw71&AC1OHR%6EQlq1
zVL|FgF_=)gLAm4G3+v|b+i(7HBcB=BI%~PJYTV#>`^I>---0uc6H`S~-0Y+7n7`B`
z*0U8M5h-df4AG$UDvFQHMpolpTtLAt|G_ca>z+l4KH&Jswhm|cqY;*G5$azspz)b{
zJk8sy3pdPv{tI=yZlY=Df652_U36~BIz0dQJ$3e+X1}v1Q^Y!(IoM}~L@D-l;>&0?
zs-0|Ebz_c&I*sgHB(cjru|1B4r>Fa<!9d<VzSqw;%AqgQ6A=Ow`@<xz*GkoLPuQqy
z={FD&qO}y6-d+eFD9F^?XP>0*T=+cc8}mN9<p27!67ge+IaRU5_rv^mMHFY^^DhNA
zukxf-nBua{`yloWynTBaI^RC;uy55(vH8UJod4c=VvuH6-s$aoI$X7nckAzEknQ#d
zg67Qh{(b?t1+)D1Cj-PRyLN}=#}k^4Mu^!~Pr!xA0BH(dS(5?Olv=LS71x<-m}^+<
z2I0<RyOOgjol>?Fm!1|PDsqWax>x#Fj9PVaGFv02!6i@S)ZDY77iWiXiDw(cRh6;S
zEY8|lKYc7Sj{}bccFxoN07F3k1(&+1V~*|X6ihq!qT3;MZ%4BKjCT&K+b1(K-nmcR
zUYT#iJ4@?hv9Tu>J57rD7#n*sdsyDEyE6#)@H}_!*fT;-lSVr>b{;X0*4y0=D(eQN
zwbqPx4yo^7J$3>yk2KKQlVW<W4KPL`0>K$q=XVg6xl!KD9dh;E;*=D2ZOP|NgWfFH
zn--iXDkU@AsnKk8+5D}W4cu5DqXtox<?`kxr{#+Aol+vK3TUT6;ipjiB!Xk=djd8$
z9R_`Fws12yGsQo^HgS?0G<6CJ)b62BAwqB~7Iy-j)s&)G;w09+ry;eU!>ae3P%N<k
zIeJm08}AXmwHq6xpR%)<PQz4#Nka!&d6{2mO+-+eh8Do(j-6QI{H*oNH6!`2{K5HZ
z9|Q-Z#KtZncn+p_DOKn8E@UBkRW5i=wD<ABmK}n29NoZ#%eLbYRN|k?ByB368@60J
z*=^pxw+mCfmspnMBW!;BD@76(f140??}K>j53l<TPJE(a)lN5c2I8lSd&!9m#))J;
zd8Uq-byMS>VZA-Z_^sQNbs9fZ&lb0Lz%e6>7jBWdu_o1^$GTUbIAhRS$HvTL$HSP}
z8th69dq_qOklPmpwZyJAvbdeP0;6RmWDlbyVh>CJ*@ch51d6*Y(^DWVvP`emE0{oW
zW<Mi`fvvV`5et;S3+rdf(oGBBzKRt?dtV70`NlS3O^Hw~Bvh;1Meprq_h#(fd;*i`
z4UKu@G?VP-be0u7d=NEyZ~olqN^1O&bM$7Q^Py3nN-~K0l=u#k@13JufwFwX45L2B
z{4VDX!dT8dN`#K{>^hC=7`%Jz*VA5f)K7$_i6-7aLh#NWj^U%o52UFDlgPcrYMfyY
zL9E7Vdzj(JY8+(`as?<kuYBkS&iC?zHOfdKZ`1~Q<&3z|MC4h{B40zOh=Jnexdo{f
zsKzAV@g1boGw<!6ONhD{G{$)>@C;$YiUn)3_>%8<7qG@uJLj^A3YsYiVz<!|X__LA
z!L)7rU=VeY!z)TT#G-U+$p_A&-W-a`ht0cxRiil>DRi8(<S8|ilm@P*M0$uDi*!&9
z2;G#gB1j9KNCk?fSWD0OBH<M2Z=*#9)3+_2qRB06-?4a#THC8FEW?SXXz-(zK|sY2
zFAZL{9tVI00YJB?A$&>^74<11D$@R*Ar(pJj;RQu5mm9fe=s|>HV+qTl2<~mnEYG4
z=Wfsn<Cyv{X$ZbvuC9Ko4sGeX-ZA#T#++HmP0lJD;?xlOFTc#{)SR8DT0aao>@2c4
z&d!9tH=vAb)R~pes%PRK^{$JehrwK6&G%&l?R%T$e9s521cv3xjlj^N>!${%5aN(N
z9$F*8TIlly%lA?Fosbr3kvpvXDYcSU4D}S`l>1iF!J_b<+lAM&K2EsG9thMtb#}5i
z8Sb5!IwvvlA|KpE`r@)4UsObm+$SMp-QVOPtTzp+dskTGzRAuPNFY*(=wOKg1vcZz
z=YKa=J}1(!qsUDW0XOPQ_;Z37Pd&J1pxa@t`MBikek^kD8hz9blED<<pCa@25|KbZ
zifVMsQ%>9rFsQ`j{-{4U<wrgWh$>-a-@no)s#z`bSzMW;<W<`3u7NG6vvVezxyzPq
zBdd_7g{Q!^^gL#>o2<%~y}-NlsXPhoCWDYLM4V&a^`5_mv@!RnjMLPrl3M@1<9$bZ
z#1Al0c9C#G;?{q^n}lDY28o0dyoq)m$txS*EvgAv8$7@}%{5IX*!k325O8igd{jld
zgEx22BLUl4atEp!{LF}|&noaYJU|=j`@1RFPWmw6D!Ne)WZYXT(Bf=a_6qfzm36wW
zUi$5S?ci?OdlFOgzoNa+T*2KLaicj>84U?p!rfg_DZ=*Ly^F0@&v|4|BV(K~wXD2B
z0B|O5$oZ;vC@;boq<W(jyUkpy!wu_ph7J9&C6gXYL9)1liEG`YTOm~Hw4!0uicnbH
zgYF$vuezoK=<bQp=sPp;zBPDn#PV~e$4cKR0+&*sZ1zNT!0o2|Xbres#S-s%Rfl#%
zeu1@)aTB%13@(*3{-!soVR%Zcuq)dyxW2Cus#3G(2F*4I=5=GbD&sjEyblM@xo!wF
z!aNzPMe#y*T^Wqf7wyKShje#C;fq|xP3=@Ocj?X>N~SyP_2SxCzLu+-40@wY*W$$`
zcBNIi0(2W_TH6t{c8jh6dAVJ|5xW8nUGoKX_8J9Q?hLZDaAoe@W{{iZT$LWv<}8hp
zC~+lPofo<{H(Rf$4`!>?PAlwdz)WA?Www$+MSg5wg<4Pdfi(PonlGp0oIptnM=?L{
z42BGWpesT&P;OB&qq5wtaEKt==ZQVIim1lKRCJQ?1fQd+EHJdX#A)?h>Ia4vEHREw
ztxDucLz>ghk_|L6NAJD)XbaM-x|_WvXwNRq?ocw#-e^~5a**xwnr)4RL#x`vDWj~}
zR+eU4T{PS3{&cg`gK5<)*SVxseKgc7Rjh6R0cJqd!@BqJhz&<dgR=^coQfOmxGDls
z!`06W0h1D^6y^5cFRWD=n;CrAW(H+!W|U4vLOumQs$Yt!k=JC%^e;L4(?yRsmkvm#
z`oJ{-ecAP<9)O#y$!LqcDCGac+_}I<S)KVmApsIVCRifTqNW-wQM9C@O#~!?1ZH$1
zc*hnMt5vL25fa3DAvlR<Ivtl<d)wNUu6Ap;cE#3p(RxV)32Ife_0n1;pu#&22x#S^
z$o#**=e%<ZP`mrz{eS*^K4jkayyt$N^W4t!Jg3dzb(1&amm&u1yhWQ2z^~6i-mrMX
zTs_B)!>79V8b4S@d5f=cB(h=@EXq*iwB0e22bp07Nfhyw|3RN?+uD>2FELNN#B9k_
zGlF=iuVK$i^*KZR;f_#V9<6e2AA6-f{f~n{>XF6ukl-U|Box26KGZX<9%=@=J`KYL
z=-_c`UAMSRn;DLe=?Znf)4#ds8V=w&Cw!#RrsX~Ezq{7%znjhbl20W01=>eaaLFfw
z?0Gxsxal(lI3wil{M(?)E`$-<hZ_=lH=QYcmKBt5&0j}L5^{DkOKFRbSP<odGwGD6
z9;k4sI>w^ht6y@zeyf1~K^y!d%a|<^Q{`LcAwEYI&!o4yq(ZZ!Sy#rK7JJBrLh@cX
z4d1Ts9a3y^&eyn{*F>g(c};wm9P(&Tb?{lDkY=jksFqT_+8?nVVC#Au5`bl-8YE7{
zPH}{znGM9wi}dHbO8)2+aM*x`o?F+@PkCJ?IiAnyB^a0Z7wQ&+y`B4C#H(;I`JiBI
zLKWwUEqqB8Aub5`a>ND6)HA4(F`u;Qucjnhl#qOyo(TeBd8fi?C2vN=ZTh3-xO}4t
zvI8w68Jrqz^qJ(E$zTNpTK32EN6NRL3C7zz1mk09%6p#36v-1FGkc`?#P7P#34O-O
zw7|PxpL0#cZf=r@EY${s3C1vr@CHA_<N?%E&PQqcTT1aYN#q%e;c3(RFe|Qz$+g}(
zI_CRO^aX&;S07TKOamy{@Soho#l>gz-n*||dw7$#>L$0B|B5R|Q+uj)OfuxRp<U#4
zkS+NorO=fhk~ev*|MF`Jq&J&)5!u|X5I4!b@rHCd{meO@>1QTd53?#HyPv(`9NqCg
zFdSQqeq`A)#)#q#l}g>7K>M@2h24cdMp`#`?|$zezmjJ|3#U!ye{muH7l%A?vvzvx
zpd^M+xM*~>%tQPec}V-~*IyBREz)}=Z!L!u;#JZ1@w$bLyoC?xr>mgWPb%Hs_VKp)
zr;s%3kfKQM!0z6I@pOp1HL3L3(v`{TmU~gQUjGijVwx=Zb^LCI)`Cl>O1FVJDKLb4
zo}T4~pNP|@UDR+f3bCB~jfl^_NLVb23;s^Sm&fcApZ&c%4PlBMvDhHpJZPS0OMTV=
zj*H!AW{^H+>M%V3$K`98MPuy9FCXhJd&daZ-hEdlh<2sD-&M8DzTf2-J>>k^x;Fu3
z#e-FC`cmd(qd>KjrKA`U-3wIT=Lagi$7miKc`7sPJNM1t=^{|#u$#y7XQB4`)n)uS
zMj-Xna}2}<Gk=|$bd&v(Rho|M4o;0)Bvb?7ik=GD&ko0rf4ym_bGtwl(2#mrwgF?*
z6$WX(AlL@TuOUF}*ID|l2KzWERM^LGF-7LuComK;`i(q;ydf)(8gVtJ4(6BIqeu-}
zq8O4BBx)|tptTYnTP(S;Dy;M_Yp}6uf~I`A|1w4|%lwy-dJ*OpuRBC9ZM^6b&w3e9
zbPVS$1i~@`m8OWxZ0h%+h(;(`yEc7hXi!FUO18mC5$+VY_%!96uR{mGD>D_&3A46l
zfTv#ZoPyqys7CBlFg~kl2ujZ#!R}4{6@3U2$YdJ{g#M`pB6-i$pZfp0(eys+x>A^V
zHeIE!Cxu=$ynFLo4l}Fg(jd<E?!gO;C_eFtzkbeg{Grz{^F+%?28Wq%KRts0*%aPC
zMTC4(-oUdsxEbVig)?6twF&p0UzAEQ;Vs9d7u%b=1l%@UxD61DEhzC~$QnsQ$$;rk
z$uE}w*0&6sU1Jqyv046pj%?=s0Sx6_9PNcAX?>vG(uTr&qj%(Y*v@ERZ7)v{2rYSP
znI^(_2dXqPeU=lQe9GH?hdZ@>%W|CSaLq>VFKECcyH3H~ige|B+Rvxc3+H5Djs2E<
zG&Y3Wq~vIj@_z2;`>x8Nvvm4x^GdJ+OI*b*LzKD2GPm{yW6c~^{-NcPVDy=A^}B&v
ze!~)J3P&{8y|ZA*l(q>cblo&K@dF`}j_+vsICniV9PJHOuL<1RMgoX<=o5k4TlEbS
zvIT>sz3$cH{2_{cF?8Z77ov8-As2;1Fxmv8ASLy%rh?T|YWjgb=VWoh%H~3@w8lQ`
zPu?GyOLg>Fez_zSEuIv@)Xd9(Ks&+8)Lj48dskdC_v+S$6R|jY=#1jX_HUHpA|X3+
z(&x>|reC7;DobB*>6O{^E0tcR^smmn<mzntRZ8E(RIa%6>X!N0^tnoBYZa`x?8+;0
z>S<BB{J~dTG5?Zz+5B^q-lg=p*If6tZ2Ekq>jY}Wy!lt=v}^T<dt5QE_3BHr`7OO&
z=?msvl9T?m((aa)6|M8;^{Kl<8o%X(lV5IFa_V*0%)gAFDM}cU46Rs1&#mJBJfnEY
z_A6To3g}D6EPXyGc`Vmg9J9PIdDQZL$s?8*B@bI(oIGTC|K!2T2PB6sADA4poNxon
zOOySU4}wt}a*+fjmQ{g>ZC!!xu>cipt+e%J%`mlCy>gSFGQ!Stg&+?zc^IvSdLGcM
z%P=;2dPV1yv4K0M)Fd`a3kMn*%Xo!G`Z@OP{tZGSvgZMZjP+*YpvnP6y#Hd-jZ)*t
z_O4eNQgZJ7if2QM=K!D4m;KOykb*TVIq;=e44wbv%NLfk1FejAE{~ze&Gi7iwkH=C
zIMnU9U>Ow}FP<vD>}&33g=OS|gA^c%I}F7Zf|3``XdTuZzZrylbI|)D6)8E3iE)OH
zZuHUcNa_itrh<j1)`w!ZF4wr(-8iX~-Kx5EFv+ENnGaA}{{s}z-&#}fwWbIP>3WpM
z9J;d4cwwGpvZ3&9Jw+v|>-;Xhmx!lkQtbHcLPf-=Tw|!X;dMjB^WS8$qZ=F|?mty?
zs`wJ{mL)g4t=Sd^4Uh2Zrlr3zt(qF|^WSvL=NH~Iv|3>qFiB`E$mfqLgfpV&&`USf
ztwl_cEVHHp77*fKdfKrhwpawGScX(E^;{_WjhUg?g^;r1Eer`?PA}Nq+dmwyD&kn6
zXc<W;r3W^~9xT$D5b@c`cIqE5PPj{|ec)-PFIa6%mEU=(nc|^fCZpuBnJOSQWII(V
zA(T#7?<dry6MjwtS-)NNfP1*Js@px>RfSwb;k&A;$t!)HE;*C}tkiznt8{7@f>{xx
zAeKW6Oat#D`Q^1m*&b@F8raG0;bc{G>N%u^#(x8%ABx`uB)#XY?Nucg205@2l=<_r
zRb)R{xK2c$<ioF@0EbmcVPZq2n$kl@SI|;bMv`RRR9B*v4B_~FPMTaslc>HSajEhJ
zU$u(`%9uLy!7$U$)<MeKNttA2e{;RqRbuy(1}3k;b0H=phD(QZ;#H7ZA2a=gm2Djm
zj87>`9=)F;i?T(yMl-eEX>Wx|%A~qQRme;?!5~3YTo^sG`_5a-HJ6z9`ztt{Co}}&
z+md49Z;d7|`joA^^M*>5zc^cxFV{w7LBfKFEpgR+HCxTk($!#0Mm4L_)mZkklpR!v
zER1=y1#p8aK3`1obTP@(%9^8J;8N@oThNBiY4zNWErhRQznU)L!jfRLklm^6kwY6b
z#o{p&kASI}xQfIk9+bLVsrR_l+Qf@Wjk%>u+^*DEk+YwUPkh`t`LF&9BI{_{^!_jj
zK5QzR|L9e=`5Rxg%^xR&knBvi{Rd1YSEUODuuR2%adKADwS+rKkf@3^y9`d=xgNG_
zx_88sywt!#bzIhd-@8uTLeTfd2LYNo?{Bn_TfUX@0q@OpYVsgeZ3PBVKu={}7n#H&
ztogH{nFlO$F89_K-vn*dGxw+NFIwZQ+l;Hi-h@z%XX(TypM~S_R!~O_6A<AS&_TLm
zp-tXOMr_=fj)yy#BOm>`LqgM%AQot@tOgLt3d__4if*^~5_Sgmp)%+UteCd3Bj`nc
z<6R*;0<JNAL?s}LGx>FhD|_tqG5b=s1i$1{I5xLxW<oH<^ho)4D=GyLD&b}>;$jy|
z-{f73D4*_q|J>fE&HSuqqD22-@BKR>Ph&g#JwL(k`7KjX%$cU=vWuW|&ip)mN8|<L
zwDcL<Xj2PtJ~oJ)Jw+&e7)18uO9uhVtV^g<?HBF7esive?1`))#gsHlR%y+1Hj$Pn
z<6o<CTFyR;Vf9)%r}{ePRRdb3rTXPv)$3g|talaAdz=4mE6aPQ-nCvOJoo`P5ptdR
zfuo210=<Kx#UfCCq#|sQO34%JI-F?%a)VHbMchO(>{4y$w5^}jZa&~W){=ZY|5tN6
z0Y73##0TrZ+BT&QDR1g9?`p3VfJm=>sqIDN4?(VMEPcoYp}K_^E)&KTO%58AE(S9h
zl+K4B`_?X#;b5BU-U~#&&PRDIEK?`=XR;W-Sy-J8rWLGyp3=INWf@-+vV@fGZw@>c
z&LvDNU2@>tgWP8dW$lj4>~u3{lDGfy*+C9D;Ov-S&3Et1?QV+BV)B`yq1xyhg=y+q
z3tF%HFYjuJmpiNXbE0(YS41b=G}++*jq4DuOTRhLocI=#!Mu!w)i#DMZ(V#ah4T|4
zVSRM+4$!)gJ_aG~m~<J{rjrG~fwEFDAOcld3ueJs*NytfDLQ4gp1V{uI%STY9q41|
zVmzeTtK|?n4k7@R(~<6A_tQ~mBNYrl3xzm<oq)i2k@Pp(9h_Q}=<BfW?y|R-XFrkG
z)MU>Tb6|Dbc_3gMxHBRkPmJP(yWvsFS-dLr$3wp?tg?#RQv&TTk<6N<(a6dRm}c0w
zWh9F?b5oL;W-Lc_8R^+obXRppr(isqN4)ts&z;0inb92mFpZM3$9p;G#%SNuplJc}
zY?SjiU=JW-H8WNItqU<IxJvJNd*h^IRvY2H`(-EFz@l*=Mo+vY^Mx0^zbw{?jj>-l
zyyL$B-R<wKwluNhs#~nvZ11<fL$MJ^vQicVZl>3L1#O|^_|;2B9`6`$X!iVu^BT@Y
zLmP~2o|g%fj$J11df!vCShPu-AoMe%P1|l3cQPml=?+Boc^OQaxRgDKFd*tui;g8-
z+Lb(nk^tk_)!cGbz@It&v<(VwaT|6v00$VLlj8xPK<^|FH2X^+B;P)&migxh++Bn1
z$E42f2oi}2CExwF8}093)MzvI&(7YA;l>8Gt>|KW1uZRMr<9g{I;)ueG3X~>F@5IZ
ze^@ac-4!m}&~mJ=o31q7^y1GVnKr*rUXYL$RuhMc_`<~NUMki4jxnL%1A?35#fO9o
zyYMWGAN1OyGIaVcC99eO4?W$mqqwv%(0(;}a^n?;>Nwew<})09wK=+yoFz@|PcP!S
zwJC)bwZD)3d{gw9hRB8^$#*GNPQE><p>6lNg_F^hT-C3k`|SadcP2HKzC+@+`4h==
zdJ&liHgs<|xci*}4d}@mN)t_`FE%WJXJGr8qaiI7Cr9&_3N{RAD&5c&eKD!_i+CT>
zSo(59G?8V(LeY<!tN+qmh~fF}%0T->$V;ZS@39(9@e6h~L_Y2xxaBDKsg1<>=Ql;4
zZRk#x@a4$GM>NUT)Ps@b^^n$!DUb0ez1c=mat4W&E#>?j+uEqA$LiC|`gBry9<elD
zrG%>b_8qOI4ZmY1b|2j`l)r;o%SdY(+*I>=WAx3$PsxS5vfTgvA09N+KL^j9IcPYo
zR{M0{gN8H&t;|ktzJ7AaW+C%X^m)5zb}F~d;_on__+hb7$YJfcW(a$SqOY1|cQwq7
znRfFq+ibgen2~EyEaPr8>h*nWUIP!!ty+||wDD<9nap$Y%q|>1WHtlpfour)g@0(d
z+IR=aU_PHX0NmJI_qT-?id!lnmr?n&r7X<g;WHh_u#HdRZcCCJK2IGBRjSSH@jj>`
z@oftDz6PizAr)_(on}A-?f;_MB-c8NtRM186uFILQRJoe>$(ks0$Zi+vEW-MnB_`k
zpD@2l0-eRcI!xwQpAW{Rc2UH_mQph*>pUOnlX&_R&frlLFOZ5#-!`ivReq^5Q4%w4
zO17>}5);#~>=&yI^*?*P$bpaK%e=dgSA^tO{lU=Q(qJl(10Z?!{hUDsV@HN#*KlhT
zQ9#z2J|-Q1$IgcdM&TXzu!fe>eNi{l^AThO@t0&foEp`29$m~!TM6-X{H)?xppdv<
z1e|KTzcN}vP$xH``a-N-=MDaiW3N7A9rpGZ^PdIjJo{j&r~LT(xDpVaEr&`igxzt6
zBnqR=hCR%M(_T0P>^tI##e);~jA9u(e#&3NwsVh=cIKht5$#>qpP327Ho^sBTZlU0
zp_UPOLD=442&6WSI6x4#A&En&(hraZwL|TXyMbxxKc#1btY^jPp1pLqH8f-dh<tFv
zBWw#iSNTKOH9Nz+(K;!_eR6&;g|=@bDNGmL8K!@@S=#L|cI%KtE0qhG?22}~s==Pr
zz2Jgms~-?6-Su|!_lG&@<-7i&cwO?CF(*Txb<7EhS7)^9y?v#_QbS5tN4MuzJpYIW
zi=9CS*vRwC)RDr12D8TvMgD?U$4h}*##XVgvG{T|l0pxz_vYA7?$!IJ%-!=xYgO0q
z*H-oWBeSde<>>0jMv=P45n%XU;_KOj-8ceD)jNQIdyS<%6SmDC<1gyQf!!MqR@A-T
zNu|3=w@nm@Yds{<NR1p4H!`qoobzrRQo1v`D-{2aWpu7)OJvuez?~~sXpMq_CLG>j
ziFpwcLK0icqa0#kz^9t@+)F~J?v+4$(!S&Y?1*&y_m7Wa3>N?W_H8`cxE}v(c3d;|
z8CT%eO>}^9^ch>=mXu2u(C%-1f%dOaaX9)W<7maA`pt*w7i+LO(Eh{2)c5`O@Pcd)
z&q()hr0d~?5%uk<MT2Zc5<0Sq?gDCAgs>K2{iOP~)VhV|+M=)w>)|STCpDF>A$i;U
zZ`cTY*v+m{Y0nad!D1Yf_)j{OUJTdkK*#wo3W)~(u&9ltYoa~Y_L5W^jV~CRJk4J+
zKYRNKWtR~wNA?Y+U5$D9=Z{>`k7BeZU=66<LjP_#WDp2Ou#oVO9m~iQivEY-GZZzj
z6}s6OtnM*%Gf?Pe!f*lR$^6BqBpjWk=q!jC%&#QKdtk=Hc*%1yBYKbhBdibTN}yv4
zf9>=P6~7|hPXaIl?f201fy({f%Kb;*a-UN<`RE>~T*S)hiVNB+nm^LoJ89AcgRJm~
zev$1HFV`uRj5%E$?u1Lvx?ST*`sCpDpC02eaU%H)*k3-BhggSAm%qz1fVD%o8qnVn
ztbQeMYe8kYirYUtQZu(B(7v+5Ixr5v+7XCu2mn$$Bb)L-YVW$ht(`;R9<|r=!D=tz
zGk-xDK&ypKuxViTrh^T%HnRO!m+oD%*I3z(Z;>Z4lcqQrV~!3q1D~@Qc(cC-<ic0a
zWR&QhE%0<O{mkB%?L|6IJ<sVGTkEe}pBaP979<L3*=Fo+I`WUr*z+P|4q2?^(Pr#B
z1Uq27{)~OU>;N<N-a!YPu?r~kX)|^zc@oFaRBLm6=NrL7xWK$wn_*QL+)S`p^H5=?
zXF+#!rr~C`X3gDq@f9V<`@h+ZnDp`C1qBx4CwUlO2XdyIphW@)1*1=zWAV+jO&v^F
z%jQtb?Z((+%bCan;jN!jr9WBU=g~0hWylT;)%bu*8lqhwB*E4>LRT9^GiDp|GU-ML
z4EaYPS&v|;C<bDs03uQ^P=&=%FHp6nv9xQV6Of2qU>D3}JS>H0k8_b;Qmb2!O?<JO
zYCv2~rE43bU3_iXAc-xLACKHXd!hQ8*)fJJGQ{F}5j=nWd9)#Yhf3*m@rb7Ot~4rM
z$+W12+`%=p?OL~R(mul@dE5L8NEX#FJ|YKEgEAYI>@svbG%=cn4C}6C;tcKbt&Nrz
z)FjVkSVNjhyBifPc2J;wpz!YTX}sIr6kU^BVE!?NcvZD9Z-upygL>2c%gx}LeNnJ2
zdZ4|RV`4Ids=ETWJ<W5V{dxW-ehX#@bo_!xW~b$P&DNyW`Pye4g#$ISYr}Qh0v&f6
zbb)ZrCC;r$Bx@mQzC_Y8!`Hc=fJ3!3Hoc5e|D?_A<u|L%TynaTO*%wbId{?5L=nXr
zVn12Ib82Plg{C$AJdImBbF%FWNw+hLY54o?9O}1ocy2p26l;iDJCK~=h);|vi-?4R
z)5z+FIq6H&=^(CNo~5l@reF9OD4@Notlp)d(|488`!@aZuKM&2a7fpDFWF?@$$`a}
zre_RJTc#o_$Qt(sD7nmVuwUw>fbR)PAjzYYgX+X8`G;Q(^UU6#1RS+z>!ZjhcXKY1
z3UpC0x}=RNlrG+j*G^ugM?!TZ-$yizW98F^TB#6sZ`6@op*@T%w4KhWp<dO@roI{B
z=(RHw<<RVW#4~S59^&c$ng1%{84U&Wcj@6g+6*LzX)PS$nYlm2bN)U%Q;4UWA$~gI
zxt+@8kJ}gDJP9~_D!%zng=TU8tlvd^^G9;FvS}?pM`Qm_@XZQ(|NjxbN#x+0mki&$
zDtt4Uy`B$0V@b&&Tt_<M_g^4fo`{sg@^A2Hv;J$x)fnOWABUeasC<9$a|^iiQ{m@K
zb@2f3b3}F|pGl8oy<^?}_vzIl8v6eqe)<WA$9}T{Bu3244qZrM^x|YRcSbL2A-g_Z
z`fDgnm-zVi=|!T^(WNb*w=7+v7?QVeJ1o?4q0s{@+}9}PgW#7<sA1!ehJ*A`SRi^d
z-R7>^T+Vy~eEDZ-!FY*WzFdgxUC5t9WI0^9_@}PYU5<U~SWA|~N|3J~7DS5fhN#U<
zn(lHifsI!=tgmPW{kQPfKOv(|c}DA(<J?tz&}olnzjqpq(wUQJS)lBmstU_@kGrl2
zyPSKJ54)T@?H9i_`)%aNYS?A6UYmuZ-7xdT!z)ijmhwieGDmHiQK>&^{D=0<oxm;i
zldJzX=<EyAGIVyxBu8gEez+@@%DJ;)&v0UoecR|4%Fm6bW|g0>94w-iQGWiIPid-a
zWEj$GCxJ$nqYZZY=aXRuZDd&VI75Tm7->%fFacCtFeLE_Gvu#g0gt$WjpGMjm$hWj
zQppxmI+HH{{cZdGcGchP_fCt*ttFF5)TdrCN%b?y=LdcKR-0dEP-TZro~QO|-Scd+
zsteK6W@)%x$~kOu_<(v}+^n=qxCC(mmmrSe62y_@9}=Bh($lY)4~bU?gJU+KiFhHp
zH=!|_n)$|w*_oaTxy+gA8a~+!Gh1wIK3!Q49}?vMjPwfpw<f>P`ZJCG_!{q{GX1*6
zC=d|v_JnM|{#2INuOIO#-TwbI1YC)gaduceu50%}7X2>mO1xd97gRF48qsg<9n>1|
zbx~cdLlc96Bhw7-fG%Y*RKD_Hr3j)Uk}H%=%7a@e2$J!&QjfD71&KI+qI;ccFjp%z
zVIMSQTB$Ek{>HTaOtjBw4oi3XTB(Y}=V-*VQqM<sCQH#bHI!~cuVk$`J=FY>k2B+a
z^h%FweS(oU1tAtR`FqPqK)rOY{p9MEUd^hp*9&et%!{HUWy*quH2;s`@Slr%Gecd0
zZ-1XhV<RqeXjp7SAbL59jlMX%cYeb@6C?axL*7rp-y_J9D58PPD)%SlfU7)8_EpmV
zmZ@_YI+VZ4Z;0l&Rep&_TjgaG{9j+?@ig+kwaV3|J$!ZHkv6i$he;-l_kUu!4gygg
z5@+_w#CGT)VZQuD*JT+0*rMMj`so(^=RDe?U*p!!E&9)Z!+&(qb+5#yEcy(xBy_V{
zX3<Y2CB5j<akK_(Yp~R8?Xi3`h4W|Cxy+*HYdJh2F}LV%@aXto*Ofelvu*ADD4aiK
zYx_!$%+^jToGTJj)pcL5%+~(DRT(=*D{73^zAEEVj++A=MLKjwWsFXueePDCF%ato
zBe-xs-f2uzE~|5gKE>`b)<)!an`Pw}JfZhpyo=sd3U9yyiB(ZZRZ(Fb!WMv-bSNte
zUeVu5kp|+%qM1H8yBymUC#AiIx`<E^tbQ?Y>woa<z{(I6G3tTXpZo^J-GiWYsOsD5
zNX)+*iw?L3O(<`7z2JbkGSf9)5Xjpt=7KC(O7JejE~wo_EATH77^_YXn~IT$8))>5
zA;IW*2=r4coVx)wwv`s^h$PHJ&VWrjFBqL#;$kBuPGLC%9W&5ESpdVN+Xgym3q-%f
zx9IbZEchozI%BIh^bhlzh7L~I0=LKzkq<g)%bcs=M!36lyE|zMba>FS#J98!+~Lvo
z#49-zZl7%+OK{r;!_huv=RJQLtQR$NTlp0pZ5!M}!7T1GotmR?`)q^W`Ty;0peqUg
zZ?-|M&MtQk1lmR9Lv^bIxBi>Pfu5JUxqrc9V$Vk$(fIs;&DP-=q%jiv<V)t6FYer5
z18@P&h0d&AgVY>o?tURU=jQI8l?_$k+`jXsz$*KmSM?H51z6sP2#Pxh-0~Cc1IHm8
z0F4CPJ(cnHsy6b<Dvxv1{%8H<BTnjN5)kiy^S^PPit4Oa-_f0U{L&SBwg)}ORgO%y
z!O5hJZJFXHouTr+BGL<$`356)81~;mS_fLKmVj33w(|^4%_4|}@Jla!NOvpEE((wI
z(!I2*QC&@+g-GO*(T59<_6^9GFUk%ZZ=&pi6J_)PE2<%5)}2+Xjy~B5uwy7AqmQ!W
z@H|tFiZ5n)*%IZ+N;A*Zh{wj3q^G_FQISt`>ci1_@YwT=$L=LfCLWqw8C_~(373qx
z7o0=9=|w#S>~|S!I1iaw4HugA)=GD_xEnEM4<(EnTLS*v|7k=sn3Kb<Bfyib_m*@2
z!1j<3=`BJ+j<#LLV{-?FIf{%4yqQMi`bABg)koIrRAQD+CEmhn3&s6Z-p|o#*IOK-
zZs1(vFQ&L3Z*a<~#ClF8)^jSc!9QbN%Q35|)rUF!-ddSRGAQZxn@azTK0Y~!XH@pj
zG{Jp{0yKzLADTI>r~t<Y<K?@5$(B2Up4!>OU_JO$J7<7*k|{mFp9@#Io%ekn8DL8*
zogBjPgbW-U${M5*N7wkLFPU-fMuYGRdbyvm3JrhXeF6<<Phm7(JEr0A!M825(X`%R
z{co>oqfmMm{^3X2UAXICb9SNaww@+IE8DQCk{=3TRNK>3VQKM`UbFmLz1M~yQ`c&c
zpvb1u*H|u1rA|Md#2C&^rHxXiYSc5ovcW&?a7GcsteaRxte_J7%wE&fg$thyMZdR9
z3F(t&JLYJqbo09K5S!DRhB?anT{@GHKUC{hCOESDltB9?%0_lq2Rcq9*=WU6^qf7}
zPg)7LCr<;VeA`#)6H15gdUxBv*)LdJ!yxoriSpvB)Qd{%1!poB&PXp~^`aTmORWjt
zJ^g5#_b-=N74}VSPKI8?5{Tzu+Zpe{wiEAxG+l{QJr?P@K1<WJd8wXi`Htn)X|t(g
z9-$l;B`#N7at=ExvMs2SpjL}^zW+AFY~YAkFD=dt;Tu|J+fFtNdoR!FY5HMK`qFf|
zkKTm-mXRj(Cyb$YmDRgV1Me!Mcbh%lRiEB9f%&H-!$5C-SdKG}_q8{F*_fxjIkgB#
zd!CkrK*OdB6kNF*j9)wn^jG)Zf(d_L4Y*;f!=l$vP{#JXbOc2DD6eVr=@-Tbkvj9~
zpt5Dnr`!3YmDB0AR<7QD?{v{dgkbZqW_<}~Qxu<_LAE|3CHk89Qw$RBh0J3ImMZ@y
z{Yv~ZZ=lEX?oJCniiZ^ph@e69zcI&X{!+dskKp}6_dfa_-iPwu?B2)n{`hg!?(H3<
zlD@%QVL!ci|9qAV=5kbGi9!tNZqzO^QA;hpGL)n%g)Ug4UTV@m%%AS~p_xDJ{DmX8
z!uc5ss11#jImu8=`FsDO3=<!_qRj6|D;-H1{uE8x;kByG5;A*(tvhDF=MECRYQj_}
z$9nG{WTTe#w*R3_A4Yh8-si*4Q<y{1N-xe+@-XkAbQXpljJfCy-p@N+q>*3UBh$cK
ze^_S#zGSnf@kHfMt1FFGEYqN4oy+wDQV`?@%G#7F{L!i8?AJCWr@zWihE0{{=b~U2
z!RR=gQx}%~zJ%OdCRMXV%@O92P$Hq&2yFYj<eARhz5N7mA!$J@+R3odd&xdj2inW~
ze0bPC5CgK(mV>AcR340ttMcwYO9tj{kM3jZkLXiR0f{~)Ra83>Nwb});ObAQV4h#W
zZ2L{iF0;7(2aowNp{t&%<%Xe}Ejj1;liO}QaV-AoBiJ{=6p@Zs*COb(dg1YNt7f;3
z$T;TQb5Aj2pe8Xob3#`=R~w8M57y3`p|;q0)+RX9`Y`OA!641>U?id9!H<!npy8nb
z33-$DvHv!28JnCtn6|vZzF200r3Md2_Mqv&O_}}@6Rx9DWVNi@5oFW`osIy8SuF1w
z_XIcYRLz#;LD-)%#vaDFtEFl(^3wRRjkVib6K%T(w7i|TZ{Pm8d0=zn#~=r#yY4Oq
zO939)$w+c-m*6F5POK};$x?NRIZ;=@>^XB%v!$_f-dMXlnfX-s9d8K}(B1`T8Hi!_
z!`U6dqM!hnFoXUH#*CAbJybLJ^rx|CoOB6Hdyl3?u6a_X_&jVgNGx3URv_|QJ_>ng
zHuWz()5gtO{QfT==kRb9rF9&$j9iJ^RE)7#+7fM@E;pksfyi4VPsShOME-<NEaUGv
zC$ipmx^oTOb{?d#HswA1hNEwp<BR-+0-ahs@JwjupF-W66^{PjzTkK9CcbNzR#3(o
zbr;uI=N>!Obx!>e1Xd)zqTHFDoty62S!57xo~iEDs(ZE8y;{2Gx+AY5*FD$WboV|`
zmpf1F+r7c*?tS_1bnghidy=tT_iB|p@(EYJJ;#&wNu~Yzn;V#@*E^ejt^E=s$9`P^
zmvo;l6E*An8MWq3*>xxQQx?{){kyB$UhO9C4C|S{s-L5nFR4_z-^6z`=OTNTj>-xx
zhpLdfG9FaP?Ky|=@jwVn%n;i>C)U01u|&B0KASZ!$~~&pg5)=??M+qLw%x_1TTSy~
zZT~YL|EJqVU&{cm#B=b1dj1EUTa=4Kic8dWqhWi9de6#a?aNo%#*4dKL9x+Lqyx4l
zx2L5~)|dy<@fQLNg`(#4aVfh1p7BhSL7@t!tE8u}QZw)ajjfE9((`DCLj464!y3M(
zj~|ka=X3S^j(cv>^Dp#_B25Y~Dbk*@-@B?_wmcV{L}R09temp_qlJx~*B1NUUmfK#
zf%+_e(qgNv!X-y%S78M0=Rv@5KC01W)=0j)TDs@i+YYi2zy?^Zv49i}(AfY6_<5j!
zCb1wf7im7PKQA7Y?ayuG$m>r#AOBnZ5&6hCz~|q)z*$W};vKLr!sVX3;N=GLF!(1D
z#$cA-^H!v`+dcD}@Td32@8YGu_orYcZlTaOCzJAdd;CVn;;jC$V{z*9<4e3oL&THd
z)<;|i%0lsfU#5iEPxTY7`?&RnwAUmM)Wq5YPwA8y&d(dyG{vRn;zGPdge-*re*`y!
zGlfqAP6Ia?35XlAD6XP%MzSf3`De4M<?cF%a^cvRs>C(Q2@h0(9DR@F=6pF6|LMIv
z6XQcaK}3d5_v-ku_Nq2sn`2)qNgfyJT^H$kBC_kyz-<ykbL|INJnx66iO>bwou*h`
zwDN}ZmITFVo!WA<^Q^VBZ;)nER<N$Qpq2Z1{B2h^xOG%y*TpT%m7<12b+@Y@E$zvJ
z^XwIsDHac|#g%G)Bp!Szvil2x+h$4MYJLm_%NR=F?q>qGT&le=g+Jk_i;ftMwE|g1
z=_BCgy1lK}i|8ZPA$3EOvx|~hi}WXVIs6|5@LG@(^n0wvHmKdBpp@pioq>pyhryow
z)v#;MUt))8H8z=6iPcy}&Wyz4ePtT1iwZ%1YM|q3r&RK$ajlHHRvW5&6Bp3HEjRH2
zm}nUe6a^yJ@P=$Yl2f+Jcoa`GyqP;rBj@o(1f?;UvYyUksP2t0%(?N^9kTzmTV!5K
zgVkiRFba=R?D)J!u{97$K_Nu5>&b28xZYQfabJ6>KaiU#r`rSS6K@zH+ncw$KfnOT
zIozWl=x@6lU@(k-FQ2$XV7Pi>xBFgHABtXN_f^zu@1iLq5?2G7^%?v*Lr>?;OT0iM
zHCqU@6RhUm82<#lnlNlyiJNJmzVj)Da3Vtp*1fCnE@K0cTh;x2$H9Fs;1{h%I|ap8
z)F-b<cOUUARX#4K`zNKl@9wKl9IgNX>b-Ntx}iQCy`gXKbN#jw!!?__1n*6Xnu6pY
zstm=)jWq26fk33g;6B0I`Huh7Y|aioVuOXFMBbpCP<-laZA{yzJyT}`&2W$xEi&|Q
z7+}PmT60uYr34*kIFS5Y-hN3Zhof79)ycrE8#OU6CWD2^aD3d4L){yTH4Bxe#U_kB
zEq2aW0z*>M%T60o{S-cSYlZnn<HyFt1b>KebfC#2Y6wy0zSs4zygvfL?g@o0Kfw2I
zqP=!VbPuL*l6^zRMuttQlh=JKd9~YZ@OVtzd)|E9e+(dn$80elV7mNm^)*nKZL3A9
zY=7J8hDx`PODSYX?#tvf$s{qInW@=gYDK}nW-_eHK*h<8Z5au$44`^2SE{^eB%@*(
z0EzbBX|?FF_DeW^0~2d}GNT9hQswV{mNKzR7lp@PI?qPZir^1++2{rFDZ>>v9G~zT
zisEs!HPpSSI9$YyJH5ebZ{dhgeDMsT1reowcpIA`RsPChhZH2a-uE<XlKBrs2R28q
zDdB&a=AN6cr-7I5bSOD`eq{zNMyHQ%j$SubffCpr(`p%?FnUAux?m`^Dj0jzbw7H=
zqF`#;Y>}?f!RQSLxL4t2eHEV7Q!0bevq?LBETN+Dr)MJ(_&>T}hVyk!UTWLmcm|uk
z3gmVzfheWh1{>(Rz_y~N9~M1)`8wnLCQJIwAZoZ78I&G94dT{b)n<7n&*mF5dfGhH
zYK!2(L@IN5Fatuk`^K>q;_=6h=I=RU;j7N6x=ebsb3`l~4O|3JfQv0bdU*q#htWwN
znN@?Q44M72nueQR!LR;FM$&T@rJW2=3md#3<c*A^ugUp&2;pdko5p7{Ap&gDGx6G?
zLI~J8ktp9xA0fad){9Mqq=U{9@8W`QaGBR*|H_r8s3JYjr>PU!+P}#sv79+|u~OOi
z0q8&o9*|K9rsxWGKh%)zih&YKp0g;YvnY<j0s^xEfjJqR%5@?-erdl*=feV=RQXi!
zQsNBW(V5-xUFpn3#X;ubXu=z|XS?)W|2E0R3o!2KllPQ{u|e{p9Q1qA;~l2gx`Ha;
zR21l^-aGh<PXA;g!B}sll|-pE=tj$X+&|G=y#Jm2Sbi56Xv=Q6vy*KN_IgXLi0$)c
zTs|S<S{g63)v<HD?Dgi72X?N%brLO@a#<9EO5vdQ=EKjiXM|wA&uQ_C{Lko}TL}5~
zoHF1=`to-i!v|s;nCI`R`-sx<4WMQ&*3STWjs{~(mr*0vP_gr5W8ux41VhyI>&UL7
zuR8?y`%!l>&`XP#1Pj-sdRI>=E=taq08H+U-noQ-lMc4U5aSEf18^%gPZ+dEY@P*|
zYI;jZH!7XuxqK-*S0H`6wJp!(M(Qp|9>U+kWEp?^B?s}hI9bf!{+S2|^_ktc(uaTC
z^)TQ%dPExjTTXTJZnsJN^$@{+nHtIQOBTGA3HB=m`)I(kPRz+48}RJ#{<7J?X2C>(
zO`rRf+yv&k-iDSuwamtnna9zmim_aT0xTP{Ww@oawh*&U45-a_fu)@r=(voXm6PsG
zRQcAxo!!6fH~N{Hr>QIO(7S=g1U>YgWswNO!r(V~7mpRarM|lNTdzw;{qh5WfsYg{
z4>lg<O<DS5W%lIJqtpJP{QxwhMVoz~Mf-R5x)$x1Hc%~EgTDyOxs7EUeXb8Y^fJH*
zd;}w_aD}>|^{ULGU6{C|Tx-FKU0a@6u`lPW*s&z{$W0`F#Vm*-%ooyApA}Oh+4@&z
z9}_<~T$PxY_>iQn<}b!;HQBw#Zsl&}c=@?YQIVfVTi)v*C_|t47#0v@$z~~4ke7ml
z|Nfzk9J%T85(JZFyoF-l*N-GAYiqAJc7oPz9zNpoX*7A_a7*ISdwJ*CAx$XqcpJsw
zq{fpJir=a?F;SAmLp}Ctd{ob^YE%ExEx9V6K?_dy&3s_?yx%kNz{8<>o_>NbqmI;L
zT+sDVpyOL)k~l+x%x}@_nMp1LT)zNDW%|Qd-Pm=u?dDg|Qn-r@7sGwn&5ehP#2!fR
zV^YMo*@l9UZ&Ns<&3m6AIXFpd<I$g!QU(BU1Ue?FRxnDXP+bu-#cXt{$8^-#3<$P6
zSkk_=n?1JiIeC1JJ~<S7+=}Gh4BC4zM62+PQ1stz)tH#?Q@JF-Z_uJ9>KOd6awn?&
z9Q$BP_H~XBBD-!1wCiXmlgZ8f8GK7$-r5w3J*4_W;~x?S*E&ozsmvQ6-@~4CUt%^K
zu3ZhKY%vq_SXom@XZ+j1l9iOs-sgJ6f$noneog)e|Lga)B5!Lrp_ok`>>*dR1|r{s
z#@hIZs|b1ZMnN3?EQ#y+W=z=+hov`mpuHU{HQU^dDQo6apEyEk{S^mhGu$=RGv@UW
zZeHc)z^yE*=YLSSv@_g&klK*heGZ+>fVLl2E;qK5P^3ugk7~7O1n$AKOf{t;?mKlp
zgCB#-4Ro%f>AZVOmw@yP`kxjT4D?q}TK~kS={d`%-9FqWYN`W1O<xl~HRjoRILvlq
zm&*E)sMhf8o5!#4AFG{~E1hFG$;MFr4LIbA?Y`aHP~ms)M(dsrM>e`_$3DczMBDO1
zjH)DFR3^SmZf$`GqX%!md2jVb9IMsM#%=3Wj}T>->6dP;<+r9QaZ!ni+MG6h$&ipT
zXs>jvRQ=R+Jhh@w(w1y?n*c_l?Oowq_PIOtM~elC_TGOI%L9w`Az_^(355yZ7`rUc
zevoz}yNT6zykIC^9N_ATASQv4^K1av$A!Uk91n$YEQj5%mpA!nG5%;*Uywz{SQa5z
z{i?9{XdVfLS{h3IAsoLlWvZBP^<R{$QlFw+ytq0P*_CP;gV$$&?nk=&$pzHo;=t3}
z<ebyv#S=n>FPt79{)Hfc;UdemDw(|N(|HM3G?8qlai3zk!?Mo8QpIY0X?_`B;iwqO
z{C5+&-3Vb7ET=tJ^Ae|J&2=A0BUEDD+8GK=`&j)71sXpN*1fRc^Ud*bUkEDx!pMQa
zx(@=8*HQIgeKoSM;gpdBTCX5fX|S%lwKq(Z66T|9X%I3Hc}p{qdVvZ8kvk|r?<Uz?
zeuoz<OUBhTp3>64pyj1-(W7qK00zyOnhwVNSwNIiuUZdF9-(}ixKLq_&Dv3l(@ArP
zs`xbKtkx~R1UV!EG~>SasVg_<P0INWx*MOfxXPy-zh!3HZmc>5im5Xg=3J7p$&K4>
ze+VFg*o(ybPs0WzT)jJR>qL?`X`EPqG2NF8UOpmJd18#|F3_U9HzbRx{z8*EnCfmm
ziQK>;rVsn}kEw7rE=Zh-@MO5}uACY>^J_eFe>M8Y$+^cDL>uz2>Rm?F(p(D#WJBQP
zUe)W+WcJS7#GgK*BZa$VcoMWFDHSg_lM2{LY?g%X$dSfirVg8fNy7MPf92&d-fhPt
zr%=WlM+>lUg{{>DA2-|AM@c3oQ6Tag9wxU<IQogeKi#Y9<Na^zL}@+IFFsMlg>S4l
zcWSueC$M%_{74@B;!+V&d=bTKUP2#(5Yimol<3g*CqCNRKkp#)IU5+DTIH}ts=R2h
zR3jUOp0?3a8a-)^3aCzdsh9NSg*8t%NB@@iH-^o{JJ4M)mv?izMr0GIRfLH)q{{Cf
zq&nY1Db(6O9Q`mkjz7WbHx?c%@?X|Aq2h_fpQE2EZbQ}+kvD^MWX$c}Z?<etC5lj*
zwXQ?D^Nz6kp9)1^5jrai7QSh%pq&ZR#HaQ7fx_ke5{B(NHX2Rc<URMAKLz<6-dm~;
zZ^8i0N2c$X(JVSG81PrUA6O~th7B?({m?U%`LrG^?^pA5LZJ!J_3nWtV5t_?srAHy
z_NTAEB>D`I(|EmcqJjjq?Z%#VD%)|Qq69VI`H$<0BJhm05=8_~BW{{Z!mvhbEbT6R
zF?l3BSjTOwPU1V9c3_xS`Vq0xN(qzJP>TD1cY9asT;F`S{Tgx@p7u?~M&?G*3AiXa
z7DOjV5S?)0M=isH7KUTtu(lh^3%YJ9OI&RbzfF3qOZAAs>tMQDUO>R3eiM3uEb+X@
zv9Lerz*w(t=YnH^%kivr8W>Gr-|ekIhDaPi6(-6jFKJyTywmyb2BtX|ozD>eQ@3ux
zaoSdu4AW7)EH%CYOdx8k03rgU%B1cdNR?k)A}tGAK0NkM*EjYi<n1z(wT-<#h#Xw%
z)DMOG!egXccM!RweIJPYtU7xwm9(x4RlnIX%~<+by!*1=ugjdQSGV6zerUq;6YMed
zvw~vAH6#yXNBDTTf=83%enoJHwC3qOZ9O04L8c*biNM@>WchTMYmV-Dpr1;YU=}60
z27QnVtK_uhY;|!UzPy5FFHkl}O1D~WFoxvl;@b@Ggp4SvF3jok0(Y9$OfU8N(&c|a
zwz#uujlDSOu5(&R=k(I(#Te9I#|~f2IIpM-N3TJ<dL4CMgDx`7p!u8<%!zn6b=KAT
zpjC+4la{8<;Qs2F!RYz3sc%l;&S~>{23C?gaqNewR1Mfj=$Ah;6K$Yw!tNuLZu&8J
z^l(8!y!-<_4+|Hjf^~a?foa^{T)vAW@7Hg!zIJ*ZpSbu+Q$;NU;DO?YZvhxkUHO-x
ze|3`tTSLlwz5ahi&2*9X(=j_z$@39|xAvMCJT-zCd@8;2{`9ux&I0a9znyQD4<?Hk
z-eu&n+P&RJV7qm&&<|qUeXpDTs)>s2>VZ{1#SC*PK9|XUN#NL2S@4*9y`yInj<dg?
z_Nejn-t;XR`8sdJVyC@og!rSc()9#wG?%_zWPq7YIdzrYtJX7yBU{Bzzzjxp_aM%(
zk-Ynne;eXwJQ~@3;&oqvC5e}Bk4lF%?pwjaS8AS4ZG51R+Z={3FMOadIaJs-S;EZ@
z{e<;I@==KD&NVbc^Kt^WatA}_={2Z?)g^Z~cOxOKxIu=?Mx3Y`?|<$?Su@&Ftpg%#
zrFPh8wh+PtYEpigKuNZI<LUv}7&Z+_C+%9IDFz*Qx34#4L`FKyjaNs2QrO!Q+8*mx
zO@a0csM(Yg+`sa@Wh9}=18FE)sa<dKFULua{X*c@L&%uU;y&GGpS~2h?PGcnjy<N*
z!MM5IsdFWPGJ7`7k%_C>cr0S_gG@J~!<76=zi5??oj)c&`LnLA>&k<%xU~~q6RzF`
zZ%{P<cN}!P#Bkm2`Ns$wmo?XIT2RUv;i+9W6(>J~Pz?zh6|P&q;0UnZ&?goj3ZPfs
z47}S&bT!4X8#QOGK%*)Sw2Mh>F4V=xheSR)F3|pC1{eA0crNUMoe8x6kymWeUgE7Z
z5cvsjdFN5`h&VaYvo?|%7`W}1e2ou(71s*5<<_^OYfmb8t)KvEzcn?npk!+*aLfDT
zSn`pJb+eIYXRym<65;50UEm=Gg6ZTeeM;r(DdYM@&(?MGqjP20)S8ybq15V3pKiHc
zN`iE}7aDH4EvHl09kv8?kvj6agS$5r(Xqmh7W@@B9t<20tm%rRN`@D9axVf~{6AmU
z7C-3jMTQ)TZ*s_C;Nv<J@tVLQrVn$u%FFre5W%y({+HLSeEDbeWt7T1U|-lkKc)7o
z+}Ec-J&)_i(TiA(Ir>uY@~)b$(2CSv_b>EtoBuELNTL6aFr#+a`HoOzZ`pzqQBDTh
zcTyYs@yK?53kqt74-T|H!UN87TzK5NHSsDhIq(?2VPGh-X;-LvUCW8k@aDjjy#l1q
zs|xT5<vHM2*%w+r2*uAJTG9&(hb7NS*RLe*je|IDXb#-JVd)vMG2@$S-qCU7&X=1D
zp9+8Oxp2pp)}zjd%^hE|pAV&2_m!#6)g0KjoVs*!?eOs}gF>kuo!`HoJf5r4!i9eh
zMV}3&R?2<kgX;z%tp!e*Rkf?-h|}UDk0j=BbM>2n$VYH|+&Pp387qVylF95?rT>Ad
zyome<tI%=?*@M+jE<Cht!hk1kE)N!RdEK@P-~pdWKelj)+W(7Mc^qsN2lYvB&xU*q
zlNVod7Y(v(vqYC>gk#5qpvP^b!49rMgag}z;_a4_7Fk26McT*!NT&4sL!R|71Uqgt
z7<OF0Xri;~gk>ZM-<5eoM@#AF+tQL%#Y1stHKwhD2=3E<(DP_f`7Y&%HNm~Ju`op`
zOV;G=-w+aJCwan!J9WVa$QCoQ7xtDTs$#0(TUvm_+G$xD!5;|&@;>}frr%WQAECS=
zQT&+^t}h?s>jM>f*oDjYztr=^H}$AA`;$?D+a@6U1s|S75A+{XkM2NZw9=?MQ{_Mk
zrqzgNgpjLk+~eI*a4VS7aU|Z>MbahupP5k&%(RJarV=L#Q`o-@#el4ok!wHt#Im-x
zCbd1=);X(c*zZM@_ODMYi@t^evTD+hHqgkhOp$|s5Bpn?{9?Cv@Q`hMv1~)q*>cMq
zoGJ5}-y?1tBrN5(*&j!^dYfq!&lbG<19kG0xAyS&Q|WAp6YcxCoNb`TzJ&@T;W>~}
zpkALB6N!RibIQSa$0BDA<K{^$y4|j53~((-+v&7_-QSq>K%`#FnVv2K$1J1%c!6Vp
z|HcT!0GB0>u*Gizo_x8}PF9?(8RAf0OOx(<W}T0$Vx8%rsmLBxT|n9(7C)_c`{^O>
z7_BDoP?4@XX#X6|M0On)=s1dpQ0jSK9!RZB3?sqUh=`*7cV=TR%O2=F-ujUvw*08r
zpOKAxKhTWamnt`rU;}XAW@Ht)O?vtH$Lub<!h%?Z`s`b9n&5H{AH`ecoVrPCi^ey{
za1-vxG#^?^j(S+#JFD6lWWJf4bRLP{(JI6OLjFZ2q~_^Ign1w{k-epXTciN!vmc-t
zT*L9uxWVz8q3MI>kBB^98Cm_a$m&6X$?p?Kac>}Sn@7c*qNI3ygGUS@N_Y9>=Ba4+
zlI<e;OS(n%5j&0SKco_l>i?R@^!;9(syIkA$D1y`7z-sW=2~S#Ia4V?gwanf(KJ+I
zaR84XH=^iid_v>I18kmzo9Jm{qmye_Po7W=CY;qdd16n$N@_{SQzgS6<a9RBj!`n#
z-e<=8);?ohxK?np&HCcDi8fL%@3w#R(xn&eD&=&&X1|G~P78GE_TM}m`Gx%qb`IdP
zh*4I{Ck}4p-D+@?>$8aHd)e+R@Z4&(I}=<3o)LWf9|E2dhLybD7h#EfP1A{8*`^g^
zC=YJ$;^Y5N(@;+8&g$wku}evFM;g0$$|3rOh;$zIL8X&vo?X2IzJP$zuShPGkZe=4
zXXk$UClMy^GzF~?P&cy{H_v*VrX(Y<ZlSN3VE6T_jWN7ofnyBIoB_j_KO6g}Q{27Y
z3(q0k9q-LK0;%zs9L#Xi_b;<5&bPAM>>$Cg%<DDB+l+{(F?w^?IT3H%wG#32<QW&A
zeLuX0+-CB44HTLGZAJrrW^OR>_>-{0m6OT}Vk4JGnl$@Y<o0DYL1yu_*PD05zVv+8
ze(3qzq={>Bg*jB^xK%ixDc<WHM<vmxvP=y-X~`#TG_zo0hLoo%{lO|V+bg+tUov0c
zIfhe1pU%Hcao@%)>Mi-CfcaT4(w!3)SJk(@Lr~%8+Uh&!Ruw)5dW5o*2VA(Iy4xEv
zq_?xUD(Yp4dSPyXevg5$3zFj;U3VGNWW6xARKMI(MUO#4_D|Wp1>iFVWhDJw@00Q@
zNzY}?FcFY`=;RN@n7x-~%u>%LPwb1o`>;Q`^OAZN>CSCj??I+r{M?)Vdt*TCg<Bi3
z5baO#A+t!gj@);p6|ti)=O$yvbS;^}Aqq#In%Kq^EEwB&O}QisB<$98>@|B*2@bpA
z(X#xRv%t+P<B@-78Ru}H!T&cac_M+c(hSaiR&wqKeO5Bi@ijO&F+7JJo@ID`bCAvl
z9ax)D<3iDM=wm0d8F*+If_k7mz*0$c?{EjdYXa>v$OT1C$beJCksas4iHULck5R1#
zXVow-{ke_LB3+Y=39Ml?9TWJkVp-7Ceqq0+n_W8`&H9^|nb?@BJ|ydb_p@~4MP+gP
z4!a+EcNrh^FK$tP`?5P@eRc;<#~pBr;}O2h<#<+z;fWR|rfcw~y9hBcH9MXFqEfyB
z<CdW$v1KywC4IqEq}k${CPWk6=rRBBhRB-AhDg`X_&=yIFuBLv>36~H?4|)zC-A(5
z=k5)~jit}{>W)YDqwZK^1svm}^PpTVv@FY$7vtoZStJQ=x?3qMD-<^s@IIyoYam6|
zD$#~YJ-`h$!23{uhq2K!Ygac+DB^W)XT!vv!b;jR(^+AN%y@IV9B9WbU7~!>;MW~s
z@C&&BIW12(5jNX>_#O2ETN&2F7fxgK#`+811W;1~ojO#_<Au%?D|0}gy6SHZsD7qm
z`vTRhZCRkgi6bAV0(|@*0;--uhzGUjvLkZyNXhYN1)uuxBJ;$HTv1_`5*oF@ByZGT
z5f^p9QMZB?bdvBZ729{zmv7CE`c|vixW9VaN{90C9~?CT#yq(swNZy$lJ?n3VuTXQ
zb)*IVbC%<OzGnQ-rC*nNWP{^=PFS16{k*u!RNG%Kmufplojue0!7Glbxp<B-H5p(O
zzJ5Y`q+HSZhXo^x>kC=}!Pw&3)TkeW7%)}co60fIB!9*}GkqJ$;<9l3(h_cdPn~j5
zL9#d$SydT|Y%QEWEEJhgRnW3E1a;lTUG2$t+=V2>C|Z|Uv(%_@G?RH<*@xe{m#*Qu
zxdQ%0s=<2}48`N!2ySKw!AK8#aZ+qV<jGGWAC+QXpL!<p5xP(X?+IQy{5!$IXHpx2
zvGcjfrKcnq`KYjEtsM`)1hxvtCWYf;&I)zEQ`}tmNidF~U<j-1_^1;ZOBkhjZ9`<z
zfYx9`+v4JWtqsB0>17s%s7w8cornfkch&}@?`QY75s78`9_i{0M!qQr__Hcoyu?&V
z^yhc!-fSUpL3N;P3Lb7C6xe(C4^LVt`H@QGV)w4|QU?`q_!nqbn24}_K(r4=-A%dC
z?b5GVdxvSPwAXfh1<i#jTNC&xmm~+WUOZF=BU=jRPYOj&Eoj*mirvg={3*FfonYUl
z`?R`=p4v5G-u0s)agm;}via`#7^0Z?SHMxGFWe`C27E#l6);b3zS0?AQpTIe$hBPH
z%V`xhSW|M`P!Wz{CXeo7o`x;clTLoas3uIVV8gXHXb8Am2w?@|#q~1p4;Su|`eK<S
z2|qvb+#lROsmkhuaUnkR6_~Xbs`h%-9*TY<eIp0UJ2x~(SB0g|2zI~QPv>qknP}k2
z`vGUQ!k9Cdy@tS@*l5d9RAUy#SKIy5`c|9Y<BXzdJ?;9{5bLSpv(<Q|q^^2rpI$8w
z&uXX%%0ha!(L00rU;$b7_IHIO$EVMwG@9tU&Cy;F<LH}#4(yP)Ujmb&Fgm6-jo9~`
zNXY#IFXwphlgRF(N0=rqgL;wO@X$OR75M<Jo6r2)+#Wen>dXI}I{I>YHyRV?E5T_`
zjHO(v{9oS%d1$&fBIM=cDx&68V%Am`7*@bk2E{OQ@!L6t8e_e!Hd8Juhp)%Abm(W_
z^rnNL5)ZID*&hXg_9A*3cxYOG7<gTbE$B*IN<-k462@~KLdW@)09l}2=Q!R2huP$G
z1eHaXGpJ+Z?Pai*pynmucXi{iio#&z$;x2e+Sd0IBXjdQGo4J{Hrnf(e>0u)>uxzJ
z81wVy(Bu62gRzlSS_Lk&Ug`D^58$)+3g-uck@4)GVC)8e|JZ&Aw13N5m{64}zj6y0
z^9EiU9>Uqx8O#`C$3gxv!C0vqlcBFHzQ}LCi5oN8<!&SEqk8pZhI$f?PyG2wVAlbc
zFHQHy#TB<cZFYTnHThP9X#_bQa61{Q<UMK-*h>30!7YbpC&A7e^4kx^FQTzg<J4HG
zeRu7F&-XX}MJ&1^rU4GA@~>}Z_&4$vn^xire<pJTA_oDqz=Q*c>Ex(++8f8Q4m+dc
zbY3%yf2zHt7imBJON>;G?)Cj^Qhq#))s3eLJ|F^hyMd2A5`b8lpnoA(eX9JWBrwl(
zva=qn5{!i7`0vC=O&{mzRgbN2;Fe}X0h0=JH^pLG<F}xM?5a1tD|QQC_z?Odld=3x
zF3q36#EpE6?CKY2mr;s%;0~G0#m?spHzC(6Ztp^tACKP?WK+9c$AWt?>hXSe<sP*G
zhk1IXk2*mSJ~tP2mziadoHTQ@gD-m8oLo3*J9Deo#WA+2>x{s?!%(GvsV6q2Ko65M
z_LFV0XY>hrk&DlSvb@{bULrWZva;<}ZTba#4;5aV=Kwf=#Cc?dBMxweXpoQpPB=<^
zNC(yNk!6<i$>2+g*Xz7WCJ&RE$~3HEm+nt<pEjw!-kZM@<TC`&B6vc}h*0<2{cE}|
zU)r#`ai9RAt1?u#s&%`+j}(u>_R&cfe34Zjn%#f<hwoRQkNHsa?L-EO9DWwplkC6r
zK>W@t$#+zPc8EfdF}zfHkUA1_tBZC|G@Zz2yAuQ2p6==#Qstja6q?acLiA>$G$Mh>
zW{^R5Vo2N5z2u5^tHAn6ZBMs#hN}wwLj8;=BzBM!K!frE6tx_C4vtM9Ueg7n)JC5X
zeNaHiZ?T{Nm8dK*DF5YUJT^pMZm!$R8Dc0fd2>h>v&N6iJ2aP)1fzKS<p8bMFiU&M
z)JT^7+9>ZLuy1-N?*I~QmBK`Cqi&eM+Cb#Hv=xjMiH}O$$8+GJYw+BpxgB0{URzMD
z-+@kis<rJcpK3KQ#80JK(kq>_57m0`R&~y(){ih~p;hmJ!=X>lX1k<=$nFj7lhy2>
zmT?drHptCl;1*W4Zq~tmrJ<gea^<<zjb&;2^kVD#b&kFV?&$LIe@S=C+%z~}ngQnn
z(x2p{?!>`uPjB<rdPsJy^OwG#zw|}UqRefd^`Lr$qI(%phNHf4r3;)S^6xEQfq)Rm
zN%$EFGP$t}XX_I##svqmo4oH~Et+7;09<?T;5~W0H}t980^T)Bz0})<;NhyF<X4n7
z-FrJXZJN@?duuJt`0C^^Yc<WlC5I;i>27#G`T%R3BE1S~yl?R;?C>vNk?@jp{ww>E
z=m#c;1j4Z^%7h0FZj5e-Y$ysv_7pD|go#2|@)Z7GA>*IOraj?!!#pMC%zvn;ei{F}
z_}?2U0xPaYgz?&fbvs+%78r~Pc5mz-EPS31WrB{HKK>BFqT*8>`T3~z1H<fB(UC1J
zhc-svwT^sJ9EjY-MAoEgb|i#&L*t2kdK)$v1<m6xFKNXv$;@9C{Hh4W($Hozi0L(i
z-BYalr8rhw<p@F{*tM_%U+>Gyn&a1rhQ*Eto0a9lqxk)h`29d1e!u=dz=}7NfRAQT
zDf={4zT$0(c)T@7y-=igPjh_wJasd#zM^ZHpKF<)Ynh)KhRXaT+Cp`^GV`;kzpTC@
zJvKj0n%$iFJ*{XQ_6}W@;kqYVKj54{G=5>l!qfcj|6vT>AC{N@fc>}5x0G7PQy_$z
zEeW9$`LVMs7-n<B(q8x@VY$1JMe??<`1P-F5P=9|Ci{9qjRQf#<GUnW-5aj+7U+Ia
zEOn{TJLK8zsQvuKum%J{-J5`f7icC`e*8KtFbg+pDHKP*b!!gYVw#c9B6%h=n3xM0
zmUvH8vJZ%wwb~3bYj${#*Ex5{V><VMLU($P&&(Il`^dv<81V8!8=_)BV~SzY&MSh^
z=J*8sI0;w@2YHKFl*sB_`W}ik)6=J0uD}?9P5r!qb+m{1+R@VB@-7ytTU^<)Ir~}j
zxufNC`rfu!bbWDU>y}_-H++r4K+6Uw(aJ;gg~+BN(u)^x6EBw`C&%&sl3-*#TP`@y
zl6-y*ILd`5K*QiEj1vI+4S$9ZtO^$@L&1TkP5o=07I@^)>!NW;@!ha{*vHt0%!jv7
zQOf|h_bxI#+4_EHd~3x*?2HogBwn%xh}y&_0UgPQV>Dj(3JuW4v<f0-v<#FHYen)V
z=+B88p+A*;NtMrg!>2!o*`&MOSYNWbo*C)U87`BJHC*-%*o)Vrs)<sQ7`95wz=IqV
zoJW0fWac~+vm3R!Nd1`?Xpf3lpr2z^e33j8p}L5Y?|R?8So|R*SgcsB#80HMRbqQW
zg{+u9K<ek{Ppw|-RYOouGmYn4OY15HyEvy(9vc$Dljk{b*e=2rj15O_8;<aPj<(4;
zCE740Wu3E1Dx{DA8GnYvLrEKn$~6>iWuBjcS@YRD+vL50_Ak>=+fCwu&sLN1n|d*G
z=nX~@3S;Mb;n+8}#ikt^n?90`euf>0tLMqh`1C4*dbLMvH3{l8@0>UmTpUCVGaGm0
z=E9wUTNc>#j69gI9ihNfF1G!+bcKZeU|{lV@EyUOY=!qG32z@Cj7bVjt4y86tFurV
zo(oUY;}cFup6`5Gq)rURoh=J?IKjB{Xz+r+=13FMB5_U3p`-EGZ(DUFK`nY(h9>@?
z;YKIW>MRBT=RG@IG^Ppx-)xjW{tGaH1fprjKJFrPA`bFGvDPx+v?S0m&p&{ebGJxA
zYgyuA5)Aya@E?x8W6{)Xi49p+ZzfP!f0m*o7(e`*p9iA`a`y{M6oQMKe@HNL6Y*cr
zSKhQM^~dBUe?JOx=Rg!%OeKPOZ>s#~Z$cI><GmTdqGUh#+4M<6v-E}PKzX(UK!lsH
z52pt3)RI*~SUJ3i9GxPY_J-s2wKXq+Ar8KLX;`H7$$sF0`e5CwE!c`L>Mdw^m~sUz
z#m%wcYh-9>t4$}ZC23dknH}AQc&&o>+ionYFs0NvWo5~J95NIF0qb#!ct3ftFTXws
z?cqFaJDx8!#B}U4pT6kW@@m_SwG{=e+k!<cwPnGg`DO6$9VShcw8EPF(dOG5T3{#3
zyt0z_(nptk{{30Ts*+T1DhcRd!O*LdV}$;-A*DI91M%b_CFu=T`S&M60<`13pQ8^k
z9OaF;#gT*i&&nqU$ZvW44*@FiHh~4&qg$bk?Px|#*ceSj*24pRQoLXu^W0^GG6e3Z
z2-khmjJO$?{GpjH;*9Sig><m50uQYL?M(o635Q@K_<SI8fj}D6r9EbS%W;f9?XON%
zehOt}DN&O661l;z!N|rvq4>?#^wMC_v}OG7;(u?jXdr7%bgixIm{)}FpB8_$0et^H
zAHeqr_ToNr;kT&xi;y4C`F8lLLN5gNs|ePu2}G)Ct*PeiKI^HV9d&D9jtafzx;^u^
z@n_*E6ubzB1`iEwHx8%(-sfp#psY~cQ?1Fw8w@WH*~njI4aScj{s8;vIO$Jgr;59A
zjyD)sZfcI+T-LC9YDJ;rRGtFk{fu%AZ8rlxNwE{n^02Pn6|U=D&}}S*$@h2f+|GIA
z&1K2oWQ{t|nhbw6d!n$7dYnGcFviob@JY(35W!YTS`T7tdCkPSb7_X&3~z^{W5Coc
zLf0)NWvd%YAWOo}lx+DXD;~I`9_9C{ikyw;kMe}&jB-rgeD8O>>7ll)aKl8YpEt~B
zvcr6Ihd<1Rux9_lIq+#Pl-|Go&Lo6*`AMWO4jCTY@t~zaR>~v*e&#;CdiU-5(8&^p
zH+Oh<;T0+F|DNf#6>{u#F}i<^2?JJVnc+RMLNH#8)rkvG0$dddty>81BQx|ic5U%-
zFv8s>h1+mFj68{D>PxNfM!OtUt!t<Z-10Bf8jM{JyOh#lNNF&VDr_BW2<s9|Qj^~d
z;m;W91&xIW7YZJ$c`1vZn`0NehUsiLaQ|x!ZP)h}GzXgg5-R*-D0U_$T2BT8_pfbe
ztHWQj>7{VtUjS?{Uw3^7YwgwbJ9-LRjxfF~c4JMMe5C^SW0Bl;V+{)$XzU3VJ}LB3
z8ytV0V`^lfCxkJ_+xQvnK{y7<Krk^aRdbTF+09qOx%f=Xum9vTG4~r2v)V+8eVCYe
zJ`*!1RsPSfX{o452teD#Fu@`{xZuOV_^hgG4t@rFPKPBAnz3UzdXM47WWc8{QfG?_
zNcAoHieUq+SSUUX65noL8e(5)iY+c~NcA+-ZH;;jfoVNC`@ha>c{G}cUs)J^X36_z
z*!H9uwtXbSw)yLw_f^ZEH4OqIY0|Dd5A4Zgpl-G^Tygn0d5T9aguB1TNU#FrcF`aG
z>JUQdqVF2WGXK4eU*nw~1jWUhQj)<BZd*SP0UfBDq1PeNXWBMQYI~-w^PH*x+{|T|
zM?{~@Bn^#!PbL65ddQ?vyqDtPAzkD@N9>ce6TQ!@*BaqNXD4T8;5CHWJQN!!I2MZ*
z9ck=Yy|HJu030Ii<PfO@fML(0V~5{}A3y)dg9<owBVZCfjE(HE*$T(Amc9hqUuOx!
z@!6Guhk_MtyW!ImfioDJK~bD>bckFHTh@t@Uo3cNtbSy4N>Oxhnh2msy==+H>hXf%
z;wG`JE%D7fr9N1Szdyuc!Dzmnqi=G59mqpzgERHHrVqaM;{zN;{%|_~P~}e-9Ms@U
zeoiLGjC77bI)}1ipzhij++cP-dH9S?aHTje1*f|AMSlx?PXmrVWsXarRtrb<6+Ys&
zJFB3j$&GLRM1t}JUrYpd{`s_cF)k#?l!YEXL{b4{&L8pG&;fpJW9NX*;k9yFmh;7K
z+&ct(V$~|0qlYBSqkJ%hAiV3{v3)!I1?p1MRawsDfTg0n_0n3Fofe;fOU8TFxyRQ^
z+=P*&I_0c2uo!<GOyfEjHH2dC#2*zEBy@dlbM$X%U~aD780vnne<-r5BsmC>YGmg{
zbUw>@#v%Kh&-(n*qqZ*$4?J3>g%%va?kwj~@yEsXB+lgIM~4N;&-7VOr%#37%sVf5
z+38ckE-;8ty;DI(#vlrV=g_5e$4x$#sP@S(`fyg8Nl0^6=d-QTCCv5lJ?|UG;<a^j
zUivyyf_rE4#brt!Wb79RLtiSqI(><|Gf8hGF`pbxy#r%*$>hg|M0wKZfjRuwlFgb5
zgm7F!pgiYk9p?lKVYqy%b2$7%;2~_KuNTGXSG}!pm(iTPqB$F(IdxMYH$SBkPH@uX
zW^fL<`Krhbw;=38ZnE(Azf5n&pY2G^TVOy<OHeH9B95h<D9MOxbv^*e;al=DcH75r
zEk4Pqecs=1|4Hdkv}gY$XNFI5f~oS)zoeb2RzNp1*rY~sX6nIYEzNK(YOgyF6U9Nh
zuF%ptMS($@6KLN<#!!4}Kg6q{{6EjmF6U{n*;FMUx5nBRulr;2C_px|f7yVIb>JzK
zHdM~p47IlWTY8^L6t49uW{98|ykrTAiQd!WV?H1DkF!Nd+SKI?MR5|NGz`l~SBGaC
zIr%`jXn1xwzNj)eEe~G>V+#OFw4Xj}hqfa+w*=AdoT}<T+2jnW4@MW1abV3}UIhoL
zYc&}0v|STG=ilZf6rbK3jGdWA=@vVu3|u+7AvSGyLu~pUt1x<6Q4~kkx!@qC5gz-!
z*5NjEZ`3rWZEzplktjVbY3M9ISr`t!pwhZJegQb>bm2yrwEOP_2c5!8c7BoEH9;b+
z8gfZ|PGNKPC!y{wV5J_ZFxOPTgC3NncQz*Um*6MP;;>h6XK`71)gdM5Sc9~DEX!=n
z5fbBg!Qr^Xg*VN%FMJe?%*A)n$4Kv`PjKyg2H<nLyZc`7F_QLl4n}g?@=6lDYk%%g
z51Q%ZDf~%~3nT%aPL}5+sarmFd3{t4c6odV)1YnSjcZ|onX*4L=8Jea_$9J=Cdef=
zz)t>4AK_rxPX2{#4tjb<&f$Mg5iAw9W-xXD!PMf;DaAdy#IGPRLA+k%W@&vz^CW+S
zVpmrx+GP6~Y)V4<n>mShYT!-|V|DLaD7v|!^C@&nn4OS=9bNrLd7EzzL_$IWX+}W9
zNK1o+B$&Wn=ls4ycWMe;N)n$ZceXp~ed0G_{UWP@X3C1`fA3@m7SKRUVKAiNI*KVJ
zE~-{yF}Y>PP}~qZqvZ1Fl;Y^=e4>7|6Z#aJ>KjEEgAkbV91_RN(={(c@SlA#wcfaa
zM5lT!(}IJT0XvdC)TZKc32GJQc5@{OW^t)F9FTK`a6J)RWKj>7@NvJR#(Hw<b8gfM
z1g?EllDL@Mc|#n0fFTlZs336{eal;vKaiSPlnJ&dzamdKUbTfU1zMTzcluelcv%wD
z&lr45bKN_ETjl(|-+r<>KmCL2=VhwPR!66W%wRD{ZvsnNtJ)KP=8s;;Rgh3u9_z2C
zshR=JAhMX9Zg(8#O6#O?obh$$Zv^N7Hw|{}S8`l4d*YZ($L;RSL<i*_<9|VNiYbZ?
zStIFpwJ9Ukke-nvQ{~V0lslxKxWqniUg43H4(|9%5{;a@cuhaCPp0)`cL~+b$Q_-U
zWUelTjq=YF?@|Gc2@Skx6Dr8c3|L+VcVi|rV&X=JqSN7u1)I2AR}dw1Iw8%64ZOS|
zIt@!vrc3F;z_8P?ohc$}Wo6<inq&BOpvJ8V{cXriv8#s@yXJDmOML}w<9FmU>5fQ?
z;5w4CKTulzV;!O05@M1zMz0cEK923w*m>#5o+6m>f@G~t_ODi_C%fh1oQeJ_$zoaL
z0}So4pr%(<_9#dQ8j@8r_d$kZ`QTl4mylu3S>oB2;BDS4`Q3!~jou_nvzNWz7wyH6
zWXkJL?G`#xtm`iJbn+m+XaQ=y-Mk7lJ}@aCH5z}K#g8*!yS$rbap+wXpCQ}7haHA|
zCbE0rbvJ+u{(O24E?^`jIU}*tBr~^wdwDAi(M{aVuy|k=c6#53h9&MuC&Vydi+<?%
z=jP}qX5M%jzz+O*d%nV|VK|7wev`NLC<a1|Xe#l`EKTP>%+LRa-26{ie)>{Y(E9nr
z1vCnNk{u=qErTFbC8_eyJPl72TTrQPrA$G*Gk+|pQQO!>(lz!d&yPVxi67B*-ZhKQ
z0^bQv<_o+tf2k!SIjKMD?<CrXff$>^4~0_CwVah1(3?lAp3TXGH{1$)2kleG$Dea`
zq|bLKe{iP!Pt)baE2wwR;g_f-e|e(T)_eS4)g|vg?Z?*F>`Tu%o5gh}yVx5d({czk
zEV><~W-zi>2fLV)Cu{hBQ7F1iCzm>9QsU)HLq%tDzH}z%m1lBZ$yDZ@SDL<2r+7W?
zymEd2ea|b0`{$M2oG%rfjq(j`%V*u`<JrO3`1Iso)NpZX)Iv6IICeCvUBba8nqrOd
zSHx!v#Ri0Qs1aGoj`CSKk-QsAz#>Iid0kl?U{W6^?JyOl9Q(!LPVM!Z3Hf^<NB=d0
zlkeETeLz2O+l?$X;QvwZz~FB@0ZP0IP+-ejgupIK+#`^QT?D(i&ijGv`gFRg1W`$1
z9r^2<hUX0Y&m>m{{*M&==M=hpU--|>|AfmgBMabPL5~dn>7C#oQ&qvguvYA%O7$xR
zI^;J!W$sQt;QuKf{*_10rn(&}3*{HkilE%dzj^Szw~|i=-{bBvNIc$ta!Y?UQ@V|s
zIgHPR@5j^SZLw*6%V!;Ye|U<)_nUWHt*_dTwVxU_ncimk)6}Rh=DkNI83N!eRtR8m
zNov%=d|#R2kF)rX_!@K2{EOsQ2+KPg0qF-$4Wgb6#?IjGy8-$Viasyx*Xi+*Um_N~
zpb)7I(p|47B)VBxN9htn9S7*tkRw9MlVP?bjE2Wl2b%WeS4|(@1jq6<HuHP<(CYZn
z*!t6>jiZdgFVho^6EZ|kWm7umj;e?iS3yXNrjT&xlxTR=NQM1CQy=E|+zBzOdjsw3
zX$FSznqBp6pCHD(te(fG?GD8dWhB7y;JKrT*z|3B7+c@IrR9WJNvytz&K5<7aJ(X^
zYJ6p&<EsD@Q3P<y;}F$5q!YoUfuyCu=!f|Q2uB`7e5~Y@2kKMdC2zwD1Quzu>H_ec
z-pw6}y0cMsG-sm{4ae%qY20JOtKj*Iat=r(BaKEd$PBRKNIDRbjkRVS6%Qc`nCx)%
z$HDHTFAkmb@L<HD9Q!nt4n~q@&ykgfeET%4^#@DTs7;k`eiD9$9>cAmyc1g@PK6`T
z$f`LxbkCd}{SLr`YoKLbEex?Ey+<(TZW`{q!pSFNYV#3L7C(QCO<5Vn-WAQ&J44-D
z8Nh1EbGruhk>_NOBKy(od7-mEmoW;5sC_VMmBx{S5_8}^t#A1-?GI4f_&?|ma4ZaY
zFm@!0oU<^#DGnCCmg5g_G=nm`C2f{^#P+q3MQaDNPHJ29r=r$6-?k#qzCs`yYlVAB
zI|eK@9&?$dHPY4F*B>AlP1>$)f^jdlLpDV~&hrV_V?wU)696aWCEsw4gC|4h!!dox
z^9iu_{t<tGQ~R#RzWxBlxb5(+#H>`|__->hqYw~Iq-1Eud2b(g0NqcZ+3~Z!LeCR_
zB5R&QKzmgilM#yDRM8x3suc2CB=nL#?+-_FeC>|c5bfkNUM!>hz77F1@*M(#atK%?
zyp?tc2s-Syk3+zmv_rsbco8`Sd>_53c8^RYoI`-Znz8rBN&*PV8Y_KXE}7u~{s42-
zwuuTsi3BqP)j9qEbZnz{>Yr`#_U8{UBi|oDS`<lYi*$g}$qea;wLWn)-P)fsKyyQm
zJ|M>#;5S=+0pfDHCTD<ID>IVEj~?+wpa!Pt@0nHVf_OOt%rb>q(02w1ir2aDLM;(y
zQ}20aiD`Hq9^5$t?1q^1bq07`*892606-Wg^W^mIdDmv9<8HE8@NdoY_wA(_i*M%*
z(72C%e@kxmEAp~Cem&oEIMJBR-*OcD)~`BCkMr{f|Lgt$8<+u|?Wf8wcnmv=Kk{n+
z0PKvkAt=_=X&d)G_Ty&%FBO7zQc&wZ6BZJ*I`QZIL92Q8|LB#NOnegdWB>1VuG#+^
z#I+vd&uPoy*+CmWl0V+G{l6OfRQvyoB5o_f96*pNzv59wyq>pxTmZC{JJT)z50c|y
zdSBq3u)(eRZ%E0k`Z9aTER7v7Wc0Q9{Y?-BmL)u}KLAl|4OOA%GfIh)`N`jlQqI!O
za@IJ$Kft7728}UV+8^LT!vOpE0|?aR50L5Zc6LX0Qv3ApPkc0g09ja=^66XJ!R8MT
z;|ZH<=Mr!e8yv0*iyN%I*iU9N@UuE;VVmGWl7#F?y9IzL(iZi;lL=VVP@R~fIlf!K
zY`F!nN4I(p`)&asH*6!{6Sf7gf?2nKTz$CFj|2DzEb^{?)e)axStY)6LfSuIk=v&E
zGjKrv0K<n|+sXial%GbPi{u$8l$XVy&cM0gPip-i^A8AmXZ3)O&H?T|%|C#BrVGiO
ze?VP7pdg3;lK$B7FS-6d|A)0Rfsd-X8hC~TNHF+<CK?rVw1Wm03>B0pXoe&*0~3gX
zh&xt{s8lJLC{>ieOfcg(N?Yw-#cFF?yJ$bl;+lYLRur&WcNP`iFe0Ee1O?{%pYz_#
zya|g?>rXQ8-FMe>&pqedbI&=~mcJZWHF;qgt899G5dHz_74#QSfz3;@q%YOPAK~qr
zTm(c%H`H<w5K4P+E&}49^^Gn9a*WGVR3hc0_DCGqMW8nB<S%08q%HzB4x7iH4vHgI
zgNKL^?dGV<1mzKei8K45>9)NDeCElYiHNa7wah=Kece8fDyoJh4~{=AsF3j#c-M3`
z2}_GWb!=tY(*Ltr+6-XwjVw((1&AHS;&HOHd&em?lXX7B_7u2h3#e2;m3F@}o&wrK
zu{RuqEy=o0?gA$&WfFG*Cx3DJ3shHxJ#%GvI1F&^o8QJQb-dy}iOvHC_>jJEBh-HQ
zU*h)v&R<{^M1l+5J;uCXak8>ypr<8JjEQ51D|nnQR#@!o*Txr*i_p3Gdn#L|dt8+*
z!F=wiLD{<1{2?smfPMzPmdv58DhtmcA?;`2Q?;mQ`_Mq0@hOm<Eu*yF`|ysR!S5e*
z7BIU@>UHLvbSfpkNRT$#obF6pD{1GMlQd1`^|YUXB^NsU41DH*#pKTT8JxtcC=kv)
zO?Et~^WHJO*f2tx632bJ^im?JZ<L2v-la(Nd#q?~j`{URzCy{{Mi}9IWB!Wjf;QB|
zL~?BHB1OYbQq+$-R&vp(Sn+V;4i^q5B5`2&p6bCX8jAJNg>kT>K0Y+IQsW3$&AB6z
z4gaVy=3l<2z9w?4UuNqf?{i=!RW3@1i4*b>+G4(Y<@=&N7$Vhj8$$R7gh_VRm+u+;
z&eRVFzhg9CMuOBgbya*6kB;`FUs5!FHtAQOksbQGPb4m5$yq-la$<iPGcS8UCdZbC
zv-W4EKt}E#k<+ixo|1+$^orNnKSSzL??3BY3==^v4JB`8V;awsJ%!p^u%hQLU>U>9
z##<XH?)e&mBVYV)_Ts)Ac@-568Sf|KOJae|d4csc5E<ez!WU}}3_MKVj<<D%i*#S)
zi}}C<78(z3i&@5e+vH&aQ?yDlPFYZ-gFspyu)-I!ZOQmh=Zkf{^a1G?G)clhPUiTz
zc#gtfHVOH@intMyQ0o53tBfSjZ~e$v-b9veo~R0Fdq@{7<hwL{ADsXMMB^xKG-ee8
z8xCHLdk*8l2;C>Ghra4zgl6$17PvjQBR*hMp~v7<4T}zAR;d&TebvP}6E}vf64JU@
z63^pGf#8+#5+IV=uS5w3eBL=mb4V(VUJA1V5dQPV=9D%xN`H*z2Sk9Op)Qv5+1ZFp
z8G0pJjC`%vXnv6@L_g#P`;QYipx(F=B}m&xU73q6^GkAqSggRsF8HgQG{}AQjT7T_
zfFx7j)Tq_yr0hmNlWi{X7-a`7|EVLZFJ{?{4Oo*bdH-qqe39D33Pm#NG1zvI@DS(9
z#bTT28md73ELjr$i*5C@hLW{nH7y;Fye$(_8$oWYjZEyCFZb$&zV2eos!-LsWsw~Z
zQ+WUx9x=?{5AzPog1dqmMOc~3S6?nWJ#q4#BQFuX-1ZOhNK#8G$v*auiQ}_vh`wW$
z&$SqU<!PM96aFkUO5a0YyHfVxvZ0@5%zjMldSX?u#WvVTo<CaM6ZRA6neTJ8foeg_
zO?12?qQO(w`6`y)RzoGZ#;nU_(;OSQI}ll6l?(J_`3~uZQPORL$&zQxdWS5yG>xbT
zp4xhwCw@LHrS*$a$<&g)DyV3inn&WEK*c|e*(d4Td0oDW#m4NF(q5{q>2weH`lHC*
zn5hC^*IO88`uh=j_IYVl5Pi8k*kVNhV~M8}URR2523o@rvEqL6)e-~fygx=|k|Ln?
z$Ev9m`PTxnb<>zHcKQq-F&uoks6q(n;OC4q&+pp8;p1&+C_#y@ef|FFtN5p^bhi;&
zt_><C1Y!d#t(gYU*jjy_EV=ke@Wr*qGH5sMzk;<S_e0))F%N;<iFji$W2GtnfD(O`
z|Gb)2aPY>%crke~dExp-A2YWD%fv#zPK1l|=|a>P%%$r!lx3^rF7s_zf-Vu0yCOXA
zi|X9y?6AS(FPa0@-}x)H+(yjSmsjB^a{G_jF2rw;=}Pa1Yziskkj*N~Pi@8+$Gv|N
z<N{5JBr3wh{bD5IuUKYv|Nh>BUknEoo+7$UFWA;VM!MO<Ve28@YCmobGn(!6b)^I^
zD)Q6Ui-;C*3IA$2^`uB>NqMBLX*(hVRMQ$UC>E$_H$n?h3<x-4mJ-MBTEcnt)St#5
zC4CMfO61vH(4NKbC0Qt@Z&WM~m;JG#Z!5HDQ{vb;TnHkwmt2J1Y<X>Dk>AChMov8Z
zk<b0nAK*apR^xlM(O$LZU9@WI+guG=oS2lUja6HzR4%~;Hc={P>bYW;8)~JlHot3i
z5dA4m!&9i|wMNbb^8@GkRyDjY^~6UI$oM%V=$v>VPmu5tv4JPW2WFlF6%gmSf-i#R
zA$fpG8?$<mg@Y=Igo`;LeV8OAeX)VJVeJdn;wh3|e@0Q|I-_XRIzln<??Rp{xADG>
zcm7?-Gq`fN(F;R~ZqjW`h!H1NG;*G|H2w$nr5gA&eiKi~YIuZ9`m!)5`G)Gb-rkGt
zCfDti1k3L_{2t+RHt&lKn!|k;i3^bd9^pae$~-$lQ1`Afz*xz>Bx=0g&-BxCv-z|c
zC{a&xc2+&*l9Rnwop0H2xtT?>{3n5Q5gA^jdeGse=8$HJi<pGuk$hhzk4Gu?A{&Vu
zbFI{UzxA=#$NF)sd^}A)F5+V%2>GYhaoQ&sb)q*toU6kTBOSAkWEw4*l&`T5Rz?0`
z?fL|fTfa-g|M*DjUQRiy?s|$Lz{ZCD%KEZ2{Uu<1;ouIqB#yB4>lziP%zT6^9R%{C
z$1x?2waAz6x}EYR=ReS!%z7Tfv5q?}bISGNDsu|BSU|RFx<jOu#Hs$sPJg68LwG|g
zyxewrQK@~Asn@N@Au{Jm+O=fP(Xrx6KP+-otoPBQVueSugjS7+79Ks~yui_`8cRk+
z#~xkEx+!f~oH#s1-x}uEM#pfJP*jz#X2J60mKY~IxcKLn>)kIBiZxOQRxba>uwj<S
z<r75ewB^&b#1Kn9rGC>0aaAqWT9>Vov(O^!CW^*L4O)#<*vp0F>W{pm!s}6z_dNfq
z;LB5AjTiF5@qk+;)5ENo-oF6LEXnkxuuM}1n4DK7`>y$8Hhfd^{Cb%Wk>}r%hgjaf
zfmlbPpX}Bg@-Xr|9*J&$!SY&6<wC89dBF5Bh3RTbj(`2aX!YwI!=i<+S68$(94>Ep
ziKA@#LQ>=Mn&_~+n)8P3YIw0WdU;2!2<JOp!LcdeEK0c3>)%fXze?{ND!spBgnuY-
zB)Q_9sp~5c-Y4@ewM~5^el3sL{Y8F%9r?W@ej%R}N}s%=$lTDJg3>QS4*5MD&q?tv
z@`W#oEvGvWorKJCx0{2+G6MeRKW$j@d$O)nM81412|4!i^g;yN5<I`wwFN@+`2`|)
zu%KkapXQGuFP6f;x>#B*gch^l{I8P!(2_lkABo|1(bFz;I>!sAVku6e$x3PR2lr>1
zjI?o{B9rdD(yM2_j*wLQ>;DvI|9wwoD(l?;_Tc$)YcrOdw=sx5W!ZyJc~|;hp6S1T
zsP=!=0sH@SEYswF)Bh~^xBM+rS?B%(f5e?!`rg)Q0-8Y5bpP`+{f`XM{&yU(|J(1&
zG<l%@XZC;JWRLJ{*?(=1a4FR9Ang$*4;CTOw#T`KHSi7g2t%Ct&$RL%&>kW5yNo@;
zO8{6TF8jPPWsfj{ENYJ<<o>XA^dZY0VFg<a!Ki)MBiurTmOaAbx=796=#SGLA(}4T
zMCMNR2(mxd@+o_StG*T#NSfClD@?~6Wz{;|rU2DB4u8Trv8OuY95jUcv8Oubl>JZO
z|ID81&zMW5=kF0@)Nin-n(oXmcQ7SBIIum{;>W(xo@y>x()Ls%KSV?2u%|kVHY|H8
z*DRr<&bir&=qfYo<R4k~CilzaslCa|Go`Tkg8n$`c+##TC68y>o5<DCT0Uh@b=OX7
zew#~mes8gAy+MBzzZ~n+j*($mR&dmfov9ZL-kS8jC{it6kC*mkh9kW_iT*^g;F9%n
zQ*36zpJd5>zb(nJa{Fd3o~wwrgxd*?ux!MlA=#}}yE;N0`Cg-HX{e*y?dSNet8QkS
zX(rbZES?QWkYrcmKzwQbLS`;JFh#9N{0wXqV5=d{fg8_GJSuBuIP1{DsL0!mCnaJ!
zqbY;9F7(6~t3tq`1XrYzHxL~hAE#xqjQrHi<2*o>Z(h=YRS<K9zev)Y_CD2HqnN`O
zg2jQ@b93pEH2uDGE%J2&E36&nnMW&BOPf@zu=Hzs-w!M0u?55;eNM)mFToQ9Vp2C%
zBX|R_D;^bL_X;+vYfVlfM75}w@g)0t<%|6mpG*bnp|I9m{~p-uwfp!lUgStZikGrs
zPL!EHnqlGFQb)5r<hxinCp4$nZ%D^)J4!o#jh4ughaC8T{n$d8{@e#-6rr8@3j_^}
zVQn&f7((=%_#IjB_J!KnL~b#fa9<?PgEcvtYOKk-gDBVtd0&tkVMf)IRgt)VZS+ik
z?5=Wi5xC2iBw6B}3o2<o|IB4`X;OT4lPd|v&$BmrkMyS6Wr9l!wL?|fp>lc>!YU)V
z4ozlv!6%Ykjc1@_dwgGr^q9=X9$ic`@&QT*i1dIzq=r>E6<}Gm@DV6^Y<LQhZdF7o
zQ!_N0=%xzzZX`-GHDcY880(K7ABZ)GEMPu1Pv&1#2|E8=IEH;DZ(OG-2KTZVZ~Sh2
zsSbLF*~~9~NlwGIbEWx^SjVV+{;y?eM~`Pdvmu@A+e<P=)}l~LcqHUQWUZs!9@6eT
z(ynlLvyZlyG#`40_AWE8zRN<Hm;KQTa2d-tYriBX>j2ZMt>zRm*;9~~KbeSNu|M|6
zT&ffZz6!ac#l$8!3i26yzaCV<2Fg65SaIy@>Gt9fr5W=l>jTV^(3%uq$pq+f2t15d
zMJ{}zlM6I)hrJxW%NI3#++nVLn_eHSFG+I^F9LNbaTGNRraye7wt0`XX|2a`*otDd
z!^dl>HVwY3lYQU$jld0Gm9^$<>XLe{*7BJJ;f$}M{O|iOb2R;B^0Q=aRHl}2#0$_b
zT8kq8_N!SGPrCQNDAKLla_UuaajnFg2W%|{jk4(2xpWT#fsT8vc^hb!7$GDidNYP`
zO8{Al{)cwEf)fL=C*GzT7$2JAYXkTb+*z*Cd}Mck5mjOob)f@YYjQWPfFUuoQ+3w-
z5EZ~B1TS5m1o(8;*H7z*_BcstvhRJrws@j~^Bj(W<JzIf()~k=t#{AMPH;jCTQ7*Q
za#QJP&XarWtKoQ&EtM)>6&`>safdwpS)QiI)0#i+Nha#e=p8l{1Z9z5#2&LouHcdG
z2wI*d>j)OR(Y!XDvlBlqapwP85uE(eH9^@^KeuS;cY7(W9jCRV*N5UalG4H*f+P=E
zNYW)mIhp5Ende|IMJ4X~dlr>A3nWyukN*o~wfW+3AuuN^u~(b8bC^zhZ5;J0QDWOg
zyrOAxnud4$5)4xRCNQCKg_dF4ysR^Mm_%C^dDyd4m!mnZNXK@;4|VOPm5J<^S-q^M
zYZQ~#by`p@v}Z4<L2p_Ms;5?zSx|GdeB^69miLA87fO$9oF~Rb)^a^HQ~SR;=$GaC
zH$%Fash$31_!k>i&TY}^?3VM_pl`vrOZ3049L`iM5*2LdLih*TNU<c%X%V%1E-GQa
z*aO_o{S=&8jDq$ADn2r1uLsS<R6%lbE~&>4de!R0Us&f3Z<7J_u*8IB&)ZlPUuKuc
zr-W^Ki-qb1a2SX`1{rdUgm@yxJjs$#)Dj=dqd)Qi#fkHy)t!#Mb}ZZ8RCaar7L9Fm
zG-lTv8>sqloAycXT$#+#)q*Ggr2laVpub|N@nd34Y!jusFV<VM%N%Ipr6Tp>Dfzu5
z?k81FeTLXNSWZtzY8O;F<<`@P%N~@2lDqiVh$@MoG@&J>zT^^r#izmBz3S<KpHA@A
zOb4X-(0kH5LSX$Ka3&!Vz6!MCxAm7Xl?w>$lN<t^Xd}fxx8Nx!+tQcvxbR)pce12_
z_QBrx)g<WA7BS((=uK1u1UwP|pbd8WBbSh^R=X&NP;B(&Po#ziWXTB1Xw@Y|Y7i=4
z_NA2uSBY(XvgEO!NGnj-&t)Q-Z--pax)=%n=tk6k$BBXx@O@~`lGj4>xM#miCc2u%
z{OA#Oij(Gk24Olyj;&F5(EMlS`kp|7(rz^$HaBchR5C~W<v-GbxuH;yISYTG{hD26
zsNiiG$kq_TwPK0lFwV);id+zvqXTctGJo49(0Cwd+#VbU(C>vtaFLub`$L%tz+NU`
zmtK|GXv|^2Z+>cl{dEQVL{FKV&3WRjl9M9&4lFK8+{6W^dbakc<VJymY{|)rWGp2`
z9MtHbMSp86J`0|UI{P$j(2UVrE|U}cV|=3sMJ2aW`l>k9INi<P!0AQ&%{v{`Dkm~Y
zW1Ccrk15A8zQ~O_leEQYn$D<KCeZ1B1WibmY~Uao0Y*C5e2vAd<oxrE8-$jblNY4o
zho~w_O{vUNdiD@9YMvm&WhyQ`Ovztmurv9qbkG;kXCPU~u1Vb=EdI$!qJ~pC#*cO#
z8EV%l3^;ZxB4N_ph80WVLzU-<PPDfm=X*%#wUe(xtzWjqv84Gl#l_?_TmJ}u>y>I?
z^fuvbTN9gA7-JxJCuD*)nX`N7fNpJ27);V1YksouZJOn*p6yav^@<f?0Y&*2M+>*M
zy(h(2EssB=x-#A2k8!8V_Ziiu6=Na(dY;%C;B4xBfrDoe{o(eTw7k7xP&i09L-9DJ
z*G9NaP+6#7FE%u3FGtJuG%oeEEb+PcybH1oVm}S32vlq_LOsYX$mgaZMQpc4ROCjM
zms!pnZZ$tec|jX@{1ZxR&#XROm+6!D1rCpM*g!nvii<0wKZZ!lI&quz!i%6a*3yN_
zl;Z`88=d?)r)^zPwK0FXXOOpGnfHYrR1yD#KN<hiR8a00=_mc`x#}nZqekZTMG8I1
z4eI>pi{yFYe^3x$*>egH@O`6MxB^gucZ|auhg-#qv0vyV5cox_(XxgrZHLs~{!GBJ
z*$Aoi@!sGdp5u>&yB2!{9)A&-$%x{G)Rh_ObaA0MxRD+vBi$s>e5Okx*ZWLv{9Rsj
z0)?xkC(v?JEt3Xgr$h8~BE?NrvtBJjnb-AW2oPtP#_Tat$KJiy>veXpw59VJZ9pfp
zKe=n7^?B7$p(`mhUaGH-tZOs#A^nB=RK!!h_6GW-P?n=N$xLB(n(|i|g?^K~Qc@jt
zUliG1N+gc-MsF*|&zL-Tk+f}e`wEbBagGp7B1SEx8N>+;!nQQKG6t;aYxr;(51ufx
zJyKkf^Gl(BZlQnWLjNkAC#9A<jZBj|Ux+zIX<U7bU0W=!2Q4uZ91mKsTmWL{#Lr|z
zmgB4+s*^1F;6A%~DI(p2MsWnVQNcKekD56yx2<r&da~p%l3&^+>WQqt`}G5M4I2p|
zmMpniK0}Hp1Yk&$<j)i?0?h(E1@;MecGkW&)2$%F4W!Hp1|vd95fIw~Pq!g<s<t79
zGy*o0>VTQsg4sB*vJ=eopwQ@bDM!qsIby~S&<U|>SVmzr3pGFC6L1wMRF*|;sQgyv
zH5)2-@Nod~9tn`r;itz|X9WWyU+Gk+qiuEMG#qF1s#`{Ot*?%Z>4rZn9I2rwG6sj*
zs@|mC*~i<qwWzw~&J%q2`qoFP%Ao1f9AbvUDfawpg&;c;&d>yN>C?8CtjG<=XqueX
zM&2?D^+m)AB#AongB7q8<`!eQt>!9uN%_f+H&^p2+$@qO#NXa8X3={~KK@$W!A|Su
zTX@Z|I}5h-edcGr9qaLc0HnilRK<y>A6HziY9P!Va!|Wj@aT3lY8r-uv%T*8V*>hF
zVkz^C`IH#umJ7@{C_>B#RO~UrKUa`*HsrtYHQkHFJTCvtmtQ5Bctq{j^~55nn$7TE
zmy<Gcx7;`q#L?_w$s3*hFaF9R^F?P%3B_oC?0L^X82qzRf*>?r5OkN1^-|<#$;!I%
zQY4?dh-pWvktl5yUpM|b(Ze@$sU*nu0Amfdbr5;=Zq^n0^JV1C77cBkgXqr$q-W<U
zKRsb`X8|E6eg%ayI}+LNSdMra1x9$J0NNJO|6~Cg7rEi+PLSs<Ko?3Ap}7+NN1%Kp
z5bnmmQF?a-HY5O9$Ok~SL|Sm2W5?yeM(lVn8Q6q#(pOd>z1H$5u1Lwk;5cF`uA+|0
zJpTBK`6IVEjP(Sh7Um0KJaWe_IVvuf8!MqmU5s8MICv%O5|=wlKu>DKnxM7ZFaIi*
zH~vmcO8~TBznE$cLuCil@Fu$&Y($vO$Wz_BD7d!W)EQirIq}0N=73lHutiz#4t$;Y
zsho1Fh$2W8y`@}E7aOvqV#4*QRJ@y<5}wH^5?edF5m24m=ZHwW$(TJ~$Q+zNcOpV+
z$}>B=d!YxyY<?$sz@~EOQe$cSr@Sr@aX3*Zq)lj*T5>QYMdFNP#dPI6<ZE2H*d?vv
z8Gu_;$iq0M&Wbl`^s}s+jDD8Yn7`spuA8G9Ma0CL^{^HHi8)66C3xiu1SKkj3U{te
zZs1JMqtfpuXww(_wMW#|vLxX>meEZhHiXE8%kq3XKByVc9*8||DMsW(OxGXMqF6S6
zf@L!{X|hN%XYjoRPo_wxn<Ty0gP!~N4RsU-&mz`=Vo&-4Fb?UV3__ZV!kUej;k~&5
zRwUR!#g~mgm0{%v`fZo)DVZ-fANWLs4{%$)m2qj7A|TXVVui}&JE*8`*4jC=mMLhy
zOSM!e1vZ+SuV7!+)eQaF7W93PiMjOC`~iOwgUy>J2^NB(iPLQ~9WNg+DubrV@iZ2F
zN(KgytT<tE=%r6Z=59OK_@Lxra$a`4)@2^8KMFrz<Q&K8bN!t7b00g+u^j%{kcCp1
ztK#$5{>YpDei+8S>Ff7p@HF&O#BA*XrmjSc(2*8eBW)~x2{4ef(d@!Fjl)zVAY2aH
z`aJ9rCp)wSa)EcbZ|3e+3N-Y`T9x?qp;ug$?Mn#BBk{%c3hmV(ozW~7q4DeaGhjvh
zYJRY?o5X_OL#c{IQ<wN+buKn>lYGh7h|D?lAO2Wje<+Ty1lCx*3pR&=itV@mN|qc!
zopH1`ZtZ&Fx}MzYdTUSr$NF1x5x;Z3@EW)FeoOvNe5;7BpVk}inf!ji@3wm52Er)Z
z&~E*EZ+*Qn<>O7C^T$KV$K={vZ>*IP@9^b4`SRWdzPv}uyY)um19EJvH{SiI-uUpt
zdSe2=Zy`=dNYRSbjm`dwl}7Up5G66g8y)zXH#+^byvo6Qypawrky~nDWZjbI!<yZP
z8{1nLV*!}pC788k?YF$qVoC<3B-ia4!@e?xe_q)#gmOWj%Nrg0TE2WO%=$Xr*F`=P
zoS>}>ooIYcr5|5J3|sO%7{x#~ozXWl<dFL+lz$L7j!TH<>zu)^;TEw%G%4GC#_;VJ
zQg`+04gxFScHct#4kUta6QZ@!_%TOXmXC6*ID+J=%4QardYEC>(qxebh+vUWHI>s4
zm*kySMSE5!OVzygVhM8$r-U3rfZ4(-@{y^D0LP6-Gm60$@#mzgLH6d>Yjd)(yZN6#
z=yGI%m7Bit$_I449QydC_Fnb_{@>U5R_tSZtp`26nHPPF@fAD9H|f%Sk8gp(_nYQ#
z;92@#ZhHPk#0oi5k*U~g0x|2zJNOBlTlXync-9k{3A|^V4Di34zqEQX8$Z!c7W+HR
zA8FWxD*HMJ{A?TjErvJt_nG1S;gWANf6E0sdoOeCYyLVTsLbENBj~zO-(r9bzsn48
z+1P!~-@_^V91VTRE5NG-`m!yXz92J1K4)`qekJ#!jf@qaEkT+Q%VDS@WymxMgE{~i
zIriI(;xCV9M&Z&?WQgTn_{iA`9r>p9_7ji)$NZn6C;l7XS|=rKT6uyD?#5P4N{{gy
zNafkJ-(sd#JeC<_pD~Jx=@XbNesFN(tFrcVS>qGAuG9E5>0rk<F7PeJ7yoT$d_ynp
zG(O9|RqYHFha6Uh-m5S<6ZP6&R)*LEesP(>KC<gSb`>kj0)aW@P{o_+FZwD;<knuO
znZV9qw{YuIt{}$IY9)%ancrSHFt3q|&(g+)H~f*7L@gvO+4<5RFStHq`DT60pkRt$
zqbB0Amvj6v%p+xE;26c>bX5DLqv-8vp#zvo7SQcM*O-Knh;=Rhia|s^vhVI;&%NDj
zHon4YV$kQCG{c#afdLk!vY6NNoiP^Z81wBh3JXTAU^^Dg^XMRtatw0TAM8OU2(pnL
z-L(_5MyJJ{<2%6o93dm?zMuKoHD2eZBzt~DyJG(F@I#%SWlz{$-`D&+a$VL4Fa>t@
zKeM0QuRWq{YEX7x?s6!*fuu7$nCh;x<0Cy!sZ@NV?ubsZhkpR=MEo)PgB>SH&2ck5
z>KrfWRfB3$_K7dOg|K?ycuBu@=6}G-ul9*&#(lIdN5|Z>>WG*0(R388cD$r(C@lTl
zWF2y44>H+z0a?|~EpY<pZj$juk)Dq*PtmQ1oyM`ds+oq(XRu8S*33_RP6rZe=Qvmm
z->|20#t(ZKLjko{GyiqD5CU_h{!nwe=yP__l)VGxGx5W&PL)Shh!SG08CxTpBkWtY
z>;CL+tJd4~$H5=UqTNHSyF(qRm~bdEzQ8Tu9xhbne4~Z!OmaQp)ew`>-bD$I9~*Sp
zC7_k+gF|w8&(*j_$Tr$KptEzv1`U>6jx``LRaGM(3`1gM93!apKzngcT=fc}W%-?}
z*frK}$R>09u41xO@jY1WzIySZRH0`XmOb{qtME$|C+w$+nNmd|eLi3>PL?WE$FPrq
zjF2iE^m^aD$dxL@ezG$huDtYM;PCO6#W{(q0K#5yJXOjI5E6a%^|_aPmLrS<4)AwW
zFFFAD3EE8acu18fC<t3Fhv=9vT=IXe@QTKZBoqh7@vOFfkl|x;f+u;~FNCWcN02f%
zgrW=#y5VYC6yb;#F=;2#M*7o$$1<N#OmvC-GyI<MP%8^kP|ZQWZ2q6&FYeC#rSCYZ
z5<Jy$W%HLLN6_$>r({ss{H1S!@|P_aE0zA6j#~H&hc-$fy7K)H`O8Var6a;bv-pe4
z0fZEL%231lIeW)9`|dPnd^2mm2v_|=O-PJzD=p|jncSlk;M%i&EeH?ea!z)}L4kSc
zV?pKe&t<C72B(;+@ZFyI3YX%U3YYo+vG}grA_UNzE!~~G%Ltdz36U?1W&#<qPqw8C
zqq#!>nPIbCAGLuK*I>{4pd{B{M2>G<fPJ+`Y5ctVu+I3|U+^>7Km1<&0qsE+O)E{c
zVIx{{9f-FgG3j8i`4?BvzYI1%?7-&h=4L*D&0N!&7B9M7nfb&;q8SuV`4g#s3DFIr
z;~>7Hm}hldd#m^>+n&Jb&jH2X7Kk2Q8ykTJpQ9f9T8h!C;b78di#?gRdk!kClgS%;
z?ia=U^exx7GYWZQ?ted8oL_ow{II7*s=RufMyuX2V{Xdzj-$DYZ|de9>%GK02{95l
zO-Sn?7wi4nk!?-HfFUgQpkGKOavDeRc;2R+BCu@}C@I$<ZQI73NgID{{*${<7ML+?
zxy64@+qr-Kb2mLr4D7^|rjn>6Ha&rzGF%}UaGi%uq_|cmjx|hjr0K<#T<owfj@3uu
znZ~oDgk1c$bnqIH6Em3Oq=Wq)&U~`yAP(6nBIxAb0<UQIXuj+|zoYlfy`h6_g(Iu}
zIL(o783o*s;`jbi%a?EF)r+?YqNGROTL^-4<VIMSm#i|Q`A0k*%-XpMVb}qIs~l_R
zl;31N0fAveBH%(K?B5v{OsMNX=}v@Gm)M|R)hbc?Ehzy}(CJu22wHAos<MtwoMaBS
z;<V7q=!FCSP-HZ(<M9t}qxm~bN7Ptw3a`GIJB#==W<5ZfccCV|H1e|9gWp>6{edu#
z5sgNU!(LJjfp&29;pW3`TqNbZkypI^7S-JN?w!TFv~h5L^Wuq;V$5ITk9l_uH|F;q
zUw>ib%ECMzi|cqCTiDHyEA-5r$#q|LMeln1li0OgcUymB{wt`KZ(JcYwZ(hgymMl|
zuc!qt%cVghhr*ZEN5<x{k!vOL2&!!fits5TXj)X>GB&TfFS$IvomU*zVqx_MuNkmn
zp`7$Y7G*e2+vdE;vdX4SMrBj7hxge_`HVJrwKwOhnwGkxKe^nWYzuW1MOHPunHaUt
zs#Ks)Z_qo{CnpE{tM8>IJ_h=|?wgsM$x{RVWhL!*7&&Uyj>oLV$u<vr8$vSkWtlXN
z)nu608TYJ5=8pG3zK3=#Y!F}+UQ{0mSilIx@(5Ganr}^>zh4{m{sj-WRF&MWJ@4O+
zN@FFP{!yIsqV&f6&4^C>aaNfzPe|k!Z$g`*#Z=aF(nK*9$ZNB9wGip3AAw|Pay|B!
z>HHsM@{d12{tQ3&MTxK}CS4Ud!6BVju`z;W@r_jK_D>N83B8|90bcbV%sM}gvW|5=
zFt5`(KNLytE|GlqP2q<BBJ-&;g%f^qfc^EL07V@VL6#8ng-?mWLy7b#GWw6?&O_CI
z{G68dtN(Be4%*ylf9;&l?oESpf*1Ibt(|A&%zxXQ@_@4UjhmTGF3;VYa(^|P{&fdm
z4_Ll{@{Sq(UYBn%qfd$ex$hZm{8{Ex=NWbS4?ubC1Ax6YpRumq?M}`gx|6%&`oxzo
z1?)ic6GVuqaz}IUKMr+#ZG<Em7-xe|{~&EU^VuZZu;p?2lyRCiddV?Ap(A?bSeHQ5
zFRLoc)i8}2U2On$!+7h;F7J!7VM17Xa~u6Z7_P(rNnLcsCM<tstdM{;>+>Ym2&Mr&
z^W@;Vi4yWsEH88H7g`N_e$5M~!$w$ap;?r5auzI!oCOobw9GDBW<^OMv9?gY?6S7z
z;wa|7F7KWIx8kf5mOI`N2gB$mW>fvdfT|y>eOZpkQT59z8C>AJiJqcHOh@3^a!z{r
zCUh1TNCi_4rGlf=6&ynaI(!KcQ##TP+9S3SZn2fXU_wo}#&%`Ufv&*1x~sS>DcIsN
zT<yFZX-^XU_#{$*tsHi2z*1w8wK$Mp%jEc$1Ae)nm3);}zO>}=_YW9H-T$Vpdg`+5
zKSf>`kBfu+t|N?=j!|uAyNF&#W*s}p48N?6Y)aX;5~XOXDPcnVv0Jc7+hG>HOb<Vl
zBSNB6YdA%`s2XkpHD|sosGpXcvu+(fcZjeYIepht_vgr%aGNjtvQmF1sXffUI#cUR
z+0rDAkfZ#R)l;2$9D~rQGoO~PW6e9XjM<PXnvk}nyVnxX3kRak_O!1Dd)3D3bwEi5
zR2$it*enO0Sm;PF<kMQ2J%DxATGcT1wrVfYpOk+D?tgh%-V5<&B9Gaw5qIz?&42!(
zR`A|%<+!Q+Pqu#Yo9&B#jb&WQ{CCbGfxqe|_i0~j3YF-j$aL5jUqtZ(+ZS&Yh&k<x
zkH<e$?2Avf#=>c|DDm=BL&BcR;s+Qyw2K#3CS*W|7pjT+QAoH(u43C^g$%&!CEPk~
z67+)Ozd_5%ht#=yLz<QcJb5Y!m_O*)iHl4X;Q^+7&(8gbmHYMV+(H}7DspE|0UECX
z5SDH{HfW+%>W8UP_J-{p(@3}Q!-pjjRBX`sR@PDJtd@f09rNQI&gz4YiV~plSF&2I
z;{~VYJ^x3HUD#`uW@MAFcbmneI#)l(q5HA+Klsmi$BwbZc(y@-=qcW4o+swp5!%_+
z2raTm?X+~PW7#y^;Dhx6B7%%{y>2~_<k>AWM${E*09DB^L`n7-d@Gl4gY_G0a)PD%
zTJ)nY2{Xa0q?%gI5XgL`6w@$?G}?97aB0e-?7V)t?traL+q*Se(>9jY#QIF5ins-i
zh?vr|lvXx2=+_qjuwL}rmIAWmp*eg6Z<?ijYxhPFHw$kn+I4H*VCA^ZnZs?J7#&Rx
z8&}v62hV-V6@IU=zfR_WHFA)G5M1?uXbuJq7|D-Oz1?_lkpv2|H68Rw@EMv0F)Xu*
zp*vYpf4!_gxl!4oj}ww5V@P6?Yf1P*A?2cnP>0(H4}t&>ZDM>=ua&DL^FupNm~j;Q
z-F~5+M>UQb+Jw`i5iTNA!W-J@4wi*>mN%X=G>09I5#9+|PMpe>y~zI8&N6b^^Ln9^
z`bbiXt<;fLD)HS`k}3_(dYOlqZzh!)vls9T61ZtTM?29VcPhHA%X`$nJr#lU*tU4L
zrWLI%SaEqSC~P9viI&57qJF3ZAZ_Sp2OlMajH6rA`U{#?G?D*AJO4>uwTw@kZ3nBg
zGZtntW|uq3F83YF>;+Ni_fR%yYO>^$YivR2VX#*YC`4_mN+g_Ie$GcR^_(CCXOjGx
z;za0KXWD=WpUlHILf%EDeL#LQgg*uOO-(7ti#uNm@~f>>Apat%3i*HVppZY&nDs}V
zfxI3VWFVh^K*;CY5GmLn<nyy3SYYSxu@~euV+QgC+2wlJ<qk_j{`4Dc$lrXmLOyto
z4Rr_!sym>55+7^>TP{2hsF%mjW{kEWTf12?P`F0=^;CUzGIjhfR$>b&q{zHdo?ySv
z{9CwZ{Tu`$HmE}6KCFNol!C4(2+rN8;`9SP*G>*{VqM>rZ{ppPsOBvpZ(OFGlQ^5V
zJC?8+am!m7Z*lo{vAiA2+ZpHbc9Xmn@)nUdRfs4bOK*I~OB+M0ZWDq~^4NRqrOPN{
zUZjFeMs!m8T~`@y4;DnW_04JG2J@5ao7?f@AkBENjp(lP+Ir?7fiLTBsS$6_tLF}>
z@i3mD579QYUnR9m*Uc}^6R6GM%9(D){K_(}K&y^<cY8w}xk|&l#;{d*2R4*(fsOnQ
zK=~owf}t3Nxs_O-Kho#-;w}~o360<JMq0h0b$L8beVsqSF`{1^NEFD%s?gnqIgM3`
zV<hDmNh#Bml~TWaqM;RuVfwf*l~yci1ij_+@9eZ-oj20v4Xw|Y4$NwhBTCxwNv$VH
ztphdpV6O&JlYUC!@$o(MR3DEgt!BV``s|Hw(gCcHH+C7kRL6>&`N{EyHWX<Kee4!W
z{E>f3Be^tUWq(q$_qMZt<c=(!`O#w1&{Ppnb^eN)f;LfF)fBwK&*GYbRo;TPsdDP^
z(&59Mbp;Rmqr@0(%p1^}$g5wFL)@$R%c-Scxn8n@K;MD+FZ%+IxvaaaYhi33%Z6Z^
zcr12c8H?I-H0tb2OJ%~ZSZqapvWIUpU&0_FZ8O(P_o#c7bkAF`nx92A1<Sn!%L9>j
z=#bHTGa2JI@+a+&e2FE1K?6~k%56e>T){rvm()0MS$C0L>X!|d4WT#|H&$9Z&Sg~`
zU$cy&xlwpdA=g$2qc_BOTx`cJ)A8YX821*7|Ap;mE^*7P%Q}d|boEuqzIVvF$G4r}
zNd)M-jlE-jz4y7??u;r?mhNAbF~7Q~tZxnoj}z6~-hu>L{PNn0)ke4*F!i=Cmb<lE
z)AvPJVZ>2X=5bX=-VJToMc6>*rG0Ui#_rTwi2O}`V~ff{8@e!c1&d~Gc!`(`WT<RB
zs;ZrWm5ql}nInF8{enugXVlVn206oPruEl+O^qiHSfjHVEJIIuWl@=T=0`Hg8hzKH
z|EzzuDaV@qw?WIul9`_*38&6bK4+rds4n=tVDley08Qgjd?qPT@a7+7u-t^mG$oGD
zR8FR>?;GIk16t!7`JwH_^ezx-ol^@A_crF&m9;PG7CaK=2=@4GtJ)Xk1wX0h>;g0K
zR`!;+`6FxmJKp7DpIUsMPp95nI#`RC{`T-14-tKMeXcwQOW6Oc3Vk9cC*}1R)2~kC
zl8xT4swsGvQf<`*tFrZ*;!Ax3i03QwwznNYC<u))xQIz;D++F?f3`@vfR2{fg*!eJ
zeIQ<_{i)DT`>kX;iS}EGe%w`_*`?5Vr~ydCKCFhZy)HdyMfF?IM*F&iMzSzaW?A=Q
zdGeQamosHqLa0SJqm(7Yl_=Ru2mxBrP)KL@2bFZ5`xd10G>V!F&KA;XZ^xp9n3wI?
zb*ptd7C2YFWr()u<Jgmb%`m2kR9p%Ur2M&AR0I>0D}qmcLXcmMfVnCtzmeVOCiAz%
zl(5pGd7k=Zc~f$d_RXk_XOlTbi=fD73~VjOQdYw6KS=ch+MA}=C37l`Uo4Hc@UHC&
zN3i|KGwuGBJ#OcAkA36oOuN2?6w65_i*kIC!fnp>-=L^{iQlp+6*eqm<SGCvJB3J<
zTa-oI{1bY)92*+6(V6T51agpTBx3m(yqp@!tb7{a&=(!TxPXMY`zgt|*6g}UpbI`&
z`&%|J5xpNsoRrxX=0?kA?#@{UN9>F9JVHXdKeVSy!_@dlTCxeur##|T9RHl(7n1*$
zrI=h9iO<}wx4yUOt?xUN-M1!<*?m|`)DhtF*+$d@SWvZ_xoZS0x#Ci@EN`1YB{F$i
zo<c-!%H0Du`jAAg${`7NYCm2b@oaNs#HQW|6WIkDof)`b?=V7Px-%>~wqw^q>Ho~H
zq-ViXlZzs&vwJ4@(HpaVLT<i%m4kbe5pL$qFO}44CB+>&F1}Jz@MJ-U20kQTiTr!!
z4jtt(8D-?nnMrG$gQR?NSw-9%`P3L5=b&M|PcPh+;C=%3!&j#V9se$A{@C4CueUIS
zVbSVsyM_vGG}LS7hic!CPqs!D&HP;3Tcqu^F)D?t1WMqTh7vExAMZ=@*J^mDG~B43
zOTSnpjjDfGb!3PWdiYy$8I&<=KK1x)HWM5Q*TA=62QCM@NhcaY*%<7OPNM&K!33y`
z>+?X$+zc*{h!hh25b^TPB74Vl6$`y&Ia@jNiUG2Kd0WGqm;#MRCHzP}53%2dZrA-=
z$z-;}iQ}OX>#g_G<^6EpS6lA`dAF#>tnb<tdk3k=Yi`%7GNeM~JK?txT+u9dFI>8~
zgxvzmj|p0l0!z!lDO@fv#bu)(LlvGGzu+;a?~`4hZ1^u>%U`FatTP}JNh5p#Gmrm{
zcfqwl%)9Uo`TML_{yuj(e|@;7M~F9i?40VBAz4iYK)0~SdwvPMtNx$STms9VK7~IM
zr?|XLyT4Z*i6cHP_craiqdKwyJ?v`k#lF0$ZC%r%b;R#A=54MV49abF&irYDZhw12
zB6>;(?9Nyn(@t76LDygBKH;H<8|_M(9!9&b@cb{@zMO{N7`)oJ#}DE*wYi%Xx%bn!
z(R`GR@BI(11IkqCFeJ-i)faDl6v)L&e)xeP&JMHJnc1wsF&|m<s~X%i=9S51bAie|
zD?1aOU#^jP*MTpE2{`9niCo|KZ)C=-Xg#}l6e8D!8M3LMG3zb?s704bs#`o+^C?a~
z6Vk-!6LNBEKww&O4_8Ix=`=%L-nWvAr-dOYB1*G(_PpYNrjvR!{#vH;<JIY2C!%Sx
z@wipd<S9w+;7bO}D)%hOtox_6h_3s}meZ#!t)AktI3D!XUihjFPc8iKS_}VntjI4&
zmYg-3MNiatS@bthlfCHchb_ySmcv2pUaS4x_gT*0Kf_*>AM+-w{mN9rWAb^F{WdiB
zK9vEEXKHnIe-YL9lX<sR_v8KTimn@At?nZ=!C`MD;T~ec%R~zWHA=@mJ^u_gg(69-
z7Ao7`>VfCg-fF^Yq6Evb=l#b=s)IVo%5aTj$g<~si0_AJZ}s=-bOgqityTQdU{b*Y
z?Vhdj%#f^3=Tko?pXHAhh@$SgMbC&-HW0T%+r5z|OLs_Sh9yT9X>H*G5zXYEK&i5x
zbRRV?llXQ7tDoq}pCj7h@f>0@p_tD#Zo^wKc(^|{+%>Fe`WeX{0i(LZA4+y<kW+_v
z6CIbR|4q~=V^I0WI?LBK-K1etS(z(uRzF2VBNcF3#iS#$uYdk^OA%SFMh@J3<)4`p
zdxfbDUd!y^#gvT$w7;GsPW;;~`yT8YHahJaR(Sih)!ew+vTxXoeZwN`8)U1v!XK;L
zb)niNVAPNo;IVKt_6>o&QT|BlH`_OCpV;qnwQm@-ag5qGj1&8YQ4afthC<7>VKlZ4
z=#FDOU(k%!*}rDA&;IM2Xa7&n5nSg0Lk$Wz{a-MDC-)?ASsyT!yAtLIyh7HsL^*72
zqtAPqNJ^H>uS2H;MC$~$w(zM3Yo#Lg*2(>0_stXWnNuPgLneBBQli{ZVz3xWcRG5*
zixhpVoZWG6hJD0UXTBteA^y!6R`xrn61c%30E1?}NL8h!FD9x2t#O=Y6kRDd{asNm
zA*b!@x6!i-k~>bKnC{}R0I27Rm10QK^|ufJUksPp7sYtPOq{NSL5`;^u$b>Wi-T$E
zz$xFf(0#3W(h?DIGxlkgfXn5EZjO_%NjqcD&kA!AM|QIR#wwcd!Q6j|mG%%%PH?NA
zqoxkL*%P0@5=wJ|1*+FP1M0|oc@BHN=$%;h*b(HCeUIcz`gO6>zjWrOlVtrwtV=R<
ziKG{i(y(r*C(y5l)n&)WO$%<#AJ$_5d6yt4vi|fa0ANU3rJd&Em;ZBojx`_l)R9zA
ziShD@nHg6}ta1W<tVwA?Ch*{vdSn_F%BIF=)GU{T<?@WX^j!Jf@vc0!@;Kl<IiGf0
z!7aMYkrT;DG8M8BGY<#N<g|fZhL-(<{DR5yj(q)7bZK(6hPWh2wpH>uCjOoGS!raQ
zYi0FF7CQbmuRIF23kg{#kG-r#;N}@>GhV5Uyl8T{K9E&PD%peDjQXcVZG0AONtslw
zCCiHtogDwd6txM&N;*bkQI*<nU{B@O=nJ+zRpj-4%c^f&W>FgxYSTKg-!fx9+RzKd
zmMU);5htn#PG+w><c|8t^ntfvh~pqNPwm^3Dnn}Sq;W`=lA2qbq~=14)Z8khW>kh_
zc%PR!!$RQJfAq|WcL1tR`T@&C>GoJ+p~_3Ft5R*kB2wCfO{Auzi4?Idlr|xJ<-w>S
zQ6>Lpk*Jccz#ppt0j^-`HfcQijK`GU$TJ?9D__(?ngHZ;Ru2jYs=L#Z2>oXUiGUE<
zifA!pl6cjlgBHAKrIt}KPk93W;uFHWNM-ts3YO-TyX_5gImh|I64~3Aap?o6-X|~m
zI+^&F#UBJ8LCSJp<j<Zat%1UV2vdYGsl32df{$z0C1skgAGb$rvmE`WShsPQzau)8
zFPf@=@G3r+1Yc1F`uYozNL)CF(}-9dKs%)caJPfzltK`<?68rdZks3}H|!A*PU3AE
zlC$ec4QR84%n|`3^0|4Awx&ng1Y`5L*dSX?-KI@_Au+@;nan!6dU6C&S)UjAg2_K_
zDh!f#5DB(vE9;yMY%t%dmk=SM50Sf2WYjc`7x@s*dgbQAWJ#g6^pUn?RU*@<>z7a?
zgod<wYu-mqb|o+wtIpVv(|q87EONR1R0_e0h;LMbYl{qKIw9;TcHogLwaDiGwpQ7a
zY6W~7wzPU^4!37Z*ErSH!BUS>hYIUb9%FVhLnVyb4C(xY5p0#&c(oegnGzo<3%`g|
zK!5_7;pKD$(+QcVNx^z8I4U+|8)xc83j`epv?q>ItkM}GqK2G>NPyu}9jNusm!zvQ
z!ICTSdS`y2X77zh#&f9=eae7#?UpzQizaCT&cfRR(E)^c;3|hrd9|(`MEE;4vwp?k
zArSdQ^%$)bg56>xJs}yW_@trAx8qHpYf0inhkjGL;#>+60M^;x<FvohRb3C_&0{#q
zOZ|Q^<nGt@0?k3~tKtd_pK+n7p(<`dHuSqbO?WJNp|Fwh)9BTy^{3%~y|T&EHOLfi
zHGlgeYjBldgj-IaVfRo7RtG92LRf1cOFmf(rWc4pa1U7@pzJzD*$yYler0}VqM$6_
zGuQ^co+i6F!L2K+WD$OC;cLZ5Y24aq9!ozIx3u8W>OP=W3afMp8R3BThU3Zl;lz17
zpEm(3>*7Ao0)dGg=z=?2B+!L$?KDSM#m3epuoE!;=VUhTa3g-4kJxh6ohr5*!AHcF
zM42VFOtHk4fgW-prVTBaA-PIkCYQC-dG<sRXcEMULZpGxm<4|)YyZUHL}>!^+r^3R
z=$Ge}<|a-}oQZmbtiVrEvdrxF8@db!7FwL>VJZBm$ZfVhO+~qOz4_+TyvkOx;CV~;
z*F=7e|EubZRP?+Vpx<>O9<99}@d(4!{mMg@VT<VV($GovEryPyUl(WXXF{KrHO=sf
zrk$nimupt8DI%N^1oDQm+KT@ev(^A;e{{GS7P$QtFB|u?N=oeZ!L`xh<-S-IM2l&X
zYp05QFErWzB}!P5X?tI-$comvjyOpyzq8nYkL`x5Ku1x-De^g7PpzqVh=YqOj4<jy
zt|(gOtLSLl8W%w-5WBIvKlDk5zu!u(Yp7U4BnMN1+kBT|+5A<@KWmlu6Cn{U!M4g5
zo3@R&+YV1Oq~D2n#<ec~g)aNQTH|kR0Z2q?t!sOx|D&U0`*qX~SX3K%!@uJV|MST`
z)_=9G4gM1owasrdo;W&M+%KIYlg_PEONyk?=K~d{-Wn&%CqH<nbT|#4VS|hN1$#)y
z;tI3z^TgGxT)&Hp2bb1Hm<jwh`n94D<cx#R-7g7(1X$s2h(m{Q&s>uIp$@EC<j^v}
zWloVVlO?mxmkm0X2{9`Y`sEJE742RdIVW*eZR7^Gcj<61YOEQR%x!m~q~<sFCJ<@k
z(Q+r>+v2<)5>JR!1m?y5eoMJ>O;}LKbWMG~X-IC5#<!r768eN~NWrkCA!qgU8P#%n
zh^YDwJJfB7f3Tu1K9LJkR2YgZGe7Agiwb&-`VU3j7mD3?b1~lC?#8LU<m(#BOf<b>
zlqNLM7b~0rd*OsIxLi&RmZK#UrPH5Zl+oM<&Fn@NqB*VS&@Ful4k4TJ#mX=rE5kfO
z0&<{7bgPJD$52+3Sy#vJy<ck>>_6|e^2VO1ZpzF{txDO5-OXM&k6PDts<pe++FfeJ
zZeD5}oT~0Ts$;Zc+fb(@kCRbmCf6D-CnRNJ()u3}tvRvn=<36QUJe{%T~{yFgZMd?
zM`b71lkz7I#tgUzlq+%fzFhb`C!pJK7)0;eb!GF*lm|M?Sj|eq(yk%fj;FkA-)sY-
zeV2cQ@|HNlp4V+2_ZFHPa4+Km*h`&1!XHx+ZdQJlvv^U(D|y(LFIreyMM_Pznq{^$
znU4_j_QmNo10J_J@R+k!r;U=pd?PHU6_%@+1V_^@iD{D2{8xQVyIlS9CfXCZEpFY)
zoaF)5RXW2iiJqqXgHi@omfP#*K4cI#$#e!w1`FZpcm^6OTpdrgTpdqvc(F|HODV=L
zV-!up$GS$-?vBHxOZI0Nj?+PGeRfHwgIE*wIpeRY_m@!{yU0}=`$3o5*tNO-n4g1m
z0yL@<*co*SMbS;f`drR9@C)lh67uUX-Z0)O)t{a%4}*s?BVPM*&t=|AF1e}u81ESG
z*qeH=qaWiPcN6NCt~+`gId!~Ud{YnJ)>?1oG4HE0g)nCaU9tU@qeiHWg>jJ!Gl`wD
zFct|_!6TI@;Jx|VrSTMQyvJS^=E|i5eXB1(LXa(@m5P)qsr^aC-K?7Aq~S0Lbn-hn
zA24HRPWN{|%T<eYE#B*Mt;S$QsYRL!s`?o#bM<NEUb}{(IA;+^O%n5bhxt=PulSEs
z3DG;@i3Dnr{&e<VFQfx$|Mle0IO6_5E3wPWN##ElK~e07-(Tg(|GMU<FGV?xr^GL#
zQ9-j_nvlBQ<2yqBqYdy5?o$A*_{|<mvTqJq()Y7GIgPIWg072Q64Hp6eOULiT-#fy
z8Odp1^U<`A0J8u4Sw8zY8T5V@j}|uj>{Z8Mb{+flSO06Oyc`6{2tN3UFt()m$=~(#
z`86f5<}&?J_-5M!N4v-Bc89)7xvjqv+S%Q>XF4N-LO+b{P&znoHb@q$=mgubrWg1B
zqWI$ilIYbC#kJ;qOxX_d{-o1icg)ub;Ket@C)o9xBmdTiH2(qbPpTS{iBE6>{i1)_
zgGu&vlO=tB(m!vb&aC^BBD5m2sPM~<H_%@uN9S+iu`>DQRr=$^fsyIbO+W}ewKLwp
zXAD@&r{WFtVNuBZ^?h3B?{KTu?)szci$2h{A^5@<x*(@<iiifwx`W%;w`LeS{tRx>
zi5AJ-dBlR`V$Iu&lzr!$Kc7dd(c4OyKuFm)2?fauOZ`a+Z&HplfGsI|fKz@6YQ%bW
zEYzJs#S5aG+VEl#!!rv@?L{Cq38UHE3Ra$T%U2TSq4JpYH|*W@Thcu5DIKXtzd7lT
zm?T5f37pSqPjr@ShGQ*qRR))2D0M|B@Dq$b*0cB}!BmZZoZLWAeK|dmvjPl}h@KvQ
z6~k8F0%1zRwMa4MjXu$scd4i8t1c3Cs51YpChjGEXptMsta%rf*Dt)(6^Qk0f3auI
zXl|pabuITM*M-+SD*^2J#5TF+6^q9iHH+fcQ+ohajVOpj;U~M8eCdF(we<^QMp%_9
zwZv`-ozK?c;^W{7FUWV%Lq6`A%M<5wi6c__A}iZzWb-eR%V3x&U1eN4DmPZ+KNw*?
z(6b_U5q@9ft~?i!e_h0W8|z}qRi9&BUYm-nh@xT&wb4{gtmZ!=0M9-HF@@-MWajUE
zo+du=U=^#EUeDE(8J5nJ6f3Z#t>4TQlZs8|DmI?6nyunPG^?7f#(yV;viBF(e!0wQ
z!YE61%!!?W^DNC%qdT<=M5$wb@qgeB8Z3dQXk~JMFTOHdyt^)su3`dX+zNX0m%51m
zHv@ke`N3mGe$;1%Gd`=JKp@rAUqa+VOW>h3uF!5cXcb1)9bJMaD+`sQ0y{{*?q#=h
zFsw<GNX?I^$(raA+Te>wmTl~`WXXr;z-7I>*NXK#9pcQn+T$70Ma?jY^<3WG#toG#
zyEBCZd#-F>iuLp^d4q|xZF2hx{w?xtTf&XoXcr^A90>_0Qi{CDla~F%5rSt4fAm(a
zYG9KKkyzzwhk9^9&zn+>TqlfTA@{73oTs|R2OlkAzUd6|9-SHM@%SREfE`UO2k*gl
zpYiNExABuU_v)sd^yX=L<3#}L%gAn`QGzTN4e1ih_wenH(o-9^nTBlK7Fm`<oM&{V
z%*nIJiVkIxXjUdP;)2Onb0d>!r6TE$SL3AuTNg9Q%JJYn%l&n)a)+gip6qg0YB?%Z
zZI#$PO;Wq3aEa*0GImb{eE=R8_#v4DPXIW6i)QM6T@-OWOX;{Qui-4O(JZfGme+>7
zXkIUlfqJo>srK}iC*0CRT;>UHH7=xD25iJFt(OsAO|=ng>BzOH7J`c7n(#(w!F`@*
z^nqp9TS-H!mMk<vYbc5ScrNdv#F6}HFaONX7sjpDaRd+dd0I))#W=@$2z#1%K%ao#
zH{c24^flcYp_kEg9^v;7X@s=L5NRxXjAv5Ge=)|xjpidL$rxp9#=QGf%j#_z?IF^u
z8%XVs5_KX#Y1-svKdbsvz>iSJee*o9K598-CcHgYj(lu{=Yq!?*1nFmaZ|vu|JA{$
zwK%R3a_z5p)d+EL4{q<{CYE<uNJ0#{2-u>hd*a_GC)^`C+8rHE%ywN$P-67BD~#|7
z$osX?qXIX-Gq`eIm&$**guV}YWkJsz?^9j8Pj~rym#4cVdezSvu!S3R2Ky`CGs548
zPr-1eAB)LlvRm+z(bo-m5&fz+xhe8lWz$Ai;?2nBrVXydYu<?IZCd9_Eb(GU)3n}|
zcs>%BpMP|fOMxI>*1cuJmP<!^(-93|aJTm86c&Hb<Ed=IAT4|&j3=^9R`fMIiLZiN
z$dSaJNB=e$kdS-S055@t&FfAOxP<l0PS(8OrKpy4w10)yi+){-3}|hdJ|Zb_j{l0}
z^dkF7@!lx7g0yeB$YN9>2=82B)t;a(uQ2@-ytS8?EE4e-4XvUKgXI8)MFNSKE=NF3
zd^L(JUs2(dt@7T_T5L9k3!(_Va`nQbm~VGzXRh9MZB+e}!$et~h{-R_bBM{$<&hW<
zAI_I=6a|hu61&5UB(RN=A_<gc^G{12*b4FQEDu~Jlkv^+00CjsvS73jdS%H0UP})6
zm`Vha;&@slj;BZv4|=9ZDj=Dlzt$;inoA!C>lX%n@t=jJ@0UT_XSYJNq#BmERWB1I
zoZ4d4d-3T)Pt0ox6uAf#y4Cf%bfast=@XPq<2As_Tqg_|IRszHWc&?f(rk0ZThs`@
zY%^y(M!n@Q=Vy5Lqw#Co?Dj_%``gfEql9itU`n*q-}YI)wLoUj)A)4$KoG<e%!XDx
z2ysE6oZ?KIf(SKp4`$Rk#yzJXCU~3f9++!1_qHAf!Df2#D6SYS{{iNe#=Q14?+@o$
zpMpJY&kZAd1L&|H?~Oc<pp~5N<oTFFVigy9K8ueQEK??Jgy(e0$zfTC<z_}>9wD$d
znLojFO_ezD-;go16aMs9x)Bk#GF&%QsYdh%1mAFobe<^xLwORze@&v6En5NYZKQ^F
zQ^8$`p!=#|w1}o!L5(~~1sBVMico)&Dyn!r5co4hGP2a$)X@bxv=rLdT5VLfdPO>)
zx0qKf$*V<r;p<{!-WsEN6`y!nB&KK8%PU)McUQLzKe4)H^hqt3eh21~y%~rvV#<Jx
zo*8~_ZU^Ebrul{tzxt05V*yu@kG204;D(L}3%5mKNo^vP1kiwLA+D@()OP%mmsCnZ
zPj%nn%87@*u!O;s92nk2144P%@(Z8RZfrDHBIskM0c@WEx3o?Euon5tVx+nKF+j0m
zm?C1=Tsk1<S6zB5`M!S@@99C-Mocrphx9m40+r;bx=C^g1MTQ3GxLFv#wi2VG)?y=
z`5yF4Gk&qiIZW0BwbC&`L+gYCYa&lsd>1f<KIReVdkVl%Rur%2DMbMVce6G_*#hHv
zA?Z+Of$?{b%ORMgGAH9LOI=WiE~Kr_Z2|C#eU`tzQ+Wh|&Q|Mo`Qs>W4-}Zwm_3=a
zJIOhtxK50vmgi*R<G*Em@LeO!m9UohF^dPlFj)|#3}ER!^zl1Lo%wYWMT}Y30Vp;E
z;Vbx+wfYgODn5#r+UN~wk$(4=U$SFPaABClZr3YTRH{GY6i&;HBJ7@eRh6?PEED@A
zewmJ{GWI*ScB9)>sL`;Sy%`nTokdHle6Dyq)e|p6_8SXDPUXO%t$tyyEB-g$!fO^t
zoSubG@&}ulrq5lhDP-Ogt<AE|c)_Z8n5^|=vQoj`ocIq&(mhOgBu|d)q2(^EzD|<U
z3(Z8jwGprp<JNDr$l_uVB*<DR%z2$aR$`uGq$L|**cV1x#Blhvp1$wzUIdB<ypdWt
zz4G(x7uiOt;+nTg7*%Tb3+oa}pscHv2cyiYmY@<>mCGjc65Vmu>V~t1>!fOY@i17L
zS>B&9a%*{SWtn}e<^9ny`&r&M9h-sfaL4wPJIG{VI~OrykWN6sQb=wS0w?7<P3F!5
z@W{%&x@^H0BRFap<L1vuNY#v7fh2-eATrV)853x!^2J>=pW08(WEr$=%n!ZhGUm5i
zn_uy2itpimF*U@BA1h=@S$8_n!@V3pi|OXnE972`)g}&KZ2s31;(|K?+BjZYf>Q;v
zU$f3A@~<P<2mic0*KFf`8}Iz{Zesv7GUft$S<Ax=eAAYci<=O#6ZgSE3PrP!qVMFi
zR5%u)S7D<BI@vfGI129DdZk3Akhdlh<UhgbDYkRlLWo49&_hL)dHnGe^QTS#g?|x$
z10E7)fT%LsX$UI$ux!yHOu?U+MXn}LN{mI(f!|YQy?4O{c?gDQss67zT3u0A<7)NJ
zTqkZ{eUqrs#H$eBCa<^@wsJ&N?h~&Pkq^D?t**w&1J+bWT0`q_mul@2oQm^QprQ;X
zDVXXS@pfy?3*L;ETLoTj+`lHCfNdn^2d_8g(^hC*J|)C$k;J0lHFi$9qHK9h!D<rS
z!OQHN?!-l?8Y;@zwPadsydM{^bW@EF;cuB~r14h+;PL6|8y}^wnTi{q5ZA3W>Q7f)
zu)MG3eAimpcuYGzt86?1C%q%G<>mTkE3rRQS3PyWYn|3p@-{Vg!%weU{hay*O?+>~
zKQD>l`i@01`HjbtrJt+uNO92vs7CWokroq2ial2SvpFt15n(ThFIl{WU)ey2#GcyS
zJMril(!myCIf_nm^+D!ea_P2#^@d$YSoHzIWJ<;APHej{o7xdS8y=Hh$kuv5$8<+u
zdp%s6y&eMAdf@b2)&oq!S`ZTcMpuNS=#r2WYfZo}>_q_)vsQ)NkeFH(&pAh9%R=c@
zVG&2ac&epjkEFSAi7I*#tm1cp&ncE?@+{oUp|k3}^~=3=R-@fqmDL&#1A8_X$&y=n
zPu(0Af_8AQBPaA?=jGuOe70^O^CsjCCLr?w*ZmJaVl&slZy@rxE^GPCC+7i(It$$r
zwBR5-!%OCMeFD;B-y-($33Nr|q<N4<2{AO6>W#8aoPi~s4veI8E`8$RKJA58%OBxU
zI6BT;pQKBcY=J~&&3ZCk33+LnA?mkWA%?237K-CjrrO0tJT}RTHb1g4ek5OD{~2)u
zNaKm%lt55G01Y=y)kJS_*F<miASvH6P3CqknPGW<kRNL!s{oRz<{_<S3a9|8>^jdw
z>-h+Lg@C68I%R`r$?-OLc7e0p!RM|m_(U#kX^WQ*STmp<9~J^xR2mO0^%~E9QfgGG
zroH;D1I&kll0QD-D>>NG(c}AU3*vxhddq{JFx?dBaq_WI?8c|a5kqyGU?Bguo9}Ft
zoljVYzO>SpAKwNH>M;_NMO)6ZPD~{asnttMmTt~wmXdKUt%%Z3h<Iv8z#1;5Gp&3A
z9G-f6&BkX@SLE%`y0xL!mqH!K+<qrOy6$9vB(st%ncK$(QXV2-OKHn^42GFT**#ED
zw-H715Rk!GG{E$HU$A(G8F)nogKSPWu=Ql`xBRnupK<pqs^t_<YSF)3Wa(f2!mDoq
zH6iO#>_jXAH<|CgBsC~UVhXjIQs}j(41RqoGddoM?&&YW{FU-_Wj(r$-gF1)dps7g
zr91+kuv(VYv(A=NJ?XFTBUxYLS46S7{3;v;t5UQfakKh)+S?_-g}jQzkdMaj@x=U<
zSs^#QvpiO5vrL#FIV|@9d2!3j9LYzsKi6O2As8@CjJlg7#X^Hk<_Fx4<Xu|h%a;Hs
z)a^Jx??i}xvUwkbXz6h%&&Az-6c;hhA9s{O1$EdF0w+uU?q^X#F5_Y`K4=RMV=6^1
z2cY9g5{P9%G9#bYM@E)`K$0Ue@>FB~eF|w(`v)T53D}amNKd#?a+Z+U7km=m_r9Qn
z4qN?l><cpOrFIDMk90elsqZ1`OB6X<2$8bawqxG0VjGp-Q&<(lJw}Phd+Rti6JAxy
zpOIz!88etYN4F?f<pn&skt%;=WFRHv+ycwAg`EF`V#KfJT~;KRe9LNxLC@>&kUO0w
zzp@ZAk`oWgIc;oc>s_eUVm*KK8$D*+JXdU3EYoc3ta0ww+mi7+1m|NzAGGpbZ{>Y)
zue?FYJIcyC$;w+{<^Azqd41&NAm7sLQ}<DXz(&(|*~2N5$7LPa8NMV+I~m;R48PY5
zzL-TulvrWl;eL-{DcZ)mzW-}EH0?wM+zg(IAZ?P(x&T=hNNmvantzjdUpwQNO`@I6
zZXwon@w-xaScy7qO+P^WnO<czahcsjKWRdCh75h^be)33`GgtK4Ucr5f<9l7cL%+8
z+&Q`MGtxdHEd#-S;Q$4I&IIC?(P;Ay@`!z221eGpqU$@~u|^_{oYzwiI1*vBdjYGv
zJ(6p_+?GsS>FC<=bS*KGasBj5E@Oz5T>Voz#QrJA{11Z`H{YTCtgZ&-%W3lEUA~A(
z(euhsBm&^uTS)0@{@{GQcO*8n9j_@W+y1Lmktb4>y>ETln*I{gFY0^wBFLCy-bY<n
z&vvoQUS%I3YL97V@l@8qV3~xJS?zcK&W`D1Qp}E>T83+4)rn}X)KmRFUxl5R@9J0i
zMr|C6aSUfJ{Q<RYCZ8n36OJOcFJ_tCnmY*x5??8mJd!TTH?1}X$|f!~XQw|<_#M*J
z$JD$vovfO^3GzX>vpFvF!LF!UD!SPmsvi=S1RhL{>t6YCk=?Po<fX59l$Grm&Gfu_
z0h!;EPrc2rt)*oRU1r}r=4n2_SQHqV(w!8sLs|QP+7>L=B9?to#{R{QpJ~|_s4sLk
zV_qd^w!sM=SL2l_+E^>@(IMK=gQNuX$-W<X7KE&}Vyh8)L}m$QUPmVIfNNCkOCLFn
zedrkL5J?Oc#HhP2eiykB#N_lUSi#9v<K>uQ=xxjxi4K<HZgcoGl3O>4U*#F$zfo`e
z3DCvbD_2VmXxviTM-A#^gl-|3U|IQA<jwf;<WJSiftZ_vF-(x{*%&7c&=i^?b{w0{
z3wg&CsZ7V=M*KwT%!<0WyA%<Iqi<pEwoBh!o{}XW^FceF?r!sLIwI<xG7+0!ryGpY
zXuc4M6;9QSf5Ke#*2=7yn-;)tFH(DZAt?&*JLrrJ@Lq^fT>ox_Ht;d6d(~lNE}r+$
zA2}NsM>(<4&yTl~8_6(Pa!fH}u<s*2mCxF3*;xPrrs|a=<ueBQcdGuZQ(t>kp?VvM
zXNGdQocJn+lZsf@CmpdY6E{meThvZ$s5pQ%T$v79w%^cM&r@Yi;>MI`Hqu|R<a#=V
zHIapcd{+_I@~t_RPfz8>{|<oDan24l+Lk(9A*8;D_@Fzk-AC9W>S;70VgLeFzUm*@
zb3G*=1u?BnnE8h*E#RSbPL_Oh6d%)*AI?=yFMC;}01$4_+F!vzt}Fhj&-Hn71BV2M
z8R4JF{DpRMCj7KKEv&x&x*NZL?c{5GXXX2zoqWxx#_xac`l-IN>bm&~UNM?u<Wb7T
z_H;MJj=cSDi0#j{TKnpFV}Ab3?cN&%?JB#3wq0Leu)Ogy#SlSd+tCygX^|ymVCK@v
z7KRf_Z-9_Vce3O-#*y&&7G65(#^CkWjG3aH(Wh&#yPnSEN@v1N)Yl0!`t1*kgCiA#
z5pz-)JQ{IIG586p*&hafuf)RO2PtP^aI-Y3JR=@Dl=dfU`@%%*74$mPi1r(<*k9Wl
zSt7D}N>gnohA0|-Sd>A-U39^LhCkucQ(Y4Mv(Wahj{L7?=f6(!=ZQ~Moy2Y%FMlS8
zm5|#R{PsZ&u#OEm2N7(-Cbfhu$)9cA9O@J8w=vI3LtG|REHaTfjrn2EZ+NVaRMkp`
zM|f_j8l67xMM@U0-YJOdZh4r%1Bzpaw_KaKS6EpycDC?%5M53@*L@;<S6|xAH}pkk
zMP!1P^%W+hpEo9s6n+%7$gMB>j1o@sf}5o4Yt7*i;Y+qXrftsG_8GQ6a!4;zEXV(i
zcSTmhmcna-Tm`>KI0eW%Xz(@_T(0Fu!i)@h@NN;%N*>}z0uc-va=X4?!jEhxIT6@l
zz76$LZG5}A@@gt4umo#+liBnF=~3O32@p_y=+&WO=O=DLLnB+Ytw$e1uIWdw%-2;|
z(UGMB@=U(b8d9)DhUB#0tAn#<u~ji83JU`XMDbsa-VLQs28Sq)E+o~)(bJArw%Ty&
z-bNV^=^988+SnOlkdZi2`C+1$Qup%?7xFE)%?GbleUU}g|I<@9NKUrnAmt8v&)$WL
z5uEWm1O!)qrXZO8ARs6c5WM<n8VB~6uYV*j=A?mwB$j+p=flpgajefW-s2{8HIW^J
zve}2>o;XPR_HDT5xOv_>q94C_S$8>arYipCXw<&HPEm1u#vB#L-^RouZFu<;L|fwb
zS=OOGtjR*>_r$AAOt2%vncXV9!MZa*AG51Iigcvw{aDjl(sQiqFR4_XtqZ3i07{_-
zOWU&70AqxzBXo!gg``10lmgJyQgcUK+O`8=U5>@JVBPm-tMD~)t9(oQ!)D~Ky4uLg
zk(FujiwF^jMKx~ZuR@P22oJ`7bfFxegRSzi=2<yozpF1U>&%thMTdJz+Th%;c#KT-
zksob>9%KISZHEkJBiciB-A1%U&^qL|{UF-=h9cS(dn4MK!_tU0)PZPGO+GmB!4*HB
z{k=_9?p?1)^qubt5@pR_;Wy6TYp-VJ@9*~?;{5$c3h4ZuV>;&Vmsn)W{QWkp^B2`M
zzwh~5rW8sdM$W60iJQp8P0$(r640xS;`7&Yz}ft9&|e$9o>R`dbkUF2MgRBAT%3(8
zBXcoypNqbZrOl#85y+xH*+z(@>3Sxa6ii6eIqASzJ<`)N+%Y|$7D)2JO;6WOxMfe&
z`n5Vyca+OSrR+g7_{@I7WJDH1S4aOOnksJ$-n|tQt^AaUmQY0Yv_BD{$i5g(%rr$_
z7IV>X-+aqVpbx(q!NF+0pp-{6lb{UNz_LI^u%1t<n*WgCN7iCF?`^R-MC=sRVzFGF
zuvmo8N?r5~u^h95X;j0)#+)k6f#J77qt|_^XH|9K5R^L>-wk#2G@9L<L<-Aop$;V;
zDb*y(bCt1d`-+QB6oG6qjGe(v5+jQ-g;Fv*tld9_IcZun&m(buG69VwBMbkB;}HOx
zAv*r3Va)RaCeb&pqIDzu60{Mv(mbDEfOsJi=NY@r!>tH9-ltqdeL;it-j4*_c{6>k
z<pWl58b$p7*cpGniGTz5VAGcc|3^{tONGDS*M|Q~Sa|OZ|Ir-n{tw_^L^X#9|86q#
z`+>hdHVzP|sJ_QsbwcL}Si_+#+a5K2K$^#O{&VwBnhRZjdYU$KbcJ}e#F)2w@T$mL
z#;|S1@KrJsx2id=3Jk>aMsJtLIVVc-GPr`fCleBH0Bl+C6w4`r=j04LZ^aaMZ+IRJ
zl>Z0te4EM-5uUweCe!dt>G~~gyKVmCj}mio-aiEAbg2rl>jkmvnch)9j&`PoP`sIx
zlORv21MqgN0&Hw5W%cYm`qN}hi80?nu4Y+sYMtA8J#Rkr_1vGf#nN8ZvxMH^;Kd$%
zo=0M1%$0OR*{ApwaWOw20Vg^d5OFc36039br+9A!P;V4T>@6XeuC2b@A(#WSCrhU0
zLEBxswPr!0KaI7jVQudliDZiga&9t<R-#Wj9Ar#kw4m#GpK<ys1Vugd#YMPGS}qs*
z^1Nc7ZRA~zc~@r>=-wEDDwy|g<n17t*+8aln`VAM&4+?xh0sjFZX3qFPB2!O`UIw?
z!c;B!H=9$BmPi%Alt6}Cq;0|nSidRAmgcg1cWu%71hRDq_qII0H)J8b)S!?}n)Ck2
z@j~;*M)PwZX8a}oSc^7oDO`fS%CZzbj3=k1F!*m-2&YlMg0lr1xpyM4?v329V7>Z3
zLGB0@9SY!KRxaqlw?yuRN9`ZEAEJIIa<9DT08=0oGL774aj+L30GC&`#YKV_Zpg4L
zti)qIuZni&TIAYw9b9W(MmRXBXkQTDK<c4Dd_Tg$V^nh}@CMQQ$y`G;Ea3nSE}QFV
z;wd2~MmSfAD6vWafq#e{*>=Hn%h(T-2r;>wVr8hSH{Qz23Nbt73XoNf`E6`FSq$>`
z5{&kc`ac-^OH^}+W4{ON&l<afkfN}iP+ehGN48WO!%btD=^X!^j`2rM-&UOt5Nk_7
zw_h$5?}zU?7B=UfgvN_+Wy#tg%Ek6~ZxDSUro)H8ZT5p6&rr=Ff=CYT4xQH;VTp){
z7!m$EzoLhJ3M@eU`>DL9l-d_vCS*+9qi$#GvBP}&RXNdI=8ybK6`3$9ZV&i)cd?xR
z*I*1#3vOb;Cr6km)h;l0BTIkBI=u`;&I?3{B@$^6Ys#+ir%<&zSy2&|%}!QCe4{ig
zS}O7?rhga{O;bkHS$=OJ^-$&@n;AJI_~D1njrvR5hsKRQF8U^Jbnh;d5)N*(=u&Cq
zV34*9>!J8>5KVQx3>ITfpBQtF7j3&tjm{DCawB@?$(D&>Aaa(>O?-}!5<X2JbabVb
zKT*mLkn$*Muk>6*#J&MkbRre?l8Ri}6;-yJh6YiNJMuv&F{qHpvc$j2;hg%9ydG+&
z<oMv`B00prSu3*yO5L;V{8IKhmaT-UD2&KPlAK7pYsEg0_RO#UTcpL>(LS^>!taBU
zKIFK$fGk;ZT9SLRS7_2$f!>&dh2B`EA;>h0@ka;_voZ^Q&8?{a;}T>#y(*u(1Oucj
z!Px(JT3+Bb+kKFy<%dYY_q#M?cXx;c>IW40w(>$xTV6;-pdQg#aJyz_ahBBZvjd65
zS@eB3W=`oTwPQJ63rSOr*vywrrq-bpLtc1r67s_5vPfcQw8(R_9E`>K{_6@9#y{ZU
zuxokXO4Gg@CfLzayidCZY>|C(YkY-O@CnI$4K;j7p2U%4E|IE!Wqtjlqagcjt7Lzg
zp}>|K$ajR*<VDn?fkUMJ#Ld*QiLVKKN6$Dr^GV{gCX}q7v0Mtj$un91ELqRs;f8k(
z&ynuw%fpg-G^r<&sy^A&Z1DaNA2cF}c;d-W<Qf9B2G7&wYOEw$`Q`Ox8386c%lQq&
zPJfdhR2E&IVC}PuNtSHffr?DDE$c<UfMQXcd-Ez*%cgj{F?@BTJW`h@MsCe>DJjmj
z`I4j1kz-1Jq^_{(d2K4Eak}Iwl03!EJVlYZV)C?73Ad9-o>Ixv+nJ{{QrDY2GJ>4O
zfs)59c|6WM?noV7#7<DYoUUJnucoV!DP@tm(`Ccu7Vay<m6tO4W9bXbBQF-jf83JI
zAlv0)OwvR~rGIYZHnc>@s<#YC?SQR=Y2nIGNPQW{==<drCBzi-MZ{sJ_2=<R_F;5&
zQG2m?=UI$b4GnWGyCKW;6~pKmUy;MMD;gPqIXkSS)Fuf^ZyzdWv2*3xpKv#j)thp9
zBiciPtw`tE9zoFwDVrjvY}0IJeJ5;4)_)UY*jsR#&DZ}4)2^W+V1LkRHze!v()OV-
z?K2C$iD|#deeX`D-Lp;_IT)thz~NC`418I>#zdCknLNDm=HWOoLIM)~dCQSxV#b{j
zB3V}_-x9clpV7`PMwh4enL}8fN3b*tA$GbnN6Jn0vNUTU5YgJ4=p}iB)9bRbrM#ui
zRTE~1`y(bYTALreq|o_!N|%<p-1MrP60I$YUQ(QuA+M#bYkEnJj@Fh&FX^3?p<7E`
z_w;(~AFXvqFY#n$$Zx4Dh}M=xFF9S4bs<)^OzF{5ch~_}Vx;O&S7PvRbWt`|A2-)J
zGqGQP{b)uD<%2J$aC<Mr|1K16Z-lQQ^?!o!V)}Y02+!7ih_roZ2!D8Y8{si(3Ai?+
z|0nKgS`%e%&qj9lumd1_)@FS+XHQ~-(Hs@Gl?V8ff+JD&jPOI?n5>#91RbA*DQ@Ip
z#2_c#JGpfqbnh~{b6~o6&zJu--E+ma>=1W_E&os5+s8LmWdGw0Z6Pg%TcAZm)QUx0
zL~U29jes<53JIiug21i__^=2*Vw<$62q|fyce7E}bwBF5yXyM<{ID({KG0HVc@QX|
zAfU8>!VTe3l$HX`@BN;+H%TkH>+kdZ{_*9d&Al^o&zzY#bLN~gXU+tA(j&t^tYm`N
zI<&da2mbiKmvQe09!AoWa^e<lZLGjL9TSY#_q2~_$Lg4hZ?BWzn&r2*wg0v+z71r<
zI);MXWx>W0QAuw5g2y+bpcw^8W~hlDd^||F&Ryk3OtsRe^cQ9N2&PYsO83e1ZA>2#
zm0lv#+kj#4s;Kl^WO{Fw?;Vw1Ak#lXy7cn<VWZdr3;TTbmjwod3v5M!z$kr^=-8jV
zLSWw~T<9GZ8bG@BgBrMkJ}=rCKR|e-g}pPcLI+760Lys>rlr_x&BHIgjJRh;MZ)*z
zB=Q?9TxnX>=cr``l>CmhtauMYjY?k=aN^e#|N2^9;y0p}{;cJ<ky^O96Mw6yfxE%}
z_*uUIUTu=11)4|y6M)Pa6^6WKJs^ibY&!k|a%>dj0}uW@;^%<8hQ$TW_Y?BV9U#B{
zE_+4d?EiI;?+-&xA>`2=AdiiLe9f<eoDzn-d>tSk7ZR_a8POX*z7xTD$LwF#8_QW-
z^u}~TeyRiHXQLp$`s*N9g&}t)<Y5Bxu)gC2V+lSW=DbZ%X_&E`-GG8AC>S;O>NCWw
z`73%r&b>M8+oM91820&C0qyS++DSn(VQB9XS{({TL3>C-`#KD5Afde=phf!g<+mgK
z`95I(+~hk4bv?o2qCb<@0`kZXkVi*Bp7iS==Y}CKSp&$2F;T!0*NqW9@a+AfKYtK(
z67GSwIVo46U{nv3T`v0bc8ref&kT-^@JjU$n=7FeNocRMhc=DSN=3Diu6mep9rWok
z6`%czt{TqbqN~2E2V|ZiiNbRe?6q)Jis0#Ce>My55UKw3n~~}p@B3BNSF^aNeg><j
z9~k=c;UdwWqmhY)?<GOQ;r_f8#1brvLUN!)@>UFu?95#ln&8dRoa(nx7!Lb&7+w^{
zaFtkF0|(goh9`6yre@$Pq-eb{FiO|JK0J%j4i`BKY71;)krTiii?i|Vx6Jq(Gj@uM
zz)*hsPyX@ZPq^GCEcY18eb64ji_Ex%8P7-nGx+U<=x;qNaubV`w*U4nW(;Bm`!fow
zG0ezehOK=@4l_s}+7<0H`Y|Jx89m!)#4_U`hEzKR@{X$GAm}x)nHf#(Gd44088hld
zM%cwZjs6B1fv1rbydu~;oGxAO10JSJ|2@OYZDBr=tn5VC2KlvFD`67+tfG>pGbtn3
zIT#o0sRPwZ2d@_Iuu5aoJ=kB|_90&O2UGQu9b5%d0E@1I{caO}b>aBO5r31ge_eNF
z$&JwZM`R%~hU*fXy><5+7D5}!QbkA-cX#~c#JIcQUh`Q9slmuaubJEr+SM8y)4SYl
zMi7y-s@UM|(QbLS2oIfyF%G)7)RRYHvVw<><D4Ek?;K1KexoEh;iYqx=OH+1&8cZJ
zd)MI5clB!~*W*=}3U8eW(px80c<oj0=M1OUo>D=aqda!57g_(E#}2Fy?YzOFn<707
z-vw~JDQl0&rkvZua9@B;al1Lv!CpcZ);$b&d`Dby%}~fSNji-?)H9*fCy<PzsSE>;
zXe>^34|+ANs#jGBPHYx*Qb)tr^}p~aHw7#am$0&rN#R;@lJF}Gk3G*Li+Iqu`5vS}
z&9?kwQn4Ag|G7c2joLQ=V)s8{)^IsoC<vduMy)T!Q6uQ()X;$6pn-JNV<|A4Q1D9a
zRj^CpzZbj&IZ-eZ3E&w3kf1hE8br#gmr570`BR09*i7;HInGyPbYl6_zC}cGn7|UV
zC$@YU-+5)Bdn_Cj%~9{e1Er9$P)$3hDetMy%7R;w;Z6~s(|#pBPY#TvNX7uKO2tq-
z!a{KHP)f{-=aC;uz5H8@7;OaCu#~!bIg>er>h4hL&V4D;H9S`M0K*};-fQ5+Ep>5O
zl{l9vVtFuH<6@9EqW#|WDI&`k%JxPg^<#VfS;X>-hsG)E!Djn7YiPR>yx#yo%lI+i
zp_Q{YD-j56GzF>9dU+RsfAF)8n*H%b{y|qQCpvJ1fRhE_jPQM!!vt%2TY|Xlu{S;|
z^u7Hzq=}LSV9+Lt+i+NtCm?O=Tj_tqFFxY{D3v=26lyhb&=D2B*sKGt@;D`qP!{-u
zLmE8_)2#KCMyCh|52q!l-&KH4)ZUp!O&C53?JhZJ*9}hpo%Hl3O5vWs{&0&?yJ+9Z
zaNV6z>j+jo0#z>zS8WL@mCp)ARvcP6q76pPf%!=35O302UPt1wdfUw0%fXy4IEEqn
z@Z%)h;oJr?dKBNdAEI9iJHX*D&5CqF7>f~E#2}A<#sLk3-t0rBq$lGBP{<gVTD!G(
zr((9r8%ann|A7Dko!9`FUs*Aur!n>b!$|O#|Lp#xClKKR6jVc@D}!fcVV%`KKuRtT
z&gRhv*DlJ#dcaFr?6~1X-c3TJcwQ}vDp5v1ivg2xF4wL+0v|`<I2{I1e1)zmc7YIa
zhvPYp8Iy(NhuZ^`3ZK9(4g=d1@ARi<ILcR%>>TB*pT`e|Ak3o*eUG+S%R?kJm(Ah-
z_jGWWLZADL15|$}o&}}iTvTI9Od-wyoGDZXr-Lp4kdPeyO8z*9z-thvP~7ha<LNh)
zX3QOo<iU@Ugsmk_Zv`)1!FY_*`r{m5;5it3aqt}mT{EC!iLrZ6n_MYQ|Eq+HNv6G-
zPu_JPxL-fvg!`~?Ht0ffit<%tSW){Y^5h`D)V}?<&LU-Ht1)E3Lhb&QQK=c)<CDNn
zuhu3TsliJHqa}7c%@It|h8bBB%siwT(^h+sMH02X(M8Of4=4rmv^XQR1HGe3uGAv`
zTj|6S?b6ocT9YD#B;GHaD$zJ?t%W(w+UCiETQ9F6&W8W0SWnc`A92#eKF;~(Jtb$3
zl3(L(>5Ra^{%&1oL4=n6lW?6BOD%oKaUX0R8hov?Bo<uOwV!7cQV`zI9K6)-y8sJJ
zmPQ#oh?s3)&_=-R5B8#~y|rmbG{?B!XUVA5=}F}3j^x%00bJpWZwTUBo3$9dA!gAK
z$$xeHwQpgQW7QE@fz3$b*D_UGNvj>YVcjIr4gacUH_+c2Q{l8`Lo8dL;Qw-+B2pR+
zeI0<#MbbHzCw5bO3^v8WUcJ%Xbl?WG1ky*OoB9)M5ND5MHzDRUbgoAIo6vyAa7%2v
zPJ2`&7@hW_ycnI=GlT}*jx4>$lzymZR8)^`ybj%OiRy$;VH6BzXiHY;blY*Qe;X`H
zuJ!xQ%I<o0qUf#)@kNL89c^~s#ZKP?$+(UK*vt6X-m_x9i4_>ZuC*b<2`3cXFRxoU
zFWgMSbw4!Vd0eF1L4ZS8TRFarm!0D9zbnZ*q#Z(6I@F`V13cTvF$!KQ>Hfsc0?)5M
zW6L7^2%-D!c3&4C&I_EnNLkcL*ep_uXNZx~L)ZJ`S32-67_2}3;kyxjAJ2L6QqIy0
zjBM#0*ep-OOpHofz_g0?Y4eyiyM5ZjOq<d^O~A9aPkVyp2DeZ92h%##`v%jJ+LwEU
zX)R<X;v!Lj^9M|0e8;G?cbL}DK25;;q<z|DccR>D?bG@*jchCm-c?NVv`>5EcBI|g
zKJ68zO>Up|0n>PvH45HmOv`GYwv%a86{E^^W;@L7(>gJY-eFPY+W2i#`?OZ3ecnFp
zB-56)Py3!}FCopB7YA|}OcTIhgGg?k`BNg<j1TN8%y(Fy%@`kWcClo0kw#J<pexM0
zY4}CKy_)AH0P(J}Lxtq^uVU0b2N3dwaKbJoAUB-A{=g<$Bw<H%y`mC-d^g@i0j!ht
z!;d%wv{y?G*XJMh-SO_gFZFGFD-SlESSt9TU2X9_PI<@wClPDCHSsgByBH<^dz4;^
zZ9DrNgFmpFwuSa1Y<6`Y{;}7V*N8y0r#gx4eO}h$x98%HM#Wac0@I^zm=OAF<Vu?n
zyamnmd&b#PD*wuUsV_*z4<ytfR^Pisr2K5E5O=xpy_^YBi^h50uTo;H>N`ww_!e<Q
z9qK~<SbdAW;E%eHKVqG6UlnxW3=}T%#2Mb?@wt%fCZ^#Jca3{=)<wLos7J0!U>QSn
zW^A2yYiK~*E)1;?5%<&)dC^h!lW(D*IF)~X3NA%}6PM@!2v3u3=p`&*GjB7DOY@fK
ze3+c<wu5KI0+o5A;AB0QGf&3*FF*7=T4G$KJ3kquisf2}$Jmx~Um1PC#GjgbyBH>L
zw{1@KcnFffjmdEELBmZ@b^5d`9Dju<ERLe!(jr{s;j=^V9F1n?!7Z*J3y#G?Ko-8-
zuWW;^JLC~F;(Du%JQDf#cyM=Ir#{+0bcIlUVuwUZ&p~PZqGiZdY=OK%z~LX!C-@Zp
z<_7<Sdx?U7boj^g2~5Nqh=<%j5g&Zr1BGHy6!8isV%cIBbss0Xrg<5=Mn6Bv3lXq{
z%PW#3Jt6K0=}AS620ht**ZAI{cvF5>s6iEP;o0W<EUZ0&szRxCUkZ|9xk6Rs1qb{h
z*{~!vQ6gu$j?w~!nvUeNV#lu}AA;@j6Y_bihaey8G=qGGe;7qRoxVLA3ij4^iFq6)
z1FXARiho<iu<s)FBb--yjjM=ydKqVW>>^GiZ%d*G!J_1^!LoNXJbNMnP5CO8j}niC
zgyQapn`M0kSwTcME13MzF@mZRpiZ4GSr2{uci%uC{|c}}sZV`@exN>1V?R(_&SXO$
zAB9Z8t)ldC!r`psA>oKV9_FSp)PddqxAZ3PJtzko-cI6aGo|7NR3POM|GnuToqKT-
z7J7}@IqOH(Iodz?D#1%IZd6Rw-37kC<*>HVzKR^NIDmPk72t&|1kV}erzIN-peD(N
zU=ZLE1fd%f6Hrt{hr~Nor!>3&kLh3VMK$3yL$#XAYXv_&ow!W!(}J%cS2s^(|HeIo
zb4j5lI^X0Hxabt9G+9z>mO6PHycuyYi|h*Et<V~czOh4DN_PKVS4xj)12K_;PC}dh
z{~Ma2O&-y{MsN_(b5tq&P!AK!?yR%K630ArY+dPD>_^IhC>D4HnbdUU68%T9_EFOn
zYasJxZ5FLGt>hvF9s|{s7tQ5SE46cc$DtG!DC%*rqhx7Mjzp_&`acUZ4=|}R5i2JS
zlHjoP32`c-p0Y2=#o;~ENgix3QVPz{{)UK@Cf9jI{(lpHM`#m#QM8O)s$4$?_eqr!
z7Xi@ah&pH}brm>Dpa$<!m*iL4)30*c>L&Rt?HQy6)3p9#GKW*WOik31BB`H<?$qvP
zMyy`Wtc{-677ALmZ~vvk?4Tb4MOR9Z{}nM@(0=BENfoL4g9ikDLPykIyMlz;sJ%Bz
zaMx!9DE+>n2)_W2J*|CunraeB&%aog4|INkyMxSS^C2YMKSeN&b6yK|u7LHc01UCC
zU0*;Y0ww55kf9v}Zuy=!P*F-q0aF(&$Iv8alAZW&ft{jJn}Ee4m<y@F>AQ#e2vm-U
zJ~9FNzZ|a(+9TJBL8pFv3#-%mie;uT2%Av5k1K!|hFI5U!ru=Ge@|AgRPb}^H`hz`
zPN_&h0x)&s${eV8sqHXcvK1H`x-YI=69yq&(lA;a8n76pcpnkMw>4@*y2H@*H8D}^
zJ`#-D$L_}^IFgZ2OE;I{g4=GJe<!#JPdP$MmpZfD1Ou43y=OxK;irNZ`s)R%@P`#7
zg8FeE9-i{}<l@t|Jy=Wb)*gRfUtc2n6!oz}hyN{cn<ppF6**MMU~kZF3zv?v2eEu=
zbotYR_3~8dX`UFENgmp){l+e+?*ah@%Af52@u0eoC|$-1sTA?bg;@{A2~b2&^s{TU
zPB*s%vJg&ISF*3=2%zs_5D+W!W$2GvLIbYd!v2pkMhp-Mx?b(xc}uMjCVbNbWyF9D
zpf|!=dCTUoru}jfN4;5lbR?0EbdO<A5Vz|7lwy|vf<dwWB$J4O{?`cfkvjB?J3vQ#
z&&Yh_HHqjP5eM*1K_6dGK=daGFIKxh&H>R|voC-14f)UByw{;_XS$>2D6X|TF6IX(
z))lx<4%ahRYtGn*lI`l|l7o;{pE@NJggak^u#p4s+RArG42;<@UTh9g?bCNu%E08f
zIb=QO=Fp!S<mOO5J`lSqm)YyN!zWk!0&^e+FLI+rZVJu*9K9qqT5v53KSC79G`q_4
zgj^4>ItUfP;k(G;yB}AEA~*+_cL_{32XK8c!Wq4K=opyX53G!AJUQ4IZ}5fUu|#z@
zN`z9s#*OL@(_yE2+L;-2#ty>1gpHQOxIFy7S`$102{?#l!Gh+p8}tZ+z3X=D^*DU4
zK{$6kVNeDvaELgFOL{Z67Td@82M@$$q=Es#f4G$QwtH9i!RjF3xT_tRked-&Nk|D!
zbq>y;FzyCQwYx<W15jrc(%$J8FaVcw0B(GP1HjXj5WFY6z!&ZC@gMZ11Z|ZYlRF2<
zdA-+0(xm<%?#Csm_@Fk<ht;ITp1H>US%feUMl*g_cWR7SR|?Ed-yO+z%O)2rN!xHY
zLVS@A2SGDolU`$Q-fyot7!OPLO_28EoThp-mMc!!{_F6znOr@b{`t6wdZTs(c#}B>
zARDHU)bfj9fJWm-_i<W|y9POYDex*9?7+nci0ix!S_JMAJ%GpUGWu~!UMTf$TpGg9
zou*?v9-AB%Kx<(nT8vs;J&ODfKv)WC^HE(9j6-nzYt(QMjk1}xvq12b+PBzYi={s0
z8!50Eflk2<zQAW}pCSY#aavBfu5kEzw?_$4r#qmueT{)q3p7Gt#Cy@Cy(%(4#{sxj
z1pD{T-Jdw?=AU0E1=m8W|JU~?em;#_70$=9D^^^FMe>*LPyAbS`Nu_h!7zXJ{=|Kl
ztpDNu#A*}?-=BC-7p!L#d2lp~!$j64?@zqsO^y(f!}ljDsNdoJh5HlVxm+$L0qt8c
zIka!YPc)4610;-d-k*5C@x5_>;@|rVg4JHO3Zi*TLR}<&BKoG7P}qNO`=$F6-x&Y%
z!~1{k{=`GKMvZSHVnqCh`x8HjF8{79|BLr0#*$I`rh@-AYCm&-V$(W(d|Ad94;<Rv
zpXfj>97QRQK_0j%Opr%7IP(6>*9AYjQ2a!XU)S*09#Be$`xD<WzK1m!D;M^^)8zPl
zH(ZS0#@7VYdhsLb{{?=y;dA+qOwJ#_KH(?)ut@SlTms#mA9evh#Kzr$_@Cp4*niUP
z;TyHCSkTB4A%Ff7OH{!Uu@Oj?xP+i3O9bal@q|(*tupw}Ias1l03!St{1Nhh*na*;
z^dVW~0WqF<AzxT}gXpd2g<cZj<-*@U+&B53`DGNo(hwwAxQ_3uwFbUF;g^yh|I!8&
zxN*06^f5Fxpd`B`{*Pn$gOhZTPov0}BZO`n_EntNe&U*NPh%)l{xL;n;eU|Gw5RYE
z%;eLfSm-<KPxT~oH)M3z6LNn_)EOFZvR+7lx|>9Mp!ozUB-#uBC3>Dt0Nz`3ydwEp
zoi3AWxfik9o3*@Q?Dli?H#m#aH=Ow0Dn<w!lygyY5w<+|on0h0>p0zx9B6~gP*@>$
zSh(@2b;1i`eTXl%;R|B4ai|#Rr7shs@O+?*trhHMKRu0tqMxp!HUubNqb>LirJk<i
z7~UfGT<T>5bp-Y>M{N{ufk9Adbj_vQ1Z=E$AsiQ8gg6c?h(9)=vIQ2%kE&KUoU{Oj
z+=SW<37ie<E%6S$M7*OrEZQF?TVfR!*B!u1N9AOUgtKu-`yQVm<bj`&kEZ26l5lvy
zhfhg<@NxXF;0Lo>g}xmYk0K}w`H1{L>Z2RA(_%2A_`&dYB2uOhk!Brdaj*l&tTy?y
z-9D><PodON)f|{#l8-q5S(f8)?)iVcoc}L&?B2YXcJfleIpn1b%1crBg*xK*#tH+!
z_LE=gcOB%VTZ5s{&uh6;!3zH6jA8|HtPRZ>rs9s)gAL%eKVv-@D43|U9+ZM~f}=VZ
z06ge2ssG;@Wj`1KnFKtO{sTh)e~47)8xkC2*b@dyG7Jvu0Pbh(2|@6%Xn2|U90S$9
zWuXCc!9v3}fy>+4;3!J${*z7Mw$ahOrP~B3eUTd++YFlky~z0TB7Q~iUcS&LIQTH1
z-s012KCMLQ;0)~%p?IL;$o_0Qd%y+ylDuELF<dfQKj>%=2y%Uw{tD6_(D!`F9sB1B
zqU<W5gzW+0_2TDj0t0Cia5?=Y;Qr0peLLE5f1DYYY%}m=YuHvWk_*RW5nI7^v=vaK
z4-M$NlD>WVCpW@Hpq=qRs{v&jD}{Tl_y$Tzef#C6S<66OTp60R?f}7AIO00dwyU4-
zIN@}DChZSR9V`TMP@m4w2ApXFpl0ptwe1<&f3QDXON@1k*@6zx`$nMGpO(;{>i`}0
z2m7*`M=sj%w>AH)u`j>#==(9{y+1h{wY|4^oR$beiujknN`XzcF0@*kp=KrHAjmT#
zfCMeO*;}m3KwdH00dt)A#1_-uzA;nmcv0u4cvpE+sW`-q18f=fi0I=;-G)@Ve+=ko
zOtSCZV=cZZ$Ihq+y?d)+S58+CmhX*$WeCq{;yLCFpAkKKWBJ)oBm88Cl%Ec5kBKS0
z#xbPS>`r384#+)?J*d)T)KwpMET##208@^|;mTTvTAKVZO9xkq^|SmeGZpVDw8Qd^
zvglq+-)Mc<dv<==1>V#1OMBz&qxDm2sD=JVO{~dvSukrcQ0M{_CIbchmW~sp_-K@p
z`26L%Fg`YQ=&>kd#39E`0Bci&Hp}7C#{vN?pW*oe_#xo8Xa!234n8mZ7oM%3@)^f3
zje1;92mgujwR}^0Mc`FH(Dfyonl5S+0=8_vtVmhJ`*7I2?y_0((wCA!dW(?CX2^Dx
z^_F;)4UzRqOiHgT^#5LTh5KoC`g_;1k)2spa1m-@C*hh@R1<LFk5z3nE|xjNZdA`&
zz28;aV4q2M+xS-g9mkmoX>Ny}fWc-$Kc!+PzWF#5ij8Sr&A;x!HnpX>;dSvmGw=y>
zhvQG)$<@Q%eMH`C!(Fchi#`q^Bmlm_UsqN_(B{8GqAcj-Y);g;q$6_6+%S~{{(-L7
z>%h0TRT-oap|INMFB$VC@})Jj0j&>A#rHH5nd@R0nRI5@@PWN#nH-Z>HPd9Pn$s!R
z2s*?*nNmSV4pqyE!RjE~l!nEakA{>5FC!Va{3QMFNQb+g{Fd&m<!3$UgcAE_c#gpp
zE^Bc=lNw?XGup7A1*xJuLRuHq98JpeY-%c0Pg`q(ovoe&!>yi89xG$D;1uxMLbWA$
zi+U88;nR|dHAg$6bakHRyWx4B4IUBxo)xH?2;xz5v?p%7?t&u6B)}wmZ>`Y)w+V39
zcp~uQ2wy!_s5S=YvE9JsQXLmn!x!nplRV*Sh)nhtH4wZiss<KIVlg$q*xh@Ed)7w2
zAb9nldN!)vUNgo{Z-7-eIk0`%)w~Qb*$Hlv;k0aX-{<sCY;$;9V-;^DV1yBFTPZAa
zwyNHFRrj0ns^)d78WC%&nip3!Cf-&xqI1>6F1D&M=D>L%av1(zMR*?UqpY-I#qUl_
ztbAXGcX=em{y$tcXa~(jH7MJy4tZp$V6VJE1qVBGwUrH`6fvYD3e;nIg8JiI)1>PP
zJWJ!R<#$NWB`})*g@eju36;f>C%5B7o<Ap5uP9fGeUji8!?()r%MA>;iyQ;|Tlibi
zOp8$OJd|$)ddHo7PJ|fDBqIKtt8_5f+?$Y|td(7@JHpIZtov*I!q-3vpXCJe^i@QH
z7#s!>R(%CN;{h-YVyjqiGz3V)`o{$Y@m~6La%U(@y9~Qy1}OW<>Z$^mmU;CO+8|=z
zUyMnYhD`(0@)TUM(=pq<M`TB>ePMk{>J#2WS$1`+L;b-4X|8gM%O<Sm$ylm%tGV?v
zEa%|2Hg-Oy2rA~PC}P>$)t#Z#$sb9>InVp>ytX+wz$)gYenNM@DAn`dpp%J^&_b!#
z;SmCYh@k&he#G-8vecmu(OvL`Eggi5Z8{H|RRV7I8}aBEk4HoxWhx*0$y65TkzGwP
z|JH8VQQRl65*UgwrZTLiWryN@S0FuXq!^3T4E}s(N<$*9vXb&4Zf%Y0Ug)<sS-q!*
zBQBHj;>MChd#HvW_XV?%vjX?K_AOBymalP9Gd{F>s?&nq3vpWIE0MMeX(OxRE^~xd
z1?#XOYf_%9Nn112<Q^oq|E-=I?r^7B>pIU8zP|Tc>qeML@EBYCARas2VHI)p32M;+
zfD(NSXBHgU(3Ibh?$GBku8YW0la(dT^gi&DK3`2q$4@`Z>{whe>%Ox{z0RRdGZ(3M
zC1cnTAzRlu;MJ2FxB(NB^8<zif9eUmSw-}J!Qq0~=f#dgD|c*n)7H}UPdHD8z&YHB
z&>n-w4XpT=@1zx9Iyqpk0~`hW8Jv4*Rfy%`(<5Kl(lfC;J_sCPqX+`tEf-bcNZXD0
z;Uq9i?(hdp%piQ!Q_Go+d)iRX|DaM~T9wn_aw6Luk}3#<*{|ZTJH^s>2ep?bDermb
zqjwVQzTu$(ElW~jI@0?%ptI>2GOTXuFoDiZL`U8GSvo4w&i<JdN7P?EzA+ff2|Kt%
znsj5sb*BED+fxw}f*U)bacDbwp^6(a#?-*=6z8Lo)FjbZ&R}r5H0_&F7(p(EV&u5P
zaPz-R6>Hr$a=u`wAlYYn=HgRVf9uH+gX7#6IN&%ZE>QL7T=p!&QgGl<V@0+5!l<lc
zjgc(1HrPpBuYQGr&wz~It_Nat{&IqR5Cet?-*nUy4eIe%z~~xjkQoh1Mmw<C<If49
z&oFlG;T${B98jK!k)Z_&PlbRpR&#{8Om=mysD97n!frB{kzDvs=Aj`M+I@3SQy#mn
z3$X=b5nZR33uiVG4ZW2eS=NljzkvUZK=EhsA1?9#OJq30_-FoV{73Ho1^h4mZ}7+7
zR%iA<mYop@bS_pI^r|)tokIEmMaek-$c)vyl1KO0^Q08*C8#Yz-_2}41tRtd_)9^k
z0)ItaU7QGS&HA#iZ5oR+UqP!bFDpytw1K~q$FIZx+wyY1FGQdq#LU@(kh;zIZOO}R
zQ}WyR7OKPNo$R5tmTe_aKyl6Wg25ECmW(^AESVj`x5e+eyM;mK))&7928d14Dd`y{
znSvKCT!qtFVtCmY=)C*2kIq7S!>N=EyaYZ#wtWQz3;vrAcdYeGF-tEw;OZ4hHNVT{
zf|rZ9hX<}qKtZ_ZyoNUNpWQD5hl%AVdkgMI`9Q8laVW@euq?=!7!@Z3%JIbjyn<V~
zq11QZ0aaI43pOV9Y?TTPg?O(B#sY$e-9$&9>3D#ll;=>q)otv~najuk_>^0Stz5qz
z$^h@+Gx7Gv$XOtfAjnf+y}!j_LNVEkEc+Gj^ALKmJL}9mChi|W<gEw61Ui*q{8x_h
z5B^PnnnSdHrYsrT>3XHOtJ|V1nPkeH6kC!dW)i-NElCXi7PqD2c#Ug}x=~q@G$}9l
zc=2I3#?>_mqvM)nDsBv38(sccz5L=x`6_oXQof`y;Ko1z8@syAX*#Ja7!M`M3Dg(e
zhX=d2wNvpFyV`*JZbekPQU0U{9V!}wn=*>jS~Ot<#Lg&t$_U)%Y7ODe)QO=PBh(4j
z5N;BMA{?r=d+XYqmTET^o!wF8!FZjSCzJ(`gDyn13-N$co!-{Ok^+Z+YNFG!&!H52
zEjX|!`4TAzcnMYAuH-jx#kd(30y>`Mx-JU5%q|V<<3iqKj#5cmqg~bPCQXbeqp@Ho
z12i}iataA>(OXdjD9$NH5ulWVbSfkPI^L56c${M#O@K{Ez@|Q~uEtqQm_?3+QqR80
zwGTV+Hhfg1o|PwpfD10wb*NL~k>-lW5uw#~?^(>ckD+SupwaB$!=j`Jjr}9ZD$Snx
zy#VwkAkzJ;ij9gD#{>SD?h!3CF?}%~5qfJ5T>cz>m@AO>G}D?J>^ST7JRjliCUAtO
z>632&9DIxDpD<flm;(eHYQX7t1CQgp<`|LQyTR1q>}JMsFsEgY>t?6Aj-QY6xdt}b
zEp??fhxb&hvfxi({6+p75ny?<{Eh}v|Ip5M%c;`qP$W)SFb75Krj4U4u7TC1mj+7k
zYK#|Q6ypF<hwm*l#c@b%E3#}>79NET<?!d59F`ho;X1s8tC|b!*rUD)@xb+7^r-1e
zoX&7$Lgj2>LCbf_A{citJn}{tCw|#0PW{G6gviSjw?VR{s046W)Po`pzYXv(-4XYn
zOhdl}5@Fir*!}&APy+sk!6NmHBlB~I<#Y0pJjMGKk`aU&eji}%pau|YDD~*;DNMYJ
zvR+<{^4LglDLVQ+b^{&=eI}efaPSRMms6F)ZuF0`WOQ5ZsJ0SZol)Bsyn3;+WK<|m
zd9v>M(IMrDn!L2*%96GA%=P%sbKImXISz8+f9mGEij!{0d^?n-2{TkPj!l*(kjptO
ztz~cG-da#t-~}r9{*(k(3|x86Gn85YT!~Vi!=GXU6ICAj2Rp-3FVIsSo1$9<z(t9&
zXeHvfORQ%Azad~xoo!evE&%SP>&M_a%O`3O{VuoOoo`p0ttV?tuK4%CfE$&i!)I94
zM`7b$-AUb)=V>-!Q36JT=h-dW6mKWg#Mb%yjka5Ai(d{L7Z$_jV0{!nK~r!>&p?Ac
z7+8s7pHdnL+zG?yr&PcLzrz!PMFwsXzenx<3-f;L8WY-z5yBrXR>E!fF?{Cml_cY?
z=KfNDz>NT9wklVdN!Z>>u;>b{pn{r$-9Om`9#%Srwm-XNjp98Y<LU4X!6npXZIB4d
zz!;Y#jl>_@w2&=#U7?CKdE^#bZcU+DYg6)fKs&*0)Jt|*L$!q#i3jeWupCpopRv;k
zX%IhmO@rm81QEvX1M_ym7@i6<y+9jfh;V@Zhukm4RXqT>8I=KkgR-OsD}DniL<D_n
z?iRJdiu$ce{>my_SzFbFGSH`JPi2-^6~LSKDGSQj3jG`ey2aHOjdWcE-hUUU<pSu1
zuYkF+&(QP80Ykeb84mW8PQr=_&l{wU9n1x@UVEy7QaBPWlL;_=YF<4peqALC89{?`
zdM$!Fi9Of&589{iTS&UZQAT_HNV@f+_v2qZ2*IDX%S@_PdW`I&9rYsYMsLn3f2t^t
z=<p;Bt#lDGV5wooIs&2-(|(!P3Pb{XMBcDRcL~$S#lYdSK}gbWtwbg@K&TmyBS1F3
z--7RjrXxQe!V>=!CE_;;&=3%U@w#QESx9%hpUf_&w?OB>La0a&0@g{<Mk>i#3D5}M
zinI?<ITf|r^$r@A_L!)*?=`3wzKSv08YAcI9+8u5V5Gfc<m{6<-NQLg${cLX3NAx5
z^dJ#b1+mcNYJ2YO6yw-@NGxIdwQK%;0>sg%U2w4wNDY1jE4Zt3Xuy5o61Akauzlly
zEB^}m!+y_2|55&J74q)`LjHw{RSiREAb6Q!FZSiN_;SHMMsBlOT0rS7p?Z|TQoGjD
zT6&2Ta<73f=$rk6Z`>Knw&D%$t~T)z$`?byKMVO5rh3Y^XHCk&?;w7J<y&aRN3_?m
z`{l%lrr{;971_Ai*S;A-R{T-O6IlAb!5~2j&3p-OJZ*3lBv$x}QKXrUQfpC47gRgT
zB2G0uU8%T)60j6elOdTN<BBp9xVLZ-8W)yK^RmGbBZBE<%!7BmBx%rHVYUz>GJ^e#
z@si%-6b!Hi1Qc%!r73m26QT%w@Q{qEhVBqDY6_)7|KPsj+E3$q-&peyr8v=jt#4AC
zWl~bfRS{`3DL4uCGAW;qQaAdNwp)%DA9d&ZT-(oBT-)PdUx|`Uy9Zw+z3AniG|E5b
zK5UdP*%x?JPyuCAyJ@$wfR~^+apU5mw{_W6S@1W`G%25YTjNT)IMfq}_UK?R5$~Qh
zT~wVZMb$cpsweW52jc1xL$o^ryRRLC*ZE2Hc&r|SNS&P>RDZm6$DEcL_m|+{uIug1
zUx7Q>n|DK&iG?%k4tp&6$cY7U+*p6ySBss#gd$(cF{j$2NKHa?_>H&~&<u|4#&uu2
zVXwfBks}kR|Cw|_)c=47L%zkXU?T3ngD?M&!q_58zQ_@YmT!57cp>-KhCo_?eESZX
z+)lnViyWm=x>HX{&l>HI8_x01qdO^N4k_i{1`&@^?h7wONx6Mk+b>DEcf2g6Tn2G(
zC*|%IQtnP&%EcuSq15vL8LTvvIu#!|)w2%le`8&M7T7|u3~i)1H6`ARQ&>2-0718e
z(t{9m;qIOehuZ!6H+_WE0#LQj17?(*o5g_D9x>`ak#p^SEXY4A=L(bLThF2KI5WZH
zBam|sLpCT<PdWV4fW{8WtB`dduZHE^fU8KCbHNm)oI6y?xjcLnC8zQePIe*ZUM=O^
z#V7(f*DmDT3j%+nG|^GMmEX0KZ%;(aw;Ln!EtWee-(vlU$6(AwN1C<^iSvxIpbZ7#
z^sFrE_6zbY7HlEk!Y(AxjgoKe?c`f<Q~i>2|DYD9fA9wMI2@FZ6sg}iGB-FZxC#)#
zAQUh6sf-Ij<Oo7+#4RgH=x2zyhbZD^LBzcit1x3zKE{wvlqbiH^2fDM+sH6RT-vLB
zV_GbuS}>8lbuB^5V&AAU6mP9V#+-@Bw+1?yCv_p$pY$W~vuCa|BwcDPz685!c36%G
zNw>vm*<1Dk1yfido&(uQc@7;Sn&$Kk0`<WN3Njw|50acP45X|kT!!wX<ogny9hOxB
zYvr-gq+Jxlg(z%EJL(P3Ppj_+o3FFY0`b@C8xuEVOq?$MTI$`_DDjt;Pah`jqnP`v
z&F!S$HX;2U0;NLwE%FcE=&;lkzZ%%3OTTOAU>DwGKm&tuIx+&!z?&#%T>;XI3B*I%
zwXP5Xa4UBHi_}el@99K<cKa_Jj%$`E03V<LjMYp;5}ieo^%YY9zEF%0FTrRQvTrd+
z1hV2cO2vnOEoI*$rTJmm*Mxy~_^!A4Y|Smcq<X7mja6L-+f#$h=WIUXo6va1YT0a6
zw-!R~74q&*QEjP|cRyfP`>sEs%!{jc3@J9d7dqALBIt9L*5~}w7`+EDK;jD&BZ`6B
zuvjc+H8?Ct&@gi$;&cOka5_T;7V3oNGdj+dPD8#8f(a4R`h1#tNTaTcz^GmQA>X1~
zQuM{!g)6f~ZIp43P{#e;xn<mYGRXt$wSPUN%eeV6fimuMdRqMchgm2r<6b>imvJ|?
zPY*ppLgcO45gE4@wpGfwGnAv%Sh67HCID(6iPOrTdKO>MSO99&{xlcqKZvnO{Z6Dq
z7=QqbtlkeJYlp}h_Dq8i8ixP}DdRrGOwMb_xNmM3nMd%swB}D?=5x#hZ}-O^CWe$W
zgnt}`Tw%Y&A0gqQs;<C7$hLh&QOLGOw5NcvkZrf2Qp`GSq24jWY+g~{4H<@Pd&tPS
zL}D^HjL8-wr;E(_O*m(n%%N<Xo^FIblTvM-*7f#Is1nD`cn|sRA7D0uP&*=pQYPh*
zDEq27&q93`ZX!jMYn6%u(uul7oN&29JpW)7v6y(2L)|DI`2@=|MaJY{56DC6H}HRS
zSbkK*DK)3%OU26*PGlVDrQCe%M?C-yZScLe++$D%k0HVKfC(vc?={(STcEYI6y~;-
zjglV>nQe9tBuPL&pOT)YU3h`i`_f385KB<C0om@GoouTb3~hC;&{k!-IvWR6fDF&J
zqblbEP{)@{xYv}sxkzm&!bIT&QSxhHsw=tF9;(jWtax#p5WM0Whiu0JzJk<74FJ*J
z3i+leb7S!|3B5i~Od?l5OrEh||JR06hdhm9v9zAD#ZJ^O_bnn$a{kow07|G}+qAi*
z`n0(KX(Ww%jD$BZH=ODw?RRA?VaTJuG+x%I@yh)5<Fyi9B*sgg8r8?k7k4z@=R6u$
z=o@^f&^Px`oXsM}&1N};u{u>~`Ps3$E#<V((SL5N)WOa0x@e9AcWpmblyOC!h@yW8
z(f-dpQm~A9Z)iVKe8osTe<_CGHhrY-Xg^YE7^zKIz{UC*O7;KGe;%z_0H=@EMwdQX
z_aTj=^{J6?W{w=Kx7;idS)baCSFZ5D!Z9998MB>JYz##ob*q?S`QjPd)u#%xw@{9R
z^=&r}K=HT|sUMT<&h#{{e$ne679{U|{L=Eh;+?|>p9xnG9Euy^8`^+DD!C9=R)=M$
zvcQkEE$|QgiT*y{H>DxY>PtCf*;)ess|R6Yai9nYuSngd{iCNGLL8v_o|6s!SSE+>
z!Q{XIl#%j_Wjhw0?UwaQ{(8$gWznq$Dj@-7LVDIY@cj^ZR^QM=0#B<Yq_#>JR&@<%
zs@7&%sVw>j2-vc|tf$qosjQo&u`I!62`LNdUW11+Gb&v8Hoz>W>kLv#N5QiRZeehg
zX~NF=RiRC4Yx(zd!zo`W0+M~og5|Ar$0?4r(p%}Q^tverltRl<n|crn>2@sGM^SBt
zb%kD@UOkon1B(2>RIx>=90CLa0lez^w)HdCSAL3hyRPv+WU|6*ru-Nyww70mnqkW7
zftMDe>NbRelU4U-KUj8K)vqBG?6)Z+P5?m^E>vts3e^KP#nx(53is*`Lhfq{RVLGd
zkrtdO<vFYRMcz_VUPZ{2id?I@UFME5_yvd5eG&P{mSlY_$vPoPL`IW7X5!8(4y}-N
z9t3MeC1QLmJIZbY3E2?gfl=UwU@r^LPVh&9?x$0V%YYuClm|&I?Y!lX0(F^`4T3D`
z?F8*E7y_v>*p<)$&h>t9J+in312y!7J+oF>Fo2w_-YOaGB@UlOPH6w&dP7<%Qa3_x
zdV*TsRC3$gC@Y-OOWa}RP(|HN%U0J*m?<T<0JZP)arUo4v|@*Bg}9zodtEsl64$Xt
znj(lk_%HC5Ll=W#;J``hvv?3(VYjwyw$2rvV<rp=sWXgHFXI7%oc0&J$grmS#e$#H
z0}Flz$VfZ=p!|4P)+UkjW*T77?I=yY--CB4iflGY);%mrJ_OjGIS6B^o|9VY0#d@n
zmM)T_<3+&{CxeIWgm=ma!E3e)zH_~J2H!c2$ZhILavUD@glNOP!!&Z8J~XI!P!;SK
ztDTk;igyc0*J(Mcc-I;alK{rftlJ6C7mIb)i6tEt+{w1wKye+-xRbg1rrc}I#eS<a
z=vw(XBobRMF6{l%@u9HiW+I*P3Cf?vmn*HgUqV`_$Lls_$ti2@MkT-1n%kl*62Ti;
z?OA*wcFj8QN8tD`WQmF)W~{d6HdxionCB3ji6Q>B<>hXIunyj{y$}MxBF5)M6=gkb
zxd+R-Wp5D{P&wb2lECU0l9Tf7Lg|Xe^23EEUAy{i{!t;+y0$QP1FYYe<_)YFDJ!it
zd(4FiHHFI38r=AU&r2r)2W#6(rQ%kAMv<L`xhJe@D?Zu^{&<>|^#-=w$PU#UFehxs
zwqrfM4W5sb?KOK5oMK5UGEA+QWq5TYG>9%m6j<bJb|$QJs9!p24yVB{%3c%9IJwf~
zzPNcMMiqC+1o30bJ+3UAi-!PpM8V&2dz+)?kQpbJacVhP7IycwsizCo?`QzV;tuk_
zhovJ$KwplkyB9~axJSDYwN<6hhG;e$Qwc^3da{-XCesI~VH5-`fGL{@3bU%aajF<M
zFN4?MnU)oRCF4kTV<~LZdWT_`fXTp@ZxCR+W`{Q^5PA^uE-Zf7X`M(0a~VMzFkGJm
z*9l+@Q5Y_F70Tg*;z`C9El-LW+W;<{H68-dp$t6df+Fr|jmKuV&TrtA5|-|&`h_o0
z7A=Ig0-`HgcDr83+$b3jWVt7`q~BzRx(Syv+u_TK4qMAcS(Dp!SnxwIl1DGl+07t4
z2zJw^IqucjO%^lBZkqe*rLGmF8nw&xBEufMTd<0{B!k`j@jjj1)T|RZU*ikOUW$#J
zyGlh)U*-t*GFi__J#RL-S+iCzzzh0-SBBV;MToaCgHP5ZyYD(#lcrR@Li$-6Gc5UX
z{4Tf%J*g~RQxk}rwRt4CL(Rcnv(_;ya}APbt$ic~X@Oq%oVqi!1;L8J{62iLJHAL7
zI|Gu^70S}Mku#ulUHQ?a0IN0xcqkpvoqo9;j0qU#PkAxhtyOcd0l&r(s+r+!Nmkbs
z->WQbP&cD?&t7Fk7C?Af6N|U4n1rX`rVen@g}4%t-_8ZE-?`ykC*ZB{;K!M{$zC2R
z$CKiHAAd1Mhu}sdy!T)P5#DN=sih@^Z6kJH?MLX07@&Jc=~bemI?dWFI^|%Gd)D2_
zUP7mId+yKdlsK#GivjpTZNN8)C0&!Us%%MJVB-&-CyJ)JWYK&SO@ixEO`Fpnmjr9C
z*(z#sWWt7?I+L2Pj!pJj?ZM^<KFIy&m%U;>^Pm!K^4+8v$^YzhhEP0~7*`4$pGr?9
z#Vm*U4Pfd6dra^J^XF^;`7DR6RHSV{TBI}S&*mE*Fb_S2y}Ak%0h^u39h3|%_P#Ej
z+)nOG?7m0RaGojyzEy|^kaJhK3hDlZ&>A2Gl+a80a~wvAUvyjxo{tG6J-y&nprxn(
zFC5qIb46UbIykOf_faIPqvM)b&%*8X4F73kA8s-FGtyY$r5A4O6r;p1Hny!#yT)F3
z>Hng!o{~t5Iy83FvPjlX8|&ftj<b7*$GDO}Pk$gzYRhkHwW`_(J;`_<7eg?C_iq<|
z!3YmmVw>on5a?D=>I<bds`wPXg%{dYC_%H~dzd<u(7YnJTdj7T0Js9XS~2oIoh8#)
z!%yuSPT&2ALp3A0kdlt(%xqE?q)}Qy+z#Ius9SK6hN)Ls)K!Qu-G!d!H0{By?x0W@
z9EyBn(rD^-s!8d}!g*jrfMj1DYLox$pLz6u_D@avKWwDqU)WwLgjaYKL9CMXKaaJZ
z+bhW<VF)q99kwO8<a)7fHlI>J_7=gA!rza`jq9OQe2$hvly+Jg+(!bFP!5w*&L^ke
z0aNmx7R+#0792*LO2HZ!b6n|w#Qu=q(=!O)!@I<N#OWV*3=gFV!6H6_nPT_Isl5A*
z;P0b+{SutnyI`|+G;g<?wmL3pc2qXH`;YQXNid%yBf;UVNhY{DCoGd6qaGZJ_&52r
zlpj%lf~y;NGqT;^2cAVvk-DzP^ab3Di_{qq36j!_ET1b2wqosf4uKM)ELwv{4Eg)B
zupp7yP@A#M5bM~-M%O!5gu5O>D~v)IE!cY|B+4Gm6+L>T7%;eRMaCmPHwD7a644*k
z^w&BP=z>z={<QlagzL$EMC{n;8U(K&yHaqBd%$VfTVsFnd)GYpdpRw2?(d!c$=FNV
zT{b1ynUC2g9cqK)BZCx*ly_^;zU-px8noHbyv1SKQFKXbQRO=K70}1B&F9GIiS0SW
z#n@e17wp3NXe_ZDbIr(2$#x^;-Z9Z%rd3AoK`6`IP<)x_xU!3NO=&22sf#v*b)nRh
zN-W{%W6UN5^@WWmLW@)!`shRE{TO{7>{6uOFXsw<@uS5YQP!?L02Se`WN8!(?ug8{
z31sTC>GqG1C$w|?1LKBh8lh?!#)kcf4z_x>nbd+l;<@BuD|Z7Z;T0h83A{h<!ukQJ
zKiy>akAtVo_+%?M_h;VFdCDRuvf#Kot|#1;?ijiZNB%<x?6iH%M-`r-JxY{HH=gYN
zIi2k4BLLT|c;{k<c!pZ0DV4=|!j>|Gu!7`35zBEMK};P4aLQ?T0PGB>A94T3>6Q>~
zuB@n5Dicv3&Lto<##U8g4z%DSh^+A2Zq&wNGZDoCuM?2;^gaY0=Ha!&6%0d5od=E3
z>&V7Etgs;`Xo#Q<e{0lcS8T@s43`0<RNKAllC{6LhAaLPfksu#_8Arb4@O7F?`|X)
zLjCV=)N(#xue}c~LH#kB69Cza0z%XAV2R^?opoyi^%9q`1RC{5Dt@v1Q<;o}z=vo#
zQwM_+<7k8RWE}!K?gV55m97y~8d=sm1Z^kl(mP}q`bcz0<xx&!k<EQV3jE->!ae>e
zbedgU)?9HVvJmqoO@!saMZ(EEw}QhfSn>_CN##P;1KQ27cZH)W{0qdp7)N*!@Wr1~
zf3ML4qfW^lu!>S87;T(bJWT{aQ)${2323Dz5GqL%ae`63+3MNfaoBF!FNW<+bnQ=u
zZ9hageLQv&a@4S`!FzVKb=eK*GeL|DC=Mmq;%S|xRJ@0&02Q$TXD||rFU8Yy;xtCQ
zXXWd`9(Y~BSH(*f?^(GIdaE7o93X2)bCcqs?u=pBY&SKOycD<wZ*szOe?oRNtYgMF
zT*HlT*~e><+OB`6vwz272FlLa4W!sP<FxKrQuTIq65vJ140+0pUhqog2P_-$gx?5X
z9mClj!a|OK2~c)ze6Ld=ME9j4>_+5+hd54vA<qCP6}RJ=Q|iwGu0Ey}e1V{6l+{Wh
zs;a94_aj|QF>nr9wDKA3{smTZt58p=ptB)9UII->P6-P>=9Ca|j!BP|H;SE2y|VLU
z`LFNM5d-I&O$84Jl5Y*1Jqa0E4god`lnT13VabLUHa7(shX(;q)9}bilYLS<j2%eU
z)drxr#~hoCCtVi<o8mv{(5X(n2B3N`)AY^hHlSO$<5eVCJ!gur{OI#H6#xz$)+I&l
zZhVc7{k^PkuBgyGDY|TDqcZIVS=K`8aAk)^_X&o9Qr3Q8AAnNi(ozkS+}(6yt}8I(
z-e0)QM0E!o_(i9=h|zoOV9c=??W-RJMq6>=LxJl;{2lMU#wa-wB?lR}BRZcBAPdRG
z1V9l`dkO%USCVE^aXkV0412E!w8hyZA*Hg6X8!Q}cNOYDlnNYurv`HNA-!|8F#;2%
zvQT`XlXr-GNX-4K!P^NCAq67z(j>BTg0l=D2|5tOut2F2NNx!AMJBR@C4pB)KoV3V
z-wm>RMuOQhvwMuVCj(0D<9LP|7wCp1*dM<ICP1Fk8O9dhJY5Q`F*ob#5aMEWDWdb#
zv&eS(Mw7xJ2W%?oZS@SzorVCw{*hQ23$Rlicnw9sVm>B|aj32B<jwa@MKH^IY27IR
z*GUG~aXsL_yCKhWHnBL}fA@2E=v$INev`uW+kf{8rYPQz@C8^73`USMu>w1q_bHy2
zkO*7Tm*hAv2WS-!w|667{5db9jnZ9=0>iC=&rh^K85a;RVO%rpp-py6OUV>OAPd!$
zpQ0$Bc-cmr>`%kWu?UYwglBMmu>ZJpHd7tlC%YOxy~<yzLFj6o_Gg47Rx;w!l?;~Z
zfuOac<xbnJwY=Y2$IEp!7Tl+s1m`|}SNE8TwRWZOnDC;g2`{=Cz)`JvkLQ*QYR{{>
z$Bg5pq7Ai}oA5c41M7Y__;o~j#C|9B1|Py6Th^5P#_8*fF>?*X5XF?ZFLmOag%d~O
z9hS8vmlk-2ny0z@LHK}NGJ?Za!B%6V8$UeX*rgU@xSV4cEuZq+J2-M?j-1`*{~gwf
z(}~5G;|XiU>Aof1ICiOq{EuX;8A!fLtQT7;X%mI!y|Zz!aLHDV+?&B3dNPM39)H{k
zbzqb4nSccL+R<`6NPS<#d!SnxWw{#=2f$q9vqL7_;;<Yq=}pP0N4{sM;&#sg$RgFA
zZ2bU!>c>GpWTQNu!X=KozDiuf&;(`C3wYIwR#dyj;zF#CM8pC^f3a+Im5zXcOtE@u
z+0=xxEA`^`<~@ps>x0pbtpQ$-CUGhLbAXIKyP9})CrZ=YUGxu~>RR~lD+?}T)j-h>
z{1ypUWt2UiWvd@e3HEoW$7RWqoq^LB1~)<;ti{1Z6gm%OR?Nr6>+xT3@~Z2!2~#;?
z-G>oy5V5$|IWyN4R%~$<+fADsYPF;JD|jMes&`(2%hFFqk7tou<1igpDm<vb=^u;5
zq|P%xGz}_^`&-0>v}e}9Fz9G*gsS0kI4s*shFd+B74vUE)enlQA$V@f-r`hGX`62)
z3QqMJ2*^;0<DdDA<{U`S^#y$ZT@UsRPUT)H4y@WUH_^534+UI`jx&%2PQ|9$Re<0H
zS@i85-$w?~AhXx`zDx+~Ls9#g<%h(%21foqOMW_Mc?@KPY&b(rgPVf`S2i<Zq3VQW
zK@~uFW?&oB?(h|&DtPN*>4x>T2t^CA8;W^Ne@|r0Rw@{{5OGwq4=YQ0RBV}ZK2NO5
zqwz}RGsp|P2jP_bO5Nt&e=z`AO;&Hya8GMvDGcWib+Xnpb@m<@ZcC{5v>q#V;)b?Z
z@BS_|`+L?L=<MA)JfSt=d%4x7R8+DmZ%v#I-#sia0kDzMsb+s?TSA@sy^(Wi;Ch)8
zTeCkYp;>J;P^##UbU9zt32)7T1>26J8kKoiFoFmm<VFi`mLiH_*D7DdzKht6Lrr8^
z5W;AW&O@k0_5)m73$ei1cu*_uZB&8br4x{U&|5e%Fo#Eb=&cDESPgiN!&|cuD*`MD
z%Xs{iPtfM<_-dI)|I{qweON#0iv*sYhg6*%TAq$KXXegj_<?9!u#(=e@QDEXYw3%#
zNHtdfP0x8+`xd9*p~2INN&FkE^H$HwgEn=`$ApC_lo$ipBdSYpfJO!&&B}sqDC9(d
z378C>3A~&wO{u`HDlj_+_R;)<UEMD3d}y~`SwA8+j?5bCCq#X*I862xcVhueDQKY^
zr8o)Ygrf*v`XcePa|n)SDHVT1v%woW`^O1%ll|i)w!9=H?x4C7C}QF?ILJq+ojFX^
z%7VN25UMM(Y*!XpF<@5F9YvX~4(}@Lf~^7Pbf`5-c?t3Y*P}48w>JO4omM&(tLt#A
z2uQ4Rf_%-&g7Z*Bis5W<rP+AZLqFj9nqi^lWJClx0&Y|e9Y}5kH{lKEk>)Flw(-ew
zwiIFwM;@CVX-<DqA63hQQRmcau`a{~g4$2_mxKoPs_QDfM{(?BWpE(7GqOU#4DCVJ
z2{6So12=^m@V&YcoO5x3&-Rxy1*+{Y=!A9Znv;9;VvbqWpf#fwJz48*iglVA+&i6D
zhydYV3U5vtw8Hi%CE51YOdR-p>t2u_yv;!QEoBEq2dK7B=IA3srjL2q+o|IELtw1n
z0X`1RuJk_W++dQ8uY9w@j~PCa$&QbegU@&8e;5LtdR*9RULz<6EVjtB1}xT5-m(Uu
zOZo+EHs)bmtR3=-2ZH5B@D(Gvk7k(~E#Bd+Pj{4`nuJ9ch069pvd{O&ks-wR<EpLR
z>dRn$vo^!uW$9N%Chp{LgE7tS#Vm}&6pXWnoawoqnpn<wc=aZW*vMk$Io0o?CtKht
zp^`u`bNZ&IiDSdkyuEBH<Rz$}V98L0YeNlInjPFDX~3FI27S5iyfxE-U8k+c!U6Q0
zrn$P5g-mN`8&c7=!pAF*A0jlSDC<hKfk$-YH8`1)Gm6!s=U6SSoe126&@^`cl=MO5
zKXxa%IXCvQ7F&H?z$FGj=HlAX{jyWokXw!VUP0fX3s#+Re-r#GjB{Va!#L*wK<$ki
zr6^m07ZTni$T}1TV(ddEnc<D%yN&{VDkOs5bcR<aB_jp_Ll7iF$im&2_JlRHag~fr
zGIT#&V8NAeU>hfPjJ(KLM(j;DTZP353l8Mw%f(Tqlc*7~$l=Xa0(;~U#oGfoP>>p2
z<evwz?2%-D{&Pe7mh_+mvf}h7vC4}O5hkLLuv5`C^#fj%Mcwh&pTEM}(o0!%8)vh>
z+chz8eKx`&A}FOHY|@DI`Fy=+war>strON4sC8q&M08Cr3;f*bX|uYoGrp!-X6~){
z8kNLof5z9;P2}mlM!9A5j;^rKV_N@Aso2FAf6mqTG|(eDW4+AiNtkE^_{%D+@5WYT
zAR9FpbrbUkzcjSJ^CFn5gdxot6bb@mkqU&(>~B*5T-eO^9tbygLc5Pl0eUut(aqtD
zzuO%k7`tyUr0{OjfuP-&QWLlZ-9sH(xG4OHZV&;pb4<7B4WP38NTiy>C}H)4#wnHb
z7C;Mfi45!<F@ba@&|)9mz-7PF;b_-JfC#sCY&Ltj=?)=%s8gvVmxModCn*#O6V(?u
z4khh+ROPXf{M4?O{e@67{s3%$Vjx<*KioOj5w$1-5nZXM@^2Xkyt!P+T4_Ca_aN3B
zsz}kTX#K{}{AWji?qwkWdGyM#-GEU`?7pr-_UbR5AsP-TFe}~^ym^M2&`{x-iL=U-
z8g={S6?!`>`-s87F1i>EMx-;aAfbNAzQjnzXa~QOggT8SB%A00i9Wz^Hbm**<#-Xc
z7G2jTtquCEF%)m&bA3u&sDF`xzDANTLMAZH+sXiOhGtD&79h0A28fwD2H!BlD79La
zdiC!{seF_QyeU&Z_*(BnQdA~0ywTrwr9H@>GkuFOAv((%D!vC74?aX|It12}t}EHT
zzTn=X0q*HW2hkkz#2lmIwYVD(95Wv=C6aG)$^A{}O*FU+H1N<~LLmvIFM$pKKbEgu
zg{>wQwi?~~5;cWu_4t_+Z~>363;N4-CqkEEZ_7XIfycW;Gx~P1!w2PW$QW};XXu}W
zu3--EAyaW*M%oa%o8UE!XPz#R#4^&X<)SZua3W%X0jB$tV6t%a4JJSeXNWg!d5LHo
zX5B0n6_Eq+EDWQ+YZ#0rka~qlza$Hs*W_&-?aK1DI^F$Yo`+m0%=0B#G|j`yS7^q<
zph0JN^ujHHi(t)ydMfD?Gvb!OTgWoZspS7Ksg~Rf*fgiQ^1`Oni`$!0yBVg`lFW`~
z)Y<1j&=Dro4}(b&)1Di5fJxgHseNLDK?!H}{=`-wEMwJ(4FV5wweFTc0&H0A^(ESL
zxHcKPA)kVc1H9fjEsD1nragGd;P8Hj4U3R9gwS93DR1FIR5riRKVpT|+mfp+;;nK{
zf44K(_#TU82(pkB+v1kil54O5a=-gZqbrRjaK^oD>{)9TG(pgoQu#X~qBh#FwDU}$
zo@!&NFx2Pb36vMek_Zc$A+T2_g180OKeQ(dtQ!l3mkLwhv|QnCLZ}p=)(5El9(T9u
zqf8<{hOlfwACaVCr-JuyLZ%D+g;U;0q}iE?m*E$dCtNRp__bs&<G`N6rGBHAn#fXw
zRi-D1EeS|7*lF0URd*#|zR)f)SyY34F>PiN+shlPd?dWeElR~7fxBQkbM-z{Dh^76
zp7$%Abp)oei~;-3cCgP74!A_JmPFW?n1gv}52CO83bmm_6u9C(QWb@f6Rn2V?b9&+
z24+W$iDIGMy1^j9hnm7&{#UN0;V#FWB78Tx?j^lHDItejk*=F1CqP(unx)wl4J_f$
zx!`7lW%Z6!ah(p*x)cl<WnYzL?;UTHJ=hpVhuh|Xg(x7_$MD*#?|bz?3sB45sQM@C
z<I52sbr`zn^^wlPqGq?O*^TdoIHS#ue8eCOY@>mtQ<fc0UlcsXXtqe%-=l1R=NSZ4
zz2wDVsC^?Phjf5?sf7B#O$O8>yTff)2(=Rn01W|ox-7jq+*8#k4FvUB#$A@caF$`W
zej^J%9WMOm2<Q))7u7iN?$0@Rqk+a<k+M~U%FPp01o84F*8m+KK}5?b;(=^qw84>2
zZYFqDmoS~i!lP6UBdAFd6sH|-EDSHpm+%{-q1W)mpYsm7B{+#AfWi|nx6x3sh6~G2
z`!$?#YVb*VxCt+PBc+HnV&>>QxRWpboPB>W8ahue^-pAoBRjG-DIAyY2@BT?1Qc;=
z(F9y}0l8<ixuic-4xEFo!R>m<-j?x7#Y&X&woFhexaH$*x!HAJxJj>4UGwKmU1v<X
zI9YSWW0U|4S;U3gV{`sxv_Xp3Vw-5&*DayQa?PY#y<g6NcL@S;@4>FEQo%U5;aV5*
z1+03U(cZ@ZCom(r2tzuc$V^rWej5|qWsI*_r<jaM7^6+VmsB6-kWFGd?!@4U!9bwE
zNQDpa#h)|sNqh$SjnOXDKcgi?h~v@F%f=dbo!lj%_tl|qlUz=zOyGAz!D9@2w6qrr
z?JUdgn}(UO%QapP%ID9SW3-egz5t-IYX&pw!VQJKvW%k4{UtX8!!Ot91HpoGMD6bG
z4(Tvtt%D6+?`;toPV_fEI%D9Ak1#mlyuft;fI#4VOZr;9b+_5XDK3MNUvb_kY%K=g
z$M>H^eXqsJN}pK<aTY|`ttU1k9p!EGVk~}eg-HBt^lumDZd-ld;3)eDlxxN>uQ}Lt
z)=HKwRF7FRs|#nXp?jYdPLI}mYVKr;@Y@@C2JwWF9Ec(092$p5`1;vY8_w9O^{6Y<
z^kY1<&9XOx2zm8AmZv*PFISd+Uvs3>tdqi9@JNq)+V0G3RhDj1mZsb|L!A%@-#<on
zV&TM+B+tsMstIxM6I>JQhI&xKDN8v0aZu(X-ht4{Qb)Z8KCQC_cn6N(B(_}Xc@WXS
z4gYdEzK}h6rc<mE=p-11v0dQsO-y$BhvG)Nd=msxxSRB+MSVO}@ubVg_~X)wup46Y
zTN~iQV)e8n7Jq}6=kV0Ic&q0W<U;X9Xsz9{87DAd5GjSXN67=8q35lbe-EtUSDfq>
zqt%U|&B2grDWSYnXUyDDJHkAgEZ0#_1u+Jp38BrdXM&W4v6m}((!L^t%9HUWc9~y8
zy8ADV(C2z&2n!e}t^xolV|(t;fF%?p55HD7>*SGh0^5i7@>c2p`U)$QIV%hrG5qOy
zsn3B3eOT4C*36nh>HcYjqpbCwm7ov0iLZ6|^GF{l6B%hLE}o<^29M4-L;<L_;|vPu
z11Nw#h6t1nqgr%D@oar|Q??)aRk$}Akc}h}YiX}`DKeniz?`Ym)w-HMC&M+j2VHY@
zx|&G3f=?9biiN{;1>P#@3MGIOOXzf!V0fL9uD*X6k@q5Ar>8$RW_^K-5O}?(_Bn1~
zfk0{v!%WGwm~j>i49x_1yzIwbcpQwat!C}+?FN8O=U@WEc0d6{txx^{Z`Lc&V(kxk
z(e|nT*Y{g<M(fln_bLNZw*6n)Z@uQkf4$$DQ7Z(!@=-st-@5F}pXgBk^?vI(1{#Ds
z{U|rfz*@K?$sIRSgQLC%iw}c;<6qc5J;tAsi2Y}t`56Td%L!)F7=OP+hqo5So!=%G
zVmlR^gkneaOT2*ZobFt_-U?;XeE}FxBDv1B<U0Mxby7V;ldB)?5lrWbqr0n4uEjlf
z*eC454c-;=5}axmr#jX=xfZ<X@#7#<oQ=LbUy_^+Y=HNHfnDlu^V~dZ13@QaZ<<!u
zG-)&zoCdniPVL^Fr$SEuo!D8p*aPat%z?eOO&fsQwd5`X^cGitY}mNJV?YP!<p^s6
zAJVdmWxP1c4mXV0!Cr`e0ApA<yL1n>f28lZp~O2)C!D6^*;_tiF9y#K^Cw&db|B7%
z&?pJ52pa2Jt1PkLxY-;SZ)<FRL{)+Vdhrf%Q8)E*9)I&TaYyb(?8xmMp63ZQmX5`%
z1AB6NJ6pYbh8HGmM(VL*TpaUIEDCqQW?fI5hLIa~o3LkR1jPOwFyYpmQIE2K@t=aY
zu(3w$@D(OB*wp$+?pWqth}>9!Ov2$Bo4P5I%lk<ddpD(d>!0)1Cn5wSaP@|gl?AkP
z!9C;MX9TC{f7IX<(}!}{BD55?H%on<>s%v-gwBi9?dPY_ZT&Nf0-<qfx|CndF+-?S
zv(+2w@5U8z5N%nizbqw>8B$Pt3JEOZ`dUBkr&RE22yi$X#v8%9s8m6B4MMtzqHidf
zNr=%(ryWov{5ko+&1bzLU;<OlFqla_uB`;nGw=Gj>Agx);674i!<#3RSYn4cbErAE
zUSdNmluBO7A+Cb%AjcYjv4@c++8PmiVS_;Y-Gk^p2)QxZ3zm-E2l|iNKlUEV4NDBJ
zM}8_R9A<xG5)R~ky_bpzWrnLEGh{?$hSfr5*b$Z)HbG`kDhHyl_%cdv7|9u&C*+2q
zn42dKLvDEN2BH|2050Yl?$6m%7~!c=X9)u_n_EI|xY};8o?H!M!D=+p;r*^{w13dm
z;!Z(EFoc=sUhEKIBr-S>e8{3?&CQi$o_~P+IvIldFm7uUABT?BBgQ?i$TtH<Z`_;w
zcfy2;A`RgO)5BDPkh-7{FY^A2dSGSLPC`VHpl^>r6C*~t!-z#SE7WAjO_0%Y?)}t|
zn|e01gjg}<?1;#ey-S$>qP_>CgQ3Hr9uQ4ZD*lNYye*fz2S#c(<^+I=C3{jBz4d`9
zpfj*Lc=YsuAyrv2C_Q)uh&s-oW#dZA?86awf~euli%;RK<Z<C7)!g(%5_Z>;=Oke#
z3c~ITo7&JI+-p;(Xa-p(UdJ)Vd^bPE`QB|gazGE`Ez%uJ$Ov`Uvy9+pl3!!l5%$$t
zhJ97R8O(FoSMz_)zPf6oFalp-NIu#=+_V#AWL^57jjX~SUtd2Ad=QTy1ea>3f51FA
zy=Cu$y>~3^y<-h~uY>v)%)Q`Ebk)(#z5BHsiB5m?yi}eiNOXGew3=wD``^Ld*}H;@
zjCdYQ6t>^7@ccPRl}6nOB087-x83}<8wO7krT}=P^;7AhwqGoD3~U}{Ax^}WM4?h~
zHHuRGyVlS=uM|jwH2(&Rx;A%%)I9&rsjBa8yg{0dKvKL1kN{|K1^<RwQMTq@!q(i)
zutEktMSi<@uEIr^+a<b9S*hT8NSi+&zDQW;((y#)q%Z90aJ%Zc81F0iu6QYJ3*&M_
z*hlv}#e-wv^hs!--_?tOwRqFpg}YSn@+oT4H|P90v#e;~vyg`|+bjIY2&`xMD0fqp
z@50@5KAuRQpeLF(Z{Eq3awz@IUuO<4HEr)bZTH;+8aT}TWEcdFXxDr#=x?&@T}H&o
zNnL>YFA(*+^9<EbyFMTaUX9*{ipK4v%0eiC!7O8dsBYzaWU!50>xsXsi)dNU@TZgB
zqx4wuuChn=AZu|166RQGNOBF#t2hilrob{GKIZ3Pdcr>*R^QcOSG`9CboW1X10lu6
z;H&x$LGT~ouQ&5RS^1&G>?p);!}fC;1R?AoXKq#&)CgN<7r0a4Fa+GTkdMG)N~MN$
zWeK(@#+m#h8Ys~8^=?e_);;H~OI!vf6H*H5AX6#cmr+pA0?S<JU6<xv`J8uUqE!^K
z!F2}G5Q@!1vFfHctGRkkkqxVC+zfCtFnt6c?*ei}0(}JJO}bG8Fa-+-cquX)wI8-%
za~83r(qde>VhcPF2cY5!<OaVLZja)rsdzm8;>g4cXt6N;<SjA5x$tGt0dwIakA)<Q
zF(k&ZPPh~e7K|)eS<(d|{x7ln$C?5bz>@py>Z!mWya=MmK8Ywu)76#Uy%guhLY&((
zd}yPx@EA}=!bpf<dmzv?L7-bR^q8_>Khgm%4q36@y<KYdLa2imRujCisuLOlUmzQ(
zVz=XZ)_^4d4u{z%f6_lrgwn?Ws|n~Iv4JbXa-RalA^2D)r~kJIwtAiucLBhkBpWm9
zx41!P45U!_&!<^2YE}#z{!g@i#DObR3N|87Q5GFU_5OPryl{K%>s_Dbt$og0oA{|5
z+@SX?O3+Sjt=<!7GjGVNx;H(Zy{jzvJ!*D%Pa}4lTi}on92{qKDIfLs1s=aM+5F>y
z1CEtm7=~?KPT(L4_(8V<{49d^-_qcP_vS@b6te;c{Ga$S%UP9zUEb3umM^f_3oN!)
zO-b*}-HggT*pGzk4RAQlC;w~&?W<|EtJjf)fkQ6-pKbDwZD23-4U4#<2b6+Mvi<09
z|GWloD4Mueuxh2C%^PC-QG%T3Rs5nG^30p^s^+G53EUxeL&tW4_-;#Br#4_x`^U!C
z>`k&#{H}&{=9((p^b}P%4Y#7#-UAGH-YE+R48$Vc^Y8#Q0Az&U2#F+-jv%Zf-IlO6
zVRQK@;S%*^jSwi@U4t{;H;G5rtrcrszlGYu*$ux$##oK-^=+>h5#ozM6V;X46<6!a
zdy`*?^WJ@iIR7WyPc9bzS#UImNN^)_D5Ys-B1g-@3=_^foT8vUc*miFRy`Gg{&`3O
zsc=@0f9ZBvHkYXo`ryup)QdjGti`h(&;0?O&(kRb&Lp`r?w|+1{6|Nk+00?c7GRTe
z4U0nqoUUbFC4~<U%gOVx@QZ>rc-q@`dD(?FEWiG4-|hyJG+a<-)W=TA3h=x-ob9K$
z6Zt+x_^{ewAbDLJfN>`xFHP~%vlV<OIfgt5Mqxak_oz)hUK2?1?txc%{LT-Ozzma2
zRnGJtB0U-DdO}Z;kQ7PiB@)b$gcOkw7fFB%(sA(?M}4C=rYIsVeA?!1?pJdZWL)27
z_lCME-baCaoo#6HBS33t_bF~=DGJZPW!U6jIEWdWSM^9@T|w7GUEQc<8(qP^{JB5a
zi$BG|B>wad#`EWLxWR(YU@Nx1ATb6t(f4I)EjnSovVhwU;y4kmE*eM)^J*ku5Y|p-
zOv7$HZ|lbW)q%I;Mhp^&bs05-V7B<AQw%~B<CB&0lV!JxPZFkzPwMcqe31BL75=jO
zAC~8jDi(o#1Qs#Nzc9J&cxYI1Tc;Rh0r&Z4Se5&6pWp0i>>IbmTi!~-@6mXx_<f+8
zL;TKIql~Me8X$rq_!s^g0rI>p@ydd$0RSM!eSIc0Y}_}A0C^!&KqcO$reRI5ppJ?p
zBcW~BMQ~BW@h42_x>%1*E#b{pqGK>2<~(c2$TJ2R@-NPZqhG$hUN<2I&eXQFv;V^N
z(4L7gY)dOif$JYmg?roLN_z0#s=)JTY~X@VuoY5`&GF+1P<n<@+#qi$52Rl6CR_Qy
zh3nrCtzE0z8(`k-GDEq4ud;MPmri&%I77K}?+j)7x8EzXzx@Jz#6P?C%}~Brg&gEg
zKa8C3+U0x>@h%P?xb6>7Yz@AtIf93p8Fpo!;8qt$>Cf3)=>DzzeI*1m?hRQsx(`MB
zGYENGcP~q0WC-8oPTvEd%J4NKy9`$r{X}-;ni0m<8;(eWug&}cHXPUhDE9WD`W~?<
zi0CSit02e0u0xB@PI&b|$8>*(^T6rJ?^6R4m*b$$@SP$B*XbH6>Qrk~SbT6fiQ(B5
zg}z~**BfBBdvCz#kHWlw?F^#9h;eqrTB;b11gCEzd=tk^7gn#(T3VFh!|dHm?&q7D
z>-3dQrsd4;yFU#lsNq&O4?&^U6lJzJ$q|dx4e*D=D)vM*Lsdb%x;H(q$n;H-8WdWw
z!?N0{{J9q4JE_6u7Mg2qSltx(VHRaJ@$@W!WEA=P_2fZg?34>7+Iu>LsQW;$ax}0&
zq;o8DFv%$|Za|z@Wx-1zFL83(sp7tu`Vn+niGh=i5~EbE6iq~QxbP=9k$|-9U9gP=
z@3ULLw2RLdu#X}+T&lQ8#LpHPywy--NSmBvYZDJrCps!MT*l5_X+FW9Q5e?7pf}rB
zw-?v|=j>fY7KjU{9LmVg5m7nhP;8$&;M2-8A&^%``3H5fTUIOHLI8w)V^HUU>j%ZU
z??9gvfr6WGw@EvCu_N%6cNah-*aKid?Eo8snZ1X@QmuIDC<2rRbqA16F2uEjZ@B0k
z;Fg6j%|w9ywQ24Pf@x0NqL9Jd=nPi^yfD=<u*_^?gW!seIRVGW2f#u=6M-7k5KX_q
zHqX4iJm6p71r3M^G$9|${0Q9OS3THNH3BEGCxUWE*l|z>=K!|2aEbR?N9N|zNwB4^
zm_HtxceYq4ajbEp)+YE4S$;AO$z%{+7sO;av_^aYbrRO*k;wu20{|EX#oeP2v!pEW
z7%*_Z%~3iEN=dF*`_NSGr+D{JfSr;I33lIb&#A`J-{5sZGUV5NkYD#ge%<Lgb*wl8
zfoPIpklX`<<Q~Ybdpiq>WHW@4U~eg-?69e8gNb;CadDjuQG}rBAZ#=dnuK!~T~L2a
z;2ZprG7OH@jOc3$@I;xg#+IM*Ag{Qea1%xmGhP%HHN`9w0)qD|oO%HDk1z+SP*RX7
ze9NnYMRs*!2KBulti`F*c2l&#X^xHB(95JylX?fzoN9eA#ctaC|B?1C@KG1%{(lw{
z*l_y>A%Y4LWzj^dCRS>~MH2|JD;tbjmDU?QB4S&W!Y&st5ZFZ7#%<|2w6#6<lvdm7
zskUoXL`6x65WG|oYe79N(JJh^Ug8Y`DEoVV<~w@{YX7I_?@O}ZXXcsv%rnnC^E}UB
zjO5455SUlHnCK-Xjxd;J!N^DnpJ44N?`qW0((R$4jPb&cF<TnYb~8R<x2F13$rwK9
zOlM`XxNMixLi$|tqx>^mj+mMAmlbg5w4Gj2lHBopVHHR7>EV;}j^(a>nror`x+y?L
zQd1>tNY+szzu8l>+^Lw`trbMDHNEx_Cr@==;#*H-ueRj5GL4j#A3BQnbWsh^-YKmQ
zl;bYINUb6IG2FxIe5^)`RRk8-eNMC3gv{aeujWi7+53KWG{$|i8R%@io>x)Wzg1bv
zY{lxAC!YbGI%MGk2uEp<YZ1I!`fJ}tF`;JCm7#|EnBTPoKEX9%SU9xs-qeU*>p#}G
z5mStXXBJ`%+-^k!2xPDao<COh*}QlV@N8LlPpUK{g-CA+6=UGwv^>f*%(O<zhb!*Q
zoY_yLitf#O@AG;zk;3_=s|F{X#%C%m8<6+}Mwcb`cXe(B4XUqLSe|KN@BJrZ&zQLx
z{ssLMY!zRJ|EHQQx>GsRm@}S(-iXou`#l&LQ#fq0)co8OlRYEblH~3fl?`{K_V>N4
zRou9&Ra}3GXNJv1KI7WMxi6FC*~HC|O`Ovt8%8?K*u~xDE;_ftPIDVkH2S5}?1(b$
zWzl%xG40RDF;OeQd~TL}px1OSoY~8wQPLY@(HOerORO2yb7#N!zrIuZ%kPX(<P<9N
zg*J?HsMWt>!<f;}2)6cP*Jm_lG8#`y^|~!|41@q%MPqb@x@RvNMa5sA86DQU5?w(D
z{>%1>t|I13;<>DSq7*T$eIkmOCiu%t6SLQQ?)&jM{a4&-S$XL7XuN!09?FX@Unmb9
z_o$iAqY;iJ?tQ@syz)e$kNxjOp;>*Ge~tcCLup+4cdBTPRgx6_lfGR({kxx;W$52K
zLWKVPF-!l}XX)Qr?8W(%ZIKc7VdzY_=-*XeO#dua0a%9qeMd#u^`A%o9<lUqXI}I|
zs&emF4yS$3g9^hHgf0@N{mbYBPn_yqXvMvMpgDoa`<?~xxR%fuDVD5FR-1yHmX%se
zESDzAgXk=B<-XyEs@_dXcP&dyP5#E;2MH`qy)sKvkGC{+Ff?^oRzKI$(}pjgr!~Fk
z>B$ht<Zji()kmiAod$CKF=VOig?Us~lF?)C&QRI*b=mRxFQv@sZIajR3d!^U$*w#(
zLu$WIGFpATAJ=g#zS)S)8N!Q*cl*<7x4HV=6W#lVOin{>Umi--ySW^xeiWljj_~rz
z5&iB#w9RODOEs?QT@mwW;tR-mc7M;DC%6qsyvh(f=$X_97YKaSp{W$5g1Q8Yosyi5
zO5mt``pr2f;eXEEjpf!M&^p9eC`fq0vyj|f@P1(AGinHzFyCqUNd1y-3!o&VYpS}v
zogTFAxXYMm1=sH-u6@|d$CHw0kcZJel2VRq@e&*F4ItD$2NV?W!~&G5AdW$y8_iYv
z-o()zS<(4@r27KVIaia2&e1A98)=!m{_cCqZ9oV3*~`P@i8S5K=xwQ>&=((4y_{yF
z6L$xw)IcSNZ_TD@A{6xbpu1|SzaR~sw5~JlygG9+cNsW!{tV7ilW%Bx3VjBo=NY80
zxYG0A|H^C>g=G0T>G|2DG*^0qGgo@6uJ_s-y?l=DK~E}W&*O%k_1?on=j89-yxUiJ
zW~3(&3PyUS;KwL76XU8Gm|U?-ze)3qDYnyMn84UMhOI+1@HGvU@sRQCBRmbixwgP{
zEddkZYVYCZ$XF!H4CWqCG<4rrBD+SU?Rd)cOqa}k&~$anJcH4f>8z!4ze{@NVC$A$
z?^$h7=no>~<}1u}=uLkhf3VVf6D2m+Biza+%FM>#w76QnX6?k2axIa!A6ouImoQoW
z1hWKdwU1eXwc0lxUNB3r*7`Re&Y8^rc4jxcKXqjuyK$j-4g5hE?+H5YEnaRtCy3?v
zC%nd2p-YGROGtj7z<h5Bb;$p|{Yx`}I!^c!PUFA>X1N_%`*5G6pY(Kg&O5@!yo(vA
zTDgd!w(=Pz$x(dwl1Hp~=N_t@XBM%Uj`z1>%WiB&w#n+=b5WRmxJ{g)2DN6}g5uN^
zOr>kKEu2W~3_Q%laQmsLq9@aa(IHKfs-~idsxh<MsQXSaMDrm8p2-GcSSn7lj0G~9
z5)hQp%&0yz+I2xPoL0L0l+*GRqz~q$O&=+&eOd_eHhv?rtH(IRF<bT}-iYT?98gP;
zulk82at?B1<Ug|{`{2(UD-+H{x^iHuRp4KLC4co#uO&3`I~SR;j)ERS_9RYyAWN&v
zR)no5y`|GKXLWzT^MZL1gmT3pwDcuQ<15qJc2zzp^SVhs+7g;2^G-~=-sF7EHPcA0
znKDaD9dY$9GP~Bmyk?Cx&7wDu)yf@ATXHBN>dY4TLNN#3UN?HDyEJJ8xsmC7y8m-D
z>Gyxkbz6r9&D|DVg|OrUgfwmN>E08m&hIE~OS6GIgsNW{54;N*qt|dTkNY{zD?tiY
z90>NMujvNa8cVd6m_kA9dYAcI-5xbEd(4-8e%+MLa!S7Lo9C2V=3C-a@Pv<3!IL2J
zJ!L$QAXTbEa5j_LD9bT4=I>*fDimeLe)k{Dn&=<*B+~@t_vCuvsml`WAZ4bMdnPs;
z`uT82?Z^<BitMjh`sD8C|7Lijqca(1F7WpzLZ-y<544~6nC&RMGP9qf+GVNaSE=Z4
z=4Pm5ZMFjH1w+3^aE<G(Pn#tCXHm{$veg(0nGA;qS|q&-n8}+1{P+dG$uOU9-k)h)
z=m>6T?xDeAATGD$90lyd1Cw=BI~cp$yxgg0Tn1OY>-KZY9ZV)Y=7Jb;j}}fzV*DR8
z@!c1C3PR(8tsC6OJsHcjro#vM0-iqyaJw2U#5vEq;Yq0nY-Tgaj7yF>4{$Bhg?Ddc
z0~9XS<3Y`*5Zh4key}g4kq*ltZR3nH>rHp!i_T^z?@!~j0ZFiKc<&1gBfzwJFBm<L
zNZi*0TkwhY`iVp&_nHf{$yY8k*Gzq$$y`8{94T2%?kp?*tr3M?KhH(6B;n1T@mFkG
zbX3!%ejAsS`aNuc-QPfRj)wvFGn7JHw(@BSf4KF3Ue{gE9o0L}JpGFm?`)+Ra^P$(
zkGR*Ec${j)rEuMPY4jwVx7|zT@~lu;*TiVwEXgdAU<~DAeCf(5Uy@lYx8R8MzU!MU
z?+5dPysX+pPI?Uy=`l|q8KEH+^Yg%{CV?SHYs?_=suIVF=Yz3%X=4u_tk^FsaYp`V
z(iQne-!?A1{n7jEw17zA79kxPCfzSjz`5($g&3og@TF9U-_`Iyg`NiIu8swb4Y9%@
z_<1=uHmU+&%M0F0_OLwto=)0OO&h>A&A5QU&5Z%sPExi97a%x8bb|kw?geir-ykX4
zFGF!sz$J89)oVBcF#0#RWT8iKU4cB88TlCle<0x0^ZaG!!ZQM~uM`KOJ^B3Z%oy40
zOp+=tD4?>F`kXW2=Awe|ca6))wlLD}9pn~_zF`P5@}PrG#G#7DQBtQ9`4Q=8fn)0a
zV*vPquS`I`>j}N&@9TDQFtZFKv~_z<RdXF?pPD*Dcy2epAnzP`D3l&L5m%N5)zm<e
z__APhQ{Kq0ypeg2UZwnRXDXT>eJRmK!$8ghMj8=uFt)*`J766I%Jch!1GZkoxq1&t
zsI_opdKcOQ*>PHAJEr%})|)wjON}mnWK+NJ$kYUrwW$H?!G?!?ym7T~7}AO(H#$Ff
z+^gx?<*(S5;zdOLvSBF9^C2?TjJ(6#cWfqmXC0f<-X&x3K@eNk7D@N#@oIuoJl33F
z-{`)`9!ZbSHR=zwO^0wW12`pL`GL^x1?W&N=o{J7zkQFZ_OP4F>@CHI+@~Hw7t@YH
zx15EOlA<vL^uZZTeeny?LpEY;@(MSiZ~GoD*L&)tTWr-<ipw<fFS2D@<j?@#DJLNH
zO(`B%@;LFrbLoU3bb>>J1JUPFwXVhotU;N%gU)qdYMlEvESe~WMVU>bS$}xxF*vDy
zPRlby@wj>4g;fTXPjqBHhGNt?kMx`T&6(PYcQI1#D_cAU^rZH|WD9?UG5*SLnprxt
zPvnD{bBo(Ur)ATH>YmhANRGUUtTRB}inFe~@|!cAW|?~Fr7{_oWpNgKrLJjNUz#<O
z8Z|JLK1-Dn(ua_dHsp{gyCJ$KRZK<P$G&*iduFWgR5@tnS(MEo2Z9RStMx4Xz&M;S
zFMa)y0`V1t4h)a2F5}q_ba!yI-|~IJlYc3qY6^K{jI-`y4|fEUb}d55VWyNIxD_aV
zQ3@|V1B<kUTz7D7@CMfgZyX^t=B~4gx7HP#{K97?SAk{R*3xROYcE#TP0I>t!;^HW
zTJ>pilEyu@j7f!xbn$jmljie;X}uJ+jH8R;V(@s=cLCSMjKh@|&;Vn9QrC3W1);0W
zSaJK>*SXcNlx8GgC7~A@i3=DBr{z==LwzSv{y0<q^?d`KPqAaA3pbi9CLOhCUa}u}
zre~G633ggOM9NNP=XjL%3=kS(*Lz4y(!8`^Nj_uo`Up=2g4YK;s6-CWx$Q2{0-leh
zeU~TS<+-`g(7Gl_q&s5oCvOs-SU4z&c;`wn*42zs0l&5S&2riVG@1bIaU2|PxYs>6
zZXydA{+1i*z)3*5TSeb1=sUCh^%CxyedCMuxOW+wT9v=}Me&o>ypHJg7jylE|GbrC
z%T6<*a3d~5mV79-(JV2pMz~qi9#QQKQ&@)SKfEe$-s4u~%wARbC9C0IsftXK<xh<Z
z!~pc|)_eJuMziz7-|&@`n-RoAb;hGwU1XC~lJM4~(S>uvM_eu23i|RF7+obN;@a7_
z8;3}GB5+#trJ!dgk9YDNtm$-`zt4xWZbb9;rJZ$Arlpp{4W7tb#?e+FpqC7;?9={M
zKkn6vQ|SAM3SN?13;!^_wqC6--tJE0VDwqHZccM0Iivkin7p1@!H1pt@+jrn9Y#7)
z;(udMeep}tSF`DowZfL&mGM0oD~twWg;QO-{q$C+xrt#i6@T&5OvT@fzUbcnUFlx`
z;UR1?1pJa-w|~_9YpOYSf0?VlH=y6!i=WAO32P!l)i?E1RhCs=U;Ik+nN$?0FV}%}
zx(?iK2)pdqqT3BES;~}8wz}gb!g?2r*zeg<wHGP6)4Yrbv$UGdKGkVi1EljI4w(!4
z*FA7*VB>Ncvy6X!o&afnddWCL|JklkID2|p?EGB}?om$UaWIn7GIjYAj6is2q^{|W
zF`#XiY8qpM6WLvh8fo=6`<N?FLW*A_uzSHQ0?*A3n0p~A3yoJW(x`JUF?lW5Y5tk&
z!4{S&cj5HZT<u^k!FqL?nAm5tktgvWZDf-fziGuUO_N<pHgdtKz1F)b8+n7aY}!bB
zj$VLC&iPyTI$`l>xVjw+N3dasj-{3Z=mRJEnR-<A8g-HO6)5(7x^P$Oa>LK3#vA(2
z3Mfb()FY3vWu^j*4B0{0A2`4SuX;03(WBmPSxHV}e4-1z!RUA3Ypxn82dy{;Vol$~
zW%<-<qr&Qsp3Ko@E7|6sXJVzVwTTVil6c%}FJRvwfD72ff4c#k#cK|63#<FuT|_1R
z-Gsxy2R00IrF|SsQHx0w4^a+8c%K|rkXpdU*}~ACYBBZ<cFUODFkB4$;NLxJRM!2V
z`D1Gg6ZPa|&=W%j*{nuCW^+g#Pkx<GsA`bV-BsHYKR1~XI#f8?j@>9U4HC;TaW6lv
z);*uNE)#Gw0U2af`s<m9|D-PF{x!8;^d;~75qW1xAo?MS^TF0ib832KAd{$dKDs0G
zN~(DB1R1gPJV&O^%<<z!DEprD%i&$TsJAq?$=4ZP`z29^zciwba;N2CGSiFB&GVJ3
zq_Ynx1Pz^7K+g%D#a7j+@s94r(0b{Ksc)L~lTlmjjC7(4S-faWaveR8E1y(pH_Ew9
z&Ui5sM(y$&WQ|kGo5x~PpJrG4AuvZ7mb&tOwmy1*1;=_r<OdFp2SMAlXevqS$BN67
zmMjb%p|A}yx;BV86-eu=uy}`S`4m1Xxra+t^(PEL@d3RAI;NT0U|C_R?c6$tOeDP-
z9<15R11r=ALF-tmHjGbWN>av0q~~O(`B9S5t%2yyNY5#HKS!T1Blx}lPfC&Bx^k58
zhPqFcRJB#To3|g+AHxgSNz6v_U7^PY=?aRiI~m=M_R6^u&+)kHU(pU4YfjLw6YH;d
zkB4Y^Z&=@)8B6eBcrrYy*q%1!;^_)j%#qm$F2$$Fk+f1JhcM|y9&+R1*7GCIJpnd#
z<ONd^FJ~&eQU+gvDC$5j@@xUlB6T16LTCo(tWjQ+%^#zr0zcQht6|3QCW`8<9#e86
zcaa~y>f(L$q}v?;5O0L6)0lRimlr;sY$3>=_jKAwn%S3WV9OXv)j_y~hk%Se{AJMY
z<Vya`T^+31?X>)z<PDy`i@G42a~s%vI`P38m>8$!L_Qm$FEbtHxmv<bi#hV~hLy8&
zEi63KBQ(~-xq|L`gUr|y^f)DI@Fxd7Z%8LNdKXQjz0rNOO?$@FGHaoc{@fvDI$$m2
zIjf;<4k_oOC;X*{6#OSsv~=fOJ>i8Hr0{Qx3^jL5k^1n$iK+8)<3oJ@X~pOlSEfd0
z=PR|Qa(k`j@sU}zdfwXmFmed3<Fz`6ND1v8K2XA^aZ8^`%9C?L^li%LgmZGB^~SP5
z>y&c$$_LLELv(++i!OvffYuN_DDlj%l@)!s;3SyezLT%?p$#+!w@YI^bYll?(+CD|
z;+Ot&wtfw*|7Nn*NO^hm)6ZM>5(8<qG54pjgm{`>=h8^esp0Q6$j7G92LB5|AQXtn
zJ%zlfz^W+JR00rWvVoD{J1y@LVktS2tnpP;JpH2Tx)<J?jQTn&?*gT+=@uPo&NBVq
zfg0f7l0P7r@nz&smdQ;rb)vif$Ci2`2dL76R8Sg&70>%UB-kH0a4OF%Xufmv()=)+
z9Za)P%U=3y#z|_x%nvz9ox=2}%by-%-U!RMNi~}LVu3d09HoAXJpHkyg%lrdNnw$_
z)b)`1eDp)rs70Jy3eo6Nxks%l=1IX#Cj4T;bN!8=>tfm$toUrvx2HDUJh^~&|Cr8j
z2|v=59N~9bws8z_k(OVUd>Aa|qg3&4)#x<cqH&eKH-BtuI<?r%K~HD8I|rqprsGSt
zl8Mt&^<`yzS0@zDXJ{%WKZPkZvOlt7w0?{?4U<_A$Bd051JT!>pj?e~^L8+kr<1a(
zts!;`BuSz#rckvG0JXvr<QLS)L_x66WGv7>g=2+*qPHZQm5ED#CdLww!(6(DZ|2WD
ze}os3nja#6f2__-xCI01n$B)>Zl9^Jnw<-eFlQtJCL5&l`=o}^Mt#dDe-pQ{U6e}~
z_$yvsqytr{I{I1=cy2U>l<GC7<x-#qPm03W3JgOn8v`SRVFC502UZOnQZV^K&Qu%)
zsJjjQo<gS(8d_pQu29GY=MbW^sZ##vWI}>pC*<okq)8#u6*9$!oTyYm<x^=x_TzD5
z@&yVxR@#~cNnK&E%9LZzfFZ0wu67O(ksT$CbujvxJ3JbhY8Z9n*(i!Z!5Gqp`$Tr@
z_#Wi@BBrJ}lYFT2`%2TKb<@yR7u&C+JxBL##anx=;pR!?m^u;r!^q}7nk9e5MGkbe
z_yhEA^A~&bFc2G}o!Pp@#$QN#-1Xj1q#^bl;tw*A9N1QqOY(?99zJ`0kgO_tXSJ2s
z)Pvewn%~|Fx7&1fI8>3`#b=}^?6mxq4<0=m=kILSsanz0jL~*l9yjQQoP4G-QRR(I
z>%)t;6`B@stSL78EiC;mY%cQ6rx#$JS_^;i%SgJP6M2}v(Un^BT0Y>WWb!=>XVn>V
z>V<zzbqPOb?|m`E#oBxS7nEeCdp1B=lCk%$cGkg?f4RLkH&Br+Ia}|@_h?yi34aLw
zB7^RTT!1An;SXybCD4-O#!u4eKXLU-uRX*kyGi8GDWTz!Lnlj_iO~Ndl<w$@Iis2M
zKLD;uSM3EVc2>S&+Pps$r22)`)1-_igPO5*k*yf(wEdEQS+k-kFbnN<ksfxi0GZ&N
zh4P%+CiC6CyRg3ad8yyk><>Q_?LN%i7qU&Bl%3LTAAw!d=0(A|h;(oimC^3@u7Q&a
z3W`>_kABExV`buFhJDKlec$>&e2aP@Xh+t{%un2ioi58+bDwwB(n)cxx&1l6GEVai
z)UtQuIC=e(#w}_~euo0tV%4cFA?Q=`=lnsMFu^IQ_2T%~mB-XlsN^wz{fen?1ehhj
zRMxdI?fNN`x=$Q>_SBMIhpEYD;7yWq(jV{7T$Q}_>HD0Ca7eHGW0NnJPtDli_wO_3
zo^7D{u@b9v9eNy<7H-h<56(0#MA_S$U0mVg=REP>1@=s|LdnoMzz6i}i8UsacKm`=
z&L3<llsmAd^hethp-igZlgbTty{=#CMwrsBbaSL2e-uZ>A0*B)k%|5uTjcW~q-1S=
zOEwpFxD+nDi~gagQGDE}k6~{0e?kLOClL4vftHTAHF_oSMqV=yftP6}#++QABs$#a
zSkbSQRKznS7Zh`H86l&8K5?f(qpvT$7P~2JP43uyykDKD_YACIgX^C7kNvqk#MeYY
zy36H<Wd|LpE(i_qcXB5!6TS{^|0^23xa##sy$kyifT203v?UzZYRmaIlC)Wcy+%xe
znHtbNl%x+e@poZq?JA5O-R4AU3c~Y@m(Hjb2>j5(vF(X|gW8w~g|$t)@h9<olkkgN
zUQqbesbyMAnDW%L<8QA^sH~$zKi}DdngELO)Ae&zbVwIsclNkV_(n&2;s{^=LEV|8
zgEC3;^XZqLPk(df^{f2#@c9+z(*bS%s3-2>BB`}5*M2tnLUyNb*!L9h1nH*_osxb|
z$;=X`<YF$FnaR3o=8MyUVMN*PZn{^KT+Rxa=_QH3{D-dUp7Q4@*BX8>@4UU@ojd4G
zUC`0N!=e2Jku+`!yxIjgGF9tlrx6K-xS7(>Xgy!L1<X+(Qc}n_ip7yGJ;=j)foLZj
z$tbjyc9HZli8_h-k$FK;?)=GZmj28(d`~dyUd6L)RC&ZF&F1n>mT{nA{DxM^cQ<SC
z;oD!Kv-P!v&|6Jtv#*IN7!iSNNZF_Rp|EUTAfA*Coha*Rw<AKnd5P2*HHSMnb76Ec
z6J7TfUMM=O0A+LIaaab&<ew*zXCseZ<XHl3AXz>t7w}b26L6&1<>mgDc2kK!@jgr~
z`|||BZi7D~Hs~z1969Gs)UH`C6Crv|Buc$=mBfmtUe)AH1E>CNr={ia*c05?pi}>b
z({jz>vEFPfX#<KCmm`nZb62yc=}L;~?a_e{pDa{Q7g@X2bg#IGa=$0(uhFYnD?g-P
zdB4zw%zkO^KGfa1@um+ED3?$IhB-50!_V@kpW*!fbl&-!YqDH<_<-rL#qIHTZelY@
z`(JvaDqXvGOD!$k5!uhrROFkQ3V3;Oe!0aT+1uA&yvcO{?o4}rFNQas(7@C+RZpAG
z@D-Y@taG}r=#RfePvojWtGJ0xzmDP5uKyTdMz<CT6`4vXpMHsNL$a#2n{RFt)1`lB
zYAPQNfCZ_e9~E_R3;H#=el~hYL2KbEx@S23I2>u7)=Az5BvfzsAE}tKFqCtLsjtbx
zX}*+ZrXET3IUov|IOr0}j65de&qvET%DX^hp~j$z^`#3uHvYtQS_~X9w6YKUkd-Yy
zlEVrr2t3SMw0J-9&b0Q_xxk^R(PtuW^o7X87Rb=9&w?{#N5jK5-#|%XDgVBO$Dwpx
zdblsZs`VCx@IjPLmp;Rzz-HaH^FeBehuVyKT?Y%_+{5lp#B^jvg`{P}eqLcGTv|r{
zk=n!eCCXM~O*k-7Y+7vf0ki%mIL8gge@++APWY+T{yqzenD601l;h2m<BwfQ^%nDQ
zIaS<OmmU#_EO#roFI`&URxmF?dR!@CfvB~HOT4eM9ktu@I8KnL*bjfG3gtEv&c}`E
z(!i0!3C*jY900U228jNm2j{@cja$JG>X!KwNq+xI)Es|n;W&Pob?djnyFqZbBP>dM
z#-BM`+ytIEcvKjtSdNb}HkyOkr-3!`$zjmAZAvP3^H#Dlho|Ly@ObH4kXQ56aJuyP
zQpQ2@{v(-MP*%Hf`a5gA<jLh#E#1v;Ytcv&Y2~Cj!2b_H-G1kR!F>q~Cj-&*O6oeN
zmkZNWLnRv^7@agO0l;x!H2+RWji6?e#_c4?Ok$uj#>oOHTYDvws;w%%W)rfzTIVO7
znrH)Ry$5&>sAkLJ?>LvVITfyMjeb{?M88euS1+_wK*jZ^QGaUnhdm71D;wuHSo%+!
zN|_k0bm=(8h=tcisQaKyV(J;)oPX$n1Z$UOi)$FE8Fc2O2)slMZs2%`dQxn1^<t@y
z4Nm^I;r_m@#ly-ebDw%W=9Bl+$!C<Jbw(LXzQ`b(D7JXoY4|Gik=M8n_rm^&K*oxq
zMz(G0%8sG+o_A>P5|(?#Xhw&Pr%bk+Wl{)rbP0rre;>cy{`9~wLdIQ*r>QU5UeGIB
zCDx8nsh)&Ot~Q;aRrL%<J7w}GGD%F<1=~RP<=RS;BtA`u%2cHj|1k(s<|J;Xd3xk0
zomfD?;nOy8|AEiaiFpRc<<F$5JD&;oDGNzQf_5@BgQ>oNIF$jT*`nH%;1H|y&Lf5!
zQi;Go3Zxs4<xjfwRJ~0Wix-rE>nb%rdOTJEuAd7;t?APHNGDGuq3anso2sWo^LH0#
zObz)P%zG_2iJvXP4k5rF%0iU7xbxmrih{I#mgx1MVr4B|6W7c5{7XAB4#)X)*HdeO
zc?}}6l>@CARQ)jn7b`l6e$qERUbL6X34OcwvSvUjZZ<WdIE^!Ljp~+JCJsNNN<c+w
z6L-D$K8B*{(g%kRFZgH0J&u??Q{0vRYH?>}i#vnjoPk;fVs#QPLx=FQkO8*<YO4L<
z`-UPf{z%BKJP_S6<8w2FQ=28w*5T=K+o&@9w|7f_hG<Difh?Lc`<24bVC<J3_upW3
ztakkiRAbqUF8}9g<sN$K@JR=){B03a^+o=C0j&%-W+{!Klh9BRt3Kf?M0Dn`APqUH
zV~3pM3@tQ~gpM*)ESuB}QAB>KuAoaMk6&m=!0z7~60rPFE(!3uBw*wRrte}!CY&L~
zWR&Ud4yib3q;n(fIxN%7_a>%E(#9e@g%fjPJ%5~mxdq)r!zlBlbIhUh0=LXz9Hc~c
zyiX$LDoEVjtuoDqxhv71eJV8$;P9?W4Bq!yI@Q;rttMYlfUT>{HfF}JF);vcMT6O_
zCNp5m7(|9=;4p?q^7nT%k;myY(7R>u51((>b^F|QT}1m5IPs>A`P*e}LHfKi!l(I>
z8@tA;Rc*ITuax(|V-T`bZWJATYz2SJ)=|}#9(Oa3j^&*>Tze~H{t-Rcv>dhJqfkGm
z##i}UCuUiy^tcACVJ55urV#betCGgSDx43iaG=kEXSLmIp<AR6*g6{qVIB+uPuX0=
zh1)GIhp;DI+MitLuypAm=uzq?+5BN(IK}LdBH43HE%oVB55mCE(OBc`O6+*H59!j0
zD{uQ8zhLZeZ|fiF=^N&ug+qBQX0k3<i@!feEzXQb-uX&C{9A8uwL~9LyP^lBJ{~LT
zF;~G%yHv#%o?esF2dQIB8tb(D9=u-nS;6SL4Lt624TzpV^j*Z@&dQgS8Tz=4Z^_IU
zgv)r2QGNV1FZ1-x%jTTU?QOa=#&C%2hL1>>9tAb6Z-s^>xTGu&H>+&*_4EKbkEWQ#
zKXX>zuFN~9mhe+RY2iX-9<!tjQxfpdb6g#~oi4p~pjgDzq(J-bvOwf{d}Fdmq$Z9%
zsGF2Zhx?mzND6IaQd1q1bOuRHxSv~ec)5|;QIdO>(lx)6_=JMqOALM6U8bem-Zf$J
zLUoG?bJvHIv`4F!>c194=zd_RVr~ZW-o?dw>tebt4g(c?7nI9<pmVxuT?i+a6S)k*
zH*&i4p#hpYm<2@KH{z+vHz?L9&TdKcGsQ}NnSLRXUb=W>oEIqu&-%HJAHyH@d!9+Z
zA;CslN4&fvKDHx1xFdc-M|@OAd{9SxOh<f3N8IU%5ATSN?uZ}L5g*wRKdK`>v?E^D
z5g*tQKei)&Tu0p35ijY8AJGx_cEpQ2;sZM3MIG^e9r3;$@%|n0BRk@KI^u;L@nIeD
zqx08SX1)LBf4AOm!7Hoi*wsks65aece7(0$=S;Y~EJLUJu+~E&bxyb_DGHfawxLJj
z?|H++xFwBDE@dqg=%td<zYH-88ZOB2Z|QLd8TZ6l<Phylm!42eEW8^c-lDfzv>Uax
zr%O*{5HusNaoJuSj0_pB^(G2UN`{<yOxB5yiBnGh<2B+3)C6$aKHnQgl{1~#2Xdfw
zF&1F`<wvCbb^Jq}0a?Gyi_c-m$l?;0sdV`$m7REKmziwvCMp$Ou)D}Zv|&cX5?`0z
z+OB{y7j$SoxbK%NhZ9Y68q=Gk?3mEw(wof6!z0B|lFaa8J%>$qdfXg>FU{*jo8QB%
zUX$Np^0YU5@DBsWkd>#2U#s=EPQFapQ>K^wJn~d6uZgsdZzPP3Os84HloX~*i|A2p
z1N8Ofut<e1uZ2$s^Muc1zQ&MP%&!Vl%--2_F7~fnomRE!a4~r|;~R>>W~58U5=WD=
z#cKz33ob2LG>B{eqF+6r9T39ck6{)8i&|Oks-+a2_n<pl4Tm|BjyBab`)--tcgqdO
znfP<JJ6|9EfcaYc;pgY8Wljc*2%Gx_W}~)14A_llJ7X@yoQ|<nYd%1~2DdVYit3Dl
zC7u%Y>aLU-lAKuUtl^ORAxeFP{`TF*(qfbhN87vbucj+nHBfUyWOpRikGTfJ@~es7
z#MwJOHg|JnP&l*)LnHiV`yf%1R31h!QZ9oMod~T#QQd+q>2UwV_ESD)HA+lhnK<EZ
znvH5t-c&hEe%GksUqbtWu~Y84aG=#c2)2&Ja~~=*H<gGUmj!Uf+u+&L5Z&$a`+?T8
z>e3f`d94bQyF=k_F0VuV%vSnxVl9UYt*KQ!wFSLQtTwP%?B8l(Mt9YvUq)dD!CUwa
zmriC4HWI^=s`1>_c0P}z&F*}r5<_xK<ke)9*Cg>PX?6`#o#ze1#Y{UqJ}W=qUAbN?
z0n&q~50@Uyf-#uSza=mShf5DqA~_s341G6Zjr6!3gyp0M4{#F(M&jPzyV8U6mmkgz
z)c5j7yW*XlW;%QXLv1A+gX?~xEunA)Z;|5NmZ$4l<?BPnEW*ugb;&nxloSV(fY$Ta
zCIe*<W!)qkj)z#Q{rxidwo&F#*6eE|8=b7<_IIuQU2T7x%x|v~w^mZ)V~R+Zh6~Lh
zYt=On33(SnzH8UHJ+z|q#TLIQQD2pr%6gZ{9(|BMb0X9e%Sq|<sA{k?m;YF89<<&{
z;fk)kW>CSSq6NuTM9DG|D3`_^I$h~dt@AVV9!{rpu9Xr{|94op7}hL2HRHDxfzp#&
zX54$EOZ$lcaVGp&GHEPvQo~#~k)@{EJ$*H#n~na(b|bZZA1=cryx&A&x<l7--wXfY
zk9KM0s=`};(#=3i`pcOPDYjY{D_S7q7QU;E!BXo&Vv827bqSSw=A#Iz6+#@%+MkyZ
z1k5KC`o$Gi;>w#bYU<GKytlw<mZKm<E53B;4gH7X=|*6z=!8!O7d$$YB+2XY0(51P
zyvz-#nVadq8E!yzHeiAqP(&U{_YJ$ELCVi0AMHjCR={B8H^>brR=^Mi9Mql`E9$3!
zQU%D#Aprvvz%jTW`HCB$0v^@2la!M~Fw!4ql04!D^v&k+TQ{J;0(iuwz<rM?R%G%p
z#ma7*Jo<o<T<CtAI-MYFSDIaPtddtNKu;=yJxu{eDPWo#(4c@33NUutc;Holsr6VF
zW2OQm3^H;e@;FBU9EA&#y0{_W(40)yb`wg#so6|-xdCS=z!dwu8!$-$rWsGT0W}IR
z{d=DqFkS)hJq5}CbOXBPQ;Ozr^80SUiNZLB@6^qdX^K#esq2Am%2X*e8_3L#BNcZ+
zrgj>rR6UR>M}s0=nxfN{r@_=josg*%+;*(URMB7#0{WWbhLO&l|7>Pv;zM$bsA~dR
z0*Zm}ldo|z?~m1c354azI^5;sPJKF)GXg}0UwTnff6h`(eSAG1PQhU6i_V0pcMB&`
zxk()>I=X&{3CxptjXze1kfpN3*Ub*dMXI>`5r5U@l8B#Rc1TtjvfZ(m8;Dx}erYfM
ztTAzt>I4(n2UED%<UhPGcYCGR{hXWPD~L(_{&llaWzK6lAADYn@f?_kpUn|t>=M^J
zfUEZmd)!OpyV)el7x`vH8BU88^B#f_STXO!G)<M5cb)1>o80@+FA(!qktln<bmhIF
zi;S#y1To=vWi8z~wVZ4Y6ZK|<Bv?wmmKsTWT$u@*ZQo^Q&+(^S;dJ(GzAHKse?PW6
zojQ|l`{Y~D^w{9v{@BP*PW+X|?+sUa@~YvK;ZE|!km0|mS791p^NJB8*t>yUiFXh%
z9Nv?O6L-rFZeQa4#fR^(nfDHKX44zr+!_4;+Vwy2e16w|ov_@l|M+|EuK(a&?yi5S
zTc^zY$erimx3-6F!2pieh;(%mctYYT{#%aYih&;wq`yYrQa7+5)$6_E^h+GMb;9p}
zgPk-se6e=HGuflq^cL_e&)XXz((Ed`(=QwG=nHBzUcdMAvb(eLhr|UuPvKmRWMO<H
zroM;uZ}~2Uqji)IyLa_bctq-=%t1UaI8@ua>#8I}`ARUh1P19#B`BK<bPR?i*kC>u
zdX4slxuD6I=Eh1J|5MWenZcpNb+2mN*@Ufl<+^tzUP&je{<V4&78maq#fvn`_P#}W
z9_D~zFY}MgyUd4ADNM8?p!r5e_BQ{-e|DR15`5Dnus8Z={I75HP1<8k+W+fizRBV>
zm}GNV->e0QutgVpFaZDbLT~R6=|Kr@MLbIqC!#0=W6EXyYIw=yDzePXKNiB-|6g4;
z%T(cC=&}<{g8y5WrMQOpzw1AkF1yEM;hslKfBkRt8#;c_tIIxKkm<6ls)#F(fSyNR
zYC6~$8tJTi)*Qch=!k*g4bhBfM=B|8{Odv#&Y8W9S=vAO6}F}5D@{E0zJHK&n>H!T
zX4pB#wi@pC`?$$VzaDJu-_TkaAW8Bb@&v@0P_O%M^Z`ohqA%7(USA$~>2-N!EPmc<
z1iXpLDG8iMltG`=w*|CTrmo23;@1BQ(z^-;Z{b7Q-`OdO!(~2~DtkB82Aul+T%re@
zsrv)Phf+tARfDt9&3}M^tMrZZqkr_3wq#+`>;0Sd7cQQu2TWswZ~4AjHt9!x&kJc}
zqnl)^e-^G6y(w6MWhH!#OgENu7~rrg@1Kyr;TXp@zqYimzx4=nLkwX++;02T)L;5O
zt<~vqg`W;H_6QmH<AaC62YSPAT9~tCu{jNf2B(hMGQGs(9u29@nXV}IoO0bFaVZqp
zQl2M`6;mN;?58~Ml`sFx(Qjs2d1A1U<9C>i_aTyWr)QLhM^lEqn>$6jK?J{TIbQ_4
zjm~Mg-1uTOzLZY+`Q;+^r>vd`v6r$4|79nksbu#w=YbPK_hv-|dGU3v{UnavnenUG
z;7sepIj~06v<89MV^J#hs6u3<(8i&g>Ms3l`sGM<VQ6FO7i`ZvcN?zer$5SYH81bv
z_Ngc#t`bJ+wpT=z-SKem16sgznLLPzd(-iS_W_sh(r(z9nAQcSvyDH8%LjY+XY>>N
zrzO^NaF$3`+>CtPAS39mOV2EKntwxmR(w|Q%+Du=zG{ThiAjq0^f;^A+0i%+ZmF$)
zJ~YDf_KE}Pr++@txz+I0={9G@k4ak9rk+>5c@mC08J?{;_OgK-Tu&K3VIb419_1gm
zKe6`)2}7;_O@IDH{pqD&)uB()!?*P_GvG*9K9D!~$<gn8Za%EoRPeQ{pTf?MRxPZQ
zAsg}_iHP)Y06c$yfn$iqzh#E#V<^4Lc%Ht4A*vvzn6ngw<>&uJ%-N(!l*2rw95J*1
z#j6^rg2Z&TC5Ew$6o>b}q+4Z1HkK}({n0QqoYP#X$l{6D<4l##(Q#dJ>@wYc`g(?a
z{yK8<<kR83V}tj!8uqT7nz&b0C#yR9Up9MsZ1U`nOhrHVMW&+5UvhVQ7;E;f#B9qt
zm0zz7J~8xj)z$c9->>Q+Z{ra8Oyg_1FXcP8iUMV&CGJy4@Y%m9MT<}(Rutio+WO|B
zXSW2O97{3k!M|W^{MTSlkuWY^t%?)xD%a70m#<=5h>f3>kaz8(pAv7}^U$|aw>+Cz
zym~B!w99XcYrCzddjqj^aG1Y^G0@$wIR{PUkTm}NcM-pGS@-#h5c$AtQ;84FUY=J8
zmGts$rXJ4GdZw%BlAo!bc*ix3(m+2<d|pkO`%{VL*B(Uu&M09sg7f#*%FO8x%&Dwy
zWNiGO%jg+#jLGMaMg-d5E7NO~gYv3;=^m;q4BK}l^xa7M?kH+7{=k){%42Mm>B^vQ
zP`2~Rs1$;lL5UG~TOb*a-i&|FO)=P{2>J$Qkw3cCMYeLOE=rVKYMcFSv%hisyVm}$
zw!cm0mu6}%&$rU49lU=A5m_}r!W@k&U6n5Vl@6m!xLTuXyD4$+v94&Uwjjh<>5$5(
zRT>j(qf%mCO;Ok2yS?1G?QD8b%20zJhzu$?_p0F!*y|c2>yR#>U&;e;_pgO!8R^u^
z^d8cw9;8z<*_DDd2NzBkDKDeSrXpoVK!wd=y7X%5CIQtN(n!)(hPHf0lQlMe_-jZ!
zjwQ<VD20zzwWp3&a{e$zcM|y+))^HzvfJCOn=Z1^tcUPjCdt(J??XzMMfb+selVj}
z=DMA_uEorwqs)vR8JZCHG`|);)lh({?V3Tf`)9{$v5&v)RaUc8|ABOP(wj21WR_@x
zxKb<mb&+FzNw3S&rR#YEF?k(uydo*O9Pg79L67%M{+E6VlRwo@QBq?X@0ZlJ74M&1
zsUL4@S-d!PV|+krQG8%(L3~i^`uO0~x8p-nbK_3x-{K{yE8;^_-;5uTx;Q>8bwPZ1
zYG%ANb#DB~)H(4HsVVW1sk7oor6$CWPJJzYOzQObsMM+P(W#T-$EHq*k4YULFH0R8
zKQ482{P@(7@v*5R;=a_7__)-7_z9_g@e|P*FQ-xY3%U4m>v+hniY2R>eN9v}E5*P~
z)Cyoas`R+q-F`Mxvo>*(NQxGuv+j0ZlTbLJ&B86-)8Vgc`Yhqx<_UiV|57G{(DClG
zl*h==9vTcHBiHR@P128Alem-`ofmZ`%7&RJ9QpN$K5JwsB9`Joq<x0~WiRJ&mo_mE
z{mO~JS46~_`i=I=WELg;O^8}6iDA!)R&y59b3cE5N<iX<(u@EFl(IzEeXa;)-aIQp
zfnLL}1<f7c#bx+-WeRf4+mgKaM|kl!`>nC98T{Ud%q90}&6Bm8xis9pyOL+~0Azbh
z`gQc}@`U{+y>#uGsDJA@XWUcbv~=@%PnpvqV@Lm0&|h9R-N``}$25+=$9)2IMcRE8
z^@rfpJ$51~0_!ucqVnp(qf{Wrf8iSm-^TgxqaLiQ=%~B)HS^$YYS?!=cpbF^Cj7NP
zY|5vY5smuB+$qt^hJQNUe4fMSp+Iz#9}PhBI_i$a_nQY!tDHv;@BqcNX_L?UL+iiO
zIj6p26Hn)|GQUO@$ZB|_o;pQiK~J5cXnSCQ6M2W~y3gq1*lug`12vroh1}T(fA?r5
zA<<1)`A+-Wh0#t-G#$N1R`=K?#MV1gUaTuPFl|*MeuTGTcFLPU(QOM~PR;znoO<)4
zhvj$XKgn-n6Oln&Vy#H8;A`O`*23Ha$PS@VOf*-EHgVG>EQb|OH4(<8qiN<<&TW5(
zV@VEhIiGUa20G)CY-a>{Ejat4>%JG;lViyF7<@yMY4myC3O=z{p0UzP#=~)_gv8)y
zG;wpoyE?~zHo9)Anr=kazV6&&eC!Me4S%9fp%;h8p%YnVew-zE3sOfs;c>&xAnXk8
z4}?EuAZZ4t`~)4>bmPE+@X1X#4k`$bYr1hTHlS5cBkPsFx)k|@N;2qtk6_gg^BaHc
zlD*<*&}&YDN*!_(>8xvO?<$ULtxXNa0YUR!V6AWC&!eBFccsS;DE@Qt=K9tf3w4s9
z_3vQ{&atI*^LvJs3!jV34*kQ?XPjo(+=W%#>-9QcNS?%=zbCN}P91p?ZrL-rh@piW
z{F`JzWFMVcm^w1h{w4|<&-GClE(^TwMpPdi>mJ&&_jhisjd4`2vvvQN9`|#qmJ7@E
zKMPrBU<o_up)0DJFivfb6|p*_doky#Y1$8b3vl(b&TV0Sc{<~u$N6zvodoFx(~f$#
z&bt}LtAr!-^(B$d`uUw{+oY+lmzw5IAapatZB+AXPV*>MenaarZ(S3fy#~tEpa7Ao
z_El%yQzC)0Q%7d>dAFQX<9WcNGCh>pwBHk&gpYI77@U>@m@Jb;f0IS{o035u<jh3t
z{XA|kJ5bZP=*iTD`R6&_eXc2(*8HZ^!pkTHRZmAg>$~9Bk<W@kzo5oW%P$F3E)SCn
z>XR+|;9StEZGz#j89KLKYnH{$zIjp!y_qW#h_alxu)hR--*ZYlPDy~9wez`HgUOI(
z2dc4O*Y*`a^D5{&&wnzBot5W{QH?J1P8#5}9HQI@`f&J49$|7Hz2v4r1*u~6UEKDo
z-S9AOyJgXl?LOP~%T?<%*BG?DKKeS(BK8YkShYR5fuZ^0_Wzne_<Z{bH0>v+s;5~X
zw<fzyKUK9U%h3Hgns_k^FkH0%sxuz+d;Xr@Z9@I67jR73RG6BfOK)Tj=5^jO9C2Wh
zw-;9BklzCp-Q<;1`G1DcCsk}XUd>mz?m}*ZYqpvfoLk?6ENMG5UGHIx{*PU+r#&)V
zAEC()^hy4ltmUn2o+d~0-E><+^wZQ4w*Ogwnu5zn*CZR+WtzdbU+6M78haCA`U@vi
z|I#!Fy3?SZJR9sZ*hjGsU}XAf^|On9nk-Qa%S1jPot1KREj+^vZYk)O+;0LtO%2c0
zaqeo>awid*FbgviW`|lsZU1U(+c`*C{hw<46I+W(1Huiarm0vjdS=#_nN~b)#8hT!
zInCFY50;nQ_h@=u%w?9A*Bw->>gnWk&3Q~9N>+KCa;=$it(kJxj5D;(;|vW9b%vgQ
zoEm<fKU!C5d~DJ-MCE5_RyxhElaHdAnXpTPFI>{=9BS^uFiAslmRtd*siW!C$nVXB
zDt+=+@#z?XCf@1L29@h|(YCx^@1KmAqKu8dth~7CkDV`*Q|9-Jdb<NzB1Z7C=Wxxy
zz5t<*IL<27qOY`I`8RVYe=eql^a0JK$>$G+*Q}(qWwom+=!NpsV3WX({s6XYQR_Up
z7WHRL*@=ryV-6*bGfg32YfGkeLrhSP`XA<xSHt0N9fQdR9XY)u($i0#K+mHZLEjBd
z$@HO4$$7_#pv@L(lS85D6L=XAt*=XJbhtq&5bHBobw*HpEW<ck%J0WHL*-YCMSp{w
zfz;~FzjIe%MYZbdzJOUzkEomF#HES(HL34{8#D6qD)&L}tURu1(!|q3M`K(YK-=X*
zY5VL$Zzg;Mf;+>H8q*+Y(hNis#S@;@H1X8%g?`UI(4CdXL2><_gMo@e;ol+XO--1)
z+DNe=PaLvLL}*Xd-h6u5H0i6Sg<h4GS<PO`WA^TqiV|)iGtF(%3zGLilJP&ps&jt4
ziLH<=udB}c@}z!}!&E*|qK<W@y)CG=Zetl>(3y5X48>Z$wKrnv=GDn_3>{!LH3Kz6
z0z~ji5@WrFw&OS@P_xCkbs`1&Ay<u}StYp<<$^}KmT!TLJYp7G%TVnWIRAm#G&(C!
z2a^5-ro-<iUg)36vjNv~HJyvwle;O9u2G|!Pi9#rw-YdlrTbS~&s^QkBqj&V&(?Hl
zHdj;AADM_uO>O<A<?8o6;&b);cc5(jPRr($t=~Dq)<lu+gC0h=9gvwX_TK6(QfAuU
zEC16o`IBRKd-7p&(QF*Z5d4{0K8R<pVuMc(Ay&D{w<6$q&NT3(T>rvpz!@GTL9W>X
z>(X!bqJQpSEkee`Ml1(&12bs;){D4JVtc$Se|{-6fL_t(H_7p4K7Uz!AGvd@x6VcK
z<k5Ni<@3(1r8G}9YIL>lUZ7gGR}N|lMtgD{f0X)D6GL4c?Nqy+mLZw}75r(yt<9~S
zq{*9eZvEW(7S84TE3k6eZZhS#**4VdS^Pq>S@A5P$+^)pu8$S2DsXl2USeD(zwkwR
zZun%V$%4h=4DrITCH!h?3Q1CvsnsGJfFCxulHwCJ_rphJ>apOgOw&|{9jU%Va8J&)
zEp${=FOQBwFyCJ;g1I+w<rCTrq`b<z<|a(*Ke5#WyY$A$LybPX`{-;S`d2B>rmYyQ
ziM&NCzuaI-u_aQ$@<(?|n)EoA!D9QT%jZy~T;#jrgwo@6ORShvU`7HJn;V>|Z?Q+<
z|9?@5zoNU&Xi^1hx)vS@O~g%W;y6sbQ^o1h4_+T8+Qj}q<>gE-*%0lb-4gR;+nt0i
zAc61gziSrUJKB;T=}b@-_e7~Acg`mT(a~D5xd39i;6y#?J1#v2E#cBf3(A-u743e{
zpRt7oIaQqM&s_)^BTJJG<H8d7Xa*4(O3}m{T@eU-2Ct?Yg>&(H4K?qDM?OYI97J|$
zCR}>xeJ;4&)c)45;@dMAO#~~t{WXa|^qrtHrK^c&kD;brIkovf&0hk}l)oVLLS=S<
z?YHpJ>C)X@!%&$w=dHfmb>0g7(7gAiA#SB!!J3|cb518$8617IAZogt+y2N0(*{3^
z3aRKZEohLQIWHJZr1DP7IcAA`;<QZW!wfy*DvfNVX^JYM*<NXM_?Pk~mkQKaHkzU|
z_3`X^oD(^ZB51g_O8VqL;_}b(TR$=AVPsv6xc~g0VK{Fwl}L8N#n|&wy0njJqtQ_q
z^P<}5wET(ua}|*t!6$#Slj#L&qB^wPOwBdr7$(Y2u2GfjVYAL`lBk^8_^TMRH-Z&!
zJ1d*OGK2D-s7z(ztZyPrfJ9angpMayhWX~jEG1rXR`-?#qw~F)%-+#0qzwy3t2xZ-
zj$>AKLSEjH(SdMNq*j{J8!Fyo=?7agby(QM+U#7a^(tk-#C?x4=}$FFwrDHCuuU7v
zRLfY=i+~zCYR^hAXO@!0r{FsSQ%4yE60^FcZ<HF881|%zV5B&angQ`9UbxsR0+r~0
zk*fhw&jy%zA0C!txZd349^{|c!(Ktv7x8ade-`Os_OM53q8_HvT0~e*w`JF}@X6dZ
z>}YazTb6&_2>P<jk?dis+M1S6;5hxP8XesaYgW>90Kc=33vTuJTfgURT8aY)6v9&r
zxyeS6yXgRD_4*e==uHjX2;r4*y7sz31%a!EuMT=PrQh(kE@g0Veu?Vn`IhNjYMI{s
zIJ6|rn}U1&lDIypBBK?9L&OC&Ja{G>6qLDeY91SeW;Y&IKd5uouv-qVZo-Sznzs6~
zHoYo55GdTQspd3-r2JLtKr<50JfeZg?Ds}~aiL^KNFAz~8XO4V!P?i;jDn-uP^b28
zb=GaA!$O597&pS0Et>$ZC19$KBF}2=tZU<;g7Abu>|z`f;+?ld9r9x6WDdHIszbQt
zoBmy$Db9EV0~4Kh&!t1!3sc3Mi<{pKZNUeIXDd8J8h_&uWG_v1R_-NbLu)@=l;Rf3
zSj$&E9f<Dl#V-VFo)1+v#3TxAM~si7rpokb4bg33tZVl9D|VQSG<M{2Iu`$rLLeZr
zheG52R4ilg&~g0rgimU!J~ce9YP;&**ZGf4vEdg)HuX;p`_q7wqo@H*OFZ=Krlt>z
z{hkl}(SfUYW`jpHaDO?{6&<<HuBctD7nEUY&hT!h6Y!mlhJCv?ISTq<n*Bx5eUfs_
z>AGzC$URcsw1lxbcAdtGk!ulDVxSx^C3>GHf5N_s-pPudbkE`rYYk(H>}fCowbd!-
zwn9D{TF;WKiQ&9LLncpZ|It2;4u~A=S09@bKrdt6^%K|@wxw!t9f#@2VXf-sq^5(I
z(;}5v&Q{f)2l3;@#dq2i@=HRSUkfdF)^%_nfbUlNU08jl>A4Ge{ClvEie2z5e~Ut!
zRWMFQ39n!EUEjd^=o}xmEBorA?@YtnSrkQk&UT5*QI*lbSF&%BAszSv(YL2XQ}xle
z>bY<l#G#7h$*?vO`lqgmY@06!Vs;InCwE+H&bH{UY)f~kW#(A>Rf7&aGLujI@vGFg
zs%<qs7yF-vvjBWW)NBcVfV~>*6bENEZXWLKaaInbGlL$QeHL#lc^~YPJjnRjQ&C&!
zl?Rw*m<$bJGnxk1AR~GwH42AQr-qLV#4hpF#l1}vPNi;JACso8GmXaz(0u>UUva=$
zshu;E_r>Jhw0{6TC&@px{7c8go4f`DF*X{U<{QZZL3<$G+2Gc&Zi}a1s#qh@mrwf~
zbXM+Z#!-D>=om!5ZJxSoI4&iiWB3tt>DZ#WRmBa_rQSfat|Ya=WVy~3sawAir`bGE
z)Vth5U;otVT)l6!E98J0YzW|&#^ng$KIgV4=qB_00)sih)NYWgjFcJ7)MPiKb6JL;
z6D=I~rEwHu<k+&1s%T$u4O$t2Xum*oCLH29m9!MUC?)4e&@l73I>}V{Q|Fns3MP4J
zc_6y9G8uPQ?usyLb<Usc%DoiGOb3J`=Vby9g+OV~KweO!WKx+4aPra|V*<1HA=1xv
z1^v!CCsudBS=a54UF?x~@lYYoL$)!Mz7|_{fMw9x5W}HmQ%@mwJ-nCuOt=E&MU<9K
ziX14^ySo?iSlGoS;kjnYx8CGUm!7%Z+}^Hfvm~v9OP9h0AJ$fX5Uyn|youg@&b>$`
z{Rz4B`(9M~Fb;e!EF<r-@Brd4`n+jm>eq0t8NH}=Q$2MP&heyv(wkpi@y<L=R*p8_
zy11w5?9)Ph<zN_&nRj8DCY%=HQB{9*jZv7^!xxocb4^*zPrp^ozJKF)F5VMn^IOm-
zh@{|Kbr1A=ppS_9{(hlT-1CNbrnBW?$M~-|<{P|TgMj&V-&(CduI$Cvi(}``j+0*?
z`iW#Nv!+F#uSeuE+u!P@4MeAmamuZ0hjKSHGvZvhqnG&YGcDR#Ppzc!9({S$8s92D
z>Y~rBy4^g#<Bz#-u^3yF#F@r3<ObhXl^lD>v@mfzfzG;S6Ub$%YQ^f;r7{BV<`#pR
z$>bq}mDq(IqnsA}R*^8xjpBplqMCXKqOWFOw~~MfDO4p2vtz{3o$ai1E2t}7l|T}=
z>dv~Ur*ga>-a7RpaenGar)53!Jozer5MrVrXFGHZ{hlX%q(h}wr4B9N7pxL;KrTjZ
z<TwcDt$o7%c>+o0sZ*6+1Jeeqj#Vm$jy1Uqz1^pWYn`FZzF+Z6ZeCEuqbb8dbo2{+
zt1gV1J1D{Eedf`Q`c)74))HB}>ORv;^{ejoJq=vHYJ=|?C9*@2sFH5eil;OQ^SJ2z
z?Uwx^Z@<ml_ZVAG=}_uUMZ=8rlLw?Y0$pP^+C{bb@&yT_I7jMm(m2!Q_DfJRI385J
z3p0|gpW`dz?{|I2xxThwX=CH-w+=2yY{cwdyPx))y1h@~b+U-Bpy%BHPw}kO{vPnW
z7pQnY{IjHa-BKHX<^nstckfh`A2b5G;-5vJx$B=@JH?^bFZ0cl?awTyMZGIDzhGD#
z*U!}4--vN;_BAOMe{WBTU@@Y~Yb5<epb!ZvQ&71H;-iu%;>N#sISFVvxk|rxx?d^;
zIKfh5-T=i&q@fik2waSDlvR9coy8e0oqowa`qccsFpWrtg19ZR6(rN5&3CJUNI6uz
z<o>30Wtk7R9_z~pFH{_u)#w1#a@Z)E(&08{iCnKV5u0g`UoF;nDniRI69L!PY^IhX
z)@CEddu=PJ+Sh$c65pDhZDr_qkuhj)R;6nOCNq!8NXDo@;LvFTSFc|KD~vn#T>I&h
zO8SK39sQ8P0F$$&E{n=^jEPS*uVxj-J$i5Y^Ac?~$g3BsamHw5`|sTyY4V%v(NKsD
z-gFs<zF1M;Z)s>4l_zx<o*48;VdW-$-h7X|GY=mZe!cxTqHbd`*j&sG*gUvEPM{9~
zrZBa<g7fdPlIHE9A?8%Phv4M5={U0<zQqSkbegvj+%)ktr^SfGT8DBEK&K+FIFv}?
zOu}$3M)Q$5!zA327&pURD%@4K=ygi1^b&(+2qANcb<YHrq<uDnS~Y>KN~6s8&z6yv
z?^-j(^`#ke;qP5DpGH^tWKlU`d#-n<f@|DrCJ&RWT1iG~VrA!3IaM&d=1tthnoRyq
zpl+&JNsN_rvrNs=<*H8X|GwsdF6`LaE{8ZU%dbFxb`G)vWN+2I&NCWZcr4^aIM~yu
zUpSJ7`<NR6fG0mgb31)u8Q=sf=({s7^YEsscR5DJ#=qd8W{1nK?TJ`jPg>9U?DMyd
z@+Fo7MK>dHiaa$hkHo3wDb5NQtKjU&msnp=tmKK=(+)o#!%t_<>sh}koPXpu1^1{~
z$5rWZu@~sc)>?0GlZ$`VMs>P!iSA0>ojbyh+MtELD>3|g?h$@NeeXKT{v3C1VUA%%
zt6w5{dlyVkTlfS#b@YWohmSF8#V7&g`{}?C{iUaep}>*28IK8c?~7Ze7J5?89(KRu
z9jIY`$hVEjABcWR5pTgUk$tEXBl4vA=H0+fW=?YI722DMMp1{2W#FevzrjOhX3F+o
zq~x1LJ-V4VUj7-CrDk7`nO2h@S*qFfkcmb9NV<=l8(ieM&hlp8e9qMVR(FduWZA%@
zXPFA1AMhdT%&5%;TgP8Wpv1*^(Y&b)h2d34qNROAmY)nnI(gjd`Os)QizNy|{R6Gb
zyXw+^2}I5=2>k<~2Ox#a^Si9A$mGvp@bHhu0HjO*`_Isi*2xD6^0y8yq?kbLHa|@_
zD@-nuP8p5521S-qq!wnQxV9#mh)GaJ{vch$az8%BS7=!(b=t-8PrQu#mgWI!%C#xQ
zoEJOeG?Y@kGh&lY^RMWfMNA@gs#LbfA`p3U8v!`h475IJPNeC-%xK+knwNw#S|2)1
zdqVo<8LiEyjZ`75XzzIhmjkGGFmlyy5}V~s9oc(5Mmk2Sf3Q`bSP=RE3T}ENk*WWT
zSm9~@B9o_C2HaXgvgkAwRheH@tu1OywkUHyPliYUW$n~aLP6p8W<)leRt+vp!7d#r
zY<|h@0wR<DeH%kyR4XOVn`NEVjebs}!2YF~5G}d_q`8_hnkgSS%Znxx5R9HOlOKO)
z(F}gfKG<30=TrYNmyc3p>-gjKqZ9CoO9}qY^VKL1=-9g{*gA!0B)(bhZ~b;97ctd=
z_J0(vZa_`+<c4TFW)&q3tz5mn9f)*vH`Khb_^pP%=X?2B^gpQ)x&6er^?fG%U~(+E
z2U|~hjwOyyMPA`*9UtdAaP8kT)>TiNJB`|c88ws6a+-JdXT_}OR17Z4&_E6EkznW6
z=U8NV_-?izADW2)s_zTc!PZHP!e!nPadui@Y%6G!CSGqPo;MH`MCXQBcmCFg+%?y_
z#_*e3lJO#UNzQfNZ=>s)ed`HO#8w+&0=Fs9<}Z>ES8g0m*7KV<@dwJ<U9g&J*owf3
z4KpZrx|{>CX0a0sm%hO*z4bnymr1Oo;(E<O5+D{!z$^h}259y*(F(z0wiG!pNMkAi
zf@GsZkyFy_tJQA>$WS0dLmCM%G-Nd)N<Nza(U7%*TQHuyS&ZCwxp8UU!W_|NRw-7x
zjpBkdRDwZQC6{-L{F?og&8o5Tb58QL{)sFBr}<fOjw~<iA5H~ZuVm)jP^OvR7_8Wd
zuiIc>7HzO5!A*yEtMb$p#LjRVc8-;G>&@hh^b{=^RHqJQ*m}I-yERXK$)R>&Lv&MM
z->WG9rSP`*?4s7XjmjVp`D_rEItQJVi;?C8qp4}FXX32-;~<YOuGD)U=f!+g4af2L
z;45x{6|Zw(#;VXS=}_w>g}jREtej}l{vAi9WtcbxkHel}r@vyWtE9zAI?)gtg+#9C
zJ6`r!XUa}_G0o@iBMEd(=8_2yCwy(7cGVCb;&n7QpFro4a|Vr{KGU4A77eM3?7e7i
zUGWyDWxT3@Z^yn)%Soz$XSXI-8*SI9nm%V#+h}FtXs#ACjTKoCx>jSj&CIN3Ul%LD
zjI!d)C~wo6$V}7N?LGs;i*WQ?V<zI~vVZ(1Dsv7eM2>)3Dw9SyEzMI@=FJ#5TgubB
zPR5-9F7UNH!Sb`Zbn%W*_pwv2xjua5oU8xM|K!#G7QW`Y*Ixe}tt(B0C8;Ag|08{4
zzA%HF=1WM@TJ7(<!Pi8w3*M3m%e)|Qv+A6mwg)PD>YRVyG|l^rzb{2hYeu>{ZGU(p
zHZGyZ0+F8Dy2oot*1(X=j1B5fh_jfRzSl&}^Tvl)Ud9xJPM#SXJ|>Xf#A6l>HP7%~
zrNo8woHN%6ZJk^1?09h+f|3azO>;K9+ECMho0R?NMDTzuXo1MVAx=xZMya)bplTcL
zf%^HY_63VOc^;0?<fqg_ZdM}y=r%;1x-Gb&A-1#)y0v(2^kC#4PTgawYoOxQ)pMsf
zH_REajdHv6dD)0AK6mQ#>m$1P+@{Y#BTT)V8&Y$f)H@LN5BdFof1k{CcKjV5Hp?13
zukvmun^ea(N?CMoL+t$SV9iU5PYXnM1uD`x`b#4Rn#^eAE7M4dlTJ3CNM{M?i(U`b
zJnIf-<SMqCkLsKo0;+}Slc%SNb=PySfr<m_npYY;FD3s5tR8!g*ieOnpFS@(YACzF
zHj`6wgEAucwFb{YH{`!<l4nU`LPAI6r|U}M)yU-ejPmRi*PXmhanAQX=&wRmrBHv9
zIMuK2(K0%9TJ%{}>m1O`{u<fb7CxXQ&}f#z?S{T<N3aVZ@$-8bE~Z+!s9?9qx~P-@
z<Ht@jRX~B^v2^YP@LIqe5lbw<;R8}_085>L%WUL4MV14IhE|$is5HM4b%;7k)FGPe
zAmXT1I3kZmezm?0Z6^I}!R$n}x@_h@#kHwf#8oOS6h96uieF~owH7Y1@M;Se0J}Q^
z0esx<o9%wA@y&NX?({YB0U5c|*X`1iHNGzQ145FaFd{WM3d2UI9*nJVdlHJHx=O!W
zc!_0ypmJHdf*5GJ)6$P^g0r}HWU`Ygnd9MRd}>>>5BBzk=*Kf+UpXsN$YX{Jkk{g!
zy!SODcE(x$6<ZV*tT^aj(Xk#G7$;t1KJxw(VoEOu9zCZMu4dxsi}-O`PCHtCwiBT~
z4;_44^&NB!&%UtC+ac9ObsM$+K<j(_>)TfJ?LTBxH6F0g@4?aQmcX?;Oa+Wjq}N<Z
z*}QimnOxgpYQgx5>(V$a;g@Ec@oC~a`6_r1j%YeK!f76R0q_YWnYKR*o_a<ajO|@K
zsd&5Z6F!UE@zzyV&mJI6`9SgW!r>5@!TBtU!&KN0;4j{)*>DG=Ak_YJuFbB9Pd7VI
zjsFi9b+tuxa;SszQO!&6F6t_aIwFTEaZEPXp#Zi5O%_#BJzIg%`KVHtv8YQds$O-n
zsN?cckISLXx2UJ(P*2H6t;nIyv#4k0P{-$^R^?D<Thz02sFSm(^)P2OK!M^H)S=UJ
zIMecQ?&E!I;rv-R=jCu3vN&wt#ud4Xa!C&5q8v)I?|cB;EwgN`uFRoco{##C9BQLQ
zmG2nagIDLH8o7%*gno;9Lk{)2eAH_JYz1m9>f#(~I3M+UIn-*4x;%$^OFrt-9BQRS
zy)B2@l8?F~hgxn?f0#p!<)cP(sAU%Qr#aLg=cE28hdR=t{xXO9i+t3d<xop3>hE%>
zzsX1aRSwl_QU91jy+0rI-W+OyMSUcP`fxt#13A<l2$5#g#vJMs`KXWPP`fQ^XAX69
zK5BaoHDOU-$f5o@ANA=RYL`XbkwbksAN9o?>Q0NgD~I~GeAHKRsM{>+o*e31`KYhw
zP`6st_j9Q4=1}kSB@ODc>ZBgXA6v>%`j)Jg?_>0>BNgAH^sQqR-^c1(rz*b3=v#*>
zE)f!BAy8*3z^xY4sR}S|K^?9DS6NVJEb>8%x7paD5p{=+(rJsR`HGt5e$Udk4qb%%
z^*zu1Zq)aD_j`%Hm$=_YYLoBgTV%bB-VoelVI7nN7l`vFK5k*Jh3~Pjq#uf3YhhOg
zLOm@k!KUI@Te#f9t1RpaGMar&7M6TM_)9D-*@ocx7B)L1@H`7Q+W6TPo@L=#7M^Y4
zMhnlgu;0S-EnI8iB^Iu>aFc~AExgLY<rZFT;W7)~Vd0S$UTfhJ3*Td5uZ80lF0k-=
z3-`d>7$(fZ-4@<z;k7Jv#c#84!p85kaF>O<EWFdg2@7un)?8?E=fZG(uX4Xj^}X8t
z9-;3$-0zY4Uh94zt?zr>@6q~>>$}-^x1FBrUGN?Ywz=SH3vP82Rx05(_j{hcce-dz
z7Ol&TDtFdB<V)}^UXBX!chbmkoj=O08+@Ha2<u6q$4=VJ?<Xk48C-wsoi0<(PTNL@
znTvx5=;`Du{1Ja#0v{^=xXk>n@m1=#VvW6EyxqMjtjHZ#H7xR@Q)U?4IC&ZdSDEv%
z#<z_R_*!H>WW>kqzHX{$4$NJqt{iX0i?-fw7%3eUR+B{1qE+UXBPzc^Mpn#A5WM;3
zca3kJ`MuLOn_o168=~*yrP$BrukBn@p;5mqjSTF!un8x=*1{$nxZ1)d9JtcLCLFlj
z!X_NJ%)%xdc%+3*IB<!DO*pXE!X_NJz``aRxJOf-`kHXyZVQ`m;Dm)uIB=JRO*rsQ
z3!8A@Z5B4+z*{ZshTrMJgtyu7HZu@N;WDs(iH}>@gahAWVG|C#*1{$n_znx3aNyMz
zHsQdlENsGon=EX?ftOg=gagmFun7mAXJHc#Jln!19C((6O*n9)g-tlH-@+ywxYoiZ
z9Jt!TCLFlZ!X_NJ+`=XtxXi*P9C)OKO*n9gg-tlH*TN<oxWK|D9N3UL%>#u48&U_H
zA%Sb{yvdM2L+Xe(;ouum2b?8=B6YwS5-3t9I70#@_Y)kq<L?SsnLmaka&lz<M4R9;
zpI67Jmj8ibCSRymntw)cYMpgk{O$kn`irsEz0;@3W#r@%bn)Sm5<Xno@=s{Q7Z9z`
zDZ$uPT<M)Mj#p4ph>~Pq5Qsd*{lN<%1R|(ehq?o;H~Y9jcsaFOGQ9P4TIN3Gn-59+
z&H^AT2r1mjFQhQU1JowhZ6mOKMSqI)0dDEYgS@#icp;2@af6|0nXDX>)dp86E%_mR
znJ(S`2hP6GW%&Xq6CrP+aK5432-?^d1naw!Ktt)Z6Yy<z0BsWBWHyJpUC`Y+>V2cL
zyGp(9Xp*qo)Ei4CwxD|72twGG>V2hrn7u(NAnaiEz9acyTdVgi;p0esH1Yuh1b4&-
zToLj=KK%NS-;-IYx%ex-=PR(9qBH!~DmT1ZIB~az3KF>01r;hV;erZPCS%A%LHa(H
zoM8&#82NxxgpK3__7UEa4|qy<_M!NN<GZ90Br#Un9afuPp7Y{YyF-)tz1{8-NLCDd
zr`;tUGP{Jvx{abGw$~1+%|bh7c5XNK)Y)08&B@GCce`SiY6IgwVvTRD*L)yDaz7}W
zk5zZtyTUu&4Goz`d!mxIE=C%`{Qn+5{`OSaT)t(3;<gcDr|{@ji@aROxBHeF<Rr+q
z`);ww$B>sK8-5<(baTE<$ZLEn4D#C`ukp25<WV56GRWN)`G-P&$QL!p?}7Y~FJ_UC
z1$nhW?y<-}74in(j|}qrAaC&f*dlBA?%+F!`H@?VUjo%bK7Ph;pgmDGSHLd}dUo*F
zniQE<{?4Sh-S;b#f@ap!&fnM+TNxP2xW}Z(H1&@r#TwteCIxM+r?L0j6n6T>O^Qsn
zKVnkc>3hJWpx^81_=jzZRc;yUO^QqpNe{E0Zjl<be7KO}A>R`wg*)}z40@)IIt}^;
zU%Nr4lj`ZE%?91B8dicyk+2;lo2Ghb=F=v{yGn7N@6RTM790eZZ&|6h{kj7PgclXq
z4mRH}TjW_F?^HPK&@3i;ZUXI6qT7A1m_+Ub`kPJUCsCJ8)YvQ09yihJd5PY#i5f|i
zu!;P=620#xO6Dbc*CvvSlWv=+wpXHkZlVwJ5`AJ59Z8}do2a^1qO_Z6e_o=`Y@*>L
zD&WRa9Z}gUQGY_|2#+G$-Hs^YTg$GLL|&VyyjLQ}O;nthXs}H*f<z@YQCY7<Biuwo
z^AeTXL?cNw(k2?&E72G?(NTGcM%zS3lc>xlD(RKzL^siKd5Ol^MA{X~Z6a^4M6yhz
zBP#L|onjKXhZE9O+H?iI(w*t1tIA6^-ln_9T|U(|U61&bED1Z?O;?kbZn90M9gXs8
zZMyDW>888s>hjV}GwHNT!nD~$iC&4$a}x#f5;fRF+GZPVqOM+vE^!l`pO@$&lc?F(
z<koPOO}DdGx+~pu-^fdMxk;yu9yZh_+SV)4HEyDB<t4h>CMqM*Jez21uS7SviLT8{
zbe%zjSr?NAft{a$O+xk&3$M3ulZE3JUS;8XEWFynYb|_-h3~NNS_`kX@I4k@W#PDm
zn=HKE!b>dNX5sl3-fH1_7T#vz*%sbu;aL{$vT&n?6BhPcxZA?D7VfcdwS{#XAm+K!
z!d?rPTe!r+WfmT3;gJ?Dvv7%p%Ps7+aHWL{EL?5j4D()V;SBTcxA0oC$e5ZI&M@z@
zESzE9XIt1X>5TV03ul=3`4%=zJMl{lJbKUlu(pwdxNno)2MQ?L34o6;c+%__eaEj8
zg1x3T_dC3!diSsb)Si35;<jXr(t+TI%}?Ahpbuy3x5V{I&{7Z@A`OZ*KGUVc?-dtK
zIv{amDu(xu?s9o+FOY7$NAfGRpYNg+1;;*a;RkT+gLPlXO{mfLxxi>ZeUQ<BN|=it
z`9vELh&`!V_^*9QKdADiOK(&5R$t3hAMLqxX$>tv=jLtR8cx2a`cvN$wc09BU3-sP
zsWMxsN?WNhwo<zW4lID*Uk<x}rcuf2GzvoRDxY%Y(-3{fW_2uCJ+2`2k-AK^na_6g
zSgq-mKbZEjX~HgQopuXl;^^sAjTg@a*xRsM&r{mow_%yLLArb2hHY_g!~SYI!@Ug)
zeFZh5w|`Hwu6@=7Q&gL#fV5}$<$p?YFAr0LGNA;Tde_nbKR1R-ktkd!r*<3Mt4<B5
zpV-h1y&e#8TDGG}f#T3&70K9q`wPY<C12g28=GJJnozXPqN8UhEt*ub!+4l4y?^E~
zUhKnE!`EcAWuudiAwC!#KT1EX;|IGXg@5w-EYDSzokjb2Ws$*l^9)qHW9~5n>8Bc6
z|1g_y8S0{Px^5od_z93o=#`J^LQnQY(GO9T>aDLJy{n4uMHBrmCW4;sK(sB;-c?kU
zKCfm@Q9-Tq<4$MFevC9cp&hj{o=dl(Z-T2X^3&Uj+eo^2GoBZm+g3KHN*t*Cv3cmZ
z#Ybui$L^R#HLw#cnh`6+OP<jyZeMTamNdYsg;aBXk8>+(cA(dFp?}v!NMg~B;KXlr
zEkZd4z1A76H;*rIGjEMAAxCT!oyesVn4zBcg4d>1R<Q5-`HEqFYF=8EtYcr&r#s5Z
zpiGmqQS$)4SR<|}AU2(V`&{{ZbEhCKlohNCZ)Io1drj^KvN}G@(Y=Hcjd)KZ;#Amq
z-|8>POhVGpD{TIzNZ40RR$x;!Rq3*@TP4;Hun`lMsVyLG69R~p7B(3GS6kR*09<Qf
zWgvV%aH@gg539eatui&GXeDIGq9&ZXLe{t|<kv3~$-+`q^k26B-2UBQ4{_Y$(;ezh
z_vq!Gs)EtG?Sbh&(~;6ja1S?k`{D*4i5tJz*R=6tYT?$#)k@V3zsgBm*4HC4Js$=D
z6{j=Vcjy&i!ux*A539Xa(pm=UDL^w&e{nz7_}=7$hPnb>({v-@t$?W&p%NJfLkH{v
z@;ANZ<-_z%HyGU2hjHsX$5)mddOBsfotcpso0GCKH1ZrHGe)-}M6IctDn;Gy1~TX8
zHSWjlzGgn8O{m_GLZ5nr446BlaP<KRiL`x&PM0y*bf#>T8Vi+hnh$80qhELR5havR
z-M3L?f9vU5D*j;W0(2ACn7$R_JV|`i!wOt&ejhReBb~ynrsEgPR!S7v|FquZj*5lC
zNnGh)v8m03t?}Js3tOu^sP-!02;Nj$ZV&<@g(XB-l?0X}x>?j;Q)V^~<e@U)D%~z9
zlQJ_tYyKa5?;aR+aqj<TAxJ>*6NE^#USb<-;*CVHO$6%(f__#vig()DnpTTgZH=%2
ztW*~^k!;s(X=_jM)SlATwzjpWd@Tnk-V&6Hmnz~7wXLyQ{H$9ssD*%){k`5ZvlkH0
z>G}S?e>Tc~J~Q*od}f|`=9y=ndFGk>j7kMRY~r2<3gpJgM-l3Gu?X>M(Uv@R(PaaY
zA#`&)kY)N9`Z)uJ5WdflD-w4~R>7%-{i>vFBz4HgPbIb8(3pF`^2N1qy{zZ#3nM5R
z>UYm=_MdtKZ&*>z>Ebl-+~(S+S~#?fXTT>oq7;g~z$v(0jt`EPchBVWIP@mtJdPT^
z6~ay5?6Yy{;HM|T^ha&?o7dtp{10B@fn)Uf5N-?R9p?{iso-Vy(XvB>WyiI-A@o#o
zPCGJm$sj>5aU?k?Df8aPIg+z7l$kj}9PRHCGK42FDq&uX#<bcD;S|o4z>>I%!>77L
z7SA~5ilLC}`r4t&ivbG8mBy~f(#U5ATT|E6rKX-Rt@};ydmtDqS=TXOkBAPLDdW#c
z*{OC@q6rJIZCJUOhFt^gv2gJdtCv%Grv6VU+R0shN{1B=pA<4NcCcf{V>%=zgTY%3
zK?dJ|m#LQX_b#jJm5=G0Zo;QhT34AqeWn(afDcIk2wh%R2N8l4L^R!Ak(pnu2uQ(O
zd45G>Z_jPDagyS@+52Pw^2$N#O`>=XX)J8eR7Ck2UMO4tJ%(CzFZ(uI1;c5?NqH&Q
zEy1)5KVZkF-M-KZysXi15h5&yg~yQ*4J({2PRb!(*F;IwAg?YJo-RVwr41Up%54-L
zJaderCw!DNM{{la6SxXcg;QVSM9dU?;P?5-M`tcMdMz{y=a%&LP+R@e-l7+w0&EH^
zyhWRMJ2y3Me5Co&*pV%XObCO=huU<-{7O>%(A(2EQ2jvWmkOvV9I&Y2ezqZgJ$9?#
zRcvCg+*_0^Nv}?oSE{<5#8EwPTsNsD>LtEpV080M>iUM3WN+#QKkEH<1H#3SX#IL`
z(X@OS(Uc!<)72ZN5R=G_@DjhC#)rBwenh`aGrX?LH7-;#qrVR4`Pf#LVOtp;+JZlU
zml`+A*AGJke&DO!JZHG)Eca}8&kpyT@170r*<_w}$KAay(UU*M&t3LSuN&QKwtiaj
zecWp2E6LFT%ssg+Rc`YC5lQs@L;kF~4pYq&d%&3_g-8Mqjkm}gZK}8OgrgGgS9yz1
zhuF?a#r{2aR%-H6t{Y7sv-5a4b~xegXy~uGzqTfKwIZ}FZN*A@hCEOE*<1DAr1yqw
zT<`Ps-jTT;(@-hnR7L6VRO`%TCUQY-yI^Kz+8m4;Czu|=G!a?Sw7nZ#f(8NW5Byqu
zG16T)kIxPlZg<aF?m5FfeLd-_#$Nhtvls$>x^gv<$<2QKbKatpKu+=zzxfGok-1~a
zLOifh5WRl=25-?QAX<~#Bmpie<K0g!&~;~vw*bPcj~TDG=yd|EP|S?B=8fK>7YK>R
z*0rUURwz5~v)bw(@)kX4;FwO^ni(jX8=^Wc(w4fn+Q3~_+tF74vbX5_1`d|grq3n~
z9G`7V{bJChV8Y&3|Bu;oT9Nac+M541`)bYCbrGh;I#bY{2GtVP{b>DPXP@1gy3=we
zVrE2}|2muVA=e5SzmZ_4)VuT%QfCSNFvSQ7ifISlOH3TY&|p0&32hT8WP`yVVe)h*
z3k*{f8!}AsRRK^Td=E3cptKWvufwN**L%cA;Y^xMyq?or_+2?{y*$(>-{L;Yf8#|1
zyn+PXnk4_k_|AR<<|UagF4-e_cWsY*F5$_+J1z>OUi}oUKR@yQh!%UvoHzCF%D?kD
z*w`6@5d!tc=`-C1nP#h;Q1B%#OqFb|T2XB)Y<gWkCL}4P%$H@7{^CA<C%f+8Ei>y=
zWo1k7qm({z>sL7!1j@vW<@US#SEMV2C<@F-E_Cz#gDR)kBx<B4nNRG~ECXrX*SY53
zZCXgV#ZPrk&3<3fow`Iauet*l$)L?RQ@3cd`OG1wbxXDEE7r8@5=NuA%6wDxTx^2Z
z^P@9NpPc+dEfjOPs_So)&lz3+&^bQyI}%In&s$6l(GOTZM0As?(NCMS4hr0JfF~z9
znO{^<-ARe(C}V6oJysE4a71o`_q|?i4%W29KQ*EAFa(e{)FP-_9+5gTh4WQ94*tB#
zXujJt*6UtF2+vO}Njai1S<MgpP=KTp_0D2__m2^)!9LcnQ~KrP$58?`7%zHK=Zl`y
z1E!<R$x~)y(TOHd^&j4i3WPHGiv17@H#C^c<bggmm}<w4$xJl0$#>43u5&ONr&am$
zR_n`;#~H^u)uCUXM2xU~*yq=0qRqSJe4e(oh5q3!dP_FB>BI3s^(sE8{)ql*gt>$c
zdG`f%cD`l3u?sbU8$=@p+ZH0i7Fzg;(*E;9SqKAy<N&uiFZ6!CD#mOjL7g&-`H`!F
zy|IEtasewJ|Kk3za>QO(@w#i(0%%QD%OWw_H+6$)a)@KS`D(D7>jx^D<kSS%GWw?x
z;thEcqHC59qc|F#d?R@75?&d;ih{>{f2e53ZbwT}>m@qEQ_7>rq!qQ&19Wo4(XI-D
zyP)zyGN`i>89P?}<<aD1oWR6F_FiFIg4gwJbu55O`I?`?Z`DKzM*vYPEgOOzGi-en
zpgzN?k9xKpViFqrd1?hYUC(;EC8coKg(Vy-+~C5?d79Ot$}@ssnT=sv-@e>o4D*r5
z?=Z_>UJ7ahyQne3dI!MfuERWKYf7ZnRbM!h)A%7+vxHLLN4D$kl}P3zs3Pa-B|R+i
z%xDR&2!*&>_`QzV?ORNpidnPU7K50dFJ?x*7+ly78&XnC(|(J2cN)daamCCk7Beef
z%q)tz_vw6XZZ(sgxpQ;h3VlW;)w`0~izTs0wC!rAr0YvcT0*PLEtmV2bhJu(8H;pb
zs6+n5EQUHFUMsv-E0y%HV<{=>wGQsLgl(;q@IzO^e9djPg!$Bkd9IZONSgDvrd3<^
z+e>e$gwIj}$A|GNNPa#xK(61Ci`Ra0U*x_u-=JK_m|U<K-8IAq19IJ9a|Pxu*L`!9
zZ$Gdscx#aM8u(4o^brx@X)QNV+ruZ^BTy4fore_htzHpBYLyWgQs3_<gqR;Ye;|?@
z;(c>hvl1UvY&NV>x`nsA(s<%`G^iO0%s*VxgYw$WnVq9mBgF<UaE5>h;b|C{JiS5K
zWRIc~5KD`)C}~$fl2(+lCCN7m->WuH#syDJ{1S}xr)jA{X^?k^GBgPQ9u#(w^A+hU
zK;(2Kl6wYEoBK{<?5as_mVvq37`cjR&KE3s<K~IVLQlTZpvWaIz~Ex3=K@U%EOP<I
z3$nig)PA{nV(DTM?MgxEy$+aB!Ro*O!A13?l3RG{4<%PWuOY<^5LUF_=}q&Fz;*HW
zIL57TuIf9tI+5!mP5Sn_HHwx1k+!Na<eLL#9;nr$`c6tT<Tu+%cB4YvDOYvP5{fBw
zuGzuZWXiul32tR+u3;+nY>p!#hOcRvYWSK|2)x`@+s=#OVr7s3FZ-A@8j=xL1r7at
z#;`YiPwZaLylg6fO%$OH+QJh>$}MHE|H)CWyH{{19=iTyGUg{}01;QH#k8=|j~SU0
z^hws#p9oWE6@ru&EY+Zfh82mUlj4pA@nxxlQkM*+N5y*~(>XkZ4Rr*|Th2#z38>4Y
zGo>h<Dyt|my~87qY;f1cT=F9_W@Nx`?XgV#)$umDd!5Rqf@*8<qj!P*9WgDd&S`w9
zCH{a~9`(BBDoXlwt`5o8g~~GDQm)jwXBfR1IcfZv9zW+E#m^-ZOh-t#H65{+ra>+U
zjxfdVQ%@cIF>X-gmu8T8i^d5Dj9-HTkhhE2B*-~P!%s7s=F~W!@ssDCVRV!l|3>X;
zzX@Ha7WB#`6Zlc>Za&lV(|AV^&M2<fH>i3D2Y=+kGVPn~(>J%7!$qkfsk4WYvk6K9
z+s21-p>Ot}|7`_d^o`P~n$q{}n-kyoqI?3_@nHJEaxRfja1{Mlz<T#LIKnrr$Mk_C
z7Rpo)w<K=~@u8OFH|5DLlKhVfh4O@YPUrEF)Gdk<!)L)Fs*0WOr?_9fuafho755Cu
zel{;pMpEBYCzJc%Oev{bbW1d~7SdZ%w~VkM^@Nq&U4dDYq;_SePUz<o5^VSY`i>ni
zd}U|_Ld8r=wj9`kw=^At8>F3))O;h&8KHzDmUc9n?to32p#pZrR(dScR&P~6a`^l(
zT*h=99R@`3gZue3qiq=<(x0lOPM54{b=WO6Ms_03tF(GAyqDo7JtUA0`Ut(vbbTUB
z5ng3WSRz&f@6d9Hf00Ul&adI;(+v=GL3Fahlp%4ogqOW(O3Mef2@F}CnnlUBTGeB$
zS>2*-DQvR1eQ*XIm@@Zq*_JfkGrUz(&X`HH`f09LImPoT&pyhlykLSXzc(qap1nfz
z#MqB#tGDXz+S5SO8hatO?F1oAm+a-Leu-aqVQ0Qb1Nos{fgTr_WfbrPh})Zd@1khB
z<JUYQB*r!LC4DGhW+@3XSWR79>(6Y#UH=^X#bJ*Jm`1Yr7Jw=QIx&SLpBGw0mC3UY
zOiroLXjboft880mCa0WbMzb1aMzdPUi)}Vz_<~RJbM~?POc`HjY^y3pV?}xBsTN(X
zIf%pVcUy{LVl^|S$jV!VgeufdQ65qduN+<ov?~x7UI=t3V30(>%%V$3kx;OdCo|)u
zZ!$A#`ps3%$4@?E&g(k6Q8;>Njh&SXGb7c3^RaWEAOD51-Zc)tj+xu#1}!B$%h2yF
z7p)BK?lq75H}QxL?G`elLw{Il9`}p<qpWuP=+K|lD9WgBh?qr0gNv9IP5rE2fF$B$
z;%9+-$4kT&HQEJRVoJH9PVaY__n-DUnEBDvPmPF1-VXAHDH9ctuLo%D0nAVRx?d00
z$K&8;)5^SWp4L!^W^s%|h5Q)4)%3F1g}$k&Lk&?_-&MHURQgUUgAs4OKs-|p=?qHq
zWIbk{XsZqUtxo#7(@I~!&rmx3)u2r6E?|VGStbV~!#te~mhaiPgKRf_ZXhg)OI}=R
z!Yr4}6aA$FHl(xM1q`*Ub^#;0^}2wey^RWhxlMY)v$pWm-#;OMJ(DU3U}F-F%qFte
zvVQ@rn_DrpIxo&M2YOxq#kHK7`*k;`vB`eI>v{%%KGrV#Z^o`VSM@ABBKxvo4Ad){
znpKC>34Csvz<f4AKq`D@c_qYeZ?mTv+ThV&k+<2YJ2>M4yUZ8EGaaohkXT*mGQZF3
zKJg@d>C}6^p=Q10b^qW`)bls|MA%J8j{bMzqsh~MkWXHq<ZtrBZJ^0*nLpBonJo|C
z1_#dz?amfvDc{RgRnQo!Cx!r*H#35&`XT#u`Mo>0XA&~}Ts1Fj<k5IT8gUAP)$K9+
zhq%7nMkjb(4X;rzuKg}c%rD2AL$X(c*{?R66f8QX`}L28z3;5|hejFT&1>=H(D-J!
z;%(n+&3N6P6|`8#1-x*5!h%z&XV(|UQ|sJ%zj>hZ%}f(1J#2Z&dRxMhJLrl?oIikk
zn>i%yk9brd+B<Y0?-xLHkXnq_9i$!({W+LnypAx3t>M-o(dUSb8U{;Yy(-Qtf{rc)
z9Z>{b;y}k2L90qZ#}q+(9OzL+&?8Dg4=sYm9q6$|&|^wLk1m4Fcc2rBpeL4s))zrL
z9Ox&Dpr@9CHWoo=InXnTpr@CDHWxwL9q3s_&}juw9i(m{<PK7wSA=ORfw8Bg-9hS0
zi!c`#V9=4DPr$basV^^re69%6Rr_fJV!CjKtJPIS&@YvOexV3D-GN?L1pP`W=+#9~
z-+|66f_9dIUS9+aJJ6eppkFTqy`c!&<Ukh}LAy&q7ZyPq9O$=-py^W3WD&H^fquUT
z`n^)nZx=yp9O#dVpg$}Hy}bxp?LdD~1pQel=#Pt_l@9c`MbO`rg8s4yTH!!f6+!>2
z6!iZTLCYNIgGJE$OF@5M1RZ3%R>OEh5p-QCXkQU@z=1wl1pPxP=p#kYz=1wr1bwy?
z^r<3fzXN@_2>Pc|&=-oJTO8=?MbN*Ng1%A&-Q+;uDuTXQ3YsZ`ZgikKi=clmg5FWP
z-GDxZl#lM4>4Fyo6#H^pZ4EC>2>V#-m?@%C3k&?l8o?42mr)RW+8o2Ku<zy=cBOqc
z$FQsIyE%qkW8cj&>^i;M^BL-`1{>T6$5yb(2A8{F*amxC&{we49>bn)lQaz~;|!a`
zaUm-X0cMU7&9d>FEn=3m@0cJkq1$&X99XdNu8E)*{3)!}qQa|PSgS^bm%Fee1BLH$
zVHv+Eyv&7bTzIJq*SYW#7q-fDWNsIh?p^ugE*y5@`7Z3caEA*|ci~wsJi~?CUAWza
zXSnbz7oP6I9WLy<@O&2zyKvlvn_RfZg&SOWi3``c@KP79ap7eyT<yYlxp1WmFL&Vz
z7hdhcWiH(7!h=wx`eUOD54i9qg_-8Jn0SsPn|QX^T)5wb0~g-n!UHb6$%IkC5Z00A
zIQ_4)#GFlIL*4~Av9`i2{*=NwHf*+B3a8sv7#Ue9)e79@QaA~R>6Qy{KF%sD!#yk9
zacs6-OrkXnQ2Is})^b7NO)hhT0$W^wgL*X1LB<_q;1cVUI6y#~N6S$?7)pd~_C#yX
z(#pgfb4Cl<OGX5)Y230Pb@ggO<^XlB>Y*ETYLK(knK}{;dyr6Q*n>nxtzR@ES&T|i
za5GxexLV2o9N^|Bl3HG7aEn{@r;q?QL?$g)mBQZl*M}>(({K|O2e|Bvc+=K(hVlOs
zo8%{Ug&z!)m%X}OetI05n_Zr_xN)?xPQc~~FJ4VlcjaMaWoM@+at8*c9UJ`S=Vous
z%vNh@f{@1kIJMUru||4M8E4Asn;YR#-Kg%2E5XSKDLW#Pc(_Kc9><j))y!3`<<gAo
ztHmPkA?%98;s76K6ea}ti6(9LF!BkkQS%8ss`ebh4d~d0#hcFYy1S*C!7-|2du+*$
z@+Zxzn8Stj>?)1>3VAT|dBabYKjo*QPgQDjwQ;ksUlHzkThES`o}I~yaDI(u4^duc
zwPesJ!xD-1C?4XJLFxiRhHaQ9OG%zw15|C6Grxxtte0Un5=8Id!K!dz{$V1Dx*Sr3
zslsAFE1-5$u<D96#tge+N0p=rporO)N~6QDv;tL7(*Xdq%&r7E@&{0Dp7)vME<W~a
zjBd*mf}x0XEHiSO?w1^2V&9dD)>b6?-cRfrBF0eWP3cQ;yF}MCiZV|2o*S;F-EFYr
zr|sGdTD1*O(?EWu>aTXY#gPg!#&;Mh@GfVk>`qzZyE?)48syzLI4w1=t|fK(35`3Z
zVaI0e@7`p|#@l?I7x21%W4IKv5QcZ?o(V;Cdo*Q;&g`1JV0|}Uz<K3(O4fJ(F}B3|
zj+h3cKr=aSH3lZZs6(Zn)zUs+OxI5|x*$TKT3-qT-`)EF57mfv%7VdK-@S&e=}r^h
zY;fVA@q21?+B263ccLV>tQBg&wTh4P`g{IC)>Hdtf5a^}$7*0`p3PO=&Q(Qwk;gu3
z&p5??$l9~8#Kcxq-dz8AgVFm`A!{&-sl5D@uFsAwp%<ThzfybAQP_+2VlVm#_M*Mm
zi>_;lb0vrDMF;n`7qxeA6zxSXDKQomdlVWr&IvnfQQQ_<YtadQYJp5ze<T*HGYLn^
zwe`?%NsRCkC-A$seShOinGy6v!CnJze4Iad-0NDT{PH=A_lO$@b5)b(!iHW^NA#E`
z&%miDu71BoAe!nZXeL%yiW=bPaT4~@2JGfiiG6zH|F1S+mIi4ZssOevyS{+BJ|la%
znJwH_RH%a2eFG*l+3x?{%+a_b!(I$M`+YliVD!7uXb&cRUvr1|{k2jZgdXeK>_~Fj
z3tqRme?v-yUr-e`i^30tRfac(J>OA7iC_*njtX+_qJVE^l2aHZClGyhdfX}43S%ee
z;}ddgMhy~mYdmqU99MRr*|)<-1Io@Ouf@(Q^1R|`%2pQqp+3Z<@_6jvqW|Dr)peAW
z{cEx8%l9su=}KjOU{Wzn-D_qUZRV7d4ATkg!WV9;aT~t=r0ErNxKm0K%LT<5WsD)e
zqP=WmueXx<B;50yp7UFJo<;Ru!8U}QURJp2#WDq$$NuJ(2<}}CF-lF=mYQd3|G%79
z<jlB3{y=HCnVRzx3OCH`HIZoID4j^8J+~9d3a2;K<bfVsK)H)FKfzEk56i7QWtUb<
z2L&`GXuo3sp-A(Eo~ACD`R^HVXDIG3hkg7pjEueKH?c{7$UCjxeQ$F!r(*(VZOO=g
zEJi_o;`IUC-?GJo!_Tio(=9ms+%WIT<jaZIy)|KK10$j-myO+o0pM#C`$s|-jqT^{
z8Q!8}2Y7p&xAL*PJj}~qaPj#nPt3Wp0snCQ`TYBscg3&;_S2Kc@-^IjZkYQ^F1q1D
zzvt)G`#83&|1)E4I7JM*?oq0Zo6O#6*rMUTTXkDs3E<p6$t*8%vu$FFK0IuSfW7BA
z%;0s+B*CwLQBB<*2|bq?O$$kT3}NQTcku8TO;5z3#rjQ|cNrsczc~;I?Z~`N0H{ZS
z8dCz*pLxP2JhD&1K<2+p!u12xRv(TXplsP;zpnvXEy*YNw2`zjY2b8P%FQ(x57oBQ
znW9m95@Ys(y4mIc&i`G{WsO}JnLi|iGf~2e;}VaJb`kfJM4B@P`#EF4rD*IX{y#cj
za3<AFPuB5*U1&RDLfhw@;-?PK(Sqasp=X+-1s`=4Tw*7S&9O15b1QA!&>qbgb7pg^
zgS^g{dh7ousaWkqQe%hMG&(P-Wv+X|;?k&#^BDEI`#^DKEkEwKgA>{ZEaUxv(Ee!S
zBgpKMaJ}vsqJQz-^YjAs=VkXncuz=tcixfAy0F?%S?ojv_K*?SdnK^HkvWV^5G?xU
zw;q8GH$n>A5z?oN__#H=*IPVDtqfn#0tOGkh|f%98s7|FL>?=8MiG6q>X3w4p$^aU
zfax`vm6Q-kZj2=Q2jr;SjL@$~(`WZ$fIKhOlHAym==aQQf%Q8T+03B3vXOCm-DQo8
z&+DR%43X=~8~I@j#@^uh4o|t^#Rad%r->Wn$q>)J&%ZqycpDgaUiZhSCfD9Y)8&nP
zeG}iD`y+0M8;CRy%sVNH<w*UL#w3`n;0j78I@|3YNlsf~&VDuz%>82o7uAX2eS@(n
z)Tw~7r*ur<NfP|}Cxp4Rk<dWq0h(=v-vS({^}2ovdIYp56JtrG3$GHd`~x0RuAA!o
z=BK<xkKIK{&3)eDwR&Mn;QW!b;wW{U>qW>7IjSoR0W4w~H52_HF)RjApNOy0Glsvi
zRMav<Yog)zupZKtPTU0T3UK|%W{|q^0QSC*<Ebm1>Ufq7DQ>S=<{rdvvNt42@a0aV
z?#X;zc9(1tNc_;Jodl$>=c)#;ML>n@xr8#mBoq^u$lGh4*okvD$uC50Duaq`B3?7h
z7CmXHk-doTS2!=aGgS$$6f>QeZc39R%xKd>PP8widLRDb%nW@uT{U(bSA+e0noghU
zv}b{0cZFw{Qf%-3D7L{+Y=fcL21Bt8|92ECgBMG&4Ie_W8$N_$zd+7?DR#~mpox8{
zH5T>j*NX^uM?yO@ud^(+<1WUe_xv+3^Xbe5n;A1Fs|J~OG*vOt^hH90nXQ_h(p5{#
zK-G<{LKP|mJ5$Wrt|UvU!FfLrJEK=K?{R?<L+eG#ep(~t0KQjJet+iU9#;eHo;=iB
zyoN!<g_c~J2b&n;E&i1TRlda0i^ND|+l^H#2@y8)p%q5Q;X~v|+v_?->d@PJy`Enj
zER%$l{p^vCzYfBa)iC#~UjH_k)~SH*g8-FD2UbPXCcl--{FEGfBY}fp@H|`5$sl6G
zrp*0{01>+)p<G5P9g*3;_QMK$cSnnK?cUvdM!m2zfhf1lcOtI^(E1{1hXeg&5%knj
z(8eO@zxKn57`(cOmVfPs{cArgU?Hjj_pkl1f9;1YH%bZY%aM8{N!{hb)h@iug=<`R
zsSDS+@DdkpaN!;oZgSzc3x{2Jz6<*<+~LC0U3iuY&v4;(7jAdq87@4_g{Ql4hYR~I
zJl}=GE*y8^CKv8;;RY98;=*+<ywrtjTzHuaSG(|CE?nut%U!s_g;%?9nG5&2@W1xM
z%FLG4Ker!dg~hFyEFl#>id4w@DRz8`L^zNche%Kq8Dl4uNMZfi(@0s%H6%uJfm(?B
zqUjHTWS--tSg6;fa7kXyB%|MJ+#G3slKUp`ZLlu$;8rgGk>vu?;NA8JI!g}YgM`J8
zG*<fKUY9ww5=5o4YSh86;N}HyA>X<zEUpB~p3x(I^0Bkilk4sAuw2#h&!W2QjfUPc
zr@uI)0hsP*d^0wJONvf1hY7VV;#T{S@voOn;C}fX+2*d^*y(=r3R92HkLEvY)Q`ad
zdwqC?DY0dJ>#1d&&08<m6-Ld*ddW1Ren2<;G|f37Ux@TKO+nv{rM0(tqRBwpFBRF*
zT5XyA8ZGA{$#)|mPNs6L$2RHnuw{Ia`#(OT4F{HstSKX*KWgEx^_iZgiKFh}m>K&;
z@n*Zw1VeTiiiT5_)Vfhy#dc9=9Tc$ol=@Mt&)qz=`W)oR>J#Ov7Ok!<7OQ5}3un_>
z_n%+1PU0*a7YrWevo5K~e?2&cW1_kYb*x77UY&lQ!Qq_xJnn4IcYp0IqY^1#$eb9l
z-T#tZy{0Eu=Lz7qpOy(BTdf@avv`hu+Af4;7Y}~p3l7Llh)pYW_p$k}+3p_y!LQ}J
zn9S?T8$PVt6N3j7YrckVDhnRFK{dBjtmYd^;h20y7Hs6BDRt(C)`s%Vt2UH3oW%7}
zTGqeKrE}cJjY;!uwtq+ChCs(*KQ&CpVI2h@XefBtw8q!6lOW+UqRn?&5<X_HHfb#u
zE~$z%`l`y5_2tJ-;B0K3h(uo^;%I%pCE^MBVr1TK=y=!sVvF*{m@~y{)ZTO)4YArQ
zq2NPia8%e*t{pLCDU$Kl;Gok*7BTL9b^IW&*6_NIc?*5rN&I*#M}Mn*Y+2VMonCM*
zWb}WA)b;g@UO*I{P`vI{`%siLBWlp-d7sa>WX(Zz3_h<KOhZbBU4f`hT~h-{OL7xh
zCCfUmz*PSOJa7x&GCc4ZUbq2r_0?aTK<9N{WriV&nL`ioS5N4iGke0dSAWq@mLH01
z<AVyAPFH>7=Fw#`+Jaa)AH64dIiVG{jt=5wf;w}EkK^L8Qyt9?9j$)PvJsZ^y07Mw
z!GC=Hom}QJAWf8}@*t(C2vLn3nBEaPu!W1oI}LeE1GA9=c^p^3hONNX;OKe#jIl!J
zYREt+H6KDKTsSwUP#k2!!TI2sxhm`q!_o@nu+?eE-bVZ42v7(uCkOtTFBaQw3y~jg
z@5U`O|B`6_$o+HePtvAIg<-r8*PdQdhy2i6Uw+Dm4c`6n?9uxvLcZfnOZKL9-BKTV
zNBbhB6kkiDBB4L$+hf~I<HUn$XK?swmJyDW*2R%(S?oXqm#g{&jI5yA^Sb_1H+I7`
zta|TI5;H#_O7?)roZEu8jzg=`MkwgM5h|Ffw;T1=%$uJ+{rx4J9!*#EphtS(c=81Q
zc?ua0C(#rk61-bQ=n_&l0-n#by{V647z8^D(n`+ibNQGX6(hTs2Q_UxpvfV)N^$E1
zm9Bd1&4WeW!9yoYZ)JgMP~!ws0P+she-LlyvBBoAQPCxZf@D(@90^SJX7s0>hXnVK
zo}H8L$6%<EuJn^nDn?USu)UrbHXy3D{O#Z}<K7`Smyc%8D5=>W1and_Q)R*QPoMa0
zVPy2DvQ#oX?8)50gl;o4okh@_6IIFVkSzFpC_iF?UyK=2mOaYFXj%-OWnVtCMO8lV
z6UvcKL#7ID06Mcl*hoH<Spkd^=|v;SQu&P<wiC~>T{}oXEt0A~c)3d`ywCWR3Vu>!
z1KI=%F2+(k^HpX1!KtO+Q(dm6Mw!p6E;oN5?SAF^gz{Zs(lUqXd$wujNZR4bES*v?
z#Q;b`>!nl?u$0HH?&g(hDk+$MHXGjf`!WbJ=(t3mkwIzj4}(C`j6;nb!6=%P`H3rt
zrY#qSHXKF4U}QPnsK(19L-3abkST{QAWgwvxfhA={NU&LQnR0NpEU<9y-NDUCx&yt
z$*oMV_H9S-+$|MlS#It$HS8Dlz2*UW1TooaMeF0>)qGs|{aJ+W;G>(=zSY1gpwouI
zOKYgXQ1TRyacxy|NSAyS{8|WnM%hC7O1c|*@q)NXD2Y(^zE|}I?=IrrUVG7R^$>to
z90|^uqvI+&wV>9|`vYTdeM~gH$`{aERc7kQVnKE4HAd#i1*u=}VYqgg;mXaptwd|z
zS5)JT8Fq{q3hbQYDZ?7|zG2u&JP_ISdOWZC%Z?9P;S2>bHYE3xL$Jh2z8swP=!h~#
z?NM|je<k;&FZ^3TrTpa6+?pOuT~(o}>ztOjt^sI8?Th?+p&W%6U9h>^-s{1I2nv*8
zuOk*9?B=RIK3x!I0_=X8(xb_3hBIZp0$_{fbBP-(%VO-Wy@|-v;;s5BTk&st-RpoB
z*_37Gf#XQ(5OYS5u;PsFUb{1Q5%5=k>DrkSzVd~RIa;QV7lEyw&@ubED<;hOl44}7
z<)>{5V(w7{;lcgv?YRR?^&7pe)x>&T_wd{Jh%5|F%Htz`-zXJ8;u}2tT%X^(vGa|L
z;BEcQIADr<gYzoqaTjp%Z-qv5P11g1k}FoTZAtuWw92sso>1CSb1NfUtkU;-ImlXb
zsgQ-=m0kGmG@^npJ$mB(Q0MT*N4S6`dv@}T#9#LK>5l41`lfahSFr!!Q2ufb<!_88
z&t&CsF4E0eK{VwN9E@_%HqnP#e|-&G=N%Y@bUqc{u`U!z{s|X(*F4n}NyQGSjHE6)
zq>fAa%KhX-2G~Uvxcj1xTBYDL4(SG`uQXPCquM<0v}OumR@+*#i)(PtCiBEMp`NKZ
zmHwnT6?p1_#^z#lZemhH&5g|1co-l)*Pz3l`hpI3)|e+&+Io(;sG`Oj6RqH=XSw`w
z_{lky$k7WQ7Fq7Ip{%O;zt8Qlf86-&@7&}c-RG~4yFb6X&+C$LyCm_x5B4ud+v(fH
zu1Zeo{HF?&#b)=Ndc$5ZEOwwuVw6@<wq~U%Cs*|{<eglX7^IWIR_AA;$#<gZQ~hs`
zWb(P&qAh*;&EFkaR{UN|?zz@fO>6S?U{OmhH~C{;_ireS!BSdsOYV6JjXj-Q7s20&
zdP3A6hYW!&Qh$#LFbtLuZ7dw)`InCTOMCuhdj2Jxe`(0S)Z||(dC|7Bo*KRr+Qwp)
z$i1=e@ui41fZmZEs!B+{)wshfu5wk$sDv7U$>d3+*ysWx_3OFKc&m5I>%@wKsk)dG
zpa^&chc=Ic;Sp;znlVJf59@P9hc-0Y>yojMY;)s!vRXBD0}JYD{wJ=>kW1zc0-P63
zA(yl!`xE^`Tkbcdru{v9VhH}ZMgc7md=oE`^tH9QHW)BJSJn<^;I-t&)ke&&s=JH)
z+YDploT`VH%n!(vGk$epQ5l)5MfzT=i6kB$lJA>rPp&G>*d?8)X!5=6wdyWaRDVQ>
zddv*#SPr{x!K;VavvrE6q0BZsV;?O&Tel(hF|!Uhm-S7MxE^upD&AxY9S2q;)1nly
zTfL^p<QvgsrY+eYOuQD>V_Vgx38FIDmw06;d*mQx_mJ6*+QU8pyJ7S%^Z7T+V&Y=<
zKEGapuMWeIdT5kk^f#N<y_T7PC5M@d_)_5<C`~nOP#pc#t0%SDXu{aHyLipKLdzDO
z`V(xwp2P(_O`oo2MlRDo^{xa2qrc$kCIj(MobtVvAC88d%JYxD5>)mwRU&hXRLWvC
zs;Nj@HB}8Gp(j<WUNH*EMwsw-@y@gizw^2!E-^nSDn!ztO>!MaQN2WTj)*o7Vv`DJ
zw0<x;)P7igX7F}6r@XN@dju1tH?s2(;dh`VzF_zs++T$E_@4aeY*b@S?I=ri5sj!H
zO*IJ{jtWeJTHs)s)CA(fJQeM)uHjezRDw^GkTl(-Hukc9`c!6->X*8<*4W}ytNr>Y
z?T^&|L75biA$9jpC`B6{=My3IO~hn$^+`LrQssgb*kV|E>iiklQHC<F`%sHBg@iLz
zf)BeH1I3=&*EyoC`F*czTLs^&e_uFLfzsY}XOEEvV&7Um!AZ+}EwPH~yrKBLUs8xT
zkV^3Ps^7R`{eE49zX5pqbf5ZJ1}8&9Tfb=Y+gy#UqU+y|4t1rYPhBk5k9!!-@~ft?
z{neBct`?to!Y-|8&e(D9uclwVzktb-nm!5qhu0L3?*@}mTw!<JsiNz56l=OeHRU|V
z5aM|*r4zEpe-N`QPyLWZF8nrM>qkm!tt%h)kKYwsgT0^r-%qV2bBn-4cDB}j^LF}Q
z;&}abzkuIIRO?#{=Un=!{r{RCbUV)e>swx|ZwZ#K2L8jbyca!uN=1Kw9&R(MJ7IZ~
ztMC6z6|?j7*!iXX*LB9d1>F9&0NecG^>oxQ3~GoSybmROH#-zVLo`JZuN6Ovti7lw
z&Yu?a7?)84s=5}cQK>AYs;=}gUay8^h`JWTT|&lO$zOdUar!5wiy=R!v;8!h=irxX
zY<1fainV7f<=8Cvo!2$egjzY};jJ8>*nMJbTw?d}ok#dN(zdZCiKH(LWyhfTXJQU@
zR%Ep2K#1cA==>AA#(0Zv*Y}#Y$1d<zPCmIceb%Oy#Nf!;M<t%DNo@F0V#COm)ri!&
z7H`U6OL8!g!yx+KD8qkHvHW?F=3U<6gg%8t+nU@E8L>-}WApaT|BTdg$a|LgA}4-8
zK_s++dJazvo*26@F?f9Ej7aVeUe}q*oZFB+d*2db5A0Q^{tvCw+;y3d3PFPRx^}Ye
z=Mc;eLNsp~&5Jazi?#9LQNz>cZ%XVQIs5R$BQ=S>A0_%mt}$(x@@Vo=b6!X{A|TY-
zKTlpu7vH6*zOCiSr~DC5$X$N(y3XIJo9|LLn}r~~F<$~Oz1A+*ZL=JsjMcUWH}xWi
zTd81*kqWYB>{D9op3<uQW&c&1`)KAUDk8B$pPAuxSE^o?A?rJb6u&dvey2PSJm2en
z)sUo_T?CwA9q1~xH*lAAE7JYDz2SfV;qYbf9j`m#;M;?9sfR3;t}m1Ta}s~ddrL9C
z(1NRu9L&Y34|&fLq^+xU(QI2qHZdq=lae^-Rs)$4uvv#AA8e8?s;$(d%Y1to<4EJh
zmOjFk&T#40c~%*8nLcS}HOxMc1$ylWQw0G%Y=ExKcO0J<uhFMB^0eUpWx-YB?-_8h
zA%lOwHNFL|p&wjBO&8+bx2$Xo<8>Cms$YdyN#}X>tQ`P~PP)@9r8~_YgNRhy3yrJQ
zMoxYTUlP2ezgSLyxC&DaYArqcw$}I~)<>>+7+duydt1!uGm;q2@|>T%D8$NA4i%G^
zg(|V;vtPuvvNZ&zaF4CZ0>zn`+bk6mXi&iP6M-gpRVWO13i)!)INj}Ts3vgBq6lXf
zN_o-KE!c4O^>-Q3-EEp7+2k%Y2Pv_Kr!%jN^Tzp~sjTK$_1wVI95Y)%w3s3lxZ6x=
z64f-NN#$R|Q@&rjcJUIq=J6RUENO69%AKZ+#4;mSvSixt$4+n`8^tqUJ1JO>ZA*7n
zN7JYOIK_=F2XbFxVm*B6@t7A$e5x$QeJ(d~`{MK2Aiwxf;cAhQ*{S?9Q&_yXwg<mm
zWqZ&}$KAbFVG;YdzGs?2f2tX1XbL)u?x^-<7HyOE(#of1;lSFauyz<`^tXFyYsM>6
z8=3xx6~!m0omo+w$ct0?7%foo`;SvfW{AF@=$(NHZ)~35e9`c_d7KZpXn4b1t}BcU
zuhF$5=;dRzVej@nujd>ZA>>1$u_2Y-$_#3iE6xNF&DYk3=X6SXUM(E)mtTq*eX{AW
zTvbQQSi>d$PP%X-*lb%gJ&%q!vHBZy1ZOMv(+$sN1NpEu%KfHX)u$=O^m*n+WAMG8
zHk_-fJ>BTY3_X2M<tOF!)P4B*$<z^M(-cLw<EKx&J6ZazgNj|weVdumPi+g^jA1-O
znopX0de;@PcneDY%zfHRK&<7XdxD=HjHdj!VDc4c%0DI<Z6gUmTCw9;?TVR&gPRl_
z7K{hTJFqZVXZqevXkT6qa{sm`mz`N4uYQ!@LH0<aQJ<bY*J#4F1*e?|8KB=d`7eXH
zY;*RL*;8G@(JtXo63~a5Y=@e(t-&zTs73JpD`cuR`gw>rt}2e)9b#ApQ_ly2xMhl)
zsV`q|iYV0PFA#h1ITIILVjl8e-Ezr=(|uOp3pZ$S5*+bk%{BLK;=L@!e$TxddCOJ(
z#~H%sy=8`R{;q;YuId}75x4N6O2eOC_7e|Re75EDnZJQg8PM9Ce(HBBDme2LjhE8=
z!8_MNY=!K>3i4^&<na~Kwifk4Xyz(1mr8UwDo&l8{`H~@{e^#9M#*yfnS3uVp|Pi2
zdpN}!VwMt0Y`Kz4sH;Q%!reC$;VoXEXl8;Mvj^8nBc`lxomhkHb!I4%*mKalV;VP?
z>NgjRt6^UFJ)hP+6V02@e?38<@sWE%U7I^k=sZr~#rnoAeA2>q4m55CDi%p!vORl%
zei7szD5&8c%xm9@`8l02s-`X37uop~d$EzDceQo*bxu@l-M+C$${iin{Bs}UL}Wo9
zyI@oeW*$xvyPXw7@=?}r2$}LN7t_ScJRJP2Etk`UwVg+17OJZ0Vb{FGUJ&T2*ic>z
ziptD&wzD+)D)v^5oUEn$iHu068fo9JlIU8-HT{{Zx`G#f1L6;=>XrJG>Jdd0VAJ&S
z&%9-8u@t$W+`F__6YesA^jzYeaq~oI_Ue(?^fO&QVf{4dhbGZ3%}hUPHu|{OWR3ah
zoFmu1h*iUxt6W-=0g`mC$^%XsIh2~osYv;AD)YMPN!ii4s{ToZDy!6_xX{9fMQ+ln
ze!k`M&*7ieZt!dkuBq2>-Wgo+XQ??~4i3D>5OBUfO7;s9f13rZN|N6lMyL109CY>u
zFN~d8CHmTh%{Nbrp4s`A_zmSlI{)acY#Fv^<K)o1&G8!!2(3N@Y@jUZ>wG9af7p=N
z{S1Ieawq3$>(KG7x{=*IEi|453O81>CVQ)<pJsULVq#|U;m#C@M}Z*Os&6aDm9}$E
ze?v6HA*Q!=0F!BpL;F#$^%bxCa~gK5!k;=_7f#{EF|qp$?-m_~;~og<3yIHhgrRwz
zcgxAV;vf2eX^op(5(~=9D`KCGhWewa>DAHH42IfZTL=&TqkzhurD}NHWxU&}c#Cw(
zOjz+2y}?^s>RPWx`j3N6CAXdCbw5pXhHWGciLni`S=UbVidfrSGyDx3NF=p4n(W_e
ze<Iqv-s^f*NXu>Dpg|btRU9-4hdZ~PlWHyBa!x8*-fyb0mdiN$qM<>y0gUUa)`~~L
zbKrGfs>-eT^{?!olvF$a;`hB#?x)LzX2wo=m`x9F@kszqrO?1&q(<4mh(QN#O)Ci-
zl!QTv4@#&iGh17TyEootGaTI*{v~@UYJKbklj-2jx292CU8H%i^RI2mfwtpY%d5Rb
z8vt&b)LLFMXH({0-dPxq_ZGw48D=F|Fb%(RuZAD^ziasCRro*C@KXUSHvCv+D{1(6
z!ZcjI!qjjfkX2VxB=m^4=sny5(r~tYuC1NH(6qhUWFM7QQEdYi2w2>jfWoOEsuSc<
z%BYD=^}YMo`H6uuvY&FeL-|OX9saT{bT7`xc6Gjji-ySYQQ>bf-;7L(g1^TzH}bwZ
zOord<r@qfxpfzp|I)A83a3;YTU=LRq4IEpDQ<2Ecs&Oj)HwTGa3;*O)q;Zr2ydVf)
z6IK9eeyZ;$ubHj@Yrv^9fNxiziGbm%AYy7qCPW2H<5A>s35_~2UCy3<x%T%sq7xXF
z>?hV$a}mtYX!?W;vTRzdtBxer1zuM<@ZQR4f2;KjhuAtZ@%3$Gv6l^Q9G1YBS2=A!
ze6lh%El8HvBKuthM|-fH59F%uJO$>a!91w%CHuTOt$W6lrOInLnX8@(OXcCSV28fo
zy?oN%48V%L+UxqJ$yQz~i47kcrl!r$#%`ioe9BZSOSKLti@ioYDoj0EQ(r-vAP*KO
ze&<-t#$at?ZE)SCGNREZ)!@`P%puD!a5XCL!v!bvoi2MK0YaGWPr{P0vs)UILFsEM
zGmnb)XrtDdrX%PCdLy4M=hzMAijgQ^sqs@M)MkE87HcrkPE&$AD)RfltWzig)pu6b
z4WbMJ6~T?i=@TypAG=$8eo4!vEtj-h+=4)o<RXJlMpHLeN)SD{Ej<%|uqW=m35j)F
ziF^=AeE5CwH`<*ACe4#RAyIh_1Lj5?6y{<lx#I4=oxQTX_}hov7k?u{0PJ&TVOq%@
z^Wv#vi@Smk?Pq>UoyFENlyH-%Fg34IgV+xZ_$g0hFzBbwgRG;q1KH}5_ON>@mgRM|
zk}Gjj`S4B-YR#qMH-TP&qxIWir_rIY+Cgq_fW=lkC0Pou%hR@ZuEoc4L(3XNTZvu6
zW{+yI8(xWB6`em<yMNr4{>*{V<kSAnmm;}Gv%^{MHNQVMb-zl8Byyv;)oYu#Xg;i;
z4dhgt6lm{?fiL=!qSB)dj2!&}Th9-gFQPT~rtbC@X&y;kT+T6RZ_(){>$_MYjPyg#
z`$xarmJGPUrp4r7dv35TJ@Hdm%6yK4lx;W~;E?G)_)i2OZ_!MOVKZYCu8)&_v24V+
zDnTGe6Spc_J8I$fv(9DbPuD;n)RGvucxKCpjb3*n>Fg#kHyo>4gdS(^${qka#4Ajp
z-#+(HQ8tvkzLz{vrzKuZB&o@B$n5Kp1uz!;Vv~#oW9MNV*!lVM(zTy}<Z5E==FHl6
z5!N}g7HItk7+2-Y`LvI~C;T9o**jvAf5}yS9kw9F(8WgLFR#r`3N|BpSlh!gvg#JL
zpF}pG-$t&h5tNe~CB=<l%w>-=3)$8Qj=vme)(H&F<dv{TI7y|lavw?cyrcN^nnMX;
zqj>9iVgW{JtYHi+=-A;^4tpQ(Kos0Cg7?6@mp4FshYAITKi7CG>%#H(m#uD~q?Y?H
z<@a9wcvH4So43j(HkNl=gU|kQm;FF8=ncxtFoh|v?K!-`?4MIoIR00UQbw9m@E;QR
zlNj{~Kdjhl@>yHT-c+{Mo)ZfB449ZuwS|56F83J$7A$D_fZhDPUzLm`U&~G~<W%fq
z)Ap9Kmu>lz3*|?0>)M*P#jvzQ;GN>FJiIRc-m;bl)j(?bzN@9ym0!z$Ik|-fwv=ty
zx2X85Ui`h0`{qS1d_DLSc{B3oq0dzK7<O|7<2-Qux;5_I)@B(r%$cTShiQoOUS7Mm
zH81^gfbEy$^_5;F69LYs6A#ywP_<d-Zw*cyDs~&JzfcQmYjj36KAB||3Xgs8=X);(
zIlo^*{|o=7qk56#ADj%#DmK*^O??4H-+i^Sq;Qqq7X)!%P4KYJjiL)uJnOkb4PD~}
zLtv;h=Ie<XWI3s<M2j{AT1qNmqf0P{o;N8{Ye;=znF8Foa`3wrZA5n24IVMmKfxBI
z77Lr_3bP-n1IJB-WgD`T+!6r5qLCr6c2^22NTdqHBxys#N@FJLGTJE3ZAPv@Ah8-K
zCATXupsEm<rGO@MX)#$hu{le7&B5(BvBng_>P+o2OW^%x3{wVA{b}#XXfd^(NU+%h
zKjye9FT$5e>H914{*LUSkZ{2s2t`mh+WdE~YdVlqQsYjEhTfRXraKhnHv8PRS1{x!
zj1Y|O{{ZtE)49Q(V~-6xKE<tAE5oQlzly7X*l2}kdN0XsKp)(ig~%OK5(`d|3)(m7
z{<Bl9r&OPvik(uU{WOC+ZnOK&T7RhP1oqax(?>Nco{D;{177!P?ZHSX{aaod-()-b
zq_UW=D~Fo5b#BkxPVD-j<IOg|*TsxXbDd6f;lrZ0A`Rz`S$xu10o%K^GLOIvb=eY@
zHIPMvx{=uv)CQn4q6>I)y#~|5F3X#%n4it{PM?=8>rf6T>oTW@z`yPde$z1Qf2RWB
zp7rqS-<=F2)d2|xUU25AZ(ENH3rR=ERk#)`SM}3+!M#C6+LBu{`K<x4QydFT>`F^s
zt1&|7_oxoYhx#mS8^T1FZphI3a8@@B|39JlX*y@Y>642j(<*<GT&PzX4(N&2en#4t
z862cw^hruItMcH!PsxJa?!QkS*?Fefsn3%b<5B7%#-lMFgVZZ?RVSZ_RmqE{07h7F
z&F2_a48X9<q}>p6l6&5Y;wkQVcbVZBoZAX8mAzeVKG>nYUihvfgF)sMbda}l0A$W=
zly+i6n=mJ#ZpSGOpJ$mq6z`)l{H!p!VIaAxv+F=CL(&LAHJZj)gj`wMpn2ck*TwXG
zm}a&bwaMAwfgoe?&MJm3$2y(syo`1FiC7|-UBen<CKOGs50?0ryVl4>2bbzmI9BLK
zTPt(|*`ZXpt-e3f9Lzb)G?)oZtmo2VM!+PbRd7D&Xem-<cemtN*<_oWs$nX$O9qQf
zg-bBqp%y2KWsr+b0>_3FY7C1I%EdEnA9Y{G3O3uSov1paO-D|><#=$Chp>uXday&W
zP=U!03j0BaHY_v_f=N4B@erv*b1~kr`U<*q-#j_`!Be}iCN~5Iskua*3lR`Si#lmu
z@MhMsb%i0LM-`pA(>frh%q@gPq}cyhQxqhOM~@Vrwj5nNV~c8+e3bPSw_8b+fFPiX
zN=)k5B(&-5QzE45hzjM1xP`u>jS}8jbzmT&Z&7Zq`KHrfVY|1Suvl<hH6*;ugvFN$
zEOCK$&~66_FI?iF=t_J5n&%z0aRYXlG+!6hhUuJWEuJ54hSV(Ge?oH)bbq41bF)A6
zHp_gP-;mai>3{DY$W=AeO1R_H30*l0tlcIIq}Y$kRs9#-BhzKV#g?=)IjXYxmgp!;
zu_g9ANwG0qwGE{IGwr#<xSiE?58583Juq<lVy7Y158GFatsu3Jh_8WtLl$Z4lTu9!
zgBlT+Z=QBS4Sqh__C=*4As>;4`lif<H<>4HKU{o;i|^;D**b9XH7<U@#NTb5#Zr!T
zhg5Evqg^xc5|(CM-_hKw^h(0AM(#CF+=%GOCDk%{_Qv4&pQqsa^#s1jg@tj2d-;y?
z8;sYx9v~bhT{N}Kr3>Q<FLB`km0xGk>D5{MdUbhx=jqAOSG}V*@=sU0sLyg&pCx&k
zRe7YxU3iHJI~tC=fTiIuAw$E{6%7ryo97+19R_UwH0<QHw7dH{?WP~PSv88LA#}5K
z92|k^uQn+qK6xweFydVNJ)Ez+O3lPpmh;p(oL-(S>xYlmahg-w(l@afKjtgfu^1n}
z@A_>+wV!)T`-f+k{llBtKYS(|h^wupj6C_>@o}xl?XHl@H(Z0VKkCXpm~Akv&myUt
z2P3IZQU=~U&{jOw`KDozB}JW2Q4%Va5y#A*s|p_te>Qf7=9;Lxh|g6WFQ|P*4($0?
z)Lu<zN76Tk*5p7!uIe6go6)AG8_f6eBFt~%+2W1)egl|)r^UPZTQ%-waV0M;Jx8gl
zmjM(>E-oV`lKia**vdZL*Ru@Bd`)YC^yw=;r(+{kXZ(SKCgvc`m&(j;*+IVDEn}QY
zhPiy_Hg?N`!Lx{E^N5*7d@@3;oZYOqyy`PAhsv^51X*wxW*Y<-u%D<Hjc*Or;1hY6
z{D==~6*JVq3{cD9o}@N!?KufC0*$%gPu0v(hZ%tySRK+R5wTrv;VEbp^UikyxtA*P
zaw?)~R|o&~XX*cT2B-h~-Ybw2eb2(b#i=T54>Ui8-KF!0G7C-4cO6=zy`}Pr#jT~L
zMjYOp9$I@a%+8%Bh)*5|2Y!LCyX~cIE%#A|**fpu&P(QCf^N6z#LnZ*Zc~Z8ZS&u5
z^LK7H+fA28{-^DxqP!kWm5<tYW9cYuH&yH#i*C<uH$84^NJ~E1$DUF1#@JcK^5T<6
z6}O+>&YtMDpQ>e)ntZ)+N3Lr2QRd78oB5sNvQ34uvb_hZ(d@n_Z$v);jnno%wM%CO
zcLYyQd5g1x-1GOma=s|-P#en%%KNCwlgpmir;V8RD>6C9JU1cvv^8&?<9|@eK?f}*
zCyw(vqUZs$jk&6Tk(9z*qrb*aY#f4qHeZkIWV>pYrje<r<4ApRowg_@nsux_&sR^h
zsZj^zMw7=|<uPXd3m+Dx6c!HX646BL2pZqjxCkC?)!H{t4|}a|my(TRc2e-9F6Z3A
zxfQhQx+Z=uY2u}sm(T0xs>*2dW1XL!*7R)WB`7b3bWU%Hzc-}w?3VaHhI-%aZHeDh
zIh0jULtpHZk<=NH)F&{jk&?KgwdbPR;jKNF)#6$2u*1g+ZM^eKv{a-OTEe!8S;YTw
zK<o&7-6AKp)=p^gD$g3j&v{3C^(az}R##llTY1)Ll94%jbgMZ@VwJab2F6<1Y8ok1
zyHbY$er{!amnrxr3SM9eK2rssTT(D!H=QPtctSL3*SIC6GKs!Ie``{G$`H$n+PHb%
zVGLMWd+xLwiA<XMswTxsJ%Rr=aGHdFEO=PJQN(NICjQXcW6d1GJf*Mf>8j-%6v?;M
z_VUz)iW?PeJ%hFO+-BHMYtJ3V-X`30U+r#z!_VqeDqK5GIQUO=e%RzFZY0;!7?8`j
z;E42g;-bL!5*bZj$p&fqZkPG)+BlK0j8=WwoSglVEl8Ot=oci5m(S3*=%28pF?~d5
zM$A;nY~U-5_{g4VzRQ$HA_Jsuj+v-9W$7@_+pO3*=E53p%sK1{3>Cx1m({1w%H>!#
zV79<&bX)LZLrI&uFEbN{<^$T)OTB_MN+)8ZcU!MjZ!Tvy{$bH}VMu(gppQ2CbhEvG
z7i8yS9mKizh40<08ZCZ>-vUnMAz<ZUEWo=CS5rxtijwKQgXSFzk1XgT;`fa+se5hV
zzmZX2@3n=WAAd#o{1*P3b_?H6U&t1|e)qqH@9YzzsjgA_;J)0GE&Q%g4f{#J(XwT$
z>*P}wi!GDA$V0bf=W2D*{9@-<-3ED_#%jc&*!hqRaWfvh`f}q=LbdUeTXR)?3~+M{
zrN>~)x^*UH%@V@7sxKd^<H)d4YyzYcz$W0*du0<~?fh0#3~Gzs*a9t@G+kna`In*O
zNYCcX#GWCu=V`?~+fRR*_1*RSy8*+1oh><ZDK{53HZDE_sV4byt}4n4s_v=qZ>m+~
zy4i23gH<DVRPexQS`kB}_S>CZtIGz;%07mGO2p}9aS(A^FT^BT5izkh|By_6>>$}R
zf;k>F;>HIC*<^b?==jdwlew{f(f*C0H_7BBC)#QDf9R_v=h-bHusi-a35Z%ZSv+W^
zkEY6Ks5o2u(KQE~vjRWM!z|;)rnmRa^uEyRP4CrNf^MSW1$Xi&i`~eZGL*%x*BOP*
zYyR*0THRv$`dJ2s3>?N<gtgXIpI#O=*vej*tICmz<KVtmnCKoEvTr|P;IWyN<bT_b
z>5sU6?BWF)SopBe_rWe`tFT=#?S9(@Z*pm9sd>+mz2-Y92z=>tpNS;@F0qP=w3<16
z?l3c_OLy}t<Ok;Txo1h$(m)O<6&HZTy^B6tr@f0)$z!|&;z0n=Y7wy8ov5+)9@1W(
z0cGT>et3uzO3-n>UoJKa#cVTrp9@GbihXH&YK-1zd8kERC{VDW59^h*$)@y`wN0qP
z!Uy!U)_z&4uvu0WCTZSJ$7&mb|8u-lVfHq-_^uHWP5VjgJXjPif{yPR*;$zp88r6t
z?sfe;uM9a{5%MCv#%i8ynGESX&|6ipaMwvEK``_Ev>(DQ!p;wD>BO)=yE?~)0nT5J
z-gA<l%yecXa@4;i8;EAEPLI$+0iLe$+=N*-qKuB{;ok5T1TU}WivWP?GmJ!o3CvAZ
z>Tcc8j3WjhGLH&u<**|GXt|&FvIq5(tGZZ#s_`!gGZNQ_hjh%`P<G`!1GHK|Mjs<r
z4HZJ;8B!^NLV8dKN&W{EewEEvZzXoHlmm`-bJe)h1Yi;q-wn!c7q?Rd%)G{|E|iHq
zbyj+-n$|$1Weal#Z>$a8p1DLMh8u;mnW8Fl;ObG<Yv~(8e)Ar0(J53Ha~hwmN~wN0
z#Ux$$Ck;OZS$^oLX#K9X<liIBPs}!2!8$f0q~;6z>CbUZI-8$?-@L_3e4npILs<+x
z#A7(JXz!*M5{@!W7kz4;hR|ZQ;Ve$~DL?ZERb44Op&_S+PNVw~Z(RH8J7z~ixG)PL
zkq{S77)H%&+;2wrqfYIf&u813{~kL$i{!`hMtxm_ROyUlD@p4-T%)KOq7RzCxeM-n
ztu&B|NyTbwrmioaa1s<HQm<>P-xg`!Hm53|K^n+sIX+#?ql4X6HJPg#JC>0Z!g7P0
zQZ&koxpolxRa;a$48HJqhz5OhUA~R7#~ix_&cPzwG|%gL7;xF1s*zfUt6QV#FR^XX
zS?5pctmzyj4!>=rR&~Ur+GwP^vHk?Q!roZ#Cp+uBu0{|YNsYo}p>Rz-)E8XvqCUu5
zS?n_!k<0jkY&48!i+69#)ONkc?fZ1Qw=!lb!WMkUtHf-<tHdh7tGo;|wK1P<@QRX?
z%B?Bu9K+%Jyvdg$+&RK990m>=P;iMvbg!X@&|jIs5VOny>J4Kw3@_7AF;>?yauDw`
zJLu{<`F}8aV_n)2ZrM<N!bw-o>%f|#T&TzP#Avpm329!t7hrsnxtX5_E$M9w{^NBP
z@Lw_0=hooc1X!OO*QE6cN`T+C8707J_ve)W?E^rcfnMN8Ka<akt-*P35pfa`-y|Yv
zQK&}FE`|qx{Uj=Zagwstalt3_ongU~#M(pmP#UUf#(!|{HQ3N%wJ3`Vt&$#_BISSy
zJ9WYBf{;f7Lx90Z{4Qvg|IRlwwd^&YY($%{HG^nKE0VZ+UX#mC9TJt4OI=@FH>&LS
zI#VegnY`0n4iyZ$Q901HidxfEpTCHvGyZkq3+pDTN^cX|s1SWn^&=I+4vsBkPq6N5
zHh-n^C)Xktd_+Zft(+`Ft_Dy=ROX97TCTcAMWDCL7qQ3{F~3m6mJ9PmT*MY1`RC{J
zGY3>P?Nfy*E<f&bToslU^50gw%vGT-Uj&1%s`KH!tB||FwxX#}#KnaojOTqeDD(N7
z$UjB-IRl$-!h<e9MBu7WRmg7_Qffs_zK9x%7^xx-Di*Q86=B$hLFDEO@>sad?6jze
zihL0$`m0`hXzyAyyCT{PwfI&^5oUg%i1vID?G$nMK1J-9ZxPW^C?Z-?#72k9j(iav
z6cJMqB^2>HSA=YAEJchcDMD;b4XMr-fw_BCr-~?0=ANK~A|lCWDZps5MsGadoLSo*
z#ZD3M=>kVTn#X>N`68yO&yskN64~#`C)ScEP4}P%0Uu^F+1)2i07k*IYPNdafn~z0
zO<3JUpw}hVC_CYeE|F=FC9z9ftws^v;u6~x=y!<*X@mop*rCJ$muS#Ic+e%n%u!~W
z(Y&Iz!aVP;t>lS%7mQ^YU-wQoWbuMF*Q-rRFDaY&$1cv@wKa-@71Wt0J0yC-6PZf8
zYMWdjtU%ZVET31{cZrn>Om~4<3e0eU`3khVY|BieyJ}~-#5yH*5HO-A7Z&l#5~7C(
z6|g*sOJ)RRkSW<^{4k}pfD*pQJC}C1OK%dk@9YAx$ztEbdap6>A+M5azbntL@hU&f
zBL9xsN=37~Qf8iDS5h6|{X8LwS9(YBxX%PFnIU0{9>mJa=K>>Dg5B*+SKVI<ZRvVz
z@aIko1qRIYUG?))D9g;Y2CE$uWTj2xbXB?(Dqq%j926vU5u-6(_4<P)^~;xat%HIh
zF48SdRZo;cS>CfXIMYCN)y7R{pz{E5c`2afFk6Eo9N;nsI19i#O9AsGz8h0Z*^zO8
zGXT70e}In}Kn|AyXohLkmrKF&t-aHgr(vKmovvD33T8+B*5K=|G&>-e@%Apwj`pp=
zC4k9~j49~q(t_-e-x^F*L2w=o31*;bjob9-TQsFJLeQp0yjIjXY;jScsMoqnBa3Y{
z^I@;`X`o(^*k*<;hPYlUBApe-NaFC#j{M1>Hm`LX$=kJuD<nu->*Z-cuB@Fw`c{+9
zF3K_!|B~!7XA%E2@h?O*C`|k#Qu;Lz-$y+6ut{?5M!t*D@m}jr{_WB{J{{>+db=4s
zrI^!(Q<ScnWuA89NjF?e3Rb1!=6R>P_1soc`Ine@_6v9l6U+3Z@)q})Pnh^S+~ycP
zY~az@=}8N40JK@grR~)CMQY3)Z&ocRgl{xJ$Y5>Vy~g+ypp8DY+@u6CDVoJp&(SCL
z*J+wuB5ao&YPt%*EdYvRh1HFGPQrs@Z}|;Gw%7$kTeL$W+zhI8GHYK|xT!EtyCE1A
zrzGqcQw^^$CT%4ei>EMIp%U}%yLXm+$5$3E>Yg>+E%vUOsIQsLDdk!t8e-=;S9ORW
zXoHv@)sBrF@N+VzgX<_NIOuu--eJ=b_UqtO?#!WhTCVDt1I?vY>H_^`M=TG~8q*_`
zVR}AI&oE7_2}sAD`2fD?%tiK7`>%L~+W$(B;<gJ<`H<Sr5CpZe8ni7~n439ZfDh>t
z!cGP64u2H{{nS+Ki?4vu!Qlx@o-_+lz?Z5z{IPw(Ia4w^^Y$Im{tB4$D%nO~ijROj
zi1N1NmBSd+mkmRv>12LbVUJkCqgA3QB}H+{04juc#ASJnZN4xh#gZH*4vl?2dc3Ow
z!%g^VL&_bB?oYL&tag*nhFNC#lkPUQU0(MbqsYC_v@-a&_xG@_xZ4E81uDs%xd;dq
zaTm47SW7936wMphX6~t)!x5!DA@7#2(bvYxMa10@G+i7j%ghu>Xf&EO?DU^{3*vfW
zv@mX+i}<*I%2kyQbG>xo$%20fpkD&?ppc)d+FEW>wI;$A{cJ$sf~!fwl|rCS5CgK)
zd|F2jZngX??GNaEnG#*6YLu<6R0O$td7|Y_Gvk6D#Vj*Z=CGNsS%v5T(Av?0JH&y_
z9$whbGuzZwpu+MjaUGN?rGPneqoWUWtWuefCZnz1J!H;TBj^cO?bM?lnA`w#^MJSb
z6kfc9iUwxnoUcXFpBw2nzk~fU9$vZW$3Xi4sR-L%Zwie4&%qz*{Cu@^Y`K>*Vr`i{
zJk0(9*4$BSyHQ!pi77K`GMd(wo;JkjMlvrDDz)c}(w8&x1$o^%!F5g=#j?W^YbN?>
z7`-xf)Y!6EbFS*bp=LV{Zr}N(OwR;UTFHK;{pRq!z6o*dW#VPeo;sp#+?=a=i-E{U
z?QW(xO(*IVtzf(A6p`dOj%;_dF@pWu5Vs5W2ASG)G|Ki7#??Z8BzgGow&b<LD>x-B
zO`5mpY`$)KO`4cl*?E5Q{Wdvt!zPm@b)^1XQ!)l%5lR*<HR)IeeTbmK8E!1K6lhl<
z&1N4F^JM~PICN;Os%8}4Q$y4Xlddpd4N0@Y3eMKdyX6;Z4|*MRj*rOISR_^MMN(0(
zLVgPH_JHFo)5ddCt*2rA)jKyrAw#`I@`T!!zNq&7DE<yizENHzJ()e(U2`V`QtmB!
z6_7}1<GIbPr}fUQ%Y2d34l;l!?2o9R*;V@%!nxwv!xXuvt@#=6md8(^ko1&Lr1@d*
zmIVad_u5i1>L{$H#to08z^Wg5)=y@m_3wC#t~GF49%Bx=xRa1Xwk93nnJ;Z=Wh6b$
zGZG=WsrIPh#&AtXuoAuCmc0#W!|EcqbI|#L2CdxtUMoK@J^AB)-(Ts;KSk>K8e(9i
z`B^V<52T5AIe|#+g@E`n1YuOT-@*YXZg|CgSi$AIZ+?XFE1f5BHQqNzivEV?Pr%df
zCHR4CqRCx2fvX*eq;$yoZFe@{Q0`B9y9GCxpeFH5PR{D&K!~qLLJyNf#)vm%gI9^-
zXd2qLopW_KW&pM8ykA=q%lweeaC9bBhpFmoxa4fZRu3}jKvcNtx@hx5H+|V3YE;a|
zvvAE`{Rd}>q`bx*=-?-f413>Q&pxl8e4bC|yvpHNe;j~CE=M`Gmit_`##Z=2J%$P4
z+#}Nb*6iLW{>iJUM}Gf{u+F=b4grIu%sc3b*q^fd^_jzTLl5*T{(5eD)Jb~Z$a^$B
z?tm5vMs&qH+Fyw#UusJo7HNKI&Q<5659eaAha!08NUW`7t8Pf=E7^1Z$5PbXBE1&M
zn>~Ji<ze@EPI@ASnK)h_fXNlcSYqjJ&R8@D-l9v6cTBdK7sHMgEl?Wr3!~_%jPbov
z$tlC^l`Z$FC7BaRwzrGzp{>Ws@kw;3n?5iz*3<#G)xUd{;Q{uqM|fj=o?}>(VS-Z`
z8Sutb5NzRkvb94ZiN1blyrzxQ#82*6J0#ZZW3H;1AvCD(@D{D_ZNnS$P8>25{!6*y
zreH}wo}W==Q@k;wcpFm=mbYXc;OfJc`y{qy61>XRI(@{#vqzTYo<@h3ds?ze52=V8
zd0Ax%uZrH3k7hf3i{g;g1_V|aMt#X_PWuH{DLn9(mo&7wtF+)Z*C^AicAiY^;w;NY
z!A4#xkfD@5A&aekp1Q<2`SM=<$tj*tY#a_gt0^v$dop+oJ4!ficB_=XsuNmL!$1#%
zfhtaQcQT?{m8%N51PNd+!Ab`K!(J__Bf$us-tXYicKbc}?o8X<4ieXwu}L`@znx>{
z=+4I<v5r-Rb5%cA34F6gMXRVdFP-Cc6?ANjpO_EmNIx|n$OZ0O^8wf^;R+=ze0U?`
zPKk2YPv2qJE9tw<vfSsXSuL8r(;zlGF%MzLzexX>fNObv>X-MydsmN{#yDU=DXOWF
zjZ+skXz^hb0hoYPvW;KKc7FZ-bpp~2ETNtd>@@wfRVt>Px!SA8D1c`qb#aYRVDip5
z;a1qMjp2=Lk?t!bFUrx|Biu5#Ynaz{fe{aF$7>jhu0%`AgiHRk6uV2<LX=p}Q+AH}
zx}QeZq%dbjgmHZ;+0vk7Q<XYf6>m(Wh5>~{{+6FcpGl4&H-|H5Ru-mexM9kzF<$`L
z{iYac(sNbu-AHkeWRtW@=}YlSgXJd64Xr$dDlM2)o)%2DhAjFBtL3VhTG7i>e{I?l
zdb$$Nmx_qiKhc(+9>Sr~BhDUxLtmfCC3c<BIZ`G$ULpl3aWAzdUrM}sv;Xv~{)jEp
zx?Z|rT%vC{XOJQsZ$xD7+?crvK&@I;5r3y~>~HEKIp~{w3WD}JhXsFp)Ha!F<GJ1v
z6?am=(M7jQiFQL`39q@TXWyskBrGo`++`B(a|s)Z3B4xar!Jvi30~I%l??8-n8aI1
z%v`Ogw4d`QomVqwlz+`59sbafnZ<x}WDxB$2)YNgho8E%fivj~PbO#EH5)tp4eOzh
z+=Cqewx!24M-sa`VvR6TzqxC>x{Di}*S6fti4PEV*3&wmmDsSPCB8cp+XM#J>dw<)
z+3^_8`-wL=gLkg^#;x0%C_npe=ChL&Rlh5K!<R$&S#`ape!`7*aB_(ACrBAk(9`S!
zdR^CwMEYJWFPtu)&!h@~JC0mqLml=}mpwKy_;FDK4MP)eR`Wci06@fh2#YLkZ*Hb8
zk_anx8aFHkUacXuTx1T>iKtT3eMK!(lt_7n?QsTyqJqhPwxD7T9L73{yIav+iRI29
zM*C43@Z!}?A`~dM!8~uZ_CBln5`zbO-@2D-CI-iNU00E)m~JiJ-1n3rc;@Yr?`Tzg
z8^tCDu>zywUe}jRXq4A|wDRRgGfn7V3`J9yR7dL9a;qd-I*iBQxTf9Ifou`)w;Q8e
zqgVf=x9C>@wB)#rb8xt~_=g0zDHTJf(Jy}Ez_N3$n7A++dLp+q!U4{%IEmiM@`}t_
z^X0K#SJYJfVz2vliEDg%z;vYKZ;Ln6j!~u^ZbAacu*1ZzL%goA^6#qly1&DVhP)iS
zOC&^o|Gtr3)PxGY3v$%}Z{^>8@3-rHMQ<M^*j2rJG8$UH@Rc&ia^Wsbsb2Rjl!qKK
z+`Hv5166)NCa$QGTFu?A>~1+J>{3gxJIZ3W`*Aa<9E${OFQm?;(Ek>x7Xwg0s;??o
zr2Z_qFH(;u(I8d#l$X};IdEC1A9U??A4QeCRkjCbYRfA#nwXiej^jYhur<`bY)*wV
zTo#Sd+Pe7f`xX0p{rFOUvHF35#R-~ml0DK67Y!+W%ybQb>dXdYOE;`C_wrtV>nMe5
z&)iv>R#Tc*kx7t7FR<j9b|76?et^MkG}NmxQK*B)b6w^#1Iwl6iw*_WTUB0xYxG2}
z!do<gu%9A~w~HKQ?LrYtP}!;rwQ9<Iq)@;X07?tkNVv2Bd2DqBR1^xR$-IdCY+Jm4
zCZi!%sZPQ~;4(F|j6fv$wysm%p2e*CsYw0ixl<xfy%7m*ZX<+D+L$}Hd16J_``!k;
z0D^RR0Sw0xubv8fE1zGuTXA0Z<BX?ha<eW%Pd=Jmsh#O2_`1Aw*<EVR)#;rT4_C!r
zgkA+#z6v|XaFbA!Qcx$`|JFxX@Ce+ckW5u2mFdpezE?OON&$Xy9E76cjQ8y1f(rRm
ztf&SIqh}l^*^<L6&1$+m9N!ws{8XQ$YIRg?z>N3X?08S#vz%;vMI$uX*O!5Pe504B
zMu>CQuolc+qu!J!BB|@Km%X(%P70H<x2S<LZ>>EWq*TJ!k;?E>lTV9=o>VTcataG~
zjw%>tX2+jcs$sg2uw*F-1!B2UPqmxp3Zr43Nqh(4nFtHBd3xXNs*Ul)ZX?WBjL2+R
z^0pv{Ew?(;gsEMVLHZ!KxX8%cTpyxm^9yr0WT%z$ha>$WMqnZNgGdh>q$e+{fK)yN
z-)K^)V&*a!I_C`y8EC3%*K~$i1^tCJjT%5w2i=f1jX4~mc)?4&sKAHUZY4~hko>{g
zS(5l~YX>!C$8n6l^YZwvb8t|o>9H?Ukz_?@>PYoODA}(^(qCgGzH`onh)!pxM{zT7
zAB!x6gmds1fKRr8XfsOHr()S?^K)}f%fya^R8X>0h{=C?vAh(fHzuyWaff*xjY6Mm
zeaV4T62S>>_wjVB%WWyTM4k=rSdW%gl|v;_;dSd$5s6x12z7#W5$>m<DT0M*ny?j2
z9jy_zwBooUVK}paH}X6~&d7t9dR)P6Ct8QNPQts2NCtZY#I41qcfv?EnjQ1q)Q8Sx
zSmR6C$s)m$K`LwNuzbjWD5-GsZH?cI*$5{VQxu8COEqf)viW&-@aqCQShI=>yKiQ1
z%P;+`Aa18bH91$cd)vWAeo=#Dbi7>nLhLbe&6tHt6+I?tWM1mqtJLH|u~01>0+zd~
z%6tvK>6GWKLg%c&1(M?E7Tvd}KejZ&yhfvw>~gY`oppQ9g{+Leeg><}{Oa`ToED+}
zP@BBQ1hih5PEA?5YP-Cj5}7!)1iR-lRiU`_ElA(poo{1TGdRF}WYjL}%>q8Ow!jh4
zYGHD9ve$i_>Pivn<4EcPxMWM6U%$y)v`95ZEKNmfuriabI!_jcWt2!3(Md&RKN@gT
zpj!k=LHav`Cy0=S86jd8FET>Bmgm$o;2VkFDAK7D<s445_Oj}-AD7Xbw@B9xdMiCn
z^zQ-ia&*=khD1kf;Rar>yGEUX*VRRB0JWs2<cwIiUY|^lK5OBDW&RcA3;oc>T)#PR
z{Tn6Zp1`Fnc8J+2w)~}vq;PN5a21VT=ENT6;e|GO&`&A40@I<y9;V|j+vtCo*zy(@
z9f@5?k{2pEUG;8UpB(iKP?mdz4D38Ko0M}gP?o3r;|Y1I)R=#;61kkKA2yU{PLf1x
zJ~~Rk=CX8Dkh@@i?|}`YFuxqOvL0s$8!9t7%|?kmL%m!6q}24e{{WV%JxK^pDT(!i
zt*Ogd0^_#s8G+Jw%jjMmx0oemdWS6VYIN)vRVb?bHV%<}H9uYo!>KsCUb8}VaFZ`{
zlnRs7Iz#?S_8!QV=P&pldA_z9G3hZ|jWtHos2#~!UiT0xY-Cs4kkqB79on`SvB~QG
zO?T_AotAXicK7oH=<cOAmv*-yo%=~~q~oo;)KE_Lcc6}r_=(AMCf&m1cgt-8wB6#Z
zy43Va_8YcKZV(`be7cV$F-VupQUujYU0Upt&)OcOOU}0C(j|l3^!*9qGuB)a^4?z$
zNIo?P#R~Ml>x8W+my4YsQwMm4$@u@i6STaEBwsW-QaXyQ8YZ4U7=3Gg=F?1-iKFY2
z$Y3~m${us`6Yp2K$r<m;c{QAO%O<8zy8&m634=pmdzoI%sXPCit!N8v#3goeZ9(0T
z*UUH_iBmOPkI0dq&k99%RpUf+zp92WbK%5(RSoC6gb%11np}cYH9VlR-33*{M@Y>4
zT2XL6vsw7#?b?iUR}8QTm8*I_P>iM}ZL-^)NzO0fxP}d?*?_xk!`}){%djX(vYSXx
z4Qo!8Hk<c;y{mWsn+?HgLutb<-l#9y1Hb4EjB%!qapo+%Vz~V_%rzxa;j1;{C2Ida
z+TH~|s_N?hP9TAaqGuum<E=&=+obgps#YRiG8o_t%m7+cTB%K|QhaJHLIP+lMkaww
z$3bebT5F&3wARwrwpbPM+C**vtAbb5TBBB-<9LZTz-!*`Z=EyA1hDV(|9{>$ADDB_
zzOKFZ+H0@9_F8Le&#C*=9ztu@{P;h@B2mg|AP1(L20|U)lEqieznn#vjUa8^Th5Z%
zyg1240*=!_C%J&PcxLWiXyL}4)44Vi2mF@fArdB1&#NRYl<dOBZjlb<mrf}rJQp8x
zQ>24n&I3Q<5x_STDGjT8XZ}3!Laia0xxsnh2EGdA?;>2B2l@p$ZOjWw{&Z5N<REo}
zN*7f_-tj_kF8J}=`xP}|TsP)57ExKFPm}g(Z}YdjH@M?ynP6qNIiSvuMK@W(wP@*Y
zxAVXkUf+-NKr6~=`yIt-30G<gMsh)be<Fx1oaOtcuSz==E%t3>)2<Ncwn^NcNF6_v
z19qJSu8naVfecAClcH8@eG66R7ABA{X};;829G%OHbzi5RTx95;y|k6IQd|F8-vq8
zwzhE*`QlgxpF`r7g3~~pj@xOVfpWqt0VvelH&3OsJ4;Pb&CcSjYEb5M8qvA?p`h1v
zRy_5rnu+t1le%%iHLroPI28O7t5_m4i8I0AEOD3vdJWN;;EAMQsamdeuK1CObxoWJ
z9^uK)U*Gw)%9t}^*Zdp@mJr5i;6u*hGZ6X4GEq(g*E);e3v0x!CN7NWKMmw)kbW(G
z3ibFz%`48LS4juHI!ku&VyAwh#}MTiIt@fZmOl*)6`lq*7MupoHWLdD*h+Pjho)2K
zD;!atd=%${rQ9Ip);z9aE8V)so#X~O&}AZ!MB`R(y2PK^xFtElj~8?F=W7!=OUG&^
zx1oc?_&Q5v7^a&eR;UDF!fx{SEa!o4`mAn_1L^hw$AR~gi8=bDP6L7RQPuAj<5>pd
zfo%RXFzkjo37V{*A&I)z=IzY^9e0lc<^12^m?M$;#PH2qreRqo80zgPQ=UG0E7rXX
z+7&;qRlAb&L1$^2Did|<4OVCAWHNF6Vgbhf$MZofI0Xm$27XJp=4V}%k)z_LAUwfQ
zAr0Bc@#UO5nF*d8HWmPBwR*4i1<FH-KVAG733jXl`_7xArq=Gg&XJm~x)8<n&kJKI
zMCSDnlg;t;zKOc6b5G--5O%66UiV<LhgSKnseSs|mwt{@n4WXMSmyXj&H<rpPVx_`
zt`3@-lSEi(*rgZIo<$iu-Rsd2+*Z_RhYdHuMgDv*_1Qr9o$wH>Q`!9Bnt=H!(X9xN
z6Xv83?Mud$VbxiMg;oct$`u6%w4sXaX}8<k)qEFnYi~cQj^0c5BJUX;;^{(zBJYvD
zL%jQr(IK8twO)^1)_M$0Fj$eU5J<L7etDi1zF>+{_m1m~f5c5qWUn))O3Ej78=7Ci
zks7}F`~x%zj<-;m;9sUS2~M(`Z(I5F%|aj25`v3dvJ~-(y);CNnS#A3_i8K03R}(m
zoOXP}w@OsWQWvTwTOxg@3PxQcuw1x8W=78_1?%JjTP#KFwZTE0nm?h`K8GWy@oY?6
z?c7IcbOfb8?cmhEZU(zq!m?kS!Uq6Zpm@Kw*Mnp#Hv1Y(V4fe4{)pgHcXsR9i>1Mi
zKKjS8w4F!(-FAPy4`s)ERp*ht1I{DKfd6ah0wEg-QxsZFPFwnA*v+f?5vWCgSJ0dg
zpVF7q))%WAj^3Tcb`>Rlo>~W~DPr|B_xy|RN_|I&QepToyE69<lTH@yPTMQAr_X2k
z+jqXz>-`;xwa)nORdwi)=?GEP#51=Boph^pQtm67UvS18jh#R#&_tMxY%Zb73%ag#
zJ&T|dzR8!*W|jvB4TGHUL{1OStkMA6o}DS6J-bd5ZFioYSgYO67Qz6v`MSa-+^K<#
zIpsm2RA;GDW9?YaN@J>6Y1MvdPB}G|Q)Brcv&%p`;`QvI(~SdF>uAIn*n1Nz7<I?M
zb>+X1D3~x~I8L{iOWN}bk(#T7F}2p{&$4A;gGS%J#W)ZiyQo*SyTvcuqo?r=-=Mf)
z+pi?vLt+lJP~;iQ+aR{;I#nS(L5;a4kU!Y>*{QkF!C+wrSG3Bo-VH#6B|9i5hbjza
zu_wH=Uy<)lO!Fx}Lxt9PDTO!_lLb++B<NhYg(;+(!H2veG`JV_2zg@{y`V>cNY7-y
z>j{h2X=w1u0H<MSB%QI9w}VCtkbJ9YDke9qx8hGP0?B=b!q5seO#`o3^<7v`np_A8
zrf&1xJS21!_l;lFW4(IOLwW>|#POs5RQ4VDD{6**^#LL#D|?7QdDCR*er376dn>8{
z#qPRP$E_4<vq4$KQ(C%f?EB_OhdtR1SU7!WPaL)AiHv2X=6bRYdD)*dT!D7|Dzz)n
zu3zE5PgOgY`S105Z?Siuz87fM&sH$F-)PT)%K^fODL?hK*VSXb9SDSHCsm6fzhyii
zWDXfxwU4HX>nrl2KZ}6Lz}}FJfTYf9A5U=U!1<L_jTrM6NkDV{&4bCN)gO#&SL2Ap
zp`~Hqir~A)zR}<lz2C`)+S8~f-ytNC`W98ycV+P15`5bk81c*ara^;uYY+{2ejIUo
zZozlIrWW`D&XY$r*9*Scv>#;)tuF2KOR&1AgL^AZdSO4^DNY|~h_gRq&Ur2WVpY6j
zr1uh&x!vDh?A8U3Qx09=)Aar>sIpN;ek$mR7pGC!3oD2(>;++HVJ~z9-}zqHqVh5o
zl{ifkj5e$=!Zw^wH>i$jw(k`CU(bk|OsyWt$l+gLkj)CEHPAk-`1dshg}{hdA=d_l
z%<?CxwhpsmPQyBFXfaDDefAKu_UQ(Q+xL|JOv~@v#%f6NIB%c?_@CKlIi>i}uyvuR
zKNS|`TSaWo4h=vt>owXVRdZ`knD(4mPy(vS74r*AU_Wh*S%13UBWSb(3FqSZ5*AQG
zxS)haN_cN+L3iX~NCqXC`5Gk@8mjH{$ie-skP*n=3rk@8XD~#A5=Lv=DKI#9q(f0b
z(g9?qG({nCr(q}guiaDrV)E<yUa1FYj&38*S$-b)#EN%MLgJOjgm6&j!()|)Gc6Pl
z<EfXUsW<$*TZA4c{g#gK3+MrjHE9_no5DQ6FVM7IXt%4X3u~fH%IceJGHTM+Djh2@
zv&5*-RD0fJZbT?svw^aMxlu$U#A2}0P`06d^)BlzWede+H&n}f6lJTj=heO!GwLkj
zdyiB1O5Gg+d0RoPZW`I7iJCk3(ivP8#m13bY6iwxJGzvLwWCGPH1uB!ijijk_sR8g
z-#9b1s6`+_n?w?HNFZu2*H)tPPWiR76<z+5Mtdw$9|-Li*fYu|e31yQ(f4o+!`w6K
zo$vup_&e}17gagoOKY9-MOn-HlWq36w#y!WTVszuuC&K*Zm`FV8X657kJQ*=-fYOm
zmZ(c>m4q&>w<jlt_VkCtDIZ%2D^m?iGukOP+u|ZC;~SKrF-eV`p)%CH=AXu%LH9E(
zHXP++XVXx18O>g1j~iF;XlOs&P09NF@^C}@*y-`q#Kw5)%vtf&jjM<i&ezio>Uz=N
z7ClpoI_&XB8wgTV5hR3hQ#WqYgCGiA)E&HsdCvy#jlA~+@9^%6b_Vb2Yc)!Ft9cLc
z9#7p94uVD#RB1tftO|lE397cBzp3+-v6i6Gde4-;S;+)XEmC*78yC4e^yl3!qwq}W
zUAKd8OcoJgH*-SKo%<E#qD)DL7kG2AwKt13zS-g{cHW`nZ)a=8Txeydh^B!>{7y+=
zqE>)c?#2lMU#Vsq7!$%~;xVBz`<L4&VKOD?zUoZru>%WPKq0v)7FE&8yU)004-hDF
zIPAy#m&Kr$-V~XY{ng)y`;^-J0{`{50S$8ksMK`@P;J>?ozo9hrJ!1)G?`PLLxF{!
z_%S&jIEqGO?^O-I^dsMNEV5RSUs2?LE7JVEXG*`S%IMS{(&p+6o>MY@X~*`J_5)=|
zSZNjCp!GOW%|4^*>j;w^2Mjbv`O|ftuA;IB-a+(%mgSU-eE|MSP9K0nto?xEyWkf(
zWe@lR89d(nKDjaIWX0vaR*>$Um89#;r>od(eP@F|K@k0(7?W127{rnEw*h5!v<Vg3
zlp=G=)B9SlyiR@}sCKgFzE8~keoVG6<`Tu6LCkOcnALqT(-d<eF)2Uhj=q?a6mtk;
z@{8}Qzn;$4tRi3-0ka9n{_?M~vd=|whv%wtUvOD(f;A=Ec?2Ag?gGsIo-QO!DX}?b
zqa|6PzFqo7wlbve25qy4{YEo{^o51I!5lL@{4D!FUnz#c${moMZp9U*8cC|#agz{W
z<%vgq)*Iyj{tMZo`;tP|Yi*O7y=>EGy|?3WWP4xDPhWx~+2^<~3Q$DFvh%FGajiHR
z_&MK{<;e#|j$0Dedq1&(S?_HZP878Fj4$Kj@BHjN42_%uAkw<ecyFyN;uf<-RIDnD
zKb#AD=}j+aZ7C_f@LRfI73JopsiuDiHL%#o+{}B+uUTb?=42oJQZYMbYlrAx*5R9$
z0e0)J_%<)Z*)JPB0XnVs&h*Rlr0-b>{n|P*NJk?3Avo>q4c2+ZyQKLwX>Kp}lB)Z0
zOGOC-<xBEKiTL&R+PWcj$liCDME9@d@O^NHsY5eJ+3UYdNAwMdIkU<ptvnBPL4oCc
z>_63qRrHK<i<8aXw=w8LL^avd=<(Z&kydD}(4QwdpB<eC?e^k6b342Aih@zm7JRq(
z@a@PRZ1BC>4<A!4yQ2mV4RzTbFyBVfXo7DAn*HU^1<e&KOMs*mC|k4P0~=Nwf~$|z
z=G@mTQi^3tF%+P4M`c&^mq+u1@+Jl4RVu{hcAbUzLMsJ|m}l2*5YlSoLCvD<krx}r
z9;8KaB~_S4_dZhPcGI)n?9WLJBcX0-#qhM%^uC*h?~-aZsT8?D!<^50t^!$X2D@@c
zk$r>7Ug+?s_sBCJ#{FZTJamA+3iUn?4mkkA`H{2w=bB3`AH|)vKkyPuE}UA_bYLQV
z%WUd1SBbIoVyjy_gj{8G!(wHa6x+C15(xcyoywR#Hj%z$I*F$X&}0X~-tc(X5uXLs
zX8H!wiuSM26MRsY=uhw6_Qrcgs*)MzA_3VE^bK5|ltETs5vhr`?3~nmPJL^y+!3MI
zt-SfJHRid8eK)Yoj3yUOES-Ci3UlwNJ&ckLJU}DffP?$w&SRS{l8$TJBJ$sJ3_spF
ze&GJU?4aLq45H2|G!L|)sJ-V{)sg&&)SOEe<s3`z2mFD6Q5{|>75Wv;BOrTQWkE&F
z*S{;jEmJA#OqG3hP_|zzq0@75UwtNnPZu|hf>?%H(L{%N93){bEg-BZQk}hFqgu<k
zmK9k^<^xsa7Ye|wlD5oj>#*7CuuBclR$Xkz+p*1+I62%>@2uW|2r%T9Jw?{ATh^mh
zNH<q3w@z<pXERPq<X-TnJQ=WSdAOa~Drvre_6(x$lPs2A+Rk88>e(?HxOm1N?d+d^
zK`PU%^I0yS9qqJApNqtKjB6efZ8v0+r;5(k;RZLjoo|hfwyz$lKDDpvnbFj0b#XNH
z^I{&c)KZ~c>cN(eCN)>Z(yR3){l$7WJ;cl`lN&;}4MLMDwLOO)N-Li_Emt)C^I^(7
zEwVSSW&Uf(j;wPSW1s}m5$1X*v>%7dFK7FtFc=d8_PtZ5m!~F;z}F_ObxyCP8AZFh
z(%}GmT+zZWyYk8T{g8j5lU%5zz77|9dX<}+R80XK`pq4U_tE;?{rKbDTkHQ2;|v<l
z&vOQsz?u}!=9vTimuZ!Xaek9LsYseqV?)mBiQ)8|5m63J4^E$19;JN;#F(w&Xgf-F
zQ8a>NkX__`Z9l*!z2>0ij<b4fn86;c`I;UJkUoi)s-$aSbm*FGys<{yY@3dz0|@C>
z2v;;C%5zKg;hm*da)bIdnWys%ktpy^k1)t08X}Df)vdGIjs-UF>7`0;{t44(SG(!)
zpug|MT}AegK>&&73hj!5DnxGe$Hv!b{lOtj-}78Iy>x}5Nhb0u-q1*due#}8^&r%Q
zMngCeZjvDN!d0(H#hTA5KBK7@qMdJt-Sh*?_+l0zviJ8~(39R$sa$STjn3)lN?~3|
zbuFrf>beNOTWyny({wj;wUKhgh>EiKv;0#_x23RS-doL2z4no6*(k2vi-nx!Tvc@G
z=y>s4Zu+uXckpH0wikISR`W?Lxvs=4KirxPvCNN)M?E%blNR(o`VO!Y^7bD{-jn}E
zwu$vZ$GB8yH2LC{vBzJGmu()`+L1Q^K{X1^m*VD)-h+~Y0$Ns}`34}?<*2HBLA2HS
z8^>kt7&nZe_4hx->|(Tcqf+-??O)IV%Ukbhyjh*(IstQ?us-UmP=8v|Z-~(e8R~st
zHd&Wpi7~3c5@Y$JVl8*I#OUNCYfqLKgzGk>3ajM4N6ixBI;(e(f@*fOT!|$Hj`a~f
z()%-$SI#=7xgopqQC*#=6@XJ+Sz?&W6-+$wYUe9SPu0U;p8U5h8X61h;4OD?_5#Y#
zr4PZdrO$A+)*BYE9$6ozI<x1!7^uN1LTi>d+Ipw;pKwFoKH%ya!s&Gu26b_J@Dbv=
zH4Hj9swp*I3Q*r0>-?~!+I;YXm%aiBrW^#oEGXNqwF~nI&wl?_JHrqF7;{Y77rejA
zcMf0%8W#{Q1C7>SlQ_BatmalLi4U!-%9X9@<bx_(6i9mw%H&Q&#Lrr0<AgNLoVF5?
z;QVAuFY2%y*LLYq^RBaK$icjzzTo`TceIW|3Z@PRDX{A*f9eT)oHo&B)+tOJhDCTw
z2Uk9+jVdb-*)<)C3?S3=ztaFh!{iQMLejd(0<a_bqiI?M%vai_59@(@xjzx50@-X}
zFrOv*%eT_`E2o+d8kh?YM`-*=@-x)`UOIwmi<K^OO6@nKhj#p3Zt-Wmuj*RH)>#Iz
zF)B8))!s4C+}(Qh@xSi^`#YS<V4~r)^#;d0E7jCJfx7uX)o-AN`alhuOyBl_yza0*
zkdF;O4gvD7rtb>!iHg+%=d3o6LtX^~V6;xW4uo#(@_>-~J=n6QTj6W;gQRkcTa2GF
zU*hInMOgn-@kY^_0L%M@=7vH{urR~pIfW@!sKkP)Q0?__rVlQlNAh>t<IvO2YVMS-
zAKX4IG92fZBV{f!0_cYa*WU=Lz8X9D@c!%<!QuO>R=iqzm*3Kv%)RpHs!1MPp->K8
z(9;-c>kaTuQ#0fZ_2U5HAC_PG)_08sj=h}KXAWj*9S$tO(Gb9)Oe%A|Qrn^b6G6Sz
zLA}*|^#)~A@9Q*A^@4r@;(Xxer(O+%SU&Rq=X$GE@9m_POHha)zpV9~g3wV#6dne)
zT6GrB<8l!{Q4p;xXmsUc`Kndc=&Io&T~6C`Rec=`!Sc>QNAUlLT7KGJi%)^Qx1>$M
z5l#odz-}C?(Evzn-{`7(rht!mrpf#(a%)a#@^CppG#o2_((V~D(o94b5n7J5vMXVC
z@O=Z{I`3Pda8Pq4&zWrGSLxZny7)I<biSmOA6|(YuMN$$jO<F6mb|F4^Az(|qnOf9
zSf;vAL2W(@;y$-4&Q))-nhy}a+^AE!6_0RA$sjk%2j*<VFT78mlqs3#rj9~c^5O?+
zst$W#Ii^FW9t_8NxzvE9tBO6jPm%e;+!z`fQqstVG-yq;ynU-wsjoh2{Wi5}A-q!4
zWu}1?M-ixc?nDDcrBBD&I1f+Q;6c^Q;PC-5rlzD*?gId_+83@c8171}N^Vg52(DM-
zd-Q=`BrID8uMl-^;_==I`Os`32<bdJP+Z6bG+mUaT%rh*v8cyIsFUm_jc%IDcT#rY
z!|EZpN6pLWs*2MX`bU8C0$4ECv-8~qm6y2>iP!>&aWx!Zi`h;k`txDMq@a-i-@<4*
zZ`tpi_Ni_7XYnDR6zFD#0pRk$Fko6&z1@MK673EQp_2{@R@l==8>f6m7b5>@T~%OU
zyerIaNmpQjq@ukiS(LQ-R+o8Qd^oGyvqWgalWytZ&5Thb%F>yIO8_@?vUXv7!KK)j
zyXmPo4tUcTLhd5Q$~1S7iFf+>LBir(P`3Dw5Okak#EU!QnPIWXW3Jd7iW+T?wmgO%
z*U6h<5+7@DCOl;ZubX7>8og>KEOAkDJr@(<CcsU7NJ;bW@xDz_)asqXGyQW9pwg?~
z;8(j2wjR@<r;x<3_8pa8`+M>b;G05BOkc4X;2EE~9Zqr<?2jm2W*E|#5nXN)^kxmI
zq$Ku>T_I-rE7tI<gRsjKwArFNxl-z3X((tidXFe<$G@VhhOl=lUJtz*#c-o-5-_u1
zppX#<I_e{ERf6MsZAxchdhe#0e%ybeyCvvkjkQYF07<=p+c@X4&>y{`jLTg1T88F}
zE1A@n5RY^hHQ}UVVHS?F={3H4ikb%XJ{e1%TGX_S@SVL+=C)|&3A^%M1=exxgp_9d
zSpqEHQ=IC?)5mv-7_G7fpHYjtfNov*PHfaBZbD!?fR7CfL!WXp$3Fruj3((ju^RJu
z)<F*6>q;Cm*2T}lYQ)p*IcbRsi*ccAEPcB*Dl<MjF>@4pAO4ObmU=9qd%1l>H#z6p
zNd|3niqxM>laS!%uW2fS^l%ApZsw@{t?o^+noe1rkLT)!eK2!1d-IQqohA5)(0=2w
zajD0n7@Wr*e;MnIajlOzsa`<C=secj*}N%w=Wy>VB&1w6j*7}fl_yWi52n+06zSab
zLHC1QMadsEV#;)hLX!825<^Bze=;+-F`n`HQwb<ne^apKhx=c;V4L358j$@;V}ItR
z>C(o^5^UalgcMRi(G&TWsK2II)8)ugb<GZ={>P!a-KV>;GS>T#rc?Uw?_rodBL*ti
zh=Dqi$)4__G@i*dJl%~+HGqFbxyymMx8m*xaJ_<U4-12;wFV0urIEO88ej-sl@@?=
zkie-Z-0yMgPnF==cOX1g!Sv6mpq>icj1N^N-J!4Ky@FA^TxatL_$x>Z_6{Gh=%1@-
zX200$SM+Wi>1+tl_NE_jg|_+fl~<TlPi`;n%S~;G*KD3Q(cSubym&J>hA~np<fgnb
zirJ<%L61Xjt|$+KB#%RHp6;VJo1<5KX!Pa)vlZQnE+r++UoDRZZQrM6S?a$#_xn<{
zL<JFIQXJCE`{v|y38w>(MekPbSnA^(#Np$3&C~NvL~lP{{B%5X{FS4gn^Jdjk8|Bx
zj8va#LFMkBOs~hIzL6?RFpkPoAE87}w)vZ4*!OdAGI!7@`P^}m662$o6;urL#bGD;
z41p8J0E3gfiB|}#n=W%RCtn$_JNZK=88B=ghTJhzNph<79KC-0nQnSS4-~&A>~TH<
zKRdhBS-oIr=WF4z9qIaFwAiZ=#)aInofyHG>?Q_(Tj`y~1wzp~M~jHzDDhUC-QGxM
z8$QI-vGVkpMtb>)i~hps;dP2^A>BKaxf}=MJDO^ATU+tF0yWuL1re&dEIb!WClS`R
zQ%yA3S>^U_Zhke9Iw}$+e<%v293}w5y3h%Nj<8Eorvld^GHq|CCC1?BiDR2ij6AqI
zr}K@lchg7){mvoYOikkAr}4W~7hH6w=@Q$)IQs@^hGFdokji{JOs<+cNkWDgLIxdL
zk9sWK@L@O||8T^pH`_X}I$l4jw{4TGkI|p4a?3uP={lD@qMrw6Iv00(b+m_7D!OVv
zZ?O2s^g=W{kVrfO^tuLm)SLGRUl2@O;|nIX<~>A2*UTnjO6Fi3=X^Z7=_|6csB7I3
z2qxBow9m4L$C4e0B*3Jnz~qO<wQa&V#F=sIMUx&PiDs+iz8xl#_+`Md`1&|89Mw6=
zuQGDHVU2VTau?rLhE=Cas01r`!lSHfD<qK-%tumMyk?_GGt93<hz{W&_fK)v1nMT@
zOGgs`@z%qH8WMj?mxSTbN&rKlQL^<<UMGxv5}p@%n1hMIPODbb<jzs}uP~u);C~)@
zgj<($TE9i1V8Rbejx|w4qe>Tj`cI;Wc<P<(E5D>vUp|5qVjEJzeksKGg^QCrCp2A?
z+<8gU&{Kw1!E#&!{c;2Pp8W&hBe#9R_)=}{S5l!^J~xr-$xcf00jQ1O@L9rP*u&W_
z9kIevNxldUR~tSAO=>%ubcHoc_>VPsi}E#yA+Lu<PNN2@nRPc+Kr_d&I&0eo>r*cl
zMm2k!9S*4D<-ZDOmMkL0N4D!JPMd{FW2R}OaZ04T{|fi|64C6^?IcRB3;PYUI{m8D
zNT;nC)uVh<z3Eg4zTdf@kq9J>m@cqSeu(K2ikH1e53aYfj66G4SJZSW%b@9C3NZo(
z(`o(5c6t$(+`k8L_!`}l1rp9xu*_PD3GpuEE1tR(mQ5~kE~<>DE~^qUbf{S=%u0cf
z9*M%r1VfREj&?WdgwobrTZ4isy-Eu6Su?viqcKFHzWYpPi4|!fM4_yvftW1g2gWnn
zF9oO~l*y8cv4vdh-mgVdqi52!9VE#f_p)^@l1a24TL3HC^68}JaRRr6cy%*!UH?E3
z2`N){DJK1rl{$;}3G<e@+IYoa>Ru69knMPnaev1Fx49|sDvE4iHJ1bmB6CN?+;%{?
zZ5A>YgaCPkMBaKU{;(ST-_BR7G}r}<>9qtW%HH=lgQdscbGPQ)Ov&@g%xY7Qp;;NX
z=9tM+_Sg5Dnyb@#F57si^}*C_At8zW%`Gv3HQHgQ3NXGhZ&`o|FG<BLby<P1o`D>P
zB_eCWu)Aq2-Qk;+j^eh8eYX5mnj7e8(KI;`9pT?@BHgN~x{EpaRH>@x7Up-|n%7zL
zen1Hje}vijdQN^vauIbhi=#k{%MU4z{2q4}B@tMtm?f9<GIuly_nQ0FSmwX>A~5Eh
z{ub#HsV6PzwK~V3pn!Q9yG827A8yhtdR@xcD^xG**i@(OXI9BHG5;S-%9NazpEq(}
z=6jUv#F@F@kLTPM^y7HSN4*X&r@mjsjsBilR$hNvCG85P!@DS}=u!@xnOX-xBi!84
z@${kCxmCvHyx^C{zsm0Hcf8S(z}9VV)_|bEovitI7@Sc`QPWB>5Zj2OGBnY%_^@Hz
zt)onT1Z94CbzFc&xSTrH$7CUfCrV6p4geydZ?_sfn5~7nyNWR~OR?5KfTx|Z{7Cu-
zA8uwoyk4tGOJz5P@ep!wv-}zKSI`k}X<|V;R3tMx<SY&w8p0n>0UON@D=vQ{={RP<
zY%cL0$vNih)?MkQLEUi-#l~PJilNwVXnZ_#R^EA}n;xcHgUwLv7*ZhRN~@!aA93rN
z26fCk&|9KUvd+O@+kk9w*@qGKSsX`<i%(_7$+)XNmN^qXhmZyfF&CBW?m{86&P$ij
zQm)y>pAHu?#A<q-MU6^Vx7}GX%QE;~ryWr(y%x{NLqV&5BdD5~83v^bdNk9(eZ62W
zed(X@GbgXiqc;p^CnyFy2Xn=w#5caw2ve&>&ALP#_eC)}PI4{1Ix$o73J+>Ks$K)i
zz%ttGU>H#MFJM;jr=kaLk+T#DbFa238g^$X>L@lOP+I@aU~1|z)EICc6iX+vZu;w4
zw{GhLs>eNGJFkDY*W}aiw_9n~JU4UjLp-lcWG;S~zVs0IKIEp)puJO(TKupWvP(z3
zCzp~P*+ktd^H&NFx$pbO$Zl!EdX?ul!EjUe4O$c0{w$oNwFxd3VGFUefef*_jn2|B
zya@A*?i4m5K<vPunVTLysux?MF(Yv{xsi+3<-XP#yEef#B$1jdw)BT~*{J+ZR*L_I
z-hdZxIms81`nIcioJiBWy0vru<~>YU!4&fD4<y6Qr}j_FCghqpL(qb}hGr!)B|Q%e
z;suK_tiKZJkXeiQEFk88@5);2|1JF-r!c*ndJ2ncHq+=|y=x?*NOgj`i@wGIjS;_*
zyoj_pi~el}V_RceJ(%bHtUYN&Z@eJs$8jtktw6A4;De0CYFNL7y=ivVsqrWe6k{N!
zwkScI)q1A$Lq7?FDig6vQTkZ#rsg}n%Vi(-ceT|!)?S%_MP9_}f7?5lr|x&o9I||8
znK^rWO;%#9whRi#Rj<Aq_2k>%72IK>6o~-^f#NN^uE#gtP$t+Aj5j*F2QzjZpp)d@
ztZoN)^cj;>+$CcYsZ}>u_t}v&UWHQKQ~Ri~K5HpElJg;3QA?u9&=@HE&VXa9dw$*|
znTbqdro8FbaC|-Q!CE@3-fBa6P0OB}{mp7sxxS!Edfm<DTB!6pRGLV=l5<GiThYTj
z^_^>T2a_bPiPZbr`}ho4hqiO^vTn8s+hb)2_JY&#;6T0UyKq-|Cd_HQrCXC6g|O>@
zFp>G5L{CTVC_~@Gw?B*}*CBs;q^VJ!BfE>5-j?S`lR&+qkh}=$WSmPrp(qKV9*U>z
zs6L)rm8G}isg*r8LO1NxV`IxU9{i&l{j+`VFo1v#;ZL2G<wN@bmqlLh3rfN2_r6VV
zze%2_&~(7!&`uxaa{hJ@Pq}YEP}Y0j`2Z|i1M6DkT@n(e#3LtqH6{&eHMU8FRka1I
z)6K>@(V11TvUU05z0vpqh^5}=wpMoeqQYS{#$U;I+?HR-Gj{|l`HxL8fpdH~a1b1h
z=rIxn9Fg+}<A}`FHGcU>DqMqXp<Lunbs_p<QJ{U@LhIR7)Mu$L3L)3srT4arDQY$4
zEbJarFN?nl<wgn%kyOWFjW8M(JMciM%KwMV@@u-x_!E|anoizJ#&UBJ&_U#$pO_hT
zxEE2I((`NGG4sQ7_Kv3~RLwsvK4$3LlgxQG$p_E5%*Aw6;GyCvXO5lN)^7nlz{K<@
zR^K_^{IekjTjF)mo;lCwCidsNu`lQFAZG$OPu&(y?b#p2a7>~CaJO=awoB<)&-`r(
z%=RDm&f{ChqN%O%;uoDocZx5jVN0$v1{tpc7!^K`Dv?>ZN^&gETtKOggJKn!v<gA;
z6l<VKYaf;3#XqcpT*V|p7tN}oo!v5Py`7q5ubz4+Uh}fE=tA%*j^BeNGkBSc%NJP3
zlVh0~k-cE0;&nOL$LBT5Q!RCyux}UcG0)a#-+PTNMFW<BlaqRlbMqNGSt*7s4qP`N
zWA+hlF+|5_9S{CnfN*sb4(pibg;Kcl!CQFqE#exPS@-=>TqD}US)cQhm+%XQqN=bS
zjt8Q@p5@U{2dt6&yo>t1BtJpmtB6@*H86hs`>40#5X#k*sii~XK*)mHO=9EpB<tpT
zs`b8ce${#nI6v(@1CIf2;4z@LVhHzX<%LYZ0}tp!;4FTQ$rDR?@ys~p{~r7VJku19
zbA4!`pMWtjIqF@slAMXm8F}`P8`1jw1RO&O*uM-Z`uqeO=(VXTvdTTcz-+#IfHQCp
zu+>@I#dOjFxQh1rPQy9wc*p{c1Kgw2@L1}NM9uroqSr{r!r(0VKreaDkEgmtOr`7l
z3Gk1<`&|Y2-P`9aAm9=?0I4_k0JsldAjL|s1FzAin(KhnE9O2NI}3`A$%D9Y7pb?E
zDi~Fk9@r|zGjX$6Ka_A=eGXo%(|GdXMBG_=iV9$5!iBg^Dac1C?@!xJPr?Q=RyU<*
zPMGVHyPcnRx?@i7cCPKH>Ou`j9&<GtYaWvG@Z`qs){b~;CnAisuz3<*yP9GN{fx_V
zeCxY$8!-PCpW{QK<h2@ZUTnJe#^?d?O}`buCd^j*49;IMBKRMd?*Kd<oGykBzv3L*
zLJ?seokJVw^YkRx^0SdHZJl$Vn;z_r8B*_DyAf$X-PZYM;vK1e`^Ms?Qm*h#J>zqt
zKZFV(i!|2nN^yNvsm_*nIE>e31k3bC;@qW}d>+P5?KNZdwaBjKT<2{PvxhswyXZVx
zlgsz|t1_AmnU=u)z+RLqH(7jculvRS<OavNP(cJ-L~hYoxFGT9nM0Po-NyxqCvQ}{
zaHnxGj@0Ykm^Y3tXle>>0f4WmhXQG;!}aAE4S?~oWBwvGL&nz4X9b+iTiL}6U@|^o
zd&tcIxl?WDrQ=`|sWe1R<b+H0oJhbZWD6HWP6$><?-<}W`Z5E8;2ZWzu+u_2w2rsi
z(>KXa)O|8<qE5IbG8VD~m!AoGFyOgf(6XmFmHow^A!$A%baX8Bf)6B{LW}(8d>}O+
zXpsDU&8GN8h{yd<KL9CQ`n`+a?Css7z5)6Z%(Ub3`UcMGc;suHFLHn8w8-&gq9s)g
zw6r!>wk4<gI!Bsr17eGOVd59|7nVs$Q|hn>5ipt}$7rKftA0C?BLlRmx`q#wPMf*i
z3=ZL5$BbTgk#n00Qg83KY_+1RD3eb1e$Gc<T(!4^PeoLFhjE}S1&9+2lu@)8bOzUR
zSL_i=i#m+4^X5?7=OwAO)(9haYmGTH$dA1zHK9G!Zux~Fqs+y~iQdzicbL<jgz?9J
z|Jc`%*M=;R&-c8f=+Y+^`s|C?aZH>_TQDseN%(!chf8)~bZ29q-O^uP#-b7np+IPd
z<<k3CfEOo;pl2$wS5kFSd~=N-@H7Ep+yco$cIZOl_OZCqNdqgqf}{q>al3~L5HWKF
zrb<Wd2FUjX$ZgiDif>aGE2iwV-oKLI8~tF{z%etTQ1(Z3ktg9Dno^%VE<@3Z6~z0-
zP5)A)ROX0$(T_~_MRqE3f+7(GWlGPqQd^BL&CMdi3(s0<hbzNZG_jT`!$>QwG!mp<
zz^B;)-R7r$pJw~1zpK<);aH|(vULV-0lBYI?b}K)GBGMP(}(3&X*R4juJ&^rY&jm4
zeC!v>@oNQ(xzT=yjm=caq*ZzLSq(;u<vQgkABY_%=7D&gyr!zWpC5B%A9!ntL4`eY
z%Fbu3nMd@+{6R5aCFWm#%sW5Mmv)U}*tDOr&X0M!FQ(bAN4Ii9ZC}kcU&n<&;&tB2
z?zQvNUhfd==6viq#2PXPYLH4~E<2V$PdiC&@yRvk&gJ20#pP)VJ8J7>^trq{3B*Yy
zslJmt$#1#pWi5Uy`{{Dk%fIc}{qQsC{ce{6en9tfB`JC5@S}Bs>QzhjhzkUZ{N@o7
zR%N&S47(Gdtjfqkc@q^VS)&GFRyM<D?sS1j7*e%6A}dIped>I_Fq24&+0T{$bwR$f
zR7~bR+lptmDGsxko{E8&U&|lI0Q-+wfYoRJ5zkD<C)mPTlq`fZvGkBwdNSUT&W4Ye
zSBXADm7DqzdiI>7rGCW!ud|s$2|hI#b$0HW2p97|CQ}bC1gu#eX`u|KCLY`xPcWB*
znD?LXIaR!UyH<SvGE3x(mX%3MiY$UVc#>#By%MRturln!0@-GAZLOPWiZtG%akeGr
z3%}$@;(SO!B7L5LJ1#vlG%kJiuta)%RU&;%RM*$EPE!IHsJ63tAqau&&sgF8yDXwD
zS5D;!=@tU0tTvXua&#;`#f_!Uq0RHF`}iwlSFIh^Z+HmY*d0reuFl=*EWU+6cg#7V
zx&L&>oH*}kF^`n8poh{bQF>uphSJMVDc-&4ZCNw9gJ)GH(qBrXe~4L!5I~dn_3XL-
z5R-DNNo%FE<TIkT`kXy;R9%Lj*rq8mCu!6*z_X=y)IzX&P?#n=?IL^nT39lQzJYil
z-wK{~8;*WBwK*yx`FJSz&4S{{J~hZ*&r^8SqwJYGd>L|PxtRbYQcq-m@ThJwc}Y?h
zbWSKtE3j5Dm^#dN?B+R97UdTMveT-65!bp^Qc)3<Lh=w#$*2T<Ud|9pjZCCwB1>UJ
zQ}Zelsqs~@)cEQ|>g-zeZ57hL(eiCs9ZM~&kEJeQMZ07wR~yFB4`2rZ8$iCv(_yRx
zMXl2+w<q3_{6sfQn5rAh8&XF!q`uBgPUnWeVZ>#V=n$D_%&o?5qZSmWf*;lMbTQkQ
zx*@p==m&8Eu6a{%0v^4O%>%*=HG-yB>B=FrZic$>2908b%$%3=LWHqW+%hXsF04>v
z)l~ti`~b`yXCYI00VG%nb3@{$N+Plv6pzW~l@pAM*=OjMuP%9EqQ@nO%8IM4dDvNO
z>Iz%mj1@l&KEXYeqVe@*Wa<^+`OnNj-G&+yb;a`^PSiz1^M~6l+n%3yewTL};L>*$
z3}TnohtcksINW>E6lYBpZ)DaT&P@jNX`^Ts3V6Vk;|`=@Hu|GoB;Us9as<JgB{Ws?
zj%mF~5l?q|iw}lTU#~JM<29aq<hf$0>YcVDkuBs-Y0xc5&&X{!%%5BKVDvtCVJV%(
zQja5;@W#S}@dY#QooMV>z5skqp-#t<pwN#+x8&VKdICgj3ivn*!2u5rK+NN;;iku8
zBJSu{wXi5HP5$Cm@it#7V6++-%Fgn`MU)v(jfQ_6v?#WlJ~@(odZ~!GSj{9CwQy>%
zBMW=VP`;48IBaHlXI-YExz7j(vsed(noD)6T(ovs^z5(GNguoECEd!wvFm;okG<}_
z3dx?U;Pkz=@WZU{PwbQ)Y_yUadpH>mof|#RbH7It|9!2t5?8IY)YSgKUxbo7vadP@
z#iML13eAahzmn?LSyfWC?V<kXB<$(0KkV1fLBPhI?4vVP@y9+?lR~l_dm#X%_sC~|
zK_~7Js_Fo$sXkP722~*MAFw_Zg(-hyNd(BSvU+2e&(S8*6MmV~cZtNgX-*`8g%g^q
zsYQb{+p3&aoz-iMh?`zzUd5IY5>L;9NHx~F=~<(tlZVXq)ge053<vPAN3KuQeb)5j
zvFQ<~#*1H?!|~$_up!#It=e1jfYQ}%Pq|}8M4GoqKu!=8e?+9W;%h$>B9VgK-JN5T
zSDadcqiz{VfV^Y3H=J4)if2x^blb3^gfs4g+!(=!Q?BkI1^S!Gj*jM!Ty6^*I;V2Y
zF&A9;T_I-WaYOI^Zu9rPecY76Wt~k2aoCUKS+o7Bb)#V|3uu#ahUQeYTsidbY9B=U
z0{o#ZoumaQSrYk>1EuEua}VhBy(H3~Li%Taz>2d<>t$<Hlqw0G;nKD7)kc_N=}TDM
z&Ku3f)B0<~fd2Z#X`Kb$sL$Nu*XM8&>~q&_;<K0URnTi&kiUiIY<BNH=5m@wi`=?U
z^S$VT?zHZ_4Vf#1u&_&C*5Px|rPl^s+A0s8;#MZ6r=40kG2L)#m0QCt1lMke4IYU@
zK9eYHst@T3*UdP$B{iPfL+p?;N51zI>}oO_!n5g17<6rO7X3xhSJizp9vkbl{f|D(
zi{<t9w)T@~`gl1mEO8#OB`$mUAK(~LoGG&MNPdH4loPb<Z~urbFFJFLWb@ABM?Hmp
zTyh=b=}lB&lH14%Z(@3epuSj8Z_|BhgAa7MIqcdF#x>LxbH@G4X*-w<KE^cf9ZNw6
z|K*jbjO3@4&Z18sV#zTmV8177mRz58)7+JjTniSmK4!PA6ol&pA+*}1)O%k4vIql?
z_<JkHE~i5YXH~^x<+C7mBGru+O15*;&fXTgt)cC|Rc_tI@;di3UWIRb)hC>W_q{~~
z#51MOow8riJqYm`98JkbvJV>795A1OgXptS+k32Od_2vm??)wbVrXDY4kN}myMnj#
z_HRg!FOO&Dd=kryD;bx*P>dSR>lTxhH}p`3fQ-=xpbW^}a|gQ{Wg%MR-E51m=U&BC
zDXj1h=y)MGjhTr~Sce%(EhCURt~S$EXZ7;Pb$&o=WV!!xQ$%V4Qs21N5AgXdsfhfP
z0NZCZq+YJSv&8)0t{{wKI7rRD@zgwe{9}|u(gfDGUmRJ|&>oNc-pzdfvv_9KAgaZ>
z#znvH#nAZ7$>`R^BWt3?o1)3i&oHz>K$?{7rUB};hIaNiizM!2c(H-fHaed95eu7(
zv+9n$SggHo5R3j8W+V4eAN}=yEd8w#?8b)G-^l`$6@1A?(QYJuL8q)9j+!L;UeBS?
zhPwEu$57vlBG?I{0|lYXKHb{cruKC=jt@~bE??${8rr8g=n|ns^d1JoWsmT(nI=6P
zr8&{EO*5m;C7m;!bsLIjItwS15sR?#vCfx5Wt(TF&e=zz0R{@*SH`l!f&vPKAY`dY
zbgnirO1r8QiMd7`LA!gT#xs$63&I?Vb-p<|mV5-0+)nRMu-~`FZ1a>ubV{ds3<B;L
zWtm1-4fgD=Pg5>vB#2)8h|w5=713b8cL!ldRH|`GqcOQuhD2AxAEc%4w3-ogT2WgA
zn0TZMoo`w-4n5HIqc+8B-gS%54o5p*4v#B)77f>`MA;S^NMev@TIBcb=P(AcWUg&L
z2i8n)m`tCuPeW=#nVS+b5|6Cng$WvuKzgTC#Zy15j;F4ybyMGl>!3mc>)R)|_3b~5
zu_~;YnVK-s`#Wupt}a){tntS2p`-f$Fu2}fq}fydii5mHt4+I24(eM5G5Q$|UBP1d
zTXp{prr_5@FU2F<)u<16ZHT<j?~KTM`gxbvX^|fF)H?#{*SWJ`cy0U&>!g-6<^7U4
zZ9)(-FZ4?<iCE!7R7$B8USfq0R^gg3BO)prRosF`dh$3sF7=@X&j!ZLO!|Z&Rn`TA
zHFM@1i-Y{3{`f8aHx)LtUlF;!LGz8Y92mwUE8}SwSMwccwyw{OH-Gvz+>7LmcR=!;
ze)7yL48B|e>6U;pLkFTv1O1l<D<HOAQSd}2!b|=nbQ9(v3Yv7--bItoAGRijf((gP
zsw1zD_P&UE4b%I1QpPe<b|x}E4kgkFkvXRS_q0<~Ll)~w1j`05!frCbf(X*cMD%WQ
z7I{ngE$s08ApEZfS$+cIk$D=2W?ma2P5jP?%+=2vUQu^ccV6m^1fBAw7uNW>L);o^
z(Ey0#ihzscw)p|AkyiiZrbyCaZi+1O1A@IQB=;%;yw4c#yN$#zmhOi2SOqPPrm*&5
z3*NDlF0nbfiY^J=Eh3ZqqMweti9a`83F$cHZAf)_M^kWg^=aOFQgpBiTFAKjkQ@XU
z{*dVMh0hrhZ3PYaH2AB$ttfUBc2&On{?~(3OYb2M*C?F8YeVFCerH6E)6Z9V#m$?l
z8|7U_D?Ya-n{@55t6mW`wVA!e%6&=&JZa@VVdXxqaxnxVc#F#28eNUd+*8F*vsQSI
z;w<?8pq6f{<y95;iq-OOtL0_Y@{-lkty*5}ujMt>a?yXP<$puB8m-=$s`o;x_X4Z;
zeAWA1tG7}0e#bkV@i79h=t9Okk@`n|Sl^F2cl|&sSt5kyMgp(d>xXHf(9~z8xY%DQ
zY%1C`%#HJl`SJgKF$Jh|0jTry&+UXO{&&PXY@IMtols$&Fv2=vxH@4!>x8g6q1-za
z#NYFv{x55)x0+-O6d7kVHCRojtERD5Q@v`6dQZ@%{1hmxQ52N<vil-|IK|5TqRKwf
z%8ppsN2u(>t?Vk5eV7~|ZT&wleySCJwu(Q?il1i1e_h3&X~j=f@n@*`ITYW&HM8@}
z0sQSOh>9;yjo||<J+a<yN4j5>CjB)esUbJxy9vtvZiYyS|AD|&)*^B{D0!IN4w@7%
z>>m|7<w*6QH%>WHJ$oY6Bc1um;mJRH&j#<Pw(MAnYD+!gy%onVhP#*T&Z8A1!%~1+
zx=E>8RElJWR%-aBpqA;FEKaTBKH;!aUgX_EnppaQZK?$E!(6ui6MCGbzf@@~N8VzU
zf%SnTc!(LxcyMkg7LTuC{@0(BIqhrcoIJ@Fd=YDjmPZsDO`SC?no5*K+s9$N^W$)A
z<2V6T<lP84-=*(HZOVQRp-4gR$v*P`!`{0))7N|3TZ7&k`+wDYxnp+inm97DpkLw<
zyg~GJO53UsZOTjukLu`&IkzoUhd1v{Zx6lli{8;lli0xVr7Kv!aTd3+#(EoIy_ODF
zOmZE2|JS1F32wCIfo?JuIoEZj9_)NQJTv(b-bx;Xhi135{gfi=sCSl2DfI(hkwSE|
zZjCt&9c*Gg7)Ai^T}ZqUM9xPo@WD@IREmO3l)Y%5IKGO3(T54}g_!!NlAvBg#)mKH
zmk`<zj0ho|RJ2AjnnK%pEz<nyeQLpbWBxtW8krTOo!u9PqfLc@UM)dfJry2HIdRg<
zYo&{J*Jz$XhLFCK8$n`!TDh4#9Id{X8F(rM7cf-u)Sup`=ik{9yKaVirwPbjccIXn
z(Ze9OnNzNtERSuc<C&W+jjx}_hB*eZ`(-+<Z>UtJUz=Wnv#eM_Sxt{>WsT{mdon_e
ziQ2GF<uD#8&`Y&$*}DjXLfC;xxuFar+{A#{A@os~26z$uy4l!Rr!-xl`Edh%5SSRq
z4P|e|cu@l)R`o|nEvL8Q=pdr2Kcd4TMg$Sv{Sn(N;^Q`oLKF_kE7;5#shPz>CPlk0
zbuZ{%%~M+BwLE1VD?`g=yf^KYNH63JWL_w@A8(w`_YOflu3V{*)Us)CwZ2ZZ3um}2
zPO{e-lIr@lt)}k;EH0zJg@!5<+q5;usLvHf6_RWD%GVkuQJi?@VvVbBjNg~GC&<&n
zGdC797acm*ULp8f?Z`#NC{k#oZ4CFU3+2N!f1tj#4+Kp?RPk$|i)F_51c@bn5c4ui
z&PTAAV$ueZ#0?UpQj-8gs}B>YTNzg;JXqb=L12FusMcjR5B%g#IR|ilB1gCHUb=9`
zDe`mXT+>OuWXICv&I6q#7fKS4+2_;>x&FvslIFK^;*Sh%1l++++sR4@Bx<ADtZC?d
ziNHX<m+bg7xwFz)GQuw~HDdPyKfK&;j5Rm8GmKc6R`>;8ZT2|?st(aO<DJ~VU9|!{
zU8CK<$euDvZE2OM-YH+@wW;ou;}p{NGm-`4)J}yUwd&j3X}eqz1uYN(@h<F7{muT=
z`#Wv%T~dp**qK65_ECk6p+9=4WEUK$0tdX3{t7<4tf2j55grx-)WNs+1lyXRicO>s
zz~9elyH^nf;EU#Yw<wS_Td1A3U*Dhk>i*0}Hy_cL5ke+{NKH11B8qGD!TE^I2o>Z_
zwW@@V$pzI#%_AgtaNVzj+>P~`vgC9Tj0boRR!Wmdb6N*^8Y-u)hA)JHN~Dg_q!(?M
z!lKL5N97wxBvhJ8KgsW~`b$)KI!|GSP)s{RUpd6*iR3;`>7}o5(IlJ4G~aJe`c~sM
zKpIYvd|t_lSB1=k={yl%JFS;ly}og&vl=rEIsy7bKIEgmU$J=l{CYIdT%^U$A}QO(
zil6Y=_~TW1=2E1P4Uv*4!u;e%NFgT>n*4~FeI_I>dViQU<M(fWLYb?5Gn3vBd2`C^
z>B=H%E%MHQ!xoUEm6SdZ-B2IY^ZZYJp!Dj43n%i-_dxT(qNX9L$W=r)j0=s0T@olo
z-b*m3h2s(M7keC+wpl{if)$uf%lAvuh4~KC6)ydKl>8@oFy5!p%YjVzg4}2l`jX<}
z=zI|{uL^U%=>1xl)ns8xzFb;h%Tx0q9@0K~urN_RvZ-m0Yu8VtAw!zo)~-u~h~3t%
z=|P08U3n0iMrzsg*RT_nAdd>ETMahhvZjhacZD&0Z!^>aBZKd%AbtVg=1E(lT^+FP
z!fb`ZuFne6w*+0$5`3=;^0)J?u~}wMf4x?HvxE2*LHZ)Y0^s6X_4R1RP|r$>Z$Q5n
zU^{}31^Va;a<&IGZwbCv1TD$(t&+5os3i4=Y8G8k{+{5wD@ean-wbn+zLhQr4+Y=t
z0mNYozco@Bgo`SuyehuM=^WaQ9a`}I1>S3T$GgtWkuL{<O#~hlywB(T=-~ZC-sMM2
zh0Npq*x<dH_gda<n5c};QHsLH*~P#lKb2qO8<1!5$=6qd#732ksIhVorF&ZMFizF(
zc<HU!ya1h&15xpViVbsGbs!+_rcIj~X;g@en+2Q~S|vYx+r6D6k;12mtfTkq2*L!{
zZ=uA1mhap0dGK#+7`zx+qp2;?+e%Q-cNR(TAHyw>vsff3k(v4#W(OwStTI&s&PJ-D
zD7<_$Gx^yks0}Oko#kc~FXf5Z)*`9Vo?hwJ^vwB^h-ozg#_n~qTa0Yh_ga&1{)*4A
z4e^?%oaBdU4ZPJ9d^>Rw7M$(mK;shkfI4)C8P#$y72lxR8lT<y64Hdb8Y0u8cqQoU
zu8Nm+n&oS52u<%`2|zqAecLh&U^o(RR=?wxJ)(1-5eWa0SaL8MoYaiR{DUs#v?^_D
z<{gnn8sII|haG6F5NyfL_Y<&6oM@~Y7QGE=dN*fE>aFBsJ_&-%aZbywh`PA(_BEZG
zhT>&A`Ft2&S@@t~Wep>9BefUNBSl`<`_QIdj$L$*tGJ4I@m5Z+-W;}f(UkLtwI_-@
zk;}$0f@qrzREQ{CJDW(@*+h)=xQGP+A|_iz+#*~>h+&<g^Hn#0Xz@y{^A!#)-r&&U
z;o)8n%Pl7spOiR@?<Kh|du~0Ana$91V$rG+bYf8@&dP3|y%C6=yQ0O;>T+jwY;gN>
z^WNWnbz}$)6K0q2YycJIA0fvrC%WoXG=q^UV^&=qDJEjoBuOHtc<YGpJ9r~+@pPGY
zDgd=(t-5M|Fhxn;Cjc?}AW-lVP_RT8;-g>-Y)DfmdS}$j(E8*@J#$9lwQ=aYGr2Z&
zr<=wmqmw~?B!?!yJhi213^5dPX-Q!VSSt{pO_uXB>7h)D)ja4V|4d@m6pVSi+RyD;
zz|-lp*k}3B{W`5*MLybiI}Z_2Ej?INFwZ#TzB%$&zf|ve+JwZ(MyPPqR6T`g-C_+?
zX8nOxAPy(G>cjgY0u9`%ij{3N2>;<Nr8tp+)+gy&nTm=+N+$S)IHid!)^pr&sJT4i
zLxAO16Qhy6U2bMF%Is`nDcd?&cvG#dtB9|&dS42g-^$&{t<(U-Cl(vh%!yjHI|<Aa
zYEB}GIk!4d$IRv@7tpPeWXES>DvX#XJE0^&ZG!tQD<BBy#d3xrmN5^Pmvi(}&CWv!
zbZb}J-n^+R1!*j~ZV+AI&pNLiSu?$6{1}nkc`cM=Lijjo^j1ho%O>SJKX)=%R_1Mj
z6H+=qFE4|XlfQf+G(vG?RXg*gtm4oQ9KZ%s5~NlN@y1KEzFW<GMXPtOj>x^9sI`iu
zxR4%KN7OPZm`agf*X(d(o!)2^vvmT{*GeJeuc;$?=Yih!5);EWv;e5HdVgp2lwyVn
zyV=>?%P@r<nDrtmD9-9D2MGh3<(vA)_&vIg;}rSInXVD>v&U@5Ccdb3Q`2{t^my>~
zx$F`pQbaE_8Dh;plp+Dvt=Tg7v_8o4gW}0-v@aB!GVg6`z(L+?_B_~o!JdbBPxH(J
zAdbh%lncpWoYfob!a@3O8I_0lZz^m4HqfV8OP(gwQ1G{cCr!r8h~m4I7U~c7&L%jX
z@%Pm@pU@2m2S>n{u`MSbSJX5DQ}5&CW(SXKbx$|H?&)ks4g%zo=D~@X5+XY^6F^4L
z&`cmN6x)M$wi~FU8P&YEvkR}p6oD=hlzHV?R~FVAOF9o#SZYQm<i4phYzk+-_N-Xc
zDiIDQ*$7-MVO{rvt>n|8wBD1-mN8imdOF#E%vQ<Zp177S#c9$!YxRLJ3hfR)C^Jr(
zy2ku@3o^HS%YE)GGa{tgeD4r7n`zvr=SDH8vwi2h^)1k9GXSc`EHt$v`P!B4<FC18
zAJ=mkKq^adxXO}Mp6;alsJI!k(Go^V-NSsUCcY^5L$kzqpq}^aS>sXKzHyj(;NVEE
zME;~P9f@_m#q#rZSbQTfeuKale-GGApm)gLnjaU_G8#SIO_f9jvMgL5@QK{e5YdNd
zUe-bc%ntNL7%m+A1eD=nMP(`yo63u1=g1KEW~(Oy+^1Aj0PxM@2=fT@8x@pedRdnW
zzhLx*P(?6aBtjn$2jyC%z5sVo)@iI{Sr`4WKtw_*L4!8ZTQl2v2AY!%k+ARK1{KN<
z)rE;2KhXyyC4zxab`A4b=dSqZLH&pT&Me4&dk*CpGMG#T1#mvEw)8W{CQq)zm@W?U
z?KFr{Vj9)Qod%gjISoCW)xzBQUOt*{L{kHqPM7*d<2c5jSj}J7d4P}0$49dNbA^!G
zpMrwaWF#w8C!O!2bwm^A37Nz3)baR-R@Hcc1m7=y(8qU@FcB?F9TrVaTUZ!=0=@H}
zhS)oxj5?V6E2%5Q|6uN~;#K}W`sT)}9|(S%8`^VdV*Hvk3ZnTo7Q%_XS@AzCfPxpa
z%KN+7eO92r3S9)m-DXFV7SjQ<1Nuusn<8_F95_W_`F5Qm-VvnwPfZ8Ab7*Z0m>>O<
z<8%5%^sv-Pz6`G-G}ZE6WP-%#{h~pPKJo=4WYVZ(w(8#8))~|z2q$KS_2Xv9$H@hL
zokH7yZtC8tqIgY*oB29ksRJ5%;Ka=FkjV|Aq0j}WL)|0I|Mp5K8IBEQkgf5WcY-u-
zO2`036JGk{w3e|=;Loh}12Ta6IPx2{X)Lz`>|JaQ{OVhJp-JZuNw4q7)1+8gFCBi_
zNZ)mzUvHvrbMpr8bW+lqz2W^}F@l8zqtJK_V~X}Q;V6_*dn~g6j|`7Gtyhpk8p~iV
zo)pY`;Edseta4mwQTaY3fPsH6ntHF#d*F;neLnz35PKhtvxGe8g?#|HCZm%TH2@%y
z>P*yZjb&n7!lSwoSSDoCTolwjEFwgkQ%HtC9kMH;og7h>BMiZ;quH-CZ}MIyq39iS
zZ<`RlTGLgdrWvj2(u|o4_r)lLjhSMyxmtbrlS_F*`dFhB&|}NXa%|7k7O8$}`XDwc
zDGt`NVy$PzO!+H{E2a0yoNp?wGIGF6wXa%UTq|s#fc!+`X>|w>4F^R-gnHnY(6Mbf
ze606~7FZ(sDf@F4vPa6^v1^o&U-J<f{Rho-KGhCBKZNps9?5Qv+(e$fjw_(r9TXB!
zZCpl?$e$HEDbjyisf_q?*Hi7TVJ%jkyug0};Y=2PPH~WC-K_@-+ff}ltP+@MA<ET}
zHN3}DC-V-aRHu&?zJxU@Du=@a=r^8kNanP56B0+$TV{DA7HwuIN9(O#D@SeN%CX#9
zm_7VrRR*;T2oQSbhNQNXoNACT56C@iRPQF)KQH+%wXk-UezsSUd;YMW;NrXYMYzMy
z;KorXYOvUSzGAT^!pC6KZ^1Lx2&t5Wd%KxG>%DvEG}~kEt6b;+hn+UD(j3o?vx5tD
zoc9i?`YU)@UzvUW_Nl5btUv`9bWu=+R@?r}xA>XARhaoGI@brSzkmJAHYAs$VX;0p
z+<wRC*FrC7z&?P^1>=Lk@n%D5(L-J^t}n=%Y97ym)J&3-Be|oMioMs#5d%4Qh{ZDc
zjv|J{Q%AuY^%bJQVbH0{+c%))8hIA#IvX9|vt8fRKA~`G3n{bVqv?UZsqN!z;p|o-
z@eB5p8wAbn<-Uh$$b%|_Ob-&NFw9If4WgUbFsgb!U;xla*PG3J7|NzWRl&?3R4wtH
zM$sv67{v5vC)Xvs_A3Lwt#W^|s12H_PMiGQMDMo=Bhn=ZiUX-1-z$`d2_Si+&QQgg
zXqNS;8opNs-^+sju{ub<Lh=5DEK)UO39D#$iYlJ^qjc$Hl6aO<AfEddPYE$3rpuo!
z^a*3>g)VZ*??5+CNJ~9D?6FSUiym}q>g$0@XrE*)cO(`lu)e!9z0A;n<Ap)NlOsim
zQU}MPYEf^+u@_0SjPs=;XL(0xZL|3VuJ5hbpKw3R4gFcvDZLe+%<`qt-HNbW_{&R2
zBHj<Ma@I~!;P+NMNiqvQn_zZ1ES4QCmJrxPO&4p^XSq>{nx1&^d-3A6n#BF=y)p8W
z$-?s1!SZHVwrDw%jZt;LvRLc#y!ZZad+}l%H;FzK+X_`!UWv(%8DPIl0*3u1p?=|-
zmb*D#{5ZvU7gJn+H9iS$r&V63WFVPSoE2v1dFCgu`d=YD+c7pU=ltN;7E{$1a|<!L
znQQI9@)(g^X%2|6tm$7iH9XnYbA7wWdd-0a*=9a-qmgkbDbs}{wwcJzP{g4G=ML;I
zzSVl)hq#-hDqX{-tQyJe7p-)EkQAsy*>V+?pcE^4)b?zV0%RDfnXe@vdtL+ku7>Oq
zHZRtkzKC&(_)7MYd_-=)zGjVPa%9(EO6`;)EY4<+=L74UssF_B>fYHp%M_fi_S*-2
z7el}T`yk(J2paH0)|H81`rbw$>hV=V#vjKV`O&Ono6g6RZwHMj;&Qz7y_%oB6=%#8
zs@}V;FL;XupX3Mk^aW=v_y|8ZMB(h(DMT~cO`4@q?~$bzYaeE6lw3PY5RIfoIY+if
z$+ZSz=~uP7?#TY&IcwtC4ZitPz1bVVXyRD-f2hF4pJCqF5zZfIO^EASDDc9Ec5UMM
zlxR(yv4<vJa^W7Ec#a>uYZL4JV84m#CpEFRqDH|5222N7vi`Pael#n4G##BoZ5S1r
zABD1qj`9cc=^;DezISA=eAZe!>vS`-GW{?&d1XEQm>y~e=Y!|$<ziUcd*uBW>{qmQ
zH+x)BBcx6-%!u#jRex3K#TpmpY=aYC+`+4;YYR^|y;uXO={(C>y;y5G!oZ<in^dnb
zHpb&!z07vg=drt=+-R1Ea3M_>%5)AdIoEbL$zMV0<C)_#<SvS~uTK=eDQ8>>l*s-D
z>5>=z#qWW@k~)NyM%%%#xw=7k(_68gtE$9KzNj=tcd&Fi$a{=Wo9Ymm+%U`$Y_oWu
z5&;p5?nVwZt$+)@jh8{VDr_U;z%1iPHq#sdt~vWG`ztkII}O+!DgamH0kBBd2LpR7
z4{=c*;zp(W9EgVp5KFvY0P$&j8uK{-VjWKj;@Sd;|8^ezlD;+40u%{o$1*+fqsnH>
zZTcP#eXvsGoI;(eIwocgzLOM)h1a{qZ_58zoX$P#d*B*=XBIyJLD&PR7~=F+%=)h1
zx$BiCO~0do*L<M2noo1m#^svB&>=7v!T+N)sK`{CMhThs2FzGM?*yiBOC2>w&Z#)0
z$=0!IIc<L<pS+58zC1(_(xU?L99RwH2dhi}tobfDbqVd~!P)U0!6`zG$l){<h(IX}
z%LOLX^6C3V6SP<^5$v=cXtm<D3qZg7EddI1E&$Om5Yb8mV$c}h-F!#kV2^1Ydbb#t
z+}VbMa$3TI*%-(5llW6ya3(k?f8)#KPQ8Z^OF*D5^^AD-M)+QAO=U?@&8r3!bi+9w
zmV>gI)))$YIC>dEDH(E$hG^<~O+Kf3d8CDB)G5EdgQsK~vtp_1w<rvT?hQRt*V{v9
zZ$0{Mzg`cWoekw(vs2md3Up4rUS{*+#!~Z{nFvVu(EmoP$!95GDj!O*Ady<q5@aRy
z_3ga#5V(odU$vAaQg^NJ9~$6T>aVNp>(|zcscS^^W2s+v+rv>ql$VB_!x>%ql*(9Y
z0v%F5p>}t>90*!(#Rumy{+i$oFpfxI<p{wWCGuv`PvxVZ?vLI~bnbizX>Y|{ie|23
zPSf^nF%2LqW3*B!qL$)1QecE(xFgJHd$m8=RZ4bX_P|B&QeAd9kKC~AFg;4Mr532A
znE|U-b~k&**IBONlq`$^#;Ha2l)^AZw<$6`TSJ)En5|EUTKB6O8ND8$&nprpo_e%B
zAD3`V_$*aM_5J6_hZNjGbcp|P)_e_`!x_7t;sH8%-lJinFYs6RP5LNprsZxrtzmP*
z$$#oW7HyUJ+!A~)^FKR+&lY{I{+aMDef#_T0-vs>anrZI$(O+Wvp!+6O+rdbwC8AF
z9?=<3Amv-56hPd?lYjQUC3qJI+j!UWMV{n*hX<+O<)J^7y_0wKQW0Ha=K<KXzWFwr
z$jl)#-!12H^aLL9%+W;?hH+Nlb5|X1O42&t^@FGln`0FGTJDRyr=pusx^6Wv-Atg|
z#{Q!Gs-3FybD-rcs7HB8R>>1h00B#=m8e`<Me|3PH9+T3?^~FdK*4X^$hY?8CB58l
zSY{#CjbkxF$~P1>BocD>lLY_2qBKEz8>Niybdu`#hD@xN^X0vrCDBr0K*g%J_9~jh
zhMuElHuUnP-Lp?X!nvc4(oxFd8b8B7R0Q1o{e2%I5i184!ZwXdZH^{i;y#U+;$>UL
zaXgqh2!WOfs5n#UaB<Yzyw+Ptxpo0e-+h2q-Bkp;Gz4{CSpaflU|&2s`|&}=tA+$Z
zI90iV)P9u@1wyz)*|Su6*<_OecEsy8Hg|c$NrnBm=-nzB&q-J75eF3&RU@0<l<M04
zuCscb>pXBr<gY|>F_+UWEp2x&n@s||-{~Xu4j0NuN*KqF+oCHfMa|wvJt1C$+q@kp
z?|wD~pS#=!v=`DCoFQ`+h6-c$X$0*2d;*yeVa5jyk_=_Av*a7_Gl|SM*=rq)t>oIl
zEEBQwhg}^nezEt(02PXHCYCwmp|{Ja?p5y^LBi+@tazqmh(vpJ8#E8mhCUrM^&$3~
z)FDeI%_(Q~9g)BA)YXY$?p*6~i`jA$FzT^ftvK2*9O$>UgD@ShVgT4Qlp8E|Y|oX9
zdThsb@^otJtvr(2DV-2WxXL6jM3$(^X}tsKd}~M3wEy!7!9+Mr#SWMc1(TQSzyI^3
zz#v$pTQ{(IuFh(NyT|il>_;K)_Tkg6`1|9Ld1TrZe?Nvf+7*8v&<Tkud6bu3E7{}x
zIPr7KzjqJipGUD^f#!U%cZjyjnen}7k!<W_7mS<XQ60IX2hN`X_t@mY-Q-_r0}{sS
zb~>%gDs*Snh<)RkgHMVj*Mh0sr9%}`4-lrxisU4dvEL@oEw@IKA6?mWi#Ht5t+6jL
z!n-%NRVb*5IDj4$(}F$IgB&&G0nF2bODI_=s~P&h0Td^_f;IaW6>UeQykq-2{Nynj
zAX^Qkqb4`}h#ZA@Eld%P>d$+bMY`n<Bd^8YQ+xyjwb<L_e|$j7V(&gaM3|h#MLJ<h
zZs4qZEDLm=lKLc9H`?{hgo0Wi0p8`5AetcREP#+AY1j4{68ufNY;n<)5sZO6hIcuw
zr}K{Ra|q5D&bBs;rAMrTuVN|AcQ7Cfy8AR*!Q`jS^;{y-yjQeEccuQ0WL%Bvr2YmG
zNp^myyHNwu`lNRRk)ju`F&SneMEWCeltM?6Iin*^@)07SRa_dfVQ@k|a&JcgEXIYY
zvEnVU%;lfPuxTIlT(sqi%E3sKKN4)cYu(;Q-Cn?drukJbNqWl|0iQ&swLf%L9~T_X
z=)kxXAnG|1i>7*_$!=DI?s(aQb{-~uuUPLx6bTMc3g<J&QJ(13N+3=3^mZk8qViNi
z*$8>R#Sw0wBDht05)t&rao(YnG!B-pwNXhS*aajEgJ@#8Qh7&@S4t<j8y{re^tz9~
z6y5${eKeq&4O@~Q*2kR07I(+fZt)J;FSP$a?UkqzV7%X=w$Qhr?sy?j(S;e^ipQnM
z=f!VR{P~|BFE+-E`u0$M9@Ptox6}3s83qvJ0u=N<lG?<MXXA43@ZqRUx{9cE@_uAs
zle!>!FIkHcH4nuz3t3SP{wh0F|2E!&^%aEtVg9TMzplxia_i<N8&XduU*XLEl~~!E
zP?O8{XV_xBYjOO~5OVKKar1ibVbV&GNVFu8dM365k2pS?rQOQ{WWKm;V5ftJi#(qR
zmv!SQ622Y%c(xpQ??jDG-3!j5b2L$QJjWGBIRq?dKdaf9L)Mc@SY1v-sTKXP;Y5sg
z?rIt|7!9(f$YHA{c{2zi5?=$GX?r|<92u`BqbCnWM4<2`g&K}B8U~fvYCM?VX@iEK
zB6CFhw8$5w?-gl)`96ZubRvOn*k`f2XPwrUDKJ*N4Y6j4IuFVg4mc4!pC?DcKM^$G
zGO_24_KsE|y&XpHxN>J>@0@jBH{HcGP@v|25vxTPtpYZZLOHyNI?4AKF3~Xs=+8R{
zb!jcumug6N#dIy5wqSb)@s^+2^0-)KI)8_&2=ueQs0%ZzXkm!w5j^+K9hFb*Ck~P+
zYXnw3NW~Yk8U4KBbmu9rl^3Dd)HaqjFu^x`zl+OKI{dknl{jI!&)oLulNDg8#_x=s
zjB}o__RlD<PT}151m4)ptI@X>*k4gmEMso4Mr~r=?^VD6{+g9@;2M)Cdr}PGF`P20
z%aa>==RD;7B&-hFGb`hDNO4wudm0t#0xIJ@Sz@UR^;5eqPR!<Ud#LMa)rC*$jW#FX
zH#czhdK$HfPn)ID-2KYNR)}3+v^-2@IZDA8K&jC(>U?PkXR76PKA&nTX9~<H596hy
zyfW2Let`C<op0Bow^e>9IdRp{P<{wfh4LznUCV<r)^ZM6;7bDtkSJ?uFPL|SpJemy
z+*g<wzhNzaXRDDs3n*4F%(nN`Zne>A9m%DLHVXUj;yp(!i=5r|=BpEEy%QlrDxy(C
z2qLm)g^|DMbn-Ug6_yQ@)Co)KxpHh{^U+A4Hil9cZw#kqY#gDB<uXSvtuvT5{#)Cy
zL$>h{vRwNv)hjp0LhV%U>!Gw5km#Wt@J(M2#R9<RMlHL`6q_OsJSkPitR)<!;nupK
zRy&6B&sUYfn<w&vBQ!9xQVReDtx-!T6*s{C3AtvZs?ua&Pl_}G8Rm#ctnR6Kr%mj;
z3&1?}KS>fA5_sx&Qx9c7JzKD9_ZW0D3c<)LnnT{9;7cs^iBM$~xtb5r)_Wyy*_5G*
zZ>u1b(W>Q2B-V`!+z2{7BiNWu<8nE+fCe=mVH4gcxH7;3%au8#^<`~sPx!QZuOjd8
zcW7<#yCSbU)k+#B9MK<l$KjEcH9e8qfX4~?L7=D~X6uYgg<&$rB|{U*$QwM<7wHgR
zeGH_T4W-YDz<CbAtA@a;KIWEfhJRyqWj#N7DFe+U-?d(K%MDgjlq1qhQG=#@Du#in
z)LYZOIvWY|iu{|EO%b*I5!DtE4kFzCh<c0Ik??ag_D4*&h<^nU?W)YLqlGu*#fku*
z)p{X-8ZN11EuLBMg>~dfKj*505e4ffdQ?@q@4)H5-!R(yL@wKZj#p-aq>EMXRqG_N
zDKJNrL(Z*lBgcH@45C>|X9)}Ox7}NDP>c|<IqTTSf;A-SAW?85z^AUo%1PoZe1~cO
zEGd<w>A{TvVz@Y&>lSX;^WJwOK!^{7$Zm#JL6MD0m?`~bwIFDXR9Q4KSh}6p+~EWF
z8`1mKmr`|}irX<K>7a6gM{qpOAbOLR<^YJ3Yh{?rEtqoJ^j^H?J!etNFp`pI$$Vbs
z&Le)WxwB)L^SC$ZW45xeS?2hjl*>q<>}ymPcfD+pRBn+&c0An+{-#Nu7EAM2Hv!zA
zQVWkUcdqg{Z8Kr~VwritB}VJ{Di|+`a;D~saoYZ@#^8FtIIFg+Xt@IOo#vl0b-$vf
z6MHLuIzckPjX2$D{-&p^;pmaR{iI*zp#!SiTT~^#wAxvOB*Imr9_y_*VUjO0|0%`9
znKxB(<<pwfm-#~E^q+N->zm#fui@YVi{r=<*F~HDc<8J`Ub=M^6Qr$_tC-fu%p<><
zOQmqRu2H)(ky<ZR|5*}4>k1}H<;I?$t5mRLLEwYGg|xx#OAD;+h$WeM3Ju)vuh0nW
z*dp@M*ynzK$vB-FABCH-Pa#Ksm3aW2#n0HL$V>FQ;HS!cs5ib(h_yam_hHjF0w4U4
z#xHjx&Y0)Qk-oF&x2(1W&h(W9Nc=mP<febX9ZX;DnD-^SgQ;*lRL-1=-O3o?k^g(_
z_TsD+ect%LZvpxHn1E6}oSsGxr!S_5i=RxS-iXzF;w-v~go(OOoh4Um!^o-h0_~yI
zN7B-6bTcDrL|v@|(_B33X5yu!yV`dHooOg#VQ-D7t0hfDq>k4$oa+yUfV#Lx?tG<`
zJDHB<+^CdwFvfkl6y}ne#l}f?S~VXiRWP)^J2%Glfd&SI8;lq{CD+=$bS#qx(&a3z
z<0XzSeo+BU-06k=r3)T(260voKG}M>El8#x+``0_lJD9XpPPJ=3&>tBbvd}FX1T?z
zV+qMJE!WC!IPBt6w>+VraZK-z=au1!q&v<XOgH0X0(CC$GVlT6VXF!@06<DSB|{g0
zyu={?K+aVKxpcplYH8LjRD#u6`c<;W@ypLb<m0mlQvdvedBR1%X;qDx80Hctj<(<@
zp9a2<vGw<T`j$@-d_zU7jYbte<<`A5ci(pDywIezT)i>pPNs~vMZ4$1^8GgGy3oG)
zWN>-6kkTD|hZ!<O*8n;+V$;lJ=nclx``QgmCidJ=6|Z|xH!$s<*5pNf>E}3w=~<5_
zWsa|vYpy!Pws*7r(M4d3eu+@kXy`&-jP@-0m9|E(2WZ!A&2j_NNIA*ZbtW2bt}{_{
z`unTzaud0ntziimc&&+3t)OZ}mdEf-fZ@!BDny{&aB|J~kKW)NLv>NRf56+$_9SX|
z5O_IW6RC&2mwD<GC38sln!eiyL<>W(1-?k1gW5j%#N0~O^A2KAYWfY2c!upfPZ<lb
z7=pNnB2tO~KeTikA<c{2#T@CpgI-enXkN1iLrO*As%-7lZ6G>Mt9EKyed|c3U%LW1
zF<8b^<%LkCSU=?*yUqlrY6i|RGbQI5XF>`tmtDs}oS!XsqS1AOtDIu<*%$92JAD}B
z1sbrgWS!(GtZ|hx@vpXZ6fM_y1|`_sY5nu#0_n090I{kNh!uPcD2oeO!0P(`9z6z6
zb4@r97}qQISzYKPH`9aS7S)6C;*W9@`|-i8yVXy$*cW-rA@2}(u%9+}Sblii3?g6~
zjfMOc;1g3hKMeU{=^Kk>B9a=5KCQl~fNulydqKols6A2?vj_%%rM}q=jF};gzz?PS
zqY={jfB58gdcEff(SU{wcQq5SyJ*sJDWegu>v0x~B^2||%F6EUoBHxE?yB!+)(@`l
zySQt{BwcTzi@TgQ5lTD#QFXtqzyM$g>v|t}pqN<Iz-*c~BW5^@M3$zA1XpsyBJR)H
zkSouRCxZh={!r89yYPqT1)PMQbZ*oh<Up&2c)w8T^v_N};`1kb27C5FKA-OWH->@(
zQG0jzf(tg#9D`7|{+=9mD%w33%h6xxOa1i!Q1>SAQB~*ve+B|f5V=9Ns3<{$O<X~(
z62Y30#N2@yKvBV+{;Y_CN=X8!tt^u$x8o>nZELIj)^6Xg-NCltR!vv}Vo|^am#P7`
zxef?!5K)=m`*ZG{B@mU?@9*`0{dsBbopaBAp7WgNJZq{(<hmQtZ#b11DMsGqz-uw=
z>~br}v;;8$`H$o^-Ty~a<wY~g>EE&7G5`|kEc%qS!R{zh`PS@8e_h_FKTTMe7*sk~
zvP-cs%w37QQCW5k2KQqPx<V5eC`uia?mv|FJRMyB;t+8vGhtpM&Np!i1Np+7b+|a}
z3_<nqVZV#RX8*%}7l+6E5Bpsle(QfQ7YD2HSSG>d(49|<?m&L9NJbdsUI?IOxGZki
z`vC*3)jd-XybM(YD5@e<bIT3}UzgfN8&lT+69bgxFtRKen7Rmnl|Rj{hKb{IXEJ1^
zu4Z4;%$5rBVYeMeLNP=Lc4$<N><S;|LB(OIFSAm;GhJaRpO7)^7Ea1#&$HKq?giYo
z`P@|+#qKXSY#*y+G%3sQ<GG{XRH3UIQLK=SzmxpV;Vj8aW|-58yP|tN1>m}bo#)*v
zbx<cx7^D1&6OMkaPeE!O7mLFV7bOc&5Vm97Afjc!PwLh!FY#OwHHlM%9M;qZwR~jR
zGf(Z-78^M*5j)O4l$LjyZ~afBh+-`~HHfsWUfNM64L`nrGZ&ZSd57_>m2Voex_Ygy
zzlk%Sn5q8tpH6l!XvXi9QG!xFzRcZ(k4Ng`aU>;g*T?zhW4BULg|tfPXzEb1U2R4o
zS|<4hy;BSa-7bU@c?#nyYqFeP5`-af!cWL=s%4tKO-t_ou+p@8mDlRx%;)3)T1_3C
z-3J5vWc2yiuv4Vt(Crk0N32k{yigEv_##WkfFS=&nk!{z_m|#R;m^|KZ$&qFaUyzh
z5?B2_;NF`5y+7Ym4bn|Wpb(%=uWTpf1e2l){-&Qt@)IpbOr}k~`;_k<edw05{G7q$
zy6z+#tDis&ixE_=zq6>?{nL~(O(~;?f8=RH$b`ou0+J`0T;6t4M(wiXVJGj!!ee{G
z!OC{OQeL11DM&2&>%IySRRz8xTbEgVJk2&=pKUwde~msH{>1Irwh=H%unI6UfNygQ
zz%f0rE8nxNS_1#>?G}0r#E+%S=w0$$t*ulkzf`gZ)bZHz7FtNn^@HsAK^!jK#cjtV
zg8j$T(lZ=Ur;5yPegaO+9~S`}wGS@(0D%)f&0Lh%540Z?u=8)ejnEpRXVnNCrZaOy
z29k$l|0g%k9?1u;ke-PkYgn?omC;w6XycqcHg7V{itPB!6Vm;=GEzHs^Gq*c8u5Qe
zDd7>#rKfc{pO<w1m%Zfs_+gOcBX{$1NqXo?(l1$=rPtF#A0Qz|FKG6N2XQuB`<>pE
zgzJD6dw{~CKn*!9ua|A9p@zP-$}!)t`gDmpXA=)~3<$cp)F%8v<$G4+cU34cCJ=Tu
zhM`%<#Ze&~H?rE=S@+_&#2^ciC0vyiZBP&RF2V3GKDLB+ynPjq5jj6rf4V{h2kL+7
z$vVQ$is;C*ch-F`oVd76rHV}+le>$g7tTwO%9k2m4m*3?D|Jbatt!3*P(E|Z472TT
zC}Dp}hb#G`0p0{lAM`(hmoswk(rq7j>2|>IvZMP~fR}}r<>2M{UKx1F(;td$<MwK_
z9oL7QXNftiJ1M92GNE^w1lNY+Kbfm{=k4UFSH5p}vN}(&Uq^pVJ0N0!T@+ZUl-$Y{
zXPWbfAQF&M4>6G*!e(ojL)oBmP67l`xokgBwx{`nepP+7_0wi+Q7s6<xM=RS{u@HM
zD20YA*Vmnx^|kN3?W=flgWOu_u~fQJ$c|%O+SkavQvErx(*2+Px++*{h%~7Pfj7XP
zFk9079rH=_I9>PppXpWo*;8Zxc!xf9t2>CBk3F(x?yMl#u(D?EY);+iG<e<hM{-T5
zvWcav9bT0@M05(9yXr)%=}C&(kT+`Vtz<hr3&-zVMDvK-CK2wJT-wMZ!p;jxc@{C{
z=sjv;;<QYtKTZ_SFx#2QNj^c&A@onv4q3aseu_|O3HtvGJp~4MJNct;z7I8bD)xM$
zmZ<{uMn<_SY*p`8b0x{6L+>eYYkhBpRKvYD%5yJ_U~WV{z-LioA?`V>l)3e-nw!U_
zRHg}9>Y2(=CE9yRhXLUzEJ2zXQ}QA$1PYO6JYHw&2X{6eqfj@TeVDpaW7s$)GX@kR
zJC5NaZwyydnK4+6_i=8jbfcW!o3Zp_EUu&Dlo^;T+F)yuU_N>C#bz7mnB<^-H~HkW
z9=Ih+6$2C|WpDB!rF8Yruae}t_q2AeCC~elPM6T6(1oE3Lg!Bm!?1`Cj>P9Nv+4Si
zBZ(^^_D?u={(k)6RV6ritM3!m4AkQfnHaYrg516pj@=S0s6T|Nvoo6>dI6EEvOhVX
z3cjShhv)6z9{lG6Ztu<0I&1HIVr&2!XF=j~oJ11ybdMRYreNl*VLYAiw=;_9mxeA6
zU6CGoI~9XYiT7a=7>dX5vE$ug|Nj}&V*AQ|3+%wUG{Jbr0oCLAzsE{k>jxM4uf^vC
z(e(6^myZih^|O#WlX-9z`-o<m-||e(MCU{j2M3?%SrEn|ED~6oZVSgJ06gaai{qwA
zs=9Emc70%jTxc~)t8VzFe16FMQMwvUP#)Q<ZftnhU9TVUJ2p_cwt2NzV`!!w56?9<
z8V?kHjrVyqX8BQGeFgdT$>VNoZLr3i^%^wYgPApMZn)wJYvH-d8d!@foUrv5J806*
z^wQ?<2{wEah9*9?|Dn#ri&Jy`;XzyyI!MElOYqF_BpWxw%bnNi58CS9*xol5b)277
zW~OC;(gR_>*s4FK0bGa&5OAY((sj}KWiO+x|EgTh{|j{Ta)&AXgL>mnz%O_ozR5Im
zaJCuUS3SQvlZ>5XkCohEUNsJBP#xtsc!3P$s4ja=h~WkBPaCbgPHXLORX@>}o%*sn
zRhG$}UjzAHChrG)+o_uPy_51EP&P$+lHW;wr<_T>obg3WKDVOU;_L$CrY9HQ=JCl)
zo^P%qRlwNIQ#^B(2i1TvSCO19-Tzmo2+|)BczDTcO>*2zPG*zaOme-KEP(LLRUnuB
zjdFQ<=!NEM&V(bja*9yT)#L^_C7-^3UjjFWAD~Le`$>e5G9V?6g>?Pbqlu}-Af+GO
z%+Afl<0h!l)Afh?(YJSacqy61ORqvKmK69WLhH#o5yr}CME%$8_(Z6I(FpoEvgtMJ
zg~778-ounsl}WOdG{HDZM0XG!HRUVO9}Fps(}uV01dN)bmdcJJqlI!98+P7`=wJfV
zym=G-Jq(hw+6-IQsnvN|OYQ0C!q4PL0e`;6Ucnt8K>eH@pBt2{?Vp5HNY@|1+7aSs
z0P_bPnvzAT>7nlpH>fF>v@&n~C&tb?ss8+ZiRi~nkvt;$PbOhMBKpT(@_m{Li4ikI
z^ev=cvXA`?I`hJ=Y@{lYM~xzRpe=|QR%K$@-2x|x<o>L^`1i(-7tT5Hb$bi{UkFXL
zss0ArK_;-#j=j~Ro(s;F_QiJm@e$or(Nhf{LJ9|GMLP0(?f6g3_xKME`0=pG8Ea{8
zSYZgZg76ySJ%>1E!J6T3z_YZL-*z&MhAUTDv0E7iOmbHkimnpNN?pFNM2=J`NGkaC
zO@C00WAzfhZ3EXUGumcBdg9F2=N1)s>yPPDD7`t1?GRbm1LSH*xyB@0vm+Z#T(K5M
z<5NrWda>{(QS*rt?omDZm&M1C_+M0$Ar^#)ahvo%!_@cmn)Gu}h*N7u{#IkDdtN)J
zYHYmm%_@E((!}FX{qZ>2M^5p)nQ+uF-e<n&d-J`H`QH6}B*5qQ<#fNUH{o8!hq>pW
zi=9jny2QY9Ccj_oz#p*{%s;>p46iw-ShGm5I4ITQA`XIR=gMMN_cdU`YWy#~<ly2^
z!A17|mTBL>2YgOI#9C-vkm75b^OVK#0K*&Bf%Nae9DEpuSWreR6!i3o?6WmcvvkL&
z1TGVCa2fa6HEwrkvvmKflqYd!{Zw<`dODb4vkW!F8ecB<zO2uFImjd9SVI{@ESBe(
z-0DtUoOhpDu&rE_Csz=hn^&%@8zA44xa}ft-I^Nps=)mijx-L??ZA2|Kio%>xv}#u
zB(8r3;(hH0k`3}FIb4Bzh%>}QN#IUKYU*!f^dAuuh8`1~OKYfTzVyOQrdHI#oabY2
zp+fgoxadPP=!%UpSaX<*{yKLX1&kBWUs5MP#&x=dxQ%K66j1?P6zLXl)}c`kZtd0h
z#N5MC7RT-0spSY{x`ZEBSDDYWE8&O%Qk6em4EMw+@~r8q8oHPoTDJD!V$sW5zN_eY
zZfdHnFSUJ^s|6`hYBZGIXLJtjA8J7fYATY{To&uL%jlfn0b-M^{1k7#Ep5FyX{q^%
zq88A7uc=&rda>R6Dy!Jyhwy^N>nP@=#EfkQ2LoD4nd5_}t)VDkf?jw|&Lm9n6Q*Sn
zX8H+p_0&RDa4=zBUUobjcA|hWr_d}1al1snfnz8!5u7j%lI9!4<a7427&yJU@jA0<
zx{#R+K<?A{;(({H?8ZRIX%C^b8ft0l!DLkzwJQ5JO!jBM33vz7oLIMQG(%a319G?z
zD?elSEn9kPdf}eqvg)OL{4-Tjh+hdVwN-DY8XN8ZNa9AiRq3?ToEo{t%+?NJ#l*$L
zW4f`+e*I~#E^7As!^Ey4D}6p|YAj8M&eMF$$p|jdt>x*Kx9LrDQG3{VnsDeH@gX0k
z#@dI}A1rKo3Eg3~Qr{&w3<%G8O+SWqz@IfvODMJlP2MdKchREt05K}aHy&-rb_A@2
zXV484=8TJ!=aAjjZwSTO=hd$>-dE9D7l=|cw5!=yzKvSdYf-+9TG6#srmg6FVl98l
zmOlss(Do3b1iypo5UeEbXshj_=RA&CeaPG{ZDKqQYv>zwo{u=2lf93W6*d>?sKmg!
z$%<LG1ucr>xkt<h;!FvZIKI2vsb5z^_6E^!npX3ZI#8;a4n}%hu$S(C|4@*V=H*WS
z2UPMoHnN^7y<m)1JWkA~3uT^n`3S2|hbRPM3eTqsA(cfunO5_@*nc;kro_ISPeSsd
zBh+cX1Y!*35=*RQtNP8LXB5+KqZ6r5;C&;1R9P5a=m`S#oMiO>{nVkD^w1g_E0mpq
z(hYxLZZZ>4QJh1$4ICNLF3(vD-qJk#fmQ@{P0u07cDsoQAqag(yb8ySByM8wTw{PV
zvvDrrgtQv3qB*{Ti>}!pNHd#en8|tuS*>N?E%1Q!H1%^IAl+5O@hLFSHfj2u;Gb1Q
ze1ybE9DrfW_SvxcipP}l=REzq81@4yvW(xVxV@~+JUx>}1?Cl<9gdHgAf1b1-i@Qc
z#;Z-mehOcf@I_)hQ%kvDOSxZ5xmSy7yHEKlut_vev^dPuw^qX|rWi6MR-?3kBF;0C
z7^`NrJw-WbVWxTdC27IbL<?Tc_xf>cy?C`6&oIA*Ql3<I55ohoawWUHOc$+1kusR?
zo|2+eZJWs^9g($q0#a&LV%QBPJyfMGs46-CHC5AvD)ZZKy3a)j`p*T48ezZU`IZ0x
ztU)iizL4}nuFMWv)L3?u|K4v=XcFIxozO%<^nLWoPM|19t;sw4wxd>RHJuJL!D|%|
zG;KhmH`O%~_{@uW2lWVUe!_$m4+ma*7+pua=YX$4J*YW#fY*=@tVOLM1qPzdEHdB#
zgI8HlZ#-d?r~4m#3`WmI#-<h`X_rk&P>)#m3$_U0qeFJPzosb@0Wi~E>iZp<2NF}x
zJ}Do$_0%KTrUt5@BumWGlZLY$F90wz+Am(bb`)gNtKHrddzgcic|bRRwR<$bJ#lPm
zV0I>;Ror)>i$bz10u#%^XP4Ju4S<<7k?dM=8;j%Guu~Jvr)H$5cpv4Yr>I_uyLS?L
zid+GQ{@^;URK4IQajJ9wd#WCHsPlG;9~C>Rp#B}AN5hnQHii2hPo}~J5cH4!V;LwA
zz!Tl0OW>IjVm0dr(6v@iuunNpz|Qat&*zdylATFn=bc|Rd7sN*sWMmTGB`yrqiv@f
zVQKPJqv`8yL@;mtrFP<8^Vw)ca4}dngK-?4N6*ts$-jQPPr;+@>E1T>uZb^YuZcv#
z)HQK)ia3I+L?C8whR~&~Rcv(^_nSyA9|q@VA<?~Mzm)$YL8r;z)g7*{2a`V!Tv2`r
zlWb5zE*Y&ZcZQNXfyrDhpi>#U2o#`Md%K77W+2i1j^HT2YpFPb$Jujz_l3zBpKed5
zEF&p=Yyv$>ras&*F%g0~RMB8Hd52C`n)Xj(q-A`XaQ!Y#9(1Y}!`sNoBlQCY#D#Z@
z@sK<#AQozl+|K7uegXfXKl*h48UNv&qXd5culNr$cZxmi^B-W(3&`L<oO#u?IsStW
zUp0AIznK59S^S4QenTE}VITh)v2D}D0wChMK%Ee9x7g6izZV$A$CYzuo**8jak}}C
z(4zY~I8{+&*@#x-L4a;JK0w#&;k)L~4I_l98exP?$5jmrCr;gIqttfX%yJ^kBV@xl
zSYlMqkl}cRE7n50aUsR{XED^;dB)zSdx)z_-Bg*cR6EbaUgx6ndbsFCW4$t;);-$>
z3Wj6&mRoCjlp5vr^m3GYN7DBu@<rk|m)P-3f<{LLreN6V4#i^n+!O(LjS<d6f?#C&
z$4rrjx9(hNgCxKoILA=?JWKW4b_hl}FX*1Cfja}jyI&xxdeB%k>GXn7Plrd2Ew*At
zrE&VknbEF&-4?#k2|qf^C;WmaFAgUz1nZzEB-8^<WyCxZ#Dbo1H<+%!&UWzMrJU)f
zBZ+U}1`Vw&<iIn^hUL@mR`KYax@W)%GlG(R0;9;*mXpXn5s6K%4b>`}ADm#)njKd|
zH<cG4F`|+nx`5o8Cg>fr0KPd0&ufEt9MD(ALp`piz2@w4s%A#U&@v;)pVp5+D48kC
zOySfuJ;pNdRnzj&o4&CE*}TdVNWBz|Pb_%|iy{sT2)<>el~G7nFDZS5BL^CD`NQIf
z*wc5+46j+E3PO+0<b&a7L=(p!kJ|6d`eQk;$5-CIrw!sKWc_G$wN;yfsS=K@S{$1H
zS)l%Tt|!}ZvC%CxQ2t^VXE>G$%o;O3e%Br`5K=#pt?B4!1@eGV_&f~Fzv<e5br(T|
z#-SH`VJRz*IPt<^us{%#&8}iF=8!Ria1WtZoR{wXOa)I>;oi$TxN%lpo@>`=yRcyn
zgLUK=EMin)=P4ul{KVOSO^)+?%e%$a@*9c#V@2avAP4ETVo6WDXY8qVHWGa=>bz28
zEnioYI2RN8J;zzMt)L1VvoH1>vl}+k-Ds~z6PKl<33x$K$BH^vaDP~Kd|AkOM>g^(
zGu()wEw{LbicQYF%87*B<WwA?a@1yVdcxkUFAG#VA7P2t@@5Yj-V`c&r=}6-#W<&d
z^-E66ks#aDHl5ngz5PtJbv3o!pwNKCD#arxL1%Bf9<0LZKFMv>t7~1<NqLmXf|hg}
z>m2*I)VghpR45Y%-^94bT-nbtG8;3npR;MlCi)%!m>@G!@oqT1$~Xqd-!BaGJ7pPz
zLiy{wfkIW*vb2A>HYTCE$XZU6{u-VL4ntR=brHa2<_Y9BZ4K|dt;PG*FME^D>p!xS
z`qy()9)%Z}IS^ccF_M)VK~2nBy8@{|UiFANH^9RzEOQr=MOmAe4wLn^%@lUS<OgR;
zAPFCCZ!%u)(a1rW$2}m!1$J?<(*haCZgN&E*ed$dew-;2Nt(8YtRWP`c6v>v*fTn&
z`qg{Yeiy%eR;RGcVBBcMYHQ)ap#Cw&Hzp8rL+}ghHf!VF;Z=`Z=VGsVFHVeKJum=d
zGL!vK%>cwC?K!AwQGHo&iF<lgGk}9Kt=HXZ;<wUQOnwgUq_5N<4G&x&2XKA-7?gj3
zdl1btZpOc0kMY&lgxL(PXl@B6dkr>MgvKVrs`BRWVNggxa#Q|9UPDU;@8wV2(}qlT
z6BNzXPD@sk6irR-e?HQy9nqz~ynpaE#eU1{RfXWe12+@rfEAD#U<dxk{JCikx}V|Y
zLh9M*yj8AlNVy7+W5DzhDj1t6JYKP?@sYtioZ3%(z@DB1ZOk47oLL9j;i7h94Sg&1
z8PH!5u6z#T!Lyk*Q{O!l2&dNz7*LBbz{nQP1BRGFsACRfJ7a_HQcPk@v8x5d9gCTD
zc?`(Gqpf=r-%ZAEbdqsCf@<qW&5tn@<sC<sh_h8Ee|o*dIjQ6F=<kf%UAw5=PzbBM
zd}dUAfPMf4Cc!oViZf8qn(<}Z%8bmbZ|08j=#n1pdNOEpz32fd`|v%w+UY)gpDd>D
zM>6T1pdSX>5#xNuWOj}b{>1F=i*e+Jfw(2u4JpE5{>~oqH9+|fnbr$AvpSt(-2<4m
zf%<NCiB300(qTul<qFF(8}~64ao=J%6zFQ*`nXqM-#rQlFt%RWT<5b#BV5DJ*B0e+
zt{s}GErVjbT7Tfx%7oUKsqF-@jo0}k<%#u7`GHL6AIaDGgzjM(_npvd$*rZ8o+0C-
zCj&SyI$c`hvp_xR2h4rJHu?<E>}(tLW+Zvrhz%27Q%keV?rP@Lhv+2%_a+wEo9l^Y
zepY|gxn|=PxW{<4LXR%sWU$wa4jQukaC)T)_%n%`fZ51iJ6Q&WV@Ial+epPJ!Y$f#
zT{_d2Aq7SEK|uBeDVIXF9xZydL{>0^-RJzety{O6xBcti7d-M2=^CTk>q-w3-rNwY
z$y5^W?p{X^3}{H7??6D~`{e5!G&XR2?gJXB^QgQ2;xDYXyS#kYo!NPvj{*lB>x8#5
zFtg@xnVhXl`lfnCov+!uU&VP@a7p(?ql2xZ5elvu4a!|JnohA&&ctH(#w-Q!u5e<f
zE5!Pm*^o+dr+fbhYGd!q0H2lSgdF98`WNhd6>;C;4+Xkdx1P%y&^X>Vs>{0O&S!I^
zo?q65utr5IGD~SliGs&W4Zrtl0DCO(n*6E|ty)u)v_MC6I#eK(p{7n@CING|ubH&Z
z0<)v^{tJd{iftO6hNKzCS<p;ugyk)m1jEsCPO+WQ&`_g`@#HYJ#C;dwla@OVvoClx
z%Vm(=XyLq|oAl5d6IbF5``?*3^~L=*G?-Aq><AtIs*`4F988Uw&6~fW{eG_j{P@?(
zw7C*D(l~UPTo!-z4s_hqxVI{Be+cVHZMBZJ1oa#>eh1tbm_oYnF8XfjPA|8?!y*7t
z?Z1BnaUK~h>EUT-t+UP}b3LNhwde!G1oaQ{>fN9GBE6tP?=#0(2H4$o5ITg_@>n7L
zyme>dmU|oKE3RCJrXMrd{9@Yk!7l@O)^eS-QtpPdMIco!R~4}ql!+j|PGtv}&Y54w
z@JrL4nQYlbdn?`j|3Qaw-c{iK4#ADJ4C{LTCh~o@u(<WyL>i9&@>|GbAjAUqTU5db
zi#TU`ITL$1V~Y&g4ccT_#qLDbDIcaYaGpD)rrOr^%@Jpd%uSrpMV@<#(Faep<{{G6
z1YYP~ZGb>fzlSFOx1nA*!u>fOcc^%$&?vkTLpWDETReEIcD8!pnOpV9khjfEDfA%s
z1H}SxFEKTIRygaT|LqPQsSbXM*<@z&@+Z_FiR!Y$`Bp+ciC#)rkHej@y_ijdG@b-i
z<QK_Qb6{&QMQbqCeO;A|4xZyK_)4|SRBf}}A5n>CR`XByF!SEoIqUY}Q_cm`@O0I#
zRz;)Pj0D)WqMLCIk=gB;-Je?_?#V{0!d-z$X*f~XkINSeOFX7X;2m6#20fl4JCReQ
z*!?}bEO+jIakU0(Pd65;8A9QU3z!r43<?<h(AS(&A}9O<N;^i|CFqvYi_G$9EB0J8
z`XG=n2Y^<xb#yPD8MN%mmEM28u2ouzb6l~7iD_c*-WUnEB7o7A{W8EG?1TI?M00sF
zi|)eijf7{Z5anb7Kh6he;XqJxB(Ne9Fn2=eEt+uW?BG+D&idl%GuNF@aJX}z1+){~
zb^k^I&M_<+De#5ES*j)PbU0t!e-7;ecjUj(9dixnNr4>w>5T2UhUMp<l($fmI+0f-
zQj2)xv26cyco-&lIBlvk+7hTK9%V~%#G=sy3GY}AeRXAjXKbI;ZARbKQ$)0upHt#T
z;=Ywm;Oqa)@A0&5yMVJ6{@>nv^IWi@p@=9wfM-y)bgVsSHNMS@d#sM-%%|rvpZ;lH
zdJ>?|d_G4z6#J;IxQ7vo8XfV=rF)-TjL$Ex*5iO;_Z5oy;k3`w>&ZjtP2*Y$`60FC
zpF0%$1{FWR8<LPr#oR)(6{|Z~Y#3*9ak4RzDgV`BB<BR(E3!3B>sS*m53@C?i`!XB
zuZyzY@P^9Zr6pmeV~aXoMjguBoXOl|Y(bof8uambHF}-@h%$Md$J=3tCJ&>Q`<dyd
z$hOE-aa>*wfBYS*&>5CLu|J^-w0sC*>X31&*O6oP$@Bms0JSqU+fLa&ITrgls<Szc
z-6zNOehw)Iczr#3pB#TAhnc`8qlfQx<!k$7`kG(O%gnJ?O~pPraCPrjBQ<R<a6$JM
zylB?n0jxBR|H>9F-KX$cKgV~nIm+{Lcrz-^iM&MtGCRy@lV61dPhJm)?vvw6KgYmq
zjv@Qx2>CfaBHgRwsJt9rH(n$quN#B*%OJsgUIttsX8Y;YAl>!649r_LgJx?GozQwT
z%+e$RpC{yH@V9b(?^rvVtiKe4&g2hTH!{sIdsw(I18Oj)&IzUlz}w<sh1ieSi)dFi
zHKSqZ?RjD5Ony(c>i=@LuID_>m&eE~Q~J@}?fCW70b6JyU?pUgULQ$JL9O-}+qpi7
z1QP)sUnlc*Tw>IpXaTyn+pka=#l$t;e@hw%0#f7Z$G$W&KpA*}bA1vElg`AYWkG%l
z;4xl+zfx%0Q;qO5jf%TCy69tw`|5FYL&gWEMHbSUb9!;nqNk-1=c#vMLh@Y0lWu@q
z#vl%V91t!DwR+1XiQG-@kQ#M(0e41_*+29*YMs3U2@ULnyWj!XiSMEex*2c9>Wt$e
z6OJT8h=_Xi3lqpJ>hzXOlrEg#57E$O0y84AoqHIvsfe>0*-@c1<cdAHvim6GizI6B
zWk`gvW+0QQkPn%v5E137>f-y64Yj<E?qj;T=rz?^lB?BBnW?&dVrm*%6R6leXA*Hw
zNX1->K8-@9h4GXa^+dqpTlVWZHMR%Qlb95UuUfXEnV2rxtbRtt#9nWzY#4~&$K<)t
z37!ZP^)KY|tdT;YiTAlN5GgC;6gz$iq*ftPiX~lq%|5h!jLwCpE*7bL$7&kR?Gu@7
zS)jqlSg}MHZ4BE0;jZo<nGuhL!QXtA&}bdXf(N5gD_{w-0A>|)pu^Ex?Prq$QgK1U
z`KimYGzY$!2^I=*dLfLbRNru5ThuuQxuy0D<Z{G$yE7`;c5coz?bYciH3ifCM+DG@
zFgC!KhI~zG15bcKD(Js;g$&=6sn(g8Au@D%>)6phr2e*~JGZ>T)JEfKR<f(dH~G3E
zHljqVrU0De9|*E66_AOur2?{eV#_;0I5r9Uv)IQ&=R}a<pZpV@ro9$%7sgw7ymy2h
zFC78v*5}Nfmv~@_5HW-ZX9d<+-X~nK!CLq~Py*OkBZ%*<WE1T9%q|e3^`p)l!ozC%
zEpvpylhw4B+oC}NC=nRjr$4DI<_LBI%Pt244?e^T+(T$BB4l9@j@9@ns~1l6D+n3o
zqi{tF0-KC@GA96L<4nl-FPEzJhqOjo2N#|%7$pddXvAy`vwOLD#6Fh)auF0*6ZIli
zxac=*hvNf`Ih*u?Zw=BT?E}oCanOZX_&AUi-h;tdJyE;psxZvYEIPmJc_6vE>{%A$
z8TWs*cjB0iFbXq?yEJ?SRZE=9Br;kiaan-)+7hpY9ukPUBQ+x$x|t$cZZn0{@&sBo
zQ`FIz>lqZIpO<v+SuU8*WXauDPs1+s5EY_-*6d!%pmR0Dz<I>0d7sJOw}P;aB_rMp
z4`~iPM41A&B(Ewdu>3|iF;PV*`VR79Pr!B_d&EeRnq`Ccjyp%0<K3~6^VB~|`Hp}9
z`;$%bK9XC{T5H*$j7wHUX#55lS<jcNotHhG7F)jIU$&fI^T90V3Y;@FtkwGXJ9BAY
z_eeGGFQxkWAjg)Seu9Mz_zP(*J4D(!3tu%zw6Hkht?!pi1eraLh?zN6<sl(<RX%~r
zy|r2f)C$|UL-fsGS>^4&U*7p6B&-WP#OxNhvS*~<+JX@o(x=xNf!*=B`Ptt;IAT2@
zdaZ%+bIp!zM`G7PbrElKGJWToEwU07p?UTHs6kKTL1cE%(HFBr5AFbd0ExWocCtf<
zkT17G>o4zYcka6%zeOXR@5g)S>puHY)8{XunExw?kUcEZNnJuRGYJ}*eQhTle4|4i
z<T&#AE*B)w&z!xrpiqCGn{gl7aon@<*RUT}I)OY~;+{7=f@cjkU;~vII%Km>w+)<N
zFR=AxznDa-lM;o}rY~>1qw*R+`SS2iphT<)*zlvKnqImyv^}$!032MRDiqi>F~LJ0
zaNU;|WWY4^kSUL{ZL>Sq6wP2BIO=;fc)~z|d9a4|Fwb%@&$qj@yj5J(nyJH}jDl1o
z*DMIg%%nkm{~-cWztpR(c~f8vQwvS6{$td(4`wnf@>^(w{cHSHkCTk3HrQG#8BwhW
zf?6YVu$@V{)fd}`RW$3$>n1Iz!K1a3N^EdyeG}91xguVPj<DbtSwma=;~arV&TB;p
z{<k$mBH<ra()-saRf|oF#=}=qJu1{n?$%oIm1;#o<-_e4fMTR<gLt>t87TS#HrDWN
zU0e%~_jtEEr6jV8pO)9r7QT*HG=3m#h4QIRZGUG{pX~0)fdV|<i5@cePtT%#7R+$E
zC8+Mu#tu!+e-3W@v|%{N*QkwH%T6{9REj~%8HjiMV{)HjjI-cjUA^5CI`(fCE<^se
z0M;;%Ws%+~KtWG{MqcMz8~u<Ov}Z=$!R$G^Or3(Usu(XJ$A;9C9x!D9$%n;GfiNGg
zD61;`?5Rb09N%4XyAQ|rd5`1!d_Kpw^GOBC!wKR~Zi9ZwG6-|He=sGQm-bCv=wrqc
zxwy))%<hfh0M<=VqxccXXk~TYHgsq~>RXT*#R{t+1hFX^SQmkuU)mif1)boCyc6Pp
z`>Pvq#Idrn(4CPY8k66HNjRg)wH`72SRCQttmE=vxbhim;Wxz!=RO#CA{?M=8z4;G
zI@pZ4<9@Mc!R|hX>6NiR{!jhaAc4QDbxfk)-{~#3{=2wPXZ#&;u87|a&=mvs;2ZAM
zsZRYJoz#re816}>>|S&g|2=<4D+c8J*9>UYMa8pM#l5>1a(K>J@b*T<^LTr9d=iWZ
zT&%!|u$J?;D+x;jHd<)xAVS`iu7zSZNllw>OcLrl|BKOYwebd?ss9}6|L}YJ)NfR(
zvCo_o^xtU5d!u6SMNODDEUM-PRt|5@(+SV7{|xH?<G%GT38czYJI_HH1J8cc$Ad_a
zdQ$0)1Y}az85Pb>OIxgEEiCqYEtR!wg^8pw=UOVix?|<ug+XLxSU7rL5>!Cg+G8v;
zl(|`;o_Lp5ct3hVN=WZ1|B|tb@a@oJ;G#*yhs~Db6u8YR_xY#52i!<FULs{5ax8w3
ztt(eaaMrhJc%O?$HlJ|WPIJ8O5^8*3V+Rp^;EXTivC|n3ZB6(3(mgMypI7BR%w}Cv
zD<rNX)5{84+hr&>vSf-0zH#VAb5z_8<@O0jC5|O16fpIpkt~r=EvRdaJQsQO$%R(6
zA($KBO=M=Y$85rbe(s=h`3h&<_=RUkirITtv$u_oK|*F$f>hK0ZKnT8uQSzUIAW_V
zOKM{1{|6NFy=>G5NN*?o6KEK4cxJv#K_(+x8Cg<H?Y{GcJ$44(>VUU_i#lwU9K22M
z4BlL^N^?U7*p_JSIt8{ZOUIgZnE&xutMN6mxu;N=yY$YbC9X8(bM*jxcX;)DKJdNH
z^u49&dxP=6o?mxNb#GSr?3x8<-PHM-EgieaS}A~PGqb&wQlb&xGUqUr3t;5Z<OAcx
zgiQWt6?wzJp!u2sw55=PfEq(=xJWB%syFrd1-zE%8rj~~inh^!=jSB5qJU}YPzvod
zU;wL`Lhq?%Q#VaeY^Tf;usE8;nNu6k7_#mX7TdB9!?nabJZ#8!UNAj$>AQX8JFii-
zbmD*H^o&oW(|q?M15U@Brr5_v*aLjI{}KFpaLD08;2fI5{s&(dp8t_j{Ew9Dq$yR~
zI(Nzqb5==JnIv0D2jYKZ=A)lu|8v^@_CI-9zmok=)}IshQl%Ig7&lT^;5=<t{bb|o
z%w-rbh}xo+pUytlupP~~q}1X2INOu%zjs@o0yx@DEBPi1GngVUz;!m`!a^<z$#WQi
zp2G3j#i_E;KiCk=)~l&Qjgo`micfd>j6JpUs*dvSiaU+&6+BG+DG8699c&;F?(XCx
zyLP5kjbs6dUb6)%a8S=*n_;0AVoZeA-Rxq!@`Jh~!?3Or{VuWNg&WDau^4t`X;z$x
zXTAP~cd??d6IZR)37*{ETZcNFP_ZAY9?P&FHQMC4|E*5HmVEJ>;yn8B)4{((0n~QZ
z2i$^f`}_<d1|;SN*2KsR2(2N5o|56)AASd^m6@h=|6NQ1uEy{KhN>Xep-~4T`4^LO
zP)eUq7YZ7zNad+z4Mlb({)eG}Ry#>#v_S-L*+E^Fw_8m7fwL6tq!_wu{7wqS*6egA
zKWK=r`7A;~dgv_HCAY!kO)%#_ajDix{u6(tmqg)t{Ev^0=45KHKmMo_@Lec|U=TL5
z6!M)|-ypw<kwmZa#>ESt#%JQw$+|80OMH4<qSw=i36h9x&c;WwoF-m`-^Gh%Lyb0Z
zAN<MUF7fvv6SyPnv@DK}3?=J+7EN4)N1#j4oViFjyOI-T(h7n)MJhMRU*gAZ9TE#x
z*YlUS6dhL<_pCLT+K3UFyvi(ZzI|Xve`(|KmsXBzqCF?G)jGz{SY^vU(TVa;)K*Zx
zLyn1(n$kCYk40Vap5{3%dM4|%=!s69sRa=QX4lC-f6e~${hM9n3BK`fMpuU3psvWj
z8SOt+Ux9rr&F{oA*0lb%XD>_R&l;0iT+(<Zv-o(BgQ1M0v-Hp(2&Qrg9l)ciAP2v4
zZQocdri-&SOn`xKU~MFRVkCZHFyw3uNqcIeZ~FUjK|vRElAf@t*Maf2VHlkl`mgyt
zWeJW!+`Fk$Ly2FsVXi|wth%w}%jc&m@LXWM44-4oEay{^N?Mg0YdFz!dm7ewC~*Zv
zkDK#Q_{u@|Mgp&=UpMUE6oF~B*Y^!qykjk#LV<9AO>&xUKNR>Z_DSiSx=7-P!UgiR
zHt3#6;N|q|#(?Zb@`fH4#)(#JjwY@Tm?&e}^TJwonPDat%@=$2IMb63>{$Y4!Jd^9
z8^hfrS|}dPi59xr?W39(tnn<9WJ`252@EZNyy4h8_@R*5Nd$KV5$8m87$?f}E6M53
zZQ~CPW^;4V^dZtAcQ*M==OfgJvrzO#u7_Ye(dMQF_wmFUXGh3L*0#?*8AEpW*Yu9M
z!@Dudx`kK(d#Dyy3!J2RHUCUC529w=Dpcda{ROL0VaKbn3w(h#P?Ei#tJ8^L=Vdj6
zbnJ3Gj=U1WxGUsYccp8Jb~L^`m)H+4rA{>_UB9F}E>KZ&y&jgF8Jo&=nQH90e#cj9
z`O7V@%bY76Dx!1G)Ht6I#F{>vW)aQ4T%D-Huxl^2YAqTCG1cZN-0Psf=9X}@nlZC*
zUEVA-6x28$D8echXE*-dcqoxVmp7E_G!%cj8Ui)WZp~My<!xE1y<AiD31uv2mT-m)
z-Cl$&_Qr8t-Z(Dv$KmodJC2t_MMQyn#yyR)0Q>Om?&T<EdT)byOT+~av5&jVI&{HG
ze-~IW8FqVlwsG(0&3!gg%44j*;Uy2>ZXy7?a(Y27!9del<aGZE0GkTXk9{zkm*IMP
zmgbYQ(fzsiDGV01Zq*%6k>a8(tPgoiIIHC5gGG!YZa1%b%E2uCjaLqN>GgQ+@K<&D
zxB!rMq?Q*!(WPat@&8tlsBN70tZaumPg0#aJm?o=hyZQG`Rq%*et^F$K^K}os<+(K
z!Sk<N*YKVz&KWkGz1d}Gdxgc`Fdd))xp8gpxLMYq6q$;6jnrQnPOqcOnN3Dd_Z{lp
z%6<gdhi`{6-R9oFZ}Urrjs@-%ehSC*2FKL(Z|#9Z^oC&S0`8ot3FZ=&8W9fQ1;TVl
zsb}!+@3|$&g6g4di=zQNznqp~`|HBe$|bJD^(%t@TJ{{cY-M=C>k>_cV^7lH;MA7Z
z9=%d+K1mIw{EkTEx9Fc(x^FwRg*@JXE>0aqx&mE`rr&DF={A$+HS+iuA;ysUz7!$D
zpk<U!-_^U{BWHY<HMO7@20oqU5x#=HQ(KpGpZd^%g49d<(>Jkg7`}>dvE#GLO>DaB
zplFCHP-;sS9*SQ-EHwX?Qw#9qPo?-;D~%+^;Yw%{My9ft9aoOmCL=Pv&4zs(a+0Bz
zB(z4i#_!}wY>hSbBv_sgvt<fw;x;A5cQM9m=DrFHdcq%Kj!HgSNzRV)m}rqFAN`Q>
zU~D6`Lo0fZ<fGf+NXvXKNAF<Bv7HkWau4V6SD-W~fqroQ9*iZ=rD_qguv`7_XLa~K
zobMt(`Mx1il(ZVhk}!Qe{w7+PPl9^B8=5|DSY8}LlqhaF8SlzaP_N;f?jx&F0U)(G
zs<2y!VEvd_!5qL5FmjdKll!`vj4^b&X86k{^7LW?LtZ*K@IZIZnU{{NQ}`Tl+L0-S
zoY#cq!q2=NE!v|)>tb&T@GKpze32*;4J~d8NusIsLtZeErebZ$?0zJk_4z0H_4`x2
zNjW>3;lFI8bMrFQuZ~u_oQHR2>c%?*b)%rNe>_j>zjR=(ehpxjSAR|<8ZPqA++Sqs
zHzLv1?nz{1y`IZzl>cRW{(9}=vsn)m9E#m10d2Fmg3as-ez!x3Rg~zs!k2aU{u{pg
zYiR7u?PsJ2qct?k&MHROG$Y(|y|!{48_=Pe%czDcODS7|eIxTjc&w&fFFswx9>ORG
zj4r@pCb~ns;-8U~v`*reONS=|-_1UJH<Fu;R!ZbfCIO!fvrEGA$$%Wb;yr6&IiNy-
zJ*MTOi1imdPdyc>XtfshA(^z#(oe_Igt&cEvl3Xr#+;53l6~c<2kpR`^xF}6a1$&b
zYIc7LEg=G97zF)bPw!_O*T;{d6|aO7(Y+YS6MN=*0+YXDHEz&ooo|(u<KiLW7;wwM
z8&}Kk3^x9`fHu)k<GlgDUE{o+1?G=y8sESko6TYdywa|Gh4{RelaoMCTq{oEltc6A
zLVECCw8F&?LtYQKh)VH6*T`XhH#S9_l<)s=zxKD1mkCeTIG=`MZ?Ku(h!$<Fkv+JW
zMEUJ^&$K^iprTesoy)!UH+F3QIi%!f26F9-fcU)j8#-zKb<@5yJoDTCtq_ERw+?Ty
zeL&6No(!@f4*Y9aXZI_&hrDl~Rg9JiuCx)kKM#g;gjp95Q-PyZ0!)MNhA}6vgr+|U
z=E^`l_vvyfZ0}|;SA3iYRkMMrr>unw=?6ymlv*9N{<6V@rQawsz;XhT@hy~o68nAt
z>tdz>EHo~0{2>6>Q?q5iKj?14Tcux*5J0T)EpO=86}WEz+nw}I-QZHl$-Z&=x;#AV
zbq!~n3^f`*rz9FbQ7|8=Xps+sVb;QT!K%@~YSy)dF1`?U)<!E{@Vl7gTY6n=4;^gQ
zj0RqzbA9L>4xtwlQZBtUQu!h*>1^i|a`kgMhtQ-$<XOLC2H{6=?ypHPUCQA5#$r_1
z!-4hTA*-1}dkBG|Kq%$_P{g(oVS>3ey`f8hcjlUt7K3s$<J}$V2bRIJYOUpmOohi(
zv~;Z7s6#Whw{X^EY4-SvJ?Qo1+2&$QzjSQsa&qBn(|A3LAL6d1AEG(f-~8nuGh{_?
z(HublriAA~JP$XlLNfWERfMxV^OaxHjW1Z**DylssMP&Cz30@2eJY3hkl)u8pkFk@
z^!5W%_y$XKC2tU?Q4yIJ@V4wSs7!ham6@^npP_!c&0Z0@{xlUw<3NjCgrMO?3!{PR
zjxBtb6u!}d&<8El$Y?pL7B1*$vs?}6tAVjz2^zRQ(?E!%PA3OB6RRYHn1gtJ-sJdS
zJ5Em1#j4%<3-ayv090$?)hwsCPmKKEAmDX%JqyNN+3)UfU`0r9NKlYj6cYx1g<C;x
zTJs=amp4I-xRtjrh64AA>}-CWdTjuqiF!L7>sJ7Trt29SX0^v=a8LwjwcW%1mzxrw
zb+7@vX5ByT*8T{<(Y&P;CC73`3ijFaKwllSsh;=^C>-AW0HLMi$x&<x+0bGBxom}9
zv=(8(VI}ef#Hp4o%M3(m0(Y&2Wgw`6)Z9GuOHI@pfiRem`jZ{t0OG*+i+XK_@rU?B
zS>0G_aCv>%!9}fv-Y5lnitM8IR1{K@kblXbJ52;+qT7!Lst@O6D^klE2mGALc{d2D
zToiHr=xJeN(VOv<;*QPK=MJVKuVV)F;1130l}%z13`%kp$Sl+SDlh3Rk|KfE!hz4C
z&h^<2M7f3uiFqR;IH3EO$+sgM_*jHTX2d3JAo<*c`Mi0*&rf!!<|TIy`S3L{`!Gg*
z-++#zUOLP*VSO1q8<8^))^J!0;fh)Ez%cg=9!v40`<&Nx2~(F6SxW6ADC3<^#-<rn
zy4OvD3lFP+_|;`4O9!R~aDgf@8ys0ZyYx`LQAkU5q`y>y{G}ozQ|mrL1`6$G8!rg_
z0^4|rHvrMpZ#!==HKwyV#R>nyIz>qiPW3jUNp+JFCxgm${`|5*MQG4$Ed@!_`3)wJ
zYa2?NPXO&i0QBcF1Jv$)>`H%TOmEF3ch+IE-BPD?*5?D82Ui@a94Tn-ckrL*A#OR&
zXxh(14v{7{hw%X4J>7rJvtni5jHfF6D&Aa5G@!qeLNuW4^<{BZo)L+kE{B6RQV{|m
z1QO}`i3oti<n4b1oYkEF`TvB!YotLVyzbzgo^`#sIJ+U!LyuIqh%{leqVu}f!Jc5j
zw)+9ph;zH~vdLo*KcS%&XIc8H@^jcmQYb#twi64Qm9(J6$RKg8*~U+NLCMJ`Z+Hml
zX8o|b>?GS7z1F6#yD1orUsWpaoA;^S%4Z3=iXkzP#^h|TT@_o)tH#KW=6_QI2Vzwi
zv7;4^&lja>lWwbEe7?%-=LkLH_nM}yWowi)lO*Sbp~jU^V_AvGUsG(y?GfRwQOYh}
zY|0YQn<faufL}N+s@7fHE{;bcV-K^t+U0h|dKC5xX=%R6O$1s!xf7`grA2sFnQ!-&
zmGey9nBm`w`E4~mOYPBkErj1ZoFml~$0smjMDsF&l#i1GUELF_%cjW((to2wr#xnM
z)Pwkh5uV37sg#7fUQl5AlsNu<zh9A&zw!K`-qD4knR=76pmeg8p2!ywb~6QMzhq)-
zr^VWjs2>t*C)$pjoEav4ZKjW@@g4iWhW^9AH~l9XdfypDL;t5YCh4wsw_-EY>)4uN
z_XsMZ8bA30KY9N_qn#o7ek2~k{atw9SxFWq^QPns)bgU0SCv|Kyv~lyj&L!iU)d23
zFxC%|vYC>7Zn9&Q1r5KZa=#zz^)=Q~ocamFKoFGf&M+d=dlKApEuYkLId2s-Sj!p>
zq_d=}7-IH9EFZxzBbs$TvGr&)Q8>J}AO*d*;_TZ7N_%N*vu``IZ`voRA@rj4+Mapx
zEqT;Kyce$gm({q^+($k|pj0^6_|V&D78Mk2Sn}Ejm=bX3H1yw3v>GqqvTQBCy=*@9
zC(ivWw&z0Yw%d3QU)k%&k-&SH93UvN3mSf`X&fduqSKOJ;~pjJ1z=77Ncm9A-qz?9
zi&TIe;r9fd*A}P$R+i)?`HY#-RY)vl$Ds}&TVrNq%v)+Tohs%N`@Dd>?$>|`pI;aI
z`1<-@3qI~qN-vu%(&a>wdoNLz)RUicJrsw_GMx}2XrlsQ8twI{voksJr}WjdX*KC=
zSIebZ47HT&hWjghGefnS6eh4^J753OcAmLA*Uq`3)bd71i!9v1*RTsB`jnf=S5|vH
z8itVAY8)*VNP91<=@`>d4_(^v5C|v?)O%RRsKvi&I3F9l`Hw$pkce&l1^3=h*%i-Q
z3s>{qXMf!7WyQ1J2p}g6`y(Ruhl1HO#<lp%3cNc_u2;1kdR1e3)g#lsXC`L4Igg_?
zgVnR$l-B+^U(&r}a^3rw%NK4e>E4aZPsi?U<D0q{E9@|7_peg3z_R9e1eXSULVu0b
zjD3u8$n6HLTTMc_iqhK*RCarqKLtdn21R?5I{%?ICFur7di6%`#qJIPgs+Qc-F7yk
zhHC!Xv<@mZ)!++YN1N7N08yT|l!wqO;AhzJR@2pdQQJC)IL4aQ*%9(8`lA&=d{j0X
z-_W*I!(GXHe~|hN)V^T)Q)7-iy}N_dNVZeP+h*e6(>v{yaEiMPp1)TcRSTndbHtDP
zRo!}t1pGO$<KJ&K864po?VS;t0WsE=cjqPWJ`m*{iMB3uzcPs{7CdUsMY&e7ntq^?
z#%k!V`pSJvWA?C^FqVnQseb)}AK89+?P=}kSCTL8*YmqAq?hgX6qO#pXH^QmU?Z)%
ziZx*tr>VQtka-&1k>ZZ-UBNG>M;)(=eYt@TkS<+6@K#?2nC+42E2KrKsq(I}MQZgv
zs?vFpTk<=U!kr|S@*Pru!d$|1wQo|InvLEd9W>x_UVd$6t*Y{CGbsx8ovF<v9MMT_
z=0l-A$c@@UO*ke88de{!`&%@5Fifn4510@6A*T954>5k6n$t*MGXKrX3~xX_(PZT%
z#a^#o-3jvQ^{(NnSBHB?Yp4C{eIi@0e37W$W>RzwFE%%lL-?f&#{j8r6+6Akc=V-T
zT~kMUdHk;`(a&gZnXmqB(c{K6Z3inD0lUtP4OA#txSyx{HteMT<;LdcH)h~B1G+cS
zSPtO5H$kxXrmWtZdg#67j(jbpm!{3GH*+H1YmUrFypE%NXJlkuumO*?$ZU2cKO6li
z(1q<Jkx&!;suaUO8`q!>=hQxWA7((fzE2Q-b{{e-#-UT+hx6la-kHabQvFclyrV7o
zHv^%(A8!<~sUGCDgdVYUM1>`v0!%OFX*Hg%>e+mEn<uqa!8P4!$Ny+Z@a!S6P=+}f
zOk)*ugatlO=#Xhjo2#-c_gqo)^VN)VZ`mUAZ1lo2&_El%Ma<vLlb_B0&!6$sraWm;
zW7)mDr-pZsf7$30o0t@YyB@_9TuMv|0#h)N^+6K~#hHVME=$R5f8E=y!$j<kP#pLw
zW37E`xbn3+?1vsL+iAv0p^<Zf4ZloY8drf_a_SB->YAil3BMm@$%A=wE6phnTCj+A
zS0VoNS*nIv6+AGTkNUIa;pqA+r6YE^rZvfDyV8SWE7q)Ed99gF^hs|1UdK-42CezO
zUxl20LA{&mob!Xh)YWQTa9MyWW?Ew*{P+bdh$)g76tF8_tQ+4+gHsQzLCrRDiT!7L
zf~NsSORMO>zC<D<;(VruN4sW;e(5>E|DF7);z*<CCecRO1aFoP`T&O5Zj)O(hHW!J
z05v)Fk|1`nK5&!to;zV6LBg*!>YilFV0rxJr~Y7&kdJ0Es7JT`fyO%5PQZMK2jXGO
z#1W%9U7RuKQ=D2Rx~oU(-b{h~N`zVIPFEjS2~@iqrVEDDMHuyLDUDOU=qdLSh*^!b
zjTu=~SO(wbuvWNX>I*oNzYIdds4nZ_sgd@G_bX#J)0OX(o$Ji$>I{T6!g#97CcAAA
zjQPFD^h{qF3V2roD2exspGWz6hSJ-)kf9WorGBMOJV;Zm1!LWnJi*1+Fuobg!YRxt
zR2H`+5{A+EDFO~<cIFg1lLCv_Y&fS$<dxF=n+z8gI^zPS?4s^6%}rgaAJ=H=W@a+k
zC=c;1u&8?~5?bzYGJ8jykLBD788EEFV#atbgE)_OjHPgICBNU3wJ_(}aq15n!c;Bd
zyPL`||6OzjN`&__eOZ<Tp$8KEpD4*Xs$P@)&CiW4WTO9HGpWh%o1`4?#oRZ=e<ARO
zAAfnfnvwqCtERmU@t4a?ez9j96fQ5JD`UYr6TJw`l<_>z6SG-*ek;N)Te}eje&CpR
zWMJ`_k&%Hr>-t6Gy$Q=_{$&|JbDBwwjvUukw|q=u5EhUt+weFaj1uuJ7jU^d`h(+e
zf!-ddUl=kfsES8$wCp#y4EEsv@x_YYj6puCTDY=~5=^@BTyvYcxy>FqcIT|k)@{}N
zj*hfu{nI^zH=M?Vu3*~E{Q3t6K?wI>`Cl2`L-$_KIAlI^;OpC+FEz_j!<zb5*<=%F
z>p12=%54N)0#NG&Xo`ca#v`>cV|#mBjmLOzmetfn8RK{Acr=21nHC@&;zmRyCmm*Z
z>MtLjekiSUXQ#N%hvXJXQ(4hIyE?ov84k2ZuW4UG36ucFR5qR=5WrRX%4+NE7en(u
z3Dj?bDf9`hAgGBrJgP6<9C6k}oek76=TUQYe~e^1{j^=V+lm?NdCk+Rl4yur{+sU8
zR|H#eKn?lvZHx80VlBVfCbLEiPtU(89E9((21z23!S<q`ih+2mU9oo-(NUkOyAs(l
zP*GOKdG0S%3%AtN4JHm+*VGJsvzEPQj{6n(riZh#%+-!(KkUME&~cNlPF8LjK~SYw
z?Ch!%n2K^Q0?4H>mLDBFUH!rj13n4pJSw1mo2V~2JEP9W$uec|m505Uaf$vfT+pW=
z8ULwPHyh6`r%!1w*tXWxx|ZnGW~pZ}<}o8c%jbph-GTlJN_LFgSr@5z9|`Rq!ecRb
zred?T@HZ3<SMIfLy@wY`!g@qGY?0{y(O~IF;sU1SH-_klfT7KPCc0BIx%KaXz7(#X
z>C~4o5?H(nq&;^`V$^5M1(KLkPq8c7SqFI#>9~LB-6*46(w&1NFy}N+6#kjC0K?C`
z87bO<DEh{UMhxBDuqjod$s0kP@*0&oDjZ-pznbduKzAI-bmG^vE;GR(98FFh!ifex
zz=t>_2ba9t%kJZ&y?aB3LKPdh#!l3xiF93BR~?z2B(%b@q50pvHqgNOdE?f?g=60p
z(bd9hG~NI|?K(KWgl>A01oyjKQSp#*x;sZZIeuOF1BVzr_1o20yk^+&U1rlDK>U#c
z3`D2DM1X;2@}@%%%_NWT!}!FggHZpRS$`Z$IJWZ9)osiun`RC11wJ;87+Q!gkS4wW
zGq)MjbOjh-!`QJTdY}@jjF10ubtb?7`mE84^=2Ga<Eb>{j^q#i*Z)CA1^{<$FU-H*
zbR4gLikWRSE@zx!jv$elI<CsYEpHV*c%sI@uTpu1Y1Ugw>J;sR33dW<fv?G5{!Is{
zIr+(_x5>&kQ_Q(2pw>8q8b=dB`%FWF0j!M%zF?*rnoLnxRFNvY&pbI!lVg9uHQxIG
zcWgcB)^d*sjkTY1%cNL)t<|U)MX~nl>wBEpqqLx);SNQy;2_?S?OJ!bCbm=$^_Ye^
zaJ5Yl_9v6Szg6T6$)FRVV7G-f2yP`WK*O!Z5+zmgXTM69{`K=Ky&$jBPYv_P+^)rB
zV_vE>FVkExLls(Skp_i(Ay=B1`mXr#^@Q8R;}E~5`G|vD1@6%%3$cSh+bB<qW+zLK
zmwpYU9@28t@F*0hoG@+1XOSuR4v7(H0bR;b_?CDEMQ$DbQKv0*;e@3841$4*T?sci
zV2<sRJ)U<byZzWZV+uU|eP?GQR&>8pzn49MYY?kR(r-IH(>o=q%nzG5k)a2@W8ys>
z6WBCx1g*n0$?VbLjV>NN!q>d$pAUBBU594QhZ^hb7qaKW$}_#=VH=I%xgmmT1y-#U
zEpz^1Sadoy<nN3FG$#3meND4D9^|OBk`?_q-`zWvDL#|9Gr;$+%@4a|pU(C6?A84K
zot5pM;(>8~eM$csCUodqix%+AOus~q(J$3x9H_$D#>*)743!&ZAIs_$v3kU5?&aCh
zpDsh#R3Wy=r$5Mm*mXU$EcjZffL9d)dcQpaeZ~1VhK1gn?TXfMiNaR-9U=%S`c||4
zWLLJ<-7i8=HEFYEDoFHi8sDcN#V+XoEnYYalE?qh94}e=<^ss8Jf9Wc>da>a7(JUG
zEadr<0iP33XC%M(^Cfd*6nviNN9M^qzZLkaMk^K16)CK5@>~+^uhlAhEr_7YaGjUQ
zr&%6qD>iV#26c}qt~<`2{=`hXYtQ*Ng1HOrG}=qd17~m=6{IzuZ*(+kO+6fzGPJT9
zZ#58cUa1GH7z+GU=s7(7Wze$;;TU?@L(kQ6xOHk@kS6h8hHr<ac|z#9itsNXt2U`2
z##St@Quvq69CWYLG`$RZCRpQ(Hfs8_hKz~d{)9oz_ejWbNTgz;`e`+uFB~(GKLEqW
z0K=!48lr*Q+T)N+pG}8#K6E($g*Y7IKzoLU@yp>8jAT_umDTrzSpllKB$zscHy_Ox
zYkwf05cUB!;Pm)0dxTCn%FDqEMt%X3tWr#%piGFSFx+%KyJJ4Bft-m4<Xxht2=kP~
za3}$T%MBF~ts#egCI&xWswB^-zeG0!8{-?{Th0R$hluus@rO;Vbn7SkjjEM~UwT!>
z=9U*U^izqTeH@n7Rps7BkT9*V%wAKV(<pVao#3wNcgB1nTqU^+PSV$YRyi%$+|jH)
zXER##^;z!y98R(oLcQ`3-JtL9yC2MjLvEfhLXUk?IBRG$F%iqk5Zeu-`U`{A@gm~J
z?3jHPf7A67j7J0j&Qr87LCkD!hU0_mZs<pDQo|OFx4hd^?ZK_J6<rNwf7!|!XYJC$
zXvK=UVK^-C9k2vbuc9&^oOJ~XfFIH()zaqW#J&m@E=5`7CGyYOfQ>x#(UHdTgFDCU
zf!6Y2)rku~MLTTI-nxrgd-So<2v7YGZEas~+gHrS{4wa>2;6a1eaqZ*-!M1bHYN}_
zGFFx-;7emfc2_N1aRTka;9u9*EvHm8F_~Dc6S^?)owLwU{G`Y1t4Slo*JSLhntO(w
z6{%sGGi#x?7@tr?ozUG{KAGse(}<o~)lG^3zA@^h7^7ZVhE2`O^#@akGeu|{E3EzP
zi&Hmr)?q3Aye$Cg+$>c3D!V_&5)~s@M*9J`^qm?yb;x#A#?)pTf}th_-3c7mptqAX
zT!aW%c+9<)-(v!!6UU!cU9f)ErS(%;r@c}ZZEovYu(l9cbaU0NkE~^@s>)YGI5jp`
zp~M)ns@L!#T(NT2Z&197ICy`%!r<zNQ(Iy?SCm#Snp3`Le8p5}&au^t#vkv##G&8X
zV_4Oq8v@2HIPdNX(l}3Zcj5c#xVa1K$m5y^m!;4Sw6hR9Q-iYihp2-hDVHVec6?L1
zZ_AWUo+5}Fi#45vHJ!Dy?p1)wLiN>RG&{$|BNm5EF=2xH5M&n%x(7p#XiKuf``nMC
zBhTJh_cLr{z!EZ}>w<DP);N*Mmm1zcJIciK<0wm<dHoya8vE&;nQQD(cWCG7b}vVW
zX;jg~Fy~@pBaOBR|AXD1ZPjAfwYOWycwUcKqj%X4J$?O_Nmm|qX2I}X;mW6~tRJ+7
zuX)}awJmRT)d4YByjlPB)m23{ro};1wTReG9XHIr<tsRDD0=Qa1|lMJSn{&Qj_4$(
zKVk;<xHw{-%ZlVt^B`hxo^ldFAY+f{z9qAj_#;brN%ueD0coZ@vLTzi)+7(`l9Sow
zHj|uQYI2Lz^D1dK$w@C+^bvQM-|{yS|Ep*WL-+s4{C=d_{7%<bqRayRKf&G;EZ~Bl
z(<fL}B74O?o=GD1g5N14l;(3Oa6bmjO*9dSKeEBEq?!iS>fNjBQ-q7D0fLw;{SfBP
z`vvuV-RtrT)KO61%T7Gf##?gEzeIV*3LvOPMH+f$Z+W<2_^Z4YTFctAY3{LO(T?EC
zpSXESvNv-~C7OZc|KShssycZqLJhxc{1H`~Y$QeIz>#B2B*?Gdsddb^@8tSjsv3Y#
znT*3$TFD-MffGi_+2&V9;-}eiPZpnAY{!R1I9kg&E0e!buj0MRGOPqln3JVkKXiiE
zGi}^Zq+awpF>AP&rRyj8bNFC;r|W@=I$?}tznNJN-2j4CG0X^9P5f`J0(7mwHH;>$
z*5<!xweU|u1B7=6rK{l*zol_%sbru1{Uz(wM2+ryy4UP)FE2%!CfaApBJnw9csCNb
z(2Q=R-{woZX>%X@*e`;&{$>Pq3}9D1KL0PlZRX8D?a&{no?fgMmrvm9sd{42uuAV`
ztXPw|1>zc%{gEEJ>d*Ps%2OAEjG!)kcBAo&Aa<jXrx_I6%|o$m1c@^I#t!z%Vh4qt
zb3K-$F<iD9@6ZfnF>bdE#%-&6$za>S$8e-zDPD|YPi(M3x}F^~FDMolhe_!pG&}}c
z4?Mg$l(A&a*h`NLwOO&*=5)TOjS?W?;;|}aiso50KPRi^C>gn3ln5jL>s5o1ul-&I
zBQIXm5qWi_KPO}?oNpk6BzE<$neh|zAyD5hl6YJwm_RDYgAf%1@Ts>vljVWBb;dmN
zVb7;$dgz2d30>u<ab&FW=94Pw`-KyKQFYokk0NIcJ3CTu!;)mby_USE>u1#ecJkLp
znT>jTyknnp^m1N*4OhltAtD|w0ARlP5dhPB>f-Q%HNp;Rb~?avzmJ@opprtd$Cm)v
zC)K|kjy)b^;_wg=jz2EjI%6gMcxg6GOam`%L^f?$Hf@4Q`w?YrFD>PK{^XqU$Id1v
zoG^V!o_Q0J)eiX7pDztU^VLg($)B(3UA+0K8)D|`((iSguYdpi{nbAjcOCN5*be8f
zT1WLb|NJ#c2YUYQn*9~dUuS*p{C(v+9fxQ9zYAx_^N-&DfnjHk-YYvfdLQ_Gr$_HS
zUh=+2Z=;u7zyuW3bA@?CN3RFmm#2qLHD5gs@H&%XE2jvC=gid}*`0iCu+}7ZID)@A
zz%LBvPdw)q+4Fd8qVPmXNIUGgpWqWqdv2@HVrM(<)!%grRJ&hU%vO$8zT08Tg{e&-
z^afp(%)1DK4DGn#rnkw%43@~^`wJ(+d1HQW6Rjfp>kzgOzBM>%m6ALTr7@=E1@kps
zKaj6DjsTmj+38P{TLSv>-$4Ye_JWlrHxqToKfH-rhQm_ppyV%Z>$tid<_kYj^)o<{
z7#v%y2KVvqT<yon8|{VIepHt|BDVKq*os8T9);R}Wa@)mP+96yKO{udshT2u5^TX3
zetC0E(b}mGb}KNpHh7e$<D!;hTRz1pZehc@3O4NiNyAY@GalTvxV9Jj?{KhdOa1q9
z-iP_`BMh^ywrWl71f^iWdw#b9_by)P<vHEd%R>HK-b1~ltCyOtR+l|Wt3fWuvDRSf
z3=~0|VH9z{t1V7VR^ZA<D1Bj(3Uc|l{2-Nk#4mfkDch^z8<gz@5&WRql|1y}MYUhx
zO>s_fYmWih6Y{c^)tqW-W!%APr5FEO`K>USGX8&rdmQYkmQdo7bO;l8q&~qX8_H@b
zpP4-vIRtCnT8seg74^Zccu9<VJUQ|sm0&=2DjrFkdSujjE!^^Umq^8)I-D(f-!X13
zcCQuQBn-oBIi9RFqTBI_Uf-yZ(w?@S%z>I}goI*yxP2ZCxzALEWtvmLmF=5db?;<S
zzs00xmOl+66C17ZD)o;Z{R@IU`}X1@+Cn7h|MO|f7OdE|ho8YZdj|9_8xHsC97(cK
zY!1ghrIE*2{R3^}9R})G-L9&0?RhP%r3FUt2+Sp8uRnZ~WZ=!-V}ti-^Bzg>u@hrh
zMXf|ve{E_wMkfpldl5Z0c#k&kA+K*FD!<HU_1-@GiKz1|7Moil6<g~r&dv1rVz+=3
z&)Y<=c0a)J1?zhM<1+?m{d&E%a1}4C(HM6*_tmk9UPB_4TXTyk--_<f`65Pivm{Ay
zcM0Qy$@Ft}%bO#_v*#kab(mfBj<sxtSP^fQ+eObQJt><5(lz9rEpK9a@Eps#k<?;R
zaVeqAyFKh>ZjX@B0Tr@0ohuM+&4Ip}SE^>$!dQePzj_#*8Nsuv+Nrgxok@{u=ZXn<
z`aIw8(**=tF_x-FLGYly2lrv!B94KF=6twl_`2~X;;qV;t(aLecOG->!O%_c9S;<S
z{+m+Sd5+!9FZ$T7K6()4chm2i2T_fGX0E-atbe1aksX>k!E5Tn&ui)hfVZpFI7tMc
z*%`k9j1P2F8|YweRAO>4s-2(L)J~czv>Ih7?lo2UZ!~pPho&ZZO>Og=0tNUJXg>oq
z&L~ULR5z>fhuNl{LZ|3JN3{o$N^Vqg(ZQ&apVw3yO?9^#@5?rI<-gI?ogJEzPApBm
z@p(;cps5~K<9}zHYUhnnT_ZcmA?&9xN9DITLL$PHGrWV+$CN{<JM^e_ddT|qKdqSJ
zWq{h-)Ry~S*&0>%fzHz=E(<D7mp|+bFB;HlIO8EG5Uf4E6emV}geVK97u*t4xlncA
zf1^uh<+`-9vo0ABY&gbv`1qnOxi@fTc|dv>N6dlFNVD!c-i&Oc`P|8r50(vsAA()c
z`HZ-`*{)u@l8+r|yLPVKWM}Of7;PwdsARu(-CMH_N_q7_8{CZe(I4m=oi%76wV}^L
z3JK%SvpdLdX;uxb90<tH@*5GDs*z_ny&o#2M&mB$Kxv|gPOZ0h8UAY?eQwC!9){XA
zH`7p|_QTDdBf*=AXE6<x9T*;ju)VU>xTu3h4--5)L%*9#F2P=sn^WvsC~oNYH{=<R
zpf1N#mg_?Ke%ELBdvxD+5R1fbMqFH1oOC{vPU_8wf9gt;kD{2D8g9Pteg*p2#=BJI
zw)%e2#NWLu^^W8<v=((fO1(it$Z(Pss?cjHd4k^Kqso%ieGSEZg1Jv6k1-GN1LVlB
zdwOW%=f+23zI<vzBz^--9^4~{IQE$Z+57f;c!BtW`*wdQy#H_R+bi$w^lIeax7X9J
zFT8Kx`yODNf8Rcw!Rxlv^$;_G+ivQ3W%1`PN~`#oWIn~Fk{i9C`+cl>RuT?4(hyjQ
z+#u~v!6%e=KL-qO84Kgi#tRPY#d16G^@X1ldG5H=6A&W6JK~DN<pU-lJ&<zuq41sh
zKRb-!!GwgPjub8#9kvTt5u*?jU!!(#!CwQ7Pc)n>Mj)3m0wq=88Sv18`lCX-&N;QP
z;c)rgA;^(h{PFyQ3Jm*+78{!zj>!8oWp(Zos&8GKCt;1oR+S^`$}?9KJZil1w`qI+
zHmlM@L-*wQ+sy4R7_L%Dfks3McD}@md;8bnO$-BUD6@26cCqOTb1mPBiaalAA0_hc
zE|PLW=fQ)m`g>q$psH~@5_D7<?phgyQHwpVPKsgq{1g;Jdcn7pLm}mEe3qkF&Zt`4
zE|J8jB0EtShUGPU_UU%w+pv~z#3^B6cx?RqRmt)3!d1i_syo4B(M27MVOg}N!p?@&
zQQ7<Z@J%j$j0>{Axmx1cChR<k#A6-|;(rd`gkzM5b@prg-(vj$S2b%ReKzSYQf2Gx
zr^1Ojy6fAqrvqGp=8cb6|C6Q%{WDs*vhEP0+lXhL_fvf{{6Po(wmr;R)WMhDCwAi0
zdC~Z(9}eFYt!$-*%@Uvxkg1gh>^{%)H|lKWHyI}|yt(qZSk<A8-iT@taEF~uc%GJi
z2g5{BZUgnB5l`iVo*hniSE_O<TImhJ?(;r%hpo{oP!^kqW?ncN@AY9ge(I;;%J=FH
zqu&wdY20X}4%cqWlNZ?PIZi8|j-bm(Uo=G$48=A{K13tUOv-z9<=(pfTw4yRJBg}N
z2j^HSQS{$%dd8|Z^C$R%)wGD|cl$sQ82)7hkCz*hXo_8@U89(i2^xsCB%vkD{*2Em
zmMZgNz9JB_DjLh?^NLai$+K`08jzDo^lX&DcD`L~m3ukxD9Nb<E4U?zUP#08@b1mg
zz>Xz>Og|d$092)iR0X*GH}BEP9agNZ$i#h_Cs}xv9WM%x?6t~T_<cTeaI6ZGO0&0{
z#^Cc7mgV|m(-#ikK80nn!AADr<+2?<WV=KyXdz1up}?^c@d*_$CS9V@5g!imcuqP}
zxu)(o7JeSic-HN+9^sKivn)HkhNHVAT-n~R1N}|5z-(Y~m6<P83MzNkO^YT%$?(W<
z68M;vGIhnzU&lS{F4On3>HE4&-=pyf;(HgIP3PB*bCk{Rd^E4~42{E#woL!5g_lBJ
zrJ5G2D^9O64N+qtQ`FfJu1H%8p8^lEUFSs;WvimjXP}J!R_q99R`)T(qLx?G<Pi_!
zSqTi|mhi!#l6RBtBioVOT8&pgZMgT7Hy<8zSi`JWHI2ZMW9NR}%J5~ChF7?1|HWaY
zR%KU5pI3S7lW0&3I<0Os>KLGF79GVpA?_)*vvGKyk-J?PsMC4?XC>@{h8=7e7C<%_
z*4em6Ei`Z)4J5TdEE)^)PX2iCaTl)KGaDHY>s5(owU)YV`THk~HYtwzD?T=^j;w|E
z!u1eOWSFGylfwu{ZktV#aO?;n7jVG)?9*^0as0Z_W7;Y;1eGHmy4-iY@rV+H%_pR;
z_W1pj!RIa~TiE%|N6ZCdWg@CSf+N2woL&>Hd{zp<vJw11N0cqg)7`H{E1wP-c2?M`
zX*X4vX2ETV86R;Dd|U#ZYAv*U<Xy4RPpUh|TK-=3HLZX6J%nmYvLDqO1W0w(4_1bP
zAA}P#=i{F<Y*p{%8|Y;h2Jo+v0z(sQzA=SgBb?UBb)ZcKt5FW~=#AAVJ>Q5Fvfhfy
z8&EsWRVdzSyr6Q9v!KhcJMc#PKI_SlS>pG##KqjbPM3P|?&rabv-vfsY<yzSCE@st
z&x*%5GhPz>RDWhR$V*|vi&`y8IK6i2Vydk#L&~#CCHdi1a_Vfn!0o{i?xoCWap4|s
zN~w4bS=V??MG}K%kB!fGg}%(#Q!G8rSJ*y<d#JYIckZ`nz@ztGuAl6@5_=OpfKRxm
z{l;vwx~rnjRt~nB;RH(9ZZ)+s3+_i0S!@<bZ0J*J9Ii@jUD5L?#Aurgk;Ls~^LdI1
z@~(T7=F6{+%G~9YjwBv6IZ%*xC3=zb=Ga@GX4~St!9{1yqLagw-2Y!n*CehC)GRtG
zTv=7(|Lns1FeULd45Ky_TiLZ{(P5<8UQ+XvNae1EhcYdjFo>hfSR3gY(3-6r4ZD)i
z-d5=IhIcaA-9BUu)1}N<&=dsU4BwtT&ubPPD#e7_q~I!)xH-W4hR~u>!^3^v3nl8h
zgcc1q-yhU>c_|=ISM$BH_CE4(yx$jgQX+FI-)&f$oe^<5#W=&0ZrAaN!YUdz=T~S^
z#hA+KBjGJ<EU4OxC)t(k@YZPH)rL1SWnD2oGW>c$HTwuPE-0hAKGn{K>Wa4e0}aQa
zQ=FPLb+KSMrnRYd)>c=v-ybj@Xsjmb@&efIG(C}z0%{0Jbs#5dl5F60S&#;=1JdF6
zciVy5nxv3A(9U;IB)dG?p4sFzN&It5r4=sR78B4JFJGVrPbJx>UudU_b_zKRBP(b_
z#_Gj|EBrR1*)||S^c@UI8#Q@tr~*`U6kyJDc0=c#ZBu7A?AO`0Y-cyn*=Qw)v3SvL
zf2P5hR;c&tw5$CO64k_n(o!`yeMW5Sbs5UR%t~an+03iiYSK{4%nHewma11n7C<;)
zxPc*#;#}heh-P3A0iWJ{e6{LxQ<ANR3x=85vrG2x=h^gS3;<)6Z@-QXi&n0&7GA}q
z(Br9#BNZF$hyL(;@1MPUi@cM!>?n)|p4QsT#QBgJ=oBzg_ptL}wBl3iR{3#_RH80u
z{kXc!)^Uo*)>h-vEJy2f&yWiosI8jA!d9;i99{b40>^1<hvO8gmQ#L9n3K?MdABPB
zW0m#8)#1b-N#am5fM|ZZ?gWk$ZV+M(S24z3$s4&s>xiq0;@83XS87Q9d1+)~=)SyT
zvW_Eb)cG*y3(!y*T&-*?b|>H5iKZ??YRtmBq<ay+xs_dB3THsK?{|~;T&)WtX)AJR
zw`I~^_0p2FGYMy!gm;r~W)glwg3iy$$@8XdPp9z1(Es};&-2M&UTbQ0koA8Dx<R`>
z$t?-EeJy!aSKUr^AB)!lqAW^r4_0L5Vo%>YqX6;$SAXq+$Bb&jo!4Yk8~$$Q%Z#^&
zU0GXFH^WYh$AYUC>bDxvLi}82VUkDAqdmR1>#VcLHmt6aoB1$gS9>$~(~gfP=lFIr
zU$v0-Pt_k{vriL~Ait!|w|UmTQW*AqY|D{7Ra<>R!MrPQzP$a9W--1@-|h1HjWq)=
zs}JP#-KIZ3IU{TzBxSeh&6Bl#4@lGP_DNqs(mwdlIZ1mRu1$%Tn)Q#A(GHns^m|Um
z|2?`nC+vA<fBhabfIHJC>(s^l(0IP%Bi3&sY=Qd>^8Lhqu<oiEQ%|~T?p30WkFg&-
zY38gOt~{yE{49k5a$>;;)-7PIsn(9>saE~ksn+He_!gI&)N(InO3PI1o6Xh)?uQLE
za6XPNsQ(6!6AJ22*IliCcpmd)1D8h6@T=i6?YUy79Rdd@74weCcT$l!b8tDE5(*C?
zC-*B>xgeACg8ZD;GNibKZ>qJ>N^IFtn!NL-&$xNiA0|`@DCNTV!r9QErAXPW%L%I7
zXm_b*)4ycR!$h&oW}>cGx_r(6YylDnzdzKto_q+ix%5`TD*e}ziqy}RbV>bqN!Qd5
zmK3J$Skf)^J>vJ?x}-;H;gX<xGpKw?kt-XUB|Y8i^f<_!sz)#P3Ox>XC+pGM=#?$8
z+%fu9?2gu>k2^|_L)@?H(bqjukAB9X%#!}D6lRtTa1YgEpnHfOCGJ6b9O}Y6O)ojj
z{R{$Y$>HuUJqEcu^f<yz>T#sIMUTPmOL~;L&*(A4{ihyBxgv;{9BsVEEh#g^<dUI=
zhFo%t`#XL6n(;8Rq};uSUpfB3zrP>H{Gcq%e_itT<A{Cs<A?*^kDpHb3j6WS-{<z@
z>lc~*I8j__<MIrXlacBEZ`=m7#BMJ2T%48Q;%pNsmt^DH<nh~L+pv$~=BS&=vTmbq
z?^E!&uGH!N^JCN@0#rt$QqW+#dB{fJ|Dit*>yOw{PHVb<x$?)_)Ai?})+Lhyn2$&N
zU*7%%KI-b;|Hm_sKv3Wll+n1Lp$1I^A+cDAvLq021}2C*R@>4_BXvcXL0YW_W+F_-
zxwZFVYkO_4w`%QT+qAVx(F+MX*4>KM4P4OAIBaf!2+Z&KI_LA5nc&j)-tYg<Lo=Vx
z`JDZ{xAT6#&-*ma?}NsLJTp;1G;EE{^|W^=5Z-csc=tBridZh=E?NROBfc;1<esGh
z)x`a^Y%`XiSge037i_#`KuHRJBf=8K*Q0y^#Y0Js*Q}!tB_-_D=4h8_w2%Hp(zzio
zQD`m!)^|(CK8Qwh!5IlNuGrD$HV5_NXVW!_x!~`}EJs-ojiIW~Mzlo5Zrd_%<&bz`
zD*Qlql}Op?H@C{vxLlLsPBwLBsmd_oa`)m!%Y$G0xc5QcKh1pLR^Br&ERW))ZSLZA
z9_*3moPQ{e`<}bWs$^IEwc{h{@jW;fgGa{XKvVp+aicfQJC`&p)JhxQ17DV2?7qg~
z%QAZBoXJ$C;|qN08Go&J*K3D0b#3m&=jJ}0eb$dDDH%`_`zfU5R|(iAr-yL8P=t_G
zRMOmMLvnpl>s_z)ZR)eWIoVm1R=}p#+d`?+6(j*yC=+h2xAWi;T&&*5Or~yzOFm8S
z`G)Y@o1RWJy*FRm_HLSY2I?Kgpf8h($I!NS=bV#5=?fVIkq9p=9>nVmVr8F4{l4nK
z_Hd=quiNwE@vV3R>Y5y32YYwm<$U%)P-o9QM`5&hYcy-V^b7{C|F!y|A_nl}E-WqP
z<gdKUwerA2B}b-+@c*Qt$;tD8-Ww{jJ=qyYl3xTWrkUd&d3?+BOB_uB8~_}B_5t}W
zHJa;@+G&>2Zw3Rq7ITA9!^`tV<hh9Hin%2zlzcH4d;vUb?~H|{#4gVcw4P#FoP##y
zf{)#7u0O&a6Rp9tBmq}N+DUHFog5r)N$UI%2hDt_<)GEu?6}<@UmzrKPyL06i|Ma9
zUOu0>i;wLY<EYU*+?#Kz$PVDChP}R%P#_SJ>dak341BM9{{9b{DqNJC9)W9?#JE0J
zhcHnLjF+U%(BF1vhhSQ%(rPfg2N4>XOG7tjTdkz=WUgSDoZ9oNXE?PS4wbCdD3ZY3
z&t|?yNy2J$YV@f_nFgF!<2ye`k|#uxa~oNW5C`Da^+Xi}QCdA;!_~=pe}BnwpQa0%
z7~z7gZLB_EA{be)_hw$4MQ`!f42lb<!Z!^l8Nar4G)mO70|@&4uRp!MlW<7&$lLk-
ze;aoiTdj~nxioaewp%&^`D~Y~k+}f9{u#*@vEi{{^_^@k_?P#Ox8*gTl#jhzFS+Dv
z;q+PWW_#%`meA$71NL8NMVt4psC*<<IuIqExdwD+c<@Ip?On0sBdO+r<p-x?bYjEY
zuyWpGriTn<*749og(drMn)l|XZS+8MoyJPtQ~q9NkvhiC6wUA4RM~&E4=5P}-yY{I
zx|Xr&x>1<xxCILTI?hR4LRvZ$*y;SCUyPhiyP~cF*t2<IQggw}ZxoQOT}~Cbole(j
zXY(QVL~`d4-d8}DO4@8-G2|HF{P65GeovPlXDD~{E6vHBMg$9S(qAE=b-LZKs(<H!
zt0Xw|+{*v+dIQ@{xg)HMiG`KMA8j*xuw1Z<hb%&)c7g7#zutyDZ=>3~TWYKpI7Tkm
zpDaWgCp9|Jpy}_a-b2%)>9qEdBl9<PCEqUGWHyqL)D?@QhE-<=0f!VU$$rttRajjv
zSY@VRjc}Fbz*S*TF8KEw)WM-ZFdXQH3dB1BXaQYu;XV!y=6*z%Gxsv(B=l3l^!rIz
zPl8csA8^;7V-Wi5KR41sQg}`q?jNp_XK>E_)!^Om?M?1EAATA?LMkZGA0yMI#_E8B
z?1|;MX;mWwoNY>%c8US6a`&5EK>?i6&!1IUwEelQNZwem)zvJr#b3?uM5dQVDGF_T
zgHUROjtzt`zHBBD(h(cj_T8$I7<aj>1+~k$J$tNF&#8&_K+7x2m6~70$zQCMWeckW
zWxk}s%poe5-L8!xiIv716J?PRPuR}8|MC8Z()zb&aC@T}j-%;hi7H2iK5&id@+>Op
z;O^-kFk?$hXe2h=doq3aN?cUaMlksXq>tBM>Qx&65kNgunojUg<v-N$#eAx(;(;y8
zsGj)|u%nx<QZtk}GoHVpbPKxzzZd<UHti6a)vKe>4hg2#D!il2!{@b=F6(HrGi94I
zy-j;@pqQ#z>cnhy!keqBID<}zgf>#lI4~(qch7&%PT#M~{OQ}kcRPKA{L^!x=l79G
zucqheejTpn&kNF!?iYSt^XCOcqV2-COmqM2{H4ogh)OVm&l{IUD`n583~9l;c1X`N
zi{X@EQ@FWl5jhlt0lfwBlcVqnhwnO9+`iw8k`7BdRm~r4Li|0yx{AM-a&G|fw}=6Q
z2<Z$UoR2erXjiiCG^&%+>|ALZ&)A<*Rq1}$+y{r`^##2$@aaA%&GH}S^Q9#8mn#06
z#U^tb&ueXzfdVw8%g(q;v*E2P>!-=L>*ob3<l9}OX>A3%_L~XnVB<FE!_xc*Yshmi
z-Kj~6MlyeZvY8<iFtB2foqt4E25##sJN)5;FwjJHatE4voc1faRnrI}pLXa21>XW;
z=vicG!U4c(e;?zVqDri%SCLc|UQa!o#H%Edwwg3Xq=~fXEE|P~&Lgf=$9zNz)?CmH
zod>_w4V{;5`hSnkp-<qK#X4X|u<$9s_`!AyjFZWD&@}($n1iP|k{)yaUk(MXx#`j;
zbatA5>s8a!RAb34rbG5!-{t>_2(&R~Mv@v>jVL=4fR%|G;sveO>~CNl?KJv9|3s(K
z{od$_X9+ZGhEKrI{*0h!LaqV;=#=?%vj-GRR2i7y!O|z1EO!s}diZs|5eGzB0<kMt
z&>Eh6@HJG~TR%f5)BP^{MEl(v*1q$z+WgTrJGt9@5Gla$jYofCaz8n%7uoWO%WyZ#
z2zRuI{|~5u@hM36n{~IP0>W5-cHw2;nq|9Y$(xzVPk@z4WrF8Z6oMj3{p+n}u!$dH
z@#c2z1*=^?<)w=5*L~vOCBfJ<jQKOw`+euyUa4zFCNqt@)|5t%OJ?F5%3DLuO)J^K
z5G2t?J5mfE?H}VCN|RGYM(C6(zz+Nu?Y2TXL!6g)LtXEbCf7E$z2!8v9XMpgMPzWs
zf7DpAyJ_)!SvZNY!1jRc!c%kq*6Q3`TD_u;ED^R_3vvs1ntKWixC6%|bL|~sjEU;x
zu6gCdobD0j{BrWjkqlBjxWt4Zd*|Vb5@VQl@0upLsL&Vd@8Lkpi4FTC;lE`|Pi{=E
z%xt`8f6m&g57w_F=CKIf^eb~nDd<=7`@Qb^(eda<kv&d%5lQjj^N)4Xj}F#tpl(T&
zK-=6Cn!gfsbN;;N#!uCkei%DQU&@+Aq~cFqSQSc5tsw+RB)K*-Y3MF*Jca!odoR3x
z@Dy|1_YfVmU6TM@AHh!wj|@nOzE)Z3)Q#@Y{*L#OXm9kTbv<H7hSF1z$!rKGX4@)I
zvOy(VxgD7;lKeXVf1CBhp1gXLzZom6fsqf-n})HS3Hyuo7WJLlK#cshHW2?!wV_nm
zk9a}-!`1K*q~DTOzYSr0OeM+E{3KtsUTVS1=L{gSPcC`{@m!W_lfgf3cg*406|2jB
zf%|diqDiU@b-e*A|7(v=<mnqq^&6_T*hF0}z@jT%r~PXFfRY7k^|s&uZ8y#xt8>7J
z1YTeV#PD0l;x_$!8{Dbv9iIKpCeEV=?jB;WB-b>yeHh40<emH%D*u1qg#qUQ_eH+4
z>AP)h*;%9pvWp6nW9=8LC$zfTdd{ouww~J0c853V<8`|Gibp;PZ=Z4A_EX{Ob|x%O
zE7(Ju`>|<DiWPr*)gLT0Q^EN+lU>_w?Vjv$vNLAbZO7}bwi_P&vEaTcgwaJ(msdn;
zHxn;s&Pn0a*hql=iq&7NK@blIUT#UYD$tFYbGw~q-BIA7<8UW)bemmYMRtww*@GwD
zg7EQz18uC=+**0fh7{EmpN>uL<P6&%rKC6|G^`Hywor0zMMmNRgi}IQNzz@gU-6db
z9@pje>f5=P<i@rw;~Lu@Z_~jd!V`#nXRjm|V$<BAU2fmLo0Ti+QlNTV-!@*#ii`AW
z(iN^H*->5YVb#6+?({SF^)nZj>{VQ{w~d8B5L%|`2Bry5lbv&FQ1(UwfKs%YD>mQD
z1@F9?U1@+hxgkGMHq4y4dyp)y;xDL%?CJu5p}&i74M_#eN%CG!#Z<Weg~V==v|1~<
zwH84Rk?g`Az_j%$MNDundP~G$b!Zj-DAK3s{$aD8T$+LJDA5vIKVv;VL@50S>-n8@
z@p>XAk8@9AZ(HAavEa}2H`V)ddMj2;m+uaA>+(HY{4VENk@crA;a?VPy$$@v>(Emf
zF8Ii*gGQ06aYMg0nmzhy^nd)?=Ft@>h0d}{p&|9p6!EvV8wV0SC!s*+cqRhTv2Es(
zr1}ki3?!b34U3(u?1dHZ^6S(g`C~ilpCMN?oW95?fG&EM6I`FB0Ll*nRZn01e!44w
zMk=-P;MC&~{7?WrJ@2pC!wdSW8~YjucGzyi`q;bKDx!u&8urHEg>MVGkO|*&FDLN4
zbbGO5vW*BLb^VxHO|y5Qj)_cgl9Y5vvlA@wS4C(SHEY~x?0)msZMKHLldCj2fvc0?
z2n$wg+I@v-8*@;i_4bWtj~!ZUW=j!x^rG^Mi2*?vztq{iVQsl{8hMu`ZQ|GV6EUI_
zxirhAqM_8lE*|$BK|fQaT{cg_LY6S~4$ND~)?y)BiG^%A7P4hn$R5N(_D3vazr#ZI
z>yGm5FFN{Uf8KEjmb62$r1iy;)(=Zse=KPZmb3~iX#=pN9cC?Qhg(b9Kx;`0T1(my
z){=IlwWL*AOWIM^l6JJUq#a`|X~$Yi+8}F5JI-3tj<=SyDr-p_Y%OVDu$HtFtR=15
zTGEDCOWKLnl6I1{q}3Qpnw4jmUnluQ{H>ml)AWUC(Fp3*g9(E36Vl|{%xqKd+_aEz
z&0mjyB7a>ze?i|fO?6&j8GHB<v10z+3{P6|HTGNSQ|f;UYdRwLTyttvGg_(mSN7*d
zpAaK5^Gnf@(Dg{e8*?xXyzbd*b|DfO8`Bd~$|2YMJyhE@XGS;x_5LemVvpf;s1UXu
zkFc=^R<SdBaq<9^PR4SJ-g)j3*}rq<l)dAVJqoFF*6=CTX+z*v)o+OJ=@W69Kg#|N
zVRL+MK|9>+RrhO?4i+Gb&u@R$c%S^L8E@15-NySLmwv{0#aa-${@3GuC;WdK@43D5
z<Gps`=ZqIh%pD8QIEgbwBt`xa3QSa@`VIAY|1-qe{^ccbUgNR~`B@*^8fw_&EILW0
zYCm=o`xvk8ZV3knHg(EVU+IJ1Y0MA?0gUwf4RdyKF})PLR5fEvIPVh8pVR(~it7&U
z2lTMuW2r@!=@0&}&#pLVG8MPaNu-rC`64GtOY3*ZRkgD~kMTD8Qh9{vf(>2QA8tCm
zwgNwO0x!kh%$DKrM2N43kLO$!LO>yICbpn2F^X8FbjS_soy2tjdG>3C`UsM0suZ+-
zClc7DbKRk2|4^U@B@E{0;nqmU9^8hz-ULJ+BbL+K+1CKV3re*puez^H(278VFEt6G
zxCkx2uI0X8eL~lA+5|FY>nL&Vr<I6(N{I$#G#i88kN^Dj$36;ExdGRr_OCM2hJXG|
zf@m6d1;dBg84B$q=_@NtC_bIkM;*PK+h_Pi>0LUL#<VCOnnhWIKHR;7vzkWK@1fka
zTR77c;U3FH$I(V;nd;-;&7p?pSmNhA`ha<N!8fI}Ut{dY!CdeVw#z9Jwvo`sX+NF1
z%xR^80=%Rfsdc5QsBmsk2n_^6{CRddw+vD?HTJX~YIn2*wsKX<i6sL{L|$IUMbFLf
z1*4QKM*{ytdF?i&`pdi_eV{=i))MqMUG{OVf-10=d$rt6vCKLRI(220ZVe|k@5GX}
z8_RNsV8CG({{2ET3(+Qg=*q+EdXc{*Bb_%_n5QOGhUkC8o_Pca$5arIRo%?z5*m*L
z_J@*JR<$H=D$m^Ow~#M#{o_V<-tP6|CE^cfZXp+nBRSY*ziWmsao7$Y;PEW)8Qpi!
zP(loa9)^;B9g3S{XGDfjc*vEUfxEIQQoD_H;}FOWbuwZ)DJy?)$2TMeZi~>#P*2t%
zoV-ROq!wmFFrB0Rosja%{N6)b`7z_xijwx*`4R1>xpH1O@%r)#in-Oz7BPZT4shF%
zF@U;tO>D3Tn@613;Qb_L53$dUJj?cTTcgUz!GYawxqIE@k6Gf~Zo|vksQCPkD}lqc
zA8{z8;fd>mp}<~Q!;+6)j8SE!JHle4wxCbweTAv8fc(g-1%3#<1Ybsk;@=g%qzw>l
zlmkZkD<JVi4^O@co;(x120M+1BgpofXBdDYlp@frlV2^h`%N5=51mC<Qco!L6(9%_
zc(<9riNMASkp|bf#V-DLfsaj$7pq4u82!57BO6LmgfI>jnIBVzSjI$H+7>-kYVRfs
zgF#^0?SH<9iH~`?&;(Wra~gJDUzzz8iG&#_q&c_z(DdNDcCl%Z-uIxzmcWOR<keMJ
zaN?@SctV=y-Ny(%lC3fpDs|8%o^%I0X{=}$s}J8h&-5V{;W$l8?RK?h2COmeoOc46
z%>4LhZ3%M~32+YUE3{^6%W}CM1NEDD&)x7NYR^d@aS(WIUS+`R2fGb;J+mJ`l8Vv-
z*eZZYly}VXpF(8Q!MXcTE1h75OYLs+I3JeSVxAPTkhJ6P2V2;R;DId@u7KlQ1^*Ka
zBG$BMm#2qDIep-1c8(Fy=F}^k=&(q7J{!0h{6EW@H!r|20Wj$VDfZ2Gg!wWrzGfcg
zN}J={p5HWkj3tB%w#<Rs-Jegh`|_WZ?FQ`ULa=wZV-M<Z>uuBgJ+Zf$KB93kTTY{I
zF`G|!C^X^XRmq*`Mzmu-sc6Ui7CYuA*fB?|%a(}|+X8#p%w4=nsuZ@)BMV#So!z$1
zg|fYtY3FRq>O!%LR~7G}DOK1*7gfO?x==;$W!l!;DsC`U<o7@S-2Qjhdx8aXs?zL#
zpZ7PDx3Pkm8mjdDMYVtVM^m<k75|r}Y@I3aznij@Df@q#GTb)kuiZcV)BEpL?{=HA
z>W%)C<+rY8|D8K~U~GhhDH~j;zH`x86_Uk|Q2?10kFspb7VyX1J5=A98?x^b4v!Wn
zY>|DLnMd_GDlBI>r~Ot6h4E{WsDSUr&ge~`8^PiLbLn{9<_`?kg>$`yZ+NR%#2eQg
z@d$UlA<EG>A>J(bnh<YC?gF$B9^UQ91?Pz32=BgS9zF~2(qk5^Fy!Ub_YHY@7$%nI
zUaey+^;m7$s@to@;^u*X#my{Sif=jh@d=_VZ@afYXL(e~Kg7?M47~pf`1xy7;C}~f
z*O;>ZCtw?Ds`wZ2^N5|@fbF4YePA>A`2z6!ui)n|4ZQygQ+B;6@V}d~Gfmn5)0FMO
zvhy$F=NsF*O<Cd@f6BV!r}TT~j6ftc)}U7G=5A<pU6^yaFtWV5osAP>d6(IFfoNEN
za>2JRMu3rGzLcA@Ps#<ay;Pz(VtK5e;XIy~%s^kz^llkDRNAC)4(+$mx8u1c%`z<b
z^hXRPxjPIdHSN+!@{IcEGlWb2deeId!|`U9604D=N)&;!Z98$hj<52`!D%~5G%|s-
z`fB6ZhfNy^+eSaN;mev!8;W@SnT?j$_k2bedE2y^&V!{xI@AVqr4NVqqP0?8&O{M4
z1e!!om)@nX>C?J+bMFMxXRfs+0!5kHen}?YM-Q<N@zFz6tYju$N9GB+&%WrpDvlxp
z=Ay?CpTdcixr!HZaCN{4=RH`g_|2Gc4p9t=T<}j2RHh>r9YDz`<*`Gg&Cd<FlVmPN
zzD;!=YU|8&(ozxaHS{}#%EjE+ItoVub)#f$V?~cBQf#5zVwLmc>4H2w4bQNjeRV*I
zj^3WYXgKCS6AwZ=%;;hH&PUQqHN@-y_by0-^~!P*@6u8@b$r;1$tLOdRgxm<xfLF-
zz>35TJnb)$idE+PuQ5#Dg!Be!_1l~WC*ZY8xDFhFPoo1`u;%Xc|1{D6I&E!ok70>5
zqE{$6y1EG-U}Z06addSqc=eaX1dzgJ@*s255k(l0>bH?`%Bb{RE+tshOZ@F<!`smF
zbYpM9L0kzFPK^sEkN*?au3XeHQ{Ts($k62s?Hiu*j>p=t+%ex6o~~0P-VhUmm@@a~
zZ|4n9y2{nPmUr3oiNBXyJ7HkJ=qNR#j6ovd_a}+%yzMUfcvmh<K(uv)r9g1s?auoi
zGB|>*>|bI-M?7iSPouF1$(z!c5k?cco$VW$I6MD2=7ioK2%FF^OPD(32`CS~pyjxg
z05%&?RV+H4k#JpScCzMwLh{l0>qcKW2XXj7k2xc?MH&%GU(9-ZoBzKKS0)_iz-rl0
ztvn1nesMaLBsb-PPxD}mM<L(*h`3D&t@}?W+JW7^ml2z-Aj6-|&Re6ddqSghk2>8F
zls1jaLxn#>aslc5`2T79$9dZMey%<1JJDkMN1pyNvBan-De>fRM`Cqf6QnyMw}Cvj
z8srP$eTyaFeh*6k&wk6}Q78Lici&`@%-pZIME{2+c4tp7a3+)27q<Hq7wlhL&{0%7
zwv?VF=q4;ddqNE_c$Ph5vce9BZ*t~b&BZ3v6xL+r(RXIvTL0YHb2Sq<9<M0~eE*!h
zzVYpD%<aCv`poShdzBFx>ptIPHQsddbC+!09Dm7fll<?V1-AaH_No)Qclm=y{Vso!
zA6xI`^~|zPrRlD*ii<GSEit$4IJMTXPRA#$KS^0~lGK8U>NZNqscSL6Qnqv}&1p!P
z{IL7sr=z`2l{<|XQ6d*VgE*$jPKAjp8k>1l`~}tS)OfAc_^or{jOv-8dYFu|RbU^q
zysyXnk_(|d(gIhf2EELu+^X0lxNZAcW>dYKeb(|5sn>n;R3V*#Z{rX!=r?3`+K17V
zJZA`{+e~fAvaj+nIp|jYLOssWkF<~S7ROOsoxxk2ZXGm6X`0AqPHk1vD1}ek2fq)c
z+0lzQRf*<ZvBA<OLf{zsgyZzvr$X(WiSK43qEDQh#wS@v<I~gZejT>a86_6@b)QS1
z8qOEbz}vWv2NjnKMsDiJ*sze*g|Qi$ROfGo>OQ#{3htPSY6U;pld+@;9DMrb{vwW2
zZ#q!O)XupGUxOGBnps7HA{j6?4;UEzG-m9`;c|#Gu78)}(3LLR6&6{PFKD`K{5BD5
z0R<$e#_Z#HXteXC@_ge;3w&Aa9{;p@6)*sF?JzAO2Vp#FJEGAN){{Pj+MeJYkg0I@
zu))k8=l-GI%dNr{?lb5otYU6D#k3N4tvB>IY4UmUglB)wJ1ybTQubdHEW8WO1@8jX
ze+J%Xpo<c`F9gWE%l@2-^T4cwVS2=cp9#}7eDYxW56uRq-vOd5Ojpz$1k=0W_D;J_
z-+u~BKg!4CAl(tikp4$MO!WT>ruS?;7^Z)?_7gCDIDw-g|7V!~<~bfrU&=!PrU!O|
z>CfBX2akzZn6C1jxV-ZlK=OL<#Qn{+K=R|okZhKjxe+9{3_S>vhn-b`<oWOXi;#S|
z3K&Sfx3)VZe{+n5<gdKf4U&f=Kmo~b5AO!a<x_n~?!N<+1d=zdF_65%<SQ_@?)u^d
zTjdFjSj^T-XK<W{uBjlphT|++06<5Qj~GH8@q!hF()Qi`&ST;nj~J*gAwq9*W!0mh
zAtjLA#4``0bCYECLfhUzY%BtJ3sbtHit2K~?@a;3WQpltMjq^|+zGniHI?Hcx;~G#
zO1e)@>(QE=)hlxk)yUhlO5_BeUE8!2Y*p@Lvy&tQ7oPjOEVIFNSB9VPf&<pA;&t`H
zD`XVYC~jZEOgnyUVx(3R=ZZ-<R~+bn{ZQjAQS2}A$Uu|BNla2D*2UtT%%!|^bFuLE
ze{K2vN7($aZN|l7emH%hak04YGh8e@`oi70ebwN>&J;v}Nc0t9IrsxxP3vW`hAWDW
zFKK(k6fYsND4BITA-wOMjE;gk58hdA{627YwL$(A?uVBjC?^1YISX_@(ucP|8QDa&
zKvyG~u^fSt#nVeAIaBET>dT4zR2E83<2u7eZT`5+dDgMIkSN|&6;2W*3JP7$6aY}L
zJjINv%p68V#^2+;*l`BVLusyJCl7mpXZ6iE{KbyXP6f5j$Xe`S6YYEQT7STL*=#sU
zO8sH)7T(NKAlKArmzQg!o^4~3V(TL`1mK}k=+`=<wa!D)>QMkvU*;>63Sm2%RpUG~
zAinpI=v4d@bb8apJP~^%7yKr3uvGFTW~TZLnbXw_a99zaUs2&K{0*<osq0EPCB#j(
zt<E(Z17E#1fFCIgtNtY{Szg{_oLiQV7w^_4?sxijY3f^*HdCuJyYnOSIJ*_$g9R80
zAu~Rx#CHsN3$S0Hl<aCvRuWx&b`NtZjoY>xOIw|5IXltnY-}u7P1{?Yn;I*clk*2A
zXH_bCcVF^1vMLrWeBNY~)9@+ztZIdtj7`%RD~)YEk6vZH&>adgaKJ8G5Ehq%>}4;b
zEt(}{6F2y7E^AE=3(!t9K*u80jdUy$pl7q!t2>bZ^RlryP!7mcCeIHH<o8&9^WAF>
z9BV=bJz~0JI`JTV!Zu^~`>FA)&lRjsUHrfyQSHZ~C~@8~>ywezHU1qfMV6=L)a>G=
zXmVC}`fGt<&{8O;eH;`fdnTn=lt(DVqBNGLrj;gje{y3bBRsa1Xqw)ln58Tf?m=NR
z8bFzQ*v;An-)i6&8k>1r;tzmUkqeGEi-iNR1lsxFAzg2mg#!c=vjNmN9tm2s03W(U
zOoX?{^teJRw7iNx?p4Q%wA+L>C0s&6_8ZH`^PC;Dd;&kLO(^884bN9d5pLFu&L9!X
zC;NyY6p|<NX?!$gVQ(GCz!<C2!BI-IHH|qyqWgBW8qE&KQW5@7l8!zAJ+oiPzitt>
zraUs7veD_>PMDOq&8!vTHdcRM(7zxutygc8PZ?)Pog47B4EpWhlYZ~ww+J+ioJSIa
zv<E^$X>*EmUHvZ3X@ei}Js(Do#dJ4Z=#7i9904X&v?j0QKE}*fnATkII<n!!;k!6w
z#*&IJSMV<r*$?WpInQaK8k`sBVZ2IKx*x6-Q`7FAJplRTpNx~TF0;YQsM(y+Ya`t|
zqc^VwA)?`}xnER&%WZ!t>>bmC+o*m>Y5S?BE>0}ukJDoJL?r)iv-+YVdhkQ#F&1TG
z&pee+@*Ln;L$rE^{>;*?KfDs#kM*AXJaEW*hj{*>Cvg;cY0#k>btnR}Y*gu@Qwmfw
zTTHavJ#8*$_XyU<rUlX!N!?T3rZUNy)zdWeMjdLmqgJdyM(skX+9WzPY@K`Rr;hsd
zT<}NWfkqt`{W6D$4>xgYvoiMPf{Q0G>6n-`=o6L28#E=ym`}`;IU-^XbkLwfgDbRi
z$^|3JAm+53SJ|mqew<<^vNvS~a4eW8V)`mFhF9PizrfE-0jwLy5oNb$@T_F=%9}VG
zS5c!SpJ757Fu}QCZ{aaX#1gepb9YT*nR1l9%z7P$j8mb&x(IvKg9^<fb35h)jt<~L
zaP^Bub^NL;0T1zh`B2KZn@%vuEr40BVYxR|f~TjiC?s61gcF%9;L@GJi^JXHCZxf6
z`qJ0kI!lKx-7V(F>~Kzl6|r(V+^%OJbc5YT4KjP1pK|w1+R18<)RH`q?dK&=H}^$L
z2X!o;g~RteY;gFt+>mdKFTTMjANyfkZiov49ju@A{d3VJ4(xVzc1{_~g<n?O-pgY(
z>tAKVI*<QvLZi03DaW0E7}GS@pv3p6ot_jG$PJliP?q^OXKAOMYUxdg*vV2O?p$X2
zT%^EgH22HGhIdL0t(&tB!LQ=R{;BW4h8xRcBbyrb5Yp3ljtcFc5P46PRvY~wl#>JO
zI|JOhUCz0Ct#y2L-6gA<(rqP={^U#qnb7VRsel+-1o3;c$(hg@3cOppC%Lw3d!Nv^
zHpZuvq91+dBm$!lT;N+z*!Rpy-`b$!wd-}Gx4pufIS0;ExA1wR=r?`v1t`+Sn!pJH
zE2yRpOQAV9)#Q8I{mvjkg)e{l`n%b<dzok(AA3bEH3|}g-uhFgKWsG(sM1(`uXFuS
zS@09`SCX@4zaMO>DB*7C(M)RMY4tGI8E#mMfAK@S;Eqfjqs@CzwnZCojKJ&0xD=ei
z3G#Hm3n^;pKjn|4yb&=y|KxCb>Q1E6dF9y)^+;RG@<+~>w|W2k@q|;Odxr_oy8Ee6
z;Q8?2o#FO9vEw<U(i;ZaJ(ct3+(AgakI|jz5%l7zSBY4v{zrpe-`_>ZziJLVuis;Q
z)53c9r_Tch{GCD9ShFLH_HSw%NBD?WISjbAXBLlo=ra5C=ITqi{OlW6*)w3mg*HaO
zfC-b#c_1X93Tc0;oEmc?^O7$SG~h&n1{^`5UajjUlm_q)og1|#C>DLT?~a_Hc4RR>
zUH}SBv6@y%8z~#~sLs38tSp6>qGRVb9AC|KSx<7o4rF@I+TNH6aGZ|1x<c;_V}<h2
z=}gd=cMLK3r`%BRM9B>q%$Gd*IvAge__t1KBP3NB$4l5@YIt+%no=DqZze<`{P?ah
z<~U4j4B=Q-EhvZO3~@&EDZ!nxu;t7>>-pdI1bO98>4=M}Joj74WcMnpuDl7S{-)G5
zeUk`dNbFOSJ9Ih*vOmUaVl++6uua@QoF?)(pRfP!dRzZK3VOx87G7?qiM}*ZF)?+`
zK$@te32x`uVHTKk@uTf98far*n;Aw(ZCL*SzyA}w`fI7*FY7h%k~z}Uf_Su)PV2J0
zqr<#(@&b(If=g`!PU1~cnv9eY9oWSB^(C%`9iWpCQ)x15IjRYNqS9RO9Ewp{>`3V7
z;cQ2k@oW5=enM{99tJg<zB>tR^wj7t`8Bq&T<|Dcb@Vzli4*=|O~^9?>oHwiZmWr2
zw4xu`RdEY>jRmzioVwF&?OTuu?oy>)Z<ZFVCxU^KP+Wcvh{&lSHx2k8TI?!R2dj5#
zyY)(TKrXlqoMPegp3n#beI*dY_xG4Ps40F^d5^g#@>9`cZe8|FKNlb8yusY&g015Q
zFd5{U^I}u#CZ_2En^4hXPCqT8$<#!ewj}Xxk#hXX{MLS-H8Di1gj^7UvMI<Ep%gKT
zr*Z_L9Ele}q5|6+lJo5O_;=CqTyVJUzRDaznIlyuS*exlG52`2z~iw!=GMx~o5#u?
zPW)T25@YYO>v|70<TK8BUW599k_rVzslaHnzd(Pv+tmq2apI#N5Lff*q3o&gaXset
z#|^f}+#|UTpvT;*OID?B06-e4P|0&LsT-K1dh^N@ZBE@V5EJWQ-i<vrH7=gZ5oJH<
zkU~lCEnwct_12s0?*Rgrtm1qoc%OWnW?`b~ezRY~Onq7Df>2<6Zu7bced%w`i#lN@
z9=}NeeaVBMg{0C-ZQhm8%0o4$*%n__U8SRGdKe5F>->@gBxX`_QKfqo_G!&4Jfodb
zW;N_>SjywdAJu#ohpxa+8mk@7jimD47ei?BQHL;_6T8?5B+u)cJ=dHJ<kGIWRmta<
z_hMgVyu0x13BKq7{e<L7X%9*`BmzVBhLk7IH5}>$BKlIFKUy<Bm9P?la^!-2sVyaQ
zXqAZ>rR<8>DYmW*5D!b=?OYGJo$SV*7ti&W8(4+BGh`u2t+$!^4oO;JzAC7|Oil$-
zZaHwc{0xKM(Nlot3Q@86{#>+){)vqB75V&n@=A`o(6}iYUmY^NyXMT#?42^GEy<s>
z6@2JkImDN}{JbPpbR^nvRT>3>+j)^BjpEGTvzdSYDVhJnW=^g`679{R3Y5?O!@&Yt
zf!_gUGdL?E1IKAPcw+)b(yuDhFVshd`5482qo2e)5gOIl-?O-SAW2Bgq(AHgjd{VG
zDXMfQF}g^qx?0<qt3$~*v>76N;FyQwaMG$`{zNw=Y6pu7j5a_>!0E;*@f%TXNBd7n
zmu^McppT=Pa?ekRKeAO(8%m-CpXWoF+~e)1YzON<qlmc{`H!(54jCk2Xt2~U2IACk
zHh?-FPmJ34s8CzHQL+|lG_-bx;lH8Omn*{QiENFA5d`9)^wGeg##|Rl_kCPb!&PVD
z(7H83&D%t>F2SJ;AJ)1MfzZRrSHiV&Was?EzFhEeEZ>OEp*z|;BhEzb^3o3U_O7M!
z@Nh!w32{saN<29Cw0#ta{>gc;3xfV7WRE<*)wZrKk{X7{tS-jgfV1#trbE28r0(BV
z#f!Zblnfxpd<1+*&;1QF3~3xC1qHgfzSWtOiZMopXS{s5Ra)1`US(>t>LCSHxQniZ
zl6M-;CS|lV2a)9chSy5N)ycd5g-8<<l{YR89Lg;zxTvz#lomCVLZC-OW7uOdQN7uu
zS(TX7WlwqUcj=e+7x-nae`@AB{xO>{x^DKSPJF5Iq$hHfLG{%<Vq@MqH9c}mIgc%Y
z?U<sSTb3z{*PIDaTVb1$1AOK%pdc&?t7r-jmYodUU7=ZnFOP)JXp_4KQ@rQy;&?^P
z-SjChib*m=tkIs%fHn(yQ`oF5uA<u3b#3Z#fckrd*G*EF@KT&)&TnKYRB3!aN?hW}
z3bHDlcqbV+v=6vd8MAsOs?Mbe-auUFP?|8wNj3`sPA9#<fdD0PYel0`noyn-0iopM
zx!^<CEB$_Ih{Z#nl73)|?PY28<n-v8(1LY(HHQgqrkvmb6wc&UO-bJB<%AMWNhY=k
z$)+TiY%wEiO4`K$s-}f<jVNbWk<92rfm`dB9^c=~X}_28JY2>f(FO)pzb*4~-b`kx
zbKvqayQVCxwJ*UrE`oZ>z@!)3J``|qw?~cFrFI2@o2h}}tyRCJv$DW4nMuEOt@7v|
zhXLN_8vB`9;5ea$voMz{W`4qn6mOzK$!wO5=9-TlmeJ7bD1a~+qU`~~S2ZyLgkFqK
zIxFk?1Vpx5?B5jH{XEOk+LT;w64HIeDFMsA;c)8weh?76Rd}F}IIe|LOZu5L;014l
zCH*wB`ho%^cc`=I0Xi2-pBD%bY?=KnM*td~_CJysPRA(R+>Zr9z0s2XAJr00CHmQ^
zf#hOI0ajiIR*pS46nK?`RzOJg%_c4YdYy09Bl83{h11LJqT_>4>e-}<el*g5Gayd<
zR{;|5OYc=h4E|TRAM!VLU<cvZ=r`nK%jtu8L^ZYetobd1zTVl(LtNrq0ASi-s&p}j
zh2RjB9l6|`6xlzb8|0cb6OB-vlhY5pVP;J|B^*BINe$?lf~zU0A%rBDR5s<-Oim{9
zxe2nLctdkMIeF_F26~&5b~t1P`b?mK#0N+x_9m(s+CUi4oSv=K_NkcO=1UYZIf)IF
zWsVk9g6(L-6wrG%A^OEMz*hhr;%``J!bCiYKtC1lBmy+o@ypGIw`+RCTydhMWql1z
zFe*c<-BrY?#mt26WtgRMZM--OyFji#1)3hAeS4#+s&1spx#;-7+w9ct{WrIsMvrXb
zM!MKBO^+DVe96LmMfMA(NK0~cmU#P}*cYgv=@Ek!M59-OQtI^?1zt$`nhQ?StP3xG
z+gsyCyS~=*(DPA4%*{uQ6&m8?bl)wi=zobC187JHfj#g1Y7ar2cHL#!9XG=1pMDB%
z$hCAy^(dx?=AX0O7#0q}C4?secEk*eES#MgHJs4}vfRyVz%KbJb`Qm3tYV+Xr`Czd
zdks!#iSs;5T-ak+g2&l<*{t#MQl}T!d#TaOPVZ&9UiR?9y#34~+6~+<^KoA%-pbfS
z5NC0jXQ*MX(_XEF9JWI`CO##+vqKuWM(+^~=k=bs;QUkM2-ki6Wg%=Jn#EI)jU`W*
z?8#GGliw5Ih8q4pw~VjzUIhQ=m$Wz&_tTyKQg=9Dj<qB`i#v&`8>gg)y$!uA4>!DW
zJ+TXKE}xt(-A3P;R52*Ikr)mYsqM5_KakY(iF%aWo(mo`YydZ^jC?z^z|e0^%dBvE
zbZ;M-87bSo4~I%Tq0RIZ6N43mm}mwn(B>JuN>sP0NmS0NqY(!6woe^GdNDMWTtXVX
z3-5`N(IcF0>=9|$JeN&XIQ@Oiz~uDE4D_T+r;uw`+PRC;fn>&XK}|_!p^|m-hk;0b
zUvtvZu*HdQB^p)oh348$4*k`xLL=8R+At+Oa9wD@O69HJV5YyAevIV8m9gW~qib7}
z%gwA?8}VD=z~d}<PiNtesWQJ`nUYHEu&Xo*8{aQgKuM}Qk{s2PZV9v|7yGGo`BcpI
z`P5PQ)Sg~yIKHNo-p78PIfb??_7~ASL$iv&)&R7?R=_`7vYrpN2A~DDS^@*mC1!n=
z7}GQS*zjgaiT={e5TI*m!l`4cIm8BYdD%(qWV;keoj|w>;;xnb@{4%_v*l!uz_{e_
zxUMHuX#(!j)R=Ic$<pf9CZtbIg`k2E?Nb1fzF_99hU6NRvR*9Rz2DH?$eGw1oc24Z
z+<9oR!MpfJNU9Pp8PPN+{zJ8!USe=FeI1kCVX<>`I6~#zaJz>v9TC|{B6~P<cGVsP
zK}jEb?10a$fZ*&gpqG4Ly;coL5CD2m{R|^EWe(v%%J=k_1Ic5#wrP5RTWHUQB_hLa
zD`za>!1mUO4J(~nUe>@Q3Z_dv;lg5DIoPIKy=vE?;OIGp>lK89b=H#RQS_H{!JpSy
z4vCef7x7i{7$kWZ*1FAKA?kmmOfPx<hG*MpLwfcpY07Ohs0KI9=ML$m7}fNy@rKe5
zyrR`ni3+f5jeye}T-{4Ox>IA8446VJgJszhOuxQL9Mh@rYug|AwW)k^a*3(btW202
zg$a*5Ir+#MO(@IInzWm+hE-1d&s5l)e7d=|E7#QmHgm2nItqf*1;H^Gsc;;{_&A!F
z6;5-y^l<QNk(R|cnLHia5(+#EKkhlFTmEqB*1ubP?9-b3u~|h@EIRf<WNS_Sz)!T;
zNFvCXPaH)9ktB&dy+l-XrJ;sZv0sEC=@q_z`-0Wlo8~vJ<}~av<D{txKKcgM;u=Qj
zcJ{(Gs-Kzb;A2WfI4yBcR_bn^uztB?O_3kvi=_4OMLt>^R~x-?ll!;kOgJ1W|EY4a
zFDY@~C?jVFPm$ysHnWE9UaHJGLt2y;Qd&D{RM4F7$Iq!CJBLnOW;=0Mz7yqiB8yAI
zm@$``?#+IkMu)1=?J6_2sBhc$ZMBB;8<nTdv@s?z#xtCst;8yuxa#|TO5ER39&6lv
z`ws9UJ!lFSb)>Iyx0#!BLut!nMGERNizr8y>}C8h$FN>?kM}a&!Kch>`(5UDgg4xt
z+!F7z0dK%AdzNV;|9x|tF6#7Ke1<pa5fAz1$Hp%qq)IB>hn0zrJf&`@3NiL7vBuDw
zGgM{z5%bx-_D@(4tGYLGL$^k*_8Pf&rfsBAjfC6_y+&+LXM^kPZQVwbIp>D{%cy~j
zKE24kuwd&8>JtKzkdn(=Lb#l1Dk3u6O(oRjL%*}cuhdg>j7Ai=acudNRP$IEG~laS
zrp9vRMrrkwbaZT$$gS9K2t}a`NZy8ZSR<PKza2ocuMqH4(xb<E%%9?ku_8Uj#s;4o
zYX(5gHDEBg)>`6Csq_Uo$mkCZABHR8CrL24n!ND`=jcuvc4}|!=Go91-&^Lyt!}=T
z5nR7VE(T`lG2E1(9w9XD>a|tkL!@?Es_+B?{vtK#JoHR+U}bJ)d@tgec7ma#BtW=;
zbVpEpCff>=yw>Om)sR#z$+zr5+T`Ee2SBn+K)CC*mU)Ak<sX1r<0|$yp5&rw4P~@2
zt?{L5oNk>Vo|Nhk(V;8OLuShv*lRj8_nJayd<~}YIxrnl|GIZb8=k+rC(@fNHn@K{
z3_>~3=Mwh<I8!LMD*MGkna^#_FE^;7+aM9-LsA34ZOxc@4X5nF{Ec?P>8k_b<ePH0
zn3nyzf!BiECviF@<pbC}T>|n9!9GkyP8BRcm7b6}<$8wn$+Dnx%y(Dz>N@=9bTPd)
zFy9o^<wbx}XVLj)Z8)Gp$OlQ+&O=KL7^Gw7pw8v^1ManO@uaGsrs}7wwHac$vvkEc
z-B7Gg<fS&|3@Ee8p!K=V_@2JbLM%VI<=TLSYKbP0a|3K`GM&5^^QYGMGH=yw*otLZ
z^`Zuu^%)c)snDnywr$jdSd0Z~bM6KIFQ@NaEF_sn@VY7<#OVG;g~F7!|CUcER@yhj
zh%{tH=(QzWnq!@ebdsQhjys$r=+pqnB4XnVm{#Qs;8IH|MrR|%%o-I+PH)6XOGwa-
zBbMF#vNhF*nT2xJ2nGZ|$e%=pdUQV8NfY;+Y+CQ9;8P};%2|H7<eS-5S>_JA|0C6R
zQGvVfw{kGs<W~R0(8!|mBgPC&ASz&Jy^gpnE8K$hdZgi_=$W$kcWp02AHptj$mXk1
zZ69(QZ^V0iB031y3YS=l;ndAUd;D8i*W|vz%N|~`FIq$KK-uu(dH;;uklxjZY=s02
z76pBM_xOLO`SJhM>cArTCLI49`}C)V0Q~n8ip|k^dpIT$Oya&N{4~!LzW2(1rM+T%
z_)wbpbbI)KZXGCyY6tNv))`kZyh<iD8Vr6?>rX(@<fKMu2zM7NvVxNsAUsBo-7Ww@
zJI2j*H}U_4T#o!q^jdRb^=U34?5#_SU)ytAC}sE5xhG;D;FM85CnE8$(1}p$M^>u+
z_ka3lnaLUN+7nx8d_m9v_Y$y%iPyrNnRvE(SQ_T~x%fi!Wxolwp+SVPldHSo_*fO>
zD;(fCZ%{TCQ%Yyr35Y}@HkHe-C@-?dqmjWx!h|4-kSn$$bDJqk{wH|QaVw(tRTlMN
z;Y~6rrcXIu^<b+VVU+d@$PE9xPb3e2(cE*0Osx~oGzyTpFUrQ=48PuD1>wD++@l<$
zOrMQXZ=;#qL80V(9{p}J(~*0W`Q5!S5+KWa#M$mWw?Aiv&km;})og&=EYW1U<xkmS
z|NKvUCG!n1;G;YVrlaYe3Rm{R?O#@r5wS7UT@GnQaB!61Aiw_(c`X`vkYRmqxwG(l
zay3n^(|N#9YLNwmf4+Z93-FL>q$V(##lb(I3XI4b4mp>cKlDjknIp)FUgUW4q{oy_
zH-hum_WFYJpZ8kQHs+m+%$Kj^zx=29;x2htBC!|0(cFg--&!T~fwv;Iyz1V~2}kYt
zu+h93y+Q^$;)#wqdX_cN<?T%ZBXY-za~lI4=DdGwpzC6H+TB3+d+1wLeyFRu+vnD^
zGEkfvSf|mru=B0QD*_GqV2MC5Tg+Eqs{}6ZHiBSsOStw!XW?;tWHV<qyfA|*Bt;{*
z5oS@lXN8`kG+Y8pokZBvnE@Ft(^jyRLOPV>Hdpw1oq-ILftMYH<~;q7q*El;(|vW7
z1S+F|o?yPW1j4nP97c|U5`oU`_ZxOC(a@`0O`>q(>X^0V_;RpcA2w6-4ySwDRJ4+c
zOa`kUlX!&4#;ntcU#O9;Ej>}VU9CYx0xlwRPa`tdN-LhawWk%CxiUra5A)+-&1C~V
z@La^Br(s@EoJ=d4pEeic%^<BO8jI$h<uJ>qnFeJ^C7!mGSmhZlJnakR^R390v^hN2
zEBjerka(;CP+w*^wO(L(wmEhi;2j<$aQ=LW=60XaJdCZyfYM=-0PbQ?@bBUHa9N2#
zUxu3l>=>l$h%bl%^qQ9RLl)`q<xY=A*S5~S8g@T$4YDcx9xs~T9|^Y5Ehc~DDs~Ub
zrKv<%#7q3*N_~wWD5lQ|B%jhfBk_-V&OL#12Deayp{e)jfdB;c2CIJbw~CUCtEBkr
z`$V7`QDZ&uq^)*r^2yfZzZv>Snk9r|n~53<DBj{HTb+QCdlV;+5|qTdO3@6)*Y)%j
zgWSk+m&QA!i2tCq_1Zhb*V>{#<VxSSip~W3v47HIzBIygygwaZ{zW?O-nz>p6dw*Z
zUtWHeFDL2C9RJIo?3ZuoOO3uvH(wx$%_T+gjIf{oQd5!osu0j1n`}C8Rm8nX92hXt
zE)Idt!W{-%JqL33gogC8xxCAip9BJdq<#UOYcLYj=<H1VBX(GSrF0~9qPdiWkAUDL
zD3^szD8rI!;l6NnHdc9KJLSZ}yb5hT+i0LQnNkLAg3xn$$Pb2x(>D&2F>M$)0qSst
zL-R0$6u9}_6bPqB4g*E2!n-$y0~_<@$T<sKf;_O_$OWecC8e_cB*Qk^g8vR{6ztb=
z*?IF&_TAJxIoUiEq+*Dnw6@{~N=w%$J4Au1%=wNRdzw!*Bzd1~E7Nkp4q5@uhj}yy
zd*3jBU#xB?hWYpp%ca+Lmuz-K*!c%yQ1d#J7^;k3pAth=hcRb_(|`6qpp_}u)j$(k
zKb6*12A_vvt3wNn&W(0>Tx(Q%gj<s`FBfd0DYN?uH{_i7A2d9?!G=;2Uk$G4eXD15
z#HZ-P&wrdL{6bTDq|=)Gqws`<4>vp!+Y;tZ+4!EGbFL_szYsF^S$wMkfy|anNfzCz
znz*^Cp!wcsu}!H(`tW^1wn$Q`V4BgABczwo>DbR(n{u~WaKg!Heh+itAd-5dx{bkz
zNY^+EH}Z(x{C$t;Fn8+C<n%z}aF7f3WEP}WE_ZJE4OyG4K(o{6AxCH)Aw~lsM%Fyg
z8A^@hYUAUY(xZF%Xm9V8dMgsxiLq{9&pDSDj~@!ZN)3jRN3|x6xlt*0Q+QN*ny-IU
zqFo&lef^^n4W&sQ#nEL3Z?uvuPN^aQ--|?tznvkOmi9t>B3zUn>G^=gSdTvAc}Gni
zMGv9*o~^r!L<{nK+~_OM8fqxadrv|~<bUi|yywxL<@U=?eK}cQcD<`FqNktGN5TIq
zF^?K6R7<+_i($k6hhXpI_MjTR{6g3ruKmDScru9?<qWIm*L;YiFGQFv{cw*FYD?J~
z+}g|MkTZlly?o?>Upf*gLO#Dlum3a>qopEwmN~m673ozeYSGK`Of>)9d8XOL=6R;2
zQ(E{Lp(3_94I6>ss^WTW%mE*b(oe|BDG<v>HP4n<dYk16JMUticTosB`3gVK5&R62
z%?|w<(Ck1+EaMF)6OIP!@45M!;JOciKR!9(^d*Se#!}Ep1i^5_N^{Ob5(05lwrN(=
z^CS}B1C_qTPzVu98T?w(_nCLk5+SN*!ad^K044MdtBpoxd9MPuS)yv<;4LK&aYsz@
zOC%ez!s=LpN99mRL@y(^q(>TTkx*tn<HbN(oE2V_W<bFtci4cGx!`(IR8<J?rYfEq
z>zu?0Mk)BE$x0`2GH)&EUkGs^q?<h4RX}-27v|ilrZf2TLD;r?f&wUQ>@Rd2zX{WX
z(e%pD#g*8%{8sZG-@=ta32G0g`yz*Q2@$z8PH1lVWr)z!k>nZakv;R&jceo9#NG}C
zRsqUA=X^`s%fkK=;=ak!w^6OhJ46nZV#(VmjG;coBGFPe5`E&PoR+wa;!*}0G{nss
z7(R;K8^&4DNoX>|=?kpDLy{GE+BFz$B7b3^Y0RV=gS*@Rioo-(8K@O_B=2}u<1ZD<
zJ5Sgie(4~2=Ly?KB^S#(PZ%m><ee}5V|nLbD|JEMd4Zl4(Ht}FnpCVn?3PTtY=pP;
ziDoS4GM441Qo>!l&7(t8?3XIOWc!ozFGEbuS&#aX&sR;(!s_53T2P3@x6b#7lii%8
z&N6~bMUfy=4p;>8g3Py!Aago`ELa7WL%eRWq6x$yoW3}qdl9q~ndO_94MKuZTj;it
zE!eCKm%e?t5nAe`Zy#=ima1_2s_Fn*a)f0`Eq`kXto93f5{4&FM3Q|8V6>#KaE5(~
zkA3OBpld|8ErNzV8G$$$vf?2s(#t`%#}HCfZzH(qlR;EpJQ|e??xqnoOT#_E1x7vG
z7hKf!#BiVXR+)|$1Q*1P_Ybv#OO-@)#2k-usVDTw(lxJJ9flT(0375<Ko_EBoQPcJ
z%K5zXveuJcL`5J0({sT%?TPZt2oVi9{$I?uC%sf!>E+FyQ38eEh7*_Ml~dCrvELWO
zmB*03WxofZ#jXnw15R$Y_*~a&&G$;N*iu)p-Ye1K3W-Jdyxrn6i3N0CgS~Kn>=(!?
z|7M^E5;q$}26|>9YVkJ9xn(o`FQRne^aIsKY7k*!fy@>u7raPgK66;LbBi>w27Q{+
zjrg75#c*mU)tBAXKrZ6(JQ+NFjPYMck3KXnu9ze4(6hhFx2WfwSqG2*|0nb;BY6eF
z{APbi;5)G-p-7ltL<~UZi%u};oLuLN8Q;$c@e7Ni^XCMza_@`p&Vi7np|t++#2l5q
zcLzsMd1miicFpglXqMoPrdbn-qK4zH{K9&bop0uxd>yQSoSxhBruVS*CD*y@-rtvV
z&;4K@jd!CT)8VbO$7zsI>Iy1>eR9?s?^{a2w~WaqoZL<nT=~1!IPL#N?L@dPhOdTg
zQ6v}jAytRxkIi0)njLP~7<R^Q1h6@vkUNC+#!KC4znzM5!RJ8^FTDB(`}c7iDB6*^
zlMyVd(kP7k8V3Lg4zQ7M7({udcUM+qe^3nHUelGt7!I#M#?rr=TN)0uIO7jUo>Rjp
zjEs9}o7a5o=v?s9Let;2O+S|zOw+RP*Mu9^MVv`{3`3eqVoSqrXVDyeC1m%a7!P5b
z9RlXiDe~tmZhH}%Z+{A^A8FX;w6Ehqy4G6c75%9*BT`><K^dwR!iT@thg}t}obuYg
z7&mPvu}HHUKQP#d?<^ia3K*8+J@@GvU8q7}b6v$^18{S)`0#RxHy;w)nh#f&XCgFR
zv_8ZO1<6vCm=u1nPg5NGW}z?Y#+7u#^x-)=qi(c+n<><^R%-8L$RA9hiK~~mj~d53
zFH*dreUao0jvALRA=I&YdNKI>cOF4KDSokkUN(^37#WHSn^%06itAr?1;+c|-wUQx
z@rIJbeSM4NlEDR}VxP)#@+R1Rw-5n)`7U>*`JNkc1*=*>soaq9jJNPUEmd|gveOvG
zH17HnyWb!iJ;J*^_H=T@`r!G)VZD;+7-Pl^;lVBW64reDa807;f9RcQ?Kl6IMdx5b
z$?MBIdMxg}DwHEQCC@$e+_k+bc|8}8c+c?zHP;`-B&PdCOxb~d;9zL(^^QR1PmH*u
z*2L)O=#jZsZ#^^83U`!dex#o=6LPJiS4NiOj^3Gt`YF%e#62P3;hvCr+!Hc~dqS?^
zo{%fJC#02oLcYO0Az$U5kS})}mc6j!@a(xA1G7^*g4xL(M`R~;9GM;8QJEdvaa8t<
zj-#_*>NqBQYR9qJ;T?mrCwCl|J+b5X>=!z!vd47{&K}+Ih3pX>Cu9%nsLuB97?M4t
z<HT&Qj+3%II%*c573c^sxWZ&Z&p4m-6l&dN<#bU>!?ozSbisq5+{D)u81=k_6EiOY
zxT$U@W|kT_($_+j1$yP#TQEaJdvSQLG^-Ou?6}zDrmlftLdrNs_)IRip{G5+cRJTQ
zj1KGk-k2?SV@ojngL9D{#aZ}~L5EQa*G}2`XRuSKm#+Z&rA^jE(v+N}%VR!ODefbJ
z4ugBANMC8at#Q}7K&&@+#FQuZteOTSePO(qK)=3sngihNzZ3kvZoN%58wf6pRrJb;
zcP73eep1%HbQ8#ejw(&;hQdXaQYV!!hC6U>o$1AO3n!@+$G=OweD?k_TAP4_q8ojF
z1|vyNKr>Z}!x%mxZz=WtpPE$eNiR-)#iruDR-C%drb0-IQ~zL7IX_UG`kywnSNGI*
zrN&qFHXY6P;aXBV0yukCl*En=r3@3%{krB_&Q046DY5sgO+y5-vD0;G{8Q$uU{BB;
zg51<eL>Kr`e&Uuog^82%ZeilEEk$*fwEZ~EoUu9JJW)hHjRb6t{QFS?m)-dx7Y9Bb
z+u}UP^#38iU24Z2-1ifT`kw5<`y^g$WGIXvf1ed%021~4k<>{=-41+aw<F1FB<Dd-
z4)S^(*6C%xgGZ@@NCn=4`^i1LWN*d&<m`WvJH8t4<7%M8PkoNm&s>>_TR(keKA}Ik
z!{}Y#lOIo`*?U~m=sY+nlz;@l(_*sh5lap<o-H(PTee<5PGaWa5^Ktu?ia2ksvjUR
zGg!V7<ZM(HJxtSsqNgctWU4F*8?!`y&_P7LpGV}+B}bIwY-7SaxYde{_F&mWaldrg
zq{EQnQloTys1YJ0;??Tx=zQO~Il*Zcj*ut?BcmjuQBLA9l3G$HnX|8*JnIO;Qe`o+
zoAqbKwsXqq8?jzpB_)b#4W%Bap2ja9j^hLSm3g=)mlA&lKWx$+lq)63c232T>I(f1
zI6r_Z0ugkyF)F7srR?R1SAu>-w^pkzdZETmPsXZlT|+L9lIRvi)<{nS5-t@aY+62s
z{t-7r*Oc*jE!;j_`)W)2nm`zdWzmnmpaE`+Rym88@yOKt9Qtfja<AoB2TZqzWPZ&T
zk4Q^05Fdt?U>Eu~vT#<chpLKSMlKUbF;e?s^b5}7J8XUDQXdgMIQOdhaCy*n{}#Tr
z1n~6QBxQ)InxL<cf-3d$%UXZUjhue>c)yw>9RMpgzxSKDl9P*+6>`Br8hgO3ns#pG
zgl0z~3Z(%-%DZ>o^l>h8h2*sKDR=y>yd<-XX9C9|^JWi|s#VKvL{BMSE0#;1)TN9A
zdmnstJh3d&WA?+_+|Y<^xhdXih5|3BZ)!_2bCtrTsmibf**ndeX-v~eGBV$0Rwa_Y
z$1Hr93x3W{kDOQkl5WCA6@GtpC!e#$^avta7jAgfNysvUR2xo}5)L79JX`-;%}hu$
zczmT(n=n<HH#X>Y7R{8e7AB?p5{;T`dD%BiM<b_A#0<n7%n^bus|kF+$+;G<X5oOk
zAxrISvC2kmc8IW5zfN+Z5_L@PGD(fnT7$qBY1V=p0JThnCn>@3u$o!Tq3bujNGkUW
z4%zvl%AH&nN{t_-t|%@m7hQ9S1TW<gr#Yi#>0d1G+Y^e3uYql5zt{qlOwp<MNlg|q
z4FGWHaiX#7zur6Ar05?+s^GRD<dYWPze4u^_<{1d!?WG=`_yM(C^kLwtK+n6Pi80c
z$JBA4e9qW#%DC)@Qc1g?{f9r1)L%@_cqje<T>rEIlabL7w<Pzeiw$e%)D`g?))TjM
zFyo9t#${`X1#3(a$<?iA-lh%r+?SXnDNf6s#7|im0uB648+v&;=GI4V2&J#XsR37k
zw|hs2phW1lAI^_|z5E|IGxm{+#SiqJGr`D5|Htud$OhG1fy0H;lLK5TB??BIipSBf
zo*VW~&xScSTLB&bFkdq00+eVInVMZ;$VZcj6{G{Kr#Xu+U^=+i519zk)Voxqghj!4
zirwd9#qc4FP$%00VQrO@s3SY}qOI7A)C6?Q#8P?-w*-+Ai=LKB=yZTcX(aVcAo6M)
z#<q!SttS!=P2GtwX{gpq6!odrgM2F@S+|)_cN#(^LL@?^Uqh%MJQjOEoKSj+<pk+l
zO=frdDxr{<1NI_B;R<+8Au6Kcdgg}7>BDO-cmtORWe(u>aM1jMLyfxq5fY83;3oM+
zh)IP~AUD&4B*eb38EGNZ8wycF*SO-5r;y>zORAqTolR7)_kMq=s?y^ry~G?*a31=e
zfKEkTP?r1|<LYpD-C7}fxAhi=Ul~fz0<S^qX%&%VHdOm8DuCxiDp;*cSS=klR#ZrO
zLLl|x<HoDqusEEn<Hirz<Hp|&rMz>x@Sxhv#WJ!K;41=CHT^1NauTPJ2UG|_$joq3
zb|{lmOWrfMn1icJYDk#*DD6!?O^mtO&`fWkelEH<Fp9gSsSEnxB#zWXkWk0(<Wyp(
zD%C}8xeeY5p2G+AOp^-Wg@!J%^BrG#U{@E13hy-29zDx>&@M^*wcerKe>bkJ2epse
zr<wj#Vvp&1dUU;RiDQzup+5FnxE9qDcIv&oorPOjx!atF42__7PbvTZ-(KM+dtwW-
zSNhYUxi>-&B2|c4&_5s3#Ef^67D_+hp#uUB@9vJLJ!aw0kUxhRg~&ZP(RY{40nc*%
zKq#EAW(2Bj`pq|k%ZX6Ww2`8X&lb7x+ulr3*|(nJx4`@WAv6ETa?+DJ4=psy($K|;
zwd7O8)?>8|5l;1x;DSS&J<=v<UfFu4IomV$^(>j+l@6e980NPgk$;JyJ@D-HhD)0%
zqb)U#K5l)bOlO_y(ExIUQcKoXc@sBXzsU=A(sjKCreoI3r%V!D-V77BSrr$5fXzX$
zNN-I5-Dze*Z#9C5Tw!OJ>a5V936yYUM!!>aGaZshO$|!WDwmKT(N;NCgArND=+|Ug
z$jJ|g>eO3Pod($Uh{dVsDMkd!9jS`qW_nr3M%-1kyA64oAqXw;@pO9)gi^&lYKP46
zE&-GU6{=mJVw#3<8h}%jfk_nevU6d>O0t_b)9eE(thxu237?yLc(1nzoVkN%X#%H7
ze5;~%Acmfq5mfLhf5VxGY4{g(xo0{{*oO2xisa-0$#9F&{k+jrj0*%W`!e@>MH=3p
z*QnivCQtu-*epZ{ymC*4iIum_%!bXG4Vqm=_DGJ~XKhrp^L3ShXwVwv1IbjQdbx*R
zwV-9uzsc!i_ah{UhrO^*tc#Hz=@)+g2(ibrIoi0yuA>KsdBn)CRelky%&N6CvrJ2~
zXi>uvFlbT)43+%i(r*m+dz{;GEm&evo&4&d{;Agnc&JOjqdWp0^<FZ(pT`0O1d=q3
zP<VHnCa#klf^`kuz4C8@0Z&BL#I%U`(-nh4AQ}?EdNxStSHH*?#L)GM6#(vmOs3nY
zy{q)1z8f8QD0RO<vq<{t9+Bi`oUJ)uKKGiIz<y`pcBE&SkaurHzc)_Y?nsd}bt#g(
z$27WB<K*&;P7PE%+(^z6nqm9O=w80^T_Y>crlUyAFica1Pi->owkK$$CAmcxBN|OP
zq9Q5?C(&jack#O80BOWIYjZfhua5zdh%<h(c2It|wnYaQx^;h1xBBAkNxjkgvs`?C
zPzPVncW`Z2_YTfKsDtmZLvKlLov^la?3kAHwV3glB{#$!fboB46k_^;tg~<v*`}ls
zXgTrgoW-f%k8N)WKf*5Q)qHQ?j2>I)ZSf=$`t3mW#|L#(SE>3lIjDO_oy1uH$w8ex
zpI&f?%oqYC9hz<C%iQ3^m5|u2Dx7$4R!p1UA>nlC2tvi-CFIBJA%0wcWH7Cd?5G4&
z#`161Tl+aJuLMd9Y!)<K_vm+Vs^!8?jw?Q3&_tJj#dm;i=$@Q~7xtktKz2HnqITJ%
z{i={EHb~H|RQI_nb!ohZbABc3N_Wy6{eY)<_3~+&y5{Y8V?ou>s2V1?It=E0rY0rA
zd_rBX;pM0EqS5kluO`)yky9%Bqi}jsZyVQdXY@S4p16LJtfOan{?Oih7_rKmk8rw0
z@%%z7{3w3mrG6B@d3D+Ay34D|%zA!GUaOxCrv~<t%PW8!*c%y4Ou>z@;TS!8A&_=Y
zm0i@v`^)w#$ZICh-x{`{Z0qT3uaX$|MPkcX+oq-B=*&xI5xk&yCn~<N?((^pbI8I)
z1k}Sw%iPX8u$R$Ic$(5q&AU%>_B<)>U=zg&=7rLCS_<IhD3VXLhyo6|j}ShHOE;ne
zKnc#ToA5!o;N4t7K?EUlT%6c^=9@YGN(7-?uw54c+K@yGySEy<H_y+-eYJ)<$|5*|
zcpD!c&vU5Ob9~fp+t;zR-?^1Bq`y;@nnNV!E2_9BD89cm;xzAxr03KSZ`r=>j2|d9
zqzN~y)VarMCU(+*iMZsx#_2$qtr7s|I}Lr0_6vj8AjShEX0Ht=Uk-O|tulf2)IgIn
z@xy3oQ|hA9X6Ek$O8QmSZ*YH5R9_@zw^4*KhiJDXx8sSHi}v9nX6y-sD{dlg)|_(j
zv?;s^Bh{eUFlv2KNxT&OmPCR!lEsNnjSvHbV=)^VP{|!$fETo9>`R}B9;UM}CVV0X
zW8TrBm@QVD5$$7G=RV!|=0~}Y_LnTOn5uKZH~1jEnE*n4(1IIfXL7!8+sd2;!fU`C
zd{?KGk8F?dgTPb8qsvtAI79Vr*0i8InvOs_T^lSLGc5RZbpamPNiofNUPCF!)(4@u
zKIGMw&FEY%WluRnvhk&=O4Dd{N5&av0o0O$T0#|+kgR8>dHLY;<w=warU)r4lWk($
zr{^VXqMvn!pLHNvn~hnScB52W!tagxZBEXtF4v#gvfe}kCG1t_>+!|_C_*w??caRQ
z*lZSzV5Mf8ZYnU24=DZ~8mn;KYapi&f!xPM&o%pd^vh&Y*O+^ZA5p)l3yt;V@-#D;
z&WGQf@fhcZ+c-s5-zi11L%G`wsG>!+*FHbX$YV!h7-~+{5M$7t%KjQF^^2JUWz0X?
zu6ZTV%lw|fTQEb}(`4?F&E5L;5i{b$baT=*zTSI!IPDvij@PmgOSM3u!Rzgd&Qi;H
zx&1%Arfz}_ou?cg5+a1qnAY4qskpId<EJ%r^*?MVu?v!!Ifd3b0!&BZJzhQ7(8}du
z1DIk33jlHj;f9%}W~gUH)Nn9?kUtU4Tza*56BSRO1G(T9;-@i}oFS+R#~<&JSubJD
z8&GkP3n)@p+V(g533RqddwdDEy<~n(F*p^`iC!=}Ztli5`bCZnxu+?1;D2PH-?guz
zlYS}^-~u{Kaewj8%i*pO+Wne$S}uD`cm8DbtGOqf#5vT!`7qAR5x(k%%_!C5XO=`a
z^Sp=9sxJt<t6Gvf!d*Kod4sxn#O=aTh}S{1?a#j}&`MDN!DzG|DrSgUE*DHNF^YEy
ziDQuS%rw!0!Pj;!^Uh`Z@CWLkio;8_BESN=o}H1wo#8&5G>;IzJ^+ocLY|$Dk?T@W
zYlcFd&ZMieh|gbrRWlN51?44859IgICe-8omB8Z7HdQzeHiZvq3fb7ChI0}Ja~hhQ
z>71!jlwfDkuLTWKHvNr<`c9ba2q*DpCCYPnWo&!qVP2f}*IDt*U?)#uNX$b~5!E>P
zEswzbH~EWUL7<)7E*e(uPJAV2Axy9>_(EKB65kV0dz>QkT~j>x@V~K}+vVP~8r;5z
z!=O#ceJe)Lvirv$W9Z6H90ut?><Hl4jxoOUE_KgIJWAbuC){g`R?Vj@P2A<?Ox)=t
z?j*m@c$yvz7~TU#nBHT~A<X8bx!@l}4sqz}F?RqzvwF-uW@2I&8mvn`Vj*v=o|y}N
z-{zRrW6l;5uF3^(B7sa!;&kP)+hmXWU&bd=v}|6=IX0!zrZ|b7l*t9pBsH@KcVjrR
zU<LmNZr&Wjr*YSRmTByCav0Ota30(~L1P*_nP)ROZA&+3ZafAfsB;qUGuiAcC()Q_
z#haRYpIB6A27Q6klH)w9GW$L<YQHytN)4;hrq4WRr)M7Ib;d>Co;bDQPmE*Pbh3*f
zUGb(ku{hE+auJ+B43`W|$<^)KSengF`}KUt{GC7k;+kc5+E0L_6%Wa2AK<5O&d$iR
z+Cg3-qLk|Qb={DLIbz95Cy_x8%$!AfF8BrLT@eX0bk6`Otn1n5$_X}13}WPzX9c3|
zyUK~Kg?S?C&km#Dlx~$jw&vt+`78tpP9a`1kxCZVi2vPVz#J=8Eioz!@=89w@v0ZZ
zik$ZSR7fRk{^Y^%9F;_0YKFoXA`A?4@?EltgapO)moSRX$V?fUAxo&3!f8yQ_JgHN
zTX!|UG--;-p-9TgajEyNoO+)rRVuW~1IuM*+K{Qas)#!UY<{(LBl)DxQhiQsqI$Mh
zPs03SBh_!Rsm8P(<poe^LPd5|B>8RjD_`eglk4j6^p{n+*wZMl@G(-EK!NzhbVA{F
z^J;V}vS~87|4bhVyz6z^NrdQW{Y#lf!FF&w^a#Hc=tGo?qfT_%zfXH>%f3t@%02+}
zH6_<+nlJGHuYOw|^rDwb2_W%qx$2VP@Fh?r_e65%5Z+ge;Y*t_9IhtWbq?Q_W9@Rm
zTWHg#A(_=?1P^a9-S7g+8tRg7CiY`M%1QjSHzKdv$v1Y*r#E(y8vFTSUSmhm*u?fX
zo1E}gaWTn;jr2>RSVTxXiuUy{0{ZFM`to3)<wV;U;8e&L8w+G^8X`b_#AJf={s%_w
zf_u#g8!dc(4cRSU!vV2TrtSr!!ul1B@CpwKfF+_CqiIec)u}IZML-MEl`MF~e42Xp
z#Od5$MrHt7T_bE-xtn|$xfWZrM=d-P<!-m@C5WKq7TO5!AwMGACI6Mn2{Bu!rOA0x
zKq6QWOVqjn6A^zU1kh)2ZzM~eJ+(*!C^23LAy%s1ZswQQN;P0b`TA{`l(jqgEoBW;
za2CD`dCt7fpFalbH!MD%!=E%+W2*3@c;eE@f*5yZc4hM`QjG(tu#P-3_vIJL=TEud
ztDB`XjFtl#nJr{%rpgyoC9Bd&FOe%Y30_x2*4ppm1AQR^yphuMJ^8ALPs!`~Jo0U1
zH$z}%TS0SjyY;~dzVuo?lSl;>5y-VD->zkl0~-8OA)f}ftC?wv9q-o{LP#E!TVhNp
zUblLvHrwrz=uCfXESSa(KPz<Z1sZ5&FOVIN-vp?=zDIYoaN2Le{FT|vA4LBd#~AP1
zx!2=UXoC9;SdK{W1HiGB(57m~l8V<~F{C#d^^=w(Y|`)<%$#8LQol<g*|x}i{-nl2
z&O`6}-*dqy{jtaD{uFQ*Jg<I$U?M`A3uK~S@`Jz0M(*g#=u)#>@L9^>k)}#IO}jrK
zp-^R%;irH}kGOt?*Mj4jB{i9wq{&W?x%Ox?;4jbd2VC_(4EQbtdUtK<ySdB{c`|{V
z<xxBE0lp>l?brJD9sip=EBE|~Z?j0jupb-hCY9l0?{&EQ9lcKWUh7d)y0errN-3;b
z8-s8kR1GH<r`)5Ifki1Q_<bej#BI}K?)=~oeuC%!nBEUo9p89_kFT4L!CMmA<m<qV
z``3p_{;N%1WRmeR-0qH4@&hEhFZQH2+8~&*>YCviHFJkjz<DtCRrd&`+@jp~EBB3l
zZq>B+k9@m=6cMDw6o_C-l?q9Ma3s|@-`}T53Axj(;aOZJ0UAyOqVuHq4KTku-FMoL
zl(fOUf_!oh??-&AUP`d)ow%BP-*CN~Ajn3CQ>9H!C|~7mpQtj{zy2jEyj~Tq?2C_d
z9*WKfL<>+f96Euz2wekLa&^Ypc_xnhkR1s}RT6(jwDG@fwCA?O#3VBP6GYAuxA-B{
zmT~ywUebdJ9m+VQ7S;67zvGTFK9K8yOhStfxJg~Jng)xR&ugi7LqB{W+uy!#sWb(@
zZwq#QR|WIi_y1O@E=m<6M5h+)U{3JRbDzcu&iS!8L9AKptYRYN!f){Nhi}Po-dZks
zy}q4>d9}kiZ9cC{$w*G?*_Az>Oe+)JGF_=M>3)gh4n=BJ>}3_;w~8O6)~OZ5hQO_R
zx4Y~ihOt-e8Yz{pZ97AK$_|Iqii2FKi%I~$S?YkqXTyl58v~8$58qICb()C@In7V`
zl4S_8QR$ApQxN725a=*Pl55?O&*pO2;q+Rv6l+jPtT!x78wO{6va2gokzCpJPUT`d
zBa82;ZsN=0TdT+GXG!%0eqhhd{7i)>`+%lZ)eJU6MBb+XX$5T`E&B!3-6{AmNafnz
zhl~bAITt`Y94<CGc-cxY?R=7f|KvxOfgeqIru{$T-KPCcUNegrkG5vsYW`9tBIY1u
zOEeXiU=$Jz_>aoG_4g)P0*LHW<{Qu2v*@3XWd20EFAN}R+?n)c#lmiV>EzX4dA@%8
z*h5+PN!*8rXJM0bvt9m&|7_jd%f4J(xLdbw#B&73uEo!9q>SOrn=p5Gr@(ccyQzzF
z9#^c?IS<;aFRn0s+D~{j7g89<K+A31|9Oh3@xa3E<R$S^^a=nc;+}_`l>J(9-ma(j
zaZ5WXh^+3&ZM;m*_Rf}N-qM`d)Z>)OMZ0UVLH()Xk3U=PLW-N3Kl&LVOE<aiZKcz&
z$LVg(Pi-eEm}&PCUNSqW(jBl&Gt;E=nlzbnyC_G~h$QY>9<vkVjza~r-ILU_DtGf=
z%vAcR1C)B0`>3DFrYt*!GRYm;W~06_^}g+Xi^}L&6@1|u)k_>Q6OT!d>pu1rl^pH1
z`;{O;HqdeMm%DXl1fIR+jU{#vo$C5V^P;ic3jV2bw<lHO1em#!S}_jgC;iZwG<k!W
zC=F#F&>c?h$OyIA+h%l*)C<XH`g7xhWbf&vm<d}(#hIX2tC|wad#;Xd50McnU3xsW
zhC0FjG%~4Op@n<*pQ&h$*AtWShs!jAF(*TC+z)RJlw{9$|81#ev^dkHWXhhIotwQb
zd#ZY&1|`&$XXj-HlaP(-&xmYLKQT%g*Q;G_vpPh-893nVmeFb4!m=~Sh9R*~je86k
zjUVz`*=o1HY2Ur*H(oqN6tfag9$F3Pn3h?ycSZ<~EGct;`WL$jW<Z?`QGv}~n5tM>
zZWn~M`{}FZl9Kb1AG?(-831_>KcDz6$Lv(uHy}{lMII{)#aCCZ!sXsEE|ZS<RE0)V
z;oiM{EBZpd7WV4$hvp>VN8FB~!{u$%-~D{K;jzj0od-wgHk5uSR8Bz{ZCW8rH-B=$
znMBSoo2AoWsrc;L7TK~@D${cP0rR;xNVkE>PRHDFPlzt$pl?;2WO8o#n0C!dC<2p{
zc%E0(1-W47bGGhw=>$A!=`DBfuQW}_ztoY^{_G1*dz=h%oS$X;CQZHkn}@EI8}p#&
zk3{9_-EU%?Ud@)ltknVcm=CsMEQ{*)L=%=!9_H3X*=fIs-shgRjYQY@LcKbU^9Mo@
zt;*Fx7M)qK%ItSOJ%<_brSvv?aV~g1zm_*^Y3zY=I3)fs)Mv#wQ$1-=r)FJm7}fQL
zyQ1a*LP&UWn?_3pJXdT?IPS?aP&=;oe)$SFF23IihUiq$ntBDOY`$LZP-zObnObfD
zJLYnDqbwe^OJZ+-2LlmPhO{1WC`&ODk3|lP5iPDJB3Qz$*PS`#LvuIy?^O#k->3<h
z&WpK0XGSP3u5U(?E*s@lJxv_zF6H4LK-#~A3vry=fmUVjr|bZ$&7zk|B^wy7(o=t>
z(N#?pPj%X#{*s#LeE;j!c`F=3BF?%{SoVPV$~{9*SCnvuqkl<sgeG&gCX--has~Fx
ztSbOCE<0GTS^!_9x}j9RlGrG8>i#U<KKB!|R6IQraw^==WX(<N-$erCe2i|#wuZ;g
z`7~AEnf(s~GnpN11r1;uL~)P5PoSM;$R6Xs!?z@V31WqN{P!6bl;FO}A{dV1&FBzr
zYMdJB=igm2WG6Ve%ERZ3>@)?GFFv2WV5<cMLd5lM8&wh;5K8@j?7e$@RK@xDpG~qM
z3BeOEK~R*aK@$Z{6qE=^782Oi4d5M>Dhfs-sFY*@i-kZEV4H5mR$J?*T5r9#7B2<F
zTb4@*C|4B~yhKzuheZLY5J1@9`+3gUWCPgR`uXGc{e6GFB>T)cGjnF1dFGj!XPyf#
zp=*l9PwhZ#Qn6}hjCyjsn8@6ifzOz641+(nr|4}$heDf(WJb%38Y@J?4p8as0twD7
zml$kbZKa?C>%dxQI{PZrDoa{q2(^L&hHgf{#%O<$ixilX+()9Iy=Ow;4o~%uxrDey
z=})LDj~2m0z6fOKjCzVnh2ii<lqHeJKod;Z1SjUQObHr%EuW&*PzyTr4d(sVB8-`j
zilfZ0XfcN-BC<vk2&G4C@CK3IQ9~RF$WRC;H!r53;QoA{;J#J=;#mB)nZM88RZUef
zBdHFJT<&Ao4x({S#|u83sfopQB1bTq)7H=Wp?Us#u4ro*89I#M@42<oVZ7hsW<ge&
z+eTs;P@m%AxKx$L-=wOu#2KD&+3p%H41}aoIW(dSh6|WTntVX^W)PtiEHQ>Ql-7?(
zF0H>l!($8?#s#5+HO9s-Y8Xd7SC2A>ak0nZkqL!#o39S%ZRE{fQB75?=u)cHwyhjN
z0dQOZe@?8*(Suw%l0adyu(a`z4P>Pw94L;AlNB0HB|h-^eyZ8kFXmVx!ZGUJI%*fo
zgwvu{rm68*oW{zdLmnE`XJvZAYiK>gtq%EvpP1JH);3h7dm2j-wKH_GbI6rUr?zD(
z&`d_{52;f!x~%ghV{F7dS4-k!vuL<I+p5Xleti_72@X<;W9bVXA#kTrvxY1lV^JyI
zG)BUT8)%NVW@j?`#T$sfKy{I0^k>of=^#-HYDBoFiRgO2_y>9mS;P=y5x#$;Z}`v^
zj;<^2zp9E_ZZNz>Yh(`ML1!n0d`0W0P0`S_SV13(W{V#OSw{DYh#-m$FgeluWgUF&
zx5z__4tk7VtT5*MTwaUXxs>t+*G1n#eO>ZLSEI-Lo;8K{fm3avhSqy%jnwNg9$H~t
z&pSLbS|g;6&?~vsGy~Cugia4yWx*D6^DG%Z`vsK#kP1p;N^eGO0`pb)^L)yQ;_`b^
zp6tSYArU8nP3=0e#R90WmLl97PBs=b*n!N)Hhe`$aZVhQHzX7ri&h=`^gaAAt`s%*
zYN;JvKK&YLSw3+}lRI5}*T{7Dg@zC2Dw`wgwJO*cL-f&_`<NuY(6m{EdZMdLV_W~{
zN;I(c4KeO5>65T;nEYf)s;W<p{EY8YP;OK$;{=?Mw6Dat*PoOLe1B37e<vl$yEn>>
zt$gU+jdhy>lgmrUEPvi8FO|n0o|kiRS+|Wwk@+kB9j3rh3cRZ?3L!WiZsT8s7rS`z
zj=q?{iz`CO7ZACiSZ?KO8hB6=Y|eEVwLXa2T1eVc{h6!OSoB$J$Qb*Q;3ssO1)jf?
zayk0Vs>&V9UuG!{!?H%U@B(4_1!Vp$`HLvYd+nq^P8PaJ5ilXe@71dArCRtDNf63k
zkgLS#NnK&NXcH3x4$!_y|Dru+p?v#4{LUh#Hs8tlH{UVeNz%IiZM$dL^%b0;KJ!89
z_?G_056zrAs3USV!VL+E$!c&qh_zJ+P12UA$*bE_6vLo*ziX$CBa_~!`3dj1&#arn
zFT~kXycrPwAWol4jG|JMNQDTYlV$vir@9{a?YSUUW92{yhDex=nJ~*0kqcs!fpc?+
z1D&T=6Qxhvj~_!~;4G4`Q|DLZP8W$!zdii*ci(&b7mYfZ-h!~mnapN7t2{&cYCcX%
zCcY%#n-8y`VXVQzS6dgAA1pT(wK>?5Ni3!{EOKYaZ~m&OnbiXm5xwbA)bpY%@-iV{
zq+a$!H^4v>i)*7sP#l(cf-Rn!=AJ|czc!J;x!VR8S4W$t+(z1;nCJ;_V=4V)aB12`
z9`BiQr?Ke%#3b@}@PwPYc*38g)a)2slD57iZB^vDVlK+BvxYN}c$3+~h&)Uqn_}2A
z=efS%#%F~m^#e88pn{arv<)SkI8Q@_{HHM@EIw*J`HbxLc$ra}7A^^{r_!n}&e^~Y
zgJU)Gh1pTLiZ*KBM-HkM7_+0*bY@BqRR!X0DhWe!xe{K3A%oD52qdwmiZjJJZ+_#{
zPKuwjNEgzPM4U~t|9ymK36Y;8?R@K2*?+w&d4tQ$$MkS@;{9UHE_TAhaz=!*Qhm`i
zKA}fB-hn=G<&B#|fBhNaSg<U(Ui9M&%JMl&;jO}7UtWOOAX`C{TYaI5s7JdYKDIK;
z@^O8Et!-)T7gc@P+$><pOYY(|o?bqsw9G|4Gjm3UvWnz;qWW6YH02|!p22P1e+@Gh
zWp(izPrp@pYFY48YKZ(;R@hd5tfhrpBNIo22C|dE+<Mh8S@RQORZ15I38^Hp^|JZ9
z5=T@joN_h|@CJvqmU24ocj38o&6LfS#LuL9=4#ycBydM&S<yDxwernopD}z{Y4A(>
zM<kbJ{-UPJJ|jZ8L@{7q%Kn{5Ca3s{)*3a!Xi>-SojLrn-dTa$ebHrQ__u79O;l!S
z@ax$5)h97L9+XjzHc^`$-H(>_*YS9r7jXF8gkhKEcBy*HpQKyGnaJs{6(^}JG($FD
zsev;hh4K;sZ;RixL3+tI(Ck24T;9ix@toU)U7cE5xXB;9zMw4lcKo|inE}BOIh<(D
zEOQYMYeWv82%uPKBibLF1rkPPI#iA3?u!0#6PwBK;*COn80xMwAAC~g1J9Q5%pZI=
zlI3@`c#FcQW`}vY)XoW^ns;hW#ou+F>m>qgju=3Sw_ee4tCvuB>~=NM4BK6AFqtS9
z61o$kuJ!ddaA&{DOxpiV6zLxx#qG1x3_I@Qi>nZ8o3t~BxYs{et`d!p&0l^cl9~hN
z1%q_+-%4FEe^=@dp}=21sEo~*sN6C`)?2-Wv_k#9Udqi88ha@F;9s-^jMev$&^|`(
zA)Y9{RRAGdUz)~*_{z-o*c;$(xJ2hTl$RLjr6vL|P{LT0RMXO@>in9P^8<zGhT2w^
zcr<fG$V9l~r^&>|HJZJn5s~V{ntC6{Ev|q&5+IxbVCTyG!Ul|27chNXHOn^C97>yZ
z6HcaH4{q{@22N2e<;K9a;(xgCG`;`zbm}0t=wBD@ud<jV8HHk8a$twCV40^Tyunj*
zFul|m60Xdy-4y7|G%N`=puJrhZ1TBQRjw)gLM>~xQCHI_&i#QDWHkvnviZXN+nvSk
zQfjOr$~=ypaijp>M?Tf&Z(_7<SkBpz(Jc|-fP4M<U`dZnA@>X8?Q>*a>p4&WFAZl5
zBs=*qphtMXsPKrxg-}bLdDEYf&#|0%f?;Ce;Oq7%YGjF1E`nUD`p97*`UWPSY)hwi
zfCN0zQ}9#|t=K2qx|Q-(P<_7uHMWZx@d9DXvxLoG@jUf&j2Lp~erRZix$`pnI8iH2
z)BXto7t@_grweT&7`vG;(N+PBv^mrK{hz)^n>Vg-+S~+SZl(L&ZK!7j^YQ2Gw*Inw
zf7C2|TIQp9p8mx6kBmpGy_3h;DF65E-T%k$(cUv-?d>M*JwLv^UoN!UyZsK@JNqeZ
z?~n8+*4{S%EFgITdYJ6wi7boAgHQ#q3S2)!7?6VdtjG5$G1<JsCMymcdAxd84<B-x
z4Y|*EI&IUEuD1}?Xc<ePGnkDCH+Up!L>R2!>XjkuFCvS#gv^GuC$me1%r26sb7Ce)
z#H{)W@P`SI+V1FeP}GlYQbXtR)a78iejvW-GJ(Vro@lJ(Xh{kfP~L<%zA9&KzdfX=
z2^n>Au2Pw&`Iz*CR;+8^ir1wTOJl@79bz9#3!<KAR<895g$o<zx_2%UUAn4=z`>oj
z+XD}uXExgN$$eQOccFB?n<FdCQDz+Lw^1vq;_bd_%qf-QHX3ZT0|juVTDz}DJcXM~
zlU)XlHfpnvuOcy4#X(()?Ah9`3ZKdmWWFLpc_-}9{+j@n2ooZS5t>b8G4v+Y@k=C4
z!QFD#{<CMHFK}+wjg!fH!0dBr`vqWutR5Zrc%w$ZZ8g8}O|+eOo%LPfp?jCmNcnG;
zu4Y5RuhStux|tmpeuiG9NutPsd~>LJvEmNvJ@G&^x*=Z0O5Qr_sGULAKdpcELD525
zB7ZPlYOP*suX_30YCrV)zp1^NMj{q%*CQyQeY$OajS|<^6{5C`IOJ8k!}J(6tmjn<
ze-#_mNLSGh%;BcXe443?x38;38hbHIURlwXQ*iRKQ*i^|bTqMar;p>8z25xrl#5tQ
z5LHklu$B{3jU5W4)tk3F`WQlXv+cUQIfC{<_JcRcn6t&$Z$A5LVG(V+!}0~f6@(dt
zybdF%X~?2X_M^fK*vjcff_w60WV!<92#MzjRA76;nJNt8Xrg=~w!p~5KLIb0$>Q*d
zYjgXXXZ4jOe#L|n;8Pf^Emwki)R?8PVUO`#ryWc|qfP^P)VqH!{2<(n$q)y^t$dP&
znj4x`<nh%H_sWe8-SYE?#=_t_ow;2mnO|h=o%*Q5KK4k`s2rWa0R3ger3_rmAMdaa
z4#oodadZQdRFs6f#*uV=r&MW4T{v)8VZ%K4P`(fU!RJt@-=)B>i%4wgZ2mYMiDr9W
z5^P~^NA!1lrAIi|k-X+dA8<)k?_LZX>sqZSCYmch+{KBi(Nn$OWt}1qUgQBX_E4i+
zrnD<kOUn?v?Wd+N56ri}v{#1vFK$0!+vKysH+;djRdjb$T&Mf%@5xjf!KNvNzWTwo
z2RlspqS;r`T%YU1vf#bwMBGBW3{<p4g0!cV<1Sauf&6QW`R4n(qGk2>W=3AN_xEk{
zgE0k%IPF_q#YN<sx)kjZqCs!8*><j<Txk@pM&K0b#~<r`{mM4+rO#QvzrI=EPr7FV
z|C;%?$Df2V({M6JP-H%90-p(E@2v)Oc+IH6dkWrr3N@Tx8^!yRdUN-&48ybyfql%B
zWM6$TUfyxSkdM)(DSCXVQ|>QweG}=e{KbdYA#vunUr{k^3A;2_9zrU9=)<p|SSOVg
z?WpQqR(~l=9TgR)O4Q<__bTD0t5hbq#a!~9T(MC~z7zSI9%=kRJYcO7M8f=R=UL7?
zw#&f@%<A}Z)&z#Ve8IotN6vn6ls8BKdBn1e?Qq8SPR6#GK2JH<SAV(RwF3sD9SSU#
zvHgH}kK)_KVJNbH)75jkjOd|vWkky}BP);bA62t!w3-=+p}kMM%I)(7@m8`y(Y{)C
z%kY1s*d0@m;EPj)ny}ad26p+m^qhB;N$1ONF>1F0peLH_bsZL|WNPG$`17l;Xr)p2
zDOuF9!{4P)$cvgmgH16>5*9`%=3?i*#~&o5<F;?Sp-P)zz7xH8UGIM<dJ*ctsH9Ph
z$bI!5#<Rkq8)Ht3QY)KN4%<XM8<UHFxQ`;By9oNxQw_eUQx*yR&`H1Rb6>DRB~LiR
ztSa)=p8<}k&?EFC;b);APTvTpx0%y73;j?^z8CphyYs!;S%{);AsFY33Yq1|Z34mw
zxHtU0zT_mRbpy0L?c~@X1ebAI4ty4I^FFx2SJX14(u<%zye-)q>d{q4rIxLMFJC-p
zc1?vX7<2T@?IIM<GMHnc-*vtWNZq}%gTOf0Zt6~R?K^QzwRZ7V$*P^_$&mYoU&%Vf
zGV`-*<kZt>cKwBY^mRYX1AB#m9Tza#uw!>~iyR<f&(6-O7}k0}86&bEtv^wTXHQUK
zie%*2lV_R_>MH2aCtRt1csF=Q;8d9BnmwxK`0(hMlI9G%Y4syB^%%`rL>C8AJ4|e6
zj?qX+7-h;?Q7$KI`IY^T9L{C8J&N777o*riuBvS2P2dVRq1Y3+T{M>1Mshw6^b@}@
z#2c^o@fA+(x^yvv*{o+$1(7rs73a|XGTJ9CDASK=RuG0H41}E^`!FZF+@~U9V5dph
z!VYBSV0L34`#@GLrQ`UueLq?fT+a5+o%;$)@6YCvV|?|%Ue)j-L~^2SMh8Y|?Q$-q
z4c(kUJO6+^XmKYu=g669?)V=)4%q^LWA?;5_=N6>KLTJUD&8jQ+ihsAKTDR7d-Z<%
z3&p^p8*IAq%BF>rGHxyAkHM~z6G^d<&SdgjHN-wGbI0cXv6J6!vTjF(;Ha3ICA-XY
z>5hnEdDPnU-geWghPG?=l)kd8U3kLgw%dPSCk#L|K>Psat-q18r=G~7<Gs=3Uem$r
z_{L<#uL}i^?O&&peG+{Lx&M6q3A<SD{)F{;5Cy;8e&}^_sQu6)0CROS<iE)MJg~QB
zko>S=8kS?!4WqAeO4uO12W?y(BTpXhtr@5da~X5dI!Y*+KR%ZTE{^&|HRur$PO&(a
z_Hw?DUf0e0Qh3H0Yk$-9RM=aHwdDBS&n3+6`pOY+;Tmt+GNbMTD)Grt(N~{=TnZYD
z1&gpXHO$eR!jT^=NmJB!`t(ofaR1M$vN1Df8zuo{<n+f4Y?C**QN~(_i(z#Jjt!m@
zRe^pWCvkK=bV$hq{WGp$pkRq@9rZ2^YIL7T%I@qFO5Jr&^4J{6u}ycFPm_W_^xGl)
zq0<kBGmatm86&_USL~^;4Wq5*-(f6PGt_hp7QOX@{M63Qu1tQ|O%_K-<-Nvd)C47m
zhwW97)dVGt$L3ENtQbWkp!|2cZngHC<9~<o4#VJngB4s3!N$DhGy!2Ot-J8*c;~mF
ze!qD_8ja?PErUxXvZR-bXs*g}^(^PtC9-AryqIW>pz+Y!&#t9Xu+%oAg$hqJm3urQ
z`^;5l@~=^Ce1Jb9OR<Sy-{Nr(-}%*!qe=wc?q_<>`Eb`Fn+O7z3ISwVhmh$*V%8t^
zH_>{6Uyy9BlJ;ijjf4s331at$K<qqeD1k_M)oJ-3(i5!Z<R0&>PwvGt9#;Pme0u8<
zfJquA@<m`gwVZdgpj>(j-c!xUmuR+$l<>zaPJ4XOj9jB`3ZRIldj9U4s3q4^Lf$M3
za@?som~7OF4JHtx1aU1@J-9%wflCuUvpUL)(2q0Q4k=}<3|JFZxy{ZSbu+({ncljY
z??ZmGg%^EYpf`h?a!y+TXf*rctDI(<K3a&(Gb15zcDrN7lTuM#xT=%6m<rhZCpVU6
zxmaIW?kCJkkweERCpc|v!A)nQd+0yfQFoxqy!|@*$*T7w*n3$5GHX;Pzm#X8L8CrX
zBA;HOL|$~Iw5*lL*ZfRY&)I{^1Cu7nm6d1z+j_Z`B(%p493`K7pF>NI0d{d&jchZI
zZ(A!dk3D{{`g?<ULWQ*zG8%{xjJjKa%sXg^bsZ2aScW{o+DIaDsV-f+&8fVO^oit=
zG!|9mW(YM;Fq=OSTHI|;V9u%%QDM~dOHSkkY-o3wBX^THUF041iDkR_x5w-t%)h&O
zzg>jhKlmc^?xArmvVCk0JVzEsv)2RCY2?4EZ#0Y0k+#ASd^IK7Yt}*(j_mVJn|zRX
zm_$M$G#T4pkGKBh*44z>#Sk?e@vGeaa5(Lk?6HSG)lBcjG6nth_XUUJJqlJua0B9k
z4u`PddU%ZNATG<9nnP2erUb2SXeRt@0S$k>8;_#dYyTp&(ol7lO~gUsrRGrv7m|?L
z2Idue{bD_QE`MEi4X;Tt^S865mtZFXH7u9*Ws1<}j}=e_xG3n={wyiy0egQFy4C3@
zq5e+sI=7roKdGu&S`Lx-JEPd{Wj8Z7*X|{qqV1UkXYP#bIlG@UO^?PoH?v96eM-Lb
z`R8(v{k)tnmOQfOsf*tpGUFrf(r3TC_LK2%p1C<rqObsI?I>@3PhtV3f}wj}07I;I
zVCXM@wlUO|a7BbDVhpn16K<|&pj#ZQNLDjgZI6952_64X_Os+fJTKpmc`>d>mnzin
zf#2hLSJtg)vqKLmErw9{30uf%%^vD^w`7$aWEB6&au+yXa0I>UE)LbR?lM-rN7)#o
zecT?JA=$$~9CSv67mV<AFSu$~2d=VjP>^;8^5Grb6ROVg>>t)QIdB>=LUUN&^Jv`W
zpSSr1hJBnK_v(pv+g>sJiNQB?5b_|AIBY`yqe|*W^!3$zf_|;rix*`U!70!2W0b&$
z47RTIS4mves;>S}cFkgzAw25@8(&KJ<ZJg`uE^NghXxNZ5~k*RE0)!KblOn7b6r%?
zRLrCNH53@tR^W-bu7tZ1BNxs-w1c&2YF`SxRd#zO1<t8xGI^v0dbAZ74<_$Q@?35H
zxdIf`tjN3(Z7lb}MNSho7j9A>eOKZrbAD@%@&(rrrmk9;xD3!y@9e{~NEq{UXDe<o
zMgH+e7-(`2M&n9CUmQMZ+Bt=YS=^Uhfz8f>>VbXP2)`+mf!m*=y#c}lt&j?DUS7CK
z95n>;0_2An?DK$~Uu@IKAHdffId1iahVG5v9&YGfd~>}PbJOE}J?5sT-Ti8ER#`CY
zJFwB`+T%O(U>R~JsJkR9_1LFrwwPnt)Hi8t$Ojn}Z8U0cVU3JGUsn&zN<eiox{SAh
zudKncgd&(N`Y6zyGeR`G$DeE~yVF=_VjZKtK~i5V9nF50$;3v^vHEL$p@aWXENSi8
zh7gPSFnia0>3{Go@vka^h#lq~>-R8d19KCqu2E({1jtMypIyALy5hzp$gN+mXY5@}
z&eF~lH!sp6%&COHWui^WJv*1~qBZADs5(Vfgkt<z&@ciM@ERcq><r!_{vKzqkQNAW
z3xmxu_*{W}j=);t<RvsH!(IU|xm;Jk-DNTfugx86n?p6tbJ(P8E5@2QmP^njMv}#P
z{u6GQm?P{;`9D5t>IX-Ajixc}W)u8F*9%{eRd-&KB8BN9a&c4C{y0yF9H)NTWMBO}
z#aU5f<rH82$m#xI-@U#8^QtMr6c5ds&LlI7&pZ%yGTLQEPKOtV$pf)9_<~x6Z@{z(
zfld?|Yc{a>*%^nAZFN1>7k)iPT~GOf(<a+X1bpaiKPb?-Y+7@q`w`K_WOWd8y;Tp%
zDjGG7p2u?N_UB0v-(w+z_pVuNt>DLZ{Y`h^btm(J+v9o6G_<bILt@0?C&%i5lL6%S
zG(SJ$Cv+i-IysR(?c^VJ3-odaH!yOKVARf`gtdS_@GCxY5hTpT%}BYI&T;Z5^VZ2<
zb#CO&Hu>P|mrGMr-1m}XLQORKwp1G!BG&u;y9Ul}bbm}c<(fM%J3c!F<FcPj_WFci
zaxQiWMs0w3g#rp8NyMSqoO4N97gGR+EeNSPiKumsIs4Ce+~^+3uFVx&48#EsyCB;D
zZ4vLi)XNHy>hdnRaQq!pFAPk%O_tdH<SV{s{JnSct|Xz{YuwX-K2jJhIoJ%2wkf&K
zu&o#6=~&+0)?kd%m-q70b}Vy;d?2=AW`nlPoVNIzDDz5$@8UU?*_7pZO~ysk;d9zu
zc3kiXw;Z``_>5-%{P$`=D|a4$|CQc(NHmoy)MQ)lJjB8>cHyy3R*%ung-21_g~tZD
zWj;z>viz}*%FQGS>oliT42`;i6Z|BC^gX+~Y^m&fk3}ru)(UNKucu~1WN4@KXPW2g
z!Kl;vBAw>b;pj5W`@eP?S<O#sDD(i3vw`6N;T{xZaj`cu?lj3RSeHfHzEuYpO#y0=
z4I1z4n@}3bqkg6^O)%EqET5$uB;@{jDE!GSU1AR)RfPrxeyf}B0d||-)H1DYDx*yz
zF=({wS%)+N!>W0;&eI6)y_{Ds@Cq)}o1v3ET-9kZHO(Jr&bHx+#ji(7HC-k0|3qZW
zoGFD>IUA)pPtt0+eN?3~**P<b#CMjnQ;}_6K3r4&*z8(fO}5dXOt|<7bV`zQMP4Xc
z^}g9hU8zjJ*F|%y%ouu9`KC}n_RpSDL)`(OBDtoet5LU){I84DDw@6Yw}`4keLF}D
zmjmy4aXlyOHky4CWt`eSB_jjxbqE-LV&qU!_xsQx<;6LST!T&p)-r+nOQA)=)(=3v
zA5|T_@@*%vdHNX{WoYkF00h5yBUqQH_mB}HS+IE*C1=E<c5o>Xo!c8~nI7hdsXET!
zLz2?A&pM^ap6LrO<32(V6?^f9{o<$cqF?-r>+Kg$^FsE3$&pjz-#%o&y<6VmUy{44
zOin$EUUvwB9-+QyHZHJlgI+7;m~#>|!f6P+n3osWdOg>7SLzt7oV|@Y;GfQYf?VD}
z8Rn}$m5P>^)n6{+YQ+~anRW=9^0dq^L|hdB;^&QSCg)1`g<@i&w#<Ya@Dbcmh|`Mx
zj0VwBp8BwZJ=UJ+W^ev-9d-dj3+=p&LD$E{dIV&5bChIa=eW-wu*v+x5)>h(>oLas
zq5j18ro>rq*?}yO;Rqgfh__gXmmPp`7Fsz<S{u!tE|f3ZZn#J^dnc`gHFdxh?K~+g
zy^(xEhB+!*h-R15KAWy)$wovkKI+|%2-kw7b<W5^i^4WWTFWx~xgHqK{Vn;jIF(}`
zphA2VJo15P_Ojo^>b^<5O69lce%2f0yf&1PsLX^NO0S$Ho92zxPld84cT}3&I4nk5
zu@^VkFP`9qbRf$nt=QWl`|b1c)+Vj7kk-vOEr_%K7-ims8xQjxt|;_;JW3A8_C5jc
zZ<4cBSxnDMxT$n;L$oc&o3?=yRQ&z`7UT`C)r%{*5Zl3{IhENW_&Xans>zkTL}BX-
zYoaY)6RK{;svXDjmiSJSS9j>EX53?bgA;!Ph4?VP#P&7rVasuEcJo1rGBh5|LtA(L
zZFJ`w_;c^+<@#nTXZZ1Jc)J?S`qlDQ{%n1N<)0;d6I?~AOQyO{1V{m}D6x$apHbp7
zDItHhe#+CGJpF>FU&vGWvlWf?w^#5_!T_eSOL6KW5U5>W`uC_W!>GN;sV^f|-$~!2
zzD%Qb8`LA+L@C~GUzhJuUzSlTj%TI5tXO?rzej!Ds)k8j-C}i}`km@}N5*24jKy2d
zSTNdevlE)!^d&%3xzCunmdm%QGg{AU#Dl0F*rCCAEbJqGBfIFL6@dtwI7m|h5u6R^
zkmi1CEcC}xA&N7lsY05K)@@3f`>h-G6?&D;-x!NK(%7)En7FJCVGcj=ZG^cN|5P;h
zUlL{`15a&Am;8QDvYc+$rc_C7-;*dMur9SIP4fFaN%8|oh+32)`Td>*DZvt{Md^{>
z??;Y=xW7`Vk>CG4VqAyI=Bk|d^LpXx>VZi%Ij(~oB~<XPuZ+x2St;;%mW4FasC^XE
zDRD%gcf${oP}SM_0=T#tPd;B3qhbjO8b}ef*s4HT5djMKpsS6+5W7$b;<DfPb%Qbg
z#}txSlapn~TrfY(*6=)bbE3Z?=3dt_ys{A5iy8}Iw>F3Am;I00Vb%4KD(cCj1`6Kj
z@}jU&cbKykiW5fdp8(KX=}_A+J<ErVz<@DCWUP~WM(bT(Es$%ro@AKjs@Xnx;Kx%v
zz&9j@x2IsfkoMKUJyVABV0aP%8p5A+!Gxivd2rf>w5CC}&A^pZfsRJ9RvWn3s<qRJ
zSTm&UC9aBmEzrZd+kTuB{v;!94GIj}h}s+E`^KV<wX2PwXzB&m)NJc%ESllM5Tg3v
z$5Sse7F8yOccjp;w4>Dr_e?1=7G0TCv#mpTTNi2ICxg@WrfozwP0bh5s14_p$<`4L
z_5g`AHtkSwqxFTIP6}_!NZTCTYkf#s_fKiRWZ{*KcLZ^lNC;8X8p9D`V+2VQyD&d6
zqlNTRwkV839$3S-qF8_P@asr-*4M`50<e#uS$#?C@7k)<yaOl__*7)#TcvUt9?cb5
z?~{P&nx^hd?}4pQ(r4_sNR8(3nEjWeG>Gd4lr9?N%CA7K3E6%$IQkd9A_C^pGNV>}
z1p0yvsN<hfTDxg_S4P)Y)HH3TwUk!2^4F5!224^I!&!n>PxYaXr(TKeV3Iw|AeUi2
z#N$0ven?H7F-O4~MNL(<4fdpM@}w>E%tnpe4pzjfx(tex5tmO9RS_@|>yxw=kLWx!
zP4)PQUppey!{sm9f=~7>xP4A4EBe5ghgv#O<JekavYZgO)RJhTSf)^Ya1#a{a^6gp
zI$w_~%!Nm55u;X4fQ723F(GnFYyVKW@DK1q)3vAZo?ammoPMg0ctJ(q7;~Qm6_F3(
z=Qrx<!DY}HId62;d@3Y=4K^d(VBjs3hZTw8Pg80>ADs3fw11Th)L67&9isbO$=^)d
zpycljzG2ip!54g@Bqd|TH>X~1Ax<ZvTv!Qk3)GGx7|+kKuHv~6;X6T7v`xl3!z*u%
zd3|{)@_v8O$HqJnUwDeR$~^<XOYqg2%jldm23sTyeCtx=xg;Bt`@6gYaI{gG{FO0!
zjiM1?n+U@><TqGv%8j4WkziP!Eai!CuX5vp=0M_%i7d+ZY?ePCmK&3{$UZJ_pDv25
z;gRg#3Rk|BL*n!cH8JM&OZ9g&ne$lev-o!lne#|zZ{h3me8pGBnDAG|E&PsN{*`f~
zdusxcVn!eLYq#m;sGJ5kUOvq%<fFh5pE8E3%P~NxZMbj1z~(8JG6)wl>s?HCW6?E<
zP%BI!$)VCuGGvag5&p0_t#S5IA=3cMbRGd=j)_H_{mfu4ogTPXcF}q^+i!N6APMs?
zOZM<1S0SyF(iS!{sdKcU=KNiUVFw?Z3p&avE`GyZoM3CK_h<IAE<g*Sjw=cxp$z1~
zdoeB9%RW2JW3z2z=zbA>*+B|K4g*u*)1nUvdy$J`%EKybGivAL3d&Svl2fqxr3<(C
zibQEy9%5KMDO0YRzzKm<=r{H+w{Wd9fD;RMMotn@S_k}pXiw=^fth`$bDoIPN5TF|
zY>m;xJ6yZE>KvjE$#q9@arF^gfFt0YD$xs9k{oZ;{DMzfpYexey1uQv&xdW6uV^Yv
zB1}(w^(pYioX7|%G;o|T_Yrc3GO9z#O~&Geu$eKjX?$_sTHX>AE4$=Z>FgCUt|$i?
zov{SLdCs)9`s8NXuCD+@`+`$5J*vj5VX`8ZN|UBsFW>pr`ak<+T>WBG#TSaJ*A@(!
zKWSiQ<Py6&=}YDG*2h-0^p9G(4}V6>Cws~np3WY1sZh8TLo4hXSD<BfAc-rW)UtY2
z@$?t97;^+cstSm1<94-gzUu)@cU(uxf@H!aGt`D8cr+tVPPo+deC6`vzw+(hm~ut?
z`qSg;56+-o79QwHNnnhpRrwK{IkCt#$ITSA!+SC<d|AkP=sfm2k0VbxPD~D%MLd$R
zu<}_sTc4gCdpeG%ZF8a>J>_}S9>ON5(;R~0uI^)IK?!YmfCIkuxNPC&iux=@*<-xA
zs%B45OPKjfqUnW9Fz?~?1kdbf=DBPq=RC<XH5XcX<0*?bmM<vbe#7|tR|F&JQ?X96
zlwyRL-&9)BG$V`Z!q&;2iL1xU6R6G`8u`sI$jn<_67&xgFu548WFU7W>-j{q`D?c)
zcwpL}gJ0Dg9XIt{WARtvFB2>FOI6`7J5M}1KL3!hc$2X>YgBpg+6)YN!j$}~=1_WN
zx9VjD^RLZ_VrCKPPNTGjX|F{-<r`!!u`_$L>Aw8+tcw}PlFVMEa<oTVN#@c}8_6)F
z)+BN)$pHg}U%b?lpZu^fWNj(dCL#ATOdxN4a+BZHZ2M1#8?w7;!b`9e5>z@ktn7u`
z?QzCD*`DKGJKd-et3FTlih`2)<CEz?leL@&FA08`nScI8dVIVwx>kzJ%lP|2Jb(A`
zROqmHf_psqEuM-NMbz$-OD3)#UuvV=SUm7Y<-z-tzZn8FL?E!%@XhR_g6nC|(Rgjm
z+$pl;8H?A4t;CXwPwcVV)!8%gO~!7$yr3yPX^O)nw3egV{5c+33`3n<yyYVqx4}c4
z*ABLEjhc%-Y5NH(%)0#qT3z3UZPyWRaANBmirv+=P9v^Kb6$dOWds&k%BX^0L{4Qt
z=&(J9O%d_Ws8yS8_+sGG*2%N|NA{G8Y-pQ#n|P)ZvV{e@?eWX8$9UsFKlwkJUl+mx
z{{8%Fdhq|&`SotFZN&f0{3?0qnECY$qyN7#zphyD|C;&r`UC%Jem%+C?=`<F=C@({
zyUZ^RbpP%Anmg_I`89=SCzxM1#~%O7`GrzsnzJ@V+{%Ixh&ntNzcvmN?ui0OJ0{#p
zBp1MhUv<{A(LZaQZ<S{X_nY=(n-Bki4m*6fH+*=l^$ZV`54WwaESv54?*Uo!g74-Z
zs5oG+QZV1f@g@1IjKxu7ao@@1!K&Vf#QIJb0M@(mo7sny^)7N)@6?)q$#!+M4EnXG
z!*6ed5kUyaV_DXm=MJOYZ8O<&F^14xkgPFYxmb3LB5)rwZmv+lH)0XNZpa_UWouTT
z4%42++9ZHdw(?j%JoX&9osQGjXumB4X-4fsY)E7u8pm&^2HMesY{<;pc_wxj*3H6L
zWBMcC!e77R_%oN=jeqMR+;04T`hWHK*Zv3NZ!fX`3*%pTg7N3s@#C-eao2g&;C?b2
zS25k|H1eD{eP4+vnK=TTy6bcFLQC{oxY}~O&*aI*zQ5|S)`~Y-QMIqL0j_5wJaN2J
zgnCt=h08(267iEiRGErW!DvDg#MMrnPVHQr*_w=UPGnLstNJ~8iCin`1=h8wu3hxa
zKRM}hKPjpRs!)r{d~vWz40%GMY@_o+Idt~+hwej;avT3DI&c{FU<mAs83Ln{)Ons<
zFmj8V3V=s03?qhi!#t8sB^q-&GADVM+L(+2Cjy<|&~BD^s%Y16(fRpSv{2ASiw)3P
zanRU`ma7|Ww3LGu<anv=DsG1nJ$LHK*}=%`{n}w9=Wr`Vs!nDgP<?r9Jbg1tKe4t$
zT4Gahr6Nexx@{a8bKcNb$OV@H{2N?-UgzNI0|08VeikeIqz;mf4uS;p?S*^5H`m$f
z2GYuoW!us|+uzz{GZt5-)*MYVYU`vW_2V*Yj^eOd?7`}<>`^~7$5?z#E}rv{jSoFZ
z&M~=TO6rHE3xMoreC{m>fy&Dz^5ffr;Fo&vxBNBMcyzLEvNp??A=Vs!J^xQ9L?mZ0
zaR8-)X}M5g-kAube=WPDqTNP~C|3)*Td!qP9ceUd{jW@GQ9zK;SK3cob^F-*^@c$N
z-v_D7slO;zKPtiBTEE|^|3&iH^@~SlWAU{F`10qD_K1}Qol6vT-SY6VRF*qjt{^)-
z3yA{CuSjn}OaJ;A$$oT4m`q4w4!x96EceiVL}Nu%kgBqT4iK-1BF-z+XEpGLco{XS
zVG~n+iRF+Jg!MRoY|>>aN6u~qEm_QU7Ckjf<oS(yN3dTXa@Mv*0ypqVr?vR8K@}MJ
zJ`MERv9~bi_7%O0XSa80Y&84iY8r`@N>rsXquIZi6R#1d?LN%0tfbj)o#Q@Y7%j(1
z3_<`j&77rGuJohX8Lh3V8n1^9yG1K!9@nB65!TI+b4jSzQx^%g1WAGai9F@puwxWN
zE6vN%i;#CY2}UgjvQYf^+&t??EU@YZ_o(^UwJLPG<aZ*9QbloJeE>t1>*)Os^WI#s
zf{&Wh_!T$GXqYmA%$6BnM<ZFL>ozId`g9vlMJjjbK#FMId^%R%qHih!xLH_Essj0p
zv7$hpeL2`7m=%hP=qk=Y>expgEJrQi<D0Gij7n_%cgmysYnMk{N%^BnA>zV?@&j&;
z_WFVcH_QFH>Obo;0cTA|U{=*p3<a{}Dk5@$uywF&&b<H$Pev^DULWYZW(K<LX>5$5
z*-vQg%X9G+QzItlw?umdcqFPu^$2q6D>F^^dxxX-Gjh!%UnVC+dYb!hmCnXz`0QOf
z!v|!LFMhUPv9eY(wrwA=S9FJARo<c$<CmD)+viD9GRJp?NdCN`VWYgvl(C{>HP#!%
zMlR&u(aF}zLagb&=7&OuXmbcB=+7L~DLaZ^9yiOIVtFGvLb^JkwJie2xBnviZ-6g!
zYpX4X$9QgJrco!tJz90Pv?^w9{s7MiE5prGmaJxvkYsC#@UMy0c;gvyt1<ox5u!4?
z<;$wh-_6KR&c&d)Scs><7i@lsg(ShOJe%42D$sW+(LqXhq(uF9EFm`Ara_6wnD6|7
z=CjD&=euN=eX#i)*_m4f9UwyKnwbDv#M8~G?aWxVFy}F2G3rDi0E>B?`6LETRl^l@
zN!we>pYbE|;v+zHT7H1o_+#_s$JDCkA*sa~4s~E@KK1x66`FqSij7O{1a{i82p5Pm
z0MV`MhoFfO`g=ZHB;+>v5q-Y`TdjBR%{upQq8=I4+u#bG#^G5m>jog9W$o0JZ?msJ
zxUKhPIcCN?hcO)CErQsuwS910A@HPs3W3}Db-G`Zd5;4qW?(71oB($>LsQ!u5ne6}
zevuzXvG^b1pLjtzZufJta=>T=&0?9M!Y@*z*++g%k8sl~I<DA!+?*#&^klNY61o7l
za@T0DO=N9Nii4+k4j1ZabGV23rRE%Qj%=F51&N$$o;jv<QX{&@?p9dg7%gzX%-Sd2
zJx2b65i*8ex5UpVHl}sE8F*&YMqw+l8FfI2L1xr2ol!zMp88=-&Q8BPt=)8*nPV>D
zNQsw{5a46yP!*i5xIHG>N3NEA<iEt^>icCaVXbKZIG#=~lI97W$|*NSr+Fu$Qz%sR
z(QFxZwAX}blx+7*DcAKsO1WEPp^Q;(8l+{Kyby7}Qm*#DR)PoW_E9Jo#nVAE{-Kon
z^*Ktp!_K7+HObP*IhWq3l=}qr2<3{Tz|%Mk%9U&DV@CKdr`sd^0>9$$y_Ikie*;!y
z`lG4lxQ#^ogpLR7)q#zzKhQ8{TB(?e)ep8V?48hFp}ja>pKJCmF`o4W*W+hGodX=T
zT|FnF_bFkGe4t77wZ%EU1R~HqhMs*lUqbK`-RIO^%}eo5BX{2{hrdxjoSxu^o|?~-
zP+>@%GM>P-iGf?hY6z)kP0P)JtL^W&obP-xRki9e^jm}2|HXf4QrnkAvrNAt(c&^B
zL|pdI;6Il7H&``Hca=E6$RuQh-n4rbyOs#!V{_vPrbt-GTghHp8x0isLZuvNS`w#R
zhz>^8dH&EuW|RE88E+)JV-u5WD+&#vka#=FF4EGUdFy-RRuxzk^gEh;-F@-fC<#`<
z2f^vEwpOf4kw!3CkJ%IKq^L3g+ruXNf@t<;o>>Mpvm#~5VGJK}dKR)RZzaJ|(e^+t
z366KRQ*lY4+*_O5z_%nZRuUVW#AHb{lc;|vx0)XbDsQK1CB?!gmxx&sTy6mmBp&h;
z`ukAsLjC=XT`#-f9!6(>Zf~RWwYdY0&SP@@Qbs?+yD^ezmI5Ru8H)+{LINpI?)|ce
zX9^OZskH4?2E$%iT!)P|GLwwVD_ME3$-$29dM|%Q^ykm8Jdf?j#1p(H8P!Rl)mFAB
zOHB_vO>Krm>$`cwpXPXL-bl25%nmb}9d7rqZA{`Q!yXf9kAFI&z=%5IW7LgdO|r)G
z=l_#K&^C2WBPNi}IC1RkuOFC;1!IA3zr=!(e<L&ba|7pa7GODy0|}voUcsz^vzO?1
zo+Y$at7#+ir@7sDZgl=>t}tYSfQ1k7E49inx3Bb=k(Nr7@TlYo3d!&j>$>xZta_Wg
zJ;7nQ*dgm>wTL`=b2f-(zlUq~xY6H<1uOhgxrbTxPn?f)qDtWji~y_C#Lw9J_OX)^
z+Jnupy-bQpYQJv6b$6SC_?6fjjlw2~TJVbPR+v>x7>C#i;cTlLbqnilhzRR7|D<OU
zN596=$Hu0yL;EGq&60=NxNgwZe;|jG(QG2bbDuaf!*gF&ZkwVu`q``L9y^w}BGF#|
z;2Cy3K9K~7xjk$A0dx8(YzEkRRr4!rex9}qkz|SR9b8-V_tqC9g}FY*TR(!0Zll#T
z>uV8N^4``zfN}3*FCb@0^5KZoHb^Wv8>>Uq!)z1C9=TXRij;}<KGd%d@7SY_Ut!S5
zPjMm1x8!1WuUX+{w;$@))y^<ZGKku{nq5jWeZ0p8GA+SaM155$wG9hhRibOaB8}=n
zeRA&pVk{%Odh4gtkYcfnEPtGa!2S~=aK+ZAr8l)1MYa}SvhVYL`yRdLv5nrP6~8L@
zZ0T1UI>gy@E$}W`xo_`n3pW;=<6Sy+WL?5jzxZHa{QGwD+tH=LwZXMMF@!s8EJ|Us
z^HP`A&5om3#UUozEL(wMT+AY!DbMt=aV+D|<<H-PuBtI-b+Sx@0e+X*V&N~wAKc3M
z`(6=avY1w4Wv{rShWcAvp`k|yo@6X)cuCN13~A!ho6la~_StB2IFfo`Wda8VqxJ%F
z5euP=AEycGU*D*eDJbn>Ba?)~%wpC+H5Xn0y=W`81g+AbWp-j7$?-@0fS0g-i=%?N
zpcJlI-VFn#nGHVI3Y4_aI2t3eCwd!rCF1wiu*<C)<Ry@TvsgRzy(&9;sZVNx+yyUk
zi0>BZ=6oTTL|D?HsS!wycOrNod$B(_Rx}xs^vkxF%9z_UR>5L#&?Ui4QzP5x{Or%8
zFq&HYleU0aW6^T<>_**9;K1{W&`5dBk@P8<o>#~uFxn<3u`2syM1r42Ft|-Zv7|uK
zddn(5C}O2h-d9wa8u-|`Wo177K%C{!Z^;{3<q3Y|34fXDsoCxd)BKRTM`t01j7Pk#
zaP$+HM|D4GP6If{Pfw?xoF*$v6{dP3b(`}lIso4KzNwy9q?1eKk5$GXI<<x)nbM;-
z<9f6aIB52g&W4YqMb~=At@T#y?O7MOO6)SjJ9C2XhNB(OTo~*+P!dY+@2^<>$&a$0
zEeo#kg?A42g{>S<_@KMgwXvjP<K0wJ>RMCkLSL@Q6K+W?b#17KF5syrxZ0C{keoeB
zUE%N{x9h8ko5tsF3|l>igtF3RFT1Mb)C7-fwRhYaZ^i0g<obT@rQ#CT>e*p=6I>JC
z*)x1F(X}y@wU#a=<Zo<!=N*Sr|LjxP7+caUpRu&LzcEJya15d^44dlWJbR+`S%E`N
zAC&}`SrXUSvwtNn;%AW|_+BqLb%3an;1}U9Qa!UjPrv}TL^Nt2Vem@pzF<u1s$?JD
zZ<hQRC3|dnTI-08I9b*@M%1bha?!fawm<F(f01d4ZC~)cu-VP1Ev3mySXTqY=G$xr
zjQRFN>$r70uv{8t)M?X>q**DXoL;Q~9a32)ea(sG`!%(d1jE)}+c5GJ`6P?*4W-Kb
zJ#q{+=DtmA6uaD#$#-*;H>!*;l{786jl@!qCN_AgTTlc^GKOv}4`vnkYKCSe+OxoV
zhBZ=KG6gy5s%VoKHO%`Nrn%7O<tMeWv1qfn!mZdaam}q0A*xGc0K9&TMlbrDjZiOa
z<poWF$#nZn+U!^58}WK|`%TX55MF1U#^TEqC@XXj99+47xhpW1NU`%Tm13bmb3Tqn
z=?#dgs$_&dn3A5L`d6)k^Birn2j@IWKqCxEx00aQ(9*$Eu+o#alGEoqG5QF;Z%tzk
zdB?5vRy5gjVhzn7><u66<=TkKPJUBx<$(_kugRzXfC&uoiQl3?&<wYvRW#&}d0?6Q
zswHQ*2R%J`P`dGp21fV{u=`LrHLNT*quLwFn(uWjqp9Bn<X+p~HOrZe<>;ACs=vQ$
zX7C_^{v>rv@L+jS%d{KdamnbZuWafdPrU-A2z0qXZh`s=lq}GB0woEAZsf|QM1i!d
zOCU7zXNGZ(hYRgtYx36`i{5DM`A!Yh{%ySOEIJwEb*I?84$6w>bya65pNnaed~7~4
zI-bwHv4p81j1wK7_n3j!H~i7$+&ie-SiG{rT)-pd%fz*yS@ohiEx%WAWGlFxyoA>Y
z)-XZ$Zu7DWW5c>#CdB{o3~lT}6fTlVuE?lqNHG>S2~z|aR;FNL!^WL1IAWr)XcNS`
z&Jw=^FsvB+C;=nPqjCJi9(9G(dDM>|aCJGj3T3RM6vo7^#H3_5oW}c>=}Bmer1Sm^
z-UG{Ns*9(39U4~x=t`&4NCaQ0=7f{L{_k3JLheFx+_om|&yqE%FAMp2)+Na-Gr7Oy
z50L-4j8Y7-vuHXFw==3bda6yL?ks9DhO99bZPW+?Dg*e)bZ=&zR|$Zw?mFPy{!oXU
zT4lW^;CQN4zypcoEOWTHU}bUM%3|hl95I`(ymNd-ftSl%|Fk|kz?)FNf828{p9pqx
z2#T5AhnXGRd0>m-eMb-;n<HvEF7k=E*45q4UI$-_Ry`H7@Awu%J~SzwkQpi6PgI^H
zYMlssk`08&kyDJtqIJ4X^QzWqGBLCoj=n5Y2ir)D;gcn5g}oJ=!B!AQ@$VUP9%Yzy
zE66?_Y5A72;78Hy2k&4{@A|kbI5Sh4w`+eis&Wh2#~3x2(1h5xGp%A${|O7rfQ5;3
z`l27EC)oR@B^q#Rz@+pnW8VMJ+WM;W%;16W?o8G3D=#`?%&X<GI`=9s`g+=rgr{L;
z1W#Kc!j1BxwbRNanX*Kr+>*ROlI|stswS1~CEHwtw?*<c$?g$JWqXP0&`QdlCU0Fz
zKa#ZBUIU=<tJp?rbr&Jp9yZZhk8}9?Z!mD_<QN7PW|T|!r_E^X`ofO%d)mZ>>C)lx
zZ5>{iCT+S#d%G}I;NjZUg|PRv(*_8fybuPzcG`skCoP1<ubp<bz=;cC@@uDIXh8QC
z!sgdb!>kOJPT#C77c(q=7A)Fi-*vG87pk@X%G&+kbn<Gr@c*g9ye+eBzno~yt!3vS
zquzd3#EYNk97;l~KXJalAW_Wqf*JS~X+&6B$+lmnto4U|m_sZU&Fk|jj-Ah*S7es@
z@>k$Y6X&$cGp#EKpTI82U$IA=-uS{_UWC=TQG2Uw^Nd#;MWJ}Kz+uzvtJtveru);`
zYMk4;Q%c=p^DwWnn^D%6hqOA+YoY>+s_PzV?4vby;>)ob<-lQoR2=7!<s8k@Nc&@1
zUI(_b$PR}ry)=ug%CRgPfyv@|ZS9+HzUh4HY|XWpooFoALV+t9B+tgCL683W*WHad
zbLmkjqWNBAYM_geGj(r=Lh=@K?x@zi-3-vf-p*DV-rA}*{01L|uiQP6eRfhZTQ4(b
zVCvKvj-qgjt!%v%JgaJ#qYT{du{+ag?J_j3H-f=F70Yam>t&w&Wu+BsY^`0<xDKPW
zy9|x%P2SLO)wmv^8rK=3e0{xwI3r)>ncZS*TyL26=g74$iCZVpr+r_xJL25+1V=p$
zN1^vc?T>m7kCYB`x@|k}Eu*2qjWvhHO})Taypct{Vv}mf?d&}9tMU1Jjm4a9`n_2$
z)Ri$pbcS^Wz~dpICMq+k!v*vG$%geH)C!)SvGZMFNmw(LWPofu)tWu{a2a-iv16vy
z5&m`@vP*;i<ZP307s!s+(Qcu~=#W+gVrUnyOvaq9&_qoA`g}f2IO$UK6^y^{6+-k>
z92Km82c7E-wDfG9Yw22?&h<a77a%BAVwNQ#4(T7C80qVcTG9GD=6szq;&`NgOV{1Z
z;#k*()KaDv#riA`tBkp#{O_w+ap65ryJ*)r6%E?Q{6?KV&Gxk3b&=Ibb6=8mt6iI&
zeR8}^fcPj?j~%m5o?LcZdmHs2&sdt*=u1afVBLJ8DPxb~WfR(W#cj;}9Sw?gXVxzt
zNtk*AUHSBqQw7Cm9n%##r}@IWF7Z?}Dmj`bV+iBPUxyYZ+n?+K<CWc^DPNM?l?^!-
zG01gvZ7vON_h6P_%>7b1!{T)((v^?Zvu~Udwiwjdgl&oN^(A;ld(@q9jxpSQjvwwq
z|8eMB_ASHR6+RI^+{shRoyl&@{WDDfJuih)lmd@IPjJBY>p)M@x1gtob}RWr=&>ZO
zuZrE;(Z;uRaMJM|9ChUhIw*osLHpDhj8J3POf0Erwi(^7&XM8Y)_-PgeE(VY=2B0L
zMuh84J-@VKyHgPya|JZeC|_X7yY%+9C9j)q+C)FN@}!uJhHhcA$#@bOTUD}^eR*Dy
z_UhW$R~)w^GDD`j%@lnz*_^_yqN)$^op9to9!I^eI37pGtzVvsb-Gloo_$c)s+#i;
zvOlWW6I%t3d;dA-4Bp2U(&OGg#ryWl@o`zkkOjd^*m8R-HpZ6tiZyHBM7ek4YPdaZ
z>CRcI#%+Hqwo}lG+UL=QgveKNfN2w~R4lXWk^}RgUrSZ<7T`%#8Ppz|Y`-jG<yJ*;
z*>gCG;)QXGZYk2+kh=vUwyC2<crYI7&SohJ-FECjX)Ht8wx}_I64pFApz>r-b)y~}
zyXzj`N)wT7$elP=X(1U!Z($h1*R3zPPlKnVrs9|cJ=W}VJK%Ll_E%=zrE;S!`b)&y
zLE9CbpA-AD?-f(smVHGu`*)+|tfT(y<L)(3DHEMG*?DAmZLQh}@iOIpB2FGZd)Ir?
zA>t?m*ZG3)c!OU{pd7iCHaF*}YD;FaQP)KKM5K&-88t?Ma=gJ>4e%+dlX--!>4xO|
z53+!TO37v4UzVf?`pRjVP|xBs?(=K(4)#v!7%p{;mD-BAwU~&kZw#N{*(6T7!?`!b
zmz^GYx#Qq+<TSZY?IFVUv3lt#0(UNIP;WbE-YR=qcKBnd<QGmmC&+Cr7qlWX7i01$
zGfh9{I0Qu%igqFw^-HK}G5Za5TKq1GslXHDDTi(GupH_%dnft}z|*~<hxAU?%RO&3
zC}ZUASdmPv59Q96WYCT=Dt?_G(X@S`3=zEcxl~+hhppx=Uv7UT+Y+tCy#qp!w%Kln
zWi1d@tpa`-7BP1vm8Xy8x>xSgzTjXZS8dX>j`U1#n9vEWyA?_j8pChS^;9aVpK}-z
z+c%TEFrV*@d#^o|v4`eGyGuGc!>|4qqtlrp|JCS(*%!n{=Rz3;YB_dvM0$PP=-3n_
zj~N{Ishb6d6cr7)Vu2VO_h+UIj)XV|`_=RhQwpwIV}7um5ean~_?eWB4a{$HpOCDv
z5ed0JWClt#_6W#1<^&_4k7FY+abw#E1j!#8fuvhnN1*sRdjx7L>774V;KTb7+f*(Z
zW%7jFd-$lp%pGyw=&yfKr&AT~t?w5T?3^39%Yt!fdNlE$NZYDS+?S%&kRa*VD`fV@
z-QdetWGB|X(!gILFLJH;VG1lq&F2+K)#Q_Tf|`I{M8|o8Oca}$5dJk(@um+yah@Pw
z>jw?}mBLi{mA)FZ32Qa-uW+}^_^@QGk=8KijFBi^@VyDno%f*M*ro2F6jfa+qkwu(
zrmdJZn!*^LpSa}hcFDeW$?Wze&ybQv9MQj;Z|iVzHWj}1EIyhd{mtQ*$kRw~oUYr?
z7tzwlE#`&#y!C0d<W4ucw?38O5w{Uu)BP-Ja9n;n<)=#dGtAw5UerMK=~%N^o}Nll
zZopT_;KD!cu{Kxy4I6e8Ot~{RmjH{pZNr<YdKBkCsu=v?0Io^yFQyU4Wft)P(SVzk
z8SQnLX^y^VY`v%%oHzv)z2V2G*!}0X<WCFxIOdl80iGRqOMZ2Wt?zpizj8~SsI6~X
zUs%Ep<D7%DV;L(;{?}7+<=!{9acDQ9J)BRh7G!!C)XyN62AbbH9nJ5V;=5cls?UgK
zU%@OQb`%9TaP2V14HI9AIB~1`YoxC{gvX)%{8OO=9_D*pjgg;AsM9WlESyq-x9CjJ
zpWw^iALxs8GE&;AE>0d?7}~GBMSXLt&O>9tZbmfwr}!T(3x0|3N(RSu6eEB9qVY^F
zd=ZD(%G>A!x7kI7vNJChl(FLOH($L_C?HP1_g~;+;tBB)uWkMg+UD<2E$h5^OLq`c
zh_m`Q#9UDtL(J3hh^b7DLrn1dBc>8h)yE>{R-XMU#2hGWMa(l7C}Pw<wFJ%)r;8id
zyu6-}Ba2oiar=z$gs^NWs$s-aesu^@?d!(z`j#H{4hLV=u+@auq@ej>FMGx{a$@{p
z*jBZ^Z?&qC+<uX~ip`H|nL6#%Ma-*YH^w)2wpT3KD!P=oq-_fXd17^vA4z<bV<t*D
z&yJfY`Cr=;rI25lDDO8(`;O6XIYIlv->-dJWG)@kzDAxM*S_FC?e;y$ue7fyzI|=<
zi%z<iXm8%&k&=3JNrojGi)Z4{|N4_W!6V___)ci#>b#&hfp~BYK5nBu2`$K!yy4wB
z#nnd#%uFk;Zd~Cx+7QVg?(uycNDcHHZ7L0J^vwQ5uH;J+c60YSV5Z@zZdg%#bX9S6
z^pshhBE7glnSQb)W}aGHy~;$0wb~O6M@}c(z~ZCpHQV;$+UR{9dEL!^y}C5`mM45T
zt^DP?U7iEWM7N_Vv)ohk{?yAoMC|k6NiZ_aQ?XTUEoU#6Ys=Y(?R(4RlAVi7;vFpW
zq;BC3WXtU3a@jAXr!6ZlMd@geC;A3;Q1$-hNr4MXE8dWLJY3*Yk!SWnsmWvfBFt+;
z>M2cKgDamkWRQwve<2EAI9b`<fD(r6JtQRJ13VI^H~qugGCgVUc*38i(V2s#X&-aN
zvl$P9#9&yo#~a?B=S|zpqjznmf?pAL+L!jWC;T~z6l;;yNJ!J(K5q!giTJOP^(_Y$
z!dajsc(5$kELtjeegNgO_sB^Kc(_(UO1{zzydx_cmsk>W1P3+!BOP9oX5yh+sxVK!
zPYebo5f2It&&!bMvwyK<KP&s{99gUjWZ&N3=uAkbpa;+HE-5ab5%Znj0$U=N(L;k+
z3>C;0r&x`f{={=G)tli7ufW{Oindo?D0nL7x%QyA&CS+Z@Ep|1CrMk1BUzqT<tvfS
z91Eh^tBBlygG6Z|;V|LpHvg{Xu{hLe#PMB2i9dLEDtIqt%U3G(J598ATd0;l#RuRt
z-Z&o5;w;R4@|o-|+-BO8R%02x@)Nven)`ldJEb|iLKpFv{;*?@a=Z!50R2py3Cwvs
z5W_w=lG?3w7dwHoyrH2z>ib8t|Ea$E4@U!+N3Owcg&{>>4xyM@v1qCbDRzl@F)NlW
z8mndKKq<Y*DP466%FI`$1~OY21GX*C=}R?q5%u_1HTW~>QT>d8X7^Xr#-&Riht;-b
zNN_T=ylgYx1ns(ManNYxZz%2!&yhZ*5PLNbAN4hZ6RMI68-R$%8eCViJqgEJq3hKi
zvNDm!_Qv-<c1NBL(NP6A#%YsrKK3rT%;))Lf8||$yh{tZZ`d`otly8~a<uM;WZ%SB
zyRdNz^kU<Ldes>WLTcp7|BX%3OmUEY3~#-QXUFl@KD%w++K*r1tsgFHzr|Z1j%GEM
z^+9jwh8)p>%j9^OazwNMvvLtb+=q~wE%Mvn82pIZpPojDK(lNoC!3lT-Qs#L_>m}e
z^u4CVJ*_wU^7kSH;~bYf+v{pVt*&Mjb5m?NI7;zZI1$H@?tg+Ep2;ZGtQgJsoG8oG
zf5>rHSd}U>Y7ERR0|f_iijgy`&UI={wZzPYTFt9C7w8vwoym=OLS!h9KW_IJ^`V3a
z&2(>V_gId+5d>=Pm+y|R#6E{fqp4RE#%?{w4&e*?5gkiy*3c6+OFP@%akZC^&`|tp
zoAVkJm802Dx9+!-r*#K?&+UvypE!~toH&}M?t%3LG20|ibQD^X(mzQg(2u3kD@mkC
zLi!?!J=|^U*tH)oTVFI!!Z9#vp-$Jf`=B!z^i51thUP&J_3}AR)Bie*#^;BOgvjNw
z!Hh3oCgqWp{Oj^7DKC5<`Vec`l#f9WEWR}ihf(Wh#9ts3hf#Ng%7medj-o5j#}3DF
zjvbDpXI#vU;TQ5{p%Vgth}p(Uz_{0)P%(?W4lY-F&DL()!A2e)Ne;m@l$s}IdCkXU
zm?Iek``?zKN;1fZd|QSqxPP-}*tdM5ztmvF*ARRIMZ<?>_DGxBjV|)GQBc2}{S#&%
zt>$lK*J6ZX$+mI{s7*Fs=IM>ggL`n7hM1=E+_0IF(STxba&h(c!Nt|<s-=KiM_k4t
z+5CwX5btWPgv!1+?#gJE?7=;h%pIIjO~M^tHbqC<E;~ZYhRrUy9WwUBN@c`K#aEFM
zUqy$d(gnK;QFnkR$JV#D{oyD!hyMD(D5#^Y8;id=m4J}MR%Q9*9M!^^3r&==;GJ>7
zH)Cq4gbxzm-CvnE%|)^U>;6F3qM;gHWpMi~dVy@w&ySfq+2ON^!NsUL;j=Mi**aX#
zKWMdYQlK(*p(|3)=D>@6tJkq_eZaE0@~`w)Ohb2@172;ne*gdD*EW9rhkTdu`w1@l
z{};yZG!B0{eq9te;rOlJVUORt`fHEhjF;PupPX7`$vf6<K|2$Se*3>}Wp^yV=Cq}{
z9(Z*<7;JUpAQq!{_A`V3-IO-bHu;aHG%*V(@ZU}88Cv#xP3itxg?&Gu_^R)4jFX3W
zZ0VXF>bLx#?NC<oQVeBr;w$*ycf<eh+gEmANvtx~<H6SG{}BIq<o}QGf8cxI|K;zG
z|LOk?{ww#j!~crKF_ayHe+*=ML`P%=yk6V<3(L-7nR2waRIVc<r$$Hg4fKwCS0L|B
z<6Xh=vGsb*9CS=XpZNPE{8egv<Xs}`m+LE{M%{~+*<ivkr~23%a_V5GD4sAfBS;X~
zhY~YJGzvKZqpSZS<;0$MjBT}J)P;HAW3r`k?WyP00xp{VDz&$IWbhWf<u!)9<phyO
zP<H?2a(cseL^*K_<V<~xe<D51YMfz0F}-j0dGDxdSaL*J9hfF<vcvPK*(4U01Z<u&
zR+{1BzKyfVR-;Z7FD!}cp!aE<7mLMYv8E*r3!C73g{yT>?2F1al{(Lk{2BX&9B)li
zq7%Qs&uJMv<i)a71?4E4R~p>qsrf94E#TeFsR>t%OMX(f>>T<_Gb1O<kHJ|lxLX7&
z=Jkal^E2vd*-i;&)%enwvyiJtjrI5k0Bkb#hNN3r{T(>gxx1ZlHQ|Ov2JxO+8z84z
zUB6@9rJyDD2sH=urgfEbS@xcfWdoe?6R&Gy^b?lQ;KKY!-NMAk?1f3{M`B^JRS7~C
zx-GfDUzlRuAwM0gTjVEIP01IgS)(MCZu#V=qcuc+GOPje)5+>9KPOqD;IPoJ&XJ!?
ztEc>Qwz|nr7pt@UoNT4bPnMM=KiSqdG<RWF>udQr#rjfyx>-Bqr@PfGKc`yn%g<@n
zCi&@My&*rRTPx(}3`;C)7WT9j$xn{;clkNf`lI}uWj!fBXIqcTPp<U~`RQf-RDRB}
z>g4BKYo`3<S=0Ez^O!$qvj4-?YpYlo1mAW#cP^h}%RK*aa2V=Tv`LO|?w`LW6Bp;d
zuZeWioY+H7%V7EnvSUhQ9_r?tv*Yd5KX2w7DKo~50LkJ17ca^>x8T_L%kW!lTsw%x
zDBB!@D2MtzxZB|rg_}HT@n?3JCy^>*_G&C?JtbbCca>ZpA%@*r)dxw;MeNpImnIV5
z@-mvnmhAMl*n#7v(i&T6V6MV-lhM(>cF|4^%d|xR#R;SIz@I_?E|L<#mK&Fwk7#yh
zy@^@J*<1X(OPw8jES{iu+^XXY63%sPtXM6!Ho;~2YYx0$w<+|~R7o1XH4FRJguj`6
z@F%3Eb>XA$d>Bu@{gyAd?wV1-!-xiF?+~G**eQ>D$6K++ws>fg>;GV5_$XFD)?n8<
z557xXd;Aq^zReD3Q=1)7_)ubrYg5I3X~=<(TpvZ(g^%`hZ4S4%T}=}k#vgdk^<K0o
zZ1xOg6xgOdu14>;u(zVYwgED8TzlMV0ffp#PYjA&O^)Jvev|XY`v^qjpDns5C7z6O
zS4&Mp`nM^}S0CzEm1QhihNP@Fn_8iAwC^I3p2*4nM51u@z`ht~C^;;}%nCc04X*c{
zD2S;y{{UAiwL%OD!K1Uc3#P)+wCH*rj14xfP&l-5g6q{{YUg0ryWEvjG}w3w`@kL|
zVC<z@u$O8osc5qC6!y6G3VOlRx|p?8gLo<pxAX+jSXViwCg5oZ9-D1Md0Y+cF;(Jf
z_%>9<UMa3Fs|Ht#N>Wqe4rOiU6@ucJbkG}o#lDVTW#1jkUAac`v`uI|uVaD3wCy*n
zI6cAlO2Q>_>_RHKzi?}05b_o#ez-Z6Fa+LuC#rKOYpOSxyisho8>FtzB^y&QjPnLx
zRP6v(IHUHd0ueDUA{s%|704KPvr)T(tdSw*3kKdC80e{<>AKmddyYp)XA?0OgugFO
zM2IkJs4Wkf?xnTWyqC5_hQ|5dLm#@GKR%*)q}+^bQzCh+3heb0t;V(7m%mD`t*85-
zLGHq(BAA$S;c7SATW>#?_f5R_4tUWvDXtSP><zu5st@MfCA;BEcF(Lm5SA}AJX*Zy
zX78$HWP{9*{r{k<SKEb{7XzHy3^BVPknKq>Z!}CSM#&WTT*ctmfNpPSqRST=M)1jl
zu0S$I$LDxMKg89MCt4UqOq|i*S936DTIVw3={GCs8E*Dl0)(zS;KhrjtHl>=@g3OU
zb2U{B_XRil@(&j7k92N5uZoFc(cY@w)Fb9yhjONUK|OC*?m&6@0$*^?6&i7?afJE{
zUl%xq!d|cIjrNbLtP!EC4*vX2z5|<lt~G?aY~6Gr>F-hKt2u19?*nNcVKTo8a01@!
zt7++E%)5}z6Z`W{7S=1rWzF%sHbuAT5xu(qc>HzowtBkjHlr?Gp~U;Jg##)r++^i(
z3SWw`MnZM}dyTrC7ii9Mqpn#YqN~(xRw${`sC!eP<U5SIWeT~gjJhQXrQB-NJqrW|
zMs@Ji9IC|Z6?qWQ-A3KRnkBWusH;~f?H;3UwnFIvqi&i)9jWSWAkXs|)zdTXFlrZ2
z+`5@3RGGO{77;4D*Qj-|NdlT?)LpIxU9_gJLWw}<DU>wPsLN3(ncjC*$W8AvfIQD9
zRZma3&!|<uxrh4Dd$;zUhVCK-p1{L4g%W9~_;IS9o<#H30ePNxRZmZzVASrV8P+R2
zQH$y7{$S@>&FP{`&nT35yHWS3LV~*m3JLD!D&!t#)ZMR83g4TePzSy@0m$=wdiC_w
z@kVXEeC2wcC=x_UVk4oLDQY93NDB%QE>uX6&`Tjf!f6U6GdP_Ua`S->3Z>A@BX}OE
zp5B3u?^7t123rcHQOn0bp68P-@fN3_hfw6BbiR-Md8lZqW|z+|R45TF|6U8atutZ;
zMK(skyNy~jp9Pw1)DE*D5Hqc{io5M9K+HIWl0eLj3MJF-kwBj3)2vG=$skQJ>IT{Q
z8RCoW{7_haYyO@J$*^Ywd7e*X*e4NDgW^__z9VX6-NEyvHX-xf3dvA?u8<7XR)vJj
zH!37#zDl7E6O6i76-uR*FDR4-PX7etdA?)y^z<oqL|f}u`c8-{q);NcYBX00bVaV;
zgC6UL`Yx4k-l<R;SoncL>6E-ip^jj|2jqFa6LVyI)nsdcJ{R;CDwGIT&Q&N0T%4{@
zGUZPO@;skfJ>5ON>N3l%&t2p=e4h56diN@nMB8>KluVyL1oAxJfl_>60|~Ed-xZ;(
z6tC-$_rNBvYmHGm{~URG!0%e+J@BsAwch92iyumtbLB89QSI+}k|Y4q^-;+J<N&w@
zK=wQ;MSz0m)A`%~`DFh3Juf6Zp9nBs|BltaWAyJN{X0Sbj?%vapHCv^X#IOF>y7R|
zhr);Ry~2k(`-Bg7^hH<ti*^Tg_<~2S2=zYSpT8UHdz$VKuJgOTEZh|7-fn%<NWSkH
zwdcZvApMN4x;9w4Hhk)LMZB)Jy!r3?Lm6H9NQP0{jeJ0zjN0{#rJh$`>?P|gA<yc5
z3Bmb8cOAsf4vczA9vMP?wrojF7%^_r-#7z);fa2({H?k_G<7xa<>;2_ss3>SBR9lJ
zr%Ia9xyVU(lQg4!7U}BC0lEt?Q%J#3C~>k;=T-<Bt2=zIyiLB0fd(=b-Q%t~QfSm(
z(*>2xBNsvF`aY#Egbu{<csw0Ruxd_~%ophTP;=yVqqaLtpymkk*H4#gj!^TH<hMKe
zE3HFX5K>55P@|Bv;68<<1@|iCo@CVBp->7_^k#)RF!`=hC>8P>u233NZjeIhJiAz-
zj&T2cg)%@<Pl5WwjJg7};*MsdIBCTlAKA}{7yrY>efT6Ra*7Vw$#~kNOAKC?QP+=!
zU@0B|Kq#}XiQFKRa<3_rNaJ2qD2clNtdMZlClqq?_LmB!@b;$)2|J&oP%3YyE0o5p
zyGJ4E&Ul47^6VysGNu}JqZH~yEyEN#36u>~h+uqm7b%oUtMU};3>wc+s0-i7Qs`vL
zrUNl79gN!jCn=Od@HiWCv(Q1E)%{`op8~X^3|zkDq!nc}f4P%Za-+d7IO!ZAKURW7
z11fo(hu&bs8$3klo=~T$li5$oyr>hI<<bmAD6}w*Y&JsgRwxn1Jx-w{pc@rR1{EU}
zlBKFtp_Ds~x&aDx02PHm%*k8OOgMZ`)gAo(kx|z}U(2f1MIo4PU8+JI>D19&WI&<O
zN7zB78}s&%;voIR=G26d<HkJ3<w3*~{Z#i!@5n2Re3*O#z;Gi;&kL@|jny;LsAe(A
z>Y3@Z>u(Bm<a190wN?EvDXQ*%f~tQcuiC1fNYe8{qM$z2+6jtm#9Yhc>Y0L=D-;sM
z6e}c%xkMpBOmBq*F=r_xi0P(~P})ffrGfHfh0^KEp|hptj?ncUh1g=%Z3k*={ClKm
z{EP1#kC#{FRa@hqb&?Rt05(!1yFvqx^2}xf3xMq2%vDI{&HW0=yqThquz?9cHY2Jq
zYDLy2#_V-h>w94dUWGb9-<K;SYhz!9WdC@cLh0ZqN1=|C=&Dc#W1k_Au!JOlR{Exb
zeP`L}7)$unNypgfTcqKB6O{YaWy25T=1=*-5?<N;dR8In*E0%9zaCXc_`w2&gdfaR
zNch413JE`$qL7Tz1cihj+@g^1gKHHMesG0C!ViiS5`J)rLc$MvD`ZgOEQK=Zb2o)L
zvqqexP!~!h1KC{Q%=8!+cpm+Bp1B$SGX+a<fe!&%u>_^Bb<!~|@T!xJae=>)wi)R_
z>$#Lzb*CmOBTX}EC&3lq0O>~U?_fDVC&B+IqaQos;t>i#nbnu^sohR0wfZu!^NEw{
zR(%<Ld&^1XRA0u*xRMlW5%GKItT?4$FzDj53dvgYj6$;3JgSfonFvm*XUde3t!MR2
z+4kPAkZgM;K3VllA*=}srBU`4h0+;<YZa0ybA>_~keF<|t7mqCC@%qmQbsGK+zgda
zIivdX9DzE}v-t|8LJ>0+N@LNgQYf7d-ldSRkg*D7uv@=gAfehafY$LK%OEEmquM^C
zZTwHL&cY#wa|WU0$;XsTI;P}4BFae3F?#=$v~C}^2%revppYQ6Q6WL-D+&ohpI6Au
zO7usC1fh>BBs29Pg;Ifj0t9*{CGej$kZp!d1)NWHLjhSNFp?nbHZ3BX(Hj&>gsGJ&
zl*FhFRY*Qu1Z1-d&JhPGUUP);I9uOKBf2Zp0kT1WLRVy4?p7#`kv@$29lV<odli!7
z<_?82`0|Gebz-F70%CG>goZj%LXN}@JZc>b`n}Le>tK+6!bvMi>CgfvtxF_>SM8+p
zWXa^Slbv*dq@j+nq&bB_;nyo94fiV~=ZPT-$zj4zgRF}sIaAnUzCyxMdMd<mu`XMo
zG~RYpNLY$XAz20woGxXBJ$|83C+Ou<AiKX4Wf7A8Zs1XTe;b^1tiKDLbgaKmIO$k_
z7dYuyf2*BztiO{<+x;z9NcuZQA?fecKsITQvTmivEcM-3<2m@>NCSbGMHi4Kwj6=r
zo=%bm4j`H7Bx&COCY8%c(!2p+`>P&ySz0#$+<odKY1{z5{x(VbM7%~JIT1G~#NMKI
zBrUL>BiYs{Piv!o&GWcM{lrN+jhf*kokmS^l1`(3;3S<!jc}4qqXv_-8`V!CY1H`&
zNuw^6M)e@+G>X}AiQOn@F`4Iajr#gDJ1LEV*ta`LX%vI-u9K8Tftn_gY*DODN%3``
z)>`);o$Q%p2kpOhl1|+}agt8mGn}MT_au_+tgNZjt&76V&U>khrudztR7O(<IZ3Gu
zlD<GoCq|02Xiod0o!b{pY+rOA2O2&s^i5NA3;SD{S6g|m)V~QJhA}4hawjPbA^D<{
zl!k!b-#JO?6)5<nlgzW5InPPTFhY6LNis&G5sw{4JT|MNk~6&NR$d_Pfe&4$kZf<R
zR7k{Q9)*NoT?!-vvJK|v3^qIPk675Lk-7Z;koP9wQCDaGcLoRqw~3Wh+S(f1Sd)sH
zC{_^AL=*juOoY~@v|7bSK(sDY62-a&lPJ@1TB>Mm>q4#VV_holh+6^(Xse>urCJqH
zV8*B*Dj+KJe!llPzgZHreg03c>;1pi%cYsKFZa2(bD#6O&(7qBLuWK)KB}Rg#OnZ*
z%Y4WejW*350%2L^^-mx5(|poL{WKr(Q9sQ)eAG{Ku8;a@{)%Y9G#_)rW12I_aML`~
zLYn3z3u&4^vXG`Zo)AmqtbqN5-3O79pKy6@!rvx6oCFiz*+>0^2WrCoNwW!W9-1!;
z2kh}tm4$Ks(?>O7*5OGX_1OA|k7~m3);ox@4n04xhJWufg}F3*g^&7%+kMnG+~T9Y
z;mJPg8$On(M^1owVF}i%eqc%FAky1LAdvUB^4>VWjCc2OIx}NHg^$zQg(b|R)W_-0
zj0qpH>GgV>D1dG+EWyfnognoO^4dngU6&Kc@qaq$@^R~g_&guCPGGQeecU<$ma~1_
zS_fQh#0xsLnXzlAR;QE5vzZ;|D*?p|OXy^*kB2iG<>TSZ_Vn>^W?%DhH>H*{Gux10
z(~0<;u;usJt!R4Tbl&jsa5~TUcsQMI9}lN<r;q!2bpD<=iq2?=vLtg9x^;7E>Sk;`
zrP0eSB@0{6FP0VAdQ36yJdHf_$7$0)-ZvT!GVbHy^hf)6IQ?Nh9!`H3A9vGd|3ln1
zE&UZRBgV&UX4qQ7wboilo0e4;l6Lh9A*Wq|bpH)UZ2t_Re9ZC(f_V>GXb_=0EhL@!
zzX`d8oyZ0m4dob=yUee0sgqDt_KkKNtkm;K^(2faf15pn6Xhq9UO>V}`zZ4kLv8X=
zrY%waT_0uEVyJugD3g|u80w=ej70fhqE2dNG3mf~keVM^NK$hJBgm{K>Ia3?{HGff
z0D6k_f<Zm%qZ$-abDocCP>8DE`=|!RD6a5P4GPlQZxH=lM4E}JR-ef-tLhXVRl`*M
zfsd+T_+a3pY8XDB(TInWW?W}apQ)DM-@EvzS|Yl=kE$i+vxVJ>=A)K?>RKPw5b0-y
zj|y%;^%<fC{JY*k1^zvs49CC!Vj=PGn=B;${aXu(f6um%j&Q!KA<rb5XWolSZRL?x
zr;=U(<RAH{W`MMki-*i%YDp^Tn1ZtK*u4wN!f<x=QOy>nSMH;JK_Wh?*}{$1vlUUd
znk}e)rTTe|G*64nbGensTVT6<oRM8v!kp*%INg~(Ki9|UPx?gXY~r@1x=aDvQe9{v
zZK<YPNL#8?EhO4I(Lyp99Alw@G&0sg+D0~5sEis15URhoALh#m&|6EiW7Pl#zZ<E3
z|Ht5WB9>#`)b8)&;ov`Dx2XJZ@NfEfIQZv?+u)y2zy{xCAr1aM3u*ATSxAGw(Lyrj
zUSlC0X32jgdthMILCCQPhFo?^v}0cl`AkyTbPPcLtE6_k#}UYl8yp?$<2G)VZ4`0W
z(D+O(b_Q2{_ptgdy{d25tNN#0AjwUe@xMbHraj)6_Vp;CAtpjR%dIS5I)NcXyM5Ht
z(p^64Y3UC>T1{bae~yoOTIwX~wmQ5rA>sizysSb<Tb)w~Nsl<cpmRR;v$6Qj8-3Jw
zzQ2$9&cE%WzVn@Z)OU^>0N?o*%rUNWZbbUd-zH>QmbRAH0?`aNh;m?nj2`z<jf9od
z^>mF>BVp{f`lv?2ysssysc<XLSx;$TR&fL86*q8NaRbL$1E!ZV8>s*tgEXi^eX(--
z0eHiGRD)s^yIZY(IK}eaQe?;CA~H~Woyu^Y*~(&+c^eA^Fagz8SV-q>FIY(DZGW?n
z&f69e(#-aBh40Q4{&TMI4Y|TsSz)QJu>Ql<O*<*!;6SDpAJzDYPWDm1yvO>eU*5xg
z6o3fEasa8O{PNZib-1;wg@jub77}i4Yay-eozhD_MWTnpU}@g<Q4NDRzUHHTZJ+j0
zzqVaIs$ooSnVgyD<9<ng@1tsqj<4`hwRLvO0hvpPJJ8Lrkl=i#g#_nG780C)WFg?z
zIi65c-76f(<?cW5P7`eYEv`uZ7_E`Rw2dfOILh6fq9|BRToNlhOhXBStDwr3l3&PG
zK4LeaIAb*}bCr)9W}sj^@8ir|igD*-KF-uHEP)H%>*FlJg(YyUKN2@?d94D*Ew8YU
zxaBMhiCbP|A#uwV3yE8vW+8FQi53#KJeH7Sa&gBk2XNaZQ%@>7V_CGL5{e+SE%sm1
z7O*vN)BFap!fEc{<KZ;7P%_8;nC5#vZqr2MzvkmMO~&z*kJ~g^(?^IqRq7rKNtL?A
zLOOAoYayMuT&<AKB2x+&INB{FaGYl$f#WO-2^^CN<!pK_s7md!2#&LS+4Pz$B+!hq
zkZfFa7Ltu?4?+%HM`PM!OYuBcv@<)B>cI6T1W0Hw7ahQw{5_4e!XdB#1hym9*L~c;
z#nhhmal;D6Bj<Q3Z{T9Wclfx03v|B0#|>O8=r4%_E=JvHA&vTcg$^QsLuG*mBE-WO
zA(=Z*u#isdkG7D`-jA@5lmf1ZQEnjM`mTir)v^AB>hB$_FMGk1J)<2jbJCXiGN}vD
zwjEZK5z9@JVQ+#g6c4c??c*WxzvSZ~RxI=J5G&+}NcBUkxS6=ait8;Tte9gVVa3la
zB&=vtNLX>M0)`c5SV&lLvW0{dKeUjrVw{Ca0Y{UCWL6(#A?ZVPgb>|FGtH9Bn|z+?
zXH20lla-q>=rhpA!-d@dY?L1^>}nqm7nWl?%MTZJiI0a1dmnMPu(w%A3wxtNTG-zx
zU<<1U@7=<7T1X4a6H=sUVSj2NE$k^4(!&0j5IXXin1&vEnwNNBZAXyAG)HKfT(`ZH
zSsronkiP_x_1TqoMRZppvl<VUAO<k`y0tV2j<=JAB-RF7NGBRu2#cmBs;SJKRPwqm
z#or<;2Qe!B-N!>5S?uE>j@;wp1~DdmlaCw3AjvsCZV-b(b`ZC<KVJb``=44!Yk!J`
zwDv!?kk<Yv3kf<g3rQC~*g{(S{VgP2cuxzV1b6O6h}p$$cF*C0Yyo<Yqkw^A70!;=
z@+=<CZnckxvwOkE!`UtI@o;wc`FJ?HKM`*`h;dz~z(o-#{z?n!5>~=O{b8>cTSy1E
ztrpU0)K4rl5D=bZp+VI6frZLuaQ<N-k<p<R(lO^q3vCOG_OZ}*%zbwYZ4W%YW}zKG
z`W*>5u6TUgMN#yqM{$Lg`GkE=USPaStPn7-`gjPKCw)8w%)>q&0_Juf4*_$XkB5Ls
z5w~UUP{5Y`XBN`3PqUDgeTs#&?8g(z2?D+xc7otA%a<S+Z6UGLeJv!)tG18?!8ZuG
zjS+HFg5YmBb<32Ix`2Iv!-dUkJPN1$wvUHXe%Z&vDL>)k;gt2UqUwiJzQxDGDgTzZ
z;evdLI$XHSLc)a$EhJo+ZXw~qsTLA0oM<88!Z8*SE{wI1aG}9M!UehLXMU91%R<71
zZ&?V3%$>TK!^tGzh+1d|l#EgfMWLooWN5#roL1f^1ic(@^zsMXSUVQ-vK0`7ms>~>
zmX}+0nlveYy$-@&)SgDg%%3b@4Cq=5srD5XQteq5QtgWf)!*A6Y30{vm}*ZY)$V(Z
z$m~MgZgY*u?5LowbdAUiRB(_5KlzAYsRh?5IM9Nt6fCpg%LM23;|rM4^ZN7m=y?P9
z8=toge@9r#1TK|Xf${cts{K9P{vL0CC)(dhe2+YdZ&>U3oyczkzsK`?2*0QEdnmtC
z`EBHPJikr+j^_8U##zT#9ZqBd5#4z{n%@||aej~BcLcv<`PQOdnT_02#skLw+uf@V
z35Hy4T%FGZhK}xUAMr*T7xKt0+`3CDOrj?<Mc1Rv?@3vG+Zs7fEi8(bTf%i_%O8sG
zlCY7@l&hvmEw!42GvM;3i`&|%^CGd4*=YN9+M^r+mh@_o-2;0sbza;Px>ZSL&%Wuj
zP?Fin2D=cS!L@Ch2biCaXyXewEoVsmqK#W<t9&$pC67RvCH8_^ujY~0JVU}C=j{br
z+|=Lv@-#*pmj<{b?tZ(nZFB!eD8YpAU*Z~E`Ut3ml=PEYMkLcplB+RPH5i&|bgv!S
zp6%!BZ{gX#w$%b=Sye=ES(n(7YouL`)T)tU2(X=$bAh5nEs6OO;p6!3^oY^hn64>^
zqlky&nm#=925X8_8-c?wvsTDpvXB>>do9i-cTpTf+0?zJ9CYbkIdt%5-fG4t%i!k+
ze-w*672^{4#%E%Yr-SSw=dmPrY5vmX!k6Q#X7Fl(_R+dpKbH>DH|{5gD>qq$kGfha
z<R|WCa^lH{%#mQ`ev91Z6YsG^IaQe+opmrRH77R4Hoh3^UVAWK^Gu4$ugaF`C(2vH
zG%C{31y$4XepSxj#yuFl3Ha-qylFk)e}{8u$fphSRRgy!dRlB2VRQ4cG-BA4qKbPo
zp{K(9upB&4t}qtcr)W2;J^4?0&%Ocw5Pw|^Of#-;OiZc@a4uUZ$1#oOvp(@^X0`Q%
za~JbzpIJ^c4nBFX;ASX2Yu|qb8I3TW><gJjb2lU3#^`XH088@@4lMh99#|#~c3^qK
zS`=7@6ixML<`Yi!VH;|0s)NI+GMC&`?TZ_mZ=#0>cVHIL`<@&8c4OkEst&5dA!o?v
z<OTAUHzRy=P~Vnl0i16go`U%4(0Jm!%Aoxr`zE8LWrqNq(4?~!Z_20S%*AOU1)rnw
zDbzQy3mJvhZAhQ9sz(nxrz&<Q5jQ#M&XpwS;Z*s#ne{S}()4b7nxC6~JuE!lT3iRh
z+u5|8?th~5ceCw9Mc-RHe-;zu`z@Q^C;F*<f;fU{)eFJ_H6_x<>sJV9{v}4}bGRV=
z#zK9IiMycSfy6BLkMG5Tjc>#f%lVq9H1?Baqk{!Li*NP2f{iO<iOsQ^CxU0*4t}z5
zbgZUJ?uN?njuw}DlT9tn5bc2AfthEW&^&t2uMVcI01sB(@AVHJxb+tMw~d^yY<#18
zW&hNG@7M4uIIfs}27bh5uFo>Y`Ev2vShFnCLfTdu(^pXag9Z7<mN6*xvEcqA5@!!=
z+Iyi*VI}OaJax&52S1k`^Ut5p&PFe(gL1l8)9E=id@i-JHrBnO8s|-w@xjl;2Y06~
zIb-uSC44rPnzkl5c|&mOmh&b)if^<{z=0=uvimi1i~H0Km)%hR3g4`_#4Y<bMwUdj
z{A9}{eHpffFQ87{^#0k;pPjF@H?<m1U3&X3K>wO9zPXBQI(3s`!O3|0UFtsGTIe3T
zO7GqjSsp+2MSbkm%*VXlJ$%u%nZ%cyc+aY_=Ed%{yGGW}T&Qt2Mixdk-`v0TTc@rw
zk6KI2qt=!i^%Br!BJ0GG_SMm7$L$1DKN}Ujf8)$8`XDTN>F%V=T=*2<4H?_dREuqO
zJ{#?rMj*EF<+`re%yn7^fhc%DSW{9mx+ETXCgvmAlGtvK*Kc^i;OEjf--}1OV<H#`
zg1WmcYaYC;A<>;WY$(3R>T#!~H&|j%Y<-a~82fOzNW&OK^uEWnE{%z0vB6!BYPvNq
z{^Z3;sY8Hp{M2Pym)r|sAMeNOV0_Z&*2N$hbZ=r^mN)Vh+)tKGYK%P5zK|7tmTwBR
zHu;)+Q?u#RXWZI6+r4>LiZ-75gyPL7Ki+)mGj4VKLcFboXg>8HZgpP64Lz&#35g#x
z{p6KNO*Q{$;3LAwCfD(Xg<6`;wlqs^X|ir<9tS>&7u(mcG?KH8sbCZyuRord)#9A9
zU8&Z^I7UxJT~@Bo>Z5a(&R1qbw5faJ>mX|6#qKqOalkxyDUgjOeor&@z#5)lqMg4Y
zHZvPpc_&}I{hnI(4WZSq->|fQYt^YsHKw9xqsWNjGOcVO-!7J_Cz>C;v?tCdR-IY8
zU$Vdur|HFwuf+#H9$C`8n%*}L-q`aUMnBq({!FSxFFQz|pXEobM0*}M`*dPdkQh5)
z$)P)xOj&v;VxP}gC&+V4Q{CgueB`=MY~xGF;+wHhrG7Trkkz$#6e;;}ScCfXxqicI
zO_aZZ-1(P}*}bG@xqW=N-M0EvFAj%;-{~TRd43x@II%LTl*(aSzDGXaf#c)27G5~!
zORA9Ce$RXCE8*k$abF4VLDh8AiXOhOow-mQ1Sca6x4&(h|6%*z$B03_zus-_zr~Mh
zzf$e5dR^@^if`B`Dt4#)N4Sz#l0MFQ&V4_Zf8WyiD;jo-^x|IrrOI=Dc~blTfd&_F
zv|W;Uhd=Suxwr{(E~W}gU87PQg>LO-%pd=xjC!S~2_n3VDV3w=@Xu@LWHlts4<|!<
z(-vJm_r&H(Kt@Bm`G%z0;>1f&Y!18v?+K~>x2G}%Rv2vJIbU0^r&s^#!-6L^TTcRI
z+~b;CnaVnP`MjxU(dgh}b&%kb!?2HZXHf?&H|Pz|*53rlt-RfN%XerW##B=Dc4uPs
z;GFlQaCGwjm;c@sf2`|biI3x{ACv>Uq4CsNl|gD8o~O2};-hf{@m{m;5^8Xq7NoxZ
z;9!k(%rTa<`_06FPpAEC|F=`ioFAqJdxePI%rOl|ownmq_}V<?w9<y7<#Y2ioLQBg
zM)~o?zHhN(6eIPGJEJAz(~GVJ<TDpv!$b=76!`~bG@(B%$gxT2BF9ocmKzsT#hfRs
znI|%g@^Gm+%wnx^JII2QRsvalg)vt=M{hmH<*K>Q%-_S}x`69uqJ8g4s#oJ{R6-bH
zc=UOVUrpmVHKsEC`jyOyO=HeYR?9JRk=6RWynCz~=N{{u&OH{7AzZ|3a)<G8)&A9Q
z<yR0F^j|N?T3^jzU|<?dVo^`O&viMa_viuO%y-%}H}feLPu4bUSOPcxh$KS&FwD>t
zp#knzHK8&t3%j&(j@@0Tl5$`fx%HGI)C7Z{WgDH1OZ43_C6!Nv9}2SpQv~v)ypOOF
zH0>iS6?J^1(&|uHb?U7S5rm97@yYZ;g)q{Oh)hbcnd}fg<&<eUk=(kb_P=frK*EeD
zAj!ShD`aQ%r=ZNQREFWI43;+)(-UI?OG`sRxwy(P(y*<oi<_}*?SS*mw76ylv@{kp
zQ(DlB?=D{4Qs)$Km>Cwd^c~kySy4+5az!p2kZ-A9aZBAQQ9Py<0^Nos<wY(1v~NqI
z;(}4P^(}F=YpJrRr9JwVJF~c@k$uM$cP-Tywe)IfpV`T2TEUn$sf4!Zd5HI;1UPwK
zA;9PKZRi!2v7n&`RYEqCd_#JFLs$q-7me!hzK#8&xUmaVq8R3<`^G@BqQ*84=rhHJ
z;>Jd(v4KS++toM5Op6-3y>DY5(qX|g-&YA4oAT3qmJ*sKG+ETx#J-LFcX4BP_HC@w
zHwH}?HMUdV#(q@X*iTiWcmYQE#wvR?wxoX_m~CI&*flCqj21m&Uyi2~jqJR>jhV?V
zFHcsfgx5hlja^S;;z>nFwol)d&Y@fZ^zTp!E;AKCUtg$bSYTPvuvYf#Gsl|Z##+@_
zF<uM`8|zox*j0TS`zNC)7}<4`;5U+wdAyL#G32Qow-y&~END>7^0MOWYGtz`Y7LQf
zdOX!p)kYLedVVdxs8;Nc2Q((ux2=q}ZQkaQACMS5WF1bT8)i+*#<I&|+3r~T7G4*7
zYWnk!s%pIE>0oAdCZXy3BE6SHwkdf)J)o%B7BT(G2_I&8RI`*7>giYaF8()WE^ea$
z8vKv(vsv-UXf#(Pr0;x2I&J=Hg7bId-d90H&Z0~xB1bfATuQXQ^=mO4!?5d#cB~_g
z^ZH7;-Q-32p*;xkd<=O#oT1sF1tzbC?B5gJ^UNFO^VG{V!g@<@`mDq+vMVY`rd-Zy
z<!F9kPV2b>qQ;g7;>U&eD-52SzYv~T;Q4f4cs2u_bLg)ap2;5@Ja@&n)7J|SWt;|<
zlcue2;0$W!Vhu~m+6fIO3e>Ylg`hrcxj>!MH}SEvsWCO4{TCht2G>Wgzzz5so<Dke
zKx66%UJh<(|9EipibX;9n*-|J#hlxac!7dt=k7vA*|}e??|QG_hVB9Qr>U=ef8=tu
zeUH^wJ{h$CbwC{J-+_Xhy_%ffhad>hZf=MgPW&<Mi?KbU(QinLjxlGYPv`h9x^4QH
zzq<kE-`8nhx-n?a4vJp(vf4|PPQT7P1<iMlkFRTAfh(>6zbha2i(Vo_EB=qTk7Q*}
zz%F|Z|4$iYt2U%6b1&(M;yUfFPRm6>s&Dzu-sR8!f&43de=B8sjxTEX?7da6W@`oa
zD=x^>4_&+%Z@>wctj|cCtF@NFOe9-z^M~4&yk1ZxyZao{dIt6k=)nxw$Gh>ktDSe_
zAMh(+XHPX-VD2&ypLd1+_qi9;@{ROGhhyw!{6mWUc{0?;dkqzfWA?A{<TSv%b@%(9
ze9(8WYe?%e$Xl**gS?Ah4f01e$k4x$jqey<T*3*KJYU6lngD-w<#Otk8gu1}LC%3(
zZc5D~-)Y(IkmTrF@l(L7xIJrQ?H84mw0sG;<+d@|-A`a3xu~!*w|`ds9en-tqZ9G0
z{cbFIP8rqHcgFM#NH+bzR72StjeYt3HlqqsCzhKFxw@`((L2YLw|+ZFmR`6KD0Hug
zXs!3gzgP6W!-l|#zl$e2meK7|Y5JTU@yVGi9hWcN@@)E~FTI0PsJ8VHU#sN_S>?-S
znG5PMoA)$x#E?IlxnM7ToVj36P&a+w(`GJUkz~V7?-4|VIO*&uebzs}|Aghfgxunh
z#sEK4JU8VH%J?$d8J3G{R(g)M&j6Y`Hzd#4F6dr`h5N~V4UgJU)(_CL<g{o);<l<T
z(Uw`#rL@UK(PC0~oq}sZLrPk<#W|7^q?rY9(=PpDYMH9d;WViWcHk2FP*NKl1st*g
z`#AaxHuQ_%WwxUCB`7N9GnRU>L=%$qwyHLY#PA^>L>`NFNa1a&!*;O!HU|!(**Rt$
zk2A)bDW>t(>wzMTwdY`Ou0K^S@Y!f>hf!!YgO<&^773!pRWLsCv+(SKcJCS~H+^OF
z18&6jys%_CUI6vpa?cR)TXz@{8+Bn>v^|Q#7iS;KD<yA=x8j(7mua$Z%Zs7DNeud5
zu**~demR2^*k00H+CPjmvy2=oJY>f`F?hB7zu^;AT_&E)K4ZYx1mpr7=%$AA633Dm
zItfxc(H*hQzBM37&7j|v*@`c{6D?^-9##&(asI|=7$e0>;?c%QRTFr<nq#4O;tg2t
zrhP!MXyY=O$wox4S|qnyH62yswI2M|``=psTj_tx{jaSX<s_+9eue+F$$<hBDW`wT
zWeQx3x!`V+ndp^;+GxklOs8QMw$s)9v`!O+A-sGLJ{1+m)&ROxtA!wuiAO%G+kjZ@
zsVnxc#e)p^N!bOjmZ#U^aIXbFDf0EjFK)ZaV<XqL>=jGy+MGPAEEt6+?bfG7F+<b)
za~(>S0y?B<&jUIBpyk5*8IB9UdLas)SU82#l!4BUHqmLsv{-HY;#F)GKTP*>er&LW
zXZtXq4jz_zF_r&$E$6rc2GQv0RTHBfi%8J{pHQG7)r_M+9KNKcVf&eZ&~PXM^;~NO
zSfxb?vO20vpTt?*QnhN-wL-tq#&ybl%Y`>B9jE~;m7Yo`54kpgM?u3KRcT*XAQ-_L
zK-r2HGtgbG@5D<jK-7&;$f`*-q?!h`uh`VStegZv1qfkNx~EDoSx{0h>TT$u6<CwJ
zfKHSXX}xq|)2?qBXjt&~TqiBKg?Y#@2euK8RJ7PGUd&5REk|;q8tu56u^QPnM>b{x
zZt#Wj1OK1kdy)>Fzc?)_&!iM~+M4Y7Wo~^NbVJhsKbv1(fo<QkOZ2jpdb=UDee|lF
zG1WTDu4s6~n3%001YFYdH94DHo2~eiUU^rkr@G-0sXBVG1AA)7NFFlw<L43W_%hrh
znEBauz$kQ67wvqOY7KIjjWWtjGh?064qdDY?C6BTHmiC3f>M^IB*OEQr!Y&dY)xJZ
zpu8FU8jDq)(#R8{Do>bNrt%QhP&EK){&iiB?UtoI+dZ2}oA+<m9B%^Iu&EtO90}v?
zj&^Kvj8|(^EB-MN0^~iA=7vX0X*VNxK+1!@SPzkQr9$Njq0UdL;>_{u&BLLF{veP&
zN5Ua>_BmxuY##Y(wBvf?xSL{o4xGMCJn<Qh^YHk`3F&9@XHXIwbr=j+FW<%z{}lT>
z0>)t=h;$#3oMTW3YB>D6-1FKwo(4XM@OlTV*161s`H0mn#WkjBU<2292vh?m)CSzn
zRRuGb2z~|Z)_6Obt_VtxK+ata2-_Hy?U1q+6J0CK38wKLLxdO_lC9+p4^&b{2kGLF
z@amA+afQPmkbaumVX?$oj(Am~6aT$?{p!U*B`x2C3jeOUiN_qqo;wxw|M@EnTQ3PB
z%d;!w)ptamTH*b=yRd>v@E{gqLd&>V`=^x+4_7KFddNF^q^0r5)bQJh3lA2(=V8!~
z*+`ukmN}lWw|~Y3tQ&>DD5j~e|90O&CE4dP<2ji^l4NF6*V~{G??QoT!mSx<Glq3t
zg~adbbM(h<v$ExoLy|-8MpoZMvG&cJPR#=A4@nG}7soZ=o`)olzI#AnE?Nz_TvU=b
z#^#Y9wl3%y*ziy#l?Aq`LM+5AcxJAR-9X>3(?G>~#v{IO0UhPqxE^L=*ca_+*J;u#
zvxAY?mRq)MNRGaqyCK=<d)`x>fMxpnUuYuQaUA7@8_#9zy(+#c;E5Q#C4WQdU~4s+
zYQg?c`sKD>zofNw1<a3+`CwcOFI({ll$QA?F|K0NbxCJHEdY4Bhr&cI2vX9P2qAq+
z6Hue0pj7E9Ij@DHg&(5mm-rPuD7=ne{ZnPmUYtNyh8VpS0`-hW;MZy(J#MFUNI}mZ
zd<EgT3Q3}?5U6o8yzWu)i)_WJH$8#eYAC_A1m8{K&~ka)v>H3|n0@K=e5H9|rJqwt
zd?lf2UGZCO77i=pd9m_6#5!5Xma1v#11G$LWrAmLoIg)4Ta-yFW7-jH_t6p_&q<b+
z(t4<OA5hoTa9I-`p!>Cc)qG}i*JZ&>YItouTXFbGO7mbN&E$3kKVFnxG4LHs8LeFn
zOPU5mdLHoVAs-O#2S1iJI9uI@YOq~9$_yo|?p>*WrQ-SUx8ogatJV^YH!iXQ3To!c
z4cIYW+NXdL@cO70E1qyviRaNFj#oO5DzU_Sko`PLq|V$>mu>%SV}10>+_pXa*g7P{
zqks>B+!(!NKV~x1`Asb;SEC<AFVn3WR^uL(S@D4#07prZP*t<Ky(D>%<72FEm*s~m
z$m%H`;(=fPfSphGdzJ9iE?Qwx7W0$7YONr2t(zL;FsHk6*=P<qUZ91BM`d1=*zUBM
z`-Q~8Y2wr}>==F>qn(X#k<32)aXL~ZwKDU$f-8asfw@-L3%aHXTtP8CdN&fk<t^tP
znjHP7Saz`pxBWA2KzEWWcIS32dF3l}3mL#EfbEUZ_JbWJ{PpW~&)N>NV1N0c_Lmpj
zTLKPdpX*sG0_O3e!MstJtr)lpx@{H}8<X(+_H}Q8ULeCnC&wh+dJfkha=4@KB1(F`
z(|cf*N*&@-i}eiS64%hKu5P7v|JGiEO3)_2F8%_Y39><`x1oTfW!I1ovELW}sRSs0
zVSk*hIEWT{-a+N|YtZ_w%oO;RV@iJX`>Gf5=&+Db6AvC*7k06@5w_Rg9rhXP+pH|m
zX$8Y)py^o%OQ~_fZ#d>FR`d1Dllo0ntbY*hA#K&}X{NvSa8EW<DMU+EtS!zeQI_7d
z;Ugt2)|T`|_mc7fkzC5@N_m46s$WC(^jK9gJWGvP^)2n0E83pNE+#WodhbWbygRHf
z=L99`@2G_viqpQVv?OU_JaA04r+?TE?~fy8d5@JgCAx32RQDcn`mAsAAlVQ6*fyk>
z-^0Bv6G9`5RGk@gfl~LiLgsNCtug&4rG3K+$yoMlMg6m><#dp~lmtCwx>R5mSOw-C
zM}Csc+zTX??zM>YLp-^inM-1NeOFi~%$uvc4&}WN=4Hka?Kzzm9R2Lz=_h^9I7}fu
zAefkNkpAO{Pmqq86pNAmO<37%Cmy%b?W%y!Vm4LOO1DtKuqd;WI-G2EOevwSj66W;
zcND)Foum>$C1`|AjQp@A8q!;OZ#DW3q^5Su)4S4WW|78F5srZs`QaRv0(iWC#+Gc)
zF6qsW_MZ1Oah9b&T@*-_x4y@NxYCW)b1!+Fvj^RAWNuFCVD15K6S7q$w&(10oAsPN
zFC0K-Xy5joezAksFVfBGAqVE3n)K+fvi7AjgbWALh$2(db5W%qsr0MA6N9;%r&}+O
zn&-6FboRTSWR0qnT$^4;wBr?9h1Syyozt&E0KBxj4YTeUr9WTtU|~+IT>4?E<Z#Jx
zYg)>6a6Q>#GxecCq^Fwt1zlcf^|hnk?;Re)`)c}h>o6?DRw?}>ih%RDo34r~E>_4c
zF#Y{wWUM-hn~GdrGNE28KI)BW-{zf+{`M4xiF6$E7mD=bvb#@z857^4^e)*R$?#{E
z9Eu44EANLT4k++8PF(NZ>E&K{xL)op%kJLrdbA|xUtPCol0dYct?sdvLGnoC_>#<$
z3qQ;{{48k9@YUW^p-yW1Coaov7WEKT?g6xYuRuop8X^eq+0;rQtCc)s(^LA_)Ox#<
z3A@cziK>co_I7xg3KmzH(8#q0QVXlR^DC-6Aym<$Xnm^ezLhGEtIDsfO0MU}l=gOU
zTDQ_9$O}gJu+kP5r#+ywzZ9q4tF+%Lt$iuO5-t@^es7Sw_e`!(73rs2uky*rzE#dr
zl_y0QTkU1pR;t8pV4qv%s;yM1p-Rtb1wg1)8xO0E{L)n^?a#$&l}fwnbNi~<N?)JN
z7Ec>crQK5*uz&*yU07H5GP)&^S4kEHSEi5t9yrmyI6wo>E#@*B>8UJ8SgM3*LBf*0
z-IT8X8bVVYnSskRua)VK#{1^;_T%y1Lcg=#s*s7E{bZ!IJh>+-Nb7z*2R@7uIoq?J
zGu*$tjJ=cN@4f8xR!mw88WlUCdtQm=j*xPXcfdYE`%aO)J{mLr>`s{a?JMq_O>gr(
zGuMCcfH+<L{YiV|SbAb=OtTH9L!iUB`)12_Ug+8R0YEGZ&(!Ew`8lC@L!kcD$sfmC
zC%>>x@<*Ef{coLL=!8J;c!Wn6FY%g(*T??#dBtDE%sAMy$JjpqydrAj3C}Acbq)Z7
z-PqR87XWhnDPSYpwU*ao+duBl6FtjeJyYAov9_CSM{Gf2bXAa8p_Rw5So)#imC!AZ
zPcwcA9$%vjBeSCNlMv|+J@e(KQoiRW1r3}+f(qHKFzI}tb?GHvarjp4@eK}vzw31S
zks(6&?d-qB9gG(8o%Q^pZ`+y*#i~U`wIRujpj-M?AG?Nq<W~@Q!Tpf|OtR|}Y?j+U
zU=^c>EMu&PU1AWM<sg>t{7gaS1+|+`J56Z|i_@kk%?>T|<^D@)zb!5|@DHS2TAX$S
z<$78RI*2J@Qb9tX1P;z}4B&7j98!>Qm=fv=5}K4y$RZk*P{<+<B|$)R_h$W?J+-r2
zv!Q;?D(x&P{dC;cY(#;O4Dl}sQdNwaY2b5@7Xe>Z2Nst{x?P9&MWVYe2NXKb-Aehj
z?0b9T!IdhnUEfy9Kf0Cj(<$FGVJn5N*h=AJRd~;>6rQ}5!XqiH(G_C*zrx7WSdaA~
zztekb)vtY$vu}s@F{N_!A!#lcrb^$wxQME;wHI6?IB^x18fEe3hKTKYw|Yl&ZIWqT
z6bjSA`rlFgFa4|fPpkexTdRNF{{PM$(Q(w5$_vg&DIIzmKw+2re{_xWBrb$$hvDzU
z6kg-pGn>!a$~Dd$*xVh}2HgiW+kU&hqiW}UMfYP3%g^HgI`>4E!xb}k=Pt@#`X(*e
z>A}yomffOkZU4C@Ycx_^`vhg{<J_LnTgx7=Y~6L@`p8ylH!Az94jiA408b@~7U0)Y
z{}&6e0`CW(vjDezmd|nvV8`V4ZfkVcHbx0UJvj3c`<{><Li`8SP3x}Yz@*Q8_d<-l
zex--U7h?PvCY<R9nrsbe&kUQ$JgO0S9kZ~L6IG&u%*=J4Q{ww7@h=JQ*jb-Pcwbk2
zZI!-o8uzLGRtay-8`KxhePMm|UqE;_O!;4|d-^_l+&bai^+`Uf_qyjrvFVGfH;U#7
z0Q<0Nc4Zif_rLHSYGc5MxxS9|IJ=zdXWPu<bt3or86`Sjg3IW#6eZ#u;JTdb3f+I{
zORpdOtdL&A`-iTt!LJQ2F>A%vXlZWkzr)PV?gX{IY5PA3ykcU$_f_VS`#b_G<W~9d
zI5qLQVQ1eaW~vGCgD+g!VQS)9HBmglqp591pkC=mDE$D9y10Bj={>B3XJ!sc2Pko;
zUWt2?Xm>#YzrWMJ6@D~CrG%H6*R)<+DUtmrjUTwRoOR?_51AW3r|!!tA*#!?sYLOp
zmnl=SEI+{F0uQKwSn1~#xK#zTdierdnZTT|)E6$$t?fmmS9S9Lg7nU~n{jQO^bWw6
zO_=qsW!_VJmGxcN$4RvBJo2+HhTC1Q(1&dPxdM5j7C#?>kBQ#=9A@4}-!^sTzt1)5
z3{~zTyjuZv_JV(}&qkh9iGRs<&*~_G{mm!!f_=2(ZlLL2SHG2zOkmud_`=uKGk4|z
ztqZ2psaNm`$sHT=*@;D&W614=o?q9{@xhyiVy^-fD)5ajC~(R<6tJ`Z90e9H)cYbn
zeG8Ubs9s&HR)M0G>{Z}76%c$suZ4#x&=c!b%MyogC9zn)>Q!K#`jU|SyuNNy0r8St
z0snxaDHP6rht{wz$d>8N@q;sKuZ)xw>{X=C$$Vx72Fo~@xvsbb_QT@*+k5Bd?IYZ;
zo3F8Oay^URSmHz7^wRb@o;-*PtL1zhdB<t2`&d3Yj-@VGS{6&jm!g$lZs&6id~v?C
zOsB4MRXa7D`vprXF`ULWKF`ZXvF=s<c~I&M^7y*;ZBDMfHCHFxV^gCy1~ZqItKDSB
zM*ZppZ#KooriPQXL`G@d?s+bCOm<2`;@28NGiOv~Q`$F|M%!1x^J7q>uG?wP%qZ`l
z%CC;^xz@O$<(MG(&^o0A*{2$#_g|*^(fgm}qvPyCJzdj&C4IS#oxZl@G^<>OKfaKk
zq@w{|^i_ymzAV>?)y9l^CQNCcuZB1-dfkN1JlW=HHhTXfN{?)|#;2c|Z<sy3&PJF^
z*tlKuDr&s$S$$2IMt|%%M@Kof-TcB)CDyoW?K&pu*)Lz=3wsMIU5wVQ;c$Cu5;k(C
z9_ZfC2%X1aGA9~B_G0D~OPyX7i6vGAspG50_xx9gpB+_g%u0$vZNR1n?I+I3A+LT+
zl!<<-O#9RPr+1tXC{(RyzyPwY*Mu{aWqpNR5Y!dBXvYo)&RK#b7N7yq%RW;lNnU#9
z>+UxQNAI6+i<)X>m9s6U#FHJH-6}t==Etk~3F>WPoS{v%>j@epBe<=qjRruJHe0G?
z*{=3Y+wn;~_CNDi64X4U;}gAx$A`IRkertXQ`#5!b+<i!a)H*pphMt3k;V-kVW&22
z*Qv+9NZ6-d5iacWU9>>@{8&ei+-c@YS%*<0Ul%DjPc3s6YDTR@gI!seOImbC%NEth
z$%dRe#1kihxIeAs-hjwDXPwhW4y9LLga8rf8EzR9Ac8KJGoYf8T7fm`cW*GGT&i?Z
zpBfl=0WwJ4vosGLz8};F5_TcF{hg`t<XP3gIc3Y38c>G}+BSOGouU|yvRNGP?UbRE
zxVFlQ@WE|R^Fj2IKT`r)4^uIT5$jZuSPE8{8en`Rh@{~|k3qAzYlx>tKgmSk8bdDT
zxz)#hr|Yy_3~b205KG-_d?hvdUH!%*Yn21Ob21)JY^Fqz8jC~H0adY@WkM9pLrvM(
zNTlF_8ft1l41Ts4epYs5YV>1aFIx3lQ3>R;F>Z+bWVYg{Zh`jnDqbuf{toQRdbZ=~
z#9BJbR_v<+sR75ul9&I}h6BAoXFJA{KP?YZqtA&a8#l9p;1L`ZUywDxxjEUm7%-JL
zE-vFe*v(~RZ{`H7W4*PWxZM5H5H!c2Vu|>d!3`=lM0Xs(Q|Wx7n`nHJtGee^!YmtV
zTh4;WTBbLr?wuy|wL2iG(XT2Z=;+CwpnW0T@FMzxM;R}KtqCn=LRKR+<W+%ziDxTL
z>T(6x>kJvndwPlG`uKqh2G#wie~VYt6BIO>))fXm5kK%BgZZiW?FDG~y4n-8ul%&`
zale0#CGUCChLPAi@${6$FGSKx6Pd*mdpD*Ik4$MyTpA{~<&ygqCeI={Xz%8GkG<QM
z_Meh?MCF5#&$Q0fymv1+KaC~l`2M~#CGm4BrYB{WwXQ}ePc5RFF(Y5Jf$zw`AK8zA
zr+<09qmD6~Ua*|k&nIUO<+O%5_qm+O%Bfb)ah3z~boTrLdhwqWB~KWNn7UiYuDxLA
zv$|M%SheR?djIy4E7?s7``~X{a_|^7dswxoF;|Xoc`UWvK)sOL{xMWHgG%uvm;Mif
zVC*pNuu28Mk^AR(^1~NbOb_Rh%;M{4Jb5OJ8U&q^NNPl5Q;lapgBL88@Lvr3zPzf9
zS$Wi~;UZge>OvmhHEOAhC*BP<J|9G$=OPK8!#L?5M7XIt`QfPP5kk^wp!6d28`l)Q
zEgCASs*a`ju0e<gwbUbiRYnH>)Bqzv4N@pqpRIV^S{n_yg^I*G<yvq`)S^X*45dW`
zx+C24ki*tW$*Ec<ut-H?sr#&k>u&TS-;yX{DEIkke;n<^W-bvP`X(Lj;fjb>ucB25
zw`xT5$fePCiH62RdgJm2o&k<0y5co_WYopSKyUPK*|YB1!t?uBa`+4J#J3w#qjwI`
zG`mokx;hql5q8=C?4Rhuc<z1=O46r}J}N<Y6M;%{<Wbp>8W)+8m?bn;svDtF`xT^$
zIN}MVLK#+;tL6h3c<YT*8nTx=RDgWzVTmk*G=ef|1n_EDWAswp<UArZ`V(NJkpMdV
z7^uWFvK8Y22IpSUOGWU4N_j&n;LhqM1HgAs1ABs*3pHeJQzeIU%k>+~e^74zUBSri
z*46RIrYQ{qz$u0E2Tc}PcZsh|Nz62QB}HuoiLa!_Gy7kKiJHA7GWlGhCQl-_)tS6Y
zZSNWoAGxyikH*a2^4x9$j3ORw+!XJR1|htgs#|}c3^Ff(HfEF;e9vabUJ|Th{_vbJ
zf+J@@?s8v}KK-|zMSS(|mJ?Ubca-ye%PFA$_ID<5G&!`%tB}p9AqVilG?eQcoMAvb
zs~XN=!ZcR%e)N)aq39`1iK|7JAcJMZQ^#dd&~aFB`Kx7`YjS7t2hNCaoKYxU#^<C<
zJxlZ$j=35i`vT!IHnrWwTH^7s#L-U;71`D!TN<A#8=L6ZQcg#brj@bm(l~snI-Xb_
zuh|qExhM|r;8T@X5u@?cWGJ~)WsP)UG>DX6xHzO}J)}l2i|ZqzBU8gnz!Yp5;)&JS
zijN*})LRPzZjye9q=fulQ?g{L7>^Jxo*HIMqNx6wY{k3tRUZYMuTU_xQS}u|(P4G_
zj7swA`Lttyjgj>S-^<;uBA)uAu#Vlz7LWFD9xnnJ)(O`Ca1)?G<UM+Q*Ifal%b)o!
zt2MC70RC{PsgCV$_IIx&!=;x5GrJu<h+N7F=sidd>5eD%ZQxn)DT%ubwX@L2BJqc%
zv90olEgES&QCq+twmAM!Tg)G}IR2p20{*Z?BtrFAF@Fd~e%yK^zPP#Vyb$z_rH+Z1
zpeM<R`AbMOG5-ezQe%#K#t{CK7Q}pyl1$8VHOJ&_P$1ux<|w#GzAM?$u#$7~UCBnp
z$ah-#7xF#u@;yjwMZV*<CwFFVfEPfc?eo#TGdrU8GmE)T+bkwCi%0fl7U|zz?Fsq>
zm$M%^Jv&hHZ%<jt^QVWB{-;(l&$`V%Ttx3v<H?Jq{o0<Eoq8V$4w`P)FDJoAngl-}
zyfG8NDK2$tg2Z|1NAT;jOj_5XE&sAmTrZKhUV^wrU68ECV+XRD+rA)pb84~#HeZ}9
zsbsI-9C=K8^*~?P9bHvcKtS1wJMJ|y3zhFs!(`tt&NvaZ6MFzeQyn-h9eTt}AiQTH
zd8u9Lq;}1Hj+RkVMneE5x>1Uq#>_}jMHp4y08mk@?nNK!ZA2__xm5|Ac26U(7f9{O
zY{lcgIPDLkoyUY?zDb8x=;JVem+x_+yS{nk;%NKB!c^(MiRC%*9pI8F6yJN9_|7jX
zJm`6-<+}*5AvpnN0(@00!e>CpuQLke7h-vJo<8S_pp}%PPmC6MQN21xpz*2#3SI3f
zv>_F*LW+42z8Dd{xb+4^_%948Scd@O1Suw=6<#WHwTF@VkEPr<Pnv6`6WhP>fT)d+
z0>;rxZ=*&WNDpmDHE>$7qJPWY0z6E62;bN{`TaQZ`-ynspw#GXbF=S8M{QjbME;8S
z{<#0yQ;YPMShC}FH~$e+64z+@N^#R4!7ePE4vB8^B!*L0NjLQoY}mq?2kncH-`$em
zaN8=lEow6>+gE@8_1}y_AD<SA;HR$;E$0`L^Ogeo%-h4XuP(5M1<Ac-4~yP^-2yU>
zNL}zz8Gc_sLalbjFTT3@NTwbnL1_PaRW!v_p1o6iGL(3mn>(mO$gqzlTDi4HCNKDC
zqBQOisyx+I7J4q%wtp`1)KS?fiL2CMGb>A9i`3oC#Punk3<J&{X1lFqlVioYlF^*l
z621Rk*#KgxW?96{#KQ+9q{uX;9B&#^>qVxqZsjF(=b@JoN_%9O2ZEk&A!Qn?4^3n7
z#K-CXhEZicp|0(YGaIytreM8F2cqB+(g4P1UZDtvG<Az1Z8)`p<h*5ym?2H+Utma6
zlZbyCiu6=MxuM9A_HkPNPkPSzHzp7o#QySapp;#@HAC7~dkgDL;R~Pq45bQ<my=Rv
zigLxA1qT#IO`MB5vTwa=G<XK~w6}UrE0Xul;A49iH88<gtH^Y!^qpzaUS>$8t7P%2
z+5nLvNRF+T)YhbbjD=6ETwRJQMDL#^s5+C{4@n43YGW*Oz9EA*sZEke&0&X`)F#Mk
zGSPOMGEYp?gc(U_|GUi$RY<coTer}{wP&GK4Mdrcj_nS1bTJCqud%23<^N3MN-ogy
z`@OAt!$2i!ASvHtIBnM>CbfbNrvtD5C<MP&#%LcXG}GB6S_ate1-N$JOlA*;NpG$b
zvoLcVFE(f_*VyPm)EN-%R18j22~Vrss$FgiZ{-MGV>!EA3Ji!bcNyoTa7&WzzlLIP
zyY#rroi0+kB&-KEEpq-=Q|=qi^egxyku~!V)pi5$@?RCRyaIlQy^fRXq0#$qH59=y
zMuF|Yl4N^m6qSN(ptJ0};NHa0_E729UTei>V>>=&mhAx(dkvN1NyJAl+d}}lbh_R|
z8|aj#bU0c|PBCSs8q<S{j7?pzs%&gBz6vmIS7l$E!z)*b(Z<DSSI0KK5Q{9~lgR$&
zDY)P5(iX(K8hg+f%&Mnj6f-E~jR`}%F=0qmw&K@Rfhn(=Xl<??n`~S)QIlb}F?^NK
zkdCbFKi%duk)a~aTA3^+qVfO;YaH`I`%)rmveB9xwn}InkG!jfmb-@dO2FFs5p7BN
zbfyDsnHv);a=J&nW<^f-*sbo_*<Rn++ZzlVd4~FiGZ?^5@*)l8;<GMwn5fo%K;@NW
z!%0;8{Xm#%BePVA+%WYeSKZqSlv-#nNZInqT)-3eW-;>Sf}zn%UZ$+K6m+Rt>OTDl
zFizvx!%w}sdE|<`zJawMma`TNLjipgZ9@aD>(Y5vp}jzZ3A7)|*$YrO`q&GsQ?nOX
zdF%yhEoUzX6E*vsy&z0{$t8Mwfu)+gV4=4c+;fM+gz?%hdV2vZ2<xr47X&$bK_7eK
zIg3mm*=;KNh#3nG{<+^<yz6pyRgM`8cDI~j{e+vJp}jzBkhd398HwiX1<Evg!M915
zy+8@F7wA{^0*3o4s}g^eft$6U)~p4|3)W-zX<RQ7SP#*~*H0XqxL`}!xJ2WYiIQ<c
zn^UK-P$-bL-(TVP`*;KVo9*{6WWV2}+OkAyvwtL!cvUqhu_BJCKiuT=rIcynLvL}g
zv;q=#FiRBl2+8Q}uN!rR8+$G_Tjnl*Rviraxefg`mZH<B{D%GjNjkToFXLr8V)4|&
zT}+=1{c3g%3g$QTTe1}?HIf?ss$~>z=(E|1Ki}-Stki&p+J@d7{Md&6D%$oNdWW)c
zSWp2yg8Y6zKY;zb;Ztruzu5NkXBO$p+8k&QZa+U)6_n)Ymz}%YFNDdCfGxRzf>*!f
z8qkqwe^1!4_QeCVrN6;#>7S-V-!1(wNj24Bo&u>cZQX{j)sxxMZ&Z?P>5Imz-FcU?
z{Qll%NSdR#-2OgHb~KmU--pQ>u<ZA_{k>&u&3>=_z3Wf=dn=Z=-;XHT-y>FSd;e!`
z?@QhGzWY&|(WR3hG~3=kbg3u7i(Ssq<k<H9-AAnCwI@@un&G9du#!dc6Fu)@+3)TU
zWrh2B_6epDi4KMyQ79ENqLO58KaWA}{!6W<L{2RAW6t#4etv}Z^U7gA{hqe+@0kq5
zqNbfY7v+~ADc=q@J{v@MIAJB5ccV$R3E7HI{wQo6P&GEuxYnc}lrjxkyx?_<ac<@;
zWkyX`|4F1aniiK%<VlP7pjV*gx|nKP#cahb)}Zaex5K4)T$0Y@{j`a;zocqBF|5kk
zJB;?4Q^Vei&3w!u09yuYZsrn)s&>}IUi}yvl@P48O}Ik??1-PU39qhuHatIx74N?t
z0)+DLbN1iDm;VGkh5K)HDtgN8zm2h?any(V?{euMBchl7!`9FY6&i##;rh)>#0mj-
z6bl!<^mZ}?61Ly<Zu`BDw2g54EqK;FE_s;We~0Lw-+yC%=)3<`m+^%5-!^h~)oP3s
zxBm_k-3s~rcbNE+E9v*&O4a^57@6_=@0(zbx&3!gK!320ogX$5ik%cnwQ=pm%4o5C
zoB2*4w#|K%Yv{)Bzi(Fmx{q?E?xWmrg>Ag9wf*lAsbTMuD>aMrrUA{V;rj$=!5ZU&
z*-F=G<~@9=00!=ZUCE`n6RKAO)ZOkCc(57L#od(4F4Q(1rwPc1waAANbOYO6tKV>!
zFDFfEg3}<1EYa(^cFcvydQN)(Jo4~i2kHJ=qb#_xaw$2n<Yl$0p^aHPaVB&BY!bq2
zEBZKHtw%d%@>lzG<@$ZP+AG?p+dW@MRpJ%afaH{7&OW2h6_)yNpPo^>`lw#LWUde^
zqDsB01RB1Q#j?g{wB+p4)hWYykCN=t=ei+qR-yDS*rl7IU<1*(*riV@+@%MJf26-c
z1MJeX7&QLn48jffRg7Y5yY#L07FJr}ue<n3a?XI05zW~hZm~r#T$SEeUMBSX7x?)f
z-CeFtU%0)XTy*6{@GQLYGTY$^*Ir)L0^C2}5W(-!Cu)!GFynu=N4HfA_vm{R?$OyR
zN?qa>ik>23f9@B4kq{!eKnpMV;;jMy*8aSxvjv5FX*$#McfGH?h~Tw{hCk-WR}>-Y
zXEVz=&JB`k&N3Dx+J&s~#Dl69PyAu7{oHMZXD${KDdIz=*BnP>;aYB&-Rt(tWmaHK
zdhG>H87Q67r-t_Brr8$We(BA>(hMX>o~Tp12L*#zYQO>R3e5B1Z!EDvR0<BBC8gny
zDk1VHkJWq_z2r$spsZV}I;x+NXjch1(gyQ}8R7hDQ=Vt-_1ug>%<45<l%?(#pF+$2
zz_Tt<1$)>bGO<vmMLYuOntk4O(UMK&@futdVSYqW&juqO<H<hyhqYzppp0#AA%CQ9
zz!jTX>+p4L*2}p=W2DFa_A_;^8XSUIe~?%i`D0VV-V$GiJ)6-Ee!9x>Q*;Sg$++dx
z3Y)yJd|aw3E1yWskq>2BoZz`P=WH9Ui-x>>O^|pmTk&-g#wBmsVhtfI?Ksj!xLg!O
zUbngdpXE%*R?Mfc=_)ueS)@X-_6sZF#7(s=EimGi8S&JE*J$u;J+Q+X_!O7oQ|<1<
zur;{lTGvXYq%qc*;mhFuDh7Z*(uCQXWGmvnFM++b@KQ{@J1v`|l@RmSn<L1^-TC@}
zOEH~4M77?mB&S*<-|zXWjUjQp_<-GsF?uK6k)oxC_hQ1Vn>B1#B|JL|v*szwbZe{W
z&d)3p{d%_GP*b#DndAHaZ7mhiv8|}nu~%Zm5{?&<*O)Kyy#rHudjewKuE|V2-|N)R
zaL=2Z`O2|tGDn6vzjQeVDW{qi)59%C{^)b}$!5N@Nq}+pV~iH!iLOE$mB_>H$1Gx_
zD-0hmd01?tszn>Oa*!0e((Mqb{(j8OR4TY1gYE9HN)euHR2@}e9n@E}F_J4~1LdO1
zIf&Z0s59xPa~RYq<zv_|;qFwAyP)cUzmqO}ku>&UIql;k-H++76SKVjVgA_~f9tRe
z1RLGu={<+bQ{$<<?rM=smFMG$j8M9=pqQa}$QVRewKx>YJ_F<UFt5sdIKnVQ6q6cG
zdXfH8vE(;l@6tGRNk+xFN2edoG<=s2S+eUd6&lhwG|W~sGkk8$e8`O%VX40{BdkQN
zvKuoe(}mPqY(LzXk#PCE8#6j`%iVu*_htShT=XU|hmWT6uMF?ZoSVB}1(*3$^b=3a
zHT=Z}rV2{dz<jc|gM~S6oL0e~jfXk&it6-dGp(G^9(IM@pD|RyAU4A8&u~K!TfM(g
z%YjAo(zlqaw~A?GSjF@sCR66jV&#Cw?$5Y=1c+LAe`aquitf*7_~HE-qhx=FMg#IT
zv6Z<yG}FWVlJ3t~cZuKBQjj||R-RPHO)S;jqX{z{FYy_e6@C?F%u`RU9d94A9DkqY
zD!WfJ$8*bn!#*~1vFN*)mmD?EIL4Nv;R|LW+vQx(OP+8!pDM>pWc@6sh+ix-esLBi
z?UbY6Wun#cAo9Mu5_h-w1oAn0zp;~`W?l3WdGnu=u<~Bw2B~AQptCyhRMoSROR>m5
zF*|%vYtzS;iQI${94xK?9V2Qn%OS*uZQ#%kA@-RV!3amZbPwZz8w~q(PLg2;MzkGu
zwMnv#Bh+eA`}GbB`|DSz^m)m@HpdA@WGhxu@yNtYAE{z<>P(CVVoo*b7<AS72~s?s
z`hzu^>a?H4fGV)h@08X$*1{0-szl;7g!@s`#9m&|NGP2Sl?R3@QICKe3Qfc6@Ln2u
zO=Co}FK7Z4?UJi>#c%kBoImDkb3%I>=^A69eXbE5&7`3MUJ7fF*9aJqwW1zOCqq`T
zo{%g;_+1)7*T6EI6TM}Yhv*$_9q52;6n4SrrAx_(wZFw}n>%Q|na{WBUFQ>z8Old8
zc(4<jv-=qV_PHQ&i`Mp#)Nsxo?lPRtc5xlJ75?&AOlR78{&GaJ!;La=v+7`0y;&8M
z><G$|ageH$?J&ntRG1@6U6?aZ6Lw8;TASxDkD0OV3cL?;|3)9~$5O|J_iwg1jp7PY
z4TffnOpST&b|anhzlTQQz7*9p+yCqJ3DIl;53rRH%%knUlHJaHccsP*zRf20)Oe`h
z>~;gDd%m#rR?E4T9JAZ)@8WNb3pI<E&sNEh9~SY8m*_jZl4A_RU&$#{8W6|@S8`4@
zrJ>k_=U9z+fnCWt#S{cH;VB2c@Rs-j>hRuT41uv0&mCY4J6$OQ$_m>t;}{MK+S_Xj
zIFjamPF&hTJg+U7U$-ygfJa!3!QE*K@klnuBLe(2DnB*)6;V4`DmpaO5TyRsnlgQj
zZ>17Do-X8wUFbrNV;e9|R2N;ysaLx0GsrssJDkP1uA!lFUCOcIPF0Ad9(vuP)?tB)
zP@b*$PQEw0o+EPc9XR@M*K<bEzSk4Dp7WHDTvt{;$1=FDyPlKR7yNnIeYLdi@92ou
z(8zVk_Kon4&Uqm|pct&ah63@#JXL|7=c>GtH9(&n+TFt}r!ZIzWrY;2TJwr)_0Opc
z&R+OS-PaLbNKvZ~?S&k`n7uH=bp53r4NCSx{R#qhK|fpZmOSD(gQ2`+7aI)sEi@Qv
z_@aN=3m?(k+?^dwK{_xt!#CZX9c+dzIsHj@ZX7)3s}43pRZyw}how5ZVVL27;WI)|
zsKz{M#uJv|?T4xo+7HnekPegP<m`tyyktfNynt=e-)}bR9@rd8{q4>YHRsp6h@R&Q
zTd*I>Jn)~nzjNlP|9`l@v*vX;?I(s#?1cZ{yT5ZH<M<!l-;r_h|K$G8pH}LUM0i6<
zmW=;P?(bZ;N(1}9>;6sxE$aU}_jita3taAdf9IYR_`$_`@SnZEbI{>%<HWzbzq1F$
zbbsfUQ=QUMIxwu)_x{eP#qR#jn*;3r&fm`XTz=R74(E@j=zF`%tF&_rav$7{hb*))
zsrUB<{$d-;M2~%I*Gwjd6xUl7wlKOp++hvGFmiI-gxR2-TfDY)@gLdQ*LzYo5=-ox
zwySYR62r(gk<#zj<rmo!y)m9|-p(OEo;p9$T=SX849!U2*I{LR8(c!g;nSEUTs3y*
zH#*LzWps-{KNp-(;(d{c+Gx-$BtdRQohBP!(}Cz~WMPE~Kcm~q)dka0j!2A7k4p^T
z(UtQmsmq6O(`E2Fm&<z1$kr}FjgR3l@{Il`3XqHQ36L}XaeQ?9ET`>A6<UfaWF>N6
z0`M{1(F{smVUQ{Q7_Qc7>6fbu+5K);AT?&M8%?04n$Xhox8(EkES9|IZ|a0^gv|CQ
zk)|}M$)tsLzc6`uF4^wOhsiII?7oNlwzKys<MY0U^Zk9Z?|FK!^Sqk5HueZ(cZR-;
zPjUD>CVhkDJl#l+8TuxNIe&6F$0(<oL8Ql8PEOy@bJy()KMmS9^Ud!&8f9wxS>KgQ
zg(1HRB2Q#j&OGR()|RtchRi&uLBHGad(6?}qMcooT~c4xFVJ?cq-4<pXHGt6@_su+
z?>lxt`}(s7KhaY4z>&RDzVyJ6O~*EcWxhZ7iPno~0bk_4g_BM{_at)fKX$;(_2*6J
zJ(wq2zVkps-^7Xs8sa}_2uuF(D3xs8kEZ&EO$84$Pi{GB(n&2R1*z{<1|z@RvPUp-
zhn8=W-gI<BBTt?xx)XCfPcY@FjHUHu^4+wERw7|5x-VIz-&{k9SmJN7#0xQfPWwqb
zbso>bUwSe`g$sv{HOfw&f$8PlXop~_O+~dn^@U`(m?JbCE!NPj$EtQ|GuMZ^FZ<!3
zlAelCAC9#@RvjPN6YY>&+(R}r?o}CS={X{K^j>8__KDcY7tem}h~x!((eeg7JL7f#
z=|iIT#rN6`)|#q#Yj}a9nj@0O?^S+ea?)NyW7)q&J61EC=x@5Bv&PbHWAwf>F4s$N
z-6p$NyRg`N;PDFrU{QI*?e2LVW+!-pxb{E|Tw53OPlwOvozJP{@6c%HV2-VDdbX6U
znWj9wES@;IJktPBxH|a^@Wn7?Tx&vynriu4ujB?xj&^pl-wgEpc*%(xM&eLbrN5#X
znfYA~jh6ImQ&7s;OB>3pUgmMKAGR_Trrl2Ilze#17Nki7!c#Ej7Cn3OHOt~CMT_K4
zZsqa+tC~J(s~K_nhClYOcT*V*B9-yTD!W6t!6x$xqi&9TYWqh0spm5ftRFQpw9v#1
zoq^P*pZvH#jDTo~dyG#9z-<h&@L02YzD8_Y2RW~Iryq&$v5k#j?-$M$>g1fE)skfE
zRgXFkkjMPah<y9`4dVKx&p_+)w^wT~jieV$##wZXQoCW9NPqgcScb;RgFwz>ezXQo
z?gu{RZo6`{{V_*cQ!lWqcTMd{PwBI0D!MK9a^REx(vK8L-+Iehesnz^S;4&vELG`W
zzqT1q%Ssb2r8kZHDBH7rF8Z7O88ioxGe0ZEp>Lk`nmtIz4|-8}BIFe$e>qnZ?0mds
zRFJ&#W`&dO^Yo*WM1E<9O|W+K=0r~n&XU+)A6+%VJTvwTsCyjhNNi_^^_2k<w?59=
z@aW4L&JPVYx1{gIWu(MNAn~+|)`GivM=zU*tB-A3Utwy?CZ^vQ7b)p^I!GpsnfpO?
zsmEmdGX4B#2Bqs=d7$|5{qZKo2Ob3_t@zMR8o~MzyyQl(;y*fqoc-VTKbiO73;Hh+
zE&2Y-6i&96>*qfPf!_UB{OMn>&yGjh`lKGLWGLzWd-3|fgA)j5D^7vdlMfzm;p2?%
z^=RHio}g?vF|!Ti6vKz}&jBF6JwMZ*)A+-S-|1Ixq|NW8mz*qI_h}!4D?MLH-xa3y
z)Tu_L{zO$I^`H<Wy^wYZYpK$Q)meC*!kdR#*amq5VK>P1$-K1e#+aT!Py{k<AMw+T
z=?R-fDCq|4Fnyr?g!01tRdb1Slibm81GBtj2@k*w%<i6qKP~EYo~O@#psTh=5)7my
z+VLQNO`dJUhy7fo@z1<cxGVj-|2{*1rs~fG{R#AEg#J|PkC9z@8`WUy_x(v)2wX6Z
zZa0^-#EU^<As$v5=9iRf9bUwTm0o!|F@CZup!-4sikM~jf?0&HV_(dBWREgZQqRY1
ze2<mznUl$kCq_xi^bGPM2PUbB6)?$c#lx4d;$ZBiu`Q+Tn@(&!BCuC9onUePJa|R#
zGQojDk(NVn9Ukr61rf#@I?r4)xTN7>F%#axX&q@2AxJ!xp7#jCCyw;44BD6VD-=-Y
zAp)s*v{h_$6<hdR^ii!cfc^_&ES9=oF)v?MrWZa#&V8llU#1!HR>T5%{E&)pwhAW}
z^GrKdLbLgur7Wnw)*ijW_Mfe|jR~51VV~jX&j=@g%EipfIg1Tl14V1xn?})^IaMnd
zjnkIda?JA)G!*w-lycyl{sBHBBNP#9D}+_FV?5I^cu6N{d#EZ+3FMnj3wUbf#!LM?
zo+lnp46nlf$%Zbn;JgU8(nCamR3~}Ymv+!oWThKtl9U>Ajbu->am)%uVI}nf9y(h2
z{nF9mFlQ3Sn?I^l#kOZt2rfTSiBqj4FC>xRUKFwfu)2*V^iQS0K@CH<2#8f$Lj<(Y
z>gG{h2_Uytxg#vsB*-vksq_hkrP=Y-@nrsql;zab%SpzCdDEgxjkW9$P()lHThX7%
z$bIz=;8OVhN1N8}{G56-iYGQgFt+{|AUe^5=<H)W{O;qznS)=d^h-b0#C4*=Fo(K%
zhB|?Bm0PKtY6rZEJx2+)h-UYk22Yxp1OK@UE`2aOlGhM3SMoxMQ5;8Q=>xxyzHm6|
zWcPvW86@{vnxk;ii3h(_#T+FHVkEvXXK+dS6V!knjPzrkBSwKggay)Xn1Wzp|Dh`D
z?`haw&#sojfYM!xBE3-)oa3wXBj}Rid{aI$jyLWEvE95d?0w%SfL`OtM?_ZWZqbfs
zb`#~iV7q0shknT;*w<cORZFqt5!)#^LKF^C*V`}f<4S#bL-O$QF;MWq(aXNeXGV$c
znQx$q9z0WCfewy#e3LZ%DXeRV-nm^>v~wq-(8J;OX#LlS#M&<&0gZoEWSbmUA4^^w
z1dp^%o<42z8D~uo>YfVbpK;ctGfz7EtVu!LreMKIXHPzJ@+s$?9@IS{J!5EW{`AQ$
z=l$2D$t^)-NzmQ3eXMR-P{*r+d>&l4DIQrE>+UL#)h&<fTbr(m7+Jb?+_hs+w>;=x
zSV<2tU24%k-deLJ;_wdFM7-|lAhJ0gy=`f2Q1@aG;c=d&6}bjB`ZnT>($)0Uf|={H
zv`1CSmv5z}?|NgeYX6h+`LcyW+7z&W%sr@kA*fpdFe{twR7lS(j+_!bvujFpV%PfU
zw62mV`V&u$TL%hHiJtR#6CWY&w&a88Swjw(5<TmsDbbdfr$k>|RIE=;LBHGcgXlxc
zgUI^$ZVO|H=VH9P*_?Q?x#rcz)P!uqZi^ZdFU3YRm$d%9=WA1D)5<fnvXHIT!SToo
zy80b!Us&FARj~18u6_@|LbCHF_CeVeJO>Zrdl}l_DLU&({O;j^IkGMmy))YSc29rC
zsP9H~IqnfqEekev53kBTl~}hsu}8-M?6y{RPHWN!{<$Y>*gTgsJ{~`;l0Qe*^5<C7
z()oi|jA)HmU(#cA_ZyW#e~0KuM{O<~g0qE6jOF5P`C;YJ9S@a9qoUS!JQN{57HNJ|
z@IgcLti#6Z?~xPr_t<Irdwm;Y_#k@mp%eHsb}E04n!%sn%_2E-ARA^r1~;L`0SP?7
zQL)bF%hMk`>=@%U6vgvD($x-35mX3)+l(J*oHvs#{%OJ}aa&bj%(kOSCN#Z$HGy9^
zXSCye3fcyC6QK1Q*n?rDwt=-*F5&j-O#i~6<hQZ$^W8S~7HW%st7PU*{wOk+U+~7=
zchrMdV%?IT^XOgiWj@|ToPzEhwJFhydHIKw%<vsG*fr_spL(((Yv@?T8<AX8snoKo
zH_c`)zp%<9?Z(#jZ3iI-Ql%#yEDr5%T^qkm51PR9LM6Mh{Kl1g+-CMS=U{(JEH&JC
z^XqC5UWtOhX7)(3diSIL1YN;m1*4QErE#Q3_GnM)5}7{6zi3AaerOX@NdlKwts}q;
zFR!X}fsU$j0(LV%;>Be1l<3+n&_Ua#R7X`c`Qoio4-oFpzWxE@>!^|nPV}$8Mb;CY
zrYK7#m5u+%@-@h7^LewvJj%^hAuG3k+h`}s>IE&elfLM^4|vTb+WFotS|>)OMYA5z
zUdF3CYm&(hWpG|DYaZE(pPWZyAfOeXU>EtY4Og8>dHu*El?IVtz|v!Pq%xHZz7!FD
z=-(3eHX64o?~weBrOrUOG&$jN?pKQiOUpLm579fDOL#UFZ+y@G!H}oP<VuVQaa&Sy
zWe~%SC0py8lTAUeATL+e=jBSA4ekSZx$=JSXkMg9RBRuwTa)ATOM}SAj;TvBm^hGN
z=yoDyS<u~G8LwLz6A9=aBE_1}yKYY4#Os#mMo;v%Er=B4#(LN_BE>fV*Y<5J3~PEh
zHS>KZQr@RLBBf7Ft0uPZJM`7)>fbA$FR1ZQI~>xwAn}Bglurb83%T)Hi8&6f_nDwO
zBazZwEK=$omoy1>TPO}VWapeLX+)UJZcHqh(gcs+0~xX<z-82KOXH~lp9xaUiI1CW
zx*NIB+pycZ=20hYYJC<7BKbkhg;Z+Y9*Zj0R*sUp%X_ZpazOuB4W}Yg@DaeLj4+E$
zK8QjETS~L?;*}!BOcNA}5OKmI+TB{xTXqPCw%q7tM;qf2Wxb(aq{K`5MgN%xRvMj)
z6BwNfg$c|to=4zXLuM%d+N!w}Cct^F3tVo*Vr)+|mMlxw_oq!M$<V?>{DA-S`H5sU
zS-&X!@#K6*31^i*AQg+p(9xsD;iKrQXxQkwKlvG?)V)G4qDMQwNg7tskcW2eNj#Ri
zxKj3}yBKm)$Gfdx4dzRL^6%mxx&1Iz@9d6tj;5$wbMn|az?r#3!I@haM*Z1FUT^*$
zT@qF<NEmCUz<&x7DDRp!#Cp#lO$y#Y)Yy+w?{iR@<u=vidWdQFsk^SSSWW?gDPLGj
zpThbYFvpPygy3hb+=8%Heu<8+n#QuA5%3q~fWPoUt$$9OYCNgZ6Z-S6JUw}yeE&$t
z#)J&w$#eMy*DO4rU;QiO&mp^$u%<!s@(+Znjr86(tj!uwg&&N<v-ScuJJAN>6$N(v
zjB<`ijP#92V`&0vC=|+CFm>vzlaPW%3Iy~-hFd70rxCXSyhJS<KpQDe|2UtnO=dpC
zx6>d?Nl7IaI<po3U?&Ok&AOWW28_k-z|0LXu_V19F4LEbvckWkswiqM9bh7q+QUJg
z?4IT6wcQS0A=JyY%Se@`BM$0AUG$_84(b}apgxsf{<E+~tAB#J)n>6YCzF``GDL&=
zcmfjWY9l@WIuCWF+N7;2P&a7PM5XookQLW1wq8(Iq4Y4;Qczbzg1QDHfT~l2x<PX`
zF#^om1?E&~pmc>v!3D4}xB!wg%$i3)=JV>zt&oMG@<hv{A+=9RK|{X&<zaoNePw=0
zRVgXB1x!!Fs8be5*=>Iu`+>(IfnL`7pLPi*d7M{YK>xH72Yt<q=pVl8pf3y!^$>C_
zJX_#Zm{zPdplkExayp4EH=tJo=`q(D=%F@)yH!eh)k9P4O(BB23Z?Jil^?-ftqAT?
zhXi+ZXK+_U<1t=E4aMjBco%V7mw6;u#{ypFNR9(6d9LOlE@Z!#J9QRoe;09?gUYSF
z&@ALsJe>xt@cFeqf1TnxQcwMoU!q^)%YD4u$5;4xrH`-UH{b=>TK#e#sD$>6fvIC#
z^-34Gwn|+Y9<3u_YS%QY6e?yMQ4lBNa)SneIR*v-e1+)yQTqX4=i~5&(au+h&3vPT
z!O#4-q#mtrJAT_3dFKaUd}HD^uMVTDsUB;rVPU>2`96N#$(F7Nru_NDzTA-x4O0ra
zqt&LBzT8oa0ZcL0xYKXf@-(8c3OO}ov}MV8jt@U%3=kB?PFhk{k`A7v6EpV9V8jjE
zN6*A=>Po?Z{?0Os16gIqfeI)geHt6DLNc&Prb<u#jI%68nRb)=bU#f_QUYZ@AdP7?
zR!!vBDm%yskx5lYq(0=~1p7!g{l>E#P2MojYJhW<YM*|zo{lwo2nh96DE+{#LitHm
z^}rx#1SD~(?(Ar>VktCHC_j;sicC{v8WBV6HU?t7wUJ_6z2nJJLfvaBV}p4i6!l#d
z4cAo3a7|?m#g@B3Zw~WAHfp_?$;$NbJFsy&u(Ea4(LpGa7>NHc4zitV88?~ums@P!
z)WHvo;MMXa`aHg>7Jmw7L^Tk?HbCLG4Y17xLTTPxeCr~{G|>EbJ@a{!Is3`f=(XdJ
z@0mrL*@FylKrHR)voPp4+73I_VMG_CF83+`R$)w>Cww9#kR_F+9}kZ2^{h5&EOC&M
zS(L1aicTf#z`DL-3Tv04zd)*gK}s0JY75w*jDpAtu*J)$A;0FB5EfQWL9KMX_){g3
z%*PbhQ{W<IEp{96F9g)TRD0aArDsBrnT;Dh7h>spuHfXrB^uC7G(cuQe6u4L&kMG%
z{X%lFN(RzGauF(;v`v5cYBzhO<YsR$Q>A$7Hpi;L9b+seG@TJyES&qqr_nv+GCr1Q
zGDp+(_$F#H0V3uSqNV_xQ<vD|aP6SET)UX2q59j*p2ta5Z3X5t7Neyu7jP215qVwK
zsPl+@txu;bai*k)um@%<hAUOPh)RAxEy!`6ZpD$lETb90?3IM=wU1F!y8oO3MzM|(
zu&Tbx$F3sSdDcBDfg1-Z!E!gCUh1rfK(r$}homKy-!v&8Ix@K+3?ks<CIQqHQgX_9
z=RU;PaYW#zcF?k`;!uiO6=d9cmBs*}qEi_L#jiMBGq&@Jvv{dI;Jo7SQ%OpVN$YYf
z=M}YzdMf};k+uDguh&_Eld#HqiDWh?WL13shm=MrrWGYiLe|xCs)6!0`8;J<9_7ju
z@abA~{Zkin^-I1M-nt+xtkFM4lDW=}WWJ(gb@6M(>}+F<=13zel<OHaCmis&n@kna
zeFXtg7$&x+rJt>VwCsZUb@6*sg6Ku?-HRuQ(G8tyjE?Y>SoET|{HaIQpL%RQMK-FF
zb?QO=5>D-8zArengCQKPE&zSKe!+L{6L11}2+Xa6&$~)W!YyR<&Lc?UibJ&XxH1(j
zt<oxm+sHFWgAl9Kj}dtEzC+Bc(n?0`p`1Cs{bw?;=<OxlW~+@QV_5IcgE?Ze&l_4e
z2;PiEMB^D6OLWB+gvOO-*%&ZZFT`ZODX5bjq%wFkZ-@Cf9_e<*`(@sEA4IS@EZk8x
ze60W7-B`J?rC1YYvbQE;x*4c{WpNp1KK90YtTo<vZ*2s181Jo(xJ)M2MmUDh(vr9H
z6xZ}!W4te_R$v$U;__j^^#P{~X1w=9+APqS@%||cIlvQ3%lF_q8-wn(vb2CIg~t0J
zbson1E@y6e0i+vJ2UR=EJvNi)u(UkeQqz?BQMPHf=RRnPKJ-K^@_uZ$XPOgF#IU``
z64~aO7n>3<$3_imeJ*cnd7=s5aN_{Ev(|T&_xwJ#@gK47HwGM;Jbf^Bmd~;+EOwLe
zsXd~zzA_jT^2U1X{uz0iC<iGT?updB+niXN=|Jv@c9f`p;M+r@dEDEGFodnqORM<X
z2yb#+M9L_<y&h5W_!CaXnvv9UO;RAIxnokgA4KEXOZkJ2y`(3Rlp2$`$+4Gb6s7lN
z^lSn+wf%jM!;pKimr4yRRdHwyrF*d#4LjgQP<?OSVi`33@9-9DpRxtK<>rg}@|Lfu
zFXJu7Zu{~U(Ggdq@W|%~ysW3+2eX4@1Gg8r8t|bw^Q>=5#pSEWbwTvb@0GQ3?@AgD
zq6wg0?i6j-NFx!%L)Ip)$RZf9=K3%v>|X)Gk5&`URvaspUT5rc*j4g<kCYJAMyytv
zf~h75xIU1X7n}UN7*R`qwst7owHmR+Yr%-$KoQH~kVc$5q&}YfSrD}UthS_;8%4St
z#kw;Kzg_*(?Ydm1lmesf!sfb93r)G*@yN<p_hJ~#+F0G+&4`&hE{xSJjYmF?aXuHT
zdpaK3OsFCrd4u9Gm=|Mpe{&4xZQlgn3x-W#`mldxI_-;e!(cXH%3bCRuVEWlP;+gp
z&ke(kA!IPJ`C`iLRWnzOGfO{uSIrEv|3-Odxn){^H)C>FZb%8S8_d&KvpL}8E|yN~
zlMSF!3@(E)`)zTVg~eRPbC@PR#@X#@F_{s4narNzE-%L-pTu_iYctOV^4%6!Fq&&V
zZA$$N<^z-29OJ8>b*<0zH1Ty@q`@$}1>^9G>uI=iLqqhcZcM@(#H4q7Dzy4O3j>RG
z9tN4kBfQVVO0{>DXIimc#x}m9gGVlN4&8KQ;`E{1!sQHcdz7YeWv%F0f18N3gtrLi
z>hFzU6y<H|whNGH(x@a0dl^E%HCd>QA#@*Vgoe-qitM1J>DO>zS&t3X?k9+CWh=(g
z5y;6m<PC(>cs&hB;bR9{t*b;8^~%_q&bNovaC}i@HK)72?W0J2*^{k1<+VRC&2;I{
z2hes-JB)UG>rKu;d1x!z`4vJrE%DXFfRfB0rC`mTn-YbT#>D@;XzzF}lg*}oa4|<E
ziN_k~EHo8&JWqx;?^5O(XWeEhB24s6uH>Kv-TO^DYMZh<O|cJEA$Qbv?P!kLu0jz>
z_oGprCEZU$4NDFm8p+(QCOx#%JK10$enxaZPRVj3x{}xG(vMxFp^`g10+Cl0Djgk3
z3TW<Hv;aj$JO;Y2!o)k5AcH)}4RX92<f-3sgH$;;$c>{I<T~IOy>E1FeMfdiIT(xr
z{Ng&HoF%rciPT5$!@>Y_jn&M6!Ctg3*zMz4LuzLo9Vw4x>qpqP!-?*o=KWyfYZy6e
z*Toa3Zp!?c%O~l9HhhOyg26*18lPTL4;=oYSgN$!B#T#<Q>9moSP#J6K_0p1b7M4|
zourkf#)OR-i^b|+kjg9DH!JSNiIq$3KkNVD?M(oqs?PrZ1QG}c-hhk-MIAI?qNs_2
z1_enZkvp0wzG|ffEmlOV3n&xCx)97nnRhyhEw#3_m0JB(t5w`kDMG@M09rw;8!jL&
z++o-hWmB2|=X>s*Er8nh?fa)Scka1oea>^9^K9oiYQU3josUmp%-`?@_`LZWO``Aq
zBF`bkxwAr!A+&nD>65$9=9&(nQy_g42iCs7H!8;n_R*D3OES7LN?p0$bR~bDK6o4Z
zj8g>xx4~QgmkkCp8(cq#1_eFO)%LF^X#N41Gj!^fMC>yI%AuQP7}Wm#kp{JI!I+#v
z?NgPvWiX}0OX5@R*Z$?oIjN<w)IhcST(|tmAYZDy@%EiY`S@)BbLlbZF+Xrhdd$;n
zmF^<+{-=EZK)zq~Cg*$GKw7gF6wqJypu#i9n>h}1r^Obh<_To^4>bi`hG=ARo_pN)
zR24H=F|lfvNv2ED<7k^=Pm|NhJxvw50)K|j(N9$BKoP064A{6b$7F%YtmMYW@Kn0W
zSzt1xYe1XljBW+WE65*P*sf5nDt<nlDDXQQe@o&g`gKFHHET|=xHv^;M$?p`!pd{*
z(vCT?8{8_ObeuWZf`14#m^0_@AWXGyg2U#PQ|B;KZR}3rh_Pg340WO!A3$~4Ll~vx
zZffsCcU@&v+y_P}cC)@MOn=k3k5-|>^x?7e2iF|rynS_EPW%vOhWEjQTUiu))^sWD
z?Df%o)Sw7`&Xt)pXvcHjWRPrl@lMPFY<M<^Dj2M{Cx$)=8Wn@~GRKc(sjbX8gdYZm
z!Ug!P66ez=wiv~kbQR8{i_I<=yrB-A#<fBpvqxQ~Nxn1*8dK40t?es%fQsVB7~BvP
zE}<&5qzY_gWuc~X|5LcX6BN=6)wFmD+0rTM>vO-SF<jEq;CSfg0IjDp`qUKKuXmn2
zK(n~U`O#~}A8wfWmgNtZbzkL!cjUFduhP9AS=TiN&&KuFY|A*{obEK<n3of|1*!dP
zVgPZIW}(!V-R;I(ip-v0Yf^_7m;x}Zcq=xV`;%ioxrwdZ{k=%;&MF$2T;z0M>*j26
zf$`sKj^pmM!}$~1*-Qt%@iScS{t0&EJQ`dU9Arl>#@0Q;FFkW1xWI6YB9bHLN-9ex
zRY=^gG+bBGqn{8G$_(RYNbndb(g?Mc?e9fzI4k44d6Vlu&e<H#zke*-b+&*1>*#~<
z?{CyKWS0^gkEszdtqxL@Iau|onS*~on;BBl|2q4;LTXSKFsR{X1R`i=P)1?#KRTwc
zkMjWe-gv(2yh6D<p2#^R9;7dTcNtzGu>J=+<=r3Woe#(tkW%Lp&Z$hcXw#yxA^a~|
z)cu#7*7(eg7vjw)R4>(Dqvy(R&=EJRQK$#wmeYeB#W?N9yBW9qTS}Z0SbE@SrRMV)
zehWu;FE{i0@yW_PBOU&V^Cyi{VSu}W;r@j0^oz_gsYou9O0!J*ky;y>JW{$Y;`iS&
zR%eLLsf&&$&g=1i{9`A`U^YGm8W)!Y5-Wno1RyX@0FZ4p9{U}MEu|#16GMtk%A2Ib
zSF#{S<#-yj7m2+?XC|l%_>kN($@BI1J;;a1EmI^xz^>nH-fq>Kl~S)I`u&XL)T=-h
zx#d>p+tuzu{c4#3!iOgr<W8Nw$XKsda=Ai1Mi}4Y|KM^>lQeI=J`cO4`5meAF5ZfC
z&j*>)LC}x?fBSRAb^Gg2DqNb*D~%`&w{YnkhYmSmySu{;<pSD(+UO)0^C|o{p)>Zp
zs>DUGWVaQVX~nwt(SLzMy4dj@elV?m7w0f|w<!T4tqDJvFBLgiGx{i>GiP)$ZepnX
zFTxt0a4!GyOGARM=1CpUqse|}&!fBb0v(uK;hf)?N4x8tU2U3sZ#`dN&RsFV&`C~C
z<klaZ)uTaf7wHI>B;HasI??ZFbz)J99%h`EY}|;t^k3$rBq5m|6#p8zOMg9I>+UST
zY?nAIBx8{47I%Qvw2>EUPIM;^E;18899m{IeaUOUIJ0-rhe-0Uh}1g2G$~Q3v*ya#
zjOd+WfNMPuExWB%enXk`w2pBehXh|c_?oRa%KoOM+8VLkPP8JZ@2qOrl^gsJzH1lo
z?;Y=K?tjJ&t}&K-Lq8<Ct<BUO{{w>3*0HsN$NK9F*)4OdyVVO^wOC?FZ>^KFowb6O
zqm1D)0x-KMHG$k`2UU7iaroMgIn<3_Ynx-k8-v0qI<(t=8{Yr3E{6AC(G@&FzgOUj
zi%UJud5yD~fSU1NGr8t~p4rY${~6mf4RvfaD}E!QMdl9e&fkSPg69wa)65@HGdbxx
ze+Hw9+^N6b{1w3Kw4c8(fxPAqA1}*l`iwWgcQ=eMZd`ZH;-MMbOmgyGmb3UBh};cF
z_nkAAqDbla8u#7vb$Hf%S$BLu3#mE#9rov~W48tpdBxV<@6!bxr71``W}lipUGmFL
zI1e#14Cc<u$R3VO`>11%KPS9l+PZHNYZ8siJ0Lb!zlmnZs(CZ~`m~P{7?pP{l)l!g
zUaoJ;!^@|wODx!t*wK<xsnpl28s>-SRE|~iy3X<!PFpVPe^un}QM4f5qtMxm@PdvD
z1`B<1<E{?%Kh~+EwvJ@Tq4yj|2z|^?_gYsO^m5FaNafkzh^(eL<khHN{RQF+jBifU
zGAq=?Gg86EVTE4dXZfc2ofyDev?In*%0b3ON6RgGB!q|Og^x3R2won)T2=M9*#M~B
zY=?U8ad8)_gclFEJMu1ryZ_zU;O=n+F76h(xZCYGF!m~j+lvOuH+fCevk8kAyYyg@
z;l+L}8qV%rvMAwu10j@?UM*|=$wOIkr^`w9tu4O7pnr7erNh*$Z*=UyocX2XaH>j#
z`YArI!yO!BK05WfZ5pq=oLA{jDpR5J?WOMOS+dZqo+r)M^zJo&h6{14r5y?da~H)f
z13uaDHK(hi!QyVU(TVJ6BiPt=r-fsMdNYI&5r{XC0V{_ctuE&HN_FvAr177eC@&S)
zM&D^Dz~lG6&H_<ptiBm8v_vowBQ?n!ViEzk<0gqj2r-<9cKW?6pKxBVhs`Fd>rBmA
zGTbt1i~X`$7otj6{I3Omz9)PK*fcGg`=M$MFUly<!{)RBlso@HWiK+>-yh*+Uu3d_
z2i<Sh%yYSCYh|I20E+QanPe2LvXy%$sXe>|@vLXU_xahHVNUUBLmFCtCC<*%77KKl
zq?0HTMB^Z&bX8=5)=y33uX5T*_>QAtbLNoEk>&`L*M*eul4?aiI?(%g8*-jlxVue;
zk>?Q0tTBmF@q1mRgr63j!w+Y<XqmWa8k^IFw0JP#3z&W;i@DPh9s0>n4Yq&N(O~;m
zd5jrKUFe2sI06)m52hdcEc%#Rw8bsDD!b^%#|SYw58zUY(7*O1;+HyymwKrT&zVH;
z;%7Tul4)+vpD5=*XPd!(Q-08vPMV1|&Wg9bO~i|xcha9kga-HI`1XOy>GIyc!`)Ep
zy=8&cKpOcCf2NItU}MkMxKQuJYAqbiG93`eUZ&d1qC?v*HNaWZ!2o9~19i8tV+7Y+
zGs4t@eCUlm;63rHO|#C)rjs*RHbvr9EF-A)<P>aC?EcA!wp0CyeiLbQQDz4#*#e9#
ze4xqR!;TD#{oLd(Nc5{x?kxUgg4y|A*h+8Gmgjr)YBk*fRYVp1g!Fz%yYqjOR=&xa
z(<qijdQ@|9bR;6yg#+wjOYF8rz3HEwJTz_2PMZ|C#pC~NNjUJbm>T{~l{lOs6W6l3
zk%`&a(lB7+<V?L}0)!MQ`(5&IOQGapnG4u|@)tp8YnvRa>1qb)+7~#&bV{ay!D@Vi
zEvPp7><k8z23SO|R?}j>QO_;OdUR)v0hYJ}0ZTEuIom#q*W_vcwnn|_AHbTeN1J(=
zl>ZU1_6wqvJZs?d$d%s@pVuv;FYr#|M}GZ|+rO3S9RKL?T0Pp#!=(JDdt7bya5JB9
zB`JByi%<~xb+g<4i)x&I^k}IbZRTN8{?k1YPoe&NMNE`rf07t94I*bS=u8&C{xC?3
zqqR{y7LT8~59-p}I6YipFnx<G0{qQ{q6D#yqWa`Y4Bg0yR;P?`72zc^Nu`%$=vuxg
z@_Iq#^lJ<&-6A7)wEKH|4%A_+P>Kc}M{CY)M?s*km73r$*F*XJSVHvD$!+o}D27H9
z8c4d+GA^Sz52-`PnGzYz{g>O^t8R10XE%2s%_+df4rid6+Xn08{G4jFJf_p}Rzq2G
zW4CH}=X)QXCRb~t8qAG7Vwf#YbJfg=yZE(Em!mUSm;&c-O1;?GW}32-TCQRc9@76o
zcIt;rMEppn&7{UVn49h}Gkv8VKBIapDo7^$nFJB&$6hkL(XUJ)B&Xa(2)F${9&T{~
zVRk&75=aU02W$>uhIa(Gl`8tAXhoKkaU6NtOBsid=1CcKP?iE-;mq$62m;ZkX7Lcf
zTqk(r<za>LK%PM4p6`=0W+decd+?ZlPrmpIt)}FQKNHmo`NB?gwC;Wg4Z6g(5|=fE
zXzqP>M<$LliL8jWOuLzQhe|7Sud0krE{RO>BgOh*W{x=1<G{aSIN{c+h6Q7_D6G)M
zqMa!Aru0-9eoV;8IoAA`M1q{53iOQEyP<O=B?Q8qs@l#f$XWjT)A!pmt7!@qt9K7y
z2R>fSOS;W1H2ocIqHj>M>YtoTCoGUDr0T^Y-VM(iUZ=ws?{lWl$P};e_32zTFz$pQ
zj=N!>!mZ8_Obj9<6PRZ=7-=;;EbuYm4yMRqw2YFNSEsAu>f%0ff|LZVPnCSq`vczl
zNbmg#?_JQ-_j%qsT1E5zs`uXDy}$3h&+y(idhfG%r|EBa#SS)`H#uhK=&3;vI$1_x
zG{5lB&h_&k9{4>^aF3&uncR#fV<IHwz&*WC2`OWDMvdA`N;j+NEn0}Z%^%`V56k4F
zG71}`kmhRo)kY9&w;n=UAsR9X(XDGF2Mley*-*aR-G=h5{u=KiSknovAl4{Ow+OG6
zB<_TF#1B9dnw(RFxo%K;5c62VoN6ksr(>GRra=%P;_vUTpP3_*zH%8El~!VSG9&4g
zI6)8xHeVDXi_Q0DANzJtF_zo|D_(FAn@|Vx5*=k233(YYDKaNfd7pkd5J2b40AkM2
zoJt%hP7=}39usPoCy77UU)`v%2RAm8r@o7QdSod-f|iPrEhnCD^2u9S@76(LpiB`E
zZ<J<vEXO@v{m4y+WmB!-0V#?VM4zz5S$9=>mPD>@XQ;K&hg~ltye%|}oFEQQCfd@4
z{{pA5-b*cKM{*HV0l-Mv16Qv~eF1jdTr~v?4x)1$+e*W1>W~6Dr9V*xAKQ^0IA9s?
zs%Mm=KBj_^QH5C5_Dc(-1=->}@N;ZuFXXbPTTK$Q<rm`ibo6YwKDevb+%UM#IgiQ|
z-w(m|Ju76Ht?*MV0V9Q)>03!1-t>jdX|xB-X%kK3Qa%O38)xUn4;7FLnM@_g(%j5b
z|H_-y<UjPrN&A)u9eyMkPgGF%%;4Q>(g|7^gj|TH7=+sJr$E7K`j%ql&EUX2+BnKr
zp_=*)(P~&5(;=j?H%-9wXcn@wges<ElakLEO>)uq5}4wUi)td+n{BIltI1C26#=Rv
z)2Yy7(xDdUL->vORjQ1!6Zw#~=c?I+?^hfLlkhy!>Jcg~Bwd3YE7bMtg`H!9hAcwL
z{|zqlt%TngNZsCPKjejG5uTke)J_Idzo?1rbd698_mXq^l;xs^ogH5!5`4>J0JC|o
z3g2l6AZR^HuT~Fp7rD@UhWAdD#!0`ydp87@@0Gk;CBHNWSgaBpn9chG#?^p&F1?jM
zKe~oL=Z@jeS+xOF<W-ULiUN^Csv<WPh<b(3<?*A!s_>1di!b#D+RiGWF$0B)K=`b(
z<Z4s-3P97RDtwkeR7SU($%sFUaI8`qX+u44R>YI0_ju`Mh5mvbF5w$bQtW<yYGwi~
zyx2x@Y}V*_Vqk7;7r$K{X$EopThI{4Prfw7@y+d7#BqF)D`vN5!1<vt1fnBK-x`e4
zr=?&W`CQTQi~))r!I@W!mG@|;zPDF_I<yp5coRA*-iv%VdF2@kfMoBwM_rRPnvHJG
zY|b*67BuT6&iNC0?VhUnXVfgd?AY0c{W{3B;B+&O^!hjQx!pJ{M?PR93amL7V@Z;T
z?!IBb4CfV3mlzox`q#+@1btl)Z1@Tggx9&d!xe`lc}m&a*m}kI&3?+X{5u02Po6UN
zXYqG?xCuQ-AcGxFcm>%ZLrAJEsDa~sNt6z%2m8Cyi4>>wBq7@#=N@B2$jZ07@ijIZ
z`ZdMSuellYYh<CM3c9kDAr;7oJATFm_Oy*_P2wIwt;pPW%{@kgz>(xurXN~(Qdw<8
zqqg83ekXjT%0qvSGE6co{9L6ImMP);a3G(;@329wC28~`R~w|y&evU&kfFH(XUrCD
zx@(-7Pa4?VX5f~d4o@Fw^z8(5$66vj7;A|rSCW#Y2$_`S5V8ts{gOHdf}SBpL&feC
zInhRPF)4w_eY1GwwjL|QX)@U2`FamT?tGNTOR|k{N!A@Qj-1QI3_Jiw(m0a2U(_KX
zVjo#mJNVWwWFJ|GedKjxA8ElpvK#wIjWtJy+k-{%P9~lnUe`|U4WsSI%rBa$HvU`r
zU#9jS9PPgt8;FE8ZGrIey3%!Z)|o5q@Y1by*3<Wz$$Y<d@JBZt#unnNp#sf-tE~ZF
z+MF>txvcp1r@;FwGK8ETMW<ZR(rP(5Q#UdBdV}Uky|JdG3h@wVZV<Wfpc#4w*2UTR
zqog300oIVNF}1^eiX}H{b%ZCG)zR^DLm*~mu8tACTpUo8xx%EbI(8X>+nfie+e{K<
zsjAh?S#IoXURcKxq|~udC>ZesIp62e2nC}1G9*5Hhg186!J|RuTedt!JmQ*gtBXYC
zn;Pb`Dgj^k>ndyJl7{)z2|ICWXj$-NLbV-sjXF<6F()#PgKqo)v1*Ge!b@$driCb&
zm=KcDH*aQlVTJfrLA)Ee28x|!7c8!xzNzKYp40xB`1<Qab>FW{h3?iLjycZ|O50Q%
zJXYiy2aZ&gB>NFs+*8T;v^r<~4EDAM?cm})(0s-0PWOtP0emqFRjs$OPIK6xdsXdd
z&0$BzkDF8~FBl30hwYo?vYv*Txz!ao*Nz3IbErmhu$n3Yk(=O7wg>yMUGz%$Zac|@
zC_N<MyM-lgBFGI5c0u<{_)eCU%N$uP5QBCmBGcUh=eEn@3C7T?$`~QQ>6WL8C`T6y
z0a%Fu0U86$K-8E*^}8~;&c(58Wk6Pwm{L&lJaI(Hg?<fbOhX?5LX7K9o*KnO(ji<Y
zlh^ZdpQOWTQq4Q6ri~S&2Z3$%6r+pQy^v=~*e(iB=u;aWOLrD18}Yw%j_^uINV|3S
z+&7%0x|P=3xg9?N_hMF_x@=aScHv5bFl6~2TaB_=iPut?MXcghNZr9+7Cf@NS=Ws;
zNkXq`+1$OV@w0-e#@9MjhqoG^N74#O%N-ug+n#8S89QEvwa3HK@12>Cf6C05IsP$6
zUt<p&SkP1FG^Pw#e|%~h)}fgq1D_KJ&A9XS$pCjqx1wkoD>Zdx{OAL>SOGn_*(|B<
zzusu*!N$!l!%*h#mxBu7IUb@-XEgoDghSI#DufLMqnQC~W-|i<5=_O_1>xb^oHL_9
zJ7egSW?kK=YBflZ8w>H`Zb4$5oGE!It>_X)G}B4_GFYc>o*Xb_t2S=Bd3>sy-Bt2#
zD{J#QktH1O?dgchoSbTSm#)rBjK!G51WxDi2RjlWlRPjo59;?Z&i%;@E`=G~fONdY
zxkDdIoLiC~#X6aD5tYuB<VXdG^*cqhBRV+tuZGqIObL&l$kNZ_6_nmFwQ`axDYcNM
zLsOXCPCE3TTu3uWb9c<-68aq}fyjKV09-As(7}c<+$ju=PU_75Wt<6MOV~4i>+YF-
z6x}c<(AEOs!J#0vztuIpr~Pu%xr4{8(0;ju{c=Mf(GqA}#D4j$yI;Pkb4~rsepyEp
z8m)%E(AL?Jc`KT!)lMu6B$_K5T06(@CiL?PoC|*8x0)Kr0tLh~Uj>$$0yEtLoQp`T
zaCiFJ(q_A{c~9l`w$8x{c9iXnpLNFJTOO^_za@A5vm-MXs;$~+-WfDzCx}*wq_Wm7
z-DOi-<Ic|39k;89%OoJ{nC#XI(=~oxm#Xyt#p_H{GlwO1*58qAJ+V~c7(0?S0JYEB
zD-w43B?hw_Us&APdHN=IW%@<qAhkjH>f<!Xow=sZgLhBv!BMpMQJMUW9XZ2#;l3A5
zoqNWgZf1A#1`5AT=$c#K9!pDavvz9V9vi!hOfKsY$$wtQ=Y?(hH`Q)hYBhy`a68r`
z?WW>JqOls|)WLPl?N+t!3P=yGmhE+~!Tsw-4Gy7BF$79<9tv?B2_cZUTdXUjnXs=l
znMhnhGW?#9*lY&J>qq3CW_l0^-)(R`u{02NGqmwhJnuy(SaK||T$hIh+tVXn#Ln1m
z#L}X*8*xqfc5kS6_<)R7@y~w(=_~MF{)xoJdc0AUC3&t%Qf7zhGI=g<VTP_WDyuQY
zelcAoP_JHB8tQezdPBV)#FnqQ_q#-PC9HS+GG{PVnT^qq$U9Y6ZtQ2gI7fP4M$j9W
zFZau7>RQxy+z$K#r1PhhE3WXOU3U7E#J+Cg>6Jvg>|T)M$qaYD`7#J(SLd$>c&SMa
z?!H?fXuX_!lIaFjoib9z!%ct4(6#H$*EH!c_R|ddHf^JL^=h!8R(D^P8BMv-L41Xb
zpu<59-;v?h@^BYKd-eHu#2oATEGmgD&X|kMb`-szIs(zASv=&TQ;{cRaS`VoeTqcY
zneT9_^5}C?e_lKId;D|S`BU8pNpbzDW*NK&&5eUjXX|b}Z2%h=QOswi5+=M;d*;g>
zOU|fx0tG`#gC4vp5WPv-^JjA*0DjQ>!(%;d^ReK2`7-vc7a{e=X(mIFx{r3A%^ga<
zhI$Wb_W`xgdsdTt>0`UKTSO=NjdL=yr6Y<B<Yr3xps5M*QwNi#>j}T$|H3L1C)6Z+
zmNbvhG^?<{I(VrY*l{M>AI1~qptVX!&F7pllE&SHoM0)SGKYvVx=aDs=1RH0_X%E`
z@YOTW_!Wvg^=m4DL+PqOQ!*%wr&|STURE_e_*p8Uzw&{ixEuzL!8ror3Z>QHa$@4J
z6TWLp_oH;CVFplPRJXmv`c;TP6*|v-LD_d%bmkRUh2Ee#!g&^$9kx|3jZ>4+s(l|&
zKkt56`p4aTMF`hIxwQ5-(eDLvsbeGq7!R~&+-ToW%(<tIA{B=AL;7pI@hpKn%B#{H
z;=TPX(aVAkNuj_2x?I^X{bg0F>9C^{3hYRw;hFq~c)nmh)%dmXOtK1V(Ad=#YQDzG
zHD;uZO0Pj#Fmy=!r+uf)*~&=7JR!l}t~r}U4zF`_CB7tlPjVhD5I!PlhY|cnY9dD^
zJ$sjwKqyI=;6;8OoA5nDQu%x7>9(4>1Ljyge-geWOdreE<Bwyj(QG}N8}BCiGtwEE
z57NH}1%k~dY^1iyGUsaU>q%E8ef(e=&>moB&h@;ia6Z|}Sm=m92R&lsHYfv%{?ll4
zuW91E4hSGXp`O+mXI!r?GgSNjj||oR-DfV<9_do;L-R#E^*>LQHPZPj)TjKtcz+Ur
z$N;vzB1d>^lwVpK(yZK&OdyLUypJ=3bAu`UScOwQhF3JUL}b_K&m5eW11v0Omub-S
zl8>SHkao?aH%`GN7p<6j-`G~*^raUf*Y7@H$n`=~tYKJ(dVIN_KUdsTHF%Q<7RbCg
zq!{OsY<b+J-^u$z(Cd6Fy;URtTCG>0<v;%c=tTz5`7!MNjo)^_c{luiOc#N>9Rhl&
zp&ux2V5EX)r7&D%q^jZNvEWutu)pDmT$^8Banj^hz^9xlbbP_ybu75}A^L5F7E(m-
zG0CR7Lbob%svZ6)!!CzQsth@HUyn-4MV@vC+6WK>)q@H6pRF!%{m;;2=ihlS=o!w-
zxY?cM=~weAGC@T$T+^Z+Ny9%N|9m$fib$MQN(J8Xa7!>>woR^k?sL7;?400jQjyyh
z9%-Yr>{xraZqCUc3Z3&D(tbg&&00NO!wa`&6i7Lw9jNR@w8^>GWcI^N_Qkc~G6wW1
zC>o&G1y#~D__z=<HlOUqvrLmRN*%1IioERln7!=!n6>#mfUP5MKo&o)NP<-}dQHTK
zgzu4~32Gl+lJFISC+P)>(!Qo?Q>|6AwmQt}otmr%lTJ=mYbUef@U=dJni9U3C>lT6
zow#8fYGF@Hn%=fky)nI=YpB2iUaKR1?#}fG8ei?8&@H`mlF5+DU>CSD;-69*_g?P3
zd^5b=PTamB5ucjj>UM+@u1okXrGfM)3<gAp?yfMayypjIl^^gSs~mN)apgKC7tZXI
zgs=a;$}M!ut$yE>i&H#RZcmOUYDxw6=fC5)_7mr{4qh4{bE5CE#?Ny4C)1SgX5~A{
z>6uE44mxlxb+eQ=KZS!^sk4LbxK5p9|4IDIMBE3R)^tHfDx4Q@<cwEGPwbuI{O(Vz
zQyAIT?-w0t$FI5m^22bFFG$kt9t@IqtZ?#?FT_Va!P&~uPzUHm27iZteE1b}m(Z8c
zhT7-?Er!Tl`fJo#)?L~Pv#p3$=(nV$J*;&%9GiK2_U&GhlkD4SgOlISzJ<uASj$O&
z_<xUoyNMO-@^24j`c_xak=k%^@qEL&;rr0eFV>YaMx0C7Qs{1xPS1>%GjvH64tyTd
zR?12ZF9E&lYq)=tB@*E-)sOvl<0~EFKezt@xik#iew+A_oE1NT^^ez9p_}u|pt?Q0
zI^iojBB|`VJF8ZDQQswQmA|L%6et!_f4X3NoiPeWh7>z*#YB<cL5$1v-&Z@`YWKxY
zhbFQvMLJxejV<w<pP0qcwAvtjCm}t8jOW1LdCvxKOB51<qvJ0E&3ie+5=!?Fv%r~j
zlB*}FxX)}*ea+W)_?d-o*wYeH)tA<VU#*rU6T8c6PT)25?G3RhrGfBI3j%F;tiZjA
z#POTIx)TKR+X(o^9wUlk!-QQrh)@;YB>9gS21dW{qrCv~Z-}tr;=&&W8e3CwU#+Ll
zA?#}p6^`TwAwNk8uu1ODY#iOxtPHS4)|}xcUQZuBR7bAvLqIBg4a!&HFLIcn@-ia(
zrwm)5<D=Dvn+eB6XQPLj&r|x<g^v+`gGuo`cGdF=18pNj_aW{h{4jsra_UFKk4yM|
z0}7-G86T6QH`hmvIMQ&6WX=vc`+`=u%nbyI^CaN*zK}OC(>t8&&XKswPLg(QD0Hq`
z4+I()SEM;xksjw6FbBYlR^3U_cs*$2Ty=)0hs56^4V%y>e3K(v3H5h_k!SlF`qjk-
ztIp$I4Sd;b535RCM(gRXA>Kzjhf<xy<7$><>u`?upUw}X9uiYBWUEjt-p@m_66bV=
zD4xhK+F0bw3v#x#tMmLf8JJk;w4Uf<;*-BNnD|@s)$<3A9N93nAjkNSPK6G7W2--^
zo#wz*8%*wiB{IBbbZp?+7)vG&RafiZY#m;Ziyyz}r|4~EXuGMd?1xwPX@KhdS=Di5
zDVrWo+c+Ul_y>0(c^kBOEf9V)5dLzX=U?_MTI<|P@BrK>L<@3kLkryNW&%-H0FZP&
z7EDi)=S@ONoQ5Rpe5ZKbo<0Y^(?1OYc38%FCF_nRGmoh=ODtbzH07k$Sv?|c<bJ7W
za!`L@P#JD&MZp_6P$?msL1V@BXm&lz6d2}-DGA-}F7Gk)ASZr7TI9~K2z_s}#irQ@
zieF@kVtpY{wCaauhyeqZgz@16g0)r1;e*1FoLC_2DBl$B6w!sJt0(z_I}mELWrm7f
z`CHx#Yn4Irw;Leani(>F5|SInO0=78$j~*#dCuP}jjnAh?6eC|JO=EDtBFA*5-aZy
z2ILf@Mw1*tLR5(~btp&Xuz4oJTf+C5KCr0qW!O^HxSoT9`6n;woOAZ&-CiUHPU53>
z-ww(AX3eQ7j1{9Bkv;2j2*63!3)RJ!Nxm<`Ci_IO1bhN!2hX9o*+3`Z`|Tm(LfdrW
z;DO$mgwL}I5re5MSNrL+xtdJ~%SaI}EA;z(p#C6#A~TC0rK)M`hJF22V%qZNoURBX
zM5)ohtdJh6s*v+f7C${t9V4GyzEIMOASwOGi#(wxd16V6a_T!oFiN_>&k#o>MHh&w
zztBryT0-0|E7YHo8dVp=F)u*?ft;6lvV57-r-}vuwL^#K(HJ^wv-0$6M{K_dnnevs
zOku{G^$K>VYf`GY&nMiFo>4G>orl=0wU{)wM2$&vED=H9r$VS=dH~$IVQ>M(toEsY
z`RKB+p^8vCiZkFwa{a2v#RO^Z+1WrTD|8aSg%aur=b4lv8zuaUGEhR`ZQrok1Wa3*
zUc)G1+GKM8ZX`rX?3PdccH=)gq@i{XoikALdT<(Q0wH^u^T9ACT0YB~{7Kr*D<wyb
zm6ii-I@~dKeRpv{vsTh$`5bY0P5Su~BkKH$MrC~b1BkS*jshIbXTsMzt9QbLGG?re
zp1XpIk;D~<NMN)=&zd1UN1@oG%99PFZ(1^7#L}=(deF6&Eq>?S&R-{nbhDboD?liO
zzx^8cZ8f#=*N$=%22V4~UkG~(oQvNO0LBy-kzJUhD2U24RL-(iND5IPQ^HrQqQ>)+
zhx|x4>Ip8*;#nJc!t(@u&Ny$Wp^?C3u0AGwf9Q$Z*Brt(8Vt?o1KtH(`c>`q)H#fc
zlSSXwQc5h^h4L^}rwB=DH9gJ`_Nh4H^3_R$z3F*O+DJPb<B9`+<E|3xt_1CvTSC`0
z1JcX8{Wq})6Ccgajp?qVw4p-t?yn6`qB5zdP;8Fi!0XNqE~eZengUmBg?_@1+GsuM
zz1#Tj3in)duVNi&PaSM7U~$6PBzy_*Ehc+}TqFw_%xr1~f|KOiHH+UuFDR|M_(X9t
z0CfX*ZDjVM#JXbzJu|&%<%jMz7NSm3SM12O>Ix^U?Ti!FQ_W)J7Ebhm>dHMTX7J76
zSg?nSaNwHsU+0r0d({q8d5DTxwXUBTSFn{TbsyN%`}IVkn#s?^oT_Qx3U|!ZSWSOq
z$n60g-eN$^J#Zp+SP>5`-(=#j{*8C^eMw>*>=Ex>{$BZ}RD!FaL%;O_>SXe{d!%+5
zVs;?F^hFj;=~?SldFB!GaY~rBSe#D=Kbpqum71Ll%x*Sa54o5P)Umy#(R(X!_0W5s
zW#x#-8^6quxu;B%R9FYVv^6FzwJ=QH2Hmud($dOdy34;vRM05Y$=kqv8Mu#OW7C--
zPF9=kdnaGS$LiRS{2wTh^najjBZLfMcWm$f&{kPUL9Q+?!g}d${o})SZ!N`jq))dG
z!zIFy0lXyq0lJ$b#D(-h;}$x#r|jh#@w@ko436?ZUU`4G%upG@jqw@`Z|3)27@h&E
z83#h9$;<vYLs?4<!3`BR@KQ?$WUv;P&E^?BzQpO|LRpCZCR_c(#d4}(&Q#h^%kc04
zT3QXfbMI3hJ9<lnnHQXM5^us}ymdq8oHHYNvpin|vuATt6ohATVRiUwf(1YZNhk|9
zir8s+6d7V3EGXZU@Ero}O5vXyEldb0E$ckg4Y9}BKxX%g-L;#?(Xj?SieoqHaaimI
zJ&uZ9tw&*OoE`_pF43cJ>_>VW5IawgyqK*=NvukbZn4w!=n^|wkKVBXdKAU_>Cqu}
zgdSGx5Is7^3iaq5>!Qbzu?~9lh<&|_M``R!J$l79>5(7%Ob=gdjUL@&@95Df_PQQD
zW6SmE8e61CL2RBLN5r1j!ykK6kAq`>)#I4hEIkg2{Z5ZVV!zU(Pb{Lx;jxe&{bRT3
zacJyD9uf@N5W!+S0Fo0eLqrI-RW<BTB)gDd3uTZ=ZowsDn$|J})zdvDGdi^JY$N0y
zyW9wQzg{8L!Az6MmGhQuLe8sA7F4)o!~H~uzU{hx^l%HFxmUp%DtM4I@fpq}$E{0B
zdIXoSz2Fj^o>5Q<2&&VKU$HNQBjH6c9arXwS@Acw;p|cE+`Tzj7&O)}oB@}zF19%J
ze2@J@30Ehx#GY_VyNpP21dT^El>ruSWmQqs7~x3`upS9@fu>dPyy<B-*2Pqw@d<7Z
z4pI-s@LMEWD<@9;BXcmS%sJJeazN|7mgu#&^AW>OX;;delYWO9@i1jdvXgkGQkQ_~
z<Zm<{)MMyIo>TM+9z2^;8pDy!3&W|<z5m!7_7Xp?GnR9EvI+bM+`v^5Tb%VZ9e~>!
zXJW{R&!bGPeaNRqBO{lW{e@)s5wx(q!thMe(h9?YyaCd7hxD6<kerlAUuS^dAClpJ
zY44qw(ihIk)E9ojME!tR3<nd+tq$%Ph2f^)cu!$?TT)@Tvs;o64joB-Y#8ynOsTVD
zn>j6)b@Hj5UeaoM11Jc$9v{qF#WxEc1kT94kgb|sstEp*DJD$_i*JIoBWJJzL@Y~k
z*mfc5Wp+5DF?IGjsmk7_gYj`*2AN1GjBgeUh8m3yJ!>5lUc|gA@iw%(z#Nd!4xsO(
z1tMqRMSm`2ngw8o53<9J${mi}&tJ7-l$O`iimSBjs<m3+`0-g{uNM|&?DYxXj03V{
z!OSk3^1<f#Qh}oERHM&mhdZIg5*GkOi8gO(p(fTC0`=GuL!f#tb#<Gb7V5Z|R+;|C
z(n5wq=k!h+%O$CAFK}+I<h7UcUmG%(V~NvvxT|71XPQ|f1I^d*Gi2pDM84|;Yl6!`
zyk=6`68(P3n3QZ3ZzydsdwtH7W}ok_s0pv|Tr2)*1Q<KK&6X<uuL5V5D*j6L;Pxx)
z0@A#drHetUdBv`-IjD_3KZ}RhlUh;(kxqsm84u*`@Aag}I<J$|$N$^s5qHymYK`3o
zu9@?QM5j@Q>~LOMCBN@$D4!+hWmP1vcqoG8emra8-MSU)Fw=U+r>JP|*fr>lkdx$~
zm;9hXC*!Fl$NRnUcrIuc-{n%%Oj5rUc$pq#n+4hr(`qUsk2=4U&c}|{OC)HVPC8k4
z_cz~Q`sOqK@3^h=mz1rI3@EOPTmdoq#0n{nBBz5eVB9J}YO|*h8&{B`N!OA?6r>yK
zs{(q7QTBFOKCIAYUINh@GmReuRBn+`qg7HayjfRLW4W!*3BOAjG$#dk8!i}PMvn+?
z0>D<ozIBsE;P#G&6At!B_#W>pn_x)*Wk3LB0A-;P*a6R>0bNaONX8kwu;dT4nsQBr
z^5odCl5JNz{11ZZGBOILL4vQv=J8@istBYSEtRH5+td@l2BK&A&6x0|;Wc(Ne^h*l
z0+F>}OQGj*2b0RXNLvJScW8c<p)|u<45e{eT}o5r@<A=1Y)Hhkknyu1zy*VkADr<0
z#r>HY@;SgI2^0<86{onrRHszH|0Dq!QtYfHsW$Ai)7^`dWp!#2j$#}r|68-^)YaLY
z8bGHE=@UhU_PxI_gZ33Vx1o%WpXhNWMb6ztunm4^#HSggu*jLB)SgaxDiwfLQ&23#
zfLjfD^qFt_@<&Mdla+Y>WSB^j{$yJL7Gi`r9O$_O^|kI#+urMB_P+Js<~mEyNh-J8
zY!~fqlc!1Hfz3raB1Bf`#P``IGyOHw^x@yLPp19L{-AA2&YemBvJWAMX6tg7`aaHQ
zdjp!qfHM5cD)#m-yFJfy1Skd5{}=vcr_hr8%Z{U(*bYchrhi#A`qKt?UV0%Ng!q~1
zUsklYe_6rz`Io&_ij@8R{$&-C0ec0nN%(vWG(IlFzpO*rzbvm91~chiCNo~ry^NF1
zzFf!|s0A@77BTSL%MOH2Wt!nqC(~W`vNE#>jeA*{ypjr>i(aLyl$_>O?q#o2UCO;|
zv0gIV%R~n~_p-;_eEV`Q8$~X4jDE3z)9z&zy5%Lqy$tGVOCeAK`-O|y;0_|~=u@%y
z%f*ago{)orbx3gsopD?5Oh4B3FJmhJ^Nr3V?O!HuMedC>pKAQ#qkf=&S&1{_J*|1;
zUv`UBgtMr`^)D-t3i|wnd|AH3xoiR*7q>bg?Ob*dNv?C5JJ&=}0LZbM_>=HWVDi$l
z6#D?aFYR2m?L&m1Z0E8P=fL^&kQO||LAmxmbwFl~b6J5)Ys;LwmID~0W5{qW8$z3V
zd#9MiD=3YW0$9#vxu+X)dpehAVDs$7Rv=5d=Un#khe>WT<p*}Q>1e!|1SYGPc`S5J
zSuH9|3i!r^9g=({Lp2$CIfGvIGPu&|TZ4G@r>b1v({nBR(;78r`pCzmYZ<(0%C(H&
zxR$kkpp9&YbNh{kT3>03?QM@V;s9fv62K)tZHjE~<!jy508MSronAv)>d3j(bP2CU
z#b9IvWC>x5c(p6|kmS{_FpJ}RjgeXB9bA7A`}^W2wvWe`#h>1v!JpP)X3_+w!}0Aq
zUPjLWVo-nRY5U-@W;1dfXEp2%8N*&E3j0HBu$8b%N&lEzztjF2yreyUN*gJD{K0H-
zbolp0;W&oQ>ZI@y$H7${$_vIO!_U{i(D%_hi=l|c=CZ2$2G~b{pcbJSy-7{dN7`?N
z@-_IzB{Jcr+12O2J<tuy@e95(8F|pfULXt&r^-&ULhHd7J6fL+q2yKyB3u}TwS}^j
zD^xkip0SnTKMMCsoHyKfZ6xXe(o@Y+#nJqRweF4KkGij=I-5kkGC4U`&=R^_);&){
zooDIE=Srp8=5rKHkNL{c59gs0*TqmNp7{#1ZmJM@8}x$cUFP(^PTp~DN{$tJnA)WD
zRtDXBIYUpp4l7MPD4ScMVxHS!$6fSNBz&3RD7V9Q<x<Xv_o`44RV93{?eq#gLLnV@
zPP7>RL*ErIY0M+tn0Vm>+FZ;KZJd-78B#3s#P7c$3kiOskhPko(b?D?{P{O=O8ytZ
zspTc$)YH6pOnNVVW>0fdZ%8r59<lI+`kJ0htLbFE#g0`5>N=2+ZTliJp+9`B41iiL
zET}q$o-@c$?WX4q)xJ?TA3?Rf({i2Pg>(NMEhT(k5}YKx=SZF6g2XWPGO<lpe|q6S
zs+cBCo9a7OMGn?xs5ujQOsK-NDwPMwEjLasQ~bQ@#T?d5!gm*Q$9f)(-_U-ViH{_%
z$$q}2CqdKFk?<+7Dcm20Ljb&h^UNZ2jwm44B<;taJBc|ucTz*gm_K%1Y{F=RKB9hl
z?oIDM^p=`l)%=)J0C|z&f{ZSw$hnZ(4KI;SEO3S?aoS>S8yO0oq=1rw{fd(f?7KW?
zVBd3Y7VIN$qXhP6IDsDfDhb}j48mTgHwi|Bq4#2gCOCK1;V^lUky-}*We&BnwKd*}
ztK|{SFW<=!UCNwIEof+AiWZs3QNXD%GO*Zr`+1{H?L}pI&T?K-+Mpum>JxZPN<?MO
ztp^y1Xi#>w<CWUWIWjY~z$v4sWTK*pW|z%1U-$1HH*KR)-C&|DsS7Wbsgg6xoF6mt
z5tQ?};+4Xw|A8d5g9uzKi}sSxdIXQ8BqVj?50HdX@u~jj=W8AjdjhG4@5vB?WMle4
zLeL+IB?L`m1KH%sKewgN*WAt_Dnt4e2e`fb)48f`M8-y!C1<reUvmnLNdDPPHL)k5
zk#*6VQs-;rp*4k--G~2ftqpr8FIXUzdrLn1Iawp3;hwB{zmJi8l#mlFPZ17Se7_ye
zZL2aJhAU)!a<s+@Nzsz<9n3gm<^0rvk6ZaDNhm@UxZ#+SHer67lQsdX`Zb|aWrWIM
zgr%~@cD#vj0aYf}NBS7bWk;Z^ZrW~5AEAmFPa%QBF}b+sP%6wOQ^hB=zw`|`0avC@
z{C95FK@<}fDSZm1#QFJ(q?BNVI(ao$W{3&LZga^Cbrx|*+%;2U$`cVvokJO__$MyW
zGGSK6CVa<|gs9*Frb(`f@xBS)a7LCvu=fHa<H{E2#DCv8pLsq&n+PPJP~zN605A}_
z-90TN%TS>4_LLR-Dca!O&sMD?P2`g}r`4M#dx?HwawUAv61^ndpV(0}k``LdSS6uF
z6T^Z?o{1@OE`B<ZsKf8i9h+!yKk9PD7W$VITUNfzJOPvn&cp;D-{wrrh45f|bp{7d
z%4yP4V$0bl7$O{c(h%WCpv4(tOQ%(Pi7mgztAH~xy*#0V^DqB2BazfX{{^@{&fT*`
zJH0Gr&WWYG9^<`^bSgU;G38)qhpFD#Y96L*<Vi{^9DYejEABy<BAOOSUwM`2XeI%z
zbp6>CRHg_I;_w&pC*JjEMYDKY_}cWerYHPXZFmT-A!%1&G{@)R3+xKS`4hwqB~NEB
zqy)5bgz^8Cb7WOyVjufOv9|o1YDc;cHp~;=w=eS5^&;K3_wCjrIa9iYaSciM`fN2@
zJ-;6M;y`qP73R+9#uXjxNS2Q8Rg97ZXGh0}XSWw(I)@TX&Gm~hBqehPSH<5INWS$O
zr``VtJxGoqbO!x&p6e;6T?TSqQD|BHu^NP=jyk@@*p?E`ugRbk^mgzBx^AqTU**l3
zjsnOCMxmko2N)b_c*5YwvS(Zz@tnlht?+i%)XDh*=k9-Lt*>`Z$#ab*M@%p~U+34A
z)yXlBeav6gMO8$gnYM8!0Bu+>jlZlcT-<Z&!Yk^+OK>nU(&snw^zwVbX|k*%mqMc3
z%b#bHCi&BPno#~jc>x%EyTW4mOznX({`~+kY(Msq?}^_(pq)I%1u8V`*$eJ-b=&<J
za_p!1!T_$j<t1Z-yrq-7L5`ZwH0cy-yO{nM$6+;YBWj+p2fFTLavGd_g-g~@&Ex19
zXx!7m3VmioIHVeFUu)G+*!35ZG_;lXv{W=QS)Ykbwb}W@&k>R!Iwd()Q=G19qrfu{
zW(D}pG)|vzDzX(+Zg0&Eo)TIWJjrg{bx8dHu0GV=mUd@uC+xnswlf#V1@m7u&-Yrm
zOs*MIk0$=_loh8>HxzH6r~@zTk~ujqDuiCu(RYar8k$qdhIzoyoCb<CJwr-z*miis
zOF0GbiBCUhyd~*q2yGp(WcaZs;4|7A683^6{)=Lbfamdj5KjK-z05w;uu*#<QRp9N
zqC{LV>5nlM$W0|?;T-drSvbv4xeLd$Kt2Zl8e7W@1R_6$jbXE?72-9vl@Q(#4;jy5
z^9<r=n1HL;W!?u#0m3*&krO+S%=iWlkPCuB$H-??xDxCqbIK6He;`uyCjKGiWpHWy
zc4)9`RpYmWka>`L!fOoAj7O;)`O2tFu6`146TXYp<Puf$Jip*7Lffb~;oGvwt;)0A
zF#9+<H+`hue8wN*`J7X%0n7jBA54`&4+C%XKC}sn3;;YjjjT<w8f1Gw<w*C70p(j6
z<0~OeGmgG9>P3nNqHCNN4}vU60(Ikzs^Td$(TDd0{kEg?Om$Afp>${yDTH?O15e3|
z<9G$T*Nbw@)o*9_ENu@<*dBsJp9cC8^t1yfd<z(7?7w-%q-6%_p3v>(^rvPiSUor2
zB4>~f;?%TVJNE>usgWYFU#S`msOdckft?ww5Y>))Pu^#n_xz%juAV{r2Wp2F9g{HF
zLw_|PM$cgLG=)teKAVe^w5~`67-AnwoS{Wq609khvGEockDI(qXM=LlV6&c@7CVaj
z7B9}cOVBi=%YOiBONBkj0M!@)9XOPv%vuw9*m$@*kASY2;0@}?16K&QH~tJGsEdhg
z@6<n}T_w}=_!bZo&<N00=+7*egl{BCvHQ%=C?#beD-iNkke)P&nR!l5!-GZbrr}92
zLvizan~9LGE=rVH^vyU@7N|+4WK>#49p(H1Rkw_2(-v#DN%L!q<i<YP<)5pIuXm5B
zW0Mdk4Wc#k7d+qDQF!jEdFJ9`PCT8yxj8f{;2r=j@nAmOncxTR-J~!#uE~TSOcnlx
z-)^C61U$L%G99p8NgfcP`6O;cVAkGoUtfCsJMqF4YKIrT->8fx++0xOe7FriDb2Q{
zb)XS;WrT-XIO-Q@ghfC{Vhm1q1dZB@z7o$2@3q)N{E-lE5UtD`Lv(0?S@YdHJZy;E
zw!f+63yUYY#?QrV+VVZtZ<6yVLrO7*1<ompU<`>j*Q#p*0xZb5&t#ov=!5gyZ}6SE
zh7?c^zS#NeP~`j5y~>K5ow8ZhIZrS3nt((+axo>6Q4Wiox0K^J=bmH^ux=dW((i0~
zgbzsuwa~de-7U{iY5==sD#Iw}+9P;P#yBi-ZvVO?$g{&ai%lAa=0sD!Q(_*jzZBv9
znbu&}#+`Y=0~>ed*B=_0nwRKzg(8K>AOtGo3zFz}4GB80?ZzkkT5cp=aJ9*E{sCoa
zxTS!@*zkZRh@f|=o%b4>TgYa?q4Gxes=GK5fYhaDFEw3yz`#AtV<qp0^Ap*Rb3}II
z89BjvgtpH72Mb(^KeTt0`38uer&E0D6M74Myp(p*c~go+TRB;Z><mp_&KjdW?B4$o
z3Z}2r@DA9JGbhg3y+YzW_UOns{D!slq89r3>eS3_r{oz(f>H9Y=vE5D7~<?8DxIFr
zORdRIAWxs!It{+YdF~PoU-1^*`yW0wihyAH{s$tqq{T3iTRew{wtZ6o(so}n%b@T(
ze|Ay0z&$jayCm5TE2zME=z8z|2h);svgt+keJY|T4fCh*Hzzo>I{Z(g#&M6>5?F6Y
zG44KG4IdmLp+V#{;ro<+0_pk_yaRB1oYP-2t(v$X;s<Tc1lsN?$k<@`tru0+^k3={
z+z;87w8YV_5j$;lZTKT+>1fyyR(6>j=j;24zE@O-zi#|k=X*N;3MzSdxBJcc9tk>y
zvCl*sIAwvlNuIwwP+HbSADKZrRgoq=V9b7i56-<k_Nirh7sfTIW!gh!KS0aW&c1Vu
zxgYDh&zo^S79L#YZY=8#t_G#aq%RI0$;MVeEcDyd7acuwnP|ke_Fg$U5RCkSaAc_A
z(TyUr+015dz?FnJ5er;qv-&q)v_UI$vc3a;bS>Qo#$paNY0_eY#Yd(BzO?(g-yU&f
zRhu-ungxJkdFCZyPL@o4lf#h5)rNPaPFbvHpEjo~%4V2pPM)%e=WD91A-VM<0`uU=
z7?K8&|93Z=iw%M3Pw{HJiT|c@h+#)n;t*`s?r91RQOwm+*Y^B0KjIzh!r$1Dykdg)
z>8OSo-(6H(8@b%|L)vN@nC$u?c`WT3upO<F;b|3F8-8a1*>Ykywuq-4=(48pcklrm
zLSbYH-$`p^Ms8EfN76Dp%9QKGn!49@jKK#pyeCllp>=1R<^}gcyYw9bS=0{RI{8q|
z6N1r)%#(9Ihxx_k;CnHyxagedkO4**x<fM(i2f*1zMb_*{Dr#QF9V5J>vBIuzZ{#z
z$AoY5x-9CEJ+H>&J*I<z)o#pr6S$@t$tq-EkaUqq^M9?`{NEb_td=YA*xSxDTb1xR
z+s?GsR4v=lX$QJ?CZ$-V9?u64XeIz|LI^CDWrleY`kANmJideCm6Ql~Bljv9j`S*n
z(=0vN8&U?Riy)ug=I|>8R*=DIAT!9s>{TwcPxw{H-6t+d7BZJ2cm^lzFupJUq``Xz
zC-6zThlfvck>ZpcsCNwDhle}BRebrKxBteF;0(v+a4jL!ZGv7VB~Lr{Ah#0OY>lpv
ztL67Ft$TBP(zf2uNCn*~deN}OfKBJ=#n`Bd{82OOT-eW?yWs4s!7@ZIgGy>0i;jz_
z6|`b7)#;ziE$PSP@px0!Y<SaaglO{D8vy@n26-kau_JiXvQoHAWvvcRDU6>^{38NL
zq_?lwLzuHzfbjzYgVzK*Q8$4?<dasUvMk9Wk#ja%RJS@~ramB<q}gD<GxISL_Y1<;
zXpS}3v=mt&Hk&`3rf8;3PE)+3M{(>KJr0XKuE$ZahxI6o{ZWqtWB2LNH+GL62gIi9
zkr$h$M@j4#dUT6T)}u@88a;Z)uF#_>cBvj6Vi)US#YXDUF&5CHbL>n#j*OkIM~~P*
zJxXK8>(MLLUyuCQk$U)IMS66P_0XeJtg9Y9V;%MA8v6!LmeUkp>2XACvmXA~dOZ$~
zt<~e0*t>ch6kDaoA+cBV=o4G4$KkP;_2?g)qsO5!Zdo=`KRfR@h<$YEjv^!Vm;cUi
z6KBFyWY`p+od<{W3$f7|wykrYCh-b4K?}ths)P%LkaA=$`O>f_mG_$p2UD+G;W5hk
zGgVlc%=+y%lhx;D?Vp|XRI-X0Ut+c`=bZ_hESTh6|FV|~`?O>xeC{Qw9CMW8T<5%G
z4wW106#gWU5apdu^RcD;G5H6T|3T~-_wQW|d-h}J(9A+*&Mp5Bi`#JJ)Kan04QUNH
z|0;*2A3!nzaB&E@7)EA?b7F(b%$>?JKAMm8?3Hui?2qL)#RpV#mGZH_r>nhHp|~C=
zzJ>38=i$sD`km)-?j%gW-I=Llo%4Q7D%`*63ziM3{;wXm8~%BVGx-8BkTa|~onZ*i
zIEtB!^lIVfE3X6fNFEWvZ};1gb4v)IRHQ57K63f}B!7(x3_fk})*CLuhdW>xJcijI
zF8XBMpcfg2@C&sHf0*zUyhoKVeFs&UeDR(M-zDe(3}+VzcUBAx#b^w#hE*<eS!K5B
zLv>yzEYiTzh9qhG{;UuE1X&6RkRiSePH<2MlW)Cq)ErH(+dsObt3YmI1Q(as3+k_!
zJn4#SCr-A@ci1mpJ8|4~m)$UNoL#=se(ACsuDI@sD{sEWF8@66(&Q_GH~(zh6+t_<
z&2DM#9w>j;F5hXlwD|+&uh-@-3$(Np2DrI2cLl$Ef%09jl;rDSmoK$jTKsnTngIL0
z`B&goQAd1dw~D&*m9@Dob=DJ0%L3&~YjfKIEzLf!f&f|EI%><`_DXui>}j8)Bg~;F
z`DwjfNw1hHaQo~P`@#9s8BKpwj~P>Kc{4sx0W<a$fpUVCVhyrF3+M~JOM%F_%-C+b
zWy9d{)^!WVTVtEQuqHJl_w%PbG2Xgy8Ap=?eOGKd)0)_;V!So+9dw_o$5&f#zanjN
z2ERLA0>ZI1(eo2EeV1>mvF0tS%iR^|3$Q-|aTnE<zETr@JurCm&iXfF#`c7?S!FOM
zcnCVwFKDM}J8@r|w^{SH*XHiA`@Tj~udAu$R9$~~AUA<(Ooo-h*w5kXweC*UT`L25
zvE~dZ<358ag>;eLzr9tpn8b$lxs}$OM4<F`3<I}swfpXx-m7f-g}H@+#94&H`K%)`
zUg50EcDne=;t=zbj5lPo`whIhQfPIge|6->g2;8<YS`oZRz*hSxfBn6#t1?Q--T~^
zmfT`c9aHb|3vQygVUp4B(p5|q+(+~#Yr?RT-|`jXW&MFM6_6P-)PWxh>XW6a;nb7G
z*8eM6td-AI4antIXd^#aKGVMtA%)z{?M8xgtA%=pH*`C%@a`T)Ckoi4l<15$=R|Qg
z(&mh|!)vu3{jAL|{L<z~DICq;^LsLwA?}04Q+B>(@^`)uR6z92)#Dtz?#o1krH?|v
zRV|!IYxP4RiFw>7`7Zo;Irl%llgT4U_U7u60j<MxJH#oO#Sd*Jt6=n-;kgj>-wf|i
zJ^k{I<;~MO!Xz~?OsU0;@ku@vNFE21CMo;ebB&VW)E7irjKAQ1^d0pykfraql?0>j
z(0$bg9bC@q>js5}`+3$>m9I+8)KKxpn&2iGr4zm@-e!yicFRY8yKz|uJB)x8$)8Q+
zF2j+oGu<>ZfOMZf_BC#s2C{|ZsTIvd945K+1b$l8`MK(2bm&8eKtrwSp&O_=!<DQ1
zYg<8tFqUj3jyhUZM}4<xW5p?Bf)XduB@!=`gmEEz8{sAzNHMAWHoTs4kX4(zsm-sq
z5>p#L%1m;!dz06etK&UFdClSD(O#*s()Jc5MzZ^KD-JJhT#F<>(!JvQByBOr*G8{L
zwz--AF5Bl(_-|QGtaSXD_|b3+fxcasrxsNP%$I4$%YgakEV8{|KE&O_tWZ0cZ+tZk
z^LIc@59ZGg;3qJT(mXIf;b0f$H|iBQc<yuEf3jsCFz<aonf~)I@8Px89_E+*r(hli
zZU*KJ{AjqP129+Af^s8h1_5#gjH6Jby<lwMCrPUvjHknuCh<CG7Mj89^N(|3Tq>d%
z9lE@i3*(-8&4BUtP5XfHlKcKoVElKlt@bd!@;?RRe!$JZxQ|GB+6M#TwaB|KF#D+P
ztM%?t-GA|npCa;x<AihLo%nB+I6r+xbS;^9nGz3j&dy4#B~g^HI$$W_@#bS%-RkNC
zrG%V<wiQp!KFrSo?Ia1`kHwg=ST8`U8ad9@nS>|gwQ@0n+4KxE7~YWZ`N0hiWt(wT
zLjY?~d7QYQ&{R^rO7=Z&b`=C07f<n=1Qww8$(e6<tlbZ55KQ=}uB4&Y#|LnXw4M25
zFOl9s^f2m0l7wH(|4Dy$pYrqjgx?4av}cJpA-lSm!xM~>%9L;JT$*puL5HgV`&5bZ
z?Bj?d*Q;5R+iP;un0+<5zF)e@Z8QJPCfBKeX|j?gJsmNwLeBNO;O_ft_V_x=`I%l1
zaU!$5OrFw}`#MXseAYPAMi`ZGDs+C@|6RTaVzH$#M~(B2frEP(2?ZjpyQi?{>c#on
z(OVK|QXGEcXrQ=rc!i3Y0Q3XQ#D+H~d>dcUde60*^3j@r7kN-V4=<|z$$+%X|I8$U
z8=05^wMd~w7w{*E7RQ4kpoKO46DGn#jnb6{H9`kdO<P_uJwR~D|FxFCYF9W}O(Gu8
zn#5@S`J>&rsq~l@o3y%OcV<RXvbUC$yJc?g&ritrYcv6AnONwOmKXHu?R1QrPu=g2
ziMqHh%lf2U-rGB${uQ~yp6!rNv-#wr(S`Jf4=<_;J~Ssk@LOW0{s|#H%p&Nq-X<hB
z(Mjfew0os#8sEI+Mx5S9WyDjjX6eaRI*P3{wvxuBywc1`>9tc&lwQUllJM<*O(w~*
zK+9*?l3(i}zZitP{NaL%;K^0+)a6<0Jdo~r>~piiDh22=0a`#Uc-y7d0_tMcuLsmW
z_v0r(y;*c2I`mM>1?tcA%E-k&ct9QQ>=&qg?j`sCAyDJ%-Q8jzKo#%M9;k8yD~ouX
zD)z6u;IRhlpJXI1w>lcI#vbIgZ8!+YgY|$qL19H*Ce;ebqg>ho6n8bseZ6w$6?^0?
z4=BzT6g3I*oXA4zTSx7U)KmJVk-D0N<H5ggF+YL-F0H@l(BF4=;lEC=+3;WV*?!?a
z?;djhAHx4?)AT-(x(T?ohd-cC$q0VQ2q(Bu|MXR4grfjC@X8@nQ>+Q4UOS=SUGlhr
zn8fZAilxB435IP|#BlGOX2zeA^cN9f+cwDUnNFV+O(t!P(oS#+l4&Uty!|K)7m9hS
zX)bei+^$V^z4H|LMVZ%Enay?O-&B8kb5%USjCi8cHi}>v#YX<$MTr`BcC_y7LRSOP
zvkHh$Pzd)<6fUC{$zN3NB8Fe+Vp2<3n$aiSRITh%Ej*XrbvlZlpvH$#ZBS$C0WNB^
z=~bjhm<zFcsth9wjZ9MF6u(LIo$X<S*01nr2G1m!Lvu9KRXOuvR`LVCALY0HsiF$=
zgK8`FX8XP5ktR9X{n=056*)>@#~!AyMph7Y6go8M35~0O#??j62s9$rhsv-V1|pr!
z{dHF8DBi5;bNFk^LoPtj$a-STVM)XUl!}+?IZ1X_Ht3$9lXQ}_NTc-vnxf4yL}E>P
zO!njpR-=j>E2M*6_WYC*>BW@RDXnFin^Zp4Mb4|Ni%hiZh)7(%s4l!AP`(P?60XJt
zb-8Z@S{9;xT2fcOI?%ER?bBCvxv@aYlES+3f7a#3`Q@{vlhi-5zfSfZb>$z_l`lsz
zMfOEr6?Nf_sVcs#%l!!L)5fy8a!frR2U-^UQYGI{mE4vr>9y=?pD0RxTHmXrX|S&R
z{p?~tJb$WU)1UIyUYBaa|Fm0{_-o7GtS$evmO)3(^Vdm}XCll==hT+1a|%SS---{D
z6i<P0ysqyX+lHff>Yb^0TIA|4(Kj^*kKI;f&D&X<yQa49+v0gzKF%ZTXrT1{s^};#
zR$EjRekX8xUUB`Z_~AyGWWBvx;rBzJwcy{lsF1Teh4J6oJJ#4O>+=GUTL<I8D!jXj
z)o7z5fL1qMM0T{j%=3A+CN@hCSzEpwoui%mwr%FR#V$vk*5*&+PoVtsy>yO*kRy8!
zsU9hAbdGIa6-LwORpDYrPC=l2>%Mf3ULEKhy*hSybtL<+U!9{V=@m0NN7H++SXz~s
z(r)fMzh=|RtVu<w>FOSLd&9Hc*|#<OOYCwYg(#|?W*x7|OiiO^-PJbM_I;Bno!F~1
zYsN)C&3u>EFt0Uz7irp;+PSgXzOUP12EQ&(0Z2;Us3ElU=^g9eNKN;0ZhUI`4REw`
zzqOfaX%FMSw|BgYCMM5r+0CuHXKoGjT_`lm>mjrQPw3tCTXFV8i%4ITtfaTmPX@b;
zw_e`fxZR59jh|nLHg{Qf@j56Qn{!)dH;ixGW8Ks#kQh-mJ5e<~ugCD|)m_muo`*sG
zW`kG3?wGR9E2zgYzL@X^c;*q{H#<b~OoB|A5Xo}n*S^!Nt){U3y>K_=J7<5f!FWq#
z9dG*dW9*~T7Hfmaa1qnq6xpWi`2$sdGEDO4Sc05033*_yYeP!Ppok$^nOw6pJCQDs
zm3MU|yUNl%5b|jE)zcASiMtx6LUc(LuK!f%A?<z6Cc-tyOZzlbm#&v~8Nb-Lo|{2-
zZ)=<Wpv!goNe@2nrn^!a<2GB0_6BO#PDmMBJI6@#EjsAestAFp!ukA<-gcgH=&o?S
z?WuBX3=W=lG`Pk&=QOi75B!VSn`f}Njad<E%COi|>pJEv%HFT>Z$cQJAfpHt2zY2L
zl1QLxJY};WVU(W)TtCNl)aMdjGPXkcZO$%;m;UBXcYGt&s{-wFCC-$&y8%-D$;QYT
z2%l9VEiGG8kF$s^acN;y>sdB|#3iipIIGN5-ne)I3=N{<(EdBkG`vB@Ov7`=gK6FT
zQ_1BdW@(U!WNNI?*?I!b)qtRgZwTj3CH^?fQK^}#<bAWQesg4ar%}?`DCu@}xFH_`
zSl`X{;4+$38vZHDx|{g#O4rvSGj=6<y4pn==bDTniGCHNVPDQvXzXyl9_QN3I$j~g
z2JxaQj8vP{zsvsPy4OS3x%@cX()ba|!}DF`VL4a11qX1<hki`qzX`7L@FKSG+g!&F
ze3V)idODUD`H>a8@vlmV+)}16j|cOGt0Jt_a!K@?&gazYqCj|YfDmp0FNE80`Yj-y
zqy9&4DRO>wypA$ZS!8mBGiaL}?bbUVoN7jslF?_F@tEssQLwy`ysj1#M3^&}(eB@l
z)D)TEfd*-azz))EX>yUqZ;;C{V_;dOL4@#HEeY56!e!IY_6x84&f1Nefyp>rqEPrx
zkRzO2<%qyxu#r19rWTo?4)SbsJtg$3Oow#+L8M4@#|d9!%Yj5xlp2|(kIUm(g;t3o
zRP^Xn7am{4^IX3IF7l_AFwEer{+wG0G&KQs1mk}tRk*qy7k7k^py6d4K-Y|$)3HGE
z=~DzN=l2f^X_NDBG*OZBuqKbd9Zb6RD8t4K$jK&d@gwj7XolCOfS}j_fXmbKR06ms
zOCf`XVvuU`u<r7w^mm!&QMxw{Smob!o}dn2>>5dL6leWj$c1^KU|u94Pc>I6n>!6k
zihZthbN`^}$iDh;Y^o2mrsjKlt&PfP?RZ*?57S8Y9>lVKZg*{UR~5X&br0%CW(D1{
zy6YlBR(F*YuQ3p!8Ug2CuNpg}A74F{Ick^0W>u4<$SxIv-WNK92hu-Od6-8s<(rX^
zhZ3BdU3+_NWNL+R&z>qkMSkjMXYVMho>R5s&D!YYpyUT}_<O}wx|~gZQ++?9&l<0-
zx7cK~r!C20^9VF9E*#H!fJE?PidKgmwp|Ri?Bn4LcIom!VnuayLZYfKM)F^{yY1ud
zZu@Y;H)lRzen8F3K;5!7FOb`c6V;mF5q2qY3Kwn7AX%3f3sR!r9h6CuF*hw^i<qIi
zZ;!B}d0!o(aW$^pYUkqGx@QZhUrHFY8VYA*M}9HPWa>s{Hl1S~Z8}MO&yo)x1=?<O
zAz=o`8E-E!qEdM?r-IHcv6}L_2$=a-ijE~^n{K3;>p5!%Xy^4Q%Rgi}<loe)$Zcii
z+ZEm9jh8emoz7Ur&LTliLb9gU>}w&j#}Oxsm4{a|>2`Fc$>MZbjXDU8p%Ph-Ys`ew
zJ^9nmG8x%#<@UT4t_W4(yDa|&Qg(6fQ;kaRF$raeRhWO>y9ESTt>lzx{srb|PFv-X
zS6w%LqR=~~vQgQjM#KE3N0LfK<yh~SuAE0;QWUXO$%;rn%RFZq9i3J3KyfqgcEtN$
z`b%@ZM<MRTMOdW|6pz)Daw}Di?=p=^mPX&%nH02af{xtN{Q5#oMS9|ERmM}dS~C3n
zHO(5{J603&Hss%&IC{?L=eVHuuFlj~f9L{{ES-{>#?zZk;`+S6*0><C$Ngvjqrv+Z
zc)6?huQu|4X}dP^uxZnfC90sVaXNiDM)3p3c^g48y;8YsdWheq)KB_PpdC4$^ig<(
ziKc55Tlo-(a=|peXOO?VxqO*~aUleEQsO0noBvKS>H38UkiNRXUs`v_risIDZRzLd
zM0=eKr%*WgM13$p=F1bJ2Mt3`>q<~^wVP<O2k)xi9FvA4h3|Is20YF`+i91+#l_l#
zU$d>@pKDDWqvF+gpqTP^CCl%r-)u*3-f9otbJK))7yQrlR?ZnBx7&5OTif{~)J1B`
zcGiWL2X?HgD~}mpgw=IT%j=J=i*zg7M|w}2W0q8ZW2<-GEzxQZ{yaFUVaQ2c>p7me
zqc&GJ%m)(q_M@ZVgb|9Uy1}1WcWvMYYJ_g5pT=fsHND5Hvgjs2*);%Euy|7Z%y#`V
zzE^eO&p4?eSm#(xU7^%)l0VLUnpisS3~0(GJ)H|*z!fIz1JQ0B1JPcmLtv8n8P#ud
z=I(y;^z_8u89Y@o+oWe}s8wb>%YG?OFd_PcyQXj@x}Sp~W|hiS#SXt^H?49{QW0sx
znu8hO_~1c}JCCa`vJ<aaq1DQiXo+`)?B%*%2K?$Vd2;!x@@D*zhV*D`TiKZCV%=qW
z5zTABohX_&!cHu-2ftPSVfixQl&(p%Pj?Z~YP!=jOgs#?C&8Q16gY(cP`85D=;g};
z-It&01wT#txg>rew#jA#;1t8fR0jW8&9n@jYmk4(I%~$ls>YU;RgJs4)>vn@Og=oc
zs=jx1cp>;%gL_Zz%E|b&q{^3X(!vwwb40M4){CNKSfMWorN`|ifJPC+9ljHdjdfxD
zuGyO2f)a@~cS8K$pNF61;BTc@o?taDB}Z!E8o6Y?bWk{8CVU$p0a7#EL}BCM8~cCC
zE#bv}NxQdkVo*JHWTsiL&OH<sSHcn&xs2xj>2R?Mq2dOz^Lo#1&?BvAy)xB84<VU;
zYcljt<zYoV=TSa9N}|aGm96B5j$Ww(=iYT<CtZ3bil~pGh^BTHplE5TqUab%5l$Ph
z)W(Umj5uEmP?U3)TIFi)6us`zQ3B5>F^`q{h4&{hB&<S&Nvm*7vCW4|#Z~^uFV<3m
z5yv9t6_?N+P~WU(Bl8S#<lcxmDBRy833ff<+m19DX#56U&tX{8G7QvW*$PNfIDtX~
zV{KT&MC<3|m;8ebs~?r)uknnxVXf5M7Uti-Dz#zVW`3f)oLGNd(A~4_!?X4+Rgv7c
z%<sMTtxeJx0~5heFx3nRrUtgWYcljM*y{U>-uqbZeW~|8$pGP(uBnd&-=KHxU!kLR
zss%SC5I)xy)J^RrzjSLYnd$9*513s~z~(4yj~|r?*kbU{;wGO?@$<Dkx&^&$lWo;>
zqvYXa!SR(Uy^pCXq&wzr$a!WTP56#yVv@V&V}>bU*W5;~@7pLhib3UOQ?jN+vr7mM
zkZ|sJ!zeaJtG1T4M4W)l_;NdnjjR5(ArW3u+3=N)lN+We6er#2i*+xuA0hf18TzB$
zpS;Nk(Zha09q<)iAj}u<<-ltvmSEL9jl-<vxDTgG>^rk1(k?ch(9+UCo^1s}U_I}q
zr=sq#LbRbjB?MY1RFH$vVyYo(sUOPV-Yn$CxZ&Q}Ck+vp*<6?VO&x(fOZQm6Y2n;_
z2v@_JZ-SQ?ep;msow=44p)+g2+2D(!GoM+FOZb?zEqF-h5t=U&zG=_8gytwp+Yy)S
z$9}Im=j0zxHSQ=qKelm<!gcdB09AxlC~a%biLq(=2|X-fEf?trGAs-PKm1zVgvJ-q
ziv1Ua()nzas|Ip_I{|zK<i<Yam+sM&+rm=sYmRnM^L0CJ<i>sAQ{X{+kX-Ib(j{hl
zI0=#P{fT7xuhY`icrH%H`*w1X*CO$oIdP1?v=nCC$h(jw9D9{_*Gb`M+H~#<VeCKE
zP0-48nv~EVG!hw@qL<!Ik2g1ST#Fgyx;tl_((;{e|Fs$6)U(kSIe)_OFclZQ$T@Ed
z_M)qtcV;9NQJ1804%8>V^K$Z&p*hYGN<Gf`YdY1XV@{1KJ}y;y4umNc5M7+8Q%r_R
zYtC1~{E}7f$*xJqWGfrQe_dc_+#fa!;^?i7@4G+j%MUgroD&In@E!MuZI!OhU25M~
z-6N`Q?aIvRT>ZW4-#cxiwj*<wqdDb==HyvMiDJ~w36^P3sN^07HU};(Wp6-UxDbs4
zdqbJkV>JI=;J12kIbM&Bv4^QgupR57iu1%5-jzf3quf21LX(WuPRGh@X?}{leF}}o
z7->B2WldWp{A|};x)rcZ4HJFf7CS!Z-{_v{nNzX}<eauxLw3DQHO~yWQ0XW}9_?oo
zA@|;GRFo-J#PGve`pPZu?n_@e5)(*m^d{qx9{m_LC31$085v6Fr&!dS)pw=ZOB4O>
z;$2D^ZrgNZkmH+k(BbY;(Zk%%<hh-hkzG^2D=3*I-)76NS(D1FpmBN4d29p2bmb2b
z%wX|Yb1-)Tf3Xwucc$?j;Ku`IKQsq+@#vjOOd<YWSga$wV^Cp0YN!xnJwL{3=Pkel
zS5Ozdg5d5og+J`j-vfk7)3#v3rOaiMM{_9S-#4Hi>OPD;HMTuBW%?`sBJFUFPj!~V
zxxFA|E6iOehx1z8({V~~S%~EeyAG$^+6wLR6?U%dIzC&z;h7HSwdG#~w7=^g4(Fx{
z9SKZU(Q4;@Zd*_6DYMI8vva?&TUwJ2=XUv9DTnig$&zj{&*5A}TM%saF6sHYztyhT
z56+*?sQ%Dsa!lw_Fv%>$j~>g|!a(F&KXDV;EHEPN%lK1{$>qjnHZ~Y*;)Om0#I%q3
zq6~h#I^1eZK*yl<*&{nw-?rLl-nW8TARMbJZK;l)h4N=>-QeqYV(&XF={&v=J0ZbQ
zbC=tV3o-w+6vk&_>g#Biev8CFAOx%0!7#Mb`x)<0zG=P`CR_J=#PSWIp=nz>Q`lF@
zj#nwYsI;IkwxUi@koMGxoVwV!Hq3dFb81_MW4h9W*F~-bYthiZM2o{v?qIoAHBEo#
zBWi`|5Tqna)AT%PM!my^EB%fP#{mk%VQhC^<0?|IRoS*ATjh1#=0frsTat!#>a<pH
zyxF}sQrB%JoCLA!q|9}R?e`8xd>A#h<HL?+MbYUupbW`Qht6SO&PU5L_%OHkp)>g)
zMr@QAv9T~>lRq(xSj}~Y5!*hAN?^oBxkjZEr?Uy4?c7gA8oC1h=$>g}|Mcgl;xCHL
z8YQkvbsgi@)!VJ>SJ`!ae3!RLCwI}K<ZqV@lsC#*1mDbt-3?YQwc(F)hR)-(PFH6;
z9dT13+dp3KlI_orG-P|V`Igk@W$nKU#LajcX8-c$yE;lEbePcy>FUR60MpY5ap`df
zEIFeWIgc+ho964S_`bwn!9Vjy7c@*AoD=L^-puB42_7gTh(mXt-;SJD5*UnFqrg11
zk)NWs8+2-0K@KG43|F9w_u;OiRaM*bPQs1PaPsg6rbxAlgkPx*uMQ}X=6QaY%7bb`
ztE_O8F4ctJsA~N9$lB;RIFXrelXI&YKO0unuzSsowIp{`vNh-G4pl9mb!z-{Sap}L
z__p<iA$-g8id@i<IyzUieB86;(@s^5>xNZz*-+DEb=9=pIXOLY>PuqHw8ZC5HC?vV
zgjaLtddtV%s=Itp72Y6$KD7zT!J_oNK<*p0;h&aOHSYG`#1YFk0@h#NxnUBOHBgIn
z$1z|7sV(t>#;=c@IzT~Ea!G3Z`e0OZLK-q6O<PTS;5g$Ine{h*?GF|;eqClYtrIs&
z_sW#<O=Yx_@I$OxOoAP;?A)d3oNL2Jnz?8lF_>E)En}U?U0S}KPqtOFwE=e$2u!QV
zlOBq@pHJI3oj$XzN6sC%y@f^pKCjzb{8rNu%u1x-#bfk&+O9&L)*TA&QuUHaT5!&f
z@2q%h$+ZKq`ZfKnKq@u#Wi~2|9qT#CbHG&#RirAsysC6z%~h*!A^dDrOZ=d!s~3$^
ziuJ;(K(y+c5!MTRMvXr!Jf>S7KYNYj=Y`!m1vue4ZC7ILSNYKEn;y3tcVB+v3DyhC
zTVfrqTBe#>Vm+?jHLi3wwXo1S(L9AO9v{9i57E3CLn(B2cUP-XexwZxIcSsD*-k7q
z=8_0zO4mD(WAQHm-JI~kG*DVL<b~TR8`fKu4T-K*b1&v|wRPs}RXMwBrjJYn5=+6*
z#+`-Xm6P9$pS#bhvh_dh>XTV?fAuYB;A3s+3VT{&8owsr$a#rVW*6ib<qMiWQO+Fa
zobIStrY+W_!L(_Zms@w~4!~GfFbf%S*P{YPxAVt`Yh7TlKjj4)n+x1|3zTvy&$r1q
zLAh0yFLSnc%cwN!J0{*eXMTfP`(UaFO&UBVJ_J(FHrWy2co4jFtnVx=R)c1L*g0oz
zcS<EjB8rW1qo6?^dq6@5{p-NaG7tCL(w#SBdB(IjH&1Qs8ni6|r`-ej4^>jIQ>b}%
zt_eKh=PqHktb*;81M}(+w+V1eFh#X=$cloTxsvYGQX}Co$d~%K<-hqTP^CVmyYI%g
z*iZjYRsV?|vd{kaa{K?t=Dqtr_}}jT#jkxw|4;nR{=5DFurb?eBd2Bn|NrCeUErgt
zuD<^aB#<a@0uqgi5;ba~D4=MGfMg(%8JGYnR$6bdYQ%a&m>?=@U=rbUoR%t9Yi&!_
zK96nH;^hGp#e`cBZ-C+rD**&&98kmyAi})g-#%w9fuOd}+xOqkKOdNL&faU^*WP=r
zwbxp^2YU_2Dj7ZRb9I<C0$gW|Bp45VY_puqf&gQF&Q@S=bdE5f`DgV910n^NC|HNL
z;sfdw7KW&p3pF6g=LOGraE5oT7#WTU(T*%N;}$&D`}H{t(UHg(AhHZHteBA=1z5PF
zGNNX^mX5-aY&-iEa}#?B%hO`crv}HOzx@W`dp#qe^<*0>nl%^aE(Oc0*qg)MSAYS(
z-^w_I`{CEFITq{w1tx+n{AeB020H=$^fhYX&YvufKHxZxHR}`oHyW0dvq2OoI+_x&
zD?J6#!_)tb)GeP7{B`|-q_h`t8qyPdct#4YRBj>1p-gm`$<Q%7R*LAdpr%Rc{L!dv
zc<tAb&)T~kKNxp40%yFf1v?sd7`10IZ8$`33=Tx(UkLt6XtU=}u35_}z&S7EGsA5C
zaRSp0Fk-*wlbfWNhP2mJ${dT>b!R=}MrbwfkKUtRNLnOlT9_jlo{Y2MU!=?qH>3@j
zAgDl%e@XPX*CcJ#Clq7R)J=)R9uNde1#F11)%4oYXth!xW98li=XTt8RC_?OxRH~I
z+eZQ!M+_71%y%zGSJ@tlCvl@b;=K&|!Lc{UkFM^dQ{{EhlMWLZlN`?selE1d$EEjP
z#}AL>TyL}fMZ-%!<uq_$F+9^Rs85<_Mt#6hC17mdhL(A$i0DMYA-^|c>l_robfy!e
z{4P8u=t2X%=^+>TNj@DPJsYl8kNO-J--$-2ji&QLOMIEMsAh=->G^09a#0ravHgjR
zF7q&KZ)lv{m42wOPxdbBAV&tZCGnRM1<U@JIo`_JYlKv3xZrP*OVNE9B_)o(j2ttp
z;`>j4OwIK8d?EoZ5qZXORG%!OkKi}~m&=dek&1$bk9HpCXv6%uz!`+r`oa&0KUM!f
zYYz1S;U7c#%@qp~2tV0q9{;tR2M648%qM+;avY5)A~K4tVpx$i?{BhI^hG*tC6s4(
zzfSk!g~{=j>8<7iCpwk&jlrS5vhBfB0|SDm=T0d0&hgZ43=FvL^!y2hweJT8TzPuo
z#5c@#n_l6i>=%l9CUB?NLvcx^<97$_S+7WD6`P|HneD?w@t0Is^A@NsDEJ<1g^to8
zbfn7Ti)3GKYUYXhBK<g%XUQzvW!?2F;sf@X0s97)(3<?%r{?=jaO>7bFg-W&Z>Cx9
zOL|KbJR$p2Nq`?m-sfvpjvRK?sXPz)j3<+E2uP~gC?Ak;S`wjhpFIpA;;<qC^EBrR
zD9CWpY5i_?J7yi8Ws1T>O2Wf?S^3ju17>x_K?&*koaufxI-hm!=N$7nWV|3}JMYzc
zpXt1h)_a}v4%=04MCn%k5Lm~0BVLy)&C$f$^~MW3vVHmUkUjtoF(<G(K<SIX?M!IE
z?uQc5h0J>xP^i%U3w44=Ki{L?iexAJM&$wTGVfLPT^;Yt`DuCG9=L(u09IAjWYyoV
z7yB(y*;AX;B7b60)qnxkw5hyvr+Mug-T^~%Crqks_6``)Y03??FL@VsB`UT4`={=e
zS$FW-bGSmi-zX~8ck8gTt~(uJ<$X)7z^CF)!zNCRQe3ao-6*!lc0>nXh+PdO<?5rs
zo$cY8uAKN0ejN6MKJi%7E@mu-hacMb0F8?E6wwvVE*@^zZ|qNi8OWG9m<~T`dQ9hY
z)s!Vs_c)$9Mj5Xs$0{qSs=mzt@ZI8mo5A6GoBM4Bj_)it{Tw%azWd$ieiymlE8Xut
zdd|&xhxK8;s;iwK_a(h03J!X}MbW%th-j|sL#Y0AKx68~c}t7=c24`G#$d|tT3%#z
z^?@LxL71_l1#jxnwY*yIrVd@p$Lrmc-?greY`}hDfv_LBB~Fj*vH3oG9Q*5>RKGC+
zP$V1HA8<{8a%#`Y!d%6x5}4N0Aley6t1pM;KIh=pz0V6c(od@l>WNDkk3<H)rnCH$
zG3p;#7L4a>ajCF|HTe@unb<qMb$FWl5b4{>hSjxs@x!!#>r7SaM?Xe5-bj}5hlYoz
z#H&Zz{Gi8USq&Xk0Zb)X4AaYfEOdqN|Apf5V27#aeMdO~S-`Q@JfeDX7I?5VZ4K>u
zQKT=vMRUwrWQC3dip#w3f_~O%8M+ZXof-K572=pyjHEfKkpu(PC8<&7dye~UFo5sb
z?)P_M5DG6d1&0Dmop~C601zzn(=);nbfP%qxDFXq=mUDf9~o2Z84>CAk*{e}w$JmA
zK-qTduFljfVBZc-SAk5G;D<Sgt}K)U2~1R;oGqFHKwVQ{*Gf>g3e>#-)V;)@?rc?{
zYo$S5)0nQ626Y=vctahJ*bN#}Gghcp1hlwWp)S-*m%mbeHuuxU<^bc5T<-~#ZMu1w
z4^@`ok$!9;1EXeutL%@fN<YJAHL{9t5(U4xw@ViBaj>u&7@p15L>OF86ig=8tRo}s
zAb$T6OAPYWRM-ZGd<k66g%Fdg5Jy)t(#cOQ%jNgFG>U+yz3Rl?S}uiQwizm%C^**S
zN*_VSu=}tBRYU4M8`sFG@1SxAF7{1rcD}n8CknPfI|ewQE;5zzCYsqv4LDUXTPIav
z6JUPEE<ku?)z4H`p*<ZiuT}5lxV?j%nsq0?@79<A%(Zok1L1zfvCBCXV@kl}8)6Y3
z$X4h?K)egpu}`Ca!Wn2R7aeM={sPn|m@njgA#X1#Zzta($g9}-gi-(1GN15y)>YYG
zRh4cs*~(WbyN<G=h25zNZvH4KQP5S*69Uor{$P+fJ7n+rccK!5zR@>znX}@h`&{36
zYy~;s0dA2=qUZrHx<46P3%zb82fbb%+a!gv`jz?WlyB*j)x3EZrhBEZvhPQ+*9n|M
zFPe$bt2o{r5%aG3TIYoz?y#^w%!69lkA(R|)es32J3@not`F%_R18BhFJwqL2GVbD
z^Y2*c_cYd2+S6V7ZW5{uuRz|gc`%}!QN5C@9j`?g5aNd4P#%tseUTq~e5ES`Wk^%I
znQu@!5;iEvAoXD>{37|0>yO+?WT*3dhRW!Nl}8I5CK&`{+aC?E@<c(7={sQ)TuXnp
zh2{RpOC|^Kn8VmjGu5{!blRr!TFF!+)lBQOmRwcWXV(|Y(;Dn8<`wt{v?^b*=KWet
z3q&gSArhNJB>Kx%PU@UNAjYToB6u#eI~9+JbSl^E^w}#@v(uov(fsIMt|owf@aNq3
z`72eACS}f1s>?i$I<4T{X&D(N=PD;s+}mK18a2pH+$MmIoiZvy$;qydDQ%5y>aQj`
zPUIjvShLgxYP!0>>|NpZX4HSo6qF7gcjd)<W%f%lQL^7M6P1ui^~+@;4~f`;yW@4H
zI?f;Z#@wvNuFuFitLU`1NZ`zNRBCtTOziBSD-=R@aeSBw3m!>KhuY&avAe%;7l`9C
zz^m+Kc)<-d?owLsLSeas;r+qzHTQ$zD@}z&0qG4tQtC2cct@B$sn=s0;0jG@yl5h+
z)^v=6=K=dG-;Omt&(a#N{kVx@V7~*&SqDM#?WpBeMQ-o}SeMJ9R>M-h&AOdN^1|V*
zksRUJ@JJ`agakY>p)k81CI{VJzJwK`=Pz9}(H`TEykO`r)Q`b`Vzf@E>feXlUTfap
z1?P+0?r~~+t7@kOKTx{eSN08;A1feHQS4J8<AF7s*3@Ns#oVcVqF`2pTSOW&`L8A#
z>cj1)KRoLV!3FHIYV2PaWGIVG%prEt`<Y0%4VX+M6kaj!`ey~K%8iJLXPM3pggX^i
zMQ(x$$o5x7dM)9wCAX@Kiz%q>q$8D|@Y2uXt-OSjr~*}H#mD<247eF8vqP>4lwu3m
zsy|V=NEBq>twZ;Wl$lv-#qdY^En(%(r*^o${4zQD)alE^?mnqXrlwvWZ{+8m5qABn
zN>Ua1c{{}2?E+=diKqG_j)E_p`8g{CCmyQ<Na{_0PH8i*eC0Eld{W3)RraYBx(eNv
z3VUTm>GDKl6**us6FixP@KxW`MS|}8@=Sze91on}jSTEkV=pwLkYI$C*KYQEUS~?S
zx2E+ZmlXdrB3%EaGipWP(HtdEka7#yMc&9rPmMhz8CsVLZI=-`BNf`-4TZDHroy!k
z$DU!wcV;CfjGBA_tAYu5I;SC3_zDP*&1JHd;Gx1yQT+cV3Vue9m|6NTK>Kb&a1W}j
zFEYY|k{Gl0F4awlz=*NV<oX7nz-M+-PE-msn`aoDNBh#6zL|i?xwObEP)s$y6nTY6
zEXvy;BprOfGu$?a0|`CtXP0X@A@rB4OYk<wh}^F-4ILzcDCXZL=aPH8k@GxNk@3RV
z@&Ke2Uc+*0D$5pGcm0kEY7t0cr5N7QCH|(5+KWhG{H{cK#1}cG@0Ey#?4^k{$%=r|
z9n*L@EZ?1ts?qSsz%N{!4A>hIYqa?H8E)4bdJQ-t&8!734xBS`z%knqQZb3D?5H%F
z^5aFBC1jR7+`fCUiZZ?Fj|^!y(tdogK}!2x^{KyXndt;8^cBYu751u%(xyaHRp}xh
zCR4$asRZQZGJ}_^nJI7k?ZYc0*@r?iOjQROecV;GoBW=)9lZQIxoB-P18g4-IzA;h
z1t}AseYh9$fo&}rszy1Xpkpd@Mk*9^G@(LADhoOWD8ku7iURglJgP$<y_nuPI8@B}
z9Tde&jf_~L;9V>Y4JN*hF<&c+NW7idDGZZmZ}IPV%kNo2%l=yd?1*tg3h1TUA=#0m
zXrVI<;q-gRPgbeoczp1trO`lH3p&XP7LgwrVN&&RC?J-6P(`C$aHwjekp_3!2=1&l
zp;?5of);_Md!St6g2;#BQC--L|7<FWtSeBq{^o!$Qki5`U?4UGN<Yy;<VbLsK>3M+
z7?ynu-qvb0#q+7jjb&@8^UW1<U{9i8F;MU;Tg9&kq-3~Vv9+2(GsXE_s$w>jhD%ih
zpcBgDs5CqD#y!M{YLGM$s=>!ns%+>thdv?Bu=*)7!YuuwZTnc$E`f|N9JQes)WiKJ
zc5(R!(N`sLUnVVaLI(R#=qyJi@e?xP188%*#004`P@)i&m;v4JQW2w<C|D|UN|6wc
zi4wP$84^MW#7f<KmpVEFEw=i1tnouYRN7B|FIwz5*qVMcc?Kd^K|HjuZ&(eVO94Ft
zA4dBlcWCTdQmjJ<Rfk?1Z9*e=fDi0X+c4j&vH#|j2?0ru3indo8|8zI_U{f}-0p$R
zf^_*rrD<$^poEBl#}wcY0}C5z7iEZ-(W|p}&7d6AX!MslFXucsP!{urR*4>H7ObHM
zrfHb98Rif>>3y)ZQ2RZG&ht#)XcsN1ij4F4%eLM;#E(A;N^4~Ciu!Rv;4GE~*8{RU
z6EOQThEL0?*_=Oh*lFg+sl=MBB-sV3{|LKcnZxJlt(x9tTP|l?ZkgB%tSRzGeyKWA
z7?jt*CTOYv>zCP?H-wPQ17h-1X4;gON!-mA@JsbwRoNzk)G)E=kJ{0S(#Aw%pcGjX
z`||0m>&w`el|Z^i$@49<Kc6`yGO(2W*&u&ve@2qMhyD5eefH;18_5C&fw}dV60kpi
zs$2>3(oXi=Wa!FNsP^Y%=)0*<7DN-uvd8|si3RZn%5wK-(-hsVk;E0B5J$KoG1oRB
z5Z^oX6o;Z|%Ep;Os$7v{;lmLk`K`+LtoohUNCd*i1;P`x#aBXZxl?Ew{c5I=AkzE0
zI#fl?Zsg&I?$DNQ$a1wqg|kSFU@VQXDt0QYADj~u`>Y16ptR2$d=KqH{XfVtMCc_#
zoz31vga=aRDa*+~r_sDsYg1Q0x|_O+@g>g5j~#|=0cX+9em>db?BUZD%UlFg%pn1&
ziJ8yaRi(>tc%*&21Vv%?@ar!&dpJUm#2R3Y#0OX|l90q_dt%K<`${$k(23o;B3=#5
zZg*0-TeUNYKr$DRwlE>hp_19JwSpcr+zu?xCGp~FXH$N3v071MJIiHRvlW`n_ks3f
z!S=<7WFV($J=u>B1FfbzZO1;w?8onDKb~+Y8}IH$pxI)9c}_42QU+$%y-<5`GE}v8
zLbVqsL*Gq>ws%9Jir9;rYajL}y!o-mb5mj;Y?9(#{h=khGFdsTz6brH4Po}6sV))?
zl$Z#G?X*0*#t}T5b=aIkIE);-0!ohJ=AKaKh)BP$al?x6=tCd8j&T0@nbbB>@N^wn
zn-%eX?5Ko^4vv>DHyqsq1o|Q&BhevG-|%q#7s(HH?tU*Pb9LlUI)5K6ITY&q+{>0I
zIA7T_{60p0n?LfRNh=10r6+R6w?FBS<xRXTfYI#Ws;R0cWJe~Dt|l;M4Mk_)T}FRt
z<ft$|DZy#L^A&{uq}u=2GOw7yg~-503Fk0h<J2}#x<M4iXl>stE9j^qp-T(rkc0&9
z_<t{)8xeVSv*~^fhd(lq<+|DVR#nX=@DEuuvE&r8NVDp(1DF)r0g_{5<ROfW#>hpX
z8)=L$9MTDkS?PYBlC6x5_ckyZ)MP^8ULbP3XRL<)t;}>~N%4v(oP29uc&2i+7hCfl
zGo^?2AYr*q1W|1c4DbtpXVrvuAz!@?g2<JvATH}v9IsS(@QBbZNmgC}+7*@<awsiX
zF~BTdIGYMJ?NUnb3zV4zW;)&m$uWPYsfQ#hdP@{MscsTk^aP)xiSSe2JUw~B#40{r
z^)&>a5oreOO$b*&P&)GOiefq<>^IXf)j#T&M8R>&+DykO9W@;T#U6j@>wehbhLHqh
zOvTYmMdwV;%=P`IV&*J-ZHmy1-NVc@XDYsA#y&L_Z~C#BiY$GPsD`O(WzI#WAry>R
zP|{MBgH$cn?f$}g5mFzJT!hqEWRnl*UHHaQA@<08gK8i^mMQQpV^NqvPi4qgUK4b{
z{;N6`8H>S&q>Sb5R0Ylc?II)ym87+HL-Ltn@P&I7b2~UXLM?$v@m7tC-?IfCBU?s5
zFm-fa|4H3VezGqjE1_y)W&A3LEmlp<YSbGRiBM!#gEOfKja^Zq;4#dZ_Dfyx)7wz`
zkM#SDMysRAYDdO=!zZ@HOV^WBgh+pH#BbJJJV4ZcCitqz<v1g*G^AT!O$UGESLzPN
z&K0VxP<_;u_G|dLAtUl3c}(q9m-kUtv(<H8`&SxLW50C0k*O>%jV2oXr4X)=ZUeD)
zrJ9QbyB~dP=(mL$0awOiM!})sHW(SpE@-&J$kpmuVTiRI&Zx~dqlSz{383M2DEokI
zf?YXFGUl;XF{0&?F>_kQw0C11dCTV7dt!e~$y+c#xf1%8MT?0Uuqs-tdT~ru65n%m
zjEJ&1(;&)rk|XyU-{MZ-H(44CtD8C>PVJ}2Uepq(AWxNTdO$pnY9@M#3uDc+L;f<>
zYPg!Bm>GXmH~T`nQMk|=7`fJyobbL#_FC-%sDaD%yo+N7YZ3*$RU1YOL%{lV{mG)r
zetey}tIB?{4-YbVLgk8<D^ChyFr7#p8aKSMUV7fn8cR!;K`yvVefwlf4;A&=tjg=G
zS~Ox(Q)6<qmi%(=llC=xp-=?pl_X^UW8lS{4yf7qllCC=!R<Wmygch_%3ibXx{n0O
z3Bwtc-`?skeJy!BWhjEZA`=U4!3eNb2hb;pf|Dm3E<Aa91aT;Nk2=HU{sNIfS?6hq
zdPiNAkL<@Re#{5Sel${~A$hZdO`k~G(+6l=zGn6|g_&9`P%Sbu(qu#8vr+v{cX0n*
zSfhy`CEe{-D1=1Cj#ZSdN0FNoI7xnbQw3GqOdnVB^IHvDQu<?tPS)6~YS$zEak!qd
zT<MQNG26hi^gbn6Nr04@&k1&=K*<<2FC8Q5GZ{0dRSc8G#3ZFb_r#jv+Kd{NFN~}&
z`gs7e%MD<KqgvI-@J0Wju-AntkwFLlQl<h0&!5&MYhj5Z=UhPKQzo+D1%)0=sO-ZJ
zQ^W&Ksx=Xlsy>zKRz=?Cr22zGAt<w=AB`dODksUqPLgv|Nrowj&q;EAvLIc;@uX7q
zc2ZsEq&hN{s;g3UBhpnB1A(KR)t<e)(U4<Og<q{~#Ocw><DG2Y>YHrk3Prx+Bzaq*
z$yWAN#M4fy&+ay@{6i|$EJfbuq?)f#)5^W)6MCl;`io><0lPW6Nf9+pUXM6=otMhX
zr@Z_oGUwSo<aM(8IWp*mr*gC6CB8_`8w%{>1ilj{@DKtYR$!46c<6^67??#-Q@->_
zGKTn@;p84Sa0Op0joQb)7d=;XTJ2<DIdxj7cr*6TD)N6)Ijy92(K*WLPfE=M6F*EH
zSD?^MU+?KnLRC9@8wulgW(>)#q>A4FOkPGSy1K0>_&^DZNJw6z|Ir~UIzZ_M13o-i
zS7F?r&m*)Hm>LoiS&*ve!Gd>{19vhZq6bkPZjZk3W2Sy^bc=aFQ%Xnh?~m_I#B$V>
zh94WC*ORgFGvkhJsl$sz8w9yl?YYQ6l7UECksi@&h?8~C)Tei%LFy(LqXd6df|H!A
zk28<>m86W9#~B@J@L9BqG;zEyq;tE7gt(>t5@dE&8r@>rxy2ljS<KeI0ewz%nSqYJ
zWFBtjiRiYc$h?P}xk#GmLV+I^y+1Q^pW5(eBBY!e*^(_EQIiZnO5Znm|8@y^1j2)j
zpCQdczm4OCt8={&sU7iR;+-#4>q}>}pzMJ_^B(OoBO^W5@IZHon<%Bb)JlF<g}&m+
zeb){z3$Dnw?py4&hP{gg0xlzW*6sEL*JCL2W@W?b;E8cu0*bz<!oE#}_jvZH;o(^;
z8p#>U2b@dPHFb=Kmto>hdmQ3?7H=sS%rBGPG^*?tf9Xz+QulHNb;lqIQZI+rcf?zv
zu|Q~DKWpCejyPr3H>Rk_z`k;{g62Xf;i+BkE8WIrKOFdXw5HujxihVK(;WEvMS@R?
zX~Ol(|6QN6OwQ8xs-2cBoenYVr>sD!1=xnlkZ?1q5A>g5(Q!1Zkzd=w$a5-WV#0Sj
z*TUh2Vy7U(vy49hYu-ZBsIqS+S{Q1?i!$V&;j^uIzmfa{Q_7kF_X}>~Cu}h9aO@I%
zr<#)ALHrbWr#fB<ip1udJxcs$vTgy0+XK{Xu&JBl5ksCawvo9%QN;;6Ef7017Pl^D
zyn`nj7Xj~zWeQJk6r5cN?5kDwRVc#qtu+oZqkGV0gt(yxkt~d3KG)j`m&28P)J;VO
zy;_`*{{ApdF~XC$rEsL=r#&LRjyy0m5vB_qa*Q;v8V`tA7!?_~RwPlCr<t?8zFXrt
zb-O&Zw^o&X8@$7Be^O;{@=skNu?wdl{s9+cO}O?cPwfZZ0kydkF0XwH>aK@(!0nx;
zTu{4QemaHk7|YZFAG{VUz4+`teP8yTb@3o(N|V<L;Mk@1k0!jY6W-MqxwBm=F1R>8
z71YLq->JHe@qN+7IsxP68(KFiT))!L9*O0mc9=bCSnM>WC>9kRof-5yFl0n{mILU{
zpyjH5#OKVNGp)Ih5~0n^o)3+=KeK+CdV+bkNZF$md$u1f@&s2RVNlWHE8WS2!Icpc
z<_>al!NEWS&U{g7K9?)?zvFY3$vHJ&OmWV9DG^R;TQwt#c1?P|u<MQ~?ijt{WhM*3
z!Z}funlvsAf9>_6CubE;R+LUzc?QCd7tb(H9BT1&o8vEgL(?;NVmDkb#1<n*$(&D*
z^-%}N$-<wAp+Dz~zLQF)9j&Pt@S-X_@!i<nM2d6GoJeE#n@FnkbKKHr2A-)?4tLxU
zd%J7lPO8FHT*Zk+V=-A(g|C8nGP>^m@WMvgRTaKVLv0rKzN^ie4uXK`M$IO<s*j5F
zy2#(WSSvejG{E?t`>db$>0r3fpI8ja*RKuUfJ=_xpb-OtWw{ehf5ub0VZ?wbW%(0^
z*S<GuKt&n)?m#-YT3ZwggQq6DbpJ4mob}(J@ZGD%tGl)SF9L&Omr@M}qIN^93J_4a
z#6jgRXv>K3v+tP%XnQ5zu<E6YXEuYC&Suce>GQ=X5Hb;SgJ-3-1!HaH>Pxc}n)CJW
zvwKZWk%3*!e!wBHvmdO)WXIVL-lRnKgS#B~dUHGt2DqQgmHglF`K-wq`8)eT{5-9$
znJ98`8z@o|?eM5Jfn?Kti4i5>NeOuJA#I4sDSSFM*&@xEXPudVF41gY^rv%@#{{36
zJT46LrzHA^N1V;ZY%U;gwUom(iL6qi(8U>xDGPGaJnuGc;MibHr<JXm$kM+(eoW^1
zTli3G-Y>@q+J3ucz%K;I{)4K6k5R1V;A6W{n8gmDVmljA{fd0SCR^z48yaEu4F@-d
zf~~Ix>??{g_l*yj-tuWUb%}_ev|jY$zFVs#>0UZ2QjGflM{vViWJbgWdsNS%9g=dP
z&51X)UTED&N{SM1jtoD#r@tn<Sbz9g^I_bp)YB!y!;kL~7bp%ou{;>$5DU9cl=0Sg
z3?A8cwTq9w@Dt7|ZrIDuQ8wgsv*Uzw(&ujx6CbvJ@Z&EAGSs-Uc2Rm1*>K&3ZrV8Y
z#G}qaXFqNhI^%_jw&`!5rKbKqL^O_kft_fKMy1FXo~|<3qWky~cp$IBLMtVINfeB~
z4qrR&;?!^j$z#)CmLc}X-f4*a{9<^7V<;+m^e~A1LSoK#V!l2u8Iw(nOFuIh(VRa)
z_;!!}!SDixBA!z0i}oZBQN8!CH&kz(iA}FHqJL!viVa&ARO55GavkfvTl-;|nmXT<
zy*Q@fm;<qpo<tX57E%-lcL;<>0zE0eZzC&ss}*xZq{l^2LX~~j#=F$agge*bD7%ai
zfwC`xr;Qv?(KmNOiEKeOjvNr^n?IpP?fb(A1p5|FI7EgV@z+|@&+O~QYU3}o1;K$?
z5aVH|+E)D^)k2)P67!y>lrdPLM&|HvWTg9R#3Su#*81&lZhVYK>-Bq7q(?h{X!m2m
zGpVqzEU;5X2IxEv`_OFZjTjj~r@x2g_A9!X@VI!_*69QG8>-)g!`TyeHd0u8YM|7y
ztWO%)M+V*Zuo>4valnRYJf~8lw-5gj+JcGID6Dbl=_l0FSUJ(h7xt&SE9ma<Ih|Ni
zvhi@WK-8Hv?>V!#1BGYLflN+`s@_2OgF<z@t2=)%q)*xBeCycf1nfBSdY4dR-wh0?
z#4>yuS$d!L)V^LZpelF5&9%!w<ZKaZ*VQg?Y;+90mbA~geuy=9%9-qmtB0I5<qTY)
z+=oec;7yGFYwsp%Al+$VkQzEMAVNE0g9~HVXb_U~7xE5Y`oW{)Ic5cR#`-Dhg6i;l
znnbbgfJ^*NSF|%*<HIKQJihOKuRjn!WXx0Y_y1etU6dN{2F4qIAC11ylERF2lS%uB
z*=E?wQnG?kLpAJ~6VSEKGY*~0F@4j8OCLvXzB^?TIYT3za$8i2=B>68DK;%)6?v(M
z=tM!{3TQKNjW6@rwoT+LK^Ge6RY~Z_`9$deoAcLCC4&RlM3$>j<}yTMH!R`-i^z{&
zdWdmJ*+hO-lVKBioMRK2aBL!<CMs<M>yu5Saf4Q2C*hJdk*Sgr$5&zH=*m>6Wb}lx
zw9rG1h!zmwE`MiqrSg(?{Q8S;wFW+D=9aq#7DacT>R3eH`+?R#{10vM`E2P9w1~ao
zgg56WWT^N23_r%FT&NDI;4B1^xroWghA(J>94gub5!at6;y5*l-n4eR{22RM`7_dr
znhQt@-;F<bj#!KZex&ojZm=R(WKYErM1tcRteQj3MVk541`kW&p-|>$Tol6MS^~HD
zF$V$}CJ;%wj0t&<;u+Ky;*fh=B4?BkhwXmM4Dv=fDWYxb0`}+8v%jXwkuy$Q-9Z3R
z0U+zhe_l1##&I<9P)d0ip^=|ezn*ZJ_gf9`2qK(aEZcso;c4@gGU5LbjwOwKf9wep
z;Wi{(&Q^BDgG)PP#kuLeRp7nTNP&U}hYOlTmnK^F0VpQb^ZDNaaG7#I!|8xIR0#l$
zyi9;pjc*-Jq{fu)!!?X-SWP_^pRXzD?2$QQ@Q%YVITx!RMD@6y>A$X|$3nMZFpZYV
zZAExpnMKG&85rQ3zi9sEzrXaxw!iqEFIhUgw13Z=Kgo#xq4@awG5<V1u79@;e02N|
z2><XuAQ1yPlgnJpH-`UZQ|SqvC%1t}#}WsgwDeMCHX0}wk-qxEAkx>b8bn$r0E0-d
zVFr=b5T8aQ*GB}n?sRezk!lak@B^_O5v@TY%wE#oAy)a)1C>mkUQlbC`v;Tqy#9=+
zp93kGJii@nI+42I77Gf#&Q#0s69#cFiG>F@G9vS4^KK^Wg^d;_w2$$LPo1uu#w!%U
zCV*tAj#qiSUCA>Lxwv?YZ$Z|X$|Eal>MlWB4Wc}JWh))4b{~4g;wI_{wC3jGu-3kp
zSNo07$32PTB3CC4ai9<1IO_-3?P{5DDKV&#q+-hPkF&mmH`Fq?GH-d^u5A;B0g#;p
zAZ7c|#~qtK?&fW3=|C10c};n{;=T9bFQ1dU9C{;uXw%0XD)Qd2cf~t3ecZ{Lx3dE0
zygjqfYgKRf>}~NbhCZ~nxj~^_Mb>n+%Erm^BVSmdCf+kUPmK*3JFa~id&~3o>!Hmw
zbTSQnp}3B8G_;(Cw$RXZlST$2K2CY>HZj)R$+VLed`t_P)y#7Ok#f!zol!H*+}yEg
zb2sWwEAw{ceIBqI-8#lDWK+V4P(>a$1njgwr}NaBSh)%Al(!>bFSmD52NQY{p;LFM
zLojkT9=9JYUJkep8t0qmEHlCxjfC6ec6!H0=lf9$%eH_{-#MCv9MKlS22rjp5@#KI
zI$8~VSd#sbVca&cGmm}t;J@U6Hw9O8LPjxt8AY=6Ps3$!qQzS`u=qw6Qo_7U6wkF*
z!+-Jaw?CUNw2EEA544i5H~X1Y-<z+{&g-p)X-W9Yt%gbNd%N*g!_SjxnSet02WXCK
zYlF3&Ja?+VTC2gE%-{yA;f!Pk6Rn0)_q{zZN4f9WWZcz#&*44CeeXcUcQHFu@s1O$
zhOO><ZqRC2@4n|<g%c$A{h%wYhL?Fajbk^8)loauhdem~ayo!~{_MWDBkgb9_x3eb
z11DMrCi@zzffdQT=S;R5YI!G5SPMr5(pVWeZI7R3dX-)p?IvhPB`TZ*^Nr%8+e_)x
za*a`*6~w~#<HRa4Fq~uH%X5!W?jKV;CYqn09DYNc%2YEw@_voH{T1E`IygRtdBX~*
zbMAlRnW15fsl{2;hmD5@-0Hc`Y8b3n9E6#GcGp?;BVfg2rG%P-F)2`~53<Rr76$K3
z!Qfp+!4EP8G4ym@`8qb~!ssaZigT|Pqy8=*(K#H1s*%-Hs4wJ&Oe;a+aYACFZZKY`
zu0rJz%@-|F$p<R-*KV=fR1AH&lc$Om_NIzeWV9@!*e~fNG0)>f;g5G3ABdc?@y|Jq
z4Uttpj6RSwvA=Yt$`L$j>JHKxt2U!8x>o>UcTFDPtm$0rq0q<>R^8;f(T;uHR<N#s
zVKJJJT6L|tw|ZD^2ClR2de9`BkXm-Fxf9xHq1ik*Z|}fu*0hk5Evs%a+ac`{STwEg
zCf8*xgY&lKEjP!$%++?Gof8@G!)QxzSZL=JR>P%mEACjI@4U7Hg?-Lzd$4?v^P0_M
zJWa2LP$orAFgPSu<V1RaD{x-hF-Z<`UfWNy8WK4s`)mNd)awgWR^{aYwvhltFT&<`
z65MvBCCtI6;hkHJYHKXMgDEa#GU6&$Qwf(es)d=Os>tXSucnb{mUe+mWD;6|Oj46_
zF)I2d2zNka8tfKZq+;mm61UhsnZ+tHy5*H*v7pW4k7#aHsq_?1u_ob<v*9^;1U~pt
zvk<B_V|_N7G`vtFL)b(18s#UUdQo7&vu5Y7{gEU@v*|{8M=W2n6G5}PH@H-Q+5L5=
zf&t<TXAZ#eqYenRoahme?76C75f)BMic;Ji)<J<Kh#$IUFEQ5xIC;f#SrFKbx@N`m
z+5Yo(*~{bLTc^C&*_qwhV79P^sT>Z$7yk89Sf>(IIdaOMAI?Fc1TXXOhH<lwaH|R4
z5?R8cr#;l31q!1{^i5dkIMOQaA3ch|fPEGJZ-?2zlG?tYu%@}PNY~)V!6F>bIJzB5
zi2*e)w8O`7ho|=NIUee>gh(Ay@@VHZCnoVbbXi1E`*!N>@?^I&oz?BmNSKW?fV*sy
zqt>YCTW@mM%xO-wX8Cw}>?PA<ECNf@Jw}Hu%}4OLl;Z=8+W~Zo_ONBECi<gG?!SaC
zQQpbEc!jPqHKAt0Uelg@L4%*s=pCOTWnb#I-y-cr$+U@r2SkLcD<^+v^1qNA)~l$!
zHTQ1Q5i<hC#{_K11W=1!HLZnV3=Ei3Jg)Y5vp6y!A|iaz4_1R?kyAFzhEPZ~Ki-L;
zHwZE?tvkaX8Rbc#P`X1L4O1K+SDQPVLf?ASk>zs3#`rJmsIKtxaD5kd;P8+TXF?k0
z(;<BWrP~7BWf*Zt-HB8-H61ttkKS>=e0APkJe!`=0j5EI31$o(MMdW#j*=n9aM#Bw
zI-7OIUbDyf$Ur@K<8~6M8r=5;TQv~J1*71;+nhmUtmWUFKbfbq+$U-7pL~TZb^4cy
zgiEn$Uf}UOc&rkrZhk!UNF+a-cP84fTz_*%Et2t*dEv<+{;+&jN=kUh0O_89#}vVR
zJodUo!T<ai6qve1j76rbM|8nvb;wb7x{@2bLWA4PALfY}o>GRw-21C>(AjZuzH!Db
zJs9JR{e8-{=DrKcMSqHBW!Z;Th;7bbX0>Wy@FeYpefI^97xv$fOd{#(*pY(9Plb(D
zE&slW&IA#it=HZhedI2Eobl{Y;@v(rLV##*Zq4w8SqG_Qe@JpB1HXadJgR;WQq+r!
zyZD<n7Wwlq=i*?MI8NXMc6Cz=>dS%RtMYI_yuOH&mCJp3uV@JwXXdMRn%j`cRN70l
zZs7OpwJQ6=D*02xmLpMc1C_7RdGQxs>2m^6X}8D^M5)?9=|$-(;pmAfl@fT8snV$#
zRl*E?qYpQomG*|%r}UBIZ7Y71vf9WuRY(-9A1&|HOU=Q9ZmvZyMbk}w;D19@Knt5V
z;c@yIPaie*aQX<?tmwfoYX6o#a_Z_5nPm`}tvgHRacokiy9TrH$Z}+C>kd<YmnWwk
zmzL&2bS(1az3bRGByVeJN0&0>!*c`n&%wtbg+6;iQNX^nME%S%Jfu&>j3NCiW(=ne
z@A{geMK$)2vn%YMp5?QDUe3C6;X_)AoataNHi|B6fE(-L`S6PzewO&9c(R&MZiI{C
z@M>EY3rny)>j?qqp$s<PYxs_@)VP-aGb0@PgR1{ep~Ra)iP%P+sr<90C09qZErNK;
zTignJ-(vosC&b;5F%H}f8?c=cucJgv-OzKs+r7)(<Mcg_Bv3dNI;HbZ1i8JlhU^qn
zo?3}<!a^?Ge@KjTN%g<b^eDv6Kizb<70DV3F?}$`_mfu}m>H`fT%PMW;xyiWpr5qU
zAokvd15D`NdkzC>BRLxn*JRq@oO?WZDjIcP(+_Q@oa>|<>!fVTOc_+l7f5OLamSTv
z{&9q9b<PO;_E^GL)?Dea=%8p+VRgK<U23^g>V`v2ecNZ2y7v_1&i=NO<vGdz<|O;5
zFr%5xN`~?SGS;u7Kd1C~PPF~RjGG^-qmM2i6gES8dTfZ%kN#^{B6gTr!O@iy1vE_%
z!zIUtBq<;!CYH+mUIS4WzsCJAw*r|oS_5NpJ?X|g30SPj`IhRx7L4dEDoV2d_${$t
zDuJ!{TS*f4#k(a{_t?;))&Q<4S0$YqY3oHH$q-hxN5#2EiQ2RC?Tv0eD+!3s-z}fZ
z?I=`+it|NR5NB{)pZ%i?1lrfF-=&9rnTWF}nKquQkHhqlP8>;P9B~MbsASv{O)p+z
z<oT)lJ$1dR{DR)ewweg~xDv3C#p}WQbF$*yGtSffp(U(WZv;=|lICI-t0^d5rB|yd
z#Vl6?i!;_M)Tp3KG?uCTK5_itM`m8^nHE2?9y<Om&3O*w{X2g9YYC8(WTt!NYyNz#
z3lb$l5Vk%~^oP5IugRaf#}OjR6`n6#<{NNJZm<T=e6X`!t+~AsM%*&V{v@;kr`p4C
zs_kKm9A)H&xZ_(lX(*w{(-b-^Q)Woywh4W3<%l#b&zgH<`_P7tO&c6}p}cM{&07=i
z`J!Pp3Y#_{L|b96iFaw*fOK#ro;%I?pRLLnexv?DD(4;0o5M=g64TB6THSUMJ$wl#
zF05M6fjGq}pV6z2d67;b+gYJncy7K?!0(zh^&6+5IjniUa97`eb2(+$X->m$rLkq!
z+_TE-6PCS+pa3olXcdl~TdZksIRR=W0dVGvl_<0b&b(`Ep5B|=gZzfRMP7fCa0-F_
zR{<_?ywV@;5ccIam&46c1tYMPJ6D`d_;Q1%a62qT=Ua2T)~~(=LBUN33i{N2(=q`q
z<eQicyl>N`b4`?GI2d-+p^%ldm`g@j>f4KyL^xfPIyrNZ+Vn_%bmzmnj52E0BB5|5
z`sltDoi_|N`+;siWs~qyXHFOLoiLoWcI2F)7lE8J%uLJk&7l#;Lz%+->#jMlF#iJL
zSf39m(8AS9m|yaN5$2cvj}hi~6F@|#LS_SF>g5vuPYUyoM>e;=Fh9HRcM0<izP0in
zJ5C7H-&`jr@rci;=Q7O)y?8G)3jALmZtQM7pCnhp_c0gHWs!nyT}*zyII;5J#J+1$
z`-0>dXw7QGvpWDIBmFipcv&+RLr=9A?{EhM`Gup{8p^(ybf+e=Pw|Eh*Q)3<bmR@g
z9b$X|#JEtOdtn-Dt7DJzxo>^Qp)i*mjGRIFX^YC5ub{p!<5Y8BcxW>6>K>~Wop0}u
zd5Bohb5#=54W6d1gj!DK;|pH^lA%FbwrZjB<vPUezS7TqF!`l#u%!D+_ukxLc%=I=
zy7TZV#<i25>i}WVx}WEd^mvQsB#forGWr`^<NeUzVB`x&+Qr+%v9NMtO{OQkn(Ozh
z@t3_5u!g`IVD0L+KhP0=uCMI9;Nix9xX)e#eGUg0KQwjT&o!+^H_%`9R`7K33i<fe
zn^Y>x@1oj!)T6ZM>*#%r&Kgo^ij7TTc_51ljUX4o?oi9<W+on!P6pf3&08xrsK4P<
z(sRlzM8m_`gri4MjWgIy)OZtHu5mwbUj-vux~a;uDd5>C4=+_^duw52Fs%uMYm59I
zxUiT?OAb8P;IBfOP(&bzSMh5JSezl@%5?Y)91=7BB8tZ1WfSRy1Q3TRNg+ubSh4Zt
zR=qSMSsBa`e9p;-XdVvDT{bkoz?WF;-kHVzRK)ED@xICP<GyPd8>fDeLCa=3B7t%d
zYenu&c^KbXKB!c6l(dz-_J`cIAklO8FFRxnzasl7bJlFl9hx7T%09I3e5s;qYhh5U
z;9x7cb{_qucWLQQDa#+)l?aYff|NdmFEZMLk6#reWP97U<9+yjyr4Au?Aw`V<Pyn-
zNx8BK{$mjqloLjiC5JP98%?fViQ0we5(MnpqRb|+PzQ$59iSX@7w5FbRtD{~(s!+C
z*GdHIxmc{rqS&$GMew2@$!-dSbF1t(q?v3DeZ!h|Ghkfk4SFr9vWBeJRgs{}XVDRN
zkUZ=(lG#EdZ>P3gs<W5sb56)btn#@=L?nAsz?OF>Q}^qd(6Sjc=2!HB{Z_idR)g*)
ziJhzci|fjpJ}ZjG&V<4_$!EXEMKwjCT_x6Z$-p_1h!i}$y#q%+oqpl-tV*n(<B4Z8
z3f92mtOm)_U>$T$)Q)>m(Frr-cQ!A9$V8-$*Yf|ij<BxY#9^>lqOfyb{3ViQ`j~s<
zjygw+bk5%h5zo8QEPK@VQ37In@HIH+`1t*Ej*H(rr#SwrIY-9BbB>KqpOYUC&FK=G
zLfz*a6RXwZ;Mfg%WE&T{b4p^>`sx(>i5_{e^Yl18rWVgBj8*8-E;dLHD|V(H?PI<5
z=ol-}qi5_GJ-Wt@(4#bVh#uWzo%G0wY0IBe5YrVJb2`U%=+PmzO^<G|m>vhkbcM#8
z+?cLHopW?dTmGD)*lT(m8e68viLsaTI3zY-kHcb5>Cq$hS3Qo3p^TZBb3*JPJ&uUo
z$D?l}4r?MgJC214U?+c<O?q64u9GiwL$S|4RLUjMbFVfOd!(QRaFLudk5+hwTFS2g
zjQgAb&F<(O3iy#(EJWcM<y0v#kA*FIj~nHggc~~>HY3~8fQ>2kIgHVL$0YSxM5n}W
zVp;Ix;@%&=P~#gtbn_RW`Htw(JmZ&&n$Xr0y=-&4ta$I}V{jNrWtfk;kUfy~D~&Qt
zBpsy$T{a;tHzion38^Rom<BAs(Mun6D3hA!M49OP*P$;;Qu-?O+l0ZczREs28g*B&
zo#Sy%w2y8B*iVV$#z)dh94-J$t~TzXR92BQev*W8Z$rqRp_QHmSbL;2o)4$z3eKmY
zv2`k}wI)e7RYJNl=}NRw#?GGsB{J<h%djXTeg_&k`_*yj!){ByGyRR7NYCYI`=`HC
z<x3gmJJbIiT+v9QrKHiB^EPyu2x|$%(8z3cp#zsvxfePdp4HZc4!cgEL?I<5?sK8T
z;%n1U&V>&3YaJCB4N``-3jB@HpF$rd()l-^w!#EmBVsPTfBs+^Jvu{|>Ny1rc6wo8
zvCnSNuHBz$=$!5tc~C0#LjcE?YWU2>BqqlP2s1mqkN}#U$Vg7Sj_D)<$mOYuG@Ejx
zTmFYW3ZaD6MtRl0*CO4zynre<whiD=RA(NofqM)1<TilkPN7cw0C#Jn)<)pwVzXLr
z=n6vsI<-GFS^G4-6xuRQ`bRJ)k%GZnGqw-zQUNW&hLmPnIo<NXpJ_j#zKs4WM*%T@
zD);KN0UvnC>61+OBH)!rzWQ4yee}0Ff*^;|R8ahCjAYQ@X@vGe3Z(M}Qxo0<8_5~+
zvD1M*F%Oh1J$<6aW>l>C)XahmyVklO$>vpwK0K)elza5xXUzbQLrRcBn!l4zoNJR(
z0Z+Ed*u|LV;N(pkT#PAkGJO6SH$y{TN?&grlw6YDYQ=v*Kx~6QV+m@HGy8URXZH@C
zg}y*t|K7pV>Lz=72Yb~`Zr3|_Lfz!{y@N${le2pVkEolR(>vI`ZgPj-!7g=^JN6Fd
z)=kdsU2e@<s^Z%(<fM~YHAmauyN5$3JZ-!Uy|{S@^kP0S_{%tpJ`%-0lV)&Uhx>J3
zbGcax0emqH_)VD$IN1Oq@BUhsqO}Y9%<;lBLan*WNn?}791r=+UY~ecYGE}CP5OM{
zcY_?3W&r6#Z|24id6CyFU0jP${ce?JE>^Ybg(8qvNuj!zD8GF@a?)B>D*DRwcSuKq
z&IKaPLrwLYhpL5H%|i>tST+wWavt(Qi%0LFz4(6?r;EAvh~YYG=u~5m7|D&9qq#kk
z1I%lyea%DNv&f+$pV;=UnCxo~)$!`!O=w2?RkACUYIO}g#sj$dJoGmsw4C2%p_lcc
z`nH=9TH(HSoDq71SJvG2cIXw}SXwfbe4VXd&4`A&u=O9G5imgksII}{h@-hepE=QQ
zFLlL$M(l-QvtuV)`Jp!WkE2K3%<-SOYb1KliO9{MI^KWE*^BEb1!~^tkCwRmafqYs
zdZR7vPHq<Al-B4?e`b$TXMX1%^GXf_nciapE13<g_LxcL(x3_E#OizYnEQ&-8wq>N
z*%_AxU3OJEiaqAIR6QM~(56S-x~6vR%v*)h?1rP?hmd4vAd>x~@_Ag-44ZQ)!;cA9
zq~NZxxv1#DUM!3EL}h>N(66%(;ZAv}OS$^+fwE;*{g1^$paE&WjEL;$%KEjFq4p<w
zV!xuZ_Tj%P?f1~f>j_-)(z@O2CYA4dS>0|ft0RYOz%JsVy7gRChepUIl=U`pQC++;
z?-lRV-IAKs_Kq#rY>7-Xg1O4P&nxX$;z#h^o+MmY_nOz12q48@`R&jBrSJJYFMA^w
z?FjA8v8J5`-R$L>Ijg>p-lp!Zqt+8fRoH9Y`|5g#V-i`-eRZ`z5&(`@F^U8_UZVTy
zx^q8W?a``HA4Q1RHh0sR?rLW>yemo>G+aSv)gBr<jtV=SN*}BHx)DHUAATX0`FQkN
zJH+YbkEq8?1MoR-RW`=XbH^s=+=HtkLlg08v%V5`?Op_tjkh1q08QNEt=rpp`*8q#
z%ja$1dQoBYqHv@80W0(N#=8=;H?*l|yc;ij2(`SaI|Aunx;HQG^lb3X$hAB0@o!DL
zg@&5`8PAK`JtORYG;Pfd?df^vk+M7-CXhXc*7i$wPNh2MgwUR%;31(seQJ9o`{opd
zcX8WD*Br&Szx4Ae&wF%Fyp!L4Sq*OZlpaG)8Egmcd32*6bdxSeO3LRnUpWR#&edil
zhplPerGNS%b9HdLR&#astN)9+8tajsko(NlXD&}iwJ}!<l6C!_xoXB+^33p^JrV_1
z{D``Tb|->eF*O>ITYC^|8*<Dm3C`4)cI2PjqXTt&7?8QOc`Ox$(TdBVCP-e}HD1IL
z$30MO=huCo{6w!>b3115X78)p)o#9a25U$YR}&p>&21FPJTjARpo3cx5)t*don35p
zNzk5|n{(47hmOd1=?JKT4bkA=3>5+0DKVtzr9PrHMCR_gXMeKuwG;Ns*QE_Jh%N}9
zB8sE}8=~El`KOl#XFgr%{jt{^HxwF8=Z~ZBD@C{mZi3bZFJVEtQv5<ivE?4wcXp2K
zE8zF?{CTfytw+Yv7#yj!J;=>xJKIgVDBRv_56i~-ARCQ|T<M7*WXr9}+l*R+)F7Tb
zgMR9)Y;(OchIs(M`_#_l<_PM;pcdTZ!JTMAi(A1RygJH2u-^qU^kueaj*b?vFIoqS
z@^MNae{Gj<g?DKqjDGOf)-v)8dTi<zZQSP4?=RJM+$dBSQs-W1DjFVz*7-fONLATa
zlg`lq8gfH>U4EL(dA6TJ=A1_wV}TSuae>C!)Yd3<peAr5-Zx_ZrBzR)&#(Cs3$A7M
zNF`H^(f$DN9HO|Ki0g_f>$h4n{;HvHuC%GJqoI~{p~ja&JCB%nkayXz+??1?$k97>
zPaRNJ=t+LPk;;{!od->5NmjN30xsXt0>rr*g31X{jZ)9CKQ!XYyP$KC4$tv>K0ryG
zR@>2JhSR#S_46UB#|oj=MP#fg*1=R{a8pZe-tx|k6m4#&jBO$wv#pBL_YQ2dA|loJ
z3Y@;DZWo_AB;<3<>ED_IBcpb`Dt-q!HMJc4{29a|l8kije0|5Pmt>jdov$#d2b42B
z+?v2`FKY<#t@?y}rz^tUf9-ABa4=hnw`>vSVNG19`Gyxq0>Rbn4xb}_o4VH+xHbG<
ziKNSdYqIS(H^xN7g<5*X4-T!j(1nw}<#JTTz1$h=&0DI*YK!fq-tFKj^gso>sypAD
z#;{FYBAm$-`8dOq>a{Vf<O~_VY^_e`O)J-axYcCu$tt(*!6EEx-^NZ7BzM?F3P#`7
znYC$eKWlmmM+o78Pay`x-`?JSwVl25pUdI2;B*R&cdH0jJeBQliWX=$4SnjFa1eeL
z5<Rmjj_dT4k4q|ctO|IVg6A+!6{Rox6I=kxE*rj%$!G6M@+1DKyL2y$HNA=7Vb<Ip
zT`N2vmc4#+XS|A3;T9fLY>sm(_D1>F&6w%HR3u(Hk<!fwZM+q|FXP0-xl1&jH<PS=
zr8_2heXBn6d3IEUdpyU*xs1(fZyEcyO!tPYlnr4J$9QwMBi41shO4lpLh}Y`Z(br%
z8j{PsCs@<JrB>+<IH9)F{6oOYg~zM?`D#9=Ed{tMRqJz~SL2WC?zWwazk|bRd+937
zfkn;btfac~x{*l_`KIm_`C(0OM@dYzP8}*dE6P^f+*!wqW!q}k!Aq$=JKXjoA5Kjs
zGdVOLCiZNKcIecITqz$UE*{*ej@Pb^zHIDXlDK0%@sy@$r%o*{9BGoE=~Ueuo#ogi
zq-u(G>$EKe+$jS%owQpz=^>7TM<c@~G+E|JlsP2QNr$RgQ`ct=&dSPbA{u081!vN>
z)YWA@Ctf*zIt7|Zot**K)N&BLJvb|GIZ+r$G_5c6EYI0iS67EjPs>q#aUD<n`E1-b
z@RYT)rk1`n^^;~Wyqd7b%=2!eL5GT`7^ezArHxTTc8xqe;*oA8auFZayo%yGYWP^j
zhcEI%aUIX-w9+r6RcUzHpVC|AbO@DAb5z7qz5R4{g>oSA7k4sKRXp!X+G%)R2&i$$
z5F|ceIIEqORJgjRDEBpzPSK;yZESp4`Hrffl|QR^w)uX@)ZZ$-n4_0cu3WK7(ZH24
zWxm&JMhgl7iyxu0nX!KRx*oU#?$tv|rQ=X8^@SGao0T`ZphTB*su@A9lw0GE+?>$a
zcQvO*tjuGh;r8%(&zoGNvQ>@Re|GIDy0)FmLSHu8alzsKaKB<}Zimp$lY^C^ou||W
zp5X=$bZ9GL#?2IcIeuArZU@&uzp4TMzMQOC^{47Q0CR+bQ&{+8MSS&L8`E`Un3-Gk
ze>E?1K9XmJF6X0fW8baT-0mGhi&lod$+M>0ghi%2krnB6s}G+gWlgo~19o?6l2gm#
z=n5R3E_FNq8n$Q*@@@K_PEx-cM&0P%pkQaZ!?^80Hi@-Md#ipc`MVDBs=^m%=i>ax
zs^36hRk(XL>jxU~CkOM@V9qdhduqGJ@`&^&Ug31syeuL(Z{n4zH{jjdB`dyxp{a;e
zJdrgd(rXA+_m?fM{ZQRrSbKyKYC>N}S6we<R1T_>Tcq9VDOQD6RcyF~g*{eDVcaQ)
zYlE`I!TGGBo!Z&a=TRHa+Off!xyT!8TIp3MPS+VK*O)iV<%vRYqOrpB+Qbzobv)B9
zrVYDq!aHBd=nXEJtk;bP5FVY*W;X9=$;j#Eld+3F5v*Y`B8Sz_w2L46j3<6H-fv_@
zw@{lze6aHM#DCIvErlOc_ojz&*Tt+1_u0L=WO-*?CUsRxGlWWR>;&%YB7^QUW}#MD
zpEU#%k%ISwowK4><)HF34^Z+<<>w1S$bz>{o}XxvNjf1Cu&{1-$J)+*n>q~R813f#
z`0p~yBT+a}FrO6h&`a9f7n&XZfoD2;7n-H$QBzL*_hzqIs0}AJnVvSPmS0D&-V@V-
zO4dlpJ{%EAIUok9qr-{Bp_!)iLQ!bZG6M}oNYi~xl<0D<5_fCLh{q34N5!dfv!akH
zG6$o7Fpx}@czZ=Sq@+!tNXcK%ZcR!afPQ`uCE|ZK{d~hoKY)I|<?GH#`uQ$i)AaL9
zeK9$ioqMCVvEH;nKhLUj8vW28TQ@o_KWdvRDs{P{A^Qku-X0E5h^2@mU~Qi5EVkVf
zku<<QJnn2|p_7^KmPdUBF_o4_z3}3`JZ{D%*57yLk<%s3$nJCI@y2=SDCf+>oCfZ5
z;E~C{J4V1K!6k89n>r#XX>%l4>-}WdwN(e<8hu|r|1m**@43&%U$*Ll`7i9-2mgdj
z&eJ*F(0%y)SI$jGwZZ2XsjgT!riVOJCYSWja)r)<PPh)1I6S6lC+|-msdc4-cO#D<
zS>g-(;To4E)|>N0@v9d&94l<hHt5el<U*W>k79e*9vRw#^VOq{H$8AMqSMG3%c%!P
z*{2bNSLIjD*C`);p)NY(fB2%zzp1LQVo<kQj-Ua(=b!)c4it5v_q?Cyc*l4zh)!rS
z9C~$%_+Ol=&lv6$x8LMuWTQkl4CRNb^8=+VnD0(F-XA_Y;E|G}&wf8qaMiKMwmlzI
zafL8=p6e=jp~8U@=Vl<HTZVj+s0!EQ$D18}l~(+!Hg~+&+q)$>D6KaZG<sIEdh0pb
zeU`h=KJK%~edfDQZI*)HMqBl4ai1&QXQTU^<34A*&zbJCjwd_CUD#3wB6k<-^Q8cJ
zJ_q|G27xnNU3A@8WO!q9T@)(K0t?S7uGhmcJQ86rZo5b>Y1~@#>Wd%ZNg!fx$H>Ca
zWP$KQ#)v|fGpR}eGHc{nL2hEld{~aO@C>^~ihylXFd0?zzSDglTLGM!UJ-u0SU#I7
zNFeK-itwYwop|nO%F3r24eyZvT<R3CFXni#6k^KUHKWt`5}n5P(X8xmbnB&yloAaX
zc@E`~m4)ed)P26|J|(zS_<Z;InEQOdea_%%$ZMW;s&nLw;$cG1S;cjV;utI+{f+sm
zWTIdMPJTi=xdZYD#a#h~6)WT|Q7{c3Kdt>`s6cw7eXK&D^oa0aM^ge?00{)|751*C
z^|>$s2@970<18+)!W&GHKkp5ws8<7dyKvmp$v^d@EMok5uU6QfXMk^Zz&8W_I^eGb
z@;=8SG2ojV@Yh6BF+WB?D9BLL9#P1%yFH@FI%H^Z^Uz*Y4yy0kJ^}k8I`#bWfISqg
zxDlMwoX@r#(AnUKYQ2o*h4d50`|R5$JBLDbYFTq=rt;vABOI0ib5tY~-uCee5(N{O
za(qBbb4H2&vbK9vxfn({7B3NzU8E~x#|NO1RkcoT*EC3J)Mq4qCy=+4tI*9feK~cB
zrebO(Kv0|HulJj;5H|lA6E<`<+Mre8NxAWCxjgoU&twWO#)SF1rtlt2Szx68W2P`O
z*O|eO?lXfQZ#9D@!~74J!QSxMOybKpu52}llT&yG>!X>%nz+ssK9sja!Am_4IE9A@
zbe}1FIAPy8g_)B~;mkRSC@(qTnWxNm?nEr|aeBmj_vOV}&-WiTfv@<#Gl8$&ZvsDc
z^uIcRKmOqpI5~fzA6RDOpALF0)VLXWcFxV^kO+t2nk22b<f`PLn;=yQ_5=y)8>gck
z#XCz(N|WHaEuFLC7YK|c&;g5?#iTXZo-Ppds8~3fKCQF8rj2ZmCtKymip0v#_=92Y
z0f13;Dl$RDl@LXoR9m{<YY3RJnVJt<<5aIGqrO`dkf{n0Ct%-_a-O^dl&1K7lxO~a
zk6S|ekRi=4q_j{rtx!+8N{mUZ66%mTcz$6B)R>6eSU;$-wjiDmgh<O+w*x@@9*Eda
zSftxZezzhA9w72I<&7LRD>nB45SJ;r^dZ{HyGqH$)5oMi+7`qaN{-z^n~}#WIp?ie
zvHk~0zPG_W>Wi5h3)(oi-{B>X0_E}L0ZRD<h?tg*w(9q`B9A^m<WfbhBk#6SKBY*g
zgf=5*6B!@XR<d6!nVA)BG-j%j6}FXZ0x`yARjl&?DtnRAUf5RJDiyiv05v^Z8H*c;
zJ$nF%;{_pBG<MGcAS@N#X0_WXtvKQMPui;4wsN8+rHP-_R`k0>$KE|ap~(CkFIeBn
zA-^1J#T`EQ<i6bDKfxhy+}rU$T7gfn?Ijfk9S*sbR$yC=>#q9CK<hi}UrPOB1CS1-
zmJFAJ9!zSXeOiK$TvHr?H2|P7(>m~7rIP42l`6e>rR=d>hSP`YwtTX{%pqDEY7Ps}
z$%TqGX4f}i8XYLxI0^kK)?{*I-A$hravR|cZ2Tam8opq7jXWxTxDm==d=R^Y*=|I2
z6T8FyB716pv|j-rkz5j*Z%rGZ^<X}7c=KnK<a8b1A*;r^v7pp>9@W=*9$)4>Pw_g>
zGyKkT&{IL+E36xH#wvi9&X?)M{H63oz8GfRIA%~*O{F#dlTZ1*@gMxe->(T+cf99o
zXtElfWv=OKl_EFPc&&+V6*+LczFAmlE&Jf3bW|U`a;uXy@$C|#zWk`d8ncc6?-G9X
zhiSNcfvmxM^0F=5`xNU>^=??t*9Iks^1nq1HYve&lUpIb<5yIu88MT#XnUoVZ))rS
zlqhPKqTcDFsJ(oT*{PqXvidBYRc?(naaI0yua*D0we02Sc5D30(Hg7zW%p%m=lM6#
zO{U}uYwdQjh<{GMze3*YURPdfuk*82Z(CL9SB1c>jq{2_Qog_K$oGv~h+ns*##;NT
z69M#EC0R?50o#4BvVTu$KctM;0b931u&*fjDt^9whXgmi&(Hhn#Gu~RDnb0cFV3;<
z>@gUJ4)|niE~+Z~*l)jK-KBFzUSz2RU6U_+A53IW9|_3SI3z@^pEz(V+p2#j8;Nh|
zTRaZo?ND!dR>Q}<`JTJs^6RgfIR5f0e5YI1+zS!2Y`@Bvw*o&*#Cn%831VOHCgYy|
zRi4kPJX=&wIYiNdGadS&4|W<=_TKoA*7z1V=cT?c4?M!Ur>SXuPTuGE2Gg90Ru26%
zQC0e-M9U@Iq>EXMZvYgNRezYuv*w;zUjOyv<BYL1O(>bV_Yvp-s{z}LteAWNr1&v=
z8wb85_^~InVQ_if-gT4C=4)g->=WhvYZXBl|Gi2&f+w{PwRCK1>87(`Jodbvw`}TO
z$5wGR*;86}9D}Bj*z>_Sa&Vlt(gwm5UH=SOuwEn++(?3{d+QW9t&p{9{+)>E`>uXY
z56qcT^GzO$OIKQV83V>uQG9u!ITgt%y^NFAvVM(tv~6}zT&*EHu~hT~UqgHBovGhA
zC)}g8^Klfz3Ac^j(8`+^#1?40BR}R06OYnOEuHe3?AMe1b15}x-TyLFKRhttO1!Oi
z8d^8-#Fy?oIQApcmwoxg7w?JKJQSwuJICXiZ#Fzk+X7{~t@=_HCbY6pVA?tv<Cj<B
zmuBdnS#wA1MG4^cqpi8;@2UI7yiEL-<FIdWiZ4~H4TJNxqstgtycab&D9_O1J)sR&
za(FZnn+E5-<`!Bn6;k{#HOSZmyN0vB*`DCDzJ|{iHBx;WlaQAa#CQO7&29%s#!9+q
z&KQ}6mbMFyb6!j1lg8pbtasz>7rHm@bpGol9kas0rfhrL8Ch($jM-<2L0P$<C9HcI
z-4UMEl-o4_8jWw|Hmm*|&dD9j4VQnKSlE%ii=9T8)o_RwcF!K4Cr(G^&z$2i=d|+h
z_cn=rW&d#8B6I9>eHKa|le@?dd}Hl9hO(%cS)oJNp4Qx24;bl{buM~t7qm<E93k5#
z_?0;6Mrwnr&alP{H<#=TBP9zh%~sdlO2@?e`{)3<1Nz)+zoyVD6?!b8?d2P2h1XuA
z(2<0;#+M2@booxFLyi8R+wG~M<P=XpU+fZ4@LZETjX&nF$QX-oHAu~ZH$qYvn%Ldg
zb~+vSi;XdMcFqI^%C*%!`fwKkQ;v{Wj1$X!bC@Q@qe%;K4UsyG(&=fD6i)k_Wv!u<
zWK##<aN`YE)%MV0)h_OT?uu~}Ze%T+cVYI_?KcKFBwrEi4V!oT8M&N!b@4Z!liOY6
z!^ssUw0rYq6|)Tz!IvTQQC1#*vv>so*1i*8+jlD`MXEhq>?Z+xy^%9T|NAqYUpaa{
z(FZr^LsiUWd3?67yFA91MT<_?`BpqT-p&}&yY1n~D%#;{$F8Q!U9C@JYG$HvwFUjF
zL~REumw(Y>t?}eLND^(D^Ta<S^v>D)p-4WMK*w6>>a9+Fj2TdFH21+h97(T>&S_BY
z(cgZmSXVyZN}d%3m*r%5R&fhW_S;{|9pg&1K61uM{Z!x!#f88`JFH@yINE=JIA&dz
zD;b?FP=bAg74eR@B`sj>6($*o{`6jwe2+L;`0V=P{)FK({_YRdUk??R^Xaue@m;~S
z4^3Q6)6nSUz|ZpSnt!4)iJY>%E0Qhy8~@ZqJ|PosFei(?g(H4)SO2${Uf(Yum6!@3
zSvGfU_BDNS@HLAB=(U%7OB*Y%S$-SC?`?`5;=Q)%N`+YS8hw#r-=2dic@@-?9T?by
z_liorR}4H_Bpc_1Enjij=Bk_j;tPFq#iSBz-ioGJyK7!nUQMyC*M5E_s!a1%Tl2<T
zz<rHlvX6!c=3HO}&<9QIRJW+lj4|0g(OyAgbY4Ip0S5$KWn^}ZMUK{uzZ89rw|BhV
z^eM*W1;>qa`<)KK8PXP7-}mL{@wH}(Hk<=xt6MfS5c2dgTb&c0Rs5Kq?r6z<#F{Ji
z$YM}OyI2FtZpqvi(@UNHZy3kq0ERmiJL5HVmpb2?7N@{{MymDt^B*%_R_I*nnjW*5
zFga21ct=j!IjH~lby}sp#q=2pd@Q;Kxo_I1%UF0)@~r<9{I)_Lu_<Qs7e+G7KH>fq
z)^uH95c@Mf--Gxd{AnZ72yb*rK=(5zIOtvn`}af8eRFjtx);gP>fbkDUd|M<Tci0C
zOuv1`EO{RKpE6z(4@-|#9D95-P&dCA-}wC_G}G)oYz54S<Ot0g?~G7Kmck!0LKT-~
zj?f)>|Mn5eZ9PJNYior5qxOq`eSEf=Q^nTf^W_cB_{>DADtDCMy<u#QK6;56AFIAx
z^sRJ^-e={DoyOPqBgl<yRA8c8f&QifTm@rxs)veao9Dhe*4NSFsDM<|*|E^6zJ$X6
z9aA`xbL3khIO+|-VNk?fbggNRP&1>d<a;hjRn*KBo4sRwnx3ezKQ3*qxTe`5C!&xO
zjaQa7Tl3%+&Ji);5)l1*So5ab&W=B&AEd-G|I}|qN+52!`N@BQlxT$->=Vl3hfUoz
zmHRKQ?_KAhMl&)k(GcG^GWJE8BeU4phn>;=q%?VGq=M0(2`qBdg4H5T9c1)Ho^|NQ
zxruM_SMaD=K@1@hrLR@C&NX!WC2CN51ELhAswr~N>guQk=#1UaH;meRrL$dhhCG_h
zH!c~)4{`P_eM2b^%;8H^QKO!2U847#@+ozoLIBB`q>6?_s<OYTvMN4P?Nqp_oz94j
zFz_FEICcyNu4KjXmu;~^j}Rw;U=ewfIdT`*cmRRm&DoAX@HZqAFIp6vDrnRlOgo{H
z-X&3@;P35Qp9i}74N%A1lqv1ZQcEH^Pktjlq26(~8_AiczC}J#qzV|KS}*0K0oYAM
zbRUJPM@{{z9b@t1dgJero>mF+c#H#(b5YX%rrm_o&_fNL5{QhadnWV08n+TS|Lk5Y
zZ&<h-Vn*VC?iK26rsg7E91m!vstHUT=l2w9zsud)*Z`C1u67f8i_<#E@l|mf1z)60
z6Nhj)LMq2wk~xm&Mfvp6v3-#gSY)uNcITV!yW8POY;U2}Rj%_qJ!nI$2Qqi~l)Fz%
zV|et^CE`=Ei`90+qaY4bXN)c)05jdOuqMf&<E0Owl+&X6mrL*1XI2E4$FQayLq7Yg
z2r_GFy&fcf(0XujYCX8rtOp5aJ$UDbt_PR8tc5VQMYV>-utGYmaJKc!U^8OB=F?cK
z$S9X3e8(Q)i({G6PTeI1NXOC5<B9?uRw}RNEcK|*9*a+wY9xx)g+7YWL@{FPIz;$#
zd@3Ynmfgf>qF@0=JFyyGVal`~S<}mq6vQs(C$(XiO1sQXb&A=6=F^FcnLEr!m%|x4
zZaZ3;j^d9*71wbb6A1UiCo}4s()K`&*Qt}tfxh~2=9<)-y5QxF)o0M_ovC4tYW}}L
z18>-BO+G9p$9)JqN1y9|!M|Lb-Yy1$6#oLhnM4W)8TwMk3}ooTCw_BwcXs%f|HY)J
zv_Cbyfk{)6L%DIE&fxNx|G56RKgFMz$?=;^{^VitC$j4Keq6ohY!_FPr0;L9a`w+J
zI8r<?hMqqr6GJ0=nQs3oMn-aKUU3$FpEo>eAJ*e(=Hxzu0f(I-kN%hCA^&&rGs%Bw
zEZXKj4!Bz6587u04!hDBfd_NHYXnxEmpK9lYr*^1N8qEE(<87CYcZ#d5%~XA|IZw-
zPygTlGpGNDcKojXKlfbI|5kk-ySO18rn4BucC#*h|E%k=Z<)urWqyTtHW0>dOdI>c
z-snF@r^Xzb<uJ<oUyS*-W_Qe6^9f=l_n`{X^G#Ca*7U)Se~CWW>(B>p|FiUgwu07E
zja6Iwb1Qz~fK%<yW%~^E<JHbkKgyZOffu`)QK@c+d7Hh9ev6#(`BBQt*|QxMVX(kN
zG8@JKJc$0DJK7}JFM<+J-Y0o6SE@k`mW#;jBgc6@tCV}Xg*GA$c^cACPl%EhM#Ipk
z&^sqmaDWmU2~wQ6g{)u~5i^>kiGmISfXFZ`59Ii4LPZ7TlNpvSJFOC@0QrKC>O-aS
z(J{?qe5i8w<1uJcwC^!uFldX6x=J!xiz|!!7{20F(i*<P=G4>SD>|_(8NOnk@`Wa?
zrb>o3s!sD2J$H6CiUyS=6W&+H?lZMePtl4fABlpW?&#b~Pq^N>@dds>OozH`o5?xn
zC!ab@#ZKpQ!ZHWTt5y0qvZ5OG#dSROC%(d@gG3%Lh{*;5OPq)dY+gIo;VM+bzrt12
zQfad^T*phwFTRF9Uqt!%f10T%PG)!{FUn`Un2PHCFb9?Mm1<s^sW^hq*bIfG$>Jh?
zx+ol7FEUsbY&M}(I(|nctsUO3Zggnv-y8NNMQfKUDxIkcYE5fvM&P8li+moI7$2{f
zVA7K+c$^9b180-aMQ0&!qTok@Y75VgP9~=!(NZO!x<rRP8HZh*DGf9{eCM*o=1ghD
zJ1P<j#f3j2^XMUO#uBm33^ss=IDq*M;GbFpezF=so#O)dNvWoM=Z_be94EI1Y!cus
z2e8QjT<8FfY7O{+0IzibA8-Kga{y0h4S1sfjRtLG(2Wk@bq?U3w_7#l903~rIJqU-
z9NoN(Z`m3~ryTZaBBrx<YTwJrqSVRa`PNyqR~F`oH!`Tb1DNFi{<<~b`>OzyK$slg
zFERb`PLt`6ajgNL5@5Xp_>=?qqysp(HQ)>Y@$wfL6n3CyI8cYThWeSHP+J{zl>_xN
z2kMJ8t$Jdhpm1Mpx?$Z?K60Xy4|RMHaTm-)SgrHn029$??sHrWF5u~C4`T4BgHZW;
zH4wjcA%4qKKFQZ#ilr;l7MBDsm^CMQ=j~eWvEooqPv9fAMyQobS8^_TEufSnx8<!$
zE_3tss${Lq#J4W_Fc+eyN@hQ)j$Wm*%T0z@-t3L$6t~ZcUmMSjci{N-{P?*}3~myl
zVgIf~{M`89_@MXz6-@QCzD3`h;?z|uS#%j6vHSFPG5tkdRR^ZLG8nE5rYI?G-g*h;
zqMBjy5yKo^08NBDBLl9Q+;$u_!L1X?KaLm03*(2zd&f_4Q)n7TuYuFWi<}@Bm9L{Q
z9|as4&x?2D5?p&}s!I*<6bdv8gJ$+9%90P$=Bv#?@0^vYYnm2mWzQt_=bb&Q>2I@<
zGezh8QA)c>zm1_g^I@AEZ^d`!#x@BiJS?}>if&E&oq}~6@jWJwvFvt|8A)D*AL8!C
zvER0x?uul(pB^CH<!z@sIhpR*1Eec$JDoI_Og%r*OJx6ges1>B{o1!6neOQWq?5&b
z8~qYWrn~h3>87@wZbUNOkOQRix1H{gWV(Y6kgjXn>DGz^*7&W~OB?<2p2GJZcPT`f
zbPpaN-JjY{cWpA=&km68nzqxOo=kVr0n$m8sf~K>*0!tmZP!a1?c1gB{oA)VnNC_O
zZKZ2!J6$-LZrTCT*=?sgKbda$0n(k@cDf^z>AD>t-QjJg+o&~E{qnwE+US?{3g5q9
z{+3Ml@Bz~OrR{VRlj(kbfOI#too+xf-Dw9%SJrkq*>IWmeZz9vR{K0{r+Y=<>X$_a
zNcXbB_wSc`lj(kOfOL|>?w4-DWt0{CX&d#6U%5Z9Bb09o_(%H#=a6%4ClrQK2B>W$
zOiS}&(e@ZCkaZbJ63546Dso!9PyEz)ulPyvlK2Vn;`p)bSx3iv#E&pLS9k6M$&Yu5
zcZwh6?yaacVOgKKJ@1H4j))*w7p>zdQljK?qvd4ua~%C9DK!~Y>1d$a9`-B|&g|p4
z(W+W@VUm7TZFaN|Uv9mlIr>pWK76Ou!qyFgTDee$w?!8%_S@U6{Ek-sD6XBsu+qJI
z26_dI==_`c5JAaHXUdjC^{^wOTlH~t%hOI>>rH{J?h6iW!G+cyU--_^{?P4X%^e`9
zjxGMAGwv&DtNr0i#_PPYv?_837Rtw$pU%x92hBuNS2~lyZkbmded0~L72iZI;|!-t
z|KCn7{?LncAPTpf`NOwQP83|Du<-SLd<`g_^(qc_r-=Uka3y37?9hC0I4hnfGf2Li
zN3OYk_>`rm<)Ersue@LfP`70-|E*BoIlmbQD_Z*_Kld+&;+_ddw${I?3ePRlszKDm
zFH9NAKesQMZ*dEKOD7L}(*xwS=G}D!Prtpc3SF_X#S?nXtO}oCSlc?n(WzP}buly^
z4Mnh~%HCX4IpBq2C7Q^sgLvALw0~6i*>6h(XGakR25&`65v{2vAAS;p$MjvT3Z~>|
z$@<}gy=+zO=cvT`xJY-xIm!0=!@o5358FTR5ePr!G`MkR?V`SGM@0tSIU+RWTkZtu
zG9r?VCM#ZX!~MCN%9j9*MucDZRwO7|k<?c@{J%qJYyfi%X&RcG>qJ`hctX;hd0aJi
zvjodM>y*YHxy(a1q>HKjZT!#fz+9k#IWjpg-OT(*w%3dY_mb!s?U;=IFupFJwzx{G
zBkI>uQ`{17UnP5U1YRdZ!E^a~3okGyrZANpxh<HZn&7les*mjf34|BSB*Yi~-E2L;
z;#2*R8w=wH*UV%r4E}Os<yBFxJlF==>P;N#Tzj*@e5{GTZ^{TQ5Jj3iAN<?LDtf_u
zlVKvrtX$A&qABxN#D#|zhIVG(d}?TC`(SB!Xpug8>ElH1wATlo6xs)mXEJ9xR1M#T
ztHAywkG~qe?f)?MCh$>KSKNQX8U>tS8IAj>p@vE|u~3OZ&1j;}K%!AmvBjFU6lv>%
zFi~nzgGrR>I94sKcE_z!Ybz>Mw2DC>;Eq_8YOT2Pj3bL1iwg7q{?2`7GC@%LzJK43
z_%ZX`{oZrWJ@=e*&pnry0Kcx!CzC%L+C5)(@E{UEI{f4Efe>`qep>k96he@*k$i0-
ztG<ksGMAFfr#wQ6JZ3C07cTm}j*iPUQ2`{AcMFJq!++47qzrogD@0@($QR=hZY+5!
zLeXk}`poxaVVlQa(SqITQ@kROyciD%%|-tGN24Z6e2~F#xfc^PS3ne%e0L;OyA}<I
z$-6t$;*q=eEW+Voa_ZiGqt-Nqc>O#%x!jNDgB8iiLw#+U@(q9gcZ_u2v{<9^fA4<Y
zxc4JMtY`D5sP_W!f|fio8-D){z}5P*h<mZV3=fR267wB=Avk){WiQ%j&Jg-~iC(;K
zeIBnWt%<W0F@)44J-JeIh|xdcPb~XHd~e~8mpnuGlRNf(&Cmy{T8B*>GNQ%}Hmx(v
zK_>nmtv_xfb8%31T)N~0)7Ac-R{-HWeAU)&Uh0f4_<lQzN-FUZ^p<H+6aMu_I^QR=
zzip67ED~gb^@%s83;XaAbG&#F*faQv*9R1JRSvwmjo;pGN*-IIMcEALiY1P%VU6O}
z7GF*sp|;nUFcFFN7x>_ML1`>`e3?%6lDIoh7f;!h^)+MZ^=Pnzn5pYAH)h_zwo6Lv
zz?%C(uX9Bxbng|{k}X!f*m(kEBTB!hd^8nHx{71m01vE{<4w{Z9pNRfs8r>2k2jx2
z{cWfor|9I3ky!F_B}jsWU}Q2C`TG=Jvc>vC_olvQUCmX|{2&u<OKSOR;D~e8oVKG?
zjrCx<-H^Pb6z3LY1--pYZ$e<MTSeQFKkJissAYR>aU}!b$;Ml+*2uC;d0sTZwVfkx
z(MYF0r)RoGjY+n>G242&85dUZA+gkHYz<F(TrP<3R+R;QL4R?<#mg-02b)oD_no>6
zFXixJ&De7MPWl<IYDErzbNPc}pZ}+IA^QUpjE|*bOX)a}Je7Mk2jg*?Q}Q2(>o9IB
zK+<gZwpWet+_$F@o<R@h2+xln6uLop{^U}2&8IY4iXWTj)@F-ZarbLMnvY_MH^Dzm
z8A^v+v|VbkF|~W^{x<kNc3IPUFS~Oy&+JTJ*5u!K8y5fUj-sF6-TwOhEc~^5pu%72
zxps)Zla1~eMt>UqiupJEy-k&Yzt8J;2lzWaz~8<(+<gbxUig#4Umm12++7FmcB8M!
z7VA$J{;G;D+#U2v7w$^oN22rpT!6c|o?dpU!`)_U+tI)J<e`SU|Dp53T`9;5aaU!h
zz98I<3U{R)#}r+-`}IQH-4on(_US=?{|Eea@OHxtN`H=@{~3SZdfD)I^X`VfW4Y4m
zHqP7b5AgS8mvT}*<!Vdu6L%Ki@Bc(EKOeqz0Q%2CFYgz6iC+F6;oFRZJ~zHue|Cg#
zH|u6bKr45IZ@Hf4@U6GCy?uNWD^Q4UDqDbWGJN|ie6#-k5BO&JlP&+_&;N{X7rkWo
zmIxcZy?$>F-;S6c;M;jF<<)#j#8Uh{?kK>w9ned}NSLWlr<b>UI=%E}ye-zu9&N;*
zFt15s)3zplG23s+eRf;#-d|}pywoshwVCxrkPmmgs*8odAAS5_t^ig~c&SvE|3b$>
z9C(bR(_Q{srOSWqE1LUd_6X<$Z^yR!#Z#KS<n1qYP;KUVPO)BU;)dr-O_>H=^lZdG
z<Fl)9`KIJ-c-NJ{QB>`6tRVsqkrS7;sB6XG22Y$NrZvS9IKb7_W(LH529=Tzof(TY
z!h%B~t6ro0y}l|Tcz-iwZQasuN(6V?y>%fp5^9}EvAH~o*sDDHU@yMYT611%OmTg6
z`ocypRmYX3VJms~Ync^jNUV(w`LEt((_wU?KaBhYJG>b7Qj-c6uXT*%$R#d_8vI>5
zNzH~wl8>vWFO@_kR00F8=eRy)k1b7)0N}8HtsnJi-Yfbb+F*@}URAxA*~|4W1}Df~
zy=ZgvLD-5Q834|L+64f7T3rzUpF^F_e$yR>GFE685b6_e#Wp@0D_%0OF7bDp_+<UF
zTnppsC>!##P5NTr#;p;~FZ+eA_`Q_#snNyWkY)ANzCCgmYX5^p3OuJ!fP<76+5=#<
z40kR7=Pi}5$%c1PmpHs+mnUrLsY}3tx3XcK=d_G0$DjTO^`W{o%2hHkVLe1XPgze>
z#}vn^mt8nE7EHwG)JVYcs5j&VZ{e$)R&a4ley=#I(Nz3f7SSm;74@15rKH?k)EBRl
z?Hv!W-K|{7{^bpt415dQTtpMrAP>Vi2wsC?R?jVPW}g|5kG+goP^n$COa~uSD3Cd5
z3CXT@NcLerVGCju4XTqhq04H(E~({<CPs1G;w79D*Qo<Ex!AbYGuN3qON;MGjy}!h
zI>fMPCfOlFro13`J+2D|arbJoivBZ)666IZTA)Y|$;dGqeo&(oPFzoQQgC6z?R;%c
zj4r)G-Ob|#7?#J2I|96TDUTN~eF87^o;<J77UNJ3ya=_w#_-&VX&~>F<yu>@)TJe(
zQ^QsTSb@Io89~3z5-lNhsY8d?Ntl@UgKHO~V1Z?vrVv!*+#8jQ;c6^(aWQDwKh*l7
zn$wgD8>&AHwf{yD+1he1ma+vw^>1|02dzr5B^#bW6IG9N-DhEqd#z8y%FXIjzWT&r
z6BCzdZW+$h-lSge0<VFNC;~mVfRcYw-|CaS${SLXK+Bgdtcj(L)95-tOP^OF8-^^#
zKM~lE1$BcgoXHzY4a3K7XVaL}$aQ$pVXP!plBkNHGa6ydm_#l9b%2VL845H3*B-G{
zO^^EORZ|ZJ3rk|DUv!X2YiUq=As+eahdk_t_3G0oCCH*04d=%s+LkUO^TcT47wU6E
z^&6qq!`Vm@D{F^zWIO7IK(|-*j8~6I4Z>LSVdbrQMBHehyq_HQXno>aN2f*(nV48$
z7@u9};fVXqSn(4Os-B_CUdP#SUjBk<T-QNGJmUjpo1+4XQr$#FQw_xv6EkzM%k!~4
z3Sw90V|xa%vDPKM=za5z>1nj3RlxM>>2fgRZ1)93dEs7hlQnq5n`r^ww3W9|r2-Kz
z$;%5bdZD_Np*9__pzWwn9>~*!ydluL@rC?)NdZh-FPkK&ETuSbbeoU{GP{E?jtq)p
ziC*QbAZN%=&IHtG40D(x2C?dOq4p)z5xRG#;dJZfexcS!h~N?4i3uYVx{gbK<I5<=
zWm<hPnt96vGxj;A@7DrYEL&Ha-W{K~(bSaUhSap;iFMTvhc1`#hL&4mSUFg+q(s5u
zwV)#You6wM(wW<(Qu|zXTW_fB65cD#K10?uP5G=_+^4pw>@$K>&FDn!nv&xa6V^15
zb4y1)=Ne6!SL||P%`ES9VB7?rIYmw#fEsmlV(gNV(TVycO>$osiSelM@rj$4XfP8K
z{}2pf)k{OIv-zk^JY73vA+#41#(+P5um+%v3;-YM$&t@_i9_pBy><tat`G?HawS^R
zH)6%l$67z^Ipw>flUKUVC5DjaKIKuA)sYwy<w5C*iEDDP)^&>o+w!q1Rj<YN3}R7v
z_o9!@H^#Ej()2AG@h~r_F6iKoKm8Vr9Arn20DRk<_-{{zPfx<?RVeX<zmq7>jl_OO
zu~@2rE$jSy{zgKE0Hxxt)Pea@d#KctB)Voqu>G)_F@#BlhbSj!>P7x}s^;c=&JM+8
zZYE9ygEm+Hyr9ja$;_+gSa-Mv?^2?5bB<D=E%VA-tlX$)cQ&52L^%#7%D-GWzE#kl
zc3R<-KNTLNJe984-f#4kDFE#zh>W<%?;PHz$Um0yDC>^8S)45=69~J0kJoz?rT?nh
zSI#w#n4Rm8;Gm?^fBiL5Q%b!*m#Pz#asFc@sQ7FBH<@ijrGFnWnIHPsT0TFS%Px}x
zJ9Qc7-`i&^PgD7mb4jkI89`0I$=7tAYTC>9Tusr!?2Z0OB<kqqh~rGlcA%x^-e=;~
z6<BEYvBx19cQIp$&Z-siDS9>$^g|E9d<FgWQv>j;jgF(dbxSrrA#-Uq+`7EbtW64;
zs8g9`n(YK>0e5ZK@3Y}YsR=sQpIy6sXSFcCycByixx;3zITdmC+bgo+8d{-^1Mt<?
zj0$xB9k$RfnmD%?%~3;<o;kULoG4iE8DOvZKmr@!#vY20oDKh6BN5ARFTqf0?-j%Q
zaD}O+l+SzZlW}TWrcV)-&_{(nsHTsqDdRgEJ|<Vq41%WmBpbGg)I(|6B9i|(*pndt
zS6u%1L_GwT8ZdIU;OUig)|4KEBayToEK*CVTqr-Q+8*&fN7=C8<M|axZ&lX6c_4-?
zRSu#Nvigf|0D~hArB&F!OA(=hh#QEI-n<iA&n15no1XRe8P7ALd-z{vi3Um2ad)uv
z2wBOH6ZGge%Hii%FlGehKQ_$ol9wdU&3Jny4JJN%Nb4pWKA$@s!RM)bGIM*efy^dN
z|GZ@H4lzfXc6mK#tXli9Sd7jbepfN&?U-*@uWa56THPOPd+pLt`^RJs-SZ#1wCsbA
zwd|6;FAOSbTi_}_NZbhiEVzl)YcQXo+TQ=62Y~rvJV|@WQJo5f>NX3)jnpRy&-nl<
z2lwh;CJ=T4pE}?pmluU5lvkFwkQlg9n5lf!65-d1S143z#rYUv(WwEuTIG@ni1b7*
zz5CSeMOI4gSQ&OC+gRaFSJ%F8BTG4O3IE{idrt~WLoQrQ_O8{&?S{C2xdv0)d-D_g
zrbhi1N6`dFy{aIs1>+mA?0t<--dl-ma^njR|09_gbiw#g#v)+MDsNHOm@tjdK*YD`
zul}iuh<#Au_D38En%j27aTTXje#G#Bvx!4Yi0{gI67n!yL#w=Vr{Up}50q;o$c8hl
zm-O?*AS8_}zGOd<3E(h2U|`x$p^qD11S{^sG}*A?dnB2qr>*YCDQaR0fIL*L*4(0Y
zjnkrybuPcT?+(88&zm3NFU&UGZnGPUxXV~huqVww2uTX2;kO6y$uvyS!p8Qpzng~d
zC|EEJQM`_QVj33wo=l%}8d9?iUYa6JN8xST&oM2DcU|+_PD{IuuV7k$<fL~U7MjEv
zpkk``0S3I_YG<<dKedz`B3{2gpFm*pWBjH@4eaM2aJqs85I8F6LN`Qw{C8y91_E6J
zZ3zbYe~62--r4@3FWYv|*l3p;5}oso4ILX@p+r%r?F{pH^MGAw&4w>{6l5H&C~d{g
z!q<Of)mFkU`|liO6!L{RqNTa>4AZa5hyo7yBWE*Fz4zKIbgiUyQ@`fjl4qCq&xZG1
zIzV*tkflAfcV+g1v+OUSFM>bjGHoQhLw`(3qGw`EFZQ#FuKny{X5k^x&usYqB|wr&
z#zVK4+R9B#>V-$bVz)_XDN7&GN>g&xqO;dqp|W-D*=ga2O09}pmq~J@j?zTG%&!wa
z>2=@ED%CIZ^QApSyE2!#XC91MJLz`;mt*_1SeRA&$x!`e-~W~X;q+tO^~;GZSYBj!
zErY9nAKt_kl=}LfJN3o~UjBU0E*_X&B{mq~SGIXS4$o_oBWl^LPPlJ#cI1Ka7tJ|#
z>r*}I6Ca_rpuhM-<0ZI3RWEw>3P9mOk0?AXStmI!^OHBK+j)5o2lMP;iI3`ety{*N
zSFU&)MdTPr%rTrEz3aicS3iBh4<tcZ5T(p=ulnH&hUm4_Asf8v&MEtP$#0BF^}hgt
z^+|7`?$i#du^Gw^-hc&mY{>IolF0rs>4nI6sq}27*hvjKDI4CIJRDM$T9HNSkMpiS
zO$fslB+-d0!t4_j521}>rl&0ywoL1v(_24mu{$%dg?`7uFfXM)5Ii`I-bX*B+0n(>
zRPQ&h*Q%3{nO~oLOrjoUM%hVo%T#D%+?YDx`Kfo;03K@XW@`F5uOyG4hlY2D^5MkQ
z#4*Mvf!;kq>}gVM+Us+AK0RJwyZr1VXWje~zZ{=w3y@!?bN9jYc7PTmaV7qFKh=}P
zFZ*YWw3XP1kg=_OZKE%g?pmL$Ocq$*&_F>dc>>$*@Sh4evTouLEwixkm+m5?Cp!<y
z>#yIdPaYoQ$XKAFH*z?9Yz3tc)9Z@)7b5m9pGn2sWZsD?hYukQZ&04!pKiWpUTWzs
zcQO6uQ`wnP!*_KVR<9-lj9#f8m$4C@LOM#Co#23|FW#rEV{Wmq-W?u#$zJ6fYKHY{
z-p#|-fQO~kktyqN4XRB|kJ#p8PyB0_!_ZvuuGJ@dlD9qcVHGOv6DmEP**TRP-rb&C
zqV7ws3qYg`2&MkvN0{GXkM}aId=k5^9hL@OAm;ERyI1jkb*_p$DRAd+^H2Hc-wS^`
z{zun)_uq4Bzn6!t2whk3qWRU{`~|nqEBe9D=6T-zSH67RRfEr4@%6&=?a-e??=|{!
z*NsMhe%tHw)1Rm2eUknhDAE((OH>GJm2jL|^R#BaKMDc2N0svQr_sNE&n?*r+<F_l
z3f5oCZGxBRHP|P>$DqOZ2G5S`@^7#At;bF2Sztf*_N2UL=j{1165qzNa~Bn$f4$Fc
zcCUJaC3zp&bLTl~FhbOzMkteZ7M&i%Lr2%G?vZe-$q-&O9gwdHOtp*^S__p06<<ij
z!F`WUt?Hn@j=_!OpBn!}RpV9FMy-a_r&e`kJU6}^?PD$U?(E|lDD2!3pB(iqsz307
z+#PIh?5jQB6l{60J#tqe*c_o0lTNlSy4wAjb$};W(X~7nU&N@|)x1M6&b_;^A(Zm~
zp<6?mGR@sMen}f!KEl8Go3@@N6|4nYPhIOF$CJ#*_)Y)zt4|GUjP2iv(-V(J9~Z9T
z@f%auz0*x!3Z5T~D+(dS`ud*dGx1MPeG9H{bsAnP6`uD?@P9bn@OS-_kROw|c#Ykm
zI~54wC{eF^E`?QTs9rnu5MB1PJ||WOx950-^OX*5Z=v=w3dkNP^A+P@f``kWc|gE$
z{&_cOxCjIhFEO%QOn!-=AYO)oCNCi}O)81e6w|VrHxv_Z`8&TP|Ayp;^(xKu<Rvs6
znk4>9S~grq?XhC)Ip3=vlBw@Gv>Z)0uHP1~uUf;czxZ*`w~u;EIV-3=UIFDFTY;PD
zMO)F5))ftnctf6<;vJtF`8Bj`J<#jIqu|hO?LX->mR1dkEmYHdKc{O>CZU&+`ov_&
zY_IarK=O#W8y^jfQ~+zuW&>;UwSe_N#^pcuTY;5Y#jQMfjRO8zudd<8wn1IA1rGk$
z-5f7Aez@^sd7|2F{>L>Wo@n5tgm)mh1}p2tEPOnNC;!4CXmpmAL$x2+R)~XB|AyDt
z`^`i()IQMW#ze6I6Io_#nf8$ChyDcxS*7pO4a-ugQOl}UfDyb)84K0vxB^j~QXU@g
zjwvW|kk!ug=unZFV~fP92!D=gUVTF!ghdXVVZ5QUPL@jcKqx@|_X0RutR}H<4Sb+1
zC8o0{CR%IMZ*J=CL|xhNT%z^NUF+g;1;EaRmr-wRvZ8yftz_m{C(^y<a}?Y9L=S3r
zRX5*~xm}EUi7vqMXbmF2Uao;}8#Q~Qrf|STS8KoNy@($z(MqR@91j<rnX-eD6J5y~
zSMrALB@a-^5j!Y3)RpYxN?zK%q;DuBgGq-)B?H%T$4p@+qtZ{bzh~MX&To;N-}KX^
z-I9NtO9qz0wF-Y38KebXf0%GBUr&^bivG7n2j@|a-)?<70vYJQq|@F(L(eFKZ%E5e
zJB!enibK#s&e1hd0)QqKufNa)?vRID6H6B;1M_*G!-xHCuALu6o9LyiX7{df#BtZz
z@awEZq=}paK?xc4KAl<Vq$E}7PrFL1O1eDLNBMq8<IDP`HjplEN%l^S+3-&EUFg`W
zs^j!Uy#GTBU3~cI-3V}v*^AA1dydAFcnlS5YiFtG7Na#Sm_%V{O7A~F17R$BhAw~8
zhAxNz7VWzi&B|{@y}$X8Ws}0|E4%WE5S|gKNsYSlBU`<r{-vO{22*6D27G`{Tbodm
zA}0;B%ES9zLnd0Dmb*#p;5}ArZ<Z;7lpw8xCGdSc-}<LoD(r(gogX8sljs_YP7Rn9
zwCMIkyxIgRFg-P^o=i5;1{IioOYRr-2JZf%^B5)=agbEV_9_@>MS(javxI#MyCy6m
z1WG1%k%SV<DnT`uwfWi1f28oFzPsPjQN>1oOl2UPwvn%>z+MzJ<|Zrpq$d~i*+i!G
zwVuvM!H9l;D1UR`SYl0V;hG2!x^7&_AWPL<CT5VpC;i;(5C%7KQ^BQ&1TbR<k<afT
zMf&D4c5og=y<cf~>czc~j`cXQp93OAAJqQdg=5FGOdq<XC_YrbTZ`hu^qVb;ABL~!
zp+%U1w=U@wo3TYVYMTEQeNa{MzGCZ=EzMui6<?9Q%wWP>QRil#V9nJV?Son-{}FWO
zxAaq|{GtVKn#n?ql2~mcpvy$~lfEHdLPx~$z6c>+kLH2uF&o#}dXVev^2*G9LWGD~
z4BR+zpMH(VEiFY^p0X+qkKjX`3&3&*ilFV|zoTw~9TZhsB&Td6ZT)fFog{5}kOns9
zF3I<vx34R=DoBH$;>9lu^d51HOIxpCviCr73{F$Eb{9TbB%LBRsZnQba*N~+1sTAk
zV390;)h!aI9Ss)A3XZ9^T@EImp_rSmmRKrU7FsH^`L(+E7J}-Z8W>?8AbpKOUT&#0
zT6Ai_kAilc=-stcjzTLWQ-c=rX_bu7YOx(n=ffp&bm3e{&xW7J^h)Wawu*%97oY7`
z(I~7TgjjkW)LC=y#KU;m@GVy2n5}}(6uTeu6O7-vB>F>mq%*iEiZM73n<kHqSjnY*
zZFRL?B71bJU_xO97+k$5Ct}-Fkar>m4h$o|=>QH^!5NFS<O()nM}>vP{<|~T-v(HO
zJmkJcP#1gch^5QA{DE;!F|e55%#oI;+xgm;G9uv%R2ReWj~Rff03r&!h!$*afV4Wj
zLErbb8i7A_sOb&Lex;_I{t9d5(y3KW55S`np|(fpFjfRP{a(vRysNd{r-_l>z@yD;
z)3+*+I+pvpt2W_eJ3b_Skjyb0y>a>NP}|uVti|SNJq8E73wD}5t2$!yvs>N2*nPR@
zCi3moCkORu;H|@r&omT2+_3*+4eie~@5d>1A6|X!9=nr?ZB+bt(EIA;@zB*RBl~cH
z$zBhBxcOb49^xKPDq74_iCWYb0-)1M=i50&qVFQOt$Gl~OPo+T9~1-!`*z#TYPX@E
zhW^r}onO+Bng~c&@mzQ$zPo$GZH(2Bf5a_w5I3>*jkT`c6iwD(_;E)I>7$As{q2!4
z{QG&;&tBkOH|qIGv$t5{iCE$tFA04?oU$^!m_YGZ(kta1i5gTECSvJ;K1u&MtcWJP
zGJY!|*27}S8fY8Kk&h;Q)Wni4GbyjKlcfvt6g!SsHzW>DqRAF@kmyN#UhO{5=5x0D
zoXjXxD9&#UztgC@UJ=uY7zc6E{PQ`9Pix9qY!bSX1h;Bi_~KFa`b7V7f6*jcxxDaz
zd{&?AUmi`?Md)80SLGO6EzdhdsGaK^TJL49B>cSp^IXBJRgnEf@&NWY{`t8CU3cOM
zy4@RwY>e;E`_?;6MWP%2=zb`tv<ZCZAD7G7Ku#~glVE{`?D-0(!n<FAG*V(sX8rq9
zS}i&JE|4!~yj{WCvyFkQI_Og`IakqNqnz!XT*t#$t9tp=<GrQF=}kY9^>;UYafrIK
zuR>|)v>qte>ws9(qZb$3TOn3^L}=g%5xl>YCi*5$Kw>?uB#p#GS)JWs6Ip`#HPm*e
z2x#%s5(EHv3sq+Ji2ehsB;&T`1->P@EtVuB5Ge^=7PVTQNEX*7&*ynlZ&U8TMdOBC
zmUy9Ko;G$ZblDNgn|i>=zt61!;P??T;U+HLNm4A0;c@h`t1MG9(tm%R2-q44UGXCt
z3$_1NKnmSIp?vZIq1IE0g0PnnKSq7F4z_;SD|8v_wy5=6oQ{1%@d)UxtGN88bF%}8
zNY?cie5pzp3XFPxN9=~uFFO$7-dLI^1GRxeKsMO@eySA5*-^xoMnoHBviB`_Y9|@6
zpf5k6x`iB_CSA-h9jVv}YMY&j^%68v1OE7;cFe#>3!C0bqJw?&h<55=Z}gRuB<;#J
z(d?Tu6-U~pAWg(tV^F>leFWdvyH9Ikb`Up*U$=p}S4owHo(v9pA}mui9sG9fq(wHX
zSC+3*YRWklVlzbr>p-1Yn|_}I!!G{I%?$irynMQsbhs00y@O##Ti#$cZqb*aZ1h1P
zt;sV?Z*k~~$4IJcN9W-1D?UZiEKkF11-n#1@)Ri3SPn$Bt^AP)*5sy8TRlrdx&kg1
z38I?Qg7cB1Tc!`@4&NcM?Ba&%H=Ebzu#!RyC_usM2w|#}Dd)avx<A0)Zm#pmMK!L+
zHiU*DZ`SiD`=roiA@!a2)!Sb;-OXl#(V0u&ANzwN4b^W?9hR$-b{#FqwQi<=``qDl
zICoPp=d(7$gRXD@yZ#l?IngOKK-(-O>&A?8a=G+2N!1^RF08^Rm4)L;M>DCLy&eyR
zXu}n;XTyzEKi<41JxUC9u;JDZS?@iR-#_!uHCaXRq1YM5LdPtYToKWpT*E9{eMW=b
zhP)<*B5r-A&VH&o)OrE@W9+{k!so{4yy6e*_wV%DpKIO^7b|_3%kHsV`>*jZy6Vs-
zUb}mJw9ke-fDM@p&F`eAX|~*+OlNrkgs}nkU!iM+IA_EE`U|T`Qp7nV)EB>@9i~b8
zFk{uT;WpBPeODSLPwe?P{b}@)4w-Tk5Dj0XF7ZZeCk%YWGI1rQ(lM3jP~!c)#1q-@
z<$u%K#eCG5|AER_X$j}J1T_&cF+kHrKTQ9N?SZ~VC~lm-YM>~OiGG+w+xnp%L^5K8
zTb4XAy6kYrwQFk?{hDj}MU2YSSZY93PktOR+IqXi-1_!*iP6C4cSwv<EfoBJM~tq=
zL|uz``^0FIQS$8(qx6~BL29?MeIYV+UlE&T<V(|x)RgE9YpGGu^h<ndH{=uxE+<rq
z^4GG31~#%UdYr5krB@qBVU@h4(QP)_w45Utf@XTF9A;ljB;ZC99eP0u)R|D;sA+DJ
z60DZkoqU;pg6==%|0v1|oA{`8j(Lwp6vMPfD>C15IX}^;l}ntDJa>8o-;$8k*@Zo1
z0|jc)(xt^L25=$3PVSyci6`vjj&cTC5#XhXKb6_=N=40BEUu$aq!4N3Nr<|{D!YGx
z2Uy;F3u{wMje6xZCMXsD?j<?(>e=l`9s3&}^rnB_bOM9?k|)*_N+PEdo3r|pe(aGg
zB=^ld8iU+i=AZhCM)0!#-~GC4UwMz-o$s<5d1`4Pa@Xda<{Rw}9nFRMO}#@`Jf$(G
z28<b}vz(m6pHDiq(DrA}F#cruKjAbdGwzdqCoYsniz(ajHGys6wk=E<t;}`X$=uB`
z#RSo##LJm}UhAc0Me#817fMmA+6g=-x!J+TC_`7oBEbm(tnheuqrYLa^XjmbUuoL@
zyszLU`rM759Kp;w3*Y>6?=^67?BjC*!u=J31W>Qo8OugU{8zbcD-5z*q2Nvl8;7V%
z4DCPnKj(0wG($xoj4JOXoggp2<{gA32Y}Uq{sA&pVd94Id^0u|q58St$1!j{A|ke&
z0&wSCu+ch%M-P0V4{^+ix@p=<Y5BaAYfwVy^fln2oNR~Mez2$da3mP4adu&Fc5wDq
zV2E<0jHme`V)*;FZvIB-is9NT9=arp1uqYWd!d`23bpP}90X?=HF(MJsiKou5{E9I
zs0cPT4!FlM5I6<P0*5RW^@dBu2%5$x4z*4V|Da05nEgZKyAf8gc7P&mVcUz~h(Q7b
zJa!zlVY2t_wj9m$F0qBvYm_YCvtEztv06mBcGPGEVaQei0k(a5Ghouwjy(Db2CQMg
zHBSE-xgpeI2bCml(AJ4m=St9>C?$wLvIM>(eCwa$HKY2sE&0u{jLTfIy7BIE*A2~~
zimv3hi)H*lP{}6!2B-$h2wn(+*=1C4@7RL1nu<bL2Had2C5j00I5JnLv3J*F<m|9T
zwc}>N;2kRM87duPj#1nx!skUZb_}>`tBbj=tWP;OfM{}UR#S#3_2%wsXuwFDugze_
zUIHYu2p$aBdZ=a@smkrzsoo9!+_Za4@gpo46Ax0o|NN1g;!AEJDm7}qH{2ATr62%Y
z#bAOdZhvZrQ=I<kC#P7;)lNsYonlM)KcC`I(2ea+@$b|st7e-iHj&`-f<C{(ziLD1
zTHzeFWYZTS8%PjmyZrxSj<p5~h{$!fGqD4#i7y4Bt;QZVeQ{Vrw*Eju3b8(SHuk@O
z)|P$OkcG~7GMVW{@laom<#od!>CY9suk*!C^xtoziE=&R!zOvnxUJdP(kmtfM6c_<
zXdmhCz{fPA@E6#b{neT4Fm?Kp!2g{N`qS6?^F=MRL;gY&H}gV{(-y!7!yx?MFX(#q
zc8GPJW(d1aW;v&;t*I}?n(nF1<1g%<U+9{CqMTNyi?8`|tm(g1)1SLbzcl?>Gm`!s
zX#E+h&EyM2z!g!Nn$LZKFUeHgbu|5{=<3fGv#InS=Sb(mT{Q478phu`gE5W$f6~<5
zzo4l!Z0#36sySEF6cY891#>E{r$1|vyuKuuJO|l5{ax#i84YLyaS~*n@$W7@immUq
zIq1PEEYbp*HcVAcrhV==$h3XFJR?2+Kt>ve9r=<#eqU4s>DSSoeM$Or$=B)6*e_3i
z{y2>OEZ*r$1D`_<r$58KJpEaFEd9B;<Vypeec7$jgT6fd`TLplr_H2}F9p+j)nxkf
z{+CBYJa-!XnPC0-qC}MB?`fj=%QNJk{fhqRsPT*EJ1TFcsXo@!mjU}45^4Y9d+5?s
zbYWlo=zFASs>GW5GK}7T_%!-6t>>49R=#^7{n4W;U;I>Dn53zTt*I|+ncpm)R(_hl
zIAv2*P1rL>Uzp<Zzt_>kSSg^LsP%uZO3@j|wt8=0t*n(=_RFDExE}sL^Sv)@;_y`C
z*Fkrx*3`7Ekz;30mjds>_oPs{Z+pJ9NVe{svX<<Wq2$jWL;|K@iH_1PCZJ=ga8Gw2
z*Zn+hCNqcqmRYiIsZAax-9JcE1Ve%y$JUCeJI9vRStt|t63@nPLe9aHa`^ARYBp#q
z;|Juf4`;*IC+Ho{KnDdzpBwzO-_=p;d}%o8jSeN~6}^1duU%VgXMD%21(pGae05yl
z<d9DnLO36O>`K{^T<Q!}kK+AP!iAvttHLuDYY1IOZFZ?!{nO-NH21Fm@w1$aan@sz
zy0JY$$Az;k%PFO~;piCn``*?p8I@!fiOoOplDWs4Pr(WBaY%Wn`8Xf!%m2>pePE}k
zb2*Nj{qvsYsNje6NJo&WNKY%z<rg<14LG;2(?{1ZL+v`nPVc6pY&r#2S;6`GwX;jv
zJu1aIFXKnPRh>?F=*!5$!_686Hj$`aa@^xi)6@|iy{SGk>S$6*B{9l2iEo|1@j02#
z3ilc3Qzw|jPUCZx8pI5e&z1VjoprU9zizEL%Sck!yVNWBA*6#p@?Pyi<6LMKAqPon
zAu10{SsCg?kcn$3(c$Z40y<Y~;@3<hbrz-oaIRY6f3VPQ4jICP+W(8mSNdiCV3u!D
zx?8pDE1R;JeF|fW6oXro#nQh20PjUwA>ZLw%jUf-moocxo$u>*$MaykJW(dzykASg
zOFZRYnQ?eqcsA|OvRY@qT?gga!8`pN3{4K=V%usdgm*nr>i(QhNYn9K!Dbw<<<Hx>
z7-P2`mSB;rb$f>Os>__s`S*#QqATVz-u8e;L*hw%?3qO^_x^P8!Q+s#h3*DM<V*dP
zZ@E4nD#IjBps^*_ii=_z98H|i-|WdlZI@7)nS`InGENKrS{<q=xJGdPMYceMFm8b`
zV%L)F%X5pP4|B@3;~|*tIwM}UI4}!%)j#1$p}T74sD36jgU><`@VO-E2n#V<2gLNR
z2aAO5wZv&n)KX|Uzx7G?u6Ocw!_9hreWJ;=o*(r|n55Hf>;hS_h4uh=FdXlUsv2v_
zFb>12@wC;%+4%&Nu_b&@(u#u#r-u6Svx)4_Z@iX2(?HVcB#^?jHmZ&gQEm}A^mUME
zv-i{iL=G5N+L9AKM+~mwD$oci04@qNi#w^-DE*$!hCp-MMcA@~|9OScyYA7<`_jw+
zGsqCO{Ni5q?PdQ8eud-vZ4pj)VNW;z>fn!TiMT&#^uGXkG{g6gvvEG<|IT;FQyySV
z{suy*?R2CR!<hZ(TUz$6GBg??3Zp875oUj3V<v#U+YuS5%T_7};SrV-i;W;$6NH!Z
zOLAinobQ6hYfyTb3y$Z9ip$A3L7#2q@@__Gk_(maqvz{|5DnNOme!~KA%sh|>+dKC
z?@<@-nOHdE73`vqnz31b<2$Fk;`Pzcox8-@KsNeE-pLkrPwIMsBh@~epSDLr?M<fh
z(GC`BJJPtgl+gBm=cjf)G=;l@y|(bffqEzH<ld)fz^>)sx~fO&tIuAKsr#=M)`pII
z)XR3pT01sHTQ(QR{~Hb6vl&~yeKLJzKcicn_&yF@_AEmHUh6xkGV^=xVy<smAIoy<
z^r~L;MP^==3)Bu>U--@JlZo|%2|P54+%3&EkXIRq9XM=QSQDDn5luW9ZGE#Ox^QjJ
zXrwdLrt3zr*2SgC)Ht<-8PsHU#ru1du-TvWDl4BoLN`FC0q_188Hd_#VBEyUi6}vn
z*}o{>E1K+8&Ls4=8iHTKt1R4m_E|DU;F^yM#+t!s3K#e=g8$IO=${9@w{jF{QJA!u
z{8H8k(|W4}D{=q6JGec|KBpLwoXJ8f@f2#S#j;PAQH=7A`T%UEvo+Z3v?)K9cQvy3
zY1F2p%vJ*yo3G8}a$|&uY&asLL(TLb0R{xRppY}rBl|pMFSG3LTpDC=A$xs7b{SXI
zXsDjNgoSl?gN~KadirS!ID>g~WY%9rGt#;I=qkmIrWEsXatJ^B;rA{5Edn}?$9ZH&
zd`zr$aRnYDG<`)y5eBgOGIQ0YSt`Lu{(0(#V4-F%D%wDyn&yKkTaus0Q2Q`eLi!v0
zp(+tMO{mKnf0jF8#`@}J*)CPM&Jkp07`SKIs0zAoXwkg0*gEco(+hF%m3YxF3AMFQ
zWxAa|sttz47?gRAh6A5Xq)?O3Pp<J|(cRKe+j1e^gF;iJj`FHUvf<rkK!ENfn)ibE
ztW8F^_Z^9~KF;;+o44&$z7Neii&?1jOUB@@%E8=iY-6;EXeNY7q8(ncu|#VJ+7^vy
z_JpOO(&A8Q%uK~v6g1RJaUoKqcfwL2IKqlLI?v`+p&rk(t$^LGhLE;6k6&$ZjrKds
zNSC&_$;y4Zz5gl;>=sMDxqK$S+VbY`E1MUsiTZqx+R6o%&_KuV*7I2H97}f=cD2}D
z%_p3=z5D@wYJp9Mg7eB3>t~kT2+;QDY|E}Je_YWIl>dvLTH0F4FLUxAe)La<!_#QG
zg>RzU_|ZS{a_an!pohI_9(1<wWMHh-=>fbN0q@?2C|tN1YNIOL4F9ebIb(76Xx^8?
zhq0G<9tXCi_d)%Rs_IxDx^r}Cs2y`edeb}GMzMvfiiNW6_?W>m`{=SZzE|^|JbG_d
zK*XCbD$2i0v9fwn1=<&e+DDT?f({ifJbXr{zGiG?h&5As`-$5{STzXBmkK-9lLBT%
z0NvYs258Ket)b%hu3$VCjAhu!(UY087+pY_`-Iy5K(@rP)>S>KR<v#^)^ru^(V?Cx
zvKLW%tYDnw5^(ZVcUU>A(!KfoyTja)Y(Jh_=~bkk+Z0s;!E%Bnbe~|kmSw&Q91o<1
zzkfqtt*Hp8ULKvV>lxYb=!?}$>tASQnxY#PvU;D<U>4Ri?_Sr&J%CqH6V>K>)VwoS
z1yVQL*z1zR$~Qt|ilBw@Z?!zA1z!{&PFvT{!?H}<j9>D%ty%gp*?=%Du}ntdq4uk2
zihjglylUueZKedgs!?&C_2JURhWLTCa)R}!K{37?_y6f>lB?XK;ybl&Iy2P%9yO3f
zi+LrVyo+>^1NaI;G+3jXbo8Ls@4OA5(OB7rg_WVU#cD%HY>n|T4N7>FHlP;8@GrL+
zDPH(;6xV9Yil*%?YFZkHgA4c>`fa<>d>RyXOtZ`e4`Q14Q~pRiqWsG(i)%vRWkFc$
z+Y#wK9nF(@9hE`}Mfv(;gqPVBaw0^tRg?{vPS-G}v8Wz!RLorizVqCzS*t13{&Qu<
zNt%c(;KaEDR@vO1B9slE2pH2X_IUv{b=`%}ZCe0hF1^$KWc67E&HLmlw7QD9C6EpG
zR$Ut~hKJ^dLhWz!<<VI!5dV91kjNJ-hIOM&p&1|ML1Hb5hMT$F<0iV2r`)0Tda8HS
zd$g(<Wvwj*6+X4QHtC_ZW9gck_$TIU&881m5D5VORDUEm_~o~0QOnfU;*z}=iR1*d
zqiwOdkjrOYiYo`pJghi$&*(BSh!P-@qxS}RBW)d4N2vXuluG~JimGC@=wC_EwvJ{V
zheGMwSyRTHHlov4TQ0Ci9Q8CzH23<4R?C1>hI2h6)%%_!=#22dIiYxd9Cq$M#o)T1
za~B#Bc&9WFIibLR==T(XuQck%MK##YP}!|!f|fLJzb(fBgIojWbZ_7SHGuPiQK$V<
z-3U)4dBOf_<>OPN;Xw=$JZt<jQh2OA$)u7XZnD35Jd4Xx|8ym($NJMw&zBh<KV0`+
zHu_`x;>h%1|BS9AQHBLab1OJ(HSwyk+UtKFu5)`51DN`Y;`qP)W)Pz`D*Yqx*pkf*
zRS&B2JvdJ7mia|id8WU=k>SV(3&M)>P}K<k<lD4FU-rlFt3Bwobv>mID6n5|#Z!|m
zu5u$xHyS{bvijsjh!lSpH;}wsf1OCN*ES+Wzd)pDD3VOE&R>nUV%YqvuBSvSb@^<5
zgfso1q8|7whD!96xAwGqe~M5s@#-#lV*01c6MJ-%C#GBgjd8NXExJ>Ur<Um^Q1lI5
zbsrmto}*}5z`8JbqPggk0>wK28r-wRlIOv5u8E%!OI=uzyf_jtoEJ<pmm08|(22w%
zNa#=oQj|G5_5hU^iP_y@<)L<Mv;tEl4W#cR(2%-NT<B0fami5XwqhvNL6RWaI}qvn
zhuU;iz<i>>VTyW>P)2>!=mYIz`<mvS(d4(-dItQiZ_#~<HFpV#3#kPcblQsTrp=6x
zib<Pta((KiBHVWwUM+ChU-gr-(p={~8znW^SA)NNd^mjEW6C~W>X+GdIDg-Oyl?@k
z%i{mWW^^h>S)hoqEP79z&P{-cY+obnm6r1f+D42E$qzuO<42qPX*F4#pzwI(KNznF
z15z|jv$#L3Jp@zSI(W~90`qdSKNK2AxM`2iegDt50yOUawf%(}03{lxNrn8=xipKu
zmVUx2lb#Ka7Z8|8@#;9V98NIDLaTqxMhBa$oBqn9c*%u#0>`=Xh56zuEsOQVHdHTp
z;-~doEMKLxufrYy(A|0oI|ocOVltc!)Ka5%n`=a{vC@cO;+u{L2A+6UoD7ZniV;EK
ziA|V)j^{`Xu$Oxbf6L>j0MC%R9Dg~T>Sm?3(h>gaBoG=(puc|{Jd}tGo|g64xqllZ
zW#1rJ>2JOQY7+AA8mp?UlR;Ib{w{wOxHtNL&WL#UzpyMj*1!0M=*BdnZOm!lBgDcj
zISqU$r-8T2r<qGk4ZqP#Jz&Zs|D4BkN1SU_To;YCE?yZQti?kgxTv|)6y^}}hDJUd
zXyo7Y#~-I&M=cDwLoq4s(>>2QCC`b4+ISGi8V#H=9l>HNbUpDkExv-Yi9Hpbu~=j3
zLbXM5=5$ajb^OYz4)b5eeM#<r9bgU&7B;^Vy@v<nR!MtNmf2s8_onyhQf<i4Ozlr)
z+^T&(R^1s5&Eln)HXF7w<w5Y{N4aX(wjn+sU;G$~^9HD`oER?*r26;eP(hVN;`_N9
zp?QB=EhCGI;vu`f*@-`ee%!dt^ihz>-(G7UKSI~ESM$)_B!=pVj(vp1M3Kj3Qmxfk
ziW{cE{P0v%Lt>SGYljJ#npiX^&Ac1v#6BVSSg9^5NYPn=1jf+7`tn-o>xXe*5Yfp2
zdZK}KMd`D*qD3Ned5~E`TBvlE36i0KW6SHE*Q$YSCe4K^pnMVpCA>*vQLn%%0thG_
z{D_<+8@R*g^rpm$8#H34B>`D@*I%Gj$)LDcx~X5NUFr&<1Y&TVt;~pJ2Z_Y}l=;8t
zp8ZD4j?|pjz%s<;M5@=T^gCp%6fe2^1YSxlC3+!=IP~^XvjUxNT)NzM>gh_vkNwp2
z(1Mv0*WrfU6>U#fvW>AZG2LioAftD+VFYKLzvy0=vFQdv_6n(hylqZt=tKvd^kWcF
zI0F3Nu%Oa$UigrRTxmty0_anP@XJ$*rdfeTzBQqIj$@+7Yu3kE8WOMq66u8klN6Xk
zKybQRzs&w*aoa7luS6$5I0YEN+2kShYElV_7bm2%6+#^@B-VnEP?R*|M&0=dq1mLV
z*0V`eD>u8m(_G%$U1+8Y&2^zwE;P?digPpoJLO0q%xkL^P^j7+;S>>&%6q-ykninS
zR{>}-M>vPU+W^+|U9h^WHa<n5$1jCI?<b9RE@rf1j2I`yF#mP7I{mVL6ThaPeN&`1
z?_Z^WUz_o^PY;}a+sJ0_aAX;M2>et%<^S_(NBZ{K{^3Y^Gns3XKZNvsd{F4}#|Q~@
zszOs&#`kjjc8e;Osx4n8!l4W$K_-rHH?0d@fdQ{kEhYK$mVicxBYHbp5mk>wTR$EV
z`ejGxvJP|&GZ%_eV2yDm!6o@ntL7nBFQ55}0yiGK*7M`@Ot@{INpUavfa{`OP`;3e
zstu5N@vZ3LW}E||W)+uYrfDcXwV~9H2>Dj>%_=yq6lK49Ur6tdp#DO7|22g_LGRu6
zqrPYM?AnSh`3ZTUsN!sWak)ASwiDV{{UesU2^dmvz#y7aYPm1cR=~v5@B7YW`Tba7
zgIk>APq9XLs1Xv+r@L~wKwL?|egC6dMn;O_``{;mC*feR))`zgY^!~3tJ#zKNX&sY
zx3kzBl`bYN*{(Izoy<cSltCbc+VH*%z4afy--x^tMC6YXYz_56lUe~+cp@UdO1}{K
zVOr+p0zDu<K}5c9e%$RP^ecUFK=B_BN=or2+UZ*jW6MX1c2<h6KcKY+#kauY3PABk
zDrF@Bfrp<0iZ3cd?DhOOS`HbZQjznB;fA<^j(Y@qNUo#);zl)8E~&fvG?-=7pf0Hy
zk@FhYr6E@8ZJeb%;MNC}T#bo8g)C~a?D-v!^-|H8ooAVXAK#mZz}UJt0ssXwN92DX
zA}`>I$mb3mYYNWT1PN<4#Xc_y?v*<M;g76;)@e2(0h)7o4)6yaXMGb`{7E;#b6m&q
zvAU)upaD7<Q&4M=4UeI!aRN1bui~3ek$`$lv}m0IjS5r*fpH2nS_j&KtzDF#Z0uN$
z8Y`efc8^@lM+?;w8s|c7E+qUTZKeyAy3my_RN_Kc6H=9f2x>6|dqKpd2GqaOg=V{w
zGhOIrLb*fBxkTjwDsry!)a%IkYyu+ZSMw`!9?^-s0>Bz_{sVS<Td3)$A?W_Bl<wSH
zgvk0EBOM=Z!Zv#}+AIJ3g%I}r?eNm_x!CV0Rsz0=`-0zUJTLqA@T)03ew7jXJoh%S
zP(J4w6MC~9dM|9tAK*Xsm?JkZKHEDC&m5m4_7~uZ)sYoVQdw<cmHdH0+ErZ%|F>?c
zXg*1Kgfck_DkKqhZI6O(`VmyHfMfO*p0QZHF5sB8WYmOz%|qhtU%}15a@z;u%{Vk~
z{kYOLiL)W<GkGuhU%0oQ`h#4zC}ul@%G=H$z6{cNyjl{ef&jOVpr|$oWx{JnsO=yk
zVu_D&uj_I*oh6;jDl3pVP)npJv$qj*EFiMsJAW8dW(4}J961-ohQucx^(Q^LeTvS!
zv*B5(H=t~sOHG2Jzrd$aZ4!)miyvy-q_^;`h;9*!E<xA>|D(|J{fpvz7(HLr{0_z(
zU9?;dvjSSKvE^vF0kd|&j%m3v1hgDI2>XY>VV==)C5V>W5?@6?m|(QLgMi4N=+mdr
z@~#oL?;?V}79u0!@<34B5q7AjRZ~dNZwKmmf^O73N6?p%!V;guPXR%1aj{y}If6ci
zO7jH0R0Mt9+-?LNO;;B|SA80hrdtGE&1_511I!d#uJ!_Au69Js(GNm0M9dB1haF*5
zyp#pfK@La7&lMF{^5>@Fd)*G);?}7hQgQX&zmbCzLooFG6Tz#?0!CdcQZRQgE+pvI
zkAR?SA`1!ndi9anHiBM8{R$XCud%*3Dz6>9NhwCq8-r{j=p*=MmRhKWkmo{eE;P=C
zX1Y+33k3vy6Ooj=njeuCnKKj+^ir2MAm|Ynn(gYD=0Z0U$`SP0MD3WMi*}2kxA2=M
z=n6Q3el4vSJkv*upf9=tf{xB~HP6HQyB%IY&P$D9@NfKQH*y}tUa8m|IbX-VByzr*
zUy<`mU+7NGyW6L<zC9vmoPuiP2>BW>(coIMg@%de2Zo85a5ce!nIQzeySp?Y(3xzL
zG$C>umDhx9^-ubyX+pHN)G2l;xz4+NiKAWh-8CUuDM8Sw44;rwg7j}le$}E5AgYk6
z?`q-2BMM1+ATGm8U<zjKO!%9YBBHKr5=R^16|gG>%ZjQ;{D0NxL<(`11N{?Y$>Ss1
z0wVdz6qkhpkn)LFq~A+)`tQy`D|e#!z7k2Zdb+H@=8zZDL+#a~K~hoY_^0hu7?V0?
zom{Oy?VtHesSzpo6&2iF1$mFsnX}z}9}~NecJExw4T@o^32*d!QB+g?@wJ-jb^ffC
zHr0ju_5VD-Eu5ZhcYgOfb35}pW!U!S_whxaI=`oU{}c0jG*N}~dzghkYku4QS}?y2
z+syBMvQF{e`PTnB#i3h2bBe#InL6V0Px16?f+?2HEj_5)6feJb+bLe4nA{ZaPf<<r
z9{g&G?|g3C)m#htk-wzCTv0@=fn_Mu%4cJVjoX-3Rz2*dCi)4tKk=R2^~if!$2JwA
zHjzMQD5qNUYb`tYm*jCz%zmaZdJ834QC&WNI1Q5s(G&|*?OGnP*$tHKZo#F<P@j?q
zkHo9@i6DXQXuz=PYK)%bzb&A&E-r<y>(;SFrqEdJzl|0^Kzp5Et&{1`b_ZHF{l)dr
zrW^^x?k1<dm_ws^e)gjd2Q}26X4NVCyv*@+fyTlyu_~Zls(^`AlscbhVwVxfF|pbh
zcf`bggSA$;91c{Nht26~eiqI!J8U)KKMp4)Ub3|VCKl2ZKhHEBj)`5uGH{xX5--ue
z97V^}@nU6FQvW;{4t;kiIoiMLlpNPmQar3ujfa&1QlR9JbErRzr&pLBWWJhLNR$*R
zB-VVJ^gtnTtm=|Ng6Cpkl5RscE~>jn0YG(@(vC@fQTiS6m;pJ*hSS7lSMFLCXI@%v
zKHDVa+yJnkbv!L>QmJ2dhAA-TQlD`}Qc09F|46Kn#uNLz0&dYwEZOq_yokQ@rpl~!
z3AlCw#6Ci|1e2eh0at{<7C|S0iz`}2gW_Vk#9RYuz!i0nTF4cxBCKg_6mL>O%L*7*
zRB7F4Gkb&XTv1JsO<Yk0-(6hM2p0;tqJT%5NfYE;ua=!}T|&MKX+^2!_w`F^Am$di
zdIGK};E`sNhpdxaS|L{?z9+wt=EdAtAm)kz5?3^t-#k~Ofa8j$+m?u$X=Hh*eJw0z
zdL4iKTP}e+;>kBXWAdiI@#}f^$VFU!7j*Mb9mbHuu}f1GH7JNuq3<gq$0;qr6hma<
zL4L(4o$|EE#J2nq?|*#4_&cywuji?>Rq!^#<WINzeh@&J74PZa0YB~_B=TABq~q3C
zaL>l^QeXmpRk^k-VT;5fV^%6Zg_khqgysLLf68oju2aE&4nI5M=BW_+SquAuo*YfX
zSekW*wLm)HUlAtq)6~W9pn0h2s&^D9;Hc5=&iuaMMUd>^E40d6yS)+uz|F6?Xm1l{
zFaq*8eg)+9Pj#oopYUHNjK_bSSphufCEi157K%&`Jl8$tpUb<I8sI@Om{rIM6cw5m
zYrR<h;r`G^BfFS`*L9}@>8l9pU6siK=rp0Tcz;l~g&()bfIJ2uYyHy(>J3+XIO_0a
zvUy(RmCmB~Lg!JEzs?G9V(3zoQ~X5@_+IEz7s-cer->$v7?A?0fHCVr!ijykkbt!u
z{oP9{)oI)^0xa2ZBi*wS={u02b-Xx<6Zq0-^0-p7Z}1XB!H=`cOFqkXI@@Y?4##nZ
zw{&mW+5MJY%jQvw9Lt4zQ4d*YYPG9t9P&J1y0rNBs$Q&5bfDZFiLG*|eLe+wm1hb0
zie@hI7QWUKzBK+_3~!Hws?}G2birwM{-AUrY-O-ze3%WNG)`NF$nm&P`>E8Up;cyv
zD}QMT`PGXuqXQ~EUr|+$RISK-o5u(<yMP$H?>JUWg-BgH8tj3pghD{Gu%swFkalLo
zFwoUc<6@c@2;Y%O;t;%ocX~s%Uf5@JYEUsdmCZbl3UWI6l*dDY4XN_y`MrSS!{_lF
z%DWFEgnvBZUUqz9q%V_$NGuC)&95YdMlbQ9H{`7t?;d)^A9&U8dZD9{172u=8>xN;
zpY4ff8WLN18Yr`8q5s?Z#A_UlqBn|FKOg^^cjVdSjZ+V-=clZBmH@|?*80~ysaN_m
zK((5l23J`1q8@~pq-S>)`bRP+rbiF8e-$ilNUY;MmR@dNM4v^Fle{32jUUAf{RX<C
z85*&p8Jc^l+tfRSZD4q1W{)~te4a!tvBZDnc9<#n-AUr{o!j9*kTKS}rMS7j44ItY
zw@g%WQ0wZgvDB$$UD2`Ru*G`JZs5^AE-M$8uv+@CCXU_&N7BP<eK_LrlKKnL4NI`f
z#5eF_(tBX$)$6@z=+a(&WHhj$Ru4<np3ItH@@JxDpdZpsVt+!%Jxq1AFVz=+<Rw`b
zK&&Lx`Xn*=;R1tSL5Tuu@)ak#n%ds&B{W)OtC$6Q9*dWrd8Pc3%i!;;NE!8H!+**Z
zSxymc83}YPy?+`JM7YD#d0c5YmR)LZ=4L9g;SR91;Ef#X>hx1`kLu<+DP5brLQw|L
z-4YD7{REf`yGn8Jn++dFA&y<sr&ui9v9>Ny9Q6<Vs^`_!ak1=URUHk9O)<SFUWYxB
zFmS7vx`-zU@C&^WtlZ>neAz30-pgVmHs~Y}|7qSjSlBRR^OSGs&4cV?U~)rZ8HlS&
znjaJgC<38>QUJE-SDj637xz-Vo~|cWIXtLE3%~VAYJ8%hcu7O(m?uJ){S%dBePRXg
zD3%%>Z5Xn&A$0WS`s(MJIa-!oS!YsQP~m{Ax}>Yl%Rc25Z)Nc^fO*z{mwi}0u}rC6
z7t|+)E`%&DM7_rWHkM!uZKV*TmyE;1?%H@2s47lXL#8!(EF0b^Bue}n(iQ+5r6d+s
zp@mi3+E?kSSyhX(E1qPgk!Gtt$sf8mJ$J;~+~!WshHo&`e9<U&{JSz$ck+wVB7w-~
z)fMS)Ln(WMqfWL-n7uXoi``C}cfIOmpTZ>8_NXzc6%%WwzJRZfwk|CNt|hf>3ijGN
z&}T>@gUQ}=PNRsqh%Oewq#z(l;sQkP_JgUO?-68+YSq9$5WVkToFB>!EN<+3uDiCc
zxf*?0L9k#pm4opl4cIcBBuo|NC`i&=eg|4oc>fA=GdmqY(lUN&pHe2Ixl3azvoe>!
z_bR^iPm6T2eZYxKQ?3?5Rx{t4aQ&kLsh|TkuOwYh^Z+H<d*CxohHz}Pu>`?;NV%6>
z*7+v~7YFwdYXE|>bn~o1`y04`wbMQkU6(+ve#&LML;GT7z>X4T3i_fA*vQ8AH~&ve
z^Qf184)jt3?ikE^PW4{-RY5y%J^GtNFtb}gTN7iUb366tsfnSpmr)BxYRt-PSNO-@
zu)@jiR#)Ryc!uEMn2L`NzzU1Y!p32&Q{XIr=2V#DCVz&0PA{-fU9M!Wz(VyQMI3H)
zQxjOvlyG4WI~IDer|U)ep4N-Hz1$E2+pp(x40rk;f*BN2Jb?euyTwK6n~3pyADZLH
zQ^TVw3)}a~e?H2l+m*VSLFA2CEB#6D6c=UA^Plb>+vEF~eNFcNnTyR#5HE?p?WGw=
z051*labD2$WPbt`XHNA~mODRb%5!+P&^L&3NBxl2G8Uu%?LTjVHo<fIb9=yTGmuIC
z#P9WB#zeVpzZ6iDTH@bmUn9%?-|!*!wQ7mjSAS1ya=Y(&XaSi2<tN4WNuOZ+Yb4LV
z{(Y|FUyu1D|0*4fc-L>75NOCkZCNG>$w5b0RNO@+vV(UallF>;h!VnsJILj`Qbb@J
zAH(<^#0FB66CY|sqWb91@uE|po)M`?EO{DKWSxK0$6Mf5pA)xwntL4{Dp*mJe>>@S
z$J1o{i=npttyiZ7L=fcZuEgnfNDS%Q;NSO4*48&DRS&h-ijM`)0+&UT$2yMp!hN@~
z=-oxuX%PQ1E|}~rk}0p@r9U-x_gI;%8M_;UQ4Fp;sBRIaP}__A1ptG%%n@ocJ|Q*y
z%2usU*&2TQGrJ4X1o$uvied#5s$1`_B-m!5Xc}Euxy_CdbYTl!5C^7V*fp#6<tFey
zU@`t$E}W+q5To}nCP4ZokxzHQnzY^k^=Cm18N^G~>wJB+f1<>vZRdUwq){YN|ESl=
zb?&}K^8uL#dOv}g9}7k(S1nMH5TCoz@pbiGU`me2hTn;aEsXDhyfj7(O(oBAjEe8f
zU+#A70t>itk#+|zGx7q0NtTajhv=ZVEinleb1mS`I^*BPxDW5~d7)weysMYm`w8;!
zI!0$~;hR160M_?mzTRjA%d7u;!FNQAnv}t&$DOGrUdV<&rc1Dc?SG*kw)1AHwRvb)
zC{b=YGF!jI&EZ%7x+IGq)F;+w+*_85j}zJ=R5Ym~z@i!?B6aAO@N9kyYZ2B}XuOr5
zC1TX<e0KSunwk8Ouo3ZgC~Ry%-pC+0?pG_^H+f^duAHgkX144;h2-Pl)#{zp5i_Zy
z-bo!XIAx>`o}hZBo;OmFItID=kT>diq{7J?-;|&+Zt9`+N6xcxHDBYU+_i75!~GwY
z)RBXLYctLJXZ9fE6pny_S|EIQ$=d@!u^ZMW-Ta2yj|CktvPL}Y6`i>lyJVZsQ<=}O
zs8;oVE;wOF^Eq_1o6j^`vzyPaSG@?n7(Xv|%`howDg7sw3tG)!4vUV}hLV#GZ>0vD
zXB0Q@!RuT3f{p@uVwp3Dyzh9euV6Gu$V;7!xUy}=ygeIKbP4)B6JYecJppE6^S`4T
zIuT$%izU(u6q^Kt0Mj$So+?|na?*b&eM9aJ&8*==PmvGWusn26N9(F$M4m*i@`t2^
zLx`+Ryn{YlZ?%rBWo*2T8EVr3B?1^bXEuBYOH;kCsV{yn)Vi|@<<<$np3{&QcHU5N
zq4x*IAUR>D$%LKBg~Cp=ij>hpHhfpE$TJkN1|{rV`4tH}$0F<;D`BTIvnTIGuy!B|
ztlLPe^~oOAvsqqF&f$8~Y$_~@@8U6ST2|Tc1*EcVjMa-RV4g^i|7d(`_VbX|8{^xO
z){BDMOfyx@FF8O-PqG;3qc%TQDGX>m(ozQ*V%bL}D6Nn2d`eu4t&K?F_W2~G<0$UL
zB$aP|MBpA_<++AZnf@D}IWXAx*jdz-+!)`S$~C74EJo7PSom-lc>0Fi^ms$@V&taB
zLzhi8tX@%{oK#vMGVLqM7x9023H3pCx`qZXuLDa&qXKye>0LKtMj)mkCY3ue3341r
zNI5*$tIsvMFg9C*$gSYu!O7*Ur>Ym-INHauTXk{1?}aX5{}Ye;WS&QDf;;^9Qe$vC
z5d~myvj>B9Ft|<bder;_;Za59k%W0D+8<X&_(2PEn*CqjQ&=GM|2t_-)-jC#(${Z@
zqw?|*syw{^tNn`>3{kee`@^SRN=mzHcJ*%7tiOA=W}`IQjo)3h`!@XUQ;INt*Y;oW
zyJ%QsO^_P(HCOepkX3z3X}7B1gi$tzH7y&Cfaz@VpIQySD@^yp<#~>F_=zeDzxxh`
zS(%Id59wB(*=_QF_9o2kS^n$!SSA$$wZUKUJM_`Vi(`%1cB-%O`KI1K6>j)6|8G_-
zpMGrqYjFPSD3uB5wT?Ju(?2nEQ>b4EDn7s;d>RZcEtmQK+_=S}ZBd;|D-QkU#VJLG
zlFTmDr{l&OiD5$h-`a21KkWXVVt@Ct9_80pxAU|z5FEvZ{1}1$h*5)3#((?&<ObK^
z^NiJVu6bf9w@vE~m)-%(-QkiH8bdv$ee}~VaTV(4a`(Bs>hYg`pKDwH5S&ZUaB!#V
z*AQo}b9vdGp{sPyIj4{?Iwubi+rQEE5TmM3{-jK*zUf|SDvvJauXNpXG(H5D*iP_6
zZ62p}I8O;f;E(jxs6RFO<2Y=6m1fTTTo=Bcq3@c~qi8?fN#OI<p8QEfvUaKNFI{<*
zF^l_V!w*O8R#Wa)lDq1{h?*NSrv{Ri)D^H+%hVD^vk{&5XtJEa6@m2zObMQ3>j(l(
z3d|>fa#9c~QM>&C3vlk|uC5v`-?y_^mTcVflKsK26XB_kjhG^&+i?c1N<jiQjYb7*
z)EUqrS3qQEEEb-2iBpTbBz7KpW7Et)avr4$oXgCnQyPPs7q7US-zI(2;g$ML_U<np
z#dI@iMS!u&qztPp-21gXq@i&~ZRG#G+xMlU`RR2|Npm8Ag)qI_0yX44m?IQq8>#`n
zh#&BspAZiPbMHh4x|wz;qxOR)<<wamIo;h4#di1n(L$>JDQl^HP@7ZCJADkIq($Qd
zEojSK^c$c;riLjKM^7oZD)7Q|Fpj`@DQ9AAX8-=uf18-wd`_q$n0QTv0_&+t^AZu`
z)S-G4AhaIqWVds(PlP$%687+26Fit~S9Th61kKvNzmY8dw_RiLGqrp2f>$xChiaoG
z+WthWkqJxK<iw?1O(+{)4lbuZz*I0B{@`2PkXe`(YQLGJTyB31mg4DaEhezxwq{iS
z(qd_l^362=Aw669=rme>H2zHH;%Q7;YQWY_{k3o2tCxS+H%r~V*|N8G3jK$gx*iCs
zdzr&@S29PppP0(kxQPGfeU#G@&<py{H?leG>|dRW6`6kTT#fo=KRHiidVBP_^=)*g
z`SZ-2euDGNQkvCyX6bCFo!D<1?ZhQ$Eibhr%wGd8v`?%%Sg(@SSGhrk27j%8>S#16
z$dZSAmL(PZK&Q;WZfWJb^5ERU-Of3rnMtjd#ldEOgob8zy}==5Mc3lZ4(>spyw=49
zaoB<sdTsjmISw*U^D8~hkM0(P0(;kP``1hWk+TQM`D;pEu4Tm)rJ_i4wa_jSn1;OU
zull1ybNqA(qnY={stz+*(HbeO<0ODnl!Goj8IV~)0a|l(t1B3XN^aLi8dT0z$VbI}
zu3SNt7aXY8CdX2BEA=r>OFB}b+7A}ZBdTmFMzyRSXL7<C+mXG=qLBh$mkY$Z6~^x$
zm32WGgcOf@=C#@Ed?PZffpOlE^eBFbo}xriqgOhAgXF{IO>9mCfD)d2o@&%8LS-O6
zRhWR!c^{1+wX~ylgLq1KmYwv;3W;$*@>Z4E@Hda3GYq37vwL74{d_ij%?KhX-F6`P
zWv|u*Of_a04z37N&_DJM4wDZkuraYsK$X#PQKPmE5QWSsT``s+j*3KQ4j4z*^RVN=
z+C5Uyl}N`dsoJ6<?4u7VihnI{AMLKWbX5{+`xDh>!)G4}jhQ8~109|ua5zYyg>aDY
zcfCebhWPp+vO#}dbu>nYEU7*C?DEoR>yqc|s^18;FI9e(jzKq2iJ>6UZkIeB+(Dtv
zhSH)ODAEK0`U)_eOwF=9vrSD1mF#+<E=Zk_>OVBbL!LBTp%d3irB6mc^;&hCBsh-Y
zq)%{c%yJyX|4sgIoHw$_XjreC>CQ2${jA(-mkKcFif!9#BFu?@@1;QcEaqY-dLXxW
zF<#70{{-mlz_JErB^w^X<fl)BqUOlN_L|YvY-Wmk;WDV)<;Q{r7?eJca{hVa(TH>R
zTf8WcEAtoh%kk!2aigz>58vjRM43NKu{mpz>wct3c-j92zoH-q-Qg$*_)tJUTHl^l
za5)0UhFjb&W$TjjraO7bSYX>Dzv`W5&M2Naqlt$8nP@E<V9ak1x?pc6rIh&`S)15o
zw;~9t8d;N#){Ir^?y7(X=^R+cWr#Xcixu7{drQltU}3*t;l<OoS=FU};wl|`=)iWl
zm*`a<KT8&5S!Y3}a~D=~Qiia$qL)n_+r>YCY^6?RmmGuvl&2Q>(#l4#K<p%4_N{H6
ztyE2tWjvEJj!d86k~A@yNU*w>Lb<cyxx<jj5+6#g(K7ExVW2NN37EL8{*QiBY$6$;
z+$Cp4+>p4qBom!6y?kU*5$_J3R%reX=_|m_fGsR|Y>*``=6KhOSuCw1%LA1+w>st=
z&Rf1R&%FgqP0!V04lL8)Ll~NH3hkIokUsR^YjJB$ml69lPt`)feFYPwtO$Humxiv?
z5<Swt^#rXZqKo1`vnBnR-4z$BPM$NJxl*&%(@@)9bc)?SJs?<1?v+z;VjI)swpYcO
z2<fxor-6QY1!2uklQ?PP+b5}mlXV*@x8Ak~IITDJL=!Q4qO@IhiM=G$rkjH-j%@gR
z)jysPqn`v4*RnZzAg}b*HE#Flx?#4xHnePNjB(eHM^D8pP}lYR+2dHw?#>gB3H$H#
zb&DCB4H|yapK&EiR_}~{1smyL(GM&4f2?S{3lv11rYIJ-SyJEsL$|o^;@8^yt6SV{
z>T==wp7HiLdM};v91^gy)uHHIK4XF9XuP~JZ#KI4*KV<+t=ZldFJ{+jX`Kdh#i26#
z`0C-Tijy_FjnNrfi^1b5KUO|9;T)s|$Fs?3M8tk_ftRl)G1ZNQPiSKIB~mr=B4IV#
zd#LSp_8w=_t8sLZf$ZRiSa8vn2WQX_`Tk?=<=RD8mAd6>qN0UP9e3n`rGL3Ru&nlf
zc&5qk=GHNmYM)JcN$>Ofs|#-T-as6BP@^lc<Y&8gbn_wk{UCIw-e>rCZ0?=;YTmaa
zMt(FK$nJlNJqST5`YQjY$Mn*K-d;YN0K2AnXu<i%Rmadz#Y-Ap0P2~SmSN@FoC(=T
zGmMm1%;QZ)!XyAIn)i1PH7=$3By$BJ{EYTS`sR*pk?X)tpH_FMeJ)~*Aep58^i2ee
z@v{0g`Cves3D`P?S+4H$D_L}Y(R$|Uz;?xrDyl(0+jmq^3(l|(5g}@nYrEMb>26Wt
zt^2fV_>&+GP@~48_-L^X<I;U-E|xq8o(?A|Pmnv-x<uY*C=@uL`Jf6CoxItqGM&Z4
zz?Ah}M&_dQ-}ysDW5q_;A*EfC`weB(b<-ydJ50M1M6@V0^K!}p!cf~7K7{|Jc-t`I
z8XNL{=<*n`UMhbj*#FV-QWW3rMxVs@m^v8vi3we{lHB5z%u~z;CZVDD%~<xydQMXk
z>(ZU1MzKCuSBoi^8w1^{0HBMB@>0Ps;Y#u#p&vKMIo2HEg6sEp18LMwsI_Dw^<;jn
zuoa@hLYZ8OT&P;3e>N<M_HC3nZAJ~Xo7ZSE8?EvO%2!!6^DNO{a|2`qIaZM@O|EI$
zT`L83nT)AMoQ5T{<<HRozISqVP>&9!m)bus0@JviBWvVt<?_BY$ElEJE*t(;uF&aL
zXo*?GMUY^Ju0eFodDs+Myh?ud56q!{gu9rushF4)pJ)*+^-PoPMUxL0jOxIa@eDB=
z-i-FxaAptMfZ`V7$Ua|ppe?P{8hR?1^Xue{cGgiPDC3zOB@AK-4a=v_aMzDlnCu*S
zn<TF5>g0#^wKs55oIaU9a-S1P3#W5g11wBj#EzH^zkY}m0u_49JJ$LH7Hle?KLr1^
z7B!=rPkD3&fkQQg`~x?!r~hx%noV6aS_1U1;sKcs9MOMW4b50A<mw{SD5_XJl3q&U
zyEvCe`E|fSuhxNjpp}n}dm|EA{CJxKxqLs_q%#?V)Q0X^1*&`>dy|IhH>XC0#f_8!
zc_9ME&*7T{dv-t}R_;fXQOk{){p5`&qAJVM+^cXTDYF|4NH+YPuW2$sw<E}I%`2Po
zR+=L)wNj&2FrI3%jCL<z;i{fqs#l8^Km~(E^OtxJ>q3el&ACI!SmN#a#J}<L5>0G&
zR3Y(UCKSD^xayHu!mmQ{kZo?L)AsTTHPk1TMDN4{<s<Qzs<IQWZkav`68IGv$5n5}
zAI@FHl)?HdL)njF8=r|4KUSYAKNNY6O~o~n`8!CZ0atjTI&1;?2(?{qRo`qz`EvVN
zYT;Q%MKGHX9Z~<q5=8VX`3hBfYiC8Qb@9qj+kHevHyj)35$BNp+_G5q2~NuEhtL(K
zbjtIw<Ru7jYt3KQH3tdFD9?4e1-LOgc7J^J;6_N4v~_b2FPUq?c^{N7Q|k>~D4~_m
zWlxGzWuFYUZYmD7`_kFjXw+1uXMM2^ZiG|?B_;|_t<cOP35u_T2`u&d#6)75I&}}z
zGb2%CciRukt*pKnRnA&%7jT2vZw}>TsG*pNnjjaWZ`L1)Mz1+!_4@veI(QaOm#?z3
zS7i}inaxRs{!qp?iccR}`h9V+xEg}cTn{RR+F#~x=7g#hI=W7*Yg^HLj0ci1_Fbzs
zw2Z9MgX^?Xy&l&?2Y@gj)>Akj+SN<E>up@&6)*QvBdfrTsul8g*&(dyk=a*^ene6H
zOj)_Y#b>x{Vm^6XqZ-6y;cJnA4JpTAm{H&yId)`LYtAePQDdA59h=WIfF6JovLr7^
z7a4G>Hu#U+An?c*OmObxN~!~v1CIf11VgyMHt<US#|;n~p_Bf#c-6~7?VDg@RCt8d
zuSu!NuzY9>)-(_FNYsR$=saY7M@0b{`g|5{T^qj4N~xtGu~r?gHDd7rOFSSJ!=Xna
z7Cd3GePU5hEg}}fDWet}Go|y@$IPxq9Y)C{PShc+bb99L57bW*6n{*E)ua)*#a|&)
z5~_(PTTam83wNU|{d+L*h92<jAIA>kYT6LdbVknIx0-ud`WsmKYXbcq{;-DH`d{Kz
zuQh*I6vQ+u!!<eI+qfKG<PE7_s6;v-B(w$CP*7^2+=S16NjIT7cDujQGtt)B{D$sn
z`2nrrRdO`yz1=V1{=t^AcqB6tb`9ruN7eL&2(cs{Igl|Y(i-)VY%MNzL@xEOU8(z!
zYP44iC-Ii=^&kw&HF-w@8MlfW{Tu(}R#B6I*I-z%iYl~<nrJTllte;Gj}snLG*qv>
z;E15|wf-SvK7l*4;fS=X8-eyXgSH&aj#uHP%s|$arl&NvaBW1nJfRLIw}#n~Y`C3e
zzk>~NSFUmazxWwlyP}-z&2n;2@@Sh{WSAbIQd|h<nHUL};DsbQ!D8e%hfk%oJ7K2v
z?@b2BY<K|erXM3DV3e{LUuR-CnGyS;e|)auM;O@EynIZ5rU;dqXC)<msvG`e6W|=a
zr<NSTP5?@&QExZ(WxE{k)mKcfe}eDy`i)MnKc^Qgdpm7QwO?S5S+m*Crq3b1z$A01
z;!Y<H^w6pB-U`PEXTztnW{{N@u7d0@!}<ca(DM67TFd=cS<AiYfKC(|7aYV;{X^7p
zKP$c0c1z#mN<aCsm42B@3QDi<Nolc0{x@Ts&M)Fili!$Mh~xBSdwP=&I40>tXBD|Z
z6#?y&U#-x<E6ZDm6x=ldB9&JwoEmlVDC_%V*ZK{d_q)~yk?c>Q^~_1RO+Ns~fK7fj
zGs;5~guq{<09%ry!~QiM>VW-&wAVM1Hi$Ov<{{JE{@|Z`mQ)0p0qM)sfuNxDN^D`a
z-;MCcOh*?mR&nBf{PE9h$)@+A+xeKE-|=xa{YUjM0(9+UALi7b`XU*xAUdD%dt}T^
z^FL%9?))FlSG$y!vX@>QWTj;Q%JTG|{uwQQo8q!8A*Qr`CyqN-`}Yx_ekoV;@VkU#
zL|=O+<^{+4zspx|{r&jucYz6&1dO!je|s8WLEmA6jHs!y%xHqBQqH^<TLj$R$+>G8
z2^Ic>t2kdefEaV>swrEh9)oL?%$;G1DpJDgD)INEdlJXylhObB>6AZ6jahHL^-T_@
z%KVKz4D5aVwf3RvvAU*1?n0@5+*q~ovVRo6T4T@url+0A)NZ41DPtaZe8n`~Isc6;
zcNk10(r(Wuos;w1D7BoPAo1`1X*O#jIXu|Pc-VHK)40*0GXjz1gN-fXR+b1SEB#%6
zAWK%P!?>JM(LI?&Wo(H8K%+d0{!(<iK&{%UFw0_^XQ~_=4Wr6ASCOAQX9h;LmsxWU
zV|r)QOA137dwHSucNtl<<)In;6ouMCT0L&X_2Pg!*bOIn$uml0sfV<tqRA`tGl~u5
zs0;Vl#)ft$dBqLg8H(dR_+$SWyc2^)@RPp~QpQqO%;ra2^EXT{<hExqlCk73=8$9-
z6}6#zuSVqOZdk8p`9aXN$2PiLZb~1+W{o~(NA?tTp?enAk?S;APwb2Bv5mi|s+>aR
zcVeQpuefwz54E?mr=>3!TdTXf53yxA{mpSgkb<W=uJ0v;fkZC=BD(l-_%<q=-u{u&
z9%v%aU`iV;&TEq2{A;XY#QHjTw|>~8xf+Z$8tB?X0u59_pQts|ekY0kD?m7XtBp)%
zTnRh(!O@Fi5=<a;aJhZEM|otzx{`39uyKh_W7E$xHlcP2)%m_AUU1r)`<I)xMvm>?
zCtXV1GVRKfia1Y18I52lje+o@NC^9?kRIe2X9BC)F^}_`(~?%fIRR8E;Gtg9-RG~&
zzp>09q*f@+X=0`FUGqauay}(*PCe|7V=ir!f;cyc%ely#ewshImox;Cne;N$b`yVN
zt&6+As&UPJfu7*U%r|T&8!=mPJAdf-AddW!Xyn2N?}P3V>h^Lryov&KjO8oY@IHJN
zT+zz(#HJ(w(%xROS9vFZ%>xOT=>GP7l*t1s)c%s88%lcL^Re!eP!-i0R8K%V*(UU7
z0BwAFso<Be$RaAEK|P$xsKW&x3{f{FO2t2mteMKFl3y!qg-DJlS#l(?54hbEtx>7}
z&C%`&785y!xJ_5|S<6*WTpyIs%Jx!@gYobDh0`4=5*W|cUvxkUN_V6+F1E`}G75nc
zAzHy5x~ul2yP}d~tbs+JD3{kA?X5y(R0Y41D|8TrSUg;rvx{^C*1y1(oYNfvb<H^)
zIu2nD<i#8ELHokZjgV}|m}ZkGP)(LhtxiUh4@nOaP5w#xBmcJVk&nKaw^Whk$qo^&
z-Q)k`?#%<Es?Puagd{L(@CGF{TGX)yO<aSbCIUK<0C!-bK~b@8(IV1nE5eN84$edv
z$5Gnq=VM#jQneOa*J>4UO9%qms<@-Jiu;WNic0}E=J$G^b7wLM5w-n({`p0jd+)jD
zp7nX2^K9oiJ|KAWayed6QOW^Mh!q7Jo(Ehs^L`ti%(vktUUWUeBXBgN2k><L4w&_|
zxa+-(K7>J&SD>9vj8gLR_$M1*;RnC>lHse4f6a0>zMseSpTnD6*ozrFka99-6mWt+
zP{JfzYI@Yb15ANKUo-{oLb+m<DlD5fP6gKHvc5UYWc~aFlXaV(S%;7{?~PdDJ$ws1
z%5mOtU-+pk!hgmTlo_q%Sya*cjdBe4hUao1(bT=H`Fq`~xD^iM5O2rsSNh<>x8Xo`
zGs`<8Ek*aLb7XcUg>Tj*VL2+fXBwu!a+G`HS5coVs{-*A45W8Gu>t)Qq1($XJRacv
zwP(xU+85Shh<8Iil>%8u*LzpafQ{PKuivE1Qi`d8Jg)ch1PcYTyr;Pnzj5Zz`{Fm^
zYuvo^N4H5QxLDAw{emA|Z21FrnB^mZScB_v#yRE!_B~}Lh~Wx`wUo%1)cm-1)x03K
z;uIz3ZEJnmvPEcvM)di>OSA&zhRyJOUfgayAp3u`#VWqEAgxmjIaRK8<B#PJXW^7B
z!kD+!fi}3DohJI$;h)Y@Pa3oaI|rEM+&9J?(=x)K*(HP?9|$smgF`rXqr51#Q;$Pi
zc2qe!wB>NJi^bBREwQ2=r?wzQf9S0o+a&}a(w3ctH~A5e2Tsj6oXrrTvgSaFXmjS+
zY~^$+E7ZB>-a2iM`!u-1yY@|J@M0dbm5pDM-G+Cs@P15IGuAi}I&CSw$r&{J8uXqH
z1W$%pViKyA_Rl7kH{(_db;^xfVg>KKLmIlW!;2Z8^4!oR9y8yZ&CxET&Vz_U6qX-t
z5OcTZ3}PNFECPpvR!EGm7Ycf7>UBPa({?Z4qv5V9?&7EvKxVmfAIPFs{NxMJVMl{6
z@ZjDydfeK(7I~)tum89g*fGevG?!X%Xx%HW!1s0US*`;9pImK$Ukg_+etQ-RZO(;(
zT`=895Xy)1U2}m&f-T3q=qwQ%d04jcj4G(=-*}SpAjH^cwNij>ZX;}5aXZ!q<^5L&
z^bQ9egKCoqTa{SEQ1oD93tp^+QhoTDU;7TdQ84!NuA``hQbT+kB#h$#Cw>a`Fn{Ml
z&dp*rP|s<j)l691OS){I8$V*M6DES3@Nc--vKD0|QOgbmtkc3~H`G4)Qzp@AD*K~x
zMISZxcxD)1&8ziD^QZHH)`2@4NylNL=Z4pG<?q&rl3r`&VRRH)i^a^k>1%C+c(*{$
zyjz%i$NgR0>rZur%ngMbhoY98>*i#WoE|vFuew!vrw!CcMp=keo2qTl3Nxtk-ekP^
z(T3)+L5+HA4_686a%_#t<5Upi6A}o$cOsnJ>-5!W6Dt(|>ibTdt)LpKQc)&x4t)*w
zqYJ)yu;XC2KiI8j+rh4vlWTg^%g5Tm-c64MgM9=lwY~;>Q0D)9uvZ;!tL{D6kN!U#
z><fPg%N?V??jFp6?+r_^c_N<c=WGqd#b)vsF$F~fG*L`tsMq8s%pSyo`L$r4H$z&V
zi>nM6YK}`<D5pTq{mo!Tea=#mi0+lB^U+<X4u3w_TLl0lR<zT`CUe+u6w2ptvj`ur
zBI2rU_!N8!(!g*k#`1V9=Fp3)L!838SCO~sFJ@0>2vfDxj&9~$ew$1NOk=-Zi>QKp
z6Dm@iP=-Oh3+S#zII4w=`&Mp;7!b5lmH8UWTJn7Xy;eYP;x&@-G%^aVbEc_E3h-Om
z`qXQ%z6KL~_?N-%?aBW7>?Gb5>E~?P-h-1JdL|{yE^jSE=;y5pRfb?OKkI1K;(2BO
z*KTXufCeA#o^*ZY=?dMf7w`H*(FmpFdge|1<yR<rr&Nb{?IiYPX%q_}1E*_j&8k9_
z%&+1~s!*vRm65#7P(1QhWVZJoM0E60f8q4Q^SL}gp*rOaMk1|ed1t~<e1ez_u2+ca
zb@&X0Y!E;qzlNb`6KT`J_J#5?*Jw?xO?$E4WGlZI$j5x37II@{7()w@0W_%^iH&;4
zl)+B;%0ymjGW8tb%A;nTrwXM~p6P*ZToM%L<3h;AqpM7v_p443r%I_j1o4aY0u>^_
zo2{J2YdXGwB(br7ICqm7-}+(gILE|E<xrbevO7&HjMvHrmMQ6&qu=NKY`tfL<{Vn9
z#KvW9r_q99UR`cpjkDQ{0x?c!D~miO;zV=vO(k(di^vIM;$t~u2Hbl!kHB}cGq3G*
zzd*^rMbXpz0xM!iG8w5#`UYUn7*9c)p6sLaUu|A`<vYr#N{ng9yLv~?gWAgPLs5mR
z`PbiN^x_Ir=>?jOstqe|<<uW=T}NHIbMOq*BQ2C+1TWRHuS6~48%t+|X-!dIech&y
z*1VT*jljq&qBY%3pxz+On5$-Jkb-uNS%`^Ku0&KiPnBwV|3}a1vXy;}!Y_~7Y>X@K
z&(|xM@#a-A3NZ3zhu8w6>cl7i=wnF7_EFd?%4mkv6gGmwx;p_sU0M_aNz0xS)oH_c
zR|(J?E?Samg>+UuIO#GkIf8SbjL*_IS|?<08$-m{E|(v75lKKB{VfLY)-x=nQGtrq
z<>Kzz&dAl)LHZVJ`#!Z%N6w&aci~)N$P?0u+wn%wEz!0S2z%~amKE*;wbwVfnlnj1
z0e7pXIIJa{{M$4tgB2U(T>dxiF#QC%u%FTFGnOL7ENQ8$3`Yn@W33GU-B*vwjZ;WA
ziChx<i>9JaYn{r|=|=T3#Yd58P>$KW)}K&mmbv+Vx)Oc{<J?v8x%`P48>X&mJEqR3
zdx-$E;O#+t3?mSfA`s+AU!qJC1lXdH2GO}GMKFLikGf+lFqj@#v)l*<wND6OCV_){
z(|GSE@1tN4weeQ&V`T#!zs{6iPg-%;Gdy_r`ENK!sr$`PtwZTi7apR*E8oIw@W_rT
z=7IOn797O(lSRf@G^)<l{-$sI@vHr$i(HP?N37Ckzj#d&2A|!{XBm0sW+wPjNXUC<
z2~x<u-nN+nDJ10G`9qd!R-F(N=6$RzJ9-(qV+0imG^GZ{y_b}aCB41~H@)vuC}K`0
ztUaebJ(SCyk0Q4dF1_OYx8o|t<j-@yMt+H}`G$CXb=cmZ58n{4??F0mWS3jFL3X*F
zr$&&hxTtBHQWM>%#`<XxLwNP`mZ2cZ(|3#3_oo(Ey8nY{eb+QGRE0`|9?|+<-dZ&I
zYoqo3^-w#`f99%jK4P}Uxxl}D&YBg>tKC8*)Wi@dg@)qH66VC7fNLV1XfM&yv+P*!
zvH4yiCvhUA!VK|Pn$*?IQxhH??Hc$wUl|APu$4%xQoIM#s$61PB@z|-yV`AgSU9A{
z4|q*SK_NeZ4G*Wz!;f)&^!#vY+ve19fo8T!uu;5WWrPqd1kZ{jm$<dW$9gVY`&=Yl
zen6!5wPqa|?u=a*X?Vg(2p8OR>CtX_aL0snDN8|Vhg-YSUHq3n+dp^1o9q@Tb<;;=
z8<Wp8#@{Fb97<+xJ7(Ck!`d?^4r}i!W7ypIn_rGkmp(>mDlQaB52mNuk3q<;+Le*?
z5ZnklTg*p=`&GjwqZjdSCI7r|Nl7@qq?CNEk%nhuZ#UzvGI9b197Ta)JgJCnx6<u+
z509#mm(eM=_z5Dg1;QO~lyFF1cnn8#%^zP<+Akb$uZj?s?Gug5S;>#%Z_?yVr87&1
zu_w!ozx!n*-PkgW6V(Bya7l>zL)0Ile!8)o`rBLGhE1`z<zTjtn;w3dn=U8d0^zzk
zD2etATc6*5=9ZKWbK}dZ2%s1HB+}r`{I6&BC(X?4jx3t8@){_B2?Rq8Q-HDJA(JT0
z;B1t((kPou;tTfUE2*-TTPpAs{#TPtL{*(LFkRozV!n)Zh%GR9RE$Y_3cp|BRlEnj
zqdV67A}4W}rj_Ea*VS-s6s>nEdY-Pe$jdUJ)XDmgwykAy3+Gq$%~mtuM(eys{>*-C
zYETL_T+VN|N}LUorf|F9sS>f|PA!mcDnoV7l?Z~7+KsZ=!KjX2$?~Y)>MU6?B|+5#
zTX~hqiz}RW;zU*rXmJo>-ttk>2|y(S;o{|8C$q|j{$?D8@Q5;AA9ck4??138lvo=b
z_wBHh+B5~=ra!6yuW~#TaE#&-%%;u%aWSV%u#ImuVbu^ax)y59H6)Nzf+drQW_1g!
z*`d#sK?Qp!cgl)ZgJRMwN=}>Nba(B<Pj6_^XxmZuXMyK-`j)3i=~2%dW)}CGQ1`KT
zek$7slA8v=uJ2dAS+HhKwh;hEnuXOuu9t)Wqk;eHTYf%c-p}k#mSI`%su2Q-y!S%-
zL>c3yHUDI|MtFml;i~2GE%Ti9F1k=;+?!%b>v5jT*X{?cGLyC3E1GI)cwhTLXBql^
zMJX!ppBgi&wuF4(J&Z9y!1Jv)g5D4Y5Wek3(EZi7!u73S(`R<*XC-ERD@f~P%nCH2
zD-X0ovx2KuxYi3aG~Kpr#RKh*rygHZ*V`Q6@0FD?;B6Reb(BLDdm00rgm^bII@4&7
z&H&5rmL)=_H4E(F_$q1@LGQPG`~V8dW!_Bp+YFSy53av@Y6j|iHf(QQ9tE;PpXq1D
zsXM9HFx`599i~5U)i5>8(lGV4Uv?Ee?ba6~q}vGUP_q0!n1_%E)yXaEi}x`LHTvR%
zXj|7VJi#s3K~pi-BG#nbswDhI%GG(#rIA!CAti1X8h)ECDY-*|pM__3?lU`5+;rOl
zzLxXDPpB)mBjrWX+;7~8(vyD6|6y;r4mV8May*G%=L3T@{(h8Sp|LTsB((9w98oMa
z&La??Eu0M;L*R&{&LEP69PH9DB1u5Pq545oE0YPFXdLXr&_2bU8uJaM?MZ1?%_3c}
z5jExR(AB{AZn`<x_%JtY);YU6m@KVkTFh=h-)oo!CFuPTYq^MLT~Ty*Dc0(-sH<&Q
zT*uQITo0OA&z@1C8f9&R8`8MGV}O&8pvoM#z_m>xbuy`?O(axBhsbMWho*)lPMiEZ
zlFR12Tg25#s99v|SC}K>=a^0Dc4;O@aWqI7u>r|t@pr?q!KSG3%D5!{X2?m%enlf`
zs@i#Dw%oQeXGfZdttUS!nNzZrD>juE+Nn&Za+#|OGb?%p6mV?NumuI|YmOg~CcO^a
z63P5^6NtUV+%i!qw{@!6YkwxCaD@{V=F$7)?9h*BCM#Ue<WAtA>r5m>Hf@)Noa>e?
z3=-IFc_^?UG&_q5<u+bvm`bCOt_6kJDtcu5lb@|$bZFOa{A|v39SZ}_wMzm|%>JB`
zWWQoRvD5YkZY(g#3eojGf~&@Zo&X;Rstb*vI`GZ=%|iL3N30a=N1UAUs#ZV!2MupZ
zeu%G!SFsq0(%5xb@hZH#58!dAcjZ5G>!dM4^Qz9f&oKcK&dI&f!uagIj2jE%6I?~s
zPM;~V)<eFjf<MgBvloo@%Lq2BX@1@Smcgndg0@S3W1o#g-bmNj#v7?F?<xkaa$9+w
zD^~Kgm^hW9{_DUd&%dwXevN-$7fz2`Aw{S%qCzy8+2^UFEw9oeoT6TNFCT509_{H9
z2Wz(L+M_MUmDvLy*tFs%b>PF(PF%i8xnjA^m*a2rAcFV&FUyVZb_HL%uw<*1OWSs{
zNM>$wWVOODkZ<AVOi`+|+Ma7ETvRC4pm?Npe8R3%dM9~LtuNe)d@2=Kki|W2M7HuM
zJ>wq7aCZZ4=OPL;?o7Ge{>)Og@+LxOFy2mLhH1>}E)>Z4Xn*dto@}RLuO2d{kFq1H
z%~vte(aP7pDDOVnGGIEPjs7t8Zbw&8!fX&0UF$#l`(bo<!FMInz$ofGOD?!C(k+Ik
zsH>Xt<k{j+l+yAub2z+o_-hWdT&>O}KNmNkZNUNW<8kH;G^I;@fDSidRN8`(DH>A&
ziMafYx+0rQ()c!+A!n#*JHL#D3X=nqy4yC0)^*JR@l?RuegU7F>$P^n0tXqNB*CP`
z;qb~e47q~xn1?U*fGZwmC0fGVpjG!sD>wzMokvo|Q|GoqR~cQWTyV4tdM#%|t3@H;
zmPjgprDi?WK@iky*YwNOL%+=RT2qxyLTk0ns@2y%tc!D2ozO|m78|OWDIE?IYCM{_
z1a<riws_b7Q*znTpqskZ!mix+@Cv%u-;LJ2+qh5rrnTz4=M6fXvC9ntE!ASAab^>R
zj<8|y18SFs#JjFe9h28s{4+qy5p84sga(Gjaj$7(D$(`k{Gh=Ve~wA#JduPoT98&l
znW#Z!*#H(tHnF9r-X^&=iJm8_TWr!~n^eyS)47dsouxO#ZZMC;(bgj_fLx?lxyxMf
z*ySpj9dN;v<TrJ?c00@xoVD^g=e!-kXf~f5iUfYWI)cEc%f03>W5R+j<f(~$P`7bq
zVn+fMcX6xEj#M=~-)mo0ar=<Ht>?C#+ot4gcB>_&uQbmO8COV+u`751C2?3ZkfXa+
zl4`h4<EpR-XXgaQ)l`*VUctzJQked_4MF~?BP-RnS}Q>t!;c_KRY%e`Q6APsT3MOY
zuJO|89<UQ$Oyzo(<747+tup>$njo9>+@5nJjz+;=iJv$7-bY$=PTo^v@w#^`S1meg
z&(@;TEpp6nJnk4GZ=h3rPJ5D4ji%?2)MBS1Y<5NP1Ckr_jO@Q0&EZWOsRckGTL7*R
zKt3YRDab$TMP<zc9K8Zbdav<`nsJ_~R`jjMdN+>(a|cGfC_iXG-2|=3#khIe`|@~8
zV~I-S?_=*7v?2`Cr-kT_5(zy*h#54a>-Rj0at0gcWTiYkFC?c=(>W7}xbRFUKM--D
zGEZ18f%0ST;t?R_L`oaO5m0R~Oj9I5-BvxDraK8m)n>0S4)mp1`sTAf(OdS7e&nwi
zkMN<Z14XD?pVkO4>i9@(aRknFdM4bHpEvtM#laHx@}1JD&N&drPmbV_kA3NnQtc5D
zw0U~_2gFIdbZKMuX(ypbhCYk%x>Qe(9cP9uHdfSiy4jtp*sL|NTa6Y*eBTig^XIEU
z!2n;&_R-xu6U$c3MkBa3)9ixdv&lrrDd;j?YGl{cX@r_EA)1MFiy8a#Pw748;0k|A
z+J4G1(Dgm?=P`=i-+tK4sz`eAd`ik0c%8ei)T7g86>DV&LDhT{hZ@%Ev<;*n+G-re
z%#kH3wTit^A`de3?nDN8TqSk^*ED#V|CZ+BuS`Zay>I~;8y^8282q<0+uL|LoLo}T
z-0&gCR+El1vLR5Mx^YN2b(t~p<I_A_#KyV*N-4Ea(LTwgD7?I#r7k;PI?xelO~*Gx
zm#`pSw`7bn?nQQUh2tF?8{tQzuVImSf=mayaj$sh&Y7!w&Ucu2#k?RmC#8)~UAv^6
z!ZW|f>o1Q?MV7RNQ^~tjXYz?Ks$%B|VneN1*X-Q=bEU@q$<9(|?ty$ScdgXLNDbmw
zen5g;uAR0j^9p^+L-??5qX*^<m6cJawPY(ppOhCFM?16k-6+K<S93Y7m+Rf{HVCjg
zoHm8>F=jkW^Bu#hdsqw=f54lxD@McR;{;iZ)qrhuiC+rIz}M%nuH*1%?IA<V<9#<P
zmK}Qg$5gag6ev-!vx0cJzak^lu<deQa9tTa@5ZwLVTyVv;8<p0qqyrBKVg~xdOC09
zAU6vM;Fi6Osw{Y$kpLdQi#l1`r&~SQ=}%*j+RhlHz$gRR-lk4Ng>&0=rhB8zF^<5Q
z2y$zt*}HgUP8w)IaBu~J=9L$pCGlTAb)-%6Ch=ircdyxGH&jKsqV4=|g8HV$+uudI
zM)nHty4{3zuX|~(8ik=}ijMbjUKC`P)Aye5cAX0@4l=e<8Qsl+D?moHdUKVLmUN>s
zIta?uB@tB(pcSlph6?DePItPg=Q<?sV*38?@-C)?kjM7X^%@m!!5vgA1y;<X|D8v1
zr>%vwoG)YBWqL@B8A3JXJv={m)h7bKvE;De*SF{Ai$u0#+{)<$8XUH#iF<RimCM#j
z(ufj8^5PGB$kOVT^$4xVut9ch{y8UKU%RN=sWW;)PPPu^7k}}Nb)vID$<`2iBU>MK
zP!7(0FWMdku@$tTw?WJo+WRWFr>E#myFw>!62_lE7(T|cAM`hG6;`kyufh?6Fs#j0
ziN|C6HKv-SzbY4wJSy5OIor!@Yq92b9;^fCP26c0?Ag^p@B}T(s7q@Mo~&AE@MMsW
zC%z-;q5tq9-mENMhV3Evhen?)NUiYNa5Ka|^psp`fmU=eE?ffbzj765kDp>eI{_5+
z@(-OX5}$m^vJA5R1;sRA-ZoC~a;K>=ptsz6>?jNCwT5jkShfriauO2<_yFI;cD=6A
zJOKdsbE&_hj0LbUH^;5!-~uN4NW%}cm}3h<J-LODu#}a87J1{L#9bftSNZ>)<<FiS
z@E=?LCSv*fg5mg1mcRM`zq0o!x<Jj$|9B>64`U|xM8X#56%spv^8~(1Vz6$$2>=6T
zLT0UPA(J_<#foi`K2|`Yh=7g-nHz~Uk`>(aLq^;bbp>o+A;h1=QsQEM<{j{NYu%IN
z3u}3rVI6NUvXs^bn2|(v4ewNVyD9t}D<(^Jk}4x-i331=Q(XGyYH4mzE#&zLwV+O=
zq>0o_Dc;|&R%GVeY@*mF+_OnQ09294h#^xn<e%8w$bdYV3f8GR@h?i8gcvaH`Z;aC
z<!<&RMf*8zzvOPJ^I^NmI-RWMrZsmXa&J;XxtqG&O)z&;!3`qSY%cnP6-K@_FE4HH
zSY2*d<GQJ?b7_ZjJoerX+p%|Nu`v(RaR<)vk9WPrSI+%oibn0Xp9b`&;sP{%cJL8F
zC8lCu_1s&&$}%CYndUj0WUC|^0Uec^IHCz^F>%Q!I~6SQLiOn)D_B;pt)5LKOpN#!
zNJKeudIeiA_&rIX@hYZhQMk&;*-q`X#{bBvy}=0DPVLRcQH5MaEo=Q@%~OlM(O{V;
z^b%Im9s_-u-h|AmG5J{2Uc^n4TETS;^l-XUbFC4|Q5Q&|!ILe9rxrbF;LW>`o;1Wx
z%?-9$H8<O4)!gPcYY^fFd8eo&gHAH)9=0nY`{*-8oUSsTPoj&1{H{@^rpVd;T2q#o
zfDjbgZDQTQ-JXG*>bxk)8j3w#YOh)HM%Neu)EYx)d)q0YR!yND*{Ma{;tbOG1Htpv
z0w7pO=BDlVYIzKK<xpR<vyL}KF?I_2_VG4A@f?8I#xRm;`D1uc@w%GmE~%&#kmq_n
z>xQgli&csyyuv&1PV4Qe-HJ{^3`kSbiz|AJyGdbDW*jWuYFIcu#%P%<h+l;+?&JZI
zjkeDzA0;O}`yT7Gip*9n=k^|q+o&^4b89lg1<-}nK6J-d*?Z7ki2&sC*%J>I@JY5Z
zK@o{pqlhbGSqxEC^u1calK}UuQN9H{=xxu5U73Tv^Ji!8W5;);8q6sR44@{Vi^EN`
zR`82{UvfCiyH@K$p8n-`>3HwtP7WR<1XHeSPTOvvY1dx-7@}7|RD}gWsxov#AZXNe
zJc$UWN4>JE;Zbf|Y<QH%xQLhcoy-2m@a=}Vo(Um62HN|fx7$3nNSe9ble^61%rRup
zrl}Rz!>kY#pE1`bY1_pNr@GjbOxPqtO1zW54;MDhyJD%ho&5X5@^|}?6RY`gLj*<-
z8Hy{tpr+fKI8wHATex>`rMRCB-fdjfD9(Q}DOvB(6U7gCyPGQJciV^OtdYc=Q=eci
z$ep)cA((~V?*K>zlV5+{_PBQ#B`I>8#Ek~f<*=Yq^V60cx;uFysnTlE!T{by19BU6
z2|H8bR7@~TQOJ0i_$n4?Hbp?X3Y9F=l><R`jDb=p$~PRmtxhl=fU8d3KJR;UDZcb;
zPu)Imu)56t9IhJ0{y(%lWG{V_N1@Hks6-?N>{A_3juNINzs2tAF?Ps8J&q{946${q
zaO&`E<@ess4_F&zSq~4DnjbLPzuqDf>j^@KA$15$+_Zw6<!n4ad-R@n-_Ip8J+Ik0
znlxnMab{emGcE)8ca#}b2)~$8aJR(_#k<}IH92|08Zxd>Rdbg1Yyn&GjFRe|UR&|d
z*gI|KgOmshFNg?r_^$Jpk%p9j#4OR^E<Mp;iC=*p;@1LwB=IXomMw{2$0K+MhBXTH
zELv=_EhXj#nlNqBU=tp6BPVa|lG!6$`2jATO{rimrhoozPWt*DJ2W&-3J5q)0cLUo
z#sXC^U_lL-+2S0k()6$*x^#A(2#<-4ze%ZDC&WapG7n`>u&YmxtM!;FiyNFUrx&)?
z^BtS5>P?`KQ7`WXg<-SRZh91F!Ux!dC~)B6<-AJzo11tg95NfD(v?5Lyr@NPfpYR{
zAy=@UudcN%;N4yRyG6No<ZI_%e^Su3m>ZT$8>T3?<!YKqP7i!`8`Uo7G4jqDsE^E+
zD;q8UDx*L*aBc$Tv+@`Xv{4s&H(Y2SKDLX123Ygo+CZY-rS`4PJ623aG*Dw%hFC_R
z7*S($FzZ+rSKh8E=9wi{naD4dkIfrf)up}GqPe#tZ8FHmX^?&JOU#k-W=fGSt77j!
zSgmV>+(=pt2qfo|qw8E{8$~vyT*^b^G9b3NiwO0;xY{yL_?8~^^p0jJsQtBB3NHKu
zb+Huq!EsU#TfuZ$W}uYRbhyPk1Xp3xb?;v~8t@0+eUB)Ucc;1d*(%HjR&XUmQ`Ren
zMv3Tr=2)Wh^J7JHx^?Tuf3b(YTXUcH>FM@X2`#SISV6M4ZM5{K4;9Vr8h&kQ`~{fQ
z^?Q8)c7=p0uE2MmNfEu^VS)buqh&YwDO;=f1DICq7)ln5>H$8?!m=Qs%BXcTQ`@KW
zYMp7yhIIQ4`}D+PFfP(9kHt#aL%*k<7t+WlwL^W*(w@n74{>w)43456;~&iTO@Ur7
z-pT}e9mAP?j|~xIJO^^|xlCUpAAyb7Lg>`Hwgwm#|M6anA~4b#IIrreeAjnT*NtKb
z??mX1<rn7Of+F=j9>w6+eYXbxJ<zMcXys_|ProV7Yl#}`OB$NUpjrm|EMi9TY#Qz+
zORE)g5@5$j$%{wDrUE4+C1zTKn$G-kS26fdVPfJClo*VanmAgW*@ykI|Lma_YkY_T
z43wBWmK@i4a|uYDADA4Co<SnsEKb`~Af$YCs-Z?Td@i-U7&lYSw*aH4)u9QNyeHW~
z(DhdeG@^tc6cK#X2bBiFr(I_d{O;dc1owHpKR<xpcE29^AF=uCZT?^N%zq*IjhBZg
zK*;-IEfipD@7~1)sde6CO3iJ84tX!yOxF}<s_+&lb&z*KF10|(^#asTwBkvw>em^V
zlzQuL=d6+Rk*5#gB*Xc5w2_mKAr+QnYdBTRyVy9zJe;<<Di?Q4ODBHvDs<v(^Mq11
z&*-yYc8AJG&=mX_>mDo?bkgFm*A|50?$5`XX4X){&1n5$S%-^5#P!v0OtExuby|N&
zV^0O-{W2}~X2Hcnf<gtY5E<7zls!Jt?!s;H-%&uqZgozVT@teITFpCDs#;a2>47}c
z{Y2`qCTByr{KR^*{`xuR>zXRN|6isZI^^csI&N9Z&wfR~GHT#XKoD#Bv3dkPr~3<e
zn?pKX$#0ytqf$BaQSz};8=}eTd_99zW(Mq9+pS(Jym?2yyU3$I)e$l`6mB<8o03VM
zY?9LhgMQVm$~(=xHLJKzP0#ZdaH}D+aayCzGz5zukH10xq}G7$?vgaIc|y1&OPS#s
zS0JXWNz+&(r3KT2z^)0c@OLoHa&Wg0=b`IH|60QU>e-0+a>wwWJ^%eG|GL7zF7&V0
z``3BqN<U;$H}36p+U~354gC?=F^jX!gFQhn{%*0GE<M=IwrgI+Bmqw4{KM7|W6~b-
z0Z1SUNDWzxj<v|!``s_0MRq%>BzQp;J%;6+Xvo~!XuYvY$S3Z=En-2z`gO(52*>39
z2E;K$7Ie0baf1SMtk5w|=v=tytx{-|IZJyc%lTF9^^QRHfO?F$PlP8^Msj`&(*L5L
z7TRCKRn%k8W=lPqdg;f7D4c(WG2c3m$vG6Y%VUQ5TWmm_Qf{rc#N(X2NxioRnXe>2
zo-Yi`u`3Pl3Y({~LCxLto?3=hBZd3n-*a>XnFW9Q_q{`hKuXH_xQTAIgnfJbsN7U+
zsVEtHeeuT>_2Ks^sspNoCEiKQ<3?oO)v{0%Ne-`W=4et3znJ37AbyDQ*~+G88S}Pw
zqR)#GB7M+$43uJXL9;3<kSRWMSnj+=qiGTDRORjOb)SspsLg$BqBXx)<<0NQFuzBq
z=S=Trpgs2x%ToufYZD~4PR93&*lj{oYX87{Y$x;vzZ61Zb1$%|pKEOD6(+(o0jO_z
zLBjWNj`6{C>a?8$%hA<=@MZNu;54KV;%dy^+mnt{6o5i~&5S+YO`T6{(7?k0W>MHV
zVr^a{8v;;_9;GgKqXjyzSur<4Ky$N>ug%Ts+|A0|O?&P}bk5{ikh__myP0io02(sD
zg__?MaSDlDsX|JFfDm4VhEt_z7=7L}{#CJ)_|l|`{UljbNBQZs&(_Aj>Swn|DcLL}
ztNlE{sm}+;zd}hZXCUQanXsO1dSG?20+}2Cs?<rS$x3#Wyv~0J>ESLO$Ws=buJ@Cb
zw9$XxqK8HHeg9~S-cM7KhEETzdT6)r2Sn?XG)qaMsCt;LhZQO;{?!2I3K87i`*S9f
zCW>9R82q;gfu7qN_6C#>#hG3g#eSf8vYhf7E?ye0CGJcKumWIj4<z7f0xS@b7xLJu
zvXJ0{28L?PDiPfZqQdzP#EDTj^E{RO8q|bN3b*YxMDIkr3)mszs~`LRM08T0$d9wj
z>k^<EI%$;{9YWDLOGUi8sb!~ccqha&p0`)r3{Uqxc9rh@t8zbjsbJcB?JtH{g4mMC
zG)6(~=UkS-X9}$028%jpGWoiQ3h!SvvZ!;YdXpLfF&xQN8l&gO8R2cdmDeU6<IY)Q
zCS9tcm!v039Szj69vC_C0fkNR?m}{9D8W`%+bP5(m%lrtV=zRi6!v2l!Ly{>+*smV
z(O=`vFc?r5puv;OKg2RS*PBPS=L!@S*msleweJ?{F;%wqdBzAgO}=_!Pj2C4ZhVGo
zderDamXk^8QCx;0^XY*P_P3l&0ke^=yzdueq8FCOpzD<2Gc}}I{eekkt)9(W{i)Cj
za|7#ArKezyb*VAQ>49hXb=B!@eK+fJC0_jErVz^EH{e^Ch|+9j`_sk>Pnf**+!g43
z6ejO&QSJX(Sq^d>kFNdgZxI;~E#bS~a~ysCEg}PMuxs@h>e!s6nqtA+DUGL|ET1*x
z-Umln{{Ifk{~I^99mpmixpRyGlKpav1^yRq+-L_~w1Y!8(woj+^1sp78gSA~5=_*9
zlQfU%BP!VcXjTqq%u0b4gJ;~EEH9lZtGAO5^t`L)TIdleOqW$Il+sFkb*k(c;g5xl
zJBD%#Y+ON0fQ>!HQo`k)qen`g?8C<V&-$Brv0&gUsutf&CYq6FeSugCF?$fPmFWSf
z5a^m0+zW2?r=l$=FxM6aaw@8jd7mD*zh9$;#@;F_sjh&K8l#_zRtIv+skiA&%c|gE
zU7&xG=b^9vRAh&4H3HMvDUjJ7%r^0xKldK8CBz<)+Pa5kic(^WGaaH2(1GDbn&064
zV|33cF3{h^*G$t+V~FSidexLVfEciQV&YH!y*Yj9DxF}(IGEtDZtaShh)OIl##>rW
z&9b5KHs_r#1FHbS(!ugbYH!1>+^0Yg@k{6*F(EI(yz@tsuyk4hVU)PVc}}b>vZ^&{
z%2=>OSzs<Iyb-&j8GBe$6mEDudZ9fX55=iH9Z%%Wo{ra|)A7vN3l_Qcv2n@IRu)ky
zEK{3&_q0H8h8A{V*`;YD_#?JBTe;KU*_OYP)WCoZ$KqZ1I5-Qh$(M<Ll8R=<xJ{GU
zJ9s}kk2O6!<!NAUG;`zOB;IEth!;%TtHZUgh0|kK4O=_48>t#+U%W4dr$gK<0oA?O
zx}0BppJn~dOe*x`6k=j@&F9HX5dsx}t-;zBCpkBLED=MDlsg&CD9K{bZibvF)f}hg
zwEafoS^EL8d|zV2@xJPGq?olyULW?8kG*pXKZy~vU#LnB*oD`O=Y51JgX2ROvmoRh
z)sEhg6a;MlL^~H<lz|I>OCHfs`{z7QeC;;NFD+#GUFN;6Gs!#Aj`WCN3zZHha~|Uc
ztWIUBa+P*T-Rh=##v!Mg;+(^;twu|>s<GtqU>uUWe#nR34QtmBra|4pyaB3unHxkX
zb%3ZeX-c_ZHyn_wGXOw$+8IhK(E*|<KL&Fr0WI{ffT8s6(*sy|WT+?hO||x}Nykvx
z0BBs<`IkJfHy^mpO&v4Ku?Pix>fI><7&{PRTpaV<)VPXdhc?2eCt{oZyx$B0AU+;l
z>82-R@tw}U)&Y?7#w;hlO(k=nXXb^<d{bYU8z{dtHgB`?oy*Tf(a2{`Vw!F?ug5oy
z!f4?hyb?^Iw*}454t<C;jt&EZmTQ+L`WkdBT5~QsOMzTp_u^b7`|W+W8KT@0<gYIr
zwvvqw)?t0!2I(?TG1haC(x=k-^Z9pXZUA~T?2tYhw!1;=UX6P9C$>=^a8;xJ=P)%&
z{@us8$uC^F&eEPAK;0^emJKjrfL~o9(sohMxSd{9bz*kt<D{I}=X!Z;qggQp8igxn
zB()zl_m0&AhCM4I{B=t@-YhL%8E>xu+9ADK+!$9K6PPOdQc-XW=k>NpT`k^9ix-RM
zDjeVRX!x#F+0TU?cK!U>F5I$yj#XpRquv`}*U$a+NDVpOs^w$5e%jT{Uq3IDS`lJw
z7ga+RH{-2L>Xvz{+{$Se)bzlA<4UGZ*>!dEl{3#<x%u6}uY1d2^O^nVK3}tL9=V*h
z&RM#E@yM?%tek73=b;`%Kyhj<|7V`2Nl7Tnq%=9)wwha4w=L#2z%N9H-$~Uq{GL=@
z@6?{8&;zKNWTnqhE||c@vo#06^X|5ZPTL7!j3Pkqm|OL=-JvY^7WaF|#O6ykVZ(XT
zbqGKH3O-}Kw8R^{tw&l|Oi&S;_2V0lv(RM7s@Qqi$s?&fnv$y#mwH1Fs}<1mh(h8R
z=y}657wFMakS_ZzON#Cx>}4kiTP)lhJcL`|X4_?4)1&Szvv9NFF&=@N7N75`T4(2S
zvJzW;xH;lCWCCt1_if<@+|N12i0PU~BXXc47}lSP2$~y!10@2?Mh<l9O>%nR;ty?g
zA-#1s2c2nRx`JZ53P2}y%9dHK?bWBvS+3of_i+KiM9`F)n@n$nEiZOgU$YpyEpv}Q
zefNB7r*FccJ?NX^za)+In7-70q67WoD|({7oxEZ@FR;zMCU5l(-II5NFu+dU1v_!e
z<V{@4mGjR_?BpG)M+Po8c_)6*$K<skkN)3G-dAh?gUNg9Bs+PvUxW9@b<*72<Qbs{
zoIhMsN8qT6qXzSHyj<8$9WDgMI)Dd_5Ev}ZPizS25(1xY>xy05=fuv>{I5T;uY7DL
zc1FD>_G|F5DYeHD>C$(^ih^AMhTWHhgbAs#{p@V@B?)cAHsG8jv|O-hC-vqkZkg1J
zmvBvw+PR;d)HC!*={ZU0iZynWTa`G?$H=?>mrP*f|A{0t)UWY7N<yFhaLZ_UaR+VA
z&8!h<JBfiA4dN()T0y!o30V1~!~bZDi{0Jl<lUaR*PpzdKeChew}UNF-2y#D@LHt#
zdteqnPSc8HdBLJ=G4o72KTKo6qHI>-blK=%*+qE)Uu*pqq}r)``Fq?lm3OyuO^-U7
z5TiVf`n4XJwcMio;QMwedo0TDVDj61Q8rcfB)Q*hQEv6?`c8}TuoJdCg%8Na)N=|Y
z%(gOxXcX-dJTAWikIOH><Fx)BrRDc{t-hyjVey@&!3B43L1!pIt<CVQeJ-y**77Q!
zSsxO%|Ik9hUxxRf&%$TzAY{GzLOkEG=H#x&sE3og)`b%5qZ7gnubp>+W-34`Gl(+I
z2%7jmXDhE|+r1ic1+OGdnZqD1hNqO^!TWn3f-gSF9@U(ggl2zl07E4n@^vL1VM>e<
z>y*+mLwo`C^=#$Kiz$k|YTWL}Eu6O44w&qX)FkgRb}^zrfQLX}^R}NaxyHL~^%^b(
z@~7!-J*T=k2^)nUc6S`IH*?qUk?V{j5Y?u##z(Z`N1V~?rSklUP2M93W3X&|dhox^
z7<9Z_BKC~EDchj4MJ^K4$_QEQ0drkNL-lNOGh#uRK?2^9JX`IpB(R$34(=lH1^jUk
z+w#~B^rD_#aAM7fND@!S+#@Fx4)ET1U0pGXWbdGB)Vm)0hgyu;Xp>@cjfF{a;}@WY
z2)n5tqo!ILZH=UAIU2menX9c|NZZa_Gi3;U$=5iy(+ucR;MHmSkPIfuMtJ#HGv($?
zC%5g@Xqfps3qoZJy4n_W-jFV_YI<MG`w9O0^Jh@W`JAi6bX~Sc(`8HlIe9Y|H7CC`
zb;b4cQ<u&0+^F2G3}}U&(M%#TG7xkC5QHFvcXzc333516trQbFB5gg+Sw=!0B`|B)
zVma?WXtb8wG$$_&m{HF-xgyszC#MF6wTF|Z;8M{)C)b^9)r#G)W8(W1z|U<o*@#P9
zfFJjP@xQ1J^MAi#>%$FCg`8h33!n93y;}%DXSLUVYX~Zr62$2L{{sm6{lB^)=##4i
zLH_<>ix0Pci~i*BVTAC34Yq`AEA7!4c=B)EnZu>Z_)k0Y>_59Zvxn(S@A>&I{W-L|
zKV`l8Q}(U<bB@^-DdWt4Fgg7S`g2^$qIamsQfE6qzy7-U*{acCjp!A7TigvVx*Z=J
zE&_#^gK8&7oQw$awZuugrSCvb^dC=1<Ez~ha^00aeJX7Kx5Jl_cW*y}|2d+u8(*gN
zn3A*FSx<AF5`{7nUEdV<pVCbIryzFDE8RWnOm2oRi@t6?3f2$zf#Z%fe`Wdpj8B)_
zRU|z)oa+~M0K1Z;OGDqfZ$<x2-+uXWci-NdXJ@MkdAoqV-Tz(s*F9fm!F;34-Mo9G
zeTVMt_St_ib@#67?q0xjk1bU6&+<B{Q&9$-56?5aTI%?Kn|#wO(BiFL*;rhJL*0aR
z(!F)AQ_>+X!fuJd=rr^aN3SwN`Ey~mWg3_+cbj>Pn63-_s~|+rEB&kIU!@IDdKFi+
z5*vR~W?(oZp25ZF24kGC=QwfCZM%$mcqI4m!69AFGWt`x?60}|Sq1m=3hu8jxWB95
zenr9k>VkWQB44KV+2~JgY%y5J&9qXJlBk}|)h5#Le9nZ~ea0)(LTxCq_c>mYW>3#2
za%_6Ry?Fdwfp-<$uPC@*U2s1y|1I2?nyq#Qxtglk5n}!{Pz&?-h*eBv(XvGKKa{4I
zi}Ek6i$Jak6%=Xi(+^dzB#*?gfOkhl25s@ZHU&W0?~i(8b9jF^Nbaet5D5e>V(Y|;
z=ibJ7D+eKCy^_gQy02|(#hiN^e%_6bR{sTa_XVcP8e>?xD44B`+#}DDnQ+M$x#9SS
z#WQee5qztZ>#=WO=?E%)<_9Qk<xl3OF5+OpN<MQ_iZI)c#i6a;O^=4loMjDG7hx6p
z^slB|{5#f1heT38!ct`v?LG9&Pm>9}$T3QA-PxfJlD3)h`_f5P&wK?}>6!PdF~UdQ
z06TR)nxT0b`XpP9go*J(`^Czg`;G`OY<hvgK_|T?s%P_1aM<f~qser27B6fzICRrh
zANra-EFY~(4NBkl`*kK2@wu#Hu39ax5g?=9PB@@Uxy+dg;a$jJpm~=*=q`N#^Iqqz
z_m{H}0-kMey6pU!LfX=5eG%AJg~SgliXHA$jKyhgTq{@n=EkwhW~|FK#5I5=h;s^$
zBXrLx_0FJE*$;Po&>6&LkwF8xyE_(jUaq_TCunds>+e0OzWRIn@4EZ@%oX3UzwP?K
z^tb<J{VkjyG&;<W94fx!9A&TUtIePNw!6(cf7dpb=i7X=S)g<CV<<aXi+Dr7nB!D5
z26~KfW3YRSi*tsv&4#$8&*qLVXztJ2zT*&|tPji(-((i0Jp8B2uAg22Pg(=whl2`6
zIL#09xPo>M$Za#)tlih+f+1kWv{`@(zqp}$nD0w`$9DfwADDJ$=886T???WBg}-mj
z>#NcK`b~GEi@$55*Tr*<KG-x`@<CtlL2QRc+yKT^{D*K-(`VCvP|)<TYRPvYJqP8R
ze$f>@#yh94!873{H~9&s5M=I`?#8Q1x`u4!;9IE)g-l|uD3SpJt%JD*v4&Lkid777
zU?z-#TNI2N01GlETBenbFgXv3pK#+3PS>NqeeNX!tr(+vn89*WrFdwuosjQ%4lLHP
zZ<Q}B3`B=D%fh6EIfpN`&%5MO^~PWIS~q-XEIw5~Fsoj%5qb*6?L0pUzwdW-4Z$lO
z70u38)>5?Ts^TR&6{ADWpb%u%ZfdMJCg@b02!)-@zZR&h3zY?g2kuSGI?G|xVJ#eQ
z&ardD)|p-4`$mWODRHh|NF6!}xXx$t>NPgq<ET+#<WE*}T+^Ii|H*HTbQ<ysXywdG
z+QU~euVJE>G9KevORq-dE4}m(eFh|&+zhML+S7=7I8lFnlF3Ir>486FX^qRX<djY{
zLH;@68X2$ZlJ27z)HZJb33k*$;h?wiTt4M4;JwBjXDrM$q|=*iE;)T6ABvf{C}<{U
zig|}U|F~mXW?$yw%qm5Wul=A0ffyb=7X`fA(AT-C2{rEW(FWFJiytf{wTq>0F+RNT
z*3R97qT4Gi|6R~~{t10I+HBP^MOAojJf<Y0XxrB0WX&1jjeu7rW0gq(2ruIBTDcLN
z()GsUys`J<v~;ZWvdkd;RH{$ui-O+owudE4UsU1!twOxn>)yi$a*cN~=C6Bys39gU
zJx=awdOX7r=mP(tIcrwXeCNJ#0=l+h`a<_3>GNq83Lv^?QAh(Dft8u&wTwfhWnGr*
zq{Oaw?mz1=zu&~_eGPmG$CuKF33aJs>Ye*$HgzK*HBr2vAvJoWlB+2o7@8NYCStyJ
z3#3`x<Tv-Kw9?>U$e@CF+Xy`s*mcLUSfF+zZY(s{tBkvAI5mJFq#4Ka$$!^`Rk9@I
zn=p&=x~tc&@7b!h)`&>5CCiV>P0hqJXBk%;|6E;dRkVr)%1dN~yUaIus_Mg#8J9?^
z1c&&DGp17`FkK_SFi5R>NEX`z4VVsJOVr4*8U&m$W(hjH@q1_%9&1cK-#Gj2VjcG$
zUmkGoJ0_g`07=#R&6uw2m;~q5Fk>+wwd_I>x!l&;Qt+JPo92!&F*bL4^a+}U@^SGT
zu4Z?K_G2x&kuShpLn7*V16g`JTB#P*^#XgFXkZtPT&(4*%Ne}%Swy5h3kuZV0y<v%
z-sul&RC{95_RLzZ5(n9d48(9bIowODG@QsyF<|5+Mc%KMD5*CZeYzAGA)hg<jDJ{G
zT(oSoTTJYrIZFlVdDnuIJH5m*&urZM5d9-zhDwXO-r+93u{gF1Hl3-@_NNn-8!q9@
znBDo(YnvmAqyKn2%f5YCZ-1b-XWF-U80`ThhM(S!Yz9yiKr=`g55BG%2DV*{c#<v~
zOHl>`Y^bmE;~aUT;3Z!Jcc#egdlxy)7I}aza+{t-R#T+n=J{bl=JT;o7}nkA&4FU5
z21Ht*%Q`Y@M_b%m7nv45PpJhheBpAR0%r~oLE71z3&UO43lyxB?fH>}^rbe~;>J3-
z+!ClE`->=j=#^FzHcj|TKK6Qls<io!an$aKnd3;Z<XpQ-GvmEQw4E&|hvn173$Q0{
zfk`*1zTeiS=W*6!Tb%#>sW#uN?tFsK@HR-QCCUWAPV?R$M$1G@C#tC;rqjqE0y=#^
zlThUyzk62}Na`nQI$|e7O*NjdjXnIq(k=hSyKCzQ`co}Osc_iHX8~vKIz6Q;uQ{fy
z$o*0Im2UAf**7d%w`NhHZ^3gH3kUGs+X?JRq2P)>Jh{w~?3?HRt@2;rSAK=U0q1Z;
z+ql&O2=Z#`3YuEx%;hk1MxZQUn>x=e?x3l?o8nx4n6k;ajA&xy-`t7qz&<|OD)&)Q
z-yii5$Pc>-XzL}A@1?ZO8*{e|2x<%-$bB~EmOefrCZYXkX5Sxm{Y;IFU#5NKEy|L*
ztiq&a0-64q(moyIPH(chfuC>{<Zo9cK=J(xTK@m!FSy_jo6pWwr1d#06Gq!%Ifko-
z<%{oWSi0q{_?r4h*}MS%d+QBsPrz*s<5(F8QQv9E8~`fxd1&i05z4YzB11YjOA95D
zOwKkZ{B|?hn0|BRov@|y&bH<K?fhQl4e4FpqWy0ibmejHT=|l_c=0>;UsCaO)5irq
zg7byFT^q)JOt9?PYH9(06<;&WP3_9cl?sT3XnV>m<M$|=n@Y_G&9QgN<h0cjk>onD
zk-yYC2ve-fO~sWV(zY(Py_<ee`c-e@{`%0QyQ#h14J*UDL1Nj4Gwku4n6sFuH^iJ;
zpV>R-kD0Cf^Y4W>_+;V1S>Bjk#%XoctmGBNOXBVQ81IVYiumdQ+yq$<$~)dK$#NRN
zChmu5C8$X^ZsgtI4zDEJ&J6*3h@ml>eUau7S?iZ-DD9Fi*3CZQ?)E;tladyTdF@je
zqL1c~Jc6I@gHigD;s~)#+m>qxIQMSEFK3f)#z1$sf4e1r(KlfZ>`qMzzzMEZWad9a
z(g<Vlz+p%=KRE1VpKWITVJ*(C7SG%qiX9S3UE<1gzMle&m~f^A@W9Z7s19=Sp#Uf3
zJ<<Fz0n49`y_4roMAmP<NBjeWAWnnYoi@cQrRpH&S?@)NGKpQ=lGZa`s@rfjqEKQ1
zHHhV^Z;Wr^q~$B18DrY;O!tSKH$f+H8L8<;n2Z54CSk%E9H71-GY(LJ`{m~Allfcz
z55gULb-h%=(Td(V&G`{KQAv;TvQNc6?<ytruHq}=QhF!aqhk?-7ckr=V$y?}xoqVV
zzZEJx7~sL%L$oaYpsV|xEL{U53%vfbLw}>}J<_o9cV>3tCk#7V<(&?=W~?Lj25-!s
zgkSXs^JT#?%j-wmnU(aFi?ot@&zZ~oV;KLVX2p;%zVPZA`W30svuP-e9>U@r@KT~D
z>5J;U%PnESakqk|;JDj6zJ<a_r}n43v>?lATSDK#vc<QnyrP+>QFNPNmnaR1TX^TD
zPG$}t*4s!b#+v-rrf~edO_7E#oVM$DFBP(NnEpMK#Z5nKhU$wWMBms|r9jgsHCiKk
zcId^*!oDjwso$zZH?@6o<%X4nzFT;h)Aj}_psCpw(fE*%Hj>_V;vuC9jh7i#2oH_f
z7eKbdv+a$<*r$wVHayc<ysWW!P5iNb>pLjwe<-Rko*gjr1va5ZpKDByH2~Jym_Bl2
za)m)#*pL|`o04yIbd_XrL*G<bes37+{T%NA-WK)&Y>n%eaau_$O>auBgMj$-@00o2
z6~LQIy88^20QwS1F%K?Cbv7vc%-V3n3*tPhoJ2<B!qVOLCO1vVubeyAj!q9hJiDwZ
zea6ONuQp=(O|nn$u)_9cD_{9FBb&m|1wE@um!4t<Ml5S89LRPSKQ^ZL)5iF+ex~4L
zZg5s;aGoU=nnAvFbK%eoD;Sz@z`jrBf9-gL)<4F0oK3$KhK=D!P&XkL?RZSmcqDZK
z#S1nVp_@7hR-2uFa#G^7m56!;#3|l(g}Z!AKp(rwlZ5~|C~eb@hn|4e8A%Vl<;{|!
zOtnA$&8a(9!qh?18ne$g<5m*y>?iM-#9@4!T=fiX+cmy%*C^XYMus>WuQXD;!JE4$
zd(2*N)B8R(yp*w}Wm-UHn<hYbgWgm!*cPj}<iD6k?I30j8|YYL{GDCdExN1JOM%$F
zkoxLys!h!>GW=k0ES&nSZ5EqfPBT8LL#i{kv;K`wm;O}sM2gLBQ8!i2p^}3UYtars
zK8tHOwZ>^XPs3+k4Iw;TXAQVxLxD6tY*)N&W>1U%J<w$vP-RT<JB{(B;0nd;ZyF1(
zyex2dF^4OYdf`f4Q?e_EE4}fd_w(1ngT;??sIf2nIG%JM+&F_ZK5F~$c4m*M^G*A!
zh3-qkskFwdxN}VLhCD>y10ipWe>q_0i*l!YE<M^n^y%pdg%EvsQ}VN12S6VFzWw_0
zb@;x%(?|E@D!@C>zxnXZ*&W6)Fa5A#Ro=z-T~gnE&#s5*BmUVyk@{|b76<~0R!D4z
zVij(+*cU^dK`n|<ykM+ErNKYvyvFRCh$@JrEX*iB_%|BM*FnSE`xj-<lWqQHPu?t+
zXL)AlzFt@AwLE#VEeN|ORaeZD)C-GX(2e*_JBru5{>SXjT2HQgm8lT6hl5tHFD>et
z2{iXr^s+}OT4u8?7Jagc*5<9=UAj)6JKyyAVSJuBwO6x#tWTv4u%zLX?CQSScOZ>7
zPVif7-&fPLvcYSKR|<Oj?ZvKNXgK;MsqXN=Irg4n!eLDmuY<x1bxAFe+IK99{-AOF
z*x{uyVl7@8Wb?IV>HG_67o(*SNwmjyE_l_bCi|~o8u}&wo_N){uHEkdHd248?YPhT
zx8L-92fN|fO^;)Vt&E+-R##&WS@g*@>zjZ5w=p}qi$mkS|I$xOciqsFU(XJX6?b+;
z%LspN_6Nn+w7_g&>x@>W#^U?6I_Sn%^m~B7I7MArTsg-yzOlxMw{f53oKr3~)XG*I
z+>FvvytlxoU_UHLK|z^epaoua%8)v*PD5KSHA>Y3Fchrz?cS@X^EAZuCbVRTF&!M+
zUr{$Z78$IFe>OO_tGm2}NP<Q5zvaZv2aJzG64pw#Zlw^{m)j&}a6NSo4)ir=UuiKL
zmp0A5bT}fd`VfC3;3V$WO`ko#lQ+4Z|Bicl&L;C*&pWi132oG`NNNPWhVkrR%^;YH
z-gvdH2C?io<jm2i(YH7lPYvCCFplgs7}7Z7);P9;0V^Ty$7TI9yO|*gC%4sxTABkt
zG&qW>aVAVh)=QS4#?i<acUpZxJh)_kWs1F;dB-S%Y|htNBSo%`4;aogbgt3y<Y}j&
zU-Dlt`@!OCf+ld|CU?$~EY8U8oX-cW%VuXD#$E@_P$YFA9HW!C$K3y@g0LQu^r+J=
zEA0_ap}ApA^sv#Xk#}&AMq~D+4CgDE4w`|K@uwDh781zd`@YOJZdfkr8rz%0>|z`w
zY^uo|XZP$LMZ@W3Fwcat|NH0VMgBL@-S{Rt#Q#P*;~qKhBj=cTmvUa$*mCmtu-07`
z_J`$meN}t6_1o+1nuX9Juxa!*c!RtRM#A55fEm4h(=~cM<l*{UP|%mWroVj&S`jrx
zTXU10n4aFmHU7~W1}j^+tGt)nV9PUN%T1@bgv4(bEe}=jTeK`RnA<AdCMO4%hpKfK
zPM-tt;RWNXvez{_cjJxF_P>0HCVaY_?{k{)-;>4)jQL}*!nFN~$MD0fV*0yGn!y@H
zkE&~2KQ0(xr6@J==cD7j)Nj9JrCUn<#ffLl$@M!@Y^2R|+J@3vDc4J@aYu>el<V*I
zRIZ<xq7f8Nh>G9KC=f~ih&DrUyN@0rhH0BZH_+sVuchqdT2uT)k`zk%zR@NwCOam`
zF}hAv*^$(0%uIFO`?rf%12>@$bz>515vffxXQ(JOQ{{;9XlHo(JS(H-AukJ67b|#n
zb<li#Q10Ws_;6VJ+(P>Sfj4?~an_Z%&R8hYL16|=7inCDo<JTh;W<GGnejt!<Lw@+
zOxZKP?4F*)Y4ADT>jXVWcFz7pX9k#QN}NEl5v%5%1bs=5imotf^j%PPqa8ZrVoHFz
zR#-K9-Px$o<@6^JzLQQ-$=Oum4`|{})o~GZG-6Jf{qJIbWD`Ww1CXawS2WFo$EB8S
zZ7s8YzKv@6`L){=*7C$zXx1lr2U3mz=|(<YHkvq)>>tT`JNv1R^U%0#+~DFaopj*!
z_mdTxPGKW4KWN*ui81nsaKNi>74{g~<WD7I@NaeG&z$aMweI`sH7iP;*Z)Zv_+7kf
z=y2XHTH)2{955~B-Yq-W!#+v{c|mW_J5aROd#xtBcS6svE_};=RpZ_D4-)~ZA@?4c
zecvxMnj5@>N(_$gVqSGGIK9r(oyEc$PR};fanv><j^AS?Gs{<e>8t`MNYyr_eq73C
z+G20UzX&1Rlxifl@5YkzSB}Bg|L>!U!TFg>Q6PK@{fRwjVpgDCISw{uMnw+Uox8__
zI4ccWlqH~Od0by_fY!Nh{9qk%YL4__9cm%9DChF1g~{a^Z9uOxW)4+JiZUBC=smZ;
zkb5^{IctK}l=p=Fi}A72ah>>DUQB_}eUW;nQTEv?TluFqYQa6SaWh_HBN;d~Rc8xb
z!L4)$idr~WA936n?QKl$V5VETPqvAyZ|3Z)hhP#imo=saq}^=%GuRa4lw7b>uP`eK
zEnov0ngX8*ffLbAHVT^NT>!vIQ-y8sv%yYVtp?EY8<`nu1>b5xFs-lZ-3Cu**Nfcn
zHJl5(L=2~rDVOOAr!b!{A?iSpljslZ3j#Ug=OoBr*Lq;SkehL~AB`CAZ{?rtt^5M~
z<p5<ceuEimdDKCc5e>biw+fw&kVu*x@l@H>*L2T%Vry#a{aO0Yn|(GMyf=W6;5c)t
zLZOOO0GBpuhoy$Nbf9wv?T<Lm5*PnK&gae)t{Kja(Dx`A&EDVM_3doxlgST;*)~%|
z;&0TntPyH(o2k+mfL(7j0G1i-JwDBpOl$&!+wa4bNL{uh+t0Tr7@uFlF}mr?yHU%z
z{1N5|0V>s4ni^KT%(?syp4l{0;>^8SZ?v9D^58%Lu*vS5apOxqb#<WZ<-7>X*nGva
z+(pte3$SWJMeKYi=K)ve$2N8uq|z*#;v|XrXcz`V;_d1=uuPfTI$|-chX!Nz@@>uQ
z3-N`;!0vL&4jqj*6ean@p?mL>_sX9P;l4*afnB_#bG*kEdK@L=+&2M?jveZ^0Mwn|
z6{7{-ExhLG@@1nL;|oYZL^$+R_zU4cgh&;CJ6&TutUZE)iP?sZjH+E?X8Sp&nb|%&
zN_ELM?LzY28IX8_xUgEi=l$?CJ0AyZ%FT!22Te?-U5RAiGkUXPrPA+<Un)N$HS#Yx
z{?48{wH-5>r+?X@N6tfonOhWnW-CEcQ96p>^1t`)#LqsnmUCQK+wt#s&GK8fex-(Z
zznH2n8GDoAPgA>^Ely^0d9G1!MGf~^pbz+V?Yjf2_AT1y^k`qP-@dJE`#xq6L74dA
z=9oS_Oj2@KU*7dT78guyidv;W4cVcMRE8{P`!85;`LE?OP5Tz*GiB&oJ{z&4rEgy^
zpH=-=@|oG6Fj))boX<W*0dQXFu*Wl%S|fJty+pWqnU7<ePU*~vXV(f$l20X9Hl`<*
zyN~kZ%clgEA1OB*pv4Ge=oS5CK!RydPc;@HAm0&^>ir=InbqL|c{fQ!t%uDPp$pm5
z4-BE-2Z!vcZpkdt@KJ2XZYkBY&rtTRI<T)mJ~eN;8HW6REd#B&Q}2#Kwa@{_%~i+I
zt?1__X95IE+_}eu(Cfx(V0TB)G9t7)cfvFYqpV#h_+FyLyqhq~T|PkL;HI{9Su_bY
zl#meXCZBTW&TuhI&7Bc)8<xcmcheWFGu*cZ!w439-nh=WTAE{>mdH0NWSX1dMz`UW
z6D#vRyV+NUW)5)U?-GECqmO5__R73HnZstwMF$l;?Jd<u@lNhnSq_*@k?B$1-J&^_
z$KSe5QD$47SJ~%Nd46O!D)+uRO-N(>PH13&BpURdb=H68c)jy^z<@X7eTdX{Udm85
zr9vV;SiZ&xv{!s45|NW%g;RAv97?!Is@_eFtq_k8RA?XL%f#+Qu|^saBXS{}je$V<
z!rA4QiL|qrNO|Bhs6jY;zAvqoXJ7@PrH<53e_*7ddG7g~z_=WK1(7NOKnk{4#NU98
zRAh}2c<HPQXOCp8$i7a@<@KCp#9n~FY@)Ro>EnJVf=~Nn`{h@ZoPgD1Md92>WC4cQ
zI&5}&zq!#Y1&=o_8(UhOSyI4acTCESA5^_sP9a-+&1Sq!uPzGU)8&16<CkUxn>K0$
zt-lAZR`OCEMyvcW`PrprOrp)QewomNqY1E;3v4_Hfo@O<Uu1FaepE7RwsNHZ#XfEl
z31i?3lPMtS29|{?_9Wn}RaF$UwUV}G9Gjp5yi&jM90zjH_2%Q(z1iD-AqYtNqQi2H
z<w^gNER*#T8_Xi{Q}b>!{3AdUCr_MOu;?FE5!-`Bf0W$O?W)VjKZ^`9mUTaNum$5P
zks-m^!3)e9?R4jkKI`rF2c)+pvp<&frmvz;7z4pP!+4HbOt@S+KIsIr+#bY5fDy0@
z?s=zZYP8@Q@#Vc2?UMWGdNT<H3K`$tPI#X9nvhr`x?HREKG~Uk!A*q_H?1EdgDj(D
zdKUw;I_m<EhcK!!sR=>oO~07~jK(d~$^u&vP8}CCpNIgygmak)AS&mLWwAY-`@xo}
zjra(|c*wIWPdwNI918=@+eS~%{KUE6@O_i2357}E8F8z?{iN!H@iOM?qgVmOHp6+7
zGH&az$X$*KX`}u9LLWnf<sJ}r?k=y6R!Z?2Pz^TBdB8ghJ8mdpMf_{zQSQ%H9a4Hp
zw;qCB(S?jxw(_|P$s1o9(z0$MZ+Pea-eAh|Wurk96Nk<W{!Z@#dRu!3nkfM@Ldc<-
z^EZEQF=MZPTiRmR>pcI#xhCP{Kg_u%n=~uGw4ClDDd!v4Kj!F!hqEdcNn_r)era*c
zi6nniwMZK9#`VifqRnXNeErG;@*Vek<>q>|yJ07L^(xPzWQTrwK_SNyNnR9Oq?xj%
zF3v3U;=eP!z0>seR+L+Q`^|d%wfL}aL0h(f4}1L9;6wKEe9OUyLDcy5`0(fZ4L&p-
zXYk>=WBIZhAEutz10P;`&f>$JpKOK?zP}OZ;D%*Cg~+o3ywI1|OMYMDu+%u*1IPl&
zn#S3e?o|{$xY4<PY)vFx`dBGrWw4>SWNg)pDCtN3z_?#14wylVz?fl=dq;MnA=tS&
zH5Px2DA5G-FNZy@*ZcEY@EtH?FCVk$K*>rKa)M<AS`pv4U2F&Ej&<SGky`Tm&D_^i
z+BJ{r6|5LvcPl`G7f7kH!Dp?>yXzL7dQ~b^-KWE%Du@rN?j=;MnA$jE><^slC~0|#
zfIyKLj3zo)WNcjKhr(7!!K7+fb01qV5rM7f)u$#W6d)^lwXNOc1nk<qim@)T(2{nG
zw!&G*PlO!^Sd<NVi*67vu+;TYPks|3H9_yrHvt<^>!ptjv2OpNX1$wOYyCd<n3m+f
zy|E@fUFX!~w0(RexpsCQ)M9zm5B7y5)EqdGV}YKPJZtVdz4Lxki2B_%=KULiry6rW
z5khw!p3omCXkmjmWCap^(M?KO4HYLUV)b4{u|1j%(Ufm=>KFqxc7+jaY|liYBB>~g
zjVqv{hQpDg1)(E4?I^O;Xdt(hi~W#l#&H`dItiJ3?r+R68n+7t$`Cn)5z)36CLR7`
zfZ<>)*sPD;kud|!TJOGLhk5!sGt4KPpkemy-Ns&GSHr5*Wo|rctn>c^v209T8u1_J
z+Q%0Eah6DFs>Dq3Kz#bm>fJTt>SAOjH4No>W+(lW^P^(C^&A_+O^dgd8_oC`1LPK)
z_5SstY0|REwn_eZQD)AM#!AdEHzr?9%^K;~ya_6oJZt2b#CpRgT_dK#r<C<MN?HB2
zKw#)TaqlGR3K0Bt;K#o*!0@P{j1SOcYG4V6n7r<-{S}%+ma65bZHLizwYk=|c{|f)
z8y`zBdgF%f_SXCDJ<_zdKG)vY#j1Vh_U_oLy$@W!S$peq?HyIn-Z@#%wD*D!%ov|;
z*yrB%iGLXQl}G^0_Lnv&7)kvM?)7~|h8VUM2c2QBW(Mci3pd*dcRNj<XCMF}Ih{l$
z%rlC-nn3JL;FKl*Br(1jX@Iahy%0&hDPEWjPs_8Ff13fhPri>!h1@G@*bb1~D7sP?
zyCvN4FXxJPfL=T`u$Pxp5R?>hS_9i6YixRWjkX+EuKD9^<wuki&OT{RY)}3a`V^zy
zb#Cn{=L+%aZmPLze0pTV_|&9^R#gYvf6VkFz?KHK@QiLXcOmXtxGQboC(=;C@1%wx
zzb7?7j8EkCF<d9G>tS@o`1J4wS}@H$Yb67)<oayo&rB1ZiX>ySxJmp~iLMaR(SZ!8
z0bXLqsX)&qh^x=9*C#^&D<3!#Xi%Ws54`inoAoYT`EV|6y?44v(|#QsdO5lM{K@zh
z&UVv7o(|V83&%ewo>7UuML@a{mwkDOC{g=`4QS{6!^{HDs`p&--@<cgAx4}Zh?R?5
zKILJI6o&ijADXvM9Z_|{$@8Em`Ge(Hx!5I^I<F=?;=EvNU^sngm3P8J=A#-Ie>zHV
zoj1yIUkr)_Dx5*30b3B$C9B&hCbYAge9Jna)8HK#4^{s<_O6};-^RC+KF7IFJ0;|`
zjY2OM=_ft#`k`g`N|erVi&x0*kHq98u2ONxPnoEG*->59oSquM!|Y;&)XbnB{vhbo
zIjV^L){Wu#$m*i#hw`-Ch}T)>on9Xwu8&Le`3G&5-_#!6j*jH#H9IsKE9Ap^*azmU
zk#woZ!Jvh~J7xvElLZvKW2ew5Kqy$@cDz;ka4Vg{`X%Sq?-l5;!r5iu-ZV~I0$MXp
z;sdfB)i7oMK<u3fsge5&>4IQfwsOKbChX4B79La6Yr+ldo%jxbB4Pq{ft)6`ZKP%a
zQm}ruWs5U&AE~)Z3H)&2a)rd)NKLy^_&JiNv2{vWsT6*W<Y{b3DXW#j&yhThZBfcP
zrSNkk5DYq}j%#(3gF)*f!A4<5(rq<a2ZhK^A!hrZ4Yyly95tO%*K4O;*H{M7`emg?
zQ&_@86lLomyNnXmvl$ArjSyyQdJZCU`v_}K!q8C5DP#(#M@&6<Er}LpAOze2G2|P(
z+fnK^rw$WNxR4SB!-1b;l`S98oSZVi2W&{CtzPEoT=nbn)!Vb|HfzBRHjG5AJ#9sM
zX717_w0r^AUPzW$T!3U}Jv9x6f(}m#Fk<v}P*Z>*(~ileK&W>`gH8%CaFYT-_TKbF
zM@x_7ea=4GrGmyh<Qj@}&UjJh4c>r=$dR-HX@8^17(U7D<?S*t|3YTC{gpb{3*=M5
zrGN)}WJ)Ra%)0Y_i(T8TywPL*fqW<`0x@Y(g<e#Ztvp!ELuw{db5;liGHt=nt~fd<
zl0LHvQtzFzn~Huf(*^F;n?pJX=UZ$)a*edj%uF^GAR^gA0WM_AVh{X}jF?hg5sgep
zmre<%_gNNB4O!Nlx|oe@@lLin5YK?kgoZwR&y9~LimszwhC00G^Go6EQX3%rK5fnt
z-MC%A93TioOHp(OS`5)cPmnYCW`~}Bu3<L{(%{Sf#cF8$cj;AhyKoxou56u`1_6ZR
zKk1*=PhzMs8Gl~B0ex{N-6KA8aIIO=Z+X`Y?KMYfXuH{0tp|%{gdQ35tNM$7<Su?{
zMS16mNA!;uc*ywYEBFo_8vkx<qT{q}W5`3<ArLX2PjT9Gt_k9ZBqTOZjxJ4L&rxJ@
zM%s8t{YZ3^+$9k_EE^vZa53;xpDiik_=~L|R#oAK52KtnQ;sTYUBtQjw5nJa2aW9K
zrlwac0tSobj;)c0$MdYMHHLXBl-xDMi>V?=eRb?gty4Q#2}8~4>Zjxja3Ksq6*YeP
zjEKD+RA;2&9VhW1S({UrdUBROCY=762TMSlFtOK1RmIqOcYa|5q7~>FoY=$S@rGW5
zpm)#LHOS<<F7sj}xjIt2&VAr7f3|<_hBulUK8=o(y|&{+NXN`zxR#Jk>v-XIyw4_%
z(xW5k;hc(*=cm+Oyz`^%477U(KhWO6Ti~TLZv*62MbT}CwO=v1-uNfP_RDNXVqKAQ
zZFkyEJ<bTdcqUUP>#gL)97}9RwU_dsH=O<zU%Q@ZM%6VTZAANOm1|j7C$SdYhIhc#
zGD)$Tao&%Cip2Xy<#AGV0E8&T%7nZ$s`F1q%s+Xo5%c$mP)fI$f7t}Vujf&PpsE=~
zmYDFaCacksxE1hT!Bar6|JSz!^Lc%XuhWgB_GC67>9PHq@!nux#M)@Jc1*A#ldtFJ
zMIum1>eq*cXg9=@vG@3@ygF7%$#fd!sgJN-smqO&)t!PkV|2?iu-gb9_cHD9wl_3#
zK00M12bFc*_^aZg&O-c}vt}C59buJ{<((CNijFT}o7y4a<kMn|)5D(>FiZS96m97<
z5DF^DR#s>x{7C+ht)K|;?6xy^&oqUlpw<@(x-S!C*R4F-(}l<~V|Rs8WXY0mal>Oy
z{IAMd{6RQ9CJ<>@=frR1na!ce4tK*dk>bx36F>fDNpu*Y?1^K=XYh{8KxO#;tmEs4
zIC_}Vl$#!7|4KW1e=6LD&tn-h8zsoN=^>9%Vv$>%>5>879B1`LDM1!%;g0Kh6g^5E
zu@ZXxq;6L0Ccw=)-LQya=V*Eobj9`&UlIy8JRMt^ImKN>6gK@ik=-_i)6Mn6o-N>i
zI0(LRH9z5%Q=PL{a8t~`iR*Y+iPa_YLJ_}{UVxl0q0A199xG%2h$KIYG;DO*`cbId
z<P!_~i-Zg@qfhIl+^zNCHa9ZW;f@bV43o8Shw}+^&Z$0`6BQ9F{>GP}ulYpBIMFEQ
z!^fx2$3!&g1&&^Neu=rO;EsKeRNnAR>@6Nva8gyr2i$bXc(jC&XvFO)_VW1eme5xG
zdK*^7J~eima@uB`aU?Xc<BK5@M~7F1{D4>`?)4A6gO|xTz#j`Slj0=SmFdHGbpWNr
zEjP&`vT?q<H*x|a5zxYgA6&!Bu{B(qlb>oO3^?&w8Vd@YY+!Y@;0HBRSwNh9?Pt#A
z=kh*Waxq+Y@*)4^`KwHTCKU+A1tPV$6n?;v#YPL+rVB!~X$qTEqIxzD`ZLb2!sqG3
z)_e62i=>cM$G^|!ZI?{<3`vt%-mJTbC;bJ&4a=Ngv^((-ZD>Y(;cT(SdCS8c@3E1b
zxXIwmZ+}*f$@s(bLZ)hc^oZ&=H6dpbzZ6`;c+>VYqhso1$%s{VwVT1(sD~Z8?lBK|
z>i_Q<Af8M;e^71)e)?t|p?x}%V;V4}ZC*@z!i)-FSIQV;gRor^+c+yy`<dI&HFIab
zIp~Go_eL1Mtb)#S=yGXuF_U5>ZWbTyQgDkY>D_GQ3sYzjYNNWM#)s9rh|^?`*khV?
zD#&$9BFuBT>|sFKCFrm1A}z1c-7G<>ITlRJskvF5yIGmLY0uq=8#Q?r<ZkBYZf4sX
zTCGVH*Q>v9F~LWhbiT$_=3J|Jld1<qFBJe5%;0h}gD1m2G$%KOAv2BhmeOTraD8+J
zGx+M+n!!)co2im3{F41iv;fDJ!EEK4GwnQnj*ZeyU1cE=)9A!5kCbi}NN`YZLBJSr
zFVnU>CakLK5n4QTekA#ZEUG(o-OXo)+TQphQQHnf7;aGMG7Jm(3{1J|sL^~j7jHrq
zGrQLc=#e3u$!cim*~1`h(P|gjSK=H|y_Q!rH*ARR+nm}noH{4qj$k)l>}kP5y*K7I
zND&}{HIl5E2fFEjqz-Ra(`3zF<3nnI)3&>sOWt}nov5y7m;g9CTN*P_g&<chHC!0U
zeYogPqgv<R126`5orDV2f#U=0Wb`w@(kM48H{Al8G93qzS;nPnI?UX~)w9A*)AA&V
zP1P3zW-FJA%LB_2)w6YVn%3!F96t9Om-knN%LnLJ^l6q^IDq2m=977THaB&z0UIN(
zt~t#DI`t(tM$1ftB;cv-jZ`}zzIvm=&D+jX=oB}7uYrQaMIjj&Ph=Wlsuiz8uD{0%
zYlxd>H?X}X#5N6x!q;02H3wnPIL^c3Eo&@@ZE0)tP|Q(Mjkh=nxfeu=r&QNvjy3ct
zTe$?3Od0ABjHGThbko)qyEgM1=rQCv-u`8LBf*6!0c}fq;3tC%lom82_+zK-5(?J(
z$fI1vhD*auw`#JL!_-)P+qEl+!=4RG!<<|4jX~g6zBLgD1ehp15NS5gq}ecr1vQDq
zRt|4iTyZZJ>ySBC?U)wZda83y*_j=sMVS$%>Cpe6JP=r|eg^3{XW)sv(^6|n0q6pm
z@9UFleG<^!*4*V@`rV1*CuX`bRpd(tik+;R&CZxZ2{vV<n4b5nP*2$Bt43jcL(^3`
zffoh~%q#CxrH9CgAE3A4ARZ2cR7!XDz8?1Q;#Y7m&aQBr({C2XS-A~{rAH2>r``jH
zk)g~xoeX}M9hGqppE=vu;0ZK#x)5;|2k8;Z!TjV7t}_@K@~Rgjg=zir4o&F5Q@W=w
zCVSiHg$Rskr?28tP-gF=2js7`!TW5L7*}6@G=^J=y_!@Js|w?*V-%b``P&Cny4d9W
zu8BYXTi^j%H!dl4fcW5;aYt$Awkr1hZda7hiLmV@OcdrHnLF84Uczd|%;;hMH`Om=
zyZTvBzgM%R%B#P9<;EYw`v0JboZ_ZRhf-S+H|0a+Oy{PrZ?`NORODsE47H{0RVSfv
zs~8-#S_i!G3)jFDm4s6V8*i6maN=Lt$QG^fsgVpuwj_FKQ~HSF9w}#&(yvF#4@oKM
zk>Zk4+9Ty)Qp$RyRFlF!ih{bf%RUi*ldWANSB8@-ReP)!m2<nBd}93E!R_H}dqkU7
zP^>p}L{Bi`lYIZ09b!hHU;8TEPIe5-cI^zI^FCk~j;v#Jx@{YV!aMm->MU%(@3)J|
z(RLfI@$-_HGwj(+6pkt0v99Z%W{_qDEUTq~_@SGcRk2v4+KkHt9;<8{^mZhVL3=2z
z9{1(3#%@g0<1RebnG=4^w+@f>_V`QQ#`Z!-Pmfnb=9aG1#&&=i3S)Y?PtRU{U%(Xb
z%5wd*h~D;UY`e^Uw&A&ysEOV+YmsU1+|jVRpaald9FuPmE>5^cNn%+#8I`h$l~6;^
z46p{}AcX(+fkJ7CYa)x@ZoI`k<R_rNO+|=&@+RvbbjAx7C-d=g(GUbdOKKXIYr;61
zfPGIb7-(A%_oKUmsA4ggD&IBfU}`oYU?iyi*sr75)X~kFnDwJT|3w&DQ-%q2gywb(
zeQ^<uuzFBk2&XJXu~#$?4Fv>hT!n6?xv8D67SAHg!0EE6@lkk#qRbAaeB02}iPO#N
z<9JQV=vks2{LtbimI1N2>@hQBn{r7_RBKhn4>p9FC1m=|f<aYbD!;0FHZScVUGdNQ
zMGr0He<V*GPXpwSmiQSr=B(jvekN5~o&PfS45hcYBW!K#PX*@Plw~3!so>@mA(CF`
zQv?{_E+?@&ABgQu?9GkBABiMv<sEYK8unU@A!Q`SisnGlBIR%}a#Kn4;`GE~gQWiR
z+3AV>3ZG9(Pb?{Xj-)4+7Cw(mPb@2Z-X}e=f8q0xEN6g21BL^i$bOqjVuy53I-07L
zE@qdx{~vW%0v|<@y(bq03HG2wqo58lNI;Q9K@$PVNWdPLKu|<f)Tk`tv5GRou_^>7
z5yoK@Z+E?L*Y#LkjjKXL#DpuLt|BO)sKf*5b~xfif(P^ezE|ConGg`&b$9>y{W9HM
zT~%H6>eW}TUcGvSkH?mJL+8M&1DL9?POG>bM8y=1DzQSXaweYO6o@XtHf|s&K#t}3
zP=s)YS&8~e`$A2m_lMnCMH>1E+bK?5t>O_FfSXrwzs2LQ287QnlB)7O24sULnI%@y
zpw1RBNg=g#Zc5#41IcO#Y7OQVe2^R1Eg;z~K%(0~f=2*}ZUYG(0VKK&BzOdn=r)kx
z5kR8bK!QgAiEaZ4zI$9UeF!8ji$MNfHgV{p3dT$%&8zE4n!5bea^Ne?j}D0z;EY9-
z+Ya&PLbU^K7a;M@W`_ZLb1K8GtW|CXDMe)jMB(m4o5s}4bVX-rtKBBc4A^KXP2<l(
zpcZIje04*LV;(yaR2!72g0M0P4=<yrmIrUDWqJtu46q!}lK`c)$_wx%J@`6KH%xa^
z=XjXEzv@{?jXX28%8%)A9$@7(?ndV3+jyk5I;nrv_&Y203cgGUt}OX|WVjAtBbsB$
z7c3v)1H7?Y53Qdu1LsKqu0vnT{N`i$ho?&6Egnlb#KHPu?P-1BgDAAo<scCja%qbY
z!A_G9mW~plEQ~$|Z3w1LubKDL%e?g+%g7_sSoa6$&EP5-dBl}z7m8=Y`1Z(1#zh0Z
z5;g>2XS{wAWkZ|GK`JpT8_Pm)o{__MI$Nhy-bMO7#ROo40;31vb|l{wsOaDh4gm$m
zLsfXwFX7E%)$;OkUT?fa#DSO077;NA87i~WTTZpd2sB2Hu@#=nqeG0m0y|W`no@)0
zeT*aRP%7+idI(Y{PdsM9oW|)WPBhDCl<atzplA+tsS<~zqj5)(@C*3Hf#UORiPsDk
zqAyeWL<kLo%$d`nQcQeZL^K~cEg`H_49v42@cucU^lUnBnV~~7i)8`93$=a>JAJr0
zv}}ZN&_{1fyf3{F#+gnOD3<-mXbvYe{-a===?ii4mpz)f1=UKj(Fg^t?V*w>j48bs
zKzYvAf1+Ol0`U=8xNp1~#g6l1LVaS;ttOOR?0XUwx@hwseBl|`{WHPo3!ef*giLN&
zP@XixL!5eS6}ndgB&<A6DLt`sa`czKS$Nq!mw&x=kDk9ue_21GtA5-^+ZO2guj}oW
z1_tM^R(=y?ok7fM0z<v9Zzu_0lY^B37mkp{5j22<5!g;B>VOx{B`vmN?`UY7d7rcw
zW*S$aAeX@^;)WdABMnCr)C@5j{LgT4fx#yy@6b41TVQ~`so0{8m5<5Y>{Cr3Er?zN
zde>NX7kma|*9APnB#O0ood12q*_^@hlofxmOmy%K#9Vt;7V*k5fOHzYrlmlY@)OE~
zGQsa4$^;P~pJjU`uQFjY*<-w(3%1QLE}Je6^_A(B({Llcc&p(Sk5e&3P;wawH|k)^
zf_}~XW4EvH<8xE@YQK2%iEY8fXttR`jWe;&ldCejAI7T8q0Kz(4KB~+dIwY@H@Xcv
zL2Hl`D$}seBTMnJ%+50_-{Z>98f+iI8c2)nBO2y*aga%3sAl^CDG&I5CQi?d`E{!}
zSF$*r67cm`ln2h%Ta;%etQYrD9=*EbuA<^8vC+@!i+1=gxX0gVclU%6+xr2=YYWo5
zZ<NUocDG`j^7nzJKB(l)xLl-1s?|KH-wHIJF==R1Z2U@<E+rvSIb|k1cj>Nff&*lF
zg^5;Oy4(>^Ap?wusfHB=FV-Lt!X5rO5FPzN0L@@q5~eV2Ny0}VeE77MAG1qJ;7yi{
zyO8_n98vh|ekFZxU9F_=VhFD?AB1RnF$9r87y@J;!^$&Vss3&(M=O&8jJ$~=`80bv
zK$w*Q0xB0M)r?1bkd3WRzk8qh^pCef_Z-Rit~bGwqYO$+&6y+wdST{kO||lvOO6qS
zV+??rap<iOqn<6q7Vh@O;U_8hL-~={v$w*zLoTua<|V@$-&enEyngDAr;Z5di|&8*
zj#oE7ys{#({q^cWmpqi}fBm{G`l2=M-<-bGbyZ>>^YrR_&pv6=utVn;>Wk8fMvRW`
z(nltykM}?97zPDxgBfawsAY(Bh^8j!o@7N)s|e#QmQ<b5$^3=EjLR~Z8U6se2VIKA
zP0rCj_G2%Tm{w!jpRt!=R|d+)`%0{PG0-jkxGc$DCb$hc74DhB$cf2Mj^1LaRaR6v
zJVd7C<ZqHWC|1>?hbPNNv{&O2>p%7W<FNAY*CXi{K;eK?18SkSsdW<Uy%G|3*P^<v
zmiXY(u|^NPDt6a{`7;CCh*R~n#WjrWzr#Z9rX+gJ1U`h|%QcogaTNA^-oQ>xVM!g+
z0AJ+=$v7SBUW9nbVNl^f#^-tnzb*CwE{YpRx7m(~4(tPvKUS|ZjmQ&?A~80%7vgvH
zMlQlQ-YE7NUI>TqOGW8p68Idd3b%3jO2PTkK4fFVD;I0Lj`NcY#g_v-Klj7K(a9j9
zD~kOfyn17A`j3G1mm&xD=gj~$rWi*3co5@b@R%SZ?Lw_Z)mZlnOB0(}j2|k%gqWou
zuZ|^=Yf!yLV^GHS7=~7s7uv|lIG^KjwdHTY3Mud-C(6JSuPpjoa(QQhAurD<>G`9#
zc3Y}Apy*dWfLj3LNo4;Y{5d=)`xDnk;mE9&;yybvxwtFi^I6%SXr(tatjR>T6WOxa
zqfmnms-U|dX<G6Tj;w|j8q!>>`&i_f(07%57Wc0~(Pyev{%`$-s6mDh9oAn7<=-Fu
z%P!j|{Xc?TVZ1qLplh%1Cei=3G@JgY(ivb}nnIkmTxj1-s-*nCius5tuO1!=scjX_
zAQt`eP4%ZYev18Z{<D-B1Z$D&Su8q=gUCNJ{`Z3kd_4}Rt0xn1>ZO69HgZnINl91#
z20lu6`zQEoqv5{>bz9nMW2LmH+wvrOLDnFD<+61yUT9eSh5B6zp@)6y{AE(V!6&fE
ztnrwFs5kTl_zTIX%dO;W8`C&S$x!So)A?0pDBwYX57E0;l^G{NIErHWM;Qz*-L3WW
zW_?d7obwTD(8Sk5XFt`cB-3acnD}AMEPoTcrMz(uF!ZS8@~;4skwnn;P>Q9Ir*<<p
zt+Q)Fm$NBwJgkMh!R;y6Yp`DmKX5-+Z1Fhx8}$YB16bl{YCeEOTE(qMtt|}RiHKlc
zZ{dpTPqxdehabsfFh4gK(TcT&&&^|ixNAY|3B~=NX2Quh(;bSKap00+;RmDhB`*UK
zy8jP)qy$TyXsl1$VjK>wNvw}mKE%U%cjH<;1<vsds36*2KUm>iILz|v;m`qJ{wOiA
zdLLMds>Z2RxfTs<R)TgU)F=|_7@JUs#rty-z4UNURldfbXW^j|AK<CR8@`3_eDK%>
zx!s^44rfQUofrDl$K;iyz*zU+4bQ^->SFw2+IdY-rk$(1W7>H<%4HmL9C;3JMyoe<
z@i!Ur#@N&4dqikPuf*}O)ZXthw1`|807<bcu?PwxbQqlf4jtcSVI1rrS&tiUWGJ-9
zBf#2qKqEb9rd)pr_+?gI4P&X0$qjH{f>y^oWQI~XV?q9Nta)n-XUo?2!sS|!#<<?l
zPbN2?@>A%klCc+?c##~T4*xj1`8$nsLKJN<IQy$R)1bgA;*?m3*@nadA$LY|!5+;u
z)WhX9$biM0{EZZqSp;5%IFA%K9|I<e)^x{ghmuM?sYk>#3{$ZQISD1bc?`$iNbi7r
zTa7oqa34`1Qd<t*exe#zEZfImroMB+kp6#VEhm4#DT8--xMIsHJkm}k_PW2HH!>1z
zy&ijD+j6G-wZ*Thys_8G&+C0Di1Ic0dGevG`V4Gt9_EG4EyV{zk|L^IRQz9j2`&YH
zqk*v!IFxg6P;vwY`QtJFleuX!=Piq6f2j-8?JgIl8{N%jy1#X^m~OLrb5{J#Jb7b;
zjwI9B@_@+ad*NY#re6EU!%v-iV*e^0zA|sWc!)j579Ji!4%i1CQta739!^0F;Ng|H
zSa{f{84u}JK&v<z?}&vo=}N*vCYt=dU}2esg_xitAHl+F60s0eTm!rjF>F8hr^K|-
z0bl+oG55y5Pl<oCz$qk5$-eQA$rXLn8k;{ap+6?zAG)ky-?jt9zAIq!7t6j3zd*R_
zX9yeq6APRQ`?__t*l?_R^G5tlJ9%TI=8z33-*L^-rO?h7nc>odGhi`19I%rIJS)%(
zS7D=>bpma)JJwJTmuBg(%*LTHJt0W<l<`_dZ>_Qh6ro&mGki8;Cl;Pid$=DM%uRXT
z{v&eyg?hw;9g)~39!_B=?x}}IVFu!La;pQJ#N!n{F(wyREETH~%n`R6&{n|a;CK|R
z)Z2gPSg5d7X<)3~qBPum5I8Q{(ZaIm8FmdIAQb`WjL)#>YN4r?i#p_@4%mo-|FkGh
zq3}^bIvl5wVP;`(8pPZMq6c?|VRxDWVrq8^Q9~RObE)e0e5HH^a6W-o;CN#URtYf^
z7$i}e!C2`dNrG$<#S)c#-;AX$2<yqSw$&q-qB)D*A2Bz~r)h#>I~sz?F4i!p6M(I{
z(&y4Uc!I7M?<XR_0k=@o((rR*8qV`8M?l&H*sdtlM#wD;!Sz<_dYc{NPTa^DfK<IP
z2363!KFBNcn2#HY@n>B4=5g!FkxXLH{!C(2F$6JQw5}W;B*tRgNDP`0F~(Bsx{_CZ
z<#pUhj5isA7;CKSySy^SM%=&#33r=tO-)6d4;TVv;d^I78O!&v>_Y~j!+_++av>Nh
zh|EO{$50r{t~(vCV5~T6c|C$ISf=*J^R@ALC+SW~y_abOAa1i^Z^9}F8g_zoDUQF*
z^QGXnNvcnI7vFd9bMtRL?Y4mT)y?(owht>xdqNN2*1)fZ@1?Pq91>ht2Y8FYg-m4N
z&Vd;i%*zo0hi)(RmtpNI#h1SWPMcCPOY-Y=xNe3Z?`_u*z{GGt4s$4M)Pfz*@ZRuk
znS2i4n9_i0aY|FHv<TA?R`0AF8n;w@hu6M*!<YXlG`L#j7kI=GDc<nNHe4D#m|7c%
z9A_SkkWLJN+xBAjVF>Ah5D?Ah#&Soo8w-JF_Cg4jOlW3>kdqKnfDo*B_}oJoQiKqw
zgGc)KFoMCO5rY4b=QCs+LoU^@rFP<kP>{`udHmQ=u!i-<E#3#0tI+YGAe$Y52qP0Q
zl@F=NNQ{fzgA1(iF$gCcsm==z66nU*lgzWF;6dtv`Fz#!u6c3^m&;}FBv1Gj+SZ4b
zKA&2&Fm=|a2zCaJ^n@4GAheNO=nS-Px3YFe=c4j2QbLVIb6#18Kq!Jz9f3owc%jBw
zTM^)Fx53|iPMC~|_vwxR-2UA{cj4(=kn1q7dxk@n{-Z;hGyEzczJE>rYHx4}DdG?d
z0)Ln8JYF-94Sl=H32O)$tDb~q5RDQ;SS1Uc4J9Hbc*`fng=TJo`~2`MhjHH#*20W$
znv4=L1gcTurz6SMY7jEY@Hs-`lP?KV-*GhGC8AZa=o3pRfkF2btaB~l{(7Tn71i7P
zHurqm_S~{F8o8aXavLnU$@y4FZ1hD!bRa8DtowuLl~ysPfAW>s^>melEx*5y^FGHR
zJ(O)Y@AERfgxgxS!7f+kmoei>SWm-R(8WOeyic_laU8J#hA;a(?lVJWE606yhazt*
z=;MhU?iH;=Cp_3<A%=xm_YK4kYldQv6VM`g!{=fdq0yLE&(*ojhW;YyizyQ5**t#*
z&_4;HC?^MUo?Gm-bdq;BR?A45@WfKiZ_)d@V9Dk)2;*a6`{jvsa;vjWptyog+6`q0
zEy9MQEG409N^x}iSaqOXvHNiJKIr?3-92PWGk0l~vGZWwR_wl(cRhGFl{=m=nn0H}
zI4QasH>?yDZdqVgi7MP&%E9R3Ou<i%7(8CfymA?PD(~{R0l$p-9)TzY8TcteJS!VS
zDCGmQVeGM5uKF4ic!<+N!kh4#`#okYC#~X~j@?yA140AN=`;YP-f48*{1vnj*I*uZ
z5u44J1(`b9*;v$BA$b=-3DQ_L0gvV2AVuo#hQrkt#h1ajDz)Ap{~_JsW=SXb4)-AT
zv5r5;CO_`vvv$<=ge<|$c0Ex&4ZGs<xGT=3L?jHwV}SxPIF|x<#YQyK^BQjlwDtR8
zAL8;w#=Eb;=8lPMqMUGFH#VLZyEQ(w!!3j?7_Lo}`m8{=Lzbn?lGdhqp4WJboO;<A
z6oDeS%{k;J=P(F4(As-sr0;83sVnt&nuoQ&z6Lgr<8%cmk`NYv{*5Ez9OO)Ts}1N_
zZrEznEN8#pY~*5Dodufoyb$U<!4%^xxis@PVB;I3H#TvDmwn;>=%}Ln93;zngn6~B
zcYG0-^|np!V+(A}%X-*#Ii$ZbQ=X0Z^a~&D<dH)Uq8*`X!v3~Xi6XSi@PkBLo)hEO
zou?oeh8^tYoiX;4gSaU`9qh|Fb}YLya<+szFij@9jT8SlN+Slezye~^X|$z8(j>(M
zSdEqw%d%t{aNLDl2E>TVvx~)J&Ouzw2bI45t75ESRYIkcfyvZ|iTpilTRAEOaRDx8
zUTcS2BV9b6iy0Qjb6ebVvcV_05P<G8Elq?!JSdKm8!YW(nS~uYl5uS|<r(l2SI>)t
z8ebcWo^GHoyGz(HA>*=RijWJ2b=g=*A_=0$iG+Q6AkwZvWT+NH*_*KglGb-(H-XJ+
z!YAb@g(W3N1|D<`$D0n190tPS1lP_;4eoU<ITewNPY$!k9+WQASo;_{9O(1`;EvpM
z>~lh=_Bk>N#pjD~L?SB|iTw^e4Bd=|H>d<wr~0k$#4mAO1D|smhd+zX9bB$Mp0@fg
zm~kDP2m8XOVlI&hD0TXJ)?+iv^;m~E-IoF@Sm+r(z<&C^;EI$F$qlkzC>kkt0hAD}
zjyT5oum)fT(G~IacKTPqQ9ZNvkQkHU_XwML`cKB5aMo|wOz?xaut-yT!UsD|iWg{D
z!o4E|pu$-1n0$1t(I%?~JvqIoe9NGs@_&{W&AHm0;aS2?9=!^&AUjSzzShXfs%NZ_
zfduYBS><@hNKDekgRRy`Qc!Cg;%=MOU`NifBPXV8lbEuthbD3uA_sHZH)zy^jZW7C
z)BF2Up!vbMNwRt1_LDKzq<|nd#Hj=t5tKJuOxG_0=0^_E<t@f@Og(j|vG&uN;7~MU
zzqCV>nzZ;CyGi3q4>F#fP2r*k%ZxR}*M5&(P78wX;n96mer!Nik#<jAO3b+L$erkW
zdyl{Oqo+}_;UR)esahq;#x9oJ1MMD$Mb*JGa5hnee9h;cpt>CcvCDi?!kgpx#)at!
zL6lP$?x^RLGN?>l?#2zi6&Z&<7<p0Rkyoy{Xa~rgJ!pz_qlSmm;Z9c9hP+N!l{GLW
zhd~sMfMo74>1LnjchK<{1e7^iE<@!#R$DXXJJk`w1-SQJ-X2v|CE^|iDG7@ZdQc{K
z44aQ<HC(BqG4Y5Z_Pb*O-4<UBd&kH#Qc@r-ciuezHx8jN;npLwDT*_DOkxrD3BtP`
zdE`&HXbWbuJ+uX@P_ZRjAi>&)*exN>89#inQ%O6>Xh{Y`OoU)Ji&nApaO6V0>&v+D
zl%I|kdJcEx1-N+}HyE-ooU1(s+;M_kS@zZ$Kt0c1tL(;d2troKE)Uwmc`?~<!-ywJ
z^H<3HI^l)Sec<f}n}56gjOWMg0MOz<m4b)TF>ZW<iQN=`8;4gL@^(`DNvlmH^oEC{
z96mSr2jHF%@Qc3hv-pQb_$R6&gg)8pqc+p1+QvB{l6}Kuvd-O>SyzSZAmQu#(G=jD
z4>9ZK<9vCPLwx7Txv5}`qJzm_FUq!iU+5V*MwMCBNZh&BzPh>YReVMsoZnasswVGD
zTrYtcU4BRYBsZh~<x-(SgCNm%6trO!1Q+3o4Ej07BW`4|G^mU(#&J(J#LU-@#am4D
zvmjQ%yHw0<--XeKqi146b@*&psx21&g`X#S5E^wFj$00^AZ}G*m*5T**4%u%Gxm1w
zGA{faRU`|Zf)z<&yxzDGVFDGRV#Z=GG++`7O<-lpl7bGrRa>CK*z?I)7*{v{3Ed}>
z?YbWDZ~&+<|GGFT*v-zNJCf1%0hAl%129-{QH0RzvJ_nCxWB0txR8;d1zd2PA#^;6
zEC0|smtM-&;Vz}f-9m0-&f^wP$gpIz`wZWS3_R<w48+5xj3w=v5PQ%F9^O!mv9Z_A
zn0X86tPtY;Pg^2H9YO>l=Hu8BX`cIVqYxs3J87s2+$13cB|tP<S#zWP_L%U{SPK)}
zf3z{-(n<eWOgK^%;g?{-<=5^P6IP*z><bf4IOyMp37MB1I3{enI1v-rfgq}BkCE{p
zK*L1~=F;fKd1M&iKSI2iO$+z?)L?2$(N>Rep%*+Sl>r{%{%I*p@&F1>0wIzIPzg)!
z5v5YL8!4h&Jz~mVfLD(}W1={`aWjbq2V@)rIRYD77{YauB~JE<6;k+r;J&;+2EV6p
zV~gwH=mOzr%QDx(I`~`M7PBOfR6X*bEn;wo*Zt^U$P)6##|t5wa(sjbNUh>tcp4#1
zemf+)?HmiqvhNin8}s`EL$dW(Cm@+r7sVu!4ZK$sIT^{GXiIuRcZe912}d9jMKN3O
zIY1=4|H76?w&YQ?+cr>NwcDVN*-Bum9O%UabTr)jhewCgMq4zky<2FSdi8<P^yaG)
zXeuL_MN<>P>E5Hm*=?F>x|xLebu=v=*OI1J&Ie8J2i-8-?)cCmXk7=3pi6M`A10`I
zmPOD>cL_nCzw*Ecnt$a!2zvirtr0XeqnV&@kt)BApx>O|lAuRC0)n1-u+5}@+SGFR
zoP!V<KCwqw4WDoTYz?2V{ZX7e1ULWn;q#(V*6_LI4tx0QcEx{o_}o+~MffGdXYR!P
z4xgbr$PTTG)Z0_Z6#pKPy4?k2ssj_L|2~#nlqgcKdk|cd0wz#UH~ReqE}}qgoFO5w
zec_;$$&fsR2w$~3h>PS{dvf4L0J0HEE+wCBm%Bl2w93zLS6+ad4{&3%+BA%1^aWwf
z<;pp<S%TXf+(V%aHC|Kd%YX&Ecpqw>CJb*GM`cl%%x=evHh2wZAqvvw%8qwSNXN97
z`GxORyUgJ)B|Ho>u(|FL3`Uda^4bdiwe!HIMkxH~op(F%BV=M8c+G@Xn06Y!Sk8Lb
zQ^C3J306TwNVS81Z9!bBAR%+F*<cy@Vq(JVWUl*k>&qNn6JGqnZzoPhA1x6&wDS4p
z$*2(A2EIu4j`7JohfPi@S(DM7F{nrII3Gmggp;!l%s8qgSaljbqI_qtRjc_rVLnRU
zV)!aa)*%H;-h5mmkJi+7qolE?rE`^Rg-C{#SA#^J>lVgDc$0)zhz}2IHdP_|Blcn^
zKNzv+UKQ>fDS&b<0jAw}Zej;TS4o)j@+oo7n{|%rpu)h^sTwE!5goJ)9Zz-87v8gm
z&bjEFB8$KVF5Y*fGblyKZz<nBJ6y4ThkkQq=$vxdfeoFzF5Sn_dEs2PQOlWX-B08L
zCEu+hVQdbv6k7)<-&LPYnkLRvKfVt%&4Ttp(e&bXiN@GI4iT>(bW`R1)3nMHa0906
z)0T(>mGh#L(Nu=t$Ek*RaMLPYC*{KzSYF(qiAOvaHt(E?5Bi`*MbCe*h4Nr8P-@mM
z{$e=7;swrBGrA758so`Zr7_G)_R|;{ok<Lvj*$-Ie<X?LT52ItHO9N4ehFL49>AK}
zTXn~br*37NRft+B-X&CDoNMWZG9DVkui0ahYOkv;b&ovR>K@U%bK{nA#=W4hcoSTX
zL+BRK80%6rg=(pn*0vm;{vsjP@I-x*aR)+Vc)Ai=3mKj+!HqQTSlp=LX@uNycq+!7
z3{U-W^DhohGcsg&x{{aw_V9F&ZVgX&%&~{3w=e#03{SJp+}HR}_MaG@Quq1!eGX3}
zF{e({m9`k3N_V$9JRKpyzj%1MbT+%ue{pzve^g>0-T(0P`w@gvs32s-<M4FXoq$sK
zXa^8N0i!J_=PH0_NpJi@AesQ>AD1*D9d`Z`To`viEXo?X{?sZ^eGXsJ7-g0KN8JoY
zG2ssvM$p>^022TsRM7mb0~U;I0J8=Hd>+Lj%;3fSe87wOxXO!UEzRFbSOp#)XKQKJ
z+<_|WL2M6ap)7Vdh7+8hk`SUkLS`JE;gD^uo+ZbrknX6On8|yV<f)L|2#HSdEWwfm
zlT>Bn@p8|Sf$FiEk7GScda1`TjO_I+fi8xTujJd);+gN@<MEy)ZuK^Uk-K=7<g3RT
zK6dad@u|mtcqH|mbP0m(UK_EPH#u7dE$qR-N}h2I_Fk)(km57-6l?h|mi>2F4Ea)E
zFwTS`;j{gX5&z_XxI*dFf;E#!)=6w*Ze5TDgZ)8{UI^=rKqoailF~*S`Hr{;hO%j8
zdLI1KO1T)M{Cgo)LsFWx*vw6rK={6$25ty)UPytQ@7%)?4Ml#L#nPd?XDPfP!?^m0
zov~;twy#N{saZDu_@){gIEwG5jF;~HJ^8v_yvps^7_wK*PS`tDyp$6w?NUNYi<hz_
z)L^X40Uf1;m|!`K#y6Tvc#A}Bm5Mc|>_w5p5>{*q^xV6E;k^^Z3z**x5`mBr18GtL
zyT=O%J%Ym+lTg47pftwH46PD}hC1+3IG$~_xE)*nGBy^#W@l&)mNVhvwr`QWsu=Cf
z^>pz%0pl&<x=gIh3#Y>IU}xAiz^xx$Ibs9lO8B6~3gK{+APx;!L2EIw`xj&=wKN;r
zOhIa6ktIl7Jc|vQJ%8-}1gW)N8#W^yj{b%tf{*xQp%#^vnPZi-o2axzBx)<qk;K17
zTPb2}zb!gH{-u!}X@Dd8V@kr;qVuDt30YzC;43t=;6sp|q}gH70H=<|#J)Hu6C3v}
zmV_$KVT@nh%#!mEfEG_z2a6{3+@7$FX-b)D^>k5OcR^mwy>>z!y1L!h2_?a0Si;5)
znV=**rBzURAKoZh1*IIA1T=$^sP#+B;QwTzRK`XD<BHB)*8@1vzn`i(v%?tlG{>Nj
z5v)Hte|4}aOS`*PTkzl!>kvqBuyPJ>!Z>tf3M`d&`Afu7X-`{jR1gmY<*;WdDcmu6
z07nr<<{w8r-dnB+;9BtxSib;kDi<Q9y}k&$C9(R7W<#KjWzRT-c1v|4gwA6$x?V$D
zAoa<31#hCkEl1USmIf!4scDYT`<`{%gFj^jiozLLM`k&KP3is&<Jh4jQ^v9*vXsX!
zRhZDtFe-)#KNblP5I$-nUdNVcm34TE!ZIaeUF-1!J;F!5DRBc{EY6*iNo2^r?FAep
z$8pVg@tdtNvk~)}SJ36)^|nEK{;2yAU#q0zAaVb?6d;sw6<&spnvP%HUVVu48-qt2
zt${sin~g(yW9*J(q>aYeb)yn;Jyvqvjjyzl>w7uOHBEArRnmUT5MpN;J6^IZlc|gv
z%RY^j7GMfT>cNqY-|Y$y?HgMK@6RV>hKBaVPN<7@W!Vqk&O`H{ObU#E)84#jKG})w
z8XnpS@fW*kv4JF=kmQ7fBu*yjj3myzJZ;CapVQEm;3Q>E_7shj#AfP#kSx)bF*2|O
zwJ`F)_~!G{IR|!Oz%dNi#Q?}Szul@#Q-2HJX5J|HR&(}#@GU|5Dmpu1)=s?<i%Ecc
z;zo6!2yl^%jysxX?MDet{TiI>ms+gkG^{Txa}?rT_c;wQaKR8rj4<S>Fo8up=%O+Q
zlSxe0FKA~CbmD`_sDs!DZ&!4;u2mdG6UFd_)@1#JB5ShV>MT7;G4?Mk@mn+WnWtHV
zZ*zkX{>-!XL->s8gNf}H%_1F^ZX-EcpP@fKYQHn|wl}bS_CG`aVW>Tf(I8|0Gjve+
z>NB9)z%2d2ThIk%mcGKCr7xzt!{1)_bW)*3%$KJNF~2X}4>1$C_z$HCT&(nwii<y)
z-WnGVk2Z604^%qdBG!~cQ7U;&7z%`zRuTg|aW1yjgfFcG<wPcA7RG0_5D_uI_=c6C
zl>~?7L@SAZw1bsI*|)UZT>&$wXIdzf{#~rPmyH^{ZzyY&QPYIZcaA(TIv+AJfzG0j
zw9sPuwASeSnb}O|KJ4-~=l?P~zdNWUoxcxaR+sw?d9vTpLR~8HI4?DxE5NG`cqO*P
zyNu2CTj}a&T0U)jqo+p)U?h=Y9FB_zTB8bFMM1e|6!&Pr*_pO5V0?ER9@7v-M)qA%
zEs6@r0zWK~Ae9*I-@(l(M!^#*X!Y7`B-v~~4NJ+1YC{o^Kdg9~Csi~WH{#mb1|#eP
zqH5aP`Ua!h+GW7$EcYM$lKn+7K>DxRUqsWbBD#E5{>D%)3KLh9C=iA)jMp&0Dji2b
ztv_4^1G3NM_yJKBqc!I1G*QkK>t4u6{(~sKI?baQB?1d%#28B(RXvpM#?{FHNPENK
zeP(bbA}Q<X!PrH;PoiKO^YqLNKo<1=N&BUL!Tzi5Lh!x!UvY*k`>%9Pi+3Vc!v3pz
zKC(L4Me3u6=n}2?P4Z9?c735Xqp966IZ1r}P#{2E8tX&Cl+tcxtRC`U?*aE3bWEYI
zV>rWrd_BM&%N~|RVdHauM+U<&41^9?$oEAk_>9JZqgKaa9?&`<bE{nLC_k8S^Bn#*
zvF!E|k(+uZCW$85cYfC1VGP-Vo=}8Ftl-nBd^!o}v~4h(H2V<*s{KU|eStSQc(Yc$
zsf@n~;*IP)k|LZ=q|0Sj$TOx7fTM@rvg3sg6tShlXmcr@0K)?uA9IXz86(ZwF7&rI
zl)d=Z<zg?s$z;A@?h4SU#r~R!pq&?{*>v2K{ra1PtHthe#FFJhqv+0949=@Ly-9`Y
z0lb4d05x4fI?TJtZ6WL$i70DX{gp%0KfA-|{Qkq<C4c>P+Lk*eR-ZsTE@v9B5g1U-
z1TZ5(6T-$wbK)STo)~IyBO63Y?QN^hQgHZK*szb|rjZub?5H-Hi}p){wi5%vOl$P~
zja*60|4MIH8-OntZoq}>Q11WHD#Wu0SPJyy$OZqCTBX5KAsX8HYN)@!Rt4sB2;<4M
zh$WhvdOWL5Iz5$fCLd7Z3enQ@!O3m1E-jZO%$2e}XdSY2w|hQQ_f+zSeOwgjOWm3e
zG%Lq@SR3)v7@l?;XWT8+=Ic~{2Ro+G|2}Mj#5R5qdXY_Fy*f@{9$BuO#pxk#IlwWH
zd%L|xJ<)qc18%@B=qFbb9%yd`2%5&biL!-2kMx~_|F0-Dv2;}BQpAr-QCPA|R1)Hq
z4BIul!5_p$t5<!TnMFqqSkk#-lpKf@H%gaNAp92$$9YIlZmeK392tW7=L+=t8&{y!
za4yop&3Lb5C7hqO@AHwc2^zipacoqe2e*gWWv9^v4tIT>gMtt|oO<L%cR4<0bY6;)
z4HTdsCU_=65U0U#0mvmNVG@W6(nhE)!4kR{CwyJd5ultD7^EY>F>nMJZv#34j5m!q
z0@N!1j*PK6QC457k&A<eoR>HPU47x3P|2TS{$AMPT#^~+CguEl+bl;khlj5n$_RYr
z2mrr#8dr6OpUZGMcDPLfn@q!o7iEJU_bM-}QjRYec`u=A2%nD!hhib#8kun7#_$?E
zKykc@z7)WSd^EPf!p&SQ2k9hNn+HocQE*@AF|{rm8F=w2M6(XHz%1-u`Nya2@pQM)
zYRP5H%k?>-2IF`XBMvrOT4#BQ+YI}AKO$n(YrQ6!jbRMwWt<Gmw2q`!eZ=VaEcT~$
zG>()P#-WMt%lSDfbtxjWyHSAdYxQ;Oe4NCs<JCtt`-c?&l-#U2$l(WlHyb~^K;qnh
z9scd~$PF%I(*k+Mw)#WCdqs!>$mc#zvsT{3_jK~KQMlnml3W%<#Wi434U#n){u`uF
z7fPX;*?FFPIKvDeFZk@S&L8!NgCli*PaKbrSdoCo+&pSj%}u~#=gPsE>HEgw;Z?m}
zF?0X)pm#~1A8z<?%1fKh`Hivog{=pK#Y3TfQQho+8H*R()+!c1cSkc8+XU9D;{^WS
z#NxBkY%Kn0c$(usjKA-tw#45D7NdW~@wbxQ<yYcwobJTmcyn0z`&VR~zd8|lkA;>J
zr}z?jk5|x(4X+p?PC^l*M|c*bM>|Q31nk|3qh^V{#dF}JcHg*L{Tv}<Z`_^t4;5a6
zvH*8?CgQFi@63-540pG}5fpIO`?28eX&<%3-6ub86?gC8MoSxaEAWtvyK8aS2XOb5
z%`I{Fk53Bj{#jla4<x=XM@5X6d2|Sn^NuM3aet5qKQCVzJhubIVID8TqRnB{&rZNI
zkuRY?-H&`}`!n?}iTgPHZRN|&pB@mV{r`|JKgE_^FlkHqauWs>TfVdjoZv+Ee-qPY
z>}hYwm+j8{ugaI-{lw0gC||z9Edz0U<D~1?;#-`_iEr_yvGDD2WSop|Zk$K0;H|fU
zH|(bZyq%2_Mmu|!uxnAc3?vGd2X|~1F82d)8~&z%Y(DZx6fB?ny9%#ixK{CLBEa2+
zcjlS{1GqLP2*6EzUjXjBjV%GL?)_E)u8MoYZGig=9+Cm>E9g}La36fo65y);A^=w_
zFN{Tr@5@mUV<Q!^0Jy5_1mONC5iI{R3Hm4ar-1ybTk~fHY(^H&bwV%O$DFxb5;V`5
zy|390#Jx-6e#OHNx>*d$Yijl-$CB%1|N5Mn3h4G9@4$Xi&Y6ArO*qW0dCrXKtXK;t
z&zZ@+c?idx`CTa$Yz%m+7bZ(^jW4Dhzx|xKh!YWO&Wsgj%>6lc&omCM6l(LeHD~6n
z(RL0U2kGG~jPP)TcM0?bS77pV9sJi#=lq!MmZ-#mC|bk}F+avJSgal9$9~R_<*XDx
z=f_aH=#frm;eQQPt<pl6C#x2+G$5ES?{9u=Ep<Wbv}8B&YZvyyde3NyU-*!J9OlQE
zik~3!V_ynf-eP`?bAu0be*A89tHrN!wB${kAFK0&-;F+GPmrO+h5idAVIOjUB=I?N
zBLx>~9IWxe;UA$nl?|`voGa5pYButahMEnRq_seh55~Ro2@D8v1h69<97C0yi*eaL
zus^ARwjz@*P58{S?yZ>&zev(rD8pOhyvLc@-r`mMQ!2a$k$^sKSs1jYwb^)Q9)b{l
z7z#mZX;9))e$6TclyJB85Zq~aS8(T(bqaS_BsHNO`ChBIQ}8uDY~#-Hc!=g%6Iv!U
zrhg^ya_M>|HZG8h^}ZY>mG^{~QNI^>IZYz`to&r*%QG_)@P%{0)P2tZbCz~{tg`nR
z-+GtKIO_TADs%S>zwsRKx%Ur9Ui$wr2mD8QtMby*0C-zovI(qL#|iwuDKCxq&X$+n
zAJ`Ia#shEuWBRxi-?EP-%1dErd79;=e`P)xZv)Cp@uvC3^TA_LM9v3O_nr@K#u1YT
zFduyK(bfU0{IMj!`Ycgg8jpA8I|n8%Z8%n7t8k6LR<E}eY&qhvb^n@HVQbd*1laQ9
zAz55nx(y+{jHlmeDK3TnBzShGyfDIv?*-4ELPFx%tcikWS4xDR#k1_KFD1+eVdLX4
z)=W>pwnKk*xuIvnb?@BqR8yVzwWqiBTQq;$L9e%fx5w1z{O?$9p!XYN&ATn(ZFg(S
z4TD9+1wT^<wA`@%zp~u$iLnj`1z5v-;&Q{A7+-97vk9zM#|do18yxujuPisfT<qEg
zOPuQceSyGRv%=MfQ*af&O~DBaB2V!cVYS{ceqZtwoaOCvy<w$tc8B$bL3^(^Y}wfo
z-=3zF5}yy=4nF_2^TBu{5Z~f$W8vEy$T)dEczkjAcd+iesgtO@WY&i>hh$DT2&I(M
zk$1SF$K=;UdogM;q85h(If?qO)D%Z?s2(oST;6tdqD-Su9r8e!o}N`4x(-U46fOp~
zCbs?gL4|hn@jh|V_=iVScn!mGG;kscUW9k%-wq4~-#JQ9@Z>iH1>LW=M8P}XXcYx-
zFz|U>c)JD<$tbvZtDxXt-)xD3!FvP+=gJGCGVy&mDq{Qv35kL?TqY<uULqv=Plt=V
zr1jR*9!tQ#3}&&$pMZZqqu=j-)wO-jxapO0?~+??8<X+S*86ctp1o@Ko2<32d%Gq0
zwYt{&|3kK0Kc!Xhdm96g4SqI(_3Ai*ZScG7e+T?9m%Kh|%XUAV{2$lvfA?ieynBU0
zP8{$46?raBcj8^VIexJ`cNU7c5B<J|%_|2W&uzpKd}|ZXDhNgluR-T+so%dF?+#SI
z-}VSWvMW{!lAXVzC6cXL*(#Df{~11SBiUnkNJg@+KNTd~RM!&8UY;jNwp3miuOz-N
zM@5YHk&sCC{6&Iff0774FV8ujNx(Ca=Nyv~@a*U1xy*0BD!-}j-ud3w)}DUXsM!z9
zJH7>^{k!Ek#~Upn?f<bnmv()tkoF_S6dTfP0_)Xr0^5-Gza`H-@`WwW_3HEAmFKci
zlH~d7CW<d{eEV1Axp*TG-{NiaYvj3Ww;Y%}cMNt7{Azh_?VSqk<^v-V<+;B>FiJqd
zBzf*OygN{NE~S&8;AORff}?9%qTtfnR#EWjkMVgM1s}#kG74_{NKo*-r7cnLg|MLD
zVtHY_l=!|J6*Sf%AyM$@^8^L&mIy86xjC3}$L%%l`>Vpg`AGe;><V*SC0()#0jYuZ
za?D?vS%EY<RM`ymF5X-HPb)cQLF{{ySDMcKdraow``5@?X=9!bj`QQ{|5G^&74^SX
zaW>|!dKl)1@UL&H{_CYgP~?*Jq52;W)&C<>x=t`jwCv@mfr#77HQ;UBUXIE4WiPje
z?|Le)h}6-NFx1h`$CVB1Lax;P^BMMXJRL`L|A+iusLR*Z1eUi(dki}HHLwq*)hD&g
zu#bbhb^~<(gIzepG#C0(#B<PvGp-5C0GyX$8Gx3g^!BSv)cuE82VOU&PtM9;3%7~U
z0{)EGVf+*P;>VK6h_MoE>Dx=vrdQ*C4gQUiv_d_&6h{=+mg$A-1E2HQu@kt6;Ei;`
zu|7+AzDJrK$@1p!irZ)U(gvJ_-7?ti`BmT>wI*S&GN9HlZ^fDhZpz3OFx}&s>B1n9
zE=46Uzk{LbrJtY!!FFvPD(Q`+e{8Q-sN?D0@7YrScQxn7!y@UwM|^A_GdRQ3BVBM<
z;R&^9XdGAw`}wGSJ`WzSy->}MZvqZrDt%LvC$>KNg|eT<F?Y&EG}asXGu*bvv#fBJ
z*Rx+|oWm9Xhs$ya=97BZUPAG}rqwn(90h|$kBjfh89(Gf<9YIM3nKwfDX*A^PQo0N
zw`Q+Bu^7$=32rN*K`Z=mJFyI;%fTl{vRRSYV6hFx0VXg#rzvmI1<N!i9hAdfRO{)Z
z*JN&njtul`0!Hf>3mDZcVxdRFQM1^&6}%b;6PmV%-d9L5>l~&3TEe%syrfsJEPL{u
zhv#M9sV@p0vF^<Wju<#4;Y>c9w;7+-FS6(K$?p$s=>5I_-d9TXMe{aZ@aX67y)`EJ
zeS8>MWRD@q@8f2Qar4o{_oW7R2q%;mr(kN%w)C-%Mi~ja$$lNB_AsT+U+WPafN^Gz
zAEb(~mrq&`<w+~v(6>5F2idpu$WZh?)v(yAeNhigPa?e^IW7%N+1DK%p!T!AsMem)
zK!^+wqH#Q6rowV9gZ3ad6I*0OsgqXuVGr!LWV>pW3vjDfv-!yb{8%P#umysqi~OUH
zm`S|Bp(pjQSd=47V%bN1fEMNMriWm>M-$>Y2X`9h*W}}H%_MvGv~k!Z9;Dyzrp&-s
zShN$jgWsX1dgy9*S+tO+MNgWbU8~l?zR_l4D;l9B)0YNgTU7Yj?yN8lCfMLBM3+V)
ztpdk3!W1ju(1Lfd27ot~+n3VtGK=Bs2^(As0nz(8450X3S$rq%W7!vBrCf@?gsDR-
zzTxNR;}t&dc&!{aVt5Mul*F2iSlCYKL8<ayCSg1;yYNeNozH9NOS%;uH7~`1uE&td
zwQPk<f7fE{@_P&cp2*N2gH2tgPJkWKqY(^r%^nGqb5k}QR!$!i_=cIiwG`?f;|>1k
z^1SLo9wpit+vtgY_=refn#ZzEB?4AZ;mzfuKlTouZ2ov0TX)YDT4e_I1#y2!WMDUt
zkn|&2%_{VBfSDOV7S-wa;kWbH3<YtIKs*8sk#^zy$2~6p8H2-}7NSHt>K?=?PZb03
zjWa@>s(5VV@q@#o7p5n^?JRFcR{^<Krj`_b8(0)=<5}#&m$)>HFO7E>f#TSUF+rQD
znq4)xly$0G%1UM}MFKYr(0RlR7k_^zN5Op#{ni9+l1jK^f>)cdk|*9BQ;rW{|Lh*W
zb8z^^SLKwr?3*@W@*0hE*92XgQ3Eo8Bu;!rzN%H+g$%Kn3j&#Qcnc~`!soP#OXNwd
z9Ksx%{jH>Mt6#%;qK|uH%VXI`Gy837L6}8FzSZ5*FqiEiS>kAq4Q3bIHtSRKH$^)p
z_7C}(5MvsM!Ld^cLU?_J^?@v*TtEiVnCL@U)l_w{#WJ<Z=?FtdC+o*ny{wuN(oV3c
zhc^2{zI#UcF+972?X}s%RP-#iV*NMRS*=x`iXd_wvmj=0Nm}o^QEz9k1M!LW%V2Cr
z=o$C@@~C`Qfutxbx=V%Sy6SxooQ=nVKjdmbvI)dwjzg1ht9Rwu?lgwylPCCNckJkX
zxgMtubY)evztn0sb9avLBI#b)8&762e)gh{FhB#|BrpKlbQu^xji0{4AN(gLv_Cp}
zG>YypF)-BXQq|%Pm<05SFVu-BMD)hJSVXJ1nFR>#M4NuzRanx*iJ=ZF7jNwsE^qLy
z)M{}M!Q7$+`}ly1ALwkqq~)G8pZa<SJgPoAQ+=el*-ajjCr7r#x1L|*H7J~cMt9fx
zkDId!J`U3L;HvaEe(C79IcSv>e!^*f3%h5U>2H&&)O&EEODM`$WrA<QYYO7NIMyl_
z-{$F|kGPG#Ko6(8!;=)|#nBD}c^>T7zdyVUY%o?E=Z8}qwsnD4@gaa2d_>H9g-{&P
ze+=%%39K0YwAr1=ZK3UYB)emX7?^ddp7M@Y4jEyium{CHQO{&%^E$?l4E&u713<ht
zU_^NE7<)uu#%1Vb_#{OkNN}gnt_IyV22s(n1VYzsmJbU*(<+Fb=)+G)A3lErSj6Cl
z`lnfj$iQ99U4~Nz&cR_M3Fqro(+-R@$`pjSsY$R1U10~YMffmj{3Abh#<!O6(8}x`
z>xmbM{a^K?1YDYiuWJ?EkuS{Pi62MeRw0bF&$||xkW^MuZM_=mQSt#uYku8`ZCEl&
z4ar}N{z&GTi1yclSK(I%-Qv(^YS0&S>AF&H2Ps#@@<fW!i<`P@vu6V{e4#CR?RJ;-
zB_M4b#;?`06UHxkJ4hFax?QbSc{b9NRIb%3hv6o;B`x?9Fy?g02)N_}@1ddQk%D2^
zM6GmIrGS#97>sP@GCu6aC1N!gPoU9^%;ADf5L=EolHI;1n0JD9D3~-M8QDIM``d~!
zMO$42f>~JrF_Chaqy%7<386_mFFx$_K>l|HKgp~$)3CW4M|#zKnO6R3ind^F<!Y_?
zo&44GaZm(L=$<(~cV83R*0H})xdrqgX=dOuP|_RvlJmK;L{i^;55`zu2#1uu!6DU2
zZdQjcJvf91SMdAqBOylNQ#5WRpU5zD4gdAQrYi!yRUfzlsiF|itqgpjx4{pLC?H9n
zz~+_s0SLGN0;#VMig;4YK$V=`FPi@f0Y?Q8Yoe}K*ws{kive0f0I?AL>)S5GJCq(9
z{YpYOjA5MH=?!g{&pwK&x%mx#hz+}ndcs|FxFeoeN_1Db$>A0ob0i{R5HG_(^%;sO
zoT623v~JU6{COQup5XV0QiD4%2scc^b4OvTjN*AUlV5=S!z7yGHC#<z!GZFj8M)!1
zu3&v;t&vt7+FfI&m4AX(T#ZbNSLN3<$^oos$J#kV`!eHl=7RC93Rf9>A%9{Zo6lfm
z4s=rw;HHpioHq!4+^bzvH$lsVyDW5~uQlf?aH4uJPil)~iWucu#dT=w#7=>3`Pa_q
z(v_EITYcjq+}M5NEZj?#52SB2T)NM`@zY`K8~f`OFARh#Y09DTCV3L<VKvD^xK)jC
zmldcQrxH(Axf+rwR^hHkK%8i*UBCgQ2vsE1BXfnGi`ZgT4c{^@0x1a=c|2aK06PiM
zInP4T5j23}f`SH4;GNonHPX<=myiv-7>|BIyIDwpwtI-Ro(+y~ZlE>bO|oS!TBiMx
zY?=9J1d9~+ShtD*v+)GN<Z6{S;m!+LfL%K3#WADcp82TR1RRCN)m$(wZ@t)>svv8E
z)=_uj2On+)@jS2Q3ZWJ&!3(><n3-{{)xbI6F^(}sf`F9G1o!e3=SMg|E35;v8;b^z
zrc@yj>ndJ?7cj!%G%z+?StW`Cf-#YShaHhdf(n9}Q?aihkzKXQ+W{kj;kV$1uM{n&
z;pyi&6+P2<8At54Y%Np-B}6S0*#x>1I$CpsZR?K)8v>wBF4XrxF)7qnxUoCW7To`Q
zk<=W`xa{(McAgsa3L$XW{=3km(^?KJS9W5`y#^KwiZG_YHB(D8@-zY|(b~i#&zxd+
zUx7|!<S=&;1A*_JUB&L6POWk~I$#T6MM|><^^Ws%<=cSu7Lm#k=^b=D3w>|48WIkc
zrY5!N6?jq||6*y~IQr5<a;@pw2k*u~xELTjJpX4~I|);pn>q#LY{u0paCsb8`C!(A
zCRPo80K{57v;nuO%wJf6ia$5v>E8=h&r5SBgVkR#)a?(f{)wr}uLi4z0`UF^;C-vs
zTR~{6)*o88s;+P0Nzq_A?oey#1qV24ekmJbWz@`xkDA(o5qmM}zc_3ji`q0d@BGB(
z<pUuLGGJ3DkV~t41$=G6(^Sk7%%3oE5s=m@FK%x8(Mc^n6i*7B2gu#@^b~D&K5o5X
zZ)Rv!uwK(DkHuq2czRB8s3}+vS@aNj_Be|}H2^lPG8NA@{XF50`(XH7bWXwE65#EZ
znBM*jyzPVGou?|KmTGI2lfX;dC0s^k--8FM**l<2R<pBsyj9KqEm%V}`<J-0i;ZUg
z1>Lnv$*(Q_S*IknXH8;z^1;kU4W!ud*}xEpLIT<YESX4E<3v3DJZy6$x&5%8E$qHW
zl0WxLq;^FF2*=^D2t$#l$y^NKv}o4~oHvJ|TMt3Gfi{LdG^wOG4;NZSc+Ai$AHuEB
z{$?E7fIIjA!rYLz;gpCT3+_Hfn~g9G+qH7)cyM*5-XH4>TIFR3mAT?9@Ho^Kkdj1c
zwZdDtB2bdRao)%%ND>Cb`3ybujwl}2f~I<SdM15o9P10GcvG6LKhhWWIC<027x6&w
zuc_D5rek%ccJiALPdE}x!WSL+o4kb|X%%oEiXskpSdT4(o!=@>b=A<3i{9`y&?9;1
zKtnprdo2kGQaMhDvw4yAZsx^GJSkp;Ybo@&j+j|pvs5Hxs%PRz&Ik3u&P5Qo{)9OK
zh-nX5_>eVWKx^c0Cjywgn!i4<`Rga))*kndi+{Td?h^Vz0x_Fsm-eJV$pIX)#ulYG
znvtnKvABF-F7r{a7SqqJD72Cf?8$1<tn=)XS_lUf$8(YdG5AT9mlDPx5?Z>M4>7n~
zJ-!RRYV~+*D6{AaTj>OP(_bBG%Ca@!mhxv6uA=y<$IUO7#n+z90w)h|E73{zH@xk^
zK?c8ic<U$>vQQtqaNEJuz@qzUl{jNW;9r=Lq7de~vFweo<T2;qNrKVT4#gr!dlu3H
zTKsL)q!`Bw1uo?xdOadJ{O58Jn77mbkzAs@Eys<+SNNIeZ<X%nB7A}R+r^^9gv$b@
ziu<;Mr7m~7qwTF>sUBfmNGU+Guod!nMJqUXMLRkndq4372JjhZ_P7v-*)cXBx9DV?
z9b@JXd_n_o5}oVPDsR{;nhV7>4~j>kKzJ&~gX9iN&91pcX&d-P`o6%;@hF%LH%c|N
z-B%dZDl!lbh19cHX^drGxLgnc3qJGlHIi63>QUU_Kv*Xfi_l49Sez@P6tJ?Z9)i}<
z$b;aDvz>YCnt+)~ck>dIA>K}qiQ(}DACmMrX7OGxtD0Z-*z4u|=9dTU^|Ge<<#wpn
zlfOy0vA!vLC#jWSt)xKg+}6t%kdit=b!_*w%dmKYHZ4a?yJx8>6&iRx10k$T;~Vzn
zq<OBbDu8;#l59yV4kkv|K5So$-vg(;kfJ!L_s0iOzX*k>6rJ1-S1Me2HkP)Bzguv(
zzdcd%Hk8rKw1+LUi>HZ*)2!aLICCgsLuoS`*_!Kt=rXKD2KJFmz9K@ZA?yp>HUs!Z
zJV6=EAp<p^CzZ@o`Zy7FxRtNW%lR&Ps4ukI8(L!=1Cg#Jolq{B*|nxW;c`!zE%3i@
zI8RI<2=wbv7qLP`QZ@5b6rFgOgK-IimW7AQacko~mp(A&Ai}e_8=@_o?wl}$$G|+I
z9xpirkDqH5^YG{mV^JIpR*p88DtN-4PI%_3LPCWThlw20AYx4yU-V%yPaQc)E#!Q>
zqv{b8Zw0(Mn7#<U5VVRlC^wtANIr*n7z7bfCX|zC3=k}YLicFQ*}|T5TUW>AImn9c
zTyX0WR-j_ed;$@zZi{X#Mb|3cK#d4KTv?&WSc<EtGAB^`JC=14bs8MZ*kbd2xV31=
z6FZt4eg>XEMJP3JcqnpP2XzLu7*JhUOQjt>&Tl+mw@h@FxTYh4XrA!F^ia#s@{cqm
z-KeLaL!0>sGyKOX(JijZ5L{8J3_!}>sthP=8je@|p)?tlcPiOj=}MYA-D07F(G9}1
z)d7ZNibBJ@4Gbk!wj@yWq+WQXRdV@51kulMV{_96+*{23^J?iWPE{S&t%Y1bHr~J9
zprDuPHcYG((v)W6z2B<E%(ki)hoM!hE_^kDw8}&A0jmq6Hu3WRh*1Q+*Y2{`QZ(p4
zj}-$$mX(B7h}U1$fsK^>mc`(TTmB|<Jaj<T7r$@AFD^zwtuH>0+h*SR3u_>tA(SIe
zaCjx>SK%s@sh69cHgLwVrMU$m+S`002w_Y;L6xi=N$tE^;7VfZxPG<;zEt%DVBY#Y
z@<MEZeM_WVizN}!-U%fRK!|Gonj$OcToQWE=<~@BSQ|l~Ki`s3VP|o-dm8ACHI^b=
zw1tb^AEOe*+QJI=hqw{>24jO(`2=1=T^IZWT9^my`?TP0h~abb=n4J=T;r0XM_cH1
zPQU_0g&$8qxlxBqC=Ov?HNb7HR&g-`CjgVnILoDHF@D|?_IAQ8i@@PWp?SXQn4orO
zsp0niTFH$%#xc2UAZsYoDh~(WXbZWVf`(^(`B2ISRcBcUe=gk;@66-qXTWX}@(e*)
z5Rhd00O=`0xcIQqdN>xb2-OI8n{5))v$vSbA!x;OG#Bs*F{y6_teQKJiTHrj7L0*s
zJ}hF)IX6vPIA-^R(77oX)}U&pr5cFngcy?p+IG=HaNS(=Qi{18EgR2S$E%zPSOsyR
z1&ZCrB9hx?4LD%TJ_buC<~ghkhcTI0$_O17^5gRApVMq&4FAqr8H&nhP*n6{6cI=c
z8km&&<po9+M>T{$sacM>Q|h#@$wd4+r{Oyg(B-(zZSdV{dhxk^l@9e4YE~m6=N4=t
zmM3~8pD+c53Q((H2d_#YqgHHXA?#T3Z?1$3aeULf4%s9$1G7f3^Z>+-415^zOdlgL
z3$PF>9<|BI0Yr^%($lb>Z=?I=DtoIZeaS{jWhT~W1)OMI&D{s-AQnwZu_-_IbBh!r
zZ%9L_0S=`>0c}mpQWPw|#=^IxzVv(wSf*6XC*{0x>L~i3`LjBTeW-&{x}!XHrwa77
zhJk4)uS~HL1;kkPn=o4-jp|W4V__az_FDLnm6mP2I-owsKb4yh&s_7hupY@T(**Jz
ztWK0hf`UXjGB>{=ag{s+hD;D<oaUhxtGBYY;0=9X_NJ`9kDh>L+c#pE>#@kLR-_^5
zIP`YQxa63Jau!f13q2#UMff^M4fZex8w7r866J476~?;JEVec3K&==UK=%wcEo@I~
zHi}uy3Eg<H0-R!)wGeD9s;4@HSq8^a9p)^l#=g2*LT>y(7knUp`#$si8!`kFM)%;t
zsjlgRa|6oUkeMjZ&1a#sYk{6%#l5E&Qa#3@qY(<z#$tE_G)vL+9yC$2ILRJG@ljBf
zt>?1GQ9i(a*B*|=j8lEc6UGWmEc^Tgoc!2~o`UU*nedz#E;JqmnDfOPfut0+3_VV;
zI9f+#a>_v;W~DhW2Bz&|f-x{`JVxCHdpo4Hj?lXFc6j)oi$}WDuqK>%0#|3>bqr45
zjAS%CK^|99F1z=9yp;^tNXD^QMl3o~R?(M~<Bjp?Z1{pbT?`U=im}6($AI1vgZ^k|
z@$qQ&o@i=JVn7GU5vP6_m*7!6Cc;bPcgM0K%4AtdRMq4clC#YGM(&h_NkZ@}2^K$%
zL@whFN-<U*)wy=+=!Mbr=wVT0Wo5vkNWRg*c9`|W_#0DYtr9?u=Rep|;Ta_;XB1e~
z=nL&JirP2EZ2XLlGV<?Yec+qMguP7sd$j8-i=J$M3Mv5q!PfNOh;>cK?dyY@a}z6(
z*JNsHS&tZ(9b+LfW<~e23g8~F3B0@*)kujG4@w<@KIUJ+2F4S2S|z~-fapQdL+CF@
zqK9@EVML~{-4$%qIHGNV=x<)Zv{%K`LWeUCA2QxYunF5>hcVKA$Fyc1f{+i*ZJO=t
zsNZ4zsNXS;k^0d9#z01*N;29f<?$FA4sIwD)BiyIkg^{%K6ZgX+eCTbLQGD%R>CCA
zSlO;ImcNOmC<%RMUV~T03wKy`-cNaMXLisNz$*?EO-4C#k(x|m2G`pen3@y{Bty%Y
z1J#2F2BaG7iC90{6B&afKZPGw*&2;r$W>ff8!pMwZh2)NNBc#lr~RT4J0_t#jYdNz
z%F~K9uBExK8s3}<S{lpesm`N#w3&Xizig)8!~8%i^t%OLVy=pnqIpI@vLl~BTq|Pl
zoxJu33?@J*qYz^K64VqR7&Cm5(zaeR2I5gYfWOL&6Y+=>gN}%HHM-e3#^ZLxOXfJq
zn2H?Xz1l$Okm*jNZ4a?LZvaBU<BTa6%bwKocN(4vq|AGsNI5uDAkwLaZ-7y=a&0<g
z13HAdUq-K{!DSH5H(U8P8c!T2`OlM#n`uRRQr+^mimo)s?1O9)jLY}(Z(1O{@FVTR
zIj^Su?@PegD#%i?>|38f=_+fqiVCbE!(Wc<mnm{-9gCbWL%<~u|3&yO#eW(8Cutqa
z%RvEL*w1j8uP#J&Jk_Yn8g;2x7tDkC&Y><1Dv<LI1m>v=dkUV&)VP$XOR2idSC@I}
zQm!s*)TKsUs?>!_QY3FsPxb2JRDmvaApr0T>QbsMMd~t7UCPyElDgEWOO?9JSC<BL
zsaKaZ>OurX*0gBC1;PO@rRq|oE_v!wt}c_*rA%F_)MdW9%u|<oby=e>HR?h+m|swr
z1{GMOp7PYir7jfN5VK5ON^z+!$B)2GGf&lF)`dUFcxiY^uB^$@2R?@Tz~?RBQG^(P
zVaW;NdLf<UcoC4xu?aui852=Dv|PNG{T?;x1d}{GLZ*56n^cU}y?gE8C8PL-gJj5Q
z!Z(pY7hh<++cgB8vLG1`i$fSAKVCE*(O%~424-fMQ3rBj?-hshisAUT|HF;30p0u?
zOn8%WOql1ptRB{ZkU|_R1ZLY5_GnA2t|}b%@><26h_74QaCB_L!A2S+Q-vKcs~X81
zIH1ZKTFwH+{b|Fw!|${ToEGXB5}x{_r*UQd=9s2cR3dgU<g-rvTBJf<QLh42wdeIX
zNCWppxbN@)IvwuCN^cr?2b5PD58NUpQ-EaUe87u2xUwJ$h8o6vA44&58d(<57>54P
z1zZi9m~~M4+WyDFZMB7~ut32^iunh^DSH5BxfVTUeL@3qJ-8ayZrE^SQDxSr4D~jC
z2(#-aF>U)N1X{_HCC$_eVU#ju4CTU!Y-Xr52dpw4>rE9&U3gjn{4@D`%oz=#k@Ex;
z)*&`roKR1~K7*$OWv2C{y`&QsE@yIP+~xU{inRe>^b};;1=iO1Xb1_-^HGslcG1)A
z9pSi{BI)5mW%5@`7D(3#$42?9kZ)~$3K6VwDs-UvHJ;gRdH9h_4nBgsvuGBw^n~6P
z+t&P=Sa#Lp?Wt0!fU2Y`7q0N_3gF*!Xa;Hk^Q0h^>yeo^^cG7gg0U|=&FPJt37Hsz
zao7O^vDl!gM~7->eF8EKnzft1{(~cW3N_$PoI`aGPe8x|k5L3qW2|wGH!{*Cq{HVb
zdw_S~(xd?21a-9vuHa1|4i82-R1vDs{ZPmIpKFh!9`Tx5z;x~A9CTF#d!9wrQB&OR
z`5SH{9S%>y1?E9|c;M$MB=RM8(P%?<+k!LuHU#HBKm&G$C;15eB66d;c-3$4bL@~W
zx@)Xgt8kT1Lr+9Vr-01~kPH(k@wTSQV;Zw6$2-Z&Vp}}2Xdk?Xf*^}|e8ek?f*^oH
zmsWw&SKd}jWHL-?u9*)y2tjm|S`nls1M$KcvsKO0v|B!9f^fzue~**m8!}o1XKuzx
z@xBVV*=&^*?u++Hih^f<6H>hW?*2$2M+bsXiKO8CRKOJL99Vy!-5&%oc|Kc<4vmi2
z1q5-J$8la9&bU~S1uSFH>0plaie=t-Qt0&g9@J5>%=0Sbe4|x5{dnO%>E!tPZ$hUh
z*6oi@$F{;U*m&eApIHpq4EvR|irWx{eu%KOWE7O+$@one8x|hWV625Yg`2cO>vc+C
zE8%VuqmQu(Gm9Y=y8_t4n4ytuGVGw!&(tedX_eF!+E63gfdWS+;Y}QD2LHJ|msSc6
z(JK3+5CWgW!kro*45n(gxf#UoQMk`D9xvtDd1B()l&w_~5+ng(36dW0*4=t(KZ2r_
zr9BL#y#%nCRNBA=2UOBOJ{m9SJLqSanH52&zm9`IIcjV4ggXoZR|bgSS$Sr9iunWH
z8HY%4;6VwB-Xn;BrEICzB;&DeoZNCYjPc%XjW-3?qycO~bY{<PCd5M{lL#>#Y0<dm
z-*KgJWRV^j?Z)C$s^%P~aZNxFspGIJt>YPw%D4){`)O*lJT_i}tC1S?@e&&8Sk*?4
zCNjS26)*i2w~-ES{SfaJ52%phEv@#7FV5d*ulVw*-=tUEv1Wh00!qcbfK+i1p~In7
z+%98Bf$`z7u^0yHOw2l@%V-s|&}Jo}Mo1Nz+A*pvs4Q3q&a(LT2d0g;5iRMDJ2$DB
z?zWn}fC+~k7f%>NLSd)ClhHF;Fi5bg%^?3oY8*9*4ce*;sxGl?OwuO~Mg@^orb9;m
zDQr1=^nVhs$mngL1jbCzvjq7$%>D@dr7W}4WtU0#>K8KH^LA>_f|MobE7GGO5Y*<y
z-U>CK|HfV$h?12DEb-uux3{wIs#Tm8h)(1eiM2aLv;4Kq!dV^^^k%PLQMp6x;wds>
zKAO>o3N%H=z&S!f&qDa`-GvIETWFQA;ET0#jO4_J;4UPz$2=UbxhP_^g|h}Am6Isp
z$Ks1Zi7RnuY=akxikiTmJu8Q%r$iqxK9pyzayTGF!b}hDn&oS5jd5X`koGAwtJ|Qr
zv^UPF^GY#Gj%7Chuo}FvEO(%T9#&IZ<J}cxq9*dutmT~dCg>JDuK{En(bI(kVU;D!
zJjqBoh6BJ#k0=16E_Idf6WGh5cX?g||3VM@qVkErl9}-02c<y9z{d}AM32Nx7v6M~
z*@BXmBN?+0M4`2bUlKJIvdg8k%@E_(KR~Z}zVNK1pl@ExprY?8-6v%~W7qYFa|#=|
zJv5FO7<7A9K)d(?S{7hQbl}hrfC-Tf&c7T)b!hEh@m=8KBz5#v>I~%ZwUl9B>D#FE
zYyK?h|CpS9=}k!gkNu`!`M!LAo=X2{a{8N*J{s6};X^9%*(&jk$%%(BaRICXA#>xG
zR%eH;qQ?MMd!$Nvo=SOZa?18dskJwsMZwLx@MGzSCK)$lX<E)oHwr)*M4?D(-jW#Q
z_Jg4^9&hBx`*_0X3>{&Ro}w;Q!^>q1J=@qOpNk$Ak3F2>{f&1e9HE#1z$znV1Yi3h
z7VU<BXg~aD3m~cR+?uNyoE2>wWkI7I@T2Aq-;Vk*wq!gCN4?PO?{<OdEKbMXG*Lp`
z+$k08VO%92GRDhg!n`E?&}&Qg(hrr!HjGVB8O=-ZCxG+)xU5;AbJ=(d1r*qNgnsme
zXTp;M6l+mT(z(MBJG`3vtL)D2DUru<k0THm@`HaOw4I?QSbGi7?gl8FhzP?XC;Wt>
zJLW9YYd=e)3DaaKq!vR=(hH+g{Op`M-^;<pq%n9N=WMS7*l>>bF$D$b3D~th)}+ag
z=);gKClkr|T^BRSWhT`O%3qzoHhNXEK7o1(WN^578}s9e%*}s92{`|{Q9_Via#mhU
z>u^9g;7u=lN5&Ri8~n9SmjN5}o^NBw(|hij+Gbd!Q(^wDl5k%rsk6M^NY-2QJW>*I
zug7%?J&@#Yhw*Xr^yKn*BO~y=z6O=Ixzs^GpPK6pkID3=yyq?4;M2~y8WLdWgAyFa
z3;=Ta3P168rm_U{(RDbN88g*rPJ({Ihpn2Jk~zJF>-{HlYinjn&z)0x>iywHCU7Uo
zipJbw-1G4s8J=K}fbW@8fNDzLE2nfdf_S7gqN4xlwOi6)5J^ykxQbR*o2M&CXNl$<
z7EX6zho&z)F%#<rC^O8&u;PH$`|dvMJ?$ASN!d}7veOHVr>}5J;0@L!uLSwIN>cV{
zL4*0&%@3Y<az2!lE(S)9`pf63j@UZ1k1x_Mf_tsvdrBkdL4XFG$S{^Wr>L=9kZ~;&
z<{+U;f!Y`0_$|bTy9GUz3%LIM4ejwzl<8Sn<jnTQYF+`xLIwouI0DB;Pn<As2whT0
z`S8Im_#kOmq+;NBLOfuH;|e%hDS_p6<tAj042ED734Q_BG93aX>5gHSr9ZEytcum6
z>lZmq!g_Om@rJY9Uep|W7GWzu1)9?vdz~ETEJ25f9Q9d%E>Jo=`dKQp1mDN}XC?EC
z9w|-H3%_23uVVf-c)i~E0ZvJC>ajYn$^*ITk@O<0{?!6tmil^rdHn=@K@T;-B9A!+
z7Nh-2(9vC1tuVnrtvs=JXas~~AZr3gnsCB|?o}*JFbX9?s8&%dax}`WhraRkT&CR&
zhjs9wfdR?<4kkhPEF9QmmW19eNvSK*2EVP{Og*YET;?q4xdPrOaEjy_9~|=>MW)L`
z=QC~t_4IHF{sTC!a0s{&hqcAt)>HPNZjDr^AlmhyP>nBi2J1D&7aCBDH3!xWu5xe^
z0%#S0tWbi}%bV+@RYH1=nV8A}kLvW=oi1N!nc=*(5d;3lC_GBQ=-zY%cVkorKWno;
z12r)YN3vH8hg`4rna4h<N{JrCHpJOxh&7;_Ryi7N>5UBC!&!rNvjdeD)7eJY5S4^}
zDv3<O$;}gECE;mpWvl$*;<^^g>gzrs=e|l)Bjq>ZAGodR9(}s1Tl9%4cl0k+ouiLb
z9UFb1${D?{>fq>IRb8XESGA9ZtJ0&ht8$~ksx0$HRHmw(8Q|pz^BP`q%*%O6HOqL>
z%=36jGtc6stvQ^RW6WY+I-1m5RrNF}(p7abVQLzy$}mZ#s%#UYc&w^}c_c4w%tLuO
z#LVL5Ad|Dcs!Veaq_nD|%|>2aW&<yWnI<ni%ujha)ZE0&;pV%%bTO$!tUAhE$;)x(
zYrGt3R^yVtN%;awJk}Gf6E!i?5t_cgLRMAoS`@`_izfN<dUS|Tow4>hhO6aS7uw5s
z2N9#X3Sg%<Y8Y^;APKuQO)^S-K(Mip89HNXi~jl16!xx+6Q=_6Au8!gRNCNY*7Py8
z%p0Bxus;{*y3;5t{0i*TXiUU4dY&99fKkbKsu03tf8*-_6G>>l!<ZjZyw&adSkz@~
zXnw^6V+)YrAfq-O%KpY#j?4J_c8u&8;a|$)V9xm$9ch8#aNheU6r#=yXEr2=$MZ^o
zlaLS{j#+!k@jLmjqB(wdx*Q`;jcd9=zX#_n3pLEz<G>g=xks(hCaY!+5*3wyF{r5g
zt#T&FScHxV3NXQ~k^s@6?wj1V*2v1LXY^15Qo09amE$2JF>RYgl!{f_5t6pnIK<sH
ztHDl{Wv5EaqD^8JZ5Oc$DhnzD&s!Gvx6mw)z$@5V{|s+vy*JdThX%OySHX$=n~BAQ
ztLDHaI&#!U@1;7T#{wba`uW(p;;^e2Yjxdj;krQJTy#)B=A~bI3wK-(FH~QO_XrHy
z^woov1piwYTR5VArT2ti5z2(#6kzFFNEg6f@aXlJjLe=4t_hz2;2wglHNeN{7;o+8
z@aOSnDm)$}yz!r|yq85r0V2Lny}l1!koEEb7obJPfIGG=M8OyiI=lfVgus?O7R&B-
z57`?Yd5*-5H}w0=Dx9OsRl;$e3q2QkF1`>31KCHT0AL2LbG~s6*$&GRdU!IB`)rtn
z#Eb=}C{A61EA!xD<)sIarQn_maumb>&DlnCj(|U|F|NH%c<s0ATJ{ITVyAE#m$&1g
z>C5$H6Xum-o$=>bPDii)MJ#u?B=~hK$I~>=TlO!p-2IY;CGU_vSTor-bpRkBOTTs3
zB$22X-BOV#&U)5(nK9$_496l$p*V0dd3l!OX?5G*^+?|uoC^P9PyYDlTTc7ugU&>G
z{A@jPMocekm^=le{N!sf<ZZx`TvPOLU!>CpZ*XZ-Nhnp^V})La%R2uEJu(dI;-fb-
z`NHWNO2WFcr2jDI<d1xjE|Al~Xy2#!S9nCq@rIV7Jl^p6O}_raos$=OLq~dJ%b2CF
z@PoisZ|M8zUoHT%4SZ}Fp)&g<@Whf6Q4M44@5yqCUa{`yW8tj1zcu$)a9U32J-8$D
zhJMn+7v(@6+kCGrk7aj(agRvZ@WB8!heeNCU8pOfn!^#A=q!Oy2({Gal9a8JDPo$h
zBHR}`!5!L}zf156{*#ysd+l+UC^0;LZ7jQ;9e7kp;ZKv@_B{RscXWp5HB3CD>qal}
zyavU&x<7}CqAvu;UQQ|EB9Q_A8nNsR5tTiAw7*wLD1ee)h%ya<Z1%exy_&$s_y}=L
z@YD^-O-&K6SW3YV%bq<C3rt~`jSbLI91OVzBgmMAtP1*<NbaD_3UqeMw^%Aa3Jkg&
zRPluXRd9f@AmcGc5K%V!lesFwxxNr=*gEtgBZl-$NU%NhSdF)Ch{K6;p-hl!hx7z@
zEYC?mkA(4Y{-qcnT`GV{jN2KYCB&G40DDYZ`g;K;<NGcc(|Q<b*T!F=9)=s~aainj
zK_d);82mm#x8hi4W)OIcwereyu4jyA^x1$B=xebd1q)eI+u%1PkP+OSF*(b|Iv^d6
zqdzkff&LSNyW0fLN=DKRMAEf-WGs-BXj%p&#bmUTJ6f6?@mWTEs<ntck|S0!VtFeO
zy_gOtcm^t0+)iq5PAF!q`y_-#Q#oU=6H%TsM8I&P(I@{ap}?uQ5|%folM>CH1^tiy
z5?%C{7>3Gz1OR-f6Vz}{K2bUc&7t9$Dq%b;A8;BZ$L|mh5nnHC3hXe!OX#21w}m^*
zCcWo+f1zHu65?`$j*+gnq~0t2OLqD_fgO5eT7zD=XX-W4HoVQ><*knGQGec-%dNlo
zc<c*zI;jMDfW~ztDN9SbzEM)Sj;5!hPlBAE9D1~vj~DKl@@DkV<|>yDILYBZMTZGr
zVME|+PE9d;;9MH83W1)iRQO^PRHNh2v$2NEK88NN+yyM+z<;P78je>uu?jv#Rd{pm
zE&Rh0O1z<6Uf2voE&^yTmIY4Q?%i`HcoVDQRm@$hh~gJ!uxbI6M{LzF80w``ajI6t
zq-zjF5v9lzJB%*R_$-D4R4s9j&qhg8>~`VA>WMh9+8g4fMz5=-l!C=IoMF8?<5dxL
zw85rcJ?0$w%YX!2xI(+LMhnW)b0lj!a<cRyzQ_q)I4vVs6lfKH;wKhl+;<1MBKG3l
zav{Vv%C|*KK<X8VwnV1de*;WVQ8Gg2TzCa#Okkop2#?;nw$z7A(00~fqt47TVTaV;
zI*$43)1U+m&d7y0;*HG6HGBi*SqG6mCN+aAb#ONAHSyF8E2f+A0M^`2^&wuBgnDor
zlgp!ZJQFB~cBLjmYyxO{gk1{Gp=DZ6We&;*IoExj^`?k#%JIN`L~ZbT1WW}Wso>`#
z_y`?`v+H|uTXk~_c@{I*S6%q=MV_%5OC1JJfiONOV^Y|siIq<81DgrLFPLZrR4zN&
zwz_fS5XBg5UDWwr{0d|6nT%1-Yfr@>vS+pm0c4K`UPB+pM#KCp{GvQk)Eq0RoA?q6
z-zRzH<XheHFktM;oCx+1K6B}@rFvbBVwd7I(j71`8Fe3T1;l}dVyfpdv2_XDi>ZVI
zrUhtq-FS&R>ku*#pBd*aP{9+8+xn~8%)xgppV7QErZ8M7bOt+7LWnf5A5Pn=S(kw>
zvFu5=P!g?U+g8dcZ=ua_1Z-R~4x>ee@%=M0F$*oT91<^!cCe;K_<jYx1LDX>XW=0_
z!+3q7HE=|;5Koxwa=fuP%ea8CE;SyrW2q`nP?nQhjk)!^VE&1O#MhCiOY{_DTB~sz
zjWRo~^bDgbVhc%)#xIF5n~jmN6pl;<l3vL(mc5=HoJq*X@#2}rc_23=ban|m=Ng6R
zB6tSzAx|yS<D<bv<}vbSuM^61jay(8W5qT8fO{5x?H>8~E0<fsR0WFXz<9v1V5T#c
zePty^ns6G{hsB<{zj56Sus^iT2eD>!L*@nMz!%XAljX(G59KrS9n?($AH$PfvFtTL
z<^({6RKas-GP&Z!)Ncd25>v~3b83?OnIzA_7741iwVXe={8RPnz9-8cw1M08!exSB
z+;hYUS|sZuR>w1Eg%|2VU&I{(R{GBaczpm|Dk<Ee-O>Y530|3uC=FwQ*Qc@U?eMuo
z@FG@FJA|@t5A-nQD0?Ph8nHZqhRS3Yq+39GDwHiIKpMc!I16r=Jr<2wNbU+?pU;ht
zXK*j-pG>117pAK~ngwTe#Z6lrF2tF?@zH8lXE`<BXcPqH7_T!ZSeJ|a&m%(P`#FY%
z#`Vh_7Ao%N92Oeg4`MFzIb%+7KNs)X@~$g*TQo~~)P_Q=%?-?9QP4c_AE$@TbFwd@
z#4s5`eP9qz!_b0ebOp2Hpb_(CiXJOi&B`Ny0O*?phY!Y*fsDydu^WoaxRoQ^;18l=
zC%saSjAP!?Wsk;0i;REosXqx1j`)#0*o=-7=81fE4kR?lB`66L{(Cs@zEr5UF|NR0
z44R^u(XNTj%qAX$CT_e{ns~||_SL)x15q$<o~Y`LyN=OuqN0zUNDmg^(-It-5c*)k
zJa6Hf{v*BNz8d(p&5U9J&%Pi}EjVIr;1h4?|G4`S_$aEZ-vkn9Fj$Sy5Er!3L=zQF
z1T;~Q4r?`ZG;V+!;)sBw0+J4(C<Hn|dfHaT-Em_^9oKOgM?^qKK$CzV0TmDzaD!?a
zCAdI9rQZL4ZgqEc5*BCXd%y2JW=vPzx^?R==brtX+r}Fl1(tji*rs=!@hMX?_U0_i
z7+QbbnyObuaH{w}W8ia~t|s=8C!cR-ABoS0wg3!P6*YaWwL6z%_}r-B4tfC<glV%x
z!3(V51krdJPkoTaBSGuJhpku~9_xUj;^Q^c<L*o?bw<b0UI86A@_Fw}oqV~M8I}Dz
zy}<KG=>1XbLFxAB`E1PA#sjf7GGIW8y?^up-<Mwbj{?q#Pmh_sq~eGK`L-dDBzw^{
zFEpEvBzypSz%Rg*ZjvDk(R7VPtLQ8=|2KNDKk!K}QaJjNX=Gfc*IZ-V-BTQ=q1y{g
zFA$9fSn7QBlFlsw26(_ou`<xY5bp89>Q>4AIzlr2zG30CG2Za$HQvy1H8__Q0mN{b
zj<&&i23Dx~>>@l3lxNd9o3`^<-_Zj+k9C1MkM*PIKNJuKrj?}lyQ0T{Bb&TrX5UNf
znN$Ww^fS;yk?%1o|509SF|ZKZjhB(4!W;aQx=TcfmO*&iV{HByDm_Ifj2UO`z`iq$
z4UK~Pmt8BkKhB&0|Hk2s8!vPMjBQR|_&P$)lkZuO(<Ry?v11Qo{lU&*yhmZ*+t(k+
zBz|jK|G0bx-enl{`sfC*S0;4U?XPd05^cvD-F(k~rZ+SL6T1<-t|26)9SRI%jUOuY
z&|rEsIm&=DXEYdp`3HzJSYM^XqFjf$i{oFm)e(CG)3?Vk8>u(n7X6lU^v^vqM~{w9
zqK^sqD-lY$j1Ia?ZvzNeT!8BoW<vO!8$YyIw>>L~JzK7x&9gmwIQH!C>e+L)XRpSd
z{YgEmvOTMdJ)5AOZL&Sv8hduJde&fjhSgX7JX<|u>{DzEPF%|vj^VSwbU-CHmkzy#
zDj2T{Mw_n2a@JT}ju%wfG}HAp%R-CYwia_@E!L@L1-56N*t3_^vl830k+Em<)U)xn
zXEfwUFa3Dt3oV|9TVLq)`S?M27M3rTe;@h3Q~jNN;b++kulc_53x2UxqTA5(hf!Uy
z0Q8=x@gsr7q~+vPLyMooh3V?7+ONV5+ONmY0ot##+NVA+)_xtT$J&2yCOi5%g*5cn
zzz?8K$G#eZH=`Me{=PF>@NquH{(4A7M96i5kZ(sAkh<S0_r%w0WB59Xa~BqGMYA!q
zb_G5NY~}{VNcW!vJ;&tZfx~gA2hd{>e(PP-zEoP@9;_T#OgTY~z5y4etBbS|psb|_
z({S>{i<tsO-}(FMp)>?&PRfjSp+PW?La;xbI&f0A;?P*582b-%QDiE^lmAP(`6#*>
zpK=Nef(3yl-P)T<ziejDpTW)~>71cn^M<BiE`~#~VH(5TyUYkI1mFQst}G;I+c+QP
z>`tOT?2D^7JOjMbj7D$hY-2k35}bXA^$)$yKClDEf)95q{hsj>gbMMhi21LZ@B3X|
zNOW9Ze&QDx*}TCW@;=v>-I<ElqgNY~V(;3%50F#u6aM)Abm_HvpYX@`&%yf^#GzLN
zK_iPr;l)+Fez*->&%%odI>wT15FNtP-Nq&E9i~2O1=oojm481(G$_4({XwwSH&=2P
z#^>^rm<@}+qW+6){xTwv*v7Ay1p)Hveg^?(F%d}YnGt)IF3$#(2vB7csN4Xmk-pG%
zqXnosXC<^%*i;*C7qBWvC*v4mxhmt>6{yX_h3R@x6?5?R{dd1ARy&E?vPx>-p^CTS
zM%Cuzfc~rE#&|KO$8=q&iWSJQ5dyU7Dp18aGB_5yrMSB)_QZ<|q`18*9vLq#k>Vd=
z!3Q``iWiTU;!joa+<0-h6u+yA=f{g5mg1LH@j@xao>=@Uu3}pNB+JacOKR9@7<dnu
zzAas!X$<HFU0-PWGyqUJ25o$`PGE|Yiz3dpQLl=gQ$?I<<84(`rHVMq#tW*56N(qN
zvgjdI#K}YvXV<7uMVv?!ab}HMR1qf;MVwV*lq%u`qKGqU3{yp%JQQ&@jRIA~i9-=*
z(#TdtoHP`17LB7+5hn~qoI%5^mods@g<j|E89Pu!QvTCUkt~w^i83KF2wwwC2yQs|
zrJlQ)N?tuQ)v4z~3t6wt=HWozP#fYg_`%S51_#IXs^fjMH};R{d9aaT8WuIzQ)Q4f
zf@2$sgA-s2IfG_Y2h@w+&<Vw%aSpO8-oj6nB8T2g&;kxf^#&o}4cr2;3+Nb@2KXL5
zt36Vs&3y<{t1Z|B5vCV#AR=c=`%#2(qB!A)gnq%3W!SAE!a(;qhE5V+BSAA{vS^l|
zzr>Cg1<IM|Bcw>FRYcv5lE&P_pg=*Ec_4OZ@{?Ii&S5>yFa_3iMs`4KGwyxV(z6K4
z<}i(kJAW2&?#}Ny*}{)Tj-6w7FR{sU!C!o#aqOu-*B9!EiNT>lkgxFTHCF>ih6XnZ
z*Y+JTwK3)iaBW|L{}9$ObY7fSG_z+-v$Kw5=92L3YVvavu)2GUSKzN%9Q;1|EzTmM
zdD3|QeL@HL-|qxVE*svA|HYX%ZoPJhn=?*@JYsu>KtosM6zfcbuD#X~Y8R9#rW2}?
z%!rQN1>0IV--+|jdSbkntMTS2|IMf?slO1-IsV?>&;?t)wS%{^5q?<1glyu68+_Vp
zg?=)+o8+5oFh84&4*@FC<t@(7wJ`q2r%RaK7Un01^RsO0_T>3_d5xN%1;{uA^6}(l
z&E_Y;|3W}75K}nT^=uzG=<rRHLPROxT82@8fysn8$`~~2B2Le0Rd2w_+mnLRAM&dG
z9};xk&^Y9HLlfbD1W6-wvuI>8ISJm>ca_}@DkjB!K+~9M907k0U+`w^(YAVMlGAd-
z<!L93&DTTlvRh=z8`$a%(XLJQgBMOsxof8s>g#suscT_PXv7&1#f5)>e)oaufm;7n
zMdf=_{U1XSvvSs6wo`T!4IRO~^xMf@JGGW;ldXqug;8{m7D&O^phc-`6!(abHxCCw
z=;lgz#g+Cd3Y_28FK{>l!3)K~^MNL)K~2k|{&%pGj<&6_?d*ycY4mY?))(s2$gQ7=
z4~TLq)9A=nP8;XcW&_^9H*D2IIH@bOuCxb}L9QOFO{gBL-BbrnZU&5wG&Cw?#eTpK
z8v8yn6@R?v4au8wA{3evs!%n}stR#e>Qx{Og&Bc$!Ypn*4r;0i@NT+}%Gm)<;@6aj
zjz_S@etOLjh-bfm@PWGpyeqQq`tE*747S~`gu(VSykk6jA?sN)pylA3T1VKK;6zjW
zt)S^R`<RTc4-8*#KmqhW179z$`+pC<_SFA3;OjNE^1lVXZoe83wG#wN;A=SVzOe54
zKKO#b*YhJ|@HM3PK=Ae5_JhF}l%j3L&N&NE3WN=84ql+tY1aF~rI}D7Wx`}$>?u3T
z8@gGC-qW939KHiieqSf(t6rN%(=*w4Dnr*m0D;I+X7I%nWo&;Q6p@0MVDDp~igAPf
zV&CV)k@VG(kFe*Hi-@?RN8^tko}OuxwFYg6b`>r+dyJ94Y^O$t%@{lIfD|oF25NjK
zJI&Z8Kh*EV^(h!B1i`6yyu}^KLyMZ&y5T`s))Q8T)G`C)&6#YQ#u+;+{jdi$w|0*u
z|CC($IaYqErOJh9KMlI)rtNF9Zy{D;&M?}dT6i@fRX|}^J_#&$6C3zVC~MIMe%evW
z2Hq3DoTyK}5r~M%+e!3nJYYa`4uME>zVK?`5}k}~a9gW;<_RKkg6cX`%8pWzu)!^2
zXEc69_?aF;o|3EJo*TLncpsUNjY8@YaZDI-?dYl>v`JO4dg6~Bo?xgz3n2r*^ZcML
zR=5&x_s@RpuT9K21GiAnkJbFuV+U#*8=@KDKf{B~f!!O5kn>{@RAe5Ik|i}fwXypq
zea|Mi=Xju@eAijF5tr{0Fd0e?S7?GK>>AJ9AY9{HQNP8n2og<|C_$Bn!;kMxl&@~A
z&gTgv4^;oCEvd3Tfzco{q<Ze}Z~~G5jMX+)S5}ej)yw+Rln(I)94n}|H}Ec$VpYKN
zxR0E|g~b!-&ZmK=n}!|%;B8KqX7+RRB%zP3wjixbMb$LqLz~zJ?N^}#^(@Ou)fV7W
zKFn|~&WQ~7Z_vBLO9L}JH?7OufjynNiCjMPKu)`u4Pi46#piuBjj%Dc0udWnV<dkR
zyR1g_Dl`d8W*RTOqvVHwA=M)F^GWbA65f9nh;X^E0pSp^!N}~!{SRjXGzAAtXptcg
zJGlDI7v2}X!CH8%IQ$M|#q)gKx1om_`Lf`i*n&6mBRRsr#0ex5hWf8SI{1O%X=YLP
zT1<_hr~d5g{*4ZR+p`I>if35ir9V5%J{lTMqn`#mq6q;y)JW*?2d3+<<G6hw_@HqZ
zC;kx~YU2+D2-t)4{!3+Xt7r!MoPdOR&eT&Gni^kLthJ0`BEUjfg<))i$aFKmtEWcv
z>b<RT!sQF<pRT=9t%vmnU-vJVOiGe;rnMWZO<5@;)^2HNi`A|NNKZ^lRYe;cVEjRq
zxAz71XwkH>@KK^yxMNtj^R8L%(?t{$usd~+XF>VcfT>Mw>oq-2&jPb(Zm-n-bN%h$
zs;#4wx51`k`j6EEw>6}Ir4PI_GJ$)|?7W*O!rRLd{-1ID88BgYso}7~>0cc$UfB!v
z)N1pKU<2~oV^}cF?1dAyc*9`MD(IF0w+|T3r{KS_G5??leP5cq6JS*soo2LDzp`ol
z$s<_z;uh*guS#loGM#w*xh+-fnOrd)70Z%+pPKhP2?ziB$L2WLKv}d6(nYo8i}X~6
z!ox4(mmBSpt=wQrJ`{f}(kDl9CjyOa%OEUH#eRZtK>sRBk+>N*STXTR74^u?_;jGL
zjlUX=q(PVucet>d-7ppt@<C1$uSM2wCeDWZA1;9#(xjcR`33g1*0uic%UV{5<RO^@
z_s9yZ)GDtQ`cwk5)4mScefZqIRPBDqVLXhGqP1h4R#7OZt_cm*W+T#7(Ks=lT0XeS
za}4TOc#cg^9%{s?+DRs_+U(6VqLNmEQ^nz!%9q#PPR|wy>@%^K9&7m}wYXZvQ+!N6
z;A254B0L6+jX^;Ibd@xBUm>)g3r!yiDg)w*s739$z<Z44_>H=(3NaP!9^+9IlX1BO
z?mX7|U&77V4USU4tueLqk*ISe{f*7+KaZz8YZ-20T3|L&B408Mhcu=9Cv5n7)(+}i
zb+IAop>shCKo9yC_(F>sA<2YZ$fQPA{M~9Y5l`aP1~&Llp_7sW2TrDRO!4ESf;Q+H
z9@G^Hg~ZifiT!Bf3-<?*O)l|;Ur1py;lCZnZ(+N&_l1Uf^w7n6w39CsDrafvzPb1j
z@ktLt-3`3&fF}`skQgZh>Zo-D#r1}CAZR8uA<w{Q0T2Dtbh;*#EP4)oHeJ21gB1bk
zlQ;srJ_s3gkis3U!xbEqt|E)(o8U`X92?W)I8c-&kE!IT$YL*HewYt%_MIp84}|K6
zmH8yN-#DW;?1SpD_Xbm@ueChX;hxG{(-plIx+D{Ps5G*ujt!Cweh%jy*03YiJO4nv
zQw`5ze)=_@JHEwOVo*=L$G8+uTF@}`9YoIEI9q<2<cms*|6}3=p}xQQLKA5YJO;jM
zbOgzXW>d#iPcMy};@~$;<b8>U!O8M)m4g!-;1t0+S))}vAQ?0j4|oD9;8a?h-y40W
z7!UXo5DSj&Rq=oxOj|+^=K;+(T`R6vo+1nYB#HD8m0lKMhLBi1pwq$W#&<I*(Yx75
zA|9|we{~fP*f}y24Pc^R;zWa5#UwUQMk=`-J#-m>y7)k$fZxYL0dw<r`$E@)9!V(R
zYK8)O!^eGSg#v!4+*6``>5sr~U_-lkgl^^q!K?;#N2?l3$yO!D0^;!CPxa7oS$g5e
zu!070!K~|Fd4sE?9p=eNoUjTMe(2ANhyNYJY#5nkj}x*npxwrUf8TFLD>z@WUV?4e
z5j~ie6=P#K`aH%g0z!GzFJqwCUjTL}Ek_SwV~<8S-&Y9t`%2D<2fN#5G*&P7tK!se
z;Kj{z%=JP<dX=pbV8MhS-tSi}9`EPj%3#eG0^uxk;~HT0`b({Fl%QGzrVWO{iIILD
zM*5W`BK<1)3e{Gzy1&A26bzwHqWtb0Kw>%AQ8U=-f^Jx;Wt94YV;Nm`O7v`tAE%$t
z*Q$HrzGvg(wrYMHWPk|+Ml)Tv0})`;$#iYPcP)C};ifKevd49Em|L|4gPjrP2^9To
zBD$>@e9<8AM=R+anTKFMjP~6ZY2)8(`iI8kqXWnH>A^d&c4&n%N62qQ_x&*W7Bm@)
z?%QjYErsWfFL=FMjYC$A2IW3krfVV4gNzm_N8l`6);%&22qc-`l^5_(tGEQuyur`C
zxx2O5Q*f=PBK|Y-0hbA}2hC&sLZ~C!_1qf7`t8yY=m#3M(|F-2Zq#D@$26grVHT2N
z{DNhWB5>L-9>l}@WN<fC!xN(KQ!ikK2;WH~(khW6-IORc$^?k-!y*}Z7sFvL_<8hH
z9nm~0zE8W8_5}&;Ti=;0mBAxqCA2RM3#BoruM{<?s;}_C)R@GlX|sEvNbo@xE{cOY
zeBlWo(EM){L;S2z9<Zppo`<V<#h3d~oi3Ecz}hJN1f`KRC`7E^{fPCOhgiS65bHM=
zv3?bZ^(%k%$jGf2$*bKXllgN*<VOCaMaJ+aCqnKAp?|~q(=Ku$e~uQ7AVUAh{UG!Y
zE{F{MgQE>Y|BzCYp?^#^fzZF>`O{JIG$8bk><vQy+VLkn(uzMWN#%mjzn{Q(AoTA$
z{u~wA#-H|)E&OprHu2~92)Q4G{;lFqm&gkKoDx~WpH7iC_|rA=GJlSXJj<VMk@@^N
zIr0d9j)~lhAB0n7U{(sw2j2>x&Ia&?Hh~mwHd~0C_T~$Xx_7qNKf<o=s4j|cQa$6n
zLKsmlS1}820Hd)A)sw;i-(rD;0eY~qfL33Y&M?3d#I|&PgsQ9#8_*=e08i=1Re}ev
zQk&NI;fF;+?UN<WTym|#tO&{%rjpg#X^g;cbP68=p?Zvm@tNqE#ut5KuZMf5qh;27
zJG$45b~b7fkNCn6bc<Uunq#~adqP9aNo3S-d-PW`dbDw0?192Tz%7}^%r}&<eCLNG
z=7L}1^3wlD`X=Wn;##Wg5(3As&`7o@=PWjvU2luA0>7NT8$aOO#Qlw8^AqTo26WU+
zcLqUhWwH!(C}mhFI?}Xr*Psl#LOWl+$2igI*r`^>)~{#B^o2J(J$Ut)I|lF27u{1^
zRB}td`u;X|teAWTV-Nh}z`KHhAvXhG^n--&bv=)L+OC54URbvi=m{)u1-ySTJZ!jA
z_#DZ;qC;`-9}rv>__8%|;$+Cs`&&)!MUT%j_3-7O^ta-_Yau&}gp`m#A)wrLl?>c;
z-GU3e9e774@2TX3CdToT_p3!Y1HV+G3QPLhWn7^>#>#cVivIIlZkJ^L!#kV#A0|ET
zcSp15T;EG*V-8;fLcPT}ojgNmFz8#ApFX6HGCHc|8NJ{Kg6AUFMD{e$r=%9P&^&gi
zk=qgPZpFI<p&Zr0j?%$|>RIi#;g&B)TWK5=?L4EdSRA!6+3|0}Gr(y$XF}|uC)X*k
z%)~X)?eNTP_-7FXw3Hk6ireu-Kz|gqWzh`5Gk7KS1rQf2Q>;3{X^(M7z0BoUAVskC
z*T|2($M^;{?*1cVz3msdZ3ZVX&Tlk(-u^cG^CbChp-dFi_A~`%GTvyY9`d;9n4L@f
zYQpWWQCoz3vH-XK^#m(OZIGr+*N)4MKsInxVoi9v{|aLQBQUUNI2d6Hp2DvM)@rlt
z2ylc`u%Q6H-kS6qag{no5A?~N4}t}^#xdYNv+)7EUH%-3qDLCje%q^v^iM1XV;V#b
z6VrbL#;ld48$mz~rW*T6_{ae`5NYDD9L;$N^5{VMsg%CbEuJfm-WqQ%K%&i1PvoFi
z_ZtW9G1+-4NFg|CIn<eQ#PTk}Qjl~<$s!Q>%B62A7d1y%V(7O)#t&I1gM^;84tSeb
zAxRO@1RT3UH#)p9br@HFZ{ka0uw&5S9c~03g4dqT9Ksw+Un~v;KQ2T<@LPdt!wP#*
zLv*SR&PTZKA45Xx?u|-zpG$sF*?~%y4#vyI*S#%bCEJrw-->Tx7ra1|3T+^O&=dqZ
z2Wy&jDC(gt@z3|bT_L#9vTRQ5Q1k{Bn3h2_l8dzw$OQ*&Z2LP-jKP^}4t~JP4_I*A
z4O$Iu!8g_j96xb3dzAoS=-<_TlYGisN60p6A)oTefN9&FiM75KpJnSKRO_B5t;g&&
z^nJ&OU{^oK_;d$0S#4|LT<%!zofDCRvTa#fjmMpeRnRlbAQntg*4aA;=P(+zJ-+Qx
zDidgHbDE{hia$29Prn#ru-d0R_HJmzpwWSzJDfiEY&-*yCZeVYewZ_8lC9u}9N9C*
zhP~u7YmHIi{id<E51^B_Doif<r=tNwT+nM*%bX6Cm5%NA$S+ZQx-FqMj6v~*sqr(7
zPa#Lq)Sti^2#qjym&tU%F#}esHr7ZvHQ2OnSYLARYAme%3tUSLGkXZ~<PzKI0W;md
z5|+Lkg@3z#t6;+x!Tu9)a<nS|hMgEkt{aZsgqBAIDep1vdrwAld#_{&iN)_E(qf-y
z6zDDE<MLb8D6onk3+Py;@wh5#0i-@CZxN(?n0bO!n(EGXJ(IhWY`*}?IS{gR9uQdq
zIW8+v$kIt9lV`ftUV?c9D#;UM>BUocl>%Ar7G&uKDpknxd|Vw0Sq^KokmVWyaUe_3
z$^^2!Y8s_D7-OM)fb>rQbQ;gTX2*w4qqZLtzwa^bc}mt1NPvgCTnC*bO%{L=|6l^p
z>7oEChQ#e=vL67+&X^ml$jW{<HA$}Smx8r}KN9UF1eEsVqjHQNwzF|4aU`!xF*bo6
z5%vOY#kLX_#LAOE6%w(a6?5H+0}b~bGe@xCUE2f;7JsL(pi^PN&-1u^(oL#9qMi9S
zrt&2Je)Z1{suM)-2s?o~NqQ2!QR*Y24agfa@$MdlJa0bMLY{si&%xZIfBX~CWDO?i
zZ4pQ8^Q2WWTS~+QT*;O=+sI%4FB`HvjtyGK60UY2OK_jPvrhKHBoUMn*i!UgiH*=N
zvTRC={E~|HDG-b|6E1UREC0D9A=u5O&_!K`#h1`(i~Tzux29`45LXnQSkqyQ!Xjb&
zlx7+iY(tM~2RI=5W1}OfmtadX^`O|2b`SBvA?tV`d>N}?X7BR}a}5Y-%3)Xi2rkq5
zI?+Z7qNd`=^t^n9Ox3B0oOyD{fTBzbmAbj397gCT&V8-XX)aLd%jYDc()SI8O1sp`
zgqvq3?{+JG;}SANO)%q0dgvN4qX37+%_v)OW1+^=FCuDWBrd$g>%<{4SgWw(-mlfJ
zviz)x1ULMkSm(QI*pI}DQy<qalGy?03Z77bAu^sYuw%3ygmH8~4BvGF5%b$&?mtMF
zVcG`&GO6x+7FEWI+;{*S!_Z*4@=)R^VM~l76PDWhYJ-WxJvHnmf0m|F&7e<bp_p<8
z@IPc)y?T3re#Gt2o<m`YjY=w(TBlc6chK|q>G{aFRE3HVV)fJwdi8Rrp8tcMT8}H2
zp87tjb=32h>-kXI)VTHh#`vr1y;-~I8Ft_|t=E<}dF_B-YFa;0k^Mnutu8@B!EWc*
z>G}0~KGhYYlfx%HDM|dX17L=Xc{C$W;yePEa$od!ld9vyo{7v`E5-*8jpM-Q$cRlR
zU}mP!!|IxKp$n4(M1gL2HHl?8Sc8$MwIr)tYEvO_{$>C#!rEB^^%KHdA;645p!9<D
z>p(M>jYhHQnm-h<Mx}OtQR%^IZk-ep9E^N0D$6`P#M=0R@V}+N36d**flk>rSj&;L
zWmKUQV?ghyj0FRIDMHkpS7qs1t_r-?a@ApujF+B=$^a<E4lAd@#hGk2{F1~<`@&Dl
zAu9~tE=PIvRAo={h0q7;NrMBAXQc8VhJ?>dJ6=p6RK|iWfHyGXk&8Z7gE#PcivMWe
zdEk}GR#@<f8vBize}yLKA55(}A5}Qn{N+E&!B7XNd1&HpdTgv*_yqW=FHz^Su7j1G
z-IF=M-o`vLOu34O26GYhz%MYL(%t0yV$39og~N;K6mR0OMLe%9llN|RAUY7u;LKZG
z#t$C`_H+T)%03*8_@81VTH$<;_R`0J^MJ-ke%xNm3#xelH+N(K7qNg};V?0sgtR1=
z+A@tBzDVM4l^+4?aJ-3ft@3!1C2a0IW5Z2c&7D<|BT%GtZ==z?al!FKh`_ngzWj4)
z6i5~+Wau|~(ua`EPBB)W${JR=0#w6+N2FuoyKTJix7{W{ShfKIfdJpUG+rlYlmDw0
z)LS9#7<b4|0s-3jtyw$%=l353Li_$3#gVkU|Gv5~zW>}q{=eLR*M6V|f8hORKK|d_
ze;57n|L*<^djHq#zu`Buy#L-m=79U}se0LezEhg-zqxpn*ng)!+2a1|xl!%EW8roO
z)l!<YWBhh9n>*0{dl(zn7rFq}{gr<302erP#E(H$Shx!LX{z<y<=$YOH@Dswtn=ko
zP0bh@&S)P^%U_Q?tyMnc!>Rrfi38FuhObd8z4{CKHF<rx)r*NgA&H>P;}O3Q+~hm0
zzhm-vqzgx2DuVE;4P+0*)3UFT${H`hI)<YtflJ-O4+l5vr(NWjT!4zIew6{QEIdbj
z=I@+H!(r_ZM>@WOUnjq&*ODNoM2f_y2yBL&mfqZ*+U(0wP_)E>XS6CfwTk(;OeA)J
z>CIbMD|rzrQ4{0)4bNjq5jY<7lP(8t|0v0kQXJd}Hw;kgH->@9EnK6`=>rmNW5J+}
z5+tn$SDCK5!8Cn~D_3!FpICQsTs&TY)K79$0vkeE$H?(0fvHMNT1W93Gj|#i4PiAd
zaOSVq3#+jj^?L3)J-A%YT~!=>-<!K(suOnKcCbrF+u{$BprW7jxXZ1RTHj6?hM7fL
z+qC5v1_&W~33oFD>Znya{bC`?2;>D3#;8o!FGYycN&N=tyIW&Hk+&0Z3j3wcQJkI{
zLAE__?)$3EUdt1;koTY(Z&E&VdxH}|>&H-V1QCi8HQsr!cEV(86-+3m7aCdxeKf@B
zqeuj;;@sb0ng(#dc<l`j0WpF4j}oeb8mkq0?xxbNYywUK9wE_S$vl~nCor@)<HC1z
zZwQhZE=0TqM+_ni4KqyJ@0LMj0)6%zQ90xB1h5oPX|nwqQ0}|3%B8WJ>JV%Kb~s|6
ze8fBnK#1F9uyY;0?yEy2)4LqC9<0|>H<iNK*XkdJ2GUxB2P56+uLJ%Q02BP-;$zM}
z8wl^Ads!G<Yr0<XP-H^38-NACGzKh$h|2FJUUnxt>Nf7~!tIQhcAgiRy4R}>SVQnE
zP*Y6jg<#rhc0va?vl{ZRf3=gh*xdA+LEj4$Qy(0Tav0L|;BfS@jUL3_uN~}W|G=XV
zFWA(T*k0U1WGFD|A&hnyk{N{uZThH_Kq)c7C0y*0GHB#A52Q=sXiIP#k8FH{SP^_i
ziSf&Ef&#;R_e@2#u<I*4S$YhbH~!q6PmG~sX-Bj;5GWChquD8N7W6T)<1*3jBfSB<
zWg*@6GqdLoIHFnpKIoeuVPTANP_V;*jtz_-fSwWem>Iwa60fK%R#5~Z0UWTsH-G~W
zcLmeci8e=IC%s7qJYR4U-Ua?j|M*x=0$N$vDebF28^?b91n!W1?wOyaee>t>3s1)#
zY9dyNc?(9ZQ0y3aYhzjGWb7Q5Pm$XL33Act;t=vK>v(;8aj?OVg9FuoMaF-qKfWw!
zDP%0rJT@5%Gt;$CjAaPSs2t1C1CFJ`VUGp5Jg5(_jb>LTSy}qK!6OkHt^8qxA7bI=
zz9|bQ>qXrqI#mYLC@v(X>z{p9r@Cs+)|zt|#4Sk=4bYgB4aYX?3vSNWJ@SPFHN$*0
zljn+qtC8?o4`O2=ISNeBia(9<fj(+1R~dsA!{`=c1j`0e<d{n^1L{3T5B*ETA@QoX
z9Ppy?c!eHX#VA|{8c)+I|3Dxz-`6VWO{SaGk&95^UHZ_2ugsr)?%ieHWm~qk`);VG
z^|Rvn6KY_~q5C8js`|?`y|xxyIgIN_h}yePT5|pjy>Pkz4|=FqsxKedcVMccm~t$f
z#E~$%T|?PcFFKdW&ojDeEi5-)be()O7=Ng{@kXOr;vrWLJI%$g`G91m0bTm?8+{Pr
z+b!2Bf5uxx(|L5o7TLpt4stKHE$5b`)CSE#Uj9ns`@6q4moek3@ifkmQLQqJWAJad
z!!BYr6@znto#fUba}smNAprEd<BZlQi84(O|0}B;_k;(-+;2u+!)u^ik}c;WJcwM3
zLEs<@SU7RI*dkU9?C)4Q3hYLe&Hq|k(5GXdwmx9C)9$QfrEpp~)5oO^p;rogSUzVr
z3_K|gog>~qH{(O<RH_?r<t-fI&}LtQt4I)k^39@!I9d$$(U`wK&bNGfpthiMp?A+#
zZQk;t!1DT{z`pi_5c*cywP-;roM(o7wX3imgTS_=)|ak{I@xXHKk68{8%?PjtztHN
z2eg=nam8{WVYXEcJ2%QOH4E|6nq}p<;6Gl^Q<rdf02QS(<9t2{r(f<So~ckt%Hq?x
z(>VH*@8!IopE{r#7D8;P$dC$|GI|>JT05XcIT^!r4L(=)npW{9>ehH#oiVmH<%~15
zob=0Z-i)}S0VB#G>xun>Fy1eXH-MDm`^A3(C2n?;xF4=ws{f+=j@*x8O31REAZbgr
z%1`_QC4l!Sd>69|r>peIKwfZ1EA1(hgtr9r@+|ggv*`)~G0?gG8oWa{u)Jtz#VJHx
zfFjd%YayxTyKr38D$ZjaVOik0Z@SLFBQg>ehy%_&_+kpaD2H~KuD+-MOo)tq8R*d5
zJm%><9z}8B2Nz|`LlSKT^UQO7@jj;DuTZLk;7AY+ZfKHAZa*8jB#2E#{*?=1U|#7*
z*7DS{HV7)rEQO-tF6(t<kb;U5|DwzIXv#O-2Nh%pxZqXz{jY+~@f=$Vp!4}A1v;l<
z7Gj{o#bXEjHV~=-gJOYD>jG=${J;x#5IQPsfl!4gjEDdlISxwzS1yOfO=E0;q*a`P
zNk{-wMb=ilk$@+qZ;@Sm0y%l220^}FYGRX9H)5xW`paTEz$N~kopuxbEMLl+FC9+b
zd0b+;7M>zyz1Q~zZk)B(iCb;<edu<Pda`WT<#P%)ynAymr4Q4Cb^4y|diA$Q+_0Q=
zi-IeQa;pd3ux@&1+*E(tsp!V#V_2fSxzZc<{5n{Bv-9w=gM*i*osP?l3vlU6JA>yR
zAiQ?#&*^$_-P9K&Ja-QX>zUS)`-)4%eFY<cR`EKX$=-s~2uM{O0KF@DmY_<4=q+5U
z1s+757Pc9VhB93z0w-{rT?jl#$I842bHuUse{DXW6s|&HE?;<H)^MmshhxvV9=w$V
zM`>u33pu1$VB?j>{quJcsa4z$Bn_+3uA5o0!vZt}Kd_l>4}M^drRSiwQ3tL#(x2T2
zUJmTLZptazo2#lLt!`M!Nw1D{ym9ZC+<n@c>t(Jn)n|aB?pKxDmu8eN&zpN`+L<u$
zMLS>#hL7b6um*(NG;g3PujnnpfHxPxIj*m#C3+m|tMR1jtHF5-_Z_7A+FtebgJY8V
zdK~-uU^}G3<Upg)AHr4Vm0nyg$sAWv=ioRPBrdBnMjokznM4hn@D_i!;ui=TXS;BF
zRDJ=wJTMNh%71a$jHB5twQLI575q=W#e)5%G1$kb|9NgYJZMoL@W1W%!T*Q^{9o82
z{L}eRt?U_1S9aH!+#j&A5Ha%E0dA&)EpTT5kwYqGTy)TN{&h<8bxwIg*17WBwnS2-
zl(|s$TD%Xn{vf{NDcDcKL9{RwrB3Zif-+i?VUumT<}T(5<#X(_(PIbH4$KDm^#<NS
zT6&ZMt3h9mlPW42u(}d5^A4Z{>k4f4AFQj6Ee8=oY16?-I5S&bS8euq?6wxxc0&Qz
zwj7=MpIP6?kK8%`%^~*aniwM5y(Ita{NBVo1HkKCes61ph2R?7*;STU=AyTNEmC5e
zy3=E7u}jl!i=9V>h+9e9@UMqN%@xnx>MLy20%FZUj)&30h;aKF6JSe@d?ssnO(s+0
zjW1ImL1?&TIwI)_2m%rVY5)v<t(>=FjrzCIZ`1X5cS%f!wU2*MbnG^CZ5ff9{#Ifu
z_uhUsms{B<DY)+W!oHt373Ee9x}i?dvk2%}HRxFt=vkE>9zuEsA~rDS>qB~$HW-%!
z`<ww`M4$DGqGum~o~3iW551*Fu_K4GrF%=oLu~0>EM<(?#8$b-U(_nU4)!9xr4O>o
zrQMjt!?wbA&E=MkEg}?XSbVrW3+{gI464+AmAy@AsQ}WFWJnEeiToma35mWyt`36K
zuIhc5Gtg5i9%2SgncRE^PJ2Ynz(#ES#0)U3z%8-bg!nj|>xG+=W&q5#@uxeR&j3`1
z!iWF82UzsfPi-^chX*MdG+m$2-jD4wi82IS^ngi;P9b_K@r}h`5z?nW1W6s&1)O*=
zX*WS>6;7|LqU!+kT)2L#qXO@8PARxPa!44AT+hcZ|8Yy?5e14kf=U!rr4kXe9)2vV
zoVDPue&tnUP@zLkQC)?5PhO&{ssYXudTWV23(}wM4fZ$_4IsbY>F5jvixq4S{JwlJ
z2$e>TRlOrR(_s+%4916uo}zI*ej{^{jt4mDS_hIjbZ$>&ibyL0tHyn;fJ(0Be#L(&
zh&=}5GZSSn=Y{*OAH#+1@X%4h9*xG2jXiq41KvD|J1*RJ`gm4!oq<m*WugP)^dr~=
zbdntVnf%6H7QcIO)Qs%Jl}*3XkxxHC8QQs4eeh)U!JRUiI6qdv52}+0l_){m?gyzT
zd|bVKl6u>~YvATyOMZJ_28>Ws@r~cElR+(4wL;0YK4h(nP-~;A^_Z%4eR8drS?e^^
zdQH`uqH6U^t~Hmn(v5W&iQ-X$b0tzB&zSHRJn5<Y*rmv6T!|vV0nuaW{YGpM?T8Zr
z+ee{ph1bw$(bnP>x6{Z+O|CK5*2t3A)PhG(iykNMTDQC*qmXCpe+1uSJMxDL06@HH
zY)3H_YW)zVWCc7>Ndp(4h^TXoE|n_K;CQK!P>>-$KUw`rT67@o=Ln#&3`h?jpB0DZ
zE~g4K!#%9o@gGX}`FLAY5Z&jzO;`T)>yO?au5_QB8hY&WKe)KWuKT>&t}J}V+y=O_
z@&`yClNFvAI_we+#_8y=*QWA(8W`nJ1ISDa;IdpbfTkKxoL`~_@M)XF9{?4eNrN!=
za}ZDw#5A6F2b9M1!M|~##GbV<J{5~%Q)G`Hu=JtV=VQ*@02I^pw;a{w=K9d_0NW&e
z=uG*3V!8i)eQ58$+w`GY<#O)RkV2(`&2ScH0-H%}HP%I2;0)}8UUU_KYTs#y%P<jj
zy%Kkj&3V=fqQsr0eHpM8&(8q;U0zIo_atkEJKszFUFQ*U=ESbD&m%p6+Y<ing}bzh
zV@aLyqJHCg9Pl=;D%QX#Gys*{AP9<;m*E->;oyqYeYdQP494xhrICH=WNKvN{rz3~
z*xx#mTR)^e_N=2I!zJ{wC-D~iKOpidTDL$BG22AbQ~yW|Nb4E&u}(<Eqi&7qV>=_}
zE1{2FuwCh6J>W3z16d<s#okNkV?77c$Bz6K`q-=R8qJBK%!JNLtDGRSOU-6NnfY(?
zq!un)k~Lq3mVVa}+;`2DnZ6pOk^07|Mgc5Wr8H5QqRi|Ap32fh-3s%70Oxb4Yu7~0
zy)CZH#JGh?P$~vX2W0@!A3&MuPAH$ii$q#s3aD&ps>~cF3YYuwT}zqy4A2sknOZ<7
z93>gGgh0~?h2}!+Y-(D3cu1bn89|UsiqdID;Mi=*9^5t^wE!{S*m?H-G8w+7dMadH
z*)qBNtR3^Ij^io}ydKkdGlPcGmGR13IKrXb^&+k!r=dwvot~eSP@OIna{#Tq!m|Ac
zdmOne3mO5EZqS5x!PW@lVY*u3U77Z7cu}cNcY>Wrz$sOym*J?vgzB^_!e59^>d*;T
zL>&j#oT97uRI<|)g|YHeAO%x<IwJFqTlDLo;IG#zpArC9tp!WcYEd1Ul-Df%8}UUH
z6NQCIiy@5aqCge2_>Djw{UNBG0+VXdg4Tm7kgwu+Tr0GZyKi8y_LgOl43zMLGwx|o
zC;MO90e|A8wXg$*u24JR(jyZ)fG}8vQQCLHS*OK!!o(A;C3&KWT7SmW!_moZy1=#{
zw2F@iC0MO__#ivD6~BpXVbjT0!S7JP8SP*=fWZL?FjcQ^?5DqlclfWI-kHb`sCo7h
zu}OfZrJ;pE_4jFLJvI$(vG5&x^*tZ!n!YwRjWJ#A$vMEAF<tFH(Kkzjw=gE;+VDF(
zT=s0W%eSkFa+eRfVY8BNqmXY`K)ziL`F6cGTtxZyxKU72U6ql6OQpKaIMRy)O6~gE
zB7!LKCbOabM~aQ6c=J->SDNF^&eaNP_F0;I?jEh8FFsFUB{M=&c_0n)-_ct^XkX!F
zr9u9POo&~BOk<f0gsaNEuJD@3xm$rUh}YhO0-73RXJnjJ`@go{SEna7%UA$X@4NzN
za_+gkwP<p(soKecQaP&-RI^BUeTDIh-s*(@f)`n7^#79xx)pQ4Oh6)das+8>hcRdv
zGDr`$pU@~zNrABPz39`^SDg~yXKhcg_SxA`Hrpvq7yrR2&Xi$EJ8T{2Fuubm{@P4v
z&d8%s56844xlI(F1EFpin7iDj%s#ROWww^2%$6E7wVEF75r{0J)ppvo+DHC@lcA;z
zQ`Hq=9#p<x$z=@p^$(Y+Dom59YK0%$R1E_oA6bF<Xn{^@6%RNp(0U9tELwT%$!LeP
zvK$XvfGHtEcXd}VH9}e@OpQYAw*kd5rTJ~$2og$Zev!;rTxou$JUXP(ocRL;YyCGd
z)9bC+Eo*}YV;Cw)eLh)Dy&hMe0{}};f}-aH4_<AmKR-A=8UlPYQsE<9b}peRy%|0_
zEdBYe6VU@p*>*sfqW-*2Dk@dep+W2QYmz`~$sDC_`j@3c_r!JR;8&>)5{>FXbm+(8
zRNlkVq5ld{5gj^$?@645v;Mack`4^x;kwS}-VLX(PC3*vYqM{|_Gw|M=XOuG$v6KK
z>m6zRpW@%9!~M)e9F_&u3jdx1{HuYzAcLKZf2*%fthmCzF>ULz3bpuK(-m2g#YY4a
z{KBYHcT?-=R1je4)HMvGiN^JqQsCzAWKEmv)Vqy2xK91QxBmMR6QTz{R*cAd_HC}s
zE=MO@u%^sC;h^h(XnV1;my!R-Q1&wLAIbJ&rDZ;($!!1ehq>iHl8T4B<*Tkt005}T
z%GqkwJAqv!Gjga^Ptq{cijs3na}9G$$375-9=nd63AH<5-XZ2hBnauyR))rIhdB#t
zrDBs=_~bw|b<q_`v#?^8nuVU!WyEKJ5D&z66^u&Q1##GKNzZ=bq~@~_6WY#)g~zUE
zw<)hnX@8FC*-PSjc8_k;vqR~ge$sxWXGiWZsMsk1x>4Hgd8KDZ9CP|b`xMBR69XPZ
z&ko7)F!by{4pe$}-O{sr;4e*kv+8QgdiH*BW3lw?x4Tf6Ebh@<>;vlAKikXr(I$HK
zD|bQuvseichtEV~F;AjxXwT+J^mXTE;xI_y6i!84F(V;N5eHfY_xV&q`xImN4^#}=
zwD%u<3ohw#G;Pz~SEEd{_nnIgDIGpWqu>PoCT+)+>CvC@=5-uoxbNE~tmvAAPblsE
zgdf?2rM<s}-zY>)qwRUn-k-^@foDotO3Q?C37;OT+Ih++9~`efn4kQ?+xWpBxW<;y
zN$tIhZ-2(ZaNq0I+o!6xf0P-HcefAU{+FuQM^#K!6;~x!?8J&8Rk4$*xCu2d0e?-d
z`0Y>I%;@#_?svna*Z)+trYF~Whqd~lR;{Xam#TGHa;+y=>u6(pA<o{zfoo#)I5&c_
zbmIe*!R@$J6p&!4`X|kXHvXLG<Y<|#*kfFd;={85oQaxo3&4r;+QBUVPUF{EO)UV}
zi>C1nifIApdzZ}u;E7uRbffdl$^vklRItgn3+LQDJpJ+Q4-eB9W#2gQ%>H*QF1PES
z#edeOf7e52$9#?f-=czFiAA!j;JX9alpn~0T3c{aRy!z+?g!ejw(2@sTcFDs*2IY5
znHy8WPu)q(LJ#U#7nKzu-t{C8>LyC~+qO4R!neCgDd9VY#O*k)$`$|PB!6KV0g;9e
z*&O8Hli#?d;Y%+b!YAEBjkp+XE8ioSLa@bzL#BTlcf^m=sKbK+(ozq~c_&P72dBrm
ze1WdFJj;uM5p^kW=huUeWtHO+T3YTz$Q|?@jCqGTSuoy>0*JDc;1?Q;3dDtuQfxlF
zpa;_=ykR6z^5ET^I69#~L5!YnH!_e%lIrk_Ddhr};uuCC$!vUuM8_$5aeZ;zQ+Y|;
zQ#o{Z1HRx5J($9t+1-?p)$MK#N^zM#>cdAX|Kx4rpX|+tXS>}$c|qJgnf$LebaylF
zWJ!HN?_}{`yPH##zg5rQEZ)g8d5cgMc#xAIV(3I)M0+<}!u?M+5rcJru_*aNOdH;2
z?S91U!(kqIH+LJ)AyGe<&Yj{vnRAfGDJtRk-Q-q1nB4+6B+HDM#uak-#2t=^IMU(#
zQ*acPhPkU|5g9I{UEV)=4CQ^Ry&RRVa4}bsN7eX6mx9yrEL}=ad{Hux<8e*tfW)E_
z)<icf$JIOrODa~X@_Nobn1X_6mbO4qL4w(|qPc@o^Q$5q@fg$z`3;Xm*BD0yAj{`F
z$iHQsxRWoBu2QKy#bVBhCRmoEhdASvC+S>+cOZ`&*s2li=i<VhrKh#nH+Tr9Sbf`w
z*C~1xL^H%~t+4~irW~77v6#;Up^8fAA9zHYhKfw#QtJ59Onk{g3QJIdNMRf!Q*@mM
za;#5*Cf4y&B==2hrKwL&$0Ehd9lMR%_Z62v%^SSh@oFmO2I{_MQ7d6r*9d6wDj~Br
zO6dIx2p`|=gG><L8|U%vaz*itGkD_z6}iMqSaY>O1B%k7?XZaTxIui<;q)JcR{d;c
z>2WJh#Ph$$`x(ZaJwad6jdJ|NxBzU&6l3j|7OE0NV>oXouE(&V$8u}{2#4|Obd<r}
z4YvR<+3V=2@ePZ+vKVZln|L2NBAIpLxN!>EWz7*}r{ZgWA3ndxc^LTo9q>Wc(xqmo
zr8_V_Z~JWwpTA$1vEs`9Z2}6PPxdSw^hm+&*V(PY&5Wuqe9;7-7mig!EUNrZ@cAX!
zHUI1J`4n(=$@sj_i~ke&d}+J?1^E0CVS8h{9QeHasu(^$d!-$pZ$b{s!^h`;TEoL$
z68OA5u$P6;hqM#ORb<(Y&xeot9r#@N8yy0luf`_%J^1`3u?Dq>&*=|D5fKy-dQkp3
zI6glb{MJG7d7jm`ruaMuA36X&{|xq)=J@;-U=9l@?4UvBK=^#b4uEx>auc8T#v&1$
zDT2MH?(p#WkgtHx_kB(LV8iFPerCt#H}Woq&qwiw_&hK`@cG$jK;iRV+bn$kP(Q)v
zS0T|5WRGks-;jmRCm4dy-|Qjy{8juU;dArTBz*3f(j1?k&a&qC+{NOS@VW0=h3qbc
z@`(O1k}nYvj8;6LjXhT(fjH+Wi8-%mk99ayNZ=lD2-dpwqCE-gHna(Io(OL|=Ia<T
z4<7x&>PL_6J4GS$n$gd#dt#pB-UKpl9uoNZCrxnq&7;-u%4TwSP5o7bZ4Ryxe*9-E
zWK*~J@%sV_f9ok)<r<3-VF0yOu}to6N7563Se|m6$N8@iQS!iOGlvRKSIeJ^lsLk_
zzf5+Cd?kKkthbv5)7&Vq0@j54R!ldZjKl-cLuPXOjR)twT1Xrf*5D(-zw9*beMVvG
zW%wYuPQ>1U^De?ig!3d?&m{ZlCf8dz4&|bPh%gSwyClw$zkPTd`LC_hl)WIqkAH8)
z3&QohWqy1MzjR1`{2SEr<r}{IFNGi9z+3R+7&%cjCL@QF0p{rAA>28bWlljR@ORbl
z82+Aubi)aLJo8<Jzw<19+#@88vy#UNDFHvO3qOvvHjP!aKnB6-4#ibRT=+g%$AQ3E
z78ak?T0j;~DR^YZ;`2r-ES{L=3MMlae)mGuwfNn=a6KV@?8CuWauxVfix&sK>jW+%
z?#B5kSV_ou(QaJO0zkS0`M4vq2@H(e*dw+cWrF%ED<|SMUXn+6m(wQN?U5M8418LR
zOY}gd>kU@J_Pb15;LFnH!hqgk6@_6;D{=}6WGy!wK#z&pT!p#i{P=<=f$8OzvBjQY
zSx)>MNb;jCf+R6$<y2x^x(S#JLI3pgFoy7E5YXaH=L=dq0k0^u*iA8C;lAYvl0at$
z8G;s%#1CzLPQ~VqAe)?S%+G0p4|i^~;X~cXgWgv0w`6juG64`FUXjHy+?N;UWebdw
zs}yn=IbCp{$eV|upU7o)SeuLBEZA}nsh{`>tbm0A^HbFt9GIUy2lK<l*B1_Z_0+|Y
zoWDG#P~e%rO#gJs8=qX3K!J?#Zla&qyrBsWyx~eU%v<1n-z=UzhVR|V9nyyH0TLhr
z4aR1yseQQj!X67@*J%Z`Bh)<+1U?C1dmIoCQb`QVl4N-R!o48#mapO2v|<tbnqYrD
zlmQ)s?u2aS2;zVsiF3c`v)C*+e%e)jN9}|2)hw((|Gtave01JviCJ*lW5eC(ukq1G
zO(tQ?6>1W0x;1$clJqkKZbWjoNDl&c{Co6(2|JSM!E@Lp|1mvSB2>~&4`x59=)v1b
z^x!;vtR;GIEz18Bda&cS*1ww`e1>lxnjYYwFFQS;HMM1Wu(GHLJ$SVwMi0imZO34a
zWifi7RrEn~1WwOEX~KePcqmf$0q{K+9E(K>rv3(qB$b8mn?wobK>d|Wa4VjSQG!cQ
z*P;YFfhkA{`X7iAv;k@$C0I{D6iRRs`r1p9b_EBd>A_(RC}n2hsnCP%zjB8tdhn#c
zZrml|F?rOK9!x+7EK2YqD_|>Lo}dH;<S~*c!G6p`f)Z3=R!IpKVniv}qAgK_&YM6D
zYCmp54F<2bQG-I>kQ$6am=_30N4%n_fu`8EaNo(jgc_XlrBH(u{Me|0mrQoLaqo#u
zsKFQOlBmInH?~L(j$m<1)S&-xg&~HPDOOR%BOMw)E}~b5jT}sd>H2r!$B)5ZSopEa
zFKST^3qS7Kh{{4GavN@0_vhyup^s!9kQaCKUNnD4`&9?Sk8jjB!H)wkQ=|7G7}riD
zV&gwtdB9IQ^`Yc}?chQzVwgo^&_U&aZ{x%K-hbr-{?2=|)i68m_6(e2Uixxkn9b#Z
z_t!QV=GB*~VP0RV7TKQ9Bd}vyQ{)f+L6q}zrYhtQYi}ht8nu$(t04^hS?-WF2FggV
zI*<bpQQ1bTln7{Q?;pWt;i075GnOZ!M9u1M6o3;g5zb%foMX(cH;Aw<q$L91|Dmt~
z#8+f`$@l-|5ryYV1<yk_PlVJH%@fT#BA4Ro_p|ri8i~#aqN~4yzo#AY(D)po33hyb
zA8&)bpbLfik$4c!$@py8weLKI&PU>GD=_z84UHl5N8Yp}q4VBS$b6*5+>a;T&Ewcd
zinN0%%@pPyYiAnYEw-3@MeBC+Q^Hk$7x@;~K<`(AC9%-^!+Qi4wTeOLqn*)z)<^W7
zmc<V^lqFZ%gJk8uTG;&zyrDc9j}S*4AEIju*D4jaWlsQyonZO9VWSh#3)Tjr&$LwB
zE_T7f=mF_$9HXxi+l%nD5R5o|Fp_uhf5R7Wv;&|+?83%SoVk*~*%=FC-1})r2sAC3
zbsx7L$oiNMWsijWu02c8@oW?-bX=~OC}@Buk&B<T8hDq%O&^{i*!hu91v~!%Kg7->
z6|epxcyeIppN?ySod@7;l?oEspODa;fs4kB>utz*WSli0ZM;#U_UYRblhM&U8+uz5
zLwk1nqP{TB9xjTpjmgjBO!T4{bDjJ=t~6d0Qzj=rj~fYFv~MEU?+Jjabf7^|8JVvB
zKMPd(kqa6kmg}ic+Q)-x99UuF)b}_svG`Z2(%n==gw7@@M*P>$rm4uu(d1iz0^;np
zO7i5sas|qpaoqv%Di&3#`bqWRqQl|3KUqhBqU;fyKHPz-#HTfG8^wo}R?N*|T(^qD
zm=_yAzs})d{MOg4@kci|9lyL78-F5xOih5pSoEc79#Xt|0Njj4QP#s!LW(k^$!HVi
z-%a(gA;us;4KWTG@gZhjnG}CDb0x=^Fm^+qWR2Iw@2l}%Y<=Gv?|`P`Jy#kz@OTlp
zcj)mx1N>o)_e+|D4mw^VKHeBatMSGm{XpZrr|v-G&F1&jc>iF1-x}|uA2(Uwq0-2K
z$Gds!VT|_;unE?9f7o@X@jkpZw!Vip?<cMAleGsLZ*P8Ijd!y3eQUfwf_sf^1XeJv
zkVazTZML67aNGHJ_VerTEV1@;1Fbe#@x$8B@2!bVMhso5#czpAwD0HpYV7;DH@|L;
z-}<^W{y?+w%Zst`+w$SXHuSAH-GSzngQvt>(HLLx6zhwK;GnYr*eQ>=F(h=x+v0;f
zl+L(mO1zieO<r<qKM&&9)p%!9KZe<ktvA@wr1k!zv~ZB|J^~DW=<$94%5Ooq)B56p
z$Gc&5Y*7!z6E_|2l6R8FOa8v-GG_cI&CzrQ)dU-v*0b7ZtuMVV%X=^X&m1e^^bzC`
zAozhi@H8GBseUT{h6SO*B-BsO-HTK8@Kij?Z(NQD`aT8TKrMc=f4r<!N;CublJ{Qo
zegEl2<umuf6%UTmTM^A_6qz3)2CJSE{i)>DMvF7+jlN)>qVMU}Nh@VMfItro%PbDf
zaQX`O`cLp8E$ofE3XuBUd!vb;jrxuC1*U5Q4M2Fwm)ht>67y)ESPMOiLpY5XE%*v|
z@$IhhxA!OBemMSigEu$?QpHt8a)bo9mUr0qj>X}L1>`QD9M41lc1FL2H-v$xN-(zD
zjrLHrBdz3*B6?W%l+X}2M|LhI8D|Qk0~a202%X}ckRd1ym$J{ayk1M=$9l_Jy_nZ@
zt^7EvXM?x;`!s8<VxHjOmeVfwg|l$p)jJMfxX0i^9y<AbYN;!lHIK(`G(xJuvrHCF
z?&zg-SGGM?P`VR~0$FIczpywo4nrG&x!vl|_5zr~X%Jg_RSyfNjnTt>s)t$!pd+9V
z-j`?L+@a#sZN<T<wi#CEo3#j!O~&`$nN7!s)KnHM9&n6(FvePVoMsoVPrzd)*A)5F
zW@4NKLPOvW$AZl?j1FJ!M##pH1}XXgMbL*Ld1$oG0w}Fw7MHyVSYq%v#TVIp!@X7w
z3uny4;8&^S!yI@a)hssP>>mS8Oke^y(FRht#M_vX+{Vvv6j5z72hpVX=NP<-H1x{#
zEx_v)V+39YtPy;#<b4ZXJuSfN!N+!WykB;xjl0D0Jc{_iXgGgl!LO!`xt4eoAfTm8
zSJ|LdpJTosY~WFq%lcxH%l)Y<B6l3K-Av-Y<b0pdC^zyKBk8OM9Cq(E2yIz}SSp~Z
zE%2>0>v8x^`&W_Zk;es&f}>0CZ+>c>vIqeotl^VmCiw(Mv!0L==*R4?f!eglQOBTj
zHvg9RA#%O4-a?=H<ySRmuU+WWDyb;aL+P!^2UTxH{4(UayHJ+@T@j8D&7^nS1Gq&_
z;2a_WEe2jQa*Xpq&h!wDlnD;b;rUm`=nFY^{F|wVI=m{JMzvP?FkWX&1HM?@b5;$n
zX6;9rr*xu~<&`!7BB3>yAM|Ak-?aKt;YV{u1#(UV-}RLLoEqy?1&<OHJHKZx!*9cV
zyPhm^-K?GMXqrCvhjt>@Ig~K?fv~OkM&gT+otfKB<5aZFF<y!0ifRUDrbaHp6(!Kv
zz_bN0u5K~DI2Q+3@{|?|HV$JpZXvlEi!P<BscEc-N*Z``v4{i4zvKt-5-?4F2Ta+8
zj<PmpwhLI%1~GE}S3KYDRD^b51JRj}e=wv=aTWH_i2>)IpOKP+(|;~#D9gaXehn--
zfx(M`Urc{jd|;RZC(Xu(XJ)?u{A7*Q_C?tr>S%Nyh>(|wqXSzT^i&+iUh6cwNOQea
zbI7!1wv&^kkvJKrKO*OGDo&`c*7QA_^vY`gk@%e8bu+s!K4zi#_-0AiqZGmq>;QzH
zfL*UFz08&(@kS7liGkc0+}*I^r(h}I{ng;r7QI}KI!GUwg8Sm|QZi3(;Xh;_Z79-S
zyPNk~<(GH}kQqRxBL=?Tq714TOb=-q#83duoHSJDLVt&c-q0LzyQJ<Z7v;sFrQ&vp
z4C|mIo+26{umPeSaL99}w{VA6!E<)Kp^P)}ZJ+kq4Vh)%ctc2nmwZxMS$&J={g^Hn
z)Ev>*W20my9j&qqf6<R}d<j~pc^nM$!7bO@t-|16dyo&xc6ux4@DUb0ywrmWW8bv>
zCVcqj%wZ5Q##7OQ?F5$2$HNqV2XAQU!?-eCF94O{9S+NAGY`i+g_r8Mjx^wp)sYJ(
zX_Y&93s@>e7`Zgd&$3w>vc2IM4rAp#e0fGeWC2QwLw|SkL1<1Me`@6iZ(yrsc#6Y)
zRue@`CvlCsh!1(iIrJ6&ris%dkIORX_Bq@O1E+zLlVK9zc#AX3&hm!J><7=4bw9v#
z*1#`C`PTwyic`uSp)w{P{BHCf9}b>IHo3PF+{72fh1>lDaLBT^`aAFr3#9+KKly@N
zRi-YBf9O*ah5rcYEAoZ=JK>NxL3H2qe7Frjw$ZOK$>Iay@5+4sgsM4n3NQ<h?lV%#
z&W#?A3Y?V`?fw>?C*#KZ$sSb#H$H?H@~evOY|8_dj#;(}uR~e2Xcm4gST|i8VL*_z
zAtZnroL?L|xi}=d14-F&!qwONy@7A`7Z>g*yAduMAOLiEeSUia0MhT41C~tJ{V2p1
zgc-TYKZ?l${-}qi7Z_zjsg?Z2Ec;_5fG;OVlrQvlJ)+N~!I5~^7yJ!N+N!wl8~+0X
zgIm`bfvqP58c*<V1bz45kfby{b*Hf%C_B1I8h&iB)o{mX4;-#lV7%v51^(j|l7T6M
zC>bZ`SzPMXX7)}TW|myGf*7_uU5LZwL~JqQ&;^Mcjd5+Zo4rz@M}?nl@@B8-gy+;d
z0X0JTgo_OLwYWhnzC~0S^p7{aBTB$x{1Dw{Dq`{X6=Wt14eb(RTm@TLQH>yw)X0Un
zv4}vX@!NTz3CKrO%d`DzvBgrbLdHXbsI=T;Y;pgLSzVDs>cO~b4&uctg-qP9<QVW1
z$jpkhIFf5|6mf7QqH~6DF&fQ4pm9bXLWz}6Fd^>*cEC@Y=Nh`vhMh8Fnsbb&agJYT
zI=HnEFi#AYk;1>9(H=dFL4ZZe@kXBU2cSjZg#xm|m-qk_BsQM1bBaR~bnaJBgBqMz
zJ_hFt*z>&r%~H-J4q=kM<L(EtFxP;;jxkCc^ltP<C`&iB=v~yJ=fxM@%>IQ2;lMkI
zB1kJW(Ub89!!WMD7!W0io_N|Wn=Bp1SP}I5wh6chtSI0lKQR&d*rSYdWcjR$e9px<
z>k66pW93;qUyjTtq{qMxDB>YO-t#KP!aT(1Ap`kBUWWoz{E2J&aee@ln3n>GP?U#9
z*c>=gfJGkJu{iRB2Y!Sh>fr%MIS!K|^y$n^P@-lqP9!lDPTMyRbE#oXAuJq6d+BJL
zH&8bk)78H06F4!~jW+&_WEIi1dU$aizG;*`iZ{ZGxAJ<#gM2&W<jPuI7wQ%Y5ZC?g
zt{<@5pifqRdml!B|N0{K2K!5#Xgq~w2rV9uOZWi+pM@6RB-c^eNJ)RL;WC1kIaYxP
zyf3x@9>x<y;38sXZ>AMBQ2_9$jgIG^k^H0MkDxBzOvWF@r2Phmrl{LExtjYqUb^vq
zlolDzM5*edd2_6f#!onmUUkvnx%BMex>1VJi;N&3Nn>g$a=ZjZwG@5SwV;6pfN1n7
z<M}E<CV!J3>M24q-KOiuFE|{Gx1$<wdyMx=Gy5kL+s|N2_;-|Ww})otNDv6~z2hW9
zY*yIt$gGp1;|#8eZN_RFjXfU~hbMq(?1d8_DNWh-D_-zlJ{HN>Pg3-g?+gMh-Dr4c
z)ufQ|4ZQ0d8~Dxif3xSKpz))&1e%mD(tN=maFmMITpb>7c7In7-PS0K?Q7^e7~2<2
zS0D5{`Zop%MALK}i3&0d9G&J(g~V!Z!MRttWH1|WK16KX$@m`vj1B*9m8G_ot%&KT
zl%D58;JcOn6Ct3l>59QC4i>EG-ktao4`j{7q07%pE6ry3UKC&1q`e_d3`Cuo>NGxH
z58F-imAOLRv-oG8$DJ9PDU;B~be)W6MWGo!GW)pgs%}fHTL*6SP;2>wg9mE2{fYCu
z-}JkPV;yBj0=z6n`ll^1Mw)<p4FBMO>{>Q%Od7l0#6^iQ4i`jsTW(SiIReSNK(0JX
z31|u0P5vuEF9<#3X!P~x0$7~D=8kB4@H;gQEUO>qlMZf_9)9Ny&1f{>z>pICQV&c=
zXe>e}rX#K6<>;Es%h9L@Y2zqDY;4uc>~p2(2~|_A@c(QZ`lbnRzuRL>yn^!k_s};{
z`^Ez{!@U`XXBrQ{?28f1csqFnV_}a0Ru0Te^x^{=l$)>45)@<K*v|WfG=)$8I*0UM
z@jG^Emj)`%=RN@+0EtTt$|lp?z$S@%h-yG#KyJ4fFJVpj9#h}4<DbGk1|5HQ2|Et_
zXwj1rb!4UkIo?EUSLetF8gYOgWISjec^WYeA?>O>FE-=GR?*D<4!&cs!}|f#jcJex
zk*o60u;E^pHVbD!np=fy5Lpo&qgp`Pk6d^G;DQWAxa501JZUEmISTA+jibun$JRia
zWQj9nuCj_f95(XORbEXYI$VM|-q%6951-qYs@=bw$(XguB0O`f(<%yC2MMNv)d8Mb
zb<uv*YNgFSk;TkycQh`1;Ymm{F%AEXZi{&-GCOBQrza0J;#BQ8nzXYSOCjy7<C?V4
zPR|xT{!Hwp$69_#o$absJjKWKJ$)2r-pB)di>b0gQ$fR%=I**l;4l!)O5-jfg}^Go
zeUmGE?hJJ{X@C4iT~>vucs@b^>{t{NFh0PUCSpGnctt23cTJ}0I*I1x=J1+<;uyTf
z^r1eSQ5~8I_3uX5SmXQ?dA2q<85igtxc_VaX;585m09bE>7!%&cSwBy&TKR;g;$U4
z-$YLyL93zZeJrF@io1jC=9}<1zPW`Ji!olu^e45$+0xenhN5SI%d*oKYrjv#em9M^
zmv6W9%jh!pyW4m?e>d3DKE^ZGDyHo564^d;-VzcyQ-16StSSD&q0oZAdJ6gyd97vq
zb?H89{K`smUVJQO_Md6djNvWr?H2m4@RcV07kmYFu+(9Eo~O{&Hn>M)*RNfejIOZ%
ziLc6M7NtNr0yZ2kA$70&BTThYd&IP7gbl;ZP1qbXc8LYj;`bH50PMR0r7cu`M=B?#
z%#QCta5D{LJ;TQXWNQVzXXv5DyfOZX?74s`@b+K(&jC!))ZvI`VltBE1BDiSNP@3{
z$oeMm<x!9hs4bKpPKRR)LBGUw<*0&5s$e|mA`3zRveogv@W$AUQ|W!7r{>|B-6`;e
z7MJ5%der5x`ZK0c^=I*1yazQ1M#&aT*Hf_X;f5+mJ@oo>_%V#jfCU1J=i^${<U^c~
z!kS!;mg(CScx(ronur8?Lr6Ildm!-%Hfy|b#%?q64zBnptS0=6^JU`{806ohH{c22
zC27ArIXu2!r1$7BhhvOGYtcU%qZbg|WW&YfhotvSXfBmK2g?cA^B6twCKm%YBMrB@
z8IPMuMkn5c7t8cNG=@EsPZ}W#%(GU=d;zVk#`j6@e)0*#fA)rK)D7~}0)KJX`!g+u
zpPKK_T^o`o`XKvL#%tT3=l4+ibFk{|nbOU~=CJ7VB~*n|6G>(37USbf$c@cFM{LCZ
zCh3Gl{CQ$JYi>DRHNSlrCqwuf#g8Ic5?rY|0jRaIbfW-sMnEd-7<GdgHC=7dSPOgC
z!Ee}fvofE<FA+vRtk{=-wEGqIoAZ;k$gZ_ODAMrD#4H5aWCbu7f>CDn^YTy`4Fp1`
zJB@DW8s0Qq14tJ47~NzfMw@?eS^53sFJ)hkHf%k#?01){K8B`>-Atz~m3lMSrB-!=
zT?#Ts0zLz^Ike%NL~|6ForaW}wkiJBVyT+h=!Ln0_aEav`e72c8U4^2TCzMC<8{pJ
zRZ=0&{H##&Oq~A;QZ*t3JTeRGixbSLWf8O^YLM38!38Np?*_vr9^!a-$St6<AYJ5N
z634@XeYgr=ljGstm?3pMe2#G@?58sQ2kPU=P5OvsNM<fRD+5yj)sd()N^WIyE5Mm-
zF)C)O1-jiU`|kRGss&2+_ssEy&hdsv@wi4eM=%krdk%m#&#W&Fk1c?enM#}sJ!Sdc
z&_tb@!5plU6V7XK{Rdq;0Tbk98Qp#LY;ZGB-xyGCXQ|1eP55k_6OWI0q@*2`!5*WO
zOke0ctNmiMPbHDn{?{$Hzs>k<mQoKv?;DecFxZW784`KucqI>YRqSw19Nj`E_zB$l
z!0Xz|L<0caTN^zZf2g50o<KUQC`EI2de&9j(Q1u{aPGPu8WMcz4pwj*U0xG3rl}u?
z{NOFt7>2jVyR?R~93+0ntE`!T=a%TZhu#|&eOH2{@P1cD`hh4VZ}233M(A@0YPS~Y
z^HD+*|6Th0G@Le?(C0_iaRzPld9Er*(C4WvXo)@#|K>lX&+j1Ui2Z3spIgf}ljyU4
z0r!DLpSxI;H4Y1Ac0K&T;<w~YBWnS{_-%<2pLPl;F}3P=9;3t~&ao)*`Or&7C*nyQ
zUX$plc45o(c;m@JkLzD1Z1C*_d?dX;acEO|{5al>)8l#SM$zK{Z!CJ;_UZ&Z{)Kod
zL67^O#{}px@bLwB7E2e5!SWNM$AnReUX*fJSN~)mm~POanQP&)0QD|T&6$q)r*?Q~
zx@MygyOH>V1k6ze-U;k7NMGa?08v~5mVHIq@o^vY2pR-7-2)TLUGt1WA;y}4(yaym
zkp1<F{3Ip^^p|w<2%HoNHA%JuU$zk!p{HUGr-}@GbN&0WuN=}V$ZXRcO4uD0=^`#k
z3DOo=A@q4!H#Ip!R4?+HeIE2Ji4foz)W|AKFo_4v;3;<eI%|i40-4L1d32Q?3F6@P
zR&Q^ObC7*-SRSv3dn~U4!RwS5BGhLNgvj_$9~MeGJv2?Ettd6H)O@Baa^MeAuE5K_
zvTEiBrmHtl2mFJ=p>lpI^rHF+kP+5v<p)==Omz0ZI`I)Y12=KDHd>0|WACBfS*OO9
zs$;EUIE;a`w?X*^OJ*;RUb_N_8jzKK%uAR}yq_06+6J#;-wf2?c;VytrnDFuWJp`>
zQKC5qHP8f&OfacpLSaIU97u7l_UJlY1+w@a6xQyA9ASg5y>_`ntK5wnJ(Q}~7CBg~
z6bfHRA?z>E6d=8%CljxN$v2^zpzk+y2Y50*NBo3k(Sb+dc5Vz=#$AK=5`}K#C?HqS
zg@Qt2PGOgjcz>9JJwz#-j3fCyl>-RIAI!ns%n^+_aHG~{!aayTE+1Nr%W#KRPsEQl
zs9F#8y+f6poB<<|HVC<xRcd&&$BM<RP>gK9^LdL$&*Ar2dE~nPpJ)U5#mQImQ5AmG
zTQDy1L7nxWKK1~WHsPB81Wx1v>nUd%O_OF(rJTk1hp&H|s=hv#w|GQg8OLj}K8)pZ
zpl`2AWdNyJ0ycrO1H&u!?Dit_GR*lMjufrJgb;@k(>3EgC`WeT4*I}f)3u6i>H#?d
zB!x<eY`{Gg>K@~`Pl%4*G0=J(1;ceCoc_V{95}!WwzWa6)0GQ8&rHrU8lQnn{f&S~
zw;rf##YzQS6_`v0(!U{nWHpu-*HCk%zcf)bGoEuXNoEd1<WTu9zL?WE@N$%>x$Rxa
z*U-W7#(Pg$NSUAm6bL^GV=5{}`vXy9upHB~yr<?O+5><1UV$;73OK#J@#}N3*HM~j
z+;K1XAzZnQo)cnIa5UZ~?)##j;JQ`vhOt6^=0$$_*tB{0D1D^zw=lajlQP<@A|;Ed
z80pNj8<E3o-ZW-Q^STHoK$f4ZB(hZgW#qpDW^3)v8q~$4-E#+ZgBc6qo?(6wYzXj}
zcpX|g==^5C$tv6oFH7A~VA^Kjzp*hbU4%LBo4i94Fy8Uc(8JB^S2nFbc?9cT+(O;x
zRY?s`K7$o=TdLSIxnephCaX?cc*)|=LB+tIFR3HkY_VxW&Ftq;7Htzvv$D|%i@VKu
zfjU5ttjT{=dc9-d#6;Og;eRo_j)RMZ-QLRiraNE}tR7IuwjnkvOAqW#FHKVKQuT^L
z{~3Y3ZOSfA(sEATNP`8AA{dFePu7x_Bv*Wy6`yaZ;wi}$D_OC;g^Ee@@^o$Ud6|c@
z<T-he`x|pI>IO9@ZThM?@i0E%8b|p|X9}E)Lg}9aPgth+vXk?x?rcq`g=3eIz0!l9
z+np9*%IdzH;;pd?nL{e7%GT8kNK1{rXV*``9wGXI5?_e=Jowr64V~IdeyoAN?P~hl
z&QSigGqys)fxqoW2qek=wlnIDHDH=SPXp7Ns}=rIlgu?H+b7@;yT`bvZ`?ki^nKqS
zrv(1p2tx+9wdH9dhXk>=^a=1j27I(_LF<kcD#SKS^-tzzEE`P-NnXWbuA<(;Dn@U{
z9)?<eZwKvO=;NWZf1tWzRarNJ9(1Wq+rf@mS$2vI{E_(zhJfZag2hn0wD7qkpqcn?
zbD+5rWs>XB+D6y09e~Vf;}pnza4x4PfuF)d(D_Dmo+b=*zN(@c?twV;udMUo?e!_d
zRKQXRD~aM)*V9#_$xdI2GB`J*G6TKpp!;Rl=8a|7wi^Y~HL!RC0j3L2svb7sM*Ydh
z^hJ5*KmPh`=|^YUc+h#krceBmma-@ZAPpm-ogWPB$YgB&MupAw(7DD;IB4Lr14H8r
zaLn~F*dT8c4ZTH<3;$;7m33O>Eg;Br@JY+Ed-!a#Zx++_^HLZPVReO#2GyzZKS|oI
zEed`ZDk%u;!xP5n0rVl(U!Vt#tbT~s^H#$kQ!B@#TllJ&2AMC>c_cU4500ox|G?l`
z=z;1+ul7`3=@zO7<S_KU_>d3hFszGs-@45D=j*=G3)lIjJ*|Iy-hG$1+GyqN-r!BG
z<9&4`&6is3U8q_AeBG<Pi&CwBUhNfl3P%dOu%fJs7I%Nom%9mvJ$SqCf<JyMy?cW%
zwN3}gg@?1ATI1_pgBO0lT|w?HQDTJB8bS9J%LpDQBQy=H0-Pw8lFs8i?qxKKVJ@n0
zJE-DonR72uT=JYV3Cf|Is%F34KE<Og_ze>>O)uQ9%{gA?ckp-^u^Wy1JzUzF8c)wu
zYiYj({%G=<chL)erj31NcPFpxvG|N$+nV-5>`sI;#LV0)OxHQp(Bl!ID#oa`wUf0F
zoxq_%@J*l4^qXZj#fSBppxtJ^VlOViK7GKr6p2abx-=V@y$CU-X{nK^xHS4$<)4EJ
z7S#+v@rSrFvaRAX0Jd;~MR69cj3cGEEF?9f6$t;^0XENg_AkVPxU1paBi3Et5BH>j
z8*zPs!lh?pB!>B@)C;bF`z8GCOk>m+`($VS{p=WhN%E)O@;ODZxb83}&o;A<y;;@7
zKDKQ$^%K9xKGq9STTSd^x1v?cKBmQ&$;=*#;`nWnCCqt>s1Y)a5m1jra{w;zA5`{k
z%l-w8e@q{5*}uA2_OHQ~{j0YSmN`#wqKujHW1oN&OCBzt$vjSX5<Ef!ltA2$0<p2=
z1K_&QupGU108tj$ww3<Qr~`<qaxQ{yNhGq4{!T0t@rm!bjjy-xy#Y#H#UiJ%3zKLm
z0xUf#eHDg%CKWT|?`9f}Sf)4zhN9VnT}fv8bpGkWKd12zT&2NV<6F<=$UHfXW!bm@
zVy@M#iF>)PD%dt!5s|xl$#hJ8oYP_9>sz(0wZ_kjKGGNc+<n&eKlRd6Z6Go)zshz;
z{ldbd7G3?~C$mn-(HAuizU-;;$vrNx)kydU&<YQ3`=vH?of-z_25}!jIJw}=q;*rS
zgDM!0>GPuJ)+45TN-j2<FL$?ISTp%}J=7CX5sYYfpJFzpb7A7m>}_vhCUTL|7KIY}
zP-lftz=`HdR=n7B?ORBPr|Ae9A>ZGE|Nm$6L4UY%m?}(ROaA}w9MJziq5uAoRt_jy
z3J~Bu?KWiaXhd9Z5AbB(!YxyfyHx3Y;lVCZ-ExS?5a22>-X32l3!XzN@lv!Sx&i+l
zj!bfw`n!u1wOii!Sq8He*LKzeTOI76;k-wn`uQ#2%4(KlNQ7s7)(*;Zdaw_2=7_I5
zEbY`_WRB58Y1yoWi;QfB66oQFtN2s7Qr8B4jF{NUPy83^f%8(z97bwuWJG5)7d}t5
zNKDWl%_}qroeM>`k?hK#tFg?nd>^A$7=y-9AI$WDWv>|vTd^U;A28Sch$=?OL!%<C
z=EPftTx+!oiX^e?eu%^0!8H^+W5Be9pr$GModd?R6>L6mY1~`GrrEwqk#;19ClVz?
z-bWfsWRAE~urGF+--`NLZcaqgWJ+&Cx?13d>jcZr<NO776zG-f{dWw?Us<%sWP8DS
zZ}5XCb_~{Ng)g^m$~pQv1Ekg$>Q$5fiMQ|qr}hAlaR1Hazohy<1uVQ*gyWa+X4x<t
zJqQBr3vR+|Q&)n0K<HDr$mGdk0iI%bLCE)hV{zyrXK~1zSDd=eYp(Pbt}N}O*S5t|
zeELFa<q81JEAUR~G(D6CV`vG2>sD!ZDugvDPtRSa7w#&ZE~oS?Z&jL(i)gxD_`{TA
z(T;-k5e~g}2z}Z~Csli`^_<<+sb%YNV4=SqXh;?5Y>D<}>ewK7+uFA2_R8T74?hFa
z2R6LJR9w)#Be((IG4|dkR4Cl{<sXDT?Zs2&=6lTp>PdPRkSs178pR@$*8m@wyARb-
zm}$X;8<97^J%@@|eur_Lw2Jr|EJ)>gtzrgV8kE1jXtA{*Iu@k;*m-~}UvB-BLRpV`
zS&#3E3kN$r+5_)mL86}W-%|aXu_7N8&Dtj`qRWab*SR9~Q)`Q{(pZuHYDE}`b3y3R
z4Oo#Yup$>@MK*iQRmFwN;cco`#D}@TYCtK2<+vuc9KOQkQzs)@A<vsz?=5U79qU7&
zL11~S$tPkJrn-HtJvl|Yt5VB4;gq+rMZwtYN<*yLe3jHU!W~Y0+M4xLTqI^aaIZD%
z1-oR{19+-tJt8w_m#<a4+>g*oh&*^P<-zb^AmA?$KeIP=$_?mvqaH$d%wQnui=E!W
z`l&bL@Jt=NtS_}jH{st@<<JW^Os-$30;dE#FjsUZC>s&g09p<zR;)Qv0wT14cE6BY
zfy+n|b;L|+&emGTwh6Mokf9`az<IHn^)C`1l&*A7NRVunkq3Aj>}=d02mW+lgN#PM
zgpEn6+v?l><1XykME;y`q>?|U^bj0y&4ZlN#LG?PlaXTsGfqtLch%k;>>hjG;Qzzi
zyTC_PUH#t^l0bmq37TN6s6m55y);p%M2Kc2ff<-!6i^hbSdn7!f-nO?Dg-7$PKUA9
zqHV2h)!Nq9)<;{*#TyC8%^QMMQB?2-XB<Ji0bXF<?{A-($xJ}|^#6Z9pZB#TbIv~d
zvi90*uf5jVYp>mVMh|P5<7<0A&zF0B5w;2!_Sn5lxOVOv=`8y0FXk2*2Z|?_)m0|E
zPl*<(AN*O(S5p9{k5jY#cDy93zdo*P>c4L00N<vMbcQH0;47{%t-2n5vkLNlrRhuf
zjkR=DwIS^qU2TVBsJ)RgvvgF%YPOm2z9=S<s-0FiAjl%Ms~Kz`;M7#$?dD6Y_f<L8
zf{A1_nT|J^^1dQ|x9`+xMb?5-OoFdM+@=2~*21HC$EwVokov+?k$XtS`=sRS`u+#}
zRWApup`3dCB#`rgwP2w@5WBjWhY`^sLu3T<<xXQW^FY@b)jm$xap0-X9`%(A^!j|^
zt6Gm!-Fj%VV8$8z&6{yXz;<}(#H+mOen&eo9Kt-enPBA`AHlpjoL8MMIZ!ZTIDhkI
z1WcLzou<#opdV{lugUh&tRI~?9v^PSh_|*A;P7vM&a8KgiCvn0P3%*e@I{D4(j~Tw
z$4F<pi`D!tPyT4#*Obbm6#w?;P5+I)#n$twvQ^ME8{4#S|39QzOOIG&sdlUR9$upj
zthurszSAXmLS1F+Fv4qf&Kb5S&?U#8XoZV}b_H_QG3f&RTj_9@>DMzpl^fFgC)Uz2
zN8~ITW98_f6AzvAkjq1^9`bm|(?dQF`FiNgLuWm7;h~Ej3V2{mX=6gK5B*Pv`Jzqc
zAJpf3q)`oy59I8!Zl@y`quS`q(kOo6+#mhkW#|3G&gFeBc7EAsE;}ETWal-o^H-En
ztGTlzs;Q-29u6-hib5f6X+VP7H-P=MeNeV{RbHqMS~U@L*uBVEH~k`4k*)CBjiq~6
z<%A|wCgKP#NHk4zIbnR3y(;{U6*{e&h?<^R1brG+gbtiH*&fz=^15MV5Q9DJ#I?i9
zbL2Gb48ZLs-W_gTPLKfo$09f`&3`Um4Nsm{=CzhJo|xFkbK{9BrNtL!HQBzTc(OgK
z7xP<vjX#YNw)l50S1y^#gH9NHx;V*?ABY=%{7=$dethYz?w68jO41aOsy5Uhgyn0c
zR#{oiFT5D2kWym(3^UsNa}{&t5pX1NGj%x6dgKVJ#a1UG`427w#i?_7iZ)f*YAqd^
zr@KV&<Zbdg<C+E?O7I$5;9u8Ssxk({?DJBSRE^F{-DawAEsuQ;XL$s1XxXSG_x_zC
z?u$8F>fN*hQ9u7X82~lkAT75a0o?{bum-B;A4}d;_-GCau_IC4X7JTx>OJP5P;YQ#
z&Sko|yV(_ScTlyo?W-s&J7?@NQ^{&qRM^r*Cq=h851%5$WwLMAKU)$VtIjuJ@S3F^
zFla3uny1#@1{ECC$@6JKo4pdw;ifQ{brSbvRUz#CDg%2beFOGf%_PzHN^Ka1pH3<&
z>Og{+0AO&-zuEzEF}Q<pY$*(eE-<&5CgB;Cf`<`Z=mHCB^xr&A2;ZujfU6ltnuK!?
zwWwd?dGW68k`v?5PXeB0_bz8F*eR+W_<?A*$2QS)H2;CSDQ&;wj>M-adexcS$(>z{
zpL=pP#*_D_r_ZBe%`<raI*W3D$Sk6pA3xgO&6XdN)=s%PvTAHWKf`#E@V9IXcB$N8
zSghg;t~G*lP9XBnCeXb?^vtfi)%*Yt$depWn<UmUb((jd=6a3STJp5NZHKm%595ES
z{p8)jD@R0ra=OPkaJmVORl8_nEoLd1h(-#^OzW2n^U33ctIP-=Vj^1fS9rspoJvMh
zhI!Yx^NcnLi(qes24KHkSZ*d^BtQ1g4lTIrTgv?3?;FS{!&8TI&ol`wWu%!Y`Ox!*
zpl(qMsS|yiW#T-*3+)6&kUEkyB}*ZLGRWWz$B@Am#vd|RaTlfA&+dH?5npmfQ-g>J
zUr%>R1~gLcZeOWWm&e&89HG`)OM~S^M%m`9e&I`_Zgnp=B$L_?l0N-S^E1rgF#;R3
z<(uMg5z<og^JSh5$zxmirkS}|g*7v8Cvys=|7m8flNORSGp{B(8K9h-0ZMa-4m$xb
zoSvC}EFD0SIVTq%GAF-8STS>w4bOyANO__0N?y#I9LGb}oV<638H|y?F@sV2Yf7i)
z<P|?PD~nX?ozCV??wtJVi9&D+zwPInFbg<LtAK*5z2LY1%@spF`-yUKtgPAj)2;^V
zqXlLP>$j7}QZFH$3fv>0!wrwT!{pAT<7|eEcJIe2AlGE;qt;KYd7>u@HY$nN=JF;U
zunYOxcH{?gc3`o&&E%S>T+{f*$4R;%hs$uJ8`j8ffw4d*_i)4*XXg27Mx^~)xwggP
zV~hZkwrTnzkGi)VG1D3`63v`!P2-AaIzEbq^02T6*B9xca@)<PSy_P%(Qm&M7(9s!
zUz%SauOC}PnOd!ogwo&}jA4PT197D&p}~QvA;Q}AMEN}i;vLSwV~|3YHkWVUT{qj9
z^vK_g=YlWtgz**_f*VF-XMKOvbzg|oW8_&}u03{ZY5l=Pi;ZDEQtu&A%doYq9&u)I
z`4XNv8jm>gj4$UCYr#k=v6e0|xfd-d*HOekq}kLHu$zs3T^n($sHJ!f-)pU9ZatHg
zg8L3c^h9}+`2`XBjXqj_7r%=xJ{Yiv?X{LIG1(^D7w1Kmm^y4ul`b}ZHo7)S>yIwL
zZd94(@?Wb8WV3$0!NKyf5SzK$-hXKK0j7;oL1U?J>I;K>RQ4<7wZ{|?m9g2>XB90r
z^;ktq3@ld9F$Flp1PY3*o_Pgkw5a1#j?%GAO%@qxK<gs|%G1L=_|ftvp{ylWyo|;h
zoyt!RBw`;LiB+BzpInN)2cLz00eZfjyq~JNQnxx@<?*0o{pSOnFY@c3x{<IyZ9cFn
zEUN!L{YKr-N^js@HI7p{RZQep|9OqsPXcfM5z*cUlqBO?Z;XTm4`~i#^c#+)L@ZOf
z!U*)<07U7KQT6Rn0l+ZrGMc7ckf-+4YttU>7wH|iN=>@kzTm1b=}XGX%<rS+{gU5J
zzEhLsfOo$j<3D8QT;GcJcusHot6nur){H(Pbb(d5*LnWS9U#$#Qgp7;@lKUnCtEkT
zRa*TPn<fof?@_(<!G*<j*0K7#zB2)4hra7JvIqFBR{#Uy+(+1g>9{&8kOKY~*3!C4
z&78mRiI;lpgd7B3G@`<b>l7(P^#q?N8Vk8x#J>?xOee(n`tMJ+>+`&k`ZMi%53AaZ
z?V1XVW)Qew2IbE~0$b@*#RT>VufgiaK-`Z!F6Cqz0mo|$jX<XXESE)NbZOUw@`+Z@
zaa<J8Ky$t#m<mIf_m(fQT0LmdDj4sg%3vx6e;UktXhV}m=t{8-=iWyX3F>b)xCLK^
z+qeTF)>EU5%Qb4zAWlAK?ba5IOSz(|5kkMg7iY5r(SeWPO~!dcoz(UxHU>{^nxpM}
zHXgR)OUQQqE0|u)cK(}YrvV%KoEM#g&jIaozVH*Si<A!4JYgzLlsx+<h?KE25C|`Q
z0mXpZDwv?KdrSh8@c|y{Aqov6?$V{H<%Ad_qe`uozvq&l_%{zyVWuEuwfu`Ol^g2m
zr;0MV!+L8ie3Il$tm)$-mudh=1kZdpiXVWG2^H#plpjI+FsTN422w$oL@aIGqdW$e
zT~0*Gi<}K2I$O6sPiua<t<TQs7{&e33FYIoUq4Zyej<YtB`am`r1nLsfnbP+DjFGj
z);-s84W&|IXzV>&)cg>RG+OKR%VJicRdWy|SBRjtvWTpS692u_D$H`(57iQafn1FR
zWZH?jG#TryJe6sL$yADT{#t}`wy$7qP0=aXGJPOJi@0xHj_UQ<-hzMTXh@rQgCR;v
zif!dj8djT~m?;H5yRj&CFX<S6Ia9k;syYlxTT|UbeBI`3e+E_xi@1kO1^g3x(pUgt
zogj3(u>i%*bYq2<Wn__c$;{K#mEP@LxippWUXxK>IpRNdC1B5Hp%wo=bIid+<<@k^
zMB8xrM2YO9&0Eb>3r#T$UejZwF0CUnikTaCbYX5BVHy8~|7w1`wZWYqIH)DBh2_NI
zBY)_Y3`ru7gi|FeW|Q>@23<OW>ydD3Qc1}2NRW#kx!Mg7iM|&}^X-^y;&M1`M)+*|
zGa1_408-7@b7IlixJtq&ydoW!!w6-~Q~9VB7o``b!b2e}kZqOfv2PezGI5)cC5wJW
zg>cgfSHtVs#0{v$K&7z{x^330&8*%vkHnJVjHP9}t?A>Oj+3`}D4#{_$Z*^mxCqAC
zVb0c;dy$`Nfo9!S15JO305#*8MOn~<=K;+^sLhE1irB(mSlN?X?Z4wu!pA*)H(?l`
z@+oIx29A(p5q{n4n6xqVp_0yb^N3!ZtxBkL6H1lvj1tN+a;#8-m678C60GjAu8^%!
za0Xr?P(jiOXMB-}eGbN)zTnQds;9a8Nv|amvDfsiYx}o>$0bX?e>x=>>1&*RCQE`e
z=ff=&lltpyZvXIvkpi5Ceta9oHv`2Jh7&r2m55H|aqev|pqlOj00WJ_^;Iq{{S=Lv
zP)q#oru%yLB-7a|cdJ(M@ZPVCQRUQ9t~yYojyF|55_ekO)>_ju5WNa%eVg+?M{8K#
z)%kOzKM8(iPWOGECt^Ad?c}7&3#uuqaUS`Nf28yN+$0vV>bs)7K6hD?;Il<_{cG>%
ziTFt8p;R%khze)r^KO^TGRxrqz7=<fB<FXIJjMO!sC-HC<wd=$2j_ygQPnpo<ziJ|
z=UiZ_cYN-T*ZnysyUkNy?O6C23Jac6=LRZv6<}&Fa#~lqDsTbrGicBs->g2jqtfuF
z41EoMD6jnj4ob#^l1Qzp#`xC{^uc@{f)%A$LW`uV%3UetxQaLblSm`_Zysyw*S@Mb
zrPjhQ{qwn&6XTU*Of8Y2(~MWn!QRH<%4@$IX{<>eWd19Bsg5PArmlHcdxgeb@q08M
zXmPBTBh_@8<E5f3WpTVj$&IM4{&iinPU6Mj?v;2IrJ-xB&Pkk4JBo3K<tG1?`;ry^
zfy^nb{hJISSR+$DKZ(AD(vQPgen6tkKN3HHdgoGa3SZ6K%9?N%6A{6UdzVC9GuJ)2
z_Q_P(yRugen|j7&Q=i&Y0n<!|y?f&(n8i6x9o2|OHGphmpd8MF^Sxy1+wGj|71bUs
zxvm+<p4OQz(XTV;Wr#kPH{D%NehJ57Co5jfA5i0LIf*zY6;9inWOfl(f%DEMUnTVQ
zF?~JW`9tcf(*8tRO){+B2<nr;`E~{gs+(i-rS}su=xzRo5+l6!bKa!YF5BLGhF0xJ
z{$L3t$yKQ3`=qs#+<ClVW2@7a)~}$5THF*2&B@1|U{=1Wp=H*Bxx8c&pmC^A5#Y_=
zG4?kI5Jh!Td1r65wmdP}+wyd%=Vb5T;r(WGn_OrAs3Nw<P;vg!lt{5%@8o5_##l1*
zoBMJj1J9zS28lN8_^?TFx`Gy3wfXrnZAPpAq!q}jt=^4sMH+$+*hufO`(@Il<tuTV
zLQ64b$6Q1vj1W_dt-{R-9VjW=T^^BX5k>T$vTBtvwUz0upQ(+93X>e|@!`MSwg%~I
z%@35<O!Y?L2^c0yW-aBE0rSuJ<E>D4vex95?&LLAN$-=IUYYK49YURbcn3$6>@(b8
zl9BxD4y{XyR%*(*vP%coV}ukDO6IJ)lUff+HWtX!2sywI<g1;O?D7mcxpUNG9VcF!
zRCQS)HSx+Aoj<>1Cf<dtnaBsXFQf`4UNVH(RkN6QRnBwNuZhP=Fn8i9sD`sNnd+E{
zCoeqt<1vOk<}>enW<6)+bEjOwIpr~?+>vHg7296)(N_onyr!m57rx6?<O0jsF4K!&
z_Wm&Qhheav$1}lie<u6Na?q5;w!7+lOeBBbZ`-la(vvhsUgIVe2v<V&r<hbiTw#=F
zVZ&f%e;~tHne$v{A?a>Ismgq*<Xo&&ijc)3Q!}KKyq8his7)6NpeGnX|3YkcT9AD@
zGGc6LjqC-MkHdb{L{<_n<M50m0c+Wq@*hm*C65;Z)%tOM$=PFt?<Sk8Dm?rPz|U3{
z{`C}KiKq+6Wh6gj|1!FnR1z*<q9W)z=UT3e;VKC}dz_SneayzBzB3?|@nkZh5iuEK
zb19px@0i}T>pQU-cqQQD;hGm~F-L6yi~vY!44@opk*|%oy{n~T_vqbPcDLyveCF=*
z`$_R3w2qVEabkd3H>DPld0H)VdpbELl+V;OuTjr@hB5H<@HT~0)fY*liIOP>Pjq^a
zh8@iaNgS)f(4<uXEfVRNzYGX}F)W}_j<4X)=raC{lx-nbV=Xz+&zL?SD0P>jq<UB4
zd47QWtkw{G(P-qR8%x}b6ugasilB+V5c5ekv3g>}s1p@ZQpKbKNyAyF#AJ}m-ij>;
zjEzU11#+X>>o>ygy{A4pH%E%OzOaj1GNTWFbF77D7I5^Aw#aVmYX_ZBE|T4`B>Rxk
zC9FtVmw*x=e9NXdW1cIP8y)f{r9f5n?MeEmB?y}?I05=HvXk+3wjWlCFo|#B=F%y;
z0`9aStKVL;oKK!W|2;y0yDR`LW?Im+*vQR1^Kr4U`hdRu%DA60%ZvD<msWn!ELlD(
z^jb=VEERX%D6(^{Gj)|))$jFWjQ7d%&+tC3=8du$sQStZcgBq8w_oGZabN$}g*`wS
zvPA)X)TP_VYnk{Q-~p3!eg7A%1wVs$RrZ#JJj|#kZ?_r4>!UYztFJm(Zw<xe9{z7~
z{$4rlckAspRH5lOeiAQg(DFLTwdGwupQQK(lJ?)g;JZ!ttQPq*jEv@Sv$xw}Dhc4_
z-?kGkf&7_BO~GpuB}-8Z5jq0)JLu3>ON25pE=JFYS7~Cv<E9g-fvWs?p{<|M+k`7>
zsm!D2(Mvl$h7{n5t>n#(cR(nkmT_6%pbeK<kkR9MM~cf;Zcdc+W%|P=T7HEy5l~2-
z*U?a``4$rJ@gz_hoOpMl<PCIJf|3&dhZ1zW-acULEz~GeKv^0A_7>Kiym~vBPqsil
z&O@vH;jcKjRj(C6%Z*60fl-X9ySh~kj>+AnR04m;;l(s_t#oDP;4~3Ou6rm@mY0co
zxA8G(HWpcNtca`K_y{qf<VNM#_abh!zP5MSJ9s@&a>=a#kNK{NPXNPCrVBx;2iC$r
zvK9vHt@Y8N{BS1VZ33$@HT;o44+RNUY<q5bd|enB5ea@5(Q56?T0$k{S_^_0iUQG*
z2Lkp6w_KoyCR%4-)fc!ehQG?Q7K~yzd^s<Ss0x0!b>>O25oWBKH5%}juX3lC98$ij
zZF(Mw2Ln~lS_}QmYkU}Ud{wKhg%|RYZt5pMr>Jz1F<?6~32f*5J7B->>wmyna6K98
ztG>2wArc5ETaw&Ca4rAZw-7c)M2q|D+Z17j&e9H5DMg58TPB~uaZ&9~E@tJ!fE|dQ
zwm%RZ^1Qkr?-hHuzyAyVsuwix-AT8aFVz0IawG>?caJ7YZjW|r|B&;63`{EFv2LxQ
zNo_dYdNvOlN^y-5(Y)<R3VYNv-EseE#D4B8*l#9BWF`~j<CUt-cMP)d$6hU54Ec+C
zA)0Rji10+*<hRb>=!+0mR%e@M5?>rHRrSHFe?ZmHqB&WR^yl+Mi%lm3tmQcH!5o+j
z8yCC8DY*U7VzZ%e>n&=vYK<7ZFl61@NAi_8lDd#Z=NbBZeWXhua)dw9ScJ1><p%%Y
z*_hXVv8u+peO<kE{`z{%={kZvB0As|`~j`-8<=})7JWfqHu|g9O>d1oOG0LS_JMeQ
zR%0oEV)v3$8uuQc8x_qv;wdo>d}XuvYrW0JdEq{sV~gsmHq97aA1$u%Cswg1<c9@@
zw#UysY!zt{ExY{mqdJzyhc(42*rp*s%_p!lD?E`SPNMY%W7umm%z1!z?o3>^TE5{C
zjK?YO1v8GsGvNUs_daeI-^X9@wOu+7w;k~HVFPKcFTCSx-@doBQ75{(Aey({pR*}|
zSTe}G7Cr;QC*P(`u9`jiTkz>n>xMC#_UNbgCbluRj^fYeQGA;>PC4ck@!mR$@ALBX
zz0Ew<ZrbAyulm{_ZY>K`y%PE#x|8Z4&VT|AUpxB+K!H2tj))d+@Z}OfwLY5HQ~5;V
zz}A-9KMq8?)<=r>1ni#mb|I!=JVE6+wkNbBRcmYjm3kkC>v&?H?UxV0*4T&q!Zv-;
z<BoYX$CG$T;f-Gsmy-zK<5wbqX4E1|NxX1HqQ-V({fqj5;#1+A^Rmb!x#1=e@*~P3
zFS$aVxPiwcun|$9TG75V9QserY<*Pr9$q9ltq_zZ7`8`IU|j<uy&}XlQ5lkZ0R10g
zDUG_O?)u2Nej-t(gm`u|E?`Gv4I_;hUm<a%eW-O9?RmbSh*?W7=q(Q{ZjpdF1|>ql
z?P(j)R9#MX2YkQ88(pyVv$%XQKZ3VN9Z90a?OzHrvQine4DG6e6|N%Sk9^<V%jl$a
zHr0<Se{c4ehC(LbM!dln8Bc5;&aC^{q@5VD{4BfUoUSh)U^hgmFo$uz)SkHtxO?WT
zlIx57iCQ#YU=s^VZg&uvyVzrN(!M`G1Qm<uL%U7ro2=l!B3Gs+8DOE8CYhCt<a~Eh
zq<1&KToE?8rLqE{C8=iYRcX;kB?B#ePFo#jOJ#{Nl>&OAWK$~Bab$8;jD^!F_pK^M
zN3!bs4P<3C@047TNm^Emj)0}f>zM};jaQK(V^5F28ufUGq>Ge#{1G=mIiK;tnD&d)
zI$`sNd@$}2j8icRh%EZyr;Uz$`fQ^kFPud^=*UTn{&`cdp$~%woj+2Y)XJ%}o3x=%
z6i}GPe)<;!!c_txi<q0wlAb=*0Ft8U<}-|7!o1WF3<3z5_cd8lwA^mqcUBwFM$9mv
zJt%Ry9kly@1ZWS6%%k}QSMv#KN2eJ$WHP=}r6hhjsXg&L65TZf+AdY0b;C8+RruWv
zGN0h2={lSYFLnA~Mb#4M(D#p{B;J{(u=DU_KA5#UT9Riz?9}41UKL5~bG|o;482Ur
z>VG^Y=u5_s@2S(s;oPo|UzkR#pKdcByXfPo`WVv3H_XTUuB3`BIlRVuQ%8g8-!`NT
z=Xt^QsPakj6ivAE5((eOQlKI(D0zZa0;#(X;p53E8;{B3ri`5mO9|Ix>{J}QjD&I8
z0D&}4aDhCN)?FZ9r1AJUe93peRHVNw)tAgYkbkM7%sr6%NpP=c{IN9I=)lo82($Z~
zV@ue{-~h14>BEqkEI!yug>xbYi(-BBp&<Q1Sav<DRflptAw}_H_3j;doKgH;ipzE{
z=I%_k$n}npW3P^_PX4ZOf0gMrWx7#SJ)BA$_>b#d0B<S=z(0}fG_|*Y4yz*Ps>n}M
zMFh{aE7|dz<BV<3s?^E<BK2zLyzJD8Z+?~FUWERi6Z7g4=fu><_z)AsRO=tq)vA`)
zj@Zv!Gw)?;_s%yzGg}0W&f+87Zr-D8D|dkc9OgJ+sE`=9{n<Uux#erbx9(2c)k2W-
znE6Sq&l&bxvtQu)TV`8s_rn2LuI6jAHOXXJbmd38<+dwtb!b+`T6-1Q(XjK9M%sYR
z?j9h6JSy>$Jm7I&%`@8s9NzUL5AXI>-C5kD<;QB_KkW%zjy=w;^A}yxTMrrMvGHA~
z2}DLV)Y@N!-##zvIJT>={Kxay)G)}L#~ukh|9?7<jXwr%QQvePn=xRiS_*p1dF<an
zHEH{=b|A8G-HYu15!WBjOX2zy4rOxK5F6N(?<NOu(xH{UMw|b!(z{cYK7~@BaC&q<
zm@wn%zK-ffLv8Pu)ptEmZ*!4`>wFFu$iqiw9TGL(xk;<`yV@De?v=Z%<hr8&uQq=y
zfH}<O&ja_F6>h#-NG-A+t!+R1Lq{9*KItT|=7QAb&q+_3MeKQ2FKp1~PNNDIvE=5@
zwuvxloxDkuJhve8s5yNrB3VwUsZq;4w0~m#X#@)?R?BV{<(2YlWYNk#=YAGe(AY*k
zJFn3lt>xNPGJ8#1l)5^ZYSV+{3O|=e=fPz9n{+stzFB?$MKYZYmsGl?dgdh4uVOfp
z`N#3dGM4jWG1P?9bpmTcAqfQ}IA5^_rT4E3oWK@r=Y7()^_|YM_hDPlB|(f0^T#%4
z1u0rNa?mxtegCsxz5QH0p$F~fW#2r+fB$<fU;E3#_Hk`Fn>6gu$iY;e^y5E=G<%n?
zYAV~G+fA8~Q_Mk~m(0u1angj4d;OK0<GqbK-@Yl!8NO0ZEL+V+w}=ejTEX43w7*@1
z9cEtuZT(Gu|IY)t*A^8~`Uw25lKHin&T%dB@5s!*Q~5s&<WB0C|5=lN2>BDrA5{IA
zTMo{AGrd{1+gkXL3;r~J|3o17Cq>ve2@FOvF|DT91K1^ayWZaKwB$%TAc=?|M_Mi0
zP37`wjSO&1R_7&xQ)T2BOvUH`SgcI0A&zsOn7lh-k@NFBR?B*7iTzzwf#CveSYSFF
z+>#co8-Kz;Ncuj8$}l4)wFENtYR@z}nW^O@D#{RDhF-*6I#J!rsQfLqNt06hv8l?R
zr(9O$E7~*do#R5#vKHVnD&KJ-m9G)x(BH3rXV}4Xily1X22F{k-zQ~mPEeT>AkAw@
zHtYbb<RR?hid5Zmh2aQ~UuQT%?X}d>&JmtxZp0>ZKv8KsfMb&YHcN`l>cywwbXO}<
znY05Fuo3fn>@qTC+UF~SznHNJRUk8K_?$Ojp-Il_e(9BUP~~P?!TCH?liK0?Ccc_+
zk|5D{8QKMWH6v}cGa4*%fMJ;lJM@U#_!VyB*yZIQmB+nN@%iwH{m7X}KhBGnz&Mh=
zI8w!&3mQns^u;+>2}wEB<TzaknQ~}v5|Zp@;1=o?L;6)WBs?8`a()N;GnmoJWk#4=
z)Sf!<{$!a+l!;Gtu516qWN~g)ff3Fn?WqH2BnzCS0^f6nw0}~8%T?eQ=j80v;V;1i
zQ>Pyc&s+0bm*@4s44=vK-1`I5=ViWe^ZhxIR3!f?<bf2;w)~s4_9HV|t<j+h5#uri
zx1TYiWP!jS&Sqj-f-Ct7o!?%=*4D(71n@)EoxK1bL18UWby+*gyR#RjyU;mZ5w7)1
zDt%IN0RPQ{y17jBIB(OAoZ3ax&P2|Dx#WM{#F)utWP^eJ+wbK%kE#h<eh))i4}U8X
zbh=j&GYp3Zt(K!*tUQpa^90_Fx@<00{3CC5i-NeCMe<uxS;Tdo;-4yMJ3I5P#Obh4
z;<pfH&gFrwM<;a5-D86M{8Sa3c>*inE|z3Wl|<jhnTJdt@u8k~89wxZgqD<8a+;Rl
z{d`EBDY2SQAxS)_2>yd&T>bM$4gVQ@jp09U{D{)<pCVVqs~-pdk+Y}zvfcD0-=+bf
zyjcQ+^BYq+SRx*TOjPs9Y_KGe;vI6to>#UY*_0wD8HoX0+qg#Q6O!rg!x_D6>)2V}
zD%M$-O#ZIPt_}Ax<vt^stSXJD@-z={gqc4CBp`fhG}HTgI`_=zCj0luKTZFRz1iF{
z`NTXNHro4l9V{e0!Hb+9tY@Mf<NTRkXQZy*m@)m#;iF-9xzq2~kFuv<$Mb4ldt=Jq
zDqDqG!k9w?=V~iDr9#~;I!OCl8EUhZz89#vs&pm?fy~)77JqBuX7UA?c_Sk~c^@~J
zgU%q9-civZ?}K@>SrIwUxkFROUW3|I*wlEICwNNbE+&kRkT0&3><!~d*8D39;8c?+
z=><bJdaE~l^B_EZ?pTu)<9~ZI0A^3(Ap-M1P2!g^(zw1O$m7AweM!%QBK9$B?YEIl
z3!RH_SJ%ua!j+~t*uyG<D7;or4n*2(k{%_Mpy=3+5Co5PPWhEtD~>d4MWJeQ3j{a*
zSM#U>AUiBWnnxQrwNJzMNkB-=qe-H^hkw~oydN*}(_E5xugO&Vh#|J!V)D`aKTo2H
zc4G64g*s1muAv%Dg=G|WN&fFH6|cWSRJ_yK-@Yb6#*Y7aIc6oCJ_jj&lGE+tBylRh
z?^=B*;6uu_<Zr)pDf6=rMVZc<H2JOT!?)At?<6_=U(=`Wz#;Vc`M&>(K4-%54oja0
zZUVsn1Nt0@{`DW|^B<4=ujq45M+l(LTZmJFEc1U$pSMXn%odYGpZ%8@`s}2Jv*@#k
zX0v?{524TdA2Reg>MBE@C%`r{=yM_>GxWKE`VUK=HJ7{eIc`)Id;H5YE`84b%FySJ
z;lYM^rs;DEA5!#Lc!x`$V?HqSS#2`6t4GOrIi<cswX-EKE2d?4$&P7~B&}U!xtBNi
z8~ll0^?3cSc}T=MJ2|XK5~O$Cuu=&U=9KJmJ@MZ>4mGc6q{jd5sQO-Pfv#bIC^`(u
zodiz-wi{GadPu0=x%n5FOYapV8Sy_U`uF;~8I9H}&1n2(BBk3!|ILOAID@G{qapp-
zEO}W+)lc8xdR6DggwB-zm=3^}9#+Mb(-nZOm0drD#QRAjgh)!e{X4H|Eaoryi?FCu
z>Mj=LBH^&RQP-U4aN>Wu>J%E)Mv4!Y8{<Pqhrh5n@y{L7iN1eB?MY%Xb*HqSKn1{f
zVg`)O6NJnPu<Ye-wWfVJDTRuwKwOO0E`n9UfLA|gP<kD>gaKa<N6kR#ybDB{jza@N
z=_M(Yj^e>JF>r)+n=|EhObo>&xSH*Tb;c}v`!+Ye(_K3a<%Z4hWXs$5SAPRPl_W`@
zMoDr@;hpFL8SA}vGTVjSy+ga#gpOkvkeC^bVFmouu#~!2d&io1t+jW`8+PW@q-<ck
zuYIPSr1y2xM`E&1*Dh+*;d9BHFN8pgq-9wj(x#&HHMSj0L`CSLfFQ+OR<+}~*{<Ej
zrt0RUs`~?3QbYbt8eo=N^}nX3hCStKZRXJ^!ZT3sDb$-nQ}b(DdI#Rtk+n&XG;=9s
zS=#`mGVN#lz>NI;@T!cFZ>fhjo#X7LevN##TlJP?YTPWyXy!Sw?e2;^c^nq0Yy27P
zuE2S04botyH)qvtE=!w_0G7Gd8vpzM#d-9qV0&+ki&SbRz6@4%+*{*c#&dEkvJ~*I
zCByu;=h4r`(8i?8h!pX1)FA#L)s|vl<~;fn1RF`|4k3RBNMNOho=5+25~AkoHD`Z9
zd13sU&!hKzz>M4D6U?~f@smD}zHy{5ul*sUqVu12S>1Qub6K5hug}`AXiUY2=pbyH
z&4&C<+LTRAzPm}oFoYK?wI%I(zc=~950I2{i-e^}1Y3$3nwezWB8^wy7`eyd1gS`3
zl`=9#-C}6W<NT2e*cBhnEiV{Qi21fs7F{3LS=%q_Zb&E4|9NZS*P5uCh|TkSAX2;=
ze?WiL2s~r%SY2zKzs;+#Z!gzngnc{8m%u4A7O>Y)de++5lj0Ut=T}%Q|5QZ=$hI9i
zkUXipO!uEJycCnA2_cWK)-LrjfE!b!b{CN71bTG9F7cE=&TiknmjgNP6LkvT&<_$N
z-KT&hEPV}<&AD3pIYsH8s6tb;S3C{J0Nt7N^zD+4<RuIi2dRE6pxSC27c5c93SlrK
zo~4^e;et>%RbSy88D;l5avhrZ)tUYf_4q^NxC2(EE#7S5P8&<`Eza#4e~2TL5%?+u
zn!9^kTaKSsc>s9bV`0EDP0*J~!I<dA%>rE&@_Hz8>K$1vLmt=Np~|#tE;4au%vA@8
z54djV6t{aAA`P-5qZwju>%btnj{xSYii|ghcR2&$xy?8DOyXbgI4WA$#h+*+2$M{>
ze!`-K-mTmqUB%q!F0>VC1h8iMkn@rb2Q5;+W%6u<s9bwqGSf-QBpX(uWMV4QBr>`7
zypoG3*Y0otr%3G=q{m0jE64bm^~Pz1+tibOE4@TB6<p*~Se_c1SrIPN1=7@B$}icQ
z?Jy8pX#Nw&Z_ISWSdB^q&&fzL9Djms7|%epkYYTOw9hc~r%B^!VQQ_vl4PT7F{Fh_
z<^JD)FwA2ve46Ec+a=V}u5aBo9OK1R0(1kBvHVr7q0Z`6d<KyvQbQQ%k5y@VE-p$n
z8cOrso8fQ9Fm@ss^PT`j0@2>jixe)1_8wo~|MmLFr9~Im6N;F&ML9!>EWo8&t))H=
zupK#K@PJOCr+o~+n-bdXBTTbBbV~bj%CThDn3zr;I+uV1G06vcF*4qLJV+Bfcag!)
z(GoYaCPK3|mYfqPHy|f98=5~c2r{=uOmbtdfT`4M=!0dy90BRR`wYhNAQ&+A+Y7TW
z_Jd(8lLIn50uG!bnLfkv{h<<$#N;w(3?(^|PN=GWL&T=_KV&A|u5JXU3a4fxd3z*Z
zi<~R(W&D_W6P=wOvBP~s`ok8z4sa?NF1HGW=EWtT<^o`pe*5`;<T0mb>buMCj=aaM
zuEN<u=$Lq!^D)39-F;ww(v^3As-yA7UgWOVoA4F?KUuGBndnpNh+HaC>qq8#-Jj*@
zaO-tIh5y_2`WESFS?hJ*g@!N=N{mWP8?#;)-qLZs&Vb~w>-A%*1Bl%9`Z+58_VxNo
z!rdZgbsuX8sM(M~GN#iBwHfR6?N7Mt^^b95k!s?u*U5OdQcw=RScgF<B4Bw&&$5J~
z&3xy4D304)V&@8{Sprd9vQ0+>_x)xyBzaqTIXalDhqzb&N)KplHc0-pYRp3NpIb7J
zJS+ne7r|E%;S1SE|II_cyfg`si{Po0ZAWlkc}`4fh$8e%NQW>x_&bB*2SytdSMie}
z%06~}3dzi+0_RjN2oSKjSZNi{-$Xw;oc{cvi`Zwe^QL;!@=wy*_2=chHJQ6FJ-9hW
zd;IY??HV+vXWXMle)|Y|`Mvm2YfT`yoMiMVC1yu}`=J`rK)Bn||C<PKzn8k^Du-rq
zI4^7lpfm&I=6bN@oXp6iq*ANdM^YyGR{qwY?;4lI9jT?UU9FzuHC*C7s@5<ZUafv*
zg^SdOUdv_?*msR?%_UPQ7f$OD%W6s5CT@`Il;R9V4Q@B*3b%8nc!FKDsGc1^cJ0t9
zIYiqoa4>`b-<(0t+dQ}{ZYK2{t2%|oU+_7#;+B0QJ)=@ziUwq`NJv=-<IDL5i7!cL
zNKx@5A@S`69d#-Na?8@GLU$WXp1>->V&O?H7D;b~${N`2sm@(gBTP=DuvxrB&&H=q
z<hgjci^)k_3??)5<pz+*ofk!jJHZ=>APaEZfHkDX`-F7fK=kxqJe`An9M8T_*4%%^
zeO=WAFgk;+n}GGmm8GE=*B_ptlSxJhyJc8EoLoZOPr24rMl&~<yos0NkFj~h{wDr1
z>ylB}qlGo~(ef7r%T0uYEv5NlnveI?i`ooSy>B%?4q#l;=qMn>Xn*v2#}}zD00_U_
zctbsr3Nrx+79mtwp(nM3)y-#L@1NfUkjZyP{1t>U9Xwj`;9uSUeEZ(6ulg)F98T$P
z`v?cB8KwUIdjmG{P2VQOWu7mZ$2C5^*T#=bpTE_8lsfZH{P<iWZSPi4__a+m{~kn9
z&@Pg3TSjfx{b}J3S$8-36@-~st;K|g3Me$@NuD5q;y?FAMin692g|sr5|e#frx`bJ
zHuuSVp+skUHt-OW_c1sv=xKhDruE9+z8-|MV?k$1{@f$9Syppb1hhb8KsiVt3guTS
z5+PJ(mfbV<J{{oV2Xv~7%gplcH37Vx-`)?cA+!O}f&5UF&Kj2bqoMEEFHZKJTK63y
z_gq&txyqS2S*=gWlzgqwrFE5iy+-bi-zZH9iWpN~ri@lr#$d5P3mt)v3CM9S0~Cdt
zx2LkfHx-YG(WTrMp&rJ)CWcV_B;|K&4i!_%Yrnz)PN$D4xTDtogoXq5SqeSqvu6-t
zXlUtVduqSQ_UP|scboak|93k3)-Z*c$|oRUAmJ38D;CC(Gk&r0sM#6z(+qvsJ%7z$
z1|ruZqb{rS5M%he!4tU;#aecKzscwWy*MJU?{jO}sz9`ya~MzO)#pwwo6&3S(DF`)
z9>10EIuy=D>ShS=gnm0Y3P=Azqre6r5oYs4xPhT=P4*`0aE(uNv2G1B!v4r83Jex;
z2vt6NWYM~zQfCOOI<@y?d+71}E93b@8u!HK>pV)C<Nz$yMj>*@3V8->q*yoBJ7-z*
zqw(Ef233lzE6fsZj%DBZsCz8?da=T2wWalxW7(JJ6?&BNLVAx&enmP|o^>qyhXFEi
zIP?GIW7%VW>9*DJSayMQPGFcQg;d9~1Gpw~dr-?Pbb#8dt9PsgSCMA0aTyPso=nt7
zCi8D5*Y0pnT=Kp$uHE5^xbenV&)(ieJjAq*DghmWVj5wdxR|ZDoz4-7kD%p*(~I9Y
zhgB3FMyLOJ2|p0rLr7Z?+%E@<;L`RibAQr*c{7miFXLvQ^ew#rNsNZ2#@ds83)p?6
zX|Epw08VzI$?05uP{;4LIoI(kfJ+Qu*t;=P3}fPsD)UvfSqtt0ZUr3=@N&z&>O}vx
zP}gJ}?QyFi&m*mczg2pqmoJBa>TSEA))7VZQSUB4=X7rQ4d3cn1djGaM;yfgn%mBA
z8q(9loJp*zuX-``F~qdHQEOt!OXavh_aVEpqDt5y2PcNlKhj*714y<NurDdFiaJ?6
zhZoh_!^>zsT2eAX#6?i;7o6#XRE)G7lLlq4bq)@6)2d%vVj4N<r;(G?$fWNlbLWyf
z;MVY>$=yEr&HXDz{_Ds7iBC6N^%!93s=2)R1m;d`C&V-y2UlQSDPq>Y=)jZi<o1fA
zXd=-7&}?NI%{s-j*{MH9y?q`)I2v`B@}2IYJcm@jz5L%PFTTy3WnMeq|A=Xea>`+C
zaSa(fx-lpJnS%#Gvo>&=x5lRO6NqAG39p06W&^$C*EHIry-^eU7g&4J$iTm>?IdaC
zGSehNwYkI-;tALvJHP#ahNA<oq&!(JF<J0<d#o#UiN0>;J1!bM(dl3+R`YwLH@7~_
zbbMVo1oGaR0XSAZYF-<`Vhty92i_3|AjvJU|1lqu=#A8{DLn8c2J^8JrJF_V2Mk0C
z|89nL%5ZdM2K(9O4e@Km1hqY$6FMEBj`0Lf_U;`vATM+R_ePfyuwE_ScrIl@mGCby
zOeaAyKA$bXlArC>@uPi_G|aDLm%O7j30}taE5ysoq9@tWe6-D^Q`_$fZkbTOm3HR)
zvc~?LT^+_gI9B5xy0E>s{oUT4==S#5jP8W1+q;9taa_iy`UUNu=xHbWS&r(u2+!yd
ziYH#uU3`&(<);YY(dySOW2(*nqKH>(!9PgzuFx0%@{yM=9Q4YX>jq?<AN1Ml{rk2f
ze09HOm5O-nXT1Ga)m`)Y9JWckZSkYLQ&&$?inVMrXIj4=W-aS|#pGf3gu(+n7GJ{S
zm_lsHZ8VwK{y7(GY?}2T=l-sm+230BOk1qeH5*h@TdZg8)V4{r{Z~<sDQAz#OJGwy
zsGyxX(cP<QRmGy>JfgYds%O%!n)PJ-J!@IvC6n!dn>P^6%fkSf>`?zUCUTxxhW5#2
z3A32f<0%FMBq0nY_4DL-gCZRo4e!r4ijE1N4^N5a@9Spnu3Tj9uIxa^zY#qgDYT{u
zy~D(fC`UJPd@IF#Z+I5P6ljsp<`%6~VYo$$l-732`Q~}zAKXqJnkP+^%b*^ssr@t5
zb9INFz4;416Lle@XW3Ku8D$U~ZSQ(^h9{IEiwR^AXh;0J{5t}_EcrD?Z*B|ysV`?!
z;_VJ_UH9|<(Cigth~qw##gJyTb@I4eF+EP%8O~NIREVrn6>2LR2VrjUaCt&{J(<O^
zTaG#*4RbBSp`X9FjY_)c^Kpm!{I))e8GkE%+)$fEACA+3KK>hyQdvcdY5tkTQNFsl
z{gca4nzwQ>Vv4C4c?f>u6F)g*vPAQ95bYSZ)JzfAoC(*=zY*w-d#P46_94uMk~w{s
z|Bwg>gx0uB)@1)=D4n(QxMzUHM}VrtAXn%mNshlps4e4{jPE#A>&=|@amq2>W)Iqo
zCt0_twNMFGMvm^nX?8RDuih@1RSThl{nM7Je|=rD`mFvNN<E3IfifsH-TJokY3%%r
z#@<o_-d*V&Zz>@ZzBiPR3Ex%{I>LAM;ov(b1z(E3vQhltLo!HYqxffP><5R>Kj$#{
zZ%}?N5^>2pyZ(`f$$!D2uz&jy&Rm<safkIc+GBgZQ2Z_O+<BTo-64hK49XIX-a<w}
z?y<b!(v`*}{Ajj1;kVP04?-Y*oJcdVR&6kSgA8`glSw9WxQ1rC4Xrf|Nd{9JNg3=I
zT0(fZ_h&{13)cu1fuZ9&G2KJ{O)Z8fVR9X=#UHrUjY+qd6zL@O{dv1-(IKKJz3-WB
zQ9#9-zoo?^)ndkSm4(coyVbp8s_W3lfo_X$+?wZ!>DbZXB<J;f{Lhke_`LL3Npk-B
zUAmIJ79K<W?poMWUHM<gjMW2ZnY^MAt%X=QGuOi0*+9LFv~L=S5<&h=;`etSH&}kw
zz}-RoK7N}Sh<Bo9=og)v8v2y@eekVJA`I3xZ~bRZh=>eHv0E1?q{Y`0(Zh_$9p`vs
zIyEPwYaOLP6F(+-nVm#H`qylZ&$CItqJsXqH^=1J>uQ>IS~X3HZr;Z(A(<`tO<vEJ
zb&DDj{=|AVbrFkDNnV_>d1aHZ)PJLIequgP3T<8Ti%ar63SCQWu9)RK@F=~W|MVi#
zqyxT2^!ulpcyWGqij=xc1<u?b899N-E@i&(v&8u6jkRN^vtuYXu7_p4`vKARIflN?
zk*pCwGw#0HsOX=aYN|@#=WFlJxK(`m;qK?Yg5CF7{QJ>iHS^x}j7^7IdkaWAL^FSO
zx2u`I#IH2-IjaOu+8&u@kJ4IIFB=X!@pwbnpZo0tqoM<%k_Y_Z9s6Zk^w0lVM=xev
zXx1Dz1e4X%4W+K%7x}2)*5vQQ$=`dDzuIlk_a^hp=6~hh%GTKJni*Q%u(YsEyY_^D
z{V6-|FEr50@Vk33m)gWn?;=fw3l+Z~I}O&L1-Fb^467_NafK98X!A%nq)=C7filaC
z`uY`S9C@9W)?+1<t(HEPDFGWZ3%sgPhx)tG7yRLaWw<RAOux||y@UYKvkuyu!fzu*
z9PBdv``qQUKaD>NRkUXfHo}@R{t+g;riOnF{F}(XX}+-2#J=_Zkh!n?c$(;N-i-3B
zQ$<|97W%B--W~7CAMZ-deXE}fi*gX+iN*I?V%b+6n0cm5pl1>)hLe``1HGA$F!u{J
zP#)Ont5{5QcDJ*wHyi8;XdMSXnU6r>dzdGl(sxBZn<fM_8k>B*{keiKmC^{uMi_)Z
zM59rQnGHpVjWX+&-%(Lg(D2Dm1N4D825b-*972_5L~8UP2)~o06p2IA&`<WL#TrF<
z^cf?A{gFoNYpM7cbWUZ?CPMYZ7$YHq+E$n6U00{W;Na&c<x@OX%O+l8+xWw~uV_Xe
zeb;}$gkO3ch6p#`UzBede*``@;M2G@fJk{hg_Sy$WF1UwsA=7uTf<S6y2|%_(bJzL
zuqCu^2*eCfI-X1&&L=qC7vzMl<EJnuG}#*+w#Q!G7Vm_we4zh3zN*)K*3g%@m%FCm
z1=Sdwz$IbUg7<-p4r3npDjm6N3vQep#(!w!Cr=h7UiK%}5p^c?u{#D7tJ%92qsBc{
zVt|j=rQ!kEF9mYmwH6%Ui-}XSU0Dbl1f@^puC;rxu5&NeJDn0Ge?elb+^Yy-ip+BQ
z&VijgWb!e)h*!^K&iPyyun}sCV}!bx7555mW}S5ejwn`39%CNo2A%hO5$FJdK#}l)
z%!x(oXfQP>p_=%G{<fW52%u$cBKAIi_`{s(J-HG!Sm=!mIiBr~JT`P<K0{>Js9;1F
zTM)2ZgT=h&w=o%Ods?ETPGmg)X)&UVoe-Gvq;o{y(E34V_KECkokm&%X;?`W_IXV?
zX>#yiu*ewZj^oo)=g^$<EV+pf?UMXk&U44;)#cHIT5=}*j>x|~<DKG+zj2G0;#@Pu
z^*^}qNob|Jy}u<fyMp5w!IQ&@Z8sN&6X9T=aN^!z?|4b{l0GYP*kJNmf7tZcCt%DP
zx@z@uJ*<x8_rgw%;jHBWpt#Wa0FjTm+0Eb~wwN?C$(@lXY>D+DXC;%%<5ZisU>CD_
zLZk<e=j(aS53%5oC9b$qP0kqi?M>4or;q~ns^u^@PvV)-Ama$)>|^Oqtfv-r8t)KJ
zKh1M`r)nuuL;p5etR=0w1hh5Z&YuF;ylnMq!t;hYSGKk!LIvTqR~^$D-u?kgV*ZZB
zd7jlVVoE2X!xPvXtXsN^t3*rw#fQ;sM_rY-z?bu4VtZx6d4Qf)?&T04W9V`2;>{Q{
z+}8@=t=#K&w%mO-ee4Q6q*J2FIRK<Q3wX!l=Fy&n^O?yL+sCt8*}2(ut50rI2A6Bn
zucn1RQ>*zJ|Fv7%lU@4Gbaqqvmh`JBeNC#g3*u#|*VtHa;@0;ta%e_Rhovhp^_`u5
zHT4~ns=%$UTl&@Xx?4K4>G)UauVy6QbP?R>Hd~e5?8bCn(`;+{)iirwy3YpFzevBD
zW`B{+Y?^IOznW$zr!yN0n#@=GxJtNnW$XCW%Rdm&LkUhU$HOWUOvyiw6va0d*xSa(
z9>0JgC7U+q*-%b|j&K&zhVu#@QI)On@39F+8E%epZgfkP!cNRdu3JWl*F0ThuNxn`
zk=&*sC5&GkdvOH&qdxod(G>SKINvcvLsdF@dW8FYdZaF|YG_`lZ=|lUYG`5TxJX@5
z)zBh>Um`j&`)kQ|>3DnH<*^d#zRXlUo^5%SucIz>{&WRxGimbxu~UTU!R6RYhD)W1
zM_8m*d&l_guZ_b&%ia(t<nzx>eyXtdncj@0275JCl&e45(P=S&E&m8~S+%l%mVzJe
zgxDQlv2(<m3xan7b<?#2^215i{f_JmG@GjX%F7YT?5DMO_II)Mk#maM?Xslf*G(?+
zN-xJLe?sg`nlRPJ^G*9|?s8gEJEQGSy$#8RW+xj0GG__#i2?s4`z>L0JqQo)|0qOI
z$&VP}E2-Ya-m8R2%dGk`kf>2{7Wz$jZfo53l#~c(FI7}>4brxjR*tc)b#O-ZFaR-*
zowzlOXBX(heqgV+Hu=oXLV<IhTMajb|3u;m>GZg_Gl9zJML)`qO_kTXswmX}Py_20
z*Fhfi890amHl&>51wxqfH@A2x#d~EGFI_#B?Q{qgI@O?FBkKT&AB3<}=qv#3VC1_%
zQs}%n9st<vVGNFeoaRnUzjgzTqRV6Bj_hQ}x3X1KwKo_Ly=K(iBdhL{-MWuAb<c0F
zyN4=+UN4U&M3TIO*C#Gt&7alA-=*IqR_VU|z^_D}QWhkJGM~@!AJSa18}~``PIu$+
z38oucO;f#0Qvlc+e1>M|k#nagm#|Zb*5ERUYsCzi<Dq}y{o8QU<V(DBOY7{t@n35=
zxM}><Vgo=h-+60pju{nAB>P}xB9;rWd&hX~&&Jv>8>*N#+%(=lGN-r}|HNAmFhS{e
zXrhLTo0Zfw2C{I;cFz7pV!R<P5o`F1&eko9=&ASOdICC+C33i`evTni)i^*DvOgH=
z;!@+Kg1VF2+Ah=DZs!=cH3)heLzcrwdmVhLch%H9!X?|=>g|u~?CrI7%>IB2kgCV&
z`*@o6Uhe%tZ1+CM^i%qiN=b4)E?bkKJ7XN&sC1RB1`wd0HP#n(wIZ+mvHe2j1|ywH
zIL6Vgwd&*G$pI0jl-E|ySr&Dwk6u>Fjnr(fqNJlsI03t1fBcnNwkG$nhr}3N2{68h
z8~!(Q04~3o0hs@^0CMs5tN$&&t`WXABUXdL6ux4#!fO&=oA_w()mQjBJv?Vn&a5-C
zv1S%QClAd$19AW2iV}l3m=AuY|KH+IA=|)TA9HQWq4+!QC++wXCy^Z(HZq{xIoXsj
zJczgZyO_x+{_)D^i3IfbsaB4Br+6V15HOnnpDcczc^kjF!8w~1?=tfKmAnm3L-Orz
z-VD2fpO`jQk)T;g=#Fwn(N>x7YGOt*qk+aT#mH9RoK$OutH?Q`9h~9hHH4?KE`xtu
zE3|1ytZ(<w<P79Roc$fxuokM>M;kV+q<|rV<w(Bim1+x9+MUQ+GQ`F*2p(Olvemi6
zRBW{@faIvfXYa6AJ6D&vL^Jz1V=97HU2YW$ikE3B#qRh_w47JYsVQq2-XhZoEc;Hb
z^UpKjpYUuJI_IN-oP%q5Z}#_`UJOueq>Pujy;AT#E<l}M8e{|uYwdUUZH?!<orYT#
zq}yb8s&6t3s>r54u#}4;)t3$F=2@2?;4hUVS`u^fo#p*#d0qaHWEziE?T_DYe>|)G
zu_F064(Y#;XV7^i>qmbcM`KX^`+QWB$RKC%WiGB82l=krU%5f{4`b|e&i`$W%Jgx*
zKPSf%9@Hyzw0+zYgS&Z*&af{3Upz{tj(4kUweuh3O(K;Mx)uxU^+5?L-}PNpeT%+r
zAlK{eT#VgKhZC)#?amu?Jv`_LSMVRd8g`qot0$7(U3DQlM%3lxT7F9_H_uPdWK*ai
zT<s&9XZ8^11k+gPR2n*74Q*z<!9ZMS;<-9Et1b9N;kx`{z8ZiFDmU9D-FS<X<nh;p
zP?9$O30159T#wbfgJ)~mtM;b(8$6zTPu0dy&-q^-#I4o3bCtDpbL?5Z+nWrclw;4l
zs*P6j(qsi+&kNOutN(z~CjjR%y-}D1;LRj;0PqcBYb61^fv-sb!RXbzMM|#VZ~RKP
z9Y9OW3yyJ-&^j+PB3yj|pFOh&I0~a=uc~ZC>*_;0B_wlEJ7_raDJf&lOt%#m(RThZ
zrtYIucfP4x6G5w{I}sqt2WI7X2r?__MJV}tUa+@|`rrxrrS%gTt-bcZ7m)blz1-)2
z@T@^3`9VFdzA&7~3r?MfmYNehA)M$GJU4zsI8hLs%^lpFdjT@TeNBA4aP^O+Jj^a~
z6^Ta?-0l2vBt`Ns;%`h-I9xp<na8LTx0yVHOrA6O8^1DKJusQUs1P@p3@4ck$0<Wi
zxVki%0aoU5bfdVP-`QmFD8mWi>ck)y45L?^ZZhm5DU!dFzn866m(G~iU0v#_E*(uu
zLGToM6g)lI`TNM2eEd!O<K69#ceFp=u17^+L3TG%1L9^D8<YH`!$<re0TnraKGvPD
z)}o(6EM5#2g`VJGPOLD+HoF?%$#f0o_Ye!O;iB+49ZRdO1cP63OW?T_e4LIY%&qnK
zWrnM}0fuMp5$5^zvtc~kTD+!mYq)wBFP^!@UVJQko?xMp9@BSg$!h0*X$i8<;d5fI
zvRYQqt`|xws>4~ZXy2A&HizHo$->ho{7gZ-H{zUL5ZyL9|G>m)_6(xMZ&Ju~qtp}3
z4L{RKJ?d>9^PuFBv{l*a@{LD+#Z*yGT3YSZbFZe6(BPKVxf4{P$P+xlU5XaXbaNG~
zQ;<QAGh9s(<}eYi?xViU>*5R`DSm;S|H=2Me5=z}uQhl@7?!b8-fUoR8eAQJN`tvv
zatL$HYnf*)TW23-*gM|W!LCjz?L|uWZ9QZPT^$4vsRM?udoPC#&!@rF;p&_DaVg)r
zRSrOs!X++VI60C(ok=;ld;WF&1dp<oRsWC&W5bz@;QZbAJWcB!^(2~!UD>*_n!$AL
z{3UH+dC{uVvU&Ep_$8CW)&0ojmJRw?|3h7TV60cXzw;q&`s`e>oe!6@(k0^kXz5Gn
z-`Qk7)rln;{%uKcpl^en7oev2CaF^N;MIYmiqZxGRx>)DJ`JtTSd8YEwe3G4ygj_y
z%xbbdoRux7Pid=j#v$3pn%qWj4Oh=q37KXK=AN&sI9bG>>eQ#8Mn1+LI3IIVjwR`2
z=MUhPB?+UFm}~rKO^y$gu?dOsS(B^rJra>OB=;i*l^aq2C_15S8+x8cz%-UFpKcp^
z?bE-qK{H+&wRa4cfByQWJPnHUP`YoSgrF=Zo^^iqHaOU2mT7yB{mJCY)@t$o;FMX%
z^N{Na*7B3@2?nVDTC@!;fIp(D_}L`Gy6gGzGzE|1hb3a9n_-bMaJQ{8m+QHk`#gl_
z*zq)IEqjIKdayp7;69(P=cC+g7wh>|GECrst&7XI=b(&u$6`O0Z1it5GW%I+d6Ai1
zFuFJN8JBgQM^@AtN!L9<9~Mh(4gEtUu`SnxPQuDe{7`56g&xn~x`N19Y-<B83Sl6P
z4lGiO-Q2_@c%~Yr%lq4y26ctu{hfp7%sP%L=}s5EVto#t$8(HbLQHkRv*M?O_jd`M
z7#UkkU2l-;mj5H=<7o0Kw~ADuLC@=Xc8&(L$XLS(2e!FQIzb9F-Q3R;{Eip)n4`|r
zKn#)4X?nbz$M`Xv)r9i*28+DWG0MWl7#}&hi>K-4{+{4~Bn}8=EgaC;m1^v-RGhAI
z7i=;Ts!){#lT5@1`ocFic!Fmni@v~Tx9G_#dILpilWC!rOry>Xsy%XD4U^AmS;$LT
zS2Ks3G*Gy@j$xd_9}aQ~PUr-MH?lK0@TM#BQCW~zyS^f#MQRk;mH^3v$9M8L_uL3h
zJo~o9Zp>%KU_rq7=eP=>5Ue}i5+Ek6`UFAtayo&p>v_SzrTrC_eedA9K^D&3MBwAi
z9~oOwxfMDn>x7&ADu3kq0;_q6xB@(Vobi8m{-%?I^1_@(A)noks~}JyTQ<YnBWFhD
z=2hLCHv?s3lP_{nL42n;NH5L;gt#4RTtOVC;s(?gFaNfH7u1>6@jq1VWy%-F=F^Vb
zgg@0pkL)HwM~RaWRoxU6L)#cXRjr;|b+c#2yQxNBZf}qK>(cGT*LiXGMf@96UJQdP
zsoe0G<OKVbmv$uDs@6{5%l1*RKhhaf^24+8JP}`B#8ZvX*JL$+4>oJvqEkA2Jdcmn
ztS&WHvx0!lsv+%8(g;mtHRmhk1X2c=6wvo6rNaBUl)7XzNipr8hxhm5^;*3?<JP%%
zCUu@`>Re6Atdsb@PiY7$w4-&Rx*v}uZzMVP3nlQaiG){_V04^lNoVS;#&fJSIByow
zmP?*V)^ShphFJ;+y<P8oZwg*f%~Gf0+enHJQ)R8Z-KMueJiMfwz}^}hXiC=W9SB>4
zeXH5;S6;vJ7OLcS-mc*d4dV~`vFcvb+Ntdb`%Ui?;Dk>D|A$Y`V_S3ZALwj8leUz!
zNCV1(b1xq%H)zjQlco7(3i%>+o~FhM55yC>4q}2ti=)0o%LeOK;mzzRytLgF0J=sS
z5-k|xLYHzkg8c!aK~Hny{w}o*DdPJWHwm^$=wtw3BGX`RZ{q1%l%a!IV^VNc09R#e
zt^K9b6}S*{ddEj^aw<1R{Rw-mq?~<wTQ<WQ)JyS;gz9mgFg37%Dw*CL4ADD;H|Ocs
z-Ab?t9hC$-HWKce*bqB|zk$fj1}V(*GOyeXaACIB^48l~8W8+cXP8cHc|Ye8)5w_e
zesz)Id31@TJz8>_S^|Vr%fIEFb_2AVD(xIkLF_ti9)>15@K5A&`jJP6)Lk~oD&c0}
z_{uKKUEatn6B4?>=|XY2S!w@G06MpmKxBS2<m(EUOwfUtNHPBO%~h~E`$cjUy|g{C
zzR!MSL~r;FPogbONKrcD%5+icPcf<rfpS_3T=)BRru|T!DdOCs+_00Lgc5{*Y;&qY
zVvX_m2LMqTJHyDMF4y}!C|W%31b&<?uffqH+$yYgo%7R8Qo)maO11yC^8PKIz}MfK
z7ZqxS7~SHp5%|zZ7K2iZ+<OI<#XaHe3|gKszJek4E~i%nA=;XP_=l^VH$am_s-wb<
zMV?Uibv3$TfeJmwh>!Qh7u+%aoRY*=Z!zD_mDqAcZKQ@>^)GypdHrf5eg-=c>{3_N
zHX|O-*H1rRWOf;Qq5ZgKt;{$02#zn<UJ^RvPiYV5tG;;4a6gN5GuKFs<K0IFFTb7Q
zN8`&vW{xiK7SM+X2bV6STuo_g8bBie8#pG{MnH5DjIM&BpPK)$WAn!(n^y%|u3F<m
zm9HqyF|iDAwi|F-12*pP8Q^R%&{VRd;>%)y@!7Nc#s9JT!j%)jiF1|=UZAmfZOzF!
zKClRc+~rhLs^802y9;V+E%il?_t`_rvy`cRm90&4%Gtd?7W|v|2pn(X!b#^fnX|af
zOVY4mK2b85n3aQlQ}+&XI+rsx(K$uNufuM2Rk4pxGKr-biKWgPCK0lKsuYmjtYywx
zQY$xeSSiQLCW$?|U%<W!sp4|vu$!4Zg@mBk4h01wr?qLryE%vE>*0O%RTGKYp%o)C
zw7?r-C7aqh$TxK}LB&zH49kz4<&O-K^Fx8t;|s~hq3Z)oLa2Rck-w^@D0Br+r972}
zkZC`1@~3OEBh#VZv&kH((Z%y2ZVddvpgP92``V#>a}XpKn>Nd;&M%vhYo8Bc40fJH
z<nRL&<h^$2$y9KZA3}SHo3fT`0C02XT+OP`F_o=4m1XR0Lo1v+C}lL5_z+_{;^bzT
zKj&#7AjY*}96!KWf<aXzzgU41?CT0*H>pDK;<Ha{i(O}4;CGpJ<@_HpCBsi=O+(;6
zR)Rj$g*s*YJet<w6ysw@@L+a<@KdJ82?ZV*KB#G4Up@~V6pA^!rXhj8LqGMgd()hg
zJrv(UqA9+S2R}zC?fsRTy^Pd|$PngwBG^9=VY(B-W$=v^p<)R^h&dw);&~(N!q(WY
zP4O>LdE=W`CpOx9f}O1O+Iq2??+3r$u_)Y9{XdhK{?$bY=@rhMbhd6Vs?Us&f9kG5
z{@l~b*(a3j+(puLL7dA!LIpaT;og(pB(BFmg2G&11ftsJ{Dvwbb!8pOl$tUKT-%($
zp=EwV8Gm9;ym=hDj?3CiEKcp|U`fXC3<XAJ7KU3pRjr*dAiS0-il4_|dq$y|AuAVv
zDG2Fk$-^?WiXe|P1IJSwtmI1Kb2Tyu@#R#t(n=8g#bveaX}ByEAs3>fZH@b=&uLUW
zbnqi!h&JSyNsyaskLE5Q2T?QHz<hX_sNhv=W^hJoEN?H)=wx+Y!G1l%#{sI{pZ-xz
z1A#Fb!>>6&<+q;$h?k@grtIp@57m;<je`UH5stNL&0tuOB7H$PJe@ed#{9hXn0UC~
z#vw(W!fN~zVU=gYMM#hp)91JM;}T>b$znx=BpJPf`uXXD{>Y*-md=%OX<hE&Z+LcL
zjy$LftlD+PlR7fHuyVs>nsSz*ap*iKeF~JHhSWR&*%_HYZexPSx!33$L>$VTE3XmP
z1ju~u1UQ_f{6f=j`T~|w-*#w4*yj9|jYwJkQMxhAZ*$I9>#cE+utyth1(|Jx+&0(>
z_g?I0sj&Cxv<sH4vBV)Vcn*J90}6_hTZ4c|BUM|1Q+-ua+_kbM{!zHGASW^s<~74-
zwLByQM}98k1R`YyKjE7Sa~>0ptlC#6d#j4et(HaPvY#=Nb6;)$&538cjA;uNtUK2F
zs`m4<rmlH+2unsHblgh0!<Z1+-uYi0q~I*4Hunmeo9Bx^OA@wC59({x{@_4vi56T(
zWA{~}<;`s<sE^e6w4wKYeChlzmDjpOoZ3Hl3S3&QAhrEBMK6SaKE|xjvX{13aW@`6
zt#!?-f<5OaOjTWT=hEU#U;GWj38nxN2fo$FiL8B9Yu%&c@e*IvH5I{QlI{1*y^unF
zpER2tu>mS$AedFCGS^gC%?qgkk|IJwlHQWUHDCB!ftH9;zcJicn6n%k1vzoxvufKa
z_ZmtQ{fPcVWQOFNaVZsSy(r2a2i1@EtrU&<>?yFB24*Hx!5-?1TV8Zcmb8sdHwYw7
zWG5WfGtJ4DUTNsB#@?S2nzRjMSb(=7%$0nhf=kC=9($h&<Sf=Kf(l1OnBI}IqUY!M
zqH_n?Ls|MZ4|2xurzU3Mx6XT}d~)iud%We-Kgwz);lR&@=40#aHL%>aU1hSkO6zWv
zy@{nIW7B$y1b^ZNNw)4CnOW?dDP-tkP;E<FEoY-P#vb91qLM@|Vm;X$`mAzm<t}q3
z(y7;0sGGHUI=MhcA<~z(X<k1T{HdJs=K39bXi@NZWb4!9h@l`xs=3(>W>o`zYs*WK
z%P7;IaT`-!W-?bO^VzA)|Hcf?0&X&+H4HDVV<i&ftwTXtw3M&4RcwWXderuDs>DuA
z3}1z}sK}y{r^*=BS{O>9n9<^L5zKNAi77@j$f{i{szBUhGwTJc%?OT@X{o|FS-OZU
zNINBiOi(S8co+vkO*9Ot2p&?4$^bH3#nii0ZjBu)z?1TuH~c&&m-!Bs3cOWof{lj(
zkPUcGCTzSP3LBC?@VQ|93@M+zEI<pEPXIpFmr1~w1=&mkx*5@CEq@v&d#H>e1@_S1
z;M171rp`KBMy$bdG;8@GT}pzNq_9{0?0E}epFX(U!=B&@{&~cu;+JCRvRcHIzoi74
z_zM2HB~JO4jD5+-Ka){Drjc2tn!Ot|EQ8#!xv7u?`esmmZU}Hp`2_Ws=yF;tCZ$G1
zlM8N6G1n!puc1pRRgj#UE=~~dK{Lkn&on{)8ft1tm-e-n#+YVGm#MUG`Jtt?h?~B-
zL(t%Sl`%s;glBM1T0dEHN|<Dv^)mG2{2OsUcBb$LWJPeA2H4QJ`pCQ*6L!JOwOY9d
z$9`(2=LcM;$ZQ-}xuG^Pte_SxG~7Z*d{f&7`Eom>dUaysu(1H~|4ov03V>;A;oWeA
z)zeqNW=`lrnIIbqpiDTVM=9rp8`+pRBle))d9+&Y<%u%Atey>}@v?AZS*Or<+%HCN
zLjru8I!f2ol&KD)dc~$gTQp_0OyGfiQ2dj1dn(&=SPu;2+!=`ccpUfRH84hlR176R
zk@PD3R_zPUjjD%1`>u3fv_Y;6vBxz8>?z|Er7h2I*ERUUjSUJ~;K)37AHCoMO8e#H
zl<nHFjehfHd?zdlWKPLs&QFXt%o#T5q_{IGZCaT!d>Z+v=_bka#M*!v6<94j7#9Rr
zZbu13t6Q(mBPi_N+QFd$EBp%J)*>=a-3r<-_k`yZb)Ho&W#p>7TLL-zb)H$AeF!=a
zAqsamw;S}dhRP~;nLQzW4n*n*0HM#y=$r=+iL(t+Q?YJnk;n@q6oluLb)NNXWM~=2
zkMRJIcKf6P4*93+Ka=_;`i|ya;;dR@n*ZSS7PsQEWW@-&6<8}~c17H_TErN<iM6pZ
zK}n_BfPv9CKjS()81|y!CLJPl<;%mOaJ0MgKmWt^T?IO>?is5McN&sf*&3cV$YV8M
z3o`(dScO*<!6YA-LK=wPZ|?CWz5`<k8;sWF88fNwd26Jw^PQby!p-HkseUaZeW}J5
zU1DUyN(F{kVGi1IU+rxMdq|z$NF7V|PTg+%D~eHih?#0`m62(APPHML=JF;LQLXce
zRqLZB!AQR%t%Z9q^x&*vExKBtxqDFgRdb|{m5Jg4Dw3?W!r4ielq|8$)Y?B;s}d?V
ztID&|RUT=oOlGD(t>iI`7v6+;V-_xV1tbsc(9=&J^s$7gOJ)h9K6j;PHdpPLh0MLY
zQ^_k>osoH5S17qC<r$F(E99f)pYbZ^z{Ta-Fe8t{5BGcS;Rj54obTg$Ww6eR>B$uw
zvk`uT;}m{;kE;nrk*woNopJbDy4X5fnL&#(dn5Hawot5W{QBJNu;a>BuDGt0Q69m0
zl`nE+<jDD78XN3UoWdwJ&o#JiB2W~^^Td7etcXAByNV~=`*nn15Wk9+B;GtR&ExyQ
z1qQjM|2qp|hFqsuHKE)WD&xt=Q}J9&m0%4Y%WdsLR>jZ3$Xd)!VKQfN=wtz)GIK3d
zc;Mp-d2*J<i^xgX&z1qyE2n*?4Yex|ge{`HhaT5Ou4djoS}td>0La#_FOs)K&-zZ>
ze_w=I+*n{z7)|{?AX4HoQ;n|PALiG2;zOdFpo$mz(fTRpJV=7>`BgpM@Ymb`Ud(v;
zNYP{=8V{-$Z2I`7n<_lPBO~2fHq7o8p34?;=R{kmQ=*kMq%8iXv1W?uU!|I=RWrKe
zY{p6){~SLbt63&`FAO|ka=r8p&GujAi{?E~IuOc0%H9nNu&`d{-1M%7-<338&<>|D
zp|-t^4!u#iE1Yr4L23nrq%s9u35&ut4jC$Tw<$qAzML&S$#FBdE|wpnbZ`mwbPO5j
zs1GOD#H4~UihcUm`0?~njjYQ<wV>*Cd8^HDqP4ba`}FsSelgV(KP!^km(+RgzQdAM
zuxKq=g`~<!i^{EiUNp{r;XOGzCNqIFf_+T&;v<+qFa^eOKMj<RGg3gU1k{(d>!%{I
zUOy5BuhsR{&96ZJ-ln+~9;<nk9wYM9{EiQ)Nuv?IsfZ5*WA-GFtMBDkb3#)YJO@kY
zg3fXnG&V$wE1TZQ4IZnq_mD$)LLS+SXIo?htcK7$Kr|H|GB`<4OxlMT5GJkWw)neM
zy9v>?mP!2tZ;Qs1*EqkAClWv9!C>BXl*FE5HNOGTG!wD+cVraV?&mj4Y!;_!Hng~+
zjBl=L#goN>GI0p85>VBu_aads?6+LM(I*T)7vE8(wfvq&I$-wWhyQz=*LRCzlF*0>
zN0IDTFI--d6rQo5mc~nr`OS}qt!!&Pdl<43F=e8#TosC3%p79kEjG9?<`85#Cypwd
zJfj6Uxfc${-lG2YzNSRnc9yzQvg&dVe+^TuT?etGx<Qza3c8?E=fbo%@_ltc-4V4m
z@ToNUN$Em}F>5&QF<nyth?Hvr%y8j}K@wWXT*gl(cAnUkg`MC4Z{*@UQ&v3X0a~{k
z$_xi~cE;LkcL|RcoY}Mq5eHcO#6w~xDsz&d7^S>S8VaK;I+Kx{d)dW&;2xuDz^*UI
z0k&y8!DUE}gK_sszlKXu*8QzPWyiW{29vDpRFv^AVA#kbLIN+4Ir9sl{@mKgm~t#|
zF5P;~<cby-u&s4%u+$s=Ajet|qD-ybT5E68#!AbJA;(N~U*zHn|5Z%h4fc@v(tC<I
z9pKUzivY8OF|Vt7#=2FeZ^J&$j|^DE2^-hgJR(y3ERjNZW5<v0AgR)|T4fA=Up_7O
z@V9;NYZ<FT1JT{(z117nQsp-6bY*I}OQ;!7cOZpU%}OxUf$Bk&c4_zwqRg_++y}`^
z47Gru)XWhv3-3av$W_$^nE#DpJq;<c%OJ)K;&ToFl+fHDv^U~Rgc{p8hJ(7XH;nDf
zg-(M8XRWEIziPt>JMY<e0rX-R91*n2VttI2Vynh=oAZy$BtgT3J)vTLDm=4~iR~0C
z<J+D3CI;;+<|)2i%uCCc8UMcu*HCOn*0N8^WSPFXoFdg<WBnpMgT*l7QpQs}Mx^8N
z7#AyiP0dd+y$%R>KE@AMqFYsx@d}ZTYoRch)w$v%qml5E0zJ|xW7TMRgPEd*qs823
z7`@wchQ%Ufg{oEjwQb1`9j*hen*O?Gjv&XL`GkQp)%g_s84MuRTj!se-I^^T7-Iyt
zny<@+O4S9)h%Q6S0Nw0hTP;#6fh@`40MF>{MuQiOY9PtNQ*9a0K~GHzp5-+fh}u<n
zbh3%I#AR9SBrf_q6yqW*Z3|Y!4WVnH^CfYX>TilWX3#9^qO;z~=&DwP77(ADqafHs
zi)mkx+{Fk!omopJ25VQP`hiB;Z04|LUXwwj%bpDq1&!EmEJ|-(L7_#*?Xr-UZTUzc
zFQaLe!c=pIv?4U7kqbVd9TW2KeuL54B%4Trk<kTJBqSdOrGXR==`erN{KBB!op*=f
z7S8MFQ<@ehiXL4yhzwgMf=UVkC?Ah$8EnV6YsSI6is}SY)cWQM8}JRY^}4uRVrb>o
zT4+VAGKn5=nV!y(M$A{Pq~SdOzRV(bAC|1{?l_STgM-7c%T!kl%gjIlkfc^^XWI^S
zy%DFH)Z*7Fo+6e-BUbYq)^-W>{on|&W~{$nN%+at4^o!QAxXzAfdJ??C5HJRQUPFO
z_AlOZS7p7#U(@2$k4d4GGW3a$Q5qDRAmxg+v7got+_>yITARXQ?PjCYswUF{SxSkN
z-^g^5`6|-jtNOwUhe4{KEOm`PxyJZ&ru_I37klCoM)r$*i5KD@kr3+kII>V8_Q!k`
zx~Kw{Cjmy5AXA5IJeUuBp?;BR>}qcgzSyCH;7Yex(t<!}JQkB{snWFO3*Ut6EdFeG
zu*U+V`t1+VisUKFn$jA8{|jf)af!fH@p`uWTDDq?c9FtPgVhq_f#|j6ft*-)b`kr3
z;n`)KL#N>~7`YL-ZlCk}ZK@HCrZrTp{mcJ{u`dCSs>s?-Cml#6aDyZggh-G$1_4b5
z(8Lf;lLR`FU=R@$Q53}m7ckufL^QEG1J||{M8<t#7~FS8L=gx?2#Y9!D2vLjx49xB
zBkMr_?^~z3X`(aV&-0Le@2S1&)T!;%sqxr2Ic%AysOS48<+kub8E$+|M8sHko^oa$
zLe)scg-XKsU#=1?#@R9I)9_!4PgZ&ZY6L#g&?qv1sZ|Q3kg92nZ@QnLk3g7S4eEk8
z{AI^>1;(XOCaeSzf`D)nU;z7-*hH47tsi!>y|J}~gE<tS0vx24-H)nuID9o<eJ?~G
zm2w;YzG~n;EfbM!A~RVkGx)1B1N#Vnni*`K>dXvAX3!701Ay%4Y@N!}A2V}dOlIE2
zer9CY#2Xsf?n-l1ak+_;Be1!<T-e;>#MHewyr$f@FF%C$La>5`UIRD-sx;^Z`=F?4
z?g?!|RF!yep|}!@&id8(DmV9G;|6UOE)9+fSC0O7CDao*mzee(GFus_#G8HxTmcsj
zj1xS?JTN|kT=Y8}?Yzo>iwk7lu*bbREgLy+O0wMOkg_jvI|LGEMoBIQ)a6__MNaTs
z9F6ELMsz+R%J@S>mNObhHsWCL@aN^eU(lDq^w2FZ>RkYpP=-{O`gw-s4m__mKq@p-
zacxFT2k3a&SuSu0*vV?#j<LLLzZ|n)PE$Ybr^kg?;gyAa-%+sZVtl#-?J69rv6O7#
z?dJ~Mk6v2>o0;qpx@SL0CN7+q>q$<42tW(iJL^uW6Sr+h0CD5R?fa6N`lVv(04_lX
z%SSwrCORI^g409)tV7S1&>0Aw(bO+XLg!-FaD*z`{ScBCZVzE|q_`N*z<UoOR|SoR
z|6DjrPKxbcDgysh8+R}Q*aHtRfQw7bUrHS-#<<Mh*~UkQ+)IB<utxE86?OnAf;mYm
z2QMYDsxT?V=EOBvmZzhi_Fn29yA0c|34#1E=4FA2xHam*U4;bi#NtOLCfV_M;o@lz
z#$)R{LLUWshNeSG<~qEC0#M2cFEjf)?YR|!(U7=$4$4h=<P?cpmu@4&f+eNn`DNn~
z@^&1~&T$oCE5-A4%J!?3XvN(pZe)&eH94~>&QL~c%9WfLza`DDcR0CieJ&Imu;p~O
zn>&H#58x5L8?nzS2DE=r@wkI;DUn&hU!+nIxD~>3x2F@k8_dA=#U^!GoYe*)7)d*%
zgxzD`@}%;Dectu%0CqtU%3Aw98Bq3LV>iU#EJe=hK3fSt5#@c?4cHP7J<kB<Z#dq?
zptN*ve9$=ywGnrCi~DK!==E+#6UK(FcQ~IK-1EiHQH4tzj5``;_L<r-@7JXbt%J_m
z;Cr`>z4}LvcPnXc$9E*&lYzep*ucOIp$nmro@UG+5WjSLDq5t$m_N+1bZ1f?E*!PY
zTX#nTV?7n+io7q(Uzb{`dB5J#Fm|<FZ!TN9w>7=>dFO*={7B7P2bB}-D~DUuK%Y2$
z_#m}K{)w`TplmcWE?{43RA)R;M05Kda>se86YqPdDh_vreA^w3P<Wx5OG0?SaC!k8
z!D}jmMahPWG~R#LPKFwGV!_xR-ivD|<17d;7x$e4lObiSCbYZKXbw!S!YAjH_&gJb
z9mPDWK%}-@09RKFl)ivcg?0xnirFORJOHWh!|7o|h~q+_Y&Zr?bL4Qu0hw9pb_a&$
z<3tym&X_0AOl+VM3qg!09H&xA%HmMp8a>F<mvf47`F0K_?$~Zqw$02diaiFk9;))K
z3CJYWl9Mee9s%IqH59t68}Wr2p={)k04>#3ymj)e^)2K#6yH#w^`0!=Z{a-=oQ~()
zXOff(I~4zlP_PdRT?HtXAj%BOg`yB;xy<EOZ+!F%Uf&&>>ieN4W{s$zCb|>Kn9Wq5
z&gcgQ^+i;l^yPfk+8=K~@{t%`V=0Sc!6&#)Cr>aSNJQ_;<NUy3|LR}QV<jkC1)NF&
z<RTm=<wM+H<bwer=rB-{;@Vr`HN&gh*%#FwbKq*vvUq-OMEgO{E+so}U%3gJ@qM%7
zOv|H;3*;hc$8y_dm7!b4_ONo7DnR7UBd;s`uJ!hC4K3y%9u<viD-FhzkbH-VjVD*+
ztuIbGVAMCT-cS~{IMjC{g?XQaS;fLobEi{wMS<-Z2)#YXl3$c!6)+CYenDkVLt|n_
z8oU}>_8YB}I6(B{Sd^^nZK1dri~ka^lGMl$G~+vVB??*CDcg&~&JwUbE|JiWQUMYI
zr<FqxsH#}~A`r6DPpSIgpao&fl42_Z!#I=uL#^~GR<)9Wt0?M*H};Feo?EGZb^IEo
z@e1jP&CfDy?M(q&mn2#7imUcpc~?NfeTN>0sW5D%Gh8=!VCp*55?gyZr(5_|KRDsG
z9Pm%y?7lw@=bav?W1Lu$MQ`9DYxU=-9PkT{V=;t5*9h%r!E`*tB@kFIRc_UEg6|AB
z_Lq{ZD&-2qbFk3Mm_@4WU#hZymG7aXI8Rp|J{A^^O{z}guqX<2iPk)XgyPw5Yb*lc
zz;YWjK}In=^Mt}59Bf^UoT0j}!o><&uML>0B+!I8fNqXbtnxr9?tK>5ZO)UQN2IVX
z%FhfE(HqT~;`*$RM`lp!K;}9F&|5nIU9G^y!L%x4zRMZxJ?=e6!Eg7K;0WfM`-))7
z9<%DVa1I%ml<G2<TC)MoW$!s$1z+9Q8R{YhtMAM3{Spry%?wPAd?y_>&VqGzJk&Iw
zXlM+aWz6sI45lDvCWRyr>sL@M8I)3RWr{Zq=I#sdCPYf0e_FwSG`Xfp=}X<fW97KT
zqi%@(N&hYnz)k^_T(-H*PTAHhRHPphgi(;|>TXO8`59MYyuB%ntwQ9Pv%$5T4xv|A
zL6&D|k32lZkprm%fjy)Lt*9q;>z8U@T2S4?)29|@O+DBkE`x4o33WlM)diciI6Fm$
zIYZg*2tB|Ep<DWqqI&nL`!ybRBaG!L@hWRE+?aTkBwl4vF@(2G4y`EZhQzC@%ptka
z#4jnR&h`9NC7y~-hQ!OVs#^rgdYC0D{YpuxmZ`cFHtNSI7L+SLu(vrGtFCnE{5!1=
z&{M$B?L)lbrh54$u()SsA}ANJn04bMfs+s4WZdsbt_TjP3cZ9dECcLrAeG;aD6eQa
zwH0EmKsSa_X^e9a6Nnl;vN5D?`(W2^x$+Dx$g+IvV+mMnFNaWo2;h<v&;I^Hk^4bf
z49&M@i66LbvfGNDJKMA*-=e_@E`G}k&-VJ6k2@9Nr*bpi`T|hanQSu%*tCe%3#(9x
z5_OwhALZjY!iZ`#jvJjWJf;UxD<L>g=0H-^V_d{YheIGp1`L@g5WIO?lU5t`H)3vU
zhA<nznZIvGf>Kx?2-=?vC9qPBD;zMw6~q$-G$WCUWBdy9+seTG#TH*3Ba6NcF5uj(
z9*Q8S#YErQ1UtdEwk!Nu;}s3JLD#0b9=R$9uaUw;7}wD18Y%>IN;!`h;|%{Qt}`C#
z*9|ey3tCQjVUy7dW-<O(;KdC2cI5hwf)ibrqM%0o42BC_(ZdDxs2<Rx=I5oQ+1>Dt
zf^zAX>%!_6I(=LW@ofPt$qso2Aagi9v@GbQKm()_F88~QwwP@A@IS$NlG2zn1xKUR
z3uSOLLRx0L=J3QPFX#3!Pr6#@2&?oA0<m%iF-xL^R(9Zi3{bxrZLwJ(v0fGv>-X^X
zXR*G=+C*YBM1!%n$r=og>}<Ffit+foF8C?pA6hIf;}Y8)oS0<!!9NZ>@c;#E>c!Y8
z@Y)s`EaD%d9{bgCp)vSlZ9!LcL1&yT_cA(=@yX6)<KcmDDi2(Nx>@BxroZ*=JV||y
zRZts1^^A<G{Q}+kOQS87-B27>-FS4GNEM~V6bAboh&ED5JBYDJK+nGt-4a&*zXZh^
zClQx{aekv_i23Ch<3X(6P|3dSCu=`<V3^7XaYF+6OEMm&&Q7%P`bh?@?h?tZ$Q>SA
zxaCyVX#FXYH7`6x>KUVsYCF#$#)a%0@|3E~u{_^nS%b3Tv6Rzt63?7i{+JlM#>D7x
zCNH<!@@zg;ZJcj{Ki{5{tYC8;N>Y4ixx?c$t>kquJcx?G<TrNml#;LdcK&H=6HXGA
zY-cT9#K|G#kqf%D(9I4`C)HiB0T*`)8mrs5gENJoG^F#^f1FQej`2T0N7|e&<D;4}
z!1xg+5<_GJZ)#cDw>yq)Cqvlb%^UR=6K6B+!9%vik$rM*;n@6Y!?eN>bbXtwt>^-_
zMc;|mbWHg4&|VKHc53L<w(jz;8$X!sO@{i5LoB=v#kJePbo&eEB&o=rHE#*o`Jr^*
z6r9o<b;sjqfk0c;X$^6^b`eDXO7Aau4IIz$+`uQ>Kqwf1uKp6jb0U$qo>K`|RiGw6
zFfhO1H+Nu4ZuMXB-08PU$D(Tmw0@w=Um0*VR0gmf!(S*Vq?Q%5^=|)!2C{7I7cR3`
zIKIGHDp%xR3~|JL!c{FR`(lXb+<+Gv&B2tv77od;#`fIgT$i~nyiDB`F#E0ym*v|#
zc~Y>=9GGwM%|;xeuVa4Ab&Y{xm?T1J9m|$0v0IR`6d7;_k_+;@d({YwWm04K3$fmF
zGO4B*m%#s7tk!eytG7CE56n&o3`jDuZfu0&qJ0Q&W!VRy5^Db(7?6RBa|1frI|Bot
z*AN(xZEsRGsUZHHS{WO&I;^jPS7+lM9(dPjJ&uBb@i4({HnKd{M{!>Uvg13MWK5;i
z3|Laa0`n4Nh-^3*idY}0RVF6g7onUKL<`{!Zy;gtTm%H0e*2&lZ6c%lluEJn6<QEV
zSKjlb!I$B)ejkhq%xb7#|IitjX<$;0)oBeZ1VVAv{s^<d8g+5p9v6))&3;*I`T2EZ
zTOv*+8Fsyx@Vi4hEr~jH3f+dX2FsXy&0FTZS^9}Rox|)9wQ<CNQ=+mN#3obUYI=sN
z8-Zb%B;(FW3ykY$EZPR|g;gouVR9GaTvUL$9N8`85&=vR9OqE{^VneNrx##S;KMWx
zqkV4h3I~`2uNJNI;wG*$J5UUT)Eqlykz&BaMPxV8(u?*W!*8QPU037OL|dI=BBh0+
z^Q+t9j0P$zsxuBkP<s!~)~dN?M~^%S!vWZ-!P%8L7K@aUT(ub>=Ve1u>rSwXft-X3
zoriu;M(&_f*HprjAV{Qqb6`$W0z0npWQp5aq7<Q)vm;;{y#g$5?NIGLsS{@`>)|YR
z1}?LvB3aTN;%{Iqgvmbib6jvi{*hcUx@BBx;jKy4FuWDb{0u~Z%r|gZgry3kLKU(x
zWUzH^gLFTbJ5wU8(b^;FVz+&pb=h(BF>FO`Vv8vY8<_G9<&wo}Ejf<d_u?{M=}GeC
zBWMX=zhFPQL5kHL{?H9lxTs;`RMJyzZ}@qwRLl>N>8(p4#9@Jfc8$OWlToqzbc5qk
z%7t9-IJrI4CO8z+Ip?>Zup+S_2|!P^3trO2nEfUWA?%;95^BOlRx}IdioxC+;SCj*
z@-4!qS=VvTjO$LUx--~l_93fJUuj5wnnQBz-BL?Y{Y|an4%@<~_4nJ=ZjKihm0SPN
z7q+p}laNlZ4>4}Se}^AyM=!P!Mj!Q{8*+g`4Hp`HM~Y!X1P8`TICNMqE=C(D-6n4<
z*QeyrP&e3q!Y;K_X}@4gcST9AqY{>2&4lt`y$mpzU2&?3Ni#M-N)a=-9<xR$3PH!#
z-ybtem+wJmOK&<Ju7Rgzyj<o@f+X=@05`b~n5|MK+Zq1O%+Dz1rwyol3mMgffcrxR
zYT6YTgbDA(m3Wn|5;wqoM_U?G_aPqP`3>7&yGt&cy!HgH9fNLqQE=?fxXepdlsO%)
z6$4;`9GS#ELPd5l6gc}@jTo4eA504Rnq^5A6q(e%c`+wq@ECTP12EHC>0WAOnPt%V
z$6>UURc2n9W|n0H%F@cr0hkh%WmV#}r!HmC^egLfWd<|K+&zgi{oTRRVy9V_f_PHQ
zN-R3BOttQY-U@~qcL)o3DQ~lEr9!?jN8G_j=W0-yfxRkfR`0ixahgN3+YbDOe#Rs(
zrl4kSq^OP+kmSwc{TkQc8Luibi`y7WU{S3}pr~Y3nl4mVO!494R2ATsJ?a1?sRyuC
zq#}4k!rI_v23MB>8D(8Cvu-L&Q3^#(15(h+Xw3djUTy1Ca|U-%)3Jeyr2}<!&qj$p
zrdK;r-FM-e-k1)D%`(*90Q|=c*}4GgA6R*y7OSjtfXmGR?#RT`kFaRH{P0S~H+3~C
z8U5p7Xh)#-q7NxpKcSb){N3#5wl?dpEc*;=t;XQIer~(eS`_nLWxcDuuoG!#SaY-s
zL`}acYnFCFI9C<+8_`w|lLP_G;v(bun1trHgc@~C`$u5pdhrv;s(ZsP%EogdF6E&L
z8WJ!x@@?}h&MgtuU7SIqr@_cFo_Swk)W5(Psmx|;V#>LbaRpn?&*zLHtqxr`&h1zo
z#$h75<O)}g!*ul^M!xxzw8GU5B+OGt!hXFXDPN&SSY;p}SkzC%f9P)270cp6HxYcw
zLs#FCETjG?+D(MX;7?d+QIvca;+s;0(xW_hH%5r?X#ym*^pRUL%KW<x{}$xmHwDt-
z4A?J$_@HS35e5##M^nlW1~9mQ_fyxYTHR)aFGdfjL<+EVqIjA-Z{}JTv?dc*Vjs_o
zs>EZAxJZCJl$nFjVf&}xKiFsjj3iFTqRwe1>>^=jtCjUNv@^&_czJr2z$)w?F9u{A
zhD%ai<kd6rH^I}+6<(<{yS(Xk$^slZgJ0F938aR5Lc2@5d{H{>mh2=Lhi6)BLKyB|
zjy;g&Mtw_E8XG7!b;ze2Tr3{Y!)^oEjWE{+GvEdQq_@(*y*-H|?U}64g0i^k<Z|#c
zjA+=Q1-yCIy(HBv!R7LO*aF9a^sQjJq0WM#ah{8rOdH($;An$V-<ZLJXGDrES1?$K
z%3Kaq0Z?I}hKo}}-4q94gA#j-6^{(f#oGKFs8QBaD-U}m2vwF8D1iV-12dy%V*B_{
zsMwNj5h#K9bFL`Mb%bbI3U>k#DU1_v-yjK!Kdc5?taF={NhU^@vNXFtZcKs7tp_YO
z?#dp8h39ZA)X;&hxBd;CN?3(Bvs)Re6O4j~+WhTMopwj$efX)BuNQYn!76jncy<X>
zMS`dn9{j+ciq^WBf*8KAPmlS6VNFymz0G>HH+Euspk$7+RBJSdObm08$3aKkgB?-Z
zLsMZoD0v+U$5{^&zdd$+*W&^VyS~q$%eMUw_c4@N9|Rhjw{M6sf6LNcD9O+H7?9FV
z8{Bg^nJ>-GW`>i>3U7sh7xr-~b0bza1UYV4^j?OPq2PTPJY`#WK^t4F#xx%AmSXJ7
zcEOm`l+Ma8{8&%G9oAMo{pg7|U6dz|&S(Hk{4Ojl$fwm8o*87=`@HACrU%UD?Z9De
zT*2n*R&_X1j|(SnF+sNMO4Z$Y6(YkLIUiMt7$8sZS!(8+!<{RNb1~651TD+JHDEnH
zHrPMIUV(Q(!9Q*=V*ez2fttPHOz2%qa&dP&4Na-IFt#$cL8BIxng8GJwkX4q;Nk%s
zEImf;L|9WxUQwJ9r%e1Q69LwzAF>xyD0w;ursTVq{*++7rf4|KQHLYgSl(v61)VaL
zrO@lB9%%HV5zKF)%4Fg`>(U(w2j3u}Bo()0@~hEY(1$nwJt)w3dwJk;>jAI|F2FO5
zo7{nfL1vHbm4Vwbc&gc({N4#yBIsC(8is8l)v(r9G94Fa5N};8ag5Ae?aG4NGVIm3
zvSR-oX%sU>7#b+Xj1g0SZ><){C3AZt!iFkYWj-3o5{t4lWudF0N^KSfs!~e>x8=J7
z_hPy>te6G}OnXr9mOXLiFi;WmFgP?>@8w})QLu~cRR}BlN!AZgh=8dq3}lEpGy~43
zZWM7wiYmVmRle2mbC;=hGO8V$3&<)ba|4tJnTXgYr-shQ2N&&>9488XtscfCxB#!@
zF)h6xL#f?nLTO+$q)@`3U=MJ3S?(19Cw}v-bCDBVk%IV0xWd<WyB;18T^K9LBp5%s
zZv}4Q+a<Wwewc{_+CljMYo=vrHmf}XgIIvIJMJT}_gL&WR5*YSa6gu5SK<Jo0dwE*
z^3uY)^Y7ba-=+@+anARdJMe^R6x}#(?E3#)QLx><9BypaQtEl5T?<sZg3Zujtpud1
z+m(7l-&%vA^<bZMs)fg7c$e9atti1QLrPCn)HaCK;?tWl^Z-=3PA920D2rMu#_8FT
z22|eAAr&wZMnl(_nH5j-WVf?cexUMY`0ry|n9Iw}%}~vNVc^lOK!GbT*jWzsBdCF-
z`of9E)b8+vgW{#z6WtE0R$Y_J0BJ>Wh6CNX%IQ1SqNXiw!1?1r<xOqh7hyZucMSI<
ze^re)4yJ~o(t&wkajN|^D~8vPl|oAWkMKc-z~Cb0wXD#C`;NYU0`jl`E%NJ<?f7s9
zoXe#4S~KgaUwZB;HFGHB%zn;CO0(Nd>xboRKiFomxH0yKT8R{_g(fDJXe}!Wj?iWR
zxLLpMgC!+)EwL#^bp>24wC;jN9-Act?bQ*@qS|Wyg%Ip$Gz{Tf`{0INytxUz4~GG~
zQ;(wHgu0~_Mse&E>qY)#sOw-L8!lOAdt110A;ZmcUuz8F)9MmvyPVTD`Rc-$V%Hje
z>Lu0G)P=E9DK`AS@C$E3!1ffk0&3d(!bygo>QcTiUd;XpAhbk%on`oU@auj2sS97G
zLX$gdGV8)v{vodQ$|XnPFX;7eiU3C>yBye_SQk#m-hkm}lr<NtfG-<<4$w7cD>wL@
zr$W)Zlvu8^`ze12MbT*Yt_wrU9A9&EC}ag+FQ`y7EoJzhp}!OrYP;c|i7zpCfA;Pq
zK8uui-<D+c`^Z-LJy-ueyGz`k_)h41x6AiGwEs(Y$oEw{<@XI8E?$Q_roTVX;a6+_
z@jBg0b$nN8`kjo&QZFrI|4244X<oNecdi+ZTTA{$lPrdRE*Kx=WJTVFN1lZItdNgh
zK;PS}8JhgKkbl(V`!(4w<PDlUT9YRU`7=$f(B!c~{y>xaX!1xQ|3j0{(PZo_FoREM
za!XCdW-ZBnP5yPB<QqE!B-d#2W=%d%$km#>Op|FO4ZeqJ@|&8REadAo`AJR2?k;^_
zqRCS<d7qH~qRC@4d7F^CX!4bs%ws-8;?(4PO>PwOk#17oT{QVakg+w%AMn;$o08+y
z7!G{J4@q$$GA8hg#4`l{MyzxngNgmO;q2rAcz6K;?P`GD1a|`1bh-)PVS?cR&wzpK
zD*<u|`U4CAE7?T=KakQJ;6n!Q4sh3IfO7#72s!|KLXZm377T5}?pNaN2#%e4^B86k
z)h8e{moC^wL9}Y(xq*JT!R~+p7?vJw6tywv{2lugar{l=uY@Z+EnJT8eprG0FQHYa
zNG$d=Ocyx(dE$AkcR&^)&i@XFxAQpwP;yQ=<`O#ThOW#*g@c0w7vlnor#A+6ccAF;
z9m#QlmROy5x?0On0?s8du(lNAL2W4<9|IXLGkJcdmYLe>KMQwOrd*`9-F(Mhn9{TE
z*nv&q@B>*$8XKM1k7PRGbx?yUjGL6G>Ok4~l-l6I0CKA)B-Y0qF3m>0C%Dyf9rq&L
z!D^><CF`?cVnJXCMzXL63OSrkK&21a>l9u#1=fO+;#7>>W}*2TYYNr}7+BOtcpdsS
z28$HS#B3CUh1yQUp5$W4)wt047vQNDg|3XE$wVo1O^%|xC>jYw#Vqsi;BZwIa+Ziy
zYh3YlXw4($;rc@pThw6&5nd7=mAja&9r~;rqEqPSD9VUN5+0SM0@6F1H#Cc$6j~HT
zA)*Yr)<n@uQM87r6J4(b8f;;<${I^dd>JFwb&cXQ4o-F9mq2;2Mcsb7*guNPqi{LB
zK#9}ZF`&v<-N~u=U>Fja%Pgj}AH$TO_Do&TN{F)Q`W0NErFPiDRWZrRxb`Y5%5@K1
z&BJvk?*)w!)6L#3A;XLp|8eCZiav~@9Yj6odT$gx6-A9ixpW;IMU$dvE>Ul~_KKnr
zQ8bk(pRVaqM3av~yMw4NT@RlhL7k(tfkef0-Aq@798p?NAk^gGx|8{+j455~PG;fv
zf#G#4wj+q|Wc!**Z2ufQA3||-8V;1O^%J~iqVHI{nm)c2HQ@9tYzbGx*?02H8a#I2
zIwvQ_E8G_R#Tge~=R0!JsK@jr4t+mFJzcoWg^P_x&5C9dYz26k0GH^CUL;rr@H{~S
zz)J*p;G^gt1n&U+lVC1@3iUjI@;npZSvoxu0d*RLyeJv)GjI*vA^2(Hk%FHjR>qEk
zMbnAPg#IXTf#4^ADYT0oCxFl{3KBqQ7X=6)w1onpEffgtB9l%K+C@_dAhe6>2_UqK
z9wva$E_#RnLc3@R0J?5y70w&@)Lf!6WPBa%Goc4lVDLQ^wLW?Svpf!-=gE+D&s(rd
zy==jA$SNn)kBaMM+O<ktpVhASi0gUU^{?XkjCQROS3|p|iR;ta^{?W3BwNxw^rlMp
zDeamjt~<2rCUO0{c0Gg*J>>aI?fQwh&eE=%#C4H&eO_Fj)UJG`6Jg)bt`CaqOzrx-
zxX#e7qr~+I?fRg&PSmdb#C3*t9VM<eY1eFVovvN`iED*+Z6U5a2W34|qaC@rM7vsV
zsM_FoL|1Bcz%^UDt`^szcC}=l(^k8_C9aQZ*VW>BysOmnW8xanu4og+yhpo^6W2$y
z>to{jrFOkaTutpdPFz3HuD!)|ns&WPT<2=nv&8ih?b=&hgWB~7^mV{>7i-tE#C3vp
z-6F1iwCfQF73BFw?fR*>_SUZ4tc7cZc70J?durED#kG%itrgcE+Vw?oJx9CVEUw+P
zYpuAp)UKuCdVzBFj6s_JK3D4a0&(doE){Uuu3b{ah5Gq8aD#e4pU<_+q1RLmbP*S*
zVD|Y~yL<;1HTTc%5?(nXs<j9ov%5IsTveRdFMuB|12zhyJPrqvXKV6GAy3idM>Kh%
zknhptYE6De$Tw*6^_o0e$b&SwOp~7!a)~BisL4}>oUh64HTixa_t4}xO}<;mXKQlk
zRVj|{QAwJ-UXzE2?;}}K%7vQTU&wnk`Jb9xAmr~fIjG4!guG6ZCunjfA%CXHH)?W<
zkU!L9w<iBb81)rR&eP<dh5VEzpRLK?3E9--1Wo>2$dfhs=U1fgp9=X-P2Q-<y2oCp
z$%{4ldGURPCcmo5j|%xRO`fjF4+!}}O`fF5cM16%O}<%^uNQI~O&+Mp6+%9Vvr#fz
zZ%yti<b9f)smVQr{GBGZ(Bw`+{#=vyV<AgMP9d2}q2@MNZVPW$15$`fw*?%0LI;RA
z(1f`Euz-U~=zAg#AfXLJ94tbsh&V8)Es6yk1k^HY0R_IYy0n18Jv5vCD9A%k5m9I>
zHOvJR&><gb6vp-g3n+DM?*fWf`<?}qqxNkJC@}3&3n&@wYZp)i+E*>0tg{Cyp=OsZ
zp!Bkf7Enyt7cZbZvM*Xd!DHtvpoFozETAZ{&t5>eVYgdAA%XK7N(5~Fa7M)y2^LhG
zSgMIuFPUf=kK(W?F8H_Y$ffT{dt>VPth`|B3t6Yp*V%)KS?Azg%V7VBz9a37sR{7o
zYpTHl?^q@#Ug0y1soXq+p3N``CKoy2UI=$?iCo_7_cHxmq<>xdw@m-Kn|=3d<}dPH
zqUrthZ~6c6J4(CXsDE$Pzc=aM=I%FW`t|zvI{kYsf5SKDqG&gEk|G}AZ=gl63X{{c
znk48rnRp+xF*sdS?XirSL~1<QIFSjd<ychp6^|jP6(@I|1NS&_s~|X3#lia|-=SX3
z{o$%y?$?sJzg899XJ<!toF?n|KgjbQ=s5NH1|;rIT0(-!mp&^sX`_(d1!<8cEfW%^
zt$p6tq<4j6f;3l?o>wI7w1R^`epZv~HF<=PAJ^o2G`UpBK208`$>du^GG3F5HTf(d
z->AvmG&zjvCwyP2$!BV^C1jT-AD=CK{wpE((&XKm{E3jy*W|UDJV(eKHF>@!KPu!D
zO@2v}y+S^5w$$%5O};_Mzi9G!O&%cR?V5a@B73t!)HdT<+<Q6Rt;=#3HK50NifSK7
z$cgjpv-bpNkx!uS8s|HfVNB&_Ck#T<)$s2}n=`24-vgvJ6hbXA$t}kwK>fZ4b6_Gg
z7y4`?{*7}-vx#%|BrbDyW886>zhLR(%?a%!BmH8{_>F#6aHHZo--(krj|LrwcJKsC
zB|N-=1>SFXDnWKrSDIcxG`y+t^g86Jl$#QAXT$Vyf0jA^_!fXbaVnIsGSHY|oYzJ)
zw$9}lk7?m8h~3OUEGM^=VX>iuaB|+u(vmHN9o_|*+<dks@0V(QNs|*ad6SSI*W{mH
zl1P>c*{8`HHTex8S8MWOO`a*_(VG0KCO;tLA(}j0lW!Gri6&3d<UvCIt0v#9$(IPZ
zizW}$<SZe#)#Tnnu0M#13_0l*<q@O)5O%<tHT5{vjBIMd-xl6=GxsPptDT__5DA+4
z6>M}!QyYH16@upWY|~BsSKZV%eI03PiAT3GO^lu>$3025aD_Q1+R!UiL#O?(hJI!R
z?rR)A%1ejl5GW$-_MBISvsCEu;g05hD{c#>uMHCmmEQe+>%eA=P#4zko7jP;LE`7s
ziC<_voTD39hW{QE!-nnyZDpod-=@dzSe-g04E8@U1iE#;BOQ#XH(~Px-#8x+w!Z%&
zK7)~1lUfl>Y=er2(ZAXXM?-i!ZoVWLAEmh*zX7#0K61JoxY#(LMHD4Qku!=CjE_oP
z@yes4^buGN#cS!8giDQ&Qd}-*g3=%GcwByU9CWO7tSj<C`^T8N4kr&qk3+FSy<728
zh8kw&Noc$Ya5xuB{W^LnrEmX8z?u$4U%|iOzZM_xGxc4(b<rEncKf11%2&BKT>2gy
zR4V?<KnaZ&a`!yM*;DXn;x2-pBTg5*fjC)ktG@!Dz(ESqDj_}~crx)G!SjeW3$}^Z
z3hvqqc&XqK#2*TtN&LFtHN-CnPUsChLvSH+z2Iu%NrK-bzFY7v;+q6_>;pVh@DSp1
z!2x1EBZB-l66Xm%PAtX;GkaYO+(GDLiCYVvL+lW|m6$uxh^HN_>V`ss2NHiT*hl=8
z;DyA?1s^2-Sa5f!E`{C}Jeqj6;OB^E3En_#3T{;ZJVkH`@p!?LiIpA0VCFpHYlUtT
zR|@WWDX>fM2;x41XA*Z4yoNYaa6%z)Tfv3IiGr(%k77p?Wq*@+pWt1@I|O%x9%g8x
z;334T1P6#032r2QU+{6_xq^EY0Y4*nEOAiq9O62`TZz4b+d-!@bcf)9#3Kd!hzAQ^
zNL(iPAaQ}<?w14i6g--^i{R&o(*<uJP8Qs%82H4Q!vDkv1WzX3BX}P1X2CY`TESgi
zz)J;>ApTJBOybuCuOWUxa6&)e8G;Lm>jhU6PZInl@!f)V5#J=ZV+rt3!9$441w%Cn
z{4cnXI8X3#;`0ReDh2K!cr0;i!E=Zmg0~X?-d6a(3^*isAo2HteZ*f0UP!!L@Im5_
z1$XZc{I=lH#IprIM?6dL24YiiD=4&vrU)(}9xr$@@vVaA5nn6VCax6R)eY<tJc787
z;F-kT1g{~^6r4~F+*WWQaiZXA;-ff~ApaBZ6TFLfhv1G^0B;mLgm{(U0P!Nhjl}N@
zK2AJWaIb;D&j=n%927i<xK8j^Vz1zK6~K209!NY=u#b4K;Dy9xf)5fG2<~19+*9yq
z;x2-pBTg5*fjC)kD_q78oxlkQ%3eZzK=5SZJ%Z;EZx(D5uNB<&O5mk}M-YD~cqZ}d
zg4YngAUL54c!uCY;(Ec=#8ld4{S)6Uco*?af;$cd9x8YUak*e9fPnu6HxlOwK2Cg|
z;9ge&cMv?5xV7Lp#16q*iGRm44ah^gA;2NQ1Bt&E>?8h4@IvC{f)5hYfEU7czZ&>$
z!J~<13x1Axmf#J<rr=gXfu{&AAs#PyGV!f~=Mi5k*e0$N-1Qn@m*5e^eFV=W?k0E*
zai-veVZdz#7ZN85t|mT;lRMTw@jk)3h<6C?I2?GR;334T1P6#032r2QU+{6_xq^FL
z3;c}WvBW{abBOB%Zzc8$Zg(B<9fAiEj}+`99xQkvahc$Q#07%8j{xo|cr<Yr!Osz=
z3*JDSEV$M6z$b9PiL#dv9}qm5c#q(D#G3`%#A^k29SOWt@Cf1$1<xdYUGN&>7X&BV
z06ar*A#uInYT`+P-z2_U@Gjz;1b4g<c&OkZ#N~nm#6^M|iSq;>Cq7SbuTj7q1dk<d
zEqD&GL-1DO-&+a)-vk^IJdpT%!9L=z1TQ3BF8Cnv$AY`x4E(m>(ZsU_KSw-E@CIU2
zaI4Y4Qv{a~j~6_d_*TL5h_4lF6ITlEdJC{i@Cf2Qf@czU6TF5vQ*gqqz-<K=5+@3-
zCO&$G@IUcB!Mlie2<|urc%$GU#H$1ch!+WNBz|A;apJjxd))^7jNq}vLBVr~>jZBl
z_6lxyJMbNX2NI7I>?0m5cp-6_;Df|?G*!u;JAiu%9!=au@N>lJf;SK+3vP8M@QGyM
zf8qmzCll`xJdYUa9*o~6UMslkSm33CM-YD~cqZ}dg4YngAUNSJ;2DAoiR%Sd6HgNS
zCh^^ZcM;ztxZ~ZxLj?~ZE*BgiE)v{GoG17=@p*!K-2>b~@L1y3g69xB1aBq&JxP_Z
z-Mzpe!2^lE7wjYcO7KGB<$@0qe=NBBIN-Mhk0zci_&MTPf;SMGf?JITh6=cnKg8n&
zPbR)q@I2yc1>3}xg1g=a>=HbJxR2nO#N7n1A<h(>Pz~Hxa3OJ`;A-NdEma=gB;F@@
z7x50k9X-Gs1rH%!B{)F5NN^+Z`+|=X&lTLu3;c}WvBW{abBOB%Zzc8$ZZ`q=4#5M7
zM+){44;H+TxJ>Xt;sU|lYk+$S9!=au@N>lJf;SK+3vM+L_yiW#l>fvB1WzX3BX}P1
zX2CY`TESf>0WTFig7`zhGl^dpyoUG%!3p;R&k)RKbVK!mtBEHGev|la!MliW65Mez
z@KC`+h?OzJU}k{0Na&5kd4i7<pC`E21Hc^wk0ov`cn+~c@K)mAvGag>Xg38oBzPe4
z_kwY=1^h2~A@Op-2Z?#l31PcG2>iC-(ZsU_KSw-E@CIU2aI1%arwA?~R<FngGba<@
zD)f28*9x|YD+PD01$GG@LEK01OyX{W*AQn4PN)NJE4Yw2QE)Z!QK#@f@jk)3h<6C?
z_%QHB!9$2w2@Vi165L4qzTo4;a|QSE0Y4*nEOAiq9Ac!wdfQ5jKA`H~4-6SiJdk*#
zU?1^d!3&AY1Ro?W5Zt{UxToOJ#9ahGN1QHr197t8R(}INp>!xRONb8$o=m()@I2zp
zf^Fipg1b%yUMhG5@rQzE62C5Z4e<+t6Q%*r5L`%HFSwd`lHfOqX*d^U-$i_r;EpEn
zP{Bip%LNCB`2;TfHxlOwK2Cg|;9idacMv?5xV7Lp#16q*iGNp{)S2x9z#+i{iN6=@
zBmPS8LgM9u4-$VYxcj5PZwnqxEQjHl&k@fO`UYZCa4YaaXo}zx;_-qf6W=O$9`Ut;
zZQ@G7T^|E>2_8Y*NAOJIZi3ekX9`Yu9GDh0P*;V-iGr(%@nR$CZxYkyC+nYhhv1IW
zfj0^sLcB_FfOwJMMq*kLN7&=UIHD!)H3Rq=!DESog69y|3EoQV72NI#;5!5lBo<BK
zOdl~Wt254p#ASjH5*G;WJ`=d7;L*fg1V2ZNEo6q>K%6YN)sw)uV@`Sr@d3e;iT4Pe
zN4#0EO}tic*IB?z1&<*9Q1DFR*9EU37PZ~XguesN5PBhTz2ItKs_kaJLjbki%n$+8
zb~Ce|0)Pfs=8Xi<0Ly%q02*MK8wsERmYMoA05rfd2NFO7Ec0&!&;ZL^N&pS8%ynl2
zKm#muGUO07z%uvJ2^wITZ-e3<-3y1C1D*wPtSHTI;f3MY74C48W&VvvEDMlNzNEYf
z)&O~peFW6QM*n~#Ox*Xtl?3aoski_mmlIZ4cj7*eZ?(Ehk`PFPS;5az`J}yjG%Ww8
zJCP4uK5~3hco|;M9@|igW9N9#KW8Q!uoKwe_N^!_BGY-l!+~m3;-Qa|<9N)(i)87`
zJHVTn_ycHoVH<`j?ss~-Ni>J}2t}~9Pn9M$;LL^gpqcoo@|pfNe(ctae3_1XIm-JK
zsEt))#*9%{)>uXu!kErOt!o=y<`H$OWgZAzx&in9S9+bvO}6v!x-L!Tr8IO$RoyBT
zFo%_cGYU5>oX5l!nD!r>)xb1Zn<bwx>IQ2Pw3T4+E_fGiap3g)EvM*5@-o(b>&IJB
zhrvFBLFK1s6h7su*ZqspP4UrG5j?LCoUN@;vw$IPrCdqBJ8!@@&V|cAflS8<4h+)l
zx7OCP<-Fg<W(jm8ap+AX5u8Rn0T^Y;R&{IDj$xeJEFa>wYltQR#Ri5Ufvx)eY;!sT
z!(1;eJ+6nHjvtob;3dvlag;arCKh>m`igE?fO)kiJ2nFI`%;|cY+kxAaRV+rFN0Z`
zPakGH;l_f@PVip+4z7kJP}>k!Timfmq~@Sgf{&_{L4lz#x6nE5$8c=az6ETxIHR7o
zHQd3ce?`sX6f?Ns2m$V8PA9Nx4&&sqB&q1!#H1`w`=Y<3w#@RR7Ud>9-NBREgo7*u
zwy#@+0U^##q)a=l{OUfpj@x{VDIk8bW>f9I@xeCAgT-Oh*w$ldXzG#_w=!wTGU8-3
zhxYA;n8*Jl<K9GzmhAuN;_!?=)R^i)hgC_bJTMhs(TVx2;Ij`kW_i+M!_lydYFl5?
z7viOMS8+2hIINqV(=5HFT2>*;j^6#>GFgj)#wI59?f@IHJ`DeC1ZRHx`WBGjfEM}!
z#QG5b<9c~2c%@&4eGX}`Ox!P3{Vv^}1-A?#n*FkTMO{?JJF#r-W0P|?)hdQTFkjKH
zTy1(fv2@Knv26So8}|RJd@tk3F*cAcpQnZSG&}Q%)1^hAwi6P8uIzuSuEGB$x{Ug*
z6VuG68CsZ!)vlQzua@$uQi_-1|4Y1RmIvq9xXSe>nbxcd?SQr65OgZhFRH;uxKBLp
z-#9W}4*in)nIH!e=lv@=4(!iNK#HVV=ioLvG*?>cF5xSxhX))<_J{A-g#IYuo@z@8
zR}s8LNjUGTQ3=PxedkROF~L6fg38Y)_}ZIDxGAS3T+eB6wvG;?n@BkNjl<ncO1KIw
z;gpFKyY`O~4xW)jIpTnXBO8D<sX7Je`y!KvT$_!!L(ihD{CE-{u|=Yg)15=aTLW@|
zV#h7H2!E{Is5wZuQqNy~MdRj?|GLG7cA4LOLeJ)A*V3O8H|)g45!`Z4e)4aMAtC1a
zAWZcuc4xdT*fBPsFeihClx6|0W>5e+&*Rtv8#({@SqZ@5k;}uHM_}s*cO_5b5}5CZ
zjrbIoEI;<=Tw*S-2)@kDDrzMEVfMG-_12FwfKZplD`<~1e`j^!ZM6rt`WC64?O7k_
zkqs+t@Dwh>pLkCv{v>$1^2gzw=W2q{CYH!|JjFg+eNjaEj;Glv>Wl2=JD%Y+WAj@I
z8{<xh{}h^X;FF4}rRK{{G@v=1!or-EgulK$4sRlK8|<Xg<h`!s&&`deMPa^{22Th_
z;cUK^g1_!WW}2zBMC55^Rgc&Zr$hsWVz|Td>nQ_<=i934b3{)ea(CE-9+!)+Wt$rY
z$3`Xf9Y3L6L1y{;XzO-X9h$Bw4u|dPGQt|v0qm9gb~qvu@^;v)gK<bDK+PXYF+%&6
zrCL)CL!IN$XYroQ*x1EAIGq(@T}LmqyPbyr21NR2-dI=4{$HpseB|x(9q&9L$^728
zt24&nGV`Z0^GBEOr+Am|M<-3&y^1`Z77a|CVwA@83U^eWOl1wKDN*3QRLqEcCmh~O
zlYfO!=VR@c#Rk-UK=HqXPku6&c`oBKT&=+rc6&^uB4O{g3zfr5&C>tVXjmqDB9km)
z7Cci=OBh)Uo0~V_{_P4$xJyjJPa=N%EF|T5z&2Eh4}+p&nf8CiqS7rzli)_{LIm>_
zJ@Bp)itqf-T%+%E#6mlz8vgmrz%a()nd~d-%kbW_>~V^4r?03x37(r=;kBN3{(FA9
zoQlzNyRT^PJB+2+9_cIEM(DXZHYlysE>n%RVSBRwjT}~9FJ^{Qw0D*NY^Jy7kAYZ~
z8ydPupjc<=Eu3kpn{QD~91dIT5;T>Iv5U4h^D8hdE~cp>NV6CdZxB+}Jd9eDC|)dl
z{MogLuF095g&+3%e071EmLsx=QcDYZ9(y}E?mie2+gob>$oVmXV?ap9Wp~e|R;LhJ
zWKCH5nSDVZE!%hOq8bB643{Oj6A*!!mTki%0Io;ljdt9IgQ<ejK#u(?N$l=XNt^$Z
zmb9C6hYuu9N6JWQ;E?EqcQMWk<Cb*7A8Y+D<b~VeB@Rytw>Z4DLxbJ<lt&7{C4ZsE
z*WnSd{DArGh(^k9iV)0YW2-hIJ=)~$a~)a^j`;{7?X%rMHQhu3t?lUaz9~8JHQ!V7
z{j}~HP_y1ZEv26CxWn5Xsf{nf$3vcbil|@dxlO&U0do6r!$Rgvo)K0vT_sMD?5Cs$
z5+8jlnH3sz@7S;_Hiw5d1g2A<cG;4=(UVoM!KmkzT0Z+w-v+>T!hk`liZE}h-7;^V
zO2$`Ih3Miux1&&5p4(#M3#bVlveYKrpn`eM2rWkrRJcH5BEq?RpEDn>4ZC9lx(<I0
zM(Fw;moFYe1$7nt8=<F0LSz2>CR4rHRlBFyb5m^KKrMR$Qf(DUwWWQPPVxx^`X5Q|
z?5gGyo)lNX*WPnfx^^2C)U<rRI_fuhQ+)>=UF<NdwktB1%-2OO&tu`}QjdMt{rn#C
z8Ph4`fxSN)yyGYIanpb;7EhWHtiNL>ruq);#pIqB_bXJ$;%ZUWcGj6cMu(d<;SjI5
zh#kWKrlRO<X&BLqUUXs%`pH_b57Uk3;UiE6Gge?2sL`jP6N2Jch*Lp~_!z?NTZ2_6
zea9R%BLhQW#Hli^)zD6~#Ewqw#Ag<)vDdAJ=Xg?5(9d94$lJp=rAM5%bzZ|l&LR*^
znte`FnOa~iq+qee?ulg6E?5XHB<w(}!K4EnM-{WrGcRD)u@^(9D&|?SjVJOakzw#;
z!fW`A?Y|RufnN6+YgZ~=t<_`0M><(XED_sS<cRg29(bTv){mA48n)=IFo_snv%ww`
z7D4L0Liz~!8;_st)?9Nvj=M0=W`Efe8}H$b0X1>SYv_WR%GaLO1sh>fjU3V#EODsy
ztY!)GU~ITZCeJyYsHR?evf%A#ca1Q_Dp&_pVgdJy)y`Hy=IYll{V1^aW6-bJTadXB
zpZD#=Bcu**QlMX|x&px`N%@r)`V!TJFQ>O5&@V%6X*HWIsDPbfGvgk+FD2klq_hc5
zm*DZ<4u9f<6>E=IvHzK~8d$G_bCUO5U(xx<CRQ4}-W3~F!2cSDQTqb;ONGn<_7&}a
zRrx*RkAB&^F%7U_xm>FF8X27a^MCK!=!!S~HV{)LjLcbL#N1aDl+=bm%E@e!MoQi8
z;Pn_%3f8%dCzjKyZObzMJ`ap{#AaT%mpd^R*@7qdUEwa+Qk_`lKji&7*5}8ms7NeJ
zbhE+~<iWYtz60T~x|O|zqS;!Dj?AQy>PB-ZY`T|r`IWP`dN{(umET>kw>lZQFzP2X
zs~G6pssymYQPW}UC>@-Oy&D_?##s}TeDIvl&6vku0qgu2o3T@U&T{NSJ5)tSID}^x
zw^n1^#G0|e?gP`z^~cf4Pi15uzG7q3#rz>A8>s12&&9Ex7Ge>Kg1$!v(;GPvZhsNN
z1F|d`5`|&_+fuc=iw*x9z`ml*a}`%`%XLXH{#Y}PM7OFIbJn6(atPkVI!onw;vKQc
zo+_z560?+p5T{u1;k^a(7ZIeDYU1Hd2`?|`IR<G}|7b6f+GsHMs&%X^6+c!XCv94Y
z<imDb45oI<Laf1XMQ7nrmI<Q!v^C!1AJF#L<cf?Ht{b9@4LnKVg6)0GtPstg%@~Zo
zJqC956<Pn}h}ScQU0zgcdGFb%;CN5kCv5A*TzLsIT?n~>2{5kx!mf?ob8(BP%NPk~
zeL~Wy5H7VCwhlofT?Y#zSj%Xziz2~DiU}skEkQ8NIkKo`b}&e&Az_+oRipkhu(_)0
zg<#3BRjlgUnD#cvYNmXKH0!*dWrgHTVgWqa_QgxG5SyxQ>+f(>pO!=BiCe|wAD2t&
z#YJY`s|G(cqx=Qyu7&U!wr-rR?iAEtCdoOy>0mC0=S#i~X-!pG^enS4V3LC{4ZQ^R
zq<D4WjD?2~I+TP^F!h9IldK@Fpkan_hT`MUeq@aic|S7u;?<A+iW97Om6#_Zv`#yF
zTB~$A3xj_a>1Bsh9|b$!vRjXcqq&S}d#Z7extk#;xGrk@Nwn@ktpGJo9*0)VVHJX)
ztkzmTf*Zlxo&U)G>?Zc*icRhOg_v@N?L3s&@Q(#Vsa?2Jk5c2hF~0Gp8m(KsaE#?O
z{GC`2E%7Hh=}}J>xwHu8lKD?|K;vtmQy)48CZ>@@neW0TSN#cA3}wS8mv6Be{Q^TX
zU<WY`hI+m2&9At@vW!OqMU!#RVkHd1?scC)=Gxg9j=#X;s+D-&rs!EX1qbff@FS)x
zhre-kInd=mS8pfRRaY^n^<^a<w;3_QSM(+V#d-Q7xvbMgQJ`pw#237B2cmll(QWwg
z@HYXq3ocVo#4{D~_=>J$B!>SYRDejO=KH#V%v^~KG2Ir)7$f7L)%Cp|_>0IcMP#A9
z>=$c{`knYKGxxZBd$L#;-b>10657v;(Y~TXe0b9EpN|h|)sMj<vaJRiM+mrrpUXoO
zj!Ry~AM0s&h*qXoDibq1tX?u*<^l673=50t5l0j|aM*>+3`AyZS0J$lX`xE9Fw4Qb
zXv6kEWv5{ntq!ldMg?$nS=wc3*Rt#?ydPWzi{pskTSQ=`AUFhDmdf=!#Oy07mR!HW
zWN3Pg&#`ekZtY$08tjn}%aY0h22U=`Wr4(hzr-x4V}nR8%%yn^hrjCj2v-6~@+c1X
ztY<3FrfN`lRi*bCg2j0Ug?Kz5^v57vd_`}OZusl)u_Om>)?`i})utqv9aO13ya0#D
zJU94?CNqF%C^GH&f*J1ge`UBtGR($po?$jMGW;KA*cym}|55T^tyj|-yi*ffDSDcs
zdd(4JoG+#CgAB)vv?5rv8d2gn&WRP0^}_G$<%a+7@WomGh3I3bN(wEU{-r+!udrO$
z1!l#-kTdZ`$&vtDwP-~V_U~MQ=D&{nJwv%Y73?z>zTA#&@aVm0Y|*F}ljG9VirOmL
zd8+nCqjdC+{WPq(`xK}!P0>i}P+)8)Cb%5SVKlL{;JmXDjp6H$P>lEd`hCbwO9b*J
zg9E!W3+=!}F$Mxd?e0{3g?mJLt*!*k5E&jm*b&K!=jPao({m0?)so#oypU9|?!K<4
zxyw#mbh1|6l2f&2GrCjrwD%~J_*?<bL}6#t@cU8CH0Fbc$pW3pCb#_0*b@=^eOae@
zk+~T%*h**czoZ^JeIhH)-_EfV*7xFg`xiS56~Uf;P=VNGV197Y+k`Xr!4<(dZjMr;
zC*zXVFBOjc*1NZ<eRO9a0rq}jG7;tzy|kKyXt=r4SWxuf^H@CGj1$v(!~pq?87<=|
z%<!hVM;AN6MxWyd9_P0<Y%Vr%KJ48EJ4!bqnAKTj%iO|+CqkoD-6T)DoQY1N{qUCV
zKw@vulsP1$b1iBRnTAO~T1Zc_TwRgdV0yo&lQ6VifGIAHs#{k;uz)xV=j0F#902<K
zg0fmam9QV}x1K3>#93+IqH{}p73NNO`H@UW@75Cdvp*Vhq0yNQc3OI0ovYGY|5R*x
zeI>obnDicGdNn$|ZcOi=-!x0_n`nAhHct=3p*%IF+NSR3VyGim;PF8*Wbl0U%NWFY
z^3e-hP3lA!rrIFGtzO8Tnqec;G%lNDw>LT$!wcVD3U5?aV2%2ExRNI}exU~C$7bQ%
z%2z=>U-NioRE2rqlel>03(;FYcV?kIFz<^{#yRkPhWLJkHng+Yi*XZg2aGR*3qJZg
zss^SiSh@g=i(2FR(VBNm4m=O*dbb+8sAb8$Sd+7eF{Wf2nQv<j++Ck0B7gn{511tJ
zIz;{nzmdXUqA3_i!CrW(z2GsAxiI&_+m~cMl@ZH@VUw2k;ocVRrK;JdMx$9t_wkT1
z(k0A;io>>LsXTTi<CFm77ZUR&ynEPS;&H^!lJE}Lacqbfosp@;kD<jW>E0WScO2ri
z8%||!x^7**3P&EEA}J&@GS#OL&v?XBVTOb=ua>Cj4iSl77s^DGry^AS!Ma$Y!OMtv
z0l?^7%1TP?rs5%cUmnfRcCe%Nr1^W8Ou+OLUT*Uw4E*eO*Zs_Qg{(oZ;ZFw@xlzA^
z(jk~Rn317E`mK?9-Lvp$O#2*v%gsHDQN<Xr@f_w}YkYh9SFE$&`nsd?t=?j{n!r@#
zRc`EaxuZ<5z3C3%jlM(Wc<>0;b1golSC0K!Fqc{*1bcsoB$N%OmWID4^5Q#^WYl9P
z2%SyGcO!Ecz?*yOVc_~}n3rH;mnX@Ut)G>i>ca*Ss$?@%nB0LJ%EkTGYRDY^KF}AP
z_3(OZpGNyXyV59k5Qk3iP>x5;**7Z8L)HfD@?si4z&eIbfx`HENow<ECdFaZk%Q)|
zG;zNgg$wqXfI6e$dF+!_u+y+_3`L^DuM6?`nEZokpgC=|DeW%A=5vKH;JEdIj{F<=
zvS-5|2Iyeol}H1zu4IW+T*-*bwTShD?!=aZ6<86{YUo2aYly^Dk5-Gb`l}D`%_x%u
zvpi@Yd)b)ji2cA5<UjIF4dt>*;596JLSf8%;Qm$Aox`xWPlJ0*&3^}<A-q5vMtoOi
zk6MhXAy-&8;7%o2Bf=%tAbeXNXG#U$D;0Pjqeml379LeeRG<x1KC+k(&IKa!8ToNV
z^V2z+pCd)^mkxi{2*mDMByz;?e~&yNNSkPoPoa(`Q7>nZMQ~UB$LgwcH5U}g$^m)}
zCa#~66sc>Kr69xAN5k3R3$nxA(QqA5i}s4h_%#gEur`RvbxkF$+?Jbb*@eFr+YjbR
zh*@;LiD*LWtAEDDO{du1)Fi^1i$Qj%EE0X#U4byFpG>b4BvG|EWv8j+OM#ovbrzq2
zFiX%a;#}d4cvG@cdt43*)(Z7I8KpW`fo1iX)`i;n8-!py%_CtPz9Z;=vm*WPY5?mn
zn1^M)Qd;o6=@ABM6Xnp`(6yND6e-K&y;U0)$5{&{Z2fkf<f*Km9g}siHS0ua&BQRa
z;#U`vi-^lbQHg)35c3GEhRz`qT%!{4e2nI67tP$}sNdD_Yd^2$=3RIq82vpXG74fc
zWc`TBMsLQ{SlO1Rd}2q<Vn@xXGzK*BJS)lCk1TUoOk!ntzyOr-Nb{w~BNg%?cmXn@
zSRTKCFn~#M3IjKC0AWy!Fk^)O<{&Oc6EAgoJ)(#d^7bg3w?(kfb_pc%+#0LG!Mp@2
z`z1)=&?o4Nr{o!O(-u*=BXM<#R>Ja25m!sZ6&XK5k419*Qq<GS@WhzQ81pE^Y#r|)
z`Mi$B4JQ688tBew&l<~^FBSJEqwew1QVgVfoJu(^@+b^vc|*_>+?X3!!z7J*+KS+d
z$}$&vOV5R{^2q%3QOvoruq8Fd*x#UL9Q$2HH=OTTf!W}2h@M?wc`kRlBMxKQNc@eC
zP5F>Q>`H3L>#oxB-dh1v?>UuN@+`A5bn>G#i=y?}weS_`THo+74*yCJI4JpB!pYhR
zo<RfF-;WQM(j5a6vpCIVb1j0YDcdNwxkGau2GBzoZLGVY9{{eyORr9J>Sm*Z+U;Eo
z{!p?t9(%;r-IA#PGU1xP1Y-uHqk1svhKkpdH?X<z-^zT&f83rC{u8;4Hc@fEg2^UF
zs8QwM^9-w{F4_`ioP+&Nc9Qq0cYqxQid{sa`Ee^ag?u~_ae+Ucd^EyTPn>FhBpw<L
zcbP|xS6&W?(A^znz4Pd6it<&;#!D=ZM%6w#PQ}sFX7FVseTiiZ(+VcGM+hnJrc2;&
zjAY3Xjb}+Tu?2Le-6X3c@_%alD3Bmu1R|yQJj&(u4ALQzKWi6SP7-$@cdUWK92B|t
zuI9ImQTGDv{w>`(XF1hd$6&swS3Gq;Z-*?mDi93on@VIr7CrZ1)<ugNU9ovvuBI5l
ze`ObAyrYSCS0x$^Cd+ryM;&&TF%N2BA%p2-DVp^P>2v7rTgzbriXEk<7bZc!t>UZ}
z^{m5g#AboL4DBODx`uJ6_0r=A6`G_9rTAFq7lIE5{Xbf~AP)ZRRzZy&>v426tkWh}
zVz6oHs+|%S_71?zc6fzpsmU+rDP!RWTNaq~??H>*`iQD%=q?8Pbc?pm+05$c;o!GG
z`Q^NSK-A~2eNOku`Au8pPtUKvj<U{jctysHdTvmJZq@C?5t=GJpR$uiO4U-8s>0x_
z6g;FvnGDI#_DDI9&g;0z1v!EF4zl!fG@X&rEQ#k+txdk*`op?S;^a%pcu%B(Z}<J8
z2631%)AI<#Uyk@?y}|Xn@O2y`mr&l-BOA#->Qz<hUohs@5_1P+3VT3kLbZ|)^@muB
z^!vmE(~>aQS<pt3*q@2U{ts*|+MmT{80+!Hs3{l<;(8`kNhE6`ZckcsU`9dJ3&%rL
zPO4g&uouoi{OUy>;idbd(U%~4H4lz@FIMY)m30oK)*y-WY<R$vCy+Y(RqA}e!53YJ
z<sp95yJWs18v7pbwT+kGTDr{}F`2&-E81b$B6=vxZPw(tO+FuiXC!<B@)7fZ;tKOh
zcZE5us=~Yx?0MU$3iICEE6kd473M<|-GSbCx8x)8J2cT_tD`vXv`_S(W**{<`BNPj
z5U@xS`RMjFrG^3x>}`xMu69Wr#})782aS6lUjSsZZ3Fle#}=dQHL1WaZBqD#EZ|oy
zg~wnTG4%)_9w8}K>t~LG?xz05pdnlfqiz3G{LjMw+?XtmnI60*egPB2LH>jmzLTlO
z-(yRp=2tuZmISs8wjQSDzv*|WpFU6H9#eDyWvVAT_FIJ)L3Yf?NE?;^Xz$rNe0vF>
zFX4yBhA-FQk6(!J6Pks;Nr!JG;m?uq8L{D$b@+u0e{r+$U3B<0T=E6e_p6^in{dA>
zn*UWit%2;D%<zXkJ3aq9>ZSZm68?J$|8#74Q-?2P`1#Gk&(`7Jm+(JG_~EhP%XRqU
zSl3z;V#A9({Tlgx7y=%B_;;+&)k_$BcODPfa8K>hiom<m(TI?^6!cGmSzKlV-fQDI
zlX~k4gMl|2y(Xfq7;PWbf5PkVu#3G^_KPSLklgGk7!&S<IH~A<S9XTtkqWc>=~0w|
zZ&t+nPM&K_6{DBwAG2_g$2A!r+P?>Ar}#aX_*k>=y|{@K>wZo%_cNM(A8O`*XS44w
zntgxL?E95w-@FwSn|^Jx@7tSwU)}7xxY>7)X5SgjzMaj!f5pwM*!251bI)t`-Kp7k
z%VyudHH+{2X5TBDee)JsZ2I3d`(DxP`@Lr0&o%pgt=abz{01K!z#P3%@e3?PzD{-x
zwoXUh!7uVetl}4Qm>Zb^D?de!hOx@0rtvo_FU?_D;yx@@|K{u8T>V?De{=M2mHr*B
ze@E%x+x71_{X0>9pQ>$^UPfb;)d$DdYCd#&{?lipY^U>kV1VR5Fjev&n0k8t@dSZN
z2bLlAujD^4K=L0LAo<6`1lnEl9~dC{4-Am}2L?#~0|O-gfdP{Lz|_<8kJk^Fe;nzm
z{0}u(4)JZrYy}I`z-4_?jH$dY=`vSgPZRCYTH2#dJ=rV$cNjck%si{qT<zOAuJ#zT
z51&E})nxL?v=js`^RJqe;0|y`h7Hk1nMc$f%k{RY<bsR$G+|%O-ZY_C?XhB<fa1IM
zSd~$~POZTbAFjo8AlP~|YciPLfa{hJ%c1{ZP-6PE$FhuizK{+E8ZJIJgOA|z@7m{j
z_&hZRyB$YDJdBR=OTo8>e>1|D8uOvRb)}<%4_H4`hRmC_jJ9Ako`w<kVQ~D)x8or^
zh1JrXyb`|SmA~N;e>1ed_^7`&;x9q@%Z>QEL;J&NnT{`A{5h4sq=-LW(L}z6IivnM
zi9cunA%ENwQTgkj{Ut{IbrpXtls^h*<?jFh<7*N1cY*kW_7UQPQi1s66;1kU8TFSZ
z{*six+avyFYk!y#>2l<YKj;x5zT${KKJUW#k}J#&mF5Qe-t~~nw+qh*@3_38V5_%-
z1Uo|oQx_~*?by0!v(`PR7~mgl&tUq4xZ4W`z?Avo`+?LV<AMuhc>eA$7#@c$I<38f
z!{UvP$e*DRSU+KYKg_AvHB^DmG1JS<W4MdfV4tDqSLNoGiUL}t2Md=O^Up31UgxMZ
zx43*eA1dFl)3>x`Me@2b|JI4$BKyUjMBmZNAFObj=Y&o|2}JjYc(<`cCAb$frsp25
zKDVmR#1CM!0sNdH#rburDo%)Jx+;7V9}Wq-p#z`1&Yp|?y*8nLNWe)F@FQGMMm?<M
z4?4m@tSC`Q*NbCoiS=0>E4PKMYq9ROp2Q#3Uy80Vd2~HLaS(oG?WpDq8$2HFM$AOH
z%dwe&96F$x;>Po7U>$EpaA-WIfSr9OQYV}}V!?eshQpXuH%?cN4u{ucIkr~?<BTJi
zehA_O6Az<)3ZnBZkN2H`NdFHo+^%63M?2rZsb6?I+M{S6N@5-V7>{iweljgN&Orr{
zSq;+?-^K^m#dotlf{FJ(kc1P2O_7bM4XXUy8|#sSC8ism%CVGi;~BLPc@4~)l4p{?
zb+%Owoli<!`v)S*T>ERHTB6kqI?-<A&p7*2{@iYV$e&U6JNy}LzsjE~`(^$V+t2VP
z*M5RO`F4Om8MdE4S)u!NR&qk)G)fJP0kYOXFI3Oh)G?AeMH*gP^x0Htkx%jKd62E}
z0y2eV8u?^00!3Qk+~5$^3f+9iQzvArMu1So?LfV%#C%JhYhinAR}ln?vv8dI3UtXT
z3M^@lU`f312-@R1ikV>gRjkO-PBAXY_85sCW{t(#VnyNw$WgRCGV#Io;QANsvG;y1
z1Gn?002i=pRKH|<Jda)&x(uEw%v*7_HFPatbUukynSN2mcRUQqeX5}6LZu7^byHH+
zuLZq!ky`2)^-n8Lv$%f2k_HzV)$c6KV)^~TCi$If;g{+J#YVT3Y@-_v9*u6-XJ;AR
zZpqH&RZduyy`ATgS#GH7VnL*;w*oce4h+wdsq#vrz9WTBpv>)dEUPH6jry+qHix1h
zF;yKip5V4pF%niAi$*sm62`6~{~%$qNWF}An0hk@>zQom9#uJW$&R7l(M2oFxnxMx
zRZsb<m9Ng~>(+^INE0}YYPte%2RsQGhFTs4cu?SQKuaLhX+qx%ECyUJFc+{%AQ~(5
zslW`t_XTDFz9JCEU!ms&rka~V(*Yw#GkD;GRT<id%uudG=^GGcJ&4x1(AgU^T`@Wy
zFye%wwrGoAIDI{S4L?gsZkJ;|Hb;6Ul+4f+U;+q_?QoAW!5n-<THk2f3Q#eC(RK*e
zyow2owj;RaRg7S?9gQZgC(qypZ84r0#3louH{&eiys;2pn2M<V#G<=l)xw(mA^H7M
z<SWYWJ@G+)ze)K0SPkTMgxl}Nj+pGIyaNVN+%D}b>*|tXq#L(@$rx=DjJ73MT$f;R
zU6Olh66B{B#K^~%SeqqDq3hUFqDPBLe$^Je;*&ai5x=ZWPY-OH3>5ZF|9-!!uPUzc
zu675fq*^z=hlD*8&nR9o>a-{bD<9T#|6=*BLmbiaRpJA3;zRW1b5z;bjXy_aNWnIq
zi~W$NRpw&ib6rzzexWyw%4O3CO`B6&6n<E;c^JR)&>ow17K^BQTKZLJ+KNE&sB$(f
z`?u<H!SvM>aHQ=}w71zSq_<c$1_kU6c0{G+NFFHYpx=6`k|L{D&sOZ}t4o~eE$>yz
zXJ0@Jxw$sYYbZA_WE4tFBDB;?Vz&uuA1k^QbQJX@Mc>i|ZOUhLxW7?U2@5OMh<U8P
zvr)Kc{k6tNs6Bi!KBz@t&rGh+yTa@G3a90aJdaJGbFI?VTT*-=M;?4VRTjF}7R|4d
zihKvZe{63kQKR05tM)eL*K@CEB&Oylljf&j(F@r5u-^QD`MncyMDsfmAG*CS^pcm^
z-lfq(@5zd`w~A5E(~JJX{CEt^7&-wVp;|N$w>oihRg}lHE>~%ttc^+Q06xg-jkQI)
z0VVtvpl0EJW8H?|XI?*z4gYQ=Jhmr)<+ZRRV}6Ui4o|Kze;xSs9uM<>0QujI2&B=@
zL;jg$UV|($q&|%K_c)CC{SzvJH#p0=in#%k^KH{y8Mt+`-QfCWCDt1lXTL>6T;oJu
zGl-NkFu_?KEJ-p$z8&Lgk79AN8vc!`PW<(+GU^|}Z?S(L7dRJ}n|XPMYLACK!zd=2
zd^?QVqe$R3l|Y|2R06Bqqf;JpI}U_*=y4&CTY-yZ=9b9XX|jr*hGsB@uJ4XttVsM@
zRRUw&#yu<fXNB5t8DreF)Md1Far=}jE5%=<ReqhJfr>F<d}E0s#D^|b{LI&;?bfGw
z4*7H!95eh^B&sPomOulr%K6s!(?jkJKViD-PCkiA`NU0_02dqnLlEqk@*0m*GvD3R
zgeWmp{Ry5zTh%}iC)MQ)eXc%><BX4V^3>Iaye-GoFaIVdXP|>vu@1NSh406QP?hF0
zjI&@FmRoR!aqNL`TZy$89%V%~R={&Sz1<h_hE06s4Ht;CH>|ekErH$!M!b#H-V&nT
zu-KwEC%t7yyp?KiP;S$)VXZ}PiS%{?L!Zi9ruLQ?^@gPuy|tjXZzA3fq1{-77Ey0l
zY0+CtdV4qG?Mv+q>jRxA7FzU{L~qj~-d@w*uq~~<VVy;9$@F$p#9N*AhNsb2yUj1*
znadX6PgrJczr4KQ7>u*1P-iey_eiLL2!$@y5%%NI4f<kR594sgWOggAvew-Nq*hs<
zb&^%qgbr9`9e5W_NO^TM*V|UD<NG0=3df4jFIcTi$f-RFb~zKI+M`w8+Y$f5aVq}j
zCH|vayWt+?i?v6yyyb9yUYs+<d5buQ9w5)kIEeiMNoNbDtxRVR)5%p^25*3bEd$Tf
zh-ipJ^fAnmp&T=GL{z@f@nm_X+utHmKgAeg`XSU8F-5*%#wHYq{T|K!=?slfv|{!r
z65>NwC_-HG{)E1x`qME8W-NI-R|L6hu<i8zw3Yp77b++bk*NOkAM78wW0rp3g!ZZ(
zr8p%XoT2X``%A`0lKdJ)Kz=ZC`llf=V}26y71NzwhmUeDWuff~*NF~h+if0=ZeV;-
z><=5}!|<k7yihcxw|IC%SJB?kqr}^YNNivNdV@f%LRZn=(4)j#??`OFqi*5N32*2s
z+8cV5cxxSr4Qht;mI!a?D%u-*lz8Js1C=)_W5Zhuctcmw-q54O+meX4TJhEr-q2OF
zH}oj+_Oy8OV04?vy24ZM+6#J<c=2j4mm2fk=tXO!BcZLZTd@<}=%>pod3ALynhi1!
zaj33zxlX_SL(r|gc(@XLxaMxf@5yAqV0vfGhi@`uF!3F6yipu~u2G#K^caKN2!2XD
zPd7fgGGh#{X+iBdM)~1unO9@xRe?)+6@iN?vATQMfS=OfwU{9cOD!`#+ImH>_xGq0
z^xt(A-F|QfANVcbZl}i`UqimTpvmxWg}X1`;r+!O7>9`5ITemy1_jgFR2HnO-cnxh
z>wO!!s!dX(&X{uJo>k@MPaJrRwkVgA^SC&7x0My$px@bP`AUulG1Or1<<mj3&x-ap
zx6jV6C^+c34R4XB!t2>}`Bi&7w|IYI@;sl$ZemqVd7y7L^5HheXSvP6IThwn>mW8T
zFnd{|a^r^Xk-Mol193zD09zECAfoVbvARF1zte>?0-1v0b$C6l<J?WTb3Lvu_u+`I
zFYkODuc3)3=*My?i8DZ`Kv+*)r4*e<y94Q;j)ij|^KJeVY>`*I4;l|*!^F2N3&B4{
zaN{ggn9;W1b~tb`h|dgs{^~Z<ry!j5^<WiUU*=7(-A~mI&OgVJbJF9L1ncvrlEhf5
zS*5r!t&h^t?}LeVh`%lL5RCYXEpO;dgwW-!2=q)w+7;bwxB0z$>4`-5(mm)(P+9!h
zT7vl-jHW2Hm?lh1t-nEC5DENxPcp{q<sNMB?YE{YPdz`o69o@moe9CY$8GkUi%+eh
zDDpIq_q3Y&WyFQCBsTBQU80((sb7|2l%{?;{2fzj_Uq*~{~BoHE;wrVv(!dJf5?gy
z9A|^qvq1<X0oBt09mMEx+(_8$+i{}ysKcn|Zl~)SbiPDsyxNJ0oFjQ!tND+w!BLwZ
z=RI5zEOt~DtTg=3LF)%Gz}C=2h(E;gkbkRT?gqD%Gw}z+8BR(_FZ~H~jid0JKws41
zQNFGbUl5Gi7X%}HIqB=^h_77n1-YnwK`zo)B7NN#@pXpyf>_kPAQtJX1%2WEiKMt2
z6EbAGML8UBOF-s9kc>;|3ridEwHUrI&rsgboZ1^Cqw@Cuh<g+GsEVv@JPm2+Ab5iU
zMg<8P$DpX7qC|;wW02d}(I_BMT$qU>?x+a_H-bqEm$t_h#TgxST;EX#*AQ_bB#;0u
zL=a`%2&mAP76n8IDCGY<r>Z&~p`H2O|NFfkKTY3T^_<$ysZ*y;)vW>#6zmZV>x|SO
z*ct}SC@?xuq?VI4%m)~>qlQ5{3Jg}df&~@K4+z#@C^1lwVrG0d%+C9TW`>Itx?lq6
z+-`_^fCw`6#w1aTt4l>KzIwCB?sZp)0#uuAFYTes468fLjM>oqsvk$r#peQNcQrB+
z<`z<PVkG%hdHeOL=Hz#0RPLb7gO(-yyCIy0mbb#H8ja$}@H`Sjrc`uQvzWU};N1P3
zzTJZ`Fi-DhH`a;-uWGh4mN?f82vp#NgwxUFX{e#c&fkmrSu-<yX=$^DpM>BJLvOXJ
zz9D=1Z?&CUGY8d%oKY~&^%U?v5y{n^g=?_e8@2I@C6d>L1^fmNe&=EjlE+Mi;;NS$
z;B}sMuV5b5m=3^nOkg09OM$VRt59IU-Jo$Dfx{AlPK!$of*WRVXKNhnag4+U2dPvz
zPH`o@BQ(wn9F`DtdXPzl<K0Vw+W`S*9Vok<6F3N^!ZjM)M;a$mnZQ9R748Xxdrsp-
zEE710rNT`$xI2LZ3v9?GMs6Gnup+U{uu+y7Aeb#ElMLDcLuG>sQgrx45zL_?kv+2}
zi(sz$W0GJlhCo7N#-<!d`}Y~$85$u-6~mCic^=Ejl70yd_9{cCQ;VM0!E!iD59T5G
zFB05=!5uAUlk^P)S4wb42B%xjDg=j!zD|N!kn_Bj!yQHvJXV6e4DMt(&zeNel;BPb
z?rb@KHo?b8aAyYlrrjo`U{|b|&g!0*F>R6rc@P9WJ2IotsSi1eXz}2vp<v$oWd{L;
zb(z{}!vx5w8(M4g71CM<-o(=N+;oGq*0U3mTI=CV)mnBpv{wDo9AQ@AMy2L5Y%YxU
z={E(?#(GFr>(J5G%nc~*(7+UbWo-D+?o;zH4^P~>B(sompPYT9Cg4wFR$<ND4U(#5
zWm85}eLD^3NnDTgugM1YhkJsRbso6Lo_D9go@y9A&=ZeY)t%ATJhO0y+?Sl;qN>N>
zKt-pq|JH(8e>!Z|sKX_F&ex~rSk=pdB{)aQ^RL!*3Bp6;Pd5xd#S?$LVfe|O_#<e7
zO(oI<MItFZb5#@k{qm$Hco6m&1!hE7G(qj(smaoy9^|`&hT(%eZXv3Vl%7;6&Agti
z*z<Au8C;y4Qc$P#%K=Df3R2><%Ntwx6{bLiGSymuK@n3e9L%E945>7aSEZY+(o9cI
z^Jj=LOZPm}JW@(mz%;V0@DVBvpGw1lKMmzNTcuHZSyByO)oGM4jjx{)(OCH>X_rhz
z^#}PGJUf}{HcfRrsa^n;H6Jt0@(%7H(kB;LRd1j+n9v{)+WEuE@5Dc_3mRW^_rr(<
z2PespjxS*nI`TsvU*LQUoYH?9*8%B3Pih?Wq{97|!SPmCrq>ZT=t+%(o>Vw~<f-(Z
z#$h0$p42$#Nrk(};C7(9Gd(YG(32VmJ*jYm4DKV1>jWJ1q{cx{DqIF|Qs3t^4xe3O
z;$m>nlM1&EVlL&oQ{&ifSZdYjK~E~&TLyQb#t{S44$a5GJ8u^@uR}RX8}hSYNfRrp
z?C*Of2vd(xBD(t;O2ptdFG&)G=OE-1r(!JM##X_lZ+n)wmm^ENgv?EMPv^6>P;vTr
zywJUX@FN)>_5M}m5K=k(OXV;+IfnwB!ww&ExCuF6?!7slq2@EFhm`kkPz#~xjUKCd
zSkT#v6Uwk`yFr$1f5vpTe2u?iqrdb(4(%8v){5_H4`|)TFe61Nda6?VdbNoBL8=rV
zj!&xRdk|XIb23X2M|NDpMiaXiBZb)Je=(VEQ_<}fTrW*G_*UtH`LE+Ac0SuB>YaDF
zwB}~GrqHo?y8&ABs^naXbuL|)OBlHr|3qM14LWBl-SD6COU)b7xrY0J`aA?~(#Q#R
z-jXs*qHcgWeM46pJ844!IN-6<YXA-W{teLOr5B+PD^Z|e-YGeF5%*!z3<-LGVE}y&
zkTG5`d4fM&h5z$6;fX~HtnbBIxRM9I{qs=Aw_|&;XLGP}2|Cs$oQ)fR*ELYl(sk;k
zXr>2|3Jis%qe{{p*-?V^_(&Nns}VkDw{eJGgP{qF#~632R+b$DCW<Rm(l``pR3eR0
zB|SjDymdXbSJh!4K+#8CCXM`x@UZ8sNy0<;^9S#}2#?~?+6GxAFQ4gzR_^;aCMNg6
zmn>hRI(31H+j9n`1sl(nDT@`}h7tswDOq;^uWZj=E-D-mbZ+nkoeMJ&ob6Uqd6h`%
z)7^aVC}=H|w+=2p>K8{*I@a^+aQ=!_bs?PM&=DA2hr>U#5`H=?`HKPiX=;CK+tz?j
z#oroGjg{_xguHQ&pw6yV)F{4f833~sJQ&Lsg(Cfwj#li;coOlD5?q0-;}OSAF9}EM
zhz^8JGqCSq_c0mRsu~6z3isoPj)YxcU_8x(Fies(3@Vhcbi$4^utziuvm_0J1|`f(
znA~c~vQ5@7Op`PW3Y4%;gmGO{su0vL%#kz<`jfEEgjE~Zks5|Ml7>Nj66Pc9UIY6@
zS&(BfN7688Pr@<?n`B_0Xc$~XI1v{IA2f-hb)9y!V!MQ*>O!iM4AtM1q50Z)k;_$A
zN#~z;rO2gwg+Y}AWmUs9VuLI6!!wO+6yMJK(5kvvVi|?aR$$nA%vL|M;n<@~w}~0#
zZNdo;3I%>?6!=AyIL7}WD2U*J3I%p)6xc;nI@78$s2ICnwGD1*6u3o{xWz9ss5*rL
zvos3KB1*jCLk#LMg#xcM3cMmpoZ<%=)D(pRt27F%B1(MX-y>2wP?17`QyK+M5hX71
z27@|QP(@(W$3Yw{;d~sxXa^l6JC6$U7FpqID3=*4(CNvoS(Ik+BRF;LZfJB-2dI3V
z`#s*Q`P2?**E;tr4j9(L#QTSMM;`}q1%@D$5i)!eaz`hJGOa}?uS@FWpFs<ke}RJd
zOXqMfx-Z%J`&oR3UBZOZ-7;tn?YE}E_t7dCe5Z)d`*fr&+vK{lAW`pl-19>J{X`L~
zM@y7g(b1~uVb{^03g|!ueU+jY?RkTSu1Dm=``~qR=_obhjntzGBboS@{aWxSArFX&
z5VNW#;sLd^;b8V-%DOCJjxEQ|Kg*%}ISB7$6+X=r96Zc^m}43T(Ns9@_6o7pdTAV7
z%zlg-8VBK2xWfz%=ORja80h>k$21P&sc_p6E$KCA9GuL4m}43T0adu=21nC@^?;Yz
z4|7c8AfgKQcZDmxl^D2~{V>He1_G)ucWTUq#K6bwhl!;z5Km&JU4}B1o{DJ5<Z`S?
z2GuGJ<kAzwGEE_OzkCX=g)-_ukE!ak0jx#1PO-UkoUnO3C#KP!H>vrl`v-iwqwF9I
zr<dd$TIke;JQ%^S#iq(eTmfAivfB9#_q#;9&47WEyxJMW_DpWZJY2w-*{iA6hp>39
zncN2nPKKWcExi!j%o%jf&UH5<0Ha*mM3Oe+1v{upU}{)ZtN2nKh{#I=U;Yc@lLF4?
z>tBR55%3a22F54b6XdiL&N(=Z_|2-QyK7ZE^_^b$>Kx2i6oi~nvc?Du5>udI+L?lJ
z>_7z*g?GGx_0ceBJe^uk1rv?e$-s7ii6|6Ro`&^SFj0AHk%&!kUZG*oc^Y<<f{D(f
zH(FpXXc&~9h8?S5qV(<;7^*Ns!=UvvY><M9)?*(+Pb|HR<$}u7kRb{pDsQC9u=ET-
z{24gT0iW90Y|?L`@4gd#H)6<l_}ma24rVMvi;I5_vvg_d@ShMKJ7EO`4_^i>!xvW4
z^RdduK9NlgR_LrFgMzEp!A>dUq~hE1&*gj@*#?=xkE5zS$EHE3!CFdr8HCXn6v_`+
zj^L_q#S(8uKPdk?P_fQ$RdMKr0<`YE8xKJo9ui#D9LlJ5r{Y!V;U;%7^bsb!R@JXm
zOm`oGEHLLSJ%jVzDi8XF+l^Zlou%&C06@W=H%2;1bb@pe-c|=Mg3JAkAy1Q=$Duar
zJywBue;s<#BsD>Gzr=@Zyq=&CA4Ht$b_GeH^F0b)=xhwG`mr!?j};yQ`3+^zTgbYJ
zj$4K~j0iMul4q?8@!2+}t(CjZE?ek!27%G1a;OTw(ZE?K`S)Iq)qqa8fCOD8{C6}p
z4m2ql%>{;@WB7w5m>X^GlY3~9S+{}9<3KPYn{lJ<yezES<W2HT{T_car))r)XCTc`
zWI|T#21&OxfT|7~&GzV7D++(`R{qFW#oP8mMLNwi@XfjiQrLA_2Jd>09WM!#Eo?(@
zUVwf27f5P1tJHW0o=WW*q^5QmBxVEnzHA&8dAgf3Bt94$a+YvA#}F(T+g8CQyK)y8
zht-ylHKLj4{bI%CIvkFW_nlRV%|EcthvFmi&jRmZ9Bf4!z<$0YCpVb)rFHjTB>Jn!
zr6^Mw`YO*<$or|R8{WFwkxNww57H@(bh14^VFFZ-*-tQUXTW-RNic7_^+;_Xdr9d(
zxsPqKjRmKepDTBmxBOL|Il%=^EPYMpLQpQOXX^B<5zcbhdYHoO#?B7ubJ1>1a9^X>
z?Z)1bxAew%exit}5)O2WB~70~5gf@o9R0T-C%1qDgVM6xq-M=zeW+zQZgHUKSQt56
zWz&oh=<LVoB`@iLEHKltBiKrY6LXkU5ZXQu$4Odue+}^~jCMUabOsjEth-j=RZd`G
z^>A&1%w(j#6}Jvbv%<8YSj9}6%R;DQF~+naoYzvE6>{usVWzfcl*8%V_hEkw5Qo!F
zOozC(kBelyYm216)m|!HsgIh-#tYQ`fb24yHtKyxLGl%3_r(;N+<3qHf}U0Gf#5A5
zk19wj=lnPUOhGVTJ2!*?nXe7U7GloVwxh*jH{OdEEWuU14a3o@?t+%Z81g<{mmC}(
zVcqlUt*XZ)dQ`h11j`1)WeB;+pr$BPyAgz_q`f3at4N{R4Io6x0CKcR>sW<qH+~Q$
z<A)rQ!E&W5RJ-AWC>cKZiL#XbYcXI)wHrN%lF{RJgQ`)ec7q2|GI&G{>H&p<(6o&o
zM9KJZl|fynP;ignpt7ZyGSXVkYrr?=(c$7b-zozoYA_r~@NM0>!u<|pd$i}*#ll+m
zEVc$(8CTsOCQ|BlVGd}k0`vlkt-A|alS9oH@vd#_pE$)Y?<cDY`ztx{z%_O@Oy>p^
z!xleIFykkh&e%WEjM3vYq!3gqG$H3}3>}3T^_9E)A*=9f_hIoX4et=L7V7*QYUvVo
z!F0ErvDnLjP6VE-PUKc2kn?oz3nhy@su26J-!Vxy_WL2a0JgJD#;yhwz_tpvB~qQh
ztV)<udVG^~TS$h^u>f({($TII1BuUDV^yuEqnlpP<ZT@^iEM77S}d{cr-C?&O-%*m
zf-9o_rckJ(o+iQGCQ9VGucU=8RIX6%rh-I?T<@a#VMn__p-_6A7Hn;zM6S7NA>|sN
zQ0=CIM2TF#Y|`qaQ0=CIM2TF_G-)+M)Sz|SO$CX9Tu-}Fa^u0N$|h=?1`+|8o_3ZX
z9#aU&GtBL!n1exdJR$5e3;QXMocArWX32J_MeE_o`_vr{(KX|>?KHV3QIr>L7zWvM
z{mR1Fe2&Qc-ze<Sp2uCNWd1zb=oFmEXjsiTSow4gP$f+@ti$?03!OBJ4`$%fA;mgI
zO2Lm)s3g`Yl(3GGg7PX<66+L7SjR|V-CDFLa!g{KLJ8{_DJYJ(KqawGp@elZ98(PV
zi3m_htWzjq9V1b$(wl%tVw*ycZDoudjaaB5!!i|1mW^ZVV8mi}v{W<@TCaI}<pvnA
z>#+j01v@U$$cliIqd&0V;VEizG;Wk|<;*d{l`;H*-S-wO+qQu`=vir1Pd?ONu@`fr
zR#;}v7CkkZMqISpH5j6jr$*3ltwBjQpKOly9Id(iN8oAd#)m*rb>L||RF=EWwyHKl
zND7_pNoM0-E4&hc%520|5txm&)3EztRat%PEi8jU6?Kpa*!3up->UuyyC``62*zaW
z%eaJRG~hVIkkd6Mb}=^D@Xj=B)?qlT7heb`W7*EgT=zs!vq(tTsyYk9Doe)f3NasO
zZ-Lj+c8B}Hq5GjK9<fV0$d@aT4(=@=wB~n^@8oQ}m+-xB6*!BD(Ku(BvF32jp0gU~
z1NQEYQo^X4r1s6=a2!8R2!xIsNRw_z?6gm0?+!jSz8xRvgj>rFMG-3(Pf9Y4O!`(e
zKDL=vkkboH!OtPwp{qtWv`5bcv<;{`6CbSD`2HdrYFg}=B2+h&)5}(8(PJGT|6NUx
zg_+A_wLhfQW8M8Qw2vLZL14}v8|S!W2S46i7%lat1+95I?2b4yAHLs1x(1zX*338(
z7kdyZk~2e|7M`$Bz@Sb6YzHnq&zi}v17WaP;aWgJ*egwD$Tkic^I27=Q_<bs6MsX_
zDLJA3Kgt%Kw(+h+(kZJkek0G8_}d(Rtc9K8kJH}WCNgHePYa=?$=u1xe+*yB#lLYa
z;q$b__;?XGml&Sv)YM81Pj%v=o_JrRlY0t4iSk(UJGn<C@!QV(+N$C;$yRkQJ9;iu
z79FGXN$wGI=Y6ZHuf#G+_h<Mdu}S+vF|a-p6tu=J_?ofjH%Xf*lxVY81%+y@Qm7<t
zrck2IA_n!cLM3T4g%WLcr9sV9s3dKsP@>I-8Pp#YDoL9ulxQ;^*CNe*hC(H2G=&la
zi=W;Is;5FFX*Put153_dC+mKMGuNuV5Cal@lG+~`%3D;{lg%2TtGBYDi&#O6`4aU`
zA0hhZ$@4}3+<u<uHCV={1lS#TEM@Li0AU$_z8RMB*eYb8`>XViO!N<zpC3Y=*k4f0
zH1~aZhY(|9EtZL(wJ7PHn9Pr-oQ4P(SbsnP@Pu_`?rA|$wiifIR;!|%q>3URx+(t?
zz;HBHD{!L%+Y0Q}VCtoWym9Sq5{)2T-Vk>7g{*n_v?$aO7b;0Vv}V%9D4h^G;0P|?
zB)(S*u|-Q@N^{jeP;qN(TKV@}b?Q}!rrkK%U(uS0Zx?3%ivEYCBP-19tIEVfBjI0=
zBid1*#{}*mrlADf*1Lfku=oAT%Juu(4b;H2ai$p(wC>Jf`W3AMt?&VOlIEPt2hR^?
z{$%vRsW#L$K23sNgpTJIE6(S!KYR-bq7y*uBks4f^Ulh$X0E2SflXEj8EEGfXJgLl
z)+4NKgDCZ7uR>V*mCcifqBz_oGNsqhfn_*D7Cb!|g$PD&_PJN1(XlBaTV8I&%ap-G
z!QZoC!ViTP<wyv+(rY;X<}6|HRI)4D^SnZlHkY#q?qA4O;P|JC-?kh$`1Np-3|=84
zBljxKg>%+Dgr$#q7fEEdyVS6WB-i7~&6nAL_Zby=yo!vkWBItdTfQIAbxYTEyOoyQ
z%uQ%;ep++^DiJKXIo*8<WlzYHX%9nlk<dJ>X^sF*AOaemzGt8vbn?95)|&aYhVr{w
z_%?6u;Bu$XKIt2xAIbii*J&bt1qVMTh`N%Tvc>6qpyG76IEQ0{&?*4MLgcnvh^vR;
z*dfGRCA?mRcVIZS2t94WUsT~88IC<d5fe^(3+Z4f7xPQYxkZJSPDdDqGt4F}=W+>K
zQ+h4JIx!5}gU-=m;}F)FVLr>j`BW@J=~)QFr?!|ETFy~A>_l{r3#hT!J+NPZQ$j4B
zOrR~sX(1Gsd};^dH+&8PW8W^IxcJ#AATe7I<UR$Cvkz8nL4S82)bfNba}z}Y3)NQ(
zYZg*3B|Jz&5r4jp4+^`VKs-aw(4i-*2A?HLB#klsbj+cOe>Wh8eG~V_^7y8`EM8cO
zSHP}&F=PVK=nQ!f06d{P9L(}=1>JoriEEIeWX^9bRDR?5L{T~y52A5`PHmFLA?HNn
z`~%4dYhw_J#LAvoi=B_0>^zL3%Oy5>PM{`NGK$_WC}_H86sp}Q%IS`bqSqSKoeI@%
z6eUVV(GdnEC#toZ6C_RN`Wh4`Kd{H!jiO9TM$ujD;goWUJ5cRLQKDoNU1d-kq^XkU
z1u91wMPD|kT7_yiiZU%3MQ0k+Uj$VIPxs0I#S$xfoZ4{>cHOWML$Hcc4`Ub``(=g)
z`79L5HCFgVgv((7T0S8$JCK+N$7s~U{hCRe@l$qpEOjk<n4{jG^F=qFJW6z9kUyAV
z+{B!s-Zd)HQIWlD6*)#lzO5qvK2j)a_yfw*5ZNZ|(62D5zvCH)q3F96_|~tGA6o{-
z@T9}J2cdgnv%h`Zxwz6PJegktHiqxR5C7Rtn0NqiZyCfR`U2ma@GJ>DI}^}iJVIN*
zP6*Fcp@4#8b0#S0ll+N>Ur}$9@Ds!#Bo+Dnf-vxck-mkI8^M!sIU?{e-~kA=s_sB~
z7*?=_<Xwhi6n$thKbwBAHsD)aFzeZ=1c#~Ac)+~#ZV}#bPGO<5!Kywu6fN;o>^{+&
z`58+U&0h?cpH*Fl!F?u<>7b$Qr^zv6D9`KS$BN@<NQmcpNDN=?&!(Lm&0l&BcGkQ-
zjo%PXv6H?*yc#bUD5@r)dE)aU(qfe@8CKPZTzvA-(#5L!>|{RRBE$>v5OTgjdcnM}
zrgRIP@ut-Bu5lnOboPcKQt)79V^%2dUA7E9PKKm3gjqiizQg3N9ldhRc(aSfoO9wd
z;joM5+RAmqhE`ZrkDrO*7DYOVzkaNi<YUH=UprDPXm1UE;TJrMO<MX7)O;q)PE`BP
zw0NZ2fsLs4eQcM)yzj9=6r(#7bJv_;v>->@-*hyba2gF8tSX(O03k+dpC63#I>JS-
zOb%$^kp>9S(Lgwg1SqOyqyg@NjzpHB94HqJ#LBDyMY|kffIPiLfUwdv5bh!Yikbei
zUuXTi0Yb%SAl7CDC_3f?1H97!A+s8Y#aRK0nt9p)#~L8abq&M{tpG*S+-iUW3=ndy
zfmo&$peUR34X~pEmgZmx+-k#PV1~f5zHG}b{;D08)7zj|doZpT{Q>(YPjtrm5z_PD
zJBz1lW`nI$2II-u2y5w@?<js7W4+hIdVi!GXUUSge?~HBLCjL4mym(nKfu+|r%z|g
zeT9QD6ad^MqK$K8F~#6k1JvuIp_~o`wsDRuCh&X%<lzU3y9Bmzjw~iH*8s(;p%`G#
z_$4`QoFj_~Y|YbUT$ZL&#HR5}a@sgY78CfX0X}Jfod|5>99c}@%L-U}o0Jb*#(961
z;TqXX&@2tQP(au(ehE32#9D$%G-!~37|(A|m6M4MrXYGYDaF}+qAp+fWQ3wiZa+<!
z`2}ZQ(VkoJ17^A>AX3@G;9Th%B)m_bTy?C-d+FPfYl{AO1M~sExOrGWZ5(aa7lR6<
z4n`4R8%Nvq#cTsCfEp8E8%Nvq#hpVXTP*(@U>ir<^~H}2a2qNtDYkL6U0;0G0GAnH
z8%Nvq#oG;#o6;o3Hm<hoi=z#Y+x-FDw=Y`Zdtqv|^~b|BMVP*RIXW5oU3%6jDv5o1
z*5FgL)E;aKlcHzcBuS$SZi1;GrB2baYy(_mfcO|=e?6<O0nRnR6g_Ll8M=%&8eoc^
z^`QZtZGb6y)-wj!#{g6GuG<W7I~r8+YX3d#0t2LvL4f=AvTtCHC3@LmnjrikLftu_
zGWt{aRi%>Ir%#Q-ur1?UiODBLzdBudF$P3#LRS1rsD*ZYtGfYqH^3BqD>g)D9fP4P
zDW>RK3k`6g0jB6%4;$da2AHC6U2lNb8(@mQRbYSx2AHC69d3Y!E8zb6*2(a8xAm>{
z+QJC;MzH%WxTgIafkt?Yco_OsK4IN5M4@?bRJ<}#cup8+i%rMq_Ip7A#&CqAYf)`N
z#U3A;C;&chfYS{SYEc8hIswW))H@CELIVWrG!SZ0fU*;HtN|WxfMA^lLM;kV_M#3j
zz;puy>ogE*QGl`=wW9%kf!086$8ez2K&V9l%6`<(|DbFAngN1!8VI#0K-rP{ssTC%
z2-ayJ)S>`oPwFfKoS=ZhI;=fzfw3U7bgXlg<I~wT)}1&^l_C5`1iSq~mar$uOcZ|~
zy}0pcl0e=4g6WC~yN6x3ZG18o$Hr4NaHRpJ(2MUG;C~rl3cWbT04oeIg<ibQ0LK|%
z3cYxi0iIxhDfHrD2Iw`w6nb&%U|s7k(W25kDJ+kr2Kc%G?yDEy#|ET?Uc65egx^G{
z%e&pBQ<W<6ee_}TA&RwCqfPoL^x=F1Jk|i)c-c-L{@DOM2AD!0UTJ`9Fj1B^NTCmh
z8sIzwOrZ}CHo&_LFoizc)Jxa;QUgq(4;LBWDF&EAAI>$v0~Bz7`tT?mTh!L6F4q*{
zt_XHN0k^b1q^~*oyp^EyWg#{<RUMD<9?e9(D8{|??Ifr3XLLFrV(YI@oo#SPV^6u+
zS`Z0y&Th?{JfI@~t~@n+ycNFzXDVj1r}PvLY1Kd;riJ@Yj>m;05gbDp9b7983p!|b
zu7QKr0zd@nC=?i_*{9>r5Tg|xzk>p#oN5#s;J;9RVSkE_f1&}tVt^?+ekTK*X@Ds@
z{#X5V@4L(ZQ*`_{3~;akrs(()10*x0GATO#pA7IDeDNZ{6dga$02dhGz8!xhn33rC
z9!(H_2cd2isI)w({;yKmhh6W>U;uWFHrb@m)8hx~Hape;Q?TnK1N0bR3U*}};2IqJ
zCQXroUCk%ztmheE3U<vmz`G4F1-t%ifR`Fz3U*y-fTtK>3U&=Ozyl0$Uv?d}C5c_>
znjqW_q3&w%teyS37y)RLefV`bI;xDTPb)ym?$yT>=vD(v!LRKn=oHU4z!dy?-vDzB
zFa^K<Zh)<*nlLs6zor@Brv{jUUquG^vH_;x*D(fIWq>L8wfA^k>+uG-FTZa2A&FlN
znjm~BLfxZ5)sA01R5JVUYoh7KKjGLtX^Ry7>l9O<<p!97Uk4cAQwErVU+V|xDwZ2y
z3Vyw1fae)t3Vz*ZfPXN+6#Tl%0QaD=q}D0;b*2G+Vt^_5)zbi9G{AlNRgasP6YB7*
z<5ca#FC)|~1C`+y&Uh@Q@0A}Nly2g9HyIy4!l`=gNf~siwZ3&0e0M+D&)SXv;kiB^
zF;-Q)o49=GAodBJ_s~D!0zvf1G`YD4j^z{Js<R`$*sxD9R(|8^v2rJ}Lo4iKeC@SZ
zM$9okRe+RE*VP92vH_+rzFsoGDg#Vmd{r9Ycmqsfd|hmSCmCQ0<7<!sW*A@!<I87&
z&ESj@j>OEmoug;%fx3C-8(<3KtJ(nntbqG7zMcce+KjI|G)4Gc1iRxv*0!V~<7I(L
zX`lZ5M2_xMN0~CE=+6s`F|s?ZYnh@y-*12)8(@n5JjnoGFu)Z3d6)rCH^3DAxt9T6
zXn-mD^Jb&PjyJ#*{dutgrW;_2{`^-1`~nORA=tM+{}fB=&n225{1rmoXF+B9v+(O7
zmCQa}>`OBxxW(j?Vt&)zOvpzWV2UmlGt=jO2AHCYEi}Lu=mDu>iZ1rB0j@B>6kY6k
z1ANW^Q*^Nc1H8ikQ_OD;H^4Cln4*hqlleSU)o}{Azb<wbK89%PVsB}R@Bjq6+rc$$
zkJ^!UITgX0IFG=p?`X{%nH%&pROH78WMCDf+WQTDttxzRC~I+#bE6B+Kf@NJ5GFOz
z!Czt#M6GRI`2n=-9gNqro9fBf_1Nre!{-+AwZ+L^StYz|7*`2b;!B7}Y|n0d^POLz
zvnrRYE=E>Z%cEjHQRU`GZVPbdP(rcChbqNB@gro}1t5{SBTy@Fw%wGB9;kS>))ISA
zcVWHJ5=r~rxUf)XfS(wk(GnVnsdW>9j~d{M257W|2Etz@z{v)9mjN0rp@HyM32>wV
zUSxnqOK2ecRRTQ100$bN(GnU6f0Y1#?yGCv*#M1}&_HN+0e)bBU-P6}t_c|}p@HyM
z3GitHeA57-C2&yXM|4$TgKyq8oU8|CBu4#fH9>ejLfz@0nuzn0urelR>h5O<{=^JM
zqfHJe^uvn=c&q`Y&<}SRpvM4H=!c68aLsqR6;kMjfd)9w08{9P&IWk50jAIoUz-8*
zQUgq(AKo;;Qw%VLez?Z~4^Y7U>4&4fN!AaeHAT29g56KRuY`UOR|QmqH{#C?So1Il
zQ$2i;tJK3{{9^M<x>65!Hj8?=x3^Ib-wiVA;q0a8tCul;#`gndD}>l{V%~*tFDmYl
z#jPdlw^Zcc#H4Kpr@q{ZQ-i&K!Yk}Qs|x4bBX|zYMXet!m0dQnTL1@6LO&dlr}V?w
z%aP}%wNy!3%V7?Os&q(bIj^q9o?}>zkyu5i-kDF5sCVh%rWzj&G}V~ih$J6Dd?79g
zqon(||6I229S>@2=3im1Vn;;~OUnEN?9__<r;s)^>7$az0qDTYW3<ZS3goc>l9DL<
z;X_o}XD>rWCn(S`fUvXu*<%nD?Rm%1YSD7qI_z&MEK$WscS~DQC~Kj5?I0K2@#CBw
z@y@aj!&xK7ZCQVo1;-QMKt1J<7N=D(gF7X0h_N4o3KG(eE9&@F&4^SV<!o~;#EsB3
zPj@|hv*w#Dxu_`p``&gd-$Avr9+h^QfJk2Y#;O6^5S>^1#_@SD3W8Mw0J#svd>T9^
zvGlEh_&`{I+$tq0>ZR{7IYt$0AU+Wm;8>HQUiu!BSo+pLd?YNu0VYK-fG)l<IYt$0
zAU+coU`GRd(g2Mr)<AqHEWppPE{Dp<()XAgqlPsIp9u@-O@L65QZ9YtlK?gg)T;*J
zLtz2&1b>3K^gTx6v2lt^-`F;Vvl7GSu0=d3WkcU*Vnls~4_*-(JNQBNY3#4VF$5#=
ztoDyC1P1#@!;c_gNc^W+B53m=VGy()M=3$e1ii8Euzxhn-E;u|mjWNFz#ETL;BUT`
zd@%jm0&$IfGnV^${+5%pujhWe$QogxXM?*M>vY^YMC^RQ-kglRlGsZ4u7P=ym<I)O
zZZal7%vQKTfVrKR8wGQ0GNunPFTh3wrkI#>1k))Qv+F2e?oxT3Ld-FOS&!hv8SJZx
zIS8w4NGB5*t&d{Aj$t+D3p64siZfc?g7P#eWY3=LL|ZPs@D{cxzYN1UfsTAzO|#+>
zGo2YD(UWmLRx!H9RxG*k48dT=2eMCPuz?+~U{I9B7}Yck9YetmG_Xzz))6p_X&Q!Z
zp<o-2(ssgHGOl_u+|0!o(KHO5LcwYctVY3bHdZmlGYvzRP_Rc0?0yBq_kYD0%`^-h
zLcwk}uxk_yCu0?3EYmP_2?aaHz|K-IHW)gEhM`j^SdM}9Rxm<rXD2uL$hlZn_|z}S
zv0}B)=Z7Ozjl<apbz@&4Dv32~@V+l=HkmBmlIT>dag2%dfP$r9&7TbHS_MnNnllWn
zK*3V5riX#`QLq%O*?fd%^bS-Tj84It1_N86U@2Jhgn_-FU@2HrZeTMMY+u&=_46dw
z4A<~*7@=+<XrKbIqMVKocPh$zr<L~L7Uo6k(s515J^h!$60o}4Srz$bW~(9gRQy_1
z^}W>)yX7+`?e+AaQX4${SPraQJ9&E{hSpVxtjPCj!aev12HS@F2w`{w5(rc*d<=R$
ztt{)O0Pf+OOC8@ZlR+M<`?EG3Ulj{qA|lW@ld+iH;IyfkPvR#F|0}wAFW?b$1cL76
zVnz23UP;GTP4@~O55@nAZhj2`4KoP@-J6pX9i~`9$5>5Qi^s$8zoJ_RD~oglg6`dN
zMfW9MnIB^{T@xM;$N!3M<{APTW)cXx@GM35Jzh!2SWVZA$KLo~(cK%vBj^YOU39LZ
z`xURGW2~mzf=4v3rhBA?fCjl!3UqT`P;@vUPUsk`>3D|_q(aj@f%DWzM<D1PuTgaT
zDunqlR@3od40H@l_dHMb1Ra5(dv>X!8-Q2RF&1_k`G;F5<e#eFyj;A3jzG}8yhhOt
zB?xqk)pP^#n2u0IH-89TK}R6y-i#@_5MD{gSWV~0qc1_X(8eq12n5}`EsE|EypoQw
znyv_sT@!ROi}4CN0znt{(I;H7@H)Jbj<K3<0v<CHboWleE9eLWT{KJ4-Hun%F;>&@
zlh_^!x<|_K3OWKoHz!xo-Gf)sF;>%6;4v#f_rxr`f{sAYJw8OyJ%(4(F;>&vhsQQK
zdwwonK}R6yp0yR-OL!$6V>R8Ac+5`ZH}3_!f{sAYy<Dv5-oY#B7^~@C!6QaY!@nB5
zf{sAYy*WwIeSlZeF;>&n;xRWtw{R(5K}R6y-W6|u#lkP~N;<}Bx+XjhNYKq(gICZI
z2)ghrmEZSxB^_fmT{9jBCg|>s;T3cQf-X8&(fx{7(lJ)kZNVe9$Lab#(t=me5eT|D
zFDSaM1cQ#TnvTCi5_C`SZbQ%!2)f5>NQZuhSNzBRlZoG<cyzB@*?wT1{war@ff$A{
z^WYFJ#>`>Rd1Aj$kZ7D2DmKqv9vHA_1NNnC<wqFKPY@xQ59BGB9#}ODei;S(z`zbt
zFg>tp7`!qH_N;-$SF=pzdSKNs_+%99P6J!4V0vKHFnDAXY@C5Tu3&m#)iC&D6l|b@
zO;IpCuxc2*F$$Iem^8?F3Z@5E4TCR6!Pbi_6-&jr3WkAoZ_sH$vjyby_y#K+SY<|5
zG~kOGA3hGD?oXeX{jN9{1?`OSb#KL;z0+`2Qxqp{aDc_27qWZ}XZHr1@99>9p|<ht
ztj=I8uAt85U369dL?Tx85L?cE`jww23#&E?M{(BOpCz6r!0u|ZV1e!+uv!DVO2J_0
zY8Wk8z&Z--Q3LZU7z|wvqXi3Cy1;HWutOCLhOUOuf(6VguyYJ-8(M+)RwQ7wU;*nS
zup9$>U%_DL>eOh#0@hhzdxTY}=`#ujLs!FS!2;$J*rx_|hl0V-)i7GHfMp15o`GGc
zVBqL3a#Wpnhwn?R@QojXqd4$D@b3y9CyQN#P`4k6`ueeOcG4lRg#ykY@HiZUN2_YX
z!O9$3_mP-G+q#H3bWE->hhC~iZ(WSYiu@hDK#LE;>37+LXRGR6xN7LGct#Pw3F2S`
zSH{Ag!t7AlQ`a(qN&<dIn65Lz^pX*#PFk2`M)XH$i~R`GN3t&mO&pN;RKoPUfgPq`
zDTJxQz<xrLf&D3j=^_LBK*3T7(@6&Qtb(NwrUMM@P6bOLOyBlozei2SDOd_&de^`P
zDp(3(df31+6l_1jbmWR8VTu@G>WWbJlO_sN1^5GI&-6p1+m&1Jb?(BURPxHgd145j
zF%mF{BS8!!K}G(XJs?0qM`$2J&*9ao`Um`5+GBU=2O@(v_~7-Tb!L`oU(TU0`C<=M
zLzIR9gv@$l5Hgu%so{!2%<Mlk-=5D^bORLKv%hb?wV7e_hA6tBitgp#H{aUKsrj~|
z3n{ucf8TsVo9p^5ELL=vD7trj99C1BZ`lbtG0?z->l9r$OVQnqR}SNo@Jo(iSe}f>
zHZ$eka=e0$K(uExSJB;rSJE+7(^cTH&D?lo7G6O|An4`{QFM>tm2`~Nbob$L2tu{6
z%*89{2qgb(MfVb3Nyk`C_aq+u3A*QBz$@qo1l_a6itZh}l8&*O?iD=R3A%YTcm*AS
zpnG|eqWb`^q+_h6qxn{ppqsxGub?9kbZ?d`x-aocI>u_cCOj4==oYTQE9eLW-Mh0C
z-S>DU9b+{e&9?~&Ix)~dM<D3Ja~0jMnl9Exw*`-r5_I>r;1zTPf-d@kqDx`EO-|4~
z(%yWVQv<q+{Iu?B_S}+*9f-=9>j)BU%$4KOsyei7yTzkRr4Roj9eo&9MWPQ+fd`O%
zxal?Y;ZlOy&E4DE7Gp3R_-R`_B*Q^P{%y!S4Oar8Ms${6hgTdqid8?3K7UYIo`x(j
z^7#6hk%zaKxfzHQgQO4i#=aKj)hM|bRD0hSrJusW9ByErDOd^%^Kb)uMZr>7nA<Tm
zlS~~2OJQMtXkdR*uoM>Na|U*Xf~Bx9ryE!g1xsOJ78}^+<<cN2EX+X$)}Ubfu`t&P
zTj*AUg}EENVwJ<o5bE9!A~<ev9#b8*&?;a4E+|T?`eZD?z$V;MiEjn;hS^3;1#nEm
zhU6Wydu7LLquMdMSFb6DN+t}z=@J|58M}G*l{Is6cYc65>_Es4Or8<WRq2qOfq1p5
zR%1zvva@N4i0dyNF6OL*_#E2Xh|g;;LwuGao<$UPUHCsz#5TcaVd=PPFZ=~Y_^Y(=
z-`PzGKOG1mXF@hAaV>(Zsyf{Pj#ia8HBpJ7iArpK36=07Ui!eH%l6j?RvBLI25(^a
zr04@L8Q3ZXOVJ0y2KJJIrRW2f8CY1sQuKk-4D2!mOVI~14eT@pOVI~hErnH?3YMY|
zuw8}WZsYIufxjA9or3MB4}2k<(S6_wjSnwDs2c@Qn<(rn2A3Eycub4I)B}_lKnkb>
zC*c)e31ZSkIX<#p<oM)P-UTzbZyW#rLH;vRjz4Rv$REgL0?tVGg&avE1Y4VFe2o+6
z;Sv3DZ)dZk{LDl;&oZ5N2~gd(B0tte(ixYDbiTy1Rdt#!%fl+2=aCM|Vkgr0Bh#3M
z$V7+oLSO#>@AGY~xc?4SYFhFQ-IB+%=on2n>go=4nAE`TqFUmUMbZ-A?dhzwLgWym
z6(0L9RN@WBt5svGdQoD%cy$KSMRR<JUv=rKHf*a@dUGT_Zj3qVFq2-0>0N<%tD47e
zq;O}yq}|z*;Lg5L=W><g;)6$1=W>L~<wWFyEczU7vT$EO79K>(@@r2B9~KCE$ojNi
z=H;Slz=wpmsJeZz07?_9uh^plcMA`rZxXM}AqKhJAk9t~jpR-kL2iabNSaR?q*;H}
zNN$A@WId45<)#><*$bnQ+zTVfM@^a`gET9!8p+Ktg1phBd89#_C0LE*ZWuw1Fvu44
z6f{n0VjWf^xgAE3ha2Qa25A;!HIn;b1i2NxN^10sL1sAHu<j&xw)%(cw!-g$C9)nX
z_yrmtejdT@jUd8#PB{Od3)ULnhOvzE4>~8UHC~Mu_hT&H>E$Ui=-oXB+ndpg`~T88
zZ9xD6ZYEJ%4yHW#V&_rdj#;=b;pg~141`;Di}>XAG~)A*=RmOIJrc->oyh6*9YU}W
z1PlC0IUUhm<@6op?%n+m%6+I&@7*K}CK0aIMSO{bRr?|AihVjLVj&4fCJ_$JR5{*4
z!gGX>*S0KA6!m0ys6g0*gd>s&&yrgDVyBbvp#9{y{0AZYV%KkST(9fsA>qH?1xT$D
zCUTthvk?BBgrk#kyh!J`^m!0IDTM7?_0O`#?7f<V1xbY2Jyad<CE->3A)Kf9H;{zM
zjQ`A1gcp+V1Q53EpM`u)@*&olW21p$V@{=*Szd}+M1ssZ^)Km=w)?iTO8KXPBGzA^
z-y%4%`u!O(CyDgsA4H5-Fty2;*Cib(X#NkK)6-_n;ZYp1F9tK?hl#YRCCFra7YW{f
zM>2jF1hH2HdTnx|ml5*-zT!mT9tFl!CoE9EK-*Vm04W+2#Z^KPl?E6s6bC8_2{Pr_
z-4PVsMT+tVC*{#kD85AOZ<}l>DgKC$3sI_$Ecp&N*c-gB3RExuKSNCYHo>gz)K>EM
z1$y^>QoWfJkEm2%PNH~JD8}rE!cU3=zL7j`OQN_+D306@#et-V#Yy2^zXQ?)hi5{K
zJfy|Y_bjC8=k=0o4w8)>BI&K{kR%aH@Zv5b2Is57H{IS&U#C}VL!MnBXM?@->xya0
z6dn#AbF=uE$8`2J1Y{oQrH{EH{}!Z}))<hHoA<|BRZqeyuE@Wb;Z{}e1ybnaQD|IM
zghBAEgDCr4*8TP=l=s)SSeA9e=vg(Bgwv5gaK^7{#_%yl)Aplqd)xd9V@f=uO^Nj$
z7Ra9kI%P^!oht=e#&D}D!VGc$_0PtTIINo~&}bIuT8Yp9CcTaKD^8-A%m)2$C29)7
zTz<8dqB%{C#-IehSBZTl7=3gl682El4^oMARf&cgsl;d7O(h=3n50_u&rhNf&oN$^
zmkFZ?wv1XjD7k6?mJeW<HJc@bHuhct_R12%Gn%~*rLi^7)`r<cu=gVP8ZiB5I8Lfm
z1vwW5p|unp{08(sr)|RF4lK)IQkLIJTU%?OAnW$EwQo0UeMhtP04az+3(cU}+ErR)
zTdR)+d1Jn`$daE-i;O?ew8-sGpcD^De16xCZES5BNVdKX`roqk352<KbGUF8Rpj5#
z97aWZ_rs?q;73LNbd_a5WqARzv?J$c7dp+T{}m{es=Sxk_EFi+>Cl$#49RxrezMJF
zw!5gVf72oEk|xh!wr18`b*6-E-z&ARu9n(2ZZoxiIUx^s{td-=nDMO365?5x(n~Ay
z=PTlAig-4N+v<^?Xuf<VFqRlqs$k`>t!1xad*eqK#TI;k7D2VWY}aW1b2N><9K@jf
zr#!6ln|^9&J(}HpB3nFwY|-K>CS0q>HEWJH7ZI`#Qi<-zysW?q_u9z1b(_H4u2#7{
z!sd+T4`FUMFgM-L?p`H3y}S#zLPZXPpcqT*pBz$QX?;hYy!$2-%=e&tF@C?-;GMUJ
zCE^I+eFl&2nJSrbB!ir*_jJTh&kyhu!r3#gDVElyv3hEh{->mJwWN|Xta-;VF<$si
zI}KX`-3l!JLHYDm2{);PFa1R&e344{Y9u^M4Sp9&y4{(sRoyoDd0T%)x^kj=)Vpd6
z>UwrkT}N?5L0xx|Zy&!Q8UB-?WDDdDkq=+&6M|k6Q2v%y)U!RqRv*vixewXxmtj*`
zj_-eE{X~OPG^}tV1ESsLL9Z^DrWm$?jTOzGNgL!{2m#vQa2Cm*TyBoxD0hHGI#d<u
zQYn&Z<e-!#U6rNH6!LES1%=>cO32{&B>bU*{{*q^y0^EE_{C~V;GVs#vP$0_z`8!O
z5B>q-ACNkEC*myG1!pD|+N%qF&*Lcc6|ZBeG8PAr52}@I(t$CB&XPcl2l$}F8|2kJ
zBs0Fx#UfqMSr>9v{A9mqM{dJG(;vrfepL=_z6_U`kI2QJ!YrJWoEflin|Zd?t1#Pc
ztZYU~{AYEK)W}ceQvBd%cU0o_HGFg)+@eB!jg>Jx;a|G*;P?0mIWM;0$DXm6xvP_)
zalc?-EJS<$btw3lv5E4%KwzY^9r0)3-V-Z4pY)OE@54`F_}kJ8?8sR@f5jeLKy_Wt
z1T=eN1*T1vpJ1Ceu8=Q45L6+4Cxx6Vawf;_hQh;bAh>-QhiIpj-9gi$5v~?knV0<q
zY{Ly8hc;BEp_x1=9rM<ulYP+00;jj$=99x)T^r}pISsLie^zu$B@_*bP-ML}cE?_6
z#8={P>h&;8An>m#=qz>vc))#wIO^7xM8hks@Eob>&>WO0_VJ^rg;R_2lpc-KweeXa
z8M7hixM(DtADb(*vA>|qmtBr6<EI!95GaQRv3ATOb~A7nUqmm?0mwKWQs-5La0)iY
z$F>r`zlSBpsxL||H@hnwGiRQKjvI7hEZ(-K6|fMg?UPDary^GkqMftTtnfUf$a16k
z#^e<7+-+N~U6}@Mxep+c?F*^ggWGX_VqGfo|Iy-ubX9x*j$f;a0)(Q4JA*aovG*bn
z{ravrv?2~c-Z9a(Zdl4ciw4zBw60rZbsv$2eSQZ|w0^9$x{uAo^Y~1w`=!}<D9N_E
zUpWvD*ABG0U+>4mEq<$eSrHy?E3&%ZF#!+fOt88aPR7IN$ylnYK<0S<D}S*9McKpa
z)BMH4(v$eHBM<Utq7$a<pc}u!z{W7eod2*sqk2hrsd{4%K_IIYOGkt8Zp}fp<1fWs
zJg8Xy>Xwe!|C~!L@b{f&K){aRId~z5cCkI9-akqG|3yiR4lWZtN^7>)BhUb!0@5~@
zWBUfi;VL{{fvgU3AIp;^b1`&V)rY_y!}bq4dWNC=R`odT`oUlU$4&!?<UpPyRb<<q
zd-!q~DTnZ=+X%*CVZ4d{`9;le-!M`R-eE<NESAG{Bs?~Zl*4x3SCLo**O742FtQU1
z^iLIurEeVxzYHVgP@Vf#Bo@4NBwR6!#6ddK%8?(IxOD_PFO0y!InypjggQI43DN58
z&}PmmaCT^2*#QcOZSd1hMH9EWGVo^afOh7swLN$J#36X_8{bh~^Ze}>&~bVG_Qel?
zm#e`u+tXm<?0cN!++f{Z3*U1H2O8l<xSkJY;H+MC^K~eC{Hrj}LeZle4&Zon{5TqG
z(LU+;G5h6ZD{;98N2_n@Sh4$lYvw0X+m*qR9uI^(D|r#nA=uK95yWLcK_~M*<Tv$w
z-sT3q3brPlu&?@YL3G-E_^4yhvbfLcTfjm$+If4es%ub0G!4e}VK(nx)z^^*Gd{)Q
zO!>bmacl0uA!n_8(6KR?u~&c45y1WCmAekIX136CUDD&8kY|1CddP1y(8MCybAt}@
zXmPKAmZ1Dqy5|OQe}~X41`Q7TjM$zvt<7lWxiM+xfi#YyJ$K7cmg_#$PKMPdDarT6
zsPg}VY5kv<ztEY?8_Im{V&sBmQ_UzPevKiOF-T8~`<%r3Tauz5L=Za-?vL5|xm~g{
z80i76UZhf+f=KRw^0$C`qSa9A30U3zE$(HKPEiYUax#OFqAfwkzXcdjw#X56QU+v7
zfE0uGrUoOKz}OfdoZfh~cYY3Px4Xoo1^Y=ZEULQ~S|k|3`=h~~Ll~kH;laC1xqlmU
zRWg(%5Ok*dwhqTt2xyH&3ePZjXBL3&qw>fSxqrr^ZM`S0pxP$Wy%k~Bd<JziL2|c{
zwXj{-Xuu-)Vyo7xP(C-n#7YR#L7DCe49eSSRoyH~$0CQ-H3R(KA<DKu|Ed}zvF9Ob
zsnR;oS9QR4AnGcEIzgeJxHJliizqqZl!tsvT0Vt>2Gb~LFrw0#*5QKMf~$F?7oG=I
zrcqF3M5&`qrPL_bI|>DzrcuyoM9I0PD+GnK9#$wQH;saFBT5c6<t62I-j>o*tNJ`>
zIE{dYBSKCyov9HQ00Cju2&g(D<QUT{Re4GW;(Cm!xRG*eDCq=KE6hXR0PQk@hnP<H
zp&y}5!(KJ#NXO;B7-Zu=i0X6G5UTVB*%>X!?CA177VxMP*Q)%6Kcmr<NUO94CEGu5
z25H2@K<u9{mO|jd3o4N6^Y+gd7fmSK8>LYD=S#go<tWtt`2x#XrL`B#MvnXA%e31h
zw=Wf9e|(vCksx><Akx?$U#6WVh`B)QpD&ngCipUI5@4Lwz-3)ohs6}zSGgN%cLtUO
z?2<8aFy3s!Sir6_QnLIFE5@5<?5_&6e|8KuD1Msu?^(i2nEyRX<}1{{Vafdp^>0{m
ztwQ|{OM(jVJ1jXyA%2G?ULf|*k}W%vSR$XEDVA`#61@~RNx;hoQeNJRJ9paMKfiMX
z2GY+1GLjZLYjHb$aMi|825!If2d%=r;Hq$R9=u3Fax_GaLTR@R1=%fZ?{><z8-l3V
z^ZYH=1GUuGxVlIy{jDghiJSAAxYar?qisN_(?OoLpn0q=W$Gt(``>o&giNiL*c4qn
zAye}d>fdy8N1^^rH!o4Be<M@*3iWSf>JWwc9hv$WlX=Mb@5mHSxc~ib{wfgrm#N2O
z8Az$$Su+6B-8|^Q__u>BqzMvSH9>}G_wb~kNh-*f6jZK)enz6?{h&5xu4g_nC=bEq
z4n-|i)nRmoSPL!QjO|(KF48oVrH6haFV7~$J@}hACn@fc-^5*?6!-9N;?74Lgo?%u
zjHrrTIJu6y{;Zj0_*=2dV}*Hh1+Qg+v6BNZOvJLUWjLx+o~qCI!}Is)@s4_nRpcis
za)FK<gUDbcFgfV>r6F;l+h-DV{^XEnn=w%qE7YX;nqcJoN%8OScS3wE{uamog}+7d
zRrqViKg3^uyb*r~#uwplcKmJp&5gf_zrOf9{LPI27yf3&pAJU4$Nv_L++Tt5Bt8dW
zL*n=1Z+YB7X(qVWV+_JWu~^1<D00WE5Zk>#J^0<AdKl>X)kC&>ntI4}Pf!m&_h|Ky
z>GoC+S?<B|;Bh(44@PD%f43D19hnSqcc_PQcQaLdU$k?FGF;JkkjwirD|Y$HPO~Ei
zxwDBvL;dq77-<K&x8W6*h5I~SQH9Akcf+*XJqU{J94qa==1XDD{kUug_WSAl0dqdV
z;uVR+I7T8Dg96NYQGwl<fLr+k@bg^hQaaWBr{dD2_<bOs5TA{|#qlcqEpl&@s-17U
zH>(G~+;4-Zf$jtqlI@OD54rBS>cQuZP!E~zQ1y`Io-7aD-Q(m}SmpLrkwe^G>Y?22
zrXD7_dFo+;J5W6oyT_=9BKHXOV7oolgWv6{9tOG{)kC(so2?3Iakr`mpUW#j5R&Px
zRS#J*V~6CpA4z~JQJsn$;=ZLG%H3D+pyqSDD*{6a-F!b|0v{NI?}24fAH%NwQ1qRg
zCa~X*zLfJMenU=G4jmTarP>9LLF{F;BpuCRyEEbU<ZwT$K2u@0T;jGuISk<#3^{Jd
z*%`a|apm{v1&T<O5HNuUG4k1wcXGJL6<54jRe#FlO-op03pqPtVQdtI!#{|Nj4+4b
z<(G2pES?7PDc45HW}#$!8Aw1epNhnL$ERXGW$_7p7@j;n*?hA3RL-X&K27G+5I#-d
z(_}tP;*+0Ger8jlv&m*~IcI4-a`^X>oJ{^)k(13Ic=>{;-ID<GwKT_X^?xWQ6P4rZ
z?KwsK8Iv=?>i<|yHmi)3U(vCbFyHhXtN$}O0}*6Zzmd~HM?I5MffTL&FXi}k$V<Wz
zlFyZxH*$(d)Bl~E3G(|;&Sd$0ET=+#pUJsTe!)@v;u^zjYv!5*S%47k%!)pgvj)L~
zz8HZ$lX9<e)H?@G<wECEcpKh^N(@E&P(d310-Ti2SAMG+OK}_11CjJI!OJQO0|W2X
z+K3WW?#Z<7JpuuhEuF2I$AQbil7cX-lUQr>pjyVx3?X~W{a*}uKBqsTYG^ZxU`Nt@
z@n(AYFqwTvg1F#{Qf9{FwhVXzGec4DPE{tqXzR2%u47j87!oR5VBv1U1~53ou3)^m
z7-avc_T$QqPW363>L%zQw;25o%^}-HD}U)%8ZrzKt*HI7QafCAMa@;9^193RG{G-n
z>VsXUp~z5pjeqG^_AWYK6&i=kt;$K0>fR%a3_0%zgWxbP&4Cy3&f9a~LcDWK4xEj5
zUXoKj%Y)y06t8>XqCu<I?Kyq~U6E6azc1xfAWirRN^^=PS~tF-c-;&4Pg}i0Ig=1^
zJ4CJ*WE8RQhy)<4YYs?ppP1F_x*Xf;^_cV|gpbL|Bv}z2FUiTq-z#zk;_r1ie*6vP
zOvc|gOok{maz<rEih~fxC-E+81@T;r6S(9j%*hM{4jdl~ZxQZ8d?n<m)%PLR+{}$P
zGZs_rBsrb-&#9^0IbitD)uw14zbrZpaW6z3rpb*6Y!u&4&+Z&h%*Ai}Pxy$Wg#V@z
z-nhFXTq%w29-95|tD@8Ax?Av~^e5kKw>jxuX$Y6s^=W*z%PWc6@Wt*c?cU4XCzIZl
zA~W};G5twyMN&KzoIAPQdyzY#-TM%?sNK8Y^|yPU><(=Ap5<n@d!OKDCf-dOK8<~g
z5bZ<JD2X;K#C4oQ+;6dz#HVuib9s74M8f@0UWVqli*<aKyFfo>y07RbpZlDC%5@*p
zPua3K#S{m+yp)Si#qOQ@X@Xm-pC-B2=%>jpuSh1&b}!UVMQ%tx`Q71oqWT`<Mq#T{
zEmuG`-3obu4tII|D*?Igb^0mW{gXVU=eQT?pe&cy^Acvuc^Z5wa?j9V#qJ>eG{HSa
zKTUG`=%>jpZv-PnrkkOkd~Pd@b%qUeIYZ!+-;Lv`<_7cy_eYc(c24~&F^YP?nUD5A
zawmTV-?jojkzCw@3ZL<H)4>}29&tN-$B%L;4k=*_3vsB#k_(^UZNtI|pD_MG6Ywe5
zcJ9%GCR9Iz%NdN}GsNLjZehJgnu;$NE%Ap>7*#_#6ZnKt6`Am90-rEyA!$Bgw8Sf)
zq#PJuL8kmZCHLekroQtma%*MsskspnD@T%(VYsc}s0``<mrJk8?6xbGgqijf^WuNK
zSgKLoH^q_zU&-sN<mM4$=>HLi-6M3dAQKRE7E4+SG6yN=>;DtMbLrxwL`tzxm}J=!
zc@^2p{a@}6F7Gi+6brex6-$i)4Ec@J|1We?_oC!tNrr7AFFoKlWop-M!sTMt%FpJc
zqUDRty4ZXw;?sXad$@I?H#HL_o3>&V@29ES6|1e?{-=v|Tyn9Hcrp`N`~SRTZB6$-
z&{_}4h@x9d(raridHp>mwzXDUncB76f18PW;FC^>yrj}rtO@^}rfOHLwssSNKzIMo
zMkaS+a<PQAtyo$AgT-oVH>vDo7H|^N-|v9wu8;vzGf^noiZ%KFO0nA7?RSbbB)M3E
zYbzG`v5(Tq{lB7Er2&Sp1<RRdk^2<9&9Rrxg4Lua!)}n?plG+Xn>(g0*u%aU9lRaS
zm=2D`dQ_~V*tFf=VsubNuU63qGWuKW2)%DmZN);)&(cc0*jC|B8x1GyM@VOk&3t|d
zMQ3_w%|y?G6Y~3P*<|#{7N#Y8jkc5xvm^7>%;+{>?A{+*TPs^U*zg<asJ8MsYg>yZ
zS=F*z2%osa`HoE-+2iXI^F!OgE!OYBHbQQk@M0kK72qkowTatcveYyPqphz1Edhsi
zL;Rt(9UIsWHHJH4P&Rzl^Vn)E&S5vqL-@s~eJCY&!~8``i!E2tZWgnN4EM`fe#;S#
z+P|x6kCoQNS(gSbK_gTk0`(i71$(q`BscFoD>aT5Vm=<0=HMo)zYFS3Rrx!7fw$O-
zn8L>#%(K}FFWZq3X)s)+C8QbD#ut^5YK?kWz>Ai`0+!t=8)X%dyHm<bVZfiw;zsi~
zuLiSzfn%Y;yWo?geJ(HK#XSrd@{Pqed7&DdbylD}NEjxuZr>k6PI?a86+zsQgvOLj
zR;k)Egbdi81^C@>doG0C@qgByd*EaI&)Rc@_{L&GzgLa<%74<BoR3DmH{psc)t-%%
zcG=mSdrMn;KK=>X^F_Ea8obx6N@~wb@$%dD9JE6kv#o{xllHVDBeB30%d{Q*MlR2`
z9f<K0WQXnG7(Q;)yBt60Qju|pnVM@yZX6hjjP!>h=h>mixS~+x^5RhBstKXUjgvx=
zsgpyI>E(9hsv(zO)VfZbm*tSP8LhjK;?$mYNh5tSsH(GPVx;%*iQzBGdc;Z~FO6xv
zm}lkER(AqBv9+*%V&yNbR`deAO`P#dTI(J8&RW~qFk@pYcHhR{>IV?+mnVf?xf?#p
z{v^Zd2X|KV;d2edjsK>*2jVq48oL`7*30SBdzn?VTlx3!o$>VP^!u@9(%M{ebtYU)
z>kwI!RskM-CQq4o`jAhO6xW@xAFqbTQQ1*!I<)Bs<8~kiTh-pHU~pr44l+#p>BX84
z`0A{%yqFzE)nt4&uA(eGAbL}4Yi+-+v%188v|H=!yxnCR?YZ%*ZCo6BGdv{NWj86U
z%-0Bi15>KpGqwzjz|OyT7yb;fJHm|wMKj5^=GEDYVqN1WEIb*&SV?wT+JZD$_iwVT
zP#s#XTWeW&+skve;u(W#<6i7r>%c8V<O}wvjmEh$*i#ykl5WEeGP*2Tv+SQ<gn+g*
z@l$D3IT-0$Yqw$t<Fc~t!DxD|?RX15#-_bUmL2}0v?p9?M^DYLBeoAx_hmL#fimOY
z&;|9RB<$USboiRh)UgW^3vk}W5+-vuZ#L5kuPp0jM;^+_k|KDwbwQU1ue7a#CY0oF
zL`S<l!5;_B-hFllG#zf&?KJenvY+BVNSR|k>?ehfGAD*?W3nYdyBO>|co)k0uneLG
z^ORkW?O~Pg<Z$<1TIo&vC=XR-O1}57;|dvlEPK6vdJ(M1M5)qh;3-FgG~!)<ma^RP
zhHIyJwl9ER6$Q+{1XA^0hYGm<b`-4XlwEoNgwpb&&cN8M^=PP$W#2Y<(@+oYNo8}7
zuOA(|@qurlK>HNE2ZeA(pPOoZX}9=V4~C=D7yog5Jui+9I=^E4SUtMPE@`lxdTfxb
z^Tp~RmE6k3O{#&`Pn^csh9kejhFf3+AHBT}99hCa$BvxD5zH6Mz|0U0`T|LRz+JTz
zDfmKVOo5X$+&UTs>Ab?1R(cRll3D<1LPM;L4aF`*$lulV*Pq)Eu$_(#XL-=n2VY@F
z(vJoNn4;YA_1o(MW8TZhD>}dPORN?<`mjMZ*#FD2bVy%8#gMeJoyh#jk0=khyed9s
zN6NtG9i^xS`qJ9iArEp>Z`naqqr)qPX6Ki69u+Of_QX5cl}mi_Ci*1n?MSy$q{02A
zgI3y+!Iv{ZT>qN)X=(ouSJ7L_@P&5Pc=u_T4uwdr3*{7R(OHAOV3(_`^~F~*=p;LO
z%Fn8fD`GRzuPL68lb+oqMel+9;YnCd?<U*nw(~<D_?6gk8E!4>7US@$6j<CJbaqJf
zG15D$Vv8VaL1#&@|K`$vvFe{7!y~!!5@WkWZ})aU<H)zw;3zUK>rwfBYkU-4NOUVO
zBtO2w?C5Qb)yzpt8{Uw9T>hx&?Z<hr8WY4>*`C-_2)3QiWsme)<Fa+9zL}QhtTC_k
zZH%g{Jq2?3{g8!}_t^CD5c<~G0Q^9Fk3s!n*I^%%@LhEV^tO)!H3ZvH?i-gVsJCti
zL0`ZwF3X!pJ>)dlCFKKamLk&f)?htBsC*0AeQfj_U$(?-UkJve#XQJ%A-ra3v7b@g
zBHaHT<R!jXu-b~!<e?w141+UW41@<>2N;aX)_O{4{@ds(d42xyF1kt=yE2abwyg)p
zH)GeW`x-PpDp>4bPagC;q+KQ-@Z5{##@B3?1iBsV2BW@mZ+cnR;Ed&>_gfKKxwmuK
z@kRV*4LyK;{u->b;Rx;8g*MB2J{rhIXWNKMU3`(dUMMokMg?jZjWOXpCLMBWEpKJZ
zrm}<HV_oqYa#mVi_jO`QTDa8qG#)F5=5&BEPgnNe&NVLNKW)Zdd~1<bcDYLNJ-#H8
zJ4p-<B!+fJ@}-A_Ys<SJ!5Zo;=$gjHO=zU}D9P|6$unGw`0^p|QAsTzCnT}>F?Pw0
z%9c*kJLBr~>D}VKXwlZn-JU5O?UF506QN~AWyq{tTwFg|_H!5cD>nG4O$L@_I%@_k
zg8~Soq1Ok}%ChY!R_sjc!hS=W(*cFhY(8Z<pBJg7ye6&UqYAX|LeZQhD`USr#MV?r
zJ;Yk@&B3>Hmr}Hq+VaL=ZPJ1)8cz|%9BB&~IAlkizwBV=V=!pOIu>KbE-6eu3ak_c
z<6l|<T6u_#r8JbLl%>I<4U15+69rl*)^f@63vfI4H8?mLWnsl(n=rdc5IN@;dq!&-
zzM-1ZEjAC1nVnz2SVDib(aGw^$`A@!O?>Gv3(X8Qa>R1#53VxebBqpDE*LCZWUw5?
z!E$ktU0ElCWhuUD;1mkhBsB75e8OSl%=K_<X<k93LjY_l!}gag@t%0>P}VaP@t!f?
zN7Yu^9n7?k8=e{WA*wUR%jI_K3hXG3*XgGBZkOH7sPmv5!h?yNx8$+`z@1VwN_bi6
zG0>wJ48S=*1;m&!YRtG2GD%81-j#Kf^;f*HVwo^t-}8f_brr@l)*5ETpxXMPnmZ8)
zaYQRFgfhDrA$KG~Ue+N`B|`oxA?U3&M<I>#p#wl$(o)&-dD+3R46K^ffQlB8@YuD2
z$0sou5YfqZkkU=0Rw%K7vG`0TRI(^ACRDN>-#ef|$MO?GGO1+k!b6df?R*VE%Dx5`
z9E3AA6}!GK3l!^&a|^?p%Z@4%l1&R^Nc|dotpXeb286L7&=+3>aEu%1IEE^9TMt2W
zr=t_1T<1HjHAf;N%ZqE@QJHSx9c39cy>*CPvOD$^XfLi;HIZu2epL;3w?v_8sN{~C
zV4`|ABuHwWO$1(~!8?j-o=XH4B#=m@u%x!;#6;r#lM-K9GcXa}U4^rIQFqD$Jo?yM
z*+^7Nlyv4&iV$=FTMiR~BFyU0G_a*H0CO%^^LU~Z?{Ni%`lE7sW?K1(u{G?*>{9sP
z2lMh<e5~#g$nsH@x8XycJ{XYxItJ#}F_MC)PsmXXzmGyYUYl7A8KVL~0bs0Qq<Dsn
zZMrrsXBv@du`4k)+a<Syu|rh}a_iZcH76x1n}cwQW{D(CVLeDf1V)=rF=7vVi^8Lt
zg$C%l^f%(#6A0d-MBpa~tf@=9F2O4SixVNQE2<*$;vEwjdmN!g282!TC8GG1A4|9-
z5i(gqq=b!$!0{4Dv+Jio5$&nNs2q20yy>8r2VSB^IU;z_W;X%~%o{M7S{s9T0*)@B
zR{E|o|AA#bn8AnIGcfT=OPhkvw{Gu)=-o5c^F4kf8>cH4wSfL2KGLrI5ssEknWdPM
zjBK$F7`dhNd%OQ<gLcHOjxyDH!0rBVlUnBmX&4jZt1g0}0{dn>rmL=BfU%3gOm{s7
zFZW60<Ng(Y?8-Y~f5Kv}JX3x!5k;=OaNsCrqevWE{CGJW-kgERXbOH$wVl)I{W}^h
zkojj%-DAxkw-<-YZs=RNu5ZQkUt!ILS2D$taV^}MmzFl&v)yUJx99d;yMH6<utjQ=
zSDq;elxJ6N?3=gq4$t;TdDf~Q{S_NM2#=KaPCR21j2+3ZUJU(?L5JVg=H&?_+u1d7
zk=v<q-LQ&XCr&*P(z&&{V;Wwq`CZSm=6#g+@tsJ?&TehcutfNDE8cbDjE%L{#2Kx%
ztcX3MJX@Fn^WDxi`7CnN?bc;>-p99iw%6|%nccSxOq;HN7HX1hA1&p<#J-+y(Vml0
zfQgG@ohqAAi1gu7YmDVv3nC+XD|b+2WL99+y4mMtqf<tvW(P8AYd9_koaL*UCocM-
z(^=6T9(-HVw{>adhGBWQin;}TqhejQRrMnt;3Du<?mcmOdF*=8dY_W{QSYv`m}1XQ
zFH)_X*Ld@}_Ke$9IScH(_sfPw&)!wp(s$}PnAu%lkA|FE@s4LQB%x%=kU(o)uml_5
zG1tti`nZWb@vb}YH&D6zVC&vn@D%UC>8Rz-r4)ykSylJq0Sw+@N6vvx@E*<-qZdLx
zhc+R%(mtU`$Dm{T@Dp-8_8GmKFf}IB>Dm<U43!P1Qxg?CgATCs)|Le@H`;>Ew6gRx
zIN2b9;7DY6=4{(1jkBt`AnI@3xyD%(xw*HqqTfzu%NFa^TYKj<l>HFsx23=to)tMO
zTeo{<%ZbwupFJAf7<^Y93Rbcdt!eLEX?q^}h_y?!%$V8Twl49dMbG!_U4(WS3vd}!
z>vB7KQ+C5$MKtonY4B;;*4I3hvCgx4)&b6D%&_OqddNeB9T}Y+iky{c&sa}Mh#$ij
z*y^z_pxg$n49uRqha5s6Itb>|u`ST~_(Bn`0C-~2!Jr<#rUxK@!y-%wt_Ky2jQE)&
z&<5S&C*Y^7KllwfMmxU_h+Xojop(u7QRzXI4X{Ob*wLY|%)XAD49YD98RzsKR6A%T
zY&LEuqpOCy+*;rf9eqK}2E-J|sgDgnNt~_D&*-+5-}U9E|JJ-FyCdon9h2GB*-{(x
zV&}>eQ@!xe#(NF*vdazs6*g7+RL}N`TYnLKfjv_F8?Y%K9fW5S^lzvTJyLNxW5vs<
z7`S2fIoW{*?8%rIX!OI#UDX`5TO*@;N6yO1XbLv~4Bj8@*^;-kwC`+hA*LhIp}p{d
zrq{Wxcl;8k3GBYDcV1oT`SInmy(b_VTeAwF5#X1ALGfekNC$H;`F!+VX~G{dgXfg*
z9fWi8duZ%RI>u!lUV!;9>i<(uSgOu(7~uk!1Z0%^@2SH7NG}wBxgWg{;GG$t2Aua}
zbb7(d2NSQ(?vJCaM*SKr5q@Bj7F-m=sZC=J%B;9`52`(;!><9Wy1q2Snm>Fmlvj0a
z#jQ}fp6#KMHHCR=ZW(MZa=js3ckjF(TomsR%J`RhO2<>brRWX8yrs8f7WA)eH7^~v
z$I~HhJtjKC_lg2(7`~_3_S7{D{}lq-WFI#&vtZUJIMm_3L|F(6A-I22|1G6`okctU
zWtS`qG^BSy*GRwfz(B+BU!cu~|5`(ne)gz6i<-R<G0)Oj!_gI*U`#Z^JJ7<EVCFvo
z%#>SfoM(;hdh!==ST1#ze;ix1sY6B`2922hNmp+^^^=)V7ai`|xw0SpRXzXqdB?P?
zYx{4ww)3Lc;nsWU9ir)Bh(K$!$OC)Tn&0C>J8$_d9kHp$E@{%Ql}%~&vwLnwcS1UQ
z>&kkgb6xlzl~_@BLxt}7P=`%rTVL_a^1csXeYka6ui4($F$;#w9fc0N1flLf?#4(C
zf1l&6CJ4d*WblZYX=!lKz(}b4KC?34gS6Ai#`BwHAKW5WFHx=?%#1N{xe`g*k@Ukj
z@E(cobts*4rH4T^{wNLryRyL-J0=V{uB^|Df7IxG1qA5XAYuZJ_c2M}_-FY8GaAbl
z`7hu(t<-jRQ{P2K;FHQFr32JQ=EIRERzBd`JLCA90kgtC7?9)rBLdv7@s7QJPX1`V
ziOQ_Zzl<rCO~XLE1ijC$#1cc*t1JXOGv_S8-ZqK~O}Kh{=NB`+;aF;WU@<h=PM-%!
zF{3^$o1nD-<<*y-fl_v1ns%f2M#O_-t!0PB|7g!>r2SIE6jgG0jb*Fi$JvoSzrKUw
zU?PAT<@-T`xj_JK=|L;sIthXAkt}v>cjnQjpX3;45Ym4Fgs4-RJ41-O{T1&C;=nr`
zesLD%s&C&q5>Nd2d(nojv1Za%wxF8yTH4XMOf1;?f!*pI4|-&B9ezU2(IfD)vz`?$
z%UQrdLrOxcZvqMfrXCn`x%@Na4^|j<7?P@#a<z6lK+^H%@F(K!$sfRBauxgHaNPF!
z<!y<0hd)lApXH|`ka0XU`ZKR&ViE6G3~%(lh93#3ti>SaeS)Ep<LC0HwcDfoiH?BY
z^WKd|&Q8l9I`9WpE{4*HQ3uus#)V4OhNAf)Ah1I^dQKNO+2|21biNcx#^Q316?FVp
zJ%Q$wf!YdB<m1h~F<kpF;lesv9ld&RfzpD+&%odrJyw)qU1K=DtV~}K?=)yf&^cuV
zXSWbVr^7jsF>5*Umvwc6NQxL}!P%p-W#EY1+Iv-V>r%)-ci2FsUG2yPzH=N<Ai|E^
zoGGB$=lWJP2b`s?OK}i?-*8LW^>zev{=DU-ozHPXYm4F+M*`XCnyWtTm==f@bx0U!
zLq|f#Y)rT2HNuZx5bfG|L^RM^FsL@4+??LIwXVQf8s9iOkd0(pYq7$2Uft{qeXz{d
zHzOpYX%_9`<@>i-FuuWHX+Svx&Xz#G7N=!Pf%WR}-l$64S&H}JS!EbeN5O0n6SmUr
zT)C_7)WfJuXTM?5IKv5crCnM-3d~ZkRJHvU^<N4~xDoooeHZQdBo+d9uIab5od$GY
zqh%8HeuKymuDJ4@ZOtE09OFj6z@qQ4V7jERWHUs~syYL*ABq5RPUN1o?CF8ZUwza4
z(8W_hdroxdc<{-y6JJm*S`YoXlBV#%R`p2FqUH`T=kpdFTD!9es`Z>`kMVf-d}>wq
z?i4?xfamD+%s~>B%^eZcVMo2E?4W2m=c%wgL3c~~$G^l~yQCi9%r3F>p-s}JFlck-
zFP^gQ!RUxgJ3kHDVd@cYvwMb0>I(r3M*TY6y1Nmjjdv_`VgXE?cMXDjt?$%P_FRmO
z?{uaHM<aG-BSJqN2s@_4Z~cGFy?c06)!FbplLMKAz#b$@te{Z`O%x%qP%{!VLng3C
zCmIU~3a!{ErD7|E84ik&bP{DVPHnAP+iI&;-`c14^t94|8WI9YKt%)(AXOrwu5oh`
zlyIK+cdtF+&_3_g?~m`jzE3YQd+&8#>t6S|&+F$MmB#Xe_E2N_*@pq~k|VJrxl48?
zZg%VBe>`qfy%$*es4ir`q5g?|1ha9$lCuK`*SMpGG~>oMJM*DVnW!@cGXcn-!k`(g
zXnFgG8V<SZL1NN%dzgrk^ruQb(Ic0AE@a&WWD+sx`~i}?h@@<ijH)em_RErqDzjrp
za~2OV>o%L6tq_+f=IR}e-Jt@V;Y1|EYmXuYZD=Z7vQK}lNksY-$n1su9dibT8cv83
zZ{Dkktn-{%|J%!Sy%+Z()-FqFoTt&2h7={iTs1@p?n4_Ky;u{fvR$F6_GnU7<YDR!
zJg7vCIF1@QQHpSob+{piizQ&A$hoSEn)lJ$P|sJXY!}7Y%3Bs?CaS>Nz@ND~34P|m
zF(zNPE`;+xF=;@y9j=3{?@=>>S>2tcR;$BUI-9XxA79i{8}Iku%LV%ax&Zo-O_{E-
zob9vQc4Wmq&jL`@({#^lxKr~$&UmbjWtGQaQ}Wrmv98vo<BlW9Ztci$;Wg-QzyC`*
z#Z+JKepGJ+t!A>?toOi@UP^G+#<iP23$*R*V;xSdvuX+x*Qet57p7j@yd(DU1;Em4
zMb{@5ZLdwO59I#Snl#w7hMVykaO<9BH+jGpAd7$}UR^W;jxmtCCSF~LY>@7CS=EKA
z0Z%Pv_@r1X@a@2D?Pl`{JV5wwi8!nX9-cHI@J-WyXb#?8$Dp0;l-p%Iu#yS1z3PF_
zdPNV(c2*>uxThd}#GSsvdyx0!hzSU?2z|EwoV?4jKlr;4)T0hG_Y%}S>McZwY73L7
zMzJ7itx2J%RKAC}QENc<s=rWGQas5`Yo?dxs>^n><S1MkeFNqA)ZB5<x_+?PuNx>x
zWgn*@)2b@sTVZlHJy*LKI!!O2X|ql(%l;-g9HPEQ)zAmdqgSL*-P%xmS|<m^w&<+b
z@yx}y$BtiMJiLr5V#oU!jSW0h9$f2=-WQ6!qBp23I@?mQE{MRcQ2fz1WzS+b^CmT{
zi}a8Gu#o-LHy#=cW1EFwI1}Y|Kci|bG$P%gsrRI*$QAG>*6N=3FI*kDsAQwX%SN!R
zke!!qJdNxO8ZE;zY_`CsqEJEz6c8EP!aSL-s~Lp-b!yyO8^7ZC-{c$~vrIP7g(L)~
zpo<GydqiS-QlS*MEx7}SuUjRqiLfRb8qxxnWs{M&j6cB*lsit!TLwThz<$+@KLj3i
z#4R1%FC)xh2|B>}`^@-~edg%-j=W`l5uB)hzeq;r7jE8zf<en$<_|vk%q1u&`o>9D
zd*v-<G=Q+e`r=G^%cus7vSV7_a)a^b_5LoA;@nu2T7631!uPlQ8y9JL%cml5IgysP
zq{S%6TP7E!xo5MDy_;GO2?0AvJ<Y5c(v*`D9-sONOdRbAo0Q1TqH%;C1RxR75~7kv
zgd1v~(5y`y&>~npCi<m$=fPyD;BSFP&~C1pwi5?Emkp_!$qctAUwWQKOk;7Is5RTv
z$e~1gc8$3bMNp;jn~o*-8k5(}Fow4ozglfnzuUMe`aK|Mzu`T5_Xe6T?pk=!eq-AD
z{l*mjP3szi<B)4f8R^+;N#8F{BZu14si);IB*%e%?%o{6<V|F1n_-N2Yo3Rv?Dt4R
z7ZT4N_gB^-mKqf8Pt=GZSMr8{5OO7L5rFvQXmqa`hh*%lpu3Sj%BiDuC4q@$n?lz9
z=HblaB(o0u{hmlI!AZiF2zA}564>1{E!ov&JMA$6IOZ|b0j(M>#R#PNc3st8oiz}9
zooG+uvVs~6rEwO<LQtcc2dVPdEka6i25M4LLgf5J%5pI(@`SK2A4ze3k*@81^;hV1
zWb|FBrcDd_iPSh>Bp8o#u{w$kDVEkbAruz@hn9<Lo#Gk#t!6Nct5^R;4^a-ZenJ%@
z{XT^;>4-_YBC;+LUZtO!M(E767I{dEThNqsT$#wp1w77DV|232A*zK(Sxu-DaF_Am
z0-jfB%ANUxyJW`95(Gz2`mUvtvfYG;K^W6FWWA{t&X>}Tl%DPbuk?Iu{VNrcb40X4
z9xLUsgTxUvi5qd;?N5{PJs{tWMsT}})XEVwQ?@(ss&q)Rb2lW0jcysin}|Ku{gB@h
zCG~rvxz$ZOjmCo%lrUW$cl5H}CWlA!rI8xztK>gOt^xNAbfl4iS9y2YReXvRkF8%c
z@|qEmq8bq%S+uBEH<WsFY)7Nh^)QUOoh{lk&y9&;5H-i0xtW&E?7c2Aay0tVu&BMR
zOH`DqAIzhN<S!oE5gc}{tHym;`<2nZjA%Li%OAsdhexlF$7}TCMXdPu32?n{j>k-`
zP4=OK0j-W=c+qUeVBc%v_kxsdJz%3-QuBVAZUxK`;@YOh*JKui!j-Fq7tV5WeWzPM
z`y8X`B0g3(L0HhQ=pV-!Ezjl4%IIlx)fmA&$)7MQ+RhMSD#g5%q(($wht`Uo>N9%|
zixP?*cSr8#Z$>nyei6$Uxs7ytvY8Uy3=2?L9QCTb+XdK)W%2%qysiF~EE(j8Xg&rP
zeMdyIL#a0V%No%@ei$lwj~N@Seh?+IL^?^Yyk4M8Uam`IVdT<Q@28weInaAsjkV{7
zL`81$H{@rAM_%jFeK8tAcZ5!qLBWVF7x}-;hG?SX!&|cfQ24MlW^A{6PBB6M-1EF4
zKvl+iacTr9(a+7qxD1wIE|&<5LuAuoZwmVlMh3A`K0Sy?K5(Ide?%yS=?O*>H*>di
zR)Mo)pvIART+5Barh5-|6hpa5m|dogPd*gOiwUyln5ZJqM8tP(1eC^$RHDjBveB#b
zs9)Zr$(!GODD&u(dAt+p4tPR#^=ap0Y)Jt_J+Z`V)-CZiKTSp>8~$rtLHmRN(k5$v
zHRNbrkH&@K*tn}mbo%eZQGz#?euOBr-L4eHG3-A=9LTPqY+CS3fzV*41-gTU)jLhi
zN4x{qQ~-sLzc@$b(K)M7G}N&*MWUpp`YFh`1nSH{TAhbtPuoLiC0-3;JvRbyuv!2M
z8M%plx}d0HGrkbE`G?+`_y9?Te#C0R#5rDiBWmXn^9!o2wrZ<25Nq><++Ctz_SpSJ
zS?aAxAam#4D|WG-nmCj#5|YCs=4Gc%W^)~!{|okkgC^5tr5p!=o;KOb5w9BkK`(+#
zYI#L7yG8z6BL33ALqBz{&LJWi`v=gX);rc~)mF#BHgCj`_C4yhrOtlzn04=j>o(Wa
zbu{Oa8zU$vN8Je_Kcirpoze4RAD6<$;JMBf=&Pln*wG?wj0W)?TjT9r<m8U+y4xtj
zx>CI#+iOLZ*zlQF!@!>={$47hXx75@hEMh9k`vCbpQZe*?bvpGB?{46wUSkAhTV}Z
z!kOq~x?eJ(CleR(ceRUnU}6A^un7=~{d!wXwmypu4d8^z8?yH<*Qz3Rsr81~vEd>9
ztGQBVrz(@WZn4@S1@BUyY=i9ZByRdVwqtK}YR}qKPfse+*Exv97|A3~7?TskH1Rvs
zE~OTXG**5xaBcx0s!cPrk%qP^F|tYND=9}E%MGX%#~=}{?I}|vYZILWk8DEcLO+|!
z$mI<4aX|J~fm0xCAJ#W@J-voEV9-^Ukx#ud#~H;eva$|^BG1&Ph0LBAufnKIB0{Ft
z!W>{;X{@TMHD|R>F-tI+s|&N#D#7VAqh!`Mqnz)Wx=k*IxR^>3bZzoN>X+D5i7_v)
z&2%lpxF#~7aZ_Z#vO#956FRFW)oLgC&Ez$C)h{>&CbQOXLM;N14nM@{{sQ(=X6`=G
zPZv2`2nZ}S8np~WWL5PnO?+&A{IUS|<;8E!l5NdS4p@768XRc&tQ8*9Xp#WEfff{&
zfM1^R;9Optvzb<FtGQXd;5Hg>mkib}7{MZ=u|m!l&EE^8$<a?`Qy@x>4vZ-=#-A=3
z64~7hO<u*m)YKG<wrC~ubRle}NwIP{X3JsWQA`B5&8M-MD#ylyBd4q!z!OXFaao;Y
z^r+V_kv^;eG`=G^bD};M)m06Wf8xmL*Tw%Hk%k3`ikKzJgw@?!0lY=NiDd_a5*7uT
zLU4wu+?0}x-$aBBz6iq?jTOXUik%{P^3;`5(i2PG9y{!vpWi&hg|(N=MYM0A1-31f
zyn$oi4+|c&>}Vh7kPczu6(L;!GI=qXs;y)8fU-?OAMGsL22L9+c#U=j(+spBo~{8)
ziEnbTinDbCR!6|<<gi-0Pv%Thf8;D8leIORc+r_z3)4*2QD~qm5ED^IN{GTqh@ht5
z=}9=G>4bps=MM4?R{#7S_0`b<J!`_!J`tX^V@fCy$#Sb<f)g##&>M|Eq_ji6dBE^P
zFp3<CT{9tQ#i9u$gF=rAJ?fF~!&BC62w`n)-R*+`KBzaqtaWhz7;bQ$_G9sbg4Ow>
z?_9)O%2k!fy2j-Az;)mb-xSizW&HyZm93Lx<N|YR1K4V6aAD`H6p&dV*tXhOKGB!S
z->@$ub|M3V-Lh7Z$W)bDoYJtTnqUiB6IhY!^Q{SN?y90{NIMdzZVX`Oi7YBIB6cV*
zT05h&sx%M3`F~XS)UT*Jlt3b!xUYOAGy?%StF9z_mQ`ii7fQ~IbWV13Z_be`WsN1L
zvhHRHQXMELri5Z^vXaACcR6y3Lb0`jO*bb}QX+3M%)w03467Pz6zv^ZZ1)eeu>DeY
zpFj)3207SeLkF#Wy|@-hh;`_JZp=vzo{7vv=wF7JpJ3WfAobSvWrOOEq@p>?#=B$P
z1}5kyA_HRAy0mFz^q$y~ELY^R_GLG^^|p<D)LMVIJ~D+2(SW2yN5=@{79Ca3m0pql
z_7(cgFK^MW*DvYkLIAy_zbo3eeu?4K5E-m%rkUtjy2;iGqE8D8nh3ULx5vj7UOpbA
zIXPgxDdHOpq`<=9P=Z!|ZFQz=LO2oiq6{LIDCD8Q`D|?hCIADafZ4QwKQEQ?^0W}x
zyqNMb9nGb@)Cw&zQ!pRY2KIMB|NXAW;&9!zcum%1@cm4&&7sk<ls+_SzW1?w5TO~g
zd84nM39P*fGMB9fMi{BCWBZA$tbD8$e6muAnN%yQSP;#D70RRNSS$QwDP*Q^u8WOv
z*4Slq`fC0~b5gBim+~NX*K0jt|5sd`Dys=yQzTSiv9&$0qV+5pryv+mS9vWlaRZao
zXMo!+-?mma3qk>1FXik*=<}Q&aoHv;!u*>TUm08Um@CuxaRX_~0-3CCMMh+PMW)eM
zC#_&++|VYqBRG1iS(JbFZK>DL5T8Sz&AM$kI7F_F2cIl$SoD-j@-c09&%=1hc{9Iv
zR6fQdPwDO<lKI@Excf78){{^;ZE+?U)-b<W18R0NG_=5}EZb>7Dr=1V%dsC9yV>ei
ziK6hKv0Szxe9C92q}B8~Q3*xQ3DvC)EGrmx(S!k@jDoOx-_-@hk=y`>X{^1#eoff-
zwCtySLJLA2*88aX?VbFhwjFbv5A(#%`x_uu(AI}46PG631|qhxd~{;`<_h<GScG<4
zE-qehP=!J9w2IAc{b(0~sxYGrh#cTueUvxs@-R<<*wO6h*qS=1(oc}X*0_;}Bm>Rh
zd?03nI?e&y)Vd_6Y+drFx;uN7%sq$pZi#aY{iHr(Z1#5KP+l>?csJ<3tsuJ5tb2=^
z-4STlqk|)7+2_aBr2<;G8at8|@!I2gj~($wuMMo!G~2A!!DeP=*}5PK$~tTjoOjDa
zoOPcU9@e^^Zz=MiK<xA=V<yMUOlLu46jqneZccz7#2qK8gkoemvPV#jaq0l=KJ^CO
z6-X>K6SzWfxUV3HDqqG-!zTe&PJMNilmXFmC`5-T-=<XRWr0$T#KQ%~gU`@hb5@a8
z&P48iu5h2bE%xzO$z^<&P3r8uop8Hsa!a@evHp)&_*z6jqkdUIHaTprBY*5D1WO=Y
z&@q-=tFvCrRI9gd*I6UkGdf*)^ayDW2a)PKBVEHTG8rwkDTIQb=Q6AF`qm#VLXDVM
z;I`i$YqS&;pG?UnB}#DXVLqd!nyLWwwJ&Uscw#D7>^eS&o<tyS#z*>OlIgK8?Cw!_
z0$kEnKZ8$oMY8}bPJ7u6!jj*)tXei+fzh(jX<tBZt(~kWiuBNe(UL(6{hSuyL{h8m
zUDAfA6DD%z4-uA>mWrENp=^xCw>c=xlF#MnX0i5=UtPvX1FtYWuH<q_J#!{&M?3S-
zv|gtnSy1an(&23ZBe-4mDNBE9J8_((g+taGfr-`D8Z?_?aJ;LF`aAltCYz#VL8~+N
znI}>hJDeA}H$YfzQ2`lEe~=!0#h)P3s~voJOg?Pq51<BHp*JdQgE}HBmZ$|w9MM}f
zPqR?TUvjdE<Os!!=6~7FRO}%vHB|&+$McLvSxad!`6&<8*4h<xo)4e6BWDXmvi-mx
zg4W*7OdtrvzS|zlr=X?qo6(;-t2|2x!EP^-j$fk7>Qb6)@6AL*8AjusRN>G;b?+ta
zarfq(wTbf@yTSL!ogo`CDVGgPbyxIev9_O4UAj%DR*8b7&zi(tVtvtD<lk!T7(2+F
z+`)`9h@kbko{;V8IG!)SSyLMcObmwl5@I+gF|_szC?L4F5bQ2leoYolKuf%?R{FWp
zK~yI+ahBy%?;r#&+a%6nP3sm86h+nGYzdJ!T=<FApvu6qd}7K*cgO$k6M8$aEZhf0
zgo$zC{<#CmXEePJIzYf7wY%&Ay-zx66-hN>33o9a4Ad{`b7HvBIEd#^!(qYJ#)Emh
zXhE1PwZjzGfpE0wENq>)Au+8Vx5;J>$6m^4d_jt|^Z}}zeaJ59u=ms-DT*MY*&q0q
zEfiu4*<l=TA~n`~&C*<`q$ga0VNd6r?6CE&{fAH@1dtsGv%!i&?!6G%{q(Vq{svl1
zWC|Yj&UctWPIpkZI5maiBG2899ghKcCsk0?a3p($AiyF|Oy!Fr&)CIuno(r=&RCXn
z$j#|6z-T;+?VS88*wpy(ANXsnbs+rr^b*d=8@&;;RAOLVofpZ+%PqEguwO;Lu>F2@
z|0web|JudF%voK7V-<b#qC-M;ZyVnHzJb&l(*Yo3K%U{9*f-x8@XdTy(B2s2s7lnK
z=sJj+=r8D2gZ{4~fdDe4T^Z3*k!O9WiBx^~cBma}OKqyc0^k(n`%-P>O8^<qE&+8Y
zSg6;*_DUpsi~9&bM{_Kd+zCvlJDm~DOLuzhk}v#gjm9oX;|v+8w-SBfj)UFmckurK
zsD?wr-Asc<o!qK-0u6;Tuym0#MF{s5K%|Q`f^U4qw}$6V2io$;bKnnB!!ct(&{qNf
zxP?@v4dj-mDL*-3y7(q13uY%mv!i_qOM5~OADS*i)ZaDit`PRYo{N(0$NzvCCCeS@
zNnqAq@x4u|>XQ6cDm_`Bs%GBh0Agc0c^P9^J^L@Y9+6zsS9`Ktz2x9a#R}<>)BvoN
z^KY2?rzm9kfFMy#K-dF*_h|l>+3+qKHxTl%&{#h1EQj5NeNx*8F*{j4w)@ggs0{!d
zMt>MxHF{A&0<v#)Cr=2WSx!a60;~8|sUE|P0^l7cxj-u7=!v|!K$fafdOTbASiN<d
zGk`nN#a>43CTFXEpHw|PXao-_AN{Ue2IWwB_3VMsoIt~yBzc!Ts;9rK^~#C9I~EMr
z4ymcuG4-THiclN(v?Vi_P0YXJ%185MnXI<hM>+VwZca5FiM(gE+1a8jO*!-9QEwt7
zm#x_QnJzR#i@VxBA~yP(!7EF7Mm$jRIRs)`w>NjAY{s@71-To8xrcJw0!;9iLH};!
zVR2(H>xgRTFpXHXMj4WNbu#rY@{Po1ye}MF@)ELzu&S2nxsG!@Iqfjz8rH}e*h_cn
zgAxhG+Z*Bi5QZHTVc2o_7hEHQ@XknH0AB&d;@Dw#q;KqSMq~g&vO@b?V#XUg(kF7I
z?d7pDc4R<gH2OC9(7cyXj&ctp+hztX*{;CSNf}FT%+yv1$y@mPDo3Q&PYelkR`b}$
zZSQz>01suYqP57er%E*=17c?SH#q=`HQ9)w6}Xbl6sj2vRudE$p+?7vZHW-ec9TTj
z8xT2fMgR@9ZV*${>Wn^a^vBVh<U;xdp;os!)sC^{WAL>ZGdjm+49G~XW>OkH=Jp$x
z(eziIMXCGKTLf?(^*zD6$v*oFJ?teP*Zy6|$4<5U3TJwRd^DO~B!~K_^Gp)*yA<yw
zAw|SAnfK&YP7Y1tXrK}~+7GUzCMs#XfOLpy<6&WJS}vwaN&dSG7((2k5Bb6_QM;!)
zA72Xj*UYI9DiGhT?a}cZCRx50wnxK4L>8te?=w|)v(s73YxI0wEwYKyWQ18cgS1>O
zq~%|2Pny#Ft0poZP7`-8q6V;kEtFev*#BAN6}`!@C2IQ{PKCdpB8Pi)Fw-4*7Q-Jo
zTV$>Yj5x#c%;>CSu65DgQa_PWb9E`BNvz#jKBG}CMUc{Lk&~rMrF0*6lK2$NoDhIr
zmk9wF%}YK6q`%CB3Umv+o<RssvJR~fze!kSh`<AI$_PZ^PN_kgY94qVBlWs{?5>gg
z^O<!hoIantY6L~_TzlzTGG(3Wdai$F!*Pb{$__j)qV+Tv60kPFf>`g!w$XRAq<J~$
z(p@HNs5Z*l>75w4w0=?F)Nm6+ckEGFPA~5#hDZB}-c`HSa{&cvm^QA|atEx}^(h{R
z{d14ma9D`U`R@fsKc|BqE_nlzFqpe<jF1NNfqG;9%b~h8f|rX$P`MgRFXu*L*lxPu
zQWpuRfKeFqBHt*u$;zd7`!0jazr2V)SGd)G-3plYBP-Ss^@|FMU6Jy@vXO(3c0)>u
zky;-tsD@+Kw!UO_YJKd;HO7O)$iM<OWo;<IOLbEs;I3R6DJZsEpni#`EO@vO#uZuG
z6G2G`F1<UeSPcg^Nk@vz_$ylc!8t7!q;1OU-e|@Pd=GTb5PYM~r9&*J%wSsMoVJp{
ziN<j#ue&;yN-gRaK{~V#5m9Wl$F|!iI0Ua2dVefj^Q*H3CKnbcbB$;QFTr`)`VbSD
z=lO2NIi*`F#~Lp4d-*<M?V_tf8Dajy>^Xt!RXcGSKyH`e1%loRcYObbIcJGp9{Yuo
z4TO2{T9XUy_f2=H&QUVk(>_UP@lSeH)8V?$%*3m$z~+P+WCMtSgqE-prF_xUf*Jpo
zSA=`7E@CcMAo3ygrCL%U4M2PuX5yu#yg6ffB4{NFcnc@yvW!`4<@7MQ6^l=1tb1SB
zYSPj0OV*%7e4aECn<{l8R#;++Z9Tt0Ud5K8WDRc~c`I3SeFCyDMjq>VSGq1IeG3~)
zwcO=$eXnY|Ob&afvuQe67zK-xxP!;errG@U^1*5<<|$q^#cC?z!AvyCpy<OC-r%+4
zO_G0f)kGuq0NDev#n{Z1gcA2>rAdo}YABds)hH6xZX#9+?uL&RWS(JHk<pW;fexx;
zY$+$>n%<0gPR2ld+%cz<n%u+k%ITpHNGaU|kynOd9fOmz=pI*5)2XseEg2rnb#7ux
zWBN;;)f6ECIZEtRd2lU^!2i~%Oq5r#^4pCjFK}trJtjk9$u;e|*{|z28Y@YQjn0FK
zZnf=n-P$o%?E@8^nnI_IQ!|+Cpp)tLjHN4hk^7AP$}eauuKTg_YrL5W5Qs2MP4d%H
z!lytpXBTAIsH#7KQSYRg_*2q1Gp?uKoV9H*OMtaD7b{1`&IrWrcV$FJA`iyx;Qj)K
zQu-a|gP!GlsfzREaXyqe%YYQwx<8A5g))8iiWx}nsXi|~8kuVmBBwvvfw+c~^jNt1
zNir|EJpPyfi!%~HTRy4^>^ZE}uyC6e7C9;EIb`nfSC^6sF>?*lA7SmbdKjg@bMZhk
z{*-`mXI49dM=;oGqgiN@Pw|8-6}#yL{WEG4WDnOCN)lV5+ky>hD(8ixB+HGJ@OZb?
zq=0dX%jeEY*$^r9EC>I|=2v}}`HnwUNs1YNbtXUb>Fr76(BS@yo>z<bW;N}i9s>B>
zPm_Xwn+l~so&L;SeY_C<Mt`%K4mnNgw|GLom2^==DxyfS{8&vJb*`r*R~S><k}Zr|
zfAeoKV!wi}LeR`~;79P3^h#t7v5J^$G1zdU{Rv4%W0YKGJR$W;74fHf+oFme{fH$y
z14iI#1WbUDYX9EFT&1Sb$=F!M3j~P@A?;D&_)Al$E9Cz$f_$pU<T)5m$dcAr`&PIr
zW!hu~WOrRxSMUOP1eaYGAF0$ceSwg*s70;~ThBXF<|Qrum`q$eJ@%KJ)p&IQDZ!E*
z?$v7fxmsNC<6l8DGB*VzFgIP43Ho1^X*CiffPA)K;?;Z>Zw1XD6FBgPxW-H2I%n<^
z&$p77mf^Zi!JoWXO&<Qz(^4{YHWl(B2j&flf_<TQM%a2Ry&ON0mgBl*I`D+NC7Sd{
ztI10t^)uLG=xs>2rB8t?V~3DsPaz>3|D#M=IIe3d+ZMJG;vbf-*{^r0(Kwu(&h9|n
z1(zqgObx1GA3Ej2aa{_MK_qi8*H~Xx`#)QJVS0u`@w2XrXLT?0l;_D(t+973t8|x-
zbw>{bt>>k+YX32#QDkQ|bz)+oPlxLg`Msw^H(97k;3%9J><Pp(9b_&<?W25TCYG6*
zv5ySG;ztTl<ZCs~=0ni48co_0W3S3;BIdZ0AF2}AKq{|+A`K$~Tn>Ds5|SARc{<&H
zAf!8-XdEI3hMJERfsVLIVk!CJFX<6jeX)xAgr(tL)cj(<Uf1a0YJbn-Dl`6)bUl<9
z=LTGtyCP*FELnD%aepX&B~Dgh>#1fLp_ORmN3FU^Zwq-2$90N*ZqV7J)&3LFezaRo
zb%G@%qx)cGMn<&X!KPArS7bECC>Q9=<b|E?oXmCGWN_+db&_9?UBe;!MbB*F)i9Z{
zBGUup>N`dCa)ySu4b9mjGXn8*s^i~~iQtRC{{#C&?zKWqytI$E7B}ZpFI1b>Q-b(A
zn*_e39_JLZnly2oXnKGG0BJWrp*lFGrbF@}p+E3eOQ{*wW0I?Ellqq6RegG_JfEuM
z(9OyM+ao$oBpxD<)rriuvq>IhXS4|SrZOo7Fb;BH7K%!=%s<^OJbSd#zH24Opa={v
z-6SOt>&Q?DUa<%a`u9b1bR%vd%ktG<SIUVxH~JEiJiSHiVd^R8TjV0C^>Hw;Py$rN
z)?F&SKB$Vn1CSgB*`EAz4qw0!0xMuT582|0V(ET<jCYq5TgS7$QdFy{*+9mRaZ{8f
zlL;StFxcIP%QimdleI<D`5+Y;0V^g*LS`CbEe+i9L@k9*tpPFOB=2=~Sx=){u~swD
zf=rlp>G=Z)H}%9*T>5rh-N>ggwP6`#mCS_mV?8E$uZtHDRpBv>RqjO@k?x<&DaUfh
z*my;^T9~cz;?hT0l7JgUg06L(HSFnh|Hj6%o_01dt{VaWT3p7QVa^!a8SLix15Id!
zE$7k}*$H)j6y#dAE#Tj7{CF7Ert?eWCD_*fe9>4|2B{|}jZO88$UZ%7meO+(w*Dwn
zz;v9NCNrM3g{hFirKjf9#K<C<btAbO@1SZxe3b5iXb3yv6<bs(mcgK;A3voREg{*1
z?tNC)FL20MOxX721wQ_SeeSj$9ydHn{^EHA8}fH8=@)-V2A8;jm&N0$R`-{lfYr3o
z5~xjEJw&QWoJm%z;E8nWW?jV=q>e}iveREWv$oKCD35joHyO#-$j-?hLkNROUD7-x
zBhw^^_Kj7yfo`0$dQkeTmUDVxHt=2$6Y^!J%<G+7ruN!_i*l=(>8=l<+`8Fxx29dR
zdbJoHdIR$@rE~mrpa8MJ!APcPHIP+^+DS8BD@0Tdn4{{t<~b<BenY@EmY6<7C#Y-w
z!RGKlRB0X80IEApK+z<!P$9SuOI^Zgw+MBot{g8-wMGMhgVio?^lCB7sJ&DUy1eM6
zBC3=YQLDDdua?lmTdAL4=#*NXtf#tEYqZPWtSi-lfRG#f^|$oyho*++rms=dXleB2
z@Y^dWpO=e_+-MR$R~MvAla$$aovt}jj_jgO?DJ9_edZ4{6Eo3?AvbUojdZc1nr!~N
zeVDDS)C`lKU~c1ATUFC~Yr95jd-k;2a!;!*_srV%1W(l_vx57mQ`?l@+KxO+Z4;f^
zjK-b7#<E&Z;<}CXhjV2ls2n!(jef$yo!-w!duuit<wDq%s18rnK0PS`U7UH-%_c_u
zO4{+WCUQpClUe3X^!F#{Et`46kR8cYUp@z7$1;qECsNJ-K?x!8agbAc|3wiYy1dUq
zb;nTWVO%L%S@(8Tj(dn~#B8cVbgwTFKy+s`eyOo9Fr&l2u~eyN=;kBiBzts-bWu!w
zPj>M#y|fZe(!RhMog6L{dsB){)x{#~lE0Q(u?iBf5S?akc}EGkTkB9n*|wdv4*L%o
zvG3~wI0uU_c#ql;;;@i_E&{VZEo5V$(j3Ha5~IFPL!uJVnnyMLe&K8DCbA(L*2p$H
zO;8H+3m2B$N(aSSkb9!*_KFGobRiOC><Qg<#-0`tm8C4iv4}cK`Sqc4%#juM*fSfB
z6j5g00JZ#Y93VQBh?qOtQL&`26q#KyT~dYgT1uN@%Mm+b%!3x#VkYtj#=T_+t=U=f
z>5oV~a!hN38QXCP$9yw!ua}F-=04699rl)5mNZoNIvp3gKT7XeHJm=GZh=mOTJx5R
z=^`VQA;?Iztzfl<b-+H11p_y&8b<aSs|^cCkpo$))$>vmJ3)#kucG)F5rZ&TrLE>~
zPzYR!$?e(FfEe`<AV`M}6Zu=OouY89Ms@(HIZ?MT)BSDqj-GZGR8C}?_2J2E4WEh)
zWwT_a9wVEu3KXGo%;T=oVXgiTmXjZ2IT<317nsGR4b^lgM=Gd0tnPma3q=_$Hw}an
z{fZhLZ&`E{2-CmD8@@kwj31FTivZeFD}Re>C4ga(`pY6ZgX9Pc@HOSVh6tJv6bm3U
z&NXP99ShXW(ugcO)?&#1)em7UWq~o_Ww&itH(bO!WYF~jrU&5db=;mD^(2>!6Tu)p
zT9rZy!Tc}s4HmXCQ;pCyU|J}iciyJmM&mcw6>1g*tm5QlJQGK-<!VOV5zI*OGTOB6
z$84li{V<^0G8*sGXYT@c2QwoX$>32FdQ-neDk)(s3pllm79;V)jj<EC^Ydr5=7mz7
ziJ)hrt*mNqp#IvcjiwRgCR_ayx2q;G-yP`4abX`7f_lVPa2XeIM*7zu9)^@51wF}G
zw=0A`L`_`*=wSV}3M!J%9qN&0fhELHV3kI>U{co@sR&!8IDjuZ$3(h_-Dpw$kzvtu
z0vvXP(DZ3jbn9KyDgZp&La0;U!Fkyy^E7g`s98+QBNq<!P99EpUueC77-m|<u)DD}
z#g1QeTC}L;c6dyp2N4^ew>fbeb}glk;kpvjs_=;&4$Fv*2`Vlw@{m8}@~5)8Y4_rs
zpmik_L6$bHKv^|Wz{RJH`c}!&qYOb6`VdBuET=3+U9QLy@s63MVN@;SWOn@UxMfJz
zvMz$MukF)}h#yNGt#y~3djY4poW=BFZy@$&N;QMj<RB2w4|Ut01+55ako+C*wBmC`
z&I18p7dZ_ds>MdUAZDyjQy)n&UD>O)4Wi1#sP8^0>ccU2@S_6ff$Gw2uEm&1wu4uq
z4_vQ~VLTt_=r4#Mx_*<e#~DV`^|a+=Pi~fFrQKrK*NLe7bWmn->kErx2wP_Xj1Ga)
z4n}Vg{WW_`Ta0OBhb9{{H@)FX*>FU_mT5HAqgVypdW$w2jr=ybniftQ(F<rAX8ZGF
z(X5~~(jlru52-6xXJ5+#N<Tu08$B>B_^7{`oF|(=_as(P4&N$T5R~p=zZ`)N&ESp1
z*|MAghJ7qKQSxIDH_WUHqwj4Ep@H+aEgr&D2L1aZUdo32`<GyHT;S6{0I+{p<9{b@
z?k-JvxX*GEHcyasGK>A~!RqgS6#l4O=1>;l=5r8|^nnJ~@7vYaL7;Ljma3BUQ@Of8
zo`?;{1O%-^ryWqBnnLRY_ggV%+^C&>3#N|Xvq$vL*;DyZqtcj5M<~_i@2D<9)^P`U
zX^0P7Yei2&Wgx?dFJHAxWcIZAhUlT5av*PENRHC6bXRQHBRR@`kqIMq0GoR;*tP5+
zz0M~F0J~8wq6XPH_oJ>c8jsR(^$OXo!sK3_Wy_wzS5kv%jTU^>1_=a^M}8#wr&G9!
zc;mlwQXEAQDI)tSYc*Q(PD54DEgDrNttxN*)nKY}7Eo-Ghz5eTzQuDg@1{HuQ(|J?
zMmuRuD5x(duSk;qrPV@J*4yeHp~cSZQ;{0jn=0g;^a-;{ra+KURk2z)fiKp#xPVL)
z45t)S`t+#58k$w$;BZimb-<ya9n=GM;kez7T|ogT!=-*SMh48CKn{n>_hOOPVzU69
zPztOP9Y|CP<foYI*&@|J=g2r+DxhQXv0R^M@-#&a|AP!jwxE^o3&z1{2p$4fAC?`f
z3s!w+C0m<N%u-&%3PNo+7VAo`UKK;`g_j^uzMT+HiBa9((HP_z-0D;c0CCV+G?KhT
z@L6KixQ7V<gQKA83r>_NVvWfY%~yW}IhSoq3QOL=c_(~?@$f$0R)XE6=x0BtC?!<!
zn?M^6G(1!rJohsmB_7~C#-nYX^-;{+Ku7;YnIJHi{F4;M+D-G%s`4OX1ywFxCZDaX
z8o%L_A;atv90*z!iz{{KKuxqFD!;}RCD7V-)hq_2OsmmF{|k63)K7&x4c1SCg==#q
z<z7NvDmNhENF$~8*FtT(Gr$={XxSBr7c?5{K@*MoJVdaenK<g7LjB330$k4aKFvTB
zMLiV7NxhPUoMEx<?*dilFe&)2H=EX^zo^%LM`^2FP5ZqZ0kT}e^u?>Y2$&n0)G|Vk
zxl_&X>wyvjE<WimgbZ#r<M(%|j779B;kE@+L#z&Y_;IQxMT4Wt9WAx3L3vCq^SmOG
z@$n?AqU_@q@yTJDFw{{WLRN$TD7R1%sDHC?bgFql>!3vWWK};+pPn|YJ6qEP$aWM?
zs=Hh&SS@XoydU--nbTK#y~s>VaogWV#3T_ltw~R)l<a``q$k4ukLi0?M^?cIGqwo;
zsVLy{3u?QQ?hK4&z3e`q*8!8rKsmDt0FVgskULwG*RazAnokeZSNQ1kG@m;{>}`^6
z5hTC^w)IBiIg*bNi-t6rtI@+59J`swJ~s-!jeC<5SV8tRC|t~i(FzL@@dV}6?>UHM
z+hLv6X<8Vtoezt#EW3(=jjc-tsn-??K2^VA5rc7vi?vCaYAOmRhK`<@<5JJlFt0Ui
zf9%3PR_m|V$tuBjb*a=I$6J?!H5JKL2V@#z?O19bjebTcbw0#}>Kkym?m*8vl$x1s
zG{WKdU4^RFY1&8AP204h*y%y^l92zMNPmW2N*i28_WeQ|W8mz3x+BOr2PuZvs?Aav
z)Qbi|EHWQmi~XYd3+I$jU+MlBoSivpz%?9j7&TitoROXy|FP&l)q{MKM0B!inK~)E
zA2vgNb=+n-Q^e-5jGk2*k9Ml>=mHBl>WOXButui#6h;-3mWkFrELc|Nl8~z=EC^!!
zxvH3#fc2&N1j@w;Wkl~U>#X$3CJ9>83$2+z&jgPIO+x1jkdE~TiCwGzR(Ymc8#RX%
zUxKYiDvDdVcy3>y=Kr_sxb3oK_KB;x@LA)r{F11x1c2k{LuS}+tU9PY)(O_Zhxu97
zRU}*UnF-jCPS1)WzJj)&mk{ztLL9&8*zrx!updYJ>uRKCY(wpS!tYtzovNP)@OFrr
z3%?mLK*vP2QAbx-&j9tzPA&Uc^Ev<>T-|yYyVJeEfDxB^Q_e2P$~#}6q8MIaIF#L_
z1Mb7e!DtnVN8kX>Usm8ext|@ri5)KV*CAC(A&ID2NKIs?n)CG+O+nPHha;o}9thS6
zc+gcj(%x<9_P!EqrQ5TP1e`cniBaEtB$K7qZWl&2!KF^6l>SS~38#$CTDD0mSSc}S
zf+eQDLLY%Kg{p$LK&*HGsLyhs{!~b9>FzxmXJV<`uIP9#@)d|`@9opK=Mj}^DM*vu
zjD^3%yJdKlLcm@s#>D5Odm`9DfWdk<nUqIyjVL>)?R*Ko=?+=@<}GHW^byL!<xnl5
zCkfEKc?ThZ2<nFLDywUsnd_||bJ-6)M4K8F8>2uEuIMl=gA|gi$Y~7VZ0jzP1H33b
zS)JJ{$;x_TSX&?G#~bzP6UoYcjD&r$d=MPr+!M1sdSD?7@t~$IvV5VsdOc$@0$?9v
zmHvsnu{?X#L*+sQe(LyoK)Vk5*8zWyPhz`0_RP=nO#<^>&Y60tP{2jfe<%+$`HYFW
zVG8+NY&A*a>JnPPI$eDLo&zo_wM-%~F)_Y-64PA_)}H4{jECE}cAi%)d{&M)2n;!a
z?Av0gKKS{<(23jOBsoNJNht(zK6{Ta@?!ZS*61UB>R~Mi`b=$>)?f=T*dOV0!nY5h
z9E5<N=I_c83Gh5dZoy(s&FzUB5Sm^)-xJ$Ygmc#X0k!IjXHM(Kt?hck&CT6rE)F&A
zHwh}fGCtn(LPm6u*|5YbaVO^YQ?KYkLbut*3vT>z|8ROOw$U6T$=OXCiN<@YMk`XG
zzKLTAtPne1zc=hEXT@=U2HD7QY$jguJuSc1-+fQ$-yLScc@(?yPRvh>1Vn%i^$f$c
zR<kXTPAw!tN|yk?RM*~INrv|3i{<Z6(D!k)(;Y-!sphFXO5k!G>bY3@2<6p-5l-C^
zyR_LPRUfAg=D@%FZeO-o`0Q0@PeaapE9rV6K6FO6|F?Rni^Y~o&Pq0y-o9Pr!_crm
zhnz<m)SOSZbP?Mi9yu?fht#pz)t{&%V6`S!QAV4zY2mjCmyVcahwA2YfUyaG{3Oo+
zoT+6nLtPM;V_Z**Ij1<;x~UZt^UHKQ?c!~?Z~z!Cc4$lVSG2_nrR+zzD#CZRFhAp%
z2r<XyQ6eMI0ib-8uH4CcTJ`5xpX&io%ahd7>mRMY1coUnjYA1YyVz&)5VTqy#*T=D
z3n1h7J25E|qb~nlhASzHQA<@QoKxzrRDr{DfOsz2=Xo=@PpXiuTFOjenG>B)Epx>P
zz3F$7!Xi2(=er_*Yi0F}re{d_m&G%dj$%RrI@EBph;0!drVD%?jmW~D9h8&E*;?uw
zEUn&7T9?Qg+uy)1{mE#avs}@^wt*8#`lT=TjGV7;L9qMrIFO|_ddq=5jcnVCpe|hZ
z))@^~%Mw0KPnjPF*yTVJ3<9wP;Uip)RmFZ5hdTH^d4No=5(>Q*FG+cy!aIUBEdr{-
zZYwCxbyel^Fq?-;d04;$Akyfor!Agq<$0;|jG({K_Y>!Nx;#6ZtZJq_Kka;<jo?ug
z0x#+11i0nYT*pyB#1~nBT5D5t29M4r*!{Gup~zA-xHo5>OxdhcbYThZFTj)Z%C0>^
z+=SW{=hL3%_Ueu_3qRvj_iJ6q;o{fS3(EDV*C@$G)!|s?fGP&-o^F=~69Y5`U29qc
zIqY%DM|J5;Vj&ND5{q~!luX4u=xJoaooSRAmzQ$0&Y5*RgEGs^pfmlo5DKwf^;6p|
zf`#99vYS1>(U8k*gsd+@*2W1eH<Vg)p-d6zzG+>h@faGbO|U5q_j(w>wOokMaBrc0
zI!D|>1@*iiy`ZuYG3bL-Y!~3h7PeORreu?X`+D7x<in(f;*}f%t6^Z){c`mDF`>A3
zg<{*8NNmL7j}0U;8oA)?WF{mUwO#>nZ#u^g$yA88qTzFv;aYa#`*erEQto*pc+q!7
zTmrhvW)Sp6$DfFv6+8N5v|qDLAM`~8z_(CN2Y-DM_ocpDDBS;-SdhZfO}20yWeU*6
zd_%3goGyY|`l$zh)qB#|XRX?YEKv>NY)JFh90th?XjB9aohubhso`bdVoKBKXKHS`
znt>v%t?<pkvW+0BRN}HSTkcF}y1~f=YOOo&U<09!HH*y7r`YY$5dob*25p3?uf8x=
zcIVCU*1w*mg_szS>aPub>nUs|V#2~(vlajnQ_Rk)=`I@WjL8;a=28bUJ<*G)P4JaR
zdqcMjglJ}l7;~PJFHhH#J%HiWk2!0mN7js;$|b@ADgtSV?7ujV$PKe!m+Szn6n`k)
z3{;u&_T_ub2{xgHUne+nbkH3wdC`*wdH06w9GS-LYS##6&{Z!%=oAuqXM0`y6kDlk
z0dz6v;UPUadP*Fup2)t7CWX5p?24x|Q<#u+Z}r|6Y?8<>;cM8cW1GyHE?qs<Q9DEA
zv8OyktwZg#Tmz<1heO1kyp{yI^&en^TVZwx&OxugqSu>6K}6IO!fjD2{(bTJQv@^x
zfD4J4vcQaO1YRP-fC_~N2Lv<mX)}@zmv+~52Ka3%CT&Rp@jKk-ww7(exHQ&E6!R>f
z&F)6JC>w<Mjzl~Y#}<s&+#5rPd#58GU=>4D?v?vB-nR#sh}-1dvn*q2a7fDjoCPSt
zLQRu)j4Qd!<cygd(A2x;mtQTQHz!45M+FmLU0cq5XdoZmb%=Th))EX`7*<%0`H=fv
zTt^p#>fU3a^f4ub{p0KxVk8pJ9ivouyXnL`X0ppoi@@QaFT0viE*yf-Kwo*6f236v
z2V$v=$R**+@ATLgBT(>2Q-mwaBP=7H&)z`lP16nGT2k$?Em5&U8e(2|x+Jz?*A~6(
zTA+<{jQDU@ieHwA5$RP%3E0*s33FwA33rniB~SY5$!?T9rw<mR<VD}p`rYw4FiITn
zH#5=b>*l-ODM<6uH|{XkW&+ZhFZrdCOk0KOC+rzcAL)j0qJRlKoiri-plk@REYOP_
z^&X*H)(E7p(4V(kYf}>nbJwCD1#R-VbhgWNFw-5KC@+W)QtI~*u*~I5!OI>3zRxzT
z>t^#|cJGIoe3)ta3y~nnSHht`q>H@#0!^sfe<K)cySjznbVypKPpm|4obb-sxY@#4
zYx`|<sVb8`YSnQ30uVxf0q`|mvQ3qI>L;YywwAF#HWJdR=_wgVJbUC6sD9wPzZoA>
z%(L1;=ix@;*%wVdm2wWxs)dx?cD1pO6f72g<(u&)nI^h~fULUQ^j8;0fQ-HBXF97r
zOrG!hfiro%889o~tLEqo>FL|6z95eo|Nd<I_v%5aPyUEno#7%WX<d+`hLXWTKnLLY
ztBNBR;OZ@ihg-wU*nP#WXn%TBBlGn;GTK#gxd)li@pdq>l8&@;hWv8Io(94^v&XAE
zuxeRl+eBorUELv7>?aJ3gI%=f+0k<yo0LW$Xb|E*N)P=!R5h^^?j@7rk1VCziLt5N
zjaEz^?cw;2s=K}~<L|_eZpoGLpZ!Y~0&h70w3l3j;C#bq+DS<~4}GrWYdodisDU{b
zr}8+i^ZxfDx0xkJ97B^w;X2ap68VB?E=MSX5rUJGmoS<a<^jT6E8{}`cf-bb!s_g=
zaeoyo`AT(zTs4*oyO}L0%j=lLaZH<sKw9SLDlbS6g#lQ=V=Q;sg)%qum>ZTmzsCPb
z<kEwg-pECEL11a0)En5nR^&yPN2BQm)|OaCk-R`hHIpFGx)^2@Z_IA4a-)(=#%g~7
zd={RD3p7{bpy#6;?TZ>RT{p?G{;`ZwAM1Yss?xFQ(ADmBP9*iSS>WX5`cT_0(Nflc
z*%~&u>M139aKUfOAJ?b9<~$Zkq<~QYW980)bI<x8jwJ~?)Ty3;WspV*h}Fw+*quZ|
z(!udz9R9z?T8SYHFO9V{JtT;L1rkJ%;ge<MiEt5`!xY#+W+V5nniw=c29dc2@4{B>
zsCu>l-65+7TIc4l@#iDy7*FZLeY38#=^&);mUx4M5G#Dht=W=&xnfd1%n?qsnfPM@
z)rgn@oMRgPISssytU~U_yHUdUBb`K49WurvdE@L;-?>zZ@MO9t@egHS$=mi&!3|MX
zl({bwaf1$!wl_5i5t862x148dBv977_SYnq3&?k``WxK{!`N>Mmvj?c*DfGMj@2y!
zZhO_EB>y|OA#z5cr{z?T1hIRI*h`xukOG`<mqW7q)m%g|kW8Y|+XLA4!Ya2Fva5&b
zPDY41W8WHkS%@^w^j!-E3E-bqRljIxDi3+SFBK_5Om8PcR1v?A<4?j`sTr5hVfWl(
zf{ojQ8KTnw$Smydo<q>YJvHu6YDzw}U+-;`RgxtNi3b(dklZX~{P}YsgSC(ij4rFM
z7fLw`#U2Hh5qfZsI*aXSm&$T=&y;zR9xxnGlInpp7YuY3G@GV$)XeY6s&HnC3I>U8
zsE4a8h{Lf4;L?H7(*^(pZuzqSL|H3l7pZHZsgB;nwG=;haAJfT(`ZXjiN+)Sd+`XD
zC%bGwXS=#WgHCH%>w}u~gfc#V?j?a0>#0*C>y`$dSiP{-#U>W+1$ge#EbpzF>u>Kp
z4i}sqxo9YzScTluk=BnMTPjwZ<7s@n7r(bQ29>;yEKWBj3p#_*d`sKDCAX3asX69P
zw{ymQHk4Kq+5d}Y3~~}<e!)Ysk>!#Rs&}N0I0uGviX;EKbtacPs?GA9(?T3U9n_#r
zlm72fHSoAX*m(3DX~Jeqtd`^Y-|3sWa~V(?Q=IJG|NE2{w61ih@KlHXjndlkwf~_f
z|M#ZoKM{UA|NqsU_fG3hn%F2yon%*_?F}zZZcMW{!E?lq1q#tGI7ICIEHXPjTLiq9
z1QRofcd%ELJeD>ULWc(O#K&)|gUi$n0uvD9>GLeMCs(2zTUaj*Fdn>Jj)}w=*S)AT
z>k9s1x{suG#7nt$XMR6xf2_k}X4ZPGQk%;MY7u=CmQ?P<s>?7fcl&?J7SFJ^{HHvG
z&dad>`#<F}{*hrP{!=DG1ZO10MfN{sG?r&1EB+tkBO+$9K=RGbYB=#{Kz)9HnG&y_
zlG#~j&dCQE+x(Ex3z($I+(NQrACtwJ&Gu}&OcL<6&6CZ-${1)UQX9;kFJh}pm!4zq
zLjNRU?6_gH3`kqpUN+|S*I&<{UpQ;uLDo2!cz|9k3Hnzr$+ft6#?Is;K~PQ0u)Cyc
z3HEHgd(c%x6f<je(u+fTd!V7)g+QCwel)9ztqJhKPPilgTle2y@|unsBDxOixPNn{
z(IOTN0qX<fhRs+ds@x)q5#pB8i_c9582J<g9cb7sQfAdem+TMaK3MtM_POVKn?!Cw
z{1gh$<OwX~A!8coIMJ%H-?^DknWuH89J*%Pi@w=H-ayQF;aLa64Hj;zAjHNrEHDn-
z;BrBQk!L!2n7o1Pb8#_rZS4kcKQcelWq*T*hj=hn-r@7~?M;`RQZ(lRIoq&WyoYoc
zBfh~Djy-A`)zC;}2-F5@x3<#UwpVm7)F>JZ+!DAo-D0Y1$=pEwr$v#owkvcdW2lDK
zu9jxK`pc!xm%;pmjqAH<jsT>z*~0XRl`8wD!k3tm$#SGpCsNi{RmUML7H0?$(OF5d
z^7AQu4Z)|$OA#$;JC>VnqF?HG4R=M}wxxCJo~`S)CGX9^&k1(9+WI08TUUf28JEjp
zl=xt4;9!RYK8i7_++h3;pLc8aZx(Xr2d4P3qy6V!xi!0<SFI8&*|KF_Ou6SC{$Q&d
z{zdiWS48u-uG`wZ<)aVVwszZ|f3|&?v@<@~LZT^FW>dH6n8O`bXU}%SJcMXcU55T=
z8|LF-KV92)#YF0k=HW7ZYpI+{w{Bg};2p9wvEW4Iazb79D`Jw`j$A-=q1cX$*y_ud
z)}{i9n~gy1)1sxdCy<S8UF5rF2Ia1)-;h58s<C2g>(;w{7260G$nP~_Fx~qMOwV3$
zS;2tn-2GeD2bW48qJy_3jbEmtlzW=CEy;q;Ij^JAJ)BY*+miRejwt)j(Ze5Xk^k*J
z&MziL;sLb;b6~<B)Rdec5~av(Fa{JqfaI+lxiuwgQN#BSNigKZ-Cxfj@&2r;#IWId
zp=FK7CZ-K_=@pmdWQ|1;b#i$L<)S9@;be9YGuc{1C=qDbN6aFZx<MBZ!#p%Y5#Q8m
z_gCuT^fz1wBr6dxP!yM~Qy1}FlXWLF@Ek+S{jXIE@JZGDssp66j`{v}qozG+A#-Tj
zwlMo;*lw4Gr@mYI-N(Yj?)I63fk@W-Mc-h=;7tb?W{XlMBCAqk?VUj-*VMnx!UTI4
zW;>RQvM`}oXO;j`aljgX47Ck8inkN^?!)Akeiu_W?QDp?E;Amsh{Hx;we`Oo-E?qq
z?Fu$Ede<e#{2PoLHh>rXd*>9!bGRchOH_q!uF(kf?6W3kS*z`j5v&wglemO!cb46k
zu!YB5(cBO@!~WxQ_LXe-i`#w?DN+_V#7tBTS&>WCWt)1wDBBdoP(~mb-^Hi+2pTc0
zAM>lTpygSVCAZ52w1zV9iu8?x6I)mA)!BS3kXRu0>I8K-GPfvxHFo6~J{}5eRzY`%
zHRl*JR(xR(VK$FhC+uw)d%2=04A*ACtK<Z%t7K-_q%)wwiAe<7`AT@Bwj;!ret&Tm
z(W}pKcm20Jc^CK+Gu|vF&Sa4p(cFu;-G#fVbTHpgi3+tH${3%>YW1(4<H6uKfEDGJ
zT(L*h7A)RsI<T>1Bd_1Z)Qjsyw(;%4^(6?LkAzEzY({YZBV1*_-b@t8JvK&SC^$6R
zRhi*Tf)+6R0!jZ9SZgL8Li~+A&5_(l&a8uZh#0<%`!Q!Z)N>G({=jhJmaH0lp&EsD
zCmw30oyFgQ4JTycq61C;8*}>~3>+is-L@+TIECHj*6cift$lADqW6QiSnNE^ma~Z1
z6g_LJvJ19dkwfy<>}15r{0YAZO}%n8Jj<rBlSi<V#!zh~?`=<hu;t!9(JaevhukNu
zvIf5>F1YF-mdv7`H)War<XrA06G%amo^snC{O8FuV{LTlO++S#{~fyY#A+oW<}BGd
zfJ)HczIZ?&cIeomzJWxgJCNE?B9Y-@dooh5i6}Vskte!P7V`W+e91A8(K&jOg>BXI
zm@iY?X7ANN2saz5!wQASfBOk(A6s9vN&po{QImC-u!k(Y>F$u|3WnKZ`ad*{8xMe}
zL_Enwt7aRVKA+lSM`l<DVBhIxfgA!J2dLY2WfFkOZJ*t6RIr`#a1lr$QRQ~rI|A-C
z!qqJy@Mx^72>)Whu$)WMV~1uCDxaI59{%EpFpjN@@2qyOv8N+331bg7wP!n~HG%Yb
z@HIpzVK7@s8@GmH3zX{WaFyD-18s*c;D);s!KJfL;Bgv=ad#3YyhQ%KJh-$H7LC(I
zV_ce9Ml*DVMfdh>$<|%+cN-7Q<+FU#SniC2HR$dp-VoSE^%DusnWyT<STs6_kx2I%
zh4!Auy;xVScmdMNXBbV@?1zwlH#ZCU?g$y<cEj8w^O|#e08A|||D(w&0_LfN+6no0
zfn$(-_m1)a#I(u5;eU6fvmRqtvsku40C{~T)^R3Ae074ZLEPv-h%>QYRZ*q=OO6#n
z4b-@UU=oj6qRhl3ZX4`A#x6Zs87Cx$%XeqH0=XYz7Ed*ffHN`b{7O!EEDl(XJJkNK
z5X1p--$EX;cuF9SdjoMk<bIvrp8s2?sp?-kuC2oY{&xe$4ev4t{H;M?a12m&k5H3@
zxT)}QZ0CZfH0<h`RSD9PM;X0f<E${jD@3f}KViiF&PVXk(iiy+#5u(8_T3?JiX@sF
zWF=u@pb6bjS1Kk7bs_+Q?U@?#?}-eR8@HI_^&J_dHgmi_T(TqNe?1NJW8VrTMixN*
z^-c$rsM<@VtTF_KC-?ox*(cL5l09$@hPQ7@qpXEHRPq%EzNCl!pNEVa-wBr3xaVi7
zKawL^CG;z4i3w-v;mKGrLUpPCMXDer7F1w?EM^ImWQUqZ!YN=YBJb(I#=DwD4#LUh
z6EnIPoLvLdLLwJ)0`^LM#6*wioe10<5*dY;V<2f-j*Epz&)7UgqBcQ56G3?|ClkWI
z+JO5*98a*<zXXZ}tdGgzvJAr1VL5FkzUgknW96~66+@8*28z~3cjA8nL39VoZMun!
zy#8uLaqkf3_kQ<K@)P_GH&{;8&p1($tljOa6=Sg_H6_P_CHrW77?*+h*BB3%(wd1e
zFO~-%i{)qq22*bnxkk-6paWz^42C<*NKB!0QhcLvQ**~uY3xw${6Y2iXZWH6!gU*=
z*^7myHxt#F$g>mG?oez!5|$uc+r7#n%{iR0PKUp-HpG%evBMY48(1y+?OaOgtlB74
z>^%e>Z%zj4KXOO%iB=hS$-Q|;?mKoH*`s|c>rY%3$#*<4ATew0J@Ad!A@%NxB}-$6
zbLZbwe=ps-o`XJ9k1RS=C^@E^%+=N>y?yO$e4vs+2~(H+mGqrVMG``$H$yP~VjmaS
z*1lOgd>BppAh{6OJC!1-bn4^QN8rgLaaBjm=fFddOIO-FmSJX&_u430NY$TBQPXqF
zfoa|7AzHdqLDTMqMGbGb0I)#M2lm;*IMk{?eIe#EYoT+NJ}iw=MQwdKE|#y;(fS4M
z%Z#SyrOQT(2{vAz9=N}LL8dSIb*F!99W3Cgt&chzf8IMzw3f~wcVq?Q51k`}Gh?k;
z_Vwuj8q$^k1H~d&>ORK}8CE~qXhV`P*$c<Yh&UdlCjQ*Sh`6oLx`7epQCUW{^_pJH
zK+ontn|*=p6SI67R6w7)I!$fZC*y15I%Vr)*dV+r<O+ydHiQ?)ELTi%F8hrKmt?aG
ziL}M$f9Wn5w<kiP-k7!SYSaCNv3#UEF%FZtocXy@4m%4QR+=>ttLAD-#!j3Uh0a<X
znUwqnuiOZoBI1z@kK2f7u5he1@+V1$(uYb3asAp@qd3beTFmL(*{O3967gViCB+@l
zHv^fj7VQBj`s#F}@mfvfXZc{>ji#+w094BWg!)11897S_TQ%yBWJYsh-P^fptChPC
z`pxar@QHAf5FV>yhpsXn93$o$iL?JPQ-nBKKZ0;hbxS2V#)BVf_5enW^!eY*bm52p
zUpigJz)@bBe1#nPh2ZO@$v^eJ1(%j4pV2Q9ebaTggpA}*dDpfGf#wAOP{7|7G{$zt
z-e4uk6tvnTsG<nRV;>bU>mz7Sjz;+QK`3UpOh-)JW1ktz249o=T43n~_D=9dIC1vw
z?~+mOD|mylTxI4l8r!A*wnJI^3Pi54uW_$ViVQ~gw6__lxd6*}U2$e?M-C#Dz|ukX
zXHK<`Q?1k%S!gC6)%^<9wS`NLa11V*5yS=Fp02B-nuU;6TTX%)>nC?i=y$qzBlXNF
zk}K9is5@%Fr-ax2XP6N5cAnGHFc|<lX1ba9yKYG3vC2fkt0n?#UVtkgjixLXsTxi)
zy?EjWHl2XftH~1eG;T7QmI@|II961|OC%h1xa1IP74~<9jhe3Hw<TRx%~^dq_R<WF
ze^K;c-{&aFWo91ceQBfqNsc8^t~~In+ZS;Dl&cSi^Fek6owEnX*)g3fkD@sQ5&a>x
zNq>t(^SgvVX=*s=ttR2iA%2T?1BeVtUW2e9RQH9XdPyZkGMwzu#nh3MRn#4oOKR7p
zXnq>Fe2UO|Q)CBE*Uh3Q3^7FOC}+AHYhG{#y^ViecA&oRo$V6FQa?+L7Rz?9nNYKW
zKD^v{rpW<T()f{ByM!Q2|KUt_{l`r9&-s>$_+|#J^;VKg=Hyux$gAdZAFb6s<yL4C
z>oz21$-BwQTz>CPL^$bLwEKg?dS8f82H0@)iPu~?DjR(iRvY2hOST04UB*L~Q$Zk+
zMXVGE+n`@DLT}KhQ9<16hZzrvg{GX0%psxa;O2{%9yM*3>^iaf6(XW;GuKF{GQR22
z@rk?vM>rrwL;#>lBv~ZrBtww|(f8@^19VkFTcTMyp==_5{Yx#hc(UP-NltbNxhxpU
zXc|oSGy+ebv5lcL1}GdGA6X9{`*m4LXpT;e!$RO=u8lR_o$7B%KwQEcyk#>A!HBVn
zdTt3Ii~ele7b-j2tHhNXNc0X?@9A&XGbH<S$Hyf3b6!FX;KJ0B`P*fDda6F^?Q{@Q
zh5G{3rSx5(C@fG^il57zveQONZkaL$>rC-stj_3`mna`rd%&pqAbAhN4#clwP+bBH
zrNW-84@a{;bsJ6h=8*rNbN(!gqNi9rOL_a35NS`)yEAWP5dEAM=!$8MqgRZ*fkLlg
z*A!W80JmJ|GpKf+9IvyY8hAfV)OaO2?O&)98GqRNLL~e}TEfrbA~I%V>PyIJ0r)S;
zMa(d*dfSE?Hcuq|9z=o+2+tjy#JjhHYeTX7r^5&EfvZKLBN3!9Nz-fMcTOQcPRCQ|
zT&S~pdM(w3tV!r7CzbQBSWQCQiSE^J521=8;#sjN!3x%13aD}?@kWf3bkCR=G`@%E
zvh?C6x+r&o?Tic;>kK{xP+(9^u}d}xp|9?oVgwc5T~_sU{?TYPjaC;+$Ej+t@SLd^
zij3;dbN5N#L5*U(pxzEMgAHqBBG1r4o(#nLj$_+}o5^ovWw7P~{O&2%>PN_W|5`#%
zD6v<8oDxxv`c$Y?_vL2EEDow!=sI@`izhiCb0mjwcx|U=%IsjGfSoB~qeZVFP>~<@
z66%<wevuZXBX<WA5e_?&8-j`F3S}FMLy?*0$VzhRLPh~ASJP2}gY0iGXrbRBdRQV^
zr#|vDTb?{7R_M=>Q)b4*VMTyMqH41(u<ZX0Ry3V1**Bv2;j(!L(hAiNgc5Va?a(k7
zi|*GLJUNMiDEbrsEfRaJNrtu1c5%$zpY_~Xo8d?i;4AT#m*cb#JSb73h-IdOMC@gz
zczRzwE5=HR;1CqqUunZN6rdrw`6Xn%sBL{uP7X73Ncs)9JL8r)@aVzcBjb`cnStpt
zZW-~T=@Ew+@zXr32{+PK!y2ijJ+&i*9yrkt?kSagXd2_VIUQ!g`l^fo3Mj)JrG~KX
zQ0a@<OZ=IwRop^o3O!EQlsfMUY6V?zKMdCCJ(`79N5m`vK)@DmA|)@!?##@5)YnbZ
zAOvwuO;4;I-na2eT9?xCa+CX|LkaS6u`<@)hhE6RJQNw_y~grV{|0PnK$NNV#NgxG
z4CmWqv&EhMkI)gJm8lcXf1wri>HpC4cVL;AGjEs~FAbM<a4Ft7X3x9kg(t#I8}O8n
z`_f{cd+cpzG(r>6J+@m6+VCpk>hGb!WmzcU1MXmXmLaAQZ5%GGlG4vuo@EdW2x*~Y
zmrJ2h`I-JB5iv<j8Oy(!!fPAYU2T6(y0(|l!CQ^x_j4zADpI^G6Q1y*%JNQ>O<dVQ
z)U}<e&&43K<)g92QAaOgiTrCKA4>tXn>P};P~u~rroy}_)H$?`r-Wj|xylP8IDldT
zy-${MXo^qKLN#1~(cNzU&{#eYx#(Tot3HF44z}k+cbhAF=MZzAQ1idfp^0IO8OQ2i
z!*z)Qx7qWSS$4v_a6Qq{`sk_r!pvPCZdy+~Gn@eJcc>dj=XTvvl&yeTzige%5@D12
zmv6*eFV)t_{UOq6F$(xGFsO6kzi1u3S^Y>r1<izPqUYxW-)y1*w}4c%XJ+TrZzaDA
zS+6g&?Y)0Z8``LeL#3il*##a|A+-pCMUXdV2wrot9uq(UdsQ*TJFpRTH8X`SJ8fLC
zS9$p^LQXNO5-lJAm?w^*IElB~`%le`+0qML*fKB+8D`HW=EH2-AMGOmWh*H~*!@<y
zRq+tW?J(5>wO0baWhsCq%Wo{tzlLQ$zi}OMgx2ydoEcYFU$_yt;hh@=I;$HuM&Bvv
zk`Xe88e+;0-lV#Py-8ygG03*I==<d+uaLD5SrQ`SX1x(lhH}zE4^wb4c%q1KuQW}w
zkzxqY3y^OJVW<s5ShH5u$J~tiaoX#^ajTgdSyN=csV`{IV$ZU5A&xOb-fq+X{@lRz
ziIKwt%PP*PTsE>#Wx2$&^Q*{(vQ4e^_W70NJ;<7@cfuvRQS2se!aDbjQ&oXg?d94%
z&8hjI-~npxBQ=k%Nfh+2UY37Ob$LDk@wlZra=xy1zkQz6`JP$wrqp>eF!IHzN;o>~
zS7eih5|ilR>aa03X&PfOf$2dg$k&nB6Czx~>FN@uF$BIXQNr+;iCHPS8J1&gELV$x
zXVx;a7-QiOgtyYQ8l;dZV;==L%?)b8O^#@N@)Qak>s8f|c@q7BOAa92WRY;FS&fK|
zAsIhfs@JDetP26pkh@a?hz(9zUCg=6bv(GHh{#~*R2eJAr<Vs`uZ)}<@~;jVRjVP!
z<=9`Hgyl$u-2X&)7cW52hS8TXc2j_vVnO=`uFfxr7K;fZj<XngAyB;tu`x@O6)3Oh
z6WJ4T??NePFBh7`gBl~`e%t;%=vbiROv7S!;sJ~Y3CB#RC3>!&5*k(;LO5~jxQK{2
zDMsUaBpS;rk%u`q%^Az*W>6}6#f*5)jQBtR`GNfpbZbG{FUUFr;di4PPsZ{a-EG|<
zyw2P%yPLNRMsRQaeJDLE+CKFVs~&gNjJ6$KiBP{kx64@mbuyi3`?Rp_qeA&Wm67W}
zH8)C4x*Dppll4n7U6Cv6@8b%ti{m+TAl8{_tT%M_^T>Y584V{vDN~az07F^IHq6wU
z7`(;yX4q()_GW?sFi64}Aa=wvr=Uk7%)27_&#{M{=O~t4Z{bRrdBA)gPC1hOTxxyv
zs4gL*>y1Wi6{{tA5{m`_+mUlp#}7Pr%uI}Tx0}ZDju3ue&VM1}&!C+ni{~!@NzATX
zdKK}l2ca*@m{&K$8t+CyIOsSb@aIjk#%J<;ICiA}yb#{MLJ<x6B6j5bdC*+r39CFF
zsX%bhNAf30<m`DqK3%}SOZhi~e^*ILoBY8UG&l&tCO8PAmP745od%<W!jLcgc`Mr2
z8QC8InD(+wB}ZaAsGkNg3M+ZbbiZeBH(L7b|Aq(WIivAe3S-FzCaK4WZIHDZrZ=Y}
zdlSjRW;O~+ceFKc;Q-jDp^b@IlK83Qx4N7X{<g?%sSVK&CpcWwzM#>T<CwFdntQpP
z3J~3(GFf<0sBR<MQX8|0Z=aa9<;Y&d&MlDmiPRiSNQ3p(Mr!#hT0@k4(YC4W?eQGS
ze_eB%`>1}5v>&-R&@75KjWk;tcw)q-Eat#vIMK+W)(Gn8snMuXU%UdABPIC}En+#B
z#o;3-4l-Npdc<}vGi$wAz`b@27I1Gdy*#gy=g0f&=fBCbT#`0v!cAs;$WC54rHsZ$
zsKz?plv;Qz1v>buekKME@gb|79Fd3_&lK#Ek=kflLtd1x@u@}jPW}3n^9uUe7OBt#
zJlx19<ZC=F;bN?{3+#_{fxA!p-j@P6rBlFuLs~aU<G2-P`6=Qz>9A(2is_*?n$^~m
z>KH^QM^SUWjGtz!2@c(#lAv8B0Ut4i&*4>;>~bvsAStVga7h7=&yvQ(1AYo96pNc7
z+s826n`!RUZS_J_>FKokI8WXc;)*K;ks2DJ>9X>~^}CPNMP41NMCgbEe^7BMif8|>
zgbA`T<JrH|4^<wu#A$%VdE9jf`J1k91<NS^U5k!n4zvz_^8mY7+O*g<lRe2_A#QT)
z*N@($p5p~77i$!;EYIW+PIb#1i5u=&y_S^=anHB3BSbsrc;X5#!<%ptR=ydZQX0>$
z81HfU+oPUT_Q48nW52kpmHjZ}627vFFwc>p?O`nn_@c@Q2W@{K?ZmS?$xepcRF{?g
zGSBT+_P%i*$N4%o<~hE&B12DuZR*%aI?$~_TJIZF7QlLY{OskVfP2Q>gplzriqdLg
z%rkscYbU}TjhXa6RoC!8S2qPG5FkZ-B^c{qXJ5qD)OS=>a$eszyQ3-q#8xekB^)T$
zpkm_{uY^&rT9DcV@%tMs2HP1<%qka$vhTFAMj5QR-lELTgmP;wQI9b$kKJcNXeqfs
zI-K~MFn0oUb(~d7qR5*5sfE!ClmyC=@5lLWIdv9OCt)D&Y1&D!R?@8NOO*(A)w#N=
z_)@CEAr)T4bX*REeEUuqdjDJT>r{MBw`u)MvwMkqcj|kdwZB5p+W6quosbMpBI1QC
z_}Eu_-aTy@8a}Pp-E56*aHrAClf7$VKcb!iAt<@8Tdn6$s^3q`xJD9G`XImTBzBK%
zQ48xudA4f#H&y<5W5+Y2Bb^DkLT2r(Rg6DvSRLu#EG}(jsg^?8rq%e|S^(En3uz4y
ztt!_p`=|9XjR+x~{tXxEfRQ41*@*M(VNJ8wa%};NS#2inapC}IA1_vFvX>j)3@uL;
zQ_H<-{x^|FR!Qc<=J)9f-;C@tYcvyc3$;;|_SC{8V<nKRJAI!gH4qv^NtDJ~IhYBN
zk-~WCkdlizPVOrZ@B%h0v$S9VsAIDCREkx*AZ-cmz-OAXt{*d0>)l{;wS1vmD+QhC
zihs~zr{+s^XK@2F8oOZ=?g+<6YQU}^V~?PJ;-p+|H2rVh-aIg>>U{j3$wCqcPLv%%
z2MwCYmIx>TA{m&#j3y8vD6SZjAQ4C~nIS=iOdJp{(@|?{tNq$)cWu9IZEG>2g@ir0
z0d63&ig1UK&4mO6?)!Ppok@mt`TgGak9XkY-gEBRm*+g^+0K*1(ogLan5Q7{Wg@8^
z64WVh&%*F=J*+<ET5<qMoURu_2QZtbZ&Z<Tk6g==ldB=oCOUKt@BhoYQrR|5IYbOG
zEQ}apfc%jPOmS;Z`lRHa5_xmt-BgI{Wrg~IoP)pZLM<F3IS6SdBL*Y&N1%X&uhbvr
z5lDP8T>vChnLuJ~<ds=3Mw$XN3g|tE3{h|KEWw<aE6{7AM9K`gv{cZGklTOsl&HIb
z2XP#(nZzx1%JjfkS73BsViv$Z%segE!+#*Xn&HmeBBbu`h5b(<s6l~0G*NqyQfxAb
zgrlory)yCBaL58*iX%kmWxmTLx74fG2D-=<T$U(N3WC2@F|FHOD8YjoHyl<EZPTs6
zp>`pq&A}{)1M1G3*N}y*%o8m8>3+!;(nFhJTb2YQhbmx?$P1p(TlvZa?W+485QEXz
zd7*kG7D}mFNTe~WyTfcSq5_~_AZiF(UsRrpu{#Rlv&xRLjyw@l*8dQd%q(VRwAjo~
z_yt$o8cevBPAV9Z`&TX@c5zBU<-j#0_t(ltPw8_}pA?-Av){B?E-|^J%`Ga>>Sl2`
zLGGYXTOg$8B4$MX15Az;q=jra*R2J8wBM~Qe}xB%MO*U6&}>UMS>C7=GGogH<}sRW
z#8R(;$r+r03WN0rgvjU)Ot$m1%f#v{^r{2$MvyZdN(hA(i#<jM-cv$(V`_5{=cM%;
zsFG4?wTk7Qv^M<}NKbCt8c%wgUH_5|IFR_qp~)6liCV8;@dEw<!21brR$=KR1G~=_
z%C&u5%$1lR=igxNa%TD(iw%JcZq+Ix{JROXG?<?S>s^1H{p0StgxVXTNvdkzvDCkB
zq2`6UmJhNqH_aW$PvhBF{~I+B0=eFkn(C!$UP5Oqz;0txNX|a)(j{499uam6W(^yk
zAqcf^ImE$%qd}*r@Xh%vcoBV0?@#^}j7DInZ8_8oTGOO9U?robmbPOBohFu|`ikbh
znmGDYNYZGQ)ZM5=C;nrW-uI%}g*R-WN|2D*H0~W@ZW_~hTJ#;lnve#L1jo^zAc|mV
zpg3v@k8Myi{p41Zee`lZnwQv{#KI^E5<v=c2bM`AaD9waca-2+CR}Pa;&&F{$jZQQ
z&(o}ASOOTP(+^9ae<R40m@NXKIu}9IK&VZX%5ShZKT$HZz0|~MSewi~H*u~@n+#?!
zah6~T@b@QkvVQP^@GMr)(i@Vw#M8oNEhqZc&l(Oz;Q+B*!B<ScagzRQT4S*TC^C<(
zmDu`Efdh~dygl?^-7Bj*6_Lk=jq)k{L4gMLB~9MYv10^$KANo2feCF91XxkaMRN$E
z4DHs(CXyx4JXLjt-bx=a=eX%PCHo8j;3$4BV+eZ31iWL=tLhW!ln*4{_m!S|{NMNX
zW^%Cs?}vH!?8n~AQtP+oIjBGj3F6$U?{-rSE@Y5hw17z}z>UtyU#P5^29~(MJe3M2
zNW8a5FRcf{i;7^Z4Z!T3p&aH1wm#rp|LDeK%VIW#PeX|S01<TmG$g!XwMPi@%dMS4
zeNv>S+dF#1-zYsIJo{j;r#axcv}YuMIR#}eIPfJ3V1bS%cYP1p1$te>EA-}4^~fE-
zL))%FlpTNC;_WRgmPCtu(gvK?$B_VqupUN}|3E#5wq1HAA!<e{G8afCLgTx^g~a$0
zoA6K*yS&5-(~YZTksa0VBdNX|SOZyUuT&X^gDbF7Dl5pyD1<Na`l6=gJ*NMeSklc$
zfh2E{yG!f2OaHTMMfCRhe~^V~C@*>}QDQ}r8=4iC8>t6cWZd+KY5!kS$eH|!n6nqE
z2mLXaT&eo~JoM)X@|90SKpR&5=t{v(g=w;j8bDu)U+&{OTY@XVn51EvVoPC8E3h?h
z*%ss_#84L`cMQpZ&x5t-Vyjw-hB%B*342?@MoOU&V`<J;qi9afF7Jzcdzo)s`lo-y
z=g<rpDE}oYq=;7V#loPAl0T=MI(+`NG;dX78E=6eAi=!?GZLVVU-r#2pmxW@T>|ld
zKS%@nb;U<%OY<BL=V|L%kQ~Ip1^DYdsBK20lt!O2CM5tqMmj~YO=dRf9KKUNy_*ZT
zV%(PSDsbKK{8a`!&_~-YYH9Vk^2gIBmwu}E^hU^lbG_}aHm1kt023uWu|Z9d4bH%{
z<bcf?n3AAvi>-hM8=R0+tll{6Sqr`4=A35lC#=P>5EQ)N=!>)A<20Q0QAZQhBArLa
zZw9zFA4%%K)VnHuP=ypzG~G3rdbcl)4eBJx9#Gq#u%71Bgf$9%Z(^R-C2!@Ud887|
z6V1c5fE?-R3(UG1Z(V~2U@}JU4vQ4L#AaLZ8bNIE`p;=TEI4l_bV=YDv-HS1P#@Nb
zZo6MN??Pbl6TtOvfbzcKM+1dfBENXqTFI4_9PHJ{jWh*AG_Hlb09DB*s45_9S|sy*
zKiPe9moOkXwG32dSdVC1;1J8by};kaSLlzJ*{A4p&6gzBMk$aTc$N&1M|?)+(->3f
z+i_nk5LFNYAR6omXXHlVhTQ0LVICEG0c^5tzy@c~X8|VdeVJ2~<$XZ9ibdn*gB+g+
z@tjelhwh*t?WB^}+Mqu-MHco^y$2%!(ws{iqt^uf%F?Zid_2Qb{BwCawINI|rHHJ~
z0?NLRd0-WVP?`9#fMtv<ub^q_O0nEz-E`Qt;_MZ%%mdPc$3%Mmf{|>!D+np@U*lc+
zyr<dcLJ?8Q_lSp#W~sh9nK2S&{9vv_{4e15=e_`j$hj~3xVj;_QBI;_QG8|=WNmNA
z6*S9S<0Bj?04OJgq>WZnkojaTk6*Wy&js4xOv!hZaQfvKfB`$17y8erS7E^0w-CWl
zH<y`Zsp+C6b|bdCbZHhCC1?(E{QkD@JSRZ^*;fZDduPyT04ia~=DAPt0zml*l`ae{
z>Kp!BHkR3sYl)i)cjO%R3?$Afc_&ghUwSh49=v)v3Bvng>mz(iIZ@Ny7X9LD3WOUU
zX79-fOToGMQqTtd_v8`&3YJDNw+A77Ows$17fiFS^n1(#`bz=RcxPhvWMa+%Wz^qA
zdPpHb!^s+GF2fpw-OQkEl1_oR-s->#B_x#)SvJj+DE06?8%`OC-;IRQLg~kOa;$)i
zn0Sa+VBv^B;^(}9szj+SOqBXg6vY?-V!|vA<Jce+W|b{5yXmztZrHCH#zodcXcT4w
z@&UVD{v)Sc{u4mV%WR1PZL^Qhb{IQYo=vZfw<Uh7xL{P*osTsi(g$;kd2<x$CBPWL
zkAjJxQI}IL+h2PHd($Mqcvl!|CqyUPICOWTd<Ei0Zk2=@nK(y9Ltf6<PJ{9z28YCe
zey&*TIZS;aol|+STJ{-C2h$=Ebj5*<5Aabo*!{M|3aD+MIU-y%30hb<QJ=@+73f~1
zzm<a8aAT2bxt!{6moFQ%Gh(p{jv)OZq2p9&k$yk8D<>=k1E+J1CbO7~<>t)CfS7mP
zkKO=vX(UJ;3G{f<%@*^LMU8gC%*;;Alp=0lGe}~UBHm6dp<?*kPI=A<8R32P9ixjz
zBUh;iK(<T54zqK^8i6vM%+B3wnw{IP|DrpninK>HT`Iqn`~Zn|xUoBn$kl;hLupeZ
zcj81Ube}3vut-;FtJ%DVp}o;K*-Z79kq44|ZZh-1T;{)td8@=+6p5MI9#dM*86r~9
zx5d(Owwo^<#R_W`I^|_(yt6{J?+b$EC&Pmvh6o<4@MMgEqR1HTu0MWzRNN@sr*T?r
z<9<n&vN4F+k91F>Z`=q^cfC+W2l29SiCfMWa1mHO>EHr#+zytX0?WZ_!hIVW=c}r1
zXq;z0)j-v#cWH2bw7LrUq+-w0Wx~Jgs&9l^%NiK9#zAa>tGBswK14p{Gmwd#&!7o1
zx%+Q+_A)Ht9`MCh7WA^fS%MU@KD?g=%hH#;n1PMgN2*X6dCoDP^f4xkOsPy|Axe&Y
z$>s$56TqMO&`1ty74_EdEs|423Yd3OIC+buA0NWs3R(r%cN=5AldNRSMX1`$qk=r-
zt_r5#&PJfT8628Uu-bea2+Vqu?}F}rCr#A8YZT2Q(-eof*lewv<f;nz*%7mZeMkzE
zBYdB9_BABJLl;d&;<880Ajg|BXI-V^xC=W%Lp5yzls=ZAUPLf6HX2(x)(NTErO_f*
z17r${0Eu=A8?O&TUEq!kNcZd4T~9UL&1dcUu_JU6J-|SQ9-l7nOmCvY2osaAic%sx
zR&Bk$E+*>jW>n~AJ4M>Z=1o@gUT$P+yi4^GN;243!g?<V&s3!{d6h~cW@MH5h8DWq
zOq$||q+Kr~*^Qd9m63e?CCT?QS=CTs%wE>q!xW<g=SalRooQU4%9RQEI#B^mJG8Gc
zj#n%3s`wM}d&NIn{ANBC;+M7JuTQhoxzwlvv!-ASr6$2uI>A+nK^Wi)sFvqi|6^$u
z??CW`l2<u<n{#q4pb;ptr4cDjsrkG#A^A%yGmwFU@y#D-m3@KqF95oQ`^=f3Cj<bI
zJ+$b9<-}i#Wpn*J(~~A<FyGD;HOj3$<|I5!xY*LYQxzaB+^Is$mhWtoLxmZ0jTwIF
z7%Ei8gjX_*ZHLW{lo4O0N;F42Vgz_yPfF>Cy)7oTEFY~6C8=Q1OKMg5&-Gi>&3`fr
zl9G{P`$^M=;GOG;aIRl1I@)$6FyhiC=tJq5sFlI#LM|%n54mW|Bt^?IDa*m!gHXTd
zy-8rhiA(tI()_Pb6IW0X>+!7=Um)>xKlyeKlT=9Qlk7sKaLg<SRwYMdyJSZkAQ=P(
z4pfg}UE~p5mNbU$ceU<u4N~T3GZo`LKZA9Mnh*4$d}!1&A=Pub9<n4u{|mfAtTb7|
zJIQblrK+>LwoABSQJi!-6zeep#GpD(v^#BYOdMl-<I$UtS{C*ADSZn9Q!*fYW9>J4
zXCV{lE>U!d^CEZG{a_a=1)_F~*lixNFfBaVe>TZ8tl{kKUwX>eqXVuCXQ2B}FQeR?
zmYTkfH#w1^Uetn3nHH^kJ>lVahSLqz*xDBUl~f{MD&dM3#rx4+p(eS&59JY<$d;ej
zlP1W7BlH3U8A7voJtwch#1G}6C4SylK6Kx!z9(*0k6xe3!@3m-ag_QE*B~g!K$OHr
zGfA^NklCv3Mj5Z*0Tz)*uU|@dFn5i5yq>mSmE0>J1^AD&QNucUZMaxOofci?SR-hz
z8<@}31ILmzrD$vByuMP7E6n>pfRD3_S-+jdX#g^Agvlufk2zL0%#UX{xEEyfZ~M?|
zfvbdaHry2$DLdzNN<8?aKJatNL39{6#G{ouB;=Etas1{M8yV`{2k5e?!SoC4u5|q^
z-YZ12YDc+LfO*s89T~n`jxdb^&Qyr!R?h!i^%1zq&E^B>+@ja)m${SMi>&nJM9glP
zs?ERl)U8^<wKRR8^uJr9e#eDUCPeOMTtsRTV=*W7ViM31kvZnLA9`McA!o)#ad2{i
ziBraLK4eD<EXuIGF}{wFnd1quZV4sP_w9!=SKu{SKp~iCz!#(OD4q!WCc+Mi-bW40
z6Oasxz<)8_w&Ddw1Uv(?=nm}@Y<*!wQ$mz^8^0iJv6iy3OanJ(*oQ#$f|FbQZ3&A$
z^k1}l-VaXxIQzK&zy)s>kBh@30}QoqYTfG^_n)%)i<yn1b>m5DT@V~LU{X9n+6O7r
ze=*Cp{4HModqozQIVfFDe_Nfm?!QOB#f<JM-RyW<2HfF$JkesaJy|U+_P^CckY#a_
zSXjyk50I?nHAPr8;K(9>qN742ZwiOjSA*tqM!t~;*4}K(1sia@Eh{2qmmDc(l`~Pk
zdAp2HSyUJ9JD$Qs><_^<KH66E)rnc8!O_C&5?sb@oY)0hm_@ew^HbV!yyv*Rt*dSM
zpGYo3LN_=X&OiUc3;k-x<j>pKRVq6<Sk`5Gw71cYikdge3QpdR4%(vkO%rfA<jde;
zw`uJQ=C5DAc9b}1Fjn6}MB9q4pd;>ipLXSNVBKCl5@Py)>{kxe`}HHlmn_$))bFZp
zfHq+XRmdwC1MA#yE<a#fenJ}GCDQxzHuix4VsW5}k!>iee@V8ri0rAZDVDA|RC9|1
zBDi5B)sA+2cvNcPNcl9{#uyWBSz%~z``Kwz^}DDH+$(nUQ{mU$9Kqcmo@md~wwlXF
z57_+MsfTE6KCy)tx0$p1Kje&TiJ7xOYoa;-iF$2*WI$5w_<Z!?9o9>F2%Yct&c9@!
zx0yq*TFs7A;V<$rC=#6rS~E4P;Y!6eck7XbH`-Ps%Co+jd*>&yTmAbsL$2SiOCL*H
zSGVUR`P?eAYqZQRW$FuaQU7KY?veDFk@WBDL-K{(IX-=hMZh!Sif6W1ZTb48lM`w?
z;%i%~N1_PdSA<pcZ=EtnC5e1vwS=!N$QhqrbGiQ6C12PiOOFdPEL#`d-%IJ6B0;?q
zL6hL<KB)PwO6Uzv>R6eO#^C^g)RPd<yJ0vmIg3AO$Wyc_ktOuvvUeKIt!L0#PpLhv
zZ8bwTv&<zsXV7i5B7M|?rqraBJ(IO_m@4Fk$S;KT41s>iESL61lhhldp4y77ss&RJ
zd^v-9C&)9xR5_=YCb)tLH}Y9vAr}h>@zoVrp^^ovKpv`Qx#It#(z4}eBWGEUJo5~)
z$KL1`zr>RXtcv)N<l(aF;5U*0un)(CAvlj>EVR9?u0TNIBLhIYH>q5}8LkkMH!yWG
zKXv7NAk`VgHu86sRiK9Sr<K$fOy7X2Mb0PH@hc~)le}qJEy7P%HdK2ZNMj!cK}{Ck
zIp|L+I+|w(Q3i@xVm|mKnGNVB%FW5e>yri12)P2cn%Iup|1SF$;K{lJe7|OBAjfZ5
zz1<4}B}h$vR4}9@Eu1QRwj@`;f!(|93Oh13yR2u!9|)u9CAa^);dw#fn}CGl*$8x=
ziSXlH;6TX*)`Kqp_gy?0wP`#P(2DkdpIBgXp2i4k!}q5QqYCA^hVP*oRT0`EtLeQk
z%j3OpyfCr-O=;oR<PORoH?iBwML=6^%de;R3+0ZytJF&i3BN}z1H%a$Z2qo<t;$bW
zC&)btCI@XF8roTuX>H3^5z?e%Eu*mu(@Czm_B=Yrzod)BQ^TcoLe+;4iTR!a>lwXq
zrz{*iAPh5wW6b3-`84K0cm{VmkDASCjr*gm-c;@MNLRv~)@G>XsR36SgL@t5RrpZA
z1p=v51;`{Yilk@s(vD0$uOR@8rH#HJrL4`NA%;FCGJ+va6|qtlzE{*VT9^^q#|Js#
zWwvE*_YBb1w~Ec8%?Z8X9V9GG-8}hwi#GYZG6lct&I`>468(p+wr*cJ<pLyuDI9va
zyPyr)!R3zjZD_a)UMv7v3J{sZ?_AbXwr7Pih=6o;q6~8n{a~KN7pXH&lOYQb*`K@o
zie!+96n}1=dfB761FoDcF59Fn&<`>|r8elNW{L1Gqu1ow^oq>`t8LZ73l7^GMHjWx
z{v%iW4_@u?)t$#$2J_PTt-G|SP52lVOTG15Z98gPa<kC$u1uiu6zFm%(_G`~(ukP1
zs?P2|dUei4n0JA?z8{{<^BuJk9;h48{w^y%kUIuc+tqMTF)4F$R1~{*b`H04_zzC-
zq2D_KG`HpktaconV0$BVn(Z&|=WJU-PA<E#ITEcs{Bc`2bxy<4Cfl3_qe)uhYN)dd
zH*^s^RF^$kPIHKDA6<qWHPT+!1zLF~&we$gL!!~)hZPas6uR&qOAB8q{^00inemo6
z&Bwa<4^f$(cc7Nb=(++6(?lJ@wi-#X$53-<LepX!ngT5K&1r7y>4IQ!7Zm)O1jirL
z=1o&dL7&ij`c5$JaIxFkBwvw~MT0e0y0<oEjzi142+rD_YrFF<va4%(ZLe7!EA!5`
zr*^D#UC^H)2NF9rJ1!h3Kmd>&Nb0x<77hQF4eS5IR5USHWg9Yryt2f4n{<rUj+GGl
zJA_47<3&LxA@6cuO*OV-FXWxsV)OL)Hk_v4c1v_thT=hjR?WO%dn5lMwm%NZ#PTg+
zUR}<_W0*?w+f=({T5SePZ$3iDqA<|v3d}y`3f7)-jjJ)|RgIl#ne(;GtD3$ap2+hZ
zQS+*1K>NGcrVETd&@E<OWy`#(v1_L<omZo;%!tmbsf<|8R+(3~*^Tub^NR2tIor*7
zbwuXX#mKyRtbJZ#*E%v$nvXHBw!xNQUacy;fMWWgtItegV)b`5MB=jpU=vgc=z!g(
zh5L&)IQrS^WnSrB{0Ep<36s^TLQ7X|OjzGxx%P(g?@2l@GV+POvoF;qGR?xh$0th5
zCS$j#Euq%>t#9e~7U@peqC#RUoF%J$>(1P0D%cX?7Wqz@j>a(9l}1a|WG={Q=H$Dz
zASYyd;#WWsjD~RhRkO*}aP}oa7FA*%fUCt4k6wqloe#9FJ5Dz1aVc$pfRm9&g6T_6
zY2yO2*6oAZSh>4zj<-}aWgeM_mFX*OYZH>Nf6s1W5Q9?_fQA!R&IdK|?0`_6qkhmu
z*6-?_2#)`NlR4D4V@wK+e&|D)?x8(W!-fme0^5@>;PIUsVSDl!UgivDjB?cwDJ!Wp
zc6TP0tR7377F;&G2S*TB!w~^Bg@~&(9F@0%oQs|Tiphat3zX}GU!*T#Qx?qyHtj7g
z<eEG;t6|d~OLI3IP^qYpe@oh6fi1TNJrlmdR!~6-sUiPOvU63c&c<tmM~liKnl^yg
z&2qR!1M*CmDxrEngFxl6V)7MAa3AR}Z<lT3r2ccxAF|N6$hBjkfj&uHM4tknseJ-J
zx1OdnhbGM7s^0pPZP1qeSdHI_S&8t#V9y{uVPUGmZWeoh?0RyambD4J8g2Uq@=9Z_
z*=%pfZCdb1pl4xh%`SyxXzP{5x;avWceL1rQwEXZJl9H;UEMQpinrVW3U!B=k6X(?
z`iIo*LD_Y-V^(;0b_*sLGWPD8!yZxZxq8lEi_iAP&N<yLPT=B(2~<fschAsttq)1;
zs!W73?t%8k#|Vw>4&VSJ;l_&sQ-CV%$P{8-PK4fawu9$>jp#<q9nM%CJ`c3Q=C1Z0
z``?-7I8UZN8Y>3E9Q2X3jAfq41ljQjOOVBcz?QuAEhzoCv7f}zjw)lepP4j~_s6S&
zfY@l-Y32wo;>R!zh2)s5&!WmQP)f?VYf<)2z14xJm6GYXlt9={?OQj5V)RedNN>>>
zm<5nQ&eyhO7x<J9G54u&d1(aRql)O(cDS{7963#nnNHiZCPy)Z1qZfEpu~I!9esu?
z^FsC>H`Jn>z4a;bA@oPmtxEHqo3QBSg5U$zf}A6sqijnLSep+e1EZ+2Gv!b|Y6l#x
zo8lZO5oB^V8O(xXOV)vP_X(Gw5I4!Kz3a|-$CK>X96!7;SjwWGi^9@3w$*8cnPF^;
zE%{NQwxKZd3wd3M;YFUFYbLMq^tDb|Ick6#{^N0y(wv=(2O?i&78AarFgTzmW{i6Y
zIVdi~JU8w^NLY2R<Ngic<`GE}B?Z+^G3jP|$|fkXcHzvFcpDeiHHG937fxul)psVK
z!IB8#lu9EX>Ov!}+XzW=G#^fOSl^u(Oufc`HqZ97$Xhrx*jjLwAHVsW|CqHpOPx1>
zk*6Q;4Nhcx;t#~}jj_7=v4=a8yM#Zptxh&t{AZWe9-s~3?S-W$9R9DYwkIB=;!p-%
zna42h^LXm5!Qx@x3dp}a{4hOaY!ls;W0K@El^q29d(+}L9CDIIQ78q?oM0;GLRVMm
zu3Ll7VU~i-U0}xb2rA#3E>UW%*k5#ucn<b%f-|rZ@+n7^%L)+rOm+tot_*pp0KL`e
zJO?x_YQMm{QG{O1dE8~JtfvSqO6!o<5>X3Q{#=ocK<i+i{%W3_iI$E)Xs4^UtH|9N
zp`p_AK`sshBWDQq>1W?z;pGc{DTJ6rKCd0jyHM;_Y?giz8lEQuaEHlhxBudV`T?S)
zZimRHtO^2n&+D&~$;8dhQFf$&I1`BwhY&A_pkL<@T6T65<~pAG3t?0y&bG|d?4=q)
zLlSlBYO@-WN@T5s;q<s|?IdPusWoB%XoNDztk$a3?w1>>o$!!-V=bP^tAGIGFM9j%
zyxf1FX}mAoPcCvz_KmZ6zX<>JVw1O<`N=ju&Xc5I5oc_&8ORb+*s?b@tSh{np|9Sj
z<tLbYF#pE6F<@JWs5?y}YUG~T0=ejfUM~o|ovw}yaxz>;H(G!!AOctiDAf80q)XG+
zd`^{vqi?+i>SHi>3J*Q~m(i`nwrn7&0DQVBpW?W)An*gF(k*)sM<ctw3u#-&EXQ3U
z7300djpajz=5i%Q3YUexu;&z|dEXX+x*0zwUq2R}mVZH2!V}RCR>vcK+9sjrhPmdj
zRUaOS<n7`AzGv-aoMF-|pjsd55GK+%Ol2Wo(1kjOhJx$KeaJ2(8@tF5iR3Ed_5l!h
z6n=}SP3OwXH-F^KDQ}`Z0$5dY?%^Ax{?Zv!)Wp!XvU?ftx3)r7SlJt!8_hyg2q~tw
z@VG|3*_Rv&v~BveD`gHs6QRYa`nw}V1}L;jPD2>`u*jVx>{@ePB-pI(oqMS6V!n%Y
zts;TH>WXmsrdSNdbmNPwbiKQDs~nrHD5gHUx#lX#<SjXB=>s})>Ml8rl=xI=jKhjr
z7P|%83xL|0gN>4<Rh<3PrC0kZew@0sM+Q1WEPJHu%`c0MFWzLYLK2*+$cdPWk3vY9
zurao+#2zDW7)fwhn=#;C-3{pos8$#ls_Clg6#5a<!h!9-RkEE!HD3Z(!y?B-!^;dt
zii<kwB~#`6%$rP!3V1V|uZdlt@#Knk5=HrqdM5Rf?t}$H-);IIMc=<Ebc(u><X#uE
z?q%MC3&H2kxN@><a>3kwu#4@ROKibWj>PNV6q;G2>SJ$IBXW`iE($d>__4|WP1)yN
zS{&`YmrBgEco02cOyuJ4V!GZPPaU;5j`@5=c-9pt<RzPPJKLuRwOjOw*Nd{{5i%-0
zh0x;Z@E#0r2x)iJjvQ+0NebU0oYpwEkP{?thItl;X}K_4869v4^H4H&3!TANXISLU
z2Fmw6o@{WLyBhdJ>aJh=v-T;}b2oTiZe&#@(;|D$df`qn<@L+gtKQmDs9mpm?<+Wz
zk(sx57oP-j?FlF8*Ji`{>kB}i8x<H+YzcriGQp;y{zCJn>hlU#2rDLgrvfBy4OMQ;
zgqk2@1-S}Ek1K8g84W`L8K;?}G7+IHF{PAB0ke!|Qb7z?DgzB%A^?)B-~_Va^f0rc
z8$z|-fzF(|H1GRnYlc&MEO4-~EZ;{bgeQp=0bt^gW(6a5nX!_ivHla7$N)_2|CH4-
zmenGwg#BSWg(-V~LS(a`|J}@{AW(wKv?5SqjJ$cV+>8k}Px`q31{h2e8AFvYn-eM(
zY@_k?z)(G5Sw~+0AO3fQnvE~9VwiS$7LI9Z*z%uO!z2~GNh%s70t4%m4$P5v3^a-v
zp<%oW;3!sr<7)Zxc={~v!&%lt-dXgb&mrt%ZGFnu&Xn~j=Tf#UzFHMx0+2mFZ7=EF
zPbf*`1~9})o@rQswO(`wZn3_v)>W3dgs&D1w6FflTWJW@Q0q6#t#wgJTpCatd00}Z
z<*P4{v1jc@+LcVZ7}>@8--oM)zetY~SEjgA%v-u-Rj}C3DhYp~uVD&@HEiAH(h9Mm
zCZ=)FF41Q8#dag>*Uk;tOuWK0-(r@^HNHprJ3uX)-jdV3zQ?-|(p4tXpnUY!hnOu_
zE9l@)+FQQ!V^$FO7&5>|^?jTv*l<2{qrG8{#v2_mUm<4uqB$|_-!GbC5s$p)`y{!{
zZKDs#9mzILlaYt{2O7|rL%RhzVqX*n;Ys}zq2baft9&&SDcF3b%ql$di7?<@+7r){
ziieysUE1_CTwe(2y;c%?RpNK&k}O)UQ~bq{0WA2#yr}}8BWty0_4}6#q2{RmrtDGN
zx4IyUr=J`8M999V5j#N<jIEdtg0ZoCUPqt+0J$>_6++X5Si@H?rb%I7t<=a7sDwam
zA`^vy-%0H-YY@0a{}{L=dr^iuX9_;?8!0%rEP{6c5!}Hk9B|nM9A}aeoWXfkM5>v=
zeZlh<f$-5gOdK|4D9}5#{Vs$%1!d6}kWYA~#7rY*ff+MDIOzZ?3)smOBn#2v{d&HX
z=Qpcn_5LG#jmiw^+MOcbC|S`AL{P)}mBb9yf^gyi<8#=SKa7W3`Mk;ejq~;n4{KaV
zWJbf8o(_wen|^^F?$X)>C76<JM8DXUA0<~3Sv_ML=c*)hK;y$PiEYa_5~XoY`$v&c
z=}7;3>0G#r%fx7nnCUSgXNLGd{Q?3Vz27<B1j(_O*9N^cNM7G20%%XKK9F)8Idgk@
zuNLV*JAv(aue^;oN|Fd|vUCS}p2k)PH?|dPiRH$&UV#<cdhXJ?o}m?l5TP%^&fS57
z>8*l}i?J_v=|V0FY~wDfBqS_QJ6zJ}A};XKEXIF;bp-!yy9(y}eWV!RfPCo=)?vj<
zcbOL&byRA#Dtuv2vdkf8m8;p!wv|6qS))xJzDklSk-l(>)KEzUMl-4N7GggV5e(aM
zD;1T7OQkxbtPt1@E|RfK_9VH3Z>;1aLPiWBGK>ACn^%b4ed$^BCK6AaXQv7L<P|=<
z1FK(FkF}D<*six`0yr$KyQGE;PP$Oo*|(V#o`I&C2&Kywk**FcP(fMh9H7put0x2f
z8NjT%rAU_5Cytqg+9pSFq4q9Y>IJn<p@_W0rqu9N2EuicPcq0rf<A1AtX^|67jVn(
zYh)%zkAAZFw&RK17A|7ZFRFk7?SIpo_#ifEGbE$5Y;yQb`c?_UDpYXrk~2wwk{8ou
z)01PEU3R=Q`p=M;zVf2q2Wdi}#{aBCJl$f7r|SpU=4mfPqNDn#CSo1RkWQgX5<)+a
z%(UHWE_X<#x&PoC2lxuUo^Gc-`foo{U^gAg|LXu#$>1AuUcP7P&8%m;R5L;Kn?7CO
z2a{7sNAzz(_$tW;VJm?Jl$5Fu1ZM~*YrE7~BuH}o0rF%k#oz>s=C~&w3r9@G=t%#t
zui7Dj4*I?is0Y<W1X21q=FG%h&&WG*+cPYkB-04UhMDR@O-5*jDCJmg*RO1(a!i(#
z>^;6EmTKE`8`jpTcAwP6J{X@o@xFI_Ys({n;Wx~{E)DNUA95w`_-fCU<7>Ui4e#WU
zW!N^p#FOZMCofElJRq8BO2*V(XD>({Oh%S~J8LjwvJSI+%Y68i?v^XKPP!aLidFKY
z<oOLPyyVRUxA~`!w;2v?>s#A+aiVV_Mi{has%{$3hC+{ehJ4JktvPsAjU8%?*jd5o
ziQN0k0DR`<@S!fKlg0kFX(A$LtM_l=kDw(cDkTi=_=v5`3U!;Dx&`U~&Y(ju@nldA
zmZ&>IdBDnxh^tI-ok_~WKCRqfDN>)Et_j7&$`+q&H}nYe2vrR3fZd}1j*Nsdu_5qN
zS+GK1RF`;ZE5r+zh&%VDWI)EDNyeR=5QScf8-vRT#J`f@>56QdhJc$P#$0DS;EJCy
ztNFl{7)wZNZUg<9k$g`i@0ff8Nv|Zs=^|m0(2*op*vev`L-Cv`R6|lMe#!$p5ov2D
zd+K*kd4^0~cGF*`w@qPA5IBt)c`hW`kHFPW=gJi!QwrSpK#ucpQcar=5%TGnfV$9(
zWzrK!gOt$+dNXuttmLwhVEhO;G0I_fh{JEQtBO0!9?55!B#RR8I8ID@f998YD_!UY
zfrozR5tw=q(Kt?^Zgjle=x}p$pSO46xKZi0CngiCK!}pU*=-4rXS?pnoqqbJzsq<w
z%R+!9v&lUK#<{Tx&TXJ7O*~MZMqAXez&$R3d_GWvBYR!22$7plusMeqU6crm9f<AK
zU0gd(xU8Qj$*y8KaL5^5VWU0r7<0i!1!c5Trr-b>-dYv)6R~^SS3fyH;_w!Y<DKaa
z4COpL&K;;tF39|@zzXU7nEw2m^qbjLZYx5E|EarD>0dp3Z7dl$B#@Q5yEJ&yXa>`>
zSXWm0E0&q!9k=Q?QG#S$K#loBs5G|L9hj2r=87*<`pS)w3%OqGdKsGcDGT*zZ+|%5
zo-S-+X<nC%+ba2}==?r6_Ltn_dZt(RXMpI$YI?sm8L0rySL`z(hdK|Bq_mzBS0>zq
zsa=-v5x%$r@e?;EWI-&A%!85aeGvbdabsejqKK#u_HT~!Urek;kEHu%IpLKi{FRfj
zabRVi4Rf?U8~E?S+0v3QF^1X41ETLg$F{Ud3>1ju9Nn)YaJHzAzimWq62`gyY7KK8
z#`@&EH>}3{;lpBq4YZh8NQox^;}4MHfdAZx+BEKSLN*~D-CRB&K$;5Rtut4^ABhf9
zq$rH-h$<G7*g@wqIZY6%<^X6LhKuWyA!h*5oFp6?&ecC+gL3<qCR^C@dI~JDEqes<
z#PH|(QW(wZ3pE+a)ew-Nejkl&TXs5G@w%Dya`d$e5v8YCkFzbimgLx=^B+s`pG#Pj
zFy8K60`(ON_Fh-;9xIZvdJ6m6qOk9r-E%~Y<+SSe?WL%|WG29qvKdF`z#VE1usmCJ
z4>5v8t&-y>{x-X3hugoliKv#k1h+Ajbv2o2VfT>9v)u7ds)=Z&Rv|GJGJdf4G9l|?
z9DJ~C`OBm+3)Me24BxoHSgJ5K{P)6JiFrxk;cNbTg3Tnr<{UPjuDrCKU}#!Abqf6v
zc><M3=Nhl#gP1W#q#`&e4oDZi*MEX5yHaZV`5wb|IaW$IBIrM1O^C{Ua8i7DoXm#4
z0VEuhk#SZOo!peHSzYnBM~sZaekWL&0}4)L(l}UoH;~whAR5*NMSLr`bUR|swU_13
zGdPrO&xcaKJ^V$sx*vrKE%5ftZW6JQ=bFSi!f^(jqs{hJaB^l@edivoeb{$ydTkc7
zC_!)p-?;+Q;InPT4rq|RbCYb#{y}){XdhPPmj9Em&~NbvZ~c?nLNWE$x_OXeHpGpm
zRPu*C^}cg+ZOeZ|%<x$Mv3%dTINOTl;#(NJ^~b)mm)Ta-;xqS)4-d7je-R`8-r_Tx
z9o})iLkP6oC2=_qTjxrpWNLdS$Qz)5bJ(o7a5mrOO9<-(6J08-Yt$c>%cv6MkP$|A
zn!_rf7IsHGU3+K*HoHAt=z+BG6>NIZB%&-%7zkKespl$rR01@3++$nTKt|@Yd*n0F
zwo&NQD~h!f^?~q10vhbVLzEy+>d&yqLjFYASX%YRiEU23T0mRJ3i(2Y%&nO#WS^{v
zgO|><e>b_@rP#Xw%tJhYim4w3#f;4p!B4ij$;n{|k*#_hB{N-DUO`PR&03mNXM1`B
zc$&Q4S#Otz!?x@JLYRtaem!5*=U4m^f9SUMz*$t&w&Dl)k%D}&pMs#KIdi3e8rnl|
zOLCz|&GsKS>2E9b-hw<MHX%WsXR@U_uvaE!)o`c8Y;*s#E#Dwr+d{|!v5;G_d0D!T
z5KHJ+{P8_zy<Ze=HZadco^?Z<L!B~ImQL-WZu|{-sCbp#_+j45U&DOc24`m5%4O-o
z#0~ctf1lSD6ZlU8|7vw+o?R6`{yxtn0e4?hYmyET7zgp;TEeg9N-TIy%rXpcJ2Nll
zY+ss^w{lb;QT+La0+>epU0IOuK==(gY9wDxwzMk&+tz((E3X-7vwS6X_7zSremM~!
zdxD;DtA=3SeTmbP#qtcLlY@fXAwM3FSEvqLe62PeSe95EjvZtrLmHhp3bgj)G$Z1h
zr8|9(_nd8!J4i5fEy&n3X+V)$VJn^K)ATp&f)lk}^!%BbVrqo4)&<AvMm>urX$fy5
zX0GZi7XYnP?eH|f`R1TQ5+wOlLlokp-+MFb5D+G0z3t>f%R<v-Z35tssn$ye2|90E
zo=%U1en143oo(4q=n9FGtoKOo$l)uNHI4r7O&$K}B~7(06Ie5Gr85_Si#svX2%7C3
zE%wU+ktb!-%qp~UrN|U)MX5Ez?cp~?hrqV%O6nvl7uwk-_@QAx<pUu-j{jbXS2+U5
z_IFqMY!Y=a!mLiv$iv~$|2>1bWFX{v-{T3hE#40mIF_dW%Z?bc9om-NXHKlNQtt>C
z^mr@;2{k0rr>*n@uL)Lf3N~6Sp`-YP1Q-%ZvpI~Ho8P<0_b?a0EKmavb}Yj#(ud3b
zCY`yN&a{Mn&+A(DIe@1UQ4OQ*&dkKFrht|Q6$^g7YGud%XImz!#gvk^&<pkZxTgzN
ztS#Z$QMg!l2Eci{_)IGlCB6P-3-v6Pbl0nzdV0zu&eKC4Sa)#jzRwcA!m*dXsg6BM
zkjmz!IIh9#R125j4Q?*@_TS5@Vwr}ngZ4unJuTjX=t>JuGy_uG1IUOVE-&vJzD^BD
z*k(pajz$qe=d3~InZJl9pNCrH?9r;PJFQORJvogF&K84r!ogjH6~83^i9C)@Py$`p
zJp@yBVUgf8x2V0DN0-5U$~^7<P{(w4N|WouLlRRkQArG=VM?+}4d-5c;8YKaEUER_
z)CVG|k&A(_b!RfSO<6s4jynJgqJK2%lc+cv0xKwIQcah3zzyXaEfmK;#V>pv$l1Ux
zS5DYvn;e$&gzHbT$AIa(VP8qW%@SZ8n(p>*OfJm%)_cg684j<Z<&s6T<ydXwtS7ve
z*8Pf1q^z);BtD@O&2Yl#Zun{|@J=0pTmXJHtpY(w#5%k10R7*yY8lI=_i)(CWuYoA
z%~^I>1%6zmNc9N6X-L6lRDRy$yzekR0Y?T)Qfw&d%#f+Dy79(4;k=G;@-V|cl3eWy
zBXeqp^cFc~G;EY=MO%V)i<quT_J`q}QJY(}p$E8qCv+D}I4b6M0h`x~dMSJ*n)VJ&
z6IEq5v`(6XrJ1+W#ZIu)+vSGP7iqJw=Qyb#)JUvZ@|EVpe}E-um*|w|QeD77+C;`^
zG}pls2Xl<Ty22r&xa=!o6LU!Q4_zph_qA5zW43_t0N<y6%_qczy<O=};aFygus7|P
zs(B92B43y7Z3Ik&pn}zLsSy5PQQq<<r!9Y5c!Gpw+&09SbPBP70xKsKij_LSDd7ty
zixMry$MiZZZ}}pipO_L<_tWq&*?(M4?R}^99Xd@P0@7QEW$>1eUG@o9P!U_8$UAd_
zyhROzY+JKrEOLpfxG{y=SqJ1C2C6S(BmJsQqbEB?DD<?%HNSO)G6fMK{aWY^N+PD=
zD=||gJ(Q+2M(JqTyX{O{6$;N7o|IUPVdl!-0nr0C%6T_p?6Q*x5hu&dcA|ZZavF!Z
zI63;ctc)H$WH&=HZSDV*{G^94hH&1d#O76p`wzsk^~M9d85&kKy~Q;O$b_)9Vv)+f
zDNf(Y(N%SVqWdZngW)C4pck0S4RoI<gTc;^vZ@C=m}vVPV#ey|!%8+QLo#I^3#DKV
zopIOwVHgR~a>%~DD7}<IjQ1kP5QVz4RnG)v4a1@4Wa8A$s3zzR!d!l`wPGYV1gp=W
zBe7bhYW%Ooo+RH{cPn8PfUj-YXR2EdxRB0~&LFIQjOvK?Nw=9vN0~C~V<z3#Q~<hw
z!+JtL&jD5u^6}FR7oEXE!|a;h^2I!M_*uV6`cC}Zf}^^!jfQW`QeE^grt9butgK<=
zS#^=_qM9ltc_JsI-$P1iWtNr86QoyXN+Q9ZNJ+N>jr5)}F8+;ncjo6#?Yq#x$lSGq
z?cET0&tM*3CGS{+V3x(qLS=Fr6_Rs4%=%uDy)%5<s@^Np5EHw@g`$Dcly_!xlJ_h3
zn^9Bgu64f1&lR`~<!H>Lr?^|U7YthOT7J&E4!JX|8E<9{y4u2fQA)?c!^%{pb<*Mm
z4vJx^$Thyq-I=b^6GD)OB8iqr3wGKY79*9#eT-d|eVNcsM#-&xDOMs*=&rSLV(@<H
z!qhQJJgy-<(=i<_>zx+{F?sP7BA%OQUcwm(Qx}zRbYI-Hv69R}KK^9yL=VkzJ4Ue|
z#*iE8NFm`<Hy=t8Q6(YP>Q}tVbh_Jt&3U2F+TkT&u}FP-Sn;%FZXeOVdIiG^j#)%H
zciz*_f9_eXXKwPJ^RI!4Zm~JnhkNtEyCRS{?~5csHJ=ly{^kQLOvsH<!MKQ-RdsBj
z9~3KL01FzrUMlQxnx#Jj&0E;Bz^~MF?F1vw$Nl=>*bbNg1K`GO(B}(X+`lnHBn&pV
zH7>>2p$r+pwDI-~^l|2F^UnE3>=>OO#M3>T<Orl8^Z(^3ham=Txn1#XY5B~5%HJ8;
zdthxpx1srqB(9MRBym%Xx4)uW3q**}t#vtX9)M`QUvf+!qhx86n17AhRGLd(VpD1M
z|BX#0;gAv;n@U;#M;l68XnKbYrDn0Rf%P*ccs+#rJ{?`1fV|onk2#sdSkZMNl)Od|
z$B0$Q)?KV|`k}iEvY{ata-pKzRir$TZoGWDKGznd*g|-|i*T)vHU)V!r4!S9AW0!j
z8z6Dg#bS#o#*CBq@*+J`CBIEthDz!N3_3Xw<gM@0a8OEXH}154`Odm{Df0}YXw<6{
zk=SI)<Aw!{GC448t_(N3Y*V*mp~+-=$;^Bw0xMvGh1X%D>D2)O+%K++OQVIqpja&4
z7OADgph3Rhb-Cg_t33w|Ri%BU@V#+L9V@DuD#XzY1Xu3g1`mEyF#luGLoHN`?qAj3
zu&gMv@kZhXi?$=WwFt=(e-nj^q9%rG-;#Gr-Bn=`XQ<<pdRub1doUjns^g+YIVk+O
z1i9aqSp0mU&-p7KFARfwht4YqZ~nZ)QJu`e?K+t;`idE*BJH1A7{5}T%*nYn1(nWs
zxC?!0vwQ8IrW|~<=bxuo3ri12z7~QW*1HNL85ai2hW`7Ew@d4a&5XlfTR@&jC&cK4
zX84b1`7fj_I)H2t(FYS<+r-^B(Z(x1R3QS#yIViMhjkNO{*F6Yt5KfAOz<<2*ybi6
zJ4`C%HUt2qIe`TJwk)sGU5pkU)A+~;ytWmfr8dX#4u9Kl@BOiLCAtfQ^){2_DRpch
zIz1~HEA3*p@$P@lySO9o_tl&WCuX0Kago0$XoIpip<p4RdL~#Wgg)B}LHnc{SFl!=
zPZtDUd)G`lms>F$4HwTtimZ22K3gN`+*!nIJQ?$fmleqk#b!gS=QRARnH29xhq2iV
zq^$5@?Qz0YV@<AbxCa?|F7y8&J&&%lI@WzYMUc*p!Gi3APJ;HBbU<j9taJFB9>HMc
z;w`$_u2*dVph}QzumW)H3a_9Mwq+0#jOAz0bvr1dI0u-&&F()}?sWx5vH9$e$>kRS
z5w(I<4(4Xvd`NgK-rjO+mS@bRvjYAP_m8<*8u{%XxQ2s8G8)8nkp5-YC<qcd;eP!Y
z1aWtt2)zdRk*avvJR=M2W0mLw>RklT@Bg*!1~4q!olRfc?%Mjb?ef(0y$R`|#U$Iq
zoZ{Xz??6-)Q|kNpFI;7N`VWj2H>`v{JSLKnB05Aq&No3fE!^$Q8Q^&?FI!?4wSZzO
zv}c&nCEj9csUq>et7TtH=qj?7ME)k9ioLYA#J*0&KG+^Ryq)2eq3*-5Cf8pU9dH@w
z@K+47G8E&~j&czU_sDK^<ZP+0L(lQ@`f6zzO4})7Y9}Fm|IqZ^E#VaeB-dXf0V*M+
zzkJH#qZ0#z&+lvbY}6B>Wr;{zAhFsyujPU@<Ue~=eX_P*TI%Kg36+!oWLE?ex{;C{
zf<&o}p=l&46p?aDEzrIx3@+kK{X9BNU!yGx4+4?%T`#m=)IO08TZJD&)#7;n<`h*A
z<mTBh!7I@E3ikS2A{jsL45UAiukFpx+2wJHXf#>{lL869aI}7lD0`Z^*xaFg`obhF
zm9X<%%e@8JdX64f<mZIE-I4nAp9G{G6kS1)!hanJeAs`b8=Mf@;kPU+%53E@<KF_?
z9D^6!sO>lU+n)ZNR5j=_{NaIA%1mBRx+7oPGcn-&aS_*!Vi#$Bf%P-KV$oRAEuw?f
z_35ySH*is;F;Of2anWEYIOnvdKiEL>@|{kbvpJlAzpK$=<{ExQt|(k(NEJ|AA-01{
zj0XgZjDpf8G)@Qz6#TeoVz&a;uGXaSj*hicyLVYp=yukZ-?$Rf5~Z8{tnJHfPl^hG
zNltaFm0CHGU_okhbHKT*$lrGPqAC8iE4;S_CtFp;(4+8-c0Dg2bCWl}+<#F<ZVC_Y
z4Z+EA?GbuLB3%6P)*BWj<r+M^DHLm4CXz7OEq-HgKKI{h-`alOtYLU7nEIZammD7+
zvc4ntxf|P@6q8#}x@&Tv;6<)<eJ_8|4#$Vb9oCPzEO4?m|HUGP?IT&2Hk#he*vycb
zU12n-T7=g!>$-8<B~k;S8)zY5+3Y=fGTHUKS_WT8pR4G8y2={fz8fKnU_$R`JG}jX
zkPMfj;ehI8MpxbceeVy7T+i?7{#9$7#aJ&r5t-flkf@ILuHDzd3UWGwkLBefa+bN7
z<>|;du_O&_xQ=#zXHp3;C!olLC<iqmtu?{+v`Fgj-32)-#f-t;j8T`$EQ>`6-2g=k
zoS7#DhPvjsY?V#=`z#M24gi#^6O+a5<w)+h-Eq4>gjIYc{cuU2N7g6{6_H+!FlO?n
z+mn;b?wIbFPBL=oD^7o`D@o>~taOmSMV~kCZXpBVZp;^eJ6Ey^$L($jPL5aI#ekWV
zzsS%VW$z8FMV!ccnSXPFIW#h{rtNM4U;-F{mWeas;w|B9)1PZ8e{Z0-e{5uLszkmk
zalAz9YQAUiu9}?oIhjZW8l`Q{Ox@VJ)MeHY^xnQ(r?zQI35%C3{ZG;vR5_}OMVpki
z)}xns({}6o)&t@wA>0K=o`6~zLPx_<W=?(Uu3gQUI?HR{A!p7x+tb2QklYyv=N)%M
z%Sh8FQU>Rg-HGeIi?i%jlVJbpy}QUvN~<2UyJc7RSJbEcoD(RKIsD&R(bh@%NM7=7
zs}BcfOz=0w=d54SZ}*A6Sw&;a_Om8iK9&SLSApbt`U#;^hBgO27}=Wpf&><6`-|j*
zFiP*fi{qytHqo;W#4GIo+Ey$QNO7kIs7+jKLAuT)i9~QAv?*34WWgW6Zee0EpXUS;
z7K)}B^n{Mx9Sgm%7?2)8Q)rBd3;uE);6vL2Pe)l*;re*P?s*6A$0pt&IPEBmGWd;Q
z=(k&&9GO@M_^&xmGjoI`9UR<b#3AqluW@ZcDyRVFwkEKfCV581<lzdstyrFmt=YQ@
zS4d6Q<H<{obJQ^W#+&Lyk_@PUYKpqWFriM9U3~2%ib^;ghb$VR#?LXn(cRvrts;8p
zc1hzuo9rF>jl*`srf-;)tEkyGw#yUJceCB6vL{EdaY4Q_6pDbProzu9L?NaW*977k
z^@{Se6n-N72i2N@X=ef3OP=dMV^p(H+wSP_OFF{yPWXCad9tE0d}A`g+(reCM7z6j
zh>x~=t7_F&S``w(D?x6)`lrZZWQcinMY3duWk;KA)^&H{Z!gAKLL=FoCBa)H02w>9
z-+zo-miyHXgpe0A1Rl(1n)MWMk53{8ls*2o*&g`(nV!G?Ygc$P^=fMr<&rsUqFwzc
z2(;@hp?pR=%8kZY&FN5uR9+Ca&9-&SOKw^&OP|3EO=E6hcIQDwEbW+C|BAVvd7D;m
zwfo!ZY|F3vKgQllZ1C*=ixa^wh-qGuYMuz@#P-a;R-=mO?13BzM*qi%Y0-h4NMspE
zCQGD<%@IsIQ5^?%>k9qhbg=tG^hof!n!x9hP-o;CScer2T8v+%)%O+%^vU@+i#9%e
zchhI7=?d=kLnx+~TyUJWJ28bdU|v?dYumo&0=Y$5oh7)Ks8dxtPC2&#3-hS1Tv-Oq
z7DW$%xI!#NCnq6Y_q_$MnlG4s0)k3};>i;oono;@Itzm-$i0OSegcdD6Svv(gLl8=
zz<@^W4RWsO0TSz-h&-Ly?2w0ua&`Dq{Ut^4(N{wpwh0;T`DE{IF?>|IcUSvV9w@a2
zOSn2b*8Eu5@o{l4xLwO-v4_*8jLXDMlIWaB3MAV7I=b6fO<E+RN-;L7js=S$e}qek
z@3J|!iAgcDlZ7XInw7E8o2884%RwbWAad);$T3AuC>a242w>`vf)N_qvMv`G-RQwW
z!3eC~qGNRB-d$e<Xx{65toV(<q2RqM53oIPUS(%VNS8wcC87PewAbEU`oN19IW}xP
z7Z*7;ga=7nbyy(ElJP`2cR`~3qdf|>QYQ-$gWH{$cv5z+e5<kN^xoaoJ$CC3W6Q44
zzGj#44pm#cFPyN8y9-^mbwX<nB6et7Tg<M3(S)4!ORsR+)<KJPXrJe2e(PYvtxMgF
z#^?D7^<EI0c#g7P+tLz$c0D-BY<ga{QD^2+U1T@@6_dF`sYkC@vw5SPT&|Xlw0@Ae
zJGSqQy~N;;x5wUHR8;o&PCI!4Y!&<G+xCOY>}%Q8yl?%!ki^;(+PnMF9^T7kkV5C_
zkm!CI-AhkV?%j8VxdA6~@KfW%C}QJf<6LOq`EphCA;b@u{2hC3=!cBB#OMgxu=@lA
z4Mu_aF8bQZa|Rpr=!RQ-Dck7*UAEa%gzK14GoTwU9YH5`FFYG(39hi7Hw=)V=3Mom
zAh;r~%?wy00ciG5TOYnjYils#h`3~^Bpg7(#1_7)bSk{3yarc13kI-80!UY|K2dVu
zTrx_~!R^FYzd<TT9Z=6)nn~GBasu7k7H9dqC07MbrhK2l$!(2z&C<uH(uulc_?}@+
zL{1FyjTCVb);GAKf4#**3h}CPqb%Fq`kX{#!X+KBuSHd1_d)fbHhp)u>~7nCVDIiT
z8xy=I#a?A!7Zy{3i4T2_)Hk$jgcP?rFl*1khbk=F_i@H8^pQ*&77}XBT%5p861_{X
zH-K*TvYmC8iFT~khaE5^6tQ;cWLH3YMbi3nEZ$zWwL6t~4~MG#oZI_^e#obWV=^QC
z=WeX6Muc!bhX6!G1F1iB8!et<sQF^kr+HOxEb}^=&-HIQ7LNr6hjl0BPn;<`#RlOx
z+v?uU2fGlJB>wfjlpS><4sOHlh(k*YXUR>)-H5{{|G5d_4;&gSswPOWMi}8Ohi1`p
z&Rs;nwOG}2t4y}O8%)JnKsnrHQ9=E&TntNBi2-t9wYtR8V2h`JAR9_8m*65GXwv^$
zoLWj~BkPYY=sB1yL1dmayI?H5a#8RGfL<4w<Dr`a$i%Ic8($%7Y)UYD2L3wxlQ#1_
zMR*T}hCt2`o2=Mk*^1^<A-h0GNm-y}DKPf{g@~%~?lT+WJp*m4yNNCRi%V-!J|rJ>
z&%2o_<6nmN1jYs55S~cN#fBro5b=VqZAjq8UbLw)KMQYY2&ut1d!ubdy@HLSr=9_g
z!}$BCr&e{-Fj>^UDZ~i0SU>QG(o)WXJK9#XQNC@>k$$$-w^?ff{$`&D%3n!HkLnZ=
zE>cP~e2g<cEkg3>ozPgx-oGI}bT<PLt>U6<I%<C(rD~{C!W*GupmuwAhX#>|MtXO1
z*(94q!lLao=xNoUvkeDTgVstdq){6Bl>SWsmtzT9;kSfd)C${p7+T@^@VfSfF1if$
zYTNQZ(uR<dp$U$@heL(gWNPDp(AnJ9U;7}h>0~^VZFp#HSQK)mZ1EdOix3Wbho!PG
zT-<!53(ZS8ZPT2pK{ZzYW*@Q!wF8)&DW~hqo)}_&i!;A*!S&kKiy&d|n6oc@i_Bv>
zCFOJoTn;%*77at}>4tsGGjxWMAkN$#w(C!lE;41AP9#Dyy{lUrkRHai%7Apm(onPV
zdm4rqKDH4r*4v&uhEHw^NsY|Rj>UOp@F}02jsI-DZN=Y-wK7gEfzWE+vDpEns~w2(
zr2`Y1&vx-|_4!+xR!*_1D`!^P)H)76Wg$H`cVCTJmSmD}@n~&^*4%tH)!%YpWmmbl
zJ(~F7gq0KH8UdFUe~WMBt=8}iQd?ANY?svD6e$QXLJB&ya!Pz7=%r<)O*<{Q9h@Mk
zrdh=&_L!6}E^N~uIn&-LigA&*@<!DNmTvY=c${)cffiM$@qd-2&z~f`ISgbsg~y_k
zhxi27LcxT9b$wK~QYHpOwf$>HYAnDe{mvfjM5W(jU0Q06q4%A2P<7P)m8Ck|afdn*
z0aRd)M<E5|DT)%fnI=j%Y2W-&h-m1qz|j}!m)|WD*(v8<;DqqXa&%>YO~_xXgrS+}
zJ2%{W!nU^1;tyqseY-;hauF()xwwEC>uBh(eSjDOGL_%Qd2T|eA40HH3gFPJ_XVI}
zxk>npgb3G`Z+&fVZ0DN_uq!^YgxZl#CKRrSuxLquN`gC3yb0qp=L~7@igL1YtnA6Y
z-6T3V-h(EP^lwzHcie})3^@eD%2%QRNL#}o6+>`!h&iFHhgHY;;9@0D+h^WRZlG=o
z7I)pQ`1gmE;##<mt8^=<qnOhWg*juZr>mmn`o?8>!e%w<zgU&f&9Sn0G&+smZvKn$
zfacH}L>@ofyH%LK!F#*WFBcQMKL|Jajjos>yZc+27A3TSSrK}QxV~G)dQ*H$tz*5<
z(UaIH$v*BIH`Y7cf6nk`YFzP~govbN&Xxoxiw82LZCQ(?zK~>FRzfFe$3nlxFN>0c
zbT`Zi>RH0M=_LlDjAqnO{bv)rht;GFU+w?Eo@ZOTC0O^8-$<-Y^y_zqKXsKh%ibyi
zibyFOOq!#ODp-{ozpTY;gM&9iN?OheH^MGesEG0T&W`mA@tqxxo-;oGg~WQOnYNWX
zWFy;T9xGJM%~~UO5Ol^{<(A|PN-ji>UbHTiseZeLI1{p;XOKH6g^zqRb4Nii9cbB<
z6f91`;?a9<>v=&yOXVsP<P<S8t8ZBe;tdpFA!Hr{GkpUKV5)ntDROE~peItm?=vik
z7y~Ovl)T^<!$bX2%@NKK+>{)g372V~sbBXYm^xU*OTt@b!|h-!i%x-SMpQumd(Nzh
zdRGi<aE?GpXHtfztEqQ{Dhv~yyQbx~MJQocxH1t&+>h53&Ai7rz<sha^n_AL3lDD(
zG!0JPFVbD+U4NK)>(`RRy&EbdxBKh7FE!s&{+?vHC-ev&VQlF#{avuAxn9B+xj8d>
z5s9pA{j;BuCwc!b@qi9xJlL*4E<!@vGOy!F6E-#`6MCo>S?>v9=oX<bmChpxnmiw<
zOLu~|B?wJ2Rc_*uyRn$9aEE&c&;VE4hDd=3$EAQb2;mS+hmu88(^sG!)MxH*7sP1Q
zHt8p68{5bK=y#sJXlNNsfBL#(wFdgMVhaGHNNK@ajdr$f2$pV<KA03+EZxXhfl`cj
z(G{nJ&6j-^Uajw7l6MN%uMc2jHu(svl2>*^Lj$3SZ2};m^dI1xr`o+HDultE>x{p<
zF(QfKLs&!bw**v##<~JrtZ|mB+WWX$cN7e2DOld@J?heKVf#ih!<5blZ_isbKDhv+
zc6lquUnY7Xmlc3c1qWQly@pswNpxjyL!?qV1ZBQ)PfF)9XhpL&(2D>6e%B2=Y}|qC
z(#buE|B8qU@|<?nVWU6p&;Zk|;QdkiVdKxZeYm7ShYe?p%i{e2Zd1fLt~qR6kNX^#
zb}eyn3vurB!$t${P26c*=HSCd3GM~l4qVE0hYbgAG48Lp5N^=*hmE^%Kg6}*tQm)m
z9NZ(gS8)e%{W1?5x8pS2YTRh@{vz^>?OoX%<rjT2!(x7>YF<o$QCT&+ro7Z!UEx_g
zdw$7-<@3$t?SJ`RGJk$m?d-CO>he<0?24-PPwJ(lva-rsSz123#{1v`-aK+kMeNTW
z>oMPzd|FI!YRtR5F6rc7+R1;olYdMn|KHhUVt>)Th=vJiAogdE_3-|2C;zpb;)gnY
z@7L+O-s$@_oxYFn^!;cj|G-Z1<+7F7-#xJ&-bDvI_9q00*q<xb!@J0q#QvINJ-l!1
z<ac-SZ|US002up&%zDXB7@e`dTVp-E7k2V*>*Sx>$-ldkzw?}(*XjH9o&2|S>K_5~
zvA+jmJ-n~$<d@4zVt;aKi~S|XdUzku$?xoxUW}K;{^C3NQ(`~z-nEmzUnjrp8?nC;
zo$~9_$<GP*lAq|d#Qy%#$)DB9|MS?$yo<?_*x%)`9^PG@zM~{{$xkjMiT#a;_3$oC
zkJ#V%PX0}?A9?TI$$wcVzpa!1-A?|#o&3W)`2~ZB{mBI=u|IFDhj+PbI`$_to7kT}
z*28;2r}%PDN$l^&PJTg`V}HkDJ-pBE<d<7cVt+}U@)J7@vA@2Z{GGg(p0Sa69~$Eq
zY)*dBC+E&ff9B`dzn6YDeJYDiAO3CFOPzlGI{oaOerhKiURtuS<iU#hY>Ls%F&Y$G
zF?o-+J-UW$oqiG?b+PfI>E>2d538;4%pF!)UOT^{vb@CWxg@CM!78ukk{FUp$M41)
zM~=Mt#;lPyjTt@a=9@>4S=R|zSv&nUyDk{_XJ0U`?s>sDlz2gg!58b`{rOlQzN=F$
zzC(!?--HPrWyQQn8u|GwmaIv*eC2EZBVqC*Jibdx_p}~;`VSnGe*KW)*-`W}`h4%*
zci)Y50^4GpR4~?M@spgRzj%HL{1W*^!{jN=j^me<l$@NB(zR>1ZmFr=`I+D1;v`jK
zVwWyymtSE?PD<(0HL+VlYJB&&<W9eoPQRp1KPfl%_lPga7wb+_`B--@Qpt80ZjFmi
zNbHi7oYJ*hYWK@*)Tc+!UcLMD?brXx0RykP+CJ!-Ytsi`cYQ|Y4MT<w8$Kc{`^J%@
zM&ESvn4GcW#^>HLA<r>!k~4qu6qozf+X@P&PAj^7`i$b4cicJauDkEK_rCjQKTz^u
zX<7N4hvrs1Ja7Jj%BqErRM&XCi)!l@Kl<3?OP1FA8lLbkTmIyVmD;Mn4}woU{mc)a
z{n3w~`^itAf8l5U^Wx8c@zTq`{ME02^V{G3{*_n%@W=oC)1UwH+F$?n_t*ci`i;gn
z*Sz)iKi95nYF@u#<EG79wzh10=iT?-|6u!$ogaSm@h6||+Wpy{&-d=zf8gMuFAjfs
z<ftAx7XIq^iIb;JfBnt3-<@e~JA3Z?^RRAY9dve)E>aJJ(ZA#${TaLNhd)&5on2P`
zp!cDY`5qQf=e=LzN=DJAnRomA?3kzOgUn;0Ky^G9R@GG0%`PdOk1H*&si|39<0)S-
zyghhbr(blhmNhSvExH$r-`>eT7k~Ra;9Y*+@|uO^3#w{Ls>>_OA6h(rK~-60Np)3O
zO}S_BgJtC&Ap*qyvd4@Xb<@qGMrGYR^5(3Z(W56-mzQ|Ti|6tvE2^rR?@@2F7xFs0
zrsC1^h1KOX<<*PIXIEC0cq$f@7rUnCJDjtNrcEoDJ;Qx>z8Qa*#2+T{i>Bw#$e(^k
z{_LsKpsE$-N7E0BrY|omTRgeMlU-O+Gw;UHHx)<xH+J%mjQE|?W=<@~pFMM`Gk<!4
zduqOOT5)l{Gsf?j;fnPaRF%$~6otkW<uy}FsB=|&$l{p`%V=+hzo@FFrsBc*<@QA-
z^Xbd6_tXGRJ@%6M6(u!z?bRif50%@?E6eN^m1X61_Dp;2-116$&HReeipq!V4|J?A
zbKy*_@=W#4FD|cMP*F)iWy956o9$V=u)Jn?S#4G6Lhta>IW@B%@m6_CW_xQK49?xS
z65OLWnGfRZ5y!)FHLgD5N~zZDiprYu%9;vK#iH_=l@+B`W#xBPRhQ*gS65X(R#8by
zD$49Niz_`PbxX=CJ?u*M$|{e24#%ys(yGcz&Se!<m3A3fHjf&Q-CN1<m(DGrA1bTt
zHJ+;K5*l5zu%xs+n%$fVzR{N@^JS(iwm(=!X|?5Lmu!b69($3roGz`Zbe30El$SZm
z%BtxT$D)!7j*IilXLzbB78X^P&#9<W^>v%oom918VO1rSjrgZ6EU#w1RaF+2FPL0r
zPEr+rGW95~_LkDO%0FXaNp0mF)r<vQFpor($Fj3mEh?{`!#T9DWZ`u0{PH_0s^+Ww
zCNqrWSyjDwdig`-KZQZ}m;sUe*u|%LJ=5k)l<umD)W=yqzhXg!r@XpQ8dv#HQAstO
zfj{znR*A<`J%jll`JP|rkrAq@v@&ku<R@#o`ToPke%$EUhYbtvO5AH}IM-KysoZx>
zhmAX%P5&;Quj0?(dBgg{#xEn`^9Vb??y&LFKMxzZJZ)<a8;!W59~?GTZa-|?jVs4J
zj`QI5Kk}t<9QO}g8s+rCearhuo*Q_M<@slx+i+L${xZ)axEFBW;~a$DhZ~F=in{|h
z54VGFyKpOb5Adw!xftid#o?ymeoy$bxFxt{xJ5W0;bpkDd4F%#mqyWDUm6eKp26LV
z`xWk{yT3G?xKvyv&X2nd_dIS8?uWQUTz}l-xK`5S@;t@!E}pA!Z{Z%od2xTjt;dbP
zW#IPV4iUG7=XTsnxaqjx;Vu#$!hMR{gZoh434a~e1J|dFG8TMk48Z*e_gHy{dk_B&
z8^1IPaFw{Haj)Ta;J(IXZ=xNz0PgkIj~K1EvHv(?EWtJ5;#VIrCgYyOZN}}`aKs4V
ztQ(IQ{czbhH?9P?823Y*nq2?kPbc*9U%b&|K9Ta`7oDq7e-TT|W1m|-e<ARr+U}VP
zT<|_vTD4$7No83^P3HWH2dhh}7mp~dsxBW<Q(Za&Fj75&r7@R1Xm~YiMW7})sl93r
zKtq<)Sd|Ol#9mQjuPv#rWIc@qyqa*Uy8Iy$0B%@Z_F?u2e6ugCt^y<g$rPOKfM<iK
zvz+(F;_`4p>v#b77*6Owg8b#+95{iqvm>sAr@-3>OG@Vfjmp_R*{<zuqblzj@4|)b
z1LbAW_SJaGRP)UJZbVHf)hVNWoxii+kMLGj)Qw={_^;n(GbMc#PT2umvZ0iDO}J<G
zRM};xngiSf%HpdnsSp@mZ7*L~HGjUnd=b!ctbI{MHDJ>Ih_~EZZkK~Wdq>J{Jl0-P
z!}hJfy_pjoT~=owZ=d8Sa!hg;-({wsQ&To}>_XzwyejWQbH|QVw7J=H$^dkfBi%39
zjJ*ty&UR5=w~$SQ-dP;QFQRAWC{i88W1{#?G+t+aZSGNH;Mk)^J?<RtS@%(6`E5sy
zyjzbNb-2Ib|0n+23XU30_}}8W{o|v?UffaKY1~;{mrsrwc3dW|0XOsirMo>Q{<AUf
zlFu`^sRxf558|H1{SLPVcMRA6&{1PJ?i{WH_Y>Th<429VaF5|$#QhUzIdRmOge$}S
z2Db^fA2)opZuEIvH_~y(KG%)Kf76X8mg~lz*LCAMT+&|M7_mz?PW)ImzQ9e`XS%BA
zbmKL`pZ`=h<UQ%AZnPZJjh;MXorD`lbYs`=b>k1XO}O`Qf5*MtrW<i*JKUcmehC-n
z!ySroPetA(TwKis-I$vgGWvB18BW|$-m7^20T=8ZGB%&njU_yv#MR&m`h|>-`*gVb
zB7O-Mckt?vajm_>or(A*T-?okTO8vGBJUC|?u}s~V>#|++^e{!aNEa*jOTIdakg<G
z<29Z?m}|N&JkLE8GOmdDCA`<ert878v*X-(%e;#D^F7ri3k7bK*Oiw}oL1nx@}AKP
zuDs`F+!$QW0#C)lu?k`i8)mnU&$ZuOUR~v0xM&parYrBsB2G5$M%+l;s0DXArcZTG
zojk2(ewAlN$)fT}fY67kJXQ0ns^&cojLN`e;smzchZ9(L3+`T=(7r1w=TuEx>?s#q
zEWd7HbuGx??Adou&9vtNa;xSGNUq4faf}xS02yC1w_*W+!M*^fT(-E<ZXb4w-Bax?
z7esO%0Q)xF9Pj-30#^m!T3BL2z25kzPRpNlD*)hD@BGEZ`O^!_ybB%_ybuBUB4`m+
z4skP!r&WV=O$DQyQMI7FfMXU2UFCEzM|Wj~XX1jAg+;)yO1=wVnGEJe)|NuT1%G=`
zP;a1@oWc6^JZ5~`<Cu}eGYxlv_nfPa87a6yxEpb0xSm6f8K-YJW+d?JjyuP@<T*$E
zj!ckui>0mJe4eU*_T$1XADr?zP5%Kz3*>h)a=tq?VW#?hJYf#p4A~><1i_<z^Q#`3
z59p=tvsDmJ(9F_#vmC|6(+eF%QChB?3gt)Nv5{5Q%qTCZE}dImou@)AmZC`b+>)BP
zv)KzdG${OYQh|HYw1R2VDRvmMpa#TPc3RGN4|x{=iLW1Lud1BC*xogQcwcWXudAr>
z)Ho^^-ytU$d&Yyzgc|z{>QwHzV^rjM)AX4$if0#0n<6-<`~=~aoyA>Qqvo7EW!`Zv
z5VDdziU&ws>9puRD*LVMtI_?_9`QSP%Klmo;#*y5zov|_mVPm3j{W*5&9)bD<j0v{
zvS0(nY=dRs+s;V*;g6aJrsBEY>YB2W#WPAg-fEtc%O9-vf@n--!(8xSd9|~=R6R$O
zl`k5>piG@MTlL$l{He1G83!<s686uM!ss)<*x|%Th0H-Y_RlEysPUT;c~0iMR0_{Z
zzRNz$z9)FTeJK0s|HIx}z(v*cfB$UnA}H8mtqCY;Ac81L2uexW0>ToKvV@o@irwAa
z-QC^Y-9@K}I{(j{a~2lF>$<(-ety5_`Qz*Dcj`>nnKL_sW?{p|8g(=v#xZONqRhQt
zs7As8Gd_`FU;?N-6Ll0E1C5S-A`Mo4BD#=zKmz(~`b_qLRIm(aZvISyfdy~_*>^va
z{r5hTqoC#e&*UIvd&sW94fue5AP@`!gTW9m3Z#OmU=COeR)LLR2iOmefwSNWxD6hG
zm*4})1O?zb5I*=!DuJq?4v+(VU;^5L4!{m{13iG~;b*c390pF05Ei5_WDp1ku^<T~
zgYjS*m<yJG)nF6Y2@Zhc;2gLL?tsVO75E6UKq2@6M2|lcEl>^Ufkwapm;wu61MER}
z;0byIe-HwqKt?9Y0h|N(z&kKB`!neY1_34T2RUEiw&*i?&B;rmG%^bu22`!vCXIyr
z2`ypYR?ST(HT9o8`=8o7SKwz~nBDYDBb&h~K-Cw=q>-~=7dQb90_oy360j(ZG+dQN
z#&PQOm1*Sb&NT9JX&TuFu7gwH2yoexMw+cpBUX^cKp*tnmPX8A<^X94T7g*`(@2Lk
zX(Sm^2_nHkgtK668qom}U<ksf1-SvwnruiTT9837n+&r_(0>9~V0Hy^0iN}RTnpO4
ztOMMwh1t6uX{0jLjnAf$p}-M%gBTDDEY777d!PlPKnmy%7Jx=zCJ+HVFdP)(85_tf
z$lj2Xz+n&q;=xvM3YY=|@C<x_+l!Dlz;fUT)`1@|PXjN&8}J0&hxr~*4a8qS+Q1aB
z1e^lfK;lJ|1#ku1!5J_GJOl&5E#L_Hf}_A1j0Ek#B5)ae0~^3TkO2gjkSCB~pdr+z
zkeZOX;04sP!F$jNv<CX1C1?U_!%aS<HweFmx^W|o7~M=G1HcS$3gm(2x6;T`*w?&{
ze1DvVvsMr<sJDS<pfaB82%^9;Fc@w>QU4yn|96Np5WGj-00ioxkmJA<FdHlaE5Qb^
z9qa=~!5MHF+yW253-BIffPC-`2tFXaKo`^o4MB5Y4B7x|&;>XH56}|~016NRlwc?r
z4JLr;Aexs>))Mpu;3Ei|l}?iW0{_W#|B0JF3tQ!fO8%L9m3_pYq)FYsiqtAIm8AZv
zt5xBs%RjSMcl+N^)A;1=OeZzBq?1-a0hR;j6X~S=>2%Ty+y+h0rV}Ud2Gly2PL_f_
zaC7*4Ite(LPC_oH6YHz##N-s}3gkh^+mKDKrIRS|283KsCyzm^8|ftTQ99|EkxrE9
z>0}{z0&W(i6XDl%QXSX>9pDM(g4JLsxC&l@O`s5@f-H~##(>8l3M>JGzya_P=oP2q
z{Vko`0a{Qu0@I+L1Z<!l2x$Om3VuMn6NsRWg$xFLzyRP2EMQ&@jD-4A!fO(k@|tKQ
zz9u?gMe=JBS1W@dg_Bgj2vn(^K{i7YNJ`~8rRru-F9#N2ZQZiG<Mdx49UEtmC5>1~
z)s(%^p8{9FJ<v^_LCygxRrH4X9*73-!Dgcj^0Gw+5x2}B%|K6!4AQD?2C;{920ehi
zcLuQqZlDhc1&KfjMuJIT0q_jUAWwob$m@^{;tm<7_~-D2pZ}zPf96+AXa-4-%pgZ%
zGDuN$2I&Rq9hE^+CLqryLq9Qt$bt5x4003lCHM#)fgG?7Y=OI3%Q8s+r5R)ts0|KI
zM;QU*#jM=DCWENsyq?v2LfV4aYs+HCnYln(fn`@SNcX)cC&=-@5;VDvu&-s1yFd%-
zBajzfW{^ElZ@QU5-hzM|86@)-%J^XhIdeY)^I?=b<b3E2A7v1K=odpag`17{GRX70
zs0WazZfB4>paa+h+JYzIOoq>#q<X$2lO%#_;DB}}d8!37$VQ;BI*YhQsk%PY^MMJl
zZ<<NYHOVAzKu3d2@(9uvaz?XKsx;3eM}aS>UO$s;tCva6fI@jDIRvQ#_c{$qnGSXT
zhMD9Y<PbwV+c=Xng{%o0!R=F{Op;}sNq8oiWDnGrKmg1ojgSUN5y;ZdB%fPklDS|9
zh-jHf)<JgYm`Sb!L8na84!91?B-VbJWED6GCM9H&g2YVH8Tf+P(D#K50}0>&&>o*j
zJirXF6I=#MCS;O_z-nS9SqOdr&ncN?J${Wg0K9?v{H#op1NDkk$SbHDP0b|P(8n#v
zBul|Luo32z0;shYW|Dn)?#uj4QV)7dQ0;ss@dBNIGiU_bUd$v7K?{&}jis2ARA2Ra
zCK(T!fW#Xtshp(xrJ&YLlndlb%`D;~&LU~jEMg+dBH2(cgX|*7B4=T@6y_&^0A>$_
zSwsnGkFCe9m9ofmkOj5_9qlaA6Vd~A@xUMY7nQTfG{`w%HPEe+MaBaG%-w2(>RE(<
zku|c&IdB);ubD-j)X5^xVc!UH8t?$$^|HuEn01B>2F`V}hyn})$zU2d4eHd(A|t?#
zW?AG2*bm$dv&fR3S>y_E?3G2ffLnc7sQE$YFN3Eb4QvE^V6Ku`(93&gkwriQ&&}hY
z=HFme8G1P|1ybnmz+5HI_+*hh5apXi&VW8}L!ss;puYv)fG5yzD2Jt276}C(fu(mA
zX@KV_)VwY9U4aMG^(x?-XBO!I`;$Nm{=P!IDAc?VeyreV*biX@u&nM2Hv>>Upce=L
zI$%q178wf`fjS{sWCmoT!N{waQl7>m|3FumpGd^BU>*1YE`c^fkOz<skinosQWhBn
zP65%-EaC(vfD6EO9MUy5i+lirR8~*TD0?P?30cGwa_A&ZPt8Eo4CL!{R#G+PDfFK}
z9{2%br)7~0K&6V&Q2zk)K^3^Mn^hJsP9F?uKBp|5IlVVz*Bx18ILF>iS%gCM>QZH1
z-c0q}UzIBVb|Sn7YVr81{{7i=>giC0O`jp4<<8Q4pk|)s^yU2?S<ZeFr@zNZ{;snA
znLuAY{HYJo{{SjggmdZu$eRyXcptJzd6XGh<k|Zy@(A4F(11HpS{B*$Ig4BelfjOU
z2p8Pr<ijHLalrB`%X>Ao%8W`wFtSc|8LsNF`qz;A!5rADbBHs$0l5ae3Ct#+{y}Vm
z%KGP6POl2fg){e5v+o79UP3kr_>0KPJ=eUP{y*`z&0ly%<*!k>XU(9`nVwB_W@HmT
z4o~PKreu>@;K$T#;st&2tZa<c+2lE}-JVVA?#LzsARmG5zykV#ARX!(kmq(~lQxhE
zJF`hLFx$h@iIY_C3+{suP-Q<$15Q$XTd*HEg1$KLItg6nID9OdJUEQ_f$*c*<OuX3
zr?N>6&>gtnXBogrs*eYSAQfaiU?H5O`kD{3G0)5<`ry)|vV7z8+acFJDa)*<tbP;Z
zQ`o6fjWat1^FA-L$&MGSq-x4V=<k6S;1d||9C-?;R1pdFCy)Y)fg~Mq{eb)fw}2(E
z_?S(i!564sLFRtSCN_|FAzy&oX~-kkrNJy4oQ8f2^iQCE3AX=WImSt<zY9W0Hpze-
zqme^agLlA?mqQ}Jc8~*1_&LNCJQL@TTu@z-L)wCcx<7NLat?U}E^z3;O?mcL$su1r
zoK6lo0UGJ$kn44F$W!nc6afj$YJk?jvOU~_J)nhE4mkpzf-N0b4s(*~Zviix9P%16
zyd%p{PE!3$P_0uASp}JI3%6Z!h|(^HXxQhFN}Y4aOX%aB5NC%RGTb?bgu(1V&m7VX
zY9sd?Vgahd>^<Z>m{;}4A=jX81{sEDhk(&wFqi}!L5rXq(gtLL5HJ`#{|9L@0{%th
z5WlD#A_ctI91^5N`9<dtYIkll@)70>pgs-;fRQkp3+_U_9dbD2GRS6-Az(bznUFi<
zkpGYoplEmw*$7Gf7zrMLO5g%`2|GUIF7RVsS#;*J`X-RF1!bwr=}jQ#FU%pQ!F})<
z5b$^r;sL4w!QvdE4_OP+8qyuKggOv15ljZ1p!WhHU>KMVR)hUuIqY|XI!kiMdB_%!
z*1!dLf?k}YYD#}jCP8{}+*z7K)ET*q)sKga2QOi-PB+fX1JWKmT3#{vFfRsa91~XM
zkcz0fGKctsSHJ>p-mOLX04i1VfO-H31+if9YLv?wR#G)(6R?2UOUSN}D>kug=Oopi
z16?<xJRtqHutaf^>c;`eR<r}i$=l1anA2~A^xT_6Htb;~RZ~tve+@hUuYm7vv|T`@
z3I)`!z%Y;t3^Q_w4am>=nN{V?52ojk+L=GQtLRzk_6OYFBRNEmpG)+C6(@5zNzHym
zGhQyCL~~Go2;4sw=aMY&Qu5bWjb|zJc^>CS&EN2=GM?3k`xMo)($aW1!j9TgN&Q!;
zRkEd;Ta}r5I#g!O8s(Bse?pzcxkL_B?)25vDzm>UO)BuSEzGv{&Lw>~&OlxTsgqxm
z4^v;0C6HUdL#THua>*XB9~|N&RUcGSQ~gnJ0#Nr<PdN?Ffs35}3gmTgi_@#z-G%-E
zcnqF_m*5R}4^(bGL7mR&vmkRp0jF2F`M*^bA)Vg<0sLS#PehPXPEFHYNljfDYF$oW
zUCq3fnp!=t^kBXTWlcE&?tsP9UXu%9x#R=T9+XQqfGyxsILZm6f$yMlL@v<-EkOt1
z3I>2^kPK#mRbV$b18#tqAO{E{b4hj33|N4!pce=OL&0RQ1Z)Mzz!mTad;kSN7?n$^
z0y!`N9l*P|T#^r($LEsPfa+J5!y4wPU^ZvJ8*&Pm2^N7(;A>JYNf??-jEChCr{TH8
zawOsgIb{T%1B<{)umNlb`@kV^44eYzz$I`E+yeK&Bk&Bo0`I^lkO6W)0r(1j06xMJ
z15HpFR0TDG9%uj>gXW+GFafQA1(oA+NoOzxQ1w8N0``s1C9(;*#0^k&3r^j93i1q0
z0aV=&3<noy<&xV#XEv+Ogt`*cr@*2)x#TXVJ_z*#&}ts)1F)OVs(a04)y~jQ0T%&P
zZvbb&b?^|>T)?XHq1J`^Eoindm-qp7b=5n$q|LpG*>W5C!rA*mwgS6gMp1u8!MSP9
z$<C0b@p<H4Vjej#CJ*butfXqnJLrQF@<=@70_f**lBy}=pg%Pd&x0Y*3rDe%swwF(
z_XRaz-V6G{oTO?>7w88k=aDJE68blsq-x4u=pU|wKO6GMx=VS)cq1#RnxYGR#QHqq
z1N&6y=W>#&DM`?eev(HnKFcH7&-3v9lt-Gp$RquL^QSyA_BToXoJW$={<G&?;qEg0
zpNeM=13A?H7A^?Om6uP1{CuJSt3W4k3OoQNf_xGR`*xg+gxMkR1$e+*409@Tz!I44
z0+vu;;AH*WJaQXI^YX|tPEs|c0Q$IU`J}gQK6zg~pM=!NCqp3{)kL`967)`xk6>mE
zSp#xS)qFC)Rz69GzANMwu)9t^Sz(k<K5~+(DL0_++b*BPf)FqgOajzQh00E)|0ku&
zZyI)aXk2Jm<;_*$^I+E%%m-`03(&+epSbqOCp!J|$!y3R(8)8O3<lSMo>xBc1gpS9
z!1qQzg4y60sPB_cIsgTj2hu<l-+U76o{zQme6kSafz2N97w~)LlS&Aq7i2WJ4Qltw
zCoMoKsL>l`4FbR{a0lr3$tT|6GSKduPo~4~V&D(;f16aKp)Y72h&mclF|k3c`ChnD
zp>jKiv+GCgIJL^|5vTtnzrS&AD*ZwD)IXIU&p3AkQvI0*ihN=VRADQiruO3@Y21tu
z4wWkVRh(Ouzh|I-$C;^zr?OW`NiZ81>bD9S7nQ$Ms^VBtxGHys@JFRCFT4MNU3s@u
zPva4ZXXZfmC|3s5ep&_osp78gpUO-n)$LU3?eOaf!pH-~fR8-e7?4k-oTPU5LqS+R
zsW%Am0h>VqXdRAr2MA~xkx%-7^WY1(1oyupBC^!ZSIu2Bs29TSxSGAXABIt=+h88J
z1#ZWo&4cIQD#+$!!}xq+2wH<0paUlrkdYuB^asN^xeD?!_yz<CtfXp+6ZAQW=mUo2
z6CdEuNvfvo1Z&3Rld+>p=>z=;=)=mHJHd=X-L~iCjTF|bqGwcYCaU>E{iWv5@Enyi
z40U^|r(sb4<^t-zy#B}Nd}0B+!|+4JB<MwOo2h1=1U<D^NtIibq~@nMH}qMR+h4g?
zw+}}g+QIKc$nBsJc$u6}%pe7bLnp{k$j>mN)PcSVpmIKEuKo-)w}(6GhCb^7s2PR&
zOU>8fIVx!w>h@Gm!=V241Jr$a{q$-1WE|o<YivHgHzKTYD0grZ*rcM)PsChcGQyaV
zPY!UBswtnKw}!nQ<Vff(I7!u%Fz9WkplyLo&=2AyRa53ezYJlto|I2wrlUMLN!64n
z=x5GDoaX*MU+~<t`M>|%UkR(CXV(3NI9KFPd9%OjukivlFJ?oY1_ld}-=GhO06xg8
z5u6+eIRmT$w_v`TlQWQ~T8r{Y!t#95jFVJN@r3>+(mV%leWBmVNvftif_~3K%s0Ua
zp!F!99E7X|*$^}V`k*B+1+76l&=EKQ7vKf@fB+B*qCo-}0mg#KU=~;iR)F<j8`uku
zfYaa-xCtJB=inVk2YH|v@E_+B8PEZ>fK6ULaRk0#C~ybkz*I03%moX<Qm_)N1slOu
zuoLVB2f<Nr5}XAW!BubvJO;18N00>y!4DwHM;?J{Ko2wm2EY_p02^Qrx&u$p8~B3|
zpf~$9gBhef(4X^~ENogpwgFMI0@4A@>{&n-fpuUPNbFTWjzV4rx4=X20=x$qARiQg
z?|=ulA|M0WKo`^ibwGX42s8tRz!;c=wxB(*0iA&Za0afR2k-&CL4Obc6d(*lg25mj
zJla}7T5KsGL$?)>G2qa{0#fBs0m`$0G=E$`EMFFouV4wd3<iNKZwiPKP&pFxNrydn
z3VLJ|kZxc%)K#+!$PTDmW)_gqpgr{7U{F>884fuT@)_g`$Zw!Y4#I%`=GOv}2js;C
z#1VvnDc~H~1=8W?===hdTLEzg=G6;{H&_IAf(zg|=vAYTgo7bq9GC_6f_y4#7Lt3Q
z5Y(<!NZNxX4GYO?unAO>7m{_5bs!soX21xv23DXma02eY7xV`~ARNSkB#;cogK1zc
zSOQjqO<*TD0FHxm;3~KS9)nllBgg`U;0F*jDkNH<8qfocfB|UJxR6+sqarivrXur-
z%zoweSLVOt$M3lP-x%Jn;`}S~|J(E9zn#8c<@2x1|J(8Ve>J@SKmW`2)4x*>{wcS+
z+zZJ`j#U^_(lI7n!Wh!LNg)Y?q;^u6Q5nU_D{z-%SV$b(6cXLmg`{^YjBjlVNxWMr
zrsk}A5$wa^wi4{+P)~&0<xo4rt%?P3OVvK`uV)L4iB@pazL2y7_o1#2I~A)eS@lQQ
zjc8X$j@cHHY}Z2aq6;f`cE;EVv-b{#<XP83@(_0FoOLWDH=PPe9NeV9O|Nc+BoMfQ
zBrq04f$6}!Ss|H;=VOdnN!2PEn3SqjW|vzOlEcjl$#*;}bHSM2y^x#&HozVFjUXH9
z*O0TQ9b|pTp<oWwPkjmr0ZzV!<QkYa5M=?rf+m55#9s{;s9yvZlA@T3p>`B9sABtH
zJ@-fEidf89A`8h`$cmtLl+0h)SM<!EnLUJGorV+=FOUijf;6C!R7k1=1JD6@fE2I~
zd<1od77}C78Tf#M;1YNYRu0E}Z3O05kYB-RsPBW%fPiWv3yD6k1kRuj2nWN#RIm(O
z13!Sts6x^gOaKj&p$3bo99>9efbHNKNC#SD5I10yQb^oD4A=p(K=pAj2hm^`$Oqb~
zm}3Gf;0|KIEU*P!16e?Kd?9HCyg;=H$PeHQ27(mOX(H+k7!6i|)8GvdO~RZJm;w(l
z7>vG%Ito66{+G}<fo7Kr$=xf64<rw=%~iC0t1m>m;}=p5)adkuRDslo{ABlqd;upw
zWBV_p9UxG<K;DIPfIJ9!4VXc_88REJ0ou@a1ks=_Fa!Z00lbF&6EF+vd5|L@#{w@P
z27SOTm@fqrz;rMgOon+VI1e>H>I+GaM)=@7cm*DUv2pMh^Z`e}O|THW1JU3)@B*RW
z5^w;MK}WD2JOHxzFJv#|X;2JwpdSI50F0nEgRBMF0Hi~`0^|V~&<->PhM+EJ1~+^V
z0QD5auOFb2ay9)6$pWi0zK{dpA@~aFW_}@Ca=(xpAnZHK*1S@+%B()j@+%dQVcJEc
zEARo)AOy6mTtwOf9tZ?OfGwB`YJybo74E7)4hCsZw}Sit=>|Cp>;V11Ag~JT2TehJ
za2vdU+hdSt!5q*PEC#tSe*+$XC*Tga0`rYP3dU6_BJ03;ps9nnf^e`ID0Pd-STGly
z1){2m7w`j@z*o?{8r0x1$Z1_f8n-DT&R_>P32uR=ZHtH_2nFN7DsTq81Okg9A_rYS
z5J&~9!3ppbd<E6p6%ljL9YlihU=272J^;RD5orW$L4Q!ceG%~oqrp57>0d<Ff~TNH
zKoM~T<G@jn4~z#E5d~NZ?gH(=BH{o>fW06cGz)^?U@o`{M2aF}1LDC}@CfvV|B_%<
zYEDCZ!94I1be>*BW`Setk=_j`7swHilmMXE4E6pZ(rzd62ejH%MD9Z`JcBxPpokQL
z1uz?bu!tD!E+VxK6_EpwP4*O#^-%AI3_Z@eueTTe97er>{yb#QBSqvr2t0x3VV47P
zp+2*%hzvN1asr7*k-mLM2jr#gMZ_EI2QNYRR+Ql>JPXp{X3#N6sIS4?eh2al`k|-c
z7yP>e{h}>j$t5tf9ABYN<=}1oN=}1mz!zqeVyMFoekCbj6?hB21KUGi$#Ad~^gsNS
z41V;Li~&?02TebJCEI@iwWGZHh5fId`y=xQ@T<Z1uf!Bk84kMZ6%$F5V$!#1F`3=6
zm_#-xCR>^nlN|kGGSj4(xHl>$?~RH{TD@Y@u~o%Hv@Rx1KmqJUkar<lL3Re!fggAe
zGY`nqka`txA-0&*NvIfVN9pkk`(HixN9JwdmpHMQv>RG6sW5j2KEJU4)pLJj9t^*1
zhZJL9Z!r;$EGBMai^(^zb^^=OQN?8Om|`*|rI^f1EhZz!qa216ljX_9WFg%9;rZNg
z#iTauRL_i>SgQ7g+6rz|cIt8_{9dExmfCfN-v?m+VR$i_v#Xf&+JpQD#=sNUgU_G{
zoCi(z786UL0bId7m^nh8hP)2Up*{?m1NMW;(02kcpdM%e27*NJ2KG<EY^b+Gj)WWs
zynzJt1;=5&8>|PL!D=uC=3(G6)F;oQt^q3RTqq{ZUlwCee=(T^c7waGipe34xYxxb
z0Id30OuBzACc2;*=mgq<A3!UunB0N1fb0&c0e|ojX1yV=LcRj_P#=dBK^}%|1nCJ<
zfGMy6@n8}tgnbrR2lZ~qnUD)W2+#vj;2g~NgUw(&SPz!Nd^mUv_0*_uB$mS{`WvYO
zhK~70wt;6rlJbq*&H6@aWPc;6z$WJ#833y0e<Q6y8qhBIMod5qm<iT_^WX{i4(b(t
zBi2Cr1!^!HOa;rpJ5UIuMF<<T03l#LI1dcJe#39&zY&dM#1q^G6Tf{Urm^wLxIojk
z7M5ng0p^y$ihuyicEPQKgU#BQS+uq^GYe1z;z-=U)<JCswi&1}Rh=zZa<-x}4o53S
z(_;m_aSmgAloAIvDGcmf+}#}f9K8&2=BqLg2S>@dLj#%P0QL1v<j%qJ*!U=V&LU1T
zk_X6f2y9#cPI-!z$3!S_*p?h8Qw4_OSVkP+N>6w!wZ~)hph7v0HOHBcF>)L|7#5g>
z<8g7cs!|mL6T9g6h@dF_I2<X9)0(2>@k*Q$7^F}J;;dI3Caa{!7gB%eF|8#B4wgK`
z1|Am79by=zPy{hg3}lXC3=77QgWM^rtj9PlD<m$|NFEqaaggOhbaM9abawaa;p5=r
z;OF4$;O4ESbPb3L45b;9fHTqpaMEGPNx7;6DVg)1=z)|9c_>ceiooGoC<BEmN;F%L
zZS1j>`ufZXjrzvX@^bd7^Sk8K4u?qv;=El2q!L~Zj2@x^F9QQ&lp4&TRI0<KAaTAJ
zJ#ZH%Q^iEY<F1rM+`OWo2a<7an3DL_Wh-#=XZNkp^Xy_`!xH=wS}{H%yfQ{52Um09
z!M==<>b!gQGMHgFmaH*7>$tI%ym7FyvE~R(wv=#oFg;`$6%=Q6S;=wwRvgWAWmrg5
zKm?bsu{ar25gCIsKH1D*4=jcmci5!dpyhC5L*x>7)V`I8iHWL^N=@bZ`lW}7avlXR
z2Og_@q5<o-)E};ItS=vkBk-7Wk>&c1?mgWcJiQ#eyE@zBe;;Ri*Y0laROyJrGVPpT
z&88(NOvxmMJqbFVIVQ~5n5iblw3--m)x?H%jzgB^@iA<>3Jr@0LcQfufa9sHxLO<#
z6N5wDn6_7u8`{2@ni&GmN}f-WvvIbPGe<5XS&fa2nLZ)N7!{_m9EXKAMs-t0$HxXL
zppBsif%>4m<1E%7dbBq^Mmb0x91(yVF%Cw?d57XmRz{D5=@6n^5gd$@K8;izMJ$d^
zPEg3h;(qB%5Pb1qdlhs8Op^4CjZx~x%(;087iX{Qb8$g;gyYczf`0amjVo<Uk!W3L
zG^O6+!1KVc;3Uoq93hKSPw4@(I3CqNVG?3u1n0&~`;yZW3H4Qh&{Wgb$5`1gR)#+Z
z%r#`yxqqq#T|xPl#)u|VAK8gxWJ^L*)yxnas2U@uM<kYXcsQUsIs&;!i@Ves=WWw;
z(F0cLDX-L0$sFP*r{^!Kyi+qO@lUOWvEEhiyy~P_ob+l;yAPab-V+DP(zZZdC(v`i
zjggL6RiLE@g`=4{mYhPXj0?c==s^Lf2T@jXyNED)IxOc_5oCmcA~u0N8a-BlLuqj`
zA?F6IM%`IxJlg{VMJGn7M}+m68^NsP%$bOCrMhc5j<>`?-^d`^F<Qw>;}!@5oPvo1
zi*W=Yx)s_O(c|F!eGE*@LG&2*XcMra14+3?5TiQLo7NsSm&+C~Eszo`V_GKVYcU&H
zCKfbbV{i&PGi>OWvxvZfjX148R+YT4DEbW3k3``(O{5Jq73T{_u_;hFEAf~cGgRg%
z0R<gd<>kyv+^ZEXSM(@3Ca=1q_jjNN2|ETkF=HE}!P$%s^o(KWC^bW$sPHJ17307e
z0V1b+&_jpaqS@2a?V_WC!$RU?6+s^CS;34g^PeZmNfFB^d(z=6)`y+B*hSy~P)8-(
zW6?2;&35*GKbpgwlBw0+$p2u(Dmsy-mDVoYFcyRpo7sagaXvEbu$ZHY6T*TNs2OYx
zDZR_!_kCbS<KKU*WQ6?vN4YZO=39T^d3K`q`w#v+QNU3Dv*GW1T%kA2Xz52=haWdu
z{=UcmgdfaU@cTg{O=v%=S=sMDUowmP{YT49_%L^iit{U(5@1U4`(FO+2Zn1LN{eG|
zf8Vo`N7=dF?|Z;L7t7qYfLljs9bxC#e(an8!w8*mvzNI1zW3@+!+Z7F?(ci{w>?ms
zYjY99Xsn?99gfER?GEoB@S^N|K0YkS4~HIyu;TY4#0<J>x5v20#CbV&_QZuP_RgMO
z^z9YziOfZjxR8UH=af!gz1;1(J9w*&UF=}MxRUoRoxb*G9r}6T%J+(0vkx*uHs`jh
zr@M~_y&8s&v}NZ^KY77D&A4*3cSLnmd$lc@s<C4_GYT`4HrIe5VUh8X+!%!S=I98#
z?F?0z$UAfIiU_%}Sz{!hd7Ho+FN&KwV@{HG;NF+mYY3Q7=*h~sOaUVvPNELOi;F_(
z;qK+!%dfMYO9jrEF-Q(OrQ9GaG6oYhrQFz<8PE(FJ7Zi@)Hw*RBUqG(#taDuc4O*K
zXP&saKuK>)!7y7vpz?u=xI_geC(P9`m^H{l=sb^|d&{j*U97C=MAAg{rf*_p=+)WH
zzKeS=FZN|u9;v{Q<WXTtWKT3MfuL8ju(M%q_NTgSz<^GhnQLh9wvU?$qVXa^4-Gf;
za<H>=clGGZUSva87Xrd@{Q+|`54Tbgj6=+Ep93=`VERnt9J&@}eZ+uzVkD=H&q$6A
z%ZR2q#;~)So4b#jor9m3PZw9HyuG{?SWTe?!zM8?G%PT*q{7l1rT0ZJS0$k6&=D(X
z#S9LJkBIB98aj<jE;_{#)jx+|AI-!t?so%<iZ=c^1ZTXjVkO8K7bZC&$6Xw}deSUG
z{?Pd@GZ*DXTWVHv?FDAcSkO?azbCmf&53<PeIdsn3Zp_SUI&?njpX!f@&GKjBpLqq
zLekVUmNU_?lDpB^{FFE&tWPBdBw>9Dss2SuOsFqxDy-z4aYj299%!b7(1|&%j_SE(
z#I6&d8p-Jdn!5Xix3mtTO3*5U9$XO{kwjY&^^1EE35rHW(`hPq!$_HMOyqJOr2<Fq
zvsD?sz%N?G=;Bm#JiUGcuj9;x9Hm~;WjKVygvs`vB{dWab!eVS9KlcfId~T-4`S=v
zFG4qHta|TlOfP2%P+uiruEb(Gh{kNbH8wG%nOIT<kdLL=UN-xf;=)VapJyP-#fNzl
zQuhE=H7K55&qDLH^c9J5qFy^yJx-83T%m};B~W;WGD2R`R*U4&Y-bM7r<XG@xlHd%
zp>N}KeMHHYa%2Eq-c&}To0Fs8#3e9vRS?Uj^yV!rHZWyU8W64vqiZv)x466E=O)9x
z$e~|liVR7>dIl|1#vK0AG%?+ak({nxu$7QHp>qJ#H+u6JecxjGI(D@~?&j#Fuf%u~
zfkh)!hk!`bGOUH66_;6ovg>T;<lqhe=`@#CL~i+(2FYX|S1Gwf(B@)5*F{tf2)!-a
z+*POP8=?=R_rGEE_Hgm>vgcO9N@^2Qsb)=+$lhk7M0ce&VeaYa?CsE{Gsbszm@AnM
zvuiV*U0mFI(iwt-owuK}yHj)&9hDGgcg~Pqp`!QI(D?)2O63ESxGtJ5q=jKw3vc;K
zrrW10VOYU34vWSru$#9Zz4)e!vx~F0vx66Vxl!qeZ!$=U`wzHxWP0aK2yXd8oJ!a0
zm<EL#7vh*XGgg^Otz6yh;kTD-G#V+plt<?TwBf0{Vhh;_Lov7FYts^i;1>{tBD69N
z3`JsaOM{;a)~Q`wqC@2DqM3n$-tC5}j9W+OjRe6cB4#0t8My*6mPH2#8)7757umde
zd%+X>IC?604~vq4$qM(op}UCfkL&bYoxO2SA002SAd7~~PFen-ff<+~La60RIXgc`
z*F#705JixoS^!9jfjPZ+)65KOai(-MH$^N=gO#RHv6#gxqVx^>vmW4DKw1%*!Q9)=
z-NW12-OUTLL|S~b(FM>Bhpqs!Q(NYyKIXFqtqu{2kN|v)ptBnVy&Hom^)gdK&R=_n
zE<Rmp5@|-TIf{(I9TixLY+U96)bH-jE-t7lzJ9)~RP|eBB=>Dq(r=dx^r+gZS-f#V
zE0t3`%~fudiQ2<z?ztE`x_dg%NvWH?9rJb*#@;527DTgx?KH})$d-vUrb9kxQoa3L
zI(Km>nGAB*w9A=m+Ewv3p*O^!J>Z5A2i(gNKSa(<3DJSEJp#LEM0K&46b7>Ed(0?;
zQ6A-vMOLoQq8HF6$r<-(g-qwhg=ox#hy`>%T*QG3Gf;}`HHv5pFvTpB`b|ranL?s_
zV?Ph6&GtfYwINDhDYq&y^ux=D6@7qF1fqA0v-(#(*VJ@GzoQruK<k&0+{(;~t<+W)
zZQHiCu)?}ChBHienUpYQY<id^_GR4~$<3)v+y1l@FPBQ1yuN55tOFAy&ltYp>q7<E
z2GhTqZFqTOvyCb$%(j2l^S_#HOe}ss+mI@nZ62tc^qx|T5!}tA7{EgV62fS=8I8IY
zn;3@SjgD^UPB22yp)(Mj8NOD=s6E7d`#?!yibK~$F=FDaD=rMH$r#I+&n##gOmEE0
z1#pXI>4(+$D2xgT=+4j|(r;K8P1)}em^7d=Gxx!kOb1IoThK^iXhz4ch{erJF{UNM
z1x68e=3bH}Lze*B<Dx;8&Oo@~%Ea8n(!|U(UKxw)aF9HBgG;1Lv6z5S2p9CxyZM;Q
z_)G%n{8nia7Hw=1Y~C)YRjYvm1I*i+nVAQh282c%<7+e4q65Q?%}m;vm|HRr;wI2=
zMUW{z76m2YD>m~@7+;}(zFaO8)9yGp?i&ziV$$CPpK1*Z<sEJCSs)_V1mgmIC#KgO
z85lBt;R-4Yk(g=G@<66BUAvOLmt%zolO8$<#4#(o1LJWcAY<=MBjJVRA?6BMTxnI-
zKy{}qb-`RJtL~!AEwj`GbIq)}3&sF`MB;i{bNXK^`k%^KM09AFD|>P6zm?N?v10B%
zMD}`Onn>^Uat{v1Cmy8-QwU`ZRXU}6l!9LTWL{$6ofwTd0ey~|w<<NqXA{P0YcKjK
zhx$(+F4f>cH4SzBFC`U~O;y*BSQkZb9PTlWbHrzWIF-gF8gmO=OvQX#z)T=e!TjgP
zR35+JfH+ngkT8U)1o*&&ZxFHgJ{%Pu5F4Xp?%cu(UsTY)l!P+vf=*G;_$zD|=JXyo
zT9atymp5--s)l)M?%O&QwAyp8qG%I=@g++m`0|P^8}vnwX(V_xLsz530EIzyC@z@$
zxh)Qir&oaCu1Cv1urs&#*^+6j1C#v1g182ZIL4b>SXsGt?nMVJeDWUpZ&eB|N4e&Y
zy!>}duB5J1SZb=v*=P@D{&PO5`l!-w4$TjB&$v4(-(Tt4m^{bjea!9As;&~#a{4Wd
z_J$~tI9wYYQKF|!8{GuLq(QO;jx_*WDc33{IuXq{PT_2?x~dEwVU&!-;#3$m8>mdV
z&$J4<&^zQ`%Iv@hntAj(Sk;y$`f7%k0*pzq0f~MIiogo(f`h|M1N|_3!8Qu3A~d;p
zA)xQYn1tfJg89%#?@0~7swl>4dM7shy!*3b>PGc4!K`dz#gEQq%f36X`<E~fVOqcp
z@;}EnI5MunxU#YQ**(2i4i8{+7Q0e_!L9?|L87oKtHf1%?CrUw*@3L!ws_G?zS)~w
znPHo8U&a@k5^tDY8JMD!I&{Pg+gB0T6AK)wn+2KlFr6V&Yp4sKxL`{M`eyle%N@Ho
z@OmGKDMM?MR!p(NAS?#yR^4alhc_HM2Rmonk4Z1UY)@~%Y)`MiY)|jNY~P0dM{m(=
zZ$bZ~cWGh*&HPVYnwwFl=4RBbxfykAZbn_3n^EWHX6+&&+FDw-wYFwtE9-wCMM>Do
zV{T$*V$LKe5Z7_idT8(L>gr(c?A;j`HJ02;kJ~)WBk>OA(!2C#dfe=3#oX^{MdRDX
zs%>N!Twveb+0EC%)7#0}-rm8@%iGf#-#DD`;@8!Q+q8!%AFVQF77f@gpT00*<3kjt
zQYG6ln3a>VZn@WtidOD1RFpo-zPMxMJeF=MQZ2cM1*y4+j>7V4nGHwuZH&%J1LSs?
zDAMn6%qw}>?G>dyP@ieEo$c8#3s9=fZkd6M@v-y?x=O@6QsRy-vzNRu{%NYz)1vN$
zYX1zoy@!d76TNB`d+t0HO7w}PQJ~jWmPQl7ms-(}3QX+SSYz}p2_s1@YvW_k-LR{`
zO7y{4xJAy>d{A>;n)uFi?-wG%Zfiq$Dg&h>T^eE5SG<{0at^{wh!#nS>m)Z6NLPiL
zfpZY6WgdpogWZi$@&x>MX0O^VoBqGqV9>?K_|Zu^1~20_=myN$W`k`t=*CQ0f#$=k
zWzx+#Om~DWd30?P9d3LSN*+~`?h>T;&|1m;<D&hrK_tXqwVF@YKWHX0uV^KkrT(RO
zb4kIy=FI)8h&ek+Q{A7cHf3X!!;OuH8?)<)%+<dJN(KEggmqq~ps{g?8tWUDcM^bw
z8H9kZpPai;l^g8&!cJ3Mx*ZUL#bR~=l<}IYOY9O!nakLR4;x4)$k>61utp3Ez<uj+
z#?)V9x>$n^zaun<#Z&*_fVt*$gq+pGZ7|A#d+x7#qNzCy0~vE|Z5a<cb6a$j+`^ta
zy}(xejSmC2lIcg7*7+}$DDomEKF*Y84c;Fx?xTsKSdG;dF8eayIOwj-zGb5XlYc2z
zT>HS91oi_fO<5V_hvtsB#j|^^kXKlmFD+>~*LbiBz+Cx@dQ!3-3dN5du*~-=`jL})
zcc#npSjfY@ws4P4Y3x&~y~^cMT6(!VK0$C>s~D%4b<su|7#$LY=|4Uz#Si2fhg=_<
zvCyRHZeHd)3wChRmw9H@10{<Gu)x8DiWVF#*H;TeEiMSa8sBKRRzp91mF)aw8WQJ0
zNm8-qudnj8#855$w69Q40=DDQFF=@pAvd|T25jL&CLzz55V)4bEElP5$5eTu)JI8_
z@q?R8qpQazc_q_1{d$KQ7K~`3%Is0oSCt(7*rt}FbYHTn_|zZJD0Ktx&>@ygf*HS6
zI((O7+A_Nq$E1yZG>D~3U(xu2fCVAc5)(}tXjo)eL_jR+6myTX74lT2V!s@!94J}y
zf4e21l*5=$%BcVUQk#nmS0rJ{5CLHI-4!3oeQ2MEM$dhJ=#L&9qpT8H^)JPM>x-Da
z7}4l!Z2T_;6dxBBVTu)zm{0^m2P*Y@y_tcF`|n>0Up0)f{h7RPUz>j^AZ9wjy*Z(a
zq2C5+KZq8>^^!)+ZUBtKxbB|r$tdZ&RQ26jwb~knT_)T<ciN(9Z_13SSc+t}Tr(}0
zes#nbVP?+&{Y;7u1;MJDavNq#yCC#3>{cVJtH|Z9bjOMk`(@=x(eZFZdnMXUmg%+7
zS<`PXv<IN(c!k7t9RARG5i<``YN{8ay1Ji6zhBy^yZhg+_V~r0hKGg*wQ5rCZ;#qv
zQ~Y)Kdw((ir}OU@$@fsDKju&VwEo`T|M>LF%l+}o{r$b-@9;l9{pG5ElO1Y*G%NnM
zr~g;gTLUFS?exq29Z>r-z@O~z{rw*=|36Fruk8OR^FQkUwEoEQAF}&ZI#lIfuKCNw
z<^KL&@yq_lmw&nHudmkpchIc(-=6*(zxdO*p`q~$tAEn?56l0*QUCvJ{BK$A&*e}4
zM4WwP7Z;w3c4de^{QJZ7|3gju554)b^p|h{f0&xzxBMTU{uBT5U-|rJCf%$dor3-c
zf8_W7)O_Xof35Q4fU5tW@qhVW`E;xFs`RV$|CUrMil3DKjsEYaK>r^zVAe0$uS?tl
zX_%6pi@~g;G2glHEnBsMskZQ{GGf1{|6*mAUDu^s=l^6$S1lGQkFlD;#({|z6O)Qu
zsYR*Op<0yL_*J+7OxJqVT*gIX?KmI`2Ls?^3Dm)gMAh<eIhSe=m0!_izQQo^{14ZJ
z)!mk?LYL&h&r7~#mU-1z?tiu9tI9?nZ%1QGX3aN95r-YTSaHH82=(AgLJf<;Uc$e*
z(1zcDmH(z65EKxDuSBM*Z~McdM*MO;QGjNsLdGmRs&u>(b7~?hqbq9%YkY1~J;!=j
zs{5;_>0tXiyF&px(&MAThM0y$|9eZ#+~*yX47S(MPds!B!QU(y=2L5gVhDCyw8f53
zx`_s##s3w5u|Ea=+NidvlpI8ap9q)+;jp6Mh&U?4A_F4e4kaYzNd;1|j!Z{er)uq5
zwd>bzDsL%ojU6wJ1|9}|4MNP6X31vLESFerwmfWk#rCOfrY+yOhO?n_#~xli!g?h4
zSkQY%?~A=(2Ye5xJ+RFnk3o@xCJ)*adolK7tmd$m!(4~Oq|8p)pYkMyKgD2*`;^2v
z%jaB}le46ri2Wzxi+FsIm@g7Q@Tfu}g-RgPfRZO;jAarrwGc|Bd}_xR3VA}tn$Ope
zXwV16sD|v*0u2#Q!ur93-%^Q`@kt`)%LFnZ<DEdt6N+ULKI17*rXdjsrD6f&HNq21
zgaV$J@n0wrO9c|1NXlmd;R~cfo>U}}@idr-@^~`7hKw(ji9{Mqq(w5ZhEOaNN+ewT
z`7)^nU%<zM5;2<;o=~R2<B9PoJY$n35sEZKQVl#TgF_}70tr$n)4=0GF;B)NRx0L;
zg(7&s7ih>tY`SFv9=sPx;7lZxNZBk9B4J`4Un&u3NF)Lom!pV>RG=Xi3dACmw@i$9
zGkJ)#@<akYPs$g|kP$o~n@Kd$60ulA#uEsUB^nYwn_qmSUI34TBC$juKrF<F0WB4t
zP=xYAo+B8s7*UaGh}mqE@FgNdSj<E2350wRIuHSyqXMx&B9lm^C`B1h!sE+CJOs&R
zF6yOBDifkyg(9g)ER={4Dx1$T4Vh3TlxXlI5<c>u4^Ma^4YtY%kq<(NK%^m+icuCk
z_#%?1DiWVB5lB$NBB4-#{6L-~(-1kfAb321SV~J=!bb^-k^RU$_{~*2kyt7eAPG{j
zh7|vJs5COMR3_spBVQ`y^N<c9@&^AjP>qCAp-?8_swfZE8dAg#S;Tab5}riJ=L@AG
zuI5U38X_Sgh@7H*G-{eu!sGFUe8iV+6Cx2`f;iF)(-5H}MwJ$!Ven86TwzKiVgcfb
znvRZGL@T3Mf@e_@$V#U2OQlkt1oas4(x7b#`5?f<B7p$)mMvnTP^clLRa=TcQ0Zu9
z;Ay^CEa9WX*fxl!ClsQ(qk5rn2xykj=LG^(2r1Wocs!m4D!&F_NZYbVEJDUmA5h3r
z3?p2#5~1Gkc<2RaLzYPS5)D2|4XsW9=OQ83*!XBvB9tU5I<2}qWEzT310@glc!q0&
zJTx_=Sb{3WRAuBHS`wNg>JZ8oJpx-zP}ikW^a!-pplZ`XM-@Y_fb^hdBh_qsMdg<v
zov4_!YoIk4wE<06iUuS>$BEX#RUY&r$R1Qv)F!4vqnAPlAw-iB$k5B6xv-5}3YD0L
ziinEERBs8bh+<R)4TOVW1Y)kqqjxU(%j(1`o7%FnH!E$YvvR^|Ru1~Y$mFpmoi*@x
zqiP@{$KIdMNX6BwRLcEU@Vh{MNN{RL<*GS)k&w1;mzb@BoYCOSk$aGBn&*dW*=Z!d
zXqR-lvz^9@2jhCSNwCwn;1&{ja<iR=%}oC{y<XbcPT4!8{`MO79+|K1z0vD#KkKfm
z_<B~dJ^cMg{&<`(s&8XKoc;rySl~}bpOq_8S(mn5sxSu0^A@lcFY{54@poyFH6!0t
z^5#<oQeTToowav9P`M)3tu`h;8n#1qa{E9gpIb9>szBophf-#?zz(F;3;L(FADnLZ
z#&1fn?Sbz1rYBxuzXJQiD!Qu*UwQFcb)3CMk7MFKU(>S!=yq}i4wqv#E-)d`-y-2R
zD)>bz{T&vyPr{D^=@CMzxn@vU2sX!-?6hSqx!(oSsWmnXU{ex4cm{L72cvp?qeSRx
zu9TP-AWDDWDv|l|EOunj6fv&|*tBBIXsBNmW)^-}gDj#^r#plFVzH5Fh#yjfQ_$#-
zNwCp{&Wq{iQZ{e=`?fNYx3=i-FE{2=^pm&P)60E2?h=jdu!+o`SXSv8AIIph8I8#l
zEBJ~4={6Ud5usrrp>hM&FDF}D82;pUlp?Nl_gf53J)pm&p}UoTa>-hv6p%b-0}o9D
zyQLSQF}5^i*u{+B0G0kMkSp2vD4dHFWMlL5Hg$i42>iA}j?))ILgNhmaYP^0V}qT)
zktS<M)$(DQ&<>NEn8-&MX#NyAnnfsDMD6DQS_H<&#>zX&&D*m%jy;d~OwGnzUZ$SX
z_b}`M4`hCij!n=w$C1;su9+wC$sVz#uR}QRg3*-JVp^Fvmy9p;Ts`{I$Nq4Y`CS70
zV{Xn@E(rVvspNO}%ru;y;DKG>%x;)+PAdv44rdJf91_Nv|D%6w2l03QFZU_5oED>R
znLmu=7|ToleySsAj;QL)FBMQvDzuKkPQN5r_8Za{$IA6*HuQ59g|0GSp94-O#knwY
zY+c0360u3v%r8!vvngojXGr@z|AF{XTNM384JwG-fVM@hmN8E;yKVg|44&;fezKyw
zw-Bi)<*B{ONTt%;vP~O{c5T|2wQJqZtbN<I<`(7_KRtt2N4ifHzivj~L$|HM0}V{Y
z1(=$NFzLgDfUha4#IG#W;py_LimK^W=hfiX;@8oxC#o-P$ZN_QBn;<o7wqI8;a}(9
z<loV{E4#<P&ws>wA$rMwFZ{sIkY@?M@V^R*d0P6`9o^igFI%>J*yP#sR_!{Jx>GEX
zS=e;+&Ao9`SiQDIJKvt8Hf`H}wC#(k<0npACe*I1Th-9Kjg^C=b2m5lAVt4@`|H+|
zNHr@}uVvBRYQx3{4`uCU%-kT+wC)%jHhq?EwBPZJ%svD2z7a3)MT<>L^$mQMu2{Kx
z&H4>n4;?upuB26?zEvlO9_!X$xw=A9N3U_Sj-B48Ws<Y!gz_fMnj5sXv~ud^;^F1v
z+pAB%0si=vR=9G=h*6W)Y}&r##Eos+qoR+^9?*E0NFX#81PgekCdp&!3(Tw36E>AK
z5VaK93oExs-Xv}+Y$`O6wyET1H@cmyrlz#EwL^PBpj2j7Q`AUMSH!cm6m}Px3N<mw
zx0UM)wPY3oE0LZ=s3q}mZr577wZufKIl8%L_m<KYHT9a;t6odyh5+of>qs=kPEvhY
ze5EcOTZpYin&KXq_vr{k$&&{*aFS{!uN%<Vp^~OpyPB0))51ttEBRoDATKQ^nWm#d
zT_>rRwzEVtxxi7gzM!jfJ3(csrntRCbF@VriM61fFRw}~?UcpA@s*O#OmYd-9&4sk
zbNZ$+T~{6)(_Yd-*iYPC(^1nvRBg<TzKZU`_7YuNS|#Rxk&eCBLbmGt=+;$u^~IHi
z($P~U3d2R(0+~c-mVZ}ST!-WWO{FxZhU3ucTGh3B%IYMKAKg_ju1l2~V?7#*#mRSD
ziaIvp#TX0pg#6LA4Rx(VywNvWjCq$_Xy_u;6!KGa?Okk=Pj$c~(??Xd4S#fHBVmx1
zuV(T#%lg_zc#q&$7AG%Cc_7pkXbTdBeqt>luZot?5{WaAHg+5BtyLd!v5;1VQ<)_B
zax=}bc#ohj2$-pgr4pI0X1z*vwDh!fDr;2{>IkY<ttP9<t0k<>t0T~p)aBLVH>@ca
zv=kUuGU1sC%=xW&>-ih`n}nOCU-`wN@BAMEBHKD7Y4X%nW<7gNo-(7})5=x4yA*#j
zG40f^zu&8|Q>V?GwQ=X6!)MQ3y!7nNTcROkDs($5Ya8co{l`v&<(@-_&t1B9{momA
zlIm_v>-&Hp#n_pPmtMSfU0c`C%G$xXXWxDUa9Y^ZnH%xQ*^AHLyv@?qb#M++B#+&7
z<k<1M_p`E7#!X(c?%46O=dV9{?6lzM)pOUb<1C$?y$ASBoHl*uzWv8fo;!bEw`Q%r
z{R#?ykmSh0&z@Iq7!_TwzTb$E+qRE7e57Wr1`Qp%y1CQ(KXTOGvv=-3$;!@;RZfqK
zpV!>Pbp7`I$IoBC|9p|{`~_yy8{WEejkvk@=_`>|(a|@}$c&0^XVa;R!;G0;A@LV3
z-njYT;rky1^XkT9o(sp=OX~{7x}&#LPTnkPC>vc@PzUcKrouLOFXc(Z5?xJ?Dpe&u
zcwwlgiPsRkk>VXppoRCdN@8B+8X`AIT}e;8OV!fy5ZVch(LL#kt7usX>o@b0M+yfu
zOTHi)vqPXK9`jw$TT)Y2TShC~AhD)cPuyG5Qsk&<Bt+d1m{&3q>WM1}lDELh)ZA5&
zyhhqVP({!|VkvDY8bfqzOHFl+1&yjSs**fKIA(sGN;M|T5t)jtQPXP6l8-fx(@MUl
zrzJ`zqU7gVIZFlYWTX34Pd*?`zAVzLZ7t9gTS^_JTH?4$4Fr9Jy=BQMwd-ltl(`6#
zCy6(&(W)ghUnv~@sJTQ-BuZYVGdf?wleZAVcB(M>n4qqpiuNx%Xs)C7qrU*FXjsBA
z)d4X~?@focKKHC=-Sf)J=w!W8Y`CeD?iYokZt$L7b0ue+uIYX0e7A(-9aoKdx$Tg1
zfw6Yhk)-}!(bpzDU)bm46J?T)k<o*^Iii#MTCR97Gweh6NsH@Bl8PJ$ud%q`wr}jK
zXAxswInCd{V5+PA&{waUEv_kTQn&8+*il1v44M)-tx#V1ZGM*75BKHs`i;w!?rOWS
z$AH$xM~^n?dSrKS%gN8iRD0Jpd5F>0ge^X1^5UA4&97{4<Z;>BWp=Ib4j&Fa*=lpV
zZi}YJx;-EAbX@m=AG{uFZ(r4BYh?ZV;hS1V+YG)lK6L9_+bKb@sp7dBm#0j<xbal&
zhCQ}_uN>-h=*0KTEbBWt&w`uPJzA9?8Mola+=R7bdv^CPG~3smH(_SSk=A#vtu-EC
z+4kt_Wt~5@z1F|m#4gtl#;1<i;v)9k^>W3~YjY=#o-Lbm^K+)1vZ0=Hoi4?nSAMBf
zboSln>N@NE7cZ~+HTY72TVmpi=6ZK-SdQsB|A5B#J&k?lF4!TTI3{rClmSZlvK?)G
z`uj!g@fmpJsj0<`4QK18Y-&?DvC-#YE$<$-+f%jhO_RI4__U8}jja_vn|6dRin3_d
z=wj<#UB65`_UX<N@k!0GQDKKqEL)gh6xB@A-YHwV*(JMAG2#=K9tZVIZE<y;LC*n$
zW{HKCN2+#A*N;y=l9QG%Y$p|+3!gvr!{AvfKAVKLK4;%8wQ%*wUgqQb+Rv`v=tc3M
zjNL<BmTmhU8e8K)kl}+vqEG(4pF8N;2(IhBJKB1h;rONpqc?|}i3gs%G2QpYm!v!U
zZm*q}dSv{e>@&L~Y9}t3xW;LEhYgzz4NdmF82@a}kIh&0S~qj9bm-xe!BeVNsy}M-
ziLB+(b*CBVcu(8@(DluLZCPoOZmV{-s{V2CV~>EP1rLorT#OQJU%tg$f8wovjjg2h
z%#U3<x9EJWA2FN7d7GRx1CK_I7&7|cQXAKM(w%o7T{&zdbNie%dyHe&xV6*HO8xT>
zH*3^9-Lgrqi1ltc1)2wPT5R7GZ6Gm<>U#6#wmsUx+w=7<IV6pJyynUn*Yp_|mQQ`?
z(P934Mb&GgR<AJFdq|R9<*n9;??2|9^t*B)cHl<mbgu^PPmUb>wlk3ot#Y{9k`Eu6
z?UY#*+FakXe9K4gDFHKgCf1)Kh}TY;d%jlFL74~hm)>m_ZGY>=>!C&Ux7vprC`H{9
z&kjl%cr9&lt29l!qL9~acM}|%7V|!w>a_mq?844V8c(|8o1Vm9m0Lyk<dAqzyYPGV
zzHO#-c37}+(~$6q)ihJI?uB>GoauYa>#py)@C8?zOuu|iH{2pEeZ!=*{i(-}8@2CL
z?=yeZ?l~Lp<+iGRzi^nu{q@?ENiPn1UD?s;;g$SH7aRAR-gIlP520kq^eVQyZyuYw
z@S#OSyO}E+o;oO#>NGJfCe!V^j@vtFeJcYk%{!Zma3xEPh3{TP^yt)Ty4J;-*55|W
z*xK;M)Yr2@Mm=0_v#ne4^1KE5_B)p(c7A?c_v*s>U(cJ5GN1c2<*x31J6~H{&u{fc
zWp*4fDYjX7@Tay0PQli125g>IZ|n68k%q#q)g#+(OD%kN1wI%vNMhUZ&aoMxZjE2X
zyLTKvbCvMJI{U;v{8yX$c)ix%XmMGz>PC$kgHsmym>cx#aa+)F{3ZLoeY9sL-)*q)
zVb!sxQs?~8OzQPv--}7XWO}W&u^ZYSbDbYG@bv;?TcYfLZF<!U#*J(=i>HmMH(^xh
z*W`tjmL6#n{BC&c@+O0p^V_dXc02R=BxzXBZTuGdu6E-u$_MTZ-bM6RH{N)^MxE*(
zi#Hq^sIeS3v+cdOZtL_dgO_gHW8;6iQ(|=E;W`U<*SdD*b|Y8IJym=zw_NN!YQ<7s
zfzu#=$CX|!Mi#%A<35&ua$#hbZ<p=k9+|YSGc>T7o%so=SMd)Y-I-q}EbnzBW42A!
zCH+GqH~X|r+8emPZT#@&^Pcr;V>;RAWcO7anx)LDyW?=pXkKyprk%?!PtItP*m%jO
zCznnpZLBfC(XUo~!lbz?XI*SiCvD=@uazwNSFN7@)p`H0;D#Y-$wk-3=GE-IA*tS5
zJ=^!m`Y-p7xz%f1JJ}WU={gf;>^P9N>!u`g;kZhje(b8TY0r~)>l>zC9HbF)?b^}j
zi|)Lf{bJ_&kfUAvH9D`nH~B@=$bLqLFT9BK8e%)s`O3E1Q4^GfAHVi;3Y|A2zwf9=
z%O(!;h+orwyD@LT(4>XaCkW<s@w_M=8#!cj{)79Yc5h0tzP)ak^zDUvFI!!|>gRtq
zNOQuBMco<{H@`Y+<qPY6<3@>n7Olw0=@)(C`Nap_cCTyT^y!4tCeyshJ9>VbR^R_d
z^G8jyAI-7O?s;ur|D>uN#`KczzbCahn~*-b>E2qkF0YEZ6r|OCN`iOjs>oGOpNzOH
z`#$1&f73Y|`ITgqYIyhm;WE6xU0ds-+b`F>Z9die>$2^Udfj+uhn-oZvpi<U#{=i;
z%2qDvyl+w46L-!{sn;~*%fRjz1-Alur@z>LyFW9*c5(gd{ksG{dy!<}TkL8vN9WX=
zF8Niz)#$z8Ov|A!?GDb#Svq@HtzmtmJND_D7I7(e$^0%$u4fo66s<Rp)t4SM8++6%
zC8fm>a?azZn|Zgi4sX*8f||DVJ^p2l#mxcRsySAfv+$V3%ejel$B!LXuy8@GY6m+-
zjqN?m=as?R=5Z%RKJEGb`oy=Uk3Q+Oc3<FR8U1PAj7ABW{V&|g>J)gakGRs>BYQS_
zg~tz-q*p19%s%gW?eohy2Is2wcK&et=$nEiS^ll3_Ir4E^L^vNL1|0doH1&jykqzE
zP4irnrXCGB+c`h6>xw5UQhdIxxSy5gU)Q;4lhK=r_OW}Ho=L5l*M8vQ{de2--*Wd_
z<FoMw^~}#(jcImyT-^Q1W5O+Fw+b9_BxrEqvfCR{=bH=oOGy81pO3okO_h3W`1U=8
zpE4@{VX*Pafg3J`+#2@1>FL1du{ZpWtg+enEIB2zL1FJ@m%DZu@>zSTSIvMm(syxL
z<BmP_^bPJ2^Pz9j)yWNKMd+K%2q}2p%5m_+@Z^17k5@macSs|5{_*)&ucxk9V{q$A
z<uxCYvqo(Hej;VVg{!;7$yKj54v6Sq*JkIMTVF@}N##A0!;=E_%+F=4JH2FwwJ6TQ
z?Dgeu{znrx&B!~wWRh6d{@deY)(5xLxVtAi&)(RnhEMUVjI+6ujYYb(7Iv%WYFy)K
z-S~Z38ABZJ_B-A`aK(^5cLv^iv!z9?1)6O#+YG-@bMVCC)XH0iR$iW(Ja>hw&9--K
z``@YBv(7EY4KEJKR$l4tpAt9m{+8vby>2b|*!^Os7|S&`TZ*qV@lH%3Gp|3@cU&zF
z940+(Watw#YG0STJ8QXIu-3bjk*FMG)9}sgZp-TX9l9j%nBQW;z|`5(mSl{H9kyqr
z_taf&TNH;_?y}p|#C=h~vXABsPv;elKKJa-oU~UOUqwM9bBioH=ysSae0qDT?U9sc
z17a+@POedDo5LNaogSN;&P$jgu9NX->cgJ0#ZQ~w+iHEW)|%^gHhdX>?`^W?{k1M{
zkJO(k(7au+(WPOdt1j1<4```~8GB`X+?|FYVH)z&T@$Q3oxAn?&V{kc7o9co9;O+}
zt|y+arCGdoMlVl|!8)ONS5EmHTzVzx`kstn+o{#Z3_iZ_?(A0$w~RLPv2}Xjl6}rp
z<Fe&r{aUMr5Ax_!dBxTP)+fG;Z)GpJRBzmyEM4itb=}O4PH;4_{~oxmeq_yV(`T4;
zOsJ8zq}#F|<68;cruANQ=<01fefy_pzZ-TM_cA-v*5KrXmu7Rl3y0@Td)GUo<;{ab
z@~3osI%m<fUUkgA#2p^<{$4AyY1OSx^0qhZVBtCF^~x!oj_h1GA^YSa{mZA{**|%^
ze|?QA{`vC`p7=7rN@ug-v$eX9s~*^O<bBq@0;fAQ;(V*zn^`OP`R7JkgWB|UuB$uu
zVza~7mWR)7lXgtwq4v&8#nzc&r^Y)T=(0Y;*1bo6o3EPT!rg|w-c{|<LU;ArJz7uR
zoqAP8uW<V2*h8Pjz0c}8dxi4x>=${veXE2iLK>y_J}|-K)`8kNFO0lScRU#uYNqsw
zO;NhfpHf`S>U`}kof};L<QC-7<mmRV3#3KMX5D<7vUcEzrV(2nw?E!(zhj}p^Vs$M
zugyE%ePYV~X|1LlnjG$~n?HK^o@JYZ6s<a$Zj2JI@`+uwI3V@j(H}o55A)KzFfM+)
z1MhpaR0}`9k4ACgqwhUG&g=Yb!Fpl4{Y@-&os3qjU;V9z^{AU?g=>vcYxF5R<Mhs^
z+PKUy#f{%TR=O@&l>f+2yI1h$)rUU6xOKz7<H_AO_v>VIns;SG^Mw*o(Nyz>=ibiw
zc>OT(j2Y$Zn3(<j_TnnvvjgrfZ@n%vee$P$KQ4^%8Xk4%()kn9!#|p=4f-)GFtn~_
z*wLaL%5$rSUi)ri+_6!QbpbV(xJmo1(^`2<d|+zW+bUn{o*t-~d)*xe@;A>u{cQG^
zSGixWWS(CAcw(RZ30C3#9!D;y_aeTJqv5<Sit4h|)}9lOHR)9?d;adj1*3XT4mq)|
zWrmSSuk;Zs2E}F8+HY&=^mxvbdOi2JtvR*f^V2sTj(SxOReOU&+gx*J1=ncs_Wp`_
zA8OUVP;^MXBhmkAtIX7<17@03t^Xvh`Zdi1$z;=pt$X(#@@-me*22-+@BEM7ty-ta
z>#&IQ`32;q&h#bo&u-4lpL#Mduff+&Q!njK`Mz&nxN_&N;XBuTnQnG;#hW8R!yRut
zefGHjje_07x4fxba7^21)uix^R$Yc>T@7D4YqyE+|Hs;Wz}5Ia{{KJMX`lAcpk0bm
z2xUtH*<=$<BYST`%1olnDAG`NDkY=HmYuCKBV=!WkC(Ui`}_WU|G(ew|NGy5|K9Jr
zXIJBl>zwO#&biL>b(PzBSBd|bE9=J`kMfxwIO}?7;?3Oj*=k2mO?<Yz^PDj%!-AtH
z`RxiVGw-PH60qr1$;Xx%rJHWH(SEf4`pl*aXU@o8dbPNy`$|2FU!BhdzUgvK&pk4~
zMXv!)lOA0BnfKE2=UVR_^_GOa%I?0dsI6m0YMWVWFS<SdSwGme&E)93`b&nNH(xNU
zce_Dzo2ja&J2Z8Q_!W};$)R-b-6FNKy&D~G8u;t*nS(X*dut9X{XSyOoA%AyHTYhc
z<$Z02bymT#m+ti!rEN;o?z%Iw%i1p28)rnm3t25cssG?w*wC3<6mzeJ)f{f-{qeeS
z=U)d+I&^bQX=j`uJ>THlJ?7};i(PuQSXsL1+k((zH!3DJj4B%XXvu`)g|oKJt?4?b
zdx7KRX#ss5@>j1|+&y9ZXT9s6)xujo-%~H=wL@jWa`(Q9PfL}TKEAVmd*<HT&s`&*
zpP!QD>pcEUj}D`EpN>n6GmxEGuG#8b!9x?(+p}_gJWM<b#$D7X+<7-KI(FdWS}GQL
z;R>(wInOhS`h4xb%Eiv0^TG}pTSLS8ysP@`a^Op5!d=_-YdRLrt3Sbh`j-cv`W;^5
zJa5K8_t$16)1H4@J}9Se>pR_F^j8|4G~MX&*WGXIMr+2|K6!a!@sjv~TMpfRS?wF+
zo;j>)lmFBopXAv~jIv*t%Fo@=Uyy#~`$46Ooo2}nTZ;;N-`Lh$ZO(R|4cCYH)pTew
z_Gy<LYa(5qoSnb;j!Qo+&y)${WAYy7Z7qC|+WXLG-JTb^p4;zWm8Q09-KDg&4u&Z*
z>v;`lOg?RYe(1u}^|V$DmtBi#)i3s|%lwbqzPjl)jF2szbar&pnO`ik&mH=8rDc+*
zbC1JO3(9gGl7FTjjrKdO_p#Fb{oW^TdG=e+l)ZPEd-j&LcjJJhc28cG6lhPHY2K#i
z>a}yHEGZq9@!4th#dRTFQ>M<j*y&)!ol%?eYge>AvM1_H9r-5P+r52?Mh0!TxNGpU
zZ`+F6XU2}W{<io~JFg9sD!=Y9(-@r}cye9sYa`BVjlOVKH}ITFRbEb^^_k-Z(N(fO
zhRxe{v>Rdna%8LhJFD!Z`kD`;w5A<%UuzS#M=>cU>C44U>8sXE@HsT9?ckL<kJLXG
z6~#@?TM_?MS!aJE0}IWZLx);*dN;i=wy4wiq0Vnh_SH-8T)XCab@sd3n(jHfn_If|
zzGpo~vtH%iij~D7w@c~{^Ix{sPHo^yon6fb&Fi$ezsIwznbn>4?Co{4q$Y9DA{QT9
z)Af#Z?%WNF`8>wA@uSb9Yv~^ST%*41*MK^q=eESuIeGiaD|eUWS?wCywwc#qQswm3
z(K{nQ?<&(R2tRLeQ)lq={I$<}7o3l($}ZY!(6MU$j;a<r9G}lmw+}whv249vJDt!a
zG5a2Ey|Sxil9~4W>X@Z%Ykhh3YWt!rd*wzWOa0B9V+Q5!e7+*3%tfWOS8@8VoW_mA
z`qtfhq1#N=a|Z9@JoJyY9oE+*CgPIjqa(|27F6CCr<3cHxG(91PU7y}7sCfHS6m65
zs(k<S)ZRXW1}*e`>$+0)NZjID-wZ}vuc@iL@v4pKiJaM!Uv3^9xH#cPw+?-~T24(F
zbgABns62<(T`Sh@d=M7bZK86M59z}jb=i8W&GpRrvoDoYw%btO^Jk1wdWXje!!}0F
zxU=eLlS_q@lzXqgKj+i29sRCMe(mWqcGcqHZ4-8FT<<t7Bt1U8bIMFZ+0%OikI&oZ
zKgXb;cYyW)(_?{s_e{K>II>PzRcf~0ILn&6o!V-d!8Q{e;+{=7t8AEX;OynoeG5iu
z@6EB*{&8~M?7%iEt(=`s=nZ)k-g8dw+>LoF9x4ysIBVIV7_a@i;$i~dO*b!j<7xJC
z#Qv+613mUPuj#wp!*%trXVQZu!yBHw-(k$?lFGyRtr`a{ua(rMRhKL~yXketWGtK8
zVs~wIZN<=a)tP;5Px-&Rd+L@==hzj^3ZEuSojRnC(R1@9eOzx(Z-1lbyen~&M{TgT
z-&u9&()G)lkMBiKzf^qGW!JUPXFgp@x(|)d?i_r3UF+(|w)&c{TfG@n7<BLJrNS<b
zsWI0tJYTkJUv>W47QVYI_m#fwykN&m)B7XdfA{Xv;K0QNWfvzzuPuEZ(fGU3&`-m>
zwyl(R%b2;SZgSgJ8=HOjbmeR#?<B(kkH%?epOr0odocRPcmE}(;}Xv<?=-J`b?)UU
zTjn+GTN=7;==9r(1E$qgH7MD#z)9(6XZQGCCtqFN9i8w=#rDIZ!h4Ha_HH%R=Yr9Z
zjo!^>PD%)mJK?x2E?%~A?D4e=O>|qU<WAk!;8T8t?97`MA@>ZHm)QHintgjp&m@a=
z%0th-F#i7W>hs$AaiQvu4=?_3IMux1{gNF)@i}ulTUI}D8*}MlRbywh0E@VoS8;1D
zZS@Xzb^F!QFFVEEZRhm7;^=E%5B)r%F}R}Ji6d*{pJZn&ojLM|Yu8&@ds}{*V-c&b
z_}E4ANYvH6IYgt`UHk0#74NnjkBsy;)XDDRW$0RwKYp+3+Z|!`&MoOVUgP}X71w-S
zeR8AQefhc5{+#Bo7km85TGZMxYSpJB*IyQ1{Q2aLdAB8lbbKZsT(=|Jz5TEWOB*+e
z|GY#ovhnweL6Q2?&u6xslke`VUG(Fy*R03a*B-smt<EUrX|Zl?4vreLN2SmsN^jrs
zBEOC8Qtcu;*6EmaGOdrrq$YPGN_CyX%qj<%<X+B5>F#M5RD8A7gB~l_jWbyE+@Z00
zmieGiMcMWVZTKhU_rDX`od5H2;ZOc~`!M29{vAnwfAS|!|F`9@|GDhB`9GI?7XRn6
z{rmq|{-?b0=d0F-kNn5?>y3W(AIo3l@&8`-%=OOy_wwHrkH5d>^fYqy-=C8a@2#I4
z{MT|)<BVYs|Fx`q^h}+Ye=VPMJ-lt-e=U3Rj860Ze=R>-s%&>^*?%nuXPta8W7j{+
z5wlEk9m;P0vmBc>&TU3i^gqkl{T1zuM`rx9oc!|q#X3b-|6WdtH1Z7UH8Aq;<<mRN
zVh`;YzvJ)amb%vO9ao*Z`1f+8#@f#_TC`j6XW8?y<{|eowN=S~mV4gsK0^7znYU;D
zET<&cF7Wl7GyeOZ<!*@wCpf3?I+^&_vUQEh!>;ZIW*#U1TCO*yq)vHpzXy>Y|5|oC
zHAH_*%LGlsjlY*Y=eIskOYO|;i|da4Ue?>%#rjUCg4#ueHNTgyMOnUIqJ6OEhG_|6
zIl{-tu<?tYl_~9v4vXcazPC(%)O}n#ria-Jv8<k18gRs;^itmC*KuO`@!8}-yC~2(
zmSpC#=((j$=Qn1jyi4}xCOl^OlFEh6W5*A9KKr8Eyj3i3vy&}+wEW$p+6#{c9N^rR
zHHg@DZ(O4-$-xbql~aq_<zcOP-S@tHM`9bB74)CZ+rD@3y%F!Nqq4I89+|BDeCK@=
z61vX5)~iF!yW28P{bAGYX|>k9VE@i}+RY`h)8XGnDVFT;m%VzOvqmRVHp_RGvi9?s
zkr7pyDb253kGOeby>D#Fr1muvUkne~zPM+{sQJ#fQ#<w=(>>L*wN{$_tr5d=Vq-Ui
zsa2Nt>{5DZY-#&X53}F@+UoOifx)T;3sY>C&eD1F`RJ+mk+x-TZMJKNJDc@(`Lw4+
zf&9ga@z2l2`b^uJ`uY7P_3+}l6Eq+H%)aj5@sj&nxv%X;69>m0TVuo4Ht-5AlWy#c
zNPJymd+NiyL%CO4cJo?(y*$!+*Ne~l@27=DFD<_^eX&*(-lf>o@Wqm?@B5w)xt?13
z%g<^?(YLyzPfZ+swDq#s;`!!|#_wjm_HEI<!|Ub!THY?5c=P4Dtb^ws)-0d8uKM&P
z@0jjYg(lmNn7@40yN%<w6W1DV3we33%d3#|ooQV^n}4$(<~ww4`0FWcGtNF+<^HI}
ztDGBC5BWG7#Q6WHJm3>>IwQ2})u+Ze2@}%~-wEv8(&G6M-AAz(8vpE2)pzOPdrMMM
zb{kq8Y=5M1eMn~JXrs&v-8K#gt-S2=a$f6%gp%rINfQEd=dIk<x=-n23(N26yH2lY
z9(I54xi0m+hwZ4_%HY=5JyAbv-8-`7onfxdYro7>-(8H3x-9eXo-xL4RI_mjUuL(s
z<$5Sfxle-H{Nf_NZ=Y^QubTC=OtotEnW0mf-2HL;S@wpknyBp)U$!Zzmo)0IzMbu{
zvaEEiizBt4yQ!aWzLDv)SNrCbSgANRrJdr#ov_T>G3uuleJ!7PyJUpJ%--$#CGR_%
zm(qNo>FPXbLVt(SOpT#Go?M6;KlGr3yz9#uL7F9lhVG5XRvFxQz=9rqZnTJ*{$}dk
zB%4$F+UyPr8P)al#Oq_%7@nzWZh671<zb~^EiZQVn=#;<-Kj9oq)wU2vmYJ1=+ea`
zaoXl~^+L5@1aGvM==H@S;KbTRJ=_W}?Pw(n(_S+@Y|4k3p%3R(`>Z-^J?vRQ_|cIY
z&RKRZHC(=7-m__y;l8hnj?PQ9DZcr#-Ii@en@$>M9(Zl3_xxS=s?w8>t0P*y>U=5Q
zp!1{wm)|58Sk((Un-Snsu<mZmZr^dsoE#>7X>ByM*7L$OZneuaTs{nVS|_!^sBUrn
zHV>QN;Lv)YYsI$G>BZ$aV-`)<+S_pX_*om47x#U?{!z!!c-_t4#%fl#^VoQB{ezgS
zp@mD^7ut7xs(VuQaNfH8{c{>rudaSMpu+#-u}wqUJb3xgV?@q~`VGgt-!Q;taMbcC
zuNKO#l+P@To_K6`)teE!^>=QMP#t))x@zTw+M%zc+wp79TX!0-^KAcssMw!P+b_9y
zcfQd|6^+LCU!^r|yRg^JTGzG?tm)9DFyZ;-;}<F)U#opaZ9<mmmN8r0>^2<RrMr0V
zJ>`<orIkv)zeXQzw81~syjE0hhedZHjem7`J!k&2(vXcK!c0RAo{Sr|qSo#nZx+lu
z7T9jpymLMLroY~}Vf)x^i8al2n+!ej(7bP^6rrVY?qmbCt4BZV8WQ4UEKllj?#IVZ
zr%yGUd~5Q&+ufuS`dhbr-FWZrkEbK*S@cSln%(G7k|)*b^P^(H{;(YyUPa4qesb`t
zoiS&St<^BK4x<M4f4XtNsJ&GyXH0G4v2<N=Lzm>^yBC><?z_=j7CCxu_UsuNZ#Smc
z6$Y#ram+2`V$W_beAktCa8Jn3_5A$no3z7vxJlvqo5ig%9{0@oHOuQ_db@z?BNwxm
z8CpHw{$NE_#F>uyYdoZV?qiyaFEOdHt0=gYo)_6Zz^9{3GtZ)W%q=Iqt4|)Uo>FVz
zG40ei!$+rTKlhGpcxU7;kM*acr<>lJnf$0v_BZ|F^}a{)>#rT!=jIuU@QPVC-u=8W
zw*GsIf~JmJdRMN{8a`lH>Z1*&kE*17zE5lKT{YkJQ)$4lp#h;@7ADCycPCqYeeXSW
z!nFK(ev@`9$1hFyH=o(rPc?kh{X06heZOYLjSMkKyc4agbR#aVXW8c)IbN*;BClll
z7M<KQI4){%)cy?L{5ZR1nr^uZ-@1={n`UWLHgbB_n3!Loc6)r}uP-~?((;ZkQ**Pj
zn)Wh0sM(@CwP${XPkiP-O}(0a@{l|wRU>%w7;EEU$+7B&9wU`5=&qPm9G!m0J#^6H
z(Y7|W5lh!KxZTIkujt3#`>LZeoRY>A=IZU-bmwiGfP~X0{hOUWmGyY-+J$lBSG+H1
znVatQ^^1vBeha(l=gMXrjGUA)YV)^o{zl5voPKGSRn{#vj4aOYJko5j;fJ4>R}6k#
zWE%E<R6x<N;RE*1lQ-XReP+X>>w{+9`qplG!`Dhtzd8^2_Ug#jo26fM`+nOQIpS!5
zYyQqx%}W=3@psCP-=DPZ>yT`x_(ef)XHOZl_TGafZCXqTnwtOU%d3t06ThrAd9kA7
z<wFKl0eL&6eiuAuy)wu<Z=0RDy5#}I@xJB3SvyUh%y&*U&d~_$)_C;#+5OihJ{UI5
zZ}UUVyrdtC=M8!}x9G*Us$K14)FwwBF<dpk$o#;QS)pcE_MKi;clXWx;|4w)mb9U8
zYlr&<?{?pc8FqI3t5(VpH|(mH^%<bu>Co)^b*nn7Sf6i@wkv$M-o~`r{r03Js@D7U
zN$-~O?X?lTlAY^B*(%TcwQ*;(mwG_W6`yah^_+eCA8j9>;oo^mmYQ+PW^bn&yEKgZ
zdiB|m)$5jSTH=+f;W{T^)0{~C+xb761;vl5yQ0ONrbU}}#K(@Bx9HGUZ`apq21Wbj
zr3LSmhCUkcW$oM#K3xv&30m-BMp6E&@;VlG-Hf-S)yYqGGnqWf=~i&)nxmT*uijSg
z?9aQUN>f+Oo;zcY{Asgu`@grnR_xPz^6ep+yMp#gM_(tVg?<e;T%z96*ld=0(eBYF
zFa5~#HQl*Peel-x+b3--`RLomvHzAnyOwPTX_p#p-Fjn}s2LwC`((M#Z(X`7qu#k=
z_tK2B>xB1@+^Sjp?&{kgHP?HYCvWrNkI+6HIO9a_mV~+o_N6@T9J<vgXhOolunvb`
zS>4y(8qg+s;7qOWw!iwnc%Ihxvg$#tjGO18?@j$>yyoqa>t6P6(ljm}sp{i@^lom$
z7t8#|zSP%R;A-zw@AcKkUw4d6KRwcTm0n`M+B2u7tU4U+Git6h?n_^v>cFzNl?Spi
z;*0MtIO7rC*RjRQPZP>bjAp<0uPj&`9G~Z%x3R;DnCkO0ri_hWQ;?t9XL$Pod-glZ
z)?Ge5t9kgSOI1gEx!&2*_}F)q*&9?V+uOc1dG~#ZlGW$Jht*a-gRbm+b+2LT%wmUW
zyUd?CUVjtSH~e}l%^OqpUcG5oIdNIPDN}>PR8B4S>mE6xpG)+|F_#Srj+8V{yAu>9
zWqq!feQI&psBxcFFZa$rB9*x}sn~qLLGC*^W#QzeCP5wK$EqU(_j(ym>b5;r3iwhc
zuW{TlW60G_7p>2~Z=d~XrBZd{iwR9md&%qnn%Fye>O|!c^V+wyE*zCSb8FPq$f}ZH
zneOFoBO9F17;tK&`jhQ5W*_VA8??})nU?F9h07kC@3(P6+POLVypm5H-n2SL({oy2
z>XM&#0@f`3l3CO&Md#9*&!yo%dpG<1;#0qO-rWpN<b7PEa^K%(_PasG>pM?aKC8*B
zNyRtPs|N0UQ|HK#uC4=*nf92XWf(fa{MELXlON0+UvocL|LO9!C6}))UYqWm<=gMv
zy=4`y7d=!vryYuOHz{*&8$WhK{_&I1=K9Y(l<%F-S^4#JlF^1c*Y+t^Z?jc+#;xCM
zaeCl<gU&;{9qf{+bt&hFQr(t~tk&H<m{e(TLpL&Xw~wp+yvg@7CZ?>s@_6Z$pViNY
z><ZB9XB4Bouj8-=(QVV~PBERjcJzifJ@1)K|5UHLLBq=p&$NE{E1~zY@jEx(nlQR>
z;p}gkcaOGynx)xS((6_-CS=f8ovW`kZEkkoDfKD;)Uox9Ayp5jrWr*~R4iy({WU8r
z;lRTo{+Dm1Yj;a-pVq>3{+uN9rs=+VS9>OD80dGpZ`tk9YU`!W&lkBVcgR${?7Sv0
zAZO(0oJT3`7Mt|zmTvL+(EEp8s*fx##tcu)3^b_g{%*#_sztl6M3@D7jh^FNcD#{^
z*CYEuYROig4Wb5r?7IK^=H3>&8~L4a%vm?$ZIkl*t$or`Zq3>BZQu5}(reH4#ygfh
zQ&o3upV&R>RbYHQtC;S)wy7_hx%xz<qtl`Mx2bQo4LG-~y6oVGJNu@L7_~=lcbLi1
z8}CwAZ>aw|y*zpB*{pW=#+~1*_wndEr>g@L8b3^8)-L;XckR2^dq1eX?%L)1y<3}e
ztQ2iN$H#mLt);i8u(PgDN?O;h(+b{r9I1V+_Si(jzAG;ed*J{4<;k%&OM^~FHt74g
za?|K3aoL+5Wq)Y>!)<za&Ygu(`nkzP7Pd`R9Bx-jB_+=8+4V=Ao9uYrZcnDJ%c9g)
z#`{!O>3F8SjqY}?{%5<`vx6;8?KjZt^}5Qs?UauVnilSVG~<DBpSq*%GrFy=z1cJ8
zbxh{+m_DD1a+Y4IZC!k6d*-Bs-TUevoNS*Jnf&bCi52~HTi>>vvMtu7?D3h2rr%5w
zmWC~fTM{;FPHMw>EAM|v{Ptqr&fMoe*Vl<HxYxMfjKyD5Ew6{|Xgl9_ic{bF%|@>o
zQm@J4VUE$O;+M3%-cPAR-sHFQQ$5~{e3$REbXkMQ{;7Jetu8Hg@!mUXs<X?c{U1k!
ze=uA)`Fnkx;QFmLdkuRpoqW4~+p5{wtMlLaEi#-w(Q8`6cIPH<v~kavU~XS_P5Y|<
zH=Un)(#}O!SJ=H&-SI5MDB#SNot~ZDl$*Q1?{u+p&cN*1CD$+AZL3n^z3=vdI(Nq>
z*Z!<fSsN3TyY^na#;dCyr|4~RSY&RN{dUgTNpnAhSY5n!yk>idRZv6oAEkHSwoa2e
zzpY-;dPIv>A%~^2CQ<6`$E`EGxwu?O<;eAghZEB}U-m0B?VfhiC(5PEHs{5?5`8yU
zZ?U<obK~jfd%msS^<J1+u}0~j*O|w$1!qkZd!Ggy-_G+6Uen5IYIvJOt<A~bHt9XR
z)^dhoguzLz%4o@VZcupaN&Dr)Bb>iE-mYq&aQ91O_Q#hl5rH4S?CTYJrNF;=YQ^MH
zEs{P@o-uU)ypX<4AF8c<R$&)9yOZXfVM7mxOLzVD2H$SbW@GJ(t3OR0eNyrta`&6w
zjPst!?Wg6}52;ge;Ly@U#ku*Xm8&x9zi$<M%er2c&xOLRUwuRRG<kD2U$?$nS-j`2
zjx$Z>WE{J3<XXnS`B4F#&Y#bWdFeM{#VbFfMpo%l2K_qP@9oGTD;kCmG5hXtMZfW{
z@zt)2Cg%ne-C7keU{U70Unl*4G(KJTgWIKdQ(RN}4xOKyKBsN|`2FopG%{#;;YG7y
zkFV6ZSZ{G@+N_~nd?F4k7+e~1Ib!DU;$CL%L;EIK1-lg=R;eiSY?`{Y_+a?yw68zk
zId{CZvgh$t(M>}Zf9-YXXU)g;J@#F>dFYyK=$g$}n{4g3@#y7oYCWE5ENGTjd|KAA
zI-+5e;&gCu*9x!H_g{|<a11JNyiho|u=IS@)AgHYtjjaM-aMkgy(}fqM>a=``xQP3
zQFJVyVYFVkXTbAUQ?kaCe?LFK^qkfMdGA@h<4?cv*0PN7(EU-Gu;__tT7LeMKC9{m
zs$BiCXpX)0gPv8RtexJu=9P4ucjbcdl;u}ex93e4izauwT6A1s-pjRPPVcJEyB@VO
zEPuQ{Ippz|n-5d%rr)}!YdT=nFQ1_eH;;(vH0^oXa}C}8eJ0K9z*HE&aeqxy=_wAk
z{P%+2UlZ_s#AKeH<0t=p#Q*MLBmVxh50h;CLZ|#W5&j@bNZ9Y$F5)D;#NQU^|E~kc
zbF%!M@$r*5puFD%|KES*l)oQ3>GxUw{;huwC;xli|FEeXXLo#<IJ~_0qZjNjDPp3O
zpMgw1)>zim*y>pG9D7e+Sp)0tDvbiW%bHsIAM0k_Z)J*SKkd|reko<L{<1Hg!Q;M`
z2e<tp3yF{)5A#r~2#?TNFhORXJhR*~IcB3>#hTcL?c*CYt%#TTv`^^RAvr-d@_0gv
z@QMV_anica(G}}&tT?{0W{<SVZeP%*@B7<tmK|P@D7%)Nn0ljPi|oOI?Xi_Xsh1uF
zWt2ay$dJ9V+1cogO_od+oL!!3d$47$*THQU7apv5A<vP0_R6vR8k{4OEz0R)xIJgD
zT``Pu+t*gD-B406mrun+vXW%VS~@CBw3PZuPE10SGi&enoB&BOlKiFR>Zy_g(?RPy
z>hL3S{*x&8DqCo(G?&zLhD*!@R8~?jeO9lLc9^LR^Zg_hQ@Np`nVP1Gsidm!q|j1Q
zQ|&70F;P%g+mKnda=9^6U0Gy0ARl6?BQrx)wB%eOG4c4X?~8MiGy9RBP-dQ}B<a)S
zWqPfWBz~KpXHFsWC6y#y<yuT;{pWPWcYdEPmxRx?B|R>@5*1=DBA5T4rZH1CIWwuA
zHm71D>4}MqOr2yZsW@A6raAupx<Z`VU*BPxsj{|`miYPl%mC%5nX}1kM`PyyN(M@%
zTsDark*qpN-9WD0Qq1>lBF<AqGUZ=GPMHaq^qZBfrFQC)y|N**EbP5K_$?JZPx|i;
zzvqBDGu@L(u>6LyygqFHS<;nS@VR$gJ-vQRGnL8prP?Z8lr+_hG;2|R7MDw|)l_b%
z!|m$*R}I=q(o)tiv6QQbBDA}?ayz+^n`9!_RBGH*(v{SkILVb24J1t+4`U^TJ(GQ%
z<x2IHxrnS)m1B-Nnlibn+yUxb8u4KzZ}$6^qr}ZLW>sZv6+W9Hv5vLFI9F~!>h@v<
z@S!Yea`Q2JRlmNhsq8V+uH{;PUBl*TlAehMlYjr?KkJ4}t2Wb6V}h!3KW4}dVmh_6
zG*sWZksiA>W!|n#nATIsjT$m7cA}$(e1zOn<@ee(HIi&hn`-$;QUiWXQc~Ec*lAlR
zHIcM*B|SZbisYf8V_>4>D=w6&l3Y)&tjXk7rnidocb0TiXV;R6t~T?9!+&?RwYWlJ
zLaw+6j<Jy$c*@=DX-!d)qV3skGzTjE{%yIEot9LaTU9RU%5`jK`!<s?J*1(vwwN4Z
zDYs|RtBTVWgFo{_v@}`Y;$HhFy=A{Ai>OLYl7=sLEUCfo$-gEF6Ai2OoTkE9QM*HP
zRk<fCRYly_ESxNqEbP=J^E&Q)&rsW7-0$fl+Vx~k;y&HoLLsReI~lmvs$-(j!C6Jo
zLPOFvGijo)tZv6f<0<CMbK^*M29hnCgL2#7_b)D!Lal`f_w_&9<UiYv*fLbqHhXc-
z%0^0-USccFbC;``soJ&^(}h~O%cYKW<T|y~4z(EJX~kwE=0r=Dj2>*R0qSyBCQY*j
z>ok!o^gF3Y27XL$cVP`kjV;;wb^OG-Xuz$-_QpSQQ|@z8U9g?YOf>YR`btXUr5>{3
z<MmI-f^=p2stm<4H7ord`j!Tb^pve?sTj&UBmSD5!e!Hv>oEV?Nkhg^!KuiYp~7~|
z92J@DuNf)|W>NQ*I&xOxA}UK-Tsk$WJ=+tL!6kFfS4@s(0=nExGGk2qPwFz}uUuDS
zPLw!xmA|I3DAe>MnWaGknYm0&-1%9XCtLZ5VS!6ghh_1<7-abn^QM1)u#Nuy`d>@G
zKNZ6p-xfchko4K2R3v>F_cYbo?2nhJ-j~aC#FZEG-TBzd<57TNlH9<=+P2Ut&~{D(
z>qa~lHLaCY-t2Qqpodm!l85EDau3<ha_=8fkWYk~O(#iF(aByr*)LParb|Q9pf0V<
zf(AA+uNe5wGAN)?Q=6cg@Sxxx<12z|_9TZS9!?IGl?H{4xLgq?yB#!KR-Qa!ccsm!
z7msX4UwW22`rEsT(UNT3m>TKm7)P#`rewzj@A&)Tvl8U8W6E414X))kwNkE1V;8<H
zwj}Q2nyLy-?t_w|mYx)*F4m0=-?XeVShJ<3Sb?Ud&Poj==6$HwZ^^L8@dcQ~p{9^)
zvuay%SO#^;NM4)s5W^sk3yj~Ej8vLpna3?<zROt5PjY7bteRX?ZYj0lrgq~t;q;VP
zx6Dx2lw17%8Sde7Be}V}#qSyFMtrps!<xjvBUjVZ2<BJ}4Crcp@;Y1+N%GL)$}o^h
z_8QXg-(#d)ZYEb&(o@#v5~*?thcbT2lq}?y{O8Gm5ZEAiz*3Q1RGLWb<+jo^hD;3}
zitcb9Y$@)2e8|;R6>`Z@QnzZX+(-=n{9jK)OK#28la!kC16&}bmTaG%s=bvMmv|r)
zhnsL~r!CoraU2aLP3A)JpInQ>RVc)YR%xuln*BW{H?fh)Co0Y5vISZ*y7G|2WGE>>
zH9(2OD=;-GSXum}xpGeiu<nwH(g==9AqE>|$&81pb@JK<+LD91nWn2!BUZ1R2b@}R
zFQ)0s<yt&E+Hu=A;SzB44OVy^N#}Qls%R+9<Z_6k7Oc^i=_yHCdbTWQaE1TAw=|So
z<la&(E=8pjufhaGMnM@{hKh1M4ll8T<0{DHJ(W6WHddZ3x$D+v{VJ3iizfn{szP#8
zvggnmZQ16VYVfEj4HFOS+yZhbkq7Wv+@4BOT@E5q%wY;79@_hGpWw&juQ&z+Ba*x?
zqm?8N7i*vIgeh^yQDJoAkQDr!6wCQ2OV)~dsvMX?;-CaduH3+E;rwiG<KNrAe3p2e
z;TD#pPU0*WG&JQ+e;>nvfl61#{2`7$A+^)zUchzX=fr6%%UtCq9Be^Pu4bvcR!Qce
z?4~a1NX9CXE~oylktIn-Cbdx(hjSRqF;QfaWncvF6ejT~m}FS48ewj&ZfupLo@0MZ
zgXf`!o~eO`jWWxPWZwc!Y<^jr%9N8$+2+k6v?}T(nO2y4jtjEjxuXTo9W8k7Xxpef
zsIIKa#-Y)hActjd_B;Hy=Yqv-W|t&;HMylqpyVXhIpY#nU0lt7o(*c$mpS}-uA(gC
zxrprdGY8LOp8t2x7dTeQpJxo#9GT=lo-@c?4J;#vbLVLF=P_S}18#`N?w&GcSBcS5
z)-#aD+A06-ah3yoDE+>7G1ZbM5uX27j{yqFh-0&~mHGTVI*Y?REmF3YtyT#XW3r4f
z*-Fbg(CT%ABxk2a)(ys|mN$^62fA2(3v`wJw07U}E71LiRN*cuY&`6>D?BoFf?6~*
zO>WW1JgCz<%jB+}O@n&YgeUjvG2W&(<8W`rVgInp$^Nq2HhpB}6@7PC2KBFgWHXR)
zc%ZfH)xa8Q{vZySrzZPnjP0b^NQ|uvp<-jP`)h1v95ZD|<~CGuR%)&8WGY$zdvq0}
zA$MnSZ<iGRN8_v5ycu7W6pXK}_+2f2v)=!7j1>>>9I}P&LyWWkbuMD8<<{n2r7rbi
zywy?<X1vw>|1jGAKgU|0U~qa<|F<J;BQegh-Ttpe+4cV#V@o_`Qn8IpX(gklOm&pl
zk`>nSo^qy?a@qgqBc!9`{m=N=@L!{&6XWVDvDz3FWqNvgGEU|9*!O=h>ZwU>{$EEt
zZUkNy>HKTdW395;id8PjUvTUG@5jCm-17fFjDFHzqaS0RaxX^3-y<Gl2Zt}>pf>;O
zQ7=?V;!sA6c^qVEteWiico)bszTq0ylBZs|G|JFg^_6jwY6r7&)d|++YJv9U8q*xD
zHGecn(o}0yt{K<ZTFW}MT&q!fpiWI@xsKkiKs_}nS+7D~p*KK1S^uk+jbWfpg>g@#
zAd{ZP6=vn8LA86D+tlf4m0U+=A7maFUSS?F&c@={6&uToWkHsn6*g8il|fcDkCLrU
zJ*%*qSZ!l1dy{Nk^R2?>>o+&sMv56cK5|$eMU<jMAyZ6KD65X)-)RcD>NxGm3U##+
zijit+hGP|he653#jQP|uBbm}`g(^?pWr_&R9ekFf=*RD?D!4zXswzsFa2TQ1-Hm0I
z+(RTY4IK`mv`k^CF6mk;9Cc-i!wQ+|Muh|CXUy-(#D6YYE%fEGI`+yIY(-HjXB9Ga
zGc`wzF1#X5lJh#p)l;LX+)}BF%1Cun_4;Zu)kX@L)fR=5@&vUg%LqklMXW;2=-cnh
zFH;Ox4A+tw1}J0}55=Wb46h{{FZ+E7IlPdGj0v`5%w%rA&sQPSh)~E{iOry^3y)sf
zd{uUg=ceU2jtUf^5~AcJibN;y2%<D2iYX;{f>U@3QJ#7RQNpRhSv<!%h~mq6RO13(
zLX>-6p%kxi2|P^7F5?ZZ;4MUH=pC*>6s)e}18(3WL<#9LZs7}V<16mq8}33Bf$rf4
zM9JwVxRrSN#cM|JjGw`QXXxNKY&@KcgUWGuDkz`{Eoegry5O~gOdkd?gb`}N7$z`<
z8ET^r%wYjbu**hf4I9|P4)&-E2RNc0>ca`_Qjj%(3tYi-L0KcnctCU`o1iJ0!5toG
zftF~6)@XyaXa`TUhZnrz17CDNM|47GbU{~iLwEE*PcSyfdcz-m&=>vC9|JHDgD@CF
z5CEQC%Z4EkK?p_&LJ@}H7=e)(g>djfMK%UwF%IJ~0TVF^lQ9KTF%8o(1HV`^Gs#()
zjX9W$c~}5{xlFc@T!ct0Mij(Bm7>WdSc-luFC+Vt%gGgp!9A?PK)xPJ4klNVaae;u
zme-OYWCF=!k8B+|l3Y)2z-EkRIgy-1ZY8IZNn|p%VLMW=1F4AM`)Oo4GO&o{EOHli
zV+qT9$i3KyWi0O}my-v`Y#c-mauLVZ^T<Ouj6$412~PgWQ{)+({*!0P^Eme>FOU~e
zic7eRE4YelxQ-hr!%f`6ZQQ|K+{XiyqXLz9h(~ygCwPiysKRr+Ks8?C6<*^F-r?<^
zd{2JBN5tb3j^Z=E;48l2JAU9NenG}M;rYIdSHd!$#mbby;qGLr;4o+6kZ&Bej&T8+
z(1JE}pbI@Ps>=*u2qV;jF-%|zGt@>Mn8N~=u!1$Va5-#AJJ_Qx9N>t0s1GMNqXAsN
z?loCMG(uyzp$S?dtO4Ty*&1!Ik<)KW4(IFbNiTRKg0K6KOW}(Z=zxys1V3~}7j#88
zbVm<N;JNffOu}SL!*tBYJ47K1ORx(|u^Y><2P<$MF}Q$LxQNx*hdAuV8XN$xz+~Bo
z$3Y|@2kVfF^~l2p9KuHAV-pIn8HbUGLTteiY{gL|;TV!}9NSTh6r8{goJ1;0kcLx8
z$7y8X40hryGI0*2D8o(M!fo8aUEITcJU}@rP>F|lgvWS-rx3@EtHN`<Ks8?C6<*^#
z#P$D#&-jA3_=<1%f!X+pIrxRS;5nSECwRRp>jgP_gF_k0{2`9U)CU|1QPvk6AXC;4
z9AHz{9~=-+HUQ%IjRT>;AZTJRv@itP2!IZTLKnlJhepsxV;H~<hG+sKG({~mgE8D;
z0uPv?In2-kwb2rF&<f^g4GZv$Rc48{utGan!xJ`W4_kP_4&Jbb59-1f4(I?!bVNOL
zLVftb37z4LE@*(Ra6vb?qB|O*2Lcg<V1ytPVHl1P7>Q8`$7qbfSd7DXOu$4;!emUr
zR7}Hk%)m^{!fedJT+G9KL|_4yVL4V{C1S7&u~>~btif8uBLVBM9viR`o3I&)*n+J{
zLNc~tJ5sO%sYpXQGO!bw$ign{#vbg&KJ3Q<WaA)mkc&JVLOu#`7=<{3qd10A97hp~
zaRMh%f>St+GdPQLIFAdsh)cMPE4YelxQ-hr!%f`6ZQQ|K+{1l5KshQ<iHCTE$9RIL
zc!nxG#|u>BC0^k*YVZbc@ec3t0Uz-RpYa7>@eSYc13&Q#GIm3=zf8uf6&c5v<@lt0
z393+oIAW>>6wm~FXJp#YfiCo*4+9v&2(@4g6PUsbwNVG=uz)43U=17C!VdPR3kNu&
z9_qsh&S(G^xS}B%BM5E?MiYdfDMHZ<VQ|NAcwhvYV<cK&6j~x2tuPv`F$Qfg7Hu&O
z?Jypmn1J?}2ro>6HzvaeQ{aoK=zwYHi0SBr8SukQbjB=n!EAKJ9CX86bjLjOz<l&X
z1bSfsdSfB{u?T$-iN08jeu#qD?<jL&n<FK18!0EZlS*U?sZ8!5RmfCQl}sbm$aGSj
z%pf($ouq=yBsIw_Qj6S0YLmN39dZw;OYSB0$bF<fxt}y350HjrHfcm2Bx{j5q%oOG
znvi*<DS3!ABlF4HWC2-+JWQICg`@>}gtR1&l2+s~(waO@+K@%0Em=(3ktaxd@+4W8
zJViQ^7f2T}$&lMUll4bVB)5^1$nE50GKHK%?jWa<spK>=jhs%VlQYN+awfTxoJD4m
zv&k%S4!Mh*OYSD;k$cGb<X$p@+(#}T_md0B1LPtyn~Wq6l8eb4GK$P4qscsS33-TI
zO6HTx$O3XXd6-;57LqH;BV-JDlw3s~BV)<q<Z7~rj3bN5HRK6$EqRiRCrii#@)Ws_
zJWZ}A&yX9)v*bqd9Jz@+Pi`hJkcs3)atm2XZY3{~N#tcRnY==7Bd?O%$!lZ^d7a!r
z-XK%SGBS<4Nv4yx$PDr}xs$v@W|DWwEb<<?i@Z<nCLfS{$Z~QoSwZe2E6M%jL-GLm
zh|DG*lLyHsWDfb1%q5?Zd1MuNh<r}wlP|~uvYI?hz9b9DSL6}$HF=b*AwS~{zThps
z;vK%>J-*`uejwJIb;f;nHF=qgBd?Ha$gAX9@){XWUMCaC8{|5&j9gFNBsY+^$c^M}
zaua!n+)Umj6Ulqz7V<v1m3%-Zk>zAESwU_iE6MHTLo$VYMD8FTld0qrGL3vnrjyUe
z46=&cNj@ht$rof6SxxRDUy{4YSL7b@HMy6pA@`AQ$o=G7@&Ngc%qHKH2gwg)4*8MH
zB|njQ<Y)2_`Gw3UzmkRI5Aq24lRQfPBH7<3lOTr@l%WDus6ibXP(Tw}(1s3lp$B~!
zzz{~L1!I`N6lSQ6IxvR?EMWy}*uWNcut!}uz!CLOA5L&a1GvBy4bcdV;f5w?ie_+!
z2b!Y=TA~$NqYc`k9X!z<Uhswwe9-|N(FuO&j4tSkZs?94=!stF4S)1OU-UzN48TAP
z!e9(R0ES{10uh8@gdh}Q7>*GbiBSm0XpF&FjKg?Lz(h>KWK6+SOv7}{z)Z}-Y|O!2
z%)@*{U;!3l5hAe|QHaJ8EX6V`#|o@O3|1i)s}YAaSc`aU!2|AINn|p%VLMW=1F1+u
zIx?^mnaIK}?8YAK#XjuE0c7JKa*&HW96~+{a2SO+f}=Qw<0wKgPT(X;a0;h!24`^&
z=WziSQHo2rj4QZ`Yq*XZD8o(M!fo8aUEITcJU}@rP>F|lgvWS-r+9`cJjV-E<0W3<
zHEQq%Z}ATA@c|$437_!=U-1p!@dH2c3+h(f2+)881?13#611QUZKyy8s?dcROrZxe
z=%Y3aPzQ!EhY>7L3-w@)`mli$Y~c($G=M!^P#3OnKtnj9IU1n_8lxrL&<ah^8cop#
z&CnL^Xa^5;f+zgY9-ZNZF7QTI_@EnnF%Z2l82$)AUkpQkj6@(tAqe3J#%P3K3_>v$
zVHk(u7>^NHf(R_d0xZKqEXN|OKqOXTF=7yfRfxuV#9{+hV<Y0Q32U$!Ymta}Y(WCH
zVja?vgbXBOC$=FI+mVG7?7|N0Mk@9o4SCp$L)eFWOh5r9;xG>2G$!E;CgUuo;2fsn
zJc@A>mv9T0aU0Wc2h;Hk<)}gho?{kXU^c4p7@si%UoaD2F$do;7vJ#?4mMmS_6s?Y
zquCUk$;YG{*&TtHfFMjnFeV`clM#w32*Xqi$25$<bd1CdjKWNWV-`kZHpXBM#$qnU
zVIIa~J{BPoIrgj<<l-{&a0Q2O75TV^0$j&o+(049a0EAT6t{2;w{aYIP=vcE#yy<C
zeVoJtl%O1^P=V8^#2GxqSv<lyJjQuE!38|UMLa_(svu+EY$Hf$3_0AOgeFi%Q>dUB
zRN)Ract9P^p@9}qpd~cX3R-9lZM1<7+CmrYpa)Orqdn-!$-H0)Zy3P`wcrb5bbtvu
z!W5lg20zqBXVgI#n4>E!&<&R84lDG4HG0AZy<m&pu!BGB(Fb+W7Y^tLNAyQM3_yJh
zgcAnA8H3RPL*Rk{xMC<8Vi*DugkX$j|8@vD*Mj@ANR~&CBQXl$7>zL)i(Y(x966C3
zPtrM%O(1)dlgP=KifNdKc6@z4=}AVA3$PH25Q)WzLNu0ODVAY5R$wJ!unMtQjX12q
zTErs(>#!ahuo0WE8Hw0}tw=&LwqZL`umh<`Lpn0B6Pd`uF6_o0?8QFp#{p#HAaan4
zJRCwk3UC;OID(@%hT|wgF;3tlN^lCNaRz5`4(D+J7g35!xQr{fifg!z8z{p~+`?_#
z!Cl<LeLO%pDo}}sc!6rX#4EhTJ9wtDUBC<8@PRKnpd&iL51r8kUC|BQ(E~lv3%%iw
zKIn^n=#K#yh(Q>PAqc=w3_~D-5R4FnA`HVZ0wXaB;TVlE7>fujz(OoSBo-qI(O80|
zScc_Tft85CD#T(n;;;s55sw6{!+LDMMr?v@8rv-FQ5OzyL_O4p6P(ciE^tLdxS<J}
zq8Z%bf#zs|mS~06XoI$B2T!zz7rfyEUvxl6bb=o`qYJvC8@i(hdZHJ4!ykRn7yZy5
z127PSFc?D+fT0+MKm;KeAqYhnhGPUqVidwL8e=dP<1ijGF$=RX2Xir#ac3Sm9}!r9
zg;<10EJhTfu^cO~5@C!dvE*vRVGR<n4(qW28?gzSk%%qWiX<ds8@3|_JCKSrq$2}6
zF`V<sB!`e$WDvQF97FCV!^yqm7IGgMP3|WX$pfT6`#G}7gUCTH@^A?GD8OM9;s}o7
z7>=U|#W;brIEjUvZV4H~dOJm)#u=Q&C0xc0l;I|B;R8Ox<`?%L*uo2T@P<8nP#3;%
zKnFOYBkG|O>cbCC=nQ9cK?8J!3%bD--O&&|&<H)z7`@<z-e>}UG({gYLtnU~A3V?>
z%`pHiFc2*<2r^}f_oS#Kfw>_v`k=fgMb#P3;BS2Ko|O2*Z4&QEQ7eWkC@S-w6o2mx
zjlds?<NY{^_wyv)kCS*mPvZSJiTCp)-j9=bKTqQQIEnZ3B;Jps!4D7Up*i%?0tRRa
zL$rbsTB8=)z!+`8tOnkXlXyQ*;{7;@_wyv)kCS*mPvZSJiTCp)-j9=bKTqQQIEnZ3
zB;Jps(2owVLPuDm6KvoITXcpUy1*V?Q5W6dfbMWa5A4NF?87bW$88+I9c1G!4&oki
za38sNfIO7r5Gs(5N)+HB4&xCD@fb(&1V`}{$M6itQH3HrM=@UD1gdcoFHwS5IEB|Z
zjT)T68=S>koWnbu$9r7B2VBHQl;RUE;WIAd3$EZRuHqXes7SJPn27b5gbkRCjbPr5
zY!jwpGo~RC)3F6JuoW|rgjq<&9Bjv2q+lL)U_Me2fix^YIu;@Wi?9=s$i!k~Aqu+?
zjony+Jy?ppScZLAfdg2HY{cLoRv`zm$i-^pAr6PI76pjMVMJ(g+hGBYV<C#L2*rrR
z2`t7*M4<%HIE5uRjioq)WjKrFIENKDkCnK97+l0Elp+?Fuo{;Uhbvfvt5}O`h{ts#
z;0D&A4C`?d8*mF7aT}X(2b*yhiMWR?xR0%PfFzV785P)uN^HkNq~H;D;4xD11ZjAR
zbUZ@_s<0E!k%<?`LN#{bC3fQ#_TV-4q6Yi$2K(_ANv7N`NXBt&LlL&47%4b`9XN?p
zlpqbKkdD*Hz!~hsS!CiIvTz=|Z~?n<5qnUIy|{#ZxQzX{f&;jUY+S=ZTt^OWAQxrG
z!%ZB*E#%`i3UCL9aTkTSha<R;qj&)3sLBG-9zpOzFuV~0AB4geVd#M2=!g;Mgpu&W
zD0D_Rx?nWAVhp-rEV^SHdSE<yVgh<$B6?#I{4p7QFa>=v75y*`{V^Q_FarZI6N4}d
zgE1RJFb4sci=mi@VVDn5BC~}AJIG-VCDes79H0V6sG=U!P#@}Wf(D$SKm%yP1zK>0
zHX1?)ji8Ih(1RQF(F6u)3PUu55!_J=9xz68n4kqr(Gq58h1zJ1I%orPw1oxQ!4jUZ
zLVH-l3pVhEIB1~gLOmdP_AD#s-(#r2aa5uR4^fOqI03N_=p>$?1W$1aq5~|tz@h^z
zy1=3XEV{ria1PZtkC(Ur(E%1+V9@~<UEmsAg6IH?F0kkTi!SgxT!rWWi!QL}0E;fL
z=m3i@u;>7bF0kkTi!QL}0E;fL=m3i@@ORvW=m6itPuz!iiZp|}g#;OtAO}OZjE6Uw
z8dRYHb!b8XZ7`ht?gHzO`p|<R3{VS3Fo7}5z~=Y63tXGDfH|yS2^(0$4z{QZdpN=Y
z^-&MbaDodOpdnn*7=B!ZCZrphp(#Azj+SVF)@X&cXai5QgBRMv2j1uaUvxr8_<?)U
z?@n-MKJSLE=z;F&g`V(7Z}deU^hZAo!~hJ&AOv6thG8gz5Qq>2BMhM!f#Dd1kr<6|
zjKvs?huEwqVge>(5~gAbrehjrVJ7BaHs)b2=EI-$7D0**<RWq*79$c%5RDaBjySAF
zJU(Ir)?*_?w{i<<O(v5`*p6-3ffS@84ZDzqz1V|n96$~Z;t=vsh{HIFPdJGaDEX78
z$x}G<C(n^*asE$UBro6+N^u33aSc~-1J`jAWw?!7xQjcuhZsD-eN><v4^fH7c!Z~T
zf+{@23p~e5RO2;Xp$2m9M{mhDc=snikniyYpYaV}@dMxS3qK*TZaD#&=;q2Hy1AmG
zs|HnwZm#I)if*px=!$Nx7DP8!baX{GS9EkmH&=9YMK@P;bVWB;baX{GS9EkmH&=9Y
zEg(9&qMIu^x}uY73(?6H-CRdFKy-3NH&=9WMK@P;avMN&az!^+baF*ES9EekH&=9V
zMJHG6`xE;BJxQ?-(2H!3j_3f<xfR`8(YY1fThX}{-CNPQ72R90Z&B=H6#E><l42jD
z*w^S!E?|9$PJ0w7y6j6y(PdvoithR<axfW7ir4PqHGCkshUFkqyp|6k*Rm}3C5U|r
z!%6X)e<Zn%ua6=VNbwq9yw(@{N`pCn@!DVP0~k+k=KEq_=s3PUiA-c!blta-VqdD*
zry4<~vb>NKui+Pw87xPWVxPehayQFMNzqYWCce({a&kYpg7ifka#<Gp7Q{XVvCl#5
zd+_BkPIQ4qM_F{0MMqh5m8U~=l|>g;bYevpR&-)T7gls)W1%GT{M}uS;&ahm79D2M
zU0w>&T^1eYy-?=oL|0jKmPJ=N4x+0pI?JM~EIP}gt1LRpqN^-A%c85i4x+2O9-^x(
zE~n@!Z$tq$;V{JGbRiNUy2@K1y2@K|3`r1O<zy7$@6NJF(ODMVWzkvQ0nu4bh3G7&
zL3EbWA>QlBfaommgy<}b?y~4+i;lMFW{Zxt=w^$K_9ckxc^TsJUxzr|8xWVL45IUV
z3pa5GqVs$YckuxCA-c}x5M5`{c@|w~(RmhK=O?Iw=sb(Av*<jFuCwSoi>|ZiJl8<1
zuQw3a|1G}Y9p>W$#CrdXPxywfXr#<|fX2{=8w}6{hG+^SG(#=8!x$bgL35a*1<cSA
zwb2T7&>H4w0}Hf;CECFXp0GxH*uV?6@P-|HU=Lr^MF%*bBOK8Q_27s4=nN-xfit?I
z0lL8j-QkKJXo#NRj{CdoEs?z;hd-3i2g>LR74(BD`a=x^ppJpiz#u3v7@8OYEd)Rt
zL!pCV&_xge5rSZZArvDp9HTH2qY;j=7=!T`hl!Yg$(V$xn1bn;hMAaw*_eg7n1lJ4
zhXshhaxBA2tiUS7U^QZ~262eTTC76?HefwAVIvZ;8C$Uh$w<O>Y{L$uAPuR=Ksqw9
z6T6UwJ=l$X*oy<$kAuiYE^=@Pc_=_W3UL@maRfy;juR+G2~OfPPT?%h;5^RZA}*j5
z$8Z^!a1~c@9oJBX8@Pp=xP#lchr4)y`=~%U9-<PD@d!`x1XXy37kG}BsK#r&!W-1!
z9p2&t-s2NK;tM|G8@}QPzT+2uLZSmJgA(LWfil#f3ej~IooCT?7M*9&brzjx(RCJ`
zXVG;QooCT?7M*9&brzjx(RCJ`XVG;QooCT?7M*9&brzjx(RCJ`XB$|<4z{QZdpN=Y
zqU$U=&!X!rI?tl(EIQAk>nu9YK@gqiV2I9h2t?;O6r%GS2GMyQ4$*lY0nvFDU1!mG
z7F}o2c@|w~(RmhKXVG~UU1!mG7F}o2c@|w~(RmhKXVG~UU1v{-u5){cuCo_J*V!AQ
z>+A#3b@qkmI(LBRI(LNVI*ZP;=sJtev*<dD&a>z`i_Wv?I*ZP;=sJtev*<dD&a>z`
zi_UWdMCW+{MCW-SMCW-CMCUmYqVv2MqVpUD(Rq%B3Xj9011Y+Yq5~<qkfH-Ax{#s+
zDY}rN11Y+Yq5~<qkfH-Ax{#s+DY}rN11Y+Yq5~<qkfH-Ax{#s+DY}rN11Y+Yq5~<q
zkfH-Ax{#s+DY}rN11Y+Yq5~<qkfH-Ax{#s+DY}rN11Y+Yq5~<qkfH-Ax{#s+DY}rN
z11Y+Yq5~<qkfH-Ax{#s+DY}rN11Y+Yq5~<qkfH-Ax{#s+DY}rN11Y+Yq5~<qkfH-A
zx{#s+DY}rN11Y+Yq5~<qkpF|cGY^cbD#LzSpkUc#l|^A%piN7&r)e5!Ax)DukR~PR
z!k$iMCdssunJ`Pzu*trIfC{q6z6pwKvXp(1r6M9Kt0ELdL_`EdrAWTtbM84ax6`E5
zF5e&D7x?u(_uPBW-OfGh^WKpLQd&r9Af<(r22xr`X&|MAlm=2-NNFIYg_H(TT1aUi
zrG=D6Ra#YPRHapwMpar>X;h_El}1%sRcTbERXvG)w&(pk8M`C)6zm?@Q?X;Pr(wrp
zPq+3A>_nE&#CBlM!fI|+b7Pt#)7*TBcBJNfH1{(C?N$M70wZBF*c3L0QScSm0=9(F
zur+K2+rl=m9efpbfbC%?*b%-4JHxK93+xWN!8hRRuqW&RV;}%~!C2S__J;8=4kkb$
z><bg22qr-Z6hj%5LIsq=WT=EGPz6(=8uo)4m<Id90WckE;XtT^8Bh;1VHPw%Bg}?_
z;UJg;P0#|(a0twWHfV+UFb@{O0yqo~g(Ki_I0}x0b~qY>un0oX0TBp87j!}tx?u?{
zh8~DP0^)EC^g;@fkbyMxLmv#lQaBEdg%jX-_$HhPC&Ni_Dx3nR!)b6PoB?OUS#U0#
z1Lwne@GZCiE`kf;+i)>_7rq0Rz$nU>OR<|{zlYrddl~jC*vqk_u~%Sq{nx@Za6McH
zH^L2YGu#9}fLq`;xD|c`KZGB{?QkdD0e8b)@DsQP?t^>b0k|I?gk|tBJOq!zBk(vp
z22a8h@KbmSo`I*~Id~R+2Fu~+@I3qiUVvZ1i|{LW34Q~=hF9Qacnw~KH{f;n9sCx4
z4{yTT@D{uSE8vgt2lx}b3x9_9;4kn#{1rZczrly_clZcCfsf&z@DKPGd<y@8f5S@n
z4E_tB!ytSC1$***U<7;xM#5;=1h#}tVJp}SwuVu#4QvkE!dGDz*ba7u?O`|A0d|KS
z;p?yyd;<bd2xDLZjD?A?7wijr!z9=TieMZR!+0oxQmBS9m<r`k0~N3zRKor+8KyxM
zNW(b=4uAt;Hq=5R%z%TS4i1Ky&;<1`2j;?-<kv&6he0cB#c~_=2$%<3vpgSr6fA&k
zSYC*2hegm0L5M;JEQSy)fiT1%0zJ?Pap-~s^ujVY1|EbYJPRp!4$`n3GVn9#gV&)S
z-T-MB{|(YG{s)eQ_u)AB3rN%W8Jqws;Uw6W^FJB;RqQF)?Xag}x5u7_-2r<#c1P?P
z*qyLvVt2-#h5Z`#Z0s)BbFjN&&&BSBJrBD(_I&Kuu@_*!f&CVC5A225J+T*I1K5kP
zW3b=Gj>UclyBGGm*uAlrVE4gZiXDgj9(FwTGHfCCa_j``71)W`E3x}xzmJ`Sm7cW-
zdo{KgdkwY(do8vUdmXk6dp))sdjqxtdn2|IdlPmt_GWAq_7?0E><_Tj*juqvvA1Ds
zus_7^hy4+Df9&npY1kiQr(^HH-Vb-e18^4{K>Xd<1NrYBY%TU)><sLE*gEV(*qPWz
zuo@qE0$b1Wlh_9AQ`lM9r?IoK&tMy|&tnh5zKDGlehII^OK>ppzrr?QU&hYCzJhJW
zzJ+}c-iANJ3TPqz9qe4}AFzjD|A_qn-i20{|AcMBevF-m{RBH7`w#2_?5Eg;*neRU
z#eR-G4BI@0`wzXa2#$duB%uRR5P~#>Ap;TUgHGs&E?5fPFaS|F78b*Cump~W7@Pn-
za3aLvn~;Fh;8b{VZ|WELCEN!u!Ts<ncmRG4%iuTgAiN9@!7K1Eyb6!NYw#$%4v)bb
z@HqSyo`B!Mlkg@y1;2-%!dvh(ybaI53V0UYf#={4upIsfKZAGSdH56j9NvQ$;Lq?2
zD5Y)43t_ahBe3N#5-MO5sDw>nGHeD_Fbbx?=1>h=z*P7O)WB%i54ME;VJnyhTf=nN
z1`dF2;XwE*)WUW!1Ga}c*a2q3j!+LfK?Cdzv*2qm8+L(4*cA?f-QZx@9h%_lFbBQ?
z&9Dcwz@9J{0&ob7fmRp`ZLk;2gS}xs>;ns694v(Ka3~bQVK4y>hly|m><dT2BsdC+
z;Akj@b|`@$EP@E=n-rbc>DX>;7c7P-#9#@eAPIetfs^4RI2BHT)8RBY6V8CM;Vd{8
z&VlpcJopw|02jf9@NKvlz6;-hOW_i@488|fz~%6LxDu|0tKeF=2Cj$e;6}IsZibuS
z2XG7A2DieG;D_*IxE=0<JK%1(3w{Fkz<qEpJOKB@gRl%9hKJx$cmy7Y$KXkL0)7fl
z!87nQJO|Ih&tN(H9G-_?zzgt8coBXDFTro%*YFCw46nhf@CLjNzk}bx@8L~&8{UF<
zU<G^te}NC-ukZ<c4DvO;hCZQujjzSZ*Z4ZDe2wLEEMH^!9Lv{OKF9Jkmd~+#jc>-v
z*H}Ks@->#vv3!l?b1YwD`5epFSU$({HI~n@e2wLEEMH^!9Lv}E4y=5Q@5IX2_%5t`
zjqk?F*Z3Z+e2ssCm9O!=Sos>?hn27K{aE=LKY*35@iMG@jpcJJUt{?k%h&i}tbC0h
z!OGY8QLKE8AH&Mm_;IX!ji12E*H}Ks@->#vv3!l?b1YxuXRz`$md~*?#nKi_Q!H(9
zJ<J4Yilr@<rdZlyX^PeVm8MwQVrhz{EtaNO+G1&nr7f1GSlVJ~ilr@<rdZlyX^N#S
zmZn(RVrhz{EtaNO+G1&nr7ey?7^Eqdwpf~CX^W*PmbO@$Vrh$|DVDZanqp~-PlwY$
znqp~-r74!SSejyKi=`=+wpf~CX^W*PmbO@$Vrh$|DVDZanqp~-r74!SSejyKi}#|B
zKNj|Zy<t3zg9%Uw`@%#hf=M7vaWP0!Tn^F{OIthzs$eQq!+uZ$(_nu%0H#AN90+wV
z1L|QW%z_4JgxPQ~90YTq38X1*hC^U3NK@Pj(iBTuybu<^VQ?rM0f)m;a3r+D(GY}1
z5P}YfKp4896Qa-!OJFhdKn$cQj>EAq0LQ~|@J%=oPKJ}<R5%4rhtuFpI0MdubKxSm
z5Tqf#7^Jm*3ND39;4=6gTmhHE_u)#o8m@wC;TpIeu7exl2Dlk+f*-&wAPw+6a39<Y
z55WEKAS{E2;URbw9)ZW<F?bT5fM?+uSPsvDw7$~(z5*}9Yw#+33ex;adn^sIeEj9>
zFCTyT`pd`vI&2CnUw`@d%hz8%{_^#gkH38V<>N13fBE>!*Iz#V^7WUGzkL1W<1b%-
z`S{D%Uq1fw^_P#oeEsF)FJFK8_{-N{KK}Ccmyf@E{pI5?Uw`@d%hz8%{_^#gkH38V
z<>N13fBE>!*Iz#V^7WUGzkL1W<1b%-`S{D%Uq1fw^_P#oeEsF)FJFK8_{-N{KK}Cc
zmyiDw*l%Oy>n|UF`TEPpU%vkG@t3c^eEj9>FCTyT`pd^(zW(y@m#@Ek{N?K}AAkA!
z%g0~7{_^pcufKf!<?AmWfBE{$$6vnw^6{6izkK}V>n|UF`TEPpU%vkG@t3c^eEj9>
zFCTyT`pd^(zW(y@m#@Ek{N?K}AAkA!%g0~7{_^pcufKf!<?AmWfBE{$$6vnw^6_7R
zy&EfEfBE>!*Iz#V^7WUGzkL1W<1b%-`S{D%Uq1fw^_P#oeEsF)FJFK8_{-N{KK}Cc
zmyf@E{pI5?Uw;Xe4yPY50(%5@B=$(`CfK8}n_`c~Zia2gj>0a&?tl$qcf@vJcfy9S
zJ7dGxuVEwD+Cl0hm;qy<4)%hXus77hKF|Q;U>1yr*-!|LFaZvNiEuFN3r#Qy=0FiN
zLou{K3Cx93I0VX|70RIvDqtQ|!hDzv3!n-X!W59Ey&9xxp9+UV4HRxVg2sfWX&-@|
z2qR%%*aRlQrceZ%K{1Si64)F{VGAe&Y1_+TG*rNrAWi#LAWi$$AWi!=AWi$WPz_&&
zsjwZ?!1k~o>;TfVOWQ6@yR_}nv`gDAO}n)12f{8;3%kM$*bVAncbEy%w%3ES?F}Gp
z`z(;QeKrI@n)Wep5R8R`VJ~Qcy<raQ1I;iFT3|f93U|P3a3{PDcflKQH%QYiZM!t>
z(zZ*}E^WIs?b5ct1^2_-@BplUW$+F>2!8-++y4mCw!aI~w*LvFZGR6Q18LeHhxg$L
z_zOG<AHY-aSNJJ>2v5V`;2HP`o`t`IwCx|ma`*&(2GX=Y57M;%9HeP~0i<dF1^gRc
zg#W-V;WKy%R>H49ns#a1rD>P8U7B`j+ofrjwq2TbY1^e~m$qG+c4^zCX_vNLns#a1
zuK{V>uLWt_rD>P8U7B`j+ofrjwq2TbY1^e~KMAC1KN+NHm$qG+c4^zCX_vNLns#a1
zrD>P8U7B`j+ofrjwq2TbY1^e~m$qG+c4^zCX_vNLns#a1rD>P8U7B`j+ofrjwq2Tb
zY1^e~m$qG+c4^zCX+H_1X+IgHX+H&?gi}G9_R~O`_R~R{_A@}5_A^16_On2m_On5n
z_H#g*_H#j+_VYlR_VYoS_6tCo_HThS?H7VH?H7SG?H7YI?b5bO(=KhhH0{#1OVciG
zyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6woB7~4M@{|ElAUT
z9lQhAgEZ|ofHdtlf;8<nfi&$mgEZ~8fHdtt0BPE91!>xE18LfS2-39w2&8Gh9i(ah
zF-X&X2T0R?CrHzN7f91CZM!t>(zZ*}E^WIs?bm}e?b5bO(=KhhH0{#1OVciGyEN_6
zwoB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs
z?b5bO(=KhhH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciG
zyEN?wf;8>YwoB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6woB74ZM!t>
z(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO(=Khh
zH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVcj#r8Mo*woB74
zZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO
z(=KhhH0{#1OVciGyEN_6woB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6
zwoB74ZM!t>(zZ*}E^WIs?b5bO(=KhhH0{#1OVciGyEN_6wztuw68d{+B<&I}$XGCA
z2#g==Pvgj2zzC2g&V{9?kk&wdv!RT2`kM#ZMt=)ov<)BT3)d2UgyZQ?Y3^XR$%a{W
zVRu|@GXu8R(>o{a`xRe!v@g7+FT9m6ytOa9jW4{dFTAnSFZ3O2f-gML7v9$wp5zM`
z`NGA%aEULxvD5GN9V_Y!FZP9(_`)$?xW^Zc`@#udcw?u(%y%qlP?f*+cZM&lc;z+y
zxv;kLZ@=7^j<l&R9qC<NSn)0$7uGue_F6XYi`~z?Uy678x^1-V-oXN2SntTS;D3+Y
zzHWOhYmQH8=}-Dq7nVlVg%$7ibz!aZZ{NWFLVvRIsnDOoO(x`p-8xyfPUVft2>toP
z(n(1hr9XvLzPPZoSo)Lp$-j*>S^8@V4kR+(?<}^r_mq`aM=|A-tD>wMXSUG%qW9;P
z^Q|q83O2RdIXlWOZ;@y1p$oRM@muCuw|_|{l`M%RLcv%`D46U@lq4fv(NsD)P?Ac9
zN}};_WNC3I8RRD&i=&C6s?M@0;qvm1j$qm3($ccdl1RL-J(lR|iX@9li>r$(&0d{7
z>5`sAxHy^GD5*zd{GOyeKz}e9kH))d0#WZbD+4+iA_A%2NGLFV{G>p%E1pOyCYlZu
zrW1)kPcS|Z7+*3zHDUCst4D8)vyDYNxDT!K+vc@5wajX7n|D}KeeR~!)I{T)SE@Ua
ziG>64L^{wB3Gggpk#Hc`$z_`B!DzE+Fcv*F65joY%F>?QkEqZ;m6ZzVpUQHD^iO4(
zLi(q&N+JDIIawk7Q(2*q{;8azkp8Kx-f!}LggwJjxwlll-^REj${qd5sGcG8gc7kt
zvLv#UaJ)U*(;MS<1=HzBPj5PqP6U#XqD+c=l8C1=J=~R!Of(i|*Nv2I?TLB0*Zgp4
zJQ$l13@u3~gP}-UninC?xwf01C+%?YCCN-G9V(ezRbAQ{EUWH}1cTL6Ix9LmODjvO
zDymCMgOL#Ld#EB@*-_aMDIrrNgL=i%Ve`VI2I8TTp5C4iYf@>wHybR$U@{pT*q|x$
zDAL>lrMZ3&p)-@tBqOP!$kIqClTN4vsVFWlGj}B2os0y-?Y)VF^23I^9UG)rTGNSV
z;=RG-lJ=eq_lPsE*KgmNAGr;tQjugjnurHFgHhh^nn0+yE0Qjpuo3TKL`UZ=+9L6=
zIf>$Mq$AVS9_;8yM*7?Wzs2i<$zZ&TlHS`Ylxg?Me{V4w?@ZV=v1mNv3${~VxWz;$
z7gA<+iLH`yGT!B1m)o6Cd!n;570K?GUiBo>{P3_#(p^QrJ1y@Fvy0wY<`#8o{v~?~
z*{IxEWuwfQ`ImBM*PmFY3bQNP6N{45%d3k^O-@%nFR_=BOwA6ax&!H8M@-c~Z!i>1
z4+Ii@kz{8q(Z5c|>n6dDWTHRLG0Q65F@yaZrh@LyP@ATsJ&~gF;xe0fm@<+)M<o`}
znv|>EsM)+KE!`anM0yjU?z%*rOH1jUprp^FJFD%x(bCXR-`d*JI<tPp{8{r_YwPN5
zjX(v!mSm4W(AA8&G_zIzK#J-k&>u_%f-&9R0e|(mN=lSvoPko~Nvn~N?hd8{;Y1`A
zAD^bBkPdYRg7H9PDLGlIIYb~9>5IhLBIzd6>@lyE`6=rr#hb<Te4~3JJ)!O-cXYD7
zqeSq3NpCXJ>2LdNq{F296a8M5v3|w-mtRH~b!jphN=19rR*Xj?VX}P>RjFD*Jcn2$
zNVq)Ep<fi=NLRb+IdlifJJjmrGO}3@d3Ylomg+xZE{hAFQdv=6R$5YA)b;U<x<5|Z
zcjAP?@#FT{d#|x$ssnrO@r|z!e&>eoo^{O?Kl<I9XB_+9@>kw^@wd-Ec;DT3-g4Ko
zE1tak{@YJn`snwcxb@-duD#^(3(mgnjt6dD*8Ahf9=h_pZyk5~N#8!_;^gly{m-i(
ze(>LSUVryrXWsMoKY#j<Kb`x}Pgefrxu-sQ`Fr>N{3qYs{nx*G={JA)=?|_x^@q{9
z9gBj8{Nkc?>cUel8(4B$PyF~qYpn15V@~cr;l|97i`!<0j;d|B>95y6^T^x3{Mpm5
zz45~P|Gw&PgX{Shj_{PDsQ`VXK%z6yk;ufusdXysdT1se+n!h&4M!;MrWAW^395w{
zWl~8fkyOECJ3>s?5;_nbg8*Cui{LFl#Zhn}%!L=B6z+gt_z2Y9Itw(k^ehy@Ezk|`
z!7lJUI280rgKD@RmcqY5-LKPNCOidu!wnFIKfsRg9Z*;F*H8)fKpOr5>eihH>drn7
zli-ICgAV}Dih?WQNcb)64-did@HwbEc?!&cCtxgG2OY2iwug(M74+$ba<~hU@G*>r
zb3j9J%V8qi3X9==*bOd+!$F^LsDWj0EPMv)ww?hE@HC8ro1hckg`MFNSOEGoL>1f%
zeefx40~dgX1Ydw+xE<o~AxJfT6&ww3!gP29PJ}Ojf!2bPK|_6y!x*?0g77wM2N%I1
zpifwo!JTjn{2jgmXM=_oo`VVS1Bk+(VOO{eG_3d<Ooazv0R98&o}Ui&@Ke|aZiEQ@
z5q5&_!hFytGA6@MAOrt|t>Ju_13!l%_!0ELUqQnO--n~%cQ6eeh7;hwz=%n~sZa+`
z!d`Gagy0?60lp0y0{InGz}=97Pe8*7=fc78GuRhygC+16*d4BbBj63#4<3Z$U?pr0
zXTmIa2FAn9&;@^jufe6DA=+193fu?%@GsaFz6C9yPmYwpk0Akn14fbxu7-B_Jsbd!
z!Z%^id-YE`340(s1_8JR7QtKaRk#r5!i!J}cR(+E1Y5vaFdLqQLbwIG;XT*|z6XcG
zt56O1!&3M+Yzn8rOn3_Rh8rLZe}Em~J1`G^4V7>Yq~Ra16`Ti6@H|X{A3_X1fUm=q
za3uT|_J@byc=#Mf!YMEVo`A7%9dy77*d8v1R(J`@;VwwR$1obsfrDT<OoUruF}x4E
z!R2r`ybd+64334*U=*AI4e&IKgPWie-i4jv5?BB)LlxW$eefx40~bIuya2^;JH+8b
z*aNPDqv1`M4v)Zz@CA&3lc5$KhcR$11mSJi4laU2;FnMacfv97clZjN4UO;|On@Ii
z6#fjm!eww6yarR@0T_V)z-Dkd)Wc6<AGi@B@JHAQz6<l=H!vA~0vY%xYz^nb9QZjD
z!H=K^{tDlK@552>JD3I!!wK+T*aS|6I(QQHg6km!@4yc5ZD@mEK?U3mDfk4ogmd9w
z_!;aAx4{zl3+xV8z!C5U><16Raj+6LhcjUoJOkt5X6S-H!PnqYSO~Ac6u1xi;a{*V
zd<$CO7f=E}h6MZ#_JpgU9exi7z@zX@81$<B15d&p2#-Mku7O4H7JL;hgt_n{l)@d*
z3m?H2a2CvlXQ2>ofo^yYc7gA~q3|kH!~L)n{tcVLX)qI>g1zAe2*V#>NB9oRgI_}>
z+yiO&2W$oBK@&U=li-ICgAd^Aa3vfGzlHtbAvhjBhmmj!%z!6gEL;a2umZM+i=h=>
zf^xVElJGH%hI8N`SPm26R#*)0!)|an91gET4J?CW;WHQoXFvly4ddV@=!AD+XSf6w
zz{^kt_d*|h3fsU1&<rm?G29Mu_z?DhtKevO6Q;u>a3XvGBj9AHg~wqGTnj;X8@7Xs
z;1KvFl);^F4E!Cw0%t=bJO>lt2M~on!>(`{90sq!RCoXe;6Jb#oDTKyQ`iS?gb4f*
zc7pH1eE1DahMzzN{s~*d`7j554n^=I=z+h&H{knl6#NdR!NYI@{1-NXQ=tx?guUQ;
z2*EqB1AH6W;8#!qcS8z3fi2-&I2e8g`@(Io1pWfM!xeA@yaD^cgK!+Igw5ehm<7+k
zc(@t5;7{;1xD*z`D=-D_gMRoIYzyCl7Wf5}z>gsTe}g^YYG{Yw!vXLpd=mz}CjVn6
zVGo4IAOP3EB6thF3Kzm$co9nB4(NrCU<)`4X2Y{k2)95tya&6$_ux=?6{_KWSPK7!
zP2n_{2~WY^a07(l53nPA2j;=Ap%U(aH2ed$g7csWo`*^BLx{l#@O8Knj)dRB{_qeS
z51+$GI0a_F6EGI8gAP~$+r!1s3NJx9+yzPa7)HZ6a1bnqiEt|{hWBANxEv0L*P#ZM
z!LjfejDj<u0iK3&a1(UGyRb7{0t?_}sDgW;4?cx$-~wod7oZq!hd6u)d%#t2G`tDZ
z;So3yzJL*MGStH3Fb1xLAiNFR!9{Qg{1VFGPB;es4qt(@p%I>g3Gf4m!k=MRxC{=1
z*I+6<00ZzJ*bGjGdiW{q12;kh{s=q4cVRyK1}4K#AOrt|t>Ju_13!l%_!0ELU*Q|@
zeK-n!2h-qTI060(o4~112T#IYa6N?J9oPZB4Q=o%sDQg61)so{a4sASKZAYYHdq3G
zf!*N>I0D{){op}34pzeEa3;)xXJ9<s3|;Ui_!?Xa3*i-*0{1~b{0p{)Z$S(E0!rY=
zkbu9zo^Um^!|&k$coe<~gBxLNfw7C;OuD@z)7fc8-05I#N+)j=9i1)cERLqbv^AZU
z?dVv2jn2`Ybh!4VQ?*|~9bK#t-KtaRemzOoYb25%{U_t4u{ry1&7Ql`Ni8d=rHguU
z!Q%xZMw~oi#K;l+{`-hg{Pg@*BfdIfml1&xr6Ud;v8doA8bs?ico)y~w1;{#siLyt
zvI;wn!gzW{a~cdpCPF2tNUXCY)RjzRdfBiz)R}7UWi&4lZqIC(`I<yLq~V(NypUjb
zqKJW?U@96~;*AMan_+jx)|W&Wc<+sJjM}<DkQpe(d(BXEBG3_K5?M2n!B`-YOeT^w
z0W+5p2?sK9hLl6y-Vl8v9AV8;=9<&2ifK|a7@HL6Vj_3l_YWkJn(qt+(_TvJc?X!#
zk1XXmR@u>HdzK~4wXXl|%}-o|_!~aeP@<=oIWrPoeHKmmu-I-8E@rMc)oun>3n#3;
zZ77C{A=S>XZhJ5libe}3%#TMyJj6hMBFWscMjnI7XoQJ_WP~Rj>|?6VJn8=K2$K{{
zTx7f*ipcA+0295M!qnhpIGWOi;nfd1#!h{4U`=WdaAIy~I}wj)#8c^}dU-B^?nI1(
zyCHB!`$=)_Gm_iS3JA!{DJCr#Q&+NUpNwP(n!Sm}nH0%{G-sI#^hdZ(cbmrqI(4hK
z87{`ZvBVf_`|hlM%5COG_>PT)gA-vIM+y#2>SQl({SFk&UXK6d*L1W3-=9yS!1;tS
z8eujMG8yR!YT7gz=#QqEJtAlHMN_=eJm_O1$;ABZJu_EYX8tW-&v$&dQZC#X<fRD(
z<9ep4ZfYmZu$XBr<~f*E(OEIC)RT#&quh83v6&6E>v=NyWrCAQEZOh{Lo`mUyWx|S
zB4Hz>s)~eU>%7t|jJAc6nd&3N%oo$7h<m6)ddTHG6mQb2cmqF*6yk)`(B)_}us;*4
zDogFWbKwMYel_H3O`--GXR1_4P%UY~mXtzF<1XzEGG9kUx_-@#{4C>iAM2OuaBoH2
zycJ$CYc*GqV=`3rnp^f>3o{R_N?_HOB}u`@J?LLG+R3+=08R$FgMCb1nu%;x4d{mA
zDYRSMGQ9^ngemURL8hI}!6<#0>FiARB$x(EMS{stH>LJ^-q7JLJ=@IL@Y&ldYg`fO
zD<4$=QpI)*nDUPq{hEMkOii)U&e9#}B+pZ4paG~@-;!{(oD^LW>FeQY=cv>(g>AiR
z;ig1lNvl!2G*Y{mcv@|VGW}DosO(nFiS$BR2Q$3J!GJ$pt42iLdJ`8?3c2KGY=8-D
z@4`@urGrap$W|4XPcaQyrpQa&Tb*r*(mqXU2Hn%rP)}#qm?lU->w~meX=ui1u_z;k
zmiV@+Q*4`Fg_@d{-gqLA=%xLWzn5tQtlr@9N)e7wI3X}?THwg>2OK#*aQyMMbn(Sc
z943C>Bgd~rs>dBUz7IuYIFJaXd3WitbVQP_Jx84v;})<%1`$EN^6JR(r5t+yX{(&l
zxN)m2vi8XFQ-(bgbIZBHVsrG>53$-!SUSwbW`>EMKkT79GCjTR(aypn$Br9!<k$&C
zMZ+9Dw_Q;Y+kNR)C!WYwW2OzWogTh>puNMK^V}oHXEU1jZ04$&?B%fzruWq`8o!=J
z+i)*JcN8JB*8{WSrq!<`7!D&>rY)=dsD(@~4SAPoR2Qg<>!%siO?$Ujg;<h&AB@`q
z->Hn}&ub{EcDvCXCJ}^M+TXkrc1=+bd2%G+y9e1V0);)nCA9iY6|shHMI>%|6|SFR
zQw#->#L_B`n5v~uA~91>Nuor_YOW*Obs6SJCJkQ)#vN(M0>bu)d^cz#K15HWx%$KF
z2uu%@E}ha~3MYGuy)ssnDH2Ds!j!cpdUiDF72;l|Fl%e$q3%S|Uxv3vdLwC5LE9uv
z0!Yj#{*vh?l#ccBu#8!rhw_zW8M}FNq>EzGl=@zEV3x^@b-`YB4jbtUEVbe0U{9nu
z5%-pOSY1h4eglWoD`-i!#3No{4l)%MT9OKw3#ng9SsfdwO*cspWh$abn5%0<k=cPl
zc74Z4hI^yT$Ol!YSsySZo*fMtZ3jgHg~+!vJ@LQ<wGtDVu5MbebZQaP@eZj%kM}2o
zy&58+>6A?L1UT)6B)7o~ZPWxdVm2}@FLlefg8cKb&(4-iL!DUu9vV~lA2v7RVnbfB
zlO&=L=G7ix(1C6NCC=*k-Bck+m%36^GZ}B(VW?4!F+*?YiIy06X3WqN;xM>v1UO&8
ziqV!Wv0^LB)>sj+F!^BwEJ~*Vlnw*+1^yQ?_wLQokYFMfZa1fn#*-dHtz0(ZrsvS0
z3o`x9c4d`tBHeDvF2-%*k$w}G>JRp|n|H%rwJUa$YOuLsnt@5#ffB@^-aF2KL@bda
z>*Y07Tms#ZrNM9{6h+xbzq~7&)@WWR(S>Y`og%avdMT9Y3`7`w40AM2u`8ep3B>hY
zs~NAto`J$-I75e-Ym1omt0bfya;r(yj1qZyB2MPFW$bG4xzithl}RNNSA&dGwoC4+
zX`^Z&lB&y=X}M7LyaPSal*Wb3OBo@Uz=OuCt+TJis?EcV^pdLO>Xr3g7nl=Q*Qh7B
zG}@Etu?;%)g}oc7Q#O~I3KY5%&U<2ZSc(qSFwZ|PI$$!?BwvrrjYrY?)45Qoxa?wc
zSin5H{78E~{_M5N_Cu|36?MSfb$^>RYDS4-5pq}FHBRE`GXAXW$_Si>Z)__?!#HL*
zGBz-DhBeuO{7QXf2dvF@u3cu6GljjozpG~5?A`O8*Dy~jj+~RTqq<<oygR~xYzf{j
zjJBtJ56+h_L&~&k^CW!x&|61#-WjDK=UogVwrcFt8?cWiM*prTNKq6IYe+8?%P^2C
z0k@*NHJ%aV_L;?w2pw*1<+Yqrv<VZmCpOHO#_An5J4C+rW2Ek3P$n@{%}Gb%UFq(P
zR(IMmms+znK42GC9qx87iET1&q~gKzoZCo=(>}wwkxGe7!<DXH`FfSADIZct1dr0R
zf!RLAR1YPl9m*e<Acr%iX9g0E=s0SKPL@9*rDDpD!U>J`;5ZU^d#|gHlT^)SAiygp
zxR`aC-ZTzpMPZ5%%^1j8q`17oq#L8+3(1A7rlxLE;kbzhZs7F$N=bVWUV$|=#(QFs
z-(!SHssvS({9!blE{S+B;BDNHNK)SM2p9Ec;sbg$jyqxPUn-h}H8pDZwd;K>G!qNi
za*>9s8OAF!^~fZg4$}b>wDTaQlcz>yb+oK1T2UUYs*Gy*HdCD`t6~f*Q&pMKa%V+(
zXI15x_Tu8=<7j7OJYN@YjMtXpCmb+-df=#<n&VW3(_Pq$nLow>_X`B}rSY5!c18kY
z1D)~0z%+&wV|4qD3mjJ*i!r3NfggkSx*g{mg?4A?e>Pr|c2OG_*QBB9NVuUVT^pvk
z!gDY;k%=%Ii7BVD+tj;3Vw#N1YI}d1=Gjf`a=vxjx&1b?+d1pj54WFNKO*mVE<S%h
zcN`Z#+;%R#^?q$rG$JD<YQFLs6i#r?UK$minW3RcVN+8>%XqyHBxfuRVeiAR<Fo6O
zt%mk$Q~TZ>(RaN6ZN6;1ubY8E=j^sF9_~Y5T9}cYPOfbO-Yw79avhUoEGt>A`%TGR
z?mY2q4Z1E@J!E>F^iPx@x$b-q=A>rfI)fUBP12krt2y07)^pwVo;2hf3C1(Ml&W2$
zhukI1fSOviYJv9#>G<;RKrBI<%`BnY7@c+G=V<x>0NZMkDy7%P&R3;E^pR>qA-XuG
zUXdF)iQ;ozQ{!z?Q$vxgRx0C~w(*y(ZE|jf-nQdYG#1IZ0o)sd)D9_p)EE+%?@}@`
zfahACOSiX|&3HpzC4-7ljvmq*Z!`vGOoh>Gb5h|ze>akcfLy~FS)qgKyGm}GT!=Nm
zV*J<C38ke*x7A&I<IEZ+SJHX2bmlVzGivJ&Ha?a4r_5&w%tLfZ%gvIwC`a$%Cegl5
zM$L&XTBIW{T2#Z$<gWM7mG(YfK;4yQ^4qq=%^+$1L86HgPb5YAnt<nTKSYM|Z>N0i
zZJ6qgYA$DpMD_GZkCo;DF(#`?Ck6t%Q&RsRo{5=RRr>Fy3rt@=9Emef#Wr!TSw|PC
zlYA16NAQA7F5#w{N>Eqr+bGDG4K<%eLv1W$1-yXdH03`Ma7(L<#JWVoc;n)dyM*l1
z8|@_*G5k1?byYRKrYUcbfp-mMiarg|LFQXxQsZWmX&8SPAj?W!V3)E1GyH2>nYt%M
zi8zByC`lqI&n*@uLW;eE45aWqg=nV7w~p=*FP^?O;iabId##niNO4y&nGxsZ_!4!S
zdM7YvME-OarBrw=;<#|S{)(BLS3i&u52`m8t>>cxg3fCuZ62$c7feMWO9C8^Mh_vA
z&y=R`?2gGKc=g;^fjOXx0p@x5{758~$RwGO?#QGDyblUwlQ40iB<)Drw|&&M8l&V`
zNuIVwW3pw5qEn>ChbGAGat|k;bAUv=EB8E16Em5i!4u|GU0=~RcV_$1IzQ{th$k$M
z%XAgIQjv0$SGJ4ql9*v9=>l3(xJsw=R0<O*Z!6AV)z3umPEdM96GOZKwzx4x6sv9d
z(92CXe#^YB?8)iyFU8Cd3EM&Ua9=PUQb`kK54B8G&J85!DpMFo`5cMqdj_+cH744$
zmD`9C$8M5;2y$NuMby#~bNY-~bX%R1eTz)FVeV~|2g9rCy{i;ph-h4glZkd-yd>vB
z;n_C7xxJ~r+2jL?;ZQQ#OTPA%MHH^7UUTXRUX=M9JdoloiljSNE3Ff$lFo1m?`1@u
z$gB4TJHvr7(=<C>Q!}Ub&;X@>Yp}mzwPZ~7G{n=<MGO&bKKo&1j(Wc-O*9nZZvrww
z5LX8gXLNm0V)eVqheIUa@xC@;?uD|nEB1KFxKqB&**w3=Q<fMnXQ#}G)QsjaAZ2Vz
zux~iR!-#nrxCCu{ayo-f8Hyqanij2EiA?L{Q7vNNjrryPHCYG4uSV&>S)<<^-QKRA
zWqSu-6^gf;=hvP+s$ItmlfP#FOq|lLKR$i+3r@A8IqONpjS7`lhWl#HXij4@U)P~-
zTf;8iTS7;kFIf!JTv`3u`*))M9!IoSIAQeP9(~w*t^J}Hnit;Pwcjxqx_Q$o4|kJQ
za#Fu!gu`&bYuLl8xF|V7-MZfqzHDSl!(O$?Qls;)+iNTFE_10f5=-|F55xnE=uGF{
zDvN}tkIy!zBo)xNlDteX?4vGQG<17_(uH1MZ!AbHmV5T2N4wUV{qBQVtf>jc_`Coj
zOjV+V6D9>rK&Ls{yVJR|@>)Pr8}po1D47(BSKlLq2#KuDqbXv-NwwEd8xPqE%eADu
zhAJ&7bCgNLl)=TtCH$Yw!e)eoYOy1sZ!_8EUZ5!8{ngCR)ev<&^+ZoywyDwTwKV(@
zG`MCX0-B#|bToVI5MNAg`&zFR(ws=!xJbB`Mo43Pekx-3n@NtEVOkn<X=v1XAH%5E
z$1G9{)vTDIQilX;XS!BIV=5QUMzTe{G&8NVCt7GuG-O*7xlj{L0%k~K?$BB@+cXCn
zy~%|}N%d@aCQX2a`UI3_Jlnk1NCV{v2WqpGe=g-iRPEOrksPB9Bs(vWXi}ZuYU}(N
zRQdJh8$zn`wS{8pRN+TbGfj=3VxKvD_p3=YygdnRs28EuR`^Za79~w>->AVkua2Le
zmCn>BI$JX7md-h*HgD0u-+X^P-Wmz@nT|%AX=u%(iDMQ`6DR-W%vOiApG;B2$(Z)M
zMx^N*xdx<)Dh+e-hI_4TwH4Z#OQnQnv}o956Dk+c?fA6%w2A^*L344SG3Bic^r+H_
zgbx@tE&Bqx0@s$mq`$w0z~Ws+suzl=vZt5OzA91OUEr&7_{b3zSeUtA?x~dYxmQk;
zSOK#WBOTf#w@Pi-RaUvuVf=X0`*M{ecTJ5B8l#~lLl>TARkl*~b)D3|(XDoKlj!!m
zZM!lIU{MToQ6mm}SInmE?le|;hE^uY?T)XW`Wlk-%D+{TTAavsXuotvlr3~n+m}Q%
zSUW^L*4IwcIuw{bEl?Uj?3A|4`v;oa>g(F)*0;7})wW?cbI7uC^)yq|LBUudHz`z8
z)7Cg^ZsXkgNwyo1oS-&Sc2zrH^vQMG5i~@(-{vW+5JHF?5483-5ghi8o9#;Y_*P_T
zd$M0kLtZC!bSAE~k#HdoDIJ-xmKQ_wSZZSPz7~$tgnw#+M(h(ysPBh8tNgb^ja<&F
zKN!`pf|Z6wctdEnQp;!16SbJmhpA>3XwJ%xjCc+Pbxkexhw>cMHMFk^Z@wD7-reFp
zX<Wp=S^jc%H`n9M&5LIH#p;E%Fv(3{kDH``#x$5i?29HcDd`e4ywRILx=y3mG|bn^
z8OGdkGn!)5uzJU69=N_Avn`p((Bnj_XD%|ba-$hZS5`W>{xEWA^SlMMO`})en!-G{
zHF=!YSxt>bv-xCKP0jw~Pc{BkuG0RSUN~Wh2kKguUYWd}ho~Cj7;A1kn2|<$czm&o
z43vL<Yq9UT?NuVtxAU`#c2FEMFjrD+KD1aA4Kq!a!fzlNimFqru@f_d{8c-Syq&e%
zTkGPT-63zibS3)R#xv$aCkje?qCe?S^tY2|vUXd$?Dli%j<fOA*6wQU*Q|BvO7EgS
zX<qc_&d+V<_H*gG^W4$f94|iaZ+C0mb}pTrZM-{gcO5R?rRU<^`MY#oI_`eD>vh)M
zU$;L0y4?OQeRrMixcSR&f0v$1-(8nGZ?~OG*PXAspDx~6cR$^J&bsv7{_Z$#y}M3#
zUtD_5y6bSuZvMx`zZd;t@Uf%57`*u(gM;_OGw?FJ2mgW1{y8}KBI~!o?h1QBDb&C$
zXoE2H!D(<g+yozy?w#0W@KbmZ{sf=EApD#4+kHAXxF_rjH82M*;h2YFBhU*O(6x(E
zmQAqhIloN{jL)ZOy0$dy-lq@FmhyGp((=*@K0rFTw5oJUX?5w;veL4$vhuQuvdXf_
zWmRQU%BstzmY0^7m6w-SlvkEdF0U$|QeIs?wW745tfIW4qN1{5az$0el#1$#sg<Rb
zWtHWX6_u5hlPjw#r&Lx~PMusjxomRz<ci6alP6EEnmlE4_2j8lrB!8B<y93`l~t3g
zs;Z_`RaZ@&QaYt<O8JzEDV0+uPpO(RWlHswsnw;`W!2@?71fp1ldG$$r&L#0Po2ss
zPUY}ZNqQ=~O(kj$<2S*9c~lyhg&LSupdm@6InX9=y@B<-ff|YA_Tl5|eJsptZfnrY
zcINgiDm{ql3O?65N3I#QjH$)u1P5v}U3BQ$B8&q{cizH?ET)7pawe?eCA9DPR^WP`
zo0mutj+<EzTs_;e@+rg+mkrcRE~{kh$bLdtW1%q`SJb=u)UoYKL{djEYQg{xGMZ$K
zX;2&$ID#9<zs##AkE%I>&!^G2B0w{d`+n4hK7H@ras~Tq%G=iu@J4~vjB#@VW}1cm
zOZMb-HRzqu_h|klooGzVNzqTUUqv=8C|_rLF1k-0t-*Aj+S?J`T301nopvBaO+<}X
z7?*9j5o!kE{iy)W(w_Cacsh{Yr;X)7U2K&U=3CIb^!CrqA^R=G#GqStbJ4O_67QB(
zZs<>Tm(K?W-Ljjj_S=tM9UOGauFRBOH1NfsTUL3bKiS6~{%FuGZ*F3}k98@i<&&aa
zgD&2c<;Lzg`ZKre>IP%0B2T$xR|m;9B8%2NilPdQw3tu6uJ0Ysdy~m1ntfiJiA96)
zb}~9%_xtfdx}|(r>?eFw?~{V<aF=f$v1h^le5P!G&-L9~@Ebm^xBZB+5iKKJ#}0{p
zhlVoEFnZWd$a^XX9bf~Wv-gIyyWwnl{aN3hBY3UlrOC*aX+^7zZRZz^fM^4s3B?>k
zzq~Enxpbsm#UwXVu8X`%anH9&pIbz!X$70+tW<6oF+Ckob6SnQ*5f=r-Yd<z9nfe?
zha2S%YZSXJ3<Yp)Gd!iBnG3h$G}&V|GgxEe<|M*K{Wr&xvaYg8Ykgb&y!M&(3mWU{
z1IObrP-rH@Cd_SZnb%U+($wBiUpsF;Tg^Gde35<joQ9dL^>dpJYiICy&b;|;O|=W^
z+gs}oscUU%YiqA>p4nL2T-SQo+<7f@Kib+FTbk$A&Z=*yo!>OCuBEx5ahA6SU6YyZ
z4KruA@TvFamU)d0jrFaK%?(YBvu4k0Z_`m4n`hLrjkmI{b{;9Uc`0x@?Q`nqw6`_2
z%xhy5o3mKY=h@fINFo(mwXHhLGM{Fkj!MOFQEX2}j^Tm2j#+k=E*q1b@sgLd?XFvQ
z5nl}b$#eoA0IM!G!&EL!JE29=`gA=VGBdx$gr_EHn4LG1t_Z-HHBdh-?6&A<!Wq4_
z@#oTvJ<<_R@Y)$hTBHy2+I>|gC^`Da>h3dJ?F}&5C0-D3niUsTvH)|Q$$|VWbt||&
zN}_D<b`H8^PI1*pX2BVQ(-4?<x%N&lfFI>Ev5d%jQ=i_zoHvr^#ZcWcEuTu)xKR;b
zwU-?yqOZyf6QzsZZpO<rLlKL1b*I}q!>cDOr+nT?^>F`(y@I{H^y-<KW@d-`wx*r!
zOEy<Cw~hAMH+Y{qaErXIo;Jz7klw>(7d`7a-qK9pQ*Loj*;Lzz7By|%5Kgt3Cs*fX
z25-R|L^bi=;I$Xs$~fXcn;w`Mp5=L&4ZX*;N|ZfU3J3FOS|i7JBhlW6*ylug8p3Vd
z2eZ4IRiVn4)*8nJKI;(X<LsW#JZfl$g~<*~%agzQDEfTs7^3Vm&uj@_7jbKIW0*Dv
zc!}D5b8AE1Ax#4Q#*jbWo{-H0*{zrr?YF9zh&=<z74#<95>d~WIcLQ5y}e|rdR<qY
zIbcKBEG%Svs?}Z`GXm*)U7B~BOt6*l*Mqq#U(^hVxZ`0HLz-T43v~Tn(4^~apR}jJ
zz2+?Dcqh>u>0h8yiTR17-OSt3JX8(8>wD0?sN92VlP}iHAgRT5;$Fy0gN^ilnO8p$
zG;$yF7Aex+1y>+BS%XwNcDi^CtGv&!yA5)?P%@yPckvt?)s6F6P&u~h8pU{pN5I?E
zmyq|JcRs}*Wc-tXz%EZ`L+M5n6dg@EwaT8^!TW&8b8EdHg+4AJx+!bg#hrHEQOw2S
zt;l?%@3xsD#EyJ=v+>@=>1rqNn(AOGoV}?#R|c9v-k`k?@~}r#6-PwF4G0g^dIB1i
z6Z+WwEImIj`!u=<Bu|twGyCv{T`^A+L3XWwbDo=xofBNz#<|)hUr?Ky-D~wc?D|?c
zQ?_zZ{z$TMI6p4CVWaZMA<7%fY3W@WSXUjRsU*xaBh@T2Bs1AtLYp)aDTyO`rV?L$
zq%sojiWDQ*pbC)-ws8=%i$#I5Rjal&e%eUWez~ep$6Nhi{?zf%9AblHsF>kd&wDt`
z51g2V)wh$=n7)L-KXFY{7&*kyn<Y){sO|Q(stG)H>T2iK)-}#M?8|mpbJE!}SgVvx
z4Wq9-gqF1HuD3_SO9RIp8P^1G6W7v`Y}KjO)M%lQmH5O@4`?G!*nh#3hS<mKn!i)_
z(%IvL)i2dJ(Yc%GyD4k?(A5i9WujNud*M`%*m;Z&lqKDAc3>ce7nOcovuxD*kA>7u
zW6}Ug&;Vlyv}e)-=6fO?QQV;h3UZUW<~J71%WoxAMxtihNU2FQl47W_D6zP&DoI+}
z=hn`f9cY-DTH7=lvJy!%%h<^Tt4-dBRdkuj1ci_CbWK31x}$S$=FF(I_!>vRXz)1&
ziqT1GxKg(0%zO!|@J=Uaw=u_KruDVn+e3cdj4DX3H(`}s&^=Iyb~D8>?9p;pkQI6I
zU6I_0u6`YBaei(_M{3q33^36$E=KekUD_TD@l`BSf36lCj&ug;dupE8_Sk8xdzJb^
z_XAvYUV};hB5#vxdxx1>=3$2Tun=<x`dN)t9(go9+V16f5(N%!Y-*a@+PI*7LHU~Y
zT6HIL_JP{ErZpZ(>JF83_UU;$amlNu<uWaz!j4F+I6#vs9zpY)f94JI+v+u2I=_|T
zroC?7q4H4-dbxb{S27vy*Q65}tzD0AW^Ena%i5VFP}^EJJJ%v)uq!Y=Z|!(xBxTkJ
zUl#NxO*N-Rw<vo=zE?&M2%T^z)*NQqTy(6FB#H+w>nY8a1x&y;&a5BeaBkJw9?NT$
zbfyqe_j0vTF5&r&nmUPZA%a7?82a%z-?|dtDk`kpIe4W>AcKI|z3O@^vn^dN-fq&h
zhE0rMTm?xiBI&03d7h^zZFLQcs?W&lY3^h8wo$Kz%`0RDb9OtER_^8w_>v&U(}l_=
zV7?P)exyzNsF|HR8iO^w^U~qjWQX0?+fqBvbg9gdBBOy$h<SmiQKsSQtT?)Z)AH}E
zTfuErA?CfiPSl}U^|52U;?1rxB0jT|zUVYoO*>L1Toag36ELlBoy?ro&cVcJMwqR~
zj&*|hAg#A9zJ5l}S0$4XU|L18ZwDHB)c)>B3TIy_uL8}wUU_3%g}JiNl-}N+?%27N
zG?l4-%=wU0f`Pg=qe#hZpy_CPT)TH}T{1F6+9pS+LCQ_YZQ4mQ*d}8t4aTr?SCiY!
zD?a_A8*}0k@#HpA;zMqtC(BnfO(m+~nRaSg<ka#D%75ryVPdkF+JCW_SH#k>;&x2Z
zG=67vX<|u7FibI>zw=TCR2YKO*B_0#iKEa#m{U6!ktdH(pV%`FZpDi_7MbT{hg^(A
zS2GGuR$xv`m(xx|fz(`UT8<Zd>BTO3qkf1sc{|gQRu0je(7&m<R--@PSFPBtqV1Yf
z<&JcJn`|;-gc}&A-QoUR)JSh|+zpYt)n8`UZhLo-AyQkzsv)-i-=j80w}EHR4|mc{
z<C&>y;n{TPQw&zRZN}X6>s_q!W=D)$1AdpezEoW|{ZkzN%%qbWD`&pO4m)VrgrY~U
zNxEBp3f4Qq3<-y`9k@W3ub1vd?_6Wjw;5G{`k}7V9%w9Saa*r`P6$!;IkD{Mcn2j}
zn3}OK!K9GND0_}(#DI#Ew=S17-k?aIxi2%bM>Ch|x}`Qxo4Ce=$)*czx?X41MAark
zD*2VKv%<6We~_x;IkQ^&;l?S0#It@#=7r^6Q`+T~ta^&M9kj&b*JPJmSd655o{i&{
znUQkO1H=x|`Nm;A@s9a4Djj>{UZa~ART*R6e)o>^65IQ<Kzg6r82$OSNJy*O2K1GK
zSQE}%Hik-z+oYL18^Ks03NL<MO+v_q1VYdBEEMUKS#8#MUMO==h==Daq3D?(r$xS`
zwTED<k#rhuDPu<I&QxnezakcC(9P2jlPUaK8A$5mQy`?-5X+>xTbO(>JCje9hS`M>
z$BixFsP><J&zsB}p=#9Al}41DA{VemJ_IHKYqS%cEbW9D8Wr|Vzkw@8nn&SBSxK_J
z9Me0|@+LXE)Fpb2rnXf*D-M_G<qoPn;hm>lXfrLmc|E<V<~?sO`oBn0XOk)pFdF+V
zursOnh0(a-xn!ka*%fMP`B$VU{yP#&sm}OD-+1|&CDP+*<nW;rc@ELzqZFofHsE!a
z3g@HmA751Dc2ncYc$tl-=}B)Q7@oip_@qnkkZJJqm`Oedh)+3bk}zLMrPD-jA$Jz0
zW#Li{ti|!T)c>o;Glh8ey61bI3jQmI=(Vs{#EVhliEuR-=6yB0Gn{P}&|Bwrakt6{
zaUp~{vmIB@k4ZjOb|ZhY*tgQ#uO=`e+uEdyfU?zl(#l8_e<SN$Q<RmaY<Ht`$`RE0
zUc1}ZwzpR>?0(8(+5LP%<Lt%FpwOP9Vvw3X)P~HgA)JkB;}bKH@Jv3F)y*5x5(~GI
z?@YKk((i?JLUkrTn)o`ojhf`V7jPbh75l5z+?H$l$7bpCLn+?e)g#T$*)y=m%$}eL
z*n^w!Jc-QHDjUqAT5(#in<!|LP|#hXKim+W8|`EGkLxgnlRe}4J-R1$UvI&!iKld1
zOz|}<8lDsE^-3~IKyy`QX}(#}=DjdXgt|e@`HeG&h#Y2PFLmWpRd{65><?-4=F?m9
zx+|(Jn7&iz-QVk>E;Z9(rU$6~b0T?KkI{558AA>44B4&@FIKeFb|Ba{en5fZsfPom
z%5<||c7J{rSNljuLz}oH&d<VflWWwA!+VXHY5FwT_k_>8&<dqo()s$<B9K?{f?zf~
zBJJ|N=haA`!Tb0RcU_-vCtdYT=v?b)UXLc%HlP(GH7W&{E$NDVx54ae8pK{m6{7B%
z`SLP_s5?hqnGWinfE{;m(dN`siB7p4>MU%hKX+bULq&b8cFhg&`?$3Gb3c=9bmH{P
z=q_hRi9LTUGnUF}GumyO*ET>qgkSshx+DpyR0+>SFBFd0S-*PonHsxbs#hC!Z6~jf
zw(3&3UG(a*CgWvjs!{bt&2PaXD>wCAO(0w4@huEf>(O(agp-^6pKExaTrppmJ)xeT
z6zBVhG(+i+Mo==)p$^c-s7o&$Y8AzW_mYwIjP^BE;yvCX@?Z8rd;UJAo5gh(<MUxs
zb~79`WE|a!X=EdPc1S^YY6N&Ore%{tkZjU1m4!<&o1k@oTP<PNgYZ53Rll$6Q$Ypf
z%dB_Lo3lo)L3^AIqHanJ4v`u$F`mqM8)i4jK7p2lbGP43tI{+`_j^9@bdQbb!+cZ8
zc7l0{7A-1X-w*tSVtfkD{^om8Wlp9?sl?qYF^}J7MtydjpuIthf@<;c<&;I-Lhq;J
zJ(qslNaYr|TWRdD+Z&m_M#DFVAVW=_B8_y>;Ph0Rp6t-f0(183d6405mkQ|;zV@YW
z?QMWxeHiXA_Cb}<d|&@-S%ZRwVIS+T&taP6_0r6nR#Rifws`3&_$jPSCy)YvJ?|;1
z&mw)15FwxYL1rZKX}&efOxAiovEfqhj>Ob(;{a<raZ?kpWhhkuoqIGn-dNg@-Y?eG
zQr(i6=kSQTj7AGJlsS6+>xf(}#Mj@vxyoQ)R9{Nvip=Dw6R&yQ^9EF%F$zo?2w5Rc
zabT|Li0OJ#e9XZNF{(b0XtRsgT7{QfSG&{c-c(IV3Ey+<&U6&>hL<RZ7V&UoOAv`M
z&aj@@V7NSQOCmFj$w6o{y6;(XrMb2|HFu202tUMO$5ht!9%sMzmFT5u#8itWgq07?
z7raU)S5=pG2Ft1uC<UvhbXIhBA_1?es4guHMndJ2t3nmw%8ts82-(;BxIi{N<L+O=
zFI6a4uRe((?JX0hX5c{XV_If<k;-=UZS7~r@!2t+W_HordOaV*8cGGDYvbJ2R1N8q
z8g5)_U2l!)wwoFs(Xf?+uWMSl+ni1^Gh#k0y&g}E?>Kl(5h}Top5C5NNk89{R=dnL
zIc+T*49xR>y}^`{0qbjPO9m@Aqfy{hjWl)L55D9wt~YS7A#$!eXLNMl*CrSq<h9|I
z_nL9*dTU*}UYTaowgsG-+v&kET{;t$i!>6vVrJFPOe_kf7p+<%t*O{liy~%y`2FRk
zH+;4r5}GMdlD(^DJhHghO_*@}U;t&DahK=wc6Q22Z!txh`~xY78GSKL8{elJVjDm~
z!sGSoly$w;xm@ghwM;4(^4whGCTRL`X5@iJhAJ;J8yR2}*vPvBDl1sh_kRNnH+hl1
z=CE(RP;Fx0qI>tgq+P!H9t}u=8)tr5dp_62%MSmVYayfLsq1noTJseP%D|c$J4>@c
z%C+H|hq;*`<>PF--F-`%x(R*u5TB6tnw4~#nNRBEE7A%{t4I*X))Zg+ptrMrKeE!-
zQ{)Y(t2tY4osiIktC{I;EP0!5HNEFBz9;x!F!H>gdeZJaSl8^BE1>=D4GL=%^t^yB
z+iZjjG!qx?-i4b&SHIL1Skz*^#Zgn^efGR?0%eL`_eJtQS>%<v-js)%5Xn|i>v@iA
zq4xGoC(?3?#dtfr=n$$w<vN>ac^K;96|O-xzs{{dS01Ya=G9I5-7D_W>J5b+Mv7<_
z7zG)nL*WEX4(LX<ni4kuM#ck+cropbT;F_ahOmmrCK)+^O|?1KEbCmou@%lm6UzuQ
ztgnUFT=hvIt<c9)Sh|t1c9Tp^jWM}_Dl_$KzBX^?puVhR@=dNXw#9H3?+~+WsSKZh
zVPZ{fVJ6q8H@t?jzLB@C?^3R4*JDGm)DzWglkHO&IcBXli)W*(9N0$c!zDJzB#6;L
zN`z_l%bRhFTD91!Z^BSp4i#r+B`7<>fuYvAv~3sLO*{^@sa_c~kf~pO;t5l!d-9~L
z0@m!c>P5GhTC2&7PucrG<)>~7gSD#jS{OW`&taG5;!D7HL-bLT`ZzOQktNJZCDWR5
zOYseE`LLit(WIoU4jI*Tv#{o)HrY0;H;~C`M#8J^ZDb8Jq3npEt$JN+Lm#myGSXsi
zKbl+}Q4--zV#2?@q4CiAnS8xTAGp`NfA*y8`5W(ha+wBJQ_RUAjW=h+6{>R7a4z$#
zox@zhswX<kWs;-$)IU{%ri$I5D`f$nxb`Yx&5$Xl>m1bS;BX2mxf(lm?BB%epsccy
zeNg6cO7otG&*3(Cq2`1)Z)@X?Ufm1ZC&@6G86)#=mLgNQQ|dBP*c}>vcA3aN3hyG^
z`7#Mj&M?Yo_l&$|BsoBBLgw4ZI+8v&uRe{=&gRox_Ofj0ku=w$$$9Qx3U!z_;;YZY
z2h7*z^Z*$C^S*?bx060_tdV~6od@p{8CY%UoMEQRz3j;6aAr_RP`XG~m15-2W+h`3
z*VtknlJ)zTVSFjwG;sEth^0%F9ak+tZGLAKfVHd22m<bSx^)`24&-kT^v1JYCbuW0
zS0Gn9*bi}WYt0AzY_Gdup8I8zR5w+h(U$V-5t`}Y!=$$3xUNNLt~rtn_P5gvq5NFe
zv|J_nWnZR?l50XKE3c+1<&!70N%<yq_DgkU=zslNc|AqU#T02EQ4KwuT223xiTBJ>
z1`SX@hnSgZ?@4LM${Sfdsi5F<es6gbv*f-{5b)MzzrWzVKQP9|yJh#ifU!2-*$tJB
z`)+{y?trr!Dt+f$yRO#x;I6CPP}lMQYC6s*+4(Z(FXw-k!sSc%JrD`U<X0`9=Pw5T
zJNWtF%E8YD3kn7Y*KR4d)qn8p_AiYXxyh!RjViFl<sX+1+<CfXXWex;>wK}@vfIw3
z=WKqwTXsI<`8I#Q;nH`<ch;SE{`Wgv`Ys)3ov*mt-yPRkcb@sy9Vb6sx1Wo5=i#i|
z&n>(2aQnIP!sQFM?2hlYUzl1s*a45g=g^d1Irt<fzbGvopQ>7QWI-TMAjev|h!VcH
z<DguJfAM~!{js?vzS%rCx5S)ib4%eqnF+Zl^HJwjqi}G}t*>orYFU_DEM2<KQkJ5f
zfx?2lgZqSwyQww2P%L3X1sd|@9~ehPy-#uVQuz}V1P(ahfIvZn-y;}Zu(Y~Lv{zLY
zEM>P~vZo-ZFJ-XY6YWize<CqsY*Zv>167rA_Rv;}Qkc<noJOr-tKQy_`!^QRQbDR>
zYUxt*Z-F-LWA*&zgPU6xHW%zQx?ryWX=QM!pn0e!r6yy&F>9@}ku-u)vC&A{2U#+=
z(7OqHn<%a>7ekGw4k_1f;&i=%y#j@MyLjqbvtpH$-O921q)=D0K5zt@Cpy|`wB-AQ
zkFrN|o4Et-MW51mS>VK|JfZV-y&0VuUrP*`pOMO~9^z7IAdfD%^YWF0r&ts|8y17Y
zA3~=^;V0pCP?)S)aOa&X2OqX5e4j<($fKkKN$7{;;bb@i&V>u%md92OzJmP-K8I;6
zH$oUrfs5gVr&kW%W4Qr)jz!@Mp5Yjl6R-;{3hVsB9ehw05d>{*!o?x}(YL|)u5D9+
znjw*N0b15@ft?~O&@5df&KnitQ!NFIe`zC)3M(w<aTE6T><vbfyqxUKAXT3Ur4uHs
zK6?SbpUpRv`{S%IsU&g<DySW4{+R7$y+c-d%Ze}?c!8coFN-~#f(*hz8S_zWR<KEm
zbHF4y3ye0yn9aHwG3QKr!scI-K(|SNdy{-^<zN&R!9r+zb!eJdR}cF`#TvGo$htAG
z3v3J5lisCpE_@SG&;>`sd}x9?sDUylggs$r*cvv4m9MNEd>h_>d*$E?cpYAXkB4D7
z@lU`qxNDegwC}BO9lY_@%EA9)YoHt^!dTc1wujL$5<X+QkKuh-0k6YLupFL%W$<0L
zy9=v)m;YD&r<H?6uovtK+rnnB7{+|z@tglr53sx(UWOIEbsrM`3`V_|+g|%^&+;BH
z(Z*L{XV`Ev_HY|^$LP#kcJWE#PlR*e61Wa-hh^Zl@!O|~f61<U6Z<}V3M2pQZNH7R
z+GjVy<DeX-!$GhB{OKv&;fsqCKGwJFwml;+?qZg&^2Oci3*Srl3E#5Pcp-23b(Y`F
zi*v`4{g`!M!07i^Ki{2+8*Af>^VZj}+~A9A^@WeN;l<cKI0Y_%%R$Gy3450fKVq%_
zoR-_Tm#tl4?T6UUY*^cm`V0936yC$yiP$O|R{RVbZnpMtY^QI1(ihhDC$fAFT;hwr
zj_~ci<z<AQ_AS5U3oDH`ear6?{uD-j;GO3-*xhVc+m0h#?pvPj3m;^|3$Ps!hhuHr
z8Q6<$_$utJa4$Sz<CM1Jg}k`e?ee?Wk8SviylvdRvZMd%rM0uQW3k0h0}VFLZQp8_
zkIsu<>|5@$;Zv{|_~Km}mlJoBjlT=~$Pn8sC+_9E_!TUF2%q`lM}3&P58D&o119?7
zbj&K2XXM2-+vUTp?ZhVGM7!+H)o;&X-6eVJud~ayTe}SVv<<&x?VH&5;ZwV;G)Mkz
z<={538)$hPwj8G0<%6tUfbD=d9BbpW{TYNW_AR^fyo$J6;a+$GUVzu(U2xmTew?@b
zg<T%~QEt1P36F(hsDTD(1?_({cCiin({<s#HLP>n$ezM>7x=clobXL>7d&F)mt$YH
z;T6_u-w%D^&wSxgf2Z64|8e%P%M-CxFvBi4V-JT;NWzJ54rt#?ti29<J1n!yF5RbD
zehJ=$_u*3*`7zHGc7t)?wk@~e>DYsO@e2rdK-?F1tPP*xi*xB*Ox#tz_*)6zYnPv}
z_62KS$G!_6+hwKk1>w=3<j%{byK`RLSeA?P;@q~fHLPp!t#2iKG%WVT^$|V=F0gTz
zV{fuyrE!-p{D=)NxAtZ13LE~=TJ7_h4UhT<&lvUq#ZSam!3=1I!=V$jE@`d8;zYZA
zjxYWa8@|rk+kNZYezMDK{L{YmFA;td-iJ?Z{K$Wj4`4U&?>|&{T;4Y2EKj#_2VoaL
z2gGgMvDThpt<t=h@KwI$TM6F_PrwT{{&j2JIlSvz{@8}Uuy*vP-g)nAt@as9xY)Ps
z((&6G);HvB(`uKG#xC})>mz)MZ}|ekm;07)B7B!``4L}O$6U_x%di4IwCg^@j`|mQ
z1KfG-;R`EnqFt`S&VXj$`ojr#LedxK(m9d1bB2h&WQe%yh`Zg!FT+0V+vX)3e$yBC
zzAx;K_bG8B|LtAJHrU;4*sWia9cQ;K$4>u}{SF#p{Q}}TY<zr(_4&s>)^2mgFxy^C
z{8ezPZ~eVC{Ddz~>Aql>U&p=+ALp&lKem>?7-pN%|H<Wpq4patZs)xH#^x>i_bayR
zYOoE^nz!xIEH8#W8-EJ+0=V2R-(;;z^DdSjv2n|>FT)D>(8js#oc(N=c(;CS?WoUq
zZ(t8_`%LtOU7WL3teauiH)9WnPP^>3`Co04{ZE8*^3u74<?DQLx7+YCYoErx<Xf-f
zzRB|Y@F|R3nY$);PTS<g?UuLfw#&EU*sk2S?Q~!GAYV9tzcno{$lI^OF30oY{b?M_
zx--_W-oNet6291%=2gD1(zrEm`ODJ1m+hZ`7kvA@?h6mM|GRASao%=c_?Ab1o_n4<
z`@+Mew>I%(he@Z{#@7t9ez>$7eA~AYKH4rX_Qh-8K9*1M#a-YFU+xPJcbqlF-^BiR
z{SRq8!nVtO+rLbBg>QLH$I`kF*K*s>)^fWqJKmbsk77J(dsx#pYrAd_(wR6!T2({D
zt!<kA?PhGCbo^;HZ-g{m`iF1CwB0c}*WwsS-!{h)KFzo6(pg)3zHi@42w&}6RvNeD
zE#H~9>_5)3A=W)PM4W%0|KGyTb3fcT^F^aJ_J5lf#0x$cQ8(hEQ9Gm2*sw?2tYBe5
zq~M+r+mrI9{5P`Th7p?;96a((zO=n#!6^mf3Z@pEKVpl55v)0I#7hM`j5vG5r3JG$
z@L6owYx=*Pn#&2p+aL4snf+i#%L42iHZRA11-6ELEMLb8t*^ui%|$Q7ej5dXV~kzC
zi*+uphOlU6opAB8nm4Z?ZZhAQUmKLcg@0T97RaNdu`f1kQTQ^D?XW29$E{bKbQyP&
zhUVp;vz*2`3B~!tT6Xx?>o;J&1-<YZ`}r9z&c(}$J>VOhho^dCfj@;0uvW|ZQ=A{S
zUU7RtKWWUsx^xx(KFG>*RVeJotykPcI1RoH$6FM>5-x>fEsFD_^=`S0@X?&dx!B_@
z3V#n|2P_KvaqC|tUioG*ltav-@SQeJ>)d+9JKXx^#OZo^IFDJ_q(xypD_M7s6!zoR
zKTrI@kRXj)vHcc>zYC8*#-cd!1B=#c`6ZYSC%|p6)S~bu@F?_I6enC-TCe3_K|9>T
zd7MuE%4a(9JHf8Qte-}_=pv0nu&r4A-i|nz^oB#*3Ag?N!pc8KkVX=U36C0CP*6x%
z=Xf_1S?<G%`K%LKuYH8BcTenL*k?GtpW)(MysS789wv=V;rE2aNWwZl+1IeYgO!%Q
zV};faTF%2h$hMooTZF|Xgq7c9U&p=)pIbi03azIKGF*;XO!#nc<)hxgt>927vGKF9
zLhpsp`Zmioq;Wstdf3Af#4aGd4!fI;Q+X+-ShW5?!r~6X_hK7B_f~YkLgHs&l{Zwr
zxO1!~EVRBBD;^_U52wQ+7KO`gTnknx&W~HKxM$#C(rSkq%kkLl;V764Q^C~<A;LoI
z53~G+G<4mIK=qV30d@f0yDCuHEtW7=XuY0;c!xA(m8S05ZsgNGtm-z^UB#gIMvKl(
zXnm*U1JclORHmE+Tat#tXTwiHc~B@$=otvDcX7%)b4Www<AoN5`{5cm-=a7_TJM&(
zW&c^Aa{3~R!YWIyg$pc-^P}}{c`W<?1e6zcx9DD~Y|^ve1ys+M=b`ln5GTsuF4zS0
zUTnkt7(sXmVOf>izlF~%A7O>oe_@%<c8?Q&6zll>mBB%UW!DDfuO`sD=dN90l`B`l
zxfaFw(R#P6yfG85AWr4IP<Q~Y29*s$aelPkEl1g3WywU?*`n}l$~4)XEDHN^>lGI#
zjqP9(;pf=T&v0@1@hSFyjQ#Zv=sAg#;cK8WKzUgAeV(NoE3{sDK%4|OkVXbx<vjch
z7w6(-#c4_ltNVPAMd4N(HybMy=f|yA+&QH2B=&XK-SP(ZJy4mxo5iK|0?R_{wU4-%
zG>(L0K=(>0|7*K@U|)-lD_l9E_1Z^V2A{L6GId?Kk$rXSlR@QzP<XMmuC1UrKW@F^
z?jBK4@HX~BaM!M|$~W0vEeiW_>lOC^X<UYlz>h2!^NfY!T-aH~xp-$EBMsf3o!~}`
z!i6^O8mv&9AGcm{Pm_k;&oS7QSfRYRhqZbSc7iP}S{7Qr8&>=hRHo^9>iG!O4|`gx
zdSqu%{VKF9wBD6_zh!wZIFvZ|3>3ZqWc3~hh5fkoihGCsRadCqUROS0-)%tmc3s(&
zGI$*4BR%mZ7KNt{5vO>ETd(EOq;V+c@E~D5FQM=(_yvr&9E%mpELyMa#15pP{nQpx
zxh8bKe}=skCRp?wgli9Jz4j5ilZKABjPSZLfi(EPU<|l?sPIwbby@ZIgu;H@dc~EJ
zfVO!6PP8a|1pFM1w=BVm`z>0p?Zgz)(7U@itYBHFotd!qx7fGf3(G&SLhDDeotQ})
z8SKHtU1L#Lc~kZZi^6`~dc`%9#>v<w2wL{%UR-bE+Ob0G{kZjy5`QRZ^l~0A5q^|?
zg+J`#hO%zEFlp#ssvqz>_80!JiyO+i?RrV$TbxH1xcsy$;ipOSK5%(=JHkS3VWIWf
zNA#1%71&*gyMuG^<BwC=kG6B`PauuIuzoE3f_UM=&bl})JN$8{jP&mNUaWtI{rwCV
zmmhx?Y3#tYs7<eOM5r#CO`1j6O<@ag<*3?t!mZaf7m-Fc+p8VgY*DzCbCPv=LSa8{
zz2Yt>jVrNn_@U(@_7{qCVP_SWAAdDz>`nYqsJ1Aq_e6GzMPWZ~z2a^pjoY}UGYOw-
zQMjG+kUh(yuphTxakr6%%BE`xf5)QmH$nBDYkw=wkJh{8$4TQYmM<LP^{46y>s~)>
z<La>DA&a&XZoR_KlE%$gmCNN8l?AFB7l6`J{49&wJ3{MQEx#a*e{zf;vb?UmMjCpD
zPk_-Dg;xv_r+9~3Z?+|kPg(a37;90uk>?^i#-gwvw_b7Ykw!Jw@gu_9!U&cX)^mOw
zR7MEJ36~GG-o^cseQqEP<+JN73LgTp-?u32$E{b~XQZLJX%xK8viLv5oe6vtMcV%-
z2dAj0Q9%($4T_3#7!?tfBOoXuLQq!GVUn4^NRo*&69|fm8Wk1qsCXY66>oOMRabPQ
z#1)TKSL1ypl0ZDxV~r~=(f)sb-Bn2^1VrBd`+2kb<@eN6)lXMfRaaN{OpiLxij97R
zeg?l7en5rt(<mpl$?(?Vhw~hCG=6aa{^wEojzPuK2Kj`|m%Rfqo@bkxl(FZi?1Mmh
zoI$o9n=jvP#P}OJpE$XOi&0&-3qkh`V?g)IqS&DPh+zORH0R{QQHJwTt>b2a`fMcF
zF{!vh`F6}6L=64i#Bm*niap4G1ziRQ81_NMapVc*Ya5Y6jPdyH!gswvwyrr<VAsa-
z`BA=2A5V;h#5jU+Y3agfv-XzgG-6y%%xq#<x)Q_MTcW2CL+y1rj3Jg7gsr}kZxkw?
zF~}!uzU+Lp2l;1!)+IuAj?q7$LOwq>U%nVICKKxp>^=tB3*jEv)gYfA<=b=_F^(g~
z_xN5l$ksaYTUce#xhp<3*nE|_lo%R^|HgjJAp0En4r&awsQAoa^Ht_%V!VLvOPqi~
z^XxYy_e3>6{TF&;i*$p{SDE{X(FN6*>}HUCEPcJQgHQhZ4a!$qJWPx{^fBUWEl&{R
z6JlIPjAKzT1p67|)AdGZJP4H&HedEiVmyG}K>lrT7j={^y%}9<kk5}TCtnRQ9wEkT
zY(FWJj-tY!C)?)Bew7%S6F<Pd)$k#z_1*h$lVL0>>=;tMwh`|VV+i^yykk&bp2D%L
zN8d2iq2g<U@_)t_Ylv|+^-#ZS|3c$r7SaM5SBm{FLlY`yf%3%<#5j~~mSdj}y04PG
z7&J!DHOMC(GbrEs(lU9@Mq1A$b&o2dkcCh4o94y6;Bdo{s8GIL3v5q}qe&lve_Mmj
z<01Gok7PhM(3lnn7;L`E^d-h^%4eI$XeU3L@^$q0C&pE5AA}Ey;b&96j{bd!aW3`H
zToW_Mz7C{zY{~Xx^VMeu5aS9|b6BB4_M^rZL4|yNZ2n95hZ3V3x;qRo%;cDa-zVFT
z&6n?RV*C@;b#hnOnen0Zo#r^L;k9<#9`-Y6jVF|U7%IjPLvx?X=)4h{8;9cyqCcS<
zK=%crzrp6K%tT@+=8o_x_5UqYu4CDgh@tbSAG}VC-$La&mOYgimr<Y5u$$p@bS&}I
zMp@7Y4mJ!$h4Qtg5Cz20T(AIJ=ZCly_5eNO90gk2oN71+70RD)ND@QOa$oo#a0M~m
zXZ!o8%LCNU&sm%Bb@X3Dj2(%QPx;lv@UtmjNB>R4xQXp`J$u8@j1txzH!q{&eM18(
zl&^B)9%5*o%Y%PVkKaP&I+lHi7~kXX0t|B(*~byDqfcpz%~yIkF*I(+Qn`MH5IUV0
z$Dn%7r*WfepU`|Kl&`g`c#0V7iE%SNi>~k1?x=cJApHK9h@or5Qes$iPi^gvs`*0r
z{qGS&=jJWMu;^U3c1K-JS>g9L5kvEY=A~^xjVk*Rcmd=S@`*<b%D28BiE%G6Mu67f
zVhMFp|LNS)^MYQGZBU-gx9!`7&N-j_&)H_BLALs=4ptbxL51c#Ve{*-w<B>S+6aF$
z$nFkn;7NnVkf=4-e3jW%0jbCFFu*VyJrcL>;dO1(_45dW<`kj)aj4jX7}ujY9Ossx
zd0Y6)4kX5GVyez38f5PPTCbd7C_%+v49d61IhYuQ#61q*g9h1mgY;g5Y(F+%z9Wh8
zCv-4zdKk3!9)NEk>Y%#z?{3%^6*gaG#t>r+<uqq%juf+CFuqZ!j$PZ^xmfERp?r-g
zF^L$5kp7A`eb=b$-@~cIP+u=1p1qg&mKeW>C^3#D#xP=NOp6oXP<#iXTI+QMdyU*5
zTiAS+DItdDgYDpAgY4s}i}WIcY(F+%z7#R^JmAm7+gi>ihSs;sh_SU?ON?vTeh%mu
zMG#wa)l-mT(3~sORzmsOM%+e>foKZU=iSo1Hq-g3v3IaR@r0gL3FT`WQALc?(FOP(
zGRVFMr1u$Q`?2}*{h1i*JB>Zfqhbn7Bv0#wE}(Nj*HfYA#KPvQ%u~czNcjS6d%e(j
z({&{bnm06GOfzV15z1Hn#S6r^5j~SQOsy`m$1pzpKD&mJ&z~>*C1NZlhSuLtvz;Hm
zPqrVGv+37~v6L7El)20x`#_ND8X#o*vH9}7LyTk4CyBGQ)Dc7T+GW(OBbE4dE{TqL
z{`42b(7bdK=p5|J7%N79V7n7h<>{V9YXEVILHSW^@o!>0Kzab^UP#Ek!01R+$mhrA
z%lA_k@7}Er`>zJse}+$u%6{GO1}fyU_n5yDV=U>Z)JgYMA`Tk68n63-d|JZ`t#yR*
zCmDKm_2%HqiF39=_DvuyH^}y5^WVe2Gck(Lp)l7V`!VB-p+Y`CHveV(dk`Z@oyKFI
zWsrR>NaF_Cer*1$`1kGVeZF3WU1pGdJv<FbgM5CJuk@QRgc#?e_rg4bY>hAVQ_3Kp
zALT3kPZ&XrM>&>D7^fY%fqcz*qGO&vJ%$)fl=&wy)L%mOiN@E028>UBu@7mRKLGm#
zVrZUuoT3*RWM2&0|008YLSsuP-}+7?#$m)zU)gJr>`P%)2cP_p8kDcJIFlGtQBF1Y
zv*RO-okyMJ)Ac~e_G9zqixZ<C+LO98qM|!?!sut{8nE}RKVb{yYrYl>iLp0nZKtwA
z?OJM7&%NqFYZ>vQLHQY!6PFXCKWWYX4XEgbtuZUrx%)Y&Z-nlZgz_^<i>1VP4!s#N
zXaiwwzxwTt<(3g+rD8!Q+Y4*^)o*t!_Y^Viqh1%V?I_|1UBmYU`78yb#d!whpKDl6
zjHj`0g*3Ji*7mF4?pW?aV(6N13#7BXu(n_QcE@sG6JtM)Wd$*|mi5H=fbG>+%c#TF
zpa(f0v;7~TuR-?va6j}h$md7-Hr<UF2a(<%f(F^Uf^<)VY(F+%zHNx1IY4u&Vs+sp
z%Eo>JdpQg;oP!Eo4~6ozjmRR#Fw!~~zA$V+cZQ!q^QEXa{0kMz|F5AxF?8N&?C4%f
zEP=g2*WGb25ws=}7Z{X(p<y5~?!&%`KG_m-C@cJBk08d8`0j;n#1Yo^tKaTeZVEBV
z*}eo0<M{TVO?57)4W58Q4YI{F@`UoWjW~@Mmyp)6ACC4X#(vnkZae~tEB<20BTpz_
z+lWG9%t5o@8~kE4w%UF>RCA;Ht1GtXVzButlOl$$WjkSiiwd3pT3c+3YF^Xz$8Kxq
zE}O417ZO8#cRzHcJ%zRX>bE<VyOS8p*-sBR*&ur|v7~th*?w%kd{xAF3EiK1Xsn4`
z*bAS=k;ba-k@P%51Pyzce3f~a7|)Xa2y~qhI*-4A4`Fx1d{q3ypnPp3RuE$tu{3Tc
z8?HhJfYxQlg2sQo;UZKhU(Y<m)5KUtEY;DTLx*E4{%+{^=#QZ5pwPXEP<|g&R1>3|
zbQbJqko~an?TZTe{MdZ?ULwX^V(D64Y><5mNbNdLwjY}>-y6i3hgQG>gX~+4&$gv}
zer&#c?-Ao}^g-&fwX7w^J;Zp37+cGFVpOxe&b8GB*%yM&iE4w+bwA42c_)4)hWcA$
zVk~K)@$w=n-)K}kZ;(&eeA$`Zy|!FQ89UEh&$%MB-$xDB_Y7&Fw6+nwh@pAuG8jc#
z9EklKD&Ntl_^UxaVe@70M2x-BYbmo6WTbocXl(g*G|2X2^X2PH44n%HW1ne|eGN$G
z7-ajg`S0Qn5~BniY|3gI*~^U<qC!4DHh(q#{fLo)9s>3nEc*|}cLyru^JDYn8$=Av
z*@wbAw6&j2`8xWC65|@$L-k!j3_qLlS-(__B*sPP36O7)eXsG&LWO*OY`%QsiSZHj
z*a0-Q@1QP6U`sWB%J-e|%hwr`iJ|r>f-VNxQ#$zikrvAH=gZC`MlUqRK8K=0bKq+9
z0T^P~1r?fKh4QtH_yaM<p?BiD&LI0-P+wndkk60uZMu{gpQ;>ja#1lDTjz&-V^E><
zL&zs=zU=wLm`Pp)?0vNCLB@9}D&+HH^W{6A7ztv%iTxbyF8sFjb*8r56~tJ?_Wy*B
z*<Sc<>+4KyxtoYFoqFW(-I$LR2ZocbM&;9a`5rVF<kK^#YSPxehZsMQeggm2@*pwZ
zVf*djD`E+)OOE20wn0B9y%zK=L~Oto%GY=ne<H?PXn*__hNH<B@?B_<?Z@WJ_ares
zLv`;o9u)^;uQa|~RA_x6R8H7@+0PL}>$%&Z2m2P*_N(9SSnhRV{DJMiWgjoHy|DJb
zjPD~<{V3Evww&rO`vYPefQ`8C?@TxLAIOt$nnAW7n=jvI{PQ+C9NuC(Kb!J(^sga?
z&d&!po~`BI#7GiDefTH1m%3Qwd(hzb$*;6jq_e<08yy9@&Is9$7}Y!_Ms>jE%ioh2
zU!t0`R=^*LFI(-b@u0Foez6Q&C|~8o&ON+q^uE|r4YJ2kUOL4f+mFqcuOBgHp{K(M
z2HCo{N{=_l_G9zq+m{$epcCj9UH?S{cEYE5R-dJ6?W$)+VuV5YW3k0xV%$LbXL!r-
z6Pf`(!fOVNRk6;Xe3cVN5JU5`%D)bKrhD@Vrn^R7jS9^}VvPZD=bazWF~rb)%|e)H
zxExje=Ys00>q*FPAu5!=$S{Q%_Y-S((*HqwQ;*ZI=U{8yz8&lcdJZdk8I->>wm6L#
zuaZ6$FkOzMUq9{OQ@$UYFW)RS+!l=zPxpdCb=Cbq0qEXW&$Fi+bZr#Mx5pPDMmFi|
zn6EASnDk@Bw!VC9Vdqurm&S+@BTv_a4}2Vjt-j15p4OT#V~bY|%GWj`MU3ZAwcEc?
zp}K2+SNo|iH73+|BEw+wRpxABXicy^*fx`W8tp2bVUX>|=F7K;7~0Q0u#Z7@6z+q)
z4f6R>zD-|F3|*fzCUidNJ(O}(<3e-w5I7W$GuXaRzV7?Qt;Fb!&IFCAe#BUSD(<N;
z6cqb-!z@%N-}d(-#5kFHEyuUDJVA_}#JG(%v?#u{w?tni#?EZB8*$W5JvbKGWgsmu
z$o6CN<$IGDFA(E->_@4Ku=d+N-%HrS=K0HgL=4S$hr<Me?7qe~9u@NWvH9}V6XRku
zPF)T`MSpC~Uk}4D!yr`H{!zZR5&t5_RjBIl1jiw)ZPog1p7l$`dSc8+M?>5o`y^sX
ziw&~<*nIiavCGo<ype4>qU?^o&eGk9@eF0>LRW+A6Nu^e<>3?Z`SWFOM~o@d<L_+q
zG-)CG_pmE5)K8jI?l#C)|445$$o6CN<?Bxj?RzKaZjgO+CqDTtHecy%Vw{9t4HFHr
zgCITDAlpySmp*_P2a-M?9)<g83yXaB8~i@`m6nR(#JCYX40=O4=bY?4jBk5X$mhrA
z%Xc&}bWBgdxdz#%g2wYXhBHy|q(S*AC&m$DFny~(T?>T%7Qrv@4!jE;{}$osW|&Tl
z7l|=~^g|q@pH2BX`ezd33ASGX?-D~;+p6^`ZLvOSgc#>gj}ytSGRS@qq<0!*`?2}*
zokfhx(8(~%Ao~H3o?(#f$L7m-9x?ul>YO>iP=tPu?*vrW^MP=*LDx~Cd^;aqMU0n8
z>$;>hoVWzEmYWSKueFe_SK@4g^5+?DAjWE9+z2-qWH-PqVDG)<^P_y5zLglcr1fm-
zAVVqI4Nd|bhy1FG$TcWm$0{BmhUOl%s~v+k&|gBn<p#e`ew#1*31S?E28h>$h!!}R
z7;5W(8a_wGHwNWzz!ufS=+5>JW8ZF&t@E`SZZ^m#9x^E3`u<J~U1z=|?t4aM{~q2U
z#$MDzYlLkKlTeKvjh8g&0(%(L#=_>SOdT;^L$$`}ZBT!NiJ|kkEA)h*LC<JJ*yO8B
z6EOy%2ZP#0XwAJZW%fgVMblBc?Eq}?>wAu)eDOUo^c>?6?5(AR80w$JaH&D|OyjFS
zg?xT&zI@%c@y_#SsmIo`8!<F)?|`24sj#+R{dUK4`w`=1wm+LX9b=Gv7f6pX9El3~
z{Q0sEBF01LO5$uS<A|X#`y4U0mYKvjju;wmc3rP|Nax``=zmd-kzKHb#<Z~cDibBf
zca+h3=M~!Xx3KFXf4LH3TuH3?#P|y_gte_&zs<9LsVFDL(Zo2AZGSIewi8znL-Xzd
z#Q43;VmomsF)l=xz@F4g=>BUJDqnw8C~bZ6`|bOPF@^jup~fJ4TWErnhX0`A1B1<1
znLiQZGva1qBQCN>K}Vm`7Mrj1lf=;6u_ydYT4+A{5bcYq-<zQaw$S~PQ2wr{SVfEp
zq(gAJLH6OscN!|>^JDYh!2b#{a!~b+_A5?>UGN=&YJSXu{SBJ?gz|@@;$32lAdR@^
zWp~zNvOh7tBTylqADi!%<sa=M4c@1m_yyEA8^AtSS%WRUH7MU+2fiUj5!;9HU1^ZL
z1f-W6Wc#uC^8J?>=b*Ddej!`&q`IC8*?w%kd|i8a&meRRHH>%Rx2>-;wdHmoMoF5t
z7OiG`@fz{0y*ahz`Vm9d$$@NV?@?su5=%POAlr}4mv3)kXsx69Nc|y3VoxE4)=NK-
z{t33l7W({M*nE{4OpGVZwza6xc;6AU?dyimQ1O*P`6Y&<iSb8b4FO%7h1Pr7<ZImM
zB-A{s{Rw-GwfQPDff(0QbQ1QyhB@eN_$H!3(E4(OL35r^zFnK0OpMw1=HSz{UdWzp
zRQnV1`LX%(%_2quje#vMyU_UdL4|yNY`%PF5~Dx$sK<WBAY1nwYQx73I>*J|49fr1
zkRrwx*jK@u^rx`4ROh&m?Z;p4d}6#tel@(!_QKk4`FwxC7B<gc?qXuR%dtF1zUC1j
z`*LFWISZe7)}TC<6IT$U4AuHt^O?}x`VaIWIK*%$Dl`U!^0ke)i5MDRzpzI8J!JT{
zd5{>riFpuUy2yUF6QBGRo3HevY<P;4xLeB;#Lzi#H*}|+gth(Zw>y@5kr=m7j|+%#
zg5hdZ=ZM;C0;mnoFjSyI`R5tlCdPHxx|Z0vLC*ju5m#;94K#miei6GHls^nxd`OHF
zNozlfBXqC21I&a&K-VE#$1t`~{tUx9V(6TzB;AL$5Z3mq-|krMCt~bLjO&T98`}$O
z`_*rEEZ1#Y?>nh;i7`ya2%4{6MjwTth9D|5FA3#q8?hZRu8<$!Q`A9N+p6^`ZSnj1
z5@QeYZY0j`Y%i?sSHIn{+(E>6iS0E<JjnKbHs!N^smLKlBdT=@mtGgy?{(sn-(vHX
zK9U%kyQgE@c}Dhl>Lk^<BxL)s`SRrw<6iW1;@EY~+1R~7&$=}Z^{m>?8~NBm`KK5r
z5@RVbeu6g*KcbnS>*Onj4^W}w7RpySaWXO9Cf+FMW6&6%LEcDoC(zpOAcM{!q5LCJ
zF^d>0NPhvV46+%%?(_d=P+|9}HHWbI>#*k%L-()e!f^(TxxJtWazW?+EW;vHDE|V(
zJYuZEeuRE_ikL$7rl==h`18*r#v}MNr=DSueIjwBx{npI{n-4!<G+{~x^^B-UG&+6
z_ya7%r@r1E)UE>!2ctsy>T|J#7@wdzSJl5eu*OyYgs^u(|Al@JcI~2ZA(Y=271t9(
zV_+%VWRSfUZi7mLe14Q~)3*_0Bx%CAYVFgF&t5;3@5koLcQ-K<Q=fI%^?U-mJ4^%J
zv&yggRiU;L%0JQYI59MC`;%Ue3bm`owc17NbB%dzBeXUY%2#`dXNYkm=|b!=uorE5
z5vsO|fX4eMIN5L}DwJ=}zZzoPNjga!^_P%cZ}g9-kk60Jm+v)V9Ev_ooUP>pVyK=~
z(1o!ntnF97-Lc$P#L)HU5VqYCY&-hP{y>bm9E-+TJ#mEJw!Y5PmivVm3#i8r#P|o?
zO$^KK`2UUXKOOuw-|Dv8dC#MoDfc#15##r=2Qf}yTb&oj8)Q!doe%c9X3ra|%D47@
z#Q2apYb>d~vKV8UuNChQv?pu__I_XwY@vKRR}3M>J@^!NhC%jdj!Am5LAD>8FW+!t
z{F4|*V=p$yK86_5iw&~<*nHPVj8BQtjWYMMogcqXwjY1F@x%y{zYTFT2Z$cnNuzaW
z18D9S_S{y!o{Nf;iE#-!7T;f~hp@I)>$iE<FBP+hQ9}&fmpsh&!f#uj)#oTD{N?5n
zL-UEQhZ>V23;Qpq)_zUs*RalD=OUZ0GUdehJF0n9bG49tpHa=5LOwq>U%vB*q4A};
zaewH;7}GlKJMy$%(7JX%ILa^v70N#j71t0$*O@=#y8wC-L-ytHcR1f5pZJqO`PO$A
zG2SDs`S%A@?2P>+x+AJJz`sE4BGm7~=BvzdVjO^eMgEHh*|^>9pGCz_h7VC;^R<ta
zB;G}}Zylph>=o$tsK(rvVAnr(T-kh;sUe2eI9kW6ZN+(@{tbcJN^6~y3{g}l|1`tv
z#0ayW7vOWom#}uN&$k*|*gSu^4~e09L&vOfBd#Ql_$T&b2J2f%S}1MX>T_begHPA3
zW^{Y{RxzK#*1AJ&@eQc$gytk+^Ht_+Vk|+=BmYTa3u{}oKBX;w-+E#Y!d<@wF+>Uc
z8{cGf0BHP<GR#1Q^0np@`e5}gMDv1<KghBC2SwatdleOST&S;w@>NdsB!-Sx*Z$Wy
zj^9G%I+opq7}N1<u6oWOTl3!Mpnei|{Jo7WY`)3_i7^?~{P4U%c2CgQeA-~orFTgS
zo3Anl5Tgd&52hJpPvW?wCmCe>vH9{1A;#;p?K~K3s6clEjcLsrqrvuv?F;1>7)BC9
z+h~ox2Qh`NZ!e(o^+Scy)+fK;9!rdC$X^7H8Dz&my38QkkIk3wL}K(nZ|C?ey1rU_
zOLP`7B5b3!OBrO}3DShYwyjm0|2p|+5~CEI0!f4HJB;rvRLJMY=4;)PBE}okV>riR
z$>0RA_Lk_`#L)fFmC&D<Vkox8jC{7Qs!0p^gw2<|h!|_gy9sVI$kzC~6|OhP=STTA
zy_gtp66<h|#gfUfSbIzKDq<`rhWb-;mgt3j5vuvB9@RcGu*H9|h4Q~Q+&~P?y&Ajr
z{!`a)ookxAb*=dpZ2WET37fAne<a4G=wB(P*xROib_KTj{sO~&sIcd;^0ke4j2L$i
zV;JqRCH%}b!e90oV%$KCarhr6jvv2IwjY1F8e%LWMlNNZA%-8nPqrU_xqlGja$+0{
zdl@t@9H(tit=aV~)UIcbz!u84YmxVeaXY@fsKb_U7-faOYy&Yg2WpM+l0kNFP{01o
zVB7Lz(!%De%=g4tP23!8+kdh(PfG7L$o6CN<@=c!I)BfBTMSomTtYr;Ta~Y)Ka)yn
zKGr%z>%<)yV^h%r%BmeT?sb1}+j|hUQ2r29WD(;+(!;T}{?YG#PeUX4)OOo~V()D@
z5EaVT93iraaWLs)U@wF0861l=Xprs4=F7J~F?4>O09uFcLOo)r#^iCRjzQOct*68&
zgYqX}iy_2lAbm3|HOO8Ex5Etv`TQu~rjI0s&b>A8tU-2HsD~#E-=g9zgUwf&am08G
zT?^F)*}CSaep)jLty#o72Ai)kClcdvRBPZD46?TY#j<lmGq!loVDnYx55&;CbT;U`
z+nY9BjOuxa+IBRI1G^Soh%J;~ZU_@YYg*NDCH*P<w)J(Uw%nP-Si<%%!AEQ_{I>OV
zrnX#?7-8z6<6On|!f#t&XKKrxM~oNQejstu4P(*0@o9W%z1RYpzlG)_Ve?hy5@Mv#
zS1I=_br62r`Z`lv?pk8#+HyZJ{tWjJ!}1L2hYZ$tA8Dbqwh?y_<6&Z?uysBQ*%~v_
zutByTn=jve#L&8JAL9OAG^WHe#L)Ur*R<z}BmB1Yb*8r5OT^GRNAuyQY%lz_^>wDU
z+}p(1k?j|=ttFkcgY4_^tKWsq>r6i-#$6oCDU`GAEV~Y*_ZVdRsq>{9iJ`e^5c~bT
zoXmD&Jux&t=()h(4YIjpxNDB*P@(ZEJ~G&RtxLM>z`BZ9tFZq}U4*rDURqxiTi85*
zxn9J$nHai`{E6*_=4h$IHqsB!1Mmr*J3@Zlvx}XHaVtKx>kjyZwf*Y1JC-|u7!R`j
zP`2F?0+bd0vd0jk7T;~kBaX1PU;TE+a#M&=$M)9|A`3E^Pi2n*=}rdOer&#crx0T=
zRDIKzItXj~)o*t!S3-=PiO~zD7-SDMzR9SN&yUTQFGY;q&{L>~y^d>MQ~yo}trO(e
z+DzDMgz`@^Tu2O!9jynt7{;U1IHqiL19=)JyJ8EwhOqf6vxFGMlzAEI*iQIu>+4Ky
zxf_WwgYExByshPSVpI}CYYf#{9F5%%)%Ea4^k>j>AF;E+=Bv!3#27`H|H3DRN{;6<
z>|fzMcpu~wUtkO6|6+KG7^AVZZu>%IHo@1F5sGWebT`|)NDN&M?jyY;+Y4*^)o*t!
z_m=9x_ItDK?`0v|iBE{JEA`Mbj+qA8rxNoOsbK{wo-in1<!WIKF(#pE&vp2PwLdmK
zl~X+Nn(_I|eMOA-s85_cyUvq60;KkSRkk0SFW(Qu_z=B^INMPNVQs(q?T+QT?Z{f6
z?azlv2HiXF10^sXj)T(;DkqeGj$vD3sNHleTT2~;wKcx1uM}I@Jb$^JiIGp<cVOF1
zwtU~f3x>B)VaKw~SDD?3p|Si&>a{&}5Z3mq-|kp$7%@&KhVC&M*j{M8D%JcgRhw&m
z5x-yy`85xTk;E8)?{Vy{Wh^lU6GLsUIY|^kAADLj>)hTObdMxP8kDa-6BCG0fWC|G
z1?ngKw)J(Uw%kd?&{)%R-p|-x_-*U!Ol`SSiE$L$x4=5Xdh`tV4`{vQu9?tJ;Y)+^
zRZc{SaV@HL(EK8_PTU>c18qiCPS03`*2==>tIT|2sGQa__FglItu;X&s6XYm?RP4+
zQ2rFdWyDZ=1#vk2Tx5?09dB<#5h}E{70OpRaV;?>qHjPG?J4}W^>wDU+%3dd$@Vo+
z%l5+B>O1SRYc-qaFLw_yPNS@@tBq_gG`6I==2%}JY_X5eXY(H>#y{|%Oq@&LPPUcp
zS8K~}@%tVp#^>Z6#<p96uCc;j_HV@Kf^Q+*X^^e^7U?Yp*?w%ke5;Akk7Ie}e?ToU
z9wnCA{XLFH_-*U!Ol`SOh;cV{@UIm&XV0aq@R#|D7#HI!gCW#KsL$R){{n*zWvI|I
z8lik`Bbtd3A^kk|)}jUIcEr%R@-N!L&!&7G{auN%J=>39drKM~Yj26}K#Y$$js$Tu
z7YW&!#&;yPkk60Jmv2{M>`wWMupc+b9tqNi4YK{%eEEXJ(77}jbkDzQy7%3T@#Gy(
zT66loVCQqKcZBjMqGBL1bpN9{>tMrKXctf)?r(f{+i|3Y^0i+vj2QY{P1o=Vun+aP
z4ArxRGhqy99-L`77Zu81U^tQ(nqO}q-H*Nz*7mF4?pW@4Vtho5U5N2LDt5xwx=ZU#
zT`#_ZwT5o^gw0o(>BM*yJ;>xK-#sR_QCsTzoQCRng{~oDACs>#XAnd81B$z&L3S=^
zuF;qjx-SrRE?2(FiP^+>g%~}t?Y+3{QM8M6x<R%dn=fApF}6W3fp6GOSlg=gDQ)rl
z<`JV0dA0C0+Y7&KeVwT-$EKV7OGTrBWV9p_NTkBaKq^)o_5KaSB1O?aA{vg6ol3?c
zf!UsrDooDy(ordnM4Mr=5>eMuz(k=66-5hD?w*R1v)#CnSi;?3B18n0Gb#4trtp?{
zbs<3eGNf&(!h$&plq{GNbqj@4DVw5*m*Vh>-Mywl$=GZKkIWCpsEysoHOh*jzAf8a
z<`6;!G)Br+(j<zb#cth5`ofil6X9YLol1Dg(pYIUP@0Gr2E2_-gji`opfI_hq##fn
zD=CO4yxvH~1EsNucbK$Zgw{(%L&fn3l?)WS#bfc(Xree!94{+L1xO@faW#@P*)Oe}
zACITB(}HL+87dA(=Eah3CA@TkuwfhpMRESsC@72(zaU;xqRw(dE2i6u;R0<GC<vEo
zFK(lRyn4AKpeR;Mi?Y{*XHm!-0*4H9z3y<pPR0x7s;%5EE{PRH1BI?hRE?0sR5%hX
zNhNh4MXFi}Ra=lOOqvEwB-HnzSV=0Hm=`XhHD)InzG@T7&?qG#_Dm~r*eM-GX}FA|
zOSpYcH<cwy+`?_6Ej}-rNR;7?7RO5iDa-<OG~JXRP9$O)714r%cyVb!ZBS}ETD4HC
zCt|4uAv#aZ5K0v#bp);wuOL+vV1&|fruGYB(IRWBWeW>qC2Zd|SXw>BvDpc#5h@MO
z=9Dar7ZE8**A&KP>zEZeM7v0lqWEk^%)EFilu(yPRo;$Rw_dSGC>)8<B}vm1G*l#3
zGP_;Tp@BlLo5SiMsx@2xuzi_#zDvSIVRzWgvsF`*Q$Ai4NitHTg|5M=RuV2^^cKWR
z7lbsjLWyw6Yz?$jh{mOgv4RDmIq~9Xs3abV2IdtHKg>NtVnuX5gDaUz#1|-Fkr$aA
z1)}p990V;bh<S|>a_6YF<b3*rG2WUTi|1>Md;K3SNX6n_|97ZSxjV?|I?vGA%3v)m
zvyDhj!F<hQsX6gvswB*GRTL|k%K;aLi;Cjzh%v36Dhg5OKsZq_hXK+y1SnfPmm@W&
zw%W~@I`uR)(O%{RDGf8JC87oMG;gufNW3^4D{*&Q>W&5KLu=xuqX=v_#^x+&?Zsi7
zuS{~PgBwiI=EfLGY@VVs3&SPxRIG3Tr<3MGP3@+uqf#7+Hp6Byh}_Ht$>LaPGEfqo
z?{+w~@ESQ;mek;~<BZv-IGmgtD2ylO>U=Jks}q<YCc#eJ8K5=GP3fQ3E5l(qZD*@8
zNY9OyM+>|@EQ)iHa?7_}C+rq&R|-7tJZA=>2Ag`RI1w!lmj)tbrEUuqCTP*tehie(
zjWTpKooIgX4Vhu)=(Jn+ViGd-;%GF*#hE5JN^9b68}jZ1(Ru=OKCRhs8e`t5(daP~
zcp@1+iw0PrZe=H2Db!P?=A!H>=TBLJ(>ui3!UWcu)Rj6ZPs$wz$vMRlx1y!qI4dR`
z?ZAE%(FBw*Eu;eKJ2O5D81&kAqAbb$6quJ}GA62b=I6&WA-fk>iufkUaJi-~?ZYjo
zIo%xz45!x1gl98%x=qW3?9DI30%dX}JyDoM!MuRIYS`wo*D!UqF4tTI%G(Z}ozcyz
z(%fjGBwED$S?o^NrE0>G!laJEJ6GH@t+4f4U}l|Rid7IUDTul=lo!t(Bdu2(Z(O=V
zvRDHvzqHUDSlX?7U88EnZUcFjg%ZxdWKlF)+IpFuSL{w{9Gtms<8UXnd9<2$xn~BZ
z?(GI-pp^N5tEsIryD2Ov@dk)Sp?g5g687YzI;FD{rMh;wed$fHT<91!%=ra#-0MhD
zG8*N~bvxc$u-HXNEUt!PHK5+)WKM;3@|$2~-WniO<ZVwosqf;2kuaAOe}W}UVaRRV
zkUJd~Yfr-huCz@~#bIWSaAC4FzITGUYdCL$ZF9I&uST$$oy$s+bHc2u5?rK;-4Vg%
zo`cY;iM=P|%(*(?A|_LJZsIB#N@$to&a-x4mAUQLTFA78%5iXQ8>=A_u>x8mT2!bj
ze|)~VHhKZ*0J{V^<cJ|5u2P}mV#btv4NJCjdDk&cP_=Vm5ofJ;W%B%q=vig#i-Ekr
z?8eMmrEaTea-64wW(az-mbZ+cvUbU$j%c;<yNh})&~!#}%3~&qwX}};FA+uY_}sG6
zP^18jX;v&Y?d&f#R6%0u@`UzcEFEKbj&3MITr$iJfzFX(fqCw=K^2N}V(QwOh$Rc=
zg$j$xl5;{a_Zk++XAl%7-C<&{Wwv){L5)LqATg(uvan!XscV`YuHMCkYN=M<rNFxm
znY7xM%Q5|<OPAI~t(PPE)b6Lu8#l#eB|5e3C=1LjU~Nbp+N$8rRV7I#prW>(b0-RS
zu@Fd=m3wEMJ3`b*1*K&HbsZCtJNh-hM$5S<t2siccxa9WXf#AfjZpQw*U31N^TVa_
z!b1NDP(Ruk)Ye|B8Le|wO|OG#k5Fokjw8f55>`&TG$$-~g}OOm9pbgB>G43ByX;Vn
zHFtWA)i#&Wj%KM<Moe={P<)nKlZbn}S>~<@m@`tdDa>Fli^fU{<L0v3mbM$w<<Xco
zq&b1TQ-M4)9K3UT821up^-dR;mZjXQ8l}7u?Dno*jd)A>9Ccf=EMNC7tOoeMcb*o~
zGTuH4slVCVT%8TvOC$=zWkp(pa&nT(3DP#sG&2`^m+8ZDLezplvlH<$)=3mKR#`GJ
z>@aPu3shN&JG<iJj7!aSFUwS!(roJ8ztWgRDcW0CU%HxgZz@_&w^P7v#UzD2!z{Vk
zZCSp~c&@$N4X}VIZf!Jg3^T{ZBU<<sas4L_w+;DpX-K2h9R~h1i=$y&jTk2LY<)F6
zncPj&6j1@Mk$j`wE$_}Jt(SLuZTFU$9B;AOR3liEj+aZ<C%B*TZgsh!xTC_I8fTY<
z6A|6zr{W1MI@ri-Py)3!F19;exKoFBW^h_-W@TjPWM`?%933d~w~5BG`pR8BW3-!3
zT2G$^N$yGV%Vz7A*!Dr|iEc}oD|Lqx!sdDpE4<8b<V@8kQ0OgeXax?!G(usrG)8aR
zNtHo0Kb$I<!zIzZg{O+GmIfIiqUClU?!hKga~8z7igW$()&Z27#}qP~1&}?Z+`A4l
z|LM@ny;Yfw*ILe;dN#gUx>1bdD2X1TweulvXV_JoH@Rr`3b`HBdK{X$yaUmB8_MVI
zuXR>)$Cvi)R+?^fS0r+%Zf^f@?iI!I8G=QrSZNW{UxK;NZN&1xS!Hof5N^FVFN<u5
z<op<|#u_*h3o{DllyM)W263B9bJsksD$(#<@88lm4;9==IHxsSpwx6|sW*vHALC)1
zne~EO12Sk=PG&9GJ)uXvvgDbJ{D?O$Z3PEwjW>8eWU!90j9c?)U~IT_jQdYXWJEAH
zV94-t5%5ZKJ`DEOu7g>6g^I$QvKT5q+Wn_E-@lPv&K*pdaDL2P=!`2Y<bIH;l!9*j
z89k@)ASsqgMYTiYnpiR?%0e)lU!-!>U`Eft##;{ZayH)HWNaM8WCX^r0MlhQI4znQ
z;YP7Jqgfqu(-L&+(k`dn{@p6I+p+6ux5rMZEmvo?_W3so(XnP5Rk^H$+j_<o1-Tv8
z11ojTfHMC>R~{w1-|^(py!$<#3{=moGvNTx=UqdgD;x&hK%Z-L2R)bW0h2(_m1lyU
zE9=>HFE|Ibg^NL-&s+)mjO9kqXP9?^o_Fi>F+C60^KBk02dW_pUWJ|E9oPl*eGz@H
zq6zfu`FrRK`kZz*&@*{`R-otn{ZM_*wg;-uJNl#g9Ai&ZpL+z+Ty!r~-|N{MJq^{d
z=cCzZF**P}2i+IF1l<q43LS`Ehi>Z6o8ltjf{^<dFUE5uC3Nv&p4KxM9z4u1aqmr8
ziblN0AG&m4BV2SOr8<i^cgxB{vEt$~ci{76BNfuE8i5k?w4`($2_82TaN@bCa70i3
z<WGd>2Y8qpa<AqxyuEV9`YvWF6^rYpD`f7lWSUzy*K}{RWqFZhxesw=xQ|O^uq2I_
zC8&@R?nT5kcn)bF5W3Hqyr;Y2vIrBgciZ6Ex_BkxJZfUquj4NEx1JKM`_^N{`Qf=N
zJKd*#`R<HoZy~*4YH8g`6&CYgO?SI`-Za;pOI1&<)p}BvUsf`omgH1V1`pyN4P*Du
zmlc}smI)mjP31D<PmLCh;mO@VbE!RQK<WN$wTVLe2U+6<W5rw+iuK4NvibOVte<`}
zzQ54#i9d#gntL-oP;2~rQl{>zlka$gA?3LxM+CV>MI*udXn~$q2e}JR#uGu>R!>oa
z`SDaLUL1@U2DwfY%pF9Ao?~nN9H1Yq+)P|HV38dwJ!(k#fTHq2!9t#HA2lF3C|Hz?
zgsro!i973;&DGN!ps5g5?W8`wE}J-IB8&VEUD~n!A;yjOl!`}hy8F=*aNvMardM|e
zY+ODP?R*OcjBn?@{&YjQ|M>EKgD!9|k7Y_0aJ!d0*emPnH*YA1O6M>-hYe)m70*Aj
zwTHK$+=yU^g~EK+vC&fgVJSOo;Qk%^`lzFWq3Kh{hQ>|K4V^eXG%auR*yGhXTNgiA
z80PtVBxs|KADuUPQfSJA(bL8a4UL;R^~9;R<9|ndmaDqIC~*5{OZTuv@i#eWlda>}
zKYW>e>~kD%L~}4(v>&&H$DTMjZ{p<X<3iIXpE7ZBu4#yf`}j2IcJk1mZx8Mnq)!oo
z$#5(ZjHQC}<7Gt=&dhjekVR8;P%ytN#dI`37%TC%AEr_f3TuvPEw{zvit(b6FmW=2
zVA7<J>N{>mo~h>+9cLnXkoz216NYYJg9Uuv5@c~aC)hSK*tYco`{H(b@ZJo>kTQ!O
z#&42!d1vQ;yYnT)qn?6j#CO_sayoPzOdU^x&723F#oy#``mI6qyZ6Ho&;;uakJc7)
zr$k?S{$_h<h?HvDU*L@v8&W;<d*bNwqb~2X0|%749sPUa`Qx-6-6qbV|37gz9`pa>
zxC0`Cyz|L72M%kS1Ak9^+rI88Z9B<3twPgBZ!~qgC%iAdz4S~C^Qru}a(%SSwBkE6
zHq+ljeZ~AI&=y}veD&~;$4$lUct-jful)t&cf|ewdHrZ#@6rOhvf1iWe~XU84gmj&
z(K-&i6Ksp(xaZJ>(UWs0jhh-8f8zAktI#IT_x8uTiE~f`Zp-)Id6)XOZym49^u<x%
z0Bl=jP4%+&5Aq?|ekrpm+|;;doj*xWq*wq=D~%S!3S$LYg85g6TClhaSMQ?K{&+Nd
z2g50^Krj-ICd~zw6|Z*|4k;f$-fY>)aj^fXEHvXK)3iq3#BMv;F4z4w&L&RSPRdV<
zrjDKJ3$Nw-?4vXf@%@#usD|p0qH^8bv_C%E-qdsA6yNsy`&*^+{k1FK>3(c*ugCa~
zsCVz>Eow<6%lP~&!Hra~eE4BJV^p2JPmVcl)okvk$lO7;+9h#Yl+O$47Q2D_<a@ka
ztwq_ay~94XXE{+6%^x~!craSd1Hoic-_~G<(<hA^gO~QnJtZ`5LTJjkkUpB=3rxXS
zl64jh$@0ow(1e2~M>mhUWg4OY<M?hBH&|0RGWS_cYwZH%#l=Gp4J7zzIuU^a$cJQ%
zH01L+PYi|!5=R6QLx;dn;KQ+@hd>S-su)AuK>BBx{y9Yd<mewa_b^$9>!0EJ=Lr2n
zEd4vw{ny=yi1H9KS*o!RDc#`YLF%jxP6YBG7jhsQvOr}r(Pp#(YM};JKowL%9#lXx
z<r<(CYG4IaK_yf`PJ+0Q1(}csxsYPp_2dVzgD?vEz+xB(Ltr?l%mj1_%z#-i2TGwF
zx`SdAK?*8i1uTIUxDBe{VNjWsPy??)Eqn|O@HH$1#VF=0M)3q+!su+|v<)jhV((;F
zO*6yF4hr|F1<T{8Mhhz^|9ImGJD*V$1v{4U<{W#rw2e<)2Yyd^M)2$s4&yiCtNp6s
zuG9u+IVe52tUcBEd*cg&@+VCk<K5eYrc9kUIWIJN%EW0JU;6XUAMRZ#CyVaC2YQbn
zxUY4mtI1`>?u@msH)WX{@p&7ZJ>Uko0xp2FAqhngg#erZr@$1L2xH(#7z+D=Vr*0o
z=7`PIqjl!A6KCf94bEQW8=QZ@3-Ba740pqga0RH$BD4(7gb?JxL^u)-0>#*5yR_cz
z`depTJ)Y?7{@=UH*L@LJ%hu-XWS(zrcQ?L1%WNw?D7bHaS)tnv=%i@LQ3Hy~h_O+7
z#rS%J`|+Rm(4;K_g*y%aZ!}DteC$R!xu=YtI=;j4`!5CuN9UM_GIJt{AYb{>49!!$
zGF^yyz~o-UMlR%>K9_S8ia_Zv&u>pJ{4Myu2IbFzWs5dAOJOl6{TH_JGZ23t=x*{m
z)YE<Rdaxc*vI;g2Jh%n-9ya>hOGOU$K6l-yBp*=)#!eg;oS3UCi*DG@jwa%+%N(us
z4-N8!?hw9S%Ga^jLY3ifu>1HkUX~i1OcV?*Dw<b(5WRXPAGr)}t%94CJ3pK#oT7~r
z2hS;W=X-6R2y>MTjtmYv^w8kG`v&*+?z4haOP9me%T_QIj|X`sJ3Gn)^-nJ6yz9Vw
z9n#8wwS(^tlfDjJ0$t$8D>gV^z-L!_>09yn30}3qd5gTin|!sEyU1=^fbp?5Pu<7o
zjtlaH%x%74QM6=s%Jb2xJk~5KS`Z8eO|vb$ntA>j`WhYprB`)eI{sr}gvnn`e(rS}
zoVC|)aNY-{ukJvXN{)xT6H(<~apMN(7x)J1LFv=*`?+!H2IocmwI-i$kwiF@cITTr
ze!NHF`fgEVqd`PJwstmmXTI?ka=(q#$rjUZ-Qe7J+XiRc9n6)WbSY^+bMXHi-Z%M0
zlsW#+4bI_^4N8w>8$T~nb~)^B^6&cN2Ip`0aGs&pg3{gD#?MrI-QY5luW>onUC{Gs
zNI1b$3HO7QAkV<&g%dG-NN9T4yK-_B(;Ccuays3tx7>-P^}-tDnr)-FpS75$tnJ!u
z+=K~ywh&EtC&`Erk*L;idD`7LKEPNoBA6eJ1Pdd4LaB3{3s+m-wAk6vK=ZN<&JGVS
z$8#JN_px38`TTUuSGz2#qTOK@C|$}neggQ{<F5nde|<l57W<hAEtFMyB<kmD_PrnZ
zt4+Q;Z7{GV>e~oq?h~WrK=-Q&Cei-3K<kRJ<45z!%shSlP(y0yh#=piVuh<OtLUoW
z&b=F#8@7ezayl*N8^>)+EwdAE*C7^0-lrE{AA5Ha?yA9^rSfC5safZn3}mIDst;;A
zjEHxE+}wVd3H7nk7VX&Vx8o*u$L4C>Zrp8joP1OrWgcKyZ|(?nmTW#wQXgixE0^C6
zwE5%rZof7cW$U&d=Ib%<cv{=f+of$cw|j?~wa9NBH?0>cC=73|x&gBvQ?zY2ZNvMw
z$A#Ir_2Z+>?a;d-aiQhnm5LScEsA7nWGP<&38ju6c;1lx-HWeXi|eChZffUqt!-aV
zhM>Jo<#~uT?ZYQ;AHGKVjq%YIVRJQa*Dr0Gv^80qZ!;Cy-1z8lUWbx}TU?)wH*Kp|
zYgg(N-`xIfKmLyWwr#Q%`{R@hd6nzrI0tII9b`eLX9?~LEIl>RnsLy!X=nST;O36A
zZR6i=;*IvlCY#u$J3xMGzior0lVjH6(wnyZ$Jw??+m73On;2`GtH-gEr}I_d*_?lT
zCA-7O*?g^9+kbN*=s9ySY3r}iqo<CYz&A79-RgxTeE^$^_O!?8)xtYI9?-QLvTnPY
ze(+s~H@<9|G9__7VllSvX1Qj!rduy5wkbI!Y|+-M#Kw7iX_2?m^kPiATHC8zd#^nw
zxW>9q>)estx*MBoj(C8Ys<TCjtycT;8h!32rqb#M?nZPEdUmw^j+CYEe#H62J3KEs
zu<b}Y<g`}J9FFhs?E@N?K*2a)faTLmJvAN1x6=44d47X)47~LsYp?1JPA_!kD)cGz
zFWlQayTSS38J<JnFG6SjndeT+H#mQ0o0dmer~Qp*O;2xd9$CRQFzFGVMLk3w>$P62
z+x|DW;a;ADuojFEKT5q8{+(x85CWxN??4ay|Hbz;DBpKpdCwW#Zy__p!bNSj{)70S
z*Zr=r_jrQ7I&n&<kgq(>cJFNcUzdq$UBa0#uJtOWj;DBOjBj3VRNPw#nXb@XvOkvk
z#M@Y3%qVong!gb(3wDhVevkA&JTLmm<ECFdU51YMd4n?<!cYd6g35|pu$Qq-=K2lJ
zF0eNo3RB@sSPZwrlkf_B4nM-SY?lp#;Rp87)!E?mg<AqG&LdC_Z^K&Xme%6z1INH=
z@C@bOgCQGue#O53FPX#s|1W8x5B@JXnm(waPhM=<;5?7chd%V#_RteD;aB=~J^UNK
zhP9wFb?Aps3$Md!cmW=O{^Tphi7*z9gki8h1YuX$4!VHKw6M(&@Fmp4`%ntU!3^>h
zqnf&{fQR9aa0^@ui{X5j2P#tx5ztth3KL-zoJWk8QN{Qi`(1b)UWAqKI6Me<!%|S0
ztKkwj7v{rRFc*HIUSFY#!Cf+wXh7dRI)(3lxKE*U>pYFAIl`kS?{l5s`y9)E7wbLE
z8saXXy}b?Ge?;roL^MO`V{Uy9RDb#kGrJ8QeN>R!-_-sEv8cWxcCh!{Yqa;+%ht<0
z5i@r`?qaO%v6H4c-jU_$lD-?a(GxSXL;u4}bDas=I=N3Jm>g{z{J9%_mfqsrYf!oo
z`*G-z(c-M`-Qr|-X>qEc5-K1C5y*pF$brnRElxAq0JTs9E1*9ymXdc5`~%*Fe(Ymk
zcp7^Z48c~J5ojIyB{ajY&>i27@EEpYq+?$}-Ci^(Jv_6;$$*(~H~W0h?E5)%HM|8M
z!y?$57~4S~SWEgl_%Epbm!p+15~jfEPza@PHdMe>uoP70Q+Ne*y!XJv@E53t@t_!s
ziJL<mFWSDviFa>ty7p*sZik$nEzYZuzl~SsXY`t0EzW-1wm8qh^zB-luVFOXz7LAA
z(e=>(?YfQ+-!<;qzLMJZZM?QCCyNw*M{g&NEvv=316>AxhLwh0@QZmM|4FFOnD+mr
zJ6#t=0>MDHMUK;zA06X={J3Qr|I?q;|3CS9I@|DX2L4QDra)R3Ih_K&3SJOs%19@;
z>p*Q3H{Eg1nf_YXl7X}!-#A}HEW2-Qo5mHfo73It;RafnzA`<HeW<Sb8BQ;{`-7bR
zknT6f+c`QU+{mq4s|H>H?|3^DCfP1uY1gMHDy#OAD((FZ4D>XX>glxRsMP=VpKVWf
z&!!gYIsNr=wsi(aqVooql<|_(XuVYIejm*HM8f?B^uPg0DQMMgUhUwG(ZRga(y{7k
zyQc5aXQzz*yZ7BDt9$0Qd+yS2$K85%>$UR^J-YVpvi)}b`eX(DoAmGBf6wi=&+6H8
z&+WVQ?bUVXo?UkAo{8OWJH1)3@n2dXJ&?he=)#)^-FVxe2X7ek;_ZPQ>EFJ5i$9yU
z6Nd4t+7kkK{P)Ao=XXaR<Tnr<esd=;?Pi)`Li&U0!!n$VYcun@L>WfeJs#}&S}$k&
z2|MQPytJ>gr`h8oPlt@{Sc8e?v-`rL@a$w@GWR}hGdlBgyoh)H@_6JNp3U4Im>e%T
zh}V(yJjQ+M%nx_O6W&((tbwl}@IJa8N1M+}0@F)We0B+I&WLsL*-&we&mVXMZNE8S
zKA&h;+WV!FU}^!s+tNP6ybWL<ZF`kC(R)I`{aHM*ATVtK^G|WmWSPfD{A!SS8t(bk
z7Cjla9ovL->l+X0<e%?L59Zyo!TJe`q;D%<2+dpCSo4J5&FJu#wmmDGwm)yfZJd2F
zgWACNm*(_O54P6A%gAuLbZPOGam`;d^y*26zkz9PJ<WR)$-v;UNNHd&FS+{4v2VAK
z*UJZU`7Y#Lf1N74L=%apk|P4V{>bly$kIy=JcAkGz7DIfywKtOCI)XYxNmt39d`J^
zL--%x&d85?k-eACe7nR<3k>Eni^04MIJhKPz>8OW7RWoC)G(PC?A|^N=0lDV-aqn@
z3QQTDH=%tP%{J$^xaYg~Phx&J@ZBY>3t$Myw&Y=-4R^w7pWo(N?Q?01GX@SCGULD@
zGlD~A95kf-z#-+_>INoG9v_%IdNPM!!rOF(frAd@O|2m_$Qh_<X8*vrTUb}ZKX3L_
zX^Z?@$~R_vfBC=N^xNCp{SRdO@}+J2wto5iF=tY4DslJ6|DZ4ae6#<jedV?P>uzju
z{%W`reFRRsuFYq=XUNcDhvXc3*x|#E7(Hfe?zr)Nc~h!yU%kD=6zBfwO)B^GDL2(O
z(6cA`89loN(su8$4X-=(=*qiQ+XT958?&Wb()^<rtlU2$Z>xNUe|n&Y+&%R6RcpQ}
z)+TyY%l_&0EB76&Ko8H&zy5q%&Qra_W&iYISEl|6^zhvL>(964Jk{%7_D`>Xx$l7m
zdU$UB<^Ou4Yq#C>Z|8sQ^4-Skyj-hSuawz8y+-D~OBU$ix%t<hZ_9bAm(T2<UPyD_
zN(=Px-2CeqqXU6OAu^BQ4K`S$^a%s!mQ2<bX3AQ0%qXQ={}yG8@@(J5mRH;7>fK9z
z+Nn4Y3eAfo`Ed`X0QdK4+_$PG@m|1;(6ECKYmL*1QOtXHck&yv+obQDesB7P>3d`h
z%@~mOJ-@~|CS!2A!+)t^TH3huy!1$VWqN(OlYUYlnLat=1AdV&nsz$NyaNNn1LtSF
zkzSPXVa7RWE18FX$k?vk>aCNV2KLH4H1pWZlTEp}(Tg*;;l;tq%xBo-u68lp=EVDK
z<|~=&GJnqO(`9g%@m*$hDe1DL%Xeu{ba}PQM_s<{vQ5{k)B1NE-gQ#fFw2EyX)Dv-
zNc%YLqONy$eX@1=@N(A=yMEF2=dLeh^zU{=w~5`(==ONV?HQfbQNGD>?;^;hR^QWd
z@BIQ3i;8&cTf`UKQ&Bz!=9O<g(+uRgzj0))nNz*j3G`?w5!DAPyuhF<I{{OCb3ngK
zHASzjx?d3t^2;hQ-uXI_FXFm;aGzI^@Lp?GC6Z+YbAtL2DqZ$@>6|ZQ=sIn4^vxUn
zHr9BR;LT-SUr*MzGuyss;ocqUb8T-)pe;-J#T7pJF66U;66)Z-BiMc&z+t#=>hVrU
zazS9CevBtkR;sU6^2VN42>J?fptY1Pcf8!5(DH;|BACZpJMKZ-Rg(L2EMpV#Wbz<y
zcR}}k<Eea3eo(xGjoc&jLI-l~QM#?63+aNuSns#pxX9A1Je1Zu2KvzrU(;#iNA!V5
z`@)61I1&j=VCA7Nz_{;G+e8_QEM8P|YijP;>2AGg5*U++&yDgLjDGxX;@}fa=h{{`
z$3TzR_1YMnf2Jv^;aO!IL!`BrOcQ%Upsf=pCK(ZJNxkRgHH6#f<M=HU^&Ml+?B2E}
z53KoW7VmtIHU_Q9;kjR}iSzBhX$y+;^&@3&BlDDiA0yKE&=<7Y3gz)xNpZM@<s`4P
zySvpFQcd@&=5CkpV`c?>kCZV-U0b_#jK0615!aTjEehtuc%jG+NfolqqusZS$Uy79
zH40cg^OYc)&%cM(kriQxxNYmbtrRcdo;WZ~pCY)U!?&moOi3`3dGjskzQIbvwmY-D
zpFhGi-oEJ4@$oO!;D?&@yHNVbj6+i&dMC|9{R9$U^yWL3-tR9&0=e#K<5nWfhp~*L
zVjYNkqP4Y@DP@*{0dtah#r1_E?<`9OCeaY?*N*a|^hT0jgwgn!!mnV&3*tql|J9<V
zhTaL^*8J)^_aU`fhI(kOF-yc;zIDLYU)*~+(;sak^aOLj?%2`SvfB1JKfzdX58wON
zi?`rxt&&==?Ks=HTfc)HnC5Qe1<?j=IjUk?s&#X7i_^ZWJvTecbSDDSOaWW4ecdKU
zQ}g)^x7O3&rv0aXXY&hhM{7I(bP~>Yzgw=3=39-03<qy6ZEFZ~#7s5Z80hCH=|<yI
zt=gP?G08njzJd}A7c#$^{tCAK+(X+{A<VCSgd+>o$)$-nKgGn1-<Iq5a%OO*x#y<$
z6BW$S#r&RRux%1MNxwM3wW1&z<(uU?6z0uXSuwrLr+a}@+-^56_a^cL{cgn^UJ*05
zHEcB1%y2<|&&N9jTIYu2@#vnGPgvbK(5Bsi%^AwP8VSfbpF)YKzG28&rdP(y?P(w_
zJ+oUzSF`Hf)b-hS3$tY=VKXwjbnVvNds@U(k8OHwyWRG^ci3^Ktetn+wNKyOcJH@G
z|2>0y?Y)l|@VD}}Y`6bwrF;v*!pPu_o9Q>6zp(Z^$Gwd$4JVWQK;*t3v^axd9y|-H
zVQf9mJmEMv0j3x&Ufbe)@ukOnpKX28rM~=$CM}=!PcixaZDfyu&f+VEEvtN%W%}fB
z0lzx#yuM-8-})Rns$CoCc|ru5SmE{NM;Y$o#~DVA**>u7#-;oR%YO78PSQEQ@{q#!
zx5%u+aaEJENa*J*%-@@=+x6FEw9YE!^f!yWwfkGtF@C~ivs|vGa5anFYKD3>%hYO?
zz}5V2Mm0Ap)zrV5`?+dvuBy3HtLFBsn!BfJZkejNA*$vEsG6IxYHmuZStD0-i&4!@
zOEouw)!YGAbN5rtZ(UULETx*?xTxldZ1tYN?)9I8SjGNVvHw-<e--;*#r{{Z|5faN
z75iVs{#UX8RqTHi`+uALuVVkJxZQguEzpbYd$D~lw(s>(+U^-gE}KqNHpsrN&Z)u9
zLBB?G(NtktAcC$hO$+2*U&s3rX@M$qIogai^B+LStgLfpq|yR4Xv;jdyP?kMJ)bnX
zo*(<pz7apYlX+8}lXF2@pcXActCrR|RcPwwI_G0F_m(;*>q5%kTIY1XmHnba&<1qj
zZKQ9jb5@`Y=%CxF=k0aQD75Ad%HP5Ech))8Xe~P9F4A|^IsG0<4^*P>ldeL)Mw`*9
zD(Z80oip=3%Auub4O)R_-c#q?^>A9C;(<CR_z1`SV4bsQIrWtOmH23%XYoH&=gdK?
z&}C@W!*x#ObJQPgMk~<ee<L5wsV43tltXjTkDn*~Xq_|s`Sd`|O4@Z*TA=dTI;R$m
zJV&`#(*t?cb<Tv<>=&K+8vfOF&ckTsKkJ-w{-X)aXsUsFzl9&Ie7nwRKvT6GcO&(C
zr_RYkbKb3UmY`Yh(N6y+joyV;pexW?w53Z%pz5PKC-Yb0qRm}10=1viIg5EFpZzJv
zfkx2W^z=aXXT;}IfhzPG{)15~>S(_%Xg&2nYtXEn(*wDm*Etb1dkx2jMjGp!r{rJ9
zaiR@har}LG68x_^XA1xE?$kH5ADZ_q@$fgGMY~b{dyb2AExKqA;{BWc-z_7M)68*@
z&iavYhE}38_rU)j+Iz3`K;};z?|$qTtwU4jz+grodp&UmrU!C<W}F<zaiH%HBK=?d
z2T|@<+HELl2S1t{sCTl5QLnUmXL(LK|GnROr}S{@k7kYLc+=~hNoZw8y%QWy8m&8)
zdS%u-&1eK2egg4&)jJhvc2>Q!Y)X2d8LdNWcCL5&oJ2i#sduKJ6}#3ui_zRZ^-k?{
zwnux-pncIGn$@@7S#f%L;6HoUJ2{VJ1S<BecQW~pk~E{)XwH81&df8}eqg;bl5_-}
zf~L?2x&kdnYtbcWGkO=Axj%8yEOa%Rjed;gpi7AtIiTM8j&uc@c?#niZN{H@AoVAm
ziw;67(OGCMI%F=#HK^W6kzRpDNar5J@sW<8x1km2a<t)K>Op?yP~sPHyl5U;HH`K`
zvvTU47Nrj(UNP-?6!k>2j;?pQm(Xvh{$tG*XfEl>W2iT}Vif&^zZU(Pbk^8<XJDND
z<kmaapv}k94`^fpe#%v$6VMgtOtc2=S4#g+taoNekE8$bN6>20S;rIqEcy|xz~6u_
zMVrxwrIYHNh2&SBQ185tW>2O+|3G|n2AX|hy;FteqEDd_^fk0{3dhBNK&BbZMYB#~
zKMCqRm3Be1r?EZ$T(k&{po`EHT8UPmODI>7NBfb^nO@KPZM4T9>Yd(6j{6M87yhac
z{X)8OF8fDoQq(U+{0nF=@*B`uq?;=^KD6Od;-R(A(B7w!kG7DGG=1)5kzVoT=gyEa
z%J*O6RG`^4Yn<=U+?UrlrQ}zlm1xc@Yn(bX7i~r}Ut8mhnn^sg99{8`HO_Lh2CYFO
zudi`N&ZGa|U_1HIX0#UVemZgAT;ohY^ZvQUS&U}AwZ>VE)}r0dApdRh(Y#vn(X4mK
zM{CiA#Lax4av|Cc%|o+4SmQi}W_`TIX+SH{k+W#uPdE;=0<AzJpHdEOKzoNtf40V%
zgXY$)ac)EN(B)`OJ#o;i&(}D8^66J}5?Z@vjk5@?Y*^#0K=T^cI8A8Q+BHr;{sT<e
z=nyokX^k@j&HQqWQziYL<Cg{+oZJX;wrg-I(Y#$6oCY*!-v%cq%6<-Qa4MunH8{0s
z?&Jn1o9lYT84b>2G&j`XtVC<j?z7o$R)g~<?U9<@!24^A2Q&|V!<+`^E_6k#!C8&w
zo!Q`wB0s0R!TDN#G%$xaXcn5ipuw4iW}Z#G&`R`8v;l2Fo6+7ewmXOVqq*lc@R>UK
z=$rDN*WmQyKPHlMeuI-@KdD6x&J5Do7jPVCGaBSSTvKr&`$2OrVn1jNT8(B_G&mol
zS?G6YGn!pQ|6SbROhIeVg=j5$4VrgJgVUrmn#B)<<y^|~p%qISoMlR1$@V4mFFG8p
zLMNfAtEdm!j0WS>|7zL`&Ao>9LRX+GsDIv@v=iwF8elzDgJza<e!N8-(kXNfT7_1i
zId9`9KeLwolg@mP{qrAcseQk}DMeEs5D(4#i2AY~Yd}Y$IUlosH2V|!S822c&Hc2&
z>BV|2=QEBA&8};3ZX<r>=d>^Byfy3xt!!v;>d;!WJL|e;v>%$;*x(F7v(a2M7rh3}
zSxbM(-^B4OU>^8_@@1sIq#kG`Iud`@zvy52(Q8O&e%s(IA{{|jqA9c%twFy=o4;#t
z2F_!@|E7NE3iK(o;s@GcKIPDnXhk#qh^BsQaF#2L)}WF9G&t+g?4Rhba{TLQS2VMQ
z{V4ql{k4Gl{mOZQ<^&p@Ql-%)XezDIS%zkIZFG8_%{W4XXm0mLX9Ak)(db0biftO5
zT8^h?heoG@bn}jEhh}9pI(^P&-0s}y)TkW#zWjX}ol)n|-n%tAi^$LF-{_=B=b~Se
zu0$(IXYJYO3_OQ<7OhkHV54)5(t9^LgBDVLpGKz~tw9^`XYSkR3}47Rdm#IhAMJfE
z?KX(x!5=x6IB3=c>VGctbGXsD4Xw&=bTZGQo&}9g5!w)GbXKCd(MD%Inlq=-nRGtm
zx2Vxsf#w!BI{g-*XEi!`#LrCNmnLaH{42`XKN^`wJuhH?^NB-#4%+KHw4CF{U%8;s
znL;{sHphiFqaUN$3mcs#<)7Q=47rfwI-lc2YZf&+-;rN?VWaaJ>6{As<09&P3GIhA
zEN*mi&L{p7`T<R$RcJH%CR%f4BkysNe>L?+v#z0C&}Os-t-Y4^Ax_OsYn_}5j<@ex
zXEB<++gj&4v=*IlG3owmon>gv-fNu}w06{5XVQhl9lh3>atX&hcCGU!nmuu?vlM>>
zeG08b-$!$gTkB+B%JHGI(AtyMI_u@1y4G1iI(OPyC-)-y4ehs>blzI06s<z9!Jj>S
zt@AMH2DBE<Id!e`G5!d;9?d;%tuyd4_8(g7EJQ2rVt*AJKl&!=sw&c#qxZ5O{E_?D
z@-8Oh0j)#xma*R}=*NdRel+t*;-i(%uz$*Du3YO3Swg*@Tk9;6zO>eP4S(Kh>O;Ef
z<F$_d<6#Y-QjaUyzKMFE&0o+?_^ZC6Jn5VbYn|X#?C)2OPugdlGmHER^y8~Z4_oKV
zxR&j6);V{fD-K=fG@%Vgu5(h9i;P_7jJ%HgiR+wdrO{rO(9XxP9h!6eI_DblYffM1
zRFQ5*8%Sr*TIbX#KfKQAekt`qbI_Xnbxt{&6Coc>Mb|mK7gL`?;-Ss6iG$|F);Zsy
z4QI0d%Sacma~4bE>zrCN>#TLOFLBV}Xf2v^J@rqlb0SKk<!E-2<G`PD**d3^bOXAY
zbnWFF59wyK7R|ka{h@hi<`v9OXdiS1ItXn*N1?e(IG#${?b>zDOtj&;b<T3M=K6I`
zp30$f&}Os_fAbC0>jw6J(>iA%+AJkMYbou9W}_?dueh0ZxRL(9h2zJ+0(}atK}X@w
zyKSBG8tD{ThgPD^%D<g@F5!65L1+Uy3T;O7(3(5eIZKsBA4YTTUgxYwE6|0Cdk_0V
zYpdwjD~W$E`J}U!(XOPk(Mi$=i6ecO{oKTHte~GsXFfrB`Tw%c$-0WT=oECtle7!v
zBG0UImdO7c;|<NJUgr$F8vQ%{gI2z@&RK@$zD&C>r5>*`4$#VOO-?QTtnN)t@EXdY
z59813)#MbB&OsNUd1xh?LYJWpXrG&jvwf4(K)R+k<w;lV*yKEg*6h;c^ty%oy_%d^
zXw4B#PWH9LAJOELqFF~aIV;f=x`O<Q<C~oB*Rh`y&|7J*$xY4-wCbcLrwXk+qsdvX
zbg0Q0bQ}GcPrcBrNR!iq)}Z~^J~P_Hd(9jt8oZtT7g8_M&FCWK&uMaM&;~R@eod^&
z`Hpnenbbq&=Mv|7>Q~gnIH$eQ320_<6XToup-a$8v<j_4pF%52Xa}?wZBaVj<YeAK
zza*NRDQFeC2u&rMoKcmOLu*Orr8wR@Iq&DOKQynr$ytn6ENF6GLu=3$G;2u{=K<}7
zPPvP5eii+J=3U+7)S;QzG&#NRX8yW~<3b}#o1Eon1KNb9ZfSBx-ox?T+T>h=R^Cp1
z(FQd5N4C3@<3l44HaV-&+DGYU_E+&3?S<wor(LSp&vW#j^c}XxUxW6!f%ZfPp;hnF
z-)PPIY)83@51O37y~O{p$+-=G1-e}MXbqbA5%nTJg*K3`Lf4}WXs;V7_c85-W_?0G
zQf>u0lXNp$D*vZVP6e8SE=3#AWt40FjP|&X`LUjM#Gi}Sp?PRCT8Z|$iSlSRn)7*+
zQ%?EjM#`h9FKCzh+22>xkNm8!$ww={Wxx1yey09t#V_dp<LchyW4`jokAH5H8Ioy2
zhomhnH7(m}Yuo8oTWxJS+iI&@+s<xvtF6npv}?DzJKe9gwi^tBAatlp5DbDK7z9DW
zAP9m%5Cr3rdnA*qaDK1D{=VPu@ApR^&%V$7ywCYerfHIq{RQVemwN1tF117?OSKXa
zLYrP9I?baVd!ru*U;ulhGmp7Mc+neOA_~zHQz8;paURwZ(O(){B1X|Zf*CT7FA>UW
z_Lop1MqmiD(fM$Ru&?2KaUdFxl!z2`VLpa2TaMGQL|8JI_t6s32ZNnTL@K%-FA;gN
z++M=-Oa7l=el(se5gv47D*7-})?*OuT}wm+o!DUk_ZyuU?#4Q#PcyFcS=yoVIr5Oo
zefTx&L*EP3WAHc3w~+og62q8?k)Es{jh9PAF*;slo<-yrd!QSg=)?XPz>yfjM2w(M
z`WpE~+v_Ew9Q|l4rrcQ~`eNYi5}rTy^Dgbs`#$+h<GJfwB6^|s1IES3@7X^ZAF_Y6
zqx_)KAa+9cN3=t`t3+g>@y8MoMkltQ3*(luk3TUkdeMcUPfEmGG(P3t$npV<w~YBe
z=bX{^1@mI)OUA*#K>GU`*UdZ_8OA!66OUls==qBLWB9KnVl>*nDG^2J$G8=YKZ^XJ
z=Ue8L@qe*S>6jAXSjqZ+qCW;P5xw3LQGk(&^iL<AB=0ZvlS_mfBeP3HK$ibPJG9L!
z5setePOF%AKKsNFj*xLG=YpPvB_bUIX(gf>y-T?Nt8ppkg05xUKN({Z+WfS~0OnzM
zIp>MSO4hZ87@g8|_Kl9!+*|anDG@p7#}EeaCK?&!ErW5_axc-oj{UFYdBHIlTF-NX
zjt$I%UhKAx*9+_~-A+0E96NY!)-n%fP;Senp4h#sMEEg`EtH3Mvrk!`!}+bFU#=X7
zb?jyS^?bd+bmB1jh$H)$pV+;h^TWUa#-ZGqM_$*HPwbh=^IJ(?iQSk??5$({#6C>H
zAQn?@D5av$2A*?FMVDGCGO71JP%6S0K}#m{#FdI_>LYDRMbC}2d$3eEDfie)g%5q0
zi4iP9TRYmL3oRSyk4`k&mx=)x#w5n^#UrsNp;QzS+d7tt0I>`6(T&CEe6&==Y-Ap^
zV+ea;82e%Hu~IPxZJk(;tnXYZ@-Wb)RFumY<^O4lpbhQaON9%KXG+B=3_V*aaxjb`
z3_MpVBC@^*?E|a>d!q+k=*JNl#O|B856?3{vG;{ik%b{lq&)H>;}HjbQz{&rDaR1y
z_Ls;zv8^Zl(2gnSe3|^A8{-1x`IS;J8pBvkc?69utm{=dF8S+SDiVkT*d2q|do%au
z%~Fw$j^7be?s|vuwvgX<ONCqdKJ}D4KOoP<z7JX7R_6PJc3T+_9T>zU$^&1rE_4oL
zzAWy|Al6U416{;{!KES_y+i1~jrHOH>LWM`4R@*Vq7zfmg_-EbzO?rZEfvY=8Ns<x
zZu^S!%Ay^1!U*=pz+X5Q+C{!86@FsJs8TU-J27UWXF{n6QtrhLJBTMTFB+4$M;OLJ
z>YYifKbsgW+ZZ2Hhy#=9M{G>to}(T6q7%zyd+ffGue(#3mvS$TAhsp59`sHx6&}ic
z*hn0jL4I~|-YMi!j)N)0wwa|Ojo5(!3}FFAFpK)oEcU&d^IOYvNVy;5wsRh6N6$K*
zC-h@~4B$vvk3O`mXC3r+?<1eYUMxaCR-<Qsspz(Ye%J@YH~{SjI4^Xd7o9j4U6_Gx
z%s~%^q=!nyP4r?5`Y<k=dC-nQ?1^FQi{8WJ3tjm#-}Fa6I*)J<WqeHLm;4{+xj_3#
z?iEHt<VSj%d|>FT%rEg}*1wDOmU5plRLyzrrr#~@FM4qlMlgs*4d;&zEJq(E<d6sK
zgGPksO~!T1i~fhoL`*L0?NlZPp!4xE;l=QiWg?IK`nr~h?m3)Ow=$6<+u;~u@3UpX
zwukYbD-$mCV?O0RN0}Hw9K<ow-;{|Iw7pa&l5@F#n1e>oGSPx|wC$lEX4B5~a+!#r
z{T1fj%f8T!!B<&lkp1>56MfP3nw*#Wiazwb&bnni&PC&mG7-iAcH74~dzXn2?Lu#s
z2@kRBEz0*Ye;?LE?8Gs|!S`q<+rM8XI_>AY`j&|T%0s^|6ZRnc?#DjR_7Uqu=f`q9
z`nk$P5qkevCKC4ZyrK);e_~ze#{k;<mx&Gscpdt4nMlO|=A-X3=F4Ne0c9cyy_hBA
z&&$L}*5SiO8GlhGdLCpvOr$)3J`8=yIw*GzVqL`k!DXVy0rH1=l-q`qH)1<>I7I%3
zmx+PIZuAm6|57HZ(fiLbkwLj1b1;a`!}9qjFT`H#l*fGNK>M^ZF`9Z0mZLGFO!UrY
zJRCs13rC?By%@$!G*Z|%`ergOI({a<2bmW~(LeNBx$vX+^>Pt&gmdm)E=Eyr|82SO
z5Qp9@7hYoLTjioa_H&ktBFZDbD;GVEa$nz}-y!BlH?g-*x#&b3#*t{eS1z(-J%-SO
zH_<1{W&8KbMGJ8l6AsIJP%e6+A6ux8VE1F}`@?cE0*ybg4h&#_+Sxy%eF638LH}3f
zA`gRKv%cfx^LzG3yU3(+^2I)q7#BTL%7y(1`IySO(TQH#+kY+>$;5sP%6cE`mgD?F
zKjJVBI7<6@<zg<{=a-8{bYa3V`k`@x`?!exqc5Xeq@iOydBebla?$4`=N2dz4%&M#
zmDskUTv$Tf*PY}aoqK3Uy$gfHejGp?z)`Y1ST54hzrS1*qwheuP)?Db%jKfiY4(4$
zTqL3GI_t;44bJ5ZaRqsjR+Wn!^tY4?TOs|_3NZo$*t>vvv<i_%Y||@55r)haVhrU$
zONHohmh$Kd;l*G~g(yeY0~I1m)?>cxA6p?@=g8-;Dnz>UsS43ZdE~hY(dRhzFII@T
z7<#2b+{DNm6{6<}^4hyX^hF;I#PB;6A`>0&F%Q~*PrH-k?L*pO=#LfTk9*(0LKI{8
z&lSQE;@*8mJ%-VP_5l?l8C{=Oh&=RT3+r-!K|fjkWrgT>p7R>S{!g(!%p#5qt`JHQ
z>mSa3(ESxs@BIt;LC0TNmu&wH`=s9Zo^fTn@r-wYym(pfX`X-Vi#{BQ&Iyc<{wWp0
za)y0iH*_Ue2tWONDHUQgv1cy%Ar7XoZen9;h3IvWb6UZEFub~g^P_xog>a*NONB_3
zaTepC1GCV-y+VX#yo3Co<?BQ?=ZO)_#L!OaF|eybB%EWNyIC)Wa3tDtX@~xO<l{W!
z93pRW9r+a^?h^YxLVI*$KkB_WhB$~B7&%rUx)*bg3RoX{kFzffV!~z0PgIEh=sd|j
z=<mZMV*9BI5kxmeWIOC}g}k2O{-C{(b)c_^@~ez{je9BkUuRyqjvL%N4BV^`&LZ+z
zQz3j9L@({bjf{&SbEW7LX8xE;k%~rqrHHwPk5-C-80uCj0vLXwQdq8Y|6e6$9Q$jP
zLb<@X;Q-2mn2g>xDn&6m-mesn8?67sO3{gS?tYabiP+()6#a=KpHzxQV(+JwqSsCG
z^m(O7L1Sp82+J7LX%`w%DV!zD|26GpKb%YK{|ob%(*Ea4;ll6&+GA)r>%YkT$4+Qp
zSt;CTTU9AqsP|<tKCypWrRZ>p^=DU#5g6E6DKgR6RVn(F@w&RdQuxtztWp$E?!_>M
zv5|74s8aMTXPp<x8yeRtMYZ&1rRZJ3zA7t)55qN;;wBo6?6Z=%iE+`m%{UlrsT4hm
z*(W+NjQ!ELL;kB6M^uWD#1RY-dt$0Y7O~G-B`nqKw|$i;l>M+A9SKz;?lR9A+R^n;
zm2jf%;VR+95C+lrNR>#YzpG=Fh@j)KDly;|^L45c8R+a>C2pd>OO@zX!@1k5L?XH{
z6TMGXi5|6_Z&$`eKL*g~Rwcq1e5y+Hj8Na5dC>6;^Pv5OD$%Eo{*EePTwxuUN*s8x
zN+b{mu{(yaK(^~yC3?$t=t4h^koB)H9|m4!-?F|J`@PCNe~o>h>-8$(L&qCcA|H+3
z%oiq4*b9TdB@fp)*Eg#~Bf8&W-s{{KC*#z!&bO<?K;m$pDlr#>?=p^zu~^3Mv)&uT
z*d0B6t3(R=(J#wCAb)88uu62g$$I|4zR`;VFo2^l_!0Y;<sY+O^ts3v^LzU<4+b%=
zfqVODm1v<p^yez!C}DgYO?l)?#wGR-tP*aFU?SRvREccrUBlRSBj+=`N~BTl{hDzx
zgfXS;dt{a9kFLM5Pjr04xzXPHclJwc{Dbw#{y(zcGU74JgWjLG2k7}X`^4~A@=(tD
z$8jzg#ypH*G5tec*4e~9CejZ*ljw(`m7GU2_hcRUL&y3mQA9sSW|inxL7p&=a@U3`
z(U;h>k@F(9ZDPH|_5kf}Gwx~b9kH*lN{k_PoaG*4_+ph%T3G)j=D{$IMBC*mk%K|(
zQOP>P+%I%pW4t@;|2pHK{|3(+hHjFtyWH;z&JVp++(X$9i-;Z7)C<;uy)alq-Y`_l
zzG&x&aK6O0dh)CAbBhg}2O3SB6ZLKk6MLGue=0xch%WTsroW6a2aP-AO}0lv)A>F*
z&mVe}YEg&*wCK8GQ>%roig~dcI<XgeupipZ)gn#SV?dT;J_a!?%PrNSC*v5=)gq>v
z_Sgws=#X(twHSb5OhLc3S|rN$4^)eE^d(e_pe)B0S^iM9up7GK?!r1Lw>?38i}{|c
z7NgMlbhXGv|8v!%Lk;Kn>uTY|5cbC~j+F89)gljrFEFkw$Ant?J7|xAmsk%*UauC_
z=<m%wBHY*CR*Syqdy9GuzDs|!zgI2d>hQyA;lTiAV6b1cD3X3sExOk;&ZpJFi|zr;
zkG3!9*T8zvfxdzCm+>I>jb3-P=-o)Wq19qE1~3yHBdUec#B=ml)`i}0$Q%06C*x7%
z51rpu^L)_nJH~Hj9sfl=y1!>#X#auzVF0_`X8wOM4|@O2`Y<%MS{N<lXCiq+$E0eJ
zjDer&kDev$>kj>}H-^w9UCKVtzKroWFaHYe1^QNU5BPatdphG#@4x}Xjy2W%trg1G
za-S%7VF2BjPkDG9>miO{5gO}Rw`_;@yUdUM__<<NCix)tqMz8dk@F&U<7kXvGCDUg
z4|=eVnfnxAJ{e;k2Jj{Zu?52zC+NSK`;W#J=ED%CVi=Pc$GeqtBlck-2C!VVld+s9
zi#%Jn$GbQ`h36eJh=aS?7rJuDXDjlR%l)O^yNC5*5C>uiJs8-_`q2nhi!Ai+W1Z;3
zIF;8Mv||8!Vi5bHZGW{G!}zuXj7RLoeBy8(_oFrEbCB~u=P~Ay^_YY{OhrFtV)!`E
zH@Z$%iyj*7aE$aU<DvgzwHTrE`h1CXGM@iRwTPhOD*L6}9<CMz7{11RFxXcK&nNmz
zt3?Q16}(QEc>hq%^B7HDYPcU5!5mp$%lQy{{(4LFiebIuZt*vD*awEGk6;e5f5I&h
zW93|?-V%+nU-B*CjG}(pEir)dNXjjdfu4o8`1?JqWAQCfAYFP(ba;Sqm){ZtF}UKE
z@S|-l<6xkQdNX;&9_X#TCHltFu5*p(+lGE!YeXXDE=(g1VG+8!)d(Nuj_x(09BnVv
zh=jJ3e^w)US;!ZTBz6v{5$Wjoyhik++=XG{@ZcKJ^Fi*9w??=rx8rDxV5V$0p+*#-
z8^bc5SR*X0Xg8@wB-76|rAG874q`Gorq+l;^r5{q=Yc)ZF}+3<(>{!SWt>tY{OH3D
zHp+jl5kcYzjwE(3W*k|cMtwB%`6-ufs}b24*jXcTXy?kU5jHFL_6Yew8~QMe`RF{#
zyy(XW8pl}w1B_e1xac`vBYL3oWQ}m58~e-pP>qOdN1jjBh*a6`bd9K%<!Hn*9wwmo
z40%RdVU0*aABHe+k@4eLZw2c{HzuP|$-XdrSDq`eQY*$_SgjQ~=#Hut9on)UOReaO
z;a0UG1zpj#q8KCAT9NP|`F^05b7LK`wW2@kbhoJ$qlkTNYefKE57r9B#(1_`kwLw!
zU9GUS=N`0Ye9G<d%u5`?Ec7PSicazJ>tU^MQSa$eD+UmI?6o45*ozs&fhTH3CUFph
z7{WpfV>t$%tQGy*QI56*=5sJ^d)9*vbiBxVF@Ph{`<q(f#|T!V^JTdX^7#tw(1~uw
z3B6h?Micvb)rw@azg8>KFn|T<eqGK-`!{MuKJDFak|%x-!;d+X2QY;0_Za^n*7H8=
zL=U>rk6yI*Wju6Z7(>|MVb=En>p|P^$rpMto$-TcJVL(@YejE#^&_w7Lmx)40F6J?
zikq??l@8?VBl3Yx7kNexjzK@BqVJEiNAI6#*Ae^IibQ^o#PeCLC?XDE0deqi_VWnk
zU(|{ok23z3jE6q-pdXXaJCJ*UA<ReHAnptOY=gO1#1V{njPn^%E9~gRo@jTIAN1fD
zSwEC~($9~XvfVJ&A?vXkeJKA}PEf|Q^Nk=c9k^d#aUPWWuscR@1R8%~zv#pO`mq`V
zXz5J-NcK&C+c(@d41Y^Gzc=F?&3!~;4Ev{@4M(B_l}E`7CK3n!#X8aRZ_X2qM9!Uh
z-+1!%IQhVSXn4s7x+c_$Y;<D*dN7Ul?uqo5^^?fIjOWt-G4{2vR&?va{ENspdND`F
zi@8tKyOxqyJNw1H=v%>lWxSf_MaJuEMXx8AZxi<#LzssCE#v_MXgo<iF#&B`ITv(f
zF&=txq>Q(5FVTbf=-<x0?aH`2xDV*a=Kiyu@J;R|u~9<)(24oz!v6fekx@}ABE)vI
zbfX_;Q0}c{JYpXzow;w-?4Q`(z;l2`GyA99ixJ}RZTb-hTiAzee~0xy&ik>u+z0gX
zor9jgVx8C*4K*T0q8pRZgK6l+06MjZP@W<`=%c^Gh=>GYKlaCnDI)x6L`6gv+AtqI
zXnC6cts=sUKAekw3^9(Ybwota(<UM^WIcB8!ur}qgd2?qBO-@#JBHAMN_W<UHuPgR
z^w=VzA3EEyehjon`upP}BIX&+4|8Okz<lWJ5D|Us+@nWnhmOZ0q7&`Bo!Afha3lsW
zU-p;M&fYyDiiyLR@GR%^9P32i^AVAWkryMPMfwusKZh?f?i0Ljzd_z)jG1Wf&G?ju
zuz)y>sl@)b7$1Gkh;TefUfzy~F!er6C62rw5!LAJ8xf6^`!S{m`~M&!dZQ0r7{C!2
zc5@!+97=sx`hU&-iEV#jJ;Z*r{F?S7$pZ%e%6ybN{ziVgu|6Duo^K)|8v}ojh`3+j
zKO$n(^PIPbb)g;mQXaxg8GjcMdFcLUMBKy>wqRg1`FeqMeosHzdwz(B6k^wp5m8R;
z7{ffo9t@!uZ=(BOtj9rr?2Zw1qVW^wg<<rf<KK*nKJ4`ruUq3IB1mk<LUds{1~B18
z`T9eiF@k;2>5Yg1=$Q}^Niv>DUKq!}jd6*+yV(~ya=C}UVO~r^`(ExBIuCI!=s(Ok
z($AUC`9Dp*jzok9T}N3DMlhi}<;R#8T~~M>U!orlzyNwNgmW>18E9N(9vNR_J@oTm
zXFq7WL0+CA#$ws;ChP0Tx=JIW1G>u?A3fL?jS9w><&~V5EXSaXtGQnoK>N$=Gs67n
z#0(77^PIiH_~^z6jz(Jpc|!N?h$uqeUDop|YIR}^dZX$@KH6K?@q3f3H?~f6=*4|&
zTPH@Mt9_lwLjOZ`!txs9JX$CEW1w@LNXPIKb)pe%Pt}P&uM<C0Cqj%9dcID~CHB8q
zCvIZ!H+7=hv)rRsm>1oz)rl6$y_iMpdb3W%JV*Igbt3K!%5fmE?dv*`ieW6kz)0Hl
z;Pvybb;3?N*Wc<yKMdnQ$^+jpK5+yCGXAzs7{BIRJ&Z%S?YlbBSH}NUC(_V8x=v(L
z?!zDkFpqNMr#ew6+hd34dG06G@mx`!R42+Q_u^b)`(*l|dn)UBfqkUZiP7koO<plH
zzfRbCvp(#G5$xq)KZ}sqwzy8D5PO%@iDESTbz%VJE=)u}_IQ!|x~Wch(Y>Wk_$l{c
zA+dJ{<Nk*Ea#;`h^H?8-k8n;e5g(%*J%!|1j)&#M###FHBo8<c-RJ5=5<0@Hn|5w2
zM&lau{+9jTs1rr9T?zRj_F=b|8Ml&qf{tp+F;rJ4BIv$DUSvP)^9t?maxQ2H#>WtL
zdX-qM7lpJ7X!Rn3e!X6}-sB$R2#lbccFwqZF^1TOX&A;V%581yMUdEm5n>+}5(m)U
zi+d7ZFUpB+3H2iGE&4sg_-O0Eco@P=^mVKkVe~v&FJhdm8#`eD9T>uX=y<GNjAmSK
zr+Sf%#^d#(+iTo|_v^)6>7N*vc1}z||0ne#U-~KQpx*Xby-4^S<6{r>p%a~-voBeW
zIq1g_+P<J4MzHVeoa^6N&)cl?AG9Y9d{-|LiNlzN!GG5CypgY;=uhlQBoFUUK9+gV
zF`j&)6MMbEIZR+b#G#4xA_KjX>xHEcPN5zHH~@{Q><hz~Ec+$1FSP$co_e#dx%DEI
zdgr`)QH1XK^`gVO><@dOeL=nOp%)9#v6%Yz*w<3d8J+%mk%Y#odNGjk{2S^;0F8}|
zhmm89^IP(Mx}N*UxuPHKXIKXsMM!@KI^JYG7s#88F_qYVsa`1WGar@{yRWdnx7bIR
z^P}8;jeQY&s_R8D`fKF*Gfx9~lQwexv~xExo*W0gl)G+|XIYLn(T6SQX<@y6$shJX
z;|}{mJ9^NGNf^cgwB4n@tj88~DGee|j;}RvUs$KnAV#9!MEn8gg??hUxj_`7H@ZO-
zQ0|Xu5Mc~F&>*_MO~3dC?g#mKsDb;y^WkU^z2D*9ywo6k=;}#(^u5v``t@O-?=*;P
zwDoNe-QFc1e`pY6(EUk+aJ<KJ{yFW@_9gNAj60}7c+oMqK^T1*Z&-uqkHO&$B8c9<
z%k|>FXovRktQVbL*71AFlNv-dx|17(^F!9Vut8*^a|Pq|!&MDp6dGF^_&s~tZEX;J
z|G<1Z8$=emb~T7jAF<BetP`EV25}REhZ;oM$Fw`#Ad1ji&>;G_=zp?71kh7Nzdw@C
z3$#P~l?D;>C;DG+;P>ijU&=l)RMjAQe!~1U?DzMa4|<8iwVV&S8yZB1{<LpoooH)f
z9@@DuhuD9caX+Qq9rB9~LEbT<G>Sqr^hPm)_7P0QpwTEo=!j|*oj&B=m>WfZ3}FiT
zEsY`%-K`ph(vNnn8%0mFMK_Ws#=)FFP#)7LI{caWA7~W)&>Pz*ie-6Rqi8{U8|pt|
zT<nS7wvEDt&IcI>BbbZ<8}rI>+A%LW;^~j}1p0kO9y`(weUCMYY7BI06zTLcIyZ_S
zy092M7(p*O2XH?2Mq&Awc26|&`{9iLRHNud9O>RDM#}PM8bu=7(T5I9N87Wk`*ZU7
z9P34257vcVN25sif^&I^e4^)N#zo_mMqzx(_*g{$5LRR0)ka}=VK4Gaz5Vq@k%aCy
z$R9d-vtEp#eIVn%*(lt!cfQ5?hz%#_h2h^da-Z1e+l)`_e24W7;@;o@^!8yL=y<nL
zl+!N!9(nsC`+A>s4W=CqB=+}h6upQ8AChmh{h?80Q0~A+;>gFe8^U-l)<?Myvxx&=
zG>V(D-IvV!C-#GJZq_llQS`<Dj>6Cg?g8}?bffWABlnzjpbx#6gMJKQ5QFq{|Ap~o
zJ+`22WTWWw3GL8_L9`9!Jpao0==~e#M7a;MWjid8?J$gCY((RmM&ansd0-;_T;DPe
z8h<Ab!#FQYq&|o##GZf9A6*{irQDA_hm)6oHuC%Itn+*3qdb7s#Ni(~*AbNei++@Q
zF@@OiZ`z@49QW@l#>1ZI!x88nPd(ZukjJmd<3#Qmx+gUXKl+kbKjVck?o;wUxl!~*
z_Z03A1~3i7SWJ8GCieLk^0S3{^zUfo??bRJEFyMhH}ZEPxIdUMl6#oT{X%0u=Yj4+
z<oB<v`xxt!hFBjOXPN(Rc#(PN@4w8s5<9LmiXMMvJanQ5`=bv>VgM5{ggy*oI@+%C
z9MeA#*CdM3)}~2hQ|`bH-!N{MCQ(4_!Z5mV6y=epns_~+|I<w(?lbNe1}S$w(<FKk
zd(nmNXPZPK25>G0F#|)GgAoj&@3|)ajs*Kb+bHt(>n1*{n)~~FldufnzB-yj7O}f$
zlj!y>=Zp?n{xb8R8$IYjH}&pUn?w?^t5=iAm*rS2+r8E#x_{34Fd)Zyy-D;YcE7=X
z|4v?eH;Dllbg~}|ywfBS{=xaY+a!`{=fDxfVN4^ozem1^jrYlehj~9};_q$H|HCFe
zZ<+r6=>Hx2_(K!FKQEu>CZT-6zW>-H3W;5xu%3V7r%l3-ek?}!XYB94n0E;KK&QJ&
z6k!P6vOjho%{qoQiP6NyFxH2597(wkQ_(q`byDue0D7^Ia^q|If6qKP0$qP;;_qqD
z4l{}EBb)g9PplsuKX4DeVSegem_+O!MU3`un?yC`4m7^x{Qlk~>_1ZePu7M0@5w)U
ze&XDy_hBz|{<}$Z8biB8<|p=Ge`4RyO~Om;@NrLwZL?XAj4_B_ESK%pkSF2*_Wl?1
zWN^>WyMg<Jo{ik2pV-${#z#jMd6027_Y9po+1I~u7x_Z>9`2)bFZ-6|!6wlok@Gr0
zd*-p_aSsQw4(xy~?13J1q7VCH2t6`B$b2%!Z1f&#5;rl3#vu9~rauO-FS_%|7y8jB
z<0Gs`##n@|qs%{;anX*>W8{hT`3ssvKjH|E!O(Hek#g5bo)_W(hGjW6q7iBmF+&&+
zd!t*%W4TACc#epT)8q?1n2KQ>NWD=+UWpx;N9?`8I>wQoOYDnsdok;CQ-7KM=*1)q
z;27GuuaF0{Uu_cUl)Er)Jog#<Nv|<3<;Ha+w%;JnUdr(%<@TG5Ka_qrit=D7_W?a+
zJYN%tu^aWaa`r*&!#>0T93cBuG>H_-9hKw*168bp@(A{wNWN+~FN|QG9H*B1MeM;M
zVjp&x#CjUI@5EsoMQm^6JcqGw%pmqPu^wVSDoLDAGtU`u1YN|z+suoh7V<us@$ayI
z>V4>z{cr%~hT1Gf6WcL^*se7TWeV!eBAIe0rlAW1=)pWR4B8E+932?J9`tiWHH%Ti
zK{M^qXhlr9vvsowV(@`xelMMQ<C^(>bJo?SS)`)>!DeA3Q{Jvw^u@sA%_0l!Pc(~8
z(>T{|tOvudH1qq~)W6Xz22Q7+ll7pz5A)Ap{P&v0Ty%fH`ckO>eY5C=wtmeb1sxyJ
zAAKJ;i{3LC?^E`T&d-`f1pNb=MW0!$<BMkDMdz2zqJ@2g1~!WvV&7ouN02}4_A~8<
zl0Wp}09ih)StMd)1pCF{SIwdv!(TV^et_p-WV3Li?QhK@Q~FIaf5(Qrj%pUw82m>w
zf6s<?9`?n!er!a?cg*Y4l|TMKzAzax@vR?eho4{(eu>rSMq{?FjQv-$u;Ws6Vik_W
z2qxmYKXFdz#(ex1i}48B=IF{x|7KpCj$`luref>FW|58WVi7Jz%P)+J4xBZXd|)b$
z!Z4=ekK;I(xtzy%_K7>tgDx-Uga5{KT!?wN28(eUHsTeGo2M%Y6F6@iiv97WiL48!
zU;yi}0H2>k{_!<b=Icsc67!-ynf`bN`{2`4STD9o=Kf#;X5cw2M0FZ@#cpU>z&z-{
zE$G6Fn20}2Zx%l6oWlHAKAZVcbtQTZ^Wm@1iG6=z-S~GLh5wjGKGBDTcmgBXW<K*R
z)Rl*^1Lk3W?683Oa6YD^p2|7kY>Z$t+7{``V~c5zGcXx<`xzg#72J!(%(H{}@eF#=
zn@t{ZJ!ay54B`na#20sRuhMko>s>rQ`1Ef2<6Al83)f*G7Goo7xt!M$U3n9G;c9ea
z%pRT_bYe123G#g5-}0J8%u=3X?1mi=l3#ooN8k^bg3lZxU-$<sz(p9wVr;>yhv~nJ
z=OLf|_~{Y$hchq(PhklEeU$z9b>+j;&7vPJIK%#NYhkmviEYmEdbOOqp5y-G$3;9R
zSayMXiOm?nzZJ936}qwl?HI<Mcpdwqewo)Rd=x!66jRZUS=i+Y>&IuX5nsZXmAdj<
zwB!5O6aR>P@k?~02gl$<Ou-cN<9y6QKj!0FEXK_k!QE&{*Oi0V0Z*a>FJK?MfdlXs
zdhj+TVa!#&9$<S6;FFk#J+KIWhY|b?EvwikcEE422Y!!E9FP6+7aWC4(2JXJF7Ct(
zJb*cP97A{>%kdg2t9d;`8#ZBg)Wh6Mw4w{+aU^!eM0^^3_#$TD8<>OdVhBIRa{L^X
zHM%k!ZTKyA#~-mbPCysVz>)akb@GFaCFCC)D#!<ZTE*)IPCz4r{6=Vxt{6TS5+`Ch
zW@9!!YUQ&4@kK1hk5O5xE5{z-GZt}L>}`>P&&S;s8Q8WBpBadKF^q$-1v4>W9bf++
z<a6fngLd@8;R(0-J!f5c{UPet^Lm30On!vV3PjO?&oact9dC;Q)E;9z+}`=N=$*+v
z?0jx12D<W@i&)u>&n4ZUD<giz`mi2-*!!v5{Jt^mupI4A^LeEknGd_8?HT4n52j)e
z3($D>wus2`U$gE_w0H2CsOW#`HorGa-g@2^J<<L$pG}HB%)~Gjpz{^hi+;3krv0mo
zgKivw9vp*SOhF&|(dczsWT74N(T!pBV+)4SwuSoFSU<YaiGCb_&eu6d^z`N&(eYc(
z5hGZRq2H13t*qxA)`QOXm>0e8a~^2x%RK1$fbp_e&+l0$I?;z-%#i+(bz%5V<b50S
z^e2Dl8$#aD^$mI5PQOvKN81m4?j(99u-+Zy`Q&ZkK~IRhNl)MA_e)vd89r|o{WmyY
z4D$J;Md)qf{_Ui``L^hTVnIi>y%OS&0f*FBeop?T+PXzmYgGPb@qhkCGM|OE;6=4Z
zR};Tw^IQ}^GX7f=?LIY~RF!#Z^v}FSQeRP&i)!~|O`W4z(lvFF_CLM(d^bxc(`(8T
z&&YA)T=SW0zG_;f@@E8E=cwwI|8K5#YMUoae^Z`%Us1l}FEy$E`tQLQtGn`pqWoZP
z;tP*zZs76J%(c3*M>E&)5~-VS@nGrZDqT6PzsG#c-OoHm`J}I$`ysX6>*h378ExX%
zvi7Q`L#mpmKKXyQN!!l9H)m_gPv-5K96U=?PO9cDnv$fM1DY~JbKUz((6oC+naUQX
zs!>&ja!@rF7|IgOeAG}PnmON4(slD8gZ~|6&f^2{4D)_N$ui7AL)mS7AP1oTN_D9D
zYK*c_HD8WVPO0WgF>)IhVw8QF`FxCWM>C&|Q8w%5GcihqZax*GEH}(2W0VVq`FM;n
z+hjf#qZ~1rkHjbwqRfY5l$}xLgE2~7l=(o6ves<g7o%J=oB2D?3oYhc#<!SvGkz=c
zPR4I#-of~-%-a~hwRtP!w>EF4Wwd!yjB+U2ydg#zA7fr0qfCiOWQ(jddaP<*t13w<
zDI|yO)VNMjZzxalm#Keea;fkA_t8+-S$#ywrB|*R#qTj3Q28U?m8$8Es@DGR17^(j
z{muM<`vld@kBR4~W_}sqfZFd~ZWatuKOYr+m!nioyhfy}Cf=b1RMTu-Nz<Ya=*l6@
z#Cw)P&BQzYt6J1lzFufi6LqCd<9aRCEg8DHMYrVW>T$ixIzx@<{JHHUqs>Y~O*2ds
z+`rQDF4+DM<x`bUzLx7XT~XEjYM1|e71+zmsv}1?orvPYZA`u>4uE^3>@%60O-jD$
zQ$<-G6?ZsFy%rUB+N>@!|LTHS%{TLxy#MpW+{;s}<!$AWsNX6dm`11{@fW@Scir=*
z!OBa|E6P`vAJuRFzZ|}1%HXG+O^a1!vudqY)ibK4L{%@T|1<o(b9mq-#`rE~p{kDk
zUn{?VMi2Bb4OhO4U975J_3{6nS=O=dccaJi)7eZuQMJrf)#?B1a5x)Fr>HNKC%>Sr
zP+P}8cvw}Q+RoPR#c}Q1jMbFOYAipNU#&iMzl<k9;h)%Zs#2)(hs^2sJEefXR$ibb
zoVF-8H8!G5GOW8Td|c2k`~~wh=GaV&l5LJ%Vo{Emqk|Tu(99n_kC^Q=nQt*su-MXH
zPASLgr(9>O>smr`YvrzXfw9gT)=(?urolZ>CRw5zTPd?FPxE<0me_5rlza<A-Lyns
zZKc#%y3%e@D--{o-YS-MTU(7`%mpc`nxrZ__~Yq2%xyNtD@R*d4#z8}TX`A$Tx;{v
z_R8hf$qZg$wWr1_8y>Juj8}F&Fpg#9#My)Gl^ty@=h`b751P~3D`~b>DxD9u`?aDp
zx3gbruN-LK`eb|cO8eH0?bY)3twnova(wIA@#^CE)@$O`&GFV?ym~ag^_6(FF#dl|
zUasp~_3KY9N82dhbuMV5)TnLq+bCWw$U^c=?IyKRevUFxaxuz8?LM>RavSA>xpQ3`
z9`Lr;+bAod+ns2m+=@2w?^|O`lwY=*Z^kKWVoej;C`aQGCbv<N+e}awv{h%e{eR~T
zsp?Tx`3rxTKejoZr=e|Sdu4%U;@{Wn<^}DQ7Tt8Dy|OGSdU}FV85PZ^6z?*d_O(}z
zTC64Q6=9LJ-d6l7h0@fz?cVmvxR|!N?Uhy5$9A_@%B`_G+mk)hy!Oi0xVFjh%FZ@z
zC&ep;Z6BKuuPk^lc6_{2_n;}<UfFE3?~GSc+SymeD_7dtXT~c@?PE{1R|?xdxj#Ym
z#kWq2S69ck-V(3o#J8@ESI@*h97<5fB|LN_L0ynwrA>N*jgssHUYq{=S?jEJP-gPy
z@@JafEHx=7O_mELrP%baH%e_b{ZAI;YgY$_S9AXP-C>gwFj;n)lw8xp*G%g9|EHZ#
zSEupc8tnCy8dvL9mg^557@{0AOdE$NDdu*ep~@x8JazIgrLol%PHvoate!he86U?l
z?kQK>SXc7deQm}uPffel4TF?P549aPM49&xZ?Bcy4)5m<RyIA_I(Lw=@-frJK}z5;
z)1<-5zRnL$9i|j^Uc@fypKQ$xiCs_A{`6C&>egY($!GPIgO#1nnfUkd&zp`7Q8HhM
zT{cA7{ld?DGQf#f<C2CdS6)3thm1EmQakC*xZT5)U*4?bg>k|s?O6Q$Pu6g?_kC(D
z8mg@O^HFv3a3y1aMGR2_13pxg@t?;qvhVW;54e?#&mY|A<_BeC=eU)^&rP(y@_AR1
zkp89Zm|MyHGWyIA<@lGeQ-&zlzBKXgRbM7BWAea+y1~kdfzeml-oR)!oHNkGzaJQA
z;@^)B{4Lv_ImnhhNGTa)sve|H8`3&;h&s=0UE@|ayRG5j>Irx2a<^JL%sOtkx^1{D
z*+1NRVYqs7`2X{oSp2wp?r~*2ABHf#Roscg2A{_eJ)h4zD6__`*=H!Xt(oj|P24R#
z`+%XO+AfomJMnERcN@x#gwGYFJRwg0drQJHnk{}LS_Z2h$tS4q7<YG(q5S+<bm2ln
zS@hUy4lu9F<J*?-w}HCwR!BMaM7uP`3_lUzMP=?Y)+#<FV)-*u2{IjVyN|IFM<$;G
zQSG#@K4mBcZ(BDM8p?&Y`3kPA{`kR0-a733cqy$f{kc(H$6JW?pSN4O)=+9bH_2%3
z7tyoW#*u;1lLCfPIFK(}O8KCe1*;6@(BQaV(hOyV+bXLzx$np+M|R$@#!wD?+pc1n
z!JqZ+e1)}N^H`H9tntX#lP#lLHL{W2qlYWXito*H`1i>7_v!;bu2a`B?v*izX}2~}
zHLqW6D1k&Zg*k(~71+aAn<l8H9A=#~QQe^J*u?vrB-JVxdSkMBNF7J2Z%k8zQL^OB
z9JTctk`d&M;wD-io2T-58oBe;b}c0F=mK@%FCjz8PE~iP4JQqyVWB#m+)h}kMs4QZ
z)6}KvR_5KaOl`NB=4Y0v^1;hku9|krL@Za$HLUK^ay6F^!${-Jq?{^!t=i5j4`Z!5
zD4(>g*`&7nd9$G;1yu8#m4<RSpgtn&Z*ErG?abtywy-Nd*JG=?M3oi!+tpv+CI|fS
zm3GUiSe~sWa|t%=QXfp>N(6VQN65|0J?i^6X}vY5CacGThO&2`nrI%!t-F!0E?1i=
zxqMWOnv`KEcaN%XWV5od1?t;VSkaXN_5E>}e_UOpt~kg6pH!nRaXPC)YU{hiM?$K#
zoc&)QUdcd}r)VfA+i^yH=p=_4I-{=O<)FDp{quUZcDPuriJ!{NI^L|Bu2Db#w%Ya-
z17zG*7m~4qEo!?u#<|#{t|0W@y&ulIdoSEA?uQ|9FKkZK?lqn<R+Ei4kGmfp8h0<O
z9)CZa;Jp{FnQ%YMnQ$+>KJk8daFS*^&pM7y(vtWblGC#_Yd-IT_s-G24dR_&w556>
zZ=2VpY3&MDP{EtKAQ?KkQj1HbL3X<K(h?q<g{$tDr?1kIxEGmgwMUn65yES=E(<t{
z-1XX{H|c(9y*7%6FjF%X6K&h5nF_IPvu0ht$56Ix(OT_Y&voCT9p)UTY|}b4a7V-2
zG_#jAp4_3$R%JobPVJrJ+^b_dwL#3aOY113BfB)-`Oe#|JvMJS3(M7_Woc?q8?Wu<
z`9HQ_GiUMqOgNyKWW|&NS{pgof&<!jijtD2WvjamanuL3058XhC$x5Fc`QzZH0yD!
z4r!*VROj%9wvO}NdsZ_w$#W~x+8#W@Q(2^0R?u$YMXhTF=X>^|W|hO$;PqXGA}(qX
zp7`49+Cl9)kJqj;%`%&MZ@Ct|hXm~{*DRBA4dq<97FD0kDl6{C{tE4(JmR`4&2(!A
z<5z3#!Z@#1Gi8%HUqmyNq_dlPt?jPuT<LnvTE$I1)u36A;*|#N5|3Q&T`l?!FJAd~
zwOYd66LfPq55WEjI&a2niFWcL);vKEk@llWx~Xv+zoe6-x2s&oQj&Gka;8e0rkl1h
z)!Y=lZAliXNYPD)c=~qD)J?mW^5Q*{Pkfe>te&e!-{c6^&eNmnQ+W;-+>cKz(EG^x
zHK}^kP6jxYs#|uk#-oe%=sUC@o2HxRaZ+p2^j4F%@M4yxTfKNDO*d_!-Pk31)HD|K
zGfu$ec!zbbS)!liIrlEt&6ilm)aCj>MJZdZw>!b=Dp%;%ODlQNSfTTuiOQx`dPjd6
zuk5RIep6l9xJHkPu*52?!BrW0R5f13O1!jIH?POV>vYp5z7nKo>g_7HMAtKQtBe~n
zb<=*1d*LQMdKa$Uq{pV?l});7J@wU;FC$J2=r&oueY4)>Oo%T=n{{gqFQds@bd#)K
zu|>DuJD;t3m*u2r`8K^vD(#MJ(_8O3VJJo0bW`zh=G~@8&!D_!yB>d)cGGw0CK=D&
zp~uc5-a)*UYnhs@M<3=oZOYcIbGfcLD6iwmY&~unmwxpwy~`v#u}hE5<oaI6U-0a1
z-L^ZQ{pRSc<@(3&(Ys9G@!q*dkKfMtXZLW{#FO^wT_eo1X|Eo=i1vGlE10J;sCU`V
zJahKxZ7=U9&HL`}^U6NmB-`ECr}MBC?bo}Ur`5qcy~`?E-OAIW<%{6hgSzz~uYS`H
z>ilQIwu5@ydZN<@b&LF(eG%vK(i1+UcUiiZ+#S|!Kl7@w{IG74z1JVs6ZSA#{$c$g
zIeKBf-bKcVNA&2$jFWOif8-a;#2HwCldu{E<E0$cP4Z31e3b3|NA-5H{VtU43sJVO
zLD@d}m~N6^?dKfRe~@267x5pm)vTxHxZY|r*D~>h9xGqfmYmQnd%1z@PuxF)W0bGr
zCE+Sg!v>syQ%~x#$99r?+=82M9sUy1O{>#6yO7>>7IEq+z3YW+)_+QGC0{Zwp?nFc
zIHlV%D4%#*w@t;o(|Xrqyi`PpvvJxP-8K<dU>+|Or_Si69jq&*P&duw@mpS~TNZEN
zRroB=InU8?Jj0_>dsdHKO8YJ67>{|%&*=$Mi6@`eW3TW!u@EzG16F472Ijop^$4yi
z(!2WcR1uFq=Xb40e^7qazC)bPIWE7TcWv6p*Uk%iH(5XDqTcNy@%f8-*WEbhlHN^z
zZ9Rr7iDwq;b2Rz&`_L8LI*)?VD|**EEO^mXz4c|>c2)mOep&zdn%*^^c;$7y>sB0F
zrpL-J*12W+y)V{B%k+C+tS=MGiD#GVUF7?b%jJ64yS&dRsL<b)???7j>Rrzg->uYJ
z&&eQxRlFY2epQnmn@ssmJj<7>a+D8QVzVB*lGuk+@p!XtT1R3R-_~vQ>v;2ZTQ|v#
zU%$<`#Gw}57Q{<;bXz)#J9?WN9O%NkdMo*rX$7C7eul3VS$9cbfCIg&+ZJ-MF5lHn
z@-1)KT|F+1`b42e&&Cv?n`FB+LhmZyW0WKsU5Zy5%Eqxq>`uHq*09L8V@>0XE~&U`
zym4>*46o5;3-cbCV04*IyE;BHxPo~mOf>Gj6`VcMFv&bECO$*?`iVx|9;~4J&Jy-B
ziJw6AvwpsJAoDac$uP-vEkL=hok>R5Fc-K5H{$WhhUpR)t8lUry@WSYHzyl$Gx5%3
zBX&CVGp87_H7mIwQw)<_M>cWu3eJUCzBN6Eavfom>$p3`Xe-}jte$F^<a?9ARHJ)<
z_SdEwT^HiaWTTyY)4e9yFv<BgqnvMdvJoxcY9C8Btnz*MWn%ds98;zlv6I<P?lhyT
ze2ZN%%}9{*`lcJPG7mSV8(nuTBfm3@uB-4wiV-Wn#GIdL#K`{TGmU8ZrDyysqm6v0
zF>jV(lJhJh-a)>$5zBUaXBpA*KOQFgj4oa-`jI)txO;C^Zp}6By+yf=a-doB42#^@
z;(10~Ap;znXP9KivnVgh)p<tj&x?5_nP)^VCb5&|8wv6)kAJ>llI_=_EI&NocuPJ&
z^HL4lalWdBQVna?F+*Lq$gu2KWT@8`8P*1zv)HhvFE-SRiw#Q|-bgcIW-T$){Ywn%
z<$$41SZc&%E;ZEZWrlT}-%ykNhIJ7(<B~!{O<jJ!-InD>%;n{VTDIJHN|u+cFk0U}
zWT<ym7}gnlqi_F8!&-=SI4RvwXQmt0Wq1sCoG{dhs|;)Sq@ixWy{o8SZCK~C-W99w
zk8_o{ZndH2W*8PZ{^<<EdNadN8*t8AL-npTtY!4yhqC_MTEl#u^6IsQMXuwQbzBI(
z)wpJzVcm%bP|n+ga^C6d4QtwZLtTy8ShwDI<<cfYU7u;RlKt~CIiE~J4R0{4^&1Q|
zaid|KwUPE4jhHOlLwp7=6W3r1@pSs{+GJP@uo4r==lXzQ+JZR&BSx+>6fi6@&x<x2
zru5B*x^c5np~;GsS%!5>77erRZ@7T?3h^ymzRgg_Zo9vM^?06m`gX&zV7s9%-)>m9
z;$akc9_0on?=Y;JcNpsY?E8sYkGa`~T9C~G4j5`NaTW1h;;B0gb@oofx)Qfx9-hFv
zcnRhDQg#{ErMnC@125sWUB-JqQ@&`o(OxF(#BRfSW4EC$$T2LN8UJ(+2bN=~Gjff`
z<$T+6?~ij7i*pTC<QkUbJzU5=Tu9uw$9P$evwW{%-M5!GXjt|H4Yepp!nqhz_8HdH
zeOyG8?K1Y0kNt*PyWfaO3K{CM1MHW1@^M9;p-##(tc!8xLB?mDwFiw>*A5%%+(YC`
z&V%v-O+9S%lH>2mzu&Gb-{?A@_VbSz)>TIgbrbHvV<^W-KYD*3hp_0Vp(Y)>e{ma+
z-#?!TCk$)g1o=E+JS_8ej#!?@jT6S_a=zx1_t(2P#6@A<*&$=7Y<Kb0f96Lyf8#0R
zVVU2#r;U$fed%dq25)lz`+I7|hI-ae{;4Scd@M9vIjuf+Y`C&Xd+g9~emv*#v%{5*
z`dt3w^pK_9FT<5Jt&B6n_;5^X>M*6awe^=_ifH{BZSGhH<_%Y_Jn+^2;mYCI)eK+P
zrrq6P%IUWH-J#0y2OrxwT&Zhs%^9jpi?{9=sw|IxkzVKG<u`41JkoCVP$jj4e#EV;
z>u9|@SZVBNo#j?i9<@&6n^BKi>3jas4uRpy*3KO=hbt#L*YY2a`=4yr<W@4e>X9MJ
z`mXXD(fgljH=FNrJ*{6HtQ_oa-7-YE+}*lih|<*kHTrIOW*u+k!_Qim4OUv7wJsXW
zPny2QXvd$E-wV0iW6+kN%7I`1e#1~@{_}4|+{%^b-$@ywtb5_(d4rXSj*oqVm5Yv#
zXYehr7eAgdn7?lP#?3)W?QdSM7^G}^X~6YC%I2OvEj&p1`PC0k4N`8r`tiv@%I;nt
zA0MRr^4iD81}RmqeSCP3a^UqX>XAXpoj3R&sLJ}cY~;J#X(QjO-nNnN>+jgeVqxFI
z2Fc0)$VM_JeB5={Fy;8iU9SvPYFrC7a*^EsCH7PNX)jiP^D`UkKK;3kk{Mrg4Y-x_
zUvw=TqLdG`QM+_d*L{4eZt%kmgVnsj)-!|E%Y&`egVni1tgDBp+lD-R-L0M<VyzgW
zHVm;&bgQ%74_CO=t#0dnw_4z~UUI7~ZtL`+>fE8$)kD?2Lm#dlrd}IrZ5XPK9cE1#
zrY;`#aKkV)cbK(cn0juQwPct&cDOZVxH^Bhb=7cn<?wlA_CME*?}z&yRHr|vT;PLE
zFSNGQ9@LcTXlwdbO}P`D%X#jK>o}RRyKzxlHuF=1ZT_VwW82!!=V{99wo~}8(ZvY~
z`w7k^MBU~8-W4Z|R+PerYzrwWf9MGJZCi)7Ga2k~2j0vpGdp*jM$PfgQTu6prZa<u
z9=BaOpeZ*Wm;Wy#>xs5?{GY%>Pw<XZ8UIwmA!>F#6*Zm4!KWBG`)S(}iVB`SN#kYD
z#$KfH#%Fo=r4&EkaV9laUofBCq$#B@EMbdNU$h<CuPKXPJT342OKtbidQ#6t)GU9w
z?FxdeFY`uJDS0j7GCLgm`rr7z^y}tv^sj&Y7g|m0ZJSL0CB1|6zxHN_d#&CQT#>|g
zIyUXol!foS&9|H1i8{1VQ%c@pGuQjr4pZLTXBwHA^kKplg2f-w=-P)-vuITIA)C0`
z&o+(nhJL@$X!<7|?=bw)Poj2j;D_ZtnajN8{cXo6OZ;>T4Yu&jT~>GWOIDXX&|Jwk
zSN9H-kH*PCw&}FGF-RtEtGk12b<!<YcVa}xJp@%Fn0WJ7Q48p@<10Dv$**k}_R{6+
zb9Bl5YX{lt!e6h`W$(8MdDNW$mM%;F9(8rSrmXxsYhC;g+hWQ${bMytx$u3*83fJW
z(<tYMs5La&{{y?;`=jmh9**<JV!4u^tW!vB@F(7)D8=K{giI#k1DII;_3^6t+&WFE
z7=Q2koOiscEscINC#d`%Z>40S8e5-B+li|DE`DK>+Cg@WB&l*wwaIG7WrQiy)Ni?g
z(^d0iMoOBl%6+BHP;HrX4a`vG&Zf^&JIJ=HXQ^^;DRb0>1=Oa`QCWE995w3rTE?BD
zvcK|QR9j6Bxt^;oVuy<ssU5En?pP$7j$N!q&7<k0#VWh>rm407b#v3yu{52xLQPmq
zxM78C+OR^6x}3o?vqFwqw^Fs$@79#b>8i}zrgdt^>x2dCWYan8)u>f8O<gZXotLTF
zvZz~|sm`J4-YsgvGQzuC)Tmqh{{sF}Ipei#Rc+0?*nF0{fkwHz)Q)r5-^E=r7sqz1
z<}{j~-hD3@l{qYvw&QYDa;pUQsvTt8;=T8BvHt+8ruO0ixfFjM{|lKf3aj(vEK3iv
z>YbXh<)Au?S@MptYC`@ft9cELb{E_m|IBgKwwU6w<M+NDoKdJIOd-5cs7BSU;%p1$
zP}k0?w#)oK{-(2PGegxDs~wLMrd*b@p1!O`?VxGVWto7pS5(_F>ME|Ng*4q)q9#ly
zyig*WE-O`|#?y3FsT_4lnQFVXLsK@FsY_^j`j*=96k+Wx*>qct8g)3GW!A`1vujn`
zO6m$~RUS2EcD-t?<mGE=y(+Keu4Xl17PY6FWzW>xYShp4TzXqhGQUN&mGF}Z>sr)O
zCYd{4>v)!M^LUM>x5sNy=U4Jt;nkSru2-|Ip>Ea$Z9h#5r)mjv2zMoG<|#DVm#qCP
zFY+|ac77W#htsrt!mJruY=H2<3@wc>-#2_(M?c}Q*_wIV3YIjRZ<F#3usND7%(uM6
z98EqOXXa|QErexrwZ(LrvPer<Lb!C1T-41)TGUv&RxZ+5|MkV1t&tbp=Ed3tc7A55
zX3HlmTdMI#&Xj9@Ew+)@v?kn)Q<iJ7+j$jPfce~)47|*<vJ<ayPmbadj`tFJ*;_Tv
zV!3H6H0#C{ntBVzuhi5%D>Z8fn=zT6Oxc*OS%X-LEx2@*W(};;)N@#lvsP<X|7uO0
zv_`YeTcfFkSc)kbnssT0rt*m|)^nJ+R<q7ptEpLd2&-}2I!(=8r&&+pto4kuUQ-WY
z5su5$tiDW5J%u-L#RkoqwLw#xaOy@)-LO%!?!^+kjoUZzE%Qy9x;CI$cLy}}8aCiU
z`AzN3jDt7u7LMPdsnfP-*2TCAci=uegO|5xmP%|Sp0ZU_eOool65O;^v+lz%@hwcr
z(k%0{G}WJ_S?3?p)T4NTxCN(f)7079w1;K+zHQ`_xOSUnxr39oYmdqDz1ubGiS3$N
zw4HH?$L`Q9Q+LpB$Nlkk<5A*5%4Pi>oRqDpGqdm4@4!REq3rwhO*noh``UTGek<-L
zF2GAzvh#ks>AN(`++CdGuKVrs@gnif|HQL)YnIgA<a_u1`U1Q}Ttc~A$MhWf=g>dr
zKmGAM@ioe2{ghnI;>+bHnsV>g=ixcx@PFb-d$=cixCeVQ%RW3tEc-QK(q8Vt-uvTh
z#a!aUd+*oR;iMqz3Tl>3xHEXa{07z&C+@r7Z#k~tr>Wci4{>h-7R8nB55K3ntE;-I
ztE;-{mSR;91=&H9xFl+#xic}7%w+bPxk)COOeUEndt8#}fVhB)3yPwMB8m%&;)06%
zh6{+IxZ;ir?&7}7_dAWEnS1B{?|1+Aejm@%oVVU{>g>yV-mS`;;!h&HhUW*5<EL#F
z<oTOX{^q9mI)qp8d><iX5p3L+rhLi}Zp3rdmZo&K5f0gkao^e$Uy5)op0{mniocF<
z;5LDc*d`2Oyg{QYp4I8feS^JB7qMeqw2CL};#DgYMs|v$7~tbJ$5dGyF3A&Qai%1m
zv0IKxZGj&m>$~ihGqP=x-EvXpv^5dy?+bi-Mu(W2Z`14-z(emNh{|z9g3+4_R){4G
zd$mObc*hdU<8yz-eo7Cq<2)4A!A|HVNcS`<vK_@M>56eeqa20rX{Xc{*-pBrzK8AH
z(H`IkEdrt)P2a82TCEKdXx)mPY`XKQDgZBAR^&KxxA)cKW!eCN@&>zlD3I#y>b^j_
zX1}K6%>ehLAi5Laz7$9!0`*OSlou!>&5S@1Y32sH*9Ow+KrX6nYLEU0{_(PJ`{#kc
zVlVmH(4<SS5p~{ZdExB$RBto3eNVS-_mKV77IMS)bhpJNH+If;^4R`#xm`N;@>>Z3
zm%gKoNkKaX(Eem~)d0HJMZWz#)pec3c6?6{x*ZP1&i=0BT7P=*u6(0EO?^*n=ueB@
zbL{C)JKvM{^{2z{IVSa|OYb>y`cw7qpPSX6hQ04S-H(>PuigEY4tyZp=trYIl&<xo
znSYcT`q7Awq<j77{72HAezf{e(ye~9>|^P2KbrrEbg>_;{hM^YA1(gWfvSxE?6)ZK
z`e(x#GEMv9IXtZXLajlyzR*j*r^#PNO#hy0zZ8KP@s)@ckN@gNNK^NfIsAKS{K`y2
zny=kAzoW%pn`mYA*IMCsRQI(u`a5{z(1(9V>E9$R{f^dr6Tjp;8r)kP@*S<}Ev9})
zM|x{_`_q-)X8yM{qK}^YE#>z~D*u-D^)V-YOV|78S>MvazTT2=sk*NlO&!s%6*^)?
zKLu|+=&zLyU>O63VW^t#9*t0n+5yB4CgYgi$A&hKqy1AEii^G9d@`;EfwzdCc^L8#
zYir+}@gK~>aBkN#Eg$wdf&zGo(6VVBL>^;0L?D-0C!$$`8{i6yQ49971&B1O8(_Be
z{id{PrSLX1ItwjHP0!sZ6J=#uTje_Fw)Mv&9JE%%IXl>9jE7#J4M#hzl6wL!u}2Mc
z&;fe}FelUqBp>X6iYA}i0R-)}f3@SN{9pqbHAC<NxJ(E{EMHeIu}+~f=$#iO$kZ1w
z_Yto9W*;ljU@;+8qB2pLXQOep7QkP!srPJbyyRFau>vXRN$>IXqY6=^b@Y{I@8O)w
z=&jG1@`tGTH##m{A901067UNl$Frj0yzEBi|A6TuAhHnP<`*m74KDXED-_juTs(BR
z(9d>tltQI;wZYEU<OMtJw2OfE*+t-w*hOIK>^?=!#@u{?<$!`l%~FE2+9WCu*2<IU
zc(ArEi5`Yn4kS`a=tI=wVVG8tM8m>Yt3+Gk)Dh3o{y6nP2da-#2R%o(<J9bA8XB)2
zOQH$!A~4h9MPTN}i%3%%F9N?dUc_75;?<HQIvB4mPoi`2YJL*kjaNq}QAUEAlSC5}
z)RZKelc3H{qOt_FA(6HvsAm&tUxJ#RL?;u}<B8Oepx#NOhY2Fm3`!J{&+tSMu~~^C
z&mmDnY<{AMQf4KJ$bWvKi2O?vMdZ9HQAC~_6Gh}%ktia!or#>xt4m56_Z-Vf)^2uS
zCp*Z{<h{`0g(ri>`xZK#|6E@X`iJl(U8NCzmU#(Ot)0aNvpiPKXir;X)v1YeAXdGY
zOlM=&4ejYpta><^(&N<G?V$#vmL<~cIQ2#{Ess+NC(_n9^;9w)h*Pg8(AhY3Pcq$!
zQx7Ikdc3+RfpX$SU<%?zq?r>h0#gz%;@xHOBHmpSFCx$KcoBJSj~7u^O}vP*YU4$e
zej;8(K4;@a)apvSh+5r>7g5T?cy(0*4NFj$B+!He5%81*5%BZ`e)GPYr0i<XHYCdx
z?O8?gNc2_n`u|V+#LM(Vu`dl~#%jj0S;DjLg)sl^%!2FJPR7*<YXteUzz#igbo$Ph
zAlr)+*0es9x23I6^3TLs#>e7S);$-(P#aZ4ge%cr3)efnX|>I=(FxI3W21WU11NOZ
z#Gx|OO~lC(E0v6qGCL=EfO+@>9n}AWjw|$?3CkEiZIMLhZDC+cNFu;2$z3eb49Tai
zj5=|>-qYB4PFvk6A~v27qH&@;Q)H8$QH^VwM{(kZ&`F)lbyCBhc1u%S7x9n(aUArr
zUlIok^a>QpDI0Vz$T0z1Uejn`?W^aQT7jD}*B#>h=h)BGtpe4tfp`JW!2mJQnE{p1
zEYMXj-V*dHASQ&@eDMaABfgwP<7#z<LFtL-S!U57W!Y@$*OX_lzcK|f5kZBBZjIoE
zVCAMo9|Bbh>+g|1caMW@cN`VnThavDE$_51OU2IaHO8fYr{mQQ!w+$4a5zU!5B?ba
z7~<vdu@Ef}o}>#}c3IHK=txU`<=o#kmPhT3{MAm}duBwP!9*Mu<8FZZBt9=_Sq#t4
zg&k%?siUfkmWgav_ZTCbLgcbuMQjuFZm<6I?fFPk`7@|Q)A3)J{Gs-j-fSdU_g<Fm
z7GBx?M|2KN`dC}=kkRPRhp{ps7kwcwhPUYzU%Ut+;)|H&cx~F3=0cz{zOu|ktFC?Z
z!928P&(~x4Q1|sqL6t{*+vx;?+V5l@RrlR@m@VJO7a+T#1N^oEHEBQvdiK=cV;ACK
z+CcVBI^wF*n70;Hy`9FifvCcuL2MZ+yK*S=&O-F9q3jJ_;HV5{?m+bX5lkyVU!-I*
zFRy8FCX@5<T$;%+HuFcap!=w0<|yW!%o{L@$s5qv4Wk%pvwAcO=I>k`&Eze3=k93s
zWAGuyu$YZ-fqiidYf}#Fb?{wk@NV@u_CYF2UX;yRUBAKTQ8sJ266qFCV8I&^-;l%J
zy)qD&%ZbdqjQF#Ym~8@TIBhcP#%sKH3X@l$>?2dyb3|EFS<HFlzIrN)S_Eun{^J_v
zGr1bg-;mGH*N^g9%&6;(=1fCtfvtgV+c}=c3>KJ)aKTJwoInds&SYNhHv7&j7Bd+5
z^>bMGLG=BEBBrfG-44uU$%FAc7wT>IQMarG?88P(q+1JE+cS8cT;k&(;LCdNt_OO2
zDGR@X;+B`Pn_!?8uVdOiq*}3#tNK#<2Bz)6WA+9%1amTXE7LaP@pc8%)*#HPWZF`M
zGqIJeLMC&zvx%5d8+I^lI?y}zv*=@};-mdc<J~g+02_(%op^{j=b|?&4l%#Icq{J+
z3r<5=dW;2w6+-upvG`?po_!p>i|0MZnX3}7pFYkwB{Hjy{b4s|(Xf*&a2t{poovee
z!buiC7S9t;v4~T6t^O2qY{P4J5c1cjon{U&L1+;|KDZkZ@<H5#kay5SguF*ao?(tv
z2&W?C<&>OZA-wh{&aeQUU*j33-UohEJ#+Am&#z}9e=e$LpHv~tIm_Dc^c&7HjhDOU
zEQ?+YeA+qa9pX9b9MkS&AZMIoB9EVskjF0v<7f`>d$Eb}#dI2Yp6(h#{@w$G96#hd
z(xLmnS~AaJb*?+l)O&cYKF@x`^P6{piTru#1r~W3y<c~MIr!wgb%D8gKA9JpUWSP_
z?IKe-ej!5cZ+<<(qu7OZAuL3A0_kp`KW`%B6D#8q;xVcdFENp)pN^2HFGk4IFGGAT
z;<q3ii*P@};Rx#yrXjqI@IJ~NdYP%$5l%pO0pTo!ClM|~cnIMZgf$5FBdkPN58Du4
z&#QP|gXh#M%;e)Y1tA~5l?eIx9YDy(_vRI*ZbrJn4X7W=9fgqBYa&8kujvSRy^0a?
zdM!i9>$M&suU92PUa!3fdA*Jy<n=m(kk{)HLSC;M2zfd85%PKsyvj^Ie<ma3^JXbR
zK98!eLdTL%=Uc2p-F?PRfR&edm$8aROuLf`4nZTHQv_C*B4{@dK1vZfaQvcF0SxtK
zQiGpGE-Hd@V3Dj{S7@1h0I~c`0uA!d>5Tu3W`petXo&S9ry+KW%`}8mB+>)xPl+l;
zaT#n^L}QJOO|*Fc7u(F{8lgTRB}}^~(`t4Zo5Nf=67U|`|B_4><hD(9Yh)uVFK9!%
zP|pWg`Rl9-zzQplR~jrC)4R|#xtIa9UeS+sqFYLvicXZP1_5)-p&#yqZ`-ul+KI|E
zj=AAh26v%Kzp!;(=%OEIDsJ++$9AE8UdTHr!`x{>qVqw@^-fe8-2PZ+dJyb)urn<R
z5rJP85-_+kjS2nsN@pr;>7Cn|)<S8%3qE!lkk*-|wEFfEQigfwbf$ucF2Em&SdId+
z+Xe&9jMVEp(w4|JM>^8Q$ajG$jn<1h)9vV>?9P-G!|hrQ#kzsN6f0JDq-(MM%RAD_
zxHc0z(eb#DypEI=??$;Z;>9f;L9+VKLYnwCw>pB<49V#TBHxYDD-*=>j#QoCU)T`@
ze485`X-#6t*p754u?9Uizk_>uC%C+f-Oz>hJ}08*PCwTXB^Ep%ftpl4??0(C)juDB
zPRx8E0v)&bg$UI7;0t<6M>_w4XKzP(^ui#V*L=P-GJ_hBXM@EY25nYr0G~s+&%q!K
z7blDINP%Q_EE-jAm1nC|WxWfUbF<>eQfapWUdU}l1emQV(^NK94SO;nkgx2vwI{QQ
zUJU~KgtJgQBb>BJiv&klb2n;`=ki;ek5>Gz*e@YZ115f62w!;q&Gvz?Ir@38DLBoz
zC6O;Kbd{yWAen|+=dh_V3^T@KQdCGC=gTxu?(sNH)LCYLSiZwx{!O`}S|ZUAF=V_%
z_c*b9*cO4v6bZLN&~X;F9X<-sWh<@n$^Nv_Ivp9Fu_>9LCG%ymEEV*ZoDIeN6&}xw
zeze2G<v3@&p6h*SN|<L(9~u^`&+JPRW4QwM+9c10zEqQxi8RNP^~^qWC3z_Dw_fnf
z1zV+KDd@Ph-8_4~r<!hOd6{rZ*@r57UO<|qy)3B%=vXhUegF-7UE45#3SZZ*44|?%
zw4DQJ&l}pJ0d(aJZ9ih))K(0j>NmAx1L(+`4JfPXXIjMo%6UsG9zc74q1_%p*Z)<^
z7(gj+bD3N9ziE5>(UE`q16JlcN^Kvic;_+-U;cr(0*zeqp;C-s&4;C6dR_lU-T8M)
z>#dIYJB{wGX8fJ<dW*o!=q&;>x3>sPNpJ9@*7jBl2T(<C@Ci=!76G2??Fac!Z+&2Y
z8r?@L=)>0c(Q5jzBYm_hec0VT+SI;mNM9|dFPqa>TiKV@_SG)-WyAYvdHvX`e%g+H
zEcg2khx@aO-)r~3XM_7|Gy1cv{u(eF`)hmqv+Dk!okk4Mrhqk*%CwmS87og^#t?*~
z2QqCc!n}d(hxgbwAT+`7;b+d2sFulKSk(Dwiy0Q%DI3*ToO310u)0S}lxtN07g{f)
zzs5?+REe#Xlp2X`lb&G({!h$j*L>@X#WosfGZ)xslC3+RvV6|JH%9nbaSJexlrb&n
zy44uig3?5Am3E2Rh!%8ItVKhXOWI8@Y`yjXo@mdo;vvhpY`N~G!yX4-zT}A<+XB~+
z){t&`TOszK*97{i_c0IkC$ti8u4LM1nYJ>Vi3Ek+IvG2Jdy9;zACfK8acc(f=S0^G
znTl=3AqnQBSjx9-ZXhZo{f<NjrBWn8om-D*@=z!}Gi5LoM<E!n(n5=z0aY=J4)N7B
z%gaq|>p&yXts{l?tj+~<T=0MBp0!rR!yW_5^!Y9az<I7<$nsn!z~e6P6p;U7kl^V4
z2A6YU6g_f*9Za)4>hLI9<e7+*s4~!VH<FG8az59P5YO#MniMh|c^8H{Z$`p$ic_|!
zt(;dPX;iDOSR}2Smm=v<tI0s$4s%|Oq`~2kI8$lF>x-i(rA-IIHyGRiPq#6yN7BtU
zxH+tD>l_<Jm2H1clo#oq69r9?7T7Q&)d^9wJ5tS#qGORF;4_gT;0uxO`Re`4sFsZ`
z8YdYKUAQ*?7VARN0Tw9weHSfK#WXi9Q-4o1!Qlqto^GVNX_$d4#9G4*@U~&#^`S0|
z{$5uI5?^yg`SJ}S&cMqM+QZ;vm4LnWq+kHN&P@w=f4wxrBA*YT12*|k2u)U$^iaC0
z?X_(Tr3I#PH-x4I)Cto<X?BP{ITS}F7Hma`J|UD2hRjEwH05Eg61-rf?-Ib6rps2N
zQKU!K@rXwLlh{t!DS#bgahy!1qZVyJGH(7Mr<18v4ysS4YPkkm!*nx~0hJf1S0z(J
zpg264E`)qu2yRelqphetjX|Hbr>Si@k$)mmyPr&B+i8u-v>|3aLv&i)UPK&-pU76V
z2YWj*wLKLiMm|iYV~KA7Ge0SEXEN<iGEv0UBr`9WGLm6k?5p1tcGq%9oCR)}qD@bv
zsj7E)5{w*!kohdvWpMMdLlj`<v~=H0r1LGs+lh3#m1}AeO$rk;ljwA~QIkk3T6e#j
zNcUP}#w?F`zyQ~^jar{bqoTA;Ni;XgNKd8_?Yb{XrtR%u@_MV?0|q!hHtbvyt&hEf
zs+7eqVVv=lV4|>$MDtQ2O-r1Cqlot*Y%-DLDof6=&~yPCFaHBR2*%~$53%Qg&k&ID
zV!;5oQTU)K{>`n-U8B-6i+i3*=PmAWD(o;J5T$iC<CY3r!;m2knk>8PRcKo22UHqw
z_Xk{T=iPioaU(WO)mN&NrSj4AmH91L$yhFyPcEA@(%K#DZL0zBs1>4)G2-(8w}_nI
zRBsCgyibyA5h?L^(o_xbWk-i1lXki130qBi=vjiK3tRkRzDa}pQR_4Q>N%6H`<qCa
zX^McynVxwj%{D)KT>eqkD9FVT5Y%YnA}C!78rPbpONGd0tE>%dP3L9D&2Y+B)g|Gy
z!C}shpktc0GXh4WkSWs)L)+P!b{op-)^xxn1HR#w%fo4+pL=3B<#>Yjw5G+LwaD$7
zSG(Do@>?h+t!b6NKj7)6ak4d4n`(J$stWJ`J`n&05mg7P(^}KW5ciBQu!Mt#BA?Ky
z$YEJa?OGU}ZmDbuqm`{p)S<SOdrND&+)72Q?zhtShtr5K5%AbBeNPw_gw;PD?_k0m
z0Y7ytXJm7QkqZ`gHq?+U3BEB<{53G6_y@|H#soL6I=otEG0(=(JqxdXnP_Z_!CB$A
zBL-VCbmnQNV(f^f6%J!=4D4$CiesSa)aynxrTh6+N5kXlD|e#lmL~@(M+UUG6-_k(
z?(@-<5)!r#aEP%Yny!avz@&z?*b@zlQe$~E?G0OivIezou{#>ZjK<PvI?$TeDyxlq
zXbjD0a}01=q`o4CviKf2J2C>5+8zlp#)U{PYBo4ZzZXptqaskJ4N(T_v_C2WWv8@@
zK&f-uMWCde?IMu-&2|x}eQvafGzHOaUgK!K<{$UR4{gjlU$7WecDiqYaG#djv?X>}
zX@@Mb!$|xq909WXm>njzkwB;0^<q2DMK_Yqwg3Kceg>QaU^@}?a}dA?;l45q;+AYP
znGS2hQgA)_`tz@0KRp01T7tP2K4^pw0I#;-NZ@e>NJ$7Fn2tShs1WbNsbiTw1H3%O
zB_+Nz$5GC4LB9%~qR^D5K@bh$r=uU2KQ1S@pH>SV2Ma=d3WadM+kAC9z}LLbCq--f
zLPmeH7l1Tl%2vkKV9$8U`*hJo<av>~k3l7!-9?#A<wp_T!q0I7D*H@Yh2s~FG&rFj
zF<7MW)`&xpELlJF)iny7P?)m|S}sl>p#dA?dFNG@=b}Rf&fwdIImSh!TsV)=F03a^
z$B7nYs00^qN`{2vU^?=hX8UkBq(BmS)R!)7jPU$TSeXjgJMIZ@0j#w2g(TCe0^DJJ
zg(u_r9kOOI_2D<Dsq5TV^pGhFzobgRSnwsSmGxua-~yr_`i4%cK|8*tiB9#=*W64z
z{TmwV*6x2wC;i^e`i53}LKgL=!(RRF*EA|XTlfua3sjf&h6?E4PJc~XLggdh(2_81
z={K}DT)px&4s^%1ujzW*Yi#Y;G&I_g`3==ZYk&vG`tSIX4#sl0Ho>v!YdVmmoIxep
zD=YBYbB>I!Xyyx!6W`F47qnAf(Z0@(iq9#(i;?#kO@HYR7f`M4>e#R7Soc1t(DojB
z&6kwZGbr~<THJFux_HgMxG#K4dw&#k<}*6>WADjN>Bf(Lb>TDG-OE_}8Et+&<OG`Z
zdKJ2}<PGo6&*}Wn#iGw>|F6`VuW9bDwSuqd>TiBCrZ-jncA-%71uguYJLfZc@QzXY
z6)k#KyZjZceHW%W^xy;c{?F;&AM`POXyk|bs6KS!L$lyBy8q!^HuVeI{*n9or*!lq
zzVF}olYYN9rGKp7MR$Fy-|kH%AL}=J)25I0>%Hl~#}2gP+{b!JZ+iH#10|3A#BBVA
z=6>QpTUUKzBKF`X=D~01)+Y`O#Lz#RY2VO{KbtqcruBa|&wou9{v0{-E1K{ZZ{wG=
z@Gp_*k0XEa=6^}I|DxjEp?_5eeL++H>H)m$uj={FY0F<lz`On`0)ObQA~2`_YNFhM
ze>2f%Q~wr;eyaSNiPBI1P2ce;-TIqj^k+2a(@0E);!j1uOFlJGlkK100LujPE3}LS
zpS00&O9?CI1h$Tcxi)i)jW$Ba(liHuC}ZL48xmRko`+WLQQ=!(J}$x%!ta4_Qv%@)
z!mjDvmW7sq_Bt<Zb@)|#>5yXv-fVPkw*gh@_1$?J88-9@czJ?VtBIorw%@FY!#S+2
zi=#BfNQ<K_4$ss$y!!gAIA|Rh6XM`UB4l_R4RLu>VlmO(6JlwI$6Fgix&ECt#=rwR
z9IjAmfPYa8RRtv-i=n(=BL`<eFf=vkSg1cRw?cCOj|_WzK@81qt*nowMXj;oDKo0)
z<XGAj#m|w^(Rx)pO^epI#?zu`eSJJ_jMnGI)1GM8ka(((_KuFDN6{u?$Hzbr+tl9v
zG!NiBtFkB*cV>A>DBQ^WJ~xz(DcaOfDpj?GA^gfeB9vz8j=WH6(EnvjC{AT#XeeEW
zuk8@3@_MuIzlC>B2u|OR&IQxi0HrL1vV!&8mXMF==R;{pu)Z=B0$In>P^t;`JPe`w
zU?0Wg8w)j)sRtP4uzzi;lY5JBK!DtNrRbbwqiy1V$8~-0jHShx06J+^1_#h$JBRBW
zf4gB)s?&MRq)|?OhF#Ws=LAri>y^9!DtC<mW}jOdA3)2!EpC~#!Jof1#f$`Ii>V`@
z1EvW~gW0F4Y=bKCN+nZoG3WtwM*VW*Si89vd5=hot@f276^S}rORN#KDv|9Mm6Ia7
zBr2&kcKfMx%(u_~=Q1v5pbQD*oAx2_NrO8QFDHq`#md;ZCouUS_|_~76<H`afLYD8
z31Az128w5bJkY}K2+y7w8sVt?%7%Mazu)n!_&V{vq)!m&C%9uksDZZR!)(1N4nASr
zV_1Q;RHWsiTp_Y`Pb=Q^t}Kbc<N%8Z`KT$(hUqzk^?V$sitm!~CthFf+vy=@<wHS-
zJYbAPDYUR$OLN6|`rI}wtfhGp-uHxVhv0)szz7#xOzzkRJ!)aQEvWh5AJ+@A)Pd}$
z5DcaZGF0<M3vvOM=s#suB0m>%sA3R>%89J)(~=r<A%YywKKG6Zr`>`9Vr{TRTN_SQ
z7PBIZ*4T^{;k3h64@Oq0N8cSrn><_|Jjp+BaX2mUUx)>8I!HSgj*F5zBb-Ktx`9t^
z+4*>DTGvtpzM|zIhKK4_>XdLg(n<yWdA^l?ISiDc2+Y7R5txiHUfA?7b9ETyw^k0e
zW<{;@(C1Cf^YxcG7xLpl78+_%iY#o5MV@Y96D?00$otzr6&`@F7NFOOcOWbMSm{qG
zOrFNQ*vON>4|(bti2E&iZW?<LEju9xtkP(sYBa*(lj?17z$=Uc_;QCnNTYoY6L7B9
z<+#T7Y41O&)W0haygA)`k0O8V8+%8~S_WOqyKFd`fwYb`^BE>pO_LlJW7{f3xg$_l
zX{$i57NAG#p<D=EK#RJ>0){aN;3sWIzR&20{6ju(u-DLrv0gay37GAn6uVmMM|+e%
z-}O*~Gx(Ap73yl9A005f$2@e%<z4Palic3Lest5_7H_Te%VF0%tj5DNz@E${@WjWm
z7Yk%?zyt1b9*4R?qOG=<alMutKu?hL3W;V*CgA<jE4eb8C_{Msw7zc>CMkYKeIO07
zYC8jIo7FookY-9+RUj>vHefQ{^ytF^X^@vwhNt|Ov0G3I3sBbtQc-|DGmusWh=4Z)
zn0W1QfO#u`ZUmH}j=sLcVZ8;fZ4vyI;@q%k_hKQN_PZQI3vKGTSXyN}gaRgb^jk4h
z;s0q?9Bnn7`(tTvfE)0HfC=Cz&JX<<XG?xd=Y?3RZRrJkrDZmhW(Kv}$jakrTeP|%
z7H(tIl2|$!t!Kx=6}t$`{b&)GfiWfun;c_S#L&_h_x>2#8UyuQU)_|}E==4GDNpM9
zkI!<b_;YHF4FPjPj?(+n3)pt}Tw2IoS5X<4$@-qLjgH~!RG3cuIhdePj-Q?{(GCH&
zk#x;w0v;wo>Bkqp6!A+1{kRRT(JrC?7uig}6*eC4<84nt0;m~7P`^)*kz$xd*<+!3
z7RPv4xLR65-fq#(SXhHaYsAvBYOt%DX>HypP{uD~!ymfwu?*wBn@&mZLdq%Y0B<S!
zT{jJNh^c-w!tr}h;0`ws6=2o4sh0C@M!DPox3~<vzTX8|^lo=35;wTxe07g~+dW67
zzjC@DO*G((XRL@0!ubI31V6!!*$lAXuGsh$5%qw_C$#UH#dZLUYzw$-{LhCk1|ALr
ziX>WM0hi5(=X-6k2YkUHj5Ft+xCm=*7=QP_l7{mkcA^Wx=Q(S^iSiNJZ;1eS#uDJm
z<1P4oTY$N>0E%BuctkSBJHetHg;$PC{wYqnEph$D6{@n+N!wMU%t?n;&Yw$jDx;ii
zqEjh!vQ<uHtCMYZ;sANFp15r5B@qNUbIfCG3~n7yqMG(aLxhjAVEX`S^GB#hFcF*G
zC@vCcejoeb8)CLVKj&POLg-jSu=WF;5!oTf!Y3u~2l%WD5?`fAdw2SY_y_jZv-u!S
z6649yj_5i0N9?7iJ;>j41&M#6m&CW}Q#pmP-p!G|efZz_f!!ZY)^I75moQfJgL|8!
zLa@LMVU@sHuo%Y{wajt@<^y~muN6#y*My*^v3!mt+-5R#SN97tTuuzLw1-*nW{V4x
z`h-Qnyv?^Nus_{wm0^sx<LT_>ZL>3LlHBF7TRUEky|W(}DsTLaXZ>HD0|s#eydpt|
z0Iy6y_aL9AG9TW5viKH-fS&%P{1N-N=59d#oaf%ONVS7-OJ>s+xag*&6}cdu!NEpD
zR4vOz#SU#h_@T~#ahT@1?IteRyx(YoOPTIs(_Fu39@(a{Uy?q-cVl_|+pw0g;v`0|
zOPCOU!n&Eq#LJ9rVa|F6Z$Pb{zR2qwiz{dX=CF@OyUIkkMSck9esClxSmCnsq9B5O
zIvY+jEbN@cJ=n_bKP69mV=9a9kqhG;VSAN6GSe9w(A?O@T&VpQLZ1MwdT5Cl-;35t
z_Bp+1q^#xkqOJCcLS8Q#?+VE3MYZl0fTww0M)XE+y0E+#4GU<qt`{u|Hh|h0+Gc4l
z5D$k1JdBH4V>$5}WyS_0K0PiJsD`8#$6li?$u00+Mf<-1v%iBlt`{Bd@G*p=&jqIT
zqNC4YF{M2p*!UV<d0xEs8a;eI@Z@WB=7nDa-qkr6`QLh}fE{^_hQFdB<4vz<8+y^h
zSM>S4Xl4%$8E^05K*kq(xM%gEu|56p!m^%ifm!~lYjiK#`)UZ_Yp<ff+JA8&gA4xx
zHps*u`QiPcKX&2$ydRrLG5R$Z-rV|{A9AVcrQPktYJ0W)!I*UQ>6_Y)X;3xQ9%z`|
zzg?z*lDALL;J@y-l^S@-`RLNUYQ$`f?y8{wE;`yFVYY@5_s!ui*k5)t?>ax)VUZ5F
zA<v$N^r?~s`|%#tHr9`7)jaHrw{>Z@n;z-#?T4$CG|^3Yu85O<w9#dj!Hm#lF7l(>
zE`5ia(%t%YH&yv*hy7TCpT69~@;vfF4=eP5x$}67@vR+`pmFx4IF?bL)|_yL&r&w^
z=`#1Nx92R7Id#OO<8=j{{g#MH^6OtgaL$~NEtWwQt~u`4A`ZOY{h8~cIl<qmc_vPy
zUPQfYU=aVTnPv~6I<%|KYJ&j&taUzGJzkb-WZcM}@R4yxi1vBz6H!zj5vO4q6QQfK
zi^<~zI>;dNEEb}U!CvI)1)-^)$`>MLa&O-CO>54DL)E_{UpvUNjR5B0Z`IX|K9h^k
z`ffOep?1O8IwqfHY&*6q#`ZiVJb4~`zwCtZ>xsj;xBSDk)5xM`GRIy>pxHGWSh;e<
z4F#;bh-(V1wtoojlA>={s6=U^8w~!v0{kL2!~OVUzG(}nMT4PljkpC@4^}ty5l>pd
zLG#t!_{@&IX0s5UXMw*-^drUr;xy!uW(hyW8GHH;3vIVVJxLEnE4Wsc2)F^7V&#0<
z+_%{40~`mOkgdFa&Pi)5lVmUv)rf6Qs&qt@JE=f38=SOCGcP-7kJbu|6-@^s$0=@c
z(p0AobegUd=`2%^cy<oq{G7lXqjVZ;dA&e~425fYq&p%~bh__|c;uwrnmI=YhufT`
z(;z1@p5fGiSmV@zsB?<>I<3-`lRDe{OvZe#Q{+#{-J91PdY%D6xEyxCSvir(a~YfV
z>>SN~jrC|Nj2AGTU|xJFg91xuB3zm+XDZl{8`;|sb_pW1E@ugH4NQXs88GZ~$^~{r
zkgvcP=Gn>P+b4Ay1mVjPF01pHyoRwQPYdLAGa*6@_06UK0-eIgY8u9NnpK3;#Rh8x
z=#6pW>&;^|4m~zb7IS5qC_@H@{0-vQ_%Td`Y<@fo<$X{M#T#foVs7oW{WUj|u1May
zZD<Z&i=;Byd%F#URUAGpdvCUZYtRxW$OiwwgKcP;DKCixRW6oA(xU)(X<Hf{6j2#P
zWkDRXImkP*E#(JuxFpz{5lQ(W%Hg)OJv3rxBrOP!%x_EETAMSYXi!ANXvhmAT3?H#
z{Sodvc&kmwmbSFEjd`gJO^H;BBiX7*Woslm9I0K1WDg^ij3_oXN|_qP=0qu*qS%2b
z`Fs>R9@Tv0pk4n9Ymw&}AmI4@v5JfQd$>Z<pRm4XGI0lEB~0GS*eWIi-t-Ua8+?L*
zpuW@rL-Tie41-a`)0*-zz*%kDv1z}i!btg-*ahHV7QR*|F&Q*o!Ly0^9P)F>Ur|>u
z4+dhdVr<wC<3V$D5PwIVK$m?Wf6e~<v?SmBGvp5`0cSPWWdDn62xH$jC*b#j_F!*7
z&dkIO7PzYogfj0$LCLUM)(AEb1Dk}mu#;FKU|Mm=()XB^)mZ)bnr+&ree(`&Y0+LP
zVd6l+oy)B^RM_Ipd9n<AcX6JM|MB_We3yl;bl?{XqyXP}a6^DX-+!<`_&fjYF#w&r
zN62I9yhQG{cm|Z}ZOWiz+9hf8lPFbo1J0GTc}dVF69F%iwfl*br78Q8Xo^#Nm`FRE
zZop@q8U&rUog&~tx(1VhF*<jXTHujS!aN~ZT%AOhgZ<7Y(%KLXSB99IVR{hC;gV2u
zQW7<Usb`^nA1)kBrkvI)M6L^3D{GRernOj>OvBp9h&|9o-3X~|8|6R}6}HueBvVCO
zX=E}LM%m9K(3}`G3#JM&ycN@8#bJrGCsrJo2=;tWY)Em*_mXK(TzEdDukqnylWApq
z`0XUBi+2xAf<K0?jfqgL3V{6fYJz+}fn_I#uj#<fB*_g)Y;&@*JDHtG7Rx)Z3&~1N
z2R5+1vb_Tv-=1UEwhsg5c>C^1pWi`S)`1mwz%}8?vCqfz$2p=rKbG>vH0<Tm+v(F{
zX<0kZ!x*Y=r=N(SQ|(N^snPNLb{?&-g#0Tyeq9V*i`Ey#(A*fYEQU&AvN4^ImxD0b
z-je#$Z#g}Sx$--yFMR+5Fg{N^;^u}+A$xh4gL1gC`U$~rf&+fUUxgIVqMuWtgf4C8
zlHW%X4lGqlbFfqgD6z-2MShVq0^>G9w9SVfWU()fO`CIuopNkk<TKbFGRIB@cI1rm
z&O%8MdXm6T7k*qC3^kCJ!$N48=)Mw6yTyst6~T1DJ`~Z{R2!lT9Iws`hQUY69l?~P
zN3RN|a=q1J$TtmnO)%vcGT?eco)ttleDG$Mk`_!iTt-0<4RX6dthklTAj)@x2)W_5
zA+JWaw;C?OJ;T_%AaKv&@;kRh_YFaGsKp?Zddv(%sVM<Ios~cn@ZLaeVKAKv)N_LA
zW}pc8L7+Z3n9_r#F~KZ1SS}1^yMnc}5SAIDm4>iMA>qwkgZ5&-A{>c-)O%AubtHp9
zM)M}|@768uQC87-<{l;cN!=*$@t8fY{e^mTZyLX6;2?t35I=1k+(KExu;Ia3IK;lz
z*rxo$sUBxny{zWi>4vP1w^OQJ1e|Uc0cYB=>-zFE2#(tDbHlAlwH3pQaW#kwehaK_
z2z-|C3^{MFy;H<)^nncZnoN*mU<5O90XLeIahy-_x!#9;=zf9S6tp}G8)*4Kf5fq<
zcOJjG#`h}nYI+qHXxISn6|{%YR~4SV<hw@^#_4C=_y4EdYP0u`pe4iHyBIqSr8^kN
z!oF5uSx>pLjk)bu_~#<{gxO3^hlxB3O#=^GaAOB87mNm8&eIZjyV|f;vIr_USbm?9
z<X=)JZ0euO--5B}{)dCZcb9j_UC4tZue<-m-g!ErzBm;+fvx1{>F4r??Codbu<j(e
zCFyN=d2uYVy9gcJ&&5kn4`wnrFgKY|BtXesMvMM~O8VBSQ$(-%eFmq_OoodG91d_s
z0|P<0Oh^$#SUB7fo-eVma+vd3*iAT5gG(#x)0XnJ-&XEQ@xD5MW{Uv}m)e6JPy$!q
z40>wM)EBh$Kefq1KC;}3jK}%-y)J)Gzjy^F8grCz(htJ=C!3k?ob4fhM6W||0bWZ!
z=e0Z=kGu@|1u{GFe)%7}OSFiVa9K%$xEx-xrJL}mz)}R?T<5ZrO@cB_BJL|m!bgf{
zBjSNg2b?LnfnO{sJ0-SSYG%@)-&~Yshhl==%xghK_F)>&3iUnAz!_h{w7PZ}#fexg
zwW8x(J31qBj#jCxRks5(4;1opyLU%Bny7dOMbmtR^Bt<xPcoxvsiRhel*~O-$iRbV
zAlCA7e>dQh=D*e>&ww8xQF<UI{La8q0q~#@tj$Fs8o=5RX>>a}5i%3S4h{E~wxh}6
z)yVl`YYnB`Z9NrL$Z0DNhpt0g5$X4}9mEiEI8sCnPe!VUm=NVg%^yYa7nZlvwzOlT
zqqUXMEH4@(+cbiF&iIK@WcuzX?O1DY{LAo3ATDvFy+Q=6D6=g3bbO@9qAaqo5=+vP
zH+lcSr};1Jn6s%u1hxtovSVX_gIKKb>rW^d-j67wS-z9I%E^{F2Mb!|W>_=`S{Z_=
zf;J05y%3U(V2}m(2YiG=K2?r2pox=q!+nNRuG@vHE`llywo@Lx1707TfgG8xUq@Z<
z8`>J+M*5YrS|l0N!pk40wa_YI*EQb1%)+sI0)5!LR>l!H>RlQZ!jV<sKIFA<Z5xu#
zi10mai_muB=|I!d;5J$no`$yd#qEwW=5B}Ip7@Xy<dXeD$PC0SdZ7{r=)<lW$DQcu
zJ-!VNQeN|}N6_$daT3Zo^(*5P5^nyrb{9#q-l-7_5PAB;72+V|Ht)~owhge_`b*$q
zG<)6`zbXQ=eny`UXCuh#Yw)M-{S5wexZg1J&zbMKjz_{7-(%yh{yvVwW&Qnp$@*gs
z-RrM$c<}&Z<tE&~2K*Wqx4(BChgAFj4jq)?DJ+gZ+(==5JkO!24A_;>gXK>*pa)yG
z5savTY`(y2wQeX2<dxl#&df5jVR8l=!Z>35a2R4C<%AK;djtuWj$>Zl0kDI5p$fiC
zhGw%HxG~+&W$I+ScQB7>Yf<c(JO%=u9!_CF%kh{qmCeTEx_qXkBD1P|(CQ#srm>*Y
z$n)AXU+kpmOq+$rS<~4!@LV#31r_4y{*0z~(hHk%E{5ywbW~tbA%pHHt%j;h3HTtj
zMXXX-fuahF*<AEqH4KkAzHR}yi|~%ii~>AOS`0;2WV&q$GxHFhSi(OVvapny>3ABm
zlxc_7;}l%Vx<WR(l&KuMbQz2`(9(7A<vk8f+_si=nu$gXT*u5Mh~K*&*OQSz%-hI3
zX+R9w#N_Mf<g1&oA;XCSJ=zRu*A)Pj70f#dg00b&%-D&#)>l5xatG@)g=e{wnTvRq
z)yQ%L&vG~OJVK2|)-d@h&$0$t-sV~EMV9pd4jp7(?sh7_mKjyZa&;~9%R@`|9D?N(
z!UKnyUk<`6u%t>wxC53{yed0RuwefF&6CW19BcB(Y24i~OY2TE+-WH99FuF&=uH=y
zb_^jbeze61^DZ|%uRu5r&ugwQZ4|<74XlCjguAXWZ3%e5Q(?-o8R5KJjH_CXyTgK}
z;&H(p28IwEld|2u<ZJG;eb6NuH&oD0Avz@ku1FB(A>@u~HXy7*cnslUgsH;>Z34n6
z2;n+})*(EB@Cd>!2+t1_?xOZ5N5TUJvS}D8?8hA0GFI?jMcWUL6{@j>=j9680W^L5
zWWmfvIDfK$N$?0y@CZWV^MuXV(hnC1aw#5*rwig~^l$BSA%*S1Ms;Qe{E5Rw*T6!-
z*oY12UZKz`3yXj1Od)a>7EI+#LF6l8?@Ynu>8fW5B0OnO?JPm(ezh*o5+YY29X!W)
z?qKC+&k-WwZG)y437*4vUR5MS-okUmT*0#r&+r^$^5>EB1e2%BEEYUdfuC6{M4rd<
zlKFxs4bN5cg~%&-KD0pa)MM)0Um%$Ld1{GZ@^mLlgaBS{=0c%$1>%=35<K$}?p!4F
zJdOD3#e&JF_oc;xx&yuPaIqlPARM|x5c%_%C4$bEOd&$vYh?(xpo7Ym3z7W2tIGwI
zr=L<LMDme_Z*=Vzyt_<-SC@J4>Qarc4&e}Zamj%fmu)Kr{RqOlcut4cmgVruGGmXx
zDiGGeJInsn0zX<8!pX@-I6XO!@BzXhaBh;bNniyCmmu7Ta4*7R2(Kc%k1!Klr+N^v
zJUci!(MH0VNzP^=i9g@mDmZfCl%!~zpsfa{YG4J(T;OLR<j?g8@4{C}cBP>0s}$IA
zgx3&`-;Nmup4NPX>kyvaE;xo)ftz0?=rsr%s{}D)hrsf72;OA~Pwo)v1Yd!>1byso
zB-{;eLkJJ<ZYt>9Zs8?f@XQ*a3odOnLL^W9_{`?C+ds8~=Jq%#SVSpI+-ae8OdMqa
zGx$4fuYwHGd7;JFYGJ1>2HZHp4=tQfF0#s%R<^?0^2y2me}50)blxZU_K-MKpl`t8
zfWZX5(gcfj8ETLFxsJ;iAqvA)_6(KKL?6bzXpDps3D+Ds!1Mw*mt*=p1{sSy6s~*(
zIhRXFWLzbRpS}wE0=#Ct)|)FV@_gE`&{z?&vtCjkdJ7z1h;(o@-OOAkI6?PR`+=tg
zAIK>uQi~9x_VTN&%QG}G?9|$6(25+xwDs^>D`-V<sw)`Kf_*65_Z5Zr|2ub{|D5(V
zWY|LCI7Yk1uqqb4IvQqGkt?I=AeZ;iR>@r!4F<QoC7Mp-lSCjDm62>?G?*}Fgvw|L
zz7}C+6nWjtKu@-i%cH5Jg$}sFEMV)S=}gcDVOuop6^5|VXgc0{BwHL!rETS%(X_p-
zTonyH+&{04rkU;90<)uCTVQUq!v%)+#7q!ogS6oFQo<w{CPra2ef`~^^`Rj+R)+}h
z&%~8oD8rebZyzlb1XGEMNk_AtZot+0FY|+GjxoW4RO|eZ*JVEq;CPQz7eslUk=Tvr
zn%<#^G;iarWkK?cV5$s~k>-F89u}-k3}$oSU?Z3<4SqUQyiUoq5On)Ot;1HG&THmo
zod!B_6UlM90M2zLZPGzFLL2ptQ(vvqP#q)@AAj6=qqJ!vJ~?;Uii?smQ^cpz9PsBk
zQQ+o*+pRh<N35KAwOG{laOI_-Co9F*7a;_`Fn-b_8>AxKJZhR%+G>O0O(sUmR|dX+
zv=er-NH&dmivu9(I0bl;#e3Vt7m#M*m3?9$@Z~mnyNORuc{2iVh4-Ebq&4`?3|#&w
zffoWHih2>QfOa{wb%C@_YjY|PWN|Pw&&KNF4S&kf`IH>%@~$@Nu**9#fF8KD*(PQ9
zy@BlgG$3yK$zx0!==B~qsm%K#6xi0Z(60DXWeW(QR{QIy!47{Xay;s<Bl$X0DGOvL
z%~xjxv&8|a3=a)~-{IjxQ1>T2;FD_*cV07;{qhccNwd$P%O)7r0EOv5KZ3J$D~+=1
zE3Ej^nF;)AtFn!AM71oDowh1hAtUv{>CY;K@w;N&A62;QFJn$D!7V=3<A;K}4u*#o
z9LV5_z{YN)HTJHRU3n_8<~j-f>4FnuIbJw~j=gG?(?oXnX$n5(FS9Q2PFAUcQG1tD
ziITY#pRtp;9>hS^l>%2cDrb$&RJqy1GSv-Bk7|cFN@IH+FF$FyZ|q&P7HwS1M0`+g
z6T61;eB=Ex>-<1SSZybK9$}UpG9{(JPUo%4XmDw)+*oq5Yyz`{-yMtW%2GR9XZIYn
zvpx1_ru5@`Qw%wLa*hK6s}W#XzAXWI*q{_>nKcZ&&pNAiFbT>N8sGz>R*+1KZN|c6
zx+@uFNpwm!;J#(AJp@e7p{lknk;bXq9)FU{$d9KY*DTa!mq)#x1WPaDKmslGnstfb
znQ4O)XnhL}ywctN#@=`;HMQJ$+Q7eROZ7qe<#@Ukv>q*A7GjjegI^n(l0Zj8#e#S`
z8Om>C`&v1cCD4{IcR>Oj3`<8JpJ=1PIOcF$BRi2Uw#`HRGuk<4B|>@HXh@(H(FSs;
zh^_^GMx1LH_{wok)TBJFEvy0JwBrfz<kAz`v+>%Fcy=IOsgGyZ6O^(<mXoMtB(b7I
z4xdicjwG{tKFru8ZBY`-PvV$WNy=_8ZIcwhnaRq;WZ2iV1YDEc+}%E&((`<gXD}mQ
zgf`!sjqq@9)f@030c+=FA}fA&dSVWN2lYI+Nke*Y|6w;Z2`PQL81t>l1}j_s?3CkU
z>B2YceBZHy5zYa87xM93d58TLdPHChShRHt)G>@q1(u`U`3gP;7&uv>^P+a!4z=S@
zz#DDa2|JCDv`Rab%a}L#vYb+DXQ%8+gPq;8D?=1ERf*rPuqvgwX-#Joq%T|o<AzP}
zZ6?AZ0pGI0w^*UI2o>d0OU!u-JN{Hv0q?A1tc+D#+-Cw{&^VT51ky2)Yqb{JoJ9e!
zm{5VKlZ>s{&165oBkbDd0IIczo(iCi$_NHUv@C~qIe?BkoI?X?zQ)zm_G-qAK$_<?
z05>|d;ek}8hb|4IGDBGqK>G}(B7nBJ_0#~m<ELXIn&___F=@I#2%iGeJQhGJOz>$o
zn&w55u9!+n5W5keqy(}tfl6K=I}#WG%&owuO-DQamHlD{GgisyeQg-55#jw%f(nv0
zQO3G#wMK?9j1HT`@iwhoqLVh`yhMv6*G1^=Ny;9HU6GW%GMg+br81i-w*g!!Kbt@F
zVLIqgt?L1qJ74=h;CH>sUdBxbE4@Zg?#s|C&@Rg0!kWYEFdx=N*lDdzxh&H<Njopo
zEZI!A(<r+Fm77AlQf6lho^A)e`34R?&NIP)9@`L$25I#ni;{|us8|Ew3w_}a=iC1;
zyj*bqATVu`k;?azsMc188n3cDVb)h+9|p2ykJBhkrV>B*C>+=RMrJa!42`?+GZkPg
zPNwW2zI7D_fdx7)SRIp0Q-gQn{&zXjvJ6t5NbcR{Lc9X$&%y+C8=O8Rioj1xasaa+
z$pLs}5~jzdBoVJxCdC4=Jy|)P%=SH9=uKm!w3I+Aw&nVp{5*iHu%|qLe)5`+$GM#I
zI3e?GqPBfwYCu2&E~3RO!RHjLt$jFk1&hnaEuFpP%L97Hv=H~lg^~_q*bS0?NrKP}
zM0JCtWXSBE)GPwR9C4pzI=s3~x9DK+EwXTJS6&au(W@<g&2+;`fPa853m+RD<)$?%
z*M_UooMYT{R#Vd5wAv|WyXm2`j*WH0QY{`2Ic{a8n-#cQJyUO-p|SPWG&bLZU1UCb
zKS#Y~E%DG^Lz&~Db*_40kq7$8$^j2s>v{Sj>SqwQX`Kvz6`X8o(swXNSw#qmHi!l^
zSa*vCT3ILVMa_`@!;h6Y2EoH;mI1MnJkFp~77pVB2jdM`0CTuhlyeLyn`%h8#x@r1
z+hyO#CK*(xDrp8?a`*vG(I61nuBk{f*r@|?)A>H&efp=qa$pmOIWWTJdI%jA8+>~}
zVlR&3C#ea{b{UEWzI4GKIiUr))#8My#d@1PL#FeR2+S1;w<**&{1r%}XpZ0yk4)=?
zWyt5YMTZ<D-Kt}RCs^NkoDcYxkI!GM>t^2i5BQmovHjoj?J@uUXL$9H4R_-Du<yud
z(iiSUj5aejzC3#X_p#>bjCqDT&p(r6KxX)YEP{#+kzvZ53~>d0C1?3e1i-18%iL$+
zkcGL23k?2EaZ^4fxbMSB?9<zruYaGBg`li|Do^?E$VvD*3nL1XA^v<x{tLbO9KP1<
zhVX4RTqkk$g67>B<J^uQyuwc|lW}KTAymtdMq*CWKv?9<bW4gX=gLk$<-?7BfiP$m
z{I=i~G%M4fs{+4<oE6>B+Zkfhik<jGD(<l~S{A3f@Sc_p#YXuyFw+$Iyc1t_)iyin
zvI5l=8t#xQot$i}Feo2fY=c&7kw||=GjBU7#i<tSl<71caOEBm@Jy!&xWuWgb+SXw
zVwUY<g@&=wV0#UHvWpFO$-tDl^fNBD$<^-3aB}+lCvoAMR4BiRAXd-X)X6Gcw;e(a
zcE~zBavYJl)Sy_2SftWnr4>@9s!BF@z@f}lS*aShOJ%23W3+?aRKuTSi@rF{SS^b;
z_6Ac|Zb~^;a90LH5B56bjXA1uAqYlC-i1MQ)}hS{q??Xhtmn~&SR6uk4KHFxx?mes
z;gZV(VM(e%1Uu5r&w>VzoC>F=9_+O1y~c4|XS|%-U+1rZF32~<+F+_Ne~Ln91n}~f
z2k1FLv@JkI2Kxf^E%1;UAOgM|V5SGs@IVcx{(?YlO(3fX)DGgZ5~$q^WVu0FQ4m`a
zl*VR;u+zc%)DSi{L;+kHqMr(3n?fR=Y3DoaH*mfJ{d~cFUBZPxsg*#5xyQ)x2m38-
z8m;mj3I6diP|HWQR!EpHMJ@w1A?dSa=oe}iC3ar|Wx-a++BTWh$nt5K9r^){koyh$
z4C>`j$`e}Uc|mjiG1m*zNds_&^)xzef&3F-?(^%wRl6JD0YyXPFxANR(puGk&A|qT
zF~LiPnlTYp3%b(i!Jdduk<%8x!HlCkkb&oWl_g$Q<ZWI7d`^GDK1l31Nu!Uqf(kDY
z#RVF4#1qmrOlW>Tn<Ht6Tq>0#ultI+&jE#6NDR{)u|O|$=vN#l+KuD~9okt3yXMeR
zH8xxenys;N&A5Rpkp>d|$x(^&ppTQmes+jm_t0Dc3=`UG3pnAS;j#(LbZFJkQ2S^G
z%mf9y^;Ja!I$sqt&<3@L<8L|Y(N#xuZJUR-7|S`T(Zw$t>-=QETm62FndWihwHY2a
z5X(J!r3Y?Qlv)ov<q00>W!YY%+{+5RPluWB`M+FlQ(#kfTvjf7DOI^IT=ddvLqCs#
z4RB~-<*lFb(riC|qpSCr4PF}JHP3p{t0vN{@QR3C?-c=W^_r)U5zim_CZw>SOlYMG
z)xvNm&4V5|T@_7$IZ|YX6FR(0aAaNA+(Vr>(m)TOkFY0t)z_#MWH&#N-(|miI$+2T
zx@Q=RF>p=_dwz?5QyJKKxxVLOIn$qx+M$q7V^tL}SRD9vbdGZ`mgS`u{^|a(l*f3W
zjQ82^V#Om8B~3xwcETsOgdI>$gN3aH8dNyxj5-@g$DhMg7hh?zQGwVBsW*uckYn8w
zUjP}r*rwOp;I>hF08=v?E};vgKTeU^xF61K@Eha8XGxSM$nb|VT!7v=HCpvOHX6x|
z5JuQqA#%Pg0$Q2-ZOR23yJ>rAmBc_}KbbZ@9vWDLP`PCqMq(t(1w2OxKL@_EAlC`(
zBKZCmm?k&Bg7$H{fjuZ|kKi~efvo3-3lD52Hu~{W#1h}<zo+oef9p4}o+agy#BNK<
z1evAEO0CSM$x5-zHv8b}XBy<QZ-QP97Lz!XUDNO(>Ppt2QHK2#2IZ1NIjqrb$6MgS
zX>OozYD$KaHEPWj!}vJ~Ix>Cb-3%<)Kl#oTKBllp!_R#iACl*W4}1>%Q~A43=e-=m
zSl(7od6V|EEeAC^@l}1*o0Qf|uYZHGdVwX6ud?V9-=vE_=?DDzH?+HNu(UU|tT)-@
zH?`6?*_<~MpL8&v4~?v4Cc9=`gRgu`v)MWqt(5C9XYyPv0k3kkYDyCaOD@ReR27=c
z=?<8<(oT28E<d{NMx96aar9(Az1WZD`n|%N#`DE4!pAF@)v*(ym}5{(-fcN391De&
z>@-AdmkKP1xU7tnFhZ_zJk@AF(3G`U&!JT32ThBKo_3X?w1FQB!@V3k)(d`Yi8o+d
zD876S`33wvs6gkK(3GaR0fAMp?F@i@ACx6U;0r@yAk+(S^ZY{EV2cTD1#nKN8|hYt
zcK6k@eP3m_K?50hT{qZd%N~RF*y1@x8i|e=t$P6%>R&*s$mk5P+CZoC_H`M{jteVX
zI1b*&Y_pydR=L12N`?;%$+O%=Y4RMjYo4wFF4HfddNW*Zz)M|d0meCp+t1x(!5Jo)
z-h7`qYE|*!^KwzU;}0^Ld)}ETsVndqc!@jQ+^jgy`NI|sO2xF;IhEDn>*cz7y#<t_
zaA~Kte(DT=s_=s{E?o4eDgM~1&I8`nLf?U}nzztL`%{{~yx5<O^_TPf*(`qr@M?c~
zi$B}tFCX$}2mOEa!+GJqo2eVY;)LrA<Y{#-5wRoS<l}9RN2|GG^uRSLyh8Ii+#tyt
zRl4J=Yo;0u@!VWhU!}r82V>`Z#|764I7=+@84>QLIa9I;-|4XlvytwgSypaN2Igj_
z11t<wC|i*W9h9eV7Reb^D|gUMRfmU>L5{DVybqr^$oGuJoyP5(6t1mnlhbAR4FGQy
z_0m&iYLtHCt3x=p0=^w+$L%y&)-FMFP3AY6`F8!D9SY$%Ecw_#C)+6&aeb#r0vI_e
zl)|CjJlF!Jqly)_jmeO%-eofG-Nk|o@zgd!zRk6jwMY1HfJLsdutJLltI|c5W{S*L
zzPgslAQZQ-H+|*2%DTV*xQO!tFXA*LV^Fd56#@2dQxPCjp+5nM)KP)qGrGkV2JQ^(
z8nd3s9Ag6KC{BnY4hhOyD1`}}eBy2K&9l2K_=E}5S4iBzyi#|Ye4bUCm}k4t`stFI
zWzu{p9sRgeajrLMlX4623g>LL!lc25TImlW4l1p*+t2yHpN{*1vjM*!>H&XB^>Rg;
zIsW=glUDfaXZ`7rzdYPz7yRX${;bho0i12hQ%yF<loy+9q4^K<ED9$Nbc8H2uC$q!
zBMuxq`Wc2hZ8i7PbkSuFaYL(*%RRV{;{U1s`rjI3Zu{0%%!HB$lW`Bl$3Y;^S|UK;
z@C+@~=KqD>8RSU)M0mYA&*U4B*x_Rd7Kog}q4l-P;=Y85X4R{$Y>BmXa|!?HJ&xZ|
zoAuHDKe(f!yk?y-z|Y*3gRyDyjZ=MOr4v@qDDL1{1pL6-laDp{^?RA~3`Eedr-sXH
zeAUAOgWl#7wJD9+PW_rX%AZjmc@=kw?byhfG*1^D)<qOu#G1coQ_5917sINC2ufM1
zg27&kd<UueZWTlmq&`0V?iW?qp8kmQs_{J$NNhJeB`$pN&&juNzg)#@#AMudQ=g58
z4fHkU!18Ml)bseTrbU65{kc~65i4!5YP+lq9FIJaHCmM!BFhjJz+=T`v14N{?i}yS
z&{FwCUc|Qpwa5Y`M!C>}9Y?*wt!iX!6B%62i8F)W!%;^_uXhOYNdZy@d4g|im||hY
z7MP?$AyB))E!&@V2io{Y_U>JL%i9L;|JrODt+oCRBw4;FpM_*fluz2|ps0?MaJiL7
zNz@>MFEZDrz*FaXn^I+CAl1?(cEP5kN+8%cJVBC=abMt$GZI@bfpUFjo`as1AQf}C
z>EGMQhp_*`*tN#-1Dc=dXQ8_)Ok>!v=U7TGoCob1P-pB>zC8~1KPfg79vbp&@&X$x
zv^CEXjK4|G6Fnb^9)0I6?DQ-F{dR<lqYxJk_Z=`OwV3d7e#gSKiw24>LrR%yivXt3
z2I|3=ZV+@%Lw0dqRg2XInC{9-u%~SDUW4XJMv(!w_q&|sWXy&m9vP+FlMSREW`7A6
zF}ntEkG&IU6@`PVRk?<<wdAY((l1{(sMu+g0q;cTopWjcck7;kE;_46Y%*x1VXlQ6
zAp_=Vye|K1`_}*D-U|J{ZgvP32D0!CaN^A5m2jfS<oyg{>*k?BTksjA>B4M_Jfb@c
z8;v{N2y5bWHyA8KLxifO4~x2jgLg&23FW7b>`o;fxxO3jb<mHY;r?=2ciQf+%<4}2
z{2PGT9O%09673Hx!YHN&f4#LU-3%@PHBlJuy7v+-4d17OR85v|y+q@ZAwQ&(&&$By
zd|t*|51;3n1sNS9k!NYgNaT6ABR7!G?yPU`Mt3^vi@VW?E|KR@dKZ0iH>&Ak0^abV
zo(A|u{a9D3dl84#qZiFFT`A`!|9M?$!ApMxx4Nq`y(?SLRa@Vc)peC0bY(-jY1!S_
z)Nb;;Zft2crMw&4*-bmzja}@f)O2U}yUByQvoYPZ{O+u%drM%pb#Lx4%-0YahL#Q!
zjB^f}B!Ec?M^(mA2W&AmVo~t<(R|NX%<mbT%s@ZmPVq4e#RqVsm?6)M!2c;O-O2{y
z3!J~5)DvU!Zcb0oQ7t$1qz88A{vI?;iNJDFWPmkbOT3J)Y;q5w)edK44?5}qXE9xq
z0Tyf8(U)n3#uZZ!>duQjs9wjL!wnf=iJ={Qnbx@z$MvLjo_1M1>6`~vgf!4UWJ6Dy
z>c1B7(Ew)-zWEb?9LERB09S&ugRu{mQI|czn^0&@XiFr|XyshngC?{>!u73WfM;51
zhr83pHcD|1=)?w=_n<{>K{w8f3;;N`opXH;n#Nu0Rko7>Hnh`Dbf>CVWo{1|9v85&
z2MtPa9_&F`32o8O2{OPV30lF+@DeB^vM6ymO0G+aSk{w<Cr6a_qy@=bn6|gQ3Cz9r
zCNT9KTv<J+>N(flS7_GruIyJR^##}QSLo0St}U-%rn%<7LZdpl9=uHFI=N21OpTph
zE9yyAonJ%Cj&*UZdzs2!bj^C1cE0%9?4FeOQUqE#tgEZBJI(HD@)mb<{Xguz1$Z3S
z)jxdC%-)&VyE{9(E3LGWK{PTZslyIAmgCqmC34J8nueRSdE1neHei{VnMr0w8Dh%}
zF;ncAWoBk4`hIs-=s48A{|}z8dY;wZJ#%?396raZvk}kN>R*#ht{zxXovp4ec2=iT
z)y2)~)H+S{N~1|>VnG_MNE6%A=y;mAmPUDLqI(S*SVN4jK{IQJoEo&ghS*bsj?@sB
zYtY>qqRR`^?*%dT1sd_f8jL9aM3;KK@w)K_D`nJT<*ip)1Kyba80<roS<FISuBp%9
zKOZ_e_?T-2*sSwV$uZT;5^yu{KN15q5i{ki3-s_&ZXR%hFVYb?ZfWLKH*2q-NBXKE
zItyIX{D5Ft?q?w<c8havy5SaW1oakTxS$C_EE6<Kq(H2BP54K7sGX+}36lHZX{qM^
zI`2#DZD9YAwT}BJfqCN@D`!-thYGhA`V8G9odaWwGoXW!RGqOmjqULH4VT;mH)qB*
zqAp5sJXE!cF8qSMRRy;Ce}h>$>^zbSXG^vx{n9{737;^GVh1?RWJcUmUdFh9a10+$
z9&BXjH(30L{3Y!hin@ooaHi(#Qy2rJ`ct?KbVe1UCnAX{MXg5SQ^A%WN<n649b{1&
zT$#E|__mni`UL!5{`Neb_0){DI@_Wd;E?Rrz$ovgi$OY#(ZzI~7U-qF#^tVCqYY|n
zq!tax@q6LpAcmr(735elZi5j+9A0Y<K!XbkstRv|usZ4!cU9`=@=rpfYM1|_i*~vS
zJBau4!}#D(ESaH-6ktwNmY{_bY8dG}^<g=e@VoFC-zV>sx3QSW+Y!<Q0x2F@od4gr
z7qK3oes@qVE8rj3$b#BhTcvOi&U*UakkzFAeEOmUJrL<1Cb=EGAt%`af_t@SlAZqj
zKT0zsF==l<%w<gGaG?zBD%WKX<*XwQ0x*~Z(UpC~nBv6KEag!rT>-)wuthave>5AS
z^#Xl4CAf^>z~@{PDA765;Z4zClSkx#CCgpm;Bjzcb~L-gVI0SL2j|n=Xtqw4>lq!M
z6wM|?J9H`Ry^c`qDUG_Q4K8Z5TOEN7SPT!wygm}WvA}1_7BU>!Te0o!^!X|6ZT5W4
z$hi?NUwShqIE>iE!9=)A_%WATt9hZFm~$RLa~ke>18^-dSq&^v*)lcms7l`yBa$!|
zF)5{CiZPaKFc%Ox0OUm*<sZ&GAtKX5*t8go(rCKQ)~Vj38k7;F5zAP3jn*NKwY%Z8
z(8UCu2I~(M9}~{k$_D(Ux0I&XZ-QGa`z_BhiMoBM1ku=L>Coe(;<?A{LypzY#$txX
zs$q0`v0BP`Pr!h&=f5Ot6R{1b2=xWXWUn&zYG?q_M}^JH_xq&wCVNiKmDHb+u5Jdn
zL~9Q;?5-E$L8YLthm%d=d!#`LZu!MfrG=)o0*<va-_L2kWiLeP@WW6DOfJ&1B)$2b
zY#Z;)C(X2?a`0q3g^@&DimO!c24o({9HaPAg*`2xpj0y#8KJ(7-#JPcfTIdOQ>2><
zS?&uqIPAYokmku^uw?%gtpH~n%h2~_+FN}*;K&sC;gNPri1*Y>gGT}Xbq;HOiAT-i
z!J8bHr@x1Wwdv`oA(~3zNiFB6a4o^#=<gO0nAG1wp<9JcK?2fS<&o;l!K>Qe*_*fk
z@`ga;cQKq2;I#}_IrQ-%V~{#<Lya=0fY#mep3{2bJ1gcv`Ey&$GA#T)_4rX-)&uLU
z2Z5LS>&Gr!fK~kKGhx!a=1);F&`Os-o4b&E|DR3yEAy{2TrwQXq)*K8sDJ(^ShuY0
zXT4PU>tH5@uA=<W)^x%FeAS*t*`V7eQM9c0&=krQ-LE3J&3sxeP;NPuksa!?f<g%J
z!G^4)MEQHsO2`ASt=GV013%lZrFZ4y9{VXc2;ZajOWu3O1Jq3ZI(UE%<E7;sqRR4T
zr^6IP5D_-yFuexJ|6!V;$e-hnQZ4ZKkJ5|s*S=$vMg5SNiZCtvFq|BG&&2oX6ZDpZ
zZ#XGg$xBXA6ZxypX~-kk!P69yzvi5QBm;R@Bc#d-d~d<G{Qb=t3QxiJ4Lq0d;b$Xt
zPk;f1ta~9sru4!0y0ZlC{VhCQh{3fv2gkCQ8yP@lJHAJrBU8espCiBgz3dzX_Mz1s
z$Tu0^$B<7>#@TaJUiM}hl#p`H6Cv=4IpYG+LVRz)_bz;&#P<z+ce+UQ<wY_#<GcSQ
zGP5p0mj~7w>n{^!T_JA=?1-6Hpyylsyz44aA+`<6XPe8IS&_bR^}|tm!L47cKm$FG
zwW~<CJo=&vw8-S!Do|&Cuv0~v6bN>xNIQbT^MFJLw^X2oq2PiFbUY?FAEm-y>d2ax
z;O|m_dL+)p%2}CWuBu31+4_zOw9Rf0$nNr9K#rF;(ZIFx(PJtU+pEyW^6|zjO3Jt*
zYaf2oQKqk|ci?P@+7*i?0uN5pO|Xi_2p^b4GsQHg0QOWFm=sF0!mnu`hx3k_2ROvP
zCep3>p9;!$AUm7|-C7Dw53`-z_%0R-U0^NE)<Q^*)`Q=~vNO6sdLTqhfWSck1oG~B
z3u0j=SRPAJ_>r98DT6F+y#BMXaGqzajb(SeQAmGlJqY-Ys9&M>Hqnyky%G}!yjyHE
z;A3K=QRVzti8?vwiQHcsRc$$3=BquNVMw?qOVOa7Gg+w{8E><E9!qe67n-<})$v~T
zm0klUr{M==y<y<$YYV+IFYE4}g<5h%unodGdQ3oid%)P7;Hik@c29YfyzAjeXL_aP
z1nj<5I->sSTfV+EqSc72YFB&@^+|L8sZqRFE5rti8Y24`W46VUL9y0u!0yHwd6|ga
z6%Q|hET=r*k4Gabn8)zwQf2>sd}Tg>#mg={$cKHw##PxW_J76>K4&iaOq$sty+6&r
z_cL~@hMD^rYyX1OxfoN^zw|SB%9X2dZ5?yLXKZ7AbN**+@Js#<sPCJX_~kEHuUCvt
zXm`*nSI}<PH_Q=VAV?{n4$#pz&7GgK?Qi==A@kw4!A=_Rj(_?WZ2UXG*x9)Ef|EXH
z(|;S?_H)+$gLAa@3zqYHr@Q+<9OuHX+y8h!7t5~oCx7pauWvtjT>e`7&r<T&$$vg1
ze+~IpSpLfXm(>gH9r~Ab4lP~%*OL-B<I}L5mi3>8JK^i-r(xOU?>-HW|AGzttjw36
zvE`qcJ3gb!pP75xz%|C_=9tf^@8_N#?TDs+Zf^RV&VF82{+RWJx$Fx%^o6+sAuPtW
zB6DjixKF{ie0UMxtuu-GN>e|4ugWCrCceia<b}+CtTm89R6ie))nqfn+eXSwZcD!}
z*!oyo%V>pGr{Ak=dz6{ok{yX2LHMyR#$4W#or*c<hXQc<(AO>D$9ovAx{ePGq&+R!
zh)0Y=E!p@-_IaRQP|a-fD!X3II@Xf4dw#bL-d`>MftKuCt&5Pw?SI+q(vsz6gwC~K
zeH+5fIUC>Pkz=p28BHG_{3<)$G>mkIW?`hWo5}QXC*7v`gGkS9{xIOjo8$Iv*CLEQ
zjA#*F*pe-15k?obw+PQhuUf2e4uObH<q9;o!r%)9T*OO8@n{hPTK1?gt_wO_Op8{o
zbMQG6c?L_xMcUH%klreGuj5%Dk-x`M>q*mc%;d*~4<(%pFUJ_<9z8fHolSwcema<j
zyl*<xJ@+O-5K_tLQk$)+Y;CR0?ml4Msm=O66pfryAF^_5Bb-m*TrGC^Ve3LI*0XA8
zN-cKg`OxxO?B<K%_O)5>TH%$o*s<E?)!Ou3ZL?cCjZ5dt(`j;gNqPfxm0zAhsT|VU
z*@!wzw5SL%ap<lT09jQI-LVabU`4dGh}_3Jf0RM%7$46u!OpooTLtSYJYNbnLI6BL
zaDb-^4)8p|0bV3<naXnrdj?3}^it-;>g;-%z}V_=9clKg4%foL&1r08(k{H;>#4?o
zH1=I;Ca~|khf~{t6Y_|6Kk_{4y-=O?d^~Yb8oTtk*$&L7C(KRN*|{ff;1wQy%A8i6
z-Fnu8dTu?plqRIHZO@0ltIp0oZ{B&H-FjYfn4CT&<75POry7GaNHawzjSb*N2Mx+#
z;s$5SI22Bud?K2625SJH$Zvl>O(DHKPu5b9N8)KWbkDpPuq%Q?W7u6^Xg~~nn?RX@
zT?r*;$FNl~=Drx(7E|>8;iIDi%n)>#LG(m7Feh+WhbE>H{LQkt@(y*{leBLfzpk*d
zP!VV2RX$IpDMd*BkLwJeY%M8Gt~Uv_f#e(^NzUYAd$#1*B(Lx>{sH^g8YTVgBo$<o
z<NncgUXfB`4bTFOIhbHA@Qz0~{_?WP0_$Wi8Nf4+6k9iPOh4W)@WsKWnHrzGH6CX0
zShSd*&_Df<fOMvRVHd-3q(tnUR}`5$c#mW!RqYaI=T+z@M&=IwHR6ni3NQiG;bZSH
z_FnpF;6IX;;MD77pkQ9{{Eqz^STyoP{OUyLM=xu{SR>Cz>~+u(c;;t0XeURlct&NX
z@@bdkU-wcF@a(*TyMCqG1j#|Jc9`$s{1K$La1cUH*@xLeKo?>*RJNSZW?$tIBv&gh
zfcvcakQ|_bJlU+4LGr9r@`;o)S#8E@>p1vdLJJX?RSDX{>>~}z%72%JHcr1wTP<1T
znoc^FNu7v3aLXmzGJ3<)F}0Sn;?OofMUOhP;eKS_uf!eZhz6q1hO22c7gdhrfv-5*
z#Kkw9j&jjjqw~d0pPao=fsI1hQA*qp&h9AsIT!oJ6+n1^j$HKRG@OgYpl*wm!n`7o
z4)FTf!h@jEOT_!QSUuJ-FWc*}rg>RkFCXD$gS=^xae5ha#9EsFWWTK}$MYgAuZQBL
z3{|ZGI%r{OS~f<rI)dq?S?8ofcJThUX`T@X&!yp1I<9dfFKQN~Sb5s>#n(9AeO2u(
zRxL7z0fdT%zKKh{qQU33RBDd254jH}VlpLfM$l2|*8=^o&9b4{kzMAY*+~dP6CRbs
zI+nGDCb6Mq14z#*8|;(F)|IuoC$jxzD{o3<ofE=m64=-T>u3TZwDM_*EH^=l(q&y`
zVJrv!m(o>fE!a)IPiYGi5VwUN7u}$PojiWl24_nfEj(WXUn51%12hgcAa1XBcypLG
zVtL{;Gqakqvs^;H(L>#uK{;g<O7-+5cW4ehxlB6U3~{ML-!_A=q&={sJ4xo*W^75a
zd9oR6m0})m#<r)1HZ*11%XvCAXZy<s=Qm{&D#VU&!j@KmVGCR)#g1&kx;|*PZo+0f
zh*f;$!S=Mj32Rj)e7O;uT_rrQ3Hz#wT=eZ8iP_qi4S8fN2DbFE(s=saW4^u3;a1Y@
z)R=939Q%<ideVEN5nJ=*0dz5|n)hNOHnZBB;JZBUJ>Q58e_rauT(16T+r}&_Ef=Hf
z@M3sJbJn>QAJd5SsPzF%_-cjkG-Lg0$98YdX4a0yptsfLt(&vMwPR;AXW!N~k?xV6
zjP$(p@D7YEJvhA?JDnc9)0Ab_iA8!?9dk!hHoZ<PAfxJfQSq$0p5sl~WhdRLK1aHD
z{qid@s`~cX#%w}^?$o_8oA(lkyw)!V4>w}NGK|fQSXRc<p!za)5juPJl@K7?8r5Il
zm@YIHcN$Z>CZbmpTGPbb)r3wpH3zq#rOmt>o6)G|Vq<f<-dsZ3v?y^;%X3FE$vcuY
z2u}YAM}u4^gUH1F0f#sc*<K?l+#cbYsI-$Frr$1HCr4232qi)8*;XDjDCc?WQ)qJ>
zAV&)azm3O@->~PN%wJdCkiQ#g5O4IM7v;JNkf<VXAH1n`D8c{u0eBug3>Sac3#83K
zOk?^~3e)v07d(N0PRv&IQ7*Pr1ylcys*iE8)-D{dku~k@M`8i2&k4AO>?hVZ5^cx=
z6Ti1JW=CgsD1bvrKVpJkJ^|^k6#bY9f9sM~Yvt-l-<qt4#@CyW2isFjwpvRC<P6w7
zY?~f~<VhV|r4>dqBsaTbcA0Rx9GGUZQyxCTWUamSFcXT{-u^!7>MOjhBmH?iumV&I
zS!<>Lo+JlmR1Unxo|Qb5Jc?#Gy{pFTA<1uB4=f+r2NE8~aGuokE`mc#H{^<06hv}9
zIQq`GrA;G)kt9CBGuX`Bz6ilQ2a9;RX7AL%q8CRsx}rf-j=t5x1;<qcPmM6S^nEIf
zi7aS{<SP9z3pZ3xS1G(J)_uH3_&)aWg+yfxSmdP2S^UE3fz!vpw?1Qh3~LwT1rpOM
zCM~~j@DV(LVn%t`Mbgg;Xbr@4@vxyT{j6YPT<9(9?h%7MG}a@sJv7ZztU-q#m<%65
zRg70zRZvZT;D3WNWj-8aMiGYTv<;;pbY?H4>@ceR%4K)t?1C!;J#g^PYWhfGA4^rG
z6~xyQY~;!n^c-^=^R|Dw3h{}K8xEdna5>*nUXRQxaI$sezT}p=8W28>Qg}xJ%~PY5
zU^#{#@qBK$U)UySp#W77nF-WqJgL9Us$oA%UD;nJ3U~_r(;GK{zN+Q|!7jk-jR3+X
zAqW!GMX=$9eMCU1z6>C3-S$QS{WTlLdPm*XH8;EI7HtLf6k@2LaYD=zv_*)0g1!;y
z#oH|MJB+vjHLWJBx&8tDrf4$JFE6XbSS|g}tby#?_kWkkQR9YyP3RIpX1lp=VnW+#
zL8J$0iTUpmetcMS#+pmj|M!gPaIDoBZnufAleifNN9W`{@5OjU|D3gmwCB$kKWW%y
z-STaJ?gtCt0><44kGUGyjgkj}KlJxks}*zZdu-I3=FIolv^S+7JNs=v(re$A#uzu=
zwP(M_hP@XAWcqv9HqN_`YU%x)y$3oWlMqdey57^jq?dH?z(3a)Dr^$z+0wDC4yVu^
z6@3okDJvLVq-`(5IrgIdCsyBiufTDiRo`Ks@<CE|S@`lJdBxvt?2N$@SCxHe3oi}C
zz<<R@^s;f)N>a3oRqoqFHq-hRJ)ag-E+w-WK~#M=sPuv@QgrAxjJ`rLV8iNIeldaV
z3iBNauu)L@C$cZ&l>td?X}sii-z}xBOT-0iEKXo~rDLw!2rL-0)n;?cm|bnQri|Ia
zMkoj`;HS%k+u6`xwN56nA!V(N2qsZBWn2pEYR%qB>~h)Y&cHVkf@pDQg4s8bO-``7
zCbF*+%u@+;CBbZ$NaGXv@<iI5$gd~T)Fi$-iMAwJhm)v7GS5w>Dam|qGIdYkBT{Hy
ziuf*tj@aUYP3LT2!TEbbo*(tqzp<{wCrE!@#V#l(9>xRebMSNiYibx(Pz3V_9{vMr
zWA-8MMD(Y^sg`G#&G3@&X|JqsBQ)?~WtH?8XyM0Nw|US_JB!R5QO_^TFY!rf2XRUD
zLz5@dH43vmn%nC&wwjj*H<#OsG`!Ks83Vnmk335uK_U)mQcuOR5dT%rT>N)=phL3I
z#c?97b@4WwZFgx<Qak9<u0zYxg@dRIH~MiJ!HtQW*73k#jSll)jnb%R(Mc`Wk(9M;
zz$)6Ht))yi{K|%)HEEcA+^{_0Fa<qfgaK~rerU0qW)&N`EIU-C0qOz1nHD!-Q}uqB
zwdL;en;NiF(!b&?5t`Hh{;T8KH(<NW4X&m2*!3vmMjcr28Ax}F4YjJrR>sC7)4_0!
z!}VF4_|WRQY+-yn(w$3(X4PYvWr9=cvgu{YjIYZkCj|%BVcU{o+SFlvlY_`}D>=9f
zJcksS|7$xmrw(gfE&=KB<wGOtu+bGv)I6s`X+S1a4E9WC$11r|=lM$KF#UTU@*IVO
z?<YMM>#_MymA+V;eOZlnOlNDV`C6s3oz+BcI-B=A$G8?f|7TEp)ysFO%eJMJKb_9@
zybukQ_H!=)WjI<h8s&Gs7`+$uz9@&=u~vBucWtfmgX*z$wWGJxVFznlS?R1#x_P$&
zO-MHvrqjA~b8kAG10<bB*OBn~b<A~jXnUOmq;J>p?x;uI>zX6$(ww^T>8843e_cA^
zI1_JEPxP)wL+hE7>(TOhCUPFAcb<@GYXkF813KNnK>Bin!UI~~8;RQMtQ>Bhh}?fL
z7M$a^8>qO*A^0gM%<P;i(ChrjGftIxx~Vd3-zXJU5|U`_sTzZ&3SR&YS(X%$`KVXQ
z*Onp2GSWc$t-%s!h-LmQ(Uszrqc5V0-kI2wy^&Y;N0x(F3Lkr*3O@<hpF>muU-VhU
zsz*Mo(f-P(tu**{+k~QrTy}qrwdFw1zUE<&)mM334;i^zOx0*ik&>O$hP1nYjv_wV
z0z~pu+;EiLLG>U#N3{?De64Ch#q+#sL#i~<WkUmNn@b#U(Mgwa*+q9<q9do?+#17a
z6t7b3`~Yu_fyk?DH)M^)`}BIzEIRk|A@a-+(1_yg1W-TE2*D<~_yspCnmogB%WIw?
zxU+S8kDK)|z=Atq*f?KWyMd0ac8hIp+UFK0-E`S4zH?JYA^Hj$Ey}DDw6uuDmp261
z(qQVZJg_{-mMe!bGh<x)XhaY+rZzapCTeehde`l(LDtLAkY|7a;R|ao3}l%pQl;Il
z=W(Pjd2#@sY5EQ!@~mlY2(WYJTcGxRVI)uZEP(I&Ok~{W_n_XZep%VLfPDk8Yy;&k
z1nG7_v=36x;PXiD2#S+IIuI;G2l4)ZJ5)?=z%q=tsCn^ulKx2F1JlF$2m2>{!ho?<
z^i-}7_$(Ntl<MRHnV$^Ye2<DVzpKkT*hOPq#yl5Ixd)H@g#OGvW9+jeaQ=o<7Yu5m
zB5uK|M$vW{U}VVjCRf?{Zp@HOPt`!KchK#@h?gieB|8~b2REAr#0fEP43X=m<A%6w
zP%Ae_y0csF<ECM5F~d#c-46q@`=0agajMeAbzFf%(@UCc{jP4$cC+sc-cGtW6@A?_
z-0hv>rg?6$Ui#1|8g1T?Khf_#G)@6|Qz}7@I9iqIj;<gU(JGe)$ZeMoi)c9)fUnXl
zAaeUP0mykxAkREK{;r$l8c|4Rx@G<WZjPMW+%`CzJ;n2bJhVfITtNp!jlxwd=ePyf
zJwvcRhA2<0*THPmvUSX{1-093mmBHj+?uSj?c73)=$kwlb_z4JWT@tTtr>?kXxtjt
zH1H~nPCE6`t+6_dhL_kv^d0qshUle~n~ry=fIBuzHIQ7WV#&92*(+d7?lKn3NFL%F
z7i}qeolZG~QG||?f;Y`tt01G#sCKqXY7Ieed67%(l6uSHs*6q+FLy|C^_m-3OTz@>
zp$#z1RAqXoD;BPNpw)G!6kDjf&z3?YX937?BkEu&FfSyelaP>QBGjW4Bt_v~rNP&E
z2i8U23P`T?>2nYn#wU57+bwN;JVF(Rx1&(N>;PXt0XLdj7vN}WQviZ}glSG34x7_x
z-#U1ah(3T)vtu;m*&HMD%!n%wcQ~iw%I}3Yp?C|N#2xYa{&+eOZ%Q8#@gMXlLl;WL
zbuLYPOTUQpfzswV_^~PdtAeR@cuT#Na)`5*t^6JvU$yokW-+24b8HhV<@qj|T<XH*
zHIv&oIuG!;Tb$ZxVt_{7?l~hrptrM>C$_p_qyb?rd<a$P4~1s_VSDMw!$5kb_6(k$
z)qVq-R<{?yRj(nz6ATXURQP`avS4SqVRjaO+)WeQVvd`ZIE#FT+W=%=v89eRfwle*
z1Mv>lDwRN%U`-%B&=p)H*iM%QNGI-_A`n$a0KQwZ27|q%2|!xu2J)=d<2&K-G@_91
z?w0w-x;b(lbldv`Y;v9(>!E`}oD+2Fp0y5}lRh*~d18e$f4qZ{e(id!qYoZ6JRs8-
zYt>Ghh<L9decmvT=Q{NF*)g{bJL>r!4H?&YIKW#xfr%!|^T>?7yb?a%E8$bTAhr*C
z?Eya4!L&fV4>YYsu*fs5%_f~QD}3Xl!9Fq0M>Bi^UPV{?1Rz_AD0xQ*{!IhSw5dw!
z4wwL`GJRPME{DSamj=igmwzS<gt!1?GmjnV#*7H$X={W4$ueY~MFt1tI?gbZazA(n
zXP8@Db<;(6$$gJ|K3~7jXr;1|Bza-qD0Vw}4~xmtipLnM(%|B;*M_VmS^>wDrTPb8
z2pmGtnuD&tVmoj<D*)X+9{?M)7ni{xR2N9E)B|k;2+$Gi<Ofs3MEaN!I0DklEuUt&
z`DD0P02vx!bHvMlkMr;$U|@R6-L=?Ok3jmirz~<#@$!vu*5H*nmwSH)Jt;HpoW(Zy
zVh+fF5CZ9J%f`dQR@D^&n(gNc{j}1rBfZnl_xb6#|2d>51jOP1%?cD=Ope^Z&!1o+
zP<784FVl;~&tuqm3?&O3lc{7ua=nbKZA4p2(iT640|2!GuSw!f?I;SN*g7c2*eF;U
zKHWVEp-W_XH`kWn9@RX6?ACmHgW&(xL3+9lu@*E<Yo7>0ci9cdRl$+}golq0V%-In
zVYa;j=~Z6&biT=t1Xw4(eKW{r`>laNw$d-7t$*XUHwIX{fIT_DrUk@8X^5{6i=r(7
zu`fWaf>tl*o(AMjP;`i*UQq(+AyLqvi4azWI9h}rih+gCdgWso5KBfTTwfALb9_`8
z*>1QN(k~cnGB?J!fu8B-4A#Riy32*BpMeh>Hy`SzNp3#VO-tQ;lbcqSJR6|9^h9ug
z%F@ST63$W}Q-yPb09;jFQ{sB6)Ll&}=$`aH@*-US0y8D+8wmDj1rFX^)mSaqe9ZtO
zXsISS?(^NoETr9khYw_7EETj)7~2J16=oL?WfpOU9K9*{D}!~Smml`QWY#|JLm(1h
z6sLTmgGE<-AowFw<E)()?}O>~eXTi(b3dlP!JdimC-QOL?&znyZ?R_HwAxB8fH6uz
zu)yMLt_3yjO%rKo81FafPAuzehBn8ttG+MR<A2cZ7G?vZR!Hh4#yS?u&c;}CpnDM$
zM9yBZ!7Qm`Ay&lFwpei>mQKcstFd%B7L;WE+m!f!90Tv6vA><d-jVZ*IFf@E#E~rQ
zgwsEd@f3@~S(eV5Q4uMDzQaEds0QhuaGC3@o85+0i<>Rb4Wz#`>>PRi+q>LsmfM>t
zXoXvBcGDiWIOe7cZUc}TMQ<8&<j>ddh?)u4rf@2S`lT-MM7*(yiUk9!g^C5Gz)gyU
zXg&Lt#A4%!?5&F+GB4J#?lfd=>sq-D*}%FF?`+66)qQAtLzY?Z;o%M0{CeSb4cU%*
z)};(~vR(k`@9I5#GlR{k|IqaecB1~n7c$s44Gh$9qJh;ngWYNH@caxm^ChcW23z$~
z;`Nu=iI=PkFSC&^^C1~*{L2pw%3xo=Y@K|W-Fn$*pFzVj%o!Q9FvC2YL7OwolNr>p
zp*f%-jcRDFYDn`Mnj0F@v4-Z=hV)%Sv)?P!<(0yTcGd#+47=k7zu6tTBgA?O=q<tl
z;b@K@+x$RvSm#i9Nr;UNg#lR>5*tJGbx52E(czLl6Xd)_a5!r>oYX27lpS*vYpX(=
zi_cpg+|(X%`F4T>;W~?Dv>%$}__0Z}SXQ2m_egu%alU4NjI_+z<yfv2oK_BY#r_WE
z*df2v-WeYB-z^8eQs`_s_GOfXC@veKZ~^2*8{5mVyl7)ZIW{X4Je0~-hK3;f!I-Em
zsqAu08&rHP>>GeQab>5avSIPjBU0JS_@00-D;>QomF+A&87zoaDamunvxO<i<IA(d
zDb})b>{^Pov>fYXTMNsv8Fq4ZId;NMo>Go=Ne!a5VX50tgTr&gmg^6?PMHiq#MT~y
zN>Fv?As@K;QsZl*VVpBrccI-dp$PCD^7S??#4#FUT9bTijcNDwu>n3Y#z#|q))F7B
z^@%+`+UA3BwP63q_>9uFWw^^iWZ~&93#tG)uINK9SPSCNbk?-wo_$FM%oA4S^Wh(3
zGd)1UJSKb?-SJlH8O?h8%~MfqT#y4YIXD0%mPbV+y*tWk8_iBcfhhTbx+-4M#C1O#
z;?ZwH-0S%p(r`6?6$W6wG^A(x!<YSRogdh>v%Wxgh3scoHSr3i7p=U!A!nscFzb&Q
z>aV8Gc?N#D{DYo>(*te#GtlrTHT4;Izw&231AiK&CO?DdWB$CS*;cF6#AjGnzyHS5
zSe&KWJ;S;M{Mk>lvr(nmJOgysKksR_D*AEMa4BSVc!r&iwYojcvcmeDr`YW<@B0+n
z6c-J6ZX6g2tWBBtwNJA}W&AguV&@aIolmpr$>A<fv;E2bOHZ+xso_pfvxBMr3rJT8
zcR;#=|J+k7t77=tQ*3)hf7hqj&<Da-o?`1C@OOTSoqXU1p^DX2%)?dLohtgms%-Pa
zd~j7Z>k-+NrH_0F#_yvtnf+)(ka>^U81$^iYz%boV>X7^_Hi47oBFtoVeNX{#(?r3
z51n|L4SK>xH<v$QqibiLu+gc$Pul3t!Y6HX<j|8gy3oFAaQ{>6Xw~>OPf^dO<EKAO
zyPy7K?=!Tum}^$~KF8C$`VrWSlYSV^8%aOtg%Yq1yW&-fz84{B6@8Bvp6&Fnz3iN-
z@AN{ET;J}6D^DF)Qa`S5_Ogv!-v|{qP5;V^fUWvESe<M78ZUTnIxNtS>G}%PZ|KWV
zzo9Qh{cinB)bG|8p?<dx4Y;{NpO5;5J{LJX`fMoDdGwiH==AB+y{xmh6&9mIuL}{w
z;>3fLQf%E|lRZ$X4yzq2^VFf5`P^r1CcM#TAntnW8f@B!>DnzFn!?HO2cd^?9URod
zaA<|_JGc%G8+@&shPYFZUgAzD+FR16RGN%&Sqs$6OyWSc=0Pe@Z14HmH0-@;t}y&_
zu6E&(vqydo%+Y6B6-0l6*31~TC-`vd7}g^y42LRHqO21kcxnkCy(`KZ9Ac-V9?A}}
z!O@9rLTqugbvGJ8Z21W3T*c@UqR}BSGenC*Vo!)RhQy%|T?mOgA!-*R#>CKo7%?e^
z=ER7#F|?#ep~l&Zpo3ovc5$&kNImIpDi{TjHCk}fwneoLtMET&T?2OG(nq*pqf$8O
zkvnk~1`a|QeiawGav%-A?KXP}>QKZAip&LO4>HN%AwuMfcjY^h_W~r8_*g*U){@>H
z9=R3%l|svku6$XxG$c{da@gFf!gyyq(uhHg^eXjXXPzH$^cwtd$<vd}i7x14g*r=X
zVjJ&bl4>t-q5n4I?j2o!a`H!F_xUCvWFGK!Iey4?`zY~1<EAP&-q1Jr9Q{WeJh=2E
zaCShW8k^vM4v}|sHeBOyOm|S@(Dd)2TY!wzP2|ke5h|8C74v@L)LZEm&Er6Kr|X?`
zh;Doyq^AVJcLHp6Ab1OCaKJnTHdf%l{C>o|r33xxK{~Fb#iVD-fNx+fICZ^{5<2q)
z^ikrEKLK|z9;9bziAY~EWO|DGxC=i9_ze8$Y;E%4M~AXe_%S+RP%M5ddg7HxJ+V(c
z)mmepWYI+qhc7o2=;VF{EnlY%cXVCsve%!KP0D$RNeSWV`Y@`m3+sNe(!<5}sm+{c
z(x>GjN({m6B-}Y5M)Gy_h28MF%d5e2<wjjX&gelvmK%ORt{DR9O>XZT_}CR3PY;Uq
z%859(&Bu?0*={R`@ML4ay$dcEf~Vz=&Y@%!oE?${w}xbq?lBzjxv}=yICe1B%0l4x
zSgUg!>mRmHhuPwA7*F?vMca5f7Zz>e=!TQ-7H18Qqxo?U0e&G)+=-)GaS*H);L2~(
zYYmN&(q~l)oLSyfWO|$W0z6msbEN|hacKZwadCjNcnE$iFL41#cTE5?Py-L6vu<}b
z*c{#3sk5_s>BR<hGsGZ+1|X(wu`{A<^_tm`q{1D=1i^-CmB&e*L3g!37zF~@qBGx>
z6T8wH4{+GqSmxu@-89?7y69=Rq+1(zlwlq?o{h%yA&!F(yr0U6OKF^k9VF<F!5zd-
z>g@q1<cXdhwp(wn-WBYm2;%u|rvc<I^~kf!5J%ECQ)PE301@yE<xSY#^imr{+Q;*i
z^7$P3JR06iXDe@xR-y2n|6C;a;k*k0aP#|HDRB<9GT06p1IP_U?uSik{5~A9u1poq
zkLKx7c)U)R%gZ?j65m>dZAS0qDDZ;zGGH?HdtXZYV0$!b@vMqQNLyn-G}LcQxTD(Q
z5mOKb)GHx9Opd4fO#irOP?GV;zan5yk7licc4jo281#&aX7hrcp@0WD((8j9>8(NQ
zOccuvS{tKS`zU)3DAFjg8gyoqbu^03M~T}})HYi5jHX%9Vo5YzkB-I}+BsBcI3xQ#
zBpaH*lo;F|0^(#Ku=z$Bgz+9%#4)(xQUmDMDOIMsxj3HocF99(0oN`>vk`7T&gxM<
z+4q$`ndhWW=4t1bkQIKhFNz%v*qc!{=t2HrK~GLJn;PUu&ku5>mj$cA=VT^axT5AL
z>)R+cFUmd&iaSbNkD^x5R<CFp5-r9@)3#`FAex4U?292<9s-S2fE&UGQtd_tOnoLQ
z_I3ep05ZML1wxZuc5$R{xWHyXbm$%g^7N2ff`$qkMCvYK9ussyh&zIAiQ=+L=oKdV
z?;;|h2TQdxRl6n?HyX;<EZ=jbhuSFc7&TLoD)c$(62b=Qq?Ln*nLXMkS9P{ekHO>1
zdcnGXrpzQ-gfK%i68TRk{s}tR>aqQFgw%@d1B*<T*-JWB@Mj_jkrqVyj24ajd0GqS
z{lK8Ji&81LE*VQJc4abFt%39~*CWT0*tag3{)%UuPGSqRQfrb>!wX0c(52?fDx=zV
z7|00$$X20^O9EFT+&huo6mF!mJQ6;^%TdE#uYXZ8J06H$nZRxbYQkD2D3IJ6{mfSh
z>}0sy>I8UEGB+l&1@SWbrTD1BiR@yj5DN7zZD%Eeny?_l-dWnZo5)U;_GBlq?q%%J
ziEKj|`&I(GR)zzzzN~#Bfn6*cm7U1iC3sL<?*tR+Q3*+C<!*xLl1Tj$jW3faD^bi$
zq`X9{XA-SXY5~ZEWHBe1W+gvW@Z$5=ZPgIGCjQSA%9hSUOWn5ELe7!yrG-vfQmYT?
zK6<rrewJzY0Le1^>n#Li@*v&EEuVH2wc!Wgf=2){%FDAYHr;ETMch@dK>CVT!Uvir
zTA5?oJ^k!}DPy8uFs<$uytLUjr6)#vmyhki`uEWVpWew&cO0fgFUuNj(MIcOK>GN_
z2tN(;zf{nD>^tyK$^^kXe%08+adP^1aQNd9{W;sM#4O>^>a7BJrYi{e9+y1<8l>FZ
z$Z0Yca5BA&3#7l|xLXU(ddJ2ld9OMoPA)7sV1_>mq<iSy2|tz^b?~FVyG5Hgmgkla
zrU*aai^U({THF%?c&P_8EH2qit`lK4I_fVI@jqJT>>U$A&dV|O$}rm;TTNCPwx)&I
z%&_<}Ol!j8P?)xcpY0Jx-Qp@2bSSb{{E2UXH#C{vgT-O5$eEZ%&z29h^8g>erMALx
z&r|W^B2Uc4?$p{*XAgLmzu7Hy#LJ(6S8HM364cG3uklb{4|M1X_Pw)5u`!!_uE6k#
zs-2gt!oocoDlPZ#TL$)T4|)dK))Nk7*(c0<jpU&O@lYEzwY6Ka?vaMz<+1_2&S?bD
zY5oX6tF`I_p?P4~!`!&x<9oRYZek!qn&gIzKff2wc~B*B0PXfddrRIN)6^{llAyo-
z1W1C`hB?E_u6W8oVReu<3Yn&OaVp>pG0Fv-v8s>B{s13K4)zm}`+|iJLBOMsE$!D*
z&bZl8-B{^{{=dB%;!C&8v(7D`2l1`j>Mp3ONGskC>BqTDa1n=72Z&gED~ZE74jV4h
z>hIyI3x=^!S?I#W04Y!vQ{_r3Ts^WM;DJ>P&I^DyeNvqQ_9c(Sk4-$WYXFAfM|n<w
zedo1cva!tM8{lr&w9fe1YTrw@r7sd2jOmMhqhpW;1w>YWRs?jU*9V|vQ}n)YzxKfW
z`YmQDf82>dNC$h9u?>EZ5qHRdA5~+30pynh(ouUFCKs1<d#J%i7y_8bM8~=IY(%ar
zs8!Yj|22t0T*Pz9fY;&E<OdP7PkHSKPE%F-A@1g?z65E`0XfAbWTqBGo^6`FQHN7E
z8|U$4UCh_vtwvndX^SrQ>2%ylUo3LQ?DQG(@Z>NK_qG%}$N))Xqqh^a(yigL8}c0k
z*wTxDw=>*54eD+bn_l_OA4(1llsMA6eFWTcKRycUT~BC_Ysz>LkUj1Io}P8bK(n{C
zs2`al@MM#$?k=_q&U01B;tZratACZz5?~NY?OcVo7V7s*P+kLx-&TD@_7(S3Z%Wyy
zVO}IJe4#Rdpy0C9mAn9IF8mYd!1T~!@Hk6zHU{#?G?$(h+K~>6!5q@hN`(Tc4&$uX
zr}TGOb@U4Pyt9-&G~0#XlFvE6J;Rjufk(9~XxBSfX)B{Y4VM7fuhGf}h-J{F@cDRU
z3|$6G8`?p5f1s6Gxq_QrKrQ@Vx^Q-3OgXOjqb^tp1`6M_tS6InSVMG#UV$tJdt5dL
zBb!4O*!F7?XiAC+ib}{lQr42s*8~Mrz}FP8!riTiqX^@p7#&plwm3}&*>`FJhl7e{
z930o*@tFj-DI7>oJE|%<Ov$H+4i+_&H>4v`YkJs%WULPb;WVzl65NJR4r=s5H|(#a
zCJ(%?_kvcBi+^pfTP}VID~HP!zKrvukau&Am4BM^eQ-O?`(s4ybo;0qNUpuu4QKB*
zVyK=q64waGzQt_Gycb`&>4aNckte~kfG-eG9V*&q53qm2)3J^SR#1V1A4xDf;GA!{
zqF;k@iK;^hYO|_eP}wfEuJe9=_`Tyyc?^MIAzV|GOpOgv&7K;xH;lU+M%pl)2HL}C
zY6MgIY>h@}2GZk;DLLVtLBs_9;v9|N5kOFmfZ!~6cS9%^HZ8NHq3A@#SftR*VsAmd
zJJ^G~rs7EbjkJL2s_=<2u1`Y2KqK;Vs4Yr|6Z<us92_pJW~c^~4EMS0iBf)ULrH(C
zX06lNdd)jTr$d@JtI>5$jMfSAJ3!{?V!2KmbbY^0+lw5HI(<ZJpo2<(nytYR=MJ>9
zj@#=rHcu1FHOi41l*R7=Kl>Wf@wJkC2TuBwSlRy{(sTO}T|>DSW)X)k!THjnWtI$}
zDm@KvkuJRox4N_TV_Q?XECp&p7X144RgB>Z4ONnhIwkj2sSmA*#6Ghi0qKPpNkrd^
zknX(yd-NL-JDXKxtfGMO&TA$_>If-{<UU25ROon#HlSBjQa4iS6@dZr?g#>r)mE8}
zX`8Q#uT)xAQf38TUktp`dclqGLH-x{4)67V;K)p(p+J=aH24v%F{_Hx^xc?tME@$>
z;?5dzbEr3$)-qvsPWnWm5ykf=*3geVhwV?if!TS<4LhY~`DZS4geODJhA2KRH?Gr3
z+=4uRiGzE6&BYN;=eWq!=tfbP52qi`@pcNUu^l7sr<fZMSxkAj;B8<Zz`qyP{y8j6
zj??#7a(%!K@F~w<SWO&~e>ZT5d|ouJJgPB3>#o3XKFa{33W%v#4_B&Qur@$G{R$-E
zfuLtq6gvZgDvI3<a-{Qu;ptKEP0Rrq9);B-+mL*yh|;3~!)U9^f>QZu7e^?a3q@Cl
zbG|=k)@OB{bqhRThcaF{<H1@thr(f}&S!a`!o&d?iU_-4^@zYZ4_uF0J3a8$8e9tk
z-V+97tcN?E!o@NV?e>VH9=hofUA@%WTR1eQPo<u9K@3n`3QqPaL9DGz)##&ArxI&K
z&e_+P&9BKk4lCD)u74bf4C_r8CI;t3><&uCKgXRAJB?&8F}#Dz(nY2hNBvd>V&;O)
zD(Btz41bsX%?si@^B(^^g?qD~d{(NcnDf4@di-y=2D}r#r|SyY;y*YvO6QVyH^Jz&
z*j|<6fFcz>Vcc$`ew2TT0~&`-7<|5NPCohmni^ZAn-1?>g+(0cf1?->Bjgr4EhBfK
z)I9!HvARo+hsaWCNb%`J|Dp5Mi$=Sk!<x;F^&H`;irz}(yz=@)3cJ@25^&YRn5?*i
zTakwIxIK8#vP>!^mJty3R@2ui>_wdCKsk*|aDu3MCaTm`wF_rZ_7P{+%h)84ec~+d
zslcX@1{OtYj;z;GK7JiOHeg1@aw!N^k?*8eRcbF?hZMa->}yAVZ4lfovhHAOA+lc4
zgkZn@Ylbq3L*V$0{tBd~#*9RyXH@nr&R|<BFBACD`-voI20gLZh4h7|Pon2vKbLkp
zgAJ?JnE)F9JeVXqpARB=;(2M~wk~a;at^}G7rg5;*wWf{@nBos;KB^nuE9_hKgMMQ
zmt?T)jMtrcf#1jIeFWwEW$H_}z=?Eu4szCmdjT27y?{*SVWd~_Fw(;{V}?fKid2Il
z^7V+bncz}H@X=f&5E@1|5ySh8Zo(b&O+5`v7^6J&giagr*>39OHV3+CwA+Mqf4SS-
z<EG8UWWIR!(WX(Km4*l1R1B<9;1Bdp(c6!-cZ9<zhzAjdYOdyjHr^uL+-%5J*Bd}o
z(cUPdJYvvnGvY_O>5^f#l8SleAW0CJ%iJ`-czaSmAiw`mOhErZNo~;0Lk4IXbFake
zQQs`1e4fFM81d+HYcSTOc*30IrbTWOdYEgA*C%5Y;zY)$>3rZynh96?t#uQA_<QKj
zAbfyc9?16{J${BkgAH?{<70oTL2HUw*8fMxxZfEg!gyWMO=ui;l9L1d8;tR5qdd^J
zj_&wfQgzXE0(hAa!5nfUSQETg7QTf4_xBI?6~nHtY5$J>kH{qYN3p&`AHAQ-z<9-{
zY|rLEFmViliq)31K&Ye^aJ8drxy=#mW{3m}txYp_L`aG4NN?~)6E@2W93aa~I@W}(
zHl;pPD@)tljGeW#sm<ACOX|0G2xjbQ3>lHw+k{<>l3oC3$C!ZhjE()a5gQZUO!zS<
zzV4|;u%Q^E<Hzchx+fa3Q?|^tCN=h0BQ~-8TopggJfID3jHt~075vD0xbBfg?83v{
z(CXbsw53g1>qn)6+P9BsCmX~5@USeg=D9jc8?hPHGC6)6s#$kJBetOSY8QS?sc*uF
zaoS4>nT^=qm-fg`v}&jgXv*3*#KE(>Va&mnto17obZg0GykccFXUkr(2EqvO74t?@
zcK8)*HVg@0F^@E1Z5!3=*_5U=<}eAo+nDcYLPMH-1jyi~=9H$iuPMLSl!i6qYn##8
zX1r5#THKuPZBBQa^Z6}ke+%BeB@JsScDJMpEk*BF=~hdl%d3?6YN5uJJX>)`3GET)
z2X6P2QIFCJUmu=rAzDXUc+^7Jk8to)*e+dUr@#bZqB1=ht{NA)CMAOn&F7`CMM2R$
z1#aCRM*0-kw8@AQI8MdmoN%qNDQrxfh4hlRj?^`oU5l4LvPub5(zmn)$e7a7;yA0U
z=#b2MB*ZR7eF@fx6m~knzM0G>CEACQ+37@keKH%LWY0-vhm&mB&-6_eW0GlpvRIK!
z8<WMJWIB>8E+o^PWYHmomZyk|DYPfWypcl3Q%a0k>Y(TABV3aD2)A(&Uo%X^T-Yr%
z#9}xgq$0x%)7t9;U&G4rv16tUt%RvQvA{<weAW&h9q@_MK04`3Exdpnd=A1sb_j$a
zB6AZYrxAM&kl$>SYQa16EY$*uwL-OasO)Rig5#6Rs`yT&jxK$Wi+U8JY*7}pcT0Vr
zWMk>y5CkOpZs~a;LVLppaPw02j_Z&g8dG&xHoC#D*r6Oj^YdK|dLx(-H*Y(F8yI<Z
z)I=*CMvmr9jUCm3knB03>}if3SfkS^-MFGtKSRtmXoOLO-ALRZ+UI_Wm4*38dE5_8
z0w2+P#nuOWiGSzBg6pMl$W{6)o6x!(Gw$IZ!+Ryp!5T8wkiP?btEa@NU>aR;jiWsD
znsPuQ8}Kv3F~lsFWRb7p+6@g%8m$Ky<yt2|a&!)t!q;^F5QF9#{&8-)VpN>!rlIb_
zw~aXzE%mi3d$Swv31?1A0SlDaxCaQ-NCnG&og(8EZBoiOeFv`hB!BaV@Ie1>c`s>~
z>D>T#M#Zp1v=ad99|s+XRs@|?Btjf%@BVP<M>17`X<c&<4!l1a5Y7JMdAL<4et;+k
z9^Q#Ikb(3L&_u=N=EwOl;+bG87i+K;>&+Q!QeA26_D^Z+HjbpN+h)>dN%LNPh5{>+
z#xk2+XXPttxhkt7=~+DcQpNOWhg7yf(U++}!*ysHc2q%<J2Zg+2P;?=Y3bJtatEBb
zAU7o|0cTrZ)tIXyJc2PzCHQSC=(_Y--5h!pAa+!9gvD;FN3rJ)7)Ea&Jbm!tKDY}y
zgqlX0q4pLuC?&6bt!ZtQ`hNBz@ZEi4y^nVIEQgye@_f|YG6q`I-zu^Hewb$ge6`4S
z(($v0!L}!Tt_&z_lw{t>amsVi3%xt(xG&vkNg2h~y~MvC)&9b2^FOfq*cbogpc&c_
zB1*x=p>W8k<2g7zky64jaEGF@3ltAjf1VN?;8M>kJX6Mdd{Npt+Xqxk$Oq?K&<1mw
zL6Q8wA3vXyC}i=!@);CF+=C6|IV{5y=XbP-1d=#**eeOz+WZq%9~*BN!Kjn63bGcA
zw;Jf57qB5dG(M-l79a16z_a8Q97!Cf*Jg@`f&oIfcXz2n6%A_xI|zjRCZ#&8d{z6D
z$~w4OoRQW5LHYiRMkD97B9%(j7ZGm&W*Ud9RM`2CS3C&OJ*xmyFY0+@y(MYQSosFB
zEO_D{1;J~&s(2=VU8(xVA-;^t;g01PcejOW7H)Od;BrNb&}gz|p4VuLW}eV!e=+XU
z|6)B-Pa_Y<N**^RxLF5H3KToI!;{<)fhIeB7cm~#VI?harU3g4HbJ>q<+)1uN-8WV
zByDzs`*);5-#BVdDkOYsP{l0apO?x;d7`pY*&?e!`&4$$U%PWEn-h@t$j<0e9aGte
zQ1Gq|@qf}uoAro`+G(>{aV8)WN|!orvrDC;w%e?2nQ>@$QrS{RZFZ$>6wF22CrB(R
zCo$9)Dt?Lb2tANwtwQ}tIDgwD+vv#n<OG;JC5O<PL&;XxRCYDlMsJ3t_|cnLDK^^P
zonoWa?^0~EG}g9J`+A$>>1KOX!8k>%xq_H2jr*N>xP@_}@40IDSY<4A*^4>czq&H(
zr$v2LnN85TV;bjq{1Ym(EN|4L%E0mb+bTiMUH4`s)*&itM<q5py2jl~(ES;NbEA7)
z%<W2SdtC55@{~#X2I(?UD=NV~kO@d;Qq1m3Y*kX!vPx`s5{_8bAth#4CH7TH6arHp
zNRh1%ObxZK%%-No$13Yu-kM*T4JnT~m|5ONr*@Xd99%6QLeIKau)eDV+eI5a`>KK;
zJv&svM%$e#+GurFMH?;cu4tq7?<(5p@z_cnc_vp1qQ_rW!mf;rU&Nd61W;bK?94~K
z0v<+hh;s-mb!Z)hK`5M5dt!Jub*qge7rf)#V6b=wz}(e<3xFktEwdXO;4=mX_@eQL
z|C{QM^Q^@CEL_LWL#QUr3(Z_8KRDiE(0>R|PO8_ir1xvqb{&RLo)bEpHKXVKbQ>8L
z=^TI@-O)F~y?oD{h&XdUVroj>tusf3Z5%4r#tqrV6|}Kev$jI@MDrZe*$vr7AKgaA
z1v&>{NnsoJ)G6*6$766h4@NVY7r?@$6G#tJ!)<k_{hdP_qv2>;VjMP}eywq&_i1&|
zH-~>Fb%Tc!pQ_+=m-dr$6)!?8FDt>1m3%g^fAHZ@{uoDcE$&pjHx)WuA|K)y{+i>W
zK1KFc1&n#9>a0+_7Zuu}2*isypcqIWFUb=DKXR+`+A)~>sB5rhuIl_W{1@oM&_sVn
z>${yW20%nwq?9Ic(JJLR#5ljwfNrP3Ae6P>XW+_?Jd+hRR{9ybP7jP#XqsZ=C^WC&
zK$h=A%F|kr2M7No;!sx3CJroPC42%%g&I$5IPOt6f{vb4IJ9Z5IM+g+qAipHAfOq0
zpev%%1y$Su|HqYb%0<&%(HNyGkn5to5PrA{JTFD&H$GbXD|ozr1dsQ3tm+Gl{VQgO
zWUm$7N-`hp%%9{ROWxa5`7osb+lV~F{oRB`16_W{_&a@ARPq<$I}%Te(k4s4XE;rp
zajg5-Fi+Dc&`zP9<n5}^bpnqUE>ena{z&^jj7P!`k)OkrS4DnNVZY@#8s`!Rvk8%v
zCn0E?!m*16tG;6{nyY&Es&q~D!UA@VD-n<#uAkiwa30HegvA1daqtL_(Tqhkf_*3a
zYy7_0d;mX)vkYKDHFd1&dY`~I6&brE0$P|!@*!R*r}S5Vuj0o3vjOo!N8<2?nN6N=
zq{<$4^)Q8l!#!Rxwkrg66r>j^#wuwnU|f(I&V{wf{y1}RTfrQl_;2|(XAVGiVGjB_
zb8rxNs_NV6g7L8zqJm?pcayX;O$21+J#zqG*nZ<RRtkthQW|4#@peRiF`)VIuY2d}
zhiP5Ja)Oo+4g-~+(V^LEtbxuW*Z1nIv*rP$p9V?8axJF4RC^0t1hJ*_Y=f@oA`hmP
zhL~y4Fhc->ILyV?A>M%pjArvuj5&{f0v`vG6FK|tNB806k@E(cjDef@x^#t)I5vxA
z9Gm3A2GK_JEBXa&?DysQte=x2(ArMhMuzrJ*0iRRE)AhE91*Gh71D-VdW##Pd66D3
zoxD3f?xQrwPf~eLx#qF@Uwc-1o)3U30WbS3T)z@Wdhb1J{y{32z!%FRU<UtAIs$}@
zbb@pb#AivTED3M|n_J}E%^8n8BXPIjV~tVZt<Az38>blA@)RmsFmn9{;6V301g?sA
zij?^k4mxrkLyFB7X@P^Fd^J?Tat-sAK^KZxeRBRi2g!zfp^XAji}QQ3lDt`gJu*Zb
z@^@eftn3klN439GBR=u-^NmoFS19mH<m4NIVVtAAihp-JT=9rrQ1#>j>9(4ffS6c@
zwKJA&HzYHvx5pe9W{W(*o?*7pgQIAemrspj9efXr46|&%u|9^a49G&80)K=QImow$
zS(j*gMwkr>*_RNIEo31a`i+p86U*AiSmR^afEcS29KXg`=VI7`7;AG3d@NhXW9VXx
z**ccG##$p|X;Q3M5KAk7gT>SCSo3r&eHUvEE=6C4jrCzV7WQ_IqrP$GxHy^{=iMJi
zC*s7`c*=}7*T+-$cv)&lytz1@_Qsb(smxM|h06<T1G3-G<Q(-R4Z`|s<nD;HYC~!G
zs47Dm^>i7q2cPCLvR$;?WgK$RdKW0`eCi%^T&6p5gy0#Y8n>nLlHEm<j>iDGDT4^f
z`5pq|dJVlXnR?m~jEh+*uzeMI$!tA0=O;tB9K4VW2N*^_8$sjOnqdFN1aBm>ZL$1(
z5<4GWtD@MqrR^&z2=`%cNrpPvdKzG}!->}Z6m~h$T9d-sBw2m&I4O*pW+jEejoOf8
z^-5;@ldLOA?0S;bIhi8drG?32T{7)YHc#8sI>o$X(|{Cfath5&k&yK%Vpj?sN)cyM
zsFkgEvT30$kY}YWpKi6w7YrQZuJG3uV4`nR{V>#><N5>A`!yR3^^=B$^ew{+csm)w
zLf*A+WGhW!G=E;Ty1?g&%lZb&E?f%!mujO34{~)2Sl|`ix(2Ni!&(VLKEoOZtrNrg
zQZl&3c7ygC)_H?&8ltV6y1T6rZkp&8bKTH!dZeIRXbZl6{ytp!MuYu~{gp#PA>Bi>
z=fdDz6Du`Z4(?#V>x<<7XbHSAAey<o9-I!B1rg@gF5|F^F1n2FoNg9--M>6P_ULJ{
z$4T*xvqy0^#k^s_*Vngjl%+tFu0z~>pxDXa?AzEO#BYM^bcoNrsu$@KDlCPZJzjF}
zen9WMA>e_yog%h+VD*P{@`l3UOMQXLyL<3vvJ~l`Shojy5w*r1?MO5)dDt;wAz0yc
z5nSY9{XHqYytKq4)_Z7=$2#qys~*wWOW%0};2ph%>WJTOALARX*bs}YmZB@?d8T5+
zJ}j&7Ogck0*oQsx$1l%EDKMW+{^8&p(gCDLK{-vOiNz#&kuwn37Hs)pzz@G(+6Wjl
zxI8=L{wsEl;y!v>e~+a}ogL{1B4{MDRO3l{uw<Uc^g?^dlpU&h9ZOSJ5NV}@<VQj{
zqrgE{mb*ICl#a<I``^F+&cJ_X;J-8Q-x>Jt4E%Qn{(m+D;Nv)d^v_oqee9=FUL64h
z8M6TeV~#a{_F$f0=J5Gz`NDNA&p(V-?D_a-Dm`k0hGR^Y2U*IhBcCAw`G2zPYxsP;
z<zU_i685^!|EAA))90`0llf%1Pw`oc=MUq%;7_*ISN_;`Fb^8A&Yy%$z{d+%K^qdb
z7#{;LaNL|f3EP6tV}J!CASPi)@u_|f>?UCK0R!vW`IGs)7<W2g?qaY+z-r!;?=iq+
zefV<zWZ885_;7p4c3%VRW56WcDgR`?j{rLgSV5nw0M-^T|Bi!s4wImU&!6TCr}+}w
zsNI#n$&|l_&v?<7ShFDQ)FZj`51>pzJ+kf%fK}L8a!iK+n*$gyMCVWDy9!tiV9;oD
z{-lzm0fKh}U=8t%p$|2D;Tpcg8oml?zAA0Bt{@t_t34F83i&EHa6Fa$s^zPaRuY2Z
zvW@1b@5AE<^FY`;e-ic~U;|GU&5>LqtpI!M;=#NpWiE`hjq(RsE9Ss(>KTdWjq%(o
zpW{!~BR!~O+yetr&h}k8nCEeFMe^+ftm>7L^ADaKs|lEupHHq)7clSYfZdQVXTI~t
zUPF$qYMQTl8@;R6jdyqTP}?iYMhU8dsVSTYbhehSdd>U6(^2I+sNa9>U|t(p{}0Zs
z@>a1L?>n`!t{JGSG3t`CgCD7@!B5pC=TWMmevG<`?-job>k+Vmy;l|aY`}T~X3Mov
zI6rvra&6?#imG5`VAVS7M!r2flV#tK^<6)hC+E4SzXfHxI;-mAVkI$fl#IN;p(r~6
zWsCQ324E|17WGe#V<li)?t$$FY#(6YFgSlQ-&w$R7lT!hPjCS2xOFgZicDi{*n2fG
zD*2v!I~y)C6z9Bp0C~f%LwS>A-kQEQlq{bi>#YfRm2!vj=14gHB&<1L8{RmS=aT@`
z+Z<mX0+!zGaNf&UgK{pMwyMj0u5>8a+%<gFU;7zpwFwpEVk{BWt(EQlPi~%EBeK0$
zoL%%gIh+0$u$LtKEb`n$o<1^9;W{k&E?zJBF0j9q<|RRq@m0mfuK$PJ$a#!5Wc~F4
zO9u?*6~)$xvr+D|kJOLoej5h6?J*P|h`JX4F*k27(uH%C;mp;<f{~~BGU^peGg)p6
z%DwYZZr;l8my5hlXMvS0C*PN$V?UrAiaUQ{{4WjIO~8gq2*#+ia;DRHzg6*U@t<?^
zqMh84IjIlWTEMW(oWE!B{|&%a0ya-V3g<j>uGaKr6dkR~i0>VxviwMtulbkU$lChR
z^26?19%41N66OEh_7e@X|JQ%N{2M60@;@j)QnvrMf4_aGr?Qp*LHR@=12zBt@3o&U
z-#^M<{Wv%8@ArBC#a@1spE|GKK=~=CtHLL_dA;vbS4~_}h1c}2ed$UqUq+g*c@5ti
zHGJ>a@O@On_i+thE2`n^h)++d^S#A_IxFDg7uY{&0~-8A`_4I|)T2tlX2YY#_&kfe
z6+X?)YlU>t+AevXwD48^!dE@bmtMn{QRDmlsdMkyQUz7@MZFoQcSnA`1!pqO$<75`
zz$Njog0$SfYf<Jd%E+Tf{>ggaz>wYi1@*`=`GG);{p^2tOtRkhQSS!S`x(+dG*?ak
zjk(G}y;o81FPW>WC^Pc&l5=GM!5RwK&#gz!@3SbA{>3jV^AXBi{e@-5qRhxvzpNeD
z<+A#j`R69iZh5II%KHvtiM8`yLE=>>5m_%@APc*HVVUYE^G@rZ-;P|Xe?^&#C{wUj
zZNNGLb{4SH5?C8MRDGW0ZPSyK9+7X%H6G1CzBz4k^G?cqxImP)@@Yo1U-+NZNAbI;
zt9kp}Jcc_$-fx9Ce+2KX?K?!p5npw%cK-`o(ipP7`apJ!Zm3Tp*Y~S0r(}ISefO)c
zrY|SIzM-fudq{5H7KudtjQZaAiTa?H$f{1l-u{{6jo0tjzcfrsWW3K}obS)f&D--c
z$D3i@ufC%3c11lmb8_<*{LK2Q{6u~GWdF9{ec%qf@BH2Set%-T4`A_zcjxBSk&F0e
zypNop=-;QZzLU9mPyNjLX8cHfvI>~6v$d6rXoD(%9Rlp?joiHXNXtG)&Vk<-Z2#|_
z19Fc=gII2LGdIr>d)|X{6<x9lP~}1j@CWI&H&E9c)b&T%{twsn($A?27X0jeb|f!R
z?)@LGEAOZ3lIP7$)b%VK$y<@%uVS=FcEP=xh-Zl)zK$Ya0S+9Qzs!R9b8z9B$Wz^a
zB=1kMF8s-N(HyWTfPutx{^Y!V2-pO`q&?LS_y4n>>b`TgXQQsgsO#t6SCSSzi!$#A
zj^uSL(SAvMMR}(rMk0yP3dmm}3hkk6Em;=p2=nFeXxb}(bf(K86B8q2Z;ZT$khfs$
zavi=8*gnAK<d^@c`$)c{p(yiy@JOEI4@K^T=z=?;alxJN1|F?MzAaHl{*U2>^4(R4
z27fI2NZwkc@3Z&s<&ku_-${o|OumP|qOP8(>*Er26}*RhE=!AI?;)QCm-%O)Y;??#
zyfG!p{t%7%b_5YFL_E_<Aj0x?t>GJp&qzx1O`vq&3?Rn$VeX(UIR_7bDUy!1xBRTO
zac|$JDme#|uKO5uZ9rY^@2v|9PM$IOv+!=Q&5%C}5nKgs^;qfHBY89P%SYDJy9N95
zd*_;5!*I*TCZNpUWEq?v#qjE;1$$nu_b?uZV}KtZZxLVa9l7NEa&JF|XNlpG>pLB=
z(tz#we%<%Q*=2t|MVYlIQ-Bi}>(A@O`y=yCkoCv?y#2QWd8;FD!TxKE@+Sd%7O;Z0
zBDhY$nv3wEekuMf`&B&__+PPle{2jNB5yYGHbl9SXUIQGoFVVv@j&D~i@f!~v-#=$
zrZ!UVx7c3vRmbu41FH~gQ1$~adq>$Ld81?+@An=Y@Sc6$@@Ma-^q<&Iavgn&wvB`%
zd6i___>(Z`S}_~2#~cWFhxi@~SO#EgB<v^q_&Z<v7x$$#(?I*CW6P)IZ~1~Q*6?NH
z2*|;+wfJnI`uCf$bTs_{ls*QcAI?4Z!}o7Su|0cVyr2r|`WSU>KwYQgm<slyLubEJ
zu=K$SROS}^knK-FnU0D7`TZ&Dx{11mqOSiGFOl!8W<2;DZyYI<rO5i51NItV|LI+i
zSI@?xt}Soo?|slbuR6qzvvgSwp1IySl2;M=<l1QJoKiTS@N*xYh4HLS{xjue=V6`v
zEDp`WU^3VE?IU?tCBNhQYpXWaMF|=xMY-SVNONeG3aBCj^}UmHFz=*nGxA>ZWjRIf
z5&-8u`4o9~zk4Kav%KHG-*!!0M<v>xcVC8SWFN0ZU9bK2NZw%C?)U5ZxA*Z+-HQ@W
zsaYEMGTQzzJVoaF5cy8Ne<bgq>|=>Fuk0vT=eXWsRtkFmgClt_$bA17ZSMnDNmc*<
z!@YME6*n|YGRm7D`ot&6sHmt&?<%Wgq?A;sWLG66-IA1)5*1rCN>WNHDk{E3MV~0C
zD5=)M#3aMSB1I(@7j|KHS-R}9yL@VMe$V$gGjnI=&amM6o5$nA%<G)@`}}*K_j#Z9
zIdi6Tee_oR*V1Qt!N<Yp1$WV3ZIQeBjL7B`H0{?+yVec)W=L9JbgOZJ@WGES@iN%v
zIPbtp!E(WBp_O$(pE`xo**u|rev%>iu7OYCwX5&zLenAnStHE|G&$F;-X>5wmPNpB
zXx=GhwCa@g4}5J7e|cf(8&(YyP3o%{y572JBgQ>-7!#}<Z244kjTRXcEDknAyb~mz
ziPeLRf@KKCCGlFoM!+!9)g@Rb*f<#7SY49eKCo`mct8*<zj|HZE-Q=Pb%7G1&Os;n
z-Dc9+;~WN$%Xb?3bBb$J^jSV{6;*$7+Snc>3l&aT2!GqRtCBG(Lp{7=_0wxAgY=7D
z=!T)YT*@H6pK87S#Ho&HT{lhJYhA?zkApRSdV0<4Zjw%R6n@a+9#U=g9{Qi)1>hav
z8w4l)MsP{16nqr?G*{hNww1PI!)fU$2EEj46SPC0nKq7b(c1PrsW|I3G~w6BsMfR?
zyhh;Fa`Uv&$Gyl#a2wx|(#B$!#~{mkHU0v4{Q0mvx_o(v+*ZP4@ReJQn}kQ{`Z~dC
z!3tir)wsdLq&^$Lsv7M+6up`H6j^NtZvyX^xGCjut{J7S`4mDj27THs)5d~HuWV9f
zTYS{&BBCdMZ9Pc-*h!kU1sbbQ3ZGoC0kAPAAFUgFZF<Rj1vE9czOcNDJhVYS1ASFG
z52@prM;^jw1og9W$S2^neA~3~8JP(9@oI99uc!GM(HmGcG3S5(g&x>EZQK@=H`jO&
zE)U3?8gCllRoy(z>nG%mOZrhOSk)cVhP(!r%rE^&6qL2jzB#2I#l%J$hIY%H)5b@*
z7uwKy+RBlz8N$*&H*NgY3hU8fQb)4UXNWL4&M29tqyKs8=tB|z9w>Dra#SJwUSY2H
zn`3JYSmLf}du^4+v<CjngXM>KQ2y?L6yJvAy^DBDUz|2xW7bLdL=`QIAv|phVHx*K
z8zJF=WP~43VHLO0kD@>mgcpBp+Bn^$m1+!y^U~EMnQ-Bs_8Le#ri~nl!z4QVQh0DH
zWyvM1=Nr@ZUXdEGLa=VI&61`y{;0n7Nvk{2w{CUZJD2lA-*p6_zVRWUr81;9K50GZ
z`F#iJjC4*LZ;^C}B~?V`hjixEy1@I*$-ZpYQhT*Vpy~MTv~dQ{LbEyaQF||q^sRZq
zmkC!o$fH*re$DqEZvG;?ivJsa-<vj?xKHXROXutPbm$`vm9J+)rEWy`t7dq0{b1Ut
zTZz|&Zb~*L`0^Ts*ATpJbn(*b?T#`YcD+@~nEP7f^rzFttt<2T@Zst!27N8Odf~O*
zhnL&_==B{}s-f$J$K1YY<CnriNseoul1Dd&TKsw{%fi0<lwz>V%%?q;rVT^*d*s8N
z$3Ob!QT2a#WdGl^!SqsHG5*$oMZsPuUl~_=;8F5#Q-^u-=4jU+xZ6U!Sz5;Cpr3&L
zNaaGxSj1#A>kzt2Iv!VyUm4g)`iyamsTTrmkMLx=U*(A|ZiPqBF*8P4m<PZ1^~?uf
z6);})kuTAY6T&ZZ#&|RLS|6|<$lO~;b)+34e3<YC3D>&JnycEXN#?3W1n1+V$vu9?
zcsv<b<W1%Y-?B89*X}MOZXCLP=&q2uN-dLTUK%iFLMnOah1dA{8RPHV+qzfh;d?=O
z5V{%YnqIPYy4=$#ch-#YOlo>PE2UQnUG$`_Yu>xm3f(YtBdO`x(=TrwOZkSNi@$8`
zbcdi@hVHS{^uD=L`HBj#(@tJ{dYhoj&skf&hzxZ@*YvxYBlaappGd%~`HwTko21NY
zjQp70CnP-U^`uAm<#zbBDx6)Zs!tUXzC`%dcK9dlaLH>0;bVW9IpY19!mATr%a6Y}
zyyoDQ`NYf-kJn-|6=7ghJUL?^KB^9@Oov)Nj}?T~5cY%_X8FU}PkFzRsSOgjP}OB4
zajSB-^F1uhXLCr`B~g@rtW&~Yz1?`gUw3%?FX3)qdmGlp{N~_w=&jq0YbCAV@q<+-
z=bEmz#q!?3zU{NO8^=mMG%adTR$SEf)zJL<D8*C(s%+ABRnT;PXuDBj+HdxFp!ZfV
zD|F6l!;t{DqMAE)!>g-iyYXE~pG(G|0kHWmZ#TrWmrK$d0jvGh_9Jd%;g!R{S@O{K
zBkps;s|H>b@VYLj9bI$$@CSq1QF!&itA6On^Cf-#5WI4p+U{#F#|Y1TBklO~cH<?<
zc2~lYuY5+%dH9UakY1tIjpOjhduF@V7q;w}g7aZZYP1c}O59rFp5&XJV}D<0mrr^z
zB?F`ID1DanR#(^W@U3eG8L8`Blw|G1cH=EUyxcOJ>&pv1rTl8)RsE0c!G0ds+&Pr+
zvt3pD!zXX@#VOw*c$ID4Zd|gu^1ar#d@LzTzREDNs;9Oacdm|C^-8?j;nnrrcB3Xp
zcQ6%nypRxnkFWC3I$;W4L(|)h#nt8Op`d(~Q^o>}jfU;p4Rw-Gsx4QFqr{c3I|G<m
zzJf;h&Fw(m;VoA_zc#QXur2{e!!dr`=^Q_@2;M^6vbiL^j7_6pm0;(X^qWI<YIG9b
z^MrLgzx}X#{e^eVTNp3XcG!6n-UVPeVCR{<>&<ab;+GLtPT27h#wA!aSQ(fa-%P9y
ztR4(^w7Mi-GguQC?g|_00P6(%kOS)ltIbH}NoWU!ADA=UF|fK!cf2{UMlff*Ltu03
z-SM*CO8tX5<K=-hWx3-OgSCR4Xyz}<|8lSnu>Ub-P5WC;OSk+jlHWSwbf2(8zf;Du
zDnD2km`r=*608HP(}BgndWApOpSkyr;qLiqux~a2kGvCixW>)M+t9yYZx8Bk?(wNK
zK&&ey-xcsG%HE;ZmUtGqs{tE4d566}2bq?M6aE{VB0Pj{Qg^D{ZNwcrWryu66W!7c
zHVVce+J18=uPqVShlN)HUd_2j&P&Q#f?<{M+GJj(k5qs~z)q38vUV5xw-hm|Y_Lrd
zKYz!X*CZfI>)}rUv}=6_N%YnXw4(((jF<V(t5f#5J{{1&Q<O>Su;}f`>l=0$d_csn
zJ-l<;rT}&^$y*b=B5&Mb{AZmnuk+S7g<LxIvLOE}vdh#aZ4`d}Z>5gSyqzbD$f5A7
zbtl}wQ?=<f>`NEfOhY-%ylsaeCtaHQR$hJz-=zsQ^3JD<FXb*E?!Zkuj@Tb2yc*y&
z|03`bIUIsl*UfJIG!EA5!R96Z4ou`K?VZqrT`Bj$^Mdzz=LIE1FM)RM)*Z&Km1+Cj
zv`L>-BlI0T{`$<})B0aGJ)Te8tj<}A)aNj~a(}eLxPIllc*^0=E1SYq!0WOVc^!VA
zrnF5QUiH7;VLT@C#U*20Jy_RY&2f=BM+KUGr|T`ZgNoNlyn(~SQ|(W@_*k<2W27+-
zwh2tFE82E<a?W<XW6rjbm)x2h&(cEDH*(*_-0|-_jHkGlzJWKLzuKN)t&aN;3S8^>
zGUARrdHA^5u&O6+-}nyWOyP?c?b9%ka<qbvgTqo?l7}v^F|cO@A;sE&JP6+r;<h}!
z!?ivu_zd_UxHr8+;B(;4^s<OF1Gbv<N{HL>j61y;=~aS{g7<On?Njb?+J7B32eJ-$
z6l~p*T+b?31y}mFpRm4zM=qa|PTE<><SDb-CX_{%izS^l&h4T72^%2nPZEz&HndT~
z>O$6jloG;oVzaB>(<^OU2TeCLrwC83LVnF)ePBNmfHoE>4Y77Z#~{7bcU44h4M0<}
zVb;iT*(_?U5G&kTEIc~oSTzy1ijuP>XuC>hjhLjzCHcyTAwLdGl^<*w4Ar9YwK;UT
zY6M<3Q8Xolw``m>Se8(i@TrJVJ}^v6bxHYZV#ov7q#!<h@kgG%r`jKy#&c)&JMq-X
zl`3VO*M7n(&P%2t=?+VLuvc;~mtYey^5?)LFA1=Aus-f3FV_45KeoL%PMtSeib(k6
zZ6Lk#XYILwV8vk7U~(^)^s{oXDlo*;?$?6XfH#5jPvNp}Lhwd_0S_*1+YVk=Icr=Z
z@pXNn?%iu^H#!<tS&@a>HW`Js9opOcZ5^*|QW~&?5JP>Y<(^IcK00e~9-t#1-nF#w
z?dk5}NDXjOj%w)huYO_W=zz8y+FwfAw7<uH<}Jq^K{l579%kS*SUYPha__^-V?T$+
zgM1GK=U}&dY*z2vIc%O-7YW#TD}Ad0Ui0u$<2AhK@M=$g7MmND{1aY&&8+?Y_~sA_
z5IT{!e!^meg}IljjNh>E`_!y)w*a=xc-t!Uad%Utj{jnlW>aa=&%!^%LuxrODcv^d
zqXCuQ2fgI227X;%nAQH%RDPbe3=IU;o777mylU>6wf*-WG4(<oVIzdK5N7ooN8i5C
z*`Jq)H%L5|h14Z=nz0dm0mkyNy2O^w1zQHI6vUyoVy63!Lpex71*mfX%88%fI&05~
zg>M`zJ8i4p&x~RhtR5^%yjJ1MC0Gks0r74S0Ev{cc7nAKFGKnOwBc~Nl7Si?2MBBY
z;;bR3ko&Ze*Ejwd-zMVi;BcmI$cFWCZP!H4CI4-+#<HYi*MY784#KyJuiCksxN~2g
zU2%Sg)rhU9db8g7P<XBzAsNvf9q>8?ueZ9&XX!w5PuUmIJT^BySV~=vK^r$F?YfMD
z&4JCgCuN#B(a)$&q_Ir>6}n6uJ3S7%I9L>H=&Q3vfpoT1+4Zcshd<!!isRkq(9iv(
zTDN^OY4njUVyVUl85=sl=E3fgwwD<y|0Iun;5A=Qjyr-4fyEt|^to}cYOv#6^@l#N
z)*n2+y1l+)pwrBQVf35GA$;Y^<5vup3%1h!9m!jqc>NB!7OWmD>szy~vlCi`ADGkc
z)CraYCh5tg$`4iqX4y}w{9rK;HV#(q!1AG=2de^;ZvmNYDf12%ahUM#OINat6sfT}
z=iT%#^4%;6i)WL6l2##j_IHx$OIwwKMZuKrrJsgAzdl3SvKqVt{OqH6NR=Jey#BlE
zQjV0_u%3<}eW4pZUEiNI)QSAIZl^DZ^sUo-ZNis3`+~9vDnyr0L7Vr(S>x&;Iq>+B
zgZ8(}CL^jZt?+!x`=ePy&iC;tlV>aqpXJ*hAXWAcysCaYYwX}z^jqjTJ@&PO7xt#=
zJ=Ok%)zdF(G)+9l{~@rfpUfJYlI`kPr|C+UxwNS<K9ugBJxg<|cFlMX_ViEP{VEr%
z80;iTi%YdXSU>4Qrphl^DVX$Msc*_rA>(@$ST3~p3MTW4P=n|hwO32(v4QYT!oMC=
zkDmV76i|`EYY1M6zFA|?TYjsryZ4P;>ZggsGn5anEDBNc^V!4Bd8PeIh@0~Zx4kR%
zQ3)OcS9Qd*@T~<a0egmfk(-s~vF*f75O;&br9Q=8j&a)yp5H%fyhqAu_XBO?l=2Q=
z(r0p+yOmXU=t`Hqlz>OkFK3NH7Z25!=m}<La=v@0Xxq}Io(tYf`oEerZuK7vJa$a@
zf*{*kbVCEYs((GJ_vohT2G6(>`nzA737<juM1C`Cyez2gUB2tkfBg7J*)lG`{(;Y#
ztKt)WO~7!W_Agh$YxK9X#yEUa+sV0Z`d~^sNxyD~zHZB`vDv?#OX)>U-T5)UGD%kp
z|H`-1$oVI#FCQYEvO~$fEcKanA@lLy&l>+v`Xw@!v?0S6GD4`9q8}GxtvepZ9S@8J
zkXFHG{=r$J%&bp2A4{x_bJbt1*BgnG^U$o`+iJ@*vIu`m6hnV=m^kJ{Px{^fw3$Qb
zya*4beGun%6uf4bIs2;G@hbnSs|Y>g7l0X~{1rtN^zT2-y5A$!`>-6fQgMM*DWVT+
zp=pKYuiQ)jzeIMuW`+7i|B8NSA-w$2S!0hG&V1<p^%-UBvp%3IOnZNLb4&C~KXJSM
zHEGBk75xwsY#3|=%(9;an*b~R_oVi75KrVh0X9ZD8UACkw-2|j^Q#DAp+?e5-pBYp
zI%_OR8>IH(lzGxU0ls^gCrKT&!msS__@d0VL-v#}o|j3qD=3HhV8oL893bw<le5M>
z-0Sg0twyTxMe;UIc*#?<#?ROB;Fq^SS04(W8&FUgQ>32r-;e&Cm^H35`-Ps5Bdh1}
z#-t^z;d4V?X&r@LwLkO|le0z}ymWp)Wsir2KrMuqZ=JRG%b5F}AF+zg0Qy0*7VI)^
zfu`y?=4_cT@GD~?)2S!I=N#wXm<i}}V3Bzd^0H^v_@dN*h`L4yarr%z$74QWy$iF4
zeaEeWc-e{B70*?W@-`4}3-Nx&z2qJ9XGNc17SVd4DO;R1UN1CUA~S<vHDHe>Wk%+H
zV$oi$^%VlcY)<IsiJP%+R_`z5S@fM8<TM2K4$-x?4$@<)dil{lR4ROYI7M4;Q13lT
z{glCH%Ynm}yN-A@2Tfm$rC-(l`C3a|$ZmN1-4x;74Nc+l%Dkm~Bg7jgo>f00cT-?X
zU~Sxc<xaxWK0to{&)-gq5*#IbhVY<w2qaD^aT5QUHC}GEf%v#X@}h!tR>BMU)e>j^
z-?OWJmquthq3Jj@YwY9R9*b06g`Ra(R+)7lCE6%7HU9}7cO=ddaoU~_jw5xM^Fi9v
zNX~NvD*zh?lQPMb%`XNv1a^)9=DV7rFRH)~fv=Z3@yL}JH?~-X4yH&|H6$I-kEG2R
z>&!Y`+5bm<`1smZI+Jr5{?+>@jmD!%ELC@S=P~aOI2xx;WT^B*{8>L|`=mC9u2O@R
zoOCPoRzrA{aHeAFD&lVgST(lCh#*!!&|_%eUf(jJ_CePVuMMJy{qpVFM-@KS*8)Nx
z2(Lr%8pxV^QPvF0s*vv!=8SsyCfnO%%Ut9h9q>M;yu%@SxE)^66X%S-2rtTrVjPx^
zB;#5iVPg{Jl?$<%lJmU2bcdspUg&Xj>V7G0lXfxvA$v~mk>^p`GaIb%<T+!LgzNNK
ze$X4|V?afOHxaIEyA;`uCuKYQy7Uy`rtU@WHoznI<#YNhn$&jm*dd|o{p4HnKM0?h
zGw1BH!~`1yOFMVYK8I4uGzWHQ<D5~zy)IMSmeE3>44kH&@1sn|^PtOwZ$vbiKKOUr
z(GF)Pxr-951e$@%<_t_uljluVHBlmM<Hm_ILmWOQ<lt*EWfoy?n~lEDy2q`mX*;3K
zxN=U<ZR~pX$ke=BrVs<w=f<HO`M*g6R!T34T+M@x!|xQq$l?1`4d`(+<5KJs!bJC&
z{ZV{FY}2uqf_T<GfFj~%)yx^fQ!deiWnj5r&b6On@HluWxW(7Dn;bU2-}$$~vlH4{
zXg6?g&4cr~?Fa7ye@bx5vC_Kq6mcV09X_t4mq{k8u636|<S7rl37jsdF3CeNSR>do
zf{=%m=JPegE!^ZThosjCUJLH5GfA%<ybau$UJqC+*lN-nBW~>D?({^)=fNAm`(3gq
zs$R?Z_tPCRPW-6+K1}^xH)lL6G?Wuv^c^KO;kT!YPLlkV5@)b(&gJ*70viE)1>tg)
z@Y@774tAOp3|_V@s2Q#0qRNjrBpOAfokk*Sz0eOg%xN1!=jAa=FAfvd`so)>FXmi^
zJlxFqOS*F9@+$z#0DDvbmA*c0BlI&pCn+a<fN)&xX831p9V0TciSRkXnVNX|n0?N<
z-N!nJo7-s00BK1*_k!hsoi6m)8iEai6@k4<FfQqHV_<!^%o!IX+u8O9I+Sy<bBthW
zt>yq(AHklv)v41$%sLsX;afmh&h2x??<FC-{cNAQS7(34PiF_&BvO`E_&2~`=_j5G
z`E`Mffh}-v+X>nRwBH!TV76^Q;WGwJ+h^zOwdpdjIj~l+SD13VvON`E7v$d&{zY;0
z+Ge-Bmx0YU&)M(FO1x^YIS*C`R{sSzZ8KOCSSB=b)$r?x!|(1nBR9y-@%TsY@Xhc>
z9QW7yHG_JoThd9pob=im7gw3iS6)CmQIe@8oszCOy_Tr@4qi=dQt+hpNGov~h$D3;
zm;CPn>;KW5KHtW~`oWrdll3L>hQS)a#H}Hh=+_D12X>|a7~R%Bqb2Yza8W~YN!*Mp
z7;nHf2w?hLi@1$~clXU19fI3-fmWEI&DM~8u1j%>uBd`8^JjCu@AgP|1K|aPe_i;h
z`Va>>6~g|TI8X=Sy@boxvku?a!k_nTmY~iCOUc6_(kQ#%KaWzUxmU6tIFhVqv7HLR
zB9G4*Or;(5Au}5NE)Z%7w~eYO<*SMle~kE6n~EN<2WuNO>zcCb@msfd8(~9)ogn<V
zgsvNG6zoKWXlwxN&=YQK1T5q4Nu4e2ItAALWYXs0T`k3P8GO@I*j6S_$yX*Fq5<q{
zg2{S}TC&jgR6b#c2($7f`n&|JY~P&zz6V97;HJ$K!kD9A%3m2(>D3aqmAIB}llpH2
z>j3+nq(^kltmkj&Zqc_=?oPt<m)x@72UZGZ=?aNA1QzpP<6!guoYZy~9+5)g&71t*
z%e~viyT*}S`zSn>hv-MCzhigWww|O{1l9%ia^b@z{iF=67wmBXbX|y0toVMc)Ik$;
zrN`|wVnS!vfvyQjtBdd&!q1R!F2VZ2nk*X2|0(H%Nx1Nl{}W(6VCx0r5-b7M?ZF~f
zk&Xw;0qgW&1z;Uu>Z~l2Ukt2y{Z4x?ilk8q)&wS9S1!S7!5TeSBUl5NB@+^_&E#ic
zBA4A@ZN&Q)_u7Z^6%i4&4n0U%_DgoI=x-CgbHv+1Jn0j1<?%ZNHhdV`GKqUN>k(Ny
z^;$P|iw%ggwba^_7JdtsATX|dFzw*SU(Njm>MzIV=!TVi)WNHN&!qO9^IXiY87y|<
zPD431HGgebVLrhn^q~5O8Dg_UKA;nRgV4^vk0nrb<@0w8tm&o5XNU**neK@2hsh@_
zI39z)1j&yBWz&|Rr)#K7uxzmSNjr@pvjGLm2g^Nqr+$x!XTeIqGG4yZn3Qz5%K24*
zjlE*0aZ&~kr0uaYylXe%s{_uImbxf|MHl?K|BL<+#Lw;TC=Fm2m;BDdtAVl#E4j+#
z&&R0$({~!3M{)0$U)TCs_!GY4%=zopyC3E7%7;JZr@Hd_8wVSD<4%JmT8qEvNVVsH
z1MHQiU?n6fa?ncLIpS6)<2v^JnJ0p7bk7dXVZK{J{9$M_-?Y<UNVC#$*}Nt-=j|)l
zOjxLOTV`Ctd}V&p5S?V%*12H$@Kp6h-AEl4g5`l(Hn^0r6f6d&^6eT2+;eB?%XP%9
zC$8$>@U-UO!n>8QTJliEJ$Z=Bc-sY5L;UkhJKzRAMtoDru<m7g>PcLQKT7=OH}5oh
z%=q-xD>MmHCDPLiNqWSUG}Ep{Uy-KhaJfW=v%wNYJB`GD@sKJLDeq+b<JAEsCjCPA
z)xfW<YNzpie;GS(eZsvKb6kKBCn%HXt$xYhW#rE+V~AJO$z}-CY2*4VR1;>D$kPPz
z2I4!7FGqNwT^#exxV>cai<BjsxU^HwChUW&cItT*%r}Q**RLMyiU^DEo?O%UWg?@S
zpsU@q(>Px8ZRba?HHfDv=@UMX;x?1E>V>}e<2&s+sbGU(dDrhWUc<dyf{lU2z|{Lv
zJd2FZffdy6)IM03jMh8GeqFxok0VE)+PS9kiTsp9S9RmgHJ_)@3|-;{&~1UP<)*c#
zw**}j-`Hd1*<-7$c<w{NCy*!T9!jPAQnC`=-`0_KuYs<QeE!O$v&RH{U}7XC+dcIg
zI8v|O&=)p%#&~U81*R)<Fah1%r<3wh29^Mu0sE9sUK|;zbm&Q}SdaS{BnExSb@Y?Z
z?6miiyUXR2XaDycBtK2?XoknrlAlyv<Mk<g+h5bf)L1qGuc}*iz9?th<kT^L|LjhC
zejs@*0Gn&xx!Uuuef=L4NaeKwUYqVX@^VW%55a5ntL7NXvtZ+3xgE*2m$7LcEC)=z
zU!PjnB8raJszY;rbscnmlIYv=PhwMiW2f-}AN`h;E%~rVau7z8l;5cZ+D+fw>F}j%
zzmt@uo3O!e?X<sbCv7nR*7=>CFUmVwk?X0ypStHbIbahGOtn8)@zBl}<;>s)cvZve
zLdqhSl(QAA1MD1yXsin?vh21?`oX6D=(bCS!6v{?7g{Fa`TUyzTLxQ=U6OGF^8HAv
zT@r;)9$|%qS?~7C0(&TYTe@?7w~RQQ!;H1bw#Uv(`j$7RI~)V>l=^IhCgahaM|@U{
z)ZH+=Hr=$#co+9_3I7SOvQO_iV*VoA`StLJ*IH#;@>T<F^p;(=|3dQC09JkLt|OLT
z;WY%WI(S8sb?>r$^|vcShy5;w*gaVc45hd2^6iHOgf$R$BJt#svc<rf9hmT_1Z!&A
zrQh9GwiEu44DEBOBW#GU&B8#3G0W4Az+9j<!i#R-W#rr8yy2jORh#w^UU}z{w`m9b
z55cSUC%cS)tk-$5$1m&qKb}28#~tsd5jV02gxzpH>+dS$qd_6p_ywp9B~phSH)8Mo
zc9*@Dpuc3O?dg8PvX&-|*`s~)opKJv0|AToO~^|*EFw2ypRiBtv}0DsZ#lz1>%vd$
z^Gf)|$op%|`L{lHJoI5@rK|S~v(%iek$7bf?0P|Vk;vW_=!c<4wA3ZoC|Gu6t38J*
z0-FJAdw7@gdp71A^qx?NFDNQg93hLwt$S?;=Qc2oLf0nTwY{FCyU2<Q-N&qZ`ZQ51
zq09QyF5?eEmpaaRZJG|h+6;2t7Q?b1{!Q>-t1gnfC7|tobk}O_t^3xJH|f6>pGF4$
z?B9QL2(Kf&h;TLT>He?Qm!$1l3Cq~N%ig~vSQpsRUUwV!gT?mkvgbk4#=~GGVBa)#
zAih|cQi=c3{)WKW?qf!k-!knp)W^~;<GmuQdR`=3(Vz?8#Ol0iJtmihp+~F--Nwbx
zZ8@+@zx#gpHXd9{JxUvQz<<*lcN_oV-X%k_Zf@`M2<>s0QmmDl>wnNzyluDMOX`)|
zyDeEoly7w0lZ@1N*3I~P-?iKJhlw7}151F-ac|a<^aJYXHmg#2*1DvExOo@vHip&_
zH?>~WZb^rc8J-Q;6FO?@rY`t(U$)!$*(&)x=<A@`z$Q(dzXbfUYjzvaAbuX5-yXnk
z(Bv0uM8DMTHgZ?V@4GATllpIiU;oE<YkwKff^~x>z(iNeCI1J&3O=#hsPG>Hy!9Nq
z(oX<&wJ0BK#x3ys)NbQkvmZEoCCPVePDt^UsB^MPp^e?N+t?K*W2tTK(RbnQp!Wh)
z`QbJ5ncc>P(vP{MtlePI#@$AxzyHYlorqA}zpQ=2GRAKSeubaiZG7KVR?83Ln2(1y
zg;E?boDEh1kK$Xgcbj(`@uc1``vfOX+iD|fzjsMs_*sWSiJtF>1;1>5t?=x*bGLqn
zn|kC`ST&w@gZF_?635n2TDSep;v)1T#H;<>Zr6IJ=#m-mHt<(V1=#Il?ISWhqgaRJ
zQ8l}4+eFQ%JVkHAzH8a-S{JQ`O)+@m=XdMx3D`WTLv1^G+T8!0)}S#?<e&ro<*mEz
zHKsDKUa*XI`kK`FVbcu%C7`Rtgx4~>Ccd)UKKI3A`+4TV;fn)!Y58wLuD-V0xMg+u
z`tN`}i7_Sr@XG$_ZhO5nm%Mg^Wr4k(dnxy3KGNp2iH8V}65b=>THpKG|DSV=6}~<l
z>1$cH)86p9*k7Ni*NmL{o83A-mhT4MM$-0v9DeP;*zIf2OL|R&cN2a+@m+1|8t1~5
zPM-nd>2XM@p-<_GQTS#5dbcs<uNS?xap-3M>^DhvL{6fgMPCf>Hs0mUpY?8;XCFqM
zub^l>wh3Otf8A}Ia;&GU)_lX`2meEW-7bD_v8A@auVZ4jaiW>G&~9a6r$q@HC#>@y
zyN##JFtxuvd|JBs4nd*F+9BdpZ8hbJ=X`!yOw8)RJ{ID^vWJwe311enlnp^~ekH^m
zcy70TkJ}@6E`RoiUfB1T3rVAkG-gO+jC(sj%0Bb|7P8QcLDRNvZ8RCplxKQvG$qi?
zt&ye<n)aF1r=$8mG_mcwjkil3sQ%9xJm#D@1~f!?oba=xty9{;xgVGBCl;dj?IkeO
z0Q+&JA7<QvUAu#}jPQ`ETfJw5g)Z^$H&c=Y;a3H}&Rx5WdsfLWV9ZwhL{@v?m$?_+
z&%Ipoe+$_7!QJ}3aaAwcSHMJ5jhhpMFCR0n&p<+>tL+>Wp`S{j@zTp*)yE@u;!itv
z-hTJWGZuKqvY+@DJ*Ie7z^nPVdE<3vzdH=Ce+BW9I_!j3ZRWhO#eZIojTd%0Y{SO|
zyu&ma*7Y?Hzwwji_1S!?zCNbpNa{;;UFPR#x69`B_astfz*7(5`2ba?+NKI#x$$|&
zerx?sz&WHP^R))TORk^S^BY@cEt|yregd-_+a^I&rB3>w8@qAd_%&tnk<*m%$^S52
zJw6G)v=;nbE%V0TMBh2f>>7VUw>vrwgAFHUh2M%XY<DCz0EwJdz;C8?-rjpISPj_V
zBS|a<)&RBz%)igpCEewr2YkA09q;Bt508Q2d1KaJ*1Tg~_>H~|CVK?&&-sqx{zvx-
zg|uPG=joSEQ?8`mp}EeJH<9&buzMXoUtQ%&&g!9SdS>3Z&s*o#nCjlsFzlOc^F4w=
zc+E`A8}Ik816Tie8`@7<s8Q7`wV8{7EV?A)3yg>Vn793H`t5-8)qpB(m``})Kj&TN
zW|n|;fL%toSMMepaCPUzwZN-2caOb)QPS)LYw=)xV9j7BOPX9|{D#1?PTh0F-w%;`
z$hwR9=jnUwce&U<@E=tP62`BP@TIpT^BDyz1xtXPW43{xtx-#y+_xp^B&|lU95CzK
zSERMaN~?tMPQo*a_q-tgpwLf1-*N=>xvixC_7|4E)KxX~4e#G$`>6!018cv?jWvU{
zd9V(!k`L~2>5*QrVz71akxSZs5UdC+FQ_lM*7U;1`OZDyBmFt^i?m189{rAiW&7!M
z<`uv9Pzv4P3!rO+uJ+<RYyM6|KXh4_tUaIe&<#NMEM>KANnO4lS*ESB4D9)Pg{qgl
zyRok>-D5nMN_Wpnbk)!;L-+Sox)s0I(GFc#_1fu1pp*SwkEN!!;=YE+J=EvI<eJM@
z0$mSu&!nceqP)~YSHa%Ywbn~7bj#4KHN6?=x)N)nE2K=hZMyyXrF_^1O0R`#ttr%1
z*3G5nLa5MGK+{ayjR}p_hYmAeX@;io!+TbJj-vF{0cf^-WRLO7lzE!%lRbNVEPR!7
z&L;UwKv#Oj>hqTcP2QKFgT@+jB>iHrLtx|P*q`*bhcB|-T;w2RzuKb5k2>hOYxdZC
zUgPj;2I~Vum8FcMFUCAl$}mS76Qm(^AXkjvA+TkzcchdddAbEfu)hT)#jzI?pqF}x
zeVOs_qkC*S&QTBYcAv5+nP|jVX43c2<ne2O?$A|x^ctDG>>vJRx{Q6i=U=J+>-y><
zUgTqYTx%lzU{ME_55Hls5-|0xR!i>mygl8{2l1r*OG1Cm>g7%N=iiI}4I1lxW=A<W
zl`UB|sgp|Lw$<&?XQ^0u(S6{nR#eRE(ATX8Xrzr=q3ihM9(&)k_&B=2x^LWL{6Frc
z4~Cl6!5P~BL0Iukd+fC&y*E<ZbK`_<BJ5;yTx7$-n5tkB65C*z@I$xkF`n>_n=ZRQ
z{BDntPpI~j6t`oaH0{xTQPr~4fw`|0kyoY8ARQT_Ylu5Y+}lOYbX@J9^YxVmeE)-Q
znM=O=;1&7o9^;>0UhaIecIBF!sC-M?C!p`&y!!qx`Oo``%)9nD*H8WYi<dc)^z|<a
zuR3@&x9vG%n^|~mfma8-0{pJBO~vV|%<;8-m`4=BE90y9&%eCKnC9Np+tQx0eyBfA
zPl<RjH|gBxAx6{~bj|nf@$;8GZ1)SV61gEM__%J;n&Hv+l|9CfxIesnT&BM7zF~b8
zrx$KmUwiiYy0h0eoXwQ%Y`*U<XZxJ(_`dtu9BbwLzWdoh-*=b(m-#jP1LWg9k`FGy
zqF~uyP1>PS??qr0f7oOEOClXso<qO#pIgS#qL4SiEAo&jThhPvl#4e9cpzNT>n2Xx
z&>rJdugv@QAI_vMM%+^-dNIW-0k8Up_vkYv51;qRm3WnOVE@eRG4`%1U*W8Pd2B37
z@mk>3x^Iv12Jvg)s|t68qzWoR*QtN1EqaO5abS<}L88bd<H#UbcKU*z`%#|FA$E$e
z3%c6&>}Y*8N4%1C3-;Nd%z#aO#U6+XYaLj}&Hg%aeeCMu#)zA}enIc`LF>8rzBkEN
z+Hw<dmrq!5ohR1>7CCXjwa304EDh{*{>fgpa{l#z<$~QOlb_UfOY!?~Sc|U|bkSCl
zmu2`hp1ff1Da;1T{08GP*qPi*8_4^Dg6DyEfp0KzIgd^1z65+6{Bps`ld=zQR>mOf
z6IJR)(yAd|;*<sZ-7&!$zz%`E#-tT~tzbE?Sa9zz*6Vx&mc}R~UO({$iPvw^uEs8%
zgQh%p^)!;l+;3u6ymrBU*G&3iAz1U97VP&6lqV&sIvbwlVz15(S~rUeuSR&yy?Md-
z0d3;jrf&Vs*@eDMs(1~<tNbks#;uV6UUjaq;OYSJP~S4j?nE!WeZjaih?gf{0leZ;
zhjDmCwkP**N;}sJ|934IyQJL8_G3$|w*BtW|Fw*E60hv61^a9c;nxRN50=5bTp|xc
zV0B>g0$BEzlAEh7v2mHM!e<$p)|pA|3#Qcs%lsDY?ZAY06f6>3Fm`h9=3V2<JBMhM
z&<sLziqOz6tan`Ud8{LBh_Gr2(|I+=S@*j#A|IW^T_*0PAYZS$9nK7D2T5xVUb&?U
z#=DN@!KptODy*{;%`-9|jkrCo_;xqq)07kJT#F~*+NoIz%d&6NpU+<~x=mTO>|?(B
zr*{r1E-?<EM(=9RV=RPzv>)IhZO{gvn(_rb$K^T3uN$oJy$i<CVyk*|Z1{ex426-I
zXr1G}+`5-n+|uSGe-|tm`A6~KEWfq(*tgErK}vi(8|K8ia6Dkiw@*~Fl%euFw14G-
z@qX^*iu0=l%lyEC@qAF9a{H-H^G$vu<6^&WE33KK2x;_OykOiRiRya7PW7xQe9FD1
zP(aj37k@6He$BSS56Np%45IH<e?woDhUN>@(&uC>DkA<A@t0k7NjfrFwT`jazRr=5
zZu~Mg!mN<Gf?qTI+Ad!(#?16>ovLJ0t>2lOG-`Y#Fn&=AxN&_P)@c*)&AD>H7!bK}
zwz-#Y`17F@9;Sai`v34(e)P!XI!f}j@HuqVg7I7KB`={bsY=!Fc><O2Yb8#{)eFYY
zr5>E^r#|9io=wUGFds=*b%eD+%cy-l(k>&==X`9zc%#tU<#o3UU)D>Ks~#NVTi7;3
z5L6}P4g7My%e>&41*6wnf4a|j&d3UV&u@6z$oDda{Q|Jt>-}&(uu(+X9i&~dX~Dp?
z@2(5l&U$x^nMpF|RE5xuLe~x*Q=?$IJKS_qcNyQKeV_}ROL_J=yewcc)kNJ(KC0kX
zaNUCOr(}Ppl2t>hcR$0EVQX<nwSqLF=+QRlhHh9e8l}#W0i{Qk?;yP1o=;H+_7sZy
z@JY@Pt%Js;JfB*y-**<hG!K?><AU}(@+>l!)-CIard?#q9QKUrBaXdbe9pk7{i$ym
zqhiok-n3v`nJlMsZlAIScfPOk)O$)>;ni^Sf)Vk`o3y#T=TpWZ*W8}PNRAOxshWNV
zkkFHEsFb|U!$1F)1*604AF6J#6BwiZWQ|0)8Tf2{a#->kql&(d{c`Jq{ti2QrM=6*
z3T|6)?v+l}y-lfd*92WNbcb1gecoLfS%3Ytry8_w9)(}_XR%jYI>2F{dgOS-cc4+n
zqo{q6(I1GvWWl(=)h0@(urJb7%U3zdrKGt+o#9dq?eHB7Mra)sWa}e4FWx;B;b(k@
zwhbJ9f4-ll*eIvs=fZl3bn3pa;JbDyeS3!RF2Wl#1M=bd#@hJ-=Y%#<2g0xDhw{GJ
zg7LfKeffF!V}?)3^vk|h+|n<b;TP*R?M0pi>i{bUdn@;HNjZDL8o>S~fQ%s=gCPH|
zFz0C_gjapvJx>!}GvICiyI>q+(h0T<)_C87>)Sn<J){fv5{btp@uFbaKXcDdi@>tL
z)~i@LUKv;>*x7<%2S|Rah2K9Wb-OT0Q}00(ep1;H!n=|1d}!VxG+ctUfo1<ZnXi1X
zZm_{$Ea?5eS|_4Q#W#h$r{s!ih-&&#;?5BF4(Q|(o-<(a{$$<+TL$X{d$mO35-bx3
zRL?Jy^F1j;6s#LewF7Bw#)7r>9tlm1@F53{V3lBlV9NgIIiFuG*a%q2?3c2^QoaDG
zyG!U6>rUv~iQD(9WIjZ{^nmq(jc{*|3wrG?@VrRjH3ePiq<uDhT(Bju!uuC&KeJ#N
z|BHWucros!{RGPe8z7!^8@U841nUROR*1$*!3G_e%z>)F4n1JDBlV^a!O(S4Pgv7~
z3x_?wPSWTiZqXmyJ_*Uk0C+WchM5nk;}NhbuxA7#&6UoiTPAMiL+-v3gDmUE6d(L%
zX(yMgUFwjvaJgf|jh0#=LeH-f9!*2;daDI%^k9u(4IZowtloolgVlk_7$%o0KUnX>
zZkZkd8-6S)cM@+3Yz*x6ic-@qfhEACh;kM3%jji%1bd6A=gsq%htf^KWL?IR);6Il
z<5vRB^5YA}6{bwvcDt`%GQ1&Rs8O=k0<YXB7VP~WBJ-VKITLF;XP_LqG3cg77mTG<
zjypdM*f+-TqV#><PtZ$GE*S3!;>QWtPDlFzUmHiiY#{Yk4?hmW_N*sZW2)Z!b+cng
z#nj@p;~F;tix|H_cojXnV6S=GZGg?>KEFA1Uy1<-eUxA1r^xHp1^s>t{U+3-#uepx
z6&Wh#mrtDXDRXW@9Gwn%7Te64^TjYpoKp$Hq`WoIjy|_w%!YZeX>B_|RH3u_*jQE!
zr3yFaIa*7KO!UF4etWXK*l^}pz$rJ$!N7F@RSdd0=rW(3)aMCnI~O|jnuyw~)o5Ac
zs<KDZL%j|FdMQW2ee^HVR^J9lEe9LF-1`yl@GXdzsRnoz%q<u@%>HJ#o8^y~a?4bk
zFE6o;bo&g$uY~d)B%h+U?Dmn`HK&e^j@F@=vi(!(l1Lvk$m4pU<%;sl0V~*p-6sHL
z-5k2n8uxh8bS1=DZv3aVD~Kj_Q~}m}$3Kk$p|kTrTZ)_{4|@2T!=6<&?wwo2Anz3Z
z@cJ%g^pP8v(A=G#A~9+{H3g5Eul`eiuf~%fW@F)Gp2Dy5H~~}@^&zuTuKb@do^||F
ze+SF2?LB)@Cw$vW*IPZj+UEXg>pIa{Enux+{r-If*>Zn#?cD*kau@QH1;26lZ8<ez
z+j5m)^I*f#gdzK3ed_bP^#i=GGZ4FQed2?zx_w!I;!dy-BY7|VIl3q>VLWkc0AG(R
zALUy&T9zg6?eL3Ul+3$eJzx`+348yuU|YaCZcbvNA4b8t!A7_@$8YHYvW^*OCyAYx
z@eBG-W5W5)HfwNtlewgoPk1BYM+sl9D8CZ02CzK>AQLRr;5r*IN6e_27siQGddu4K
zBl6Y(UFPix<Kx2HBezMJ#ZQ-<`1<xE;WY!V!WW5GVL$c_ysBLJvc>^DcHQLGGpq$M
zKexvPvI(u!X(PO9;UzL8mtbvR-C!F<FLG7#>jrCU1`|EtsS9<Wn5|dBuRslu8QU44
z>ZC25$%hA(Ha`U4mOB#md0RBzMb0+Q{Uv(v^9g$oVhox>u;%uJaoXYYa$IU&bbqOb
zN8MKv#vT6sFl8<8%7FgTMINN?hTzxNkua1|?x&ju-DAn-Z2tjv5Pp^XvVX;V=_d)}
z?g-4OZ^szh<Q!u^;CwjO`Cxzgg;xKtBj7T}y%WFOfji>_-3P`0bO0Y`T0uOWxHJB0
z?yq&EyUB5HzvQUaAU564Slyp6zJDC`N;|P9=auQo)C$jr_5c6q=j+vz{(G6aS6_F@
z;v2OL+gafs=xFl!X?c9P`KZqx)cT*a8h@X#=WazLIS<wVwieweeKL>1JZmsvT*|#%
zf)#^RgE0iCOR#dV9<YlYSR8B#><iLgxFlXZSlu5I`h89lYXK{HC}BM8h}Q|WJe07{
z-i#5q4=nQV3-5mw@K}OJ;UfwCZ8pFDVvU1?u5pm_)qLzyGyi43roQ3%a-QXqa#n-2
zfH}vEI<RK2e@G<K)?>yNd(04h-A<g?Fm)zzJo?U|`#<K@b6y=Myrv{QcwO(}<<{32
z%P#for?6%2S@0X?-SB$36ezXcTsFgX>r(8o4e~uh(O32GY5PmUxLgd*R6Z$ZM79R_
z<76T#dVC0eeG>`oM}ptx&?ZZbE8A^`@KM6siMv95-f+13tb@Fe1)RKpVCzT&r{*1>
zrh5*M6<I$Q=7hiSy9o)Oa;*Kd4B8Y?=$iuc`xN6t0m*ceX4@X>UHXQW2buHecTDzM
z%bY+2$M}sAziA<1zx!y<EwI7G7)rX*`#nR{2GJ)KRq)8!Lfs}3#w{`i_?6S+Gewd4
zbPoK;q425U^(`TGc5<LqQ%K5F5AWDg!gx~318>y_!u9D^C%DbJAvngboA`<S38T}D
zPkGGp<GE*Nw;H0zcr=73Ci(Ca>p^604j$zP6UJ3Z9?o?NHC1*_LW=^*BV(lK(&7j3
zmn|oZZ;72^*AM;5nhb|7vli)8rREbYmtP%pWB<Yi=U(WrIr^0n=TZ2!5#Ido#G3Yo
z$DkXAZvH<BBVWqr(HYEgLrJ~yp%hyP&qPRcMdt6AH$0!v`)WKqlJucAcRx`=<+8YP
z;8g{$awDProiuQ0T1u&H;(EfOp~W?oQS?tQbUl$p<KzDG443}70Lf1AAfSJw+b+Rp
z^d*b-*eF=W@39B7+*mHyGMI$RCI1V-mK<0fSSeTn>>-Jy<j+2P#oo6>(rKHB*E2F{
ze8!CDH%Dhkcj;o8q)WOz&{m(YXpe;=D_g+E;rFb`4?E48>jb{fA#Jk+UDIQeMzP2)
zZ4(|>_Cr*{vIgmIkMnMV$dQC;QzI(!Q9xMj6O+bw{B?q)?d(F^0;Z_ytlS28<-Tgs
zo}WhH-wKuk_7CoDy%0){jZzPN#2F*bjS`1T>S1UQJ#p&dn$F&q@*IM09J(W&V~I{H
zdk}u`Qs;-zua$2h6xwg9vcB+@_MOUe1MzcDTU(w*fAm4u51r@}tv{0IgGv325?-0N
zsQWO_g3W-Xy=Kw=-nis<8LSbkh5O`~VxLzR`n1FS6(dUiADDj=zb_eI>rd7F4}aFB
zl7D!V{r93id&$->=u9=^vGzCo(cJ+^Ptxy!ws&kYRe!7W>l|Ymi{UOqNU7gCsjqo>
zjQ@So{stwwmq6zD`p8`MK|-l7`Q^}=C;n&A^{!a~*f`jCk0yex^Ocq%#o`nn&7HpI
z7w9p)0bV6<Tr{@9N_f$C)#d<MjDASXAXL89-VVu65AhEX{}hSOC9<#uEaOf7vLNz3
zL3j?~w+Mk<-zmPhYPUYe`t!_{CH?#%^f|n&^rhdGfK`Fr>Ef^2(>`A~gjI#!SE>%D
zWQNE=J#>B0y)>N%yB?vVE$!j+mkv5r75X~_ebBbQIhhYB=MY#O?Rv3`pWQCrJ(+l^
zeM}Yj2(PS%=|Av4Qk@{>tcKSBysEiR*1uIw?JM#7_LI<dKsy0#o~uk2t+`V#l%7&a
z+0c$bJ6g2p+Q%zA=fRi3*P0*Ung2&*?k$V@`|PwC>v?K#a11;fd;@V9FVwf13%RWV
zF9-j;<X_7kVxY95vRmbJu_!{Xf->}8?pA1e-nwX9VwPFIgREAKv-kiTscO0JC*IWC
z7WFq#KtG_u)DerSUyKo+2nd%pULriLcu~LWV9TE^FP``OQH4I@BAeHQSL_kS%NL1P
zE4<3yzG&=owYi-y&wi^gCXR2$)Heyo;Z=^lJcm5eF6P?%CzS6^WMP@`)+dv;gL97H
zu=W1r)(z+rXp4riQ{T0y_vKQ5oD8noMsz|2VcAbj8aHttB=e!G9b$`4$R}zGbS1IH
zRjmp46E{KJGbIgVPWGvbjv4{a*|6wZ6P^Og275;0lFOCWgfsty9Zg)PEDPT}@U*iR
z?R^UQJQjl$oU^+8))04!xZeCWf@hSv^V<d%0b5Oew-9%LxX%1a-x~u@fDdq=?0X1-
zIc41J=y|AI)n_suML%p@G`=k~)RW$r7`j6QM#h?a!Z)3}sJ}x(_-1iMnP;#_9hDK@
zNcagt&m~wjSPR(yC`4m*U^VYf+SwwD&0uk`wdy4)>manv&>kgy#?~{*vQB%-D!Ob*
z(mUVX9+HpDKa*eZk8mF(yPkDfsXnC#%b@Lr_IRPCek}bM2k!=Vwvp6L1Ng)x<Xhr%
zN#AJ&Tc*#B2tZjJ_I%*lh431Jt_xmP-HUxU4pwsMqP?aoTXSVwFHGsIG0v|s?}#h)
zm_ee4h(F+|$2RjUi|~)!`nn975@=dJylC9ceX_n%?2EWthossUB3~`=s=j>DI7@gb
z`O;eb3ItHXdkAkNT=J^JueRk+@-j?#E8*66B2?X}y?q=`3O}>hk2@Zm+x)cimq=2d
z*^i;$u1LzLVEJIJVAdLG46FpK;mSq(+iXr9>Ry)!J(XfqK`;4kf=A_N7L6}*pR7Y`
zoHx&b+2q!je*QV(H3F{=c-6UhrL@O|hiebvmGc+uOL!e=+m^tq241mS7me@u<Vz-v
z_VP`rC8e6mq3MRc3;J(_d7v%rdbZZeJ-(>IfQe^Qh%pfsOYlqFj=qTm@bj!!W(Mr%
zn4+%;ztYF~bLXPb9>lNBy>=T7;MZp6uN{6BU%;Q>U*44cg>3=lmC1w1?hO1!zi7$@
z6)t&R1}nIG(HJF7pE^zP!Cn~PqZA*kq)|4C{%cF>Gr_9CdK{Sa<2tZzuy=DW>FPBO
zUis!xXxa!LBV5f5cov#&u&FOGx8`2=eSMaab#BuT;aOi^G=6G^d*s7w&o%p-O)-^z
z))UN6;Pocqb%FklN*-7jn0w8SKC0e#(0w%g5~nSWQ3JV@Cl2ir{**ZP*eY@95A|S8
z_nLEbJ!U!P($4;ny60NPiGJwQ+86C{LYLQ_AHJZ@bSkQXWZos?-aK?=51QkI(y_XJ
zBY#ESz*U*?`6!E<bvvsJd4$&yehfUM{-s>SV2zYZ;#gQYSjNMPt~HQ2ST@)?iN__h
z^<eQoCNYu67O;}xMPs`Rh<<&1%H4;mg7$17&v~#IhhHc8v%Vj`nKzfkN)3H&eMSZU
zMB>Vbm-aX6^Dm3WH-q|t`@Ol+fNoG1gH<`aTAo0!&?j7Fz)FxwXwvU~Ub<V+G4Mbl
zb<+lq(x;MRxsrdd3b0EF7rvYIhxxLYAF2K^M0gwF7u(_N)ghjQ3(pzCM+p~oB9~yx
zU?UDp>LPQDaTKgyBBi#0w;u((z7bRQP!+sN#uxQD_sm>Ex313+*{=i7erD0QM$+)e
zzGEP8Zs<pPm6@g5s}K58=+(DfQ}ZapiPHzk%Bb%gN%<fT!K>_9cfDl&9sUkX?7}>-
z7+AF{&+akWZyqml9f!6C+DC)r3j@oU;r|H`FwwL5@au!$7{1#p&Aede(9PBU7U!b7
zYU2sw4*X-$ngd3q-4kF-U?OkQ#)3tj#E#yc^r;Az16DG-Xuqp0X%~Q%fhpas?Nc-D
z)P2}h#N9;P<DipEcy0o#1+#oe(odVf>cJk8NSdc;RoSoO@}2h(FL!Ry{w6$cOA`CK
z<lpGKO(Tz~i&TkzR5CLIZ6CCCX1`=_YZznreI`L$81qaUh;3n1zA_ct!XL8l-mC7k
zom}`7_BKBEJIwr|U`b4}tlSzmx~3a3UG5ra+IA)TbP==-V3~VOdsX)X_$U{kUe|ll
z#Yu*8Rfm1h<?Tz(Go)UJz@lI$a4&5teR&+Lmwdj>-zM?;#9rlVlE6p!=Z!P|lGo$8
zmrL?r3|8{|;+npZCHbm@ZU{QdPwpA3y*`d71Nv{B@Y({e;k3QRWkGh5`~BF*0=iaQ
zcx61zd@TIp@T!DY;;6mGLGL)A?Nx8x*9DYO<*N%`-5E#DD~B@9!z(9iuTjjs9!Idg
zxRo&`1BXKiVXwEtl4mT74CE7ji176i&Lvn0Sj)@yy1s`}0oI(m*Y4wm#H#^o0~-}W
ztB>pRaPCy|F|FZmw(f;@2Q&q*+-vI}!Fs`p9hm6XL9kM=*PqOT-+18BuMGi}E&5gJ
zC5y$hyrR9%b0V<K+`9fow`rvYC&^zqw99YbYk!Me<SGu<{*Jx29paI9@0j|m|8Nyk
zeXbW?Iq3dh!Z$f~y7LzLzB_Z0hZ*Ri@1*Vg<<XmmnV>ufufhrDtK`A5s}571zpTWo
z5nefenbh9{Ol>=Fz8(wWl~2Bg;Z?F>uO92*r4LZy(;D1sUzYX{OFJzQH%{D>xR)!N
zUj~bgxo4a7*ua=8s$WFGE5Xl{x})dbEF9x<CZz5IF~aN5*{jE6qSWxK1RDi=LTD^`
zS7TcEP3e}9pY1+a%X!FF(7p2vEh+OB(ka`x_pm-wi91K!iE|GhSLz~r5<Oi;nYnlR
zR|~*9z$v=Agl`P29gJ?M`rk_a)lI}Ld-q<KFHF*F25$mCQ+PQ1xt-uW;Lh~=z`DU!
zlimbztIl_)r`jL94g4ZWk4vzOt;`n~FV7Hw_7^M{tn30aedI{6La<V>)6IBN2c=+f
zuxi0{dz*HV`%DMX!F9xKC+;Z{7oJEZe{~*O3G1-J2$uA^z`DUMl=xhdUO(6rnA+<B
zwPgd|8Il9eu}8#&A)e4r5qIXoy@o7#$R+ekU}??Bf=tRR`K%M0E8G{c<kNf)J32*r
zpWkcrI%Qeu?r_+aWi()NcQveGTLoRgU3-oDxcAY^p1#eQPPeYFIQxa2=~NbUrjyty
zQ{<zPd=xqJukA~Fqb6N3X>39xbUDxAzi8cSoNzP`)Tp-eth0To>4l>#15MeBUGOg<
zY6Wzq_aX~sdRjlCqm^lAu5pLoobJ}r`d!c{^li{*|9J0;?_Km0Cq^7G?c|bn9tO*N
zbkcaA0O%>fCcyHECvqp3U<t4yFeQH`7TKoxrAs8PTz)xVCB#d}yoEj)ZVic~R<Nxp
zL&A#*-*Vqx<G+Q7aE@tK!K~A%HKHoQNBZ^}=j!m7y!|CIDS4?UEbZsmAttR<hb6CV
zgysDr+2^G#y1}AgtrFjoSFKOu4jD`yR7f<D^9kr0`uFN}VK*IXXVOnFJcuXtk}-{a
z@yleoLZ1uP1NK~My4a;j`a<HC5qH!5dyV&U@74kS-<Gc<S|c<q(A*fdY0SA#7@N@K
zFT&aBcnBIC*e7FB(6>Hm-8)Aa-TtK6{+nbuyGS}RgWQ2#6Y}OGbdG~jXx#A-l#SKk
zA$za5Gkc!<GAl9NK0V~IdW+lE+yYh$CS!<P(vG8G^$tvI#2K(Au#FKObYIr~Hp_pU
zaL>V?3h<{UkOSdYv>kqfdyUshyQT6=*}p#+F!2zbA^e)*7k_B4krtFc&;I?sfcy=b
z{Knvy^$2nsls}J6To=GkY+}h@-VWx^kM1?@4dU13uD^HyKdZd;@Jsx4ukn)?fnOQ<
z8-icOlY5P}AbxHiUNj(kbyC)>S^CG**nvU3n%rg03Sib`)?HlqP3$#(5!AL#?)}0W
zeJA4Vqa{C*zdrayo@0FQ&tJ+Oq?sVuqpu6Uv^nYjdyT@N{Pns0u2TW!?KAmRz;9+2
z+a!peXRXHnI3w9Ntn=3ezoFgOFG1z?tgQsCg;;AV3HTK)?KK_|UFX+#J?$G0s6T06
z(KoT3*hdHU8o4~nC0Hd`{Q2ZOP_SCC^4ION=gRqDjbI&T>@)7--X7OTUz}g|i#7yF
z+#cc{T18wLo5zS-Sh&x48~0Mi%^~)EIM(Wy2(Ng{KI2pg=aT$o>|*>Y-e;Vq5RK)6
z4TD7;SRq*6nfq*CP#$5WU|D7Rj9Vq1%l_r1QFBm|G&T`$;F5hVpI{SMKbYlPlKi)W
zbzQbk+t@1qSJ?TF65cQ2SMJm2bgFR9l;D4<I<6`$P2!9bXM{NCbFb@wZ^k&{NPZ3x
zXW&!&>@$%C%i0b9ukCZaFP{e%|K2|1b;66QkY6!aBUqOJlv&${;(pfdyDG~%RK5*;
zj`}8Oh6j^-ZZ@o9zpk=>psRauZReVc%uGPnKpt-rS-113GZ_AO$liP<<<6L={eS2#
zcP?1RZ<8`Bwp$@s-tYJ6`GB166aJwx-l_>JCv0GFpTY3s*S9=2f9SV<^ZAv&iPj7M
zvIqAWB6D&{z6Zf-z{LF{SCrov*x+L;%f~Wt=83bCeB|ySy~mT~m-Gt3`oS!lL((e+
z8y(wcpToR4bdx2oNE|wXIJLw%M4SgjPk?H9k+!&#_ac&SEreUJ{8S%8TBG`dtV}S}
znpQ77TAtju;+ffnupc8{+xR|v9Y=P<gbs6Vd&UCx?$fKMkv1rSrUx3CPTKlQ&#lIs
z{l12H@n`ng^LVMp2C!<d*9t9{$W|*@1DJPitn?pYjf9DuxphpVl@#@*WnzrDT_-Hr
zGEof499S=yV{K06=&Jr@{*kP6OkTVGX@6+*{z?0uxD>oE&%Nd}7~o>85Sgii*V0K#
z`un0XZ({ql)JF?=`OB8<I;sNe1S<nm&VQ9B_V??#H?P~+^MgW%%^i4;Bq^!OfUoG-
zWq5a<ycBq@O-_RO9pO$NSpnEESPk@Q&PU!0<rX}ev$X0n|FfWJfM(MJle+!!w@5v=
zg7p+E=`};Guk3Yk$J*c(hugm*<r{}r!5fx*_p22WzD#%t;j)x&%dYlGf6l5Z+#0q|
zx}0bQi}d5SEg4}`pDO*W<o$Y!<ZQQB&pb+uF@S(DXG+?QAbD(rU;f*djH^W_h%9vL
zIW$vg)kd9!H@suXxK@YP$vJOmg*whFRx-1N@ZonRWk$+13RZdMlChtAyIi_Y{=-V0
zyx6lVp^5CJ{mxo4ek$eCx=H)It<Bis?}n_c1fq+wh*k{E#Bbf_3YCN9Y)PJ}D!k)h
z^&6H9vgOUs(|-ApdTECycJ`9--$FxvHp{28P5VW{`w6cg{9HTy7FYNf;Z1};A>mT5
zybdU?3&d6VXqE`CyKqVGt+x7=s-s&SS#tC$$7c^pU|F<}a#bwZ@8c!qfb~e-%c$be
zV~z*AzNPN!p^v?9Nq-xR=QzI>uxhYY?xo$d-$?J>5~qN@N9qNBOHg#+JZZF$#wD&a
z-0KH^Ya7xx^Ow+{(Ec#U4j+uT*0JyMohN90S`V+R4=fo2tK`)gz)NId5MIqy$b#-8
z@z7Rj>v-sL+B!z~6yg0BFX{Q0tF6Q99llQM&_CT%ZTE@Rm3efg!Y?fazH?Jbc=XFl
z#!E?0E*TrEz&hKP45>T2A1eKFizOB+UK8=UzrJ!j;n739O+Q&Oz9#(aK8k#3ABNYq
zy4KIOB9iiLF2QRMUTwll%bGbB-XkX<$nZx!xWDTza$9f!eRQ9xZ^(mSF|c~D(}fp$
zypVsDU~OPyf?0L0b?X<b!aH?qHqlz3Dd}5stpNz$1zrQbL3q)Z<?L}ucL2N-{3OA-
z1RDYCabTrjQ(*mItE{)%{pwBfk$({X>d%(+ctzRS{jAcAf#-o|5JxVtV=BR-V6PT^
z%8GV4H$-eLOLc@b4=m|<7JT$Nm0p{Yc5V}X_fHxRAI(E*JA2p1zv=sm5o3h#nt)f&
z?<S4ytK;?CAYM|p`OEbG2bPQzq@Qugcvu29@H@)x8aHg2O!)@4@B8!SH@GE@R`?Bn
zZ@;~dS^9Su*wFv(H{Qs-9t&7uGRJ~Kph3dh`}Z5TfE==%-2eTMYaUjp<sX`gU+%Zh
z%u@QhLQT7Qn^;x4j2HHDo4kW5^;z(L*pbj(A$5@2Hl98xXT%jF=BhrTN}rqSGDVO#
zz$^3q{cCz>QRw=h>xOQGd%JJxya(<P7rHs<N(R<W7yTFW3Fsb3P4BLtx{~y&psW7%
z+RN7l-4b*xS$oSD_)e>&Hw<0pZ}#hTK}+Z8dRg&XTxtJCe?7FexwWKM3|;2X+V<)T
zT^)4Y(5<z6J<yduymq=N=$4>cOZ!Q`%Q=L+Q=eyXFS3qmmu-hif^&e13GaMhztJn<
za#-NSGVZpe3vDG~g}>Xc&*PV{P?ZiOOla!~Py79T{Vu75W8Mj^gtZaYPS}0iE53Zl
z!wTyqEPrsnalaMD78NUOn6MGTy!jEHGlaz-^ruVv5BBe0_FHF^#?-q^F`ds`!is&u
zL{}9Pwuvz3_)`wn0CtSzk1Lm79IXF|{l+^4pdL4e@Ku@mD+bg=c>PnPFFMqcTV;#N
zH`g83<QD4zHDjBmdfXd=N7K{$UGKAxgEfLV^EVIH;)o~uGwpfCBe1{8y=vz;zJgxW
z(AZIImBr%cM!z|t(<_2zaL0aa4?!k;%D^VTR?DXZnnq|^X7{`2Ds`fV9s3FElB-_~
zYie(wSSK?6Y=J&!!E9G$v|zfRY4g##NrRa$u(?hrNPYi==xSWZG?1^w{d#^&T`(?)
zT_msM>UA)x0;@<L_o=ESs>X#<=weIAv;Vl@9kZ|V9TzB^*o|%Q>fUe4i<SqKhr2`e
z98;w^K)g){_UrwS!Dau+;mR(u97#)0i~rj#D>-0Wp5Jf3pD*zWz-s@H{FaBbdkkzS
z<A6TPQpryR^7CO+Y$~i5ju=e!;3qWo&}1ERz-Z)N%bd_yZzQGCNZLKnG@f|C_MZ#3
z1*`?^DB;5;eSH+H8SE4R$d9$ZBA>^3Gk&#%x$3qt*}0-x#&gmsKYU&;ak(VD0<d9E
z9%5ki*~xr~olptZ1h!cSgWKkc!?lg@>VntMi@;0rKM${rlMc9aLRu(2ZR}+SZ2!B&
z%LW?-Gfh2J_I$7rFsD8#0UP&V6<{+StOl$Czqj;R?BTei(E!#8rrH8b%GwGx4DDYe
zUU0pwN~Xu*m3zto+m@8RH4irMiUWt8lVyj~)4HN7$CEOY5U(NcfW6-@8>|AX{S60P
z^O$1rTJSC4mh9>Iy?gHMw})J4yP=(e_SG)^V$qssup5pYB}z9Hs(o!!(2f-zaLu12
zpUdExZ#>{wW6?66#mB5?E_cg)9$4KK2kh}h+OZfcxA}naoxnM~dtLMQ0ZMNWda276
z_#OJ3TfREMGFseNA6T{r8v=`ZuyL>g4>k{043<H9q8lXLG&V98fm!oc!Lq?BewFOg
zg5`r%4<|9H!xFGsuyx!EzjMqvVI_Ft@npX939bb@1oo5}S0Ci2*QC^*!mJRZ8fg>W
zPTaJ=x@Aas^n&MuKV$M(X|LTlaVLnoLE<{*%?a@Azq$K+gqLTtz?}U(2P_lJ>hHO*
zDFDj>`-Yi5N}Fwx6r5-Il@s1UxTTLJ&vCG!Cl45<rtGS<h%lc9)pkYU2hDLo__q?b
zXX1e4952pV=QA{jv$Can2_Gi>&BT@Z-W<Bt4wv*t2%jTdwFl2Jep6s$lLrFc(RBFL
zLO*lAl0$2VzeM=v@nM{%t;x1811kn=1#`?h{cMki52xdWe>1!ar`-HIz&f8hpwGDp
z)`fh#MI~$dYzk2ePDJ?6z^iR{vR(vR1}m9AV7#4sxui^)8R=<N_;d%wfTezIAEdQ!
z-Mx?EtH=1wZ?R+IkXONLe*b~sJ@B4AD3AK;hjW<~l=`Kj+GPuA)E;%vmQg9!C|J$W
z2VHi;3|O59TL$aQIB2gC32o*v$e#y`f;DFzv}H=-6@gV`xzi{ED>(6>?FWhyuNo{L
z><U}<>p1f9QZ4(03$G^Pl%9If9;c+wv<rW*?{RP1DdxIQ$hkJ5?43d4_D2ue`<^#r
zJ4=@oJ`;px6dknR=~sS^LS@f3D}%=zCnO&k$D-fflB`RyrE<Y)!Or1c_czU3;ujOv
z`<`Tc!OFpwuXbZ`ut=>Ns|U;SU@c&|9;_2A-+@V<`oN07WL(sF(wbDtJ3?3$VZS%S
zl&<-NrD<4{HFb{gStjm$0H5sR$lu4z`ll`(_4avZy$PQfaodUOm!E3F23E<Zg}5cx
z`19!|EKZn`hr{G&l(;hieC7$uxOR2*lf#FUJBjO8t|Gz)3HyQ6v$mrx`E>esm3+pD
zTe``gPa|QqgdL8Lv~3S@%Rg~Y?~B#?FzK^qMy8+)<dV2!#H}OlRx^LL9&^tNA9HI;
z#(3gq9Z!4K9W*MFw8?Zh&ecjs<h_Kr!^AyN;&KUA0X7EqUkcH4;~KC8*n0)j^<~cK
z{P%_mpAKj;KY7qK|LO&6x&ENN_n?q?gJA7oS0#B{ZDGF;sLl&8T?s|RTY_d3n#)ZZ
z>L*!7`?Gn>bP;@Kc?)=fB){RHeV&Jm*)gz4<3ZoGI<a-*gl7|uy7e1VJU-Kq@Aqbd
z_Jm0KgYX}Me;M~$AKYg9S0sFj@Fl{fu5@_v+z1IzdkOQmTMzoK6H9oM@W}1K;W5Hz
zK6}u9pB<YhW@SL=<Ai5#_OBlaZz8<?&V%~9IrQz#95-b7heQs#2rvCyvdyKO{a_Vf
z$_`TvL^IJ?`6A!eF>0T7%m=V#{LYL}<<FvgUpN?OQ$-2S`(ko@k~|fGwSk??y<CEo
zflYkLJx*4G<$U>|>z%PWu=;xs+CH)<w9R03?FWqt?sXeASam>+X#PFK$^Dvp9N7Yv
z4|crJaY;T#!J5C}?vpcMZJln~Ww1`Lu%gtonJjK}IO0iPiGp>5wMjf(*U7#TuvS(`
z)GFu>LATmIFM6vLnw)PPG`^lpE45wmW|0A<(!>uYzN;AVhoRl_?SsZW($BPx!Rl9Q
z8ed8}H!3&*##96>YUq<u6q5>BE6Y5Q@uBOW@%Ch2HOq<z>|Uh{wAU-N(edyh$Gx^A
zE8!D6c+j{j$w!%_{%e)tPx+dD<VV`G3tpxFO3GCftRJlKKL_n^DKQH`PLgwx7;(ml
zll%NZqcp^WRUg`~`i*p}4p^nPU8%BSZyz77*Kl(=gd#s}S-(5u;=$fEvl???UrM}D
z;^jzr(Z1oArmOY7Djws6jioOeH#yry<-_zTQvH(j-z|ooJUR1cZz6!N=z%TpUJflA
zKThHODF-)uF&oa#`_R9vNTLTava$an%LdB@YQ8AvB*>l#UiVOQuYAHw)-4+!(PgaA
z9|f)8tilX6Zk7?=c+|2{E*;8MSK$p|D<Og;t$N~i9kZ;@-&X4b^mlROo8kOROaDwo
z`TNt-8?ui6=4+}#X|H%i=Fu4vLHddKaz@!_f(s)p@|`{ZF-T93VH~NvPWE)Mj{OJ6
z@WpmwnG>q^;D0-7qHhq|&)KwEKIu%jq8zT{|4o?_@@Y|8*fYt(KQ8&&!msD|lj^&#
zk*hUthEVB4__S-STCiQns^>+ujj#-DC;qTU_#b(jO{>12DEooGZBbJesV7OVfSWS*
zh2AYRueE8+^l+$}GP=?7S(^#QiC+tC3F}@_`bXqwXFa&bk?T{`jq@w6FqBUb@}+}(
zr&40D5g*YAX)LqWC3b7%Z}V0=rRcPJH#Mzrts8+~1w3-eYZYr*Y~@Rf+~eez;`6`F
zZQH>hrO67@gl8Q*Wqs^Q@*26+$<tjAp?P<fd@~8ZdVWLj%z9+fXqCEsLom-;H%n^L
zbGjG^$E<m)Hv9%pb;}qaWhtTW<^O5Y_`*@7dvJGPeTQe)xtRtOrUahyPDKspsElzR
zxiGjap$<1oYFx>vd}}5$I;qYsiJYqGlYQb7mWa|PtXl+$w4^+l5#$_N+;(XZ!&#n`
z_I_lw?Hz~b5<E{9o_}-lbhmevyExQP=zcdOCDi?}AD&a3i!9$xi+t1ONkLTiRr)A=
zL%KsDZB(7O2KofFGk=>@-xrTO0xct%Jzw$P+jEVdLnO#X79W=M#VQowCeD_dk@mQ4
zHR*(>d|!Rw1F52Wdf=BiK51OXedIc4nYI4q<w~WMWx>pzMo=R{I|FSOw4W8)3pH(0
zCPMbS#jCfZzM{zX60~e>p>M6G9IXEp(|m}GQu2~5teBPROJuKwbUL4&G`c07f9`Vh
zr4-roXcm86BYB^I=Q2EhAUyAf=V9CWmbGSGjd7*y_o?GsVBe8+u1(FmdyKmzMK`WA
z#&yBFAKuNv`wg16qwSa>t3oj>ApGXN^k~r~6VNX6jma6IHFi46PZi20N9%jCKXUXm
zWpV0#Yq=T7-PTFt6zRK<LvN4!QX)O<|J5aKan>wZkAp5THL3QXMt-c*72`M*`jP1p
zs;~}wsgSmBCVt&E&M=LT&OOe2Dj{MhDNZ?q?FQdHiu%1?;W-Y^&K;A+o00v<=X`mp
zWBQ$E0lhTfU9eH~jPNYLPg^{X?l^7*o}Txk9tv>U%KK5mvk9JK2Pciw_#gRmKt2cE
zYde?w8t@y|529;?=NP>D(zY6xX2SEI0X#k5&A30H>{IZJ!ZZI^_75Dt)i_S{*-f?_
zVohd>v8Cda6Q?$7t1&Nn`DRC)#BnN)<gJc4MK9fI>}F9RavO0{`y@P%ckOMx?{$9N
z5(AcrXdyg@;5l{fR^!tcXqHaDGjz`JM^z@-gm=Cki*`fiQCYf<mZdzOnlfTcIwSu+
z<e!hJbx8)if_`1VcZH{rv0Cy`j$G9KXv%o?_u=^x!=I=1t($>3-+pUK=T8@Z2EXTi
z&GGp!`4^dZdM+|RS_Kz8XPhGPeOAWvX5X~!YW1;adlPfGHJqY#^!MLHPehQDXw`E@
zO#1mb@Uq*)8l%lMPds?&7CjeMdP3VlrO;P=<T)cx+Wn<YdPo0tzvma~^Dkc$Sx{}-
z0nh54&lyGNu*lY<Ri0AX^v~<;HkEO11e)5!bH+v~)6sUFkY%l`sshGHk)aG^DRbX*
z#uNOHJQb8)rk$SDTM2Ooj^3uuI*9CsM(amyZ;QgSjvqKS-BEFBQlQR+Y=nL}XPa^F
zS)}=Uou<bYp&5^I%3zg$wM`vWD&?2_RBbapEbVyQF^>G`G1RrMJ)D;ABNDN4_++oA
zKV7oT7~($iY(RUu-ofD;B|c-m?BlF~M-BX%uHI%`Df02n)$j|?2dKCT-!GH%wN~*R
zjgU^xb=!=0N%_xnw!bunHVfCKy9O*Z{zP7a{C;wqaiiq#^nm<zxjX3TzQ)>y^<AVL
zBQI6(Y`tNd`sPj~Z0E(24SItm9G^%L4(SBKqZ1xIU)pAzg&h-l+#_F{ZxOM1{3d0B
z(Z^USbw34<rLS)@-Y0b;JnX*h=$o!{yKeMv%6RBuzkqYs$Cd6YL$8i}XPfbWj1Qml
zO$WX1dbc@L=FhM#6uv8<cH2VI&-+D(e{Y-a=O3}_#qQ@$H=)xOmikCQI|J<?_mMaF
z=F{sVzuiBZG2ew!vHvUJU3CKfiSBL2Eh1A-9pzu|Zk-rDIiS=c55lt-p5s5<W|Roe
z?*#DdbIa-0fR5B>@=RkfW#~uSjJL`-a<wl{@3)#lfAp&m%nw+qd{)9U+PBU4E}Oz4
z=LPU=I@+n%!p$%9XWE4Rmv-xcXXB&Wv@QRN)wJ8%ZF#BVtd~+Bq%+P&w8-NDd2e&Q
zdlQ=S&w3kOQ0qT<R?L`rzv2I%yh|O8kWL5b3~?WM?P}6t?&qVoSDLHI_)wJ1pY7X>
zO`=nt^{peBAUI6x(DQ!j;Koxvi)Q#mcWhJVsYdRDpFPjeO8e@7aa-DJ5ZY2`7o<<z
zX47gt%QVzhk-RpYG+r2knKpX9l1gmdUfFEInVQ>XoJ0dg-sxLDkB$ic$G7XQP?6GJ
zjil2tzfJohPF+npp*8y=q>g4tC%R{wu_(Ivsdaw3NSTYy1{?BkuqmsL7r%`0ZSOYY
zCsOY}_T{OZF{|L&Bs`@)TH!gjv`zajZ}a8psrS$L<#L5u*ZOIRbPD&I>AabAY`aa{
zNe+j!=Um)iUqcy-bG-+)85c>P_;<vwj>QOZR>!!1<|_iml?wHJ?LN{e`qwt~U8cw{
zNXL_RNhE3ZpXO)dskNtN_*DOUn^7bAz4>r_qP~1YwqiNV-w$mwekFX)@h!J^{0N^N
zFeVMcLwL5sGc9e}_@MB7i7(HT^U_ZU;3;bu!gCIund#HUSt75GhyB{e`~Fn;=>VRi
z@Ra#p31h@^XxgX|o_7WC^qjwPcL2|((9Qnh&=gYn?;)-E<EM@3+ez!JfV8IE^X6mE
z^<&Ark9mUB$su^Q+%s+5BV+%0%okE^L%yWxw%I=5&oV(3s6Jf5m_O7$t;ZmlgQW8G
z^x?ISL82=LNT=W{)7l>Ry|2ygNoVc$fQ)s~SFpxFIvYiI-msc<!fn1|0e)Pm^E%<z
zF>QQF#+EC6`O#lobsnAx@O2GR>B4geo`ap!M(9=Wd~*QLDL2pl6a5=<3Z9Md%*n-n
z_?v0<PG#f<-*)uoGt_lP+BIk3h8$)UbChp`j`N%1w2eXkFZp6IhC<C}q+N7ITJ;%e
z?>QswiZjwSo<Z7DrVi3?-7;+qifkSokiMsHogZ*UJzYrI8T0VWd1zYgdx#vQo;-F2
zA0<(U*M~0o$$usC2JKtLAMr>)9XGlCbT=R6U&l?zk{bWv+4AVL_O0LR%hMynFU+?-
zLpp7Lo>uQiL@u(+ZTpIn14ih*4zIm7l5hd3h-TG@ktB1lVq|Rup6};Aa-8Ow^h*b?
zz2*_W9@@H*X?3n{<XLT}%1b*TK3*ql1#D?mGSEr9jK}DE(pMhxwP#b#-|7zND_v$^
zNx(DvuhYhu^yhm6c#gW~P_Y1>G7gArl%C4^%HOAr$_?<mHh^d16zAX{e(D|mvXMZq
zDfx%z{L5yHXC$Bdd}V{hcelKi1?1C`w|RIroHC>3&7bFsB5##Z_6y|BXnFg^iz9D6
z@XUPWjFz`+S1)fePR~GF2<;_Om+$ng%arwnzxyijbJzFz?~hgs57KTGuV%kQbjB!^
zHG<gySr~Qe;+GujFALVXLpMC5r_UI7OFuXmz%${N*`Ef;LIRnUacvo%BX5{7-b}xU
z?DOU6eUI+Z0Mn&T%3XFE{*E`!7|*lr68W<)zZ5(0#ti>*TXtY4JR9CQW1P<%FLGZ1
z&rx?DXb#Avtcy!N6Y%VR-;8mJthc<>R~GQBx!b2dAfJ8Ioz!LNf8pP}WX71IZX+lA
z^7PpL;V%SaQ~4v?;Wzr>8RK*K?p7;9SFZQ3OOYYT;~YFQKR#n*QxBGZ+v98Y%-O>O
zzFmMxyX<8tMv+fkH)AY{pX7T1ZPVoPlZ4MqKO^nq{~vAV17~GX{r|hqy$T89nk1y8
zTk=gxTDQcYq`blkD66iz$||IbkYb{&f`W>=1tBTQrkJRdt5Wh!$~7q|DOaK78>CxO
zQlf6UunR15*}tUZ{N88gxz9e&b7$72@At>6n|J5V`OKL!=bSlnW}bNp6VnS5XB8%H
zEKGR6;&X9f;+utu<Y)QKE8%l4pG*1F@*yUeQ<ylPZx`^HM76u5+8unp&F6LszD9wN
z)$yq+ObBHKA7Y9L{O3_VTM84i3lmotCa&iXL4SbHD}2u5!!O>;g^6o)L*<2u$^898
z&1EUy;1Pc1TPvT(3wiV9;uQN%yhgq%CFEoDua20wD&>_GCeGHNQwtL_v;VuTFfpSr
zah2u?e!o$exS=pX&C0?AU8JY{k2dN2IfaRN$a>{}F~2NsRKFKl+jEIJ8ys3(CO<8L
zqG#SBKGNG|=5Lzy=%+W253Eh&Kb*xC(Rs7@+{XuD5RdVf$Q52ZI7}`OJlK|iO=|Eq
zOwFGMf(*<d{CTq$x<3Th>0pj=@Sf#!ksfdcK?bKm_kLO-7sandly!V+Q*_t6MYrrt
z)e?crNagdXj0@3~MfP*FluGStUz?KN@jsLY_J}OunZc!F@W*$LZ{O0Y=b?-+Mn@4h
zrHI~q*X!+q6Um>~G^!tqZL8c|L3F)6!MaW^#{Oo2Gv#p~=hctGxy*_q{;L+84No+x
zVX`Oiq%}uEToCnN7xoYr3ubB<^UF^g)r0+ez-)-x@(~Wq2IeTiEC+MN+D7#~^0ukh
z9DGLCmdV<~?Sm<cOYvc=!R))KQ4Qzs)HG|pEIw!b#o=cwM}v0&yyb5-s<%W2r-bnc
zdc)@<o(QE5{qqsh$I+jY^AU~eW8{-k$uNDew-R3?C4c1DXP32{@Kg=vz|KZ<W<zqJ
z!TLGIljY2Y@Kg`|i2aSKpRAiC9~#hyc#7$V>)eB^n*?*{=b1MTFqUEi*H|&*xxVB{
z4#8J}F&xZ!U=IJVQT>hYsguBD<;D6zq%OxVL-)d@H4m$(-(NA`2oFa%c!)jYcDsWI
z$q9)~9sqM~V!Jw3FeNW))`P*iD6(Jb{nNHxs>iJOB<wP8yILoGc_NI%n6Y5W=AgX=
zAwAODz-Iq^A@mjAb|rkJW?O9~N4{Tj^erpjtzfQ5ZrAUAPx(2{kbFbOThn?y*Ox(=
zpW3dzBRmWW`oNx=ZrW^~9v$60m9_{262&s0{kH47b+Wlnc_>DP(X8i8KW9>J74_tP
z)KpvV@_OSOL5Rqzh-T}+oHJm%`jKEh7sEvM{ur7A4AigU(+*8$;C8j4FEmfbXtH;d
z*F=1%byM`r0X1IoE$bqG3_p#xd$Sr(Y--*Y(7)ri>-*hOldL@CtVzloF?}tv5X{YB
zj`|{cB(gZkikXw+yu=~jdLOfZgv^{%wyV0+z*LUBV{PP&LUQXV_MX==XU%|5X6{78
ztnKO!iADQaZ8?X}CM%!gcol_1%yd9xLadS4Fnhb%A6g&i^?$rSGy%*JCnN8<+tpTN
zl#+dlnBUL~o$e(3a@%BH=gYSWtj2lU)gb20)Of4y=gjB7cj!UZUvB}kcK&vik~L^Q
z2WCS=zmrcp);JCR954)Hn|bGU)x^F*>J5i()kI^2_JMXisG+YiHuJ$;TeDsD%Lns9
z7oXAfU8f^PkaKD!VAg|K{EO}8?BN0{W^66yy<q3k+(A~rMQH8djTc=V8^goDWY1X{
z2b1(-=d5(J(BO~tOtAL<5*hXf>xdXu*6+l|WlujlcQP(?HBkrVvX{22e9^_@!8G%z
zesPLSq|M!jLTjj^<=zfW<@)Wauk=Yd#<DJ|ANN}APg1xhmpS1}%;$gDZuY<4wqnNR
ze$e}0BjCT5c80#Z-Ru!Q7__73Dg91B9-X>5d&I|&)zZ*4LpNmOb`!(QhAyyK9aj-K
zWY6OqmlvO<s}Y>&)^N@&&fB!zoXx)~XxqdK_Os&;*hep|@#cfqym`Bl=Sm#@I-ZYP
z=fV@ev|0H3^LF)T@&8@;>Y$HiUsJy*quVdt<XIvbQ4*%d#9)Nof6I1#4`6DO!RpTM
zo|n}sPMaH@nn3*_)c+&2sVBp2$6}x*QRzCi;k9nB0CPW>a|Lr+fXP^!a{=7T>u04o
z{Y;%<eCnYo{_A#qUwY~^Xo!E=#LD9$0G<di(MX0qmQwcsbvOQPyE;?kb&9DQ%ZcR7
zL*IAAT}(HLG?=BQGT&_7u8L$#`vp9k`6m2MB5!Y05a#Hzmi;m?YX81nzfT~w+soRt
z^c$1rbd!$hNs||ter%wA9refSwHEblF@J3R_Q@mcnk4Ht>BrzNGoCHm)ictM6LR`d
z-)%3s=hs9QqK{L+SiWbw`h;L4WAfFp83&-yNB?x`OHp;y##;rcmdPrxX1=#wt>W+0
z%YjT}y(exixU4I?cd(WEEz}<=`!&xwWKthJ-+Qbzl;gro)>6`+;UhVJ)#3N&i5TWV
z^ar&|%mZt6=XQ0Q^yezmA9SzVkMT%dY1WVFwL)6!Y%O%{&@B|1o)+UFJBKhj;am_N
z&2q}eTm&k1kYYopX#aL~kzjV^IrJxj>3v{_l&MbhSq|pte{EOK3+A)E!b}c#@F}3O
z=d_ytTlGHnDm>o}rtxoqKX9G<lRh>>yAE32$H~3o=Og<#`YZU454Nl0CC(b;z>MkG
zC64C-M8|~BYA}}_x<g$d@t_N{COS7?>xc(y@N0tE2xd|L9qMQ7`=^o)KI@{f+f9zR
zqt1`rMtzn2*-!3J>S!>Ja9~zNF^_h{gH>S4_$~o+|0z54dlXWW45q#ZlSg-r=Pt<J
zE>bWxTLPWXZiIIJ2%q+(-qXrlmtt*Gcj^vxm3&u;n7_R;;%}v`5!A04xkKG2_1}os
zza>;Zm?!lFHJ$pE(2n@Z4#m}QoST9+*H_2mB*!7AQeNw2HS1DoXDjV&qa7VvT<B;g
zdPc9&2FLkc$9bd*ty^i5R%=e%q1H((`GNJBhn(ESagJD0oW1DlGB68H-=XFU=F7dq
z9M}V<#BR-CmW<h<M#@}&zXLNOkL3LhcT^!fj`|w&<AfdRhq8}!rxh<J_xDAI?Mn<j
z1I#60&NzREIuCnD-R;0^i1^{;t5(||H=x0_F2<P(|NCic{$%V|WPF~rt(<Y2WNphl
zAT5|BUnd5;e23D{pdQsb%+K|J$&e*#z+8F74wd11>h%w^&!CxjN@jmQZ1*0Ihf|e0
zH`f4t*)*U2`GcdEJ{8Eb8Pk!I*z2Rv=h|ydjJU+1I1(2L<{U87SME^PNNjSA1Cv*#
zhv)F+j@U#$FAU~JFsEF*Lp>{Unq|d|uO%FhQluUBp4Pk<rLlL~(Q()bVR@Q0M(8Zb
zH=-v;+-D~jf|-Ba4)aWS+rMoxj{C%ByRUMeofN;_LOX+J?a+7hrJkZ4vsU)wYVOt0
zV=JeBB9Bt)_;c79#DCC!3!K!gaoX7-S~DM&Q-3D)&z1UD#p^q-3ea=eGH9!yy;Eq%
z$7$s<5Idt{FZIwiUcW;<FSI8bTC=8!t;4R3+l$H3=8s`Lf5Q%a$9$>}^u5scSFQSf
zCb>DYCYugs!JHlH9{x_PH_zJ1H59DLO7iqPex|;RLTsa&x(jdIp)SWKrk=GvmzVRt
z$Lp=_n`dzbg4rnTx4o(F{7F3mCduhy$`4T9oM=+N5n0_&dCqz{d|%;==<>vm$wlVH
zW69s=H5nf@IgF!o3qATMi9Z%XpYJuP3q(Gr8+x6quaLD(^7y>$fcy7etf787*<{YK
zoe;Da#KEp}Y|>T++A?Ubl|Hw9knM9o%R)*^K~|UA{~@Sl)Nk)g{kN%a(}$R^y2z1B
z6kjEC@f<Mg`#0%3el%tv_o$9e%~8?Zdn(f4Z2+&~h$elnb?T9zPbM$Jx-8_AuFCOA
z&`Ur2vZz>hRFisu@2Lf0j3`guq$pFa{Ka%|rhqwNV3X=Ex_p{db}^rvoMTnx9!|82
zU)w-CwS$_}QsKQ%z<V&J-0p40G<G+D^gA(*@g3Zxs{RYw-S6ASH<pt;b%@RTa;}(u
z3T7FY^<QgJgJpi(WbJp34Ik}@-)gW4k>x5dw-q<3(+>mlc?V|nzRaIkLyK_(DjgG?
zKF5?lp84(ECVf}F<~`8OocV2bRF}9s1Xa;W7nqRosnfyCKd(vO3mMhVm~K_{PPb6^
z#9A=dUDl+&Dn4UUOddKHp?#O1TKRL7H$N{bwkU~>HJ3N3GQl}1hGWlZw%AAC<TOjc
zE1TY=o&q}6W!0yc&hxe?>oUf~8#Ul9`(~4RG$rG1#mhObH8N#Kl=E7mpY32)-_~TF
zp|~5&V2oqq(bl{15X=c@;oGX3)X`$=v%;8hy-9A%i>iq=FcQ070p|YiH0k#orcMel
z1H1l)!>+|%whBMrZPM?ANPX}xn_b7wdvTwaWgPU~6qa&%cB`Cr(r0tu0PSesvx#;B
zS(<)JBSFg9J3Fd}%%QHkFJ?&p!5+4#N!@)2GQHc;huAZe-?tjQ-2XD$);+y=5qb5U
z$a?7RCiSM+!9+(}(e)vhDq958!-84bsid9uB~9uc(UY$I_Hl_kCzO21(T+3N6@A=F
zJEOnfq<$g&c`DovIvzgTvNNRP_ys-HaA+a?lz$pL;e9v`W7U1c0)lx>7?ZI!z9JT<
zCyzN;-ld&ov{U(mCUuU;=y*pv(Xn{I(T+2DAu>8ZJLSup)H8aX>avYR&f4yu4&Rbp
z+m)U}ey65M?Gnsadxtr|ah6Ij#Sg3mv;N5@wV3az*TBTay7yu*s=@a4fY3HTJ9HI#
zAhb{9&;~C@i!XX)9EPxX*$VAVGTwJu`x5sdZy%&dXn(wrb~69nq<$|v&N4h&*DSer
zbJ-r@)H2%&=FFcqsfz{kv;Z^kozoq@Q{wr7=P^$_<;U~=0@_~X97Jwq&?i<mskcRc
z_jcO!Dkit&vj?lc;vd)1&e~_1R60dFPdM6%_!8IiBc;jDTm7co;9z3*VSL&A%O;bX
zooH<<Hm_ULmOKSza$WPl8~v*$bv+BT)Dc!ZY%iJvxg+1MUG+)V8IYv*TaC0;@kf6y
zyw%!PY&`z6xv=DX)|0fO=R%Ru|Iu71I<*SyA)A`iHom9&^{Nlo*`(Fed|nK8{sqiW
zw6k2=d7~rlYj}0C@iip0gZH)ZJ-8}U65SFPl!G&6bCbzOJ!^1+y;U8bhU0?X--#vm
zxd!agKQ*aGgvSK|c3|873!aHCVhbMXi%)Eaz83mhg??I2AIFFK7)b;PZPA7JhgX=t
zg?4NXZCEA|TCt;<(9VGNO7ROPLYupm&N=gSwbe10&0>*r9hl4N{dK^g7^aqUWoV0a
zPBi|~>wwBjatc`^NneMQ$$5e%v)|U#p4I0-&aVBoq0p8?yBb>U)1QNuzDn5Pd5is>
zo3ysgD(a1R&DU$cUZ5x0m?ARQdk3x8BKv0HhjuPK2HD?f_=&YczCP-2u5jE*QAZv_
zFh^g+{`OwvBYR*E#$=z}i>-^EjmtRJxpjx)qrj{NbKq6Y<{rGIM!#%x;nYyrrc+Uz
zMCuOPwCY=K^)$Y`oi-|H<5Aj6o#t-i;vB>&(Gv8F5Gqm3BwG*O$@C%BWtDBrzb5Z>
zggg~8uPqb2>zdVWnb&qZ@M@#`AQP=|nLMv`zRe8=&ub+nkw0m9Q>`07TTfZrB2^jH
zi=!RSYe{~q2>#2!th%w;<dVh*@(t|9<E?6XY7qZKeX+I0(6m5vCf`%1<kGloZ6NhG
zK%2O!S>F$yN<xdRiJ#m?d0)z}6wD9kTQDC**SX({jw<U>bQ_u>IGFvnG@Ix6UUt)a
zlcNBrg{GeZ{e)Y6`uh)#UhHcH^lNWxHhXrLTgN88N9Fz4KH61;u-axbU=FQnR+~k)
zPO@U=+=cOy9kU^eS$qk8cww`;UHrOgv-@?@-J$&)Z=)TvI*Yj+%oU59RfS-_;J}Qo
zeZ94IOx^eC^uGnnRd?ZAXe4!q6*CsYU2jK}_j6m9zQ(7QT}nKEce6R8GO0K1xKcpg
zZ(Qxnr$6gxXYf7E>hsc{6MECm#Wpx%Qu_ny{9p|%C5RPyj-JfE8|}+o<EhtMZQ~x3
z=MA>@spCCm`+>E%S^v>a!@bQWmU@(Sj2#F5WM0Uf5Of&VLLfE@9vh&YzO-3g$M@9I
zT-u6I{V?rt>JOR1{08kcLOUy$HheFS)Gwj_R_c$C`jbul?se(~*|17GJ(1sh>Nitg
z%Wow0bK{|y{5<QTLIjw02vGE-k#-W_Z&oLYEhT%?&RiQB&A8OT`?ZZg#!uuj{Tsxa
z_cbd*HO@2ai^bHz9r0Q&;`f$Ozk&L%N&P2GePV!Myl)SU8TZu(Q%QLIg4`ffBI{-_
zXWrjz?#q}3=10o<;P1<jzLs7_d`>&33hyVx`^qe)+cgv4XzEl^e*^WOllm%?)oruZ
zW+Dmp_h;JYm^$c}Eo)X!3jNzX(8q!qnWMx$5|=~wK(k_bg`YL_-8y?kh~G#!Z{j~_
z%YVT9D)zs$hqezQk6aDr(1)5$9(i^c^FPZY%h)%9nRujGZ4*9E2J<7wK6!?9*?~e^
zFAT#nByKCI!2VY>tG^KkrQY3ZYbWPfhO?}BhjBc@Xtg!+wdOvYwX{`IgRkjFTTeOK
zs*awMTi(ZJr997zUy!)1|5VmHPc^GCp8#`~!HnNI>MaVc0M)jghGyl9&5G?9a+PuY
znH<s|a^=*ir2d-LH`PC7EItVHO-#lL<k0M;%*kY4NaOWNP1XqFAJ%|TMVtBzXj2R$
zoZEdoir~uairx0Tg8B5NW^>;Ac`)%R-F6V1W79rLWHpNV!(VPzC;gOuJQ$LdcSd)d
zlRSHNR$8KmGocxF{Z4as|4C~O15N5CUu1Xpx*L}816q77?QEf)O4_-^gSW}OX@{qo
zZK}~jOVZBhX~a{rcba%=WN+Fz_;^ajdnN7E-LzAkEjlB)GBf|{twz>-;r;EuMz@yu
zF?NF)yOdhj_k+1^?oRb}!E7_@4aS?J^7=k!?s)V)^%<1FgYYq&PB+insZJD{u3(K~
z<6}>h59=0JA`NC0m|Je$srK?cWyuqTHjh~H>ZXDKNAys1cLNwTx9!yLyG=b3^hM@N
z&QAn)(eSsQ|Dk>z_2-Fx+!^$P-`Ps+?_U&qs24eXU5gMPOB8(*nyQ_~_GUr*k-qfc
zV_RuwIqeMp_D(Zj%NqS7+d268TF-wh4jXBwgf>%qgEgASPCxVMI!hw@FdEwZ(0*YM
zv@bZ;QdLnOeEBDAhNj)RmTxtfTbA!s1)^jAS~ixaiTMcoQmO~j)w;Z&c9uM}Q;qLw
z-CzI7uro^Tw>k;V(SOq9RZ6a6z545&>P^}EdBZA?*z@VGdoe4uUatVJ{H2}h4bju}
z22amNrDl>yj`XtbRm*NO^_OqlseUQ*?`zifW3o#g=a_z-hXBRqMljiDHtkd=iR_k!
z_zK^*{zjjGH_@{h(6s!0r+P^GGBRp&nLOX-TJj<`mq7<4u2{+cm2TUqnEH86&}s`g
zYxey%H9M1IvB|-XQEbQ)ozA}+JAZ4Zx=Y$R-r82q*_Dg~vBu|rI+*nhJJk;k1ygJ+
z*OuAqh}y}1M?S0G6&KZeS_kTBE7i19eOdV5WNj<HNBd_h``oErY?C2dLL#S8-y*-%
zyi;vY(ax>bcH(1_e9MvhlthZ?$PzFY@7bw}`JS2uW+Vn7X{O~SYlmnoJ_`Dc&@O4+
zsitF#snZ?&#P01avG=b!Wxwj0LyD>78tb^oPb9W2L5U`M+$v%H(|RY~r7k#Y5FudJ
z6ArqS$=1`u^3w#7^-Si&!*;3PiOx)m$&L_0Z-NKUX(d1J<!l(3XNd%>6s!@4?^0(8
z)_5BhiQ8_h?RgfgTE<hbR)96?h+RtTC?{8^LmLuc-B_HRi=4pHF>@8PqOZ+hEy>@d
zE;|IQE^Drc=sRkI7hA{1Jo762jlLFt`-xrVPKrLZzSf2KiywY5AwBGA{uYB(GH92&
z^Kkgv>)@{{nujiR<e{tZ|I+7eU@jiIOHC0QjgM<~f1)PZ=O0)n1kTbjo|4xoB9XLg
z*e>-mzGrRJ<R-+en0Lb58S&z!+O}sv*Z=do%sN~2B4XP;ud`P|TLf*L^kYy=&e=Vp
znn->%dA?)pM3+Q1`@vjt@-8(-^z;ZTX54>y+iezUUZbIXZ^<m={l#5oJ+Rw4hOznA
zYRc5<IlsDwcIv;h%fz7Td(+Or$DkskA(g}*r|wc$iBDZ>ZHM(jbbsr#L3SZ!nEM2?
z63jX0?ozFyKktI+UdvQR<9+)YLNGUgS@WG;`aRUCM|;HV^)m^BujhQwf?a0s;Tmh-
zV`G_o+Un)0HPt2(2~gp^igwz+yGzL&mKv1HyI58C`MHj$htnH>rCP2V!D(5vOPwe-
z^0qa{N$w>-63;&1u=T2ZGgd=xU|zjzm-?F6$a5y2YhrP772#)ZE(zrs^wwi#az!|M
zq4}&d;}2%)e(dgJ{P$J|pD{oDfpzvWeprt`n28m;)a8ePIoE;N5cP929B0%U=&N83
zo{hiy$u6~<@7Y{-unuAF2@T3md!wgmaAtzJ>gVW`jM1?%dFt6Gdk4XWWK^QveXRv!
z;cs@S;=W+CS@XF1are+(Q}QPc`AK|TBK@1g{J(ye`ibz>$11=0{%xH@bt*)5W#AQT
z+@(IRb<x3NebirH;Q*|M$KhbE0<&cIE;UDV@hO8DSqr_B7g=v?rT&UN$VvL==g_<J
zS?*X;+8THx`FdzC6x!MG9CkEcFZGM5pLlPV$(@}SuOH2w$$rEf>gQ8m??;?ul~2sK
z{NL?I$oRC=e%;<(W`ALCkYf(k{Qt@R!i1X`pA0$#e(L$&<d_dWUm>!trJZH8bE>p6
zE1qx7-Ct;+{z~e5;$J7`_H|Zv|AgLq!5=!!sr9a4F5|Utm)Qe5C6_+D2PSKnQtGE#
zcbR*%{Cu#9k4$jHE06VzC#x8qEH>Y1Tl%&H+VZwtX8-KOc;BM?XVTU>>d&A)p$xf_
zT;5!Jd()}EAKDer>b*C6u0E!N_GB!ToO^F#dlmD@SGVs{FA9%Oo4j&Z9>KW=_ABRP
z<-zyxURDXTtH2rEu}jSqpK^aV=N+6qj_)m8ZJTx_(<C;qAG|65+NJi0AD!*Oi@u}g
z%Z`|`ihR#ZFiUQh^~!EFNY?qUIWVJZ(BwPTpkbUWHTyeUqJFQ8^kE(CH4ogab`PLE
z$=TcT3e_Kr%=s5Op6jn>J{HXUTbN%?*lpx|9y(>i%tY5A7dsfuunrNqOb4^(#NFz7
znV&CrU^YbK$TzKfH9XgRX!3Vfkr9U@cHM_9w3qqfZuNnT!!?ffYNL05@QPl`>YZak
ztQSQt!*0c1M(tLcr4M&HFl(ZHsC8i0z?Wdo2XpY)-Kvl5VQq3?#^RQvta9mo_NpGt
zE$8f3LnR0Ksspno8Vfz+h!14VCw^%tlUC;9-HMbnHVmeT*@OAwj;!5MBK<0(e$k}e
z>NnzZAF=WfKev-S)iJ2q_4_I?SCsEoKNVR`wqoY2MLu+3X4fJIz}!D=xB4&fDW^Fw
zYohjZn<Ix+gZ+rEm)?f_XY5w%B?s%WpW3KjIl{^(XV>~9H(Gx}Eg9ZKnok|=wa?nE
z?h;v_5bgspIw#i-3HB2|5st`p@}b(-?bPjHUB6pR6*(Lg#t8Y=`siIA$2)Ak9t_ce
zaxkadxLf6m9u9I~#_}2Mj?PLxV+xq7!5ln)w`$^hXub>fpQ86$-H@|Z;=aZ_Ub7NO
z66vK0Nde)x{~fH~@7S#dNR0WM!=I9@j>Oguo+Y-P4rT?IW#8Uy;-a}$%-B48@Ntpw
zzL9oT(9R_%!uv_qcDNHR>hl&9*nM7&uNOnAn0Ht0R@-EbbYe#J;!c+@@%5q-%n{G*
zR(oXq_rZJi`6ae*f0D!J$-cexeFK>JzuT>DJp#-(9GJ1YhV9RZvDxWk4*oX!_Ltr2
zI_dk#4tdr_{pcJApS3>bOfWb8W4C%uFpqLz#`LS&fhqbWeXj$v@!j33pg)+((f5X^
z&YtRs0UE$80dwGYh_m<ZR*mqTnrP)Sz8-wU;T9`|$LZjew(eF*nU4oq@#3*t@)=jG
z1y91`S}^<X->p6r9=ojlj_-4P!NH^6&*-~=c<TM#YM$`;f)y|R{>tP_j`=;Sms7xO
zPPC|t#jif)z>JN}7KdMzu@PC;g4v#GQAc8<sRdTdoOfd_bjY$AOz}~vh3L`8TGSi-
zotk9DjQJ>M-ttA8M<Lavd7nu;qx!X&`{2gYPLTU!u9BQe_AZwnMzbGe{<r}ua=M+`
zhW9!!Q~g`aJ!8q<@Lp+SQI;_;*?!3KKJ2^r*TY-PJ7Sym*!)(`zTjsa3deM#<uM=3
zQTZ)up4jeFR?K(~I(bhIwp+zm)`Pk5Q!Q$g_}4B6W;Fh@CWrOi#xtzWr^maEMW4zR
z@qZ`zWAdn#hnPMc{Fq2P>u9HZxUaVhdehFq>#g{jp?4zJFSMBRH?w=wj<>_6OLSWA
zh0GDW!WMI$cRYBpc-nQISNdEFZQ02!YLfW9k-g!?b>=vExixe_;fK@C;KlgaFSeMx
zM>3bkaNa}ePoVx1>W|=iYHy3~Q+K{Cn!6zEPRyhJ3hL_|*e2@dt}|mg@_(BH+b{h)
zrN!jHmKuJ;d5MF~fr$)CzQ_4TFm-Nfa$E+{+?3RxPyJ@<>pbJgc>QReQGEYu>JJ{#
zqUvPqkFv@vXI*uI!v|IQJ}7Y){^H9m>OS%PZ|}B^L(Y6M)T%g~qXa|SKbZ9+Tg+Xs
zPg^l#W6PaJmesdxk=V+`jzk{oXlK-@7PV96!fUMU<UCJzsbkKr_2rR&H|w{rF(x99
zu@20tXguY*UsGhvG?kbRX6EZH>f?fW1en-6wxP#LE-&4kJ=vgdBQSHra%c{m-lCq8
zvHoC}ZCrBptN-m77tt3PmliPhpVOi~5I&l$n6Ytj`sIJv#w9yfmMx*N%UaYP)@`YG
zt?lIOQGDRgQ;BoMR#t(zVrq-I6IbM6WGFcZL>T1Q<?&P9*R9lFP5nPY+q=FVybh+p
zPTxa&(^}L3(ZMGSUuK_3ufI9$kloX%53j%VvQu=f7>tErlwQ-KzAW;(Gmsa3lf%61
zsdK0G%<P^zD|h6aye&AMsF(6-(X-9qOt`K^og?Er+2H7BE|YnA*@rH#%zmN1*ihnL
z;>nv@RH?K*HfY<dsk3JUVtX~)9b;8byMkE;X5}p{>Y=`14su}DM01G0vW6O*JAg0I
z-Bn=rzssNN&$D92bob!rdTA$rDdTasAG@61n|7Qw@{-F&WR9FiJKL7Dn0L>dKs!MU
z(0z_#c6Q9QwwQh1TH)`W7IkR>vOUVmAATV!+piyE<Agm$WGmy9s^+=VpS7sFW$m-q
zff-wue%!In7kicdm4mtY*%tMR;J*-HYMs{SM9}Fa+5Tx2F4cBk4PE0eThxO>_lS{;
z_LcfBwBS6wTtB1h*HM4YbAElXovd%Q)Gq}yL;d!(E$Yh8fImCnE2{6&_&E9Pe7pQ=
z@T=mRiocKEyxF227M@Rz&*SX)=-9?Q^CCRVp?($hSBcL!(K?S4_eb+8uJv$3ia8L>
zjbLtjr^Vc5H!02ox4Ib~kiU0+_7B<R68=;7k*9jMMV)TtKZskjZx#MWP`{G;h2m$9
zjkgt?x2FEp*`{chTgU=AObdNC_PrR)lExO3CsWpW_l)SX0smQ^EJHg(n_JBN?9YbV
z$*w{DE3=*qEjYE$ExI{cqL-jr_Qm%jl$|Z=Sdqs9GryZy5>xcgwz9e`K##SR_r>(6
zs%@_d+D2%LgmzXB{QMx=I%{GpKPBL90kdvbi~1b8;fP_-uShP?;lvsakyw4`GWKuY
zYccQbIWNp(kROhX%{;roq-WU5<@w8ZZ9hmnA^N$J_Vf4oarIF~zTIn!KtJ`St<>K_
z{Q~OixLW*KBvy#V)grId1B?arizL?CWc3O0eAg?EP^%&hUKw~rZ7u2u8B^bfnV0~1
zMbD1>F?x2y=#<Pu%fXn^?$38~tvtnK{-4cvi60=Z4u8J8syFR8RHcXfiO6II?F{c~
zQJ)c+Of+NSkjbBHG8qlVYB1*QZ!vrMCj}Vz7PGe=Y~PEQ3;yWd%Wr{x!oU1At<0Ul
zoNMUAYg+NCLzsjXQ~z1Mr_|1z`mS}l=wLat{ol{7hYfAF&PLb6Y3eVg{t)WxHNvK#
zEi*6mLTAKIH-l0Bfxo7H3JmRU@i|=P<=@X0)0zL<HFe2yo+JCWzowoQ^dT6Z|71;F
z1LiU?^_u#$xEynBzn=OlsjqE+P`rNB_KT5O;vvbW?osQ-_S>4XV;sm`3_m!3m;8I4
zW%sCJC@>Si8FJVjbKlf!;2?Yb4z%nmt&5DmucTfX_3k{3_MS8K0z1gY+p+zRA34sd
zNuF8S-T-FJK)>y!?zUT~x0QNRr0v<gYx_Grv@NkfnxJRpkM^j!vVNH8z>KXQhB<QF
zvVIUdUj}CVV|&z2zNZF(Y3!6SVU7-;JA6DeC;Dd$#h-71zUuKk=H7}Anxgb#Oa79K
z!=UJ<mVUk_FS<Hf!XztxVCW<81K#_hBhLkR(CYN8c{kn<@*)#_1ASr06BW=d`|%#N
zTm0Um&}zLPf#7+s_)D>>yt9IDdcIo*P4$y|)Gb1DziCg$z@@U*^&ZLwPjWk#jKK!s
z@6T_ljWPyzm^NZMm6OAH*0F}GrcJ>dyn?a#?>)x%T@~~>u#0Y^D2uvlN!DKwEs|MH
z#$_g$Tfx-Nt)A%MGjd;9(v@n`dp7I9+rQ;a^}5JO?XdZ~oP5~%j)_}xHKKd@KV-aD
z?=gGKFMt`FBf`(ad3SdQbOq2#A4{PxdwP$#>-BysPca|tecKlMP)Xy}fY%P*x4}+L
z4)`&)5Ypw`D_C-MxeAO7cq3}}s0U^3G04hae4op)KTvJIG-C{pQzw7r+HvxR!^4~(
zVV}RmK4sjV+OB2XJvZ_y;cf*l5Sgx|e#5WunS4(@V(J_H&c^IZv<*&;S})Scm4V>3
zgIDm}9(9(qKMA~#oF`qcf-z%M{3!OiZjbsv_&e5$7mFVqN7E|IT4<Tz{dSMKLHOI-
zXyY%2=l#v5Lp|N~CiBJt+FA9xJ?b&x`&rYDp0lp<{Sgi<&2K|%@MSOTQ9l)(d5U^r
zf6S=@FY8c~UpOQ_1hPgJe=-A%&0F@UleCX=^r<?USG}PJA0^|s4$M`r`+olN7+)dV
z=#8Hj9{VGR{f&E+Cw~4|2ah#T9ydAsNeyEsJXV0YX2%{y=t(a0-KgwBJjSl4z>DVI
zwIw{(f>+kGM-96Lyhp*y)m;{yM@P=6+;o{uJ6MDsZN?_`IO99@J+*ltm=9X@mr;(M
zZF|r$HZ|mshQnt$n5%Dm&-D9sW3$~h?nUkkoIw4>)E|D+d+JG%{c|xMkdwX)vin)D
zSza^{(;1|CbW3Eu1+40M@2R&%Ul+u%?9U5XAGVV>2ngQLC%~(EPqhhe6CHSwJL-~8
zJH%5l6TCU#r5C)XZtM@<@m4(K-7hkRl~%xUR7*~CglIMWXe-U9k@jkry{E1a{!gR5
zsQvPWs%(yWxEHryc`ub<3|mQl=?CzPUZ;-8!Kh0G7^mmOG3ruA&t`%#c=>y(RPu~(
zSnW%DlkoYf4;?c}*00ooIq*m5*%&b2bzsJxd%4^79;$qNBK;fqW9*^vJ@utRFz;~8
zk#&*$N%Bic-YH*Pn2;CV-_GZ3J`eL*SC~j{<F`BbUd`tLKGP}tAdfG+dA_7D!OQHE
z=kX^mp7(ApOw8s#-zZFgm8`H1I)-~lvKWGS)D%3b3N3G~m;aO%CMpW^FB!1$5Nzg<
zv#9Ldq+e<8-Bnm{6U98NdB~UnTlu*`|12;NPAW`XRhalDf4s{lU6_E0^ZB-j575cE
z!tr{(H1Gwsy=jGsiwYA{3KO>#CN3>ZTtd;Z!o<0nuPgZDM;a}8gr{qOCPeaqikC6+
z<rzNz*5$ksxST)6X+c$J)Z}uha(!U}Q3@Z|>2GjJLxAxEC4Aw3h7EWK|Bv#CdORj;
zIJh-`f<SL!5V-?Q*XY8Tg^6<*ZKJ0HpCrGTzgOKR{$sq$KBGDIQI0iD4L(WM5HrAB
z{fWJ5Hs4bx82jn=hx4-$k2(3SeL7jf0z<nJ+6=U8|8njzP8-SRMjnio`Jw^Z_Mv;#
zSwo?9*+=Y*Yn#jFK4$nCu?pa`_NvXo&rv!2EXsC<%u9qHkwYc4%b?vQv|VP-?v?{@
zaq3PIM`)!ltD&87_FnaE85fuTXo$|ww>$bG>odVj{5SFCd3)8zKMm#!4*!vf+WIe!
zw9ls*_!7)AFso<pRYi=wGk&X$@;Ss|>b3AGa$5yv$t`=$-8t)X<aVP=ZZdy0LR&e1
zuR2%wdC=O&*qS7{*TGI&`ZwaI#P4_PRnwSYQj@KCIr|r%c08-xz}z4_E(Wt@)n4_e
z@OYXPGj?}I@@R+2RThJ{6}<T`>{VYueyI<_ahJ)#MxU$P5sfB7`)vhJvA^^FUiDkS
z*_4aZy$+Ul8AUFrA!?ZzE#dN=>F_oO%-Rq4n!Sz(tub6|JPv-ZL)zI!JNs$pv%>qt
z-n8TW)TY@zox>2_EM86iDUmU{nKUvA*|bwPg~uvr2j*qW`@~*<#}?1VWO2vAvZ(E+
znRceoj`qKI(+)9EH;-=rE4n%KXXFL?XVd|{r>^M@kM?((Wbcif171CNW?XuOchKV^
zd~c(jwF5Hh+QZ>HX>BLISL`?}R+p5q8vb+a>eCtZZPBNf|7jbm_`38}`(Ragm)m||
zS69{o%V?+avl(@y_<~z$Cx};#?Q%;~GGup;#nuAadTXH_0#*Z9#h=TV{PB3OSm0hg
zfVs8E>{BP6#{d82O?9O7X=KnAbFY8)g7@&g5y|YO_5SuK=(hd!P4ykxNF8OR3tmI6
z8A=;JUJ2cn5gEmw+-=;D?HlcxJqR+|y0@}hjDDK$!VUFTLtFm(o8~<b&xdIPUT+Lh
zVYX94e_}>pi2rT}Cj(AO)&mQ`$z4O{<jt;itaBxACb~AEme~1g8MRX|$2u^hxxJ~5
zIi^(bmV>t~ol!}_JGNJN)eaUlUNd+r#$?RB+DR*3%+Gk=va4uX_jlAY;GLOK|AyDp
z%WvCc7{|NMg*P0G#o*06E2Cx!-re9u{L^*W=^afl@?J~*&1YxSX3^WLdeeULs}A|3
zCGXky7vPpKe$xIaru`tt_7OSvG&B>SpMPFPeN1e2P>f!m_R6j?kH}eLX6S=pECFM}
z1sSs!b3_hCUH4h4*K*gGV2EzlgR!M7qb`*-rh3aZF8I9Y*@~MTX9DX|M%F{w04&=2
zrg`7*>tW0@WIw{cjZ1DT?A}k%M+Qo#MN9m<ljeX|eQ8GhPGt397!UuJ-2<wMK3np-
z!&s`Y53!exU=F`5WBk!lFaw_nkD)wMZdS>jBOSa3e={|s77LFPtvtqjeR7q9#R|Rt
z0dMn_8TBr_rj9ar_&33j<89`>2|9~YL5dxRWWMV$T?uXFjEp+$NN9JzX&=+rvt%m<
z*sZOK{)nFJ2Xpw%8FiejCEj&l#`obIYYEwhlQAgyC3bvAMtxmm_N)~%<`a@{J7ks?
z9#?=@z9OR@!$G9xTJc!oN1r9U_&9sN>-*4OFf(8l<NKKwjeSJ?j2C&?weV2zE9Q%h
z8TFL(>0PTH<ecT)=jfE!xnRx#vubljjThhbtOGN)XE@N|yz0TI1al*pOa7Eme;3Tz
zU<Udh#0>f_rhCj4MI;&|6LDE#e%XMvd2$}-EM66Gv1J)hD_Mv!g$Xhg<VMIkkSgHc
z2tK2qW4yO!)EvI2jtKf8vvqK8^MdRQto1pq{oEYrivE#NTZK+^FW^=Cld8baahrX&
zN6}G)Ot*T^cP$v3!H}i6)-{8n+paL7gs#^>y|Op_dQSvxMe50z^j*t*OTCNG<<$LF
zU5h{8;%&35T8;21bIKGjM>S;B#WE%l{nh=f%s!gR#Y)}X)N-oSvD*shH}1$NmapVt
z3{QH0g1<%n>-fFADWg7xZl_MO@{D~%*4dh_9lDD5GU^?{y~8RK?}_ZVX|Y#mSq}d-
z`OCc-b-mC{4)Nn%6l|Cj@mm@73feN}eXyq+e0&|b%{;w<`<?FDT+2#m7DICYn%4yT
zgfLHLFug}Y!60>H%+^7(sy(9~5ZgS$@MGre&^!`*R{sK*ZGw>oGygZ(dsjvsC3?`d
zEv}pNAUltz^FpJhr6iq^aW4a-{$Ck$=fm4M80jp8cTXH4t^2hM`pgFzb%Ep;o`>ER
zpT_bhEsp$x<WFQx(G2G1f&0`8;_vSW^JM%(^x5I$=9I-1NdLr#j(DE+`!V~}kNKXO
zWw5%}lHR%5;gyp|Y3fX;e)?G27MWfZ?vJ*EYGi5-9VQQiWvVTqnl@#uSAntaQ~T6=
z(&p*8{CBU1ygQ;v2ey)EMsM5)%ZVa=ruqPw<;U$a`{(__d<FUwdxp~6Wi$C6u8P#W
zPhZD)9=}grBC>zs4cmB<FN(%Hs~vjUfDC1>T?^)cq5ITbB9BMG4ExYfypy{xp8F1A
zk#FDM%KBxWdR%y%?BFpL5B$!NfXc=LQ^1@zcAt6A@hmrwQ{!e}d2^5G-D>c*p1Ds|
zN}o?Mc-?vz<S_IaLHe|f`h&;qQx8e~qulMEozp(?Shq*Uw$ULl1heRO=yMkH)qgnU
zelVB|!K?*yr1-JB!L->svtoE(sKuclRoKfY_}mKSinI2qe@Wjb8$P>b<vkp-(MX<I
zbZg)X_^-2l`##Uz$D5);LhEvMOYo+HmpKnR6JGjR`xlD~9ch@f(fu{xRh;kRz4~{X
zybcO4Rma#~v`^h3^1t7T7tg&ahxqk7l*_=YoxD#?Iz?n}#mm{}d*e$s&tmSKlsRP;
znCoixsUPw^by^q`=ceu5Ket^O8Win8i?rT0LqFuPeQFx|kvbN7hrjSzLiBo8vkWRc
z$heMv5nX$HpLti_-mOkdUOJ9V>Y3R;XLfD01oINxS_0l;@M`#;dOD0}=BSX5=W*z;
zN4NWU@fi(ZZUK|!Au*W2#115k;w;(RtQjCdW8e8Np|4NC!^f#ViTb&=$oZh?`dK;V
zUb(19>pz&Kzuu=vI}xXZ$1a#>V*2Vz52kf|u?D<a@FXXhdLt~StS*@IKrtx?eQbxm
z0s3m8e>O}XmvihD-*z!;{hF{If3t0$+CiVSoNaQ;M19!hj`d`AowNeXzKK?Yd7)!0
z4iYm1=CZ!6YO2`!$qvl=D4%m2#x83w@wLSp7>|CfYM5a53FN8Q7`Sb7K608Dim2s%
z%tqg;pxrQ_Rjn7fx%eU78}j|$-|enKQoedDwt$&Fs#PUV1apw1k5$oi^9zo9ORHF0
zNFRs&9{=&xR<%%c<|^YqLi0)R4&L|%E@qXO4s9j0FAMF+fHrvk^GDrQC}Pp=Er+K6
zX|3v23Q{Kq{wgZd+w(#)H4l%9AK3zJ&FEH@658VfTJ12juM7?}doTCKj|k?lKak)1
zdaL>$=|fvE#x_h6N+0c;#4pSTbJXdr>Q}<2_`6)2iN&AE6C7!P(qiy7gSRT(sz!(&
z-WkKg`u#mWKh}OYwr!v%3w^G1AOlr5wpIPv1LxKlPBuSR7qyYo9E{b`x1sPh1I&_f
zttP*Fhrui+>CdC9Ce>A7bhny%jnpeWgtli}+m5fplg>MvX<Npw5zNfQR&~?IEON>A
zCwBkZXB@t%fxN2pXVgaQ;i6V`HQ%)lX6$r-F6i#hFn+6`UL*A$kb0X;e{{mg^QQPU
z#og)qot99y{Nh$~-|P#qzU%Qz%M|F3-xYb$g^eD+w0BKTscgGxIkbR3s=QV0Ou@_2
z7`~B1&c4Ur95H^@f2A>qEmP1H!F;}VnCl$=R4`{Ei)CO|Ol?&)q61G@G4;XokWWk|
ztbB4`US9G+hiW#6+(kc9f5d-Z*{c32cJoy4+WU#44+1K-T@L2_Z!yn^4LxVYjNA5l
z2cLTXW)*lVX11zZ1@BP@US)WiNZ#YX(=qCP@Mg|xRSypUFYYU{HW51)^S<k#9d;#h
zEZM}m^tM)YoXAmP%v^s)>=c>HlH(k5tOi5mSOeyos#di}^y?@qW;{0kio<j(MYl5G
zm3_BWJtewziWM(Mw~lb@)&mY12f9_U8GXJBJ?KMwk+?mG{c`Sp8tHhpxQel#K_AwD
zS^ND~^(E=UosK@lVi@~ceH`gQ&w98*-e@4}j)Fh&y!8)S)i2QNXj{aZlIHc@k@x3N
zNN-$`)`<$}Q_EY`AN%s(TOGW{?h(7r(f?ZdFR{oPFl%dC&9g>bV6v9!jzvPxNJn1L
zZE~g=XtzMC^GL57T2>}HuF!W4u-|=8B&tYje?ROM)+dko^VfRQ58M1zO1&-Adlj2V
zJ=eSb);RXxq`wpB?@BOhe%@;Cr#dONer8_aJV59@3&|&K6GJWImj){X*7Vv|^;fZ{
zKC!jEeq1-3-@GUl8d1Fxtn)EOyb91STh%k76Or}2)(Odx`is#kLl9aiY9P^k%mZWo
zuUgf8qQh-rIe|fkI8*P>bBBk|)N2rti};&$U~GN9RoyGLrNS5?+ls9ZraE*>CgCD5
z^Xt)*^~{lcPx<<x*NX)5^6=5JSga~Osu-FKG<OQk3-IAsTbGBV;aXZtzm|blw4v3!
zJ6vogz>BZXyk5ncX)v3?Tn*+h8MBdL%wWvSqS4zI=TeWE@HPC;tj{;Lsxke+u&-nB
zol*aO%*X7Dl?ME~*m4z^L;u>UJ}rF7oMHNkJ?gCsvs={`F-Tc<={)p0Xh;36Rb9s4
zsidLp_5(AsBc&gJ75-a<f9m%Yo!e`jLvwupJ67LsUV4!RGyNC*(L1ebg7DuI#?*4H
z4s0P=kQWlH*5hhu#Gfw&qwd{Sb(>(gVg>Xs6z_PC*~MCwXHOmQLdiTGTV-f#OJl1V
z@;TbF$JaS~s#xGC+>ACVKaB(bXR`I0-2W-tPfQ+|r1Af3=qx<EO|>3Idw%?zvq#eq
z&8HmV(iwc#6mZvoS$k}onkDkG#>ti4akBSdPC$IdfJ$#_PU*M-l|Ih{x8QFJ+SJ~o
zz<0$)nP|TLlKyr<WbjqR;LZSZ^N2R}CH_wJLs!GG5yFkG&GNh)_WZLGwcu<S*{0@;
z&wDMbZ-LLtSs#@-e4ZG#_^;Go`M=^ewODw2-GLcByL5;nY%7(Rp$xpzk~XzNu%84k
z@L$>{y7#}n8?p%P5Yt*`mI*)Sw5c;hXI$&g*!hqV4u&LV5}umDJaDnk)8z-x)3Co0
zf6r)B%Os9D#UZ1pjV6<hco|dFF~xi^n=9MYB_gLI45p4Lvd_a77#mtiy@Ko8)H|P|
zo_am1J3*`-eLiW=C++$u&nJm5+z;lud)w4q{2k4aFh=NOc8@a2#o+PmZElv|oHZ;V
z!M}f5o4EsTuF-MbAKDwrXC}W7exS|x>si^~ix%*_tjPfs5t~qN8TCr3_a^q9x-e!d
z*>!4EA8&HF>C$i5#K4A~v~xiCeW*?So$rp=Jf4@m#15A(wv|Jy?Q8m0&O1HarmhzI
zYP0H2texb?9qODGdtC!w;)gz-eZDv-yc7Z`c+|(U+gq>kM7PSotA4CaohSR(r(63Q
zKbPRWV;7*F>&1Rofw^RLoBFKCa8?*o`;_jp6q`cos%P2CL;>{8(9i#Qn;I;0|5ecA
zlZX{`Du%dD`-uMkV88O&HuXOBQ`h9Q5u9_2><;QSN)u^lN}!+d%Qkg^%uCYmsNa*g
z*pIPdFT|Dy?S!6BH5dz@Z&RIuaYC4fkbjRpYq!j?2Ca~>XaH}-Z`;((TKBBJBj?$8
zZcDSw_vU^>Id?MR4e~QDw5gZ)o_ZC`AZ82B;d1>*`1o#G$JR5U8&=n*?v%bgW$5%6
z)alqdIWaFAvY88lg#Q|77QWb~juBsQr<H%bS_s8P$=MEPkX<*lgITq)O%0Sa+N}=E
z*na#?4qx7YT!qgG+Zew;x2fUMw@HCaNCZdysn-zFPv$(fRCq%%;cj?)3_OVoSAaR}
zFKz0cW5GP$!DloM@tSQzH;!w)lckPZ&@%dcAbsD2|2=K$c*)&-@HhJ$6TMf>TW@QN
zp#wte@)R%!XWC5eb3K@0dkD=j;d7%#B(XD@)D?NG25$y<r-&{uaPSyA2f59v%Y?(p
z@pkU3l3MnI-y&{kZBr*7PFtrq+KQc{{cmfWHIC!9j<z^ptK)y#N~kt9R&;!+wXK|(
z&YnZ%dDuMf2lkHD==Zy3Xsgj{SChmK-feA*z3E6i?rm`Z!fs*>pW?S!|MqEDje<G3
zSC~9|=*c6YJOMh3|D2(pNj%5Z4o4MvvXRFfJt|M-KmXu!P9et(SEa5TP>Xoi@~KOm
z1?N2Ld9{9+F<HpTMILtK8OQPZF~^Gw6FeI_LH{qY8om#}_prm;)q3IkwZGbRKDyT{
zeBad*v(+hT@bD;Xz$i~v@<kqa6|Udrb53FYl>?T;Z4KO3hq(Ppm|GsujBso0X>|jB
z=Hu<^E%7lITKSFTLcMi%kydK^JOJL-quSL!^<4A6!<&yhOa96H`H6P(Tu<AUkiDC{
zg-$O8dvAzxW?^D-bfKfozb?<4QkXwwz{b2WWFdKiH*b7SEtw(42BT?w@MhW{c67V?
zl-SV%+7GX>vT<^KBtPLjWfxGr_%N}}f_FF%_{ny4g~;e~D`w98d6dKFROdOuL=piq
zhb*D3{l~PcwX*K%V{Ho&M%SHfR-c1(@R7oQ1DMnQt6g;o<|GGZbp+FXuL-YY@{+uu
z+8!C`Ii%!W_&>Sb+^zDIqpkW#Th2rC_3%F({%gQ2KDAwaQsi&PjGe=Gy$`*@A^ZyM
z3;H(V4`}B!(H;9ZYxNDq89ZQpGZwwPCwEYXReR{^mHM%5+=2J~!o+3#hljFn5eK$0
z?|gK;c)(UZ4O-W~r5_jP|9LXo_%6Iw#2bjNtcBktUujocQPkAiui11xe)qGt(mr^#
zh*s-L|Lx4zUu##_90}$oD`tHE#wG0PWbz?v)`%!FDg4i)ts&>qR$tnh+bdo1>g@cB
zs%ZW<gE{KrcD0{^)Vo&9`2ME1!iFi?GKaQQA*`9SH;UxO=5lPcKW)8iZHu@x`rPyh
zDO+Rmj;-X!t%k)bkeHfu-&WDykZ-oD3bBLT*7kDz(2)+%p8SybjDbz$!LMvruh4kv
zersFoSw&(5$9usMq$~ERN@@G9qOCdCw3~bXW?9>c+xLq$DUKW9w(oNK)J!|WXZn8R
z1lkE=Q8PD5Bf-?<ZOWN%G=34WeE4Vw&ufajikpdlz?OGErQUVfP1Nr#vaV6Y$vR@i
zYEQ>nwX{`seY?6*@-{C!+KRrb%8yw*A|Jvhd6t9l!VzoLr--!(nj~uB8VZS8-sDqO
zSTKFS))X#^Pjiab1QET|OZ37N&czYQwfH&wA>kac7I%PfBL)BO$6Au-pTUO8kh$$j
zY$r7qzL7s`KUpxc{N@d6dah<Ulnxz7O&i@`32iB~=ZHQY<>)hO$dGSN9%i*QVsT;#
z>l9X(r|m3%7wg;k_*L;Cd;enht7P@VZ9V=U+Sz>CT6KH7IzrZ=>#c3!Z=*is=Y4GK
zqc>b<V(nM;Aqk1inrW-#&UUjteU7$b`hO6y**Ep=DhCmpiH*$I&HPIH*Ncsecl5O;
zVk6$gwjQy>@jS=*;2KYl;TGD;U*gAsCpg+_h>W54zP+smm%23IhoxWX7S8W2_2ULt
zThW*^`KrVA>s@P7qEVSMSJT$=``gvIVh3%1w&^D8ib#B${H@gv%)Rmxz)b8R-@3eA
zogn)DS`3qQx84xzK6LbMUeq({?3c(Q4O9tO%O7qx=h>bGE6_3grq1|f_m(H;#d98#
z=#xHHgE4SLyP6|$%^fj*vbo=y=-AzC8#_OzCYX(2rXOurgJkZU9OEmLhsfQZ^`49J
zNw!A%$!FAioKLK2S4;SwI>C*Zd-qyy_FTqcF?dVBn;_%xc6~^8*|k%B==r_m)Yv%a
z-4l^v8mui~RX^UYo|FDQ5ypy-!@1UR5RAcl>EBA`G{Kk!MzEF&F#P>_x%MN-Uuk{F
z@-YRB<v(s$`tFd^dg9}vFh-;=HDC;UvR(BNx%BA?quh!i<JAa8{x66%1>?0>vvUve
zSwES4k|%rF>4#X1ob_nwe}-{h)2`TVW1clMX5W(jhjhkU9_qbGUg>A-%Ap_f8`joB
z|6o9`&zb1^|2bz;6UvdYC82Yq)zEE$?p~4mf`HfTS=r<<p&V%yb!2Yc08P=lcJsVl
zHw|q`_q_YFy^EjCErm9*5BWf=eac+g3&uIfH|LyB+U?k!s6xIKK$d~o@M60v5P3fv
z^gSmRdP7unNOeNAg!^KW{bIw42@2n9X=BBD-=^<yx6xah7GK`K6?y)?U7aqzXS`Jw
zIeEBOt+J3joMQn|W8#c?v{kaPU9AvbeypRdNS@!j&gSNbOOuyadC;$j(7M=2TbcTH
zHAZym<yW%4MeAba0&_gw%L^$Z8|0P9V@Mn4@Bh;7zbhc1(-E-PfWK$$KT^CbIx}cn
zD7B?`N-xZ*DL45VzgkV38)&mp#^7?=%+<$Ojw{*6(fvyC(+%KF{~PNj!JFm4tBuSj
z)-6LkLtZg>MeVFt{@$*tMV1o-nP^!S8CiP&6A~rrIx+MoQZw`1JaE?i0~|0@g94mD
zw%v=7-amt}8O;4))(GYsf69)t1yf!psEdQkR&tj%MTz0y6m($EZxXjlf1fazI&L?2
zF=w*AMMiK0^-HP0?5%e7b*cYIz=M`g*6;l@A`s*E7DKn<?RInK>CP~nFVrid&;JT<
z>!2Cc&~BdXxi!R_<=Gw?yB6wir2b;zZ8G)4x~26wbZ$i6$Q%)h*-VsnM|ARh+&g}|
zr}x~h%q7#QU-53c`ir!Ce9$)rfVo7pIU5!|7V~x3q0p~{zH)oJIg{2Whn{^&e_Js&
z7s;3ieIxV*JN#H>_vWl#Febii(^=UvLom2HZ0pO<(289S?V^3?Yx$mf75YGK*}2d^
z?#ETwP??=9#1-4y(gH;NHRe1pH)k;)`QKxT?rjEh@XmH~57$)zCM<Q|M-W^}q`66J
zUQ+uRpIz;$ulR_u0iCg%Y~DDQcfHr)bn2M%ro&4)m_zoooA;=lV8x7`|Ms@p{d=in
zA}Q7F)X~m}_u9=n@!r@J8k=DLj<u6aSXuAkA?9-WGwff)r<r!Ol<%oKX(x#7ZTXY4
zqo%`LpzmUi*pm+PDn!2)f?W^xCnZNc-r9$pb<L5EGh#K2q1fnFFjsuguI`Z-<TS&t
z_FI)Y<ojAE<g1kWecxw&`tNo%Rr+^IsJ`}dq4)T}u<$&J`lCN=S4T-6<_HJRgzVuw
z!E27Sn8eE^U@if3f2u=0EPmoxD`tEw$5>Mj82%{mwt=^*PlvgeyX}v9%({K|B_Y@C
z{Ur2<mfzqH$aD7XP|u4zHic-(eGpWJ9=5K|6MdgR{gT5v)Xl>C^VAP~gi8;-e;lm7
zi`;8zXL`R5W8-rTUnVX$de}X0dhDxz^c*LcsRNw91apOaKfOoHUd@|=Sq|p#{vGC-
z&pth3=Dt7xw;JYLf(F4{4d!An*|x+F|4)t$hWcI=MZgnVFlF2l|3;pNcc@~qlLx`f
z9k=+|A1<G=W}4Dx+seu4iEhuJosuIu%o(V$y=upK21@u|3*NdTJIp(a`t%C#g@ff=
z=9GdD@lQu}sM(^|&u+}hyn9Yr>Lov$7nwHG!=NjNu4Q0{S}k->K!;q-b6;Hj>mPT^
z@SCjt7gD$K=nnI|-6KI8X8zG}2?>uNIi0-8vy3Lo3T?ObV5L6UVcumn%V1&i@GE8;
zem26?Pbk*c)c+!Uq$b7d2k(^(&QKRoe<=0;DD_VX^O}tX{8(g3C>Aj5V(U2<(d&g^
z)__?nvfBHyO$T$%We;}@W&;>$Ft>tv;288nFkc2Un6KcIm4EkHti4f2CD4anbaqH0
zFVTE#hdN#`p0x56vkh;v%><~V*Xc9CTRWsfohW#B1UxY|OmEruq=gp`p&ZsKXb&9U
zp?-jJrKVYVA;T8U{muJ~og3NQ7P%h)bHaoUbMM4bD`w7m7v-}We+_*S%+kEP#E6L<
zsv!lRw^}iC=JKtMv6Q)7=CPGvHk{X?ZsdDvu8~`}PS4IxUGemW=BGjUDeX`jg`dg2
z<7Z0`{74^1czKE1vJUlk!JO1P%%1uvn2W(2eMyHZ7t9MCm<`eKUF+bp!5`mkU{3gk
z-}kW&%vip7qXSdMLij97<|Q^v?NA>IpQrZ@^YxFwTnJ|6l|G-R^$zo+#%L>;E#LC_
z9N9a}p7<O}--q)+`KZ|)=Kj%B45kER+?1KGmlFs`WK>4IsyQ9%p)Vk#6CG{WMfXqF
z4YS)7N5r%ZtO9fMV;$-O@KbZ+e%f3asKad5I(U0?&qjgarxDux$C1U6(29@Go#UCB
zB6}~%{f_$sGsFqf$5DqM-)B42J@OpF8&=F5-*K(utcv&!9shzkY+Z*c7616Q6*KN{
z|819ATH|d4Z}AHqCJ*V)!9lE;-Ajm`BVX)LRsCH2@I&(w<u7(9REu+ZW(*8obneT&
zW72yxI>``^A;Xz`s=%DSzC(Rg?8!AYv9;$EE0bq(<|pYgUs;xFJ<8DDh?hImT>ef?
zG=1pyrNLFzIlffJXLz5yMBj}as!{rXvUPmoxjEOhxs}twn-AW`O&w;9+-0?s*m~#S
z*T|!3r;&Ejf9f#r)P0(E!m$AHRggak=P&f~v`DY9hxW}&)Ih&R#>hTT#`H3Ij$@0D
z-EHginHHN`LOc8a+@ao+SbVmdPkF+#JJI3}u4K#_z+ASaLtUfCtT!@F9&c4I)|A3y
z(Z}%rfA!a2>JK4V=B&Tcy;*|@=0Y$l{?=jc{(HGcOl~&{uZ-;L8tL~|Fk8UX_c<;F
zGuP+Eb#<Jh-#U*x>@ec5tv=qQ{~ey_{ygydztN#u_?|l6ffvpH-)>W#p5AdKvTdN9
zWwfLBKKK4UG+t4kbujxRBl<C3+d9;7qNmS+X_IYqk2ZOORk-@R@;7b$lF(Q9uc57h
z4IS!o(cj5#{yF#_F$v5%ccT@&Iegl|Ecj=KQrafmnCIj`PK}nJe&33g$c|M}%sMGE
zzISH-yu_+^I@H<lka~ARb}VFVrZ-{Av#D2BTlnN44J&e31?@U$*9p(hLYpgd)=1Hq
zqS7IAiOmJ`0GPuX$??b>ezz4fXAYm;!yGP{rH7+$yM29oB<LeX`=9BX*z!s+D_T0t
zUdc2!W^8n<Dj@SgJ9u^AW%!;tK86>{$MZIpm`+tDhC?%A0P+8x4wEZP2K2!=UXvX=
zW>HzcOs9T^`cFuEd)Mo6@1AqLOS1u6e9{$p)<C=Ry$&@;Z0!wbZR4Ja<{7_d9d{0G
zp*zA)JDBwuKbG7S=f@pO7DHRaOP$-HZI-?~WoU_k=)0VtGmmTYM@W4uE(!g~b|vTK
zpq&TK>U|yRSAuhQ7{`F{w)8;%zmffpU67G5<-Tm|z!}=wp}s3PSH=6%{ca$eY!5&?
z584|<w&S7Am2LdIXz~h&Y^#v1*8hCw$Mz02R_yfjpkGG+MMT-Xn%m;Kg`6VVrbVS?
zwGzy_4s<~Jcx-?f=o^=B1+rrF%y(qPTb2V^32!an%<Ezu%~~$?_Di<@=A18g-F+qj
zrC_Fcam32^eazSXZ!njES^w`2^&);M^|AvqmRld(LvCI2c+FrANp`A#hz#!sQ%lC^
zZFb-Gv5=zTJaqpGKF<7;>Qn>eS@3Hdyu{-3xei`LX5xS5fLS%DQ*9GoR2UN<8NO5H
zv5-cD_N&%FUp=@}9eOnMuZHP^Tzk$qKK2nj^*xIF0SY_Kd6iqkwh-g#Cw87DKtJT<
zPW6_I*~Bn?h^N??y<!cL<>nb9rxjqXI>qNHVxPU^X&dzABYd6){qK1aJt`WQmuMW-
zsdyBPv#4QPlq)5T|66I%qZ!aG`AVmGj&ZkZ%%Xn$6o-83eEF;cv;1qmeBKCSezbg~
zF9)FS`}I!6_AtI2`jAbe{l5G*(wDThi4mW`KA{^dW4$2UZfLCQqJ8;d4}B3{7K6EB
zjL*yL-ti)Ib<j;8>yO98C|ytEu^+nr#hvQM;tNl(_96cKMDm}G+-EK0k%pI&qsi}{
z+i7CeJ^?R59zT@BKQ=GAkP&yIF{;5xo!_bMkojZxi`g-;VHDah#3ye7qx8Z~b-Q4^
z3Pv!m#q{Fg99!o4xb8^^m!t2Fn-1nM77+6<>NM|*csh(3jCt&we)3qW%h3nvt!v<l
za@wh;o#~f$ns+1In%n>AIsF%Nc0x3K?q*j-8Q3jgmrw3gmH6S*<S@3DOLed(kmP0N
z-D1!SY<XrPQe+;7*8aSBa9*P5@=o<QZKP%exWW9)_4wVBawsw?puUXPLg;ItUnBIB
z0(#4sdy}GSV_*Nu9J3Y7(G{KQHo-hT!0hHJIP(!(Y*2p=pTRtEH6MDtM*5&Gq=(1~
zZOz6p|CehdkwrD_j<}*z;kvmKGu$qEChZ3MU>>)JXb}an%^h|#hd0W@W79fK{C$6q
zn7z(fj5;PSu?@_bT9<mlOpZsHK9W)C`w}qsf79pl!k#d_Uhyfhegl|gS9Yq2d`}%4
zU<P^+j;+J0DYQe5#h*btUubu~pmiX$ZqZ@CB%0BnNYYvQQV#99t9-w_$<W$zrQALj
zF)K7W$Iyzv6Cbo1%n36()lH%skANBYHJ1<a-nQiydT>G79tRG=9<T0HQ)Fxxgn5ta
zVDgK-8C$W(8DOryrc>R|_tdQcW-tz%$m<T)!vjHm8H-iW51-j-^8eEeefL<n*K9Ht
zjnGy?d%DcmW36&yPcEAOKgKa%*B}$&XVj;N7b`nen(wLcx&3jy$4&T|18o(w<uZ<g
z0$OY&>RWo7(-F*#V6M2n)4Zc__wStks<*j$!5ng2USjzTooc=G@!2qDTn{|1IR8i!
zPgH<Y3Fg4ror<L=d%$7LSl{o8+6Aufyl4q&rSN2J(!hG(V+(E6(Z<8V_bKi+=0pK$
zB6jZr#whuhp~sUypMyO}thD#HcDsx2ql|HcN;-!;2fWI;or<Hm+}{PBi959bV?KUX
zZ{#XDnT=o$nb&E~Iz3@9yX`~X9;2Ow_$obT@2CE{Td)ZkhbM#jdLv#A&CkmcNFtKw
zjeK&wBQLr!s(^U@_D*$*&@b(=5A$;Rz(|I*1;J~-vjog}cXX;MvC~Ol+WZ?)O888f
z{aGRtoM`_K=E?<~>Py1sNkKpT`|rJ_*^X(y8+5Wr=N*Q8n)TPhPBmR<)w=9B;j_Be
zI(LWG2O1-s`YAGgdpbDv-|bW<ia&iB99zF4x$fjQtZ9}W9CtBevYB?4-|736xpscP
z`w{%k0B7K5$nP!gRF54Fzo%RIMNgu+)_bhy5y@}6o`0=L={c>6w%Q-)R9A^?UbVIr
z+XIv1Mwa-whx41#r)JtY@F4msHvFWuo%o$h$<JAhSniB<JZs3pUD_%;f$@I0Q_cH0
zZC&naD|(jUl*8?v>gky{i3#dxt8sOwpDVJq6_;O|qg&2{w$je9p?QgtXFAn(vCX?3
z?L>9>R_hengAPkO)wHwam!0PMx23&m=Z_A3s3^9Hl*dA(o&B`avbIw_AbK~cSMA*Q
zpR`l)U*u<>_uD!C|4%#O=Qh&Ll;3u$uZgc}dOjPgX8l~~eK*9HAwMU+JoQ=j7k<}i
z?vs2T+Q2_CCx`QKKMGBlEROZV%H7ecpP@58uN=(zFLbISMZR~3F+;Ixbk6*gL%vSE
zEQa?w+8Obp@AFPK{m$m&v-ywS_`JRxN-KG(Q=K8_nfo~St&Pq-OC1W%lQMSABT*te
z&!MfNjXux){xhCs+}43J;eY&m%WJ>M&QB(e)Z^x#MO+vfHytOXbJiGX@I;UDhp}Gz
zW2Y+9^SZ$#j>ziKGg;k<&zC}50`0s_o#xq>Y0#oaSz6xl`H-g7dgJS$));ffU@^4)
zU+Gl8k#<KKTC-jX=}W}Fc=y_b%zm)_4lwLqVz~_M%z3p_O%}cE`gKUxgLdNcfc1sr
zlBE^A^yl&t3;*1y?%{jtRq%pXE*j5X799dYp4{M7;<#$?mNg(l!Moewb;ohRRv9sf
zIWts8{gu?eQ|ixlx1YPeo!h?XRQ~6gPr&=MJePN}OFq%H()X;1E+mAE^TBNYx|eun
zd#4)7clkGvPv6tM#1_h)lLFp>!3q4nQn!He**n;8kaGS>*$BU^uP!lV6DYfida$Yg
z4dMT%P*zUar)W1(HXwh2m-IZ|^)2fc`F%dWU(`(B_?|#F7kHBnBgNNm?0~+Bp%ks)
z_lx=coZxqE@4WG_0r^xov!A(?RQTCIy<4f5ZM%rFt(48A>>{6b5y$TbFG#ZOcJpCc
z?==P^IZmII(=zCv_7e9%bF9!%em;B%{!q%RDJT5W{{(*&W#6N0ij<&ZOAJ1Cc`Nv1
z^?|oD`_U#in7Fxb5SnM8`Bp$f`-^zUzQ`M6m@1Zzm1b>P+Npu237SblgN*!s7(vLq
zq5E-8)|9new?K2)&QA3epN0d0$aQ?baquB>Z|C<D_<gMW4#(H&U(e!KGcE(q@Dk(r
z{dDttfuT0P52I`Zzkie8FP7gmPpo3RGZ+{gh;&+*;wPzFLEWX))#HFH7IB|Q!3|U`
z{)1naKA-UiJ>E;GyOz2?3UHCnf+U{Pdm!6E8ILv8E8Nwocsxh{8^Ql?q--c<6Qm?N
z9*dG=<t)QBA>o=4mk~iFbzLtp0=fs~`@{kH_j+dz7<`ZD$r7#>8Mf$<v6AESCLgvQ
zhw%p<CfiJ2<WG$0E5iP`m={_9hs}R_B{3MN@-f&AxDN@gTxQ{YKWK9fzh(ICN%_s)
z=5%|T@eF5oo14KseRpn~V!O@!wvOLUk~Yzv3b+wnNR0IouTp-TeAhO3v9>`*QrkoU
zzyFEf2l&5>4hh~U%GX=UODX>~<)4%Kv~!u?&J4=`Ncorj@~I)66I)-*?+yH(wRK<5
z&l*s4i#8|WCr!Ot>K)S3ss183-Q!G43mC5=ulO*%prR*?@tOU+$^ivrvdo`CBD}YQ
zaX%OrN&!EyE8kbftUnK(yh8a*Dd!I01)f(f?n-_e#&5^%=~ScTH!Y`I;K=yCVt)HN
zzwxNP{-?*EvQsI$oB300EV(Ezs6U6_R=(G%PV?&vPm3wrMA;T86Q2HJ{BI5AckX5W
z_v?=0ziTLanX(;%jSTMbn3<PgCk2aAJP@?t5LOt;SMml7L;KNpY8ZVN+sQzC{k~4c
z5gYwaY&3PImzYl3OHy)S*vIhNU6CEaKV$tLwCswg`#yC~l)7gR$S<W=!v6%yKh_#8
z7wihk2UC89)CX#jH_q5}kyn<*mY+lymr(ay>dL$;{&#_Qg+E&uU$UCtFXeZ^HDf<P
z{HGrKi$jAf{oG33i>bRp>he$I)<W4^ls)Oo?Ou^v*w%>x795)VK9XZT*U^ra+yrQc
zjq?&`wRfsbGRYv(r9yjelGyGZR@B3m90Kj4L(dp6YC#`P>?D6?E*m4}2q#t`72f86
zweeq_>Uh4(KPg*G*=v+(JM_y|Q1&KeEGhLrk#j9&E$?@#&q@jMoR0j3zm1f?PkElq
zwK4vPq~iQFo7g^=KhfQR<GsYw2mE<ikHbalMS117B7R%LZxRnl`wPfS@ssXD3BUb~
z-}JoUmsL=f_wP={l|uTTjKdttI;r<_DZ&5UBR<#HUpNx|E%Fwz)LD=I{s9Hvj0XQ{
zKwt3_wb0H0PuqjmCp|~V9EvhffUZitt<+maz1yV?T~E*dQjZrgFhx<XNPgpjlU>xi
zTD~K<CEnShpFA*nyO}k#8|j|MWei3@bNq*$>OP^t)_6fnU(w$Z${(Wqn^LZ2!(7KR
zPSRGIqM7{u7Qg?OKSuX*aWnddhAc_Z??uw@1&5ADeN^6nA}l$gg~%R^S}<Nnbm@1_
zhWf>PHQw+`Tev-T_>3$>HyWY&0Ggtx?m}}<>P*p%2_fCB%}e${d0{0-IRvZdEHCl)
zAzk`Bkz3DLZ;2h0CWoSDHYlyL^TGPtp<Sx}69D(Dvn2zn1}1;@i2<XSj&t}D``HNA
zr9--c7*NJ(8)XwI`x)P}|D<j^<qeeUxsbo5tnb-gqKmRYenlx8LfQM2_4mt$@!ulK
zS}B_*WfR1oF}*BEGEyE}3`XYSD@D(zQ1^46>Qbjh{WNtK$#{#NSBQjUoWp)v{NHkD
zKXY7{dQsZZdPxo6*NJ&N9h%pqt&P-wmilb7>iWJ-h1*IeJ=%)R3DT$3L}Ik#yVNy&
z7r(p6(>8@)<(+V$K8cPOQTG+<eo5+TyDAw_Fioqto(D?#y@B69Bfp<Dpx{EhgS0V&
z@?Dgtr99Hcw=l=`01yxIli2Pu>V8Pw8B$lbp=~$9kBrYc>V3VS%ginOEoJqTEul<g
zBL9l`G*VVe87|V7<@m5HlSN)AW}wOhK7&iV#7m#)()WJEbyM3+)ZhPs)Pqemwa=Um
z)}^2A3gTtriZbc!Fxsi&w`Kfx3E!h~5yk2jjPz|abzh{ejD!3WS=CYYKa`yz1zJ{m
z>=@;nvqPubX{O#g)O%Ly5!?9lFh0Pm&Q=t?m39W6<0Y;>u}cZQ{FAa_l-*33j?eg8
z>}xb-zo2Xk-zC<&%^&MB%C}LT6kRNlwzN-`@oNaTrTb6aXNPs^Jzb;cjP)Y1rv)kR
zdR<!wFJcp`shj*<m%a}_QR=U`{21SRD_fUdY&NplM*TlgU&owUHcS!PR?YMCxJoU<
z)VW^b4eE`PerQ|s^`j_w{zRX%9ZtP}QSYZx@BE;B!)vf}VcHiRnnL~ApU1yRu+_7F
zle0a^HQc3VbC!a&3aqX#cBvBIzL$pL53P?7E;@9q_}#OaKu*B#TJ=$|+6C)N=#d4h
zJ5~sMc)}Gc$e5(hBNjcSOI^x$nah`m@5qkd8S7EuKQMW3*0x<il}hUGqyEAk+dd;Z
zf0XB$cNxcgzAQ3FVS%w?@Jsk?p^YO??NYysw$VM`v8wQ6wefi1`&_aDO6&g6QZI4G
zm%G$*!Sl;TQI;IlrH(K~+RjTT`*38JJ{v8zNWS9+kDiPD%;2|+zuN7Wq-;KAw@{{I
zDId3*vXzvHtCD|GZzW~-QT8caV#?N1_6TJ<S3$Yh>SoFwr)<2`>-GiM-R)Vk(|op5
z??vkAI1S$|FFcW~jM!uT`Cg)t-|h%7umxFz7qOJ`=K}dj_!>>!k*9S9>u@P6rR)o#
zGVv4BDLWxlMv<nUPx&W8<w9RgS-()3(66K{FH|P<QofGzHh7irfi-siIlip7P@bWj
z?H>J4aGNQ6kFspeK*|nKCVdT;<zL_>{t+u1N?AQ+*%(%6M^W~B%KGXSOn*u!`*n=A
zg0iPWWy1Fy%6=Rw69~avLivNCaw)5!?4D4W(66CvL8y!(O~0A)8$;z%w}G;2DC1E}
ztrO?@GTKl1^iW-CtN(?}Q<TYf`6vG^piJ~OD<i=iL0Ji9ak-aJeir3N3o-wMzJjue
zA$lpBL)jUzvc;5*jFqjR><ghXX}gxP6DX7KqT^_;Zf7Iq$A{`lJKHGx1Z818$WV4v
ztX`^&wQH<wFlFj1(S8r7tRqw=EJ!=WlsARSrL3H?H$!E@?@Y>G3zbo%=@(M|`%t;i
zFQ@GJP?^xLrtFzeS(bhS<xhmlg?=k#4~5EvzJ;=-p|UJ}iigs^9V!?4!IaGnl?nZD
z%B~HSW$BA4zdTf~`%l?Lp)%cn$|i=&vh)in|5~VA_n)#;LS?%DlzlE#CiH{(Y@qyD
z%6}sMnWbHld#l7Q<+lcY6I)x)KC|zWUrh4r2>v|4ZzW&vQp*3$&p8p$a<n#BO^xZ7
zJTxzGeZt#_i_xJm#GRq}U;<@R$99?A1$CzLnL^pkl$A%<T{>qFiy_CeR#GYEy4*Jl
zoY~Jjkd`~w(S+$g?OZ*fOU;$V%b9xKxqc9RlsK`0-!@#{9j`Bt{Ogq_Lo0nrOkxej
z?>a`}Pm%LL%Jx%sh5YXSlk(w|kE!t2NZ8&*zU>uLeg@^)+(i*}%PE^k*?fNv4#x$O
zAeogHjk$$p2{gaC@lCbQLL*mXB>x#D((x}emrrG`7e2e^JYq6$ZFbN^51OghLA@XQ
z^@zcr5G9e{QsrLa_A9znL-%iQWq&K+w=vVY)K`PwOuj?pF`C~h_)Ysk+LpDB;FVGS
z4a(08Xgryk^qR1e->Ug-sJ|BRb9e9?tO={~l1F;+h1w{vRzo}Qn_c=&BZ((-XgPC{
zyplB@XhdPu(4n(l&oo2(%PYIoF{10SShPES)N$9?0qNucb0#5I=Y)?DmoWca-KAca
z{&n*~oDt+7tMa@T;$6_Psf6~pZ~1E>;zh=RjfFGT3+@trE9bZU{`lvtVTt&X+v#6y
z4J*2{5!!(>yY#&{!js;Q@#9e0KulhS?y#a_n6yxaL303_3$N``HGDTTq1bhKwC=D=
ziF2ttEzr&GbxM+}UbDbypvtKG;dNbVtv|+oo>Av{^qvC!Sa7I3%9Z>Pcjx3JdM1Fe
z9E=;T?^2t5j2_~B_DA$<E3EN;IarNg?VH`DPWH#%&X4y!38~W)bzq$wNl?srf^!E<
zAdSNXnb|x=cUF|S9qcq4w;OK4K76@^`Rrax=yi$YgFe<nJa1e2Xq{O}8xPOzQn%2a
z@!=-vC}UX1Z~OV}UipoDwC}^k{%_6NzpQJ;-?vcr(s^C_c~_&iXGz{s+aBYxK=NQ_
z7q;7a#D@;$;O$K4u9Y@eccQbGWE0c!dojP)@%xqXd$;ak4<@fYo!|3sw*Q`nWFfy-
z@Ozan!*E_23k>ptnPa?n56d}^d}cq9!$vSx+|m`_@5I?(5zJ&0*q{(wX{T;Ib+hYT
z-_EFe4t41O7IH>E?q*^x6=NxYX4p5#J3}LOYWi5p4$ioKmy2WL-xNM2)aiR`m%7^G
zW3(>lH7aMdWQ|&LNOE-EfK`W_%{wKg@Lx_c9wPg{mKAU@d<*_+@CV<{Iw-(r{O*;#
zIzNx8@wE>tm6uoy6lLRJM9hng?Z<<(YY(|-Kpmg8G%PQ*5d8j^d5Nu6T`Cpecjx%K
z`PcZ|L42(Ds+HRb{k+QtEI#(^0oBJ&;lF246YK&$Gr?cHpiBKX-;Mr(@8`V%JUUHr
zHFX9q>{6sK!gWXrvkN<z$(;cy?sskI`{lv+G5+{&0iy;CJ%4Netn=&S1*Qabi~C)X
zh0}3D-^<C_Ky$9NtLM?n7~ivqJxu;?7{B-bZkO3J>&DbRpB+PAYbN%SIk}9wY3hnh
zjjj+<(X`?HYW-iy9n7cRJnEGO^|Vj*^^n97eHERRfBAe?Q-448#Z2U%l+{tzPMHju
z{FAaRlw~M0nrX_KDQlrDyoNhKSu<r4tI0p1&9Cqh#f$v)1%JytKa{dk%0}|t<a|x}
zXv*hV%F8IPv6RoGe50j&A>|oM`3lMh-x+Op0xYbdJWct-!jB#ctw-GJyGZt|7x3zZ
z(wh#8h5={y<KEs_Tp;~TOeOyaR*}pz{FD9;q^$OPUHY!Yg!iifQcuc<Q(k^ov|M~o
zG3AN7yVN!r1g$$dC(bx}WvB)vWZK5}Gw}~~*WBy-x>ycx7L`d2GwNgdc@OZ1IYu!~
zR6z1NtD)V$v`gPd66&|sLEUe8PmUa=h;(#ZzvSgOf=JoKej~s;0N(QZy3`j%p)}t*
z&n$d@&#(gD#r?cFK_|}cH-xGqu3&uc@6vbe%UPL4-b}q`&UQ{;(fKld&tKN1-@7S%
z=A0>Dd_3IpFpf<ya@3&96Z-)oOa>)v<6LEmNWqv&|BtmRftPyR-#;fMO2&Harcz2|
z%F?1`DikG?T}7iLOBg~S8L}^RNOn5*$aN30ZwFVhU1MJ&L!odvwu@`&|NYMQc}~u^
z-#erK^?sV(^E~hKe&2oh?YoxJpR4v~{<!QyNz2k7E9nnuA(vL0YdgIm;du#9Yxu}k
zi7_&UmH$%s*^bwGSapo72g3i*Ou+Jbka|7R8bPXIj}}!+8>(T~7Nz5xUJ~!B>wa7|
zLhDcJVfr7=NiLr+aUL;iYyXPV@jyM7x8mMqQ0cygSG3)4k#wrB|FQH<^FOqEY2B8&
zy>z|1YQ+w(_X0H9Dh`p3w6ECvUhUl=$7R~F<dgN%Kyp#~j~C)f8#LW&HZSF3lJ3{e
zl_%vd(OdD)bM2(lZZt`LLk^SrxI^}RN=SoEmt!riPjaWo#d>|O;k;vdlB^ypp2FO%
zh2*-sY(!RAwBq@}l9sN?^Cj)~=gRd8`CHS*@s_lqoJXH#EmxXOWr@XJwKT4DK3R3F
z)W`ilE}O5DV=3QK9k{l=LObTFK8s!U`n4z>XJo|IdQZwa(NG66rs8c4mM0l<v6ZlU
zi_-b_>%>-v7i4|VMakxsHJj}+y~(sy_rIj+#qxdWCUaI<qvdKkwUp}MCD9Ms@F%;j
zEakYQYKX3{dp69Ad$cNSSv95cR3N5x%r-w<?vIhUziMAD#a+HPEZtKfaaXCDY)#*=
zJ(MAOntUp4h<qw7Bfj2*I0$$jU@@n2<Pl<j<i<bQoUnY1>0I-D!yuE5j`sJ<MO(ee
zPs?7=lgp*{DD87f=M75jA>F2-9~GN5c{_ent<_Spw^-~YI{mb43q1)~vL|y4_D%AI
zgU0=`rbCm7dLm-Qt|={S`<NZZ$u+*6e=0p6s@FlLRvj#-hX=|6Uz#XN_tYLJn#sL>
zTDA-76a7)IzYl2Wfx1;{00Uc84G|!>^+`XK9w6(A{A$F`*}W^<8PQ-zW-7H~3yBW-
zMh?qdBkqqtv#Y;9<Ccl@y5f44!p8~obHH+rzfON?i4bRh+XBzzo5gMp`*b`O+iA6*
zlz>0l9}GJuz|X>;ypr~%52y9#?N`IjjqtCAKW8QFKPY+EU)tqgV97n{>^<)=bs@jG
z*w$ZK1b?ibO<%Qo9|*q-{9*7z_B=1P^ZHZ!ReuQl3+)%helaPw|Cs;dkk7I3FM&UG
z<?~-7_G{GsAM^iL+1IH|f8M@OC3lC*?|lwa7xKk+UVmv3{4xL3Kj-Yd>M(U7U!D!D
z(_dNyf2@D%Tff$L{C0AfI`5}D>W)$d7W{hn$?c5Kb~Zl)zItoJ1^Bg}8qOm;2R}=F
zC)jz~{M0t)FL}IOqpVbakSyUp>(|%nk)9l{`gq`nJZ<)iwdPNH#r)JJ);b%OV#~S<
zzy7tRrN2VqiPtThy5{#-`l)X=F2$?={BI?{NIT$*rJIZ7yhkA2d>_kCrnmX|lQ$~a
z8GqR3C4X?~|0tRv!E4Ij^%HGHNrGqob01m$5`Qy02yW;r#ZGnwE&q7wN?b#^SA{Tj
zp5?!ObBpimC-rgZEOS)Y)WSQs^fPbS5pdm8Rv)EfJJB$I_28p67C-6YXWuvb#UAD}
z9{v1-mhaT>c6BdgKUDtIeb!#NewKcHU-MJIbr)Gm8Q_qe5Z_?GzuApoKjG}_{pji*
zMEiC^J$wv226)%8*8X~)Lfy0lTa<k6C!Q9xZ4CdoaC+bUsTJZsESeo-;_E$;+7o<w
z3x!L@@bWsvNUv{ty}VK`me==KsD2Uh$7`cM0JD7Fo}S;;5$t(=j#qm|9IwZgp5H<A
z-D3Db0XurXOPu`!gpad-P{96$!t4DLK0ng}{Pn_jjM3}8!>t3n-cRA}&w>3Ohg*N*
zweh`xd0l;vE3AKsyyOl-xXspbYTJbm9cT8?+oKGyuCeMyx$r}QZFEP`$-p+-MbYtS
zf1V%n*q2McO`~o)?4%5?w4DuM=SkRE4|ZM$M(|48ZHI_H-(7{*Hh2s6wGXND_3O*;
zvA4T9(%be3YnN7LHrg3j`;0no$764Ici0^XJ30o{`FI|CJHuh;OxUs6c;)RJ0z0?<
zkL5ZFcILqj=UHD4kA1n$g`IC<r*ut2>ZkjW)()lf*@DjnK1C}}+%n+d23HujuZZ34
zB<$#;%ua9Ue11Ik`Fjod^ZeVw>oxZ{J}vyCNLTZq&ZpzCxAR^g-F0Nc5tr`v!t3e3
zUyv@>#r8*A`MDqQ>3Zz*(OvAS>jOLNccX#ZSa5VUFn7`3&LFX)bEW48gP(=?ZDH?e
zU|nO?`Fwip?QVg5{|Gz#nVA*Re^lyO$K;UlR!^Ky|JV8JDYV~MXV>T3V_%MWurmdA
zO3&^5Kk8!<?A!`F|KI-b73@6zKic^LcHV@YwrC$;A0GSq>4<i&yQT5IocrF)yS8G6
z!mBs577v9dM%jKm6khw}mZh9mKWe)4t>z~SW|zk|8H87|Q~Qv`&&`6p2h69P9KtKv
zse2Id?=(N@?Bo$%$xh9~7Qg0d^Rv!Q7U7lb<R7#6nS0Ey9^SZq(g?3)r;h2*F*^}4
zju-R5Av+<yp&cJVK5NY{-fuqZKZEcd=h=L51o~}OeC=tTA1$2j3|~3R^vBBI>dug#
z_SiUH_i(37HGL2HTb<XPES%~*ulwY<^d1#HPXF%!zlCf}<MeXdX)IqI;0pnMT^avz
z_74j1HQ+N(*l{}NFOKu{)0ha}Fkg}_Ir<6kq4rNaXYoSe>DSAL=U*!yUiWJG@M58S
zcvK-g`AYftg_p{QXDWn8FI0&Ca{2H);-~&)x+L0%=ONPIvoBhB8sXICz%xGM(XYAM
zj>JOkS9sp~4eiq|{rU>=6Qu`7<^JXU%ubDr8+FOj|6#tczv)Bqn*Vdlk_GQGUJ~Io
z2bi67>1I?(_i*IH`N8vKPoaGVS&eaApcqkIfKQCGbVA|tkw5P<UJ>E-u#-Q+>=oeG
zA8(j`LpsRV3i)$<>S&ig7k<RER=?h7ygb4Suv0Vs&*iW5Y?QQ|&!6YB$2QKN4{tsX
z?eBcXOM*`vXLgG4L-p6=Y+E<RpkM0gGCfD+`E7*P^~dw43$Mp4p1)CeJ^$kQ4}{-3
zhW{vFr>V^2di>(;tS-E!%l2oz(hu>uT;uwsp8gTfq5YlDczN(C^ut>CzJ6;bG)_l~
zS8_~;`SW~qLiu>j=cE0d&v;4jMcBzAAC>Ya)ft<=6?j)JA3huDd%uqH5S~5}<%A!~
zpKtelCBe9Um=#{n*L(fh0sd;?<ND|Q!pHSbJ+9Y&7+No?Pix$69O!KC<S_^j9Cu`&
zYaE~P=+_)sK7JAN<Cf>xcphub84Z*Tj~?5H@*RC&KHa1%7xP0u`EvRAsh7&<JNZK6
z_^Tq{w4XcG!c$YsAB1r3<LduueBpHHTzK6)<Fk{^XS*b!D}oQzPi~&&=rhzS_v5ci
ze4QsfzeG6Qr+Pjq1==}=m)9ajJ!ANU@Y>J49eK5S>3V_Z<<;V``u&BE%g>SE{qe_O
zNmKQnKU_HNN1neppr0jtX&rILJ@10Q5&Tht)$K38*7EcGfx_vy_Pq83&8O$}d|(`Z
zobYX9^izb>dfw}N8#jIAZ*|_TmOsw!*Z{BP*K=E(=cT$!jy}g#==db6vwj!apGD7D
zc&Ojjx3~Rm^#44*;k*#aUmfxnO22wDt<~_nQz@M3hwSG|H#ddtXE<*K=G*kEHXnrS
zv;JCLVEy9IQfcJ5Z1J@}dj3w~w10U1Vc~QK?fFN9>ny)u`tMu*G9Q?qg&(>e%InRc
z@End;jzf8PovEd4Ks1Gmz*}jh?@CA2>vng5*K42Zwz$v~Jf4<YOrxam-5h_V#Mk-G
z^ZHD+?%Vc)-p=Yok=|3<RrqVb^SaR8z;?AfiWa=9XDgQPqo*L8<*AXvX!|@1Ugscn
zM*weNa0NTTcEC6ah1cRffKa&a$2|Vz`jz|G+BXzGyU4<$qpU_)?~I>WY~k<SY3(u^
z<?AN(sq>HL_Y_{|!DbhkemL|x|7y*8UguxkC%psxLGrh{_R{WJ&z|2Y!1oOBdOL=W
zoAid3AFlr=I^5-A3)gEF>L$7HZZ3SX3-66^O-o(gh1aZU_SrtWL66#x1_Q5U(WBum
zy;>JP>%!|?_~9;mJTTMS#pUmKryu0PC%W(<F8p+aYn!RdxNzT&@;ar`cntMR_Ukzx
z*myj|%$DB2taa@9pM`4|!|Ogr`3sRhUWd9LSmzLR^}uZmM(bQ+?bRQ6Utpa>)SU~Q
zE}<xz2h8|OfLkH_Kfvn(uRhJ}>ljkEB`~k23<mCQ!NGYv_p`NVs2+1Y%U^GZnpuwz
z#V@R8Gh=9<khsNWiX8m(D>ec`>jc-4)u&te$Dw?+;_Ez+13wJB*G+-W^UH+aMSh+?
zQaD`$JinUsi)0M1pHk7BdA**m*16vE@;G$qz7fyogl`$6KVEp<xp@84!t2=ae0Mo6
z)R{Ss9}vSQWrEXn-|N2+Ui<!E-HwB*tsNzsB^T;P=_V~o;fXzLMC8#=o<e(TJE@x}
z6JQ7N2g9yZOUZfNX`<7y^3c~dKR_1sz2C4jSIK?6q%rn(E|<p8cKxgC<urGH&CHpN
z^YLfvsepR&<!pL|)jQWKAMSCx+Zw0u>t)8JX75<k+qF{hx|ezDa^u+!KHe&qH4gXb
zdfWth96dyPx_Vl(LU^K;rN?#D$NwARb6@7euYJktf#v!9zQ*<9^Xv5&p4&LS*L!<^
zb-((n?Xe#w(eB*$h4?}5Z&^|%N13t?eofXeuS?beht`1*Kb!U^n!N)2x=DtM@KdK4
z4%rFu%|EdGr_X@>y!o|fn$P=23&0^eA^r&1FHSXk$#cvv!l(V{T;oG_Li~K#PauBH
zd1fbnzWKCY103ovyze;_?(dK8u+Zv_?OW;o=;j;QIF)6m<R)O8bN|Wy#c^!8mwh_g
zH4ncAegS^yd`G6E%_yPp!g&@>-A^b_0rv?PM%s~L9(KsrZfe)tL+z1-J`^4yUFvcl
zT0OFzYLRZ5`A2^8;P3s==9?2yk6olfbp`E+d5(M!;dH+C{K>*;OL+bi;nYsB{r{i)
zI<_m@lfGa7xvu&3#LuVuy5k7HzRyKHa6b3(A3!+QNgw|)gj?&cxS#O$-h`g#3%&&A
zahunB{0sD}N!_dS;U4?@NY|cW<H~mRmE*UEp6P81{AbJS)87s8x3lc8bpB6zyYc#Y
z66|rk_T~3@W$W)e*tc4%TwgxDTM^%8fy(h~H@1}6@4dah8b68r>DX6S$^M(rb39bi
z`|t&bZ@c))=`Dqx{q=X?(0KLf`TkdFzVPuqUfKL_i~X<l+7<8X_VztK1MySVJdw};
z@ei409<TWEu@Ld~*jSyn@9{6t^LWgMd+g`e-x1%A*5o*HruAp;*L{4CeS3L(>%yL$
zC6M>o0JA@B?ZUl1pPt8Fzdh_7Wz|=DuceL^&p#+!=NSGT;dYAQH;@jjbKv!`f2jPe
zZoK?-ZSeW>$7_BaTG@5e+i!v6LAH~(@B5iQF7o=`?l`)S!w<Q6ZVRM;xK@HVeNMZh
z_@3Wgc-`~){QKi7pC4~$FR`O@inntP^1=RJ$&OwZ(DO0g{viQgzlW&ldi^WH>zaB#
z(mzc8R@YvB+Sh$PeR+NO|Jon?aj3W7{7M_wV>OfF&X*00&M{uMvUpqU^I88szVCOH
z`dOuZd%*iPfAT!yaZ-jh^7H)l!s+=h&tEN^J}ct+X9E0Z;6v>b4Y!#s0lyx8NS_~J
z`fB*Ok%o^)`;3wF)SW8*OV0(r0p3)V+v@}9dEVK#$4Ixo_Thd$4V5FbzyDwJTaWyQ
z`jgL}A6Guym+!j@_Uqg{_aEr>+^#xr&*Q4AY@D?=dF1og7U5iPI|Fk+w~NDm|1cck
z?EksaOIPeYl$s>>p|#+nZ_wZ1*MrYKZ+s2-+|Pzn0ec1L^UhxF3+S0I!rl+&Xa5U(
zf#;^{_O<ZP@q6@ND@iCkjqu>{EY72b!qXSRKCb8c^Abs>9|$izgZzi?2MC=1UfJ>F
zueY8iZ5($UcB=4g<(Ip|b_BjWh5aqR_4}Eh=KK@TS08A)+5=F|gUtWsW1D|>m$cLk
zkP|%GcRjzW@OpjYkvTRVhN@Vc9#<*f{4V2l|D^5?`RSPw&)*&39~Zu({7!@&y{@e8
zY58p^KhJ+CoaWQ>Md5V+=J}mu{?#$e_VV>vf4SB3OD_Ed5=Zw1o|jL_mh#)~?^f=u
zM5At){Pb_npDvuv;hw)yxMU3fka98nC&FocdplnX7iV9ef7bnx*B>mr>T`1~|C*M%
zf5=ad<sZ7=_+CniyB?U=JFk`gApfH67F++}@nDAsEMA9FEIA*zuHhu`P)S$wpMlOo
zqe%OO*0bj|KXLq9!tWHLe^<CT`^tBdpP%3Tbrp~O`t#Z?R$i`Wq4S3IrCp}1`zWXG
z&D2eipVnK})ytL8@jMFqDd&IsMci-lD)d@6>OObze+A|`*Ze`NX{r8_TiN(cu5Vm!
z=1<3_I_9soH|DGU=GVigo;v!ub4>R)<d6O9NU^EcO+Ej)6hP}QWG^+q?4{u+cQH)8
zANRFeTKM;_e{Zt7%`cu`Pk61#p~x@WD+{c9S9M8uoy&)x1-;H;>aGITzN_w5VBOoQ
zdli`HVLk=cJ+V4}-_zO;S$l77!O_kS8@5)I*M3PQYTt<CwG5uu$4*i){El)WO7rCP
zV*>nP;D;kW92cX-hURc0c+MwYH$pUeOg05N?z=7k)-ZJix9|H0!X^2V^W))ugttO?
zc0;Q#IbC0JDc7DpzR%Ayu*dfG`gak|{;tn)XkB~{p5v;mWI*=;e%@N|5zC*B5p_P^
z5fX2p@J-*d7U#I{fOzdnv26X;dDQbdD)gSY=byB6IzXRMZ45tBI4$cp(DQuj4#Mep
z^}M#XmW$((^8tO{Ul|I|oz!?-Gami)Bi1uQ@vF}-A3u9h`S9HI^5N-A%ZC?cmJhGS
z{g_LzKDWaB)CvAD_!HspwA9+^2=v?W@VkS52jig#|F#RPU%bD>;w^#y9sI)(Ke+!~
z)#|q%`{H~{!y$dPnT6+@njf_=KeT?<RJblzhw%BstsI9)Us5+geo6Uxexh(XS9@Of
zWy&XKS$lMsztyoH<-ix6@9o?rab#&&;r<mrZvFYJ_9HC+hianYK9Qf=IS;&rM$v5!
z`|xKGzLpvhmv{RMf7}_W_uRwQE;aXCeatp<4fPS^f7RW-tPu~OU&BwoZ}<)5Z#e92
zBO53!r{_<Wc}v&mk8r;7An0$GNu*N@e>M0}dDu^?f3<vYUS<38Jy@TPw3^m_qV7WZ
z^_QRLZ;**p*9gzwBD~f>==jv%XBT1IgytuIKBk7ppB3IGMtgpr6MbzA!&!d%X^h7V
z{1nD>NMDEW0{q%Ft>2t+u+`&OsS9<wf7f=V9iOj!mBq`#r;hoeAGJ4K-InHiJBfA(
z4;;VOAl{mXSpM`lP2Jb>8z4W=KPm0GbqxQM@I8dDZK_9^)>qYMKG~lRK{|VDptx$-
z^ZaG7=XpIo)AT(*N_ahv8HnR{+P_)2PBFY5S8W%=Uju!maxB9AcdW0oC7$jVJg@U;
z9KRIlcztszhwjxpukSC@<L5Yja17rnpjSRlzn<{v7(2HLr}gL4)p>o}82%~Y;`0BD
z@NxN9e)kwV{}fL5X+GWg!o}H9KF-ebu;cs1!NSM&i=Bn<AirAl(|zS{bzS7AJAz96
zA~a4@d$&+CQEn640j7xq=cS4pVW$Ycewf9tlzw)C>9h>$nwuBZUiatXht`YSDt3ew
z3a`G_?5{e?=8+?juC5olw#4zBV)z-tX+3-WRl;e%isN;B`Tc~)g-MpbL84X1dWlXo
zzS8?DqccpGnqqzuI01YN%AGOu(K+Jl_;?)rQQ);t>$xM(pDJ7`hMy#yo~PO)YxO!t
z{#G|cetJwC>Ti6`pvh>9$9_Ck#<|+_{1oA}j~@WN9^<H+;Nt7Ns(p*;`t^qA3q#@6
z=ts}N?r=>++%oy;{=xIdO1^d!KGg3*{D#fiNh~>^RC>w0j63*w_y>=%dTCNpi4M3a
z@Y(J-_k4%PI{i@&v;6F5^m+U>^)O36i}Y?2U;DS`b)D)M!`~;I9z%Nlqr&NaD~{Lp
z_52gUwF&Us$MA0o7njfXg^$bUN5aSDbBXXeFZlc@uPwJJ>Svt%t?p>~tt&sT*Ke2V
z`2o-CK1Jsd&o{5a^QD379m%4N?>ziaJ2pIb9<alG<sy{hILV8;zVg$S_k23QYa3{v
zJbtY8m$CA<x~cM0#`C%liQ`WaUhOP_9nK><FRU)V!Q;%n&GIrHfH^*OZ<Umv=VwSg
zw~gVop0!=P{vP3VW%Im#15D=}&%YF~^Q!R482vKgbzby#z88MI82;gaeyB_gZDRDw
z$JyUYcpVo$UFGBSnSfsTIQ_7IUimovAmMc<?(@?}__%uLC%pCpuh;iPwGHq(Uwi!s
z(Z|)B@^SebDSTYLDIcdF6|k>-oIV?{uY8>T(12d~IQ_}O>pbJ@LHW4)oG5%;{U{%&
zpA^t5AE&=ic%5&3el8L|F8|8!8lyiiVCVdR9pyFM$0pi5GDiMZmy};zJ~x)hNRQ*Z
zUb#5EzQ#l6CSNXnO-~%JudC@4qgOs|{yC|c&70o-OTz1Z&GWm9oenYlp~CBNrPq%T
zzI6<*kK4D6;q|o~dJW6lnJT>Yx0*>-&wAcp-3jtrLw^4H^sLqFKA_D`F}>~^)y<S&
zSNVnZPkip3>z}UG>bQ@|7bGL%Djkn>DOkF@m()?DuW9Nie;<9S@p>Gl?j8B*eB${|
zvc72hdOj84cNRV!qwf{a_Y3g)-fZ35u63s6bAS0;-BS5!zw-PK;EzN-A0}9xexp_A
zTh^oBFXv8gS<)5YhjiRe{Mqwph26C_!|luGRheF>eW#t#xcsL{dDaoT+3q@<EbkBO
z7u7wDFFOAt)JwV)OWsfG>~1gPO#5|f^ou<Lx^AK?rGJ*?i}Q>=Ctn)xj{j2Z==hxv
zyKKj)!s$HV`SXO+x?sJqT=e<e@aCsk`aBQ&Fzk7LeW@=!-tzor!fU_w{9NI+<vjoQ
z0RNKkI$wIdUJus&vgh@EWO2Oik2IgXCR@2W%irpb0@it1owuj&C2t+WuP=OD`PL5b
zYX*3IKY2T`e>w7@drEaaAG*KL{NDrJ_>yWx-RYv!{<GQXR?Z^>x(lH5>C6o9H-bMG
zc8?9%{d*w3eiLv<iR07zUHJYn{MM`5dqTW^vhZ>J;qSt0n}+%|&liNklecNF498F3
zYvVo?zy8+p@#`wQm!`I(&6A<~<SM=Ai^pqwO|f?8x})!L)%x;$F~Ikiaia5-*MBGa
z4Ptnm|8+j``p*LP*A)A@MtJ>p!fOq9zGEOiTMMu2j@Pdru)neJI)1!fZ)=R>^}V%m
z<*E`su0GEfUVBJrzrpKKKK*$TC(fSU7ZAtq2L64tGxtZ@-rDk>e?d5%4?Vv?INg7F
zzNOgLcIbxn>j3#%-CgqAM1G!sLpZG`&o>o2+Fv}sy6|y!b`@UjRI0ycu>S2QT6Oaz
zo|fD5iv#>)(oS2&=r0vs_xIk;)-pfE>Gd_AYsKjGwRGBUe*J$<?CZSj`N3j;+ZbNo
zXQ=wne3RyNLA;kizSk}4u%7eJ&Uu?3bj?wh1(t1e$t`y6uIr+fe;jlNnk>@uHd;>4
zcM0%%enrQb-&YP3PRGqy>_a(k>G>6{U(f4hP@SJV-&g9rO$?t#J9)kGadvtI?DQ61
zYtEl{e;WDLzOK%v(^KNfzZLjvh12@;`WXR!mhfxD=+6xBHw&*l;vMAgeED0QPp^lp
zo4Swj{2S8$`o{3HWL$NQ;qMY&+t=IC=WF8Xc@g-m+t2EC_MOF!=N}fnXN-M)Pmu0&
zeY)QWr}ewScox03mFM;QMY^7NUhf~?GKQ}azI6=$q|}?vx8BZE!gq+_yGs4*c`UEj
z?{I7r!#^&3oc%Y2*Ky?SJRy8sy8jVgkK?^QDV<fvw&&Xl-!F#0Mfja!_&bD;%m0JI
z>v4>?zf^b~zn=eAc<uL|uae`Wxb{6rcwN`L{``Rc67W5y+Po;qm0TZSU8~f2dmGAx
zsp(f*uMUD8&YPnpj;7>!U0<~yd;SaIbRP6PkFPwh{Z;#i=lct<_2T)%h1Yo^w9Zu8
zH&?n}ujZ}_>(ZR^;l(@4hes8{lXsMlUp>2g`2V`E&rZ@&DfNr@qDys`9Q{ALuMhRJ
zKYPDiD1E+PqwCq$|HmMI`W{&AkDfm&!0Y_4$9G=;qVPISX2QPi@zi<UzeJae;olQp
z=P$4SKzN;BJpYmKnx5yE3g0q@*YgE&_Vs*AoSi|!>wN9)?;Fq`E&RY3{V~FKjp5G>
z*ttY_otJ&OdR<B9Q_tTXu=9Grj_yz6%B$~Lk4twm;dQ<D>2?!dN0jIFduws__X*h7
z?~BFR9~a>DI#ir}Js*;a$&bGOJ5GOv@NxOSN%**WxI=i|Kl$>0A$;c;epOj_<I?RJ
z;PrDDarJO>K;J|bu(<rJB79uBDdBa0@AKa$z+V%vv!<-0y07wf))qdlf36qcSH*hl
z?KBDSZ36sm!gq<u&xry4!hoGS1NsHR$MuKLg^#QMZvy;J0bZ}m#I@Hb>^pq@ye@oP
zx{n0(^}@&1PmAWZKk@ck3ZIOr&-DWO^#l6N0{YDZ`YPdd1@-y)3gz1HJX^QgibkD(
zZp+8h_ulJqwdYS3UgwFOVed#aCT_O;bpPr3#{&Fyvd(CJy`JCyJYt6B_i)ju)B6jw
zog>_rf2jT~E+@aF{^9rt_C0^8@Oqr(`LDp=@vx;U(|pN=uCvtk(6e)u_bdE<u}niH
zN53#aYfJXUUCmC15?X#8C9wnS2kzI+bSWR6>sLO!rf>Q1T!rv-h42FFCy@WbPUX{&
znwJmfd799EoacE%;kD`V_G`B*AD;Mc`S1e5YrB~)>DspdK9s-24;Ad=y|wILx@S|z
z{#D%*@dNwmEW<<Xv$MsgecGj;=v_X4d_R3?{P_F*lPGU!|IX`_mt1J$bCeagbPh!4
zsV~8=3w{}}On)Vp*rYV-8?IY7yU6U6<`hw^1+2%A>U_9=e$eOR1&O2cndiS0PS<<S
z>-%~83Lh%(pFLjL9Qp1jw$u#-9%nFmQhcqSyTR*TTAkO;7fy9W==7Y2I<I?EIMuCn
zvDM$!DiY^)i-ptunCI(-+bV|tMmRlQh|_Bud48zWpY9ty-#5T#g^x@3umG?3$LevD
zw_g*muj^S{e)M=Rj-MUi^*zjS`Ue91)52>T_<ZVdVw|1l1AI|<ZF6r&uTRDCZwC1H
z1AJ#$P}|4Y*Xvnvd@8`}b*nhNzOO2d*Yn_U{BYs*K0{yLQ33u~IZlb|hde$C&EtjR
z%FmOzRQd2fy-o$@`MRWz!ti;k0<O32Io-yy?se7q`EClrQx+WE4Xo#&)g5z*#pgV9
z1u)NJEQMb8-s*k_)-kVc{c4M^=ibzH24;TlhCPOlLU<pON6#T#+f>~mV6z%URnzRR
zRu&vxkN6CK47d%#6VO}j$vJFb+V2g_@-1}s_Cq+&i{^lt{uGCQLwr4Vug=$hw@WRj
zy(~DI0K6^m#V)<ufwk|edl{JJjn=dEFj)$Xq8iv60Q@ENhXVJIajo<I3cQRLtuxOL
z3-J1#Xgvnuc(LBUeBWDWZ8csCzu#q+<NnCUBINTB;B&>-e0lzU$*<Op=XD;{<806C
zbrT)m%$FSIlpKA39Wh&BzmophN>=}q`F?+&TO=n4#7#x{4lN;>Yh|9%KIZw+n14J!
zCcqyqydGhA{ei;kKE?C<fp3B1E?!?;B3kV!!Fs`S<o<YVUx}k*)$^wcr!5-C_lV)A
z2&dPZyuK)0oc)`H*BbYF<#nC({NuuH7Q;U&T-O-BRyeIcZ)Y9pKe`9^d@JGO^0`)k
z-&**%bhiuWw-8?Ytxs3i?YMI3{a|tYufp#dW2cFXW1Zu@edSdj>=&z9zYm4i{g20Y
zm9Dq=?^{`Jmd`W1k1~|M{B)a#>gZP+9(K9SM|()w)s2>4Tlt0d@jPw`g=c9$uzvHp
zLnwakV9VFF$QQ4l^_D#8`1ic7FLAtHn~dWR7hcyeZ|6ASbU*F+oN(ITJ%565I<Lj?
zgJSpz!s&67*Xw)`XMe8nZDREI3#a|v+qqCU?Z2MCNVvH2DzEE?*IzH3?vFixmT)@f
zd;V<UTF3C`f&T^VsPm^foeS2HpXW8rI9~G@#}5}?=W%amuyDF3@x0cL&U2pMT;_=`
zF?<){wY|K42jK?_e+9k|(nJ1M_r80M?iGY<8>;&T*n0Phc1MccjYa3v8z#K&F+H!(
zf$3h;^P5-2=ew=&+HbsmOW~6-{CUD_UcFxL57B*y=k@d4%AbYziS8$Vs~aspEtlty
z6i(aK^ZQ7-v|XFRP7(FG7=8!vRq)$6-TJ@@_(>PO2Jpu4m%#3q@V9Y#roS5azro-C
zDw{X?{#5GLMEGX#JHh{8q3K6S+0@-6zb)n09Cn5(Deg-te{20C@O`)1Ub=gb`MJ0G
z=|1KM=lwk`yc&LPXnB2Yt@Y44_%-(c2hOYIk$w?=eTDp_4nlt5*T4_uKRL|wDfo%K
z4gd6!)#qNN+K8feo5{UE^0(*jYij$gI9}`7^ZMQq<qt%==-jOCcwn8|)x97;9ha9D
zEgx*Z7i8S56~lifT#Fc9uY>Bi^mYyqUdN5+lhQxp?CAb0POrT7GjB(~%NJ)yzmKKs
zpw}NF{A$97*6rGxte=F!c^_=ut)^=(w$#zjKUh9~rF}=uG+ph(`75l8e%Dl6&E`Dy
znSSmgX?St$hkk$MpZ{h&`k6b-KI4<8Up>2gIKS)W=LtREqif^4=zn{cav4S6Nq^UQ
z((}&>uk)(s-;w^L`;{ZFw*IQ?q`K)cZ)?fDez@rM+{aw#_ffI9CZgB=vD!6ehx|{%
z>3S3@Kc5fx<E@+6(|E&SFC%}eyHU!m{nqoh2%n1K^}MGZH+cOi!s|H=&$p2BC1ZGf
zz9WwRMDp2H^mihkT;C29`&v()zfZXB<+lua>vi@#o9;u_yVmMYHR=WecQ+WF0o(yN
z>CSIxJhc<LzlYaD64zNeI>)GcPU^3%_}hXXR$}G-dcfU)eY`!S{F>go&}rMK`wdvS
zUCH_PMm~dZ-Akz(F7>7D6k6XBJ#Cyc!}}-Os8$^7uLF42%S#fb{XGL-_aN#HlAosO
z`O}2capU>P0e*_`+TXqY6ybEA>G_EPeiihS(~(cM#~9J?B)@CGx0b)vSuMzWy&kuD
zQL4Y>=vRXewSNZTp?Yq(-ivkJ&vz-r_xC*?RAc=~*A8|5yxw65*JBQKr%QiZSA5TZ
zAiS2*^PdIy&jb8JGG62CJRRVl1%C$eX{Cvx|43eR{k#FZ=2@NpzK756FJe#o^W%ue
z{lb3I-a7C2_I^<~ZEvr?RrETqdH!wTb>8;;0GYJ4f4_xvwU4UvI=;vGH|W}$EK1&J
zCD*Z_PRp+2+sEHl2DbLe+P`CcmcP|;UCSR}J+%nG{y@Vaefn;*Q~eL~bJ%Bw^wC~s
zFUlYt_#u7mVAExXn4iYJw-3s@wPn9yd>sK^%cu^iMHhhQ{7n7{S8q2;9BqHk?*YE)
zO;*p^7u5YAKb@~O1FvhJx;LbMtH$%c2(NAC`QL=sImGj8NPpBe_520_J}-PSMt`R8
zZDM%6Pp*9oKP|vt7qIisfd26Se=qFpfO^w0p>C%9bY1p*K{#!*IKGSUC&LcM|E0p|
zd_EJr?<Y@!w_YpXAAZkzL{j3Y<9Mk5%=mN<^9zV~pvhKvKdYZ#$K7l>Y6txc@ik4)
zPY>`{g1-iKbZ??g=L+r1p6?`_{+@xpxBRWH$t{)-uDcroYaOX;53F^s?m*z427~K+
z@>{EyYWT(P4A;YtzBinOpWokb=(wW#E5wJN`5N)z=jiWZe6@Z+R$SKIKk*Fmug7lc
z{CmIs`!wH#p2vNc0kdCbWPFz9*1&Om0^c{_e%Y_T{(P<vPvCu1S^CSYe92Pom-oj!
z_#Adnp?c)|%YA=rd#m+>F0i{VFx&lHVD7u_1KtsOUvDfg_ir3Gi3P|%eCl*fR7YLz
zebeRPFF|@cm@GPZ73<Hw9Gl{Mx-yNF+!nyxw;qE2U)r0BBE6QajI4M6p7>C?m{0l*
z@39P=Kgm|v2-|M9)wBI?=Ol+nK8AwVIk)5j{fXZP4ej^*_dy5kZ8OZD{XXc4$cL_7
z>dpn`{^2~~bpLP*_|7U4*TK9M^m?C!?peGYy-z~<*I<YJtX?>68_!>Y_V)Zu!mECZ
zJFG@IF4OKf>IBhf3wZuQ;dH+A{6)g4t>a;r{pD0(?t5nf^El~YU_F*sw*;8$jL!2~
zf9u?7`R%A8abBnMzUp>{PS<F4Bjl%f@%-MxY56>_`;$0ckN?!p!LZN$iI1<(^Ty>v
z@0X9`_5A{I{Da_6M0$FUlDakIr{^WIuD$jYPV?t^eIM^2;Xj0(1LSXYJI%5BWIGH8
zX8+XVL0u6%|Cw-_&Rx*&B7du^2j;wVm2kVtFL{@xqkUJM*Ig}~*7v{)I_(FlI~F>Q
zFK_P_=sbTj_=^#r$0J@hD-iz%@V6qqm1_CE_@Cg}Z@&WOI@s&)7Gr?eQTG&ZYlG1-
z;%h(f`~>iv_c?#kufEUL?HcEY^f~DA&Tn_O<*yg=qxotjKhNtp)nlSVq1R(Jbw^7-
z(>nG1Ny6*Aa3%EI2h9^s?RZ}Auj?p$5#Jej6vzKB!LJ7&VI5is{u}sBZm@DB;BO9p
zd-#3f?*V@l{1f3%g?}mhTj0L{ziO7*-voYF_<i6Hgr7kEh5;V||4jJP;a>;;K<v9}
zfnS85gq?SRzlOgmj$7A)-wu9P_`Tr|y4Ui{aeu7Tt*%w$@V$7h^Tz<MCSmGM1lF;x
z?kcx0Jl(~wap6;4_yxe(k~LXFq@A^YeF>iF&USXbL%7a)>V9(gH(;4AOKyjaY-U&$
zxVyvAT&oY3yBRRcxfU?<Q|t2cki))Q8%eozOjLSLR_Odxu3Be!8F$FX{v{Medi`(P
z82%99bq>$&ptIxh{UGOu5I<;y?Q`lnTf74Nd{@IheZ8MV_mZJ~ay8zw8Vcw8^r@?5
z`utA#&X#Tt-wWq=#rgg4>Mj<}^@Zh2j4?hGUN_ppsp~M(%3X7)@%8XChZ!bcEEq2K
zFrVqs&)jD7ZYZ4BZK$h3y4n7=PtT&fg|y)mc&2+P+MoLvQ%M6HWclHF6XvJz5934i
zUw1spbD;Shw6lm~{M_G-UyO7Qvf$D?wspR!^nFYJJqM5d_b=1<t^vobPgnP6dThS3
z>8@-#S)>zcN48%m+_&@jhgkpmv+eB5JxubGmY?TGfe(FGBtOpDujX*`lSi2!(x;EK
z@az$YceMEf&@QbdJ$2mY9tNJr3+#^xjIU%#y}UowVLXNQA=N!Cy-;}O-SXkN3h}cn
zKl}{J7fP>)@Ot=#@s_^-{)S%H(veR)JPzhKN@JYWzz^yCc?>_VB{81&dC=A?t^=RR
zfYEi+^LoBr`PCjW{ZVL-{^IwE;Rgt(=SeSxeysehPS0cNxC`Z**FPA}a?`K$JtBX<
z9^=uk!@L`^U#Va4e!<Z5NW8vNX?;HQ5v#|;OSK~VTJd$i8nVmt454s;o}qTM%@cq2
zJVU5Hczygi<X7ivb?*YNYcTrKh5ruB>usAnYUSm5zO5bZ0c@+DJXh-Q2w=_+6M;E@
zOas<Fs_r^q=J#%3u50svInTTYY@<@XR|3p=D)E@*pX+5;;BJ;&bR_Ujz_WmPUN=;~
zmHK1qq4M)o;-2#1?9cNbxBRpGHSYMnh;Y{LufRMG-uMZNPuv}t_A<cjQT~&GSzlKH
z>)2Npst@Kj82*0w^47msK0Ntx`S6;B<-;=!clB3r=Pj$BwEALw-UZC_RL=pke=PxK
zeMWT_U*`mM8w0aHZv)KZ-NS*qn>@M!czfVif%gF3<SDby{u-+9<ncDbj`)}9vxuLQ
zbxPxQdD?hA52miB%Ff?-{yOlFLC<mFbsILd`}#dUI$(EGIgpYlE9B!kIY86C=Iy*6
z;C~h)arzg8*YhUc&hr7jhaC9D*;!rqI6KV)yngppj~RWsL&4WQWj(|15BOcAO8d#0
zgEg0S?oNHKkA*ST-j(dLzpRixzVDm*-R!Rrj(k_LUw>)&_?7G*@`?3Jvm)<Blrk#g
zdEL9Ti{bg+T(8&re|3%V{A$uab&uuw4TaY{cwX=SRsA5BPmg`Ptt6g0&vy@`ug@p$
zAo?4hwfg8>iXBC-0PhaG;XDf;4D9Xe`*SqEW1!nFpgRHS`S^N2N?g6^e6fqz^7?-W
z-!+EU`^5Bogx7B>ysk~2?;(6#yXbo$<MN~T-^KBhh2J^GKHuvb`rc3C9T~9VLgBps
zk-8(sYj2c1e}nP;g^kB(f!QI?<9J`*Q)GVAHg5i$wP)XwH97wcyd$vhXC8aII-jbW
z3_IGV)cJTGdpozoPA%+kz4P%r_I7TCo%yh{w`FIg^HU2u-oC!~FRnl7`~7rJ>-EnI
zAJ=b+!fShY{igxGr8IM#9sNFl_6%=lLO_3;@VXcC`jo6UarX87J#qT8h1VUCxAU)n
zoi_vg?*V=%S-<1*(>uT)7T_-q@DB*DectDPp72}7@Sg_kY$*$5Tt2rKzKht|W4?{I
z-Q;g|zW;jc^V1Itu;*t4(tSC=H<wLATt0UcKCZl(0DqM59i<#TKgS8L_pMZ;yqcD}
zV_&fHw=ftzjPL=#zXG=n;4PlF_&mPo2VHOQjF)wIDzJ_Xb+dsx7+m2#!UDpX?}fm+
zH&gcou$EDszYlQ(l#|D)KE5x<jbcM>Z-scg&g$*@c()*4@Ob|g>o7U^+0SjA2%Vqh
zef*WqOH|rdRob`xukrUmJ@Gin_p4J}_-L(L`T6@!eEnXIcvwxNIl!{4m)zaJylz`5
z{&Uc?-@M`M`FwsLsc4_`{Fbtx>>>Qyh#xBVw=TV9z&fVYwSCdX56`c31#W4<Q6J#e
z!2bT>Q3&Vp>S@4|y^@;@%=10dfjN$@uMq!XgmZkq4b1xU^|Fg3+(%Mg44t;II<K25
zIvx9-KUa8-Q)%DD;}{!Fe>e`pdyzunJP*k5gl0}0?eP5TJ}+6juw8c&jm{m%f@gi`
z{UyC(_{)XUYyP2faNigT_xsEFC)-TPePp7-{xUV#Mhwp@G?Z_5<3r(jgh%kx6C0<S
zgWdcWw$EjLxUan!^~3Qw9ay#zB{$RI>m9xsSPmmf?p9#ho9*x%V760t=|9?5p4azR
z=s6e9>vQ#byyAKNu27sEy?<&zjDEWCS|i@hZNh6`Y5H>Gaek6;dPO(1PVjs*`zhOx
zKCg3BYR6Fgx(Vn9ds{nlKTrGFL##$a@p*nZ6wddr`SVX*rD1hkgyQ+}$^6jgcX#IF
zyq4bcr*6GhtbRG)><nzI+^+=8a-IOJ$N1{b2iCl)yBC=2&hrlEMWbUYG0f^ODSxYD
zKGVlq%usl0yoFOY`_#tctPbrG8fT&U<9WYOc%}2S(U+F5%?eg?JkRdG-!)`aoEL*`
zcPoB0O)5a=$y31(1OFoM&cMxHHTzuWbgbzb?)h%QX$^Z`>t6Hb`Tc~8v$MbOadr-X
zolt#6Ygl~*!<*U67JBZe(tGmQ-$U{F+)`+s@bA(4v-`<P=NT)lOIN;T?Z<srt;5d)
z^Z0&~*G-?3`c`+5!<)Tf;oO%LMWg3`JpZk5x)=BS@51$u;n$S;SMN>pdVSA|9$yYe
zx_WLv-9(3dyeSf|r|3L?Mu69Kp|j{`!Y=n|KK@mrTR+BbweY&v^7?y(Uq|?RVYj{f
zt?qM&eY^()_7(`AmiS)3NO-N+Q2(zqpKzV>`+R>tc&LA`?Df<7GaApM^*FvNzSdMq
zvHbiT_bbo7W&MuFzd9etp>k9JuWhGp&9_a*eMSf1wiX->2IhJaI-ZNp(^X&AjZJL_
z$@Rh?w`^D;d?M0gzRv>YzO)9o1M)W?So@5+_kel4-1HqQACHec-T>j;_YXERQCsjF
zKWX5u2tNUs>CO~hx>Q4d^84?)mNwtkzz_91|30o7v~#6->tW<)5b}4m_}U_#uN6+)
za+P<jUbs#T6i(+2&+j3e?maxeC-k9mR2n~Z71p2p((>z5zJ-O4K{?poTfArGlI>W@
zO+z^Q)78MMA-o2d`aKYz{XxGQq82^>h49)pZbE$SCmwM29|vat^~brD##81K+u0?N
zUydv8v)+e&JvXNAEZM*G7QY$F!F9~nOKXJdoS<%Nhqni|T|g8a0NmQ-QPPcLpO5$C
zz-C|3dVYcMnkUce`|`E_U5#{Do~FP$w$wch%=yWOd%F{)VYP36f_S<Xsq?zFsJH(@
z$NtoAf%PZJUdeR;J{&kHzSd!~snv7_JliSJ%=l0{*R-<mdgo_b7|(f*_A+l-PWD=2
z`8pQqO_Fl9m%l^tibJf2hr(&ML3eKB^(NKZ;)nL_(@-xQXO~G{v;>}CES%0ip8qVs
ze;MEx3a@kVw@7!a{H;#Er>kq(0q<M=j4QEG>Ap@Kub$WWP5ZRxM+>K8*7KTot(hla
zpXug=+ev;tKYv4hDxK$S`$6OU-Xykk<a<6Z_H?f`2l_+gZ*^^i*L<zM(Ci#qVr4xR
zUi<t};M3r}PU}s}#`)Z@Up#-raP~*~H3jRh-0yQ;kzrMGX@rOF15fFTZpDS-=PSfd
z;QC}V-11?w<{yq**J_+U=8Jx|g8lr}c03#^e>Kt#g(oZ6kNR5v?nFEBKADicO6Mtf
z{N>*xbC6VXO6uA3&k47c{Ca(8{fFmO?*%?l!qiP#&GtF%i>BkgQTv`c|9x)0w}9pF
z{VH*QmAig_^F#aPd>`u{8O}o|o1S*r59z1&wwWlmiM3m1)AH?C2YbnhW;Zj*{C+5B
z#)=o+CVo@-`S&92ARS5f44&^Ny!J)U_ZMDM@caPbw~XP>6Fwco>vwO5#_*2{zkdwh
zO)}phhHo!?T)D0lt@71(SbZerZ*{Ea<V&`L2(53t&eP)~>o21%dZ~=<<nP)otX+J+
zh(=n^3WXOAM9+gRafw=6ejJp>d=Of%u0?)$TyPigkdl=sdS3duwu669(L*v%>N-2{
zV=K?z&_6D|?ini0^B*D}kC$y1yW+Uv`!+)NvllnAdW+zv(9d^SWclKC7j0{G`+(Pd
zySiD@s2Uc>?;gYJ`_GfYCx%<P`nNjvgBtMpeJz~hh2gpVjIVSYld5pu_7#+a$6b4V
zX65BNI8542d*nyZ?NG|4Jim$inmDiKh3_uE(0NRrzYK+Q|4m)>^v3<K(s@pwpBp4E
zdOpXWPw2AP%Ex_GXntJT^9kwd#`&#uJ|VPjXFA$(e<+;qd8O_lq+7sqPz5~yl!qPi
zwV1C%^GXu>P&m&=P?x&Y%FE}hYLRZ5`R8+4;6wEsT8Ac}od!!As{24XVJq>U0KZp>
zm3c*$G2OR@^3D0O(sk|7x|hBj<$S=#TWXH^5i#dQ;EHx0wD{>e%};te2(M(P_92U(
zn+1E$P7dLf?9@DL@oTUj%Q`z*gjcdt{fODg)S6$s-+W&8%OIR~l4w89XEmtj{CLDW
z#{3%W^Jph=tnswN`1ILc)sLDkeXIH0FVap1;UPOAp7!&Pncd7i=5xPF`)P#JjxTSB
zZ>Wbek?*t2kEWVW`$^ypF%NV8-Wu3;5%QcYa8uNGcVL;;ORlfep9rjDO5MLDVjJ;2
zuiuMRJ~Zy;&$Mxq>n8(LTzy~jQ^1@zGQc4_A-=(Wf3q9Ge!|($0{ivhJ;{?EpLzZu
z9JhUldf<Ly?N4pp7^j61r{6bDieLSiwM%Hf6$<zJt^5^MUu@q>`z@az{cgLqx##se
zwQ;<@r&ROr^%n;8`aLu~?)CbEh1Y$0?NX};f1FtTrkx=Qg=g`c9(Ctm*|;9ExPKtD
z@AUc6_fp1{SNEB5{G9=QNr2b)55?8nJgI}Y`uUgeap^t@zIsV~z41Q(&_00ce<<AV
z6N*<^y>dTLX`c|XTR#cskpu6ckIuDl>JGfRak_Qbht$Alez-pgJ-1Me`$<CKe6E4I
z0@5vRY{yyk@Y#>Z^ZHI`o~f<yTzVGYwV-a$HCA5EZ`IiU<lvL%bLlT&UKt_%LEV|s
zzdDNV`Ll)Bnw^9F`4|<8`#|_M;(K1dORF=M=g$yc_wYS%zEkHwbzV13bb4IodHpVL
z7vX*WMnLb+qdq5E9T%Q|F~FZ0;Li#07X)}6UvcSP65#I(@RtVo4+H$|0bY+sbpPt>
z;pTw;9|3+&fPX!}za8LT3GmMZ_yqxeQGkCiz&{$`PY3@v`lXGcDDu~T7a@F@=+)_W
z20Dpf={!Mksg4FaMpeJl=Z10CBiapEZK>N$e(S04_`QW|9m9_luC4rzhrWaSt?p`I
z9<S^xCvtU-<o=KQR{F*LEk~j7O4k7^eLtS(F}M1{%D;6fmr*nfSj((#Eb!(AqZ_|A
zy&av(ya3Ge(o>;l{oM_`6XJ);!~Fbz!&x7_zqI`IL3*bF>p2N^_W^HXF!~U9SKuxG
zZSm8<{=C6q2-h}NcOEeNX(<1h;ntqNLw~SEk4AiD>2dx&9+>A>ZUx>B`jCCL_m-}G
zIs@~3oDc7daNWD98v?wR!4=M%j6gV#GmZha)n3l+0keOc4b1c2SGw>@{fYIj=M2@o
zkN7;Fc(;su-B)#}w|dlbw(4$_pYpZfk5N*bj=!ez^Lz`jqwB;4=U7j_0{&fiU&R?C
z&HnZ9XTX0H{sr*wfqy&vXW{2AGP@_iKNbEN@Xv;S0sLw3XTU!dcCLay4gLf0&xU^&
z{F~s{!M_T2Zh(Ia{5#>-!hZn%WALAbpS-_?)Q+47hM$I?f&cLZRzF|B{}%o)@E?c&
z`Bc;W41bNY4Zn`?stXOT1%EyGmFzcv*5chT-~3zPABy`1$H6}a{)zDG@gAnrfT=$V
z_&oR*!@msvmGBS4d!deiKOX+|2)_ybZ1}YQ58$7WeuV4(bHP6je?I&i?7j^A2K)u^
zn<M@wz@Nka8vYOPe}TUW?zcM;cGm!28~!Bl8vwV4zYY8y;iusbgg*rSLGZ`IKLP$E
z_@&PDhyR+$Wf=V>g_EHe9WK9<<hS^3n>W`gn7?R&`5OW6`hnr&;Y*ZQC+lije@O{d
z`_1G)eSP`S{%6j9)vIQACG3~Z*{glo0{`Xqbv@Q!QhsXR*Uu-&FYD*)mCV1)eRcXv
zi|x4jZ}M8>`d<_H&(@FF&g)O@$L0TjwXf@^{*nRveO>-{U&;K7?Y#cd0s99#`{M%k
zxlfAnTFZ9MME&YzdKZOVyHtP499!|M*5&+~lH%+vfm}aBIInkc-}uAt%Z^i>J}0hD
z*E)4M;ARG+1A)0tTW;)|H7eox8)>sfPR3}-b-2@ZJUoA>_sOVZK4zb47Ih6)M|<>*
zmFsiMEWe^IMg1B0Ic`8G{EPhAv$<1iY;eSNR{vAKw;G)Zf8iA4qfLyzsD=5n_AvgG
zmgeuUrunzrWPYlH=??we{BO=T{+jj7?{|s$*`el-onij0GtB?j4d!olf%!L{WB#r`
zn!Rt=Hau-z^I5LnkxpVO(;e`Y`8T&P-6u$I9_+7<a-4dM^|bs(rhn>6({GOSdhBEP
z6~y0tmf>TLws^l@Zn)K%=HHEYTl~lDjlSOa<4}$dY7Da#`Xl^J*gpvNul&j49}4_E
z%J(<uHtB74o<cf@{b2g7P`(Lhm*)_F$)2YF5bb@<I))Fs(fmo5ng8+5=Fdla{r0ul
zeHQ&<ebn2VDCZeyk4@IMcqgMDypD1mm@$6O@61k5);sJU0{z>_e=Yjk%gE<&q;uKc
zW+#vKy>1!W4fS~}+F=p;Z9BAE9pc{!`}?xIsK<K|{~45jF#6rUQ4fQV-|2`y1o_<=
z^)j!Q<%{ik1Nz$$u%A1_!gt%q`~~PYi9sk&8>^QdP0YU-`MY>`3m=Yl+Xm(5{8x=}
z_5kX69{Lx<??Af`ga7g0%>G;GAL|S@`|l(CX_SxU*cNuj<*c52A>M$!EM5}%`2sxq
ze*)v^U#Pd!Q2+O1yzT)0H`q_Nw|rfOaW@G4Xfo>IV5IXS`uP@!-wo}s1oiY)OS3Zo
z`cr<he6J5XU!%S15;kEUiG1DH+seao*L`bto<sjz4e1_nrs;M>_zc9a+0gV6+VfzP
zb9;ne-O=JLtcMQu-V6QpI^^#-^qVaD|CeZwACQlAQ0_agGJBU`eu!#qUgz;*s+nP~
zYjq3l_$Be7`8oJ3ZvpR**Y60G9PAM$F69w4V>I@ct%NJZyvx@2;$xQ2;#}t=eWucs
ze>i{S{*Bws1+M^mAAt6QpMBcWT|o!}%X*_=7PS%i7lGnE@%j0y%0KY=#^pbP<zF?v
z0Brw1hHCk_Z~7zum;8-<tcU&{CDm$GG;qLxp2-dahwj%g*`xCgol_wCjn5r<?AT<N
zuARGf?lNlJktcRdb?ut!(RGJyPw0~B2tG;j4;k!LvZ{pb*p{wiEv?@VQ#W8e!`4fU
z`{Vx>{}7?D<HLTI^~L=x@gL*r-}?RNswgjiHIKAD^LXASEsVP2nHH1#$vT8{6!Q5T
zhVwoho|oc#61iWlhrP$me3W|Kdeq0j$u|stf($3#GTa+D^R{8e=kwTyB7Pq4|2dfh
z2Ji9Vd9?)aTd-IEzS$dz_?Zt3Q=bLyhwxfpy&qX!aiQt;I|1tIKQvrxFsdmUei69#
zEE7%yPU!>n;wAv|`SCPx?MD`WF2g@I{1tF^kzv+9zfb=L!ZV8-#|Pcu-6aPiRndN(
z*#3$2ZA3M+-vySx9S|dh@QZ05;mm&>!keQ$3LBWc-_Ra~jST-pys2T<e`+(sdOciS
z!P(DkVd456b9EWLKrW8y=UZF&HaI{kAbgjSN{&k}GCjPgc1zRqxUSCO0&okYS8Q*3
z);G`hc0hRT#f|gB`?K_%fjZug#s0<X#vI>y+^@y)QsZ!)!$sg<P~Rzi&|TcwrT?XW
zcC!4^UbKzjX$Y?d?vDe~Vpj{->+|Yrb}&2+<x6xk%;VNv55u3DJj(Vo%=WKCehx!;
zZf6T05BtSlhFSmhz&zefO*3JC#Lok>{;Pp`9y-z6?9G6_7Wiu9Ka;lbI;5ZIZ&<I(
zsjCO(b&J#h3uk(1;P*@(C3ms#e!w~4!LVPqtA*=(3Dni^W_SwvXKoL}4dZ#R;SHeA
z4>8<__VzUVj+u*Uh8ms<dqr12sl6@yMwGv}ui-(km)hTOJK*dAhR3gJ2^2;c-WlPE
zgAJdA^s9ki1I`^{;r|A%M}BmjQkT*PYsGQA)&i$XtUTW{%Hr#L8r9{-8vY*n$sJ|*
zF61XU-tcsjN43EB+O!wtPO$LfSpE|YS3}SD8}~wZ?L-T2j}t`2sfN*wque=$&qn&Z
z5Azw=<9#0Y09T)H`fY*hfL}oT>I*IWC4^@$GTamG$?yHrer~#je*-<gFTn8hrH#|e
z0kgc(WfsoyQ3Kow`6<k>aQ*IqI(`qB>q%jzg@0$kQQ->1>`%$78sps6hB^OK19Lpp
z01tq@df-;9U-0x=%89G0=nAPW+pq9=U?S>^-#uH32>F?|Q<(~!xWX{chb4jki}p`m
zZQ)-a{lv9~w?h0hFi(qRfN`2FDqLrJmahoh3i0cK`vccKYYEL~{+~Cz8`Hbq?Cl7g
z2fmNtH#E*)4!EIz)>t^_#|-c}h+jl{`W%b8BEp%!)QuLuwFO66;Lm_F_#QTfOOyrP
z3E?#^oZru8e<&clis|2M>Cs+2urzqd)xBs!mWS725k2DZ;|<U!Ub2uha1P()ru{rH
z*XJ6C`5o^w5ue`=xDxYA{hY@2pS;U3wsj5P6Fm>{`CZW6kzsxxl<N<_6Uz06->GMR
z;`i#g{_wl?{b0Wy-?2Xp_W6CFhVtS&LB#yt5HY_yL|hB~F0dcXwetN!e7|A#mkjU;
zNWbuah2IE0zprp7>W}ZAXMf1xd%T=4`Mey=MSQQuju@|nC(Zt72+~g(#_|zm(EdDL
z$RPZCq@Q`t^gV$SFPot=kl*T;Ec|8Q?8}Bbal94`bACy_YIq6siPsF@i~JQ{H>~gd
zS6BD8VcM@o`c0v)e#gSOey0~0{uJd;Ei_yOoGu!^!puiC|1v{A62D@Y^HCA{p$JcX
zWbr$kYD9K~9SOXI0g}oYru_mi=hGta?Z{8{1k>ZND9W8;_#vius^ObZ-r{M7zeD`u
z6vHQ>LuM~B%>8HGC5CxCQCDqvH0x&u;=_LJ<%TotAlDkcqQ7OR<^#hFt_7Zp_R4)^
z;axkMzILs3OMjfs{=B|nt`BM82`FzJ@CCq`4NPBv{p7}mU$tdZ9(pyr`<50Vv%6v1
z&jP;$d#ODv{Bz*sV8fdNr-9EzehV23U#GPR>W^=%Pn=+w_KUy=(B1?KXMJUW|IP3d
z8^=$aWH^QLrY9Lb2Kriulc!ktfe6n74*@O!?~3+LPB#6`3<us7?Vp@t;XK~V0}n-h
z3TIk4wwrSP!|)h8T^VIAG290B^3x2TgZPQd4C8a8QQ~&P(_pY>j^SA>|33`h3j6hs
z7)E!GqDKw0{tLh(P`=b-7QR1lHSj^e^}sj`j`B~Kej&oMPa4KHBuYJHShiUumjP}l
z@6#5p?`2b0_l)5g2BYjh4clG5a-kNO{i7QA1L$+ln*KuIXrAE{fb+l`!9dMR7Jeuu
zu*3qx+#h9tFGu`(;8$^gS@_cQ4g1@F8|MC}@U`L7(O#MF4fA|a>OY3{yLRddKN>z9
zIQ_HX>p6e@Vz^-PsP<RGZvt2UX83W$&nz?C0XSc}+aQYOLZ4p6CgLjUs|??U@TiI5
z_6Sd{YMALIni}T#r~{sj__<~lJ^{EM_!!Jb*|jbFSA=KRG0gs&17`X)>oyLr1x9m3
zbq*JRpMm{atXEi$qMG&09{XpiU<F+OeI3G&S<{Hbs}|lJ?U8xi@SCh3{4opdooZwD
zIlrcX*<X`wE&ODpR|EVCaBfQr=X_QK-VN!ewz6>QqYj2UAbtuMr%9u_jut)_;rXo%
zUkse+WcYmG8sJ*s%r+MOE^umF!)s&y$)pT({1o1`idh@=Q~#d*!Tz1q2W7>*27A?r
zkL4t)0lo=0BxJgq{g0vN_rkf~%i{atEPpld>Ch*7T72qLz~|E52bQ0+fa?&xF7jX8
zxpDjg^amk4>Sf_<uN-h1_EI03ko8-OaIPPT-WFfqE2}Qu$1wNrd0^^`!04V)J#asZ
z9;N$Qe4O@-_&qsZ58!v@IzrFyk`Y(;xA=<?o*&Q{=kR^-?~va*ly3m^iJ}FpivF70
z&EhWwPJV3R9B<j(Eqr^#uL0)y*+^eRCT=3aYX_VD7U1j<!#w^;?`gQ9{(zf9Uk&^o
zaBisS`vKPhvp+|BS@>@Vk1~zZD*`jU<S+|odMRM0m)N^;dRbuZXOsI__;JiH@D0GJ
zeJvc@$0!SIyKY%8f!Ut5z&MPF_?`Hru$Mc)>~a3h12^<H;AYkgQT>6YXL(Zx86L&_
z0<(YC0JDDUfmg@;5glytpF#g9j50hN>vbOOe;LbvxP?D~`1MB`hCE6xwv2MW!|!~v
zev<euILCV}@DkXsIoj;;{B`yi!)GGA9{7BupFiHh`y#v!I7L11K-6D)g6Ub`8DMNj
zqAc(t#Lt{)`mcb~CmCJ?1<IUjcymmkxr+>60)2F`;T&)dnB|EsvG6`9PrBOhEa;2C
z*RZ^oTlh$<cg3p=Uk;qV-taTfXKpmi^y`2NXz%J<ES&9E<8UqT?kvx(rsw>eyv^`#
zEFbXQz{%S!yen`PnETOs^p`Bct7n^jE^y`!!|YGVI}P8sjR^{G8D{^g2WEPyw=H~i
z+WW*h0_TS;F!P&+eh%ud{ymG&{cvJ|VXl`+VD_)v`;Ei%z*v@}>_Q9w1Qnk6)bi65
z{WJ54g<p&IssGIIiO7F$iQ$pZ7nT}+2jR7!8=eiE{h~2Wd}(+;*w1}snDti;%;S@K
zU>=WTzBWCoC(1gU1D=cYQ}w2w3S0-gKk}da*20fMcs1})gcrYSoL;@d(f1b4`7#Uq
z0?L>C%nXfTettCl0N^|@`$IMG9SBeVWctmpAIjpuko%cD@W;^SN>4w?b4$SW!0Q7i
zR<XZ0p0dC=e2j9yv|kPU4B}_2EdIZMQ%wx#P+!$3?>PvsS=GYpfvcMuW_#BHzs~Sx
z7Cy6y5ver{uZ#N3v^4w_^vN|1H}wBjhPnRaftennHF&+`ud3+!jaI|;fWlm>i8K@m
zJQtB@h|&0u@dB%&{u?uX?UpvPvwov?hG!yL4e+kO^}v4vPT<1P;lSQ|OzNR3x^#1<
zmuh1r8;|;`X=hl!$D*#djp19^KAjD7Ka$(duzn9qUA~Lq4wxTmyBXfwf}=!t!@py`
zPxLn2(B8nSA-&o@7XB0M?P~Z9=4YVchuFS*7-oK>A%-7C`gOoOADSO(;ay;_ZZE@k
z!Cr1}!wu&L_A%Vh9>AwVpWNTV_4`2T>W3SiOnV0#woxhfdjr2|@+fzRh0g^}jWRq2
z_G-o$=Ki>Ltl_JW|I9eU_alDd2*cIDHNg5ju)6%w7QPhmbH^ASitxJQ3|C>nD4b|`
zH;W!6Pcl5&x@lB%rr{?rfU?sKb3Vue?}Yeu!2cz#Hhn)}@7Z{p@*ewda*1WU8|%l7
zUmt%PA*!OEiyB`Y@5^rJFC}*Qf1ApmRnaetsb3yqe@!lhPyNJ)qdFVp#7)0ci&1ng
zh>QMhI9X!lIZEK|fZqe|1?)ZLtD>*JWcnN6K5y<P_X9?A`sk&1Vpm1IzF~acCmxzV
zEWIngrT%f)p90Ig519SeCusHG>OYLn`%qhXA+YIh{+W8-f6ep%KAP5Mm3(2YIoj8U
zo4q9s;WKa_>Q-I|JfviA&nnt`1bVjTqrh#U=l!&80`@HZN1M<d?}I&n23<VUXI7`4
z_uF3NbcCjVtp)YGfA?4loNx8@^qSPW;L^J=tD*s|LgAL)xCFyH<G%JSydhxI|J<PG
zeei3QE&qe-)BZ@@caP<2g;cD6p1%S0qo7|0%HtjO1}uO3Z^-z34utW&e!LJ>(P<k|
z&*w!_PRRL>&kbyj@I}baDZnFfpELJ!&P+5!h^pw2EtnpkbLixR-0zd_$UmHK<-M{E
z?eV_;O`ML<^!v%@(JY62j)3PwsiSZCo!X9i-dDdq1@O5Z^0@~ePPwJOxC8C+zVPz-
z?bwNW-oGBoui5`}8|wMo3a@W4AM~xiwcn2VlW>2$mRlX4N8x&B?DGFDy~DaPKJV)<
zU;fkOGjvw}EpcCcsDGOM$vaZd=XgT)-<PaaMbmepp7-s0`^0<>iT3z>%38~dSo({Y
z&lxa2pNH`6LCoh0*uH$8i1C>WF`sW?ei%;Q+N-WV%SWE`37_M6hyl*G`s}hR<MX)#
zY>%8;o}(A0DtfU&Pr)E8$d}={1;*!dPQ=vHA78T9atPDE4)MD~@CNXAz|Z}>Y3Z+?
zz^nY%@C2lP;;)9c56r)hNxZ7)tV5XI?Z26x>3s-H`y2gk;Xfd~R?7^Z4}1kM=f`=#
zT@n5ha4qsTyK1vi$aGXlx8{ahA$-?03~wFCzqMEKH0Gbrm2iKBWE(uwFPls~pI-{K
zhnB7?dhT@U8w}wOv$yvYhV%KmE4{FhzHkQhJ@H&2_j5j)+28Ff>iHbvsb1K~{^GN#
z{|@&1mDLYBmwG<mSUx{>7gEpX?!M&!bLsRFToo0kQ$H5Z&vCuv^K`r(=%Qo)+WvCJ
z=kt)Wy%5;aJK+lIDP#BHbAZn<!1-3+uU*afe7>oR(-B&F=Uq!Zd8WtbHbeVQOYfKK
z7@yCLJxfE*hyF(DPsMYENv9(;{XMr*&*xG*Q{a5luW|?Vd@gbyrz14|+JC2>&qZ!a
zf%8qj)!o$d`L~|~{m1mHKSX^$JXaVRucrU9LC@z9+q!%ZUMGK4MLRu4`$xh)&yW8H
z7^h33-+*~M{plt)Kk@uy-%SnghXgJM{s8#+%`AKi%x~3O81Bdfm@)WPo+saB{vK{`
z`Xb^xdFh*jRZ*vpsAo9)BcIPZgaOXC^tyb?_&?%#z7uJ{>BkGMijG@K{n4E)f876G
z0K6ySy#>tmp!qhY->qe1!^bp+4aoAh)^AL2Xm^W$dD;H+&(&7Peu~fg@_c54Vf<nC
zN3KpipNoCh3mfTwTa$V|9~+u4%>FfNQ~zTx%m0>T?ccgS^?VNcs(^l^@KsT_O{k~L
z&p&?s;Q2^CA3Bf`op1Rcy#?+67tfRO`k|9!{=TCv_4E2#c^?n-U(5ffj?~kh&wmyH
zQ~R4eU*F}||GwMO{#?XAJJ7$aypy|7-+dQLZ|gw*Z9Vw58}*}iGyM&;kLPB&UuOB}
z50O8rqBVOl{#wv8I(5W+u6i;F3gBD*x7n5U_?)%YbDT5%h6AbR^Tw^?#KM_=;UMby
zo`KcN>L1*ldOqhH7{0LId@%KV9v`<0t&oc4XVeht`TTU~c)|3q?@2wM*T(7Sfc?&U
zQP1c5%b(x6OFqkO$8&tX{(u!M8)5mGvJdrq|3s)i+jv>LFZDF*%gg-nId#sz)O$=G
z?K`r;{$T6R>rmi))7KqLJ)gT*KF$phvMSnh6!m>zpZmiD9X<hg!#HEYS^Awv)82*9
zYdUex(r+`4`nRCBv(!=a8Sn&*FTS5(TAVTAEd9C@Xpirq2(_Q-Uz|Wa-*>_J*e7H9
z+fSmN?-jA$<<-p3F(*^c_cVmASDF3oCsIEN?{z5OUr#)ZdcHTL{P_8-LC^Pql-CcR
zO#2IvpYr2>MuVR3K`FoAS@jIs=ldSkFFT*kKbv~K@58T8YzeE+x#v-T2Hp>HV_Ez6
zPN$ylooGpe&NusSS5wdTX7GBUlcRqga2fS{e+0){ynfTmsptDCLgU}&qsy+Kp7yxE
zIS%iu@cZ!@5c0hz#Eehh%KPQDw9ogR@cbfm^i99&_0;qIHoRYnI{K!+vWEJ;``Ub0
zetnvBGxhzUKdx;1{xFC7d-gN?<&S5-uBHAUya$5$;d>#>3QMuvxAI&%m+?<Q{Ku9{
z8vSMZH6EsZN4!6x{QT1MG3xo=i9#c*%YoUSQAhon2U^ajFPAj>OY>P3EqjW32Cjxb
zu0wp*2gCjP=W$C4;a9@`c+>ZPe?Fe(d&wVF(K+*&|5?Z{yGIT1wT$3=tFM<{VEmmA
zvij=pbcCi~=U>#H4*gC{kV5#TfBH4*?;CFR4==0l^fvVyjWqq8&Mu+Zzvg}FpMgHq
z-lpGVA@zG7Z1&5akGkn2>Mw=<M`pnJ)*kDAO8xnVnEii1*KL&HY8Q{t;`jW5@t=c!
zDg=9E|4e?*|DN$LfPPIT;CxH(#UH4@0{RW0y9>Cbi$`endF;=O{}A-;DR92&&-s=5
zh0x#NbcCjF^*i;G54G|)+)qIveACw~qrTZ_)0giLYp=2f_Rljb=r@&gs-j6%)Vt(y
zz4POyp>WIJo~tu_%Q2R}<Gdl@>q_bE-h%oW(DQuBYGW;a68f!xcLp8}%=P*dVD`V&
z54ZU3al&G|;|<To0oL268fJPh+u&LM*`XctH+Zt?d42gU;PUg&zFRZ?@uyq-(EicV
zn=5aHuodG>=ube7z5^cGki*7*Sp1_?jNfmHrN_hV0l;fDj@E!KmcOc^K3y4qZ|J8$
zQ2_SGr#wD-7vX-sUs=oyS%12_JM+W$40?Nw_0xJ#&-c6Wd?a=B&Hjt>Rt&3ezJF~y
z3Y>5H%j7K?rssPIlTJry?J-Q=nqm4U&#?C3`A+J}muIoOCBx!xm@nUdEPs#mp}qt3
z<;!2+m-_pmFMoVEMc&e3`FR<7wm-{5-}19(Kk64izdZ%cH+`+V<-_drJ#oXGj?nZ&
z<gFg2=X=)%Q{a5l57?FZ`|zH&-cCno`c34mAZEWF`gRmJ-`ac4fz+>mmbKR~48X(B
zHoSV-{lP=>mJv&j?}6;<(jm0`6&v(?|79qDrf)89EiwCi58yv((D_!LE)Dt%&$ayD
z3tg}C4EJ>L2rYi?K1}aq=y|+U4P3teUny@vvHZ@2KD1vPA_-STLxxj-H}ox$p+_8^
z=P>h4-}2vnB<;Nh{T&dTcD|MWWJYkl)%Of}>x$){?>F`PZARNv`bAYVU*57}dh$ek
zuctqLXSmmgF!%p_530W($<Ob8f5rNweV-q%uY`Sk=8yL2TYav2IO~V+eeFzv^G$!s
zIO_Sn&d~XWArfEe{|M@7j>GkY3#`3a{wct%DRllzC3{E7TXC#~W<k&S^+90Te+YOl
z*jepDOK(r$eSwDo-wOOW3{1b+^phAL@6YA&)<(eG|8D2P`MzEKPHUXA`fPC#%ft7;
zmY;8n@>U!xKi`{rQ=D<(%>L8z78}#^eZSn_`Di1BsEVe@TWK1P0M_T^8CD;4h{*S7
z`u?@9Hw-*k{Ho}kS+qX@@8P6<MkC$@;aeks@0pzj%=iCZ2z>5L%imix<b11-$7eJB
zkyn`B=bzC`f6|@QkAePN3Y>5Hv+kyTDfH#n=TWuPZ;JP@hW7Vn|3CLpe-ZTM^MCjK
z)bl;Betuvv%zmGTslN{P%ddaS9;2S`Z(d4+&NurlpP`=bQw`a-_2R90)W33-wHNzG
z0XS5C>(ABCG5*^w{yV@YxqQ<8o>yCXt8>HebVCHo^B8Z@{{GjRp2xG3fjOGa2Hwrt
zA+-7#`X24Q06owDQ%B$QCpYL9K;MG`=UaW=(4go0J_ka__mPix@dz!w5eu0=zNfbt
z1<p5pvk$4~d!;#lIyvU6PDSeZzHH8~UT@`j^dssS&iw%2-`kx5&bRz+zKHSp-erG&
zj?qltZ87zHe|VAt=bOIz6YBXs@_n6-(DXlkMm^szZM}-B<-X~^TuMFP`_1`sxzheJ
zeX}p9=X;>b>yuwn&-a^`ub<=oO+DXR&G|V#KgWDcJ>L({@e;4!qn>)cufDu~t8b|1
z`?t&I|CDd3=liwGU$1%NJL>s<`ttd?=X>h;e(>`8X+KcU_tTfxAN?Qd`TqJrz9NCG
zKXm<xdcL=O^RoJl|4TjJZ(qJXr~g7d-*<jXS^Mw)PJO<{dVcxiwV6>1>{s|c`A%i+
zf4>U#{2oC0`QgPT)boAj<<I}V(v*6>?>=;X%Ig2oX4Lb00Nl^|Vwk=~bL#n?_VV^O
zTb+8o-@d$lyEUli`_V&sn}0WHLH%8LpE~#3zW}Q)&RKc>(Tef;UitF<scnLKeh;Ah
zda~Er)bo1><?HvEb*Sg}6v`hDZM7ct{0>J*Z}oN8`qaO6ll5;u-U5dUxSuY+0pr&r
zek)hGq4+~YC-*n}jq!g+{38*6+|8DsQ-F)We7~Mc2KSq1+t41vxqljQtJ(WE1K^k6
zpFG=+_6FT%@j0F+0GIC{7p55heCR{_2kU<~bfNwR=x<onWf;)(*>2SLnq&DpHeQbQ
zYTljtJE3R!7XjZLh;QkQ*qQM!z01<WWB4n?vi7a+PyNYvo1Vov6`1|w4B(Acuw;bw
z*Pa7u?<(kbg#KmV{R8`Bi+}1~jNkSi%Marp2z)6wY%U*G{)<O2{?fS?pU3Y`j{W1`
zM^eAj{ibi}g}`S2u7j!X4}JOLyRQzRem?Y}`NztCRF-;XgX7~p#J`jQ&bRz+EU#m;
z760f5tUNs5=j15=nTJt-4)me?nf?35Qhz1%<<HkQJCgc&(67M)xeS^8kw;Nqc+m3S
ztE_(U(bTtm*z|sWWHM&|%Hyct8v2vV+Mhpx`kF_~eqRm{8isH74?d0h51%moj)DGa
z?Y;V0)YBZZv)<Dd{{aR#-_kqm0>*y<`cV5>dY@cK{rk|5K>oVTv-GZK24d5D{RYN=
z<2lopzklVCS=29qev-3GX!(1qhWhM$vp)xd7S9`2U7WM}xNHvN^E(>*#fgQp^d9*K
z_1D4vNT=ug=V-)#=U&GD3Gw?mVJN=k_bqt~gN@f7FIf3@a`6dG|EqlE+w{jle_CKZ
z9U>8{qM9eD|NJGh&-HQrmkm!u0v7|n<xfB(d~(U&pciRx^xGD{H^OHD_W}L@cna`{
zcTB$+xbM4$XQ96>e9!Q?f$~`Sw||T2ANGOikB2?)S^H+*rv6Rn6G-oqg%-d3@%8Ns
z7{AAdre}G4dYcMS6<sM`@v-*t;g<hy@>L%Te-QRg_CjFO@3M&cZHtzE=zOf{e_Txc
zF3^|nPtScy{i)CgrYo!$7kozj>CkJsanAB{*%IpSfWG{C`PLWIZ}*XvH*~(v>~HXI
z>UV-Zbo^oZJ`MWapbyQLL!?ku(ZOHQ{(;b6jQ+FuW6R$%H20z}44)Oqu%%!4mG;Jd
zXZrSWl_#9(Kl_dPi=fY!)i3>>`WD}t{i$X3zb~VH8uWqeBR><Pmgv7Tq2Hja{Y_S(
zeh%~-qyBs}EAQlH)Ia-!<v(<N!1P<KM*Ta`-&1z}sB2061wWbn^81nAYg0etXVZ`K
z83(rf{A)ex{|i0eN9v=Yyc<ye>wnFD|3Ln2K6`9K>ihg=`k^p<F>pVhP^0`kvnk`h
z481=dWOPgK-p#0A06n)q9|FI~2+p_i^=-rWcm8hq<@)2~xW8#(Tk3td*}F;JLSzH(
zP1t+X3xO^F8_QdVOuq`g|HSIObeZLc*qfOu9oxSD^roEhJV|=(#1oD@aqOruM;v-W
zuS3U=KW<FV|6}h<;NvQ*_D?r<MMTjLKBWSd0!5p2p^f26T3RTyv@|V?EW>2xPBLUN
z6J|*oG_nYyC@3I^E8v0(g7_B^S5W+LM-)L2L<Ce+P!Zfv;s2cTE_a`qOebwwem^D6
zWaiGj?|a^Jp0hott5PlJi~U_)z4Ftc?U8JiKc%ZK-M=?c*&TM%)$ZCNhmHXd7^+oM
z!__i910`E4W(M5MpqovlvswBF{+cNbkEM#GVrj%J7t+I+o7FF$ybK}zT)8xqs#SA~
zQiW2bGDeSM8-~)uDYsni&Xme-R~N3^)rC)|inT(atLunT@d*5*`?%Vo6P!6S)qC`9
z_wd~>E0;^<IWzT3nNp$PW~%v8vC`GGt~|EZt+?e8SKf4ZzL>RdET>0PBQBo(&H16>
z!k(SuScL(s!XRGB;NEIwH{}*b_MAJ8d$*s`-*QNy)R!(ejtt>Z%ZVjSTFsy08F3%A
zLY4N#^3;l><@9iOt&%_0b!f(HqH2k6Mb_x!c7Jk1)uao4axWrv+Y9E7)7kd7dGp8V
zJv*AebuJvIKjU(45xeSEx@YlosP(H9@);~O!~ko(0{`Xjc4+o?ywkE^^j6&T%Jf*N
zR;6q3PrS_ce=$VJx5Si&mengs)$Osp`C`5@km@g&M$OF!myF(r`{PGTTvXZ%!k2aB
zV=R6T>_EiVOYuGtcRBO&u~4NdwLba^-mULB<!(r4>RtJ(SbYeoEc9yN92Q2}0WWG9
zIAEMk!0n|gSb}OQm(Ca5Ed2nFn5mV^SjN<lJ5(x<)w%bRuv7)LYFFUC2hzoC!A;4t
zu!xt+G!8vAny(I|GU?%TCSM&(<%@MLcp=hEd_HoeLY7{R&+2Eb^O1XBizh3UhtgGC
zy6Bdvj~{iYN<YVwR9rc^Dcl&}L7mI&4`IlbQf6)W1L|?=eC9XU9ltiX4>w#Hb~D(S
zs$1lRPdG_*F?K=p2F^l^>OeIpK{3?1z`x)xXHqzY^e(wnv7%JeTOhH0B`p0Y<#;E}
zs<U#+74YhJAV9;l%0QiKAC4=^DaU&pIsse4XNI1};nK%&-Z&kNgUnz5349^cWg(q$
z>CI~Qh`HF@4Oob3_w0SlA;gw+b%|nfh=&yvu}Ja-Z^sq#MJz;VwCHBLaZ!i1L3xd=
zWYJY8A=Nilbt|+AR~|}lFxup2d*f|<xTz0U94=uI@<m>jbXi^d6uivGp1z5HRBA)i
z3wy!W9O<B~pr6(A%v&^0pTS+I-=Jfj)`yU~v7-gIp2U71fo4z3TkAj<WA)djM~`wd
zgezmS%Pu{|cT-8ZL&McE`U5`bnI`&aP<Cj&rxplgFiIyhI`P-wLr@lwy_8#Uhj4}~
zb@q7#x0BAMhp|2t0wI~Tf%VVmtE|fH7^iJm$Y5IOS89Q^Ra2_gT)e9bXS%Cv6%JsM
zLY~Fj9uO6+q+qDrN;Qw;4U=ocIbyW%QEg!UgLQ0h{N~J@CFYgR#yzv9QQ~C2J!&mB
z^5*otnd_^ysg~3EDvWkIlc^0Evpjzh+hzGZWR%sqZSrM>m0S+#jqU*LhP8uz$PAQI
z#dLnerF(H^6i}cqAQn+{-E1X=Q!U0ZSrh&fM_2)Z`ciitzE6n+7Ky&Sm-%f0%>JYJ
zYGri9Xr6B0+Br_UhBXN>A!XJryE%F(obrHiqO0*y*%3<Pv5#itNQdI|DXdiIEWHTl
zV92cwl(H3iKYzd8KL%8@SbnS!h@2W(5T!UFNjIN-mPyeqP=b}=LcTg&g081yu?M|^
zzUeaj1%gDc$H7fkQW|U5S!xI7sqCh+sgY74T?J?nE5h}B2fKZ>{+0Pkm1e?DtS)Ei
zPz5)YWnpXf4SZX%ly&LzxQc<@bgugD`X+ZfPw&A*yaK9LNd?^u@dJQTfM-7Brl;Ir
z6Xi=&@SNCupf|b_QlSn#?Tot`NM{DA9~WT@k;h$W;U1@7TEl=((n<&xERZ-6#6wop
z`#PX|zm13NE2rU*H04WZWa`7S5tqTC#qh5BN*e$Kzkx3nAesgUtOC5(!!vi|p4E*l
z1gd-|k{9Z?1&hb24-W~vPjhhE7<teNynqd4Z-$P?Qs}pi(?Ydd$~j1aP9MQjr_1Fu
z<5Guq+0MdF4c%xOPCQIJ{Q;Y*F5QX!0^uK)f6M~BMy8bc#ftz8%=^y(UaubRt*Z-L
zmMotR4daUgYDMn!Ng%ddE>Ew8;H@5JmyI~b*H_CIpp7czVCD4^Lc#swHAE@F75K)K
z2P^*RE%Z2j5h4X^vAJxnL%+ZctN?sSR{{0sSv=JV;ruUd6gsfz(t51CIw@=pa`}2L
z%e6QN*>Y)^4#t(mGzWBN9V=+Oh6prxLH#<g;xi$2B_(xtLbR4@<;zoBS-LeW<5+~K
zv97N52wG^g{zhm5x0r#}RG|!b!1Q9A!pzVxrEz3cw1m#xi|uM9Q_idJxdC6P!x{8O
zY^M_Ljzz4wa6-fcCm$pFIlh5675AfWPai?$aCUVmciq^-*gwhxSVdA#^Th{CeExk@
zuJkwRA2vp^v)uOvI4lNM=8CgtX{)b(?lW_LM~5b`hFx8-R4&^Hhwj8Wv1OM7wFg#7
zL0P2<1en%Yv14GM%5d2M#_j<EGhn&SCzg9h7Eoz_{&MY}h|2mPPGeuS?7Gwu6am@^
zdn?)rN;jXar3>w{K!JUzw_y%F91)Poi=|l^vT?Lz(dZaA#v&{lxAH0Q0mC}#Y%+Z%
z`1A;osN=W@@OekvmV)wB#Eu(Jocf@+O*{k<mQ;hV!KK#T!hZb#0s^21sjlQR6*>dg
zU5e-fPbFi0!={@nWY`tYAb44&Js`YzGa^y67@x&f(o*Oab(cU9cfFPk0*86%K;Q>i
zTKXw2r{2+tSm2JhgqWN<62H3!Ard;d8`{qVMmWI65#2xG;u4Jz6qIUo=1LGk6?Qrq
z{}Nn+$3iS|6^EgD41LcPMAJ{f%@;~oL-v(ZeWhA4n=X&h8xJ&*7Jl8Kd55xI%yi}u
zd%XK1S)T5Wxeh(C943_G9Ej0o;U{I?4JmWu61b!6y9HBaQx$hOt<=Yw!|cVna|`D?
zbjyjX6cA}HRqdy{Yy6kn@fWp@^P!!;Gk|a7FqR6@sKD)qE;DcGTrf^$w6CcTbO7&t
z_GG>AS$deaX{eg2b#yMGOK{nOTY(#hP+DpM{TEHY{6{<@9Qp#yc^^K<(R8Zf>VVL=
z8Nmn(=Tkqzt69eLyi>Id;*)u|knO+^4!KeeYpniUV7&kT@OjZkEH~dqt(*Ut`6Iz>
z;WAi$#G+&?<lm`&7lFfc0r7<j;>6~&Iw0=Q=MUlqf%B5$q<~tF%DH;Mp{j@S8OS5_
z{k%?Nj*2e60XqSKHqQNA`1azr09N+N%bqHTd}(*BV<F7;htD$W%%ShmdFHqIP}k?4
z&UYY@w{9gqcbsAV&cX1j-fMpAz=1rb2f938gw#Pq(&fy67%1<Cb<{&`D&K1O&8b0m
zEao=(3clyA74r-fy1Mi~QrUDhjhMz@epr8R^cwT#&6#;X=K%~;&b$OG?Y+0#{E5CY
zjB{2A9iLTij0F9TlkIuK%=src^cBc~>@U3w8<;NS`-?1HrCbhSVHFtDoB2&h(=a?r
z9DKJQf<Q0B;p>BkRw<+*Y*!x5$J7^vzw>Z@KQ<R>9q5grbg`PRRMP60U5YRB%&3x<
zp)@qjpy(x~^dSQlY9Vj49HIFY#i|Be2Nw9oi`6s~B8P`rMOO308oXWn!jVwg_H8D!
zk}8$EB|t^HoNYH83iB_bKM-SO1#+o<yB3uja5Uw>;B=+R>1-Y`Rn`RCTmVErJTkv0
zn=R7{+z0#%6??_vq-42h>*Mri`&{)Wx&SL}05~0l)V%S4=?>h*vI?Mx%YMQN3DAEA
zg1ag`*5|G-;xJd~UrSksLZ|uGr!<V%7<}7)h|*gAq0gN|hhHvAgvOxW)E=nwM1Qd_
zWb^%qt!YRiE3K8PK9XHs><Ow5tM^8P(xFP0uRm5OrI8dd>P4c^DRJ(QucM1#O<18p
zZuGa|H>C4;b61u|-SVOC1{@C<yYE8N+buoSEtk|bR<JyLFKls?`rva<*LUD(*NSv4
zw5it1ux}TY&2ODJ&^zP)WM!7HHL1`ymcd_lt6CO53Y9GCTO<2$25eQ$+%YUa$7it}
za5H&7I8bXhhb=YE<<om>LzNmv;4Hs^X5;9o&?#~pkQ}4;AWpo<Rcv+<iz>;+d7N#O
zl|wcr0~J_}Q?hTznZmKjr8$$4t`4Zf^gGD3C{3T5^>PaJv}`|uk~lfAt1+8<KLpmd
zJSv#xg{xicAcJt+=Q8t8y}?>fs!y;?>lOMe^eeyEJ)2{lwMF|lv{T0HS4Ri*@mh#^
zoKn^M?y2HdbZEz%nG3K_-++klb3r9lGXpf|gF$uL31vO6V}V2WxloAyydNZxb7x<}
zKI=`x9hdseZwmnncC~P90rEdLd!h+Eum<a?KL<R}XMgL2B6@rfHvzN!8rbaNH0(nv
zn};<;07t2<FPoL)bMik>p7H>!ef5$zA)$1t(m-@R7C?(1WtuyktoAMfcGbwD&+ghh
z4zl$^b8|AVI)F5gCwX$twR;(Q)kJiR_|J#*t82#y;v7i5$T!Xq-P31Qv4cU@3F<^F
zQYwmW#X3pOQ0Z++d;PA2I4UC(7!RB{Sgt4D#+HVSg3l_8LV_b*!dY0ucFVIh>!IV3
z_f$BDPfLZS;cWX3hdgQ-YQZRVhyJl7D$4%v+niux!JL_k4!~JJ91ey^=lb3Y0Ip1o
z(uWcAvJUE3OtnKVf(a~Ts(=V|Y!qOykS@T>O4<(qDti>FmQ#ygg?y`57qGGhk}*J%
zlK>XU{A&g7N)RBB2#x}qDuakq1vghsRR;38D*e?SFnq_(j0o6uh~icHag2)e@BKz2
zQLdF(eQs0_!&DiyUr!NRk0c`g404;fLVkE;Av<S~UO6iWOV=15nDrH)-Z75bJRs&a
zHQ?f900>o=F%YMjZ?ALz8++-d9&9c@*oDvq3=~4<@jX6e1(%>g#w)7UhEa(T^qGE#
z^T23@Rn1w@m(8R;A?{|4!bUQeFF@xQEyp%qgcIPZq<~^*gE$k$woxOJRy;8nRz9TW
z8tRTVO(u2AS_oEeSHsi+FjZ>EDj*z?qb2CM@l_P;3t`~3roX|21@c6q(bu3_Vhv6M
z0v~2QJ)`DO89q-XU9ABHacG2VkG_g1go-^NN#{Si^|a}o#?gREqW_#Jw+xrY1y0gi
z3AF~WbOQu@xHQ@^*AsC%15YT%PAcfUB*-~28m|pUalTd#0kwkDM{_hN5vQCki}`j>
zuIp(+rS_x80<wkeoM+7kZ2#jhD&{`ee5l6@A3^wB^~)-@G^wRq;m5O=qMoOo;5=iN
z8A?*^3|$MQB|4@a7B|8yo`}{+38pi$6Apb6VyKKbu-}0|0{l_>^@Wmzr323}Fv4fK
zk{<$L4TlZ`Aj2^gnHT5oPl(GX-!omw<n#2{n{d)bk?Bw+PHO@P7#m2RU|lWBmLA1F
zt#d;Aj`JDKxrkp?>0BH%*6d&M0}sTa=V?Gh`yIurH#A&BHSBP?l;xlrVjAVr2AZ)_
zA2i14PrMGl*qjiQ3luvC;kvpwO0k6Nu#QGWAIek(|8m40(pv{>uSZ3a_Jk1?bWj{>
z907a{bwpvUI%m_c`r2UAfpBCHKOL+M(@ndX9a;#ORoLD9#)TmF@~IJ@lZ!-d+dgOw
zIVpV42EGuN;`YOT=4dGDQ}G0}*m@^L_|yDSitp~@SXFgJnAh{HdBt+rm}IAkNiKUS
zJ5@SJas#f%cT%A*SXAH1sQyv!SB{;Yj;BP@3;_~=Kn{1pd!xM$Ga_O_rSnl&pvqCc
zWX^@pBW_Op)B!ThUBI41@8Cc;dB2!|DdKpzNpUpF^baTAn^?mog9E6(auN7G5P|Q5
zbyWCC2rz<h!viQ_)0LETIn;)7PX2@#GRnbRaxa6JLf)5P0Zrx2Eq>XD*0la^*B)jY
zIsLc;uBIFu9Bzm1m}&mF5c{)!micV~wr3mY0~Iio92{kFnxS<iQsph0+CVIX$Q~~V
zUp}%h9Ex-3))j!#`ThX|^v^zB(l7LN=mm8FxYt+JaI{s#pWQYU<lk{8Q6&h$R8c^<
zzm-@%wNoMbKBp}jrcfGJOguYt{^fV*L5MEyonCc0>j>0>bA*@<RH~~|8bbJu<5K^9
zi7v8HfxJuL2dw}GL@<eN>(JnXe$AFV8XTo@$b`IJrca-Ouak&hf*r8V*dmn?k#xZw
zMw0wN-q+#{rUsWm${VmoTmn8uSK&SsdVrL?Vi0FDJAz^vj#(P}!Aecp)TNMw6~!!4
zEER_au^PtNt<WoRv$}BSL}<A~I9HI*tmT*~U5R6<AQ$#PUsaaa3jzRR^{66Chwg#!
zW-_$<a<jRz2yoVM2-Ft;8efJ>AsiFU@w^*`!eo6IlMNvP`5#YHGz@yGO@Yn9`s8zY
zZU)d92y<}hQ@a=$gl;_vxN+k`AM@&kJ{CczbHXJ{yC4swgI@F~A{s2mSb<Cd5OKuS
z5$mn-CUd`xh&ZhMz<$b9akj~!PQ+N*Khz(1(=?X1EL{Sd>HnZOAsT!d3@WV{VRW@w
z92|8Z)U7;UJ)1|NA=%l5ccKC$Gy_Vxmd%f(I^2%Mbi5IIdL<iioheDelq;+t!3E($
zVV$ya=qF`X<{MbKXg7*JjiaeF6C<zL7f3c_VGn0R<|0;)??NGcm40t^H7v&Y?}nhc
z?w|yl=~ipsI}U)Y*#NBvpMbXJPZyARqYilK3`KU)rbIc#&_4#bCb$sxE8@;AG%?Hq
z$B}TBaRNl3n+crWj2N$b3gw`8<hkivjSPwS6udg`-5!3WDPLQ=%;+>PMa^}K+*Xpp
zimim|RMu@FpxH~YpX#>*0NZ}O)LV432oY56+eRIz`|xYcMHWF@U3V51*ew+3tT(W#
z&+6#%U3RDNMcXb>-UnN5Ir<J=&Q=0Ro+_<|EDa%Bo$hz(Jl`e)_{|)K_;D8(fIN$v
zO5QBRn>g{CD#5Dwl|S3p^}Q?Jv@Er%XYJw3)<!mL&P=Z&2)^`8wOwL3mP?HTj4FKM
z88BLGU!@x86VPs|N&^ixNM%BAW)H%X>a?apB(gH}_v6?q>3k)Yf_}2KLBePOfvFjA
zH&7=YcMXT*R}^z4+7nmjMQdJg&OxUh4DJLz@y>&r*k<-Ito2{$i3zaSgPsT>t?;P}
z+0X~8()yw5Q6w^&E@yo;lQXf!%J$Vs3~HdQGlV7}8`(LBz7Ii%zvW$D3)&74J1K5v
zQ!Y6{PN<9>V`LN$Fdd3Q0+=cgK!aFxQz7>)fE#rpq(W}5jQ#Zhz(Il}uuTw2xCx3w
zb=67kmyhE6FJ)0gJ{p2iDyRDjE}grb*>hhk(E2L-;mA!|GRnYihc2t*7WxvTV!q44
z4W$Z{FV0)Y6@b{^0Tk+?D!KxK$f7F<^~&8~IuL&Z<a+?BT&*Y+&H`RQuO8`TI5~Q?
z7bCoWxcBQK9QUsPQ~DzDpF9ncCf#heLy{`oMRf<Rtst6&!faGCqO}6z{3*i6xe6f-
z33XGF24;k^6|TlX5w=gXEM{l6klcz&GCDLBwoE1UrQ)7`2s^rNv~+ZOtXE1)AosiA
zB?Z2rHt9zn!h`$DI^;sM3YXCvgv0Ucy|JraOp<<Nj69HF4m~DCl@OkF6z|PY9&yd<
zjm^?JsQ%&?Apx<iy6o7Tfs^USh`#Vnf;E<N+*JG?i3ysqjX8||$iX}lIk*pgD-;k{
z*urM^R|n|zP~mEApz5yJXdtd~kSL&vQD_H4sN16+`AL6)Z9|l42<7eF&|z$S&SXy=
zYCYA5R2S`WInjni3u)T{*fVYhRW|EG`{7MC>f}#Ynp~v{G~J4earH7CffX{2U%pW4
z@0d$FLFhC>tI%awQ@f=c2h&wXbYdN(Lg#8b=w<PL>Y)tiky&TpnYjCa{ty3}s0u(p
za3QqyCr)SF=~Z0NBiLXap${dKCB){?n;_}|qeI^bY9KF>7C8mhnjQs333Vl{>_@|f
zsB%j`a4~3(v&5d)THyetmkQu5T|d{qTdJ@eb<9%uEd>#@0-LWjECasjF<Ol)%9Lgk
zNUoqqE5#2c#OcuEhp=fhV!?O%y`*E0eZZT^;w}2~nOG9!Q#jfYN=_`?Nyj~Uf#lx-
z*q26U*Z^(y4sFk^9-!aiFj=XCmnwyqU#epTeZf)I{ymU{wW|4i4nU`P!lD-hTIjus
z26un~92&^+LFNJr#5K9dQ-?O!wC#X*;()J!6p8Zl+OO0Jem|tz)+37lA%IpY2N<Ms
zN0dXyHUk2E+4##nB)$-;a5dCF(nPQ@doF=g>Y_{^7-KZF7KTNVrBFJw_gS*7D*mqS
z^!}}lHm-4KTHx?s4^lSR*KdMS0DM-Wef&A?IkqUK&_Et6>c%dkvYIId7UTJH5Lsym
zdKfn@no>15b<CYJ6H$&=$DExl1QFOra_Gk)eQW+iJ6e4!ec3v+Wqd=rZk}J2h{)L3
zn?u`beazeXPB^)6oLRrnzi^}k&C}IEJzPf-TB(w}%qmx(mO;eQ=m$LvD~hS1d__v9
zR5Whk8*tRc!BR0``Rc79DSR8vyGs4%>La6Yze1`Hz>sO~1RNZE4d8u|86bA+#~-S+
zG|L)VUPNIs*T{3q0ex0WaRhSU2;ul&HIEaJk-AWN7gV}(3*<I)`Vin6rnC_2cAU8t
zn+)K)F-~_|u+E$cYLcpD3k6*)?WDOH#;QBC`)nmg*|DPEpB99QNY2T;1tWALjvIPp
zXn&kQznS<O)Kb8}${Oy8CFS!EZygX{y2hE$pmD556ePbd25(KPdmcDe@(D;-oN80r
z>o#nxN;uHj$WCE@QH9L#Cu>du?%nKY1P%BO!D5FTEXVTVYQ!(-a{zAP2r<pU0T9^}
z(C}6)hcsAlE2u-4K!Ozq#TnM}nB*BfrjNC%@!J*4UoSg>41$~rhc1A$_zkFu)|m%t
z1s@ny<j}?28_myc188s<rSqY;e7*_YXjYM1k^P4wvXmNFq23Ht$+&HC;gVP0;;=V2
z2M2J~U2rdwUXb<P7p*BON2r|$zWqa?6gfsjqpYiJ1jjSIx)&MI&W!A(RFzxU<<Jt?
zI7QYWIuHK!tXCOHfEx{U4gE0>vT_{sj>#WO#7u#kaoj+NdBX$G(;#0uRH6B027qc%
z+N?SWN1$BMAi%w_FGlD_B!ngFeQ7+)MipJE%tO4x^Fw{A<8lC;TEv-^JYI)fgbTW{
znsp*V)K-+>f!V5o_{w1H4XvPWY!Q&q2Vofn2okssRqOjYF8ZRIu#%<(i{`SI<q@V_
ziR=o;k?6LtzBAJ9(6t-A_zRHsksMr%_B+iOAb<M0ISZ6nJ|nF%{|{<4sKJ$ijyVZW
zm^hp&B&1g!8ceKl9<i^1#^Mv{P(B<tu*biFDGk>e#pcmzR`~K9tGMNCjV631yuDw0
z-!>sdBXxxHO|;@?EMVzDmzHm|q#RH$LHJ@@&xSp0?52JL=L6*znSoky5ZyfrvZJ>9
zSI{`{>lEwGKLPzYG@k0K<>D`?j~H%@-xnjnr$FH`{`0il>t0IakN49PW{bQg1lmzP
zhJGCHb2TiaX*!@!!<O5iJ*ReuHT3moyLZDy%FwoX)|oyt4})N|7FQp{^cu!I$h8oA
zbZ8FITqs1VZWX%m!VvWY*?T<i^6`?q<6J+=4_vbc$u$+*IRO?5F(Rsk#9kd_`A|z0
zyw*LhS3k^!eg{HZt^s#cK3!OL3Z2!{ekkH;_wOL!?{&~9X;lx(3L3;fnwd$HCjo{E
zE1I{^I%%(pYU6BK_&P7-vp2&Epi<YNg+OlNh`=v`6GzwKXzN^_B2W4k>@piK$=$+j
zaOjorqJlkBbhbt4rX}QhIF3jla1Ad#g(#hhvVufVgKww>hyL&qrC7*;f@Cz8V!`mK
zp?-riJPdG32qJAnbCNIgih>PT)s0{*fz363z!o6f*x1iPV^szUbQhjW@kSlBgi$gW
zL1ixlpb2=t*5$22aE@LKs~K&>=HTB-Y^SOwg2AKtz|QbF=ydZ*)i=%-j$5Wbx|Da5
ztAtbv%Ax(U`YSkNQlg^}-gHk9Bf*&ZIQ$iiI|^<85jGLBR*_alT`%)4<Pd$1kXJbR
zrOWV#YMH|$a85sF(54VAm74QqxX0=~#5I_cX&+ciT<0lVM{ot@a2gPv69!aTV*LQ+
z?LGqcOs7Uv>me#NhRA_x_U@k_Z-iZ8<p*D}n+3|q?d^gsVsp9(>m?qVlz*s;pM($L
zn>i6j+v9X)-CUZ3a(_6Eqd}<fLX{Q&u|lJhVGB&(Gkx9cWnF*My6%uW!~n8jwL;Ff
z3QD7#&OsxMCQcM>H~3sSXSP_wIa;8clwvSW@t738js`wkh(}9c$I)V-aRYbbLWG!A
zfqPUqH`Ud(B+sR1%ZH6Vk&IK~yBvD=g)9=9hwBK4GL9Cr2+o<QxCB>1h&k%x2bH1F
z_gkTVO;|^C!kO5`ba9M&A%;p_m}YFc>NG3EC?a|@lu9mNt{@%(QGXZ`&4^fM&gPz>
z6@eUe^~{l2#d5E#V$RHtd2?}@2jq^K=vbArd>fY)^B_tKP2uRerl-!)&W6ujOMqii
zC1sbhPS=?aj+sc0EkK+C<rrKF4plhxC9Hs2J8vB>z=`EBzdw0NH`$6z77+h##3#4L
zp<i@NNw^AV5mciHn0%31nw?=G)v73s>lJLWMmz!whuSoH4YqR_j3-s8zj!fBLcNfe
z|JFoMOrXZ0Zw4N$W3g@k{V}8t8B?xb)o^bD%tB08tb#|rauDm%9itAGG$iPfyWhTx
ztqF4+aJ#!XOB3y);}D9vid;K_ULD#s1om0N7holEAZf2z_7tEjqX!5_d1p-M_SdHF
zuaQu4sG|P;T>$IHyluzgxTsj1l7BC*;3c;z9qMG}+1|}ZSV(o^PWZsEOSFd9UZ;O=
zKhtu??TV|KETvWe*Fa)L8$vj_fSH~=oc$=)Z>ij{5UOy2n+n&RXT)1RF`CaJk9iIb
z9kWyT!Z7vdDZYiv%NgbHpyc%bw9G_5!Bz8K?2^Z9LW}TjrJ1=X=W62_n^XvP`^@bF
zqDi;yZT1-vIQlB2Uhg_I;cuWrn~L&Sn~`GM3cxEcN$o^4b&)^7l54`WtDz!%Pvilk
zbLxN}Uv(4fubHS`#<qFtVK?l97yhi!O;932=V0p`sfs6Oj<s7=@}Dj~m=!ehWHkF2
zMjO{N2aeFS2I9&B%NCe$&tIV%{Jd^wf7G`e*pgjfY!PB?O)dR#YqR%2nCu#z0dYA(
z+N0@EoPMtC#?BQ6^7LO=NhJvLaQx5o!~&|J%16M*n4&tX_8Np5vAPRi5L@lP@&bvM
zs%+w^$ZqRgU$cvh&BggK$s~rFdtYwuv;&2y58*D<0T6#qO!zG^?Hz1Nu5*lINaddR
zv>9D`#$<>APyyG_zXi*$jwZQSZ&W9~3HWzCPHqp3l05}j@~=Q(6-MZtt+XC%?jgKO
z=~Mid<0wG&%yvYd2kJ-EOl30ZBFK!7VhSHzZr7|6hyHk@rQlTgDsF4<u?vg3YxEDO
za=KwO3ec{|e=z&gl0$J{Oo>A8h84+U5P*2WTNhYDK>Q?C+7<d|nSl+8xnbZ!HQ-Cn
z)tJW%uqJ45p~*3aED+REg37VD<_pC*0(Ajvs|lTPhkpAun`B|y2j$v)6Q&4?QXZM^
zg$+}TX?N@`!d_cMyFqBxUCzgG+PPwW16vDy-mWwAs{IC^R_|mQlhXi%{S9k0=MV<N
z%mFB6)!56+VbW~|l&*x?_P4DdUO~4sr#aQ5V4Laj6K8-=?UEl7ZM|wMIt|QifhcID
zipn;o3_;5TI(*6?2dIn<^_2>!+vw`*&kq&Q#po7tz#l5LgN^Ag)>O+KQtt&!!VuP(
z7=Uu%q0<fjv#cR5&AfJYeu(7;)PL1Xko1#>rUn3m07!foY`P%c%@6hBA8TtxhyM3J
zQzdh!KQF{{a8ODcx@UXIY*FE+Pz0@*MNXM=ly-Hkik8j;m4vFI5>O^daf$q0mL^}a
zY*PwSI5YQ~sTEwhJjn6JUij0|7srYje22cX-~&4J#!IKeGRUi{OPs@3u<~<e>J?`p
zKqRxT4<`-$A@VaX5r~9q((J!0`;L}3;f5M}(KNk?5Swx*_6hsxTLxV@!+;5;`^fX(
zGtI~<oZ(d)rU{)au9eb6X;PRJDp->xl1A4O>c7}btgiIR9wWr_soYc<BatqQrpGF&
zG^Q(nvg-b6K^W3Jx=^d0Kvk(%I6!<U44gb8hH2GSy6M~z_!q_`U}a<PdCtt_zabcD
z)Kvr%Xw89fI3Skh1V^k$`L<ytHlq^SYb{;004G$uA1w*S?e106YF40SICIxDUjWN@
z-Nfx}eCv-boi2kjWCa@OgOz#IT$WL@+|Q+HNfNo=!8rb*F(Rfsu&J+Er5Z7kjuG{L
z1z%82S7BqXSwBr$!PV|Ix_{AU;wEH!$A;i=d}5kZtJD!9WD%fQ)`8L$ch#Z{B`lN{
zyUG}JFC6L(@T<xtcq8~#{{x0x#a=Y~a1YnfPT*rob+bpA!O#jlu_#7izcUB5gz*YR
zdd=&%l4FW9-5pR#P*i#JeruJyOn&R-c3bl{^#;tV!I8^Xs|8oR2m0XcXH7G;y6i%s
zEC^S};)DMaZHxF^3P84kX%+OUn`cPk5l|#|zHE(<8SCxArvgSK`OxYm!gwZ7kEhFW
z#OBO|@1Oh;VHlP_2R`M{?>}N~IjVAZJl8%8n-cjz#8lAfI02!NK(k_x>xv@l=j?K=
zl+9WyE1*`il_gIQIC=&ho=g_*X?MM}mZVn=VCk;2Q2L=`6=~9mb?8;kObvZ=tge*x
zWG*|dr>+hxspXQ^7&H-2gfA(d#&NR8raGXoB!c?@5b_K6ZaK7m5E_IDTg5Bq$uIPA
z5Yr;l!&LeK!N<u2`sk@b`1(Kuaa6icvogPt`(!-sr0u%oB37hAJ<6QYh9o)J)(vT7
zvSJ7s4qUxSV1f6ca`&kzWC5N<cl6l3Q~goe&1Z$_Gf%=FfxJrdATqmUl;F+1ZW^gL
zEA#CbB>$~@r?IEP6d~QQ$IhI$9s`2<x+4d}15bd4>mdX|v1t8pI#ip3eI3o8dMYMy
zsAItYO;z$kKqwGE)T|oV&HfOgxM_%BFaLnkiT|PelwHTWJk^Bqro#@wRb@h*nHmuL
z>>-t-mmo<5=YM1xaXtsLEDHHPG{7rE1^K9LNEPyf09f*G<lJi&OylcYI3LzapF5CR
zmQz)9xU6UMQVMJauc$<ClD>H=oS+nqO`l@WX$KtG8{tZ=UcYY5`gN(LJ!{sjM-S~I
zw`)*TFPLwU+9P*O<xBt_e2&%QA-rX>&Z~v=R(~)Sv(bLDrgMhFoJ;H+!X+kMjJbLE
z=L$(2i(-n^n5}8k2Tll^&gSq>Gx*Iw#&Eh=fDmIKC9xU^sCUUzHjs~H1$1_#)(m8M
zYLzTVBeaGKg6FRw$#;}_r-t!aMlyv0e=-VVkaEHl8!1NT^!|}!;WHhv5B3hax>TT%
z`%t47rXSwfvh$L>^*~0iP}dD=7DfbcS23n%8MAT(|JbtHF}B7bj!vdhWh|`rMCtDc
z1Z750+<Pi@-7{4s<6#Ps=jAAbe?sShKb)p?FlW$b&noqu3~i<31lmzK6dtTwUO2zo
z{!y@E2o)OaWOtys2t-9WLor+QyPaUZneI>0cBt+{2>DxYVLN~fV=RDl=r7PF5?^M8
ziSo7_V&3^2&rB1nTw|t<X{Y0fW9F3xFv4VS*)u2T@KCMb_95y>-$BUEh88W^88`EH
zbuGnz^&t&;?PeJeqF`>)j8YmE`4t=L!UI8!1krN+Mp0--)g9d<#X1jliu;S6B8fn_
zM%_1c%A3(isGL6$ZfgA@j8D9Fy2{3~PSOhyR$>xWS?i9dCs#moDHy&$uZPKhIFYB{
zHA4mB*meovYt#92=x-@~fBrcMJ`>$r8*V4eNV2OtzHge!MIrp729fx8JI;J5g)hO{
zN(qB}L4pQw1VAFcFn~z-t_19!@UlaX{aR^kBY!6TC+T6d8FCoVNWJ90J25!K!)Z}S
zp)a7^V1ZJ&2GTC^%>40}5)keCle!p_cdDp8gr27o2JUOYc)O&Aqfh48vbW8lR8E%1
zt;W3P!D=`(?M2h|G&A3(*sVub-OD+L0bPXBEexHe!(6=Io08XN&z5fg#|*}R=s-_t
z<(xv2vTZJ+LpQ_ZE=8iQTq-PQB845`6iS>h8Ce(z7gGPpAAsU}Yk7LWqWBhfB>+h;
z@)h6?K}%;)8Yh0Vf>(<_UA6`ybgobt8L+!8qaiLa-QlGO((t@BaU8f$;H0m?g8~dn
zqo27hdZC~HuLzmjm(J$s?AL4eMpZZI1=2rEZlm@R^KGj7Y4Nc$WE&BRL0k)YTrN*<
z)5Fmj7^xKiL-6l^zI{wyz;|wzeGGYJcG5&lIHrYv@Q>bV7DK)f7(%9X|LI(Aj>`A$
zJRlaY*((tGR^yYk$%R=#L7+{jDB}^5M7=ityp0hni%kM+kp=w+Qc(x<k9MsRG;7><
z@RGFYD-7mN42y;Cz@!2mo38{4p+AgCS1Z_{0z)=Ux!vq|f=CAvKIJy!8v9POZ_CgB
zI&>GNbp#)`T<qsoKiD*Jh1V8kKxifSrq)kh=$Tu-5W>j7tj&3nN=tRXW+O`z(kXMt
z!7T;qsQca<#zg_?P!OM$*P3z(3_C;0&uP=D7)c2&jt*Q0ZbS(QEncPaHol$pvOu92
zPn&MigCZf_c7x9bb}VeO{rfx;RH0b92zw*XQTr9vV1@4amk+RS$fN%zf;MOCtuT2R
zIUyWUj*k`v-qs_vAC<s6J<TvNs5%Mv(d3i)<gFPb4Bs>$y)7Si$-^2W(F78ngcS;Y
zdy~j#67FNm-ziid2UFENxmZHm4MqVQJxKq+@f3eQxai5w&kL@gpPBag;R?R$8*%sr
zqUOghD@z&fyLryymky0z-huQOhw|vFpI0RjQixxnFP;<*gU3R0_2OoVAUae!PgP<>
zQ<gyt6tJl4#)jQq@FX$Q7Cckr_wjK_<j1MVz`Gq<m(~%*fPGRhZ?b~#NnqpyebYnp
z&+FZkBH(i9%aI(`M(3jgU#pSk2md~Ug6VI%?*lDl1wmn#;_RTR+;Qlc?M)zO_P&hd
zr53Wt(-~%RSxC7!bC0Ea@TTg&?gNm%-J{{0zqSvOT+>4r%$x;>KDL8&@PTI-0Te(F
zgoEyTdpPl@7Oe)iZ_?BJamza;i;N^EEu<*sr(d70;?FMAXLfHyh6OBGpPXi>L{J>)
z7AkJ{zCukiQ~zKeUa)k%5+oUO2cO9j^>Z2NhE!!ZJ<9V6{Z@zB3}4cuPHq=040%i~
z<I8rrlSUnX8~}z(0)2Qn(Ld`!3>#%%Ry#C|dm|3E5!dy$l0)h+6QOMcW}n#Ay%4<j
zi0Vt&<(4pc^eX~qq2+CxkXta}2UD;$$u)~U)3a&WkS#~WX)HB{a<5eGOz$Jpj&RgD
z6`OjO2&!ljl~OC4#zQ13&@7oPg%dY2q3xHm!pI~b6LCe*s8`<Vj+S%r3gc|P5+)3#
zGoj*ob?Qj0>pSJ{cRoPOP{|$YTos3ZbHD+S16{|C;8nB=9S17<BG921aL|U+#HX)A
z{#=K`*$|_;Xd9$)u~x=ru(8me34Qe4zeubZ2yE!&Vk?jVpkYO|4WWv|<hE^XEyPnt
zvte4nv%PS-6uJU=__#0w_d6*;XZj@S?YUkCnRfd4jhqt3lym?93`ExJ+PJ>&;4u`q
zXxp7oRul{J<%q_90MX))Ww_E0<JU)ch)^1xWdo05LA_Si&Ep*Svc-A}xwae`3G{H7
zQjLfvPRM}i1y&UgZ7YDFl^2CW$FZwFD<EBQ>Mfj-2>Lz>sA^Px4ca_nOL=`smE%nC
zNqv$d|AFWu4zy>w3+Yq2bQ}Nm6_A9IIli}hmVSBLi<blIq@LH=2fP7#`}7a3xsV|}
zd@Efe$jtQbM==W5h&8K4w>VAwtFP)r9XHl^*|?)Ypp5jtRd8@t6yH$;P3O=D!r4G5
z_jg9&sZ9*og`OY|O}sz^a6UKdFM{y$xw#q+-3DnABp4ny_2FB97li)6=mu18a>6#n
zOlh_DrBxjozt)z0BOrt?Ws8O067X-B8t@`+lVJdZ8DzhoxeooDYML2cf6`Q4_J_6y
zx_TQ^VZ0cv*}LwmO9o>#xYj(e20A^G??;uYQlZ>*b|@Yj1>W^OBMoY%XkQ!kXap?Q
zQovw;0k{hqIp|4GHpsdeU&`i0r=>R<OgI0y2i>n8*TjR6D`*fcx?zW~ja0k3<ybYk
zF>R_cVg*jUxOspVBy7XFNbc1aI?|G@e;7yNhfi_adX@Iw4}~G9(}o7{j~41jlRn}i
zbdW9EHy|Yt+TFOEs_y8%@=>(5dc+#aP&UdN2YUn!kc^K3Kmb)WUQ$V+0Pcx?qa2Cm
zKUqK0GLL7WpM%0mR$A%dic7zJSyQJXRvz_U`!MEg{gQ{N1L$p1e5g>&Pk#p++@LOO
zIjUsRkV)QhEKbKduRRKuMNA+Fn^6pniIZrXsL;1oT7(L&fT!P&@*WTZ;PxiVI?(NI
zc$4)$*_!S~2N@HJKR1Jf1J<mnTF+>UC(Q$z)P|T=q^Hty)W^7V!R}Ld&Mas-t7+zx
zKy#DV+J{2T*y<x?zof2WC5mm#S1S*u<qZvQSj!h`SD4sT9qot~B5}6S{dKBK>kuE3
zjS><)q${?)3K<NngTVfBWdPi>+o5~RhJom}(-Jm1+|t>ULSb=569E2eod7L2*4z35
zbcy2IFekrJHAXNsZ@?j1T!K^t_8a4MZIX(u>y!4F$hzp%*tdGlNnD`1ofW6y2TU$z
z2&V6!zbod@?K|Rpgk~1L8pt9#v+%JugbzZj1ye63BS2O<2^0+=65ri46nSwI{(z~D
zcBuC@bn1YtKZ_pD3hmUdD}&ozb^h2kV2~-7izT`#>HJ$o->!q-(~mGOI6jLQDZdt+
zfe6FZ&`DmRzs(Moj)#(#V?&La!MFg^04*We;B+nO-BV!YM!BZ1`aPTwZSLC8{!J}H
zi0&p%AF$q5BBatIX5cXY#-k=td~5%egPKIYB6H710+g*hNb~isO*{y4wTPI5jz$`(
zCkcmGjTh@N2fW|Ik8<b;K0Izes&&wa$0rE$HB_@Fy&cp*?CbheI3K*VB~+#Fo#Tk#
za5@8IBL2QMOhL;<AN<-B_B<4W5l#6K>Hwsaofb@=0j^NQDDsMpA!QV9+iHgB*ybX{
z0qD#T6JJF_yO2;A3e|}*-+$s%0#6D^p^jiY_g1hj1w+nxChB|WB5tsmL^L}ADdM=x
zYK*0a02R{(jB5EEgB9d7xV=Jprc%IAIn4iYbI7-NTHI_o7tb@^vXmS>20;YTj)xka
z6FGDmL^-)h{y-z7RPCj=K5N^{fnc{ZbVk#)%^iLdLlK)IGm1ad%aZ&7>5W~zi;jw#
zz~qh}ou;P;sd$8G+EDZ)nB<cU)q+7S>0nz6EtoVKY4=oEq=}LrG&(RFQ4=*nCUn!w
zIo37#VYdQ%E(;Up#z}Y?vzBg}A^F&n&@Rwt5xxb$!SJ?sBVQ{0ZoboMW9trmx_;Zn
z<i!R;L5MnPbnSbl%A<L4ph|TNV~19v0nLP{k&?;og<oNY^kyUZW5_qb{DII0b0<N0
zH;)2hA`!qLmd#J7Z{%A{jLdRMFWgu67{YCGsE|Tu7<_p8y(QyV3@(m+K|<kgtkew4
zvhCiZ#uE#IM`9S^k)-$vJssDq*5(FjhhB&9CRaEpK-bFYdMv)$4F*JaPccYom*oyg
z+-8qqbOH+p5R04vhwgY8S2cL7yAj^J<sP-VLti<6DrkMnl@w+M-1%?><s};CcC9LW
zwl8w!v|){+!!Mamn6sNgRw*qcg~=LTYqJD%p>11Z>>ETao}EGMiu4SjnUYgmcA5bg
z^p(gq(-atcbIu8<rTtSF&dGy%E78?eLdP$YM+!B>Qe@f+E(57UYKZAO^xzGKIkIyh
zNKfxRW-4*~h)VaV6cKWMG71#jLBdFX9@vRFjt6`-Na<Zo;=`xcEu??%6{d8xyNRj^
zx_&(D`<q8Gghhz8WCl})RJE&1CFf8Fbin1Bm4UY$o!iPN$1d8W?6yNLc<{VFWGyry
zT=bWnr@%IF+kX{QWmg@g!wULca<{tpSu+JD0j!^1r}-_o?1;&RRquMc4inuJNiICM
z69f+34gF>M6SMg;ed$WX!lkV|pc~n#m`qlm<?rVP3g3kElMPi5AL8zClFhP;8lcw5
zVoOK?8Fr+!QTq)%qH_C@z=lKTCp4U>EaqA_hsrl~%7RVifP36z?$C`sy#k!E7k)Kd
z;m{S(Di!p6AU6J?<3mW<4k4cq20<<02X)5`7}%iVOfbYo(4rbD;dnXpv;B=)tGD~6
zgX5Ba5Medk4fNRe@Q^spLT=a1Qz{ayj<mPTR_Z_Gi6nglpmAdFhfE}YKPF7iuoV+v
z48G+tSWhq{VM8*UF!J$)(wF}hHZfXb$<q3`W;80Dk1Au1FaSK^zhY*(n@#s8ZpmLk
z*~!xk%V?(n+%=0K$QLhi%x--(w@8DR{7s5=-S8jN_dp84R*Nryj*R$~v}_Sfm^~pP
zEXe!UTkLQSXR7tu>K`T_zvow()Pk8)D;}u@-zGOXHAmJ3r$doeZ2LE%z0kG;39GC+
z$SV1Zc4~zb*19~)G+nHUZ0jYn$6v||MY{R?E7~m=fl}6xD$T`QVMSL8-h2gc_=qmx
z)pQh0;<5f`QVp(dqbVJ>hV!$E{`Z-)Z7&d>?+r6~Hc{Z%YMJ=?BlV(4Vb%IVPxzko
z*^%1W6HYsBCw1#F8ef>*P%+Q*g_aM2IkWM5(7vQiLBwEg^sXYjeU!=#aS~ic1f?=K
zm>%W4FC>$bvUQw@Xy(A7tshiq*Vw6sWtvF|*ym-a)7puK%a)XdeO@jbT68_L4<hWV
z;Gw~)f+Nz#H%t`p;L#GZ)qnZjx}}%tYNKiuH8xC7%uTx;3kB6ku<6y?PLWa)#mGmW
zME-XTc*zg=Zx~5f3!=Tz?;MGSj&f-<l^#M@n`fIE8HENsAy@qq+?cg;85S+2X>Ida
zy3$Y_ww2fZ=J!oOu}75jlny{mJBRCNwe|eG&^+5plYq9u9RdNLGHs<I^ytaz7K=V-
z=0*S)`kJ`Th)l{>OxR^c5jy6CgtjaoCyWRt&u2<nt0m}qVe+i_&KI-ceWg-iACp*?
z4y{2zEYqwdLu8l?I0NWd!9#>XtOkUJ5WFm8(#2MRBfp1dX#n<YK#?VeSpswKje=!C
zP4UQ7%Ry`mYSULNALi#6_YaYwlRjnxJ|<ugd(V<HZnm<T$9}-yG<Guif-RL`Tlr~x
zT@LU;R_bj=AQ`?a+wV5>{%7Sv`0}$8SQ69+p#OiL_MJ^kE=@X{Ob1q*5*tzshAi?$
zu!{^jbRIl7*<7ZnM!L=@i5SEg9kSFY7jhcNA;eWq;EioY|KD&cI@Hh&p}bceFB~c5
zVWzwHRB0#7^fKJus<g!$r|x1R8JD*}k1aF*)R)pAN_~P$Uz+p8w9#dDQ?pjO9<{az
z(TC=9Tq<zD{ziIaD9t?175t3oTZi6(Pz#3^0JlN>ta1)|(AjR^n9gMmm?qQrOXW=l
ztWc;9V{!&S=!*62-Y2<-N{c3S0_Q21b8zT{w{Z#Y@R;7$)-wwZ&BgcynH!DP8xt-G
zr7|oZ|3fdEqIjMXgIBcg&sD=LRX(i!9ywM%Z)q4AXH?1ni*oMSq0fBZA51gvwo^eY
zBCN~$&M`2=GxQVS@BoRF%3zm=kjMIxRj|?EF_(;0-OB3n(fO>~D`6MN+d-$zpo6&;
zY7MdwX$%Se%wSl%)UgdXn7&~G@;DO)TUIjk_t<jYIfOP1C_)+L#$_{F_Ut0nBWCx-
zQg+0!IjB_Rh)_mSNu3HDORocIH=`(S)0OHh){RZ+#O6X<_bgVt_2q69BI!Nxi$!>v
zQiRGRTSDI$Pi+XnGly28a?|o1bZ-&EdtBH7vylGMrDpX1XL|5i?Zx0|moQdf^1@a@
z5u<;DW+GQA=ujaW&=sX#t{K-|7Dh>gt&WI2{)1631%wAfTcjHb;x6YeMBu-3P#*_V
z$C#OtL;y37`az8$haSV%)=v<8kl=lq!cUCb<jKG4;`0~b;uZPb&x?bAm(qi=kGRU(
z-2`Lmdq(4MwDGZ|O6j=W5%mVS^y8?z2$uM%8`pQHDA<7o`V9d&CN!xqy)Q>%t8=W<
zF&|H)E)NpgBwj$R^0So49d6rcC~`9Ny7Whc@uch&K|ttV|B-%fE&y$R&kW+3CV98A
zv{r^N(T;oTLZeX4xEk}(Y<40bqdq9Q5y6dE3m?Vqp+f8A@g$!_ahLWJo6`khRe|h3
ztg}Qz7-h%nlh`*!wMuYZ8rRSpt<w}H&}tTnFus1ijTb`=du#g?cW0e^F|F}!=C^%d
z#i57qG^0g)Q(fCuc=7rdPf&AXknT|!?V_K!p@x1ThhPU<wmy?1v6!vrc~NB!3%D>+
zj%?gBQ>hi1fvQpavJLraFNVI>OhGbZAf3OLJgrs*;g=n%qJmg!rNzix9DcPWj}Y>E
zsZD$6A?;hX9Tq#Z`-7N=jOm0vh~x>v@?aCBLvP@Gy|RCyNfa$6?Vq`hBgCrU7WIq;
z+Bddn)!-6C`_C1JZEJuDC4l@zA{<lV(Xzel5*T%;-Vp6Ho_J^|p7h_aG~PFXao6=c
zOOyKY&*_D<cjdX$yNnQYAfmK+@*1U6!xkdOy6L3(62vKFFuZhfBYTb*CuYjaC~r9N
z94AN@=pTPf;s-N9z2>qc2p3?)q)fYrA1Oa)CSS;*vF)bN0BX+5rBao)d5n8S;MIcH
zH0DVXz?uzN7<W!vzL0D2Y+-hIdRuM=N4_&%Sau5SWIEYc)gTN*FF9RB^}@6K0*G08
zb?fp&y+|$r7C3Y-x-SsHLq7nz5xDJu{tEo+o&v5=x&oR~JV3ubi;Y3VuWS>2+`+4b
zTesCtZITf|JMA4lG8!(0o9hF|+w%385punlG@Q@nGiffKwjeVYU4Ut{y=tjyI$!WF
zuV*fvm$e7<CF3S4xs5aw*l_YmXcOhCgc|tY;`hXdy+I~Ab{}_v7BSO4r3WqdjrkXz
zB@sQQ*fTHRuAv0y98j<p3LdqQFM#&CStV@{A3&1=j$J~u;Q1~ce**EC;Vq;Ms_I0_
zJ(aX1P*h1pqcH;dEcP(ruLhI)r9g6bU3m<Rkj#)NZ#o=ZF7`NEm7wH<#Y0VF4oOIm
zC9cgqP4;fW%H_uxg{sN~^j{!UQm>$L6b_w>E?#{EipWJ9zcBFleLRI6QXj}wPjJ?F
z+_J`AH<+N3Y9WXA{J1R>(0&7tGUW>Q6n2h_<t$CPSEL%<0N-afebK5-R3zRyn_l$b
z@)K;C_s%{R)=>XIId0@O5leXu0Pwc(J@kBb)K2Rp=P_UlI;ED+3^MR|{zA9+e-@dy
zT49iTdeDed&i4<rUP?6$3{!eG@NPvzgN!q-me=RH=xyt*!Y_eYSruuY6}T0!omwGA
zUvp?N%66*h!TRcAQ`Z^Mcc+G7+i`N@8^temRRVhBp1N1F9Lncnv#rSL#u8Xz(X|T=
z)fxmLExWxqO@Y;K`9c%%pPTLYVfGe>)}YIx4>kXpf$q)PVD8Y1KnKDU(dcZe!v=Eg
z@n~gWM;7^N@JLruAiM@Trx&3drmw)wf+)9<Vv&`fvQH+`;BlBC`Q^}lcFIP#)C)8;
zaFbTFr7dx?$Qra0S9KUK;}%ae#sMwWxS_cmBSo_)Wz3{8d6gq2+@s^rdm8fB>2;R-
zZmRduA?M{&NSH0?4)m@Ayf<fjBwLUQF#3Tb4ZMDw%Nld&q6igtjC<WEY3hOaP(;vf
zLBkMzFp1jq1wF{b_PCkp*mW))cGkVOdS4TleQBfL#BD+M?SO*3aycDw=1ifqL(@wr
zPGL@MrrD+=!G97eMfSOTn~42nuQw6(XEL+{8XJXxWg~mvXkT4|uT%nRAXaHQ#)Me8
zinHlIDm|yRZ6SwS;8>%<H463UyY<@kL*nevFTcnb-gI<wK>EV%!uDDpZkvbO<a^=J
zH;<c6_<p*%ZG4B%%h*lx>g$De8()SIooKHOvg#?D5-tlUyCXbmdqi0>b!3^SLAB2S
zH@5UKho*fw`0bMdD)cEgovQCS$Ye|8+YB+1nr2N;1SX2A$7;Pw)htXTlxRsd9NHJ<
zDpCW;-K=Bng7UO0A}va*c4Az`p0|MBs5V63fK#ke@-*!n3pn)(!9w|hH6dp}+%tG1
z+X^M4TO6U6dws2@nIcY;Myrg18)A=c+=n-fNklDp!12+~di|ZD8BlGgTK*1jJP#_U
z4#00v)yPHy6*U)pC+veYj+n!wI)1WlE{%!zsew`{u3Pi`FiSz(8w8d?bTUK3aCRK}
z`HNJufQjFsUkE*M%%RC(m-(Y&MarQkFSJsLF$h<o?T+(oUh|B{?;UeE9eT4z=MtLr
z>oeV6G+n(XC~gk@18r`Y%0o9H)-ARAq0f5Y?MOVP!gq2vO*-}tjT-us+M>3d=Z9-T
z??p#~QBrt%RunS@gt|stdMRsBiAZ*W_xt>LVVD!+C#*1Rg@=}yiNZ@ect|>os2tkO
zlFX?q3YArUIK>}Fx$W@C{2u(vp;v&Z)hoqqa@Bg>{vl{UqcOD`;w!U5sW*bKwPJpQ
zH1XFqqzd^##EA>}Vht}XE94f=Ppuii4d}zu=!<bdK+Qsmzk@q!hVfYtsX|=%lMw*Q
z0SI$<>b6XAuDU>om6c~<rZWTTf{}|g=Mw5jkzE=s$)YILhIcFmV&*xftWwHo-HWR;
zo`~><zbkNff{*WY?nn)Fy#nLSy?0W5{0daIL)$PFTR_`GfFMT9Qz4#q@Q)i215<Hm
zs|o`v>CpB!&%ikzm7`2!Kw&IJ+&lum)g@Y|n)p>;15|2CK91CGvEL8E)}YBB@gXho
zz5pz@_M_fcSg<0}=g?iC8>v<E1-cHp1MN(z%k$-zOeMg&As8qcJqC4zrO|fP=9pOr
zbRDSXmx#G=v${O@+n7`^Tms3nuJ}MqZN%MZimcFjACC4bZWppusZtJvMw)#8GWn-N
zd6Z5v2t(m;n}vYRLKU{eX6VAzp`G<lK9rN{+r<)g5jPFA6|;wrgP>fi{dwbb8lF!w
zx6qJP*i@NP6p-_lMHxdBIM|71_tXIPNJm~{LwQ;dWB&&2srMwbHM?Qm;q`+SEuT#(
zX3lo6|G-a}Tg4*_YyjzjaU41ut~p2VG%L+syV=~PXD%6QczB_TF8;Nn+^l&thkT@E
zf!_69Qy16?`no^ALzAk>R>!VWy){f)LN`o~E|=%bS-1=4g|?N6bmMT8Z>M*#TF8{L
ztb5yaqIT7Mvoh({55TOu<j{4mGz?fB?8E&a2CpW=HM$b!PQrVETMijJ)oYj}RiB<V
z!<%e0f4prEzu-1=8e@@Xd<4s(FaBzZ?SH1%b%$ZD?^+u@WwKocAe>TDo+X6pgZ~UO
zjcBD9biy6_JThMH29$Q0wrb081==g^kj7<NU`1>zs$mq7*}lrn<jGfDVXlz8x~4MA
zxUBYnb8t1dB9fl^jLG%lCKdef<>q^<SxuEiXMw{PDw9c8&wN12kp*t~cE%^(+a0Dd
zXaHm~yANH5u?HbZI(OL@pU1+agtu8|{jarCIy*t?H@d6h0!@Mci*9X}CT>NsT3P`#
zw(+EJPhthR%)$nuV;|6=BN0J2j&RVp#19FfYHU&%#VG}hH2`Q(lZ{H5mHcbF&TS}4
z(lVZyNP1YiIk8o6X1dXT(*o?#Mje(mzj;m)qiG>p#z`p6|H^NPhCuZv^sqGlcBB0Q
zn%UNK`f3L)YCbWxm_98i&un*(`t7;8+oqWQZYacBky{OX{n)IIT*b1emDhtOkZOis
z3opnm)A^@}qXXYrB3Ms){SO;YSa=tBaw<T5tmkmn>D-IahKE311wjRPbKrCu)S>eU
z13rho_s1klfkErwBPeH-MmAwY707mI!7-fjMsQ8d+UB66B35lK_Rw5!{BPc7!R^9v
zdP318#;ZFIswCO>&hs^u7rPoEWh1+4Uo(vmNpyKk_r(_x!Y_Tw>VF2+=qYTPneXDW
zSevGHl8P@!2mmG<b?~SOsTH%R7N*xAU(E3ejSXysoX5@T*Yppa-AH(uUS6?{p(sD8
z(4O;@8zS8haq>eyj8H7=Z+hNOWu)ysK%_tq^*3pUpQ}pQm|*v2RYb0R<vSy#apI3Q
zipc7Cr$Z+p)gS6*^P6(CuMHB3O5oyX8VBK5*6pkHOJ5JjHW>BLzsF{%F`4aJd^-C*
zR@;G+_`AOVJPud&H}#xh-5LncE5yU>1L2Fu&ogi78>N7z`A>Q%Oc!sX?FlRk(V&z=
zKR_fx0J(msg!v*(eRph0ly@(6MvL^n-6l7K%>Eo5)9|<-{ye)u%(eriI61-J0L0VK
z<Z#nxB8w2orqeIc@D@uA2$ngaHC9Wz5ni8saiWLlNg#)xBbyvF7ba_2|B{9k#(<O%
z6^cpOm_MtFI`n@S_Fzlk=+^)6y5xsstQNfr#dW3t(=-A$B~`d!-Kj8B5F4)yAY1Om
zid*c7U2qwf8i?JL$h~-~K6E6vn*a%u_c-<gSix98K!@m&cAJ!3$f0rIYYv{;aQnoT
z(4o&AIfF;>0lrpbXl<L6xb>($8|zW|)WbR^+G^9chQmOc-E}t3R3B2h>bQ5JXZ^)7
zyssW?4<&??1nwwM;Hi25dUaA`qXn`7^=LidiFGvI<my1DJ^*q)nyS^M8H=_;;|O$0
zA1LK3^!J&>h(RWnpwxj@c}^l1tQL7Z;V1(5oT^h=F!n5(s9KzYj{QL5;a#@g<Q$sP
zY(ZS%(BpU>y}OIY>1t%&I3>uju#T@xXAa;Dov@sh9qN7p%s`vS=lSPX_2Y@#qgIqX
zdC8s_{w(3d>&d2v?V|e<WLOsdK(FdEK{=aYAns#+JnHxW$JIcU#eA6<Cc=+jXXB9Q
z!fXkZflB4G=J2c28l?%K?;?4MgqTjB;=(9?*!4ypBsZEG>7Wx*nA6U@@F_6nxEy(>
z7bDeKcGdCN98;eh`X^hr!Tc~?9jJ8kIlO+P?TIqylR2lTr$pIa*iT`4C#tkcg%S7Y
zfpnE#_Kz7<Tg1t{n&nyGWk-C*H?w1cbPPJU`zJ`P9(%Da-G|wBLxYO3I^`DJA&Kks
zL!rTquGDbQHXxZuz5KjYeLvP3>E!Rqe6`AHe`bb2q~)=2q(x3$B2EJOh=3!9?nI!;
zz?(f$aNhQKqE);T>wKSt`)De%g4^{%+FBdIxl!1j?JXqBtd|}QXb#>+$_*#)K8fw;
z%jmf(MgY{6xdK8{X~J>26*P}9Axb}}LNqm*%)4njI|pomWgc1<zHu!ui9MGuw2Qh0
zEV*%HWVu*@!zSgxVA9%r7M(EX>)?X?Lk|#-><<hr`bELai`j9iPg(9D=yvc_fd~DE
zIM_>VGgvL2L*HreT`Jts;>ld{L0QnYj4YPqyPvZ?w75exN^d`OGO?4bj)Zblx#Gy7
zk+=-5-*7neM-b{tAV8M5>Cn&5-pDq!2!Iv9hI+!P(Ax(8(z02>Lw}3G92;;!bkUwv
zi%0`GnRrL*vnPYQL@MzT`vH;oQWK8WoRpNYnlRj6_(0q3twVz+DyYaA7Jw>S1{>HC
z1~k69IaNyF&?6|XHEMBB9G$=k(^dA<=ISaKy_D7;*vM8SdnEOBP0jx`2-W%T$#(|Z
zUSX~aY<yqgon>2~712!Xlj#j!U4Jn26)((zE!6?4=@_{I#sbW-^lI{2&S2R+iEHkZ
z%2BSl8^el72{RY8>hB(mR=p`{iglt|D4Vjk77~}sP$|F&q3Hquhjw{L2b&Szfuq4J
z-R;^^y7WJ>xRi?nbFi3FyV=#Xng?|(hwb{zYqt`FkNGRcvu)e0{Do=!b!jub17p;c
z71iq(x5J9YW74{j4<17lxBk|*97#)l95czI#ct$#;WsM6HgOppR2FVD9kSo}TDhKJ
zGjF|XsM9$SQsm&(;sMU4;Mank|NFM_D~#wOdTJPt^3QHAcJhHq*I!WJ(7=~i+%>~t
z(e0;u5y$5^J@-1$e=k$X>!b+-^<}gvj3nV5Zy%UeQjJGN+Di!kBUZ(s51=gAhalUg
z2!3R$3&R$C!l~)MU>F6W1)FdXHtM^CS+G%Xqdfz#?}EzInk0cwS&SgE68g_uUh9h&
zpR_=&DS=JsUkO@UhdvdVtF7PRD>cZD6?Ltm^iuj@a&fgx9!7Qf>RNTURy`0rAyxr~
zzv}J&_B;K@V8x|Q5a{C?js0|W*-EaM<2L8Z(@3J1^vIm)NL^J1>5u=ODwz-;AoOcS
zhc185RPnNawcz&9F*sS`lLQ9ws8+V{t?DNTJ|%sA=jmi;&C;u-e7T)n4GukxksGL2
zG!=J~5L$|VvJ3YhHK3fK4W06FTN*3ux|c4Hx{Q2@zJ$W%UWSwIO0-MXhG{X>poD?&
zMuhSa8}>3&Iu___1i9f8wj5LB+!t_;@CKW*qF#<X00)A>(%1xZo)c2w6KW?znFGQa
z18z)XnsAv+q^45YgAmh*vMbDEo19h;D9lU=u)S1B<qE3vQ+`{HU-bRp7&`RK)=cP`
zgxdL#A!L5R5B-C5!os8jzALgg;Z12B?@17ck2#|Uf|<F(O#n0(^=i@;BBA(}lE`TG
z{MrmVI2<)AG=ijW*&PPCkK20LpH*OuF{rU-nArL{lgpu5?-Dek#!;J~r{ISpN>x3N
zd0uDa3<Togs^QUmSVc_5LG<Q1su#Tlmm{WOlkvArOgA`tq50c@6kUn>N<LIF@Sf(G
z@(HaY#3tD&j&Fw1CQW(U9SbUB)G(kTU2fbE(_OsD0S~(=fwLQv$!QPR`5HQ)mO?Qg
z5Jp=85$mG%K#-yJfE|6p*8Vbcp<4hav-0jXj(t-F`?VPJa2?r0?g?gJw~!u-;~v!C
z+@O<8G?s}ktLT@Nl)%@rC&YO}gb$=dDSUj|b0OrTVlIRuw!uW?j`QJ^Hpj*=_dMRL
zZylKjq~B-RPSGiQ6e_m^a#V<mKPG$y9HC2Ki7@bT<NXX1PY7j1Eu}}ZC#kOF>IFzv
z|9qx-@@SH6Z4eeg76b%@$JHHlX&#iT;}BmO=AWh%IYiW;egz(M(Ta}_B6ov%qxBdP
z9Yfp-0K15#FNMRUT{w0C^gP$CS}RAhZJtWo1b0aHVz?RN1x(8;YN0LES+}9_yUbBx
zx@JZ=L?J7}ecardj`<RG_sW2mrl|1oh55>Wn?>9J{37v`B8qRZ@KZlRk~?aY$q5&s
z{CQdU!F(E~&4nfoUE!s%fXsn(U6cc(s2-II-TOj5gG4WJA#w0^yU-Pb?%2kwiiW4y
zA4v2j)_Q^+(lHuBG^=5h1m*IG5u+r6-H_FlUU-7Vem?vMS@t@nba^v^xeVXTxlPtQ
zFT`>Oc|?{>PsS=j;Cia1p?qfjBKp8G)vpouVUqe(v^_IEq`XbHajnkfpaS)VC$`Q%
zex<E*Zt8F@LqV^pU2AlZb)9UJUYACFfD&2M<3;9i>XRUuo91fs{x5B^3-V;*gPVm?
zfQreu)2JrMF{!8i_rY-NczzEQ=GPDeU_`}wpa2pD4cJ04-`PHGB<s)G7T$CKYD`A<
zIpI6FCLoA&TE@$!))mqdcp8=E3%$4z-{M<Ag`qizCrc)My^;{ij-o6hfN9&;Pwvo<
z%3S2dC1ELH`}W<D7b%QyJF|c>shTQu+reUxCa&%kKY4HVJZ6c-M86`iUoCG9m%2><
zb)=PsMQklwM6l4@rOD^oO1t6E_ffbHW+-%4AZAseD>09Yd(3H}$BYH*%FL<lc~V%!
z+M+kiTm-W=2!9(PCtWhQ!w6Ej;6>6<NAwa?sL>sUdwUbW@K_*S$2jx8Ek&=9YIC)&
zZWB7xuV0U-6?C}9Q=mAD0O*N9%u=N@ZcOnlsObdHbw6e-bNsZOwVjyx^F(ZRJLogh
zKGzyEy9SZpLa&K*@htWnG-jfAL2vjrsJ4Z0D8;)UZv|o%#&SJ0ZL+!mj2`xVxu-u>
zkk+US5S8&@Z>vuyPh-&E(1nW%+R~spLO#z-2lmu$)1^0f&2V5R*$*>rKojcnoGjl1
z`E<>RXxI^_sVSra7AnjmUxoi#4Xx$h6!p9waWvhI#uGyt16KpK;h*ZKYN3#%&atIk
zI}K#fx7vjBOZOg4lu8+TM-=57sxJ(#{mc$w-^n0L6?x^=4FE-~m1l1@ngyjz${F5$
zK+7uuazN*Q_hCeQmvkW5(2!7o_@GEXJ=(4>rc)zqTe5#%DPt?-X+K8367gpEQI&kA
zLbssdMM55m@9CYWo#PSpSr_dF!?t(Zm&=q};82G?P)lK-N<#@^9zB12)l^@;%1M8r
z`;)pUjvsOnNklU^GzYEaqE1w-s1fd0nkSSVf-_)<=wJ65@P{KhgPG*qoHc|er8V14
zr=j!)q}IBn&;t$lv*aKAU+KbEHV|Dka6-!{eqkq+eiPCCv8FQF@WD`CWs*4Uue5jQ
zc=T(eD;XfL=GDvQACTZh5|CUQhL-dg_hWT49EFAR1FA#WA)YR!qye}gQm5a>@?%P4
z6PcY)?{qNF?NH~%Y+NL#rtNpAw@RTshrY1KblR|JAssh8tT^?R!x7~zBS-Y}3(-E0
zLThI0$Y*Qmf-Xghs?AtcO24?-RQYgFylr@eesj`PZW99z<q+lcyIZK})`X(SjDvE*
zYkvUx&!{qQb>cTk8YLn7L9?#H^1E<V&^OdaZ-lUM=p|Ma89|#0c&<>AX!Cj%0`i!M
z7d4tJ40ZUVYC%cKs4;0VQ7T)7*IyVw=5ncUx>!{i25nL{Nk<8GIW7qZXu|`@UK1gs
z^WWS0VkMn(lRNj-dqZ(4AC5Cl05Soa#3Nz%^F}DrO2zG@txg9IEC&nV5~z@5Kq<8z
zo1o9?u_16N<FuMKN=)T5uTvldjFdx%pykgd``b=MO0)b|m!mD@t4F2FmDR`${0Y!6
zQyK=!LC8G!bq)7b`)Y#iI-pzN64o$V8lvq#>{&9oe5?zCX+NQk1%vxd1hfqiWxbD$
zuILlQW>7&JN9@pfyG_CDI_?bP9AG+w7F<|J4D~~&7~PA`z9rJ-`=rkk1rx3tV8U&i
zEAegA^(d9BH##{(VjRuQiv$lp%At>NF%pmb<5Hw&$$fKX+mB$MK0}{5IWLX8mvH*=
zu8Yv=j#&#$KfLZJ5JVhMb#ci;>$Ei%hVWxmPiPXNCaVei?fT(#WW=F&AT+Y+6PTMO
zZFwUo=U4@YhmEsFJ|mWnt6c2&(_%{KyKNXbWV%|mhZ8B_^wI}$6^<%%KmEZew7TzP
z@W#@RAw|HT4SJ&@+1sKg7bgaD9l8WmnxkoSSV<&b6^PKEBXnc>K-l<OQ>vrMa`ovL
z)ulSrj8bXXX45&I;CJi$Ov*jQGk*CjvJJ0pb{F2Oxo@}{!4X`(M|cjchC}~zERrV7
z`EkuzHb*ZND0z@Kiah#4fI6oB`XkhE0FF;83C|!DVthapgCGur{EaCJ(%11hpZpiC
z9S%V7rZnuLax0K_ojZ>C){CWlpP3~aS~!5-(=5&f7mJm7sUu<P6&1=mQPb%91>JL8
z;&ZQHONqp3V!dut-PF`E)^!V9e*R(P0tG39lV7Nim!vB$y=g*mj7H(mPlMl|-BO+!
zF^e^qdIEh4xUn21$;@3NLj`VCPLC?g_8nwzsV2e43l=kotcA>$evQMn0f~^;{Vb{~
z@1Vu?o@rqS)7%7PFSmny?Y}YjHW>SAYL`vD34I;ADSg#Q6?p~iOgE-G2M$G5lUrUm
z-}_@6`wQ%^DRmbJInfVuZCO({E?4&~cm)<(>MJ9sbno>_8K_zs=mC=$Lg?J81k3R*
z!<baJ%b}%;NpL|m1mB^)cp-Fybg3Zb7^5GSfoEr^Rw>X-F5&h~E5lqeVKC5&rztG1
zNQYCE;R39-E~GKf3Vwi?uixVl!_HCbScq9Qpyg3*#<99V7QKun&P37=F#G6IprY$$
zD<~C0nOkho<%MD(b-p(O#rkxblC@1<40N&AiOceegQKyvR?J)n$sKqV7z&3f_p@~A
zu3qj8;~20^<o=Kln2buOrwj<a7J3B4HME;y$ulvT=Rz(v!Ih*#BbkYSeb@*=30x=9
zCSeSZP7SrLogG>af0#=F3kWSJ)fpRh(`qf@ZyKHIAEpZ7$0tuk`d&(m5FK*!{Y5S~
zcBNRJu6cs<+r@rn{zqmTaZ71Drtdr+u6fZ{6^A8TPUivJ4(1=pg)Nw#ill2%Hvq(C
zv;(g>^nS1;bCo1SyswroWWjJpQw~)HtG-jqN5hOXN|K64KoBDIAgI0(prh4kLK}{L
zxa1hg#y2z2@78NdnSfj|0FQ9gBt6v+kSfIkVGpoVL1a9k>pX=R@2YeWX}rSN!AQx|
zuMk!Cb0Qb=%pK-~hGN5F#SS3$1Ha*N12i6hRwSJ-!~<-D8haFFs(r+kJ<BK{wU-Vj
zi@mohjn771P;<z(w=p#A(C>dWRWmhCM&5q}0`3DT#_36xU=#A){Cp(-(CN+1)WtsU
zMCZ<IpnF}x0>RHb#DgnaaERbO$S*AQ_B4fb|AU|plL@jD3>Jqja}|pCRflLmceQL=
z9l8b#;!+S#cOMaU(fHvyl|IuxR8ZBm{<RM6->(;BODL<L)4<3Uv#wmrg1IS%9O<Y@
zU@A=#n75qQ?1Ym<Oc^)YB;m~{{*DkZ2P7;mqv6m4jhL~SG{0Rk6N*E$EPNW`H|2qQ
z&UZ9?-Z>t+BOU6PYd8wv=XcMZ6^a#%4K)fcG)rC(iVnn^QHSP&`T|LiybGpA<UM|m
zHbQNiD2EnoQA)BF(&48jh#!iwcYwyVGboD$Y6gum?W?}m)%I811bz<g{-i4qc{4Sw
z+(c~#C`tu0(;=Gz{XHykT2>}_D4A?`t--t!${84T(K7+sW2O5W6d$QKZ9Z&kLW;tC
zBefWsgxR(nJJb~@i)h`Xy%{7|Jl7fqqCa)2TgD{6|E|E~T#N!vrH4>Qh^b1bh4gGl
zG<+YjZZo<FF{Dy4HJl%IY0*yD2p-zUEgA@x^8Z0GS-DXahouk+#DrOWiKgLJbN1Jv
zKck)vPX}g>T#@#_0*5ADOvzl{7QI4;c0OP$>haNoR%k9jm&K03T!)90pLd|^e^3U4
zb6-&GJJ1gip$eF$2{~N<I}ipr>Hvg_L`5O`k|mKg7+tC7c`=xu=5BD&60;VK-&Ocx
zi;(++(J%t4y(?eqS;*xHCjPwbkI#o#*pTG4g|7ZA>qQGcUh=Xfoto$6vN?1*+KNR3
zyBpG&1Dlv0r^PR2HHtCULTL0HF>Z5acECb>4nsbrd&p;dRwBBywlr$xDr9-Sfjk1<
ztz%PLxRFOA+!aLpM8Y3erb~h84ldQu)4B{hn&lK?8kmjl#_QI+Km!Q$G7tg5ZjQZF
zInD?+^!!j3>7OFPMnz5x!x^f8NJBF+IdnaP2DFwTLdo{tYBe)hQuu02s);%60e)K}
z_@Lh|Mrrd1ntOahJ6lu5fv4y|Hv6rp@R9@|S3HUIn+Iu(A9RIYbNIo^S>x*li@l^c
z!=cq^CYewv+UBhv3_gQH+f7H%*B#0Xlrae>KjPA2@QtZ3IPLs-R0$(Lf@rYY*U`DC
zUG5=$;us8HhY3dh(9PsQ6IvSP)~dE$zpsaA-2mS@eequDV62QL%%R2!#m%I%Cv!V-
zn{Q)JO}K8>kB*PQ$*6w5ei58Ibi9_zgLF}R$E61{LKxGb1HQ<uX<P+%F(T6DATddM
z$e&d?>1Gq>9+9DVD6DYei2+R+$3}b`{Al6#RJKip(Ai(%?j-(=Rivu7Q2%1ZkVu@^
zp8GM0DHVkg2i{BSOK+aACaX0ybEG2L*sD&M*rYU_k>{HI#n@Cd<<*AhdoP=!jHO~D
z_7Xu3ErZk~jwDZ%9cVC~r;CwN%VjbE(~+ifu(w<SK-0cAjj;9f8_=_<rWloVRhuL>
z$yHp+mX_3^l<ncJ185G(X+R_IF{mDU?RSHh^N0#{e^y0@pumSwXT<vx-_+xW6r3PK
zJqDKZ7nuH~;!&;c4aUzzD`fPY+0w*BG>6)lyU(_zW9HcdR9F5mD?^7$e5);e@FTJ@
zmC}$-7y9c$G?_{sQN6A%r3*R2=g^FY5Uq5}U{3NaP}JW~a#o&A#f$Xt1c`KXkr^Tv
zSX!_gDmr()x01;VvfMay*>+(kbuy{;&?xh(@IhxuGh&o{gb*dU6l3sE)rWjzNufU<
zFI%rPLOC?$e%QhsG_H&pXjeJ4)ibBW@aRU;rbhElykHCG#Ist;ilo(uIV_Be*`I7l
zm~l?@H?!gzQs3a8gNXVCGs^YmSfL45-@&Y#&1_&s$A<b!1#FT*FNR*$d|bYpIh>kB
zFKQ$YQxN*j#wNfp=pVZ%T={4Ki4KLC)~w|+qd1nvDLz|qd8m8Lr@!0GxTg;+?5-CQ
zR)>b0$HgsE`L@7*wXqU_UWP26)Q|EpR_dy$y2LeT>2tHaV<28o8y{8!s3!#hiKXQa
z{~5tde4!MV@E6BlBlb<&V5$qQ;136c7q`?Xn*?EPD$^y0!P8-J*(B71x9?(b$J=+Y
z&T)XSe*=Sf*{q3etV8=88@9P>n?k*|`{KA)sxy-d^BtOvM!Lu-=ekJ)qfG*UO?EB5
z&?gDHZrzXZ08zqD+A$M;HjO?s(}>#kg-mD6$HP?W>wM;6AzBDi%V<>27TaG6XEl&0
zXgOmH;hK6TkuFbm`_kE*lzl#cDdTcb)U<9a$Z)BM0)Kk#A&Q0EBQem2o|(<Mx{~|5
z^}b9xW$x<r>(;Dams;AhX5IR=%euN!DL8su>k!br+yHXJJ=16yRpJPjF-%2mq6wM#
zXliEHnYn=md@Pn7xe<G+`0pa`kv<n^=6+h|nzE^0Y-99A#36AFy?pwI?Qy(lyD0?M
z5-fAWh-l<Dbk7PqyWsXgV)Sq1qn+>vGttAP!kKF~F|9xyHV5|1ku7Hti)`B#aqm7)
zAhF(_IT2|2-~H=O57~*Ev3gN&Zk*%f(6$jLTEE@;&;~a(WfZmRmMmG*aL_$YQF=R=
znN|NmQ<o2R5uy*wKZ=3JKPuP5n0y6yb^UYjMbB{ao74o`s8neDN?(laeN9WC1bA5#
zy5^Q`mj(@i&z4njyNY+_qId_<L3$cNDjn5ORdCbH$cWkghzXLq9L;FoY6N?yytZTM
zIEK6_(GLU3YI@L3jSj$NLHGs#KAQiTfG5GQ$I0js{pTo>^ucf&sbSy7_qr!m7M@o?
zx+b%|1D2wVD802CK=!<CwtiOZ@ld{r1v~Bfy3KJg1nbvpw$h%mIwB{oLLCl_4XT=?
zBn$i+{wQDDk4CH!r~OS*H?YlWQ#MP1=1OosF%Ma+ky0UMhmPH!Xho@4%E_jPUob(2
zxJf7y2k)(!;4xdTwTCwYt2-H7)=)5U-_b_xY662vR-4kM>&rZSpg$QFM*6_G!8P^`
z(&NhS!6+2WWAhb)(@#(090VFe0t4B+aEF&P36-a`Pn*P_o>!-JH5<LeKO2I>yn<Ae
z01OQeA#*<p!-8N%rdBS)mr0qJKXPLMmCqJbXL^2up-XHv=pYQZstf{Ww>h=@_ou^6
zQ2MTcR-gjV=WeDJ2#~)uroo(Z9;R2xp@U;`rYMfx8xeX5A?Q`~xj4~R>i9g(&lybg
zS^f~=bJcecrX@7)xI%|~j-I_VuZgR1?CnH)#0%nNZZSRN(!Y>O1gSsr{5;ihLjCA4
zY(W4fpc-)STJ(FU$?QneRBHVg3Stt06Yu&+LUA@)XoNV}cOB`>j(#(OQl$ch%lLFp
z<a8ov@n90!Nmzzj@KzGH>XnPO61y1C@-5?ihu(KP_q3r<%?~>Kr`arXq~_U|>~&~|
z_eLV<v6kD9`aN}R>Lc2vr(p$SzukwuSDN%P>{wtewF4M^&7r?=-A#G}6YFBA1=uE-
zg+qOjRQGpvv6G|1jQ0A}mo!t$I?aLaLj4!q56+t`L-j_x8v_#M>OYeq%!%LjGkEfB
z2@qdNDKgon&WMTzCKDpxuru@v*EhgI7HI&14;@;fHyv*^kEAHXU#nB@aP=Xm;NaQ{
zZqjYggW4vkHTFJX(P+tZW&PXqbq?K+dANEkpf-LMsH%FyfLu-rT6O4ucSrq`;>`wk
z{aerlT^T^ed(ey%@E=(p#z<PE{Z08>4M4GND>bcABi6dH;r5aJh7?lE%DvseoRh({
z>ux~xpNcrkiH$^*>Ey{BEYg8uoa2(fo7Jd3sfk*d9$;zkr6-6Gyh>0^^orB6jtAM$
z-_hVKR22F=v@J8^(0o)?`3g~EqOJ*dNf)&g3w3B+sNPVSuW%&HVkq_JXmrbNzIMM&
zwvpw5PczpAsEQ3P*^r<uxAUVWP>AwF)f!s;=pQDr02}+}u$hQ8>vA*7kur5tfM>T}
z5QZfB`c_H;`YmL4Ri-~-^+PAL4rDm?Qbjl*gcm6uduj4JjZ2p&#D57|Z#4SBKvuan
z7wrC~t#2*L4EyrMG^Y0I866l6;5#2dtmpfK-aoD$h<0bTGx>KtSQ@;{va&(tQP|!=
zL|8`wqz2a_>Mk=KROThzO6gE$2Whh&tkCr!V3%lWt_&}xLf5oLYUL4QIdm@QItI{5
z`RV^m!%vJ~K=U1)VQ2RFmMl@%fIH$*3~A9~zbC?}P2nAhB(4dUN9fb2_D3pOd8$AS
ziF28|)i)Mj@7K~dN<Dt_pVTq~krAjC@|xyx9l@=b9M5ccbRkAjsrS$89H$@qlQSm!
zGT{;;&UBg&Z+t$-Txo*0frs4oH>%;qCmS3(kn{s4LBNMoSs-awq#d?}fB}gO4~$`s
z365{MRI1W~gLDhOEWZvRwb=GSYtzW2$y|f<XbRCBLCN%&*?d^IdM0J6>gbG<Op-0H
z3XKnoVloECXle-s_F}a-oeXLQZq$>fh%LC#L9*DtIdtfW7P)&dgXSgDcY5OP&p3(=
z3}E=rvDHLPy(wx+15)-v$&qS`l9HoQRI&FVAC?)=^z!~bCG;?ZI|A*@Yw#}{XSESa
z?s4}14z(a66NRhac~KZ*Xfg2xC;jEYi7Fo1<TwF?GB{_Zb#Xw7{*rqzU`Yjk+vcBC
zI<%^2OVE^lupIr^IzEj)Bc><tDKc*bLQ(dfy11JDis-cv{sm!IDdVSvhP7|ks)Rt=
zCUK)CmijyFoT+x5(ON}+h;XpR$zq)HO%}e(KL*8Ls8t3)HKrNYe3c`;QbWErJ?hZ;
zZ?}gnxIq$+VwAY1T<Qm?QsumD+9faO5%^L;)Nqd;)X2~$e%6lK^QKj5auYMs=gnLo
z1gMg5RQ#m`DEa=RF1E?$HbKqo;%7SmKKI>>cVw6Axg|ZJvl@>nn^=N6mkuw9_f~JE
z<6vSNs~sFV1{1_FCUeW1AZ{r`+A~A^l&2a5^ThrcCt2cqkeN68X=UXdszYt5skM}J
zEpn4y<C?al>IJot3wh)nb`tr_5aQ<&$1{A$UNV{qw%BBb<u)4C7mM70?6Fv6dKC87
zVENUH>fgrKl3ELHPW~lusJh*G^T%mvg;U8)<<}xGwc1CkXv0GJ7?PuP2c+ru$GZRN
zk$k^&yR5`0M(+A;cEY=<-key-00MBAuRjqP_xv0p<ap^vPlhwX`nJQVEt4K?TTCor
zUBRGrKZbz`b#b~XqzX;RNzj9K=;6a+(r0n(TL=$EEmG(;^Eo9}3vdWfu@X4}ZL*Zu
ztnGFLEhgeP?8tTJc~Bq*GC4Gkz>hA4=DY_F2WHQWoIa-2QPX-%)Tue2?Rt!+P$Q2G
zsevqZ6g@xqG4z`bqEJ>+DbWRU=vyB!CS2ndp)@$!O%LkKSpzl*`Qnh;a%dn4DM@Tk
zYDAPbrnaVIKK6z~Ow8q48djmC_*7&F)3$5#62<y0KLX9u0LJ3TgO;Gh5Qwb#M?<g4
zXP0MV9Gr5Ar+z}~sed3#Rpi1F{ls|SxTu{&FIu@3_O=3gT;$#ZJJvEnc4+JUta4p2
zPN$l7)yNF^P_R*pglZ>LH*VuuO<<4U)xvN?T~C{)3Y@`^Nod!@b4_R9L6U)J5S0aQ
zKX{F2?P5$|HG;7G`Mw%Kf~x2HY6N+wo|~)T&|a8^ATeQEVq2k8{BB(Eh<FZE$VxTq
z&4qMeP#raKbvTWhu-1FCXK&(sxi;pB96IpJn4zbK57&dyprz^RIs*U2kN^XGV)3@T
z(O~D*qp*nD&c?=~>;J9c4Vmu=vH7SblscalfF!L6=#q-rL1lZApYPeT5Oo%zC|jjX
zy3m?)NDDwuX#4?tM_hFN1uQ&7PcT*Md#Ufo%SYb`ib+n?WY8Fb8iFESj^rvjL0mL2
z$H!aZ4=Uy$T+6hvL+mv3lmc`MATu05W5&4%P+DSQ)OBFFz>xYp+69>(Nj!jeMf$Q-
zo?P`q`ljCMC$bsv@b8HfC>G;H*5qa2o{|^2Qi^#>-7MXNPH^Gj5JzoO`G_<R{9{@~
z7LL;{r_E4VwxzWdT;NFGL<$xQjz&z-%7FHir+bTpGzvBZok){1iVvARThg$1AWk7k
zcfFx;`a`NfR-oX11-HfvzHTU@NrFNjcEgDlS$ls<C+yLfpu$pBjnh*ur^g%`F;ib!
zy%+jVr%z;=6S<HcL-}*d4yk=+m88`ckv$K%U`Wi@X(A1Jwk=!;2tn2{cp-G#qM-+x
z3MPX)i-M{JcLYOXF~_FlU4IPaM>^vS>7u(XpH2`kQQ~Z;=wmp-*b!8m*O5zQ42(UU
z5ObhIw>&Um;@HVkVDUO6$@QIt`_N~|oHW~im)zu_q`Q7%qn)VFI}<8QknCN<XPAT)
z(sKC1PUVLRdFEWo=F`w0V?4U6S`|)Iya3ia1SlUqat7JTb=sE4e{;<V5A&)7sa2K&
z`*0B^EOB%6KxnHwP8E{q4Y3#|5wke-&|OmvAUI&0egw+s04u59(`1Qy!6)|@YCb=F
z@@;+zDG|Jbj<rAA_%<NAo?(YUXkZ`ZkOUZy=`n;;LD*LS`lW4`hapZ_R((0yw$nf9
z@6tbv(?b8`!Sg8MKtI#q2+F)b6KTg*w(c4w!bRi&%g_zVO7O%%``wf5o>@B)TmbqW
zdO~_RZ)9)=y&OB7%a<#lTJZuJdOsby4Hdg8&s0DH4wTH*^v3#;af=niFdP#AE9~x|
zW*%@c`6$bik5bthxbL7LY5G~VHbZAnnOtGz{!AKefKo8C1CHZ@b%qw9yb}E^$t6Ad
z;ggoI`^90o4wQv+JuDchnV(Vu{#{*2A*vjUZ-KptQM^xVzr3MVejzBvMC8Wkf@I^)
z8BF%-4h>h^)h_1H@t~zL;S}a2o&;pI#bZx8y$8ca)1ybZ8OlK|u)oZ;)hQH|Y#N>5
zA0hYZq)J7Lgqk^RK~J#tl%GAWL3N8JZ!o-=Vq)!4>l3XqvJy-1-KnkTLgpx$3Di%`
z;&~wEdlGr2{W)IyMgH$;#FOp6K-;M}f=$v<mKx#L_AQkTEWoI4GQJoS>{5Hzh~GOU
z5hF2SQETsCO8;K?U*F_QJPQGmmMD4J$cO{MH*HNw=O+`MHua{>%c~?3i~pc?Yu7Ml
z(262XTgB%0!iwcXsAL7O&_g*+KadN!Q1K8{XbDmCT@P<!g1aHR$YB@Qi;dP?@L%*H
zJOHPV+gKuU?$CJ{+8!8MPwTrQi{T;90&2bBOyj>k;zIbwwE|ET4g`K`JsO&#q!-9n
zsQ$bpoWb!4M1ocAFhuZ_do_DD?N$Rn3zK_ct>{?H@KNLE!6d`OeCo7;Ummf!>JWyu
z$ETw`n7dq;+O~_4JK;I$e`q?oBv4S5LQN)zQY$oP;?swcQ)NN*r0K~dYwasx?dWjm
zAg_X4i>B=-Z|0E3ZX?~%;yk)ZnAqab(UCk`SgEy?Ptq6BKdk3|UQ<JXlt8vrMR!ji
zP3IG0pLveGH+tlL)!)|C<7ys8hmJg+C(ji@pg54i_$>BpKbc(Z5Ni}B7KZgbQt)b<
ztyavT52m8yvo=jEh(2-^1$;Vn=C!p09|WSM)jX(wcE#XQ#k0v_h6lD`8eaD8xv2Dj
z$nXRufW~Y0VgaD+=8(XlC2%OV-Ft+3Kg-u0mY>%-XD0rW+~+lpF^8c5NWf~u0fz)1
zhmHehg@1~CVAR*DbTu=ux>!J_@<GrYaa$+yZ;3%_x_$QuHc%BEeI+oNjDpS>77D=~
zJn=L?xtLn^Ers#eOsU{5qa4~v^SKmCkE=Z6tOj!T2ukuGucFIYJ<LCu_8DWuF#d^S
zO5v7f<#JCnSuaPuDLo}=e$U5>D`!FnGyMc3y+`xa0S(I34xrM=hu%U!O}@REK`$`1
z_1_Dk$e5+%Q+nvcScYnwEd}h*m2V7&mRhx7_IPeVY4??=oG%S_H{`LWRlcqmwE!WZ
z@w>%rym+EeFkp~KJ27YGgy`DPI<{D))*5QWibFH+nM$Qx4wBgIzeNxChQhl+=+}C{
z$)WF`Co|i*cU_;ogh|lM?QBu21~5IWRP~DKmjYq=b>%VmT5fs7l{Xy@m}2G2HobU}
zCq+^eIg9bZczYrJ#TMZmshJdETEUqz!4k5!q8kL(1(fUEF?{P<lX!hwsC@X`41r%}
zN0L&xbROG(rm3XYzg4E2k9D`i>x}|euE;X17i})ct5=SRI=PEAt**4Cr3#>wYB6N%
z(49*o*r6$d;*p3XNC18Ghkla9FiO%vgcVr>YZ}=;&v-?9Kez|(k;t5zz=@aScvlyr
z{}n<B82D@JM>o#1i+c@CUPX;OQ#dMWzkCH^Safbd>aC)-5Y1|3xG#{cVyJKuTaEHx
zTZT}V$cK(bUX1bCCRJrg(s09X712~v!WAq^L`&4~!!3JqnQ+h6!JN<3ddL?!3cq(L
zMr)QZkVn5Wq_`aV+cmZfHB!bZC8-YPV+J~t=spmONCw4n{>9oo{Z(G*KyFR_s>ejE
zVipwh5H_Be2(hI!<pQ6#psxtW2QbLrY8ANQuC8Sp{y%$P0w-5hrGF9<#C<~@Q6wy4
zSX8nQLKB`72!UuIF&#iaD5|@vyNgs;HMOME%w$|qX2xaQ7X)|FamHQT0G&Zc9Jg^n
zTydRo8PrinP)Gm%zjN;L?!E85+WJ)|f&Az9H%)gf@7;IrS-$g~?^If&tzxSkYlU_H
zHoIosUuuqZ_>3@aP!CLAE|=POnI7@rsjz=o-v%_dEL|C?NNf$81DeA)a>x3)Xpk11
zLQ^rQha4bt22dOaRVX2#xaXozdRm&^DO)^2v@&mQBez@{+3^j33XhuF$pI?Zso5E6
z&a>X0d4vkH+#iX|1>x4DmiAbFESD;HlY?ShoG342A>Br8*%7B7!Qr0%>oM3<sb`iB
zd5i7oG%&Fj0FAX8W!O!{OX#)lm^qt$HCYTnaNXW;_U#y|sL(9>c>NjBYeOKZ7c~3x
z@5amJRG@oU2(!>nIWK|@dK(CUl0_Gq?HLnwDp{_<g9+NWH90Ur%w)Id$oH7`ZhYTH
zUx!RhX?8}<;qWgyuFwikc3W+7bEVlD7QR1^C3-nJ9mc2X^=7#+Q`reEvCjj;W8X{v
z_f|EFR7M-I{6RsW4C8bIMK4)aM{RGcJju=*{Lk?MT2@NcxZ#+4azN}(HsOG<|4Ott
zqitOQTGA4d>iLaZwtC%)(+=+u%)^an-IolNlMSNzw7?;GHv8i5E!Al&vp3p7%s7v=
zz8Y$wyr(fRyaL*~3;~Ko=w#1%#lWr;1?i38$h%3?Jce}lLv_&ZY98MP-vcPhJdfTe
z1DVtflX1@PdW^W5wmLixHEksL&}Ny^u^;j=ce7VL*wg$n*uW;>=!y!qK<X?^wu_A<
z&>GR2OLf7)q?c+fIOfS_`S((kcB(5e`eUk|zU3VJe5K}zQD&6$I)qD2NED-~u7xih
z3^G=aL+#&q7_o3$&fY(TbVQ>9J;3F8Pa)0n+1H@&fH6`}p^V;?MM1H6p5peU(10_(
zD5Cd4%TK0aAQ-1NIJ8_YK>5Z-a71{&fJoW#)T{?BM5L+10%d%_6viVhuq+H4K#<_Z
z<^<YA^s*y;KeV708F?!TLTDW+@HCR(E`cPPwU%ATU{7ytB*4%G9ggV7Uxgf@Qp>^Y
z&1$>ELQ+k9TuuvUl<nx`hb`fW9jIn$ZntIgWSDz;-ZvesV1t_W8{H0E_tGlS&ADml
z2`3gF+v2-C?z7mOqS5UMTvVCP<VclKs5qBfyuCAy7JUooGzdA0#$Kq_n@vk*R^B7o
zb3|u;64Vzdld3RQeS46GcRX-8J!}L$-mz0>AGaFQywthnjtC`Bt=U05WE7PNJvGD$
z`w}ak*QG}E)ANZ6g+>Xgcw7~sb5dj$V}ldabF7InIYYO$y!~{2m#$AQx?vGb>smxl
zXF4|c+)Z36kF_Tgdjr%Ys5A%s2J?V|q)z`@|D$VBwC>=g#Fn-I4q3pd96WfVf4BhX
zRUI`dsjSI-LzOpb8#suen1pro?WuFh93)SnbyU5;=}A<@06O4eHFm*xw4UGtgnl#d
z5t*Uq17Bk#1q&0HWh$T9H*y=%&-(9APQQQi_y<+ja+i{|=A3U)Te5Qx@QL|FA~6JK
zSVl_eUNs&Wn<+|<evhJa3wNW{h-mqEl0(+B!43}okFN&|T`JKzUq@G5y;@pVt&Bn3
zy)Bgy)Y96!P(0m%2uyxPQKUMtW_4lf6npaQeho>M@IM9q$b`9CcXS_L($nGeXFaPc
z>*<ZSkY)j%kh48jFqy%P0h7QYv2jjZc^}{g9DBJqKBYb^@j<<1rr~YrXD6j4bqH5*
zM4@NuwHm0}rI4-W^<Ca}@ozsfH`d2gWzd_rnYQQWjk7+C=cfA8Pr5%S6RaZA+lokT
zvDJ*<i0DyY)2QRHWNo_OK(xvs4VeT;p*ihV1<>nh+-R>hzyD{6N5ceFZy@X+!7ou$
zud{xn+w$!sT8ZyL3G2oiH1;X)UFSn}y(eY(pnZYb6UXw5HK6%BBbAA$fS3a|6>$Ja
zJzioka4Z$4lSdP$UoAT7;lT9U=xpX0b#!ZDT&El(&Hn*OsIp5Y>uQvDxknjNe~#$l
z4-#!ZYug#?HxxFVvvCU@_vIkel8x^K0^OVr+5y2O;;o}joKs6Ut6tv`(TfdwUId+t
zGxK<p_L<p(-Esjp`7~RFdVQLndo9jt6aC23W%Jc7*kab50Ar-qf)Fa`^|44*CVPPH
zZ8$oBeAX>DA){KqZUMZu-&~dL$*RSHRdMHZk!RpF@o(Z#M)YZLC{_EDvKa&L|LLz^
z3Xd-{Vam-)iPf--{qewQZ~w+6Fkol80H)?ts&G3s5l&5xsfmu-KBay@{OH8`>ijqD
z$g-=rrg$k;Uz!FU!NZo#`OO3&j*i=2^io+ho!R;(un4^cRLB4wuczdJV|TF4z7_Ag
zYmB>JmBe*Xe#Fm~+03D~=2@?(I$Zmpz%V>*6%)ow73fkF=jaocf+i*vEBZD90?>^I
zb-b~$Ro-21&gs>{-Qr;%1=vvbA@nN1rN{|d^i4F8oF<rCxx`ZO_XY?kM~kCpOiEQY
zWRS%E)0lJ4X$SoUX11BRKiXf(KcEye9<@lOhcV?96u?Jfa@JP9yxX9KQ7W73prh^x
z89Ms(JCrx&ZS?Q;KbD#M<pY=CgJqcBmPUyl_<6!eNPu+XPbtsQpEWy6ze$pO$T4yo
zh?c60Xq7@Kr18U;)d26c?Q;>$-Uewx^h%Vta)q*$<6><N3(_5g-r*AXF%&cfTQ84i
zVg`;eK(R&=I8$$mLSj<V-T&bDI5D7^@KN3DCJK{HO!kr)$Ko6N#!Bq@_8%TS>Uj2z
zOpfA7h;_`xYqWXtBz^v4_(QWWR+;2QhJePPRRr|-f_x1$h~D_4#Gp6V1V!}sC`}1l
zgnvyR`a%#;VUZ*HM%nfWIgJCUJCmNA)q)rnwR(y-{0t{!K_l7~R8_Nsr9W;&{nZ=b
zdrzo3|K>t~uWSJ56p;GLm#a_~RvU_AGZ3mZT-E)q9eKFjWnEX}p5fZB-x2bn^~q0*
zR0UT%Z9Ax%fTLAnlb78@0`*2B)xTFR(a9SKgDC_VK)Q*Er%#$#%+`}7e!+FB&#JiK
z={M<dkzg4Y8|sRf&nz+xX7caEH0zC)&=3eHNDLFd1V8XUqeAE3i~=FzoRhwnu&3L~
zP4<DtpQuR1cSUE2H6IlMmUe~e1<9HrzT^L4<_+4H6h(v;2s^A}M2~nIM7hiqm6U6T
za4b@xi2m?o;<AK}fA&mYW<-BHLDPlZnT0vG7iSHdqt$>t*v)OyE*DGNr1xBX04Z7M
zOc1b%XU`E2BAbYQfxJuYx?Ub9otp56@{GDA<~TiE%z>&T`k8gFbC|txrEL?qhXG3}
z?PcqQ2;cNxiD>nO==DY<QfJ)>Xu65POO5TUO$<Vr*CX6*mdiV6EyjKO%@ghec0-Pf
zQ6A8sN*vzE`9NpSs+9r}CjM|*Wm26X9FL<AmKh5}zr6<BO|*ikBci%6>b3DQ*Q^;G
zml@xjQt1IiXc13Fg7QSvd!YuXM%ZpEbLdyBwUE=JnL~xhelM*(Y{n)@4WcYh3!ygO
zv{;!`lcJ9$yBp{0Q!ky1iNc3vRpb!<bl$wjuH7+~;}9jRwK2yixK7;W;dpizeGvIz
z4NnIoqCyL$)&lpb7iQ|S=*g~66k4-&szb3-qGBw5ldk=07?GNQ&7v6dKL;O1W~Y!Q
zOdp;o(Z8L-viSf7ojj*Ilz0e4C*Xi;ZM24|{h~9ko%Kp7qD8k80S0S~Pc`T{NC8kJ
z;h_J@*Q%3aV=x&&wZ0L|8BOc|Z(>DnJ`;gHD&o$S^2W<Xf9ZZ`#F9O#b#E_nYacW9
zYIUM?%CeO>rtdon`OoEemA;#haEQSIEC94qojrx*TKtmRfz=|+>usGBy~>v-w%LMS
zDOP_w<`W|1$;tP_%ElP}Moqvu2c(CbKA%I|_zRS6T(Jhmkq=>VEptlRBbo#Xq{p>+
zus(nhZT-~d83hw$W~+ex8tFM{E_5r}-T|s$D8^0~vp)dhamI`Z4H0<3u0nIBI14eX
zt^6OO{4<w-)(eRbP2(@Zpc`Ycjzn0W)2-9<?_5f(W8dT=BRvDNK3Sd-O>RZ0RLIQ?
z9v`O#;7Q%qxI;$QXw1Rv1(Q#`IBfilAPp)NT6S6MIJS<c_0lDDUU3|DTOfCuMNdO{
z*GvPxIOnE@3t>Omx^QE9iJo;iBpvGo7*q!MvXlSSlR(|-X#2AUTIxN#m1Y4E6}W8;
zc|eo<PR^BIjp8>Zw7`}#E=T7bxUV9rniECTbo9>{0pDuWMS-)O5^1<$M7AD>4zhA?
zG38K$l{g-=ZK>{h;__c%=ZU%P_G{i4*R;YYluHd5EAvD1-L1J9etMHNw68XDGjMdu
zCAyra$~|;IF*G3VBj_-BCUX~I^B<1JZV4CIwP}~r8Bk95gpw@VJlPdskx$!<3S@ic
zta{TFm6G29;#$25<!sJS5GAs8PuOu>@S|RgthG8@oNE?};G?$aKKO;~ecA!4nKOq&
zEK;}Rq`Pjwj+@eEsWUK)36~~b%WK~S6|8|%Z*Z>>{P$A`T_L^`8c4=>=xM&{pxtz(
zEfb`-?;96CtPVZxM1KreSvM6GrV!O)8dRKMamP{bObA0yr&CeyVXbz^C)L<aO*QH@
z<W{<j?rvqfnMOtmN`*<#mSDw@S6^eK74Ubk-$4PkFQ)@QIs|OVhmry5Z5W+2-Ub_9
z`R}|o5)}@`N^uZ^hERCET}Vmj(3gZ&Xk(rO-l`Wf$kGQJQ$LR1_M=Uw+Ear$(l8lK
z@vss76S4=Hv!yS}HuXD!UgvxO0%}OdXX+(-^DPIMQb4ms2O`aeQ?2vVIjI8t{#dOl
zrcLW_P6qI_vsGxU6Lqux12eed@~$$teBNGI2_2AAp|FKx+*GW2e&RpHZ;)@ut@dQ2
z{K`Q@b3azVowCG9OBy!-U?wn_7rYH>lk~A;IL<*}A$n?}9Pt&%r>egO$EdG1N_&zn
zz_11or*qoF!IrBc6&xAaR72nb{hn5tw}Ng$%Iyo)cCh@P>ri0{h~6e+SI{Vfr5+IF
zWhMJ+W8aG*U%;85K8M+%`JU{>@04$Jy>LT6VUdD3r{J7Y@j|k1*}M~7_wbCJE+YGH
zF|9rAdnA%l3GJ%vgf{!rdt&D3`?NLq<*4ZwYjadV*sIf9WnD64zZ{d?6-<g~E9m-q
zHVH7b2@FT+PzLDf`ZE_!irg^60+#L#Gf|>Xz~@fu9tDLBFpDChZ%t?)H1A#HKTLWz
zhBs+DKU?5+FbCN>)a-<SicjP=FCgf&7Ca2LV8}y3MY-a^44~<#<@jYQBPyk-yTqHp
z1cd7m$4i@~+D|eBz?HJ`lmo6#8r;;KmiTbJ1i?z&x(4JL)P(7p?~B@#$b<Isff0Ql
z;tlm3z^d0BtuB1eRGIW)FcSxLX1;!$$I<H;>>8BVct<fo=ra#p#DNZPGgb$sQOs0g
zORn!B>o9jSdS;vtOVIQ<o6@O0r=8V>k-m|>OfQyAgP!}a`eq^e@f5uZ+c+3zu{n;A
zF$gBX57*l}dqItN($YV<-+$mQVZ;F0D-KE@sQo6)I8t@M^jtFNg3Kwp19tF?V?zW*
zuc(EmHuXB@Afo#?s$ck+e3ic<`tt2TvB(i~86532cxl268~qD96IDp15KNDbb=)M}
zaO44lxeZ)3E32LcZIvD*$Q;ZNH#+9@1Z`aYnE7#iIyfn_9|mpY>+sQgfy_W`w)*4)
zb-1m&`HDrf_Hm|wn(ZbfW;ccW9zCRWJ9-6eEPj>+mP@nsLZy_`>A?^?8?l)z))WCO
zju|AgA@a>|XDa_9)2?{o-7+8$u9&+zWvZykRVBt|%qQs`>i-dO8TiVoylomO#5Bc$
zHNv2X?npr8+JMyn(P&nLkRkNwJoRLIh>zj%b}&Z?LhEz`=%&NyIyzM2U@1z)j5mmQ
zVnko{19He0z8|!4PJb$8C>0m;Lt!*V_Lbje@Vu?_)a8R-ypsuN#ozKc+e-&kn(K@z
zW*jm))OII2=|Jx6x98xA$m607l`!%MJ?czlh6{GJdTlFyis;Z6sL)+r$L{v*atlqM
zt)fl|LYI5|vax!-s{g2tgNi8E@Njf+Ie4okLP`uez^ErrK~$yY4i9FuRWii8(=OC)
zUzjQ~1MIyH+BbNAv;&RJW}4=7yGl0zPn|6yZTxG@{~W8-ijbt!S|^}jI7^;0T`n*l
zY5}-#9$o{F7ECP0P%lhQ5w>GUTHwxpQ7KUsB@aK&QDG>ed;dmrW%Mx(H1Hh*nabSS
zPdY2J;vy7SrPwXY#fKyh!kly1I+M;Kde0T9hNN5rf9bqpLr32)LswC;F-fm|pJ;-}
zyx3ttZYqt}c4jqpvYJfG)ij=b3?QNbkCZ%U%BW3X#(5omquk81r8z29ik{FvKVq^r
zK07aF-~vys_XHZjLFX&!bO-wKvM<M^=}9=jzcc#CWvNfQ4tIcZNZaKMZLO3xf|c;2
zt8Agx0B*f?nASvo*8@xRW~zQ%x7DnN?V=LK3^dA0399$?+`^?d<Zmo);(f<F0hs`h
zpg;b4v0^)>-u!+W$0Ne`3@Nw|8+Y?ZmJlW}(GPC}vjdGjN5tfV)W_;=DCI^uP*y5+
zIb}}<dq95TeVsldD-+Wmmiq%_O0&fV=m~sXIbTt5LHrF~7Kdt6@`}@b7tstLEf8p=
zMk7Sr?2K1geq+cM#$57YkLZIK6wRX~3&m;Be}t%E6xs2R2GVQ4tbmP%8aW66AWf@i
zxL$2f*XXbAQew`=()Exc(zb3&4qUl5jnff*1k)R2w8kph`eIvs(~dy1uEj;_epl=6
z+`paEt{T^m!iB2faq&XuZhv<_j>mVD>6|5@LvaGqjc7tHa~{s^w|Rkf$nCDaAGVc9
z!8l(QLrMYM%U%Z64aiyGS`|!egdoIzTM|y80XL|cv!xY6@A9*?c34F3!W=qoKEhTO
zIW)8u`Dag23Yan^6qL^6ODdR-Su5_WOtJ*XkIRcmg*~fJ*iE;^PB-b{^mBPSCdUg=
z(7%LvFue4$9lh06%F+9#mwkFjRViCZGv!iLih3#hDg$ibLzzIhy)r$DAGV>RD54K*
zv4ui=Ex5rf|Kk~-dE72~$Q76WT|eX-7D4q^v4ZMmoKm?b%bpW`v2ije1Mi@A+ARn4
zKP|*>)#q_?Ef7Qy<mQ^Xjl(WWZ)>NhGy897n2WdTirw_fWFvL=)3^<oyQ<+ETWB^x
zra+u8p3&_qx<0R9g}ELUKlvU$J?+KnAu{(d?IGeT^4Y!fXvOW}#*~-N+UEQAvPBfV
zp*PEvJEje5whICrrSe1(bHO33iNOOXuET`sR2uGweMdxpUctEbtT`Bt@I`5^rdx-k
z;ub&5jkPV@Y{061TiUIecI#A;^VjCvPXi-*2&}W7Kj&@8z=7qoTWzdM|9L$`s-!WQ
zn=|Pn*~qkOD<is&L^umd`SqRU#soT;>4#9bh6Iu5^kuX*Nfia|TmM;aXr}_;c6Z^{
zv*i*IrS}vo-~;<nB#i54;$OA#*sluMi<%>Y{C6G)J|*^cK^kp%@5@t?y0R%n?W6rD
zbm$vYZHvim`uKJSfaZ}mMf7OQdTEp)Q^a;e!^>O)Kwr!q4^XWmEXl&N89?WndH@vW
zg%!7Y<!-7XX!M1Bdpa*66M5Im7sb71@RmJ&h;H-<{1VShys?(ZPMpdd@-vh}k)ALM
zxK-ywWnIqPxrh$FZ>LK*uN<_p1_roe27zXqeM@>V_EzaBnvK{(ceN67b5<dWabW3;
zjz#&CNm54`(EoUP@|&$QRN2U$q2{4s0lObQi^UC~y$fym${4-g4+U&(G=*5CA)yV7
z4CUmx*~q>pPDWGFG9Q;pTlfr&>x=r<<d8F*S5}N4HNP^V4T<iO)bE!#$BSYlLrzDe
zz79c1WwlN^8D{GutKSy~^KRr}cVySx#8=Ai^cm{w_f09g0>B{54ud>FSu3w(q9>!G
za>pIoXy*Xl6#Hg7Bh0=xz5VG(PNPiy@<?7V^B>Ymb^;9ib1@&u3cQ$r{qEdKal<3w
zAeGl$wVNIde2*mrWqCD{!o@Frkj`yQtkr1IP1%$2zyYrEC_LSLxVb*QmrlmJ5<qRx
zJ(Ed1r_mq8f)jnD^$~pq`WC)gi(XhoE>gPnP{~0bG&FL~szW8%Y&;Wk&YS%NtNW99
zNN=?cwG9o<Jp!c+-}%wMrS_BRdC+nx+uOq&2|W)8E}x##mAlhz{qIrkQPeJg@PK1l
zO`*JIC4Ib0cw8aY9^r;G@Xxoz9RwQ7pC;9F#H&23-kqqCy^o*KBU<6?ajw`XQddNe
z{aahU-Mb4&5k33yRs#l#6y@>CL}i?Q9cLM<chfhlU>Pi)dN>?6h>}pMUYULXJ)qYS
z{Tjo*93<BT1ATYC$ADY<Cv;T_<_{95vPxQ{LH<Ew4G-Il;|nA>2_emqk#p)>i*syK
zpy1t8^+w7#x%FX3bkLbZEXDd(2$l+a(+l2g010W3${1?Pqk1pMn5Bqrx!jp-204=4
zjc*w9#p~(pjzlanjO)<r(#@?nM_*lQ=ix4Sg3$C-uhKbLhQ16=?Z3Yqo!8LQ<L=}y
z?lM(3eHh&`qm|sf_~EEXV0;nwE1d~_bVfflmLn9~nQ0Jh1$<yN9>wyc*Su}dvXRE8
zDro~!<htc9@6lwWfJ$SJRp1n#44g~#C($Zf*X;@S*<69pbYpI`JUI<gSVXTJN65#R
z4x9t`ryu$a?jDDPT4^FT>qY+(SH9Nlrk9xNB%eVPne$4!>ECYDr)ECVoM71^nrCUw
zcj{EzOpmuPf`7q7K@fuAY<R>K;FNFucE~9Y!3CWUT?bEU3_Csj^*X2)qDmQq<9kP3
zb!S|sGoOlDWWNEAYc(qA61ldK!NtQT=_L^Slfd48Y}RFtjX?*Zq8;T+LHO1+9>+t(
z7~DoJqL$mH4IZ>!>F*rZQ3`{Z=;}eNI0+ekeWqM1gt8Z$>92tbnJM?A&3B(i7LvL;
zW^)X^kW2MT6srUSO?$(;eb7A1u72szMZ#Q^K_to`zSD-!wt>8J_-qdke&AP*x^lnw
z|Aq?R3Jl|jtN$2JTS0-KQLh%HM)%>B=9H~IX*b<#Uq!3UNm;Lqe8!4LREBaC^Mfp|
z1y3|rEz{Z!aB*CC&|?;|v%Omm!o+cbcR;Jy2E0Rt+;l(fU^hMLjo3zvQJ}CqjVft}
z+%=*zlWM>8rr#2b3&sba1>*{<?8ed89^-f_H<j8xurCR};`G23CsGE$;)h4H36ucC
z`HxfD_`sP~nN!xK<5EG}g>p8CML;p&?gIWdy+K3AVGg<A?j0Ru9otm51t+}0wshfP
zpf3YfPN{mO(*%X@Q^;1My7pRCAr-Y^A)7HTv^R@?I%W|9M(^o5l=<KkP<W@4)%q9<
zF$U0iZ{Le;#1eYJyHQyMi{@x++Sl%;?GXOXzf}-=jEfd&Jw^%SkqN5_U}9qF3tc3-
zvHNr6N5^E1AcMK{utgl2Ocz@P#U7O&b$TL1_|3zh?_utb-9dEerxD+=s-}s?+)2{(
zg*z~Lg6G#Tz}(w|3PS=9vW`O;0Wd&mRt&o=#$r#~Ec`|R#d?3IadPS5)hga$zx$!9
zN@fahAw!g!FM=N0E?`8)%&F=vx^qB=NHeG?j<D#zY3)-lS5uMj4jr|A0ICIkq012~
zXjOQsJ!q<B#wm|q<|4}cH}zXt4Ch@Fs!u}xDR47m@>tQ^fco<$N1GG$-=G|eE*knB
zcp0icCKkr!XbfKv2W2wH;PKxOS(<eVEQ7K1>#0Dy+JqYJQ99p0dX<p2Krqo~s5_-)
z)ATg=PW4&h@BX=JQrvcE^|C;3lWxLPpy_gJs$Oc+E1?Q`P93!D&!WKQcZWmfF3n-2
z{Vt-H#_{jTyXjMx7>+keckf3N6gLNmbWv_87#*|@LEQ8Vl_3hLdgu7e4+EUk4^W@W
zz{X^mmLY((dp$^M;|^oOGWpFwW{0pq`ybROr$r`-Qb0l4aGBV_cYRV|d+dKw4sK%N
z9PQ3!%pC(e?y$!^>khr2DfA5Ne^UFzliFX)V*?cP&=&ekMRZBp04kHBpf^DS#u^68
z93^$tAs8i9uQQEN$+Xj<cPLE|k$co}aa`8pMnaI547EoSwkt`!I@3o$_ii{fV4rzs
z$q%84=rKZZ9)R;v=_UWpb=DJeZ1$liy)NcvXV(*)Y$K3=K`Q<2kfA*UyQo=8kGIto
zkT#zCDy~B`+tWN^7Sm6eTxFcGqUxpBFY1u3vP>#|7OMYRjSHFnE-E2R*p}VIY0##+
zxOqr+qwWC~Z2@^+Mj~W3vVRo=R}gS)eGaVTkZBpg@yjM^0S!l9E7RRQ7KBbifAp_P
z>{UH-m3MAvqdfx10H&ZL*ar@Z6rxn0W<8#&8e2rocnEJ#;c-MumWJq}2^-T#E)Atp
z7}4o_q{?H@@$e!R`ojRTBy@q>S~C4ew6Gif^mEAdn#`sZ{qhps{52pZGQ;8%cj`8C
zwQ(#Yaym3;;v<s)5TF9~i_8M50jWizM*65>w4shB>?`LW#-FO8>xdp7l!`QzsZ^yJ
zYE}-*NfiL0mFgid!sWmFgQ>*E!ZxPJxwnW~*VgSxYmrXeP0vI%T&$2@PzM6frN1ug
zfn9=O0ywW`!tAHcTS7p1O1N(TtxO4|t03?N4+MC#iN#RmCVJ!I@N8y#fNm=yNHV~+
zm!s!-rcvKnDe-`mMhg=T$BM0SOuLN(5TEsC?17@e_U}#oPfK^G3)1{N2@0)gbJ91J
zjTY@mMf&WgoJuZ=)7R|VG5Q*!d||g~_t*ETIea%>u6fA%ciLrI00N#z%DyXE^r}Ov
zQ_@3;Axzy62H_4WgxPP1caXkfD<OK#(}~Jcbjor?l+gvnPLo1X+C6d|+(eH#V3A^X
zvB{%HgK_8swW^aZGa`<!&rZwp1QSg!DTkJbB<t{XI;@lR3x6HaReu#)X?dY4VK-(`
z{m0DJZL>_s+6G6aghJ&dLf&P0vyqXrFxCpz`E4(?^9|-d+Q5I7^wz@{k$3@mH<Y(f
zx9SIs?@I?fqNNXC1d)Hbyu2ikgw)rhYXjixjf_|-=y#?dxz)zlI5mXp*k^J{WX25I
zG|*h44)lJ^DOG0(yuAN|jn~{Ke0W6v4sJPSm#%s*v+8t*9XuUfgc-dPO?nZAFq)J>
zH@+(4TWe3-$G;U-0*psi6(X;vshiVHEe)${<rXK|x3UHXFY`K|Y_roT=df62P3sBa
z4eO3YX=GUigP-(P1LW40$&bvc!mL5eokDxGh}oErwx4$7Qw}7~s`O+YCGkZ6-T%A}
z*Rf;oKKTCOInWQAs~tkbN2!YYUY$rI#u$Re(EKtqeG&d)0AbKpXh2ZfU<XFUK~Q{Y
zCTm=;!m@~}e^`tvQ4LZ_Rr-5~`S7ge0v=`!#OI!L>A=Hj>#$Z|SGFhaTXAp*#Kb-V
zhJgGV(SM=I7Dp`C$q};aGhAQx-}dYz36z-iaqauU`&fRMDe3%(J$m-eGBIJVF`hPD
zJW6QZb0rpLH6+@_2v*0+tL*_R$$~5TfrLJN{x)72er)?>Ed-owW=rDSYw?NzsL^J5
zQ^^D(-JDG9PtZFNgo!*i?k_Q#t;!lFbO!X~ghecL0>=z{mYkjrIdZuuS}`Wx6wXEs
zywUnVLMmlaD6{SD=JYKrU3s6-9VpN0`SG|?Er^1OjfMbE>T5IKomq(8U*2QG5j#P(
zw=7IH^zt6Ui02&ytfWQH0bzuR(Ovzcv0@8jQLKHXTaPz9IMCoW#loT<nk%PGiFIy*
zc*?H)!W!>uG-&+OOVf{>LIIt*zNr9%IU^SL)v;wb>A*aaUV1B8Mxv0YKR6rAwLG@U
z^X|GCUG1+ItQhE5Y`8^b(f{MXD8BjHEJOAamz9S~Mq!Lox+Yz5yqXDC5UWC;K|2%E
zuZ4Cmyn_yr2z~r0nS!Psgp#6xCjShaH#`P<Ihet#XWJ>T^mN03Y~q9t^tOmTcR-K(
zLvIE9gyl}U`Jt`@kg*rmn0lbP1GO;)oAz~wv}1M>WYy?8UT?Dsc&R)NOt=~HQ%^uY
zI1lq)`tPoTMdigiENMljrW9flC!qWL@GyG$bg;b-TSD7s>*p8IwpMI_)!U#y{X7+N
z*T6x#yt49;?&{^MBOlSrK6C(aN>2YWfy>hiO_%ln8^;+_kj&}C$sRE6hLv-1^iYD}
z1-uc*QuOfYvEPbc97jhIlO?~xd&UDB5jJ#(V?;%j$KE4ea<80i+_w5G%IshowlKhg
zdlgkJ;P_=CM!NRmi2l#|6EFt<2c!5f=b{BJC{(waDEiUrCmyJ(qIzr&&2}7dnEN~o
zeK_<#rW7@{`9OjwUtz2Qk%jt%lp*QlzBWscUU%IkUDa0OhoAW9u=)_cG~SG9`vh@e
ze*5IwEdiWUkVQppw>G)%SoBdf)3F^E>qiwyCNv~aoeykBA2pDnoOR6TmM@yl!=9Xg
ztz2qCz+3Jmeh#}FtPv}`yYW!82Eu}aX!{a$M=(4fpB}n8NyI=0QNQ1cVU*S}w5D*B
z1v!_oG}8JzgW>39OejwratH>#rVEY2u{1zxRh>PeC!v06mKs7tF^xrCQBM`j?SLRF
zb$a=OOgp@{lK|Vnp{+NX2j>;5ZOd5Xx+hS`TB%a3sVD<jwEWj-FT_R@*hKV$GeXCI
zk#oN}n+n*nryb1&YC5NgzU&!#)VaZaR}UKqy%mH?uMi|&p&vK^2sWb(pQb$O4;(DT
zR;PRROpTxNL(2(7eINRbby`eMjDvq|9c|z=yj8Yl(l^Ly<dcZn_e(r~KWbq-*wgyQ
z$H(4uZy!I79e39US=-l4j>5Im&yG&qvv=^)!a#h`jsJtFzS!7NV9pJA3{(SBtHk3~
z)D;xf^zx^oY_`O=8Pks$i|VyXYI52kK)D>KTn3wKizKmm726rnXrkI6w%IADnVFqz
zwX{JF{)$GUG&0AdPa>)}SB}#Up+i1c1xl_Z13^uFK-q7=N}L1qUZT-Lb4v4LQa?MQ
zS0iEL&MjR54O2FdSdhC(a?0d1btO8^Rj=K|zpsy7hJGd3^eRSpKqzm`>iAb;*hfY-
zS6VGjaM|cHVlCI-E%%bo>lW(b!+O`<>fsYvXti-al8}~DVtO^8e(WpNx~va|L$SFC
zEi_r&(TL6lM+POU$r{~(u4%&w#R$N9V@^4YZi}Em*Q`d&41-B8Na?&P%$AEgsH*$W
zJhQPN{`xSifCO{8CfU;-I9rda$hy&|AOv#gn5u@THmdCT@q%jAdJuq&MrCrUwNL`Y
z_JUK5C<bm}8W=1xAFrUgL>r&E6lOoSNjM1jo~??`1(Z-(alEP)wYLrEw?;<vKd7`?
zBCD>mUh!@`g;ssKGF}jQKdIz;J1osHq0RquJD3`v*kb>Y@NHq>(e)GUqWkefL=`-K
zH{|W);JjzEFaWHSbm%swi)vOnJ(zoi#d)F3+yI-cGEJXABOfS|&GyWUklbQ3%a)fR
zL`5p@YJlm?8;l@NKiV0NKg8kX0@J8SXu#+E>y1m1GK10RJtJjT>~8V@IB*I8lka`Y
zz#r6)>xlhOvLIz3x?@u+?i_?F`9iw-?FZ0$IVI;d!D65zAW@-(9~6LsBQHj=BUq;0
zutFL0#mQ{g!|3=vuT#-+RwO-<&r%|K>HQ30?{NMfQT;FB*sJwgkl+r5Qch1zRY&El
zM(f?K$B%c{W41yg;cqO31T5w7I}!LWX6t!YJJhots{XR6W{BquY;JATCo%0Sr-d|-
zMPRmceQO!Ky=t2V)HuQLsAB%*HljMBpIRk4FN9~Nv^4&Y;)iXRPetFpFY1%UInEFt
z{4j9IfJG>al*}I@T6b@}xJBQySejl|EaY^(2H$|B02uEk47OBXD>Gi?R#6CIEr9KH
zEd(6V2`A$?vf3SZRsOPPL=Kk$fI?U<*$7?tyVRlsd#HTWRG)eXCbr<wAb^rW89+@s
z0R1Ysn-aYXmomPyRhTSR=$vE21ieG3A)~-Gd3$7JYZ3f5DTPEd@d_n5Sz$*J(R**;
zFbM;8gu7`N_fL3f$P)E7_5uX;X*)XYcM<*kawvwBCsAlrH80gE(4b>4M=xCihM2KV
zwb%Hm#o-0^BB0A15p4wiF3bwI3Sq(}L_dBzpN#}{x~kl_Q<mB10r%%X;MWUjV`z&_
zn3<pm<HPJd2l!G;u>j2p^!$r~C+?uucSXlT*fs{CGe*M3h5=9)*b;e}t`T{!L}7Fe
z%`m0<Y;ByYREU^ODIXh3SjdXe19oCj39)*IL|Ok~Ro^4}68OoEa#3$7SEf)AJqJxT
zs@Ere+BqZL_T>0E6ipukR0#qxYFY`y7DmPW1dLASi((pqnzy6ueQyj69r4Dnx#^e{
z`R91N7Gr$hgnYQh_`Ij+<QXtAlRS-!1&rW*hQX--D;U%MoQY=I#%LiT<yOtn6ozuv
zsK0xf(XxB1>x!X$-Z5GCTr(fho1T22WQmZIRtn+;Ngh9YPDY^NVw27i=Byr;4S9a-
zP4<jx3!>85^^IUS)KD^{h@OtHv{t4^94<lGy2`4R5xt_&vE1P#-Kkk`tRtDI%<WIu
z8)Xz**o{gU$8aWomZ&=`o<qk3jJXCIoM;b^0nuJ!iSf$A+4%qb9XeFZ2ow2ZX%z@3
z9H`Hzp#Zc6V#s^GCS&bhcQE)V=S6hJ*$OFlj&E!MyU>sVul?Dlp#^tlraD)E7P0EI
zM<?#iB2U-!T<E|cT0{pVCR;fd&by(RmJ_7?4jn9~4^}4e)zj^I2di=9nb;ju2n%<l
zdzWBs^ID;-%elH6e`CL4+H-2Xj$!JEB*HTNZ6XmjfCq=5BO_a8_+NiFHENT3PL)6*
zA*QXnGrc3K0i!QKB2s#fgn6_Yo>+aG%o7Km)0o=`+-8)?H2PE0U#RjxmMPEVod`8(
zHSVx}R@%YgvmNJ|`m6;<?wF}CPB8($>Fz`0{y2sWfDomAKpKI$8*l?cgyNLFgt5ZA
z%D|)%#FQ}_;gb(l*e%@)D$zXoo5_c2HcYj=vs|U;gWWtnRj)&KV5YLOu3`0VrB=Vv
zWtKG^K-gDgM}K`^v^wvqwCEcjz;HD^Z5SyMib!L0%<YQXDRSpEbez_kwEX9Grg4d$
zm*{>}Tg`;;0wB8WE<h2b8Pc1%y+1FSu2u}?ZJttn`|~0uknsPb3!s+_FhCR5T!(IJ
zZds1^R4|c2tboQd6=6cu4rV!Q?px>KYWRzaGLyhJUZF$RjK8JZ!Lh5A9n|H!fN<pk
zCek^O>Ok}-$N7{KA7B~E;E1ALjfNckLd)38l<3z>dF0DEYGwvM5bjbRa<&Us9*+ep
zI<0<0#{rtrBLmEGu_t6mxi|)Gn*HbubFlVXAsFO&GLgjy{Ws<vfF@VP2=TRO2^*`_
zFvAH=4sw>p=3J{3r*KKwFGh3YSH<y<h^uo>C1H|>EaoUfN?$<>FIpbx1%U0%moPtE
ztV~bAQ+&yQ13;M@YeNOZe3aE{_}I7NVWze-Afo18p=6{5y5*iT41B6>&VB<zdu@rj
zXa7P3>f`mg%Y8X!<^qMuxZb1ty<jwHce-NB09KECC3n*LQ(O}dy`wYj_wwNTU&AmD
zY7IP;@Azda)<pDsGrOz?0gD2%foU8?76Ox4)z7`=fpyTAOy`KYYANAP7w5*x+(rz$
z3Kz`(g%E@pd>9#M@`yzB+t$91Vdk<KL#;m6*G9Cw93)Bj7Pxu!_w56#^Ro!u(VsWN
z!&jaRk(p1K1#GWaliP9~jA>Aup!H@$2IIQEV?x)&GNT;2#+1!E9TUCf^*^Q;>@ANL
zSwdB#MnKi71MsAW-82Y)&Vdw01?!Z`c0?chrk4M7a5EdjM)XJgnKgqHF+}ZWo<;e0
zlY9tJk&}M9Qg3S<0%dByDK>Z9tP6aBH}Xs-=et@NLq4uHBf#JGu0pl415uXzjE0`-
z#G2KGty852_P;E8H~)bT1j)Ku;49(5QZsljtNv80{LX|yiH&OTyp9J=K>Q`jzu-If
z>VUn3HFjehEu#HzpC=2nfHYoFZq&=AbzPp^bi0Z9I%8{AOT;{mmXV0w_um8wWIPL=
zbNg3J*&U~!I`Si_2K;EhEkKchdgP~a$Mf;a%m=7AO=DU9FV&M`*{PTwlh`ZiDc5|i
z4<6`>XF$()w%C|JGgu}O!ye)+7Di_giX1hU>5SE2FhR2l?vZXv&H-7mCJm2I`yK2~
z;_Y(69d@wkrO{`f?OwST)wzQ|q?EPk*ttPbLs0h^O^oP#uoA>-uUjs3boLHF?TQoS
zWo$1SwPi<~egrER>%SfYD#>N&K34Ss7Ce}M19vR)0`V+991rfM!_kl@8@pYTE)pDH
zb=LTQQ3swz(5HM7=yv!o6AeW)2{kW})%bB&>FvJ(Q>{h6#OzAY#}OE{(bkL_>F8~c
zO|649Q>l%Ee}y4Ueff}xJ^~qFVYiGIXNu!UD)C8ueT1HNYvawpn9qUt226qr-Z9rb
zt)+-wa?*i%v{tJ)nOpeM{y3o%17XPydgsFk^0rM7jCguksW4sK#XqAhs7YV?fuW}5
zPH(a+lMX{?xuzjphb~2QBW^hdMyCfb&ML4&w9rBX8{~s|JuKMdTaQ>mh3RPkc<pAH
zZZ}UwFdz3MJ7!sLxc*kxxku-t(s_0ZX5qt~l8txy5){rI+<g`!4iEK{&0dXr!oY>z
z_lD0@yQl9BzuI#5T#bnS0UVi9xj7D4#8eKtBUMAd$s+ove?js#-CCy$*7(IAi3QUN
zV`Y$d%7w9dX^x)1R7oY%6Ch0kRVjF2R4ify)vZcL^j&}}EM@Aw!f0X8Q?Ezn-7Lsp
zavq$AZ)n#_fN<$TxPHw<W&e+=51M(?dfbp_>fRd=jTJXJw*h!T{5>#k)lZ|FRKXQJ
zzo2FrXrf-=x0Nc@DKAuHgdjQ)PQ&I(v(@z2+QI$klrA-W?Ck?#=VK)-6Pjdvxu{{y
z=et16LUBppEZ<XRI~U)a#@K#9G+M8){m@J&aEN5^<m~$%K0Q7p@r&aWTB5Y%S9lzh
zfwv&4CE@L5FPm?7<7>S~E?Y$J{_jo%do}D8ouDYjM)WT9HO5_x^f&~;(l9WDjG)&;
zuwQ?aw|;!~7CJAA=s>i-h}~MyQM&fL>y2U{^%KGIoNPc}tq2*67IJ%qTj*B>FaFBW
z-jD_z&MUln6JQ(`Cr9dcI0_988Kfu3S!JdDN^6{yV7qz-GPPYX-S2tt6JHq7x6*Yv
zdjnPOjs&)ow<b1APY*X-i}c;~#m6b}!ijp-Kx<(s#Oju+&>^`2os(@d1aWrZiI?dJ
zP}@<0!)jJ?;BNDi<Wms3x@L7t;5P~W!v6)a4n(bde$-D=F_EH=s7(b|1;D^H9QH2p
z9q#XQZZSd7>Yb2)F^d9$2>&?CABQq>KW)aFQkNNFnfKB2h-$p@E@Tc{je4~(0rg1C
z08#(75&yAn&n^`7V<Wn7S1P71%8Tb=8psxa=Ch!HI4bU-6*REUdgpVZ!^u?>g+VB4
z9qE@njMlB9B6KVF=`tif+`LaSLE3B0gYD^<$G)_<bGj%p#rQX|e=#%V<ECQEd7iST
zT$hkem5~uu-$m{T*+L~*Y*OJ~NObhLx3E$h4`W%UHl?a3W~b4;il*&@gEHbcKl}EL
z^pWsaPyk<?x;49PA~pVvj(9N3akfz*Y0c4%SA-v>b}zV7?JAxwj1>Mg4;T9znLX>+
zDAj-2bLK=SmmJY^1{Dt)0!CtEs_ttW%1T{7<~PB0mdkinKBCqz#FZx3OLW^mCPF0+
zr$Q3`gj$!X*U3XbHPH%b`Zx@DPKxWgRrIr<#g2-!Xl9hF<!SR|gD~<^j7H+Lh_3u?
zm`la-arxPUzd(<MrSwQ)!1Fg6_|QUVKrrwU2c8J_s(xAW6JXRY^0fZcR)@$M2wA%L
zH!^aL8tP*fCVS)XhGBc7jAI6wOdd|^-<XqqFC0Y~4`BSO!DRXn137*fxGf)i(h@qK
z_38>g#uQL4yG>*=7dQf_pyeBO1j&Llv&7+CGF~$b0*Mgyb@jzd=qIQGg=MOo!e6nI
zKj%S1fTJ|`!j(uZz}Qqw3!F0BKhvC>9;;VVN^j=vvJ^3D&`m$gXdl7StF;hrTZiCB
z@8J2}s{}Fce!apQp}L4KhbK3e082hHq5|Fc#+j9vFgMUm{(uo3F@!F2I0CEjqKe+m
zqJD0<s#?&;+T!3{w<%0iMmBdmks=^vZa{y?dX5~lebB%1PAuBH;KF#ks=VkaIBoVi
zpq-;;lEqPxVlyPxz(d2kcX37Z*NFBwsMh=gwa_tNtc=le!rNjkXZ>R)cg)*${T)E;
zIP>l<TV9<4=5E!B)5)0%F`b}4={&pjY3=u6m`bRa#A#m643UWb27`~m%|Jf`8d4yw
z2s)Mwi!dw@%s=LcW<pv<#4@uBi$@!Sjn{8mHkIKir^_uo+g6d*fRJNwe@g{d?iihh
zQ~V5Ka%$+W*(SsOwHw?{Q!wu`A7|;{5BZFnbI4t=E>#r@QHqpeyZaK`7?FcMBaZ69
z@_6cTu{MWzzBae)IBlp*+&PMj59U+9S^uN)De!=bIQL5MHJej<U1s}H&f6g4GU*a@
z>Xmm*f$IR8GaZKUm#XiD4rwl-F|Z%YwD?jbd1Js|b!Iq!56UvmCf?h1u_L;V85)78
zT^HQw4;h2Gf<7xRhT_u!5M%+A-w+ucv4s1~rpKombSGjqa|%R%zo+qvS=->9F<;EJ
zMLiTvV#5``Sa}Xcs)k$*qQ`%iS<SUpu~KVF1L}{z1E~UtoD_BrVO#*s&9^ViEi2n+
zp`*(<;^>ty?0;H1b!Y)3y5d}2-$}1EIsf{#0o~_UBcdBX>rLv|4vY`>NPdq`9sG6R
z<&5g(SFO&XW2_x0)``TSN;nD2CUtN}V{tq5XI+(MuAI<HsHat$>lo>aXbKR4ujFNe
z3jDya#c15OK$Dn+v84$kOn-}_Bgfi<MpZD6nCGZOyXcu(-+(FL_Up?@`ml=-<S=Rj
zmN-~>Zjza}&Z>s$P3}eG;%1R-+m@(#4n;^p1!?spxRdMP1I0p{L|cc$LXMrsSQUE2
zMu-x(i;WT;e&292q<BxZ16nOr<<L1_PefOqpxb-g=`MEPXX#MU!wr&+#%LdXx9{Zu
zF!q7*8C<yH0X=(3xW+EH5a(C62&FfnfYPFusxq-nkWS@lj#sCNy?Vf#$mtoy&chF&
zu|3beJ#O*jR;4e$ibcVi$P5w8S6T(3B*@`Thmxp*Ntt7H9Qs*Fy|Z7cZA9wFST~(|
zW<8zv5G?)O6An}=_iWyt`h05yjFrt6cCiQ6=(UZaMXNG_(dGOeteJO;B#Dpci(fr}
zMc&*1&h@a+S4X=|eTPQofaEY(lVKhsdVNfzgFy8QU#Iq%P8tJnG1JQ8Dc%R^=YE0m
zxK=c;#M*gU*v;%q@lU4S89nRb&@#A3|2#~b?{p^gYlCx1i}8Oz5xBojnzM`5Ruy7c
z^r{<{QfYQZ)k=Nq(8h7q{6?15^#3?;TofLI!9R$e`@N-<XT}iGdc&D=yhChDH+B{p
z&JLh`qIu6B*ne)(;iJPuBYtW8HED@oe!K*(5=>#Pl{Adc)Mv{Lp0L=Ot<xj!2rDys
z`-*Mn1|=Z8Jj4?fyNI?N27Yc`23m0sEPeOTMW|e(>H$Mr<$fVmhmMErflRzcMG^>)
zP?7h{@KCfU>Gx+Obo^}aVSST-M(Kh5>t&f5%jr{<YH4d_ri?;9eOPOQqZmX#`x!T_
z12hH-SFBWBFO$5Ufs;7rqrz>bHrIl+!bEh~y@8F@c1nkq;HGrd?}(;nrpKxH4b%31
z;t9Lyx{MaM)OZ4=U{K{*+M-;V+{;yRAR15T_{8X`Vzpq@)(gO_L3ih-Kz9?wR$!xV
z+#)*Wl}d=-ur$W%^(p|;ZI^Lj!~)Z0%(psh5xMnxdepeb$V;`QL0q~X(KvcHvyR5&
zoLZ-uMz#lQov*@<+HmgKXJ0^{?#59xHH!gCju<ZuVK#MuPF%5@);<=?TANENuAGnh
zOnp|sG*eU(n+Y3;)Brk!+%O7|USV!QvdeSNropwt1K{FP0m*n_*vbvpLrjC?OKdtW
zl5$riCu`a=8?%;!MEuu*k-}LZYvKk~&+@DIhKK%D#y~3=#;DS){X7Qzq>d35u+Rr%
z2c5C2INlnC>*7R?X?awGHrZIax&tpM;}loR6N9RfMfCiyY2gxC<GxO#$$5}=xX6;#
zFM0WUwXcB)%Gg}1+@!w;m&3=A)MxaOd;EBXDqU#zh(&UUIuZQ=JlWYwsWm0g@o8Wb
zi|Q}XW2Rl89a&nT^_v41`^1~T7ZRX^4muJl(N5GrPxfI0iLqU?hC?L9bUY@^Ev_hG
zKQ1AHjM6NZF#Qk}!U5g|EJ7_&y8GQ%<R)(zhjf(i4o+OTn;wc;gV32wcQxs@A2h{8
z;*+{}WR3NptXZy%0`HvNjDLmDrzXmSF`%<9^}?BYrOA4%TjgI#y;T;~{c|{MJ<LoX
zNi-D44mAC)tOZDax?`wPnu3rni}tf-`1BaYiZ4YyhXp9*gm;&n0{NZC@ul7qS1m@*
z^rpyOwyex?|FXddXD{3S<~uuacYpKUAhYIS^dtJklL0hv1F>>LYN*YEYqZjB&qsA!
z<wt%1I}hk=Z4uqoJT(bXs1(?!fbyp%5a!mzOb@?=RcxB|>drD<g-IM-s?w_&&@&vT
zzJCx$8LTP9+by(pLekgWefcuJ`U9qMBCbIS$}HQ4(>0}in65@~CCZ6OEHVV2$Mptv
zFY2{%jf)RiVHOw`jCu?h89Hw!k=E@%vR~wWPd9R^`vKd^P5z9$P8f0lFWF4CFiD8&
zEL9w|b*Vz;hsgTRV}F-evkj#QfQLus*d>OIuQq*`&Dhh6_INLuG;Bn45cni&R%y9e
zDWU&HB~zK{GLmD^(9Z!KH=^DDC0b;R{4iOiL<c^NK)IYKqB*A^`MUB*1x#_+L3csv
zLupYITZ~`Ch*6iXOwG_E`j4r_Y{AyW#z@*zSkQ77AX<S{;y@g2GGu<P{Av`xF}Wge
z5Q9zW&J?bxfr&f8zEuAVK^3$D&M7imGQD%n`GN-%u;GUvrWiZWF>8%a(N)mXWdS*Q
z-45-aHD;1lIhQ`s)3$?P$_k<4vs2-6?N~DYmWs{5xfF<?wo+1Jr!x(VJ-_#xnLHpZ
zAo68#P3N@sL_`nyga!0h?WUsud#g60)Gwflk%ILMbLXPHO>p%`nnw0#qVWiDdI>ui
zWz<R2L}2y#H}N17wLpgbEWg6~U%XQJP%b6_f@DqvkjV~<&bs_)zno`_PS%~=hUo-)
z5N&#7*6GUfB0qK7NyadGyo>BNNaX%Y;59-tar~=|5HOna3u)*xvsGSyis_Vd-kFJ3
z<P|JLbUTVI9Pfn07flw>{5wSIGV1IDAfOxFMK{{YJ%&j?NXOnEg@{I@=xN;NOnr}N
zLmK-l^HHo<2~s90>~G#?8h>Edv|zHoxFBT6;*M3p(N;j_>fQ9GgaC_P6X9Vo86&e#
zAfm^D&j{*{XKw~h+S2Jm--s=wIw*sd#lRzzIZE?v1AH|44wOz(8Zf!hFEVD?q&vYr
zQcW1HvrObZFarL;z&W~YF{tH@GL@&HPb$-;xmAp=oic45VmUGcmDH#q>oQ+>s>>>n
z4^|EUamqjwS?FI0s|PXG3Ti&8Y!Bj?!kh=XZnb>r(DS}hSoqK_*2$l^8xI)n3d*$=
znXATUPZmZ620DdeI<HV!)WBjyY%|cjMI#bF_C!DiE!zjO)+~0(Cop7K_3{_$AXG||
z9$ky_HgoQ_&&`ynxtyEfsyHh2uFL&ij@*lvcH5;tzx@KR4#r8xJuZVZXFDTd+}T`v
z#@GgbV`JdiR)nW%mt7lr9r8u=CyYwMfoh<?urSVq8#K2y^~fk_;MaCE2abr<IZe!o
zK!Z{h4YWJUw&1z~jDYEx<~X%BA85Q3COG^bCIydIvB?XVJ|olCyWS?4LeIWmxMt=$
zyjV;9GAQ7thDXM{`-?oV$3yDu-G*Y!B7}~ffB=NMWee=5sj~J!;vXu|p=Oc;QZb<g
z(hX=CmSxcnKQ$i#1^4NufzI}3_hfC61I-}#XEM1G{qT1TZMkbHVWh@zx|&YfXavjm
zKm_=VZ?c=kTnbPtK)mDWf>pH`{-Z~J0}AO-DHfOx{IEslD4evL?)-|&c2Ik_%cvIh
zqCo?v`6gyuX?PdptNAMU_)gI?_DCm^FqC>$|6B$p1<qLuPBCu%N!4fn{@YFDjpKpi
z**W^Y^L{3`@QyyrD{^3V!)E{*pYwOwzy?Nl^Wy=0>H%QP;V>g3Z-FMMV>!S**ufaO
z15>jD{~_ulg@z^_sAz+O4SA<(!wHJ{5xxB`R9f(MAWji|^#7pEU!HYOY`2UCw1|Tl
zFkl5QT3cTNDf;mpbkql->yKgz2Ec$ir2P)AkXHy4P@oeMKZlH;%~-~6V_R?5a`zHF
zH=2c6d^4;ZT?X7@FTpHkq3jDN$|w3lC#16L_+?B}6lqwG1uTCQofZCjMF0F&6X~tf
zGqN-c$QYjTew(dS@GZXw!MI+7k>ly&ARc*JbKu<<(Q=+7!lTl*w>Q;F<z4hXWOH(3
z^D{}g<Z{-lr2&BolNy?o6$)RSAw)T#sqVao%QjK~W|?9>M)s|m_vo=}+S6yhUZ)~!
zU>%C0ubs#{x<h{EI~Qg(f<CB-et49h;5doa=_aMhwYXvHgX7bfLA9j;69&U0l|x%a
zQKiFVsfvHkDip~3;3(`5fjQO)XIOu<J$7lg*u;0I{oXA!W?j`LT$PepEME?SWQPk&
z|AzG6D&x@0cP2NT``)+!+jRj3dYeG81@HnDgin_wM*FCbO``(%NPk3CRG#^c%`+bK
zNe*-)W|#M}<oCqKELB1J`qP#&*#o_ddHKf&p*Io*A#flVoB#bm=<MKTaOO>OMDo5r
zhFoJgFDcWgBKj~=Mg&Zpr_o)Aq7)}Q8@#0rH>Jq|7{EZh_Ig1L^19m~*&R5n0P_I&
zqcU0Da8B)|;G_`Q1;)at5B%=qO9|M?w%R1C`b+pt)$Pbvw7L(Ht2!cb?GeQ%`yE@>
zBkPx#8d?F;0a~Ao{wX2iqF)@sHxBNwFx8HT9*AwGi;()Ff-;}C-OUbBn?pfLO=K8<
z-*CLC&reK^%KHQToMrJpExjLWA@oJ)@rZ8K>Gc+9;Ej#JZe?9uSS|-WBmT?&TP9L-
z<|QhfS_il$qLZPpFoom_<3;j1+%)ptrDSmsIuP{u`osj=O6SRSPX*r(^qccXxkavh
zY^sm)jPr=DhjCQlc!R!ia8J0N-psCkR=B_Y+aF4+WMKC6cW|-R|MG#ijY;ye9zM?I
zb_f!2555cv<dJhY^e+a&#RLf;0!$3i@y0!iETa7SZw?5zQ-*Ceor1DEySbh&;Aup=
z5-vf-ZrU)i+|tMhqz5N44pDyI)~+$YZ}u>si!L1T{Usa6`lwi-bEhu4IC8S(ebUnR
zKdC+Vq+lU$1o-Eu!^gJN@gA}Gq7<@XZ?>_vr8Zs`%H5WBYo^^gRdHX_iY8gX;>XYd
zEHq)z4r>PRoT!Y9s5VN#1uRE}tia@IX-Q>jz<|3uCs7E?uyD>paBi<BQUj3S)FER0
zky>SAJ$}sVd<AZG9^NybY~qC7%9;EQ3L7(x`p!y8nQe6bj<K6{;~>k_vYTPxVA%Pn
z^hmg~y~}Y7GuVp2?6)DTq_5qKK}`*iVHqBxU;QsPqM|gyeGe+KW6w5TEf;HT;9voS
z714Y2;5E4+&m2pEG~)o^)c~>*g5$w4;a6e8^@B1zzDj&po!j51Lx~I{df25za!)k!
zOq5a)6Xq9?{~YrL6-lHCt5Gcrup~4Q`VTaxOX3oiPwZ}r=;{NO#!8;~(Z%UJd@eWO
z^Q>Vd%0oK_(x7q}4S4R!Z4%KFerq+Jn1yPJUbS%^sjewZ+xA>5O7;Ob3M1`ZNii;j
znfQFq3E-c3YZ|Fk#jITl(B9KY0}yZ~uX}}(<B;H5ATEI1)7;aX%|zb-DS^=zG@pQf
zy$~hAIqY=dMCpQIKK|2MY3(!(zH`)=p#myL?>F*iz3Y?zjix&=VR^W?eyFPP&d~p|
zF=JO2QZI@UqTViY)huGgVW(L^KJo4Xs@EbXPuN`Ly6z8Rs5CwB%uss4xr+Q}@{R6%
z(5yQ?KN}f}gN%D*!!LaTIHT+;)-8)!@_m4eUk^UPQS#T@HQ2TP^9pA8HMpGvjQc+2
zem3w4>s-0a-o9DU>A&m-=mXsz@kZ+HdI5IUE2W6uiE23TNmy)kth;62dUnp8mxfMW
zefFMebA1ddJi4BmQQSdgd}IW;f$>!Fn3!}C*yNZSlqa|s6@URWXV7gVv3D3?*>h@-
zv|5<t$BoLzaM*6&<L{=39?y*;kmxLM?P#yi=%gciu{RqtlA3`d@z|6lK01ud<Cn%1
z8wu3{!<=6uB>d|q-{_4q=9mIwRR$N;^?dqp=}SR)r@l;=cCwKE+>jgtuSWE`|FWPq
zm+O9VrXeUYOK<`KCLgzz>gu>iv8_Ivact-pPvTQ!Td3yAs{cMTf`V#Qo=_#d7G3VJ
zT(vqCvRKGjiBnpz$JL^j|45G*Nei7KIt4Ykq*gg6NE%9DvU+a0Qn0_~aVYY^5>^6B
z@Q#-v2Gb)C;%RUlV_U?a5#0qr1!1o?%0l-71_7Nkr2>}QqS0qCmO}*+{YeJu7$TY7
zr|lJcfU=oLhDF5u9%yPmlV>l0xf{@SgR^N!f)Pz7M42v<06H~Vf#&cM@Ew)f5`A)+
z?lc`o2V()h1aPNZsrDj@Pr)b%7x<w<r?ilr9$)QF{nP<3M1P+^|E^7m-NrpLSUzgW
zQZl}k9sr3#$%~nGdO{~toVjd1#53@zN5+*NX+Pcc<EB33tash?E=0Sn`gDa!2B1s}
zHRP$bSI`s+l>cVHX5XE6liAEz!Wk2QhK{;jWy_qG($B63(>hL@187g3yhM+QX)WoR
z7q`GWF35a<APnPS2~T_H0Vr?tQ#p6lN_qpz+bLqB?DS*9GI5RV?baJ0C9MMs@u7<_
z>!^iR8??gF_nyPu$~?!DzQ5DqmD`lSFt%Z%bZ;Q~I$@P!zOVkWY=b#8R_k6h6x5!t
z?1eC%<0<FCHa`Nr_85|@7Mhn<s92C?#t^FdbVPr(9t0~jg^u2ih8jy#=$4M^dB71}
zV%v(l=UZsnxyntfvRzW=Y&_jEeKuPZ9iB*sSfh3XRepxji)se9xOB$SFt^t?>Xhr;
zp&IVV%(6NWH9+u7otZ_S$3U`D*@yyT3}B(ru0h*iQqO*C(xYEvd#na~RuR4SH;mXr
z<r^Xqlk}$_EY<iuhrI>G*U9Ngn4E?#{3gafRBA=wk<Bvq=I~U(9c8ca-4+G#E*|IQ
zL{c%mu8X8kZrK<P>H%QcI*54S1!VCZhU5%H!+B6%y~gt4c>B9_=Aq7D4#4$Ko}C_X
z_VfkWdj*%e>K{TC8t?q5bci3%Q0CL5<sfOli|ALTV7FpT+6(k<Q^mOzYotp>#->Je
z0osiXJjL_kj;>b5P@ch^aZ^&I*4~B2(;aw#@-rrIRwvf1E^M7*KuVUbN8>wMp5!@`
zjC1$+MqCKwPtc`~;GMzQ8GI*-mM}B?m5B(!6eU%}pQP_|4xotgrud~kEb&3g|MYuX
z+WHBgrw`@HAiYXlQ7W_=GDtDs@6unXiXr~($Gm%sXsW}IOpAJc-lne6ZDsm=ZbISz
z(;=ZZ@h;b4Vga6ILe^RJDm3zaw8sX15xwn|$kQRCk8a0uF~+S^Gs@2HTU|$1OndyY
zi+VCL>P365{}WmBp^sztxRXBm?VyP0E@Nh<wjN6@>iODiEKcM|iqyDG53apCB}oze
zC)Un0lFrU^oO7)BCHsZN@Ei4NVFD9D5XGwh+Q{QU_5zVL=MH*~A@W1ReQVXxSc4`3
z9Wj(;GG?8-3XATuaDSgWkH4GpqM(q2EOCB34@57|eGj+GpoO<xEsw2Oxi+WRHKGqf
zGS58^Jp}^N{k=6-vX@Y{_jks-G_6px3JAe-Zj=U`l9E-4hk45vbK9~C(z*?x$6S)H
zs}VwR+c}Hy_cu(O-Xu*ekRRlpmL@&KiYcVjDx7_*ox11SBYMy)7c-}A94454b(I|$
zr#g|nkW>TJvuH3_F9Q`+JIxmprC9w9w$a4k8%)m8)SR<L99F;3mMXK=sIcV@wJ@2p
z`#JYRDJCoJqhqt)WITH2J1e2gn(NHmlry6H{clDqm)tOh_rSuyL?dA1vCSw9MfB5C
zz?<9IDm2zrR;|=wLL#x@1GX{|*g+>sSNmK$q!%J9jT?F;4G-wCKV7UP47q~VfD9H>
zVNj&lkxGS;^T}AuyvEbf&E9~J-VeQFE;0hKjesQ$z(^l~wqDw35FPcZFmjU&s{+&)
z#*p2DAFSRFjb*UwV%uXL-WvjL;Pdq+ph`dRSAvbm6(b=K;MC`4x{J_N)iCOs)$}O@
zHnB7^{ceL#h8gHVrQgsTa1PgHIOf5zetQMHal^rjl)#+azTYNH&jhB7aKvajgn+UP
zXfdg=(dAUGYc=;kf|8qJD=z$qA7APv%*IVwLJw>;!wk!Qp#fO8%+|`K&Y6zfZAOOF
z^@7az1TFqOK)`BoR*9loyEz3877}%yD^@M<EJOF!Y#KAWq|;?~`djL@jHvvEutt!*
zn1inRPztSE8dh8aV^|>rsbuA3*tQ9;1xnT^`njMK>fqo*rYzQ#s`h4x*0_>1^sYC7
zxQrohpfTrWl9t~98V4lLScvchKj!K^YQw=(VtUVfH7nDIAV%-U1Ch?4ha;jlf=VL0
zi%}{Dm#W1%l!T~=o<FQrd3vTb7Z)|G!+1$Bw%9>b=M5C}w&PeA>e3^9)8mFKj$z)j
z8SCDVPSK(N4wM<s+3BL_ktDr0%XKT_@dq$c8y<Nuak_{$V+!;Y<wm_+T6d9)C(hKX
z)rrz6%T@w^daOSwy5FL~ZOESjhLsaSWQJ~e87b??v>P!D^v~Xl>yYc%^Z*NNuRUei
zTHNdN<Dqr*6UZn|qx<2CLVXunlIVNq6BP;#0NXh5A{KENZVe~iO<i)9I?lTK(#MGq
zV(&nY&@Jc@;vPD>@e<Yo12+@atb=&Pd(e8H<cAGhP}J798@3#S07*3o)Bp9)fkiV!
zyrTynl!=msc{5vS!1@dbXrF};MYNnnrcI_0KqW1VTFl$~#3GDWi|8+R>6+W1!UPfB
z+h!>4R*R2LkEzLHpdf5+k1IwJbai`hKKKJQJd8qwAZl@kmac@98lq-q620@J19jDP
z2#mQ$7*RX$MX^`4yqlBLPvGHl(6Ip#1kyc}CHR3CcGj!VY(vR`ljcLbQL))EXG90S
z{{RBVzr<x~wvSCJL6O8=ym{^mx)@^E%!61+TNu$%D6f>1_2QU^r(!AzGPM~pk_eN*
zd(y8RmM_a{ed6(`(kn1bH`vfw03=yn!Gpq3u|%@PPjeWGj<$mTWUw&ZN1A;{okL9R
zSpo<1z3yzv_yni35<zB!LYC=Xra#&ClYv;Hoo;X7C!C#gxrrqtZs2vMd6ZLWw(dXd
zfjv(|w}I*zj&kU}rWd~t;h>%@Ec524K^d#epv|*BLDRt1{KiIFb9+2yM$E{wZ&*ar
zJ0JsIsJEufD35M-G<G%9$r5-Ura1l_SdT)96(SQ(3)#VglPsUO<~j;J<kp7SVq;=+
z9qp0c*&F<EMD$i@@KnpSbzQU5$4vkgXSxo|08~}!eNa?^VRu?@n)Ke|G((tIRs)4}
z=ZPNq-{3SF_B{+auGVz+?x`*0cPp_ojA_nLq1)@?sw^)2e}H?<eTrzj;9fQ!&P?Bd
z9Y&EEvPQbkyxV>b<ANoqPKR`;{D*d1d_*a@#D^jLYGz_3&c!gUM{hLKFPb%$+;Q{j
zqC1NV<X5nTE%;Z^FM|wh`LU=JEfY<n8jrPF#&nlPZP^j0AHg~R`me{tS{|WuO9=4j
z7sOR5?*yjxCvY#z1K&h38<eXRa8fZh7t(SO9rqbGd&k8I2}<fZ9Ca@GOWkWL?kz9~
zr@h_@cQ}^g&~Ye!Fj${20BqK<o_t+r)rR(4%&U{_4cQKMXk6rZU}`q<%f4(cF6iU+
z!Zf}K12@htx4@EW73n`!SH1Y;Y6Bz2Vf%SZA95Qid|#=dnQhsF;*)bk-2$Y&#DUuz
z{ZC7;lw?&9^E3qEon+5QUbWlJOZ@BiS2VW3T%*$z*regjT-!aj8WEj^X@eYc@WpX$
zpZ}%BQ(+}i4zQDH>I?>RWV}=cL?IshG0FxkqOW8bNL!6JM5}I|BhA4mf<V)2U&*r7
zh)i&wr$f&G+1?qoowNdZ`g%tKgx+q(BA7_fT#_bEY(gXX?-AWdSyQM9O@zv#Q0N)?
z!9z#74kC-&$}<hR0uBMy{APQ)OoyJK;5B&w{lz18s|R-Zdmn{EfbBrm3x*+&Df9C9
zzL+90w4`o)WCZ;!ry-bX#vhtC^}s+wG=ZK($XU}r!b?davSVlOg^wXLjNmChAl&@k
z1FjaYKu`tD3?m2e<N8JqBXiixzwK>HR7)P{v<T+e5zCOAj;>gqdIlh&pK9=MuLYzc
z{q)kwP!M}<Lp}xnabd(eHP|R|UZn1iZ_OFLsalFgMnFYFp6J@eIMp-&oH;-mYaFyg
zJYAG0$~xin9SkGqtA0v(PBI}nMSDi?=`BbW^gnloWF6x#=9sP{@=ywF=+ZtQkKYgH
zu#=X8=P=o*&lZXh7H&a}bHK_+mVLOYh|zFplPj1JimWW+t>Un;sr0S=+Nu-Ytk_L&
z!gU7dA$w_XwIGi9L^mQ%v}0x6`UR*Y%{J7e9%J4aH2v#us|u4m5dJh<2Yo3JE;UDw
zQ^=;oVW*y~z8t3ybXjlZ(sKZ6W%SX|z5Yb3UBWaD`eRS?2ILYI?F0T!4R$jbWB2ZY
z^5x06MQv5}-k6#{EJ=Ji9TrT<waB0@6C&K5ZPztOPPv9=a!#PL17)QDnm!z8L5$w}
z4|Ra#mAmPqzY2|@Jv=cR4?n3fI@onmhFSrd(FA6?p^>bOBGqZ_i8I^924b%-S3t9v
zDUYk+$GjQoe+`6F9A^xT=NB@H^9>vmW(Ar?8G7Ekm&P?geHvA?Qfa}JZ?3dj46>Ih
z#acw~_%3GIKwGX{K&&`J*Duk9E0<Xi`@8_M_Rsp@p<qNWfHqiPHh5#bfqB(gcJ0Lp
z0Z(<Pm6p-Dve_JWAC$M%YxkZQ06y@2=ykNIE@oRdjM|uNvTkwm=E_(DJ&ReZ^@^vc
z<LFuLz~^;d?`QONIX;Y-bybgjfQsxiM@suhr(tz@EHJBCQ^J^9cHA-@Y)Gw~so=Fz
z@|OrrvSO=<KGE0x2*urYxbitdP5Es6uT-+K?(a>1rH`7r+F%cQ5flgA@}TD@e1m;-
z{HGnOg>l9YJVRfE6A^Q~ybXiQp%Qq^i)CQ3xfl`D#e!;KUAd%kZRg0ydBuiit6kG!
zaCK}4d2<;<$T7_MJegO|M^8lrBl-^1gm964R81@$Iii31ZD^eJErsJG=IN0ldd8y`
zQGEvW5O3TV!kLI({SDoy&~Ym#w330$xl+lg#>uv6I+34xAW?GX_kSFo*QpCl$Dp>t
zdIt!CQid<K;+&Wn80XYmx~XH;%J?s7*)rl;+xu_pN|=@h(FR0HnBAs!fyorMi=1Ob
zfAblooa>$y7ST1%mf?5H31fdLf6@S=$5>V8jNdC{d-DNI8ewTvjAKR`l8hXkGrGqV
zQ#)KbYVKUX<U80quiZKNSW2)m6PJlB`EVvezP0<PACDXI#cxTet2qlYxMS)vBb)UA
z2teeI=nr=;)ss1fGq!c?heo!5M`xNG%=5&9$5r&PcgNy5?Xh+3RVyRf2qhp+BW1H%
z{e+Q`v+DI75LIA(LUeM&{=-O58f?mzcm!+k<Gvw@J%0^CFB71H6qtrjC#7{AWj;Rt
z0ta8f%vPq~zf{9cvERyotx~<atbOVmGS!i;`HMx=XmSxBC0wjZu~jJ5Tl6)60tx)f
z+2PhYYp0|CF^tITP_r@&ac#X~6-{MdVJ{|t04O6Xnz{5ow$9Ba&%c}~;$lD~WisVz
zESKhWUvQmmdy|jt7NK&#Ey|G*Z9;Q}^thl_X*OSWU1?B`fA;$K#QMp;Ah*!vaQ<x!
znEg(b5ALzfivI$QBawh*HV@L)mxodtvZS_5qUJj2#SDXzj9*9eHH5@z9bp-<u@{cQ
zDf}6%SnIRtz1gBYXrQZdpQl#t*<24W?ZFL3pyx682hri*0|SXGn3C!jE43!Q>fQ+6
z1vXfNYUhQ|vqvn|#w@RJlRr+R=S&nfB8-Je*mpk9oJgaaV;Ho%W71J=`en((y!Nqx
z*q-LVm|nV?r4E~wU4`aMakfUc1DWA?lP<Qc-D`CP%6ldQ?-EU7Ukwub{q85?{o}JG
z+OUo=6uLQuJd`H}l<Lz=jA_y>svD?TpU$rv=$8O;nabIdkq`5JtxoZ+Hz-_to<=!%
z7*~QktXnzgqe)_%(owaA*`BU{pgcdKFPT!`00QDesrWq`UB$kcmD_jBv=MPTB2gPu
zrp9a072(YcrI*YI%>>wxCwQ#FFB=m)3f`D9*k-9ZqXx%NgysS&K_c}U1<)Hc3S<jo
zh>CEO$_V^7$bX%||FH?cf>IJ{u;^B%GKFkLQ#g=TJQNj}9|e9=Wx8aoa9T>@Tr}gd
z=`tev3&3BBXqg%?7c+kxE%#n(WLcr3K2bLVY0!=Wb))~xc7%>M*eex+(en;B7!P%$
zqfxNZGz7KivJ&H<{Il}?=`1Q&nVf1B`l+ff4E4$Of6~okj()$}fQ5w13V3k{&w+PD
zccfLgoe00%5zF#cSErAk5|W4xj1*%euVgB(*a#sFl7rs#%;G8wQr^VTRXr?i)I5B1
zs9lM82T87!t-&L#vpLx-Wcwr9@OdIQcKR^Sdq7hMc<F#0Rdbsdbgvm+<mBY9!lg7O
zE7{)Ry$iPLd0U_y+^$JYR;I8N#$g@}e9)R28QBVW6O}6+);p}J3AW<ssKLfg^4}vm
z^*t7yz<xG#?=|0z#bQk{)R2?1n6^5c@?Mt8mxAeiuP?Jxz=+qpb~w%cAY+<Y?l)pj
zb$<-SAzVk=+H+cwO}SBrvNIVvM+MA?esshVn!-V*%i;_QCEJad1rrcU)Ug;~vIo5$
z8X(Q~Om180;75j5NnKlZS<;S>%j+5fgRKh+^!_^>aS(7-dy1XI*k9dD`sM{0pjG5(
zPKm1~%=Td4D6G@ouQm1@67~ld0R^jwUV(-~-*I?p9jqQ|1R8+LOA{t|Ch9v<MR;@C
z1*WcJ{*CA_9*=;%UKp#iri;xT>nh+2U2)Z70zQuBs3wg<Fjj|XPL#sSU<9JTZm?S2
z>`GjBdmbkCX2MP=Nb>A;Qw2<qg6VY$>I7z-HCyEpU3;t|T`C~_aiC)AC>a&?ue`t(
zmz>LvgR6~t08UQJngNWQa=4no2kB%1WeU^Kj-k7b*4J&iqjgcNy%r^Gb&^zs64RB+
z5M34}R*1lwA2Ww7^mHmTiNH=w>jvq@R=&7%y2xDXCjJf15o^V-MnPiREI_y&+Yl=V
z|Ak(*LUY}MJbm8v*}E_?y;#!<AKh+2-?CN1?P;C5-8VWFQWoJ=bvaZBIsFZ$4!CWL
z?M%b?%<H*aj~d^)d9=^R6lV_IuzebhI^@+3R-(m)a-*U5QHJgb2cX#9YFp}~y`CSV
ze2|S>JS2R3V-8f?a${#%Ui1_s>h^`UL?16~a|*dpGNSCMvga@Fz|dP(ohG7xcq%G-
zjrt@8y5{v=bigr7=!(h=-I~FhTwsr=wa=S#)9}+NoB0p_20{^QM?#GnrkDN(Kq!MR
zdgIK?Rt?VGXUk>Yt+uuVB?~GH@hv^IQ=N{Cx`wc(^W*%y5^bJgtE78WaPpY)lh<Z7
zM?VqUh1ZbYuIV`6+%HT+aL!l6HpMFPC-!q*3xkMpJ-9J)Fk=1-Gh^7i_a=903#=Ou
zt^nXyNplbsYC{_&W`d)NylIe`c|mJ~>;6(2Q%l3L=)xP3-k;&E4K07TSsHaVBnPX^
z=$VY0W_GSw4@e9c-%W;qZczvZu7yE1G9sk10_KunhC!(~lR+wj594qH59EwLvpPk2
z0yP^jc2H$QO^iPGX49IvPH9=GAjI=nW35IR(R~f!88e$o`-H$>L@&XV6x?Wir|$Sp
z4WWCgfosoh^z0=xO8qp*%pMBeQsHPZn+jrqj9R_ZXlCLuGSS4_g@e0g+JbJc3FMD0
z2xh+iVZ`hPHul2f;-r#p!EBOIj65rE;C|AQFTKm~9$oV-i$Kxg2kX##e5#1u_ea#w
zGzCpF9q!5+4xUUMcmoTm=sV+K;;8mK{)%=Z+jb;t>cDBXx^9{fE3ABr2yIuT#bce@
z&8*5gc;1g(WRjf|chf(jK!8eR3)~JKn^kOhJx&e*^r4`aIL!$Q$_lp;ptse~9DeUb
zgo|##IH;pbPq=Tmp5AU+xFi|%3W)9O#1^0TC<A@d*+wUwYGS<ad}knZIM1jyf8ZhL
zqMfPKP{4xFl8Qc^jfzvg1JJLlMG4Ol>u&Ko#Zo8y37)Pl2RhY29Z9IL@qEOQ^;u~=
z%B}|TOI6X2548FTSzl)HPow7Q6k=<k&$pN2--_Kf(djlr0ExO({=OKqHuMv=HRzN*
z+gsk3=Kdr42-HBu^0jOHJm^OwdOjN6IOCAO0kk^tP;9h<Ru65va3*2I^w8G$#p>B|
zGfNs+mLrx+r+dl}vP)+mU{Z$$t#r3cj-%sHV!85Ep(rw?!6sX=Ta|sjl~lRrKtgxA
zWu7BX!unw!hCXv+5>QJGs_`!XDUf3&rmkh5pZ>jTME?t`0y8WG0udkV7Lgd^urRgF
zKu4H<aENs_Yj)FJihC<EGr89vBKm&^hQ>eJnQ}pj&s4Ub{1wC|kk^jYnc+>BTn|76
z0y#Vs1VIX(Y?VI$1{(sTev$fRdTQr(uju1%nYDfdG!#;8U?}u=<e2;!kT|omCb$C0
zR1k(2KvCe4m4)_N`p=IqC5XUmt4(sUA_3XU4uQL2jRjf`oqkJWX9B8*6oSYp)krM}
zf(wO-tJQuqu(o=@(gZC=LH##uL>V)?a6Zes%qy)Y$Ogc%Ru6ca7QE88p5^H=fctXv
z5UNTF3w7AGc&|*FQmWIA$a`68HPuFFiCn*<Fi7r3!0syVl2h)?*%xu<uaGLH!oWJ1
zCOgv(;yLBP(-J(le|!~$(u#<=`xEk8I13)p!_E##z)B~W8{#wfByBcBDx@E^xh{*+
zf-t;|EkE6ELMVQ0&1wV-Ix7^B5s<&%ah6m+^u|`rn%Qld2?LtP@j^f+AH$)5n4FQ3
zE$43EdhYhZ>Fc*{KX=<1BO`?ZEKo`dO+?>4hqG(Jv85e%293RLbhSW2!HdQLr37Cc
z$7(@f=ewQ3ceu3$`mvY}gJ)N5mF=Y6bk=389^XPFQ-d;hfvczViv&9})vwB9Nktf(
zM+Ri4&Ka@PEF$_m8Wq6Eg9mR>YXerr5LdcYez=Jf)*1hsbzfJnN_I}hi)?(24x1yo
zMJojs^5Y2T+wOKNacrKXK$%#${f}nO$Z7R@m2Si+9Znrq(vyLvR41CiQZBISW?Ww~
zK@Jmqn4js>G|{RDD!wtLR(4o<KFiQ|Q^NgSb>%9oBBq3hy|X50J}t8;rVO8(-Bm}Y
z*~lVcT0J*7l-Ly3^VbNy)no}eE@2ZAuA7l*xe`${X7|lHv#|$1l1I3hJ(#yUr=w7>
z1rkx-ML$odex)te5Q6N8R<5+Rb?t7t_7>E6+K?kdrbT}X%7D3fK7gtnxtp!f1#cHv
z=>}}*nu^Ov0MKF5XNB1ql6D#_Be}X*+l-NchV#(Z9WdOIa%KGzN13D6nY|FvlL|?1
zyDjgMnm&+$Z+$oDY~aR=wQ%6KR)yylZO8wzf{1n#nSV!X{au(2P_9iv0;#<=*EZLP
zYT!t*D@o)y&UxO9A~95qGCXZW*8;C{5(+n>%JjI%M1$em@k?VQG7YWDQGJpA_@c!?
zgP9g3Di+{QVY6`at#kJ|?-e{wR3tb@24P7nUL)CbzmaW`R0AU_COYo)W(o%j3M~gZ
z1W06_{0g<<kre=3wZorshP-}><kcE54BB*7%wE6UG5zJA=^qvDmtGRY6L;qoK4V>L
zuhx}K9bIMcYqSl>E(|al#}&x|9|*VCzwnTyyiHLwtM34(H8mc0R&imNr+C^i_Ix%(
z%gUwA9j<S=iBUa@dwK=SgzLFIP2>MU7%;v86rhFS#|nR5z@Ty$?`B82bW-kkv(C~8
zNnW9xe(&cn;<m8Abf}nO>N<J995{dV)>|F@ZULsml&kZz02!Ac0g`cEtlz;kbhW3A
zeat($O}P>gDnq~vJu=8K3=t@!wa|T14`9v7yXpQ&JN2+C5hz!OT3`Uv_4UZJRATRK
z1Xc63^|PD~w!yctK&k>01Y|RRr)z8l{DCh1JKLeH<^VY{SfZA1pvzcLIKzg7(cVmD
z2GQPn4EfuNpV*wpE1YglWl`u3^a=HcopWFYPJy?u23ol}A+e^{!l`jw<X9!MgLz&r
zKb%tDHaAPFBckv1gZwBo7!6NM1rkv_Y<75?&SGAV#TYA--O!W1#@=%m^3gI7&YZR$
zq-ah_FLWuKbiSf?9iBA;f|sEx@3z>|_n(>qb;`!;Imb*tLL1P?u80G(#Y&4Ft;d9G
zWnaVJ6z1mW+;sQx;7iZb2}n;D=eMauv<+il7zLyse>DiI-GG$WPGner1Lhd3mzZoP
zHApM&tW07MlhRY>V69hCe^b=mFo&(Fk9h_lni~7a3Z%Y)W4_DKyC%K{{0EHs+Fvbl
z!_8ijfgEWL5j_h{EP^iyn?N6x?gc{aptAhamE7cFT18X$h-d2=RD)~5Wb4Wp3Y9~d
zp_ArbGCZGmZ39Poz@{9x)JLe7Cou5UH=?4=a%}C^OuNO((=80KpdYCwi#}Mr66}w*
z8Ud#lBU1$al3riEZYIJ=eM>}-Kxa(6<G9>sHb?;SdkmOkHmmMnr5yy*!I6&ysNi&p
z!Eu5fL%-l1m4v1EuT0!bptcdsLWi=v3t*NZ*5IX`cpS9yFd_qh(RHG74fou4fpXW{
zH3cqI@@1`A9nnJ{7`kA6GA)Z^;q=jd@Pnn)mbnJt8@BV4bh-6AOG&m!nm!P{>#IwN
z@fSr`r`m)zQ^Rl<hOVC)YTs~Q%opIgG^-p%bRw$jqUhMs^$J_txY40#t2_XMHk9Z&
z9p^+cJIYk(RMOxGB5sd-&e{X{W~QldJdn@X$`x0Dx4ibPmUk4MtL$U~mI1NCdY*a#
zYUNc+2_+H{)XOa@{o!&$kghin(<s0{?n9iYQ~?soX~n-9N%9DtoA~#A$939#bPF~m
zo>MkHo1JJ1WjTBp7@_q2=i0Q-^H_m5&FcxIIZ&L3^YlOf$JY%#1<MLMHY{Q*!E`O2
z8ZS_ObE-1IG=PZ#wWE}8O2>WomHzP+kOkX@+6Y<>?l1~rm9=^83;GCZ_pF^694=L1
z?X%tJs7n?T(k;*;>614vAq7REa)EXQ`qHgSsazYc^WfZ^F5ciQ^mPn1iGvbH3-}I9
zio~!rMx=O_9X+TRdS-1T!$OAf58Y#F<V3$f0}00&JYbmGH@KZg#_@}RHJaEFJsV@)
zkT0$qbntWMv`&9%T3U%OHH3<l++nP`d=jzLfJK4ylilfJv3j?CT?<}&W{|-j6}^e#
zpz3G_Nb}lE+NAgP^ob%7-R12RQ~Z@p(9Ny`-9bmfB#<*5O#JK@=n8{+JYAGfO4Cok
z0lDNW9JEbor=>3#7G)NKR%Xlt{h(p+LPXB$(Ky7j(H2aD>QtlmZ&V;>syR1M+IrPs
zl=0p4_h`dalOn9pS}vZL)yI`R&hq{$3cw^N9#c_8Q+bG72mR{Zft@}m3Ilz1jxhm`
zx_6hS8yh0KOQqi^sUM}R9wH?KH<sAZg%&c{nn(0VJJDsJ6O7<%aYm>ix^U`<b+ZRP
z2xuPOz8!1)ele?Q*DB4aa*0kmFG$*Dz<_p`NUag6f~d>+IC_WDlomief@Op)lKD@^
z74dP!S+E>f9irZ#U)%>wE~i0HlOOJUy2Xsw4fJ@k4BM4AfxwcOYK<!}0>7MH!N7Ws
zWIg~=J|EQ2@r-krY!>IK{|M+@h6z<BpjXK?W2oMU21A-}0rrGG3qXzNyhfL-ZiB`=
z^mq7u19UPbb*t_S&b8?aruk1=_-N$8@L@dVUH%hXmxeUlG70UU|L7=10Uqti8;7S)
zI9qpzaQ~nmaV(pa1v!r01q1AsPd7hV3R#(-md<inh)J~c(Wk>qVDx*b(4L|D9M2&Z
zro258M#1SYo~OVMo&8>P$7tFU7J(k}gETd&I1>&+Cy>odCN^7dl=89|bbquhZmey=
zKoNR5I?he_!_3UQY>AFt?}hfMPPPzsP+`S+DUu;1$m<sRrDrmvlQf4b5pQ`{r0d^j
zr-<jcRXm0@g%+3T@%vUVaXvEr;8|J)gF{d%P+WSmJ@V#tMD%Y7va(KSY&z^%4(ICi
ztMos*w<DsXFTjLgm2}WkaH2<9u%4dy$t5&aM<g&SdZFp`F=f$1ew2cGo$PA4{z?n5
z`{!jCl%{Y)50%oCzObnq7_K0ukM&Wv0(sIq4uc0i5xpC9USIN1-$2^_VL#T1*ZcmP
zlq?jOs`<$e(c@7$Mc#}dQA6l6OnqGRGz_q|Qyl4zLl@B&i~!p*!*FMl2!bQyGQ{SL
z3}kqCJ1li0(Jf{Y8P9rsYzlw9+sUW)hopW<t3Qkag-of?sxs<W??LM7E&Y&vY`;VL
zbNw^gl9Rp^<;`Gvh^Q*%b;yE8Ht=cfC%cfCdkV||h_0#`LwZXFo=7Ptyb9G=$p_Hu
zSShuONdb_QLa&36i9goZVfbrE?3|HdVyqA#vX=9pljvB(g=wsWd{TjjN&xCEBgdJ6
z%wiV!7yh1K&5Efr7=_LQ3Y7Wg_7bk(Ch#zHF8(vdzhGJ!Jsg91(45hs|MpWaUj&@L
zRoTgMdpzi~0?EDGf4CTO#A7m2*jXqywTS3Hk{rI+!z5$mymoj*zj|r7gBU~fyp-M~
z$=^lvv&Ago-Gu5!dT6nq`JKVa-Y{EiOyu<xGrogeM^0a1@c7iN5k_hAu#?XD=p(GU
zTQa}tS+8Nb<V>|VZVp!vqKjo~fTS}HHJVzRi%$LoP1HEP1;Py$wKu#+`(Q1yix#QB
zO)sDG#tK+YX~yB0rik#YlYGm2L0aX=!YeueFmiTyH_Rj07c6mI;Pwmp6q@@3wRmUa
zEQ|-Do0o*nQ3YIV4jtt<=fc?HXK}dy)Xk7OpR>QKL{X4gPn$=lOR8%OoiaYj@#=%7
zY&qH%`XEj;r);M1tupCYk49;5FfAWqf;haRJa`UrG4$tmz)6=|<5PfiY5cs!TGAJV
z<|bW#So%KHC?&t2KT(67XVt5qM8~0p7llOhgC|3#5vN;?)zv<I-&6m1OoHIm3FBBu
zKm$*84d!xpwCmac#+N0AUj665Vnq@C5_M}O*KN~rZU-J2NipZn4yhKefLh;X{I8?`
zl5OOM7pta4r4cvTq-Ts%2P_>5xa%xUe6K24VX{YBA9HTdGIr1FIwcBw`Ll}XlIN#K
z6gD6*1ow15NpG?mv6}T-Iv})ua#(t*D{mRQ3=FJ@rlBMY0#gHAq25G>d+ieGTZ~w@
zlk^!drE!py8nWTna%&5sbbU~|zy6HUWEp$yJ&-FGieNzFqesAzVd^l_K6IW#?L%Y*
z765Nbwc_%?vwCSFn)`ClE)<JG_Owg3vU+|AjJt@Qe<&=dJAsfc49oW}=bjU3ZMu7_
z<bUULSnsI@UA@b+pLe)7`q+VLKnWP}&=g&Y2w6sm<B3ev>C+e<j`|X~RP@O&xWqli
z89#de@X(|hHB*qwtvnUcPru?`i+Y@cPg#uUw`&0Cs*Vk=(9mafp3tPH-I*zS1bkFU
z{%tEmEEI*F7L?tf{iiNRMLR>0|4}YHRdvaBgQlpNspL()d5>MYLx#hq%#<#o*G?>k
z&KJap3m`IZyD(k*DsMOMsr!JY9WpjyM(8IUq|?qBu!;Z?UHCFkcY!j}t!F^Mtlel}
z%M`F>>y0^+a;PY(>XRw`Kh6UZQN?6yyuIugL7gFXcCr+&-JLk^iRzyIT&Lbwnya~e
zM{%&Ds^>yf+9FL;r;5x_Y8aMr-4T7xG9Vj;a&df0Ka-HQ*eLI0Ev}vF45)#Kr-M&Z
zud&WAe40A6>TO9nAOBwXHxK~_PJ%be4*^ax=y%JS2iN4XA+xS(6Rt`rVV5sQBUFbA
zOaF%S-*#RJ_d63n(Vz?9er4Qf(&d?<!__>tF4RT!@m*dNQ(niX0fB94pyCL(hwl)H
zoVmEbroFLxU=3AV0UfqnD55{Sp4RNP3SxXJ?}l-pFClT$#dMbOk*C0BaX!j$^x7BM
z;1lDTPFc1Z&GYKMi`*&%@u<cexA_Ukq3IL<e4|T$x7Trg0~@Z_!5gsPuyQ<j<JVUh
z<}-$M#CL^{<(nH7V=phIPb1=(W`3EfPc`TTTsCI0V5w2%Wbz_<csz}i3opWKd?m1u
zK(5KLNO~gNdPRV+M#o?vvGQ)P_0dS`nEjqVFi!U*Jnn(|)#0N<I!gS~_-oR#${d?u
z<J_R@iXoTXzhW?95j_oK?X_yIgxu#NddEnWs^k~T(=_sIzJaC-)^0(5(80+fC|%d<
z$7nx12FXxd*$EGlLS>=dnpjKcLnDj@q>MzEI^n7LQl};od!~W_r09<&@nHTv6B4}w
z(-!ogg*QWw22d4Gvx`-L_kv4&X&09CJ%Azot=GjUsNPb|pn>b#K=3wd%ig44|3p=?
zlyjU<()i|h3IhEEm*L8Ugx9bh@ioTt01>aN!oPT1dyoqaWcGGQ0p@d6rmK~ak)VTP
zvet$G%~%`rylOjSdUxQ4c=qOVrz}}YLVkT1yM0yMF_jvB)9*1ip;XyP6DAJw2dpq*
z$g~P?8=b-A4xu;5UG^R*!DVAjSyEkDmu?pwYdT|^<<;><Fae*^)KaW1^@$x)=eS;x
zSXKAEdn|MAaOroKtRFsSC**midEjZG-kL%idB5j`vGXK>m=DG~^cbRs%pr1iW}FB1
zmvpJ#H<flG_rkf!*f@#Q&g@SddT5!q8ue;{=aGzzoUZ<BBmTpJ3msq7F>5gyKvw?9
zzu%wLvby|UmDMg}TKlq?zuMDDlLVrWt)+%=6*Ki7c_u<ybcQy{lNk7dO;&1Ih50>G
z1&-+E|FUf(J>99_v=q@3-UZLZ9ck+DO5khs3Lk*+3{J;OYGN}ajl8UQy1npaOXfbN
zC75}ZEpMMwVl|sYsC~4Twgl&CFiRo5B8X*-$qXuAwznf>c35E#?aPzTvEor7uB!H!
zNuq^%f!Xhqpz_Mk+uAju%PREMyet!)@U@nC5sWa6-97p<Vx*u~K*ImD5Q9*kw-CK(
z;hi{Bl7c6<%0nLf>o*yM3TOA-)j%NimAFK%^8hbl)evBNEZllx9Gxo7s3TeMn-3w&
zsVmJbnj1|NG6t8(NKZPJd_)A2;8W<4n-4_IbP_6~xxs^%BiBIWJTEa7-J(~3(poTm
zwI?SNG9_>2VYEigj|JQK|9j7^C=F$7jb!-dnqk{q!`OwGIT}NlzQZH{X{w_wh^UQG
zl!+8To-OQ*hsN%p1@~V=ZtIr2g9FJ5OD{uu$;=5>?Vz1zt`_*H6AL$7E28^Cs2KQG
zUAo&lp;!^EMhEq2D43&GG>%U6Immgv;~=yWfR<-r?N<**DuL;0PBCJRe<J#84OkDa
z^{K1>075+UZ|~984&gfV@j_8=x{jSHtk}J4&|L4n4WZT$R%jrvIE3ri`=1oJPRaUG
zrw}7MOz}%foj#+-qvHg){-^B=L7QJL@~?lO?YS4OMnp%R6RNmK6p^C0s-08t7qt^s
zoP?mDj&{|+&oT&h*19m>Q>li^$_G*$H(-_rw(4i%&_MRLeS;#cqHeDGeczjU4RK$=
z(?#4jbwOn#C?IhwL^hx|#>@ouCh*tp;x0yXNcX2L9npQ>U}ysjxt6QV9%jsRL*<>S
z1*5SHnyA7)N*3cgiac7-M2#Yc!13Q>5b1Mu5pZa;MeitwyYwQxp)~9w!R6_rQs}uD
zcX2TKB{73Z7AdtP8PTI|UrJK|X~w58PYvv=oYDvrAJdjM_`$Hg;O->ZVUl&XG&bpp
zP7z%PDkr#fB?wYf5oP<$BkLREDLTiNPCYgTGEPNilr*t<N9J6rhrUy*7mztu78T{e
zB4UQcF?}JTsYT(&&;~NpgjB<=<c~hJ1|%Ei*|C5v&d@gbQSBQ)=dILONeTD*Ikd7A
zLDzw@H>R5c#{?Y2B9*2lgdL?LN2iDny3JYJ&RD;pu<4wQTb%i_r80JI9c&!$0I*@6
zdW)pGObF__bNc3kZ<$5j+$o>w{I{+b<nqIvEf>)TEd$vR`lJyE1!1rW{r1)1L36DT
zs<BA)xNo|{5zgrv;{&k_lmoUJUVhyM4}I7I`Sb{6yY3Kr1S8m03f`bAq4`xRPZZJp
zCxrL{5EtwkPK+-bWc<u16R>!Y43JNKS^yv5J|PH~Ei=tlQr=|9=X^ZM?krw9<Y_!X
z1lOpD5sX_XLRY?0a0gwP(d%K55H-kLHFEe5GY7h?w>dOuHu8F<2<!b#%PZvEkgboN
zs{O)9`}a4D??hN3yQC*C-&J6OefxzsrfF`dgC^Pb_Bm`$|IP+}a=3i&u?+k{!xP*1
z6ZE{KPLetlV&Dso=<SniPs`&4_)2_?u2j{^FlbG1G%=ilvmPKz@*nH*vtJ>Oskb6M
z3`$7S$;qcFvFNkv&6eIQ$?t$ws8>Ok^1e9qdKTEw+uTeTKMnfRLUbvp2&7P-n80j}
zoVJJ!*=|Q~htd^tlc0QCHt2&0&7m)|!?^Wc!lcuW#)E86XV9tb!%<hQ;X762=R$TI
z&TOiWawWqYX*S`E8e8;u1&ftQD?<U7h1ll*v-c(7aaCpi?@ZE6(sbW9AatWZfi_(z
zr3{qPLZPL#DO5liCds53noQD}q;1d&3IZYm%HqN<3W(n)ARwZG@ZrZMD13sT$Rdae
z3YJa&0?PmQzUQ2K&%JZ+%p{#qQ1U!8nS1WN=bn4cd)|GKL?+(ge=~0H5`i%~1};w$
zg{+ARvtZfH{HpM@-^`xA%w1VkM&J2Uv{2lHdYiuH88T#@d80lu5#o*c0xHvj;9@%9
z>F5PGaLo{1IC;3Fx%Qsy^R_k67`7LF^S1I=^JWU}P0Dv<s5T|H8hg5cX+>&`(+o&N
z(9f4EiK=-K>MkM0_6*ly)n+Q{_S8=6hNEo2yyiFdWSYX_b>npJwMb+I{F>q#Jjo`6
z@VgrVpvs$|L7dSgRq8a@mAYroFVkYi=?`msDx6}Gd>z=0z-@>+bEN_pQ``fcG7w!K
zud4L+ql(wN$?5Ii>n(2B5M>t)S6X^4&8`Q!ald4mlgfb+^>)~M4Q7F^{pw8jQui@I
zZVEfb58i8ycE|dkHe+$RA5|zo+U&4^kE-ON5E3w*hoe<Oh_7)w$Pe>`^@_Hs4f6h1
z$yKBun8D6?^KX>%%bnL9Q2Lja?XJZFu3*Ypl;U*6M^VkfwK6lXJz;k?XRUdQ&?H(j
z>vlx}l_L3>tj+jQ3HF66(p_E5ZF6=eaOXx^Eg|4K3~5^P`w?;Z&mb<=lJ8JF45rsl
zX`Ni*{a%9oOV>C`ROO<56AXWjrx`av-=*BQ1ThxV{;8SF%ho=Hoo4-79!h;&SI<WN
z@G=QnKK4hkFUwJ~OqIx30a1N*wqre_Bg^(clR!bc{5=L8J{B~A{55b(q({GP8B%q1
zlv}>2^u#iwK2trb5w!BmuUXg4CgZMksArw0JrQEye-9=CXI-`9r$g#&QCo}a))?S@
z2R70*H{`9PD@O<0Cqiy8FT&QeL!ml%qLnz8oYryqct6Du`tf{TvWbs;3S6H8+T+dv
zY~O86=8%a%$=P(qS1M^$Q&V?mI@K&nD|+{9(2j`ugI<TgRWzx;g|m25mFzvwLWD@!
zQmlqGjy|=bN2cks_yUkxc|;W<WrHajyK7*z45%gl-7<WKpkPrKg%!;BipT3j@Ioib
z`gCNHu)@MDy}k)bT#->yt%+ola_RA{oFv4cx}#L}x=>?39gHGG9Nm^gg&d6#kGc)Y
zRZjc>GdF!E&lf-|g&YmJ|2Xtnjy_4>;Z(Eed<YKft#I~8&#9kT2QM3Ou)zV;4NLOe
z*SGh1^hfAw*`i!_-^VyT|5<|jillQ-H71)|47g81COa{r@$Q5}4DCU(!KnjD*BH|x
z@L3nnVc!CUSc^nGd$wkf4+uDMO$Gl86-mWz-*@%2W<205@Dx!3v1Pd~z%Yt{wzAWO
z!-y#2BdN(Yz!na<4Z&p@xD;j5O~&Io56g(mm44DqoZi<6g*Z)s`%IpTmF?f=YP2QO
zjHSxUND2msBs#r9u(|{10||9Jp05DM{Ny(l(29p_5c*nxuL1g|&tap2C!{|)?qQ3j
zd!WLy-UbyFFEi7H?0XZeES%-j)Y46jp2$7VJ1VBqvG=I5reQNV2{UF8CC5U@QU<!B
zg-EgCH-N^C2OdN2fBG@%xH(UOvc2qx#(BNo1%&m(IP_8&=c*5&TRu&=2qC4Cxr`3Y
z4*=o}iM!Ney(Ca)-&tE}l``wnpzp$^%*SkRH*ZZZ{Y3@cZccZZENE7&t*Oq)sa<wA
zYAXwyDm*F~_h2MeDff^b8wH<~)2V?vZH<~)Cplth>{E6&4egz|sUzJSr>}6a>JGLy
zmVq|>@B|f^lMsxn@^;&n0t?%Q<Z$w`2J}3fzdE~ft#&6uLQ@;NQTiIPnZChy-^L^I
z*ai>MaLA>}K-&O^jC4!7Nt`FcdOh&hc0Nms=ROMVXcBDYVh!-p;`szCJJ%M|j6j?|
zbwMR<NcALO`AoXGNkdRjIJR+ySln}!Bf%UovLwzT{INiC-$z{(D~j6j7<5MDTZ)-;
z#n8JsL&G1?DU&!S<|43pP;y(Y)IQ--OU0gLGe#A;6ZJ@L0lrOkbtAnVc#Q<3-q>5H
ziN2*X3rQleDcRPYDl?6v=im4BGd>f=U~6XGaofAPaMJ#@_L}QMAz=X<hZ8K6EN8XJ
zvfFF-EmxchG7i_nkFEJCrOwe{==$Wz@YErA>=gVe!SEpwtiI5ZXF}x{R&6_3epwxa
z9{FD<ygs{FA){;*2`&Pwv($DYnXt?520IL#F|1&sQpLi@=?i~!lHbybY?M|rOT9YT
z!;bs(JOb`nAS@HK$LZ~NnM|eI6H>mJb~`6Zo07=(A~GUgDIZ~>oB&FIViqzf9eRA>
zr_76a$r=r+h;V5oy5LT$4xKK-NJ}9qwJL{i&))C5@`0YpE8bxO6_m#=yPB})F2H}~
z>5c|gZ6=>~OLCuj#-(r)9cB_wcuqQW#^ah#r-8*tWsp!Cm@7q3?-D`YGK61%mEE9a
z@L{6{kS`Yn?KD)Ckq5MOEb3-aIn7qWPagzY*M=0S-o+1j^fwa)eDg!HCMoYQH6I}f
zll4|;kT7)ZlmA6f3TAU$4<CnE#OX}n8Iy)xc4jfeVP}zA1vvw*YeKAryfOi1r#iai
z|FLumi8|dy1Httuw>jldg(6+hn?NSQ*2h$LZ^49bfUlVRUbwKmJBQRjjq~U7#zqKC
z0+9^Mr)UU;%L9G&4c>uB`N#B&hJ$J36q^0!BSrVZ8W2$Kt=L4tA(Z2@5v+iGrbs;7
z4#`_mqA;tw6amqo-hx!9_Q#MPd)ga2+I-v}OH;~Id;VOPFBAhGibL4uK1VIE<r_XH
zB*?i77fQ7g&yMI9XJ`a!ArW;t(}Zo5OVLhAKa6{bfm?!Q`=|l3H%umC4S%AEo<X?8
z;!H<|z42-9K<#FhLwa&u;0#4fT9aA-p|4-)l4B^;TtZh+yZMJ&|LQ2rVglUDn@7cB
z%?%LrHEoF1mEU_!%|qc_H1o<=4i=1v_hrI;{k)!Q)+=~BP%pp^jisiPvAWvPvjM5(
zk0*Ncey$0(*COZZyK%e`TyQ*4Y58rJU5mo2=?=IQP%39-;YrIt)l{Z?dgufzUB<HZ
zF6w|~3aQt#J#>pI7Z1m8r2{EOg}gaa9C+1GXF>>apg^pBpvPw@-bS+ih0VNIL($V-
zj5rwuO0lt8p|EVU4U#Nop|-i3#ZN&)egb-CK~$=DX2y{=kahY#v<R(ZA7rc2E3}vJ
zG6?ta2$O983C?cVhmlGi_J?a6joRF;^vvN^l9L9JQ50QT0`?CrVCEnlZ285gjid@Z
zm>tPX^oPB`Rh-tqM*%Dv7t&^qZJtMKBCIl;6r6BY2e#pCpafAcr9P0G&A?kyit0G+
z!-lDz9No-OH(b50AltuPUU~HMKeIlK{R<MXKem0OC+{sC050(`*L|0fv7es2R3}Fk
z7%Nz5ly04^f^rQLA<Ta7qSJp26)jYLrDy9dY}xr#3#*=+q0cecpqNcU&z$En6{MQ;
zlskpRPwfFQ7}`o*uGF9vyI};b7IaOxiRl)JUz5r)A}iP0nei#A<c0^fq}xD`5)z08
zi4MOZ8tVP*zgF!1n-NY7d3Y^s|Lgc?$hA(zk1#rIy{d(<1GpT=v#uM{p%p-RxT{>#
z6vSqgFn}`hT198T_wHrf-gF!?7XT6#O;?N7?*V*f%Xsq52xiGw9kRB9m8%+?gqt)D
z6W0o(u?@ej*Qpnlw?idtT=-g$)4e0d(flYdlT)fev&VeuzydE+!t0puIiuk(WeUta
zQnasxXJ`qXGY}?oO&}2YFjjQh%`<oGEU_KSleVJsZK#o13z%~A?bDb#@GsqsiLP{e
zileOQmcyiQo}1`iD}6fKp`Y3eREJeImA*`F5KPh`N3C3WjFl6_XIYKYBq)4s?b;rI
zAWbMd2G$c#h1IL0vqvM-B2GQqw>x=?wl}o)e=oD#VIA%=#G0d1zUZA(?CPaZ2Aja=
zV%KUdW{EwU)HC8eCY!QY|N0KGKbCYu{|`P+`@<OTYNlx@Od;$X2251m*!noV@hI{v
ziIpXhOP}O39rT%vbR5o3aUIzUVVC5l^m=SxRdASrw^RggFp|#76pn^_kGH`IcR=f}
z$_BKV^bGmo`(9;4uOhwkRS7QB=9q<mr^O|OSrjuE<aRMuqkJ^(lhu1OB6~o^3b1Lr
z{B}GI47Hfi6t3G&U5YU+Zr^y!Vk!-Ss8Dih0?jgrYE(7ByqU<Lpi}-5m~Nzl-WyTu
z*eO^E!qqb6d1=wq?2LlBA~&g=bgmxKRh;_lkc*YqdYs0YJiLg^$IfS4<n6BBXWmx2
z`%*$#TDW6o>AM$H(2`VJ8(o9~FqU4y$4~j?Nu_JtPBRUX4g3y{B3;QWWDN1UV!g`e
z;VBYeHr;;Q_k)yQ!=>LUo7~J9E7&7w^U<j$!^UcELD)^5EYIQV^qr2U^h+neya`ha
zMZW-jcMp5Lm~c^FtWA*lH>6t{vKR0j+!xYa?aAB*`r8E&v2!vBrH12?DFK9n4bE|T
zJ<p`eQ+b$UffhupxG0qC$YfF|Gx3QlOA02jghm(imYIT3<q`sYv!smoaXJgB2^G5C
zcm7toVqk>l11myP9`pHUdj|qy4K%<zy+4wT#Oae@#{6+Y8Uf2xv-^oZ$|sP=R}>OR
zg~tjKw;${!hNX2JVT<uhrRekx!SyQ`L<`~SAM)vG5$pWYwwC#G6RTUBvyhVHZHkQ+
z9U_lnTY^WzGD0Wr1yaS9;yd$@Hzws~WV+k1>HYJ{v!oeX>WNH~*oTLaq*ysWmR>=k
zACzAPC-=&1+7IIh(${@hGl0V?+YdAJ(MmNikQx-NNV!Bzd3;tRgVe2;E5)oEc~j<K
zfIT2YEZ6ox%5dgiwx&2(+qInF7Zcc0bDh$wsPNF7lC@TTugn3suR%*sR=$9VrfxG6
znynQF9_5vdB*$`8+Jw>Dc$spM3t@q@Y{T(~Dh*zui$jWRZ%OULUOsd4hnO_Q>6NCa
zVpr)Bi0)3D1-*E(QZFUod&J2~+m!d0cjbL-in632zsPj1@SNL_YNoRgo++I|-Kne}
zxr5o2>UV)zA%$0!%U7s)Ht*y5%tM2;m&cyf8^2;#%+B{=QfB`+U6nDmW{qRZsC(XF
zX@8%e56=(I<elwq;$Xf_opk0-%<Ws{;OG-qcz1r$_cy8;I9C@|s4JE<SlM3kQ+!Hc
zYKp;OWuw9wDkNqJk`2H)He*KPYmL*_o{2z8MHLs?_iW>niZttsICMt8fj{;?PWLHa
z=f)I8zs>=)*(`Je2*N?ia^y*7Ki)#G7k&=Pr=M_t?VYfV=1_)~YT(hT5;fAnsJPRT
z&LZ-%4Z5;kmfYzF<vlXm13HA2M;b;ePe5O-OWUu%rtiT?H;+;&1p>S6!V^|_e^ITm
zPUoX~ve3#vC6Q`j^-K_d!o)-TY#==`x?h)NiORhaz|8xj!O7OhYAk_pZq{cD=39!>
z-=0J65vbJ4MMvn-WRyjCWyXV=gibq?-3{77B7y0kPwnIW3|65OLUeH&X+ml^vc$qF
zI%H2kv7R}h1WSAQf+?MDQnISRibY|fGOJLyI6b_0jN5^%LorEN)Rk6Dj;)w=HPbEP
zLLeFhUjJTPlrQXi6r~OCvnQVc&yuFa<qm?}0>zWA^f@lv8AmT22?ZYl=bNeVOUewV
zwLKoTNVHZCtK@ZHkw6oV|BBeeq#H4I1&Ps%^Y4n&|L#S!gcHm+@CK*(=T>lJ9mt$s
z`u9V1t2dU>D6+K|$ZBy@6NsY@ycz#SR75LKphRaI%Dfr9szUmXQ<AKbZTn^QI%E%{
zrvxLAwOAdm-?Xr~{+Lq@)@o6E<2vo_E!cbd{iw!CuWT|ELcnl2$)y!)v@#)K>NJLj
zDnCw%wIKR1OM=QLSUHJcHw_Z`3C8Ut=9;O~|BMUp^z-~tE;~*W?CdEeFlz{V?FIyb
zH*ZQZ`ygwcqwF0zE=Z*WD;wFm^`|Pt$SeWJ&@kI#tWX?b;DjLMQ3`ceLC-zpCq82U
zi4$Ada{1Fw{^H+)ia0p2Vvq%bk%r!st~;yozyKA4BU&r31MB!WDb*bp@|<shpxc~E
z;JS|P^{txYE-Nty!Cp{B3MJ}dI!lu9<fcJ^vhcrQRFCijMT<rl*?8~gB0vYpY*T9j
z!DJ|JOoz^_q(dYs8}iH7U@{UdwiEmp%tOWLu5*m|wa61@3#7x<-}P=B#EGP&mJjW7
zf-cdJ-~{REMuhX0Z71G_09eRi3~(H(8igT7hbvly<Rgh9#msav(}f)l*IVDV-;ol<
z;CrDZ-JHy}2#I3<QdBqVps&IX4gG*lqG;Gq54x{}z^y7IP~%#^DObIrkM$9VD2ba~
z)p#NpC?K<o260w|bcU`)d1E-#<~D<fmfa)}r{997v4X>j=F#}@^E9VDXlI$2;qwbA
zE^3$rPbIBqafbdP#8I%$q43`Da99#PP16ojsoONW1T7uJSQDuphC(;GNdhDd0g(85
zXm=k%0x4E>a8L;iMV6u@WcXJ4kx#4N>$&QUnpKEO;rZe+L`lbw-y`w_yEACvD44O_
zcu@suwFXW6h4yl>H$c9df#ce8eU&(k!UX`P;!axl4E#r=1X|Lvv`Bc)XOPcPTrfPt
z?Yjn?df)@7@Dl9@*a^{Pg+%HXhBDXYR2H2MfEIa`^0-hWkErDu<UKe^N1+;qj`C1U
zT1nf=(nSQX?E`MND5HcFh~nNGeC=%m{YYG2m*<b;IzKsK3n3c~4wOhq2F4&5o_rot
z<zh-g219?S;<2dtRZ1o3v%5^<TB`-+fG%WmqvYf?dw$00*079JMkg3f^Xx#hP|jV;
z@S)eb@-zEp<$+VM;9$lSl4hycGi6^V)^{hf`Tp=w51HOQ!3(A_<dJdu?hTNvAh49%
zSNGdX^O9LvB68V-iGp|0lOv3(K=dYvv}&gR+qVjdLf6x?3y6@%nUykh64E`f&oZZC
zV5ggOb4xSbX*P>;WGS9%Ck)be>hbSo&5dJGz~dFFmDs>a45^hErv>1?T9{)^Z~y?;
z{-JNbU}6zrbU{5d#3bfg(=BXjX+g117d3=Z4QI@K=AjC7?N<`Hm%7_0SV37X<O8NP
z_XQ_8j-;RQkUTA(J?u|t+BdW>ls!(D0m9_9kUO;OMS<f~>8ZE{DU!}@3<EGH;?`GN
z51ynyaw6ziF98fdyF3AFJ)2fpNk)5rHrPgQL6t*rkn%QvyL%>@Wto1ied>U+#sx-K
zcegj}Q|DDx5IBDUbW@zJ#_*^bAcoC?AjYmQAvu@Ao^?Bv2)T57a{}Vp?D+t`=_NSj
z3pOamVrVx;;Q8K0^s89Pkf?sgDZ4j=U|)F6#cKUX_X4z)9`3IupY?*tP3=iZ3y=SK
zRMaABK$VQbg9HA91|xpr$DwK^;?z3WrHPgpN(Z!5F8o3-2CCOwSCfXa)xg7Kcy?5u
zx%J*J6i0J}yP5p3m0i0aq?Lv=-IQ2io9KtnBP~)ck?DqMSMe{JI5B~Pf;HXVfFEnR
zGjaN_{T&yVAY$iZX&p(a;yu6aSHM3w$dlecK5{_@p84N_813hucSxEYq3x2_W!eM1
zTwv}4J&hzs1tyGw-oQ>6wW7mUSh&w{`+?g4VVUqZLb_&dk|`y)%W^FO<q|r7feY#l
z-JMK?%k_vjJ^HbHGg)s)L)f1F`%5Kqst!-#^wek0)auI5iMj+xF>1V-L1K*FLcBQ3
znfi)0=2avpX;xii8K-yupz<O2gTi%8-sp}qG_|B*>bTe4k&E)zJ22I(=1COIC=#<=
z0O7~!;k?|N7T3#$@LZg(hi|Kxh*XZ65ZW=U4Jz}F?ksXI{&k3-OZU)|e#tRN*PQP+
zRC^wpR7O>B=JMlxD|8=BP`*BxvouR;off3lNj0n58WLCX?nvz*p3blyusLC<U5;vC
z%WLe0&qpHNOs69b%w{TS?jEc>LM)gT3&NdXOO500b)p6x@GD5jJN@Fqg4wq+tvYxw
ze4xf#l|2tZ6^p)@xn9yQ#A%Oz`neyqV?eCzBAL3|LXm#<xg)#V6kmYkt`8SfTnBSy
zt^&)atFjW-#A%uvqg@havJvPPkz`rtsM7Cd)z~-=%7IThbE(feA&hMZbn3_^Qf;}E
z<hs?Wx=^7_(HC}y!2?Aa@Q@a^8GP>eC_Dq8jfDqc0$N=<29{(5oF!7(tbx@K`-y4h
znK`PfWr57Qt35PYC6f;1;BKT+m)Wx1W6Vi4(tR;f&d|$a6^o5$xU(?aF_=8gx1*T+
zk9<?1hhqoS9cD?!dIs7txGYVaz8Ce=8V%8o7PF+?qm>S!+ad$`n)8*woPjFi&GbOV
z|JZ!6;~<_*$aoITh;h@TH(ec_xgkt*r6D=rxxEI_O3T`y*gfP~SA4X{w!;m^={t{T
z{3KD6{lHIEB0ilZ0B?aLYcPg*!7<faQv$9|$Xbpn09m^HjsY;jf^d0Ah9DDP(2Mtq
ze;)x$QULBAr+-4@$x1ryNo*V-)Qci_;+*<}dpyNJbkgU8)9aVYPwa?u-zGX35f2@k
zQ_ag@1voNa&au{~%yL!82BL?IX2E*&`(zrKf$;ZyrACm&8oci8F)E&(HFdnt-@JrL
zRi+zAr6<9?(3m$>!XmwW*#+?ZxAw-VzL)HQ*!Q)63k_HXm}mw4+hChc9J~>>h${yH
zlV!8Xp8jx!`Hh{vJ<-wuLE<9{ydz-CqC0?bCO<`@L(V@GV8NzCwkW1EUL4K(h8<)M
z*$4TVwAe>CU0q42=dd2Gsag1paAuAscAi&JTC$e|<yt)%A?Gx!q5l~(%uUG3+;6cg
zaT*3At4geEOx_+lxM3>{Z`_HD_gDa(`yTY+wHx?;6^EK=PH&=@|B8lmGYVeGy`ikW
zrq14QlsJvO(U_hw4~C!jO-U_MH$bo6%b2)+l_seY!IaIZCU#ebAOe|30z2kvo1<G-
zp{-@%LXJ{o4JVAxr4?R?(^C-75$%HvpC)}>YD<bfxfq38lo4{(wI)LyeeHLCIaOA|
zV*TJ0lI09Aod8~r!d`=8#J$3r+nCNIvposz;)~ozC|_k`^|Di0<JINrW?dblR6SK&
z-X~Xiu|nTDw>Z6u6%tKpB8XGs)hZ=oi58r%Q@@sX^FNqk%?`8MY+E+l!B!s>P9j8y
z*TbCz+edNiY=HbA*Tke7;r6dGSDJS%uFZM>Vvmsr@|X}oO&GV$?E8t`v>C>m4Qrq~
zQ?+!&q?-CkgtWSs?nkX8=KkC$CTD}<2k%pkxKU*cO?4@slAToxcc=W_Xgulnbt~qK
zAE&>Ul33t<Ail_o2xmWU9U+;U-jb0=uQg-@thaK7bfro~nPi@wU?<EryW-NzpVScy
zB|WyVpifgwWF~aoS)-^ENtB~%fm+zjba|$!4Onm!GBCF$IpLAE-Eu}+(U}8m;J60|
zS6vw#*dW+XPKF%ndbidJu%Ua7t0bf)qd8j)`R{uf-W&6MSS-1$s2uR4cPltMWhYyy
z`@%D5yS$#Yz{Ew}aL!3KwsEa8CTMwksc(-Jy>v-nQi415oULG{o^g4-4V&ohp`iK5
zYL(6cTZBd{x+;+{{jkOgVfMiM*|1ixgx+1s?Ov>CIQu^Y`KgsL)in%fA@OL4w^+Dv
zH3SIr`X+6?T5QEOIq{%z+Q3E>5l8h60aO;~0gg(HQB?LkAn>l#dc;Sk5$r8_5!rd^
zC1l^my5%|$;x6n>oCd?c-!N`4uyr6L-I`?H<qiITQ#}eJ1{}K+s-Uq2jV?9r?QZTe
zMrF%88W{HDbcNs1UvN+9PDaYIo9)hISgv7109$yS^rXTj2@dn|WJm~U(mm?22hnbH
z$CIvni_}tth(ofoLeA+2c;^T~WvFVPEfsdyyh#ror+w3YlG!(@=MMlD*85wP`M%=M
zjuAfoI9-zGd8o#r$b!-DqD&pn7Vy8CC>yo=922!<nIDr2IisTuc@T17NwjZ8-i8O}
z8GQuot?ii4M3c5<&>@amht*dt@RqPZw(N31;EK{k??hSBv!CoDnPq+z@S5HHtE+o0
z4v4+9G5P`TBJ6K}l(a|v%(mD5%N-e}V*BTwa8}*awMa@w{_L><)X~y{VU|gHauPsS
zAe9av)d5nYENB7Z;1raL5wL0LfkZymA)ZDff-6_1x&ZiHNjI&xWp=Z>a?^NotGO*s
zKdq}o-O{!+I)P-Jqr0X-b0URO%_hg?Vy_2}Zq;e_a9jwW0BZ))A?~Q`JDEhboBS<9
z-$6AiwnNezPYpnB_^xcZ9G0AE-N(tsinOag)tUtOE&Br+g}Z1_>55C$Ck)Jq6}64N
zTm@BDatk;kMXO}?r)#NP{kO_CH?;#Ft;)h}5wsyr7js1~&g9~l7Fb~BB`<Xx$04@f
zK`S&4nOPYHCXy}qR`8@ET3BTwiJfv9V*Jf<x-HP|Bk7KH5ymCm%cW?HXJ__ZdEj%#
z=yONqax4w=tNY)_ky^APm*!pJRz^@0sOdT<v`}<k@(Uv5TFrI<+~09z2$Hp(0-PmP
z6}n`%g?kB%4|E1LHWe}2DNm0wA+8<b5h=U0<T(3l;3LYG(6S=zIBkQP%1I}QSQsSq
z(CU`$B7k)Fe58+Q5Fd!e%tO=f_7}>N0Bg*(i;ZMzC_|?TAmVb`5=jI`8tJ2LHgj{5
zHT`)k<`yIbP#Fzr&0s$udPG3w^ekF>CK6EAAJ&1mISVqwIf*!}K-{d53OesTc!Hty
zFXz5~Ev6IB2|0tx^zo0Gqy&)CfPul-CpOJ17nstQpy<{$)6jc&HV3R*R-V~m96~uH
z$)9BwhNC{zc=DE}tiu9B+Ufdg&#=}^kO31IAWaV%?+-V?kY}()qfAR|Xgw6Op0^Rt
zB#^XIipCO!12H`_M5P@-AUL9wYC#3u-2awJP>ZNfKqJ(g1+x<xU2FKHywYfEAqPo#
zDMY}0U6AL+e0*@>GH(|lHH)GGIyFm~W*yZG5Yxh(A^jG?iunq5$J>XKxCKfkA<gus
zJ28uSnJCIO?vLGyC6#*R63$9{)rk85(s|OXeefo1H>E*0Bj6D##a5&G@JcIm{qz!o
zt2`WC@0iQphg!iX99%rrcvJh574(MJ#nv+K!utRzh?z&-5d}Xy`=@wR*7m)#7#)89
zN~k4pd(s0?_O~4I*xAF1fj*=n9s{Nyt3WRt>!;wy^;HWE5Bf#BKn52ThO+0SHq!40
z_#dFRg5N??k`^~mF$U#KZYk%O48aJ9wSvPcQ!p5Ok!d!O?xY0~hpbB})RLYqV7oe*
z&83=Qku<OrtknIm=(}Sfv9kT(TA2Q{F$e(!-0XK69*QIUIDMhQ@Oo?r%h5NU89*q8
z1E0gT?((Ig`t0dWjGEC}cpNgor~Abh%`Ci&0z3&A@}ZZcDL<<;)*`8aqq+hJ+K%dh
z{p$&_gt-~I$w{&3rDpxXc=_K@KcjybFa3J@pK)CeWXQ0`U2BIDojH|jKEcmtk3C#a
zpH&55jBiC=XvsyQ(klcp?wmA_b;nt$cliF<$L$g)2f7}GD$qyi8&)T~TH`bkX|FW}
z*4pM=UsXup(U0q10Q7%2w0*)w&{N1|%Chr%WDV@h(d)>uV;-i9d2RQ@1|RB6ogSEr
zCvbxqQP^?RR+cD8!1-AaSN#=83wcsJy-T7s!x(Xf;oY%aq}R@5CN17*tjxhrJfb@T
zDLS3u1RXg}EQummx$Z2dMc#x;K!%D0r8o=gY$Yl;EQTeT6PvB7G$>Kr-;fX8iyQh5
z=k)CF73nrStR{5Yj;n-w&)cAMZ`sL)L(_xFY?w8<AI724hsuSh)tQ_t)0g}=4?S_N
z0L8Zm(aM8>a;=wD(YNSIeN+zz8+He-RGePCegG|XOTy4sa14ues=c$T$3TSIyZHrm
z=m9%5t7s5gS|E@iw2+hL=AZ-1l~)-=kLQKQXksmF8{1)}?iYYtS*hnTO@@CJ_6feV
z6P94e5OZ?)IY^Je`~mI#E3F}Pd~tl%B}*%kLn1CvBsDE!)iN7dBY$>xMy~6YB$s<o
zzYoDgHgIOII1RXkeM?)CVBSQRqr(X}q7L$`Z6(7YE5{B=<(i;9swHC0zyT>0|K3;G
zDo%4Duqk+<x4(hxc*tLgO0w;pCJ$L}y|a$H)p8m}0cZNwPX<73(usIJq%brPsKj-p
zF>>n9cu)47!1(yPzIQ}NLsjf-9<59}70igCPF!(MaRPqpK2m|Q@9ic97kL&fhpKa;
zG{*qeJMBtpBP@HI1Ew8RAfEvUd~(=x?U#VxyF~u;E1@tpRQJoBU#X4xWX8VNb#Ev-
z0e!lS^GAQGP!vJ0l#q|2q<AyXTDAkKeG&E4pj5tVVa8O0kBQP~!<Cx!W@S%Nc<^x;
zBsg>A(Y0|IT=GKIuUyFtZ}!Vy+j?B-w0GOjW%_&w%TeO4h1(+R`3Re7Yo;T<S^>w^
zp2ifUFUY-A@vd^oP%mwWeO`u{nPXIu4_$zxOyUnc7Ijo7@EL4Y@Y}cd59aAUEUJ^+
z&n&DbDAR=d(4<y1eCKYR5ua(5n3c=)IQni<XB`OKQ#*9$#fdgSovP_@Ye&Zh`frpP
z_D4(vTNp!qGhKaxYss;k?O>yTWXK51%G{8TUduH7aeDH<O&AHwr%W>tqYS@fkmbbY
zRC0r=47_?cL~4#-&cMSFCKCR@JerzVqPo@K#!}K8$LWCA{aS1r4$73cG)@n`t@6a!
zo`ab9ZsdedZvg3(-*8)UYtzz<D=X>XWE=Qi7-pBK5+n3*wJ9$=d)9)jbmJ2hDrd08
z@vpEPKI3$g2@>)pDi@7!?@TZB)uGUWw82xxkQE>O@wvUykDFOJ!ig_4nn}rbAuL|j
zqvt69!Us@?<x(_^W1iR!-v`14;<rmqC=<PfL^CRCt)zbJY!+MKvvg!fSIY1!bh-9k
z3(0b+O|+`8&YXI2hSFT#KI>6;D%(RtxZo$|oR)kYDp;j~-H3(IuBb9ZSN-Ltm2lfo
zTrDr*Oz3S^AeZ1{&9C{J;dT6Ul;Fq9?ym{v)~N*zPOu*MZgFbZbTy330y6d!k(VyL
zB~DX9_MVT~kvnbo)KH}s?GAGY`;5`IR#fRS+;i$@ZKcD$q-!7nmw3>ben)XoY01n$
z%EY?8;;I7u^TB~Mmg=ez^$k%fNVH+f`39`&YCc?@?BOf{aoPfI2SO9rS2|~ma_iOc
zZ)mA^Gb{vBB+p1$#bQOLmP=IeYr{1WUe}4O3%*MSHBbX&C~?jPAk!fT7g1sRz>nZF
z>C?4l$5?o%%wD{xXmtx$&JZ;$2o_6r&zS6yz%c8f$@EOvc1T^1Vb8H=FzlR^Gbq*=
zdKKm@p8g+saq_lZ@n!D&sDmNfGbMU)uYxQ6NvUiHayf<3BVI>V8pmnSG3?EN@D}m!
zpuIlWndC#`zv*RI*d*qYU#*-O01p8&2BOCNz-3=kSy&DBubT_QLBhD%ra5@yGf<Xz
z;?Ho?BFkGQP#Z*JFJf%p1jsOSx42zK$0G~s4ADyk!eaOhtX3@5D&()F+Jj6@CTPVN
z7lh1Ve|_a>I16(g5lF$buTKGFp%a&bUFLVqpOTj;&pbq4r<eo>D?8$O)?+N=Uv#t7
zq``CkD$wiq-^_Q^6$tXv$%c9TKI)Ly1)#255Y`BGgoB7nnsAq6a$rh>mI+82ViKV!
zAT1?rpr84C4OIpOuCUqD&B%)4s8T&9Zwta!Xn9i{irE~@TwEZ13_`VW+6mOi*2`(s
zt1x<iu6r=D5isYJqx<0D>cI=NJ8A)QzWBt3O{H)8_s1B!9ARnMOtLLbYml|V&QZwo
zMF-f?gtNB>ORT;v?0`YA+9b>rX02T)b^wPxe=hnD7lj@7bf4slv3rPT-zhU>i{CxT
zss~k^$r_7SR$KdV6^6H_V{?wiLX^;!<?Xg8PrMw#D(UsDy#uEY77f||n}mdtEvkMn
zos0M}#y7?qs?_<sX~T_{ZON0MtzLm|OR?&6Td~$AAEe3!4}s_-9%c=qyC7I$T)oAu
z5NJmOgrEk2J*68=0II5S3^>iajT6kY(}Wg5+t3#a>JD{Br6b||*2u}cAj_MeCEASS
z56t#(t`x{7n0aPqin0g>dvLx^^+qA=NhzF&k7~5#d*r#>epwcBA!Dd=tzw)morer5
z9XdM?#*5mvtBphgIjLL^q6?5Fji*`!X|~UGY=+8?HaIfb{JHe^A82n5nKwfW*GgEv
zmf=H1XcIha?lMG7J95P7G}OBD(o*5xLUaQm%>X<U4`Ym{>V7x0rrW6s^{_li`81U-
zh2jSS4(PR3p#0Z~!Fr=0?Lr5v6<P)7M31aaBPShD_i=FXL5k7T2F&v9leG6UH6oRS
z<=b5n-{beP)Zpub;zzD@3PgJ7k52(`bQwJZ&78$4dX`V~4<w5^11My}ng16qJhCH$
zoU(0;#4XAp+a7sjZMFxZe=55vrNzyv8+A3K?ga@I1n+sTKGW5ibs}cXo)0-|b1TOl
zm0a&Yr`Bjlt#3yRit`@6m3RTVQvrKHeqJifT0Rwrh>h;326T?Y73r?7w$xIS=J4~_
zs9M!Z2f%iipU=*vHKDqEC42csI0bA4+x~SkBYV5FpWX?_BCbhs`3vT3rBTqYi!3kN
zbt47(%yo``!OXfj^>JE=Y|i58LnEGtCQY)FNlJ}^^m4J1w4LewH|6g9?-%Yy24nq4
z69zkT=`;3`0FlhFWxn(ogRA04FxIOXgUjGYGsZwhNf8*5*{)ndJcBv26l&bTDI*}G
znBf-1;30l+@E=FTW0nw*dYW#7Ee6t+BnXk>_7D@;V2FC_8I+6E@{G-tI*Pi53zeZO
zf!J7ADxbnBfAV<K`w$cdeuG6ndJF8Cq@+;wDAN#oH*9h<*#t6-np+JyrwOZv!D;Nu
zreL!5I>H;dCQfT1Rw?>g5>u#I5yuj!pXej>Unn7cV%hT}YbM{?9Eyuzzu&O*iDlH9
zP|H#!Vgibooh(|PbrMW9PA-Bzsem;wIDnYQf-gcX`o@knfb7DBnsIff0iH~(JLV+7
zu;e!ez~@;on81^zNZID?iI_uHCg|67P5J4Hp_7fXIJ>@^`CBB5{@+_Q56(NI>~%%Y
zKG8S^csP4VRG2gN8I>TmGReb6SaC?AZ>wAf#RS`8xPHSTD<fqx1MSb^Oi$gOItiYM
zVQGK_5~_UJYdGX;F72rmPfvOa7djpg%Q?q@QfR2Q_Re-V<7s5*qynQaz}=XYRfc5`
z$1JQNfqk|3h2}k0u~wikIunevy{OJ--HFrlm&30IzC>NEaP*Kz_}onqM-%d7JzRCY
z+E(+qLWfu!*^(cyqxKE7%49R^?Gk5eGV52Qb6w@io8vbFY=_WVda^V%AHjwGOd9@s
zKB2R~r!t%$xH-|;0pN!o{yTq+lJUa$*%7?^k)9@tR9o<m@$Aw*zY6jxU!mM8!dG{O
zkuN<)m$2(G%e}iE+ZJ9MVcm%@M}Ln1E>@MsCu_mHtyGIt2Rd5`wXF85pfs+sA|Q{m
z$ZMG?cz9BrR;O$+w7;n>H2#r@l(k5xXhTljoLrxxM-UFk7WFKgTmV1t<l;R1AzK+_
zun_Wz)A7m|N^0q-WiG5-QrGAiTg>_o?X9DmJgC#BbvgnZm_s0(fNYm;D-}#0a<K&g
z<|xG!==7tXYoa(Qb}T%y64~{Mj*fP^6DctChFvgwD@_@OFm&0HiEdN_q75Iem)9J1
zxiCfO6fQtnMvbb)dN>3uJ6jY|%?Q;9TIWFKd&gU<;&hm+WShU0zJ(M;Oy=n{aR9M1
zqSK_yl+K&u^~G&b30tzQY;i~lSh&U;yQw!>=#>fx*{aDhoD1Rz6>$%=YG3VTBgw5T
zi?tw5-#|nXvcR_`-MScHqk9#VGzMHV+XZBfkP$~u&W<TzqG#O7>5Sn77J8zu0Q<A&
z7)TN%=iPxIvIuESq*@c5scfzTW^*_KD1XV<@)A_^J%(x_e1&sesbrffGT&DWUHuyu
zht+STJ+9#D5VDT!htRiPovrUd*MZyE$5_&~yzILgBRB|sO>%SLs22Li33@>+G8?LG
zFBiItQwBp<KE#TODVYGlOzmk%1&ihXQA$fO7R5P5nnv<yZ1!e1YNz;&y+0lw-gPNV
z<nQ?kOJ7_rlBOZSn3E5Vg=9|uw`luv!8IdAa>M5INhcvUW)n;)>;vH8X5R-ZnFG;Y
zet?$xBPml`l1&<QnG~aO8t&4GeYesa*!G!AS5P97SyN(DM;flfHFFdx#2bMV@nUL`
zHska<<ZiKgiH@rj2w&_o$@pGjU)z_F`D)~%LmCpW*%|@ooXi5g9Kmt=@dQZ9*)$64
zAaWK_d$3UNgKW`kxaL?d{fgQKgv)eTpL(%k8W*i4gMcstgHf}k`fvmOQW<DF5HQFx
zql(o9!84CXY9{NnH&cO*buDoW_7Egn8O!+Dj<!TgTgPUOrIe#(I9OzKP};>4-sOC=
zBju<UC=~4|cmX=5;yJ8jeM)=-9);HJ*(2+%V9IJhyQ*s*cfn>0wN!nZCqx;GE>(wM
zQ>-FFt0i`T#sRnV*`ukKD5y9Z_9DnQMF96X=mimOjWTR)i#@h!tsd%QlqOw|umqd3
z_}m%vhIaH)Hs>U=UY{aE>D`T1%(2&Ck}oIq+0JWq<@efiMK`fSv&&Kc76-ovPOToF
z%w8cX?OA}ZzLF~)_gdfApEakfY&&rp2nY0DWd+*t@|ZP#+6GZv{7&fD>ncReL0{1E
zKpxh?_;ssvz&a~rkguM@0JyuXct^m6P*oMbPLx)8ySVs$FyF00N=vmnV2)__@<rRB
z<x3pNQVa(=b+wA9nrH%JU=Rx=JM2XSoEsL$O2`fw)jkWy2+N%3c$Zxd2DrEJ4LgGI
zjnkos<`P~;Q%}v?tFkbDmd37|VM&nU@$GOZtlaf7O?gz*s6o7}nqx1tc_G6}B%7ML
z+s!lPa$?<_9Q)WF`&O5Y5_SVI5rrAH{(U<(Mjvq$$R<*(I6l5cfgtHR0`e2-J>t1c
zxu@qmPQhS*^jvzUlxCoafg}l$a&2YWKgL`|&mu3GSbiLDG0qj*8$Yt65N78!#OoLE
z%flXQu|uqI$e4-OMJ`ELPS<jEB)S})h0rP@%?!PE#sFecPd`UnY71h$P0cBl_d-P#
zDg?uDwmrsC!-1-vRn#JohjvZ;#=A%@Zt~IRXsW3}U6N}YDw_r7mIrdwNwgZevI_G4
zZOu@e=8dByhk;w_<h`mfV@cu&kc<Rgh3&_Aj;LHe55ew-pqi)`{Ebj*h>YXA8<_cB
z0zFWwU`ry`ncU0;ocN%De{+cqn6nP&9jbf{*r4AjX^veNa*I6;Mj$sK_Qmr4D{M{p
zx8Rb$pBH);f|7KzB-JXYvI_wQtPZCJ<3K^S4~UHu+Ej%kLM++>9wFy~7w{)2VbGG!
za-ytMvZZfUh|;7>s0b0zg4(-CiVocvojy?Nu_YVfFa^<&Hew`D2<CdLFYCRqIyS!y
zk^|^*`nsXQCGF_qk$oF9GpR%?pvr`-1QNZV`oJELQ0utdnSWz5Z`qWD8+sb4%)}EX
z&kyXFCzYQK<xtI5dSBnx(U@$bk5BZY4L>aEV+;m^K;cCB9}0($-B=-2+PL5!Vq$1Z
zpgV%1x*yogV(`e|xh`o@U1b_}o{v2>ZU{$QZIpjd)_`8S#2b%b8r~ol6X@%aas^@v
z3km5)0D1$cf4T+B$_@gw@?MY;PD7nAI(n2S^klrJ&!ajTE6!;M=Xq_#qGg)5xE}bu
zs}bZRc%A+U2lWf>4@M7{!yv-C9v0Q<U#3i(azAkMZD{ay8xHPniPKwF;XXu(&#6b$
z!j~IhU+>O}X<b+DlNIR|&e{s0giTIb7-8l^i6T+})YSbfX{FWF_oX^tt((e%6|^1(
zRP$P0Y3&!O$_4k0QP6h<FV7E<q*@ZBAVw+(08?2I`N#edq5MiYbR%LfQT4hBAXzrX
z-!lseA)p>B*v+<7S84^E<5p)o)*~#fY!8&#f#@_Cum&-1k#+_QakJ2q7)~*aPb-6a
zK|-rQ&!>qDhh*D3JN)T~!KI9A>J&>l&{w@#`1p*>Q2Glw#3KB4jF+C7ROo|>zM8pb
zDZC*{xn5)H`K*|igb_Y$&G9G2rqew01Es?Qw`BVmdb4b3d|S-;A<=g(EnA=IPBf<)
zyWusM*&w<t-(=0+3Zy+Kgm>^u+}m$^Lw1m>WY@CKLka<h;zQs7NeFWye!i^j3(%|?
z-?*$trRZUD;`HuXWkl6*p)HVj8Z21_86i4wH_Nyun@LeTSDv;lWyNh>%2J1SPd348
zh3m@u76i~6^cZ)yijzs0EzaPmf)}~QMQ<^}lFWAeiYBq0xVwOy=KHT|I<4lz)w&hU
zRvP^3?tqI=@PBB!)>4g-+YcZpFwedm9a;E2m5gV%Lz5k+SK**3DiQV_K?2$Smlmg4
zzFl0k?iuJz*}FfT%7MA3=YOiLlN`F^@?h)OFTiNJRcu0YvXg`H^*j~V3xKUT|4-Vf
zMoC_w$*Z^=F(YIc3FGu}1f4e^dYjHb<f_=yf!sLRq=mAX7t5=W-Dmxbx3^$JCi}Px
zx9!7mWelG|G!`<icSuoQk3w6Sf&voK+=aF6Lac*EQ9kxZuas-^5{$Hc)@&^5i;%pO
z!%%sZhwrWv=iKHtrC>;?glF_>6>OPKg*}h0phS~G-eqw*VZ9^+V5R_4bwVI#QD43J
z9Fngm+~h<$bthzj5D!h2#XZpsCmUJ`7odhz*NRkTRpt;_OK2I=sUJ0`{$SBfOnDIL
z7txOrxu&y252Q0$xMJ*5-(|tXd&p~)X=>|kP9-4SCQ!YS&agZS_uESM*GgevQ^9^0
z_(@v+ku*FY^=$$uu0KpcK~|%@CB~Y#YT!~_5z4rasWprVb&#gltjyXwkHO0``VVOq
z92i?r4%ID$svIRf5_X?W+>VLvNXX4Pud3n(K7f*QoZibzo9aQ$>zKI77B_y~%3Ba=
zTo4(@%Jc3IM!KGJ5FiZUE0yV>J6uB`bF`k(BkqICS1fKq{g0g1C0+LmU)mT!aB`b%
zn5IvH_zSsjM_iOHQmxc=##<pyqZavPJi`fkVwO}R%tLmSGYcyig(U(Wb$-JBGWw}G
z0O?$jh$2ID(*~IRn^KbBXjyv~o#vJ3tWYB>7*ZVatRZK>h9ceR%(_+GU7g)s2L!&Y
zvot)%P^NKZ20fU-pvwG4gn#218eF~fEu@(a+lRg9<XTz@UI8{kY;;J-DG6;Ypsk(q
zs4ixpc0)0OXIxBa{CWOtN0Mh|0m7*~_(onms11%Hjz7LQDXIa4Xmtf@1JA|j?GHiJ
z(0>H+IUJT<V{+n}D}fuoNba66fx;&O^tyMKGjTVxtLF-mGVllwB=?zevY*b|f%Y$8
zUDpYsTu<|DwmuKLT-L9!^r&0UbyHukFp5AX1{j*>ruHh#Uj!|wAuEe<5|j`#|LCj!
z#2gx>3S%hswgFq>3coMpO;!}xRjWc1{>ACaw}~X2d|5O7kH1C@y?2r^_IZSSATn*~
z18rD=*GBT_<NUPM9wGYylvzqbFnV6lkcXR4F>Y~s?Is8*NOR%|STNcMFJ+>uQ7+IE
zn4@>H<?7+v!`>u3jyc_-abc){g&bd3UUXn}6|7h&T$68J88^QFWx{9UKfzxdc><AO
z+$Is_!LXQR7a5cyd1A85^JE~HlaLQ6C_AHYkK!qb5@TGxWf}Z(oC;4rFa>-JIbw?j
zbMeeimuqlz#NG(7Hq~ReGIvK4O|BIu8qRS*k)yTysAo1<-gy60l2i@#qe0K00v*qn
zzzl-&d|!u`1AC2f)O<&Fk+*JpZ=6SCP!x&#6dMY9#SuGM5*5wzTP}+F3nMQMVjdxM
z!bu$SU!dkqiK;1d2)B?nsmq9PuS92SGnft5b1{#fhd%+x*M89?$YEI2WtNI_<#}=r
zE#AXK-)I^UZt(4I`*mr4W)7APAE>eTvS&*vR%Ua(Sf%4M174a?nusk`g4GjB=WLXF
zZ#^5;T4<YVb_iLVF2>@pw}Q}VkJpTb2mdnY=0KTgyFe(NX<-wd_Q-)dh!2+PVG_RN
zr$im7MM^JU35PSF6Ja5;bjcg!LI3hLS;RYpm!!Di5QwvkxEP3$JXvljQA~9<rG`WO
z&nSy8=3+A(teNS8gCWwwq%(AIWhJf3Hq&)AkY!YWB$D^vjSxEt%$*_LcT#aHlS{Uw
z>JY7qMDKNzmrUl!6@7O1F!`OX`vI1*yN!;Y2EVNC_7FQ~QEVZTz$?DIqk#h}0Fh2p
znPMl<rSg=a{ZHo7pvi0ty$7O&!qeG~%_<v1paMiS2HQn!J&Rrp*Hq#`_wqn6;{4ol
zkwd&v&@*_KmFW>?&cfE;KLVu~3SeJ~6}6wj6?P3HW%5*bUarq_A1FZ!a>TI}u(Zt<
zXarfA?953*vwp=jvw&+}Lb3Vg4&=Q{HPI(g&w{Ze`@Za7$I2)LjS|_ma3S*FFcT(Q
zMk}U*FLdQWak#)e`LnG`?!{^99)!GdKyn*sC?4OT^~$B-=s3NCq;w8iFNCY5fY!o=
zjwZ9AtEVlc=T@I%Ce%fYIldro)N#5D_Rd@<GHe)-SAY^=>3ksu=5eEBv6d{-@Wot$
ztSmCWf^GCGO0cnpeB(}oGRXE>RWMAYa(Dm=b}_dxfe>|Sb5F(&fi@g5SWwvO^fg-L
zDuLm_*nD@cUBqrd;0c4u825QY1Z>a30%SR*i+bcs&~yk1la9LBO&Sx3XH}z$<FN`j
z1Y=_t^~!Q?uaz2z<A%K8D>Wda3y>nUk{KHj)|?<)DiK=3o6GUU>0l$ASm#%OPNVXN
z!?5`%`bpp94G8vi(R2?o3=$rE#6Y29isczPtf%+VEXae+1wIB-H5%E%b?K4>7t%#G
zx|*pRSiyDhcC4TBy?G@fjuQZJkxOvK&%%TN=wr>9C`k-2Y|q;Cd0)n<4JL44J)33b
zId{EOGzZhL8X`J#Ey;F3ASd@M4`mBRMDxHxwj-}WV~^tQ6;9Mn+0*5};6uGv+o5j+
z$C=`|3V6FeC%I0f*oXyrE=~;ApTn9m!eLmEm1v0H_GizL+u1UIm9Sy&`L(4srbleE
zxaof~iE?BuX?iNm=x*_OcIrO&!NG44o{MkkZhqx}p8Ft)4HOELaxD@NuLLj9OA*kE
zQR4KIq`0lH%L?bwvDTyrF4_RIs;N~h$_WI0K;h3JJTj-Qadi$Xc8In^rQfC`vI=tY
zD?F}%(QXSOKn(N8hL&>er(vdyW1k`vQOFPRSlZK^F8})g>TXVUC3VgA@{G|i*mNG8
z`r4A5HLO=j@L<8!Oj99dE96`OkjudPA64a(*$tAi$Ep5xE)pKXsLo}7ny~uF8t#q4
z>1A=@_by>2JEwY)Ou8a&Dl{TPcCsR+qnvY*ld6g1qcDi{45m!!TWHvP6%ONBlztJp
zX#YHxKu@FJJKQrCD8lSQuKiKRC4`4SU`R{Uuw1AFvfE6tf#g!1;!sJ??yqwb8<TEd
z+~Wcx?!oa~3ihQ_g1qiWb{vz~C`3!ZUWkd!t<d8_vcd0l{4?ZQ$8*}lk0~wXa&a+r
z73dZZ7Qp&)G6oqKFHuf0+CDL(jDB74DW7hkT*Sun=*orgVB+*Zotqw66!wtfB>>PG
zfM&&u&jE~Ep04}O<v_jN7t>nV!PD6<y|c^p!#MQB7Tb7v%T`!wD<2*0O(hb@iv2J{
z8pVFJQt9@#G-tJIPNU*@7gsj)RGnhij1@q-tU7_}V25X#RoK}lt(!&!<=Ey#V@lNg
zOlYcGa2-t>66?E@Stw-;*J$zzp)3M~J<-mWLnMk*!v^Mhb4@6yD0FO2VD^tTNNL*h
zg}LZ*p-P{u-DjNJ8`l?!n9Glq&6{eK0%WO^=FUSM`iJ$p2SxdW1Bc~F)s*vO)#(-Q
zIkV1tZ}HOZm_#U7S?bSICusB(A|-0MDqI-cz}}9M^vKm5ise^(TIRb{0uu5Y3;0=5
z<(u&Bf$ot#bm%11Uxb|~)!x|!ksk3pFP!Qq<>qdszaSm=`xnpTkl`T7*DHn`aWoQ+
z{z276)l=?x!x!*t`UPN=tC&LEO>o5u2&IdRWef6GpX^@WM5=0tKuF~w8S*i!FuQeU
z@=_X!&Qio<wr=4E|7+-ib|j0)DPZfxI%-?1Q~K^1B@eN3uW@zDRAy6H#8I5y{2anW
zIyzCzwIkE9DV1$giFq``U8EML!r^`OlsD-VwBn!zB&{RI$^>YRat)$WC?wT_%Ejp&
ztt;b&51}X?2bKGp-DD5ydP!z$dFo+d#BFaeL<a{dHJlj}>r+@RiI(zDcW1g26ksvt
zay5R%>HY~J3Ld|hXmNFnC|q5iezJD}h)$mF@7RNR9nG-GwShW7ukI9~L<c;mX~qUe
zsfMZ*%b;B@f8;}H`YB$*i3bIF>+}!pxN?|b3p~@M2=_7wnqu556X7;moj7$opkuMb
zIAnmv$*1gSpi3`)#uB9T<J{}7SEUlLAwSn1c4B88KCdi^oQLFTpn1`~6v^^#HkT(b
zLPij%R)R@bgKTkx&UnC1+IbdgrZ#Wx46=3^xR&HPiyIrE04UR9`EA&J=Ca~+IT#f7
zL(?zd<uH)&4z6&jeC+(WuG%cPeC#Pia1%+dXEzS*=r$WAyiJ9LqEq~z;fPcMtbHga
z!rBxiyrNOlf<G#Jb#haBy_G7xo}Di8lJz4}3{HsfU(Xk>w%7Ks?Pb3;Mj;nv-z{eb
zNbJQg`vZDBh~KA>?I&EKoiaR6)`r;$u6+xoW4;WQJhic#gZaVFFi(Cd8w5~Vt>{iS
ztN;F(0>odC4njIK<{3HrJq$n`=s+_9%-h8bWDdA`xg7cnLWRX7K$V02?2f+F;ruNI
zs*jID!fyP19-k;(IzC3<#;^VG;jl?K)8)G8<2Z6`S?0y*47AE<*iV-laI_4E>BcnI
zd!e~Fc8W35J~%?)1i`rmTz57_NQsBMvzuu-{<kJ`t&OnfX7HN`srfLFgD1pjRVC4&
zh=jDW?L+J>$XbJhcr*d0l=2oyGQkQvK85sE+%8rUm~2%!9=QYC8cT&e4ci^OXxU1;
zbW2l8v>I`G0#A`)t-t`(6TX$#kDhr;%q`k;$O6adVGP+pJt;zkk312$Z?zlYy$+wg
zEht2RtQ6)E^c3C?(h9*zfqj5@gZ&(*jrv=b#eNz38!i+p=cbM}_^`te!S@`9&e`B^
zUm7x_y!_e=R2JV%JMCg#wP+_HlSeO_<)%0BONl1*E(Yvf_Wb3tVnO>fxpDd!-U<%*
z3TzVQ{oq)Y=a&Dr8Kf$Fv=Eo5*@pY+FELha&r_3NIzsQX<RAwBFYg?qb8jQMX}*AV
zz5~gUR-_D^S;t1fCio$@BO-wfM{TL~$tLJUq2CaDA#bfb-4)ytMv*vv9XFjF>*}GK
zVZ1BW5r2=HX5oJEoaOu->_4acLLjatns^Yt?m2~2{cHdsl$%Yh;t-~&oTNa}*nco)
zpsBSxvjJ)tDHy}h^~hjV|H>i2l%0c6=44kl3Y-`;`wL9ZGLGD(PB;p3ESAzrZNOw1
zZ7AE&<z1`?FOz&xFpb6Ols!!-7mr_0t&GmP=z)561Js;=Ao!*Q7z{Eu>XJUn`)wBt
zLd{M+B+66fAzcM#C|j`j3*J>rNJez`hZjIEk!Jow^b_K;h+;CndB!^mt>kf-eu|VF
z(MlHihasrhQO`D6)cFV%o1lqcGot#HHDTl!5OYSs0||#4X0y`GP!#3eSaPux&&cES
z6pXkkij4ul|KtYD$cl73UZr_id)H!}bSE4j01@Y!B#O{LCS)$?Um$}nw0A>Pq&xKT
zTC1yOFW1qH{72Xc5^U0fG|Q}eS(eEgT5mTKobOrDT>4rGUJF?zwcfsHe%=D2%g)Co
zy&dcv9;|vu5kTZOg6k*nDbSmYmLA!gOse!bBbmx<=>qeCY${UQ)!@Ipssq?dacXi%
z*#hKQnK+bnlU!2F8jEddK|abh0MsVXG}**)IvebXt|hG@P2Gy>NlwuJYEIFLM1~rJ
zT|WpYPV&uM0{)3-5paX5PgwT^5}nc)udwhDP{Tph`lXPy4ro#JFDgGc)?%vxW>zB0
zLV5{$TDq|T^+z!;**pL;_}$PFfSg?}UhF`?z;W6Q7*_m(6Ui=Dq!B89z+wg2JXZQi
zt%Jb8hkpX-3>%d*TP*@<Fw3b8j|$isF>pU|`t-h>!X{<Pe9POYYa|m-oX!M2V~0MT
zo;ZD?+w3yoDp}!);;M{h+URs(dgeErHS?%j3hmu@@B$q5!7I=R9dvUt+e43I_B*>X
zJpw_^DgKu?l`eR*4+Jk>jx`O)fbO|34`~(Xh%M6j>%sZr)q4B(p1ZN-CIwlT*9Wl|
z)TQ(&-cBM_{79}uK%hllsx^OZoUR76v)8u<b$`ze`dqrDH3{~D>ud8!{nxonLC`D5
zX&rcJ$xO>)bDTa4!fgZ;nuQAEVlbdz02rIoxnz4|8a7SN?zHJzSx|mlg4q{pwzm?1
z^!orinG=_L(c8&J4@-o-SZcV7{PDZ%Um9b>!3kG_t%blP+h_!^4l~2dx}*TUo3qM-
zkU(uax?r?oPW+R0i00J9-yh!l;KK~!nNuI9e*qubT+F`#g{QTc3jK}>5B%a&1`n_o
z78futu%$S!tIBUINW-@q=V48f=%2yaI5`Sf171CtTyT?xG({9NGi?HHWOx8vfTY0J
z>{+M-1z<DRF<;3m;_lnh=$zU93O5#FwF;4MezG5&3>I(&05ewCBj93%AUh?l196J<
z^<K&pz^*wdYJ#=e02#yo2<m`vgAyleFmFq9&=aJXL`VWAIuMEkRN#S6fPd({-F_U0
z_zlS9KKDxnQvU$6c35i5k?BU1UC9yZ4{H{{rD1vT+Ya@g0?`2|jD9=}XxH$%1;$%|
zpQX=W4!mzlBLSb7LYT&o-WHC)nidGsv;>Y?pb%k&pz&sX(t`jzX!+@wb!NA8^>n6a
zB_05O3`{Z&oX1x<G}A|1yrWpSkmp-?7_fVx=QIhTcSablU_Rv4%dWu=MnP{Bh{z}o
zN7aj9{)eVGXg;Xd<;?eE;bNx0dgyCz04Y$hKy)*ZJ(FGo!1N=Y239(;y_&u>QiG2|
zxz{MtfIQFXG}Gy(E|3h)p+DKCauPMASC=LYP@5T61n^z-ARvP|l2YJeE1-=bnJ!e1
zwKf6Oxk!x@48q8W5on5t5~t5NNA=)H2V)Glh*n@JQ^_v+K?D$?xhVQGzoN){imKpR
z%@NWi00Ce&dJzOLls}=XFq<5JwFm*L0$)Mvuo{l)c%l`k-~$&Ir&+uRP+id;<FpOz
zimqrB*bBW0m_?x+EOKX8E3F3Iw1_jc3LWJtxgexZ0`Me<KR9hL#o!DNWNek`(Tt%&
zp>7IcBPlOYGZ?@J@CtI*kWKs(QyhEJn^+x1yx5^kQdF1D%H==NMS8)kA}ddx1sdWP
z?!#!o*pcw+^wtoA0o8Exu;1Da2mieX^xdA^Vs^}pcs@@vJ;%bC%qu;Mp0z?plT|K&
z^p=LagbMu=6KepY=)QF6jMi31Up61%FW=9{`wT3@A+4~Idedwg2ee@n)2u3D9t=+L
zdP~lOThAYX#0&#KS-hHvYlVvR;t@8j4+A|+QIC@SLX|Y`w%E}O1Fwa_wfU61*Yf)q
zU?{^5eDJuVA}>o{gYls?wIz|!Y{NOsDRDSPPK)1km%k-+R~pa?5&(HuJBE+v2jL;w
z`;49hdI@k=HG9@01PeH-Gk#EHA)E`&VMRq#JCB)WwB@a^t#?qJC`lbzyz7BFTvaRY
zpSz&gaP%2p+taArK*{oE!I2qDR=K?bnr1_eAKSS|BN$WmQmCfqL8N%vv-yMPN0rDK
z(c_pVS1ru5^c2%4rDH@fJx$9r3j!SVIWP)(QJ@7n+cS%5G5w6-;lRJ@4nzo_q?Jo_
z_+Tss$ME|n$`G+)0C+M`I3@t`?EW5l^Zq~XG~6ir-$0}Y>`jfOu;?})o8nX8U=Qi&
z2IMY<!mfEasE()r;F?!5|30%0%7tZ+%dr>|(#MoxF7Q%m_}wedsXg)jN@zwpER8h8
z=^+L<uzL!6M6gxEUIG<Z0h3T60Abz6nWy=ew)_lboQ{F8rBwHfM+(S8`&4rdd!+`Y
z$G|beC9|nDo5&=gxutWMBS3^DbbF9=m2_}Bct@E7x~Sc}iV`J6dw&lwj))`l9H2u4
ze1m60T=5A(TW0e@@AMj=6%$WqU`u1u!g~{Z|1|JG*j9K>SGJ>#Ud9+0q4SuOXnJ)3
ztKrtG(re~22qi!u7YPYd@dE_%xlV&3Fizh4qE*Wy4ZWuQYuVx^<OUqtW^GVZGwPEq
zcp{jS;z!6&S$05I;j5Lff*ayg2?@eVGGP>dWneai<K{I)g{mBl!D87|Ne$PJFiV?H
zsy)z%>Ht#|-GQmIi!KBmTE__(X`F(b=Ja}0g*_85sAv#v1g7Wb=IGP70$70>4#D_X
zkS4-DFbZ|8;fm9V*b8FRXDcq^9l=v5=$5IQi+#k0iEQdbx9F^(4af4((3Le?El#)K
zsqS23m0-@W<VJrq3qJ&l%NGGRfn2qxx>`G$bF>Gxi}BYp8_mPegm3;heT{E+bTR67
zwKWW_73-*2N&6)Gx%@>Tb<T+zteHx<Dg&i|G0Ya1Smg=M+fj?4KaA5aupBCfg?I-0
zVaXxB+O9MWFAhvcCpo(dL8}=+hYgmjm|O?pN4!B-K!Hl%1*YOWS2utVLerGUbOTXc
zgGY<EcKA%wx9y3hN1(S5*bylY85uP2*u=(xnw6|kS(Rz)iPK$vn2{$2zH2`!B1RSy
zdL5DXCC_+^;UUTRP%^GMbhKG;2k+6eIlQOEt58JKeO(?8`n4&&!aBw1cn{W0ER!HZ
zOqP%fEk{oRf>;Bz9=YD;*VE6j>VBn4{~ED_U_re}X-WYYmuVwLt#~tP29gwiFr>3h
zcfp=2xNZ>kgzIy*4%Z0FtWJK?C#$Lj6-1~oi#A%Gtzn-20AAnLDR82<q5B!42bIDC
ztSV@#s7Co2uKlsa=5pvq*pzHFQsX$>QJAV@_So{}WtxSj=;fffK>5ayD=M-T%>QM2
zXeD5n6|($z+6zF(!988A@R`&q8vV~d^M-nbr~#NDwxVmbII|&xECcxwDwUW$i;l+{
zc(J;V*!v&nAh-a=#5rg5&SQMbs&uP6E8vA(&IUf^T~4zwjkyhJsivI}3lXQ{2zt7D
z6IU7m0t@nqYBuX4h4E-ttbx!?7Ichm?4O|CY-<WfZ|o(2H!XaDyzb1p#*U7*d~VI9
zOgv=hi}MIeobE6jtV@*q)DgpkO995J;k>_XqlI3iv@On%_YVNKN1;Y9162m8LwTA)
zK$xYOBZv_mdx0=dbRa09Y*Wi{F%fMFG$5FtrU|_c6EO^Cfrac1^5OyQ4Il<OhSzWx
zO>_O@6bz^}vNZ2>DlXqNi(UY7=yUR+C_tE@7fBbJT^|q{1q~EjJleHGtr$kw-$Ue?
z{c%#|lT+B~PArIDlHNh$i<)s}w`8IWLu4$Sy_KUcPZ%L_eJX==O-%@@T~FPNZaJ}w
zCM*m+7v;>A8@oH;50Ov|AVMjD^mBTHsr}~=QC5i~oR9O}$wbC!4ptNnMKtj%rnlax
zP#9^!hSk%Ul2EpU9<$&3k|Av%G(F`*QY@O5f>qf%>BCfPvOOK7WLbvpfQ-`42~Grs
z%buKJa999>TCR;YN}`EkbGpQB{#>-qsV{9*BLDk_#dzi^5E?-bbSBWiDiz$m2JAy)
zce)MXsX5AEBMA4P_Qe6Xffo`<1)4#Ga&!=e@81|Uj<sJQ-;7XB6;okM*xPOKF-`Y0
zSo^3uPk|QY!-1kSbkERn6_9&sBb~kDkqr1a%f9P_80@OvPUE@2BgW9Ig{k3SFti<(
zJ`U(%4LyxPqi`=8|Na-~mbwp86)*<GZGfD^xX+nmh!zx5=i@--dQe-)Cz^*#eb|;?
z#ePIZjpX_i{Q^2G#K8jn)A``;7;r@k`xjhekSvTl^ru?Q5h)i&|N0xgvJjf)tydqg
z*ufjeuNBJ|{XMKg-l74`*gLN@1*=(Th0n{mPt62{b1l7wvcCWVp!XJhdOg<8S}u8c
z{~EcxWg)G{WsQbH3Hqcj0S-I6bFJEdKO6MLa_ACtK=Xh$#8}jlq4BV*Ws(3dWWP(%
zsX(v_GO2E+QT{R>$z#@gZ$&y9uvF}wi%&ac0qL>{VfoV@Y5k%5z7Hm7v-q?(rUlh&
z)5z!n50)JL9jX_ko$&E$h~guZWu|Wr6|_KOvB>t8_o3&Y^)Au0g}hW)SC`DPYji%1
zb(Y9-4h@kr6&_&goulv1-=T$Y)M+5OsuOtBynq+)jn%`<bKWDN;Dk7SWJl&mR*}_X
ze$_K(FMz1~D{w2K`-Gns`_m}A>YHST2099AY=I(I#%aH6El|ay&cO>YjuBLQ6d;3{
ziB1+D#W9*6lB3I*{ZDS`Tkg^5!HWHdm5$!^AqVviesC!;X=gwyq9$q%NI}(T(R}1O
z+6(%$9gFEqWyA?vq%RKmdmJianAnxt`&Fn|j9!e@EC0etP~!D)rENuS5!RT)l7e8i
zv6wxzk!dW0X--mV`p3`ctweCArV>y`Va|#+VN#pLe9876jPeOI_<6$jSy&2RLPOX}
zBZElc0S-pl+~_7ux#i*IpZ0vD0I%FZg0Nh%Q}dJZbUPZu(aE0BlZS-;4|2(utIY}G
z@R_w752Ce(>-0F`9<<jf%=9N3neor3K0%!a2sJEWeHQdW;7k-b^c^rpYHz@~aTg1t
zz%W+t-2!w0yCK0NHrJg^O~LuMAs8|9#T<~3@lhDJ%nuy`afI!REP~bm7YcGPny7d7
zWjWo6M#CjnqeXQ0YHurqq_`MID%BLayzxn;<H<PvRWpC3M98ttMNuL9T?%nzj>Ra{
zK*}6pI8+s2ib~u)dcca~kJDBc7@%Zo0?8LVm~3hi)x1hU`kVtk^|1AP7AzgRzMhPk
z@~i0c8Q?zKzQXYYtpuuHySZasvd0(&X#-$uwRSS1ZoGyBZz%l-UFR5$IL;#lTmkKa
zc-pY&Y$i?=?I~42^(d&UwGOnfdZDN!i7n((cnB%(fvAO8-uNmi_xYH+a0n=jSJ((~
z;7~>)1;WdgA*{+lYOA`<!;7kp+{N{&Za-jq7@HX0_KnFLG-l$GzHzO2$KEQm0#*z8
z+4O3)rCU;6X)pnTw3M=D=i3aXg<JK{uTa!BFl;MNxNy;Xc^t~-J8HZz)f`=ZW*O)W
zgYakYrVh~nj;QhRF2USfF_i{A4OC<5R)K)LrgY7Q!eqeXx#9pT+|*-A@(762ISx5O
zx(CkvhL~an$=c5LU9EC=O&DQ(b|IAAI}BlT#dIKOt0LLR0z+$n@f7KF$Lg55*NET5
z;!LyHyW!~%9#tuTm0Jh>6^xQMdC8wa!<EGhw$^`v$F<Ff9NcjvCdW8!(hAoa5QLaY
zWoWm6)<{}N;=g8mqEz=pjE=%Dye-%5>fS;a3@TRT+Gr7e<luXfY3WFG(G(mZC(IU_
zVXl;5AHs{^DpkpKXF1i_L>N3Z&W99*zZ>!LQR>EXYQV`HhZbSTBzogmoJ+K~Cm_J4
zHYQS?=>>EZnjBW?TwD#^7CZugOLD~hGo`1K@xw&ft<-(AV+z}oxecnD3*^%L<bBL4
z9gTBLK>3webiNV)c@%9O$>#1vE<L+`0fA2!cL^|Kv}M73dFwu#S-!~+!nk2SK!nMU
zFkt3UFx~4DC#A9-IXVm%pm(#e2I*HqK!F;~TWBz%KYU*3G90s|;2eD+k6d5+l69%_
zQl2fzJv5_!0-mI%7eX4V5_7p!J>7zvG_Y?)8`1aC5T(!jHb$SS0;u2!Pu&^+95<qw
zb+ZwUcsH)yl1swh?j-KQu&wCZac4dRCl+^gw5OYnVqT5z!!3y|&|o%hqT6vUjXb?+
zs5x-zIzE+X>g-N8(>HLc36*_PVsL3rb-^_$(E?*9*y0=|a8|X^58Ru;G9ksJ$R+v)
zMo-oQ>Tw&yX^e&T!cQ)MLucYgBOI*0g#TSBc*-zPB7Gb7E<aP?7v-j`UckRt%gIpA
z5b`(tS91u;vt0UMP<;u_viCXV4SQz^Pwtz>ebKJQ1<@XN89=xk?Mq}5pgbcrF`OC0
zS-}_3>~85}aRd~Nzv@U0z6Wu?|BwdnSM)U;M{5T!8HFv0zp3(#;awufk<o)+9HGwe
zWbj|)64`xG+8qbgku%Ud3%^$B2ejjV<djFS=#{j;T=6NiOro3d{USb$0nK0CZUZQK
z*|b3veQ5t$icZ3VDyHM>IDDeJM<Nw3P9~ax%^6*dgZ~3QsstH|&WS`Q`l&r}^jUm;
zAD`$?Bld5K&c(|Q*!DXFNa61j_(axSIKP(uf=~3Gs;9;gT~UkM?yZUKGM4CJ{Ei(|
zJ0vz4UO@zDG<I1<P3(6#n1zF?hMJnH|AtU?0uILPJ2o~NC(h#&7shI0cVc?)<by9&
zjELRDbB!w_QzOHxe}jX_Q)&pj7LoSI#Ol{7h-!2resbe<{Ht!nb)&5Is;|aYS3iu#
zvAPkDAT*AsUWBJF(~a1XRCQ4dufu->R_kVr053df-&$(MC;C9mOSodKKFI@${=9|;
zoS+*P%hjjjN}0-E)MU|cx;{CEul^<8B)XywtCI$d--=K4r!`oE$9OgN1A?qrg0GYD
znVO4YeWQN`+8=ns@725CEd8InUo9nni_!e9y7mI_#dqtoU*-q=t~y@(GrX5+jG?jW
ziP{OZXIYIrT~+l1_o}WL=w2y}PgIT|s(l<!en9tnmg=Bp(2oHfrg0iS>du;)K`((P
z@-(imt{MD2>q@``P2Dfbz5Wfo{!RDFbdWoUt;WRPfU{G#M8^zi#KGw2)VuO<Chk9P
z$d7U8X*;&Q`kTJCX}^rr<8m7GE{3zG?qGNQh@lssO|*?4aZz;Qpi!95{q+^&aYgNJ
z1IEaJ?M7V56d8ZRPIz7ory2*5b@Lb2(r56&G-Lc*>apK0#rcYB@bwx#gPt7_sfgk&
zreO*OJ&3K=mowi2jQtg#K@U|%Dt?RoKZSdH0eh9AQ?gO2xE)V;0iT*DDkIU64QN5)
zB03bGnlTj-&jD4eF{l0qz1as8ePSqHp#2`eAMf($W?WgZ6<@OstfhfB%kzH3ZFk}8
z|KT(6dc0BS0cI$=iRWc2zA9LC`4&F47sn!=1BzZgqk<};0KFyn)b587--12)cYNgF
zD6k|K;UfpX!mE#*iGzwt4D(yqj}_m;*G52d?KLr;k%3s+=x}^hjKkMjd`5k%f={g8
zWe`<71F?DND54Qm6{(mz2^bNd5vvD8qPqhl%6nJL#;=p{8TS^35_*8E-vl(PTfPlM
zT?-C!>^qp$@9>tz{bMhX=e~o(XeA)AVi3Og#I$>PE-CsyFuYc5!)R)UV^l2zBPAYC
z^zW$(iY~z8D-XmM{}{b{q_PwLujSuxSCes7o`I+RA3ozRMa#`U!A<*5!A;BXbtgU(
z?~YXd6iDah+wl8TTynt73aVt^w)63s*dU{n+XhX;c>i2cNzn@c*OjAjcriXZZ^2C)
zu(c|?@bv&bJFk_Seli``-_2k5<E!#l_}YCpP^;OI=-Kz6Av=TUkN8ZQCzoH1bJ5mm
z5vsTzzh1#-mvfm2qqXWPd@(#$&c@nj@!3h(-7BL2)=_(51}EWb6+U%euZpPU__%4A
z6OB~7f`bG0#_7$#pcPl)=xM(A765>KCqGLzKq^W!{FML0YvS)9d?M>I`_$4k_(W=>
zHOwWPrq41?sW@OdMNh#!m1po*1+ITO685`dc@@zG_(V>QL@J}$53J{j{4G*(b`8-J
z_(VE!q7hJg9X^q3Bb5*1|4x9~$Y&#!hXX~OgHPm-k%}Af{~i9_hD|tS0`>qtk&ofv
zQvB%VgB3W~V<OJr6S)NaS|hAjyc5x>_(c92SA7dVuEkD>G)E!>S3j=a{dRfxyXV%@
zuz7g*y&|zYVnom4WMuEixLTxNBy%Y?E=A6Y)Kw!jwWo2=Ly=vm_8=_Z2Hh*VpvXCq
zk+rDS>uIdHyRy1^q`z@O1tz6-C7QFk18jAQoQn=n^U~AkbYNduqdGVh*Pfy~kimXA
zGNGDNCfJPwZ;TA15kJQWhw&0!5ZSZ(R$THw`o3Cz@CA{P)sN$fKiaQzAy~l?W6<wG
zeBa(UvX{-fRF~HgJ%>+ZjCVoo#kKDa{cSBKRUC?0+REVbas;RhOB6i~M+3KgRyGl-
zrCc<pmOc;65t*cxvXftE*T^JUN^_}aDeXpgDQiEcdi5-&-RP`@r_o)?5xN7<QreA9
z2cAZEDeH6xo~5)K-KD&OU(zgPqrT6xl&9OT<1FRFYH|kS-@sYFQaj=~Zd-Q|rtyA!
zBKJh99|wFa(P#OZ$S)&fV*di^VlgE0L}YO6SsWaMgUTV15mmF%-6?$Vn_Wh3ni`=S
z`1jdEhW_S3Y%Kg9c79~=s53@J=o;PUV)Qh)e(<OlaDi#t9c{yBj~q4TA-4_tmj;g+
zJnC9(Kyw|>?%?Am4nEb_Hli-dLmhqM;g$5Teh&CX8a}sX^s9KzGrA1`M8oItH~vQa
z0dG1C7!KHNK=p8Rut{GgYk=3*_;bv&8s>o5Fj=<&ZMHLFJUJ5O|6}gdxDzA~r(ebC
z`dPJ9c^U}GTj;9tU--i0Qsw_dDvtndymQDPs)URqP+f5V&TuZ3${2Rf=WzP9U2yOQ
zusmkqNN@?2JK@9^(YTFI{3}A0U%&#q0nVoKi;>D*aR(#$$`c}<_5?0o$2TxNL!mc{
zKKM{2Rouhx3yfCv7|43~!C^qpjH0V91-Ur~KOW+Pr-4`Z9t~j>pQ`i0_54ZW<*Mtz
zS6l>~JPByEYFC{3B@TuH{Z{=Q&q?72<Kn6zICvO8#^BYeR^TA~IhDIAq*8S@x;_X8
zXW&z{rpDLxt7tvsod{J$s|)oO{v6L4dqOBW8S_-JC%(?-37ZXOrnCdF%$T6)ckosD
zeS94cKpMkbLG(2IsyGK<!@$#2U092`wGJpc4op|YWPE)dpQ?igY8Z)f5|`mO=uN#@
z!0hA&*s}OkT|S_?0WHt#vtZe%>WTr_mC+G=*DNqW{FlQgvhHzn*Hh}QCVh53&Q?9m
zcWLH!3hw<JK2?v`M#irGgF+TJOCKzei3E0nZf2zENMNQBQ|3xwo<>&!TdzC#lIlQ7
zV5V^z8XXDD(`Y0x(}=mWC9tz~uLtT5lms@?lE7}!SMV5(1m<be5}4iQk-&bgJ7B!U
zV^k6tKf*|0PwFec&bSho-RMeS6g}ejC`E6=Xew^U*Umsov2y|Fp$Fh<aZSac_+n*9
z?AO%*lzOaD#Ugx3)6?AaF7|)L(RD;$#wYd~cJEEtE`P=+b}4pMX$Rv@c|xuJCPp3W
zF2)Xj0-soSG<G~NUMKj2*yp2TW7R;;H}Jvhk+HFN07=_$Q1witCUy-F?koUF)n(C9
zRe!*bPJAMts~K`0Uf_P+JFi9L`a0oY>^32LRki5v2EOZudsY1v*zZ~Vu6(nmirr_2
z0WDYFw!9{eVg6e8hSOBpTr=`yP$W)~SlLoDlnG8Jeh=FUio}%WIejs3tV3x`n@wr#
zHce@8hx)7CfH^q!H)@6!qAhlMbZ{-}hCGeX5!JGe$Zlj^(Gb=Z*^ST{)w0gWv;n(|
z?x>b^N1jILkg8dSWEy1xp-Te1?Sl?7dQ3br=z^A1KZI*NjsJiqM0818^`+c{qf0tP
zH)66~T~bar^7I;AQtcKz@&bKg8BWB`&@<p^G&5i~Ix}E5ni(){)A(7?p2-Y&8ZiU4
zJOic?`;Q!LnrY<sceH6=x8Brf(^yA#n{JoMf{sjP@D97t%%G=HW{?$cck4^hl}r}?
zVN+mUt^mBn&W?^2ZQ;XwV6=sVfjip5SvcVL=7rl9^jJ@$^Vm0ij}^$-_*;Gppdx&n
zdGj=yc{7c?#Lm2#M$f!$(tQeyX)Pqr+l9KF872oFzJmAOOP^pI96KvITy}(~(ZGY<
z=)i;BXyC!LF<<Dsm#5LZmuVE1*l1TxqvyTq^WRI>;Bei}7dxBB)97rTwfa(^GI#TQ
zTsL|)&nml9t%$AO3rMm}pWxYzeKERg0h~SX2CZwI45}Vk_nrT%rnklpqS(EawNtSv
zf1=L<&?t6a<%sGLzQ($_(Hg3~7f9!4`qJI`()%k%)IN&F-|9xe1T$ijsu!UrPouo|
z5tx^!^riCNyT=AYS%hc3sawzIULUBORePYXv92e&$A}eZoQ22L{h$iGgzSwIaEKd5
zh$j6!95{R9P8<LRM3cUaPZ&*l9RSeLq@RET2ZqmlnimdOA0KD$pQjsb7;eOM7wdMO
zGY9)!r5mv?WkZW5{XyM`C3B#?;<CLVUf>g335seTP;}p!Ais<8bvZt<1HtWm2R~}|
z!okv7kmu>Mp^@A6j2i0=Jl1tnz@P0h6AOA@EH)H#a|+MT{jssJzw8DAh=Zy_2G+#(
zm;nligUPo=YN~d^!LVUC=%}gMidi^_e}8j)?4KBWCw@Cr_X->ss$0uC5B$kwXsT<s
z3Dq6KRCk=d@=zY%5BD0v)YonU6&}J=*wdz|v1!9{Gc_K?)OZ)&-$C5gQZtCDvfbuT
z=c)Qan>w2|yrv@u+HGFyJmf;WWV7xD(?yf7nN<CjuWc+1fI3S4qW9H9#d(Fk;pb?J
ztXl<XC3gBAu=`;4V)tS4GdLiixG9H3rc@n<$>*fAyFL<+4Z!ac@O$#U6+>eG59@Uv
zA6yX`5}S`Rck+Q*uWfvw*Q*YXH|w<;zn%3u1qWumeys;(ub18CuGjPWN_)NRHnU!y
zHoab^&0epUbbklot<8GbZO(fAO<!oQmua)t%Wex;uYI)r#9lAE&0VjW2Vg;n>&qF}
z@A?R4jK+_e9i`SkVYTjM`RRs5fXz;A<9HP3BkL}QeM6Y!3nD|G+Y@LAj6>{#$iP7-
zFMu&iU&`b&nu$#u{XJY^8b#7LW&{mA4_B_nZPAUfnvu7hjg5+fslVTC(98Q_hil${
z4!U6L%cx6mwP|FWH1)YrqaQ=Jp0*cjNS-xR-wnYK7ak^U({vkigHxXaXvtr6Dmshq
z!C(Boq9`8stX4);<C4g_{h^5X`bjYNy<A<(DtU93S9riH)x&Eq#nRY~vGZ#7tZl=7
zHjP3G*pkM%Ha(3Z$DtolV~pFTpUX=SS$FVkHN^v7udZEy=f1Ab@~RGa1J502HS%C$
zk5^Bsy$*vhS4txfrU!#Djm}`M#%WKZ8qDBxFspA{Gk|Uxg^P-R+%T=)fzkp)Jg8m|
z@$Kr`BQP5K?0|PL#A#NejOLl@3AMLkh~`RXh^J$SrqLPV_i@_OXyyw~hjIX&M=P(=
zvll%85K{5qX!|=pBcVrCBd&W?q3IWd+W!Sgq)$M1J#uy=Rt?c^H3YJe^^xJVTyw=-
z${;dwVq`}39ll0Uc8=Hs9kOa4m+Tw60^`1c4|a*{96KKe+i)Nv+cpe-7CLZ{Q6~-z
zGFqrdg(gR2v)f!`v`SyeY@i_?cAG&)o;Hn)OdHR#As$ET{xDk(GP2toWOSUq5Lzfl
zv@>nB+@_U?cAFO&!J3Pu{;KYW;dW$QWRwVTc4O5=wMvMy8^NxKJ>G5uYr$Kib||=q
zt97q0a<5Y(BWot2@xOE<SOgk9bJ(bVv_i3`+ivByeFlvBVvF0xa6Nj>n897Xwz2yS
z7(=56q={bEcTeXlkKK9HaI_u%n1U!gkVdD+jQ&~HZR7PEJt{_{cEW`x=nHwaMxQul
z^dq>?w3!R#DP8(Pp6bz?8Ef%h^c?``xM9CmPdh;1_e8+%^$fqqL}EW;&_h2XkA;F@
zGLY4?IH>wA{31r<pbj`KvNAF*R*i!b_~2+bNxTbCn526|o3M5i<Ah$UNWdlawJ)HT
z-Ss8>ijk`#W2>L=H7d3LrMPFdzLe#c$hWlp#BLN&7W>Ja{D^B{KlvGcbn5$fa?q&k
zCztC+23VN6us&iy*~T}n<U`@Ruhv&h!Br!Vi_{3;{UhCofl`&>yFHB#-+jBjlqa@I
z`0iIQmA}!gaqjgKP{8~ijdi%D>d4B$v7<0WtNCDL<(SxEI5-6dkrd{4EH48e{4g@O
zb~z4S)E!~CR5>@Y%P7|Adm7IkGMIJyb{p&X@p@D7HOR6oRqhGgbd<j_8W}U{OmynG
zvS-NPf1*>nZP@1{tUROYS22OFS#Ql_rE0cKy`@`ucj9$;%z(TVbqsl0x06H*$RHF}
zOz}tFSuyxZkci#&*(EqT@-DW=MW2~WG=ZMPT;LC5#$A8LT}(VjHo{0e9@Kndr{*>e
zlJmR5O+|V=ouVf~_cN(eyIs5@r|&hV&k`Dbiaxn3PL4dQZq$7k$91~xTGcja%D!&f
z-e`-y7Mm!(8|Fe`K*mN!(4cv^^c8)3Ghg~ftY*-);6&cjjSXm=nu_c;=#xxaG*`0<
zjm(k^IvBT)){XqmQ(Gd71~X6MY3#(D%JV1bOXd0N;pxR((Z0HocmC8gYo64f^3a+E
zL^f`ip3q+l0{9qQs?Nk`LLyqb4A<_e&t8n*6HbVZi#>xqdjhY<$0CQtZo$EMIN0Ta
z!8KK%#{sLrCS4e*It0JB;rGs;uBrMee%ApMCO$rKr+e^wHGc1m(f~E@VJ{_g{{SGG
z_~cX`UG>|z=v%s-5pwjX$N>}^ffqXkw@ye#C&Z2h;=ch0qRCv2gJ*FdWbp+&byzJ9
zj3)CS92m0rGu<n1Vx!5l+g!5vh`#c0zEaCncAFuKo;FPuO`A;?pV0j=I2#__Zga@u
zQ~E-iM>lPFPlqhpZ9cL{)h)R2IPEUS=zc<Dbl8Z0VU9a7892ZkX?G6xai~}hKt3Oz
z$uC0xe9b<vT;VerzBk^3FU%(T6+V+;)raO9Hwa%@8Nt;@^Bq^h@U__-WFq!&iaw1y
zEB=J9qw8_${0e}Za<h0H9qs(Ak>&*oe+TciNszO59T}~NJ-r)%YzRPcRCMoHCw|<C
z&*c9H4BCVr+whTve-$rPH`H4A)i^K<|GMtpUU<9BUHED(>>r6KG7E3FnT7YX>4i6K
z_QDU<{T+(_%);Ak&cct<7upMN+VGCf!rN`Wg|B@V7aphk!G@s8?|^2oQrm8H_#wN|
z@I!W+=7*{~fPGHYz4AVtTp68T&03^0bR&b)<Y;ts^{3Hzjc(+ro;*HUU;PpquhWf#
zxN&TBI91<1j_Aj_6+p?Wi@mNaa!r7cN4sih*M}KM_5sX9=QH#y#8(eKQw|0IQuO=t
z;BR^df9*9MZaIG+Sgi!CUH*k%^}nv5>0=qnAbQOoK;ze6T0`H#XSX(KgnQ1FSP_p?
z>y>!BhhPn~omz*%ufcL^Wz+lk-}7~#RguZ;Hd#@Jros3+7@x@4s>t{&K!{kO1e<4M
z{BCoJj>jj`QXLt;7>NE1d?K&LBIAD#L39j=QY4ClyYQoWf4&R{a~Bh(@rm4z4nDRD
z)**Z%lVG&{Hhw(82blqpaSt<v#os?66GYZEFRG=>kHN2}E33bO*1zksL-9NELgmO2
zr{Kq(5I!O=RgRC{(1E?f2Y;y?Qx$8&-ocAcm|au#&IX`p{2pIdQ}w+xa4!EoV?fnF
zwBLZ=qt2Qgd-g<NT>Ku#c>gq9Gz?f~H1Pht;BF4W@3Fx97ooiqzehekvFc~|eFe9#
zoit<|9(LzgHS$3i(x@}W)YNr)+s2;(-gKu|@tB9@E>Me$u!DZ7Z)4aRsi*~hQS~+W
z+NRId;CE!;fC;gi`4osoWbA;cwSQ`bv@~8l6!1uqQwEHvZSyq_xi31T`XL}sb0t4#
zNIQJK@Qk~XFk|Z;c!Nu~f7}fMh;E$EjS~h8kG;X&@`Epcva|;WC*Xkl9`RfBeI6hD
zf8O2$yo#cWAD-R2w`?}KNp5<%<dQ-O0YmR0H0cs)mm(TEh)P5e1;HRFHY7+BYgAMe
zh3Jc7CyKpB6ydc7v0;s`73=pqvuAH+^S(TP|IhP%U!G@fW`1+#%*>fHXUfjb+B~hR
zs<Hc(X_tydI?eJ%0$utygH)NEO`i0?0DxyRr35!)N@Q(C`U@Dv=9kdoy{!YILF$0S
zTBe@@u$n0`yowx|o<vl~XfdS^vZ(4Abcsp@W1@0EMN}fQy0u*=9PEQ)UR7p^t8?Oo
z*3awz_)^FQZL5`eGeQRus6?P(wVo)f`=JASIU$)DZJ4*ns%-%lcJ*|%UMY7|7XGHU
zwdM?PgSlUNO!G|iD3xb;`fzZ@JQ&LSIOmn2$-D}z3<ae5PUh8E_`HjLQiC#PPS%ow
zPayCECz}L{>}#@uB`Bc_D+!rjp&K|DwN`qYpxFy_-h5jwq(AAMlFT8%;#I6m$gBXC
z#Ta$n^xi4q(}2~Z5a|PpfLMP(ZXa+lh!x6~8~CmTXbV+aAjFqUN+rpRY9Z@#=%fnD
z#{3+*>3~XOS|otWxIANs!!?>I1>t~00Xl+kVJrv-BVB?ZWM$}_3@RfldnYrOg6f?j
zg>pM%RFL#8)HQ_lJcMw7ar7aaH1wue`RBU9!UwQkdrYAu5f-It@xjC8LL5@q79P$E
z+=a5MSnhNvq8S$z;(ey1LKl9LgWrI;8Y2V4769a*Ympf>3hY+BnZPODf*_ew6?DvM
zB+_hFE6C4gwHkiMtk%IFGpmgVIA%4eb+cKe!#0jtts<Pw>NQ*vDvx7URjk>p*2+|D
zR=067lD1-2r3GyOp*G9gPFm1Np<PpwO3Z?)V9YEyprT2E*JlXPhdGc9l5EL>PGzv1
zz&YMDX+cFk0*(bOMIdHDD=A=GP!Smh1*fe!?LS&p8QOgroR*I<^eT8rWwbU3+_?+~
zaN)GE7(<8c#)~#^+D(R*SvAtG(zld%^rDfLsE5-o^jpPPVs7GCnv`jm`g2T-uQ8C6
zz=y47t1l?MqijASiSly48LUKYlNp3L5WXXAt?Mxr%Vi961mVXzFE|XT9gysv@8eXn
z8vk7www`6)`J5V~A_#{|tQTV#&4EFl(4b0(PNQnQhbrZdLbcY})mp=`vRd1?S`O%{
zR(P~hty{QS?HN?7)r~P%wH#2bmJ4&L)rV87)v91jtyZ;@v#eHsRA~)W>rT5`+c{QN
z>t9?g2Xs|y&KRXyk8-unWl*iw#f-VC<$!9nT$od>OF6Y#t?L<6t5wg~VKf~cexOR9
zQnh~fTd$+oA98Fviq!%+0a8K-q`8TYwi~QQkmjFa*K0PB8UfQ94=wD<;CLd%c7qjw
z#`R=yEI?92>l-8=!65Z-AGR9;)$q7L+HR2fS1>7AVjs2}B)E`4vX?&IZpeD^SDZ6E
zP8IWOtzX4c)ev5T)WQLemUYi4T^xbaj^Ql|`TmiI-b~KyhUC3;O}>njMc3%xfFADK
ztb=G}PfX}3=vfP2Bb;vwaN+qG-p)jpg01=6;K{lVKQiGgtYjm7FxP<dEz;2GhuC5o
zCDrJO5tf*;3sK!P|80<0<H_)M*9xp0$Z02&CV@02rw19N!PnPAOOkSOfiXFKz@*7U
zIuKi=Um%BX8I%e{AhoDxs9mTqQTEc({D+e;u^xs%KP}%!ufCL1AltOQLqsp8P6V}f
zhY>QP7@kznm)!<YlJm_>OZ~!EX72*Ym6k2Y%X_mR=U`c-lO#M@4>Hu9R$9jS5L_Jz
zZ=$9bU`iD^2|rS_A8AG$9^XmHexc=7l-qTvM=C8^F`Nav+_wp}ZX65_7Z=E9Nb8tz
zH3&(pKC*&ILqM=1DO`<mmXqJ<NBfu>^%lOXlFj$P?G47H41tjd-(oC<=&rW0FB!`s
z>>3*@8fX_2PmYD}k~AMlx{5MfZ40`V{4D4xOzRS~3fh8}`QOX5($=i8^LmsqX#*~^
zvF{jbP5G}S)e!n9h*7qOF#$fQ*hjcIj5E+C61f=SlFyxT>-yVO*rt=DzZizKUkRAy
z`Qob}yg~3rLjJE8p<eK35Ad4SQ;V?=P-ds90H5r|dZK^SKrGBa(ft;!OXxjRyAc6Q
zgRr=G8%u_(nEq#!u>0*;@74jVVX!Sgqa-P~9oSyRULx!yZ?Fdx#KEY3#<=uAUJJ}a
zk3l5IMovu=J!5LC;EUjR@&LQ2G%YmFOgArv@;eyKDhxaZ2|fYBPE1Hs3S&XKxd?;~
z<`BwUrZOS*3xghmSf|WG?HMJT*ZmQ^moO6PRWRWmZ-QCU0_>Je<q8~!fL~V_WG~mT
zEcShcHi(e67q#{8gxD+KFC2z#{_7E_Mxgspy}iE-vah4Shd6pT5Jd^G7)Vue6XQ~>
zGUTd)v7)G;T@)mNYCN_ZReKIUq7J#IL4V|H85A-W;72M^HYri!ztGLI@sp1i2z|?8
zA?py3{dfbJ0os+*Db6zqI4d6|Y(g-zo-Il#5H0#E45(!Dw&us)j;KPheFw34+BE~B
zq`<|nrfm`PA5QldN=V(_p9rvlC{}1mp=zM?%DnG7XO!`sY%4(+5xy&Ul<A>@m$0EM
zrF5&=P*zfa`|m=gP6UgXp;SS|P#$1fX(%sqw#)TbTVZ?YZ}dtd9{NVIFdHDE&I^I`
z!A}*Oc`aV8I@{hCGOu*`AvF0ewDZQZhBuyLFGg$hVsslFT@&vABA~qa8A&V0*UaFO
zI%<&v=RwuZhrbvlJRPsI8H*58OR<MEIeKQ)r`bZq`C~NREh*6Bm(cT`Wtaq&)JjXU
zJ_q;~gG~e$XvrqkH^Mth7J)ydnZtl}U@S=3&uM`Pz-BW>T_s6F>&*aIqk<N|N(lC5
z1~CYTq!g_yM(=m3Y+)wlkUEkYXNVHJ;Mammi%!7|DsX8I+JIp{C3XsKF}RXI6g;p2
z)~8UV)U+P5lpPpEZS7Lt0?JcVN(+=!^ob10Iyyz4#h_C3{=cY2C&Qju)!Q!mXR_!Y
z4zV9gp>BaqsKNOh>rrd4l)-no2Ifwb>mCMWU4QB!o1=~~DQ0etM;ViqLUT~<zfsdV
zwf~X9B(?S#eeBZ8T%6jsVo+w|)V>3Q&9%2pM`k5Q*h)5VXmf?{LWO5@ER1DylU>B%
zmrjLA*XkLx2;|DW!kDUSMqj(gE?p~CL8r+58B~i*=lrtPeAwJ<84Vk4ep#}U(Eg^M
z`a{wZIHw<!ZL(?T*D2d@#?-Q{V$4;xT`K65?O8Ro><2<l)G}(Xv$N_Ti_<>?gBKO&
z1%}C<#){R7i>?-{9b;;-<}l_e)^#fA6zf(swcS0x!L*(Bz-9Nek2pnopUVQoH72?r
zhR8_8&seymVVd#Xg+dfxWc%McgngaEwm<U&eC`X5X#PUa>HVwiABjp`21j_2&_pF1
z`A1>8e>oiar`HF>^>FZ`3^03<ZulAd4N_eV<T7L#S&tuCQYzJ{C_rQyequDwBH(Rm
zV~e*P8R2LM&kSXXC(Sp}1%Ba3njs`Tm1=$nOmAx^0KG`6&+(BJZ7P6&f0{I=aU36@
zc-SPVJdr{K9ObEE3RSU}Gv>4s_1Xs+lYP<YwU06wYdW%7&$P44<m$CAF(@gW_I!sy
znU8GG;HgllkD2Q!ROo$a!CAmQWo#5-w<ZVwE^o%9%@`N9Zp7BBLq}NdpV)dm8)i=h
z!=H}ED0$sXoIqxla-f-zW*&qh8(boq#3fB^XC6e>ag1S#04&$sRgHaX#tez2o1Nxi
zdyg?$?`UeU%b9p0&6u>P<FbNT<!-E9zG>Z!Vykp1YqVCuwJ5d=T-YVBtOXVtYoK`a
z7yKNaQqD_??di1OB4Aw^bHo-uuo-j2_Alh`(8a{I33;htv)BeRODPT(+XTiOu^mU&
zQ&l>M?eS_M7BZ%aZ3$zJ*vcTbMU1IpQ!z(uDi#x)3uLjWShLt@YKbf&Nf*Z^F7^ZB
z$Vay+2)%0;>2iAvi8R1W#3naK@5YoMiI+he(HL4ZD~x#`X>B#c?PzN@lQ?20ZB?<D
zwyI#W*o!$i^{pfpdpE`$v6Hs;VNBK5QH-f#pU9XacGA|djHzN*F-Pnw78AP*WU;H5
zBX-}&Rah2~U>2nMUmA>wEc~rc)6DP&1d;|p??YrIMC5a4AcVz?YvMWaN)%3ucE(QP
zT)3pqwZJ2=Ij0RLxnOXFOVadCf#nNvpAmzt2sHGBz!d;jxhWF@2aw$4{Z*N~6O!)+
zWfFr@;+>HEBT#l!DSLtP2~c)ZDSLtPIZ!?~LMc)qC^v)hRR%38QXwdB2Y5&Yi}VC6
z!v78H6*<dhupYEp^xFy^3~uo)M>98_0S2&xrI1%K6FQo;51OT7QnPlUL#v?Ftni(%
zgON(Gf<{rN9l@*|?Rl{p9hosld)Cgw#7V`Xspcc#(~mJJukl&Ik!RwGGh=8pk;L{-
z#T<=Nv6x1=K-MS~i)mC88dX8HfJP+`LAQfHrcreWuto`a_$s6Ed|R+JD3lg`K7!7=
z7IlxzvPIe-B0a_=j!0jDNL5UV^l^w(1?|rI3Pf?7lS@%Rv=8QBmAk~wRqd=MV~)5F
zR>LMR=7{?Sh`W$6IrL*_nFP_cVoVjSiaDZHv6yIGAd6PTVxm2lL`#B!Xxo!$;cpf#
z0#0YG7|jzgn%)fi2;w{yKRn^d5IjM&?c-q*ISo%0v_gay)36lBB#y{wSW+=5avGLY
zu-QIlb8<)IG@2JO=7^j$yqGaZ<c~w-eHn8^PNVry#{2?BgviSv@&SygB3Cg-<SG^u
zxeH{Gt5{6rS3~60Bp8T%1w>v4e@x_!2*kAc0Z7<e#d^?BCvEOJ&NXLrBIP23=Zvd4
z0qEtNkrow=)WrMk>0#1r_?_wDUra0w7O#8E3v5kRr-$W?NpU&T!(j}{Hlc+#O%KN}
zwNpz<XHhqmK}qRM535wro*vT3x|q4D)59f<jiNg7^w7Z^g`xph#bN`l3N|a$Wz15Y
z9&TdHQ79U4Z(z((s9jK~os6jp^$=r@LeYS`n=w_PRLoH*6^kj93uJ{-F-M^=J){m-
z&v~iS!~KjoVxxZOV2;?RAF5caAF5!p*xq86QXD)_`Ghe?Y}60GROxtn_&Z~&*u1K`
za6kN;=~S_)m?Jh7i;2wzve;CtS!|dd9{L$;f+P5`*I_Vir|*DiyY-itX%qSxSSUso
z;3u}a+qVX(a{p{jmA?#u9dJpLbdP;cQ`Q4c`~WN>J;_*MmeVS81D-eC4^Lz-eqtOa
z?*Wqew=(U#LTDm#9ex}d&kqO`Vv{QAHevy$8C4tXu2zFyp+)I-Dc@d*zUDl;lYEJR
z?jj~}TKjjjwu;HtPVesqn+LipIl1h&JkV`qOl|FLj5(degpIqGF{ia@pxeWkGtga!
zPO^(JwY62uX>ApYwYCf7)>bj6wS6m5qIwbxtnRr(Fu{U9W_2UYRyR_o4s?-O9uavO
zD}SdI^wjs!Qp=wX#1;tHh&mOc|KIp2jKk@pjRv$xK0c&Va!C!jb{m~0+vq3`&lTgI
z7wrc~MP7KAR99#dPz&MKJzPh(5>9(RkkrT<0<^f-qWgg2x=D(OtGdiivqqzsapNs{
zy&_`#w-tdHb58in<gUUpCY7zlBgCbQNr_`ufwnlyk%)E`Xs7dPj+ds)*;Sz3XBsx-
z9^Y=2!Wj-8W>D_7Im5xtm)k{^yqw`+JA-nBafX8jRnQ&|{)O7S!dzjx<Zi)6X!z@l
zl@W&FU_Uh7!5mFL1Wi{lsp&6bexZU=)8#C=ma0eg4D63Fdq<l;uEx7$j5*p&vt)xy
zEHR!XH!_`+H)hG_oGHX#jHw!~VvdHZSWLrRAZxgaIU0^(;5mpZp3CG61GJb(WNZ|R
zixw3Q=7@_H6)GmhMT-g*Y!+7oi;GNsZ)Wd^ixw3lRnbgLH%VL*RE)*dnlY&}yr?*Z
zF;!eD=7>whV&ZavEG`vm78hokHCNcm*%5-#qLmXYu>%f$$2xf`&Z={4F~w4ULVp(b
zF-VndKMu*`DzCPg^g(&G=&N9mI#Dw5A3}RnRw<ov1(SM_*xBM+!<aK&`vr+=kcg&h
zpTJ*F{&L;)d)vTjQDB;$8W@hiz;$-UvRSXkv(&(MXs>4(m3hq3dk5Y@QypN?qKs$j
z2_a$@ITwMm^vu8?NEW%)W+sy@)r$j1k*p(wGTBl+IbdR>7|WpSyqD_Tp?DeK_6pZy
z8)boAy<4FfE)4y&0gC5fa>|Nby`xY(6_bj05G7JUsd&C+XJSb~g&vpX%PPk#8h%F^
z#$RKXpV}p+3@(tBLB$+p2)9QC>WK5ic44vrjnbbR{;nF>V#3qI_d|ut$q&_SKMM;v
z&XFgO5JO*ZS-@xwi2=KGJHgF`K@1;23=Zaq;X8;y#iSTMh8R@P7Q^KbLlqT-#ZU{s
zBZjXydup7R7+fHWLB(8RXpq%y7p9&~cST`KH2ep|P%8bl7%IunVtBBn7|<oE*4vHo
zJy>YbOVAx&u)Bm+dn@kp<JiL#>-4MD47LV1>cU76If(li!<39Lc}mH_I#FW06eUld
zI3N|d`IOT4oP0Ks;-x5gN=dJ=i#DD}ol{Ca2FC)7oxaIrka|Syl#&aKoxaIqQklPV
zN~sTn7*J!UlpvdOp6=K-=d?+d*bYZFXE$_aFvk`n5y?hY?=%KUw@dbFs6br9X1f|c
z5M8t&YKet##O1a%IJL{M^h}SqSR~DF86;^IoTL{?aXO$&oDS#~XO}H@mM(D)X3!<h
zVGO#&IfX%&I9*^&oRv)K66bOTRdGt`Y~cvf9I6*ovu2xJRD0%h!DLH31qVskPYny|
zU30FxI^(I_^V{v|I9~q5bp79F;!VmhW^=P~HQiqbw1YL&F2X_122N_hUTe|oF)5R?
zzFtP)IZSbmaBMLNzBk@~(2=$#AAvDOIQ$FdD-8(bpM*D4-hwF~QWOV5%pQsSR3pdQ
zgQCo3@E!su8QIp;0M{_smcWHZT3~1h*QGKTCUBKeA|&a4mGmqlOOn3!U!<RwV`9Rn
zK@83_@~j7ky20FSdbYW=uN%z!J{OO~PelRrHg@^Rh-nuXn4ktx-=qSB2B5wk*t7}+
zWPLwEeJ3)#tnXkWCommMsu(0Ys-0}4`Tv8G)ew*AMjQWAC{aBEbY?pEG6Fl8oXVW{
zeh+gEO6S6;bSRqdVkBzpU>7hOh!!mwY;T@u)8$a^ikuE*)AQ~`*J|u%r%94&MxShn
zEpSkt04d5*j+IqL*AkxgNOT??D73gHj;8sH7Og|V-|WOzV^_Q@!?Cie)Vq6w>`w-z
zvJyuWWO)aA=rG7G$RWw=if%9?Q#L?@hJf|<Z2#TYVbq2|I?_ctHy}_&0eO**C}`re
z#7&ECLR#aQIy@7D!<*1X>j&`dGB|A?7Ay2}USa8AJ2Sh>tizGIqj1{u-g1tRwj>(F
z863&vWgiu&4q0lin6g~rWcayU74XN(RZ9W8T*4a}V&_BCc`Z5@>|{A!H>r##b0l`G
zaN8)J63FK_S;zl{EqvHZ?K!&3&Ugw39cuXq=xV5v7X2H?SZRf(nPy-RCM1t>Yzpy-
z!`18Z^@`yL#G4sDdcC3^0lZD%qt`0L2>44vVS1gS9De6Dii)vzQN18>UZa@E82UQB
zF%YCQGZ`a|Oz)KwoC391u@qeGz5){`7lw-kr$cj9td)JWyL?+=F7u2hp8RS?6_ssZ
zk<9ZZj`vY~d7jKu#hg4{80V>CoF}*hjzERpWVTdg+(wY(zwlg~>OsC*s@ckS3IYuX
z6!lLG4ubz1rXB|BqGO3cdLiOCW7LF2cPGjBA^u{Fy1ny0go-u458<h>MNZYG_aP+9
zGzKNh9X88s##ELn*32@mCCjNOd1obg(f#@6*JuhC_NFu<a(wB=v^1rH81Uj11SLiy
zkY;9E{*5?S!xW@$Ju2|3`zI~IL7+X{0_-`?#B8GpXcd_CI7RE}3od|w5$HKH)xU8*
zy7wr|D(Q``8S_9z0lbgkp9iWs3RLL@;m%RaRw=NLO6;4x8uoWIamWezH^KbEU(nT{
z5h6rAqXuCu-AuFQZa|)=+S2ZdSS{0R71)ECsbELCB+S1C0;{KVIcB==Ed<0E(gD-|
zJpAS4U#2Dcsqw2QFooZOxre!vMR8hP#hRPwUrb3_XTJqwA1GeTcmkC#hx_(g2IZia
zYeI(lo9kc^8m8Hm>8pV_`p6iz2<>f)aD-#Ch*dExf^5VI2y`$*vJtzTW~Wa9MXV8B
zpwoyds5By&H8&yxu|}MzHX;RLjYxr5BT_(V#7Rmc!tZKCgtbyLLE5@^x!gHavo2B|
zP0JvUn(20Z4iFxleG1E?muWo+9ofLK)PJ<zW@_Nh7NC5uOJ;BrlO_{sA2Y#P3@v$x
z!5azeXJ%S78mVB+`Zu7kj`h#lzYo{c!D$urN~`>8!9y5$KcT^QK5n@Gi9GUU@xK}N
zoP^IzJRZf1$&)cp!dC}8xu@A*8u&j1E?S5sB%CCh3X^{y-2WlXKV<z6$x>dxr+eUJ
zrmnz0WT29P&13zrtq!N-eP8914xg3V@(9r<9k!uMehw!C+7gWNaG}FE{J9#QHz_a@
zQ(70<ax~pbaR1G~MfMK^uHu|Ha6)dVXyaH|vI<mm8Hzd_o<$VEhb%nH;knI;u}&4D
z3mnDh&0nGjLs3XsTH#9+p1o(-!jXa7U$h&90?^y$FHJ<IW#S4;I0J{hoG(q_(i7u2
zu%56PMvB`%0NN=(QGqX0Bp<+OVmPC<mQi)O-RZueZV{yu>+*=Y1H)Lwj;O0x^AYvS
zm;qTgI-*V|&%a@e#(L-Exr0&vl}FU+EW7UvJ9mpfKFjW44q=#%)+eDq;b^+q2>*-B
zJw%Br)0@A#VYEjVZT_ytd6=<%1DAsDYLp`Vy>Kb3ab|7`v=Xx*@~=J}Tl|mO{tGZl
zHNg?y^=vHW;mAMeB_W=GgWnT;O^9`HDfm*8amU+u7yBRr`;qT+Frc0{@I$P_PkI5#
z?{`c`!)}L58Lt_?pl#_}9^^kV1GD{^Af2Ka=b_K-f+PROX!7=yo0~@HX^T<aFn*@N
zg%4=P-{>1BUjWKknhRHH{$KJ7{bFR~S&N^nrO0t9)KM?rgaVDi&x>#nj%^1G4=Qji
zTo@-r^~jq@)&W0{!O3K7ExV2rVkKPefuQEO4xTS4a0}i-{2QK;;}IB+Kop*x6j&G3
zj58tKhv0H=);!)x5Coh|vIL%b3Q!U<-??b&+#GbjLP&TaT<$TLngR21a1t(e3T}p9
zeHQLgfXlrO0S_$g2sjyY<zmFZ<^F**YQTuBz>%xV5mTobDfmB={D(CUO_Vx72)QOI
zbN;<33|wv;Ze73VJ|XtONya<(;ffo$+&2+(TRo<paJj{nrr-Gt#Pk?`O7{af3D<4b
zK!JQd%?^BlvFCK$2uLx)^RH)-5>E1b0&24n(v}reYpYK<fcGp**OT3Fu24@IYl(~C
zaznvDRS4&iIJO5Ua#Ml{D1=K!u7InNTme-^Clr|HyGGmuaReDbNUHQ){u4;pMWaam
zM7XOI|1?1NU)00N=9!6yVvoU5^SCAcEMCdW#IjD3JqAw*t@Gbx+qY=qS2#(wb*m=6
zgOg;cxbWGb)BM<#=nT=fnF{rW%li()K<adud$_!#2wZ$8jy2!KG3K{I+ys~RD|JHo
zEuMWy)n^)@WX&kpAjB<j<nN0#4^uk$C%uf(6ps9h8(<mX$bb1;F#K=-H;sy`d`^U`
zWjK*vO{>zV{8j%6XoNia?Kub2Dk-81AfoTChCR6k)wmr2QG-W<aCuu1IB=a1XQG4V
zU4cN;P7IGQ0eLeKcm-xw3Y^GPZlY*aC1x0Kd0n+O4Ogmt=wdt!eHt#WDCilA-4%`m
zEsn>UCUq;%RdxdER(aj9Mkx9m(H&<XG)ikz!LjEdR*QDR9T4Zj<qZsu1G`xq33`z?
z#AdfzWj7k^<cn^`>+`rO?`p;um^PjUW0v=sX4ISm^8l9z{9)L%;wl>-2$OLy9N}tO
z)vwYheo^%LMVM`2lAbq1Yg2cPDvw2Y!dnNIHzk;IG7e^Nq^!WSpp?f^#-u!EQU&NG
zD$hDJmu#}vA^t5+lf8t%ahNXIF#kLt>?@aAt;6acE-zOzwp@!v#d_O+@3+{9{!aRZ
z{c(&B-{3q3;$T9XrfcmwVX}%wxgTqfpWyPAnA_2wzi=c9Ejr@^Q}&16WF?HBcHm6m
zJvebW&gqP2A#{w8EX_E9AAFSW(>Y(1^U@dPT!D9sv5e|~BUSjkT<lwOGLVL0a5|j#
z6QpqkTnx<T@DLNuI~d>Bnhj6oY)yERG2$hn`cvS%!@<Cn&xzBVFh=O!a#ZQVuke!q
zUv6ny9O@_pS{UMdlU|3wIfD2}zIW00BB^-jdwR%!2K*K9%l(4-xp+E80W3AGi3>2!
zG7AGNXvt|_IjjXJm!85Xs}$m5xcK2(ZfV%gw}(#o_Cz<$foY6i>^nXJd4=J<pq0OL
z6|y4#6fN2Rz+jBl2++w2-%<qVtDiW}X03sLDYGM{c|U4d*4;x|fS+n5feLKJxF}a^
zr0Liy`4IIe2fz5KTAJ@?1Zoh7v`O&MCR{!I*k_g-VV`nFR9R;u%!Tnrn2I%TgqgdB
z3vp*FyXv&6j^AqHM!!58@JLy_4_V~H&cxpsCh8_C)r<Ht*56+XG3*-z$}zLJ4>Mz(
z1eS$Y#c5=Tv_+G?lN&GMb2JgT9)ZJfxP(%t|Heclq__U!4{FBn@A1&~2KbL@o{#>6
zyC;5tKaQ3y#^WF1f)KbtUugQsbbRmUI0Ahd@$4v!w^s1KhWrb($esBAG5Md;jBh_i
zk39;1vZfQQ(d!dCv%$r9cW)~Khv5c~L{aeH`1Mncos8I9KEs0zxWQdC<Lu8dgM=IW
zB06YKe09(sGAA9u#0+jox@Po2Hap;kwAG9O;B!A5`F{k98Av)LAH%0YKMXQ^2##n}
zJhutgEyE2#wQBJHFY<$?EyS@I4t`<epk7h9A^kKt>>E3d;q>y+I5A`hWTn@wz|T|2
z)OZd*abE~Av`8~@@qZ@y<)?U_>VsO)i+{!vU~j>lyjzRBkN<<f>*Pl@<BcEjvcymD
zKSVq~qqh1AKb@$tvo(DL+QyiUpQqr4ML=V`LCu9!gBmsY#&vETA9HIHPhF`7r#L^l
zOcR4{_En5TSDFpVTawL@gRrs3gy_6t(3h=!7a_iy;(y8Voeh6I{Db%9`)0tOGzb1g
ziNR0cFTXGjDKHMe4Q`zloCIDfHYC#wytL4b<+i3tYH<1}B;n);i^2Kv<}}QI9LxYV
zq<^A0AJ{M@n;~Vm#byb>aSZw?aY0J(GL&ZuW9=l?$GjAD3mGGZgEO+s^}sGrvCP)y
zO~95hChL+FC(L^Qu2R8*j=}Cj@KlVk05L2K1<B&5m}7Zdm}7ZdpksNiP>PesmdDpb
z@+Dbg<8Tz#LJuiL8PYK$xCQY~GG?JDLrzLIA4ZWKOxCwUqPZW~vq}boJ48SoUW=xx
zBK9}8F&BgV;N@|EF-L_Pd~1&HX|S)Q_<K$B62x!ic*(YR4(@w^C>n@hcSsuD2&_M<
z?kA&LMSfJ-PsX;E0!~$rFdHATiB*;IY5>*X2NGmnKeour3_w}>UThaow$Fn}<}6fT
z&@vm7g}SQ1cLx|H%>$!rv&}__Kb_;Hj#Lzw%YkiUO!A4Qn3GYt+ZiKngQLa4Kfvb^
z#xSiHgC~c~IiP!jG0G2ZVD16kON`|ZhG(oINWCQWBI1RsOyCAzoFaQmC1WyY?ky_j
z^cEFUddn<MuJ#rOlLg}5GEd1S)>{@csP>kN7^9JHaDm-hwlO9p%DrW~ig9n*!I-Q|
z7WbCjD#*R%LB`bHqGC>OabZqxae<BsJ<J@bh>i*cskhW~L>H=0u_=4V5yoHvV?D&d
zWF5JO98;K550PE&Z3RSggN5+DhK$OgVuOws1XH1wm8_PsRSu*}6R2XbMpfwSM#WVC
zNMB97{>(NnhyM|#X^o7A_K!F31$I=$%ERWvz!Fy2%0-PibV%6za3&OvF-u};lJ2dQ
zHeHagL1FWI&>dlnDnE2kTJQsyhj-MpBRT~dT43IRdY+J_`I;$Z3CASMoD-NMNnq%h
zWMK`Ok6y-v1P=0P?aXsfZWT;8nkf7S0oIcM;<cbJ6Ov6r(qV0rO$+`p%r^-v;$KfT
zH=^@aF-B?^|7QCjJ*!&HSZ~4(n&E5EQ7gfRjAVQ8S;z6&h$kcY^$0f>e=ve4y|;pU
zpG$0ck!<4M?;I=v_sbcRIUdQ7?W<x=`>L4IX|LquiNx~bWI4n+7-i!OaqE<9sMGqM
zTZK6lY7zfwg8!|PAtv}+&%+CCw+zPA4}rX}30u<(MZA;KdMS@j+sGoS*pOECD6C>!
z#4$slb(}mv$v?NpGZk}ss0(v?s0(y@=o8G5Dj4gbLr~JUIAQ>0bu7Wx9nBM2Ae$vj
z%~An>{INn|ZbKV3DO{-c`KF+-)kN`Kif;!*QU`xtC^7T}@J8~#Om}emW}XQ>f&*E&
zq8z;yew<Vj=1w&6jn#3;8<Qot_`eE6dr7H?Sl3GY6)0jY1>&>>bKppP4w$LgwwrgM
zSl=rgs907zWZip}%{HCbrf5OyezcGZ%FE+4sJa7E0cfFwf97Y%_c7*B1YlU#v@l@}
zD9f<H__ooH2)uo%odu;Bl&GZzp8@zDgVgkcj(UTa-s;9qe%K70-vS$si|0U&KYa`4
zmyw(C^C{ejwVLq<{tx^a{!85c8-cw^_%hAgxY{nrI?Oq>sK7b!0dOO7%r9X!Qr6g!
zr0*lzCIvf8!nP`7)ImqIPc?f2>(3b3hY>fnGY12k$QUW&h}&A3KZD<N#;E&^xIHX_
zV?lTYgJ^9rVqm(t<Md{XCKe->6ARvw+k}?*7%p)DR>@n|Vn~Mb-i5{VxA6G$b>S_?
zV)~ZHly$l*%@0Sh^uZ$;xwb#{2{w2?1-E|KSa!ukKT}rYu9$xoz=J0pWu_%tZlt{}
zMVgOm(HF2aLkCUT2Tc-T0Y_r0A=)QF267#dQ_e6+REu^TXkQ-RKEoD6q+}UQeURcZ
zt)QAo$s%geWIWlhw{vnUIHFKS+yovn--}J68PAbfh-|;olw~=KF_Jeh@S&Fwa>ZJ^
z{QD)J8=xMNk0}pWCUWEsN@K>!6M+s!+cU8PmJXN!u=#-Hcuqc>NSy<gvl$#uq|O1$
z`3#N)7&~COj6v!#u>+PaFm@tv6_d*RodcFPF-RuCxdsl^rt?9$4IK9X;<V^rPPNN@
z^DH1|p}OU9^6JG8n2<WVHk~i?b3mCLu3q%h)r;jwrJdn7eU&p{{1CuZi+;Llu^xV^
zl)PebAfFG1?g;0KMHhCAuUH($grr!`6^pZ7SX;#4Pkt*lQheM#pV%HdW4z~PtX6u1
zD{#eauvl>3Ohb$G+^C65;Jgzw&msJeb-KtVt+~^^g1~>!65d8U=SkhHiJ}e&yh@wm
zq(`2MZ$d@kyqVZMdj%frW&}nckOI$C3Jk)RO8+6*!!U%ga{P^e)A{)V_lf_;B~DIh
zZb85)jmLOTh|zG~ndtQ|9)acl7=i6DC^O-S8HXJR#CG&f9B?sk1zc%dG26aW%Kk9|
zPT7rtFxgkYc{jBv+6j|*PFT^5de()P(cW5gJnX9PVf-{f*}M}ItT$%~@iLQ;p-sHW
z8wzBiC#qooKQRnjbA})plTu$x+~v)bOJx;wrWP*DnOe9&XKLXBd8r)Ok0Sc7v`vnO
z@_NJ@@Q>brvF&UGUhyUb=1#?qjY83JymnIHJb+Ufq@e`h@X!>1l}OfcwANOH4uW$H
zGYJ`}eZ9jm9f4OkF?Bo2CPaIJO-x}I;2gw!$_2Rbe-+@C|5*SelLhd9M+IOe{^HXx
z(V@WQ$SaIM(jv6WYg!%-(*3X+-m7dG$nt#X?d|^<smnn_MervfK@|m7BDDvBT1rh*
zdm#(nz=ZO#;>paaGga+IFIq4%<QtFErG@^;yD$j#_%U9=4_#7QK34N=LLZp`SN;uc
z8tT*FHRj;wS#+6!12v-o{=ob2V=GcV0r5=y+3qqUU%-Pp&so3Wx-7WFt*{3V!1D<O
zHsYiOU0&e%4WYMsYa($uqHq4)?gWV|5IBwi_1478=%Ib+PaI^e;TpV(8feiUDnU)E
zEUG|N<xQ3fdN0$s6jTKr1$AMLg1SIQL0zD#pf9M60|m86K|f`X#!soJq<#)a%_y}X
zK+5)=nx1r;bn^!WJx+Sk(VtsVl3M=OGA9Bf{Q8WnKXk+*g(+rGc5nhoaa<r2C_oCN
zg0>>bN|iDLSt(L}s+0pZSBf;Y7n8;`mh`=pnuszceILaXvWC$60O`F7+WJq28nCxX
z`<sc2paY)&T&IZw3_Mbmu7&4m3Xm$z!Jy+=#KVx(o+&)?NbM2&1t_?FYdeqd9O;4S
z76u}J5p?Vrl)OW44xHT=FIvONn2lH9%1$`{QcNV@!l;yZ%l`^Ic|Xn$z{xZ#FiF@4
zCj;j_i2Xe{3J84#^7o88RfuQc{5Rq}ge&maE=Ybi$G8G28O{yR1RZ~C;I!yhgDlYs
zN74O@eX@g}&#|bX@So>{2I!~t$4@2wEWnR9iJ#ukVga+6K9=Z>Noe4=U{@e&WZ*Zi
zIig=PMoncNXoX+M@;v-pj33Wh{49$4MVk+3c<*-@&@lWoLmLRX2|u5~wHbs*dit^t
z09}TkW~y<=08PhFB4+Mw#uKl9eFNwz{79-Mg6>I!<rxQ~&=E$V&0HW8{{T@Xewx$0
z{x_h1<ENQB-DhWvy<TfhSAe%}J)Q6qBZ8owCPCrHvk*V~;QAcIoaBT7q3;Kc@j4Ut
z#j}VL_`&z^8~B-zAJ0<!yaw0*888pR_DzB7FOLk+lLK$kblco7fuM059fwcpRo(v6
z%+Ubaa3pk8^q)>M^Q(`8=T`i@4cET|PDucK?FUQfRn+Fo@nc+uAG#aW!VxpYA9?oo
zIMEwM+nTOL&iErvtjEIDTCPPB{)`jj;H-68q?=}mjo3f7CP3U&z}%|7b^*^qR$BB^
zz9-MxBwvKMgd<5$tj%WdzKt~3v=bB%c6~Q%TMMkqBe((onwDT|ydS&|;0K&K1*y9P
zXfHqn%jV#tJpF90ONnc(DaCUYV}pTpeV#~#PL-0QQe@_Kd*0jiIVq%LkVu;(J|)l%
zq*`<fy21-^aox<Gv$6Zek?j!~R~{5?DqIH+((&Z<RJgdC<-_#V97%mI?sl(e)4<0A
zhDhFz;u#;cOWZl;3Usxj97!|txFv}qIfCoo=#Tzs(a%7gKLFH1lO6kRjvYYcDG&`E
zXPCo}?<JU^Wr(87ZpT+5;NmuGMQ`B0xC8#nw6>-EpnMP@Eo$KI-2rfM6&`ai>e-EB
zONsgPplDak08AFh$AR=(B7dT74M&hJYSG&P{+l9Jc+9OR&n}LYby}GT;TJ5{u?U5r
z_2c;Qc*>ALIkq~-!}9)r7Z7^Zg~+V{KlJ=A;cv`B?5{cfcn_p@FAA^&1yBP*-uL5a
zc%-?2LceN1xNO1?RU_dHvf^FP13X_IRvC|u0LuSRg`}-t2piO#eSZT~zfAWwL&7s^
zBF=xoCE!JWJ!QO(=e!6VB%~Nil8J9)qsWgydW(SYG&*!Euv+N|x=%5#Cmcp#rIYBH
z76Co<B}_psen!G2d<-?Sk7P>Iw2A69AI<YAT<|Q6c>gfa<xvcoaQ`=HRMtX1)b#v}
zZ0USv@C9W34+BpkTRI~8f0IUK4daQPV{FFH4{*UJ(Y|!sqVdUN&4|$Biy)~lJosE6
z3CTDJ<1!6hI^#l+FNA3@hL6I*F1QSsNTHuH96yqBB77girLNKRngm#(vXP)3hM(Wz
zQrF7<uHQEu^zxbU1Mqb}9rL#W;`1kbHts(IPpRSZJK==znfOo>9Qj{48-oWH4&*<u
z2@9Of(vM{4rr`BN$#V?M<LhwkT5HBX@!$2mo!395KLJma;rExF^6RhQT5h<0c;c@3
zVM6pL+TdqD{k()9Bl~2`<l)jfYx*_M0~kF9i!->i?j$VzE?5?Qei3GR{f6O-7;u^E
z6L92o78dewnUgT2E`etc1+Jpi3h19nf@<$5$0(7EbC+{*!t);nR$=s^5$OLW%|B%A
zB0C8MrHky7<8Y!;4G8;lbEG?wfg|wT8ZPT{&De(jhcNJD;lu!8#t)}p35gkP7IeyZ
zVLU250fA+jv2QZg`cvRv?Di`(xeZxyBq#B!PB#5!@O_(jxADz}%<40cxKCSo6S_l~
z0OH&af_c_T5FF*y9s-X9BY|^Uf}{NzB5*a(&zKawNaTJTEEMv~T}_n3ur&GQu1F^Q
z{E3+g_?=J8RKp+p#7rFm&L?IX;dj2=m6U~zYW{Lp1^oELjE}zDRRcdhEfbDl0a6dY
z{G^Qe{h2rfm2KCY%AP^rccd?NtyjR<r)7fljj^p9vjOB;!@39QTVpP4tv49gf(|vX
z8j+PsM>Pr3H^@{FH44(V$W+X!S(8$;s_f>PHNo%HtSX0VCci<}gb>xp{tFgC3=4AX
z%0glyYih{619iQKF^o+j>yn@_uP?{Sf<cl>R%M3oEtIM<7ygQ@;27A+MkNs)iK2O?
z3&WA9!I+?`nDahjXB6ZUPT!6APsj;>1pc+ee^z$5KjIt7KRYKl0{**ml|s)=H|tR7
zy^J}94nBoK-^Wb-#B^+l^*{?Ox0Sazu)QTnswsSZP^m~5=|+Yub3V@SGB4N-5q{d6
zV;!021`}2qfxsIr!A>3%3DEcCiw^Sm?`tEVe(1f~rJ7MW2hT#h@M99L`0YJ<;~iKm
z8H;J5{>|O6Sij?E#16bpN`vu&`!UMGWz$u{@?t5^e8hc8@nx8oV8nq5FlzC01TH-j
zXQXCh4vak03$a6k|A}+qw=^RU|7VaNM~qM8H<n}O0hf*kM$_>BCh{-UJiGA!8}cW>
z(5eA`ci{Y)IEOg`cS{{dnIA;pSGdA19?hT+N<Rfx_=e^=3zFLbS6GKvH9B{|HEnSC
z43_Hm+_Dpz09QEJz>6NQqF=%l{-x>k-*X3k$lw)v$;jKo2;I->c>{S|c?jD^_@;{I
zo!7A1#wqTi&Y+Te&&CIPIQ~w}xbPv4{#-Nee;AKK_99)q3+FXw8e-SN74_4M`A-V*
zE*$xnypC6-;9BA*pyx?wyC=8|lTpSO5RhfO5M^vzw_c7}q8xgpMX$yi0k6UpjrEuh
zV1B)aW7{LvKJNM_8Y8!{z1>NEM_Mhq7h3`yUJQs1lY{eN@jm0oXAs$8s%1Vo42P48
z?F2sXNk7=pJRfvtFh<5Xy)oac2DXtgG8ySN!<rbcy)VQ^oxtgS2=w)PA$q#P+Vc*4
z-O*UxKfwCap3n`VAUQh4E1!RPKEDrVcc8@GZ=~j!eE<p1!%yxzfJ*S>?g<2F&#^nb
zr?>DR>I>KXd<6ExlS*V$L8itCy#rvK2tD25Bc15JM0SXq5X`JR!>(xnRn?-OK$bFt
zc*FnUVr*zeK^-=_`sq95RTL=ocJlu*5cY@yU48kXkB8#%2Lkd9Q{n$+FhnsKaf7_^
zzEvk<R|^5>X>}#}<<n~aanRM+booAdl3g$9OzS83ALT-k0n58Z%L=6QYXRCjjMgNy
z)ssvd1Tp0*zw4ob^f3*q0A}kDQ~HT=zBkMI7JW<w6ZXSwrMI9=$R@Mp{|XXlq5?0#
zcPQJDL7alX60aE!pNA*-2w-S6zej<#&9X&`-e!M#E$}PSmd>!zyD9TiylE0_Qo*s_
zG^-SuZ=GpV%3_Ye2l0MKF;y^DOc!Vu(+lxcQ^_WIOMTZu{&fgA@^2)+Eq^ZxoitU_
z+0`khfK#0+1f1&JGrL7~EK-KrN*g_ws?*t9Vv$npWsqu4$`K&tP(fQs5G&d>x>nFb
zM_b}TxWWl-Dx)^%v(Wll^c-yOY=<kH6Z{n&ZYf801&hLYX;uyz;xfjH2=i!Rze$Cv
zKn*5qnV~Z1W;p^dg!zDdHHfUH@cdNYN$}Ufk9X|lR|j`9rvwldb=4B(R|g%CnuESN
zD8D7Bg8UY>y~Q!vE_@FV7cTZnEM<y<ony+^?8h@kN?UkwntXGAGGin?=N)bpYkr4&
zI#W{rpxk{VnntSB%Jje|!$<?{EG;6?wIb^Xy4%$ZVj!1t3VsUpP(kea2cDhPjLGgd
z6yHy!{<)r0XCZaoP`s)x{3QIOQ*CCUigL&tfs{#Fk!*oF3OFqw#(|7m;3i1Dg2L57
z`G$Kn{LUNhb>w&6aBrl5^M-qPs$C^jIx5yIoqVQrq=N$cUR;Etj;B1^$ZIGn;Kwx-
z@~fVmm|hxo{;KEsD#l;+yofO>2d<-#S4UjISR!G3bwmw#%ddKduU`$jCUfl=oO2y+
zxnb%;P#3Q15_q}=){(9NkUDeCG(~4F#pjAY?v4#hdv|e;9rYvXr$t*;*oO?tPBH1q
zfpr|2jvUIynm)RVqZXaHESe{;;%I>1xr!rcnv{XOilYL4=PHhxxpoFp9$fd$j8P|W
zuHv|jF_N=$6^DvBZv(h6ej7l=oT)E;CG}3`8BaV}p4C(~zKY{rj>l*fyNW}_oIG6^
z=c!`K8whk2NAkSpDwj>o^zDF()*;)nX>ELS;ctZBxrn19(~d$BoQpVmGnPphU&K+S
z@N~MfiZv_jP^P3x$1dWCsx0{;j??}JOBHKoIjbd0x`<;5gVcqbi#S}EeG!M;roNDA
zNiJp6vV1>6O7uXi?6iD&gTo$<Pepv}1_u}D+~A;s%{MqygIDYZheiaP8yrffW24Er
zhNGGS&J7Or6mV{EXre&#4Gt0P1v%GnRKm|UIE1NB)FNCqJsi9SRk(b<-OydBT4%Hg
zyxsz{d*CHN1y?YcC?~h}?IATFPBU9cs}(teRKmWOqmulvT5`O2c!8ZoD<q6ruX+Ya
zZyjY&vF4V0ktrQzKmyqyPjks-gUn2py|xDVmd(wOJNv^q9fmtmHZNIPgX4_RC{wl&
zCR@%tby`Ll-a}Z(!j)m7np<_IUFQ2VvMCqBrVvfp-NE7&cm<pzlZeZK+@LwA84D1$
zD>?8j26~5%FuOkcVE^vp)MO>fc4Z35@^=QwY?eK1vve>rF%C-=Yi6l0v`gz^*@{6~
z*TXR5D5Zm`ELE(TWzqj)IaFo&vdz-LRF*2%%yRVqVtFltQkEat6?ZUImMYfFa?Af>
zd7sMisLj&BRF*2%%yLf)mgYKG;iKF<GI@PgFdee|nh9maf9V_Oh$*>)QA6b3=kF_g
z1)!`at^A{Fpbsd-S$0#A$&nQJZy)%(8N*9%(<VFmZNOUeIo!=h2j)h1^sNI>z66_=
z9oxv0W4_HcVIdKo!zafaFasccv{#-St3oR6Ts}EgivUiJ$&d72$t<Yr$4-zrAl1M*
zLFU4o6J+Z-H4UuJ39>sGBOAyc>4i_|9kcL>z2pi!9)-(Uk7pD0@EqfSelr$?`n~w^
zJdB@dxk9x40_)uWp8{0CrD#O`5bErq*Nnb^YdsAmcx3~Q7{K(&K-}HflZN~6K&$t$
zn-BNjF(*!=#@KfVdEP@C&%73F<|6B1>#++DCj+N{ho>xX6cF-QKyEGHgSsEZ$D{`r
zT#}-+UM){n?&ioHh-|&uK3VBtohX5Gb)^GJg^7J&_Xkcsn@F9LmBxBo;V^q^K3N%H
za4f*s$;xa7X}T0US?K~}Co5Yssm$LwS=o=l97@k0*o9Y*3*jdjKb{dYFmS;YOv0wo
zW_S)z;8Fxeqs&*r$(UMrKA-@_{5l^4;sOL7hx(OViidh|1)cE7>!HhWJtdqB9KQl&
zS0Yf2O@ysC3h_3a<aPv}RyQF)+`M%-yaZR!2HOjDk3*T^B!ivLVZRbi2I^kH8X2yj
z42L&<ho|SO2y90QUVIaKBL_He;`*$^fb=SyEcMZU!$Q1^0F`<^Ja<!o>f;LR`~!P9
za0PooR*8Ejw!z6XkHl%>dpH?5ai-yJrkD&z3`BDMIt|jtgGo5tDuajjhu{is^;;e1
z;usdko{HFlTE92gx&;__xxMK7gb8UO7`G)6zj_udk7qA7d-iri;*;PJ`d7>FBd?IE
zZEq`Fw#-*xkBT(B_;KC(3cXd0Eq+4Jkw#GkwF<u}=LsrEMv-#<4Y_32yE2&SWblri
zff`$Uh%->ZSOzM{83=vm#mHtZ{hW;-<9z(=fh*~V?LbT+Zi6csf~yc$VrvzS@ICn7
zME-@EacVVg$$}%i%PJwxg)2EtGt$@K7y}&Pi=neS;YvnmhH({Mo`55KEB<eR3YU!2
zyfr1Z5C{3F@h-u+A8`p{uJNtC3~SCpc-NV}=rvd%lfO&4Z$I!l@^8rT?S;RI{FSC}
z0cc8#Y?_hqSCM~qf^R2i8p*#Y!*?tE6>Z=@*Yug7sV6^pZUkQ17XI@K&8&f_JQs?_
zz>=Y<zI4orswsYGZfGOYHNbDrSAB0FX`~&ZE-3P4BdVf3{9s9E<|>N`?<-GgR(0Sb
za=!PFqPj%Jgo}__Wk>i&ruqtyNfnG=$;kZBo#0e`l9LIn%(C?$EJfsn*}l0OQQFS%
z=ahs7z%RN8ancW1hlbCdfwCb~lG9W8E~g|=;F6`;zQQO3MgEM0PzL<f&}aJ`9Fhy)
z4=7SncSO%j_I(b21^LIDzP%_$4f(sIhf7hs2J%nH2~rjQJjrf2lVmg@!KA7<n3UVd
zRFkSCN^Lr{FI5e{{AV1x3J-Ly2HFv?YIL!w9??h*o`M>zrkI<3zpX{l&?QTrGJP+h
zIOXK;k{+ZYKh)Julnjm~ZzKe%=q`+_P{nDe*pG4=FQwsPJD6JRCzwtrIuzTa`ajK}
zB%F|gC|Qo@8O|fx2D=<CY`hsHQ94+d=uihLkAu-B4ay@mqL#|b8qp~IwnjvHIvOEM
z^ATrj$fQ&n-_BKNJW!Rq)5HJx$!KTz>0K<}JOt_x$O|Wi_6$LfApaZk<dN?YBueUq
zME_3kzW}-l_+=s@tU&-Ta9OXz->RD}Z^|(59(+9hwtg+Z>$Eb&315G(Y>+H_`kx#O
zq&Ha7r3dGOe<=dAzxgy+R+3-tZ;D{&fkNbS7U@WX@&wLV=*IYkL}6UM8M1>TdvfCz
zJidS<`*Xwf@WT<lVjEtBg(E!Y2Ar#gBiogFD-Qp{k>VxwwCgk(4Xs5-46($Oa3vjs
zUD04g99f7+>eOT>M1T0tFAS5NC?)^URFmvOJEoNiGc;HDuBZM-1WU8S%Vt3Q<j?5o
zYdsC(m;QuMD*Q<hncWwC=UoK_N05w38|r)HXJgVR@xJC&7$D|wUa&Rv&_o^@-_xtP
zabkzYA7PNTM`MS^%Lk~Ys0tw%DQSM{$j{~{QqIa|8!3dKl3?T8j(XKo@WSlyTGXqF
z{5d^+=fM<3AQUo7<KVA=Uz#N(GK|iq7ywt&S2I?2HPH>F-+qds?_2?rz4%F9iS*}c
zI;p2|3#2N63pC@VTkuHfW<*|q(*X0~k%4nD*`(pZrcZ>A5|(TL%^RyYfKgq)3Ngku
z{QL}8QmGj)ZbjpgmcaiZw4(2g(l2xx_Kf>4<+MYQmIg3m0IZN?JrW2FUB+Gbk;r%;
zWUGwp@FS6@G<_WS8>iz(0{3D_MJ9A%Madq#X;RBdJ`cL0MgN4cBl?m%eA#EB&Cw%D
z?rIe-fmj>hr`w@@gP|BneGqYPzON@K3HdSTErF6$ksk*7UHEIsKRZEMC8LL}5Un78
z7<OqLT^L&>2g@Zown`3`MHpM92I9?DN%SRuet^cQWX>lZwDzDVty7rcW?PAP-!v4y
zloIdB^NoeSiu|a^Dln=eKeYWb_#4STJ0Uy|G)b^BC42hWwstzRZ9^sFTDdT;m4iiy
zj%(#$VZyjp<;2_>eWl;7)j9vWR?GgoR=$zY(^^W}H6_#^{s#Ev{h$~g8mD3tue;q4
za+uoH-g>JA<{gZ?N}q2DR%j_m@1KU18>g2e?e6y0Zy;4Mnf{xWpiFNjU>dTJ(^Dx*
z?jL|(xso&<gf%Pb04y6*IIJq@MV*p#s54y{YxF^nW5gIz8>1BZ=m@5!RW){<_JbQf
zJ<qGVl6N)hJRp~F><;*W+3Pz8bgl0kFawm$Z_e%K^s|Y(v%Y(q!SO`uyg7H6!La~i
z>$@)*q%l6WzH@=G_1*VOD)V>NckvtS%H>e{*!oV#<!B;{-WQ>1K0Y)6Nzo~6J*CtX
zo>lmfoxL2m{U&2pau-vc^Dn{uU-p>@oA!6$k`_yNWTAJs2|r!&<LQT=C2*yGYFgH=
zlT1OpVKb5Z4p`5u`|u;7sdmcS=pb+^CXn{iXwt;Za2-ctf&MMv{t$LYI_p0ffw6EM
zyCQJvQ$pMW*Rjf@#g&e;D|?$XMpxpA-Uo0UuhasmFya$AmS{R&jc?cyI7bE7Gq^|v
zuVL^a6}*<g)hf7-!ObdIqje6P2hFWxFhIFqr}YX&HleGHL142Ml0|u8yj^-~>W&+b
ztToEFdx8!63EZr;6YlD}1heBEoalh-SPzk@QWBnAM`l=_dhS5rLlWRa2)JTS7!W#r
zw=8QWekS#b7d>WCGtwrSXU1OpWK56I1g(DrR5#*hp9QLcX!#%-XBb?Mo(LrEgBHT|
z=t^y_?_GnR3%j7*={swlm+&(H9k~;o8qw)9+Mc^=6^P$09uAUPxRd^a_7C3%ErX)~
zn8n?JA9@eL6NGOhTo(ahjECn23PgyryhQDO2a?J!UwpK-+b4p%+#z`#K+W`j<HtCL
zpAM*0&tbUW6#rL{e~e~~dki`X*K-EA(upE_b9=z!C?H(VnJ5x2B|`0Ws&(Xf_&o6R
zYO8rmC)o{K1R5>c8xNUJ$FaU%MzE|LZ<TYT59xdPTL<qO=*Gg?LF?QBZY=jpd?WjK
zUpE+@J{&B9iJ+}uo+zf|xuOL|53jE3@1{$^!z*7uH^vXIe00z@3AU<NT&_GqQ4T-7
zxkX1P7AfVA9iec6_7MvC1at`#CsD!Ta)OVdviCCPAuK&?U5Ub~n5=9BB~w9JS>MBF
zVko9^Wk%$6VYTr0YiG*q!s-<nI1lSw7(c92G3No{%GG$KPDu}*BKQn4JIEkSFnVR5
zBr|PLGW}9X<Yel?I8zl<GyRm)qqk8-gn2be(l=_WPqxgo2Q+NNK4|JB{A_{iU4~1t
zo&nGWKQ(Z@N8xI%=dt$&*E^~iVI0E23w;v*23uC6{O|)`Vrt?oIHDhFY2pqz;KKNR
zKhCQ?i^RP(qZgR0Bu3pe-SYy5&_=dW!=*BR3!^(^3(}Qo{!6izX@ZsOJpe1FIcV9)
zDF}>8^iPJr0)AZ0YFbMX$e(D}2x|h7do(V?+K8kMNJ<OJg5aiEZm{>L3UgiytZxCP
zCxP?l;r$Wj8RX>nXTA@%a~UVLy(_YVw<7;DRqWJWfp><wG5e_nrLJa5vdO*2nZZND
zaQsY79SsFuZh?72c;z#AE?VwtrldJ$?`Ui5R&d;?q^5bN`9%w`ceDhSGiL!ZC;3ea
z`fKN7Oo3lMt^9E=rkND5@3ug@XW*n)6pj?35^bB?u*DXy-9%U76GF0y8huw^k7?c#
zFg;@WjKL_>1@NPRei?+Z8-Ce9YapP|))o!46NPlZSOe9fF;tKm==>H~a|5L_&z21|
ziE*cal2Nd!DuxF74GpAX%?(t=luiR#FoH|f)M%i;&_F6?HxRwIx11@R2HJ~iu2xdV
z8b}502I`ImswDZLfgVEx)xa+sC^!!bO$x*sXb~D^H+4ER&?D$%xsmJD271eBpuc=2
zH=qj<)4xq$2go6^)NY_w@K?Yu8)yR>XeM)r^`QM*n!#8D-G|0-D5ZGOK&x6{%?&h{
zdA4kzyBK#Gs22)zuZp38d?&lH<_4-~N~eK}&_FM!snI~0Eik)*63{@eFs0K#Z=jlQ
zDXC)(q=I$>4Wb@I@<Ri?fCj3AUp7z<8mN&1u?Bhw@2CC*M-61$jOnr;CQbI4L`))J
zaEmi(!umdZG>ML@<A;q8!cJ?^F{k3n$PX}i2^!YGX}B6|QFG@RFviFabW=bN*vU6)
zL$9tzF)ER4vQZTHHv;c+I+8!YAy(ZYtV617W>}?*0V|E3LH}89FuSuUkHo8lSrJnn
ziFaXqBwodwBk?L0I})#g&XIT(bB@F(&5%d<e9uDO<?!RMe~=FQ*K*0J>2NgOq(lEI
zCJ+D1Bl1-;6(9QF&B;hmu|xktSf@aUuW%d`Lkw7D^bVYPdNW7~yt6#5tP23X&6LXt
zobAc9u4)06XX~1|1z?ABZ2`9i<v@IK2n#aId_^tFG~jxp#QGen)4((|ENj)?kaboI
zkn}3>8Z5IzNrhqk3j73CpE3s@aLM+wwy>Rx?W}tccmuvG_9L+cwT2sn{1+i0X0pz{
z3*My^V4c-T;o_>8!6KdX@B!!{ZPpAp%?OM}+NU|T8?iqfUl$`V?mRosE(FfNce!S-
zf*k|r0rQPv{_qeOG6dwN=Z)yo^$0kJI-AIEZ+Zq+Eyi-0S<z$;soMlTgA%W2uz<jY
zMhBT`>iKr2m??<?XK_g`W^f>ZiwxRk$T}n4ei}7E;0c+~ulx}|a<W|rpQjUkE`b}q
z4zZqf@DV)xbV+*;80f|w_@OrrBTLY6sjrTrcf;uFaD82=F0!`Z=OEmu9O~HmqtBqT
zXYBWg$#A1q*q!}wB0Bro&m*1u1Wna8yYMvq(xNH&<Q(xG^R6bpBc#Rxi+~8r02q1w
zMf#y@YjSFt!(hbWwjt(lN*|$@#A7sQ;^-hsq($3Ku`@WOPw;$bW9kid?uU`~ls<X#
zG9L%Sx=v_C0sCu-4wwP3c}wC-PCkoBiv#x861Oqv+LE}LL29Gemc(ubN%3P_5-u>d
zCGjwm%KV)zi8mR{q4cpW2?T^^j87P}A14CZa#TE5)S|X+&|kks$oZ=~2`3WYMuh$!
ze78?OOg`B>@|}(k5d0C1rQxl+ZxeCZE%^hQL36@r9x9CYJ5+!B4gv8voR))0?sg>j
z2u_=>iS(o`q<)w&!fDaa0!s{oORm)Px);!jrzc?hGr}~#=|nRL@wdW-PW5^AVs-Qp
zy7Qzo-<J<#MFM}gjn}vLEA(dar<&Hxhp^?%45-qr610d}x5*O&rIqXwHWP+n4b6nP
zAWZF%6?_?Vvy>91LJyv7fu-E2Wm<V#-GnKxX=b3$SGp^8-e&vl7=ISZUD}AU1hpjJ
z>Mght9)WOrSL*`!&*J=O(=p|^$FxSY1k;T~>l2jXVx~+W%GZ6F)}fXl6|DqCb5T;!
zhM{OG=oC!^9=OUQzTav$N_#GX@QuFNBkHM;83q1glKK(6f40h(?fc<t7%>FGSvZv4
z)ev>?XYDa^{C{*YL?Z&}e`z_^7YJ<U($d5!Jr`%*k9KSU3cYo(tdko|{K*V<Y>7QO
z!kmB#I2`@pm^j-E9*g4fG3NpW#oIn+fI5|m=_@o67kb)uR5a;hS(d`UT>}hp@Orz}
zP)%WN^5XuxbX4dWW=LpyD_jaR135b&<(yuIt2@pC_!3hF2pr(0Y^<a2>*7rX&wAKs
z8(0ov6%5|v#mT0Q-(VC+d9wBz9jv)KJmTM+jxxy_Z?p?cXaQ#IgQ2r#)p<lClhPoU
zHPL7vnA8G{&{aCtd0_B0lTwGvnqm|LR<!^nS79}w<i9X2%|B7BqQDg>xeCgXTMPE#
zZC)m&%4a=dBn1CNdKGNlHYu<f$yH1yM*<O?1f42it;+xq&Pg_dcX`}cn@%G51X%Q8
zLXvPeH^JK70yDnXG|Ph8tArB#3mrrSQ=ayvS>Lw=sn_&wkz97@+goH5>orsdkv8M7
zUku~2k;p>PR9^yGwF<2oIz8Dh;IE|?&hwi7^U$LjC{W-v19K60ms3)6r+sUrLPe_q
zi=#3@x-}H3Td|4)7HL?*2Cm=hae-hx2yx~*q-?F|bLjM9Gy4&bC}#}MiA3nMgy2!s
z=t{<D_6y8<rv)Y@_tO6Yr=r)WsU>AC^vMB93h5{NBY|sMfEiz#G^(SdRI069g0=uc
zl?mY~D19mF9hy{%q3UH#4227=(TocG-$?%JHE(2_-Ce)ZXjIsR5#c8q6>bVHyVoO}
zNLi<wa{}`fj0}Fpf3%PYp1;i_x-pwf%DXnpszAf5Sl+d|X~lh@yTHQrT5jOT3O8l&
z33OwOwvVG1R#NG=r}=inUqk+F5wj6};|$J?%u{Gxsl+y`*oLkWdsxLbr<xfkz|)LT
z<A*jU1-n&Z5AX(C2qetV#u0&UkcWejF(|0e^R0m(T*8D<D+0~HBbb3ZAWd`%s&sTb
z*&H`8ZD+utjS0bQq!(&N>j%q>94wYmTM+tMW^^Aia=;cDbx<=}Pu<zL@t7vM9gh>C
zYR&lSOHFh^^M-I{Ss&NV62?^g(93HfObg_z5|PElmgw@1M}#t<26~_Umhe3Lk|utJ
z%g0%|i2e%rrNoQ;Q#E5Grk~Yt`4?%Pxw`^lb-hRAFT~FEdwT*R?xBFl@1bk?p@#!v
z1YCYl_h>r7o+yI!{3X9P_N?`nX)m3E?d$uHI5GH26@2Oi%cdHpd;HnIqTi<)B7eAE
z;NJngs7K)GVl5#UcfUs*;DjWP`fVA3_gY{XTVdIS{~|DHqI4a!1b>%bFg~Oqkg4bT
zZukLug}|c1HvW7(7OsasE8_9`Z<wo#CIrsO(0%@s?m<sTM_{d%7y1HuR3MO1jHxgF
zf@NU%D;I>!_M)QX;4btN7uGpV_8k?IeTO*sGg@Pz50?2O^n`$kKyqJOAf%$n?X-Zk
zq!Mdp21!Q&=1JXgz?kk_3d$}_8B@~tp*t>6Dyaxfo$e8Jl<`P<OG#wZZMX9sfq)jx
z1LhAxcGYztNz{YB`(X#_5P14PLhy?FJmLYSr`+quMgpUDx-lt#a~>XX>}ARfqO3>=
zZbs@i86%<9j}OV#Q!%^se7#YEM#}W91b-XII_UxU<MnpFY-&ja7PU(D-3EbIk-u|V
zh>TP%{4oIw&&#JmMez0A{8U}j$>Yh#Mm2q=A|Ee($?sKo)&il`XMRWdM1>x_WIZ}1
zPM+`2{{<_n;?hI5ct}=SwBL7@m{I}`H|oY+FUE<3aQR!I*s~tjM4tW*c4Od*Q$1SV
z<S#U_9<KN_yuRG_8%@lFE1s?CL}3&R(WSx{<BJj#hwHKs#jT)R`Zf=`$nQtMbJa&6
z^na|0Q{YO|G$RG<(&FPq={PNN1N?mo;h(M<Jubz-eiHlxwA|X)!32Mh6UsYsttGC9
zD{URz0^7ZdBMT8(T9D<NfEH=!0OmsqL)4C<L=&<Fg2(a=QP0#mQIAeApKO7hy&HWq
zI0HQ1V@lGA(sr!^KcT;<n9cJXP^P_M7mr5j(k|@-fA4Z*872m|U@Me0!jz{HWv>Kt
z4+b^|qsAz16&KuqGPh?siRFi+KB}0lk540YPo|_ntaxyKu<A9Bn8z5c6^qAY1UtOs
z5epcjp4g#Zrbz>XinaZXsHH&9WzsePO8cfsftEsujzBA20<C6hRiG*+1uE2LcKJVx
znBrX@ni*#Z6jf0D(4WPyy80#fF)qi?ptyKZe~M=8-y0A~j|4>hG<;R)@qm~CSKk))
zdoMiN6A1Ka5y)+N*KVr0_@_m?KWmB0;OZ9y55OY)&5=c@c>S5Jtmj%{{WR0R8x3BS
z07WX+Z2hW5K(<F{1?)ouMRm}Ute>D*N$=UYk!<Qa;im1ET7b52f=__wV5X%hQvITQ
zX+%^^W)Z#>S%@IAI48;63I9S)B@NfIq~J^7bh*lDRYWSTirI=w>Ua%Pk~-F3X{)1y
zsp`0y>1aeQW_47tW_7%aDOGiRi!oIl4>G2zql&RQeuNhIfJt$9Rn%XTEnCHfIjvGk
za&cOv5`pGcsi7#RRhpQgt5sCcZWVJqW}?~e+b!50nRmg*v^)<y84!QL)#qwjZY9Sa
zKrFrj4^8@-wCOW*FPg@QB&$&Wd2;X_G|e(jK*Fv6(Y7fnW;abo%;7F$N*W~Ve@?TG
zBDI4_6$xX;`QmOjnDIIcO`rpWzmAi`nBmh+bW3d$7(Ah7pRDCb)lfm1e*k9<#0x5e
z5WcznC(?heruT4q6_n{MD*u0&G@lCKM}MFS{LG-M0xH;Cf!~-^)}JaMjMH8Yh(hZ6
z*K3|JuLZ<5IN9Bs;OX}|0^QKv)j)2;2X^yKk==dei<Wo;uKwQO(-6!Nj_gB4+}X<7
z(-P}}?w$dw--MY(OtB&vj$+lIkt-0Ailr5xQXjVH?g!D`Rgk-TA$SgDS}BSL?e4B(
zQj+F=WHCwQ`gC%zGg8k~Q}4ICxQf|&R0hiVOi3NBzM)u-Br0Z8jsoRErj)aox9vHQ
zirJK8HdZlZ1@U~>HX9D6nvJWNPGW2}RLrg;jbdAwQZ*aTD&=uTvF8~hbLWg=D#m8x
zb+qK0Oge%J`9Zd9T^HuGZZ$QbV>arX*7Z~CHgf9*-az0-r9AaLwAR9+Hg94yW=yEf
zRnTs8sPA?x8oq<8$30%OX{yr*<+1QXYlr%Nn3(CL#hzjKkx&oX1y|D<=Yje;8rb@2
z#s~OcK$Zxztp||gZ|VUhE*z=f=k-(ahnjv8eNSw|&zgwbfFJ5gJ%7_8o3UJY1Fq+K
zEwb}WU5>6jCu>=691e(GKU$)v5521W5>w2E>xtVxbL(%jr;iP&v=*KIHE!d?Dx>E`
zzKn+;vwIEEb9sv23xCp1L&P7#dfA*~h(nx;v?2Z+-0*SJ1UK020uQ#mx}Ii;a!R)h
zB<nuZMfi3*H`3s4PXr1AO9mTa8H3b)x;+`l7XGEM6jhXNt(NHj8|_t(K+i_a495En
zQOfkR&hEJ>*}B4TV?F5hqV6q0d3%xX7wrBf-3MkhDWPNVSHMq;8UM6OEGg_jUWg`C
z^$5rn_I$)>yegnUQ?9U|#p1;U+KZRqL-*pT6qk<%i=H>62D4CR6+8XsENe50r(!+m
z>XHq<7NEQn1YAO=pbSkYQ2dozM(EfKOg`_o1OC^LVFd-Q(^~m{Z19L`1WtdYM|l35
zSVqC$J%mQ`e+9BeBHN-B`UIkqc7be`O;!%SBnuRvZ9{k1ZA8rxzZD-UTtlq^lK9)T
z48N5Q(IC+CeH=%T(%g-}6kD2=@W-TCV+ZUd;hoGh1x#a7ZTG*V>H=-4qWr1J=-6Nw
zf2UUJk4O2N5IBQgBJjM8X*X74-SHB^G(=R8-+rEEO@;m~;+#8Db?(HM6fd0T2D^<n
z&ES|8l$AX*tTqZpPvg36_M3tEP*{hh1lK{)1LuSE63&R4z1tRlX5a=W{N)Tvh2QG0
z2n1GQ2aQ3pklnWWX<QFb3qPW8h~J?V$Y-4U7$l=ape)uLRxxx95x-PRki}BLZd5F*
z6wP@Pr<Yyz0=%cO16@@GWmgTPgS3%*HHLf<f3`-)v9jK{H%=t)j1xVdAe%;4P-X47
zz!W)4VLz~LwRdW=%7?|-cIP8a%eoT*n%4Jxk8GY^dK6b*(An6?n{26i7b6`lWh34D
z=+bue9;!u>{%zZ+-XpY(ns03#oQ5K3(cMr$-w&v3mB%Z3pBxIVK}WfTNn|hkJJ}kB
z9;IS2E8qf~tw1e!_53|0Kvv*k=0z$mw>HQcyv!iAa%^kE0cp^R>2U*7VmaSz9bBNT
z$7Xx%M!(C%)E>wm8yroHOaY=rAE(M@pqDjJWk)4gn=M29sFbCrg&ACTNI(T+wRM5A
zwtniRxG+HU^lNr?Q@?BO;j!wrW6)Jy2Xs}p6H~gX>jLfS2G*duy_i^57X=Wau!14#
z6I!$k!_rQ;-W55Ou81cA78S&c-V-qLy@l1`+X2xVlRtSnHEZ23nm7iRoChWI{0twy
zN-dJHV$7+iB?ZQ`Tk=1?$P%5a@YwP5|A)Ho4$q?4{-52q>~1#Mg!DiHZwM_AAP}0M
z7(u0}#H%KP0uful7Ql9~MJ)H)Fp6FAMpRT3j0Ht(v4EnW0aQd3QS@RrSg(rk`<&S`
zo7p$s?{okC<$3na%xBNEGiT16scSxyWs2x+*_ajIg2i#nS1ipjMLMjY1JjKVzN!l@
z>Fy64%bvf$y$f>}2VzjGyZ=i(!Yo7rg|+widDtcMkUGy5N8vdjJwE0wOzwS)&DgzS
zUiJnU_e_`u!pel_bjQ-*jf|1?HX0pue9<6iKLn~QE{sna0GkBvjIECQegCNV7ZZ~f
zNk78Kl&fqZkXPA47_YJ^j2e+zWn0P->Z@!z7Ob)fFM$HQ#^fY7mEF^w0Vu$FEsD|j
zzK&N0!Yw*sk3P;w5Pql=qNH9b6zMJo%PGd5F}DENpNvU8+Q%xi7ax=a{)W#(*_BYa
zVu{assfYVmrFPAarmz?!F&t8ArQsj%Kf3-95(@l$f@ktPBQfewQ_e$AKFo+ZnE9H3
zXYzGMO6ya8y!RleQM2-5eBt*Jm)^*!Qo6r=@_o?6PBD5~CZ*iU21Zk*dl?KhFa-t;
zYyl{vPx~na4UDErL!jTltj`kAp-{q;?>Ewl#&&}xK%Pe(k@^1Bums41EQwh2Y`?*O
zf&3UXt3GkXZ+IsE&3n{|if8#Hsr$)CrMi2eT6ApKYxoMsFGwk4MpO)&9?kULMW~lJ
z6ioz7E{@qRCt<^?V#p6v*<od{0TFWY><sVl$0DNQG(RuIo3~%@W>+R*ay8R=3gh(|
zOxXvNG+sxI(Z=+|unDH9L&KW90?I(%XM9^VdL&$7J-HioICM90!7|iZyMBlwNPj$}
zAIxFcS#Nee9Jf*T!q4e=sxxr*{6aWhB~KT4reJM~79*;6;k^3S@KA?V{R=#=&UIv$
zRsCB8$<x_y^F4%$e1spe^sC2U<BWOe%lHn%kJA_$Cil`jHQ5w-tuOj@I}<rIYBqO=
zaW?=Gli?VmdQ>z$a}+#P<k>%(Zhh1bi;CnK6V1$=k2kIGbQ)x2Ns$vN(vzM^B3DTs
zGGs~A>V1!IdbPIrDN;?zE^7fO_Ay8%h%{(P#6lqJ@FPI{E)$bJ>NFTr1s9!wsT>B$
zE+J6ZS6?3y?n{1R)RR)KMdX7SV0$gtdMMaB`UF#4(;b}L1kd|CSgC#to=<qRQr$$J
zmm-2VSUogqbU$HhL=cCo_lpw8yB6bij>>bHv&UoSwR!h(Q4x6<Ka&3o0Oi+SL;4U`
z86tZ|&AO{yK}6M;#;tKjfLT9+rwig~@lo(Jz%w;B=9~!2>`D$sYGP_H$4md%6xTCG
z{F~alyZxaP31M=fJ1g-f>|%<kubUp54Qn0lE*BelIk8z-p5Q1bPq&n1WdBx&eTj@c
zMcBZYq-$f0_9NUfwQF`KgdKUUUlP&~x6I1Td3A0(Ms4VpY)fPpfv}1RDet$;&ds4~
z{uHJNWh!%+klN=h=fTnt&hL=JyBQ|EKeZnc&0KytOzWR~R@wKVc3)-^QenhD_eCsG
zf6E|=QuS5wth7|HLI=C_H1dRXKz&ryQe;=f%dK*Fn&6q(WO&v!XQAfE^9;=SG4LdQ
zhUY9NK71O2kb6mib@0Im0r!x*&FuIHcy_?kbAjXaN{x!WoCPXo&qovX*D#rMZ0uu3
zhKT=x-ZB9bwCAe+aoUPf1vj>!#Aypk1G%|Vbg%O{&YfbMww^T8`%@fiGE&$9H+6zu
z13Y<5+y!nUH_gj@AB~(b;-oRXi~a4EFcwXiBuxD0jofOAdJaN0Kk<P=djf<}$5Mn`
zf5xtpyJ}JYOfBo-%6PV1byHx_l{^H>N~R3DlAqAdL!jTz3#_xFf|^$KadDhjJr^sE
z$KhuYp6W|*O6U$aZo*P)^#$;}1&?(e-kc53$>&GKVm#Gz(A^a5S#FDOGeDPxXvk4o
z-pAMXmm1U(-+0MiN3G6|N31a?qCyM=&5P$*L*c1{XUNBxsT*|^s)RhMwwvLh+NL@@
zlw+h?LS0ION5|B*q7cS)t1#W*Ih^C8>QdW^bgbRr0sD_fHdk{1s>JFp@gep&WLF1=
zkTK%U0_lrk(klBXkm{g6Q9>sA4&p?Ycqch8kud#{v`ZtAPdO4A?FAzd1qRh!2g)y)
zlEg@=b(*ILfvnaiBX3Q5-nwD43=MdfF(^f=U)&#A>YzWeJQv}MO8uI}&`wmB#5=jC
zqio$690_npRy5a|0k8_C>3On|Z&}pT$g>KI-mBngh9`Z9(Jj6Mjcf;buJtm<B5Xz^
zD$GT+pUd5XIzO1Bm37n)1E69A4uPhT>-~U8Lg3#$`&2}xW9AidU@Pnc7h)p{M@uzH
zd9ufhg{8tEwV9sJVY=F0Q;j(VMv1j33$(2L^P-6OmH9;(quR6n#AcdGWWKt8JZ81Q
zQx6Yqp0P$B1D>-d^NNF_7~z2vpBcSm3F91p9>xE;kt<86gXyY-A&^U`W2%IR2pbym
zuxnx?eq`S$sBbKfkRZWIkS+4NKV3mY)%#-B5!F~F%!`R?5s$^kz|#N^^^L18i-;pQ
z81*mIH}?F}!~q#UD(dcK-*{mpgthmLtrQdYjUqqR-Z$2B6x5nk-*`P^PZGv`V-sV<
zf7LgB#hBhVDok~GvTqboKc9Nvs4zt+`^GLzNH(Y6H^y`Of+@%``b24V)xr%1b(5C<
z(M(T~1eX5U42CRy1qSVv%&_@P8K`G6!$P3nUJ*Ms_YOS56jSkZ>IW;9W>g9aXX;k&
zx$yl9kF;_x{2b$&)H$XonQDp?EaShqg_(a5zF|XmlP0>sMcc4v_d*YMOf`D{FE7EC
zng&zM-ee>e&y0w7&UVCXEUlU+!(NNtzt$An@yx#2NUS^=drR@me$deIkh{;55phET
zr^4#~JB=1+DD3}$Cx+r$@VR(q-)BUBxHClzx+_J@M#tlSSgT@RM0CU6h}k%q_g~!p
zzWBtgYi*wo2{aLN-I5exeuvqI=zL63JymClS8)A&#;+-|?6347nh|KW=8E39m~qlK
zwzvV$tDOvySON#3ucjN_j>c9FB70Suv2^27^nk-0aVDM(-I2$%T1S{U^wR@Bk%9Q3
zN&ZbgV`ORmcoLvL@N?M7j@UHbFjCsi@U`zhA$ms5VV~lz5`@?|&#>R<4_Q3Ze@hK>
z<9wrwwRJz(r?pYB@d6_)^Kgu8+TaO>5{VO}#~(`6l1B|C8hwvHl&IubNnHj*iIeL6
zq-b;y3?)LKHk3GoV+e*4Yfiu?(-~|ZN>CBz>P5H+Mff)r0omDjF^Vviis0wk9}OjD
z>O~+=Pz2xO7oq8|itrd0Av78afm#vnPcFhn6k+*a7U5mJ2o2aP{UeI7mBGWPYA!`l
zPDN2#{M`FRY1506IMFYP+-@b#@_9`afb#i8(m|>fo=uK1ZNTb}kk2#*16Erffz?$=
zW8;-ZH|w^0BccJGO%n_!^BQ=X;qf=Dx_QMo6~e(uk8ZpQU+JQurvjA@6q58Lo%C8J
zRbZI(MxFFF+yOwbDlklXuTFXg$Ev_E>5EKCyxMp-&&=o`35cK9tvcxvCe=ZowDW0E
zv71Rrw{L90a>Dl~wS&a!AtO@;*_UIET~SJq3_@YuhN0{Z;xz(#Pr=iR1&^BPF*rV6
zxCaxDI);<Y#<nna#M{PTklPcn@4kR(ssGsc5;C5Sd7l9c5<3XA((AC^gKTcxX2dKL
zo+^0ce%||$-W(>UI+fsUe*xMHeit1m5kN-Qs7H4NM@Ri!5M44Tqe})6Ad_;}%FzjT
z4_seyd{UEbHOAYG;H?f0d7q5!Uu&_dtCeKq2jB*+<LRJm9d04g5Oe&7L@l1!;+6t5
z86<8}*6qKeWhR3tGx1Yky(HjgEj$4~hjA<+1|)-$0m&ee_4%nsH;$ttF$(yZ49e(|
zK?IQeY~ko&K`cEyMf?ZPraHsu7sZyt)bS}|;{<E~yc(W3)_OKBGa~m_rHCK!Y{K`e
zyPt#J?-e|o@Ocy?Qt~LsC`<%Hzh?3@<JCN@DjScbh-2|=%Em`eX2G!=&&D>RusP=2
zUYn60qvrR$uDEg<j?{hQ3^^q#HuFoW-A!%X;tOYCEw@VyZpU)BL_{szLoP{iir#-0
zCu!grS_C<b--aT!5ZP|WeH?B#-fo8uq3Pi^2uTQ()59yzkBD?8mCcf7g5xhD0#S&_
zes<jTa1Tk2Y!4y}fikjvUzlP9lhSY!>6Y4WBZUJQqz1)v&1Nb3=9D(B%5es9;vIC^
zy|Fg7=|#gH4~17Y*B43p-SmNxu#W*)$sj4QP1~UFW&)g`gC7DcM5{kZ2e%uY?NWf3
zF-Y2K(`KWO)dSN#P2l^c^+rEyDcW=^Jj35JI>m2-M__5R<`^eVs=l1uXJkrU{1!)}
z6s+uva_9N^4OzJg3|YB_Oc}CrL!f5mnlImoov?4?hb+ZSw?VX0?oJWE=D`$df+-X!
zU6dlu#k1*Qwt`KP=*Sg-XpFOIHi(4zeLluLKjBAW*8odtVq?1v1;s2l1d)g~U2WJ`
zU~cd!ek(bB4HV^AOnB`mfLL5(BrFdxXLOFqvqSccAb+39Y5Hu_b?7atKwb$7^0+DA
zpo3-6Cdu5i5Gsa7hB`>C*&iVynDodIB71BaAu4hb)?lQV#t}<UjTCh-7%7H89x3XW
zK2k&q<^_;ae?JS^l93zmL+pdiXhfbl0fy%t@LUYfCo>&!z>n};iaHpAd={)Z%aMEa
zH@+p=PddVXkqH-V;@@~C=7;1kqu@&goexNuq$r}l;pd-^r-*HI>7yhwH)8W!<mCx|
zwQh7V`76wAlTt)p{Ze1@Rv^zt&2zA+tPgSgul#YSWH;huZiL#dg(om?8-0&&-nNoQ
z*@of?>G2Jz7LGS0yeSX(i4nI0^EL!(w&7Zifr#ZyxiJ$LBQqG-T=p<5jAnAYvIj!0
zMdbY_pfFM9jWH<Neov>!1&EDb5|2b=IM_cE4~_jIGr<0<@kq}<PIScMc;u+?EGU#%
zEw{Iwl0U-$&Bn9YlkK_|?Rs-p-*Q{PgrRo*<X^RG1%_C&`mfq`2=rMKKdCboJt^I8
zT{Blf&$PfjJje8eeA6c1jFWE?b^OLD1dm?T5<s4DvKZ1(mSBD!DvNg~wk*;1r_F~%
z<Q{=mY_i{csJ}NwpsLjx|8NdPJq=aAoLL*sU`U54Feod{tR2CWfexdYwGil+Rj%<L
z%f!?J$Tj}x;zv^C#;VN+8PR#DT3SxpT#oJY#n@YMB%aMv43qvx$1L{+ely0%Kfx_2
z{|*_5luk?$N8^#T-iTMv;*p*+o=p+A<LR^?n&Y{hvEPEu)<!RY>qR_mxR&M}{9i}z
z3k=iig5x&%_#wx(CQwdgPa6iag^k>Q-3+lXYR2w!#R5ESM!W!14wdLA+hVbJ8r%)!
zzAV+t#V+@UwVtr;`0nyxiH^y05Aop$)k2|Wb}s4*cN@76%=AhSLz?CH;l$y#VLfCF
zIwoU~p%O(1H9R5ry&uP+NQB!)6nW){=|sk;S8m&{)P4bb_;oBV-Nd}241P6}lGbm-
zH~9`g@U?pIGy2KkIwph5!&G&SpXEUmdTx%0&+TG}D$3o}`L5d)XXQC6I`4bjY@E%d
zj$VNU1fGd0EH@vdUok1oZ%I<>{zKp;P!iVOB11GF1tPI_!_!QjQBlWT+g*s?IFee5
z<UoJ}vB0H+)x)BWSCRzM3|}=C926m#BWL*D!fJZl_KQdiq8Yxw$08w2&hTZ^>X*xu
zs8*WkOQlsX9Sc^&bPzLssEO-P)T8x;X!%KGuDk|4Fcl9afj{13B|71*;O;e^bqL&*
zaHsAUajaLshkEjC#(u$Pz=vjdj{C-h4T=7_4W8<IqP|Kf?}m*qQ?lfKzk0Z#3Vh{%
zC8v)aD*oICwfembhFX0H^jp3699Eo`Yb6*yt&=+o3+Xx*?9mB<>Z^)!2iWZ#1@#}P
zTd~sG6aB|M3{w9=VCMXfah3>qPu*l>Sb4CLTgkJ<D2%`Q7TQ5VTFLH4xZmcWq{@c=
zX%xAM%}L<bMwvYrGr1v3zPT4CaA(7+DMy5D*ErsCRQ(592HUQUxsPM4sAIt>r~^o&
z%4ARuTarO!RXFD%-PPQ>4g!D%CA=fkqvBJ}fNZc<SNFQCFg6}{UpvzfS|^;b5%S|r
zNAO*GaJ$I89l>=h2(E)NIE;@z`(dK=$S0v9%TxSTfel4ak+(oS(q@6(74d!8sZ$Sr
z?H<xi?$l|9TkX_2m;;e)2Rn5_An()(VZ3mqFn!@_5=ZD#gs1rD;dQKi;mS+H#_U;4
zPHk!T(0=YDoRHNqoQCaY@4G7u_LxVy((8=yb2)s1!VeqZ9*gigCQs8I2wBoWd75?&
zmJf80Pt$tq&}#1GSjmvyeF*NEL95ZRU}tOylsjYPY1+*i6LwGT8Sjmp?w}f|O|$N}
z2ooR0G0|;XB;R@fo=SM6h|WVj9qjs*NIMoJC>NSEFk@{rO)kS6#vpMnFs?%&8`nA(
z7}stC5<5nVB1lXJgT!<&NGt?$VmcNiCcM9$fUi(;YSfwRKB1F+`HV2;9|-oh%9td&
zv8q&`880D(QL_OOoheeq?o%8bzY^2=B{jO;vlH>>2Sdui%H5}TvfhBZ3GR$_mg5pz
z&tYO>E5Hi5x)lNyTQ6eD5L-hamsH1sl1jE-sYMYa76MgbIvB7u1ae|J79{393F*0>
z6FZ97a7LPoqbebc>eYKF3Ct|OA!~G`Dli!;naeYsQk?qMF>i3DkOIAmQ=z)cTwUZ<
zAn<F9$-t`%>|RNjH#wT;hkk=8sRzkiJq*A2Gne8Hm;6MUU&a3PLpN0K_Jd5Z`|5~0
z1Z`#@zom@~yRVH5a8E|_)<N044@2|TLD{@Fp?T{dH*a_9GA#FSw4}Fo-x=v=(@|v|
zlt-4`m%!e|Oe*zLQzT)>u$MvygMAa`a60`!7t<u>!hU!RPpl6{mlGesPYwOF(pJxz
zaJAscZo(PXKW*_ep6oY`vc{wQA>G}`lTmZr7FVpsll?*@UN8>b=YCO<-BRw%gZ+C0
zQ_>(Udwn<WI$*CdM%m1Mr`T;s!sMMX1MUnH$}1-BtPO+eiV5%2iLeSe+Q}5{%U$B5
z5JMHRvj3z4`#}U$@5yTHc2gwRei>jJ2g3MD$k^g5fi}os2e`k$-RWq*tkg$Hz4PT?
zfgk=A`1W6c3vn$(hd3X@S#$-`_)1<2@#&*sFt`>11h`Q;-x1g0$zEziSFA}9#@ZBe
z3-eje5z%${8J>=}ZMY(+fs0Uza7InaR#!~LlfA=Bzupv=@ynigncbG-wPJZr$6jCP
zxkIqgOvlb_HL~1a`bERwPevcN=nc%7X)(T*jx#5(jmPzc8i<2Q@$XP$O(P*FySv8^
zz&c4Q-20!@*E$BZCPrb+<es==KYT)aY{V8>ZL0uY!?97LU?GUlM96Z4%>L1_s1j@8
zrhZG-;$jXEs>Kc<)nW&bYOw=Iwb%iqT2x@D7IjdsMehNK{*9b93X%Oo7x#`NOg4wJ
zP&l1XHitFfgbu3afQaZXx;)(!|G~5W8HSm1D5mEtvFjpwIDTG0bKSqfh@K2F`83TD
z`_D9@C+0a~6`uWZJ=GKl)bKi7_F8HnB6I9?Q^YbhkQ-N>;W28iyc8b>!ZUTSlY!a1
zUi?yya)!BH-#<+;jxo}tQ%4$dPEW^VYoa;54j}FN=m65(UNR`>_;irw_$ZS&0e~6A
zL>~4N4$rlEz+DA5rD$C-Fp6y%z9*9`mS%X!c)*g-pHrja0?syd6%@c9U7f+G2XyN2
zOc85TB?ecFns+aEMXxI)JBq-LCF&(nGdo^pj8vgwhmHm8=l~KsI)KEEWKgn02iw`P
z3xhh*o7j=*eu$3gTh7gBz}0o}Qun-D!=UV~9zZv#Q_9{d2P0h_<lf3Yb#+wq<9h-~
zw^z@K=gJKq<wzGEM^1$gVG3feoJKmQR)|^#L(@nK45pD5fbtZk3<i|6;Ufg{Y~rmL
z!qkUzgM$Dh6}6HLxtUbijc`k;AQ8d&*>(|WV~-S(1Ug4wL?9E_w?wd`HzKCuKtlyK
z+Fp!jY9`JaPKjc#NL1oy;QuOe1Ak?1R5<f|ycYi-CU>S0Yv#)W=7SSPO^>HtaSk3d
zsJ@V(wfs_VP@giUHz*woB&Y*O64U`C2}%Z~1nFSA1QF|+ccQ4=pmxA5Sw{^j<1^nQ
zxm5{|)}RutzT#+aP_$b%lTp>6qOU%JduFivk=S}1{x2mr*f$yX&)kd$c&v4+9~HKS
zfMttbam8nNz_Q_B*{A$cu?*h@5UG5N!Cdf|M4xUyQP=^%x{ow-UAhe=1mac{k8VX#
zAX$Oxb`*t?RI1xibj&};dnzo&OimkHR)X76${3?6RJWt(m<%mEx*cT<lTsgtTT<L!
zzb0Y0EybhTQglMxn&Q!|DItunsnIbx7l?>4!&Ep0b;@b=0MLDZGv-b~26Rx0)-zy<
z4!$(SO!JoDD7yk>sg6(B&%$!iv7pcMNQf@x#Ap}~VUkK$VblrAw5UBUU_ufR36i9B
z07-@GAW5DabpC^blP(GdEFq8wEIJkpSn#1%^kH{tSx`z_$7Hss59<I@lj{IdlS>9=
zlT#pZFj%L$j}s?R3wAW>U{I<M$feS;_EI6LvPwSdzW^SiCKop|or-7b;D~cDn$a=*
zRy8AH!)(TM&7)%h8#;i*h7KUHAsLix(7{0SNTF%s9FX2uLZdLHSX>gCdzp}$O&~PM
zpiM%fgG#x_%5fzR{rwY<QFHq`SA2yB8s<o_=0JX_vt|ZkI%{++U`+>*SknO{)+B?H
zH98n(%|bl~+@2H`V$BU&_5;==gOW8ms8|#I7rqhsIi9Id#0@)rHr*)MbP}#SU5N*5
znhrMI#4mL=tz=ARla2*!>Hrd(I)KEcWKgn62g7XIrRRXzq_7a1zS6QEuqhdoY|_Di
zO;6#n;5~T2rs$|VY}UX--F@ROpJi7_mK9<3{7gJx+4*4E5`L+(>}keymg!i)vJN1z
ztOH0aO9my&bTD9<+_l?CyLN~ByLMajUAtd!)`)L`5%)WTG;bBG3MepS#ECC_R?uiH
zSP~9_z7gl!Yi%+YzP*;fegZ1DZ_+D|H0jynoAmIg3PBqF<-8}t^6q~De$1;3qyJ|Z
z)|=-W#(*PnjK^Gn{Wtwr;u2mH`z1t5>zDqZ|9u2DYEJ*r6%XPu55rD}G;BNPw=^4M
z)?h~!UDNmrgIGr=(6O%h5L?&(#3p?5+z(F^JTmXM!PBZdcffuXd;K@wRq%}Z%1@i7
zB+|agao+>=WX6b#X<0^ZcU=<biC7o=xn%IWD0Q9jI?OqhBZ;(c##_h1UCYT?3*c!~
zo^#-7VUK$ndfF2?Q8LP<tdY{xLE^CNX=gKKsHY8q+$ZT+d!OW<kJRRAaRjO9V33*)
z20dU1<kWPmJvEdD6D;+fKbJ>Kbw<q;%;jB<$DCo9=l65Pzy^LzvTW2`=f6V5uBd|;
zL>6P5VBzNoJl1nY<W&5>kKDMIzdYjx3M9mNXdFh(QUtL6uu7+5O>G-(Pcw47q3~2P
zRRb14thFWXlH+lrjj?~Dby!74%-b~$H=Hs^!$!NZ*eS)F-Y&+d`O$%A??(`3-RP%F
zOQl#Qb%uek4`Tu0J`h$iNb{riBq#1d=yo7)PX7XDECL<O@5vUE$Em$MP)uf&60wiy
z=~RL8sK1K7mO(TtVNdQZqtE!TJ^Is=0tsgtqPm1pnW?H0=c~&i;t|HEE4Pm+bbbZ)
zhK^NtcA}R@#1}eN)5W7gibXy*$fC86Es?pX)N<kSd&L>ytw0SN!6*$E>=V0rB`A0e
zV}}!VeHU*aunY9i`xiK~QGyUgr_kk}NpcZ6@&Nw=KnwS~moz-#XN_tUH+Cc0NdM9P
zaZIZ--ZzEbpNsbpytKnGfAa+5iay1{W{)tUr~b<jEAZHt8qu3ZVG$CKeU}kyd(2Pb
z0!WfkGxI`MEW=|rIja#{?&JPT>R0TC`+1{KpstKb_CM0uxd8<#W=zR}<ZC^HT`BNm
zMIH&y#f(W_vJizZ;)XL0lna?s*68CU&QZYbWK3q~i4w{4X2wQSDl3cP#Pj;Sh=h6l
zf}Wy`eFiAL(_??C#5oPvAB>Uaw4W{kC;vlCjNXlVbMZJhKBv2zfPF=HpD?b|ybOk?
zV$+8+JWTUGm|w8JDdX&k|EI9K9{(R>_p|uFhuv`q#W+0312X5Il9&&5V6I2xQQB5g
zbdMp@e({g0L?4ES_JO6L^EA)L&8^Xk@bdzmv`6uE*8k$ZZ2(SacS;p$o5D2z3$D}r
zFK#^#I=znT?*D;CM7N*-1p`guL*$rArnm!7TCri|iTnM2GE2(%4OpOa=V7|4E5js=
zva38L36x#slw?qLmG)x9GLj=8Q!LFi@=+nbp;{v4;P7lbC6lppcMTko_3)ep&wqb2
z`UgXd#@!hu*JDT8e<%AN-~4y7dvU#oP1#xWe`e?HDo5<aQ(~G%!Igi*T<-`NV7Mza
zoVQSHp^}C?A+rCTH$99nFUK-<^h~hjq@5|E1cLkjx!b?eC%<Z`uTyV@)Zinu=ldVa
zD0wtuwL%HCwSmpek%A(U((>Jqt9LR*+QNQV7U6KTC{^-wWPsfXtHF0M*ptAOkwMmP
z(2ey7R`PhHt9Sp?5s`SnPmavH?$;H|6XQB2PmIU6z*cQWu<q9#nErMlvH|z_^`?^^
zN6O_t;EN8gr#R`~^+n|H9D1-(lJ$BYEX%+%VdLoZE8uR0d*bkjmwrAx0vlH8z<K&p
z@RXAW2hOt=!&6J1vz)9yk)cL%FDXdB2t)N2xakOT)=4&!hX+THvopY>MlJxgQXDu>
z`yQQ)j>!Y(+1J22Tg;S)66LD?*{3IAIINugd@}aTgq#<UiV92Jjk=xXK927|!cK8q
zS}xSF;9&YgOi1gw>R`IUXyBp_rt4U+z>4=+&B;Np^9@HsJu42Tr=6FC1qahb&O}JT
zA52a)J7HrcMdKWV;l+Z7{TeR?KzDhh-Ge%;c+dw&11xzW(#gH!Kc<++AmzK{$w->q
zHm!ql3_?T1#819qFAvsMu}2OG6*-wGG$fQ;5H910sqn#clnw^QcnD-;T*owHT$ZCB
z7j7(N`Kbs5%B0U>7IdEIAEzw2BZ59}F={k%n}QYrp^ejp4Nv<_ScccQ-ue=5dK2Q;
zoeY~Bn}16tI@T9xg*(W7XCyl=TOndZE0kSEuT_2wWatE4h7JZ@MhI;0GWI;<M?jNP
zewUG2S%EK)an5>DvF?iuNWBE=RtF2KEGK6LDpG+oRXk=2YTeDl0z+TU*Xa~~Nu;OS
zgc9js;lFJo`%@AGraX}-7p2IA6h^5Ro@sTF2`Mm02$S5D)qisYGOKq*ddL`bFvzL`
zgBYZCY5+S+nj$@<c6x!?p=&1{Yu8S#2&S}CB5Jg2r+Rn-?bHHKpq&Ih8L6~WCES5_
zY9No&PA%k7+KCQrEA3QCZq`l>a0l9{1s<iH2CVk$Q`b&9Cbd%*X(wSJ)T;hjq?O9y
zhBnF~ZA2eD#B~@_3ytE~SPRMPFdFGSUx$GkVcW067{|n25x3Gh3L}0ht)pXqp>^)%
zXmqWkV@X=)agAKpI<GwEGeT*d)J90~P9`ReTmo6iUU@CHrZ6}d;FwQ(r+&Mi5Wh1<
zq21oG+^oA0x(%fr^J(^=cOkY38}2V@)<8(rRr;)-9QrCza!;f{sxBQ2R96*3N)OFy
zHLypjE=3+vT_ZW-km}OGKy`&cR$V%#sjk#5SQpyEF%O|E-y7+ZS^~wTgN0vNP8zjw
z1<Hn#hc9f1)S;j~lvxY~<wx)!xH*-<i2%po>)ff+z`5xR65olPsbdg)9)mHWJjK{Q
zjrbY@=~GxT1M`_wW&oeUlHkn@lAw$UK7}Pe5LQ_Ayk8yt@y@7uQEApkr6xI@UlK{l
zqlnXVVT49<@UyiR%3vYp(ai0G@M+f8O5aeQDh>6CZ@S`kEP0l^7_m}e4vB79HEmJ0
z5j<oYSx3~O4bhvIA|ovUvPSYWMhc|zZt=;ax!(66KXzh(uX`~~avC_qxU{Sg3$AS#
z<5QA28a2z24`)40^VcI*J`!l71lDmr5(z&axCbc|C>;Tg#HB1H8zWW^1gZjE$tDie
zpaOvx7oZkW8gKIX_oYm5HD-do#FM%>?#~T=2nl!|cU;K1L3pG*%eg`2k#mC|`ETUh
z;7=T*J~x<hv!6=Pd(qsW4hD0BAyA(iL=wT=ASdU~4JwbE8)T218!X~PDQU{LG!S$!
zn62x{l+?<DRu%%emFZY}E0c4B1GG4T)O0XNO$US2LLjH6W9_LSkC=`52-}oXaj|A<
z58S~sCV}cCLnEbfh0o{-QjX7_?}{(*q%MtH(K8Y3H&o{XaojGu729OV(=(oJ(aoC;
z<mna9lBa80;K2=?^5$3ZyFA?@x6)U_9ZZ@xa7rZ8bmZ2ps}*7wgQVExq&Xd+34y$o
zo-X&iU5jBjU+$@6!B+YZ$Xn^<PWmf21{m%lbpUSbm~#RyTVxQk6cV)But&ZgSx@aB
zFOJ{70o&@~!Bx2KQn+7cYFNBt=ubH6eFUzT4S}Cy^Za?3Y6^k=hq=+U(hPblMZPRv
zAX`bsA6hG^R32(2_3V+YWDlpCk95@xdd8!F(MohMXeA*~Yb8xcLbZ}sl{U?wi#?nx
zY9;0Dk*%bJ6AjIv>tG<aeVH=UN<tvZt&X+Jt!yO~S{y+u(ZL`!9SmAY2;|gstUWcb
z70sb}lCMthgU6^Du-O$$@KAH0dTT1jUBjy0THy(_o4^)l>7jZnXOFD6EgYj>Z(lPO
z(r!8!)LRJD>a7+@sCsKuX;ZzmC=b<J8+&BE?d3#6^`?UXCu4{CObFFm2xLy`SUV?W
zy?I(3LA~i<keUt#^%ep-H63eD&965x+0XKyvfgsvb;Z?qsNUXQhzfzKBQ<7!^$Sid
zFe%x=WovLw=<8e1+(7|Pw!0mkPE3&n3i&<86O%#u9^)z4(pbopq)+7c7^ftI^kunX
z>~joJ()SoItqp_0KF7>?3!!n4A4*!d3qg0Fp5?WXnEd{o4oVKw_wPD@^!+;>48DIC
z0@e5LLLlXmzJI5KK`xahBhIQ8A%<!#qFi~XMbxrKwumY&jou<oVl31mbTDWUAy8`(
zjYvYZh!&MLwTL$5p%#%C=4Vm1h;up7P>ayPKt?ZO%2104fh?ms)-I#6MO>-H5wr*$
z3{um<phbj0PEE(!Q-drDk=Ib;w}|86F={rQiweto45O1Vep9gM7W683*4=}ZT)O?d
z0Uo;bJWjWsH^YP5&Mmt9Z3n%;E$0^9a-M;QE_<_%gQE&h&mOpHU@{yxaDr5YJ<q@?
zwPBA(#O(~qLFXApFT9gCpx>wAxa{1&0sR36$rzv;(B%c{?=eXIEnT3Ff3Rl$?CFR(
zy&P)cFkB*&V4%;(L&i-?{lR|8an~kFUbev%C*w&yId1*X3|-I*45*7cnLFQ)h+6WD
zjAdKfum;gcp0Tmq_+s?`E%4x033nOXYdONMNLikjyK++!_%*ux=q@u%sm{w~7H!9#
ze2RQlJjbG&yc50QnGNHKZuG8&2RC}l3%Q%%rVF{H^|S+?z<T<O^FSSbU_EU)#4jnv
z=Iz!~2=uKdd0V*0#3b#(ZQ(i?m`@>4H=lmyOi1%-F3hKAU_SlHpfsNVN-k&gK?&!?
zJ4-HCk_TLNiOch}Y!J6S;<gSduAk3@uFmxksJI>ind{a*)O9^2JT8`FO~+`ji9B8`
z!+8iZkG&7|Iai9v<t@U_T|j^4Bm*?1q1vbW5_FKI4_t8^9yQu&szj7(w9^WYGy!O|
zBXCWF^hkSvJyQF9#xX(+0z2+^#zNXp2LtUF0yXVdizJlxYgB1Vdq8=lJ-{BR{nEH$
zkwgXhNCyLbl*5!E?H2-BAL&@TK9bt6s}@I)nhpl3>0qG!LLjH6W9_M-G*AdD`Z?kw
zJg6xn^3eb|2Kt`7`tSW3eG+6w4GnVS;HEr^!?J2{Q%@c>xM_w*4Q|@t#?gJ*Jj-L+
zIpHRbH8i-1wE0Penr8^q1~<=WF{r_fjs>kV1nRBxevTnDxLM9%XmC@DtOtXeMtIcV
zW;;`d1~(y44Q@i98r-DR{^XbV4J3yXu)pGKOn8*)%}7JCO7&Kf2TDPz-g@#V)!PJ*
zQUXtLgfvSSsNN8$lt2g!RPPBm6x~XZlj<e)pW(p+#blHEPyFI%mtqeTR0V^iCj$kg
zgDP($m@uTELZHf92-Fo+73D@Ls0Q*V1@#?A9;hOzpq@)YtzRI<%@hv3i95X~_KP#a
zE<o<r-Ds4%W6|;G;H5XEIo>$vLLL0_X2bgf4AHSg7dr8iLAL|ZAG4)P(b0$~BRwV-
z9i1bbUsvMR#Gifck=8n9TMzsS_YClRCgU_Uj4b54PizT;qrQqb&V|sDI_1b|<6)wZ
zy-|ro)-8fnLiR>IJb}H@3{PNh%+it%?2S1LYW9Y-baqgjH{;ebvUCzytP3oiT6kdT
zNULO#7CNv>Zefu0Bv~agk4+Q>Y$BKP_ySXOBMR6?F4;y3q~((!&k79LNH1%tq9D>n
zqEE+s#JFbpxWiZC1Eq{h{@!f#uxF!p)4|lg#WI8x@D)r-ntR<%2Gy7R@=9bbjup^H
zcgyPWO;LHv=b&Hx4@Q+;U<_{L`N5r_$4)`a58jQ{+Oq2+@lRk!He*V#Y+-I@Co*f`
zmTGe``m^$4c$C_#hiAWj{+v)V+)8b>!5vsNEu2tDZ4Mdh%N6OdU`{9mYHD+<7K2io
zIu@wS5U8uoH5@~rHkZSw*}!0+Hk<Gfr9^j>Pt6Hc!K2jXKBf+-%@FuG&k2P<r8eW{
z0wEd@U)e$@zNHWxCiioB@uzCBzz6q!Qyr@uGqV{bn3=uF^q1T#;h|||`4{br@0?7-
zQ??pcFQH;1U0i?nRoPsu5Jn4dQR!iL=rw%_VQ>R8*{|aDs*0CK;?yP9Bkr;lxw2<$
zhCApP+sLD;xV#6l#?yZFaH}eAhC8U@W=<$n#XU4bGN|GZs8#VgEe2J^Iu=xM2-K^1
zr6y6qwBPd#231Vcemju$po%k~PgNCv&(xtR4uPtQLtv<iD-mDW3crf$$<0;V1h=Z<
zR=9&I7ErmWiW67uvE`LUWp`o?qQ@6lmgt8cx{0f77OGgTZsgaqU5lYETJHH9{acXA
zJ~Zu3nEFs}NtKm-go{vK#l%J>j=aK?Z7qhU0Unxnu&Uu{CJ#+@<YQLjZjPCniJa<i
zlR=t9Scp@2AxfG=*!is)0)t5e`%T<N_tkj6xl;!sr#!6UB@lZ*SH<zHWsrM(Eo5Me
z<9&(Q`emGt5|FPMTkKsA<)>q72gjTRN!Y8sA$`sRS4G789Gd!vHMrC65j5*c#J*-q
zZhR$fL8*sZeKV|y-13`Y@g5D>H9};yd2!No0-J`*F3gpa-{o*a(aFzG{m#*oYF47E
zV}YoKKq;zn^1K#tp%ux`Pi2m4?_SZG{EyK!f*@#G`Ak8}T)~*|BxYyG=nR2=(*i?w
zUW(I`90$pD*@gJlPTo>%q0y3FbN&c-*@-x%s$mt!8JYG&M}<LoXT9)Nful!j8C!Ef
zSC8h<bxbv?X<FjJTzUvpjjEO@sosWiqw-!wQYZ2Y;?<f9yE-qU5_JrfDZHN{Hy1IX
zl$(pPq}=G3k{cb9a^tlknWY>W%2}+rxVQ5*lF>1l%!eR6irG(1Y|VL|EV_=Vq94z6
z)SQB%hd@>I8B9qER2AL%0!hu`7c?cZ=I@?22{m^UV`YS0mhX+$FtSrC{^;s%M{O!P
zGDIq#Lv6l<+SEb+`)^-^^fr!?N&5(IOdKDWVpK-Dr?>pFqK*wCp>}JK{4%D*REMY#
zNUAF)N)$--S+UY6wdXB}h~-R4^FI|&L2>*C$v>wj|1_;Idj~)zysTHq_)bNGfVH4;
ztm&Wal)^As%kO1F@88WSzc(V*F-97HP5)lPc@i37yG}U1llSdILj26wF+?~a-|B&4
zv?1~e$1Jj*My3+@&H%A3b0yeT1&`0Jjd;~V&+l_aAK?x{=$OugR5RDchsOdiV8SV2
zf}PBSR}pER9;svkZ0$Cv)pz*?MNzgLXB;2Jgsl$Bu{O;NcK~T-SO<fd;Si{1hC`s5
z8P>r-sbg`xX@al1BC;1cd=uM`Uz+xI^g`;b?1jEUFSL<59x$=&EAE9_;0b!6Hu9)m
zXf4Ma>V-m}>V-m}>V<SL$gu2%Ch+P=FEG;Yh5DlxO5h9!a#bAf2JxzbXJD)28QXDn
zC+CC6*Ze14Y7-q(+C;~sHpv_Y;cP%mYYd~OJps{1C${VPH4&r0`W+J3Ocbd`j=TIp
zETJ+5^(qwwW|6z!N$3T%V6p{&4pG!WUmv@x5kXI;O;7}dkiHR+J_QEScO9g!4^swB
z@K7W*oIx5US4iozx1r^1Wmq;b$}44jH-p%ICDvr%lN?k41xjV13ZTG11yKQX&~H;m
zAp<{iq=5>OrHXNt(XcBhl>$ShvY9eesyqg%qx4H970V%<RuL88PhYX@pxR)?GC?mj
zE0)6;3lz&+V9!jQ@Xt;japyF~CQ#&iJ6Xh>46Gwkt=d#lMW9M*QB_wG1!)`NP(3_a
z)!xc6Qg#C-C@{o?JD4)WgohZEHKQw*;mjS1qU>u{EIJq{mJT2(799)}O9)hoB?KzP
zqJu#@MNZ^S>w*I?7?lIkS0hG#?ce<7vkI?`n!WF_#rt%`{sp>5y`@5zt%6<qALyFe
z5opz`c(Lzv4o^lDHGG#A`$C{v?3>4wHc`G6&v$9DF9cGVXt6H@QkiJ6PX~iC$;G}#
z<VWfpcg<x&+`!3Hah5&WZlORJwxaB=T#vqcs$=T=rwY>zP#p^l&=4pMP>()0^bjYG
z=mSGkVI-4eh{`)spI|}~oWLMeU>smzkUqndJOFfT+TsxcLk8&!OkRRG%I@L?&`%ho
zER;RN3!pj}NMi?(q)`V0X$*l%8bhFxMjZ@l4ohqazGvwy<jSa_g=V?HtYE5xV1c=X
zWKJzG_vU~hnG1nR<_0ijNajMIlDQD5WKIWzoJ*N&3uKNKm?v>EvbC!PW*rRp+W{p0
z>R`a%5UBVY0u_ICFvumCXHF=<)jr4K=k|wiU)NC><UWpz-XojvBgef))G)~rIVr(N
z47+Nvi-T_;!r>8A%)fCj6oo6>7jd7(H4^GAO`VisYDC^CtAp|$2`lmqHt3B)t>Gg%
z?(;WdPKaZrKEG?4k?<ZG9|p5$<aobNY{ybSnEhy$GZD6@3QXAk1N!3Et^xcb$4QJw
zoE6sFNT>y=cJ+)5_a!KpJxoCX%VId2`eYKAb*kyP7eedkl=3R2O}I))fs}x}Y3gHu
z`#4ULP-eJw5^~c<#f{<fT%RBpiT!b5RYkPOo^cR9z;%qTWgW^zJX&Dg`6~<}P{7m0
zx(Jp*13dMe@cp}`xXLY`$ti*IE_wFPNtk~li1j)mX{K<Qn3)|6&kpkZi7QL*_z@lB
z0r;qPk6u>yQ%z9`cR?Z&v+g(r2aw@8GtZ1$10TXp3G)2I=$1)W$hE>FuZ}~y-e^QP
ziZeor<E);YycMYb5XRSt=vZ)#i2Vg(I8cj0mYg;MiP5s;N6QUd<?vAZuxR10R(WXQ
zuaQ0ewg-+#U-&zTF;bYp5ojF@7XCt@w(!@2B-FxRn@XD&{t^dru4v(}iam1SZ$2kV
z_P1=;bOc%lgQd7DwCn{-aUqbG;&iNiDNZi@UBhvZ<OHedV33*)2C0QWPEE(!Q$zg1
z`UcY7fWo4tj<zl!@ltH?NW9>w&o$HH*O7QtLcIDWtQ-<AxZA}G9uhB?#Oq$pK1ni(
znY^h`2Lo}t38J-Mb$c^8t6zb<BwEM(JEq;M&|V(nh`S@=`aHA9djj&SKx(b!N9Eaj
zaOaGU<vC7g;av@D<{1u7(o}wInu8nS!`O6UxNx^YTWr>7%dBXY`<4dEo`ux&RZt;{
zQi7zOe*-@i7^sl=OniHl<D_2QS0U~#h+rGTq+7G@!Z#1-_BkDtm)Ftlb32%l%x@_d
zbo*QfkZzw-AT^TU4nZ9ZZsGv}{vzeQ9WfnG+3tu@d`Mq>nHLkKWv7@C!(0Vl!Hf9$
zAf779Zl!tC><@7$rw!1U1a#ZG1ReV%pd+z-ETLxs<+n}Yngth(n)x5P;-U3eJ~=dM
zeSaGS>rjZ?xM<AU15d^{cz%!MSh+AjE6Fp<^x`S-)Wg$%S-O||vk-Mt+eM}Smad+Y
zj7{$3ZulvQuCtNlJ^W%A9JDXnyBimjs|blrrIWMmNlBQmbBRG{Cqr+?I9%nkJ3MXV
zc@Bf|ba*Pq!}A_IS5v0Rb0-A!P1MERoNH<h15WB9TZ4|t*5F-?V5^z32T`8f$vXpI
zbZ%jc#z_MjJ-apuOKdQ@3FiykJNhzH(tO*18}La0>SCIZlL4o8l0D2$CZKLn^)Ncd
zcTT;JJpag~c@$S&p>3`RW88wRALe6{SCyQ!d}0C?1Jw48DtH1d-=I9C<(t_fwfyDB
z`PJG5iK%V6cQQtuP@v^?FwpWLP}A}|kc86m8521pq~$A>hqQb>d!&|M!HI^nybcC>
z_bH|%g%Rl85XgF0$J+I-)bcNCaRgdk2ZPjfFi0%~a%wu(o*ME9tyTvO)XGT?0#LRE
zBh)`JAEtvcA5TIQlR@vb2Ql@f<#@n-#ZoGCOiD%kVyM+7uyw%w#oj73sO=nzbRj9|
zbjXs9wJYean3AMUDd-U9D`>oxH?7P#-j^F$nm;giDk7JZIbt~;Qe)=C{!m;;;zug3
zxj15G{tkI9SO7?Bsb+$9;(SWMP6gcpC|^wTBYp*q4mWo|ac#y^c4X9gYB5-YvX%V}
zit9Ug#3Xn~aczUAiafVs#QZuuP2_nDo?D2W<T*D|<b96DHJ78;6@rfW3SkL?Eo4fi
z5LTe^-^7?w2=^pmzCxG-)ASam3@HS0Si3@anhA7;pku5Men6gIV^Uoq=$KLn`@rCG
zBq2*q3ZVg>Kp`~46DWio%0mhv<8c3tR0zjT@2C*YVl1Q(bTCi|Ay88Yl}JJ<gnCX+
zo^EMU9#ROc?2!s#0Vf(#2s#)v(W{v<q!2<NH&GpHZ=zBmEYji#6oL*0sp(*#5JDiQ
zrep1?L2RKA&VfR>kCT*5=y6OEESV7oWj<OUiaI5M-hGgYhqN3kg`i`;LYRYoNF3oS
zgxg`UJ<g$&LU<Pzn~t?Bgcq1nR|p|2tPo0PBrAl18zZiG6HnPTC<Jmu?nv`LWmWbG
znmSIVeF`10i++B<PxMdx9JA9915Y<X?p3>N5rauIum+U08z8#+TU*?YXW)xQbm>pF
zxD?Mox|q{U;I3tP;w{n_u6yxR+-(A)JtO9Z-EeKePhtmt>bs_jig%5~wfJiLlYcWs
z#hXTA4z?t0!c&2ZG5vie%YXB4{HWN5=!My~7k4?=-%Ua(#N~3le)(Chcn43#bMcu=
zFb@3!Gn+dzoHuc!m?9+evf{n|!a1T=h<iCS8Lbs<-JFw85aMCRNU;z$9})HVm!Aq5
zNEP3Aj-LsvmLmVWSA5(lxHgsC>ocv-un(XW?jiG19C`dF<4df(@$sJ>95IPOux=Lu
z)w*2>RQmw%xsnFxRzz6wd5&C4Zh%`YB{##ZmXg2Ygh;WfrDPooX7WN{`%>}_#HE&!
zBV2OQH^EYJ##h?Rox>Eg=`EPKo6aDa=)o?H5Ez=dD`0ZsIV~l}SMP>_f>bJgj#<}&
z+4XQ!bBn)^s%)YcALV2Yz)I>4xQDE>df1=i#ZZohs&mK&3pe}X?Aas+shJJgWR<uB
zv8PN2<({(3aq3D3<(@JTe+~J__?nU%W-UTRSHdmx@eW?p!!zRhnDr1|H1P}PJ6t?}
z1Sd%>8Sz39e(~o~nNH(30|B6HE|pEkq)MSO)@wyUS!MBbjEW~b%HH`**`1>NXqZdc
z)G-+)W%mLmq(u*8+of#l7!k_sU&VwZ^Fj7S^hC6M(g_uFjmS&i+2Xx6TU1OnjL3XA
zTFLV)JZJ2-#annPnv>o{FaE(6oA6Zp{(n$~!lxvlhUjk_9$YGoJt@7hB3N;<;hwY<
zjfmg6cw2D_K1LJ6iiZM8VCCZ02CRJOpuYlQzjReZ9L^DtXjGhv?|Yh<k^CEjRCxrt
znTT~JgEH3BjqdhV#HxcbR(B3^bsCdWwO3qd<l5b6afU%^k`<2|3A-Pb(dIHJlc$yJ
zh6NFE4uh~B{gv!81izd?nLMqvxIG%s7cqJek)DZ*)M$T+0!IRba*)&gI;NC_!gM8}
zV}X(gf$h`%&v4>Bk&aRp3RB8LPWQjUgfy%Pru!903N=s~>zI;O5CWwU0z*oJx-9ym
z5|Gjm|Dzy=MNB}V>F+!|M$HO{R}{zgDy}x%*B(TM`K=VOMu=D~YD0m6i0y_j=pc*O
z7Z9;hjzHG&4UncY5WxTjWdyfCn*KxtI_OK&JIKIrCM`zxDwaZ;<|DiU18F)0(llC6
ziKOWcNYg<K2GaBo1g~O{)TF<BDa>9leImc35mR4Y5yursvw!wG^NL&(95T~@%WgPY
z$UXj=F-BBykG}?6K+TNr@k#S;`1w1YH9d{!V*Ixd=Ne3eYdDfMUp@g>NWF%iJ$O>j
z#w7@mK_{7_4o@m+j^dL|aSWbRd|1{zACAcN`1y>G7w9DYK7z6^qbs4g1l8h84Q3sF
zqUYg<KC3?cCnK7T@5&#IXZpI3TbR=TMrYyYK6-lszA@YGMh0;@O%x10%anJFr4B^`
zDYYAXE1(}L)2OLj;EFkTQYRbM)yvRD<>MN(qw&44^WkYG&kOhf#I(C3;t~!=N<Vcj
zJ{7ST6#rnbH^7`LV)<?r&O9lQDi)O8?XgLq9M!nffHrdYu0CnPJrCf$43fAePPMz(
zvy(xZCc&ReyQM#8YSMJ6=Ry6^j$|FA9m&G20O`+6N`__Xe51fV2c!xlF&^@~-Pyhl
zw}^?id?t~=4|&cm5!T8gL$nb;{sHDZf^Mq3z!1m%ggK&pXzBIvR6mZ7$fa615ypWj
z|HE(U<o+`n#sa0J6UzNULT-X<Mr6Yq{Y`MgI4;UvV7cr7L7;^8X9}o}b|rNB+kXD(
zH&8+$&{sm<N>t)>j)CfH_#N3^0m`6b(|;*&Z$=q(EcpIZ2$bKSLM*sTvQ~&gI9_U@
zsaF|!_Ejg~tM&|n#}ag3LJrQ<%8+`a(bXIAb|eH&e{+~qw=s;tB83QijNs?#!EZ5o
zcn2f64o*MO53XY}xLpacxQ2rhk5g|oI>`^`WpqYeFER4uhx2OT2|k?H3{UXkJb_Oe
z;=_5FUt(Nd1$R(K4Zg?!ie3R%N65PTIt=>j!XZ#~6vF*IBPzCXHd82@_v2(k6-udt
zGmgh+S<Z$zse{;<XCDX7g)q6PQ^<n>&B!NWE06~RcEA%H49F-n=wN_sWIH)+DgbT!
zmyIk0QX`Y+6@O(?k|sK@C=V9wWl**!b==Wl29R2(g9Z2}<))NzDK`%qCHBpbn?Vdp
zxdG^&ikkb8qm?yxu2E!PiUzHNejg?*8s1c*JgLVR`Eq<y4^J?@X@W<MZ*JBS55_kk
zP>pXwpc>z}KVV1i5{`rH0;Jf-{yYhE4>i+;y$|RzCWS%~snzINhvQ=Q_ZgJMs>MAV
zdm-dHNJg%GDHx!Gsl$z2#A1GjZSIj@@YDZY90(m6Ga`>~wPjC|nuZIM%pVT`5na0#
znTbQBAK_VtFG!~(e(=ZJvk`|;^Xkv881)N2j(UwD#iYf?`H^e+q-+~JftVy5d45Em
z3aNrSI4Rpe9(7W-1)ks($WTs-%7+6V{z=&b7$gw^*bD!p=#1C!;7rOS29@YY$-A6E
zV!Jvio7c$T5$OJnnqQuT%AjLH_b_}dXoF)yIv5-i(m{1hNXOJMp*ECI9TQ5VXvc)U
z=cK5#d`!q^7KnmlJ`M1+GYg)8S%ZG`>m|gj{TS4kC9A28;#9|c%3ZCR>fuqxe2&sW
z2P~~-kh+ZEm`^iBp^o`n%oNo3QeNdT9|e+D3i7PLP@WfPsj3R5V?K)+*Q!k(^Er=k
zQY0vof6PY*+mHF2$)wZ=%40qmJG8`%ni@#*Hj?H$jf}R?n+T5Q&BwEDDefNq$>;R(
zh{dR(!{YwYDexdTB%YC~@w5^ibx6FPUZ_LjP2^FczXP6tGo3h%5N8S))M`_Teh&=~
z>Zvz_A<?g9P~)M9-2ZEe*iNOs0d}8=+<Rz>*n&qIqbcKXL?#_S9~1H(EahGJ*zpED
zsUsp#5>h`*Km=Wp)6^rOHzGIU<r*T`NOo!&cBGiY>1Ql{qLc9>H>qS8CjB>e4NMi$
z1Mr<H+MkkLib<~WdwiRuSh9EZTvrfHb{}v3MA#ktvH&l$OFMbzuMA`R*T=k`ShZDj
zRMXjg`?(L|yoHX*eIL0$njz3%pY;v^T*>KBN0!~ct6QFgk!E#E{tBE3@DL77mYt;B
ziQUE>!1w+NT=!StR4n;+2;PLn83mG<$R*!}Nnp~FFUZUx52GFq#LpFYiZYC7`4Cf_
ziwABI-2-qmzWP_x)BiNR={yS5!_QniMLGUPqUe?Qj;jRnjOa7NFo!u5;qfW0=-Y@$
zdU7C3CdCw;`kWzax2PBDI~|js(FZp&(idNYt-8~%@A*>mnzLO&G)1NHjbCGn&rW<s
zw{NHTt8ll$-Srp8oryZ1#(_qmM6}1qX~txR0!iev2NyYM<8T`q6ViG}_OJr)4bWZB
zm=unY-Q4GsF!|B7ZrBU16H190iQ3UYwF}Ftdm5JhXUGe-BgGrBGqN6@qJI6{bK$;?
z(<7mkTPG(ZgS3t9Gvwkvrlgrfxpi_&GDtfRu-p`;q#X$3kTpHH${H@}hW+ppN8E$6
zAiM{#di<Eih@!G?_8m!B&SkJa<hQyz-{n_Q8NwHpIo@+f?PD#oMFadT^*SacpSIL@
z0BJ9r4hDPSLZI3U7XsB@I2{a%icWhS7B{DIW@+xZYlabXsrl)k%o#Pm4j?tZ4j?tZ
z4j?r@1%{fR4r<NMc>&c>$2lXb1)_`=lE8Ii(Si6O{a4f-`Y-W_&+5x$d#L%li*IV8
zaTUjZc?v`ApNJ|J{|N122f4HT_MieCND-^{pg^g_xIK*I*!A{M&6wUEbS!8OA&_c<
z+Jg?Nny|*AJ!JgM?cr&NdnG(YxfQZK%;5BB(lBTbAyBo4vzRi}9zvjM4<S&s2OU&d
z^V`Fa<vx>x_7E?`+(kWQGOxrMhTJ#9opWitbNt6|pnB*<L6PNDL`69k#tNRqZoWOZ
zt+^JS+`UE@_X~Kg;oQ;)CATn^<?igC1PZg*8;x@sIwfum_4+4c{M~9rN4AZ+!}vx{
zg*q4Y-D({RzFTeG2Z?K>3>L<E*h?YA$8)J^KdpOHEKj((D9}S3A)&clW102|s8t10
z%DJOsY4(`_o0*bET)79vs8-yaSnpk>;RR1cd)pU)SO?{I?ydgcLZK7)o{si&PeJ=>
z;c%2l!BNpZ_R&dT-ixjw+!LFz7OiEn;FxHsU7ZB_lST6o!TU@~;#@E#T4G<C1j<-(
zE(kf_$+Xmhk*%KgKaq1ClsR{2y@=cP^vte`rg?uNybc!k&aiJra2=Du5x0n+zZznM
z!WVVv6kiEOBz}dvdy#c(I_4<hE_eXD3&vwhT?0ImmOyLeV6ioeYfNgGFJfi(eb`8$
zgL!XZryKoAm0ZB&RP>_4G<nKN#{!ky0VI{IgMms8fl4KZK&6s(FlcQuZ^AtKS@iuU
z($6gXMC<YM3ZCL#Mzk8AQJ##axY~%;jWNZM<i;Fo=2%mljHmb@C_-UAvqi;l8V07(
z&$b$(?+1n`J<KR;Swj>;ybi<Is5$y{SKNT7^n{2v4O>w*^IMvbES=dy?)TC$x#7W^
z4N7yZ9}k)LrC0Znlse{9o(IalOi4|q^z<I~Hmq>#m``~*C=XytQa7cS4U?2Q=2ODp
z5mih{!-~?Ya-1j887qwHvv1cF?*_y;h3TmE_3fT1bE#u8M&~7jK8-2K9_l-`yH~#<
zBJN;}nsDF4^SplRur-)5nltIQf4+k$?+}Jh_To+aF7!7|pCNM><`lh!=v(0)bn{?u
z8{AKG6f`s$baOxVQrO!%Cco(W9{Oe-^o1mzjd(LYr*Nh5%m(bLgS*e!jynKKcMZpz
zgLrX5zrgFB1gdR<ijX*^wh4wX-X<8r)HXpKRNDj<MnfgFO;E=qoAC~R?p(C%&pD^(
z04Tc<+W?nC>nM;E+<*pu8=#K)yMAaJpz)e7d%cPBQhytu#TeC#+6Jg&Qsv2QfDTjA
zkejvvdUH|d{TZYo_khc~dk;f+bgVo#TW&blF~3yaYUKR@4xUHBFZZ_t>X^U#$Nu#m
z+*r({xgagO$n0({BMTVS2oDwj$iozY2~6kaLm+kebbkI~rljsII6of(NeR*U`4C7-
zh|bUJV4#HL$;G{|`yB2;5z8wB>0sz`PL65_xjjs(OdSkVW(SZ|rVa)wGXyG?83L8c
z)WIOPLhjIek~21%GIp`)xU@r02PtE6hu(8cNeV%2$k8ztGDyTarYt4O`~97I3L`mJ
zJN0y|ePhl$9GVtk)K0w+#v60IkI-6wVB%>Y?sKl=Erw3fu}&YyyaDLT6h{2dytId1
zn1to+i(={jA%y;oW2}~xj@KFMFA5{Iles+8Dg7vnd4n^Bvjc&9a^;i4&RkvORUq&X
z#$@2t1$M6_%$pp|^Ft43N<@Uv!|;p#Hsw34websLXz3-L+&|Wf5GLzr4ceU|l-gue
zo_!*UsbiAM&Ir`e433hxT)IE%)ai{I*RIu2+`}fvWXl+%{=f9P+;E?`W1TPU=rz$N
zj>Tta8t_n`_%X8cBflL$LAg)VF~3*(29(8b`0<beR(+z5`INtbaw1a_lT@FmV?JdZ
zUyQA0N*aTxK2gVfO6n8OX38l<$$g^2^gi(-rjuBAzfaUL8KdkIuVG3=9`uQ;_0ZfW
zwlGG*q54D}<34c(`mS<VbLbPjpV1G#%fV>qIjFU-dnfdij>&#-&ks0z&V(fQ^1P9Q
zd7}??@MhZFT4Z8aQi}uzwGQ$oK?8ilBs78?)Y`}GuVIwe{(X!r=ch~C2_?8}u&}3L
zB>p{zE+NXk#vm5s%s2f?*2P%I0x?#gF2*|6F2+S1WxE*DcM>NuO1)eMk<HlQ=OT*!
z4rbijFyru$$es-Is)XO_BCBJ*(98wpkxZ$Jtd9AVmw<9UQ|cnCV?O1zpuCbPb&=IE
zpOQrOKBm+~R$;oxE@wJjWOYo&C`I;Jrqo6DD?K!eY#U>`$m$r2>}rUtD2+;y&Bc!4
z*e5>Q$xI-T&BpN*9g`yaPizrYAjL05_GW-Khn8~ei!8o`Aj**dL^ggb#Ishq`&j$I
z-3T{{Xnf0M7z>hT*<dSu35G^+<NU|ycm$qAU)&%t1s^9|3bUBpXB5R3pNOFm+!gbR
ztwy+;;U4laR+<)LJIN06;8R2K5eMV)wSHJfU*LFuVDz2O*`pyjKGh)y-#VrS-yw_#
z-wLCmslj(Qj!z$a>sT=OMi}{L-;HKh!J+yA(wg0LhV^ErV?nc1px*3sti9RI;wZz-
z?iNP>s@d^&)AVor?WU!}NgB*&var464g5sk!OvA&aFXwABRW0Dl#{cgFET=SZ5LCl
zz%%+Pe5HMfKeIynXpEZo&UVFG#4vh+_X%uD^^!z+^kw<-Sd5POdxuAC!1T*^pt!uy
zITVvbZ5$<8x1$$jORV#~elilfHQ)Ig==Nibn)B$}(!B4G;yA{r!babfZ(oFtSI1<E
z&UA#XVM=O{qnCD)UF?mFl@WF)-h_&+u>&kC%m%jx;OA02m05;K|6{H9`T4vXF&H&J
zor{ao2c(M1-tog>ZPb5{(N3T2qM<Nbn&2jLCH@N5pj+uh--Pq8pRptJem@3kc89#t
zMR;ogCK#k*RrXDD6Q|;`6%8ZNai2*dJmg-?D*TG*J5WB7OnI9z-97f0j+FMxIOM8=
z)2J}`KvYjoon$olK$H#!d)7lB?^)Ne(4KX#<Slf-95+p5R^l6zvr%2;T4_h0gA17k
zf^ZarWad>4$a2mFVI^av-$q{y!U%4Ln8+YicI7}ve!)V=f?fAI7?dCcatU-yD}lMT
z0a8%Dog0Ph+WKDUiZk%kEh*YF9T#t7)vIo`9ltQ!faZhym6&xpHi}ijee8R#V~vLR
zHNbP)(3t<lsO2B~(Gjm_4@=9rwHD{d7$b?8Jv=REA(YL}j8Su&U6C)bPZ^_2+h_O9
z#;<o}iXkrG9MUC8b*uZhe^0`W{imJjc6Gvp$F8y+J5>WIL&wfYNl>hd5W^ylmDF$D
zb0zM@nCwy*snuf-bqeh{N#OXKOjL{4gz!&rc*<to^ZnevgDpCC>;ZPRT?O_ikedE!
z-<ZhNH4*VFho<5Kge>IHhto2d1LG;u7YeZ*@MT-%RqjWL2tn4gQS-q&FuWafWC|wf
zsT)y&>G^Fw-8iY=?rC$yraSQJASW>ctBL%Q+G^dH)c7-~-tr%!qHdfM&xN}d?wOCr
ztViH(gnP~cEEgStLbcF~bIXec!rcb<$5Tl%g-7ppa-<$bdPbQ;G&)AK&Xcv+BKV=7
zwPHz_<()M@BFY$}3B<ZHCfK8qOC2Lc0p&$ykXHmmFMc;gu0_;M##%%JhsI<Zm~!lH
z{}csEQ-)}o_@ylD5gA?!ve3%dLQ3xVJehxmkr2#!C{5;H$0+~a0&wJe4m^?wABO&(
z7RF|7bL{ILz&zbYemN=OIiDD?$-IRK-j89Dfmx5FIe#Fyj?MfU>D&Rr;Y>)fK5KcJ
zV<%xVcar=O_hvDr<lgb4B=>YoaxXsP{)kBYh+3XJ*o|(+q!ovvzKM1_dOMMT4%SUR
z&^;Z2bZq8y!*k!(2&p0Gd>PBJ3$MqQk2y+eV4xg=e-O~2x!9A+Z)lpPuBxXq23Wy%
zpFt8k8vKbq_HV9Lbnnrebt!^mzHYE#(&=3PQ+kzK{6HAWp{_T4?|(|Ku3voDJFwfn
zMe)jV<L@totde_ZBA!a^>O0)vx?e2*<H^`K1$Xz`vaEl@T@Sak&a%;oG?7PHXRYuk
z>+E<=k}5)3XF8^=vk=DCnZhta4y?0T93QbxEsf}yZk@#oaPUifk1XF+QIxhF?G$e6
zfIWeM$~_ztwZiU;yU1^B>X`hBog>hfE@MjS47=Z*6F(QWX)Q(juTIwKFio4_9+HK-
zB4)tT3Qy0IvA4_`0Fi2gXBBRASOrfxJn2J>Zt)#8u$aknt(Q3#aW=wjE;3L|*-72~
zzF$kSi2ZPHR51dFK-0+een2E4kUJ?IQ=OE3;6fN?T6rl?_89Dtdx+B_-PiLud`Zk+
zQ;q$FOiFz$$^s6>N1Om-9{KFPq$rank27}Ta!!1@$T|csDt(WWdHxJ+fF+OIujr(a
zA;Kw0<~`iWqm8;f8Kcg=`y>87T^*whGs5eQ&?EKGclEZ*AZt1%clCLlK{-^Xyt9j)
z0Hux%`3<v7@jtP6(}WCmf7Gz(6Pc}WQwx`$$Q01Z<dNT*o5S%@3kWQrMGR8a1Qw7E
z2KGY;RHyc|(5h+>k#N${{5SH;3IKIOD`Yn|V5=_)qX`=sb2dT!p3PV(VWV=r^pvPr
z!5B4^y2>2KhU!)rY0zOiar5H==u^ICLUgC-&tgtjVCDyYA~cr%cuY(<*$90&gH&sE
z=h!kgM>95rFwFNI`S*zE$`~DnsJqB;rvoctEEgED)6Lk2rpF+)HVH=l3jAg7Ur<t=
zbqG$C*8!xD1$F@GN)H_j>P-iOdJBPEZ#t&e8;T;Ca4nZj8dl7N8yF)SEMUUj43dfu
zn9u<vCUgLa2^~OULI;qT&;cYS=wQGE9SoQd0+n9T@}9&5ltx4!`6fjk$gWE_q9xy^
z$U7nGdKs}6zWKje+85ViGwCw)M|C;zDL4exf(!TSigV%*{t8t|?oKK42AxDa)_#M|
z7LI{*l)B$Q$K*7Mu--)+RTNI$pwmDeb%RbbJn9CW9dHL%oMc$B_8W96$)j%2sfWj3
z0YN>}4LW-{BV^X98+1Y#-=L#o!3{dXI~fIbcKeO38d21B#}y{%h<Y$KjIe<*5kKJq
zEZ8COx{{dnPo&!lH;Icy7q<xPxD76DDTha0+)@j7P^w0Ff{R<`Z~~O?;Nlh?3`$8C
zx3n=ewN!O+i;nTdEjPnfy@W|g7s-oTHeeo2fh6R#+JFyZhp_h5hO0R^&19(6h7iW9
z4HXT)`dlNk&!{=_Kd$%}p1MU&T1iw~$uH5>i@H0Yu*?y8kjMAFvBiqssbcLQ<G;Cu
zIrBo0(@~*B)lf$qc!dz_*BU1MFDpOAPxA$7EA`v%+r{hGMZ9}4dp3dJlHObYMuqz@
zrhs&;+d?eoT!~XmI@sfSqtJd5r<iomdoD&+v-ir(h&YR5CC#~heHZ(;EoKOlAA*gq
z=ns)NIx5z`)yaFMR*1*6P#em!ZR(yCMwKAXqqTzYX(ps@R~`k~AKi5bl-;(s_34P%
z#I!Ub*)S+yT1Pr2t)rsrU{_>7-)tD<#P53s_Mvni6aQ^4X7b?1hkUKdIZ@F9H+{(0
zs(?qp!k`cNTAR;82=d@VzVR{eG?3>kCq8@{f{=SjfpsvZ`$UaqT~@+F)@85MsED8H
zR}yt{Js(ZjU%O#Ue#lqO5@s>wB%<V5LLF0fXb59FRAJP9)GT3Vj_+W?_%q`=7JO#B
z8xxX{s}KGvjF_uF_^V^#5B_>1x0>Qqj)qJ!d}iF9aB(DrwSVx}8FG45oXh0I9{S*~
zR5W)oI11o~{ZhQ{tE1vQ#;Buz{`@TWVho6N?5$JGn4O(Om~&SY)`FLZD*HhTk2u|<
zXN9qG6P$kTrzeHMA%j!;+an>udgvkV!$5<j`B5#VLQuyWhC5bI4+b^dC2=!h^%#tf
z{Me}ch_rP!3fTxxMt>*UYKG{w!ZYsl6gM892Xu-rds889Rd7q$I~<-y@{sI(jJ&s!
zN6B8sRCrkSs>sc<*9dp}$OaxIdwaO#y6ov#yX-l2zLZWx@s#Z8n3BB^#<Hg{UG_3K
zzOjf;$)1h{vX{ezy6h=TmpvW(3)wrKqtRtg$J%8N`{akCmNIbQ8x`YNuM7hJ$+ORP
z;*&6pX(Z29$Ne7m$b62LYCZi3BU8@Yhd|yo7s8k?3e)*=DMzS}4RuT(8w%?y$XN@r
z1KDz{w~<kSkx5BUvyaRuod#1GefY038Ui_^A&fJsFg>G>|3yZ1OwXuy$A3(*odb|H
zxnYzczniUN(mEh(upZf#9<l<P*dxa?ik$k;U_A3R$4lKrU=r$JU=oHvHVJi1GYMsm
zcXP}%i>Y#~W77Pk9CrXI=gFWffdWG%_>I#cYb7Xw4hAI%fm{L|(@G$U8fd@__MwkO
z#Qt?1Z6h3UOe|HbzYP;C{YN|EG(78PV}b?BFmWL~gWrpY^~+%BnrXET?2yA#M06~E
z7UB6|KO@>{a*8+(&j&+|=#@vNi1%=D$p<|U+v<l>#2!2!T#g-ZeXtkUJnajFJqJIu
zX?Pd5NEX(A;cJoOr6FDMqbrDJSIkR=(WYLKfb6o;<*JL0Nej<w!_-bAM?=bJmz(Z=
zmV~|VS<LCJVU*|#U%1{aCt_NN!_oxm3t#4XdohmGvC|%RoHQtAg;8#1-|sk6z|GAZ
zmf8U@{EGOMm>{d#6Gc7-TFd_pwGTJVro|`cV)akH7@a=;TI_>{`)<>5(%q{u_3$Sa
z{pw?#QdggaEh8K)NpSv(Sbp~UGs7TG^QCT0#_+M?)ICX|hvGC}+Wn^_h33<IY57RF
z$CrK$KvjtRRWUpDp677<i9wlxH)CmOD_}h;kotzh4l{a-w9^*ivQs@gk@iKTl?;;k
znor;qP>xBatelN6$umguFDVJEWsv&s{Lf=)slyTHYzB$T5<K}IN#Mmu=-4DMagd4W
zOj)RTdQym07D|Cse7{iR9~I&PCY4Ot9@{VdU@8<<5#{C*q;UgN5Hs?xL}YW5K)J~c
zFEMosU3VLkdjNL16Qr)wu|RWl07-KsgHm%SkeC$czQvqQNOS05pgBSyYYrXLHHYv@
zF_~j>+$1l%+`jJfm}u59_d;CK)|>>&g3+{yt#LqtG$YUfq#1z@AZgSNAn~OGNHYRD
z7${F23|J5XnFTr)VgZJ^i_o%{axsYOyHc~f0_drgj9G+bIP$7F9aAGwUkM(Gvqk1T
z58=ewGW>jxr>l*-6t2Y$N*nQzCweLl8of)NAB@Q7gH6%5!t|*wxy%%=;*nHCFE_>O
z<N?*qxJCH`JTk5|Yg0tZYdG9SaZQE8BM+$F|2;(%{lPCTgQJ){crkl#ig*-{3^93M
zig<!Nc(EPYyd>)SFDAusw+ngj;spoyQ>E~Wv*EDF^8?CO3f>ep^V&CQRiox?ET?Z6
zh4*h{S5{z=TzlE|O(*q|5n-&b%JLTsb;2=I$fiO!bR^Dj6&#D70}!lWdDJM#ddU!D
z@f38A83hyI*fu;>6m-SW;I0Sxo3sl)jv{BBo&nc8<41-ZM-X*$CXq+>yzC$DD(HsO
zfd0K%CeaPaSPwt`D)C^Tex56?!Ba3H>I}g|M>fAL#asEMQIXg7u)oaNTL$>(J1pI$
zV>?vCPsr|TW{EHlOW?fX+7YJcR)&1uNcmWTjG7POr?B}6KlH&e^f?!~;&nWS4~uul
zzWS!UxME;r&&<bGpeu)49@O#v0U>;zgOSQQd_)g<HLZ@x8IE}8Z}EB`C`NU4m!(I=
z>l}*IZ^4dewtIbL7@V}&?B)J4Gz{ii@pOC6?~pz%c<!z!O&nO~yoiYpB!TE0FALk|
zTA7GcW%0B;`%TKbhWWcd=z`mi7{yeFD4tFezli1uFl9TQg0-fRFP`+7^9SDG=5H{D
zw%r%JAF+tdwUq3K5l6DSkvzn1>r&*Xg<p9I<ft3RLcA&-m}kF_9O;<P)&8KYXUY_!
z9M(ndJJzxG{Zkh*WergdNt4^)6-L@vZG*pp>8K}A+u(JqegD*LObNyWTmD{WjB>8F
z!N0*6b+&5DpN{$ar*Ps0YP6@8Iyg1RrPE|OC{;6^ChGvwX|fI=ohDNt<taGKse|pO
z$)s*5cpRrC$f_);$5Gt;s+E3~&Xp$M<rm{~&SO!fU81r|+o;~UMg1yG2()oorPrZK
ztH_5}-bhr`c^nJr<>G_$?9Wl9IwtcFr;Ton2v$7aiI<{Dw!+=FD8-ua|7iQ~@T!XK
ze;nWYoRhQn$xaR@J(R$qcL)k9U<pOBArS>4L5&p!)PO{=fI$%zEI}-&SBdrNy<UmE
zYwY!ERP2S=<%$~1RY9+QUu*W7IcrY%{GRteKc44=y<U6G%$hZ8*3>-%JcR{i)lb{C
z7vcsnq@pa@?|vL&$x)L%PFvhBD9geQ{u#$c=L(Q|O$Q$wA3`&%fbZq-WChdC?COuo
z!VZ2G$GuccLaI$jbsC+7>%{3RidGV$XKpY9($(D`YKdmi)Y|Mc@Jnz=&$46%YP814
z8m2Y%4|21xeSg9v-skx?<Gzt-p1%j?C1mJ*U!naB^iO@i@d0OpT!l7ViDeA;Yvz=O
zTh8)R`DnxK#uzyUZMYH(4L3Oj#oJG?_CBD@{}IJ2G37%-6CcQ|SUx86*j<^p1dWMz
z0?EWXfn?$uv`k!r8558GZ&k$EvInIdbuGe)yaM}+xSMb~TL*toIT1p-vm*HH=lkid
zGw2F6rS&tvgaJ8&uF7|IZf_0?Kjc0EpO(`AYS2o>{W-r>+^bMx>VC-B2JC%MT&Pz$
z9dC!7{GC*CC0HY;J0u6y$A3VZRKGRm3|f?v-13U!{LGA0@S~c_lC7Bg))<+!{-Q);
z;Zg-&Mova^7Jl$Vr%p!h#U}39<M>nXu8Xf^(8>+Z!CtdH@aHQ0Mzy)I3qJ9kPw~Su
z0;n&fcE#6G^o7)@Ki$}f?_6gdexsgqW1rxZkBaxfiszPRa-A>m8?}al)q^{72L43P
z#h=&l8{QQipCdnTog45QevljM_o3^Yir?^8-PqQTaHh@2c)r!mZF(_m+xJn5=|DM*
zJ1KC6_jJAYpqb_`u<vmoPMvw;Ib6NQtV%U6mnGl8h69aB)ksXMCbxBSn9d}X&Q-Xt
z{uBHtoiC71+aPQxrF0g(=s3?Xt4^l|MW8X6j>L32v9ob3`m6X+KKB`%aMt37e1=;k
zBF6_%|04YP0Keh?a4{D5osaRuGrIB)dO=Nj5$8AjAdVZoY>V$~$Bzgq-+G7^S&Bcg
z^YP~m{6?JR#&&6UolEc=afusSh;!E8CcMs#y^6DqOK?^(Jy+q1?)CVA$B8V5@y6zS
zfi5n7BR06P_kZ!7Lw@z?Ib6Ajo&1gO{0F}g>s{-4&2KoY4A%n@E}kLVY3K|`mf=tA
z9Q>iPN>3S#qt71j)h^IeD&5#9JdYfO^`8ni_RUMab88py^tE~ZAN+{l{S>m*+>4Ie
zy@<chc}Sxe$4WffC*cg~n+S<HSR!nC&{u>LSphvn2lq}m$KhAs1^S$e<;0utQ-plu
zM6Li&v>AWeiTMvOe+I@!ATkkrU_}=sc0PXfc}Q6jkZ<XIIQs2u{E5AcKZ*N&=gBrV
zdL#1r34TuwLWO8Tzy4MH@WP24hp3|s_(N$t86d(fcs0@q6yd0wn4&$98OqR;Gx7d1
zFL2^M-h*%=Jzqxnk@%y+mjQAjGcfLm%%(qe^k)(N#FpZZzTU-&U5kMTz5Dpzh@vtd
z?qcoN38zOL41xaLiJv=b9sCpZyg!;8r(Rt%{L@GKbyc0ZHax2yK=L2IInF{3Mr%JG
z?cXC=vDL;temzL0vM@S{;cr=C)om~L?P~|7+g{>WS<#75eWcr7rehQ+vGBGRyo^sl
z^Wl68VfVqU=a_q~#B=FFx2u|atplOwURSW()+Dh7^4zP1@!YG%Xtb#pZZ6;m<s`Ah
z<lHNQMP`=<PNdIN4^vJqZIRI12jBQ39H)JEo11^<P&5tVEwBN^85#F90*~y4vU_JS
zCInS&eq>tMrJF^LWC`H(Ir#GuezT4M@)03l;7>2?c%5}95L%y%4P26Ny5l#iS-F>Y
zA%3`enR_;dkj?XpDLv;wymV*9KMkBJ{MvdXTd-DnH^1x;hPIxS!Gl<<l$ctpT!*zv
z397ZqC$Uy3LA_Qv>Eo#L4#)a6#o9L+l(gH}_%{=Y<e$-)#dzk&i9~J;#m<4DH|NS>
zsp4%XU|oAbn1=@l8<|tQ=J*Uo9jPm)m*y|d!g9yvlsY9jCqe}rng)_r&hA-U0PGCL
zs42Me#L|*y7G*H%NL^X%ImH!VY+^>Ti7V%omb?x|jcG=e%FWD3qqi%UPzTdVyb2|K
zz&Lf|+QuZ3)lkq^j8Oz_V+;JHZ`s)R!*TM4`WHFt3pnIsa87jeWc>LTel=_1MIOh)
zA4K4Cj_6x6B2IE9h*cnNI}B%Y;8znv$7u^5`pyP%Gv1t38*xSwu@%ISIaoi&ujXSA
ztMKpy5h+|1SN(k0O&W*JhdXP(6@jxHznTXk-f|4FTe@Id@`I6{{)s89-!N-AWUZMM
z$?>}1icJE<F&j&R4}yImbC6a_HhR4r|9phIh*6|~4Z~pl4y<b#q~2l8F#vxDc!dOy
zjpR6fG6!uYqolu@ha!32bAMp8oI<(}NAe5*`(D(kBO)i-&1=V-W+LLzwD;^gI7OL=
z?;?G@sfZ|5fV00RxaEa!f~^V!-t6NPz5zbm(&Wsja{D`l-%=Fx?x)B=$4lcpy>_B<
zqdnER*XcraE}VDkzmY6GV+Pqf2#4u45rLWG!X-Fxxs?cg{##*pq}>6e=1~a09r34&
zKs*-7_wE2uM?^uix3>XA8xhw;lHNlgQpF%HiwyB5Vc1ng#QBk)!CUx>`{9?uQahLw
zjr*t)c^DN+kjJlupU1I3lR{n{=~nm-h-M<zN6MVSYDC&WR1t1B7>0b-;~1ZsQsi?k
z&I@!(DW6>m>72kOdJfMA#H}zmIdnihtmkQ%l4YgR{BqN;hZ2%kaA%!%Zs6RDUrk%Y
z-|a7KI^ege^k0wU1$zUW%;2e1&YL0w{Xx*11{LRJ;3UNy%ACg#Clut*LtZpUJ|2oH
z2}o<T%sD3nL+u^T;B0_KdlF>rd2^tZ4jl3cY04|;!sc{O(n`Yd$Y!cR)Vvi*C8vP+
zH^)h-&lo=@xg0Y+7B+h)|DUi7i5>KsOM?q#fQ?~f6~T09;zy2*{8i06k>P%qVOiiU
zkqJ)VzK_kq%&IEKrpO+_cnBjwbqM(NNLhm6A>g*d_-ZjGFd9&>Ya(uL>W#4Y?pE!{
zGbp-_Q}ODzh%(t05_Wr}#3PGpCju7bEk<#rd%4aod&CO8Y8)6^2cl-F+o!M+L^Hjq
z&gq3L`DB%Qa|-0q$vTz!w^Imh{^>LbUAo6GJM}22bXA?GCJxjIkLpAt2rA7AstYY3
zxD*}l1ggZu`g^2rSc!Y9VhpGf-@_48f5;r}Xo320M+@Z29efORKh054lS66v`S3{^
zr2fi`nQs4}4(iz~axtUEE%#&Sr%DjPt1%zA7!ub($eRB}DwN?hg%Udfxu={r!@|LU
z*{N}&1A_v@(u+amW!obq{t}qK1zr@P<^Sjyl<|Bj=MB^)?TVHpmd2l%_#nCFNg%i`
z4iijIhDrRanuX^YF`<24%)ziqm479cA!}NqJE<~jB0`s08xh)NIe8$o%R2ArFvg=H
zgQ;{9<l<7sk$Ng*rs*T&x+*C;a$VjZuR=XU-5u={uY$K~1);rFI$wLM!d;+(Mvyi4
zL@PWWI&CB3vFL#KRC002OrT17RxVC?-a3#qFGTw&D{CS`TUjdzV`Uv6Lb1JK#Ga<M
z@EOED8?je|&>}U`Gds}8_*rP)_rV{U$gY_VFZzEYoJg-4l+|GTQ6VpO|1Zxtbq@ie
zKj=_PF-nqz6WJHNhUj$sIrg($s;=(;k#HjAmFRm?A0s*$e`w+a4Js^%Ttze&?nFVq
zt6|Q-MZiYkPj~z%m2k9F-o|G870Sb%mA5ibE9*69M1ySz_XWRI-tEk2%E!^AHrR~$
zHdSP;s3A4WxX7G7qR6U1m?CQg5f+)Bg!}CGR%mD{foq~eRS%+-LSGvl6i^SMk~yf0
zMm>pudJ-C>%0@j3pL!G$R6PryT8VKSUa^`UMh7LKdKislIDJ9=4Yo{eOdSZcF{+2r
zOwYQ9(ME*sVL1IjuoLoE!p<L)Ik^t@ei0(B1Xs-^ut*g#1>q|@er9fJVT{+aK<)K@
z74hl>mBO1S?#AdaRYzKh&~>B(gi(09zgD=n9uif9thtgUY6PJrTJUyQ5|%_3s3kgu
zIjPKyL^mVu7K*zunvSnP{cBfohaH&I0HmYppXxq*z!A{YV9ko?Fx6AAK<%_7Xq=V=
zx%Rgp^(rKS*up}rrxaP&L*B{Qn9;Qb>YQ1i?mjw^#qid#<@lp&=*6fyG*uXVOCwKH
zZ5nf0#K~>tr2dVZxwFnhZBjx0>v~W5uG35s{^gD<Yyr_m#4|3nr_t}0V0LCH>g8@O
zPJ+Zk*Rl9BpOD$PZh6zYVFqr9P^=f67dU;+z^nZd>LWq@mKv9u{S(CjeI%&C9t7ee
zLBAU+n+9okS2NBH{O;)1+|H4!8aU3yp)o4fyBMAn#yU{NszF*=GO=oqBM4)Cuyd^C
z=<EK>Fy>WB)`Yhv<~r4bpou<ig*OP}nMNXLJo60RIPZlSr-ogPXB__+bY)&)m}UWL
z`nf}$U@a=(h3|*VR}y+aBI%Drg55p{L8|>^Ku~t~<=laOz<0au4`La9HRt-6EIK>l
zJcnP+#Dp6?yb)!BU(N1#bJPnFXAOQezj^;Zh_0=7MV)W)t9d^=%*+R(&T9Nr)c?2G
z%3GVL?}Bg8RI$%qgXQWa=mX3SytU}2rGAB?YVpPD*Z~+!fv7#i%khpp2%C36%$yU?
zi5~)@6~ye)oJ9TdsI!G5B%7N(Ad&2`IpX}t7<B_@5A5S_N#L9qfvH2)iqkJ+(><df
z6X%d1FK1o`dmC8y<!+f8o2S->a;vd9&nb*#>=rO$PC@ZiF-Dt{^i07ejFA`8GX)wW
z12Z!Pe`iL@i=HXam}XR|v@#<ZeK=DP|Edq3e}i6z;v%1`qt1uSLjAd!C&UK_ORlm(
zH8Jz|k8x;-;8YVcB~Ysbd1A(&`!MGGE(`TQd6{`)ywoe}jYbOTf=KuY5WSd#1g2B!
zgN8b6DqxTTn;Qi*NO7rc<mZ6%e&(df4z-Q^!y~dlb6UMq7`+Hh8xkioal90$W>B!8
zQQj{o^EME{IXOA%_F!ilrpxI&2f97DQWJEITpbhY8oBwLKJAy#_e!o{jK+)RUP%d>
zYve3YTqD<nB=j|MtvYSGSF%GBbd6kkdnls1Ms6J^N@EDMQbv1fBxpV{zlJ%<Y|Ne-
z3*<dD5{sNiZjt_}YvgX?IH+@MQj?%bO@byh3*^)!mPsv4vI0f*IVY()L8$b>4EQz)
z2LFk44W5QukRS@TUvN_vSbJ405gZ4fAvtS@#}h$K7C5s3-*z7$KpI=mJPRGZ@L$i$
zb)kVbz*D1Lf`htlDI8Qo5LF(k8bwrd8hfZl5XM8bfG{4a9fbB!`*MtAQQAWt&6xC1
z63cj~dCUnrH6BW0#zRREv!0j+Czp`=J>wEy;HWH@AVK32BxqcM1f@&JxqJsMp$h35
zmk=<A<r4ZbNcL@9f(9*@Fqk>1g*Gn10y8eb35LM5N;pIkA*i&16JS~rRHoGiE0Q2M
z`vomoVC@+&twk^x$yuAnrX|6di`cX@NbVwITHdY@tR8AXGL_0bHG?qjsSSj2PtG4q
zkbA0RLb<1%IcL&6?Z=qqo+N18lLZR*REH$Aduq~YlY45_1i7aUCX{=s<wPy_Bthda
zj%H5FJy{?-42fkNhH_8yIS!gbH||M-CN&8f_hf;bn#3}xA%6Vp`t9j4Cw&I${XF!i
zhT&lj5jei0>+yIfTMgn<5F0LxIj`YY^LKQv{+~S{Cwdxsy*E+Mw+H&d<>==|sIwcb
z#2+=BJpjGi2z9ceUGKptg9g1Hp*tO+zEN~3{wSyx^B@uOM$rhwQ_yLEoXD=|@^*b@
z872a;wXfzaV*A&h=oS7Gy}Q}e!<&SujL4TbZ7KR4{?L+M%`Mojci*v5=a(`}82m5h
zMn4BpcpQ3j+d%Zb4};9(nQ*XA=IXgjB+%j8l{$T3>-`?`UP#J#HU~=uz43GyQBUR|
zx%4qeZV3J~;a78094XL8SNPth6M?OSrz0CAO0*0KsjU4)edWjzw;>;&1Ec!^YJQ?v
z{{Kceku`fEwOjASIon?$wL6j8|C4}<BUo0x4T@63q0>F&c^LGZ+j?>64}Vi#+`m@y
zc&R<ArquE;3Ext?Q}Z9pKG2k!1=5t7Vl8G?HJkaL=n%zffr|Aij2_a=I*MZbE}9CS
z-yC%YFgO(8F1P38C)Q?xXLduK4Aw)@vzT={h5tF)Jvb4=77g|#kcKa9;5?i;G3wyu
zm~~i=S;i<0NoYC731DB&?TpS0W3BWXz^XxN3~0qCI1NeN!JITGQb~P?;P-b*Y6HT*
z*(s?f`o)~T7`*{TgA62syR*O*3z7-{C)~(##HC>Yps1Y{P02pN0)W>s7)5Y^U4mB-
zT!XL$XT{&T1i@Ydv%o#D3VFK-PMn91O(Z`<=yr~B4Y13;EeXyApTt&-OLX%OK#UqB
z-?rk)F6F@=2)&I%pG@HTF6Dj-!RPR3MR8t~3|BNA70FtDMFp_px-Jv(A58g%<@g2<
zznVSacjzJ7wvs)^6dK<jc%ko<w-tpEJ&h3Vtmp0zSDtI$@bX@O<!t7+sD}=)+`PW<
zP8u8mu*Z*HceO^X!7_jo%W&;t-Wag<Ee>NpmRNuG5_z{>gsr>`9zv|gxdZbKhfCUx
z!D#@4fjOml6A^rW1}R??k9T*^e+x2MU_GWARQd-qt4e>aTcW@P4AQu5;)!lJaCRb7
zHp62c{JbA}%sa_r-UO;VH7=Bvnpbz$lh3g({u2-G#zK~UtLpAI@oqsbx)m1qGx`Nb
z9)mNtI3C5h%_|E&$ADLY^XKOzf;rh>B$6Ba2xo3_cDMtQQ}E%V1m|7dCph<*3`Uhn
zefM}C4hhkW3Jkw{#A_(^&aSRg#*)zhwdNa$d(UwZ8{8Nq{C$RFOS9mdKQc%4kRvxP
zj5y`(<E54czrb30H3;@>h4&V3YhFX=i<13{K}xpAm%gi#m0*odR)RWNGz7Z@*ynIR
zb~kkGUWf0x(6g)E4b$A~o{Bn;;#Yej=9r&yV$NAiIMIE<w*tS~Pa<e^D^cL}M`6aJ
zPo7hI80vZCCs=P;(<`A#gp*sZV_nX>xH~rNm7!;!6D<yo192PkOo8mRpGH!_W$0L2
z;8<+sd<}zc4UPfl%tK>?gLxQqOHlQ&8!_mXpz2}&zRc#-J?v=@V?zTAKn=mn8L`rU
z2HjsUNHqgsIQZ5e6+I2U@n3NGKX6P9Gt=x+?PrnVU<2|c!Mp}95o|!dBv?B;n(%8O
zfCg!(HuL>h&)|Qkg@1CK)K>>s;D0Yb>Wi`fj$e<D^u2$Fil!P-`z1Cf1h34;c{z;s
zB{Uw*SC_y^a7r|m@aU$+R5>nE(^nl;fiPDcX?98y_dSKTe3f#<WVHa%f5#Hxd}v~v
zOwq#;slAgYM4Z>=!cKmQMBUy+^CQm0T-eArpt?SbMYl#&kXmeoaH6*(A8+GVyU2GV
z-KN48i(qYglf~_cPSXK+Q06xdeXGl0i`3DoJqeNGcF!=<<<Y2HR<&1HeJ(^}<Iehl
zZ0<Q|p1L@-dm+0c55nXZh?%>@67jwu8bQ!#awaBb=5k<~AED9Yt1zZh8KaV*`L5G*
zq864JO)g{34~diKyEL{5m>EqrF(d8E(0gd^VC)vcc)qKZF&YNw`L3WU%pZxP=esmU
zhH2)zdNU&xlAiC<m}U%T)tHe?D4g#~T#PDk6vJfZnD@fp!uxP+TPrIP4dCd-Xf^Sx
zo$k4j>8D}-stbD4)UB=^7I(YejLtN5sB42b9Kv3JyY8#sUx`9|Q@=kQ-I3_<JAG#+
zezjAmZ+<Ry<C~}(e+~Y8ir>+5(aMrnDX-!g+Akwi!jEBcn|kI)U*dL2z3VwGm<~R=
z2@MprW!spQtoPVG-QM|=up4aRhhb%z2=I6>l2lFEvX4TL+P7m5a>tFCe30j~Bd%ko
zyIu2l1#vxdknWD%*BzWc4RLj0uvW%(6DL6a;Mm>Wk}<T&EHxN$)u1``e!(EP3e?e;
zLCQ<;>R&7+73|Tcx&{9IMKR|^A^On`Zg=ldtXMQru+!Y3YIUd;gkG`O%-kfLS+TG{
zy<%a3ykeoGc!9G*<$d%isxgo3c>#)HGX6vl#2-3_Zs8g<1;73)97ZfWH;Zs0L;i?6
z(N#?mXA^!4$I|=DBC4(~><wb=lPFF67S_6MZsjMT&Ig@A1v&Qu>^Q-1;b7Oh9^Lkq
z;n<$EiyL@LFGp1#f!PGy_u@T(MZ-!EcvI<JI|o}9i0F$eJ}&{$1VSBbb~T(@D-m?C
z*~K6_K<I<bPU3XQru9et64M{`TNv+4)EIeMy)SVw#}^QGe8Q(bmc-<~#Nb)vW(@~`
z_i+~XbITLAL3Rz21un{`rrf(B5_QreRnGIhM?lnpP$Tp^L43!t)PYrjkIao3a9<6+
z0M7q1=LCSGpAGW8w*WSCTpoS5*ro~kUeT%K2@?8Fu}Ty4ePW{~=)1&LCJN8PsiV#)
z==XDXfI0@P-=|^0k~Nx-6D4To4lI!84kRY$4!rLnbtTfF%zB@KsMEx85T}U={}vSY
zK$d{Kq!DWrgVd-Su_S23vOpF~Vp1$8_yeMh=eVidRADTFNZFu&7evz_O}H7+_U7QK
zMg77pRR_mO(1>P%ESkhJqIroZ+_hHG3os66Cstl5-c*55#?Ti;qkgjoh!#y$f@s&o
zu^>`Aa|E+MRB2*=5cQfk8~JW#!ha0;eV4Ol<#!8%mW4>r<ktc@zY@#j7rn8CkmL`J
z8g{Ho!r%E(w-e}i>%rQlg<b=~8O?b^H^Ql8B6tgGEBY)nXX<#Wvb_Zy5>#rW%2KD}
zpvuyu392k@OsL9|8Y3#pB#zy(N(mZOSRkuHVwNiIhK#d0YU)`k!7qX&*`WU-3Q2?H
z){Ide&%v!ilAw{y0$DPN3CV(2AlQi<^9(K66FUMwh3=O#XFtvP9yldPx>x0X6?0nU
zo(&?F;7i1CBQw)#x6;hj&`dVyzXi=`kaTD?b3X^Cw$gYK2^!5<AZtcqLNka9()|SK
z9_Q$38c0cZE2PT?{ZAmB2C3^{q<e#dTh2s+Mmh^*=_Dql^Z$uPx%~66Dv+I&tcqi2
z*D^H7Rj_9?$O-QsAexD|$nEX@Isj%*M2(w_@7@>gXBTWU*t5tx6)!6ByyCyPiTFso
zr~|QhPQv@<9dvQ%#h-pf@(>VHI5~t>do<T<kJuRYXg>I^jqx5$??R-~PLciPm&6Z2
zDydzO%FOOw;uZKVJg@jZH|?#t+;!?f3><)Ko0psb_smJs5MbecZb@(-+GY)s9BL-u
zTj<^b)l5L}D`Y-^BS6P4j3D+dHqkIhRx~4U`zMbCXAOg-Oxl6E9=WqH<nCGIPGUND
z*Fo-P$UP$udzn_=9d(Z6$f&X|JRlsC;gSA%&!AY^z`Sss+uL7>OkONfUO2}s@_InV
zj@`fkqA&#_JvQ84?carjT9{oG12#`N-l4~1cR5%V&c|lz7tk|p1VLAESM=S41_T6p
zrm*Hqi(Th44o#M`aDh8K_!rKOmSD}~yhQLTrfV#aCU#EA0@cLMS4Y{L^J!w|WK8VH
z;PYu>XDzZSL7Lck3dN~0Q=HpSoE9i1cD#9LKiVm;3*7FBmoT6D7iWm-S3_x0{4`=1
z=Q<7eKJ&WGIM3jVu#)UU8J=Adf9?~!ACCxX%M<S){E7VjUJ75{EuQ!kD&8I8yAP}w
z4BfZW^DpJe%P=``%9mkWQ;GN2A;BHM8W<xBTT&1$_BRNS)|i*9j0_AeeiR3<FemxM
zC95KZiLMyINpLNlWbH3|1SjP(D|L#O6h}*(_=P}Idq9-mh9$QmvbUHc367<^l_uM>
zurp3dCck*h<~yUdOL71<5`Dm7N#m#YED7$xwmFH>7ZrX3cCJfs%=>Dy6SjR`jif%~
zD5y)fbX+nq09lb3WhEIy`rk7nRjZ|Y6(@c}V2x4wXH+MWDe(Qod{kr3I5?5q8FE_K
zUS+{0*q0_TBc}w%+#AZ7yag%!BE_7LOzaFXB}QT<CLsAgq?mh`#!2)lsC(&@;y8)i
zh-ZizuYy=D^gOK8YlYg{@l0YAlDblRqNcH$5>pYwpszxEq2AWgsijGZX(z_0kyv_A
zo{F&w0d<V^cs4OM%NVbP2^`F!`yq70w(?}X2Mc5@9b&;vSo@HeSrCz+S`cxP526`)
zlEYJ<r=j~;{}b#6ml%Ef?ZkVdUbI1+hCU;L5<JiTI?UVOV9pIWZdvjt*u4dQoJgJp
zPcN}0`z3>oXbL2@VpDD+c}f-|8lXa|eT{pC4Ul&QLbVb>4ahohcYvS<WID8xuELA9
z+~W9Okf9F5lKlq8AHs7pJx@<~N1!m;>3Ke;FIQt;>jsvd`V40bb%*%NvOsl~PM7KL
zdro=+6^>g_{1_%Q-sW&r?UtWhlD9DnJ8OB&&%Z7k96|RJmAnu5a}H0Yzr4Pp_(&ws
zeM_iGnpj%CtTb=Hdl^jeO^OucC$hlCyJI;{{?0&qad2{g%O^)tPRUnDXfC5P3|_vX
zOUWhRe2p;`>Ds)KYk|%9Pnb9r{_=I@#S0+NkrKP2Pu|FE?Da@)NktZT#qE8N$J-F)
z1v2>6VU$-%?AkC&3)4|bFpTm(M0vXmz9EeA9*Nx$MrmO>N(qKhK7}Zs<=|8|m){ab
z`5I%?)m#4eo+{%Sqb|sD9i;@rC|4lLr&+&>wW+9NF|bD%BSTw$X;H~sU=PT0xVWff
zHn4v&ro_3ZsAMXz8yQn&xTdJ23fNT=TU}H{2Gk4-U4CabWjGFJ!7>~PW(+6BtQo`k
z8HQ6RBe<(bS?F-as5x5xU`i#VF=_#pYYUZNCZV0P6GC6)F1W(6oEI9VFF7faR1Km8
zRfFgxufpwt)0kJasQdK^mcj8!EZFYu5^RL$lc4c@5)3^bl2rdx8-C0X${E(>@N0;>
zVH>VNngTLy_!Z1axi)RM1eM6a1h}qinYAxP>Y*n`+u7StRP>>oUx;l}w=xISJ=zBE
z1eG5|ojwyoVW=f+2;8J<i6w~E0q4t~yaC6cFe`Or8}e`(XFXzdCc;T4-ERKo3fGyy
z9OPRXmbt0I*=PZqh+~;MFgUivb<ScAGSG(QZej2|I)oCep_RUZV<I+49l{IIA(Wh|
zL+ECM)FHeK9YTu}9m2%3=nzT}9YV-}f8HjD&`Ls*Jam)FN)~bo-qw8JcU9Y&HAq#)
zY-iRWY0qquUc<o|#BM<EOsKB|NnrO$(w~TqagV)2wGTu<)#5pR@b{>*55uZ7Ada^h
znn+KAY-i&Jg6om5Y7q0=yT>m(9Nh#w&pWZyI}gt-cvjP&7fnXvLxjH9AvHOi{-l$4
zj}!6hlXoSSIsJ4IbJ9e%o+y==o+!02o+#BA^};YwiofAM|5;eT_0z(f)9@R)D)3%}
zI;tRJ!+CCww-H1=h??zKuUUl5Hxq#~@8f46^KBsJKb?rro&$%oH!^>F!dr@&f=WD(
zJ|vNdPsNKm5OuqjsTHq>IWekLqp!e99Ibd+AXdKoS^<*gX$1^UV=~nGI!8eEI{GSa
zl3xw=S|D9e;9rBqqOX~id?8q?eIKhzTN$Jl9AKfp7!tn6AeqwWD?M5YqJK&gO_07}
z6>GxTC)9+WKuz7wp~xB3{1qD!6v3$c>QI|h;{c8cCPBqr7$nWpK6ZZ~bSFV@?uqp1
zdZBtsA}=S;qkDx~h`@b99@T;lB5;q8N1q5(;#M89`a=3Npq>c*NkEztqih3IdtZa)
zD7g{*f~L-Da8Y@ZN>G9*$t0De#89FEm8it1WRp~~64WKEF)}Ap!WO7YSc6oQqJ;Nn
zF|87|Kvlw2n6sIcO28E6bQxY3rZU|YQj<2_4iMUOEBDQqZatoj>9&B-8Jo}X_LCX2
zKx8Z+)72o^fLXlNpvtXYygilUR7M^y-YP4<ROUfjxdj?4e@H}Oto%_1X_R3Ua}|SR
zpwh~tx#&(KqYdY~e*8z6Yvq3U*z~hpWpwp;t~tXCjjn|V{XNRN936E}jPd;}qzR2r
zIq<OuhqXdE@H4!g%7JUpa^M<dUmbprQpLd;R3@z|XFCLHxRfhrYJW(l-BcA3x~%I#
z=(29cvvyN$cs6D29FQsNjhvum#1^QHSc6$c{4z&C{S_2I=%y^t6yO$SwcOOV4CcuK
ze3!v&H}y7rbS0#3Xktw?f*?&OH?@sJS#HXk9u^20h;dV;3{r>0xG4#SZb~_m3g)FP
z*2bAgP&*TeX=fra<4h!|>zu}{a<D*M4jRlVhp{ZCRSp(toXH`~%H<HY4Er#soRQ^B
z+DOORz)}Zh46GW@+Q6FdYz(XogwEK}9B*GLU)>H`pmru2RCC^F2mNXAFdDR+$vloT
z+nJmv^Pp|f0*wxCXIAoD#&2BAAW0zo2K5tCQ(<;%bw2?FnOz~Zj%`HfR`F#Kg)z4`
zgj~klB*^AQtzx_2rPfj1x@Up<);$YEYpGm~22~v(2S(q{eadlmYAAo;7rRQ^mY}w6
ziD}!Gn6YgMY7@{HebaADzyh^xYcR{UQ-_3gSlOm7R|_=dnr2q2*`{2}Wq8ZBor8pJ
zSAx*avkuS3w()FiyA_1aSS80xU1^gs3)Hr)L93zEpk>>;ah%z<Jxk_6>%anypIt7Z
zfDXd$;0gw57Q`s#NCvYS%3vYd#)bTj97@Aw_~`2sSf>Qlc&R74TNX&;r7JNslAszd
zC9^>qFZ~17X>rm7`WqN8NsuPcH=su>F|{7D9z9|U6cgydG7J&l;5^VgN5hrK!`>Tl
zQwf7KMrauCR{AI4h*t@gO$l7bpAOb9nU!i&!$cS7oqh&a&;b)@xE2dfG-OCm3tfTg
zcU2RiU1cK(ZB8wC*5=fXXJbyO>Wn$LhlXZu)e{TU^+bcz%@!TXG)G{y0TyWL$(hVb
zQxe7;hBKJe?E2rK<gej(G@fbr8wS{OF~F{Z^hBsGN_|L#YH0;w8s=6Gt9musQ$Ecg
z8Km))F9`{Zr<9=Zlz%X<>XvCwX@S~PTA=on8YCT>uAT;!q<Wm;&Irq;llx5Z3)<mg
zx&{)|?o(pgeM-!@PYG%-qcO`YEKr+;2D9AfNEXvF3kx)6u^+Qq?sInrmHV~aXX;>K
z@6{l*y*J@m+j|?HGxk0`WABG?ynUfQ<324=yH5?$Sk{a)G-$ccqd3lN_j#7ggLa=5
zXxwMBh{Cwfn;5i4(<>R=QGcNt8Ev?ZokR-=(_cs(0z%h<Cqxvc7Cgrw<;>Iq35r^<
zN${Hff(7bYV1c?8Xwd2}yv=cTGWgH=#m>^;C8!NvV%p#(W(;0}+Tb;2^@S}^8@vXy
z4BnZ!gZ_dA8iP+UtJN3wWq8ZrtElX>gRcjn4Za!A#^CX64Bk03WAME=-hR^HEl?Z0
z2Ce>r1}%dh$Z=*H{3MwNZSWRo4E`h$g)#Vg2Caeh0SspM7nY;Ha5%qH{e|n@yx@1V
z8WL3fg`wy#SRnNmZbH{Uf~vpJJsYI{!u{wkSe(>f*o^*y1gXDp2l@*VQ~iaT(O<AY
z*<YYbC-2}ql%jwdZpKZNv`bNfYF`ZPR_p}QMyyUCZOG~b(#EW8(5Kyu8l(ozY^!;c
zMWPC7HvLG@Y^$+A-c}<qxvd6Y)+1+?uuaOQ+KgETg0kmP_L?+7*=o}SWhXU**(e*;
zOsM^3O(2Ze+j%D15?g{sYzt(uC1#1Ot_FRIRYJ4qrj#UTveBxArEGL)g0hjGDYL<Z
zDg_;p8iwk<rSEZ)s%Z31NeP<lSRiLdVpet>|4;19a3+QBY5?U23mQ)1S*%u{vo&0>
zqzc$DWOR~tLKck<IZ+FohM|doHbhEHnI~<G>;%#V$!t(<l+>V=-I1J*az8q|5;WPh
zK+dkjWOgflKxP}EYivo0(@w}1dOkkKqm7X5x<F_nWNH?d4sC?2(gbaQtOsE>J~rz&
zRHAK~Aj3@6gb^sitOj8W^Ss|fwNekq)F%m=tXUvuO=2=@0d0I-%~4Z{sgj_LkJ+Hw
z_^3gvreDFqRi|DnU4lk33uMV8CL~iEAFt<_572_q#>Y+|ZG60wIcY?zvOpUjC1^H2
zzQ~-^?hvQi@R|+co!a>L7Bd^o(8kAXP;GqFprx614sK~if<`kI$eNLu(2SF$eY@K@
z>ie;t2vbzKkQikRxhVXcOc!>v5Zkf*C>obV@vth=D01P+ZqFbE@LUFm5O@l%E_eeQ
z>DDo*dWnm?5q^FQTR|D5e2!k^l{#KGpskd`DQ-WHc1JshaV4PL(N&tD-O-JjAfM2p
z333MQnjj~Tn#~bV<*#BwRr;4j>ZWFV%%J76C1|v4fvjbTNiC~gvOkNcjj?2dj@lhv
zuZ1S3(5wk^3T;fN-O;&TsQwYqpE6W(4iYp@!l`8~kdvs?1UZR%CX|zC0bx|JGskW@
z2?-iiSRkuHVwNh%Nu0@1o2o!gA{$grLW5RSSjEAusvtolnFX?B5)+asCvhpqY&nTe
zAUTN*%t_r?rF(J`5;RWY0p_%vL^g<6l#_UxnQ4YWMN3X18&pn0gK9Xao9Nd$xTP5h
z8qHWBYer&1GZ4k`wqOCU9p<rck(=-R0-|aT8lk`E<a>qaP&N^Pe!JJL25cbu_Xk@J
z-c%kAqPN>4xE?!Y%lyz_Rqa~srv0^9pxTHPe4fB(B+N>#rT-;vQE+3-26uTn=KE{o
zSztHXd=>nF2u5%Oy(xlA5y3`8AVCv>1%?rH#bW(5jzF2-T5PePdvYbHR_i_53tmT=
zyxbj{_$Tsnyp()<rQ;7>iGu(bq;?maMgCCeW<(-XhbqD=u#>UySsW$N6l#oy5Z(~@
z(>Bnf@6730*b70NBS5G@%e`3h{#Yb6`tF>5{zxp7e!(EEYXdAP90;dcN#P#ODJZN!
zjCDlN4a%xin?Nl*4m$y;RGlO7N|$OK5xP`cL6}la*NIY1d>i&AtWuR=rc}E!t5vEJ
zG=*Y;nNm%21Xig^&_rN?nNpp=5m==vK~budNnNV5rR2I)7Y+^!&??o93}%&Ts4*&4
zpNeiG*HqGkDZ2d_R0}dFI-iQ}C<ZA$Dng%%@Dv8~2t-i^WGPp1$|_D+j87J0fn+&O
z@EQvGDehU1Lj((tbt`bML)3sOsc&=2{64U!515n2gQGi;{)Y(uUj|iDKf;uP#rTxJ
z8yhtF^@R<n^uOZxb_tF?J2#Q2#6EQij;SDb<sIOl{|YTFT<`XdFM1q?e-wyYO1$In
zoIcuhRzBnQ_09%SN5tNkR+^375Y0r)z+U*NAlg8TABk`C=Yn{gr6C!|f0jEi*aHb$
zAdXT_Y)0=yf@6NbluK|r!avL5NgD`X<`45@HaIfqOOkKGE_~-0h;b~g<h~aBmMcNf
zdA8?ZpKu*Lhv#WNf=G*ULz5vxSb3bA4CZ5_m;}`s)LS8x1j93^9WNLJ|3E1{>sG|0
z1F=gM#JahO_=|n9s*mTUJ#j5B@bt0RBugK83<OaP;=IH2<JaM=jYd4<D35qId;#8q
z=gYQM1WO>oc$Nz;z?req?U{_f7qP+lJNernmSoJ`8l{FR{sj_gr^vo7NnG6;b4H2C
z&YM;ouY+{y;~+%!P_Go<fK=m|z5yw`70itw=o=736#fhT4fK4D0@Fy&%IDl+{)<n?
zoQ(_)C2(^LW)pv88}`j0hJ|<Z_x3(J$EiOa!}&J1m-pG}IZi8xHP=MCCQjOz<E$<S
zHBWYY!Q1)CNi8`zygtMz*B89gJ=i4+TfM;T7Mza2l5zDIHxc}SvXtP3ecXh<JF1HW
z$M;UEY^n4&aay$6aKZZpiE5<P!5H-oF8Cnrc+-)E4w4!dw|d_r3zc(0+!rZJOvCM2
z#f71`iv5Rt6>T5Js19Awk%&`P8xiP&pA*TgFwA-UemUM>xV?LlPPdhq{*KwgaExwn
z5RBIX^>@q`s83#vdj;49N9q1n=Cvc;c03<B2NmKrREX3GVTHI9aaPeYAMorQNks+#
zSxk67h*l!ri<B3R!LCZ@M8wz2E%!)QRYdf5OTEKEG=f-tgxk%d!f7P}h2nh&!kOnf
z7xs2blD|={EXtJcg~x=Mmzd7Hg(34kW!?gjc_@(ng~A|}3;MXlN|<^OMwn(Iv@mT_
znAi@4k(d_7!n80Jm=VSaRzI5K>{^^L?KP2T5C0GWV#~gBc~hjwC(9VioMbHk6N+;p
zgNk!)q|9Fh&dHK<EjFPBS0U2F7^P~D!AUn2UV~OjwKBX;=~xEIfG^i6&6S)grJIq`
zS&Y&NH)~>?k_M^1nmjei@H(Xn8KlvRN$C>FsZzQNDc!^<O|`GdiFQ?a(x3{jwRf8g
zuT#2fM=9MeIaNxJBc+#RO7Un<m68Unl-gu?ozi<dO6g<CsZx3wDgDGKwZv-@(cUU0
z4O%JvCL`4;{ZE3roFXNmm9a`;5$__UVn+K>N_m_o4U+dW<<wh-*C`EPP;u&%c9xtf
zPhTLV$&3!7l)6N_t2}AYO6g!3UZ*s3M=2e{psEj)lK;(!xbwq+FsIaoUQ-Yq<RAG&
zj*}QDz@q3d{|bP;C0HCC8%)F;$utJj6nsFmA~?DVXK^q{B|_&T2QzQS`6>*ON=v`a
z8RqZ2(FV(2O?1OM{PR+~!0P9tb$cD1oejADsS1R-{;3g!zW(XHL7}Adx646pVRFwA
zF~<V=`X>wH-NPEAUXwm%;Zcr|I?ei+1&N7c7W^BFU1tGnH4XlTx3I;28|HE^Vvr(f
zcpLLOFHqA>8F~kwK^Bxi{skbOcYSXazB8-?QFC*=k2eR7w*|!f(b4Yl(t0T2BrG$1
z(A!Jkxf;*=H)AvWsi)urAR-<@lQR)S2N9<v;=7__Ty-*@Z|v$#Mt`^w&t`LWD+qly
z#nUXGn(uvZxKf(L^p<N2W2I?KD(xj<T3Trm6H1GZLubo51w#J4N8x_xL{#EA*Fm>h
z|MMP&TI+y9S>fh_HW0L&8qkKRXlckwc4QVnEl@9jTA*G4)gZZLwGDtaOj#iBELIyl
zD(l7iUlRzu{?~zLz5Z9d5Ng(Y!dpOKVbdFckwa<`USJQLI{m1Q2pVAy!n{EX2sOeS
zgCVtZDvvOq#Sp)kv!{ksG?qUzW`kzbCpmWsM}2u1%lF|3Xj4ajJ(icC8uh8Ak73M8
zBP$yH`8`+S%VGx2KyM;MjFyE;rw(0zGkmWM1t))0NV}HnLDS|E(D<j;Zia9`aym7?
z$8yvPn*`O&4=q7;0%;AW6G)SKoj{u0>jctS%Mvt`{}MEFL>9<%L=v;-hzjG_5Z{d4
zHoWf+P?ftqB)X`|UAI_N?lusna#uBo%H0A&SMKy_s1dqyHxZ#Lx3dHUSMGXx=E~iU
zXH&VWmu4#WELm1uxh1A6w}o-#)|jl^M{s;(CAxA;OjPb9Rqj=SAC=svN-nX^mAw_x
zLzCe*8C9o;m0j(%Y#~DLop^vFre?+Lop_o-S|m4nCnOl|olsvOv{P*Q3xw1eAmA$0
zX7DN^;3Cu)2=zqhy_9VnKdPzu=)j|o4w{Jz9~*?9i-6Fs!8tSI8Y=N@TtgiQ?HZcs
zg?0_CM8Gwu&qIC_8KS)}%3pMV!}yEzS?n(cV+t-_9#%IqBh@1d3}>Vsglj2hRw`UI
z&v-Iiiv*2pvB1!^kZ<b65m1F!^Ni%1BxoYAz>IGi#t~S)NrD;QG?rQWQd-(KEoRX2
zP0b8a4@UVWpQaYiXOy<oV^WqxR-ef{$T(TE@m0##*FmjjuSXLIU7)Ra*1o<2&!#}r
z%Q6L8jb~G!O+=tT)khPrNul*VXAN3=JKkYVRhIP8gev<sL}to9wOo|_r;?xMn5pa~
zm?`@onbj(L37Vp_z)ab1;|Q#>m!OHj0yAYF?;0AaRrV58Wgjl!QYLkoujX)8nLo^+
z>cCKYq{{p{MpY{nmU$t4FV%$jXrqg2q*_CwP<@WlB7_1*_%(wCs%b>n3iV2{g`xwY
zsU1^WDAH&1QWLdb)taDot5FlwUbSd~+NpLXR0DiCC$DB`^}@!N3{sP68Z8N$M#}=Z
z(UO?mXa%#-@BE%4C%bF-&>a*!j4qV~)vlcw{F?>RuAQ^6K}UjW*Ur!AzFHvd+F6Az
zl?BqSoquB2js$7f&cW!gN=)tAnKL;H6uWl3+c%@{+=%AlBeyJm1cFzCIBi6JFrS{g
zg(gOs8$HPD;h%u0EKn^cJPDJiVOFXSU>)rLiaFsU86?e*9_-~iiBjzMKb29cm8Xp?
zN<N5;tYD0Kk*AH!50)ZziK&b%M(P%*GLqQ)QA}!zln_2~0s0fUvqI@<^YUpUyE(zx
zm?Ik1Jp?DB)7-GxEl&Q3(V+&XfOE~EU4wa;XO!6GD{vaXw-|CraNsDMJ(ET{8YIu!
z@TptsZx);cs;@--;b5J`snZff!)Go{Cno=b081HH0?g>C1dx~!K!Qd94O#+7FeAYA
zI}jl6u^i_K#`lLrYi5N4NX!TzK_h?$EdeB$5#S3>sGrb4R|t^k5tfS*;IQsW0}?X=
zNYDtNK}!G$W&{|?2}uD4K!8ISpGX>*6WV~pi~tfe0%*_@K!O<oPUnPZ%1GP5&Jf@V
zDZt^O01`6-NYDtNK}!G$W(0U-2Le<<fOi<*g*0$vxhevQ8380{1khkl%9gGL63htj
zJ10aXt~D?f0_0bOHlPHkODh2+W(1I+5kP~M020gyFp3kB0?dX0lNhfg4II@?2_P{e
zfCP;I8ngtEU`BwWIt$=<<KQ3~$rXQvIf?D?A#EV23m&Y2<2sXr&^NgaU*qepLokJ;
zL2}S*_QnOK7Xmz&IcdbZX1~bp!5GXdt!0ol!LQjr(kqyOd8O+Zr1o9SEA5VXB@I#s
zUCk?X#k`UP^}LdrRZ6dbz+2F(rdg#r5N1}X8HAoy8r>@_S^8^cl`N2Fl`M?MP#UAA
zMb9dY=LqGjlElOq3LOpF=F>)keuD`R+UDb&!yOIU=2NK&+U8Togxcn_fKyTZAKjfe
zpF!2B)Z5G?Xu1;?$lVEviSC3N+qZCW(0Hujd)_@OK{K}R1X3TV6R7%1B2E>Y`b^oJ
zs_&#htMBv(2e<l85;U2$K+dehL}oFSQGnx^pW(Qb%cAVYvOp#8Vq9D=ITaYie5MA;
z_DlEi3jAAe5Ss;l73=N<`@y7N;go2M0@k!Y046QLvaR7%sVatxxqxY;V~Rn7Btp2$
zS6dFLzf}{Y_6|*uy3^-|)~3{~BeK-oyd#^Epi#30vYI7kso5hnS0i=GhDYjcWKld)
zYYP(rsq<DA!BVFMk~%$7XFI}?8VgB{sg*cDpVjBY-@!c>RX`TrQQ-Xt&&_yVxl63T
z`yUABJP=!=UA)5QQPGHaGuqSp>uD@S6VVu}jE};b^eWd`)uYJkh395G<Hf$gdbq&D
z(xDfjS?!f4$97HJuqnqmf<Zd%V$FTn2eaGCsFOY)!A^-)`hSC$i}neFkwaU#I5y0`
z8F6)Ckb(i+rEqTqtEOPY@$30H&K~{4U?Yj6A=bzHCp=suahw+G9X|lm;;kUGhdYR;
z{Vfk?f$ZTdj6Iyjq=%cq5lRmyv5bdP1=~S_Es2$=f~~xO-5ZrwJqS};Eg(#3RZKyP
z(*a~vMPYI%tYbUt62lE=RnMHDXBMXF9+^?1cc>fcTANzh38d6Ds8%U-)svu+#tCjm
zVQu4bAyuqg5t|THz&14q$L*AQ@h<+|sOlC-w&?`-BZAp|L(#}%tvn|-F&KgfG-x7t
z0uflCiU2{-T6_S5th^95e6>5+djqQv&T8m39Uts%!F>jmAWCkCCkjW$ut5Vvugfvp
zJpn`$5m(SAGVdUetrV(vyuiB@L<b1vHqHT&Uc*EKh-ys?p9}NS#0hxQ0%Gr*FpC$%
zn|A#M$L>3+i|}T>dxUonyh{}b6*W!J)`OriuGbs(*$l!sj^W8rFVvQGVaFjc<v5Z*
z&ce3Y-9k=fdCVy>%f*nwHbX~kNNeTLcrWi4=*YR4b@Vp~TM0tx=yniwM1(rpc_8+q
zfLu8&zH@vkve*jZ&^`%oIOaS%@VxiV?vTPXi1Z~`(V*=jh4&+hYEXNRaZ%ph`>jwJ
z$d&tJt>-5cTivA~F2fZ8e?5oQf+poh3hNJsPr~!cbvQaDz7@jO)0>Jy?`cGrUJF?d
zi0621BpwK*%m09A*2G63+BI>_Z}^7eGG-&cU!@81`}LYo%`6jY4yFTy*&kcMyRFFC
znkfkhnqsp+E)0pu!U$58G3VRSnbK2LlgvVb=2|cbn)ED?)03D<&)XY*Aia(iu^WhL
zO&kfLQ4`Zav}&RP0y>uqd#wUt1gabpicVTF0$CsnBrzip>i-Z#U&WD-^_u)k&?F~8
zlbi)|auO5CDf4MW28{W%>#ULaR9?aPB=f1)1es5>Cdho+G(qO$T*+a`e5#mG=F<qm
zn9l=aGm0|iBSDiL3*_ubOk@Y^OHkjg<HM+_cWcxqL8Cqin)ED?)03D<Pnl1P&Muix
zyC%qdQdhAe$b70bLFUt>39{=p5JsSLS#-;MERY3~m=TE0XWfqSFF})>1Wo=ekdu>`
zNDga!RrmxvwH}`7@>sHPDt!-51pJp%IDI9IhA47veKBj+OvC|bgpR^a#10U2_GkPg
z5LH)WQ`CpMR7`=Ztfyz%h3FI>g~q)ZBmzw+oP!}?8xhmvy$h#-aIOI{Dn8mf6l|3t
zv3p@jG{>m}L8H#F6>FkbyK*bm212<<YQ<95GND>AO;9V=qzP)p+CZ3AEcG`IL#<df
z2-Au+@teZN$tYG3Wb7W5aq2qJq*Z}1%Ki^~QL<Itq)ALETQzCFafOkb60?d0u{qv|
zPjSE&5?gqkTamaPGnDJN{iKdb!xv@Ax3G!t8ph^^Snxs?rnZxQ3h-5Cq%Nr1PP!k;
z%>rpVX%Pxgg5h@3RS5qEho?_q%yv=>47ZaepT&ZO+a;{RO46^o`VVGd>B2}aC;2_1
z&1X)EwqZ+!KLb)pj7-dl)0wEL>uL0yuZ~2WBH}kkqDoM$lBgq5TM^70iFymSOtj*m
zk3^N2ITF<ZGe@G{&EZLj`bg9tCWLvVzxqg2jVV5T;G_h@11Dd@A({W>;EHu}q>nl$
zbsK}^M>6N6-oYOkQoEwhN$oK?Or1Kn%lVwtoA(Ye6`IdUy_YeS44;!~VfwgG31-eo
z9l^)PsVMoJ)NzcdDEXXJ3)4|bFmq1o@iIz2C-pQLC7+XOVLD0)X3j~iJ~YfYb-Zy-
zY7rd}+qeM-j`I1ahw*z_cQWUrN-%RiYBB3oWth)Lbr@3_zO-l*osZf=(et^eF&T!>
zMg5J-OvSUNXcV1`+D>6s7nMXI-Z%VSmEVO0CBNYP7mSgsSbjl4$rfOnC3b#6$%nw+
zlh~>Pb-rq<Idi`1RB0R93MH61_H;V4D$Px%gL&zE)njFb`Fz#W7^6<SK3`R1Dib;(
z31-awOc|v%_p=#PN}|;9uW)s5oa~6)EZl&pJ>?6D(7x~)9wA6y_%dV1BRKq{@`VyJ
zzVJ_Gq=GcQ&;qqDlwigeM%b5IzR&`NFC4|p(iciB;|s?zr<#0YUnsGRFKmG-v@dKB
z@f%+#!Hh3-ZV<k3%eb(zNM9&1;|nb?;|qV`@TxZO@z5jo2;-!`+81g}@oD3bV8#k}
z;@~t%mT`MEj7qonIAbbOc6;OY3=>xvyS<4LW4C8v+M!4=<M!%gaCUnqNQ~W{h3P0I
zm~nfj%i!$xR!EH9o`vZsC75x0mvL}*d+J>5YZ+4|!R}9Ev|Ml8p9C}R?`~NV?Ee12
zn5w0GJoK%y9M}zB$Cwg_-QYULRMLDr^o0`R<Dr{iq562}FJ#=>a3q*9oGr|%Y}vT4
z-(>{sz6w|`(tT;na$ge6Bvi`5jfFy$-U18|S|RwtTQIjz^DZ4AR40|@UD7v-9&5EG
zsK?r<3F@)7Xo7mI?I1Ee)|*6+wF-pkvDWh&b$8asEE=^MW<(}I(`mIp9wA7KyP`hz
zgUhPIN=22A`os8-|0$o`3<(zA=k`|p(;ry^>65oHb^=0apDZ!slSk~8slCQ0TcGyI
z63qDIojAPZlPysA<fE8b`ecb^eDVSjt?r*nEaQ_aZ_fDSzl->dPnKZDC$}M(>7O3O
z+Lk_9V#X(1V8$n(%;BX^zLGKJ3HZo<jafcff|&;U8X2W-u&-y(G}!7K|Lu%QM?H^w
zva)}=K{og7sQ)SZ1?;FTOuIk{W*qhJGD>#Tf$Z|KqqZ;|r35pMx?l(W(~2GRPc2MG
zDZz}RK9GZ3{nK0E@z_Dn;P+PlRDu}?eY6}Qu!BBG4kdK|l%i+HJY9xi$GnfkbpMpX
zaQ}2HznA^fof(t;)8P{1{^>x8>Hg`h83%u@j9WW+31<9mGqc+L)4Lf}X3P%$1;(U<
z*O=wtC73byf6FMfxxdb!F?TpK|Ek_N_?<0YeTI5Jo%`)XE=MYn@#`W^bPE35jUR5f
z!p)?caIa<b)B7V%`>u|&a1UHcN)OQkTN&98OiqOExQssVG-GoVcFg4wC$<!S-p6lI
zo*V0i`<$2Ix2V{S(EqWQ{);vPu`Mchot(Pb(38G`exy6=FS;GGIL}$sFM0O^QRjSq
zNe$SdT}$%wUUn?3dw;jgi9d<WVpS-qMZ5L!)?qtXBcA8a%1NrP8Cr=jUo-qYv*Ec4
z&t}7OBN2MTb1M<N;n}$@v*EcC&t}7O9SHq3!;LH^m7+dCUSfK~vxV_emd41r>&5!p
zMYi>ZXNhH&vK+PHdF`A~hxAu(c$S#l@Em`;FD9HI{Gv%o&zlEhydB?%&c!zZAL66p
zdJv;8z^AOYf@lZP+&d9}j&`>F!*w?7(%X9o&#ib?=kGs?Cb#mRtdtfI%^*lAJL5Be
z7g#9Dm_C1BVw3K2Q%>@COjy0fobqE3iD~s&7^_cXQhjf8d{q6k`XnaQ=OkC7H}f?I
zI1>Rj?3qZmBa;%V>y`*UgW4oEIxi>)%J7M>1Xt8V6Ul?{F{K38ot20m2FBDKxS`^m
z?(yx2sT$Ag4lVJ<q5zukykbVQqHq;@W^Euw=LaSJbi5gHcv!CFF-8{zz5EZbad4&t
z^MihPmwW}QbNdQ>#ygYzLoqofF}_j_?DQ}GE%KQ97tCOMPOu%%k8^NZ@l#tDUqE?U
zpxV0lH6(aaq@=bku7lvuGPpB^r>%?e*D<+YMJeo*AD=Z76ZiC7(k<~OQrpHB-WS~K
z#}>pFb$6ZWJ6&h}_=NXo1wO6DbL~8IQ0ZptHX_F3k_5WpI<*mmzTvtWgt_6m3534k
zx(Ami0+<`F_hgLxqQ2o;V(NzLqBLAg8^tsv=#n!JtSzp((Yk0GI)#-WaBFq(8VuU^
z;poUWT{*ope{mL;J2t1(Q8!Q5GbepriTkaKDo%8qI*MstY02x0P&<wYi<wkU_gbq!
z)eO?6^6<Lq_{G=-*@SSorrLWGIcvo;azEJnXsF|K5HT@USa=4w(s#K|!6<y`RR*Fu
zB)SwPC_E9k)ZJ^SLj)nw%l{TSY2^f|o$Om3=@Xm-j&tim(daM0g#Y0YSzvvn4DbAd
z!2BG?KngC{3C9*KJIZlh%>wZ*{FitScenq_Z)xku`rV7-ucNp-Al3Rk%DjtV6IFMk
zv~!}x-f<uriTE^<@-9Q>TZkBoZKkhb{WNuCDCS{^X6B)>!NI(%Y_QiQ;B18LO3r?l
zx;^~gm)V?2I;#U2nubfRPUL7QLo;W@N|id>kuV6H01tI8WDY7iQfokJZD6I*elmce
zdL>Be#XHA4{2wsrdytXOBE{YY$}fn#1~}slV5p}zv!e;W7P4HxDba{w=KHap-v3bO
z&ENo0;C~O|D&`<>p=7zV&T+0_S;!X}StO`sar}B*)b$UJgWPHDmzd1<UO_3fks$GC
ze)vt<y{<DQirPr`i&TR!-;_0h=uc<S&^KjmM9^6@^x?<TB3kp|hXl>ueGANN{(p%h
zprMBO@I!(o0t?J+{(pxfpdr2aC{2Q@IZ`W!srw+g-u(Y>)}OWcKXO!PZf5hpI!mUS
z!iAgu9e+MbwimOJ(6t`+ImB0B$*K`-WZsM65?k;b?2b<@Z}|{?D0;EiXm359Q}^>I
z`Wn=?DkhQ_f*8w@l3&Q*S`xes?x~DX$>$g0`k@!Iz@(GY-G4M2{4Pco8b4tRmcfuj
z{?>iHT0A%Fw9f(2rilg+&I6%T!Tgair%ourEPP7PEd0%7PSqYq+)}l|WPv=amsn<n
zDOifs>O~wTH3^#3BxoiPERa)^SSB@S1P$t;3$SxuWN>{|L9ms!-3x3=Q(|b~9gzXa
zO{jhMo6vM>P6dV^5X6(k=r2Ksh|TMZ9zh+Rudc=Ji{FdT4FG}DMZ8z>+)6L@%1L;?
zAw&leOCtTeV?m@J#I-^{yQPVv(7ca7I<!ObKG(cXN2z>(zy~n8AJD7MjFbd9B{Anh
z1_J^Qj_eiGBQgo9NKZzj7cnOZt|G<%$t$qvc{#rr0$|<TZov|4`j?p6d3$#{W`VTX
zH`$y8-f%)mPza%PXqrO4KFIAAOs~iSr}?R1aj6YnI~Bfst^i31*M1%?2=>6TuZ~lJ
zA4hR1p%-&*V9{wvHNH!3QSiuS+*Bw)bDx<6GxwPVy&&yv%wI~<=0VycA*}^!X(ec+
z)gYCCk=6pWwEyCSs3kViO3+9v!Hl#BhJVRnkoj?rY6(hn{e+TW6`YR5aPmnandp~c
zJQ^X_*CzdCFi*`$*oqDCU&%{>rjH4YZX<Ed>6Pq@&=ULG_@baR3!|GTz2306YM3uw
zd+dD;Lu~|c^^0ynFcy-I=V&R@S05AU7n}ul2`U3UldPUOZL43&=wu2%m#zLW1}&?X
zpt1T^=9E_NHKV8ALK5R@Os_A@y`2bLhgo<P^q6``oTZbz7OHuTBe|Ybb9k?0CDb4>
zts03L)l?xmqndgUMm3*sw3cclXjG#?TQ&WT4NJ^Y&EX7Ms*#{kO&xP~QcW{StX0!S
zgjS97uvE?8p_<b<5~Z3W(#bub8i{GuNX)3F644pe)PXRnS;Ns<s*#{kjRtMiyvpG%
z)p*B+`m$6bL8F>n=Io@JCX!gIrj-b-nhp@=1g7LYP|aYD<Yuy(BP){oLp2i9s*#vc
zP5Kd`nraY6HG6Wj)asfFB|)Pa4ce+%$>A;4JjS4<8VMTJv@&NW)ijdCS~V?1Xw|fX
z$f)KCsAe-qqO7K_S8^6qBQdQSi5b<T9u=yo0%27114nCFjRcKqG-#`4^zl2WP$w~H
zsYZfEHTBHdNj3E(u~tnp5n45EATp|X8LGLIBe{mG=BPf&W1$*}Y1L@#a_|||IFAX{
zRDv+7xq+j#R3ky78V%a2Y3J~}lhtWATrhVB6-t6eHO0)?Ni}sOu~tnJ5n45^AXqj2
zv+&UaI0}*r86NI9i5t;-8O$(!&$Irh!O4Bl=IqND4I9@VJH}st23=$HNz?U*#e4YW
zxU2GfW+bf;=)`YA1JHq#*B_TGy6r-YxF5&!F=a);Y7DsXoSu=N_wXr>^Oy)(erHa3
z@hd0WAP%C+doLTqK~#BvWQ87sgQ)UvIX){i9|@LUj&$GSv|^C5{J|W5Ow~NcX@oH4
zU*zQH-SDX6Y-NtV!~rn>&hs)L1v~IScVPY_0JkwGY4N~A+>!Y&0Q`eN8utL)*U6iV
zWQUy)mM$qrrF8cBjx&-$3SYhoDJ{wZ)tZu%w<{tjVO|<1sR)h(uLUkg1T|S;dIEN3
zIr&2n!O1eQm%)43B^a7#fl2|53=W~Bh?5kcK}!J_i{M59O$-_Z<dcdQGfGBFk>bDj
zMjG9bO&r%<*@yFlun#<I`#6rn=1^E|9}?8|VPV=nEKu8r1xovPkkhj4qZz^&`*?*p
zdXhBSJ~XIILEFbW%xT%j`wWr>GWOw}7}|%*B3UBYM}k4iJ|rmYqeDb%?85@JeMnH)
z#|%ykBiOLi$v$RD2~cXvKISsmUvrXuXwXu?A`#r!M+1XK0m?pRGb-#Oc_`e^0KvU}
z-oRjg3|}-xX<ffPGB7w7=S50T9a(t+y1^0*kE~1_xiacZ6p5{0&@Hh5*gq^Roj4uX
zI~Fz|u?m<sFDxk%bp3*1$<gS74`PhotUswVu@Sy>C&731u$`RbBe3>y3}Ru&S-+?>
zaS7%+4r7caE8rcS<nv&>jX~v!7bg|t1B_9{QjBkc@p%TRFxD^bt{6YeX50+MtqhJN
z#-$~SF_<6bMaP)<AwTAHXOKRKT7Np?O{_z<$1s{CbV4d#j4^#1)z=A$pf{dR;rCRk
zYHGZFau%qj#{Y}y#cM=VYHGY0Q{%TWSWDq)YCK7s+V@!y3aF+&_jUu?+b%J+C4=_3
zr&@U~NbPZFLVX&i*{RE6_PQU&@sc|>J1Zn;CPgfeCq*PCCPkFQ_v}Doi5ZFOrNqrr
zV$E(z{M?QtmY|W?0$E~-35ny2VSjB%o0b$#fRQ*)in+E*5bMVutmfM4@T^3qxwa-I
z)LdHyPyP*pD)n4j6=OMs>A5xunz=R$6mxB@NJ7uGb?CHdt}Xo(3qo^k)l8_lwwYoU
z(#(EI(9C`v!JO7yn+3AkB$iQ|nroZOaZr6QsY%eJCP7n37RaedER!1I$2`TqP(_Yp
z6HuN9mErC`A{M5^xMfG+`W=A&Iool#wuq8~o3vgLFV=Hf5;JLa0x7L*P^Fa(s<a+P
zzBX}M)j%k%@3GqWA!EaUskEL4qXgAW0-FFfYJ;F#fm$^|XT3O2v#F>Lsx(2~qEQp%
zEn1mS^V-fcn4i`kWk*j6y$_kO@e&d=#c6?DoD$0_&fpUWp5oYPVoznU6~bhL{#LkA
z4O$MNI|nBtHo{5J2xoyToWz81@#C>BTL~R3DlIRZjpsT%&*<Uy_ddNG3ywroxaEnL
zY9h{0LOF}d%aScPc*Z?Bqp(HgI|YNXu=#ZE%u^^+$v7Y9&Lp;-5VJs>JA-_okN7B>
z($-KQZxi+~IM3okl1W~L*JC&a5g_Jwj|_+(hlSu~5c3W!_4?MwoDMvXo{aglvvKfZ
z)pKIsLK6|ZZ=s!@`JlGS=Mm!iNO62OD7+B_Ezu9a5`BvEM4b)2L@zP5CK9J5`Zfyn
z;P5ydZt1*$PfGrqh!4keB|Y;}`~Z&4Lu}Z|5Z^Kj%bfK7_=GnNSQDOU={?y9Vl*=k
zz_VMLpDcVgVlc8A_lWNPx9`|kEKT1;>wjwJLn}u^bFzBpgT&;{hl*>_BD6w?MZI$3
zx8b=XeD=PB#a6zE)}a>1D$z<zJqR*e)jYIlf|`d8CgQXdQ~44(@^A@e1Dg!>txdBa
zLDMW)plBBARBYiAOcS1!0MsnBYJ!@D4klEya5pDPeH>NI=<^>58b|$*s8Oc!SRhv(
ziDfE}Y8Ia2IOq#-lbQrgY7#W5Ss<q-u}o@+AI$=}&v{(DbcV+wd|yrOQ)B48g<_EV
zl%R2+>6clH<UZ>(LGH6z6XZVIH9_t({R)R6_gTk;a-Yp0jQd>8f?4iUf+pJ*$k~=y
zR<@P<yp&@%<x1`|8&vL7gGvtV+pp%}Ru52uMmP&(;Utz3P8G-79PwyT92)B<i$j8@
zING#osW?*qW<9Hu%QQj7(WD6~jy6qDaim@i!>Hn@24RZh7Z!|apJ^~8XmV_UoMVY)
za*U|3phm6P_8k>RHmHh2gI00GP6=BMt2iWRgtI^vPGXjDkpuGb!u@;c7jBI>JH3sA
z!iK`b4o2eXwF{z7PiW)R{y@Hp#+=wz{P`NcQwz}(ii~>^oAf5)&mOyBze0%{d;Fz{
zlm9Yy|IKt`zg5SaDF@@GV?2L_|A$S-^ZxFz_T^zl8nETXoi$-~;GB&&4I`t;H6^a|
zKYmNwK^iK11%6;->Rh+o(9B838amhQF*KzTROh;l$p)!?eHHDi#YyM7#j#aQf^@E1
z3x;hPqt;C=%TC=p3l!(NCHiBUugBS82C3iCP+1he1hcNKpJ1c(s6_l6Jf}Xz{_%qn
ziR(7wYf|PN58j2dOX3$D4j)7Ban;<r2-8Z>(@GONA>QT8`vk?iQ@8jVKcWmiL%ie0
z1SQ}*xG_w39lbAh%aT7~!-oZaoJgM4*T$CYmkc%zurZq8O`ej)xOh&Ya4`Bi)ksmT
zqFjMcjYMERHNFnqEg%-p?Cwo}1e^Zo1?E=ce?f-S=dQD4zk%_G@LWaD(-R(j-B?f0
z^RW!O8hb|8vh<{9vwd8G;Z#m=*Q2=Zjd`iNx8$TqGSL<7umso6Cgmrux;*MU#Jq!v
zcfUTtGA!guEZFYu5^Tgmt_01}s08h$(cli`=5vmG0wRa~7yBCoNYh_SR$}tyVu;*p
zMW*^LSrsW%B1=$-9Gnde_h(j`*=Q(riwfVs<V`blHKWSy?@!zAI+e^p4r0axx7-P0
zZBgfJMrkUbq1^4N?v0S3zOBH*FbSycjj%vW0{TnPm$E>f1oR?w>kGtb=!$C|=qT&d
z7a;D%Zm`oqRDm$((bf~8&!cT70_V{dcEdNYZA9pssyDLa<ahy61|08C%(OUPBIf(u
zK3-3_hDs3ozJg09nvX&y0b!0KZUSL;=eB~-#}Rkn+3e0ue<gak)kJVFw~?N?m)nA8
z)5~oKp?kT{vWzsg)V*AZWj3O|&79N$)%$oQrZ=Km825fP#=T!s1niiOBmRYBrL$jj
zA5~(qkLviFD_kdiPH1u@al=Dyap5nhC8@8W(TCij!Fp(Ps^oasEe%TGZ6&C@?cVUV
z7D(RqB{)_IDsMY68zgW0KD@2PNu!w}cv}hT(TwA5A{!zhNuHhwSUn3#`^{@U@Vf?i
z0?Z|l&NwEU(wyW%jBU-~;0(gHyfZOksz(wvANfgtVzKLd$vpG{zd9|>@i)QYHZzQd
zN{Qp|1u$}Ms8x!OWb}qYk<BFVBW{WJFPLUKMXis)Pi+yVSp`CyW<8#bX*Ls~H;%Uv
zp*N2ICu5qGcs8b42SS@>nGi{vro=L)*_Sz~b=9URF>RU_#-^#U&ZaqoW2KoMZJH7j
zrdjv~wABRJp`e80y$I#Ef@*k_kI3(!S9C;v5z1(hh}RsHEkScowgkh2veg;;*Kq_?
z1I!uw7O2nIw?KWyz6PnwWe(Ebz;Rl>iVo6Fe*@9=LE6<I^tsE8c-H4Gx8T{FyW9>!
zUmkuBN2_LsaiF$O`ywq6=P*0!u-{f@CGT$z`?WwdkxVDqzh<)*`ipU#|4S0It_e?V
zMHVLHB-B~pRUmX0>hY|z(2Qr3g*FiSEO6&rywGQXR}w+j1k@rQbs+ldBcq=c$@f1A
z`+Il6K?$EQNVN(ejptQfw+UvGR|`~mrPGo9m0`uCf}vBA)iK$53{n*a7%JdT8L3tP
z5~PEXkKzEdQ?sGf4G;R4pc=E%aHA7Q!;VfM4L>@8Gz`fG)l|F&RU@MZVkfdl);yL3
zP0!x~x#ur2tLLxIfo?*{P&U;$(5)cUd;w*zLlcy(^mqJ*vQw=I%0?p-YBbdX!i=U`
z*?X!vIelQG1dZ4h$YM*(65Ia-PWUa3Ta^-;HdS<sSWh&IV~S3Krsz6>l*djW<+T$?
zdCmq^(P_|{f;@*svIcDuG&-<A)`7$<9XS4hP{J)7d2h-u`eII;PL*y)88qzPR~;&y
z{yuZ4^nmj+y#clSM2AXSpsGo9sPrz(N}gUVKhdGmdoV~&K69w_Ohze#I8<640DZ{n
zFeO?ZqXVFmBW}a!ml-PoHtg9W=$?g@RQU<jH}A443{9Uol+5t^s=m1dP2XIC+&7QY
zk)zefb;E=bb>e6vo|Q?{iK8u=pc6;inNTN=4&y}0O&9~-gF(xHC1?uI0=e)cCJHY}
zPUaPkS()#oe07<K#EhYK0?AN2fn=ziKr+;9P#LNQEg!RqC9-^s1WjHokn<`rkyj|Q
z;xHI$szVK8or>o{R1?7$sW;LyU!>lGXH`;kXL36e>dxfUg`q`YjzMt*bZ4>z)!Yzi
zCiR1GQ&pN!Zi)%zrdmOmQl7-ItH~DarX*-`Zh@S0iOHO+i`Dn#sLlEX-I<&XsymZ4
zXgQBVIJi|N5;T%oAWJ4OA(^@}c@D>XfYvBotlkNvJCheM=RnO#cP2}abg%BpKA$<M
z1*dXUSCVIgc&F}6UdPNvGjwNiHmL4Q)}W=C>p8fk83`KASRiXgVnQ?F#p)YH)cRs|
ziBZ;&i^Rh)<;grGQ$vBuB2~4gFh*O08ukmj4-zv~yAwzT+zF(r-3cUv&IVQ0)}W=V
z*({Oj^J@c_pi!0uva%#5mF2|MH4>;v$Ypqo1g4`@1y*yhnxI@YYJzgpq6x}HI}@r}
zrhXFD@_8-?tL2oSk=g=TYKd7=J2@?vhu)+bF}t(wTN60FR$=<_!1#+r7&8A4`I*|o
zdl<vGYCPA>_ru%Fnn0KthBgp-7?=7}4CAVa(8IVUB6t|rM$bIMkopTfW4(@64MGp&
z-eAd8A9!P0U0yA*%sN^Vh2nLzRy^x<v<`aa;o4@7jfZP$9W9NS8@-NJjc2ot_6;-B
zl$Bmb(-<}QdL2z-J6K1Xaz&`yE(oFrf)bMh!Oa*5HbMrd7@stK2IaSaYB;FEdmGQ~
z^yaffLd^io<!I@n(3)NVX$C-pYHX)(IkG@CkyQ8@29hZkvGqy}bi58wRYZN3=;nR<
zB2JG5LBq&+Q#ppBAO>#F32w$5;in=mHGAQkyqgPbkoqCXAzd;c4LoidHN^i)FcP-!
zPq?Hoc?Qt0IZpChH|<=S*bUe>jFF+=6wn**bX@e?K|=0}Q=pCqk&Z;18LzrMyhA`#
zgBZ7etUC^DjXI4)Jc{pAF2cm&PaIW0L^5uR+r`fZhjV3ECTgy5rrST*3t%3Dl-!IO
zx7@!GxtAb<4}~NtOe?lf5?kHg6?6@4I|xi8B3Sq@{y$Q06a`nE^!|eh>uNkJeLjB_
z7Gdbc!4uRM^lf-HH7FH}m>N`#XEPDfM1-zEZA5SlO6B00Yfu%QO%19CK{bfhm-pvv
z$uH<7rl&V7jO&ZWxV|K5-T7dSkGh5W6L5)%Pr%h2-5XbTwttBU`%lu8!GD>*FXC^Q
zUXVOvm}6lWekW&R#4h<T3=fu~WtJEX$CFdD81>A8X0&D&EYQp>M6Su$iWzNNpqW|7
zV^*quW?=2f@R@;iGPgPE%x7KFmhOfb$>0|li^NLajFu#WWXu8^W()}2V_`TVFiimm
zn_yiMoc|>TfpqPp1>(SlBwar#K{)P!uA!6|nO{KHQCc9(FiF=^THq;(BwbIbF&cZp
zECafxQetGDN!lnOL2afQqy3C}7EWT?Of8JfRAW?{`k;rUtQ~6hwV6sR+e|NIeo9}v
zX^9Cl1&0&=6SH*9sAdf_6J7_NJMdid6uv9$fTymEgLp2dmvY;UMBJ80sLSYDiGaIS
zm(e*`HZYU_RYd5?|2tV4a+TrazfV5<Q-*0yHuT+Pu%bo^c^mugRuIN_cYx5oyX30S
zj;VWTe76LR@7AF7-4e_A?(Q5XHHX@F_hl^0cc*;_seN}f2;;jOK^WiNLWK6+l^hkh
zF5|m3X!-83%t<xR_-+Xb-`!40Xy2VmWPEop9^>yrI3}g}{axRuLAeBJP>xj4Y43rC
zU_P@`|D@)XoC>wRBtgBtWMO)J$pZEIk_Gbml3#dF)H#{cBF)ykmea?73`?<#86?{W
znDEzNtMdve)tfm5-b>)DLRM=w<>Y&(VzIUf#OQxwD)M*`?I8M3b<2apK&<All*#@x
zak)z`B&|V8T1`cIjbKgZBHT=Or(i5tt`=$bzsW80hh>3ktum;>=BOK)l@==c-|Ti%
zy*df1UY+W_|9`~2cX$<57yr9w&dHgX3^^%;gcdl2-XjDM5se}iEJQ`4pb$}1Kw}UQ
zD@MhFD8_~bUyTSTs1U_oAc_hiXhc-3#9q<Z72Ex;J!?<a9QgflpL?HseV*W~&)H?|
zwfmkmGpjf#Z5_JbhtHTk4X@(w8R{p;@3UIF^cmCCZ9)4c&yMc*<Fj!}KRRAXIv!4<
zvk*q8g?QXs8Cm|l5Dw!g`p}rZDYhR96@hwaf8C3zV`WfsG<IkXYNXWOhDmAiQ9ev+
zJ{4O6!JGkC(huegxRwNS2HXH4JOe&bWD%YLpUhCNe}gk%eO`T`2waL;MIQ{;NNB!z
z7lGly@D&`Cnt6CIJdYtw?KFSke@dUjEao5R6!Exq85urpXC%}+INH|i0%?1*3#4sM
zI@Hx|AhqW3G-4I!u3MzptVtMddm@mxJ(5MXJ;|k5Z9mCrQ--rD`uYE0^p;HD>^lm}
zk_e=meeX<;LVdGuY&x`Yv+oN`!7{pbT}<I-pM>GfK7C->jD|7mxDNWjvZR$Aeg!YV
ziz8ia<|}v+7#>(=a!^{kg$I_o49S!&2bNu!Qtvij!Rsk<GGD=yEc^;y1h#wyuP?`^
zslj{&?>JrxnL|)`%bdOuJFY7H6F&$4kju=uIaYlA=`q!AYD}Hm!^)_6frfv)odHJ-
zRz<^7U;P9pfOFe<4U=&^!atHd&Mj(}I1{hbD5;96=LU9jCgHjo*QH;28HqNB!xsa>
zv!$K2uVyo@yI&LdYTn6-=sw1KOv!>hW<L33o`qOX_0YbWmAKB{=_SSu#Hd2oPxVdw
zjrDN@U9ZHKyrEJvuI>N9FO!@!S8_IkaBZaulQn|LJ*EjK_n4CL9@D$A23rqKQ->|4
z@i6!=u^GlmRl|avJpVmh4__Bpk;<q~y1T$25vUu^GoRUNZw|_Bthd{KP)wCEq*Q`;
z5M7D}TuC`}Njgu!L#htfrI%!SMMu8{y&w!JLMuyVp%zZ%$kgi2?c(`gLLtL+E_-F}
z;r53@5l9NrfA$jt;f+;_fHt*{_{pyZFGZVG2nQ^3lZwy7KlIkKS$lxc$whn+{?Vk|
ziubrWuD0Ak3v9F?`{d1NYt!)0o^Z07^{W+s7)4Hej_&rM6>Ee4SJ8Fcvf@R1#ncS^
z;j?fVwKD@<wqvTWDsG+Ut1$(w)U0z8tKrvE_9hNUX1DgQhx^XG9FP_wOTNJiIWA9w
zi;wZV+39Qy96$Z%o{g&qI66F*)spY5r1v`96C@;$7{39TuH%rj*j};&pMR{vzS%(P
z$V+xwp4Tr82AgT`1El&HCqNZ2Yj(Hfdr0&f$<8ZqH>a^Bd3H~g`~~zk4*503KEJK=
zC0I4=u;fL%tz)4ibtK%5mj(2KaNjwB`Dop`<WRe}zZMpFh@n=tm+d82r$J*X8E~;S
z)hkGIHAkoUen}trJAI8pNf`J$IrkyeCQ{~J+e<8hkh9fNi>tgMs)aJTKDkX|J8rjD
z)Agie-WFWf;W~KA4HeS?xs`KnM^kPu*@b>mz!brUxvUd7BrR^1oXll4kc_>=lvP4g
z)(8vBI!T(!lvTo@tZp3^N7WowHz6qHRA52ai1I9X#O{)JK3=P@-U`0hpz_Ews|3=L
z)%HRDlKL2)1q&*QhKVJQ*?I1*X;3fX(5-#c_YWp8`qiup+9v08YhmQOH+v?6!6D9s
zBc|QxW~2p#8=XULbd^wr+~|_m!?~;5tUwhq*)b!AB;Uo0*dlEFAomvd07=F#V)O4o
zt|<|p-0_kRb&W!}<+-Pz7?FT*&qIDF;C`szKAgk`fZ6AJ$(La+!;S%4I<ioEycvdh
zUd>);x78kR22wi+J>JSWMQZb*$D4$K$6H4<&1oEze8OknYA2IFrojtlXD9zeTQvb`
z)pq^?1@3ogOt<6YDQE@fa*|ZL=Z|jVZ^q%3Wb_VOch(zGIOIKAJmbG)R~Tz9CqZuG
zOZP8K779jdsM(Xe#0+Fri>jQxS2FJkw6_M+-jZ8TgsY?pMkKvgu&<TuhEp+_CEkRo
zn<<S+p1%fduwJM>dxf2JA5Md&VXjBjKgWSd@1+M8depWgJ7-|7N;V;fZ5)smBufu%
zrz=x3s!Z*v*u(*;Nrv?%VbB4gICYHF+n5mM<m(RMof|Y`%EELA$-)jHq3ICiNGR+O
zMVylC5D~^5LNeJQ+KKpKhmg>82+7D_6`G@9)FEo1kLd_qIXT%842yIG10x;b5RM(`
z2okn*gp)aFq$5aZI)Y)cBS_ZL5zgWyWk--K><AJ@JHo}BgzN~0$&OG@CgYCKglqkt
zXx$NNqzSkqNY>I3a^7j_2+M`)VMmZqc7#7UFezj@f@EPwXgj;5m70zqS=bR$95B)m
zBn&&k9E<{GP<+;1o^xCi<|SN@sP{cLfpdZPSutAoF1sYw6YXm$CWSf*|G%V@j|a0F
zajjpT`V|(MY8&nk(aTexgir#3UY<G-@9L<;_1*1LiBEA|i)*~*D{&iAYQXiKcs%tT
z@Mc_7H%rXN52<(Y!_8jaOpFQTxYlmlzamr(2{cc1hcoeyTuf@ScMfdlrPjnlMoo6s
zwO#QT4JMR-I3OJ%+&QqHUxL?UNJjm~-2*8~7`|=<gX-HD{#u_GSf6eY(d)nFA`!{x
zJkKAAL?rBq*ME6Oqf;74qus2VyLy#i9XUm<>%tU%QHc>a@u){3?@kpv1907hYyGa-
zI8Hrs-s2l^e;j~S5d?ECTg)kuhUQ#WGIK5)VSFxYn7n<^o70o$vXY5&S>^doOpWFU
zRJ^;pwn^TJqn2sR<`e7dB@ae%B&*Ez9BLiaRI2YXyXxjq2f;LtMqHcbq23qGqXdF!
z9+mV1mLonjkE=OL+5m;k#6a0h42v|An>n^@CX$8CM8foDvWOF*ZJuc+l7-Dg!mybb
zD4WR=PLXyivw~*g9|K#iW=`A6(&o%uHwR550`={Y$q4$qC|T*xnO)o>1dTwwv9!12
zdr};fG(gY+Zd+9EJ5iYHo`poel!^YHNykp~Ut!4wK}T7v&jLI=-{B3!d}}bNJL|U|
zdcNO>gYK(Y+vJUy?k{F`II-XR=;{7)X1KGbX6MF&rxgs;1G#xx;Xw{b3+r$VAfX=m
z+>4>mlN?l!lKHVVDlreV`U8w^fAmX!hYtEVhoBtJ+p{3ql*TSNGnxDxt0fukf(hBl
z9&qXYhU3yg;QUT){MA^-Nfypt61L1<w<D{cI0<T`=k1mBdSLG)85JcNNB;kEK<dKh
z?VIoYfyjnY{uh*c$sB~UFAQpiX4DIg#A~XdXN2ur=r4FP%0fM5z#)$Y%gy9c<dngw
zYBl#udV`^+WTd9IAF}s3pjLBqL4s7TgSpQ;C_h0eH{lwpCd!~z&WH4&g#xDmW-G%r
zsgXyk-f9TOOy1#0VJN3c-TS=53zC#l88ccHop(elonoCxu~DX|J`yP|LKB$8v3nr)
ztUuc(t8r8P3TE8`=HI(L7Ga@pp9~oI_QifY8jlQ&gR4es%gQJ(2+nvKQ3+PXu{Zl_
zEzUV+-JhTbp&G8m<?>X5o_|u;;rb&lLC-yv;Tq37IrO|!4X*V>NzXYoKrqiYsRj6f
z-YrPaH<goMo^PswV4iQPrytDoO-&GH^YcwP*W;R>Zz`i}^L*0|)>yZizE&UiVyx;V
z3>Gu``KFA*pma2GgwHog7_2<>^G!J%mL8fh&o@cto9CM(4DBpo^!cU)J>OJ~63kjr
ztT)efR2nltoZ2qXkXmavKuD-HOq8N!HBuUnc20O}F!kbl0O;C@zdpc<1lQ=&&Izw!
z3x(^jZ8ky(+vfRbhYL9~>V&hN8ko$6bI9Y&4kGqUmizl*3ALRW%{;UES*}W+)CLD_
zY#@4YX4bkq|5Cj3Q?k4I#k2hNP)Nc>tKn1eFk0+vj!g^g5kGnz{WsBMB@9g|p)qA*
zJ>Gqja{~<Ua{I)6xGux>9V0#e4qVr9(&XuS#|2ilUj=Oqq#eK=$6KwETcMeORIt0Y
zb$0*5PE#^6o$`)+Jf`mBG--Oc>oZDOC9->>B1wlW$;5M53fAGecAwyBzD8Uh(;sgy
z7>RXQ&W#WT;QNo0cUt(qF7BuHu(A>(XgG&3>(xH`3BEd9n-<<k*QSMcX&bbONDG%x
zwD1uemP!=1a0$7EQ@tF>VQK!DwJBd$i)3N7NElX&gh90=ug0h`i4)arYSU1CFH<se
zFEhf-z03$S_c9}p?`0;}pb4GKS?TBUHVyH&qXkJ8sw$yrK}z>Sg)eH%db3k-h=uF0
zA3nlqNBW_J+KzhKdQz&fwN>(CnAR|ge!;%|{Qc1vB@3r534^|=r@fbi6))gvPqHw+
zggosfUxjVn;RI+ho3*u-Uynmv$%Z}zC#x&d;JqUXlI7_v+w%@cXLrzSrV_m{3RRK?
z-|3zB2iLW@rcvm7SfBydGzyJH$(wN<jzTGXcf^cB$wM)A?Ubs%bGSb|jXl25_LDb1
z3|Ds%@bNRV{HxMfYLu7dUXTvUt)Ta)*vdoEgAT)C{6@=)tvneC;&0YV7Cgd0gD<GG
zIukb@=r+J7mZf52aEC`r+Y#e6JolsT0ep#{^mE)co%6>&TEc-G;&i4T&)SD?9n81l
z=i*vNyU~hYv0q$`{28g=gpf4n#>SAdCgoQ^k!h}t&;C3Spp96e#(u?YHX3D`brDpk
z!br3hf3t=_xMeI7u13_UmX+DW3xJ=ova~8b!Oev|=-$Lw%efe1P6^f!vnnjlAH6E3
z{^Ov!X^gN++|yS?Vc|i(rQD+sbn->Pij11^to^O7%9%G2RZgj$fCtMif=~xR?*Mya
z&E7<UaluS&Z*jqF#|hC8W}c*zEVw;Ju4a`Ki(N2lacx{M8|a$%ggrPlDuH>GNi+S<
zuQEwB!ItJ#CWAOIjoHQp(=b{G7#B>*qAr-qxf^E*<w$haiB_h*PhSI}bfNDh$T_SY
zf^iC4#ktWmL-*@_dfY4mvFmZ^*)0QUprrfv_^1IrMD`*lKm&MqQ~ni(6gKo9i$J|W
zq9@bd=AeZ^P^v%ew9rKAPqgsbNz~J34nzhl?dEjRo(y|j98|W>#CS49pw5Im8HR9B
zs!n|;&%Fk%>|c>JvdY%*01m1rnMqc*Rwnf^l$nHwz{rE*^xfqffnmO9$e`pw;gdhc
zc}#~xn^~2d>J2ieDNO{1soo-kYQGFhwVZT38GVLy+#rLP)FLoUZIcX2skt9w3Gg{n
zy@Z+!&lWP+Hw?9HCgXb`+Pj4Eoy_^R=C?LP>Ldcgd<$hzZ5s=lldepurcjzf?*}L&
z;XPe*l~$$)ht$fP42KwcI({2#s5kc~;a%Vlq9+{0ArGQ7r&yWVZBjz&8QN`9LeoPG
zOCfgHLn078#HSu&AT1F?4;KT;kloEwj)#d-0`|afx-*@|T(@)M;WCq9q%%dJwkdU{
z*&I}#VX!kx?BZjw_Qv0=M=%I~xFezZeV<UXI$2g>1K*>*3He(Uw3^n-=iV;{Gmx%(
zT0SfLhOayo|4YTx7z;Ou@3Jz~qM-9F+@GQzbgi%b7-m!_>MzMqmGIt}ac;-tY0qV-
zfgEr&@|Zuaoqq%BQ?i>cg%{@%yzN3leSp)g4toQR-3_s4%%%>LJO_!M!*~=WdQ2ys
zsAOTH5{8M^a_pWhiC&6CpI}@@i5}ZgCn{N(sDxpnZ|<t;0wnso)U+bdRI)Hp3ByEN
z-x*k0Xu1fA?!{PZdVB}1sbpcI5{8K$%dv$`??<8+FxEC5A5@fNVWJX-i7wn#)5nnL
zb28BhflVa~6O}Mb^xa((eF2H8{{>djnw}77Dp{DQgkho`IkvFr>qvBzO!UMcQOUwY
zB@7dtv}>XtAkiyjq7#dBMM)MWDq)!D;$0K{8i~Hbcp$aYNo{qal7)#%7$*8D$EFEC
z=uwH^kZ2vc?EK1<L*26x*OZ7u-BM*?`$xy_)E$4gE3iEM%aLPiGE@n|%s;8Uj$DcB
zFmkPo?A;wirbSE;StT}Lv}iz}85d_Ip2c-4iIip*CvuQ#4PB3G=iCLA>T#`8t%piY
z5VT5rK&4Ob4N@hSh#8mcgMSl6h@6v+$j5Zjk;`x$My`esMqa~_$pM-p_d(=3ihOKG
z9l1$HPUQrVizw$x2pnk`BGp2iUlHWkfa@^FW{%`hq>FaV@c=|l<s$O&9dwT6xDF%N
zKnT^{zId0i9*M~H6nT7Ls3sXXCr?D)$dPr$2Zox6$YlsKe?m~!YFvjo*U89_aAaYq
z>4@A&kxvM6R;@+k5(uH%ckCMZJVdTUnE59Lk!xk-1{rxaNAB8EMOPqlGew?Qqz#tJ
z7de+h2y;G#Bh!4wRdpjG*B}gfj*eU}BR9#&hj3(Ch;!t-5jm#~BBQ5Jvn<1PXs~Js
zVa`K$$vOETA}hv2ktTYKPl-rIiTTvVB@7eo$g%0ZdY}=Wz8i`?4XHG<opbjdxYt);
ztAZI;yTqaJ-K&I<^RDOrfQ`z;B|+n%f3uIU@{;uO#R&Y>OVUdiBaC-2hS9>rJZ&(A
z6QurZo;Hw7+|^2S!h6qZq0Ic5o)gD)1FrQmg6HgudzCEshb)h&yE#=_?Gzm7q}(3Z
z*GX9Tok!(IKc{EBQ-$b+mwWmd?{Zx0MClpt8Y9p%-t{c#XS|;ldUrSPR@lstc8=jI
z-y{tEZ6lEVZ6y=_wux)kV2?=}&TZpRMb);o)!e>#TN2e&6NIp)Qteu5s^ik#)Kmm=
zO+^^jlwq=_x^jZDrX&+J<*qA>tK&F4-J6};&l>LBj&hVkLkQjS-ogH&frNwY4({-Q
z33Vk0Cr`Jzhu9sQ3czLxF~%-V+_(zETYFornBJ=BR@@&i$MwAR`O0gD<$mt6ps2K7
zUvYMEQD3kc3Ve31ay~;w^$_MBYG=8<aWiclXGCSw?!B?hnA*sYj(BKq=l_Uk<3+mK
z_47LHA|sI2%*tPj?ZHJHmNpV|>0?m;A^{0Y$yM`qBoKi*0cQ-JAZj8V5z)DG2F%m}
z&!-K=VZ)RrG;<PW$1<FYAe3~p)w1sKY=0$!J;RyOS>Up(;{BZCsJkM>n2K1QmxFSd
z5L5}K%e}_2sFj*7Cs|OD{^5AuU?T^meuOkT>*oz597P{YRsI({ZMBudVk{zM+9!v?
z*b*MGJ=fds!zfD*f&ugP!JJl01-mL<rkr(DW|Dfv^ZjQ~%qC8mYI)g1@qYd(D5ivC
zPK#xEMJTR;vfX~kv1PlJjN7gM6Uy)thozQ;oZ2V%M;RofG8~RFNEVdgP?VvWw0<al
z1YTPI2}YG7NPEQl_$Q!x7d{xYQEi=Z87cqAL=>XBi~WK_6OoWZ`^EE;=eyC651iZ6
zJuHn4Ezh7AyeXa67n~Puy_Sv7=%VwIFw9HBFfR#BUXq!-94c2W6>@AwCx^<@0D;nW
zs2t4@D9r@vpXy{Qq?Jc{m*d)`q5NJrK3{lWU>v$#4T}v+eu*9|A)TMUm(J+?{LVMh
z0@C^U;&*LzCnrfOx*_IWbF)z^HOPJ0aCD%KnQ`?Vhoa5)veJxf|JisH4xJNs-682v
ze=gpS!FT%$PJr&rFB_K8%UceGBqU#Mzc;e_fkV;&v1~|2Xa5zXDq;Aw$OzP5i&Rb{
z`b0fxzBfK{Nqs_fhVV>$kUt*X^sM^>`%$w;UkDxxl2CV3hq_G(;)UJiToKP4DOMtY
zIZ~{}HFb|<4HABm1JfGH94Q(`_A^I{lC>NuI{%`3H3Ukh5=U&uD}f-OI~5)OA>Ig-
zvQ^NHjzc#phlH{n>t2l0h@UuHT74~Rh_~@Kp!6Bbg96jN<YnvPxqdZ@CgGUsSeE{z
zqlDQ!(MrY>tvenXwc}LDjLSB}d-|sVrWooP-Vh(+_Q5zKq5ed#%Dd`gjA5jBS-i-3
z0}ZW#goB{lFhnSq3jY$b`~?Uhp?(hN9OP%99w>f@b#qstHA|RW6YGw{E12eJPL$kQ
zmNm!dFm(y=zbgXc(2{f6E3qv11uEME0n{Vg#@G<ud7DYaZLyBJ^OkfGowpi7*m>(A
zn9kcwKbXPh10;MNC#;S3Zmg60dKyfQjTb8aH_%ID(Dz~~_v<vMgSro+47D=ohp}9D
z4d7!8X);^(5DFG+vek<Wb-`A~hUgLSH->bCwd~ngM?C^c7><Avh9jVaW(1VX7{GlM
zTKPQMY6Gl+syWaqk0DK*%htv^x<!BmGUW3x)%_^{`&?TzJuSN_*28@a@C$}I`c1Jx
z%Ks1pz(ri&bketMOgziI6hRHt?Q>havwJI<k3&+OFWVN!GAJ8^RY@_bdsMtzf(EH-
z2pF9F$8o)dv!gVIEVqi>MMyXTZ?tGr?A(q<UQem)A8+R_K%ldwqCdrlct<>mhi%^u
z+8XWi294|yL~EvK`^DSp5Z&JiLePM(Lv(<8sjdi78qX>s^~xdWvGaGV_69x_1aCla
z3gO?M21l%mc}~t97~K(V#FkjD6N69>q4UpnM&1FmG$5f>EI02+>c8C}WI>n+p^}7T
z%*&e&p^k)Xd{+|x`R4)HD}%iC6j6|2`Ax8agu3U_pd{h4)_78q1|<o@K}kY0C`lHs
z{{1VUL6SAl(>ZC-6Jv*jT7$QsfrQI$f}Jjc1`>{$#KWS5Mgz%04Pb^me-f5ku*=-B
zc4xOOgg&eh4Zm~C?IM3GPF)UU*o)wicCmNQ)(ka<VK>0}k9jI@{aknkbVpi8*~M-z
zEECSD59~|h-Q00@%56egKQg4*d+tQLj~~A}L-l$%2&s1nr`mn}M(i>Sr0SXfO{|MQ
z3_BzPX-p_^64`F%Uv?CJ8OP}8u7-xCoGN971n?Tk&)&*V<)q^2_`dDjdK}6?STM)S
zce3CX(g5L_I?GGU#xKnf9;|5VOv80~5B#vd)!sQDdzE?;hFD(S_YiV=Vzbi4YUBS6
zC#rdzA1OSq*z(-H(O)GT(IrW11m*36-0tVlv{rxc1ay4A?XZNJ{YYSm8$cIa?iD1D
zhG(#WG-f>Xd?)w7G?vQ4x5<(xof=n{a&%JRp>>`7QY^tFE1j9?c{ji-L_#dVaBkjv
zW?Wsz(J!Rv>pgc0rfkD#5L~&=?&_X$Q(WD_0ZAjk{{BM1yBJmye9_KMUL)Yqfc3-M
zC+DQI^=-Wwf>FiRzn`Cc6JAx1bAq&WtN*a0cRQR?BqLXCuOHT(4IGemOZ6XNJ(2wE
z*0}mbMjz4JU5sobTQw;`^Nn)PMls#hEsb@-m0r@_istMyq&lM7@Q0#`@)=Uu7hL7F
zcF#v`O88KM-1Xd12-}0h>b+x?-7Rk^icpD0Gq=hv%KI2u)RJ(PopQdTqfQbow9A|s
zYtaHB%+JCDYiFXNo%d*<9*thtb`97<W>neNcJmT9psAMh!Y7q`dOkJbb^JTUyk?`7
z=TlpbK(uL}+H?e>ZM)RA4Wul?Hoi&d5w>v&O&j-LLT1yR2(+dic+IQO;7I|gR<9{%
z4NOQ4jRq2u28iH~LJAkiWH%$(q3Q4pPBs$KBx@k$6&7qRr%6>E7EHphVCBf{8V*hM
zdd((iaH4>^3=>%c6EadT3AtcM$oUgZpb`~0_cFVSlc>Q#Glcn5tbLvP&>k8|7>1Jr
zY7eTnt**22;*sxOhg-vAEp2z+&JNl~NiyT36k*0kDFTg;QUvlIOSzQsQJfdGitA#~
z<^hzvgtS4cckY5v3E`SAaKo3XYBmR_HU2g4S}9#s5ooF^0!>vJ7^$jDg$iL+Nf@cB
ze;yBvqpNBgG@z<7Fj7?!Xf%*8tSbM2Yw<ucw*fkBq{91eqmm@_zp>l7`(SS?;dQRn
z6A_f3Lj6u;-N+$({>fH5cP~tv7c!&)cYYrWz1wMxu(dGj+;i-G_1Mq=Asibv3wxNc
z;ag^MY*2k##)h_>Nn~t@Kr=Q(ps|X9k+Go*r>UWt|0E3Sg~o>7vJ;!J!9ZOvW^9N+
zqk)8SY#1(+HDf~rng$nvCRqa`4Q>>t85tWS3=2kM!yz0xGBy|(X>bu}G>|ZCaLWG?
zOPA$5oAgD?z?{*`ZNMt$VTQEIT2SkiDz`tL2U^cc&~!R?5!P|J@L_wM;YkL@)8L4K
zKHj7T_zQ=mHaOzb%%1*TSTjW6?RI<bS?pgW9P%R;aQ;nL3jM|LX&H(5h5q4a*bz9;
z@9G_osary9$PivRy<-?s&{*fLwtM*#ARPW=(1&N?*SSAo{k;J2IEK>*ewC5ycgOlQ
z0w1;8`GWv2;gDnuecJmm4r?P&dr0)bM(!#OO8rJ3A)n>P)J+U&d8*xmP|E)3lG~*Q
zJ2LwExme47AySw>%F1&$qmm-<RXqIQuf<^T69*lIbm#Af!F+WZylzWYf(G467~{Gf
z!C*h&sa*$q$;@CMVP>$8Kr`4!pc(9;lKVZ@C--o6dcFRAMt5Bw>lmJmP;-BP>8U<8
zGd!K3sgDRW_3;abjMPU2hV}6`2aVK+`*dIe?Gr|>L8uRECX<;@Ck=k#W-^`OWT{pJ
z8ntfZkP)>aFjVUf4jNHw8AG9#a{q!2x9|@%FjAX#s<2eAr3QWv_910hqc=dHwRzDB
z^s{CNdQI+6La)htCMYZoJ`~;?>%}ARfmxmKsRE>!>WdVY*d@+kNU;(ErI?@t*E$H)
zF6f~3=I4U+sA~=}2dxok4q7A7v<v5Fc!@W0PRT{E`u&_B4M0~6%<-o~Y003{(OPK<
zNomyDXxs^Up5qUu0xq=&B&o$4*cEU^Y0&cD5E+?ej%23gN0@2(5olU|1ey{m*S!LR
z9cM=87^Iam6{_a+gN5(22RU@psvN?Kq!rw?s)ayzt(=PxtdV}ngKr?M$W?y`2U>-C
zNj_#xV0=9{m?e1xnrSxz&D>yMWOf?IX_EcJ<&cEo>_pS9w>Hp#&d<Unc?6niHv*x7
zPn!Y>X?9Bff%Ru=PLp;-^G*)dpOTr1i7-@*djyVyA`lgWH0VFQdK}6LQ(L*lOy&`2
zCi4h1<}#3uOG#P1OFxp+jF?Np&|EZ`Pm$&_3;hT*3;hT*=8`Zp*IBzUmt@9V5oXL4
zfi31zx~-K{TRRBfL!s?o#qQc#1e&%Mfl%F{nr=W^q;i64xS52LJ0$4Uo~Z$PFmaaQ
zx}2_|nnN{NLxSmAm7F`Z33Hc5=?a*@ztEvq*j^<x72r^Ntw*BNP954hHj#k#sSjdO
z1A~JYt!*WQP}@2ZSldQi!=PGQRU))4A;D<dpR0sM=ulf+>sC09f270suoXt2X@wC;
zZGeu24Ai~DEQ=-7<<-6GIL?WNhp@RsAoniGOmm4aGwem6DeVdWhtfLK;wxbn+R{3-
zPpTyWEnFMCkp$B`a`q4gFDHQwUW036@Orv7&7+9~qrz4H2Ni;LoHHnB$6BEp2%$pt
zBp8L7NiYhP3>FGilfVkq;o2zFNY_RoRVox3+YpS4k@iY0fV$F+{G%Q;&9EJTrYl8Y
zs2VZ~8)qd6tXeH;z>Twku8nHVBp6%W!MW24AZ(nvX)P2=hh0g+NLNY?fw@dqDks5o
zrCJh<wv7-%ZF7dUXj_JBqir=^8*S@IFxsx$owj61Iu7`fe~fgc2sB+O0->5NuYr-S
zBw<Te`j&HwbfpO7t|S>s=hLtjVJM~k@L2?!(*D5Nqz@cHJ8pzw!nywnp;34o7lEb`
zMIg$qkK+uC%>CDMnvuy&Lel{Baa<jTj?DcLXy*P1B<s_RAYnK<t>83um9R-AGbW8N
zm{iaG5eSo_nb3c_sl37oN9O(rG)*M}jkyer%>AG3&Ri0P=Ax1C4{0tl_eY?a`y<ep
zOTy4x_VX>n3`PNcR417+SA-dJMPQ4$RNj@?NT-IOt?g~K@@dg|KF_f;Va*l$<4tHZ
ziY;VFEB~+oMxbec5s32WDYhILgyTXD2|S9`<Jyc1O>}L>g`7RbxUf`A`_WNsG5->2
z#1e+JLJNWw9GZ4n;b>NdoWjwpngpYD9fVNpMiN+SHM~XZ61p~8SCU}*_cNSZWb8Ff
z^m(a@S)N9qX`&HmRI5csp=u2zuxibu0Z$95y@YDzBpB7U>`pa3Ouo*)L<}lnXi#eA
z+c>mt7G~nFK~CX3TTg<~x(Pz4b<T(ut;=w2w63OWW6(MhjMiUqZt3$ZZ0gVfP9p-(
zU5@i_I=D&gjZG{bPs*bMn{pCp2cAa<H8sIcz4PdRrk(`-Y?A+CTvhRonKtKhpTimK
zkvOg0!I1Ku`=Z@G?_u1DX+pfYFWbF!&N(9?tjAFq<=pMrpr1z00wORx3+Tr|BWD47
zGNe?rX3oAywT!aZ3U9?>D8UHcVbVP)ebjUjN-~Ba4beKDzXSJ)zvg>|3rP77;DXpB
zAh{Rl`^1;-8xKQ<@MQSRn&?z^?K4}sDhk<W*58R_f8o3?H^~lwTA6$+?Mwr^>;^jd
zfHf#0Y2!E$>W%OvJr>G>`y49MBuILOPPRpy3w5^8$yUP9$u<Jn_eZjpo7~R9&?9Fb
zR%!%<G9&x~rK(wQUx89xIsb@KLwBc?grQOq$Vy2jlp;&j89m5SjYc3#seJ==wWapn
zol;|Wr<8=DQW3~XNhXw<3_VIXYv&jUl}51ecv!7b>MdC67|x&CZdiS1NKMT<i6sn`
zia=IMvKFO~zS3Rbuor?3xey@i0^=Blt)05SE|9u_fsrmCq3i;aIN3-Sn8h&C1=6AJ
z0u9D&RI$xQpo&eEiHbFGBdzUf&Lz?XBn)jBfowy`T5PDhKsjgaP#35%0(F6UqZD<4
z1;V0X#on_!r6dfMia=IMGNBZ8fhMB|St@5g?xbX?G8S|fxNmn#J-s`nBn*{`KvqgJ
zp%it2YNH2rfjT2l7ics}Q5R_7{3Bi99jU450uqKwMIb9BS&LG-3v7ZT`uDtc)JO5#
zF$)}qDaAlNQIRA14(JwvG*MwY0*_v`Kc*i<bXK2@{tN-Wa-Q=Me2!A1Adn;aJUFA(
zL(q=spTP0xD=rZ&!?h#&)o?s&qTu9+J`W}`A;=KM5&bV=2jhq?89Sn%1`pTYIVkna
z&=Flic0@1y3-2Ue7YqW_Wwayu0ZmazPTW&IjIzM{^b+`Z<Q#y4X-D*LP|Pxt$PxVq
z6tj?1ru4NV`pqb&gxa%qA&P4t-5N8+?IiRv#g)uBqIX3ZdUIG>oM}h&a+E<rD#Hwv
zL9(C>*P;y7q_uWL{}%ODM-m*-ovEnaoY4^Au$^}n?huqgAXiA`(@!sN2n?q)g^#*R
zK_qMm`Wpw;K51|<*Fh!JL6v_TZZa(Ave0&3dv{xSJBEa`o%sbD>IlQS&|io1!U&}G
z;VbXjYLzgh*(NxDps3YUI`Zxw3YY8eI25h9w0HO0aJiN+^zM$pz`MIAJQDxl1Zdx`
zy}KKskc8SpaTKzOzZjT~4idC?_ov88!qB@r0@=I!cQmv*(ww}zsi8HKK;GTwpzUA9
zX;WJYy}Kn0yt}C_rVd1X(!&tc1{a8U#=E;50gQKd4X#7)?hPEc7cw#4-G-6<jCZ$W
z!n=DQ+H5`2gVL$Q323WL5XigxVzkkmgN%3g?P!~2khFLAHaNaHF9mj^(Mo%F|4rSD
zAuVsUcXu6iGXX<KN(qe{qhvfjx~D^<?wkObQG0jK0_?|7*D!f^-wVS@D7?FCNOAJ+
z&iE9=9|`2$U5^M8IThL*EhF#lMQDl=>Xr9p$j?CC#mKw+ZM0?y1Mlw7VVaXTQQd6<
z@9zJAGuH<eqa%xD<lWs!Wn)O=`!e$GrtaKCD#E*4_w>}krl)^{@K<tpZ3}YR{xA&&
zPTTR1aYtDOeGg9CzayxGfzx)YOJeFS4yr4YoVMEmzQvFRe(kiKi$p(TsP!eMZPK@Z
z#}r-daN5>miiCPhaeE-qz8sWHv5b7KJ0a1L3~7$gKG%H#_hYC_N<P<*L;Wvb4s57r
z2=cjJ2lx|19bNle$KmOF4c9^sN|b!AuSZY=b*mwt>z`0DcX3FqllHkDj3J~FcGo`F
zG<4KKAfM|Gaoxn(kz(5CdN~q~K=!#_1}&N>74o^h6M<@^qU3Wu0Y2B$-U*5n`dm}A
z)FFsQKGziD84eNpT<;6@$|(f-T$6e=5cG)F7tS61UI`Msm<o;%&SUVou15&+wf6hK
zy}FV^?2QoQbL|(ULGrzJpF{sJA?Y-Re6Zb(fU`L|RX6!!yYB#A!BB@ZZrGpUhxPn}
z?hWJwy#wWwP<JsJJtWj_*fe@b7>*tin$bhDaCPPX2o1Ke26(JiEh7y|(a9y$8hBVV
zNvPehAA|-HhHlsr8Vw{1H9(&JyI9@5$4cnc-Dh^5e>_%q28OG<Ke4)tz+iQEExy&)
zgc_WSh{+WYvNr~GOl^?f6h8u^c!c4_*q>s6lFYmqyO}095r6LIcA;BNQ=x!EX@YZZ
z#DPK1807nno#Fg_8kQXp$Xa=K<Chu;^xaoHNC9c1a4pvc-Hdg9I&_z!fCff(MsIO+
z>Y3r;fP~@FIs$oVEm@1{otL3kgVFyf2+gd&^B!&24(09I!%*rY&Of5mj|?N*H3>td
zB9N7mtVJpRP3ZBv$c>EaZ~n!OKyAT8p`;8+&|Qv~a!E+rIM~dgWXn+^U00M`4HwU$
zWa>>>Df&TN(UG!_XBa7~gkf1DkjpArOIelM2EG=RoN{ldNskcwAHw~A9z$ySbNgHU
z`~%?rFQIn-KN#&g0t5H|Wmt{ezzNXQjRb}}%hq7#Bm)evvfNYAyB^~ZG$hU4fs?<z
z;MBEAD)T)*?C=J|ZV0I#b|{A0WrrcHAMmilfr$3zrl7;om^b$qyN`1RGN`5yf7n_6
zeGqzX4npX@Oz&Lkd|(>XM~Zu5Y8%Eu>0XaM8vGZd)P4*phrkQX9SAKZF{a^Dmux2T
zn)_;ymo8a}mE~LqSV!8F;%06QgeC~3M_};JgBCf5Luef@a55m2LFhgO51~64+p0-;
z683r$!Uj&2oO!cLt<L^CcyGYdoWI`w^~Ecdx*%i(+W6$lPZcT(xmn17rdhZXabEjA
z=cT(lDR3qpdU&28jcVN=w@Q5Kn9nh!*}Z$cRpM15WCZRkfiv4n*ua0rLCH8MBBkxT
z24mEtlyiqz`OfnYn#mZjjQ=Qvueo%(((>ZDZeLg^0?&=*Ddzyt)DdjNVGzn8kP&?v
z&tk6ywV~A}4KIL(5eN;nxoaqzF?TLUqZuJI_dyJ4<(_TK9f8K&5y<A2EHw9Yn7a!n
zOS?X;z*SH&Q|b+K2S)76R2uPDn5qG~&mD?(^A!X&mW}v6gqa*8G~$u4Py}itP6I8W
zc+?V4gir}V8*w&->!dPd#G9dE1R5jOQZ!@4MI22xPt#_%Fr@J<G-3oABSs(_QL@m8
z=fQ|8IN8vM_dvy)rQV?tA7x5|6N;!?B2A`^(0%TnRxp|36TU5zX&Ho;$#guoWQre7
zrs+^mrUpjF@+ll$_bzizC1E(0M<5$OGGhR&VrVk0;)J!^9LnL-q$;6SmL}J9=u%&n
zkmoI*-UpJiD(FG<ZeB8vPwxehP$wJ13}GO(HQejSb(ikMHkG4mNHc_fl}KBrG;oBk
z5|PlnO2qpfA8{YTp=p1I_jM%BxFkc>piXAY%k`hat6Q#oJy3BU{67CGd=2S=O|b~n
z?{0bRL~PMS$ewt0QgStBD+Bvd^4E28pBDj%wYegrt@0WW@?nlnqwtIcbS~$1fG#gG
zrZOV`;qKm;95ykWAHYKYWoTN_7-%|>;MJ_DgrTMqhMF2k-q1!<$yzj>$r%Yv`$N+!
z8EZ|iwuk2(0!`~-O0CSB(D1}J0u4u#hS%5~v@InJHIy*a(7-N2L&;h+oWmK>ydK!n
zZ$kcy8JAK1^WjBKbtz$(zl34_2Fm;;Ysvp*&Pdx**QLJ$`G3OrP|E*W&R@bXe+k3<
z4b-LLwj^0g{)sJtp?kKJe<$+q&v<{z|2ll{hsrNun7@Q!{szkOOV*PA5uA|@8I<3F
z5Bym&{{?nR=PzNHzl34_2Fm;;YstTM*ZlL5|HCr>>$&_AhWSev=5L_PU$U0`x9pmK
z7v%pl<1(^;Ef%I^e+k3<B@FX7Q06aLOa6s#2K6u6-vH!4m~koPe*@<)VVJ*!Vg3fn
z5kj(-{Ey*`NDJ<NBar`TjQ6AbZ?xO%@=F-zFJYL!fii!|TJpbvGop2JkiYW&!eGCc
zhbTSR&&$=Xl4_#C{+8fXQaMNRy()T@RGAUzRZ`U~=vPTC<z##$AKp!Sl3`>YC1E)C
zMj+3<lC{je!OO1dkhjsW(I`b4s-sw4(y)XDtzqTXpaDcQoXIevp@gA^5y%=!mabtX
z@}6;LhJGDatx<|JY%l_8*eo^NcU7Pv%@&~z4`Ue7P{L5d2xJW<OV==Ubc=@NxTb}L
zqhA<i1pUG=7PJkgvod;lZ(bO7?(Q^{Fw`&tSwqRvHEa?Z=8O{>mKi~}Ll(4#b9blV
z^}Ewh!cfBqWDO+~8sc5Bb!%fP{wV&*ZotPA_q1&Kf4mbsq3Olow~eskJ#h$0uMod&
zU%c14H&)B3NuR~k_A4xP+i{jn|Bp}nnuAZU;@9rr;3xk-y3T0mO{-<49>t$k(e4Gj
zllEsQF+EX+k1Qx0dfhg?IPqc%Jp|Xc_sdJt8-q<G+Jvp`kxU*0_6jFN6;6k1bFjoT
zj24r};Bf7MZBfRDYhEML|AgbyK4I;E9G%aXBF(jX6zY5=Gx-=M^O4Nt^8xbtp3|gN
z{@Ou7dH$05?Abx*Bbmv^Fqw~JCZDg6kKHFQthUkc*19|e%*aM-%R1|PBs2LKCi9Vu
z^C|iT`Bb7_*6!C`siGei<H>nlW4)2SeeAzzVU_sjCH&oXn59%kQ*|(G+=oM5tKvAk
zK>pBHt<;Q%6PI+bRQ2nYn(;`E?{~7)uN;sT(i5h^+4f*en+DPg1twI{^LlL&wDpW2
zO{zB?^cVz<z)R>*^xq<Uiw!wY5a&k-jU<e~4ZxR+5wj7(z7Pf;p;Q@!V~57QL{|tk
z5XKi|c*o+FLm$qHs&0G_FZtR>wi?Wg2EFk;i{10FF_KK*(8^D}s?<mh`2mIO<G0Gd
zGm?gF1?w=!Dr}Q6RjG0gNcR>N_RGot^K_-oV78RlzziL(h8flH!ttH*a}oDdW~9!-
zsReCbJiCR_yty#nQTas(_%R2hvMiid(B=&UG|U9lxu~-P`_fU?!r8Qi^sa-2doU)m
zkMB!C@*bOyp2>!UoOl7UdV?ypi}P;+ZcMoLFT$Dh(hqD^2|*9zw?U{i!W|RwU1}DR
z^B|1lY{(W_-?j1IM(ER-QR~cVZT0kDNrOq1(ZPK-9ey9DL%PK2U*la^$Rg{zgPjSu
zPHkaDE`v~Rgjo=3Sn#Lg%h?wSGw6LS9kWT8^D<7S=$P$t4oQ{`N9zdW(OR;W(b_)`
zxm_#L2y>G#%uT{Dw+Q6iBx}hHI-)}Bu)4a1v!pXDbi>3Hbjf;HV8-ff=SFmqCR|S#
z4hNUlZ^z9o4!jQnA3HAI+n;u86n0*KkTvKZGGw>wt&Z+r7e_-TpUt4w<Br7_i~i(f
zX<2dXF*tB4L`%!TH<2NDt_Q)I8MH=fqPe{+*Pm4h4;qHl=m9&sJCJ~cUCV9i<jSjf
z)>26hT?#Pc(WLhf3V$#&8W>Sv{)+d&qj7s>5dOIZe>0A-FsRYQ7<}D3<64~8V(y%A
zt`&dpf5GQBX3Vi{n!e)wR^z!S`tdq6u5piM=t*tHHIzbZwX0&8_~-p$82UEj_3ou_
zWU9;YH{&A+M{UVeci?ZvPY^!EMV~hz{AtmLLSD;M2V9Mn(4~-cIvM5tf<gXW=xtSO
z#_UO{PJTW4F-|Hb@{eor<K#xq{Tt)+nap%S8?7#`dw)z7^bb;Dh!uLgmUWu^o)y1`
zRhs;b6)%A{q|s!2smpHKoT=j9;h(*s+2olh>b1D|h=i4vedyjO?Yoswe8kpFy|kD-
z5sE9j-&>g~HVpsJkCVr1wqjGJvWrox@%oEwb;_riYHEAy|L(Q2Z$|aB%Ut8CLAcpE
zb#JoM97yq6{PP9=roL~*{=okaU5o2B_!L=PNl^5~D7#e=d&yTP;&1B9i6bZB{dvi_
znz}Ws%{_gU`i}!ri=X;Wz@FbDh)li#Q~%4=;d&1W*wMuP2*O!|14ajBQ+MWOQF_^>
z0jnhDSOYY?l;Kc<o;4zCB|>gsNZX;QJ|6ox5vt`638GKIOgc5&%F@wm86HL<J2Cu<
z;Ru2$%hMq*8yZ9(MX)<VdsqO`Zq?M@9DOvyQiA<(CaU8%G2M@-YxPIH?e}`7T7bW)
zPgwD98Z*_nVi@l}RKU_#&`KV`KO^_lNuUM1Tmx4a{~1@=8*!CU&bA$b)U1k;>wI+$
z{$7~mRbYo*#XnMye_<-#>k-d*HB(W%7f!J3W2p(AfPW4`t9zjbnpgbHjhX5R{B7Tl
zf4-N0-hMoOR`zntWOmz&p~0p2Cw3M7c@}@uOEaukZzNlczv<uFR&3j3JP3PoOidpg
z`+r$b_Rj<G*_|(6rb0Ms`VZ*q|9=SR9jNTsjP<tagxPeug;M|jAt?LLk<jBE=rMi+
ztUnD^@&A#a?7ydAotklKOznlg=`UFEQ%;Mi+wn)&r#*^$mMNHKyA_|a!BuDDZ~DVl
zY~MRG)gJhpjv*~R2N$bJcmd7*YWRM{Zp1%Z&+*jsV>5u-mY{IA{1;Q5`?XTj+r!BJ
zM*+<fZ&Zq{yb7Pjy*jR@e~vGH)b$PeWxehm)+x4fww{FZ^9=m{1@4cX&`+r{5=vto
z5(V(=sfIA^{VtA&>pEPIsk4&K%(LJtOTtrlncDskR06_TUSimZ*j&-|;&#pf2Vg;u
z>+t(ZwGg^r<|TW;G42`GgL<O*zLI34=;g#o`o7Wz4tWrTe6qiOYq@0RTf7m*@4_~W
zCL`m@`8uapM(kA2AB+D>7P{4K<$#?Kz_`^JMyo&LRwr4DTO9(Z<X&*V$mdy-?oW-m
zucLbi7XOlED!pc*@EA*8>48b-_m^F@d4#W~51<;qu^cxT|GUOhUC%~y{xuFX7fa_@
z#e7ER+dxxp#^iWI(%19d^d~6Pp_s{I-y5`+P(C&cv9Gc@)KEl3o?oNC*#BIHLCm`x
zgIEXrL+g#IJ2B<8rF{<lr%POM-&MY%Kvjz@|Mzc|-UZRG<U5J*9g^Rq!A`$<?jEPw
zk$|0&^x|n1yZB05t;Ju}m6p}+rWZ2RHvCnc4`J^=Gu3(ctD0e1HeJN#?92?5nhB-a
zz4}ikc47D(6TVFsu^jxPm9C_D`T);YvE%TMM$;+EW0}4pTr~|+Y%{W@VpkQQ14+St
zqOg^UmE(nZm*KDKd&_E@`ZBP<$<W!V$oj*_LrTc{11meXqoW#gGE~*aR-e}Awnr<=
z%~0P~wr<l6KMdw*KB9e7>E)l)$x#P0qs8Sn)2vo`X^d9lt*kT{uEb?*<8dTe%SzmT
z6ed4{Go#m6RegfFzQ>AK2x(PZbvBmJCG}CLZ;AOszr&)L<I^I!Y9{KocN#?9`Y$6R
z8IbDM|Miww1Xj($H!Z(PgRK|g=J_3WMnksVjQx4lg;Ch~mf)S9&;zYzZfj4i#9!4C
z%NkmKPcWQS;}@&qsP9m}KiO`3jF>a|m*M!O>K8jh4Xghq2z$Q{`~1%cySGO{%@4F>
zs2Z7(n2+6F^S`)PIWpK@rvAgyolXg9ds%J-+FsVMptqMlaQb9#v%QRc8{|n99&Rrs
z47ZmND7KgN$ii$dn@rxcz06S=fmXD=EMq}$FAF(S>SW=DPr`7+*NH<$wwDpe8$QWI
zGo$TgPmxBLn}lI*5{8XB0y#IyT5>~alp0pa*#))uCe`8rx)#k3x)w(VwO9?aRE-X5
zvCi0wYO&D>REr8<vm(uPE#A%P%UWE`EK-XShP4=hq83Y#g{j3#&d#A)tTh7FVgn1h
z7T0s8ky?~6wCigeGE$2X$aa;i#jg60;2n`hSc?*dxk(t-Vgzz-lC|WfYtbJ6U8c&+
z`7Y=j$6()KReXo4q%-5Hn58@LME-RT#Hfl}xsL9Zun>eJ^|4P1y_$3l`lS(czhptz
z=weQY=5f<6A7@7XS7E=DFs#uC6g66pEKH3ynY?wsjLCk<g09imIMYatN*LPsEe;u}
z(FkN4OV(mzU8A3H8q{dR8kI22O~SB7Bam~GtR*+3ulyPe<Xv|J^*I=zDhrNcRAUl$
zem@3(DZpMF5*wF5H|mqSK&r`fsB6?f*+=*0BqM!P!mvgoFsRWa9pvrLDNrF$vpyZ@
zNv4fRH9Up`wqosF>bvO>zv=({PcZ8qCzPwou~KdUW?cyj``dZ=_8umq$sCkS^Fe>y
znI<FN!Vsq*swy9^{~;sZ#gNRcbt5D00?CN!P#e)eI?OWN;%T90*exUsjTnK#hz*<q
zo$wkXN){S%0|%rgPEZ>$9pX3o&%X|>Ya2({3!o~KTbG1k>-v~O(#R1SW*10?Nr&1n
z21>*H!%0S3mxQ5VB2XA6_I=PfXd7S*BUxw|p99jKB{WPr#BafWv9cJiaxJWDb4z{?
za-p*rt72cQRZqlHxvI#{T5>&{O8Hkh?5--ev)#I-F|{W{`UVMLr>uH}tdJqc;+x_&
zrDM;)Ke0LZhmK#Wx?%0yrM0il!e3P{>?KNTIofia{m;l=FTjtq-S|_uZ^OS1qMVMh
zJ8GTYmpL76kIZ@&*>7h^Hw3DVwvTd;#Mb9mhI+4YtX-g^XZ{fsSQn|n&ehSA40ZJ5
z?OZ;BB|T&P^I56>wE59zux)Gp3ljN6t9{T;U%iOGs-d<&5&2%rzaB=)>}B_G{({vi
z+h8K<569o^nfQ)7hu8-p+FY7w@9uX7-k{Bp?s8NOu#4Qy&)_o%45@om4YWJqfBsk0
zxS4k$zL(w6e?JX&K0KD;zHm`XNLrP5zByLlz7F^eN2kUWtd^ZG_rMdNq~r*@gZ>m)
z0|fIaus=CGB@%uLECTrhQxV3SYQyBF8s$b(C=4Zds^^Z?QVZkfBSGC2gW{?S2d5;U
zV3ulI&141$4xeHEdGFx2eQbxSpqUD?ubrh$pDGAU?~v&$A%rHsoD*qH$r_U{Vkk_G
zdZ)wPwmJHZ(@GtpGkxbTuJ;3N=V!7W<#Uj+9t2~(4je6Fy$EFMMHpMpFloJFPEcA;
zvNY=r=iu6U2f=#nD@6iUMaAE2Jv{25Qj1V2wA`xNVda)_$0$NntKzUfeRVbdsutPK
zR_x<SuzRh#$1d;(W6B!GLG?y)f;G?`i789M!q@N_HfJpMgq0Mp(&~`dA3`kzYz&<*
zkYEE{(}pm6VN5;sXVA&WYE@IPA+*z=-Vol0b}vKf4dI2@5K1UEgkCNNmKm%o&4j(W
zkI+-*a%S}A<*Ma&uAVX<VMu4<;moiLq?sWd>Y2enIWxS*Nk(P{3B#Eo0>#X*l~W+|
zn3+McaAx>`14h;z=@5y~e{Oa^Jlf3>`T|s~w7ckabvLdDI>WD81;fw+;}nLp>d=rD
z7*iSc1`MsW3nXi$Lv1Ys<tpuBPBLOG2}5f|ps?2EoB|DX##)kv)|$@&sh1Gc3ygG#
z-{?QL1FZEbN9X}i^_ZRS_xwYt9~t7TNL4*<w@E&PgD?ZB89l!xD|z*Uv5-;88pfvF
zLm!B;!dvl;dhaw0iNAA_g%q+pD|riI=k5$T2lcjwqx0PNABr*^TO|*KMm;$wmFxL8
zv;1R!Ph+j@Udb_O@T^X`$sf?GW#qH=Xycxq#tMJ3sDHvDJz<g2oRyw&8|*wsor|%U
zdi(QsRvTI;oW>#aO#6Gj_YkJWGelXce(%<11HzrdjP_eqf3``UfrH&S%(`mU&EGeT
z?RXMrR)f-E7c1Aj7H|Q_rm=p9tNrWqo<{B^c~B1r-TrzA?{Oe9HDJo$KEqZYFr?Xu
z90mQX9aw4$h>-mq1z3r++I7zGoSFZFHwp<|Gd%ZH2qrkySDWwSs63|zxFLv8;EzV^
zZ#hY75p4#?i`?6uz>DVuMAG}?HyC>>bp4Tkp@t0&hB@o+QL33r(-B`9_!||~`>&vp
z(2}{|2eE;=_6(%vpli?f(DL@=phWvM#oD=RRz_iAHs%fIbPU)ftus`=k7N0X2@t9w
z(6QcgH{u;NoCevcQ<jxVE<ZR5^Cz`Q?i|y?sB-gHwf4r`8w(>7+j~GC{Of*<LXP7!
z>DV7>4))(gA=N)YxhSljE{0-ekPzzi@n6HtAfcWa7Gq{GkkZsEqE&z~PLm8^rVDTA
z^)YoKYe0h<N(#Ns!1Hi3IXIcNst7NVeGDDwB8Jq>0Xz5?qwgC??XEf(zWsPGI)pSb
zmvks}e@$aS_w_d*(d#+Ut`t8HFK!!@4*#(_Chz#UB_u7(&+690FFwr<V-staie>nB
zV45{ak}p$Lp`Gvt;(a&<k^!o&f*-?I&`H9=KCLYLrjq+Wft9QkEu+uso|{~W<`!W*
zR!G(|R{V+-9uX<PSo!{UC*dJqhGR*IB5SmNAwo*1N9&}3)KaPo?5yN<u)sEsPD{75
z`lS3euz+Nt1tbhDU|_@o5{4GI8KvDJ^gpX_&|xIg9Y*={&;<VAptO3gF0_l1t6^FL
zvE))EM;E$(;|*Mr6?#}MC9gpX`H!O)Qpn@7yuRsdBDF%L`+q(9V^t@NgVd=D{tfy`
zq*F`S(y5zer!L8F>C{D>2AMSM)DoIbZ5VY*)2SsBoq7PLNgXik)DJPF(J$=O5{8{x
z!mv{t80pmYA|vk9{wwJ0gPGIN*(nDP4}DM>g}Rx&zB{;J-*_at4*4+pk4ckeHvR0-
zC#X;f&9g)B1fp?ef7YQJ=|JO(R$?{NB2d(0FQ1fnmLb)q&X1JX1(Fg5Qnw71kkBaM
zKMOPT67908*s}ajzqQo>hHXt|Z|@GivO72)YV8ue4n95xhPGLd28~)6UCzf`efi%(
z!=*8=>aQOD@o7xY^oONGn(1!`yoqCrnLgPK_nhx%PA#<R?{@A<_$r2E2OZ+|Rf(S0
z+o~EJpz3GOFGD~7Ud)Ue`dSC*aZy4&D&!4Ev<5^&koNB13-DDy&W*P78wTR-$=_o-
zYo-t-R;E*d;3e3k(me0C!pl0#+3e)bvtbWxf$}g=OE`2nK40*k6Ad|i7(CtngCEW=
zA-_w5(;MQRA8Wz`-y);wPsUT;4cnve!uEPNL4#}uy-w%0N5<SR7|SHmOTthu2}8Xk
z)FDYP2}8Xi(C8&$i(aw+Y&D1VqAl=-Ju%?@_HPvGj`9zhsSK%M^X}k2c*-C>q<aNs
zdIPELhEE$@&biZI6~1~v!thu;0{K{6vb1CIDQFk-M0ek?kCow$7LXQ@8+<JA4oBO(
zfkV<V0x;jTv1*gh%vkPVtj_0iOV;iGMLW;E6(=kAiv?EIOE{l;6w9W1hBP)+ZNR$*
zuEuB~p*}i26`KnQwQ--qd?(@a$760@j2(-CddG4?%6$gIqh#R_;5(SLx3UI$eYF`H
zT>71g!s)odd`=pqmFS;npE9<dOL}90C}Gu^I8W%92K9Nu^C-RysVA6QP<#o^0uko%
zI^jHF6!-Oh060&;agjPAQ?+gC77SwtVve^e{%Y{m<qa{l<{{h3K)EXa!SzabB!AS|
zQgslD&#-)_rU(4NAxt>f&2X-ybr2lbkIheHBrbqZ0)ZUD54$X;e&y6D4{`|q<_lYS
z-Gdydv64f0T}3RyS{%ZY9C8$eWQTCcLWgh(;Si4C_|G|_5(R)V#b;WDj+&%Y9fYp6
zv37|YAT&eB+M4J757%yw7L~GWi>4L#o|CW@Wd&&cL#g0+t)zbtG#8UN94Fw0Hw1rc
zJj<c)5jMaZXiX*_guW4mXogTc+|Kfjhb4~Xc+^<P62HR|lb9JxWFL<gBM7D~(VAT2
z%P^+G0@>seUybXq<TV_eHn_$WemS$JiLonu12bAp7+3hr0YOn{fH1D`hS3rwbcIiG
zK+@f~!W(7+YFGF&4%n3fYFGHgAVjJo?fd3AopIfW>*Bra0w;-{sW5mKXWPjH9YB;o
zFb5CQg=*&DL9&*EhZ!7_HV@|D;U;Ff8}q?~WPI>292(riL2109gNGhiwnrEpJhV@P
zbntKwhBg_{96U%CZYGq|5mj4BrQI8y>3C#Z3xNhBhX$htD!Lhjo|4-0AS78h2r1{V
z1(>cW)sc3>>5VMP@PfSX34&?}It#joR%Zk{+G=D$A8Gx-`E`K_%ssPK1B0ePYqap5
znS|kyRs;q|TKWkBg*WfuC`&&<P(p9vp|aAA#!4g54aQm)^sVGhoN44%vV`Hy-R>Nc
z8e}+&MIg^&lC{iY`d0D)PJ<?AJuA@j3KE97Nf_o9ft;IUEx93mtW!4Ooa9K(lBUAq
z{p|i(t<be4?9d%!jMD=zjcR~l5ackY9R%gGi{g5$5X(p~E{ZiIu!~{?U9*d#Y9(A0
z%ODsR#mTG!bz9@2D4BLqOpuFW4aIu0e_|gzu~Cm}xFja}<GP8i`P~03PK`Ei=8b+i
zS@``_&!K6d4A-IS;e{NSR*%N@&@ie5<9aCBZd?x=I2jtrjO(Ff!u2rr(0W&G#ow9?
z9G;cz6}0IqDX)spu>AFU;-68BX%JrXm7iRAvaL>HMyI@MzAi}qi%C<m>5q6`)*11T
z(ZX}uQqMac{qY=*OEv++V_&C&(!+XdzRp*v-;T^wosP;>Ywor5{hCyt@tNwFj8<w5
zp1eqXupv`<@C0A8r<Ho^%S^Qse`~(9;{W0QUBANhr&g@a_tkp*QK6K*86GC_2lGAk
z0sb~zXQjS|zu^b?+wi*8?jQIEmLlkeZg43)7#Hyh{BsMDAFTNAxxT8Nj#U|a;%o{Q
z`zj~6kBH?zybA~A!O<Uo8xoY!<cqLm=(3Ne;_r;~R6AU3{K2wI(K=J>$~<+|egOFh
zr=N_x5t1hDLCCweW8<X2`r|R%SQYPo;Hz;T`fB4peusj%`hkDMS)AHvS*ccMJ*y({
zF5B~3jd%jSh?PMySb?Zl%dD(69TCz%s=`<IrOk|gC|c^?9F`i~#u&B*KcHC~NE2pw
zmoNhPK39ZsdpC^Rd-CfFrABcs)P&7lLdnAWTuv{PwB!i9C@jNDWtTwjN(fZ4?8_k3
zLU{FL%ga6p#cUv9g5|Y27{A=WIdJjzn70aR3kpz%RUDV~!;=EL=(0LoRs$ntjX*AI
zgmGC7lV$ykbCG40tfj2Ovhix6u_$Y%)yHZ35mqe_4*uEp5*>~~@gQt^#q;jN!svM}
z9Sw@KFgof>TWw}W<2x-8FPj{Tu$F~U4*ZDC((pZw^)X_F3#4X-WEitR%I0D`NQ@Uq
zDQ47_%>t>4nOq<lX4XCWS;4C~An9usNQRk!dVy5O0kt-IfrJ=&zs|z|fr7wTMQ--Z
z`26<dpf;)E2s#&IcU2RF@DiQ6V?-w5w@jzYG>pi&zVtN5bAFkMH_04{k^gFZLGMKf
zWf1DRc!?3c=n?<8y1RWUG2#nsesF!$X<pGJ*t!|ln-+CT91Na13fKQD^cEny+>-+x
zXbG^Xs<T%IHj)|XwdovMawYFX)$Cw(=}`Ud{u%!DX^f^<_jsf)0}_Ob{XM6^p&r@Z
zoho*2#&s>OOSj_@)HdTV3zBe`ouBX^G((_ij3%dvLJ{LXFPZV5k1%f7hRKFKh0~J_
zTe7fWqlDga6z?LAuqPF{Yn#OVr=h*$A-KEydWn@(BwSbKdJb8>4%emMWp>r3Z-!t@
zUxrc{)7Q{7oBqyIb~XJLX0)^pOz)n7+H1v_3RC)X<^cC`DA$_degVvNpMgdd3~5nZ
z`g>-9{}y0!N{|yRxe&dJI{<1#Aidqq-+-VA4yxlfXXd(H5Htd>!#l-%Y7bpGDD|7t
zotZ&{kT7fz=@1e0f62Y3$JKC7hRU|_ch@~1<&~^-MP^|T+|H`>@W{|9o@$#~5tQg2
zOxae&Q{Ve4u>ud$t&cgwOA+{qxO#U(tXHBRgfa+kJW!PAjOzxvF3)#npp{lXiH8-Z
zTJ4H1rY`XmUR}9YtHeB9m+R{x-n6UZ>LSjEy25+i+b5pJQbOSg&G&kCNIZyURE_I3
zOWOFf=UK>M>3(Z*0elf??-PO81L>Qv2FjbThLJVRUP!W*z0jSU4_U?Rg&t=n_d=41
zz0f8OO7=E;p$Id3AqmZ1D8l&0iexQ&A$R1IxcZRuqT3C{ZSk&@XWqBfUqaX7c6J+Y
zaT?4VjJMXU2W*0Mi`(0si&jF&c?MtRpkFGGa2bT+j&>V=41~cC1dTzrS$cWlqiC}c
zs9#?A>Q``ej0WxP4n8lYj$+s!S_a=W`2x%MyO~mj6nC&o^fF$;U>Uy#t)Paq>0tNq
z+v0V$4{<!2C5rpmz4d35B&7F_(}%nwjNUs=-zkhh^Ie*UIZ0X?nD>smi=gh~`~yvA
z$g8!p-x9o<g0z8um(vK<N}i4DlU=79y=fOh@j$z0A_re`t%ooqFFS7nerTfWjdUm4
zIcElDm*;f2LC$Fq${^?`r@lQ4(+de^TT({?Z%Z2K+H6bkF3a%AsS*fgJpYo_rE$oN
z=aQN6Ji>T9H%yM_-wRWlMVVw`JlD@N`40vSMQ$o23pW)`35-$+&5KK5E&8xz9RyQx
zM{_bX=hKITbj3xWskjK_Z@4-OVAQ4{?V--45K?Q|!oS19l_Z1~CV?&7MAvNLoCaax
zG6=@P!&o(H5XQoi84E`kTi7sZ;e9wgTDBPrOO|foV>vw8*=*Y+3oVS_{ev+2w|yw6
z5}J~WyVxDwZRn*E>fzs~gOy)6?QRsb7zeR*z#^gE-_t>hgyDgUfqIDK0~g6!4qQCd
z1K-<W#d;w(8tq@j$X^Xh)AeW2whq^8p7WgdPsQ_uxGw&~^1L#PCbb-qMw8JSX$hD-
z95{bvP|y^m*Q>8jcMf_pqrz+D>CV9}knSAp0_o1dE|BgV>;mb)L&ESTfrR0KM+EYL
zhh&ihkHmNsOg&FV$#OPU!Gi_YR1oJm2$e?I3#+DD7W{Yc%RXFgRFxWiFK&9~B7}t6
z82^n=3wfJ0(XYjuQqx1a=VP^HAdQjX&5==@5sk%Rxg`wC9f4eK$wayR&!N~gF9g*&
zhl)^#m)QOU*kDRbmD_9ts?^jAY#6G{N+VDu))|2+uZe{`y4{mnhkk8d+4KkJM`zSw
zNhAzQ5`kP2$wWz%ZiPEJX{rrfd8BYTGS>nrTw?@MxZVg_VHWiLDU%S*n4#kFb%CL1
zgApn&VW@Znvf`3S#gQ2POa6IdTph`EOs6>S^(}H|W7#Iz%I|TDBhl(6OlvQqrS>gy
zwqxa2iR+brW%NkC389vgScxQ_UYwWM|5j{D5a8)gO7n)`x|yyo!1P*sH|E2aAY6ox
zZWrE;4}U;dH6(tB^Cng(br8BeWp~Is4c(#<Lgp$gtLeYQ6Nso@M#RPaotao)meX|s
z_Q@R~)IoTrsH49Ef%ab&m}?ZNQiuce{{c2p=qqqHcPx}KA*i}mjgNIv{t2MRaJ-%r
z?<%XedjwVjr!b_6YSkfD(w_i$8bjK~tr}w`-OKCZ>Rg6Yb#x;b|MTBK&Q~zM9pLG<
zcG7=QK+@ppSKy0JHZmc#T9Xpl$|qyp#PMm+eR?xIHpyrblJR^po`hsXmy9SO8`G!C
zS;Wa+&dKUp%2^L9nOZ6*!PHU>gs_(CA%wNm1R<;?|08I;Z+%b!G~=PfUHt@ZN=vwE
zpLjR_(YK;-#O-!_uL;GFA&30f5sA2Q+-<*aQ;;ed7S%cs|MU8S-?mxs#hBR=ALC#$
zX9F5)|1M51%pv8tp5DRkk(h!rfLaLC4l8iFR%6n^b?E__o^uIS4LPrfRYN%mylSYW
zYhE=p;5uBFHA66~hRe9jZK0M~HArSw4H3qx2E%AgWu8;NfzzX5*Q^>OOJ6lSE^KaA
z4U&mfL*jebC$*96)6Xd-``|jXPYncPpL$$}_Gy9;uBvigZLv=oU9)|vaUI&H4uY}I
z4%Sbusw6Y^i7>X0VRBXVizu(Lk7Vig@g5FZiCnizChViv8sj;<Uc2-!)ua4uW|6hV
zE|5n1T_BD6yFeQKcY(ClkT4wZB@74r2;>1@vdDm+xZ!HFc~r`K19P3ZxK3@t2tEMs
zLpmLU+GSiiT5hcz6EAkBVw8B4AuS02`#A$|#tw#}9U9M0c7^achgg6R^~2jI3)9*9
zwqB-SlzjdB`N{1)kpCk=rBEZU|FC27hi&-siD2gp%uU|+PE2)YMiU^tSg!Zqcmud(
zcp+aBBZp-CVmXz37d|Q_9GDiA^&hqNUruAwG3NQBo3Q#40jK{KPbCMZ!3%qP-bg2|
z4(EWh54&(9wJQ9VoOv7G<i)=X0H`0)+Z}<zOSXzecCQ8@mvcz!6ZIqeDrYt3;yN<!
z(eXTI8H6SXTOWWw%pVw5)#|`n|6l>L6`RxKw*rz0-_Fj~xtV~(bZ&__=BL!=xOzLc
zbCPn-<)mm%d3#((fBUU)I2TM$DIH)@3H6kckF}?SJn|>bMPn(a9L9CbqY~HP`su4^
zzQ+#@B+Rpi<y{V;@-@sP6>uGJNE7wC{%L?iD%3&HlMH2D*2t3#W!VJ5%w8*y$oxkG
zThQI;r?0mAy8laqItS&=Lc_j=!_w`Jw~rZ?EP^qd$Ab9uet@^fcXx8YYTke<v_yCU
zX_){t<^)TGRVY=8qtV2#mk3MY?A(=MxI}maum?kG8G4Cu0&*D0P%IIWeZWUEKbN$b
zP~blb!x%<we$|=r_I_(jq7gVH-o<agBr4&EHFhWObL{^l9P)1piTM96im5|5r&3C_
zDxT?{gC&B2wEWX9)RzLD%po<TS1|ZKoM|p*x=#>4<t{)_18L!;<1YeS!XfF1&3M@O
zFT%1%JRX>y`r_8X@KNf9^-KjrZSLvz5Pt_+fP}j7-H&u73|fTy22!0a6F3vAEE-48
zW~e(tHL{|Y>PZ-mqY=pCsAOUsbuL4jsz+PF$eHrHVNrY!XG31K+69pIE)pVSf9=vH
zq28d;WU&jR$zm5slSMkzTLuGZRtmQa53)*nA7MTKAYoYY2;`DWCQ6PBf{pkSoH|wb
zdjs*UV3hYYW;7t`qR|#;7f9vZ1yXr;fmGgIAXTb_;p8Y`ShNV_qDhukG^Z35+k}eU
zGR<o3?8M1(?G`@y`xHXSoBEd`X9I*r5+1Y)oEcMat8y!ZJMj9XQy^4B(6?najl<0+
z67IrnnFa{W5NJ6xJqxZUPXwKSmdM7tK(dw>Aobyp<0&M+07){la2m+raMLjKIxviS
zm04I0<#0z3;};-FMhmB84SpQK0lVSacp(@@${Q~P$)a8e%9&5rc?;HA1dGmrPzga>
z=Q9|jmISiSHV6$6$U5i2I?Fk0nx2exBx|wG!yHl`he~Fw6JflpG)!9ONluSO47041
zOe`yve;W$a%n>M&E&s#oYaYWGB_V&x=XET%x<1)b>02Jct>-;4c+@Z)MhOtSo~A5@
z#egf{N_6nYAmmDhq?;aQhGFWE5Fz{fDNGXv>bc_rOcR?hO-QJxiJve{NT{a?e-Dht
zk8n=3>RWX|e5Ah<qp^f~G=2dkl`z}{DrYfv7|m4gtKbBgiIKkKZ4A+qto+2riRdB_
zrd@{Tsz#%S;JWmISe}0>gl5k7ROH+JaJ(Sscmb){-H(M=cxQZd#e~%3+nH7myn+Hj
z|Kj))f}n%^;RtFVP0!u$wF=#SX)v|f>a6^-RyeJBDySe@Rdip1mB6=t6zYbjN8Ka`
z?Lk5Bv--ME&&5Q_P!GlTSy<QQ(PxR8QAQMp3ZR@hFipujFikyPo^}E5y;Vb)zRpXG
zKLOUj^|a-lbKYr)h3nFzJuh)Mekj?7zB8=Q>4EENT$kR0yV$3XLJSgcKQV6tgk}ic
zyWwRiy^h0L<y{EfajZ53zf_aZ#p>wyek7)5v6|X=*H|gHV;T%B@?-*EFy)}syt^;3
zTKiS;C=9=jDnsgz$0`3MB(Q)J$f5+UM*<fj0SUtdB2a%`)o+D5S;PtGI=O-CL_%FB
z`n0c(3VAc?q7&-k8;+;z;%3x^u8PLM4y29i&VgU+(?N|>OE10E367eaRdj&x9_r{}
zuA_1YrjBZHZR)5I*I^yyyx&qs<+u*(sFnoOkxzA0z&YyXjJk4%!uSS;%~{uABjQmF
z`c#A6Io>5?NK=yrMru;RmYN*G@gp@UVOS9n7*qt+<ldY>q$VW{6Ntc;nmmLPh}5Kn
zExqe#4%(LrYijf+hS3_$`9Qa9U88q=WUHq+6xkOwTCS^kT@-RPPoIE23!-m%)au}@
zf=~mY$KG(MC_p2vCn3u!^fDp5%L(*Bs>V6y!)JoF^ER=88Ts>1Rmw2Zap6$~S?8p&
z%;6aYN;|mx!m-IW#JJH+dp1ass?+!x8%D!d=x1ER0d+R~%5B3;z`%`$1JV{V@H1A<
zTUfs|QL!JxXV;cafiEYkLeuS*dti$NQ!#veh!Bfm3m+TsatNiDWO_y0Fp<<ippT6P
z6W}<Gycb2j7hBawkm7WaB0g}}(QU>IAA$OIGR>72%Ama+d`xmJ5?H`=ETy^xscr&%
zOa`S?|3<12s8jt9^V)M9lv=y~!rtr1>P3dSX;4<m?}N?sT4AFtPvKTd=66vTuGD2n
z4Qb`N3#656I@EK9fw}{jyArQ(?s_~hD|HFO<!l7<a#k|AoYhP6Eu1tx8LA6LOL7Ur
zg6#sSV7ovnSUS`NGf<bo6s(DJ*WJ|=Ov12W5y%CTEK;!L)A4xkb3s43nhN$1YU~HB
zt|Zh2JN34>+LJ?$K**I3Bntc!Kf;sH4E6Hp>Ug0)7p+=Cy*#Re6ODv=dE~r=V~Too
zfK^w=2RpRyX@byg8=j6Q<K}!MZuyiMfs9#g1TtbB3)*;lvo?CMYm7IRp&r<c@gxk5
z7lCX%$)xd=vjyrmBKKAESbeo!s9yqsOy|%xt<ngjeytHm{RS4a`p2-Qx|)spXYNjY
z2}AWGkkywgqCP5-{wo??3cpS$@y1cD5=Y@W)r9NgJLN53g3$@rTQ0GR^B#v#PeP4V
z><+yK-z!-Yv>MtgY`N6x<&FZJB;jRNANNGS5q!f<hrHbC;}4q}Q-?F86P+zrq0t=x
zcr-(5`MS|9#nI$0@V4DR_p+U8myk$B`S$5CbpoeLw}NzLl<rCCnNhmwP^X&?k%~iQ
zXd-(U-RE%8Bf9SbDUWoh^GJuG?pJZT5#6t2NUdBOiqcJoI^A@L2zhs+E^|JH?sKe^
zDjEgH&oW4;a&H={>t41C9aVuPD$yjW>Gug8oinL<e1hvNySMxE6EU@u1Jg9Q<s9tb
z`_mJX2mzss(*?)9H4sL;iG_DDtpXri_>rd<0nUp-1EO6SJv{Y)k@p_pRTbOY_&R6j
zbO@n@qtqyf1;vO6c4NV-*aE1rlPeZ%7zKL^V&P&7DA-V=(rv-sMNv^i2%sne8nIqP
z!QMc>cdfl<GILIHFCX9U|NI-zv%-GgX=~Q3DSP&uy;G~9)>}&QU~<{V9F+VO^b>D}
zak;*WTHzzIZ)2<RqIW`)w+|Pc5$%%v1>@3qC9$hZi$+CT3i*snUJr8K4*1TBl02y`
z8XN5@F_*hBZ;0Xx-H7>_lC0FCaT=5K0h$yvUSlSelsxaynA^B9??g=2^Kh4}Rq|q&
zoWc($x4;&rlDw#1Gz&5La|?!KyYuH3NTPn{MtxkP8q!9U@>}S0K2iS(Ex)@<J|At_
zrVE}3HgJ2t9Nj6i42y=p7lbzFzl-MKEjUSxU@qC`Lp))Y5;k8LMwJp4VY`rz%xtA3
ztV)ZP;0L;VWX2`MoB7C$OWGqdhGajOtw&~D&K#MMvM$!Ldbnk|q%F%OZCQqN%W^qe
zR=-Pdv_vh(GYr=&Ieu62NG^*q9CfOy#U0v4b;&U50f;(0H`gi1)g>FFKB>9#7MSG9
zQC%{Ox*c-8Saan$X3={%w)F6sKFLut&w;$cDPKq)H}gmydvZw`dvZyXhkvQoaH>9<
zGmn;wj^8775eA_fl*3Ar2b<JI7>vHx@qqWe7oF5Kbt2*wz7aZ>3<f84E##xFvy|J9
z<DI#goOE@$EzL<+Lt@o#fAwcLZaj0+)#Vybx;~@DxF=l~IqI0#4Y{0i()BBi%8g`B
zx_X>B>FSc^q^rm2NmrL^Jn0(0z7M|6@)^4ASz9G9#r2O`t_({pBU@zNni=2=w4oWL
z3ED@tmp9-Tl4DAS$>-olBQ+}D=`Gp@w=^4i!n?VEZLkBh7T`LK!9ygEM~Pc1aUu;d
z0K(6{G`tlS$93n=zGS-m6UlVI;wA@~N>&cZA*-Tn>&*L5_*czAYEc^LEAQcP$?%mO
zJZ9FjZo6aukjKiz+hNIO0F+PDoUSBK9#%&~vLlF&S6339qcM4<B08=(DTfSoq|VpC
zVd--*d+JO$YKf*4hdyho!ejBsXM%FuBDY1?revUUIr;TC4~i}sc1R2uE@=lULvk@@
zP;@ynP*LG&P~c@%K$`u!l&rg4E`0MRy0lA*0^HAYN$KagB=n#{o}uSzS(|ZX$973x
zj&rMqlUDpTx+TRYV>&Env)$4*o@tNg1h`(ZQ!4%|4y)ATy5F&F+x#2XMPG<JB@@S2
z;t+iZLf`5-FKl7kZo?4cw)&9dVM5yNb+nsDYP(VDa75oq^N>+xQrFbxCll?UoJ?Vp
zx)%1u?apy-yzxCVyJNxQa(f(_$R-mj@WBix;vNqtP|3pgTH|1o(meXE*rmAewH)rj
zgHna#bGc6KQzztd8E(PC16pAR(aCbr9lK{nwe>mv{Znee&4Cwj$Recgyc}#5Ou6XJ
z9)+#ZA?qEb7u{8oJQDrU<+`!WQY)VgsKb)byl61$y;qOUUn8el&gtGB@(S@E)cji^
ze9?WysX0iKT@<F_T^ddk#k*eWIn9GTQuPSGd2txtF$_<w1~*;HQLd0@ur;csbgb#&
z1m<#f0{h;nj-9~rNOtU8QXD&%gjz6pNBkn`RIQ14%kY+k(@yibx9Ve=zh?wqyy2JP
z69Fl_`O!_BJtEBu?ZOf0n&-HgR<)F_>2kJfx}@!zxunz}m*fhhcEtodPRr^7V$pf~
z6!t{pzpk7tsL$`5JR6N~IO#>VMK`BZf23ZfF{NXizkT8RvjTjEIcz*xfsE*ydCTEA
zUdftdo8$|*<gJnRlw1Y&b4||MIf&YUI{yrhqA%ecqqY~1s!&hhpR+6))v}P+lRM}L
z)15hZ0*{<77kUClPM5SJry;p=X5@4^GjbO4&FMfbiXEPd;<b>=*@nm^r6F=jWFoot
z)O!nYB+b?3Y_7Sa<eEz&*LW-3@RqXKrpFR|^IMH;$%Pf(R#yT%QrfI@Ny$2wL;}gK
z-p%firn1W=CA(bGWJg~)+MUo;cDbZvmrEi$D(sA*;VjK!9}wJ1e4l>4ay;ZprMWpT
z$}Nk{lSlH<kV}dJxg;wfg<aEBVgG8Xuso6r%O$0-T+$XcQS;@VXKQv}t_EDQJdz8`
zC8e-jk_)546&K?>&${a{0tDN3(y0MGtlSykM1xx#vfPlT48!3!jmeK@CFTsobjdz%
zWLhS&*exzopGb5Es50Q%9kJDC03Thb2e2<o_)>G{yJWi^=8?J`=5lsBEV<!0{5DLp
z;B_J^i2pKAL&tBF=L0FC_)I*7%q5d&WB1&U+?nm+ksmcVPuKQ@g-cp>JyO+mIjb%u
z>Y*2Xt^12}07?yb2Fg_`NL~!3)@%9f{Z^?~uY`j&j{{aIm$XWGq$=fdjY=V_&gEDF
z*PwL%edEM0F{<+Q!>PhK*u*(o%Vg_(G^TxKGfa6dSA2gwmHapS%q7FaPK8?`?nq6~
z75QjP*tK0wrbq7DmpGM^2ICHpM{)<qC8Y!8k|++tYCURD_HUf_ykYZ1Z)j76Yti@@
zX#9wl$lfPswu&$mJ*^}+yjEi+GI?BSzE%3@hF+O{keSO#rUBBsBxedGW?>as%Suel
z77oO^VX@}5J@Q&|QcO01es+rO_X-|L@jZ|s*|+)r3_Y6D|D|zza{3`*`jXk9Yp~ij
zy&;|SheGdO8kgt9CI8$pv-h1oCtn+Fffug05#?*67mfB~>eogK|BV_pXs)8wuvGFj
zhvU1j);r<JH{a&1)rjm7AX`aQ4QW)B+r6JOCi}a+-E&F4-NR-h-wFJoaoJB>_l|T-
zwmccHpm?>>Doj%00%+A%*`bKK<jih`1z1JxuN-f8FS(+9<{+%1T&^2dQ7L{CluP1`
zP>3#hUajeO=k&wFJRfc%PnWZKx}@gG?fjjl@6CCh+ft0zUVml73ohHvhLpOCpTs#m
zt;Q|cSs0yR^io{g_($vhjAv|`>)6WN{~MB9z}{QOH6|yw_tqY%_h^OOg*$3&Ztf-5
zM>5=lU5@*@^x#|)mgV$4G(GoHliuZQ`dkw6JHLw6XeFxt(d{i$ccAJ2rC!4Ku^)}k
zc7BrYe>nWsFnp+*S4O*=!|(<Uzolj2i?}!Lqsm;u>F;inS%EyumE%)qi!wo~&7xhg
z82$#gz3_N3et8I5wc$=(%>a!g9$xKK&U&~@Iv#$l#<d<EfrsCuB(K%Q!%6P7I_j<q
z8||ZeB1zsXbU8K}74jpl@fvgUFlK_Ebk#vcj*;LeT@4E4NtcPujcKQ)DVl{hExDwf
zmON6YC6{ZQmPEJ5n$WFijiXzc0@2OH_H=u#DcxMs>gJKEo69-6@!f2_X3PVwv9QaD
zg)ugjV@qjU9k6+D;TH-d$6><lp&4weB;IdYzclQEyk^1Ypzu0^WATa0WdoA!%fE<#
zLv|8!#@Y;hhPU=Cy9M8T-EOlM6uki}=gn&L8whhG(vBN4@(IPYL8Qf7J@MiR4V{iq
zaIIT(!<x>Jy+C&QA<<Djk!wia!`m;5*P*xA1yMiK^rvvtpAxAS({CjDNy)(+_0-7L
zElz~*|E44#T*z!4Yu{o&Bu_{A1{GhehwOJ+WY3oGLnn`{!s#$6zqLk{@=uQx3%R|L
z9Xb6O5jK(hi{85x>R;X!f4;{ZW5FNzvn%GCU{s{wf<sdD1ca|0o`RDQVGN|8Ycvx5
z8Rf{UiGsuLjnGw?P|~*rk^cvPDKA9nSBR+d=*#HhuP9jXJAS?Nhk}6xc>D*EXdc+E
zTR>Mq()?ZQNx1lq!B?nU!=3^5ax~2$`(qG<NVN6`1T+jH(T+F;JI*`7Ab%D_g7fjt
z%hw@N&I3#FOKQj_o2qLGJ^~Jr3|isP-a$_)=#D#tOCjk(DC&iHl^Z-dMl&E1%?o+@
zj~M;279re>4|R>x21q_QyIY)IhDeB)X7dx`bS^})UUXNSy4|hOj++{%I!Jzq=Q}s-
zk)ZD(Vz(Ri1Aqv4`rrh08lb?_?dGuw`Wzxz4}Lg76SoE6Dtz>Lf@;11n2A>KTFwKW
z1|Hb&%oN=Qk=#1|D@Er(1RQj8ivEH~)@R`bWLr%AKLGLHQgi}DsxTu+(~tsu<c_s&
zHtT3=H9mBH2i|dZ9xl?|Bkna7tVh70!N_FGNWrQ2|Ap{6@G@U^AwExi#ec1lXOee6
zPSfp>^b%<20WX>dF8e%9r$Z!-7vcdgT94n-^v@5HVr>jco7YC@CJ4_C!DbIcXe30y
zbX@$bAi6CEp>Rm*@L+^4fD~?vPfh&`7oRd%4W)m;#SxPM{s!3T*$Dmq48UZ3>$&3j
z2<;9LQ1C*878vl#TM?>;6h4D!_somXH;}?#gGks6t<ePB429hy1^+*|rh+R`*?O+<
z7WfABHxa6V6n==NnTd<v7z}`MKW`tU-r1-as-SDPD4hr4BpcZ{3r>pC7>HQ?AE!rU
zj$x|@9`K|68I=)UqWz59<NdLM6EOERyh|4kR-|=@;$R}r3KH_{hj`qE`9i?OKLqq9
zM8Ii>707U(pMjU#A5VnCFh?smVjg~M13^U#u3v=XpOBpEU=bbzbj8-9<a;wN&S1bk
z_`VL}h0mdyUNjH5B?cP_{`E7~;}B`6KED*u)evc@=0i3z>m84Y$y6%!dGzEMt%ry;
zhK`8QQ;-}BxR&v&=~-j0&Q<@#8eZ`m3D(>glQ~|jvDZy8nd8M8&4+Ac*2hkb(KLuy
z<6%swJgEwZ{}iJmA!3?K2E^$d$flX*9-V9di)p;#HxkS}El!)A4#l`f_s7Mp47f)(
zAF^>-7yMNdr}A-|TIVlx74cu{JhCoad5Fn365Kf}POBkO=Pr-O>1>G9x%rTd%zDhy
zI4y-pqi??=PFF&>(VgqyaD2LZ5=3-92rC#~#RwR6QbLwnVQo%L$f`{88gXfY-hgbH
z1I2C#*G>P;m`;ho$c+QL-Ik!S5HaRVT>Qp>9jN(`jm-M!hZ3@w&a*~PwG4KGNXSn+
zBx%21$q;zHxx6e%+wQ9&&9|U8@Ok~-n-ew#>`<GeD<NW?=W&s|AAqgnO=}+T%JI^8
zxp~nxB?B)_^W}KanlIGT&C9LVgRlXw$asjk3Scz@wt<)1rexri<7MDw?E!B#_dr{$
zL3tf2UgcGLQ-GKCg}bI`E~Ic6Y_RIU6qWu1fR{HO7&Rb8gCVjCnp%;f3m^i<VeQWA
zcS&>C-6{J0E&yIdcp;ktyxiV<H$_`6&~iM`;*%7Od*^?uP%rC^1kG2@%V5W&(sTtx
zOyz;*GkE#_G_`m@(>(rAnr?!y;R^=i<<Wdcg@HHln$+`&%5E9z0FkzG0q$o`#SO@O
zh}^<-oD!kQ5CMf#BQzZ%pxZRuSU?zLt0#n;H>0tC6RF^DFUq&f*R2d6)XBHZOFmY>
zFQ6}15dRlIHGp~X{3DtZKa{aAo_9(6;(3pBzNI)za~Q-q=ohbDjun;{(buUC34RfM
zg93RG{VSRUZ|-q)`PIEk+NYgwYE0fTwA+pzsoRb&*SPH{FQQ+ldGJP|EzKouX)b9?
z^GGet<r+&v{uFe3BqH}31?A|B>mG|xwhoQRVDrZ#)Cx)zP&^V$dm8tc5DD?XV%(GR
zeW`@B)%(&g8UWvy3h=V-_)>(<f^hYMTXC`7%L-~=#|y&WP|z0_j~eg;F7|p;L%x|G
zq5a=gFd7%{8PIY;1n=I^kQ;EZ(tsZp;%>S=49OPV9eU{2utB7Pe;*~khw7*_KRgiI
z^Zt1r$s6c-ByXhWlCo*-lDwhLX3y~B^lh{-Y-dVg^00e*CHcvVXu!|fcg$6bpSkCf
zNq+Y3lI$m3Shh@)V>=X;<)Wo1LwiN-uW@;cUCQU8@<=YqC9O*yq{;a~fptlbRF`zQ
zMwbj$E{@RPCE9#tA4ceONWKGAd>)~nAmTu~d<mbyJL?&2dF`4At%d;L74K#Dgw4E*
z)O^FYXyzw>!68MZ`)DN#=i=L52Pw&Yx7Xw?<hw*JC*LJ1yb{N#25QW19COMRh0o%<
zb%tYO@~81yJ?e9fpT;{;Q}f=p`81x#g`dU?=B$H{e;-yWU9E|pK%z*+qr)>)dM;ky
z|9vF!-gi-))e9Rd(f<L2f2n}S-7<ikABd)8{H-z}@&OP7<O3iI<O3kjYFYez(Tv0M
zm5VdiHnMf*ZDj6}b{zId_X8kb$@m+700h_ETHyyk43H0iD3EdYQ!UgRcU{uD-Pan^
z8+ScY-OlA2-A=~c?==tW`RwE_X-jiS>*OA(rMX;VX)qy10C_T}Me>t5u?LSVvyDA?
zL|LaGd^D%g6Nqjf%}r90JGVVC;*wTFk5mm^&ebqmcCR}?rr~6nKj-5OmP+F(r)XUG
z27KR;czi+I?vYInh3~tZ_<m|v^qeC!Is5*$dt!77_WUD4&q28Q!O}k?RJvZlHXE=N
z3gM6})rRUEiiDAh=fB5_;zsy-{WqZ+@elF4W?BPZUs;^|fv+__KTYfNR${X@y_VpZ
z2qN@(JJCJ)1!A;yW4xPalldEDXC=88_gRqGJvnaQ9Fl)VlUcDWpb|Ig;zYO1j@YPk
z$vsvFsnj(eVw2B_x%-I+A?x^DRG>=K?VGsuG@PHpHP<u#9s=qCc3m4w%s>Etp_c<v
z-(3+<H_eE>eAk!x4T1O<jQl%7cR>m+#XZTv31keBA=8`Nk1vYS2M{szR;~HN<qCSV
z!TE8Bgly3^N~0hGDzPPcJ%n@1mOl_SK?@Wbso>8pX81FUhPK^?KeL!e@@E$FNdC;C
zA$fr(Uw`D!EV`sQ>q)^g&}6I4RJBua@t6VYHpkBqJ7~y9xY(&<2-3Bl($9~`P_L0P
zZf08ig!gc2sMVcol}B<d^GL2`9?7-LBe|A_^lIsnww7qn%eq9VQ`fKp*@g#Qt1n68
zY2CZf+|X9@Loit6lF1qHUPJOzSvzQap}F#KZU+sQw1b96>Y(9rje|zf?8%|3{2V({
zk-jiP;~{XQU~qRF>4J!h9=jDfZx3y(?Y737Ft<^#%eGNk17Y7wS50v%KH;Jab-y@l
zxzk}~6Kd=KC#-BpYvr*Rh+I;woUPWpd5ImV_~J*nGOvoRRoYvS8PZ!NjnSC4cwQyt
zkvxI8q@6%+(&TJ@YiW;EOS@d7r775DhbX-PVM}FaYi^^YHvCb0xxu1!;n0!b3BFW;
z++bA#n2G%xP0Tj46T3^=iQOZe8?3dOgL{MJa;&3F^fg8yp6F*QkcobSW>EwsIJ(?m
zxumsR!PL+zyouf;)p9P^XgQhaTWTKO4VFvV(p=KElSgW4F4tHZY7=zqjc<oS#HZ^X
z3AMjoT58fI8OmN7uHtyDR`;tm7&l>q0lZc#!s&T2BR6H40%^)B0MnG8YVKZBx}<GN
zk93;y3(di8N|&=uS!)#HrmR;WP5Gl{;Wed8TI2qqF}<erNHwm@H5yl%GI%sJsMnM(
zX-jiS+ms%urMX;VX=pG!ul*DE5z&IaXx1C|iPA#I;TK@pa&1-k!0+(60NcJ89_bLU
z8y?*8!#e^09EJA<LL^P|pc~c^eC|Th%+fOy3<}ocS>2#nc(>rk5&V!FFPMhpTnE!P
zkI^>}E~H=y9%qe6A*=t8;HrDW2V(gux>*Iy>+3~xLBa2MWHf&jbZNf$f@|@J<-?uh
z|0#}FcEOi;j8J)4;y)&EwFnMAD?Az@6}(B0Mlisk7kVo6pZ%mm7G9a56CrT(%ws%0
zY3SYvW!F!3cs8&kzawY!^YF$<Dyn`d%q5)oI#y@sXb4gSUCX0%K7>;T_u%4t13C|k
z(m4<g$(FquX2A17q~ehnCi%zL<L1qwIiCEqC6DCOmbs*yw#+4wIR&W`qcjmB8r^s<
z-hTpNkgll@l^88b%()t$iW?mcPCOpfcM4bH;ndPuflMt5!l?zoj7KkNhTeGOl6E}u
zNM}5HRdaC1BbQ^n!>Pq6BvXq58IKlf7T$Q|l6HhxsxiIs$Rl-xaJj}2LdK&{G!Jh)
za!Fg7OWN_sBegV_Yb;ILvc5V>-9~9!9*&Dz1LonP-PPK#Wes7&PLzhd;<^m|34!f0
zMSo-6tf72U$@Y|Y>g199+Lt_%Z(;LDzJ<*r`BpZUlv`StG@E1iK@)pi-FA-0H5kAi
zSJX2M5sxbaFdlb{*2VKUm$V+|k&egRsyXZrYna_)m$M#Mr8>xNajgRJxcfB=&*NOu
z`oMIJ>3N(-st>qaqYsG3&C)!0c`wb!i%yrcrMaZ_IFHoQT&}S+<WIqw*W&ESb?R3Q
zTJ+%viBx=heTMcP6Al=|BKWn*_S$^Iv67i>Kq0_7fU5S<mhqc@#3||>B6RL{C5d7j
znkmQi<|RQaaTk8ISq(5e8;xgnoDtB!wJ3Jd;n(Ar>t8?Oljfu0g}2QNXq!(PhtqR=
zZZ5w^cRBezI%Q79I{#12cuQnlm5p{TybQ-54T-s1_VQZbv)?Y)xR)2zlK9A~*~{~|
za4(O7Z*Ggy856Xto<1>3t03H7LI2yMGz}u)Q(PQzhk~1M@x1{z--WN;+^r%1!bN71
zf~)R{QsiC*XW`;k1BTugrB5M}^(VFHm-j2U0~hNJ*!6)ZO@c_Y-6ltA4n#noDN%YF
zBA{d{&Nx8?lud)y5CLD};_&GT9>qnU844c8Me$4pN8@6a0rx%}rIwFq$VgoLV8Aht
zM(JmWWIf`sD18nQ@YyV^r5{)D^%GIL>`4U&{}82fA>kf~3y#Mb+BFc#V8WkKdJ!VK
zBlEV$3pOE=rhW$;tb$0$HoXE`0FgAilm?XCNkLWbfM)Kj;EO)^TIDVZF6fJ&F7{J!
z$gTnX0FexuFK0Op;YRu+8t>fnKN#--fJmC;0BnLl1XST-t^wcS;-o_~<l-~&^)ZNO
zeamRPz3CbasmH~I*DC0JM?fv`3n0mD3NFUqrC{9@yv}o~g7b0lxd98N;RR8+r<OEh
zaPffw6}YMX4I&}l7SnYL@rx^ns1wH?*$xl^t$qxsFGRp7T)fGE-T#nZ0{R#t;Fw<n
zS_u*G>u>ml=<f=?`~yFj{Zql$>+uQ}d~cqkWlO8tp!4BXMUY6vUO_;KQv9jb$3BTu
z0O|~=0BA5^06-BQ3UM}xt1v^ADM-GwKOS#rzTRu>j#SdyH*rZjuzI8ptS;vcteNwm
z$uK8t)+o6%J^-9c;@3F!8jmN9NJTfK41y@WKL`=CO+B!H-i3&%U68H1B(&7ClJX9u
z%-n!Kmn+S~IOmYLvMKWY(+g;{#_VTePC-nUlwXSSs-R}MnpHNm4d7J(tq4QpRi<SC
zc2DXl&0RLC%*)_h(%RM|)wV9@+4gbh_`GIqr{o)<NiLau8?A0gZ;Sm^P0l8_yJaqE
zHS<W-%;g--GV`I>Jk9w?W6@WdB3Hroi#6uXCgw84bV;_oIMVML(`;CYBju9FCG#b6
zh+P``gn0syxf7PjC6n*NGKTal(?XMTCe|`8X)WWCY8jVvER*w4+8bg#(C>l*ng$WS
zKk%snItL<t?>)Qrz<ytbM_47=ANUpQbo^{nGT8aI0y-8Vqp=6PtUYkZ27JaO5(_gp
zC57{o83n%-#^~Wz3ic|B(U%Y@=d`vl>ef!d$Hg%^sJ()_aIwLFgR(JN1(7uUO7Kev
zh=6Z#an}|KT5lPn)es4JvwMv8-b%r}xM<Zw!7yBGv9*H9xcKKb3g&DVquYBb=)Zl8
z+U%fU?2a)ywp2lMrx?wHNI6&F5bb1$81aOmF&Yi|-!c4*YhqM#t>!lL<{148B8K;X
zSI*nxV8q)rO^>@`^!MEg64PST3&I*?YgdLI9o|dx$SNJcrMV6ibYB;vLm;AekDp_7
z7(~F%6sJcZQrA|II9&}9uo4$-0tLkdaoQ`U;EY6^Dw8H86{qde3Vy}Kj~NAzw7^N)
zmI|g7BI{NP+P03<R}d-Z<~DKKwXK4a+QsQ}h=lyqK2D{ZDJb73PKzKCvU^#ao`eYa
z_kMADc7FvY9{_dwEAV=Q2fVIv%ZYKyo}_7>8WyMJ5NRO~ct#w3cAVCnt7+z6fHW5=
zxbT`d4Z2pr54hO*dIh_WiPIMl(YoRWoIiyK@O1OQHTT77CPdWnz!|l1s)0x|diD8u
zTAa?Au36vvRGeBqry%)CoVIvX!J7Bu)D|aT#g$5n+hSb97Cj_V(VDkq3h>9!<}pEL
zBpyiQkwM=^l80hE+-jYif|aO=DdblL9Vv4#?r?V2viR0jo`dzkO@~XGCq%(1AL7SJ
z%T(XjK8n-+%N0z-#m@@TWt!m#QGV$74E4A*ygOS{hzFHp!zFQ|3o2A@0N1YC0IpS?
z0#R{rQ!2WoQ85#5g_r4Q>~1KZ+cWb!ip?VzV~a4CEZhUDOGEN>^F-Til9$39E|>iq
z4`K_C{47dmYe8(!C)#yPEn4Ywg}vKQ{4A_^8&H`i+P6+Lq_OV1AxivSg2X7)vJ5~}
z9EyfGPqX7?h%`hcN_I(8ON8T&xa}u#S_~1FEh<b<KZv+ro307k4I&`1U4nW+#IMQ^
zcKwQtE-qwf>sRbThV)#>BdrS!)@(f&a!K>}t5PG*M+G7kue4LYK3!?Pc@}f92jr2g
zlp#H(Jklz4W>ZSJq$-v87OhgYL>q#e=qgQVpRsXM<&oTEhO`yuCUZ$GBl8Ec9jn=%
zVQSecgUt#hhZ+)Jd&wgc?Lbzkiire3tpQ&hh1Z@aNWRn`AN|k_y}O6|mGtf&T+*(V
zJW^LnF4wqPN*n||=soStdjOOg@Dr4(RFHfdN=<7@sb`x~$|bE*9;r&XoTC(5s>bNS
zmYQt<TWXzAiY@hWQ%WstN-3ALN_nIz<#LWvCqs{t_tjEI0hAjMIl6$V6(rw>QtvmV
z)R#)~p*p+RbxEs~N2*dT*QgY-!XPqyhXg&;3!?+Z$>7c%6STHeLA-Z@F5Wo=>Cyq=
zxUm{(A{9GM$k5`6;gG%zeYnolW<EfJ0o=QbmTI@+p=N+);`Q=8l6$!!y<YB-wwE8K
znc5!6vzJS{y}aD0!@c}uP3iUWJd%64A#EAl%U#m#<>zR&C&N@SmT@m1q2vjM<X)aj
zN-wWg6{VNg8Nj~Vpg?-LN$d6UYqS)vm%F5O6OU9kak)k}kzQW(fz!*&4B%c~r9gW5
zSS{aE>h7kLa!IR{N2*dT=P1R!yw>Q!y}aH4wiJCBsw<YdzbU02Z%Qebv`TrTD&=yH
zQryc+wde%*@=61^m)97jxR*cMlu~aurIbrrr94uVa=AvO;BUC!KC85V7HaNxCxW-@
zUD9sXyQD4BBeh7EbBaut91@Ne_#r7qi*4_~V;=}QL*{G@13PIbdx><A!wZ@qZvnZB
z#$<n%m{&JNUeFY|12!)5k`K#?Dc|)jXe#FMxiR^>-cP`_^73RWx}+VRUD8_7Bh`v7
z=U5SS=6}IL{Iu;Ch%Dw#7?Pl?A#(q5PbGfl1(A@~@T;?bLj-JjZi0@j0^m{otMd|c
z#Q6&D!v&2{a4;?&GvI~`@DntMr15TgJmB5htj5pdPPtLj{5T;&n@<GbJ!KDgx(&G#
z^U5Sm^TPcJn(&~4$@tmYI}oYDgR>Hpcw9q{ej-7yLRh!#y7OG`VvowO2N{|lh={YW
z2gS}0<9Z&HN3sXyk?cWvBzurcS`TtbDV;sYCHor>a!HBF9^{hNgIv;jkVmQqxm=zH
zWgFB66);SsVnPSli>IW|l^$s9#Zyu)DN|BSn{dNhrli>h$Z|@7474V#w@tU!X#iU>
zm$Vi0NUfO5HC9Zfq>{F(6fZo>4d5xMT7gVSKWq7(QZ%B`E38s3X_fLwRm$ZYrFcrJ
zGkWlp)L;NxstAiAZf&ttT+8?7$!t?fxujLfBULGvbClvKsZ5KODXGc;o|0;fQamMf
zZc3?MN{ac+&bUijr94uVa=AvO;BVP7r?QcXi?JHZG<*tG9a{RvTj${(*&(O4jkU~F
z;Ul9iIiM<NS@;9o+a+764lZYP2<l!)(AF>N=;Do4ht5sV{SYobTXu2iDCbDmIi@4j
z>^2PN36!=^BUYlbyQDmgxa&8Zr9*GyoaBQqMMy7zA5D}Qz>g-X709EB*#P#@#I;(K
z_h`Z;Z3B3uR^H`o<xv+rfkq)?HE+8Ee*%0WmrPb1)JS^0Xq+bZcHmvos^*cZn#(n+
zmaWrFLyN!2gH?N2e2&uA;=5wlcS*7M5RmJPT?YY_c2bLX#sa9y03LAb0PKS2XU(0B
zY?by%Rodkmm4-RrhN6FHF4mk!z?`{cvL(!ENY9*+OG01s%;}O=GmliwT&_{GY>8%i
zj5zRWxM_xc)zG_w7LR0KU1#jWkI_mxJHA?O0Q+i<0`b*)0PCxRwJ^_DUDDRTBee!D
z*H{DCwg_!^jArefZgNT6mM&?_^GGev<!pJ`lFP$Zcu)++J3|@1SL~&<cdwX7^1Y%V
zy?aHMbng{+(`>yRp?#F}c7$@taAGdeMv{FF17u=WAk&RW>rFT1T8ekC=#tiW9;wE2
zIcq!$C+00wDVdlJkcnA=Ow31X`JPgzH>H$ITBSTvm2x>pDVdm!9x^c-AQSVJp}JzJ
zbDC1>%BGZZNvo7cs!}fJC?ylK79CE^2FS#0l;Vl`nx>SRprp4W<dRk?k5r{xu2Ctt
zJO$P7BxoIkhlSvv`3ZUeBH%q-^m|u9%LQ2ZLnP!@T&yu*cs(|eAQE!Sq69652-tZ^
zf@VSlq~1%=ju5$9_~-k0iy1^hKKLMk-(D&h|8at1pM)S=a%I>#c^4&8!CR`blHFEm
zZzY>cN{1=i%IPpw2Cy5{DiAj?X}$5ekCx(f7?-pb_eiz4%QaeDI!wLMgF6iMPz|}m
zlq!%8v%8k>Db>FzrCib~<&mnC%Q;GMhp9AraEGZefGsuKD8*Z-hiLg;FFv6urCib~
z<&mnC%Q;GMhgoOz;LVkit<_T8VagTA7V61ODK$b#F`rq<x};UgBULGvYgCH+%dMX#
z=sAe^@ss*8Jpq6Hn4s=IX-J3P6SOZx?rrNRNlPITEfG&rF9?ThTR$rFaGpKz`hxp1
z^a}*tB52vGCy^V>eTCBHH-!nd#0l_7#hBU*{S84_W+jYOsi6f3<@lL;ha7}5ge=7Z
zYnaC5R}2fe8Zli`7FY!^bIl%V_g@iXwgFubvd)0k03~~Bv@^JQ6eQ0(q=3e0QJy2;
zqolWXa7o)d9;waaa$fULrYCfHKr^>nUl&5BTrznDbTg!<+YC+a9l~)*tD8rvZZ6lT
zTc$tsdR#Mp+!%fGn1VdA^R9?l4Ff*<Vz%>Zh)^fjg@sG*!uWS{*!;&LheuybWd<Rx
z%gGDSS0Ry0O8b6)djTDwsY^IDf4uYDm4PLBoWoZvvzdS3<DDiZlk)M-M?a5xWccyU
zYi`GFFVvH-U$V0l?G=O{?__5w1K_d~>?~CVu(Q+}z|K;yK%C`BRncpZAxe7A;*z#O
zJW?CP<r*6V6*K>W-Miy`HW2QT*>%r{CJujm%8S7aKMpjsT@mu)&ye2Y&n0#7mo0rY
z%ycu98L437WY{SCD$Qn=R$}Aik!++ql5c8U((Y@xq_vAjs$E>pu}ijGl?sO#9#+C(
zL}_mrIbBJ-xw>%}aY;Lj%s$H*M%Ed?MkqO3L%8zg25_aT6@<fx7Ug-yJxY3>;gZ$@
z9%+UVC$(b%)Fm87G}s?Ta>#HPQPR_GhLZj;;*eH1H>TOgaJfd^!eK=7@Q0BcQihQ_
z7|;wO4RWo+$ZJguBM#R%j5uWDFrs7$4AnS{DCrL)4%s-2IAr56Qgn_pjFbV$H-NdP
zQ~}swq}Bj-mU;u&S!j3|EgVL)46i|kDCs$iOWFqUNHdH$sT&&vCeVMud3d$j9S|8s
zDqjyR%$oy|3O=PGr&0{f<AB(cPo?CNaw^4;{7BTCN^!ZyQz=8WD2b`3Qe4iSN+~%H
zpHbCQDdo7fr&6i`L>nH{hG}+eC3`BxC3Q?gFlDPXGPio9;?|a^=Dw>ieL1vbyw~~Y
z%?>&B)`FIqud%P^k^_e5zMe~({@`-f{K39EC+Q6c7ZSL~#j;gzgbgrOG#l0enx(Mr
z8LhNE273WQTv7(C86ZnXsM}2fs5IaffEoj?2AHiN^EALL&AkT-m3r5Md_hTmIws^C
zhqTj4KkRy#n3m*0-X-m>#~jU*+uVAsN2=GloHbiwB{W!PYH<KcE*Ytn<r2#QY)Ol?
zBz6Z|l1FMuE@w+ZBKenDjS@f5tn7waM|9g<GC2(=$_?pt-;XtU8{}wbJD0TTd8Df6
za*gU`>CMnh&PS&BJtR9YdxW9QWS3x%s5VAokEk<%J)*$?_K2bjv^TLwlxqI`s~_tT
zyD4c6!5(2qzO|B=>=Ah+w~tHOb}G|6J&*86HH6DqLx@L|sp1Lth$;iP#99Db(qUSX
z=Mf&MCApj}3AN*YnSm%{kmls=^0}lf(<N;)d!&}>a<<HD(ekjB!<RF0TV}Wo4ZSlI
z5|eXV=8@8-nt_eUZQD`FZA^0R?cJ5^YDjKdL-Ov8ZQDGOE$x!F_B}OE9%XIqJyL7$
za<=x;wzKhD94=YfcAWuSVhL_5Y)N}+N!;;lNgk;sxtuKtiSRF5u9@5h5UHr;KJ`5Q
zoTBuFpv4H>+lDF08`eT{?=$2PN=ol5hn`XcZn<g$xW(!W;FfAoAmi~k&D|T1?^e<q
zj}2*uUhaK)B-_g+t=%5fJiXrMk!m-Wvv!jfD!SWgp)v!w#3}$=(&Ji^*ZVwDOL93|
z5)8`!r1w3eIq~{bOwVPxq%G4Wtyg%Ymg#b~%*0%@bFHb+Nw90Z0bC+Ya%%UE>cr=u
zZAl)fCApj}3EMMw<1MzYL1f>>JEQ%5|0G>;pe_}>qughooTThf4e@@C@$RWf8hV<B
z%)!M)rz=>Ci?PEDz{OW*D7fd$Bt3DKf>CGVm9FO~*ll={emhsespsKkydxCM9hsyX
zE(}4sW<xkwy(C*a&p(O}w>%b}z2nCd<<IEs!gr<*YE<jBe5aa6@~X~|-kqvTx{oOy
z)oi^ZZBHu6o3Y|9e10I843D&_is6wq19&g7L4oYLnzY_t;u~5D4|R5ucS-9N9;sg8
za*bXQ9%*}4yBF`emKh*N+7!sH>pNP$r__q3lyXU{lt-#kF6SsEN7{@Yyz9!Jzm)-w
zEk)0TKrFSYDW!gFN-3ALN_nIz<#LWva->a*4v(}MAV=DaQv8_W_okFe{}uYK*L*H%
zmGVec%H<lBf+tWWfnBB|&HM@Dfq(4L1o>@K<QzN%?V`!2nB?^!dnq}=ko?Sa7bVTx
zIOG|sA$biU&BV`8XB+eIGt_kk@bmtX=e0HY8ET~hd4^gGV4tC$szvc|ZvEXQt-(A}
z4d!yL!Q>h0nVPjXzPqFy-(Av{=aE{T%h~c0{bO)mQ(b;gPcLZQ`2l^Y0sMfz$^d>q
zUuOVM1M2{+LQgqXu?l&lD&%rjA-KzS$o~1J>hF@aIG41=d88KSa!zq*yG$=Q=o~Gv
zy>X^3njn+ynjrBailac6zNm&f2%u6yn>_$(6d>npHSvO(=t)SVf_p}Sd&2BjG%@#p
zbq28Km(11>_V{uI8TRxCHLEgYC4)Mj7BHkae34*JuQqwGr`H+4p59;pdwR*MVNv4g
zl>pY$-`Ao%Pj^Xcd5=`fyPRuz@$`>0YtPeN(zdiq+VVV7%X2wfo_KnV)-b`IUT*+<
zI=!Z5W=}6OfIYq10QU6R09K*4k+3bj<(x;VLM~?&QcvGfGvPa9X+<u^C2esoY3uKi
zTAa%{#i4-U`%98^>ZQ7JaeqXaEsutknTlwUit$*WB-Z0pW%cXo6Ze6c4ZwRWlzA9v
ztfuH<G=CR9luIV3V7f7+w<R!6lV_3Kj-D=Q>*$eMN0)1?WAG5_cI0JRze$%TX^$%u
zw7xP)3m|OcGzDR0d&n}a#p4-z4T7M=Uf5@%H`Eta^@lG2$iC8AfNB%MtGU?*@M@0U
z)HJ+`D^-x;)mxdC<*nXa(p|kBqLJ-FjZc3brKH)=$nfedmz338rO`s31REevf)&V`
z#H95WN~dWld>drj!zFEdc%-(6%Qd!#tlricJ$Ut2GFR=ytG99mvU)p1%lDMJv?--r
z(kkVVs+7w)O7ZHg+UUWSsxv^=xkf2|W`0FeO5NO)QZ8wg@<>(6<s7AW^;Yzj8i${m
zml?pTw<-nl%zRu^N<E;YH$=OnRmvk(DVJ+h3ZB6KGV9^`(=>nE+ebsKTrznPHUJIj
z_4Y?Kx!2oW(yHf?s-DX=s+TQ_h28i;C>g2X4l2J7EPXpPqnrloqH(<2tUQuCsv*6O
z>XL3p-Bz<b14YZQ%^h_|C5IZ4J8CW&c2reSZnJ6(kdCTAI;u(Q^@%bq#apMlq&1~S
zswrKr(Uf6FHF`)#o#%E`1=3Lu)bc&0Dw<NtC9P5(sY<z=qm*=1qla`<1EixGrMRP>
z*pyPkn^MXptx_JTO1Ye)lyua0+>UC1bW{b>QAakV)U`@_r@>s(D&>)?l*=_L1%JcZ
za<=BoA9jsYymNR!ZFttMRh2RqV>R=a#<3e{yxed}yW9xkVdvr=YgO_{RmtV7O4%w+
zK0=h?ACt?E$Qz8Y_(z6C^VN*}6XG%j@+0!mn%ee7{-vNxng?0(Bk~CvyBo@q&d5I^
z&m;M9T`nn)>kP>QmU&#~a*dDcCTT%DN17jzyPSPoSB1)$$91*1wvX%TO)YuExnHy6
zG21?_b4gQ6gi}y)U6S5}a1Ddv>yz{Wgh9Hpb=Xwv5iL@2+LIZIJry1-Vk-~VQ17Rl
zc_jao(~w*}=o7w(z$5KXInUEfy#{hgRXy=C+_3&*ZRcy@f%J(2_PkO6>v3Z>PafE;
z$9bfBoXc5{OR&RNYUZKiD-g$jSu?jko9E(P(yB2>WAYt|Rl_4y4VSZOP`av(ySO|T
zEwR(n;o_3llMSZ&JYAJGs4aLsS!DpPC+iI0^<;wrSx?q!_SW+J16P-Hr>Pe-vbUam
zLrHHvnM=wvRrIOq$AfQ~0X+CtDUfN(r1fTmrCJI*lU+}`q_wR_s%>4a(Y7*8)fzo`
znyNQ|*ORm=R9B{{Wm>+c)as^`a!IR{N2*dT=P1R~RH+s%6MCfqY^fTf6i-v%Hl@^G
zO)2G)Rw<8ErCiQYil?dBMh{+3t}}qAsglpsQoI`&X&XAMXQ?(ydh1D-v`TrTD&=yG
zO2HHGFS8z_KvuK2%SrBzE@``C7mex7LmsJRx|}UDTc^qSAW)=&cX~3svtwv}Sixhc
z?Cj){Jg0ied7mf2`#a@oKiS`@R)9AJ*R~5y8J-oJ_e_Qke>NP6`2};cG?WK8nWy+g
zb9p4ca4wJJ7tiI9Y%`a%-OMFzJ9(tq%;l`jpj|L&Jf6is<k+hRrecY2-yFBuZAm(r
zqYcDY-n?jDNZUJ-Gz}tCmlw?gUK$r<OScT|8op!alB3Xyf5Pg9HiLTVU!#0-Y9}nS
ze8t=nvsK;0e9sZ@cpkH5W-WF-Ml0RVG}K&#xTNd|ya%%GPaPoxyd-y>0sJ1^()Aj`
zn{HJG@TOax0lew9PJwK?m2Pl0-JVh<ydLP1wq-q1Th`^=mPL&+pF;8HHFtZCVK$V>
zC6j9oXe7P+xmPtgZ(CWnb4jb5N2+oz*QlKLm9Z>s6E+P$p^sF&A4Su!jSG}E2m2Ci
z>-xVPTcdA@qb1nZr3T1Wz5;otu*t})R-xwZ-CMb&t(He>wOp>TTG$_63+-!+CaVBu
z8*nPSfKhA8{sq)dHSpBx>XPO_yh~cOJW|ziIY%we+`*mCCMkGMyXbDXcuGOGrZj8_
z_QOcUxtHQqX?qXB%Nv#EbqM!s%2w{?w%8BHX^WkrwAW%)McPQ*J8BK!7OOXaTZ~$V
z(WJ#pMxJSgYwli)xui9XN2+OD&M{5sY9lpkvo$NOR;n7wuS6>iV8v?;V8v&<ikpl)
z#jn!bg*0vIl2&n#RK;D+Rh)vIUQ5#B5E*Nqo|B{<URQ9#8%f&Y%@Cw(wD>EeRp-2s
z!HJ%5rW$}P&<8d2AKJK?FVLDUDFYxk@j6p$?wloUv{kuNmK(rLTw{PVu>owUqPAfg
z834-x>{ExOs)WCSbVzF<H>Nps=yI-wWE5GZxtMz*Y1(SlM4GnF09Lrc08zM|<C7*M
zuW7%~+`W<8C9UEfsZHy0uHtBl%-^v1YR%n_+%;Ix<&w!u1~-zPa^GumZ{&7KtDHxw
zaxT}XTyWt#Njh%6`dQnBNjeuI9=PM8B;5yLkfuG|>GqSiGIY?}q0?2s>Dp?jopnz?
zG4M!nI`Om3Tt72F{LBFHGXtdAHh29D!1`H#E!S%<m$Vk~NVSN|HChCXh1az~{{fo0
zZLNFITDfF$99qkeUTY21<X&sJq}9zMRX3Mw)Gb@3nU+DxNX4`(Fi?-!37g$Y7lY>J
zlJD!dq+OF=qcM5iWfky9Rlwz}0>R?tI7|bP#pSJ^CFyyHocbB_Ym&PE7J5r|_Tizo
zgeU(lI2md_Fa&d_(tV7YvwxvHvT!o?SKiW?d?#<d)#!5Jw;InwEf#6aZX6TeYP|E2
zz;ZnN@V6S@$9=Ym$6Vw4-B)UAzC|(bclS8+es}NlreFV&q``lNbq)UUSCWQ9#0oF|
zoupL|vCqs%ibh9MVQ<<BUlKVKBGJYbq^LtoL$1U{x443Pa8a31@B=O$ODfnSm7<vt
z>6?Gz;;giSel1e;DuhF_l}CoA=kYO8@%Cjf{ff$f3~i?J%tDZ-YFxX+elxZ#^2k|e
z4@26mi&ZeGOWOUez%zkYYtK^mc1+Rh5V2I>E-5+@BE~tcTZ$G!q@vA6%T`r{6%Bte
z#MQ~L`i8c3V)YH_sqd1ieh_S*qN5;EcJCcibPYs+_hRBN_D<1W`)J5HxaeD^pw9s*
zIvyf5@xa%Iq^QlI2<aNd&z;T)mFKljq+$|xkX!J_rMcAPv0vhI3Qk-m`Li}>x{Z9*
zCmC!(g`+Va8Ze=@t$BFOC1s6WbE1yMvhYzLD>f6|8`9ERthZuwNjsu=q>d;qXGav&
zKV72PUM<F$iJBbzsnjO?sI<|MKa^E+k}Axf2`N_~p9!f3FrNuIR5Rq}w%<H+N&A@)
zk90m0Qm#1+;vDp&(k{pCARnfwGYavCX&MyBXF^WWENm<AJ-<uZG5J)D>1|tjq*~DB
z8Z9WF2^p?=uwSrpG6T4zEzKoudwHam=5mdtA%6-^IW|S_Lb#-$%W)~X0V1Ft7uz4N
zV9g0BI^jeGuVN_OdWeGIxOi7Vw(^|Nn@1t*NX3ea(HSP48qi3khngzg;*bX$@)RsT
zF4malkXU90V!EU(KllrPRYTN&_^Zpc2JpxI>J8v#qDri8@pa|Q7WlEubj_U?8P;GP
zsRna7YcTl|^Szn{Pd;oW{FiweIzFPj^^uuaV&sy^vyW^fz5e*5CTGX7xAHD&)%8eK
z*X69bl&FVZrKmsanV17mX}~j3u0}!fVkq^JmhUO`mXf^TW0i7AtCUBoQZCo16kP7s
zvs3gJM7(U@b5is$M8LS=DH?LFf-zMo+Wou`WUJ2$9cv$`5~*l43|oLv{8@KuSUdUL
z)?FHh$286^!=KyACFOHlxg-)ub|t4d+0AGwyIfMT%Oy>Am2P&=YIba4t6eTB+2xW*
zK*3m8V!c`;C_6tz6Cs>WcD80*ifECF&X=Ii^*aNf?NHjzo(F(@C$~;hV4^&d?UqZ5
zX1OG5CWXD%RAI}SDlCuW!g5I|ESI!}t<rpXxgeJ0nti3DH80mJkL1E~NhvIs<ihZ>
z*9%hA0O3-C?iZ%$QivG6Y((gf;gV%LHu}S7;_-~q*67cH?60KtOI9t9WYuy>Q7xAg
z)w1Q9DX;z`72Fr34;-y@613Qcv&|(X+gy_C`_aW1e=b24`Hh5cU6!I@mxuLDmyZnV
z`<)aw^0N%J`#fBx)Q#aEyoI3+T59J>XJLCD!#V$Ub|E5E%XMMlOLqtKlt#V`k@+Y1
zGZ5G1<hQeHk;o;bE~njrQ`4H7?@#5ovnS%YrXhKi@Yopq1pk`%eNuiqTl-biiy8iQ
z_Kn-IfeiJKZs!Ew*ERsiZ)bV`r05JCK6&9)W&q#URvEwxu381M;M$-navRwD+oB6X
z6Y;!Z$5NNHW2r~#Sn6`_SW1b-P`@6f%Nqn(eLB-ozZ8H?7jBdp!0Oi+AnQd1qJCS|
zlzrH$-&0BN_S_|{`W~t3yPT&!iom~M%bPJHK*aAB-<6`@A+qj%sy0PiOx2KW?oZLm
z+nWmUqBWm^7wx(CQuGN#3jN~a6pedFvp(Sy-0eZ~H8}s56t(^pAv_?|;NlYl4qTt2
z{WpXm*{U1D#=Z%ai&PxP%b<C~1G-FU`vb0*nj&|{vya@E3Eujv8C5|2Ya=ZayyaI9
zAT29xezgL5=3xN4Y?T4r=5+>eo3B$4KJysuY{k5;YI?5flD4fqQrp_)+_si2zqy*V
zdEzHqew8TPI%$motnh3DL}3Nuq$VS|fB8JpLl()4G<VNQUD7J<k*c`Mxr$?ot3;FB
z>R1J>P*T{lM-Dl(tZ?%j?!!r`!i87`xQRc!piAnE<x!98zl4A8NSP1d5KFZnelM%M
zF10mEcS*4oZ$g$_1BbwCQWL!SSPsA;vgv4|d&{{7&6xKS>=5LV);u1m=5aaSJd~vy
zLw~PA&XEdU+-G<(-&Se+jvQXhyQE#rSF7>~Ud-1Sz>E0?19&lCbgi?PKS*=;7V{pd
zn!B9UTo&_tYZkeS`NNdA`-Qxi&n0CsZ%EJ3M{06!ztAPEp*>R7bvdgpWvevP@Yag&
zsxoZo%atAo({uBS;YTa!8QvwW;mcrA@h3KXl>uz{S_9bd^{(Nc)!aS9d!*LH<!nvF
z@Q-R1xrTp9dG9VNmlVSr(lh+)n%ujKa!G4=k5qMC&Z-;UMbUL?CccX*HGuD;Diz3G
z)Vo@~r__f^dUsJSX_fLwRm$ZWm7-wX-zjR3?IW4JMh9scQlMaPyEI(_k&wY1(sU_A
zrm`QmOw;DwG-UZUX^L(ehGffX!VY|&bYNbQWq1X4l+u?Q=i(LET}pZ@FhhDPFqgC|
zFqdpxftB9utiUP(><X*~Ks=PEv)Kml?6A%No*hbV(c$mfeGBMbRnc34%~H~v)?CuI
zgGXvRxSZ1txN+naSUF0!E3j$+tA3s8B`dH716ci{8m$<sU#37Nw<lFoZv{4ANpEs<
zNvpm`s`@VHsgIToyk(IGnqP4>8<MS=9QqPZ&5??JxHU?S-<8OvxjiXc>qR_(BThj?
zmzIdZ3rD4C6-1o)w&T+DJVf04cU+u)JOHo9rr~0(0bZBblsb89(rqTD=?F;vig5b}
z(li(%A@@&7Q_rcY&baAmdKMxf!)K=HHi&5L0WaF%x-`8Ek@{@$WSYi61PpjNO+~LL
z7>SFWXDc}Poix1;k!YFuX*v(WAiM6PuqAjJi&PBco79u==NF}Udg6HUZRzOp##R%O
z*OhrBuP^gR?wENbdw3qno}NeY{Nj>!Y2uRBxjj;y+vRecJGf(En*M}{bx!*@O}9e|
z*5dxw1ARY-BS9p@1E>8vO?42-U@<PrSBD^5^<8MP@cGP({Cws!)cOLY?H<6=rpULO
zB9FsUkG$ly(*sNL@G6ItZ_Xj@LmLX_eVe9U->Jf*eoxbMh&Z7Kwn%2^c8Ju=3u*R2
zP4Ioo3>{ObY4&QJp(i1d!4+*X^d*Ery7KSPFdfA2?)g1K@joOevlK=es-gBrp8TL=
zgpziTgq<pnWT(m_*{SkKb}E;&PUVu;sXS7h%H=$#3hr!|p;sW%m%VQ=xKEa{H8FmM
zi_<e=g*4Vz8LpI}%@RkR-qd#pzmJ&U%23A;$XsBedrOMDG;6v0F~?S1($>r)wPr5o
z)GRo=dxo~(N*nZy9vLdyTEVLAGPG|`1t(!4GX_$Cr(YC(4fP1##h(o789yx@2?o3s
zp=wAxorwg`{S~3FAn{ibGUz0HmKq`<UK%fC_aE`?Xo#fofR|=d!1bRM&>Ij@wBefq
z>as?`e(UhS5h8_pAsY$2tgpH*MlV6694~7xWFvu>^~@o0`Wlj-wHLCHz{|SD%s35z
z<Y(=LY$Pb&BSC{9lH1&U@mk{j6#RNnf_6Drfv3TnH{p%1H*1JzH!tLW7L42;zsJRb
zMBH*C?Y5CN*ht^mNIw{NYmyd1LW@pF($5faSTDo_b2l!Umu6GIMwYXY(Kb?pO&J0<
zB~9l6DH;qB580<8MHfKwN3kdGNzp2ZG|9q;Q`GVi03H+9zlLX7a}>P0AVq&dB$}6|
zdElk-z(%I2cqmObLGrcU6oY)eWrjL*!@SO8ybCCbxA0IDKlrBL*Lx$hc-IJJ?oLGh
z18BQtlyKrGjMhBphTE)LA(GqDdjdM}UImM12DINp3d+92c0NR+Z6vs39d13o*EEmd
zTx4e)HIxhz$K#{X5CNWUo;o|1#ppqZM4Pc+j5gn2!KKIHo6isl+3k3I8X6*C#VIj5
z^i&1C?u*gA5DD?JuEEEWX}X3~KO3WU5Q*l2s&`}50FjWrm&E8%h=7MbiczQK3V!@D
zMnk_+(BYdHjfF@w4>YfJtKVXD6-3h9+$m0fK?HcM(0iviJphpquh4ey#OWG{g#7Va
zoX-4Rfv15Na%m(%t09uc175YyN+xJIM55iAN>GqiuwN!Yk3%Hn^R@{(vYmplxcI|@
zVgQIlE6FCP1|nb<J`TG@iGmBeCFo1Ye+lvGGk!*bqBAv(2RyIxfY*#3SU4|1`{0`c
zqCwBrNxB;%;CEb{(MG`(Tokue;Q6Shn^)6{j!Bvek=(p!o(5jXMrPnu&dcEc7T`I#
z=c5nrnWRp8sSP~f`E~PJds%zE-YdrgCm)fd#Sk%k%W}MH4I;qvUeAag@LH~U;H7CE
z?D!py3`0bN|6_1=-xRHYNN!%CUe<r(OvAY&G}<&=WJfC4=fN~R29XRra2@treu3nN
zZ2M@M?u1B)m)k9mr|EBqgv`YjOTVW=K+*fQ2`ETD6`_HU%(z%2h`tt~{UDhDn+6k>
zMCg5pfb+hM&@706XAZ_R2Fdh7wCm1^(i@OWhiD}D4i~+K1M~+t1{ZfR*a}&Xt&Y-L
z9PJ{6j9M6_*C3hQ@H4J=@ZH@O_%N)1Q$CE+6o`PkaR_obBr_9fl9>7qhDgZKvjQ3q
zk=*WiCZLrNQRnuL0{Rdl(S|M$Xfi~=UTXuo5+WdipF!;n$$X8h-`EgP>%Ra7qdrGR
z@C*wgA#X;pVG{tb*4xJm=p2Y-Fg;a3pF<?%mLfbifJlg^+eIS_=t+p=_Von?)bm1s
zD`1e<FTyV&FV>L5F2P%CAo<b$91x>j55X+Nih2fVKRHGf5Gl0h!!bG=BH+VWn3f+`
z(0Wmf21BG3)_xMB9UB1HqVHmMOn(i)S(oAB3IiVbH>Prkgv5T0(SZ=jy4PPZoEz2*
zuI(77Hz5*odug1OK*S)gT#5Vjt2AWf)p2?XBGE>_5vSK70=|7KPQBh%Fdb9nYMw6H
zU5=O^ryC)n!3PWC)NY{yFWT~-;<VY%8gc}t*c&0CsW8`m$nz~%?&bAy`V%6+Q`7?o
zW4gQ!BGL96nxN4TQS`RD1icRtFyZM0Erkf^fcdEcB5A(DY|_0GMiMU6Q?z;DY4F1d
zN!sy5&7ke9Bu&H*R;8TQPbKLvh?w_<x019TA|Vss#!vGh0*=NZ?}-rUrx)Vj?h_DE
zXV1e@bUB23Nm0qPaNDZ4Y}mZF24`Hp&2Uh#^5Hafegs1V_w5UxNYm300bQR<(+LpC
zZRPW6>huBt_j(T;_IjFbgye^K9m5+B?!!Lga)?y!##n~tL!=5_Hp|fI5E-7vY@VUF
zAfawuGV}yQ)ag@_p^*?tGZ7a{6;O0C|046A!=qGr1csGqSf4MtFiN*wq~LEXd0#sL
zJ&!{=ufWn0BH%IfhV!`-a7d@sG5Q1|;G%Ug+WmV4UYdQkic>)kI9gtAUbHsz;`Ba5
zqFwlIoOXkU3;20$oSt2$V5cAB^b<rv2L6gpz~0SS?-5PVUy%PDu)KAG?rrm5(|FM~
z5@d%b=p%@z(>y4DBSCH7)My^KG?S#gTEK0&avu1sU6Q62YshivTb(;AxEmKIb@{Jg
zBh%b~Z+aZQmFCtw_ykcN=%La6F9etF0)zC`a=a>dAs(2rTat$Du4xwIV!|E@ybv$V
zrU1|Vo6n&8K)mS|B5k^nV8hW#nq8r3u0AG7{f})5v_39L??EJMua{hRe3A~vASxl7
z0+wB!q)DSSgG~Y6fbz!=NqXr=&8<^E9HN4VZg*aUQ|35>D8P$0eL$MdIs}6u_l4aj
zr)dL3z~$4@v=1J$<%f9DJm6+c(Vj~&7>@fcO20ueKk%9E=r@<*&rXj<u!}K0Lj8sj
zwdF^QS3MG;5s<d?0G`Fgs0RV=0yv>ALWe;lWCAYcG1$})ubk<Hm~<hM^{2RK-wJ@U
z?u~KabcpEIyar#aPf~{s8m%pU)ASyG<RrNr3NQ*HxiufMxKoNwf=HT7=M?P=X?q%G
zIWMF~cl=@oBDrnAQ>QN>lBVw;Xg<g$hq&cX^jlay_yd3T!t>&`bK{Zb0Y!UpEB3{o
zOCfEGF@wL2iz^xYhLyGluKX-QuR$bQ_VWn6$sjM97vh2Gzb9!8L^5dqN0Qbt;0#<q
z(KwD&1kb-1q25bzB<kfj``iwjx1eAEYQ-Mb^%kV*u1=K)qW6qMf|>Xew0}E7Cqug5
z0EalIFiOutx_=F@)sQHi2aymD{JJ7Rhp)uf*4{%C?(ju|u7Pxa62QygLu`3=$8Vh^
zgALg7Jop#|ZAYc(Oo(LQfxB^x^9P9JHvabTz^174@{|-6<0z+uY$P}kM>6?XrerW}
zA+m<#1Fswpcxk*s*W=90;DU4$>UbG!B=EA{$TVIwPaV&QUe+nBM2~_<lWdJ$*h?VY
zhoj}5!FFtbCwLO#0{F-z^^vY)5pn8=5n2ezbE@F@NR+ODNQmc%V>(3XQ3%dvM}m@G
zQ92MJ;Bj>_$=U-YJK)|FBDr~B)^7#$38d?vP-pMo3#jj}080TT-yEaG5DEDS7Y#Q7
za7g@&IQ4-@$Z5D}GYo)3R@@iIJ6|+pe_SlNS3_p5h*Ld86g|2jPM1Rjcp=B>_$rFN
zHUyvZgh)C4Did@fM9S$mF+rz7BxEcu&YYkjEAjEoU>N{gX8=CFSp^X=AD=V)86sJ)
z$2(fK!{Zyt;4ED5OIsxCXICcaQ;0<KI{iZ!sd==Pkjp4VlOY0nw8XDaAySSP@>y|;
zQtdUw%U~BB$0Y*~yn|u;dx+$A825RIwCM%t^W5(Re0O<@+Fha1mg8)80ghx#ZvQAw
zQx!yj7qXGyC(PlUXJ`g3XX1bhMAY#@JaB>b2GQ+P?BOJy)--)^aa@z&%5Ty%86sJG
z;3b{0qzWGR1m`4TsZ5y03-OG&oDT&QBN~t0-EeU*gF}NzbmA5n+;rhj!7ToRKKsKl
z81jRAaP<a6DsTXLFZW;pFXBP`Du}4*hEOz(gFDgI_!GR3`Jv0K2o+zBDe&u8BDD2v
zfEQ5uKwR9!;C}RwI$V6mU^OPci(kd26{MK&We=W%#myNMrulnOg!WvFkfV`iI4&My
za5ccd_ak%*q_`Tp5C<&9^L>b9efS3v8Vf0&j6#c+MQ8w|_&%ufS3`t${}kXVgd7w^
z>1v3C^iD--I7HIi)H_OVLnPX*yF_UPMCx<?{x}K@kwPO!MQLw{=yn1wCNSVCcp*2R
z5~cYNNwZ^Bl+J>PqE#cKGy{^K=JHFT^b|xww!0oDOdz7ccTYxXyQcu2fep@Dfeav$
z^&RV?v<M<;F2^AEG(;-rfoBd1=ub%T{xC>K{I0nIBI<bH{?h{b2qL-Nbq@CGAX3gs
zd|0g0`2gIeoi7jQXoy7H@$P^|KqTwg_v7a-5DB^X5xlwzBH(xYxVv8+0Jq#v*c|Nr
zxPrF$TEY<!X@#My0-6MoG@et;!LzjW5DEDOulVUp1ysB@R^fMbFQE4!#m}G>V*3}+
z-Vlj4@zMf%4<d!`a~Xcs36YRhI4#@pdId{y!nEVR0NzFAyl7svJ+S9H$PE%|y|{qx
zgXDuJ``|$tL~Q;1J~8?kB8s*h8KWa0`Duo_xm{Kpqh}zJ!J|*aXbmL4Nrt}}qnQwi
zR=gla10ez~TZjxGQqC1S#_4&8cyAi}f&YL=&uTuTWA8W(fk*@Ic1WBqfczJ&$B&NF
zQi!B^V_cjf<Ns@#1F(l!4Uw!5Zh_4{h$uQ47oRfVAz(%K1Z}nz0C)7hJrZ;-MB3B~
zx#IW)Jq?kN9+xHPWXONf`nD+vs)vZ(*3Q9au3raW7xP-7_Gj#;K%|?UyaD?*5J}VF
zFPt=iNTGWrl5`0~3Z0Zn(uWWMo*y)C_~t`Ab-ZXZPQ-0JL_FmEAxSE#1mKQwEA}fF
zKm?ROk)#_TqV>X8aSM!h1PPe@Ns>N>NaZg3B1z9cMC;wx;X5~dFphSIL8fEEUj>n9
z4`7b}7$O<G)FDN`L8P38cmYGQD*z9W-a!2AVJX`2aD+@iNa~an^@m6Xm*e7j20Tf8
z_!#E-It{7C#WDt*+w4X79V$e|#HmZ54n!37(tQ4HiaLL%Y4&ZOrpq9rb<3`4Iv65_
zeuIndB><dtzwOdA0wTGs+CEKPc2F?vh&0^~k!T+rjgzny3cTF*KQ~R6L-G}U=(;rh
z04Xj+Ig4&iQ~DN-Hud&2eFBj*^Kp<jiKk4WTl3&}EK?>xq(04q_BhCU-9It8@_f22
zc8pJh2&ly-@d}94w8KkjIvOH{-iC{140uee!4cp2ko;(y&q>oU5SbU+ypg8EA(Fv)
zOYoo!BA!_LUYb@yia*2XKW`P*N1p+(I`hAV4RDxMqNT7Ln)Z>d0%Ggav@b*oT}aqI
zj$}e`bTmWbAyUqxxLCu0Cl+tU@I3LoOom#vKs0XPk!>^d5`-sLivHLOE13EhBGd=B
z!NrfjyC0~)p}%7=tLA~{t_rAgHD)0W@j!rS?_0b)M?yT%d~RN}jRds=a5C)>j4{xF
zqNm=5J%!ib#;fh-LEW*bND$1A(zy@;Rli~#0};>~$6K#}2pEs)_b;A;In60g;CFlw
z0k5tJXoqhVG@rGX#>;KbWATCmh~(DcHw@$u0lOZSq{$EgJ8X`pq7VVg7Nx2G;t){u
zkY#9*o_Ml19a2028hYS$oK4*qKY5W553Hytpkt5G5D%QWS&Y7dNE#2^g>f+ZB$Prq
z6#W3lUW3b!#X`<za1vC(%b=DSYM*4p16TqN-@XM!M?H&{7=u4AL$Zgph(s4MvkZSO
z*^s7eJ<>h#T!c12veQviFaTHM7(L!15{$tD_$5g8Do%-uU^)JDd>zbc)PI*xoNOLg
zh2X9&DEkfa^g#1zCU%O_YOI2@7a=z<ng_1#7p2>`LDutgqj?%MAMJlOr1{EuT6?;A
zX_^l?<h3-7g=7!IvAE`=dF6POYd(z|LcuF@BlI&wd?JSP$UzbQh)=A==Gee}qG4lZ
zFdBNmi?)%#%b;Wp#^dg2%$~@)`3$@?8yU?_LqYL-5jq4SRXhO~!D;wo-QEKU+`gGU
z5O~0g=7A}2+(zg9DiYQz!7l0oFHQ5nE7SvCZaw#lHugVH124o&;}z<q@uGRaOXI2I
zmD7AQuN)7Id@0%3o4pVZc!h3cIbO6)0bZdV@T}u0>V<fPx*-(Y3-9}a{gFr3H6KT4
zOAMdvoWX(cq%k}U-U3j8ar9<Lc5i^&;7Ri!*%JX)evRGse}`$J{csWNi$9~8*?{%K
zm&@X`%}4Pjz<^kS?u2CTjv<kkr#r$2yI?rJ2qJoTAs*NR!*LZPI~+=RAt?+SWsrQ`
zzuXso3*Y6LB=CTzPV=DoLfw#PucvW9sUQB>e!hqqotH2dIx||}rVK8F`DQ_+MVgN`
zw;(|&wk5Zf7tO2Hj&Sl*AYvo0R$dwpc+nD=1$O6|;AfQc5tg7u7&pZYyl7qqZhf!<
zxVSe~03Yv!b;40ty8M8XvLy{zj@}EfRZoEV80e>;9HnCy0vrSnYChVgge=)ILEX5V
zFSwjlL?<2z@HxtP>r<ja5G9iVN-7d`8l>b8faarlX_^PkDoW8U@zd7eo!cUfmS{I2
z(rAgxSI24gBq+5R)SV5Gxd-520Qx3Q$1&IsWBW#Ca5`>3ra($=L<SGxVjTls8m-60
zzBues(k+E$+&yTOfDbX-=857Mlx?0Dw}?_~%P5r`i^;P2Xp`|W_cf4`cVWZkqn&zM
zl%9i>422%eM=O{eZET+Aqj|ce-XJ;>Qo?(Ar{JRUln9lyhSs}xi_pi{BV;N<t_4VN
zeaik*NWtFQ6wsKTk>)l$^l<Cuf#y|fUK>y8|JQ(zwxh<b^gpY0^G5W_X+B!>AzlW}
zH%apuY)Xh%Xfd4dBzDB@;BG%nP0|t5l2kGV-hVDGPGm6sKXwH#x8~K^lxVFm>e`Xl
zZD8DK?ukL+;sc^GC=6VWG5b}3w*8|t@CbCG?QwA_gC8-rc+q|V%VWpD*CQBPdhpPH
z8xCizf^4=AhK7mghqf<%2Vnc+RVO7IhoHFtW(cC_9Y^7C{{8q9Jd8iB(0iY2hk{)|
z(N0HW17K_Xx#Z~rdTv#uxoe6};h1&!vjY@;?nCG~0;7L$CH|ZXd9F89*X@sz2XI^f
z-GAVH(0v#{9c19)u*d&s2t}{N+ZqZ^|13?vuf^CjgB6&8A8bYo9>kyLUc;j4W&HUO
z(s37f(kG=+x(U*;0CxC42F+%TgO<^E_rRkuEXgQXjDwd2I}>%<8HM%$b3CNew*Mal
z%dx+<tTIBK#{Z|vQS>r6P`2hVG!*`Q0EtvoKNnDZRV%!BWIc>CxkI8J*LAo)^pfay
zZRP;b27ssI_=PTYtEvmr?k#C=MB0K0yW`9`q|<|ug7$kv=^v0zuSB|)?H!(e4WmB9
zQ9oLYx7b4k1ZOJ`4TD21;?F~i6b^Tn^e(VkRN>lcF`I#EQFfS{bsMBD`1I!_wfhA>
zvw#*u@P7?oqZlf8i#dmjX^&#c`!*I+i)&lVItE%ygQg8@a0wSv^JkLgK)9GfoPyd1
zf?{F~`o>{CcN3|o`6xqkAe|m8?1sX=*T88o8Z4Y)3%i^xyc!R@!ouT=@lLPVfSo3%
z64_aJ(=V=DOp9j|$Ke=l$pHoQ_WhAm;$pnXsT`os;8ZGp7(%K6D*I&<J#bye0TU9b
z#4x07U~p5=CUHDKNq@YZt9zt%@(6&tj|nZruL9WWoJhxHUu-8nsHD8x<eW$kgeC9#
z7-u$=$It7i&+UowWb#Tpt5lNTk^{0$awJM`P?CRA-e+P0V-o-Cwod8LrmwyLn@;VK
zq7NXjqw66Q?E{s%*Qv*GiIIxdm*J!`q|=+R*&2X-W&}J5QoL|poISb>KHKS?lsI+`
zU#nv`urC|OF8#|oHpOaZg`T~yWY^;IOz6l9Qtae!Y9PO2pc76E#j4f0PmtIL&dbm@
zeOaq`!MXU^cPF&l+*G2&*?8*_uK!V%DU^1rXK-&2wi|VJ+N~78v|A+yn0BjSVA`!7
zz_!~sRl#ewJC)3Bx5*A~+ijYX{LV?+ZcCN)+pT+p(m3Z0YfnOjPw9sW&x@_ofY5F~
zAwYWgf)w}o_WOjsW$f0yT6=ETnr|)1P?z_lHET2=Y|UXHr8m!u^T<Fu!=PwQ9w5s3
zT3fRg*S0m+F$jAu#j5n>?V(n)k(~?(3sO8-Ow>TDRms3m%}}el_whT_rJ_}-283Fb
zgOtucFU|u=X}?e_9#5+ITD7XjwbiO*S4XR&L18(eR@0H4j2{b9Jht@JK%-Tx^w===
z5HWe@<rx|QfsgUnP>wFlKE`81HLmU0PzPYgh6VsTHWVG$=woHLwmw$H!1!1lfc3Eh
zR0Yq+4plPO$0{7&`q*(wdOr3qC3AeNM(NPU=A*JQh|Y`EYCveW?kh6kc(EYG<HwsC
zXzWJOHCUSj-w%k=ZiiqhT9J$tmA({q?hazgi>`txr=TaVNCxZheT!Y+#UPGo!A^(b
zO;?aSkgk~?w#Ac@LF?}_bSwn%GRMpgXr_jaMJTwvGc|AJlPzAr%x7Y5#W826QY}{Z
z%^^=urdmGg#LOb*e!E3+Iwvz7xh~YAu-=sn5{o~;YnY!Zp#3h6wlDk#z|R_ko9C!K
zb}78_kEqWb*E{(Te*EReJA7dTYbBx<>!D6&Mp)NvwTM=C-$+!;MNEu#Y|#$J?Wi&M
zJwTbQW9>y@mqg5MI6t(5YtwYOCY+CuNX02I;lpai;cW}(pBnlYLdA^ty&8DrkUb(P
zv8@;L%Vb1sYe>(w9%*cA$Q;{Vr{$l{<)d-Lw)JY;INP=eOLf>Z&NeOQ>*IR2VO!SV
z+Oy%enpHQ=N^Dq<Sk{KWYYf)G+R!B%ZAj_LX!z=v1&AD}xN$><-h;qKtsa_(wLyFQ
zA{%bkaxMJkRE^4AcH#X6+(hBFR?%VD7^%^YunShgk%}{_GsMf~K`#~ez&hCka{n9j
za=YT4!9A!65T6Fk?$~zxenfT22o0K3+-gru;thP=Ez-L9mWf1NUJkoih9m!6Ts#Tf
zw#xB)g$Mmo-15uQh)z~6!CWNLx8)2(JVVKJNEWyJ5izS?33HT~8N_@VF)vb**BgT}
zk>Zw5p~bFIQj)igK=pPV4<)))a~;5OUny?40{Tx-?jYvwYu#@AIgK2@MQ6~U&MivL
z^0_@W1gYYpVLrM07bu~)<YuBNnx)k8$l~I}KkzMC<#?1EbksJ*+wG6LH|4ligO2J{
zyxqe@^OWNj8+26r;<e+6-cv5dTt&Nf4^1Fipd5GXL4!7LHykRu+>u+RTC6|Q=Z?B2
z(xu%Bn8%HH)LFe-F3jNyk0@YI#J_e0|BJdaf!C>O`~SN4-uHBF=Qs`y8IO4k>5xb?
zh@>K<!Ej1xpi-#}36)A34aty5PMSCsMI|E9;2|L?QzZ3N6q@D#z1Cj)w)W{g@7wdd
z@BjaP{^#?#?z67nTI*VCU27h9ccr$Ou+9Ux;O+9|N)h)R1|!W{ZSAf<h6QTtN}K|B
zf@!r4L~S;BOl|v(NNI2`Fluv6Mh0p-kD!wV3)I#ZwN)~ht+v_*3)J=%YO7{2TWvNL
zsLjUGY72ozZ8mmHZKS~YZ8#0yCCd`(1*pnES*_g7+}uqrH_#aZH7*rV8C_fXjqDfr
zi}bpA6)mCoxi1-i<XxVj&!Tr9M+-CuCXeYtl|jj5>C31PU4`k8OlEFsq}0_$h^U~-
zMae{|+i5y)Hef=)OOxd?Zzu+qzso7DO6QWxqea+d$<k#jqT?bMsSOLs)(J*NkgdJR
zRvXjVI+Sd+K|fpPJfzf9#yg#s&er;bwa{Qewn}Yy-C#1cl-e+mY<<sQLAI8ksMN;>
zi;FvI!$Gojt-<VUwXq;uZ7iLwA<$&2jRo0S_B&#<QxtPexzgX<pj0+vy?(tT$rJXX
zrS>o_a-<dV|C}y)<p1t-GSqAN=zf`G_NEgl7bmv>zl(vzC=93H>_ot-&*k$b%?|jb
z;4TF4)c#>6HxO-ksfmv$b&|2Y4O?m7%g-jy2O1FdseSM2z@6T05m+EU*YMM7{S3d+
zloAl>)#loix)rMToA(Q+Y)|BHZN1+j-V1GcxgNqC9sG*#p_KNpjJc0*lXcR2911m-
z5>&n4qR9)H^Ay8aX1VWFN3DcJ+#?}zl}0j-(>7W6AZ}tYaknC_7>2km7dq-*NMgE|
zw~cFj?wh~9gQqY@c^V)7Q&cU2#7)CLW9mvs%p2+_RAz&OHosk((`At0MIUCUe?pj}
z+2(aZX(%GS&N{&SP1__JyiYH0S(0MqwOr35h>-Xk{JEcHzRx50^lg&;@o8IXpP64}
zs7{dhJn)t8bBGRe%a42~P20qtz-QhclBj6b){QJY?(-d%HyTgQanqP|Z&$ZEQDw>N
zi%r80^<#|94JLI@9?#Q{F`jBbseBrg#~A+t%43Xw0p*Fgzku>?-d{j@YVI$fyqjl(
z>38#NF#Wn*2sE$D*_idZ94V1M=b#jOz5ILLYmV9i)vF_mV0C!52hvQ=H=IU>G_&JW
zPhG>ih?@E0%a|IpmvSS1n$AtAC6H!*Uy@K`U-uc-HpvV3_3L>g=mx|z!*S6rSDnHM
zXU%+nnx}@Jj!dz+<^fL~hBR~POi#TJX=d@ls5)~IB^GBA_pkoxD(4VCp5n09h0qfV
zrETc_Hb0-7&vUL{@N;rkPtC4LTheV9xz`qMJT&ilkO>&P83qwIJePDcKi9U#<-3er
zuVyK~JE!iQvWz|5YW&D*bN3%;g7or=*NT@9WLdfU0P(zK9Y0s|<Idoc)S@0rZK@)z
z6}xUU9lnpJFztdGwTXD6xDoLdgc&zK@s_c(qBm>bdL4c3j}f)#5~W(m@tC^~<G&9K
z9isc;$Bw=N+2Ygxl$o-Ln>>*A({wXmc89dIBg3NVgsAJ=OdcLpo8vGN&dP4w%K1I&
z+gy49j~zhTX71y>4FqXvZKuZ6hmf}Uo6#vdCaxaJGXkE6X?-Wp&Pkx9rt-E4)Z!PI
zr=};=rBI8nVNTh^3u}<JIdMxum4>uUNFf!fq|}V>(T)h%S~aEKfy9~7dGCYVeYh0+
zG7--<-_yfU5n2qvOEQ<_{_JZU^$sL{ZL=-M_WR#4{~ejD-f>j>RepR%C0z9zByqd6
zJ5Sg{#nb+;#-{>D0w+Ks=YkWXYAqz@7QLgY2okgHruK-adJ+;mw|h)I3W@nB#b)@l
zznbm%TujN>D5V4UHeQk*Y}_{6eqC-kfAqee*LHr{=92uDgj@1W8@K<Esi(J660h&h
zO%|!aQ()e@n#;_EhB+gs!Ixum4wX+=Kyg;<0$0t4w4bLoni?$9ns4>g+fa+AU>-O`
zM}8RQKA3BQ>MYL6jpXe!NIPr%Kvca0X=hD?x-HIH_l&9cAnokuD`V>60WczM^AuCj
z#o3M-F?IbD#@UJ@jwQTgoQ)c7s<SxjayL(XL0a0a6XPmt5{yV&In7jOVQzlHRCGx~
z$mX_BOx+e|wh}88obC7K3<Mc!T>23&;7r`$s_P9b<JT55BgZ8UZRHk|4c--LNke=(
zH(Wo0bj+qan^aHS0VAP2y)>y#e9PDjXq%z_gtUzvzS}rxPVmDQd47qg<gXFcf-6Y=
ziRoX1OnwiU|81t$C#GqC1!+G91w%ytBPbaELO4~QF^T^N0z%9l60Q?3HYLVdIg=Qt
zxpiq;9)()CI9~sUquL#TNk$^xQqT1}lD!dcU|U!1fLdT)+l~d<_L#TQu<{h(en`wa
zUT{@+?m~&1Q(3Zl1`^ydyKgm*ss_@y5SrJ$Th#Bv_HtnU(x~5siA91=N_SL9szk4%
zdlt+O*NCZKAdzb0n``lwYHe`b+_%A$aLnU(#r(b$_h%Ny)r*k$was&1h^ymX1jqfk
zE4WYti5uIT+RCE<P>Y|q!rp{M(WZ1%q9R)@w%HE24rNl8%bz0N-!V73EkivCNrXyp
z?_M%9L%j#-NLYdKkpc458%-8E3|L!KiFnmMW1|K7&&(@nQaap0uHe2T^RKigBQ8Y8
zxGBjzm&T+X7lOr2N#;LkNk)%Fm$)g(d>#7TFFMA}cE%0`v@>FMW+v3#keL6;$l<!p
zzIi@Xq1ilYJGgDWWm!`F3~4#2tKdmghMVUYQZ(LA+fqe_W((hBXx6qdBh8a|Jh{r{
zO0~W?5;CtE%ok*6aC&x+c-OqiO-V@1!<IQ}IV9#*Nv4C4_)XMyRTrpd|FE1N@;ue5
z21}#3x5HXHjvGMt^9fb(p}%CPS0Lmlr%f$t=-f*jRg3NUo~<cyMHm(?Au4x8+!{CY
zF-E9oS1ew*&rx;9!C>(n@f)xda}0~$FbsK1TX;Xd?WjR3d`I*6Uw0*D5j&6D6gAiS
zj<)sS?qpA5kEGw2UJZR3vpCwm(p49|1G6&X?LO$LK8Jiq&+xy-Vaye9w4kA<8Z;t}
z`0n4sQ@bGX?d}-OcRa_yNNn>@VUTfUL|l1CPK&DBc*j%B+b-itvCFmDec_9kYPdV5
zde+Bx=i}nMycG8%GPMS8a@2&uN1u&6J_U(+@x4ja{66%Exi7D>Z-I!ca`HYxj}vZk
z)aw{}-iEyWWYrxR#2H382V`+-E0MdN4>h&k6Nxyr#xf^3o}V31>#t=_;$K900T+$$
z0^^pba*m_ta<7E_TA<TBpfm5r=lT4ItDb8`eEUgM%1bz$_X#AC+jmt`U3s;RsB+5R
zgzd7KQI+ITQYixC1}4?V5N74vzmgDM`!qx6dg}%px%J1r?oAZdffUv@U%L@+!pV->
zP!r~fkooU9x_G0bo`l-SvB3FsQimYTglrCTcJXY-Rc$`vHo@7ht7b!O8uBP@Po^7%
zP@4&KoO4$Y;U+QOy@T2`#d_(ft~!xULo@p>h^oHbqdv3soP_GyCE+tq_T+-fg+8O)
z2g#s~kR;C?)!J1bLpta$+qkOjDKHXrO=RB;Nzm>M^h%2$9ryToyi~gjl_aycbTGhG
zk3(%5k@uUg<$}{d!(`BFb%nH_SGd8ujAbp&wBF&W<<G%nkX~Ec?pO3|$CvZ|1098I
z-fZBha#V*l&!<AUV&|6g=}#1wUHqK*GcMmHvEzA$VH>2GrB}sNX<lE@%pJ6?>mkjQ
zpBz_LL7K_rb%TD8Fv@)hQCmdZ0>s76i>gZ?t-Bx2kE*k~!ierx)Bjc^JGAb8C&Ug9
z!H6ICSE?bT{S?s~NB%I*mQ;(W%<4oz3c(`!<{1647Er!sOkE0T-HpQVu`uFn5MA?9
zNIPpwV(yg$NjOoSlQ<vJ%z%%$xC?1Nf6$Ge`?2x!^Uj#+GB~2ze9Mv9Lv-q6SzguQ
zgbHZMjGcR4Wv<NjhuRcH+#}4$JN3cbj&gAy+T0)-m8eyFCa$i4bTA>NF}G%Kg0xMD
z+0Gc@#LuviJM6D^N~nyp$r4e)qn#7#Ye?&T#05-zA#HPEkA#{JiH&p3BMHu~@pA}j
zQ<NevLj^p<-1BHct%r1UPo3mHanWWFac}xqLXCskY~lvrCJc3^z+4j#m%<k}^HF+;
zHX~d=svl0M&fU>)C%l*9d&Rw=HtUM({s#s&XN|%}Qd=_9^f^8U4rym0Cgdk%^Ea80
zfDrTAsTrzNy9__j{fwsC4~3C7BIGQ@gi`waYZ+?a1?XTVI#|G2KDEaPu*;uk>+n5#
z?QEX4DBd6|rxrbro=|uXGm+{0tWqN`plQ!%9pC!}<ZD5Wi~Qd<`{%>GCwO4w2sC0_
z#5Vhf`@MFILw+8}R}tSLhB8C&CI|wJs4sobqE)n4_j00o2~>CsrS0Oyo_Y`}<jq!R
z0oKkZKTvRA$5ifJ;5#^OIeKtZZG|-RXvdiPC#0F^LtMRwG;{xLakU2$Mmg`TC8+iM
zH2nu+<{_r)=bjn~6)u7q%jYD%f(qrB`s!Pvs_v}>AkM}zmi-da&c5Q)5NF>DBhG4^
z8&jhp?d$`FvyFPeh_spoyp;`UXG<pXs^=u*tj1F@H3rho#y=NR-$B~hw%g<Cl#xVN
z0$s_Vw$?o`BJG5S;%Xu!&Xl`-FOM&LMNA9OkY10Sbih;1e*pO&$AiZ44C?*FP?-If
z$JB%U2|$?3Uu0E!zF}T{gtxRGMJ6_WadNNVJ)a+;!fZ~lR(d$9=0TcyfLD7eU5ih#
zdE#Xf`ifzS9*e6}ryvF!f4<;;8jGsS<M^CFm_r_qsw0qQ_TC&*Hw?k2*yJvasV5=L
z#Ae0S!;mm^_`7+~q2kBHq&?wXwuQGMpu!r_h*NJLB|?h2dpxG6pu%q{HOJi@RS!X$
z+21>+uIPhgu{r6Pn0f)yOt0~A^&upTj4QtJRBxzoJPtp-DylNCMua>TeAdvY8Ug7D
z>|kxG>g_N@z`bT{R84`jpL+G^r6BERLJOXcg*3D8{FtiR6-H99t2>Vu^?(rpgZswR
zOh^m3|FM`_25Dz2XYuUAY~yV0Jl=SPw6mfClw?SY?ma559)+}@3U|rC6-GoCJrGyh
zA@So?em$<bLWQ*=e%o;B8z%7;BHp^@TmcdlVII|iJyX#T=HD*kJxEci;KLHWPBC9a
zlm96MuA*IUF3VDiQr|)BrA<$%0;q6OtSiHl_2n47&CH4yFkDgPUA1_Pla=#g!c)zJ
zxy~t-s>XPJmJuO)kBbL8wUW6D-7vVU3RbcCyIoa)$HF<8S+7=i)o9~Swo41UB~#0=
zw=vmrNe&zx1`Dfj&LTM!be-`oTQ-GfX2yEe<74U~zGH6e6r!~pbB~&3<JS@S0}|iX
zZZc;gk<ZJ8ndZp0UDjQLu{45Yo2T&X@`)RgVXSk@NKKU-OOU_WF+R79_FZH!+1V=0
zFQt9knD2Wf>0N1DO2CD!nj~lMan#cWlRetPrd4TE?>m8K86mPd`p7$e=4`{3&#f17
z<^&>ht|fDdc$7vm=U&pc6SK~o)ub=`CM$Ec7!je&34wm*O#PDMpLmqadFVujx5l52
zESd8GnPX!*bDl&eHt1*03!rM1A9J0zWKMrFXRwGTbIz7BgE`2Y^%CD8bJWepGUrw@
zC(j77Gsnh!^)4aEhIWu-j`-eVQekI~jrqQ(lir_=OWCiL%vnR`d~WH^&z!Aiv0mBH
z&z$w&`bj*F)+f?y%Dj}?3XwUtkvVzK_?a__%;}0*XU;}4XS6Uu&8hjFFG5x`(={gq
z`kB-6E4JlCBAK&<IgV@mm6phoIiHX@Hl{P@U36lDe&&1(I?#9zGUo;|XQzlKb1o!v
zvgaMkoc5U0nKM`zzvd)&BIprY5Gr4a%3m>9kYW4FMnhQV6tzjaY++pLvQNzsmo}zd
zR(+TB%D2}fQ}&Z7b&Ri+q+QpTHazk&7?K*Z^LJmP>#?QAyg-eC$dtRul=h4KOqorl
z492W8Wfz$;OPC;2YW?Ah2-TPn=x53Y`*=1&B$6o~6Ul7jPbY^=*-fU{n9h{%(3%bU
znerQGXX9OtA4qdHf=p3dDV0p=Po^}(9MqTs%;`*dL>SYY^(F%b8$l)mQa{APn3VZc
zF0UBb4qG<%a<Yb@3LAX>)_RF9#juuLqxu`k$@myo4Y!j_{!8%94Q8sG4&KJn!P{Uu
zcpD6Yx3P5aJJEOtJ1C0B9~6&zc9eAS=sh%{9)+ZMw2%0^3bH#J>9w|qkE^|;i^roB
z54F-S9`h+4%`ofY@jdA;5GE)dlZ}W_@d$x_@%V<F^G8G?#lz{qAqV46jweW+-M>4G
z>EclirG^~p-mV7d8sk0a?e3*`EEn+<kHHj=1DJ#2k;h70x_ERI#uSfh$e#m7kQ|9f
z_jVTMH;GLM@=rTRa#wsmZ7{n*wK3m!Y0~?u?VHR=e(9*G221yLZu#*Ebq-Xxf%Tzo
z4=~5=%g@VD;h#*&UVD(onI3}q9wz%?#yL>oPh_7vmTB!<P~lZrojQXi04i(-vzv9`
zyeDCruv&N8Y-IN2=W(d8Cv*9aG30W;OBmH)c{#sCT*t5?(yQN+lzJE{tm?Y)d%vY!
zrdupL!>yZ|3Uf_)-|bLQo#$qzUIDztfP(~7ZkZJ0(KMJP;LlEGYSA_p6^%=2?F;ui
z*?Op8gG}q|a;#MZEHQ570!ZO62v~`L0F<JKfJ&)?O<}OjRHssMEz?HZWs4seeZ?gL
z%_K1doFgNg0vId6k4%8NPx#fz)E*wOJuFXqAdaGrUB=5*5}l|~#{mOgBw(P90F-03
zX?6T+T!z$PgI4US=lYu00s?geU`QP{m{x}k9#h8wJ9T+`L+WT{0t~66D{j*I8=dxG
z)X~X!xmXezGwSGJz;kVN1Yk%VeT>VHI&9EV$L+>#sB{EiNF6qqR)-B9Q%8}Vx}E9N
z>Ebxa1V|-Og+b}aW>k_^M|&7QhNwg8#cbn+jc`?%;U=}50L&9m>V*{R01QRk2GbF@
zK^^hbdi>8dAsPQoQ-i1$HmLn?rCQja?_a9LOU8dl^EPN{{&VBDk|ZD~hyfT%fDNV-
zV1vgrKiF2}th6Gv#(pvZ>IN6h>y{({Lov2NlM|_JB(G5gzwU7KQWfTq5nq4CF0BFk
z1GZTS7@y8!w*gNPa05-*Z_~nH^@C0{(WvJ!P!2y=FXfg=v;w@!c$Y@6dM028z*`Kc
zU6yubcufHjwXZWax+Ch2b7_@qP$wcK4{~iYPV3NZ7xr)~r@p~|0G^J(!a+_nbpgTI
zV4GXr%tRYHvH+A!^Lo3<L?^(XjZ8Vi>Gc8Z37Dwp>q=tl^_AGByzRW5Y+#)U*EzYV
zp9$Xv+gul~kjSNn3xQw6&)@=JKcZFJ2#|Sj;muA{t$+es>KLc0R)7uq3J_gAV4UiX
z^B$*)c4~v#X`&V}m~5Qt!Z^XHoEk*<Qw?~ggg?Q_Ok7T412C<Y8vtK1E@hmd)p9%F
zDg#P;qt%ichR}ls)w7TpP9*g^LmC^@Lz;2;w?RGPRq>UZ89ht6@8wpC-SrPjGQ;T>
zRk^5wIqNt-8)S^%;z*=ws^5lU;6Edc6U|6%$mN8H+>cc8e^6waA+E5GTO}?<WwbCY
zoun=zw;AD`aGEY60hrc>6p=@bONmUnh|D#hc6qFbEHkj4Kb}P2EJefy(?uizr7*Se
zi^x4_bBz&D4Y=@B=R{pZ_8L&PyIoAa+u*Sxa!Ms%XL{J*&6Fk^)K25;(0h@n<3gui
zY!GVQY4kn}^X*24%t2Z_8>yOTi;6>_uj15aX!vg9xGW(eEi2I(#{tMVMirhDsgk+^
z@HyjB*YqWk3W;9DKz(pL@fa#!Xq@U%@@J7Ui5qeHo&j}pw=GgDaR=asHn=@fEA=?w
zlFGgkf{;>``1V!+ie?C@X(F>2*zNpiWj=b3|7FI%R31N4FN3bJ(87hpe-1JI(11Fo
z8zN=m&ohO{{u<40j8uxRVGhwAM$aLBmpPO$%pqtHmLc*d<69?bQ>0$vL%?5)hx0QR
z8jjfDl1Sy$r?`w%@zbf>12me-CrJS)GIcuZ6$AZr?!~`n{2xna5lKoIRAd)!j+9Rv
z#Ayu!>X?2K;ak*u`IdnJ(|SISpaL+h=hKRTe)yUAZ}^w+mlA#xJNzw#Kc4Vs+UXbN
zPo%OuWk8v!7k<R;>)$AlBMm6w7cPiY)8JiUutln4%2VSEsMWV1Qa<%nGz_-9!%HMu
zc*Vdb(jmkblh3mxpGQS<<D1B5#Y|7~Igy|P>tfO%qSJH6R8>E_q+X@hc|xF`GwLyS
z0n!Q|jMUeI^yM(R-sV(7YkB|FR<&~K!HgE>p-7GRD&kWl%v9p@1@Xy77dk%WiO*OQ
zAIUz6Ph3`P2a5|<YOCs%T49cbzaF;m*+@MdejYDj`r+pj<X||gYNgJDS#Hv#i@-CH
z8i~`2fx7<We22Iq@z*a>A$~PZb_$d2RL{8-Ci{EZb-6>8a|>L1xWY0{)%e3OqkZP&
zoI7FUQ?lA!d=|OC)3+*<^FD<pkI&{wr=If(Oo1?T<~e&{W(gxLbo^OF?1U?<O1Lv%
zvia1kFYi^j_Hc#OoV@te6xh+eRnweHVV1+_Qk%09cj|}0*NeoWJsiHu<orNbqhWL`
z{)AaBjKm^!Cu;xE#3E<C1O-=E-Kn5-4>~Q+FBf`Je<?#4=|OEU-Gkbo?m>0GHdv(f
zHAA2GjWFrs)BRci>Yh6o`g~ypo9@>R8Sq%YrcynqD_J%CIO=@v>sCx1qORCrx~_yk
zU03wrsg@C-7wr1G)pXBjgXx|z0HvDvJtOau%t<J3Ge32nX3EaNmd4q<k1v0%$PgZl
zcs-@wh6;amQxjPe$uqWkP*N$9l{J#`Zi6h6q-0CL#$>T1p|=K%Z(UnhG)XnYcVioz
z;nYZ;x5y2Ht7KfK;xGO|S(hxS%!S*|AG+#F<5Qa1!c?S^?$d3sUfoEh9?RLFu5d~V
zc*qt|I#Napu)(wd8#DrB<TJwvXeKcz7s=EkARA1VlmL_&Z+ejYg7GfeOqY~545&xW
zdIY3WPonw*2G>1BbyR;p%Co^h^)@D|*IEvNftEv{(Xu3Kr)W73Ez6i+aZ^M7nnUU2
z1YjsR*~X;?gE4=e0riMiCr4*wHpkcsYXli-+=MgI0@L|$r3G3UIl;iX76ln;gJ}Ua
zXlJAm5Y9*oOs9N?0d@8SRsKZ-hBER^18Q~n8L6B%d92F)fS(%ksBm*xYRl-#msaJE
zw@ayUYu=zHze$ao?WC@zCiF12derc`Q#o;IF);7hM2^a-#&w<cqSKW$@On@#%=@e~
z={)41prjy2=4<U?bYm)m@X^9ZV=D8r<-+(ejW(0$@b@H{66tj&F}hn~^=?ciOzJSg
zKdG)evGtg>CSwxpte>#?Dyc)w{@Dt3Fibks^}+<9Hv1(Vs&_eBnIf8z)#RFf)97!{
zO<KwW3lN(P8|acB!INyy?We6-j#-ZcYtkbh5GGhnzR!q|f|VW_gg}2axmAP~>sKVQ
znk;j#!Ny;(JtrN9jioyd8}v6DD$*$x8Sj$wvf1!F)wipNXEk{WwRSY-U^Tf2b9yy-
zr!ZzUS@gW#2-0INvv+D^TJOm^1i94?lGSAKJ;`A9YO;;_zJDRT&ls0_dc|t;Hu};B
z45llkUh1FmESEi?!iyq}^J@8-b1O-V^!nzllxnh!%z4qx+T@^1V|$AzU}>g~O)Z0I
zc?JGXu8sMziC)M9;l`zo&5$O^=A^Hs!Ss^vn9SG?nGXDhO7F^z|3Mk(idmO|rj&t4
zgweABU0RomySvNl(s}^1A5uG{USy=of<)oHWpv(;Gnmf%@ku>su(5RB+n_(~=9Eq=
zM0xG_5yN8*BHm#B&l7WgB!pXT@FoY9+{!=kRkWT;wVcRlm9pG`aL)kQBuGO}U0j#P
zJ5~&QTju_K=HC%evY(P|&gB&Ct&ome$<F>An|~+S|F8Un(i39-ofw1!gqV`0mFP^l
zgMz{{l2bYzC_G#%RV}x`JQkFs6@Qy?N=bRFz)wf0<tca!F->=I2OVnJ2%Akkc#W!O
zQnl>kv6U2xhaI$kP4=Y594|WKMn_2<XxWdmIX0u5r?7Hg;HR?KpD$;pwx58P&xbnd
zT)t@3avol8;X3w}&yl=;fvLu|?T4ZN!cUd2ITr@CeBnP0=bO(n)TP@pd}$Y!PN~(9
z7TrCYtCP@Q80AzPPTD?-y2sLPGyZ*ick>SKn0<+ia(-=#R$A=j#G6r+`{4j?q;giP
z<;6tZW%VwjJu2${{}IFe5c&)E=RQ$&1!qB99;I|G`8}q-=i{I)Bf2bHK@r=>PdaTS
zGRmno5XUFq&G}%X2(o}7pWBJTstfG9BJy=O_Z@zM5~-XT7XmfnC(tdP?4lfEoSbjy
z1kPW?nhDgBS2Pd3m!WFDPyE05&+0?THO2jr`wNw%eU<84Vukv*Y)VW<C{6!6Oem!x
z=HH3+-xN@yGp?eSE~T97-ldGlxk`rvv&!Wds%q9QrOsHW@2YT&P`Pi=!2SrGv49=%
zo!$88E~sYy_{rhI!GB~kXeBQkLVxwM>^)EY1ZkT_yFGO|q?zoSqpBnHSDUpR_#F9J
zvH!rP#RI%90R7d^!q##1Pe|KTJT0!yhct6;C%&EvX{PFMj>AHK6%cY3id#tZfGZN}
z2}lcQK02YUfi&~SxP&_Ke#4A^KA~1X+UDd196^9I)46+6je#_Ccw&ZXJSoFx&ciU)
zFkUB~Ti?7gqRtpCQyJ%L+Q(MQKk%nDT|gqe-n@lx6hdcycJhHezD0qySo&Q`9fZzg
zGtYVLZhY(0!;?>N)Ly952ONa>;w(q~*3mF|EM?sYX`6yxo_Yz=Ovq-~oeA|mq-|nd
zIpGfpqx|=<#tx<BxCy~mf5o#p`M~eh1$m{L8z8pX|H7`fzfnAG`!AZ!YYl%kJ|@93
z`!}z=o3i-2xF4UA%*yFIk9aQS;71U1|2bawL^L#Bw8TdY%^M6eVSf_nN3>Xdq^E9!
zH1m0jq{?rJM#N^&>lx}DNHZ&|r&Q%UUMCS7n=wb6$KBzmT~Mcq*k_JnGyn-h*0pI$
zt>yl!a!+AZYZ`RURJk4YT6=omH~9GhI%m3eJDWWOr`++lt-{awP?xE^)jS8oc3~F9
z{3F8d_i$~SfZRra7r|(^C&Gkm{w8A!C>FFG4-!*dz6X?kU&LF(do)dZ@%aC)h;8<t
zee%X!#GWZ0E?yKV$?WHe_f1Q_-|D+G_YuD3J5YgN%dGSR{N9??X<MmV(h~ZgH@a*f
z83FaXl%}s@4{m=!nz3z^b2QHBbQ#F872v5Gpg9vG-j&={{16he^Hoe;1Bv-|{_hs^
zR4#cQb8oJ4+zB#7BxFRq4|#~^BawjlCw%M^Us(~)a$~MnJW8q4E}L<|d7p9FigKZ^
z@<tYC_%b<wsw=<uP=IulLZzcV{B}>3Mohn>IMOAoTbH<c3hMW)l(4&VDM&>D#5>5!
z`RGBQncSJJ!?pQ-15i?kd4G9Qb$i>lQO-pR8M75U<4?6~5-ck*v`Q~S{aQy-=Paku
zF}4g`RQf4G8>|vMMHql}$guP?k0CI4iZB3~w%X4;K4yYiY6R$~2%Ej)Kl7-cA}oRl
zo+50v5VLuTun2SLDZ=ja{4~`vqV!XQ&3GFo{S;w8<3i$)eu~frk3B``F5?xe<Il|y
zouFa;3iyXhGE{FGkACYTUM<>=SD<2MGBGxXAI9LyIn1wjl%Lik9MxaHJEN~BfA<X8
zHS2ROVA8%#9Ypm$#EFFkFT$Jya|ef<z7d;CqzRWc(ET3A8ah?Rk~v3!+Tx{Wv=pwG
z5BY=8w*!xBB+4?H@CvTvimbR|)u0435q*>Xz)#|fuku39Yf4R99`XK$*-V@2zp2!?
zPw;gSMQ=5Xyp1z$sEkuyO8D{yNtEPqA+PlpF}0QKo_0#aHk&H)^1~55DxX$WDukrL
zeUX%Y-yx!A9zbA->9v!GgrJ$7dDAq+9Nxn%Rn##v!bLaRPt8HHy9Ld>D8`b<kjs@i
z;cR68isH}WGGgY9Fw8f-Ap?|p3!1qu;@<x<i&T)rph9*dznI-eA>u`?@}5czs_Lnl
z25t>J^Ws>QM8#)#)6;-41Ez-K{AL5vys4R&##*NqmMaDxisYv5D+W%xAyPZ})mA>T
zYrLZxHSHt4jp0^rmQ;Npo!qI-d1e~YOz!3k)eD+gmO*}qIi3$0*1d<+q9Wz|gNd%w
za0u$&jH$)*N=@H}e(vGg>^^AvZkXQO+I$0={xZzfXGYW-X!;9oB%@%vuM=4fi1ga<
zLrUfI>euweZejpU=x}4p8n2qZ)U6aBj=s7c<VEgPZllCE%x4}pE@Z=L`lqpz;&0bs
z$5vc?8oMaI2xdLZgc~BstfyJ)EHchBaX#VOs(N$C#?qTZ0Vt~W*Fa-i5T*_x?7Q+g
z4-k*`VjieZxu#lS_oI=`BSfS+mY-@=3>-5lBbl@2Q(5Nr)R;dLRpaO5qDYvdiSqHO
z$UGp-BN^r5Tj-FQ@%RgZPKo~$Jr0Ix`D`?^>Z344FeCW#sQybm*qHnEJA6G-Pt^3i
zv1-X{ih;W)B{|6n_>*x-XP~Bk6|0`Sr5LDPp7N2aO6~MzYVCg$tDH4;Z5ZTbzf@sy
z>`>&m)Op2xxA>AHJhyFeLLyt}*IQ^$3rTo^3F}OWRke7<c)8CVbwCtQD&8%A`*8Mt
zxg4Fb#mmXL`!3F;!Fa!TXdv+t(I0JmOUa&|70*j71)O1nrQ<ZYJhV2;2D9T;6I*d<
zgM0c$vQ$bQ)4Rerm5MSw8Sj!BM=WemVv~53*w~;SD?d?(zVH>;P$V>nm(yYcP_}H+
zVr?)j)&_mCDbY%Fw=Y$)U$m1F?bx6eAX>6POIuk+KuB9THW+9t*9HS^*`TkjiYT^{
z?X*n%xa4;z)&{?9!M?Q4>mkOeR&0xSwpL33N`seHiw&mLVuO}ih8w9`K%f>IOsmBP
zEwzlcQxFuQyKOK~%Y8N&sKo}4spSFNX`mJx)M`<wAF1!>nwqKg@}ZlP`m$UYl=`3b
zWigl2swGoD(<a!y#bHt!3L7*HM&hAdp13nX=|cFvn;WlDomxbtn*P39Cf)>Qr!ZG|
z72+QgiDtYaF#RO2LhKos!7$U>CgamE7m0azq;&lH@^}&E;z+63Mg|?(zj$iqmg+f2
zH?qfvxlJFQRIS?WRa!E!*;AQ(R`D*#m<5mU{Mb8rwAL_F8|PG&H@g*AT9?($O0Ea5
zvd1s<(jG5slAZh<td_wt1Z$p?+y{1|!6aeJPA*&Z5Lh#ja~cE9RI_YP?KUoI<6`=$
z-U*3wih*779jRK0VRK#evdKQ_FHlVzx;j1e{srCY-tBC9{}9vuLDRccXAI^JkPZ}@
z{th!WF}O3gWT>4dA?;Hpa^HNGp*Bo|*$vZZM~2#e0sUeu9?8hw%P59F8AvnCrcZ2p
z5O?3l;-`=~1*B;DkyyD@C)$HYj8g`VYWk3PgVbZR2R5h+{!H2f8#D#KCjzDz0lGaH
z7B8Q;9B{e~4v&{l-2nKs0d<dXd%S*X4nf(V4(fS=vOyD68w89q0wf!!-xRMI&ttc2
zxuoWTc;%{@FzPo??PbMYr8=VHd+Y%Jh}BNL_Kz?qr>#?EKMsSsyJ<pjws+Ir<cxTY
z0!bj#e~#54JN1xw&LBSN#3*|DWsG&|?Bcl?M!wUJXMF5dXQB5ZXnMzZ#JOSv!<>&U
zljniRr(w}ZM%OR>ayeZeP?<(P^|}tLyQ1+PM1Qb^^H8*L&X=1w#{i>iLHt*?3%mY~
zRbezYo(nS?M(-D%lB7-v6YLqU+3U*}ji>jFL!jO>PQ6x-`e)qAUg7kYqq$ixG2*eo
z;7o>%rAIsgs6z^l!+dQA9~{&Of&M{_!~@i`hraUTsw>N?Xt|v8q#coTPLDF$aIV_S
zCz(#zo1x}G)2GE`oGxFa_KFyZS4x#qv->cfl!r0B`n%W$hGt&@GU+^!9?S<$WKOcI
zcEnrH|I!06^Poy~{$D0$-VrRpTw!!WKVlD{m`E>aX0oJx31Hb6r=8KC1{i0YN&yW%
z4G>^bKbS-6PXpMPnM>++YL@XI6`4)4bvSb^nafV7pu@4TAe;cR!?Cd-9BKPrFfwHa
znzm1ev&;^sRb?HHjRoNZm>rId1>s10`mT|wb#!uB9nNQVIPI(JaBM6HC&27*Y|MnC
z+vuI1X`_|%7Vn)nYvgCxolJx8;Ab&3C^u4)867w)#O-Q+4no(>jg(||XY(Pbwa|67
zWn!tP)p{0NSPv;z*P+T^%==kSKx2Mpa`@GQj%xG}%)SgBW?9S&9(_+qDfcE!TcI)g
zdDi8Ex~_U15{3rC+s0xar2WtP!cqI6F>CODn8x4t|J7G4^6dj&hyP4YblwPQW<V95
z!-X_+sGX-SYVR{h&Zyw3^B{?gyJ9ILytiQb^EOGh_gys^8grf-arR!vYL-+e_gV(x
zA3<Y!vfioOsk>eE88l`Z^RU)j`?&+s(HzI|{P!S<ru*M!hS04qhP3EJCDv0RExLdv
zNhV_2W@a-_ZHKf?+mmSrA)TC@K0Lt-jTz0WO*i$WQG~_}fO&6#r*f`>X`YNYU!)Vd
zAJe7R1Gi>Qs+=bVqXBup#GQjF<3=pTXNiUE+qvJtpM4Y9ATW2uDQvg3Wes2Sn7=hc
z4TW_4y3;*RfX3WM-et_eyUzReY_86M#yqUEyYIma^#nBL;Y_66dX1-Eg~r@hI^z6D
z4E$&u#dPH$;Kxc64dryDpgDc`@n&YY>JT*HOWsuM$Ec=&X(i?t7%e!T5P>gwC6fPV
zQg$Zv=a%E4bRqf;(_r2Nn{X{fS)|s$zrXa+0Mi4|v&XUY(f6VZ^)@67uI~Odsho%T
z@n-Y$9kgW#vB{^NdYAuZkm=%bWnF&sn*UWlW~imm*C#}r2j0bDheH`^3G{UfKj>17
zubd-&`OyoOTgOvlA8^!=vm?$uZHSdvd1IIGu;lBYJ$cmdYe(&X#5{u;;Dyy#HtmTp
zuh~vVt$^_BJzl|64J%@Uc~o6bWzx?LX~O${yc~B*+o(2o=dHJ05IDhSJxm?dFV-A~
z=>_PKwh`~b<6QMMB<7>LV`{>ln3!>YW7&j>^DkNKk(TB#)QNN@r*nD?>QRGN>iYA{
z4J3F^@^LdH_>84-b)bLb|Am=&jxNjQk51QkOf}27YU~+Cw^Ay-H><nqwmi`DM29>3
zMb*s(Q8l)qq;a214rssoD)X*t72cR1z*~i@UG)|;aVQ6aIHC0uB>4CfJynL%Am(dN
zPO1Ztn1>$V0aXb1${E;zP|j!IH5Z!LBjR0tI72OlFcac=o%nh83(nH5<)<QT&Wwuq
z(sAg@EtJop8LcDUf5&`A6Hk2%&3Gu{{cr+L0`dJjWGZJA1<rezp99d0rV^h|dAG@b
z%yk>4L0@L5y_wSf>%#gxtcG}L54ZY>Z;7dUZywJLUKvq~WvMm9WL+FrUvh>)+k}|G
zZ^l&-!^6c>@e{K7cbFL*4>)dY;y(!I-;q|LA2Y4-YQ*(>jEh$j_YgCl^nN4h6`TKA
zrasB5CQ1CC7i~wBV$qZ#LZw=9b+8=?SxWAY$KXxo#~|Jy#+x5Ni&tW+U$j3+b}o|a
zJee-@e}kbjlcIQdWzsKj2kFW6R*XCLour>97cfzw+^#*yXFWG&)40p`Q{0`HhL%aH
z)mggLAIyfcGlCy)EI%8eZ&}*6&1Wkv#6#bn%yZ|*%p$sBMfUmPz34Ks`DxpV4=1gb
zYIQYdjGUX~XE;CJo&3BF?d%(|%{Yv1$4x1IyfXY;1nqt>Vw-UzeY3yPKZdDrbZ3Uz
zRh6B>V`kix0d*?KPfaE&ZVgPcp)V>)WuC;$&6~>4&(IfgRM|hARb*W4=_9Txe1UI0
z@2H9C4d_d@wk4Iii`Th+OC+T_)8T)o=ssV9nI=pg%!pDc^%|sYKEhBj69ya8y!;Y4
zehtT`V5jY2%no$wX{EO*zMDfuvKhYvu6;ns5-u+=L6Ke^eov|K(0A{{`UgJrsSn+3
zjpuQW15oKdBi^0NaDEi?p%TsR_f?fTuNrQuMtCr)5f3ah=7k$xy7v0vvzPd$Cy*N)
z5=QBQi1RZ`E8aN(%d-F$QmCdfV)_SEx(hNary;W~&Nlz6?#D5cJtR>X|9?NMe>HAv
z(BB(S=@-e_+6<li0y*WGi24)CUdBp7pLr4W4y2iD*G1GvkT4lL&G%<y`WERG9hg#s
zAgogIHITqoCeqpOdYP#j^m1PrFEPOM*FZv``5K6gIb$R8@PKkJZOE7k(oyNj%GR5Z
zW?DYORv4t2Kj(3g<yphj$d0M|AZ_y^S3k>@Gt8yqVrm8C+uV=Mc*D%ikE>EG;=aw)
zF$twOU!t8YrHQY7kIz&n$nj_7vQ!c2HIzAkPIv&zZcaMkR~omWgoi+ra2rb}e9(Of
z^)V!Is4%On9qb=LumKzjcCK+73N{3qU~McN?9U%1RNoCI>9=u_ayuk(Fyrix%Q-4p
zp8WVE;@x!*_f{b>k9v}~YauZo{*(9mj-pu1|L8{BdqGm0^Z9?RF>hVXYm;jr++10n
zPZ-Tb_n2$vrqrKZefMsSlsXv#_d7v%96jN;Q1&HppjAC6Am^Q*)Q4rV8_T91Yf{Qh
z5T=};$=;U$l4*cj`I@Af0%flgkJ1XcN2hQ?=5e6yG<Y9l=pxJ#m|=^OY6YZiy1klI
z?+SyBa*kiaQcyuGr8Ys?n?;yxl)KYO!d57|v}kI2eP-Ho`Ki?aXbsb|Ss1D{^ckw$
z^>X~A+~=6iewoIp2R{p-T*cZew&>1X2Vedbu<{%<J&d6_%~<XqMDOscJSF=YObgcW
z3Z9Y`W6q;OkzSYG%*RHc+;6?qj|VybWNf8T&fV{^GG7doWB92G-?H*xT*`WhfbrUZ
zdEXmmY*QBg0!C{3Xqa?Czs>j!mADXSN}P=aB~B%dT;i#lj0pNh9X$V1i>5NIF?a<@
zz>i)sb(93yVD-<q?H6IC!3K4zUT=2{q*SQf-pQtk(M*8?ml|A|D5X*xX+7>TAyG6`
zZr@~u#Nhd1u)?>=N`7s>-#C@^``m(Lu5RXRFx||BK%)d3ODll`DzoPLIVm+g((8_)
zDYXQWoLqq-0$aIEtQB#9Bak+z6_JG^Y)~s=HHrwpv?3lv5g|}3B0&>cXyTDp#1s@^
zgU1x{qH!u2pH_qorWFwajUsH!QiL1f9NEpsIVyLTENb8Bs@{-hz8dSQDl|B`*HaBb
zHX-KtN}O|s{wknko00{T>?gI2=bxcmmyM6*<^31g#_8;vKQX1ghRD9elP%dQFt)Nh
zOGT^`|CTxXVAdL>R>rGE$zT{=@jRII0W*ZWQ!Gd5j69p%`Pc~38F>~v#&s8jL7h8<
zl8Uh+@TGArJ9ApZuLS!Sa6{+VU%;$3<a*#zV*N_l`ibF$Wn&eNdO0eq$8H*B6Oh#3
zSISjRe#A1Ojb$~@QL%y3c=Ce8ypmfczLS-s0?blu<6}tWBS9+rlgb~AI9&!Ml?8-s
zgFz|@PNjw-H<IhCpP`~(KZa+AL0vy8Q$K8%S|=L`Jpj}7V;c1%1nT-RlDNf9Na^}<
zFLATMWA!7;IF&{<T|aCvT|YvgsUJ3G*N?SFVtgKhVkfoWh|9MqytvB!iD_N|hH1iV
z=Y-1o+kK66pi7DL8aXqi7DLjWY^%$rj<J;)nC=<YTi^x6SF5Jk)t=gCT*@&Y4Ss`5
z8_Zvo%8YyU<enYNCenBOj0;uEFx9YW7BFRC3IgVu3(0oFByK#1#ha0Sl%>4Y*%PU&
z$5vGhDEdx+V$KHBN(_NUi8f{_5m~85#HFSY9&~%DTZvO~Ffo$21z;#{4UBi$cTLC5
z2Gem1fhKM?b}VkG4#cau5&SZOwbGxyk5>zefmK`Kaybf||7L}%D{yc?o3pY$rb3K2
zj^(AV`EPOw8Mij3>%$j#vOyix4^uq#j`5u*zMqffrfy)3EdZstUog(Akm|_ppbfTp
z%c+)}&jW`x*y2xw#P6Qss=V5q`5Wh*s0&M1nA%&M99>vO!|0MDg{3H9q_FG^7%42-
zb$n;KuxvC@3}wg;1BMEV4W=_B1ey%7v11uRYRzA2CyL!;f~W<kd*XgX(+0I>>(kQM
zpw{dzTABb%w=~bt(u6?W(oCVH`Nm3&9+J$brLn<dEzJ+csT__<w=_1GPIm}2>9#Q|
z-LBpBWi;#I&q10HM5Nc4Eh+UTM0*m?zKl#`2SoQ}F3e6Cot^T9$?VpKkuOWO4;cBP
z<Y2=j#-7Gk>W%nNcD6I1l(=;LvcYt+LZC^OjakW3sZP8j*1?EQk1VSaaU0ax*n(`d
zL7k1?lZ^qG&c=mgV+hpQ_!ilCjtME<VeBUxZSYt&USOPtMwT|1PHzY_>9sK{y>1ug
zS!`A54nsLlGdp+dyc1FPLb<0iIcd^}y#`1#s~Bw6yNfZF*t}3Zs<QGJNeQ!;S4ui@
zbWIrl>&H&PyUbpO@UsQVtrC^lOG}1sZX15|7;Xhyk(V@f)C4G3n4#Na{(w%HpSSUq
z3K^*hb3rPp?uUd?&W@Ty^FhSuXm;mN>jp&VXbMw=7#&Svnr`Q-ZW2vlHX=et6UH1T
zUvZM7YPKQ*pEH+we6*{6f&L5TI>nMQB+ksjWGe=yPe8dbPQAQ8gO9X6ftY`Rd5EMQ
zl;r-!Psui+a6-;POv%nlwpmm?sVe26aEXr1kc(GxF2otlk5~S~h&q?`kUINWeB*5s
zkG{RmcD`Vi%LD`x^Y$u^YETvP{)qd0b?&7=bw;t$R<j0EOGqs4s_Ce8P@Tb%NXCIV
z{%q$%-I`S6_Rv76&he4>A{v98OfTy+iBwEEFZ0E0<5Vg|o%<tsiNi02!MwGR>MAvp
zCxlZ^`%-ly@=&B~st4QiHrR3{7atxi=CWlac{3^XJaCQ?Ag8?QJdA+L5MYC80U^*A
za5Tktb&LR6lBx4(q*CIa#lSOOie#(!3KE&UA19L{jgqBFWP9UJ+LJoJHB*T)ceA%{
z3!4-voA?LbCL2(vadIT7a#qnbwijVd;M~bvl;hhETK{f^3;1v@i4&cB2QGKiLoBP+
z*~@-$e@Fc;W{#=5cffp+2a_9iW&7}UJwhHoO7_i*cz5!DotVc&yyK@jYA7V-<CYnY
zS`LYM%Ttc3HODtkd7c0u!8aH2Ue`;$dDF`*GQ8rO`z+#Q0wm?hDrfFHha6S<FgWGO
zt<S7?Af#jZ>+g;l^@sN1<{f3<7SahVEO6CxJe49*{T_2whLsXkOKiwo`x@TS8|dnw
zZFA*0t{MPIwEvErpBKBT-4fgr?qmGlEoQ>~hC@4pxA^kyI86M(Rmbs4j3jy0uPmPZ
zhMBM)JCpMTkjQD#!Bcla$Z?mQ!**yF%#u%!VyJK~44&=CS-Biaq!n;D_jlj#sT+Aw
zsZKW(e8PB7-69O@<nCKAH&PYq%pknGU*$l;YkqjPxk*k`4TB`&Z<LFwSb5)kZ>^}>
z013XYepH>vs+*XX9M5OBoA~Boy`t(UBxxwY?Dm=yRa2olFA}2<F-&_3<_coeXKqyO
zhQ#;Gc~SKRBxSqq^HFs*q<!qdu<cpnW7LaLwGt9n@ghE~0%=z(FuXP2xGMD$pO1nh
zwtK&iszLiP6UO5|Mpd<gzWKnPd{OGC@1}G4n3@a~cc0AX)1{F3J=&IUJf7;i$vrKm
zE`!AVwZmd+J|r>fG%}{{hjff?xg(}3kANYi?%Xjk^%bOT8r~UGYepNJLGR!n(l#fr
zim9V3j7^0#F?BJdZRTKTyxO<%wrz~5{+nQk*C|!wY6T?bHudAG(mdaM-br!w7$imT
zbN)AIg_)w<_>{OB0tudI%cnpf!H1uL97ynPXU5e`Nbt3N;;MUJ%*c;i9#>r;((R7r
z|7tNyuKt3d(`7J{t8ZKpSEpU+`>@TA4T-B=kZ8@0>66caJ@31p#FsF)K%&ia7x0A_
zNQbZz!$b37B!tYOxVi`uN#zz|hQ!Cmi{h&MtH#GU7_tGh{`)PCtLGry2A#4buI__$
zKbC!yKV|j%u~Vj{)Hq1`v2mSf%X6sE(vRJ-klJmWru(rQi-CSW_I!q?8X2eQe(aoR
z7)*CVwoB8GEk;0dBOu+6U4#G|ObZBsen0k8DUNR&0ik}(2K|0)6D?CSNu=~+<4I3}
z@t5w$vhSsBwS`GP_87WZWWaDgR^V%leyr+S+@^)J&gWp*FN};G+7GdH-g`z$JqwA>
zkDSdqb*|C*T%r>=P3!#eVxX_{RjBMzBQ>q_D^ZyZrd1XKeU)uMz~x3jTIV+*zy{L-
zLZC0e&17NP2ngxi27R5sgw97xB1Pu~uW&ZV_)F`&Dms7L7A88+=<KO44H(vWk*_f}
zYO1b7=aAHl{0(t63KFy30^C|Fq5goV(QfB@2{jqgd9)ov!}>6iN9qkbkDAX(sZo&R
z(QG=gysJzeEh9Sur|CR;xftl@(GFBx*+@<2(I`}GgJ~6qKwrh*BA})bkj|qA5MYC8
z0U^*AkWC)7H3C9;WP^SlEhUe-N+KnXJ|sO|jlXmr{YD;*v4u$<%||zL4H(X&(Z0sW
zqfZ(nRHKHdd0fP6aC|~7fTVS``ggu@%q7J3K5q3w?zH|1^(Cb9>nM*0oO30N<X4gT
zB*iAipS(o%VoIGf-_NgZj4_sT{Xw^5imPjZ({z3vBz-pM=hv^O`vW62onKQ?w+*J%
z9RhuI$5Ni!U<A~VVX=(I3lU(0X#pY77f_Y_I%ouh^2-MO{F+OC9gsvyehsHi#g6#p
zSI1n&<L$=raa;pxVUk~c(M@05WqLfG_nOui?bv`(3H1`Bb^ZZwG*n=BS?j!+=dY;v
zI`95UO3i|#j;uP5-I+B;=atZT;54oC%wnLg^RlSy93wTY^H)%r4W?BV0)3U`A>aZd
zAg%M|2(ZDlfDq^lXo${lHUdIAw?SX$x1Ghc8A+t*d=fgp$Bwz^ybC&i-4-S~-+*qm
z+b+{OSMLQn@5KukPeEGe*Ygy{>yYT2yPiB6$a5IlCi8`ax){>AF{_rJ8|!opIDI*1
ziXh32?p<lIemA*sCyEc8rgP(#VxXTJm!ZrzjMQ{)M3`mTU|N|W&{yX52v}hRq;n$+
z0XCQx5CVMxXObJcjR2<b$7ZB9=;y|_%s0A9A|*E-COrp@zjTZBAh}Vywy&gg4Jbf2
zoeZecn9hySzQ(8l)8{ADUP$ZwX`UZB0Qohbo~`rxZ>Q8Pkm!7MH|DfQjn1Ey!fu?V
zbv~mQ=<9rh)Bxi&t@FyL%m&jc3xU4M?vol|1f+Fd9|1O)77zk`0o|kq7y%)j+n}%W
zm(E}jR1zsVf0gvyW&EXeJ`J5OG+<ii8_~@c1BP`z%hwpaggqm)dj@NE=-ykDP<OFm
zrbo!{!OUZyP>+yrc_+a))5s+He%tp+>l5luNN_s@OKND%;C~A5b$U`g3CZl@Oa3=M
z1M?VabH}7Qt`laN5KqBS^=z1MXXw7lk&_7T+(_~Bp2zT$Fw8;Pab0UXBt_9XbZJtx
z>#Z%kg?*ChC?v`3b!Ad*gGB27>ym2F^}e~Jq^<6rq0a4*q1_*OBtvz06f@Dji~sAz
zJcju_Z|iJ_1W!%oSRo|1E#H})q3(l<hij|d&KfH|%D?MZz{1^!P@Ubhd$U=c%dE!w
zh%obNJE~kA!)##f=G1A1Df@(@sy$|yk*wZ)Eh{+Ur}+zx>LyD#!raFC&Hb$7Xy$en
za2}jxn08HF^*p3)hO?eAg_lG%^BZdfua#lOECNnrk>EvHC=jM{?WnpJ(#-oT6SQn-
zn8#QraGDzC9;Vwr%9LCD+?N|uqhrirg_*&`I?>KBhnQIxoNkydH^$XsNIR>3OPukz
zVZM188%W!{&X~9Edc&+{(7SG}VdjpcwBHU%IMr7r)MYCTvyytCq%MffXiCmfN|0un
z_D!nkkTA-nh^mpY1os_xAmrqcb2nUtuH=mTErlYz>R;rkcng|?SzOJiQ-g03G<cao
zqj8gN^QsgB{Wfngt<yl`G~MQ1?}fp1lV!U!Gsaa2xXB2}B0hSgH39)Pm=+KM{Wh-@
zGse+&WP_DY8`N!Hj_mcUmqgO$C91K=xx)BMH*cq-hP`%j(p`$;auv$SR5b^(Ah=2v
z1*`BNlH2G?t`9(Pkp|7y`-=TcEB5KdoF{|CVf<t|tHFD4CkoD&{=>LUE4W@U&{y#B
z(y17yX$7y9VU-1@^%DYp{j`=&#kfs(DqCe(Wr1k{A<!3al5{G@t?X5&mzHhN?^Kpb
zDUw7=r*azU8E^dQ&Paw;qv=$Z8!)Z)v(U{R1BN@5^}fb3RfD`ezH0r&j!oNBs_71+
z+OvAlXL0dKt5&`^7`RQVc4aZpSM5`1ri~GsR_*zeM;lCQCItGLS%84kjezv5t~UZ~
zFfAYi`U3i*+CD~r)<#fvZO~V3cM{o55-F<PMtTMtf9d|(xu3hAwlEp7_QTsM1BO*w
z;A>3I%W{I8y$i>i!;ikh5$DWp^UbcRyOcwL&hMOZcHi&qs6U~)QJS3pS!UQ1oPMv7
z{I5j!IL<$wDKYTRQ95#{-oLxGX$BuEM^4=omO4q-$S%@{Yq`!g`G<%)^Y@6#ci8DW
zfwS8Kq5Rj`R`fvIi;cXf8FF?q??FXaAIRUtL9kur9d#R9MEN!Fb20l)Q=$Byuz9<`
zzk8AY08PP$0gkG46*jLDPDpf_L2OBK5Hf!v0-WpESfnO$BsJom4I}#^`SLmNPz*u>
zj-TLfdgMRB3HX~~UWW4J^yra^jyhoy%+oM47CGt@NXI&qgy(<c-8(4%Q&Rdg2N`!l
zI@vAQ;}{I(&%kCm`x~;yq0^K3tE2XaGtpZIn2}KaAd(Og(28x4p^#Qc8+Ni~%R@)>
zX%-GjGp^G%q3E1`wW~%zTBH51;oU??JL}F~$U~4$LP*-zOw-niXi0WRT8L@)y1)6M
zV=xxx9Z37Bwait$Ag!v&e170lDE}yzH(z3tWDKK!9i0a3mRtk<HP)A~XEL3MnRd1T
zCg(@vY<mZPr$h%@`z%lOhjgHcjy#+N<?kV!p6r{*CW=<?dJNg;!bm|{h~a=RQW8r}
zcJK3f)}e)oLCNa9>weZvp!_k29x>kER>^;kB3A7s8h%LY;K_vy<{_P)mF%&&?6K(R
zgqS8-+>1*Zy<HCT7^DSkx-hC1vHqzAEM_z17f1`Z<#OJ%WEJPHHX&yx&W@_9AT2G#
z^kSz)c3bkZNWw-8mDqmC?*dbsZI>5Vtk9xoz<dtrK>M)QA{#NfGEIY#%@-}8&vQ{V
z2hsvgo$v3&XlEl}WcNioJ9R-+-3@7HFYk=1y^xOE<6lJ8hmdBH-$&Kykd8qec4)4I
zbPR6&A*vQY+U67XY$~v4qisUY{%jso%}<Q^(w@e!C15(SXLBE<{Y)S3Z_wz7Zh?_a
z86DBg+heLbq$4_(4H?;#(Kb13)m#K=n>X2zkxdzG^XST$`UKK8U%%^b%4nOB?9Qx&
zv`xnPm^u~GDXqkIO?ODArwaQvy&)a9Sry}IBcz?(S|zR)K-$>|wshWrw6jO+#MLTD
zJ9F6Nnamc2b~YU5bx1oK(#qfF(e>wh_H|@$M>EYk_!~N!X?$*66+l|rNDMCp%$0p`
z25Hfy`m)&rY0*(OcVvS{r*t%icZHFHbRN4s_d?pwZx~v$^`rfSn1fHpm0S_ffqwo>
zTvcG7N;gmWZ2w#bX#v|YRAVnl3&>)>M>d0W&Yc4z8$db+?_ns-j*yPQBW4FkJ6j7Q
zyFS|4xfmu2BM}X0=fj$O@|87k-MX~JFrLM29fL(Mhs8!3luKBuodD^^`#CNx?S{0o
zt68+22We-aHsqXBnUq7?Pl|QiGa>D#6brgtAnhkqMlU*puLncgS;-Aos5c7*8tMVh
zEb><Zv<^beddZ?g0zynE&`{?Zau%`)`3X4-F@MufNLt8GNLq*qISUCG$<l)?Kj^x!
z5`%LljC6-%F?=A5^fDJQ?VAMYzT{F?CS;jHcR8Ce<g!emvoWOJ$5>|A3~8GttTS8#
z=|cWD;}&vO_ks*{38bq`j1`HqAT4?}hONTLP^#<%e_cYS=VF-0A)TK4&B}zfSr1eC
zF=JDJVX819;6+A!UqZUT)}58120%KT2^c;QMx33-TE-aYuZb(URD~2DVoEN(iApKe
z9+K#o`=*~9jHphB7-8N-#*A3S$#h6FM^22Y>+|Uy#3q~P(Z@iV`Mhsbo!if6lyf=b
zQ~$Zht1-!<N~;ACM@HxV>jO9aVNmYq$WVS{E$;H`tD5&>%3`^t!<(E@_$8?t@@hec
zbrEkH&l+5DG0Q`5BH4QjKWS<1b#?vanGO>vRj-`jFQ{l{-0w-f03i(Xf#vm$!-sJ=
zINvxF=Ez~=5XQV0e7HS3g{N`Gv4KF}W$?+Wk9jnqJ|a6@jx^^92FLz2)(aUb_vI*Q
z0dFMuH_gA}wY*#Y!S=4a<C@QO$LqjW>sqKFJK|05z{=ZMNiid$OCC{MGTC29%3q%1
z)DEjdvO=VpZ=drQk~C9?MI>2B(oA!fie$M+GZ(N_B+Esbsmw}`toCT;$j$yTj%K=>
zWgN|1yVhU1(aiD@{>qJJ{#fC!+-PR{I)CLxGZ(RHBP%z;n7fb-UUk%?Q2q&&ip|Se
z9(&s`ZQpg&M46F@%@rr}fkj9&A)C(`JD)k|Ke7oq`=4c+o*PwDARV3AbdSkr>AEDM
ze=i*WLYmw8PcB?S`FG&6QL}`a18L^=Co|L`NEj|vzd_-b<t(o%rk9{6^MkVSZVOLc
z($Z5;mgDh-)=5>W4a>LXq-;F*W>968U=m-m^4Mx_<+~U265NV=%($1D;kH}qJI%kB
zD7|jnYNj1epon8({KuM|ed}DlbimKW>&bvpWU6xNNku)0AMZ?lCP7nj1lM0JSpO%B
zN6pC7(~(|=hueohnyJ@5uI`64a~U6vc?S~4JW0Hjov3Wi59d#&jN6R4zI_`b`Moll
zKN-pSd_iIk^jGGlx-qp2(l(nJcXnuDn8bj%x((7chslR4P9QHt+PnctRpBZU4r88-
zKKqlHS`Fnth5e;;FrP{%Bg{R$xL!_sBMgtXH00e7c?`}QglQf0W^<I`?#EP_i^2JO
z<=pHIatHCFijF!8o%RNk&vlI)bp+DPJKJLFM@TbwZsX+$NHa?_lIow3Foe^WhVTzr
zyEwuuT^2q&It+{^f9mSX_#Ic#R?Xx@`3|V#xibAO(dO`K_Py66RL9m#zh9}rw|JqB
zPvGZS?yLS>p_J;l8qp<6Qx0=i<x-XuFSe+T4@)xj*FN?!V!Zk*pn)jMW+*g`S*k5M
z#owjsP17Ff<=wziZKXjhcpm4ej_p%f@k@I1&W|uN-DG?yZ~W|p$?u*_#?HkiyAqA$
zNfqLCF}KH@KRKR^UoAU7!aV5a#4m*@f~ixRZ^@ny^R@|4FDqTgmqS~!?)#nriNC6I
zU8FAm64SOjYNLhcPl<O;B<^t4Ck8BqE5Mw@5JHc&_0u7z>GL0p^Q<L*8QBJ{O(BT%
zdX@wyk4G0BQt^5uawqZXcvdQz+FzPkuW>3Xi5=JQi0G-=VNgFon0kyik7^sI4aDht
z+&rBF*xG=Sg#7yPDv8sWvWLK5xloo^$2_;KaVjdvZxGK^sXvH7PlHYrsqcHuQtOL>
zU4}Ugb5;UoSLQRPug3V4oX(#1uz1MP*)td>ojtQ)g6vr@7D4u?DpvNihe>D8J}YkI
zgr7YJthCwL^Si-CXX)&5PxW(x`fx0Jniw#YJ??2_$dgdVcG5p}8%7a+?>z1&_l~QM
zomjlG8Je`8SO$0gpf>q!^B9(bE^Mk)=h+eOb>?@aPmXJI{;6>_4ibDQv%9qrX1-z>
zc(|UEx+R#qB18+qO~rOb5awQI8A1Pv-;!jOfSZ-Y*yX%6CCT9HAZ~Y<k57Q%RH_@Y
z2{9pO!&Z3eJ*e{uY{C@nVwL4hej0uO(o&?1;YB7$GlwtXc;uxV*A$yG?~ALKAz_r;
z?fR&i4T%`{wk9;VkY-fdm^ugQ94CNRr_*@8#ZSE%AhH_jjz(u|Mfs9~PAF|Mq?vos
z+D1q-^{<Pop^%nYa&rFHZAjj7Pwj^~cXlJr`zz7tW`63t1Ja!~`M?LBYWE>bf0$o(
zQ~UP741!V7s5&3&d<o1MH$-{l8b<uwKP0L?g|wgCJ6Y0!w4alvMAbcz_S5XFm>LCX
zKg-XF@umligfr=4zHb0&KVxr-sg02K^CX{Y`5w}Kx=)Cyry%X;(9?XxWv=m4^ag7+
zkoI%#t#LI2(tc)*-~b||{d5}_SF<1;&U-WCs^XI{q(`~UuZybwkf_DYKR%|egfz3b
zO-y|aX(l;{l@3U2Pk)GO$MU$kusNl=B_2y;sMjyIU{CZd`O&Xqy@SbJ%TJA#Q8oW9
z`o<|^l4|?y8ESq7-Un!Zi{H{@u(=TFHEmByb$>Le=6~hJTi(oS=e3@i|4+Ac;>bic
z`;1d*l;+otHc2&|<f(fN_=*oU$f{+5qX3Ieu9Q`wIJUZCGQ+}{Sg4}U%4O}SOGjsg
zQnal~)_zubZEQ%>GFi{C6uii|lMX;0W^BOfb_nA^%PhWEW@F}IMwRs`*H@Ms0knlY
zpI$cgZZT}&aHnjl!%nusEQbSs^767yEC!BfkW99XbLz-AlnuBM@6)x&U)If!d#c*4
zM#}(2Z5kxnka!zg(2t%dYcwv8H!fw%r>JeC)Q%~9snNm~wD8VORVH0FSbGUyEG>6^
z*k#57`bz#%F4rE~St91=N295q7{c42zPKjW@%{qJwY<N8ay_p&sITb-px(y{uIQd+
zLYJN^eNE2>)7REQpt-hYW7f4bdhTHpJe4<)BKkd#J3ol_2E%L|7%3m029wS3WP$57
zNOVHmzndt?1;_<6co_N_T#ObMGu>M839~48!raZ*Tfar+JB9f^Rz2}L?^*tGo1c4<
zqYJ)`wMcx%9k|S)KFHRIfSF1Q$-WMMW8KWeYW$sMoX8*xCpEONa}6k4iD_XM8BlH~
ziLivkVW0u!%DTjbj}V;ENU8P`#B8@o{B22rFmv2$@ux|_a$#Qfs>H74!MFp$bgz=?
zgZb)Veq5zIWG|1DPW^s-F>rUJY}Tnf#$&rIeK?tQd~s~a*~uOhh`^m>bLlIRSzq^3
z>IM^vq^$ISWa51O+n6(woq7G2RYYv>G0sKAf*zS!FQTy!c23ho4a&5QWjz~}G{pZw
z((|q-feRUAUQhNuXoSfqYQaRWMrs6Lp#io2r+DR4xAEPK5V$vTa%#q=Fvun4ipgC>
z#&)SMDXY}4WXsD&D!W{2!4$7$sy?;R26b)hM9gi_uZ^kL<E~m|1aON+EqELOEf8RX
zT0l<(*q|>UUOk85sHA*`mmB|znd&1j{jQ26W1oLaQw7taYU!LE8@K@{=5^foLSOfx
zjl3K1HQg%{zZ)%d6^7Kuzs2Qf7)f>Fds1C{xL;Nz7h6n-@HC!^zbDm0d`$B)6Z<Iq
zO^qXQx}aK|FEC6dgfk2(!}kSGdSz0N5>f~}guW$28%&36gC^vZgnX_Mt1HJ$6N3;a
zF`%K7Dt()A{JF$ozFRBt6cGzRT{_0NHFQ-yAPEZUd){D}puR6LGNc_(SJ8C_)Jaa)
z_pahEsPDfUCsNAO^*u4-m_F0O${J9jov!Z<40x=*tJDHw-`(H?#c|53oHLgzXQL(H
zvm;qKFT)fG)0yu(#6Lp?JB7>iDkt8=^Je3jO?b6nhnt%zO-Pm7{W$dza5qiKKD;%%
z5pQ48lzfKH2MhCwmlwO6=3|yHH&;pBhIyFr%69m%rX&OgO^FQ#O-TqdO-X=dAu(u5
z?lqy<O^J<JP05?YcD8Y@o03~Hvwo)>hcKFw%c)N`7BnS?N&0$8;1(}8@g5qRXN0Aj
zlFfi`8!+9J%%o_Cz@RCy!E{q%gQh7dOG~iUNKH2-r_&PHpl%6nAm%n`nvy&O>@)(>
zP09HPut6>0b_Cd<X-XQ?lw{vT%B3keNK?`tMmHs2)07N`37V2wVm3|5ZnUvpd`VOC
zJX+v5_pzp=8BDrDcN*yzGwC<&rldf81WidV<46jW-;^96guw<)HzkV+DFg;hi4CSh
zwn4io8E(XenvxKxo09m+Ih1;d<>#p8D5_ZxqgC@0s!>CH)%;3J)=bPsHTx)v1@H^D
z(nuYqnXG$<uK-<YbTe6DGR>qxYe|ZCddFpD6bFAurjDS5ki#ZCh4D!vq9p;;g?R^N
zJ<Q_nUNUE5f^qOIFh9Fh5*M-<-_HahRbufWmjtJrsm!npEWPN0`c7s_#+(7DOZ*$|
zaeB}h0)s)P4eFvLgH9XtixzvIB<TVZmYncf@FtUp<0-K{t#~bH<<!BBzf@`Bc7w6n
z!$Q-7?-@fiLr4JXHg&aWx|@;G1@GfRMrV_aH&J!Efn8ugJ=_ZhRKFOIbwPhXrTc-w
zBJ2Y*WLssNn5N$!vTX{3{`l`p14<K>Zo-cn<!87gOAp!Nhba@YB!mwMA;H7wJ&Y5X
zx8ScvqCDV5VX#HQxyx0T8!$a6Y>oa#7*OYx3<^_i(b9N>t`VW@+|2m54JjNFtdx`_
zO!lo5jx~;7Qo0JGzuX>|LNOXv3PW59Ly<5Pg1F2)vTuVS^W!q(7z`tso+FvQ9>!#L
zTr#`aP+XG9Ig-hb2xBr=XYH0TzFr*8do9>W{A9p=KwJg6=*mN%{DpF{ssUv!Q*^9{
z=FNuTO;WCf6bKjO-i5|}r~~eAK;6IuqxahlsMQ!qek3hfa&5VAL9RVpT(acas|GYh
zz|Xa}4XB%BDS47>8F%@q(=OAwR>h#~VI0e~0}^bIYt4pRxi(msW4Sg9Hl1thg$Z)4
z*$9{**B*gM=h^`nJJ-72j>{m|ii8QOWc-5(6q=DB<-PKWWehUj8+|Md8wW>@&-oCr
zD=uJK#ye96MhkOeq+0y!C8$sQUf?8SZDG_MTxuy5O^&1FY&CMEWqPAZrPw9dw-@`W
zRbr)P)AVb%$HjXgaTaETG>yraWW6xE>*yhg8im;mNp=~5q1jCc42C2&7z{~5m>H4;
zm_#uclI*jRAIxrStk{s`593@nBxXnwV0xHhh9owoha_1wDOs+mFM52~rE%gh^k!pb
z@RICE*(zn+YN>lFXH`IN6%3|ltY7Bn9wvmD9wvm*!{|OD1WF$v^*aOxjd^7gj4swe
z$w6nyImEZFW%&j#i7=1okDzAc9EIe#lnkrxF>Z7<oI_ADtO|j_u*wG0!zvr}hgFFl
zXyhRyRktN`oZ5-Y0G~3TyyvsvX~63Nm)POYbsFgOzimLBszQ_g5E!KY9ou`5{&-Ik
zHds>GKav-ddHF0Ute;lZ)AIFVHq-KcW?dmva6@2FaBVOsxFO6G+yJu+?f?^tBqu1i
zHf9xEnU)VX&UJAz)AA5zrsXzfila(gM$+dS0g~ezuaK8lrqYyrV-_<yfX@HcZIF7v
z0%hpGG25w}T1W>JxYXc|NHTRTWx@s*3}Al$2(xw@q)b#xZe%!MgMOJ%srRSzq>qWf
zNq$(#L=(zr0OkQ!pXBBy+5lEG^K&UF)hD}>4)?dN8LD$P)=Y0<0kw4R43+Eya}E0|
z<%Vado1pn;vbp#*hV~<18hC8R<kRqZGd6PMY*Sp#e<R|J9LBvN2($TW(2bkpD)SR;
z?~d`n(eR}D9umepaMTk!?VGO(xo3?q-sKZR`h-Tt=sRTY!1LFPN+Z4Y@_^szPo~uT
zg|Yak#WcwE<n6au<=D+I%VAz$U7jN*+^I0$q~5*$e;E4?=q!rv{eA21n}rZUkxnQ9
z1kr$iD2M^X0*X;lL`9+~Hq_X_Zj@*Q1cO*UY(zwCU}8`~Z23e*^iv}$V2_oeXzUgF
zKhNx)$xQTj&YyEO?0xpm%$+-T?(}&-+duo6h4^h2!7fwSpj=F&cnu7Lc~JlF+fj4-
zfVd*Qr@sI_gJKY>jj6>Ca8`g&ZA^2-T?;~Y1J@&t5m!eda`JD@<?((&h(fl(s-t79
z0qKFj8<@r`?fe036n4k^acDt)f%Fw1&_ek6V5;MXN$9V%1CfIy*SsC;kh>9S6@jQa
zKGDtd8$gxv)5ciO@N*DeX(R^E094(KUH1nq!L^J6LVId79UcuZOF-4{!l*hp0@b3O
z#o1=>B*y4I@42mJg15w)`@G4z9)y|6>?i@S1Hx+|GnqD~W-_yXz`WVKYZ?`#Ic-eO
zd4`ja-M$j-Er@o_JF!0DVHU`=)~t`W2v~NSlc1Vk4q1qMNqANAug5V*gTk~y7HY^s
zwL#U_XW`nQE@T?dJ`!y?B|x;wdUE<f|Jr(rNNDRR1!1hG8icW)dJqyZq6&&p9t%Z3
z>`|fE3%txoNb;Pd$Oab8OJ)$Tx5d<$Idm=15S@eYE9~&=dVBuut6?^KplYm6H&4$6
zQ3ztqrY`Ay!Ck`lr#tvN?!ev?ytlbGoe4T1@^d6|4(61v=ne2n0qHFxUy+&iK*GCJ
zV0QA?Jl#Uoua8CG>xey5pfps+#I%NT`db<*1YtB(0>Wsh5`@uE`T!Jv9RqG|u58}h
z6YoL1txuaT06|;NrL7l};EWM%yn=+9F`^aMlG0Y(0K!=DO34T-h_+1|Yqa8NqGh^E
z&1qxWit#zin-_H@M<}ng&z8_zh=*RQ3Z+qTJsJ^ut@}XKfuPqq_~L{&N`h&x)qw8A
zSi!W{`W%>7jxf|}Y%$7~1nuqywD%<-lvZb8JW~lmX>|hPt^=VBdMDy|PU1CQD;sgy
zp!QmWfqS?nlV0m|c&#G7(`zL_RDz(_>I0^FexTRt2qJGb2zsro+c0MUBJx^2K~?Y*
zz1D6ZO6EtJQoR;>EpKVUyHG&mwVDH*A)xVEGvKw#EKbX7)iOa--XKhQmrDTKYuQ+1
zdGEX_l8g${<!xiSyu%Zb-P<JE|A1L}ts^YZcrBKl=4|v@EW|q{yzyErOdC{Qi-l@~
z%4@N3ZBQ37jpsgzb}q%D*P;Y@IFn(lr<jDco(d4gdU$lhSWg28QzyNk1Ii;&5$UJV
zYux}z_7tsYuXQ=FBdp9tUaL34cecaRYpp|V$eW9*L9g{Rh$0a5T0deOR?2sHtxf3Z
zRO4NFt&<V?4zXk7wax{&Q$WjWmBMTNF0l4mRMB`5SbHsMsGf=G`jvO1rJ*7aMnk0_
zjE1T~7!9RIp-k%;5MGNmpED2d^jfs}LJ-Pp(bh{y&}-4gD@hoyRYyu&u{Ync;=M(q
zw%4+;Ml0SZ*|WWtjcF@}fnf9JK-|i|r2;n={D?nXCx7Q8?v=f9F`zr}XD6O_xYhgU
zO8Jh8m3Ryt!nRm%f2S{qbMdl?#KR2P9TLXFz0tvZV*`F*;B5py8+f!oFkXU9x{1s1
zM}6pzV}AIuKT0QYDte$v_CR;=^2vdyEQt$1{!Qo?LS>lvisv%oT%0j4$Mfi(=#qNz
zys0qF=dm~Y=-Yw4jbCr&Pl6^2@61xEJo+xWmS8&rn+4+M;7{UW{P`G9RX*}{$v!DB
zHWWl@ES5YSFU|H%dDZX6l8@p4qxZx63;1~l{Quf8ycfh0Q}9z}zu~ER8hO9;GvCYo
z9H&r7l;GvCFL1nMCWzHreXr*>d^rk<Jc*YM+d;GevHf@7JMs?@BS37!%j!Qt+z4U^
zwlN&BUzS&ODI&P?+KiW;m5Btq0x#XLmym*ejsNFehj$1z;d*p_%kd7uYUXCVaW^6W
zWqD>{#>>O+h%?3Hi;FVe<#&MC42kbTh`aHAV-v1Km!;^Z<Ei=tqWt!7#=GGWA*Qa#
zct7H)!g+2d=EQ4{;%Gn>zA!JRti<m|;8D4Bh|8bCdfFO^?SFVV@o6E3K9liY!K0$?
z@e<O(Q<V?dE_^wI?TsMzh{uvk@N)VqAhyR6`@EX*{>D=^7+g*=m)2#xL*J6{9pBG*
zTk%wlNBFTH;2Hyl|16f6P%j#|6X7$TX1p1As`hA_wYNXVk@hd}B@0L6uGxa0bi$*u
z<`AELgS%IE;0rX6eBt|yxAupOw<!x375xa+{Dk*?n*{$0y@gw2C}oyY`*@c3Gah9#
zzx!F<X#u{_W;$nZdH|0~^3aZ1UNs)2=W{z{dHZ(;L7SPhXO{Oe9+d${vh(-K@?r(}
z!txw9Aj|szkJ9t=1GBs%_LeUL2H}UG@Tf2M4bJlR9wJ|!-52*d&>WW|g4ggeXBdc`
zAig{x%UfC~#Q!b9|NX@g^#5jaByhqw#Qw!u-bOr1qsO0|<qbJSG<v|P`29ybN{L<0
z&GN3pqm<~>wK21@yu31mDQjv{w*uXTr|MW_+pbiJCD&zn&90X(jyN~nnB|=?4_{73
zY|r4Od_EI}vx^@)0{&+*{`5Zp9%K?mz_)&Y-Gm>)0hD2|o&L)A{=`$&2gC_me6J6@
zNYyxOkE(+AxZ-ONlR&in1_!`)z|s5<Lf!p?@9q03hzUro*<Zf*+OHr|Aetuv?;|`a
zoimbwSDC`KK(FA-y;o<vTT5ZIOmr1|M)^Dt6sPQ_jCU!T0wuwNXb)bx8N^>m^eK1~
zHV{<{K@7bOo(jJvQ*}9r-S5eGt<g?YO+jo&+?(-ES_0xR5H)yt;64xwKumpHBG`y9
zzu`A#6x&<)60SyL1s9>%)}fkyy&l9Wux)uw(s>cYZl7hm-l&yT&mc_euQK?-WDrN<
z%YNH3p1&PLq^b;51p=x{6<r_oS-PM>iB0?-o52qFD)ct)mfdL)ew|W2zKZr?W2bKZ
zmFNk0rD%emPj(ARKxhWlEo~Re^TLjp&YdN}xErMEznDwj3-g;ARGrno(p|&L(Vx3T
zI4MKbU+LY$6VacuLDiqDKG)@pIu*fi#QLB_pr-$KraK2MW?`IY$GS5O*Gj222s(sm
zy&zI)P)+=4sXh`;HE*D$vOy!24O&wDCK0GuwN#1nNYkpDOR2o{9H_7W`rO#Pn_Bii
zL|A%I#4yz&;IjWX0hNx?Eeg5(KVCq!aexyRC!*_rqJZqoMP2{g-BF4qEU{*(UTWd*
zeBoiYx~fI0n_BpDKu!j5?Z*aHhPei0gVMJPMk9?sBwEhkRpqAoskDL{q8zJv#kLTD
z>q`!()3QO6mJRB(I;_T+aBdW>nrCm9>gr|pNAX@E5^!Q=V}85fcIZ}PDzk%9?Y+!?
z;Jik};v(h7-TP#QK>m*<G`Dtb9NbIA*h2Vdu^abn7c51LxptNYrG|K!gAwCXc8mje
z&wdP?p9;poz{Zi?g7;8rUkGN3@+*K_1XOi^MR_KQa)*G_XH=BwR}pC?jb&7u^mBNx
z!~3RTtuhlJz#+3El`x~5+6-3WuMvz30-IV#3elKRh%&*vYY<azD`kS`NGOVJOt3^i
zBR5U(LII83G{I5<o0woRQZObsTX-B3bU<wuHfYSk2DMqx1iz4ImE_t4{}#|OK?l@n
z*`P_w26b9A!7MRBRl$u3?lmVW1s2+-&XK`rObMV2=46ytxp2~LZR#>4vk~QaqKL{k
zH)Z1_M&=95mp><*RQ<-$ZM?*v$t<rSh4zw7;EZ&ZHyWKH<=2O2VU9Wk!6tA$Uh<lw
z#by)uLoR+?c~>TC0#~7Dw7MO>unD|1A3dsG41>0<ZSO2^d>?#a6Zi*uIbZIBFKo0X
z4$bloMsKHTItZsRc@aH{r>5cy#X0G;EU(`*#s&$##!IU+5ZjfI;MM6_Ui}mhZ4mXs
z3$whb7m*E#w!Rp{kQtKb?U$ejaw)zHLu>=D#E)BE6|p7n#LKT&qZ@;s<Bz3T-l5mx
z{jgY~-3<^Ek4kdh>@4qzIg(_Lxkw*94JGp%i?X~I?f@|ZL!$Uw^Dy4|A{KawukoiO
zjxNAh2>AtivuA#ZhLOZw4H!|NyQ+x8duDkX@F-&31vnmyhXh7juicu#F<3Bug^^V|
zj3koX@aF<NRY&5U?>jTza11G`4szbTMDg;BcR!x0j(#kD8(RD1efXn-osUi9eO}0T
z=iuSzMEv!PcMu+xMD9)qpY<WeiCyrA<3uc%QjlqA`X6TV|0@K!VJjFG;m>b)s`f?~
zy$d?x=WGqVsz*Rv4dSP5AXb5>L@&G<#++4GHX*X=Wkv!Mqv##P5&8_qP@4)zVAQU^
zsz&JL)E>bA3*-jxDs~BiaX|N95LFHOg{pT_9mD3B%@`@*@Ca-f9EuiQgR1du?e_^f
z&BD)p31>HQw)Qh#a2z7NQczX5-bJJx5NVl!YVH5sRLkI4M5;m6WH8d*5$P?$$%z0J
zsec+GEvbO3dN0++e+g?)l_d0@$vO~byU|k;nAx&7I(Z8aVl$HEp2^p3S=45r3y{KB
zf+}G?O0@|$ASDOX8=Y*>q-=xsMyFpSTD9}&Ly^D%l>}Eqg80o*X{fd0&r;a^0|^{Z
zuff`&S%bAf+1hq1I&&>0R_t2FqJ3&aI19Z98&qy};Y^n^a;xDCOb_iN5lm$SU!=N(
zXIh}LoO6;L!fzm}=2YNmSQ~usT^CeqgHuuRHmAt?1t!dfNm6~7)Vay5pb}zfkjhch
z{VM<-A)E^2(qQ;K!cP^HON$7f7pwuR23a3e_;mnFg_F%vv|JD@fwJBbSnZVBk{T3L
z0sO$?t=gIzl*>Z{g|w)zQ>}v=QF4C>hsyZZsga7KB;ptnECNSrVN|xNY5F$RHSCQ_
zkt3kmRr77CO;7^WXwX!OA*d92!l`yqv8IK~5a|#*(jQ<jzoQTwFc}{arm<1Z29?QP
ziIi+mn=E(Ejg)BFXT$X@ZPX4r2c*gR-0oD#JpO`eskS+hFdJsjN^+Z%-=!aB(n*xW
zdvtD#3y5n;JkKtj+Vj)^((Iloz*>pfJySsf9RaoHsR0BnRqc5yLIFs_ul77ugEqTo
zav+!9J(E~DGRtc@3a!F^aH1PVV+P_t5I5kwP3bLBiJXW+i%qPC1I?r7y(JaaLbdv9
z9(Aw?PIRRO8Yk*6TL#y}^cJT&_=`YPlejUJ3ATX$eMv&q{c)+DYQQt%)+pUcjQQwP
z7c~sipfe0RLO4}&dcb3Ys^)SSW`mJl)G+J}i9mJf^nhoEfXZpBVHkbS?Sd*%C#0Gy
z-{XMV_t>EEJvJ!&Kb}F&xldwMoxcgGfvVAYRzT(8k4?1<>EB-#P_-`;0n*PqAk*iL
zbsJQs%)Rn9s7;wW)<2bK)vC=gsc6r<11j&!f#`3-s+zsyrCc<qs;wS~CT@#L&>4u@
zpeYv{w92K6M4+m;E|)z8<T6eb%OzM34Gt1i+2IM$AY0f80;<BA3}vzXDz+m%2_V}q
z2h{DC4H^yFpsm3YiB@UgMA4uFDh&>TJG)$1cV`Yx2J0L+84YR;2Dbye-j0+C7!4n{
zKtSbolws1tEERMOBRwS*ZK!NuEi;}5nKv6MOGsE-^FSKsQb)pU&BGGBaV`}gjB{xK
zVLO+i|A5nM%_9+QFj6k~y4x+kJ{`RVx?l&?F4zW*3${Vgx@s;eBwE#nIvdf_FW)Yp
z8qJ@Dt^{{BJD@5GYVCeueUe%`FV#}{=Nt^jjMj=k7_C*1Xw+IQ8TB^Q1`=9pMR$PE
zF1Z?n(OS-(uGUIG8?Dumh_tpJH(H$VpGa%U-Fd<3kkW=^ttXg;j>aruRaUVyl^ec~
zQoLUrt1_xPQhkHhEl@SW?BaS^^%5A(1AP1q@bBNz$L~soF%+`?syfPvbl>17#G*mt
z<3qZ~L5m`RRgG(vj=E+JsNJIt8uw^}(%spJ%3Ub2MxE;P@UQ}1GaFQn<Q;TZY%sD-
z)ipa^A~=i1+$J4$%`~X=pu1)csJmu12wA&i*fq03t7~?)B((>V(p@tR(!H9l*|ow+
z4XUn{>YCjy=zdZ7sB5OdJRP20vsJ>`*fmo{kbQ?$1ntr-RSV^Sx(IC06oCy&3-vjQ
zpo7G!EU8_3NYDT<UqIC_Yo8vXMj!=u!G^n}qY+3k38be^ZB>9!HJUBaJPAu-rADh$
zTeS?)DIJYK?iD6wWUA8AgFh*#n$PK;jz%C3s6Dt1nv`wO_TW!Rv})*;ClWZIl3*k}
z_y%De#6s!?)}=5A4XOb|#_t>y!C8NA=ODul>3D=s-x-yWYHoWY{9_2OL6t3rpN#Ms
z;Us?*!>cZ{cQ=&OH{CkOM)mA2EXt1irlU@ELBtVts`nEP<t6t-tz@Toq=2eK_X0?d
z?10)M+n~}SJH<ArwMgfCm_)1mQ2%t)DRw}m#S@@~DZ;AEXK%1Rhj=xp#G)3?f)>sa
zPUQfo1=Xo8W*!H_(%7l4AfcPOdJx8G7u@4G?P8F|X;+ZYPP>7GcG^Yosm5tngRq;r
z9Awlu?Gh4^(^g{DkscyqdFU}2v5G-Ztbm7KhTRp}0E>-niW&gal0y#w8b~w_0P>a~
zD&5)?lhA_KlF)+Z-De423c?n=9<&j>a487c1e{fRcO=eQHCHlpd+6PU2g8A&BW&zu
z`Ko%zho*W3eE{AkpmO%Q+y0|~lWDNJ+pa;U+n&59O3~@I+o1C5?6%urlpED;?;;U6
z-S#~M?8)>^x4lSEC4la>JD_%oHfWrp4T@9T3IBJp#Oie0FBec%N8N3|T0p1U?to06
z-F6!^F3SdWWn;Jf4vE(3wmYDzZ0xo_Cag}kU4yE!>2CWowyb(MWrL<%Y|tu~O%j3A
zZQmkbW4AqP5jOh>n$ObG-S*tYkzqL9_AUadNOiZ}0kzY&L8Cz%v^BV=M5{EQyX_9B
zG{|oIzQXEs+cl^)sJiV3+L7vR`w;@V-S$%ieUJ*!-S$dWOykQy7+;omKZwQ-Xc0)`
z5=u#EmrzeayM#gvxQ#EX1Yx@b?*VY?ZhJ8atJ~hMGAas{J>6}0K;1~#plKv*P_(YP
z?L#D5weG3A?V|;By6q0Aih|wtBZXBBc67JBma=QDc@J7zD<sjVwGxm<Yn3Fl*1U&6
zXss24Fj}hxVQVe#VQ^}#m6EW!?cu$V*3`&7>bBdEblVeOV)sTqH*K`UB)LP}IUL(L
z@Tf19n2Gs<voV+$Ph2o2%d5dtl|~qc*bKDYLD3g4zWfv4i$8%s$+h@1upWB`KE}0%
z_+M=%z}}+izxduRJZo0Rk^`})K<z8o7)!phGvkf^8>=ng{~!KWD=*;RdpGPv!9)J8
zSb$NBFyKG(q%5x%5BU$p8i`sbxfjb6hvi|W|5@x~NW6zX$9;#Sj>GcFZCKW6(*pb;
zz`(6w@mI;U2&*mOS@_U4+Bep}eKRk)1i?PR^E58rt9m!%eS?SZXW}<tAHef;7>j2<
z!tz5d{+x^F>1Md|={m&!0v>XnhA5Zd!8__$JbfSjJcKqUIdve;a9o5fMRl?NpLYb?
zYXJTX!Jov}&->n`csXbkH^ni!MDfe`{YN|p;YUa1=D`gh3)cav#)^zhAez^Qg<iY>
zqlCn=!?D$2AJ2PZ8uFc}#8p^?-#AIBXJ-OC`0%UbUVPu@5$%Ee!^`dBcNE9HWF`J=
z!E@q3{L~8mA96C@kB=qi&WL+kiGRR6<6nIB>$tXVR2CvzwHN+8PjVgpB;LiJ4sYNl
z`V1DmrsCyM5*MPNe#XnbZ-TfQ#0Ou-y{=z@fRKq<-ICs0cxEmDu_GVDzFr^}gE+l6
zeg+W_zu@Yw&mm*ti@0|(o|z-D0S_^}z*r8CCC7I}4+783Gh)dHdnCP`cxDcbCCBu{
z>|i$DC&iMZ$K%(5@yzV)gpCfW#9Lq(k?e{;cjB3OC=&b{@g;x6AB9|~3jFChWVIH5
zlCR^>Zg1gQ`5xF=hyNGz9m<SnaCjh@jXy`?xulfpEglXn-Ic;6P!HhGS9q3gLm_s|
z;0F-#Ed3S4kgTM46`rNdk@J`Eavh15AW~t{I|9$rn?Nka%cmrs2hq1#(mNB+($OH^
zZjODg$m-G)K%9h^2T42#BA$caUdOYvy|RJ{-LdL%0{$dV#~(^_{{YCXZhPEXh+k|Q
z31lR~{W%)*tOtVVqQbS_k(O)I^6<6_&*KG3De9WbUeL!wcosm@8{dt4lQu^01Kx{!
zkK-Y3^X%he&nq6{|7(dH=BjruK4Ak?{QTExFF6Ts^YB~-BYchM+ju`47sVp#4R|i=
z7fWu!|7|wm{fJny%Vs2t=duy8WC0A|Y&@6Eh$XYPr@c{l7|)&Gq`f!s;N45U54rBk
zY35z_cg%i|UjzG0%)_5LJeT$1(k4zbL2LWtPjU?YT#skTzWB{s{J(+khs2V*L6Z~k
zESUiBf>LR~vt)8CIRXW9EuJOk#FD?EOa``y_%Fl%tN1>F@vAE*`{zU3cov*S=p&d^
z@>BfDLFO;*6ico~dF{Y+>F8K;@wT-01|H(wkf9<xc$X@<Y=0Qra{SqX=Yjv=>MbvR
zFmxIpPsJXCKR4rf@@()wgO|ih_!CDAPu|L+_TuYtX;ORv*G=EXTPrW&l^qBporaeO
zNIVbXSX@?i7oM{5Am&!%mkaTf^#$?JV>ri#r|dvj(K_6npIU-T>%Rff>k!=1iKp!E
zcx<<#pV)oDT0WADO<egLev5qeN7(Z$@Y(oO)*`W6ctsO%*j~7BvGV<dcfW8lnqi-3
z?G{W5pg$YjE9`-9{?FsmUfptt+A-0w^M%;!owEYxB=_o=dGXzp_n)65G1$kRzgJ#*
z<})d;klzcsrN6?`NeSNPtjW%O5AT(D&&!QtRG!@tLEn&|93RXd&^-L<okpw+u~o4y
z;TC`!g^}Hn`72|Y;7UlOLH38{-xTW|jCeiaeJY$BxC6wDbbFv*2+Gk3!+UDf_l=<J
z2G3s|Ll-x<-E17@fRM~-FmNFbwg?Xw*9eC9L7UA5<P=s}3M#&>38+-O0xBLOoQ{ee
zFj6sWhHfDKV;5|&PIgUrXW%J29ma5O&jj`hfVhxN*;p7%;*mFTh2SB8URG7B9>?qw
zTk&Tf9Dgh0ubEstCgDAar)+K#zrFbp&&PQl)DJV6cVp<ii>GXOGTiM&oZFMHDt}{>
zgEFsICLHkk?7m(wYZ){voE%`4O-%0R_q!qGRZhT)_@rddunUL|A4e%24vx8hC-TDW
zaEBUXDb3xO=o}t7q!HvKNLxSMA~@zxw0sg=fm@Ooo(1ot?DGX46-Cg-%RTlw+(?3i
z=k9{)bKXmNbA*M9&~p>X&cXZ0gbmJLlj-c`ZULHe48kRny@U5Z!f#ASIPRmHn@Y9{
zwg7DNNt6o(`pH(Ff8C9k%tSb3ba;5cI-JcF7R~{Oy;E(2sgNkYJ_^S{QP~N}e0<sq
z3LYl#A%ss&cFr8UIN=>4;4pyKch2?v^Ps5`CUI4AU|8}H4vu}=C`H??Sj#)7$_00O
zBZHC%)+bV4C*keOBrZ*M3VR^kgyc<$bEKqegG@L473tn0!cgyJ<C4R|lTbn$WIa+P
zbP7ty0aXcwNwjwFNCYh6vcsUGvk`#?O$6s50tbwW_!(s26N!L+plmEuo*48=%DVwi
z*&>*8UKiLqo-%GmwGG{iFM`P@m*LOnwEe}XAwzK}E-?y!uEbN;k!M}A4#Jj%7Wk8F
zhd)#BT;DR5?19>S79PG&IXUIsjpuqFzeu<azrFqn-kYQEwjRGSkB2-hVT;G%;roAK
zC&9<j`{RG5yg%^(PZjNod|@BulGj#+URHI8FWC<wmp95s=JNVZt%56$OnJ8mM#ogP
zHa^D7{^lN>!4dQoa(2%3*Cw$7jT^1oj7z8dIuH#Yc;}wK9Yo%<5fOd_;w1?>7(o@s
z9lyoBBH{3PMPI2Vcr{<OCU_-ZgAnRh)C!)1N$V^4ewJ8SC(IRmHfWB3IiMU|wK4lh
zOqf%Eqp@D&_)J|R$RmX|nDcV7dB_8@HfYjwKuOQWOnUy9RKhDprj%BOf~e5M6cDwV
zI0}S^pAb@PogrYMCMZ}b2qVyGB09BV1ad$T$i|F7@DF_v{aF$Tn>Lew8#Kw;ph?aF
zB{>_jl0yP=H0Za3*~%P(Z6<ii7IGikA2$JNUV*)sc*;sq(Z=739|y%#c4jgb4{pQf
z*7&1B;Io(5ydf2}Qj-|o{|vkBd*P2_SWKwC13E<<OeOxno5HsO&ngjjHE>ThNCor4
z=-VgB+>-0iMW7d~PxcKSgG5V&Rkcn4{kzs;w<<Y4O?LK&!Ohhj3*w$+CVdqAa{WXs
z({^g*e~Q{xe;ht6hTn@9<43$di@Yh96KY0u&a?nFNHEUV)f~_{dnj74ae}cH*A(W3
zE#ciXrW&yAiEiN~@NOD34cHa%ZVniEx0P@h$4aEE<8!xT+fVv$^nL0l;oiTI?fjdo
zQeMvS_=&L7GMUb|e}I+-#O!sb6xrd%lvnh5BzX@?G^(4=E>a2E&&jm**)^&rfi6uh
zyF~RQ&=o>YhMl3D6Cy@0{RL7i0#!4*hhJ8m@=E#TDn!xzu(VeVVoqf&lNkZxK}nD~
zTYh4%^h|KqgJJo^cK%s-FTgLv%^4Nz;9m;COGymIEen64uQN+RQsCL$(McPAl?x8*
zmfhUT{TAWs5N>w27-yT&y==En+RK>?fo5geW*@yW;e9JHCGmB|f4c++HNjLDGW+Cd
z*Z?7%oSs~<wo5n&*YexgpbN7ynFa5-;NV<L24(MlVbW{+MWo#;7<^qOI1N1njZp!Q
zu8sEyPQ@;s9>Pe80QL`W1K3-@lL@{UZ;?I60w)0E?X_1m#c+G=`4&d2;O(_<W7u9O
z5z^dodu?XXW|)J8;r3cDvj;lqV+Eu=<MvtP<_oL=TxGHHp4cTw#>Uh+euM}vKsIj{
zX134sug_!$@02CHTLn}-Vw6TW1VwX?fXw^+@=UAXQkaPiu1KRt?PYEUyj*zc5^D}@
zohd^2m4Y!>H3#+Sd_QxA;;uQUTjl_?@hiWK3V{`@=FmOTzh4a#=l7HQ`{~k@SBv+#
zr^OENA9x<o;>!QI`@rJPff@DrDhkQcpBIm1vcJJEGYk-r8Jqn_$LvL@2sVb&50^E?
ze!`V9<KJq+_+@O5U?v8{PUu-Np8A0ErU3g(TJ$0F5+cAs0@9;v0c=bQ;9yz+2h;*M
zpccS?1hugc>X--h`}csT05Rt)5TjXVNxT=!^M`=QnF3;ZtV763d%Va;-LdiptdSaI
zA+ctv8hxs8(nd{<wn0^+F~mZfQIZvPeQ1)5)eCmPo6i=MHJt)@ei5anIGba6;baig
zwnl}hSWXfd9Z<`tK}W_C2~O)VGTLAyqZhn}_GB*+hh2_2NXyGzjJ|z|h!gBNFX7!I
zEVN+guK@n(K=4$8hl&n2!U%7)(hRr9+pCeM4bBVbgHh9lA;t$KM&<uci|rTY!KmxE
zM7gFh&7B%+AM6MB{fmHfJ#+hVK$<>^yhyv|xWoMOk#r$u66ZFDrP2Iel=7j@Z|o77
z|LcOW-><FD#<cZ0n6^F#)Yj*K+WIm~|5Hhe_3y@>ne+k_C#OMg?41eOZZwztaHVa|
ztFhdW4TuAxAyGEzfV#Xj$f<i{lN}{aE?1cHwm~Ux&wmMtd6<Nq^BPiK4Wiq&Naw7r
zbBZKo2h=HR(6O`v3GUPe8`PHe94u{@Fe^(#TAr$u1r+D?Sgxv+#Uym493%YPVrnX-
z1|2ab2&ba}8?-9rzG0I}8P&fEru;u>h4t@biI3xY)(KS}4yd)FK}Vbt3GUWE3)EU+
z{mb7Tl|W<tTaLO_E8+xCfoLTxWMs(&hoA~wCHYX{U`Y7Z`F6OM2866RZghGIYDwNH
zct2vCswE|OH?`zEv6yZMrEAG0g5hk8sU<e1Yl(yDTH=7ZmN=kOOKy?0>{?O_0d*~@
zmG4e1aX?*598i~v2Ax{+hQ#R@i48inBxkBsOCA#E=F}1g)G2Gwv4_<X+^HotsO^EZ
zWRcj3TT2Qlj;<voBy=r#T_SgCi3S}pJ`_$z0XAsWlD1-9ssNBVxO}!!l}uUJl5G;7
zQ%f9BYej>OIKN47r<T~D)(UIM^R`x0E5%w;C*r7DvO-v#TH;AQxZ$4embGLKYKeC$
zYsRQdFErED(im~`1v*&S`50qdBpooUp?Nh2_YSf#Shzwk)jh1p4D!-LFsLeEOlP+X
zr=z}IAr-X`LY3`E_4A)c^Hd6kxg&9(_(~AfAm(joo@P@~&-Wcs6LqhIw0mearYoO=
z>B{GTy7D=ou6&RySc>eo|C*ZcFn<6+zfI+bXCNp02zU&^@38YYnM`@Z1uP=CHPte^
z6UK=)STntSxI3^SVPq#k{nXH`gPMT9C-GB5V?M=lo3OI?4A$L)LCq50X#!Ft_4`8@
zux&=k=bVN?s}`|Vm=2^gKVW-1MO-J~{sgs%HmF6c7e+@!2Q(sX7gpLfMZ|wfN5_2=
zDUN-VvY$kNlLhQ=3t)p<fD43?^}y)J0gV9H2rDbA2;gNNL($zSlBuD=+1Tm`-4{Yf
zHRrbvN8|ld2}oz7(zprb;D9QPqfidpgw>S8NR-140jXkD4w=aqu>5KdVlEn#-41nR
zmtZ}>S#we6Aci{P+jZnN)RE3tLgo_6cTt<{ug<~`*8Ci4kQuAFCKDDxW*Zx{U)F$N
zC1iF$%Iu}@DZx<{#&u1`ue|`LyQjtZJ3$#g_j5FvBxWX3{%!TRM)h?3+(3S^Mc5W>
z7yTY3$qmBG%9DG9*I*q@gKUDvPE2$SzQ!7;4UT>+mg9vlVwSB`!qY*3H8<0*dBT9~
znBq!P*vD;uVog$5S&xxahwLfPvki{_q-AFIM=q8<5c1^?z88^F?DAxx=ePV6j)_#C
zWb3d8GI77e%&aV1flSmvG8-IwdZKw|C?wOMNTz;DV!4E-)#y7bZA|X043{7etAv*p
zgp@jDpN%}&AoFl5@?c|89!4P#^^|%=a=hp7fl|pi1JnRaQ_Voxm6A9j)g|{ltWj5k
zK;d=wLVo(`@2HHF;wGf>0<zd(BWurH5i6_lvg1?T6srv?Rxdmi6Ca)ah<H`e4@mBl
z-SG_<q+`u)iqWxd$I#afJ(!NQ=lgN5yF|&(z+iE#{=Ud+J#)7&Y;H2v*{2H^3t`!y
zREuzD(glZHl?;NxO~E}e7v_cIa6$To5&;)*mhF@3llc__+2G*L*sXgOlDbwnS)-N>
z#+kINlnV}7i=-B$n}8jdl;?MWq2-(j$%iL1%FzBR(a{kvdm3vm^HEzg$n3z-I;h%W
zgHdgvO}--GRc+BWslmqD@+d6rJz-Ua{xp6FXeKPp25D*c!qRLkva};$X+;$K>EyA&
z-d88QFKw}F@!KQ?s5CnTWH)BnTKs^<hY-*P$Cf0Tt2-lY(A>Ueg_cR<U=}1C^JipK
zs%&3L_6{om9ws1t`?6P(gM%@siZ&SC>6%*(eV0=3LQK~l1hc6oaWG^%ie5!xp>Zwy
zDG>`F{LBT_eE8i+Pjf2WeV6DN41jIgVD@u~d@m@3YGz5K>{2dk;MMiP@qi0=M%l<C
zydJlye~oC11ys?#ni#C=Z9PTYoam(LZQfbB-ljgob{XMU&f>j9m*6)<VuRU7BzN<|
zu3&vtSZQ|4-cRHOxlKUD8k`Q%-WOJm*q42jXc=4tFd;4?pWq6}y9dJevHixQiNVU5
zOcjvRP0OCa1^#p<HmE#Aa1A28L|CbcWzQj{eG%y#0ogDvdmiBr0ytklmDB$sr*9#r
z?d<F?O!Nvq2AC%xo0eq@69c`l9}4|>DFyDoUp5v$Xz(ytHK<rOC%XoRL#DTcQ&s5A
z$(Ei!5e}gkdS5m=*)vT?PzeGKAWULQZeS^E@I$fA!HbC40p(X`Rziw;#xg3|K3D~&
z`~Qk8K;`p?<lxL1s}tTwR+o9;{=Gb(!Sc>Vu#w4jisL2WpodT#Qz2dvIR+)0ccyry
zAe4Vv_+i4EEdKf;W*i*;3z*Wc2FI|qiA;DPPQPCx9Q<vZVH*-H!+n~7U4M+Hf+?sU
znv?aTYcmwrbb$Yn;4JR0%>iBtaG8Ld2<qBG`8qGW9v{Aw4@%{2Q?c+5<j)3G6{GjC
z!DX$`*`xQcLE}AaP<sy>GfPh4LP+qZNT3=pN-z?Y+y<2d`$Ga7T(%I4ep?}d4UU~6
z{>uin1U6<QfI8CmpwCs00;nl#=P$r}4t{=m(0D{&2BH9)bNEknAaj!~gU`_!bHEu1
zEYJT1w2<Li;TJu=15pAZ|Fl@U@Bt8Gtw{2#V+EN<v0mYTe-wDWkK9x;*y>pGU^R%7
zBpB;`i$SrjAr}~L5|9PfqF=0~TKROqc&x2*;tnV)e>SF-5d49`<GB(oOF;?nG(<eg
zN-O_KOmzk?9h>wn6qL0ES)>C?uci(md(Cz2!bkA_u<)FUk4l$q55}%r0jCh8qA~z;
z&WRMIvR_C-Xa9e~&Us&x{apgGBVe-cfI9mQDA~6$lYM_4_O3{@Cj0Lq`?Ug6)y#f)
zC(8118)R9&0!{}+Sw@QbN?6&_XhofXK}9KYSyP_!$K$;k?=)~f8=9>bB49#mzKz@w
zEzhj8uM?2#FJ_(H2F<#!14{O7OlKcULuWva*Cpc95iw*7GiM~dj|3YHOjW{*!Dxen
zUJ9H04*|?MS8{O|h(b-=1foO}*Mg`NB772r_g$2~JRN%-z>I+OXe!CI7D!7|;67Lu
z*PI4q<*-4sES@8A;>ST6SK%E{)MH~tJ^n|KpibxFK&0%QCz)l61t3gHog^i;Af_N3
zP*SonlM(`{f8lndm?u%uc2u4_!akaU0iBBmIhZka(ocd@JH}3I(1_=NBA$)e;$@$B
zZ^GL*7J0<Yh?;v(D&fP6p#`<~WDST4t)CSjYJ~`CI};@6k&-E8I}Mthwv$&Px~1(D
zX@a&>Dul9~Yb2tc5>ZIonJXY?DU9uCkR4HDJO2P#k~U~cbfLuQ*p35=%52Q2OxaGg
z&IN6!UK30)=X}d{?v<1r+i^fi$;M1d$Q}QMM<R{)Bqp}?D$7jE22Jj4&=`aRN}4ui
z(hS$3e1DL{*pE|*odgN~0a5}RG!pzN!8s#oByd2Hz{ZRO2;>Df-<a_JkZmCB^ORL4
zv%{AGj^7bE7!JL-10?)?y$goJu|@oev1y01_aAHna-YLQO(DvM`$)nam=C-}V!N8L
zeU|K=Jrtce8?2d=3C94d5k?jyHqG`9S7CR711^ep$TVPUv<(ja9#hsqTTI|RDd9Ov
z<EC4TN)LV!9SRDwCD}fG7WT0eUl8qM*&X~v7vjU#WdHOS>`y7W2+=;4=W|<0Dc-rA
z#P5Tts9F&7d&fJ6+*W&(c!z;VV*Wd^XkV=cS*Ogt+9|@x=GN@1)gYaV*;jjpaH^dF
zW?${Og0c~7+*dn8P!^ZkSF6^_9~G2}oBy7ymD`|Rt+X*c73^SoD%b(_RImd!P6dZu
zu$AXN5rMuGs_PbBhpjvs<N#OgbexUBx&x}MJkcH+?_w0d%C>3`O$px39-3MZ+(V=G
z%jC>x+%Hpt_c?mMOdSa<6sS!w1v8^fFlwoNmxxCFnq^HJ)C)FhlTN#a$o45SHtE2I
zxQC_`5t=<TNB<PDP~CbDjg2+#p_we4><8&RG&W}T(AXdfM)uG=D8a8}aM?qnG0JE5
z&^#fG)V|q6Q!C&J1oa*o4UPw>_s}?)?4i*Z%}?*4c~2r_i=g+=*qGTv^SLmxxog}*
z(^6(^RdCruV`I)9nqpz*{DIj+GgUxUQ}iC1=>jU_*L!GeQ1;NAg<`x)c-cv+S=CAH
zm#Ie4)~sri9YYKKzI<nS)x4Y^{Dj>+Hr8fVyoHxJ?30wY?=O)JP(L+m^0GT3^a{Z!
zUd?~=gX|_)6nY07>=xnV^nc9@M`pf+&z$ya6eBzBHS79h59HLi$g>Br)g6PuoEn#~
zN;6zO%1p+vq3E|LG*w>nR(|FzU{eJfNNhuX=O2(tJ#+hZCi_QBq1VZGmEtz+D?k{H
zsr3R*p+Ap~k^@Fl=#P}36}|*<ZOiztV}x0W_pu?S(7R$Ps^C(YLcb4F=(Ql!6#7`O
z&5uW2ASS7%(C@^gpaxljW(wT~qe;P^FtEE>!mCL^PNBbpmQ;hR644a;8u}SwrJmFj
z`q7wtu|ZA>uE3<AjYX4!XQJR5D7KnHANnbJSC@g}6#7JDVwJ>9jjJhiZ!Z^AQ|O;U
zGR-NHsVVg5B(yz+Zew~1{bl4~z3|e?)D-#@<iQ4+ho_JS8;kNV19>Q-)M^U-Xp~AR
zDNLb<&!X(6C8C0$t#T?o_^uW93t1ovv%BY$wU*&9m7YtM1`v&(@-D|GOr5JwMIh8C
zFD${7`F;`^(?PQPWDmylxDB!a>eCcs1Jn|eQ4S*;pb_uKy+VnS#%ZR^&%>lqDdpg#
zQ5OWQ2B9X6D$%FN!IpRaE5V~Cjo!qhQ9U@+q|r&3AKF_u3c;Z!jgD*rs!5}7QJR|5
zOd9<OkbCO+&rBKx*$MAB0ofDLlSY0q${^<o2+FzrnV4{YM7Zc})Z9MLY1yEe+jqcd
zZvS#*dzD1M?u44#XZCGSsi6!>)e5JX+wX~_Y|zZ@JD|+%k3kJ6q~x62XASsEqBC>*
z526}tkj8H2_H8h##;h!fRHQUjjXAf^%A&!>YP{jkxYt@(RW;_^{@JJkHpnXQ5~_fW
zMO9!Hsz3?F=G^{#Oo--5T*@Rlw|^?~vbTV$6gaov3<BDqnVqviJvU}!(z_03Lc#+i
zR%Qm%_`Sn2fCmYv%8PURZD1=lXwB_cQgF`gp98b0Bf+`-?g(&&#6mMvbNf$V+Rp~n
zXkr1<)1cBF=k~{;64_uhw|^&8bG1Zj&Fwz{xX_OZN-cbFZvPWRdxC)UV9PkSPcPwJ
z2@yHBPcKmjLb-zQckovUzgp7Z-2OLBz-Vs2)#q{VDPdJ=dmnTA=_X(_xBmh}TQ97t
zFgdsXCcvEns?{#e?dKtUvmnZZk{5IPO5Re+i#dHIZ?%>;_z;my7k;G+&gJ(<B&7nf
zky3N{`vJUBKqW5c@?S#EI*1G^InL#80GKbJ3a;kzk3yw-O0>Q^BjsHFJz&+KGDyzl
zKM0xXgj2OSYA(MV4xpZy;9Nc{e%@8lTz)^ix0K{)X=*NiH6nIEnai(*6vYUr=JFo_
z(*x;9SxQjO<zI}s{AtZ1kb_M%Q_o<P492;9a*P)aJ(nNu1xx)|)T46332GmfYJ<vB
zSqW`WO_8$_+Mua~HmED1jhP{CI2;nhGLhhBihMjIut6ok`H;W{)f9O<NMM6zirfaZ
z1U6<QfU?pX*r$S`YW~RcU&4FN)zK8WUw|3hLK2+L?E#_$L_X%dquFc{dOCNoWP({S
z)42-;bf$A1P*3MNpq_NGLTh=0*7I<D&Qh2X;5$sx_7#v8t)_D~p;Oq^205Mk88{u#
zOy?dhtTbL^kw%&R2Fj>ME^GeG3qQg88sRwwAJx3~Sm@+=0VflrqV@-vQ)(%ykc3v$
z24SZW8bxKxwk$T#X5QNYwW1tQ6lG&ZQQe@Z?UI(6_s-xH=xYMfA1Fn=21UJSgH+UC
zP?Q52Mg1VGbnRMENi>b6$YssWl>aLx>#FfitM&VE-dl)(2@SC}XPEiSLj`0<&&+4q
zpqV^!K*_$1>FlHMx<IC!Ya*Fi;=K^>N~Xb(sYHl?R&unp3B<@${BJVZppnS|MJ5|-
zlqpkz*8YR$QFZ4;X3fgI(JSi%bhV7E768S(tC|OWPB1PNa{g7#gKiQqAE0s!oI}?j
z?MH!}L;nZJc{&?3^K>6doHTlqEeDir*_g>z$T{>cB??-Fl7RD}{{Sh04H^l)mEfuZ
zXj^wck-)}`1W3~h-o}{qOj*;Q6DZr3>=M=k93itM9H4NHP0bYApqVMOK{ZpD`x=I$
zm9Q0t3z}gA<*h%`K|oCsng7sQI8SnXm+a(E=zzl(*Mj(OvYY>YExad*qj1^qk6<ey
zadR@0z3XM{PZ6nlAR-<IEx~b6jd4j3=ki8G$3gEG&Jd?c^>NTjL}iYH)`3u#&Eufn
ztcXy@L0^%e2OvVl!Q-F>!l90X7HfjXK`S)D<DhjysN<kHWpH8oIB4SgNC#|wO?9<F
zV?z!oC1_)I3993uLnLZvcH0Jx#n_-p&jBSp8#C#t<DiAel+p^1gO+H5$3ZJK!Q-Iy
zn&5HJyz3+kO}Q9^5on>M6(f)Xia<7I1j6h-kAvR+Z~3=Dlbj8j<Q!0vvoR|<)R@A#
z*r_22(kGSOlFarG2Uv-G(NKNPsn>yE4e89ebnp7OCv)hVQ8fxc(!9f?FpT|OqB@gN
z9g9o!rvU8oLu4y#ZPa}ETFjR_Am__>V!qr4qxtgbs7?72o?E`ve0ew>v7RF+J8fmB
z;ez-#5vvUjn~d{#9{{|-N`LT&Lo!(yT{swL=DqMzM0%C59?M9lLH_Fj-X|b!UCF-%
zkvbsd-wm<apprkl6!JeH;W?<K{K39Bzh{F;>0p$_57_>Dg7_8=g{W1)y8xeLyBv6#
z;7fpQ#M3E1gjEa#Q9lTn*rz<<t;AC{IEh2Jy$0a?ZErZiC3woVCIJ1oC!lq3Wuq1V
z+CWJCiiP?qzthnasiV3B_)~uIDHCw4_dNW08c*3LxR3nduT$PHcoZ>YRN!5UhlCg3
z1Rcfa9fJ^e;ZOQlFnxs(|NAE84cQ^Yr~?CUIUari_bup|#Iq+NNC*5;$BkFwo|7-9
z;@o{tNVgQk&Y3}UDtWECM`tfgIVOhV&s;oZPvfSf3pS^`wRp;&XI_f;N0h5SO?k-|
z@aL*&DX(U~Sh6+NeNM(xGaD>}DCpR>xYBCYx6z5^8eZix9H;n`hvE+vP&1eE{kngE
zAK}LFWfjlE_&LV9wCBH-_G*UXZjKfBdgq|PtJxzKOEr8DHS2G|dB-OH@IdGlJ{Wp6
zyK)bJoCS9w#%8fzxi4XYx0pnJY-o5Gz8v*Y6pZaAz-~bWrcaL*kcKdyJBxE~y8$b&
zQMmTG_kpM-krV3?Y(R|f3cs4@Z5iw0kHX4P136m7+UI@@j)J>E48$)!PePgp^T;Uv
zaqI}NWpFpr94BC7n!iz2h8v8{5z`Rv3}K<o0c;;UjBwMNh6}18UZtR{{56AOJv_fn
zYn)JIY;7UZ*ND1-#Ko~rxjYbBaE~I|gcl;6d7nh`u@R`55$hPNLOKfsRPu33Id}!f
z&7Tld<$PvrkMNcyxGzOOHOGA`bXwj7RFmAnvyih}eUy}%UcN2XGkg@R&kCr*S0Mbo
zO~5F8{(Ow(g_Vw|W<l(5|JCx8SIo>@9vi04B2|JgXOT|%v@vJ;EYjJ6vC-FSU^b@L
zz#L4kfjOXF19L#V2BuEzT`g%*Tzz7%9s=sKNDs+(&Uu*=dk(12A~~Qw`=UYiBh87u
z8i|udWR|vUP%mw%6MK1!adnG6u{Zt8NL_TE=ER-@>XbFe=^K;s3<*w?F)7=iK6S&h
zNS(fl(qg4xTAn%tR77#~A)xCdJ{pTTD(8S&91S|++$6!-IW^+gpcaRRfJWNlm_tCN
zS{xqnt&#Xx$9P^U<WXM-)aRxgP|K)6N5*F)PN%SJP#2auhEyOzDsw@hL6G28)T(KM
z(+*G(2Kt*&E2<%T&9$-Ns#Y|BFtsA~**|MVmSA?RurXaL98A{=2h_E~0i9aWMbffs
zMFCdTbgei<zB{$T0d=i#K&@yEI<?|RiPKTE4QfTJT2TUNOs#lP%E+k|4yaSspi{(e
zNN}fC*q}B;){5D-8Jb#ANpW<o_(<Y&YJ~%8aWv?NvqgeCwZaCqIII<q+Txg6QK!XW
zt;iA<r&c(it`!cbWz?V}V{3`iDJ&b*g{5l6-NJ3xicP2$Zwsz!#kH}$ecp87p~F>k
z0~%PK3cpQ^Vt3RVb1HnXfNXWusc@gSA`~N>xfP+3guWHwzn@37iPmgxMR-*}Rp@dn
zf{p3w<Y2lwIiRji4ydb>+Uc=T(qfm!+=}ptfE?iKR?fz>01l=Fa6m1918M=(tqAo{
zhq)D@0ByIq6`_>Gd$H(NglZDn7=9G_l-X!w(4b=sJB8CR1{;iwLEVZ_y}i-1HQtJ_
z-bNun)YQ~doXxT5R)p)mhyps5$^o^E8gyj5NrF3-$_DL9wL`>FEuX4XycHqmzDOK(
zE5c{O!cmZQD?%Z7%&iEINSZV;b1Q-kI=3P$kQgZ;?07%Ve;3`kQbbs@BDP2F;$P5U
zfSCUdepSZ*44>-x>ET#k^(kkmd<t&6IpJL_aj8xiI&r~$0PnJL#R?YubPDe6*%GOh
zqtTitQ0rn-lipDRUPSOo-0_eN@N@y08+EjB-@}`L>S*D+U&Ot$gq2Mdk1qy`hb6qr
z1RO(fcfUC<07#^~Ldae79Fq6~4dM=A*$XU<CuqUZc!Cy$IYG;JIYHZgYm^PUHrtr4
zOb(_ilLP9?<bb*|K`#GdNS$*(hGIA*>-R?=zK{e?p89>Dr4kS|&tr>OM-Uf^RHBDY
z!5FB_0hP)=gUV(JE6YKtY&ldmM?mIHPQ?aaz;CV;Tn%+`IyTsZ;vM}>qyqXAb!3);
z9=I(6)d-$PW-0LT0v3`Jf`=5`22BPo7EV*<%zy)$3|u0tl*weETtF)WA;o%5@X?fj
z2WctRYXWk6jS<TRjaXj^rz4gF8nLzst0UHL0<zr^y?Vj-Q0$+UVriAZ7f|exqF64Y
z5%hBZ25Th?8Y8zL#0{C7zmC+bSTMp2suAv60a>9r><pd-*jgf^uT-PeR{;(Ykj?}{
z-uA)w0A~rvOfn&#w_nvU)i4%ad*v-do!8f16_L=_UR982y!NV27!gx+tEL+2Pq;I>
zgsf&8hWa<Xjayrn;g1^XAFA%rY`|z9lf^+a)}PAjHgDnd1Vbm@8y!Tv&yhE)VMnBa
zO(0?ucRdt(gC53U|D9OyG`#qbZ=<ht$u-}^hWNakweCUW<=a><bxG@3;kW=C=8{$$
zG?%nqC!CB?%^&fSRtK~$Y4vb(ByTCr@RHWe5)yeZm$iN+7*($?Yb`(^eOYTU-t}dz
z6?nHUYyCxn_Fz!CtW{&2eKMO${}x7ePtB%M4N@g$Qz`cIfW&N61j=Qtp`f&x#!aQI
z1m&1Kx~w(eWv%T6rXyj_ap)c!J@W)r7WQ3ia1btpg$bxy2^2(-kMO4pNS{@+HP$`&
z8@70<fU5iedRcXXT!|QC6R$^EKg;s|Ef!9|<p$g3>yeBk5$_aof361E0C1mf$bGst
zX!h%Ba1U^r{kj_LMNr>^`>Q0xo~2Q(23hfpYU2%&YL&Xoe%(M&SG74duet}<3y*>p
z_Y#~6Q`==raT~G*8HL&|+v2ad3r5>zeO@_N3lpkI#`~!KvN;dK&h(vgMIg+6*$NQ)
zez|&n(EDWz9sz-lj@mC<3c?KSuNB#tOEZ?XLER%)`(>93H?5>`zicfcH2Y=yeIF@|
zCZqSu+F0X$*}=le$n<_$8#DW5Z4fQ8?3cY%g3n@b*)OXxdT6s>_6A{Oxtjg53kBpM
zE3;o#gGT|>`(+(W_RDIFWvBPcR!fAmb-iEK#>{@%HNr?WHSU+)Y6qA7vNopo%lf=Y
zu7L{2?$=!2AeXlsn^AdloVt$gFNsIF0(~9bE&+Kwg9YUU`KZU6r7*dGPUFf=4aNQ4
zh^?ksyq%g%tcZw~!FT94zWqZ~u*`H#cDzqmiiYJ*0s9hc9^Wl^3)Xs{fJ%mFh7r#E
z$seQeL~FXon+NS6L#@cb-Un(tMmq6pI-^Os9e>`zQ+609#E*L%`2IuT;0AS*8!(Se
z#S&ljOh-3oPE&K>$8JvJn%EXmDp$f=$0pv5OEJI3Q`S1^KZRAqVlK0^PY(3MKG+dQ
zVq<KtbfPzmwLI=EJUx?M-y`W2;=N)-#(xudDc-O7IV+Ry4Wbsrb(5Q?@6Jbn8{*!C
zeKXk|-oy6MoG4Lt{BQoIb1-vL!uv}ws_U4tSQjt-C1NN<sGE1R$t;2}$(B(l)|Bgx
zXq_%b(xv!*T~R;3?f<a$kN0c7%gW1L2IhJYy?e#j7DWI2C)Z+k#B5~Yy;#58^&kpK
ze3C>re=ugPOGv#M8xZ_nob)=iijtzgs~H)~_g8#~_`y+gC@!j61LAJsU?ow@Ge2T^
z#sRrJa~zguY%p40ilG<wpoHgGmCdW?r%%RBxJ=?WoW5)Y;x}PoJE}$k6Ax|zs_xgJ
z*vZqQb)#xjPb<6vn@k4^%1&9$q*yPt$<zkfUFRlK2V-}gn@k;$-F0p<bwKH^hyBk^
zdUsnA)SQGa-NBzD>lQfZVV*e&`@z3IBrx~QmAxM89o~%N5E`VpEC2p6_BT3U<lkZ0
zymLS59py~%qgA7USb_24lUDm^GK(Tz<aVP)XWtR3epOkYMDDFnYAM7j>!0WxECJE#
z$cVKk1=%yv&7XN3`hMitE73W35(p1thVmy;u#wY16@V%$Nc2q40nxxuKj#Lw<9*Um
zQABLb%NHfuc<Fs7rM$c^!SQ=5b=7M1S9qTuZ>FwVtp~xYR{g`km9qt3O5)h{ib<r+
z5>Y-QdLY(T-CSpbY@*anX%2{{D&%d78q7m*Hd)!fy@_RHiIX*J_SEQNN*mLIHV4y#
zHV4#$wl5?`)<nJ4*i*+zev>b>S<^h)pl%*j%UrP)S+9%rP`AO>f-o&}0|?zR7jCmo
zvQ&`JEpt5x(=v}eIw}L!NRzY;>ZDc6e1>qFmO140v^NWSHsUCM2%6?KwKix3%-h~5
zU@_iVF6wI9N)kpu5Jtc!Byx&r1hhd%zz_Z*;5{hdVH2WEa$iOH!?EtF)NOEfOiKMo
z;iL!DrEX)o)E!Khx&!J`cR({#S7v*eBt}nD{s{EO3m0vW>QQFvfKZdV1XP3Uh8T6t
zk~rCuH0rWJt*-EQB$hoXQp`w7uqw8DxE9*7!8tfenVoLJIs5zU>{qc0Xfw_}Ad|ZR
z4N?yFr5sZj%MUsuP=Q2GVU8IYV;8_vCR_-v^0hHcw7^nIKo|?D1ffm1o*%S@<b4xa
zh|d~Z41!tCyb0opbE8bCGAr&ERjFc0nvT)v!3MP+lwHpdZe!O$754Wm7L+ca{IS?5
zU)`9Aq(SshCHSInsA))jWu^n_5_CXaf*N#6@O6n(f%;-*8`P3VS7z>jTJ!?kYbQjS
zphGnaa1N+b)*$<l#&+J7;EwIsprjmdsbTAhQCi%O5iP)RI=_J8=*s|$N$45dtr9s)
zi8WoBum&A5eh^Nl=xi_&L(SMeBV~_POT`-9WBZYyYC0AI1czh)#18_}$x<p$tr%8N
zM!hx?v-5<hRaN&KPz$a>NAOUB(;AG;*`U@R*GAe-w)AJ#MruVIwK9<u7G+)fa!vod
zC>;B;>e@hm8%(tU;mTK|%cZUh{}#l^bl0eX0AXsE_g!P{D#E*|U6mw|IaRwFK+q^U
zvvw6WfY7ySyyTEgn8~3HYTHz`>NMdtwMt1>f(Xk;rQ1iBnS(IWHGt4{zu<dIx)Ksv
zx@r)n?oSeJsOC#c`I6|(k<tboDL)i$SIP#YQa(BzUAbQHgC%7N2rXqbKWGotKtfAd
z@S`Q=ssASBfRmzvbfmOFN6JHl+eqo<Zo3}a;E)Wxk<x56i63K8xi^3?nl1RLQRWJ~
zH_A)`GOHnb(a(|0s!x(WHWH7GlPPK&bj0f;+(tYlP$eQP|0LF36?HubBT(KijRKY8
z-3U}qLJL&*t0mCcl7y;q+ArFmBhU^15UAB-*wKOr%il#cX^(cN4#b?taFPC45cM|y
zjlHtjt=uJ8Kd4}Nd27`?+ZcsbF2VsJyy{<QkeyQ6tLjw-6Rkp*UZsuc{)L0-{)GeT
z{)GeT{)H;Ro|2a1&TUXDOd91JY&I=_AFFL_lnX(a(kcO=O}>^Nw8`iEZk1Ls2-B7v
zCyA>@S(la#>co|&xJ0;(`GmX<I`6nhS-qga^6hAHc`dXJnl{b>bpdFwyIlZ%B~H6r
zZ)3Uu984F01L^|UQ)2vQw|<oM#Z)01)H(>JJd^Tf3OAd*^54-H<3+5O3CKx3fNj*B
z`Lirey*O)QIu8z}^WcCw4-ROIh;`t4NlW!n|A_TemB0o~C2&BLfokA2==5-Ik~kg1
zv_Y+x$cezL%Kwh_R%Tg8gR7K-``#aoW?6)HW0sX9v=eCnVa)PbN!l4{*`Q8Z>O=vC
z)8)x{H<frX2$OgP2wf-Y`9ar-0?e?Q#7jY##9K<oh7&l(9&Au2uIj{4t2d@*LBr8~
zliuZm_Mt%};=RJ7cXvVj;B9u;rC%dR)$@n3Gi@JFnBWS;4`c_GSf419IJto@`mxvG
zdf4850+YAgk9YQhM}U@{997C5L@$iD^wN)EC|`?wmhWumFXa$_C*B9~uCwf<_l=B4
zlvUR!dWElnBYsR2$5_TukIDACpTtl22*`R={vzfYHdnjgQ*C11yx>`|2EwXp#fypN
z;TC|M1XR8Cb&1_GUn0B>KJ{KVFZ>;xJ%y9yP`*CVD)<4MHu%)uNGW_6tV3;~UV%`%
zz-oh$Q0u`u+)n?ML~}2A4q45S{Bu&Y{M|%PFSrg`c~1PD(#i>mJ$-5=?{Dbs1Y9vk
zZG0#kjy7ztQ5*Hbsxq#%@rgZl(b}*<YQv{CikU35kV`F8fKa)|7H5dGN}^WMPfFwm
z?;^lKQioJ}#fg?m_*%v?OoV^w_{LVw6r~L|3cp@h9pTqY$I&TD8#KauyDZ@gKt#g(
zQ!qtT%x~8wTBavp(yD^Q?V0doyx%E(DMqiR2+zY5p#!QZ!b>rwb)VJkQVYlT<|Mp_
z1suij+$;cRu^HN`Wg2lTRecHKEHMW&x#b0IKEhu5DUoV8G$|XH803G9-7gIY2x53J
zu5-%kUL0|-OWS5|Y!wfBAv662WnyJ}Cwhd-ain}d0lN|$oM;m+ZUU-v=I3^3<YboB
zJ%pD793{ayn;IP{_cua4d062q+c(kGUk{=P1kcX-TcM*;5;!v#egNVm3C&5Bd|s~i
zrUkNQs>}6y!0BjC1>#^@Pyp~O39dli=f)fNW(dd?N^=Cy26+SzJ^+X1778o7gJg|v
zd3&ZLQXbU=q3F8&&ykI4=4l8t)Bs|Y1U2RVGbDFFRsIW6{_BL59TQdlH$ZQ12-uS#
z%RktK0zX_zma&!{fLoiJq1cYG!NNrMpgq9J0y5IFkvK2h4Te!q2@g)}9acfYXM|%K
zIf~%mo&mT?K;})E?OKTKfJ*G^A@)zg%KR&_Plnh#1?2R6B=)un{KBdDb2jjtr42pI
zOAi)MS?NSL=$%MkgDQRA;}JWg3CQ$4|A!JR8N`qq1oYp>IoM(lxYjh|U-miH14!U5
z?6A5%;VnHSDlT@>)P){bfn9@aj(DMm-xJ4Xy*PsLc8-n6iRPfpxSd1Yfw4-WVy8l1
zBW+{R9T?$<xK&`Ku+q1h%Ry{V-74UPU!z%nR(R>D)s-KWP_GU0u7GVHxtO{uAov<J
zyVjB_y82_vrwOkBnNe4N%tdzB3kyg2>gtaIWY-4O)gPZD+Zv?Z=xo<XXnG5sZ5z{9
zfBcHPd?38EP<8dka^%GZnU|lD7aNQ2J@^fIDW=rw>W^}iV+ASRo;?f2?Il3y+p`Nm
zL|0<-(~L8sB3262w`bd6BkM9@W#`P?o^6AQ)eCQ_OL(VFjiTkI7IhWK46Ml5AUnZl
zHpSQp9*R{OhmoD&Mek!{m_$jBt>@?cTaeXa=8iXPEWouFONEPmOWm+B0M}mFpt)hg
z0izo>7H&iZkO){e)eReCAdn5J8#eAiQcnpdE1bGLdjyiQL36`~1Ii5>(_v^8lpHr~
z_%yV761+8g8|uJ-QzQM+mdwo>HmK@=Pg~4MqC9z{25oSt6%IC--Zs(m3c&!|^N&DW
zC3vUJWtW1uM40K$V{Myf=WfQ2gbT*($4=@P?AYXD$-FqrAOHLWI+c}(4?^dqSHo8M
zW16th&asctAxU8ZdLSxIZfXf?6ezGA8|0KGyoV$S<`AozZNmQ`_s<B(PM^AOdpNRY
zgXTH_8`OvKZ7hCWjIJqokrGL)RHM3+<1K)j1Z2~s?%QsF;%v~mlcR)!^G=R?KgYH$
z61<aRCjul+i%Lid%=@-q_{;^>x!sSEp5|0ljCXP@gEiY=bSFn=s3t9uvJH^?w)X-2
z=Cmj+b0^0hSf<-9AYF^PlY`Z{jw0&&wsX?DrXK|UF{d}0)H2@5v2PPFx|5?A=wUYN
z`?!<i=q6xvC&z&hZL+W`iFqf-kpOQMkPU#kZ~GjCUn-!Im-lT`-Yqt#zHi$Gl}`yy
zLZmx|mGxiUw|yBRZ7x2EZH2m{qa0vM0adB<j*eV_583MC9UWZ(J}#gNuI}i#6xDL5
zltMlu<sBVgqZBo$91HL0=nI*S5KhkaE>m}OEQSjyg5K2~9dsQPAmB2>qws#WB*!?^
z9UUpi;DB;R$Lo-yj<N8*?cb34U|Ue$(Qz$q;J8KREm^MWjt&OP@ez!7bdcj};b2EW
zaXbR?3dzB%lPF#Z2<6fCL?`D%QQY~=4)5Fk5LYKvf<s-M^zt2u{mjUS3c#VRPI{^d
zsJgUS9UD1m80x<5-2irz;MAAu=k^4+mw<{>-?u#gA1;&+O69yvq&2FT4XP?e?_q=L
zG7)+Y8#La-2DSIFG4UQ))E@x}t`-SYlSc_ofCM(EB)A_E*r2*h<Pb<;gXS_38`Kim
zn2`WF3bL@xy3Eo~*`!4K@ENQq+$!LH;3_*I(IUu&o2?X(>Mj2)nHLU2p{^E?m9cy)
ze$P96*9CdH*9-SMGwH1pR`x)^+C1D1$=l$dfm!{7_UKnS;AZwKz1&}}hta}V%1%u5
z@_Qnr7bv1*H~>Vyvm(o(DpmJ5AJI6V>K@;M8ZlT{Su0idcpQpiUjaE9in_-MoVfjE
zdK4?$V5S?MJ{^N1VdbZ?$@uB?8=rE)gQsVOnXk~1wmA=di@jsYT|l`fV>Cj!&-ypH
z9ni>q(Z9)kiGWnUl3OKF%p^|6$bm^z|639cXp&g-Z%I5SAn(9XNhk~1BIvo)LNT;(
z2#n!R0ojt2f0^tS>;_}7!N?eBH*L?3RJ%J_VK*V|#s<}?@E!p76i!xPo(f-y_RYc6
zsc>bX2M8<sg|twZNO=O6{zplvy)!2#+6BL0<a4YPExkBY)y_W-s;Z>krX^bY<3QAd
zP#4FH0I@~lQ1->k=Lf*P98g_8KNe_CCK@OE`-3P1fuU%-a3Y9=q{#}P#>e|(DC~e3
zAFJznN*GMvLbIC$W7A}Ap_zP6lqq^Ia|?|F>YF(nQ0^J9G3^n8S23{eEorfXrUV!Z
z5kmo)R^#RK1%k46B8v>+Url?1>}97zqZd$#R0ePGKMlkzk=ZD5DwN`YN{LrciCLn=
z^Qc4+N{P)u+%A!@`YI((goF-gl*nLOiAy9HtFlqz>jJ9rlfJ><0kskxP?Tt6Mv0rC
z#40PFN`O-#;++E0;2M?qxS+NYkApv|hU{f$VxZjPjHGvpXnF{OswRQI9&dx{_IF+v
zQjcKdP}hazghKGTkU~xHx{y*K)O8`XAk1|k3neKQk-09!2F>*q4ybR-utIB%AR;t(
zry)-X$txX+%EpPf+@~oRsEQ(-%HZ@(CM^VH^J7G_K_i+2ifA_0C|Y<c`r1#*e8;JX
zSm}IEXv7AUu-*Oz^jiaLz@v2T<0Y?|5L=+;A|Zlj$0SXJv^Asd^^!E_Eli$l(B#Ph
zB~Lcim?!@b$Wf~07zUzR6F)(ydM(s?2=%6<?+EqTzX@f7Mkogqp=`_&ikiy7%}z#B
zg_@wIN`z3F+WK!o{rPV~*`N{10YxYqvxGVYLh;gkCDbt>>NF99X?oZt$}hpY&{WKt
zYB9yvT0p1xY|sehfFhKQH3|hwP*(Y!n7d<@Hb~JzT4hsES!IC;@6#%aH9=ih=xos{
zby&v$;<8!B$(9Y8Y&oE0%f=eBrL3}6%R#Gb&;+eAuZ8HERvAe8j!+%{O(+{QLOGxa
zWn-35w8|n$T4}0O6Vz0-7K)nc_HRNB`Zu9$&<N##B9x6;LeVPgwH&m{94tF16Qxxa
z3ZblWzkd_z@P8A^28~b-C_>p-qfoF)zY4yx1gX<U`b$7mYPm*1t~xCjR{}cxTW#t8
zZ?(k+ja&{Wa@km;Tp@)zS~AQ|uyWuO&IVOgp^#0%fWq1!t2S%kGl*etk@sjFZCkX(
zqXircP({o8sBBQR#k`lwYbmA1d#MUF!F#DnHNktSYC)KbqArx!+58%9IG||5#u~K&
z!Pi6ZOC%PyluE`UkoBfuz|NEgotidFf^$a6G)gvTBy&KK%*JfVvT`ntdaMPAH#YIB
zyF#zc-8eQeJrR6>mF0uwD|yN;#M;3t7**A`g|(6R4~V?ou=;pltVjAA42X+B9QxJ>
zzuEavC*H^IlgRdWValhPL}e`7fBHOxC-D?E42%Mi(+<RWne;xBQHl7zq`iOOfoOa1
zKIoo!>-10%l_2u3&1Cn&ENQifr1Vggr+!+{#?&Nf_Ma%jXM}ScHMY8c_6V$I*;tF8
zGui!{Vox2KnShR&=2IPcS<ZMx;^XQX=2pWa@V||jIo8*OkwY6j$Eq=wsh(rCvBo)8
zFnHPfy@z|zW<*893N-eCPQjs9!6q#%%S*9?ihmgoBjB#qCpE6k{RMLdbx>W|r5JQ3
zj!Jn$g@s+#vda>^!}Z{>!Sd<pOn3|if@6e}{rU2TlYN7|Fy^yCHD(ODVglk&m$hYh
z3c??5gDaA~f?)`6gN@;j6jrsMy&{RBK)@TgX3lKPec6?mWbC{E$G4k;G}4C!R7MI;
z|4-OuPJ86LG|@Kq0}zEE4#KuFFRbgD@ZJ%APJx$QlgJL)NB>+vQ#*IU3jP7I&;AdP
zefNKWbRsrrs;mu~D(iq!Wo^u^vOx|?@=8$}&8h5$M4zB9RJKe&4oS<(6PX|fDtlHy
z<%S7TWnT%XR0h!h7FsHy%H|}pmC7m|mF0+bRLpY|X{EB=1mqY~IW(&5A0Sos50EPR
z2S}CKpi!9(8kISqsLaM3mHmi$pE9YHoV+i)7<p!~*D=rY6VcGjgO_GTe9By)3Cda`
zgc_PvgD{=V4@8q{_TWpLbLj?;VuMCt2NZ#A%of;-kHE37_^7OAUi=O0M2N4z&25S9
z2jk*AJmrgV2F@nD_?8wvM8}`OIlfmu21n<v!%O0J{Mk+<3n5k>=X-O(Qa&XaON_eT
z_tqT`;u8?#|Lc4A<0)U7L^8v>``#sZ%2%ah@fE!h%_{s+(G;d*iN3YISBj_nR1kmb
zkY|H<@I~MI6;JswxcV+}Z(rZrjHmn+MDx-FEJ)5A=STAQ$M<;m!*Rx`a9mW&uR+@y
zo48<67%>FNVCA^9cd~rts!e%zG8Mc8@N5BT(B&-vK9-a8t{0H?p?tSw%D><&G~!s>
zD$fJ)8k!&v9(B-xSsDL!v^s?#R1-8FL@5b0LFZyYy_WB2g38eY@i3*OnxM-;6oOzA
z^aPrqCnPa79V1PUjj1Lm%_gXnp;q@#v+1eEJDQv{o1A*SOH;E+V&fEqUcSru0N-W#
zt`P60Y1tyoUBIlH7LCz$>88cTnlvpJAnl=tMQUgB#-?T4)mQ<sFw?a7S3{2_kf6LT
z^thQ#IS8f4`=Gi85K527gDChg(&OdOV+r4($Hh=xHQtpT7lLR2K|Q_zJ)R;d+IqCH
zMm-i_1zhW~81Gt-6?_*x&X(A0J=XHO=&=FsMvsex+18`RY(3go6FpuHJ#M#jMm_!l
zJ=$2K9%+wxSR*a(FZNgr!q{Ua2xE`+B*Y%`K8f^5do0GgvBydf+8$dS9+jr@L1K?K
z)~LsNh7x<ssc+O{A>T!hgCsUvk0tyrdaT5|(c^)_Z0k{DwjOP)i5_W>3nUub9&M~q
zk2gY(b&#NZAoTbp>@nw4(PI@%un2_G<1`Tbon`9r2H0aA-(iodpvRogM30YvC;~w}
zz6pD*v82csJ=$2K9xE71^jM2`ZI2Cn7d?LXFM8zf6lgsb;oa!*8)5EY)oYE}dbF`7
zdb|;O+;6;FuM=3Wv@xT{;NfMMZ5M8~>g7X|sc;p*X#$=~a2UV>bT=*)@JN7ds{F3O
zTKL=t1muK7`Ji+vcoX0X0XbGGAA%dVo8>~WHs?Oz{Jo_MPFbjCs<EYLJz9n22K?zc
z9!<ykSaNug?=8fGQxsmj0bnA1gzue*r~L60plZA&R^!jNgl@%crl%h1t0Uy)x8Uy6
z)kpc>PCVuB;LD_=eQyDt^4&okKf(7F;VFL;#CLcZdJKpsK>XjaIbjYx(f3B;veWWv
zq;n03XYrKdj@85~cww_${w@fc&5QpB!X+NUpTF^xpMhpQJ`v(2PRAeB#8&d!6y7kK
z%tQ0MmQD0+K;Fy`ysXMcqT<EXe`qb&EQwA8m*1UMC*K~EuYIWcd(xfMzHl4lerR<#
z!U6T(d=2v4mN^{pqQpsOpbuZ#nBLd!V0vG>1L}S4>m)|BuVzb6bUtu{ot8eIV1s%u
zw!a9=7PZH*Bb4so-w48+gwf(B*v>Y49GYqp96GYyE&-wa<R_AV?I&$a)o(R)+#;N;
z8K~!K=xAel=;&Zl?=>d=Q|*NNR^nqzhx#9I=xAf~1Ax@OXoo$-E?<(44t~^uFq_=H
z;~TH~D8f4nH9D_L!tAgIVK%uJE|1KHb#k^=tPN_#s!i_42{+|eo7{7s;Ng=KAkc&9
z96t|dc1lPrPxtln@ue2ToaOjALY_@{OagPdX8Bps`5YT-G(n4zQmgYhHm5Pc=Y*4;
zKy89HrcKbnv<W((HbDo}M=KC}=Jjms-jw9%)s~;#A#*IU_>qJ4R5?wrh?L61mdi_`
zoZ6VlsRQbq+Mvm43yG3dL+8}SbWR;i=hOjpP94zB>3hg&cS%m=^!!$tQ;^d>f~mqk
zzq88e@q+bZPG>|pwK0=Z2h=&$pyO7~_?Mj8n9iw#>6|*C&Zz_HoT@WdmrGj8ezf)5
zptgQYrY?go$vF|m{b;&*xDrH_1ZLGyI~Z<-gK<E$O#e=Q{3?jBvbl~nE4+;1_m_`G
zW}+6qQDwr(eUsj|!b*2ges4NAybLEsY>+2Lf;B-S$k{GA2l5nRoiDNS__lHroH8$_
z;E$(MYRbGCgc{3o%G{eA5xJZ)F9KnPuWKYC+JG5v+n^b~I-m?+ZLD$l8Z3u|ttDc1
zXxJFx%CEwzNEP>EkQSTxJ6f+iJmr6-eV#0<fLP^$zneNyHbqz&+MFnJKy6+c%mb&X
zNF@@Sj$T(J8`I|HVA{MKP@C6965~Hxt*hk=OUO7^8x-?WC$z^r8L5DC5bA_>$h#1(
zl_<D{u{`6qSH92&&0Pp{EirV)Y)og&!F0wPP-n~mb-nS_C7`t|k<oq!{~i=i0|;IM
z8uCc_lOhIt8oUft-J9%y`iQv$>N3+{9)g=PTPJbaWoBbKYYwKf=72hDuUX2{n}?&G
z#zs3W?GkKIyM(X^xqbYJsL*f?QRDTZ8l+P+H(5KN&aDQW+`c4n+PSqcom&UfxphFD
z+w~ITKP~hf`NFvoW1%*va~ts1(r>JIc$q4^A`h_VodjbT=SN4xi$ItTNht_@>aLC-
zbcZBw3J7RH9b_&6!Ln8^IbI!Ulz)vxHmD_19g;r6Z8{|CmVjzRSl%4|Vlt$gA}sw8
zp(zaq)TN<8<g3y4N+h^l8aAd&!@+cEIG`?#izLQ>md4fch5bE~cN^6Hf;SReV*3ko
zv24B0I{oHSiH}QP<sJQY%71Fm@t+Q;^`SvWA5Z*?K5R_u!@;yZ98l}yssB?SFUl9k
zf7+n71y$-f#VGZz$R$htJqha6K?l^i)S#2g?f;TX8`HUTFr7;W)Vcij|IFp@^2Mox
zHfWdnt5WJTM_RL&TaVfOLdm*M4_rc`hu_ZUjrElv%%vWCKlcBKdk^res^owC+_&DB
z7eWXm)IdN$niz_rA{smPEUscfjJ>b1m$d{HBZ<65#NJ|81dW1XH}(}<>|JBqweH5%
zRo7kD|7XsfxtU4A^X&8ee}BJUp69-~^Ev09Gc#w-oO;iV>Xt8hkzYU~|JEE+TfN3a
zeuIhp1{C>cbBf)qem4#=rL4h7et&?-Z!A7FhvYw^14IU`j^v^ZhtXLfbXrau>0xGe
zh(9G~A!kC%Tk$D58kAFV492JAxc!rzr{pwqO4RM+Q*!*f-@iT(F+t<PhD-Pp>;h76
zPTu|2nCQ`9qDKRY9u3&pD3c$q1e^6G*@6D;=UNc4A8r95ez^Dm<%esDfF8XcZUYhf
z;Wt@Kno5s-kp`vic|ZI!$M)j|`ewSHb(nBZq!Q}i*C*kR>BJ-rQhVTM9SkUzDIiTC
z#(jZJI8E~S(#_GBXw+b$Q3HxbXK{+%Eps-97|Yb4=)g-`&#@<wv;*OXNLmfX(i%{t
z70^g~Sr5``Or$lKNNYfm_R6(Ndozd7ASEtw4H{`za%^I^ep+^@msW$Zv<4JuH5ixe
zlRZeQF_G3_BCP>M+Gl!_793~kc#(<&QD4@Fqom_SszJoZi@24M;rea`A1^YBF&eGO
z@gf?F<uxGW^(QL`NG>X_W79ZEGx?%H(Kr~s1IAQG3~$c8?iONLdfj_+O5>1x-0L==
z^tufwr6FJibLS5~Ih@nfZGgt4Gz=!CVL&O3qdCRyHSH9gm-M<dD4OuS?t|Iin_jno
zro}g)NGqU`_9RYIORF)F)?gy70Y%!=IK}SLF60o?;%iW(^}X(ER645H-A=|Z5!OrR
zzZ4$?V~~S3sz8XhZ=wL{b+;1%EqHHVd9d>K&8&Z8i5e7+ytlufV|Vtt$vSJ1VEqiX
z&Sns?b^glnM{Daepjf8?rMv{B>9p8a^jZ~FQC(gdlkzf{l$Qaeyoxx*?&URD=Oxyu
zLD7!4&gZzijCBfVtkZxZt$@Zl-{my5v>Fp>4JOhWP^A4(S(P0Df5{=nIyETLdg~1C
zkII3x#@0#m7Hwn<>taku=l{7wU}^!Msk9zHpheM`h+;4i#egEp6vaX;O5`ysk#qfa
zY?C!0Vw<eyGBq}7K(R>!N+}6wY;s?1CwyF##zZuOiD(8C(e_`fO&+E55}VYZl#;i}
z!&ybsxs?1ENx*dpl=JfpDAEdOq&=yJg4CEuYcP@4fFkW_Jr$&%6<Ek2#wIl=(ncOr
zr4!j?v<Sv3qv22eu9!=s4%*!cjGJ%+iV_5*w;^IT^aww$yQ3NtB^XSUU_enqE2r4q
z4L#2xelQ_Lu0c^kG-*nvzZ;~aW4J!mQsPTfzSC_$ky5}4E#(jVxURDr6DbWQQW{XC
z{CTZXCV7&{bh<UjQu;~L-aP2)oHShz9lPP2gzt&Zg$hoE6VhPAVqR4e&`7&JKdz<K
zm`H0dk=B4B?KCxU7JDdf*qd<(?QU2kWvW4z*3WRXQjzWhd1!`XZ+_CWC<c@w70?KI
zWDi1WOoTL;2x&kO@|d*>c^Ze9+N(h+QkvJ=RTpVIuhqe#hu<wuy1jT7fJQ2`E)c$k
zRfR(tq<Z7Qc7RuE5Ho_|w*c>8kaoz@v{?8Hz;+E{7AgD|^D5)HDWob-Qz~J03HFXN
z=%?ffB$g_eYnr;FS{DvL%=H+g*RAVehv7(oe`k=CL4)FOGQimnb`Cgb2=C|q|HL3|
zMy>CUVyCuLgK?Ys3df}3w+xCkCWUD*DNF-OVHz-=X22$lC$N7Z(SIi_8kOT`KV0X(
z5TstH#`|r*!~I|It=0_HM(2*ks#-92omJ6Jg!BJUv;^!+AnED+V|wQ<dk^oG@B@C@
z6DNij(aid94349S3wnE#7i<u)xWO_YOx_Q-1oR7gGPRt`MvR#Ot_H<_=Jr~I7b`h7
zc>yqxqY2fSjM1dX`R5MI5Touzh}}@0r8-%Odt%Hly4MgP4DHTOdKrbGl`6To@@r5S
z@)<QzMvX&!My)!d4xQ1foTfJg$>=)<jpQ0M8CAT5j4p^Ws>XdRQ5_K?QBfFa(_}Q4
zL6eaNC8OLSQ1J;Io17mq%uvU%g)+ZrkncCP<36_W2RJg-Z?SQWiH#dfY}|li;|7dv
zJhuv;ptzkgBl`h2Ma0=tjL{hB{3V0EooS3Xb-Bm!^m81O2K$JaxfbiX#V<py%S*Bk
zVL7+B4R73I8Mox>9Eevy9G!p;d?^>dig;HH^`+eMno@ohcFB|Sy=K~QZUgl}GIaKR
z&D$Uj9GbZTcF=))Xd-(H?(5#cJv5Nr1z8lo3j&gtoQ$2X%|wXA*?)toL_H)EEZOu-
zOef>p4_r_ox#UUxqN1j%K*r$8k4NcMf8aUIeF2HL<QU{q!M!iZ+7A)FYM|%08TWBX
zF76d2r%O^}Qj!Lfk~E-{qya@PmwO4EP2<dbHC{E)m*ho^`I1~+>Pu2%QAxgsr!VE0
zz9d(d77fDQh!43k5&P$#w@LU=7i{(m3F@IGKAeJm%_r@ibZ1P0B8Jo6t&djYBiP^I
zXX^cFcm8@nRzC>jDg1b3Zh+_dz^5jb<0tt5euACx$+|1BSF8l?bw6B<t3YJ-i2QBi
zQy_l0FYPu)qKyk^%h*3_;hTTM&#Yq+dDkF06D4{EuEs4BLF)2LlWvfsRB(R{zFhth
zo_jDzEiI(ntGMt$>hNZ4;KN1tv#!Un6}TFYS?jaO&$mvye%m6Q-uP_y{<yi5h<PA#
z+ojz~BBp{c(S~l1k6Ytv9D|TnoX7SlPFickcfZ%hp?%z>WgZ{;FMJFJSL1U*a`S#!
zcOI_BAziXhz51uD%in+;Zx7OKr$%k>Hh9Y<nENSSaT<SZ-Zg$-^y}n|`;`MXL5Vj0
zIK7BYc@>P@)`c79{2{NI)1pLtua!Rmsxh%?gNaQWP;A<OV$(&mu#w}uCR6@1a(;b7
zWAXZi24#K2V6wh3T&-_ZaOz~<@)ZDAbRE8mI)g*VDK`E*IydQtq{Wt%IIpx_IU>z~
zH2$;HD@`!1v^_bVR+`2{X$BLe8BmmFK%=yMIIl@cX&Q@_ra@7f!B}aPT4}YMx=~uT
z@A?^6gJ_K|819vDHAnMGSP)sx%{?eVW1<9ui4qJbN-&@(A$Jkn)NLxS3(pzld1}!-
zVYl-)Xi*+e@nqRbW5SccgeL<EPX-j8GBj=23<X`dFc<A4!9C5;_;t*x5g@RG#IIx4
z5+O4(k28DJ4U79D0-7%0^Bj{recZ#+VARa{wZ-%Q7*%1rws<|G)Q9i<4nZ@q^EP(3
zP_J*4jw16Y29!RNfQH9O{J0q%X;3%CPjF;vL48wPLK`#a)iq+re@^y3jzTg=pOY>B
zY%!`>h1avolUu9iI1>=3F&*^tmLQ<6qI+>fT}3q}mS8Zk1OtjC7*H(1`?YzT7cD7?
zU(;AzMKvf@)L>FYA#(h6lS4UmQ$@qAG0OXqL#Wg0tLjM9+xOXWW)S$Fjl6;c^9uSp
zsw$uNP*pT03Nn}|$bh0C0~!T=!Fkb;|H5w~$FH$iK^hbV8H^QFqZQ<OQjq&E+g+FV
zbY1jV)?Ax(<=4UEbzrZ2`OvgG09WIeAROBFEvSuO1LF4Q)9y=Ljc<V1_yruCj;rz4
zuFvQMdbu%C_1u0mHPhcO&HIh~je8}tr=o3YU6yc-dneb)ZHaHq4dJL%)Q!(i%nZUe
z>?-d-gf+R`JaoB-b2u6GiUqwhi%>n95x(N=0on8#bfR%jA6d?nZH!l!mg6I9zofIP
zr(nl8?#qr124{AhjCYqn6u*<p{|zs5E#VZY|J!$$pv3PAHz2=IY%tyxE*Q-r%0Z!5
zaDwC%WLLPx^saE1`D_P#5&`V2I5$@``_82MjGv|ySB@VSo_3eT2L6U4x{7M>mdV#j
z6)PtU&3%A3p)^KkHWvL0$#*D*R!$mSbb1wD*wWa@@_fVX&>dsseagN_PYRbJZw(H7
zDM!;Ox%E*f2ab)(l-5*NRu1+BQN1ET_r4&Sa32>$8we?g;yYDARD+O$XyX)3K^Tw=
z!eCqwg6V>IixboZp)pes<yGfl*adbVKv5-(XXkYz0m%|qPAL!9>4KGgl<e<{c1Mx@
zj$=|jE2j<*uZP++Ht<Hg(d|oOzK*%YNM8~L<B|}J@{UVFgIp3t3$IMNqjaL%mgebP
zB8`oBFF7c`VDpp#{hPf9qR=I#&uZIjMOXvwH8}7aU+9qlCv#rpMpteh31Bc5KrotN
zhy~Cf3xMEo8Wdm2MMdogd_j4*cM}dEWsur$5AF&F(ZC#d2SEpnU5J-QuVs*CoEmFz
zBJ}kDpHaLv9+Dgu&coxcGDu^}#$%GBN)89uf?{v{V{$^c(H8hp;JD6m2RJob{tiB}
zPBBhT_9@vJ%vRi$aD{z(6}xb6P`@7^#iyAqiV_|Q){kP)XX8P{ESV6+B&9T-fkV4~
z_#o}7kyzuI_?+L#_z-9vrMyRSjLTj?-+8B?vvA7jN#JqgiP6L4_zJmPRem*wGq0?t
zz#umw_e&RW(R)QMzxgG2JDy`w!4-mBS$=94u>Vy!IBf~cNyqH}A|~bPi!C_fk|Yh1
zUC9ZM$+bj0=9gWMlg2p{3U0g!udiRz1uQ)W=M#n}KtUtck2oiOyo?I~)-gyPfD{y7
z3h#dS<R~Uhr8cfgZd7s(v{6afJ_tLZPh8){F{n@3_z;d$Z^HQpH5B9i<fse{`zr3n
zTU$Fvt^Ug#TX%~zCau1~q}4Z|wE6~=RzGtCn5d?FcPY!hims-+2lxHbWBj7ttIPx)
zf!OeH(BF4P1tfW?gXq^j42aICpGnqWyq@(wr|H+2cnMQuBACHMFawHU?VKVt2=SZ~
z?!(>i6_t&rMdd=)-0*17FWSHeAsbqQfzbv=BBbNL^Ykcs1x1hN!Vn{#3v(+$@LX6W
z?!m903#*}f@agBmnurkoYB)`rnT`4LYcu<B2yq?{9yF*14?l5SJ9sGGAmW!&@PmhN
zcNpVPM#<Gf&UM2onC(~wN%17SD=7eN1*cTrS(<?CAfhBa*l*vcSOr08#?gO!XEy7x
z0#DZuNJno<2uQ28@tYC`6jRV(YzlKYO>#dn;i@q)1%rtx7*JHb2d7AGH&!+7{p#!{
zN&)pl($Oo58f=iwf(DeKl?F)!B%7tT&Z?oO`l0FZSz7F^13}67`S}(i#E9BSop{Xe
ze0qaf(UNOSBsZ8yZa|Uz9Zs>U<k^qFRq?%Gaou#e9|Bi{XlUmla1#+S1a2ilYQis^
zAoZMLAvzEvt_c<Qb=HJx+)GWUqkE|dEkp>D*$pFWB@>K`$Jc}uhj@1<tCSj4HDM0N
zwKd^LM(Ny}&S7*rvX6(+#T<ovbnLkdDCR04x%jxyhVbLM&@?86W-uu<1ByO|bBd<W
zygo*82-V=&GiXo`*>C2^cF115IuhLv+0RqFM??0ITAa-orUI#-kk0vf@&khh61ZM^
zg5SlU!ML6nP;@8YJgvL+XGA6MH~X^J*O=(eV4^z%iteUziqte)TdL*|zhgpdNrSAr
z$SWMlvB{e1r>D2}(rPf4)_~#_1oX`rs<$t_(>YCVDZ+sUg#+(Es!&k%8>dHj2U1I=
zCJv;T2yq~7AYxm5gmduqh4ra1(Wk*gp9U0t8c@0i&`I_i>J{7%7B@)`_AFL{Xuub|
zqcun(z@l$5nm`bX^ccCuR(fn^dWe6lgJOzg6%Q!MszJn({b!@dQgkiTm`G+Yk<5T1
zSz_ZT#qPDNm_vNwNjYgy%E{M@F&x`l%692!L$U^AOEI8Wih#bc7fYGSX_6H$5)L#d
z9QaSd?ZvTa9;tpObkeBNK9s?O3EVlouJ3wjFkTjWh-3PS!A7GoQLVv5wFVT`8Zb7R
zumXo(yug`J-?6?ry>6Bk7V1#a^}kP#%+hy-TgV3RJ>d*}Pq>|I;Jcy>eMh+XLEQ5M
zQZ?@58MaZIL?uZo^eYFM5KDy3KKg*{Rc~RQ68AH|O6JNBeiw@^4<+0t`_4vW=U<?h
z#gEhMK>PxQfb>>{%tUKUlwvSZiUCC_28@-Gr_Bj-nFFe}^}DAB_}vK_r0<#M*Ms_M
zIObLqbI)|Y{3Za8W02~Ge<Aol95P@)|3dIln07gvqmt44Bh8l<C*64rQnTjY5-zzH
zgQH5QseWF1tbf(6hKPMp(`nOh3y65ruY0)j19vsJkLz+P5#j<W9*OF*_k)vXcGkSu
zx-}@)?Kk~y!?CG!{k#9+z38A`$tX=Elj(#{0DP4}@-&|H@mK(_Mb`E6(`DI>u>#%#
z!mogzj_J4#BCrCU?>!Mme{32tMU}{Z2k-foqy_OEJUFnoFfyum6iM!vo>1}@%(9k<
zM>G9Po`BMtiFhni8r}{){me;HYhB-(>0PoKBg!_4@pPsnD$nV&qFjBWx*wP4t_;%1
zATCb>#^rewM<rJkm*<HLQqoa*ZU-xIk0Im3)5A+%rotuS3@Kb9&g8;v1`!u-I|$j)
zUD>J%w~h!Y+%^#8sD0t?v{?^@t3gw^2XgGr!hIR#*utnUM{pTF1;v$Y-kEUyk?D23
z=O}(0te?o9qY6aqIch<O=V+#T_8jfFk3GjBoTl|0l}}Lg$aB=-KK2|<AhhSG=f~;8
zYO&`K(66=dimb-Oa~MoKhXKWN7|?o-TbKjyIZk5Fp+WK-{?pH`;JyA-Xo}w0>L5Zs
z{ao>+D)DL%QsPY%AWd@{5mMsCPpJ}bWgh&79BHgHXiEGYrE*`LJww$<F#g(e6NuOZ
z+dv3I6;CUMYKahrT0z7nIIAkM6vL1P4MTfyY-;{G87h7T3~j|9cCG>uGgJ#g7;2#a
z(NG5w!cgV2ilKWs3-Y?L!_%N)=mm})*9n)WPZMUgh@`q4iJ&0+<>?!RV;GEG1%0E?
zfZkQmHwt&)sMM$Mu7bW%xCet%38Zh-Wj7?33Fhn1g3H{NTqX$bG8d7{Btl$f?UoTo
z8{^^FWg0MYnZt2fQ^lW<WL<iscbPRryq4)7z7JP4e5)uGzuWNjOlkHy%pNvTjJGpm
z!=tf!yo6(rlPgTjP73b=xaroNg<O~fa36qk7^Lb@ST8%t<ullpdlx@X?OXkqnGt?!
zN`q8t-g#*-E+`FhL3tkAh{q3@$A9$1<CZ<~Sl5+DpIGs8NbD0%Y$`_~7ZM9RTZ1C-
zwG4XIkiaFcz*SaLV&7+mM~3q;$9amxuVce;+eGT4{*7;A$Z!l88_qb6>c4n0E;~LX
z!`Ylc>PAH;i@XoVec`rIsx+PK-7=j}T}Rwpl1^vogz6R${tOU0p}L(3e?oN&KTEA;
zd=|))3{q8&&jQh4d=`iS`798Pb)E&1r-Mn}QwbAuc{=@EgMN*H4l3ye(wU$djQP@F
z%$EV>h)tDwCtv>H^WrtEEIRnS3WQe{9eiHPL`Vmpf7+9>epJcEOldG?%7Dz2#yXku
z$|~P3Dpne%$I8-RtgLPzDNBPfUmA@0G9dG%u};29Zlm57DGL)=uDk%Mji_D9TzD0T
z^LSpAI`uS@9^MA?Y-W&VL_B!SElKwu?reDQ;pEWpMog6+$&>kHjEybHjk3RBUCKR=
zS^3rY%q4yHVfV^NCnq3=7oQH;?+Qi-?Bg+CivECoA^ZXRO!$u($g{@&593^n{cA8*
zodH>O8tYVDbilsw;Sbms!XL2zLd34Ovp;bDhN%TTF{QznDFZT78dFU91NJ%V=zx78
z`~myI6rC1S-xE_;_QaG1W2OwqOleFp<qy~wKKuduFDmy{#e{cX&7413MeM#FVvq(E
zvE^$pX3Bufl*T%lLQ>g<*m+Qk+#4THj?69r(N08pFf)7XW0-n=2}B<pW=?Z?tspK~
zCt5vf=6P@`O&Qc`OuD89ldh=&rE6+H>6+#!-@7<3>TX;xI+wYKx}C(!y18h2>t*zo
z)&wQd^cE4)k7_0YEwbMp`vzB8KNlloj7dBh<U#3iYEb%9;cV395A_lW<w(2d+bEM4
zf)c-WwFggX(|9AE0XCqpBcSix3p+LZxL2#Nqd{iJ?`i&pr|4w1*_ABEMk?19vE$#M
zswCoh@J4S?HFDx)Lh)jX0fjdK4R4q5<EHDWLE-Ju3$Znu_3C-U+gi>qi`5W2FG6p0
zu16CQvKVkDCr%x!xWoiBY~0T={q&uvNP`g@em~q<%*7Z^H9BkKCPrzIofrsrhC_dX
zLFy{|+5PYVD02>@evJZpL|{n^451agqmpds!Ubp{LN*J(^o@EHUWEil=@tTD{#*F{
z(|J970TOC_2A^7@O$z5SNQLhGKW$Rz2GS-40jUVeWRrphd6Pn(+L#MD**{3K)Ye?V
z;6VaXThkTvZH;?HwKbJOkO!?{!nZZ@ta0nhITzE`XfSqG24rWYu}){@+nOffgW8%_
zA*ikC5T>Y4bC1$!>_MOIi75@nOc{`w(wJh3+M0@2m8PnNAWhXV;WhPqPfUH-6H^+D
znKB?Vr7^`6wKXlm2emcrLQq$^_%&{o=@Ubr^~BUqJu#)hm?;A?QyS}J3igI~3G{Y2
zyeIIxo$;Q)j+?^l=i}}ZT#J6h(Y3qaU_o4qDzKOS`aSUu8%_va)E1<^y(i^PT$yr<
zo(YokzRS3eaV>I)wEXWGcM1hOAEeIhlXZLITJ&y^x^+m_osDZzN07Q@b=IwaKkh#Y
zk`o`xx`%Kr8cMG;?20!LQv2Y?XF5Mf{nne4*d|C#kt8-l%;~6jiGRG^%cb5Mnsqx2
zLkgSYeFv8)-W7uUdJWEnABelTxEd<4VgEkdbP#bQh%Ks<?vJ<{_64yL*?o`8M>}R1
z8aZ5^C@RN?NpLl6foMaA<1I;C4cCEqahtU3jaLyG{siLRcrRhbY!GjPScIEriTE5u
zdZ)D82A5CmCfs~T#I6Wg{a3sVfUDtt5QVa=djVI&M<DJQm~~&{YM2dTB4j%SSHltz
z^CxB9wYYq0BXGw4d|VAJ2-&hv=oaE?xC6vFLqhi`u7<`S7})V})S+#FZgA{9e7#@Z
z==DehkA%jkz4i-X21L8<N7M$S5jDLwC?L6QnxOIP+(S4`z2cxT>4z9h`XL6Cen>f|
zNIups`;Freni7bI^cs}DLJ9R1+7CtPQXhfdx+^{mgtWucIGuG!5Ar6n0Yzj1D=0@1
zd24>$H-NmzqA?NKU?Q>sMdaCQ6?wOwMAo2g^WWykewEm_`P4nCBGILLbR<WaNTSQu
z9s`Q#0vgdz=f}0^8WYhCCZZcqM6cr%yO(w&hnTLI21Rswy)5}?WZGVIdcDkd#cEk}
z-}h-ILi#>!L`dJKg>&+AzaqbYv{Dck{UbfduQ8F|U?RT(MgGUvD*p={Vys<*s-HEP
z#kU(Kwqul36Zf<BW{|oDo&BtDI5XchrGD1HI*#`t;stZ*EepT5#2pUB$?Fx>M7$G3
zuUFI&Au3(SPaBmAXjHm{V``Jqn5fiXqEZ8jN-yOUyPMSY9AZ?eL8a2aa$Kv@>|>Fg
z`QZhGb<tswB>LO@D#r?ba9vWcR51gJi3w=*@gP60^`SA*hrvW21{8ff$|-i&$8#KF
zs+b0K6`RJQcUCcaZKRz=_j^!==_v06l{l5RhM}i@Q#1;P^B#h$;hVs>NT+e=Skl#B
zxkWOdv`7XN1qx_dqy|n?w@4Zj1sY5gXh2cmVotHU0x#zfUsy60(jY6)MUBuAFq6OW
zV6d4VHI0w~MM?oHprqIn-K}%xMo42KrNKl>1B#UQu2srb4l&h6gJLE$@Z7&ud1BuP
z4Ju&zlSKa^=#}la26J~H^6RF{%8$hM%{CC&l8>1X|0evAh}QuX(MwTZaK5IoGN7nP
zK%=66_Mjq-iHZy+Dl(v`=-0KXC}gQkP12yKh#ISUt)jTGs$|ilfjSZ2$v~Y5@vIy3
z!^X1;XgtZb98-G|jfwmQ6Zs7&^6$VYcCQG#bBHk!4My_&Nr6_5Ydz~bjEZOVlLCKb
zkm_=0V|5~<ey#%b$xjXaL#GN?;*wuX53wZ{UE(Wgkg*gdmYOp+>0aA7pcTN>%t2Xq
zIj)9_g47A)LigGi$m8Z9<#r8S%|VFs09;mL&5YhI*@DMD$F;N(uS(CMZztgL#O8bB
z2m)N5n1oLi?2pS6!*D|S?{ImdAC9-)7MCZI^YJw#T%PzDH|y=k#6!m<-PgF5o`HPU
zJ1*(=#pQ|G<56vJd1B=WN%tu(PyGEvOm&<j&zy{BaQTqKPD#4Uae3nUQ<Lr$T%P#&
zw503zM<!|(<6AbkqGv8lxyx}y&orgnE4V!I_C@$c>k=mVU7T`T;PN5cE={?UaCze7
zOYq`1E>GNfDPDEQ<%y3jOS!(6Gf{j+%2na=AzNLUa>wKH#Bo=p+zq%qaog1?_ckt1
zY;ax59gNEpgKtQ=?QwZx&W$N|HZD&rx+&!zz~zZ2Zce$s<MPB$x1`*<w=yyAwv^iw
zmk-(R_LRF2mnWK*;qxE3Jn{G)Dfb;NPyDbv<wmbyVx2qj6;WJ1WUsq0_{HUkyY5Z9
zk8pY7xChei23(%#^-$Vvg3A-T!uy?t%M(qHV15^uCti6p?E=jHdZM@$eRy1+*yHiE
zI}ev9u6!cx*5LBQr%$F`|EHLk^mN+I!$l!3(d#T2@>m=tkXmp?(tV5Tf^?wo5sIO0
zsuDk^;<{iMS^j2cVMyI^8lKt?cl6ZaK7qc+^Z~}esd@Oh9oOPtg47bco%a#0#h(VL
zse4Cn<S%{>EYLv)iG@3)U9t&32hK)fA!?;doV;P^lIP)vPB>V6Bh}P4g4*#jX-4Q4
z?@!PI+$9_EbLJsPd|%X#r$Gc8A$%7QA#QddVlIh$8a+QB<O+g*!{9jBIP`)orlIzK
zNAzlbA!^6=N0%7=-&^w$ho1-8uTV0@3&8DPf_1XA=d1W^5H|(A%jqPVDiD6B#;=H0
zOCh%feSK%=9Zr$<FE2hJnB|Ax8l-7+Km0bJv~dDb|10hWe86dHAFna-@dgtgZ$R<!
zA9IS`ef+l^;yYH-+0kI!*`a+YHRnL|lY<F<n^_Zxc-KWM2-$T}d@cfHwV;Lwi0gNn
zwtyfp{bK&a7o)=P6VZ~j1|@61&1^QuCPt%eAXJAskl^COg7PqXe$rjUQ7GBP^An}v
z0DyOEaKA)<7nb9>rx>LH)8fN}Ate(4RxCtfM+VUroN6LY3nqF|>p;Y!wtx^(J19Uz
zt;DQ#ENU%?Sk%gwB2i73QiDd+oj7)<sHFQAB)IrYW~iOAl5;(a@vgEkRE_(Xp(Y|k
z_iZ3zhMIa}NP~u<J2*CJOKrh{b{C%=4D%YQ0ueJ*3qlxbp#afP2NA+h<s!vUM^6lC
z&@hyLInrm$P&g7PZ^5W9|MP;O;befvYj9C8tYjv@T4cSr0gDu~LA=W`XqdcsG2|g_
zH&cv4Q0|5601*pU)u4pKeJor>qY|zOM6B(iwuoI*$uww$8>eD-YP$moF8*VHJwVvG
zScO4a%uo{u(RK#~h_<USVHRtf7Fc42+$){>TO?IagNC8O9NXGsF-8E3&teT#gXm-k
zgfP@j0m4uv`pGdvbs%Df>Uv^GgNC6idSs{#2`)Yd8{GZDw^%HS8L9>$3^h}LFw{YW
z*kjd2iXr!EPa0C7VQ4T1#2N}u$Kh>#-;UCtC024$F1!N`%VlpxDE%&O3Ho_(C`a|+
z9oUMWodt)~1dbMe6AaFu|2o>_*Q4iX)ogJ^VqiG<Zp^SVNL}>BCnVMh#{%r7!4nfB
zU3Ldb3>+=)lbGO_pxcSS+eH5Og2UM0{8BJ4MIXzU@B8yENsUPxWH4!i3@B}o0pq3U
zYp^Tq1kQ_Erwhi6^2^hwYo2&{x)KL3VR_oOyURG74q%F>y$y&m_U*0#QPzIhT0paG
zy^_;3URr}v=6>K`2X5lo=gnE=lwLghY(U9bKyqEN`ER32EUu3l<edH4mKShjJ0sje
z?8uDp?>UOsj!ah>P}mXBu(LNmZU(*@6n1Ffdyi%(9{9F1JAU9>ycE32ENvALGVnc(
zA2uu00-6=-b2+9d91TW1`N8Oe??hF_4n|*N)C@+yV32BV=U}v1vxS*cKNwxeQN7-=
z27xC^cBjS!0-<7!345dN9m1Y~Y<cmR#K`PiRJ~@3(JwK|SG^7*r0PA&(RI~(mN8xR
zG$vKgU{duAC{@pZrs}Ox>`K*pl`%3N*%?xW7rLeDWnYW5OTTf|GoVyG1B%57XsTW@
zr)m0v8Z=d}3Eae0@6TLT{?H#;_%Wd5ETFNg4t|`rD8yAygJSD64|e+-k?6MSwGum0
z^%5M#+n!WC0}49=8g_c~<Nl31X_+-B>`>KvS+f&Yy$)fAKKil&NAZP)D(FAEWk9Kl
z1{59zG(2w3X`1al8kEBFyFDJ^*uIKKyFJ1KP;LI9QbFY?&mK!%@JmrSN)i>mrqmLF
zn&KOT#G8@o^?s#RL=dZ-#NnnvFrZka0Yy*&ja6>IX&RrSK@l{X3BF8O<t%=bHh#wq
zf&nFG0gZ~c<Hya^n+C-U$SNK8D6Cah5j$d)dvJPo2bBhe9f@h!so|KWLC~PELsmIf
zvlCloEwd9X+YuoRLK_ich39Zira=(U@U)m?n!?dw#FK9jo_IGh9@`+i$Eax#IvBKD
zmIkm)V#K~dxRs;&cbB<AI31SlF84+}G<y&%x{8Q0_Weyni0_}rKF|AE?sgr)nD+e|
z6W?zz@%;uA-)}(U`;X?lbhqn7%@cRK+QGEcvYR;EyA#=MU_hy51{C8G(A2UOoTe{b
zad{dvwXE_ARm*0x4>7*qfReL-#)RhZ<Hq-EP|TWY*(GdmwwBcpJ5tLI;`EH~H=wX1
zpke0^N}9MS(x9+Iwd^6yPF%~HgdOtzmvVZ>_Zv`ZodJbM0S%AMoTl;p8kEBFzW;Vz
zo7wjtgBtQN<CF?2M|n66U8k=Y^j)WciIIL_)Q>w|v`>8T`iVX+T!iOO<eEpU(Eur2
zgz?N-4AOfL9y|u%GUbeDZV$7Qk9>r0XIEqPa4D|E$6<ESB}RUdc8RypoTNU+4;_SB
zsKcz|eK@5o`8a+CU?WjsBxWTy!<nXwaTPActfL{Ge<AG#zle|@5c0{VX}9@jAPOLE
z!p%=a+|%_LlfWi}Gwvc>h5Hb#12<a^0r6VbXZHOi<L<{*z`UyEpfa0vr{gMIgAl`x
z$!A7ioP3I_a9h^|OtiHVD|ZRqmBi>_T@rAKyRfY)`5=CJjexvo<bvdtTczD!a1|~D
z@gvl{DO6K92*jMv)9z|qg`+_1{O7d03RmHhuFseRiZ>12UbqS;c74VqU<i|dCI(ji
z7&Qx5!vuo4pW)~qKlkJAMDd@Q8{j7rDnY~(2{j;OBB6x>;O+eT^zJSYs5pL>vl>J^
zwEI2hL0&$t)Eblu<7YWf;MkoL37caewVF|~Y|q#r9Ou-8Tngvp%8GVdnRI{V7*uyw
zJU%?!whLBKk{IEN_CEw$I#muUo*bT^-iF<D3Y&g>uUzh;*DZ)<$GM{M$EV!TpCXl=
zP8mI$3lDC_xiyRt(|10JNr;26iZqTvs-ghb%U=p`DueqF_*9~AQG){K0BqTKNYR;H
zv1bS6j#U^n_$}`ZD0*!yK1{4~Y58DS?uxhZc9p_TSihgkO~OZ!_hyh9@RkoDL(ykg
zx~gZCM!zjH$A>o{8;#wyUxu0%ymbeKx01r^bNx$B#SB~rh!q+7(BN^<z-62cHQR;r
zaz!PtV_v$VB`TnBCluks9D{mLRBG@!Z@h%M@+p2Mz6`s600#XED({dGHFNh~L9e<(
zq-o4B!#HPOpLa`f6&}xJgAdVQZHC03%nb>5LT~?ej!LCpI3+nHOB?)aDaL8ZKK|g=
zKU^3kru!8dlYWK4q+ek`=~oy~`W61rv1ZEn3_f(MgNXRhvC7Rsotf<K4;`D+)X7tP
z=-Ay1Qi<RwvFOk-4aSF#t>&0CAczkg(_nn)m;vR`F%8P0V=mnKqNKZ#6Q;(ARP2|7
zYKik_a?x^73kbg)RD_b~ppX}GeX~DclCHW6#O2Ad>|a3C5wQ|Z;S3xY*Gj~NIMivg
z7tz#lfq8qm5LV>;iEE$ea=bh_(Vw`cK@z@%5^!5^J~UTdNyHV&$Y0ffAb;iE$!IQi
z(k7;oGjzH~6C#KYYoo~G!-}_ze3)OHDdH!oPRDLbgWhdL?hen9yF*OW6mm^<Knm9+
zBiHl-r=(qz#yVZoyBw2BR9utBV%Ma>PS@1`qR5`kr^nef2}ViAu4z0+qyp}AO$_cw
zVC<S0G_FZw;+hyUu8A>nfU#>*Sf^`Zkht%3O^u9d*Q7CVP2p)bB;8dU+1t}K$;sg<
zSnRo$L7b@JOCy?oZe%5sBP_g~>z5x28@`pJ60e1qauf3RqZAF8NS1~R;rBG?{U4r4
zY}y7-wg-Mz<0>4B<5~@Ib+4@Zpg$Vz-4JpjZr&o|WDw^M2;Eo3aCjGk_^}jidl^Eo
zoZG97{pBIPX)eAa?~cG#*f$xSYe=qjesXYht|1Yzi)kThzhs4XF$e$LgNtd^ptu+f
z#xCYbj%i$s24fdvKyfh|6c<x66>CWjy<N}aJJ9Ggnw^?takv+ni|-ipJ_yo4$!Grs
zO1=O;XQHE7I5ZVl;?5DF`x#f^qYQde6`{KnSK&1fCgdxi`wm9Pvt2{h9~rtW2O{J}
zgqUb+Crmyj+S)@*w6*hQq8Y+Gvv$I8FmY7qPQq3AG86PFzBRIn0$frs_mms*?j4f*
zlvH-FkFa55cNESgsYxZv@t%7J5$*WoO!g22RqO%kj?}~wdIi3kh}SbYmpvXqbwuUT
zlS&?-vo(pJr@}e}-FaJ-9XW?WOKM_vF~D|;@-%XJ2JwsMO8hGk^j(+u;jIA6Znueq
zs{n4)6?`1v-d(|$0G{3zd=KFDUBNE^KB+;-8vX;|hZ=+kVWJ&fkY$#oY+ry?B+AE-
z>ov$#8_P8eL0ff+AC3oja940cfc0I#>{bAqDY0^BxE(3CNy^!31i3vC^c6Dw7D1In
z_#)dEK{Z6Zji6r;)FeUS5eVvihvI)sdSd=$fa@{nyW00d((F%Nz^_o`T`Hn6HACq7
z>XLi?E#sErDr}4|Ze;O#%?`K<Uk0fie#p3Ua22q{M&Zdz|B-R8<0||;A0(&zm~ltp
zD*OcE8QlDvhz1Nw*BULcH3o|5iXoApufV+rb8o~6*|aaG@U;K%(gqypn~rCq4=-tq
z`Z<|jF>b3~isNI~^!LY&w$c3-SlyuQopqPsl|vje8hx6E2uw%#QBgY)7!~<Xy%b*>
zow(uOFxi81r8*&JNNP;_qXv`yr~#!vx;Ljt-HiAR6WsgbME}l#)R@M{iB^H3_&Cv8
zB4j$`^r4Z$Xy;|je>3y%KdsY71Rp2rF6%r*v6Ak=r$0`#h6v%Wz-dww8}sM8S`8dR
zoX1@)4MrnGKasiRu!u7|k+~0}G>;W6V$pG;hcHS*j`%pyV;Q6-%^xQkPHRfKt64vL
z0QKccCzLgT{lb=s0lxHFLBuDL1)5{tr>rq4J%dT<8BnxiKp9O$N0|2J%%%`;TPOPa
zw{8U-O=8HRj{#wJ{skui%`VysPE(to#zX*vi2w!^0Y)p8*y0_h^OEUJ4ax*Swijkb
zI!Ng|;)r>AIiu=w5Z|W#I~q;6kKfT~C*mD`N2B-(WxDe@H~$*0RJ|(1pdPw6-C82p
zbenMxS^Y`4ZFDcD>#kI$Tgz#Z%~;uvQc}mJt3hSDH<b5ex(_kx4|hZTbKa#?BK!E=
zi<{VF{pM)67Qd=*Kq+ehsc%d2dRKENKd#GKV^Y=zld?9Tl=VHFqH#68D&NN;wCWS<
zLxWt_{!R0u;gLf8gtDK(rFSoCSakpH#T%?0U$OnW7v%?_W;Y=Y?84>CU@_-&p1!O2
z`$TCG4e|{5Szo^^QDY4<O>aQx(eIAXpp5LIlOZYN-4lbNlOc&y89Y{81w!nt8bqxB
z1uUl4zs5xW1{3`oQ1ri$Q|zw)MI1u<iuJESscU`@$s4S>3dAn#lo;f-q`_EA1{5jl
zSV~{3T8Q9U)sB0qRmE4UT2)1aNYTN$6R);beXT-bDKscjWJjU=YmsPS5B3<%M6kzb
z$9?QEDy{(`9;2EFY3!D=&ejJXaS7HTM(i<Kh!ELuAIo;FmW>FJ?LkhHY|_ehpDMdp
zHVrC|Q9q(5kI~Gi^%%9tKK2+-awgMAB=Hyq6pta`Sj3Di_I-Zb*J5toG$s~nFtJzz
ziatJ9Qd@m|sq>Q7L4(?3e8-|&kI~GcdynxTN9p1*+7O34Ms_kR#$5;EAS_AJB2gs~
z-{;f*^oSY|v0=>Or2H`rqA&rCi`|Z6>ME`=QJBF*VFnb1?Z_#1uj0F^kl27Us0?WI
z$es*n7NcT7{-u<;40^p$I}{!RM>~(vsW1;xlFQD7{+dW-2PZ~ksf}(Y;%DgZT2f{+
z^d~P;))669u7wDxa{ICj6UaWrowOrHT;+<d@2qlFxR)wdOZU*6?_V|(AsRcC)1+Oj
z*2HQ#geqgKF%2q>?YB-(8asti(OA?-w;}tu$~`qIdT>06BvsCUBB#4S$yrGRyOtW<
zi=0h#FLJgLA##4n8FjaecR9ptozbAKO4CM1{MxG2ft*MrUzL`y)SXqS<aF3X#f?#c
zyX<V(LN!rGCx-aC)I>yMqR7{!RuFNCA5#%!H%^y$2V%q}UU5^WCaQ5Sny90D(L@Uo
zqKOMQP3qs<5<iDSOo?kym3X1YI&v$ce!%3b!(i+<U&Uw@awIt;6|{q?!m+G^ikp=R
zszJmmxQv-1R~s9B9b&{PXdyz{8QhBsif>UWs3JmCuu2JPRd9z2iH%-^N(DdksDeIh
zPF4j&80}QS?$ic@sltiuQJaYnkJ<(zRzVvxWjv~Y#-qN=F||k47*vy|Pq`XQJgNaj
zRUdMS-RsRKDkN5w29>JzX7TO#^LR$ZKX{M2m_h4NmoVDtQ4gRN=~k%hB=)G)M2JUi
z1`&JI4kE;(R@|mE+rcu7(Z*Gc7_o8H5y8gQf_pKpcDk4PReZZLuHI}G-8(T!6%uPq
zgGyu1_2^MQ>CvNBA^X^)<~fS-s0I{|T8qbGIh%=KIon7a9^ScSO3q3m#4;*5qwbb5
zl0%F~)nFv2^TU}XJ$lp{<P>|<e{*_WJZcl-P=UL!H=N80RxYhPk!KCZ0_@Lb<3acu
zm!qxpuki4bs!pM;G&dME;vd|3_VZaUjLl61_A_H7Vc`WVR3(1Gl0-7dXQP?0A4BZ*
zm^=~CEc`6RRT!TQlD`ZO-5i=y-}Qf;I1!WWFX1Z8&tk3Pp{Q}7Rq<f%nj7=3{3fh*
zlxF=rbIYNat1HV6ck5I>9L1wqnqV%?LHBB6XfF?)h{v9zM@M8se@ZKdZbx!gAPJXP
z4<ESgRd;HX&`$oT!|`R?8@EFyE0W>I#VPj$hk6aZnnd%G3@|@Fljg`Tg(jBb<|QJo
z0&(`B(6!<!G=nI|!onW3xNs4qDqa$0@*A4iVD4YAc3pv)_QFHia2~$!Hl0Ih)v(Zt
zZ`fDhAlN@Jct3$pWk=`7V0}b`4a@P$0*!A4BtNwLhyi}&rm+SY-x^Rlu^Oa`<L3!Z
z=FEMg$-RD!iOV&ZxLgBD#rh+sNah~5PPos#h?gGfRp9a?hvfEvs24CsR=)hm(O%Na
z85>PlZ6vA2Vo41sl4>xP^m<NGOR6!E)L<g10Y%cAl`uxqcOdD*97ql6@?-nw4uGUj
z7_8h&`e(+xq$fp^YAlx2fFh}YWD&8Xf8!*zq#6@R4JMKrP$d1HQ#57j=YD?U5bBP_
zje-W*St8i)GHRhk@)N`84YPI-@h+p{tvXleYj973`}y=1A|S9|c6VE=T}B69991^@
zjWgGvWbU^GEaKSS&gP**<{7F&f`$E=p;{0zL(L#$%RmPO2t!rdD2AFqkmkKMURGJe
z3~A6X^rea&z4Aswt2QK9*ex6$ol&zbvck|RPlMK>OCxdDfw<Hm@VnX#C_^m+imeDp
z{gv2O#&DY2Rx~EIVlc541B$JT=M=l!$_6?w8TD&WwBx_$w&dDK+KotBIgv)di3G}k
z%YY)SfJWM@IZZ9C#zb0!iL?e3X`4C4?$R#j5VHkNgCcE66QFB2HZ|5HEv%D_p%Ud^
z*p7{%MjOMntW4^q#KvGiF$M!dJ$|xNgJcXy#cTcf>w3_-fJW;E6s-$rwEhOCskN>#
z(YnDz>jo69zr!hZ*ZSuiVzjP7qxEESByFeG!-d#Gaxm-G_pqMJ4hv60+kO5uQC!Ni
za7j2Qdmq+Fo2YzV$(H+9AzF#JEZf(w)m+7CkYA72Y78hk6VT}FW?fgfUDlZB%wVE3
z1B%XW=M=l^>|PF`MY`B)X^?g1-@}{CD)V+nhvN9}`aGuCEnJ>WdmGcB|2SXx9cB_{
zaRO9Aq^<CG*nPGOgTAK=(B+?mc7Neicc!RsWXrvU3b-+WS3}!$zK(##LJcU|7SL!r
zbxBmV+CnuZ+BTSI+km3&kW=ig?ExHOEL4NWLZ@+TDjP2?tx?X>;5Dpm4SH=y3yIrt
zTtD>uI6KT6r+|KONfr_fDC!c>sOxu}rdF56L|q0Gbs139wL7QSU0wUDkk~ji7^~|o
z>^D4>WBa{Jf5{FAm!LY|$sjF;7QV`k3O_~6w{*-OvID%k?VuX`Q+AYZdn+(HhzH@-
zM4-*}lU#K~h<p8o6Ou_Tzy2zqQCsTL9;{4ZqBb3m2I=`-UcnZ99Z}R4GT2>h12}{x
zMq{;UFjAXeUcc*>h%f3yQb#K~+W1e5lAV&U_~$=v(*ofOJBGva^jWM?oQ-d!@p-Hw
z`aG5f<$LP}laJmYrTC*aRh$yJV*j};G)T0e_p_TK=IE0U@z-nw^ajZ9X=_Y0X)w{G
z0Y#GrjF;lGZSX?Hvmx+1@bR?kw2Fx9vwi(8`C1U2-9->_caZ|(?&9_!pjO|1Z2}Q@
z7yqD&FD@hvif#M;>v<}+?=E`JyV1>&eyE)(+>lLs^V49we_;!bNh1=>l@wipIRcG|
z(hMd_GoUEVfU(kC_5*0G4T2V4gwLjd>oR726fwC3KAS#2szFj#^xnFPNlNqLNX$XR
zxr|&_a!fs0s4)@8U?PqIMV$MTg5&X=@7F)UA*O}YpcIrZk{38OS!dy5cF!7&8pDOu
z?y+^#+$bp~I^FhTPGCHtAHZjmx-=N8%YdRT0gbx8;xx6oG$!gYn5fHuqONZ_#qQ4M
zpB!SEI1R??BID?FS!BV)ZlP~D!b_{cSXu*$v>J?!qd%vqrPY{7YcP@4fFf-fr)Z=F
z$Jzdv!f`vm*t6lV>|l)YD?v2ejlJkQfT&iFEx%x_AM)2SMxE~E_0f=DW3jvjguK32
zC7@TX3_KTblH@%X$<RuJqH!Kq)DXkF^0=aj7?wfijhvDhWExN!J_AZ=2xuC<6`ZE-
zFKA3k!(dVx29(mcn^QEU;j8K+Ixo?L21OITGkH4qJAM20Hip#HnH11;CJiXk3TUJ~
zkJHrBYD}axm`H0tk+y+T>@Mx49Aavk21Qyw$Xvy-$x3*TNo`sy8AB4*OGn6bkTKv*
z3jfwb#g3hAS}pF$GX0!PD-qCwZ_|o*Qf=BNtbgCii2gMw9QiiwUmQE0lkv^P)|W>f
z!TY~q;YjZhG#J+q14^j~X#C&KoTl~&8k15nn3ReErBtdp#qOmtk3&qUXi#+EzgB)U
z$EMDBp#sv<2R1Yq4<8LE(h6v7@MKO?+n~loT7!wS1{7)kxK?TFRY>f6G#E=u`)04@
z*i_>RqaiKTH~~$KGoVN-ppo{r9;DTnNNX^W)_@}IawU`P3f#{jrffAR()t?rCdZ~4
zN7DKQ^J>(W!Z;B0>5@7S@mS&qj_#eWh%BHH`9B;}7qG@eWP^#w1{9GKS45SryEzwe
zh|f!^v<4%Q{a9kF>!VccSYjTdq%=R4h~|Px50jt=@;mLM2k|?_J9qk>8r;Wzr-cY8
zCYlT0Mfsg+%%t%<8kBPJerG3+9s3<W{HsEOg+bgZ)`Eyz#WOj+X%!79t)c;?2n94n
zc)nIE_s2CRMQAW7LIX+>Ucf1KFT%@pUQ&b_6z%v{@q8{W(<%yR>Zk!lS^<r;OE^t!
zuo@F-4JOhWP^7(-Q|vD74a(eNkEB77*4NQij;&fn8um4lG32o@Kuu&D5i;y^yDC$y
z1R=w|Itq{`vW*Ba)rx9ms`sj5irLeku;)$nMHRbq*q7zexo<RN*r&mG*jLOk^{`K4
zqIiRe;teQ@H(=+m&znxKE2H}F-TUU4B_Q`MpfMc-is=YwOlJV6sZB>?B7wm~0t1Q!
zgE+<RrZbvDjC<Fhl#Mr?EjhM#?~pc2vvV~l>%woCFQ6}tG*Q6^yx9764|PCeB8b66
z5Ce)Jf9t6ZL`w&)#Kv59W*s16XLc5I?Pvcmr{&j?3@FabfKo;R(wH?Ka4qCCbs1?)
zL^GI(W<U{b5vSO_j4si6i8Irnl##c{^=^nPayqp=Z*v!4z;y|fbtD6dv;rDwr*WEE
zT8)Xc1`}xwDALa06uV2i6^9s$)SyV~EpmU3t(+Mx9aj7f#xRq+9MvG=F2{SUOnG&}
zPq+wZs^RBa?c82zOoTR=2yH+S`pdNz@jp0(#E4y_1|y+;m*ZI$*>*YFmD+rlBY!v+
zaVoBgjKQz$%nQrHXVLW#kTP5GWY9ZW7_K9gE#igY7E+n?PTE0;%deb+0CD+sM2O38
z0};>k?ZWw*-iZdK5WUMklw)`HPN)qk-VF>bW`?Rj#0=Gf5QbVQKo~0iy<(^aM9k1F
zJu##~!_Y(B7$T!;MuLT{;9;mA+eTT5-zdL2QZvn$kwW~$g$9Wa=S#2j#we;Sy~&Km
z9Y#Mctm0(HBiX{iVYwd{YLEo?(})I?sx06jGAfxy+@90a<3f#zRU1sK+JIu!J8_EL
ztMZ;4VydzRMd^NAcsR%QP5j}Imd1q|jK_rr6ln!Cb@+HrQ#&q=iL?e2X$>gSp1f9R
z&ru<99oAqh?RuC(yOLv1pt3z0(w>UeQ-ckQc{W%;BiKzn2&OR+%wQsz0Y$Le6#I4v
zxQat)Ng@_ZgDjYDe%|NEzC&~@<f0CdfTlxaKq*B5jj(_2L0FB6um%%h4Jg8XwN_z&
z<Pc-C8kAD>&CdW{B=;R6l9ncT*Jser{+|kvrn5B|S6c&$3IwE0>v6T6&S~mut1(f5
z!9)cH6cx-+>-)C6x8e}9mZm{bfv>jnI5wS+S2zRGQnl4!Tx|^~(h6w$8wYTjy4q??
zq&1jGYe13qkhMyCoC=ApTZ6H*RBd15*uL5>fV5O?H5gZ00gWYp(1Tza6Tu87f*DW*
z`&hAWi}70yG1XRsy4sfVejMsG78XJ-s<r}}UZVk}6a_S;IF!@WrKm9x)?gy60Y%sm
zoMQK;W+I1}YO6shMPF^V=h(j5LfYs9Msy0qx7lb;d?fFyF&@i+BD#R4oG13M1xRBe
zy1_(r1B&SDuXPL1%$~LYX^=(t`?rtd1vv5}G!Sql*VQLoC5!H->uQMjB^xdMH-U(|
zIj3??X1Y#5BmX%)$geSx-(VuY0Y(1$waS07&P#?z8jR%ky|3$7eB1lFpV7GY70$mX
z>5k&n1FAm->?8^QvpDIF<^ibpcH_dS;c}?&JMMdX5TlOpNIc$~yL4pzg?++dVZM-b
zn=|NRZWXQ{o`RT%F-YBCT2%`lK$-_JPh{$}t{g5w%<~!a=T^W}!)FllIR<^2D7WxB
z#H{04kUTw(P1fOSi1`kKR7+{w2lj|R!@W^-)PuRl;ZrI8c)qK{lAGU7y0#Nx2{(lO
zN^aO8<7!R<adTJ^?uQTGbntUYO6k^cL`WO(zh{s-{Q&!g^KvOS>Ded;A9HzF>^C_~
zVUU6fcZU7^>1CU!nDSk8jfu?|Ol-!0VlxJmiJNFDmV|jC9Ob8C-N~?V8SGSpkg-J@
z1<2T<`V<hT^nNO~4MaS)IGGtY?WG3A_xQoiWgMHd6wPl{L80x8R***8!qWT{nj=<V
z!&ST~UO>N^x_$IIv&Q1ig#pD|X)x|we8u_r(I<~|H71%jm}uUBqIm;~<{=uEW9b!u
zDtykWuqqsvrLF&UAZW|KUx8}{fvx`0tLGFT>aW0uuSorVmZ=&9aqnNst|LO;`N2K7
z^+z4F(>=KKZ&4QGn_2WOOv%Y_CtMW~imP(ks$UBbTlC9mi+;1eAMH76qx;&3BX_#u
zsFDcbs0KvLQ4<l&Q7i6+qYk<kjw<k3rkJB@A~Z*|rM?azw$hi=R{9oyU+y_-r~8v4
zj*8Dz990n^9Myt|Icg?C-WS5XaOBQX990q_I;tT;ILiL}U7SY%ggQtin<9Z$5MtIS
zRQgbF2cW{k;V9n$++$5t?JH2^aR<<VVvz!pOO7qFh9B46U5$xF8cZzGfMSscaf)Q)
zv0Q!y{TL1*_e=7HB%cPQ{iO4O2l1DbsB=zoMK8%#)Is#eAUgG$aC{B|oin{A1B&PZ
z8qqKBL3E9Y=mrzf4Je{ty;jk0<q+e!G$^9eS;U)a(W9=z1vrP3MfZE<>WFw6y+_(B
z_X#IXJ24w%ubc*DubjbnuUrdKiucO7=Oc|$Td4QS4Pe~Q<y`{*_|3~nC!l|?pZCgX
zO!Q|k(VqcDe+HB)5zfZB!%0>NwX!5)w4G@?W{Y}6g$H02H2%|I?4k`QRv{qC99M{)
zI8AS)?4mU$QW;F7GN4GcE2r4KLhP;ck_w?gsrcbc=-^|H?OS~`sp0Mbi&!zf_X30P
zJE12r=sQ$!6yX7gc|3!@Pl6^PJO|U3Ic|_>KCN&g9;co}6KCXm67PheKmW9yEbhH9
zD*C%r4Cz5=Oq66WQIY{gNd}an#|w6u8}Z}6uy;js^o6|(^LV>(2Hv|%RpIAsTo+CU
z()T$aBk)s;>%!B3JWI&y`0;VRq;sh^yC>xm+u|p+8-A|AwQNF=+WH_ILXB(LR6KR<
zN`&5pA3D@)*%3hAJs2kieuW>8^r3I<O~)tpl2!PjZ|yCcP7r-NFtI~fZ<osN7rN7M
zExV7hoLm#Sbk#qjdWF+I(EEE7M=#Pbjmxgdyb6P@yc-!^Tj3{lB;pvda~uNZ{hWX_
z%@MCD7*H%)gRw>L#+hpuuQ4esgGpf-Pzq}<r)Vr1%=yE?mT@3iWPCVS6J(4J2Wurl
zW^^Ct=w_KfK<awMay;9E92yfj3?_0IP~>>NCpmmm^(Ke-5w+Az4MsK74|T@=5*4l;
z>TJ#^rQnwdLOMijHlyB;wc_~Ns-~pdO-F6T%b|x{oOGu!2mWL+Sc1zP5A<9{X$S(F
z$<VT32iebcgM5Fj;vRGzWL5ApC7$fd)tD&EV4^Ssioy&S*U}t)yJ;0?Mt&3A6j4Xz
zZ;X)+mfbwi_g4fXFBbP#3<zWP)A|}DBftax7_Vx`xNO<T=ol~D$6M*!h<GQ6#?x-4
zGO{CB!!(?W`)!qoLFxLwZ4D9JZ)?ImbmRNBt#l8a_`Yoi5u%GzRH@m1&Iugid--BK
z8dS#f7RR;5)4?do?2X6In^dfVNV3qlfTQ?&BMXfN6sI5{EltIhsgWPoPC;X08wL~G
zFret;LQc^*1z(vi<`6RFxZkHi-TCSFuc$WpeqU$jheh`%iKID-_b~n#FTeZsZqA0_
zWp_k-n>7}91`H_Hra`tgpXz;_Dz%WymPe^-EKb#clBx#9hL5}tvj&i7*}X+2^KsvT
z`-&}apnT>HoITu5A@>#Km#&|2hq0j45SK1Y4=P%S=o(yhUwL>+7p&sNfEIRgpCGX#
zIRP{~ZrSRh9L*?PrV?G&+TVY&?n=hU8kV(2ZTxjAp0x2A6ALkzScn0|LJTP0BX{e?
zN%w}%|A7IyD}g=77+KA-Rl~}sVpga4USIWdixJ+N3x?*B;9T&VIBF_BJ8?XIQVa02
z=q;?eJ{F`d>m7X)cg6E)rgzx_E%!e7xgOVwG`_fSCvN^uME-wByea8VMFJo830*}I
zzN=dd;$z&b*B8VP5a;9ORU*cMSStsqV`t$&=WK7c;<x`1Yc5g#?~F@T;^#PAD^7>Z
z-%o~aNE@kZl3D*@;S~$1YcjDI9|7JHKh%p^@gdl10P!}i74(^mdvSR5zj3X27)05S
z(ES0|iYGu64-MUW_~`cv`m~0Q<`ReFEb4Uof~XE3h-NOByK!^g9r!QsvO$L4yQx?o
zhf-`3*;wh>QA9Fuu`!K_jTuaA%z$EJ28?ZN!bM5<Z)S@6zsNr`8fS7>6E8D!nRDrs
zb-I6Pl%KWgp!;b-bOd}wCERX2YXw4Pt(qu6rcK(2K(&uHE>DS?7VrLQSV(H~WA~>)
z>E-)btJ66)c`-k0mA!}<MS?3f!lAG<snbM6KM*vj(*`0w$Kf`9nBJk3a~w1lJ1YZ9
zL!rUAp}3oqr1n}m5gL;sGME&R0i}oxC`E+S{W%V+wfKCF!^4bGH$u*F_<}L2{c?_j
z#$rhgC~jFm-@QW@z?ai^oTP6OrP<bCTuwA+^iRzwAH(n;gGF;l#Zx=ykg9MW8%!+`
zV958|nnA=W-{qXBR_L}_W1@0{LFFO6&SyZV9QtuyycwJ-X)HEF4aVYq4)ONj*wmUY
zKaKdwUkf`tm0^10amB{?xGyckwt@K-Lt&3J{C3lnjFm))j5Q!)8JBQEzUK2VTVo=l
z!NjZ#C}w3qF)J_m**Y&NSPhEg*xv>jo51IaP4GU#mKY$n6EPlrN~(Aj(?NU$w?GxI
z8bmysS_eXAQ(GuN+(J7MqJiQKlm`CAT<KEQm}tOYq5%Vn27codO%DtO<ttY5+{mc>
zY&ch}9An<s@Bu0P8KeG}R4k3f70ZB-(C_ckU|iP2I7#mSxvVuNk{V1THK0hk4yV{n
zQmUEjYN@zpPGXEkC(DnGYGxHmLuPktaUYjiGZ9i|ZMw|%;be4~X-p(Bm`Gwkkwicv
ziMQGv70Ypb)nIJ3F25@*^#YE6302Lng8}{sAOTMz@O8{5kmYJHZaM^{8A@q7G!~b;
z0j1nE7?=B!9<-$~(U!qPTLu(uUCJpMZGmBL;a74XxfD49=o-efh2P4UZaOp;OKL!o
zRD-dkEu5sb3yq1S1`|mQD3Y$?6uU`E7Jk19lp}y1W=vbS+pyEZD{&uNcnuL^;Y}c7
zNxtks5{-!@1`|mPD3S<hB=Hvhp3Y1BvIaXXJbD|l6`Zd4HYo9LLw1l1@-}4E!pOUM
z=`V=B%u_J~($`0;H`Tb0rLQ9b()+Gj3kZ_lb94YFL%c2$jx^ZGk*{8p>!WN>Mf???
z1cQ9_(qLS@1oTG7Cv0gfHaY`}(P=O)su`TQHad+-Q5j5%%79W-GdV?5R8qY*=RjS(
zwq#6Kubmjv)k|Zsqy`j8H5f~}J140n)tE?XFp<=NBI#b7VmC>tdhM$MrF!kpn66&!
zWMHy9xREljDk7wM)q;p6DfA$T#zYc>i6jOTNdz>Kcw?^9d5JM=u+x}b{>!<}jX5u}
zW@@KbObGgfyW&QJi8F#euH<*v;Lr@As9Ti(X)JaxEQ+3^Ny!zHgLHoQx=HsrgVf(h
zeHR4zem#MQ?~&>r^R4wPIOg-9EI)Fx1^Xs~vZB9(Yn@TwQ;Whwk)g&C3j>;5^MB!d
z@ctX?Wp6;#&vWHR0&OFSUK*8~aZ%De-w+8z_6Drz0|@yZW0e>=uXrP!Z&TQwi05Uj
zJS^qD=7_Yx%Y$DbrUs`!o$r%PK^qkt<Ma)vCQC}J7J`&lCj=?2MF>(>I}_otJEmN5
zW5g%vc+6+P*gR=&2!m87W6fzW)|>%Za~ji{L;rswcp1ToQ}56VcM^E&3WjHZHv!3*
zV%{e3<23GydDCFbn*o_Ojdk*t-v)e5<AmQ9zHT}{)eS7)2r-K{!MQCD4=jHI5vu%s
zQPFExCfzlh!XJ>roe$^oa}ZZ!Bi>66%721~H0V|E9lm_{1wXwGJ$*-}EPu=g$rvPQ
z?^=`^nBVRV3(kBrF+6wYX9*K?ga1@uo&Vg+lCBo);kjwvSeikMemha(jin8Qw;VDS
zH<Jl6mP#SWSZbK?#_}&_kvv#jAejpy3o^!{!MH#S$OWRY&H_RDoqx%p)A1QHTq}N}
zRkB%dQ^}DyYIDS--fn3>f_iP6bcy+Wa5o)+so%YuaYYqrx3UDt5x-$B>p1+Z!nJZ3
zkn!L&n#=mhW!>x`>sF3Hjl^GK#)#f7@f4ck)J^RvH|*n-yW>PWvCd%32X26$3vk`>
zS0K-Ck2%0M@pI6pz1$tA5fd$&;<36pX*XIP+h;x=I~YH&;zC0D-X-216S~x59JTur
zt~-eNm(o~m`~*KoWw8FZ8puVsN!^GaLRKFGWbi4-CA(qPOMk~iAP0j;9fO|_aNTh#
zkOA)_&bl}P)H8<<8>xGjcy(vw`w4z_$46reNWmpan(@?@y|D0jS$W#6!L@u&koxP~
ztb2j(>w?q(%t<c6wfyiPbrg!?DqPFA3tZ};5%@|huI1B%|K{E$KB>Y4>k*rP!*6g$
z9Nt|O=zEu#K!w=xc^rxf+0l^kO#DcEb?*{);(*iC{rKTfmnhyj;ZpbR)rmmJP5+v4
ziP`i+lbNY%+)?~{2l=wU9>t$>Gw~Y+e*`kjZP+_-@4uOF%kW?RTDAl8*N%aayf`!O
z62mYlo*avxeQ+hl!wT@P1Mw4It%ti`a5uGW6}d0xs&EB!>-WmLTi4IKVAo`BV<4|{
z=y=>GXN`3;i|>u1)4F>w_eDhSwKt;gNnIufpV)=T4D9AFZzbF}ojkgBVsa-ksJ-x$
zIsiY@|JlnWb`MfB`v&gC@4@-3AVL2}cR&{U8;C2IyDqXi23KMSAT6V#pzVFo%g7)@
z?NKodFsSLD`vky~9EDg;)Z~grfWNmHqXs2$M38R-=NijAlj@UytP7Y%OFZEG(SeDX
zKDDUNuP@lAvvEsY>6mpItOj!jkd_W9ssd5O0reDccsjE=xT*rziOotgS=`s+KJ!j4
z|2~+IxU{g9-X$n0`lT!Qk6h80U9ktY&;1SJ%fsXj(+A}SoCN_&Idf7;`jA|o&mn-u
zvef_KzfIRgu>|{}pu9;{!}%nyKxsXKE4ejJ?>)RIaDCBECLKNiSc|gzE3PD(`+?1z
z%{E9Xn2RqIx$M8eQ8PrN@cbmmxq{=+3ZMt6C^Q%s#VU?T1NXQn49G>HvCg7M{#qQk
zJ^Dqg^(r14+07xIwFM}b?{R^FEV0?f9C~&gJZ;SG1b&V>{V}^5jM<&aF{x3E*)<@u
ztFcaY^JJzoISuNC#JOoO&P{`HZU*GsG}f6L9DQH-3;IdzhgG$?xYDNtz7<L}g6JUN
zKSAnju=01h{{fYDBnWyWT@&DBY}EQ40kjqYSOqm-0lRn!S9&LEct%5<#3+<)@+lb3
zMBtgn@GZ(}6v}E`L~z6SA;Jd0gfefzR-9{mpsPEnM<G_cn{a8gobp#STYTP+2cwyN
zVqVrIZih`Js}X6&VaWRcEa8mkAGmwb9Zp<EEcs@58K76z079aPrD$|hKb7$l?*``n
z0_?u|2kpS=g0Ce$lB5ih?|^~FmcwK3g)i<IqGn*=7J@Y&Vu<HaM~^%JAz$MAroSQ2
zZ8iv^XbZOw+#9&UYoNS8<K~Mwh;}Wip&@SDBXB$HhLG6^F{zn+3}K@EdQ9MUszpBE
z;QP`hWbMzGXqs?|jo`Xdo8yOWlH-F^E&ks|_oUEuj!STR_v(Pa&A%OfVvdy0%+kPp
zNyuO{4FC7;QF^N$h9S+u=BQK?iengxW5{0USD-J_f@|=BL2Ay-z+HiB@NR*Lv+exA
zUA&?5cu*6#t#J*W9i(={|BG=AIn&11>FfLdBECyhyaFw5I3aKk;%4y4WY{y;fwu3j
z4BRTzox$e>sXM{sSGW0lmzV*oNp6K7FH%Jo5A@pt(80S!4-DBE5ad4@Ek@!kGT|{O
zm78(p_Ce}WT(fZZ;S_}4k5V~!nRC5vO9%f?h^VKQY`Y&kRN>k!4Uzr{{*uYfI-&mw
z0SOO+X1>6Wq-+Reang*yeU5HKueVb{qW^9Qm%J9pcF<j~GF09H8==1L4q^fb9paMD
zO1vjfmA?UTJjJ^h#4LH}3=ldRZxeh8+V;++SLG;bh@3kLjunUH!_CZJfxD}M>|;PH
z(Q*aX22)F*25gFlJJ>gY@6Mi$$ZZsKe=s&XpB_IAGt2XWT=|al5QszxTCF@f1#aq?
zC<AK6g4MxRAtj|jpJX0e7TrvaN^7!6dRYEHFcuB=x;@<|M}0sIW``i@>~lbCka2KB
zFsl3w5KSPGlZprY6aI1FIuQ>KBjM!w=>d&sv<0J(^qjIjCv?H`8>h=$Y5H*Irt{Oo
zDdyh82lNAW24g5Ump;6#^r_=IF-YRl1F~*FIU-)l5q(GLh_cdG5K%CR=yO@d5y#Wh
zCzq9OfQJua%=f%%%A6PG(9w}Fw;-YjBbXLOW1YgB%TEuXY*?5V8PmcDCOmp!{>%}z
zFoH=$FO1`oq&}bsa~D7Cd4w?dOH4QcG90#b;QoXwSPl!HhbH48T){p6j|i8z?oBwq
zncD>JG+e>YL26ASnz0LT{{`H_L9c@4BlZv6ZMcGS;IUr8&9DPNoC;#_(Se(bt6K=F
z#ILBGmHS1dcOcwiFn7$yz1;5U-Y!@#m7No!lXL^nol^s|yTF3$ZUj-lcZZikRV^S;
zQ~J6R?3Z=z6m(U(EZejZI{i0+xCKNhh*}U6{*)*xnTZUVi8wmZJO3j>zNm?Erh=MK
zn^-5eW@;DkF<Pt6zc~ZH`$uu9iyPdNE-M<au?1(2>YpElM0Laon<R7LY-B5-&*@5J
zpTN^OPSS%{Cr0MpLiPrHnzBb#{uj)v4V(wRPgNBC8OYoNJ2@|XdqjA87tHG=x6w4`
z=5b8)!d&TRLtXwiuyX{1REvVSsrB+}x`4f&OoidKUBMyA9GDqFgN2*%;EdG3%suc-
zl_1Jy<+3;9zJ~5k3;O1X<wsaR;<aqAptooJ2?nWZ3F{i`WPJ_C1RI`p{L9WOfgg)9
zpPre9`KMM8<&#RvF`e!@a6f!(QEqeKl?Ox`A`ypAF3#-;YzAZKR=eR-OLB98ZOa(N
z9=>t^@&kcYz>y5!Vhl?DyUig5#~6(m!Dgu`VO5m{$4y5I;F32Ug?<*b6#J)8DR$fx
z&@U%*)t!NU>e`8_#a!J-bcx2j`y&?x?t5Ipc?qO^2CO}~aRWn-6Xg30eNZPC;|i7#
zG^sZl*%MGjf2C^r9U$(UlUIKfSLw?^vSbWc#;aDP+rzcI35PQZ^}Dnv43f9v=C4F_
zpo@P3`e{?pxhef8_`3+(+F!<1IvjOdM@vna=-hF*O7FG-$qCTRp}0y<LfdN+`xE?H
zpJNd+5g}_Q44)?29;XEEDqP(XFx;3}hJh~@25#(mcs@X%eC;WlXYPSIe#TWg6<WI(
z1<{7f%XSS4@?Bh>SZk&(@$gub#+mRcsSj3RvG6TakDG(kDfc=@gRHW@1gRDGIk($t
z;H_)NbsT-K(uoFasTbA>Ts=}O+cZe^o{Wj3m!kVKasTck(Y=nNaecqGXLX$at^2j*
zwKn{}$@jl`w%>(;I|mo(>c2>ntLV$9QNA4eqrSZPA{XS8{~5s*dfdaD=AJ<?>RAxp
zI8F)h38=OcBJZ{>`J}nzguVA|Ux~65@B0?VG2Zum1~Yh2ysySOz3*onQ+eOSph~!&
zBMU*q$vqgkM6((9KwmVaT2>yU{tw)vviO0ccXJEI2ku8)<zs>%_287i_ZG^(G55*r
ziGe!_S2^CeN$!AstPkKKf}LQ^!FWdvy^L}UoBxaZbkn|(zTfcresOy=LVfUbWziF8
zk1pmwYRAi`j4N7`=z<+rS@dWZY{*%;+_uwgyusrukV57}v_N&ulvJ*N^=0Vi;J&gV
z*FSj)dO5h?pg!Gyze_P6dp$-C4O9AVfcq-kZ@9EiuKzpe8P$TAc1h5G*b(UO;C{yG
zx&B`RZ^QkRw}$o~jD*|`z<)n%z|qK{dVVAv8ZkGuzO3}bt1PxbJtn87Y)jerr%GMv
z*T<n}!H<#HQ{JQ2(f|E7`uzVB$0eFE+)v$tpLcMT*9Q9DCBD5CHu@eKC>orX?~NAg
z`Xd8(7aHdB9jRd)4k|egKR*0Vun$e}oXML9vVFj_V+v~*c<P-ot1=B{GkkQAYQz7&
zsPV(|L23m4?@#yr)_U&}WG$&HU^Z`Uns=2$DA8W9oJ2qTBySlQxQ^$Y>$4dqmKF{T
zTq~|VtI;Cfj#aBqarL<l)4*S0t!mv05PLwT9dJ`m#MvOsGmlTjz<L@&PRBC|Fuf(N
zKBJNJ6B`CDi!pJZ7twB=TZLMTt4|%8@s2G5H+f4Y)}GJ3TLtbrTzzgr0&9;pY}>%?
ziOWa3b~fgk9)fU_A<yf(0<FeHMAe>wI~A8F*4;aBHMl%s5;$)j=K65?khN#}zZ+sC
zol_UMCR|=sl?yP9h|8CcA*P`lk$M%9l6F2vFJL$vrRQ3!7lrOukVf2$lHYDHW+-q|
z@_rcfYF-dk!$&bh4CbDDNZ!4K3qjf92T<Fe^3gWS?g+E40<r1PV7<~i(cNn2=jiEK
z5BAC2h5mUhBFs9z%y-XQaWCET;-{kq!jCAbiI8sjvU8%`sWwZ)ps~(|;bD%MrkEH}
z;IHT*<hh1%bWh!^6H1E~qE*sZ*(`ijrz<us05atbh|vUYW}RG|IRf&v`ui<1&m!3l
zx<6#77p3AEFG`+98t<PQF-*huxXlxA0D&T!fGL0?n#MXs`-ao>F<G>g8#?zZ<9{X5
z4w;a@r3*G}-(I=wVW`X1U~t%f!g4<}X##<vi64#>FO0bLLk}K~3}KA?t_(-UGe)a`
zG8}0`Iv9@RXo&NMer7DxlPv=;?pb8}TUeU?Ba~N3#NNFIWCm4XJO*OcA=9&OVUDQ@
z_u~d)>)M{vpkg9+!b^k)gLr~drNSS#Td;n39Kfd;%tqjB{G&f_bN}G5bpXuzW51#@
z*lfjlk%;s=>x|NT7KWg)(n(nVLz`^CU}Z9wUx9qb^3!=d9e$S^mhXiYQ-kqLmj?Yz
z7oNzx22~XQ2^pU`*jq{!?qT%aQl@ayWr!GCihvmcVJUvFtU)pDbs*Y-TC@d&^9#VG
z#=K|)Ag>04jS}O%yap6`kK!cpP^Y{ajOEp!$m=p6LEu^v`0R0B;ASQ8S)8`18s{)b
zmK9eG0d>{TSZCF^h#yC(NUhJ@1dDI;JZ$0(-aXf8@Dmy$YalNn<L~tuBbmkEXEFvY
z#|B@Cbo}_++uBOb+1u4QgEL=4@*2dLb?(SWa@>o5Yo~kZ0KdQw!dY}mETEQHW1SMe
z$&Zr+VhlTg%?`#<f!wT><MWTh7z88hEj>Av%iq}r44z1=lb@xYrkFu};&=JVE@0`j
z<h1<ls3s=OUlQx)GpHsS48Ka|a!b*P)ZmbPXCr0&<^O^#{>8jv@DTA;1>I{f_<LeN
z(d%7e24CS_A@o9v*MP^%5+gD#DCjB><rfV01zk(`@NDFfM%70JokJEf`LY3Hy6`vA
z@p$rOHe=e`H6v|b_#}kO{DjhO12k*ZsLT?SWbyM<+I_Rsl2p?@S`a_kw3^czhNsE~
z@MP1|3{ou@*RQe8(tc6Lj9mW|YF+D)$E;PQnI!USq5FHwz12~NO{}gGv-+{s{aqy#
zI~EPHEqU7>dVZulDBI`K7rE3RwOI|@_*_~jWu97dFGjiew!4Z5xUI~e@nkIsNLO+?
z?wfJnDOE2{U)%89KA3N3d>hKQVVkg!@5C_1^R^Q1UyAmIBYFj%oSN)1L&0JjGMUvl
zG_xrRuJR?%VmN#Y7$V1}%2jq>P?Y@uc{Ndl`+|{~MIhRU__A*iO%ML8(k{ET*n8k#
zR0^ahA2GEk(h{C=Ww#akX+*(bfpN)dtWyU$e%gx=m8{FG3n|>oB*jFp=t|s6dohw9
zm`d4+GZB#bJF)wmtdr(xSdDcuv7wF`G2snhf0lO?lAU$l;LNVjXbthTWN_v|$ks%B
z4bNrE;CEYbPptw5yHGWVs5L0s2hW_r>EqVTx_EHWvv^ixNFzTAX=p5NVKm5T9*Tr6
z)M+jqT=Y89)EK2X8EI-PPE&)N=J81LdY$GagNr^!ni``tH$j>ji__E~r+F6AT&dH%
zba2sMk*3Bd&25pU#^N+J$Z0kr&8KymmkloZ7t+)ir8x&_YAjAugPi7NNb@b7=H-Kn
zLR1rtQJV9SrpDqlHOOh+h%~?FG~p%PtSbf=l_E`zQJO~}O^wBAYA{OE+hmrTWa=-?
zy1O)U5bAA38}6@OH+vQ8U^VWk$CJfJ(_I}1>gmvoi)$eQJ)A7{=-NS0PcBP6x#Cxp
z?N)(^@<R@p&HKWG0hx8p`cZq1d#Q?J8v7v%Mn1UWswf~iwb;XIP+IF_!T1bL;s0ar
zy`$tRj_}c&Chg45&d%l}t#U$Ql_jJV3kZ;iA_yU(L=;IZB7;D}<Sb#b1&AC>kZp2Y
zf^7^2L=Lv`nqU)+2*wyNyzi^7p6R>b-|^4qy!Y4Jb9%Px>+0(2>Qvpg?+l_|=atj5
z{9Y9otK-UAgt{&$E9=!*SzXYqtodi)Z*Q+c9~YrBvpsz<*$)f?xE6JxV_w|tCfMKw
z<CuG9t3b+b6_$gr3+llt++9%5QH(R7^`<Uy`E)_OL9qh)^l8Q#$kqk5=H*k-E}%QF
z8Bw#-IZ)|E&zm{7GWX`8p11Ki#@3uCleZ@tYk$8u4sKe^<X-QK;r)W#w|#PNiuVgD
zuivjvZhft?a&MHola|GWB6)8jJ+bRRco<M7`EH^zcQxFV1C?VKIRIAP4%IElY%{QV
zseAz7F^;Sm*t}Fe32>=`tP;RkUhXF-_69}K+@_@TX??)cP|`QZ?{dzRFGa{52?3X=
z0I?BO{X2ML;E53Mmp<T3enEp*x$-=m%bjbCEE+tmb=_RSF;okn)YXEqy3SQj0c~C9
zD_E*)C9OG0(VPm!E`2c;^j~NVngDlRH#B=!R~)P4S4BLE-J;7l=<7uOrast!V-lHF
zeX#yj?4Vw92!wW{H9Kz{RW%-d@@m9~?-gdM27*`%V&j6Jsl5?>=^a&v`8M9Ns`Bza
z*e2^|IS$OO^IDylSWzyP<1ur1FCl)q*$H$YZfA}Mok^@Tb3Cpf%~zT^Tu^6@<fTO{
z!<2kzyLrlpxP8jl{xZgsK4rY<C#E@Ntm?M@N*B{{d7EPHxST^de9D;2U~*axs&h$K
z)hzU~9>nW{Or|P(78HF29NmfPiH#t-NMO9k5IIs0T%<GFZeu}qFb)x~@*s4(la!Ta
zmL4_|!p>0;)3X8RgY!HEX(HidU%Eg+%=cxmT@OVP1UVKaL*_^Y^A_Cq^gbX5$j*I0
zGeD$LQ&fNyWyie*?O5<CXWao~D66RYW@2j9OeoMz3sIY8C}V+g$Y|rxUeX8Dp?yCl
zu<x~wY|7H~=Yn?ni(z*9i-C6fi-Gp7a!Aj1VMsvF&O<xoV5S%G(!osotL9(^e3!tA
z3qW>un?sEih}-_%tv#v@>X!Pq1#1b~<1Y)+Om+|CVr3_Fxylqy<D|CjScm>d9S$9q
zycYVbV|+<#@)(T0_SdLSRhE0PoSKjGN@-7K!5V^gPgbp*Y!s`Hi<R|hR!;UX9hsSP
z*7v+mbZQ$39J=J6$F++}XVi5b(wN=555^lH=|fR7%gEw+69oU#AKr+sN>ZV`!ZE$o
zAAx`7HtV4{%Kj}v@hLz0e<Qx)XTJAWgyL`f#Pajad@>28`}20%KkMC!Q2b4DK8}Fr
zz}&^(W>S~I1S=4q-hmy~K}c8&qG}kfy9^nRe6LGNTd@&D2Z)*?S068X&L~_DRrwsA
z)5rVu;_ta2<RdB3qkLb3@aKI69j30L1(KJKL6?Nk;?tSrxGw0y_;t;xT@dd@eE6}!
z$l}%@I^F<rcM?5AbngaPyw2#}gLp~z_CGkf&jEoHqx*6YG2K@f+i(so>+XO?cPOtI
zHl$E~&Z4Y$50!s5a|4wBt0vYXvG^P+Yu@E}VH_Uuz+lDkKAsWrU7JF;KGx%4^5=cM
zSJvafJqro8YRBPy?*d%2o`5WmWRT@$WDcfI1U_b=?=3@Q>fv(ff|n*My7gJvog!;f
ze7DW9TUB_)-gI{6XwN%cQ_rPNz3Cab2hda&!~)?Jdor2a2j~<onBPC0spJub1slLQ
zWom$>E4v${-l|e@g+&CUcv`dk8Yp&5P@n%LX8o6)CwNWMCgy*O+QhJ3#-*qB!3I9(
z!&DgW-$I=aRR9MIb*%asS1%MX<>H_vS34PJP0G;(jt$U7MPU~N=Wxn{^^Qkfq9mG1
z`r5UAbQ<E)boe5s{}4yEqp(y2R}IJae6Gafl(h&|&3GtQ#8bBI5vn!?v0Fdit62{{
zEyRPTN2dGUw+L15A*KHe-`fpAh<6bgvLT2kkrI=(2v4nULa5@Ct60i^CZ_C;2V4kM
zQ}ICPKeK&vsqam@Ohq4v$gL!X;IZ7*#|Pe<2%_6YO9SsD1XjT_mw-+i=zAmYK&^g;
zr+a%%@x2!ien`aF{(r&`|4SRJScJXe0cz1$o-LQ*UKfJc+9l8vj~R!TKIEptWgmFn
zn{YU4Zore+w?L$D0#nn4t~D1k<!4ycYI@PiSArOVu3z(eJd6HcQvQf1w>$nC0yaT8
zL-2fd!9M8i)tG&PD^N(d0dD`4^f(nnNsk+mT+$<eA6e4lKc`eZ=XvuHYGz?1{AafR
zrO^K+&l_+82GM%&!g_V6_#UkMNErElk(PlOOQzfhMA?)>$HJ5sF7mv$5DFWj@>kwp
zE?TbvMJIdSM~%?t8KlREGp@!ujZo8w;p+wR%GZZ@&R^Y%a2&WVZo~Uu2-S1YCvIuS
zOokvSw+z7RGzd%y{()KEyaY32FxHuYxVC*Erk5D;>yf^9;<dil@C<CyJPKDGNc;_K
zcW;1uyVF4YAWuxde@R@mC*IycXvp`~;J*~`-?5>>-(WorBCI%J5!$l`1AmLUCHF8U
zAc3_1Xtn<(#S2C^;kCTY(LUV>wdbRb!_W$I5dJR+y}Bef{^kt9klY;~(P8-bEkfhF
z><l*y!^a|!;eEq>?>mIn+p~U9zaH54z=e^p9kDYJTJOuUo)ugA-ZluW|HMtrRa^Pq
z9}rs4sPMz%55Z*#1W7q#F$zIw-M+#P4*A#$+x<}7FhOXYj|}&mj8|t)QR0y^VAnI1
zxO9c@eS<(Yl(`3PX<maMlD9bmS4|OEW>9f0v==qQqkL~agx2#RdBzF8cQpbD<iG70
z-}@9n@?Uhk@4bW|IzM(2-b?$5ro4<uEp(#J;eEJK@oxml^TO#E0Z>p<HeCsWAV|ud
z7x><l2uz_LksE@KQNvJQdG~A_V$UM9;Dj=G4pxl*gpcW?f#537&CoZEYr2g0Lfs8d
zl(=4O8#mVX&U)JOTGscY50>Cg+2KgVTgwxV^SwtA5Jy=faplH*QQ`yj5I-K|6$tIG
zF>wX%;zXC><6VUIS9~|FrM!b>yL&29F`~WTy%66sEt=o94XzyF%FLMk{OGSc_};-g
zn)uuJf52Rcga0smYofV^cj(@@NQ5wL0Cp<nIBoJ8W^54}zK5;M9rt1Hb1>$}b1{J4
z#UaiQiP3xEoh*crmw|1|eQ`k<LD*u%e-_}Tc;-6vzMGr3p+^1|GAl4~e88fAK)i~Q
zo?&TBi4p%fkDKBJ+Z_u}@*PaipTqeb`4C#?Y(%1q@S#X_@IJoxG{VTokt%OB{sy(Z
zi#4XZ<`S^n^ew<OlONJBTOrniFd7XflX0SbC$l;E9d?-hybLxAD-lM|OzwiMW$z`P
zH+s`d>R~v<g-hW(PxC92zXZ_*V$A-T{33YfR>JydE@0US=nFGdDmUcK+ok$t(T!tZ
zdaG1Jx<6cWmot59Y8o;mPpQRmh?LNr`ezr891yP@AGH<thfZrj3>qu1B<ELxalRI{
zgB0JKjW&v7%$Pj_8C^yS$esppf#$|?<mD#%#VqfeSddR-a})d#Y2G`rAZlE`e{zs!
z7tr26S*&1|oIJu!UkN>zD#}AI2;JP1@_(Y}FrpLvK~la22N+gUz6EL0(*2k7f2{lq
z6s#m?sr+mEmXB0?^&d3zE<@SV@YR2}!XRBB#MW1WSk9Df{PyC$Xxz0V=K4+9F*thY
znrFHVwaLwg-W#ETT~HoR+<?8B3(Dh(^(MqY^LQfL2!S(I>T#61i{CHL7bRTKK5DQS
z+`!V2=3$yyFg?;dN->@d*ozydE2c-9dG0Q+QjFE<*VSJ(nJ#8GnK4W^nJ%WAOnDi@
zyBxB3Oqv~xs$DSO7;G0)we_TGE@-P}F|C@2>M)|@y^n`fkW^`Ejl3UnpJJl^IP9a-
z)!0YhxQi*012eZ9+Lyz40Yv4t^ZUy%UIPL{HpyYU&cst3z8ya^!#2fX+YN%lwaDSR
zhJ+cWUXsIa9e^?WH>Wu4x>lLKlj3k&0fNIU#bMS9g2PKr4co5(fng=rxfXz6cP{ce
z*J=_NMnzuZ>NUhHugKxkex+pE+!J{VNMX2$ywxVj$m<1BlGlEfBX5BrRNiV(G7MoH
zFLm-1lt%==xl&AnD6Gc(i<38|%3p9bPTYcfPQh$^E>^s!5c*?x|400Pk?~6ZKjB_f
z1?QDa1CI9Hcu<Q*GA{8JCwtyS2*bC4b9mD$xMF}Xyr(a*-NT-DGs5uh&>yi*n-^Pa
z%-m;gmG%CFF#JqEtULfbb-S9@uYmf)&-UvC9O8oK`*rE>W_aHE3gS4z8-9U5W#W;K
zpe<K}xX3R`w#;ruR*D?wsH}nuo~K}g3!bZBKNno#k2R_&$bLS2CBUPg^cH$_B?VpN
z5BI{IVWVvkhL6XZ`W?2evzPnc@OoJ0KNDMCj90M{hA+f|_;+OP#QE9qqXYP<tybJ+
z*mA~*YmxFM3%V<bwNdt;3-2+PsR!^&3%p>rPJArj$D$448Xbg>D-Z^4>qjH@FUR*-
zREp!9p}`&<u(9u5hcM`CyfVI@@7;)ixEI`qgPG_Ne0+s4=msF4Q@pI|+inN<7-3L{
z?}xk3!)0UyAvT&1Hv@qLjAvY=Mevitqw(<!!bbSMYNoKenti>z)ZKzfdc#vaZ!o?A
zoXIbse!=Vbh`xq{bJ6{tH)^5!1p!|&h&pHa-s%Sc!@FRH5%3a&Df~EODT<qh*s%z?
zi=g5uh|r77T?3*A5lYD20phO>7#~xzUhW1Et&P~}BILO3Jp_^4Nqhw2K}7Z<@hXUo
zT6}LQLXKw(Z}-EMd4$}RAa3gKdv77+zQvb{tQccD<{Qw?pZDxW7|M_0WBCaf${*uf
zhVKN?L*lQPh%N`Qj>L_AF8exiT&lS-`{DQW{I+y=A5c#8i|1kyYClm}FzKfL05Nk&
zzK^eeWdV1pm==n84YFB~1=+nz1zIpxpbJWYX%={o3dP{2ZY-E(EoZ@h@(WVNI_0T!
z%dlXq3>Pey@ww*b6k*CpzlSouR~XZvmwOXm61ik7E)=Y9EG=UH?AN6C?E}{ES#kCp
zpj|F&FIboL0c-eNI(q}qZCuv3{A~KNKA^CsFNZ<4Q&us^TlfOIY!7&Ma0R^Yx2Av9
z2NVItXCYvXX)_$TgkKKyy|IJPhaUI+if$E=l6kaYx2$(QPQvh}t2FNMnmU5U$OSE8
zcndbF;Zy8Qy{3z_71@gl%dk%J9bak8b8HdhH;uX3Oc)AGxyqnHdS*9?C;SGHwVDKa
zq{v!pWl2x;mRlKF%IH<m()p@_{-U1+rC}jcdb<T<9m567`o8@GeY0P~uHPsu5(+^}
z`r|&J=>xSmXHR!jqpmPDLarLDsXn0T1MJcRlod_n<?4fs)WCwV;bXyA4P3BXgTX4)
z89rm6LC12G(G>JA4gj$Lgs74F1S4n#llleq$%{brfWQMnx%sz_alQGswTh)-aq~|u
z^jVBr*~fw|CQ8X2!R<9SD^<E9c!+{@HS8V1C5pKsU92qfXyuHo$g5cu1x3r-24<cZ
zU&hE-|9mSxy)1rk!Mn;SDmNe)lKmVhE?Bok*gyLd*wF>Wk$)ayT~HnQ2jEy=qf$43
zFi0Jpy%gtQE{ONnGTD!CF6M%*J=sitc^}S}<1_ieFhq}vq}$&3QCs#rsPucqSgEE{
zuwVEPD#gHq#--ovgEf2<Hh@3>9ZG*u1<>DU{J1WE2MTwwmcjMudsfG>)(5iiNBNif
z2FC6<2~`{vv?cebLYD$zFZr%u9G86M+G`I9`ylyaE!Aya7b`dKXHEt6L2^2Uo-$*s
z8D8u(xxqoZSFvWYLAD3t&$|t?*!u{%b$<57jWG9V>R|GJii^iwqAb`(aE)Irv%~|+
zNt1F0k~Pr<MLC&?=A14p+=zq+ZsL14BjoPFs_boLbb;ppT`rvsOHqklJY&n<i*L+l
z;e~Tep(3e^1m;E2V6x_>bxInzplAS@HK=_zb3WoXByU4gtN~FPwT$biJwheQ5Yth6
ztW$~|wJug}gA<jL7AcL|ixiY0c9XdRe7RzFc!S?-n6tmJ#a$r$dGsA*9iMX(^oFk>
zwpdOAPKiwYYe?9szZXQ=;Dwtd2?iG#T_mk9utLj$8Or{K1!JakL6I#>)K4|PEE%#y
zi7#-K!ZBaqRRu+?^#xq8><jd|tkxHBL9-6rFxK<_?y_26zy-}xPG6v#HKz}NZ!Bzt
zS06Ot><}S$12zd4HRIS6L5Q#oI|hUtUpHJ;@*_d?hYz_k{Yd872azk3s8~J3G+8HR
z1%KYwyJo#FD4``xpNr;uKvSD&=vKT0RKFD-y$m&3O5o{rIB-&svqkQvptABj_#Q5Z
zSL9}38s^w|U8VLTZ@;ic2B-z=3EBbr7v+q#sSB3d^c`j8K@^7<`VC#=p5s977S@TY
z>>UpRuCh2gb*iyA6L6VD3kxE9xo250riBZZwP;kKa`0ue;4tW7!PbTDP@Z;{VO?ko
z#tODztY8-`7d-xl1&a&Kg6*(*Xt-%Ot|}!r-GZ?)T(De5kLH(QR~|MmDm;N=tqYwR
zVagJ*cG$RJdDzsttajMAV0qY_HPVr4hm8vgtGLkTDyvjhhL0z`x8E=$Li*W3VO^HJ
zcaVZiD)n9$)ZWYP-{lH8B&-$zoBo&p7c>G=6tISEGA3-6j2Ef#(r(EvXfmcxyTtR3
zP~HLLrGU4`;223umNjg0*q(l+4_LJsJaegftLDd4;^lS-+eCpO3dXALf~vqEXuh%X
z%2r@U2w-(C808prqp(S&UZP-3stY;>eNcHZ*Lk^_;b0N)sDfO^N-g4oj(`{4!ZuL>
zuPK;w1-PKrYYSB2bLEwey=gd5>eaZOsh3!5mRf6og0XtJpku8W$}9Dnt=8JzmAa)`
zYrh|p>VhhD9&|n3<=qMb*ap`rh_3AAwpOXPDHyYW3pyqot)oRMJ4HvuBn4xYbwQ`H
zd+H#TVKq3cuH@UoXDKM_?9i}D?iF3AApO$ZFa>|@f+Mt6>lBp!J}_*Rj`1%Ar4QPL
z#s!U1sScQ>mm_U=)aFLC!4+B?F~@1afb7VLaj^30WF~#u_%g^LReNDrpZ+Ppt2H|Z
zYVAe*j-~XK7?U?EELA)`$Q0LM_!V$qlmlUg-6P7veMoMBP8d%pC|0o5a6zYWJnf!h
z+r71M5^krr0$fl9bixjsDX*-JN8{VB{(&`VD+OiOxjI1KujthtbDd9T;2byu&m!c`
z3sS+xnD|($3xa-fDAY~jJHJ|-vo$2FgV#&Ko;v+oCB{}47c8$X-e@!4oLwweumTUU
z><Ttcd89|$GAtM?!v)J_Ow{}`tCUx;O%;x<V8<#LTftngyn>zPvf35Q1<Nbg11_sw
z!CbJsf<3IPVi2xi;*veBs4N&MeygD@O0*K%Mux}^dZs15gzXwGsN<Gv%2?$c$j%7?
z>EEo6FAY&p)|ACToy;*8YQgQwDMekOV5}Rvp!UK?F#umzUg>Zb26gE>`+$`vbETS$
zVfl_L_EMavti}kmAXju5mbU@?LOHpqm0_9wIcoKdqDAU@Sy1hT%RBX4_V~cBC`>V3
z?K@P^pZ7WTj`turcUma!>1a(A_w;miPc0a8PbVs8tmnC4x#vw$*0OslM%`hm(L{V{
zmPK!5X9Z)vv<n)e7C*WkXQbSho*A~J*$W=hjMDIDg|*UQ_STYRaXVLi_%qyc39{UC
zf2>>=)W&2{m#I`y{1%<mu2e9lxC=T0UR7Q(=xsWw{ZT;~-?rzvpd%o!+Cp(`7*vA>
z1!a=A0$k7$@UHR>qJY&Z;8O)-9ohvQ0nHnj#uII?(<;P3tAPtT0w$;cG2%+qV5)*K
zBf6jp*lHdg*eGv*R^fuMHv4a^J~419&KMuYh;YHG4}vDy0=ZyrX)si_Ko*ScL@XHV
z=`L9A={u`V<t-4D%T{1od0SItTKPU~N<R<9T#$;HHS=p_70Z06mib=6m}OkhvCNoh
zrfpyk90G-P=>{lZLFpY!F|W~F8z`sDfYw|tSTdIjmds^ASyJqhG(%-dP3^&w3zp5b
zv9iX^#UZv_Q)GmEsom>T1!E(`1)c8oi1LaNf2BrzLcy33UC<Hmo$`uTc(-bhn(p*^
z+reGX5inSJWfOL<YA{+sPT3{b-US^2n<%fe*fpv_473`!pd(;`3Xm#%rUDL7FlIy-
zbOc<jywVC6t80D3j|p%=N5F5CS6bn6)!=CbW3AwVDuCYGXUZ!BGK!4%_LYJ%AnCoy
zax%=F6YX-+@ndtM3!1XLhC-)l*;COl{=DHA;B|q)7&U9S#8ihZDb6^(h8ULO&?%gO
z6bzXZXP7P!94g`wcAFG4qjacT@saHinV?{7h`3;Rh)hw|vS-K{g+pWuO_6oJM*G*c
z3d(|KyN3&!`ldgor{ih?0qL{5aImeQxL9>zW%_GyE^;{mdKIe`Nr|^SZuhKr3_|Ys
zFiS&Sr>WQm!A4<DCLjxnWIF-fs+_V8*$K!6OB0X_mL?zzN>{Shy;Ehz=4%%$TlXGi
zmF^`zF*Ft*e>EHNgs@)LiszI~29iCsvY@zhwrmT=%67qW*)OQja?48ZS<8a0&tI5f
zdZkPOwhRl#%5cGQ88w=}Tt7MN?Wb@D+sB?-ZKI%wwWn4tSoZnnxvbXbcfqpHzpu+`
zeSQ}#`}~WPRSY5ze%Z|zD=M~UgV0+$TtV@FY&Um7okG|dKT|u)l)DUWCP!}!wEfNn
z+3(WagSjC49ZZIYFk1dsSh@UpXQAsicfpC?AQC6~cbY0r^t8yF@metEL_e>bv8Hsv
za#OyftYs%!Jlwx2EVDo-zSoB~J8?tPZDiUdNSmFkU~JlTLC0pz%8N~km)j{azEupg
zHgmz!SareDShZkmyjU=102eG9piOluj~6H>)g9|rcV1+UH7EU8bzM-a%T;EP@`@4f
z(N$)Nf-+ypD#PA%m!e{sW1>OQn_{4~j0=`5<ANp2STJT83&t$tf@RCxt2)IjliFf6
z>~kjC?|4{*y<*NrrdP;gz^(CBXY3X86^!)?7c^$_L|g~Oof1`xxG#T9-1k2w&IMg@
z3n=a^6}Q#KKcd}S1!LN|pet?##r;&p-Jm(!VT7Em>>Ua=5VX^V3#vG&-;rHLA(?pg
zh|CGxi3&2QB*6uZglqtf?^NC#dH0Fxv-4Ja-hB#kHsUuKq&qRkxF9$Op<na2m3ov{
z8f;$(xT_1_gy(2b`YHq$v|okbV)m;LTui?TK^nG)raM$k_u`MW#2<gGC0x)o-8Ah5
zGCgmn19GN<Vh(G37gW=+t1fl>)>0L4>W}p;7jy&+bn9>`D#pG(>c{Hff{uV=TmfgR
zfRlbqfD1YTzIO$5tAO+-rccHCvkN)`CMmB>;wMJt*}}9R6X1f5fb*4CX0_8*gG&|6
zuv6Mra6w1FW6CQd;5==GrxlEi02fpNeAqc|rm3!+S6_smNZ^Hlb?j^QA?GCJh<U;;
zD6^conRgcQiH|13^EJ&W+p9ZuHv5Z$vew($xu8?KZ<JRigWYv}N1GarWk+iTxS%7T
zUU_9jzd{?RMZuVPT+k6PTX|)e+@u1wS1>kAT+k74gsZ`&D&W{3)4&Cd05~zq_>xa2
z<|#NajeEd{e<sL|K>xI<vd}$;6U){<pgFPRXnk4*i6vjep$i9F478SXL9NFdWASwf
zDnQn{SA%isXZnEhmc2Cl7s@Il=xrQhu&fwp%W^@-W+OH;E!@rl@N!Tq0%D*Q;DSa#
znh(r&R{_#Mf7Aow0~8ds{;X=nKr7V+RV_Z+I#&h!lWO$_b-B-RV;}}XKyG>;aL6FP
zy6*gou{G7~^bUvoqpofhun!euUmo&hUFFTdhHY+Y&*6`+C$Fo#8{ljg%mTb?e|!Ow
zf|9$&$8j_K-W3Yo3s=LRHxAw9Xm*(gq7*Ox%;5-q5dJR5{u9b7vkxu<$@!WEWjAc+
z01L)E9TzNnI=@w+GQMRlkjp{KS#arc5D0rYsF!iQ9Q2)2A$z4SoMp_xqV44%7n73Z
zN?%$zIZ^2aE#rK)Yl2MEtUNp95Cx?>*p_!er$g?fyaOOvtVaQRDj0jx=YmE+ie0C0
zHftX>R<X-;kwA%6>?++LN?pX8ZR+ZFk*s2F7g?rQtczUjg0_p??&daKM8@by#l>%V
zTo;}W1!a=3CUHT>B-<*l%<WI8fEZ{6xS$ar4`2VN0>q>KT~wXs<AS#p97RJv6*Y^l
z`7O#;$vv$_#Xwt>3!0+RlhD3nRDdj!Per4>iaCmyCy8fZfIP)PqE8Z6vw`fB#I+>s
zlf=R~AncRGE)sUfe~3zqjSv?skC1L<E$;=)nH0s@Q-y1khcz#iVZm4#E?6$(dd)A3
zWcf+rT?$X2SbM7QzJemwo+`Lt`BdRcm(`vsxM2BIVbqr8af|z5<~q3xmQNMND61Hx
z^dxbbqO!RwJxN?mE7>QBk1GquLCI5cLG1*5l6bZ94kRz1B&Kk*@_Plvx3NzWBL&-)
zQ>Keb1!H5w1$Au9L4TXAywbJ#Byp2Ipjnq^PQ+z3S1g|-zJjK)Ajg(GNqigNKFY~?
z)jUbuXSL@Yq^L~ce3Cd~`8LMxc<C7P|ABjEz55VyYl1Ml9){Irnk+uUy+L)|B@5yp
zzLdwyP66j5%2|&Ba}Nbg!s&wKOuvIUY@Kpu$@yq7Fm*^5CbktqwC8qv7z%G|l!6_+
z0dxH7+|)<n;CdVTb#<frfFrg?!=~n8rCI}F1Ge!e=Z~6#H;7ait1xP>+Uz%z<CuI)
z({MDYW#m#Ozt{B+a?jS>?CtV<U7KRvjDhldUC9HXYcGl&wO31VF;pn5G%wU4TXrVQ
zGhF3Jr5{uCxS$wv4meLzPMK?ettNLta(dypTjLj_5zthAMUUpWRaWtD(1M#UKr6mr
zR`D+Al6x_#l2!Z*WtDcatGESa{M%LBg0cC-1<UitKi%4uSMhEZY*+EsAnYo>mT_Ih
zC(Wsbk#MUU!LH)d6l2kL6?d`nD&D1>KUl?g)`Z~@A(iJMyih@T!f2NP7t~?7@r|DM
z6Xo5}3aG>oIbT7UWk%tR+PP5C1=CmIa1K{ky`L&46>A=x8j&teh=ckrW_rV^_&P^r
z=2>L!K)lQRGzR-a3d$UEpx>N+xDVKRVFi2qwnrk@1<3dkwmiF`2feKsIec<<(7GUd
zQ0fMZgAQi94{uH!4c_G-_&(?dU3g;{alT8OdJ%;8Q}aG(+gLm~=pb<e=PECI1Pc54
zcBc7?07~QD1!dfSigEw4a&ml?#{B|_17XJf`;M&AxOc(QxOYJr_gRkn`t6M_<4{6r
z{9CXFpdJ4%RvP~njE(<+Dl#_yW1x)xJjeeC<z?@}Jdox*;9@i=lCsNTwr{km@>s{t
z2QDb{!6I;uRn9@knzQqP3(9=pjp)|W;UHrs-xK5i8qNW^Ff7hMyRD$1?Q^dlLzw4Y
z>qy{?Q=WUZU+6sdnggPArny4pOY>Pj=0XK!MYNBGU9dbyT&k>PKZds8Zu1sRkuGGP
zd)=X6?75c<>SA5n;du|bTJX8oVXJZ0<_h3*uL0nE#^vO5uMyr3rq5g?X8RZ>>sY8}
z+Y)A5P7_$Otucf#Tdy&WF<SxIc_b{ZSr>?s+1gcp%xr@djG4^^%Vry{tUol{R85JQ
zZH9s|v$>#}Z48XDrK<(ab|TEStt)_Ln+DF^Tuw3DYDG?v73X-E>|txRonf|anxJGh
zL#Ww|anx+stCr0MqGYybT{UcPdqqJG#?t#GE?73(>&p5=v;AFDWC66j?Q;d$7fP<7
z3#!>>!5GnwrpL${00F79VYY5656hTq`Xp9I1LT_iIuiDpexv4<!ECSTTTlwOb!}J9
zSY2JPT-QO$ibq%WWdUB(Z@&bjy{11+d1U)(A9z|&JWpG&1!D!fV7cHKDzt25>Hqu%
zvC`ILf$|inoGrtGu`*n+T*ls-UpjPoYjTvr6DihiO@6MRh_zc27c6g0?sZx1*2D$N
zTa$metafYSg5|Brx5_G&b*|~3Ki6~_>2v59vPZa3!C0SjL3KtrMgB$wi{oMiyrf`E
zfD0M{a;0)P+vMtKJt_G+Em_*#x<M|ey`3AOKPm438X5x9ygJ{hpw#mk)Q385r(msg
zL#<>Cv_-j~DatF(#mHJiB{{uRtlrxgERyNvB7Aw}3kbOn0vS?sZUEok@y0A4=iZ~N
zEiBd!DGN%kvAymQ<&5<@7cBR>$CTCS*&I^KS+E^aFDTC-7Ho%<1!a$E3$|daU>7VG
z{IUvl#xg6ph6UT*{@Q(vak4DfmSMqI87^2Z<3-Ic6Igjj{Yl};6l;f6?Y^cg(Z>!c
z7c38{LCPu`*dgVD<smiJWwk@f1<ONfg0f0W$Q^>7vG}HOMa9ha<#87j0mi-9M0w>r
zkG+OFfmsSlXSMy(1$79ViEg=@^2%z>ZU3*4>nm+2Ik@~3yY_qgfaTNlyc$-@`Z6$&
zX=9*Ozy(!-y`aEAx4|HwcqqVLc8PBT^XT?S<q%)sUwT@7oPsf5zy-C4rI2>I@`^zz
z;0kPh7rEd+gZk|HeL(S@e*(K$PPV=IhGUr$j#SIZy!V~f{5S>Ku}W*L3#wWdL#?x2
z(^CK^nhRB}ffQgH^a=%~m90Hp&`8BY5*2x=Pd~X~pR6|@!5-!nu=6V&=5>*<hk46M
z*u%UvB<#?8MkU6Eo(q<T-dbgK<`oX_UW&8BJJ`<*IkAr|!-BCgT(De5Li6`I%&Sv)
zk~_S&R8Yj);q8Lu;k~oVYKONAmWTJbE~_2hE?6GkE0nb~yyXte6^hCXRXWTo+ypDx
z!@P$5jg_Rs+V*xq?L}O}{-NTe!|*WgT6C>;6;K-0>{|ONXFH8#i#k-n27<OI7c@m>
z|BM0tbLA}^=DpAdG}FR%@LPWAisfP6x(Q{lfU@K;@819)Q_d7YzO9pfw9E5;r>Gc-
zhj|T!MaCv8z~|3ff|?hXz!_hCGxWC3_*z34XWY95DR%4E0ixuLFEA;3<x%Cv_AnC^
zjO}4uu-qf3C~LXbLqQqJvo$5QhuKEK*u3R}+O%uXio3d6a1V0{EVHMAVj1pX9s=k7
zE+?Iga94cw&y@(+BjcwqHTgv->CbxrQ^HrA7S!WdL35Nm4rPsd916xg4h3VQ_7Mjx
z+vqVx%Qli*i)&eM$>UI-K`>w0<4{lrf}Jj2aLOp{lw7b}@XN~D$Kxpc9A(%ksr^9H
zv8q_GEyIGb%DG^<j6s?|$NXiFW30mC30se29|dC`hYOacq{Ed}G_X^W3zny(OI%hv
zCAnaEO1fNGr6o!p$0|j|%+}*@K@nhj_07r~^Ehr-5c5HK7I8uC)!DHa@X9M4m>$Q!
zkn1aLD9!>odK@410UeLy0MlMlR>|XVK|77*9Z(f`3WH^!!lD2@j#mM8u}hRZ4&{h@
z916xp?r{#NMZ5!Prz<Q5rN?m#oeLMF$1%MRC?3c8^f;80ZErk|)SH;_x~U_6U@&#T
z8JPG;e2mxSdCzYxiRw@%zFR?*CO#15iO-~%iLXZsiA{V@C>WdgT(I2lpH$ZJpoX?G
z@x7@jv5D_(1!LxOK{el}FyA`ml@{W}cWoEChzoM!`wpC*b|%r6;4-WUk%BVHur{b#
zy$Z)1ws#d|pDL|?E~siXqUV0;7Dk7Sjq<gEizvXy#dbDM3`8Rpsn!Zw-!4@>hA=I*
z&a{i3Qr_mY*c=e0bECpRrsv06tX9ETi@9LA#Tu3Mhb=ZzQ(`T)zJjq9b3v!Yrn_3$
z7VA<_n$fn{ESHl@mFY7VYU}o+8Li)YnSwFD*9DCRUd3`1`o8$Ro%?3JlMr$Pqx2B8
z+ohT+^&S*8$~OO)gN-rynHz%}S#*&uQcxa`udmm%u5>x=+~R^p3wf7dtrj(kQinuU
z@-Be|a|G?X1b<XcIrXr&a9xn2Rt^DNu+$eUD2}jQwR%-%tS`7=xi7q<tmTyv%83oq
zT3uNWN9rAe3I$_*!3EU@G~yuFh{IIC2nAy+gbNx0<~)a;est6*o7w4yn0Att!CK!1
zO-A|Jg%;%<Ktodi)%l&4EIrFgeL+F&mdnH51)chQs=P99Owdm8rGnCZtXeK;1bAV8
z{Nlkv1Z=|mfe$01UK!l7ZdG?1bWDHVO7vL&KrmKD(v?ooROw3j$h?+fK^aoEE1jyG
z;yT%`<btKH<btKHWI<^f+m+5$nK1{*1<PG&g|f<GCk_ydnrgWKCp&D&B7WI0*ckgj
z64-W#>sPoP1a_a&!EbW)w}(v@jJbXmjA`Y9Wvza$LdzZ8JilPU*7dt)u`>tQnp-ed
zh6|R<xL))3*^S<%FxRJ&>-VmLBG&FkU9jx>{oQ4?uAd8*UB7Q#R_pq?VA=KiURh-p
zEL|<h9BND;9jde&?WUFN7V#uyiJhprpfdvZRNjHCI(MVv#(Lgq3d*!ZkFN&9uEv$h
zn<2?Qpz-+jn24_{R@Mdz<z}+N0Sf?SGuZ%ejB=JYlUJ_xyoriR9l4p5@%1<DATqHu
z;3^#7w26UsD7heqlDui-f*eXvL#CTZ%`CG;lg<_y1!J>?3mOxq_$J>P+P*oelsEc%
zNm!quaEB1aXXqkfy}WJ^B`<HaNikktmzEs!8D=UNTPIww+{I@ptMnQ>xTT_dXiCgy
z*jvHaI^lxaSNKL>xAID}&}TTi3%@?;g7g{qM&I&2Abj}09pucUUhoO7C4^t&V=BL$
zb*lj11v?ZyFW^^Xh2P_&cQVYiJHB{#1iobRh08%K3BklKfDI4Cj~7Y$Qs(0q41|y2
zqw{lceUB_YzB*U3e1u86M>|u1;o#4E2a~pBz2Ce`_>!iMKzGPJ5Dt*_--5CAzgIcs
zDva%EE?AnhU9dE1TTl#br>^%@W^C$m!E(EPXsba*OYO?N#J@GAl_?K~{bXFkK&!0_
zmb7)jlC~DiQzo>PuasNMermr`&RgStrCbN7xK>TwW}X^N2@i#hqE!sETDf3JD;F$j
zWx?1IW5JjWU9fD!R@JGz#6US28#`%=_>oWRo5Z^+h<UE;bGV>R0(4py&;ZYA#<MhI
zqnptMbx=)12fIaicOdVJ;gFP9gX;p6_EI=B)r-Np4n*4@0zW$o?5&3xv$6_pdk2HF
zzeb00!MZQ}`pga!${_6`-_)7?7{Wf+{L`3!e@yKQA#~^xBa{QXZM$H@?DG)nf+BPQ
zgpN>7E-m`?pXOUq+J7M$n+x;fl`9Lb(jLtP)o_)l>KtZ#IUFEWT>+w0)#f9NR<WwO
zV5zDWj8}D(<{#@;bw>qbRdvBqRp%+^530JB8o#2itM98^F*n%-O;x3noua(5EWWA&
z&Qg$dE!oNiT>)xWS*qU9&UTuDF%4W$J6k)t@l9Hobn}<O(W2JPDnP(L>6_lSD;Vqh
zE~rh&b6xM3Q2ouYTF!SnNZ18%fg#KSxPpXT0DC}`7Ql5T#VmlmT5@awd`H390_cL}
zLH?ey{%`^OT2qQNHP$cLu6(bc%*%FP;DTyCp6})kH$76c-~xC_7cN&SD61kDK%Vb5
zx}4lJ%RZ_7SCH{%EqHxpiCNeM)xw<O=P=`6!rCIgYGXMGyOr2qrO5HGol#w|G^4s;
zX-2hR%-9FH%G-NXE?749q00J0W1pre(yQLlzIwKTu{yh;)|oTv8dkF>93-u@R;MkQ
z`E4t?ptcepu-u`%vZ;iC^ju7FJ2>-Z?$K~#>G^vqC^|l--$S>Lf-xOk&=dt<g)e1?
zL-8RF#b)>ovkUOe_~Ll%1L8Y;kL_+V;oaO0V*K{%pPU9_C5TTDa_4~f29f#raiiQ-
z5u6!rD8qJqh|D4&^F96nzf3&r8KnsW;P`mKx-t0P|1a^e@%qSrtRFpy|KBl==ZW%@
zNWo4M!P1S7HxP15nTx;R6Y!@zqs=C%x?lOx1{<j8&+tQ1%g36IJ{)teKW|%nixc^C
zpC+GPjrHgxG|Xq2<g18x{e*q7I@vuL$7PIP(USZ_4HhuO+h5D1b_c!=@ye5u&B-SV
z08eJZsN`@Y%t5^E<4lIXoN||z$Odld$YkDwkl!oD;nvc@#S}m4<3Y3K$e6pXD8Ed-
zmO|Dmwoyp?DcF1HFH`5nnJQ4A{l)k?7t>#+9;6sO9s7&%3n*u!At>$dt5Gjdx$7&F
z9*oz+_=(lUGr+wLaTy6-{?KtS#RO9zm#f?pqtko!!DPFbJQHa9spRONUW)iunhV;S
zFA>jQ3v{uf(%qkINMGCs6IuE5V8c4)tYWDTkIBCT8@pKhu>N`4+QqEREyiWq+Pq!m
zMS{`hnQ16|hw-Lz{LDQ#DES)F=dc<Nwx!k}z8vw2$D?%dN)T&EH1m7>lAnR>6~3m_
zLx>knL(+-hdly6(i818M&qW#6Xc;s`?wOkOtUj3Rj59A{2E1N5Ap@M%`G>%{LKPSD
zKU<St(+4xTdy)HM*SODC=kLOG;QL%NzF3`K(Ffxj&ZqRj<PGOG_K<E=B=>q{eklxn
z$3$Z(X^=nl&vP`m7)C{wqr$~FI`SMHE{IVgE$3pk<t*m5-2GZGjbcZOmoHuo_4K>A
zhtOQ-7xSCI!e=UmsnN@Q-jKgMC}WhsUn;sE4xi-{48K(L)%ZAOe-776{sR?VLqmL3
zkxHUe?{p0N7sERFX3G0@lu2<(yj95G?R|8TG1VaI@U_7{Q%siQ?@i`VbuE(5!wZDW
z+~k6RUoGHF1slj2`650Xj@{y(2)QM`AMCT4?^X0{WeWZ!MzlY#7H=r*%J)p_{8TLz
zY(Ec~>-~oGRXAyQNm*&Tx<b08I05VY0&vt-r~9V{fPDoCd<j<SKIpub1U>KsY`6Q?
zrWjV*ILoOVkiz+p--hoR=dV)D0b!@F6^PsEYnA3@3)|`IM#W@G)9LGO#n5?5(^n7W
zaQc#;HCo5w`r$Vq`0HcsEAaLQekLisFNjUHG5T@9@#m7#{JEsf6l5XhSHE_LXSuzi
z?LZ-HtQWqD-*g!?8&<`8o}T=?T|hFNv6C)zQ}81zpM#KvY<&=~?yRc~equV{Dj7bo
zizZK?3~t{8ayM<VD}I#^A-56m@H@mr$TU!RSoE8teQ*7GDLLT(=p!s^!Z5>+{&k`j
zg2h*U6RG`jtc9|A?Sb6wOAa=fr|;&Q%=tr2=IMJQL;u4dZYVw|w{xtr+;*g4>D<JR
z-dJwrcVfjh@{6Y$`JD&)W>u}jk493R&MQ%1bm(dLL1To@ef@y{qkYcM<o%d@{7Js|
zD}?F)_5=Qp7M`s7e21#<ev0q?3}JfS_gmYKG|jaX{mGxV(SCS47Ge6w$$#C5irtAH
z1^;_haxoI;Fut%}`tJssi6f%!=qQug5j|=J7)W#;jLy6k1bz}1M)v01h3I*S^@^*(
zy%vNlZ>f9m*mKU^NV)+(u|6Bbau9s>S)7Y$VGRlVj(qk@r2Ouva+i`fl%B#g90TPI
zh3s3fPp|TFc=*3e)aM6Gjf2w$)?^1lsLMEV1ANEoEEH=&cHWVfqxb;1-*<~&6%5F{
zisED7uX#%16^}*5ds(HQCF(&ZN9AF{dtkP`nv=h*LUj?Z@62ScNBo1MO`Wy`WBqaZ
zLk!EwFyGI~Pj}>xDc9P*A>?9WMtRS-MmZCZrSJLXkB0#!IufSuJs^t%tQaOggZB#N
zXqQobJ>!rGanSsFM*iK2_z`jy`U(o0zW0diYkjcR-77MwMVM9BpfauBrQ2ji>IGqc
zM9xZJ_3X^FmrAW6roWGOq+;&Obc$l`%v8A7&P?Azmo8AP->2(}6*pm#BC$(FEu<zV
zqcv88o_;_vc@SEl7jgS@8145Vj-SKGeuIvjKh_u?JmsIos8NtT!?uQtm0P1xIi1!>
zwnCRVC}aBKmgE^|nI6PDC)THK#bU4y@w)Z!cmxxI*M2{`&#&<Pp0}Z(t5g!zPk)+e
z%~qhTT(IKiL}lh9WOKn(GYy6cU&K)hd7YE1Q}>~u<%pLGTB8M}SWqtr7LZ~Ag$Lk3
zL2w%dcY&}1^VdM&uT>|SsB>C%_BRmhVk{ubnz&%8M$c((WGdIl1xqz@L90M=6EtBr
zH0qpGAp?p(|78c%`;KB9P|}nZ<bqckSQe!BVVly$%1!x+%5<A@Tj;QsI&5Hc@E$Dd
z;2&ptjudBgupos{2N|+1Xou__Fz+yxK!>w)lYI6ku%wI058k|mR&qfZvd3Y_x}Xl(
zUW}B{Dzrg_)@L`I6vx`C@ta)}CdWa(dY2#9hqGm~OqzQlD-jc(jPYy*a!=G^XjhKF
z{7%U2g8adn(HIFX*1AGQC$c1uz@*UuYj(~yUd#f-?VK@FWy@Tko3R5GV`s8+#$hg|
z-po?PU|xDN@|&6~6r-;8H#J?%{-$OO)8Eu|G50q$S3qC!kn-Pch~?u1(-&x>&aJBC
zw^Lngc!Qsj-)^-aRiPIJODu;adT5Ec#uDq)5*uQAJXYnpwO;OGTI=%_(^|_<b+$ib
zHRLbJZsKY<r%jZxSV@`ur&#QER8CHQo!b}F@ASdU&T({|=go6U?cAZ5or>n(T`~4)
z`SzzQJi-O8$Q_2Hzk^5@lbsdzi5o!ZJ<7`oxpQv6<P%dcv7suRyA)G9A-)`O@f`Mo
z+G|L_bATDoff;+rx2rK@;o-7d+=aMZe8!z<nu;UTcBILQxr@)Hin)tVH|5YR&TI}%
zyOl$R@2>sw&q9NZmK*6}yoIClUt{#TSlg10{KI{)=4F}8W*E>eU(<+o=$G7;%NPpn
z>@@SwTEy)f_<;6mXd+I9%z+k^<;*%47GyiyInc$*bKtL4rZWe6$p>#lzDKa09p0RO
z5T;HXZ|X>E<wiDTUqtV8vC^vGf~8f#1xxFk3zk*|7c8v`zk>n`piFMP_SF8EdRHJW
z>s&9i=mFtR2}a23x{d@^S6TGhdz?jY4v5mCw;Y6(?&V*B_z_w^uEe>H_Uy-y>|&+*
zxnQY&E?BCc3zq8Vf>wj%{%G+vP$@UAD63vC;<m*%QN_5kEv<SMgp%bIXO?oJr&%X4
zc{n5&9);xfjpQ!Gt>k4tCfR~9$*25?<YkcDP06E-<kgPk8-Gl)1!IzL{h{Ri#~6LR
zir1qqxf%7@WmsrjOct~*EJ-dX3)+%CoOVI8jO^ufTC?@Y{jL_n(JTwv-pK8OT+p7m
zF^-iNwEXKx`j^Vsl&bEK&+z9a#x5-{4Y}DFFSFrT{A!wlGK6->=g;>&Z;4`@I&wQr
zP2Y<DE+(T?iaA?3XOMGVQHpu6Z!ue;nBTd@%qu3(MnkP-L+#Q}I#=N_=>jS4QRXmi
z-I#xC#wL_da;1{a)NZE{7b{OAMdg$U=baV^!Cd?{hSqWvGX3O2{u9Js(&>}+oqkG9
z_6Uq-7n5Q3HM)oka&(Kw83U~k?SiGT=YplN=Yn?ZdHFN3fW4(^jYE@6KV?|{Tc~O=
z&Ir@LOJ!Ff&BbJI^>++57ZgYBbj<56sE*oY=v!ZELH$_JcU9SQ`e5a~6^vHeTde~@
zKZ)MKpk=0O(F3(h*%-w*wCwMUPg9JGf<2(_cwCk;IXVAS(>WfnOkzIFK$ivJ;6O-S
z4y&vtfxT7nMi9Lqru+U7u=7tI6Ev;CAp;LdrZ?e?C3q9PuW`ZoM!#k-`SU)-QG+lH
z_T{9_O`Sg2Z_wuo;grjL?+%3NqjAV{)p|JOc?r}3KLa8^Gb|@XO*4-VjI<3<9A4H$
zh`ed|OwTwTK&yAo!@k!(CG`G@|G~dQ{ABiPuv0Mg5s)+a!3GYtU~C(FwC{|MUIc$I
z<;h<HEgBcP=EK0-A41zc3cTRTArLxfN#KQhf;@aKD*4mM4{CM*aypQgiHr<!2(!jg
zCqyW2PJiV42kScl10>9T9C*tHB61<_o%}}v3I&g0HVk(Mdlq($_N#!bhqL&2k{`$7
zmodYiA@Pq0i8XjEG#x#18A9T~gdaA15_t0v5<^hRe@W~I{_B`0k32CVCi;INVjApo
zN9bLLkhm6F|91q<aSWbk1p`Bv;ulczUkJ&YVF*5)iqh*0lDdhl8BC$I<)dV){x73Z
z1S+6*AHitr!B)Xk{083~WIhKW_&uMI;qPcH3fd8T)4PrvmGwq#5PIA;+rM>NB(zhM
zTV;p!@Q~~&FjpWFO!A{f{NIl8J^lYLaW7c3e%9M?b)McLJaYtp-WNCvAMNM7)O;Ax
z3y#K|5qzJD%;=3~kIs5)5E4K2-MHzs(Gy6yi>Vd98>gJb>!Dpvx)=R^EXq9ZE#FJd
z$oau@j{~^|REYkc{4gz+3+B@nyYpj%$6=~{5W5y3Z1n^FkA8&@9)*TH>kM{#6b(^8
zu`>~(BwBm-F~~ad+oTumjoAA<-9G|npf`Z{D}sNSAAMmHR^kNoJ=0*5G4lL*7lZvx
zX1OVkTe_Z2tY+fPh5Qz%jm26K564$#xaPW8upr^(_X4=RO6H+fIIEc1sShTM#{oP@
z895t=TTjd^?t_uB?Kr5jc0j@lUunuP-t>XdTQc2Mm$@66CMt$)hZjCPRQNVmj7viJ
zh{?OXVstjb9)s<w7<V_}qfJs?VIa!;b)Ce!7=O~lyBYsoU7mVeuldr<_iR(<+`icU
z1y2;YO&LYu=S-mwDuxx+3)dR#Nmr5Q4fdLw_XUIf&E<R1VE<H%t4#Qk!O|ZZLvg7N
zUp5t6%?i9~;%gay&G2rmyjbzP@O6{!4MO^xCf>pLpG|xL;~!=6MTkFF^R+YISGmj=
z`0rwgEZjU=>o3YEmjAj^un!cIR{O?ak7$<=!yKHE7FfXo7n^tw<A-L9Oy%VQA9kDc
zbxc3Z#M=iWzQn}mFn+j+FK7G+BcuL(V<a)$kp>&4m>A<IlV=U{9Btygj2~m-g&~L^
zZ{l5yA8X>>j4#b3S@+e9AD59HvPfmqw+?L&xk5oYiQx%Gz*=TH(Zs!>h%Yno4#rP1
z@db?k#Kc!Heo7`qAF7A(yq|9KK&%77X2{<H>9@EeZjX-4m3=T7nil}Pz-63Y%$(K-
zBcqpp2=b@t#LrtV{>_Q}FZyB^ROYYii(Q`2&jvO_^Rfl~qx0#>eX!)n91#8c4pVc&
z^V843OoiE)tl39+!4ED@`EOun=mqJNM>i*(*Z^$RQR0BbM|eS$N)YsuSL2kV_ys<~
z+Sd8V3HEP5)x3j`0)9sC3}F5pOmE0+P09WZBpQWCdqI%c41y}jR{I8G-F{S&o)1O+
z^+841!br)q7cxb;0u$2yA`+F7((cb8TV9Caevw3#5FP$fvK54w;y+EIT8J)xDA|fa
z%<?xuwW6Bp10Z@%UH8I$Ks1ur-ftyat+4Ive@Fp!LM-qnF$IU9&~1@Fk0}kQZsa-G
z3#l)&M~q;x4^sCcJ=_e`atnV?%i+-w{-rPFzjR_Ev<TACq(aWCco|S4T~7gg5S$Pb
zR2&90nabg;%6pP1KfLUP_^9{`lESeGCb6qYBq5zHy8u}IX-H3HD*uJFESVa1hW>tQ
zaxCHtKQJxMZpA-;)m7*ljenR-jv~1SBd~ikZOB~x>flm&nXu>8c3|kYYg9m|ke+uQ
z+}qs22OQ$vUA+KMxN_ansvhNe28AU3xyi%5itjgUPWn4C6*3AR8YTX!GFGC9+~NBk
z;r+h)PDII-I>37-MRiU^I0+%OH#*`o6@;!wxSG%*`yS%GRL_3+1OlE&K*|B$%SBpA
zgdDZ-VDHaq*85|G4-uN5KmiN2eAo#VcsAS{So%YJd<*((g!Ee=vd}(*kbWIRD<aJ#
zo(HiWA|nx6n7{Q4AlOb_u0q*{O97$cQr)UoHG%s*fI%8(nf=aD6MYQO3(v;~?JT|M
zYp;@R5}uAEYAfI}um1wHN6=i)+Jso|c}?BREF9~NF_CfJWD^<hburSu1O^RSr3-uB
zDL^;_T!Gm$k{RGRAe;eq-Y^6%quw{8K4C_^Z$^E{Ztt6+pFEg4B&)Uu6mEcz6g#>f
zrZZvtLqib77&r(l5gCF*5KBmGF=9!^yhWI=s7HYREush4J?gOwllAXs&?)y3vrlfs
zCX&;PGb`z6YMsdxGo!TWM5P1Fj6$8ZD(;4$bkzR_uvhMf0pFgS$8!ANN6>UYdJf`|
z|1^n#LL~8iY&*&xCuR3b>%7-L!ZRGN_#oNu#7Bb0NF}RYCGZ=3^cmOZKw?L-0-H6j
za_@ylc*$%V<LLjj_{UJix+T1b3r~9h_F@xa6?;m?{E3MBa}%&!RUPA={~{8Sh4e2G
zPgfqi?_w`monfsC{wr{clht_=jsCTmRg%@UB-;IXDH1IthI`Q<%Krv>FG|*~hmq?)
zNRf3Z*2nWFb%3ZB!uP*sN`nxAe<89Y8ymI+SLi=UqDhPx`CpP~uAs2A|10Kc5p4_p
z>m*u5!AAcrvbEM2oz4-WpXlU&`8%lICT!T5v%3A7K0rBB;D6&^g4!mBw4Dsi6RRk4
zY`x&G5g%vbCow)g{~PkZMV|3365k4OzjDB%#QRHpCgZuEGrno%N+?~!zHkd7N%<g^
zWQ%&y9X9nzrj`;+>VWy!pQJkqZ`d?%;89d!L?t$aUXteU1|7&^=I5C8=O3FXZ+(i!
zpTFutj`7b%<-GYLSn`&r-{uJ6L}Z#jn|byIxhJ6xLOW3_?i+FK1Yei<(+Y3b455`E
zdGc3yQi~Y;qDF$H-f1W#g*oSNeC`+=h0pDR6Yy=>Zzv0^<_+C|dd^C)Oq(zrasK(M
z&WlvfS#8ww1{8HAg6KJ`lX;#4`CCHNbJiAA>I;zT2%Q9IcIG0;s6^%rLRf`1p52eo
zaFBxuJp|Lu9#3c!kQ*XM1-Fz6E&#a;q2nNH$L!_cx((#b2({m8J$MgrF#_sZag;ZH
z@XDQ&0|%wOVfBAEW(OW#>(7M|@NY+0Ap{2$V38xdh;@ukg}{+jG{v;avsG?8>cT&N
z6-%gI=*`G+dHy|EpF$|CR6cLiEvN$SQYAhz1)he=^Uq&(D#{7jTn$aM%%73%b%gc0
z7lVHYyJ-@Q^c|q;1H2{~2RIV&#vo)lxSA^2nT`Ot1fg!>k;iyVH6nCn&k1$in9xQS
zE@BxgZ#toRi8n@i>d9a|38DUTq|8(${Rt?nBX|z(XL<nU-wVL70s(i%aO)9~)g&rG
z{1TBhBq9)xBJv1A1G6`d0>U-$IRx$~A%ANtzZ78-{w8GWCxLx`o4y6GNvVyICA|~y
zUWj-TA-xrd&k$KhViOP*Fm@WDfjJr%0BHu*h@eFtW<{1FOv2yfsP;8&0uIgNQ5M@C
zrt%8!YJw;8ByA=W@DMM5IC5TZ>A)L(9eY6)&o|^x+Y*hr7EEKhk=D#f*q`gIUyI)C
zSNsTT$7c`{9#|WW)rFfLQ%HMY@opYUimP|?7!w=kHBUCN@%WW3#+tc+w{nT_#$APu
z5ESbPbL}sdvKLF)i;`V3)k-FBHtfZ<_IvCcjn~gx7F=s(x~E|LHRBp)hU?upwr^-w
z+KR=f);xdU=755&@R5?$EK#u^;t^M~M7HfN7#Nk{Iz8Fsl}$rvoZZl@%({h0(2onv
z@|;-7xO&RQ$*6b^<yHHw_aG&B5Fe?d0X&&3cA*Ua?)5RV))kqE!<{3J!n#zMU|;cv
zfGgP~DFw4uHZ_s0(dX_W*_@-k?fzu4^%r7zbi@Jsc*#LYD%9ckPa<Wo5EJ~7WE)a-
z4pOH0gU5gvD#UdEI;IS3x)dp0{^mjqC$UlXArQk^p+b<|1@RG#R|o#5WExpr0X1j&
zCy^MH;nXq5KlHr{ED-4}QL~->PL@AfQWoIy8Hh1LEb@=S=}2;YVe9rUXG%x)HOO;J
zbj0DPz}QR`L@)PWXUe4LC8V6;w^7<;sm*GCB~zwI1+If<2V!cLXWKXVGe~SuH5dZc
z`0tXKmYxp*_xd9!V7e6A;{{s)ORxosHR&AnMbmNz7;KMt>MUezOg(!6;?bUa?&qbR
z%UpptiDSIfS`m`=cK}!FdC|P!)si7eNnXHw!5;Vs&2}g>+o8%|17gUtOW`c^ImGMe
z9MyBiZD>r63)uGl!b+$*zGYK@xZSwleqM4yx*PGdzvm#NOq7&@7qABeY?OfIR<dzf
zaS@LKY7uYDqS}5UOV&&{Ts_&Q{h@lgCB<xef-AW-BFTLiV?%nu0f^?9(p>d5Z829D
z8*0Qqf7MM$Y}o|Eu#{vYr75L3@T!_=BfC`5-R7UaYA7<cPNZt71}f1BdOSiK6E@Mp
z{OibD7bJl7W4u34B^M#=hk(vMUK!z1!!~pU(y|K9P5ayV*iH@j4N4FECRRSAt^<$g
z_JU9bi#NzlVweofWby|b3Z}(ze^e)vmsyPd4Vj6_#Q5SBoKvE4jhwUM`wMhN?tgWE
z5$!<+)3LIQ=jc}_l2u0`9&vM*m<1aI!)0UqGtfc#V=PE7+Lugoz!YZk%s@ZgFiAsI
zR@{|F^QM?IPp!e)^3PwDm%VSInL<xT^-n@b9*hk%W#0(mT7;@IG+zfZ;cr7!KDn=#
z5iK7BM-M`3m2w>qj!<kJ!r@v9Dz!+HRy#>M25DO7aI_5P>3gu9tQ6C}pr+L)2jIc$
zwJ>eon6`?hO&Zgt%!HjXTQ~fpX~PR?v84DaOOV%>4^~KGUgBs(Q^w{6#zXdX{Qm2;
zh%@-t^WzSFh>5Gy8NvxJ9GP42Q4BZEp?QZ(j;Bj};kj&uNwVes3sHV}i4*Y=vK69<
zDXQ`<f=Q~;!-_O&EDap89TS;6*@goYHecE?{Gtj)j+7!dVUlPn`qjRXMbfC`Tnl@3
zPvOCi-zYMtePWz4YR^A^)!i6Q>7y1d@fsWd0^of#-X9PuF7JmKoJdCk0|BApWT-QN
z#UBmo00f+7G^eTE-5_o!aPU~KMS9C0LA@l%IIpFWiY1bs_dSs8)~W()9__D0CA7^$
zlK@@iD11tPh?Z+AtvXawVZi8I#qR=6HyOE7OT81kfrA1sx<(WKio{(@BE9Gy#ZLyl
zO!32|C>AK2f#_L>=Oz_=xCr*C(}}`}yY2PwDC71J<~1Az%lL`pL)x*~#{BbF9Tvj4
zhaS9-muRA$hQbE@5YmhHJ=#kQCbT2SEf8|MK}L%FnQ)3uySYWcqyuHb4#kp3cr_Wa
z9fwTEAT)jiDLl4G9^hs2wDh?^Pe*9_K=ok{fr;q$!~PAbI=hsYpbp+jWaqFOg2U>Z
z47<0HNcU(kne^}Xn}uGguX}_gi^rptW;iA`25(wD7#?E;d*UN09!ylEQ1M`*x}uzM
zhzAoj;JfyaOFWpUNm7gl6E!uF&3G_TbMBXD5#zx`{e>_dOf)FTVvPqA4Hm+9Fwu~z
z*+?-SOf*yo<H1D3njVKV<H1D3hLhMRBOc6yh!%p3crc8s2NR8~=3;9+n8@{D@TJH9
zK+TK?6S*Et<a#jC`od;Bn5d(A31k}&CK{Web7VZ2Xi~&=-gq$4WT}nuV4^8f0pr0$
zQ?vg>p~i!WHmK?k0mg%grlm(ffbn3W=~8Hq7wW+^x1$L@=gC*4)9TuWU=PyxNUCc)
z5OM3;o`X22aO3VUB`NMs^4Yz}MRzCpT;>pRiMx|rD<v9tC;7Zov)~oTP)##=0rLf8
z@S%Qj-0P`Wg%pOYdObHFUZmGkb2alAmpWB;wbhemQ>iCi+Zc_*!+Uf#dPdRsmQPr&
zct+8L^fbhcXB1786nIALSpg*kRI!4ch6WWCU@!WYb*IDK^P}WZh<~C(h|hNT=dU7K
zf4q|vSROvB;-8<aXgC85cVT4y3ISzpjE_e3IjBL{Wc&@rJ&)&;9F#{_flCHu1#k|^
zBUl~%o4<MJHJQPe=G<JA0osLFWR}Co3{d>zau}IzP@_Y15%_{b@R89?#-|W%HyKQX
zmuEH^L!o+UlfjhICWAz2lkpl<ENwDK3{UDNgUXdQ86--Z49;1lO$Le5CgXhwC~Y!G
zY*Z^l^esdSL9Gl?#><<GQBbqA$>83vw8>!2N}CL(lr|Y8N}CL_l{OjdddDPnlhFau
zrA@{^kW$)Yur{Sl1}jk7WS|?CHyN8kKxvb)J5oxU3>MmhwKOst#mEe{x*T{?6pq;&
z(UzbZpOu)yy<v#tyAZ(>`>}|p3AEPec%A_w*aROL8PBN-7MA2zHI;2Moh$enMP_6m
zr=Pu;$sEY(=Q12)B#!aYYtz)r4CM6l)ig%It0O~-30}Z_GMXdZusjBUK~%$rg@;3J
z9J>8}ix{fKM?Xawx>P<gLpRMPjLasuKQ}e(Yj#t^6CW?Bn;P!HOPd;|VCb@w1(Xm_
zDRDJuXi)*&6A^E}7VBuTr<HhS4dU&Y@Di4BKYW}_l%btHe^D!lM4?N{*a&wjGRaJl
zW%xTXC6#Re(dZ5MGX&(u7H)<B(>V370jY@YC%_Lh2|nr{1e#5+B`W3`cm;sUfxh@*
ze=Fr4^!8&Fo}VfFTj!LEk(Yn|s`ub6Rpl`YOj&1~Hg6hgSlbQnEZht*Phg%!2&dzt
z7vW73<M6Q#;qN5)w)po5|0dBNA5}PX;jvbMqN?WrY1j=PKGxa6EN^QqDzuT(^i?0w
z`ycWzF!hIkHUzKg0OZ|Cvjp2gWc|m~?o7aAz_1=dxC}%WBGXA61!4grdmt2;q57vl
zw4RG?Jr^ROVP}*i^*ju`hcYwkc@iSaNU)wO5jmd(>$w_{D@m}PYY@2|p+HgbdJd&0
zdZMkTjet%5{Fb01tBGv870@E<&-EvH6-9*~0eqvv9bQF0h1nq<1Uw90R>hf)h!>T2
zsyF<n3bXe?YLH%rLszZ<q2I)g98$L&R)H|gk@iM%*BRmHY}7O8J;A{G%>jlqdt$LS
za44w+j?M;-F|l#pz{w^y-W%9uViUZ9vl+|DQ?S9(!E;N-c6h;%0&#CWJyIhPLTs@l
zwpbEd6tPA`t%!iZ!OsQi{c7Zs1!^Ox%mwP!S$!X*MP`W#)<df9c6Focn>o+!gw0HX
zG)@)1nIL>KHzdX*^Kyh_KYU=A@r)zIvF-P?E=N3lD$y{X3A@x=_SpQ?af>2YMaOxn
z<2km)k>`^i=$lUBF>ui3H*JdK%;zk_temQK#dg5sI!8D`@Dc~%BkSWyQ<$$MkTVsp
z<S38E6!QPTiA-W~;v^*9ijZU-lE1)5l^5-de+i<6ccs9B?JmQB@y}lsev6cm<XM}-
z!8<~@V0zA*PUJIC9}#)>`@q|bCDf)d5h8@A;&Il_<e3Dj1EKmZ?TIS@?gUd5(Hs38
z@pSw3b|5e#9t>c=5cu2kF+t$(jDOn){(St~&a1g!bDtr+2O>X>ycycwJW)MNjeIRq
z?B5}?aU;=K<3|rcl3W*p$&H*mZToBAh;@T_L-?k{q{1rLe87dsn@*pM&&+xF2nPb3
zNw9*mb~v`c9b;CO)EpmM`7MQ>0>>G)xbjIG^T}i7$yfmVmL{_91$*s*5Im!-!3#F>
zx<>MEY2;e)SNU_Jl?PvliLfvp<>N*82h?1HN@d_(Wj;gkYjT?bI|0&<Mkv0ij9!f#
zrY9<`p{*VLRo+TWC$#p$S~Re9>66sj+(6sEEw%`8oG8zVb&IAufXY4CIX|r25}b9W
zIqK8a6E}u#SOS)G^49cO;Az}<I-W}2mL$K|)Xfv)+tWOmi@fHoC~7mm<r0uB8-rMl
zNb4GWFtmxCy?)Oi0S_$R1(ZAiaSjVFxueFS<h6)x4=9~HU1J5i->BRNNTNZuwfTz>
zZ<Ym~rv-sX&))^GMHbvHf*(Q7|M|n~{|998Qwdhc+M7pu{KH8jtXqXANmWd~1#NO2
zLe<`f?BmHJ-&aBX7NNaj;gbEmj9e+0gf+4qp|G&qtEiyO@BnIA^$wq!ReK8x#vdK0
z!oJ6N)pdJ;3RkXPR>2v$m|{t1A^#}|S(a~e2G2sRVr3^X`a1%@5e(NN__!GB^&s*v
zi7pUp5qXxxWDxHm@>hfuv#0j}@-I;TM8FXz<sYP)`8Hyo+4wd6q@Z*K8VErOYCxop
z1PdC5$Pf}NXhTFg5u}Vch-`y^eto^l=iZ-xM`I{RT^psYdxL9tgdBCTyuOVTOdhYX
zau^m#QRhT3FGUb_&PC*G5>)3ZM6Mt~b?!mrE`$uLY^2|BYic7|mEJFNu9f~IviycJ
zXw}ycd4&X}e}Kq)Bq%*#Rs^YR4I<S7@Eq(}Tgsa-czf|_N?rzhFgV%~{G&i@j7S$k
zicFa^fvApuvAJyoO!7A<GXjPa3v3T;4ua^2A5!!1<rqfC!w@-?1a&+Uk<$^31qRZ-
zpIhmFN3s6kY7uuicrIloR{0i0ZbBHuDvOx=LEVdxVjd$)duGdLrce9dA!SU(t5(0K
z!Tmb~5%>lod^bRB_$eZvkf45<9E373yBM+=R3ie6wV`Ut!JP$jg8tF01QsQ%L+SRx
z>Gq)soYPNE_&fU@34gxd;T1R6JYPXTu|t(3;SF)`2(ghOK5FFJ63L@R6XT;s6XT;s
z#%knI<4B4a`WSQ#vgVo*vS&-#vvSc$SSy9qI}u})lk$c2JU+liJ9j@2`a(Rnw11y(
zg%h;DKx%ktk-JWNo6v00v+5(6MK5P3SB|1ePOgg($-`mvjzOs62PBv&zMymLoq$5l
zv6SwGoMRb_Le8;FOoyCf87p|z>6A{dJbF)?>6Ot}5qy!KHq$G?3N(v<H&gzPA6{{@
z$Kd=W5;MU%QCs9}#QEp1;)XbL#A#Wtp0TND`SA!D?!5*x$8Ml@La3>I9?zKklso}k
z27q75P=|ThFC@u#F~|!M>gQ<@?Ev|A1=MW7MC?~&xu$R?_8MoRtm|yowUKJ!hf>Ax
zTV#q30@L*nc`ZV;7l^wM`4tI15d1YFkCWIA#2*oP1EJ{%5MJ{|Dw=j13<N#bABT=h
z2g>QKE%z(mV=TEf&C4Bnp{i{P;{DvG<4Ig=quG<_t@2<yxe(Xd41#NIjPw_WzO`U_
z!bhkBd*IAQw59aGry-L)kjDY`@3pN%FToxd{8$gv=T&->tb#o-!1B%>n6*7HXM12}
ztOw?$2ZqwM{_7rCl}@k+Mh$tX*pKzV<o|sSEW8Jq+5>yk<crk+{;EI0PSxy4i2^&)
zztN2UL`bnywllFmR>LNQ6g%Y@@@xod8bYzg>6E(w*a@Nb9W7#j7Qr4^*QW>85BS_n
zoa`dJBoyH|zQXq-cXo@!<=!!psjXpz=6H-^8`C_p)y~qyb96kEFztPD6B4Ao-_-U#
zWgEDDW-f_%8t9KRKDC)Duxa6ez1_RSb~WlutM{GYy|Q3j{ScIt+zTHeZ#T}eTdQ^y
z#}4-~6v&7IU#SAWhXNHwfh-jWjRJkHE}8>LodR?AYN1{QHYd>)N21ge53aIpjA9}@
z6(0=Z65@jT`G{BXh^cTEVoA9$n12sZxdTyE$EYXQ1q<n|5lyFfTd+FAN}0=o)p^Fv
zUBT*F#@pqpV08=Q!|?<W|B`Z3u=Y$?UM>pOrM3m?$vwe(iJNPJ4H7rE1RERhwL|b^
zc}cKI_N?ZPU~|Pqz|9rG7E#dL5Ns8t%mu;L8l%WL$lKaa6p`zJZNg)22li{)9V$#=
zx8P>En#zS_ji~I9wvQR*J;AZkgb}X>j?X_pE-D|rg{1K<q!X7DtjdJTwQ&>I6Gdw;
zu)rDs$y6rX*#bQT>NDXS1=6WBHVu@P{siMM!<ffS82iXm&9;-~;2d#Mnv1?-|7y48
ziosqP@)>B5shp0aD7`U0b;p?G+<?<}uC`-zWc1hk{wl67c$(@*0~tFBqw;u!beA%A
zkkOaDkavG%G}^ia(}46^x|!7IU`L}fp;4dis)v_Tz^U_Njjq>b(-i&*^$$*L+E*CN
z-S@``o!rEUQu}#0lh7HmuMDq2Jj@pPFg`qt@v7p%j1PpLgl`t*L>o>e-e}@O7;lky
z?UZn{AhQ8%oHzyO=0To&FfZ{kh*^e+5_4g**+Jz4NJuA^B4vvpe+P&{Vrvjv8lo}L
zgyOaes;)&!d!ib|)`l3K*c`+*hUoC>?m?z-+aUZc7?UhI<lqj*HL_8XTLDPT1xr^{
z$A|WQCo)I%l`PQnw<Xb#XF}S)4O~%UEvK=9{|SkvN;X`h|1^o_Cf?w0$G4w>Xc1z#
zKZXKYGc2XUzmO?yX+GA$-B>!*IyEL=MLgo=QM4Xk$EZ)+>sowxk~LFFqqKDVj&hDS
zFd4+5!%bxRCk>oflA{qz$;6V#uS8sCmPAz@<7R3}6hxPF*32zb(#$Q1>O2WExg@G<
zNtoFsQQblU7m+7Zyi6~NTHZ{N`6W@8VpYrpgYWnvVP=>_gAitlNi;TW2re_nB${NC
zZYG&Ta|MN&StijU%9?2=VXSE8nM7-i(TNjHqP3ssBr{E-O^wZq$ccVUJi~^u$&jbE
zi6Lz~|CjsiIed?tw*bX8dP)A`eg3a#AU{2TP}5$BC(li>u}-H(RLg7rnj96mEfL>Z
zhiMf!_~)-W6N9wsPJHv<aNat(17rDSgsOw9bKW78^Af0M5enV-V&gfG_b(8iBUI$j
zO)B%ZB3C^g&ebARoQ;wy>j;eiIf&3dP^G+7Z%2@uAruySRRUZD;(Uabqu`SGh5Fr5
z9A92&Jpcze!qLWir+#(r7mygPTysLdjxWsG&ZqJR0nG50W$#k2|Mr?7z`CUw-fHN|
z;Htq<sAW5=eht{u@<F>wC-Nc|8PNn02iX9oNT<Zq{tWVPKCNv-s?1*7p-|3Vr?4~X
z-vEG#_MkPh4*>sAn4~Sw=>NmqdqB%oR{!6p&CHpZJ9Fpun&hVU5YmAJ5^9hd2q6Rz
zLTI5SA%q%3C{hFhp(9tNiGWB`ibx646j8te3L+g5L6j;W^8bAIdCuGk=<omj*1O)d
z-m})8*?T|x>3u)V^A7;;AFC^k{j<Oa7{B751m0u(cF)wR*<=ZdvnPng`QtDT2HFvy
z!XDs$RCgaHd$|ZINA>x=;)VrUt|1SL-YrxzPW*-Nxn4TKc?_~HIEG*EF(Ri3{g?<P
z^QJ>xgnm*Jp;bgEvJRrCejx0$^pNJv)Mp-hb5$aH30eF%xXWC)Q2N^E_lg@V^y0=3
zK-Q7J_W;3uY-$tZIf!R~>}3QewH$n(5ENd-*uN9@`<TBA_%|uY^&o<4AqImC1ah(v
zuY)rQY63u6ILQUY`XIMUq8w)~BB<ft5ZLESK~)$CYG^^-3Rh+U1U0mv?hCOOU_nhS
z2bbe><}55)P>;i0tHu`8Z-AU8LP5O_<XRvn3l`KLL){4w)Frh+t#^w8YTLt*$%rAE
zj3fw?5g`?ugEUu^7o-ASC^v6GL7x=Que;oQ3;)t@%U!;>I*_V`*Bgvx<z~+1x2EQr
z|JoY2m%mzNFk{EPPWe&-zK2|4<!ekIGws5kCVIaHiXTIy;=vyY5%bH};00yE{SPGG
z27)X^JzA&|P$#KU8=M}f{s4{J1<ps!FTHvjRaR<M1xhW2H&ki~X|O~}&h2^L3z;O5
zZeaY9=x;A|iPV(VBkVjzB7I>6KN*3zHDaf_bxWvj^)%LiBRr+!ARKTj{jmldVKU%o
zjoUsZ;Z}!x`<2TOX@6IxaBqLK2wG}o==DISkb1A{)5Lh2m5|*s==WzhaWu02eTe+h
zqmJ}O#m5U}J~i6%E5Bmm1aC}nPcc_andFTv9s%mb4`DGH7iuWd|0(dgXnZ`3WGz3g
z@u|ssWwq}U%<YH?l5IGNYZSosw^R2MUGHI7&5ZrO{&@8&K8eowBuOh`UM?!sd4pBD
z_WB@cxnr^U{9g8;dI7N++${4MWcWrvaKO>t;4w0r4>eaDoxvMCNkYpZmxy)L5^wMf
zan?Y60~oNsbAN!!TCxGlPtINVHrJcu+w#gTzEoONCXX=YZXkI&<;*LtoE-<Q&+pYx
zRiW!_k@@%W;=6!C*Ev?9djjfFaTL1F$rAby^6z31y3S3-X-DzV2oyHr&|c>*a&sD_
zt^?-KM7Km1fX@XQJ6r@dB4Dq$NEEn`gr00UF;Y)P6xh~D48pauv%bHF4%IYnQ)90K
z4~Tpazwtj=BmTuX&X#i5t4Ph1d!EFw$Uf{6BU$=WV)UbjRARI=Dag7JR9D#tOO|>q
zUE-V%wMLu+_n+XkSbqNi@_MmIv6ksdvB#hu0-E-vR{q-gQAG+kqpvMrk7wbf$h?X0
z>p-{$!lQ%vw}?|A>LE%%csxW8NVkY(5L<$54%A%*u^Y&)K+la3th*Oqa=u!ub9bn6
zDEJpS_IL$=&+qlIP>@ohu1x~ECUif5Oe>522KcGKz&nw<G>uBA)Grq_jtYN?!FQ3k
z8VDbPxCi8JV34Hho`It~*B%E*5jk_SbH+~*G$r;`dfrQ2d>--V0CVwekiP=v*uO#k
z1$e~=*NbC4_0L)h=a|Rr&_2Ic*-)?}e65O86GNLKFxUxr%Jl7!p+He$hNNtzoyu7L
zP0t(ZR?0WTFjOQ^r46zMS-P}A)*?%pHpn!;*@apumuz;SR?3By)Lsu!TT#+Fx!ynY
z*4GB(WTFk0lZiIiEIDnkHl3&+d~qP<*oJ93MnpV3TJ`F8#oRCUgX=GQy7MCIFM_+(
z&umSzp52D@jEar>;c`|}GW0D9e0Bo-a8|v7kIOo)5D$TsnP>;`e+)ZNA_s=49rp?v
zzct32OKO5iy&wUTGR&l!VpA4plZN#pNytAh-;F(MI7R6jnfy_BHK;98Tbr%yZbMpZ
z0pzsHxOu4hi2WeH3Zx~>Q>PRrjb=!Dv-V&%ko!!(^Bdz!y@Hf}9S-q(A9B9bTj@Cg
z=Z;BzsUIrCiy_ai_2qu-_W7c<Zs$!wfy$4<FDt5PQ$D)tm(H2w&ePG0PIY&;;_46N
znQCZusKWO+<j;U+R1>ke@@J@5fRZd9;+nfE!rHxkap8E3BdOCqL-<o5`Wr-ZGnoTK
zjBV(lJZ~US4k%KSK_&uTsRXssIqauM>Tsdw5ji{<nJtmt9Edt0b_JOOl*d9G0I~@1
zTF!CqyrfXIx&fg|Qz&0-r-&$RKxwpUm7!WSTD7WI6>7Fp(N;S)!ctOkWGSgQCh98A
z-DHs}&Sry2NUJ#7gG2niukoLLuQ12_!WM#L<QUH(yTYp~3YF7kr`t>17J{T26f`V|
zlHyBumF@`G9ovj5H8DHaMZL@U>Gv)nXb}atNyaCWKC6I?6vAENd<*I_aWuCaz8Rdm
zpne2IQVL8I=XX#~042F~S(^JPQb0l<gVKeV2jAi61El`}1Q$aTTZk19oCDDb(k|ju
zh|wU!MX)v9+X-X`pnM&~LXdrc`r9DrZ7SC}Z#6{p8fu%$FAZBma?>(1q>Z#DGNg&L
z7BX9HA+vogq+JA{+?z+coUz<{-R0gjHMzHZ9_neE%$ZWJW-^zvN*&r{E?%h2h%)aI
z%o|*o+ZAR$zgJvkM!k?##P4_@qU&!H<1&bgfc(c0spUYYjQwo>Rd~Ke^glx47Qol&
z|7nmXMQHRNv?2o(WTn^xrwOV-T;9KNfw6u$ozT@zmI60f3Mk<=SqhYnstQ)pgLJaA
zH;yZ{wirr@u+;h|9F=w5zmR_6?#u&{{ZDQuukC{%)l|rL1nTvZ&K0stNVf8)FrIPY
zBvSVIz2b%k$-G0SX~q+uF+ivWt2|7m+d*yv<g|@8bs%^SqVhJz{&rvoV!j{X&w@A&
z<YW=t;pSZfaupEELSA~H+o664kd$w_;7EV!Rovo$Qr->p8*<>;GYMT@AxS^VzI}eL
zrmq(Ie7i#b2+sZ#u%M>W!7uQ%$m;@0P+!3OdBB4D50JM-D5&*qq&X1Ff(5k)sy{$b
zQ`ao0*>4b}NJ0APml9Me3JX%yrXX#I^|3(X{)?rH9wXlN(6fQ?WH~cKtb-sIiKTRp
zc2(}33b{%w&48i<<?c0*R{*&OARcyJdp{w#*&o31HDbFL^Pd3z$8dfH@|XzjZS!6Q
zd0B*diuXYNA>uiRNR<fie+@ARqz8!QZeET0M5qmcx;6-ZLES+8%_mWQSDSyuby#j{
zK8832qm%V<l^9C?Xd7s$=#RD@L1llmH6j6x$Y^Ut0$P#L){F!TCwrrJu|7l%%2=gE
zMh!~Rn;bdK+dzh1OKsnSFO5}Sl72_NB>hgt`W>qg-Yf#C3U<OUB4-s$hpAP;TKP}E
z%KZP*nYa}!*MSrtBeHS$J?+@^GFL%dXE(}tnVZ3{&#HZoGUtKcP?1Q?YsLHtlD;h+
z#w9&a`63K#cIvvJJE4;cN*bQV5xOC{_?AocE^vK*@9!u<(NB=bbV*=m@@jh^x=gHb
zGCdUXAhDi+m2G_%)@hI@i}iq5gI|DkHRQL%vf;{xa_d3J`+>$+F@G;Daw&p#)jmJY
z>xP4%AF2B%q@M+XW{7`-d?KO<(ae~v5eNc^!5{-ge2m3OAmc?yp*$aC9?+y+5{G~s
z48-Fh`~~sG`kU`HXFg13=~v4CY_EQH(2v60Qd<W9H$7NL(X*15vy!LgIae)txoXMt
zeoQD;h;A8<k5-6AxI&~esOk5;|5k`{NlWJnQCwSyqMAY!)fA$rwh-AiMiruhLdY=Q
zu1#{Ic~geE@^c%ecF55yy+J0s@{@B(N4D7K_a3MCe1e1(pVLY1Q-F-h%0@D~3hLY9
zs9bENB)%8w$3Xc+j8g}LvBaK{%AxQAHO;?A;<rGc<?jzc-WPEpM4s7Q2n1(COa_?<
z)XRS5W;okGZ3WQ5_H&_C7BdS`CO6e?<N1G(zs<_c>Qz6}DM8A--;YRJfURBT?O&65
zGr6wu3&Tmb{W#f)lQsk{?UT;f&BKb?BN4GjVhMq*(;kUqL9%D?BS;PicqO+v;$B#h
zw&&~#;zin?BP@!vJx7Ldr0qGvDs0@f_92t>^uH6&%0NTN0Z;N*gQWp3#pZ$Q^LrmB
zNgEjm`5Buc?N7??3p8a|v&hM?nT3pGGV*o!CjhotAz#=J``Rwk`bVS|IESOT%I8x4
zK6pV3$$2XlegFhIH1RW#M?~lZ*)t%&6Y&YMuY<fQLbd!OkoQFV1)__#tOID1%kBNK
zI0kAIV8_;|_mkjJ@7ZkX0&%~hW=p>cnx$#zb^gDu`PNqiW0k1Z=>*kYCrG*-Pq&Y#
z{A`0vGLN6{%Fj(T<!9o8^xBB_$+)$CQA#KA$pj@ohP?Zv@hgZm&XH`=8>E{tT+wnj
z$;Ij1WxYM|&5MpYmIcLJ{3!Mdnt#T&Ny;niMA6CDiygP98u*3m77!ILvlo9wokxk{
z=Rw1-@#D2>62u&SI{16yD)3&hnGj~C=1J(#eoQu_ky=}am`1k`QW@-*k^2w0T$&>5
zeB7gkT%AH@H@Ru0eJh|&;Tx&o9SyY<=vd_W14|de3D(Z<e8ah;u&l)eE(ptqD;$#>
z(~$AH-gUI1;dKvCC`zSNXnQgF{9bK^=|?3f^(eTP<JSd1X%XjXWb_ckJz^-C8Z4Fm
z4EY+6lbZAE&KLg#vbmvdYgj>!vhX1S?*qYSaI)RhTp)NKq7|eWh-IVPfb4Lnp#V;H
zLtdRasS9@6Lpy*x68;oKCds1s<q2@Mf!ZpusIc7TECzbVuRYYw4;Gerh|C2nEC++^
zFG68i1+o%|Wuw2sLPL@I|2PCGi}K9NDCK+H&}uq(sDQH3v2mCv?UQUAmtY!R2}`E+
zR!|1!N&FycHH%n^%#sOYO~7j*6IFYrkHInPI*%Yg8h^dOfBNmS=NDVw|GXNc(&}bC
zi?ExttnmbufMg-)BbQJu&Sk$>a~3U4u+?iC=(oC=8Uh9JQ|aId!a_&(0=z)O^ShDw
z5fFR==XH=*fuf}9iWvVBD)FdP_z0X&{ghX()pC5Pqe^Ce=?c)NE@6g^B_5VAx@kcP
zlSN&bes7R4adI<cScqSSZ8t*}D?&YA7em%n{sNlZ3t2LLaxG-p@Z?s=dc%`TAuEO_
zcS1H8KGWBgkd1~XH$pZwe2kkr=XD`u*wii}xe&71gp&IpTMXaVu7hmlR$vBhb{k|{
zPSd!<(!DdGf+`mxA=Nt})4ed7g$vBou7<QLRgw*Asg9;U0-FFui*}tZgG4Rx2%I{X
z{*Ab;&+iqtWDECE&o9AS`e{@_=KQ8cJor#Kp3QTivS)Wijz?k)ka-c#jv(6u^^&Tn
z_u2<)ZvdydosUCddyUD^uE~}pn_c!Rw4wHH3bDPLLaaFsk{rTmII0)>j7#f<?%q=N
zkFCl6<M#S*^&;srQss#zNP7XULTuDmA^N+}_Em^KBWHVU{Y-;u#7d%dEKra^DjxJB
z6x4`6zzhDx&t*tl00i$tJPh(6P?S_%hNwIP^*ey1-_ZGJdYu1FjTnp8S4pz%2Bfmp
zi0fUFTvL-I0V<P<6x<W6qb<3;&r);Gs^3NdNQzFQQ}2njKhR|DQM4UNvq?skc-@y$
zM%-pK6`QmQeV_RJ9SC$I$|l1aVb!zpR0LwZa+W$^m!r@43_pC`fH?y5VF0^BD6}Ax
zMX&(t9RzX!kk@VMnW1owg*qA_^?&1nv!f`tuv=ESDJ5CmYL(<<f<MKAFEM?61z+1J
z0xfw@>94S!iMwA1EcjE#i**g;6@Udlv5vXct)|_Bu?7EL%zpw{@P7sJm<R>`Es!^X
zyewGoKZE)dAo!_k7W`;?g1Mmu^ClOqzF;m3TrfB6r!bWVU>mStZn%M1BO!+Z7R=Ov
z;3#~ZxCqM@%*`>M30N?91=&f2g1HQ236Pfs3+BmCs{uT^uQrvVSp;*81@i*Or(d_v
z?>(DtFgRBNO)3l*VE<gef;nb{f_W39*6#zYUyRvU7Jd%-uvl8X8Z%p?%GV)Z6iaid
zF}ujEY!4(*)KQXeI-jdZ$pXL*$5lA!Z-&S~WcvaBWQbWHGemIzy|+8aZXyOk90;<%
zh&G60K$eRrLtGAW8Iai);zp1gfb6ai{(|h@`kU_+Zmdn3@>)D^i!LGl!`CZr?OyWv
zy;@DQ;x@cXsc|n({ur<X8a`I6-$VXZEG5wJ&6GgzLB1oF5@`4iN}$R>@&&L28os*{
zXguT?AXWlZzx~P2k(c4CCCYY~Zv$AO913!f2qnr%ASa4YqMQe^MuZaON|0}fP@>!q
zaxajVyOuIfLj4N(LdtxxaBohc46;Ny!6jK=qTGX9mMDWdl>#r}+Vg-V%Ahe~{R{G+
zVkuDuZK_0R8$|O2SfUKtUWqaZa-3KyHG}3UQRYJK3|OM9N=uE7gbmTPJC-O*Fh3Nq
zL^&7aED=hS?}A({LW%MtklREkQ62_)K!g(I6_A&Jyxg@!c^~Rs;7f_Jwzj-P^GTF`
z`RN3GvE%pE_*1e(L{+I@yCRYqjAuZgxj?_+GVOuv7E8sVpWQFC3FK5D{t3ZK-3+!Q
zSOZpI!+#z2T+DX?{69i00$C{H*APd8EES;xNmqef0pw*n^LIEugt`@=_e%578m_W6
zvd0kAc8iN7^syz#KEHRj9HCSr+uozxd<aL@0T!3`F^bCzkk5&wxU_Gi-24RcL!hX*
zq+gIC1&4HQgWDFbrXlozfW>PNNRJ4`Ya+-7A{4JVAUgpTrTswm1^U)blcsnNBGY7%
zS>Q6JFEWGJ^J0-{8lcE5$NCb$BGWWlky!)z4Y3rNrfG`I^^o5MEHbH^L5if2Y0<G`
zi_A}vT?bfXo&tG7gd+1Y$e%<gGTu<MhY%K-28epVt4nh}iOeD*Q?|%#<s#EJu4&B^
zOqH^7n@ZUrtZUD_RlTxRy%~@jiKVJno+b<PA?J#v_?5R-{8m6N0g49^s_mRNRV0mH
zCC0Yji^xUDt_A$_A-)fCy@)d)?gqI_#43nifIKQ<1;jfbZv&ZYA-rM493p!Q1j}=E
zX<AyG+vDhPB9&jSJoeSCIs#-_n71r!z^xKsvCeO(Tpa^BLM+8PKSQzJ2679r6zlwU
ziuL}GUj;1I(CdF`tc(9nV|^;Js{xDkH$g5Hp;%uJ@;woX_1z$Mh)}G55Arl%vHlCl
zpMh$uQy-I@-k&%}7UzjyYERTFSezpp=zM}J9|9KV$Obws!>K@k#W|X;IFE-MBbMSE
zeMNEJ0dgC_;yfkI=@d!hoP8I}a{6#&7XudOQ$S7<p*Wupa-Imq`D&2wh)|p#0J$Hq
zIR6^tNuV0%v=m#M>!r*Zy$u0V$z%FB+U{ToZ5>7I(AH5BOzS8KrgfAA(>jW<M4PSg
zZlcXjc&wuc@#?kSJ4mQnBfLp&kdQaY4HEJuxj`aanBE`}+P;{o<3p;B4^7;ZhPG3v
z2FAGASq*xpT^}JgJMH=ix!Gw!w_tY5C9lINAmoBJnkKhTC`ife6SAJ%K4F%c&60OG
zO{gXe>(FB)H<tY*q9?_Tjk0nz`5N~Pt2dL`ykRE%vSv){E9sp6EmOUjX8nygsn&fx
z&2N2NxsrmKS=yxXlzkjL>~}Kg%|IZ;HpSS{bT6A+5h(6MGO<;y1|4?E=1Wh)vDsVW
z!#Ls(%t`Ebu1wwquFvm%lL{Rl?zPD7d&5~J2I3>U0iuVDKsN+5q4OFM%l`gQ3xMX1
z03&HF__)-RpV3+A=<_<@a267$1Nl)9H-KCVv`8w_>dQ}|?gOHoAzlXgqlg6%;Yjiu
zqIGZQ^m#bXHXZ4eytco&z$>opIVYiX`6(W=+lI}9UdKj`|Fq*B&8CLazU*4prCfE$
zxL>K9exXCStAVg|6X~w5li_jmO2506hPh<Z)BczimU=z*e}p$mN!9;{63EwY0zP1_
z=hsb`307RX)T_jjD=y}AnB`AyF{IPbdKV+40=ISo*=IA<S6zYIv!=kEys&!oE;(<M
z9BcBEySILW&q0G-;FQ@7_q=SJ(`}7@m_5fuJR>%r-^&fIe%K(fiKO)gK>mCuv<1vU
zvNH;72L3B#11B<7u#ic0p{j6lO~{@jWc}T;yOOdlnMcn8{lYa7$+<jxb6{$_%uDkm
zlq`u94-}rPi?}<C*T25FPFrxUs?0`gK<sXfbNAVn?KY~y0~j?fvNL@`3F=e)2%6<v
z#>+m(UyqL7l%57FCujO5`O055*VMNN_1u}h%RuAC<lM~^@bpZd@bpZd@E&)jPxuHg
z`yzjKjOE~Ft(m$reV4=a+?hV%>6t#^>6yO6!P7H+O33s~pPWh0^eKSpnZ6_-y7a%h
zDG5k&rq2T6&h!aS&-7gnKF!OD)uMAY(a?Sy;apZlvh+GwOE=ezW=ezq3f?5HR$?sa
zD7^oI+4?N4{9wC1EFZq%j^_>39rXT?mV9{LEkm$GEp3uJv#}h>S@u3c=L%(|=rQ67
zi4+cdcBAHJ4Lq++w_Zi3SFI0LYZm8A7r?Q#n)bg?w3o?|OTJXNwG*NK2yfXCIlq9i
zJrC&Ub#m3aDu--Bko?1PawIMMeKn+qW&lSHvx~u3;J`9Dl6qEkq<u7w43iV-r#S2L
zdmqI$oESD#;kX#<X9Jb}jy%+Bng=JJHZ)#k(F$%z{Q~cRBlh?Dt<P(Hfk=;RJbgXO
zoqC31l-_{!9>)E9f!tDWbgVGF3GoKd0B+x9$_u`82pT=!GH;WDEPjs6N40YIniNU|
zDtl*vD9$!Tq$W@k0DBQ;kAl3AE@E?_>ctMu>MmH#9lrPoZ>KtWu?U%kfY;^BIZ22f
z2_e$bA78xy)t|_%KtVi+OM!y?=iCWIqo4FI*waCF#O<cvp$#<+kc$>RI@kS83xCG#
zjPC9_5^t9R8QqS0GRSHmo(OS1$a#P_OnFuPj>O2{vbY7j%&YudiO6?=%<my?0l5hn
zE~)tMaPEh?7l{7_@f(mQfDu`YgS9kOBmd`sZdI^AZZw){DPVz|4YD<0ft(LA4`3ZL
z4WTMVH62x*Zo_AnF#j>JM*mYiL6h}!zQU8&y|I4N2rFQ^FxGFHD!ib^&Tna4D14#k
zx7HbVKd^dX-WaEgRvWA<@`K_qp}Jx}D2@|qm$9Iao&`?gGo?@m@*qR2G1h?$BCP5_
zMx}Wrsr^H5Y|??)*64=54kVu_V)Kdil|S7ynNL<c8*EHv{YXCPLWUfSYx$%LX_&?;
z;c*?OiIXg^*9mXXS=v<{SAo`@Z_;+2wn4{RPU%o28?^uVj1EO$TwJn_C0lq7s#!e?
z@5}rJT#nkd=X|n)Y6pNmhTSN8JZKjB^sMS=>i!L*WF1Ymya=xKG`uz=Jn3q9ZRURP
zxLL{1Yco?Is;|w6sJ=EMBI#~;ZAQchFB9WV$qspDn;R$%>1#6za?<1Q+Kh<mYcnFM
zugxrhsJ=F%GM4l@yf!1ps;|u`wAI&Uk}$c~W|A<e=gD^Ww=h}P!)r4ls;|vF05Q$W
zh}Wvn^4iS7xS3I=*tJ<x@y=2Yfy>FeXwy1fJz4w~0y~0?_v*IbueH5QVJ@_ZRr(fq
z#c#M0-2a6JbB*=dXY6hG8yxVPDsntCvsnvHesfMspn3l~HT*4=%^@n>EH7tdb%ftO
z0+z4G4*ZV98Otiaqg8Ik&3XvS@2t#`MgJVR(q&`8c7KI@>*`XE+1<7uCf$3>V>Drh
zLi7{iXZ*I8A^MBRX8pDXf<8dRq&nZLyOv;N^ix#kC~TG#S+A%l$jhO#K)j5F_ZA##
z_Xk}9+yClx7Rd$|e<af+yhECMF^K)0k@AOHhgtFGh!|GB5|eh`tmZGHpQ8M{1tf8P
z!boCrMd*)=duc!Yf|7KUbNd}da-2CA`+F)AHYm=+(>nhsxjo*Jtm0>7vY`>}{-0!L
zf)#`wf3*=wvGun$VnR|xb{8?xf<4X87%^0FnCZVIrzbTGB9ycJOGQksSI~Cuza{=m
z$?NRxlYakGFqvAoM+Ra41%!HPhlr)&u;p}f(+VdL&hx@y>U}q=Q=(rQdPU``>|082
z;1v}X*-B|ydOW2Ec&)<~uo?Z8TBTj_y%Od=$Jp1l>@c<}>{%5K^A=-X#<6iwJxyM_
ze!PrI$Z#9o45>0FZpo5PyuuEUZ6>bT0(%t8o1}qHK3~$Y6f>W!aejC}_Nad)4gExF
zkUqb6YMucKmpdNNAnV7`V=M#82YHJvE3St4ju?ygKh`_MGVyN6yMSm<5-&W|g8Uft
z&&2CM;m4LyrTZVCp8?7mlN@fW4<X-|nBEKtmlUtZ%gh+s5um*Au*1A1U1BvuHi~ul
zV(+{Lz3np`Y9KI0&(m~T!X4WvPhvHF;c+$|84w@fg(ujMgO0A_vm~m@9ew}CX0$2E
zAD&VtPv+p<PC)dGc&8d~U+Axjr|VV2uN!X(^x;4-h(2kkbJVXQ<~A`nE$rSFfz4Ba
z6iK_Q@EdjEAqcF(sg*#uFT{l)=ZTmHaWlvd0K)!t=SqijeS2IfAK+bJQ}T7l+y{*K
zhLcj}*I(`kl@GmRw~}AIDMg#}N`-->%Xs#P;oTv1%k}p@22bG9FXd~~iZZ*SQ?V4;
z(uLrN;Oj9q&O_!;NdFNCPlI?H<gY-X7a|yoav8#s>gTCbRm3^vUmcpjZ&HCOk_vn`
z5qLHgs3NJrwTZy%sX!G;1+ELsi+59jDv}CZp9uUj6{sSq00*a=y2zECT)GA+lIF>|
z!F{Ai{lU(>*`@o}aG=tR#bcd;ulJk6wZU7GUhSBw|H>sv_nhqlaT7@xQ5|J)Ed0wI
ze{=ZVj*ph2{z&JDs;*?0SF?KHIF;quZK^W<CrSBVPA$>r_bx0^)epjal3K9wWY#F4
zV=<gf)Pe5`wG)uk&aYVQTn>FGP+q>s+s>;0O;FcK%Ie7WCiMaIJ3!ad&eL<vOBQbm
z2!2fa7w&5HvTYm%4Y1rvg~JqajglAc5>>WkYVfvm&3}Np8_tc!;##;b2Ako;Ccq$_
z2;~KP%JH~Qlj!;>GSvkkoR<kJi0y{_u0Wv^Vt<hRL=1yi0kRCRKuu2FsUprDe??$5
zd{-ynr3l$;pMPxLYWNzQIvcPW{vD9ZMW}|~4RRO2*QCtY!o{zOtTr=-Eu)qev2!Fc
zzeN7$Kw%}ss~|6nI2|I~fU{T-BQJnxdY_+D)AUM_F6Z9Hxjk`jP__(RzrabUSgH7|
zfZ22f)(>zo3sU3>XMKL*^*a2!6`65(ItD2G1Y&ED=^`G1xDaFwP#J~0m!+xrlya^$
z)GF81$r${|87SZMjhvz|d6fqKewA8!NtW6|x?^w90GUsF3J>0P#=~WSuNULOuQ9j{
zUvE(`{s{3P$o(Q-hxh}?Gk`ULL0Z@UA?N#*j#ix11ipd9>wwquvGYPTaSg_<CXQ%u
zR#oG??ui7x*>QptNs~Gp6oi{1@DUDv0Mu{bB$vWWl3NWk_1G1-t<qps5gGA?3&N(6
zl$yn<K#I`P*tam)nmC4=B9k3YJp;l?5G^200C!>kN57B4sHItza#%98Q|9Mr7={hA
z0V`FV+pE<g#5%McPPZ<;bEa&}Fx+c-rVgT<G&CxDvR>Z6tkY>z;nW1ha;d>w8i4LF
z?8@78<#2ZORZLWaim+d@O~~8mZrt>{d{bVBDiEWv-{mVH-p1E!5Ec5(p^BFb!o;B8
zcVz2h73Kjk`-uPLw6X(t7ysr~b^nikoU{!a%OyU)cPZkd5AtrFBm@<0Mnm|PM`YzY
zW+l8H12iK3ccvSrF^vD6xxzd5U~uJMnIuH!9NZgtFwL%iQn%vtTc<F3&wP?!f2i09
z%Rgyj*&ad03;`lN{pp`-iL*KMO!0oYSI+alZoGNWJBz2mj(=9GTv-Wyw0JgUIlD!H
zzXAF>@orb(*LMD?!sr0{F2EYJXI+5&Dw2lml)&o6E2+Ru)C>RX<u&!LUc8PIuL6lX
zAEaVcBz5QXq&E&+D*II=6*w~y=t>2uNGfnn(i;y?1*%9YuqF|hm<m*pRN&l1V6#-9
zilhSPB?9wOfhv*;oSz7MEfuIDslbIvEUr!ksz@quNh0uYDo{mIfp2mLj;5R$O~6_n
zQi)!fly>!CDs3yLs*G@}q|BDLUk@ItxydnuTyEWVr@CGLXzO<4g^SoyeRPAwSY?o%
z!_{v}`tZ>zjb6XcR4f)83U`x%5?C-wxFi;AY7!a!PXAnD+cl@^&S`Ry&+pYxW`^0^
zZiH<5yNy2F+iton`E$E|=n6$kBJMqfM5Gr^{GF|ae?;+luUdqzPK!_#an}4DlEl9u
z6{sSq0JC<~$4u_G9~>}uh-TZ{XTc%;F2=K9oQB?{UodXC=1VzVPa0?E9KB6{B=aCi
zWl02y1Sc{AlgRPjQZU)t7;iy8^2YPy<2LfV%}wjH53Wh;bPt2K^!xbm(Ay%>I!%<l
zrarAxeWG>Z4oTe{$Dg!LO?~R7`b6C{aUs^~6LnKlqHa1BPMsR&dZ%*|qbbojT_Lmc
zWR|S<H6=Qy+r&vUT1|bbr#4eO#f3j%I#`OQxY$oRC0y%U2H7&6^cUGqR8e(*7oO;&
zN=?WL%Clf*ynH|KtxO-)4%TM+sJQ$!@IWgcaea$$FVO49aV3_s@nB8LVyBO?74Ep9
ztcJKfklHzJuqQBk0yTkgs*lPKlKZBQiknAMO9H)q9Jk~YIxo=c$8oC>exTQnc^6eC
z0f%TI+S?9>2m@Vg7<X6;8U=cwHSR3Pu{hA{$8nd1wi4*|<G9<J@b*CZsMxK91ky*v
zP9GKM_2by-qXJzz7WeOX2!Ez|W_5@{8xQSwG9k|^!|Yhy9K5sCqoJ2RDzj;wj{TJ`
zN8n(Pt-U%uelo=Aqr_@+`Y4^U44gh{8&%(JoIXm9XJ!s|`l#(O$_Gv##hzU0qmGj^
zP9G&TP~h}Y=8R<(`X~|cV5g5dR2G9;eN<4Zj~Z(FsCn|(^M{%~N(B0-p{9=#fj(-e
z>7zuLK58Ao$m^%1%u(1ZDY9NkQIMCDXMuQm3$N2h-3mK!`luhvGzssJ<~uNmgIax5
z;Pg>C9g03`DSvtWl;r1QAc^y{tNN%rBAj#jsKo7BeN^D|QL0OIfzwARl`4VLM~P?;
zYV}b;tv-q&7>(V8L?0D6eUySdEpYlM5i<j)kJ9O{*@4qXDQG*7O!QHYfIsPvO!QGt
z%OD(?=%Yj|4W}gfD76shg;NrJloB0%R7pXUeM{*LywVi-vX#=Z^m<AU@P;^jlu~P|
z3Twg7hgUo>6e(9qn`rf%<+>1jTWxKK>MG*r!+oFaNkmWNPkY!*G`8Qss~ZPr+DQzE
zI%UQyakb)yr{cUIzqbTuGsqt%Za(aBf>RaN5p67V-8a-c8YV?oK2daO$s%cF6iaWI
zUPdf*<<#u_T1I~biFIpCZ07ktf=-gjSGJQ*tduYP1;S1z4ckc09%K5kGDDv}XA>3D
zFfBe73uU>j1??}Gn^5wjw$|Iobap#PP(Pk6*l%PyyZx%njn5^%tCIJ2wkpuw@QqUY
z$;bP}^fJSjV%{o0yEmld0nG<_tNnUq@)W2^K*Nq4oldO>RqP+;3=36$(@$_I+6Sp^
z5Z?j_7elbx;_V}11;h%FB_d9OxD4bX5$8ax1G!JcWe~pw`4y0jI4!rG3$kB>C7$}H
z1nsvYzH3$DdV;`c@<67?(Ic4r3r9Wy5|<9B%JpH+rPD+6YgtvI4|5V{CK6{=CHgQY
zaZX@vTvC<j!<@vLMB?hIL?7lP&P^n4u1fS_PU5^o;*qLEALb;^PbA*1O7vk);=&{@
zO~s@zu&uF*If+XWiOE%dALb+&R~B}1#@!^ft{u{>e&f5ShNFF}9aH1PgECcFpWi!&
z3GQ&Vb@?r-DjgFjvH+!RTvFN&hFSo0X~emKU;G|Y--5neykpqCw}Iav-c8Uq0L@Iw
z#{1Uw{u1(0u{6QkFyVa+{a5i8aYx&Pgg14f=S>8*pGviej`jV#OQ=ytx!_)h2l}oq
z;OW_1&OX^UUGGlV+74)5>P_+UsxF5>9SAf`MniXnv+h?hnD%YtlUTHQKXwwkP&buc
zt1xXChtw~sR#S|EY~Kt&+C)}=<0RB5q*l8xa7?u%M<9iP&l=WTRD4`Y=1<g}Wbq*G
zBx8M=E6IE=uf5M%IlGw=|AUVBb|XIg$q|>(R>=olX(pFwERM@3`M9YI)Gw7VnwsyC
zB+N-9!HIx3`Wl=~b3O1bCKhA;te%XBZpY+8WYz#Ji=AK3<CoVkofH`Dyzr|SVX|+I
zAMA?*t&*DTr24QloibZC7iKuq+T`^b?!n&URo7Fj%ej7-pTAJSdmO3T2-+=*hULj8
zRXZt0tnFLwhfiRq5V(R<n<r+qzFPHCjAC!!@qWO*AbOAgV6|nS^Kl(X)%~6$RAVLs
zeOa;+ZP-+2e-|b}GFic|JygV&&cQ0z{e9C(To)uccdine4~1+4HIQ1<-|rd)<5A*!
zKQLTdEc*MyR4qS)eh07$*OOGjnUlCcAE2rZPO9o0s2zaOQvdwG`NKSj9O?0!&SOd$
zZH37ph#U-b$ROMq&bOh~0O10Nk3l{XaUew9WLj#VeRGZzyzQLyy)JA<Cq&z#@`>hS
zG6s<mK(qtIjv(6u-dL^QpAshV-5Z9!Z(t`}j=>5<mI2|35Z?v4TEtlpcYxdmc>SKD
z8GF$=5LB^^%prWcx-gwcZKC@`!ngQ&97~VMm48A!2l5BNx`01BM|`gjOI$&r+ghYk
z%SK5!`>?biqtT7VBk?AVy#YkSAU*~8NJKY;bVW9qNj&RvPLWPkEb%P5CT!iInJHP-
zvlJVe#_79ZG#`nPIB9!-DEq1}yH{OGG5ob}px^wEvR3tFS8UBuff=nrb#&FvXyP*1
zZ`vAW^fi7CLuOwfIuhbKkZXVrNrh*^c@XM;AiN0TMUZDjd<UX9mBJ|E`w%-qYzc(7
zL!1b*Ld5+L*Modl#4jKo0$C^G8Hm?FUINCw0<i-g?q8wkya5ru&rc4O!>1Uxk0%ZG
z$s}3gd;207J>764I;m(TCMO|wBH-<)JHeLA^qKGvm~OHZdiqMo48I0)F>-4p>-EdD
z6R&LQXo{r`PxNUtoWMjCq@KjWuYkg{PJ9u}v|1+%YAtuW;Hlv*-0I}i@FSNr`m59i
z{HI2rHkfigFqZ`7Oa+c_s!}1q;01hs9td@7<KIEv6442frR+z*xS<fI5%2p6aX1WO
zJlqk0*FC{Gt48Y?j1}x-;m>q@wO`tDCB8y9x5RVv_KMBdy#9k3NFV0}*K5l9uktn=
zQXTaVx-ckw{(0x5A(Ofjt8^h}yW*z4ixe5=dX)83?kJ2ZmoOlSZfenB)>m7VqxFk!
z8miXMHkL&<ji-!x8QT?qi%qiG{2JYAql%)m(b26o$u2JSqT3oYohlygML)FRaYo%>
zbi3KgJTIT_NN`P}qdU!w8A|@lFJ$<%>76qgR77vupu%hHe+V~U_-4>wW0xr7h=aVS
z;8zsx#{LAToHXf*(r@I}kv0<YFH@A35}+eT3RTdKN`j{GQnbRxP#KM<qGJqiOyYF0
zO-PbhUy|Vc)pJ~$T%+LS<?&AUh&8Hgi5E8|&W|zYl^SC$HIjHwws<#YmdVCO7M&TN
zC_vh?6>U<Ur!>A&hSQU|P9t~XMssW@14cXFD5HY^$mfaPd;&auey=L$fMX6`B2#7B
zo|L;eKx^E=9Mp*iRcu4EM!_xkQ4<nt5Iq&>rvb!cPTa3ztxi0%p!6%^XTyx&Iw@u%
z4pSl4$1r2ei;m}p8GZ9u%(Fds@^aOa6w8}stnb;_s`1`ms}d<z^<b~un2(&P8&|C7
zfwzHMu~15=aqpotvw$&Jw72P860yZsGiCf1e^|ob4}R>c?J$1q4;R0&zh?M8?=+f}
zH!xY(&>*gnDo|b5sI11i|Mx_psfwOs=iT2&s@8bp|3O)N&5X(}+-Hc-=l7~k4?y;{
z5t6;1T(}b$wAg#oD#ptYF9Mrg(ZRI3nkFlmzWHxPx4`@e(|3S5>Xqg?iNHG>2|cxG
z-B8EIXrX{z#N``*E+KlTMdS01e<y|M12a&FUM0UbJji=!l$Ge+2B^aM4{fOUkHL)*
zfCBu`3<Y>As9EA@`rtpbrKI+SUI0wcPLxNi%%2GPHL;fA@uS9C19>(uXsP!zt0Uir
z=oLeYIzKnoO^`Q=rB{6)w*>hq<UPQyhY^)s2<o82y(g@hcm?irfQ>J%bkXv?J}il$
z|C=xoIj}0yhdGg72K|%@zi|>l6{9D#&wnX+0)Z&ghF)P4`~;$p;k1FYh<FEL7|0MH
z)FpD8fJ_9u!f@wo?VNDnIF+Bf#6lhJ-!(>UXwH_m?%LFFlKif(Ou>G}7P{`X)bPe@
zJuO*Id%^8LAPMaAd$+|ka`NU$LRe1A+a@`;DyG~GuXX;Nw6U;E&Ei+4X3@)Ts${Y2
z`;u{sTyiqw7PoEz_wr}yN2=1i6o-}CbrcO76|I$1<&9Ty>nPs?4>blz)=?B9YlT@y
zkx|jDqX_o~ChI6&PWtfCl4gNg$#!73MMgv7nOYM$aH?zO{e!I?_68=)E$aD9V8JNs
z5^S}_+?neZTE6GfaGJd2<8TGFYB#sgB1`^m8)~6Nw*0xH?sM`~V*4J%hY4C}+1Wa!
zMdbHB%5y7|H#uS7>%$UjEVP)!?Ny0B%t^4)GVmrMo0+fnGpEKrGe2p%I**}JWp?en
zT7NrtYCR^ieW%uAGP6719LL|5^FEi^nD!szT6j1PWTbn|j4O(vhAgvztpt#w+7g^C
zw$7HM8XX$4Y_cslhoUN*Yzr>xI-IQA7QDgDI3CWlo=1&P539#B{h^j^8*GL@Tu-5P
z;T>n@C1$(7E^8UT`E&TF6`$=vhOhJyKjN9{a)4JSd!2gSI5?zIyKb~eC!w>oBWd<>
z|7q=LzS{GPU86YOoL8n^fXzK*bdxhusnq9x+&t@&8a|^k`@&0Mt|TXqRc_L}X-xG`
zXZe<@?k2n$_DzV~0F3xC#GViG<5k+XP#nE<q}!XLg_uxj?xOt_zSmrgxwUBezWm<^
zW5hy`!fa<j+Eon>rEjo{jTw)tB5<a_LKAuS$ib<_vvDvQgUQeF|6!m*2H{jV??Jr-
zw5pbz=qv_RYzuP;Zx-im0;xllIlv~6?I5iH-)4&V(yH~x<?pBt{aM_{Bc+RgLdAV6
zkQu-TrNOKx`1z@`c&F2?hEKvg43PtYaest(9+#f%#(|e0E`fUv5bCb*r$K%N^i%PD
zxf+5LE4T<mo7L~tO`y&|>Qlr&2BK9E#Tn!P5MBV$1=0a{?Q*To?`O7s?|sE*tN5DK
zg)zvC0L+CgL1qFSk}_w$3bg<rua-JDlKIBmu;5jcS?HQjFiogcFnMD&=3C?BcQc>y
zr5|p7ioprEcMMRtdp#GE8BDa&n?9t^-Sre#UiW9t#@{F}x|v30MwjnbLo?B9$vT~Z
z>6PSn7kQ!8)z-~urfhZf>sV);=S@t<WZ<`+$a|E@>T0ZoRo-$UjNX@zuH~iA5A&rx
zF%4Af3s2GlL}PL%fD1y6KJAA$@9X}AA(!+>aEViuvOCAV<ay=j$OD$MYm`7<jfdX?
zN?NS+qv3MrVd(n-yE%EXIIlsy1e9$#Ef>p653St4;MJe$yx13>T{2)t<K`w0FwXHR
z7dZ2sWGOJK4}mFp>Spq9$#bPkp0Cs-&wi^lsK_j4CY1XhlP7*#?O~;S2+j%u`%%EX
zd|Y^6sS)PH`?d=Tp4rEP-aJ<zlOe>W2jB#(o#@;Qd=sE}bxr8?Y9Mb)@@k+iD#zC8
zfZ}oMOj66@afge?qlEnnhg{dY)G)nd>pxv;80cW@QjIu*e-ZX&!oqp_$%ofHFcbuI
zUw)!|c#WgI<6VjSY-XCIkGr58Q<J2HlN79IiZVM{zfa#ITrYGk)&JwcTYEz7j1Hx)
zA4T_VOv<<5+#tIh(F&wZv;0c5A?*AN^Q!GM#F@zJ8^1+ijF<(JOVjs~#E^buA7WBu
zbX>6e%a0%v_5<o-zs~Liiw;aKVvH7hJPO5!60)x6MUWd2y8#Fe@JiVoVB80Bj~K^!
z<)RASlMs&sCHe85%h_ll3FLQ#WgWG61JhT5dNC_U!U@(c#b!f)f*f4a95x=y-^fw0
znvU~=Ya2B{<8%(al?p=F=Ctru5Z-dBe{N0cPe1v;JZl$E!wvVWUHS-UQZj;M8-%;E
ztDtJ&o)>WMrxm~Oa$}U7^1KQMGujeS>?f4;yNw@#sT6p*@gDH9Hapbc2^J-%JauQB
z9gwJR5$d^9p2vg68SQjv$R7lrp7Io)p7Io)9J^`g63)ww5AbJ?As*a(haA=>hnCz*
zxSl)ZDLg&pDLg&pNwet=+|)j*)>)7<=_yYIFg@j&1SC1-nFK_88@l^jK-?)$;mJvx
z{vF={pXP;PRkX1o7}~EB=j=#$lrQPNvT!>L8-J($Z<%`Kw;zznO<SnwW~=}-YtMzB
zvp{(*zsJtTb^Q>eL$_b7^k)A8yAE1!wzqx&F%)Dl&?XCuorNlbe&0U)G^<mPoB*`T
zYR3^yTsHvoeUkvG)GcA4k(|OWFlJLP^LS0E`zNLD3ulazoiwHQ)vGjjE20SKy}t6R
z{8Yl$_-J_9n<4ChJ1=`JXglGc64$FUB9Tsp%AL-SyH318*M7O{Qm=vCs6_LcUP7AZ
z-X(aP3%-hzKEGGzW#gSl(k7Yjg9m#6@mJuCk=aR5CjfS@te?+H>T2k30WGtY74;RL
zR0!7YoYzsTGt>0EmITPx>Cqv7TlnjczX$L)gLoR`w<0D(ybkiJ2<@Dyn&`O22XNm5
z3UaHsE1cX+(i>>io))eP;W9UnJDs2YJ;*g?e=9%FfZvW}GvKd+7!NW|#0rSbKxP01
z*(jb5XJ@D#0qV<@&bc)rZgYgPBYLvN#LMjht4&F)c-w;`zSmLvpn$^0W!=f!E4mUq
zd3!~dbtiAH=t}TG)hodV*_GgSDXSeYv^!aow^us<m-l~L#(RrN2$jxgD-z1u!~w2!
zzCyIqZ|JFP6ijxNO@`;*+{z>uwQdh5J6-Ig#JbDsv%A8|=?>Jf$ASrLF65sGmOgzO
zZUdfMq>?0o?*YF3$UXl?{oKkA%R%}PGn8C$zDiYw`+CWJm*BI&_3=IqajIKt65Vp_
z@R`(Mpmfk;_RMBR$eA;sPX*%L>C<wttnh;2s@U#|&C1<y?OUtLEv2NbI2Fcr$Z$AS
zgA0!NYH$(oxD&hec%KScuYR->-UneF1YXX6MV>V%(FU;FC`uChJrX-<3N~?xT__;o
zzVDIPe$u0q(wmd%?7Z^kR9&T4_*H&(2O|9tW4FoAU7&mctc)&D7J^#AVNpgGD1Q@H
zoY4i!!YYgoav2)PO6-Oh=~cYRM!f%c#Yf{RlD64zj7KU#ZiZ;eUM;VJJB8aDsZp>(
zLY4dFU6bAQ-`pu8AACy&1B4fXbA^u)UJNb*Z>fw^-g)sOutM=Sg|=wsxK0Cn$CPgJ
zVwp9ciZy@uF!9gxvu9EiftYJFJrY}A4q8ylYo5FB>gKu8>iIQtJ+oG??wNJi>cawR
zLtIyxG;R9KA+uJm8#3##b%$|{L(1#fef+wf-G{6j68b^pMoWWdow084tW(#~9VVXE
z{6_zQ*Aw~~ylC(KFLL>LJFm;n+j8BO_|e>+2-U-@{{pW8Uc(o7d&ArN3%ot%ow0h4
zd8=2iCcZmsOw9Mlyq<NB%xhoQ%5W!5tIdw8tlsRXcy(=BU9_~a`l6-l^DbUmnR)Tj
zcqS)yt9I+Nm6`Pv=UQHi>uq}RFNfZ!)e3Ce^~$r=85NpIuFh<xAo20K9QmdTX;)i8
zx_Ks-Mge&(L9cF;mB%0-0ot<*k37ipPmWcRJM@_NDFqF9bw76}D%sPmRK9}bOF)-4
z=w;DcpIIkIy8AJtIV-vuW`CPion0@F2kf`vK+iv?Fi?dj%fk7ZtZtxV(6k|(-CbbA
zPx6HH^g<oHf^NHhcP5KtKyfFC;?`ns%8x$_bq?%-k{`4XP6M2JfYHSf&ar>c15kx+
zXKr`{xO}oA|G76r_XY)>txCTTb<{9RNP3BJ3BsEx2{O@}Da4+f;b!-wUFc?XtG4|$
z8ja*;?(JQ3Gohxr*_Y=hU9Go~>jddMbnA+T-`Qm2Fn`)OTu5#a-9qL`yTM&M<jo>6
zk`|*;jLef{aJY3&{BwaoKVEzkKY5{<bGQ~GoDwUyZUz$b%<q0y@S<JJ)??zzdU6X;
z=6*TYoqH3GAh4f*RLz@WJ!-~<nEd3$ZqB@ojc8_m4n(()jSE47gY_d{(H0VfOuj5X
zrpnyHIm(Q*g)i(f&vuv5TX2I9^^;irP=VRXLT_^qvuZ{y8g+47(JHLj#HsZeWc{+m
zX}QbrcSHH2qW&y7T|DZvqBm5b+jy4ejRJ~~VrNqY^)#qsfx0Dcpj44`xc2^i>asT!
zyoSH3l&rn~{u866UZZX8`zw+U1JN?Cu};CcbaT%;9*7R}8tr`d&@G5K5FIw&YiyLr
z-B34(qm|4?d!?jqOGv>HD{#4=q_%;a3ba+&py)T5{{1TGvw>0!@3Jj)gD_wFi;C}X
zzw`$G2VGpBa61MT*a8sZ=JDQCD=nX4^HU(gkDY9RsgXXh07Qp+`xNKk)Fu#<fpDL4
z;)=5IRVs^gJKDp<L%|!+;5t8)iOqO{X}tEl`%lcS^3V~@%`8XJ2QnwK_Bxnec#xC-
z7hY_d$Y)Gm4%&N-PBM3nlT;q(yh;)X5uFnq@fdF4U+PEF<9GclLI>p}stAkU_W2{q
z+JD=f&!8bCcDn=pw2gHc$P&QIUEs=zyb7;#gbL!zNpMXWiek&Jc)8nZWj}O;lA?h?
z)CNtX7B4)_1xuA~d?Jym$#5;a#2H_P@$9Ox7nWV_D!z-H!$*57y+PDTXCyyQcUF?k
zVaeN<D~ZF@8kt+2^|e=!8_FM-_HzR2OgPI)9*0Ldu&x-GfR~%?jFc*<xcE^Gs8?IX
zFvb{4cw>BC@Adz;3ZlE>Y5-x$4OKPmSw7zL^JSr&s6bxr<9D|uy=?5euWKI<r@W@$
z6KDRHnOWnPXJ$>cGqXb9%&br|Gi%nIz+GS*ChcnL7cPNv_eixRuNdUxUt=SG*y6*z
zLPe-L!{uHvD`iO~f54GPdUb|3Co_zfVcRpcK6i!D9%b^Szriw*F1=ikomwi8iaGl^
z6C*FH>$bZ!xz<RD66r37R^=Zr?kI8l_fz$6&&Xf@SlC6I6pAcrGB`oJ=%~Z#i90Kb
zB^peQ0}V8vqeY%Sv~&erFRO{tfKEA9DfxN`A;3zdM_x;;u`HgKy@H=QyNyrbuo)y5
zwe(Gug1)&@&^K8M`esW(GF`G@1Vc>s73uw&V5q%*=hbP-WbL5V8JUI!eUByueXk}3
z$+Jm`GtK6V*P}xw2e>lXN$~Xfy&tN5`UXa8sLI~};tL_J1-S|sC`(5;OI4)WG>{mw
zdLNQ^0~uKzq-dvBg0E06{pLD<2+XGu`8D9{dbhuUyeXm{LNA@x0VRpY8^9R=)eq1&
zSQ&bv3xuX9`gk~X7VIg=i~)Sjbryr{17voCi1pmw#Zc#qb2!A1Yxp@kjm!dtY+&6F
z)kHmy!HtOB0QkR#xCi8J5mJf#0_5i+?x_{K4dPk2zXwWkjF)gd?=7e|f%5whn#&JW
z;BQDhO_7-v2PE1vQ`KrH^q*nvW5D9o&IqU(u&87dm9nCMLSop{&awA!W271oy{M69
zY(0I#+MT`1Yfk88c~rU9QK~OGJ%PKlBELgJ6I&~y`*)i#Swl3^Z|GUfpp!9G#$5rF
zD9tm;Kq`|Ap9*@)Ic&4*7pu?a9Ec<KY|avp(uw>C%A@!pyf*90cs~NqYSw2X>8xgb
z!lJBZeKL%*n)L~*Fx@jfkb5fPad=J-^l?8bWo-ATz3XCm9j5yH-lvFfGmG)D-KaK;
z^xOn!2^e}83VR@;k$14rD^_-p{BFU1Ua`^8xs2tC&4$hi_V<ddhAuz{Tx>UVJ_=*M
z*eSeK-ki~xbhkl@#F*&wo7*15JZvJ>!-9TPLBfBE_l|yaO<UWa_}QPZ?F+PbBk(nl
z6M)<Z2!BCtlK$rBq-gT@@H#GX-rXTDI)~FT1(R(s6#5Lht@Y8MJ3-uok3NbS)64h^
z-Gh&Q`dpU3aEiC5gp(#?YE8>C&03y_x3hwc9J-MgY@D=5c05UCX%-2QC<xAQW$BTc
zvQ)>E#MWApEB@D48|IQjb?O)0!;4{3!qR&NlQo3@cs-%Ln#fyOvV0LxFTI6Vah=GO
z;0^JP{5I+!3ZvRA$!w27W^~I+v&caDXTLm1g)=jOgd8mk_E6SjVS0?(FV8eoTU-3{
zSGIti^b{4XyHa=J=4OWAeq0iz4~OmZds|%QNHDxf9@1)0wr5qOJqsq=V=Pji1(WSH
z7U|D|$ulLdH}!(a+a~B_&|MOA3h16f)9f-Gmvt1=On>9DD-p5m66&>nkDqV4qVu3Q
ze6*x@@plb{?P9?HDa6|#&x`mK#I)HA^8x?&5GR2w6Y(;{Qy>qBcpGAX4N54>A4A07
z<L3?MlXop;p`6=NO|2yNMsjz++&C5FcoA~_M<6$dkiRd3JS##WDt?9J11zkQK*j)h
zIb4u`dqC|5a6W(;Z0heF7!QcY$ls&jFG1jNz?TkjHONX4Uxl~=q*uhQ5ch%HBVsnh
zFF}4GVg|$?L7o*c5#p~Pe*yCHrEnsgPoX{rvS&eX5&tFno1eW(f3!C3AGvUKY~PeL
z7HSoV+K(JxCAj!>4Z&J2c2&Qwr2M%hO;^7@#n<%P_#Bor-6GBunCT*1QjeUXEPb>t
z8NtPI^_8k*-7cwRc{h&Q5?4+Gl1-h(sT%quZ|Lsr!midrpWk~7VT=mIrBzL8C%sBD
zP-pcjV>|gahModMs$XM3yxsVj1C&$`d6r}pyrs~G0e0JwpR+dTBIvV#dU<lN^EzO1
z$wFRU*%*AApMN0nHV|9{(Smxn1lY@T2Z1aSaVjQff}9RiWWV8ia4v(o1fYdD+c~af
zIWK*nPRXF_i-#Ga7BxX=Q4@p~RY>|kof4mj;IcC9g`J49b+EU)OlvHffc^ZPOfwZV
zD{ucb)9gJM8aR2f5XhMi@#e~pTt*YjH7?x4oy&f&xcMYqn+Jp6MFejHk}C#t*3vx-
z{ac{883Mh|2|q=u1H3|BZ@~n6^Yc%nKLmog5ILIr3=nJ&p}tXFW!-@g!$5`rUMY2~
ze5-Sw3?d_wK?MD|wU|-K1-qujY;@}amcsu%@tZVO=iS{T%{7%$n%B)C_bkmHb!mQJ
zO`4y-=8J=x=Jf_O#eGQFC4Qp@BE?<7kMi54yUrxq?UoB*RWi%`cn!?DGog<3%bGZF
zuRX+aKPQ90YyCEV0$WNcd2X<jNe--Ml112d4V{8y=v2BLyvx)z?_w?b;s5o=>u{=@
ze<P}`|6WOTH+fgEot%hNr@YQ(ge!BZpOJ*FoQ;G;n+j9=#>Pc{$}-7qEo=+0uI;cy
z`I6}EF83Y=*XQ@%PJ0^DE81g2+mhFt0o`f<{M-g|_(bRxfZZ&%t$ev1>igmxc-TSS
zE^_v-P%i=fY{pf{iZ_r(t_{e`hd0wgIg$J;)LqTMCy>H(YXr6gf=Vrsg_sX_u1x-g
z_2WT~5+UW)MIaXd{ojBHp6BNpsH<fB6vU4}ZWHk^#6uuI1q$+az!2Ph8tS(|{Rb{c
z_Y+p`yABIIK9^(1E8PhIo|s3?6S9eD6~FUY>`b=zhjvztXx)utvzn8p-`^VNo5D{O
zEnS%U8Xmj?1b>A10OUOpPeJ5pMM5BW6k;gIV4xuDm3QGdclS))orgh7xT_*6cc&mc
zNw($gY>=%*$lV1X^F+wqV?mAv3bO9p?Rmz<SEcEA98{dq$`EI*B@tcz=6DUCIk6D2
zhJp)+N^$*UN5}yzbE6t|EsfBgAkcU$<t&)dtiEIeLg6nzj@79dBdsv>n%M;5{vx&x
z&X{iKLa-fGJ^cN^_AzV`*iysx2Rq5I1HjHV>_D)qg=LTQg3WT)aW!gG7A8YxWecO`
zaB_9r98Ru|oWsfX&auYM;pFP*Ih<_Eni@ZclXsDe8bODXZ47NX?JyZb+e7MMGKS7F
zh7OZ4boR)NywHuI2T5ffc2-C4VP{`BI{U)W*%yvZ3rFHjcQU*8ZX<ux{zbde7FqlE
zu517Ff<gLqoyWW5$)wJ`JMM<uZY4BV)BfdZ+CTSJd3n9|FRpF>V%Pp%fLDQ6uSTVE
zH9vv|wL~S)EweV(G<*5JX74Y^gg5+Oe>@wZB(0oUzR+5^rYqH8Mb=;)?+RTHruzKe
z8>wUk8mzJk&?S`e3xH;8u%eMNybby$m41y`Hc~VAOQ@d%Ew^F3+PPRon&d7Y@6CN1
zbHAO$e;w&p0l!>JM76{x$bN{(`x5&*L}q6q0Qj#%w1PB>&^6js*Pejb816KgJP7d>
zkl8?S5Kiw2vIk(-q^7})QX~y#FstaFfb=0q9t`+PYl#DDi3JeHBXX?7c7iw)<a7}l
zy?+zrVi6ld+y`<GP&^Id36Ng`+4CV7`hHt~^Rw6Mk5OUUr7j7T%U-*6pB*)oKOBo-
zP*eLmYifVcSNoZ(Q~Om)n5t9z4YS&BnALv6to9pbwO?4Kul9G<)c%n9n5+7lkGZO^
z`IxKvnvc1vulbm(`g-KtRsEo^>f1gCSM_bDgRA<PzN(+8srsI-AyKXU?p)H*YHcP*
zw?JsWTT^TQM6F$46;rp~sO7)aS~qGbS*?xSsO5jCwcL+MqkT0$0&7^RLzjmC4{B}W
zwSBero34P2!)JYd@75G{)mj^7{Ef2p2GEq$+A%V$Fw`puRBNZJ)=q#L12k`s@s(+<
zy@;fwrrI6ms?Iwju_F*%S4*fOS4}R2*dLLvO6(gD7lN!2u^QqIkXuA(*UifyFN)B+
z67PciU4*vs1R59uEeb&EJ#d<!8i2N+xUk)U1lvD@coe%o^YpFBh#|7Bb#CPE0&h;;
z=X{-!Ki?l8xuHb+gSGXk!|GFKZGCza-)ei)uA2JvrQTGvBk4^ItJWvKTA%!Cee$dI
zsirsWR(;C!DWEcaU1_GTE6wzErJ262G}G6WX8O9)Oifpssp(2HeO+m$uPe=@>L{&m
zt3GWykA$}R)aB~aJvH^|%(Y?q&ZiwK58XE4%}IwK=^fbysr#qgZpa{+9J{TQq3)Xs
zj_X(^@nk3;>YAxwRmZ7fC3A&PS4;(`bX+1<G7)czORj$vv*h|$*=e>a8d61Hf-1X?
z^+s^64JK`wSjd2_3;*CxkWpYu_-|LChu>~w@wkp%q;x2Yg_mp#X?BG0s62`Rn7^~|
za(4tyLwy%iC8``MllSl<YABn3{@D_1totWIfj?YCQ$q!*$lq8*b3s;OFH&Q10;q)~
z$4;22J-A**&&jopqT&A*-dXo!@mI@wSKZIS6WijN?Rqa#$YtVOi_U`nLrSCF_%#ky
zqPF*7`2{)D9m#VdvISIkG-#Ge{N6Gd+?Yh<Ciy+2F^R~7B8FO`ME+AEhBeCl*ndsL
za5HK5vOmLx@tMjUa_u7UOmg|6=Z_cBXe-H)-zp+mR*wCrL^PX8oqrduWm@X4AY>K)
z7MZj*$+32Sxrnw{r>=VZ>qN9St%Dfh<?cc{r(De`7Ol${dfnN&_)YM(<%>DfQ)*QP
z#)GhwEn6CR+1(-LXA2YQLGlY1qqmk-FOS{&=wZ<Dz8(z8R_eDvVtaoiTfVam@mG=A
znbo)hy@s;zUA$;R{v=~5&)`um7IYI&E>qHQpr{|uhRp@NYZH&oE))CPaJ_<V=gCE-
zQ>udP4-qgwm;IS*p>~xRpWj=ca&k|$pBtiRPof<h1Jr9FKe@GgKIAT9p@y$WdL_h>
zK<8)9F?swB&}EYeuTrnKfcf@;SLt%ZYzQx>)bkoiHnj(jvcE(pEWNs~y7u5VHSNI#
z3|dl^SyJ!U-$oWCz3qS8x9+rP3`dA!qFQ4RuAT51?$V@q>gRkQH;SK6z2Id2;^&n{
zQIq)j@Wp3)_y>C#ZqU`d68u4+AjB*FU9wFj5orv^%7D-Btvh70k7<APez%iSw*nkV
z_gl)6{|(g7f%0sZG(V6n?@#$8Ro2eONlTT}U8=lUlPY^(z)RIhYuKG6K%0t+ZPX~a
z7E^JGlO*F$J8t5nsp}V47Gc)z+Pl4kyY|i!AZa7}SDU@t5a@8t-qGOPsZ2$p*}D^*
zE3wYxFZ(Dz0@G}isJhnn)rkfEO;(QMM8Q&WE%e)F5?_i*$+gh(z2ur^g{tIQ&i948
zmQ%W@f@?XY&q!NNO=B@}EvGcTY0GIrPFv1845}^X5Qu8aDJ5j=)yd85OE{(VQj1K^
z8=&U%r_hbA`83=$pIVY^bj|0>;E8Q<&33()Rq$ovT+1p7@1``@^|<D<E+EXV`IP6x
z#x<XM{wr-hli0ZCGl`9BKILq+`IP(B=2IrzCMORHt_}UIoOErdN=~&66;W+NMO52R
zD`06GdI%=fHuMiTR&7K71W|26Ux65rye5%RG0CVr*kcWuU&)0xB<z~hHkyWku1Qrc
zG`c2L!S)KSN!=HrW@}RQ;scj5sY!howA!R<{#0#JpG9V86u@dyh412-GD|X+8#Ll_
zu`r8QYPz#_A)mh=bvoOUO;RP(1kqYlX^ec0Z?kO$<$mmMER%K<YxfGDVJXUXy@_M~
z52+p5?xM2Y^S>^!eifDW!0(XL{n|wE(87rrMOzk3js`U_q^SL3xh~t|)g!LD@?fa2
z&B46PDA0;b1{L*qT|Cl6wM)<h5~-s0#O0>Mva*+ql+a#rnF6zcwGyX^Yd^{`GdB&V
z{dk!bM5MT@#K)QV?Gm>ixzs1=#I*~lc<&$%|BST99G;Z8rJy}hRm_*9;xeO7O)O6K
z%`lTXMMvP-5iT#I)~0yXSoR0*WAZ&!Avu8#l|ZdD>v|aAiy;}Z4aR<**-RVOj|rSU
zzxOa2*OtwZ81^=?=tuWg547wBXO=k2pcaYq(~|@5pk+wk4|OLnRGVb{x-(9I_b&9C
zK+~bvD>tl$6|Vi~kxgHHzUb9AoM+_f6-^6T85QNONXX^6p$J!+mDv5}(u4v{XTfT)
z66EibYZhTk^_yZg3CNu<mg%03fIL{Ng<|RIJnuZnH9(oy^M;FYE5x_NI0U7R7z=ho
z?+TO;^%};CaTvtGKu$%x(L7!Qd9qk~`na)EQjbDDAeM@5<502QfqYFY72wA4Vhv*y
z-woutkZLlw_J-UQC@)!Y6uY%=A?9l#&jMOcN&A1S>iZl8SWY*E^e@eTycwAv0AB0w
zo#1FHnZ9FVGU>1-le`TFt5N5C^B;T60Ok~L$`G}Ubkol{=1~WF8|Q9!IZ}VrLT{7$
zhh2u$A9a{Fz4SYmAH&*Oli|tJ<{F`1?rmnfFdrfu>wwmIPGUbNF;hWVwA|a=Hb{nR
z-#@Z^q_>q3&m;c_AUBTG*xFbhLB0p%4{*+8D6a41C@b8ev!V2~IN;@vccw2<xb5Dm
zWc1W<isP#$<u9*s!Y(tiXCH@O?buS1CMsNHcXCYCo5h3}1NI;uc_BN;=VoY2V>omC
zSzg1vH9lZ(Tw9VJXW`hbi9MBSY(;B-c4QVynYFi=GrMHg-ebsoHV?92*I86M^IBrj
z)X3Po#q33E*Xe&3HV2}5H#=uLJ8HH*Pwbeqm%rYbjK)MS$y#c8`R5(mgS}<Kj))b`
zR=tUr`|iq~hHKlCxTra9c(Rsw-4Sxf%cvKus8PtMqpBPYmQ_=xI&A%e?`72zsuCN$
zfoB696>XzGXV!qZ6@Qhp)RNj~l{80>P<QEY?*;kHc=QQ&ASL78D=8ICa2X0!zh^K0
z-;8@RZUnV2_T6a@cNW8qfwSst{HQ?t;LYktQilR!pWpj4{&mqxq-M!O(}6lTxEC~7
zZ2P~od%E=q3Fq0xp6$9?XyFo^40D~b5*GK_huaEr<3zBIL7FIvr|*dk8^o@2QS7LR
z;+EVKzP`e{kc?&1qd&<&)TyS6HA=2rpKAI7`EEh@AAh`D-vZoqvZB$kS9gP@im9fz
zcBwL027HN<tAvuvk1Eq(^kbgV0hF&YOYP!KgPsJ`OXszNbD@f~$Q?eX;PP)oXb#dl
z0sd9B#HF>wnp)yih=s`SBRj`K90_uSh$XdRiy$tBd!bBrhqxBx8X(pL_fC-8fyx6A
zX)vP{NrNd>bUiuu2$By0z7*tD;$y5<iNDnnsyk03|6AGlJ;a|uUJ>yth$0i2JP>!{
zS~o~1kR1krDtdzc=4WT<4^?!-K`sfEtLv>mg$jAC61u5IY4#;0w2A_=K9tagnbOQK
zQ<@oON;AVuX(p^j3Elkv7bW!9sj8|;PcZ_WY&Ge3t|r}3Q<FZRCfPmhZo5J$nHrXo
z+253;R@ttI!j?p|l*|LC#mySm4tDcE`gd=zn+IwaZYimL8`(Ti8tU)E9OveNOTfKx
zZXS3Gc;FRI<}Y5ykHGFGDtRTh6HzR1%>zp{H^Ya=b-ZpSHV-Taw_D-ERUHa~T?HSW
z(xIR=y`bi%V7o1vG%?K7HNGppCWe_(qZXVhHZjbU**QrSmrgBH?jB?#iHgk(GnH8T
zf5P{q32G=?EJ7*OGL3bu7zCk|YMG`6og9loDb+H~1zCx`SQCiLK`m-IZ{td)J$M9q
zh-QTyMME_y?5ulQT+Io)>Rty;tcqz?>%CY3mx*&KR^UHO>Cmg#ln{lK4tj=~6K1+2
zc}=S;v5HL$GlSv-WG=;8W^iK?8O;ncLmFF=3PQ~cGea$DqEL#p%&<n;k3%WeGQ-WJ
z-ODKFn&nnzoiMd5nN|F3qLby6BD?2bTLHtXDl?F<X<YNgNKF4ui*!uNpmKLvEkVn4
z#=Tz4znk?t2HbBMV872J8MOS3Tnt(!!3kU5LMCFL4VDYCno<52G!VC9l%rL!1p3^o
zxCvUkExgdp&{UMY(9O^kf+%z|G-X8`x*3|pn4!tF%E^Rb|LmYxujrMJ;AN@74OfDK
zix^UrD|5pu30HPVMa2B@5dxeY(kWuE@Q^J6FFVx4_Vo%oVl|e#w*nSYo^i-dt>b~d
zj(cHM-eVT_My@5+UErZc*tu4->xI8pvb8l>T*GsWXctilHH*r%$6v!rdpJcV9VXTj
z?o6WPI!tUtxQsC7I?ZH!cq?Jdbr~@&+?;&Mbr&zkftleD5&eokhL|0mC8zrrbbt8H
zWt~mS4KO?N!$!H*V>`X}4Ry7CZeYAWVh4wM1tB-EUc}NeondZJRtb7+_<^hpHezMC
zm%=$Dr?Rm+d}@cl%MCS?GeRjkbHnPl!{qGpVf*3da5FhCoGJ%K#A<>rEo=8?Ze*<G
zoGZe6Wil#OF}yBZC1SLR-4cGNh>o#9-xV$$1~Jy`tP3xY*w}hG@UyT>#5jw=li{XD
zv?>O_=ZFL*8+0Cr*o&0xL>Z{;YnFMZqNbD&M0uGb#M4MYiD|q*nPm5|P-{|CrEX%X
zQtV8xkg0;B<W5XQ1y*V^_ra`OM#$Rz1LFQ!iic*8{(+6cIiRc>bC9J#T$U2nKiE>O
z68@PK@E04=>}9M_H;!Vvtp8@qk#fe?;Qm@UM$VLNo8McN*TE~Hy{z(9i-?BsJ~GUI
z+e{k6ugSN!TV>MZ6$WE97JfQN+F;4;OHw++3tiw1G2#DPXzXz2AA7LEFfzokxPL~`
z)azJ5-;WKsGS9(m7IQ|9!v|hGFsFR}NTNq6eJ<z6%Y6l-d{(E&xJ?wUC2Zf1tRyL!
z+Y<k>lTC8#|3lt)hg(%#ea}9-pMKBny>KtRR}rO3vx0(v4UnP`Ksur{#e$tH7Bn|%
z)WjZ3EW}t)WAD+}HK;LIVxqD4@Aq3X``m-6@AJLS_s@5pXZBfZ&6=4tYs#LoW_F&F
z;bMZadMS4w_(<XM!+<f;B(xSzm_<xN%D;mxzMsT+71_mKAYLgIyP1#M^B%tiq+G6w
z&|*NjT#S<3yX<8A2cYOMkjTEzhhfjDqm{TNU+s`oF)hj~P=nW3Lf2uM6qAQ!UMrJ5
zkUt4Y#Ns|f3?`EfS^;W&A2~NTjnpIfpmI(9jH8b%p^rZw8uS-QBCE+Hb>BZ1;S+PD
za4sTM3P*&Thq|l$;?5|%e&T;C{UuL)DF0am4SI;z(|IqEYAEgEGGU79^Pga2UYM5T
zFjvws5G!b8J{PirfszeQ2Zc%b4^uC_MdX2`veoGDlFYD`$WnZFZwmdSw5cx1c#JgV
z9)_n>h{a^d*HPuO`%QL{0z8FY5?{*~$kC}5;a^0=*nH~pTA;Xf1&<Q?wCKexGCq}O
z6o@R!<q)bxuV9hq?|B|#rr@~tm6|RRq~eAu^-cL)8w{#_=BNj~xJwj!fq9qe;PWhL
zFj|x~j{Z_6;x(L0e^!4>qTO7NQ6+v|SatEU+OEmL$ct};{#FxpIRs<$0dNiMi1uWK
zI~v#_q`Zpv+hL6OPGG+zg|Fke%s@Sc@EN!UzUr2evKZK5a7p%I11;&co&<geY4bqI
zkZTBL!kyrf^FhgxayGC{a5Y$NS)_y6t+%cj@wSnCFnIV|ggueu0yV^nGnY3Y#5Hiv
z=Z1|+ItVN{`3IXeIpq0+O4Kyy>{Gk+(I*VoA%foLV$f2Y!JC(PT4hO_dKfX@2bcWG
zoYm@BP5TD;PPm$7urFC{m6t&ucI#_vYGw=Gtnuw@;oqMhypZu|>s|CG-a+F}tVv@1
z`a~;afo{QEne*l3Y?9I>Jr49ixRG&`g0;~~u@c#>+tyTEgZjA9Dk1(U7~X}eD8g%C
zi&ep*?1Ruf;3^h??>sH?c;KT+TZ72X*R<KdXOMO`_%6`2(}ABt+6?ersA)F<|2bR|
z1AwiX^dZo9;5x3t%EjF+TBBATVi&>R<yOi2(5ZI{xGD}uD}hVgZ`fNwL;={Xe_Dfx
zN`O6|k0^ph=y=qXR&KWxBI*IIK8U0joYw)!C;%hi$_4?M2H+q#<*aJ1m5?mt!x0ea
zIISDj@RTS_9eMTJaOGT8z;uFUqA=vqS6uIbi<Jv_uGBoS^@t#froVEYEMR$N*R(>r
z`n3iTgh?X0*9&+*`RCF7t$?LGZB+D(NTnr5lJNo+_R&0&J>`@cpK(yfc<sZlWjK2n
z`g7=WmTJ1&x@paM4zi-x1u5YO<xDn=H-fP(V%(q^wOZWP>w!YYhLauTJ-c#FWHnXJ
zC5D5g@V4f_#VE{*-MSrr6D{QBSB8laf1{ZwaiU{KU4-nSQG70n52>m?(`v8>Yg)La
zCZT%mZ3QdPYP~bzvk}F=0?s=D$U^|O5m^buMR)lPk@-M&2htm^FT<Bz2+As8GvQDb
zTY%O#)=Ig>@(@Im-#%9EZKk##xSm6RXW_h&K;8ndgUCQ29|QOsT%w1Gh_5epH$2L0
z>Q`(nBJA@e@;%isS!yZd+21ODwg~ZbD?!0cSL%C4+5n^@kOnxf6v#LLBZ-7S<^z}w
z*O%e@4Fm-mUfXYk0I#hn+ZVu@@IM8vY%-7=09-?429QSqJV0a~koN)n39j-{WTRV?
zRzo{v8#TNdzcGu%Ujb7v0|1;3GA<t^f}$X=mAn-NsRw&4gN#~=B$t{Xhk?M~B;>wq
z89WBgzycebbFtxIO=^KJH0iHYsK8#6O8mxnZa|2370WfB(z_oBMdRv7-9nVJ+9;a?
zvg37J`M!Zod!ijz7EE>ulKi=5%fBnY<S=oS*!geLW+$?1+RB+=67OGu+Gt|cRYJ=f
zg;CB~9klA1<vR50%o#fX^gPQ=)48;OWkkdR&q>lnNr&^9Vc}R~x@NKZNCUhT4fGV#
z#yE;P-$WqN<Spcx(!R(>Xn!89ZzftzD8`AXtlnr`oFQ~thWAKMOU7jpw;5w#kdZ+>
z?>v1b7#cX>vL<()ek73If=o)z#2#)1c}AnWN5LhJ1f`LbNx%+-!!avVrT%j;`m2`F
z*eG~*!M&DNFM(zQ8c%31T+PyG>AAMcMU+lwAWTk6HqYeaEJVm3PDvq1=b7;D#=yAS
zpnn!Gzmz1wmsFRTK*UdVIv5cttCp|XKUeDl!eB;zRvVjgubJ@QlMx*?13d~HMmn$s
z<GAKjU>o5QSzH;z-_2A+zFevKiQFJjwT;lEb&qJ$Vzq9RyJYU^&Cywoqq2MU;jk>n
z;n+R%IUdV#%yQ3iCeyXs{aA(bzW}xC%8I1AuY?nY>ILe4nc{bS7=yw4lU>1Cy;waU
z)6DAQ)B{PzIJ%l+wKoICgGPTN<T!`$cSdXPVcx)>)wZS#^^#(p(}hx9HUsYqxD2H`
zXD`Ne7tn1aQOa{>QOcKqK2H**J!c_f{v7B>BvI6J&gO)w9y%<AD|!Wzwq}`<)4KVl
z^+n$juiGN{_FLE2FIlY4Ex%UKmu_5NkHf=TitZHj-5b{z&4uvid5>vs;L}ld=Vdki
z2=L?SU#0P9Zd_kJPn|EtGzUo^09U?fi8?=|jNb$M91i!hAFD1X;&<1a)-P{dKPIp)
z%-mm!x%NyPKfSO<w3fyt3f6_qgdG*X48BF3IGF1CJ|w{><6dik5BzSZ(v^UlBc<>{
zMX>l$CG6MT$oniNvY{U6wcdK;dcLM%W2!%`<TRR!$Js3JZqN65PAjy4fY@^5|A9^`
z)WAz~*|$uy<J)s8agPbic{Kut%Pf%VaQ_DD9{WjzLe9)0097rE09MmL$Xt#uM*bQ9
z*X~NbH>U#5VySw~tpZMCsoDsqI$kNjsWnl^KzLaAA_@GuU5gTunZtRefxHe+{;alM
z=rHSMsiiG^Npw9@sb;u3sCsF4Mtu;l@o<?1SlV2=2RoJ1fUYMK*Flz!A=d*yZzER)
z3S{XNa?yU`JCcfVkM`18<Qf7}Ke&2cKe1fek=?puZFkn$6;eZH!}mxyxm9Cjj<T%+
zx&+R7)QHYCjgQMk$vBKN6$P8R!kVV{D1lSopihLtrFf?5x6W%O^c8rohKQDByArYf
z#n4|vtc^mK&$aZJQL8Hv-xA7Y#q8DzO6<dYEHQrdF(CNi@>|3zZMIK0w%InwdjXuZ
z**;^~X72_1Tawsj`^;gReFf+XBr*Sej$zE70sR=R=&2uKs-MqjG2&ZRzCiVtE+#vh
zGa2d!oyh=ESr?!!aNW0})eVq|-zcENNSch&7*M?zBAy9!8eGwHN5#~@Y>AF|RsHn2
zYLL%`I=l6mCFMYpTq!skoTtF`?u|})ST)jHtVV>)#>1fA3|D@f8j&KQcn&fEC!?DA
zby{f{HyH>q%Wt%Ia-|v7bOU!6I347qe2@sr2dUf^1sMtU;rSp}<by;|6l8q)2T_n|
zV4uPuV>#-)*#xoF2)<_aNgQ4UX*kkc44y@BGSWN&z<MGaX<h(eGhE_96WEM2^Pj)j
z7vH$y^+itWWlPwtxUIii!jZJ7VrO2+2tvJ(-?Z#zCe8ug<B0xII32__gKyL~14a2d
zq~w7p$Xj6F!643FCIv1Ny$x^FXd?+OUFx8mLybR|nZ6T$?&&Y_l+$FQXIm&m>6*5X
z7;WgR^Ag)O=8NqCxeHq#S%OPpYC2d*`=_P_D2!C5=@?AhcNw2ok?L96C$zJ#HAvPG
z8S5EaXzR9BXrXpIa8!@SO&G3fIh96iu9-a$MJ)>EJ>fBgg@pohG0R9x#=ra<#>7g)
zI17xDEe6+nA#4ZI0smk+U{)3(_>QW52QA9#t_KU89qGYB_Z~7>U_0(UE<Zx(e&Alr
zV(n;#snTJnUmd2ZYd%cX=zN%}0~jX9Wu2-+3Cb9uMw+#%^%zr5$HXZ^juuwAt_)qh
zOqG=L#h_}3fGbv2%Fy<oncj44%T{#|Va8E_VWxwd3=aNqlkTk`e}_8s1>E?1f$UAj
zg@&<3^D*sx(46-ncNw{==c1y*^*F_Fc7Q^av!B6wpw`So0M;fw@(!>nbhPmutd%b>
zV)4f1^9X%3-j>{mJpzM(QrU<t2O|b~Dv4Qq^qc+*e6W`GxB4=TT@MD88B5(!;5HYv
zR0QT6kU4~$#k7kDlDSX1>w)C#YWRqu?7GUS068sG!Dd2y$hC#eHGnF)XNOy1xM!DY
zzrLeLEEJvUPr)J<icU@9WWd@&(W#aAwS}TnTh7F6RmHt58=F}cno^N$X1S$pC{2qs
z!7WQ1AQ5mc%PlXu0Um+Hy)3u9f=JflVyasaaPPjt;$D_pDQpcE_p;ndVe4#hFUzeG
zpWYVtvfOGxcC)yb<<=zrhzN#T+{<!n6ESo)<1FrFxpnadAQM6kLhB{SREt|#uGz}6
zxRvEL23H{b(O5wsk|DB~cS1IKEQw<+?qs<g1X*KoC(CV?t3x(e+{toV#AlP3?7JN^
zdn3%5A$PJmiN|J(8(D7W;9z)c4Y`rkCAbanWfu3b+^$kcS6kf2a=QuFO&0gD-0mXr
zHjDdMZVw5w-Qqr$+atpW9<jKO<@OZupRu@)<@PM2_%Fel9Z0XLE5Wt{r7ind4$D@U
z9hP65xf8Pq22l==SIIIdwHYHV#!}Kt$Ie5M?{|4$fx057ayIb6>+<3hj7rxL5Q{M#
z<!~!Xwi4V$Nm7PHOt52wPQ5uk>*=ASo)17m$tf@8kK-O;XP2RP6f)NS(5a&-tAIq=
zbnyF0OqcD#sbtf^?;&2l&3lbPNL9^EhcHY%46;Lt>^!&&)6~JodEOssM0OrvLQ4_Q
z$7-pRzY!HTXq3BbI+418;V%V`RznSKW?_HIWPW32$vcn?e^y&}bRxAfkxMoa9)q0q
zhfA=J-itZ>DX`N>q4DMZjOBe`Z;(RU%W0%^I|_M%LzjhX5lJ}-*kZUGM`LNfkB`>d
z`pj}!b<apG{TjZnz$F*sx+WIH=||%*DO~Y!Dw`z1Zhd5V9Zi?5qU-?Re}Lz`a9Ca+
zBSX60^Dt0@%W-5jE;~XJ*|w?}BeU^7s~(bEkpv?50gMOdXt?x&;Cql?<=`&@kW=|h
zEuQaUST-FzM}m0<oDT7P6e0qm5Yvj<q7bXWy(%B#ttdnUL?Nb^KNW@84DPcT!duo!
zOT?1>1l}~C<jnvWd2Cw_tHO!a?#g@7FtLs#yogD8-x&H6pbyjZ(BAf1gJcPDP!WiN
zLkE~W%Fv-cZNy{U^hO(G2oTw|l@$Plj0GDI5aWjBp7LfJF4pwTCV72IAEPF3wedX}
zzE_Jc7ZsIvwV^X-PZowM%vrpP&i<hY{IL!k+7IP(z-3u)cmYo-3mc~(?Z<cFX;@`=
zS`ZIZs0CNfc4(r6FDO=$M%JeFs)T(KD?<};NY}xP2u1<5oAqdbFq#qygzwrpvk;BE
zYx@NHUAue1yY`-|adv|5T4VHNUbb?rtUV$#9ub+#(aimb=AB#iFq&}Io@E6a!IJD*
zo`iWalTBU;k4|jwfhrH=c#MtvMy7xeoz}e_9J`ej;dK~$4q&-Nfy*2KS0qnn$k=AU
zm07Z6V}lTPtv3PmidZ$^dVy<VTfx&PVH;v2L2r?;onuXaI|)zs*xlgiB5-e&!1}LB
z-3Cgw`+-dSdVswp5Dq0FP+wtmVy}VTU*I723E%+&<5gkIu#62Qb(7XMlmxdTN@v=C
zd?>lmt187HH;|hXcMP<UzSTF}6Yxc*I#68xtTrA-&){8KN+sMe4-*`?%)(_y;rn;+
zdKK7na8>NetiFB7#d84Pf>w=1l>Tu>+W-naU8%AMBdGzB?Os58z||bBtU=j}z{Km~
zvR%M1sDv?(g6E!awf6ye#K;wE=8nryuRCaVM>LR`;Fu0)*AybTLImS}wE`^1knMW}
z{5gP2iF^v=7688@@*a?90X$8Fx0t*M;EzO}1@bX~zroc}fcoBuGWHY54A=0gk!=n%
z>Y*P9dU=J%jXhZq^z><Cy>{SnCCD?UjT_%K;aP|(K}|HpSR!%H!eCTc)U_4wNu3lu
zi7H{m_hdy4CxR)HBTM)l$eBulzTCH&^~aOr43LYG*OFt-9u^J^uyi^Msz)3(IKDy?
zv*tVDOV`4>V6nk*+!@^+!f1vdv(ag1Mo?r7Hwl~5&H~Eq0jz}jw6j2BxG9hrZVDuZ
zn*xd9CLv#L4`5<S?he6eXCe<V<wZFA+>w|yvk$<Y8te;jkOun!9InCs0LN=^0Kfw^
zI1u2W1n~*i<q8L$nN^<`y5YdHrthY3;8}x%6%ITTR2_#wFVT;M!ym43+81PNa`9CD
zO$uh?FF1ye<M=p*k5)XeLxm@M!As_##YitW*7Smh7W9HIUh@wZ%IfKZxs%U)sRLKe
z^Q2vTKSXSsL(tj^G}P0TuJCXs(bsept4JVwQIOb#zwjhfn8|XrV0aP07gA$D&3*S~
z0v+8u!Q()ZXMp}r)j0rFawXv-`vAmwWW1P^e-##K?4w-<`v5L>F&~7K^9wx0y1}XT
znOGM3ik%K1R!Zn7Ksc%lFhQSU{|TIYa%zQj2pJeA#)vhm7((FtV+?mN{VARHDxpCR
zu1h2H7pCd({yF~e0a)m~^cb9jb<4@n@)LAJaPAzuX53DUWeU)VBz=X|Lboru)&N~e
z5?hJ8CrLjC`csm)80nQS1?hJ{x0AF8it!rBwFBsDaH(}52~(_9mC5+f@39dKvDP4U
zF8p|tDv+!<Z#Jx=h<uA+U&49wR2U~=zyb^m;k@}Ol#-ba<Z!t35?u7le4&F}n_iBq
zesk2e-MV$Hw?HN3<37v5w}62c;WJ8%?K~jo!UYXoYk{H_Lq)V$-(}7mTxoo(;rp=h
zmA!G!o-vHsu+~$-gNErNL_@oAL}9nywwCKPvfqJyG_v*Rrc-(bY)Oa<HkpG{P*r}g
z@ns|uK_Cl0vRkLqQF8aETvd!kYTTO!RipKMGgqmu(t3_It;de`aS_$S*I^8yjinQ2
zD8Yu1;MMeI3=!8x)ZO&tJ<Gl-u3Jt$2ND=ZoC#6|hY^6wh^PvVB!J1etUz@S8c1#|
zIB?r&46UyNJ+9khQU(`JS${}xb9CX92NIjj;e}I?+ydUf=J>*?%nk-u*5&}iF(V9{
z0|CbjF>DSooJNVD!R8plX^{vz+Z<##W|U!bl;K3fjO;B)L5!K|Y4i=7@1u}P1x>yk
z+@;1@j;f%|w}ZpK3*Z$~S)SDN*Wf{CE)$BIE<|@kac%FN;JIJed;bi4aornb2`6}T
z1@_+5M1qHZVefqyVPoTc4S9@>_icca#>Shs4MZm1PXdOIG4bw?N)}moi_DRQ_kCc?
zTX??=ByZu(Ac68*LE8(U<ip1Y&fJP6Kr3nB?N%lPriHg#l{|rTns~d_$yUHRFsTwa
zqkIZZ9}}5R;eQ_Cwn`csZ{9f&nRqj8<il8ZhitUQxLfDL7<cP@7~^h6n>X%e{CVSU
z`oOrG1(WzK3LPg;S-F$9<4&u<tKSdNmtkn;HOPxy*-v2M$ZHHvmk1vx(j*8rx!L#I
zljXgZVCQeYkYYnfO7CyKb0#Ha=WoAL#b}ky-rs)bNWKVhsQPrQR#f;;ZD)$pF<<nb
z4j(5QkYknqjMUP=J_ua?vqjIqCyTXK{KcgHyA0<t4YWlLFR&IXhxl22vTxJ#N<tq3
zN{XR)P_i4|{WiBNf>M(^+KC6|B(GS>2IX-UsJ0UiDuk^<Wxrr7VkaInosL+_U>P2C
zC^`oqU?R<O99Wx)2hCYlR&6F8G*=PPX5vAMu+31}JrUGrw3h;q+7MGIT6P9~lhoq9
zAjjmv5;rGm87Rd!W_YyNmHv@T)96nK?;3z|N6(3t_&YAV7+Xvr_7%!y^X*_^SM?8d
z^rmKoN9D$Wc(x^j_M!QZc}ThJgi<u+jn_%^v&hu`;A>sE3qfokv1g8xfOB+wXXoR~
zLrPBdrgq{h@m`C>_iHlABb^t@tzw>fL9#P-Ogr;2Ny<$0$5~8qBoMFlSy6ls{sc6W
z$k^e}5bXIz`bh5EYgLMilZh@O%^><yc`C=t%1+QKof1(CRGOOr@y^x$C*=J_@A42q
zMfttB>XZsoXMsx+$!WV!fp7W8pty@0H8h!wv)_1x{si!uDYS}swPf&JQqN`vkEUiM
zgDIMe`qL#=8?$SjcP6TO?*Un@VOm(=@>^*Bt+oW-hox6QJ;N-So!z<sQyI9@D}^?M
z{x1N3hBWS^54TcT(7puzchbrb{cx*mDQFdlwgj$}JM6=)-I#t~;5|v}Abg{!pM8Ok
zgX_bseru#v!fI~gdsnQ}^1Bq!v&aVr8e+03LkX+5%D=U%kRE;Y(!DmCp;-*JtzTM)
zQ31?+p5gyAxAlp2+~#usj(X+FG@f@%_N9Hdb%1Cr=&lDHW0E>`tF3Pl#+TH}0TmQ@
zK7>6Iu9!+WU?_ER0np7PQ702bC3gY6og}Jcf@tJVK;IyV8krypi7!G=4OdKsOb~ta
z1=^h?>SJOx6F(T}BsdRU^Fh)nEdVwfF5u~tNkZBJ^c<3SRAo|zlHLULT9TfHq?0O1
z`aRI6NV=Y+E+l;j^gXzy8f)_K5WC#GaKSpbjBnG*CiIuqlybh2aJkJ)HPxvHi`{zD
z+H&-JQ`3VW9t+D`wm?mj(L~8Hh#k&j$9RZ{b_CD~B(wKDR7f`f{W(eZpm7~0qz{0;
zM-mt14;PZN7<CII3~7%L!cq|SfWwgXh>*gcw*>2!aOJQHo-Qmnp}fXh3{B0*j)ia^
z!Sj8%;9F#PrgsQPl^A;$!v*(~RJIVLkwEt#X%>`zWOf5cKLI)i4)<owl87$`vYCYC
zz13{FZS4_YzY|IyHCw(@x)azRh0<5eme28(EyH*lu0Kz}TLUdCy_>FI1N!#R06gW_
zC4uyJK%@ng7a{#&pbv&~_BMR%0A7ykioTX6n%eRb>vGN{!@@q~W5W^*z?iHcXbGZc
z8(E8+q@$q2ReEhfP<kVns@jrL>em^V+SNfF*3~h2nPbphMQhhf;K~;stscqU0=Z$k
zxwiQ}$UCLK&JK(zz+hS7y=XvTJcrZ%$i>NUp#pLvfa{2ShA>Y9c$~=lK>iBgeIjoF
z374aN!iB#F(iuQATs31JREk(o0oS!O02mGOFu0bkKxP9t0?xU|$Z{_9fhxy*yRFYe
zhOJf*fWkdI=TpPTeto!R)b?~NsfpJ9+~#fl7FMZKspfEi&f=fYgB(@Jt!FK6>khGj
z?PS>af<32@jZ!08RPW)cL6r<Oe0*t?99V#)ryGPXDHh5aRuISQtCQyuq(4Ww`jgHT
zi^1e+nqeCSwqhv?6#8ryx|j+lL`r>0opKK7r{mlP=Djtu3v*}M7Gaed{WdPfZB@%u
zQ*d65^q-Q&lABC0)=4KcO60p}nT|uu38~=aCMWbeUHoVom_DU|49P%JRnNlvBe;&J
zTS@B{sarR#a}FD*C0tgFbwM3FOo5r5wP;z(jW2Z#n$a*NM~rWQ{g-JSV|6~pPS>K7
z?r5?1*nrBi4zANc)bp-FItS=kaLvP+-XNW}r9MGaeJy7pVhaz2&&^=D5iXnv<XHeu
z!&Q^3^ITA%mB}V7<vs(!SdLn5tbC;B8DExVyWG@+^Gq+DD90|(>wui_f-AItV&=Rk
zYS?kDfhED~hMNlhK)9(*=kJEh@lp;g8L8u4D7NlqB7PG>mn3`Zv<9N}I4ylN!n!a)
zhxu_`h^<3K!dp~V^utVmEeLQ%lnA7PsEO8>jz7=Qi<1yG-TE5P*3GC`O>0yQKILF~
zK_;B8HweF31wl=2d7(=UXD9DLwSR;YWUm$YtQMRgrvf-3LLLL~J2>YJ^9H9%+^j@t
z%v-;NdFx}Q!(-pjQ~MV54Y7RRQ1TbU$mZ#E>#23aP%})N`1Cx@<ntk%a}5)FlXIh}
zO#_YLYnJFy_Ld%n-GKBckC+gTAjEAtL~Lyd;*GI~7gP9`3s_!?SPJ@Z93U8K3Y%kA
z8~r787!@2_1UrVP$R-+A_AGUUtSWs(K}~`LtcxyZJ3im|e3hDciqA1Q-=noG9KI%$
zKLHQEM}@RKPvU!2NKXohlQX{Bg!BqX5+fGKI5petP`+!1rYycpGUx-Wq0O8vWH1;R
z+N%!|P+cCz+tF&08Ir}Cli_>bYHH!EVK4_5R#Q)klEFyDY8uIrcLoC!t7*a(QkMXl
z$0=cE35kozTE~={WtpQ6y9?drRbR(wdkCm@??SmM%b3~IO!M0hFn{`#R5@1As&kxu
z#ad@Lml&SkAx|elMihqBKD;AT$yLUabt-*(0Vla==SeO#r2kj2HqWJ^)?O!xF*$Zh
z82?zg>N7!0tc2>}WVlmOL@jg#+5}h4ju^wH(gZU(7L+~d7=Eou)>0e6W0jRlhqeXY
zt#HzzT?^o9xN35k4h`zRpBLaKWFg&Vw}zsLC1fQ%gO&7HLRQl2<evYO43N~&OHi0E
zm<0RgvoY*CkYQ(fJO1uMI@{pTr()#7^|=S;V~i&2b2njZjdav(bZpVD6K-Si_4=Hz
z*WrA<sO0NKr7FEDS3L#+inzeEy7F*<zFuD{6<DvX`FhQ+sC~7&CJ0XyUb(5R^fbWo
zxqx2)$gl$7=1USo5@dxsyb(}NRv4U;uK~*ngHtL?rurnhQ<hjvc3EL?%H!t)(JKs2
zg|JnqoGdOlO=HnO;utnN9f}A7Ceke7_2PoloMmKsalvV>BBB=;oEBl5q0+wrZ3=>m
z#4%N*Eq>U7Y9s5NW8j@L);pYS%Sm)t?=U(gC(&WO(-9tloJ5E94iSA49o9SChtMa{
zVZB42204ii>m4HcBs#2ji0G5(u-+k}Pol$mhdUj^<s>?+ca8_5Pol$m=OQ2z;#}}{
z>m`gni4OA}?mo<rljtzt!ETc|i4OA}B8z$Vu-haG)hE$mzr#A9Pol$qhYHvrC(&WQ
zLmzz-9rinH&S%DHzvFfiAAJ%X20W|{TjMm~ak~W6sXmDg3m(=0eG(lOJY>@+(P6>E
zjOvr<u;5{s?Q#+w7Cc1sNpx87P-uM;9Tq%9^htDB@LU082kN*iZ288J=SYMN$>y*I
zXDL5RAx08jPk3gjASza9F^Ul*Njcng65o}1UxBpmY_c3q7RpEc>j;R+28wbvfLKQ(
zGKUw1dpsQslOD=&PsFY~W70##yg}-<0Q3e-BT(g;TkNPS?wQ6;qQ8w^(n!f&)sQ~*
zp1G=y^3{`p59MseBP8hYtgq8s1Q<_$c?c(EQVv^yXUuZgY!{KKnU7n6=}dV%tqj8<
z%6l5U+Een3^${bxW*09lsyDV7t5%20hS9zBmqPG(#u?^DjPR9wC=sZ^m>c~WWQP=w
z2c2PV#DG~hN}O0hxixY@&<Z7){ml^RJh1R*wXKYsHG-~$-a-%h8eDO=`!Q{!2tKrD
z!4)5m_t$8uvO69f;mT+dl<<#7FdPUwzKq5@$?O>#T^r2BB?y${0I==@SB}-$RD$)-
zZhdKWz%D5*tz<qtXTvou;2UzX^{XLzj8riS-SyKLGz5!PgLIV_f$KCzb)0HQQ8<{x
ztPU2a{o)|17w~u<u3{3x_3{vImTC^Drk$X^4VU=ZWS^yhS0#u3s^rwcI=${d_*==K
z$EqI1U4eXuVBaw4&kWc8CMZ{jXpXa*<Ez~f%^!Xg&D}bheiBXcSoFehi4Xo$G`)7$
z(hLw;P|jGff;59AnrcK*$!JC!u74#>@~0?<NhYm4U<zGz=`;|rrmhB0SH#vCPDzL}
zO|&Wkq7Xy7(MnZ9i~#qre2AN(5D^fC7+!L56k;m456*{pHVP2|QHT+xPedV(0r$du
zh+d{bs0fHc?495_JCW)XaG#V9aZD5<0-_N6=6Yi+AR&GR?w>M*`)5-t*ai>KOMtkT
zZZ+p0C|P%;Q6pRT@w<A5_FrFXkb+_@7^K{lhL=6X<v-^A-0&**cLi*Z{+R8%JX_AF
zim`q4V>bVFow9O|Gi(&F2JHnkJCYxE=Y~yJQ}^$Nw+ncA+Z}ju$FQDY?OTTlI{9FK
z&}cNsIL#^9_Bg8x;)D&u)B@hNAE)26EAMHBH$=R*YTg+7o5arzon1a#rYz9XN4Zy;
z;^B96F(apUXuqD<I~w6jY=k_Ns#hB<)!}9nh8?I|W3+t_;vS?Ui1LE?EQDo8;70up
zjK9<YnvL|tV@5QpjH1cvaA<ca$XIW*Q;yowr{TdKP{vF@sPy5$*%S@lYz))bDcLR4
z#Y~+r79i0ta?rYc0bWirXl1?Npmj~bp!JwL&Bw!b`J$q$KX*PB%(#Vy7ucKI?#vez
zy@G4FJhMBDd2nQ{k>HMO*2XnlSAyu9Yq*XEtbB6~*EN9AxgU?e6km#TY4%X5$fzU3
z%@rHFD|>+Y5uCL@9|CpFqn{Hx3=b82hDTOXEE>gr-<FVX8C_$MQGQmNgYj67aovx$
zdJmk#L0uCgejV7$r0@_{Pp0xEuutLSJb`5oVz}bfP(NJphbHdrAjYsfa0SW|UHBE4
zE$QP@F|1Wxfg@8if{Ga<sGqR{p<JF^2yvxcUNhx#MM1edk8%-f7h^DJzDge!Z1$Tk
z)SEBZo6pkcxX+(A7)-Pq3?>Q;28)B_Mu=R(QjDwyJw5eEX{$lnOZ^k8!P5~cvKpiv
z#s9==kYWF|)nMr*@b-_u!<Y^pMhUd(AVdClrh}f|%nu7p2jesyj8(_RBaSN&CoCQQ
z(?i91|6)uV5B`Si11UkA<3zXGr|P&NZ=VdneuEHeit^tEn50ixIfqq#nED8aEJ0Lo
z4-=m!+!K6Jt$CS&@Uz-@={@hOlC7;hP_qWYrD+V;lV0<H9ST<|hKK&32?%s8@GIe}
zut*TkQh9dkrd8D^GnsVJCWJ!owW<c+lujS871-n8eH5<tXF$%|qm~IPYYS?eRUb|O
z&EbIe6>z)+=X?c99^pm#dE^}+e+A3CWP23|4&!q8q#W7~_5sj~$U{KJ0T@FBby-aX
za4?Zy0XZ7LT(~+4P@h7|tAVY8Yq-hC#)+Vd_7wDV(VSKSJ~01*G?(qkHSH-g*o62K
zLNrb>2#bxkp)!hPXs+7~omD{jtlmuxcu+MRSh^#WPrTWD`-HW{u7F&H)_^Vl&Ki)_
zN?QX8B-Vfei8Y`=Vht#eSOXFY+N}XQ@)}1^TLbdryI#8~px15+=(U>ydhMowUb`uv
z*KP{vX;Z*}>mHsq1q^5k=xI~H0N)bwv?*YKZwYzE6i_Bw?4Uk729;1csK1*I>ZyVb
zs@q-WQ@p!cH2Vb|l(A?wUurZK&2jVUm;w#Q&8tIR%DVr_%BzDnIQ|k03G?ch4;Y3u
zP!NoHXncdk1H4F8?zec*6|)TU-x%@>+JCa$beJcDVwi>ehlfhC`Rmp%{h+k|626Ws
zM_TYhrZREj&Y#tGb_`{S7F@!%xfS*JT)2Smm1cU~3G7x<_+IJF-r_Z2FTjOt(}Nl6
zdthIZ!dua%oQF^icso|Xh1?f7ihbiqV0*xoUIg!Fj1=m(Y{g!<0kkqqpp^X?9&^Ap
z9nSs$$f*EMAo3=VI{@5F<V7Ga19*<elR&-!@EMW&fpl7f%_}(jb|8ZQ3?OnXkg)(p
z!<94P3fh581$Ho8<p)Nlry#6+kEr{<_#P2nixcrBB7BzUKs{8%7l}Zdif~n5m`GS&
zDzybER;O4SY6=@?36d>roVEY1ao&&6x^W65jZ+|LoB~PX6i6B;A^l+@b_J@=e3(f3
zh5t=EUHSN)vD1}r{24o4e&f&B>GB(Yk)5ub?qTD+Yzb5&jnfbHsP3JD#`!K9=dS1Z
z(t7dHG{OuUp<}*Jy6dSvpXO7Jww?8_L7jIF5j)!Kxq!3Ij)2x(A?>GjRL-Po!i(Xt
zqX$Mau%0TyTR}z5kIh3~zxsQmZv(Zj{ErX)_SGNe`;y%9aur(^EII53N>o3Z0rO|I
zeH()g(EO~hgbXWC6_>zyZ(=Z1L&|1gXOeOogzZGib-=D7<qS~vU<8i<yPuTHLD`>!
z=y!qfx+iBj=H`hC9_Di}R!@e^xU&LaD$RVCV0}I#A8WACEB$~Fr95Hg?5SU~c_0N|
z{;W(~j7t}SDT@$kIBOP=CIEFrXgoC%z)&Iw0684Mp+rUlSpZ-@5uV989>8iMy@BLo
zYX)*UsGI0h0pwx;Tj3I`fLsUQ8o06(fka|D5fF(P!yU^sM7k54+u*DRfjj}=5h8r4
z{{_IiL~aD)ufyvW&bksv8GsTZT()Zg(1FM~K>7pd3zy*FVKjhIaKTO>)*-<s{F@qZ
zu}wbrS7}uEHr1B2K(0u#0`Bt7KW3uvy5)cS%|BMam|V9kkaPtCNmn3{bOi!QS3t=5
zfAGye`3AfB=AXm&wE5;Azrk)k_vxT3h(7nJxCh0qU>wIc(iJqAu3#89wao9AcmMd}
za${xh=uHOmMNV^Zxudr#3O~}9&@WIn=8NI%L;vGLCG-oFLAVQHS};w@EKgc+wJFxE
z@a4~H8|$F2xEl>mt}j0lRpJP^IIYyB0dD|y94XIZGp!>V@D;!=g)2rg45abh2kf_S
z0V8WMNvLnpF9z|6XyDfMpuYx&SKzG63z4mb$k{;t0+#p5b`p?p0DMK{I3RpI2XNLg
zg<)m^sRXs0K2v~n0niD~W%}XmpzIE8H@M_|KqB!RdXKPjD9iEi8w-c;B^Myyf;sQ=
zF_39snL;+M*&YpGE|FJ(tOBrt2*1jE3V@T~bo#Z3@<L$e!+BkR;6C#K{F~|x=ifAz
zg6M5-q_-q0QNllsEs=WrB|=^aCwj{x)LR~*-fjoWtz@I#9t7|J5$f%E0KX?fz2(DD
zZ*PP8CVi;4PXK%j=Q4fKo3jBe7EbgQiRaK;>#Z1mMR20GJVL$Y5$df2SQ^Pjz4Zmq
zn+Wwb0>CgL)Y}9A`@`w<skfQHro;Vfz3mIG<Bi^|dI*+v-lX1EgT5Fc7r|LHsMr8t
z9T9E-Zw7ESk!e6K1@JRCm%&pffr9d2yyr*p_JT*w84M96-kZSuD>#YwegNBvFy7|@
zJVS)>{vE(aa4v(JcuQ_Jak4$DbiwBySu+cJ(o!?1Vtf0Ci|g4D=$=#{=}85Wo>U;|
zNd=Ogl#o9E#I8Z53ofo_R{u9YpepB|OlK<RpG;@!w|Ay~L1$Vv19s-ox05M{{&uo_
z$W?zkSw7^dznv@}a@F5X*2zTQPVNNtu}8jqIclr)$OBA|JO$d1e!cI-fi%6f%LOl6
zZyB4FwM2K=2!Ea110K#n^wldGDZ=TW;TTVYT^#%ji2n*Y%aUM!fXc7Nrz%PX4txu6
zSuhIZtlt%Ic}VsO<&ZVQeb(4;tMW$rbD!0$@8OTu>bBX`yByv~npZoRvsq@D$(+qH
z$FjV+%1%EDUQPn^&*dJDlV)O}{qB7&LiHBTS*V;c3KH5oBH~d?m0LPpXxj}f2q3YO
zPQC`}@tm&7gPDn)Oq4OiX!IXDhYx|c(1}qh9yxN$WfSuK5{KLl!v&v0Sx!o#<@t*k
zW&RH_22Uc4JH{vLy9~1-dZ^$zdW~}_<@Zr^D*OP{Mke=b)4sTV%AeJCB?qWHIBzvJ
zQ^=wd&>G<|{9mRzWF>E{Q{5LHuvD`gV28nm+X7uQYulFAqvIc$NJk<#7L74knk>dJ
zSZogMNPk$aZr3_Yc@PcEqS|#1{l5h%E16*Q8*c!sZEuuf$x%4BWmVQu=RF}|=Sa%x
zU8JnpMar7Ilu@KcN--VLqW;gM%pvcYLMe~SOBq8e6TKDfB2jJ^iE@!drIAD|cOK4=
z#r}v04YpTZ6_3alfmgiR^$PK$+6*O&UZ=L}6-th^Vu8EtchD|AS{X&u$pBVcc|>Ae
z!l2i56<@4CyOyqkw>%fa=gfkx;yMT%|5sf_{GWFf8Fm%f|NE{Y!PZk0^%u7S5xb0N
zKS1vg{08LW;76UuRUjr_#behVq(o0ackMx>-Fo~uoYTdB9AP?B^<4qTL&@H?+rwvn
zGKyXSAD;kIrTmDf)6JVq3WKULF1rR{Y9=TSdAuR0M&AA|VID2AD3$U?lKRtdJK#1_
z+1pt^C$s~QlFlPRAI}_EVEFs!PrzdIs+?Vlm5`{vHcj&hdf;cZm7;iYy+j4mn{fgb
zN8pm^@4C=qE0D9{QtT@GQ_YV6yPp(x03(_52f%j1CE0UMs6r^(a`2;{DRv8olcxu;
zPH+|Sy|=_tu@h*;B9ltRw<FdG@Y@$Iz`nS=9F7Ar8?JI7qOj6QD)njL50h!0%18_P
z8p!7)EM2Lx9y46N5fuThY8HmtMMAP$?^<6yXAydeVb<iKwP3>X4DA^HU=S+;s>BaE
zX|5_p>#OYpra_2o09+l<TOR;mJe+d7nXtb^-ul?cEe+JTp@PJeJH+^|f$tRUi<Mn?
z<06Ok9yVOC!-r1UaLonRF@_8D@E}8HWeE>A2rHDk&>&3pG6_Ko!|<en0Pa-=Vddl`
z7^%hrY~(&zK<7DnLl657(<+e!Mj0f9z!oyhZ0)A%uQOz(i*U4R)UPg92#58gp%076
zDdJ$jYJ~2cTKY8|i)mDXM5S)Qu!$oM8Wrfxq~)d?xuc*P+3<i_tJRx)(RZx$1ki8q
zM)Iwl12x^+=KwNuLtaX!N}`U11BkdDgUkSkV?PkKG$0(r3&tREJq96rg|cVh&oRbv
zx(8v$QW~Tl(jFXxIC>0Xvv#JW8^I2yO1*=Jxs?h6ab#j9tNsHxh&jLVZ;V0P(wRA}
z&l8#(E2*h+_7#3NZ+Dgf(^8%p5-`{zQkjw^5M{NNk#;N}0<8t4>?M4#bF#@}liQnx
ze7l`o#zQkwi*m|Cc^pA_V|>QEjb885ix1^-1mTU7P*2f|JgUN2<Gccj%?P9Zi|}W8
zHg7GG^rp#eKUFaVegxj_eWvcjq)+v`_{{78G8Ocx8xcO}nr52Q>E$qLky}vVqzuZY
zPvxvEs$o)OeaKYWyAg~(tL+3AFR;bnsAB}HH)0A3S0$r}WY<xkT>yMDTzbld*x4fg
z1Hf)0WfBA#CAmEb>t>*^(@A^GZbwk6;4*uICmkngGSGwIWJ4pJC21beStOzNivJdb
zEkMp9VUfzDNVo^cO>hbHzF8RBB2%rGtxvGaEXuL~?bdhK!L%qBP#x)$@qkP24@0VA
z5d@d4uS*^PAxh$>Kz6(Jy!DwCKuePs06h@QW8e~8>o1e)j}s5;6706i!y6^JFV`j6
zXIDt~YPW7!pJX>*Y0ypUtHr8zAFJ0$(~(}8!MS}0c|Q!nn&cj=(~-t0aPB_CH4_V-
zhH30Na2Lc<LuM`E=LpfsNbfk2Jt*(&RPIK@@<*_6_(2xX!_9`ydZ^qk24kJssJX0R
zNCdaEu46CD{3Awd4{T~vHRuFQ2v+f*w#VzfWaw-a4{Lg84|=@;sfgI2-OnH@{G>nz
zckT$CMK;!q8wm;-SaKr5N9(w=-nt1Gg!mHJH0o8kmzkg^A}E(RkVg?*g+q*TnM-$X
zgHYuC^C>9z5JP7_KiANgK}E9*=;5LQMA@T|nOZgz)`mJx=wiyQ1ztZNg%?j&5w;t6
zcsQQyNd#+9He^7r{UTP&^*r%>(`!GCl8=7xVh=U=hrwU)GerAYj#CRWWeju&PD-i{
zp1tjofW4~o5|C0t%6SlA8NtB$1YkM)#H@2YzzTM=CC<|TE6Gsdd=0RQV1x5(fYk&$
zE0;q(GaD5{UYGRzeDXyg|9U>@KBfczSM$k_!P`D4Pw4q16T@x9_qX65{o>+P$}O8F
zG-YTBHY!idVnX{PGoSR|Lk^r|k_E&;eM}zAee4RN4-&eX&<%JfcRL<A^0<uLWl!jm
z(cjE?5)#jAWT%k-Gz#BL8_DnmIWLJG$~V(S3X?+fl1Nl|1)^?XBGIpx0j#zQ!KJ5-
z4K0-FmXopQ11Hm;rXtA#riM|#`C$2nsbQoanHok4#MH1|Nzvpb+yO}{8R<q-#rxzX
zX+)JRSs_!ydaCbfNbzVSNp)V5YfV5S$*$AC|A8d9>{De6buuF_$sLeH@}G-R%}?=I
zGRMRFznS9QBD&)2&(t58N4M(-^XRA&$vm2qyStzttTh`^)IXWrvBZ_)A|2azkK-|L
zmdV}CrhPlvC@@}ykL)rki<zSX?d?0Z%K(k-J6G7gz4rF)wYP7ty?uM_?b~Z_-(GwB
z_6pj!m?q=q_n%{6Rm`^TNRxXIP)Rfid<{q`7mZ@O4B_4cxhw#Uqqmq@L3$d*(1tn?
zC!2jt?<|z-NnlJ5)M9$m-`Ni4fL6**51+|SKsdWMAJurM3Nv~;k`&HJRHd2e@dfUX
zC*Vxa-QOjA8rhh%3OLhqe;U3Em?zY2>4$zri1SE2(+lYnaHi)?m+*W=NWwC}Q&nvH
znCUU<TTT5wiJ|ec+OjC?IA(fG?>jVzFW}<np1RVb<0+UH!O2W-0CjmVunDBFw;IKi
zj|a8_F3uszG>-c(19mZ7f)hE4{s54BN#I0|`uPyZizHyUl<_Foh*NPo2d<iPw5*U~
zt^1}qaXev^ew|toP>C4$>%ePpGF-HriICIbvYef*2CxiHN$4A*&=C-Y?&zYWN$B&z
zyd?^K1Awa-+I_?5>empjNw-RU-l%n7<^IKZvaH5vPdNoz@Uap1E5pM9_z{L@E#8=p
z5sB3ynK1~fjN4!kCds`<Ss+u%egy&CDFzt;o?A7K%;lC8(4Q!v?<}DIsetb8rPa!K
zzHO)1bTD+vpwm|lUnUMKM6H?9jRnDiaV(~EtQGY#r6W<_vB=INhOFw#dmlBOM@>QJ
zvHh`K1_x%dKhSe3Mr4d{%#6wG`-^p8Y?g&O%8zKHRpJ&PA}XYLAh7(Ef^u_Rs=&@O
zWsG&MWaPTtR*12nT^962UL9ToWS0jLox^K@?26=>U=AE!17ufb`++O#@ERby*5k0F
z!r?VQcD*1q4zB^S8zq7Uht~kvEfPUzht~kvorJBs!)t)-E`sz{@#_$ed}J&~%OTjD
za&;!8-H?rIfMkO)q~VYa%ONfb;M=de;V-=s4?4LWHE%f-Cu!F^jRQTsq`a=~wE{h_
zoD52eT_cv$e}iC^>>16aa^{v>pQDN-mxZb-ta$os08S}hZB`;+#aB*eB1s<?WmB*h
z@F#+0*f2SkEK$YWZ%o+?8rl<HZvYYRKaM1vaV~}09lVyTJjra)*<Yv=+Nqo^I(oLa
zf>bun_SvBIECtD$J68B=Kc7sD*~&x8X9;KZ2je9EJM&Bev7D7p)q8S}au;FxL&T)K
zHBAuW44-m-6j3cg%3ljwlAz3&oiV~x$`<t*Ir&goa~}!C8bB|RFaJ>96PVw7wLUA~
zWcm}(OdP}MYjt6eITL=emMABAJbh#C8U_$qJbskU(;ua~Frw;($Qn+Xt(*wAn`z=*
zDH?wG{I<u=c+L`4vl+R087h7bF2S#`^<d231N)K`P7{ZayTc~*25<?QgpH+;6M&5*
zm2*!kH<7Yl2)q@pXr3yO`QmmUx066~QE3Bz1GZBrcnMR#wWq-wuDAh}t319B60=*M
zUsorWE7oM$U^sQEkF)M|kT?zk`$V{s+tAQD{@!G-<Tyyac=#CI&)JI%nd-U&eOWZc
z<PGwcvM)E@bK(7T-di=?XXq>z`z?d841X|8YY-Ebzqo>jF3<kPu#|$O*_C8u70^xM
zHhHk}Fo9h)S_}0xB%Gj`Li_fY8<01Kz_9MGS7}7qgA6Zg<1xYu@8!=&-s6n-z3@I=
zM`bQ!v6mXJi{W)gp_il(HAadwPT4mY<`rOmNhgz^GxOBH{itD>00s+%Lj6hJk!{8y
z6Lris?H3H=?qIAmjHJJ7=*^(_X{R@iGbKd2E)-O9*26R(hk{f3l9+1Zlr%_IT@JF{
zfm6~T*^>ws$WR!3>*Ube=>3Q{LsTL7^e=epyond1G3U&3X6pB?*b^+qINcbe<BtPD
zW03C50z=3bU}T(4LeT>3w|ZU%17!VnbZJ~2tM)Ggfi8AAAJ_9ClaO2xC)v3fkN8!1
z6uT3+dl{w~^^<Thc}Qz_<^y-xmSdv>2LCYcFOj)@Q1zWdWO~O{Sshd$K9q9=!*e_u
z>)|v09(g8-zr>6_2ZJn|1#bMdK)C~icT&Ww61yRpK@wt|uCCGS-fFu8T>gwb;9o(x
zm!R=2g!6mjEaRZAl;TXFo8U?_CNP7v&+f3PHVM7QK1f13h9gZS;B=EetIb7`N)ll;
zleh+PT@fV__FxiE0eys|4O`+W96{2jK>rGd6LN_(gH@c4ZUHVhP9<_A3<lBzF1h9%
z9M&r%X+F@|<XM0_8mZw^fSg3aPjE>T32i{mgG&yByeY3MNRI-&53a0wtX9r;5cxY0
z4L>+i)dkGJH{kdioITEP-2#q#P|=|YEO23f#lf4s*!XUM@1KnCD)A)`uB6zs-c$DG
z0<IoN1#xu1_Une|XRRqjdaP1S4A+E2a38gN<j85=iilE|nTS3_auh_8l6?qC>@x5u
z`wUYeL!s6sI<?R~*}TD3`4;2Nx@F&DkQ|UpG_Oe#`Rk?ZM~puc#I%u#M*h1dYwt9i
zzX#`gyK+iDoyr;6$&go~9sdD!vtkx#m2A-=^SNF%^{K(TGt^zfj18E~$ZR$i*ImQh
zg0A85r)(UEL7$-a7<TOvijROr^#>`wuWR)LFizNX5wW?1_0-dJ9(94I=aC5>?(OZw
zv2={nmot}R5vG<f#zgD|=;YXtt710;u8)B|!)_xnT>_?gxwU*v!O4^oR@QUyaI(R2
zz=0TKJ4MohvKHrLPEoomd@8If(0w>Xa(PmNH3jlJMb-4_tYWw0FYyg}u%n%ldl~;-
zjIz{cK9n`EH;^(xEbD9flnWBG&O;EVqWmEQv8_jlRLbkuu|6kK6@MH)f%R*KsTOIo
z*2_fnZhM9G7TId#;AVq$rXY19llA$d5WQCNf!i9;mpXNoYatCx{Pp}hPC;X2wkf&O
zQd<T>$<tshvTEL?=ZAPCR)O${o0AHAdoK)VOLO#8!E6}8y5*@kXq15^->Rq-pRE2?
zMP((~Dy&x!Ij)>616zYN2$8w<f^-g+WAz9}-&ydzt$L1?n+54_btPL%h6C!|tmd9T
zItsFfbtQc|Rdz;f!>zG`bS5&Q>~0{P8v$lxWrqOnLbxbqeN3jVMe~7;vrZt=O|&w>
zI_BNDa=S~pPqp@B`aQ&FhII?sdJ1y1wK70;?<H)Dt&8c?yC{y>jt!PCLk9YUv|rm`
zy-c5hPJbYqtXjr4NOE(T)k>e;Bm-CKZ(j^f+=iBTwKbGJyJt>9n47G3hztp4BGcQf
zE{tFgNp!nv_$o}|LV&}q?AZv`_;+AHx)DLO=d^%bgjD;CD)|Q9hg)M=U@^{T<GcjB
zsbmqNpJFxLM=~oyLhiNnp86VufcIK@PlxPai5#oEXLNh8c(0}RtYkQ=I*=jBhN5B&
z7vrfOPcP&Y{{;m-sDjdXdRi1`37BJK%@uCn7^{jk6Bk{${i<mojN8|EUqSzXvy8x+
z-T^)X#3!p_tS~Xg5Mz2N)&=TGa*0eW2W(Hq%fq)jTud%9WX>n`$ZAj>q2fwUz^;ZL
zAna*4K^|YjHG~5V-$<TN!_O0rYxoSp3B#WRoYL@dq-O*!pM-dV8VVEIn@zXwo(44T
zUW#YJy$;W$%b{}0eE`q2%W-kWrOjd1-HB(B`w5;omqX!VH-S-OX=)Rm>)<5kA+9n3
z9Ahe(jeyD*LW1%RWC-ocZfb@W5LqvZ66ZB5y0j|31J@ndVn`mkkC9AG=~c6Mn0f(}
z7~5gx7vM`w^G7j~mrw^o=gT~I#Tdl8Eqe)Af-r+OnvT2WQ(T8)_0nO?(1d&P{8??=
z(Rw;A!+|5KPlB}+r_k0FvES=2tz+^Tm}tNiv1=KY<bv%9K-ZGQ+x3QZAn9VDTj6p%
zxinmC*=`1U6}dQT86k1K3iL&|(o>BTm0Ae(JY>zyQ@e|O!&l(=7%sffaPi_P*p3*C
zBV7KzWtio&)n3IEU>xSNV>qWREgP=~CtA_yxqOLxKZ*NruuO&vyBV(EFz!w+UYL8C
z_^pHSj<kjq9gc9F33tiC_j&}nmhmgUi(y;>2A-G+e^6Ds8`}4X?hH-Ghrrf(ILB*z
zUWHFM!5}PPf4)I}(;kn1oS{8gKs(XU-fX9Zkpfxv{?&#dhLSV_Ro`G};qMF}=|64|
zreEzE75I_HM(gnIS{3|IrNUvxpOw_#+aPl^4`y`!frhl&B#S=FKg7_^YNu7rGPKJP
z&sCbPb<=gR@qy5B+<e>6+`9`?R^5i89$Vc~R5yR7uA;JbFF}>Fnp4pTyWNLH*aM4l
z&E;$+_{eI{hro(YPO+P^do5qAVz#{2l-LGx<`iy3k;w3<G_Hq7ylE@?RX&TW@885I
z!rq!22%=frH^-{Y+J7Q23-HMavF7k(uvsTU_E?KY80H8>ItKdy4y@CNbn?yzlEoPg
z{1J5b!UIDA;=hRSjIz%scV`<@24!=UhEsdwGz<A=?LM^(T%8?1*aMo-gQg%uSjh|D
z3Cf5B-mHbViJ2*6dGTk0P>FR8!a8AwNQHHiAZ0{q<jYh}TwbpY7H17k!XJT%nw405
zIs1W&%eQGtq%uR$Yq_a3bIAp}EXQ@|Fc2e74=~0vO+g<<5B#jQKU1u^Gu21}kE3Bd
z2$!QombW*9d<c9e9M9-YCLwbcN(-)-7wCtQ$sRzv!Ij)#;-^fdXp%u^)I};&-46=O
zddNwLO3L~mQ`XlMly&fX9J%<%vJTDGhu-IjM`fM(pO&>v`3uTg@Pe{-3d(xd@=ZqN
z+Z*|a%9n7ye2M(8lrLAsQNH&gZhJpG_5z-g@=ZU7r8>7LbucIy7P88|$bxdEY~MAy
zZ=?r)c%y)?2xV)zBMI(}5*h=SW5M|u3VamMnQ+B?gIInuX(s{S09W#ziI4)AQv3rT
zmf{SwDpyMJL{o~}3rg`?l%l0~;5=P&mf4}h9e1)#7O>=CL7`%7r7if5BVjhuj=?a1
zL5yv*lXnW>tg>Zd4A7x9Jr>M}Ul8FL6`Eoj2U7e?YQ%QQ67F4#C;sJ0jd13cphoOr
zGKrh4k^v)9`yr3aSR5((lCfWzjJ;TpvCMPmigd;t&dXvSq*$W@oykxJpD_$RXMz~#
z;1ftUB8Yqm9&{cb=vK5w5*&kqYb*;mIl;24!%qQOb8)t{Mmh>*4F_B+i!qM1FW|bw
zv0w?T0}1B{Z;DL=Trd2A6`MgMP05m0Y%Gw5fRSb`(Q2drIgknqR|2^nvMr864Z_q)
zO2_GmFm{ui(odHGhCUfv&ghc^QvP7}jPRMsUC7a!FuMC}z{L=C5FS+M7kPy~Zxs61
z0)?*l|4^Ze+7()A6bjAA&uW{{uFxKYuSP?>5-w8fVx!ibr=kW(J^jL{)h#lS;O}jy
z)igkPcSMzSB>c>KGm)>Xb3sf-m6Zqzj_r|78fFH?=qn6FQ&D9d53jUT)~^7?bY*4a
zDyA#zK!8q6SJt(FgP5+Ygg4o`vXVcrY+YH2;E<xOtc)~k+3W%u{cnJvvStD|fxOd+
zP=l}nvrA<?oq^7xZXK7g)f?TG0_M+Zn~ShMD{CJ@)?}Xt$oE`8cv8_uhV+X1fb$1f
zv~e}b($h7$caK&1ubU#B*Cq5YrKUjVbDsaFeS>**#q;W(i4+o%x{3VDz9AW@n|(v-
z|83up{%`t*%rD!ka(|<4PjW<cb2V4g-Ioy5JrdkQsbDO>nqJ~K_)xX4pB9Y(#~9W2
zD^Tro|6H~IP?M?6d`%|uFIAhb$y9BcU1%m>o&VSSUR|9{-)pLKwxBvMLGu65_p&+{
zZEx4_?nb|9(D}34=0SHk-S-Y#1o&BW6OY3c&z^&C)Z0fK3)&~Z|HkgaXN3+JL^k?@
zWq{OEF|GZNkeEIOyVPiZ?*i?Q`vb;g`lXjBc<Gt5utmF6?A*Vv*v5RixUgcE<SVx6
zNBE{urXOK#iTV+F>6v~+UV47vOV2NS>G_2(Jzw`D=A~Eq4;9<kXyZ#mXqW|WKIsF>
zCfLp4MEID23c+Zg!gp#kP~rY<R>@mZwsKjf{7Mx5mcYxr^b;JY*q!YTAO)lwgKnE?
z%f5EX8yAP2v;^dk*?O3dXZhe3x3z<h_oIg%358^|`PL1&iD`3J*sde`DxtFpy@N-J
zJ04CvNujt+E?eIgedM9a-(YofB<*pgx=jHue^y(XMmA0p<!Lw@dk=7N?!q{GP`Z7A
zj)6;KaOE~r)CItfCKIcu*G$3B0=khTZq@i{X5&tvx0A$u6u&D;e*pR{T*U_zCoEyj
zh572*$_tE4TR=$aV_ZpCwqiFY2|HbE^C@*Cyx5-{gb9lt#+_wq^vr@9{V8j-smgp)
znem$$*+r)cwV{?d!xxQ=cs+_;E;B4wAJyIm5u5;L$q?PuN4`nCmBbnU@u9*mMD2c8
zuwH7i*b6X!R@-#sD8881gH9<qzK3SMg!6unudLM5x8WSvNWghNAf9f_&q!c<z$NZ8
z(NVsMVC5EPuqU@*aRg3Z9)j&tY7j=jpiPWu`AfHwkD4eJAPS5a8NK=(3n0{T1$q{}
zt#O6X@~Z_}p7Vk^tZA;fiOx=Fy-HVNe<0r%G8-Fm2Xty|Emm-yDRQ@|#qPwJ(sdP6
zRq{nXjC)iOrO2oRS)D0kIGHUbJzBZF60m&@9x2%ZapS@7fVkWPaTB#WQT4%VmhYbd
zY;#(ZlI43Z7aYQ-!9_N&G)G_Ma{b;bPaTYLuU^0RD#b^y-+PsnWYg>SUR5#$HoboD
z)eF+u<@&wXLGGT`>-S!>AbS1YYss*g>GgZBqab?y-s@D^fY|i<z1OKTkrAb`eqRYN
z8!MIdd%|Y@-s@U)C@{T#?-j1!d)<Qt$eCWh_X^kVy~6c-ua~gt^?R>(5%>0wb-8};
z^$BMnYQ28%4Rl(7==FPVkmN?M-+Q}B2K4&9H#o5sS<~zH-tL(d2&32Uy&(a&`}O+0
zw}&LUJ$ldBKY>?rCLVS5f$5*^ML<*L6H~#BKwR^UsXGA^k#9^fkAbYk;~P^HKC2qY
z5T^$YpWta9hX;CIIWc3*C<Ff+SX!E6G3FRe_6zXQNquuMJA(9$+$JmLr6=YnO@gcW
z_Mi&ZNppxM$pUGr@cPDBWn>-S>sLJ&VU){te6N4NK3K2gdjrG=vs_jjn?Y^Lnq{4!
zz9e<1V-Dal8tVkLJ{c|sF1d<N0H+*vP-X0s!YY}S-b8<Cuj$@sD0SqDetivKwLRvb
z=fLW1T}QT&Md&r=!{xZ2SJ#If&KW>YhV!^IT{n{aHvqi~uKZg!iV%IvHnjZ)EV#jj
z1%8jh#b|=@F@O(<q<|D}Mj68SWDaPF(Fa%$xXi8SRHC2rIJ}Efw<4_=S6jz|VKiLq
z1t13lm_+1pAV&e1MdUsprvf+`&S&u8FQ9A%b^#okXB78wP)nsgGzLwd3Uay*>X9$$
zJY_n&cJ(la9-D7v?OtHL266oYPV`gRh5Gp&(Cu)dpUT~-pFaY96)wZjQJk@@5URTT
zuONw%z6QhRaH6ErR+KZGD5*Dq?r=Ush?2$w8w)2&iXwEbhIeu5WkyIPO$EcjaH6E6
z0L&pmB^?W3IT0%90s!a1`3x>fx(e7Y;Gm>WjRFdlRQ0_fvcjnj6QL}tNZ;2#6a^Sk
zJ62I6)zi#sV-@wFUP9T*C>lzIRC71ND)wb)m-Z2Zga?=W(&pc4<L4b%8<SESw?U{|
z;aVixq*O<1lHMapjw7!%vAnR}#5NV7I7J)JBHYt(qKzE@-XKD4d<@`2BGg9FxzH+{
z&yb>xCSVP4_}N?VNY8+{aucD@@Mxb=GHt0HzSNF>2-XWuYKJeiV}GD~!%6M%hg0Tx
zK<B{iQsZOCBK<J@B_b5@PXxmTI1#@Uz&S)H{*?eOAwuz=0q_)@&)_2do521EhcQ7U
zuasLSUege(l67S}#3lb#9a$P7FZr+PslmPg2WhY$z~Ka?=wdbU?u8OT;hTR98?-Dx
zJZ9ef{BTe78}t&EALQ;++bsXd@`1z7$*xMVb{quf4q^arDJzuY_9n7VEuSii%WAtD
zn9oP#70bdCSGL^<Qt%ia-y*YL!-e#SKMzV0#TIALsYKR9$eh5y2AyZjk*_}3DX75d
zNKr7bU9MtYR-_RNc;>JgO;azhyk&AY2=Pb1-ynw$KeiaFEoT>N#*CqSb1_yQECh|0
z*T)(>g35gYZ;i&~fE<^fTx=qU4=!r;L}N@d;?(OJ(K@3Uanjt&(<4rTH^W)dxqEuV
zN#dVKgxvq(p_2SUA9e&NTFz*wJ7E5-wo@=r^ykiAhCNR}-Jr-8IDZko#{~cV0FQ-B
z@hfGP*PU@31AHD_x{ryB(sBBU@uoEh!%bde@E-=6nZYJ(8^U6FKuYX&yyjRK>>l-L
zuOCcd>|anA-Cnk_8zWUrR=do~eM&3WY!{`YO#^e9!tC3aGZ)cGi(SrEWcol747F93
z8AlDnX=oK+hwAE*icMs*bsawyw2Y>0H8h7C%Uzb5Ohs=Wt8FUO;<9V(QoRo%`6<+P
zA)I$Evbw@>=YbM%@Yl`awSqT;??yQ5H$d(Ka4(UYfIJ7_X(Cqvc@Mx&B9{XB3cwd|
z{^LLb+HqQkpb~Otx_PQeF6t<(HXeZ#;hJkHT;e<ggcIQojf9JUG7(MTvr81N5q$M<
zB3wTJy@*h_@c_mWp>Q(+OeaF&mH;>g?nlDih28Y}q5mKpH6+5-i*Oqea6Oy|HzE=)
z0wUoWMYxN=cOjezcO8JMh)}ru0NhK2!o3XOMIsdLJpeo5b``GZNeCBfDw9TUFH#)^
zKquN$1AWyX4fIpPHPBy;Cjb-Y<*Jz#DZvZM<U{H(=*G*D6+DFwOrKalO%mJDiwY`u
z?JKrQiGf&ugf~^))bi+*!btj<Q%`1UGZQ3xE*^ogOp<j2W0^!x<rvGP!FaRhEtBYz
zw@f0Ew@m5>wd5_6h;(+0WfD`*TP6|7TPAU-IB%ImByX9t4<gVr8@E$uA|ui=v)Kz^
zHkOu|4dHgnq@fV=pIat%0N;OMnMAg{Wzq{kj&+P>(kMiow@eCv<Smm%LS{X)fn^di
zkhe@a5)tGrlcpj}-ZJSd_~b2<nCNy@F6(3tHivxR6*95K<`5BdB`nu+fN=u&s4y4E
zuqng>s|=zZOTQOVVm%}k!5k0Mot8^onNwjlr%vt^JgR(S&BWQ0y$p{)=EPo{GCG_R
zdx_fj0K>aGz0C~kA$pq$*0b~mA`>iTCqKcW4zsG73?4m{&2ToG>aHDZ_!UTWl0(d;
zZ0M_obE(?zL9L_F6Ki2)^mG`AxMouuJq-bzH+rHECQGb-HnVIq-H-*tB9Q2j_i=zT
z?1JM90cqLl&E$yDZ6uXSR2lY#;g&pC!_Uyd@p2pqztc^(vM(9&v)Xv|UE{KOM}Z?l
zj_`a)0M{g=-5|k2v|D$q>mVcExJRBY@Na?3GVo<4N^3P5csU3~1aiLyGz>g@!h!Q%
zpw}DD*lA!m8id5_c<c{`ec=+%1DOusP$EwNSr1?>ToL(mysB+8u(RPXFprXDzBj<D
z7%$|N5bIu(2({GlF@qcq#4xB%#(G2aO|eR}1qX4}`BKh(b7j=1okVX)Aj#fP1LzG2
zlu#LVNmlf&F2*aIecs;ZK`t3X!s=7{ycZ#O^h>^K?(cE?%G5g0FZe)@k>c<0E&QtN
zamKll=YEjlGEj?t=NA!<^EjycS#CMtK=+Itr4hPlgj|*A#6}3D8xhFOZu)At6oHKD
z%ti?BvBv}L669{fU)N%coC5C%e+Lj}Fp%jU({lE%PpTOKSyUJ-bZs<Ts|w!UB0bZw
z`Vu)Nc{G{9vc&C3mJq?brEx}~tluL~-ZDWP>~}42MuWvU009^KJHX&H0$lDhZWUG>
z>#kr7Pcz=tCWbCVjuT^$z`BOf9VfObS(T|+>F~BM=R&Zo%H752)&e}<XCf+W_=zn>
z@+%m_3Xj4mYbud79@7ahzCO`?1(0<;sT-4$SL;zGa*`l{%4AP)z5<I=f^41aGeT!3
zxKBy543Nk=y9=s~wF3sV-uk$X;W9?IAx@9LlH^bIm`)aJ>+TrTuP}R>eGr39qOwj8
zWn^e|CvrwW%~7_q?2TlpC-rO-^XHW99L-{#!(=w6C<w-Ci|5520Kdbnf%$=eeGzo6
zD>}Lb0XMmlleZA;Ot&|AKLoYar6el(9G-MiRgQt+vK1L_m=%_z?N~1}v7@ABU@T5C
zj*{<(JJtpYc$9oUJg`QQ?OcbFXH|TEYGsT43b0IYZEPeWa_#`fb@BZO{srLm@dW@?
zISD#;mu%%nMYt!BDAuJUE>8qx?}Y?gy=!g(Y~98*Z*V#QR@PTUewARQ53GwQ=ZzBW
zCTl3=yeZrUw#}-77P8%39v{!j+ry7zZ5Owj;O&v9{Td)tLe2gepr`~}A0Ghjj^@f$
zwm@5?C*$Zp=!C~rZVBKXd<j%!0A<DQ+)pn9EG9O7rj)R@JNL8Fyn;%e`YJR#_Y2L=
z{X(;IKQcRaD;d3*o%<z?STGT@bHCJQ8EUh0zf2HqcJ7x8qRr0zit^3~qRr0zO5NVY
z?A))4_kfQ!JNK(aSZ#Lh7n+^>g=Xh|O@Z0DUubsj*Hz-eS(u%pHu2bZ5e1clHYJqY
zZ>c>Nxrp=i@9O2oz#OX7Ynbu90{CpIWbaip6=9RJ0Idcf>IQKh;F5(X+29g<-T?3w
zc+~~lYsizm32;MbzX;g66ZIl=LRK?nahE)FWdR_tMj&+PNxjHglj!3oSQjc(={y9A
zC)prFdz`r$K>Ad!f*BD?eJ~};{sKy94>wFbX_9N@(xJVZp%lxTJKi6wC7x8~V%p;-
z+|eZPfyI10ifMP7aCl5hQ;RuuhzASu;pFS==`eLHC@w{-;us*Q7f82|joMPZ?`MYN
zsh@+=2RHD*7%ElmGv)ipa|ZzLAwn_{bRP$pqfg)JyU}QdG2%n^tHo2#7x{0sy^r;o
z1cwU4O384?`B*-LODvnIh7I`}JiiC_5h=$kn5~8#@)byXU4Y9C;A%LW7?Gu(Vy#na
zm#PC8#fk7)2iI?<NsJlof389J`K6=bFzM!eTcvL_9@NhU?ZJ0``VK?i8}zM)z6SKi
z3L?5&)2)G=y|)h6*Vl~mRQeBwiDmPL_P}+o8+r%Oxy^)xl*=9`M?JXgL2{o0sy+-g
zsD!!MX+|5e6%E{Kqb-?etVBA<tB}<T;i$2a;ndhCz}_K+8Y`JjjqP?JE?b1F`3bnn
zN_mwG@46{H6(w3$MKsnr910xBB##2)Ot|{d7=!#^(pNWO*fB8vMSzfNK|ciy8{lki
zhF=fhmqd;N@+^SIi5v#x3jlv3av+dl7(xt&YhYXhHi0q=*mStYbAfQq-LwO_+jn1G
zOY#7_H~uP}r6J<_3_R-)Y7LzI0g$r*oB=nm0ntRE?FfiM+kf}%0bpnY=fw=#4aju>
zu7NYzT@WSxFhp!|-(Ygg?ww%S#xTt8V*nl@!tA~R;3Xo=?t1`s5@B|~0`LV~1LGRR
z?6zl90o!WQvLYZ$G4Si=)*@4ODR{z*Ft>)Y6F@2fl*6g?+a@TR;$GloZN>>QR6`fr
zlpU~&GZ9z7rN^7<Mz*6gTWlpfC!x7$mb!_CWv#A}xXMrOZgM_~%3-Cv7fcN(64_V-
zUqw_2w!Ksn!F~{_7u?{et};2(zK~XX7p9X`F5jeOm!nU>9c0LszZgJQz7_FFSNm^$
zW$037p#?Yxvq0hR9Nd*1ntv>yKCGjv>~(~9h7LFWLwgCd5~LyQ)v+Ck=k8`5f-%}y
zn~OEca<0$i+$LGh^=D!^w@H?B{h3(KZIb0&e`bGx;~7k*D9r-};);X_hi|GP1&q$m
zM%8v?bUxOM&Yfbgn%_=b*=LNxa88F`xpK`)uO4W7d8?3F2;oOoAw=-L?25-SI9aXB
zsCZ-!G6pnbbY+aY5<D(yhpCI<6Wa}s<R&N&tHp%hH3i%YFn>6=3E^!PUnQZ#P;v*u
z+3bXy7-9pkW8qRb+UO-{XnGy6U%;imH<57_PibR<my9arqo&726-O9VR2Qh?+&6ap
zn#-<gF)O^r7|*|$Mc-XszR3fTQ0i(BD%?W@yasS^7sz1(;ye=I!@a#g4r1p5K0=h0
z#VsbgYAC}Onx|iAzXi8ms4t@4aA^NwP;5q$V?r<#CS1OMEuL7IlPC4|f7tsDc&mzQ
z@7e8~efqiQ_70azM+BrvQ3MNiM2Hw;1rZbwxhSYKV~hqxx%P4upGHMvuULa68WR=N
zXzXH*QIlwFi6wsj|C*U|_9fSteDA%yeDBNo{nkEftywdB>Y6omb4Nwk)~5QN59Bpu
z$1{LXx~0p&X+riF0OePK*wgrSEP{3-Kc_5l1l;|f;jtH__XPO&fH(xm0VHk(u>#04
zK*bXv+JT$_z%eHiDw7awA0-Yj#1(vr$K%BbM%QEZB`yY5$w8=F&?_4;3_@9vV;qEP
z1cOi_RWi+AVHPqT0EgB54kT1BWUMr0J0w!JZLe-#&FzAQuI7HHY94g1=3*?cn#<0P
zoC?3WnkVjM>F8R0kV!APBl$TU+zFnP`31k8IQsS!v>ARj75gC%bt*15sn|J^iWmM_
zsd%)MidiNVR`GXAMP27qj72xbviKUQ&>v>G+oa;4NGir}@-{myA951FeKE^v`p|6W
znFQQ?utlzWb3Z9i>6qiPxng;p3})Vz7YSrB)e^LxN)gGaGFx7UgDiyQGW7Qji2nkl
ztB3x4o2!TZKL(0rpt-?&_?Myoyfhn|l9B(B>3x9u5IBmLG3bH+0$I4%<Nh|meVneF
z<M)SvtB3vaE<NmLxXQz@pDPG5>_67{=cxa<EcKfn^dDD4Jg?#y^Dkmpddz<%n64i4
z^9{<wn4j%k2Hi);7%e^IUlQXhLgit^&)ZpK#D8L1QYZud9|#_*IL7<WLBQ4HeFo<0
z@xCZ}599p+11uTuFHdU!9PY13lC4MkC&&1TyfSAaJq-4@pdSwQS0-4rO2+!9hRke6
zYL)k03UH`@x(Spc{WG+H4D?rL7y)QNjPoyqu<X4&JQP%q^Ce&OIA2nr$N6c>>Ty0J
zfdip<5~NBTiLLT7&i63Re-~UC=N}eh#Pl%#usm@+%0H}5A}oXaGkr!GGa4M@duMq!
zfr?{{U+Lj}dW_GlJ+2<(ZwpkV$?zrUfMV%Umi7gc+zc3tfE#ftWQ^}!9rBAVGRVKq
z{}hgTjDLNK^;!?{Z;<%v5&n&dQy{)tRc?>Js^DZit2v_aV=`-X9cYPyFBq+P74QWC
z<!gQ=%{^p97n|nJTF#%-Q7e<AemPTcBO3NKfVz_~)93ij^zjtv#{l)G&=!l8Gemwh
zv;k(k6RX$cbITg<G$F5odqR(F5*(5|w=BUMHP<gi_(uY$Ksq{*htg4RFbZT*M1lNj
z)8AI+o%>b)MW)UZLt}%91MD>UIUU7UzE*tYTjrIgM_$?IwSVZ9AC+GD%wNB9m`P=?
zi;=%e5b}#gCYi#iwBCTp0B42E!R&~aj3aL8o6Aaq?AZez^`^+`3_5cJw=NRbUm!%Y
zrWBeJSnM{<nvz{#HEXJRW-fUEUg)oMGDktslLx(^cUnZBy0OS7;e5U7e>UYrD`t*h
zTw}qm;Jjs`%D$aHoGwI+`Bg_JmZtzahA#lQCwJ$Xb3L^}!$qjEfV@n!hcU{H0X-5>
z#;byGHxz?$+jl68!T*QmCF%;K*$LCKC!MWwGCWKI;0_%O4uKp<VrLNZfy@Jx(~CbH
zoD)DT2cSb?nDIRuiI)&m0r@4WucO{%@T(zyIzWQI6v!nc82k-Dt^-KO>w(+{&;j>0
z0Xr7Sn}BnP7<@{=8zB8SKmvXR$V(&`@b7@U2atgO0_018s<2`03!({PJfC+AGI5M~
z8CSPeHA{|ZlX>GhRcnkZc8Oj9<BCW?<4Pkiu87nb<4Vd_t;Ya`74GFr5TLZjA*RB8
z9jS1Szm7c={AAkHJgatGk0a#t-}!P$Yup%F3s6-qu4c63dJ(|iE16c8i7)>iI9^pt
zNB<?D*J|`#pf|}eaR1)!X?45E=D&I^g%7;GbsvNseufQa-Whr293#Xbj7F&Z(lwHP
z>3-OJ6T(^T`#)yEdcgf4MDBrDjd%Gm+}A=4yPQN^uIR`+w~|OC#=xb<`Itm9<jWhJ
zBm+o=kAmnX2UY#FB)QeOjA9uHx{q@TiEMZf#0EL%k;tV_05Q_JhD1Jf8i;Yu10)Is
z>iCJy7bMDsnC84rqC$vS&eJ3+<4nO~RmQ~9ATKcQTwEv@%$~PU#m$^MQyc6YP~c@i
z@H!uV!b2s0k7qfVaoxace*;`L-jsg?td2?{2BlDmS`^4*CwNmyiY3Y!?rsw9wshwU
zN`VWBH8nk?VGO5Ih%r?4zd*Rq81ym0RM|@4{5c&T`^Z+&7zGOShFY!$q<Chwg^@iP
z)Dh%Rhio|po^AqlIXTBe?QTt9AAouj(Ab9EYMJb>AjCuXvV0YzKp$w(7C^<!8ADWx
zoE<=I2WUEuvCG9753l`-Wz9a?!2VW0SR}{D;^%}F%g~>>TSI6+_}&-bZVBQDAhSvI
z1aTaY#U$!MoC@S*68zrP^+2u#q$hw_59B^Tx7|TtrYXZ&g7xOr&IYu&stm@c$~_VM
z4G?@B;BwCQ4Ir<P;N4yy1NndiZ*MN3<?_?GS$a>e0;d&J3jiiM!*8C{NL)FuLZDlA
z8zfu89|n=Z011C@AbXKu_=f;Fhy=rL19B7~OYai?NuW*yApG+oFxH0u2MF|VmoWV6
z!9N!wX9C<SK->!CW<Zug-PeHwt+v9XoYgD0#t?NNZbTR{-bZx)vRDjSa|x))a<NbD
zQzP~jO7!O<Hq~7U?~aKD4_I(PH3pTrl!3srsvKop`6gAy>diuz_Ee{;I6>3GD$MM{
zPLY;gBs{3jmVp`@qFP31Y%A3=PGdt=%g)5)qV`r+eEIHdPx6#}YN?JWvj}0<6~nA6
zhFMn(vrfX4kQ$^3wLE}^<)*6SRq&oFdQXXW5zUCGdWQ{<I{Z=;km&FojSlZ!!MNz(
zsyAUYlytcH!U=XTV!<hT(Y9OC;byCxThiffNr$^79qyKNxLeZUana#!Nr$^p9qztm
zbhum6;ciKX$3=&GB^~ZXb+{MR;a*gSdr=+kMRm9r)!|-LhkH>S?nQOD7uDfjREK*}
z9qvVSxEIyop4H)Up$)Z=+~nrk`{m4b!mx~;Ogv2ishmXo_xW&9xH21~64dFUn#~E9
z{D)v9sQQv@4Iy=LP$zF{q%Wx*W%UReAB|&(&URp@pnA(lrJy=n=us6YKFu_d-lo1d
z9kGF6KZ{2D1RyqoL9W3DP7vkvFyDAk)u?57!(HHsm%)(Q0w7*?12Pd%vDAoj8x6l#
zo%jsx(uToS3nmvs@FDDkckXA+5{*C~dBJC~(fVmweID0!{m=hl?Uj8@T|Y2V*So)k
z1D>V2Zf=S7N_E}b6zi4hy184{E7f(cRM)*yUH3|L-7D4g<lkqnc%{1TmFjx(f0@0q
zd0jX5N}%l(d+)5-3S|~V_eL#U9XLGZC?;FrMohNAi<oSIA2Hd2Sj1!t;t`WA2qPw2
zkcgOUIAcU>P@8N)Dq^w)>4?b|WQ@tygLY6ZPE9<~*_T9Kh)K?2B+7)C<}4&p5aJ+b
z5Q%ajW;tU?R0uI&EW5yJg<5NXy^VCI<RJ!F`aNkRGJ{b^ygp)QWndtrq-{4)Z8$5X
zZ7(;?>p$3_@xuZM#=to=_Lb#q?aR>yj|AjtX005s369T$d<2k#B3L=`U2ytc3hM!o
zr=7KO68%jDxig?q25+Z{ZPgC?3_#N#;Af>(1KUsyoEbh2p4%PG^cqN90&uH9yaVJ-
z5-AY5|4`~H5(>oOAifJIqyN|daP9(iGaxY%gx9`tS^PmD*W344B&qaouf!fSIo^WI
zOYrpqz<mM4dq93mVk3ypf&2*&`v64pGH6SHl7Jtw0b9fl4JTJ!Wdp8-bTvQ%?hB+h
z2?jh8$Z&uJyfcuU04hEmPS2Zw9gEnZ;oeE^7jV}=W*Vfw18~m<aX64!Bz^?qSRji?
zECX>0kROs*2;w{-=Kx~YfVdjSRe;3pAYf89Z;$^E&6`_I7Tt)~C3b*=*M6JM&DdVX
zD71*Rcc-P!X55&Y>k#bi07>+tKpr8%L_Y`QSwMlgsk+%P*n0J5v~s<X+~n|3`!b8r
z7k>vQ9M%@T>>UL6Hb7qX8IVs%@MW>f(eVKE%cRIA*Z?hJV}EGkyEecoc&PwLfIWfq
zAi)5K0vQ63BHJFwc!288BAaRgR(rBCAC{3anhNK=08&P6K#n58GWtG{6(m?j?Lf{T
z!7{oO$R&U>1|$V_GpHK@wxICJma56R6h3o7rT>U$1zT<US0F3i0#>;zTllVG7&v<)
zT%QA{U7Of4tJsov9l@6Da}>1e-fY5EY`VMdM**=Bo!zC$hDT6jkKC`p?-9zR%hV(T
zgb_~#!^DeeQl~1-dZn12Y<a${S(5Z&5@XF$qq1hHQCYLpsH|BMmAAXCd1@*#jNP6x
zv{$WWo`OOi!!C$zD`6K(VHd<W)}d5LC@3Suo|dlnW7I6MbQhT3e-X0T{(g^D+>pJ$
zJ5`pD%(ACh*fWcM31gjxoD1_g#bB&cpEC?^9m2&{+;+>ks^s@k2;TPsPR$Tpd7yeK
z_ZCaq^C7Y8!7(eM!BxQJIC=Us7NaL2bTegcwT#n|VVQabhPnY2<d=Z#IpSde!+#(2
z+ko5v<CDFYr;R0#r{g?rBzgE=(I7Z2F`4u>GD%<j^FxzKmqapYpWkr4Q`UoHkvYW9
znG|QYV<rR-M$qB*c&NlhjGQ0z#fxm5s_B5A(?KrJ)8LbCL~9U>3V_er+I<i>TY=h=
z91iaXa)NLVP`dz9<0B!urz5sFJ;d)mxU=z?4T(bm?m-|<267UKeL!3Y<ZKdqf_NCn
zLx42>XBL3-9H?gj$ky#l7P45a4UPjW5He*}HXL~2ATCqZ>C;CTe9252hl4Vc=3%v7
zX3{*Y)sN$>RJly4HRQKvsPYL#R?^@~WSCUa3rzms7Rmn)kpE^3X6Dhxz;EYs?Pi*6
z0vu$b#gxPmpp#^()aAM)_D7^An55Ow0Y9gM+yEs}M&uJ@z=wdCl*0^g@>d{}0I^~@
z^as@&5X?CA7&U4a1TqoSctH9Xc-YOnp@`TX7^TFVcdo=^7NlnYoQpv$1G0p~*&tQ{
zIhDkzAT9xNA&C<~JOE@pAaetVUjcavkd^hU@2cE>=CxCqDtncMT*+X@L50KNt=woW
zmWPLL8%vq-%f?b>{I0Q-8NX^QW#(dc#m*F#j~ll#JLL<?a&ijar+`jmA#Q;-tna(K
z))eAnkwRSY&Odof9sAFWsbl}k#?(pnAnfSG8g^A$&x@Kdb%yhozMjAQ#xZrAW9pF3
zrY>bUrjGv#0f%1!%Q4HK>iCxZO+CauD*557IBZK;B;!E+BUIVn0rY}~KiWkFs)Po}
z0SZSNuV$F*Cb0cQPTG~mx1zeg6X;sk51W&!M0MO_YTZYXTK5rZUHooD%)485kedDW
z@x~Ug)(b1)1D}ui=#LOp=Kv6XPH(4h`Us&tI)7vy<>i=X-nm7HYBq`*XM2j}yOHST
zd_kA8%vcb8oSz6GdpHI;Qz=%~OqY?)dvqz6_l$F@=u#`hL?<nToDP`e?Bl|vF2<-$
zQ%UZTC#2Zp1~_LSliP`z@DT>-d`~zz4<q0p6C)1QN9keKhoj=NAR1)7Bv^^Dz!&4H
z-uFN_kHK5aHR)z1#9VzqLDC)bBI%BKk#xtrNV;QwB;7IJq?<{N1qnuDr1Khym`OMD
zHx{dBY9>0n3n3@SCOOZG*uW3qXPU}vhrcAHFbvX(ht;Ax<QjIn@wyCM8Ua#RD(fMz
zp-lXlraGNP-}pHlk3q_VsvlaQ`*x^vV*wuRyrI45cp%7q0l6a)$Z)=!UldGtcv#pn
zp*a?ruR~QMU0%W9-UgW!@VX4(UJc?*Agci?|6}9zVQ@>+Hw+ow3im9P@!eTg#sQ3&
z{gopAL-;JP84YMT73k#%b`3ycK43c@R=OYL-2jRCz)mr@!4*TcF(2g4Mqm>2*Wq;&
zKw|zekUs)sDoK1V@VkildGK7un3=-@nbpASo<{LG4H@Tt5dM)z!<=sD!Q}a~=K&o{
zwu-Udl@CUGb4;&o_dQHZosPM99}6m1NB1~-7Y888&22%)-XMDb>YJepmf50t1I^#5
zOdJRScRM(YgTyufcQ}Z>f$UCV0KEWN0%)L@irv6D1Jo)2^wDY)o*ZS1F)zzUBd&4=
z#zYbKS?ZtD!5B!{1l^e#mm!P}fJ8PJ&d5Fh@;*SCqV|VS^$)5`eyKzmoF(2bLil-r
z#QR+!?~q`;{|w|afJ8Y7{TFhBW~B)Ni(SAP&B%f6!i*e<nvsJ>F)AsHAlhWsIi-oI
z3dD;2`A1hnUNq~cMzfA8z5}zCI0<1lNq(bIEJwQ|Msa+5MlxK8jC6dt`?2TVdRS+5
zw$t%GBoeYD?pM;{?Ty6s03_*P#od003T&xYz;hi$czZ}}191Ng&U_&A04YkPsq9Vw
zwHyG$X@q&B*tJ=+b|9wEUzx8t$(M{VR{8xf=F4l>AQZ`$coww+Va|x;%l*igEJswH
z9#I*?wX?OFGjpIaqDn+YREg+_D#<7sE6()PWoDGYlET&jRgerV=cvm`%Ke60o8-kz
z-EulEK?!4N4+7=Kz{{n`h6@1!RY?yzJ`U=q<ZvXlEfrZFMIQqMJSDL^eQgVB7`Y2n
zT5c*_2x1l)xJ9T>cq=?z3F<OH<-)nRiM3Cb=ee;<z3Rs%MzawNe+M9DvDvC0HV>m&
zz{5QNRsAT$7Z_1zFBWf)*wYYoc#`r>h`a)DJ_b>X0;mKy+$S^?$UqXCK<ou%cM`t_
zaV(Id0W}OP9-{Ql19cXlwg7^=*Heu^a#M5_bS#o&Eb$vL5}`N~A#yW3-3V}aR`-4&
zKP52~#6}=bkmwKMRUj_|;*&vq2;>g{mEys}9`+>`u`Pb<)qKfPh^U|7@B}<KZ6L}(
zWB|_LAbJDo35cHzVkD5^097~Ag!uyy3j40m()HSP@^au(x8!Ck>0p_?4XiDmO3NZ1
zs}Pfq0YHnK_vQ$oMGky(2+$%YzBvYH8AnkL0$SwEx6fA5%AowxneQ~mfprvQY7u5#
zG0eJRn03W4>m*DGNg`F$R}6t;l0wmYq3FFJ-o;ae)O+<Z62&HY`L#%|G|2|jB$q^*
z<nrHj`mSc@8@u9q6@w$ng#E1Lejt+kc-uQ(W%v^7AlpGzil}m)!)Ji1%f1F4I;)7+
z5YIdO&RI>^A5p4thJ#-#GTod>_&i;$$n<fJsz5FYe~@!iIliSU_(*3wwth6ExXopp
z(+a#XH3#@a=TwB*lw1jXQa}r(S>&fV1%%U0_D&z<@Y5UJLw*l#mYgr^o+Cb=!`YTt
zGrTT#K7n`-!IwDSL)2R1Oz#T0h`XooPjOyAdVA%1LH@L0&LJ~#O)>qhc1FN&pYRO?
zdA?lp)K{+Gztp)G{C?pXkXh?21KwX`Zgf6HvIa;r*E#chrPUT9zuq|uGF#*(;JrV0
z>VXfGC~tJOAzsBOKZpJ#t+uSY0AX&jmu98xO<DG8tH{UTJs*<xb}Hf$Wk%a&c*@+B
zktN5=)4d<K%w=(RS#I(L6y*)Fu7?#}1)~S$rNH#|pa|p7;?Mz*av8evj-tq02r$R9
zgx=X8^M|A4F_lGuZB1K6<B*@zQHIT2UNz%66|H$MKw-QQ!o;wgb%G8Hbp^lpIy=hQ
z##HcUBNhBjRPZvnNkKlpVb<r&QeIi9f>*PGd*hs1R`8TmaKDl<koxUcr6kv+g8S8F
zEr_<R;eK@u30=kgnvgl6>$qPlV!D$1wIZf#xnCzPx|;j-Lg;$#H%R5y72R)4u?p#$
z?l&c`12HMVs_r+7A6?h|Xl3`ihcxwdZTGw9NX$>5y8A7$@xXO`_j?GTE4&}A@qSNn
z(N*5>m1BiCEx|hP_ZAmj>HR)9lz>{F;CX#NTJ8OQ;mvT-_1^C<V!Gn{10>SA=KImA
z??>ytKTuMjE5ARmiYd^w-`}#1mi#81Jc$QTsWl-M0r?5uoCkL2k4gG_pcwt$<m(l}
z9Pu=>fZ#Gz9Kn)7Vu2igD?HMy($p^E?zRw<TJG;{U8RE4w=0--9SGWIEl;!7vz&AQ
z(gqm1@>%J9##4W!DM&IY37)6L1%=I0_5C}*s(TP>E%atPVHud2w?TC$rZT?-+Lx%C
zc?sxXqJCyI&@n_~%6w?lERfc32_~Uo7<>mfyAHgOM{jfNob@N4g6svrMKuPwO5#dB
z`4r@(;KBrt-UiXLw?XvmZ4f<s8`!hAJ}m+L$)})VCm%ublTTQ!Wb&1K@+qhiLZ7`2
zs)f*JZ-bg@uEXiGw?VDcIsM6}pf0&LT=d!7pk89D&)x>nv$sL?>}?P|dmBX0-Udyz
z%<hq>A9D7#z=+EC>6&=<Ht5-S2~rV%3fb#V$+EzYgMh9#@!QB9E468LiF+csW3m&F
zNbWq^yb8pxqWh>EtIWotd#M)1FQog{;{HL=y;KL|ya^DW?PSBtb0kE>W$n^+G(H|D
zX5)Rty%*i3ZZ@0G?+pRRr*NE~>Wgg=XDgjdF?r}pngp-gafpVKh%?Dn=^hC^$e+{U
zL+N&>!JMd|mt|1RivcY%C`q(3tjj@P4CnzRo|3lwb5IWeS{Jn)hh4g5yh8-1_Ikc+
zbo!P$bj9Pjy=YE2EpdkaCj7h($nS)=eq@Bz<<Raexv`M-4kI4|9|FAnL3l8B9Dp|k
zL;*-1kfo3Eqrm9_syhH?BNO6HHP-Dd5O7+3ZwQz};64c8^#QRvkX=bMf!H6&ek3YE
z%mH#ZAWOd$W5B^L&rmm*h&pG%rK$EkMw9_Bh4k_C&VW||Ih6zhUIXMJ5)AlWAa?_@
z^lk!{aJMnBRS&~qVDqkV6YfR`KStjS_Z=W_lVG@C0{IgOhFgbjvIdZ)_i{$KAE-V6
z7<31iIFCU29gcvp?JeQ0eYqPQAvDW4vsxvOGX(44YAx#}QDKwk8wXb2TeJg?)nV_P
zGl;wI!go~iipYDOG$P!UhY$DlSIJ*QTzUAHo9~S4p{nm%ll~b9o-S>OSwEWASYnYy
z57v^9)-|aR7JJ=5jSW$CBQ&;^svAeFl6JZ%M%CZU29WK+d!gvPQ1o69@8YRq802t|
zBO*cTy8K3rN5s0`+ZZ3&DiM&!xDPO*C>bA}t?P8j_$Wk;k8)#te3NxeW6oOF#I1Er
zGtFAp<ZHvDwuZR1u8CXgnz*&DX|;?q);0SvYhBa+m?Z1G&1IDD%DSedXsv7F^ZDJF
zmRKvqt#wVjE9;tkYh812a9XIXYw|l;*YYv6sF~3(WQW?7b?t-yZPqoTX{~GG*1G11
zf0MPYE39>$q3PO{iJgGBF|jkm6O1=OtY=lJ&5J5>JZ_7YK?$>3Ti1-KF|mhPS1~>q
zC08&};bNY9v_KN<TUaJK08%bPSKcvriiuq<CN_r&=4xBpSy661K*uc}>8v<Auz7&d
z&IrTezlyOe>0*~4TTK<+rCHc6iX)=o<Pwn>>U7pTh5?Wh$S1sSGR=7{Lg3Ho;FjOo
zg+EL|qC4@Op_?WEk~7s{X30F@vq;kfp1|BY57a7hXr}DR%z6UULxAi<2;c>)-+vF4
zmq>nu7zJ;F{}lwj00b|9$XyTH3J^RAq6tU?AV(i{zXxX^r~v>3c>>5!ZIFL~K+4?}
ztl$Pb#zJH?Ah-g=?m%`WaS@0Ef$T@(Ob|<f91qCRd;Oi@;C(il%*T0Pr9`=<s5etu
zZ#MqHyp~0wJT4S9MKvE2i*vAA^YI|8)_gI{RcOr@!(4^dd~$k5Yrf{F=7V>w`RHA1
zK6=-hPdpjTN3)2U@3EVZ@1ptUX7yCx@QCJ{`QhI;uaJsrzVx?fK2`#&`G{N1_wRXy
z|Jr$ljMaQyDLuA3qx7=GH=9?mU%dXO&MTA^=M@T^1U7o<R_e83Y+~g!*qxNjHhk|p
z+UV0y>YW`?qbq2v)^d#Bf#!KWpz;{74>iK77wWc?NpL(Bo{GmEkhld9@_MyrfIJPT
zqEz+S;JgLu4FGy%8$|6Q6BaueRVQE5^V7_xeT@VB$<OKFtLtfH`&AThrm6-r8821}
zF7p*5g;)8CjUu}$-HhHCrH+O+U<;jp3kIapLQl@>7J68ug*N=rQ;CvoVkSlsLoma(
zU2Z2t#LST-w3$Lq#x~ZOAhNcxa@pHV0ur^8fE-KM#!B2a*5SadnIhv2GYLrCnkmGs
znL^x}DN}%tGiJ&n;MPnz2l%9zo&=<PS7u58zBN;b&*$g(T4McxS~G>XHB*>gI|)d>
zHB$xyKP{%s6!NW^!ZT9m$2c9*H{1h$?IhrZkg;Y8W$Ywi5`1f>P~J`g61S6pjHWeH
zh+8w|$G|t)SrB|CNza0Go&fQ<Vb04z(oBHliN_gbg3It!nVA3~$E(LfE-qj$i@VE6
z8VhB#b>)^8?JAhIP^!T6_N55p&*IP`q+Eusyd@OjqIJ16)-@n29>FAF-ka`(Pk>4d
z#L7?=^GKzB42RwfI#iXWMYBNOgqUv8RU9m1os2Tan)Y)KaQ>W*{%8TP8tR!y{{}1_
zTyLy~EtsOd;Pe29)vz@~m;`DfpnCR^$6)C!NB>x!shN)RaZWPHMz;jc3jwvG;dZB0
z3;R$lq-$?Sd-V^2!+$_x4Zz<Q#4SK>ATbHVFM&KtVj_sQfV=^yqyPFNz=0XSfFCvi
zI~KthOMXr!XoS1G<P-S(h(YlsJ_aBzKwcuF5fXgK7C`y~8X5jrAfo}QX`^`svs^V_
zjVE8+je62i-Hlbj%;sRI7ZDDn25JP`pEQE)PefW|6|li5o&m@PDxL#wv!=nNS*>`M
zM-<Nr*kSRK;^{mniYz&ZY2ca}S#28pd&%K{ddcDcWz*ne&ab6pe(pY0ds&=tC!iMV
zWr}hRiLh~%oMHQD^8hmn@^d=EnW~QF!FSP!z5|dEX%EUC4eBUB#qY%b0QT6cL7xVw
z9BTq%r_WmqaHAD(F~Em+;BzV(9^1>wx1(>Bj`~j1UapR`mp`DrL^^8IULqYeth7-M
zZnG<O)Y)i9o%>hosLg5}Rq@}|QR~$@_9FjqM{QQ?=(kfxZC2~pJ^lB0)aFxa`ERhQ
ziygJGs>|3>i(SHK>yEmhJL+<Bq@$MAx^L{L#r1D@)G?<0Z+Fxc#g4kNQ%9XHb=2ud
zM=f8Xf$7bDq0~`VbJp8*)V48fgam&$8;BNwj=F&z^_^%hw*X{#Ka{b53Dk4saCk4<
zZT|x5V?d491EI!p^v}!xQtY^sd46zu5XPkg0l0pBu1d+2%Q%qR0BXNvT+))alR)o5
zG4}Bp>EdUAJOEHvk6=zP4c9*xP0`6E{)E0QKAsMcSPF=54Pp(Di%ARuaWjx>N%R5n
z29VbP_4MDcD>xs4`VfE~`Fs<&^ubN+gBkN?-3NQ5yZwV5araIg@hm7RDwZSGp(cr9
zdD<wJ`y-0ws82S(t0cY~Mo-?3PW=vuWjG!LYf0h&JP2}M60+=ZIMld`+wa_^z=<e#
ziotyMa$wwn6S^lGEKkMCHM_L^9&n}u0$9}MWwDM~w<gQG91nA!Q!Yd)`*#KF!TJrr
zm&e`2-p50ExAVc6<rAzAfk<YiY2AGWMexHVac!!SUh_9&Km-V8&c!YbhBFXUKR{W5
z`RBxA>%rUwjER8qgRxg9O!8_auYK*ZinC3?kAP9ht7z6P1NMEC9P|47cOru%uir6w
z{d^>^KSf?glz2>EYZ2?DxoKwpLq-pm?d=eYxE*3eXM)MMGr`2|5R14SViC7PtUZ8_
z`=*)TxE^9rzAMem{?QJxh|kAIMKHwTEP>VB#O)A^>9s>F^6e0dI|@#V>me5TR&&cf
zi?|+QO@Lpkxj7YNhgg)cLo7zq4zVb2hgihz5R1{YLoDKUh^6;gm`lVm_)?@SG^4y&
zUt`gI7MvWm^_8)enO<xiKHtUIrV@;h+(7`n@xtp)9!DL_YQ0y2F^$Xwi>u84GD^{z
z;06fFOt5Smk(po-VUk?FN6!RD=0jT9g!T;RCi5W_$0-_chX@mt{A$g=)A1TagPCeb
z1w}FS;C~OoTS%OYj4Bj`vz`cVAyX$5?hoNUorH@+n2ym}xKB~I0O1~;qLD6!JWC7r
zDA;IBf^gF}2%n>cn`F-jqp>}NYrjGG0WDlx6g~{X6`h1Di_!Rl7Os$8I1ITK!ntn{
zZlErhsd7c(;Sf%WaEDPI2u^-Z$39v(X>z0d&@m1Mo84Ga&J^6B53f#u#Y6pzn}4Un
z#!b<ttitzp2El29(L(F*!sN1Op+6Zdw2M7c1*y|NGgs^nk<BojhhE9jdQ_hFqicp<
zWnw@63k|)@L=T(&-=&50L=Vk!tA&VnrG?11T1a+#nTZ}T>7zq0Gtn~vd1|!~8)H{m
zh|&DdX(3}j7QVrLWEbtR))@P-oOqm3CTOKoq3y>?a%4G4CVF<Z?t1lyI!VcHFLC|b
zyS-$Xw6Yigb7J$|URA|e+0+Zzy5RSZ-AH+=XjOd)s<-!@OwC#RpPGA!5o1eF{e+AW
znHO!)Doqs@>?xDCAC|c5C^uXtP~&J+I-Rvo*PzwJMfOtD;x1yc@WW1YG?F?@^u|S}
z%tjYK9Z<gjyBTB_`*cvJ05T^b?35(uYLHivb#Ml|5EG2%I*_*m!aL0i7%9#P^EwJF
zN{0^_K9g{HiJyJU@b4(`!WRwiQOIs6@w4w3{u?D;;&+C(4zh`E`)VtPS(+GN2x^3e
zp%KDFNj2)}=FA!s1dD(_r=tn^;ai2Q#`ASBW|rQAbch;B<@5~BoQN9v8piP7GlTQ*
zO{4$bG^+l#8u`aIjT+q`YD5f~vWOOV7?odZfx>8f2L_`7YP-><HH_C49yPukH9imx
z@C;h<lYk1gcPB0l{sYkO0%Ws?6N+BQV<9C8sM<f$=tiKaRAV!0`>dF%IX=?nFbFiA
z@iX^g6Oy!|Cew;ejI^S={@kfE?z}TK(ixXWJL8IP>5QrS?T~<YS3?5w?T~=D9TE_?
zLjvOe$dG{Ye^+O$hXkz<x1BNZt~z7#ZD%Z-L(GtX{BIi)oDG?-I%6OF|J%-(%5{@n
zb-_pFyIOVe*%`}LVLt(Jv-DC$JY>8Hx{jIyiYan@876cd5-_HENZ=0x`i(;ZpJNBv
zp4!!rfT1g&n?rn#Q)<{F`yAV(pG1}4indAmL106P)#^^7nm8^IHNOlGOavKjYK_&I
zUc25j#E-z#$!RbRkuRiQ&22QjdnGtN8*CH%a*X;Zw$!v49+l@0{WDr-C@ph;w6;9~
zS+>kt*+Fsv$nyZXRmR`N+MD7{bluR0r{WCtT8Lapu_uh!ZbmEtF$pg3Q*Hxf9t9-c
zHF9-`<3j*kiNH%T6Q3GB)A&+^pZc!ucq#vJiJz}Cd=8&X7%Fx}B=Fczqr}68U}nX7
z8o$rOuZoQ}6yIF7mmy{&`V6)WPkmVf?Eb`z$V<6BMN6o%6Ab^tA`iDaID=LGs)z?8
zj8$$(vDaVwQ)H3otHDNJT@=w*dwyZRN!Z2UAyXPW<f8g2|1J7TT823)Lfq;r)_J>1
zOup4u#I3#}ZuJ#$tFQJ3KF&;Gu<F}YVk(76W(tGyUFj><eLICg+)QEgg}BvM#Jkd0
z<Xe3;2)LcXAphI+6`N#N`YHkbx9KZJ(@tR!w^JBv;dhhW%vKi45ft-f^)B{xg!JlV
z;l~Uk3d9qPJVEaoE7!w_3UWN&uqe~3%x^t{V06tq#whE`?S$G@Fg?hi!t<t4WCChD
z3r35Oav8evj;F}Gh*ZeTsg$t<RZ;R)s043f6Qv#m=$Iw>1s}gY&cVeS<Wk+aywcFb
z=XXFux>O}cqEh?KBFgCtSL7L-7OghQtsC8#D=KM}8)b$Uxix2EBefHYGkUj}W;K)I
z_&FWvHr2o$<Im7Bp8)W!ydLylb1T{yAU#tJ^Fi+dd>kM(AIG*C)CnNk$T&_V$`WAQ
z4dM<mj!;R-?`J?fNyc<c7c$I0fcPz-R_vIJWMCF+u>5>h>{AmpCWrdU3<+Wl`)NJK
zEJ#xU=+R4TPs9H`0`4LFDb6T-Rn4%O<y<hvl>;uOKVuIXKKlo5&o{x;h2JX$Z$}~O
z2+Rdh(d6z&iHf3`U=+=7BZ_9lSDh41XTvC>XsYZg7mw^z+f}Y_IFrV_{#P=LSh2cL
zH0+wJq9NXuq9NZZnt!HY#3*;AXgV22#X~t+w!qEyq{vhS>$EY9vcyY<ku)}QD5s98
z^g0_xbeCC9)22HcM&jDluGx}dBq9?~Tg0N!bEUFtwqDc=o1Zy7li(=`f3GZk{0waI
z;1W}^{j!0m+@@nTo4rM$VQ^N7-#|h6lhaJV7vzesM)Q3Z&Q*AHN|<vPRDQj|6fqsI
zrpGyp5tD7QwWb|i!=UlQP4s9)Ic}3}`31a=LK`0nkekxCBWHh5`vCGYp-~wBWgwOa
zV+PJ~^4;yAP6af}VT+{jZU%h~Aj$9#F>iHlLA$Js`)JtyK=7Y}z(#=I3gTTLual?)
zF$ilh0{}h`>F)|;XF!VHyNv{AKT!JuO!%v8_>V%M#`~TP|8R)R0!aAB0a;9f;hzTN
z6cP;o8X#){DS9ts_z0IbBi~@deI5>tF3lf*U-0jR@SXHM3B-#)o~LgLl}#7lg<-~L
z8b!f<x#><PAj-Ej&MeTvR70@LU(vEO8Os+N{s!>7Ut@@CK%{ZN0RpNex@nj3{W~}9
z%6-&&({7LGMnHH^$xc9S+D*w;KoOOzGhtz~1w!4r52BTcx}9p&ty9A+)4zBBviUM#
zK*fsL-|Zogpk58QE{J8psbD0zEXXyt)I2;0a%v7!WU?&ismsBVWkDi(S&*1s7GyQn
z%Ywv;%YyjEkvYnT<0^=8r)5Ddz{MV>_{VHnZNUe?3H~qn_>vFab6~f#dFXCc>@z%Y
zYXOSu6ZpdAJM{6ODU>sS^XGKLvHHwl{)`Io2_Vk3!J!PZ`VJH+L9*0|#TdX=U<?LS
za&0i4+!-vc16J*_zwYif(qnOLkefqU0R0|9_DBKDHU&@{DS#ut?zA@8c~;)+>fl<L
z?CNmMti0aU@y)aHqFMi$hP9cM=X?Jy!&=YE_l3Ca?}&HR-;r<oJ29-ytUURh4C^jt
z<*CyDs}1YR5#}aqSQmG7B-!8nJ%)9XhIO2gCuj@PZp0)<3~QNz|3<@FT>rLVE%Wo=
zY*;h0dLt%#@6=apSl^{>{utx*Bp;;o!w0FnXYmZ_T#;HuoiLmN?^BWw-7SVhEB#h!
za7@f((=N7!1b<=}cl!`7lhBHG1Hcd-!WSF?{7^vE9CUqR=bj4cWI**y69{jvIFL<>
z({9r+?Y7J~aHwOLxDm@4Oyjf-oXNbkT`Ar%!)7?^XXq!T86Iz%;h;z}j4NMdO8XMO
z(d_((7RM5ZnKe6!|F@5C|9@+S<}7$2OmOJe<)oZPvok?UNXECu_AKwB8QNvCe_Au-
z_*O5Iu^HNtC$B&^BhPv?C2!j_Beb!^jSO}_AXf&vpAci4#6lX-1YK&PLsvOF&TLS%
zOF2OvlS##P(}q5yPyC#YR3%>8$S`k0>-z~H_3VR=>d&yB1N9U+ImnD8=W9@(0l2Uh
z+k-86!aD3X24s_v31tj>ILJc)Y3}5b#(fc}vxKAS8O$TVA0&N*Y9;+T@RtBGWtWyA
z?bjf`0)$VRDAO4G4fKJpr|iPa0j3jX^3mqO_uFq=9`l{Oe0)(fro!Gvf;rq>OVBW@
zA8GhpM%SVF{BDHyOC=IcGZIua`xT{B!=eb^!~^4In08b+zlYV57lpIRD4dBkNSpbs
zasEDqQx=_2EBp^nsBv1xPN=bS{TH23V{`hi?)UYCno&6AdP1#Bg(Ir~GW7DPWQ@Y8
zAYPnM^Q0l#Bcg2IejVLe_u21@yT>lWBTM<CtSkF{?JAgdm4Py8zc{PL($R7g;NRmb
zl)r)^)H-rb)Tb#^W9GYlYUNcrGT-$~i5t;6)HO127FA<n_%)azU24+<skX+6+NweW
z)rqa6mEkmq)){f2ZmO#hDgN}Cjab`)>8hcX>Z=*s>1qL4s-8hi<U~;0kVDlomYicj
z9R-NNhTof-=cgcU10;`7O_Gzp2k{OWb5xTIQ!>~elK|AqR9QFCD+59I0i=#Gk>c@>
z7Z7cJ)w&JODfk2ozW2-duG9)6!`#9NDv=?-J>r*}IlJ(iyWGgg1tAC<{*YRv#_W$h
z#pse7z~>M9W80KJh;!Ie5Wk6l*c{XZru|G1E6Bk8E4wl6uY!0Ikescw`P7IFj+KDM
zf_ZI&1d5IX(M!%#dHKZQcu0%`G&LEi%_B|=s`()kvyXJjxPKkl!i#v2FWl6wQjZxC
z9#Ks}|LJg4E@8rDMe3B5nEOm<HF?F)Q6QowFEwiN)QFlq$@5jJWS5yQf|-wprAq4#
zX)|j5E+QO?mJBQZjG8WI)55A0aeX)~tS;k5I&GJQ)iorvVHVbeyMxdx4`Ho{>7|FT
zR>bt$Ls%y+dhsEw7ecQ-gbk@95WqNDeh3>=r-RVyGHgm-3qs#j6*h|>Jx~g}NnJfi
zZmSBrht&|%Q-fjm90|FvDr|{u2V4)9!X85C(NY+_z$fe}E_%Ea_R39!AAM<6*jrrm
zh$+Nn5pdDhR)x`%^<ls8Cb($j8TJ=3y`wT5Ad%MV5n=QKpD=oXPdHFgpl1rhfmKX_
zUXuv7tfLXLNty4wHH7AaVkk`RtBmV?l`icym)j)cdK+bdc!G~4vw+|;RMn{0BNF7e
zL-3Ft$}9kJ_gS!Vr;BnYTh|{IT?G^M>GlEBollVo2$tof10dxybmg8!5f_h;bA^Kv
zNhT%W1wM&XBhQY*`F60<8?X{l<}|!U`L`**2#lY5g~K7^+`c6gV`YJkxE~w$1A5h&
zQD`lp6uwt0E_u0-$E&TSSdH_72S0V`&)~nCGXjBm%|i4E7S5ibJY5wAIn5Z9d96~$
zL!EvU>nWu_(rFzCLRW<`&X4KRyLJl%J<i!lh(08?E58>+pYA~OZuxhC_a$EDIv-M~
zpOpPX=L8b{rNT~fj(jJnya7^0ra5Ez{w+*ZzL{bJg_z|WgJU$_mLfLaxsWb{%6^8_
zEDjd7ApwIE+ad>6IM35%xSs%Viqpu@Mo4Ndb=v7NQd09{xd_eMI>l42Yn^TAGAcI(
zer|N$A~9O3?>eV11Hd&WNW*&NE`)S~CD4?f2dRCW78YN)5_nDWiQC{19C+YNmE4e6
z51hnemE0)4LuYSDC7+Zi=T$QWd<Kh~VS&0_cQqf;t9T7Kp>h}lQSN)dyYbGY!rPS6
zR}H1!M}dxzMbx<dZcX<ZZ-~ok;BcFnw^jX-kXCX?#Ty!q0UkOBqVx2IiA!F&tPCzA
zQNaez<jX6O$nAkwu>&8T-VRRlK<dU)#f7tpO=O-}WVY;t?gw9TCwG^Fbe~)rtM7>I
zr`0pzo@aAA6y3yrfEu!`uxpWR5KI2>Egf$v1kQ)#>440EARYvAKcMz(RE6)D_o(Bc
z<;w>&!Mz93%oT8a3Q`*Z*ekKv$T0~cAe1#%zx7;d91aH)Bl>CVLGw%j8R!t5e0Rn-
zKSwzQsX?mOwv>rWjyz&Iq!Z~GKc`~`-iu^9@n(Aa4c`7Lp!ala#})5|dk`3)_5}!T
zFy7S>h;kzK0bc2S1%7u3Gy}YkK#Tyg6^Y-1*c-@R09AGqsGNzsV-fJ==cHnT;_&hd
zFlIpfAo^bqVg-<8;-3+1wEiv9%lc1yBjE0xf=4^VSJD3x5Z3@%OM+J*-2-GDpe#h^
zYlDbc#CE&hweA~?%P<H%1?i3S-Vem<KsJ$R2JsP)4@p#laPLJt0GV+h%7K)TQN!1a
zHc>7jh==^V>s)z73q-pC<Q10a!&gYqL*O(B(3e5uz{dNg2spF9C&EI-;Ks}TY4aXd
z7{gNoMxx}swG|#~UR`oIvZ5dLK#b>pytPAFZR+-h%-XR;)fNw<vB#WRHZYInm0vht
z#XM2CDz_U1-3kgm1E<)05PbwY2H2JofXfD%yA|!&b;)1`P|)oyf(wBSBp;@o>kbny
z1Gy~Vn_G-9r|*|8^6*PHdHAKPJp9OA9=<(&yDjV+4m!8Pbhe)DzsXor*V$r4`o;wK
z<ao)NGM_PtmyZ2IzshOC=%7<B{4^(c%tU?XIeO``gCz(*brAFWLiwH+Zsk(mjeKBZ
ziSi!e;{-gQIPnPR>>kDkJK+GftG#<aGoJGko&@qEQ>Ym@^Cw1ecZRwbs>JR9<k&F2
zU=HwEq-Uy~_?jO9KM{~U*97rHFfm4_*^1#k%~s3|IHP=g7ET|?Tm##cSr|TsdMpO%
z&rB9R6v@IXI%i?$`TEEK=6`6up2I;qQApfQ6mo&rZiFG<ZiFFjH^LCN8)1msjW9dI
z?>Ms&W)5&WZs)e`|6lJ+EzZ|>F;(wz9A&n@$f=#p?lv*A^a<`O{iofTT9Bn_&g6SM
zk`Qucqx^<C^xBCY9KI)KqrnAP?ygIClOE`aIu5IVqR#`YRq!Y!&w&9Dt0X(&?Pesa
z)`E26l?m^I8(YP1svP$S$`|NezDuQ^gC*tnMAOi;Y~6Qqv1?7MDjnJ3+<eVC!wx{m
zBC358`cG~LbQ0mkaI$T(O5Vw4O>W)g#y58iZsuE#2dHv5u!*)kj#Nk!ea1A=w<1k+
zG!BMFwA?o~(PUK1>04jFc}a~;>)%cEzyDg}bk_%6^sq3}L^H&TO;lG8dlHXL)XmeK
zeG3(#xa;{aJ?0x^UAaSDy9%aVQ((G#P-FrEpvKf9q&$YMTu!&i)O(&y)MXPbGaF<J
zX5;J46k*dW=S8B97bk98NYQZX;O#^DzT-R4U)=<#<Uqg)5)9xe&>I2a{ibnT31;}b
zA*79}lMpVO#hNGJB+cTtrdfO$X%;V_S(qN*bo2kROZ^L=)%;AwNMv*wm;Hmb;7i~H
zz3d+%#eN14We&&dWq%JGS@tjgl*+~zU$5A_f;4{)avaP2j^CZ3e2Bb#k9l4thk#=-
zzNBy;`d~nH=Y{^7g$FlE5HI0b>r9R7S+IC<$^Uc&$bxuv1IBw&5MP>tsHhc>@|YL*
zRY)t$9U`BS>0BrYZnto;-(oKa%YF;aX{8RwgODDM2MiRm-(n4L*>6Ea@3$bP_gh>E
zOz*cK*2R8{wP1I)<?<_-^+yN4feXR=h!3_3?<+oB=DFz#eR_}m9uHo#qhfy|#yA#E
zKp@C{2C&3r*-GI2$${)fhPov(xIZA6r*He&9r(_qSvuSDZAXAQ3{c#J!2nMN<0OFD
zgt0wXvI*la=0y*HQ4OO`AJCp_N+kWHEs?T30))(fNQr!e66stDVe~M3!XAcC9srL7
znLR~e{3i~>XY8(*YzG4DTnf3BEQN)^vv47Juk-OfA0OgjzkT7;XYeu}{^i7&JwBsX
zmekdseq)E|I(r6i{=|fCV1PeHE?x?V$*vcM{s5@^00sFP9d^AifLFkH2~eRM0~;kX
zw{n#U_;xU=icMg;$?$$pAz*0&JxzvhAIb2=;pQ3sKYRN?_AF-jlFc$)a-ErKKl3Nq
zoR<tg0Nk>(bv<V;o%2`OjEe`lGlVaYcb@^IUT;lK?N3pC0iCj$qnND#n`d*wbX|U(
zvw5bmgeE?12P-2@Hh+bzHJ1(a#k)FNKW0PGAUMbX#leQ6JwfOVMQ&xd5yfZjb0cc+
zbE|ZrNz8^K;&y<-5v(1ckZ%Vl#O(luxE-Jnw*!;|fsZo-l<xz#1C&dF+W`vY?S`Tz
zMCTxxDeWHeqA<IGmbm$-!!U^34MoK5h9ahSh54uh`F2Cm7~uA!4&>VnMf}34{iwqT
z__fD;uYinQSfq@-Y@iZ+yHlU?_Ob!u_Oby+({7+8Zg=Y60Kc35YD3Xx1C;RyC`n%_
zKH?Xl-g)CHJ|d2ZE#+q`C?T7N%n&BY1;rQ>MR4iO>g^OcGM<PrPgxG)?lKuJS<2fH
zsJJdIx(cRUyMyV?porv7QG}Gs(3N*GMV`l7^$>;|A>%x3<PL4(_wvdaJ<h^bu#(1A
zB`=o<f~xgkCA?{7d=e%=#xe<S(~Wv)BOlZ&1LIF-ydodiDdZF0MkA5tMNVU~jLAr}
z5uLD7ywbdpW>k*J*r(`RN?8@}igd@OOL?XaGcE1NU)h$nt7&QbVVl9fTUrmPWdB=R
zTI)L@w&3WNW~|cjtlq4?|H3Ve2mIWvN-gb4L|3;of3v1`&|fvRn>K4|NUr>fP3`AK
zBGT0Od5OPjYL`Jvjh3c1t?2wWn;I1Z&F6EUfwmLd;Q-Urz8A3_?nJYbC1GPeyZSmE
zS5IB0qvmslh8xZ2EX`6vZn&f+A2FYO-eR<dY@fFn5%YcCVkG9X&s&VN`RwXjjLJe+
zZ&xnR{>5v#dg<!b%Ydx-19${9iQ||`ROZ}N$S*Ybec}wOXjH3^_I7Zz7#=l9zV`^6
zwY?3CRe9v8fHAM&eMnABBwLM5a3uKrIUS!u4wK4N{GS3VVh@1Wbv+q{#h~Vs0~2lt
zgIojR0sxHYA;|EgwxZW9=l;v2SbaZ*>)n9FzUEzw^S$uu@X`^7#}FOt1Hg@$w6)hQ
zSBZH>kmk`dS`b?&RP`y50N@Y2qDM~LtAN?1euENb+5Zy8R6i;Eg{JI>)zMx57A1XE
zC{19eb<wAF(HBbF0eVEX1N66>rd~v(eEq>H>7#u8!Ky>hHbP&2u!?xz*B`9n>V1u`
zKUhV6H(!6Sig+Jif3S-9AYXs5iug!hf3S*+$m4wd!73gInCR;dR{ak6q-uSU66L4)
zkq=h+`h!*6!!ygDij|1&IpXuHXU@PyO5X>%*w-JdBEH0re6UKsgWXePPVw~zt9}HT
z)2j7FN|ayi>kn4Z<~hGQa*>j+KUnog@YnkKgH@Ed(bpfWVl>zJkq=h+kq=h+`h!)B
z=0;zCu!{I|Fkkq=sxN_WQa#K80$vb2fGv_2!6p^l2q~_XV(CR%q%YP=4O^rXQ4L!p
zF~5c_lJN>_*dmGLv0@<iiVY0Yx<%G*12$>{TO=luhUc-Zfcptr8L2oYc+z@PK`rq*
zW(z?MBdRU+eu6>d#M|iJ4_;Z4;_fjc^k%0xw*!dlFN&^$(SwT512fKT6m=6ovdDD+
zq&$YM;=iH@BRiP0NAb^q6<)<X-pLHz3#Bz;B<w;LiE)D+J^sblfhs%@rqzkH%$LIU
zKu@V<9v1F}DmhcowC~?H3YR>^<@mVM5-ao3x|(~Y@tlRH6S#P~!He+W1ux*~2Zw?a
z1iu0v3w{Ya9^8m$*f43zWR+;xd5<Y78PtK33T}r?I#`EiCRh$mHrN->TrdsKe6Ruh
zvfv3k3&9<DmInudUlF_oyfXMT@T#B{&+1?<o;3~IkKYZKHJu5(E_eyg`k)`44cMfF
z<n>0prGmuexi!8W2TtQdkQm%R$AmZT)ow^U#!d$>I1J;GnQ>X@pRH!4d7lYxIGLRl
z&U|%v$XcV)d4Dh}Msf!bT)vl(bE@_zhI|h~KBt`Qgg3~9oa485g2p&~-whX!h!mu*
z4ms}P^7fE#_q<5=VqMS`EB6ipjr}&mXz<e^9ube2inF+LyU=}DK%57h#9ih7fKX!x
z3b%KOdmCiqy9jqYxoozcgOsY=r$|+>gY2-|pHA}7Rg!6KC7t`Y0HKj_dRs~%sgFa=
zcY+wFVP;3*MRaAmQ8}}rkD@n~xMrUqxsMdN!#Q2&oa;&ie|?-Dx-LX}=g;XlCyxGb
zraISc+#lZFLjUqApqvvB=eolVK``NZG<E>*-#gbGPY*pnHUls+9-_{7lhos0`|735
ze?VSb;KnY53}z&jHa~(KLu<K4=u4M1Uk>++-27caZ(N!kC3KHN@apXl-e^GfRPZ`n
z(VRzsJ`fP&OyI?u*8%!M%5lr!m9ERw{si>Z0C)89I(@&u3*L^Ex<<eKPfKFx<oxy(
zOYuJ$d;J_|n!6lcrWr5H$G>PV>?GaG4WGGQh2YT33V(fsKQO|7CGzS+ihOjh-~8?o
z9~eI?qVm#><2Hf(h$T8PKSB)5+c7Rfa+6Fm^Hds2LM69DEn%Kon!1!(AoQN9=XuD|
z>mB;q@+ckVT3Nbh1-KR~xu^iwJ58)wKSeIy36KhKy|V>t=<A?gArBScdS^5}`~~Fa
zfL<)%U2X!W?tWwwpckvaKCHIGK@9=K4#ucFWc5A>)E?v<2Tq!tCqZ2esAvNxFD<8i
z#q#XC2=yjMM#X15fQ_Yq*vvU#l~coh4e}GR7O9&ZsV8F|goy&c!v4)pg6Uib>J)Mo
zla(gxn1_^_38<i2y2VK|(@<%bXE!3ox9Wf%fcve0SldE%n~s3{Gkmp)todzV<rsm{
zU~K`AO$)bcpQnO8fxJ2Dc1QY*_d(rG&TMsuBU`V2@i1;B1ys=7Sm(rVN4}w%EYA)a
zn^Jc=S!VXAM_|hUVhhz>I^=smttDsv9IzyH-G7d<1yn4WuI_e{4@)?wERQW}16g<$
z<PYJxj1qGXQTI6U7e(UBWxa2I#8K^TxlseXUq{kUcfUSXSBjB5ivRi1noz1I%sgkP
z8xBiC2~302H3)DmAlwtg-9YXju_K7*fjkLNTUUen&M`I!i*<(+f6hoZT*Tl8LhK88
z_>3X+1X1}YR4qWcUz#d<FSwUO7F8cx|CgcJPC<i3BM#eC*sV3})=Rm^w&^#$hxFa8
zW!<9@#=Z+n{HG)QYLmDjH8_2*`K$t>8P+X}DfcTA^+&4EeW&E*2#~LCAEzo$U!;Sj
zo~}H{5Ql+qA20-afZdHhMs`Y&{`%{$mn(NuMBvb(fO2<Ptb=5SvP|>6_Ai$y_gv#J
zIE#5<?NH1H8tjvKQo?OCMRzDN>-o*3!frI{MK)+(zwB(B%A6*i1{+Vz;V(LS^4s5G
zHcW~HI}|obv<yNSW^@h~-&r0vrnR?nXGJ{D>dIr#zDZ)jvtWo1^qjjW5}ngG^CJb$
z6Cdumk&qwROscDtB1%cs4N=-;JhIGxuRSIfFCW_4zHwQsrC9QnzG)LuwlxvLoooo^
z@hDWZPMJ~4W1S$$;1v-cZQtypSSrQ1US&M8HmtH9H=#uG>x~P`ED`}9*@;do&K@{U
zjh3VhONAi1zgi_}iBKa5?O=8iv<R`y2-8zN7efzRAss~TLv?)|E$tQW>KK3uII2xK
zS2%S<ovBc0S8CO?B^qpBHd?V>`fNo-D!Mi?Q-{(EwTnNeqa6(@GgIAK%U))8_}Lkd
zIab};hql)#AZC!UNZq<6m37N6U?~DJ^VO}x$=D0T)@00_qi!85Djw9W<SbOT?m)(C
zAT|KH9Wwhcb$g0$^xDtfF>$b3m%a?dHoruN1W3$K>+)or2jWOF7N~U<WQ=?a5`e^U
zYF!N(GeArObUSp2x>LFuul=1J5{IfgC7Bn&={(BMR(IwYh5JC<Ovd5r&H@>qgZO}q
zIqJ?zGWtIb#R}-gKH#qSRd|Wl{>2W7Hg#7w_J4cBZD&9|`-HotOIQx_ct8Rjz&#R)
zt3j;+G;WU^zc+q|1oDR+>Nla^ytj$L`~|Mh0qSoeYcyH+Jpm04=>DK791ivQn~h;T
z-v4NVQWYCuS^?au!*mg{){lmSRJu!d5H&3AEoi@X2kMl`m@`02PPVTFS@!kU$JeQR
zU*ox0TeU~OeLVx%E7g7@WQ`J6-48d?{qTPNdKM7z{Fsz_Hpj}bGorICAhF<3^=q-u
z&jZyCs5%jI6!$Uui`B;=v-d7=ZwDy%WfLeh`Aa(fMw2gw>*updsjDda_S6NEI_0Kj
zYky4G_|E=p;=(1x?y0|#W*#o<EbWRK-7F6i@)oU0w~f4MO=rKXFv{I068KY{1x(<_
zsHLg_1w@NdH0{htnD0ltsQeEjfqh#^>sX3%RaKXv1m>Z<vL~S`Ry%2abmT=8z|(+O
z+bpa_Nr`<4@^e7T&5(~RR&`E>H}<7AqU-=D%AdjE6&p|w9Z(aTY5=iAR1c?$4RREy
zk>nugRvq-tAa?>}+Yp0Rr;62JU(oviTAt<W7R*(>oD5@j6nJw1XayZd=#s31=Hzc&
zxkPNFe)Aa+S_K&Wsu6=;kzbbeayuu_iun@=TnxxQo=vOqnpgECra=Hm(ffG!YKGdT
zPIQuNT%+JH1mHe4Prsa%^H_)=%T4862Jg*BmMWPo421VJ!uvvpw^E0<Kf>CN;r-C~
zV0e#q3a<^}ZR{dEw8H9TiLI9<&<e-z**c()qpHeni>xZZ^y{dQsGq4{bsS!EIA7H?
zzZCVM5Gh4{DO}r(E8EAu+SPA2T7w-vZ#{F*iU^(5St#M1a6>oAXf2z+Eh1aWi^>T`
zhjDaXd8;A5K$*BZn0C)`{{|g6b+&SUH@6h=-*t-k@$fdsln9$@pUS_b5Q6rfi{6`N
zb;5GvRnpwqtJMje6rTGZk$0Wn*~4aPq4=(-W|$u-&WAdC-#q)=_l+!*^>Jre{VI1^
zf*N9LqamI)*-iOYR3@9{w1BnY*H)nXcq9LQq<E%wmiOB?8fCADH6(+^29?hm>z*&@
z6nHljcu^g0mTs+Ul5D|L0%L}uhV+Z8I2mHgum==drbg3j2STS*pDfhE6<IdFxUp??
z1;hJ0I9eII7`9Clr>2~#nKpGrZ;Gx%RlgOGI96RHpHq4Y#A5(_PYmI$p$tb$WsB7s
z@mtoW)`(Blw*mqeP=INKzy(&|0uk8eh9*qNTriM&N^Lv;;2FwUnQ^Y8>`b+?n)XrI
zbhWaXhFsYqwXzol%jT$+TL>}}*id5Q#OrBs`qZgr1(Z~Ot+qSzXl$rDDRYQPGG+L4
zI%o#N5Iad;^bu0@9sub+sTYTz4cH`70m#fzC&@9-9YBl)j9+X*;(Qwlj@z|SDY#P`
z1&6<>IBEVlj16aQ<}9<mP?}|0$(M56J+~Vt3l2wsGXdMnCF^thGC3!LUJl4$mSOHl
zPBPpL>LP&Jff;$MdH-rj2U8L*0DGsWk%@rtco1zs=92gUi1UG*Nn#a<dx6|R;#?4$
zfV>3Q@lp^wG4Lx*;EuY$U<cdRtjvg?&msRO2EfoNeuW$dOyqmy&D($)1&}!H3uG#w
zr41T;XTHR1-?-Gh*93hLa_}s;AQxrKFeQP!3`e$xBYPn$>)J4Gab$=)E^O_rnBA96
z5G?6+CI~M0Op$>0^59eDKaU9U9T5T4(vdw=>g%R9)nb)B654>0=Tgt07m+qu>RFw~
zd=FgCi!AlbZ1MlD&nH(#ckyP-TF<NKX3aL13Y50p#=>0<b{h+EyNzW5aJ!9#e7lW>
zxZTD=+-_qbZnv?l20qSgW4Q&m-NwQtSN&N+ueppK>^_!$h|fW09}8!a?LHRb@?Ao&
zB{mbd-N-`RF0YS)-xX#f3;A{<%Ut04!-QUM@oaap)Wbo4nb3=#^XwNs3kSQEg+g{K
z3u9`xvP{6+);p2q9!D?tFs61Z3vs)Z<t^ZwRFzrDVaA7C$&nHWxspT754n=VSB4>1
za){;a{+H@7PTJg5nQakyS<dkzpWTp|cyCt`luvDBi6@vL1ebBb(p@kcr+jM3@%F((
zCdF7<;_fn`F3UoBi>&MQMOVSJ>try!b11_6V6o}|NVyDMdFv>`$i|tib+T!H6ELKM
zt2gFj%)VZ|$#5Mm@5Ecs2f$dvffIUCILP88B#xoV@w9zVFL}YP!fk|vyAv@Tr`>?Y
z=~AELgnO(lU_|CpfLpTM1;iHNq2%a)oGu<4MT5DC?i4cUr;!WLP7m?_teFD72>$qU
zIwnJTU>{qLrWYZ)6iVh;05)v)=)-ud0dWo)oWJiejxYT+$j8ZoUhT0vV~~3W6d=VR
zXwN)D^x8jN+9dZ4_lh4Z^k++PpJng-*LaK9{->p>nW~R0+<EP%ENh;$RGU&u5L$k=
zA$A9m<W)eYz=kbj`7@*f`)XCjqL^PKyM2Z((#gvD%&sPhr&10-r-S#);j<mtCf1q>
zi0D{GxJ_k;vkuGxaR?c6R8~GhwF<<^fb!`oUq-(_0dX}MN2oF>zI#Bd19bn9c^3=%
zYs4lg>*XqceT1KcGF@g}l*bHE-$OZ3KmO$<v=PydR~r3zS42O)h5I=Zzr!wKud7|e
zNwYKcScE70gNZ2lOcOD^KX?T&y+4>(aer{i?o3U8AMDOMQ!{3N@cnQhco_AY{R+P(
zhA3l%qMKeo?{Uu420tRk&NbK`582*|{lN_2C{vzDq5NcfY9mA4ggkr+Aln#*G4!uM
zeMSx{*Lc3E`B`kH1msUJp>%**I^?BiLvhTD=0oYA*DWXu=I;wH!>8o$-6nsZjO6c>
z*8idlTFO|aj^1l90l4jeh}#b6NZ_^uBHwmE#BB#e+;%|3Z3nap_&C!6-3Z)vKu-X-
z7qn2mtNv$e@NNG?+}wCP9jNVoh<DZfkZ-%6!-1b>ZfGap_C7Vh&+p=+O;3YwJ0Hr}
z&SwJfZ|i&*P22epx1G<+z&ELK)A=ydrSp;8m(GWn?tJ)4-T4s9D|4$$MVKIMZgt5v
z6W4nQf=K6+;7dK8^R)Mv5>GPO1eeaZ1x-4iDssFjc*xxZEGcn!nNXw37h2b!6kP?=
zihfTpy)!8?0l~6JO#q-=hOWHZD8k6ftuEekz*46FU~*h&AD7$J+&D2EY#L~SE;T8R
zD}v@YMYo`U$V*B@G?ng!{^j_99O_(`0|j?7F>avL`$!XX@p$=eEjLm-1rh(qG|D|7
z#-G#iHpI~76<X+jcQo9c0Mfn-qsW>IayD6L;DwzS{wbh-0N@2v6~!(gxAijJB{0Tp
z@8|_ehdMb*K+mWUamN>}Z`H#B9TCI?$3*?^EUGII_!_>F-IKo+3+54!_mjo@s{C!4
z4Zj8X1|ZElYGNVluMdsn0&r(lT=af9h%zz`oi_v3i!v=By8#-mGg*;Ae9wXU(U(Ob
z%FZCDC*B2<d)$b;&ah?m7tXMz>E6b8Z$S1^ZB2g_WhZKDgHc<5jHs<yJ$;qbwJ*lr
z0h{E;!m}S&9(Q^0bgwT4Rji-RpZ(w(9E6A5E4UDdQ+%j^okc2L0Z}iNxs;Cb7)(qa
zmsy_5guzuHB$)N&7K0H#DtipR>x^^m6HM9VAj6;2aS&1#egc!Ha4G0*kzu0&-n>KS
zs8loG@?DVM0fe7n@}xgGM}s<wLeuBYSE;S{1nW$YrvY-4%?pkL6Bp5Nw5ac^nWFEj
z!R<AZ6W(@4%5|neVlwnV6Eh?xHw6_P5d?ouhj+|i6>DXZZpJ&V=c|tyqGChIc^uTE
z<S;U^Z7v1t9guGV%4}*`DLY37Qgg7F!Xn*o6YK{m(hp3Lme<4C{N6{A%6Xx#KHL?S
zHoa9uM?#f$*W16!mDmY3u;wxz+v}<);`vJ36A_=EkX>)B5Vt)M@veFz@@-GlANXkr
zz3Yv9+Y`NkAkR-kcD*@z*W1~Uu{{xGY)|Ba|7|@HqiK60;<hKc1b#Q!5lxjn&nQ=7
zciz??P%{SH<8HPR%azzk#+#ro&NAN$sUat*#6!B0J*>MNTh{xK0`3+NSDyFQryT_o
zMIPkA4ECnT1ibc)q6jIulv)MHP=t5?)p7_ETmZ835GK42>V0AD7<e(GnXt6$tZoJx
zP!OyC2;K-f2CRP)yhk2-;P@9964lRxtY4kswS-!Z(NL+;U=K_^NJ;a9i7h{;gP++#
z?=i67Y9P7iAPvAKjDce>1fw5_UVu0i$-wQIT|0o>4v;oMs4t;<J2yh35s>Wn5zm}_
z$%}O&$Bzo81|v3olQ(r4n_7g0*!1no*c^nnd=G%w^c}<491mg<Kw{H(0%LP7$TI=O
z*tC6fZ1TI~&8;!!^Nx_hgjs6~--89p)?p04jHzrL!*EspL@3tg+%TXF62i>`jBxX|
zMd9WhML4wsLas}Fh}7C&)*wy?^9O0F>qGB1A+FZ}kfyrP4CXNqKL<#f>c%s;-++7r
zP)ySj6jzry44s=QTVa3L3YFRq5vi<TrPydxaiSOz27`!H4q-&x=dr?wmmngQJ1`=R
zVAKL6B9*%_A|pW#1*D%hVg0R$xQVaPCr`oqolt74?J>{~%TER&;Xu}gsR(pW0A3!B
zWTjXH;wXT;JlvKqzX0S}l$kSoF7~c4Nq2(04bTX?C28!Ica|28RhddUKMAJ|fTpWW
zbZgC<`=LiD@OF}%H00MI^9n#UpJ4<)hwq&rgiMCnfPM{o8oK@1IEsB}9WY6U+U*QR
z&in1pErlQT5`g{9h}Y2&rN5~zL(c>5%t(JT02?a<V>=9ooB3XC+(R|<nu7hoA~-XO
z4^c3owmK5w;ov7z$1r;Xk$%NQuhf*?w!x~3{wrQU{ROyfLsTy^wgl0ijCpD>gWU!A
zj)3$VCJ<UPp6=B>eUFDH1H8S!-x{@=>3bdN)8}u8n)EG=q^}+6b0g_9CqG^8x^+jG
zBe`NJ;kpyf-#B{rtx2Gxw-Cn;#S0xhrDJYKNzj(Yr--&hG;DNNL5e@8gItgHW8Gk2
zM<Gpf0p4`g;{dp?0{$b?^VAkh_m#je1Ndz!Q#}G6?gw!<Aemj>$N<$Y@<dMcO(2Se
z!BSM8faxz%<+*Bjc^Tp_0s>x;?jNBlq)xpL&bt6K!7$+Wm(sx;QV#-{c|Ups|Hq^B
z(i2VQofFBt4fwvbH7xl?lX+4(98b<a%r_C-lA+?~bgaeGJ!X!oxq&3+h!?0nf=&rB
z>*a051ed*t*8;pbs`@t2`vad!dVy*peKzpZ0Jz*$##a8Vz?1&{c$yMP-346T4PY{c
zylLzB_e?Ubt*5*G?ccX^9XH8{UE3RZ>BTRB)EbkFZpMq#L2i65+#4?ihIC9<tycnj
z8qwMSK%E`Pq<jecHvnuMbAsyYz!`v+*N?3)5qekPFPYMb@a_a*qR)?0qhCgWF#4Mi
zeQo6*WupIJJ>B*1bwuCOhaZyj&=a`0(`*|!`4jL+vGY#fj+A&+an>zDhL7UR%zbc7
z35Q(#N=*|+t8!p?bKIhKMx1v5I15y2OEPAFIEainN8$rCqX&bv9OUtU9B}!)gJ(>)
z(3ozah!`prnyq|DISyeJJdP;HVdbBieBM_)Bj}D3kO$6zbCln}S6&G5a{<nQ3zR>A
zoZCR%1PD=8D7z8(W26_TUZmdv{wBbE*91Kgp4?BOgttOBB5}z?2<5Lr2%c`^@gD+L
zGH-<<x$`ZgOSI;XOp&}9DUwb7ibtB`lVT{6M0PiLCb(3W?jd+6Z!bK|ElMGAZyFw^
zN+<bM5Y#^UsWEXX&5J=3)G?s+%Sb7}pRT$y%)Y>T08;o2S`gCjPM~%Gq`R3wSWLVk
z9U~!Jk*<f6Ly$C9wApW4U3sxd)fbUe?T+hE|MR+XGd0N@<h|jtQGGRHmgGZu9e9|W
z@y`LCVlJZd9E6DWF$pPYQ*tp&+f2WQBdrGkg6XOkEA>Ud+W}fL<_A$vNd=58Qf1iy
zK7S3@X8_(G;1q*qlo9;f;JgV)k20@24z3xrbB@0~#!0ONFxUG31{|pix0+llZ=k#W
zEg4X(3;uMu%_`tH@ir4|jS+J?$aSF?kH>%T3Z{wic6Wj5O?nXMegI5QiNcG8r+_dy
z6h8sD!frB&&H0Fpu9-hKvFR6y&0k8fi9d%{=f+DlQ>v$~ncqQRK51J$$?*0kmjVd~
z%NC|`K5i0HvK*7V?i-46FGwDSNFNMHv9oi$k%xiz1JEk~>1U1C!C>l7L!m~ZVom{l
zAj=e)J02QD>%Nyva<+>kXXX~g84fuH=<6Ad&c^`Fu{@6xVQzh#6F&q!C$WqeBY;Cf
zF|z#=@rWIZN5<nZJ+F`WxDX62=dsGV!$W$ykz78Me-9q!Fd#p<rE(i_1Ovvv{z%A+
zCZStV5<jPd+&sDjzmC3dL2g_Hh|j^5y$tuaAYLP5hKh%jEyF}l1`xh&f?|AVMd*A}
z;U5kE2jK5y_{YFsctRsM`2GSw=k8QQmJw9vQw&+$<F{ycdd9(I@w7-5e~B!XyfteJ
z#sZYwtdD;W;Sk&d_?X29dp%^PIQesd$EV|wk!;fqojL6Cq5L!Oi0Q5%%PQ^hOv=dk
z)j$dE^>`?sE;(KE^RJ=SV!eP4S(CQ!QV2gR%pba7fvTX}Fl5$XW|&MhFs#X-b_0~1
zS<MjS7W;*u=K&IP+YW<mOR=*-t|n`anajHl#MOYH*}U#-NKHiE>AeV3RWQIf%!9+h
z#(|%u2zD|KW8uK=qqru{uU25i-ECX03I|4nv;d?(0<dhV-nFecENJWe$Vl0oH}L;X
zBgb`K8e^lgMh;oMoup{wSte?`A~yUv9q9JBW7A326MGuj@;JadSfxq-9{BqJt!%Se
z+1>{SZ;{G@ufD?L3qbG-5Gwc(53A;pP^ErFE|Ps!G1(0!**}aV`;aZorCyyc%?T$m
z=AKlITOygtfSnFj3Kxb%E$e>WChTehBw$B4USG1%7tT{d`vDsXhk*cEpAUmR68LP=
zFeyl12>fh-om(|_r`R)cd7=Ll98Km1)XVDk0H$l#_iS+vHtD)JlCFwDozrEkx{yN&
zuQ|Ry0wFjD@^L61j4td*pQ9yfN2Yo9%kiWDKQP(QlXCbu9h>k(U)jL_C-L|t0E@W2
z7}6)ee+R(Kf)iwcsG8T1Pk^lV{YH>j5Cw3!iEA!7+{B<#Iz<0{@Qq2AV@*(3`8vfl
zaH$gIvZG1ySCJH7jTDP=(bJim>1{pYa`lMI%ze4q8q3jCO1+E&kIQP01nTO+S4y9T
zJb@g29yHC&YmQ&VC;>b+aWTB~JQ=PfWyPpXb3oe^>;?RZqL|1^7N=>AZ4rM5P6Y4I
zd{7w6u6P)|pCg|57>~O0J}85g;$h|wbk-%H0Qhq{ct|QaORcP9FgqZ72Lo^s`^vs#
ztO0QrAae||aINv|Jc3+1>ud+r=QOZifcvw6*oh!M2l4?ROPM&A6#BldR8K&B4TuRq
zwgn(WZqt9mhWI?B&w1NHAk)C!9}@clVtayE0%QRoOBq>~zXsHmfcOz`ehA2Y0ECzZ
z+5aS+K<8aZpEuG)AXtx9uR-GF|HIyUfLm2u{ll}{*?XUUd*>FoTza{*OH)8Z5DTD)
zsG$g=paOy*B2v`EUa%Xl1zRw&ccW2ku?xl$mDpl1YV5tn@Aq3X``mL86Y{>_|NVd8
z^St|c);Vj<tXb3hni)W>62uQcz5t}j<6{t_>fgeO2*4i*;+H^H0kBnbj0qpJVWN%3
zUyoH)^%Ua`Q_pPhK*D$I4(ij)l@e1%>58A#`gcbXy1p-wYastp01~=>91S*tcpP9Y
zR~^e}@Fj>3X>ge8B!j@3zhNg0V9mu^n`{Q`3~De<=D{S(vhgcWi)e!PN{VUl35X|Y
z0FE*me1;0~D!@7%OLuZqco&SbcLI0|`>0MG$YULT(BW9uBYGGtrUA0uP=-1+(dc&|
ze*-A!4Wq{Q5maaG<qHZX;%d0g-wU;2L5JIrvJZgBUYx+(Om3xm7;ZKItmVz>pbAFu
zFQ8rl6kd9~&a{&to?A?-n5MD=<*q$xK@1$b8jc$c$4YW|E7elffPE;OXCzn1wy20<
zWH^ck0C6<Uk|Feus-zOZE@Bq300xJsqJ9hu=KDqCiFosmQY8tDR+M+hQL0ohRT9Ec
zf{s`Z;3(1GI7;jmIZEXmrM08l_hob-#R1PeDYx0Uad(Z}#1gZON3l9$N_8TQ#`!f=
zU+d%ku3BJ9TJs<Tp{XvZCIPI~5#Oie+jD@c))~IWN$vR9*is&^L$j^{-yaR%!`A$E
zjK}zzu@a1B(ng+S+DM}l&(NuEs37HBqKawdj`p`WnO8ECqrvIwCeJ$ncx6=(a_-+J
zeiW$GEL=~Ys5u8Hvs=2VNE1nKYa5-a>MOxOs2PYKPkGnluLCbGuU!u;oKBJH7+MW`
zGKSNc5~9j}4#wHw7eIp)cS^PPOV;L_9R+C?k8=A;bV~(NL+b1)K5%*Nr;GA#q2TYZ
z;C4vyZz%X)2rKa!Yz(ve;EcH7mi;Zv%LKRWbHQF-b_3WQ`!V1ZF-ZXXOW>99TVWp9
zw}QV)0+_X523{?7y4?ONc&eq$*4d{Kmm1i`{_=54)d&yzHAJpM1q*iz(@W0XGjJZ`
zQpdo0jWr1vnB5w)1Cr*IsRM_dsO#1cMggDIx-&|7<}fv|hKMye{wq|SQHINkkWh0g
zYlzR?XzOw?ee*WjO@MVih>E|XoB&j8DyT`3`v~b6xgY9U%fZkMtepYYd=NVU8A)Om
zh`oSJ1jGmXZE|9foDw6)y-wau#xZ*6J%M`$z}g?gA|MM%OaO5_kToR6fH)h-S%B;j
zAg%<m4xnQ6=5Q0-91=v{TyKjPw}AB~fOwH3=*5FD-9Q_9@hp&yfC74f&*R`U&8umP
zPWhEicNQpqI6;QUBHfFsbh;O^*p#rO{1p=302ICk9l3Ivd;{tuK>dA2N&`jUV_#M@
zS5;>xkU)b}189i2ItUNCv86K)Q&z1{QL*2_+f7DH4vFGx)uybCVAu^}#saKIKpYO_
zP!jimSOH`?0AI&Gh|&!nLO}U_MEt3+IvG&R*x6Aj*a?hQ4|g_rt=(bK3XTf_)<_Vy
z1G$yNKoAcDc@R+i3J5RCmVMyfy~X|<v9(HkjP1ekES<zbyanV<5<kMpr$9a?@i_?R
zT_A+_KokPW0y<Gxwhj(Cx2y-0^Z;RDq86j4rIDu*0!#VaTW#^Y8BY2D#Pd-=Mv$QA
zIU9OD5vF_6hMvy=G7V5bf7|?HUUZNAi;%eS&+4P|Vlmt;pdjYO`9RJl!MwN`$c+G0
z7D~Fv<f;`RsYp_J_B$p$b9Mvx@1p=pdlAT=NKo3RKt2YjMz#QNM8fKrcb$?_<DK`g
z^h18u_*xJ(03_MT=sIp>y$^VI{f)h+z|di#aBm#ULKpDv`Wr_PRi(V^em%Vq=Jnl#
znOjNj`u;iQ^}~fZaULYwHAN&CMF)4(*YsqCaWKlS5q_1>_t*;)bC67SlQ79e_H^vX
zMfO_e)2NS5L+NlBv+`pn!)fSD%9+_0XfKU610AH%en3ZPv_H^sM15Yq;B?BeEAkih
z?W3H=EX`Ht8K}ojrHFSZyRuDoWt;5EHrbUTTMMiffhg2yWZ6&e@-Z@3y5HZJ?sr`c
zebL{d7R<5r^18WJ%B<I$35FT_n^{WxE1+N}J;!WxcTQQlFC?1zi<z&aZikJP@o96G
zDWoVx@>#8u(Z5*p7pY9gxiA@qa?k>>mZ+>4OaZYM4VJ2Ge{w7WF`ouUsqD@)I32{v
zG+3qz#L0RPSJB{TRUl3t0&zbeSgs1hiM>{(&od#}=GK}cm*h`!L{(;A$C`=-yQvPG
zIcpUPMrIvKlNC!bMoW#HO5psk#>svSF^bhOcyGYtR~VWl$`=EL>GAh8SgQQK<S2(h
zF#s|0N70}Uh#oXphNF%&7z<)F4USfUIGF+B003eXh!X@YOMg!{p;4zIcddBn-2ua;
z;5-r#UJoL?3P0Y(_&EtiCjdOE+g%N09SL5e^amh!lUM`d&p@696i{U0{V@3g)Mo(y
zaS+yi{&W1>*Z&LurXsjSO$DfI14@}Zj*EFW5f^o$mqwb^AdU1>BQ(-qjnl{gHAy1_
z)&4}}YLY?S1Vi0u(Pk}buto-}Aw<xEp(eAK&-(<+a#GA6Fva}Aykg!mIJzjkKirs=
z2S;C~mD0;a-YD1v=2auEx!D{a#pG2Zw~!h$@~V+rQb<eX@>L_Kb$IY!ziQ-Gh>d>L
z$gQX#n|{^EtxVpDB&w5Fjoexxy10DR$n6-TxB68hx04Y1RU@}CGY&TTRU@~v5c*Xk
zx2fVWNYk$xxlLV2j11*fqX&Ry?NDAdB5qzaa=R785lsE6k(>Xjk=rBq0x{FC8oBwe
z8oBwe8o9lNO}}d7_9<8d*~?tMYUK6}GZ3v`HF5{K&%;K)YUB=**j#S$RU@}WB5)N{
ztU(M;d<9SSt48jSOeYA?uNt{SgRT&uUo~=viKiP-lH~3y`*S$*-osBi69n7~#8#jK
zc00fi77j3W_u^EDcR3&M5;dm*M{es0flZs3yo3~c=0I}sC8XHK@Nja0Sf*l|#7F%S
zQtVlYW>#g%P{3ru&K6L+7k(VQY=a`i8@L>;H5+e*4I#l&hIf&!0ba=IMbSFCF)KbS
z)V^GNC52Hh`FPAPN3Zh~m%Gh23zoc-<o2ujh@QLD>2muALxJmelH37elT|j0mrV&a
z!x?AEVX8_v5RzixB?ks*x*VSjQ4?4JK7Ll~#o#E#fhMQ%7D%xsm+=KJOcVBiZ5E4M
zX+SxdBByqQgdzcMyrPQrV5kLW4FHogzA<B46%3qHh4*D_M~Xg14G04(?VFz>j8bV|
zHI??|yh{5NDy`YAM!BIrXHr+ypas&6CW1|Te}JrbrIfuR@I%|^fOe@M-D00(6<!KF
zoIZW7>M$Ny=1vX`&auXj9mWgQA!JbYLj2qS5Rteef^Ne{VNfuA`VzW0VG#&q?KN7!
zsbn@Qy+yo}&T=Zq9y+W4*hog@KGZ9zPGC^EC+G18*Bp|^-3*(Rw5iS6xSzpn4bA%H
z%;G=bEsV?`O)H;-9Y3q}P;kWlWQ@@UD&Lyi<}b>^y$ECc_djuWCEZ2hIMv(AUCEd#
z7J%3dKXDn0gfYNdxl(hH*UZ@j)(LfU{F%vFH=0WzjMIjg69?No(P0i%1RQIbT+T!X
zHQJxiK$>#|lKng4*u_d@?uQF|6NqHE0Vwu!(LJOD59}vko)$c7H=<-_${qnrxt{5F
zAYO-igDJvYf}ik1@Mm3`ht39*kA*BZ9|4LuYC}DI9X}znys(7Ep>vnvEFOxvvYSeC
zY$`d+TCd{r=!ooW@khCo7nheuMuYamu;g?2Y<2M%|6@+l6@tr0{H#`9g&boXt2Th%
z0X3}!5MxZ6X)*)Uel%fx$I|3DP%8k5`3D`Px-mjmfVvdmpKru-_4bbdjEU@^i}G(V
z=KW#znlWFA7UFGV&KQvwW~%HZ2Ddm@2(N`1KdZI;s6!UOrh*Z<7v9~$KrF<S1faJ7
z-^?I<WeOO*n!uKV<u^)2RdG~%AM>oRunZ?GY%9M&bfp=|6d`LMy>nh+8#8R{X2fg|
zxvXKPfCVk~a;uQ5GI$dY?E|q;+K1)Vm<zP=Vzsapn35*vL?HQ14tWgi(oQxCuZs+0
zDozhV#yla7$a3p6<~?eO(-p1Ia_by2n?}T_VWk4{Z?nj^-`q+ULI(DR7@<#0f}tsv
z&uY!ggk85cK=Ckf3x=^ww8>whJ(EQ1YZ7gEUZP!zL`!p7uAL@!`UGq)PR{NEQPA&Y
zi=4g)CNHKq_%rWQWQd!!y1?yhtp=Ie3*qZ5n>s4Iq#N<Z!(bk#W#D$Vu8x?x8>WxJ
z)ZJ=aOD0+dZXfH3h^dcZ`aPufu^R6n6D@;afW=xU-f2`N4uZjtfaC!DSSp+Z$pfq|
zn?c2CUL-j`3`Hp`IZv!O%J~DdF>;<epDMw)?FLMQrBq@DX!003LpwPsene!5*SK4j
zTPJ}miSj)Qf=vZNk8CGroc5(bS=Onr{{YmV(wz%^!^r2)0$vp`%>z|_1EcH|1>ceD
zLlDI=hDp095!@9Q)h<~Ae*s)~5c4i7aWRY%sADEA{?$^cSr(KP!5Bw8?Uw?*iy$gC
zhV|8f57Q(N3<y47|Dgfkl){>+rj0#=$YlE(1bEui3rXya0UAY+#iQ%kIl!D}kURV4
z3ybH3@$4vs?Yk3CXhImzxbM4nB<wVbAd6Fv@Jz}Vkz2%Qtw5!Kh)Fve5d+D(j}hVQ
zhtTb|ZHGLv1BbhfF%B7#-KIniH-Xw^+YYH%3x~VxVjMmX1%O@ljU1j0ha>YHw#D{g
z?QrDi$BF2q8#y_O?ahoWS)AdB!q9vX$y|c@uJ}E4lonylI_yxea_54nzXwH-#i?M8
z$QRL;V7qD&19s)UnF+;!{i9I4ND*XlS|Fl#zKGnYu=R8;qW2DGYY|*D?>(s>^AMqs
zJwLKIO-PH*6!Fif#m`0LRV||P5F>(1M4fjZFCt_SzVmF6HxbDJDRub)X)BDSo+L+I
zB;{~yde)7Pvf>9gtju>9<h<WgJFFaGye~v#D<?({kAlPEZ96<kJ1pMOIJ}Ll(@&=<
zqRxsQBa3r01g5tw;z=zcJ<^DHhpdw#zYhi#(BbDM&DzS3i)J1LFUU{!AWHU%HE@Xj
zV%vVgnKMYTZL-}L10`oiR!sz1v8`g?@$^?{zohTj)ASwh<@FtNcHFwdHOI8_JKV%J
zI^1N`?Eb&e;ihsOZaQjsb%&ez`3^U`y&Z1sbX2<sM<eB9>wrB(%;yOGPM_oLI|`10
zsp*hwPS!)XUbzBQ$PT&b4bYVzptAu4y$w@Gq;Rl{A!<M<HQprpD__GmN%Z+9(XCqA
z>+eG(y3Y=~z1E1CI2na*m*F%co=`I2co^sr53zWZ0at2c^n2@pDVy%j0XPHkgGm-s
zl01fXX=l^!uE;Q^B!|OiVUUb6U<wGhk1~MF?MFQ6fc)Dr;>p~u6PN)TZ<4DCI6td3
z%LMNIKJm!~Y;Y`Ra5qvY!<U-meD<3tInOi6S)P}ib4F}kh9j*ay%-Th6OvF?6zpe$
z;~?MRlETLDbfCnSsZGHcph28ZE8EW&oDCwY60}d!Lb-J1?uj2W<lBy@r>t_6t!!+i
ziFQ2&;j>yx5H)+&f!JH8N4ue1jRM$<mdsb#W{wS4fm{MepK9D1{W_I-n_6RGY>_c<
z>qL$=GQ;kac^w?Dr_4Dj9C$hm9tH6b4VI~JETi;S5Zr3cM!_@MxEO58JqS(;O!7gn
z{%<Wrm@TJ)9&m(uNu6$GHh&A%4k_?=njAVBHqqA|yX{@|2z3a|Wa~AnSF*EuY&t@(
z78H+#b&Xlrn*rQA2tO5OVeehWkBc2x*rTONnT5SQ(Q^bcQN+R?ZL%^`#KInla+}YU
zV`0w*Tb<44%CWFVqD#sw?9tmkHlHiU!XAnKb~my$W|-eCHlHiU!XAlXHlHiU!d@{1
zjIjA!ITrRvjO;B7dnuq<ySFUt5ihXqPsr4*U~f=kZ9Z2XE$rERt{e+{qa7^l*?g`%
zTG+GsTzRyxXY;voEbNhOq0Q&Yv9R|?5X(|#VQ(r#ueSMIITrRhfH=wKbLCjrV{9(B
z&B7ida20k2U^6%|9s<_ee6Ab|d-LJuCVLBsp~11Rxy$Br<yhFGryDT4mW92M--JoE
zI`#`In?gS`>Qhi4x|2XrW#;lykOCqZsKmhf7uGHxBj5U9WW5ip8aQxYZgn8umrWSv
zY)iHIV&Dsp0j|;vH17csK`E7HxXEScV%mvsr$&Y`)eIjl2icD;7^ZAoom4eu<W9bB
zwC&SnmGv6_B^;})4#XuKtE@5q)aDD-Dr-3(_0-|`5T@d9sKY@nLl@I7T?1CKi=nHE
z9pGLAeu~TSvr{vCYyl$ST4kLt2lr|Q_e{c@OFF`0bkLD$Tw|6=dBEH|06%ivv5y~L
z3S87C{6x(kFvdXf(#xbCZ7QTu3!b@yTx`>VjUkn9NMLJXljL7uvsDY8l|qwMJCnhs
zr^=%{?>PLRCUSi=tJgJAJ$WKBtJhAu>hruK;h@GmV)0KnsgUEmVaX*3mCZLS!qNmQ
zsj_*oL|7&zKCt<UMOcPc6Ie0$j73-;d<>%8<~tT)g|OAxe8?iK5VkHhU$O`*#iozV
zr!2xMAzEy{Wf4{<(x?(6Y(8cY)+G9Z7;E!2i?BnS?{7~?QQJ1G6*v3Ze9t1R6OD=)
z(oTf+!Bq(KA<|BS^%)WiQ#jlkHb{+GX7f#pu%i$wY(8occJdkj)%LTy+bV1no0Dv=
zCxyCYI4#8!zG0KtoMrPuov@1}|Ai^82Zvn)s{UMV^N?@YO={VCn{Qi$-G%KYn~z(B
zJtWX~*?iq1>?v+G*u3v3?3tl}$827B6!wxBY_j>lMcAv9F?dO;cG$a;W#|p$s5~~|
zeG00W_8nNSScG)mr=JE&kdg}(n?C~|!!_`3e*#t^DmH$a58X>T`I!>pTFJ)G>XIc|
zHh#XEji0Y)<L4{d_&H6Rzfitt+W5s=D4(h}eu>W#jnN5oZTwOpw6cv~CWO|u@ypBJ
zhZC)C<5x&>yP|L7SH?eqjaInvt0c5q<HpZdx$*OLZv1?u8$Vy`#_v$UYS_Z+#-&RM
zs7$g;7;?X{W*9u{s-MMRi<i~g1I29hyYXiiZVs?>viWu@HV4>LC@Bos9AIe*?CBk0
zGeB%`=LdTwk4`<-PHFepGD`*_6Q=<m>$|LD?ihJupi^TH3;;U)3eAbt=`j4-oqEH>
zQ6+KwxvjNaN=Z}L&2T$TmHZ8ZG53;^Ye1EJMf|>Mwyq@{CA$xnQ*;T($?ijfOOat^
zby<Lv_a;!$QeyoRGrUg(j6*i%eG%FA$k_^}Z7X2w6~U$hi!rOI7C_1!D*^_>uw*)-
z5jJ<Y79N)H&8V=S#`#iP*kAD4W#B1J(oyI<Z`N^ZZ$gwyjNv9@SWy7ZI_sXdAlaS<
z2J7DVr@*oJOyUoweQZVJW8Eh`Je0){f9wA2S70kw9hi7@VH!*dlD@~s#Mxv_Eyqi*
zl{2kFaO<y;Pe8mbY2Td3x--0eBi#U#Hr8F4Io6vNO>5r;!&_yHeds)9V$rxaeEnPF
z4E%0sJPf~YSJr^dy<B2@Ih?uj!>~$HN?^w;j~Y9bJZ}=O@@e@9S;vs;31T{9HUjNP
zo82lerqnYf&~KB0nX4*CVXrum5WlQAOvM{<E01&}!&C~!-dOSuB5zuFo7?f~EUp}v
zgne9mnE6wC9e4_ISu9i~pE-%wNZ8lp*u}mZtW{?|ZyfH^pRXH-lQZXn#bZgWI+hW+
z^2VGK;jX$D&2=i+5SgmZpMxzCbY9FqfA^{QOZUmXL3{e4s(NE<B^Cc9=b(za0vXRv
zfP+8EW9_Npwm`-$&zW|<h5}<%mtvlo3j5HUX{M?+vTFTiLc}OC+TyJCs77hEK9H0g
zdAgpA4nlPJS*?#2C{@4cpvCHgZchOXKZN&y?i=9Q2Yb8-qh^qGG-_yu(JxqR&jNWG
zpq_V6ez1ah|2vSs0TfcL<s)f8p9lFMjb`=jt3FCF@^v4frUF9F%08CPb4QSaXmm{m
z4<^YiHV1*6P9qM?KatV*@gUa#3b~2#iHyO|1G$z)hvO2RPo;yq1LSW3A;-X<R<WRY
z(0};{xj3r*w24Niz-T!j9EXJYv@eZb1o<bxo*Z#lpXm`t=2%rb8EZCQ7I2iut9J%0
zM&!QYaMZ!g{}cW>7|bVH)&XbhR2^6bffKBf%}BNHA?;(ppmiq6t0cj(&WjmP;T-jS
znnh~RCpgRl2(B?)C!tg{-C>9~Acxy5i{Z2-Q-_;`;C3MIW6oM~!g*IX9SvxD@(djU
zmVUZeg<l?+SEc7wD|NAvXQ_8F$F;r<kAa*F@%S~cJ_Hix05Ey!4KbhPxW561Z8`6P
z+nNWPqrkKTU`+>cB9LE_*c-$JK+YpE4#YJ;t|GA`h&zDX2FOrYg6~8OUV|TM%XML(
z7p=t)K1+43gL=3Xj!%QQ4~CDy)x#8XD~Pv%yiQ_0h}fqH7r?p{L}wtK02#WEKMs>Y
zpauZo!)8S90^<XG2FHBMUq&CkfX!}T8VxA=2ME>WVEkT@3(hz&FR<Ks88Dv=n<K$^
z7{EFfL@SUB>2eW>QpO{47*kW>5Za|hbjWzz0lr)4knz|A<S7!2$NNCuA;EaKpCJr@
z4BbmS>OfV~RP~?_59H!87aT4WODTOg7zP7GdXAv<DKOoOHk7^q$f1A?-6ohy_<{#a
zR<jihHs_VP;P3fFR3ca&%j!%~D;pOf6Aa>yJyXkN8~r|_kCJHhK|#cU8eCmKbdnu3
zK)DL{Qb4x~<<p;IoD{-IVOE^r0M7~qE<T_~XZ=*Lz;IdM^4A)IeaUd`1T{o^qx{?Q
z!mv===7*u*Ps0%WXq;?<K>xP0bR25YoL->a<HluND&aqBY_0~|y~f`a%iyorGo&pl
zc+N02p<MV)CdZb;MF*rE(xZcO=4sjk$2UpLD=Weud&y1Vj0NlNMD(s`ei&Gi``X7M
z@ung{R4~~H?LZ%<8G^mb&e{hZ+Ok>3#{Y*w*kLRX7Bmc!u8@u_2nL$gO9bv{2nsyE
zoxst?#^2i@O#eS<mbUaSn`vy7hs8G4k==`T9U9Dz&l0;LfL`k>=vu6IQkR*<rgABZ
zD5tIQLR`%@N4?X)rV&d)Lnfm=eQqr5qqG8pd{*lMp!EyYbJgqvPe;i<5fHKgenHyb
z8$n)6qY8x`%77!8r$Igm2r5j<+a(Y-gbWYTlPG7FX+IF4or=Yi2g~Wn>u|c666wjq
z;>lMaKcf-X$sdtUFZDU<7a*yS&6k_JZo^P3<g*_2i;ED+PT;BrdnLfC1knpfHxgM8
zy8;;tP{|@Jus?33Svd@uq@_LK?nh}o!8H~9Qz)P#h(mzP0VG<uKwnBJuSDffJ<iVH
z$<(hSmq&x~sL18XKu!c?$fcdDWN(CNOD;|kRvd-m89NPJx{6=J>4gC4Dt-%OJqdOd
zzXx&`33e5a19_ALyNZ{A{29=$m+&7n{;~WHD3(ej?TIPH%`C-zvD2BKr@a)i=#JjT
zsIAbP5BEK19jNZ;%#|){au4>75u2@EW`f*hXZSBY<GTpW-vRh~os3d@V^nfVqbRqs
z3{m8bO<JUkS#B<z0fw*P@=HK9eTiJ!ISeIIKI`TR@y!1M6$F4o3wyGL49s4A3Q`3h
zmEQPSt>;u?9LANqfsHJZ<zO!ch^H;dy}{EAvJXIpDueY<Wz$M2pu0%{9SzG7fWk!!
z)ru+#oDOO#V9-Y69}0wgH<!pzWkj57J1fAk98kCn>W1|ER1hZvRLf$d*T6DZ9j;au
zUkHh<Fuo8F-i3&)_F1{^0C^jYsL8!Xj2;E~5RG2P0QLkidI#j&fKqnctyDb4XQ|_v
zF(;%4BiW_n{st^x04#RgWnW@W2T(oOf!~^QbPgSz=t_Ux8TOq3(vuGX(w_u7@8v+2
z0i+X;9DC|YI7TP_QYqNj&7KUF69LlAUJT>{66|K*0P-3McC#M=`2diid+Ed#_R9VV
z6BGk>lh2#rwPDCi`JxUz0|zO9_>?2)Q!PwuXhWZR0qFsV`f?fQMFqxIvl#i7qS<8#
z3vnr7JA!{Wz_d<Zn(VezgrSL+&)O}03tUR;v<DpQ29VZi29N_tuytAiWH|tL9e^5`
zYn>tt!z?Xro$H~Ix4r|{so+1E0zL+DF_4Q$yba=aK&}NOVr;6C_aJX3=0rwVuED$3
z9z&6v!1V_>x`$H!2!dOaPXbhug<*dqz|LWvb&!<xTYEwU+;C*~8u(wK0FLaw0`dh3
z7LM?1R7pURSr-ZOa~MJ(9}3EM3=IoPE!b-Sl6}2_^d!OT8v$eo63o6mf$R>DGBN|m
zG=MH5N1H$^6=7Q!kp<vA93Xx~L=pWE*{fi6EWi{EY4uMsLLGHCOU8AH;}H9y>@U<%
zb`--hG&k*h+22jc@S}pk(a@D}!MVi>^q}RY7;|>&HyOeQ@t9#+38o&#oMWM2kRkLa
z!w{SUf7|B5-_@9N^uf1MjCcM-WBv@xyJ~X|9;fAr8EM$*@hoHhDA<Fy46y-3**k_P
z`@kT650fyQ)&H{1%OEOo7r|V4Tx9dO;@)d6TC|>foAj9|*^l&WWwh##oUM9RvJpNP
zsecBbP|h_;vwIuJn*e*=0?x?2ox_YEW%ahD<Q|)=n-SI+`PHxNTg)Y;<URp`j{&6Q
za)bCKfXqpx#70g%6=8^=d?>M3QwU4!dvNm(g>Zfn5pAXETUdP!kdm7C29*M!OX?*i
zkV-|ESyoU{W5z?^<p7Z#5pA-&!Kw?ul+>mpjX?JG!*Dd(+B<ZjMK?WKReSeD*KT#h
zwM&0wCs`J=c1MDibJNYz>$c@`Sglf0UG1|2^;qMnJI!Fz^rXnK;XFp<u4mu8Lwpqm
zDBZZVB5zOP91**$9oSW^A5K(FG0MzbOm&!r<yxVcwAyzlg5pdoc7|KEK=xthg=_Sj
zeY$ZuC$<b&Uy)L`8zef#MM5C8$yD4$m@q{u?yZ@48p*MRi32V&*-gTP14DK%GU3WV
z#~z^Bc^b)UC>;r7HdC?rpgNO^&Fl-bmqwd`4$^2ppd&QeALuxu<y^M$I%S6ljuRJN
zW0vNsj;E2lN)gXyp5iOp#8<Y7uWS=vDdM%vYLThxE~A`6k;7pq<rKEbDQuHdC~~yp
zV&nKhoFwuR;&^A{IML=fA&#|+ly)(djm}*r)AwXV@L8?H*cJAN)lihW!GQP(5PJX_
z3y?lEa%8KW*iu#`*TcgMap^<ng707eIt6<1lJTMq3uuQAMe}92OwhLkebG~bH;e;Y
zMObdLy*67*A2}sh1|OCJq|-ea$S(m!>~vL=^^-~><6+L_)PB;u8iw5&4189r^rn@@
z*isRO!YQBC)jo|rvp2mO9$iV#*qh??Fn)U(hizD{E$SGnW<MKo*f}i6(XC8cs@oy*
zR)Dlrj{tdyez1>~f!Bzf7keQfXr0E@ftRh*3*dW>4%s?IL|Y581y*kXGIS?R)R&+>
z2beZ$kDTNP+q#YNzD1P=hz}9b=0gdriU83-3x}dybOy=_CShc%pLKZ-BW4boWA*e`
ze`UKz&${%7LHjdD=GOFJ6l_vkpE*kWyE8}FiP@erM?A?<7o9mG@!vXg#G7h!XO2jW
zOp9v5y+E^eT2vE=x1BlS36}puXO4KBDR<^*BYgc&&m7f4!1kUw3OM~LEeldxpE;82
z2mkGvqr`vV%uzYd9C=^BU-fU!9A%<2M_HCKbLOam`>mCEXO5CvA2$k^Rpz)+6?YU_
zrndXI5et(|33A*>j&?CYB?u^*JP}syyKf=**iocPNGLmsq3kGzvZEO49mRsR=*<(O
z5cJt#6Qxv-nX3vehlSJ+DvrqEJdc>N$y|6h2LW!9xb-_2$MGtc+q4JBnhvvYgH!0!
z3XJAtFDYj;8RclNU~;sV7I8V+D-P^&plhkRu*|GujfVk0+?0C`j9btW^a0e-*NDfC
zklgA{5SxfbBDM)k`-6KbAjb89!-32taW9CIft(0X_4M$pXyNS3I{4-$#k*EmUkGTp
z1RS*JcqtHj?O{b%8g{1JI{1Z?I96XD%ZF=mBf#}h;9+^6w!{)0Y|%$_x+~A6HbM~8
zYiJhPsCBU|RVZ3lADKq2Ca+O@9*tT`w61>Is1@ZMq)cwzsOf{0PTN6BC;uR&Q<l0J
z!PEySo&1B8PX0kkr!qMYY`Rf%YK72^nv;K!(#bza>Es`zbn*{UI!zVFK$>pUoTe@$
zOrv%r(5O)(ZW=YGTfrTmbff0vAEb181k^Ip2PvKWgOpDGK}x5$u<3)8PM?CW;YJ^%
zboz$(K(ubuoPq9Y5V}!w@()rv`3EVT!HHubKp&)ZhGaIujc(MOp}~!?(FZA=VdCkA
z=pbdWXnvN$J|ia{h?PW|p98fqG(U#|Q&NpO0}GhnDdn?%kjKy-?R?r%9a{`zIH1q7
zF0)}!7HNL!6)ZXHf-?`~wU^_^TZo_XiXds4R-Oj1d00Rn=XB%ify;4DH&N4w!i-vM
zj&ssRALsO*d52uoQ}Q;3p8+SaOnI9m-ugJF_pBs#R#lQA6qPW!0K~oxbaakW>nWkH
zrk;{H<7qP@=7gs|0AV0VOwroz2)v4|ZS@dfG0|>u)0Y9q1*Di>WJ-uDi&x0FSsfl%
zUfVF*E!K<J2z8Bii^W@HT%+A$@fsO7(r&T2;uaI_7PlCc5Gn^0S>iJtltt|pw^Rtr
z;#D$knGm+cOF`W7vc2KNv3Qw`TOkK?U5mHLxRvp#un8<)C*xL0XtNgYlW~o9i^U6N
zT%+A$@kSZfXt!9rQpPpfEf(*TaXVBn^IDim)Nb(@P&o-z!;rg;HCG`PsjWLBk5#Ng
zxzlX35s+TU=~uOc5tBo&PX3`+XMot?&?}n)n@(-!rj$(90LdB@tqs6ybuZ+MiSfes
zxb#AC>4oCb3&nLWRL8f%Vj<r3fUr^Uw!WnW$~edQ6x<JnQeI@YTK|xzL3MnBy--X#
zr-w|VdIfCwK?(Ut)xZwvK{Vg@0-%&UfCo^v0Dm3O$vKC^c{CdGi$-Rl%7m=8$?p(x
zK*3=uE8DySK{NvzcQQ^=2ou$*5-4R$v0GN1z}2F0l}+G+@VKf=$i`0R-3>S6j_)pb
z&K7=<Ynii|nPNR`9gx?;|F}o=1_x_(`@13XkIKjLT6kwVSp9!DY~@ot+i_I>KBPcy
z*h=ERHEiYJFgI)^VUEf_1~fV<PrPl|T7Y0~d)R7$Z#$04lPz~tekF+9QTbAc&J9~P
z!)7~%tvunLJ1XBD0&>GvK7x@uDo;;0sMxD0k=0fq4~&}|JRAiZ?@Jiq*nG^ivl*B<
z#rW~fvH4!Wqhs?tT>|I2oposAn<4Cca+zcEN0Tc$Hc#Jk$L1Mj9GfRY0WFk6cg_&}
zZ1WxwY2?|AnPc+~hnM=;{PlFB+mayHYM4t#JZ77@X+%!UvwTHESRQ`UjmOp}=4q2v
z4hxn;2@ZoOC+3;B(TVvg;3fZ%L1vl^2bro=2C@9C)+@kKdME~J%^c@OC+1^?`@wd9
z)YYkgaxz6u?Fh;3`@||LZUn<Ta2^7{CZJhllE9f0^Td_f2U>xwyVv39xV~_*kEy%6
z)ze;oYjI2~_{phFyxO|esm-A6)TX(3GMowt@gLqysI0T)G~m{$aO7;M97f63QXvl9
z1$dy+2jMScs{bXxoh$GYH`Sj5g6O6UTB?{)s2`80=Bht!ayMm=$la7dP3K(oC($Kl
z6zUno+)WuIayMnn0Fk>XgGBD8j1maQReusAvodQ<1I^l5nY9vctNs%}ZM*unAZFW9
z{mGWA{<niz7BdR<lOZ}+{VPG_sy}0syD5Va$la8|T9d2(^WY{|{rTWcuKLr{4bib%
zXAr2cCw?%r%9tuY2Bf?s8aGw`AQ;5VO&PBOM}09>o;Gn)<*z1}sq#0G3xwR1K_7Ef
zp3%h6iVPktltXvU5%`H70@6b(^C(X4c0N%iF8Ba^1bNibQ_fewWmF~4OPiypx&aV<
zNOKl7WX@G{_R6vqRej855lVAehLl*#=)=+mRiA~*p;L!JEtmmzCaiu@Q-%8hukl@$
zW6WO92bGX<Lqf(42^lve^td5K9Y$YH1>XcdiMlBBs#JHL?zo2e`Z8_ghm@Y;zD6^W
z%9+6**0_|+c;z_X50SM;OgZH2Pzs5GpDMEOUoUQ9$}ifj#bpra==~#AefPC6J{e8Q
z@c>*4wOG{;VBz~6$g2TpI`l^e?H{qhn2A$zt6G9L?A#h*<RUjetMxhUMRf;y@g!tD
z8hKIOg<iZ3@~`w_C*zb3+IzvbTCh}EGz1ZeGa@TY<GKMjKdZG7%^e~V?@3?0?{ULw
z<V$=Ied!0Io&X;gy~OuoYVHea5}=Nn7*;YyxyOJ$3Q*4#futN#x7Y60fJ>2+1+>2i
zc4q=QPJnmsm_S%L1RVUVf|`=^jirsqB(FBaTkv*024RSu)fX2AL$*rZo@e>6vBZUo
zoOman&a>Mrc4GX!F=i2R5E9-%%m;6fN_f!*IzM>04H^!e0+XU;hG!|dsP4v$#Z)z3
zg>k#(L0eCM>;w5(t&Cu2ERlGUZP2V~`V_48JX{R(Cf2LjvwY}Vs)Nk?cQrlBEqOgl
zHI_3<rDquofpYtD`<psz&DAWda0$~la8zi|#!uSx4ezk0G>5HdseIEnaGfOAH_#^6
zH;~Bn4O}M4^$jGt_@-~5x4FK7M6Pe(5Iom6kjV87T+Ye$4J1aEN#Af9(5zi1eFO2f
zzTpK>+wL1UN8FCSfo!?HVHBh-^G)CI3W!|az&T^CZ(wY4eFGzq>l+@0v|Qit5!~eZ
zhHqe#>l^6l23#kthlZac56txpb#m~^!NIF?u+;P56^QO6P$rnsU4X`jWK_Z&yyE!D
zW0*!qb}8Mc?cGKPw3A0WgQ>t8ItHCu9NfQiHi&XrbLbDOk!ubx9z&Nf#{D~FP#yz(
z1wed`sm^p8-UEXsE+>FEVGj9Jg7@#7W1ULggz4s<18%>BpS0=bJ_YWZZjMJUa^0Lw
zo3!cXnqlLcZf-caKu9;ou;jWq=2%vBA%iS$;IJ)F`=8*+^=NY7$=o;V9R_QH#01L)
zJc`m)4#OM)%yev}GO}eVn|>`|sWW%3c4zm->JfEs)8Ltsmu4}t9RWOd7ZhzUEoQyI
z&9C@j*rmT=*^nTB`*q+IJjc;m%L$$&b{x%G4^_cq9G8^*2!@`Y<HvFfa9H4$MsOLv
zLEsZPt5h$#u{^&Cf1y+Nq~T)H{GyF3v-Zb?@-tip0MnzIDYG9M{;+}>8ai*7!w8v)
zFie!Pg$SLOjA11;<>S}UHRGZxsrnw?o1?Rzz)?91BPaeLf0RwR*#}@zMT>WH7TK3!
zRzkBMa%R2Hg&8gs{ndH8pL-Fu{BWl&TFexisy&l?!QfBmCN=?*bMe$YWxNC84I0c-
z6G9s7@B<dc0DYb@vi64|zt_>yC%Gj(InGEN0-o7`R9DQu_DL|oR)bs#h?ksSBTimG
z0DlW-P=9DkA=S6WSVJZBA#Llfy=zrW6?8QgjBI;1s_;p)?@{#ZE9#+n5=YdEh!wvC
zyEEbO=>T~Ds0lg6bOlp;Q3Yf3Lf76(Rn0;=wlEpKHyzR`5)nyBAN|y!s-+9__6qpa
z3TUPxy)`7k2F6*tX{99fP)X{CVEq6f32lm@jZFOKL2Uv^Tp|ygvk`-#FETE~BrflP
z=^X&#(%Hm?h37*Z7wnR%crRnlLKH*D5D_Z0RQEIH)l&@;pKlOmMxQp$f~Cg173Ope
zsj6xj;$O@7&o}WugQ37@weoNh;$Pd9$PWnJSAc%ZeXF(~v%l`2@E;&)P%mjP2;=|&
zN>}$R(`^qBqXCixkstPPh<N?W2wM>`NrEL{S`0u`Z!$q)RKL~{$SX}XZyIaHujaEn
zLfQ1O|8=Yy<+0JmrW<AAvszDJgm|@6xy1Mk_;ws%z!byD;&TXi+Lw`mGxNM?Z>0u_
zl19Nc1}-h9GZd**G@3-f<g;2?t_RDJ@>C`371f2!^qDQ7GgRwm5QpL++;Nbz0C&#l
z3+LvULC!ysaM8B|7D>&8b4kvb?aA5Uurqfkn8h!-Lm@3QWqV7&%=b7|-cs3@Vm!{2
zw;V`kfyzw4Uvy91Xy9i9qD!N=uXIHl?b0qA6v#bwF963p3-?eR2dq%m=Fv}*9meP<
z$)N1t;AacK+*5~}jL=Uq?~7&G9sT6BAdp$nJ#}Pmf8oM*+&54fq7`(?<PP>JNJpO+
z9{F?dqXK#s(ohm2<RwXEY-Vxw1><{wX)#dv<inL<i;jY2Z#vls$4>$(W*IKr=cD5K
zJ%qSEyn^S#biO^DjFvr4H~Ci5U}WO&%B}Kka&{O@O|~WVS_cPCX00PdyxgpH1gk-$
z^Kvk)bC41OC6{=b9Q5g|mBy?J*b149zw6rQ6zwX5DjDg#4qWf9aB5c_jdaKkW8@$i
zlz%gRJ_3lyn5vPHPJndi5RG(hC7-Hg4r1VQDw+S|91M3v4!WgsnIkjL=8uZgpDfX^
zGwi*q#r`bX%MYV#@5G<;Xhu@S8Rz(F{A6huj)cS5Dj8$kP9_mt#{z>AKo{0GFm@!<
zhqH7zn6O#S%wGd7z(u)aDL7Jv{I8!uXK^u84J{z-*~Ly_Gmt&XY&gZv?H*kiG*!4C
z49D~^hGVp0N3+#SS<V5*&TgUuN49#!LbiH|sZI=WRQ7&F6MR;y%X{#?M!EbH;64kY
z=0_AAK<qCdb^tOAQ1mwtMepOMk#dePWq6(z!{~p7mZzBRiz!hYPlUtqltjme0hvdF
zLRJAe8qk^Pb&?TgMF=7zpOqMxU{d@cVu%n_6Zx_`!Be*$ESE#rr2v&+GCg1%*bx#r
zC^&--_@>CsV7?LH?gC;1ko!ms2eA>z(*Rr@2I`f_?+A%R72Qu!NwB;I=D*NE)1`)a
z3}W?XSeyGsN+P#xMYNg6>8^+AE?d-+BaFMta`rHNnFOl!KhhQ!Y;mnX@^;f0^lX5&
z`JR}ZYs5_pU~aUIwSXgPjfr!B7PZDZ0zb5kj?pd|q@*ri3LMh`b8Bcis>@`D@z32F
znvuHvD41}soSwBT0)g@#)#V#N{Ks{<kagMIEcC8PrG6rpg?BxYs7PvCGtuvm3Euz$
z4nHOSab=-d1Ms@^1XH0Ss4_tD^>E-^P@`o<2u4owS&4-E3>XdqC!V@fQcG}OEZ&*}
zaUX2f0yz_aR)LW&F}0CiIDdw*w@@|7|B<Q}4ROkA0RL6Uv{#&eGjn@pEtQhY-E1;<
zzr4&{vd`Anl}DF_Qk2>8kZY!xfwB~rQf`#FhL$T~V@tr0VTbEsVtN&bwu@n<!-a9)
z#js>hF3aX^01*_!)q!9NpN4^SxFAkg2Euf>AWtRpc3h#}{@V0XPF_qFSDOr3Aaa?-
ze@6u?)4eEBYqGq}Aenm|lK-~=KbN`pfVvwH=Q)fl)949MkCBJxXe(&)GN?b3huW?k
zXz~uIw*lqV$dnN#1XhIPibOK;Ci2x938wGC{Vl*61R`bOnni%s6GRsvodGKGK0-Ss
z5*8scXo8nk#<8+s9}Lz3bnAkc1!N`(E@vzPvJg-)5jJz9ayq&J#p^oz6sE*VSgZlZ
zDmqyV;w&I%kT?Xy9YAg)F%85cKpp~A(tXv*FnJNw^8f^t9;}Q!h>$pJ_&GRsNsqRG
z_bq^U^f{1ENzfw~3N$uAJSqZ$^&?eHKk&s^T570y?5r<#n7&D^d%O_l4)e`f-=BGq
z)Vjw+Rfqh#v>V*8E3}&glb(%Sj`VE8A7g>9rQWVvsqbQU<^z@6*d6EuyOq6|?#|3+
zpmHO-GqWF1xs$z)iokBQy#CZSa4sy22G0L9)$$0WT=Z?2l52DSci@b=tM@ue=b)*E
z%F<{g69>HiZs5$t3{-ovpK6NVHV4klC{Mir6=xf+VGzF6z?thmY)%g@iuU^JOVBky
z^htU7)`+*!d|B1)51XIg>(9RyU-tU{?X~#-A5l@&*Wy!CG1}`V-nO9o|7R7|Xn&sz
zy4$)I-w6=apT8DA+TU*=*MC7pHSbz{=Rn91MS*Sa@3+F55bf_@1HA28e6zpbb|ZeY
zzt617-{1dFR8&QWz@Y@^3)T)%>qMQ1_V=lxT5>#xQf?t<15s6qnt7|0OSPr^iLC4h
zY1_XK%Z>-b6x7AZ08A>)0>mx!w?Z#K5XXoee5{YR7e~XJp{71w)<Apx-Po=^wpST9
z108P^So7=S_B~VazxDBdRApT1BSx41gU?hH9FBrk$ilAvjmr2opQ$L~u0-)V$S}Hl
zZS~PS5${QD(p_80e^X_AoAt4j8{p^wS;AXQ*Vd>j2FATtpavy5Xl<aqH95K9u-U2y
zO|8B4YZY4eW)W)QLO}U%V0DcVV?{_?-L0s&4Ge3*xk~D;O|g*zj#OZyfTJsLh+!`)
zaIaE`miftaQ-SYjFk!^sJSbBpq(c=w1yA2cnP|q1aw9XlfWgyOQ+oR5L-V|0IGJ7t
zp1v2)(>H#FTuO+PH;x1Do`|2M>}omjb--iX)p8Ow-0gz(@9>kQxu?}Q3TTj!y(JwO
zqm!v~Fw)=o3!T1+pQPENJqXgGJz84k^mn=-xpI57w8`z!lF04R-U*^EI(0%Kr@zBk
z=Jsew<o0L}0Fm3HC6U{sJpx2-kCw#9LfNBb;$-bY*`p=i)}?dOvF$zDnc&-wJzBEm
z_Gs@zYUK2HxY@VbG8bY}M<usM%h=@hXc>Xr9xbPgxjoulARxC#%dE=n(bCfmP*{V|
zkU3E0-U5>>)uWTrIeX9C09-V2pyYfvaIJ|0C1<+LDLFI1SyfF2hZf4EJ6Dvg^<|7G
zl+<qa^hJI}@4%Xn8USWbxt{{BVPha#IUQKhne);1<2+bzTf2rfS>-azU1o_(?~9li
zjJAkJ<Tyd}d0%6!tH)G35VS)?`Mh^A)-N0eoU8U?>Il}2_U?%=to6q{=qSHI+)|m?
zVG;>zTKQL?0r94b9T%gt1Y*ji7ycT|yMl#czlHYKz))6z94Z^9RWbE|<6(+Ud<U0=
zg|`WF;O6`&z5#;<Z{Nfw%HvzqiJfKfwl`TMEE3qdi#fIk#q|TG5qcL+_*tzAjY&zD
z!M19kn9I@r{2EZQc@Uo0q>M*E-47_m<&lXPgZ@6KzX8gi%94;(SZD3}RrP=B0ACVm
zauhn4!UM|YsH9I1oV7QsDy6D<N_3Wo!)`Djc*_K*7$JTeKy{N9_}$wYq2gZ{OU5|J
zUZ_`tK0$KSV#AS&E;~}uh3r~8#e#~;zE&R<uQj|(*I=X}9tJT*JH+u5x(piNGIS=q
zS%)Cw3nmy==H(LOM_+I<dMcQ1Y)^vi`T2r8YzSZjC^*tEuo(T`Fv#oOI*hz9C%)3~
zFlg};^N8SVLvSYje$F)x+Zb~OiV4#P%Vca#r4ZLE#gjbj48AUlMsp{Y=-JgX4H7N+
zxn{pe8<VrEpC8TTYf{T-?te9@&E3S*yv;SmD?$9<(WH(ZAX5l|Xi{Tjm#;}}V=wn#
zXi`TfR(g@k%(SQxy}g>$1xJIqkZGZ8y0fVhy6p$Z*29KiW?DAKE_!5lJ>6`rNga*s
z9;0R6$S#TU9X0s>PLtYZk7HAU%^+@5le+XCwuX9S_gho98cjv9T7L`Ql836Mw=DQN
zIk`*?q)9ZY^F*V123oFZfO0CyMI!77$&Ko~iVDuO7J&0`0K!BC>&mKpz3OT`FJrK=
zDhOarURr@gI~mrkH#K=n1MT%UVgKCvmf2Hqw7Q$wPWX>k@m(r&;=c7wCNbL9c`k#G
z-k*)JikUmpHyQ&*i66R<5N8b;@>dY@P7?CROvop7)J*)n10j!dK<et}wF5mO4fHUy
zQO817s7j5}9y@I5x>GVB^a{5yTc`=+l@!tvx;S|H&?`%=MX2?F(5ny|Js?CLkWCK=
zy~^ZBu;~GzS1Ux9kV<=AM|sp*4+y<ZLg)dZ*O(a(0eV2_brwPo2)(8XUe>4wgkDn@
z5+kc+K)5^5tX(YwLgHpX=yfYNACw*tdif{zydFUx6ahUT^zu*adHE;yyxzj5TOqGc
z!7FgHETqz&*EhTvqV<5#8|cmep$CNCAc>705PB^V0X-n}1}CONfF2NfLozqPjUEts
zLxZ)j(E~znn0UGY&mPGQ>77MU&xN912%aV?>VfD^0<j*5p9-J_L^7(>DC%)r(d`ZM
zWFvmMbPcjh)lm_nuaeEc<I{M`>>sJou#0c00lqm+?S)dKPj@JIT#iXnGV_SVxzrwV
z<`GNOe2+epWkA2UPMegpZ~ik+kc;|s{>JbH;3SqQf0M*Z4_5tWB{8$Aj0_GlL%DS4
zo{yjSB^3zE7gGAV6=9eY1k-%3+QbHfm@Ww%+ZDHM%n*^v4}!zJez3PH$vi)~3*}kO
zBo-uJr&#hF;Y}e=2#3L<I3umBKOxq^Vj)~r7#!wu)hD(mTrSi;)&o7#r*P$$2g^Lp
zEUk@{e6$hKmBjM&UhpQcuBE)?<s`DIuzab@;X>>JupCwR4;aRd1$vCWmfEii4t3t6
zyd@N|B*x$=YhMy8V)Q6bxE1?2FO312bsde5PfAi*kJFnIga~kT;u^OnSYpM9*)M%c
zjLii1uhOi(3f`=ArcuNj_haC+Dy~IbPI;^2v<P$nPK?o`Ebfr@#$f*dUZ3ooOm}-T
z#ZC!XG?dkY#Hqn(;1ayko!^tEmd0lo*<UhvXKEhnOnP)yiebT1c?;*_wR;5cWN7!z
z3j}S3(_=kJs9WIhBu^sqS2#P(JBYj=z;vz0pr|YhS{y}B3j6})uMTE~V?kRl)0=~(
zY$)q22H@cAXt;2#)ePFfl_UadC$gRGGR#>O--9V~jzfWk!Ef!w_>bKQj^D*s5`7=&
zb#dNCugYlPP=<2JR(4@TJA&yV%#gUp<0o}LLU3Vl?OVXD+v(@^?%u$$pGD$^1S@S|
zUBqzSD1ko7+JWJ`DSQ`fXQ`Si@Ymga2ft{rd69mgCvDjz#`gqC0ZiITf%o8~t)>82
zN{*q%(o2EMG1OS5gt(GpsIjcBgdyh!vHWAGvHWAGvHWAGvFI48TSfVD3^i8V39XkL
zLyeXA%o8QYP-CS+=wqm{G9mOa)L400cR10<P-7JmWqk}aRvD*?oj!&dtCG;_W2mwG
zW2mwGW2mwGW2mwGW2mtX6$=p@+{UQ~JV^#ruBGnDkjENpjzKKqTpDo)m9y0h^qNbO
zJx8DiLVmf|Y_p4#fsog)svBb%@?446KVUu3inrbXvBAuj9i2-FE(?ORwrt-ekC0uL
z1NZB~g77II)*tIJyDZGGIYv-ELiZXLIk&?m{RQx(bjhK!aAPCwRr)qu$e+rvp$wfv
zBEvo@7<Qy*p)(^g+z99CH2nyj5s{(7@!)i&Hmoy-y*Sy$E!(?e9wka`<)UqSAT{@-
zBq!cts7j>@FQX}cluIdz&JY+@iq$zet3-mP9mMq7Hq!%8roAg9Mvv2!7040n84<|(
z;j*YF%)Q+7{WEeB(d;s*PQ1bZm5cl$jQJ!$+Fn|@1n2+$blE}cMSJmy@l)lzq&wJw
zh7z}O(Inm@NB1tqY~Sh;+x?;%a3k&DGe4`f3|fhOeu;=#J<6H>XJK4<5}@y_BbULf
zC&fJo`d&b~1NeGLy~h0YSl&d@TS~dJ_Nrqm=BnP(U3>)2HvtukRB!2bJK;cX1E9m=
znW|3_Qv$A6)^g0%H#q^J=m*QbfC{L@_HCrePM}5tYR^I$Xcj-Ff}99w?#;j+V!iuo
z9hJ)C5QDQ!ysRD_@is}(<Tw@}h!&j#%j4l{4FDd!0`hain?sP{@>!#5&x6CvJ778+
z{AU4*J_T_lkaZMLc^RmKjK}sccrY>h4xKy*^IO1i6CiUZh(~}tK;n83TY$U;D4~m@
zr(yCXsLufy<6dim!_4C)SXhN{*Pew7dFyU4Hs0+9VWu}|7R=ebhmA4I$_Qhu*A}ii
zR(a1GTb8uB+P1C6$gE!<RPz3o$9Q(c7}cVD#$hJn&q3myn$cN%(@L=5zGDcpp={{w
zZkSj>Ue!#pDuP>tFFZCzuBC|dMTU!&>-(+!RNj5Y`dC<_6J?sTg<W}1<hdRaSw|sO
zUQ{v|gz4J4eGrg%{XaA^uyC`~@T@?<?2C1&qR;0=qN8?3d8Njh;l3@h&iPzlYpmJG
zc-`}eHzM9PQ3H)NbMGs$=0Z%}P-EOM+8~o4D_17efZwBUwTe^LaFn9r#d8k^QNea#
zU@@x&^qE<d2g$rDn~Ek{ENJ|!)<fW|WudaN6|C4$DjqDl$=f<q6{#Du-FH~<&4vMK
z)sfeo6|$RPl`5XEoWjneilKku6!y|+GtfaqtEhD06w6RvbqvuKxitRKICaITW{PR1
zp=_64GSk8(;N^$6UOT}!^ep87hV=m<)jwjiW2j)IvAxr%{zRqvH-WVgfV)8{^!;e^
zSqcWEq=;;ReSbg+4T~suBB(t9^)XXDMlw%}4Z-4ZJ$ymNNO`U{<}4SF7;_e<zIptw
z=J5~C<Nu<KzhPt^zmd&|U++K`Cd13{WS-U@d(TXUPeOR3596Y(lpMC9Jr=Tg&HTqo
zTcX95Jq~UQmgA6$m+5#S@Iq?htOpda1H(A;Li`o)$dc%m&^&aOneMpcG;(+)c);W4
zPC$`QeAmJGP3lYFE+y+9s`!YCoAUV3M9~SR9*luGKdW^bN^X2-BuQjtM@XS&QC3N8
z5;EMH0jBxL#CZT~9}uSkIT@g07O1O?Xe&bWXao*R9jhZ4t_JHmx-A2-0m!{1xP0^~
zkj;Sjp?PxrNDeYbKB#VS(a5?GOkaTeGde#VL>PmL8o=WEe<hG|63aj|1L*@OyAs4s
zKt=*ojNaUDf}2Co^Js6Nv_&r_fpr2vyqE)IHVJyM6v&Yz=*1a8P6L$F3w$15@<^{R
z(ourt!@?DU9_tOB$jXk8T#uQxEnW<B8KhkTfGj@Z;qPN)b<W9Ra#tLAI9i@ibouTE
z_w9hnWrp<yu;Pv<eT`G-tT4sKm)ozQ%89KFXFUUB6w1bf|K}9S64alz$FPVvP$e7F
zg{4bXod+dzyQWCA$(WwBtLaHQ2W#pzqL-$s|BHHMHSP4uSi)Iht7?(vqi4A42@}nN
zF{m6(Sg@J|uvSNWy~%eT_%<89!E@U2-HqT<-cI1t@6LBFMXiG`4|T+k`M!bxqvaIp
zOA&^_1`k~EDeF{_-U(Ew&kIZjn$gQ+Sve};ZV8wY@w}q~@%*C#u`?*jY`wDX8@-lD
zB}UIMj6RFe-6>qnmLM$K8SJ>|)Eu=dI**rKR;C!XzXJ4$^5ToZ>z!svAfcMBJO)R8
zRLRwpGgNk)_HV6$In>MLm(4+c8zn~`|E=8>hOeVky$ry~Q#Et|EiD}V{SGF<A~jrg
zn>xav1`y0qBZA$*u>*)<fKt|#HO2?)RwS)8D|QcC5^k034vz5v>mm@-fb2)&Ob{!8
zEC-a)N%@U1IUUrg0F3%6b6q4eLeSyMcd%%bi}+Ts{~93TuLJU15)^+Akh=kLorbDB
z!U*FLetklV&nhfN34h4gJVn{D1MpMLjAj%)rj5tsz!DRFYtCkxHY90ZY@F=^oS)UY
z8+?^CZICp55uQH*V45~anr3mj!UY5iad3MlxET#%2O7*#eI-q2f%pX=L0SEb4|arP
z#UohQKCCSs7hMhJ6#(mC5a$Cqm&7kX+yLY{fa=i4$oVUrbHPduS{?glok)}GbPq9v
zs-0wb!Q)&hm+j(jZ!FfHf|%QhlAYklSpgv~+JQt5!JuxM7(fdb`+12Sh^g2b@YFYO
zz~dB_veY`RjCY8-dc31i8SfD7XvRD274d8kfR%SteY6Na)>PiVbrc5qIq$&jTZGpu
zCGP8(@Y#K{b0}MD#qNui*K)IunrLGQKt8M0mu*zHl5Ec-88-ofrwtnt1lr7!LckD0
z3F^~8Tv>IWV}hE{owkVl{3k*6wzXdnW0&o-wmX$6YUCaQklkb)a%JgrCFD^^a-DbU
zXW)yk*n$&;ZW;0K5a6!>yq#G^?Dls^JS!G%ftigX6RI@C&3*tIRbBN5(hNwFD}{Yb
zwKJ%l09b8!)x>=g2$czT$8VN5@Y;!-I&n^!SX7A%n4fmaC=H(mA<WN58!V+?EI!&K
zQgdD+t(diSewrtCT`v88F%F)Z?G?8N2E^Zrfo@*|Ub16e%ng}-u1>$>VJsJBsl@F}
zKTp!{brTzeK|a)81TZP-=amsZ5Ye6n@RrP-tvYhdb}Xo)X>u@3dT~g2A*gc!DGr<>
zk#++jWCh_4Ftd-w&#mCN5nwL_@f?tiBn}4g8IX@iOb1aA$IKUyru)osFlhi)2S7@H
zX2N?oLt7x~9fj<4?KWlZ_NnhckvpfxElS))k{^*0H+^J&ywed8l0ti$$&Yb)`B5_4
z-D;CMrVFjv{xsW|{%jV6vNX%9%e2=?KOdwe)!DrrhE+E0*U^xr=U@M*fC?d2N^<K9
z6MLz%blN%)!4IJcVWl!O9EnsK3W($ANmj;6GeP|VkoeBH{Q+#49k5kX$&yQShsY3i
zfhbs5{bXv7+ck{-f-R2`rMer|sbE!UnIp!MQ9x+s@CP3zS`1LEl$P*Bm6#-cp;Oc@
zTxODZd0rCVg(NlyOwB&xw%digCSevl@FiV?*-J1w)J;N96VMU{2A|dX0e&Ts+!Vv~
zOC-k{CKAmfZhIa}Yb<;nW;~&wt^h|Xz{YiS>KPzU0TSd&;-IX09n`A;G!P?<hs;cs
z{+De*rd?Yw*(A*UjZxXV$t29WyoA{aYy9mK#+1EnZm{Mznez}H(_{|kYiuzoM59b_
z>lj>oRx9!a>Qzt~Ofz}DN36aExKt=Cqe&SeTm)dL3Zzu^0o4nTpwm5!Kx-|NFrI`K
zpt48dXGd@h2iSu_>;q(P5`94&4&+ckl1@_NVX_j`3II}YhLOkKMP=A^+J!&Uw&rSg
zRuZ<@G_tceW<gl*?~Kk$D)oaVVIRv&*l&@r?e+RYU8&6oG#>1R0JNX&CZ=KN?VMtz
z7QxD8A0;QKR5Gtvo<vhAmZ^K#(&}VCFh5q{uv$MwY|~Oz<n+<Si2VfsDI+GG?*M%Z
zAj{Wvt)x#U_S(q>LlMC_MxeTj$sQz|V22elJfQ{$PXMg3AT|Se8Bj<rZ-1D)59&Pt
z1}8Sim64bTiAI-U*=kDUK=C`Ue*>_pK_rqm!UV92KvV)L2Y6f&>JFqUK*booOO0SF
zLQ?ROUpjm$3hEGWw*Vxl<ACe}kWlUiWM6<Pik!1w`x^|3Wum7_ZZh(j6RK3Q3ci*x
z;VV^nez9R_aLT7J*E1C6&iE8c-+*hNj?}NDtBS4aZzAU?A&!JKCAq6UL1<XaMxyBq
zrI@{FirGhb#ccDOt^1C+E@rV@Uv7GlSgtQO{YipxmZD`k@fD!8=jjLA20?e2l+bNC
zi`E$knTw)T$m)9(l5sJ>XRqEstFu9!0dU!;_hO%ZJ*aDG!ajX4`}8M3@o2e!47Mmn
zQO<jy-UejOg@}8jV)HsnUo4ce@-!19h3q6e45AT8JqgZ(b^<bz#4R8u0hvJJS`f2<
zOee7p#EC$D3CL1%!HY1t2-F3D;0+MgesbrywJ%nXo;88sKvoq6Gx1w|6f`C6?z+9O
z=PSuR8v||0Jv$l=*faYn84cJo`>S#6kL{TQ)FdJv3qw!lu(t?rJ%~GRQH$zLOO!N(
zftkLbYt(4JZ!$d=tpI`RgoC%v^#8d5!;@_#<2jQ+y1cSv=zdVvG44W=-U5h!Y`8cI
zV8g)0!(cp?=0gk;g1SyYUFU6%2@+o$hcYI}rA$$`C}o^7z0OdRmoo4DUrd=7+EV6+
zpGg@RM!k(xd4nla$>)ghwM&^@w<Bd5j6<C=<4u{l6Dgx-Mx`cYM(3r>ghRIO=si9I
z?_7~($=hb9FTK5K8+Z)X^!A%|JV(Q%$poZrG*pSe#M$k*MPw+%^d}8S40#yk!>wUW
z?+LmqAW7axg54isMNLNwpzId>i~+}JfZZF!R3LkiU^nzjAjbnzbdnwklk-8H3qXfH
zBtL1g`Rz2?=v-@?YoVoq)^n(+d;b=4SOp*M9<{qYO>*v^mz-}SIYqt8)9PLA$57_r
zdvxY~3PNTy)sn<xo3cpxF+OK`M+1ERD0>=yV(jXX=EH%X3-AZxN2Sa)$(IASnXc&<
z9>alhUnC4OQ9cFc{H)eH5QU6%>V7f(xD#n}BOuEwuPwih751;7UjhVN`V8r!EQ5Rk
z1Z<)T7=ZDhb_U2s`aB@B0fmo)_ZZ`+6(LdgYZauH!`}Hjeog`RNdV_H5ElWtfCSsz
z^+2ux6nzZhZXkC8u(DyKGUD#(hFD4BiaeX*I}O1RdWr6@RVmYzAuD5o;p`<=yG-sg
zCXR>PC*rZO)(EC<L@LbSP7)etvUTnc>50-Nz3xbp`-}5({~vR=u1xLK5@p`(d@Gv}
zCgZ&=Qf+*W>i%dV(6*p`7ffUPiLC4h$t`HdLjMskJdc$66Cl_KVhfPBm~<-S)|Kt*
zo+&;bs1){uL@s7Vu2JMZ%0+G;6S-6JA~$W`&qPj^2b?boxxn3idf<JaBgfAEnV*kb
zWMxOl){(=>7WL04as?nVfbERj9^hoXy{cE#K^$r#cXM9kp8ZMW+BbbZM@j8-E-+P+
z?IfE)QR;`nzHSEDqP=LM+|~?oS;wV@fb@mE5Q}aAcTZIAI@*l`wKE`rZL^$ndmRFb
zHZX*lJrq9&f@222ZU(Ug$N~~*=G8hNmjRM=k{S(@TR`0eK-=)H3C>gySVUrp`!BVG
zQy`5gy1sXmqQ{vOeJn3U55`rdF)F$`+iD5T%91HA&J={jREVIuFSO(=J09E&L%SGM
zf*2wQG)Z)%{UZ`NMf5m(CC+H1i9Y0BfalONL|w=Qa}n{K(Ogsf1AsUy^9W2JVQH6%
zTFReclH`wa*v_W<!3uMFHm3hD=|yvXR%@CELa@Zg#`9Su>XU#BwYDs`6C2M@Kz{(p
z&SielBrHH00ScC2A=>f_D9c&<%8EkwvKpW|SVdSFff=Z%CO*|CYG$r3)1#T!^OAPp
zVLz#fR2p@((x|(wl}&F)iI>k}InH>!jb<jYvLj^cn%Dzz=?0KyW;l?cfbFb_QRLS2
zjUsoqiQJcYk-PT45V<jJk(>DQk&CSC2-!Mv`ywv;03>pAfgB9@4<k1aby9Z_&zQ)i
zIzxu}st^B3&gtCx7j5VsI&y47r~Z88A}c#WwvOBhh|6(N<jw<f&h|$R!vm@D|3KvQ
z`te^)<ObzM?#!P=u6-?!D)>WKTMV4JR=_n2`)yG5#FYIc(5_-={{?7YqON@w&|ySl
zSYh_>vY~OtVUHW8E{0(|V3AI+EyfOAU*LBFlB|0wHJM4LS3+i*q#H{Md{*nph*aK6
z$Sp{Y8vvQ37B5HRR=|Zdd+i}vEI)<PPd*LH#{mU&c#sjNIw1k9uy{VqoSX2o1srbz
zoZo=>0myeGE(K9kh_NZaIUmH1K!yVf>AvW0nCuB^cK}j)jS;?%#5smI6ND<xUv|cx
zj&$bS(UFm>8%;FbXrfsn{d~0S%!Ld#+{62$jLRVAOOuUz<YnVQ^S7QwniZ<{%g*sJ
z2#=(D-d>4G_oY%~W#R8y6Z{SgK0d2;4MKrsg1-9to5K+0LjbV@;HI8-CxSX20G?*m
zo4I=hs7q<W#laEexgXTsfEd>a#*ycBP@4hi6JdR8lsgfU8-~Wh#jv+F;OAR#e+jVe
z1W}2hVJX160Yo1ly+~XQVn-muNwk8P0Ax23T#Yyq$Ra?7<I7(GIRW552g2IVf0cjx
zs_Y{sDC{z@cfe9r_<wq};0XB5e4acY>Y(H0x))iJm(QOgpW9DQVtF&aZCBlG4|zUE
z4MmU3Y<Sc}w{6HX2!Tno&HS!J8eIl(`IwH(`|bnvdzyRzF<sg5z6|OGK$31FiS|JV
zyA=<+!pxqApU=VZF~H`Eb|J2D$O7!$Kr{lWCBXsEL?C+tQgoj_7$!48O$T5Q^cNFc
z84_jlE7#9Y3!SKP>G@$)xyE2Cf{A|cKn&lca@Ckb|4Uw?pRi!-%9Yd|K>NyN4wG$r
zUEN>sRzkT=QoU9q76E^tEy46pAJo?5MUlIT*7&T}XR#)!_enCVVQ?H0VL2enT4cp!
zyY*Jk*8(JRM)l?IpkD{LxSd>mVv@`{4bcjdh^?~v!#u=}iwCf}foKBKNTMFZKp_1A
z9$ggf0F$wx#sJU|Fi3qb*JB~86$}~Y42t{_=2O5j8DM<@;$R>Lk>H7qqk$|T@mCNR
z0l5I+(RmE&T9MpwMy_)mEV9nqk=);cc|BcI?(c!zMS^ml0`eFM%6%WmdjOBl^X2Xv
zh4)@q6gfM9SHk-Pn7^ZI%FUFb%mGAhJ&+m_lsgj0jsTC&^W`p#!uu2~iXEQ15xJAV
zJb|t$cQ%j%Nie)ifh;0Hx#t5p7vRykkz4eU$*y@wlpDbm?VJ~v8PB-kQPRl}<N^m(
zGgN7Qbzsh8VN+jOWuwE<H&$_JQ(sucwM~6rRh)fJwRFH``3o&@t{21UTrY;xxn2wx
zN5$d@N3L{D+JNe>yQw~=CVh^GMPJnss7ah(*m{0pZohYUwSzrUo<PJ)7t|wi*sR%C
zWVv4*K3a-<*X&tVum)7DS6Nb({)!@FSHYr*0SHw50Q@BaQ!~xo?9p2s+--Hr(iA4u
zvob~WK7b`l1^(?|sFG(3KcV3z|Mo|v4wXtPXL(keoM?tKepc)4Ob#@l#T*0OiTu5p
zc|3Q)Qq_Z2FN1mxkmj_~iVYywcc8x@*Md2V)hI5k*OWom2avhO$Y+2#MB%P%yvf>n
zb&-lE*p0<n?8Im-c3+rH!oF+_e^{JV*;|aLYat3<8xvIR&%mM;ya#J_zO;g)P2MG%
zXs^FBk#}xh-kGD=ZeHHu0XXJeu&vh7&C3IiU6RfN=A+I7uPqPmrr|;V_D6-IP)ICS
z@*s*>cO6>f0k2VwachHVIUeb_Ga$yLv}#%%4(eb)T=Kx}!eVqL=#v47XH7COczb}E
z+ub;%-+rCjq&NO1%K3f0|DAl*xIKa)Nd@XTle}xNxv8thJ|=k^@{-qHWRka8?in$i
zyriza^u+9Sn{l0)gnM(~hp1qgfqI+<MyW#vdRTwl1x6f+CI{dL4^L*1Xr9~<5e1dK
z5I?JR6#^^UKTRh9y9a4;Cm<~gklwJF;CT`Bp8$TZj!89^srE6b_W&8$>-T+*we7VF
zI0{e6MYP#+j0*q-7s2K;lRQ?0<R(3-I0r#C$9bK>-3egd31R?{ek3@~8x3R>iEBXY
z1!N*X)-h)TIS_ysp4aKV>1f8uI~+eT#;cfV!yuGMLgX4trjNt1gCHE3YXpmm8o>?_
zkuozd*RB;BX4aa`Lr{jK)*NQCb#N1y&39w_Y|XDUI$KShF{{jGMA4S5W`8fqpr_18
zj$vVok(PjD7RkU}^0UN5obyh8R_n!xu8&Gkz6Z!PNS$K=0r&U%UJk2PP!|GxX7HGq
z;JFjjt>j_$PGa_M1ob2!t5rFC4zQ8ExOv!0NcR36mTv(H*|asAAmk7qBKTQ}`022>
zw&3RnaDNA|{sJOdfdm9ttSD7LDo8v5q8pGdBpw7Y7|0+%(T5<$0~rS>{u+d}pDNkY
zc)N&R=`3f|OPOvAR+-MUaz68JH<U679d7y&Vc#ZM&aO?eTsHl*6*m2dgv|R+6cTc;
zuaRcB@&&*$FlrbET2cm1FlAsulQ787fs3~uw6|ASk=<Oo-3l`*J5MTF`lKT2HXnlY
zPe4vPEuu?v4kX*Gwp;zE;8+$1t+TbaNtCP!3pVw*YioIhV_-55={Fk?pKaK<cLg;@
zJD3L@N3?2_9o|pkP`?K@9HcX@ujb-<p^58Jd2xO6r*X|&=4!t_YnrT|*_t|CinT22
zMFE6=@>#7_2uyq-<KoJy?D>et*?`1Z;z}-Hy&3fNfFzkC5%$3dEY|t3XQ#DIo&v{X
z02`}!>O&y!kf4fFCHAz+0Vz63Q%$8isICAE6qlPc)02?=A=A%KLfY?5r6Gsu`QC8!
z`BHYSH|cpsUV6^P)0|sP_}VQM${P1}l$~IE%1(G5Q%|qGtoTXUao;Y-(;qB3yCMxn
z1KfA8q+3su!$8fU$*&=yCr!=(brK+c+SaA(sJ7C@9u(z^Jt&++DRLqd0d<NzY*OUv
zycF5^b1C9eOTymPmc}+~)ApsvWo;=EMWn4Zx!1zBgpKXJi0K`S|Hn)bn!E<;C7N8t
z6p;oQ<?vgW#9OycktIKuB2oL&X-5c>GP2pE$h~<fGGxitWyG{EqBpYrDYAX-%MDBs
z-M&N-X-koidLn3F7~fuqZx=xPx~=0ow=KSH?aNu1t*}1akGN(ft{<7WI$a>md{_P?
zt_AJtgK1L=12YENX4V(+)M>F53vPu}7a{gVS53JG5s$af)Ll$mHu(d0{vxH-*^(~%
zfk0TYD#7!xPVg}JJuVWdV)oExN%Q|<?>)e-Dz3fpncYu6Z$Ibl4S4Cj3JRit4XKKP
zN)Zr6MNkA40a1go5*yJs5nEzQY_UXRi-}PajnUlLV~Z_KjYdsk%=i1PnSI`a*W8=?
zJ>UO+|L=M3d7ib;T5Hy<nORf!%<P#L$YuYjQv58|8~r{R@(|hdpF!6swgN)evWDsg
znIZU_wHSAK^QXISf?R-TG{{Ds1u*LYfB<o9kSTzTpw^SaBs8=$2|GZtp$wRkhW=#T
z3-T^N9Znx_$s7favu#14>nbx`VvITIi4SBFZk%ay8TtZM9A<@>SXF-q<C@CELi>}6
zpYG;?Zow+7g)vPpAgHGSnI$TdrHk8$exD3lF(*dv4OS;0`V8)O*>vk?P`q<#p7P=J
zLAe+Sf#CqB3B+_D`;w>vu^h-!5=ju7fSd|Q(0g_$I9~^KDFAPXt3kdT>wg0RweEK6
z-w6J75cw88lAq-{S>FeBm+?3r<nOIV=R@)M20ikdfkz?o2*8;Q;sqeTBC$7!_ksKo
zkf4tSer$lxB;xQ{?s(Pw5R8793pu{F%iSjo3_VECG1EP#O!piz{qNq{W$$ApC(@Zp
z`2XiS*vekoo66Uj;mIsBi$EX+7sp1SbfQk4gq<0tMRtoAUn86mWp(o5wO?$1zPz7j
zw;&6!Ws}c#0rmlwC$lSev@K{gkmgT!vu93ms#$vt#B*3^<zg%Mt@UNG?gyeb8Jue#
zOOZW6O#;YNSFF+LM5NL8w?n`=1dl@@u>j!A0dXvlqeyTM&iO#jCNUYrcYxdo$k2aw
z88{Dsx(|T3>}{hfbH#a?E3PP?g!$*g0XLqLthDbH#^xM)(B@yoh{Lq`_15O|%WOX5
z#4p->=P{*i2j$}k+Z2{hOmgkpZUK6{E)}=u``WZr!j(VW{Z~BAHxhn<_)AFia{ze3
zh|r2V`_QgY;`b16YT)n*Bt8T<9A(usW6TanQz`>Q^~R%<h{`UoDr6Y-U;joTE}y3(
zn@sr}WNmd?nXP{H?`-v7E}xI}l+QzLlnaPIf3|$0EaDVomd43Q+HL?(c2Tl49t!GU
zayVx@fHLbrodA&X8EbS_(~f23^CC!G0Fd%|8<1N_uzda)$O9x;K0g5R9w0;iQa;@l
zyfgt&K99H2{XbSd7eXz|=S7&Px3fjo=3g(f`LcEY|C=r1(U^9&Xsxx%Aee~1p4p<R
z86ewXyGDS_7IiE@iuVAuE5Obc4Q5?k26`bNwcTnv6U^xl=4=s<NZ4stB*(g#o#R-y
ze75Ks>(|Z}Er$0jE?_V=UbJUCWptpm@hxRGejYa7X*M-f=tknn)M<!}C-ZSV^QUXT
z^JV^Y9WdpW&!2LFAQicGnvT9@|5|;9C|7OGG+kh(>BxMN%#;4phe|&!wMS+s;^g)i
z{zRmeGZfWCE`mAF1B5bFdMY?~g1QBeG1GJ-DfJxarvceVtnnDV6>y;8_xLA<-)UNu
zlX(ZB`^`OFmUSv`hLRN#?WCRpu%I6@1@%k@q(|9I_(>Pt&2QiJ$OInq<s7KnM}z0d
zu{J&r`U;+B!Xv*s7RJACaotU>UZSEJB3>(^56~-B)W*Wq0-^yBT6uLfkjQ?HgDbuK
z6}aXiIj05zxDr5|lAc9dD0eHUd_44w0x0zufNA<iDNSeDG`&-nreFO>X?l}sO8A#S
zQ~c{m6S)YshW|$*#AN^^Nm6tM@Xdfyimrsvze~}beI!Lx@V?EPEO7pGcM9WHw?YD$
zi?%Ig5_9`hty(36zF`xS=xcoNx%?z#P}wO(JKwl#Zx2oH0ZDuNXq&OE?C!L8iKdsp
z*?l>}F#goy$s#J78r&a}wWW9-S>}{EcMr0*7P+qAUIpAwRkF8rk0YL|JdJoe&YttD
zD=#KKmi&Ujdl7FCJjo#c0LV~NP8BBlqY~di9_n+kW6B?0@iN#-e-CY%KPF34=JmyN
z87oAk{tNQSAD8_OT&i^|U3SU-7(_w4B*tfc0isoZK(Przbm^&d*;V`u(J2zUiMA2C
zi^N1BM(N{8OcG*@t|qa&5aaYp5|f1(ulFahhY-8sY!6a<x=d307=MbB7=S@^;&h~V
zsv{w)#J_=<W(Y4a7q3!#ITEobaSB}ab|n7!#C{<5F+?FzgemuRa^GiSa4b|BpCJp;
zm6!@*x*>+Bs=MIH-`{b+4--nGY0q-3=4Z-PtiT>B@PQoIFTlfGd>bU!0{87feVaW5
zqN;erqgSCDw@`K~W#x>=urdvIIpZ;`siY&Wg~b_<VO{1ER1kB<V^|aybH-y>EK<yz
z@fg<2K8#j5^gC=3qRZzQk6}k}Ae5Oi9>Y!{%o&eiuiT+<F=sr6y@fDmJcfOWN5W;I
zo{GqZeY!|YD#{s;ELVA_C}%tpuW<AS6zW&Og9yzTk754=%`!tD`%Y4Y1EM;l%$)HU
z4iuM#`ZoF*B*YP#C(VX~Ma-P>7!IkxP6f5j=NXUT(1Z@~b|!~@hoihl5RN(HF&r(a
zF=sr6V<Z9QjK^?nYH!5Aobecr%hf`GIpZ<hCF%v$=8VU1yaf87a%#a#GY2|4qk6{I
zuKhX9z|954(UUx*&*y=P(a#gu_AA6X6+I<N%z=v0FC^x9)r$f-YQok9Je_`cV0Du7
zvi4@;<TkJfQb%z!@#VmK%N+oh0L$7F<o*UcK0%H+X1duq<V~o)Jwc8J&ui}L#tCvH
z3i@iS)Zhd;60MqhFK~h!i7w^rpniLT-1V?$e1aTPi=G;@P&h%3MCk-M5~UO5_JLIC
z1UZ(j(g|`@RyskBu`Qh-XX5lah8Q?O&cx{)A(|yl`eSUV!3lCChG>oAffM9dmBwJA
z6@PhqY8-pO{B!g;td{&jAsptghR6|d;qZnECIPFUIQFvqh`4a1xa5%$aCcaA9p+Aw
zRe;4qG697k0Ny9`*d~Wlg55z?^ukB$s^ZLn=vpdP;^|Zj2FF$TPx_-2-`_|T`E!Z?
zut0xZ^rh3;gq#0GFVIT$-HhgIhStrwE8ygF{zS}+8`*FdV`~N5fk^*h0bY#SB8ohv
zl8oKWKy3@2TnYSvn8u_4Rkpj7NVpH$lSmpyfZ3~_*_&`TS*Cj}n0mUoT<$(JWP1N<
zww}p7@kpaT?T02FfBCoQHmi-S#^uO?L_^3(OaPrL0?F-8j8<39RG{^A>EC!T)Q49}
zhj%Ciq|gtzfq~A+yn3~n9Xc5eCx5!TCV{uQMJKFNb9%9~+=4#+Ism494v;qFc@Y0b
z#xd$ZDGnci_yZYB)q!b-o@@gFs7#}co)=MJ8^{*2&PE#M<;WTVau8X6Mp6zEP4hv{
z1O!JfJz5<s73g%3rvV23)<!gM;;BZXQK~!zi8v%t4{aAhW*a~?EleUmuQjRCG16dt
zU0Crv8?&1ra}}g_0K%(4+y>+p65ByM4CEma=YjYokf%wU4&paJUMF!9h?0WiKzs=9
z2Y}`~LAaQM(16+>g3t%oKFPm%wa@eKAT{Vf{LhPHSVC+J^$xdgU+dU{gw@Tl#FZd0
z0gm$Iyo*Q6<tXEQqyQ|prdc1W=%#E9jo7D+&3*xK$peDpF{P4br#BANC~{V*el=_d
zW`LLuNMWC}=^g@hZv&)vTLOne0Cf-AkeX1ARLcZdKkKu7`P`1>R+M7EG}f$A*&3F%
zE%3Vm!0_`D{<Wa4AZN9zluqKuARYoVy$O#UHW(cv@ffi-y*r%4zv1yBgr5h5e**C#
zkPiUOJ_e0m2S)S&93^P=Oha^s*gZ5u|Af}rJ+j&z)~5nZ#mL$Th_lO3qhr)a`SK*f
zis4B4^d!QP;Yj)RB*Jvg$cdDV@TK6$y$m)|jhtn$QEKFTV&*fB(Q*J;iff6^7`Y%h
zg)ax4u@)VxoN<Dx;r26AdUX+jR4D=}iGWd;G3S}7MJ^gAjPK9i8*fK4B)-iKi4W=v
z1@`yy2CsB14|j9~!wOXYg^{uC>ddg#XA^0=RM`+;xe`sdALQ18?;nJR`zSKoSuRuF
z+dykRl)sctGdNG4$WrW9fH;|R4ys<j+_=*}c$jQHRCSc#zsvT^YY2(|7NCF3$9sGX
z#RJE7;gO(Ajk|jqI=VzOg<LfP?ngOr`w6!<xe|o<b*CXdUYA4_FG4mxjIZ&Uyaeuj
z`+<&sV=bb)ABB9dM)j>^V%kuMngHQS)jvVi<3Wr9pb0U*OYj$O+1YjkPA0_d4HHyt
z?96wGx|pD9`Fs)$<VA>qOwi4@m7C*c{&Y9zwGo4;nlV^}z~%!2yf-#824{lUL<W{D
z`cUF#5Z4026)Guld=<n?fWkv;;H&e@!Gv3|9bNGra%&Rgs!r^-g=GD)#~!V8rylyP
zCURA3Bns2rXe7d=DlH|T7bH6Xsi|=J23`0mS~kT9i~xTaK&3CSX<>HYRo&UZ<l>GA
zRGBBN6Z7vW_@|-Z5WQmgTr7D<_;S;H^qJ*94t@ZGP#rJFfVx$xA+iy@6|Ri~Es-8u
z#-%)y*d&`8zU*Ma49__zG68ySh7-%3f@AC5LrGJ~`d~@CQYzWQMKddYMp-4hW}~O7
z%&VkKa%Wi6hE0UNz#JbRnB7uYdq()daPberBPnNud&%{{L%w==sU{`_&ZpuL*wb4C
zH+3{Hb+kHi$-DvJO~fOIki1bCL%I)vA_&`8eh4ckIZhqor-+9~FIuJibe3x&%Gr#X
z=Vub5fJY9$p7FEc8F0xvbLo<6qN*+xJ%T^PhFcS|_S}0+$|#?Cos@T?pz=EA8P8x1
zYAWfdLUtNKU1mNMMoup%42t4nv<Jl^#R|>~93j@HBZ##+qbb%RL|4dnqM$=oD26yK
zs3$?E5F?y^6zi2^H5lV`;&OnXw-Do<Yv|IaScJBT4&RA_K3yax<>Z~H5@_DZ$vYA8
z3di9)QP2-l`FJN1iv<0}A~PJm69oh05W;!R1cpCQToyWfCkh4$afHKnqF}Iyt#U4-
z%a97LajnDgR!G3m#8Rl<<nSV-V3fxVxLchjY8x%7+2L%X%NR+(H8@=j#MsnyB<(t9
zR}$lLC&AAx&YL85iC9|hcKTAmcnS1D<@4f-1aqLqKLgH5d#wEL!NHx&a;!X8<w(e}
z^4oz&&TJ^evGR;-Ue!_{MF-{6pU-L^m~+iDoK+b;5l(@<ZHu-G%=aEqGw`}XFw9|2
zJBzT<F&N&!3p7;7v3)QinhHE}4(ou+NO8$4pZV=mjn6P$W+js;1s91qk}jv?QIMj3
zaqLv5ir*ZW=ILnJnk)?Oj30saGtgCRh@BUPgNSqoh#F@AiG&^wqQBElBB>{X7~`Bb
z3Pf7Z1~JoVBazWdK+JdUA(7Rr1V=l45m1!VYv6K*vzjh>%_*rXobe<o^cJ|>?0iI`
zN?!=#US~IkQ!NUfcRof78`bEm;qrlVG+pY1_=o-~R2LWuZvSloUc4PLy|ivcC9EF~
ze2Ugv;GvPxnyvNWz?(XNFV*@%;LQ&MKUwR3kZ+v~{Cus~g5O5|by|N5c>6QJf1vf%
zh+hYF{#@(f2&<DaFKN9OWO}^;{C%zSuwtJr!2hB3NXU212A*>Chmh~P26&C5e}UBW
z>i|C3(UZaNPrrLQ`Z3@GXcx?SpANqR$v@oDHHh0F;%glJOUMjf0{k>buLVBzL*N%V
z`eeutcM~`o)6v5bhY`<!{{u(g34A2wf9~ihkQsF$@Yfuzp>s5G91xsD{Kq^Dyvf!5
zAv2abhr0S=_#L+e`0lO_f$#DL@ae987vYX4eu%4A0-wOJR=Rp$$m~X)8(n<^_!B#T
zf5X)kz$ZNn{B~FOhRp7i|B0(-AgsxgfxqDD6ymc7kKFyx)qjA@o|MUY`X=C0=(o+&
z??Qg+65t~}{S5fi-T*$;(<{K=i+T?5^o0m(?+)O{dioad_o2)go<0X@+;<D`i#+`b
zWcKSoSUWuZGGwL?2md}#KLLDy@*l^$J@n650{+{cPJlmiIQW0@v;)7hXy<~je*>Mf
zi4XSmfsmiG2J%yUJqh^StAQ`{^?Kk3TnHS;oxX*9KX5YS&++w3;Lqy-{|;Z@2b~8o
z-+$`sOQG}Nhr!1ork{a7e>UXb^Ywnf7tkiDKyOEU4q;f$fgS<*Ln%Kd&}TvCVO7BQ
z4fG?x7cPO{MS&gz+b&`pwgmbR=vmBguMG6V(6eL-@Vf$Cg#6(j0)H&fn;^6F4d5>X
z`U&V?#<;y3=p!MsobrDO^cBF5cm_Cn!#g3ff_c{*>Vu*4NXm~5brtwWF+O{R`V-(Q
znHIb*M{I<oHDW}hp{h3Y@R+VK^yHXEkIasGc1#xx&B%!VgrV2ObcLa}#B|Zn7shnT
z&{xNFlc8^q>5QQtj_FoIKNHhchJGWaD-Hc&OlJ+v!Xfd?8=6KEy4KJgF<o!y;W6E4
zXciWcZ#FayD0G*hnZZIg7<x@ix2b#`a-z~@(~h~4*IQvd7`+!PzdaV(qN1(9^Dm)X
z7MjRTxI12Jr67*^L5BJD)wiSjc>*peBB_VyRPj+I+AsE=YwYl_hHU(F_f!n@(o0o8
z`Nm-;hBf;E8g2wPmUUtTO68{q6o<mS@oqehg!B;{3^i@Fs;RI!Uc;$45RqzT$kVKI
z|5!;k!$8Q*g??b23>_x|(kqW$qMAE72DlL9`G6LDpxl~eYHk8`1E4jI(QS-Uo4vD%
z-KyJe?rb6sJ0V_tQ_N$*(kz|7Su}&#JNwez{8n$m2jONAiwP!l_gYpIwakKsJRK5e
zLB^@8wVrhMJHVo)m?ZP+nE>o3BIj(I%o4&m0{(R1a7T>ucRYTFG`tINIO6{+kWT?_
zfY_=em0W6-xZgrFb(j)Qsb1J<14z-+_%xl27xbj|{dqK8c%o)+BJ%Ymk*sXJ$jG@V
z_#gx`A+*WwVH5NA{IRvk6J<7Wu@2x5hUXjy>S-C)7r5bV=W%_SU$9)2p8|(`fHupW
zsEd3VuJ{mEd&jGZ-a?x65smnmB}G)}=W5cbu7Z~)MEYFf1>$+lbNvd@NZ<uM3jCtT
zwCWkPz(uA@A6JbLg7AmvTdVLfi{N84zmRB5&4%BJn(N<9DNgQ8(`Q3xbMhkKGa~N&
zZV~x;x)OR?6C)6vg_?u&w#b9b5i)(<mLt9@!eVWE&==@B{bz`G2!4uQfT(qbOz$TB
z3mgX9OZZ#$3rKJ89FP4vCtA69nd&3_3-oCC?TY?@q;HQnBJ3-hXLjiO!0#7*9rD-d
zQ-SvvnOpS7NY(&}=G}T#Zwx3z{y}{qWCrH;L%5IX2H=Av%1`NCiPtj9&tVM~0}UyQ
zucAE5bx@TU9?F$Vcn{;8zI|8n=RuL5g)cj(%@9v8xdfN`;`h30a{PKc#A39vxVs5r
zG$K~uV%OtJu7VlY8ZiBN6k+_C9Yz5um)ezoGDY5lm1-!=&%tVCHz}6HzX_u50F0k?
z*eKtLxeI^W3O^_)$G||iUF<bT^k`JYJx~z+LYkUoKc1wf-kwO~qG9mq)NnX_>-y>|
zQ6Ii(>)SUmOUIw?CO5TAb<*!JRJu+;Bd2I}{SX%9vp}z5Wn6XaQED9ZeGcj!a#pT5
zTFs*WV|#102oSDav{E(J(IP(rc_&#*RFjmDz5C!o4?uX#(&eg2a-aj7qZ$C=I@K(d
zW+sTKWUN;$HB@{)hz)?IRlLDqo__WQGiA{{_<DofZ<3(~BR%2bHEL?e7`_89Zvnio
zS}_`~9wKI5LACs*jBk0W^*RLje%z?Vh_tRWRA=H~C}_I_LiljXicv2<35oT3Bff2-
zMgCXI_-o7fSC#RvE#vd*B^wv-Bg=mrdY&!uF^hst4&JQmOdxdp=nIa?1Fa*=gLi`^
z7@Z;_9;^R*8GmRQf1oul<@YM%pH#+QRK~xjjK98zpZt;KGZM+al@m2Lnz+-2Ei7-{
zZQlh=jZ<I4oO3%4TLQd;IL_J!umyi}M!b10Q*U~;H_KY^?3o^9q$l%vOrv&#@iv%a
zs0BaWeIcF>o5mtBAD=L5fP==b&kitJKokM)3Y8)~1^5`!N2)C8lYp-UAkJS0Y4_vV
z&$iV5tZInEoSE2CBvVLzY&<_Ji)X*Dcq%mg%Sh<hd44uD{mXbbq}abW=wIf8NK60X
z)<iEMaNEBSjr*5>0FV0@;&K1d9|ny37xLr&g?QY*5Rdy8;&K177yM4N{mV+=asTpF
z;4^&FzfeBzUpOdOX#1DHf*<!U#8>gV$@ZWHUgQ3Sc-+4*y>b6Se%!zC^vQF4)4z}(
z_b+ci<#t(3>>Evn-?)D{A2M<OLYcUKVKn3Zh4OL#LOkwY7|pnUAs+WH?6Y2tH-cm$
zJ6*o>nz75_n>5LGZ%LNzs3e!scBrp3IZuw8r#mf1D~r3sNXjy(l8czcb$Q8EFnYkf
z=2S493K)N8hfzSvp?2j;Z}cV<R&Y4uvJa|!1$~M;t(gMfi~Xo7b{@LQC-)6oUA_wq
z{ORsC7gP7k;9kuXT#J%_1t7v+AW7RJAbunaY+I_8ocK48&j4yB++?aayR%xm2vf%n
z3}>6(U;`R!!a+cZWlDm;ppxB56O+ON*N0*>$tv~jSx_leYJ#m&gTxj_!I@hzcr){_
z@h$RZ22&0pwwK4(nGvtOLtgg%IH$_s%{P-<vhT;)Qd|e6_7-~C_v36WGA!Bm<ECVZ
zK=%E(xyqH~bKj3!UAd7s_x-p9gLB`H+hFh?aje)Zely&(`34|Mt=t3Tj>0xJq?dbu
z+|d=!fURT?kUJ)OHgK~C$Q>($*#qQ`%U%kXYS{zi?vlM3gxLe+j?df+qE+?)xf6si
zdw|?s#gEwo<nAWg%pM?jq7Y^ekUL2Tvj@oCT?n%W$ek>N*#qS6A%xun<nHM*Nnzn}
z4Es?E^JCKLr&_{8>x#txOjj`7p7Sb*Ck){`hk$reSNsGnfpb!QglQ{DO5|)s3;vYO
zT@4ppx!44CztA_sNa2_%&S?z6?lGbjlw<c8k?<V5$B0&l9J|Me_Q^YTkC7P5v3rad
zLaSr<7?J35>>eW$LsY~)M*BMz2s5lc!To??pNwd)btV1E*$>2thHxB>h^{k)=lm5e
z>kSb&5nN7k#Uhb&5nN6-MB3>Cms1RZq#gsO4eq%NF1o~RaS`0JU|nhilyf$S?S{Y|
z+INEby31Kzmt6|Jz?Y(WBiNpn;^|F?3f~Nhb5n_%?zR|tq*Agjkz5Zn&t-{J(^r5}
zO2*H=S!>8#3MN6yEN)f25_mn=8gkvhQnDu|`wyV<PT}Wjh%4C=<L9G;K}30OiNT$U
zz|D>rA9pH(Fgs#=+^Gn{?1=Gkry__h<$Vi(DcKQIeG|qwvLVK=2^n*<A;zy2!fc4~
z>x3{HV*ElKhty_6j9(1)0bw@8`1MIDGaF+328pZL5aZ)YMW`-lZiw-5r6Pz{%?&X=
zu2clkB^zRVT&W0Rh-`@Qn~RG;jKQJL_-kNf{a#HT0x&x~Dyvz!UD@GLRn4;7ID0)-
z-m0ruQ{3Z`Rl25@<;wj5@!C3Odeaho_ZIZ=8S83{sVa5{Qy!|B*PZD8A+5U2wz6#M
z`P1Ex1!(H8hN33=_ykSydw@!=_zWYb9jDXP0}?9~ZuSLZe-L|;vGfRBzd`ToK&>Tb
z)e&k~^dvZ2L7fQ*o`#y?V!g{jUQ8BW5{6e&)4d??AnQ+%8XqkH>qU^yl2t$<pAbF+
zT_1sbpRCIvwQKe{u+sg}sQ`k(klHQ%GFTlT+sHZqQWKM}gEbQ5P(aJB-!Waw?k3G@
z7dR$X;f4lUWFJWE1yHSTgI)Zt5mn8o7kX~xZQvyf=u{4d$UHzY3t|P3<s>{1rvh0=
z;#0`}0La~dHu`UGhx5~*o&r?Ova0`roW`Nl-nQ#D!h@>%yNz9me+&8EeGu~=<Ky4>
z7=@^M2SMI@4P?i=NTn{OncI3WLg_qwDZ1Ta6VshO6OO&<lxDt;VJ@a=;;FQ7FYejV
zohkal8wr%DZ{fjC^AUUjW0o>!+D>x{TL=5gosIL)IpYzZHcdQj*Da?4clO0Ywmc8<
zlFNX5cHQzy;HB5)fG%bklxx2BTX_2cJpT9=Za;v>Ql@E6LauxgB6`6VyHEIMmoABW
zcIom+Bv5I)bh#RMr0vq>D!AB7wR5tN+NDx=LI8>3(q-B%UE-)p<>0^^<=dr8ejO&;
zIk9v}N9Eb2%PCN3wsT_Xk}gI&mM%${?VMP;{1pCMWjiO9E=hEGcIlFKFxxq?bV<T&
z=fu+G(ICurPApxLFxxq?bjc%f%yv#JU6PoTm8DCEsdKWjbV=N9=fu+GKA_BYPApy0
zB4#^hymYDU(j{HYc1|o^k}%sj<E2Y&moB;Zx6ZRmmouPxlWgb2(q#<@vz-%5mrTtL
zZI>>Y0JEJFOP9NVFxxq?bjh_(vz-%5mn>;!J7;O>(zy!31<ZjOhwIS3UAlY;9M3LY
zz73p2&(fu~OP7o*mM$q!Crg(O{W)9-wTCpBrAsM=X6Z7Z?OZduD{$44nJhaJv1-W;
z4a&2tmRo?EOKY)eNf+!$WbQiD;4rw5>1GP0%px6g>2fR{#gH{;Q|wfya<60dIe#_0
zZ?tU$CLHCbyFZ0k;^;NYRlW}eK0{0LDWLuW)Y(|tiIGI?t+MGY_-ptEglYz$?E$F#
zcB?!Y&pqcjA)cbzldKau4jb+P@G9Y^Iw;T^8rlJgl}D@8WLCvVpe6wFao|>MQcexP
zP`pt#Re06(zSio8QmdcwuVA`*(_PQ4fZ{3Ci&1=&ov)@r-DWdiO&k>gQ~zwKjyV96
zJ2JdqV_T}z%UY`E(NZ;=(R&No_U(BR&@XLnLRrEth`VVH;#0iFV8MEQ@g#aQB_tvq
z@*99ti<bb6&ZL_uF(JPL*iyWX95cHZ@-u*~MJjHMY_n;bG>?kXS7P6jze;X2On-)*
zO8#+z``h67CqSEu-lkk3i{?IAM^?o*fafbFAxHI3;iWS76QEeoMO1ZFo@)JxwW}84
zTbl4^a7pOvuraD8&$oXJ7hU{S&|g>Khd|}^yJ%F%P^?%>bx|#M1=i<(M^E}(C}@x^
z2nBrtf@x?NiclIei@|R^fC1u+m!m*5k<h-*ybhw7L=fmq1tQ!+VniC<_7te}`0#%K
z7Gss2L_y^<>I|@swDKgTw?I*$eE^Hdq2p7kBgL_}88miQ4+T5YGa%ASUVig>Ch*?b
zQQ#L;^geWXeE1BGyJU^#j=o644p;Y$xOAkGFh)PC_dU1_5?zs=k7y50F*notc<3D>
zR?6!D{Goyu^sga5OtyNo>P^HOMnS$yPa!^x_z-;{@Zl2IG1@2Ii}9YQe-E7_DjtW-
zG`$`8$Q+|HqjC@EAC(vh{3%_z1rDR-0?HX~<-v&Q=;EGmS>+biEIm$*NgfOD7r2GR
ztB+D+)3h<}X7rhZ^e=`TtbE3UzG9l5*cu7lqSAd3D?Oo^7V5kkp$FOQJrFq&BE9HW
z_2%4gn8<7a$77A^^Aw`u_#wrfuyy+Yc;`=dPsY%qi`&*6zmfirAAmDP07Z`I9lsxW
z4}!i0fN@wsjNlB!Nzr61SB+xbA{cdm#EQe$VKSJ(c7f~-$jygYoMtinZlHG|uc*Ll
z5nXdZ&juux9&@;A71rS(7n8N<@FP{5_*@V2I6#h@>Yc9CHxR-NpsxZ{-H$Zvf3q13
z>KNg|5`T?VO9E7kCm{0zgntD{{tCngKzI~)@--0tAg%sE;`bo>gXjfFega}1kON3K
zXwFswSq5-MftVeKSVByIYKzmi3GRo)?#IC#`iyKl8tnW4I9vn`UjrC5t75SdV%2=b
zm0&i+?j^*!pJm*?9=n$i>wc~y{;!SQONezp&$!<jyO$8_e!g+PFLo~>*8KwG{>#|C
zgjn~l8TY@%?j^*!Uu5Fnc8krp5@OviHSUvR_Yz{=FLPBD?YxH-@L~kHCcmci#msq{
z{A!r{N}9ZC2VD2DKAadCZ+$dZ{)9emhRkh{zJ)&Oe{Jgwt5|*3riMhrR7>y`@pE_#
z^xP2FMyvLTjjG`h8we{H-!0(ioPg&X=OjGky6b+?ttRc1>2W_kc1KA>)zx=b$D;wx
zDf6ehnT*C&>h1w-ll0t1R-U_e6=F^iCuQHgH!JSLNWcSt+(Bp)^gU89UkCjH6IOj7
zD(20#l>0uk)ht&xk07Evb~e>VpmEvU$mWS__}KToc^r`xE8yv(DfPnzp*q8$d{I2R
zwu%Dmu+FKWrqmq>VOxCxT;*-%gFT_g9-{h3Xva>G4wQ8X>Q5O>^=d%8ms=rx89%fi
zgcU0pKU`XGRtD1jA!vVBp6{t%X8h2b&5n6nk@3OKv+wbwuIcT~aMFmGVTApbFk^-h
z5?ecrAf7S92sS&>xp;VH7?Cl<hyy6mGk&ns$PruIK2iN6ls7L&K6NEH<opc)J2Icg
zUjs)B$vSds%z$AS%wz`)cLP;@?SO&4{fUicz;GX2;sL`Gz%gL>h$_s0;dXHBfI(E)
z0R!=<(F_=5l=0673>7k9ID`S>6C4>ZkidYULIw;ZFkq;V0RsscFpP$JpO1v}HbC-|
zD5w&f@y7t0NGsV3USkFfO(+guGGJ&2`^yFleZa?n;Wg;;`A9H0jv|caex(6JEo$X|
zGGJi7#RCRfCLS;l|E~-f7}t2fKs+8W{1W=(0Ry8mqt*-<dINt-*O~zXXA5SywPwIT
zVwKx$1`KQA{Q|ey3>au*3>XrO8~ux62P^3v=_{t`iLXLJx2OgV7$!8+K>ax~NF*{m
z21Rz#4|oPc+NdIPJQyKMsjA~1{$QpM7m@oYm?7`AHCLhd-vnAumw|PoFrO2qv-J04
z3J?(~^I&Bhr0O_EiLxT~VoA;5KX6DAikEq|4crD-{%}oY64uAvt6>dQ_8yFh4nP6J
zk+5YHIH!YJOYU;)Wv4mr2XPM>9DQV@L3$SCzX6gm`pAlveh2zp@?`Xpt6=VY2KrM#
zB^%JZu<C|jNC8Nmz)?|!cpV0M5P7>H(N3lC4g@_LP|2<4RkFAGWRS-JhE#s93CfXs
z^28_teSeZ|q|+j|BU}lgD*(xJaCx88D!f}je;453Jw!EH1z4yrVMdqJ>{cCOc~`(@
zqoEqdzBwE5oQ1C;T6S2+tuP}GhdTk!InMDSv;jJ*Y2VYW)p3drGRjE?=R!>|A1)6g
z3iknqUSmaOGGnSor<A(HavXIhJ*BHILn9wdfy-~;;Uz#T9a8&);}6BkDj;<*h$4_G
z5=%i$05X=uDi8+%nM2}a5Jv(z93U3xF2yj$YynYvi&MP~;&+xLeu7Xj!rCK1bauey
zYfy3lz-W53B-eu(TWXB4XzgE?BziC_fl(GEJ}61_U{(U-EK2;nB+-Le35>KTk+{ti
z3Jh#Zn3cd-ixM>@eh+3PFxsNTfRaQHW+gD*qQvZyL=R>qFyf-b`jSKsW+gD@qQvDT
zi5|>KVAQ3Gw0^gh@k$uGZ~iiA4z?vDu0$qW!Hg*KYpiRm7pH`cGd@(dk{{p%A3^9A
zh<}$}s$GQgVJRjrAdj7j>T1lJ1PyR`05bOhf=Uoi0{I!Bl~SqR;Jg9qMS!FyxIMOf
z4`xEvSDO^)OA<YpmAKYO)RiQ9Fe~vbBhgWk=)tVSbtZ3ymLz&GD{;M%7+sR+!K}oM
zXu^w2VWESqOb>RN5m9xCt7x9%AyhF8m5Q(d#6TeZ0mE*9WmcDh_&toJf13@y5AN=8
z9tRlyFo>^P5m$W%5uRxjJPr2Ya9<1<K`wqH<5q<2|Gfwq%?%GtQB|K<1#E+!HxAMc
z&BPZ(s_F*YLebj?)|LF9TR!`v(eTOE>r`pI*0S~LJVk9#r>Kri@lS6kCk9|QP;HfJ
zdDd!K3@y~a4l%n49nSkQ+@uB5$Ef%FvMW*9570loDGrP)9Nz4r!zg?+`CI8p)Mz^h
z@30lTXAsUZ-Nr#UdlEgj%?!eYn1k-h4#H1_#nu3lWrOfbK%WOt*`7i8=M0~Na3ad*
z051Co2GCc?5PcZzpI)V|7%vDzx?&Dd8QNbd9g_05GDT+K&VKPL#?R()BG@x<&-D!4
zb7tU9$($LuGxVGpxSs>A@)=E^gS2eVn4RSau{mWlHLLcUVZ@2@c_2$q$2t(#fUnwj
zgV~ihd}th$IE;A<9z0)HV?7O<emDKDmC`^T!h^j0Bp@v+qOY-~Hv$|`C2s_q7NFY8
z8^Im+jbKoJdN;p|FXmn$v-j0(8NyZ`t{cRsYT4bfW_0h!!2VEpwb!254L^<y=lhZG
zdH0WlZ!?0A@^03-5^VQqTuQ_c-8D;9eh!dGCHBVfAn&F_ro&r?GxP*mp(?!7DXR0{
zPz)-Pd-sCAgg*tWcWr6ikM8*4$P_I3BwFav*{0GbD4ohPJbag#riVw7ACCb1qt`4}
z8FF3*^&$W#l2Z;b-T#nyi|~`yKzo)MXbg@z_>T+}Zy)~OGf?;+87TVK43v1U69)3c
zK%?$3Z8u7V{B(B`2J#xMfl@F~AO=!uSJ;5bj}DE?$8T)%7nCLcs{bVU@tqw1d&&Pl
zQa;|1@{wT@celwuvy}W@n96mkm9C#5+dpPuSgN|nZyt_;GJsYw#m3pTFuimsjz*A!
z<@SWz1VH9=t2T=Uat#!ji^{Nn%UJM}k_A7u7CgPog2!EoU2f(AF*g~Z<yKlQ5F>`#
zj`L~KL?>yvK#b^VS}qVH`mie(h!OR)D;J0n-xJf#7vY~T*9kr*qU)AQ9N*Gx>T;3?
zcH)Ti%OP?%AVpb~?nIy{Fq0AgM{Uw7>3|>RIKj=x)nH!3-oUSb1uh3<XOxLM$0LO}
z%WWih-cmg7fyA8v50yzh2jo|P9HsKdfb%Y>w*lyCpR*xe#o#JU^HL>?WYu;rJ7X)i
zAQF*V5Q&(3gEDzZg1QM!EKBe3g%}`8>lQYkQ-s`&Wwv*=+p90X^uo8DufB}8Fz(d+
zX;ZFkYnR>^=5(j%hSLyEW_J*01IaRWgq(DeoIS<Vz9$E4c^iQ512^T(v6$yw4UDI6
zMc!8|md9NMmCP#~t~voO?*OVqTeaQ1{1G@c(H?l#@>LR7U{k{j)|OmV;ZJvS8@;~-
z618+skHDA?;Lid_Zj#s?)EIJBf-{;e_Bv3<ki)(DdoYCWg1QD!SHNepI-5KJJa^mH
zjm3i*axS9gU&H+cK>hv*aL+rNz=F`_u)S`or~prn4*D1p9|4?=;DjhFF2Gp}q8E@3
z5=Vm=0c047!$C|2GKs_j5VL^H05ni@<2G;>gIWj(F9(53jjrY2JQ(xu))ur~Q=5%Z
zw9q0?Gk(poaF@ss=a1!)Ki%D8??0mP<*a-`7TF6pT^^inIK!2kf#CACWW&L2$wUHv
zYB7*`7RYVMhKJjdiQr~ugvIju{-U_N7HxTb0x64se?xf<U%`g}$qWZh_I_-;$~P69
zFZ4uaQ-SS-Q(r^&M9xf|=g1~Ho>{(tnxj*J4kPNR^hLlSv)dAonXMq)Ln6-T-UDzR
z;Nvkq$a3DrL%A#@9-ZAMiT#M!E5u0JT9bW_T!!oY29I0;JD9a6ijT56fTmG?x;r>=
zjp|@f8<CGE1Ms>3c<%MP4EQCaPdr9VVGM2uaWf#l$tt-ROy8{X`gl*@c7(5I^2kBo
zp5o4_TAKOU#j%;ESu_8p%*@Ap9j7<`J2QJ`EAoHM%zlrV{eNoaZ_>;Mi8by(0vxe5
z&FcIV4;9cBAziFB0~%81d$M=1bMt(bhBK@UdYWn+<X1^=FTq5=0z@a`;{xja9K@%9
z+}FzNX5Ke&>OBv?$GPM<{2rq5R_(h`LNn5k9%e0;8USbedjl5Rd0%PPwA^-kXn0sf
zS{<w9VC--<@Z)uX!$iBGG<P9bdG9zKod;%g7O2%aJB!Mr6(H8=kPeQ@e-nR%3ML~H
zZ`Z5jv5ih$maDUgJAgMhL|N3_YyZ=SO0a1)H}U<2($uZ0jzhpO?HJ&fS~GF`0)M)D
z7c?up96C?u0i(3)4X93Tgqt^LA{?iKo(4#A>2KQJ;H(05B%p>(;+0mT`Wwm}I?93I
zId|Z39wg2IIDA7b5m%NImx8zoBHa|@{>L8yxu3)q5N`o_mBcy_m6*@X1Dus0+JUr^
zSO{VmkRgCtMxgEia3+JA1Sovp#_d)l&BKr;>hF~w=IKe5n&X+nJUx76GQ^Y9B=JW5
zko8K-V}c5gG%c0l$U4ns*7|j@sxzUQ+2itq483MO4z8FW2N^eXi{mibR4>7#<%IEq
zE&?{4`KT8IJ4`Tq^)O+TV21<SEZ9<DUlVK@u&asT91v%>kfEtYo@e8aH1`VYV}Qz4
zgc_~5KT<9u)M&^3k#do?#&I_O$cgl*(U$uo_cG{6ptB4*3g~>I(zN@d<;F#6-2E};
zCUP8U<BzrISbPg*zq6ZV8=;vP7@0S(<875{FRN1LUG^WpSnNEqmXE=9e(7@g8f9Ay
zmoHa|z41vHj>}|bJYq8{Y5O?52=L`qyS<mw*W46einTjQs5$91tMN6XJD=2I6p;l0
zFNxO*+|`67SWu^u!}GsZQM)rntIxo3aI8ihJxu_k4d8zZO`V)C`Y@=6$hi@m9MwDn
z>K6cqH71l1_In^-BWr~U<x|38W3?IpaE?@A6+>D8Vio|Cu-2;0%i^Z}9Bb8aWmcWu
z{U2M^cByt;m)Z}CceZLevL?;!f$tCPYt>VCH9?Tu)#MND!~TrTYSo+ncOrf_0fPHc
z0OfXwcR{^E&i9ZbV^4!j%Q!R)0DlS2=HEb*%?7m(AiNC*5^J0UYAreU&}2;gMW8MK
zM5}PlB7?de#EoRohLQOCHOLnL*>~<XkwiQ1ZNpYewD7^UyEg_MNz8RSYu37Y9;SC(
zeGsOJQ1MxMB#={}*I|qt$yy<I#+0`iGI?(fp6X`I6tRo_8}cD19mX{_9~PJ8!-v?R
zweymqJ$=@mBl^!e47*fVAsvSQpLZCQafczZQW>;o^3h}U{|6mL%_lObkq#sMePiop
z7=%CEM1;1E9YzgXG>@;BfLhaG4Br9A7SIg<=`i-Y0i1E5Mgi*habwPERI^}3bQo;+
zbq#Di8xk`CI#o{Sa)KX^ErG})iv0n^Y9Omfya8ehkc}js15wiUGZ5bf_gcC<2;wdv
zcK}k1K$<(R9|iRYpujE7ar`_wJCjm+9hlF;_1^&c=yHN{i6xf<LA(u-Hz~F+h>wAM
zL}C(%5H-pL=+Pkh1L+GeG2oV*@u0>5g7ZP>gM-WYH!t`W|F~sX6}zn2q(jOq1uM&(
zkg1+5-wk%^keCqXpL9r0Plx0zLiZval2huCoKlD6lsY7*)FC;g4hfCIP92hKJ0#r3
z<eCnN_c6JqLvqj|xu!#M&>^{|Lvqj|xu!#M7L5cd9g?$X6j14qe7<YArbF`iw&9u%
z$w!CenhwcdJyyAKhcwVLRd&Y_7%fPZz28>Z^<`D|UVH-^*>5NK9<%d~LVFL1-Tzk^
zB{+Js`vdI;z^a90?X=G@;sya{eeq0jiMC^6G2$E|zBgk2ML#6IrMM6A71%54W-7l9
zJlzG{bF&;C`!mSTHnO+JI!E3uI3EMayokoOm=g4Jp!MkhbuP0B!VT$KHdNV@@E}tb
z409^WnFG2A9jYut>K)TA&hdttyjwRBEI-LW8$Ct<N*3}#egZQuFpTWwPEW$of{kAF
zrIcUH2-gIAP~7+N2ItkLm@3a_6X4Y)8Bt8i(4`<^1r`1f?L5Bypxk$$#Nk5)Y>MS5
z<ZwPd5(_%2p9P!X+{OpzWE=?x8N|;;!(Tv6Sml%VdF*Ip*~Y^i?N&4}Wc-V$5fY5i
z5OM`OY6zK^Jh;-K2Zxu3n$Pco$w1{~%9`*+gpvs4B<aIST8OFORy=Bd!of#cV$si5
z%C!iQKfGU~1lI9GNuBOPd_F4mTtJSS*mq~Tw}Lu}99nW;rsXG~9s;CL9kLY+!`=3q
zQ&Xr0xk_f6yY2l`Q#^;Q7<NLXyKU1(EQIU&hzb28JibNGC#m{YGTd$NoLXeY=!O~^
zvu*;y0(diRWcNT)#<5|+i1-vd=WwdeTWeiuIBo@?>skyE=&JDwH9~pYtO#v?@=gk(
zUdp?-Ou>$FSH6Tn13P2yS61lPQ1P%4(&HEiBVt7UUZ&@*og#9oL}a4!2H#^krMsXd
z35%3c!n8B8<5c}xD|0Dij63r001yoeVPL5lyWwM+5TzJ>eD#s&out8V8_n$6Ps$pM
zGk4eq!`$h(b9Y}b?}xU#FGiV}(C@FnBQp;V+fUaoCYKK|xa?pz7DW%EVK}llSsbL<
zumb~WF}4)<hC?&}8#4Y{Nz^|Ej|OfBYIUok4?!eeD5P=LBKbHb7GDt62#%AnfY(NB
zO!A3-!0QsX057P<_#<NlV>Iz2<9H90-Hb%7nJPF2JbBUU7cxN@yJ9v4h^;TXK%+n1
zXS}D=iSjDgK<+^@$GL{w*|7(6)^9<Cwm>N8m!*$yP-ruSXeviYzOy=4QPQW21Q9%g
zMEcVNzmI-Qa36siX3~tr2Qk+Xj7fDqChu>22&Pc7mCtDe+2-O?#;0_^53iy=qP-PD
zCNhkXYUZqDDv@D)f+rY>DIvq2O0h#AAP*H>H4tsaVWMF%ofsvPh?WS-b+tI{uw`;L
zlv)0C_Xw1~Je!6F1~(nmbZ<bCxBK;B)~x`wR5+{EIL7r%5Sz$g8?z^qa3iQ|0eK!d
zJ&P%Q64c|A;fAh-G{Emby$NXTC6PH=?6FO?tzL@CU40rY<7|t<WhgLAU13*v2865E
zsyg}Ncr~awfc7QuP!N{8?ShRJJe}d%@7-^zV?{U?yRvVzROL3*ptpQ9%d4@^c|dA2
z;`#@uc$bRtC7LiYyJ1)a2#;F2UJc682;)GG0i-IRZE%Vfa`B;6$QOYjNtTX-;5rr1
z@!1%dcBt^~1^pfRdK<i9(H`RK8yi#8@oqOfWOlgQF4`EbI)1epkzi%{9Ks(1DsM+L
zCnG~re}vDOnaf0U`^M~3KQO6c@kRsUZTs}p04<ds!3Jii*0a2Aubvv9u^4in5$u3Z
z{!W83IW}`ik^yz1QD(!OonYmfMByA!2=A9z_5|^aT~o35wJB!rZtyx5kiN0Zd-@Jb
zu(+zuIY{lx_nKI=Sv7h>@-t|vJ{E3=!2dyj>ZKso067kz+!~w0H6YrMQAijqjil*m
zTF;}wRJy|oF(h}KCB6+G)5HhtLMynZm$@w7$>j(eRoZd038l<@?po{22IlgeJZ`WB
ziGlI(4ao!v>>BIhBThe$UEV=7vT;$QpOU<CU$+&H)z(9v!HIF0!!oSgKU>!Ua2;Y?
z6Yl7jTg8%)O1Q%<q1<+B=KB!93L}e-t)~au030RbeU=rzg=&3}yA3-X-Tkab#%y!R
zqjHy7KGSl!;d|)C;A3@}kK4<9Tw?i5%;Uo6;UMmwHV4Rlt%rSn8JnLsvIs+Zt2H5|
zb0`&-{XiMJcZr?;nPp3HtJw_0u!7Zcves8Mi}A-ID0EWw`h?Xo%Chk5lfchmuo7YW
zF)*yrM!i_YRPQ6v6eZL3Qr~j?`YV|pBrfVYM3bHJo-5-M01CEK)&uF){64zIQwcMZ
z&3NqGDcA1QDc41*Qm33^8)G}=0%QIqopR!zb;=12<4vcW;4PJZmQFeGh5otN45uM(
zb<}{o4xa;2!^Erb$3Sa|M&XA*>#hZw4{rimU{$XUe-2a(RS5qIw4So9;q5>hh<2&^
zxbw!Y7S-@2oi~F_?Se<Z9@;ZK^nB0`nWl&KOb@+@+%NRdY!^(w@0))Aatf98`?m9@
zvLDlFGvrNwDWr7XkHbNIq4V}k=lv%An3!CE_=PFyymKgo!gU0@mpZG-<6u<z5As3H
zKAp>ZYZ=NjLnR8Tk-c>?kzoX+xAvxl3~V8F9YQfacIvH9rjzv666>aS5i8qUzhVnL
zzr*2AcOQ*{nJM+wm%v!(0Ft~bQ+n&iKs`*(suR^NjO!mkyh8?i>nTiE)g-Jw5ZGJK
zW+F#{8V109eQVSTrg%1}{QwdBW5)k95UT;r?0rp#%w@_5-LvV7--P31fGqptufF?`
z=?b#!kI#6;QZ28bqvO{mQBQw-(C(OW0YvP62TJ#Q3CN28xq5gWlwy+IZQUDX9&WI7
zwcmm3)s*Oj#E@u%NNn5K`r(5n*cP#tQh$csBEGg9BK_bi@bV%c|93052`NLfWBb9j
zbD`(s2aJj~t3vOZ9Dq)&;wrd(3cnu#DlP+&os1q4pxhBw+vOl;K~_33Tz`(4z^GGt
zv2)OiO}0`jFz$Ry{2X4^ix>1_(&YZQ%;mzJTso~4=flr!CK%g`iO1pAnQzTMEBBZl
zZ(Sth2Q0ymKP(q>pS3Q{h+xWeX*@SOALk`~NQcJY&~;lwv1Cs);<iKEiVm&Ix^kUj
zrEyKT*Zi(ktO}EtcWBeCENkWtBP+&$m~>x!DJ$>NHX!uX)(<0fPnjR(e$~1#8BZG*
zCd1uc=HvG}`MA%zFeNUMW;>!~HYdog?_obx#va<ke%xA*($jj_AC<8WE3wo1ho+P<
zOH}1%JXnUS*o#D}axwl`7KKi#_VV7W8t>q2h^yBr(~GGC(Z8{;8gvXMLFEN<pzW*1
zmi1LDuk%!@r?1+1!YRdzwSSkH4!!oknvl4ifWm|ua5LE(f8xF#EScMm<P&$l(m_h(
z6L-I+l8#C~amTrFOHs(oC+>bxT<iz*#UjPbC+>cIx)x%s@`=0OB82(G-S3cl;ms%R
zey0%T6L-H?ZY~s<Pu%_9LYPn7{XWGmXfvO<`+d4dOsbMk+}nWWohtdnow)tP-S1a%
zBq;NVyWc;-mfn2g?hlA|LCVaHMLy21fXhO;vB)1Jg!#nXA1q?##v*@61uvd4pSb%&
z6UTxupSb&@yb&PGC+_}eNsal$-5(<fFrT>lV^cps%Vj=s_s8W<hadBayT41c2r)39
zxclQJ&<9oFFE|Wn6Sf28TM*acpFn}=PXfIK3)NttSt2=={u`VR(NmdW^^yHXIX*JM
zZY7lCS%M@NI_3C<Ak{=1%1*%_L6qSPg)@OS@C=2<&A=jiP0?Gx<-49BS3_LI*A&r~
zk;nI_0Ee=`p>$0ViPAMiB+Q{KxTc5%t|>a3UhOqS{LUl3rig`8#n%*((E6{4Pf&+<
zNt9825w>jxg*r}Wm#!&d;VxZMw1b_5zMXy=B(|k%icFmBHAN;)Je4KDsVq=nPG!M0
zMI_9rEV!m<7NUunVKc)LGNLl^kh517{SMB~z2Jto;?WeJeDNsd=ryvZ6KG_4d^$lI
zc<FQkv0!{U0gG8)HB%s<1Ck5Wc>>x}=5uuBx&7)qWP!J{$Snnbn8TVW=MwnC8}5V`
zb1s2DLN-sBa|!&B;(~JtSU(+Va2QaARgc9|$^l<Cf#-Myl7D|A-EvoBR>yy^kut5^
z5|FIVj0gWN&;cW*l7kyC<&k`p42gTP3VVtZ{_|w;p&TkoJ_kh!@4XT?$(ypH2u+^#
z*Y-(0225#r!>+dN>YWS$Kiz$QfFTFx@O3tt3{HP^*?j;VYskx`STkI_Kz2^IUOCd_
z?>Pj}i`Nb4Lgr}Dli+DLK<{^<F&5TEG_kr+-3{St;`zVAbq2(y1MrbufW~==)$I1A
za52}_3T90m9*05b5I{9u^8LVB1?m{_s``!wJ<9skF_L85@WXlZ1q4;Yx1f#iumO<Y
z55xsP&ZCCJAnTX5<4Ywr^ROpO#HxM`KD#RN*Mh&Vm1mYLEaQK>jK8jj-|tq-Kily1
zP?h+;WigwtwxS5K|3j94CHM#qtJYC#XVltTsR93VpBU{tkXw%HSY7p8HHarVxVp%q
z=+dwiIMu;*rMFOn?S@7cGMARC<OMgRDzOHX8bqwZ9?>i1Z-~9JT0B756Ja9~<V8en
zfEn4f{&^MVhoozr)QD~ws*Xa2#lPpS|Kd7$WZwPkW-)IDBxU{BE_VlH$VM4^ef4V4
zGO$&tp)Aa1r_AHlXq7e~-Hl~#<?}A!0<rHPm#+u-L(q2h!<?3S6x5H%*>qu2?MluY
zpk4vUNHtdI%x6Ii6a69JVA@%I28q7{oJAl~dtlKY;LHQj2&6!QJ5t9183V}Bf0lDL
z`+(XDfC~SDjqL)));o|7F1F+sqQ!LT%}$Yj;Rb7y0gbW&M5*7x*35uE9j8@4$$$fF
z1{^eq;h5jz8*mBHYiMNL?Ukdz!ih>gLd|hh<NhwQ7g+sGj&u+oAl;>l?vi#N$nFwE
ze-eoAX?PGS`N*lH+3P!qy(XllvQ4Tw3y;AwaEEvzi?ln-u$$9s45(W<6G=4TW*!*8
z*_T9fit>>&ONdGmTk8)3(IQ?VUB8e-mj2VaekzDoToHk|==!tJNVbJ}5SY0h66ITg
z5hQk_Rnm;gs>sR>qW*UGa;TBBT2eE-&IAU9$~g^Myj}ru<*XyoTLOq2>i7Btr@|$V
z^-8!C742NV1btpi=Tz=uN_V-K##L41=QyCmeqWj@X|_S<hT&*vcT(;~I&*@;{j=nW
z&nQ;$4LA2@6SyyCDFIJBswrtcT86E;$TqYJuaJ>{XvjCwa4d+!#8Bbhxbu3UL>$)(
z`$zi|;O^AJ-9IKxd*dWJ633?RhiVLWBmX#m5oHqa=&w#PIm&q&!TW23@bGrK(%Zyf
z_J_|^Cd4+N$A?s|QU!mVe=Ak|oSN5L6@5vZl>H@wiJa@H@1z0=oD@`8>pew%mqO&k
z%0Gh{ZUB06$WT<O)j!Jpi26>TiW34x4>gU%DFFkDR4VVE<`+01xQXm7=`56Bt0;px
zU5H54<~Ms>#t*BJvNJ+z3>QKA%q+`4gE`ebf+}8p0Ik8sq*1Yh`Zgu$5Sa*kC15~#
zWPm>fH3mVS<z7gCb7--zCYVRc89?Ifh~|^%o$LOHGA(4EXLWzf=$&t5obwsb1sTQ#
z(@m>ZI3AkpkY(-2NYG*My1^Gi-3E_aeM!vg@OF;R(~ZJEfV<6SRFstYYABFWd8|rp
z@|Ps|p6xu(V3yl@cL5`?T#BscY+}@w*Gr6@$rSsV$2jLzZaOV;p-Y9e(G3pnFH_-N
zkhn3qmFVw*-jw_{P}NC>CxynRSSL?U7TOa`jOsHc{<(OxJb)N%_pkp0aOVz&`5o_2
z;L7<6iSOE0;OmU%%@XOY&aRB-EeXDeU!baP!rw6ePk1KHUU<I`>|gy4GR(-l7h}_c
z!G<S+qxy3pFVFsD6u4p`r8;^8AI=e2^k5_TEo)%<t{}V@xZJ!HL^<Nh+?o{Cl873X
z9F5zA5)!q11NPShi4?=DcFu?QAdw?caBdNzmPDh&)7gWh41rr6_Dn%4d=Sbyl|L1K
zl6RaRA8{JQRZATfsczAk5$M_*xZmA2NzFsh>E*0}s72?qO!d}=WsC5Ue<$THaOU=f
zRAuL`AhtW~^K?~iGKd`xyE|RgMB+N-Uk0Q3oXoEt3x>}rf@(UAoHqdTeT(vZ4>#GG
zW^WrF>@zKLULFJWC@T+@UV!|Gu1eGWirAMY*fk)P&%E}TZR!4)iSl0*O+TWfJm^pP
zm*7!Nx>chfB-5|Zoe$-oMJJ-^PtbTLYC<++35;Gm=|2QBO8CTugoy621otKkq7a!<
z61*$GQfVIVANG|<a9n5;*@R?AJ0uZDk}D6EpC13%f0;)vjppoSCXr#dtsIW0{B!7o
z4{Q!$5KD(5h%O1@COY**v6UnBly_grLwax8<SmhXnOuqPV@&;TnEEuAEYpXH`==#$
zD#WEN(~zUrh|}mtn!qtDwfxuJ3o!`p&AG~J+W67rkr;p+4ya?vxn>s+2{|9+S%BUs
zKi5j}`5vh6Qi!GKTT+Og2l)(HEKA?cawz;c$dAcliTZXwvIby6trJkQ3UjR2OTRu3
z<Qza7@9(-HJQ8tmw>@}Z<I*MSMyWmSwrgfLVy5&)F*;VXX1B5A--Nr(M09qa&taNh
zT=Nr?vfx;oM6pr=B3vBe=5hE`!Q0lAmhG~xL&Wu#+1PmKY{2O9JuAaJnP_A<)(<|j
zeC{$h%<|Vj{~UMXZk;NKYz$6@^NBs)3K`4i(p@mh5-d`88li;yk{#|rm9uRkqTwbh
zCduYUv=Ni64;Ip3ud*;+><J@SX!$$~^Dn|jdaq%Mu+t+r&ARd}pos>?ONxp3wwpv|
zh$>uM9?b2Qpp|%#0BtyovD*NY`|rE%w-U569KcdOt64S6leAPP0~yPf>K|2V+~Zwn
zVOk^y<HXKqe}tdzejJ1Hy4{h9Ed|!3RVWQBSx8o>HYouYgE#}w$XAZG#9r`(#BFF?
zvq-f|JCCeAwVj2cBS&2?LiTwoSfx5e!FwRyC1cql)k{in#S~0<1KL@FdrJv!1K9#-
zI~XzPBkd>jZjjQ|t!&n}pR+KbE{WbjC_^DT7_iH#ADNQJH5~q?=kO|d>?$=k&z@j+
zi0lfeK_75H$ha>Bbs!*f83yEcSkE{t3hx06{hy~`kvrh<bx2$a&^Lm(4#>9vSqc>&
z1P9Xwb@=Q3V-vQ6GqN!IokZKO^fWl!1L-^IeFBIVfILTH7>K_B`7?<w5EWBl2SAqI
zquJoJfocIDfIlFWvups^$PbBAa^GVBNyrU>%pidN98!~jOaSyf6fSeE7o2{=*e3Mp
zU>*e511Y{9#3~@ikT@2^Mj#siSxQIegL46>^8kzk6$Yh5z7CP&(oqI+pwcTK^bLS0
zy%orJNKonXK%NC;=|hzM7SuZcq?vZV%G$jLLqV3`p{cpl&ph}G<UavO9z@fypA!(#
z{6!#j0Hf?zrA&-5t4l5QFN>A+gLrR%DBByzG=RxVvGhMmN<KuKkID7QT1y`cxq0+R
zOCJSfIbb{u6MJz>SeyuL&3+n0H_<Q6emRg!Nzg(M19=D_#`z_XrvbK9RhKf|#hc;k
z^qGtbOV!(uc?}??s$nn0A0VZwKajp8SgQ5_vO6G4?^3Gff|?Dm23uANAjaZ|pBns>
zfzkShLw+$p47LWyaR6&DX5rDLVo{4=PD>?G@5JL7klP%4{05NA0a*&!s?(R=*Ok2Y
zhRc~L@p=m+Z;HJ>1>{M3rGRAnYoJ~MFdaXIj^96Qs-G@laXR))pU3Dt2ch@j;g5jm
zbr5=QoIytoQnFPk&rd_1@0EU?eps?AA(jP5z6}F1gaq?#cOVl1S^AL7n+<9vz{aVi
zq%+3Q5X)~yx;<~>v>5UW0TQP*K#rpVsTqB(e@DewoTeG+W9grHb2`K~0VHoO1F{_;
zCb|*G^#Eg_@m3kOL|ZJ5%*^!7ab)g+_}%nR1N{`pW8$BgG^G@o7>gq_GyPc{nU^5`
z96%!TCm`<wBr@(k-~vozxxJL*qmZH7oVgW94U2UpMDi46W7!U*l>{5hVL*nEV6ol{
z$W%a<-ivH3t>O;bJ2+|zT&}3RGgf>sr03B)6(0%Y2ohAh9>|F#sQ3aP=K-?xF7;&x
zsBZ$$|F_yQCjI{~OYlhVml2A5GjRddyMjZl%k^;id+f4(1HPt^4WYqF)_o(~+tHAe
z#sJ>7t(0P~9&9aBvbz!Twn2TY<f<|y%gdE$jG<<VCKddwOz0ddv;ns@VrjT1q{nPt
zaD;K45#k7gu_%0M-8f+Cibt&bA>NF0gl)+_hkm`-m$D=FzVM>q{~XMw(dfl>t&BJ{
zd&&gw4c4^{^p)UYPP(>}xN5SKYB$2#E?ZUXCv)n1lT2W?)2Sb1&|yGF8+16(iA0+@
zB59P@v8F3HH&<Cpw#%YRHI+STDtpvaiW>2Y&3cT2oo^MtY**+v)#EoMe#JvZJWR0j
zt>S^go(PLXAQI{g=;dtR))TNLPiFg0w6lGuppeDC-`w)W=~i#2=~iE+_Z&>`ErFMS
z(|aKLlfe6ZKRng|WQS-@B{;7K=c!Y`OVUA`sSs^u)>3@0!*^a|;POj5eyj%0pYDDY
zPlpQ$ZNxZ2U9nvCqpZevUP}8ZZ17e0?xWTB0V)%10?C;?N#<T_(K|~rFR;nHuq>Ge
z-injb%|s@y>>Y<$GW(U9V<Kn|A&9u++!+`i0mTHDtEw)epuD5;u!j^Rh<nH5k$k%Y
zDKaz6@7NTr1D`*f@xd2*?a5t&FCfmp1f==3x()&=b@s&z5_taKt=Ij)e4Sop5rIqg
zQGewZ9yOf|T@{jB=8A*R29~*&xh#b&FFRxra8AV7S!{E?wT&7~UFLTf_CLtnquC7|
znmO9g&Or9uW+b=eP1MDM;VmJT8HF`}VRV?Hur@^;9Ud$g)>Sk*C>3&BURYNkVXiX@
z3lU6$OyhldVNt|d<-)wMC}QSDqp)6F%#}uAgAnFUqp&e`6ckL<yfiOtN}UJ7+-ejy
zCvO5_t~Cl<#E-exC~TD}m4$LpV%QedLCoB26t?9^$kj$+doT&Ox!Wl05W-w;6n2K=
zk+e;6dtTT}T+H=GVei~D_%Zhzg?+@uTyPY2MG7wFhNH0jilY$cfx^YyaTN9!F>}dL
zI6xw8ZaE4E$_ksg<|rJPn~WHkdyc|Ek^*zlQ8=iUDKIx3g@fxk3-~Gux6Ii$MWLy9
z$V|=*hi2Z(Ty@k2$<WM<RS{3}k)jC*0ky_Qb|=YkhvAW8jb{dkd%%n}$0xa5Zxz?G
zO0I&@gL1pTbXQS?>0mw?1*F7k%Ds>xTt`pHf_ao=Qv4;j&?HJV{Q|Q>aK00)yuBCT
zHOg~6JYhFYaMMA&X@ZW*=e+>fG%*gHMQPInT}qoKNR&2Bd;<TaO%o)#eBKLyO%szK
zR@yW{qO@s(xnJ5eL87#2VjzgprU??0s?DYepn0d-Y?=VxvuT3H{PIl`EJ^>urU{Cb
zHck8(30UXzUI1*G*bNrgB=-Vf(?kM9Y10H#Q`$7a1e7*SoB#!-O%rqAr?hE;#kaI+
zf`LA$TrOEBnFB3(d;bKpFCh!?i6`%XgU{;$5<gEo2%N+^m3T@De<Ta=iC<JO%6ZjF
zfq-h2OMkr9Q-!9Pu6YeO!ERM`e+RscJ0_~$qLi7z&GoF-hh{CLoh$S#2Js3#cadOi
zW7#tG#T9zG<dw_(cNvKq8imQ1Ad$#DfOp);X1^*(J!V>FHV^#i?ng07savM1imX5T
zpncyH5Z#{u*UGB*(J$$m;0Ms-JO_uPAh8_aJPG0}K+XWD^zooNtREdC9VQ%%U0mm4
z2yBPwMf7_Xh+Bc&OyX1!4*_`qP*{sjAod=_NR8Fw-{c&H7&})(=qX4)N$=Z1yb9#k
zB+do#0g(4dYyqM6!>QmPD!vP%0z?j=(hO$TIEgV5#ld{Xksw+j+6<5&N(6%#0`4HX
zFo@lNOaK%a1b&@&n_iZMb)oI<ZnUa#8!%D}lY7z-9t>~O0lg06P$Q74dnM@e0litB
zbx=n&uY>+Ipl~I8FS9yJ2zc_-LDK;kgI4g)-oHZnQ-F%z0d;ol<p$<vB6%sqoHU}F
zn2yzLfa8Fu2U1JoQ+OE#WCXw{xY;Uj?xBKI<#VxuJs~ogeyHF8AhSqN!D=9@04idV
zpRo$`<5ZCK{tjb1N5EkVL^jgT0ubFmE+a7$#H~PX21IpG{i`?yFT=lon{zJx&w|5)
zkhq^-rh<41$de?-gLnnV%OrS}^7}ykNTLsje*pPApbwQ*90E>$f4t5B>Q{i!7&D|9
z=-Y9iF#?|a{M#J~yaisG0226MAOlG-@RADy-xb{PbYbB80oeyoWVk)yF`GV&jT9p&
z?DEr@P_k<w{4Jm&TKh~On@G^wR|2^LfW?)wFnM`1>tlxBMBY4@?VQIOQvI99vM^<4
zcS2xyqN-sG@atHrMEJUXBD@5*>-pD>C<$LTL4>>PwHngeu#w1`t2Icg%6*~9t*)Zv
z8*uZmKcl)!FnkSPJy<ljY@RB=mw}`slC&}<ojxLo&uyJSl=Lv)>x>jXl}})8!E3K&
ztHo;TVZTPZY}nxa%U-)|@9^-2uh%}BGTx%$Kqnd$-wn3!MO3b6_Bv&AN0#66dcE@G
ztG;}n^6EuBZ+7<Tdvw?L=&tY4T`#(g!bZDWq!T9K*me1OOq9yl^}$B0c|-rOva##N
z@8M*io{gA0e>7lkdX~s?pS_F0>wGB4$>0??J->w9{hymS-+&eVuiV6${}*rKtoV|f
zIOFrzxGnR)?IzA@j!fky&YFj@I2gGrbo4wT5WWSfjhG653bZd#CwvL$P@-OV0nqV8
z1MFi7?{=_||820mak+l*gpr0a_kS*@M`6`nh1!pks7Oq;{VKQ1@Ta?f3m?g4s_C!D
zy9d!o-2;%15=K(P>!4mDhkHXOQG<saN1uaJIC0HM=mINvr6&%dDpJqkaj)Huilw8b
zN5G4?8L|_eS^-f6Vmy#>BzP_03?TcG_yojpK#m2}(|-dmXWk5IBLHjKms;hoBEXb6
z|0;#`va9u+lsN#aXa0rt)Wuwev=*Fsk+veiBh2WOKr1BegiLZcaXV3u7_glvo*bX9
z@}g}g_9|;97GfkRM+AJ?7r#-@J8m-m9*6BjO4^D4xv|&Y2>*Yrok;(S?L_8F+6jBw
zSMI;HoyeEkiHeOFhPsn8l}kAs&1X=m<cG1p{B-xzs2J?k<i~2MsvB7IUAfP<+g6_i
zRzP>x;3xuDF52CJ8g?0=_J>v|lvUl3i?N|hq+-wtg{&RZPC;drUi5uiJB}=?9pmo&
z*Y2}Ul-G{r|I`i^s{iZvS*QNR+L8W}+L1AHz1jcP+L0^Oj=ZfM6&JF0RR5FOfysRH
zliE==sHb*(Y773PQtjYP*KQ4aMQm|a?Y3_?99xggS*row*IC=nE-U^1UH{WJVCRHf
z2mb%uZSMas_YG|4-QCixeBT3@E9T{ncO6LUKlX7my(HUEQEGK}70P!|#q#|mTK-1?
z)j0ny%Cl}e+m5Z7Vtufx@G?@<C8*lNEWgx6K$v~RP-xwO&WL@)dDyIM&PA)Ywd9Vn
zT5>6BN!gp0JySEy4a$>pQ=!IQ+iqXF$dLsD2QOXAKvcxt#oMf$Tr#Ll5j86Ybrsc!
zu~{&vD-bv91%+rLaI;)c6dAKxP!t)nSWqu~vsTa`xLGP_OdSfp6J@2KDYY56Stw{u
zUIBcD43}F(-YgT8uM)IHNywN*g0>v-RXiiDJs1JhED>}F9#<Hq*DMh9624g<=$+%o
zIOil+E?$POSLiqHF8+w5Z%=XpvTrmUes}2ma12qu=o-kFrGfqtWz5RJ0Ewnq7#Jw>
zW?f)lj(*Luz#xgTSrr&m%P5;gfx-3P1^%kC2cA|&qSsz0zVjX7?m^HdYTP3H_;z)G
zc#4rHIMl4FO~+9~j@t_lnfj-_#oc`EZC-8mj9pJDxe8`nTfuafP=qOA#ux>p9BNlC
zzlw9Y_q$d)j_W}p_S~xLn^|FdR%_xF%o4iOn(6D;029*$Pm1yyLK^dPa^DByxTqWE
zJ<E-NMs%r5@O&J6Cr{B%3J@_;i7|C}iE0t2J?JE=#2%840{40bi3~5`b;&MrhS(jQ
zSx#XwS%Q<8?x-|fH<Y;b3)!883BKVRYb)u=kl;^upO31US)<x7!vANe>>mR%$EZ=?
z1l=|h$MO-Dh=vK&y9elrfXp&Ao8PN10zMxg$Co6eaGeQq6Imyzq?D>}gSe86qi`?|
z6Y~=g50SA#rG@bUh&RYsf@_x;%qScbItb8s29l(6l1~SKo&#vQ3XR4KcnQR9yPZ-h
zR)c#uAUOM{ra5E7#6wkZc&oW`JGi;b1?ONI7n}g8f@iG@GZb?@aFILpf`3>(FU|a!
z@aN)gB$f4kX2M`5so)B0QRV`7g8wh_-UHmSqDmXy`{Z-a4d>?6x9`23p`qz+ph*qg
z<Rn>=pwJ{~NevA)AW1PX#1>T49t1^26vZ(yi~$pa85{$O8F9>Ej2Oo6eb=g0RePUv
zyBnSPp6`GD`#k&Hs@k<{SFK!CtJY@FSk$UK>dN_a2Vm*SyT9Vf`E+Hrd&N9tmP@5)
zmp9&h^=+l3vYUGgdv%E1(q5h8${#^Fqo&yVUg^sDzRN@T?8l>WS2rnA1k{Lm3HMuj
z9a72N@VcXnUVe@3<nG{P^yecPed~jzq&tL%o=_&8y)zo<)<v>s5h}XDThR?({NvW(
z03*aBK>T^AFv$S%FGOPG<@n(>#pghBE<pUhA>G3O@k}H=3=q#$sfPjLKaNzbhXLZ5
zY9<xki=0y{e;WC@<lzC%BcK<)fr5FW7s`XRlQ8U}>IG@G$erZjUU(s6q2)%VN0@FF
z>6blHdm8DHBDax8rOs6GNQ6Bdl{$-x7ebhhN%_*^dk{NqT++K1>GM6SF$^@UE^-HX
zqQS^%2NkbJo3lGkK>ElgV>?Vr{S%6PXlJUvH~M*MaXtjebnOYe_w3@aO!qLot|@wf
zFut_-J5--5Co-=no{X-|s~&^$Yl`#(m@nn8EPexvuM2v}?>976FYwu0io4+1MYWG3
zeS1^&!iUlPoki6P4B>W9@ha3=EOqWL{vN~HPP+L(aoqyMZ>_QZL&aNBXZs$eA1RI_
zy+peFXmKy5huG!EaX=ZNn8rSdcYQaRFVWYFh`xRe?u|-Va6!PRgasGGCIgJVj^OJ=
z(je<~>mHlXlM3UC3ge0@jlp|SsiI3=-MYR)P*ik3dXNlKaq-E%fbw4UtITKm2n`~)
zz@nu56P6JHM4FTpNCpKKC1r|Xxx2H!D=EFpjmq*Y-034Yh+S=fxdPvllvkm!%-#%9
zV3&81ujJ{ghrWR@ZI#89m-D%gvv%!Wn5R@L18+qMFKvwtX=@ez@JsCsprck9{}QV3
z(rN^xR4cHIT*%{DwO^sh`tcGc{g<rEpQL;PdQ_u2s%%^3t9u~4qz^joS`nYBsh?2e
zFn8ju-T1?(S8~5_7*ZNyrI)wMUqo}gdoe}a^&W&&Z6BOSs4SA!&qm%g{5g!dV?s)K
zU`O96BNUL<_5<fOMmkw?2k#4#hR(-;8^c}PuGPU3!Z-s1%~W0`l|O5@k{b13d4-g6
zD_5IX(1|9}T?Gy|d|qYvSF!2AzjV{T!6_Qcox9HZF53Mhbjb&Bb)0qH#rPxyNBvi1
z|G*-A_hHw)S$okj5R|y;e|Qm&S_<o(hwSkzVyKoqr0C1YKEk5M0qT`fG#jykyK&VS
zb$U-JT8Hcla8=hOdkvGk{tcPyS#Wx?N^0DGECNmAs$QI|suMQN;}D<`7d{lbx<=kT
z6PY7eu;KLe$=(fO<uk~B1Xut1i<5miiJ0QX_gz_M^y+<u$D7BeNrJ2X1<=TT@}lFB
zJ%&Y({C6?gUy5FY?0LAVmnH`clC&O1=Ho25EIF{7WcqDnzQKZZ7pzYX5;0N0an#?V
zXki0{lpfrC2p}tN{OFa?`G<(OI~o;M<APOiNGDN$FEV%F>PM*lL*;mFapV10)@cD8
zCS?6n+<XdG<3aTHz%>2yR~3tmYw)4KgVVJ8YcBsO+}}UC|3~Bxi1JS$zc4K>anFw}
z{IWi1if*4Oj0?u0`CXG>te=Qp;u_w^)%z`mOh+h*g<0A7qbn-Q=V4#)tM2yhBq{t|
zhh`SBnY56~$1+FI$PgR)L#`o4{eq=}hOmoy6EyMI7qmwOpTZsaJFfa6G~4wCR9c9p
z=Ht>wR=7uCJh>ElDSyW|erb>Ff$F>YM=tP>Sjrwbu`vgmweprDQ2j9f$j|&Ema<1q
z>pa#Tc^;~t>>qjlV>*^3v6MaXK;xD6$a$!K4j&nR#PKFsef;|_L*_31F1qs|9wZ7F
zBJ?oVCyI-&`Em^lQ?ij!*8I}nOiCY*9_oY`(8k<DHa0#q&)-Z+6JOM!uzY1yezhxq
z3`BmMmLo_Juvyy84W4~l@1Jn5d5*ieH<0;ycM~66N?`^5;ELNy2uxJC5aTnj@vZa|
zuyKDPYWqvR9FLba!Yel^eb3$Jb3gI-lhTD>(ovj^@@9v$N6y59h5Fy{(qcyn+4ApE
ztsSJ+vtil#+ZX?bHp26ihiW6n38l}tdwlWfdQTAbTUSn9bBn$Be!jT4@!j}mQ4;BG
zTsqD1$k#zF_iANv6i!Mnb$9scPud;wPU-#b4qyDu=*7E#CE$(UhBOGiC@Sv+?yP*J
zlMMIa-8=Ylb`XI>js}#H(nYQcad)Jv65%c>y~I_Za(`jeMnEnckxM%}nRPL0-Q;S)
zFfQ#GmA}=MUjY;4S+1Oc#9eQbG7abvnl_}rZJtG@$NBrOK+2`tb$=YWLB}~8cng2&
zCU%>;Y`a<1WmkdoF2{wiTib0<Gval~yc$>kI#_pXAw3d;dxsw0`xlho&wFduEk}IK
zH7F`<JRw>9L%wgQ>nCo;u^8q2OE*!VZAYb(4oyf~$8JvrnGP+aBKriI`Y5g?_)_A~
zYO0s?sAPvdVA~eP23euF^b`abADhcG{5ya?&Qm(C#l%$h8;$^Ox#GIbQmG(6ANnNr
z8!~RD&U4GTdCk&^i}Ox&K3vYHv4>ymE4^}bTeKuztEJ^5Ogk6Ho^5GI%<Z`mMV+t0
z&%^=vc?Yg~`1t^`N$30VGr+>xleGaBO>wE9JYHq`Te#{E@aKO1oR6PmdVp=;QTg^a
zlwP?o!M}9Vlc4Al4Td|0`0!5vupi<oo`2@K$sKd~aP2u@T3)nA?%07v3y__{RXiO^
z=#D*KjG}{)-JeBkE_!})$3blCEM!l^)p72+<jy)@gwv6iRn{hVNvE#Htt)ZWh_k!!
zVap`B71<kEv<6-wZ|dc7=!cN~5Q}~Zlk-g@Ec!aKU%}O}E_rkPkJ9Y@m(}`V4%}TK
z$odf(?XP@f3`K8|q6<)T4z4*j0n6*YsX$0AF&_`{Fa2ESCjgl88&T<HsC_N2!M7uG
zI})$L)qG#{cySbTv7qAxeBxo0e-IVkgKOwZQKd2~mA`|MZ{yZCaDms@%C)W&J^?u@
zf6~^|sQ3q5BW%m67A)bbvfa*;F;ZOkE8O~oj*O>h|B8N*ku9z^gbc*@We5g}prCj1
zKZ1fHMD>Y0H(Gd;d-8a+&3$P;DN-lJ*@3USn>Ebmk8?LS(=1j-*!+nMCR6xh)TLXt
z{Hz3e(=K&62;G7%QC@~F;bg;fbn~<EP3nWfk?t-#Tm^w_0S=iCzu7%YNKCqCFF~6h
zj^4P^mqW!6LZ6QwIx%w-ef>k!8wLoVKE$DbHu#_#1lX>I2gbJ)lN|iLu0h^?HrBm+
z7rUDr9){++zxhT17Oua+uMDkqZ;Qk!N#|i!$d;rKQHb{k*KAnzb$!2_Cr2#^3eZ%E
ze7RvBo7fE`w-A>|g$>Kt@{Pz|hfAcwhE<db_al2ZizpQ~973t^Q)K^>MeEij8;)bE
zmFL254OfXQykQMlcoDL*S+s~n=dtKyWRJ$x4{5UD3O<K8(X~Bs|1uF2H{jks;i_D8
zadNqoY(nn!EIIeA<nkeQ`hCdVj|-CHMNV?ub7{w#i;^pPe}o2$8y~n7;^|5e8IPmh
zXK;xWxk`$Lp9gt>t4S%6I8j=78rJ=-jRKw*!La}p=HZ&la*-Y@kz2vX$oKYGsV>sv
zo{EzmC!xZzxI}tbr3x#F^tcAMuE6D_N4I-<VhNCm{E76q9Ti`LOQeU@C|JT*rSy0Q
zs=ZCx#X9yA4(S?hmo_j6uC(!28^FyF9zWVpNg4;aH#5W(Xs>!@vhkIdR_2hVB`ChD
zc9N@hp;m)|btxLj)G1u->X6fJ)_N*)3OKt`xYOPJH12-DTKOZp0;BGMOVJ~Uwq)Mt
zTs4Y3>8(_e57ddIL#HM1aSebL9n(cZU~QrIbxGebAfb~_dR*!K2M&(uCiY6`{p4vr
z@hE`wFfO6@lb4X*|Ay?JaS6Sjypr@j`xIahm(csk2a?_oLUun~Lft1HNm4!&*;7~x
zq<r!zB;}VO_hMWm-scJNz6rTaECKO8Pl)%E$UTIM^m<B6ucr!e{s6Zg$JO|f8_G}I
zq=a#xT>wo%L(=%6tI>@iQZ%|*BJe192C9<Af4e%%T^(r!r{JPGy#tP3h$4|gw+oV?
zUZfWBlZ>uE`=aE?H#+NbFO={v-9*6#Bk;&c4j<lC=O;&QL)gqd74BHL_~5z8ey6zy
z_ms!@AYX<D_X`j1Cl9W`L(BPK-(f)L_TO?3Qtt6D-E<kqU9h*k1T#Jobq~P>R3+Ol
z<;@F`Tg#I3lkInBUv5X{Rk%7h*WRId73vf>K6+*4++?X(Fdx9Z_u+!fSSC35EHa<K
zRaoet_hGbh1|B1|LL2t(8kM`Uq?6>;MNv$#B2@XeWd05qL^@x-$5o`<7{hFTzKnUn
zMM=6qUY9JKLaoBQRIAZeSad1#+iZ*0l5KXv-QqgEId&<M^G{=WG72cs)P2LtAl}5(
zJq^@PQ}+_c8~gjfXG%$tYwv~SBP&qozJpoh@@ZigS0o40a7Hfre05z-;Ou8yT?n*}
z#}{H)9o4^}y)&E^!%S5E(oHNaosmppmY9sLfuBAuIREZ4jQqh!?~SXt4G!w1T}#=c
z@`vzK*>FbEUHcAF8*uwVTm>y&pY(M99>uqz=v6F!1ev5zL1XfMce1a{f<hNd`|y(-
z18fjDJG~qo5a7Jf0q2boaNdrE0~b5B_R?Vh<k%)j6wA{*p;vnyi@w@*B#O-4lj(uK
zey@QeG*8uDf=u`IsPxnr_py`i7czYso2Vs&C*z-sxmvyz=^+<%wZ<=O6^Fa!O}b{C
z4cKWP0@8(S7vpjGJOr<)+%b!x*hVDE-ozl&+{@Cx(Z}#Vot@V2+#VB@S|__YM5r)P
zU@DQIFY+14;&_4Yheu{ocmwZm_9v;o1#un96>0MYd}cpB!&Fk{IC~cC(3z~_i=O)S
z1b%U1MSjttO&7w1t<Z0M)g+Ve1rqPWCI0KHw&62hLH3I*I{n;plGXB|oZlh)YZl@7
z)#^nr#B<%JfrW8Z=<B|EDW6-2>|9(;ENSi|VfYFgPwu!V*{6ed_raZ&xEh_`(JuWN
zg^SP<gq*}SM&+b2*WG*(Zai0SidpAn?X$Sja&&RyYKYYnN*fQl4Q>caqZT2SF;h><
zL`L}~_~}`^1ba3zF2@^9!U=!rCI&kcSWL|!EY3vtPQoRynA(od+>Y!`EFvtX1s0!1
z_G2spET#n(e?;yVxC9o{0*l3`BWeaN41cbG;<d=!imQ3?1<AZVA_<XQIxa?7ka@#I
z-1~9wJ-Ei$rxP63(i<?8bf@Z{KvmU!aN`T8@i|=8U6J_~5>GI*12R8D;wQ|^MW%WN
z4w2#-=kv1;Mad9y1GpMjxu(bQ&PSY$U;7M|nS7$B^C||9T)L$8x3OIiUi)ZKV<!j-
zP6S*#?~Wd)mWv+M)fTF~P#@+&zk7nTjVIvhdlcVxB_J?y0_AZ-$T*!XpO|Ybya_kD
z0G4G0e-}?x>?SF|?N}1tBqVj0fE0s9o?->(*PKJw&7dvH+%IF`_IL2-aoAUv7u;cA
z_wmGr9J+PKfORLzpZ}Fz(1LDB;g~N)aX}?OL3gn_zqlBkFIIMQ#20kp^Uy0f?2#77
znZ{(|0Yr(~f$5!rgB@^nb6{yvJ{x*8@`vLpk(KsmpUy|_EL=UOf{)X(91i|4^6$ab
zJOj-f>0X*z0%h`-*80mYLFNprU<uHG{52TeB}uuV^c%GHYg|e1YmvLjp7<C*mv$9D
z#A@6qDx8TFuJn`0^dZq?=3kMSMq-kgcOkPBi6zY3jm#<}_Qci4#`?d3k|U8j99QKB
z$ngA6nJ;~#d#O*r4w1j^$`aP&`%l4B&&4J0zW|BznBn{V9lrl6lwQF*eE*F|T#svj
zueMhXo`=kRHcU$xVA5t!x&amLz+;<mfoE!~@H@OKa8Nj7pjcgw#Nh;P5np^gd=b%^
zRG)*w12_~G9-xIIJWx}d<HK?m=g0?Ki|}DD&XEte7U9KSoFgA_Ew0%SN%??laSgtg
zH%C6;iXi?MC-Z1=)OeO=z9_V06Y`|@mtO~J5jFZ|NAK_YLJ8&71ZG64>ay%C1|@H&
zm+kz$Zt|x}-ezeidAqNO7H$N2e|$&0uy7YrpJ1wZ4u24y>R;v~fh4BzNvU3Z+~pBU
zSo`-S^iQLuf7tc!rx8E?I`p-ZYW`R`C*-=_NiF}?I9j@-M?}dNpQ>GhSGG~|D^Xla
z<Se?giX_N70VYQ#x{~U#NWU}WyLfM`Hoj}|*0hh74n9({Hko|`QnNmY170XTfYnjF
zE;*YO5LOyLzr-a?R+0%mTd#puW}kA(C4Azg?`6GY@~zsy^{o7iL0>-uVzD&Zc{m=%
zoIWY=2SEz)+hnp%?OuM1+`onQ<%hKk`|{`2EMqq5;FvqE!B3Ng^|R1$<t1g_dp|2l
z!&7IWIrx{eG<_Py#fuOOqqry3eNu#uON(n>k7VyfiG)<|y%=X2QFU5mQ-_o#bBsy)
zgh_@yldx+^pD@XGo=K!|E)S^{3jJ)Wc(S`!Sjc<Di*aL#+`uQ73p+EF%wvx~=(rbV
zzx<_}N)My>!{FBs;wn9c%y*FZI<Cq$k@+hUf5z4S17!MthM)Ot=Zmf#$RTZ~Smx1{
z0X{##7UkjQSy14(Dtve`65BAtM)pEtS6mASuWy=2u>=OAtu|IP2#WN(-~#-mmN1#q
z+!rq`O{2;wXzaPTk_N$4b`KORVGs1)#0QQ-m363mKCTkK@N+d1S2D9FGB+V{1FodO
z)AO_K-IlPX`ajC1I#K1HQTYvgVBvqcksN@`*KnJ`tJh<}#hzs)EyL&P)1~-WJtttv
z;HTVkZ}j(3`fg?*jh?>Vl=D+g7|1uz2@w4CJ(?F>PC1LxbG%%jQalNlxIlF!1qx;n
zMwF0UNrm?swNByXJCLplFCWUA#>=dZV(>C6B>3WUlDrF-G>K132`~RU3c&En%NHR7
z&M{tQ<!8*xz2s#V;$(Y=ieYINjcvLLAnFrtTh3&9Z2z_RXY~q}XxIbgO6hJ?co2Aa
z09R=fGLIthIc9D{=4VL!1Q$dUhce)JjNmKYhvM?OWTE`OI9bBN^7>?F{!c{JC7)vz
zplr^KHivD@R(onx6%eZ?uV_J;%}!O<boda^r=xbmLO?SEdyp6dO(k7S;A5s1`<ZJ4
z@_B93QEHGi8Rs%BON^NP8~`~@<sZJ-gAVteeF5ZEd6eU*KOcrKt`g(M>~azAVy%sV
zevY_;>7)9nR@17`);!dk!qxv`+&a!R?Gs({20T-*7v6&kd!ptZxC-|ma~KkbGDCtt
z8HwjG^BQE%L1Ha4Hz9L55|`o{co3O?LgJOU20w|67(mzH6%~#ESU_q6QbV*H3c+&l
zc7wMXyv^V(2C*0L5k6-xR3m%gBWRcSJO{nem_LggK9@%LT!LsCPWw83b1{E}?HoGF
zQ-$98Y3%32)97Mfk8($qoXBKt1AeMWfmNI#QvW3sOQF9=Htcv(l?;(|xq~$XjQqi$
z2mc%E@ioJ=IKp&#Y|>e~iZ{yy4;mb}8Hg2&XKy!x1EUdK-!g)VT0ij!sy2dJW(0K`
zK}YKd8qo+k>C#)QcfAI^k`O>$-{6pxGOu()+Kzq3U%IJ?j(5wD%7aY59jJdZuF_k#
zfombb@LA+O#gf+}aIN6u=g9phuAW!8=KhIo6$KEhDUJb%-vJOE0*K=sATEpmvFuBn
z>d1153vbj=KnVZ1$xY`}Sy9<VK$H!Y-3Evr1w@&sbn~Vr0Z~>|mTpEl!j#DO$?-C}
zi*9bB)aQJmAI4)P4!nN>BN8j%-tI>Fa+LEg-E<o?(traT)8l7@XK+<GV-m*Q3%Olc
z!l+#`hdT+m<8f6v&ua1=mmqfmOE{+z(Qq4bH{lxmG#dS`du?ioio6}~?`x2a(_f&{
zyHWc-Tq&n44<Yd(W;mmG0*SBVN`_vC+^=0@ds!R(UEB&5$Ex%_Nc{v=e}t>{R%C|%
z8$W~Ja~8q#fV|>63)`YBT?`aIjcR|ul};g3TZ=*BlFz44BQePgKcBu7i6yv3`26S!
zl<bY%DqOH>`GUFb1wPT?I#;}}ATK%+bq~iSFFFN@=Q1;hmM%czJZAW!tB|+?*Ervi
zB(olNV||dh5-D?n0S=1y3=|31Iw$e>Y)iT=GR8sio}Gw|I<auio=hgQW1U3DPEMQ(
z3ne9XA8QrG?vwf@lI5g}AwZo`#8NV12uKn$s?yjJO(H(Q*e;qxe1fsnOiocOmS#0c
z(QpC+c*sNF-e?xdd5(v!i+Jd>|AAFVxBN&=<3wYJEi;~pvI3VG3r~&l9Z7-fjD@F8
zV`YSJ-xL3w9PL!*D_zJUU0dv$D)!djz^BN3#lD_*APrG*DSnvjxgS5(q{J$=I85d%
z_7`7@qUP1GCyL`Ww)kya<tO>`bNnQg58|iF!V0@s{Skh88)UU&nbmi2B!R5~`AawT
zsmLAVGye=EzYbUb3RmqDD6HuT?V7HsCG${3_&xC|P{-0QmlCVnyb--xh*j;Qai!OA
zZHe`MiF!IseXWD@{SlmBj0U!1%39$EZrrClPDckM$Xrsp;K>G{EMn~d*W*6i<zKpq
z@TkKNJ1uoH`ALlHAzU55LB?tq?nGa3(&9TPE7Z{A@1VvLxC#j}e?{WYxEie0*^81c
ztkN}PiM8uE_rk;QD3-}dradlVAIC=m%_{CD$*|DnzPoWjw}R*Uw<5T(i1N2P@T^_V
z7WJ?G6*|R~Ry5&atbW9sbCH>&ls1>^yj}cp&N5v>3c6y|)UR8<l2u4<&V!~&51Lns
zjBM(u01l|BPTFL?c@`|=!^q4R|9k|?*bA&%Q2%_km=x4M{|pq@3hJNFbhDuT`IjO+
zQc(YVmQNMbKcDGE1@+HodTBxZ^O@eYp#J%<L3(vT{qwo*b5KG3^S_4lk-h4l&-y16
z)Ib0A=+3DUeSf-kILgnKu>8|KOt0$||9pbz(t`TuGkrxt{qs5AYb5ag{0hroSy2D{
zlaRilSN-!@eoI09^9hC9d(}VxEhxXUp#J&aMEN}h_0MOW`wQxy&u%_YQ2%_^f2g4T
z`Ak1jQ2%^(^U;F(=QI5{lq~)8pM&&wlLfgTZXF^pN~Mp01v^ebm4!S~(LucT=_nzn
z*-X;07QcN24go4<CHAMpqNL+WyZb(WS5kWSTvmAltFWttyf(mGiSJ1|K7zuI)%fWj
z-2>Lb=ex)Ze_%}}lKyX@hvlcFv=7=uO7+&PPCRfJyfEN;=I=<O{h#DR_sK&C`diZ8
ztY6~Rp(#c18s1?-d$NfB=au2EOIggJm)Of>8yX_jde=))+`-oS>AhYV>16tiRyWy}
zUj6C4sl4;apQ@sMiIbY?CT^Qg;6w=9-3jtw0j|X#fdd>KS-_SqMZrb5Ce~eWPO_9G
zZ$a+0xCXDr!TNWmEc!XJPvRO{o7|Vy3F4j4ftJNJxbk<Hm`bJlk-eKm0|3vvrRdCa
z;n9F==yV(f6bd~HGl&ClZFeHX%Kkso?uL|2_tQ_L_3M%8JPXyHME&n^=CM6T^YkzD
zA$)BJ@+bXW+ITn2q0V36)^AbiSGYQVfK1o<P@A|qzk$pmB<3*lC^A<gv4NRKka-A+
z2XPIvwHloQevaICaMcPm%(O0mw<E4vCo+4jLpWVrwGm`qjl|8&%tPk8NPL-@rN}I}
z5F^G_TZzn7NW6fVgOK@8B)-VZG02>N3E#7D)t-mUCM0fRW-Y5B@gy_rk?CI#S2kpd
z<G<8_UkBXZS;o+Hxudv$RQ^CzesNU(XjFbzRQ{u={PbUi_7i~A+F$l-EhpJd_;TI3
zDz0%i&*(~UD#0G&mdOjD*}vrOlC&$oi!#Mm{FgRLE@4dHG+ooUds_^bf4^FVcb99Y
zT#?L5DsOf*$!e9#Z}c%XI5O@sWKY*wsIz?>Q4vi4?t6s5H&OX_qVn%X<$s9EAOCp(
zM-Rxt!10Hud|_0+$k8R=yDF4du5{(>a&e=}5SD9wB?rr&M=iYA-%OSq<HmUvz=K|3
zPwH4W4m38t_v+iy+OG3zyDq@iR~cXV=4RuG+_HlCGzlh5cTWc>d{RC+`>bRxrNAgT
zc3X1wC>eDpNs-m}Vrn+Uz(GtkE`<e(AEYiz_Ds9kQ1@RU#P)LO|3G?`OTQQC)ym=B
zPfEI<ZFDci8&;>2(%wbulD*STE&w*pI6c|NCC^-*>}#dTe%eIibR4k|agj{^8{Z<M
z_`&xTA%AmJl5W}tMAvgxvP#Ca4t(+gTs=6}BEx$dGB@KI<A9g33;h>kT8?Xs1K)!s
z$0BzqO9+7dS@JsMuE*6wK&(1~Md>AAM-(l^7wGnG@TH}V4}J9NWfz~Fr2C8<f_x{9
zx%$I*j{WVaL$)oiP4<<}--qYkfUEq1WZya)8hjzXUBH5Kl6^&te+&h0z*Sz8?AyZ{
zS72G?3|!^QlYK=WmM%?`@3Y`sfNwv6-m6h`9j-E<xL-fv`F-R*!;&+x`Le%MdiG@y
zF1X6)o_~3AfOO}j$X<b~PNW<tMIT1?J{A#Y2g(b(E{7?JqB7ohkW@MkB`4x4162o0
z$-~Hf2v@y#PG@q66#X9A-?FHP#t)UEkr!d(5LfxK<XJ*JXCQL`uKG{#w!@^T3kzMp
zW)X?$a4C8OMQ_Em{BabeNA#Zp_|}Wp{A>!~Ns=9#KU6BXM6y_8@4)Tfqw2j?0`SFG
zB6t(7WZ>UHu#*kk`~q&iPj23V8#m!9uLGRkFGX)e_MdUpUpBup`9LSh{e8&36W31P
zbg!b7#lJFrfF2NI^lP~PAGq+IZ{a=1@;z+fVQJwvxbst7!@s~idFs<$T!t9NvS~k;
zPLqKmw9P-;Q{R)PcEp{<xXSC#PQEXlI}N$#;2Iu9ZE5FM^7iXd_6l5RXII>L80`#Q
zoQ$Q?%v*8eZd{cg{X`)}n<gpl_+$`g-^K$b&Q6QUe;<|K9F=!>hWZ!(AhZL!#kcdI
zE2knj$d^O1RW|<WBXaDxgA3~T6G1rUG8BXt#nn^9aeqTpv-0UEQ~dCcwGFC`56EM!
zYUAoFsWzT)HK{g=e~BLZ`3#S(mdC~-pjDpb%&G4If|U=rjHsS3x=gHk#z{Q8WB9U0
z{kLi|ek}?p9;P@&DI{IIIeseAq-iOvCS6A$J-G;6Gp~=le1e;;-9Yr>FWp2-2~uv}
z6s7mS0<-VMCE{t`LX!OVk$oIj`SfIgFy3}oV=Eh1`BH>!V2#_5xrGInC5uElyc3yw
zSaANC&ri0II-f=MW4J0Wa~+@_E50Yn44@xIH7lGfW~J?-@|&ab{X+T3N1}4qMzX@4
z!(b1KyXZL#rXi;>cFxH6d@cGTQ_hdODd%fJ?)JC%Kl3wk>~};?Xf8&&b3!Y83-iXS
zo`;9sma%Qt$b6F4c&f7!x6NE@7P|{~p}2Tn(sM4~SzLc+(qso~N&OHUC~g)zs~<zQ
zbXL;UEs3>BZ;8tuNvc!e4o(NsdKYh=>6G{a-p60M3Fw*2JB5uz%yLaO8<#-KG@5tG
zjZ-@>xeU26<`4h^7r|1$-N5oS2bOn5V0pKIMP}k|M1?`j%IC;*-e8j1d(VQct<zpX
zXWfUO2Q^M)Txh@R-Jq^PIsdSbd}%U7VD5BHnk>SF#f6D|k-rP+>u_QJxl;Hx3IH|f
zQE6>5>qW>X<x7&v)F+Yn9jg5X7l2Zg_0m3Uc{I80k@Vt+5O}+Xz>ggS9*!XJ!XN!V
zPZ*p*I>KoDRz(_x1^<LFray+%9vJgtT;=nVMF${%J<^xpYT#6crw}Y2;}(Ik_H|ed
z5^nj61Io7}pd9yO07a(VX^pEiMYq_;$!}Whx(JQj<az?rQ~uITECrdSMYu6xyAJRE
z5iXGTGPID~$-8**r~HfOO@et*`n%}G?~oU}Hw#(Xt2x8Qt6z-=UhQ5zgf#!sO)S+{
zGd1uM*b=xZV29!omJ~KNtGlr8<zBi*EXU2IxQz82lPAx`1c!ax|MgJ40-TkukDWW>
zG50t3CkTrXLQlB(Fx8!LyP}IsM<H3>8$ZtD(|LKC@1<@f4%UWzID*?yw@1PeoP|`<
zBjE^`#K%ZoID!k1Yq)sh??k%r9{kj}9<sF5@mW?q9S#kp#>Al*7kZ*W3)mBL@^nE9
zJ^|78f>HL?zVA&>jxv9o187AT)A;^!6|L3#@G}S3a8e$|zmcN=%35VMiwe8q$GMxz
zw-bxHu2(+^<-9rt7)jwSq-zXczO>w6x^x~6{gpere*vYCq%X!QP`RtVH`2BA2`pWd
zyQ@6h?84XgOt7g%N%>U#Yq+TR|AKVkgZQaQRQyWc9(X{a;#UUycrz(6Dn1rVK7$(?
z6~8hnceL5c=qRgcRQ$?VC!si%?t-pVCMC0|#4y?w4RfJU@hkJ>B)Ue$ugsU=78(`5
zqLD5%Dt=|*=<m_m>hwUiwr~+Mdp9L2J^|e<G$krN(=IB0W!v5_qMI5Ozp_|Bab(I5
z1y;7JoriiF6~D5*+&MM<7dE^^GH0hR#4M+>gH+R~_?4x-x1qI5ON@$NSyultGS^5{
z{K|^b>yXi?_?2B`G<T*O+1jo$8jXry*{yLWUaC>?E4%mn7|&=_{K_7+9RW3sieFhN
zFMTK}?2ignVqmne3b(rsK+--+&s8b=DE-YyGjnNDeN>*+nE2Jlq{Gc*j1?p{OH$x-
z1;!bgHBwn#AQmO4ePzdSZW$&eu1!{Us-1wees;dHv)sXF=ZVV#!CN5gB<2u@Ak>JC
z@+@!RH~5*TlYsecS-CZw%;rj3z24PCksS7)WB`h^QrjEtyu(SJF+9V+bkh=ujE)Vb
zCv$d0;t0r;LveMizv%R2k3-S?xyYTtlJk=T*}%JyevQ<?xs5&XNH4r1x^VUGL!Rm*
z&((`lkIiT6N%!eVy}_d8sIdT7_xhw`cpp4=Au?-OaCp+_c@}Eii_Gn~dg-v;DM1Sg
z8_(@qiB@-b=kHW$^!*VYep45^+!VjFT5_4x66U0sj#j5|f0~~I_&wVFEv{tF2V8Z+
zOT$HV5da0sudZF0`ZH2<U8ry3pg2#%d^4RSZ^K0ayWb|;v_HiO*m;qF9s5}c7%8vC
zCL8=;>GoIRXSvHFE(?g>avGW`h`8K^trkRFG6}&<afv#s_C&VIiV}7N`$RM}KIQsP
zwZp%3)7|*3BPvB&oXsS5=R0Z_@Ybs_8g})2=&JhrZE#(^JnHJz=xRB9gCQsH)xs>Q
z;4Q1*JsE8e>)@(Pn-D%5=?Z_G5H70_zJ<ltuvoQ5SrreTEUU7iBp<1bdR_8m<W-mO
zS*J^w47%jq$eAwr8PbJc<HvMK1Bf<Va)8je(_8iHQELJvV@ZV?Vce+!78NKGoEoS|
z+Npu#P|izYpp=sWpy|~B)20S~0A}%O;7#m~sR71q_G*AlErL%J{+SxM59tEsxTyhd
z=b9SeO|J$X!VRwmc*m;&X1p38p?EdGj8_AMx>p0tcr|c3GF}ZZ<JAC($*TcooEjji
zO${&|)WE0EO|J$B3a<w4L&mEC-tlUH8LtLd&8vZbLTg?PP=tClKtb!(07v81!0E_%
zHSk?zyc+lpp7Cm6383cH0AKo0QlMb25(BdeyW_TLfXh*08sKF}dkw(Hyar%jo5=(#
z^zueh;By74lG)S%M4)K^sv55WR!S?U%!Lx$d7O8k0f@N*AzNTm_0#dg-U}h3k5sk=
zs)Wfp>6OP2<koO9<upKr8h~(_z7d{F9V==C@-zzZy;`K^yb_Wotx4(QPOi`+f`93z
zlOaAjHmpzPtwCbqrI>@`61}k3IVf3!-0>{gaDH+K+kG1{H%gU@lhZCijrlLbHVZDq
z#OoMlAhnkwb2tk&oWB&|>-f-ym&3OKSJ&xDXM-$WeFXy3prG$W$o=Pi_76_(pNiaW
zkN;kC{d+)u@%z&Q8+KftY%4;d|0tBDc!`ufOUmY6jeONTlv={;hvCXjxIga({Jb7-
zy&V@^xn1=Jnjc*DM|~kdJGeH=B!$<auiXSufuQU@iz&*j?sZIEjMM_BLx{!VLe(Km
z<7<Lwn}WIVMgUce^o>q1zbO*TgTKZWb1>4IDsd&|QdQ+9wPsFUtHY0zw7s=HFH>(u
z-A++BYuJTOQ8-K@oUXIaUw~ZA+2>Sq1sdrUXP-aJs?I*|0H6Ta5L7H{pF4d}{thZR
zRZ#c~(p~?>0`*KX8=GbbuMUm{!j;x>#o5?Qn{a(I>9wtm{dU~(!j(-eO8O`9ujXuQ
zY(K#V1V0sLWB&;hZo-u}y>Pu6EqUR}J6^al<Ap0B;e{(RUbs?^dEv^87p~-PFI<`N
z!u5y9c;U*--rZtj6L`%+x7gTB2jNPS(hJwUamx!=iV81WdB+P^X1s7^H7{HbMr&TU
zUWbequ7@Mzg)2wng)0Z(g)3cQyl}k(&v@ZVbbH~-mp+8A`k_LZ7#OI?*QTmp*bOBn
zSNB8O%T+$%<tn?`Oa@tDh&K>K4aq_oKf{!(#GT32zoB_ASC5faoLuD{$W<b(K%k0n
z70a3(7aBzO=*3;Q2R|cqlI_3Rt>I*pa<x|PqJ9(0dh8BLP_?YDbMisC1Krugun3Ly
z$>bl<%I6_n-ixaNOM6?2fumoE6L+{8Fx~cf9%{ZFnYZ8?KOLDnU1RC1DAqc=cuH&*
z(-Z5E`UI+d3>TEjRZpvkVlR^dxx9<7opi#7LoH6J@L?K<Z%~oK=c9Mp3c=eabrs{m
zNccSVUo>FlyL6R3@KkjfeoD%_11uP%2r4cgA$+qRav4%VHGE7jDqNh7T*4aa<1%t9
z%9^DM)7o25Si26ni_&hvXKgJq>(eT46p}h$@qSz#Y`-gMtb_a?SzX1D%dbUp?*W!$
zF2Axf*+<f~^7l}_?;zjS>|A@%g~@)b-Pd`>d25pWnd~pW7q2*=$@BomQo9|<>}no1
zjeL3|9zMLrq`rF@Qu6Meq-*5J53|bssB%>Q6{wN^6v?ACc^8t$XmS}k^K4DN5T(az
z@<Akz>yj4!h~)9rHEf}Tx+iGzag?6e<Y3d6Ao(2WMfxcuPts%;>YiLD0szPI0hmWL
zzJ$Arp7kSit2~LjN0hpeOv;Oper}0<ZzkPu$C_1TeVMN-f$ob;$j@lfeKwx2&Jm=}
z<GmHUw+&MVB9&D3!B3TU#<~!=vUEi%%^blBz8Og+;~y6rLZ)lCI$C@_+rVGC=}ZvY
zEG~wmwfSuB`ykqH;+j}{77hw_^n4OsMP$0Gd*Jp{k)B?MPoJOy9GE+ppGJNH*KD@*
zeb;_!iK@H?FKQP4jMkg9wRS=6opCiULgoM@_QN%KEiy^(yIliIP<aX^1s-lKAVwGt
zTHxz;JT;N@e$G`Yp%PDkpb}1Bq87IJS!H!H^(|M02;gn_Ln1^&$Bx(GzJvgnb`EFH
z!CQ-ca5!V45B`u#n3&@n&V+`Od(j9P^1(M@xmc`$FF1yLY)4dfe{aT-`K&*lJBi`e
z^=*}3S+sE&9&5YKEh}S%Ye!e1LS=0qShNfMgF&ze=~A(~b{8^TNAgDZtjm!`J8D#P
zUyG2frRg3DuSakdKhK}9@rV08N#WV}sq#+Yn@oL)DfXl136e-vyaE5@AXmVk`Im0O
zo=4JLzZ4ZF`0QE0)~UF9CCF8E8E;>Q{I$4nFuvZ+O7BGG9u}N|u*jT){W~%r!&O_8
zV5JxZB&yow@Ka}3iW~2_8td*|;-CCmRQn;Wz8(LhlJg$a;ISEeeG)jn3cn<Sr0{Z-
z7f8ze9Pt2uKn*KF6~xxp-)z|Wp~KeG5w@26F7u6!%^|K)t8slXi@(lOSd`h`ar+ci
z+1DB6f>GBs_@Vmk-WfmDr01ht=blw%bN_~`%tTpI?0iyu2tUnU>abG1OR%>uO8Oon
zdV0!C|HZ*%AB>WJ>825+Dr@kKMBd)-pWxe#tFk`XZUQ%ML;5P_*DOu;A~pXWnIGZm
zUyIlcy$w#cage&OCh6;)gZlelpC-$271k#G6*hQ3GWW9J1xbIM1y3RKSr)u7>F;F0
zY1kNiHm<@MNq-LuZb#-dEI93=bCUi(7QG+Yx8NGs3-T}RA7feN#x(g8$_5wWy}$Xh
zqB{98aFp&a`ZZ9<&`!8<Flz0ID;a*ZtMV~CJMxXcXng|rFSv`?*JSI_ZT_m|i2j@|
zXW@F>I;wDGCxCkv>edJ?`3&*c0qjauhLDaU>VI|CA*g`6P|l>Equzq0FX8t8cJ$M`
zlT?tOTM*-`5f(?X3bqlxfYcLz<E3dq`@e}UxA{^U1)2rzXWD}HFGbpd_OpCSKJhy`
z!n6hLXWD}HGi^cpxktM?Rp(D0(zl@fHzR#yMV&uczg^J&KcSlzw4dp96><KYhw2uz
zpJ@x)zY>tSM!xDhzru10+P@g-8!GDj$#M(Y|0J5cy`s*aq=-9R(0(3Uu%P{{V?p~%
zD7T>ftp8A|&Yw(M(0+E)g7!0QLHqB(v)?s?sdqEqc<JO*#X71x1Eh~>QMK&5epRAh
zEvQbG6bE^q{7X>F{Q`R`ivvk<XS;i@zbh$a_$CUA$FK?qL7Zp<%oW&rQskli;#269
zelCqCCTgc3CdTr=p{({8)+2V5)F+VIiK)RK;}l0)9A>&+L=*B?e={B|)$hY^x&A@?
zR)$;zeZGcvw+?OiR<u(*wuh$|iiE|;VPuqM<p#%Ed%FhHO*B;TF^aUW#(HlAm;N)Z
zj#s&gY_sc4F2lOC5ZsZ-j`v079S=pBvCl`DWc)dNd97<NS9rL8`7FG+Hk&Vg5HEcv
zuCC);r61$PkA-(lyug+J(w9Mx@c1Rw$n5LfUG$8OY%HZE_fuRH1IgQP3P!}h@RVBN
z%Of%Hil^PjZd^PXCkN_hqT9t<_jAz*uT*~4GbMO0Q)^XN=q&aQ7GPTyrL5JU`Ii=}
ztYPrzMw)-=CP>=Zry=z>4EkwY5OOOnMSj*zIMITuaDF1EH+DgKM_ip>bwk_}m5O2w
z74@TWMf+%6a-EZUZ^LkhWw_f->2TLZ!~G+N%d;KDW1C`;>RBm0+fjV#476Y6(T<`!
z+EL}vj-nmy7?JnuoMluwsIiV+Qk!{fs?;m4yj33UDE0N+i+flC-hdw_XT2Lg)ui!y
z{Bw&cH6HCK^%t*2k;Jztezl7&PSo5gMu*H{%U`I2PCEI;<S*6-kYxJO<k8v}_+0fE
zY-f}o>m9|7W-^=iQ{Di#AXyUo$*tPxg0n5AWFp#3QftFI`Y=AjK6Ircoyk|8&(_#-
z%Ce-J(NrpL?PO*nOXY{T^yB<_jjvhauwg#II%8qi4*|(9KgiqCTIgl>1)#OktQs46
zl=u0Qls>>GnVcHIE6Zyt(>(f;cHjsr7AYM;=#B}V+4MMgqsj9ubH9RTP6gFG2Uio@
zy$8Jk1usM9YFxcMwcf0-jeC*38&}`KAP|0mV-6+^g9z#kl11^SS)1pU1`*f}W&^U{
zW9<`B`!`_Fxw8SDbVSY5jSpO1U;Ez^s7EaTk8f0<*?twx_QI9;J*u$2l+>?rbqLk3
zyE<apmsTG-Z&IcQ1stm8WZ;DI#&^=otN&*A%+Ywpw@DTsI07_(pu3w|0%h_yG>_7P
zGxfis+keJ|Zv!EBsC%GbiH3V%_yRt_4{>zzj3KV_Wynk-F~JO%1$IDUdtAxj?XH=<
zkxAw)$Gu_ei6t;T`AhqXgTHqO`v$7l|J!9q4WGbEb%KMVN3I2yyRu~dPEU7W)wSyh
z_Y7X7jc(#Q7r+QCkCWKbV;Am$0;^WA1e(|Sh$Xu}D(r>cujB}lMHaJQNMaTcn4pWp
z7m=cqAqiPPc%ke7E!)POTq8LYQCwKasui5<S;8U+zQWE-z+^@_W$&DOVY!MhI&eyb
z(e;rqTK8v8xHQ<83Ki!}B=Z<|UaZFRVyB_ax;rm+5nqsWaCXIHgKSn!<glij1a!Ld
zVu#`mEd0B`*KUHfxqu%yvnW>kLwHJ#%?e+-W19Cm%q+%D{-v8<fFbtiG0hRCPXbJj
z$JLa;HhRMPV&pHv)q4Rde9$%F6BTU=UOUy3ald#Aey&CB7vm~of}Y%l#4XHRgUq{;
zxDQv-_ZipF`}jOK41kS~6vB0e@@t{|cgNf@t<z)f5;!1v2+t5bhrYwkr=2>b=$ZOU
zeh!?SB3V$COsEu@@TS*}o{DA*N8razn2RSNO&sA^G}U8`dx3?@Y!<b}i#))|Vjb>A
z2_m50j(>72x!Bi~^5WFbr%;B!i!n@&;o}&Co(H~cO2_b~h{Vpuc#5?0pJBK;cWSt;
z=UOMf2~nJ=QjPJF<3pwAF(tM^SFM}Y0|L?=k3N3IVT+SQ{vie=dwxbTMWjCpj6Q-3
zC*XIz2>CxF{Tt@bPxfJBJAx<}5+n{#SNR2QR5vg{T`wNlfZOYF6||TE>K38+W)xk|
z;y<BwPY+^^q+{ue|E40kdA&<qj+;2-2m{2OaV)ICvvqdSVW`4_!r3f64?hVpQ%LT5
zCsqQ|_x!b#OdVQIUWDO3jdE5<uSt8;`Q81EV)uCWvBSM-a~KaSNmh*(yLWHw(b%og
zoAy;#kDz+m3r%!vg%$AtHg!<KN6W?T=J0s;`}P^_O^@Z%yQRf$FvybR{BCKaJO!Cu
z^4SKn<t2Eyud;f?)j?5ZB3;&h?C=SV6C1}PTlLv8v$ct2SwA1aeJQ9%1@b^gu1WN;
z!8YQDI#JM!3%bxsrl31|M4Ij4BhoE-ZF32n5TlOcExq{{uNr+tIttcj55trFz9DIM
zAnJ+~3`Sj%f}#AYT)V^ezGeNGE?CBZy$Ww0^}sH#8YQ^LTAPBUmn&@W(OJ3nq;SHI
zL^?J*SEsx}YEAmLB9M%}cPbQV!L%=shuF6{aS;pVTE95Hd6o%;GT%SY0G#>6f?S92
zcEP~Hd^!6icNXQFb>-XSo<J{?WZPWjvNW+cbYq3k^me&t0R<dcTY_~%aFRpB63ZHd
zcCfasmbAUpno=$#VwRCS0(&gC8U`1|!H)T2X>O-nsSaRg-=a|V3agaq$u5~v1K+OJ
zYkRxAX19Fl3L*$T@i9-qt+llp2e{IK#*xmRd`QO&Gbkr%aKfs!5lW;kg*N2Y!Tq}e
z{DpZ*qp=sH8w66C9^9XTq)OAt!TtR5Lb;3t1kb@qVdN@^xGLhA)pnmwDfSNTFARTh
zABZ!A#a?FVdRZzI_Lv@H4QRV1X^@l)M-T2_Im$OQdXmO;jTJhxP2we83*@EU4GO?2
zYxf+KUYTBv1O$<Y;>qzz6UDu*|22q{p=fN-o&6BAjfM(oHZvdv<xnsPVAM3Lz<@x>
z_ZD_=ehBQ=>XFN3AR`#C(*qtLqZm>s!-&R+siV^e_GuV-vODAWUOK=xYbSsYGejLD
zZ_GX@(cw-m!3eZ}1RWW9O28$0htNyXfWCsfR**9dM3Q2P9?YcxIV!MnfLbN)?W)n0
zcnoMhuwUO>5XH7Rq7eY(NTTH5TW)Q=qC{0SqH0S&LSP`D2#3=(0;ds18Az}*i}|iR
zUb~I5dyKN1gfTP|T5BQbJ|)2Z!IV%J$_dCB%sv6|48_=;PN|&v%&?+&gy?mgGD<BW
zbU+e1LF<A%w8;XvYPw0Rjt68Jna|o;m|`N}Z8l&Gf|wjk76N5c{h&GGZaPb?5HHGc
zbF$@HI5$gRF=5Z+kgrWgIF$KDkWeF8{)nGg$R}PxakgkM<zw5BcD9XQq1CSt&RLvo
zD{g5!ks^-B9qhJmZAUo}zL<fDNv=>BforT;tVM@nGSafRJ@OWN44n}kRfcOLF+Fh?
z1M`*gBnPh>qSA=Hg^p`R{&k_<=@PL&!bdu+psXUaA>21zapci8ozj`Aa~Em9%P70s
zD7(kORRsZjvJC_r;1&cZcZK?ut_Dc`d}PolYe?B*xIc}BD(KrlMwvqdjAk)wGJk9V
zS|87{fHP%hwUMF|F<VJJ_GY$n)nvp~Q_7q|`k^a|&^f|dUR=U(vKpj;jPz8gR5Y|i
zBCP#zC^uU~N7ed*sZ3r|)dTM;ihZ{l3R$W`uQyZ@cje!0$i&KB8<_P3or!f6A&`O%
zsF-g`ML<b=OxTt^VYeS!pmvDt*0I->BJsUdi~`g*JrWrS4HF?cNF`1PJJL&6E3CQ$
zta`Gty{WM3RVsz32F141+5_3)>R<=6g$Hx$<5l?(y9oJ3LnEj2<7y+MK!R)3$vf8n
zN2NrIc&MrnD0-<-vjQg->M9jPYygf<D&X5;s<9d-4iM`mPl#OsxUvu2qp)lm$M-7b
z^cmy#E68C!#f-msSbF9q=xoM19C0nCWr5hqjI^4(F}4MWMiyr&P$jHYQYH1M*q)WV
zOs?v{YATxREkN%GywEVVQTx=hY8!d$hYI6PRQhy*<k3_~1q*}bo!X|;WslE(#b<dB
zhtGkwQhv~IG89qnbk{<s)D@s$p^;WBj|MD{DT2q<RDdY~bJLJJTai1NMJ~<EoG99|
zVS$kZ3m>LMY%0JGiJ54g2U?&H0&RXoAq(27iiJcBObipWn2&~@s?f)5)QU)0Ff=Ty
zRy1FPsc5#46c<Pdu6k6(#Q;`X%|>gOYm|-AD#mD>8|6S&%iGb>3yi*sUR;(UaT#eJ
zm8xb(gbtZysDc6WXC?Z&A+|#itM;;^UsWodfik+XqEoCzsFp15Oo8_R?nyIyFTyLV
z>A*jIil%-O`x)S}5Wp3HQBm};>)N+yo?-)x=PFrUP*sAik-Uknx(+!v=kz9UL)pJ`
z#u1P(x&$8%Ue5OHHe%~BtN{v!Y%{Rbs?`Za_VGTaSVU9VW5x}nyGWcBw2!f6nUiW|
z>jT9b6m4k_QXr@DRh2lPIzQv6tMus**(ypmOqyiv&t|1z-oh2YmPv|0CJTHc5|L>U
z<M(KPf!1n7(9LWQKuNv9RuKSEjrMD;FcTVRrT4)=y+bP3V3B4g`Xd4vhXg`qG_MK9
z+*lmbj5A9Lnq_P~VQf7+G)^F3N*;@~tOYSe2AR&n&sn&0e5ow~U>T2i#{yp9n)xwV
z*`x%ME+ZOS1@OjQ5GchwHIyQ%3N&NHWa~3(XE;z{EyoQnk5sPfs8J^nb9~X!ik(Kl
zj!nuPjJpiRZ6@Pc7@KXkIZ*c#)B_?xvdpIQ^K98rAT?;rU}aE|jCjOkH4)4aB4;ch
zXWV4jER#1ADsQmbn@14lC*d{9;v}zlu}$$+^xRuAzAk6^tYRpksTc7XjF~nl*}8d$
zLrKF>(rIMhWn|x-MTwb+n?niA#xQ0_A$>#>x!P++cVi%+B#SXTFce@uY%m`&n2##V
zGx{WuA+@y0PH5>;7L@H4qw*?R(c)G(^9!WtgsxhaWJo4ZRdu0tteUC$Ny@4?5b9h<
z7O$!zhwL%74q;6!io|n^cJ=IVIs!)tzHGe`O8_eV+L)wf1K4Cqtr>yYbWIm~3*jxM
zXt5!cm2F&4q9r2AHCDr$BLmW<x8ohQYlg-)^Q1_GWw906K*lRVw**^7sh}FDbT?fd
z#LQGI0b?d=J`r5;iZxeMFj1f}j-j!=HVhCGts<D3O@&~`%$iNt#Cuzz+owqA59qWB
z6-GtXGU$fynA0mayp)I-nFcG(w6v0yKxSL8)$w>7BulI}2mD|n5NCORcHq8ACb6~{
z7DA^fC@9YqBW|iCY~pz%Z_%R7c2-?>!chriP*vQDRR^0cOBAr}OqNg?#v_eY50?e<
zb`?>c-ML^-Wx_b!M}(rE=!G!|HeiJtlzq$jx5;K~#(J8r6W;BNFr)r<`ZCW-x=_)n
zWE{`bmD#bn7muIw8#S%G3KuSSJ36o?y(t(5>!!!;kP?W~IIMmDjLq_QV|?gBP*xLX
zY)-$Z*QthUS7f+$8_Y!W5H}f<Ti0eY#x@adT#s?L#kL2A&E&A_WqVvk3l2Kf&7<FD
zU9L7)V?arwqS;x$2qyQP6pYuvd`~cFr9oT#?^f1wO_8<yimnJO5~31G)3aQ(jWJ#E
z`%ry>lex9t)~J7m2DTGbW?*}HJZc8Sm>CdaQbSicX*NrldSV#l8?Pco=Cw*ekvVP^
z4yzD=6XZv*sm*#OtIbienag3y6D)MrG?o(boWi?pZRsF-Z1!bzl(C_61X9TgCU1_#
z7&miTm>?jozIoc}@OZ_HwUv%L6|I=6&V<zNh>?2o^tFX809jB~Swr(WugM3EFR>t%
z6+{FtmQAyTWXcS9J>3U!G{?za8|$=?jN=)u>9tNg-1>BwCsteaZJtAeXv?h+7(2CJ
z9?0sL9LT){%RyYJR`wV<t%d(fD_A1Y?8Fsz&7B^i32S-?G^jK%9WM}-TL)|tg&eWj
zqUYvBb=^}^%wHYKUsyr%SnD+O$C{~ibV_uQN@_P)Cpx{k5Hn6JpYsH4<D5Y;i(6D1
z#az?T$cl&~t_~Yb#vMVC*KSiH4?-2gFbhRL1p@0;Vb>>^%PK&urDNWjhZuPW>*=jT
zvL)VG9C)Y2$}OuR;TD3kaw}f2I7g1aK)PrIQ5(%ZY+ex0Kq7-%jMl8-jHN>zx~Z%j
zEjATY;D_u)BQ_iQJT0<Rw+;v&%pyG*4jAJ8E}%Kr6mHo9Xc2s75H_u>Rt>nW<snix
zRoFpQ2#1CIV6zrp{%#BkakVp2_Ob?>eDoWE+2`TWYw+l!<mOxZTd64{&bLM|8*v$&
zI3C&~oJOl&P<I7<xm7ovs;2z6mYT9N9$7GA=eq(-iTQ3-NB;;-wc|t(yR0C!s5n17
zK$6x+#=*m*p`Cw+p<%2Q`kT>%9I})0ZbFsWi#21URj>&Mnp_iD8a2ZLRjfq|88IP-
zEhNk|oPwR8m~fKOS*6+OQclTHD+K|vMYBSv(is-OZ!NY0+c;w7B!n`}ux*E7_i$zj
zlG#Zl0^2U)#VCrIZlVpX%qFj4@z*S`srX@Ar^N=@GZ)|@n}PmT8MC?d7KO%EY4$dw
z>F^RZ*7gk*E7<S!Vx`OI8EgIdp|z-ZlM-Ir#EYFKA!5%${~GLVDJ@MqXtcBDL?lGM
zdphHC%9T>-AF=9$2eOL#?~uJgDTogZ3BE<sL(j+JWoyLn{|yq!FVFt(kVwu7Y_VAU
zoWO?cxLlWQ@+&Y<LxF@O4OVY8Y+_>9?Ri<JsVlh$6VTTavm>f0Hm{qJn%RqW18OB*
z4AwOnm4!p><<xYMdaIce$?X;e^Kwi%8;1vkdfG5=y#1xN)-X*<Ss$16!91hp6c5`C
zPEHXBb=yHlA%19PXOl0ct6}z9^#k{AK-1Ha?!aD=#|zg%WZ6wO1J!*~3LJ{J;GW{F
zNmUzM=<<ZBOR~M~maO~oK#j$_ZZT$gohJ=i{c{JELfmcyCbuRHN5Z;__y7^tqGBA8
zjAx}~{B}CJ1$zVZI+3lb4h&E?VW3bupd<f~lNdHTY`2Ub<WMOK2_-ID@KT`KI+sAi
z_OdU>db1)o3#htZYJt2pyTlfQqZO;*bQUHsuy9Cwc)O>Lmib85-pFiZ$AH7jvqH3?
zYwNn>7;GT(BzNYd`dG?FjNhadGIU0d-=m&hB;*YA#GBMmaAAp$8mHg1+JM=;l<heR
z9g-ry@QgOiw@f`cy)TbCMCqiqJ1^_Z*G!#-TLkBLpvYNfqfE4#6te?mOe*$++i-Rt
zEaxq3OC<20%$i-?n3$I(vh0G%e9u}UR=xGSz?a81$U<egMJCO+@wLL!a49xM+<MO*
zF-{yU6Lp2QzD3YKo;G!dFH8QBgQO9EX17bX^CDI?mrtk*P^@peVT9AE@-3S0xNR($
z+9WnNH+A$GjzM^^#K7xSb>num;BsbEnP2=Znu|Jp&U|kPmX_%>MVnHvgM^CRVKw&1
zuG5`xK5Wn<8Al<=;G;38x}MX+-SdT<d>}sA_$)t^7{fs-P7f>`b?S6>cq!L2@W#mo
zcc%jF=PYoxXy-KM5Vdl0%5`LV0L_AURdUQHtgt*R05N9eD{w$ccY&%Lt7q0lMuOWA
ztsqI$bLHKp=dz{6R-gg~Y`<MAKW-oRaf$Nd4z_c<l)HV)WW)~g05UMNJZ}f%JX4+}
z3D=$4aq7<5x-ooKfF|+SE)8fxmLpz^C0V|kQ&U))6$3|Rp1a3|s=4;Sup>mTjI~?*
zIz)jE^*BY_E3T=#JJEJd3<uIFT*o{!W!C7kbXGAg$7-o9CBZ}#)HtY$o+HBQK!BQa
z&I{CR6<^Vq)tEPU+y^DsvPnhY^%{+9H>OKGpUE42q+jO<O8SzO8(pS>u8Nnz!?Js}
zEs>{CDNe(&ueuNJ-CD}Ah!|D*io=dsF3?Tl+&i5nVMo0$egsIC(@>!Rahp7oF=QR<
zPq{KzC9r73+3KZlZ08=FE4=8SPo&R_k*jiOz7U4$OfQG9$J34@7D`8QV-!t;lPaMd
zCt9`*{wa$+$N|cLyzL@eX#1E~mN26(;yZW_neLA!21}(_$D7ym%e0$j34t{b-UZmo
zL1#ymTRW+D=*}v>RtU(fCdJn->XRa-8QE-CZHxKoAzj@9YpaCo%t$yew-yT_=6eY~
zr`TJmL&ewBReUHHqXQ6wL2$2%0Z59ShCW=4afVSP$=(LSB-y7`Qtlfh<$fwD_cuv-
z043#tf<Q+sDk%@jOG<<Vu~Th2@<TXrI<%djd{&1t2#A(P(hu`!6zLZWvcoyHn8l9B
zQ=baPBeTVE6GvsiBS%e-ZX{geJ%;>BMtgQF9^;3P6)?Ji6T`=anzk@?yki^{D5!J7
z5+~(NJD$ic#4_?ZaSa56puEN0B{^9HFPe~9rJsa&*$E4Z!gPi`D>IrZtq6`+)Wwc*
zLxNy#hoG4jdz3bE9==(Nw5@|LAmk09thGhx`;ENpsCBGv(E|Ri#b^>7y!l$kYQ8RT
zP@BR1QU*_+(-|9e69iz(pp6iqsv=>OneYeMG2L%I*3h2js5V_D%|xq@xx=CPw!+li
zL8+Kq<Ir<(kO0%2s?OSNR0d`?Umulb*qaMh!K{wWjF?!_&2b}r^}FgE&YV#R+qK4`
zShtCc{LEGg0Fl|KrEg7U3s3f-0-cZvRByOddzn}STOc}oYZFjeE|&=?H|GG%=t-=C
zdYh)*0;mH~fL;C&nWKF(Pa;=NK$R1<9-VFc-ODH{$*?vRkd*Vml^KLe5{ed?JNQ8j
zo1Bw~8FnT}&c|ZbU<P$NuPq0q;MxiOQL+bgH!9kRaDMS}bgJ$=<Gq05s)neYjCXow
z|2w$Cx7z@3WoL104qlm&=d60P^t2OT&49<2-B4wEkRC-THuAF8j4?e~AhV_CI5M*a
zLGH%<4LCqz*hmAegnGUo?u3R*F;B!QZM%7;oeAqY9-#3~y~+ZQt(*&)%x0&>kxoa5
z^&Q29pCfHy^LcZi(0#0|G@z)@i*<LFgU}1}X#xh^Z(zwtJ!NrckICf2z!)|&v`+Bl
zR{s>Q!gR&~5;d>;nsTCxmSDD?iZCphdX|BRqnXuik<=+kXI6JJ%Q5tXnSf|66$){X
zgit}rvtJ~U>nq1cqVjXNS(qbZRUk`(ioPMG30uyR7V>uD2*@sbvX6wQ2i~)|LNo++
zcowHb@Dgi8TRl4Q_t2b-JB<0i7b_;?+0L}ibTG5<z?^Fm0}EC*K&5(0a<fg$1uU#8
za3!ck@0oX~AGN~7R67Jz)m}$OR-IYe3E3Q<P?4!j>W(ak_@Hc64c0C(OU1sQMsN)1
zG9yKeYXAf78EwPT{vB*5o#NAmEhaCIP<Z-qLTAJo%;03;+pJc%@5)o(urI}tAsCs0
z?TFUli0o0-?nFh*%fPxI#nVI^t>N$4c>pSn>{GIX1ZQ%OATTPKD6{Y^)aK_@G{cPB
zF^6*cC16m_JcDC}#8fH8TS8q*mb#M;P6!9ej9S`l5;<OX3k0okO;no1J44F$To%ae
zvyT|PjGCy!Qb3-!fvzmWD{0TNy>~3m<sTs~fwOF}nhTj2CR&8u^I#(gv$i1*xOe(e
zV{ES9MUP@hprs0%n{mxK@HFW~?XT&b)lOyfl!(iL8(9r*rI}#hIYXoDkMLmgQ8n$>
zox*YWv{M~Ulm{;uLsnR53bLEyr2jAI@gK1tVx}_tfg(G&ykr@6IAYjLWD_Ib8H@+d
z+3M=JHN2S>ir`WMZgezW7R+if5d`DSHh3ek5*)DGSaHE1vy+WE*=~M*?Knn`tWk8d
z>^(Z8Sy46M7v3OM&5)aE**#0@kh(MlMhIwUF1zi<jI|Qs$4yLw)xlZ0>KR=LP<x}@
z1T8CY;<>qw!yK4%5Q6DK7{rc7E!u;2THYq3w^3fB=njY@6i1qjG}pRM8y~cH6~lqj
zR#l&|nW^~$LxVUyp$6#L*^pM6nc<{f4l1Tp^77H}Pgd6RmD$ni-g&kxoS(?@WsBDi
zYy)G-o<P}NVt9DRWC+?dG?-nK*)1oqV(eiXEe4obP`1$<;F>pwK}2d01qXuotne0Q
zV`@FQ^>L_LRmU!n0u5LTnxeC74n;Lsw=R|jvtL;%I8WxruU;Hj7t06G7zhv@^dcEN
zMNAHv)E+h!JCfxlgdWW5NlwinHeDf_2|dm!;_O0J+n_nIf#aBAHj#wQvPclho|!)~
zF)ebz5gNk{wvfSQ%`0X4cpeycqE&Ev%+*>jXL2QvIb{W|D#bqV8OQWiESawkmf6Cb
z++oR<LJV1c>X(lp=kWq%O}xZRI}pRow5JzQSq5#VP-B-8%2mqF_A~PMMPi=i`E;|4
z=@4Z6X^w@khx3f7tW~uA9ETu>FtXM&L{KYI;@A^;)-m64LrT*)NO!h9fwt(_7%7?M
zDTkEJ`}ahAF{~D%Q?op}F=~iuF>J`}<5|QYG-xYggvedr3BuSdGAkKMHt@0y+>Q|Q
zaoyL8oUh`Bff;0BzcNY~x3KV{+;XwXK+IG~X87tO|LM{dxJ?WK@QHGyBLFtyjt^y*
zC}cg{Ss(4@D?vP3FtI$U2ea$6LpT<enW)ggz*`AGN0tp^e7AKs2!{T+QGG_w>x3za
z?qWwBOo}nWi($U4d%NLTC+5Z$g61H;w`30i4>18bYE|EBM=`EUl)1O}V$2IkDN=)5
zpV3d`uwt~OVQOqX>zc0xT`ewNS4-5xHo+IOcre9kJL6e$c0Mdw(#g>i<{C}a%0Uaq
zqthk#uusU<BlTK|DSc3&NcA9_4sK9!)CVPZ)x?3^85RU>N91mLSjytH%61_c1DQ{d
zRxkz5llf$p%%}2XKAk1=Ib4wWJAAA#e9tUy@C$VR8V)Qb(iV{da`vvgo^ZpL&v|nT
z9FfIu>>t{q8+FOkh!|L_WkJEM9^Yq?RmM?dA8x&HO(m-FKV*V90?r#4nH8T_treeu
z$^v1FTaA7Q#>s6sKFn*fMnkiWF@gEM8TKvqI#p6e|AATBsU(w$w$>SQ9OX&-n1GS3
zpK}^DIZ!hpQ#S!*L8y!fHJTbIP85y<i5Y4zNT`53#6<rXYl~WQ4>UcWp_GH>`RA;V
z;Kp4j0a&tV8&IJ$xCpgoVZ^#eq7!1SZ$>LYTBu<za~&Tw{5Z!RANzGIL`<M-O=!)+
zFZhPQ8Nu02xJVZaV6;b%xp8Y$89b}Nz_awOkzr21uMn*r)1voaghemt!0PZ^fr1G<
zte*+yEf7Y+Gt)8+5iglo{CRgxKT_wy1phegfSb3(s(F!(L6ME_Zj&j2+gt{37OG7K
zINg~yx3|kwb|Bf_m|=+yC9+j_$h^$eUutX9%RKI|x`<UHH=gCXK)a(Dh3N54VSL)7
zDTKfP#qHcGBvu4{u#4)OT~#gY=E)U+;KRFTW#Jy?%CfQqVD8o6OhES&S$R(?g}vHM
z8dqhtu^M=*ePJ7nz{!RPVzc`QG@a`f)#|?HfWy1{3DtVXuKl?yb3is?$AK{by<hJ^
z*;Om}+;HxB2<v8L+o3uuZ4(eCZ_EIQx>^uVT!Mu+lPppWcV=-E>ZK#_W>~h5?FKKS
zVv*x4W#^C!L1m-Y&Frx3h*d(rhGgM)JpRp!@5_=hpsx!pF>4Q)Fdb|qwV^<2!_Kr(
zQX4f=$_F@WM?aXZWLF|$=AGdf9GKmdx(dcgW55uG*Mxr%JFQA+URFZ2%wLV01qW0F
zvKsH0xXlWasWd(R<GSc}axgi{z#Ha9RvSdezxBP?$$e7fDc@|~*$|3`KU*Qrn-Tt4
z!SwP-8mq&F$F0JR(Xu=&W!>1aVgR|dCm|+~#}>kLcmi_*W>~4gR-Q!u%G$!r_#TV<
z<KV2iD~s<;_#ny+?;Dy4Zok<$%|<f0QwFN}=Ehrz^Nb0^L7Sf>fOluuJfb;km^Wi4
zOl6_~QZl$426XWwS2&Y23G&9p>-Js_X5y&4ajTJ$Uyu5m;Wf_V1R%@Jj8M|k%Hy$z
zh@!L4quH4~7EEAfta4`L4FQK$?Au3WczIa$&?$m$4#He$1+K7%BZ!$TMNuAkz#1lV
zULVR0nKNSngSIs$QUJ5%2mrbqVoSZ!r7-ah0XyTdVy>wZ|FGH@+dI*^s~XX{5rm)v
zMoq$3233H@Lz<w;nUR2VYt)<=oLB@l+a!D$;^6+BM%@cEA|;fmIbA!TAaXB4>P$Dq
z4O^iyrL;Jmv-akAvqK{kTZrCiIop6p@oGW%O;x&%2g_)Fv`)6bFbqH6K3xJ?Xd)Ix
z_^^lT^di;&+vF7hZH#SOX?}6gYuhQ!Z*RNKOK1imw11Y?xpoe3YFF6C;#nr$ip-ql
zzBb^OH!*jNkqF}tqKG&}yY#l$Iap6CT(g1$O2J*sVB9qxs!FuogkHQ(+C9|Bt|#vi
zZiH<aLTY79#SXIa^%uHScn5zuL=nrzRi-_*f{y`hXJiFQ*D}FZ`mpUlOxMWEVRGYo
zW?n8aEXfe!qsleanIp_bwo}fv1<y--at$=$jyid3ES8MQ0-l4X>yajoqfV+Q(8Eoh
z(<u$JV<O)gUt-HPzZEnVD0W;eF^LWewdhO?r+a6cVKzxR##f(O=@>^NvW2lZHYaFB
zlH%rkndZmTLLsgOb@1H_@|8Qng1?OKa&!_{R)sXuRaiD-6wB<gS>)o>3Zi)N#0zkM
zg_Lb8ho&5YtAhuIV``;62=F!z4+bdp*Y#GFqsM+yv|l^T0;ixuiH@$q&g4oMAmh#W
z5Ir|QE?S2ddhy)d8m};mR2_%=rboukv@d!%7{%tMM^n5_+GA$a7JR<)Ft;`NEP)O>
zejtE{+mUB(4L&QnxC)<#d)CVje59w09Hb~Tv$mvK0)LM=3H<7c^&F$4xi$xB@%1Cs
zkwbiMX9x<HqZ2nNji@4c_y?+JyPxJsBkXp^yO_H5Px~+~bsvH8TXBwHqU8-+dCbp2
zy1XdwZso<;7a&g;7PZP?*l#ez8e*1)jo%2%K|c{TFD;hB#^k)eZHyej7OWkTuVc$`
zQeDgL85`m>G(uGy$3V(A&#IUN1S?D?jl#@X7LC^tq<I2ARulPC8K&F0m;k{SNekO!
z%OfGPHSH17E~Z$}ANHXWr!iU=Ih8}Vxclj?P$&N~4lk}OV2!v8LAJKEO-(%g16$Nv
z!c*X+vaZ8{q3{euMSfl%Q(ahm!93r;f<6PfG%A}LZs6vdlt);wNoe#Ict{N<2e#r!
z#`*9!Iyv9MoGrV=uz9S-^l4Z#>8_hwUWl~BT?9t9ZVrr>2t2&anwtO<%BI<+4vn_0
zieTB3x1+-mTAhOU$#OeSb|vfJqJejl^IO;f-KV)9`?BjiC$r^Y;EM%;5q&Uia}LfX
z&>*o4?3*>4JV%#9lQUV%tsoU_dy~^mfbG3b@Oy|g+`58{hk{Dcr%#2og}Ahx+*csC
z%9N}T5I*^X5d!<Mqf=H1s2TJ3eJ?QxD3DzCV~IMfR?ERn#4t))zwLqsIA!74UqW^{
z#LpbJ3kL;aLcvx^%!*{Kyz%T&Z>|EE25kiu<oKZd#L3e@3(fE=F405_aN{a<mYutl
zQuMoEq?CA3oBQrjb%k>~!*M2pPy*6VXhz@E98^My7o^(}%1Aql5{hJIyMpVHfl#!+
z<Jn0N&Wh;i*a<UPW}C^9@jBQ2WIKp1oU#R>8Q{-JG38+7NzsCenbr(*I5#H|;r!|5
z%rY~JD&o4;kh4W;(F>$~bDqlLuW8fH|7%jyFUJO5Zc{4HIx)Yrg4+3adkHv`3Q}?p
zu7R-#%<+qoPY7NM+EUXXex}`)&h(h5qR7I;V!oF#?R=lSRgI?ktbIH!i<j_GMdhF2
zU<T&qSt@9^;53SN<;f|#b`K&7fq~*>Cgly?ZT2?COkXcC+!lk@(;%wuNnw<L_n9=J
zrvvv*JCA9#uiauD8?&`_ul&Rp+evksFB_XVySdH6k&`pJ?@d4{P@|~nSm$u9>QYi>
zIhA{Jk?aI42SgAlBg;XoE$q=Ll1K8i5q9gcTdVl)cvdjd?%CpQou4MTk!041X+smO
z`ASo!bEXxiZQXz8#<IAb=#1#WBX=uK$Qc{PT-aVSs`lwnmiIP19U;_9!3;QZTuw78
z?|0eo+8IZI`7~soX9V>taaj#HA`y0lt?69T22X>0lbhGZE@%d5IfDheM^qKC(q;$T
z!%#nwmU(|zcF<G&0t47YnUja;0U<&EU9UsQPj%}=hptsNB8t>?Q#d4Y#@yzcGR}gG
zban`bl=Ht)kaLqevRSmyMZ57Uw*$((ew_nB_lQgOen?dVx9%Bd*nQ!W%d=T#G}}Vl
zShP=^q_#m#J`OCHs#UYL`NXm*(J2ouw|q(eJ#v(Y9s+m{zpXge_AKUQ+1k8o1fO|%
zty?M%)#TQN@f6qlS1i(b@ivhb+Li=I-x<%{VfP^Sp~IL>wvU;bFI*Dzf@*~w1c9zg
zZ3#8VdW{3&>$Y)a7FxvGiLSH|SkW4)7x3|1eG8|-Rj6W5FpebLY8R2uFq@3%HrnXh
zs(|DorVKNVjAPI^c{^YtX3+Fx8`h2>W=3oNBUNU@@^~TmX9kG160QZCgYPoGAOQe_
zy<^zK+oxiiNQeko-iXzWDo20XZ8J7{+b@2#fs889ECl^-YQ`~JS>720q>-YBl7Xe&
zd9@(GNmF<XQQ6~>Z)s6J=8KHqDfvP^vqc)Ra34;1v3qX+z)G-Z9-lULHlL_BOd)J2
z;gg}QNHkAuATfNO)=3*ZcpOO^+a7n84_P5PHqV7%bkTfO1pIlaLx+`M5@4`$LhSz+
zgH=Y3#v52OhgFiH5@v+wJlD1&S3t{oxUTC1xb2PwJIf|eaL~yP?dnnzq1^(GIJ9Hs
zEJpiQeX38CsAEX_zxwY6{Lj<42ZM%3ngI-9{NdDr8^3OSMB~qYSTZ~QnZ6bf^LT{y
zEMot0mIl-5MtV(+)h#HoyhX7^WGlTO%twrKf39;g!dg9|vqG3Fr`|wxYRoTrwLm5c
zXcTy*ja17%2$^W%PQr{mvfz{tO_VuV*=Z_tCI=tsxJ<yp)NKn3@_A7ANk1dHG9Pir
zSNuF*Bu;Im3#HNe*No9m;5HC585M~H@udTV2eFNEGfE@OUEL&K)iYz}>k>x1YuGMs
zRNyRIfNHA=bR8v29?oM!CRH|b5Umm^2=|02!)TeLJ*@!Zp4|9^i~Mg6?Me#mzMvP=
zDa;$4q~vKv=QOPrpn<UcbTJ&hP<N+>#^!9AKo8Dh2J(2inpxfnj`jSY1<=FOc+uP?
zx9ec*5Fs#@^<WyY&s>yokd0A^?3j{%GHW|qoWyWSV&R@`W-@J4nmJi=hD(^)12h%X
ze~G@j-bhHYyXU0q1u=G5poaoHnejA_Sb08PV5{9@900o~7qr}<WMRwmhI}m7GoMKD
zb0+M&`z5>0Muo@^9`oRMXt1SX<Mx^Hu@VF=TU%1L<uOoAhP7R^C>Rd$WT>6(;3XQK
zCzH}Z%<xzINzBc`P4|(q%%2IAg{^uLUZgi8n8qhs1zy-(owl#KWta~>hB3N;QqFL)
z>>oa?$*Ocf#9nMcc7VATi}fKO6GUbodlxCIOL4Q*711sJ3aqhk(0=_qh($9PjN!wv
z<5qgu{EW`)evN_{iN><ZCdfPX$E|ROgYXd|br~l65h?mTV_M>gSYv2_ZtQz;?sS4U
zsLQt-+(F*l+KEkqr)wlbAIv%&GgJ99-EsVMC+P{%?-_*@3pxJP{U(euUIlOiX=Ukn
zPsk6@*>tV0usT^8qp%t`DK*QalznJBE38_+#jdIm;f3PqY}QdJv)$(`p3I&fNo#J*
z=B`rwm3GsG3v9+82|N>;i?)h*44RqK4MBH^`(3p4<j5y0lx)g~jYv!xVVvmESP=->
z8K_QebNrV5f*VOK=6rD(4h_Z|$V#cbO4)sC+r`le1A%2C%IPwyMk(}N0nmeELlinV
zeDF!_UY^*6#Bjl~X+qeEU9WAF2rP1j3Wk=i_p0Yv{CfQkvQ`hDP<0<eh60UO<ATEp
z6eKxh+Jw>^Uo8kP5zR_c;&q}QO`F%sF!O^<T99X$g+dgOvAW2i))}kYDF1Am|Gw(t
z!DJye54Iy;ZEx(fBt$|cxo^R%8p=gsx(s!b<#Yks(Kuiyzt~N3+c^>xE3%LfW$fIf
z5r#U;qOnfc&9{hia_x91Og#!--hzEpkz{=6qOi7hzTaHGU}l8a3Qi`e^GgKcHpf}B
zKyS2LWH!G%PmuBGW<1-k(}HMhDg>f)Ymr4Ase-a$!kN<H8=`q9HV-197$?=tSG$!M
zW79!-uhp<tnlr892dvcMmsZ;>#Bbgkstx6kx*$co8fy7ag&g4x#t&#Tj_cGqyx88%
z^O}A*Ga`gG5g@XJ@C;^F;2|D26UqMnjXo+R+R_(9ZgzPLi({&Fqy`aX$MZaU#(Pt$
zP<-9|S9(n$c9=ERuyx-~vkJE0MVZHDGcP$Unv9d2wxO4ooUN`d$_7I!QClYdO7*$j
z`(S)v9v7=^$A2@Oy7SX5%IB<`Gzuon?sx_SlowSdm7Wo&Y_5^sv^k7Mdy3uT-8dzI
zWuF3fq*jd{4BHSuPKtZrU0nL`T%4Ua&@x7VPJh?U4uV8$H!~3B+HTn+Yx%@`BVPA_
z0PM_@XUP`nt!QmohBEMx-sy4Wr(F)Q*@bnt*4)OdR38L4Qy{X#=Wk(*`zdU{+8J((
zi7)k=Ohcvtwj#VU%%!*wM2F)JS<`4)#8I8${WEmUTj#69mQBfxX<JVQg*jM@h*ZF4
zzjdxFTJf|OoB5s~GSS?F4c4u&abevEn>JReiIebABsExd8UwR$I*z>?KDQzkh?;G2
z99K|!{v^;yu--;hQUud9qBJv1y|#=gDf@Xir5ZI%BMPBkM@Bvb+mvkuqCt#Yzz#Ge
z=4o5cjyCug#!>fZ;@A`=W)~*c4c#y~JZ`F9>~evFNSMiO%WDPm=J1Az9ByepTQ~HD
z^FaaHcBs?ywOdWm#VeQ^@tL^rEv%Tm!q#nMeYSy3G~kvGAH+fctPxB(^<j5wn_1f?
z5V5+wI4ol#XQ&IiAqH1W;)oaSO6o>K8($3rsc^NENU+DaB$-`oiD&q5YB9`Oc$B>T
zO}z5>aA*e})0<}nkCliA#*{x=SV2X?<{h14`Q=77+XFSmDLxLSh-armaDtY);0u$W
za~bBM<-|}<Ln`<~tSvQ<oQ$LdE$ir_sM4(v%9}kA_vlKV2b&{i1x;*}=WCc8$t_ws
z7^zpVNf9MRk(mBqTp-v?R8J+Pc0pw0jfZxd@>vZ$las81vqd}DXo$SFTN5pKWX(=h
z1#)b|25!iWk3N|JZbzQ-bZ+rDJU?d577r7*$QjE>6`#&p78TiMX3EK$>be++dd4MM
zBWSngn@77-qY6gzjFW!n_xi&Tm#mt|K+EJ#I9wP6Z3uF#6yD|=^KE42Gtegy7pM-2
zJcMT6O*P#RW(uLpEq0rN%bcb2z%;6Z2_YED@=IHHm#tSAN;O&e3zZs7M^K9i;7E96
z*(kf%hlBsoUSyj&ljjmac~Cd@WmE?MUG{2OC5sLXaM6mUMAN1oy^4@*oGr(5N*LN`
zOBkojG~SqVs8vMH>=JD|LYPod6T-|gdkEi(6!96pHxO$CIWK_OQ(WKqKgU|7Mc#WO
z$1O8K7>Z(rMbz5u|K*s_9-;BT{?SjjM`n#4plomc36LW3#0i>8v5x4BeeP75vwI>l
zJ~}Mkvb10h-+q{ZZl^0E;RSixiP#`-w<wV1oaoCax?2_pSjh_l6%$+a37(jP9sP50
zJ4^_{HL)MCA6kq-2{C{r0u#SstJkF4EL#U@L%vSx+QiIF<HUORR$_cy31G(}dbFZb
z;o6FZR%khW(MsaxP3IO+ViQ%kPbSk)#;PSOx*wKYyLGRi$JU|owaoTAHQ0J;1J*t#
zYa>IojlOaASwz!O9H3z2R7}*)Y?u&8e(tM*#GFDPgxwiO5@m4NG9z6Us}!JJM&#2!
z_93Ng%Bm2`@4q<@gq9!|3OzVedVwUe6l(!_&TJ=69XB|n+4tgusvPs$7gac_@mA6^
z#AT+Sx}h_fUmN0?g=fAMCn6=QcH8d8<vDDA@EfNmb(kNk{AqQjPLl8qU(;#Z<~0Ms
zusC1nS54xB;1+$VEx$#y=$Gl82APTaltrVH=Jmj$;mDI9(+Qo15%f%7L5~Gbumr*<
z@QmDbf2!TtrYs4yeusu;HK;Mr)R2<wu+hzotD^+;3^61;vBT?y4gm3IY0Z3S2@AmX
z+MEG2K^ehyvxsZKLaU(kmVU;|M5GslhZzbTty0vymmEX3I%g|1%~TCQZ7NWE4X7=f
zDXP5Ut=N{+VGLa#G?em4hzSsDCa5m%aN^j7M@0M$67E}N46v}`EixqY9%#arAP=y|
zVqV@#=88BfUTJB;S2b{ri@p(NvM!LDM_^#9cv99jQcEi~TYYk~wz+xbs>F{^V>+pB
z*bLhaP7KfV^|hIFC&8{Uj7*FI?DR#<<J(8C%>?d~AY|fVCd}rAMt07a`B;~6;iM^y
zDYI3=*Pev}=?Io_wg}jcjFGM2$f$NJM|zb#L%bD}lm9RABz8C3XukL;+5f2MirDAx
zWeXvw+-jl=ewc}Bv>C(PNxoLYTqU0^&IHNVue>r~ywdvdl{{0ZC~VoQvw1#wrPWQh
zjr}m@`5=~!Ax@u{jT6QUvyB-hjTvAJnO&m3m9j7&*fKZoRI?G{3X@#go0<K8+V<Xi
zZaOvt+I?F&tG8wCkqxwQGV?Z|Sb%c!1?!0_w7LT#X4>-4gWuo`dmciFj$~oDwpNfS
zL#?nDZ;WcBA8~!FjBu}3ip(#4c~I$sINlO(Nvqa~TCWAI;gp1zDgS`bh`^_GY#SFw
z&NC_UjAS5$vS1ECj^)MBGlHJ$8)I46bME+A1eREts>w|L31>=$%)*Q*w-~9cIMe>B
z@LW!uh#wkX(ay0yOVho9aCP!xyZTDHaU2tc{g44Y7we3(7CTTX`je!@!e<_=B170}
zVzobm9}t*1htK7<ts?yhc`c;8IrZ3T#r$v0>=pMjeW)-?&cT4hJU?STDh#<}o1flg
z7hJU7P$1D^qiL~R)zwPHYed~9Qmk(KRRa_6bQa65p~ONXyt*ZvkCLA|qt4e)&$jQf
zV<Dd3WtU?L*odODdDv)k;u6y}k_)*aEXDG5Ea_{-XzQ7ltX*oST9i-XHCJPhY=9on
zWbTupWRBcUo}#;DA5V)X+AS2cd^|Mp#AF*9$b9|PLFSpVis88ukktmMZrdR!1dI3<
z2?v6{eZUdvIuM%i<af^6UZu2)NRX9ou|I<-X4#1Wz7=czL9+}fd4=#I8qP7Z%%*6V
zaVjpWkS!eMKjmv+-s}`QvM=N5nS#R)+<`l4DdwTPRM2jB#D-W{#jq7{L#l(ZV{h=1
zLQ1`I@(5vkcJOj`X9kWroB+w1qXw7kH{N$XBOHgWm9%qy&ti~Y;?3;Uv{`>s)Qub8
z%~H~PX6!;zY#Zhyn!e8*>4Q(VoB(QTmcqoJ(JVDHz?t_I9Y;9T63?#N?Qj|ZM0C<l
z#h1Z#DYer~>Btq8eYO)EisY76Wu=^W&Yh>NAZ_}obQQrieRiuO8Fh|YPQPHXZA53R
z(MGAXT^6+GHg9P;31m=p>xQ;b5{+cKrnU+p;!cS8!^b*?e_$>aL`<L3X}_UqfFh=4
zks?5p5tj2y4=&<7d+Lw5Z58wkWU*9f(Zn;@sS3!M<TqrK?q%h?&r~vG!h^O5@V1J&
zRTo=u8OIp^h|Stgpu5<dGwrCf4X9?8gEvguVZnfo?N72}d&9_7ozAe7-nL4gwiCYb
z!PAJsqre?4IPmzJ741caPrbHcBku;Bm(Ug_S%u2hFKVl_feWB4jJC%H2|pVRSpn8!
zG6go82!@{=N`agw^5DM1#vIz5$dU~}FLE+xixh?QaQ8gP+PW>_9>)Q-Fr`2w4X?S}
z*)$aZ@pp7oIJr|fkUo}ol%DZ0F>1mZg0nKF`(-^uqpGSh_C5JO?7aziT~)a^e$H8E
zpPX|tHbdtr9Vn%3T1G(v4v0#C>u?=X@BPG58Yq;uq)8{*22uw=kT8i1hCu|8aOH{$
z22@mp;(#dE017f#L?$m3R1}f_?|t7j?!A+=fd0MTcYS<l&K}lY>z&87##nt%pm4Q~
z#`JM!JgH*6N02)@$0!WbdCQ$|9vR_0a|Z}*NRChWB#a_^6%in3ct`=a$)y6TNkTIl
z!aET<m0NPjrX<`=H<GkDY;TL5j^g|xdI_a!6qe_%G%n$yi?hi>(FI+*S@0%;|8!J?
z#lBwj?qsszfG)9mcuOI%dgh6F9NS1p$}ASRZ<w|>ZxbO#DrhU?cVhTd$-=~tLnPu^
z=f|M9WV;A0NMhPA&1~RDbkhd1vj(WKD1@mU@z0@+OBly=9D%SEa*o!}y}>-DbIo>9
zuQ|ysLZ+lSE7T{jHOwM7<LLV8+%5@8s;dd%F>H|4QKj4bmA|i9P_nxz92NGE#X_tG
zghZ9B;WZFPj-nV+OH)D?#zqS{5hc>h@F0sb=dUH|8H^R5wlPNtGe50AN<35$=XTo+
zeOz*p>%&VDR2nu%C;5OllTw%?9{LEl%TVYp8|Q`#(-_Ne(rdQI{aFh+4HpS=#JH=F
zA+tTz(!|Fd81a;~H+frym~=|OFJbW*Gbd;?G%ik(3*&XZA%VSSh{h$>KhDE(T&KIh
zyaYu8SaFf=dwwJI>}acjgOQ{oQtBF=Q9=^N>~y7_{B-DyRPJTO71)#rNe<)F0#GZ+
z&?m%G9Bijpq8Dl3CFrD+Qj&&DBc}$-Yfj&!gT*h47JMa`^NoUzaF-7M?4<tmp7ul8
zNs)pE3JRWb!z@M4b>c<`bwETy9F-!eO&UV770z$=Jmfl<SFcBjnxI9au|dNiHKu5c
zQYJK+1IeTRm%)Ut!JP$@QCTTXgmEz*?4SU35Dx%W2;mRcu_R^*37QeIe>yG`-<ymC
zKFP3@U5P^(Hhf4o&bNjgX+lY01^P~`XM4V%cTj{|ld-1^(0C!losl^l*;e$j1k&=*
zE6w+!z35vK`1)ah6#4B0rR=a13%=UahyTUllFr6zl#)?15=1#GTbGZNWD@TCgX&nW
zxyW)|Z+63#PXy#~08N<dk?l)pYfc>nH64G>?iBal%tixkGC*3S{r0Hl$;<8Fvs2|G
zR$fUI*UlDCNYcZOh%3!5CNM+%L4Ck;PSyzjP$(Na&&ua;IA5Y5e>WRC`48Xcnq&63
z#yh;nwd`mj-zRD1)8Sn60ffYB*zuENlJ`ievw4p0B~?4$@W=vphrr$flOLd3=#0We
zBD~?K%26PD<+JhAlJ`a%chPT(*eA{I-Z$haF`xFc7eOHL1-^->jApgJi37;Fd-~Yu
z1MF3T3c?in`kQrpK}ZfLJ5W%DGyPaCK;9js9}$khBL_1+Yy<?SJR1wvv^TufXYx$u
zZT=HJR^CpN)}GfPj3KRR{D<D*e@@fsp<&bHJ0&XMPJGsjM4@sf^KOY89L5<2Oy4N5
zosEL?@-0=1#FB`(1_8+;BcVk|Ill9&VvRzGrQ$Fp9gnh!Cog@Vn^jGI$dUlCAsU%*
z?lP@LsY@Giv$Yjt^G`djH#GgnhO}-D>~*w0L1=xVp>=&kR?21?Xb2cS${18?lU?M_
zYxW5u<Yt{AqNS&}mr0A?Kt4^+1~$Levq_;~3J;hGD0*Xqjx>o_LqUAK!oDMwCmDLz
zsN9u^j$NBmSvE%HE4h?dcY;`D`F`LueJNBOkVr@-BHr5DG3sw;4s)?k70K&Wa1)pt
zMc|GU>K-x2Kw|{^3lP1bG{D3xe3=^5aZ`6C8A<Ml$~2)s!8Nmkphsz%uQcWOxgQp6
z;LPC2q_nV)<GM;(pm7eguoUt#K4yq9Ls+zQznvC2$n;f@(IR<kb{J7<=*^gAj_kZO
zr-6qOte#0Bf>h!U&IXb$7C%&$LXGJvzRFW3q0#2j>q6ir0qe#g@Q``t<_GgEjmTkC
z#P?N@69Q~t*VTLi<23GAp<2ImMMS4NT_ePq2>}mRw33dvph}$x8z-C-_Gt?Gd@1_V
zHkw<SHn<9^G+q06a>4NqLPr6^HH$d<EfFv{W<rE)!p54Aosb8Od)N$Qe8^6qLXkuP
z4`G*<q<r$oQzTPbgvXm{94S64m5r6;B!5g5*?HMrrRl5;aqWEj-b+>{AuR{nYBK{y
z#z<3=I%)l^Hk15aWf<PF@Bp5%i3(eKwY<q$#qmGVtfZ>K%nDQ)>?2{ODI9_b2uQ+V
zK=<bnp(e4JGhuSSw;kiimJ{Y|7v}Kf2`sL+P5>g4B1!Bg*V80%Xe3n{<0mGO4F^LE
zv2X3x<jdd~8t6$6?q<<Jp2-!zCef0h4$%u{Z)-P)M1_H&Y(SrB)SydffjKd;{acI;
zE#&h8QCra5JbLSGaw(>XoDLa?Q<tpD?64faYnDQy&Q84A=&TsTH9PuFrAkgFvE8r#
z4O8bq`}G;oR*}kOG4zTidL8&2ZsjmeK|1j)On7KS0<qe>(KLc8YZV_}!0t&a15=Y*
zFw)JpIg4WZ5i-)4$&sY#HPc3ttLt~FJ3b*F3$z)6OQOi?j3FbGYi4VTX!U6E@T#{y
zH+8=hUpokvIeqUTJ+_o2sGV4>gN(6Nm?uL6RScGpS#>#JOc}+P)uE~xu|F+@4dYr)
zPHWU~^Gd`beSFZ7(Q$n21n-%71(t}165*?~d4&tyg}Ff^dB?w7o5+w$x^l7D_a(<`
zn3nJqn?#sKT>Fhg@F-YG09fye3p?M)9|KRHB~zl&X0cK5JlEXVwjpf&V*l11SvC?#
z3lOzyI~4sd3b{KI-{?v)@?8)kxqDi3BT0@}FFGdataMGg-tk_|CD{kWGD3q1iMTum
z`#xeC__4sWrgTT}rXZHk<Tg&jLVc#B`A%|@gR9oGGauU)!Dkm(>T*tKYDe&xOnl$M
zOm=6ld693O4)r%|^|>^Y@oPgYMq^tV>Roc<hh1YJ;6&F+L)Po)h#Yvvo2|LBXj-@{
zlY$3ebQQsIy3|-ziGxHt6To8jrfkj%66D2pYp3FAFDe1n4$i`q7$JFentqzyHp-Gv
z<x%0CXsT*7G1H*`6d4V00tT1;przua5s^=sdfIMdp>&$yXi9byC%XaR21BP)Og?U^
zu`Z_xLsNX+>UF782m|Z{T3vZXgg8q=?z0oiz=;Sku;cr~nAv)=WD*!TA$tOWp_})m
zQbum{v%*2=VqERHNDi|66X=1Opqj3<q?Ln_NmyyqAhBVR&q$^mijPw>u!{3%u$zS@
zXn&hIjeXf8$f{jABZ4DlTH|tp*fNT*DVS`%r_AR1E@-Huy1Mp<yKHz{d>sz4rwz)1
zqe5e@d@v<nm9#R#ZA}0XA+tJD)d%Z=aOaAugvjVn8E?y`Ve6)ez-XsEr{;lTIr}iQ
zNQS9a^z@0>o-ex{#f}dNEC<6S%5aG>&sm*_t0#IDE(k4<+h?>4t}rBA6ak~7O`zoS
zSe1hojbTXItr<GKzT&OpH*y&yPWFz6e*7Xm0dEa&AI!lZf>5m{820!fk2G-clkSeu
zgu-`;oFpS?LrLMWbbv1hKxt6{TFfM4MjwCLh%_4AF|egt10xaO@PBvrijymxA~W!E
z!jr@#W@O>T3~x_t@KPMj<E%hUJ0?1mjed+=)2qic0yNp)xZV&#gCT@i*QxQr15m|f
zf$Nb7tt|oRChD~eXk1(iJ}1e>=$(YjnK?P)6gtxdfS|L#@D@9u$|NzFnr66?#gK|b
z3Rtp0@_|`YQxR<dL0o95$Vg1Spo@=)XpHi-GR+Z=s7}MUz-wF^;1XOXqd7J5jgu(a
zII%lhx<Mfx6lEizhP@n|oQMdmf^=?)xI-7n*i^A8kTF1Z%{DR?zc~qouaxzY!Wd_C
z)(RqMuWgtJ9wO4Vk#WkWAw)zYf5{?(4p9mqZ$iDH3{4)Z91@!!_8djl4NFeKm`0I^
zaZsT%%OV+>H$hq^ZZ?WT9xgmM^$jEyQXn1X62PHWbG4>Gdn(UJm0Kx%_F93F!ds!3
z@#9P3LW3hL5f2L&N?-^UDmgDp5ZvcQtd=MRajX``D!^Bv8_&Gwi4+Elk>c7kp~D`T
zirFS2(e63PM#YUHVMMwbOPx8Nn9i)<j$CQ%1#|FnNV~EwdXsIh#LCUO=?TtKLu_Kn
zzWHe$f%*$*KuaNOS&9RrWmKroMALf#et#gu%{@hC$v;$OBG}8GRRR@8#;M(u6g$ZJ
zj*Ivv-fUa}m6+Y8oD-I_JE099^*j{$D9V25L#8v9=cUILJ|1ffc&X^nyRVI-l|Vo7
zkotLafq3dtx?vK&s#r&Ua>*6!Pqv?Ot3@#oa}N&L(fmBsRT0@LASM{H2;#elh+8Db
z8pY^%hS0Gccc$ouS*EUQcGz#en^!3#Q^rYdf?8~rW@j$#FS@>Eu9>=aANCL{cOD2N
z5k;8q51}1{1tI@oeP|%zY6ekyF&A_pR-`>)uia-6%NT}Vb3Jjwp7NMo_+Bh#<N?-w
zdk2tVjh0>~<Or%+E9L!|fG|5omX;WAa=F0$O|anr<H)|*i-&l{SDV=CJ&>rAD#BVx
zu%H^qvaWXul2in_0Ki+468No7slLt9D5gl@csql`vtSOP{-bw@h&t2=pm!Q~_+6oT
zeRs0R>M$|^+FSz&iR8mco*Y5Zn<GOJ_NnXyVTpeUuRFC&b9|4_my-*b%zL@~j3+$?
zeE2>K7X*ZiNTV0uAC8Kz$z1{OzfJ*o-=Dqt?VfnaWIo_gI))?P^Mm0q(%<wUcci-c
zWG3@rHxtwJ)b5_6u@?K)Q#8kq_!j`7<e>}JV;IrT)gG4@bxL?#hPNeDXyumQ$|7=0
z*F+hU21bXlvh|Ji5pooD@_4P*n1}u;dBU*N{wLLif^TeR17_tZaO{a`vBBwzv?3`-
z#n?I!4zJMYctfKur7v=3Qb?+klcb8aNu=sSA&xMhe<Z+kBbVTT`YNc|UN?I_VfQlH
zRGu2|uqma4sr0#UuLG-Mbh_iH07Z`JRTxkgjSGf=4zXI<AUVF}qqXI|TA^nDJV3^_
z3v`hC9GdH5Jwdt!nOZrdB&J=`HXCv1YYgo^IS<tua;SduT`VcE^#s&-LjD9n{zQX(
zw=;quUutLrRX#POhiOTAm>#mev|(YJy0C&y2zUmGH0*~E-gA-w0YLhZLEk0nETvs?
zH)8;$Fu5~3y*xCdKre!<E)&d(abwE)8s-Vm3*-2oA(-Veya5zRz<*dMORG9-U%Qer
zD`I`WSxeM766|IbVs?okX@iH_)-m0hR^1xLtu*|pGvovSKd$NvNmF=gkZD{xUPnAI
zImSo?cZv<mSh1Bn+d?90ypx)aqqq}olD0!wIyDmGh3qvY$zD@K_M*l|NZWJ<BCrH8
zcWq4Jv>NsT1@_><V9QAT&`hJ)J)y1Jp=n$xc-OkeCqycCCl}KWJ}1=ODQs&A#|8Kt
zC#N5OZofbrZGwARcsp64Gj~?wrk8yhd($Vyngq>xTlH&0)nvBiuvaDy5o?^er?h==
z)D*Y0qXQk+&0$lXx7HNe>B10W4bd72L~=Z7o>Q{~v<$Y4F;QUIQp(t~;)NMMiqH0R
z9+UB-gv1juu*u@3xm_2N)IH59rRf%I+A?nD344lX1}UDIqIhP7Dr~m@EK)q73Y)`=
z^hVm<sI9rit~S0=$VBtWmR{g&X>tO*^Eo99ywK+%pPUyt$74?-ER>ZJ2KS1y(BABj
z8L}7j?c)y`8rA#KSS&ecwEgTa9N_8L#l6A@dOFeXPw;@?!&sYmLwY7;Eg$I56|nGk
z3o!C7E#M16^P2;O$h=eoWH=d1-f08k{+3MyCoSQ?6s;!*q3uY==QuWGbrk@|-VlNa
zX{A1-71UY#<_?89gD_W<{;U@MDSd&2hFFWe^PhGxiY{=G%1*mfBpq!e$W={w5+KDI
z4e7@u1iTa7tN~3Fp-=Kwv=q<zfV2Xj#Rk?chZnWh7OE#Z>I93{B$Z+o2s6=yoF{SV
zV%{vDo9QVA<XU!<V!~H~R!l(V(sWICm&k=lA+9HfxSkT?TH3lixiBrnbz+Bn@jOWf
z+FUd=pyN7X8Q7%euJf#LZk6xVa9Wz-&Y>1s#%`%PQ-^ryfl+wRClS#HU^kO+5e(Wc
z2rKJd?I%;WR^MJtOA-}+jjDjWIt01Ui3TcSq9Mp73E_b}zSB>fZhd)`y5nR>$2xR{
z#8(mtl-IF*6xIScvjg#DBiJJ2+Ia{5uskFe%m<h;B1FtZPM0F4ifP0juS}gX?Fxox
zHGhHalCbwPgrp1qA@a>fK)53h6h>Nto0-xs(YWVy)!)8c(;ALXCFTzbgoMj>_SgXF
zytJ}%6gF{5r2kb>2D3Y(qO=@kJD2QcpM9(ip4Yn5K4tu6PiE`zN!&WM{+m{_|4ja}
zQ|3g(HX{)@H^C7MPWVVo2bt8?>mW&<fTjiEh#|&dgHdl7G(~ejyxGo;T@XXYs5U1v
z8QU705Rx5%<{-biCSgb!awH)Cy^3iPfH(H0>FBbEFvaaiVI>=0<4Q_=H^1UrP*pYo
zr$ilSf+MPpvZ;Ys%}5fN3j){%GlrEwQY_eb0Kye}hJL<;(a1>@RaElITx3@s_TR`e
z72iV+sIV7F%qMk`U&$wSz$8*hlMN9}G1!lX{U{5OFsyvs2j-QY(hPCTVO^1Oe*G+D
z7)DE*H!^_tKb(aKJziU=2(aLgbArB$vE-7ZVPqJJc}#&Ct7qqv5{pN~8=Mg@I0M?y
zK`Mra=T)H&8kKkzWL}gQ64KwH&@sgi;A*LV({=-?G}#T@8WM^AJYjNEo||A`yDf&q
zg1|K>EVAZioiQq1KAg>FnJLYjy&+BR!3jW+oRU@7A)UNQMUOMQX10rNrpdeTjHn&U
z$HLsfVHs|##8}y(_)Sv7>{1d_MEpp`#*T}X#xmjZrRfs>X*M#@@vwM<obT|D37nNA
zrP<EOM@&cWbqS^=fKgP3+%V>0Lg4NsfaZ!Y+5=ln1baHqlhV2QMl2z!!*4UTB+Av2
zCO3oVPDsIvSfpx#(U{wl*+0Ctm(G^rQ<N>;+uFuN?XDbrAEII%Bih%Q5N2Nq$!%Nm
ze3So#VH*O={=p1@oC6$tx%nqzJ@o2<&P%28zgDr$53=($wmfmCN87$F=zkpSFX4=^
zBQaJsFie%bVRqwNS;ahhHNBUde=Sax5V^EfXmAUCq?BFyL`1<s6v$(vD}IZ9#%vss
zAc3hUAPx*fO-XiBcTXC-fWpok)%98$C7fV)0re24rfk+CBt0L)Ca;wdA`x^|qwSTD
zf-4hhCKisl#!fz^mCp*Nn{z9jq)6__ug#`7wi5do3W8iQEkp}}TrQ7XOq*a5VyJN<
zxKXEM6#-C94liSu9+_msBU?_gm3rU}hu#NoFD%(iv&C?-?1;r<Gf6{iQ){H0&<-pp
z#*CFCuUVJd(h)-tp;2sWJvKs;5Q*4`nWk@TEkh9-Ru87)$rs({j(8ReYlxMkqA=z<
z^`Z*4hieHIk(6ky^+jlE6KN`fM?BM<=#z}q*nSffB$NngIucS>K2f?&^2Tt5p0B5|
z0es5e!~#;I)ISP<5+D#V$Kq+=g!$tGNW`k1zQ$+J!e+yorh(1lfI36*?#S{al}b~R
z2Oyc1%NRRBWo%5zI5>VyJNDiQ3A1sdCaGO$n-p0_p*`!<YY_0x=)}~1ZrQ9B73hWs
zXpRP)Y$kdmL2JBGd=N6E5o0Fx!guuw{0Y(g(|TB)-Zf?bJ!#JN@bFtb%!-NbDHCd;
zwlgcO*K}{m+~1^N6bz@YAFWtK-wEnB2%%M_B6rsXK!|Z#e{2Kwk<BQRLW97QIipF{
z>XDe)<TR!9C-S>;07}}n!Hy3oBg9h5F+6KM5eBATl^M~omR~TD=mD+q?FG#l0p9hs
z02X8|x$WeA3ab|#>er?jh2iQZjCVE8L{Z=p`P?QUWo&RAUW^;ELS;}i^Mve-CkuB`
zH~vA;`fcyJZP<1E$*v{Rb-)5zR38aw|2-sLfJv-*luiVZ)WcyxsAAaG7NX?ZRI05L
zm_iF#da5^E%SS5^hrkR<gBIQT$BW@%WRi3IE6x0gr~dip=+qZli!2hHrDNn?ilxIQ
zfYpp<g9aEruhZhOa@lAza6{Z^vmF6JTX40I6CxmXCA9_}yJ-AauL7X3gXPU&+S&nw
zYWNh=WxUaGtZmo{X|Ay0%`}z^Ve02Ng#)Y8LIWc+UWyc?0?s%@!Gni2>@z{b+*SRM
zI&!grAUI@Vp-n~(jt#{h7&IaNkS8BO^(LvzNIr_;g}^b+yj2Ol;*4n}os9)LEG|Xz
zX@4*&VdACH|F=!rgG7?qnLOgEViY4ML{7qt6*X>ZljGdtqt3bBzV`ilI5-lbWt|DG
zB)2~-xz(9jVp#;UGHCz^SM7I?a+ENV5Dc5LhBwN_G;oFvY=39dr1yCFhB_HGarO<H
zM}@3I!$z(J4j(Cgw?~KJ;=t@r;mB~!rcf3P`p?Xf|05^utmA)H*(WT7%Bv^2#D{sv
z6D`_Ug`U)L15UP3S?MT|fq0C)l&1GmT!vlZBx1|aodobmDkG&Dw8lyBERYoQHQ12-
z?_m3<%5S#^NRp?+JqpQceT~A2L24lr+79r&toGfh*h?UYJgRaE%S5A67rbloI<As-
zL1E$RahrA5>{DHSzcVJP2L{>;fE#mk=*XB#<Rn@YK!-Y)JQDjD+rv=kcN8<-r~`>X
zcz%3ZNvxApyag^%&>LlyCSZ%*gDf4fH*RZ?8;yPLYB=MT9T6yMWR3nLwM+4kq_dW;
zFaTQ@>GVTDI^PRP_Zuq-4S=PV&T06xKuBERnT-}Cx8Uz_5+_vOc1pDjoNvlpr-{u5
zJ(Ej!KH)HGC%z!N*L4tEcs*OYGDB<M(zt<c9aV&9y$-$Q^3KZ&MyxAu^cvRnt{7IB
za6(sqJq>4$=nb~wxY5BY2?V^RV3o7;M%6>1v<<mLpH`7_LR*p-r0m8z_F-($$eiXG
z$;i~sKvr@DK?usi+rO&!adZK#Q8uVD?s2S*NDu(FAc-{Wh7cqaNXG}j4lQM|o_ESE
zX7L1U?MhTI5rU@qy3A)%WBYlgP*fSIWBp=*LBb<5a$|&umS(ZhdF%hxD3Q>W!;>Xt
zUp1uJAx?CRmjBUqNL;cw?3GC_rei83qJQei{gYF;HnF6zm;-spRgkx1lFlL*^>&<E
zXSlxmbaSjE=2+6e@{sMSsAxZ4+2K<*9yPPj9}9w>EY!th^9!5OPJeKeSTD8)o%awN
zj^oM@0`IEHRDH#YOI)OaZ7n}=M)3xHv?AS`V9YhN^%>dgDud_=RD+SFY7d@{6(oq|
z=FFA!5Vq$eB(={d%qeOmAv-lw3j3Sw*Q~%byh$sdJ)fOg5iPQ7&H;JL{^m_)IAglf
zW}4RhNazu3DLbdh(DKMECo3OLnaIjV&RwRg{2v$F^ZX>Ya*q<E1lhMZ{t=X5@uZpd
z?@S4TrPL%@Xfv3|-9MdS&yFOO0w=wca0L{GwCBE<z^><unFLLIg_IUeN`*9Qe-sbR
zli7((G@XPJ7Xo^xXp#|}qtY7O>{x|xYT%*CB$;(J?W7evYnZU(f+zq9bb?@HicJj^
zQbiT-(50tQG~T}-85(Yhf*lP;zpDSAX^P?I`%pw9cE2QvtMcGVMczMX%W^Rp0QTHN
zA2&gwNhpjw8AgWgD2iOYu-i&D6y>JG+awJ9_F`#YLe!t|8~83#BRa-xFG1>og`GdY
zhLBK9V~pVi|50>iK!*Tcyw@2iBW$JU_s>iaZsU!8T#5EXai*!9+xt3(LBVLa(}U>J
zDb_?{H`c|hP~>fOnAs&lOdnE!zN(#`RA|l4x|tF7f6k<;#93nT%r=(HZiY|hBsZ<t
zJ*=pm%i_Sx@9aS>`twLs%^%L1S>XEcTT;7h7n+RfBEx=rx|(S+cJ}gzHXBRr9luDl
z9T)xSP&dgNB5Z43+GvhX2D+LjG;sY!Bi%Qzzrz?xp83L6S|sw^u^@)#bR#P$q$Y_+
z|NP;QHOGjZB2=zp7Qz9sqFNy{b9x!!X{;AT;?qyH?4#ZMoV3P-C}Zs|hz&Opwe(sJ
zP%XWyo~1!!eWZp+2`|Dd)E3f=1|mu;Cbv{HnZmqbd=EFy*p)77y=0O^=8zfP@@4fE
zKE+!_K?0Jnpqfe6cs_dVzFv4(_JU$CLtAQHBAX~<cRW1cxLgE}^+W(Gv%9DeKt-HK
zN7)Zb__2w2bF5*?aiO>wPpFd}7Cr7W8-rNICg`3NN)=lT%H6(Nk52LY=c$J8sFB2q
zdHo>wk!TvhW>AhKh%<xjX9&@rJrcMj;?cOo7-IqKmn8b(D{8!&W@4uB)F~jLG|aM-
zrIYNS$lih`!|qmQJPhh6vcPaetjp(#^qh$)G?sU<+H~6G5iQ*aOBGqQ`c?S;!JWoe
z6g`etC8cN#X+y3WoYf*0(nN`o@pYjN9OLl|*R30O*r^b+JE-B$vCN-f;jl{-2r!LM
znjD1~QT3Om`6i~NHqDMUmY$6aA$(5;2gl{nl(4radF~vl^M|2|X7ZKNOY~V(Xc41{
zTH8T7`2;lh=dTQNyjqgBjl-eW=daEl;berRx6=o{N+QfF({S=o@9*tB?VklN^kI!K
zyWxZ{1f|-TNUKPu8W}xlQRk3us^WBG&VUpO^fi|V<}ro<u^CAkJ;d}@XyXJ8d7AcJ
zvdc)X*d{Orx|Ve{MwxR(A!#{JSCn3#<|J=dV+U(8dOfpF_*YsSS!KxP;a)F&vm(5u
zAI{{t>ShN@@6Zz6IR&Il5c|2>uwRW)k7k!0kssbkCFXbq<`=^2JjSa`R~Pc4zSMxN
zDM_c;V3H;t?)ws0zoN3-3A_v$4PY@uCIg_J_(TjV4ei)wBD`#{MjSuQS&oj2{qiWB
zK|&i&LJL`AIeq_^kfX7=uRpaBT_T75<n{_44~VT%5V)o62gDPINq)E6k}!?k`9~Wc
zN$W(YHfD{O{0@&!fzyz8ysfXzBy_$KjQ&~-6A?yncZlp0*W5~2bmfyA&(v%i>zwn^
z?S(ldJssPd)JR5cjWZvI4u$wnU}g_%*1&h$(HY9uXQ0@IIAcnRn$}WN&l}-tOJj7z
zgp&iXEtAwwdvxnZnyU_LsIEK#3e&N!|APJis#EO;j8+zuvKgy49WZOhXbquaYtAj!
z+jC3ljSw3fGqMkMxKABSO%WVsM94rc--j9xZ{SlCeE!k%ooGxG|IjHzVWM9^U{jL9
zWvWIFVm;G@U#5#RX(nHiHs-ck9$>??W-_07W-qpL3WbJP8ncBm{k^(%fg!q;<FELH
zw>ze7zp0lu*Fx79IC~gZb)Ii8`eV%xUDuIl7RImP5<lzdXxB3$J>oFc)gm-XMlVo4
zCB6vWNM0`}bbzqIk=O=WZ*bv?p;(5RK2$2)JP|<`qkiZFnFNJPRNi#X=r8-dBL=F$
ze)8trVvpR3I30_T!x+=<rk`qj3TaNTUttJ4&PWZ<Xmu45J;;s^!@>s1;SJ10A88EJ
zQq&JDNvIRyH?g0j?-MpX4istdSa7C1$=7F-h8?BnUf5%fu*dGi9&;HkTG0x7>=9>=
zd1<CK!ZSY42*)fSsoerL&BXfbLlqM2q^N5u_OdWG{Nc6M3wE&&ekQX|WrkFAY}Z84
zs%IMv-%PJ*T1rwdPp_Fikp&Za=F$nMKyZ{Gj`ul$2qtx*6PemrhWp9$5VCV8vW;4#
z>03gj_)Z7I=EWo{W|vKNw(M%Eu?Z~r8+*K#<s^lz?@fmh1swDfZqYDoS_}R_z+{-X
z9J2JrP26x$vmZzQJK=#W%V7QqOlY}PO~M|6(U=Q-j2Tgu5$a4@x`y80g@JjLQ!b{6
z9)S<5++7!q_BGPh8RzMu5%VP@e-m^jEN#MFA-jkCEJxI9?CHhU7=8{~i)ux}A>d`F
zKgQ_&dZ))nYFbNF{W|>?M2Lh0T=O6CDl|a;Kw2;{FTssfLUWbp&x~;BpPA^cbsRC@
z+5Hn)OA^lA87l?>-aZFJQk=Kqy*7P0Yt$6>PNY#9(?oL<$#=Rta!CP+>EOr}qTAFU
zZ7M1!2`a-FAV+PnF*N|o<lyQMpyqrN$JC1k$fG%XK?#Y4yB$(3Q~UX5ZF9SjgrFIC
z|Cy~IO+%O?HsdWbjtKJcL&xHzFN|S!6OZ3D#v4o<W84LDSjS$B5YSry*!ffZ1ymW#
z-`lWKU}Ddo3@SzcKFb__eS82srLrhb;_KfS9}-&gX1%834!IIxH7oQrCT*;o0-4OP
ztgVS-jYbiBknA8qg{Tv#-2fbw)>EqzsExAso%O!)JtBjYJ)Sf#YdJe=h$(J9H>EPt
zSYf1K9~nbA>9sv3Wi^Q<m<3?W6;2p5&N!j4oP=*YcC+Hp4@HtiBSO-z#Y@vLj-ia(
zJ3QqO!W?i&|N8{Q`ZKs7a~+Y5EV8vaj1dE6<76Fy@JL-<dQ>xM3wft)SL%q1Sk@z#
zD2o+PONklTAEu71=9Kzii&&K2Fb_FlDTbzf0GtGU3OL#bgbw*=9`dr}yU0UAo3Jab
zzNWye6wuWOTh%5Z<CkB=*(zn*rI4*g-k2w#9HEPGschx;vULu{>t`n;#!Lv^p~O$t
zu;kL%A;IMd@HkV51d|xA#b-$%>v|kR)&-*dc)7$1b%e<JBF@0Dr0?4~J6FUgWNi+Z
zf!rg(*hKU?vTc#Vy`iZgm`k-bjO?34CMq#T9Om)>%_KeXo(|&l)VuSF{HhWSL_(d@
zEsdU)7)I<^U>WPMT5#u%u=imBtzxm^k2i+%PU1M?pc|Nd#CWts91uYk1^tPvh2_E~
zW4}xG3=>T|t=q|DbHI-v6lXbwz8VGBNg!*n;dc8>voB5k2$L%bF=O)3B&YNGG$j*Y
zB%0w}2y(pi1Z`pEw1H5@EaGX7w%Ba*?700%pG!Uc`wb!(u|L=;D~ijIt{Gx9Gz`TE
zS#Zw{*-TQ*MmCF22Q_gz2*YIrEo)UGEn~?cMW`~_(fFK&1J@?S^jJq9=JYS25C7;z
zX8DOBeYoSH(&!_Rn(^r)h{4l(kdzThNA$~3Iv)oXVn1c;v)7zwG4uhWfFw+XgvD@b
zuVo4msU;_AeDBy5lk0teZNOh=T<n&fDM>b;)+JIHIKwRHtsan5L{0b;!azupVys^I
zNTVoe#N#bJj7=gtOup%rYExH=&%C`iCyF8C@GNvOg-S~J$V}qBX<+~;u?w)Mw#0#7
zJ~f20Kv+N6(T*rYpZ!Ijq)b~}RP2_j{^umFVn<Pe5MrM8R!CwTjHj>6Gb(8K8Z=+1
z(;Qoza5C08LZD`@9I|CbS`@!X3eFi3G0%y@!0-f3!L_x#T<F5LX3b7{N!*)#a*-l2
z_Ma8r)`cQgNc1cF$a)QB*2&cd{b00sk7|=OT!vE-@1p5>2@J=YRKW$)-X<O(q%9u=
zJD)+BJ4l=3khM)S+@4H^R44-NswvGjcv>oIf6zIM_AMqb_ntdTOdD3B6eOg@+TVF*
zV`W2OUKSB09oE1e41Z0#Z{v;C0ZWQVd!oR?)D$7PFbP*|jF=1>+5Fjl47BUzNgbi;
zU4c3LjY>7<_Lz9|8Q#f6+3(vQpO`!`b5xGfsIyFc8dr~sKeU@sUH(ev#5LpYhDj|u
zI~-*)dnB1)p3`>ot*F-mZ~?>36M!wD!dnPY=OqjmiFn*I9`fExb|v21mr^3+_n{~s
z(iWj@YB$~74``tCp5mcCKJ6*I=yT)&96JP-y_24tLAFUwy>)7}HKa?nto&neB~J$$
ziHRf<Log)lAp$B1Tw{sT{v~nXN>jH7+?0BT5ZuEx0{d$ZavdhZPIw_WdrpI6dE-Vq
zG3tcKC=rbiZ6@wi5-#>_gP>_a;u>*%6=e6##0@d0*fgGi45KxctpW2mmmAZ@t-ffG
z9|Yt}7FnjgwJeOuhouWYI=Ro{Op}c^V6E7Vl{e}m52&_;F(P$>?%-|c0V}2Br`Jk-
zL4%f&BGO_uPm2GOCN*3Tz)hWmsS%ev3Gkk5$}II#?nJA}Njje*oFCR4!0Rz$tl5;M
znL>FipFS8n+SDiHMD>AxGu7bnjYLgAbHoPR-6>pShRk)BM7k4q2uzKd0LPnnhUE>z
z(6(8_uPF6P0%fRR?;3=sEpBx+ptE9}d*s_L@#A%E7$Yrc8wv{?No5ri!`hsqB=qB_
zm4vh#4USBm0E;HVQX;4!#!;eFz{gM+*8nZqYJq^!(hf^9OrKD|iDQ%v#=OA9PGHP?
z+Q*nNs&rwYO+BRL4?<A8REZ{Q>ZS$tm^xvnVQU4{bq3U9LfuA(l?H{IK13VHsL>VT
ziLP1mAROAj1{dF9EP>P!xCemO4lV|P^TE=Z+CnIm;{-{W2tcVy2+}|4P@q(6pj4NH
zlIa9sd)+LaXq9*P)KD5W6Tv|vXaA9>@_zv-1(hd883*L#j3C;tJoTWtK!^e^y8f5N
zz%EdcVJ1JXC45aIr3W3w>L1P%V^uB<mJ)UHRdI|MCG$?kS%nv!tTA3eT4+9`RZ|(r
z<i%tqv}%;E<7l*#kYzR2(CRpf0*?;~mT&<97+OmrLldnfJ}n1{EUnSVPl=mOIALC5
zMS9<SqGp2t!{E+bfZah3j~|$~>dn-#K)t2oC|rXfGAg}JxH49w`Tk0!@mJtsP(arj
zQBtMnd_thmD$5!{uT_4!UC7le$a#y#*QM2s5n`%$=_J`}-FLtm&9FMWivT{OGF+q9
zbw(+THxXvtnFtN<GV0J~gg+t}*Rz#kEjjX;D&)gQa?;1Ao3aO-gKX3{4L3vRZ>Ax$
zS?;!2QnT#^?YkiaJiLcAC!iv*`R<zU85Ek-<{CF@kI+`~Np$!EP4>%m$c_Z;g5ZMa
zrItWf;h{uuD3hV{XFQYMqiiQnbQ6BqKS*6r38F-Z$dZ+=X$jvlyKI63D6E|rz-%(g
z@ban2ZHsTYDJ9OS#f-83edoi`zB?Y90ncBdNP-V|5#Ig;8g10XuF#$0M{%0m;^wP!
zA8y_QK@<C38j>P7&2v87JO_d+cEi0wyNc`TOFDVRpUT7#Lz9vOKiLud6vvTMNmNb~
z!uEqEx|*2CJ{BeQzd9qFs?CSY6qA1zQHQnz(o-aw;x#Hzxy*7E4B(<YRIyC7rv*f+
z&!CqEddXSD$Gcp37~rb8?5U$j#7#OC3NF)(DhJA89c+S}$0xe9#!XcB2Zn_21rgI2
zCulkksdzYz9kPgUJadVh?2^)@t8t+ZVb&HniSw}eB5?*gb&7_i!DEs{nC9_V8EaFx
ztN|#VAGF;`v?{H4*Bpf8w`G{jI_m);$Dkf86sJ^>GL=EDr6rgmq|GoI?C>aJ&%R{^
zUeGlcg?!?qjH`|iDZ?>M=jH399w}WpVIj>Aa>Q6EiYyi|_8C?pBc4VWZg<qUc~cj5
zpXfl#$mb|{VU$LR0lO+AmU()Vu_S&7=i^*;9w8)UYw;lZ2Lx%=Kpo9O9_UX5HLy$6
zTqc$0o#0c4;%s9JBN!NrrTJ6K8qEVhrWNC^*3Vm3O0+Pp@x^rc-_y{!kX)NZ|9cv`
z)l#D{v?%7P@Z57Lr?DCln}+znCBxk6OOo61Ht0Bo`tm`tx}JQ9bzW(XP3(9q+RjNu
zcs!PKv|)%ao8D2<sy??Pgs1pK>uS%(<#<L>!*R>Il6@^NuwP|-26z0e)}Y$3Fg>Ot
zfd_RB3|p2D+CmR@=hD}Pftn{dkXHkMAfFJ|W19y<x)`VjND=9yrZxON4U^R1SrP@L
zh^f$e7}1JJ7C;(#9Y|0;QA^oQ6Ec7`WJcKqAxzs#iJ+!NT8QfaGcKBxIau{umFD!1
zT=STMQhTJx&MJMoXmbp?v4w)z2hlVutl%m~q_H%%K1^&Sy)WHqdeqqY7&j8ZV%$~O
z89*5+z>mN;C-bU44O+tn?1;xxyVFDC#ySD)_&7aJuREW|H_yh4dB%wkO(tpWweaV~
zikNI-NI`H~4qif&b;wTi*_87B>2d4MV>vB4EHLAqgit!XSh88X`bq6Cn5a*hXt!bt
zgVW4RajwH`b%@y%M8*Y_SQtStHjFWbLS1|Sx2-lALTTrBdH_ik=9-W^`|5+J^NZP7
ziS5W_vZk*yz7$^-1@#e{ERx%sFc5`)f=XaRA~i-<!Fve_1Bx+D0|s+a?BQpXl#6pf
zt`Xj)%-Q<>0@Z@~Y#70?sxUo9XQhX<YGF*RlF-L$Up09QBSVbVV(}H5hE8bOSRM7R
z!Zq`9YJN;Ejs!swS8fq>sRD$h78*QV<Dfmx-52iW5K<GTqh4wec!S*V0{_fjd5h<T
zb2%-2%WNHnC?dYb{rxhVDQ20?U-nx7$YqlP0P_K1b%BS^1vI*g>m?o28IA)@`A29T
zxY(X%-Q9??&~0s^fyi(Au|Api+%yS`P@aAgz>80E9z#eQE}HD;8wqRLsL^gp3tC{W
zvpCgPTfC@?iRI}JiHuz2(>>WBd-@k9m$3^O<J>a?_jW<medJFRjF`~meo5AP6C=i|
z<-ky2xQd6i)6J_E&(buBIge5m5lYcr>Rk1KLC^`RIbv?3TMIj|HU=7W``A5&o4HYC
zIN6aTN+U(!tR^<7HKG!hgZ2(IUB1z<){<@H*}Z|_*7I-9(`Jlm`%5}bHRrK1oy8eR
znr#dX%PIocBv)ki(g3`7d1&h5u_1CI8?pA{-;diCUcAyN+~oEvI!r0#X65?u)xpNu
zvH2e%JuOdkZLn=;t1?ESX%Ju*h$$7F@CkA)l=FdrkL}Vzb(Adj*+d{%)SHYG;#k~6
zfcp8_H4T+&+N5d5YG`zL<t|am=b6wT#23jsY}z4xp*A`tL7xd^%uY0QF38xCf}R}G
z<P-{Yqy5vD(UKD!xo5zLSY*n~4i+>OloDFiJi};xZ$lnwBAw;S5-U2IE10wec0o7g
zsBT_Z8!bnG+CV^sP|2{Og617sRX~kBVo4|8HNld%wUe|NBT7^1D^_w!<$97fi=Hho
zJZ+{CrRnn$SndpM3UMR}l59u<5G5o{j%9D6BX`I{l4kwFbukBAdxECfiA1xqNvZ~|
z(ClQQSx&^zSEq)=I*o{RdK$6Dk})Rvixz~Cu#I}4!DkLb!=O$}!?THob*jc|ToE#+
zOr@1=M8>aCiU~;+EL)qpKHFZaeF|?|F;=T7Zof4M{NB&16f!U(O>V^`Ray~(6GNuW
z-Og8|)D$2P2HhU{LRhJLS*9U!<e~$MG2c&~EPl=u4{cM8=<!@!!CAt=6#&?p$i#+@
zPW|XUZ~Z7qf~1oxqv>vvVL~$+Zc@6)J3A4Az+9$alHRL!wdBn?qSnNzQesKVxz5l@
z&7xIAp$9ujIUmh7r^v%7vq|!<*%Fz>mu5}q9EbjK`VO#8asa!4h0=Edq-VyV5s#4x
zBD3A~-5q@vBb7PTl0c|<kd~rq`sv2Uf<S<><@wX+DQ^;Vt`NIA)OsRa=rx}vRb8$l
z1WtvHaD?w*vT30X2S^j-umIGSYBFjSmtq?A@yot&qozeGo3wpHVOnb<=xgp2OwvD)
z^Ty^0z!R=aXw0i@HUR<?`>|4}*3)2#Z65?`qrgbihpEFeI?`>U7Ked=hWoQ)1&m_V
z3|n(XJSKHGn&^qzke^FH%q8o5AvD&DNw^Ke9qUb?KbbGgfQBrolFDMrY7rChWP?L!
z(gV1oTt|~4L$nc0uT{8m23;<~3Dc=2Cy1yE<pe3!-i)c0jm*@hhAlERyRo~)r0p&n
zN(FCc6tPi_(hys$!Eu2r?G0cJ;165cn_{fS_MP=PfjX8gd^Oec&UIR?OCh<I6y`<Q
zYc~EG@0iSX3BdyI6S@RB$n1~^w>=k{M+|59wb?eVRnR$|q!5lbm#0(tXgwG3(FJGT
zG|hyJPX}kx+vwCIVsYGD5v}xWY2G06iqFxJhhI%AZJ8zm@AMpW2dg=~GSPj7ITM6`
zhf{U}Fp+HpYrkeC=3WT`TvN7zL}RExxaL6bj%XM_a!(S9aYYAd-P%IU6C5>93=LKn
z!82mjbR!tAY+9NT6f<$DLNj6D8cHQ{3^bc2@vuc3>@+L2R3WH8^2d~xE>9M^_Dp(A
zw)RAEURay3^JPdLsp-TgTs|ERHR+-xWB8$;5Y%$Igh!w5a0vr@vrCXRr{AC><x|9q
ztN(DIB0O;cIJJ@^nG~u4x*KR*p)6$-o|jIDrxIee2>Dea?lmmLuX3A)x#JvUr^4W~
zRyM_xJ0j&IcogS6<JvMLSf7BqH5t0|RD^fa_LX+*6D!d%W~13zIxYr%dadPH3a^=p
zcWuu-XK@N2EU21EHHfXC^DeU$_f_U!3F6t8QP7pe|L6z)-_o*hP3O|1PV8Q@V&T%x
zu7&u$;+Qq7&@3EW&t#5Sv8HQDXIINodaV<W?ukEh7$wSPO1UTN=}&y6DH~Ov9A(vp
zmZ<uWsMr!UWpep!OO&I32BPxfsQ8g+CVr@vXgvMX$G22#R7by#HNU3fSH3-}J60Z6
z)3?jxgZhC&hrCcYDEUT(npK=0MT_yZ#ZhT-q%c-?aa6IDJ|A^Q6Yx7XFKSW^?NQ~{
zsOeN5B7198TpShpqglsB)%ffIQPYaF+l|LX)ooE@YgFAD&3spsTiG3DF^M&~9N?PI
zF*pus)ZnPhMtd|wxwhPN-25m3D6<d#J1QF1@4w$s`{7Bzd3nnk0y&K9T;>%1Bh%QB
z%VG>%>3ekw-NG>meB}{vRX%gIqA$cTy<+*%ol815EL^f;#j2%*+>E)hbXDgvy0Eb0
z#ID3ed%?c9aP6{`cUN|wXdkr$@;mnOnyzE`Gix@iS=haD`FeZ9KEJxF(_Yk1$A2%R
zx0kLu@x)at?JYO8j*jK_svULBiseg}4Rd+n@~&m>oAwpDy0EKr$?~o>DKC1n4BuFC
z%#zi3Gv%G7$1QQ6ar0feYQ>6WOS_h@TDfN7(OsR(mVvjHtUC%2Zow$P_KB;Gp}#;*
ztCy@?&R2n59zZ{F^s4pC_!;+fK9gC~)wz7-vEd*P1xrs{P1i8QiX|IXb$8K^0=~Iy
zP4^1^fjiyHS9TqB;*zDEtJctMyk$REfe9_^!YaF#&@IHr@hm>HX8BTn)}LC*dk?83
zy%4;z^e9Y@UWZM!YBjB$e&E#;mz}uuIKESb1*~4S^r&U)yOyow#bHTH0i>>@KqC6n
zCw2$F1W<SrR7_70IP4;-F`1=HyHBJWumJUBYUvRMNF7!J#4YJs#iP?B%eszRbqud+
z41-gT$;71pK6+JW=c;w)NB8m-#{l>A6X;sGYUNQYyH~8BpI9{3Mt{}QjboPSKZ&PL
z`8i2w2!=EABt1%Hb>)_}d^U>I!`a;2Y_0*UoX_LIM@|*ySAWZ8qnfg+oSv&N_ii(T
zY*moI<s*=|##<4+W$rvPCW}!q{Ek)Gd?9+1y0^YHA4N6lTbtWhcJSlRna6jS$Ddi%
zY9Gh+)bn_}XhyHQS5N-W=JCh9(JS!y^?00?fT=uZ7H~-}n=eLDS>0FBg*i=D7j9@R
zs6TG%D5%e<);vPf1+`;SZ@wJW71VcBk-#xQ{pXhcsH)H!%`2#@pisuB-)(^mR^7$6
zf;xLkU(`@g=d1pFB|dsuRWDv?P%o_+D5z&PwM0=t{a*D)<x2InE$w*V=b7Gv=-2f<
zZ2<I-v%S%b#RYZFrY;)&In~aP#grGB_5DC)F>-BLy_kbeD-~L4N(FV%=9Xwyp(~%q
zCH3-VnkeS})h+G$YRpwF!~_@1wf7Fv`vo<K6^v8=U8IHM(fd}@jQM)8i^f%VY-r2Z
zL^TC<TDBLXj8h*Oit6sdLT~J8$=71;k2MbFtJPOe*p3&+s&fi`(YUPzb^8Wda;{LR
z9#(_78bVM57BKz4G=gq0F#le~P`(kve06gN06be=yr}~(PE^lr1`d9<r6XTYYxz_a
zJ`z=_Pj+?DY}CscS`sER5Y^o$lPRd<fv_5Sdy2X~I~a`vR4~DU`c^|nz9}lI8&B9C
zRjO({_3l0b#{mOT>4vECP58t#)mPom51qNDFRK3to;$h=&$aV&L-HK`E~rN{K=5Tf
zT~Sj(J)X(UVA@fiDdBZ>#ah@6>b^{C)by`JQtGVIfWBN(zsmGt*v>ZfVT^i9RJkVK
z5WQXf9>|_uDAq?4+SM;N<KOuO^~GFkG`TPUsN>`}LgFNKM$dMDsYyK*ZIj;{i+#dx
z1lGDC4c7Ys)@(GttUl8-2sW9nZjb2wlKS4sZ2;f$R-V=8D_U@|LEW%{U|y#t)6amS
zZ(@r6g{Ej=LR0iLsuyT3sXtT-MSr>r6#ams=o$Cn<|lgk55mW*)K@CoKycB5ukaLZ
zTGN)VSG^_T-)eQ2YRCG=sjmW~^z1jH9e8Sy>OYyuSG@$OQ;p|N1Mz|))fpfxp>wdr
zH#WE6rQOxT`R#ZJpk3F2!3yfe+(4nSRefP|KgJT)!FAAe-==nAx`%Sx=+_rEw<6%k
zLg2mkX~+#2g1qA&EChh#@3Ij10SN*88e}2xopd3<TvT_zp7eJrNQ52^IbEyn%NN@K
zp<V(6M)~r|xdXEZih%JdKq04?S6&2U#+Qo+MT?3DM>7iT(VTvWwU6NH1a-rvUJ_}<
zhXr*(j;MkekznSrA|WP)6(JWwR?N*OVsy+1`CCvo=fI)rFIynCs?<$AAgu=>w5o~d
zNfHkB^yeW^Yrtr)tm?{-kLnBRuNBP5>aSHG9d-G}L5w<I{j{@}iTTW8JARkcU)E!+
z^EMCYu|OXs_3LVIi+b>+_I$0nsG*(T9?DlhPCeh<$8Qa7!s{tFF-nm{3ApjsoBHD)
zlBq}43wg#nWX3dE_2+dM4p;wL)u!h<L46W4tpJ-n3uQtxe{fSv>VRODWA(I))A2^5
zI;*=M6j3CZJxL90+OE2`71U3+bm1nb`JAXdH^E5O%&#;}JX*{~g>s{)+=(O{%$;Ae
zMxO<h3ptaYgz;YilTqMoYqk%+$E!~hKCap_pdQS2<tIZ1sRy=f<GFsjw4I-La$OtU
z!1dgMEMK`MOJh{2KV|yzQ?T-fF})mw%NMf6=>>J&<`(sfTnqh+ML<P;IotY1(ij#Z
zBnGtu%C#gmQT=xY{4lZ5j>&-Re!Zy(ji>G`0NoRTfi}SP1qhaL>Wk2U>QC!(vxrzH
zL0e>7ESM(}n78L!5sC&M<p9j*9@Jp|L6%tWKD;wuO(&5yQC$sLOG5v*Igz=bNRP&c
zqvaevaYJWUp^^XuK6ofYlACCEC|59_eeXm1vv=`loAVXw<;GSlt)M=6LOb5o-X3Q7
zG4tq8_|e1FNzhRwSL%xGP9EG~p1Pxy%}<YtWp%Hj?^dZZAb6@TixzwW(<!OA&~5{W
z-=;1<c@Qr(s2!>olILSB_;Whmf-O;BfVWy`BNJi?lv#tCA=evly&lr0y2U=yP$)Lx
z2W%3&?{0g4>cI%cP`O>(UjvkTnG5?cYe3*@8_CS6Ru8Nn2tnKoxIOY~4dQdbCNrX{
zGAtdEgzEhyUv}CcNk~DkvM&U+Mbd&#G^kIl>My8MVex1=2Q$nFj~P+3I%gHkNClgs
zN;QJMKg<&5Db=AL0<WHS!eG9lpza2lH`5C5+&qA<O;TUlOtL}@1QP$xJ**dZXDyNW
zgtB_<q#_wNZ-}sOf!(z|eU%mJXB)R;X4mtyUN~tenAYWw=xN>2l+Dj1d-ks@c7R>m
zKoE<fvBd>6SM}R1Z<tydai&8j(M;9LH3GvIPjHhh0ERd8YKNyEQIzU(aUn?-b>X@q
z(Pg!IvY6XbyGQi&A_{VmAN8RB^aE@4)7O-8`(<-wBfVEYssZr{Fzw{>S{Rq@(e%Q*
zp@=JU^Xi3fN&ehm9{kmqZ1k=&*-Rz1b#>?y{S-oa76j2Z*F%SqT)%hIP(i%_OKKKL
zn3wX!f&4fqt1EJRMLn{)l^;8Q(-590snhdNzfWz1;Z;yqms@acmU?a@iTRRx8Wa0~
z`c+iyC8=W#`_+%>1)PorOfUEIvwtdgKznt;A{kRqpN7Vz0sc_#<H=pP7L%h3zpBO`
zvq0m|cY-8gYFxS*l&QAo+UYMcH_a??@0Z<(brm3DS+1+kS8l_rjp{dD^81n!&9+JX
z)(n1e3D)|nYl{7t#OwluTMJE_9YzA@$9|)yE#S;X2NznMkX&u<o(DHJD*uS5`&3cp
z|3H_X{{=PMiZAd2p6e`brv+RNd#*}7lGT&Hqu2uZQ(LKizrF*@8LQ5#=;fgvRD`ES
z^)M`Bg2ZLz7Sd0%XpBd@i=@u*)>pHwGGQXC_u>OgRzu^6k>Nj|c0BA4?LX5Xqa%Ol
z^&lVLDyaJ_9r{1GjADErMbu{a7@v(wrA71>`cXFf<S;?9w6I<>BDQLEO2~@?R>@~E
z;=*H=E#0eQMKahpOf-(?Hq1Sa)D0hZ+x0*mA~nfLFX`-DvLShS<+7AD1ff0)Uqr9g
zF6&Hr9Ffqa2ni(zPmN`AC@%Rd!u1rf?>c5l=hEX4$Y0X6jH0BS%Z}m;snOoi-&u$-
zv<;R~Jk16pgIFA*T`qK&3?L$OceEE9!#FP72<GbOUdaJaiiuGu(gg3Ad`{3oOgzWG
zk6OO6V--D#NF<18`H4$RfK5j>@nGkYmB(^~4G~B^V@v^LNAKb5VaO6Mc!5M(iVYef
zYT2=T1;T>#B7&7Rf`}mF+9fNNBMeG`Te^$*qK+iuIX{w!N0+YZUdfBXLv+hLFTixs
zNI=fq#-D!t5VKmo@|b1o=}p|~T5<xf51(>@%w<?01u)GW7g?nh%C|59iD~O8Ea_a{
zbsYT-xSzOW!_mu*0x_;!&XdKwI+v}boA}H!#5sB16oy?UK}`&+Y1%+w^^(ptvOI)S
z!}zI&KEj`RD)?*p>Z6t%a|{oQ=WTc!<1Sgbfj*4Ckg8xH(@&t>g|AmH=>jM@a!jz7
z^&wEZY|YXos~HA(do@DST}zH$!M~9j(X4iqiC^Q=(Xv_q0FPq8B`d<v_tF)sR!Vps
zV6c>h$5*Ucvxa9$KwW;K`6SS`aakvmC}4##k6N+n*gY4~{PA1Q6Y*e%6<wu(IA=5T
z4?yZ@0V3{ntXQ>#v4OwWtdLMMUEXgWJ>ZIECob>gZ{sq3%~3C*%0${5JrrWTF81Gq
zIazuiYbS^X`AohD^;g#fCcyvHpUEF1^><b|iwG@(rrkTl2P)HJr)%SDZwix^%7?;`
zuThN@zvdWq6`omShWZ6cNUF*lCc3s~2#Wi@OozG_K^R1EAIKmIcufxl8=>~L!bhvY
z15Z(W_`H)_%++2*5T1i|RRuHfnYC?EU3WBgF>Ia=7})<Fjb9wqEsiEXPEV^#VEt5K
zh~L4Ess40S^&SLTdRh>%fxp@+ac^3{d(8qag*g?Ki+i)3cR?1`V;Q47y~SFOb$I$V
zvy_Vwil1Fp=Wc0(WBaY__JaECmTeTMd?vdinp*s~s0p!zF)$KNYiKJB<m=!ws~szb
zV1hIZMpKWCnhwHK3;2n@ARJ!@OX{=}`=Z7TQPXkD3hFN~%wT-Il5OQjUas%uN6tO5
z4<XcgwFCZdU39RzaO1Y9`rxRhQq^jg6LY+0tj63!B?5Qx+fl=jn8@R*9WKr#o3`Wc
z{(L{I{U=U_k^b4WEil;dt-G@T^;fr$cLB?FdkH~6by>cRpQGiirRcYM89~Jc*tw6c
z+YwF5?NN<T=~#6GLP<>sRs2T}Y$`_Y;cd})#G4T87z-eN3o$5uVDcawsz`lX5Ax(X
z3e!}pvtf;vR2{Oas?<f11ohW$Tq&r}*R;dM8rsxXK!B#mrd&Z?Qp&wQtM175slhFM
z_?IG(W7I%T2gZ0IliMRp=>LNuAO67k1xg!yriU^H&vV}3oO0V`_}tT({%BF5Lv8J*
zn5R0W5~d*DULJp&>_c@4VxU<V=r3>VipDG~fU=6cL{FbDw;~n_Dtx4%p6D)O9!N-(
zn3C0hV|qf!6vnMqU&;gKPp^fms_DEvS4pnP1VY>djkwvwanq0wswQwYA{O6^P|%?W
zRCEB^r`8Y(8r2oYz<2m6JT``OFNKpjD6DcH(gy_f?``R4?EF4Mk;+Nxo=kC@Mpqv$
zj90(N09}Hg-0s<75QGnP@^=`O1vP=3jPdIG7Pal>MY?<q2v$b?2V90ne|UR-0&(4)
z8G!YhJ>XS>z~3@`(LRs~d$&cCD4+>}@&_Pxf;w{@0=Mel5Li>UXK(@H;q9&LNAz?c
zq*hf>->#&~_3BLcP}nL30q~wyf_*^^)b8MwKYCIZp1_?KwhU63?Ve0mRR4Hhscqo%
z2~mam)dqyT3Ol0u{wQjX>XBz^C$H>dgZ%mdM1wCN@OM_W75}!-*9z)4pu-9^hF<L8
zSK8=dK)Zuy^Pvv9+wShtfU7%rz_~KvVIF~x*8?6Rn6wNJlWKKrTa>GO8;8M&5~&4{
zg#QkRkVcAOkJ%bE7H1$j)LuEHPG7q%D#L$&snn9IBI;!+kK^h2o#$D~cY|en1_|`{
zBF9pDP*ne|{4~J(B2Xu~S}9R5Kr6o=Av~qNn;*c{z0`M42G9^HnNGO);bwTx2wms;
zqlS;rD__{W4I=EJoW4&X7#`~1iA?~lvk)L9k$-o#J*qi7uYkwz<mpm_y8Yy~Vq?^J
z7TCBSxt1}-3-Q+mpyHDN57f^q$RyzlTYKmWuVmVy`VK1dn2aiuhGo&@?x^|jXiA|M
z0sLd5apy*37Du(`7u27@abWgyDbjinz5nbM3aY5j;zF&u1*xk!NG{bP7*|*r)gH)k
zqYUa-)S3ZI;qa&yboFOsFcJPe9j`QB7W+nnTGa>d7LsooWXJj0Vpnb~!Fw9v$SAH^
z<eVM}hOZ*=gcwB*x@#JKzp~ltE<(`iX&ONnL(|okuZ-$Y^)h`i*k>@B-WHANKq&Fu
zQQh@X6D}h#G^V3~8NMqT_v7;r4cLNpAT*eTEO-=7H+T-==<aCTo1@Z=Q57hp`rPiz
zphdtGP$pl`c15+v0)-GyvyqBGl5om5qjATAZd;?-P{@VF2ObgCzVmd<x7-d`ozc^(
zo*@(9`xqR={oU-qVgl&5fh>IYTiLc~%Hn7&g*=h?16IbJ7mYbQDq(8h#3OT%HUS^j
zLe9@YFtirPvk-p?5HHOK?AIbo*WQ9S<2Yno_f{7{Tj9l42h#VRp^cf_K*9{uXBeVS
zlQlpPy}()nfafXA8lJbnFq#?Fm(?X35vYL9RZm2%(fH!tz-9+gVF4<v4I#yn`u52n
zxobBgu{|-`4S5AD3lO2V3+fJp8^?n-PDNNB%0XR+!L$v;jD9(ymt#Q&7xnZ-pq)r9
z1Ee-0+u96uq>kzU<KRMT6e0guP;)`#>cbEwY9SJG>V3WV5JVAy9@%MpzE=GRG+!!o
zsTYy^)%=rNnAP8CkBSGWDnwUS5*iNeAf(i{6<U$A#Q>B%e;-`~yCSUY4M|o42bl_L
zTc#yH?PCbCl=g?&_GF<YKU>|q0R;36QWfXt+UQ@3MHbYp6*LprAD3)~npCe~%=+UY
z`HJfM-2m7!nxAi?OduwkA@Xl9yDgejeAa5Vkqwa@qOJN<?2txvN(qy@3Z@6-<qKu}
z4Wpw!nhEJphCv%M6zT~{#U_g)((bS`5CiMlM&<$}Z!PKk-PN5ZcSKDK@w=NV2t3;W
z`gdgG0Ph!6M<2`!PNU|@V!g*u>9e5HJ<9K661_Pq_Ug7Rxj8!8NzYFIw5I4+!Sglc
z+-#g6P1Yq6Hi$T$nHvJpw5b=77X*6GL#U4g$gJExSs1@~@UG3dx8OYhBG&~A7V%Mf
zprH219qB(|iY9KDr8&aI__}f>2rSIxHgoR_i15{x55h3L9RH&gnR_=OqXtjomJQ(H
zN_AHO#vCTtMKeIT0T~$IU(f2ZkJKmT0x@)Z1>&9*OMP@bC4(B(Wgw=eh0y}gW>Z_V
zci{#wLLCT}3I_{^;a`$o9|Zx|_QRinMp_R;;@K@I9GpUu8#V(#^3)a@9!q^1LSn*Y
zc)F%<C!T%=PcQf)Yo4p&rj(G)cpl~e;_Mg=ApUWMm|i!nC(;<Beu(%aE$bWW>2p)m
zS1Shi_uaD0b}W+;DOlz=Dqus?GXHx$VX0A_<1LfF1PQX9DoN-zK6PsaMPkRRI~gov
z)L;eM6nF@H_5x%Kv@x0J_;uBmUit&?O+=EUf@PMvRUn{#0EjdLmZd&*<+?5|G<mGp
zVY2#<?3O^e4(pP;^qjeSE0h+a_P14C@LU?zC2NG%o~-J??@8*SH6)myg+3*B3dXE;
zr;0o6Prb@;za$c$>EUYnl5?vrUjy-fQBN;BP!B=q?iMXjkDj~(56x6RLB{u4=!r~W
zC_jhL{&N@^<Y}!XN2^i2w2AzJebkrWxzO+X*LGpFZ5h;A;GyJb#d`I7f4HBGIvmsj
zyi=+}`9T(BUr@I|bwcKm3rL2{rO|eF1<kUOuHX>4f?(RGskTK1;vhc;l3Fsd8g4jK
z3xxY2JZj2EMA6fP81)OI;;yqQE<YE~PoJytTdfgzL47O7^y%hX&CRh8Qzj8kH{NS*
zyo|3P*HmWlp2w;_KL(Df9pDu6+{f7@X#nI~VdNH%690S;40XAAWH8b*xTBEGO(ZLb
zZr^5Z|H9n9&fK1d+mD#r_hm@2Ase@#BdYugGBdEcptkPG=61_M)Z7g35mmt`Ryv$D
z!+p@uW1~6hv2`RgNJ*=4sAyIjwt+r7+u-ZMYKhc^cx|$JGSeQ7`!4kP4lpXr!vk?=
zH@Jb->dKyhX#9(yuQA0T+=Gbu*TP-+3G<JC%_#f`WK<r2YC)BA;ejXcYb8X;<XbK$
zO#VQeyKiSZ3h?IO!OWvMKSX6wUw~~5sqk=SfF8V}X9qLpqlj$SLX<^kX;eR7#gUC$
z7}2+PLqR}4Me5eFF%Jn)^E93xWYb4oRjGkYY@C^|Z+cOWM!*i0S&I<HI55t4lr4pa
z3q~oZPoUVO=?H$}+^E-*FtN?Y*9_sAv?xY?KEB##zWQkpM^jmS5mAQ8u#ZlGNSq0h
zJr%_&^P?H+Jmh*Ps_<2$o)$o!KfD3g)kB*h)sKWYL49GSKi`7N^g;OI^C6M9!QP>P
z9?f*{Ko39|%#Y@(&*_1#2lD-aAdQY}k%54SGZ3R<m+~<bnb2?-AXWn$oDLU~iy~gi
zxA5m~Mx9;wxuKo@oSt_P2Jsm^{a8T<eHZ_>fE-n29}l#(j1|wvioZfe(viFvL<C?q
z3RtLWkiaq+tOl_Zvzj3dmiE{@<6x1299Y^IzTQAZm_0H-p69N@hbmwQ9izd=eOJS0
z8(u?w98tq)z%Vot0)uEoqjoz(>zQ011LN<BR3PgN5DQ2W^(eWn*9&~C;Wg0Y>w|e8
zA}IG~P!dF-2me4{64eb$io$T`X9w_5wc4=-aa@q*04z73(TJkR&LleDMQptG<q-6s
zItywaFxwH3@AP>XMLxg5`cdOyyq61zNHE?m%x=?oYfs1$BIavQ@JTY|dD1hN#a1hH
zJb=|Adi;-CEv;|}+Ut86M01J$VnU2dy40ywcp17hkQJc|T*Jv<*FuX%&>o3*StV+Z
zL~}ZvCRW)G)PEb!D{P$KW`OJ8BBmhArwMU6;Xb`QLndkV(F)3m*`1ytW8|6*Ee->V
zN5B99hDx))m+2BGi<HkJduf$NX#pso^Lt=aO;&x-d3#(I)%}np{;jA>2N3Sc=FX#s
zP?iq10PeqpFqGyC%m5D(yl|nQK91<3a0vw!>(td*z5x!RT0f#1GiUjIHbxSLkrBUH
zCaf@*VKP^sba+DXSQzpRP{zQ^uTbs?(T{Kg0$}w&A`4&r5OJjjg$a<xeJtO>8klM(
zY1~^+fU!|JmoRb-v?>Le?#d1pPf_cNEmDa`u(*654T~#bbit)4tK+%Ig(M|3{IywF
zGwQUS-sm9p=L}3Js6rx#sOhX|s=5tVN`>4khzejFMa?w-2T>!9lFl)zHw!xWAwoXW
z3+g5i6FDp&!b)C%ik?r=)&I!mW@ht?z<>8ZGLz8QmM5h*LH%w$FoN*a1ej+F3!mY8
z7r}R-drz+Ki<%LBx(5`-GlVaH9~Ht9t|=9O??%(lL1h@KS>dPAXCFjB80%4!;WlD5
z!q#6xnA@N-L=aYZ5a0SH@=O}10KlK1q2a(Hj97gj7Wy7i%%FSz>}2&4fYF4iZ9^yV
z!HvvF9ek=fn4*nEXi0)33@i;wd;<M-pvNp~8(Y=wTeb`2+7TrJ_5Ey1my|ydF6-W;
zaXFvJ`j<>~o<SwFTEUe|(CMck^9BK3P(R6GAva3-@ZE^m5-ffL91(2D4inhW^hvr?
z5De`Kpr{4--Hg}?%#zJqn*%0zDG$ka+Q}VeWQbjiOhb@Bfk`tgz~d4I2qQa>NQu~Y
z8`Ho&@Ozo-2G^ltkGRemWTM+)|3zaSkH#NF(O;CLzMO$s_X(8!n<-eerq^Yd5@_)S
zNu9c%qFMh5`wyo0y*aKajMP<yHn1~;?coj35||=%KsZIQxc+lJd7NMus#;2&C?b2u
z>WS{)iAHs|MdLpLvALblazhUo5h_#Yt5CU41Q^-us}D%p?BrS_HnKLFb|B35x3W?G
z<p_QSB`V=q7WzEH{T0X%ov2K6tWh$3BK)1>J{(Q`Hy)@j=65F@)OfBkPxJiPo73k>
zX_C(ZQGo0-S#bLQk2%%+Ow98(<4yI~l1qDdzO4Ruk_6nZ!2A#|L*JJ3ohu0i2kNCk
zJxKK9*)n=})cM^-7_MkPMWaP^;j(DXefhm0fSyGF8!1<{1Bvu;>cx{Gt|lX%O;3PG
zo<Lw7ByxE+*Otxit#(5|N&UP`k-AER2v6_M9g?MbJ8J*Jrypt6pEi-WT6Nb+<b>Op
z+jHR)t#G_C{GHH&?448aaM5S91Nl=p&y?I(N3~&{HEPe?qAdKW)!^J4dfHtvz$xa1
zTc8i4a<h~G&`^Em&R^kP?hWXXfcQ!l1%3p#pK;KV>jj7;>JHMA|2&47UhW<y#?rs5
z5gQJ%NZ1RVUT{52s(14sWzSo5hUI5D9V+1}R5OjKS%k|`rF?fjcX&3x4@BDUPtMJT
zO#33DNri%%-Fpi?pzh4W^_r&sh#2<1P(lYnk39yB%yG8gpnFVTWwm^02U^F9YTM=^
zL?66HDUiUG)F_4gFB+xr4n1||8n~bX$R>g14*)OlBc?|RNT41m2+yZ82r{URh%(H*
zfkojNh*sr;R;g(2m3-&);11NvUZ!Enwrp*SDwp9$KW2^S$JbDQJ{^(R#sZ|~k2duY
z7+`RqIc#58A`j&t2e%<VF_Gr+(>!!G<l@O_11YHHK4i-Z>Z25Pm`pTwb|VbX=TGRP
z`bHQYd!W6FT7>dkboo||`oDnWAQQ{#x)S6QESj|)3enuc5v1Xsg@(g-UO^uO(a|TX
zsVEmb@(S8d=)zXCauw)_zjSud^{t4kO{ElD8~yqdg?gt_!i^q=dMKmRUR?sd%c{qb
zrzyZbI0K=29_o*{Nf$niT>n;j`-LqqnP5{OpDN!%rAh%{|63Pa1B%OD16nGer2Ikj
zr)0s%S0Knw8tvmq?@%k)DVw)Pjp$BS8#<!K@8RF|?O^^ARY0ukP><xG0O^BUyJ@%*
zQV%kLk9QXV<CnKUEPj%baDU-S4NU*ks@`0)aDCm|HS}PpMf1wdP(nrZ$4aOzHI3rU
zs3~4Uh1ZL5qd{F*)q*5YN=pGf34yZ)0!W^%Re!Fe&Vyk)4CIZ++#3z*a*V!{EeH76
zgZfpLB@hA6nU#DSD=C%F!9;S48ce=m(II-B(i+mhA`5T5)m+!T8__(qxOF%nsNLHc
z49{U{qk}=7u2nzZ1wfcD5b$;x6nNPHWBNPva)<3RA=X)Kp1KkJb<8?DDyU!T^7XK8
z2C2vM>*x+bez0&H@zBkXJm8RTz^W#~_(>(RjJmOlIp&8j^}sQ=<%Dd$TY{t}9)Y4G
z;=FndbJDjVJ;4e$A-GLr{17GK#0od9MaYR*;rHl~BUZRzgRsKykek?PR^Sg^x&fJ2
z8vFLr_S{q>C2l)Z1LR&b=kij2UZAB8t?y9vSfIKKAyTaI+D(HjC#Vq)V|)_c*D!LT
z3umA~PGHqo&!?2I_Fo_aXg!}=R~(GS96?X~5k(8c{M@kzL8DjvH?!hv^ok$UE52fv
zSNt2S7>#)7gu|4HySrrFq!^!jr(XAOx!L<Glp9l@-PA#P;d#`bsIxb5RQm;VJdexm
z-V}|c9^t}$(b#3tI8@5PQyNz&UXMR0%uzhY{BarnK)l*qD!h31WrrctejM9%7sF>W
z_8|(0>Y^i%4qOFY^e0u{r)mbTj;b#|8y>>R&{1ciu54WKEf|i%IP{@`LUHYN_t9va
z&VTk~l>H$Snup;MRo{xnljYG~f8_7H2r4q)p@KQ6moKjxp#1aL%iwE8dleh`xu@N8
z^pyJgs{W|zglMm;`0k^zyWhcG;O#CroYW$HOCI@g^_8COoIxP2Y11J6Qw`u<R;O>K
z_Ot>XdZ0@L@U=C?mf}Ihb8xXr{i+j+p9XY|2W+{c@c_jMOl1$kv?zf1snvj}PPZB`
z;c=@0awV1Oi`BL<_G5?ZDVzz*5>t3_Q+x`y=_%x9H}EXJ--&vyH)0mwa<e$)2tA9d
zWEKx5X7Nimi`?!qkuSYb6S?0_<hCRAME)WZ`Q#>09U<hxwIo$a>Z$7Dz<msdM?2At
z4QdLySQsDFOT!TNx>)F4>S7_}P!|jRrY;s@aqeQF3$}{|wu$;g9rv(M>kUZd@_*42
zJFOm1mesd<ihU>}BQ2>=<Ow?fVFYX<uoC?H0zyHYh5cMTTZ+Fsahu#dE4xD%SPY=R
zqM#O2y_2d!InYO;tDC!+h<}R;im?#0e_l^%Yh<55w5`N9b18NqMIA)PT!F#&z$^<}
zbWsOaU~o|fm!4cy0c+t2q&8rTfOG2s&HbS8?pqC6o`oC#mD=|FY>@VOt6;s(QZ0k=
znho50eElHZf^{2~bLd-?pL`(_A^SUU*cf$QVJMool|OVdK13dV8}>_3Kh5E*Zvvco
z%LMh;IzX?9O6d5}n^yNi=26o#VDb$}-x_@2sSN{cvi<>Kg&OetXAl#66LM%fPUf7t
zx^WCFCaRbD{d#Ty9HY)frdwa=GvygvMNBf~ITVDs*Gp=9-4G9dX(uPz)z@mEDW5uV
zfXs%1x|mG!-*ygiIY)KJtw2JDdaQGMel}tiTCE@_tS&BWQ`hyNQHz?SfT+)`-l1W&
z#gx8aDWBU2R9u5t2O6i~8=z!^0RJZnKhRZ73s+ICIU6uJJzH!?eGrUe&UMZL0X|}!
zsCzj_H&fiJ1-P^5{f0E57)s^4NKv)t_k-Riw_^bS+@IeMzFJ42zn_w1`1%lC0wTT)
z9|jjtirpX8-+~JdqfU5lbp>|e*dG*m5w^C#nV|*sLG(vMZhcPWD3`xKDCo1Bd#{K}
z=V0K|a#VH8kKF-Yl;?){Ar$oB85-aSsxe(a)k7C3sEVgIZNmcq)qaS;v~{TciqlnF
zaY*ggrP})VzXNK&4%J5grHMl6B73laWaoA`${6r>o3yib0Kw)18Uo)!VfLF)tiEMB
z44xjUXPQjNd$6fBnz|Sq&{}wV{>^Y+&ss@DGG6V_q1R7V4&@KP@_%!@WEnr-1UmTK
z@#wncmr*2v8wW(YBdCb7sYo5ajs3VQL5&B%+4}<-=3jxI0UrB#26d0>xHe$^n<WXG
ze}`^U82A7p?fp8yBC~}^zf^WrUI);!Q0)%AN#V$-l$+Z?g@vUfnVzpKw+7^l!62k=
z&!PIbMcs;;D*Opk6EA;mOAG3bx*&Qain~A2$cF?%=maj`l~?L~BNz5B9D<+cR<r{j
z<56DHMoI8#>TIePKbPgvt4gX?UPN6E9%@v7L&UbBcx6GI)ItwnI~3Hh?2kqL6?H5m
z4L(lQDl<{g@@4Si{wP`=Itc(kktq;9O)AKLFX^Kx>KmwXrgw%=*s?zu{8SXoRDFsT
zO<~!msj`>KRrZGhSF=eV1Mpzv7juKfgYk_fSRKVy$0Z;8u%?9V;1YQ47iWv$uTvqA
zxgq$waK~ue3paKZ(7a1|CeYTdUZp}dsyb>=|AiP;28EQxKST`|<FAGESE)EBiVlPr
z=;=^9z|deyWb?DR_hs=8aE!VtR4PNhJOi$qOqHWlBlH3sP$Ux$2p$5!{tJ2QQ1H$I
zsBfVXp^u{gA*22ZTETN$vjb+KAhH*r+71E+?uGoMM8NwIa$n3#KMo!>PvccYC-m~A
zR_MZw7?Xek2}J&afa=E?L>XU&K+(?%{>-!ZB*+7|)NPRgt&B3t9boQ5)Pgxy{U=&L
zs?-s!u~m|A{2a}Qgd^+Lv$7O&Zi2X_!u4wP>Uuci#lvx}UcCxNriRp8Hx3!GieEEZ
z@L;6+P&q6bwjZE7inb_0tt7Oos8z0&M9M_hN`gHR4#PcBt0+-a+YyOFVWaxh`d*^<
zt1G|><XyiQ^^t;LF>z^i`^SNY0Zd~CO1j}Ajiq4<#cm=1)WqhxeAIGK9*lX<ziEQ~
zlGqiWN2&=jj(Q6edTQBuRO`31hP-k$ZS`>D<}OjDy>VSyt)4<r1L^nAua>g2VRR|!
z*0?SuWw--ZF+^1QG>e@3MW>e3m$Xj39}^L+4Dm>!DpjS5#=f+ZOoD24cMU|D`fLx%
z7zaejUAk(ARNWqg_1FC$z5ZXaTDuGH)T&!6DQ(o7hl%uquH4?RnU5q$lnSR5D*L(U
z9B=lSH*c!f6}Xpm(jEX+>M_)AgU{|fkqGOX_4Fdj(IGsBqPdiCm8ih4H*#pCD{6QE
zpOi=l1=DGBg>L+dzyLN^po;Jra=8JQd2a>xL<35A=ne0d_op65-P{Rh0vVcmXvfO`
zkccU5?X~)&dhK^0-o-s1r&dolF~7v_NI(k(2TkM;oI#O4kjac9GNvCzRWla%B#P1~
zPj*JB&kz1l_ftFFe+n@>x_`R8?>0=L0b!!-50U%sc9OR*Arp?)76_NO^+`Oi*Ih=I
ztOZZ>!qb+&+EJ#;dm&P#*>lEPc@awk{g+V%PASGn-L)mxqT9nJ<H1E|>oD^<lR+)i
z?N8itRR=u($)KJGCzvv&{A@gZgL(RHGwiRSf@fpcFKn^9rtOOdKX#M`?Wc<<m?uqe
z&jtv-eSyvU$^hL@sNxX3RNfA5h3KI!fG5`Xf}0WD+&9`2C07W&k>o^JA!;~IZfI@S
z%3<K|VaKk0@xT+MA?!`ETL)MMMEAMw4oE9R3GPNd4h=dwf_ifm44}2qZfZjxk9uu)
zm!3>(G+`0sEmfJ_hj;}!>3c_wiy){<TnRY1hAilttBOOzy?z|OURNkKN8{|PyMf^3
z)hFoHg1QhJZXx9J=c+zX`*O&weq5LWNmbQ>gkeVn6KP7}9Q=tSCD=z@irY<UdlgL#
zopp9%=x$nrXs(O})$l1ihY&Ho()+r;QiqT8^urGbRPhnP(Zvc-B^+rOcR-ofU@=!A
z8_z)RLpf=QqRsmP*!?9KBHWVp>F!(yHe`Zj#RcP^*0+Tj{)X*&$SR<YG>YAyNtNKA
zqn0z)I}c`u(CxN+^$0`K1Q0_(<@kMBd{Vxh7@VG>kU6C0#YIG_Dlt=3Sc7UFT1PDg
zxPFO3N#f1LgA0RrE`x}4zhrL@22HPCrfK>ohWKBqL#*v!b^0nO!m%GG6LbeUAt1%Y
z%qgf=_CLuVJ(#k>4`*`oKo?i^FjxQ$=a3GGL)u3I1*nX9q@-|%^+;KDl2yEG9_a!S
z%imRCbkbN~fZoF-$0LCv9_f!Wp-1`w&y|XKr14v1PkJ6HtzG@Ht3R3{KI!wkW73WA
zO=gi#IvA?aRy;mMU5HJwXj;!<m!4g8N?DPbK~SQxfOY9LW%#Ewkq5fP^v8uX|FoTS
zq;_v<Bq>ZI|CFZn@+K(WFQ9^8C;U^1aZt_j!NA?4U1H?TgN#EKgNB1x`E3T4(N-3@
z|5=%Pca|UhX;<#UT<Sr2M%pmsPJ}s-f&%SMBL*U~t#q`Y0~<9W(GFXUJYsr^tTjk*
zl%tQ?fze<rtr{Y$o!wjNeDvMhf!sKX>N0U3uZjC=#Qdwu3(*^fmRca_M_IHhOt_7u
zCc@MdL4E|Kqz6Me?0~N@S<S-j2MX#sG~+^H-<a))nlGS$W8D#K{M`$UM*#R5TwRjq
z6L;t_2n1$~u`~wXZj!QwM<RE7g4&}sn)L+TzAW+X1T`5qi+fTOXX<6qgx}F)?@pQK
zp7_KS{0Z#vl3c~UbQ_7Ojy^8_CB>n&4V8-=s?I}M>cLq1k2|>|QGE>s?)3ZT_)YXq
zh41wH@r@){z5_Sy>K+y`zeG}35tJ#0Jbi_R@-WF&^*CxxFF|=2mBrt(nan6%5<hAU
zJCrJF*lB?Xvy75peG92_GnKQ@_A#lfs&a2ff~<&Mu7}t4MtdN02Ga|sdExkDqK0GK
zRb)UL+7K%_E*f)gC+?8=G;a*-%&lALE%(lleTQ%O!|fRUmi`jd^sT4ZN%ZlwN4bT`
zc2KD21{8&lI|1~KYAaGqw?ZR~gLx2*Kb_`q`#LU<`#L21_>+OnN-+L60T_Ohl7aUi
zo&ZY@VSi|=R`vYa?fJLR-7ge#Z>8WPhRZ;&3=*wTU2w4tWp+DwX!L}<g<=^GqQ9wH
zjm^E8xV=$5NUbnmg-46oU}HMyyg8=ByN?^EM(FTvHGRNjTzVbeqVo7_e*+&+{&@ba
z2)}$04KVcJQz#yK8~muRt?S6`H5Q?wVmDe{kEX4MIwJgkW=piFBbw0>MUX7h+cE38
z>gFOK@yc4xCDFR*>UiX$+2ns=?GS#PRcbA~4N_>5dX$o-=;P`m$h=a9iVpg{2S_w0
zn#GY+qIT~c7<j(=>juOReuwsVsLzYYE_h<?Ah*Bv!^0+1Rd;iv*Lz6&M&$9kUT?d5
zK`X|asV?8#E71z#fz_Rw9e)KL;N2ppkoi?O2P4#~K?Q9M<n`l4IOKP2qBtAfxCwjX
z>gyTxyET*!fbH{m5y~F?*Py<>k>>s`b$8T{rhyu@4G1TRb7o-&2n(?1@t!FnbV@52
zP`RVCbWQ!&rrdi#J4f>6YiS4Gw@`t^{hM-cqmirCbsM)!Hwg)oN4iplNlUD^W>+gU
z0OOq&Bs7iH-Fg~cn-Oi8kltpr8)9o66m=P=js!GpqY+@ItBelfMAQg7H>4FrQKu0s
zP;B6E`KkZYI*s~>dWP>b>W_9q?<bexkm8k|4G0e1ZZs5j8}$i&yqzTcI*k}q(L#sS
zl~p5byte}}2Y`jCylbL*3MFa9!isg^QW&X+P+#J7-251~JHZ2Oq@o)V6&H53BE<6!
z$W0jOhd_@nm74x%Vagr?BK{P*(;DHVpvSeQAf<vY!GJsj>~cE#{%i0uOUpk&e6-<m
z0aeEsiH80o=zJQ4#S3U1Ays-Ik_4EE`V<_zcYvL$AOSwmj)}v4dNvC^cOItt4r0j#
zvZKY<q3+&+WXg}xCq@H43ZZle`pYiG{&4hrJ3LPs==1CF@&|fx55d3BQe9h>+M^#k
z7mynTo19k<`|M*ohy;1{t-G@N0a^X^{Lwdd^|baDbo?B~V}BhRs>y=kt{%geeuFiJ
zYZl<inh72tvQx6irAKPRcF24rOQ>!X+fWdeswfPI*bG9~4cI-7ik%MP`*&lTPP+Z4
zEgbeo7K20ZFafFxM??*OBZYQD57(rk=m;_xz*R7PFe&V47}40ftBW^6vt0|bMzAK7
z6I;X~m`sb{>HQQ?0meaB1^83g6;a{nhibJaX81gU-;6!r>?t^%P{0?%BBrIhrHyBL
zC?bD%Mpc4^+fhSt2xjsv-Y}O-Wee)f1gcu~j=`w731w7h5&(1$<W%*c(D%?Z2M8fu
z3pmrf9>6}TjZ34kZ$+>I{y4YqZlH4hKW4TS)Gq+EMs*!#0V*aBls;LBIAI@?GlG{q
zh08aHFA*Q~U;IJ2vg2@^kD>N$Rfluzn9MmWyblFl%%A&$9S&~+C;^<A_!Mt|P*kfC
zC{mL;0R1uTEJ3enV3LT`lPln4pbHQ|s4YmEKAr8SKf3aV(g?dD0rZg$cpB;>{rE4H
zf{*XZzY`q&0&-M`Vqtwf#T|TsD!!;~^8!SY4#9}MJp<SS;9L+?$@@SH7!{t)Cvt#f
z5h0QHAQ{Pcol5%&umCEm@1cQ%hFFG}`2|QV9vZzF3O1u_c<<oJO;>~KaQh~NxlmC;
zGk_rgXM(11WfpUKJJxz*&$hj>zX*Iu{w8|!ujk(_*mnZYPX>=ii2d#$0x9l?i?s?#
z5)umM<aQVyDj+<MTQHozivsfMbE47_xYeMJ!=6G?a_l6G>~V1|1(&Yf!f?T|01%qh
zS93!wUSCDJ6>M=1!Wum4eRQJ0l?C-hq1|Ut+dEES2YSru5<D^P$f&k>JXJM7mTJL+
zJTXl&kh<hO4eEN3SL?RnP1HiJV5(D>g7b{*q($BdCx@2sV~okX#NfCc*$`e>uUi<g
z9Enbz^7}gs91wm796kcOxCcvpDvN~q{n4a<WBcYhBmyX2b1W#4vKUnqfO<YFTdee<
zvabq8&+oC=x^qCc5FEh7AG2Kxw?<XxVA!q9tsfntPazS9&>z*%h`9O4Ag(rI{{&<l
zQ4cgp^<w{$#=^lo?JsQsu|h5YZd9yJ-)U6yL==7*pK1C911&^Wqk0I_rBz?Ch2;tX
z4)fiLjZJ1M?8%GxF`1!o%RzP$T_?Pi;7U`t{~1UQ-27~ATmD@jxbwGw<3EJ9X!yGG
zVJdxKfV9S*nD2W?B&ue}C1g0JsAdj(H^7Ukx*jR1nP6$!P76<sM_dS<Ht)mgKS~`p
zGwAV;wm=(C!M>W+-z3^Ogx~%F5>)i|19-WUB0MB|5R|_WeLPTqccbJK5G{S;dfeX#
zWZZ~89tg)@&{iJT^$;;4r1cmYRZz!}e>deOzXFS&EP!95?hzFaSio}tGxaN9mL;#|
zQIuz5omlWMA$P~$1%84H(X*XU_%N<C{ty!?sQw;QapFr)Abt@QXR&R1HVj$#Qpjl+
z+j5QM@g7D->Q-%pOhn49d>ViQxd7PB#B~1;4j}^Ab-UT6ygwA&sKW|scgoQ|3!kEl
zOn^Ebt5TCuz^;yw+{W1m4IT#Yolo8L4<YbS!~*u{1!DAwn5a5Jl>a&C@jDFBi4LT?
z-ib8y8o<8`FB}(DZN=6mXqMqQ5I8y@+f^Cv7}gI#S~yst{1qF_m}kIAXHl}OpuUf$
z<I>*8ZjI`3a+2B|6rxUQBQaQ{g3{<6QEp={4-k-f{0R*JDF&x1^E+Xuh<z+o8&6iX
z;5W75V|x~E!`J=2$H62{^!MV?>FSylFq&fB?+6~W*x&(b4napd+fNU<pVm*05s?jh
zUGa!)^a0@J!7&_5ziK5r2BaN!qA%HRsfR}-<51-|_yZ$}p-T<#nNJCbCt^$C%h-4N
zQzeywQPmQx8}hMu^IfVTOW%C=4Jup8&n40>aov(_v%g2rP9fABm1Vo}Z|nK-=DIY$
zkJk)g!d0qw4eer%1tv?}Xz)sP@!Agf$77N8kcFibykVe>?5oRf{911%@!iUf<Q=o;
zRNrX<m1glVv{<Z^($cSB8(dxvoosWPc@lLnNO2>x^dQ_^QdUpr!PAd-5$C8Ykhf~4
z9c;#<+5tBG(<n!;g`UBd%TOFueW=sGgAg<4<H4eu1vcA;eb#il69mzX=-;j-@%5uh
z80K@>#v~p4bT?<C)g02|=x9U&39YPLCqo@UXt4Qrp3GIKHK9BsnDt@geCXLf{D17d
z34B)7wfCPq`#BF8NeCbyT2aK=fQoZ$?c6uo)@yIQQQJ#Fc@UX1Fb^7_DvAcRPDl{N
zIa1U*G|m$SM?@PG2T<cwtI{~5Uf=I;?Q@<XghB27-}n8z|9<+BJm>7a&)#dVz4n?H
z0|D9FYRjYVwCOu3>$Y?v#qN2_EpWq(DtAhfc3T_tJa)UB>;owE#iFi*fe73U9KK@L
zif@QpSPSp=cp*d~oTU$u59ecS!<nW@+TC5pk=|s9fqS{2iR%a8m@#C2u3t=tY5Gy6
zWOxmBQ={KR&{#5aV!A(Wn341o6Cf4>2r!c4*_s3GykVBIva=-%K~CZ1<&)snw6SgJ
zl;0&_K*PKcSKcoWO?Ufa(pXnpMV=CO6T7*Y9oH9Adk&w5-dKBXHf-Bt0Z2~aT8c=w
zHp~NLQvi7<h}}Jff4QJugI@$fb%hThxwJbEC4UGm?z2v|)qljp%YRJp%G$`z;N?G1
zAJO(doSk)Qz%TM@>#BToddEa75rvniaH+$j=_+Vmu#(nQ<RJIdTs1(v7suRbJdqOk
z`WX#ege_Q><?7-thL_o0Ur>q^<wUuNn_YLw^Anp4dHzVCgZlZLDw5e+(j7{5s}f|P
zj@RdhI)y2q*OKWna%Ozo4{|-H;C+4kZTt8o(Z{8X?)>9grvLc+<|h_@TphOXab==_
zCA%)b1cLEwU{H2%5Znz0OhsJ%QP8bA2&7vd30w2_R8yBM3>qP|W`6%6x9$mc7dBGb
zL0@?nZyES#x4c^ezYE;gW2t}y<LLIG@00YC_Rbv(XO_2%b)0Yd@*^<s_>Na}(>;aJ
zW^B`f;82IHURUi#JaXjod<M?@!4HIT8>ezYHo2Md%KX)|GiT+Bb3+WN$E@<b@OJvD
z;D6?J+F7^L>~v~)<~RPlEDUap9|b3HIkm?`0M05*T3-93v^k&G`dEcC$ba!aaJ6#%
z!$qWTR)y1!ZwM#<0*;q`L*QP6^5=hGenh<j+_f$>L*{qnf-K<X(x$+@IKcz=vApn7
zH63cyGTSb+sVeuI<u&3S{YI+Xob$s8XHTQTC`&q9Q{%TvuY{1mWxO@hl%R1%G!13E
z*^T0%sEc<a52PuLC8eaa#(5b1EZuKfY23&e#SJto-S1Jf`VS)so22`#;S}RF+rw*M
zMKv~`?$;PnOZQvpOV((zt1bv(mN8j$+Y}DSm?j}_+c3>7WF_9>G&2>%qIgQ`lbUN-
zUFT?~y5Yibs)U~h1y9%+Ulktb6esG-Jct+Fw9JFC$tv@3bg(!2*^m|8nD671ROVre
zu@~0s@tMBNgFyGEtn;DRb6h(SbPs_;wArn|v-SVm!<^ShB@ZfTG;}05@^fBwQ8?js
zP;>m8-~E5a&-qO<T;S(?+01gspWe?|%Hm8vXF;gnB_V{q@(_CR{}~9)@t)vc;t9^5
z9zxG|fY2|2(D+M32ytl%#|wyA_1V67*$};qBF9s8T7JdbE26hJDgQdyvA|7fjQ=Xw
z>0;b8($#a+a6`w2|4^Webl0%Vd=sTNc{8#O*128ts`BdA_|Tras%5=aY!BLwRE3&<
zm5}@^xs@Dd7o~!GZaFbVj{e?Mj^BJ?mCcqg?pUojRre#a*h*&a4ke7E_NmeyQQPs9
zlpRM|f|0f9`XimZ8+h`hq1DMvdXF5}$)kZ*&LQ<8RgF0HBpN?mYI$JoDb>S=o=h==
zlZK8?wTmWAP3Ey%DG417>Bq?#c+$}75#t6{4<9j-V!%_ZEVM6i;cJ(aj~ut}LCO6N
zK6(HBhYcIL-+_Y$?Ux)#z3P+p9aO%5`F?{B-gFL~mP^U3e-llCRSnq;^ao}Zf7!Hs
z1O<vWs4z)t4k-u@>~s>D)p0r*blljJ($!zm?=v78Jsdf1;IO)6a(MOdlT+W0-bF>V
z2eL(@($#p<Q=8aX)$Ywy{n<>Fna$R)>Ad8Ps+kPjd}*Fes`^BW8CNqfdGdEh5<@Fh
z8V7a8)=eHVdgQ3#{?CCbc%On{3XikP{6w?yg>r@sJ!urxQ%>@w(rc!S88&Y8$f@a_
zOAP`-f4iwy*VWXXwC~Bo$56m#^l&hJzw-SL$Qfvl2OfCPA%l`b_d6sxeCW_a4o)7B
zOb!}6=%51*88m1p#gq;_=%fQq9z1ODFs;wmc~8wpXW%;z;;V#w=W$XX-vVqmY18SU
z+Q#Zd5j3{&J*Zc>mjg$P95Z_4x7)mN!%n4;JDYaE{^f%V@kB5O4j-NT7mfEX8U~s>
zl%w@skxJLvw<6-cQq;ctmmgR@=(|tj8)8A~Oc-hMwUEC1Bq-VQ?O>tuNBcvXbk_IZ
z&!f$^8_5t?qa2cfeE*uEQpYiUm7Fwg^k|S>#jgeqtF0bB{M&tL47H}F4jDIj<jDfS
z!R7mfY(R1}Wvo)4&Dyin(=DCn6s1nJPK}XWlP(&h(=u+E52J?MOLm=f_AYe+kFOqg
z((szjuHa4JHjtuWn@%#MwH-;9n5=<g#*gWQ)AGk){J3hXcC~NK$T25p6@jw{TPOmz
z^`6YMCWEc;#n|e`PJ(IEuB8?cK`NYV%}G@A8VyULdQ}AYr2e*=akVf9wL|ras%Bwr
zEdEM0@)fiw;#D*9Br7sTO|KCr*;rKI8g8Y_s0tSLRDCcovUUixDI7Da&|KJzLRr<r
z$5#)b^4EB-^x-F~txCn!W%f+X0U>GFxXHd1e}{vxl$u(44;e>MKdN+13fGrW94$GN
zsTjYkcT^9{s>mkz=s80UtsOUJr2U{+TsVHZrWtkEfUifpPPv$YVV9DOdS9x)mMV!B
zvhGpkJSwlHW|b~Jr|M|g^~0D#vaZ$_ouhu(INJc$ovH-~AUhU~W0dNllZL=*hHFbz
zAfwP&W}!byjrl@<;6dsuR2@tG&4-4K8)wD+*mSUJq}5d8n_`y**HQWe!dmrkcFs?e
zU!tayC~N0SsPzd)9Fl6Xy&oX#n^|-Y&N{1O2*AFos}|PY+W`=d8Lz&~DQSqqJWsA3
zI?@W!(KIzto=20QS2$MsFVG=Vq8f5?t*@^~x2)%*hFgs}_N=qV9a~4E(7Za@fy~m2
z)W=Jge%mpuxtCF55d;`FB$_s>88(i(e}>wiDQs<6j4^!-zGsiay*7S6{Cm8I2w=*n
z1Gp2dPZ~GgpCwQ)v&5mw8jc)emF!qmST2y^H^Is96-!A~FBCHQQic75k|$MrT-}*H
zija2Pq_B$LE?TuOdI;)Sb-!>wYp5kTdWa!xxK7BAAApvllQq8RUVq`(F!kZ7cq#Bk
zzjPY>k=vDJjvs!~kl~YShmSQR0hG~4SzOp`K*mwpjV>JWaNyljZT3k0wWmH-Q#abG
z0q(`tMAC@9&3;>{L;bzCj%rl*kFTYF?88TDhVQRN`{v}F0%Y|kTV$soLIYMce%we@
z4tmLfN}U}3HZDWYnLBf>8FKPyLl>^=A>&W+r5wxY!mXxCl2)&h-&v(8*&=vi4Z<5}
zXpK>E{p~ply%{Ln@Rcn2bG!%ZAShJrNTUe*rOsjcL;{m6>c77Ssb@D;$aG+|_yY{9
zGHw;RM(+muV+%>PE9Afw{HcSQu|o_I?$yEIE#)|eOgd$xFEh#dMh~58r<QjjM_SP#
z`esN)_#3<!Idtrh)QRDdP{|W5ewZ>R>=)I@R2$?%^d*MW`~<|dh5X6k44eCkrPP5m
zI;8{Q!3WGv9#=;#%prW-A3?3IV>8CeK5{HPUECFL*9_-Y8$Nc(xUoY{t{!I}G4!VN
z=aA~UvD6P8F+>PZlZgQlO##o-1xWdkQN@#A>0+x)o6W4P9yfYObh&cK!<Fc;=zJxs
z$Bi-c8!~oyO|4&&NO0CWL4}8`sgvTKg87i@;f9UCXZVCV)3d1$hnVTu-hqN%Lez8p
zfX&jM03*a?P&2F}$}B@BPb~oOP^%dl?O3|f=b_-n@L~JGuhWhnLx&9uX&5^Y?#f|0
z1}EDb__JoXO8KfeKMd7}j`gTO_sqLhXcuB2WAVxHP>vdyb@gTbAs7#j&`^(A0at1!
za;0jWR^;SNsvbHXiatUuVGG6%oj7ttSZS8IfF9wj(x4wsVNyK=^l5_3y)k^Om6V0Z
zbSR*!?bkIvq<T_xw{H)^r+)O-SsLaUP7Qnndukkk2<q@LC!J#W&yO?%P;<&in*&Th
zx&@@t4>F`?XwpFY{g41^ROU5u%=po^T@dsdxD3!eI)Oh>%c#Wdk-%ZN;Q>R2fAM*g
zEgFcWM%NhxHX7iE4B&->)ZzG1`cWD=^l+rFV#|=jIS58iehfgO+QuLnj1SzWzQ!gb
zJ+<Yp;gg4+R6C>w)s$X=g5f8_^=15G;**9CH9m^ZglO>-fAqM#)ZwQzfxH=T`8#X_
z@M|WGoI2H?kDu|)32MwA$vW;(6BYE}=WH`n-P2Oure5$joCaq`Pr{Z{M@AIOvpRar
z48^NT($r73DpiA-g@vNPFAO#Gp1-_c67jm~kg6pdPX2$Tw}$Nopb;OJ{;Z%ebS%VR
z^pq5lgSE|xcfqDnx&YpT|GAA=mWXBfMIO$;_sqnTtN~Bn-QEbgu2g#Fo@;{b*HEj@
zO>T_m;bnBq%-GLWIk%TPMd@zK+-Eq<<jc8%Xp=mA(fZ-Zc@$6jlfnUiup#8mb2~Sx
zDFGl^ZS&mjD)m(AMzq^V@7UW?cQIkG7)y?^^g}yWb^HqB6*b~?N~ngtBl{AbY56#k
z{Ao(X5kaY?2|q@;efc8!!k87+3sr<`hntl6*FD-5FOxhXZT~uf`m7`D*$V$`d)Lgf
zzW&)G{#jpl*90786mG$?2^*mb4qi!H`nbM{Kk<vW8<*0wXX4NHZx50P_Pao?T3R<b
zRB$`)l{Y7AxR=7UEVZ@ZoBYEnnfV_ksaT#PhFoO>O5I_3I2qke!Pv)g%lWrfF&3>9
zRLq-l7rvZI>WWAAWBA2)tHVKWW-Fj5bZ5mX2>?7wPS{O8M&q$u9FbjhOH6hnt9#jS
zVTcu%7gIlr2&bl?WTkfFsp?p{d{}NNralb6ltzJMM`qS~th$9PA9$_(lOi(3_)gEm
zPDeIJyuaCkTVri{>wa8G29y#l=3EjWX{;M(){~_BI8`=QmaTh=@icp=x;ZsgqKO=k
zjl9K)?jGeXdq~Aw7Zo@9TwzK%a@wE5`EI~vCAXkH{Jf>av2hCVlvk3MGIxXxoHY&a
z@_FM-a)p!j<2cYFT1KKNRwkHq(@D7~{Kh)mC%Tdd+I%<5c+)R>vkKqM?kbvim6D3~
zz}4wqvUL`_4a9uJS?PWG<kRi$-X%Y2oDw^#+gIuq;{vajgi0xJ5l5)nT9C1X!V36T
zfd|_G>Gx}uTNw-Es|1|jwAc%5aT|*3DXvIh>UdRe?c;uy<avMhR%w!-J>8;le1?I~
zjFoewddlnbiWvSAUsn@2N{Wm>m)Mx@mT7qNZtotiYl-)C4dld80M}w_ee|UBtL&fu
zE#J%h=2&HS0<o{O@4eThg?HWDnGl7ZO!(nASp{5!a#<)X7#Y9GPfTimjq`?rHR65o
zL3o@Pik`xyN2jSA8MAsRM_EzuCMKYS2LyB|UldDp*Y{Rt!6Ns7>Rl`Ek(xbKqk3n>
z1d5OlgB+>b1qTyPk<VA#>e`r?(1a+~GI!ym27czdcZfjPkq)m-RL8&_h$p=z=C;kd
zG~CvO>@(jiaJThR>W3wx{K9X<lQqF08+#-fa^5Hs(iF|1$U;}rM>jFt0Czk2Q;Tt$
zD@x>9R&&(~;5{KraV>BM*Gz+=HP+`50!@U4S6g4gX{S`sX~)??;&)2!+B!4oZpbYs
zr|T{{y4OK$l+W!IVmo``fQn;f!rjjhTK;0rguro~GPUc$^D|@n<*K9mF}@_5?RQn!
zZ)w!;CG|_FT40&GfGDQ-I0){%TrfpZVL)?EZpKk7U6^&$D#(1$$9+wtP!aj7?A)9V
zz9sQ(VrQQsjSXkr-H&U&4u5-Yt*?TnLwjV#NNP?pa<(99?kR%}=^k}S-)%>_9TRmU
z^`0HJ$0?t&)w9+N&Xu`Os9mrlF#FrIhJhTxzZ9qt$BtA9c29x*N>RVI3+w)LlCqTo
zT;%~SkMBq%RBWGITt4mCz0kWh8!6TAiYdO|Zn^RA31$uQQr<A5G0s6N=g(vFlKktA
zt@nvfc4r~0E)O9|HF_L}`gxp`^V9n1&As^skOFuAWb<l(R>}jGNRj*yB74w$L)832
z;K!^fvJKq#043JXRDeK>A6Y*A_dfzRpzD4;q{^`UpS=iWiXBmgYdRZt{wdJc%gMw6
zApzC;H1T)`cjJgQJ#ed8`JQ+(t{9<1%@O{JTF(ZPXE>;PvC+?r5ZNekr%@kTRU7xx
z1$g;1s@PJ^y^XN#B8L~GaCEyQFZ1_QbWJ0J((Fs3&_pV(hvvoI-CQC)-NPWxKE!Z5
zf!{hGa<6u;qA?l7`HsBE&s2$+>$zvxs<ng)?&B7b;xCUc+qBkpPg2^5e4wY)QdF%3
z=U>swx2dS251mE7o`VR9noPbKTkz$5s%YQKy)~lIK6hU)^=F~?j(|oE)K{pe2nk<T
zgg>Nccq`K@c9&0WGE&<X2yt+}b`MZYv2=tDvba~d+qs2$FZg~j?Y$r!MK(Xz-iv^=
zuC#u3geNvCnA~R|5Aq?KqA^#5^y17}ZT6eoRh;#`-RslI@|CD{D~Q>(mA>9vfGKj%
z+ZXcPzWT{+x(8nnl~|P9<_h?GPpxL<43f0;6wI&f!mbE^U(3mZ=ktiqir8903XV?T
zv^AUb#z*l}8Doy;3|AA1)i6znz}5dX#rdpyvodxztPGKB5!t$#Re}4<c9pdA+qECF
zBdH(T#<a+Q7~hZ3tV_w?wQJr=hHlgg-n^Mp<;(pUiCB~-HUet_g-Kvj;fG$1Fz><M
z6>jH-5V|14O;ou7#EPq`G@5h1qq1kNZgJxjGDkc>BQDErhIT347TnV_)6266nHZEp
z_gAp+0GQuT<DQ3EMXfK-;CK!ro54wL%HY6R7;P+sl)<vW&WK4ezD9p|Cc_ron6Y33
zVSA5gV_}Pas<nZHZv#is)3Z`*I{^5Pk2+JTf?QtEfk%mdIe;7b*$HHkam9dV5iaNK
z?wh%=ko|*Q-Hk++@9P?;*3)h$1!^j^5U(cowiRSlC+fVAwW)~8y0tVab1xBrTi~7~
zX#OA}(_52UNrS_fUlOm`&FxCcrDN@c-@x(e%1yA3_<+B|0s(HfSNYM*XJpkV8=7(R
z+y|s4XSQxmkR%~y;4UQ}NDqR_2=HK&L;hWURr&7ruHr0vxmQQEGg=R~PmA^3$YI>H
zCml$H)U%nEfxBijoIm)b<YqS4Himl*D1b3jfdy?6?qgAtvuCnHcV}LCIag$Ciox}K
zYE5bCPpe4bGJwZZ07foTWfENnpD}>p_p;f$W^&j>lh-V-7;VT<ND!t*(KPCPWS`i~
zW1^3}X}3ZTQk=oq$8dX%X|jKx(T~5%|Nnop;ouLrZn*Uk5&DKVoOo*8aIFw5-EaiB
zbiCr4Ieg#zii0`Ly5hu=FV3rQD>yF3HBYYvdAR0am$>D2C0js+-5VQwh&$O5QNI?M
zW>4r+t2kj1bdrcFF!_ba(D!WmEIwg<gj%yBKH*mJ3GV4kE};hv2Q3K^o`iVa3cB0X
zc4t8?1gC+ZFUXR+u%~jTWiaMFxU5!8sPg-u448k2#vlhh(M;5X&0nfi(w3mBHK&Oj
zECJD7Rb<Y|b4Y9g%Uc#A<t3mJ1jzei3KCX~3v}je5)o5zBL00Mz6rwp0mS5dx-%Z}
zl<DCHGplpE!jUfy_ML0T@D7sJi|1Y>zJjm30UcApo0X(^Jwm+SR}&PX)!khmgZWub
zrC~k@HCUS)-fbex$6T2~1B@_V*i+SaGe97Md}dt;g6#x?sL#9kxk!b-G?HD9_#+<o
zT=I^=^uo?7gwM0cp64wmc~Ica@0Miv9Vm`eX%N32{$HPa!KyHjF>4I2o)QjqX|Bw#
zP3PadBKj=Cu)0#{Z;Mm?9#dT&^`Xj$XCdz>2#e(^joGT`_36B}A)iL^q2Qrg;H)IO
zlq<ynb+3N_96y0zm97MYjifC3KKQ93HM{=O-nD1EWA&v<|3&?nTyYm9$q+k9z}q>!
z%Wd?JM>J{c+qehV?}Y2CY+%YTOxjiWGWR*6R>-C+i_rIJX^eVWGqC=ujD6#ZCu|80
zq6ky~*yNIAWbIo@!caQS4N;#a_?X_X=59roT2N^RbW)JuPo{$==fa-a_18{Pagte(
zG0qWVN~=EZW-9dYg<x-#Fcd>%1h<Y44&dTDi%itTu1+!8=b?P*PNb%5gaJcJhbJ5W
zC_by<`uPWJ2<v>GniuTu1BhYy?vb4OBlN48h{(X*2gG(co@@wE557bEhhOtgnE(Bc
zhkV#tyFy$+YwY_G|8xJ+G(6Ch<oW}9r1m&^g9rmpT5vrlv*gHxtFo=#t3Ccxu<rt;
zV}1zK<scE#nBPvLZmxlpGkSYIxGDe~(2xybozchPo1-JI-*4NQ^=DXkzkQ=|!c!aU
zvn=!=RynE7uc{C8D}5qdRSUUKP0DE_ps^3&T$D&9N!3vue|36^+k*e<b6Q3pfyIvI
zQwS8<M^o$0Ko%YHE25qpavfY!vUU++*y736vE|Ta@TK=h!(?l)h?We+>hGw*Qn|Nd
zt_cCNj2RXaH|MT~^?}Y3_1ixn-Fkq4Bw^tn1uD7-6(sM<ozqbxlC`){1qo0(T}f3V
zTK9E-2`XXpy1QqT+C26HvLI|!rj5SA_B0}<Zx;r7cV;UYMoQf6<QgT@H26M<QFbKz
zg{nY*Jp;z;XUd=Ouu3QhbKWHPj1K3ImB#i@$le1G5;j=SJr&hVUqw<OxGyC{{v(Pq
z$G!6ff}^TZozN7Nt^przB`LByl|$OKh5kFbo8a(Ck}oC<)es`#&q>{mQu>xDD$We2
zdn@T1$f)n$h${uGQZ)C6xR8SEAUn_;FOoe_B|*DS0`Ra#!e6IzijQle?P2IZyTtyB
zN$io3DvOY{*W&HrKndbNr^OCeB|8C^B=1x+13JZSt&;mP!@d*>D0j64gg%XU-(Q68
zFI|$pfS53U!;Rs-Jrd-CU^^Sz@K@BjVjKFv8x|U;to#3t+;X3XO`4K^O<})&p{C?n
zLW#DjDe0({RIQ?KrIc)EZW&6+a(-?`DJfj2HYFXK(bwO1Ysi<Q`|b>GZ{6B&L#ff!
zxCiT?{aQBC+N~t4knnmdG1f|*{!fSa9USbgRAqt;WgzO}hbAibwreJDXs8N|?G(|(
z<u|1XhP1~BgGhH|(lYgzoq0g~ofODLY{!wy!p~e?oEtw};u*9awRVX+Lun9StSJX8
zxJXv#s1#vW)Ate5aUVB{m(Yrk(7vV!41L`OqRg|ph9X!K@pyS|ALVB*axGMska6aE
zB6!tl?$l&fC&BQBVlUG^I#H|c<?fqNOPfA!W1&}+`{z>TR~aqJmUTN(=1bOP0McR=
zH;`uUR0&*wpYwL!bk4g7sAON?=CAqn-s+&F*$saV0Th*bJDR1WO1+6NMWx<Ik+p?V
zZ+6O3rQVJPz*{TzW<64+-Zc6)mwL0VS*70MTFdz5;aWB=_Ga&wNAEMsz1f@lqc>Rv
z-!=mZm1EO%H(&5A6Bxer)(gI6f+PCEHWz%$1PGlyUn-DXadQZg&6a%2qt%9})nb^J
zyn<26Bv$3F&Q(I0LbrE4?Bt2{Xx&K=EA!(V^4|)@KZ6v?n06LCfsA_d>98F+0G>fX
z=IwQ{1C=Qob78I5DReX!_IDGcWtaIfM@2zpyWE*46(k-?xFcG!I(M+oiAnt-*PtwP
z%765GQcZU@lph<liZl#Ry@yE#jDmOtHan{)^Vga6q5uyt`QU7jzl5CpM{yg>tgzLu
zQjmGQH#|v$JpR@YqF#fnx^aiNot5#t!bj4|!h2fONRhOMkXvHMMAE<25Dn4W%pv-9
z7~+bk(WM=SQ0U$A=q&&)LRyr3_*C!8_%ESAw~g?c&NF*glHDi$>{qBs?&W${+jo1`
z$9Jaf#t{|tNw_}%?jQF{De-(VW!-~0e+ienri<=D_W>CLa$t{;qRAqQwo3OQBVw^A
zOWKe(j_{XBEAm8^tj4Wb=ss0u{3|H_V7lK$eK2j(tJGbJ_Sa<p%9M5+!sTUuWrW>~
zdb>SKy<IL%-JZ1W>2AY@)(5ipis@Ldn9TZ~?^2$YQF3kz*Cm0C<Ac0Gj<Y@x?F{X`
z0B}sy@G=ss0)Qs!Pj3nVNbh1&N(i)XlvWrV?q?e`@B0gq07*J%RC1S+^F^}BW3fga
z{aSFFKeP6CLD4{a{C+N;0GFccGl)LZTgr%U0|V24g!=f`dY8NY5?a$@v%k!BwwtHG
zKK`1^V$I|>go@wzsU9Pi>tMaecieq~=SM2<tly7MLC?`AsBo*hVA51BxR)mZ+=Uc+
zH~ZeNf!V6tL*Sl+X&6&>uSRajV)rF_(7c~8$^c5Pssh<{gsbN#YQ=XxA0veb1x011
zXhJ2EX-X>;zc{Chj(3%N!t6xMB;lTv=JZyor@@dM$B9*-`V*6MWx8c~q4`Wa_-S{9
z(`mr~V?6lT%9v?9I9u=jSb#3`N9>A4j`v3u^@KA0{X!JxrOC33+6BBU&X@Yr?Ct55
zM+s-#-^qTF>Zb>P>e?FX-(8$6D%}ZIPmCS@Dp!sh;@=m;zpLFF@r;gA2|vgO4~Y%v
zi6D;Ho|qpTmiIQW=<Z%KPXDJ{;q+y+&f@f;Wo};>vej6_B5uF_U%>5C>oc3%7lv-0
z-)GUglH08fC>6Pfr=}A^N&F_EdqG36od>0oKmAC0+#1s^xFtm}?EZlq9Z-lTZnXKA
zBs-G|z(A7<$SQwTm)Nadq2gX4{i^oIa%c4?!W;VDY;$>F8WI+p6qWp|*I&`3l=qQ$
z872R;XNwAzr_q=E({Gjh`w=I@O8)5qCI9@+f34!UXwoTn6v-d2<;s?{dGQ1Kv7}4A
z7eB0)$vq*;rlY58eJU0cDx<f{xUYL5IqUPQ3-X%GJ;G$`sD&48LzTm^9EOJIjdC2*
zufV-oR3AT<g)OX6K0-|QsFaQcSudrq$!<}O<K3d973d<;IV;*z$smyPoKJLotms@;
z&I+FlLL7rq%c~_d;`u~IrsEn8-KDS<(iy%C7ycXAZ)NE?mW%z#>8+^>-Mb2HlrTsQ
z;hr_`&#)97L>eH~C(!TbCsr|93pZcqqoD_ma*x<>%ILG@;VkzE(m|nWZ(-bZccDkZ
zN}x=~TGr)3Th_8vvR)&$bKH-$92V&$$J`!%Aj3Zf^4ofx$mV_Frr*g`gI`z`M5-_J
zVE4)(ztVj$Nl7FZNHahdF|4oUsYg_F&wSJm34>+>)s<ptqUq#nLNte5zB-9?hdf<C
zzLD^8cOJhqi467X#`G}E1q1n~+_mz_fjmUDrXNY&`S+0Nz31M+508aRVSAF`{K}Me
z=sGkUw~bJmBKu<}!c;dFK+>N0aZrT@c3GFgD^o~%6m~vNyZaDAsf42UDC1V>J}>4*
zTr<9sK2o|qEQ{&gsHh4fLGs84LZIm)|Bs+&fqP&^uIII+S3D-tU@eUFifgt>uZUL0
zs})T*5~>xsvfhR*+?+B|1a?zpVnHFiB%6kei87I2H<>c=iQLYWiB+0(w5BGQu9AX0
zJj+&7J1EC3>jEEJ$qz6C#`pXnb_m$`J|gBp0^L2*aXzG6XXGSAjnqXBXDyTQ1mH&O
zf-QH1+EMw^S{&|Pny&i2QUf2siMdFb44rb+^(LL<!+a2Tg!|~WQ{MiJJz2^XcUh1O
zo9?k7C|?=$J3J_l?b{uJv%7nn%y=5&lDKUBINXrSPC4>k!a2n~$#{NF(#DcvyI)>+
zo6UR_m{mb)GW6s#mpbw$%c02@au-zqH!~^N7wd3~E`Q&F#ja4Y{$`wOBont_aSV0<
zsrN|ChLfmucgWT933NHi^1WYuuzf8%WU7kGf(Bb%L-5U42VQnT;1=9$o#X~}B=|2L
z5%gOS>~VZhjtAm50haAqEflz<HrOBa2oQ$XqF5<uo!wPRQ1}pv?Tl@<;-Y?=1>A4`
zO*}IoZC!v?|H*7RterL;6#7dS))CvAqyEff8PM3ETZC#)O-eGG40uN)^b7Vs!BB$v
z3hRv4y@A?%Hvq(7sr9sm>$xEgS}ow~l*O|xtJ=zrkpjeh8IUOV_@MHHVCSQP9rB(F
zdR~MriL9lf6l>&EbiK;Xnelm{OC}8KRSBuq3ctnes685zkK2RX`0?^hxRC^Mtg*yB
zQ7j{2Et5w)Tt|h<<6$KR!PN1<-35kKl5r4=72>UYa}Skz^a1V?X?@<9W{`1j#nCc-
zF@>|6a90O-BL0^1pj;$92lK~@nY{fF&3={0==uPpy<%#M{@}wmB5dG?Af3`zGyFYs
zJ=Qa?Q>vg#Ni;eKTfLj(x{J_JcHYKj(7KfgK;iaMO6T{dL-$Y-GrxzSE+*|QE8(!=
z5{s6Pl+_|6Hv-gl2u>@H59iP_Z&-BZegu>Il#*}m1FDdKK<86Kgh9&OBQu+5TZ$xJ
z73?+AP-M=GdLB{oGnRx3%*Ht-B1swpH2+`<#lZ1kCVjF^$u_4wpZm+rnNl7<$dTKP
zqOaRD4GEdwb{5bezZ8+2tqxK$Lo-+DCnL;q@rE)BD-2SmtRPRjduwWYNTec^uM?3<
zyx^%5ZqlMots3RBfLzVM1duKWr_dHb6DKLKY%iEI<Z%(>46xc>T^keROWboaAX2Gq
zk>Yt9m(mulUY?{Ky6o5Ci_|-`)mOR&NNgWWfgckNbOQX%^~Au5D_lUPrX*v7-ZzuY
z*|eFsH7~?_$Fee?z+GATWN4zo4|6xMv-4s|b0;9(DH&S8?Ir_=?(#b+)@8E834px;
zM;UI=gTc!ZZip)Qi#^>PC^lptJ_{GK$Ov_Uv=(>Gtnwt|M84SYL`X7bCsg5`PhL<8
z&+<E{!{w)<@iMmNJ+60T-Q#e9TL!12mvdog#PK|W>v!I<o?Sv0z^Y(e2jCz6Jj8V{
zwwG&Q8>J+86JHhiv}~M=ZIA5n<`s0JNXd&cl={0XK63C;g{`rk;)bN}{=<{u+@6Bn
zfl%XFo0r!LsjRKikWd@GRm2_lHQ)L@`jPWylp|OfOZZl46(8R?m1Db@n)ReK$L<=7
z?JohZn1XOsOz}tU%y4)2w-TuT!&E+o%Vls(IfFUD57^kH?%oOFN0{c^8Bjb^k}p6j
z-VFy=6ad+dN(hMA>UP{g(YU!!xh(kpeAi~URoq}2?i>~DlZEUeeDv`Darg6SCd#eL
zgx*BgE!Ey)?8JPPs#EA4r063@>#;QJ<~HI2r^7M1!Pa#4tj1_f`R?+rUSRlqQmrxb
zUly?{=y9`nT7nZe{_?EaWWxR3=diT;-Yw`Y?0X~>5BHakVwrP*^c5-%!q##@<#GU5
zseC|@)IWd2Y$qDOP~|`xrW+B5l-j!T+}+b;ZOIoyL-Ra%nxy@H2DS_UudRb57l}5!
zf~S(6TnW#Wa*Qex?#`oRkND|TGwr+W(Px{Y&j!V?duAsnlHO;13><dju#DY219j>8
zSe4fXN~~;Hm1eg8JAD3iBlmkI{KnIPbepcWf|40{&QDFcX99BaQYW>STT12HB6k^y
zZsC4Kk6}WtB#|l*c!jcMo<T8sci|L+6wIK7YP951C^^jwCN9Wk0tFMZ?AtxLXa+a3
zzn{fYtPQ+#*?k~rg&JU2gu;urZ;4w?ksEO|vF9o<Jd`8+#mpAo(|0wFb~4IbJhR*z
zU$oTH)!|Y<h50y0K@5)&02H_tgp1_6<{1#ODzwWlf)%=MuSQ4WIc2HB<O;}v{yQSI
zF6HyIY=?SLtP9063=+DF#j4Sw#AQIjcb$#7DeP)s^mj}-BKNC!4hkthHV(eOJDcbU
zF&B*pyy9Tqo|f0_{zJ3LaZkn??U{;%sLv&whAIq#^J7#1a3^u^T`{!^_C)@|e^s#t
z$PyyFvG#76AbiDC$)au@Zjl9U=QjSP++3n?4K(}FX-!$%bx+oIsj?+^!#@!gTGLQn
z^=t^$&l3`(;e>m+ui!&V+-z}UbEhQT7f1nfQGM!kK9P(2N_to^mN$#BbcIL>pLyZw
z3u<Y>$oF(5?IwqO<b|V#E>NlssvV8q>B26m$?%WKM0991x8%vt?BQ;^0S1ytoLd~J
z%s8|;Ad55=Uvka4HyM#FyPDnfEFywWr!1nuxB;F~`ynGE4S#^;buwu(Q#_=>8@MKc
zyTt#~#Y;kqwLfWQ()VS$Wsu4S27)7n$?8LGuKG-<i)()b_ENoHqq;_4oWMLjTuiiu
z#F4s+pkE!}>CVS~54s=4-^al)aMNOwoC34c5C8ctjmZ7AEx~TGPZqhg;ZUu%lyIm+
zH4yGRQ)@G4(8)1H7`n`XJgVSog>De@TDQ_CJlY;|;yQb}Q`nP92oE<frDFHN^mYmj
z2&>N{?X@A-Lf1-C@zzLq;CUL;?q3sP+DGWQdlfV$@{)N;clPuu_py_!)Y)*+{R;U(
zt)gD_mBE43g5|yyNdX{wp-P2-=<MlXjDk3thE6z|ei<AMWu`mlXrvj1qfzS8e7C-5
zqj4RNjEa5Vvm_70I2ucmPeo$oP;6j|7uB?g<>3wn^CF%{7v8gQ>RC#7@+K4ebeyKU
zX1vPhbm$Z^N)54MF(V>x4bO+*X`!q(a!Y~x+gOvqV3g$by8?aD(8N!GcR#nL2M?Bv
zGDAD40-b?*%WQT~Rx_QjmwI?&w|c6~j4G`fN@@sxAIdvZ;@N6FbkEF)otVptVE_q8
z2=d{h!Bk`iE#i;VAE?5=|BH#dDm~K(=$zu%Z=*4}T0XA!+A_)@GH1JOINyg@3uzrJ
z*p3Tk$3*OCDPK_6Us9m=iNX`Sqxmr4apa33Jm!Ng)aV-#9R4_b>Is#|J-exv@`<8-
z?GUB=Oc8r?3D6n_+p=mrZ0bpDD%FAP!F(=={YKa++K5}aN9YD#6}o4M@H&~Mzitf5
z&bMJ!;DCKHXS}(VAjA`b0eQ=Vo+IPKX@m1n3xao7_h<}6q|u({_tx$A6g(K`V;CMG
zBkswZle+-UD(m#+%vfb^)a%5|UiP)WkYfDg;4t?j^(ulsBjY3Z&LytWH6j`B;5OoS
zuHn{9Y_`_dGyE_%=)H-x_WQPyMqA($<JrUo$jQ=`UPvN%oz9nYpqwM1=9k3tDq_0{
z%}xQVgI)>2x&&?bP6c^f%g@6mjTE1_eM|flSn!72M*Vgh2qHKIHtGs|i@@U*__v&@
zL$hZEk9qJPl99Mnn<e<Jpu#{uuB9Fg6r3Ss6r`^r2(y-^Jt!#A1P6?v`&6Ogv#@7{
z+|L?4$2~#-VsGSN&fAU>>K3!K61TR%!Z;K4a&kH{myTcwHX78?ztK&(FXXE<@p}Wq
z(}gVmYfK@h3PBH&r&PXc=vJxU?w{m<-wx$>!u^J`&YOh0s*G{U-OFQ|nLvz*S!Q&1
z_slj}{D*TJynrAM?#T5au)JZQ2|hSGl&lb6t8!7h&>g1|cziQ=9Cw^=&%Im`1#=GK
z(^otdN@}=9Vc#rp%W?c3#O8lG0-AUye#N5&d*YvDM!ggBarlzEVhA$K@v<wUl2pLZ
zAmDHgnr*P7C!K%XEFI1Ms3p{OIdM6ID1f_a1U|6{U)Yu1uTo~^C}_$Pk4}T8I<YDr
zY$MOHkvEyK#fE0i*z5GiYSB-Ji@uCAziR=3oGa6TG3zrnBR)>bC;Z#M$IzmFEg%@n
z;%`3{KKyg;IkO7CZh%o-lg!<UYa+9~`S<{g^Ia`nirtme&mBkCi?M16B$xCK^L$TW
zPJ><zao{==60tO_!FCj%z^Olnb1DAgbe!Viq7VhGDOWUa=2I=%3fh9^95NF%u14Of
zc7LDFfiKEC+Psa{%Q06{h2+J5gMGktSzbs@qvh0Fgd3v&eY%8okAm`F4G{+n<g59D
zhP_;YpMk=KLRY}lON@TjTh4+ovarOW$QcgC4T)Cf5F0G_r>eZxHk%NiOLyonq*g6w
z(~5WvRO)V~uip=o3!kF5=TTFE$y;Z8&g|tasRN|hZ#uznG`U2ok!%T7Qa$*2?&V>?
z*TT^?OMMts@^tSZ#+Nfb&_G`coKB#nv*#;NGY|vYFTL=d?Eab}-6nTTjvbL}yZRjd
zW#O*sYLxH`nATC|Y%q-avy|l24f0lXJ*~RA_Nf&1q9h*7m1G}Yd3m%q7xG&C_%+g{
zl%AUagdW7orr-BcCb5>jk5jwe9ze4+_SN0JaPT7gJ^{h|X$Ym-57*BM*SFpOs-(J`
zXguzDIY_Br08TvT2+|%vNk0j+ewKBN&^F2#Z1-_lQ(V8#9s?UA*VFh!Es9d%b;0(r
zpY^e8{KGOyK<)11(Mhf1obFm7*gZCOQ7-67_40DOmcWnrB<<_zK@%gYJP8VFQQod{
zEr9gray%ws3Ok`ZJ{kBfP!Y%zliH|V!FgATmh$K-H@Gc6MRe#?FVR1O&nmy+tt)Mm
z%M+076~uT?7UlnbMSLnlQ<q4*@Exdn^rbam-c;cH2>N3^ZzK7Dn!Pupjc%-ys+IO&
zRZb;;v(4NSoDNk*qdjr}F5l{~5?zEJxG_H2y~|D7-3@MvPh-q~lf!25HNdGij26Pn
z!HHx5VYB{!r~mFu;9^C_*KyG;fmiL5Xu^0B`?c!Ou%Ad=IqeC87^mv<m*=wjH8YHE
zps>lMhA^<ocRy`1CDuJ0k*PRQUanx>zfqwLk*kU7g44B{=VoA!pWzX#H9nJ@dF>Q{
zG=El7aQvA2J}9Y)&tkMWJ)m)?;eq2mrXY@5K96d-2v=!t>e*1cseWMYVNm~EkP#^o
zXt%RuHj<*w@zas=+{Zmy^g*|BLX*0<3#K(O8s-ALfAsr$q}S}<Rs1e;Z_MO4d_XC6
z<^W%DO`<l@)MPa~N8*o()*;?(?UqiYuAQrn25Yy$zNW5Q>4~<E$GW#~x{Oly4mNB}
z>s?d~`uzEv!MsbX$0OZaqaI1#*}`qAZ_Qxo&#}(}3;N#zeXP`7OF`>;0qS)UaLgt(
z1J!A@hCFfw0M8h)6jgq}Tk>11$4ya>m%B8kdl<0)QQ({08Z}vyIcTa$Js+9LnK+9g
z;WM!kq3qB(yL%dk`9n^2ofKbtv=i9SE)f_L!=8!QHMwQMKpB>n=bFJK;m(wC8<H)%
z(gb0^>$pj|MNor1DaRG&Y`8rkvb7J2Gu0Wxmmt51-`l&ZCaO2lDBPeFcC9t+dlLPN
z4<bpP3bzl+wR5LLu_Iur2(ynJvAho85(Lagjd1DCnF&i_?Ecx^rN5|vl8~0eo!vdQ
zwi|a%IlnEKMM?-<VaSYtG>wM3q?HBqc2AFyTX9*U++7VyV}ft9c<T~(ZCUIMY`fuz
zv;{sd<-m>Wy7`lf{Vxq=cTL7knRyj#a#Ke4f$l-8IFWr1wnz60$J$?M(m6*rSGt1=
z5BjG2+REK4WwF~~UCI_P$-Zv=IQi#G^LlY{Y)&^_FQx9?YU!=Jx!FaQY{p$TS=VMh
zv6gMDrgdtQ-NJSW>h9EC?n86MYU<|VqE|4QMR|0%crh?-0*A7UnQwaM8dES>!2UC#
zZF0kS5`-6~JX_3`-h3*PQ%(;Q$gZx{hPrH$!jaQJ2<Otkx5L{Q{r;v<Yfjy|2DJ(D
zV{6BVzBe-50LUI;apslwO);@U6q7h6MKRTK^VH>`mpyN0vuwc^x^}xW(osyRe3cQ#
zl<)qDS_e?LRr!_?CKD3zxI4d&W$Ea=n1g-EUB(@LAPnVg9AcRr-XY~p9hHgI#)jZv
zV@6<S)8NBpq^>DGhuSvqc(E1`3h&3mIU#3sS9P1Er&hU_dLr0-FLAu_jmAveP2He_
zI2|itRu2b%{#e+mA-cQwMmO4n3(zB#I8v@iSAXvq$g8wG@Ea(|$X6m}<)eVTd<$h8
zbcTx?$%_%XIb^iCBJ;0s=c?IkL`PoqpztU6%Dfrv5+FWjkGRN!oOV2owVF2*kdD2$
z<hafrn1r$>9{~sscRifIE-02^vbg>Rm!anSC^#%Os5ICmc2u|Eh(xTSEZC#Utz$#}
zox7bh2*rum_%f!7Q1UAFr#-Mg?Uoq9A~)p5M!|BtJ-v!GT|xjF)7k+Flh0%LfmYX6
z)8Z~Kip@i+H4uM2y#cj<J*T2!iZ*>ZC)e29y~4GADp!quc?0>{PVUo*#&Ewio$w6U
zCG?Njj<pdt$me<KsSVnPw$1HBWw;OcfKunU#36Z#+q;-8fONZ$CNajPu&u@-yo7Q_
zoL6yMP&5K$uMhe|aw~8P(=7}LuLr(LE>Oqk+>gA&>rxCFo(*8Azj0~V8W-lnfUU4J
zHHu|hImyRPT*oH=6l{MLR#k-LZ8&?twH-NrU`>A=Y<F<b`wXfev-5Y<G%EP%+<bX+
zph9)+l=Ar_df$ZW(U5SXTjOV#9%ykPFnksCWgJXI7v#$z`yRI%>41=zp<FuOH%&s(
zS6>gX#UmT15AroIjR_*_*UFI-)QKHb#^QK=T}+9#Zl<2~ne6S8Ft>F~VK%1LGpUj0
zPMg^tY&QtB#W>)WQL`7HEJFOt<7dfNU}qHs%6F%8Qq;WEtsf1JUMEK5m0Ui1B}t}U
z$*thuMp2d*5OD?{<-6`k!?P6mML+*4KF<`1*TTl|jH$gX-|V?TQ5}Q==N5RD511aF
zy}038n?2kgX`+(BnoZ(Njo6^hNJk&iR8N0pC-5o?HR?M5a0U>CXD;(S$oAk}4w_+x
zIE%5Fx&AcHr-Ji=ToxbaHo}(L0X>^<+M<tb05SMT4spnh@v~t>v0};b;To#paUSXu
zG3xDTHAHNa@xnT_Vz#p<H=uX6CxbX&e`dN2!0yjRaJ2W0Tj&9^l<qMn>ai%@qq5^S
zm{r&Vkj#yGkXa>~RruBPtkONe{69uL7H(4y_@c9-9+z~|!|#Y2WZ$UL%K64QQI9`i
zC=6lM60IZZ0p|Z1L5?0^!Ff@S^V8qhv<GT1GWL*bO4g(=ry>4;@Ax4gAC0gp^I6M2
z)Tr!9+JQe)DPAY_`GO=w%7?CbeF1saKrzzFnZ5vo$Eec76OeUdo8v<vGdEA?9txGf
zV$q}q4p}rjt_SGR18CCi%4-g<JQKX-Z0GO1q&VRBWe+%C6wp|<D}x4Ry@R_`$tAAg
zjD{cQxQTqN8|(SUCEZw^485M;nKw~{%X--@c-gGV+3*Xq5jVXxIM<y&!M@-=i>E#S
z*%R9co~$y!Q~;C%HUkk0j074iA)JvI<P!H9;Lvrrn$q^H0KfD^lfkFeF62JChoqiF
zn^_SbO5y^U(4;ws7zkwc`5O@G!#1pOHcQi0z8tqIc@X&AWlxifrz2CGOhKIcn{-r-
zv?y{vso+j6;;g|4%fCD$a+)pk-j3Xq=mqfSXTr1c>OHW;SO8L~<k`Kq$D4x#M1mFQ
zVmXIB(!4fe^)k-}d-`-2EkY6BoiOW&f1X$0#39pr4WE{fE4m13+HkK9=cBqWax3JF
z)FAZT+8X{ze24o}ZsTlY9nT=+O6HjGh-^PBDLMha`CoYr403H77cYdjr2skSr3r{y
zkhZJ4)(88ZXluQL6l&r|7jc>CsAQ%@(6-mtf~FGZLgh?7yyqV7QT$DR02Ku#(UHPn
zlqOn&o^3D{u`_eG6L1@+YvG3RcjF$)lZPkk+J+;0&B-hBJ2qfeTOPsE1#G#AO>3K)
zAOeL;F?;C4=$XQ$wE4wup@Dk3wT?RV1_bj3xfM0VIb0HM^`!dv{M>ogW=V<ssVv<T
z(83NB2E7LTPc<a_uukf{40%AIQ%_+7mnwDscJ*N}4YDiw@kkakp@m681>aE$!tJm(
zoH;AD6y2(}`J#NzLPQcfNw6Wsl%aOQ^}<mFWuABosN@&$3Aye*BqO2m3S4J86`TCj
zeCSbnYG|*Nx({Zjn|l%u>k{H*klcbnl-=d*i9sS&AF!dtK-Zerj)YyI$DEH_kiL05
z$gQF!mj=ot5bE4qR9yb~`(3a*NX>E+dP~8&ZG1hyE-#TGogfH0ABjx_O_$(xQK|BC
z`S2sJ@Vv2(HR{!cJ$=0K19dRYu0MLDi#a!Jk+Ecuv6uM_1W}RdHlx*3w1~Zs!x!Ki
z%n;nmeOgk3(`FZU19`!=W6~G9*w9>cgPbAr+d>{?A)5HB#haV>&oCZ^6JJmo+dDOJ
z4^QQe#P^E4tbRUsO(z_H`7{QD%7eX_I=jLBhF79yAiplY|8utyt^VF01^*U1tXuG7
zj=#0~WQy>}S|O6aanFH;d=|f+BS3^!#XaQ2{!M~a><48*e(cwhDxfGIPsYwzo;OaS
zg?j-bEf7LSQeu0vk6SY(HZfO=#phurj{DoML?=Hm*riT0Imp#Rt@cX9=H!+MIWe)h
z*ncX^-DdN@c=WU#dAA@B%67MM5u9giS0VG`aJi{q`25_w>H6%BFfshpNxUTA)H$0R
zvnq}m7b-<~>$HKZP;u+bESVKk?vHIhGq(Lry^wq8Z^3PJ&UH5;km|&I%|3NvQGi7_
zE@TjvmB{s7R@)JRPJetRy<gb9brQI~jg&1BSvmzk`%$c-jvJweYgXO`|CsAxL#{lh
z(>8!mn44c@^lqh~i#&(8MVc|h%<>)({&ugPej%6pYssd%X|G~`b}Hvb%Kf@vAM!Pz
zSrN~E7)}nO`8RYm7H@<2vjbB&Id&Unc_3wT;*umGY}&jaGQ7Q8Skw;A#rl^ayB)yw
zT_@vot#r5CRGjumcPk}fN_VTwyXbBa;ctXNouym`fMYMO+fpvJdQ0)4WVGJA(vGu~
zTo2A=^4dW%R;mwLA=@msSG|I}IJXH>r?oK{vp)}KPHEF|ut5baYd%DwZM>KENx)kq
z_YJb6)Om@|eE?%Bg}_r&<%qnayG%({o<!bc<I%?7TVw{|2WzA^c25<x83vmx91l_`
z0<C+7Sd?&sLWvuNHw>5)2^@i^3%Y|gVv;xn49%r|c@cg;2>AZMeLWpl<t&L8iExIA
zy*Mji{@J43`_rKJRYB>}4q`92Yo^!>v6Rf~&h~1R9o<JW1grO?Az)dawi=)jcWwRd
zN#cI&$*sh4CMExdTDJ`$Uw>nlrj#-Qz@dz23AYsngUw;7==GNr;pmfANRTPkZCN3)
zS;f%S6%w|+xVxDq0tgok{FbVS&~}OfS8I;wMyGnkEz^xY?w&eX<8+K73*S~w_ue|)
zRYW8h$uh&D-SV70v?K+}H>tztade6-76-WZ>oByX4<WXz(16m}AtWZm4k3&5r!Z8c
zTu6+cj@qr08ag?SEgg=dWID6Pigt1w!wE4+!aZ0c8<`!=7I5DmO{wo*GwPpxD0zE3
zQHG%!$;R2SlcPzqCnq5Uv2Ht!NNl=LIF3q$y@lhLH_r~CB9&qTNKk;|<SfaXv5MTt
zh7uW%(D-6Jf_uv{9?1stUYry3Eo?*e`h?kr8WW9;4U$N|scp#HaxzR@EifEgv<)>x
z>+&X^=chE=)ZdbuS!cGP%E&fU8CiNfKpu{_WSfTSL(@>$;pHwF9a455*_&=94AbmQ
zYdURWrlAIzh8n$TC^Skf$ItvxY2tP6JbHno6WA33LC^`If!nMeld#jy^~qZ&8(DhH
zkb0oU{079M9stXnDGN3p7e&Tpb1{(MwI2k;u6UfsOx)CgmARAnmh_1|pz{+Onmh^c
z%eHv-b<4;k8n{OZX7=Vk$?}_^uC`lhN)F7Kx{Ej^`LVsrJaJeM*Q~c_?Nnl6*^b--
zGzhlA7r?h9lS!d;J#M=7hS2rs^?G6P^gl3r3QvmMQeti~dp6itu19?<BW9M_(=4a5
z-bRSpkcHYZZFVqw8ft6x(r09>-oBASaE!w`;bv9cBB-Qf;if+e59{rh+3oQ>&I{7B
zEK!orFKgT4Cu&t6mMSZCiJMz1GD3PQxWhUrK>7(G-EH0K(bABwYqVF!WOy=m>Y@k(
zc-jmFhvm!j8Oz@ku?XdSFH{(9$W^36Ck8RKezi=T4GaYy49uTfVHb=Fu|cxLx0CWj
z7MlWupcuJ}MY}ExTL16cXfsD|Wuwbe#I-$z4YGCDZ<U^LiQu0ih58wU^%QE0zl@6q
zpF_CnX`Ivd3ZP6N<4w_EFL$X=6UQpNqF(CO!YM%1<uFvZtH!nnk=B6-b%1>F1b;it
z$MU7$AC3c?>P?RWYkh;Mhw9O;4M>n&O?%#Xa<vk-j?`+>nf?uH96D3Jcnb4#?~v6j
z!vCxlXH3#t_ah1pi%*=gT}NaZDTv(%pYJJk2(8X3bq5$^)BC>eYNT904^PrHw@(yF
z++pbSv=XNa7e)UNfQUOo8OT}vb1^`0_tq(@TtQ7J%kT=3t}MpMAk|_cs>7vS*{`q0
zDL)~0moITT@LD)e;QunFm9xkhgo`2nDuT4s$gKqK=wx1mW=<pn$COUgq|$KQQy{-G
zsYT^0fLe5ObKrXV7z!s<rhJ5<@>@`4Dm?KHc}=C(14G1ms{DE|c^0_!=r@!QS}DkF
zVLl&%RF-=E?r2W5)^Hc9+QDvPvH7Et|Bo4ZZ|UhwBg0#oPIyUJ#6`aQysQP??SrFL
zlE4E1;QDTzk|t76E4fJ>qTBph=KVQpik|KaM?gN^6K5HWhKNzxJctmKGqx#;oQk$d
zo*Eh3q=?~0?N#CrOt8DVjr=Ko9|*?V+DA~tiqH$1+oD+ZyTLI}?M4=MnWp{v>NX*!
zsd)X^QpEmcjGPuVZ2}fM!LEqzZyvj%Rc#Kt$e=9@&%iDVrTK=~<<}F9HNbSvp@z97
zOKHs+)gEuGL30EOzYkX&iv1?8cs<&y+sVd*Gsj4zUGiT&g!OuRcMocWUWy8vhqHYh
zYND@35yD3*1NrAO*55I!n6~4+n8y=1y$%2e2Uu)~Co@HUp9wN}z{697J)69UV`SnS
zd+iK=Y1@%ftK2ezUNqCz@wn>froJeU6<^d>GvcIb7aQ<q@J194ff55mXh$1rrwq_U
z-gj8gcUb_>Lwyd89hz=CN)~vqS=zB}yK4*1!r5)z<4q}|Oi#iWtt*AI9VnydhH!Vw
zlyU30`^_oi){Q({ql_MR(I0e17j56Qxk^5YRz))UY7Fbyg0?ng6D@fpw@QWHS9x?@
zE#y~W$as=`5(o?Wx{Ib-Y_|Bj2s^o?$S*%YSwA*7<WME5UXMvkK?skl5S02|DMPrS
z+(Y_nfJdlGG6Y-uSIvYL$iuQMJ8LksykUARBP$+@d+$avY3d8N%>unO@~aw8IW}i^
z;o>CW6^X{{bO@JXU*LQZnpCQ<t<7y(s7f5Q(OWb#FM-J>R5hWS_u@ePEGel2cM86A
zSK|qc0w~>cFuJe8CikDbYlHuQSpqblVh`BeRrBm(?o_iz>@Dv$_gnb_@#TyzT<=}M
z*yk{cO~8{ThdEp}3vSeZg-4nnm&+IVD39k7=3y&oQAq5aK!HEdUfqd@R+R?+B478T
zZ^m(a7k>cvr|Br``S=I=v4G$z{!k8PR!5IziX>V+vz0%@kJ0XOISt;<dxHbM)#b56
z%S?p;up9EdWA%oKu^-V^VO}OPQ5*;_(dkvbR7^Eq@_#sy+Hoq|(%*u0#sq^2nChN5
zUfFhGe7rN>nX}|MCTs5~>GwLZe@E8dWW1V|Za?LU|8;F}Xu=&P(up5`4$H!f&U@6p
z`@{V(&WA+HU=8Rd(_Y-YQ-|sfq4TX+ef%OaG`e$Ynt}T)1lNQ+6piTGpb(dzUo=MK
zQiC1p9vtN*()1@HtGc=0xE4-Rr25Y^)|<!1&IsX4XC~cCh$np$d6(Mq<`J&*TQKw!
zSY<7D9)4vP=ek?!yjS>2Qn^UUdJhbQwYwJ!uxy_2j@JGS1?(=aYhZe4jL6&Q$YPDv
z)V))zXsIpbkCzv?^2f&zpQ}+-EUG47a=E|(!tTUEdxPThK_7eMKAc#=?`6cym%250
zE4x48fa#%CxQH$Mo@<G<5}QbfIN69$W1-OW>4?xJ=FRib`C&36Hi0-KtKE?qt4=?6
z0ir_KjiB$J_-;SfO|k+PFRr>WY-qm|GkR+5_{_`zYMJEIyRi3MV`?%N<CMlq=Lbk?
zQ6MQHRl<}%O(7_fsvgP6leIa+XfN`2vt@Elif%2%UZ`wE;FdYDS~SlW>}7!atX&<q
z#`vyufIqHcchJ9gs16sm)$h@2!Q-#ws5VY1aV0vR%W%UXCjhz|iB%~>37ak-_Rabu
z?y`orb7wUYZhkgQSD3&+(l$nWoCmwjQP7dQZ<<Jfxo(o)Zwn>t$a*Vp)d31+Ft0a4
z8S3Mg$mV%2()pzl{BDlN>In-gna!RkE^m3T|7^q2D>+NF=;qduT;(!(AHImGl_$mK
zA6SH$y;zQWbNtIWGjtS%+$#u_6pQ{z5o`bFsD{YFyfVH}UR`G)tLXKOD28x7cTbG2
z(u*8k2mveOmzz@aHu5j<u_E_iJT{E4U(DR9Fzp;~-?*L0*_@g&SJ*5U5E#J9`nXSV
z^ud$8r(4?1UKP2Qs*^$QPy7<S*THD<by6O0ZvHmXgUC&c-QAsmxBPebI;ok~e!H(n
z>%f6?Y`M)vNxYl?Pnrw>%?3@=CL5F7{KovNL9@whz7d-IA2*vTJ4Ks;8HWx=B06&^
zoXy0V%J?D<H-$EFi4wPe24s3+t}=nN#v3uexjXXkz_(YoB-;F=r?Brc7;?b1HSlu1
z6_IdLAuhpd>|5_nLxy>4vS@E_NS)GzudZzp9lo%ToGxxxAMy0JI<+X~#)n$D^YJ%6
z8v6J=={kF!%8S4)O;j+MqeWNO5r(3+I0W$G2I5MKU2Cibf7RV!dMzE?S(aC>m1|#C
z+w1ByuRM2Q0i4si+6F(xri>}tc(=eb?M@g_rR7U}mrm-uyZRQpdodpc<Wk-G#Cp5u
zmAYVcEfSbkN$APuR;kR_T4hDh^LKou!zx?s!&_V>njV&(TBR)3sSq>nZuX4&mlWe+
zgSICUO?5g--14rn`X;gO%9)sZ=kdbYtc819cZY><Wv=Mvxcv1UoaU8N2@gIqWMzJh
z*W7pi$Z2P%I)BX${v!u5a-Yq--^affbt`j6qOW3sf5erWk$btD%^!uZuRy`SH|gPi
z?#`(=m?ZE8>em|Vu54Ityf0U>2IIGH)XQBr)nB&sB(}(UW<9jw6t=to{gYt0DxVQm
zW`S>j`d5>qM~v6&#kw*UbDg8As*&PjU$?TT#ag*bi3k+?Mou{M`^RTZ;-#@+M1I@-
z_0Ys7HO_NurYZ7EY)DhCNoQg%pzIkT9;9cadZ2N_?sc&yqZFq|StH{(Kg)q1tp+M*
z&*B80g80H<vWa>v#b!qn4|5+yRwc1<*wO(rZ8n?D#b#p5tjhj^UCdOc;f**{&caUK
zUFb0qn^{OeX<{HR4t1-fi3pi@piAnbxUwY_BG_^0aLk!IvrP?Q@+(s91j#uFea3Tb
zCW*iGDP`$8$j^dTf^EJ#QuFEMjzal`3F0y$(yN30-J7F)Fy&lDtG|vrs41E6!-*hN
zGQ)o&SK#h|I;X3ivhnwzu7-72MGx78Gb?&X8la*F3~=d(Y;suAL-W@zcn|s06_m*y
zZw{*Vl59ovsmQQ{L&lDS>Jd??O;LFe?-y+99hC<WFh3h@XqF4kY|}?juWkB~5bWvw
zk#N-{Bi7BiZ3$KT@M66TSx?TWb+z_TfMvg%x;9CaW$zO1dxT#6XTtq1lp`yBNo35G
zl}&nm>vZrpdRZRUOTGkze<Y_Flm1<^YWb^PEtSfihT#Wz1ipSo*)FU6teE^k<3mZ)
z$K=<B0G4EFVNscf$j2d3Iw_2kl3R%al#_|VMx@zh=2wBhyN{A1XzW$lW9P>5^+r+P
z>!UZzd2pPvbKD`7!HMR@8$XT$Qc9zi=dM-m^kJq^Oql*v@@NCEe(6?n2TC4AUHDrs
zU7_(_9?GIr1a;5lAn!GWl2>a`cq2k8qrIxc-HW;R5Z&I$K|5hr$+-mbU6kvVAh}6q
z<BIu>J)fWb9D~^YoHWW{7b%>uu*L*mBs!!yX%$W*w47var~nY@BwF0cgA-tLAHp$E
zzmZPy);%RWuT|{(Hpm*3%jO_4-}lNOPVbCvW=K>VMj-OtV?n(tkIF`I6Xmr+fiKLv
z(jgUG4O6*?a*IWI*97?^btH$GY{dm^!GS&9BV^K_z^*oqRT09%dZMb$QA)P*R7Qn5
zwy>clM4XRFY<?v|L4o@Th_6MS2I`n{Y6bbPNT%ej!Kvyh-9cdYQqh#x$+y^TE{mwd
zz^N`9bL2bL-F;0?PHS;7o_W|zQS!2jXA)z}Q!dL31NQnRD8;SBA2a<sk=J^W0ZYg6
z2tBxCnjwRdooiBV;WQru^j8wC*n>w=18FRGO&m>A?*;zp3pDdnx9=Cb8;C6^`k_6$
zm2f@zbKPHUv*=Ay9+^Ii+zlw8ClOC&1M=;25RWFw#`7tuiF(7JTmoh0Tm9VC)6EO{
z333}j&z53Mx4B%z0RF2<wWBzebc-Y{w}g4_1?jHlPlPpr?SyLn7Xjv?&F76HGSoQH
z_R<EvNRZT6D{?_-aHW6oCRQe<;y$Y`N3g3h>gO+Q#gn5UfDfId8}4E>k(%mDai4W-
z!{lZQ9DfbT^y=JT=V7+eg`7t*4=)i(rIjy*MV;hYh={^mG_4tEwuDQ58;=Uj=rYAd
zuR$Mf*Q@gEG8(Du*tQ<CgVNJ!1e+N5P`}O8XGNS6N%*s|!iBwB{;ydkFod7XSKcjc
z(Pfh$0O5*TI$yCifvvs9yw|>#fpZWTpO0Y-_5G_eW2dAdnk=$Q+-idacs6YyqJzF7
z&B(PnPv_v`N9s;e!X>Q<x)QnV_jRumy+ofJw@Ajpe=FCVz@!J`ZSMD&{jD@|wi?cI
zY*@UE-PDRzT`X0_BhX!a^Q|1=&xbP`3Ab;vulq=#t$yA<?JkIy>&t_|g{LuME4$+z
zqib10Gc_Iu>jV?@@0CPfqTiCD?+u*a2ctB*s8E?1WU1CX?wH7e1QKS)iuN%zI62C5
zV*|MeO)btFHf3KB@i$m)h{GY~j1R1x878~e9W{PR*8N8~nb?6$PA*jYd#1yj$TRQ6
zD!VW})1j(lOeI}o5dXF)h*x@ae_M(vi+GrH50%B>J;d@+*X9+$qOyaghSU3qi;~O+
z1@2aK`&$1Sy53m7vL5W4${~T4_&el~0EXE~B&z;9lSov2`y>*(fwR|u;JszyXz)oS
z!Xy-^C>6G^8%S5rX|bfw*Dh$TpB6%s45ic>%KII{H=0m$=6<HP>^$BES$r(KNB4@L
z@&Mbbrxex?W&KwaspA`P#P@LjZ4at-V&3Gl;OO;m)ac?d3X=Oy2Xupq$YpY`_V#sn
zu>tOByuTpIcPPv_WdN0KJKw!hjJ*}>EcsK9mHU|)$;C=Bylk3D=F{D+sG*3nQ_fL_
zX)eqIg6aaxe05ifk<F!1j=P-zR!M57V={`ndSWfSG$ycNK&q8~f^1)Y2uRpV69^g)
zM>x?&xFa0lG|Z!!BZ!-t3P=0W1fp6}J@l<RaM;Xlxo>RuQXA~9aIh~C*t440>3F@G
z@jk>4<+@x6f^SmuL}utY(3Wt5L2+HQvgUB8uV|k=lzO`}37%5tJJIu`I|GY-a6pyX
zK`~_>HXA2zYWj~h0$%^CaZnd&jBzP(mv#qO?13ov-tMWI1`?*;#Hf9d8QN0S0nMs}
z?ZubpFeIKCA~DsAfDx&za!F(&+3eXezZd^Ciu*y=^^2&awK-S&JT=E;<*9KyQ>2h)
zCGLeXxrMdM&r6OW=X8$^kkPNNyJ<{p4s=K4<~dA{f+$#s3nGR?w8VP;+D!O%OS$49
zK^Xuwz(<kry@7ByN{E8(Up8{fhOz|fCcKNXq3E(C_l;XRj!Llir1%uiIm4&;bWqu`
z1=PZ}@9s@(L71abys?{CCW~qx_rh3qz!DuLjT#rqWmpZ~D+Af3&#Na$LX_jQX_!Z(
zEuT9}-a%Oj|DwErx<rdyD+*%Hz9Y$r7jElyL^H}$Dvxv8gGzM`HjO%kiyg&^I=J}>
z@UZW4^8+OJBe`oMKQH}8etxxd#m{edZl5eaKZy(%m@q21NTkb*vf%o($Of*+FF789
z(Lw}u`JAo52<)BCDEm=?(;205K-+HK*{lil6>I+I@kXjvOgD3++|2~~3eY#D4bTPO
znaf!=z(|EaH>LD4ksObUez;oPL7n-bY|9JP=Dg*uEpCk;?mno&CLZqA=Dj3f0Lav1
zW}>T=5CHC?CD`W=05_jp%Q}4@vt*sV495r#G8mpOJW_P1Kgl3{ilq91yh8-g`)XW@
zQAxXqX-v6@6uGPM;p}r4)b|#}LIL}r58S`UO5+iPt}D<*bZ{n+wt@ke%YzQyLkDza
ziF80s98TfM_HNmjb{sJW$Pu$X*ikqG+59_kWj6KZ8a<IJ&1=w}!`9;YC@BJ@Km(B6
zbg7`vI!UZYDA{d&KnmO)60u3$?YkF|m79YbD8N?voA}BZ<F)xaxRX#LY5})|l~U`3
zY&sGkp&O|-d$^uH80zL+Q4yAzUb|_zEHTd`ITpfl7a6{HPPj*N>Y0m@@=)31H2zy0
zyPR+_V1UK8Og{dm!h)a^Z6l1mro@NwtR*r=YMitJE}Y*s=!!C8EybZdN?P-D?iH_j
zdKigMtM#L$JJ>obP0PMQ^*-()+t18AYsQEax}7xNGWSp!xQ)@@Jv&BZsm$F(0<;O7
z-{;4W<uf+8*hX1EoFwqFLy1Tm2#$T-ys0WcgAxh;A-BraqBf6yh~d?TK$`niz2tse
z3-GQ8y(8Mh{N67o1D<OWAIjnHduE9$Q>#ec8l*rBeHz}(vCty?D3Hh#Ze>oDzj{<8
z=nrRySI=owG(|sC;1<;=)k<1Jqq{h*p{eSip@B`wztXE{Oc=H3sRXL^R%_TnXM=ua
zQKvc^A|pAg<lSieMmig*eVFVagyy{w6b|oHbpz)=8y`^#<(I|)Qrq}iBD_S=U9mJd
zrS6mQKJ(32UE!9GgDrRm6_4C97U5kk6bRii{uSI}s-#g8g^|R)Bok2yBeXxQO4GTq
zTA@(vC=OblIn1hjOjCD0#r1-7;Vo`9BwAjZR|a$8>*Xm??)~$_Jzdv@Gg^>0n%f<Q
zOi2?in~bum$i0bG8Ezusp2%Ud!<r;_&H_XC!Wp2idx(6)yF}OfEf|87_4a};3SbrS
zx*ywfMuJ?6b%T#+R!I|Kvf3ArcdAMyP+WuVG3)n4u{`VKG{$PvB~X-Nz&D4B*umY~
zTkWqG)tNUuHY7KGzT!ZSjr~C3#8sppX^sE8=Dv$earEfzKKh;rX}yAFKfxNdi~B?D
zBuU6kWKOZp&kZAC9ZJ=7UsFT;$bIoW(C76(s0fQhi;t<<T$TfWWMFIv!T7><;n8?_
zq&TMZ(GYK$J{sPcCat_A?@#1Nvx)MuDJc9~rw4(R`-7nK)0y%z>p9zyR$eyx!__Ev
z6jNTB0`cPRRi;2BaWm-~<q+~PIG3kd5=z_*v>?D74&-CfA9=;5CBFanTL1W+09T3=
zGRzT{`>AtR3V&DJ2t8{E{XJST(VU_IjTws05>s@75bk0w?c<npP&HmVQRvop<0vd0
zY0gzydP;4~pbNr{`G}2yzbJ6CNyl${0fj?@T;!gwqyNu|6nBSmIDU?^g*!CNkMT-R
zuTkv?5btaQRBRqUGyjy<X;v~lI;N^9{W$koz>x`^UcCF)k2CBqnK1BJ_2hPtowGVw
zjClX$7lw;@9HlG7ra(1D%?s>Xk{e8QYuM$;+@k9qCwcFhwXWJScyv-vUCdcq$eck1
zy;nFeBol}RAUQTJywN#+gQ7^<wlB%PUgG9p$EL|L<qv#{N?cs*a|)HegC`7><8Cf&
ziw|K_7LBc!&Nv_TsnQ)^&Q*Dik%~Nb9acQ$3hjkYf!n*q*8(`qAzMix>6WSlAXi6m
zl490h@6PuYSprz}XP#4~_|}#^=fpKZ^$MCy0zacxh9N=2r=i^>t<2%>n$ciZRkkP*
zdA}o@Zvi}wK}lN(7lXnl1s)2|cLD{GM1umUX;2feXcSUp=OFF9xY@%TypTb{tF5Vt
zAV^r|Qf}B%0MRr~ezQn%D+<Yz4e#AdKoGJKLMgOfBxNmTa_Q(U!+uiydlQq+!Cs7M
z4aa$sTlkW(i^;6ynPrsaZlqUwFR~0T-QDsj6(D7)+d)3j=<P6gi$lYGo4pJ3x>%yq
zf9ArmoJXE0H0Rf%NY>^1aiK0WGOTi4k$!4=x$cVhach$RemjYQ_1RUmwa3ey3yvIa
z2`^>Hb4qVfCFx$R&>@KR7YDo%G2L^(ew8ax*oVwMk`hkm+@#10w2|fnu1mw26?zfO
z7{r78E?#KI1@i6j>I^pd{J%mHutmy0iEw9PC#{p_e>7o~+%`Si$Po*~kCU0Z$bDMO
z(if+v=v@^Tp=8SD)Kzm!oVv7<Sd&P=>Jzh6hKX6=nGa~>DkD#-C{65`-a-DNATZq*
zv}_43bDFm_KK1cY?rsb)Qn~(f8irPriV%W;TZTX+HnN+$Yl6ZksJKi0)DWS0&OurM
zv|&bdaZ5?TP2Cf3W~*1=9-9t>3OyLWOrGuFcMPBKfJ(YNjRpo^ezAJ&R?{q+57yp>
ztSS{tU{B@uat|?a@Sp2)Le+=NhB*sE^7lcG{9<DReWu+<5?FGiU?A-!W!$FtyqS*2
z%AB8itW+RkNIE|M?`^)huYQZ?z#kok2}6${m1QiAT_*np+jG_|S}6M`)ywRMvH*ON
zV~K6tibU*o1To)_=gm`ms(}^YXU0SH5wRt?y%Fd@l75NUke-QHd0A|?jQ{Uh7PJ4`
zSJ4P+F%!V{uZhjjM7H@6H;nHWuIrv~&nT4uyFxrF8%t_L{+s$+$|Pb;d6fDuf}!%6
zfK_*LqP52@@z{J@YU;Vqu+>7Sv6#xRv5&!Qi7RFm<3j3rr;VwZ8T(C%9nft_tP@JA
zm*BSI^UXxLVkGdfRn1iOvuV5o^A6BpV5_S*JAEinE$J@|sJ#H&XRf<eaboBNNLB)e
zqr~MCs5*NAwppbwd5;QLq8r;btvQ?>8GKvmi%E}F4|a`{EFDi@w=@?7x<Rvf4NxBL
zKE&Lk-$m}197-ISBioF4C|ad6Nj3Ur4^%6YSiU=;KC7E9`VEkNTv;0BF^01xrYQz4
zMJlW3$pJ8Q)}<89TvO_Sh~=%E<Ki`dMs7mH9C_UaEEu_ucqoNxi|lB5?k+rM$qQM$
z7|CrC*o&(DYP5Ws=xeCTbsgQwN~KVLn!G$+-FCt|blTW88Gv1R5z8jcBNr8)n}&8x
zVY~WtJKa}nxeW8%XoYk(*I}{~)3;m>ZL21U4^j9ssspJVFQzc5&G9DJuEyq(at+-B
zT=8&MC}<0M-|L;LpFnqol{G=iNflpWRxcBgPG_cdM}flfzs64dJ$EU^MS0)bb+6Ui
zA~(SlayQkXPKCf0$U6JV43zm#k<dU=)a_)d?6%gxFc&SAz~cSz%@Zdm9w><T{BM~M
z!OP2*s`2DG?nu<yigwOCcBp=kcT@%o*)`#I)fx0aC5`}b8ZZ4(=pp5VMCEoFx;)}A
z>0-=P%B6jYf-xJ3&@(n<F)nC!-@ee*Hs(n849WI5;HJ@1;q`W{cpoAJe7jEzn>+|E
zsF9y4<xRSACk`N61!^}+ul7hNamDFD&q4fI8IU=BCp?~;f}L<+OB@#T+|M5G&tn`w
z5_xmDs<F_pw%VYoT%bDxx1#S+m`0J~H&J$zO<6F}DlIESv{@fVo0n4=?7zS)<m*++
z?q!N`06A)BDZV4snmkg82AeO3q6t@&JfteSrB@aE;>~kvI3*0pSLTpDk7ld8Fy6As
z%5t>>m=BMojh~0qOtW27vd$iyMU_q->}rLn1@F1j8<9U~i(-S~!`Aq75`K%BSp=ic
z1M-#;&%of8lTfTeyKU7R^oYDp&*65>;W2UnGlRRkAi--2*MQ$P>WkBTPQ$wxRbQS{
zQwuwz@j-WVO^ovxqCkney-S1rWjGr9vAi7pSg0}VjC6O^@Q4e7?uP@OI#{i>xRdUj
zi0xix3mL0HsiOxjW89$4HFb?T8n=X}VL3&?Xi-Gv9ip7DoF#+q=R?Yx;tdEllN;SL
zOyJLxll&{?Aw3^c;&`PGSwSH@9p#yoIMDK|3hv=>g%P(ab?z_J9rS{D35_}34Z&{4
zu_YYgCkb|0U8;yO!LUo(A>wVY%n(@=t4cIiSjrLj#U>qFBlvB2{VTVbr7hdVJ>ztb
z%4G5wj=lMbW=kq0t1!+t^(ZBc-TZn6_FlUmj39{N)TI$>k`+Y-JEdATBI5U3ELl1@
zE%jF0aS<;q9oT2YhU<>X$l(SMCRk+jJ6)k>7h9ZpPyXm$&&@-;2(<(B)#q|*nTl8r
z@o>7T_~^N~eJVHiYIFyI>t`IHntGjPho*p=d(Bqny)D%@YcSoHNcrtD?6%1O#Ui)`
zSH~4V?4cz-kHd<3T<_d%bzc7i+Y-OgptK0-gIC*gUy*lqv{rx3G$;!EGifA9jq9&q
z9og7#EOXn=P~Ud8Sc;+%@n2y(<s#9Ac^(($xpFO9LUBXJ?C-wc?$e)sK22$<nsld4
z@nq?W9^9t(VErht<2s_ISlWTA+PjA?01=z-2gSd${)Ys`dE05|B6oQi<Wf8GN7#Tc
z!5E~Hta{Q=pBZWzzotl^A%dYurn9R@2!t}af9IE8N1-(7k_=a33Ajm1e0q{@seF{l
z#=E&iTvp3O1$VBE|CwYo?)B-(;5Z5=RmPVKD{#9ov2;1K`ylr>l(#%Cc3)0Zo=5^3
ztrwTx1H`y64m)%oF4)HH-brIgg>9-<r$k#fn^pH=6aogWhq@t64b-#>+?;XE+Lavl
z8jhS2gBL^X)cHILYVcxLMYQe1k@{jP_7W4G=W}Q=ZMNt&p==-E3dOK{xg}j;7Tuij
z=q^e$Mu|ITI(e)^RMQM!M+T%*KXt+h7?%0N;NZMf!G7eSW2n5hbj}Y!w1mMv-6P4V
zmJX1<%6NQ^DQ^dGLM(soYTTse30A9fp?Y^9v+J>hASi|?_N7Rbe6OebY#e_14r4;_
zb6B38+l`*kkR;=Kx&J_IoByaE@<=GVzBJ#yGzZdXU#j8Q>2WCZ*ZR-i3#jb%naU^Q
zKWOLXAon>R9Hdnpl*k+DS9RIHcvVNa`Qsaihili?m_WnQZ-~hytaV1a4l<g`jqEBg
zEy8z%m9@^`o&+F=LZRc(sdJ|Rk;5>}#buV5tzW$QoDH>Qy~zW=($f^DxdfGyv7&F{
zaAyssz;@UMwBvGYPtNsLNgy9ScxzO$!w_m0?$I~yi>g5B(xsgC3DY?XVdDBqmb=Bo
z_1r++@{ZT?d$}_wHlafyL|MGbThty9-+WIDzBzB_VBg1~uTq3`Oad#n0oem#@fl?g
zMZK4EfRhcu_ucl*hEwibTxqzYo~5V-IJBF4j?{!;?<KPP`;~u6(jH!gC>>%HfVSpO
z6GX;-<+~T)jf#IcM<3e7U5o5CAoh#ycBqy?XC;&IW&mUzFLs7HpMVfs3IMqj{|we+
z8lG)j5LZR(1f(PZhugETJnxENyL+Ho=rufOD5|+lps}oe1Kh)4peVpH6m7`LMuh}3
zcu^{2_f`!cl@NLxK8(kG-Q`@s2O*-pg7braa%EUn=V>|lHxMcvbq9~1oSI~u*6?49
z?g=-RC9IojB?Vad-u(KlC6~`nJgA<f?)IQL*fG|>XRzBx%F5HtrZ=)(FLxkKQn2T#
zM*be1W+VfU%2_T1qe3Y0+=N#)RxO<tIE4}Ytn=&Dpw)*Y`ee|3U~)*FAn3hFHhF2U
z9uJBx)2nXeZLQBcA=n{yU{`CfDo?pm)#PLQK-vUt#%fT`lK<`Et|NjYeT75i7>%id
z&L%W{jN`DN_$C#GRa~LeEuUy@%H1cF0X!O#TOOg|YIzE0(KOJLJpLdcVkWCaSk|ZB
z>T2j_+=2wv(+M=8fr6pAUD`1TZO<hX!!w*42x-S7`8x1FB8bR!ZXOJfet$w?Jc)Np
zklpPw%kf~=lpEk_ZP?cdGoGgjP?tBGsJDYMece^KH~Nvhptz(uB*G+^3>!510e<a2
zC0AQb%E^h>k6^*q8FT5RflcA}euQTHZteGS!7THhiKY}1yO)XJViD|!GUlh`S?imc
zO-MUeOo6?o8MjsFWd_ZJf3{xpsMjqpU5x8<ICqneS^bti6;3lXZD#ux^|L{eesEI(
znmeK6m#{(pFiR(3DqYSFiNGX=q;Wg)evo?`#Gy=T3S>^aS^N@lWm274&R#u-*VdT&
zaEL?SXmhuWE-5&q_s{^dO(0Kq{*EA5chmg*tKq5Rq??=bBwC~WP>9yx;0NZFhJ2Ri
z*4H2rEY{Y66YkN;+$hE?!`=dlVuuYt?C!bT?OuZ>2HcYE^74P07iI-Jx-YtT#oK0-
zOOeuuM#L72kKRO|l%aQ$7HCBQGzd)+6=OTmBzXt63{4W$xpPg@C(s~HZKftETZ_~V
zE&ZC<q?8tE@MII3<?Z9Ps6j$pp4cjxxS15w(x}ay%311Mm(-e41OYDQ^CHTOZBZq0
zC32x|PL<>j_UbN*Kiaw?$y6)u+bWXQu+qvcE0WOpY*vwUv{xjN$uF%)g0cH%ilm_X
z-P!u1!*dh0-%@`>Nw6Iv{n20)6Q-fr#r=`oEV{Keav8BzyOOW2!pP^`=?$ho8cb4Y
z{@@)M=6NULmZ3jFrMZmCTRfHi2%*<&fI3$o!MHMqyV1VrlNUz{q`z;XK!Sj5g9hms
z(;(Tcn;5Pcc0U5wQ#3=jAl@?-K9X=;mAvWphfrapaMVy?G}tYnup}>w+<F$a8HJHh
zO^PDYkn8?fL7ADuQ9^B?@TjyxQAT1)WJ%qjpm5m%J+YG%`s`>JS;ZT3cX7kK5zx$z
z=t9zz@C@6<o0!pbN8XAQs4gE(;TU{~%eH_0PEZbK651TkkRU4Qo_A;zGSxleaoW2k
znXa@8s4nm>d$ERe`?8DNfZHxz`e8MdcgnL+XN;XvQK}#gL6g8Mm2H0)_kKLmNZo|$
zIMPV@Z+;Q5qPh5Dn1Uf&LA9quqO_Zw)H|VqO14_QcN-Q9Eel-{U(_YO4llP7km{nT
zuo2IbP84MW%g?U@1xiSP;w~i}ka6G&p_94FawOd@{kGZp84l9&L7;>~yO33cwz&6W
zJ<3oGb$6>LN;Nd__g*M@bXx2ep|<C*@zzM&LrL}%ZB9+N;cXJ1?1iW_M=P7Ocd9hV
z=ZL%Xi$jX3Nm8IOwok9r62%B!GTGkuaA%WXL~i7_%wl^4gd1&t2f0SlLkbw5p)--v
z<?$|69KH@<(1%oJQu@EWv96#C9*hvTj!KJheda~9=>Vm-J13^3Yx}sHztv}?@aX(A
zme<)nqjIckbD(muBQXdQ%T)fq*?SZ4D$6tfKRHj%;p8NN1j3@C0`68L)6&+qX=|M>
z(`aWLXKJI<|BS!6eiLln02B5#Qosd`3%Cc|a3LTrb%_;mk5*bl3@*6G6>TwYxK#h2
z@BKXQIq%5^ICcKh>-yL0DktyzywCpJ&%J(c%!b2k$K8;^5lpmS=`<G5uav9ujQF3(
zPZF&SNz2@p@rfzkLVJU(fO(%hS>V69-@a)^{89?#ppew=@_ygJW_GpN%oYWknW+;m
zm6JgS9z`K#K?h1jYjS$F$xh#-6r4zCBo(ke;HqZUKoKl6uPDPwR6=g{0~|x#GYnDY
z%<yq|g=yMGlKaS8C>i69yip~6cO{e%&%wt3UB5ctuFT)oqYkSe`?@`PEo}-3qmoEi
zn#eb&CvL}bnzcW6ol6MSg@tJC6Ne8<{9+J3tLGFBAi4VD!bB&oa6&2jkXZWkah5iG
z{wz;r(zR|yg1{^Y4&tyOk6opB*-b`1F(IJiSMH?Y+8!$uQcgiLZ9oH-Wu#V>qrn_f
zw&D#k89p6)ZLjFH+MGQ_Z>U2n!nU}kA0Qk8HoI<`UaW%JxpfGU_RDu5YE{}x`$B%N
z=_dW>3&@=Tk^X#~;n5b7WHvY|;4Rz0W_o_SQD!>4DJf3(s;T4~Og8ebC<2|^;MFQb
zyG}tF^{~0A@c2;~3vW?YI|`sQCqXKwlxl7xw1E%ZB62EcOSGwkontG3lgH61*ER!(
z-9#h**79!^|03B_us?wtu7R4>H-i>igin4leUIPzzL`x@qF&`SY;1`FT39&Cbf0wY
zlO$b&sAEZ&`)g=`-Z%iO&Yv0p+|nJF7`7TSUMNhlWy%}3QOW)UxEAgMW-V=K{unQm
z{5tgLQ~(;1ZYQluhd%RSLX(1uyrBclUAmD(1^QwcGWcS##BVlq@}rG^ZMNv?n_NG9
z{xmlhyPbSu?1(O<HLqF+VuU$8i>K1C#>LV1O_Qz_pw>ni6{`4AuOIDt!iVS*v4nd!
zS;Yx1eKxqB5GSvgz6@!y3lk~1f6gtGXI}LF&a@GfjBsG=daiQU62&#@c%4i4d<yRc
z=;N+{InX=0^%&022D$%$FrDrM27?P5CJLU!TN~=7jIMO=PQv_pl&-CzfF{X3Q`gO9
z{cLRL#QEb=g$bB?8O_<tlUbNKlPzQe{W?M7H1^z7U5D;!(9(765!IQzPsvV16Fl$4
z%ZcX{JPX|e*b<1x1B5^Zu+}s=pFiEu%5kjaU#ZCTfoTc-2ROyL)6&YsCw2Q}3G#Kk
z$5pOGpA2;`zE0O9z9yYtvAZWle5{_jyTPZKC(X_slXMbyb~l0m!kaOeE(uVAc2y_G
zR3)pL{k*K4nwQ_^2kw4=WA}Q*xSZuvMJW8NNlWB@JFQWcqqT+NVkAPoF@U>KGUR*$
z%V?z7Jw)I)UKrRe1O*@>vtn9JV(09-j(ahz`*X!Mu8czXQM?|f&%fgC#e^ob#D|ln
zcw-_q8ej?wa2a`cDYL7)f2v%eZHzagz0$H>0L5U!8{HE`NRJWw#W8~Z+0y?D98qlP
zy`kwQDHSio1|yZ#a|IeGj|R9aWjDVYFTIh(ixebQupgIeT!(i`we6n7^@p|H*R92&
zPY-TJqhkfG4ahwLA~&g<M7m<?F<G_tX0lT7Kwl=S<PZ<cvjvF06<uvabfe6DQr>Fk
z;ED+>#LDfm7Ku^*Qp`m%BDn`}uw)`D-G}hz^f}|&;M{pqfECzB+CGF+6AyM$@VYPZ
zKq1K>e4*F*jFIi{t{5nfy3bB-bd7*<Ymw)XhehTp=9ABVByV6};k}}{vN!Sg8wz>}
zRXjWpFYv6riI=;(+fGdEP1CT2G{OnJoV~$|k?zGwEy;g!!`O-k3OR#Q%iGxr<gg{!
zM0A;ioQ#Kf6e}epL?K`1Hlq(UMH9I*ByH%0>AF@Ue%Xr!2nE^+GI`L}-@9jyZzSJr
zy49_iB_KNA*21U(avDeV$eiWQ<Um_JU9DLy_L$45KsVs!OeU>JT&z_yhr0F0w{bPm
z%&qcT+-56~l^twGA$Z<;B)d|rS(M1u4WmJ0Ig65Qh#y0)EYf}1EZkpMybYWrYp;aP
zMbmS7p?mE_X|T)P8Tg#(fPFfZ!CgEnHrNrSqstAJkDem>$0|E(CR;(e)$CN*<JXSw
z`nXF=R_c8eFI~R=E7T1&ySo_Ec!j%nBHL@ITMe*f_zMp(Zc*6FO9#l6t43xJ8Cb5v
zdwF}yizq@K-(ntNDe&^tSisD{E5hsV{mS3N{?fjBl0ZGa809t;@&3Gesm8cV{)CN7
zhis)|dE(Y1DYg*yB~9H$=wDd_Ty5NM44&ahxFhrva@>*hDixBfLS_l`cNOLy*yVGv
zJ3-tvJiHH`<!3Tsokveh=WJtelmAf6;0A>x<S)NL(}iph4>)%+ECG9cSjugd`zsPk
zIM=TX1i8`O;fax`x=Dyb-AyHMVGGp^0hk|@AYtWMu%f|<<2;anKf|ndw52KIGMbBG
zg7)^s1Xh5hRFiUZnF+PM8wI1ONc@lsz8z@Y^9`Zm91O3T@H5KT8<Ge^!Yk~nFJa9a
zg_w>76IDbB``?=|MY?uNox=>8Wdk;i<lA%yW@d^<Y2Q?dC8>fOaZ3BF&(wx-9gS?f
z5*cwfjx+uA{!mhy`RdW=K-!X{>g_&7^D+^N2OthTBPJOp2c%8ARM}KWDlf}$?sdv`
z;Ls^EpO@i*fT$zSZ7ETVq9*Ze3GORb;=UriGeAeF&f4}S3Epf_WeC&FO2CR9xF@(L
zR7@Gf^!yGS3MD|{LuAsEQRE2G3+l}x+^qbNiiKLv)XE{uU(rpVxS5*D&GEh^rEbm?
zV;&0J`Kb<Vk)7NYvg=5dvy^)~;tq5^&c)uuoWdNSNHVgpl3is_@V|+khymgmTjFv?
zsTtuI01+iZ#*IHPy75_rJSUadjeow?b+Brv&F%@0QFca|Cf=l!;fQWHT<t8cPWafG
zuuk(}?);XFWyLl}4W$T^fL-oxgbA`4T`{Q{Et+Hp`FAq)TX6KyRL@C3^fkx5Ms<pT
zyoBI2a#xKSsAWObhRdj5P8>~CX|14)qBZp<hE64>%ufTCT~w&tQM^SRuLN+G+XhDc
zY?O357(mZ?44X5`*jeFBFu5D>?A!&fGj{eoMe6l#)Mr{M-Rh8z{+trD4$*<ojP2r1
zRdmwjps$!q=q7fZmi;bFvG#hceL28=Ah^cfTloe;*PG6tx>xWa&E{ICk_vZ*+PH|!
zqiE3XEk<xyJ+X-&)%?qS%#X0(f1I57I&838SVqjY&Qi6`r$4dy9`MN6;6d)9sU6VM
zs>D~}s7li3Xzz`5?*nC|yHQL;bUuv$n!{78X}aFSsj@5U=%sHun(G}Ei;t9G)6z2^
z+0xbPs2d;2Fne`73MMOaBn)oF7^;>S?|LbaBM_YJcSn*kcMf_^F@3^o@jM(lhXeVg
zAmGa|hpW)7WJh48_9v=|L+_rf=)w;Ua@U@O)<|x!o*i6;A1EITcIz>${1gj(RjM<&
zXS&VZKT~`*SKP)Tv=9^-p>zq!zaI-3k|vFFaVx|~Z@!8vw5;{n7f+PQv5q(Uy5$qZ
zs@;JP4C2c^DYq*l*HOKu6sA^(Y6a)opBs*dr;e6j5$YIGOMRh3*{(zRcK|w`LXU#d
zxgLOYTEciRQ!A?b<>4}98~Vr5ClUn6Ew4on4&L5m$f2Hu2Lfz}4kr7zQC`I&4C^N_
zKhj;%eMowlcSu};8kGl7znrU~h;&5xv&D=P^~IJUx*?d+fNWeB<GdkGp^b5StcU*W
z@6|AF!P8l`EsDr*JPH?s$%y%l`vTOOmX(j=hL!K&VC92y^yM$EozvRDfs!r^eNN6{
ze4e)<#LRp$<1m0{r*}vp!ZJq=<FxU}L^S7SxbuUG`+)a2C{;ma8d=~^QTfW3+q5ma
zxvMiU6_{7@Oow>eiu}c#&)d6lTlTp;zsaW^d49KvtRcPh<oS)uCi}rywwq^p&uF=R
zx7zjfVTqY`O5J&<z%(~cB5(v=>17G&sV{1|D^2}tvRpVP++_K-J9GP%Big+<9c;HN
zcsC2)_X<;;7D@mKYXQeU&0e%AUI)sBx1C`U@Y6pRC<=<L@5eS+IT;=1`hIN~(9-{|
zsqe{zXBB%Bo=SX#O;1&xIi(uHL7k)EeDM?4-QU%OmvsSe3B3>$OkOvF6S!a^P%?{@
ztBvh7;+Yoek;#Hyy|rI6Zs5(@El+1yEyWf<lK(KN-EW{4d_3f0J|^F&$9y%gm!HnG
zpz`qVdok{LmZ}fqp7u8W;An{-gN{Z9K15I^I%eSGtjg_M<V`-^ZL|t88Acxv++|mJ
zxj_DV+p^z?!RRkDmT{|YC2nIeE0*Y77u$^*anBS;?_BB@_Uqt#na6zSqAWs?qWl_7
z6cQoC9CWKD6T?`Pd{d+iC%g`$<XpniI_42_@mx*mswQKE#O^i+g6=t^9J`xMkQ)fQ
zxGhM!P0uUj`LPS(32{_Bf?YOZJlI`X$cbUbZ#F+HuUh;Hr2nOH${EETGjdxU$gQ{S
zx1rkTkurTDa(ieXw~&dx$StqsRKa531TEPOO{R^Y++BjlGyUAny~6X-f5cKjI#eTe
zc5jrs#oUGzsBoJRYX*IX4eY-}`8<g|wHRHIKT8`j3el-yE3>(tCKDBFP1>O7^LPB`
zBe|;ef_3z7M!GGSB=q6323P}c!G<k#?<mIMI3&mr<Dl3En?aeZJGyRY)I+jZ(-pf>
zaMJJLMzP@GR4*Y&Dd1O83eYnPDY_!~fkcbO7BD=dE_Y-YeD~`l3JvlhNeU@b-+GG-
z>M+U`cj(alU<8ZZ)x-S|3k|XhLa_S(6Bh)5l-nCC)a`=!QMVAGK$?3D5h6rV7X%8D
zl?3MdJ@Y0)6Vo`{{Rx<EzroH$+Z-Ml>oXLSPH+Hu8=N^^67#_AG_Kb!39k~qjHo0&
zQ=E{jJ+VNc5Y!cq6tb>_O9HBHw*<t~Huy@k<<|asq!*qHb*l(N;|Z}ZvP#`Ixys$u
zubO|e42KWDCLSt88U4sdN`J>+p1HuH_>E$oQ%bul`tvbahK*p4;MC*mCt`XbLUmVS
zD(?d$&)y+*Wfw04PfVjrATh=m<Pq+%LT|XgK#AwOR;edeW!7;)#-BV}I)jEro2<#*
zVl;X!t|c-l+*BrR&6IF3^{AZC!?p6D0jt{S(=bBbH;q^${{kwqah!B^GT3muUmDlJ
zk2d{_swvq_b$o5wlyo!dEYA+>8{?l<CRh|8(2J%r*>e#LV6%&*l)Gf2^+<ZKS~Kg;
zB?VBr-rHz{F&Bk+x-zo)f+*De?QvS@q?_FjF&v@t=>}No$W}`uvg*ogJJ1_nKR3HA
z2HiTh%+Y84$`)@AcG`54K9gT3y#5CCxa_H7ckLATgSp%?;jwg1?m9gL`6C!gWz5<z
zo|)Q^rbYYgrpc7}IQJQUwcv6>r@5pSi(?N)NEN5O*Sz7D38Pv&MOF?6Az3M9tqcX<
z0jZQ>d^9s8c=Gnb0fT&or}NUtwVCvzkg!^S{!hfuny@7<!}J^YQy<R$d0`SdfxY1z
zP~7eBR!-|6MxrLUe_e9VYWx2hR8MvCjxLo>hkNE)w1<e3LWPip`Sa;bGH`FkjKQi_
zxOr$+DP2iysI-~x8s$7beMU=i4?-nSnGU1&p=_of(KJ3Chhy^Ls+p%Y*@zIDdnO_4
z3y*A6YBXYFVt<m1r4oBp$Vi|74vY_pLqx#WkUn%zw`N*BlG*)5cr1bcF(vU6z1j*Z
zN+$-pR!#d#R7&*i>u3j{8JO(K6(dPjO)i;#<_<&2%W4+8e>45z-e~YxHR)C^9%S0a
zc1<-?bg#lXR?i6G6j<g5Q^9U`_Mm~haT>Vn6ESQX&zYz_hU&`Qg@bD3IwozT)#yF}
zzG1(Ijc7cI_BE?b79Ekol_T}!cq1?DgC}7WBqW}uJ>~VuMtBc)H`IG&_8MHb)$RL$
zqG!Cr-PRK&V7E*U`Z?zLxddlYl(-pWX3Fg9)=jHP?sJ&8aAuW%wwA+O=R~$YW8csH
zM>`9zfH1b^^TZnx-O|DjmBaD`HPdub=KOSX&Z<3naM*>iYNK7uxcRfZrF7wtYBQAH
z(*S!HbGA(s$}}pA_#v@xlZBc3;G^3beP;TB<qh7vx;4CiqgVvJ%&i|=Uv#s0o^jRo
z-8;inPQJahdS2kx`RMo(_jrFrSQeHL^@hv9+0z@Pz2n~w{tY7;LT}bYz1duhwlw1|
z#?f2~3MD4-&clD*j#<Bc06lvgL(&jdaw!TyHFO;ST^h+#DB(qo9zC&2*uFyyGV0-C
zn9GHhz>HN9qI&*Fgz<C4kgz7#FwqA2+dNC=ekq6^GN0;q0kxVW8C0O{Q`t@%2|jfj
zXEY(O0?f(gQ`wgwWd_V?u5_+vU{3Ez*A<wP9T;#qK?9v;882ZOmF(^@TqQhhA!v@R
zj1p|1u86aN*0EZi!Nw`{!`BN~t-EFl|J^;qmk8<7U*hVmG%NpFge{(lBF_}J@l>|u
zH5eU@W`$t9dh}$S)qa>is_JQ!Rz5e%zTih?A@bKQ(1n}^mWs}jrc)U6mDomDm0M<3
zxkq_nT8OpDIxBH6b_&6vU_J3uaxIYo4VXlqM^h(!^{aqD?}o2#s#<p)M0qL`w26_4
zN52ZT*8lBMMHk^`0>IHg_xE)+W8cLw3bk@4f9&br16fBOok@@60C+x{bRoIENc45_
z3R~Y>W+95oCrp_jS%T|X5Ory7PhC>#!*cijR4DypD8sZAfbh3u;hh`Y1(-3^;z|^E
zw`k-3f!je3Zo)VQRHNHS?0bKoZ)TtLPm6vlLFirls(4AVAW@tRGq^Q=0Fat|$Tt9s
z$MSOVe41$T4i#s~QD(%>VSC>%FSAT~knN({8fi33-M(g=hL&PDQ6Hb@(&9w{x0kxN
z3n08~Kq<f#Nn&>E2O*E8xI_R_u#~%rz$!jKuz9GkIXU=VW2K%h>-1%}j!ztAy5~}K
zcXd`zD>9mt(e4q_CzXzqc_SO?VrT@`l5{1{m#Iaw-O@tZeN@Q&-x@*+>FZqz4RbpO
zD~zn@>aYS_^mQ&!C>y+C(I$Nru%QgbMasGeme~M}ZE$)ouE@mChS=CPD2a}7h4#+f
zNFb6_qE8{C4s~--kMjwRzYVS47IfzH7Dmjo0voAWjGm_f3w%*$qsfg8`Lz>emy?Y<
zxCp#2BlqR#5JI?&2S@sVtZ@2Tu~4#X-7&QmSdS&#d1?+KF||hf0R~rEfW%lx;2%Nm
z5VQMqnOrEd%&mal@4*Mwe|N!DA)E(GEI1B<C)Qi4>zIcAfD9{&3=iFD?O_n?kq1u7
zUm&hTMZbiPqGj@K5tmQME)%R`UNJvGUVj$$L~MfK6;aXnuDw`<k$B0pSQxLhW=r0E
znyrUYo5r?K-gb;;*@seHK0#K9p#+){jS)!&Vd8kardY<8Xs%%D6G!-+uR{fw6x-$|
zY{fRH?KXv%!I||{%m-s>2bohxm1gp<Ha1^*Saf+8Aonn=5;#l^N@+h<hau|C{-`i2
zut23;iFi+6yvK*JI{b-vZz?mDH&SmG&7IheET!ps3}E(SGqmmRv^(0>OYboeWV!CE
z*6R!TWJKbi+~cAJPJBmv*%_j+1$zYw`(&z68xhFE-^&+KdfI2XM=-CIy4jPela<Q7
zLO^7Zw69=UC|W>pLi3G*7ALzsfI`M!Avp|@P#ov&4mEzLEpT>t++iF6XU+`#o0AgQ
zZ!Gq<9$6)hv&A(Ztiiyp!SJhZ9Rza!xB6zSom&Kn@a^r*d>Ds@t>FdK3_}_3HN<ej
zbdn=)Y>V}IO}5YW0@5`f1U9%kd}DX&!WWC@I}Ht<_bTLm)fhGFu-cerab~G-f57m1
zwr2gQshvf)6#}-aSU44eT{92L!R|3ftikJ4b{zXx?<(=+N}S;R85hESU=Vx<AJB65
za(UuM-d1)G1Xf;z@`mRN)N#+?P@y*I^3`PM(nFpZxJ3a^tY?g3QzdSE|7A0LkGX_4
zvI3)%#pwfBg)&46U&Th?4Pc@Te#9o`{K0*O;9<_;Zm}=EG&Blt(Gwa4eMC~cw4XV;
zw@O2Ac1>K9xD)`1&>W`R6T}GbbgK8;yA?<)o?^z6w<mCUe>YUM?B(`L)F_Au0WTFU
zSu%nlvhZ?G1P{B1E8POJ6OLZV=Vy%9?tP!!2*6p{xk*;6p!ITcG1~MGcQ27;2|GSM
zc~em19FCf&A5y%U_+dN3J!xqFj422726sky;ohIz&L4Qqrd)$!CVuP&qwvuu-?LAW
zHLkeL{yx<Iy`TH9HpJ}~sSNfVjD5Bx$+bKXlTEA?N|R#uyBX&9HXJw5rsNOD+DG4R
z#(+XUo}SE>VOB=Ksa13^WkQCWBGOpw9zF?I7<Yj@u$RC<Fdf7$-Ox`!7uca5n_Nek
z8~U~I!3X%$)L_6Hi+>LL$5!J08S<$mtmw`J1KIV1lzW)qT`d6g&-pNj-;~OA#4rNT
zIG#@SA>&ByMpLL8Qr?O7;6czNyIwDW{Szpqv47`^{j&y`!m|d#SpX+&RgcDBQfBX=
z?s^Cd!x-r1PbO_qwySM342FCGS^*=@T#zWoA}_=n`mu()`ym$Bv3#rjHtOVRr?OG*
z><D3ketRc2qdP$t$NYv<Bo&+&U4>wY2h!&=zQi+wWYFy_vKkBff%@u-6Yn`r_L|A<
zy1pM^O^aRoRPM7^X24;GdzV|oCK<k&Tn)Am@XefY<C)^zBJYfa_T~Qse8zkcy!-pH
zBR4m6XqrZ{Jk|_puzX#=wnID;WM9j}>1taI5d}-7cb^0YrAAMnW~brM5N;0E25#oN
zwv8?wP-j)UtEC6j0>9p`N>3_@vf_MIEb%Q}Hl;1Qee${SZ1g(JynIr_!nLxS#Y{vq
zu(V!cZah>T$%nG;Ol~sMu5#WZ9tC77_c<mR&wtxQYyrxFAm<0c>1Yzm023DcU*%?-
z=iP}O(`Nd80!h@@P~fQ(naUf8^w3K&T;BZc-{N7>j`N^8bQxeyG|8MTBI#UUZavEw
zqVN4eQ3j{`VrH|0RC+8kmEOfA1pgU4gcpD=>(5+Q4l#=_U^}4~o-fZe)<(22f@lca
z3s<LzaRtH4y$2Fg#YASU1R`imzPq`Yo6o+zXT0IkYl*^`<T2v8XzPwf<)>tk5=hvr
z->P7k^$m^EEZ)K;Z8a^Q$itZXaicGLmuzvrZ%}i_&Z0S2AzDE7N-8S8RTHFz_}66F
zulfH}ofcA?PV8LZOHpcT%@z(Y28JxFQ$4?`co!7w;GdDf&lK`&Am$8T)LJZQo0fos
zC^qR_0hf6o0;%QwAWa_eOQ#kVv2ARO_v5y;`_KK*mieKXpdiocFtl}83)v61qsu#(
z0Hh3k^R#nfmH+N%NMv&B3xiGklO1+7CgnQN-^hj5SW7?D@X{{*PJlB)6bYZOH(yg+
z7PGWp%6;EEx;G|j-J=NdXnD#0K8(B~UO+q(6O&Eni||8IB3;EiQh%kp4OcT+X#VJc
z$BHt;0#Iqn)~=D4k*6xF&2UJ3MNqWnYF?3dry?7g`q-|j_lD`oSWqZhX>m>X3B&H%
zhPZb;gQ5&mq!o|6BQ5Quyd$#^UJNqNJ5qqbAs!;;9cf97UM8$U@n>%rLQ)le7VQ)K
zU0L+~ZPA%^ZW+I@=wndsc|PU3Laq#beZTZhHdE)#qzXClEyb>IyGZMsxO2Gk@JkA6
zGsM()XV#%MlTQXZBVa7jP;Hnu%r}e<QTgsNk%$5AS>>02<2N?RV`(j-Aqo+KipD?-
zy!I42rjVrzQ|*+kF)tvN1}DS*sDz`n;g0c(1NoFD9L=@-stpwnziJ`Qm|wNfaFPHy
zcSN1{T8bM1*QVKl?ty7a|He)u=KyT1f&qEXs{JLb+7eqefhp%!ty*PzTebGcr?t0L
zo0}}_Y1KqS@9fWo&#8<Sh@M%Hj%|}tr&Hi|vd}8*8peOFAIJJ=7qTXB`<lUzXYhHq
zBVt>Vn-FcF&WihNMu(N|{j69xg@A0D!&zZr7&kdXI4rh--)LZ?=TS86VfVuEJnn77
z{?a}@81#*=CQB20VQ0FWC_pHS=tedIsA~n0KkzYe&^jtezmWHR<F@Ah@c8#bSb0?c
z<gbbCD;;iGSZrSz;)C{;<PrJnM>s{g1H#$o+RQ)vP<b7G9iMQx{P~gW6;2RmrpFVs
zckTp9xAe|Lc|?YDX88qCyV@1Qp+W)Y?YnIuVz^_RP%bYWz_GCa2^I@6qzt;gd_t!f
zN9Owa{*Z<C@$E%NNW3BsE&kc8=`h!btzG2(9C<XVth<RUk@;omoxORWjQ+<f*}L$H
zR9#(aDOU|C)+mGgb0b?BJsSXy*3@S5I_JNJj>q1by0FqcsH*kYoNTY|XMXEVaT*Yd
zjAuXkwPH+95-<>GK(toSPfr9CYwxK5w_R8P?p&<^V`q^T;_;t;6*2S;$W*yIt%x9A
zI9Ru#K0!WP%KXBe4J(dN)nMGb?p<~$G}PR}<tT3HlvEV@cXhEB78mJe$Me%aT~xx*
zHrLn4IwPBV+$mH#=ca9Z%|)L38uDl4`CA=+$2YJGX$G2fEjLMa>qUeLyQPmuV4_Ie
z;J@`D2}Hbd0n~@vrvdImX57d?j>$aOx}!nBP!O!TxxU^lDyijP<grC1>Gs541H;2=
z{%tQRN5Cs=8P7~9Z&3CpEHXZB{VaD!>*O{_^Mm~wvBfeQPo-i8!XtkA#SMhV_VBH@
z682(TYz#UEMZWe5^MmIVrsFPhjV(Vudw<QBC79JMC|M~vp+Y&+V|y?`D&ci(u1447
z<_d!-*Us6~n^jbnRrEq^2q}yHCI+vur|M!kN%JP4MWbp;kH{I4M;w+ncKIgS@lsHX
zPB5`F-f}!&8p=bW((?(HUXF$=<F1^X?j-TCv4KhW?T(_O-E#Q(`GxL<R7-jf^X@)<
ziXdbg@iyBF8b-Lh&n{<~pp|<J2b>hpA`lI?9&TUk%sdo#!mIuSaZ5bcF<mmAkkNyv
zYrvg-3c7mi?ROTE@2NVTkIs0Jq`T=9;b`oHN=HI_V?5EFa$6|TUDvK4N`E<h`EBUS
zUna}nJ+Civ099YISqlGJ(?V{kylF8~mjsjDPs>*8N_E%OG0`KwI!IYKLKbl%O1HH}
zkSuVZdR-&WuG}@qlXiC(9TCU+5zIYm(c}P_+*-FD<tRiGLb#&Tl1{m%2E3JUxc(1q
zm$xyS>a{zyn5*P*!G~uE6iveb4#3K`xlmz5+)eYOVD$N45cpyHcS#+mH`r4ZrKG$t
zy*;;_Ts@S>S{f=+y3cw@xw2!>85o2GX>Ne6lj`}=7X9lJv6=hOx+B7Qy9OOU+-b)B
zWjdlFen#>c8HOg!u%xN0%q^XkK#eTsx?Q0soT%$&B0AhOGtpo||6-uLN#}SP4!<fi
z55EEX?mcICC$CMGt_8mTts<^%NozNue5C}5%AsxCaol$28@MIPLBgMn4a-wCh@n{o
zs<?f$3M<^MZluBl;2~1KK{5}K#}d0c{XLq)Pp<V3y5lEDtSI=&5gQM?;Dxu`=ULee
z79fumj(r|jVRdh39Fsbe!%wBdMAQubMsklUlEvp}kfpA1iqv<cR51gzlma$-Ny%g#
zNMCDwn-F?!_I@h>&&Q{u;z+so(KAxx>qv9Sk%>L}ixor3Wo&%0`-II@N<u}SsQys`
zyzWqB`X6x3v<Z6^a02-NJX%Qn8vKLa;wSH4Gxt}5m^z&7@VE}J_B?0|%qeTOxL=hm
zt=!A=mp1W(VRxeaeSWe@75EL}E^5vBMRo6zgu$eU++2Fm7_owB=xr{uOW{Kb0p9Zb
zEMj!P8Q7lB)sqT0ACGkPfe^*1Vo`3GMR3nhI44`X)OVBR-}5W;PaU@B;--9C3=~10
zp>j<pgiy#|MBT{sD-_w@ei3p3co$j@g>sTxg^ZQ%bUaD4re|RKwXT1V)S9y3-hJay
zoGapsTIOCy(^kQE>49tA&=6VvUQ9_TQKrW;WYxR^oTjxi7hHI^WD1&2xZ<rG*y?w^
zYUd(!ceZO^!Gl7T<!RD&Aj3`_>`py7%uUDiZc84bXPKL4tvXX)vIl7#B6BN;{pUCy
z;gNbvp=X69(DF<2ZzD;r2cN(XseP<3M<O8fB&I@*dfrb~+>39%j|Zz|Fk8`&pfi0#
z+V;3k))45Tk(IjNV<Pt_N152!Nt_7ixLp?&XgZ)5^sCHWIhFVYo6m&`NV8|}vKaR0
zHGJp%ql>17M=xa`HAj!0l)rGPTOjuo-((Lf?q}iRDL!mJCJK1V{?bZC+t{J&z8TSn
zMY^UyuMpi2v9_9unT~I`COmh7RApKt*D)OubOSm%jf3m9AG7rl=v7(^(b|qcv1~4%
zIx*}5APJ)90!;8rr{ZyaGrC=_!wC1l7We(BNJcRoLfA_$9N$&{lBK+{)%C3$Y{OZ_
zve?YuDC3Ab)qq2@1kmfzF6O4={9p~oU=u?qXpxpRAQafRzwVyH61QJU=|7gNIMpxY
zs~i~L#Is2#gmr(3Y#*`BnI(38c3&Dm<hK0o+g^eWzcbPMkZAG*av!Tbt6<rY+Q+yD
z%Gv_bt-4PWF}Pcwb)!4nZQ@W9olBW40~O$_^QWOB6i0L;rtt5OZ%1HiO4uT2RFcJL
za(J1nbAvFRI<km!v5dg?tDgJ6+<gYx5)UfDA!1Z_pd;ofrX(E2?D2x4`sCoTM;`_+
z&K(zYhVt*(VXfgnRro`<08@?zTr9{^80t4&8^WH{!lmxU8JuVBju%1k?;a7QFd4c2
zNsrB@zY3dewinq{Lef}(nh+^0R8~sMpp;?4fD0Cr2fYWzmNVKzOe)o4Ng?{sHWtuG
z;Jvc3$a{cEQiiE#%cPi<{P55OkKNcsh&5=(AjE!YR&?eQ&B#XpK&x-}*q8&<0pb%g
zbe4E?t};U6eI%D~5B!5{NW6`LR40_TC|`5e(^4hf-4Lmiygl)oN3!}|A!I@-yIv4-
z<<svo1yP=f-e&qGUxdQxTo~<tL}9dMty+(z&EKBZiL~n@;nF<xQM4M1pH)O5Pr4^u
zYQ)`<gi9lMKW3grSIS6xfyz}z_xxl_xyUGSk_e@}CtI@QO;20=Y`0`f_!^`~vNxlA
zod^nhN=N6X5Poyp$(BS?yCqwyF^V4#sZz3~Tu7D0t;IubvmsTexCyzn{P6LR+h&a0
zJ!W0PUADEytV<Shn;w&mxoylQUV<i(YRSjk%KxSB^h-<F1R%Lit?m|5b!cI#H6Jy1
zdqb+w7>mPx(y}gXE96$RWIIuF#RtTrsl0(}o6%Gj^-9QX2;F)Uqly^1T;iopyu8?<
zm>T;?yo7fkiI*%(L4Jhomj#>4U?0rE=JHn#HW#EAX!jU^9`L4z(3g_Q4K7l`{Jpqj
za3G(<XTZFcHzDRgiC^P7#gQ4Bvp1GKL14+SwFUt}lD~{Zdgbn(Bq9$n=W5euC@VzW
zWmxc$Wx~qwCWV@!pSZWDLBCagBWmVtmZt@Jwgm5n=xV@8qPNQZm4Z6~5jVFZTNZ!Y
z4|F!}+T|;f!~f0p?bb=`_N!)MIv~CsWtRyy*yWQ7*ByY2j^tspVX_`9_=}n+4gJnE
z@in}PtPe;hK1KwaGSQ>DD(~y3ybUWfGnMWhug^HZ%^?@4y<QIb-(E?9&o)Vu2Ka0g
zYAo)#OQ>;P@Ukf#eyF^J;t7X>l0cQZGurCwty1n4AY1Ga7%m<sr&kP@|A!BM5g_1S
zDj=h%F>(b2{d7<}jBN7&7KcF`=~hp&g&*qHhDslrfGCb?hs#ZulE%F+AP!Ke8;Ru-
zYc0*Y*UUSm88wZ(mEIqwnM#MbyV!~f>z)ndVV8-CP<f+?spX(`iSd(Em<z$S_G5^=
zD720e7lzG;ITbT-2Ju|~lU{Rb(<{m&@aT^`r$Wxqscpb4_(|G|6d+6JgZ%@m+KQ1}
zVw&7=%;AAZDV#S92ZqVV2xra<_R*@+CL&_iPOLXx2+g<2S;O3)ri<b&o!RDIDCEeu
z@Utbtd<9p#MiGT_If19X%Aw9me-D$zbYwG#8PzY#Sj1o)2G+_FAV{@w@K?E_5(V!b
zRz_MPEJXyUV1tnHS|*{(4(Vp~9T9+*Qmh!HR}>o;;;-jRxAgZ>g7uVcBwA4aVx{4S
z`oj_~2DTs@6-dyZam6(AMyf4U%V;i`Qp;}=mQM+he+rx0GCogJ?t@hCn9daHz-0C0
zdr`D}LMYmjFneSMBaJK_!>N&mKahBL7AiR7SUOS4fmDK#-{B}@TkA&f{l%qxh3Q1A
zBqsTJ+nW{cw8;wVY7oC4GB2MG0ytiKZUKZ*nU}Yof-Ln`Hu17tE$^8r|M>?B8o#T*
zT1i|8zXz2X1tje`)9V8Wb<Qa8Lezgnm$C0M5COri7=uZ4A_{ylp*i3znQ!`hxdVou
zJo8O`B9RSSJ0&;&YCc2z0myZkY!gRB@6RJXr7ZIw>>DsuNcUV^7fII&MFu$3J4M|u
z#g>WP@1HC{`=ndU2SE<^8L{UjJs$pP1oen<g#LT9{UsPF?7@o-290pI@UI|TmlPvw
zyJt)MMgI(;_P)Z06n60{2&h8EaF1s!EE}4?0tYTQ09o#R@|kC_k6ITV5}LZcpqT`V
zwv6RUx`sL*kfTj@Nd4dLCNoudc|#b$<`nL!ne^6V@tt0zziyiHLe>`jSe(#4@?wE0
zOpO*%LZz7T$DY_Fly*Pi$y(IVD94u&^Q?=&zYw{+5tn_=QCGu;X~$*Qur-@sDx?kZ
z_N~F-B;y7KC-7r7=2&)eTt?;sGYj~2lL_M|NSPh#zy(C7XWKVssD-H9kyjXla5E_C
z;`d)A5xE%Mi%;=6jP*BV*$k_RoaA#T!N=s<Md4*uH0_Rdx(N4iBW{5uZc!SMmcKSn
z>XcR}>+)&mkBeJOjeyo9<k@8&Kd{irqar=hrG$HBXZag8%W5Awcym#!=H9I(l1IdC
z2`XlP;EhtI-OB_WBudgp;~;hdAs*@P8wFb8d&c$h;v|e9rvh*vt{hRONPMm)S%JC$
z2vpA<;1anmbYNq*4p8q=?bL?F;;zD4SI<2C(Pvsfq$2k%{0dg_l)SSU>-+qsp|kph
zT;vx1Iypy2u=cic=nbom8MDE5!K&*<*8Et!5UrhJ{ECH&GF6<^hg?S@6A`Ud-5cAM
zu%1I{(VT5(J0qs#4GQfJaCv@QTTo$Z5$Avd>34=)E$r5c?+mh_#;nHafr(O$!6N@=
zN0qnq0~Ib~oAq(ry};aE(XS>sfE2Or@yVFq{GYg0#sBQ`w!Y|SZLy}QBjo3jaa#z1
z1SYB4TbV5mW?j@C!1T!h8L;Zn1f2<Qy&rccDCA@4y;OgxQ?m+ksjc7B-72>&-cj=V
z-j}d3LF`(j%oZ!Y2$ygCjEA}Q>E=bTKz@##Bs`W?>Fhr1Yz+$XSe?|x;e8iKEOy;#
ziB{ANlSWuo4t(xNgD)e)qqxEoO;YA|^J+);9$~;y0r;?D7t7=5HOq1mrhx<9yc272
z0gcp>Xn&&bdK!7;m_{$h1T{XD?1@>UnT)C2SniCOb-ufyC+#zP#m42!3U>+a0Gb^~
z&b7W;wisg!2>C6?=f{T)E-eeOk6A<v(+1~a1R+AjmK>9BUmDl$JKLEHVjnR*Z^K7H
z?EkAhP!dCQq=s;JuZwz5(7O(22I&6IRAVhDPCBC!x_r)Ek(3y})idouvHA`Y&q^7?
zH=|sTSiFei&x11eCmEVPoS@XhyCDXY384t6)h8#Qn9-k@bA!5Q1Nt`+iuYlV$OBv8
zE+nswD8_5xnDxlt{Q#Ea+=?9vqfb{Q`bWfZ#LT=k91#&M19<JFNlz2MY<_d47|PjE
z_iip@=V#J`lVy(<wQ7==p$6Pvu<yn|wBj_&e3iOoaPpe_ryb5@;fWlP>`7zvMBssz
zQ&4r4nE{@%ySZ<mAwbu!$kS!mIIZeSfR!bT7_PDi5QrLm0hrH3Y|`j&`3fnB<b<YS
zcse0Vb(4?@{(#zmZL@!;6~WWVXFGX1Azyt;Pz}zB^vvDX&#KwY{RPEFu5s1dCUIZ%
zGFx$S*RiVbo5cNlgs|s{(XnB!Vne-#7lI#ZcI<4tyOpaq3?(~DjF9KzO}INRDW-(g
zvTQn2V|6Tr@3zhROv1)c>V89xDqp)~q)^=IsdeNXwv5A}I-ic1#h^Ad6adclx8%fx
z3YIk?1Wf^QWI~6(z4uo@(_r_PRGl;ycbbIwDS*#8d1&37+(uP_vW&Y1*`r7sd4;yh
z3sC{YSCPq#yH_3?QmNb||4|$rjnaGH1L8P$aW_YB?&r-i$JCgODY#O+a6E$CwX@oF
zU4C77-uuSf*8kDkIhf`_>}=Bw^k^)?#7B+Dtgd_K5n#1Z4kX=?in#hFg2nm3k%VXo
zpZi@lWfk3gyqR0A=pa`ufBSmQ{yFeaxlg?Oq)(`|)O~(Dnk<EzoIwDKDtVF2v%DFk
zWTrwFR@|zR&*)}$Yl#Pntk`<tu0D}1`!b(!uV{WOl5{6B0^_OUuAY_np+J<M36?r{
z`%E}K%~c4q$VH6%k(#dp-G@TBZ%P;CNEo5cDO;y*t_zCl!=yw-Nf7U<b)+QX%17Ou
z7+t>E5wg`z^SA?k30318065z)w;~)Dqr39sB;~0&mM_J8q`e>`ViW@BkqhJ=kl$PR
z9Q4xLu0=sh*k*6T9Zi?|=;t%w)!^BTX2&)MdyIJW$VsCv?xYdTMzacnc6S03MX;#_
zBp1796VkGmu`=>}BC&Hd82#1!Nc^BszeI{U$Wq5ny;P}bc=0gjCMX00|8dWFk~J}Z
z>|>!57^}gw@rR8;?n&Mo;(x*1p+tLw1kI)H5qM2$aQ|FN+>PxY)Yr)Yi6bibqe(Fu
z66P)=1vw)d2EYTz31r$jy^vS~P!D{>q~9Jku?pM27XR;P*T{YRa{i8Vr~Z0=ydKJ;
zE5vk9)V#B6;^0Z=*P%=_FO5U*=C|U8LeQ9sq?TPVQ%+{fqpAcOtk@;X_Q9OT<As4v
z@62)`I{e*51>*|3nGy525PuWKxDbTZI2Y0pxR5r_g>=Ta5Rdx(KFVz9{C035j1{p9
z9DWV-M@-rsi9HA1ksT@tKWzGMnqWaSt6<cTFiB6&T(KAT)F#CZ6Kk{x?MeYrt)BtS
zegdy8Krs3B`@)#B@DU4hcL9vs-yqipk0&X$)-z&W!aFMrYRw>aDA+FU)>E32yRIl2
z1jYO$;{8vZi55$Vnw3H5!9hN%<;fER0?f7KQTd8ne@b2Q2ksUW7R$9q?>#|pNt08@
z-$V!L+Huvw(RV+r2`KtCs3{Ny4@ciM&_BDFI_*S&<)OPG9?Hdf;9qZdB7vT6-<W$%
z<if_GX;qDtEF#y}PKRj&WI%lJ*W$t?2Z+~Y?s~c@zsP4!v|LT4jxk_;IKhHg;Y}XJ
z#gu{-ZsEZ6h*N_P%7PQE@=|vjSKBad)u*^wXrSEv5f1I^RCgcV&}#7>eaz{4Zw9`p
zRJTDljJuL!$26W)>prZgQ6I};X_BMQ<-=TfdPVwhik{G%9C0N@6sZoJyriSEOMJBK
zB{SMp`|gHa2EoXMeB0Q{UGsFp+1&jog}aV0SvD36@2NU8gB9@F(818e>8(XUzEZdC
zNI^gWIm!7$&$0|@?kM*x#+OxU=V`Pz5;|ASf~Uz(@PjKG!0h&2DUni$4^+nl+)Z6H
zKp<nW*Hw22_ekIeK8EdnvV}7k-0B84AC_K0+}#O&20^hR_nViSY@?Q+8#Zd|06W%b
zfg9^N!$43<6Hg_G^7jsa#aXQ=@Q9KcFi?yIFkx2ypFX(83``t;&mYOJs5{rt<r6Ar
zhw2*yC|6y_`buJH(6=YT+vc+zv5&Q%7gbt|Vx3x&gMP)g^={s*D4_~IM}Y&(xjKd@
zmF|II_#@D8c`EKqYZp2@Cii*P8_+C49l6uf{d4byxK&_eb_*|nGxLMVAq?@tPhK<_
zT>73r$+J5onKi72;qFba@^n4^i%gF7^l_}#rwmO?i06IyWI5_=vvTXkYsVYb0h<Zt
zPXv5%MF=&gmVLIP7K_woP+j1VnmNSuAe9#i-P8D<f+>Wg?Iyn^1MR4EuMB8S4jY@S
zJR6>HoHD7nH^JG|kZ+nLYhvD*JN(ygon(2vDqUyvv7hG6Aa-nXCUoo;ozRZYrdM*w
zWz&Z&=4rWX!jAL?!Q3Xuy7d_ajqQP$R1r~7i@DdFL_D)GCHZR}EsL#)c^QUz-1av?
zUg)uUw#eRY#Q-}XfNv3<35mslSi$;F7Fb{7yeX8m><YUi!l5$$6obl4kNpF01DK2T
zb-Q+Q7*%j0%$*>gd!>iS%pOh<Lm25c3_zYA98e6FD_Gbs?+(mP9|z73QZqUp>+i!S
zLyoq&d-6|!ZNoCxQew2J)KN!wOaN-{anb)<(_@;>9V9TlEXxk;Y0(~|9^U*R&(7>F
z?_;93W749E<&Dd!XTt@z@Z5&W$$i~s)PKF;_?)mP%*bsnX4n8Vc7wXlP7w`+=P1Q(
zxF$I;L|R|s1#$9fWqtW~U>~QlK^a~EgbU06I>v?dd<ty712D|<1saz|3k5e60cEj7
z0@-n@(Z_OyY1yH35xxn@?>GlabSs5HAMI>&TX@m?O1z@H(xC?es=1J(wikCL2O4+;
z4fnlW%HZvw;cs%2u;OgE+tB&iAf7KHwZ$W<_4Sh=I65?{cDrubUT2|?&h$15>cN{Q
zK~J(hAdlu3o>N~N8(fhK=TyiU*T}&iPTmfJ74PC|#iYMH&LX9agUFFSufXbS$+c1j
zQDk2tBr-sMv1p2OAT@rudtmtDJyFg<n{bg|X$jApsqx7#zJtGj{2mzS)y8q2-v_6}
zyZPgvN~HD|pUlA|B2!x|(IY1-B@vuddv=P|83RR$K@$c>@V1ErD}3R0?aQ~ui%fN!
zAq2#m%flrNHwQ9+Z{`c{Jhc)A;-U6H<-^@hLo30u4zLSIT^@}cl_QC6!CBX+O{8LC
zH0f~n9G*qWhG8o;r`)Uc-aJXQi;OFN0B0y((|u7ix7JwE@ON%mi`^-RO4LHtc=<(L
z6TS=xH-=V0-M&xq3S@$CsGP)fs~PYkwC}(r&=jeS1L#_MoXuk_atiIW$N+}39y-&t
zbJ5>DR^&${dYCsNZTZ;D8WU`j)nXnh7gxZ9XwYX9#ipUzoZGOald4UOkh<JUan}SX
z?n5xt5#eqr<UDO4Q4$VMw-*ChaDW?@__od0s);q&{z}|^Wi4nIUMDXwO+GPEC@8Ka
z(;;I_5x#5{IF-u9_<179{cpZm2MBtldyPP^{uq$k$5SuHv<$I))bTl(I`~j#WUbck
z9viX#G_!nWDOR(-n6gI#`Kw5<tE}Bk)~<fj?poR{p3l221o-jy8IB2w%5MSn79JJw
z5#IBg_j4TOU5RS@%zyDA#us13Sr`H-@-`lt{y~d>@W<?f_5Q(i_P|xBmWTbLW!YMu
z^A9eImD$82reR&ZTy0z%R*?$#sW0|9-txY&(`H)hgcRfk(1^C1P!eLqNZ-Y8diUqT
zFyQNb`Ny&qZ1xYDvJYmHU63z60Wv2$CCxU4FWD68H}4;33ZofYWv|!SYyIZ+J+aqs
z*lSRb>5qP=N^W5`Z61EDw$ek{1mp(SCeQ|Z3e%HD-UbwDwCH<a8gFc9_*Js<Flsq-
zx;b^-m)#W@2j&nO;awsu5Ps?Mu!Aox6ET1kOpy65mEkTxwV`M#Xjoiron-*LN=woT
zZYS<0@VAwxY!R2f3|wu{8y$M#R>p#pi^gb`UPg^J-;TvgV9G?7tI(ul)}ySdpsSo0
z<I#R;A0KQT^@Pm4xA$;sO1Wk%zj7xzYOR!VJq220e60k6X4x<BcFL+iFkhfrI3Fac
zG59R@H%kF?yoswS>SoR+WmFB+=B|~*4I45zh03fMt1QP*M3ouuq#i}HYK5g(!OShi
zN*yx?9lySeENoHI)d-fV){pdUhT~^-Gp@#FMSL-%?-WX85p6WyP6kwb1X05&jd0dW
z5U;QM(sh%J?tMU>B(0Nszd<}ov{3ER@!iPzqLx3R&@}u07GSmH?yRYh^GMKlD&@M(
zj`wg@MiaZ3Y<2iP4w&LApcOiGe~I_V`~U!Fo^V1=C!j?7@U;^<Qq6OsdLmadvq#1|
zf=^bB_o+fRc^|T~ulJU+>cmbW+aCSlhOp^BDZ|Sy^G^`b@v(Ht5$2rFTirtpY`EfI
zBQ#MwK<w_aex+S=S*uq+waasoiD1arkp#oI*hr_=d-Y<`BImZ}33+38#zY?(j_pbJ
z5Y5=hIN$c`!5V+1o86y7O&=~FUt?F?OZ{yKJZT=EMLGApO7Fd5L<C*R?L|1;rsSi7
z#lXvL=de`4Qzshz;KLiFOx}SnqcqnrzqY8ZgU#lr_H%;cw!12A2zMGDObEGy+_?<`
zW0F4V;~DjN`lu1XL#j6Gb*25CL(=ZLEHEv-tV(yyezI(ymIK%SE>mDR2r=#UKxFAR
zpAZhKb26tts@Z7pGF#?NWFNKoZ;;it`33Eba*vhOV?7uT1!Zgy?s*({(_+=ZAN3Fh
z&v?3Pv7p~ufpmzJ3end4Zy$)PG@sQ9_i<Ci&I8jZ!%Ea2FOTrBTZg*I%@J{qhQKk6
z=Fu+?Hs5f-P%)?h_kO*_Ztr0A(PHPQfH0Z;3GJqM%l68Pb}X^&hO8>Bk0VVxb{Iqf
zbK-j>1aA97(}^&)&&LY{Mm$64WFMaz8PSd4Q`TD-E>Ii*l^D@dJ?yycqetB<(lPmb
zybgu@&0p#dlCiE0QkO*8toUPfadaVW92e0<yQOxZn8*-qaR-eEO~q>n645pa#pF33
zWMuU<{&%T#_gU$kTI~2z+0x80%GpH*w)-#1{TH1O7UIAz)TxhC)yvlCwxU1iaYgN3
z@C(x0l3H-SXc?Pz5ym>(d~b<Y<kXb8mnP^ou!qfMh;p`#BA%n(F8eK$j8pK^td*Q!
zYJ;_}iOkkkd$2zoRJ1$lBZ?4;%^{_5)CA7w?!^LRd*42<dK6@Hu7+D$1M8xQmZ8aE
z8F&6*A+&c#EAuX<3a}`+Gko(m7{y~^_PS^Q=l6%3$+*D+D3T!Dtc+pHne4G+iAEVO
z`=MLhzcrZ}lib5qjv&7Ptm=4liP2*}DOTy|--TJZ)+!y8tuh6oK!0TGJ=}y5T($k1
z_;reY!TRpu>h%lA@I7#jPF9|iOdU(2m+>R`q$*Z<Q&f4g?{P`j9@n3G>ZEx0ma5nP
z?rS)`kVV@P)$ov$Y5`B1+ej>vrR@=q+Q(I20`5*H*{!&S@JPUM$>05}rgz~v`ab_K
zY&w275Qf3TtOGP==iQP3Pko`vA|6g^L%K!1i^<61>+P+^KFNiu5K9!Q(Aj&cL`oZF
zsR&IhB6wzp-=p-Qt`dKX)5u1ApsW&wg5XA;FvMTODzA;L+U(U~Q+3#?xe0c#`TjaY
z@w^Lidx!NJ2seJNFY3B*eO8f&eVsSgs!<bluT4}?A6on*{X~aov-uinrgDYyW;0tL
zHtu8Z4&&Y&?bh>laJTv~#u%#Yx&E`8)9_CfpINI#-<b#n<7ODpSpZ<=O?=<my{8>2
zpEP_vRJrfv(+yqN=RQ}0du7!La(>hF60D{3NJLMV;9IiWl_f!69&O$%jLb5!K=4VK
zYb4!cpOr*=R&lZS3WpoGZ=~RBN%iYj*6&$s+pnF%h(_NNmW~?*Kd@{#s6qGV!a-H^
zi2S0RsruS<b=Jl1Z^6+&-(_qfW14+$82+$A={z#HK5*#eoqr9&a$iAr#zgE|W3hId
z34rMW?r66BIYS^rC~n-s$wYu}8ZU=O^d!5rm`?1nLe3HZd_}+GS|f62rs94}-4^M1
z#wHK^4TXx`ZN%3J(cv-+f)n(x5N)K=p`Tv|Sn@>x1twZ*XZdU?>F!?cUsdM&?iu{h
zCQ6I)I;mJx_6^_<h&gl1fc<i%Y?1qrXvavRB*NIE`zZt9n)||}T$bSC$|MfmIk`{z
z!0s8>l0N|IAdy;>Dyd2glzK(G<k<Uj8_KgNFIGl*d8)T7=VFv{k;Er~xT@aS@p?_&
zo*y^c6utifakGkZ?J;iFCx(v2&HC`xC7BRN+e_T6&vg_Fg3S+`wfx4M$uAl<tLYf`
zKyI3S_+M?hzW3be9uA=so>x-o9Trr#-BEc359YN6Q6VZ12-do`CWGjK%;HU{ikB0^
zNMImNr%{8Ek8fXbc~SM3RG2O%<K8(L?pq;n7>3!LTOAlu-1Ou;gcPEOIJd9^r^~Oo
z=h2k>T-5Dsl3ff_5Q+S=>Bp)>6AStsYFU8$x<xC`$r$!^xm)gG6G3OgaZdtFK&BH<
zFAq+4`v6YHAA%p4q|t6}Y{73NXyANgLoZ&OG8~n;$IBJz|A&);E?SjFkb%KECe^Pg
zkjB#Ztx*Eqg@wWG;7Ch#7xQGwT4ufa+0;=?)sb?|{3caMhs||m);&2oGD+y0YNA=<
zRjE4?qLi0JubVh0^|&d)Rdrr~K|?&0qHAbEtaFiTorEsb*<_D5bvAy2wp6ydnwtgF
zy{gnM>&P%1={jQdsYlttS{#Tt+dljpyUb7iAoS^pk@>xc)_U)KM|N)tgMr@Xl=_LU
zv00f{7Fqd+;AB!gd0}MrHhy&$98ZP{+rrxVIc-d&Qt6Y)fZbDyY@Z>~7JKp3yy`d_
z)ls$krQG*BbL!0~v{H*7ON`OxyERXUFS&l@^yE>$x_O55Ij)xIFcLPv$w-4~WSY!U
z*X(nMu}@C}=7D|jY=zkxt|SE%T~oYDkf8lB<$S+vreu!Sypsb;YXg^}c71?WF@=mQ
z;yEL4or&YmRd5o;;QoF_3oujkWVn3k&8CeHz1)e#^cqhV<$_TudWSrrFIB6wRx&{(
z%60iIl-#!T(LgFC0T4fRw*c4Wx%@HNOc&}5%uBFeHchWfeiPozH6?$X5}!dj(1^Xf
z*eC9k(aoEOdN4sWs;<4=rzdjK&!oJLv+2zO+-%NKY6swJRp(&$xdZ-C&Y!C@tb7D!
z#H&H>UXmm0&0QI}g?f}DUI54od_<+Ym|)yJFrwCpsZlzwYiBjX*wiw&ODMFlppEKp
zn8olvnpP){=h7lHwjHtbl+f##1u#ox#l?pBG3s{v#_SyPZ0HB4I^!R*35=A!aJ+pP
z^AYW?i%+%Xec3BqZ}%@XUAwqz2uIhPEH2HTEq2Pw<Y8c2oraZMCC)3gRD#)Q+u6NM
zOqbrATWa&E3YoQzdQFba8gI+prGVM-W;icu-I+uc>65cVbBfN%uD<OG8rB?Y0uVT0
zOhv=+c{4|E<>X+_dj>nr;ur(*I7Cf;8}m38@t;})?gH-i=(<$cm%_l$)LA>k$aASB
z%hLVK4;=4r0~IX0Evu{-gxWzWy=}`bCg^wiO!YUL_ye<XSh~7xcGEueHyl3eT`S72
z<o{qrimcTly325dh}KZC6=x;e^kNscnBWZ~P^)#{g|dJ%SAxc*=j<9JXPyst%>Z+K
z+Z{`8&M&Y4x>Do7w5T|>4;1WZ&2PpJJ!-v)*6Zz%(j0h|-I}v3A$_j5Z!UK^Z~}X6
zPP@C#nyYlXu-=-VcZ+O(5O1b=$eK&w?C2jjBh#Q4XG}8#-}Obc?qj&ZF7#A0=k6qB
zm2Xlac4TNQg)@!fH0^m@z}N01CACkQDue=E2sciZ=Si0McNfSn<ub7^@55x`TMYQM
z!CNziU#p(HcA~-u@^TkPJ@N`Y_Zkj)J5*8d%LVW@`<?H4NcH9Ktsc7$-S(#zx`a4t
z15uK@__>Yg8LLABp1Gl?xykBzl5Hw_nB-`2wtteXr|b>5A>w}73%j@l93BnyTznU{
zwMg~)1X|bu=mIWjHyD^I!!34~DU+3|dA2O#7Qhw@M#L_j3t6x+F>?0xl@nUS!AXD|
zk}5gf#1Cj)L~s+eRuUEj!jqS8#dtbB_aqK|jjD_lq{rOiE6E;aO*Mn$!lPmCiiCi`
z&YjL7W}S9MkZ`z_F$N{u;|+=)DH6nyh*^m%g1`jx^Y9YBfZ31#6&@NCece9H4RCgf
zm@P5K@15P%3d~g9>q_duP{XHCiYZGQ7PO+q_P`_Q)2bXuO!+f;Vj@@B+0*MS|46`!
z=_(`E;iV#=R})Hwmt`TE3hImDWgU@UE5i+mP-+A-AzVP_>@1@8wYJL%>dKctvjQ(T
zOjh&>f=+sCHXz>IBu;Ki)b3~ScCdcvhCVD$kjUUBxno>#GFRNYq}vz?bxI_T^+nvZ
z93^EQzZq`N0tc@ZT0dU{0tg~+^lF9T_?8uhM7#UD)A2c^_n)0y;~LAgIS06T(=FUc
zt<l7vCs;UKvD;i;LtS@av?R`(CX}iy3P5a*nrw_B5`AB<!D_$9Q&#Jl;5SDBJ=9$3
z-o?{~-V{6hIeAcl!<qihTtmiybQ>FizVA;qhx`s&|35g18%(cxiyvdQ_f*5Vd-DYH
zU*N<kSG_%!SmUo7o8zO2tnmxrf2^w7TBR2vzR*JQBm~hiMas}vvEZlANc=pT{z_NP
zyZ96EnvQ)yU^XKA#pS|;m^-e<eM*=zuLikS2`1q_HD6~`2AyCr@O&hy0+_<nW(diT
znl=_S>G5#48s@d?AQIDxTFcd;R45L-+S7eZCOQTL%g##R(#VB$8W{7*AF=eVmR^t)
zH!*6UdmsHosFcuUtM!hV5P>ax`F&izDZ3~5hF1M+h4}Hn3{7iQ!LOp@NN~gsP*&Ro
zc*Y1UhfXX^7>Ou#zwXSkUdD2rImO$`yYXB-Uct2RH8=mH#^iyjf6ffKb#-kZhllgU
z8aUE5(ZFb?&)0l3y!?_GjEU2EJ@HqZhTZUFZPM#ff-XC>b^5#6@UikrYu7aVB;~FY
zcpzMG2MEY5MBrZOl!5qYUwB>#WG`F#>&Oua!<?9(o3Y!X89M|MY{acD)K1zQ0acvh
z<$P&<?ABWyvVSn~5tAgn5my~uqLJCUI`~HpOW^R$RW7Da<Jt;&7{u=H`0b|y|EWOp
zF82A*%wEX|(<AwBaIzBMLK!ISaYz0`yPLhDC{}rJpo;S~+rDzSO-jGCyL%u+L+p~S
zp$;8+7$o*?wIq{pDdn>zeSJ_g2G7Lu#L4RL<uj4<(1YL5iypi)=)skYe6DEny)&fu
zs`p71*mfTl`pxJbQGAXz!;|2#QFN5s0DCFzdS^r8|4KO>*RMzD>kw|r?&a>sb}EXz
z(seMdT6;)rJ*ZoF<#D_(s+YSY?OoMhIq8xI{@#E0Alu1*2MZ6eW;YSkyNDd2R67)?
zVBsR1T@Pw*Ik`(qph_2!FRe>WJ(~awpASBWWDgLD`p)DKC?QE}%iVbPS`QuSqZ(-S
zk_ID!5S#}=GPO>(mn445rtcu&&o3fU<Hm8Vy7M<Dg}J)AxCLUOzk>;}(cOm|xL#z@
zuR6q;v}xcdkj_dZ7J`FDbDe~9MU02OAnBgC79~<3tU*7$@fFICcMe=lQ@g2IJi|ez
zEQ%R1$Fec!6thnQd*D--TBLPtVvrOv2B*31t-zG@VHQvdK%x{lX3*ivYVQ{N{>dG|
zDiGi`v-wUvQwqAV_RVSJ773V|M)S+vt;7Y(1^PzxRrcm05*ldShm$%$O$ZH1=$ehv
zg}Lrlg3u2&pZD6(HqoGfYsHk7yUSrVXrR(P&)tP5$+HEWh*A-@re|W_4x@h@byPaT
z#Bok9#}yT}`emo|egi;I^=niK5J<D%n+o0f4zJb@U^`v)>n68pFxzyu)X~!Hqz<KH
z!`$b1b}JdfJgnqECmv1lQw)c>!re?1@j;8B+ttb4n`nbEe}I<^1b-KI74gUHf2QM~
zJxe1L5-;<e4geKpM!LHu`Um#`dCG%*-5RnU_rULv5JKL}W855ORM@c(gCsn}Z6<9V
z6I9_|pH!oU&Y8~qBU!(K_rfSLxvAtWB{*zSXq0=jzLO_I-905$sJeMnU>lwCZ=jvy
z^9z_RxsrXre9`j}Zb_oed*s*@ulsYD;tz4jQExNuPKEjA`r8!Pu@?GUm+db_OWhn1
zke2Bk!b*G6)hbaRaZN%ZD|TlyD7rJ$eF`3fk?>8^y^p-t=}Ei8C8x^)^-g{WY0n{z
zzqD!&w&6a~A7Z(2Tsy}rJ8JY08t8JMg-kHHUALU|^U{InYbB_^H_=$OI7mcrw7(mL
zzLmYNg6QUhJYzTaWREmBM{F>IDR&<yJd*e&u;D8Wq`~k}c0un^XYdRy-QXFpxw$7m
zTmZJA%zZjhG!J+NkB=pI21CSRq3$M_pl^5v1Ly#UyaH<W5%3sdK1DI=O&d-pM~Js<
zg8wwCH4@_LSjyok<^d;RUb2-mj=kXuEc9)Ecj^E|z04ig7_puM++W5aP@y1YKH$&U
zlYFtOTQ&_6-wCESW>ZvxwE)MH>5Kd^yQV&~7gc((DEGo`o@NBMxkz^Wm!?6Q1AA$_
zdfFX^$J0Sjl4;0g+&|0sG?_jGFpavF<Oo=cKTqpSekbLwA+32iV!t2lD>F#aX$XFX
zUVFrQVf+3i2`S0UXTO!2$~yn_EB!$qr~k0tPCut<GZ1Y?1I`#^xVA&x$3T{eyljk-
z7w{(gYG6>Tf$JbIU-|byUTEO`cmr%f5gFto*9yL~_G}(qDM4QOQ-7aaIS`_a<Aixx
z;+BBBuJRiQPobLL$c~P2cd|3L5DyJ7LRl!XGy3XKg1d=zj@%JErk7q+_U>mNglYeD
zps5Qm6})s}IK!ZMghTDM3X#sX&qJLoTP<}%2f=(6X~|s<ayr9cU@tlDOFPj|LVbBw
z>MkAFoE-8?8}1ge1hF;xKGL9dACxR6Ycc~;bP)sk90^b3)UxUxxd2gerJZOynz<8g
zC$~?)6^>mmCwg0eE7=n*&CvePYU3g-0MZ8Dl1Pdb@P33JhB@B^P&0mnf_~kp!4oQh
z>M$_`E)@|AiTj7b>q^~4;!Q@l*X!FL%-5FGBuCGsOb*|sSZScjQwJq09;W?rckYa4
zAB=MkqAm56<7~y%bs$w;SW=%HaXh-uT2hQm(Q<HKVcRNl7i74Umo#X#;J8xq-?_d7
zn}KWc5F`h<dnU<*Fw{L_p^<dx_DM~UBLM`LO!fn~W*X^G?O0zg?ZqJ<g|S}B=q<1d
z9wEeang4DNF~UI$_^D!g+;atBRUZd=oh~lcluPxTkL&&Y2%Dy*Ul(Z(|JiPgQnO-N
zNBh@WQC%_ql_Z%cn7q!I@gB@tp%y7b#jdx)ZQHiRIG!vW=f$;7fFkJyJ_a+Zla(uM
zUK;y1Wt$6zJ-Egkb1Kk{Ims6F#)LkI<y|lX#ct<tvo0W8o%cBNBH#xV-t=}kfll<G
z)IEqr%@@eoVRcBKFVn1{<dvo{PsxkJgP$$I1cVt>cx=Qk*T64}myPkuo&Ez^7?Dh^
zlbv=%_c99VuE18R1wj5JtN>C4v2nGC7K5RJ&C~5AU)^449$#$$0;4Ou6Df$=irp`~
zzOj^S-%&<B>tV6G0nu2i_F@@vv8mQXI?Fx3@JZN4o_pShCbtDf-x#saf|%bvry7+U
z=2k{dHS2o@qX(tQ_~Fn%42zzN`K1gD0n9LS)7%}5KH%Z^0!Ckz1EXK{X&CR0`by(B
zE~l|RGaew$viNY+UtY$8roV*#dvCth|5XXCQSe$mYk3u>+B+?9lxrl1S6*v#=<~8j
zhJqaCax~O(p6t;>t_jb>Nbl=wB(hgIW26?z)9%XCDgIr$w!Wk$J+P!2C9-AFZsG^J
zeYDg88*iSd=MkTWX)K3?XVQPCZFPcq0Pj|lDiMhPXW|_Wan~d**IveLN?P)ke{@%2
zKiUti<6uekbNWf-1GaEdU8-55<8*HKc&TD%cS)(Bf?z*QANUFhhE<=Ypw<Q~)wj)y
z@};%(J_WfDg4qR?1^S=!TLd9HWC?FlOlN)vwM4?;SBziZ3sRF^5Yyq)o6ats$vT2*
z1P0uvF|k0+%&7N0G=cq)!q7iYa{hTcNKS1;a=0FQp*g)K!06494}%pVIuq}S4nIOZ
z3(jvW14d^cIx8Bo`hzF~M(z{lxO)nWT2FQ4%XdT~Z%Nt>${&gF^BLs&v#Gb$Z=IP3
z&o5E_?CBkB-KKOSPAL6EwN+h#>sB2RBESuhuS2_MIZ>%x<%Ex*E*o6aWB5o|c*`@c
zkK!lM?}`Tt1r*n7LX<E5Ql9cXCnU&?xSA1X$E+Zi(M4g*f1`xEJejv<e?vI%+Hq_0
zd!OzIXCK9q&bZJ=<4GB^8@E2)lCH^Z+;OQMC!sakp<(w{@pqZqieo%m*u7D#L~3Pj
z{n+~L@-7CHp?|P5E@;4r7p#flD1}>Kfo_2<QFq=hD3s4Z#*J<+S|D!lpXIaWa99%y
zD9-_70p*!f?pBv}`a&J!JwONaS^QVZJ%*lv&&%B{1g0BTc}$BQaJk?CgJj^gU>{MH
z3n~-;Q0OZSC1+#tii#RKHR>t&X&w!8yPB5kW0ZG%D-EU^G><@QWHzm3KQ*@f!9rXV
z)od&2ueyHY$6%k}i$1<p<=(|)PTB@{4mnS)&VTeVB#*%6Q#BBR<2_q^23P<*_?G(!
zcUCL;GmrZdN|w5}h$gnkr#HE&A=W}7$SGL)*qx6eXdkyza0~oV)+Q4TD%L@OMx^k5
zg<&8s$VJdY`v}sSZdAC72ol$g@H+9H0qlVC=b=IMu;E_P?zVz9daK;zkk7c~#r*eB
zEjLbny)=vJ@VAADI>}w^mFv-qMIsR|nN6V->y<>JJkO8FiE}k+_pJM;PoTF?&8&CV
zkn6O7UnUo6oWUXEL8duWu6mJu_>Mhrr&$Ibn3*^Wl{-56YXB~>iP%((A}-!zIkTuE
ziLZAtVnw?-zbh^3iaNr-(qFTFRGFIuYD34>_nL)K{r^?{56xA3-e%IY*Rg^*FQ06>
z?cPq<4jzK+mcmD+M*{hUk5{&4;HtiynlT=JNfp<BSrrcq6$k&e=-h@?hd}nUe2}5f
za2$#B5(aeTF}$={j7XtRDvnsnV=Hnuvy2oO%c-dAcj1ug=z8W7-lNKH{>7&lUl_Ue
zM4mk+_?cWFu_ebG*u5^928W}wr>Co6X>0VOMPgaHrG?+E{A{WBtU@_=^RWX%hgOq$
z2Ei}m)=Vypn2n-x$Wn80T`tOPTvXf(JuNBK-$b3(d9lVmUgdu+YwVqxj4f7>P0#F9
z9#^bcS~_TlW@%MaJj4Q~I&w3(rt7=9usv#NXI=F2u>n{*GE0?H)2+b2>`?CB3nrp{
z)`Mrr(!-Nd_s#^gs_d~#mE4UqW3~FlUgY9hmZ_o$@16#=3XbSieDd|}WhHGquXHaX
z`RngXidAl~do`;3;$p7K&p|lD2!a#B`T@vFRbG>I3_V=+$3idl{#{|w-eToWPhdMc
zCRu`Gel52czV;UO2M<OX5<war!-d;~3N4Xx-)3h@dwN^Z0M~|f_b4|P<L%z;_uox!
zw++8$dUcMCU0RttEPaGjn%J@~bnB8R!{$b;#@mr$GplbB@J4md88-1o*dcvWrUcGZ
z88+7|!zO>Nune1z_L5=Kr1dq?ST9AV&M7RHr{d#NEMvq<+<Ys>$})XlK_@4E3Jx?d
zJ-4QSMg+A{X(H~T?-lNfS#=GEu@iQwNe=%tnZ5W2Y_^m;*^AO0_-LWp!xLV<z~_)m
zGBA6}3SlqWjm;YaDv^ovD(SU_9Yu{8zEp<YhHJ5e`3`(PqUvz`s;KuZ$}g>_7LygD
z5fY}tKZRC1w%KO36H))O5BlsuZ(|NUu*hZcey!W=K;MJ5`{4S*8WhKVW^&Wln46g}
z>@3IGd#ll)x{WecTiWf0*%nV;amQz&(87fJb<Wf;5v-8m1fw^|jjZD)D0Yva%)_pN
z1uK`WyG|V=9ns7-J{*l{=9j=UOp#sFt!JC<Iu;`>3jYx6H`^~UWF)SaAp!+2!|RBB
zHP4N?r$CO>-V%;9wNv_)iI`)-T9}jcE4Mz0PK{R;sK^N%!<PCvcvp;IUQ$XxWFzz8
zNV&CqK)FGrL#nsRKfv}VM&i@bnryQpRHV#ZG7dXCjlHcD@zxeZa;SIZegW@AW!0R6
z^NGAmPQ_t~k4jCkT;?h|R&WeTnm9yLgogVa917i*R5P-V2@<%i_0P5E9aI>mJm!Dq
zUL_@whI<DxgU-S2g+e>AUVnstMa4ljz+0x-03X9_H7J!hV4#W;iiEz%N`5AXg&U?R
z8j+)XrP6dgOX?jB<Z6f8+%tq*(s3*l{c2NKtzVu7%%^8iFsW!r^hcR8G%CpZv}(-F
z16@6rKByW)-8(bUHM$EhK^41~F<A{gAz3<+-;=8}@b>g3H?{H5WW_f?_E<PWG#MYj
zTDLRq7VgJQP;F8XyK8W~^3~ty>T%#2VO_$l!H<85cbnPY-8L0j2rG)i0IHr1wa>=5
z5OGbkL9~Qan{;PP%*i<x!CM7Rqfg?#tf-D5DKyb-o?K&fzDS(5RT^CA89jZfaxa{O
zbzLv6qIxy{C}b(LZk#6tLu<hi3BMzIvY0@%Ah|K?cr4Ypw~LziVSY-Iqk|qaI4Uuv
zZx=yoRkTWt<9&9fWosVe9>S8OMz16FncldjY2F(t_rh<IjrdbqfjbzNzSzRiQnx?!
zvpCpYL=s1Br`VSe7Iie`-kEOFb}b$8)nMl&p0G>#>aOJ*Dc`16bkHEY)`8znvDiTi
z-?ax%D1p4Xw82yT!LDVRPiw3QU-fY*mbdV&@8fbjjQp@`*qLE|&njf!o;NMt$vbCa
zE7PD<lm8&hZ5WZ=0cpsA!#{4o>nZn_X;iYfsQ!HIX{MWxkgBo%(*A+&tG?OIu9jwf
zeB?zHc2KKCk4DJd6n2ENur8;<!5rxN!^x;+zKM3B2#GK6YrW`X-;n#qT6bBIM$|*q
zR;fGV<aDh%*&cPw&+2IReZO0;$LC0`4bARWHOBs+bM``~)>qX`qV3V?Lu`Wk{EX3z
zcFRuYJJtLHzuSN1|H^M?gxc|;_VISuJFh~GGI;zJL5FoZuE0AUqUW}b_XGF=$TqD!
z8R#ws=3FHfkSd+7*ZZzpW^(4%7zpUtbI?jTX4&#I6L{bWqb*aZn?DIZv7-|Q;!Sz(
z6c&~pyn+wPa0aNxfoFK9$o2}nO#<C*(~R(_$v=V;3p$PK;dI=?T?-dY`T)J(M0f}#
z+0M@tb;L{^<&OpKZ!21wff+Z_pSe5mwX%c$&{Pikt0bMVqwp>sht#sGJBvJ)<qZgM
zO7ApZ;JBmC$F;jAi8b4(b(>$S3fu&k!}kHV#SVNnS&H}Mj@$_tBU}tZ(ffVTa`!v$
zEB6kDaHdgOM9pI-(`bF))tz=CWWIc(nr)9d)M$(Gm+94AFCcwqrjc@Y`ia`#pUvQW
z(AVl6=xeR@m2fOOi=czjS1s|?ndWGBX8VTk>qc>!Bik{WognF=Ik_ij$IZ!|`9aSM
z+&lR3Mi*vo;k-|d@v=ue9+qQiGNij-Uj&onZ*~|~ys?IWp^X1B;c`RB-Vy(I*OaSZ
zS<bT=xsILXx5hd64TMISq_YnTd(_UpZF{3`L)`5`k&D+C)&B+RH5y?Qf7|u`Te5Pp
zb@^&f&)Kc#;D40s@-KSnGIRZeQWH_qU0KLRY?>lZ{y(Q0bKV1^p9mBB0Q-CQjH}=r
zimHC<&*LCBmjhRk*mqEJ_wT?#7#|7e;J4)Nylo4`ZJB-X-BXEuU^nD>e3-rcg!`1a
z)?4_21+WR2xzwu#$(nPL1Lx%R-=@YhAMTwK@c$`0?gl>nRSUsWh(5c!ji%LvQhe&^
zakkM>eKiUvG_%<~ONjlIGh6u=W+nBdbVKZE&qLP$EZD+Y|8g29Mb!UyjaT*EIAZ#H
zh1JOXWZ3Qy<qq>;ds%zo=;XkkZgVd{_^~C}?*DVDK0Ox0Y%r>h9+ea7b%@b`fmR}O
z>PIKFdo_tSUq|Ko@Hc0_x`%?2{QgR|yHWf1@s$<lw;1zp#OK*9J1_aa6NbjdJ7SM8
zFD;yL6aY8RDzsx6ZY!XVK)#2nES*&)=|kS{P;pG_X8nPw&KYLxyH^=3$GOto=)e0E
zR3y(#z73lv@_$CTpQke>c4X&C3|y7INBNMcm)MszY}si~xV95o{VGZAvNYT2NbU0A
z4ys+`aNCR81y{)(QoG<scaN!E9+29FzgkW0a(6Fk7uj3K?U~z*9{gtqT{q0U?=xTa
zY-$gYkgH_}eIaVCg?rJq{_lalz;W>n(Bg^~OFVtDfg9i_>00-#cK&H}->PyysX>Lt
zjqsJ`qEV>X?n%_b03pz&4k{|+Z^5D;1L-A!XpKGiV<A8GAeX^KNjRFl{x1)Q5wumu
zvpwDU$r^a#=Bc&Rh07cSw)m?>tATheajTW$ZB+7mZZ&Qyh3ON*<KLk;EQ48EuV4pv
zAbb$nFcTLgbe>J~wokNg|2DTk!M?dIpw-OaEh3J!o12aTorLrxVLAV0PZ76AvEHMj
zs?RGGg@e>7?}t<uIW&LVY`L$;=wyTD&$+HHItmYNvQNXvS5Wjf6JeCnM-rp}M`@`4
z?HSmGqqv`yj&d)GoJ!^bytHR^CJ#7PU%Oj?*z@1E^QrawAJ7^#5!5@%G(81Xwkw`1
z&^`j85b3|HjdG>#p$V2B8;iCaw0soR>;2fC>UQ&FnI($dR#2(*_X5OrMP{82JFK4X
zCH?8G^i$3Xt<yV-_HvITT8^eq)oxWW$d@JQ=P0y`Yij5aW*QsrC~@;EN}D}5f1!@a
zn*G9xyotL2(E=F<QoGz(&qO)%b7bs$P`uo&_7AU4roW4O*D!Z3#PGtx<PY6VlbZD|
zi6?+58r?#)HL;K2<!AAg8|gh`Uqy!L_BNR!j;bcfQQ`XA&--{j*HgiP?jVX0fCCf7
z4-1Yt$UAX=2v0<i8@htgzGF8|68pZ0UeRB4ZUm)79nO2)lzr^U?A@A@+53knA>h<z
z<PD~#_bExaqlMh-9xQ;Gw9XpAk1EackNchy59#<SyL&sQq=$k%Pf0TIwWuSFp+il6
zc+DDK`B%d5HgZrdVe@3%BTQFOvjU25ODjg7zz25|J+nuDK>f*qx#pCt2D`cFVzI8R
zQ)^UWpj)7X30I#Y#L^PCskF{ZC&$y)(x@$fg>*79?tvLtQTjqCwCi?$X${*N*dfBT
z909kVbcZTTxnFb2$a3iub+p>ihR&m&A5>Lzy!+kw4qZz(gRr4P&_1Kx)wg+b$A8kZ
zBMu0&@CQii_~Za6QK7<LstITL8WS+U{jso_7sK63B0Bd*b9V!l$H7uZT`(wdAs_vx
z-Fhe0`@|%6=ZrouRJs82e2hZZ7R{6j<3F=VF&ON)fSP#uGxspSMBGE^!&2_&rWE`Z
z(p2#k$r3P@{y}G*P4ub2hUTIHQNfhkP{5VYGAooGm@K(WMN_~rGZ#y^f$82W1q$tz
zCh07~j}{lY%O@h@A$wLQ2mgybUs&7{e-0u1DtDW_HkQnyvV&WbrSB$7{)?*Higpow
zoQ(obX4A(8*A}hOd4FweUGgAsP}+IChkI*SwH}wcbH+AWxjDn?pnZego8YzRyGJV9
zRba5&I2IP<>pqD<G(dVjcUnCoZPks6b_&$lBuY`!b`Xg#b$6lr`x?CV3<}{a;7CRC
zWKh&ZBDBCaF<b6gFepYrZVs)b+dGr@ToijJw_p|nf?)oAaxV@)D(<~_xn+h$H$FyX
zeeXC@;cSHZ-8_qa+K!_`J#M*CWO3{W_xL01ItE<keh=A2D>l&f;8Rjg)wdBn4JeVh
zCt}J?wRjZDdv!LC7#%jya|P0^{8Mu0XNvZrn!7;MyH|sLknn+2$$SQTQt+LWop9Y#
zL1c~D2}dwBk)5y}JE6$yH#z27kBf&j=dWX3w{=XGjj^JipyT&T=^fV|sbny*wM>?6
zEZQ3lQERX$>fD;|9L*QHasyf=xKt}(%O>}&D&8erc^&pi_hTY@=vZ~K@CHa`z58~x
z`*E!&AZs)uTb>R>dmSQ7-!ty@p&fp1-};r*>nE{epWqfeLC0k$zyEF@R@J>oi{K3Y
zT!2nadv=}QvlVXDSluc=txK<^vhNzHo5um8vV$?yfUI9@<uCSC4rA+E<N}8R*?<n=
zAvcU0dw;h7V`Hm~a?Iv3Q_S`LI*yl4tB05jz;ECy6gjzCOo1Cx#mnMv>U%eLm>sGz
z7avbu7>^cam<!`6cTY3qGDog&ja&5RWnJqsEiWPXk7cQFf0#+8bstJ>6L{>VFoCZi
z>R^nzeWpM=9xlWpa*;*XxOb62-9p$E=7onlg}Hm?xF&0S_E39J?5;x%x<ADDUhI}M
z#hq|@$OY1vKo#-XjLy6o%H39KV3=+rEABtIP@37$jFE(L_vUdjgY0Z`={64WO>Ab8
z`Jx<X5+V;7C$VqE?#K}HAYq~@Iw@HFivVZLxJPGt$@Z4Q8h_jUiegKnVp8UmWn6#U
z=Bd^LgLqfR>t`A;vP=WRS*go2Vy_yh6P4&I4OnZFr0cF&VlOYsBqp%Gqt`D8xlbQ0
z%_M%7_dIb}{Iljv;uL%BUYADtS5lbIOC-K!&yoWmz^!PKUP)G^65rNx^7@<%=pmt{
z0zOOB7Ah+8Gy+l8;Mo~%G4;}3R;ehEE^S4_-3M@IzjCMJVvsEVjpEi(C=$ocX0FyB
z5Z^>Q5&u@r$HjT$nKv=<Lu#69@3t0)CeZUwG<3)pW?&n;D$z<P7-2{?sl=#3R`T8A
zGyq)c4f|-KlK!dTCuw-FyEY-*y9O)w=WIF6?Ku;H!AKVW#$LS@HKsQoHYm&9AUCBA
z1#xypnleOl$HvU;iQjm#u)`D3;VkzN2M78&e-J*V8TWr%>B4_iAI9dnk+`L_d!mRz
z9aJ<J7fiWil)AZsKR76ve9iRzml1^{^otj#bru~7l~_wGv3ncFy#Q0<o|@zJgni30
zfc5Q2<o&J0FG)FgEoyH4{iGnQuY)p}rE!aE=4mmR+FEHW>E5YGx0<lLw+yCb?zM5v
z{-hp9-w*j#=sW%a@E;ks8B)q2dk$&xI5mB6jfZU1_CGc%tnL5T6Qt~9#j4&8G2O0b
z48q*2tfoR&)E`7Q`O@c$Zn2lWyUPa|UJg3t-wreK26^59gUGn|Pbox7`lfq)V0F>2
zY3<L)*Z2wa>{nF&RZr@6M=U6D|0#At3Fr<g`UxjzeL}lP3<Ia^^FlT<g2NDABA8<_
z$D%0L)b&Ljn)~}vg!5eS<!`aiN+pNu!ad~K?ia2!2k{G6(;&wj;u5<%=4f&*LD9h3
zY>`h6XN-t&`AgxH!)(GJ9OEy>#9%c#ibmH&!+WquSK%HR%pH(Z=wzvTdaUQPZpR#a
z5`W+NYxdzs)7wPBbwgEg?d<Hf0uLimb)$fQ(m(WK?#Xn;?d3ys9);1<{q!O+Pts&W
zGOLw&pVX4Zi&07*=rA+yVCNepTNkX2dCSuo#<Fg@F4<x3HkgOd8(IZODe2~7WDq}h
zOp{MZsdawgJ7JyI4lU%I6lUCoQwwc<?}WWJR1CYy)<v^^9Wz4x8F$T4&y9?9uNX7X
z0F(9vhs`qs9oC6(dFB^ES;O6YOCg~u6xzd`;V<C|_wHC6TK<cUehS-P?#@SPbMR;@
z(mu3Nb3M#mcU(=;P}elH>O209n)|Cp4lKK6IRLm}zB{=1#1MG-bbA?s|6?5v3_+I;
zSBF7)HY^M(>DG=F69nWE2o%J4l?#T1-FgeANiXH=NEcLx3HB~>trn`os>h<b`VN{3
zM|zv5R*j9zZ!8M$^5mh57a(lI+0*Of(df6i&erJXyPd6$_|f8~9Buu%U3o3zXNwWR
z;p$XHN6I(OkrKyQ;_f7*Bg=967JovEtD+vS9wIt(K*n8rJo{=4CuSKgGQ-#nui_XX
zIGT^KVwSqw1P8kbrqg7UPcgS6c;YpK3db!4-|#1JkJtCZ-%+v#=i%k!TdA$sJy+JA
zNa;AM)$;F#MY*3=50|j`#6%S<b*Dp>1j+LoYf@PHMXr$xW(<euVc>Ot0>so(Ft`rq
zj_f2Ncz`<=JA)g+SIDmeQ)BrT1Aof>ACCDTH_AUB#PfmBy0WTlkwGcooCfj@&tk7*
zKSO17<N&0@`i?I!DI|PkQkra1R>dae+2dRCCq)<dA>Rv=vKkUzoFP?BNn-RM9}chg
zv!nOo=ZZ5M)iF0hQ}adFYB+1PYC>+Uo-OFIR%-TzsM&|D*^$ZAsdCgzXf5@AOZ0xN
zy+6#27a$ntu$&M#i{<|}4etA4aCfDHdf<ggimc742e>a$545sdr5>p3q8<PRZ<W^$
zG<Q=5v?oiJ_oxd10#Y0JtbCb&o4NqDVQpu!<P_>`&ME;AdXTA)B2?7fim!<vX>KOk
zUmEfIKqS@QcO|)WD~>}OQwxq#3-6H6cUPn~E^^8CWcgUGHEb&+(Wx!^H{;;eK&r|#
zlY1~n>kf%FK)*t+pxscROdY|!x=%GK^(yy})a<E}Ny)tq;GZY$lDZw=%1GT_>}I1r
z5CH^!gtxo8-%UjumsO>IQW!Nf`q0qOLs3I#hK67l>Zwr7<%VQ4l_cH&%if!SS6N;A
z|H;|s9Fmh0NJ7FSA~;oB1stmOHul=-XB+CR9j*<X6p;g18FRus85|IYMg?aBs91-f
zIM?8SiW(FVv<4K#DS(Ot21i8wf4*zK@5u=ShpWB+|MPqPeV)q6`|fuSYp=cbnpeFI
zv5$Kyrp|Bj8?Wh}5caYv>}BT8y}S_ga&^$ly6j#KpqJXPmvexE#cUPVN0XfEGo@Ku
zhvtn-8QwDo4!9#KWL8V!7|yM%3pKRd!+nkmvNFtWA;!MVmxqf0ZO^Ue;?HvjC?qI}
zJFtZwx$AND(MPAlVz&7R;6j;YnJmY-tr-}gnE3=&CT7MEcL#-p3*6%rcjkdR9qZ!(
z?6|uJHHG-vJ0huw*&wyJ89xmGjjhcuj=H67M*DwbaX0(Lt^Nj!OR~7pKMNMuj55`f
z#n+{q6na+664|mPl(;U=yGpOzN)ki~`frk0P*7huRgF5i$5H)Dq)>pDn6IV@5>j`u
z&ku2@=;Qjd-!gq{{z4a%$IAA4R;0!Dx_7;ex?vjHe?sBX;e=4PpApVSZ&bE`oAYB>
zKg|M1E?R;klIiausR4Y_!wG5I@g|Dr?HPSY{N_{Dral{rpAnT|(noUFXj8$O50k<g
zFa~_Mn+qc;&S(`CThLNqe30EM35r~jhnhmq$aht%J`3GjQ+X73sX(K8AmCjZ@&eR!
z5pP7bax?_{^VO$AQ_+K%$ac~~9H;}o88gd4NPCw~uf%nR)a`Hqyx`5ooPY-JPme_}
z1>D6;p+4!|uH<Hl99crQtmT4XC`PUz6}f3CmUge_aZh)nDK__VPjzeJZ&dt4VTFz7
z`xM<q!1FZ(JfCHMaWgpNJ1K#h+bDrje2|Z__clEK_7|MDqijMO>E@B}5&_DTNz3qD
zles5Kx(Jdo2~ay4v`jF)iR@=g#BD2;`geaovlb9BfIF~~KY_!3=%57ff8;jvpo?po
zrh@XQwB2R0e@RPz(Ik1os|4}>SXtcXK+dwW=p2v!KLM(*!=Q>fCgJWyFOBms8}4q$
zl4V|FFOZ;8OE`^xJG(o$9hM1SKE+Y1a1Qy-dqf{LsdkXGEbbY0Pd2SbJJ#qq;v@C&
z#7R$2ft9%DUPjUdw-NW;fQ*4X#ZI14SlV<}ZXnj7BjS~jpEn3hq?aTDIHop-U$wY{
zcU6~@$DQ5z(<|%%eng#>-P{FivaC8PT&p5Px4<R(x!tLJS(<j-b;k8OGi^$@FoN2y
z0N4-b;v$DO(bCDm9?EF)8JN%W?PL1>Cf2jsmiD$^TCuD5OZz9v0pq4NDZ23xK6)k>
z+ZT1~0po{600caxcN-8-c?i7C{UbeBG7nz!5Kutw(BdfH!y`e9Y#vk5wy#*>30h65
zdu9q|P?4S4B!+9dYR;&;m}^)odSx1V>5)*0U~Zl_yMmzOL)_hPphjbs0is}f-m|g2
z>Ddn4gdc<i>m1}L#VxbfFDDw<CXB842LdJw;<_=?%;<&gg2|Sxbb|nY0C$R8AH&Vt
z3owU(d%a%?PA#!Lnqk7#P!=X@#l)-P1Ze=jBUxi0dc4X8aStX9;O@S$Ej&-U(^2#Z
zbQc$T@6nH`J07y{?ScCG2^DUne7eBP3#T@Rn3xtK%Hr##=->{MS3s-S49}e8WNE{0
z%S{i|AuJB^X?>qno$$-xL|tTMH~PdnpJo{OIa2la0m2!m0tn%ODoyG;-|K#K5a)-V
zy%rwC#qAu#H)3Yla3A7;vg1MgvkoF8TQ0kM*vUH>>H@*}Au5o@WVsQXhoQwUj3I9p
zPDv7e4sa*cW<mS~;p?W!8OQlu<0}VZRdv&@&&kZT=j7$FV(0VS869P4*%7saVe3LX
z)o}=q(ASv~RPQFLqH1fdB-^u1;gbZL1^Sk`Eo003X}`BZzuG?#AW|^gm!DXK!Rkg4
z@Rv1!7*{tNKW^!n>No(p&X>kX;6?F+F__fs0Bnwxd$p#}Kj+l|{m(LOAL##r^!}|Y
z|9uAg&knHveXw89YvO(q*54dp{aeYehV>6jsEL&gh!rl<Y)dM<>PsBY;sF8DE-WO?
zV`2^WL=%dxgG{UQC~8sp$;`H5I00mCV~snS@O*-EZ^BDTPd0->rCpDXbu1VGpG&5_
zR`VF_0`D>5`)n{0w@&y~Fo&xUx4xI?Bk`G3vdFnYXWem|t7QEhXd?2($-eE2$etzH
zRE5Oi+jepv7f6!crNr#Nc%}7=&Tc-ve<cx`X`wU-K5Z2pk2)q;%dRBe@V%FKJNxKB
zL7_H$6AGo@a|6qF1q!!cr2%6L3v5?k&;}U3HOkVj0giA4f$(bsgpXT6GWx#)knB>L
zmY!*8*h(sJ%wh?5%Tz26u%a)7JlTWY${oHZ{lWh&Lm^j-aNoj$rOW}AOv7D3jzMoM
z5^CrCx(#YC5|`szI7r6iAezs`tSffq+Nn|-SGbSI>o`Lv9_}ETDY16R1SL<h>#iKk
zrK~a@?8WfTU;BuN*9)!OI~)-s9qT5+*nc=)5moIR7Qzq6zHg-Dkq#`qVM2|!stR**
zj{U#q{Ja#dWf$kC_iuu=?sR_ohj0FGJ3mFg{j&2THsXY^)t#s=jGuo6Yey@p`~2bA
zs2=j*sSFR^KJNqCk&hMTBHq_6BleNga4+WRsJkXV%{x9K!YX6|SLM`2_LWjbbL#!O
zVCD~nb9x3wcNcT=NAJGr%pHF*uGcHbb!@lm2KZFnt`Fs4u=GbHJPH0%EoH3QaIAY7
zyt5)%?xa9+DQ9l&R5I+`j{aZL<0DuAdbmRK14fHRcz*-Yez~rRI<>S_9AmD+2)wa;
zPFcE5VgbB`Ff^71J+*im*M-sh|2|mhW>Nu|0q?X4hyhs4x<EbM=N-Jhd<hrok5NEf
zP)v?!1kw3i<C5~OM+-!HEcYy74<ZvQMp%}uE;i8e{H#hOCxioe-M@*^B+$}0yQ;q~
z=*$Q|dlBeB(8v!BjnlGW>{)e1JgvaNTDC{?*>T-0IpWT%3M!#$YZr$de#X}FNy0r<
zr0t5in@3@*nlV8}6for~>|mu_<mZxN&8<ef<MO{nqLO^F&P1u#3;Fw*2?)f@<Gc>3
zjG(-FYMSp!jeuB5E?il4<`#P5|9Q$=P42`mseS9%Xm`)wDws`o^dSCf*o-A`*Q`tm
zdvM^5gaTLQI(8xMzFUDTIw}S)lPq_~Wi$hI*`vyz1e@He*yMtXNp}+G#a47r9?`xs
zo(id~X|P#^uDKdn_~J1-Lbw~wMr(mCsJ|&KCU{fV9o=fek$_-mZ{z27^ikOG+{LJG
zwOyBV<6zu3)H16P@aWQ{5+I=-J^voDLy5=l@driM;*8@0RJ{U@uSdd_*2g+6*R8j5
zY($O+?$$yHdMn2gpoL<%&?NZB#&Y0=A<9<a;fNj<#j44VU&IpD#B1Gg(v0c!-CKx7
z?;)xeg?+`9SEG)%kdb=}0mwsRvFTh{7^J{51Joaa`HC?xOq)}d`vvH3YYe{$xLV_#
zm!`joVIj$;UZkWK5<ijQK1{b~SO~}Uob35+*tb~cP3`k)X4`4`B1RS6$@^c83xh|A
zyW^X_!Gc2rk1Q$YW?52Z;6N!sE@SmFOG#z0IlH*7`wtA>hXx+;P%m*=NSOI%8}gMb
zJ+<NZAycq}rDuNlewVzdh~1X3)x&wYI9;tlJh^Fl<VT+PzEGs-@=%F+AX=<hh~5Vv
zc3utj(D7VTB+Z-*yB7{ilkNX|=sIM?d98zVi}{pq=o>5RkIU5ryLRx}x}tlfQIpS8
z-Vfj(P&&(}d*4v}6%P<?YNDE7lB;Z82UIJuPHX%LwoB}59N?O-e1Pr7T>~|j%i803
z-xM8bi<{TAZx&OoSz_2QzFaXR%r)sQ?|}0X_S%&^KallaFtJ&L4$m`@s3Nz%0~)~m
z<v2UtGYLam^Z>Uk7C8uFbNU3t;(%0C2BgB~vAshL6t$X*=I;}v2{-Cd!-tnmfP7p}
z4t|t<87iVJ%=t@zh^yE_jI-BFms3(%<bbZh76JNid53Q4;CE<7{C{zWZbhT09ojPS
zf3ic*vP0UL<>Q;b?VWjlB0IBkLff5rOg^Ejjt{nGJK}%GMBb6)+(}0tH-+tgqGw(}
zWCYnN*wGp2A>vD-kICn6sX}$cG@L=eMyN*bgtB63q#k@ISF0R%EBP59h%==VqDPoP
z)W@;!C}TSPZQ%aY0sII)1pjUl`C#m6HQ$myD$9IZyMy_b(rC}^%6wZND|n_|^DT71
zn{VX;-kvLWo97u<ZVpjp9epy}5(<szF3xu=BRVX*Sh~zLsLi?7Kc0#%Dzy2UT1r-5
z9~NbWz}&kX<(|~p)sjF_hTSb4vC0;o2Bj`w&&cQ}=VPp2dsu!X_i4w*SkX)fN7AjV
zs*A43MGw7r8bav?=ot2oD{&9*`Ac@<*SO-wQ^akEO#s}RakdLvvyLKp_Yip{Q^{L7
zN-<oaO@k0#hrNJ?`R;i+$p3vhRE;)UTifg@uRK(#e;lB8)PX^fFOa;RXwCq{dv({d
z{pHbl!i9%J=kS+Fw8fKR_i(l9t7#z*M+BsBa#~8@vA(^73|s1Z1DP`qB|zw+g2<0G
zw-;e2^yyq!-8LV37}R_P7?io+qUmdQ*$h?WJ}pIqPv2$k^uM))4Kr)6wl+_eDND@-
zC+o_GEm??uLh(#6gbT0*@-gDajRZTf;Cy!~fQ4got2(p@)G_zTM8u*3SBlOIRC!+&
zj4&KYz*8W#MH%rS<n_SFXbAG}072YsE32V9ciYKe$M49UnvlFFU!NJFVl&HeUA{V@
zA6?CtIQvM`lyUZH4E^WmAmi*)pY27rLe!&wDxe;XOajG!!mTXjIJ59Vcl+N+V4;AM
zd#Pp56Z{xet>y`C05H!U6$2dAHR$3f1Z_5`*OZZ^RqbD{=HEdmpgyp|5Z=Yu&J#-G
z;2uWpC!(Q?mH@Qw?!yU+eJ=kW1}5N3v4$!8zyx-*{ZN=x^k@pzHERZVlupFHBK7EJ
z>{fK83JKjD!C%+EeH!DFe4MVOjv=!f@U6w^XmY}~-Q6Nix{eoM2W2{^$az=d&cvvq
z^D=8v>sidE%SFPpvpKzJ71fYpqtc_dN5|SUHUG=5kc%X2l`#c7JE@AQo1)FfC9vhi
z?i$<Qu4E@MNoFp-OFU12^{e62RAcm2rGn}T=5>;d@`_0!k^s~W!dqzO<Ji)O^GFlu
zQOOcH4bSCPeyU)17?9_3IcnD;F|s9`kRP^0y6QMca@jIGKut+5jEPR7VQQ{-8B_RY
z@8-Y`@O2ZfLH31kUzq6s>qY>7&BSY3U(U%{>ocXt=csJkaTC@)D`9+AGQ{3l-{K+~
z3g@~pBsu4@Js)7$7O^_gJG1U0WC)j*<661IO#IESncw1YjMX>?947Fe!)c8{BSAj5
zj$828{PoaycJcVMww{_gLe4qUu{JOPOwB3O4wMk&;k@bC+n>Zf5y#)gr)+u@D$0{m
zcQ<Z?We3w6VV-zuLQ!9^b9oPCLTFG%O&nN2%Sl15JxqRo3jnuUK(an5gYYUQ%*{Dj
z>DCLJWZ_?+cZj<mkS#`jVnAgNS6iqUFxs6{RTC=_Wj&GE|3YWm{h&GHPzGUsSy$&g
z?5NzF#E^k9p7Hq77&3As;s~SwGWQ4i3HnasJQiK0k;j7X$EEz4$79)Bqnl4@&|8AG
z#0VS>ZxmPbO)MVyQHlJmxB5#$SaZUNR;*#?aZm_r>4qv8Ljcth=u1SHc~h_C0z*F|
zZ)ymIsnP8O>=->BJQUnK7KM)NZNiKLpL7!6a7M$~v_#-z5_t=wPicVd<h5R%%dK!a
zGK_qz7f!FwxL60qVd~Gc<JD6PH#8Fjv9FiYjsLnP^EEHHU_Zshz()EQ2SsZ;D;Vi2
z(r|~)+~G*+FCA$`Fw#}iaVGqkSLFJUW?+7{kv<4VIy)F?-gFG!LECVo@-H3f$zY^;
zSrB2QJ<v2UlGJ)vkgtm;rG)HJd@qi08$aE^aPjn72K4V<B@Ck%j{Id5Ruzcma3h58
zHd=^=Yr$8h6dhU6?b&!~Shw%fZTF$})ht`C9+$b6U}9(B&E|V5a_`d<Wsx*M4ZIKS
zirlH>u~x`SaWL{{#7gmE4|fSKx-AEXxHRGa4vqb%TUTQ5kTOPDSzz}Bw_8zcU-wW)
zdAy|cVUAlo+5(-G7qMJV3f*;<*S3>eM_zGzurO_;<$j(A0xhmNm2%66Q@<bAF;U0|
z0Nfu~$perk{e3@$wbOb+2_%X+`$s81D!0(d_)f-aQKncY&)B`IPAs9kO%0~~F)IGz
zOHO^)dEy}54LDSyQ+*boYN2P~&#^k!Z9@?a3J_zE0s%ar$iD=`u0iqEWD(un@lu=T
zx;}OK6PieAZF@kfTziuJfZr{C>bKIjZ@<zwaML1I1Pk>LL^5O(=vxX#vHX0?C#-QD
zzT_q0g*szQ8`4n`uS`+MJb+IKvJ}$~9{Jhd9|<3k0b*)aj?|?)cGoxju(hx9T|H7?
z)~tYS3KaBD8AS<uy$?5#{KTTz9(gzz7vNn&-Vp$HoM_`~9qI@oEZ4#8={CTr@s#Ky
zqX|7+GY=$)-ACmwHR<6VOhbyVq8#^rBo|@p^maM9_ISCUyNlwh`_79MFM`vbQllgD
zI8FWlMqkAgh5NVVq67|)I^XDa+n}m~Y$9`#qW49?eE|h!{kuj(hqrbJ9O2U(y#IX7
zwGCmp8d3G5s@iN#uD}*T2moc>{KvN6GUYAdq`%^d2%8k*=Y`jJnd{W#&oHt*NBikq
zVzfTQVgGP4D}Dg-{Q+>C!wKQVU)*PKY3;lql|JeNBne8=3Dv1*)ym}uc^qog15Hjt
z5>}t@<)q`014}4w8aXgm?}o_x*)DP|`q*^VqLDmqKqq&TNX%xm<l=$n5<bO)LiaY=
zE8T}<=|ut9*A;SibjGE6?O19W>Q4d&>to#l@0)+&#3lajJyje7n{T$mb_q5loxay`
z5!MxTH+P|0`OqvYV99P?8nk*19az|kudLRM_qe!85I(9pnEA#IC=V03_`(?xM<uI-
z#^Z+ChCIaF_h(hsd4KofgofC0#063V6BK?9Cs6spE}jk^`+N$OdezxIOeTTJ?j%&5
zD`Lq-a9%NY4^>ooSLoJ_Yf+s&@goca*YZG&bD^r4CJJ1h51wxrr+gX~ZM8#)iWm>(
z1iIECGYETMsjidyd~*jmsFj2J!(zQ6Kkgj;my*=IJ1K4Q37?2s;X=ij-*;sd0DbPH
zNPi}PXCoO5O5BrpLepk0R*$6HT*$fGTZ{ax8vf+sDI~*-k~$7&oKQ?D;-0(J31;jx
z2M1LyLmuX4PDsa&LS3bi_`aUZczRJx98>Kgd+26IktZ-Q+J$f$x=-VBKf;HBZ+_~w
z#G1{4?Nz$m+g&yipG0xN7e@0``_4qIrwi-VwyV39LKd2+du>WzJ;D3QF;^RK>*Pi~
zig7@I@c9&L2Mh)(<QvT!%|%AZA>ym3<0jCF$|<zm+nqgCnuR$N=#YNCj{=7A)of0z
zrCm7CDhC$L9Mxbz(X#NQm%EFSloXKV#?3$9ma@rcy@qR$r>c2|&c;<$&2!ubxYw)D
z#Ru3Tc~I!iCJ;&?e>u2CrgV2*kuUTSP+sEp0wTofcp#Cv(FW~;)aRpk))v@S6uKMJ
zDE{`uwpYWH-kZc9CGKf_jIuYqZ@B4|ekzwkB6r-JmbRM{_<Cz|f~*j14kpf%Z8hBO
zr&12Y?~u*R?+{}@$o7a?dd?I!wTi)8Io=Qy#Y>~9qq1K&l3rMo+TZ;#vX`KG_9W><
ziJ(A*1^!J)3Ej3R-EHl}X5F0c#1)KkK2f)}b!bBT-hrF#A+f<eYx8U>Ut{yQsxjoL
z7p2#dRG=+1K!#fg!ne1DKI`yy>Wyei*}@uiv#TxaxP;@c^n2)Jz7HOpezXwCt(eGS
z*MWO{iW=++;($>CYdC*okW@GYmW4CO&}Erdi`_!9&k8VC!=><T2@(D^wqdtU_p!il
zz;8VxQu-J<aA~oxTTVvbUhY=1Fbjnmvr)(@)x5~EwG=Y0(q1PTtQ4B+NbAKSa?i&N
zk+{tZTht1u-Ewlh$G_LPEb{E>p~`F|fv|+au(}K?piq{!eg$-1UG-0+KGY~|KEZ9l
zDC$g<LG_~znwXpUq0r_t_*c2i++`G8)WUC4eqME<rB`H@Zf#CO+2z|H{02>0p%Znt
zQgN=`$3~yp!cwi<d8|3T5oQ&>Y!cG!g=EmB)80_yJkt(Gex{<skgltza!~@QM(8@&
zzOVy4F=~PoF&OP5wWrK%Adr}aI}F_(?zZDuP(t8vxK?%Y5i@{l{?ygt@I@=sf)R^?
zm#9EK0%di1X%ggc0V@{V*OBUVZ=m-U1(oy4G0F)H9AT1i>#>l>sBo<`v1h{H^B!tI
zf?__tCT_{M=Z@70-dt$0$uCayxpvz{8r=g@P-|o^g1)V^hQp$leo_}k!Ijo`pp)*8
zTCR1jFas(GwW5Qc;+2RZOiGyHlNz7lf}DR@n1Lc!3u_NE{9SNU)L#!f@3oD$^JAkC
zU+J;OjJgn8(;lGb;0<_FuKR!l#RQINb}@H@iWAE5e0H^;4VPYmE4+w%=UP3|yOUJ8
z?K!#6^EmDvgyM26c@x(w-w|Ia=SP`4TOL6A{PHOZp}3Fe=;#tt@a;vKgSh*P%?7!w
zMbg%J+>|1@r;5w_+=Ch}FUCE;7HzWOYJMY*wY2FBgVQ*UcDHabfFhvtlN0Q4fzhw#
zi%MOotOE=6LEQa_=2wmrF>~)`KKT2D#z;2_MNQ)6jy)sb<p?|l9Ppu+MsOpH{oI`o
zw)Jvrf~?uipso({JZX!CNiS1TOJDq_JJlnNdy1M)dIN#-#9<x;AZY4S8wae%-tN6B
zS!~L=k7x34B~uYM_uM$4siDjboRI7rjCdov!44-JT+TteyVoFCG)<C^+mo5)NccQB
z#QhVG%wF!{$+Bf!0gBUkH}`IJJz{^H3$WZTl;cME;UrG^{__XOrg3wwyOhATUapz6
zuKGCbKi*cIj&<+nCMh2lLm>DTC|I11*?`sQI<cDv+iitCzCbn~|LS30^(0wCv%V^E
zwKzYwS(F|h?k*+bZjG*n$EJcn*8iJ{$S**Y&(k$}gL3hQ7IdYTNB}RO8RT&iDJGza
zceD03J!gSSm3P~K%Wuwdk~GkrflIx0cT4>h)ythO1|k3+Z@RgcSpN|xvq~e_?9_vC
z;3{+w)M(Pfol4|{W=D9TBGx?c?Bmz@c;9}0U9W0g`rtp@{OU$^=#H0N$NjJ`!w>`v
z+)7<f&Kj<KLhyb#>XLb##|d{CS(@|Xk?)mA%3NYP(s$$x=3%`YSje1lR|Gl9EhhmD
z&q4ggoW|DR_t9s!%3RT($9gB+%@}ti7_El(N)EY+h&lcJ6gT_NVL5KbO<3vqR{1nd
zs03xb*kwsk1xJKZmFZkK*O_b>;Y%-<{9LBK>rnOqtpe(9Yg<gz$}906_NFC2r**<X
z0*=7d%xf9Yb1L)I*V1#!-IAe@;vc1SjoIHc)aZZ1PysZ)no8AV%batA1>c7Fo=gyv
zUbrIKAhGz`bUOCk0PnESaD9VsNq6lOkBQGYh;#5niY3amJI@TN4SX(7&gJ0H7y3fN
zD-Bx@gOyLZ2cyu;Yq{e2ObjR##%;;xj&e=oEA$1N_Be43b`x_`tD`pO&GX+J+3$L)
zSb}=P$Lu|ay&&JgqSKGNl|1WFcNc`xM*oz+iq_G^0yGj2+NR^IgX|^u7eN$T=3-O;
zn{a~hOU<mE%i;b>-n+psC4`ARx3jP3v<P0vimg88BjF;tA!Ty}?A_@TbQT22P~rxX
zK<fTUl}O&@*@Cwn{s7QwV7V-TM!E0u?|4DR3noH12<KoYcq1xaMz+mVoXgVRj@xlz
zYAr%^RBbEjs~5t*?_%0eiyBlPb&wiV9}o{zAIAK|-M?4$akH+=m%>TiU%)aFZi|wH
z_Hx7ULvXj`E4e}q8nu*^u8$S)s*v@ayd1i6F@}D80D}y`Pou*Tj7!|Ykud8W-K?k&
zJPR251IXFr%e9jLUk&@Y<w$IJJt6Rgq6t?kVWMQ&6yLr*3F7IpH4(@^p<{dCnXP$P
z#OSG)TOJ{>NN+AN4Xp0;3Q6wecr#nDsb_<_V2MD<*IoOwx3&z2ss`+wLJe3Gz1z*b
zX$7$6L@H3!Gn<E0PQ-l#PpBDaF&ak_OEAfx0Lc3keh{y&8A*#nHhT9@PM66I?@izu
z6yDtw-HG3W>LCg2f;%)-!_M4cgBh>ZLf{SJ%TO?}9^<kDImI6$xKV?3+a6^2nvD=(
zO}8QT&<UjT?;YS^+%b8*^UkNiQxUHYZ64F)X}2NEj5z@YU+9tLit!<`6uX)EsDIqt
z@s%EX;3Hl$pJjKs!u&UQ6q;ASruT9mkE=z|dpjaU@i;cZvQe+bHc=Lj^b?A)lm-Lz
zjikE~;EYLQo_z=tW=-0I&%HuK+**z8#Z#@~WJ@57c=+X=Yl!OWdV*G7vH-12HACM!
zF?D>8sNkg-SAYgc_#6u6ArjUjB!Lu?S-r$?ni8fNR1q133~*aa-iT9)-zpWs+F`3Q
zBIPbN`&$<&HIqX0O8EC(V353cs)@617Kx37<?j{wnl0;yYYdhH+s$&yDFUNgnkC&t
zH5fy_|ACOa3uNEvXh7OI8tps|klaIkBW!aBbWvggw~Y@hcJC&@&aOY^(M`-<IKBp9
zkw3?g_w2Umkmeqe8ax@iB*5&?JZ9gLMFzKcG6?VVQI!$Gvyu%UX?gtQnX!Y;G!Uu`
zt;bW_#a?b(BtWxGq_XjEj3lK*lI)k!t}bM0@+8UdT`{L%n=s_9$qnEaAU=T7wRsXF
zq(a&X5w-0*o6y-9?7pdxGzAe(KJ|36m2!p(!5v5`<l0kAD4B2abYXA{w~PW-*>q5@
zDbPXMLkGiX;*5gP*VM{70vQR_Zf5CIC~37TRLRgOi7FiGY;DsQ(8YFe;%lRd<mruM
zwhwRzeVOVvF^!OXe-x7M+gr)EXP2_3`TrU6{bUEu=&~xL2Q3H}LQbk-%H<uJjiO%|
zv06Dh5cDepw7)x{Dv@|HL7i8PuW+}LF@ELv9jUatwK^3$IPM-vK)MU5dS=Lf<5cf~
z*)EZ`S+qx_724+!9r;_EACTz~W4|_;mH_)r>9m~zq2W$sI)kYhy4R}O`c^P?C;g7?
zo{{OtLNcxCWszxLizSOp8xp6q_aJi}{~A>iwFWPO1GZ~k;eY=OW|8Z-djjVds2Z2c
zADTU79w~Lsf&fF`jUmz}2E<}(Oe%gzI;fFwD)%~4jmCrI*N5}P((sFq@N*)tBH`Y~
za|!<iMEH&hy-B*QW983jC80iuH1Q({=EjkpcE#=i@{w6egoj49_>>6e!z2`wG$_@Y
zn<Hhe0Xt<Y>WUAX1;vnPB~4hzParCXQa$~dPVCOIk!*xT8lIo41E4M&TD$b=KHBdR
zgDIwIPWHJ@8obV~uoeQ9<OU#vh%A&BA(3g3OId^#xoiRhZY1dhnQh!WUNWv*GPRCD
z;f--U`7O<g-8NFosJjU$_BLX(2>fO%t*`X~!<(H(!e@a~#LAOn(`Gx~tXlN)lL%(s
z*HSkr5@9d*F~HEkw_=~RfqQ4NN-#RcPnmkwvjR-{SL2+qkFrKmz%b?AI2PmTl!PWd
zM~LO&y24w~iYT?mp-R59FWsBLVGSLi#XOG=O5x~Djak?j&#P>pRgT**rLI*iP<u^)
zQSw8?t)h(V=sAHOqSOZScYc3XZtz~2Di??E&$UdI#QHr{YKbaaGlwhCrQOWo%5{Z7
z{r<nDm0hvWJ%XW9F)=<7wSVKoC<_@WXJIhY_X!0kNOZ-8p)>L#taS^H{1F&SG%@0Z
zFC@0JknT46yx(tT-qQ7ny<>#~^i7TI{q_yovs7=6PEdkF4EH&a$O;Cb*?R~;zL}35
zHy4E7*9J3L#+hO}kz7f2Nsf>fq0!-B-5<^V{26r~@e7dC#G_=tkz)Z7V(mB<9Im0(
zjIPaU?bmH?Xrsg7PK%=`N#vCx8B|g+ZFp?Ayw2wOFc;U1yq|f;u54#5B~rt>(V9N2
z)d9^t>wF!Ixl=fD=67{~Yjzf33y!=uvEJr=9;ZqOb``Q*0mUq8y!=zZe)RrF0EI<F
z&EzMry<(%}Bl5*n#Jc_>vbWgD<7s$8*zoR%rGZMgNAn?9KLO@<Pe3_d=zi2Rz_fGo
zv8(XB(7iadB7D;HZ+;+enMD|_e-hi<ZJ{`-l#H9vSs$<SwS?5le#JjyAzMP9+~+_J
zG?oec+XrZsmZIUh037Rzb7My*T4Fy!0S@_INT1<S%_rjNDX8wZB1yAQ+^AGJP@2gF
z)PvE|UqS&S*NHh(v~m>ADhu!iULT}o^Tnq%PbILndB%S4*2VH_l%lX>IF)0sZ!?u9
zS}sJg4QJ6lz$<qI_)ZVll3f5R_WJ_OA^;T`>cNg1f;l`w4DfT(^|`GR@FPh~izO$R
zZfF}7jqn*FcmmBFlqc!#CJwuFsFXqZ?&>IPJKrVT(#gvG=|+3na3j%f5Q{IOE^YJK
z@8%wXzUV4AkK9`c7C%E0-kx;%9tkxWPtVTAVP;S0{`=eva(#PvsxG8MA>GT9sNB|$
z34-CaGieDh8}P<El<$^1Isfd5R(ne|QJOe>&>Jr7*w4c56c{iI=QfRaCfdRrH`ZIg
zH%;@tF&D#_EYq6bnn2#_=V=Hvpp3ZrK3s<9mvqjxsyhot^`K;hCa^Y<LcYsR5GI;m
zP9Td3C9038x<&`Oe~wb#rKCHG`>&SlTIM`+1Kx~Z+?#ja2Qj&i&>TvVdJ&;$PcZXp
z$wa$zL=M#jd{!dzeI}BJDu11dUhXNA$O3i`w=s531RdQHF^lY4SQSE*1VpJXp;Yws
zT6rBB#h)|DtK|zV`Kp#ElN$ad)KANm*1*tVH+Rl>IZEYF8K(pX(H3sayhREE3)Jz;
z@orO(cTbUr!*TU~y<2j9_yup!El)!^Mc6TTh7aT$C6&Un9QVKoS@Zszj(EYsJ}jWw
zS?O9+Pvf$p8iMms$ig}D_5tkG+6T1I{*iR2Y6|L3;XJx4$gH+wQ`4bjsZr(S>Mn`M
zt?0pM699ReWaM5ytk8S3%31nh_TT+InnEe;<C&hL>Zk^girkdH0egFSexTpggn}u0
z!;V*!t8GdoM-E|VCs}-{yKo|=%HKDWi5WV+f=EB%+<H~L4$wpa`hoM#naL3K!ip?H
zy?PHt1yX@5!oPY-vs_KhIQk^x8tNb4Cpz&j#N!>pM$|{M`Yv`C&<PdPB6|jbpUZGp
z2==<cz;+&#P`lTiY%kbX@5E<DAI4oj6TEhFkE6Gehnl+&nFiqXcaKLD>v<gBOL{KP
zwdT-styw^#IMPm@Yp=zUGu!oC3rrNkj$ljp)e`GN^c0GJCdR?008igwtRre<1KZzi
zb&3+Uy}T&5Mf;Ows%W#tCF)s7vu27yjJ3Nnp-5pHSi?0_*wU=$y&P7E|NRFUtTf{u
zs8&=1S58Ka(UHS#sfPGM_7e9oS}lxud%K4x;BMCug><ZI<X{tnY4u=kiyaR$;oyxY
zBgzimQL)|4{wU+IoF+IVGWVEL#%s_8k3b7vE0vSdE-38U?2g;3k%!oaj_yep`3Xo6
zIjBpl<L}9v)>VKlb_b~>FZvszCdtZ(%(-fEdZ7DnaL>JtJIcRu-PuuZ*7?*a1Bw|%
za^fc%zCSpT>BB@Ba(T+5V+4^Sp}L%zYxTpwzIzG;=s2B7?9C1K`9~Bn(RtZ1aLim?
zbRsDmhDyv*t~_PIuI*G(f?V$qKL(=u7%jUrbUVtKD8(p6ga!sC^F|I+`&UfL9FL(N
zmOvxlHFl5%>8V_IFCLCvabB)B;_9A-6mi9Ob^jpUHRzx3u1iFIV>J)l3s|ujww@gw
zil*Y19!XXE+`hPgdiI=_rx9hazTa#oM7sKAxHRd4-iA|K(hc`@w6E+S8MCunjEP%I
z=$SI$-C_ktm6OROq2;GdgW1Fw{SU5GF*5HLK<o9{*=a@oJgUM<kQj5xcnd>}CI2?#
z!jmY|_d!R0@x;{0UKDOYBx5Abs)J7vVQX(Npql9@P8M-lx7?gy_*uzd_>ZbI{Bz;(
zA^AjpC7HIbO1%z-uXWYrB;Vz<D!#(BY!dMEz+k6IaC8I%UC%l@VY>5Ln~V>0b{CS~
zk|-pu)PZ<E-KY4YePjQJ(zKPNi-yjdC-}SQ!3?iv78$y9cJr!g;6yr7l)gbtNXv+s
z6&}LX6rewwXA5ko(pScH8PU2M^RMT#WJ;Y>52Mj1cHraI_AdGp7jY#f51nuyge#s*
z<Z}-Tx7u|;RJxsjC|o;a+S@?#Wdrb6sH&A65ru+1xr7KOg8*FMT^wwohWOeflMHEq
zJ$xkB7&;g`-KJp5cOeJxD;yK39=1<KoyiNl5td6%;eJd0g@26t{Hp%nih49XEr+Q+
z|8EWFK1=Fg)N5C8skm?)RLrfP7CF>30>+o?RTonFdb{}57z7b+>g*{DBHs1lTCReV
z$;Vf^lbvBy7%!4jQCN0)(qqMbZbKFK+vmvnmJ{^)P8Q{`n_Ek)xO!L+G1T}jQjkgZ
zpCQ<O*VVWdbwi5Sq=ELkZlk*Sj58QeQj5eOq`)31G$sf!NNF7RVIjBin$g0NfbQ01
z3XEm^EK-0e@Uy7cA)d@r6CY0&Y?dlpX&d}53g76t)fI$gyOxfG7ySw^^wBla#$4a2
z2FjH7m-Dj8RN27|rFLR#P!F6+!d1$N**o9hpNorQ9ISW*qR86<cLSEfSiB-8bB8oo
z;OcEi6vcV{ObzhzG!zg&({pzby1CZJ&4G3xV9hS>QYlSC%sqZ`Ugf~*0lxEn75|6?
z@jeL2TfqHb4sdr{U@#cH(7jCRA%(;)Ai;)mzONWBS16jo4!=zy#N8Zxiy}(?nX3Vj
z1j3}fJLw_xky}E<S0^zB`K%Zsy%9}A0otb;rlCyZb?Up6aJU@w>q&=ycPEFfiPo$w
zep7p`Z6-J<84OlM=rymp6*RNGhQ#-}CC4lPwM5j}Qe{-qVnLOa<1<MqK{KkKw6NE7
zy#;R^?KB&Wo<iII`BZ$&U=VlM{?HSsFE0bRq!l+Lme>J7PO5=I2=C{Ic>l83S$)d2
z_gy#B8Ik7ThIqfJO8Ap2aAz=Ff45>h=(5rT1dr)Dp*iF~ZiY~ov3o`CVtEoEZg-??
zBAix|NCf~v9hX|R_EuNNrB>m#POgP7Jr}FVZm}cc?tmIkM_X{Z6X7TFQ^boZx|t$|
zbsin>BkZ9)yz?-B)5CnubkslG1S(^d2cJ%Afxa35+GABdVG|_%n@-^N>A>s#$$jCm
zTKG4mSi<$#`bAdm>sYBqd$<S3z{2UIKi-l1E9<1!VA&7iy=)&8ZNwu!VywHS`rTZP
zGop`3%5IbSOpV<*Pg#~{2i<wn;d=~PxAVw!8+%a6(bvh@+SQbuUsZo$_vEtS76#gT
zbS!y`DM*)eQIPTi^cn`EYsjt9b7*v(4(YYiBY%`8{Z+|sXd`I=<zI^q^dNH6;<O~d
zwSZ5&*vCCN299$sQ&Vja48jJ_Bqe1y1pphMSMqP8ZltGhs_ho9!+NaK=hkEL)&YNS
zvNX_^2U*9Ju~wnhFmT+8_a2vuRbQHcKZQ7BMulm5hUxV96Y5JJs5y7a&hfMDRzGN?
zzDxzGPmB7ZUsGR-QWd+}$wYZ7FHDS!+|K4R5vsfK($!<#P+rf^3uRn^F^2nmR(Ify
z6I64II%nwpHrV05c9My|?GSecVWGquK?6h<<bD4|&1?$q$^jUDUtj~AIf~o0U`nhN
z&%y~w^L=rbdV#3WeKcGO<y06Fo9{}vGTkdl!zSA|!}t3-dac;=q<z^zzaorYNmQ>k
zY5sH={x*7N(Y!Y)O&nrDEZLun-*Vx1Yoo4#zF|LDV+Tatsj}g0+VLSiHhA`QcUMm4
zILoT>YYwff8d8I|RYps!+vyUZi#^;3ZxFeU09<`)<{yK=CT>{C-?J44#FIYmV=l|9
zWg7jl{w})?2q3Q`lJVD}?#9XW+LYJO>to@$G*>J`2?W++bSVOdGDN6f15MS}JTM*o
zCT=?mkzGts5HEVVlevE!ncPKJmqV8YNQHCqvXA?#zpwXHScE6Mwy748isocv)VtQs
zqQERl6(ufLEsnckO!&OeJsPn=Kc`R$7u%UJ?i0PgjTiuX{{$usJM!;LgOJT;&OByA
z&c;1k4R402=1H+z9X8zT8(I`C4KD~9UPsw4-*Ro(vbk-Smj*2tWLmz+<VsIL(}fgG
zSMv#2)R>oHB(pI$>iuy1lPA^b{lZwYy`SqRUrY)g1gLfBmI8Q+B<HumGRRDsyC+@`
z!YguYHFwl4u?Bi6bng&c9GWl~4bDdKBYN|87IpB@xD9o^W~R^yo7u;j+4t=k%3a$>
z)Vz-AJOZRahkL2FNZlH{Y?XJ?WXtuiD}JagQR1dhk4^^Y+oIb4=ZF{A{$5ECSr!6-
zV2V=?m{;%P_}O?xB<|*jQfqL@I+w<uCRs-xw~$yWw&%cD>`MP%NmiAyJ&C?Tua^UZ
zT^IWvp+yQ_lkoUG$`EJ&wxAORti=pzCOjg}8eEgCw;FCKaRrP+bOXv_8&Y~x6t02@
z!6d*)65}OkqIt5r+bBU*P<tP?nJ0zB&I6R2DO3}vXlvS%ki0%Njw;z2nB3f`s(yBJ
zw{?b^WKkP}5J(n)ywfZZ_6nTULa5fbL=z|KWxRLXLTHeX{`mm1bDiW1zY?8QeC9gT
z!B^H8vk4+ikWx&~7kYj($_U#hh~-rGZbVIN_dHo7O30TG9P*jm=)$>A@x-@AGp916
zSETQqm+P~IUqZ$kH%{IWGyu9!PqoU%;Pa>5iQcfyzJn4Vygk_6KV4hg$=!mHMvd1`
z@)Q&0jZ%eSh6C5RIA4WP-ivXULT#*6$eT1oTY(Z8owAWH?uk#wvp!cS1(;@inI}!y
zDUoqC>&p;x7*-DmogkRuGZN~8yjP>$(FY%e%bXP~^P_N?voI&i9yFV4#MZrW8uFr^
zT$URdV@ur^L6Z$&5kKYR@e2M2zQ@LUY+B?<g$CKv`dl<^Kt=EP5v#|qDi$9|xauVC
zN7AL`a(q8UqGfg0shsTEX?6T)(7!^w`Q%=U#ZDlz=h|s$ULe9wtK?tk<bvsNj(3sq
z>nVCZQ{_HBMoZ7yjw1&zB0$V3#Oo<SLU(*1oM7x)jkiUW-R9`mn;cH4B@;PQcWZWM
z(x?QTi7nB1(06}te>|;T53bCG^?cQWw+~ex^&MH*zsR|&b=!Q`62&ZP3{pEev^L{%
zz`J`K4VQ5$_Y~6K5@qNoC)d$=+<hmH6%Ldi03BWxt&dmggRxD_)ii~Ad?%0HWBkc%
z4pH)~@6qIU0<t@Vu8xsZjj9o3fL+;4T}OFOS6Nt*U+mpBnMbAdU!-+E4OQWbd-QwR
z6o7MM7<_M*xK&MoC2n~Uuu2>`Fp@7r;eIk`hOgcUE9AV=wIY+QQZ;uTz;3;tjP%2N
z$(^3~B=~|mJjFmdIH<QHSAhO&f`KlJDOX<~AGB|CICevj&FH*h&7qHX1E<C#*5UBg
zL(HMO%&If-VbrO+8-0>^#uqrKZpK6fU$GUfNrTZ0_J>I4yQW=a`6J^LS0|As^uS!-
zn??>>Iw^B^KxN41<W^3W$!D={z#w%~kWj*kw1&$e-eq4h586=c3PPQzh`zF1`6P0O
z>SUoowF&R3bMP63Iy!QgXH8e7aw;SPNtpuAzy(Cs$lFc$x(CL>?0s)j8i}(Xcl}ix
zl(d7Ot7yS2ggNo6voUxH82c#6(4FuT>hqN;Vv|!Mt2hiR8@?230I4Y<aTezl_arXJ
z%K6q3JKzMqDW;y6+<P=H<3u$tcPIH(NLLf|qx)M~u(9MhB9tWOuE<g0WF=xklW~-6
zoAydP;2G1KVDk3?r6ctNc~MSnOwVGkb$ODlYhZUV4xTyL^b3wM_td!U;g%3etMbM#
z7g#_Moe#4^lNO^+RHeggF^oM@ywwsO?B@PliSCuu7C>egnJu_Kqc0M>LD4`JOpj5c
zp6a=-3lv2+_h*qb<k?Q|-BUQ}82pA=X0HSLT5lt`Du;0$uEW@+d0b5`1C<;e2ANOm
z>QN`3py+DTiQT<Qfya@y40ywI^ghku*w2Kp?a75IO1FAiP}p29G+Ukv&V^6QUCu5B
z(~>i6R_?3s(70$_(D-BXG02TrNkQRb@9@pi9JD7wNCBl%z(~6N%5jZF-B6>*Ds9pu
z$QM6EJu4q_fd`%M33aiOKSxg#rv7(rbc}X;CbEAl?*zI)y(3?L2v#ZGRMNg5pMf|{
z2uUUJgK2UE3ZVwv8fvvY!Z<;+kPxc8me?;@ls#RAi_$Q6+ceV8jEfhfF}lM9{SrNR
zPPwlWr$vr_epic}5x#kZMHVLV2F8j`v335cg29U1q2*-1igjI1!g>0ISox(5sEC!E
z%(5D2%NfGF&H6f#xkAdNaxBvK7)7}O&EyzRw`nv+fuRCK9T$)mvz3?zK7~`Sp@s5i
zs<QS?Q(@4DacFKwf$~G7HCrN<U>=eaZNW5j6IY?kkdw`m;E|}-9SMyoL)8Xab#sqb
zOSM_T^G0Cb-93wP$!>f6Jw%J%C4|IXoQ650HPSQP)ahI;>rijs-y;{9?gRY8hY0gj
zr%UbOOh`RBj(#YnDuC|gMpD-Y;Jpjq3o>jZ+~Z1CaJjl|fVb%CE`VtC94HnAYjrw$
zf!=&fjU2gMZpwqbGe6)*ab4k~A?|)o7H!JhoHVD)9=(aXYw)OCPr74H>5I@^5&aKo
zh8po+nG8H{8CMxSRbO6H43Xs(a&{_s1LM{DN{yc%DVxrO+F0RX#xMFQbIWyT!Nese
z#k%o%P0|2u2Ibhjx%lLQ#cwMI=m<#t_=f092#C_)SIQ$G0bhaJo8}jD&wvO8T(|ph
zU^k3G#~PTax!EhCFB^|==ijhg@z_09>K{3tq@%CMg!MK`So$GXRFbm6|E1yAkKvcQ
zsw4I_*!eNF_J@>dt-lN6ZX$%+6`-_r)fKUy<juwoN(R-)%-j-MzCdC6pSY_#R>XGG
z!^(D^9o5dW{Yq4&k<4<Lp0%cW0b{Y84_4ucMT6@)>V8|xVznnXP~l69TPc~LGPC4b
zmai28M-&-*xqHX}#zHCl$3hE!p@ps;L(Nfo!>=p801)KsB2`z*$SIM^^ptA9r#!cw
zo)Ty1;#HXZ`NWdiRlWut5+lJSM;eJ*bhl1`CWHLU^<N}-i+=wE!}=4W-Q4SN(U)mb
zmrUZ!{bOp{J<IvQPfFDrQqlXhF)9a`hfAy*f+}+oq`eOesXIQ!wSvkDrc`Pgw?9YU
z{XzP(ewDQSjWo}^Qvj~CkIbjH+lsb|Wv_r?{|+20>&6s=2DPtS&VCI+d@V$x`3HWp
z%0zHG343}R1<sE*%6nHHl&LtLB2jWmIo>f_6vC8k982|HILX4w)0jp*E8`wdQ>CuW
zA~7hAud$Ufh+iQK?5hPLiF0)WgfjOGIg>1tq#gI7jRAA@mc>-|0m5Xek=NmA9pPH3
zP^U?(CUGyfleFlNyN<BW=Z>*dh1?b3IP30#$PF=sL#aS{@i{Dh*~t*J>RLuDU`_l?
z8_8IOARV?h9nFG?Dd;~4fyt-P`YLjt!LUhxb2VAF4WStJxegu!PY3-j&vj=gFsOzZ
z1#^v+eQJZC`50Rp-Drq#9zb9$cB5q~<%|#y$lg(eII@Uh8(|aQzgtFqrXu8~MI`oU
z_m#N7Tc$U7-%5ksu^R$XSwo~t|Af|Q-cl>a*)n!_x8^g)mUPOUr<ic*C3>J&ET#4~
z{9alNs@s+j8R!Gj^~0eAFJQS_Wp#k1(Vfy_O*o}#YUY9l1+af*r_mm>)DG=c+FRO5
zcRcB14T<~3%Eno%`^MD>8k!a?O$#BjocM*x1g1nve}$+S;eG=<IL-RF24m`={U(gA
zAe8<v2~n9=3iIeIs*e<rXbGvlw=O@6W{plt$);USWNvM&4`{)p<BMY5@;ZYPRSo<A
z+tvUEw1?-Ba%{(yXpS{3^1K4+FgSf#U?DB0ZrpxsXLYO?Rs}66`VT;a$x|5dD7k$~
z-6_rZ&&ZoBZ9Wgra#MQmWib+4HnlPmx_v3<?UYcRUe=?C8m8?zq9Xbofb*cGE6H^q
z=Jw5I!1QWWZVLZN(%sdP>n@N0Ht8ZA{hIH-i}W4|x1w7^bd#=<JBM;M{usSazdvQt
zWZL8opyUNy^w8+hAn{WX3Cn@<`*WJW60ixJ!%d`M@8goS$|k7uv3W8idJ~r-tRQ*?
z{10^*-#rCFd0Z2pK;dpu%-~Z15>hz_pyau|Im(S-5;W^^83R#kS3ql$?nQRK8&G{8
ze&To7(PvS%svG|H*Kr%_@6FYH&AsV6bg*?=4Ux_uJRd;g6C#H<Os#aoYJ;wPq03h|
zzUp$3qChKR`$~?7T2fexCG&wCc$*^3@N()A2MTc+z5*^+mQvG+z<>ihPB67#q(-{6
zTZJA(+^V5e&M5bFp(8+j)$75gK90ZePZfrH2Z$SSO%$2v=}v%;h`8QLWi00TGMKS1
zs@;+?^qS!o*+lX55tChS#+buZVobO}K3?zB2`bWJ@f*P;7ze#bf|AI!7GZJ5v`{#>
z9pl~C9(trUv9lQq-0c)&sgI6i52pkb?=<oWn}d-h5ZlmOgQ3sM3|;>}9(p%FbbUDV
z)7e88y%`K$6G4fXz&ykF?ht9LMsjN&<GnF+-CMa$U$F8zldd`J=W#O&nFVy@FG}Xn
z4G6Fv<8*$!!47!|QkNUq9P9FzSpJ|`m$|m7&Fu6SLKZtp14snVvVqz<BOwzv4o}%+
zch?xZyOYGB2tQuR;D=1-L1fEq5g1y%{b`E1j+D>irQT@jHsQ(dhyH^0IgIaZhwnPP
zU+F<lQa<mBC0lqq0HhcBd@+zOuEg{Mw!Sv}Oo0XPz)R2_U|5MKNV{PH1~42uMHu`5
zI4ZtCc^~$aY3WO146@q$i%=tP2}f@9Bi{uR=ts61)2^FrIy}jDDYIY@auKzTRLeFP
z_z(csS`ZcXlW+k(ffg&YA**%ku*bd=!0AcEy?CND;-s3=giZ+GJe~bU^?OE#Z>~<}
zs-R}VZA<@~s*KyE^`#}$4Ucb=huITVs-F&4F6P9dvnPK_qnCOWA<%zIuvi}<P!WAi
zhvSV=%G1t`kw72Lv8bUgQ-NC+gTS@Q{!7D8ONB~%CES_a!QlQ7{ICkluIgP$tju?-
zbz!+e_*~+FIMZajQgv=LF7BhLC|tBjzo}F?D<yRh@&3vstx{o0t6`AxpJUDk8>~_l
z$+AS|@8HrL$wcowSqTn;LRB^V+__K{cajQKnI34bav$}!+=2;O0?5rKNXdfOo+oY?
zRaXypEy_ZPu^SQCy@y=jxF>(Ro!r>GPhCTFd9HiEis}Z7G+T@Dx|rYqspT>ijBMcA
zaNt@7{_j{Rg|L<L-Q9|nk&F3xse!JU*1(VE=<65{VcJ!#RTH`|-#Ze&PKF1);*CND
z6x#6*M9Jj_^J}0wtOo{wM_;rYxXrBPST;d&Lipt{pn82D)%8P4`FaU{HUEd}*E)WX
zjy0WgfL9y%#0vWb3zlm8(@`m=Wcid~k{1ak?%e6kHmBE!6Zbk}gUL%<gUz_iWt~}j
zwIzJDaHm%}?*(7Y3%Br5LF$Xv3`>!<=Fk(dbql#j&rZWSi0c4vYcM>u*+CJD6T)Ge
zAr?Rh1~JW^Z3XU0(aI$W*!H{$2Edi$l=3S{!nj&1)VmP#Vv>{jI5=W)Wn`5}a*Rl@
zfr<hELwwk9TtmWEV2E-%2tQifN-jx{6PqZu@#QEXOsW-2C`Y|Y?VekS0_IC0l=6;&
z+dCiyAcB31Xu-M)-6p(238$<=yCHC)#4SD}1eXBW;u-soVO#~InW%RaZ`nvT-rX-0
zLZV2hwsfXL%}CfQeWXG6bM)cDvNPe!wMJnX{Y?<e#r=OMf_fGN)yUN%U~bd7BoBSC
z-Sn@aF{k@N_tsP%#a$}xBelds^@e@d|J*vT?G0pS_%}3CQ4Ye})B@KNcllTuiSm8%
z#UIxgv3i#1B3TsH6Ynz;{F*rtRS9XN`GBo{j|9pPN-EHJ`-Mj8|6zdFR}laBCe0G=
z0Zgva1U?#<Y7sFf-d}Gzx;081H!}7k_p}owCJ|HzU3XIM&Ir4?0JU#PV(;h(=5}6g
zP$^df)rKur!Bh223<L&6?ty8F#Hm2+7y#bXyEicfq3NCL%v`ydzxLpdat1|@aUZ$Q
zjzo?-rotx5>6udD`ioyGbPu~q_glD&Vs~)k0DDbI^32;u<*I(;WEmT9xTx_7w=}7v
zJ_>08^~p^}TGJWHL-hWQ;Rtr8*iH>-=1H;J9>M9+*sew_1Yg2r36#pMr^}<*&4^(o
zv%Y4@SffWDSv3<eaSvvCtITHc%=0JY@Qh<qkGIC864SxLpZ{fosNT$VE2|NLbXQ%~
zO=gp&66-b%O_7yHCWRe?SF^**Mk4xcJjD_=E}tX==3Qt|aF!yYu@>OAp(z<j$9Lvh
zU~Vm^MVNqf$h5^J?mAdfYk4!yEpI6q+u~eo37;TUG1+T~jDTZy&&Vsi)D+fdaPvSR
zX28K(%`0J=jADqJ?v+?Mjq7lEQ0!2Ry9ZMf{(J6mb9?}EABBPeJMbFIu@=0t3rB}j
zD_61uI1_IW6sqSN@!3}KtCvnmhZQ<w-G>=gp9z@>>vGEFZadLoBk`YFqEqPC@`0_I
zpgN{sL@yVRIS~g~65-Q#8}B0YlIC5cGxsSOxkfUFx5=Fv`>jpmlaj`0qfSoUa3qLY
z3_cRMDJBp>JE$X8k9HS8DLVt~KbjvxLq@u56)mvbgYy<;v}yy+V#UbF26wo-tAu&2
z{9By{0jTdQ_~z_s*vFZVLeBD9a7ps$yacOs{-15o8l@r=;ysC{o1itPOch&IVpU0l
z_7dny$Ozkro;&I0Q~9Sb?`ImK2oY8_W3gD0gRE`UQas@MS!Z{26UywsFZoiQ4W+55
zuU<NmK5DUk!?3w?xkusHD%<1Oculd<w&g&L%i=$;c1s%vxn*eIkcHD?UhN9b@3i;*
zZROc}ueKj`@ug{lg_~Emn?Dg|#aH4*sgEOvyh8B)$S4Plzw{<BDF+&Jp-ehv-Q2n^
ze0uND4EzoJ0J;{fh6i+Q0BBXP*^3i!G0E6_2_<TAw!t?5U!{?;pJUvQKnpf<!g;`X
ztd)LZ3-|d*DOs-4U+brG&eq1rdF8H~#D6Z2Wz`iu;q!p51tz;dC*z%OGqq|&0cV6Q
z@1PBl;FuuF*yyKWw~z`sqE%@WLSWM)MuvO3*HvXoV)gl$enrT(h!fWV*i2pu@Qwdm
z3p=Ts?aXu<V{mKPy3nA_djF{^L?dN|x)D)S#_T!MSdeVlkv(*)XmX=-%KSBWub<o~
znVi04a^909dve&1idy0YbwuK#>ygJp%HIHQi8tR8j-e`=@kHK_e4xCBFUk#uf0*I-
zP7JVBF2$YvOV^h6OS>yr+N^0cmRDb$o)C7roNf|{A9*i>w@qCazWN8ZJ|IrGXY+Es
z81atY*M{$<-sqW_Z`-h)eAGXIa$iiSw>?-_$d8|J0^cRCnYQo>OM=!Msnjpo?!rK9
z-aUs+rxfKrT59d-l?9D_S}M)3{e3y?#ZO=vH-?>Gme0xiybAA{cL=BuAy#Q$zXr*O
zCqx2}AtS0hP?v;zczkc`>w3b3^~9|qy;9HE(QXNb20bCsH~CDN%nRcr`&^wbTgJdx
zXN;%CXFz+t$IlbOpEO%Njw`ySiJ8wA*Q*CiZ`dw))#&Fb3H15mS}&&`$F%ypU|J-E
zqU0Lv)I71#t>qAvo$B@KTHYPwmRDDpyZ8VMvI;+OKOh&{Rf-ZiPM#!`rVt2xED@F-
z)gr3L0l_ycxDw}b8oVs3F>ksR0Hj0_x4$^(uMm(^<kpZoE&pJS%~*P#H=WLoApQo+
zP{9!TR;4y5!VG2FP_e_~B!106l#;LE{Bfy_7b24d45x|>Ww!cd`8|LiF~QlI4&QJ!
zb*iX@=<3o++~T#Fs(V)(vZ6#X?<<^~4W*)GSobdNDl(K&VL~b1<v`r~GQ9f_`VzUk
zT+;+{q${ym$}bq|g@C)SPUQVWgM=lJPyxB82?B4OVYzSgcM`1zjXd9J6-nktgPlE#
zGh_3+RnEe4Icc)HwGw`zzqvuVj}*GPFGU^XMc#>|Y1SYm{|;FB?(W`+in2D%T6Qpu
zdMl#*VvTx<xb5TX#8Ttg$F&fX`wXenh$Y#ZFkIQv_-#=>5V`YQz-vmUhUvi*Gib7g
zBT>m$swig5TpWJ987j4V;&ixVOA3HO9rG;{b8n5o76+@bn+=}thFE;NyPdiYOq;Xu
z{1}4Z1nq^`0}nhsmK@D2^4*du{7qa<zT|hso>`olMMl{-a>xn4`ICKc7a#brH94xZ
z4O?R*aBc;6hNe=+1xIW|pb6PxBrNWMVCva2yA+=wKjs!ufwPCf>Rf}%;yUvHy*5{#
zG`uOI#9@;)eY-2DXKgnOO{-a{dnX6G^FZJ10-EVtN}Kq0MeZEAFz@Mlq||~$DRP((
z*tpqfUagB)hfyTvc;CfczWt~aOm4Xz;oOdjxAaJQEuxsXgIO+J%pdcxA(W~RnN944
zt}S3VrIkjdqkqDs2t(F!?krRn;87urJhY`zG$rZQR&$<@CTZLcn%vRNM4-5%X-nK8
zX-9m;(%T@{MT?m9Ym;CDnMZ2JEGS9*W^TYO8u^_>4}Fm<3*7DE32q`VO<GUfe@Soz
zFS-(bO)7!aK~}_>oFRR6)kF#X_LX^zzC<qtoPdAg3|OgUi*zi24VEj_LfKfP4SX!Z
z4SmKGt`|f8voItojtX80&Y6!eF18>Q>mqqrdARk+El~~xj)E8{`)qTp7XQA=@KcV>
z0q!hJ(3}@}JbntJ3Pn2$Xz+au5f*^G2SGp~J2Nlfao!a!^-lx`%6!?OO#dq2D71e!
zgUexA#uk&zX5j6Fd{$N)eOG8S|71l^U|Jzjlwx^#h#dMTybj<*#S;HjtZV@4>5c>y
z*(crIHXQbkh!a3ijuCw(i?8LAGh?NBuh9`TZ{oi)CVLLDrx+Zrhx1s4q^cXIQ8-?p
z1)3;Y8Ebbk7*dzd6`~FjDP-)IavSs}-)({=a(l}~#Er_U$y>!XPiG5Y;AQl|vgpgq
z7YTsR$*uI-Y4xbAbF)EpY%&1V2Grx!qehLyS)qI2LN*VCoVZ)wsXUzMontN7Gngpe
zc5F>8-zC9m%9Hg27xM8m5jf`K1uSYX3uT-BmYZM+zTmH-Ybc~Y#z+w0J)Mi7FXJ4-
z96Kr(qLv1mJ0>t3*@pHm3}$&2em`-|^4w0%YWZFF$!IX7m}u){{Cu3TCR8XX!JG~_
z`sXnlKwlIeU?*`&v29+Ndu(Ld%A>wT!3w(Q=`N*JH*V2Fa#HQie(w2aIQC8mH#~=v
z!51dq6_YinU=hpvQ==n$uPak{*K(YdjD3@FZ*<3Cj_cvUVu`&6`nyQ4W@Nw0O;p$&
z+5tsQH0MDme{OE>Cmjp*k90fyKeuY^;C^EVjnC;fwz?`kxZn2=JEDJT&_PF}h71~X
z#Nnw!QmOuj_CM^9Bl`CrG-U9>-#={dAtxPr;-M!F>37QT6UPo3JF(y3QDcYnQzxkr
z>2KUgPR@u?C-og$rI`i4A~`vu2aOy)SWlhqE^M2(7wAV0p*gvjA=#q!P&sLB7fyo;
zL^`uRnibs<G+Tr9W52{PrrG*F{Y7&g=j)w85iZHbJHC44_~9c@($aFm7n!w=PLItz
ztV&y>epM5z`c;n{J|XjB&?%>k8r<glplObp1gji6*jCnNz4l?S-puc4PR@y=CJZs?
z@H_K7CP-jv-8-otxJ?;MU@j*#fqGt57s=Mt>AFNyCobY}O!g^3Fz&{;(aO<b&OSkh
zoYq($RAr9u=Hsvy1v4d6#UR~5DR4{07MJw@EJnu&NA#U(%0UAeiHVHNia-p^LpZ(*
z0^t~OemJ6+7wh>p3Ayrlj%EI&I|sp0PImgkRwzrq7fpovTf*;`Gvi+;ejO_$Yy@)d
z4~Ir5+BaBJFamZ<#_%*zU@@8))H~Hk>K{KZGiY!Bix6jSqCLd<#%HGreEQ~{oHBgy
zkgwa#*KNP^xgRuk?4XI?xSJfEvu_N7k<}x<c_%vD-*_h91~u$AV#v3!oZ;yqWBaAY
z4jP`W`sT~35{~s#m*2cEo7kX}292h-Z((YKhYk7`CN*mGw=tDbBgYLH`^~SzZxhf}
zqpHUa9#W;-G!4K<2KNtF+>i<S&AkY^4IVZ&_@li$uU~K{a}V$I+G9p*7wxs-cxH7m
zc*N*%V1Mar3jP-tT=16bZKt6)ps*bytJ25wOI<M5xc>SP&&e4zIz4=pt**UKIhI*7
z7(1k@`joUjq-`*Chs>|M%&+{Moa*5t)5nh(G<fW&Dz$HI#f1=j$sO*GnHum%n<>)S
zNu#PyJY~r7Lx8y5;&3Oe9da@0Jm^!vFnHAH;l5F!e?BNZ%HHu!*o+az4LW7`NrSXr
zo0K0@n5S+!veiR|{B00p>Q6cf=E;kZqedP-vig)$^n#hCsz(kEq1K7F)g$zxs2$J?
ze!=VZHW(m{9X_&Z_+Xn)do8qgBdW7^Zp4uEuu&)32h41z%^p%Uc+hBD0o{!qG;*l@
zF3!nmebL@ViyCC@bZYFV5yz(tElLD-!#qH;({ONbgGZe-q~B=Pkq%+U$b&~!k2J6X
z<effhrHcJpceK6Lw;_4`Qo~OPwtSauJwo*xG<dMzllB_IJoMWE6L!@svx@c_*yMr%
z^*hA5UA7HrH;XoSw%1Syb7J-IQ%-`$3#n+6{U;}DCup{wN*a$HGA_Vg+UXZZ{FEU>
z2MwMW{;{JR;&;9ksoI+rRKDM!vBT5Df+_7ZhgK@0IfPip+1RONh%mvw$8#PB?W)&+
zMtU08-n>L0cc3)wH4E@9B;7QT2+)5|P6huX23BGb$wGgD3P@2UKST%i3hZ*7Yv5nG
zZo>4w8lf<ZJDl1`#LAlH_|=H~@azM0EPP;os(48{<cHZ<Q%PGwPeIxe3}#*-tu#@!
zg=kiYf^z3n)x=7qm_3nxf1zL~_XCW6(p-l+X;Ua$=<A-e`D=spPOqcGLN;)-^J}9q
zw*VcyRM6-V<`R#<`!_K4>it=n_t`n47zRCkpqVzk-R(q&m#$%<g)Sw(=M5@LM+hQ*
zw*=I+zaVrkreOan>p8jo^#Gl}0+(;RAXE&*B^|9Pqu|BGHC8%L9<I&d)>TG3u(Xdb
z#!0L2LZlh91A4b$WAz=oPE=O0>tll514P}*A><)x?C&Mwac@P(Rz`{tgQN2CnZHkn
zJmg2tPi%18NNJp$iD+0E|79$BB+}98a$snlh${bTpxXzJW*hEqOsIvt-k7vRn@N7Y
zovw6mM=(RaJh90)dY)7gK_e7igcji5q9k&dAcv|2@fiw?v|e^<z~lEKjbOytI8=7z
zukF}llkQ_`(Xv2-`9Y)eRPGl&=>mL3&?mi!&xt_ydOUJ0s<phKu`;6I+&#=S(*e4y
zM%An>K8-gGZQc~S$9OXnkD8-Uz7^;F3UwG>=41<C;-&5iytv)+i75@ZgaLcz_0gcq
zP~G<=H3JamH{J&NL*YJo{h3QzVd$kP{M(dVV-aKiD>J6ta&~u%ZA@7n=>AzO_^7<D
zBh5lF$)JdiasO3oaiH#F0s~R=axxh7w#o7tLV~}#1jJ6#?Cdm<e`+G}D7HV(6SUuE
zf0C}5n1?RzJE?gbh&uF61NpbfEw<Wm_|=pvkk{Qq2_f>SyH%6$z8PYVZoyAbk5=<&
zH~caQ4rMvSk*uFs=dJ<}6pr1ul$Fg?!l5=R*q&1p>o(JXzrI7G`wWwE5*#HxOe%Kp
z05ZVT##OtRoV+$hckIb>&R8?CMh<~jY2ohl%=Qajto?-%Xn#@oV#iJM{+%}PEOT?U
zyStsPmJhQvf~F%*)|Rq~)d?#5E8EIo*~qoDL)>;EY85(s1B#5KJC!ntMQ)F5q$zgy
zrt?xW!6^bthVph<W>h(CmAR#iYT41RnAjwDuX!;=@VXh(tp4@OxD&<k>W$-DjW$xL
zZ+;=v-q@y>?pVOo%ij0!>eV){_IC5r^y`}2JT+i6C@;ptAR0l<Xm{BFDULxQI}&U8
z3k-Y|P<j-srrnE~UOWme3{Y_W4k)<0TR<Rrcb$~y+kC=C1)r?*Lk3ujhSpt^TRD>t
zp3C~66RP};)eSzcx#-SI2LyEIT;kn(CFTIB^QV!$7VCl07iBRI(N}~)h6bY?EUh2b
zyO1P4PyK<go$~$C3N)_~n)f{)^p<*6|2DRwxm3YlisqCd#^bAqlI8*7K!>af0KoP1
zG4(s3l5D@h1V7gW^jED08%?qwKemvwgG3huryBKhM^<7T$#-W)Qy^apUH;IW50(BN
z`@?Czjzkdgg7+Y}B$C0@dI3IBnuU;=eGQMiQigUSX@hpJm;0caWA`=*9!2V}P`Z}P
z*O+to+N;6@_u9Sz+&AN8iU#$r>1g@dA?ftXh=RLL%Yz-u`EAaLqTbqr_NaH8O@dzj
zrxoD6lstr>{@co!a>10|A$7uBk|9t17_N2SLh`g+WU6)F+96K|?nIsn-7hM3*d6=x
z4}KvWdlu$ynZ#T!hSBl!Vj{#E$9nrkKZ+gOKlk1k0^8_*0oZ2asR(&ZxYbmT(4F@v
zMu{u{dg{WRDBy{ZW{@@jn1VBcOLGISi`}U>KEZ$_E$Y1MFRj^=l<3Sf6L7+2ww4<)
zZ6rA=S3-`zGt?fvV$`!M{%Z{U4*4;HD<A`7Kb_#Ihea^SHk)RhJ#PJ%L8Mclq*%lO
zL=8O%(}8Q#5mC(11eD5WYXjklcFfKGvo&A9wa@JBxnx=?bA91XPT2WF6$N~lyobtU
zh_$XO2V^THl)Av0HjuAX=<oyyGxhvq{6o3{v!_YJ-<^$`o6Ci#7pqCB)s22GhtTL4
zVTQE7S7=~5z&9(B*Q3qY?&*mdxsMiINLW%{4W}({E^W%(BEmA{Uv@Acd{en^j#TxN
zA`lnf+dt86vyQ~$`0;Sc?ugb$;vo|?<DdXLwqPLdns8@L$J2LDw`ZfxcMJ|v@|iA_
zO8mx-O?1kl##Y$N;n3@?(_o@|iL~rX5blvAK?zu_=kcGzLCY;x_L<_p!e%Q_(j6~X
zO?W)~VCCNsMCIbz==$-<{f2;D?quH4V?V95gd{tx=Xr9+1{eUnxMo@tuJ;YWzd~l3
zUo|~Vnn>5vPj09-ba(eL23=jzpWt{WvOu0m!WSV<_gf-pQPbP=BB|VHLI66KdS^7V
z*DdEmj2hii!eP1a9?GqWmHx_5>?YXqPQJCqfMa`tz*)Y&jq8#a^_3P)JxST>iye6z
zt>=gF00jY5VidzV;B<A=%M$^dQ&lmOks27~80&vA4U$*_SL52K`Q2<BTzCHVRK)*X
zO1_-(*j^XPeyV0{k9|jwFv0PA+$vx6;Kf!voq`FAj5Fbtx%k4~IxWSIO8%{j?x6_9
zCkUD1^&3p?mgzF!Z6|@xX=F4jj7JXd##72x>tQX$2;AwcvN$fU<3GfDL=Nk0fArGd
zRraBFWHueL=wq_hTj+3uh`YLJa{It~xFNThmX@D+Sggwp{H~{qVHTIAnZB0WxIEU`
zg3&MKjs<|5AzFN4H_k6W_a~-Bj-uoh4g=z_0r|((melJEPF4VMJufA7lX0DHW<q#H
zA~;+Ngc>yo!Mn_TE^lBxIMp6Nwy2O7i~mM893GR|K3}eeIB^Mz7>>3o<56+7o#%xy
zKGq2*KQC_!r<+C3#FWK{2Pf<uuB|=^EY?Pb$quXxilV3bBFDW<7^VK6hv(1k19>E&
zg!~p{-#}P67rQW&eH)cp3a1I%W>0DH4=TJDnMi%n5y4QWcfbyxAX+!yU4c-PMdUM_
ziRU;>@WIjVC&1I~1xqUV$$j7|*@AZ`P??hS0UZzvirl9#HG+-_GJyHa>b&wSmU3I0
z*JY}@jxd54!lxf*-s#To43pEq)A?CEmOq*=jF9=?o#_W`eXspv#jwuh+J|#H80&ml
z=6l||H;500!5u@#<Zfd{E2fIxEQ(_PE^=oEyrJL7t4r+Qx=-PXW2K(MuPH!(zz913
zEc$#h0Tj85vWK9zx0S8~GK6P!MnKW+WZY4}T@2++Z}xupZ;{tPoqf_l65U}dV#Nd8
z-<s+7o(w=d$~Fp?oY7A11yZ8w;$jvU>YszGYq(Z<m9vvIoJ3KirxnpUFE5@?-?y~s
zyUabUjc`AuV1}D0uKm3>@5!0T*s<NUlSg{t;N46E?N*t)kPf`S`A(ZRwj*i7iK|Og
zhl;EgY@nQ3I%uFfc5Y2a(AEpd_ttG-toy(Xv^u{Hh`YP3u;#JSV`61u_0MhdGDHC{
zpa3QbC<yGxfSimoAWnExb_y@Hq9cQ|aCRJilh_LPcjR?N?0i7jw|i$I;n;E10xj)9
zIKx<ogC)PAvc?p-IT>LNf(i%Qh=Wng-G&31#IGkvP(VReQafY~!VXD<;{dNUbq3xP
zOtaiatmw$j52v}!rb#6GN{PzC0PVjf*`CrO<T{D1tF{H~pp3{`Kw&@koNH!KJX}zy
ztz|L=mE_ej)Z%8vU#1PemXWplhRm#F?QesbO(NRhcLgMGXtS|h+;ilY5jWEv&IbM#
zKgtY)viL{AKHi-tnzkHBzc%ShNtzo{6H6|l?X|JA>&&&aczi~!!x;}2ti#j>QlR_I
z6xt{vEpj%sD|5HwJ1ZJ=Jx&K6|KNPVzd8~ptNk0<?cHT+U5Yl#m|53Ml>ZluxH?ud
zpDvE!Z2yzH8-j5fwN{JV&srbclwafi%)uxk&69uXsM27~(dRtRWeu4tlV&4N^6v7?
zY`EtGqK2IPN*>v9jER>oyox*Kx<%vVtOke5T;T%Ta-_jRj`BZMsw+uOlvk!wijMnu
zJQRdulc%abMX-5(vYhtS+{HvVv<}H<MbxWSEmvI^o{FpmB$BM<wVwU_*#NMojfZAH
zLSvB1tOmvI<>14s+I(2-UeSkS;o%gv_E+pS1<kM6q4{e($E%VQ_cltnyP6!X__#mQ
z*PI>tS`qXmcl7Krp0K`ZnQ<vx0n_OAYdLonx$84P5MA%?*3nSeK7ij055F_=TcERC
zewmiGLz)JPj&pF~&d}jYTbuB<%xzXNUV3U7r_?oWj*{`jy5?1rRpLCZqaE%E)kX<e
z2=;S#cR_&{yq-evq7ynZs(E*Q<iDiUagUCxSFbHR=Jk2w>&2blmJj{XrLq;*^HvDZ
z;Dr%sDY;(2`>)77)@G)7_>GgcXLjbP2gWw$Ka<*N!s5?&?oSM`y95@C*MHyP)A#jh
zq)SNJ7ympU2`h*`LqCCUH8G%)yFL=DgoLcgLflKBqHZw^TP!&sR`e%hr~gUq5&@=>
z%3mGbilk=-m!g=(t!|R>R2$&O@w&4<?n@HctlN#PzN?DK?>-b7b&PWSAyp(bEU9hn
z>jhS<1LwpyauJ&@f=}jjys09Sz4HDPE6W=wKWjIua|LdE`^bs0<rIABFPcWmVB9xh
zYkQ&cJu=qob8EK^CS@P`o;8A8R}*7p!>a6Y3uUYH_<|9&q&F#XElAJ%5L$TgB>40n
zMRpHiRC{y)qlSEu%?+q}$Jyn4C&>ysZ!~nd1}YrTrB-x7TAPi^ZAv4`cHLe>gb$5V
zDkT?lgWwp8U|jh{f-xZJ>{fRW4s6csvv8m@R0J@KUVwp_S3b69<|rtTZq7^KfEe;Y
zkcd?8U|<fvEeiD?G4|+L^1B%H-pIv*a1p6eJ(N>l0A>26M?u;Szn25HQ_f0<fBtwF
zdhO;*%Aoba2<6ZH);7eCj22$ro}lDRa&d_~J~Fuy9`y!tC28cvofPPx$y_(S9<R@F
zO5@~K<r^9nYJqE}HhQly@eIdS1bh4cD<I2}|1t{5Hz)sl6_7c<3gCV_)=CZzezx+Q
z7Gi&p#;;c-_!<kr2()A&2}Y~&U^{2Zq6c-Rh#TJJnerHfLK>7Pa1W5L(9~Bro|}S7
zah7l4dmiYtXie^C7}j{fc%GHPY4tT9T;a{qaQ<^huwyFJOJdOb&h82Gm@kaCkPAuu
zBZNJT{zeq_VdWQn4LKx~rKR(cu?}n8Crn&guSy;6)}}Vm1<Zjn_u^CqoFXh=N=YFh
z`00~nWJ2LjQ9<kS9fB!QAo(nAQXt8#8g<5pKz2V)%31_!DU$A;+8kteGd)s@HjpZm
zMmuJAGd<D{+1;daL?eX-nY2Ga_Z4CH+!(D-o4)vItZcE}BG*v(Uh{(_zDOBMQPC%(
z-1Wm+Pw9;R3b5s7%mhV=tI@yV3~p55kz$daLf29yjY=aC#Hd2<j+u(woojTd%zape
z=B&#!2I10>nynAS@to=PvAwbF?a#wcBw)GiMTUZ9ZhKX|H94CSI{63<2|@8rzWXkF
z^TtGl<i;rSqQ46XF)t^j|6Z<TGK^f^bXnnS3T*bH<a>ttG-h3bpB2=@oR{be!s13X
zv?@22{yJFXYOa}1XdH;eg+GB}-O26IIj{fD7mW-ZUhUBCMPs+YSH5UEx!3HX`B&?0
zB4dZ$Rop0C?rsLr&^_4y?ZoIw_4?t2is*q5-+3TbPdKATiWLjp8OK_Xm<xM!14hs{
z;u2F{4thP`m{{8{GIY-*lUF|VFcdRh$euiou0UzN&_T@+$=0Y`S`8zOnOGw}O&r$s
z<C-Pnqj)prmCg(xKa-=SE8twyUfHhqw*GHmY~Q<7U6s-Oa34lF?vbD_w)e2MI3NRn
zaG){30e$q<ae#?+bx(E3YihM}js9)0v;R){IT<?u)b#T6MI;>m`tozm@4nS(%HqDW
zn4ct=eoHXTS`wz~>~0&UX_rv1NQ5n;RS?UBzz+kM5%@`z6jaDHfxn#zORt{kL52(T
z5)kJ0ME@N`R%s`=UD}(r$!~q!X;2rcMeagm-btNg=k<$}30hdAT1j=#Xp}GGMv+k+
zWX$wKQ5}3;GkqVol=>nl?WRDRu*iFwc{Pl$lrFZcLU&HO(Fj_WQC!G0Twsgr-<i)(
zpTb@YL^|5Wov9;sDzSQ~)eyz<$_JRr=A&3E%E_dn5TfiIr7!n)BKvGE)`!=A_Hmyg
zkq~P%uENdFPxG(rmw|3aQCPE3xS&8()YljIJsjXZ8;3p8ojHl%ZA;F6Ah&ey;{uFU
z9=IN|*Uj!&Z^>gx9@r~>p%Jmh3FW*aZ!wuQb*-)^t5Mkk6!T^yfZ6Bp``eRC>CZb~
zSzh(bm1VD<A`U;eYsvk&b8ElNPZEf%u_%{;Y}--5Az?Hshe|F`Zgu3hXDBToUDyWY
zq<@6e7D&NNCel2Q^qdViP;?Sdmc%7cb$6GMOJ5XuS+p*rJ8#1ZaFtWSk(|F-1|(%e
zY;*Bj7waM4y_nm_L^x&JlIX$Pl5|MBlRyIb@NP63sQ#WLvQ(27j8W?oW2?D5KA|p}
z7yG%p5NnD6d@VXZQP!6Ma1VfL%)>I#W3U3=q!nHj26DQ35f38I5O{NLD|EkXFGA>+
zxt=PpLom7S?(0Z#)x*6^Zjo;`!7PrYbwkAzv`&!agvgS$oUpa$;I#dkpv?`pBAZ+7
z|731o29CCK`?A*BrF!O8>`qe5Ur$(>o58q%Z$<Cbidrs-cJLDMr$0A+TM4OZsVj}i
z(U?d2zzmgzI9=VPq&33a<*tRf!qGz-;Yzp&vE*-ZgKO-wBP1$yCv&-XapMsBySx7U
zx5tZw_2s)iQE7u#J={JN8}aOu6=L{faMov;OT+TG`v6HB0@9#NC;Q=eQ5QXcz-x}D
zy9+J<A#MRhL;9hoyA<YcKds=u<)KjEE^(22@QXWuv96+uSDOFny?cbHSpU9>?>f1Q
zrq(Qo<)2Ub{O@8NI$u5finu4*vi!L^wkkc*Pe<Y~F0qP~JB-8>6?skWFe27#?Z5Tz
zu#~INe>EOSZHSWHPnP9olF!rOYvh(xKwGo~ayI%e!4e<oERo|#lSX#uMQ!+k>MJ02
z!o5Q@dw-U;ova@Rp+3EhbdlX$N9^?1kWjL}M%uF$Z^g>!?xMB__oY=gyq<c;c8ly+
z7(E!cFP1_65coGjJuB_WQ~2a$9vr0Ekux4M;`0QMQvQRyZt_P_i=MUSu6ZA>0P6R3
z%&m;$nn>xNn_0|XgT=g9oEtlu%(=Q(7LZiv2)eqPct@jSPftOwBPr<zVg^2nTBRA1
z?Vxhy2{kUgGr$}&QyszgXGK}!8#u`P2W&6K$s;I<yaip7`rZtsDT)2wy%<9|fqA1N
zGXZw}j}PWik5W88u?A@ER)-HKNhvtO@wo%Yy?Z}LQxfUQadn7mZ8IAGkrG^7{ZlEh
zSV~Q)3X1+=4<W=GJDTwy+Y(Z)_5lOPYbM3u6$O>CvR~27Xi%hu!nx4#%L`bi-lMua
zk6Nz#AEqv}PbW#8iot*XQT7B~7oLat?r$=x^`w-eJ4x(yAKJR(b=CJlG$TVYJ?5pX
zM-(s%8F3Htv|`&LCARUh?ysKeD9<srRJbh47Ql}gQC61Ygk?GQ0uNm($#Eh~a;&G1
z;)fxsq8!INr8ss^uq-5(+il=Wrebb(uPgn4tEylo*GvT(x1$*Cuhp700oZCHt+18i
zXfb*8g=fme-kUFgG5pzXGh<x`m}|$CT#MeV<isq06!M!h&|Zjxr>T+^(b#df)FyHc
zB&Uc%;@Fz|;hAyCR5svRSeTHqsc~=j4}_2&M@jH8e3U6#`NK0b&+?<wMQeU^d1A1&
zP`nDAcAp>JJTZ8)V}5iTCP+fgKw1#%>v0r}ozkA?{SfScABZ3H|B&}4V0M<}{eRAR
z&hyTheI{on3n4IB2>T=~vd)CC2xJlvi;$VHi<z(}TV@hK0hxeWt1<!Fs+9z_{9OpB
zt=1Z-qOF=>TdmcIwrc$wTxzWvtXf<3_xaxU^PY2NG6|d4@A_ZYf3D;`@A|CwbMN>4
zK=8@Tc8EL)rc8W}e=oZPN#6X-2EY#OGW#$?h^2U~<#^T*DGfZjy{)Ea08YPx0vC0*
z{9=9w-%~t})2cI%Hj}HcfVPs!gbKdKMga`|2R69A<Xh!kHIv|jSEg0-!^l@n9|rn9
z#w<SvHhXHHG2wk0>n_3Ki{<$Q8vPn<l@ucHER0-ZtN2mmN8??cf_{7bSiiAJ4=S7Y
zE;4~b_)(|Coz>ft-oy8C>`buC8{Oe8AjA$(Tds@Gt&lAY!Iz~X4WFn!OFn-L^B31y
zlKr=_HC5u;>-@NKJ0jc9;&mv4pL7v84se3|TCW!Kp5C?Q7W!_UvRb~Cd~fR=ZTI2H
zrnY{YJxA-?nizWxjyeK_+-nYj;f;V;YhWrdtyFtfCkAwer%{zQ-VN<J#~ElzSRY=K
zruq4*N0ApM`DfOR)I|Tx+%!7+0_2<j3;vnC=AS9+^gBqZB7F<_1{kHE*SS~zew{PV
zTbl-bXCBFM_wC|%_V6;Snj9p0s%^G{<dzAZKg#%r_qo^QcS%Yo4am2fz&di_OyHZl
z&EU3>gReWy=9BXKa=tXH0q(KlHoi-~2Dw`9oaAarBWtdf9ap76`2FZirjqLS@Ht=v
zUxYFuZ}9&QFybJJLCibS-k9TuQ}9WyHFe$qNwu;s#}D_rpVILo1-9VhUG-zF`FKyn
zwgT4|j%=Z+Qgle^G?wjjR;W%XB5nr<;^%;Nm7BT4%&&XmS_I=sjxEW1=D7^wi}s#@
zx=Wb`DY^@Skewq&*wiJ$_OHJ-t+{u@3eQ3V4P}Manji42@J7Y{d=pNL0fI3z4J@+L
zZVD6iey%=Na1?3*MEd`MXJMyoB&%=0aKHp(luVi-jWT|5xES#IPCPj#JXLj_;V#+T
zXT1rI38zX^Q~kGQZ&P?f7?XR%ud0@Bxdfo*GCk8j;c9@)@(AB{5aqNvRj5~5!uWcc
zgdZ4I`s&A0F1LnFd<@EBlNQrO{d!-zs9E97>qnsV8%+8C*XB&c&NjP>rQD)?!)ww&
zzojgPDm;}QXBYGr?Wt5{q96fl!+({i|NBg^ChSeG-5P#c8X;1tBfPEZP3C?31zu^i
zf}MU5h+TU+Ugy<?^eoxu_qe*@x}Sb+m4%u@@i~zO{r-HWB(;!9YcGKrhOqVw%wU_1
z+gLG}7ijnQZUsVcynB{_43^oh8>H>BSGP0h#BLmb(B=UehGJ5#Wi7lXu21mr39=3u
zJlu0T09plz;pfFzS2-<_`l=84)ZYH$(`<St>8Y!rWb2`ejX0I__pjJk3_kS>4O%?^
zIsuHj!}~`Wnpt<pZh5&pHR<8jQCt#~67@^$z&aPK^66WP=Ob^koGRI)@X3Sm=xoR|
zUw?&c?*RbP8gzzDaK*Co|1BGm^`XSxD$CguG+}?-Kvd+<NUzj_*5Mvd!Cd(cJw2iF
zxnYZ1)>VExM!NMoeF1-8mOV6*QwGs32oI2lajtO2ZRnlYwUH$RR=CUBg;1%DGp2{n
zfv(iBx3QaQ@@xLz<OB1O(XDab3W{h6Z@5jH^y<C8pSE@KdmqPR6hw%o6@2(ja!KI<
zG@<dGVH=IN)%nTl>O>t^^|`cV^el_>g;Nc_L<!p<4a4?H?RwnX)gJzx2SSnGM!nF9
zYE7Nc%c33gWzN$m8FhFzL;~N615gQtNch_cwXu7+rm(H~W%&N=kN;)(vzt*$F}&o)
z1<lR+aBSB`joTA2jR8y>6EL}5eH+?}iNG{q6a3H}N*D>g)cmf_=U179C(Lghm6#p=
zQf|H-g#L`xrc>)>cKE0;DNZKgyyRjsgT?)&k+isfiK_sDcM}m9I5S!_%w)Ai77l{9
z>I-AIcG9=67x63$2Wfi{U0#Hgh+f0@E$gG`p3zkFf1n|h_6l=Pd0ZR)0V11G4J?s<
z1$TN^UMclkO~JyGVxMh|K4&+=;%9Etu1{UzFVK!OhD%JT#FE!$TW|}%Zjzt*JPRHV
zpT@CK5gAWl1yadRR8=?7_0Tqg#_T3{?yggqQE1x13+2nC&uDFJBQ7b3J_kAMLUTJ}
z!uzEIRoUHDRp9Up1|;dKw(Ub#wadQTr>+W&_6Sveoc)@i@J|-U1EB&M4|FrL!Y5_s
z_!@)YLz(LVCk&-;&y@(8w&$uJW_hRWDr;;zGb}p?v!|uBFF&~%YO<B!o3AKmR`wZT
zvihK^x8Dk_cpv(3Vv=w-C5l)2s9zF2DA0U@41m&0{rr}#NiQ`{$dH&Nd_K%dvx^W7
z`FgxxK}dBrpJ#FQkb<(#(6c`-DSy)m-#2#MSY9qVg?HVt9R>Ba^s8O3Y2%-DGL3g$
zw>A8(vrk>bgmpcRJQJh7h`gd-((`LPP=zX=y~3@2wSHTv9KNYC?s+w-y($*tjxzVv
zn@jy*l8b@G<->}5S2}EXl70YWH4=d$;TP#Lz0-@$34l!nRKLHRX?$tbPkXzD`^*VC
z!!+DD0cGLS5GxILbrKkJ`Q2do@KGP9z603vS1F1?S)Cpz^)~wJTEgmV4DcfT+%av$
zX5;kS@kR^fG6tH#?zA8+hU-uzj-MW;vcJg(r!JO@GSAR9;N~YK1-z0{r~Y^z^=ivg
z_1d_Q#G*n|C>0O$VLQq$!^_5P5bdfxyqq^*!Hh5QBm;*lQoB7|z({uk3?Ie3DL<)i
zqD=P@;#Gku>Ir2jCT+p)e3C?!DNpf&6=K-;{h__|Fp;p&Qu?l3R|{5C%-2WK9DF)K
zpM3p4%eHFs$`7#H<R$0|KS{Q1JgV3WSrq9@Z8=F|v3#736Ju6f$aZLg*FVG~vnBkR
z4IwJ964Sy5*%=nV#&3(_$XWVq#XUxG>=sOM2L8Wc(u;5BywTBoJ~IsP`v@B~?8WBx
z=y_W(bOI^i7q{{3qnN1DGueXDGlr13ASAE+sp2eU8r_7cy+0lmzBp>1VMNz;C438{
zEMUA~moNi6dgdBy7Q#7LeMu?{L`{T0fO1tWfN&DfNq;0yG9W5EumPp=!!!lmDxR3l
z+TJWzuWE%n__|>#XM~?2A}+ntH^m$BRkO9??VA|eIKebMv1yagls8RCpfkL811RJn
zl3@dn-<pPF5!pyy&8@#8+b9q#qH3#!&4jjs(#qlGaA3c|Dwa@-@MjAue1+Z_vem-Z
zehp>MG9esmU~xzvZ)(RyX61MCN(J3wVkZp(8)Srew!#y(WuWT}1H&xx2^*)vW8225
zj%}%V?7H15TN$9O@NJxsf%SK{`AHVqm0!_P^)uRvgw$~7+qd#5rc~{#^kbayas<GH
zeVh%N43lkvaRDqb>ZlLZA<*dj6z6HWIDR{>0?NSqbHGb%!KdU-j)eg{NLUdgspv>^
zGv@8Ps7H7Hx42z`^t8GgBv8gp;EtV^$d<|`yuF)}CceJi%yMS!eDKc1-1uH!ysE7^
zKFPk*l8gFfq4+XkqH|Ulb9R3-UZeet!6(Fn0dir7^21IBN~4hq!)3S#v?T#Awy!rf
z%P+FbCTIk%4OP7w^OfoA=^f@=*-c+4U#g%l!k7E<ti2#^=*Q4#VPn=H?uU-fs!QMK
z$49MxZAJ@VkR>~I{)r%_>Wm3=PlOnD9S@6vB@gO_Y~+p@0{mSlau|{DFYFeU@W$>v
z8YY(GX&P2fj%k$0F+)%eZ*2s}v85(zi;?m0Nb@kiwm;XS&8(d-k8Bof-;WV3-#F9M
zKwoIyMWeQo0)DCCDQz(28)u$k8)pu4t&KCcmUOL+Gi44=8)rI_{E7$sZe>Ue2P@c_
z(K`Vp9FvO=<SvMt5284Eqsh!OU?i#o=RmUv_-+e7X&&P~L3tz-&Zy<%O)SY~2JT0%
z-NlU<{wIKG(zc(&YKYd&PHS=9#+^G;R|ZPUSRmTCQ(e-=oovpDL6sp`M4p*Dq~e=m
z`%W<ytfFLe6PwTh^E_>g+uh*@({@`Iewo5&KiIrGZ!*LOxPrekz8SWgSN9G?^q+t}
zt@&~|m0U_;4V-1?pL10MqCK#up&ejn4<M>z@~W_3b$OCU?^q63+kh*%>VTqfQ?g|s
z@8a$GZ5qVHd<2~!WE1>YTPF5Z%_FAHe`ds3s1LNeA^&Y`qE=&}glh94bdTOQvO})0
z{I5rdOctjXeldN_*q48QwJ)~svFW?R34r@P;pM~+!ZV6j{P$ODR=UC>an!W-caVVu
zdA3>Wgms&PoUFg3GQW)?hXiK(gQM|!kXym;npEEGFebdC_5XF7?Wwu3#7FM(f%^W<
zyTPph$U7kqH066F{psLhoAWr&Xj|JFt^!f#bo|olOw01T$4u8q_#`?h#mg5+w;*)!
zbKobhTvd;#Vt%*so1l2x>m)i(6jZ?&c-e*@<3dG{t7Kt;0Zz9KE}^`gn35tHfCTYV
zj{$?G2=nUqO7}p-$TWs?VzHXVhY)-;%I|L!cAp*Y9>vFm6?OY|O|po&MA62u!yNy=
zS}HEVk(gu>yLkJ=@YKy_Ui}4KwYUG0Y-Xn-0#`guv0{>|t;};-AmPayM>wcXK6skA
z!+zx2HIB*W@IvUNr(e>G6Qy_qyJ1=eT+&ivr?q#H8h^a8#u8(6b%I}=Ew*KLIMJ`p
z@~e~l>P){n*{@#eSABkUhF|sX#z_e8gv7mQxy%krJ*Mgh?9HV~`tT^q5($I<LWqyc
zg79`Oe*iqt8c!er4hgFidF$MXfXAMRJ5g<b=%>(^81RD+e`^5_J_%ZC;x+6UP5LeP
zJWaHyqb3eO(Tx5xGb(`j0V$Ytopz(w^!mqir6s(4YixbHeYkWhTRT!(>Y(2137^K9
zONBht;Pa7-JJOgqi}OT@7JmQc?Yw>vS(rfdlGOgK1F8GY>xNB6HP-2E*BdX8^PzMR
z2|9h_67-L6$7#}hJ*otHj}=$Lt&^f9>R3AA4QmPw`wl?}YLuNoVUWq*-Hasl?UBto
zk-E&cw{`+1cPcWTlmM+NDINd^EF3U``c+teQ7I>5_Zm5_dQ^(^{dp!AL};`;Dwzkp
zd=KGZG2Cl=Pyc6e7=Z^0fA4K@79?+TzpeL=_E{k76QtkkC%^h24td9F)1=el@n|h^
zBRCy=^+30F|7i)oxJGkx2(qrYyy19AA6`_OtgiPqv5kcB0Dnf2#sfI3@JZB4IRmk;
z7Lz&wi764&K74^;=FR7y-7n&tvw?(0<A~o*@FG55@U8#aDTQ};_`)cR@7Hfe%xag+
z^HB)pOvVCkH6vO?aR&z1D0S1#k7<XAFQEKUevE<e<h1fu@vfRZfP?phC|D66C0w~X
zoXuX?<(~0z!M@mD!L;~bO7k0=t2cHsN{7H2K$3iyV`=a%zb7%d??pMtf@uohY)tzt
z$>Z<!`Qy)$Ql_y9gIxGFB3NH|6ZmL46ZTH_kPwx9Sa%tQ$8Pq#R-eV0*{}PS*^7U2
zM=v*KgdZi|;~yIbYOMAXc{SRAs<CMvDN}|Nl2Z=9XcnV$pj&5ujJfO(*xElKCqsL<
zyqD7+smA-zj;!TZI$v=64{^pjgcp8QREo*@{zip2rc2S<JMraRyj<;0Gx0Oxx+~$o
zSp?H5nAhvRtUH}h<F_b8qj1jf-Ui{~IAgI968f$2Xa+EL`{qm<=O@O~H2i}Nz>07q
zWJYgwln09uv)$=r)+|ly=eXy_0owjRssBlie%<KJm%aMxYqdWDr=+@F_v&imT~fzR
zdxAr0+BS}R7V~10jw^?{a)y({dGXCB9QWcgbpKv5q4)MK<{w)hTyfKtS1rDhw6bf~
z*{%_n*$uV%_tIE$r&hB@Gra58tvOnGSS_3K#9Yx6vlQ38OWNs4*;h#|JTdVzH>N#9
znWbrmO*w~oe%ML<<?^yutr=N!<%sQ-;ir2hlYNe3^?WK>eEqsT>+ziZc`?;(E!N#~
z-Ia{t6<1zmNtWs0l{buDZON+XGP9Ht+rIMZJQebq8%N1OJz~jtwJXKQ^{?@*IvA&$
z*IlvR%Hdn(r|tOx1@af(hpnP0O!p8-T)Aa$KvQwLqVB;R|1eGW`pZY^axJI(h5bO_
z?|{~%=ODTe4+<ShhT0g|6}|ROZ}>jsprdbmeEZ1A&YfE^+3!c3a^KdSeLLfR?5`#g
z_inb{3XrXD6OGwtf1CTZ_YI8n^=<3h%>SLn3(1T2R|Gjju-}8LVAq?4{CAR-4{rVY
z=mTekf1c(oxQ~cGYl8eevflA==)gPf*i8-JpVl`*mYY7&!Eg$`3gp~W8`zI%I5lA`
z+qG@?F4Q39zRjDde*4btTl@HYP?hj1+Lk5Tc()~dXIhzYc+>5>!mkP#CTPY_Zr_!S
z^DaEPz4)gX5;UB@6tUtC66Mx(gU;;6poSg?aShf<+{71VO0iQ6KVZu%vZz?Hmj>qP
z!F&sur`Sg$HdSKrG4skgnt6<*3%{H>+!J{f3I{e+c(RoLXYv0!{$IfV*YW>t{4W*`
zEVh@)_dKm&hj;1T!yLk2aVR~(A?hrCo<kPpn0>{+@6S1J>`yZ*LA(0G`TzKK?Z|Xr
zVLYBVtym(J*kb+cjv<o)aFE}%?Dhi{Bj003R*5akIeie$r@*7p3Mpg0X3v{fL^9h3
z9?j&@k$vPrDrUA3ESt9%!-eEMDnH8e_t@Kdk5V5b#pZirP=+pwdop&O1P~U(KcVE5
zJ?ujy$qd<+3O8qjzo((auF8YtqEXdsO3MbR@<m1=sU~MzVw?S@>)yD4%OVQddG^bu
zHTor!rha;3kKJ7pr|Y+17k!kwTJ7q^&tM7ds#J)j9m2<sU9WhfKy0uIE2y>X52gEa
z?Rqf3uPc-~nW7Z*(iZz|7~ph8B{pQ8anTBbbyPUpfLZ^%{E$6n<(0BgK4*!9>?j+m
zVi+7C8Oq^<#U|k76edtmb3DIOLQN3Ve3$=KC?WGR@7m!<oE2XiyojrHdyfr_0K9Tu
zgaGd}uuKR4=kZ@fF5%aJuknBNy&VkrR_ejSlpR)cR$9X$s=n;ioHa1&Y=V>i0s*=E
z6>JqSes%ZTNLrfi3u5DcB#51<5ie#d;9UUPb+NK#kV_xqB4f;e#TJ_g%&cjGX6P3!
zv3`I+rcoca3~)MXcX71VyD@!>%r=M1446N_ehYC4zePCje)}aU9KR)UpB8;d6tkyU
z3oM_pIFly@zRaORbqJ=5+2i2I976F;xA(YjzZ(<8cJkg+L_Gk_Bk{ly2h^-T9>ZHj
z?soB8f_W2sm$+7+O4K%sU*OxDt;(+2@}yNK*e>jf0r#XL-XI;U8Lg`uwy|_NLI;C)
zO6<76?`f%VZ;UrL+CqCZC3RJFHwzu<!@g{Z)?F65>8|<%ZyHeg9H)1)9$tonUv4jF
z;c{&hmycHH!MQ%Qn>AxKTx>P0ww0WP0}HW)tBQ&{Mi2PZ)?`@T6I=O`C0o2&izOCD
z&9~05*&qEl!N$paQvs7Pi1V0aEjx{VlZJp5r~)>{l74t{nEf7UM^@F69tT1J+rxQ*
zUk6WniQ6HW6gG5`ZCPa1ej|TNyCUWFW|s<+-U^aj5eutgk!+#wA%clk6jy;V1tWza
z%w$LQvf#9Pm{#x=T0T=PzpQ@w<x8)&>~7=xf*r;=E84QtiVIqCr7b!<$|3%>4%X%w
z|LH?DTMgFi6;6(EV{B&>fLS|^={N{}S{zU0h1o*hXT<rO7D@eBMBh+_3X(dp53IoH
z`aU*p6E>a$oW#NkWB;wj3sQ|?mIleD_DdQs%`GGKp*wuszrqk`D9+v6P{e#F)O}$e
z4ToW$YzJorJE)^Y9USop=djxpGrB6ZVrD*3_`?)d;l9_eN!3VT)H*tr)%P=Pk+FrL
z)_#G7UD{;x)_`}E?%-|aKap9T&bT;nxrv*Q7#(|KVMb4%!P6ILjQTbBto_O{YPDbG
zZ>V2(5Z?5D=?sG}mxfwJ(u>x^zp3kC1@fXT!&wVA^u)GPVt4O|nhf3uL)K)@SZIa@
zOJEl!qKTy!*7rbXRvRI;J`UEuC1?rj3-Ms<=uvj;({Y$F6do5mX*8k3Tk~PH-+4S}
zhhC1vgCM~yw$Zx9cJfcs>NNnVbkUf$7~cTVo4|G8pQA3Eq{E<-`OP{Xjz_Bv+K=|)
z)Pj`&FB0a)*uVm$chF|h2sFIhZVF`U78Wh6j-C1uw!7tPMmJL9V{tGefg3LuHud!M
z_Oe=8w8duD=pQoPn$A^wn@(G?5{*PKHI*WkOEh2N(i+&4dRoB_<GN>y)z;}6E`71u
zZ2lw-$_%X;)?BObu&=O2W_5+Z*30-tjk$eqjWM=y&J>LitXYHFDm*RN;a$3Ct*YUX
zNljbG%f+KOluqDa)I93Uam#P=i3AjKbhsjWX!J3bMIiNJAzUXXkr^4mlIo6V5o5m=
zxD3~UM%al}?~LiJN@REtKsnb6W7q&#0j+k)hyA7E@@&1)BTB${3l0hvgF!XellTbo
z#rBVcWrX(eoOG=#AS`r+FD68U<-cdk^Wdp8q?%V7!Z5&9K_gYPvs)R*XUAkJLg10F
zddFm!t0+4NGKyDo3ASatb;g#UV6yvu>dQrt!BXk$fd%R7V^`-PQ>J`9)xM11DM?C6
zcr>rQ3Yeu^RkIzeW<xVp-?miW%u0<uK9=r*{qvb_na5O4Cbe2-BDF?x2jUTSxjfx0
z!ub{;GQ|U};a1rb9W;Z#Fefh<9&JT7H00F&A)Y?_>bsA(>Q~=s8cJJzf22;@!GPUX
z-vg@g{Txbv!NDQ<Td9AdlHk%p)=rq-(eZ#&V)2AnxF8lU%F1hbAbcYC+WicWM=P_#
z%`zI1?@ov%agXq;x-tZ86n48Vg^-@McfoTe)$Au=g($*3p>q~dZSEU$fCU$Z5inY<
zWUV6=Lksm|_^hI{%*c1P+RjCg4Ug+<;Zw1_A_CyXBRD;nIT67s4C^35-<6tV%vqOO
zl<lmw0k%eM2-zj7zs(+}HN{PTD6%5-E55A&YnU2pD_FO@sWi-A2-A&$(35bTs7b-O
z5EDI(qbPwq#AT}9dsST6V5=W->@IsDWHYT<hRq46$ZLdDO&%Ph7<Gdqmave`;*&-@
zgK^WZ>|VueKWHKR!tpTA*=1I7mGNn+V|)fvGnzm?v9Q{J`8&YWv*Uotfa*Bl?*ycF
zm<mX3nY?7T;{b6pqL=M4Zit1mV!SBMxAuE?j_|7`CL92964Ie_J7QR#JuOg>RL;Pn
z^MK*EnKuz>oHw<1%nSobwyAmC5NsHg=uaPqJk<RCsgp0|ckif1ofM+0;>-9|b<hrm
zYN`v+IkhJy_YG6Z-QE${X7w(0YpHij((%R$YpuMI5TaVYXer96SlDP2az<)v-`?74
zvho7jskYiglzyakS`*iBuV9xiq#Oi~X$337&aA{6Q+xI;yQ@7_QXOWi96QvwzTRgX
z5^B^S_A?-2SO<GKS!{ZP!Z|hw_fwpp^8CFGg7Mg=QH=&cXtO$L4NFwH9jyH;xD4M!
zFIgvQ7-*i88YF&F$kXws1frHju#arH(NaE7@V3Oo@m!mdgm&R3SAw`QW!QC4K%FGp
zVs?+@zb-BhB+fr<7>s?Pu~!$kjXTN^i(4^tVLa|yfviehY&gP}$1q&&WBL6Rz40X~
zI*@=U7qXAn4P$MkEl>?&^Ti$VJ9^P!I<2I8GQFV4L-QcSuhyTy^(;(bCv&xlEBwH>
z#~E6F>!B8U_i<lGPmlE&O&xkpz@T}llCrQ`^I?Z8Idc)<;-60dhDtH8E<ckBU$(bN
zH-<opAkoa~gqKEDfgRq({h}zOFVM?UE#1toVa1#o0}+MmT^#J}$y_<t2xlkWxkyV4
zK5k53gIXp~J-!|BZ(C~LuB(1KMjHgW%lO?puGzB}_ox?knAD4nsU1S0>IDnPs4wlf
z+1hbPw#BGRBiDHkzMK}&AMC9a#{K85&?35yH>+csy+^IFgSAF0DSVK7C5^7L9)FzL
z6<V}@7}8F)E<35(yj6-gDE4QIt#wj$WJ?Y7_GgC$UNuP}8yrk893XgG>hM-K4K&OC
zW~mYZt~6?_l-{HYSjA+CG<G_hVY;jlzqh(JnV-!Yiz+B_{EaL6<Yp!Ao3#V?osDEm
z(?DKd9Y_O(@8)0cSN*zaND7H2Wb=C>rc#}+81tXl@OacPq}~c06xd?xK>M}EZgT}J
zwt^xuY@$?%Z??v)#*6>U7f4uOHS)?B&~!?g)r%OBDPhaRsL8Xsgs-YI+wiz%)(*9q
z{hVf2Du}4*b;bLuQVV9;kW29Hq@zAyO~|la6%%H#rQE1FS>iKmeYDxt88fP%I-YMb
z%VazsfWY^L{puH>&pUtzx02>;e@1#sJoUg>aC3x>RrS5D>U(ocr8Nij)v1HX@bT2;
zS{TYY^A`1z<++^SDTmM~OZ^a5hc13YLuZHD&}qP2+_@(WnAWL{769hMHD?d_x(xVo
z=*-)*Y;Wz^3)1_k+F}Q5i<;p`?}MosNgkhJ%hM1BhBc-NNNv<KB4qYeQC|(-8xx2<
z-}VsJI;~)bN$vSeU3;oXA}sPDkrV+QyTI}3;XSn#_zE6Ofd!<zaWsfLk)uI8N=*o<
zp<{%I`mev1+7M9H``0EgP<dn4%82OmMb*K$rTX!GOv-Zy7LmLfuykoa>|g^Tk&VP-
zIk5akYLQ_zEv-hjRT3^*-~*F14*hjF=|Y<2F!RSRqFG0)S$3GJSq;C~pR%V-%V|v@
z#gq>-z;g`^r~=Q78t`0I9j~9HhMmjr^ITlnd1{y)tYOA$8`-H1+JSYgb8Zb^nU}}n
ziLvmCIQJ6t*0J!;IQNGUO$)j`Bwl1U#MHf<%muTVcZq<)8H59@yScun9{?c}(?t%Q
z2Mr8nuKg$bm~~k$A%~>(vTrq8Jw6eeTm_ScSE}1~ux?wArKoaKl=|+}b~N=ph=)l6
zec@FC+=I1-!Y$%drSzTw(#;pfE!Ogb`?7mYENV3zZ8ip(_O8`N7c-KM997pyxM?u!
zXHWn`@x(~fgGmjAdn5M?{q-d3(|L>L@@_ZFxIMO>6N?P|Iy<hSK^vtQ<-;w;)!&`K
zW7*!oV=uVwW{r^@Y>aBS?w54{p}yp-5x}ZNZ0mX|?&z(lA<vBn$bwy+u=q!6j2)~o
zGFR8F>y}^c&y8u*a_q}O$|qxkgHdBom0d$Skg(JX9hog^j2$M8%mJw#`9glKBhvy|
zdF~ibd}D27{!)#xgEeN-;ytErWNLI^?jEG^Qq(Gm1Gkan;7Gsr(X2f_y0Z4sOH)0L
z>-AA=ME5G7Ce(@9sOR&ps(rUQ|4t~+uz}58E*z|{y;*IR+leUJ7E5}wwc7lv^Afc{
ztVH8@jp}sKqT)$8$*Gn7+WZ?F&zz00rk`OA*FsOiM@MK8^H@(GZmL4lM6T%I2_>Nz
zG)1#YGW5`K@T78TP-*4dm$&GMyqug?ooGevNvYa$sJ8DP&A&e?AB6z-Q(YBveN|jp
zqun@q)YI<jXdhSoes$gV<Qf$1zqI!KyoujGk=Jh~SB)m@Myek?K}4?Oi7-?vVo|jS
zX_vJg_Kn`Z2;^%m<eYX@6VmWGtqD75In)`(zQKc%v?Gq*tG&$C$u1Jx2!1v10X<8s
zWgImlvovMKakIym{pQ!Xsee8C13p4x!om#nC*7I7EP`<_4w`P)PNLPlGpgn#5cha;
zN0CLehYE1zJUAnc&Q!8pawkT8u^1Xzh;4FFc%>Xfq<}!j(S%2c^a}l^*FnS4v`K2)
zFq5%Gwa^F;kH&)|`=WA0Qzyw=xK`u6Z*7ytyE?|<CmLfrXtrFz@YY{B9+v2jwYX4_
za!&=Xp@Jz{6BC_OaJ@qQb-Z1z2-Z{I>QF;)Yp4>3R}N-vn!{P0_fmCQfhf~4Ne3zw
zQ+$G<nP4?!Y&I|n=i`CFvqxMUl3dh{G6qy}mr>Hz^|A4$*v7V#c*QP_*{k?$z0DmO
zoGw!w$t^)pevU!;s7bVFrkA*8x??z!{I4XxBhAwY&Dh{NsF8T6U?|+Y-HpfJa&Lri
zGrJ<{!RuTPu3Q8ckVk)%@WR7wZ}*om^<5RP3OKeilKCOZ|KLGujH#dOHZI<4V+%VQ
z(6%hRrmk^^$svO+%%qREM(yPE@rt=*mDlxi;VrBX(MV8kU&JvfW)}g9=-P(k!Gm!Q
zi9PVE`6{>Fy@oDkl-7<`yzvT@{OG{s4p!!#99-J(8mH85LtUk;{G`kP@_ZlKNIph6
zc05W$P(Yu|>8RQy$eocoG|H3gWG$vqbO2e!_D{EkdT#={@E`7G!3wGpgFnrm{cOUs
zjg1bL*X$E4aU!1pmRcoMuxv8Wf4RVNrQqK#$!OvlVb^+21)J~6Tl58M5mC=Y42_~y
zI6N@nAzYy~kGh!yp{05%C%pXWEB$HA^qf(P`ZcYnD>d;Qv%zN0gau?-FA;q#&T}O|
z4LIu5(L-TrP4)4Wyj^#)){2!>^V+(aXQrCv3xd6g<z#I*&$JDy)|za_7roJCnj)I0
z3$UJjwO_g^otd@#3>veR_#t)kO0Ue2YY1~vbz+>=QK4LF(UB+?y?=$?H-{pBW}~R*
zUGdoTk#w{HFtSU+anfy>#=`P+d!;T?e=n))@4UKsu<r)UcGTslJ5AR7x|bBo)+HgO
zI#~<$cxps6eY>#s)Mq=&c_FZxt-bwz30tqbqXhk{_`$m37kL4OF{%S?!zu(bq%B(Y
z$%Xz&8rMT=wc6AmZIqX?d7j=pf5MxG!|SMOY<|`*X|K1C-o##ICrEWOhS1AvLa=rA
z-_QTI(*e9PdCe7w>Y}+SZZX7H!52-Ynbk(e(ACTx5ket>3F5XTDt5(6;n%6C?Y@G=
zSvJp$l_jzH?6}~n*esPFK~CV6!tt?XY3%8bGnU5L;7Xi{506df#MuLJA@<qB^`hG^
ziNzTlqt$*@%<cmfN%)F^Je<=9<1s|>^~GcQ;v#}AM6oY5WM9Mq)pem4(eq09j(XQ+
zZe-n{Yb*}qas!6kZovW7jlTT~lWmO+rz#A+d*?Q~EDtC*lPc%65Z@+q%kDB4C_!{E
zi#Tr%+Z0vIyu}PtYlEgDkY^zHO{Eo;`8;G#^He&&Fl*0g8=?}tWQ7w}n0drb&GUsz
z_MGA=qaU)Xgt3KXSL#F#-ViZ(Tv=@AYX<40|A4otaF(O4f}=4EfC7rp*h7=~Vm|`$
zA#f`xZ#f*79Dm|sX6sP8QpDKIhG(K;8?0xG+1i%xX`os&vrk@w3;}HGOcDsFWIT#_
zf@5v&t0Q8rm-p+7hiukS9*k~g*`m=1-}M=iG~9Gej3*H0R-PA+<Z>3pOvmAA1h4Hz
zdfY6vzE${63(o8!ir;2e#VL4Z5z6lof8#!8w;OuYCMV_<!m3(trc1ROvOkfq3W^v0
zZCWqibP-!)XqS5xyx(n@Y-k^37hQjEKvPP8xnmSEpvcBobx@tsLhB-WwA!E|)})hp
zusFj*ofO1($mzAQk0>^Xx(2C{?&()(z!3*PXV{WT3|uh0=(pRPoP=Nvn~NX76|ua)
z7P&DqARekXI@xwtxJin(%GqS(f79xG+E=Fr3)OrPK0%s^iq=U}AV@9X6aN}^(y`TQ
zqkxJCSmD0d66IuWXM@WzZm@h_Q-G~Gik03uDh5}8HX}%q=}N20Jn~}W8Ugf@L_W^4
z0)>%|2mHMA{RywXwEFDCo}9Lwp?gj~vT%|v$p0=Zc$&W)`gqmvoSN?R_jIMv{FDJC
zpnggZhH?$i>CWjb#P@749^4z}^vAgu#f3M-IdVPg@17BwX<Nl;un4edv3|Xwi&H0F
zWi_Qa3i~AlpA&mqdLT)yKv{2BnAk9TEu0baw!(z~V?--NP^c&^tpIRuEP#89*-Ue5
z`h+#!a1T3&G$B!>asM2%ID;=r$abG3VMSorKSM|%?Y9pf^ImhC?AL7T;qUbsfczcb
z`qCRR1Wy!OY;aMenVAgztX0-wUo3R>^}6rlM+y9rbnpfkt0|>}M)@M;Y?xFY68FT0
zN#uJSzg2duZJk)J8awtnE`!}Op6p$`Ta+wl3cg_Sf}A8Xoi&J0BhGNzw6X#9`+k#v
z`u}4r+PCv|y$Gsm9i08!)WN?KiZinbLA37aD!evlc|3AUY=rXw7r1NsP&@_-+j$nZ
zF5(m)SA)e~^FQb67zau53;2ubm{#5cX`yf{gzrq7$gxb|UWKHgk!{FWhCsDpeV=){
z<Cnt5F`cnNt_zD@ZsH|X31XgQzd~jJmv9?SV>%`-@lUM*`8xl;<4{9^N9;)_&k^|B
z!fIh08duq=L-i>p35qa^r`CR@%j3}ugAf$q8eL(P)|)jQpG7SN;tNO*V$KL6S&p+r
zvYIJ-mX+;zO6ExUI`)v-j_pDE#BqdqCb47NVUC1q+kTfO?P;GhIXuDHYl_ssBCZ6&
z;xvY3TM0X@qaaSgjy?d9f!Yw<K`zb3kqti-5TWrVWV3pzTGQQqoK`6N;~LVLHd5gf
zk>^v1ZY5Z>R|J0%nL`xal!Yt2b$YLhSa$e3n;iDqv0t^7WDq>%tHM<^QRGkZp8mJ@
zw4QoDJ&AZX1HIQczv%YB&*dLC!c#@2<sW^<HAY0qa^o5*c9}gAT$Y_3o4PXct-t|d
zrIx%pU9%<$h1cW-Rlrd=Tg0s!bc=Vvdxh}$9Ugt63#R8+dA*16lAB5Jy1JV=xu0gt
zlDL#Z$51@@$k^;4fg3iOPlZ9TRSrC{z{7dMwec|SmImWtW18pr*@d{aP+4bIp}@um
zIK@p?OCzZk_YaG$j&?q)LB)`v^R_H3<F2%`3<R#W%)SU}mzj~fjJ;#+sdi%&b($DO
z<6EpvY*A5T6d$*tLYD=5P~vT*3<Pwlh7p@TLMdAy;o=(M6DtJ0%?K;ix{918Xn&^o
z4Z-~E;n=DO`eInAAi>sfETBTC3_7#*_T`!OrT3&k91dktmpJy;uzqZ-s^?s_w}orr
zhq+XCp&7xy^g8vW__Tn*TF{`Oi{UyLTCU4a8FQ+d59OJD6=M^#N9@gRc*IIzm#dOX
z*)0F&dt!NQY(A3O`i%^u((r+lnn%jH`J-_blF3cHF>35EzgC)*Ha^K4?aKyS5{QYz
z%?=MnSk%foYux_!GCs5X!p=!iqhd=i=>izJ3(W_U%<#AMNc@DoG8((6{3dQZYAbB|
zfWWPbQMLC49$I)svM;K1ypuTM=G_9eVHO0??`IQU{e{g%UU1twLHz%GJIDdqUhjv8
z8PN9d)!T_@;C#T&mAVRinBydOBXrk#IpS$z0l$XuN*H_ssshG8SQjBG*HEXqd43WL
zb(-WdPLa(1YzKzi)wGm7D8EK-ieX;{>or62UGppKN}AIi@^Pbe73k#a&v`3dJBN0<
z4LbYM>`!<=U);YpvegJjaEe$j!K-P=P<rV+GCKz_+WV6UU>#R3)$EVd3v3_Bjeba)
zcy>;gMv%SX0MpdW)0Wo00<uKzVz#=A<<b%N8;*1F*Bp$PaPT2(e!n>2*^J(-U=sPh
z1+k@!)7}Iz*u$>7ZEhwBVhAR-zz;9r_bUGQOf5&<3n##6GklsnvX?<!fDFc&K0&xi
z)S;C*BuLxL>(I1&ARK}m^2v(Uh%$5-cbuW0{S}B>P@`N1qF|R%&CD4#E>M=4BO)>T
z^*VhK=(xBH>159;5u`37%$0I??7ARU&WVj!O0s^T;v5z=FU4#}y3+=gUdSCBy4Z~L
zxHx?{qT$tqw{_Zs=`bT&k`J2D(J(Gdc#N$Z5+HYtM2;al$MH9*l%?DpQumcM;b`eE
zV@0dh*0_3kj5UP0YaNJ3p?)A9MT-xW2dKAcCxtCzBrD;wPO$`b-Ggxf6@}{n&M<v^
zjCYXR40~vwozB8eLSJzs=^lwBZBYF<5N_V?6E;w|#728|wvC)2g?KC*5lL!zldXkr
zwHH57H@mkCOX<-_fUc^oJDo{JT3&<Y`z@bdTya<GnSpdk#750r7h4g4F*6J*6zEvT
zjvbqY%hVcScvc0@jlJXXFe<?J`w~LK1D;tT4!qKE4_B^<C}oQc59~J4#iy-K&}CtN
z6pla)DZ{W@xh=pybG{c_kKo1%))UOhot&;UeRA&7xu{CPpz_UKJRdg}vUOu@cKJkV
z38o1Pdj3trwVeK}Le3D?Fc=R<mO=HuF}B<l8!q5kzpZisz>Zipe+P{l9ROB3W4C@z
zmKQ`=FF-IE9(GpX_lQY;jrVFBsy4*Hm&UeZbes>nXludn!a=CqK~#suwxi?x6LhQ)
zW5-r{I_)@ta%h25dNIY|-lEh>-GLN+)B%XMfh|I4+YCv(N%t<&8fz>#>V_LlJ_3t9
z`rL8;@#Tc`A2ytC(1={i(qah#RE2PoLO^3UbK97&=sqO%3O?p~ZqxFqJ9YsuS~hD@
zULXvFPXo?^b4?K=ZB*_qqkpIqjYYf1=NpoUIbejBwY&rA5XU@JK;Z~ZFNf;hM`$%<
z|I<R@5tlf@1$jlC*dQ8~5v;mFbF@NOK-i}Jj@WrkY$wmyYamu^<`uGY6F{AViCTPb
zw*XTo4_aN%+-Ch(^;LFJT@P=;Eazsve>X@q=9Ud@;cbi1bBQ2qQ6HG^gZZ{eBk~~=
z(5a<Y4Dg`Ex&j-x%>i5@B6;goo5(w(+9yQOEyaP@0qNfP(4`zw^5|0U+AmS{eyyWB
zcf+p8lW@AOPBE-{zffgDt20o@)Ohy9$L$jKSz>scns->=7(pA1ulryWvW>ky{qF-#
zd=M_O8B(;CnC>szi=`6D`?g6nY!Pygc&wZ`1!@C0iV&mm(xwD-zs-Se|8S>4#6%-R
zm<hFE-(eXZPNQiU96ZuP>p&BRaY4?xF`hwh_b@78P;he;ok>*k3QcV;8P2tNK9<p9
z$k83E0_kY@ooE~g^Uw>SGjWxt*>TYW&95qpk^vwrsNP9R|FE#90<(V-2%?B`AMtvU
zQa>#6CK4kgMs-gGemF!`5AMvanyj!7Qr5dVd+$nmtzps|f<pypa3(+{Vuzpy2O@)9
zhb_XW?W)fLmDn><5}W+I?ln>C5!gcMZT9WRBdf0THPX>YUt>WNkrW-%NFb5yWJPIR
zJc7+&;reEW1srFb<2-1dqNL5VxyeXsE=OA+3QNh%3LZfv7+@*cob?+MR#@!X$}3WX
zm+?ELqRCvK>Kp749$VE;JD4AV4Bf8x+??7eL$_*@!ST7JTTmrc=bi9rRUoH?qMh|p
zfd+Qp?fh3h%9UZ>&abK%J3P&qDZ0F!?@jGA&$5b<MGc^M6H}uP`8to_B2e#k2JjqP
z@Qsg1zbtAfp2;`YD}pM;Ng+2ehQ<m05uk)j2j(Zz`x!RMDxzh0Yhg^;4I$Cc@yh-a
zN?7><N{Gez_Eif)g!p$h3!oK+y9^ZnI?e39L9vk4My#qbjQ^!kv%?yJr+H2Z9vv;6
z)Z(BhUoOF7haAr1s3UDmCR!lEy<JFq=Gg(8;bbaTOeNQIu+kN=I18pr018!<pd}~9
zL(^>UJ6b?(KZ{mf$A7iG3OrebCj~p0dh=l(nijJzTHuz{3EXyVJuyMWZ~&YJDj@k;
z7Q!oWCYZ-<G`h1vdUDi~_J#+VO<sompKzJHF<XMLC$J=tXbO!3B5>gris-g%CDMYU
z*HXzjjAU86iaaHI(wK#&Hpydvp44BiWgLzDlt!tA0*JDcF)zGktf#0j6~!<=`_j;0
z3Fn-q2~|jE=@1Q)9c&4|giBu<&+IY3+1(FNx6L8DGdngB_!o8*wN2B<QVY)Imj&=Y
zZLRvDqG|l+<UsRb&!<bRs7=)wYK0was-|+YJ+?KG!Pje1iD8iirRh9I6i?d=A~B^;
zCx6-dOx$7FDIXHn9TE|Z<&n!joK}#QhjycB_mJOf!7m!ReTQ}BLnl;ST_X(_sNr_7
z;j`2UmNh|VrP^v)m$%-0y^SR_mm7Hfcqx!E(di~zqS2L@TZ5sA@8GkSz1Co>NGO)E
z7^{)gZbG0^n(yLLGKt;@0~XrgnQ>M*oA=>}f#Mqh#Bd@>lckHM4VNVLs5|G5C=LEt
z$|+n?-pZB3a0$(>Xosnj<(Bfa0cERvd{I2N9!oDiEC!a}G8`}O(g8vJhpZn)kZ6%8
zB}|`Kv1({DWGTGK-f9Z#h(!y?njyQ*?j)};$%(37GFgOSYF{OmQ0MUWP2mP{Z~@b_
zsWBwc>?r3ia$)*rewV6Sol-6+8w#llden@q>hes(`fRT%V}5~7TP_P~^lRzt5iCm=
zQvi`xq|e4LS#^>DMsh}0UO}6<;i8%%*PKhe-+rayQqw5El-=u^zf$&I>g4<$?ro`f
zf)@BUSJ{(4!!ouE#05xl)+Y1@^80Cz<x~6)J9P5^Hd;PXB`DTm_A6aKn(L6gM0Kmi
zjc_#jMIlEch(ESQc_NC<#%|*UVl27)qv+$s23`TGVp8D!%x!q&4x8+jB}h#tjsa(;
zHx;>rwPeo-@S}CJMMerVhc4QA5as-UPDZeaMo7kQ#_k)_=p?7oPC4m(#3yh&PdC|o
zM+8cVugqK%TxH7gv)I5;`GjQaW2hGBCtV3JmZVX4e#eIo*^swHlNOvsi9QCF?+U?R
z-?JOI22fzRNWY5X1ya-rNIaEG&_dM|!%2PFmaoabT&;E~V|xl(XO6RH43>)7yXlQq
zvIS8J-Ao4&{sEXl=w{!}n>n5oSreYDp`5FQa_mqeYZi?lY!gMQoj|YYObAn!ZPv4z
zS~xq#rSu42j~OC89f>_@u`oF@1*|vH(}+_CL|ASn#&+J37d6X@ng!~WJ3tZnv1J7E
z*K&diW2}rm>P{h$B0}`Bbs%A0ck{QPd&b10Q_Uy^Eg@oG0y;qi1`Vgi)^{*!|G*V^
z?jKl-TKT4bM~2ggql{GEfTqPD@mWRfHU3?7o>6^n)JG#K3S=}eyImt{2OClI<QF<G
z86C0_*qugTzbfeg8s0=VZ$&SNF&~}Br9`8Nz=z9X@l3mO@d`XUPB2Y>GCfrQq0XV=
zA(d71&lD5<e$BkFWzf>_Rl__;2bTx_VLD5+N~s;y&3*GkZ>K}ziE<)a1s;+N(N#NG
zSB<Bu0ndcYVzc9%y8L19oSvY`379c_@o~Ciq0;=ib8lQthqfE6O(a+d+#t>kkR93i
zfkh$DAzK}nXw4e{1<94hFOzh5tpQLLa9a^WEBf`M(QUvBytBqiA$tut|3qo;%QI<I
zWtc?K%LTmxioZxev2X5o@@N@Q#1Cqu>@aDh3?442OyYifVp-bbQJ+gKIqL^zB%DeY
zTg*r38j~LfuFCKqigGE2N?$d2=USU%c^hwj5v~5DT5X5Pt*%cR*F9ls-<JB4Gr_UA
z$(?lp_O8m$9V4)wfx%vv7w=9`xbKM1Z_*Ymv>XzJ%Bqmq@Xu<g9Rz<xHP@3){g4NB
z&dMK~+`7oN)h^wV2+0t-7&?=4!%brhYg;&8<J=Mk6zba+j_cd*AT!|lc`R%63vwbX
z-DlQhUuZ4iY=8;_2i$)mf69r$repK;lL)d9dTy)6!yV8}z%SCa#OPNM3LtbVd0W4{
zfO2UD18hJ6<y$X{b1^jaZFZCk1~hoiU$rO?TFtBGcU3$C>zU02uF!>n-W2lmsRSzf
zMh8<(gk!$nY7*=))g&0C-`eGnZYl?3_mA{YO-vfc+j5N!N=r6FIZ`yPX|YcJRUiru
zHVK-}s6zYuo>v!y(F8|=DeppO16{C#b-^&2K&T{$@-T*X)^`C1Npt(m!U^8`CTV6_
zr)Qe^rVZM@6=gkf(i560ffU}zknh!$j6k!egk#wrHQISIkE3ytwX_VD@ZXx;c(9sm
z2NN39+Hf}aO6PEh7wD;6Zc?^K=>WH<9%zXsVS8yTTu5#*TL4Q_)Hx8XYqp5vCnPcp
z>Cu&-6Wg1ZP>kkas>cj8-8*DBt)!*;yvGjC=pO;rHh=QiKsZEyPi#0+x}48xY#~GY
z4v5I%&UziLQNQeP3uhh>F{e9G6~tNf3=mh8hT^ZKfYGwk`myU?F5toB11uKu6#MP<
z>pshkq{np}u&f2n#ClTGl)#emM0){c_2iZmT6XjEo>R?d6`i%*r{39NuXAb+Rnn1V
zk`Oax7R)}+S%a;!v-6>_#0BsH{8?Pa1`vZ%XcVNYpPSAQz(V78zsK1wx|FlfBFJ4Q
z$L5zH7O{C}Zj0f>;%y=Z-j)-%TIo(6A^SpB?(0>;Idk!4ctZB~Xu!pDwLTadPU2cY
z3%Xz4VH_IHv=N-E#2qCpRk9G1+)v_|TY1WlJI97$0qYY_5sx;Sr4sDgxQ5Fe1T_d0
zBOEm%$#y<=M`2)-moHaA5;8B0<fx}5BXL15jx#pra0bry3$BaVHXRkg4}v~OQB)W~
zv&ARJgEaqP$Fwn%dEgHO@LC0Tr5nY=oGI2F$JX~+v#~lgh(9BxC@q|cB#7kT4BH~z
z=*2z@9|H{KU$tb|UgIkmARpp|Ly`5?^019u@e)2NZ|xgHP^6WS0Xrny8A*wC$Y$#R
zbF?Fk?+`{X1i|HTPI*3A>#vM6AHs#>mVr3)bpM4OG_pX%1UK<<U5+fPT;2ph2KR@|
zJwpPY+%y(FsIUgSWacuSwDEB6&C_fB;pX1tG_lrx7vg<xZ_ZhzH?vtxy#)(|s|!(S
zU8>l`6Ok$x7up9M$>j>Ow%O*pab;|kD{HQ9b~-sLT!`)WjX>?9;bJ$7Z#bcmW&BQw
zP)+ZgBh;GG>JcqAJJ@3T7?-ZJI(2r9SmCEfH&d#=TqXbPHRT+OA+6Hit0p_t2&667
zGwW(HCLj+&f1YGfsiCGKi^HvsVejAD&@{>SQ$wR+si!wNtr2c|XF1WFj_;@=cK8Wr
zuFN$uDZ=A4=a-yiLQ)MSJ}V1TH7IXhgV0rj&{ab#4;nwurF(*2odzLb_W*wzSVm6=
zEy#R{L8#De?t|xiQzHpiF2tckkJni`OsR@=CBo#1w6ejnf>TOb-Eo)$vcB{cs6_Q9
zVCmj?Ea6r8w|WlNC_G-1Tz`?b@KI}_Q<%cq+6%wQU%1EBiYC}}J^_s0if76XW8u&^
zb3LRs&Xi<>bG&O}%bTE9e){xG#qwi-)S}di6Iwj#WVtF%FSF${@mg)D`Ear^?9w82
z-Keei+yg)!OTxA$922~#ZU_y!CSPx>Xytojg^iMQRcDU;<S0U3M!m2ZFRg8I(;@u}
zW8ylG@;NcM%q*=t8}%8QP;tp<Y%v@P@)I@=N3lV&YR^toqEj=2tcY!QRzH%Or9c%&
z*e@TbP-e^#bGpV+Pq%mZQ(PbIr3>sRU^v#+3*tN}evb<yI5&pY!SeLloP2Li;tF1$
zCQa6b^2%5cDZ+n6X?5|MIB{5ZVc<-mTXJsTYR*W^)-kx~gM}qYxbl*bUQ>|Usy$`@
zRI<G56DO6;*Yx6Kgy#u<IcJZ>gVa=%RQlN#j|0}^e1wm~S=k5_<nZ2j;$S>Zuxfry
zB-p9ca{An#SFu}$Vo`BGN<J(fjty(2SEJPuJBS4wQ}oS2H$}D~5mqjKJs+4{z%ZxP
zr_4m%gkEtCU*F6XhJj^~R6oV+YI8U|a5NqukwtsZkl9Nxu_gDHsthX&He19ce}<vW
zwWi)UH;sk`K|5bbC}-iM?XmT#*l`h?L*1cb=>i3-zsa1zz-WDY2Es&%26wXw>2>5U
z9vzGAj6JI-;B#{jJej11gUYtt$C>P#q*n{=Tf5B63MmwOr}8X-#)t`(3BC*R-O+5I
zZ^9wX4M*t?u|Yg2ZbHP95|m|d0je0Cb@|L0`)*Uoc5lWPlGonK8i=zc39`%11?G~4
zHWCq_n~gPN<9l3^q}93efYt9X&HjI08|{BN!%S&Jf2rA!MT!vIhj653c?e^o#cE20
z=*A$q7vf46<}xDT$^jO-f`d3k1PwYRzSQu5++;#_I4PhMFbWrDt-dHx{B)f+g^r)<
zO`+qy)CxWTGE5n&2>s4dBN13r@zmkBh?&a@PEp%bWY>AY^l{k~ebhT4EbX&8$ehll
z@~KxngMd@%i(O~Oq_S~5kHL%XVS-+I7U0fynNpUAtG5a^%xNJ(2~fsPfm__Oc<rvb
z#XEjr0@sfkS`c&G4$R#r5KXL@Qr5zh`2=X_6k97aCgW^N_|k2h$-9(y#4?Ailr-@+
zyK%II2Z~s=1I^Z_>Wh#gAki!z@-3M@on<w0WiwRfcaLg(v9uep6N(oLjazd&OFsY`
z^Rw{hRFB8Ozujgw1ib#ZA8vtt<xLR>bKGdgOYMAlwmF4qen5)+F5_X_!6g(pV$Ayo
zC@h4pQ`W@KDSHrHyyxf40d8CR-o`?Wp-q?{iWz%m6~cFHv;?#}HCFO-6~k-fN$tU|
z%cZP64yE9;mhe;aOflJoX5dg({&36=i>*h;c$g4VkWKu+@ZYzOQCWc?CfEdi=P=mB
z+{vK?Rl5+Yxt)SG#}%u11U_kUJt<~)$0H7}o~k)Bw26Q-@{M9a|Hc|w%>I%5rq9@N
zDzBChWA@gSu@iJ<I3s+@J#~HYH-%3DHM0oz#Op(W3Anpac!yL4;E7M(PNP`qw#qxg
z6TCa$-p#>22NGQUkQO**Eb8ev>Ec4PF-}+bk;_S?&CILV^frDzZ?i1GN#?CG$+8vG
zEh|l;F5AaA3z#jfUnbuJi4yQ-$&k%LqtF=s^bS;?ys0Q}-N`|->0Xa|?6nvaZFL|t
zTEZK0i;a%s079fh%LcebJUpMny|BLnN2TJ0@e#!@8g7QLHXcp!%Tz70!YN4!abqm`
zqE}z$@vt<QJp;p}iF6G87Ar#{SZI=PSHKU9eIuoUD8W?7Lrj)T<5Xy8LQ+L%2$9mH
zz4#_tGxqqrEb&}oo8ZhATq5t+naAs-A>1P9#K#({-5VF;8hS}w_|iC|{Ks+O`8>I0
z1{h$0J4zjk-zX5Dm1i*pi|PGcv2-ErZ>RYf88tB-v3nyw8wdk_eYX0U>~AjMNWZGD
zs14n#;{1ysAtPGDp~Zo_V<^s-M~2homWyM@ThuVMOBl+9qZZ7n7wXDlUBt|QK`BwA
zsP)ybGd4*+{jMBoNOreY0G4_F&16Oa!(tJX?xY!S;x#&E+0!h>AGzZo#SF47jVx2{
z2`KmJmhekGorQ<8&?M2Gy|I5dE(fe7*)wq5>$mYcxG$c%RT&MSBfOOW6HsjkKgXPY
z1+WyB^uZf}?ZfrMy5WprI9fb>(bz#h_@pwXHp!dxG*P24z)b2o9M7K9I)Ufb&k}z(
zEKi(dcnJmpJ%E7dC;OxY{T3M<hn%o{#0#K%;iU2MRgc<00(I|X$pd!V;4Z@V3xzRD
zS$<K{0PQ>3LA|6^FJYOO*t7t-s9=YhbY*%x$yAnnJW8;NlBw!++n-pJC|c6_7)5J2
zDi&@e%d6-b{zu{Gp=oPq-fBS6Z0386&YO*z2<wRD6D*nN5A4WwO_oRD0Q3NW`gDdn
zWN%<FkR5cpBV5in1f2Sd%(3pMAOT&{WN+6Rb#VnhkNjarxM(vMVNs1hX>CKO+^rdB
zY&m68PB>q2vOy5S3(ZSq!o@a^zQN-=i`hq1E&Li}(eUiu@R}ds5;N}<tmgP0tR^f&
zBlJ=W<RGvJL};FKlZ4;^6m{IBJ0FQLFy~P8=>W04lH5hbeCLSEnPiOgg4P0I?T#Ij
zc|rZNxNp@5#-#E_d0E)Y?@g>Btm<jbh~i6}I9eDnt2|h4Pa#9Swar~H>faLF7sRd^
z-<n;>CA!WU(|I~m#=R++&c7uLRUg$jGNIMtQNAX85{-*7QPfdS-fzWvfQ2T`kz(ET
z0bx5fIvOT7$xr!uG5e6q90!H-#pL%6Cf2Q6Apfiu%Uo5QD>BYP$6!k<>(|n<!(R3K
zyla2Si|;VBK3P~;XS{sJp=q5R&Dub%iWyeY4z992F&@kCwq3>)VY3$R+lI|LUB!4_
z#7`iKYIq740vAkqx)I|)?{?v;YNjMU$g&Q7y|hnmf^IxOQnNM8^43ZzW=~RUWw6IY
z-Tz1f^HSRW?8>jI^&p<F0kMNAzpmiYHZ*Y!*e_F8%~HVP*JdEC<#WM!C&bp9#oMJE
z59Z#&W^F(TY?@sWy93@&%v5^5V1&31G1$T@xSuph5$aYgsoD$dS!zI@WG|4hSQHor
zoB?#Q&aQ^+*zM0g>rb@k>^1}AFHOGIUH8L*^DvaIb?q!rE(N8vj9(0IizBkNJ)#TI
zSobGs!h0j9N%-YhZAmtQ-P0w3kNP>$2?xZ~-l^#<juF11OGLTe&@WlrF$G}*`N>cP
zru=~S$LWZaN5=+50&g(O$<{%aVJ>d+h4ALR&39F!C*aQ)LT*9Q{J);5u38-0Mg#|T
zsF`|e8a?eEW+sLPqeFs{2Gi}CGVcRimZisQG_}aJho|+C)FKTU$b!JRXr|Qt7>z<U
z+Z9wivg?|VB{Gdxh}TVnB~zwmv@XN0=ASZIB?1<tCp(%7Ye1)1H@a&2pFhl-L!8<q
zEe#H`TjNnGZ6NmQ$1xlE9<-s}{0H!RjU6xsz<a+J*oygVXI@}G{%e-9KhA=KABcw!
z#989lBqXBG1Fq$3)Su)&&lH6FWhE*LxmJPrQ$l`{R@nxxd_)?&e@Y4;)?9lmEdrn1
z+6&S96P+NUm2TAuH_nSV<#D<#w%tmhi=`vt&jJ{Vm!g5wTc}A8LqgkDosH>Cda|2f
z$#q6cI?8MK*i?gre(@D~UGB6y5K#F;j8?ilY`SR!J_k1d=wcgM!gZ>lT?P#E1{0~j
zN?-W)4^a50b5$lmoOGAXs&`10z9r6HCsMh@slDAMnDW6mM-iMuZfIB$4}5?t(HBB%
zdTg4>=x4un6wMDE+l?`pSzZtuZsf+*rmaHxwn$T&GJOqV$dcJ7(PAy>K%~}*{N_YX
zPJfF%H(V1^X!!xI(K8g46icZ02U@lACEKU~E!kv_5wn1k<VRw-9`}=EFwK;FEaw3v
zZeZ71o;^kPJ7Q@iSbHvOd(IJbY?M=Y80$~CdCY$6!I;j0?8S;pch{A5YMedDof}8m
z6TJ1i2yUP(v0jFNU8h?pOY5*A;yn@`*+K2(w@GL(%o{UiAHbHDTkb@&?RTeN>8P1p
z3?InkUlS|k+wF3uE}3ZwncZs4Q^)}ep#zmC(WoY6_F|Jg;MP{f7B-ZjWy1CiH^mmb
zdT6GKD6bdGX^52~-J+V<8X1Au=2DBgkZExyMH7aqntXh(F>6S{Oe#XQGh^lN$=^b3
z#+>Y{NJTjBSRw0;6a=9SSgl=FG$$w9wRn=F31w3gm&eK|m0S~hb+s+_?v#rqRASyA
zVq(L6thB>OZ*yqeNs5&X2!n5o)2~PM=GVa5wYr8|ZQL9e05zm7m|p&}zmTMIp5AQ$
z+f=@qxwIDUG~q-5sq3)KFP)4qNsGA&=cEOIXscsy3hQ5%Rt0gh+%AszC84sqT8?Rs
z#n`6^_)_*gt5j?kJTj`9;^8tQywL*XFt;J~z0t-lV}Z7d^FArIKOTwLKXi?Z2R#3Y
z+=1a<Q7N#{TG#M7^0wSh2o7o;6Pa?{zEQQCGLP-SV_cH$j-|iJb~DrB;Qbx%l}JM=
z`+^U@H`^?=I}F4W7``wY#Zy(uj^(Z15#D<{f@Jt6sM^mPIj7s<edvJt!`D%@5#>wD
zsdwLAhIQ&PiKgf1*nA7`vqJ@-_vREg88!^Zo@+pTH^jOB5}R+14I5(H!?9^yY*-na
z-^#1fRVy_`!visH7UMG8*mTNp6%pbK9((Fj+tY#`6K{NL3nei+fCq|ucUj1}WNt4c
z8x}ZJ8*tOkzapNyQSHKp?b6mpKI8f43xyr4b_jcDwPlhKbP^fc@Ec=H0v<oQ>NR#n
zsmvs;FqiZ6!@I!DVguOuPsQmUjEjzn^Vh}cLa={Mh9y)i=fnd~j3@BU4e`JYar)u0
z`__2iKkKbh`3($tV%bL%=n#=9%aAa#tf37oNd=X%c6QmUg0DvEu(OHlDB=TLOdFI!
zZADej9<F;d(-k{vCI*Zp)V?szzaf@xW|d(%Q+wyLn&?CKzsAzeTFWr5TR*EU%Wn)>
z81Z6!LrDgy5~PmNh@>!CkGX>G3-J*mg+qG9qDk8xk&>j8ooAvXuGC^gP=tbm&E1N%
zjc!xSO!(K^wq~Qohxkp+58E$OAOo?sejuR6;q7;f%P20a8SX}f^0V8^)3w(xt&*T7
zo>G3S0EpJPVCG0GX?r}*e)HWr2f0c{a&%|x+O>FK++_e`AYjAnFFb*UwaV{chdCl5
zZtD1;S*TXa0G2(7=q}*%korRTnXw+{FV84BfB9nc7>|pmw8Qh#W1M?JVu2d11Cp>z
zz9QJL^ElWR<c`kE^^20Xd|d1xwV+3DCa#@ibPSQkRohcAkYj^{6`U@z<I2C>*C7|&
z?Rrol;i0KK;$BUt<t@e(4$BJLpd*+-KS^s%1ulFG-AR_f?TeJ$ey@120hV!<;t9JQ
zx1wz`yYd(S<S&LBfd~~)FS%Q|Q)m_3`d)~vWGYXf0`9XWOWWdnhV-qnDuSfvSw&9x
zM&jYtw6q!WHeIMpk3)N*Wm=!8Oki5rTbXToIPO%+r6OvM^hTZ7OLMmx#B1VAA#FuV
z`RY7b#@JbR>c;NkDaP&))g0!lpIgAF4BMTF%4#Xwpoi7Kyk4sxbECvzp_`&=#x1*z
z8C<V#ObkU$Y_xHfoUd|$pCPD(&b(l^<LR9ch%sNliPksF;R4!aX~aC634AGpvO#pg
zJekDmT%72}rYht#YySl72j|giDlp8`5PB1%`!g$F5#NpXB{{Y_QsLYwlt>2ts9J3z
zYaO=R;)UJT6;NV30o#=A5~}FFn^uaj3G^O|VGSq5E=bL<d`(iK6&8;TCZEzPKt@v7
zEaUgt^%8Q%bXS?L3U}C{<^gB;?f*U5u|pmVx|L$jPs)#1?X8lkE2WgJxiBmtSi*5t
z2rmCXmD*vFcF5GN5{&Cy?0%dYf^MXX4GB;HvG`+oHX~z!M3N;@j58eNt76O9T%nZL
zNH*Y6u9y;E3G!Hz9@z~gSoT=KN?A31IWKu~H$rwq^;=ow0-;t2y%=6L&7E(TtI};z
z9OJsmNFbuIWmx0lF#t`M62G`^Nkj_Cxsd=H9<+sdeOpD6a{tszn7z?)-=*ghboj+6
z+kUIzw8Ny~tU1$uuFq$)8iK5in&sb)<I^4<wbtH~`bPTrlTUUboFzg`@Q`@3ya#6#
zEZ%clYW%*v^>a;Ot|T$wi<L$iZU<|)n(N-=27$j!ZT6J??pN6wn_gz>SlZ2k)KE|G
zW8TA&S)nn>Q!5KED=6zQE61V;<+cBY1kuZ=df&@tqKDZLYPlV1Ew@I`>Gy%2C5;?j
z%i!dB!dtW#3&<Yr)#$2SxMFvNqa+Ku*{SZgt_N_dXKMAk;T*Ip85!`luaE5QSMX~?
zc)4<J7Q>QZ&0PZ-biDebr>GtUhPENeUD?<oQ3!{flUY8%w8UDiB>Vs<a)xPYbLNal
zA=T2_w>fR>!Q0BITKE2b>Mw18Ya8{qoBNVOym`*2iEyTBLz;<m_cjw~6sApE!MF>r
zoW_6Q71uT|(`?wmkeG$TUZ{Ju4P^P&{-j~GHX<HdkRnJy>)G~p(C<8_SfB)FNSGkq
z-o&s=x+|FV$)-9l()X0oY<I*?R9%Z>=bgOmTjMzo<dTCZuEa;FUyDgzF)4kh*lPjz
zpafe}6N|6Yr%`;7ZNhGholCSYO6SigX9!Kd@)S1#!1m!^CJ?mPBxC8UU3}O{5>vkV
z>ZGs!33ox^pDXCml#9SNc$+-*Rdn9CRzq!v+VIO}RuVe*O?>5tSd!|}efxi%H<73!
z^R{x%Q|aWAzO7hhOL=o^xRj|t@h_Q8@-0`u&6pC98jnHlDGjOfkBA>!l*B0FgsOuv
z6fy^kT_}Y^ox>=FRZge@%|j(VNspu-DzO)tJx#x^9ZGPI;#%CNxDS+ZJZU8ri`<7-
zLrAo4`jdH2ZV;VHBxG;jYh)a@qZQu<+*{>AV>x5;#}fX~qA8DGXSkdOfYfxaf}|p{
zhR-pH>JOx_1zZu&PDaJqr0U>JZFfhKERb4mfL3CsRyetMgE$?P$=Ja*$X-VnXCz6C
z^<!BKZVPi;S&Cj=&NGED6A~kbbcvqRxp2!tG5gcRk>Gp8GgT>7l=IiU&Tw<ju0>T{
z5;q|svE%eawbM~+M7pF5W7hkUOy|}Ip`RsbL?5>b6;dyEoFab8ucBEiohg^NLEgM`
zMW~ML9qH?}HT0@vAinm60d?~o0%|+dfZA|M4X6#q-=_BrvTF{_pF1T<R>?vvJ+T?C
zVrJki8+_|-n!8T^cGx-CVIK4Br5b8pC7&Ivo<$&v1N5<CX963u6w9qSS}8<kxWp6M
zNO|cjqfL<9hukYcoYEnblx)Ie16NTADOJ}L6zCeYhXguk<BT82IY?qQV6S81ZEd5I
z5H50;rRLGZ1otLYVlw8yYw?Y06okR{T2j@Jxi&EAQ(A2E1~&5Ob>_D<TtR=ba3EFD
zcGNb_5@*6F`5e@Olx36Ur>k&Tx(@RI^>F!kJj-q`R8&Kf<M68RaXZCyeL}%@J?_Pw
zm1&cVLOiQ@$n@CR8_(*)UyQ^Jddl*18%df1_1Eo2;tmUVFy#`OpqCtUc1%utM_DyN
z8V+L2Wk+O830N1o#$(C~*jjZ6+F#enKS(^*LpG0HD25P0k4^HnX=psA1E1L>lICT3
zFtoat%93bX%+5}2lK-wKbMqET-(?ZdhRKM)7mj3hq+_&HnjILqbF3GZ5`L3~<(q*G
zJlxQzoHDR+%NEg_od_OEVKD$^7x8!@bo)WA9Xr?>dzj0x7rG5E@q4G+Da2ZIJK`Z=
zb3$e@``s(0o}VbSXQ42HyYaNN+-sDYNnFyKmA^KTGFLf<9*|g~%*B;i`I+i#Z+MZU
z_;HP>9cm+5Ls&+I4Qtg%@kjH<S4lCAX^qAA#=`leOrJSeM}7s(&w>1IN<^1VGM1%4
zK1mI3DZC2DGo9Fm7r>oA-cJlx3EihXN*_rRp00gju%>aH2=H(sz~@dRz$9}3#)b9j
z3GixLOwW}7UqJ&V6JXmZW?uxDotA32_FkjjRf>M;3n>sWvc5oJ^=b$9+k=Cc@Yr)O
z8^KKchnNYN4;uz-;qgk!#&I3=BGFjn9r8(nuR=JucPtN5otq$W&EDvzZE}<|h1c<x
z_;E3X;?0dOZ~Tg&(GCWU7BXopxy;$l9abr4W=rXWGtyFWo3^cywiwEn(Ku3;G~FD-
zIkAa2hr46P>UhAGw;n~z0EAHN*a296xp$I|9lHI8sDs;L#~rcqP{d(fTFMG*oslTR
zK4(jJ7>lDoG9L$&_)b2nQjca5f+XDNuRLU|UTL>nf-PCc;vujn%O!iA4{!E$;o048
zqIjcyHM1`+*+v;VjE5Cl<c^}37)Fk2*nRe5q^bZHpsJv}b<!8ksPKpqZik7Zz}B_z
zD_PaS)lCGK*aXXQQ>^TauwgvHZsg=mi;;*CnFST$AdOxyGA1u-X=yQ;@R{^0#hLEd
zSQy$l;986CCB%Qp-T=e|wqF1OIbcX|bHMnq0K*PKPQI0yV4^7GRMeU40R$cHA@j;J
z6JVIK8WhzDXF3-p#=1Cnqts>n#9ijes5)bWn2~i@B##7O;zHc!gIBSJ1h=+a0IM@H
z<#FK~rTim+lOb##QyJLuLmRHaggFY>%E&{YA{Jy~b%QR&?%FThyMFI9N5_Id$8NKN
z_3MHLacBM!ddc)u4lb|;!mt7WT;BvLVae0h^e#@(CHUSP;#dL({%2h9P)y*DbPBVt
zRZ_~XjX~CQyryMV?Hw2tQ_*EzclICu>{M;x$(=PHj%jD7Q9hpD8=)g{VqqYmf|0$=
zw4nmc^jW;2S>D6fvZW0_nt~n1HO0aQB!d78Y|%l4Dca6w+OIUTEv7X07IPcnK^u$h
zdD9la;v_GzIo#(h`wKXb&8_nu>&V|<tgg6pj#nzinBw=4nSDzz+1T?XA~oG?u|A-G
zENx6^I2nVZhtSAE&!RLy<CL8r&|r)`o!xa3_C(k;KngvF%WVzAInx}MGRSzmirr?A
z#gNHHu^K-#<q*qj+oalXX+B9HX9)pSPpWeDO`MZ-M5c3a*V5!E396zz7O!ktaxC!0
zd#7Cu=qR-11_+`B#4RdFl^xpD_lfQG$D$I>`;eMx)cjhk`Po^M+kdgUof=234vo^E
zyEeHDV!n{vbTFesG(}4Tj&bvdF^pQ>&(1IknnXwhO;t@pHcwDwhch^HC|ap|#?%-E
zdCPJK;aLJ;X?4)Y6poDZ(V3y?AxHJR*fpf_B{GQ~%O_0Sxmo9OEaB?p+*+sM*Q*_v
z*xhO&F61cdm<q`8x$*^pqUC31{T;CG=6ON(%^y$Q-OJQ9JM6W)KS<pr^@Q?>dV7Q;
zFVT?8b{Db*#*n~I_`Ed|C+LrT!;&k~gzP&lK;A+_;Nfj*nH{WUHu8-FKJwjaiU_h+
zmo!rn6JD7rS;p^_IwlJmRwbJ8DhpBCri$!fEQD%vf-t?lw!D^WUSKW%rdsSUsg~~g
zTC_s6KvkQvEIqgEeS7vPG*g=$Ce?Oes!dvYX}yKP=fSrLTsNj6_2iX>#nyrs+TX*}
z0y|7<!LjxIb#Nj<QkugXU*PEefoikEq}ooZuMJF#B4l-JJA&S_X44?QKUKPXZ-7%}
zGjhPGqKkODDz-zd;vZ3tr`kF@)h?B=(}(y}?7DLhV(F;OgItiQwbZ4tK>v{A<;Kxi
z(Uwp-S7gZ)U-P^MNJP?BQ|TRQryZ=FGATHaZ>a+aMuZ@%#{OX?Iw@>4CD%Vvgm9_g
zV9Hfxl=-hIKBvrDSvhsK%9|ch<#wofq<)5bC6VVS@*G8;Eyg@k(_Dp1jrOO}gO<%8
zZM!HZgbefis}UwVds268C){heIaG^d%?psLQz}AdRzwpS4`sF}hV}tZwS!*jdcJqC
zH+1ulX>7DF0tlx??onj$rzteaN+I>#dN``WY?ZWNQpz47eq#j{5jKF{YqXbCR2!#g
zpG<lx|HdiHw^lZ#R+?GE8H#G@%$p1+)5H3nR1dNY!nSs*Wif}*o?bmqU3+dgC7;n6
z2z^DfXa}3c8VF5W;aFKXMT3JT+y)1&hnhY=-$A@1pPcKM7{Sysey4;f!_+^gz8sbu
zh<~gW*g;;*?6i>s@$}RJD6*nIJ7VL?@j>!xFbZP^#s8UV+&2N5-r`W~1gMFtf*q{C
z1`$hBMd3i3G1iMZ49i51bAptOCwRiRP{%C}=ASN{@F|3Hs!ux&`C6Sf<sTk8;X@JL
z`cJocKD}6&VW0je^?2XwHt(?zTfSzi$gSxRjes4-d2Xq=oFOufT8r1&YU8Li8;<qf
zT$_!YD}Hp?GKbCf#N%4RE!ixC>s$NCJtxy0DM(3|;E;ntFgNE7q+Q2blxPgoQj50l
zgUtYWNBrIjNA=ix`kJr?AhmICAZ2JO@2<M4E-&GKwY%*ntGjlv3Ae4#R`Q1Rxui};
z^*N~bVIh~rswfc*7A0xcMRD!SCr<sUWMw6Jv>E+={(v2I>IehEAe(<6MH)<nS3?Tw
zKx51d<@jnB2Bp7#rIf39%qo;o$^#_ESXvd^NGFQbdd|u500cd42!dI7CuEO>ff-x7
zfBgOJ8fK!0%xwB9)W+}triPa5sA6De{8@d?yhr9UP1dFa*b$yr0%D19GJPCzty9T|
zTfw{e0NLe2%t}1#K23>d+QY4qkymsjvrc)Qt(HJwd(k!@NL`knXKf*kr6hQn61hPZ
z^%69)9Ii!CtP@!fkTs;XGtS9=*XsD7-=ZlJddpUT-Eyghw{@j4Oc8Rlf-9s7i@CJ!
zDN2OaNk388IBYzoP2cKsk_dZ>rZ0t?6P$Nqj2ES35mE=F-5ioy;8G(6+PkDcjCd2C
z|1n%J^ohP~U<lF1UJB@pnh+jM788Vj$TC>IFRkQddjoC5mI7^obQPRSe;{zSgOPj*
zyH4_dklHVNZIX#<6iG3GJ;k_*t5+M^V^|=s))WC43(IKW5w@Gy!DH4|8y}~d-%L&2
zxA#uI3iB1Xfre^DR-0bFT1~e@jbYGQ^F^q&R_DDl^IV?}lTS<>n`dp83JeiURtn(X
zUC5-l$aCE;G3HkqkXjC01qWOvFhjf5RZ(g>s3>SWr(9R24n8{_QRkeF{INP?2b%{2
zq03X7Z3?uM;1wz}gwzboG=9Qn&!?J4RgE2L)m&ApM$Eofv_lZ<^=QOZ&%Qa|9JD52
z%lJ9fX9ufK(-Ulttb;e#YBm{}-C+86MR?gc4{O(R@RKEbmg=KpNsMR5!rcb!=cN|)
z@;fDKK+y2CX=;%TZt)vxg&nNgFQ#fuKvXX?N_oCz{#0e!!OHyVRAml4r*{5NwVkb`
zZ7SFSh0?#I5(^6}qei`cmrC3BJRC|HIg?#w%VLj8wnJ^L)M)Y3sVX=ln+Kus(B^TB
z<f+b6*rSF8-cttqo18Ch8*ub%J~u)SNyjN)BX`R^&UG(l$8~Lt8F91qT5`5_?2&wS
z2#BkEPaiTfwcMfj0T(VFv>|w0v=dO=ck0mkArRWoo~G5IXgFCzVTamKT+6+Z4$;tt
z&FJYbbBvJ>3ch}xWm}1)-70MYSv7LalFgc)$@`iNMRd!0YB|8O5j&ScE6H=cQt-V}
z<WXa1F#+;ieo}sB(Cy8n`GJL(&$FAR$$W&?$3*cB8Y+-OE@a$dQ*wItJsZ_#u~FpH
z67gz614n#E?qFEV?$5?R+^$IYTB_UKB#3KM(iP=GSC-is!fRebTc)7Z;^Cw+unO7`
zM&Lf!`bMu^m0r_EkA&f0+vl$Gw(lcrY@2b|;|YZKopDt2C(Nk1dtLq9WiQj**}>3>
zW-Qp;Y1&*K96ZmbP4Zx(rncMLHZCrREkbLZu`-Xno(LM0>)nn7Q>&<HN@QYQN0VWy
z22Yo(O?H?BPuK9k#1C)S9jRgA%`kXy1VZF;A%%@yMhccL&)0~mw=tZFCKM-6ZD(%o
zFB)JH^%yJ9#4WMmZ;+lg8Rz_kW#cLaInwiRSEM&4{>P^0Wi~yz^x-tCEM6?PDaF-;
zec7tYUH0}i-vc4jUX~<Y)>gf;TO5X)>E?KtsQzR2-bd1VO4>aqe392k(*nTR!$;CX
z%Eh@4I9E|$;vJlJ^g<RMyTiJ~6GUWfc?@`E;Zt|?RXf?NEl_1Jb79skDZDeM_@E*w
zY`1r3y~b=ZWhE4XShlyxG&U#)Fd+sP8egkPv_lQB3=8!9frC?`6`d$P29){pk5ff2
z1R39>%Ir{sm>M!ZBGo9WZ{sNb-<CKEjjO?hCwm6nBHk)V>}ga|%cRqI%Zq5(d(<#H
zOx3W{>l$XOsBwkizAUiW5iKNku<DeHu{pKp`sdu9e92d5C4Nlpu|sWEY`NRiT(U=d
z`UeL!H^&JX00fs)^^_~x#Ju_yeI0Lpk;<y8y8KyHZHL-We3yHrALoZUQo+~uS7k2Q
z(t>Gfm<Q<IuQ@bL(37@o8<pv}u-c&2x^aE#hP!Xtz&4<EtpB{d3IMi5`toT<S5j9{
z-imMp0Fz|u>@JjaMl5jklR8Wi9xJ&*`X0sNFGljyb{L%YTNGr6hz~)eydxE}t6n$l
zaV;wpY5r@ku1MP-<@-o&GCs2L?dX#RYg&qX^S&Otw<f;o|9TTc$9T1oIemH|tNM3>
z7(3J;rnagNI^Xd~zN!J0d`*kLG08bJ_T*YH(eAW>wk7)XLfX{PMw{#~Rhv#sZ9?rQ
zop%;yji3y>ip7i-8yg`SO;B?otU=lfY_1x^@Nn+`rpTP40tv#5&4O@CWr3$?B2Fc_
zB9OJq!012gUg+!F<Bfbj2O=eFY>^s4W|+2aSu=q~xDwf<-)Int5e<-)P)1OU;IINE
zB}fNq=6V4*nEYJ@!0Ihhw~)l;jM}Sli3#nk=t9=fP+~SR0+`AqNLR1g4Yh?U1&)=R
z9NFHt^htm}WVm_ApAQauuar1MrOL10Io2y!mCsI)j%A*N{;K$=v`8~&2Sa_z1mtr0
zDX*v_NU91HH<%FKzI|j=Nxft+K~ifxTNT=&1}c_+XbtT$ADPMdhfYf^NpTU~psv=~
zK!V=u*@o1tMSChZjy665SBR!pFov)FzH5fIR}Iz9Bx8gYB$&_dQ6_-%g*yriYS{G<
zAzVMsY6GVJSQOLl%e}LJlfV4{#>wjd7ZSaZX@e0UC$KxVaUvu*V4j^VLM?>>KsGPM
z8}QgQ`W``GI(%}7@pVZ$0Lv$)*ah)ovjjtO8SQ3!aje_xIPK?D5Je_b`@P$sF1h8a
zbZepM@h0@gbF^X2&|OJW)~#^83r~;d{c<l-(T*f|QPsPBkZ*}i*IUKz=96zm?Mb|f
z>|L$Z>D7CPE?B_6c7|%$-D~D2^s{gFcq-U3&Z^-O!Id2*!Ij}gQ-&HD{Ky3k*EtQf
zv2FL=U~XhgQ8TS#-SzjvO={Q->T)5mNzx;Vx?D%aaN9c!i=o+!eSHy1ruVsQq)W!A
zJGS2xacF7Q{#M$7MCXsh_8V-}+$t|WXdge{K(vToyT)gh(qXZYQ!hy%S%LXpA?LE(
zr(`+IIyiZhY=p868X-GOH9|HxLl@Slhd6{KHIjO9dL&bhOYg9UCVgv9`$S`8fGGCo
z#HDItxjfD73u*Nxwb~AQZS^gaS{)A}gV9Oxu$8eL*RhrHpyfJ2+u3DF2@ZOxF2h5b
zIn?~jrnP={hQ&?o51oCR6THF@)fS7+R#(@9+))aeUwcEwHGgF5Ls9JHz?*YqWJ_ij
zj0N&bpb9*IQ%Yn<VFlT$SV8U}caePjJ?)}?wQ3r1im_r>nZJt`PLHm~-75yjxJrT5
zf{beu0oXVBt|tI*;|qg~_(6@a9cn~CCL6b)yku1!P>2$U_r3i^OzGdMIy>xjO8e{U
zlqAhAVR%Feix$Hy*BD(j9H&1Ok3^rpJa$|h+fRr`;t(rc-o<haX^oASaIRbn!37*a
zZq5wdRFMA@+NZwk(Zny`;JD2ZviqHPlhYpO7!U4HY)bCUs8EgkMFmI`Gdc5Q<)S1R
zhoyAaEDh@*IaTvc;GSn$%s-P-Bo~UCQT0e4$_`?t%ofOaF0ODL90?!K@huga`o?+^
z!n`w0_`Wl9<r6L<?34XXjlLbK8yFVlr0Qh9bughvT2su57b=vajJl|}O5WYB$bnyy
zHdA{S-JihVxkFv8A-mNOJJg_V&j2>z>0$#_8G?FOYMv~}hJ{>pY|j`E`%3~2IT09t
zc*nw)8WyX*W5zD!P1wgfZfG|u^~e-OxSf2jkMY~1g%WTIQ+<7iJ(jkkK21}#eMj2k
zMLhQK4Vmh-%qRBrXnRYd6+6$%IV0DlzvekF&zv2s&P&E#;?oLtsLhM{oB8DIkIr~Y
znuhLpK%G(f!E{$DF*igNH^jn~<Ri0%po1rwAWDY|dFYxCJmE~bWaZjjGHRr!<~$Fo
z^xHZbm!d+#m<|F1^9!UXqNT{HWhd@YiUu=}VKb!3BiqnTzM-yz-1i$oz!o@!lG0;p
zQY?}R=wJQVT^jAagnmEH%)Jo)yIX^8huUD<9G^T?<5RYX-%H+@KtN{P<{YOyLyQ9{
z!zU?$M|D>^KlbT9Dz=;z3#Y_vu8vNw6vd5KpJ@j+C0JQT7pCMXOqZ1-lA7pnh?;JP
zNlm{kHQi!ZK;B4n+C^>?C{W!X5t!GWkE*UPK;m^h^>Yujl9qCb@kkf|#f8hIu{7lQ
zf#;I4Nz&JWN&vaopd>rOY9Rv2e(fH6i`d1mrvuanx~_fXpyf%d1Uy0hp4l;G6&Bm)
zflSIEL9X3u#0FW6J;OGsxBd@vZvtLtb=`aWocFx1j$~UNB#%t;z-&u4GgvZ)kbotI
z5(Y~)8Aw2eBqaf4GnC*U8%Wv=HY81(!G<(RZ&Cwo(q=Ge+NNy+G-+}>K<4x&IKxec
ze2}z#+TMKk_y4c`o^vc@W6ZtJ_xXAJ9=+pUd+)W^Uh_)rR6p#_%%<;y4XLC04XZ)C
zR<}uj8w%5Lg-~1aXl;U45nya;w>*hjheB9aX<~e6PK<+Mj98ysABZ(S2q*$|@o)s2
zTLu3Kls?1<t)|<A1T#W&M)RrC#BODYdGJoqG2Fv^4)fyQ*gp4tMK_wu6`x)%$a_}{
zK2tauZo4w(YEx8$Sh#gttP&=|te8n~wl<wESGJU0K_t<McOJLPu041oniCv4hA&nl
zPh^dB$eh(A>D7wQHYkoSDj3<<Wgw}MFi$^c`bzk#*I?S^6j!@qp9mgZ0gL^hCK?BM
zG9%0Nfd$HWZ27zSi)4Xnp(@l0Vk1vsV8bIBEi~>C%0C}9N5NxMu5W^@WV4m31I*C3
zAUolg=PyfNwp!9eb{&Z5``LVq3&n%O4uu{~tN7LXTg6sJPLvEp_20=GW)12W32}Uw
zj4_+wP_p2vCLVQlNh%lqw7Dn=3Av6rkYsMwt3$$VN47bbx{iq6zZE-_93ofq$XqM0
zYzJ&ZUE=4?OI{dl5|;CEo(yk+4%Hv37BBbkh4ekQJF$CNF<lLwvoo0xryJd5^3_<g
zZ>TM^^5PEB$w-E~v42?6#&K>@tkTzS<I-J>mq`5!WxQUc(e=U0(%e^*@%r;LoO2D*
z^D|xvh>Q0(-3>wTxf}e=0>p<VeemAiBoZ%wMNF>Lh|Da}-Q>L4l}}dyeq>o)1nzBA
z9y--qTeQ6N=X)^>;oXAEhbCN2kai@H8gz>sRbA-6Pjs>>iPm+JK1#r<lD4T*Tn#>)
zqjjR_fF`}F!D1^ErNMn%=WVDa{L#KzJ12toBL8v?Cm3Di^L~f&W$9go!E3ux>0vSU
zo2W^pQ*Co~1}q;E(LCAD%o`825qk-5SBQ)fZICoK6X97iJ{?b2Uou@~<=2XpUiPiT
zGd84PN(heeX|GunXH~pPI|?M!-&w~9JTTltbX$mr-%sS>Q1+AeYF>PpY+l~_$|kA=
z*Oz}og=KSi4am5I4I(Y1DB9B0ad(asn>saj=EGpzSD|ckUf#k}8b(6uwZbp<q7BAQ
z+9^d^dsi8a0U>KZFBuw9y|wp8D3Q25@!9CxHZ!mhHc%tQkfu*tN>OyF^nqi?d9|{j
zXSnHKb^5EKdrCTx)<V|`<vW|UNyZarqEz_9%$zE61X-C8kZx|oUBo-dbBzS0uD;9N
z5B}F`FrS-;^Wz>5N1vy}Nz@~8Cj%MSz(K~XI*jWeY^iA*twnJ1C(|rT889g;XB%_5
z35b;wb!f2uQ$MbmE@pACtD$`hy%qSzcAl*Y1!`6kU&~*aBbm%sd?^i-xPOz3Vi9yz
z8gsU;Zb*HlxK(8M^5Sj_+<AA(BF3yb5QT13c5<j9%BV}lLwa9-SqG;-yg={vO=&{C
z7NwGdg^+V$_5qo^Dbc5?l7Hdc?4Rvl*j1OQI?GpQ@2FICz2F9u)ZMi$NIZHRnEBxz
z%UHEAqz}HjiP$vOWtr2?63lMIQB51H73h?*8|<;dL-V|Q6zt?T4%?L!KPS2SHI=4&
zy_a;XQzO~Uq18J$YjVkfH>RuhsHV#YFU;m<^0owei#6F6%lp!<A%~$!@ndpUzxb*e
z@}Wrq6ttEphAk8aznPj0Exi$-x+oQZAkB+BAdDuv%jcvs?W#`W`uh`9YhD;sweJZk
zADU3Pjn7Qzevk4FOQ$9=szbWB$nX)tTTSUs*F(h-KD~oRhtgPga9gdosm2Ty&k95z
z3}SQ74_R7OQ@@*lO&kA)hQ{TtoI;k>o6FRDz~9un+?9sxh4LW9OyKch0z4kKJFZR`
z&oH6<xwHYw<jS8z1>!IP;lpGasNyyI0P%bps6z#!PeAxE84&MzVL+@;({W&bqjCX@
z?g~X3jCXOafN3JJkwb?(ZoJ5^U$MWh`$n12?BHlZ6Sc3?SAA%rlGH?5lMF3=ZA_(D
zHsS8foGjlkY}L=@WWr`0E@w?@YX-L?TKBlf)q<R)nC<GG2*o5oQ)gD12P^&*tc~~R
zpUw+rTqJZ-iq;T&W&&F|^5?dWe*2y3i4V;wFjAQLd>eOdlB~&TIl}huPaVtt2{$8e
zcPOtmK7+$HT;buw&_69$38U<hin0DQxtp+3A5Bk>tUo=-_S2UmTjWRSxo%Emx;sL5
z<}e`3<1y8ldS!k*Cx`2?F7EK<>d}#)D88Im>YGiYynNfPjp5EdqHVCNi@c(8neIKi
zp>PqCMc!u%-hB9Io%Y5l6$5n^If=@wjhY#UrbXl=dXe_(v1KbC&fJPAW(cat@=sZ|
zQUfH7K1DzAVSeP*&qa!zp;S3#xlI^Vl2umk(cata#%sz3?shk{l~9L?92dL~3+ba1
z+BNi{x0P>%%Uf5zNU7p0*W`<SnAgbs&^J7a%#EwS+%CfYrDz;L_`@8K?O;qPfUEG|
zbqoj$Yf(oF)726q-aeW}^$!gW5do@J!E{#6Ko3F4e7zq#txy<p$z7>3@Px_8NlG5B
zZKM&rU1<g0i_AZb{Kv1&+waMzt>cQ4J$2Xdr3*=dJ}QIJUfHOmbc%e>3zqZev;OFU
z<w_+>`jqkFsd`^QbV4yNTHBk~6ou<_4z%SFqM)#U)hUJW1C(@ZkA}Oa!>B6^hE<8&
zY${=X=x?ed9oa^ws{A3+-^N&vNq1M}1$~{Q@jl99!b%P-TV<ZN1i$>NJtFa|(mr81
zNjIpzv*09heQ3Z24JHY{>Vi~BuHd@d2`u!Hm&t6f>ihIr+B)pzq(Db-n{#PClj3QL
zV>s+Qes6X4x~Pya_maW9b2_iA2Fi-Gh-ii+qd8XPQ6_?JVnHHFJK*D`p|p3D0FrcI
zbzjgTrC<Y=Y~0CYRm58n(UKzj^eZ8gGHPV?F33J0v5TH%e0m{Ibd$r3^r@^Zmb>$r
zq4FV9lR&WvkjuQ!w0G)<q{;e`=g9_Zv^DF)+o@C5Ro@Gyk{orFsR3w0!ghwPACv27
zv4gu%Q&|FnnqrR<ay2zdsPgn>K$@>#i7D$f60k#eNd|Rph8;<S{CP;LV065rV@eVA
zXk0_?^(|@$G#{bVTRa&}ZS);UE0x|?jj{+c(v@m#+tIX1a28iKGpVo1(9MHH`D?99
z5oqBjNCg#Q9s3Wm`R0K8!b3VE!<c@W_q1U&?u7_td6{oYDi>;bteM9^F=H0_#Cea*
zfzmHattYG#9Obis#%PY_EAGiprV?M)u|21J==^b&@0P<|hV_pr;4Knzhniu?AFHwa
zMF4Bp#pTzAdhx8dxiaoWvV+=LdTu<mIcwsOMDN2ejDpnP$u5i$8x^?CLGXBK*VX0g
zbP$>{SQeOzi31Wu98$?c!Vy^^CmE=iD`___baLqWCfPpqu&4}!76VFw!ItkZYNB*^
z^9=6N6n^);l+TRU7U`VC+wpU_eug6sjOrSkDU-x<epzG3>xWlX=+_dksP9QOppu}L
ztY&1OAz2Bz4@q1jvM7%j?sQU;jdW)yCPiO&bXzyEn1#6^Uwj2xhLw4KA~&|es~Dfd
zUc`PG*buh&Of52mB0-?BzT~`gF=|PTBRjBaFNcQVn)H{)Wzc1btB>VVH;(2rPvpVZ
znUql~7<+&v6tB(X`;SJ12)n7v@@~@fQ}z$RQy=y4jXC!jwdFl}BFfU2P$fuN>8C>j
zD3+BH0>1^cy-2i11h`LC0U<q_E)^YO3CfBobdZXsWj&~}YbvTlFD0QI2H~Q_9W-$a
zZa^;#My-!QPm|Wl2^t`eQe&v*Xi*G~rJ~TdVdxPs#h3<>3K~@wgM@5}EC}_KLCzQ>
z6TCIO3NR!_$M-^tYue)P^Vm3VR??kQEGqCuYN8X}YUIDqMqMag^-@pfvc9KfmkVTq
z8K_Pz&5#mY;13Ap?!X(Gk-%GafB-bgT<oro3%Snm5-_t$D%83H=04|vB@?bzDqF0S
z85%~>G*nF{vN(PClsbvJx+>1-Pn?zAmtVeyAy#G-n`CA35Nk#KmhS;v$UJNwCE9CK
zF{^}DQ4jKjPe)BmDWBna16#NWSEi;=Tn^<6$ryds&^nDh6k57W=VaR9u_pS$>nkUM
zpx9Ae+EwqXE{;t`fr*{PYO)BZQiKpGh$a1xOy6@K%{#T1MNTQvVgYeDzbq|tq(Q@t
zE!KDXFA8qZdr9n(m9QzMYh2~nCPWoo&|<Bg5vLb>)T{aeLWJ)Wrs>gN)~#QvE}!pB
zR*S~lIuPkG%D0HD0GO}NOnn*QnwExeLd1mf=&4JdnHXW(i_XQ!svX`Kcp3=xPL1j-
zX9^u_7s29f;R+j3{p+6Jn5bs@ccy^*CWeK&qU4Ksmc(~dd_y$AvkFjZRI{w0!nrUO
zBwl<0gPhCBdpqCONNYuBF4kIS!KnvuAZhsG94e~IP!0Xa%nS}`tg3P)_A4*fS)m~-
zM;B!*>5k(ZE$r0c`c}jq24H924cdr&-z{{qFU8(!BQ&}1#>9F*Y*9m!KwexbM<CM2
z{;Ga^De~j$6EpYn5pm$<ziy?3VpD#j#yO)Ikr8~+%QSNy@?RvrLs_rt|0@vfBmjjo
z=9rNY^EiH0755nbsuQv02-{UUiRA~HAqS{jxE3qBTeA^uyvnPY?e#P>4%ZJGKtspM
z7Au=|QjwGoK@StZ36+l(s6|s}1JAdKsAJv`otnB<jlV)9HD651+>v1Bu1z-W(MDcU
zv&_A5Sqr^>lK;+%%RNyw<O-p$_EMWPsc+-{#aVAIw~bn{+(&JAQ8|DFpNmZ4+I9!(
ziRlO4f(@sBL83WhjZ~k)6SACW94TOL#&%WQq-cgN;vg!tsmxOxGGrTQj$}{1AfKj!
zvLOXbO`CWQt<ex4xr$p+0H+2Adt`xcc3xCZ7Zg-AV{kN}<*JH}EoBPT#6mnf_@X?n
zrYjQs?il}6d{awp*K>R5EAh!@@7%4Fi_{Bsx4)b^!A92XK`OID52)X>Gj!KQl@d`J
zA<Y4ZT%2y;MSR=H%qk!eRW#{TDr|%IyoUQ_`JAnKYGo8Mzr+uT6o+V|*gCNw?qh*G
zH51-KRES#1>^-wAZ>={{s{66k+HD51jrmN&r`iEx5z0Ov?%85F`S&;T4hl}rgQu7d
z4~$IWuTxVg$P#NnkNp@kIG@OhN766xhL*j=j?}N<27W0#;Dr(ybyX}{{6WhOb&;P5
zIydT@!Jb}+5L_#MPMYi);4+$)d?|a@j15ly+sBfmw()UX?bB82FZ1UKe7$Bw9#NgC
zO(l=ET3yAkp8e>K{&BqXe;bO^S!8?ffH-yMi+B^&MLX0LA#o{Z^Pxb5bHimK2Cy-c
z>spewv^wP2*4yNmyq1o^F=U5_Tmc8X*d5y$j2h3LqVvQOM#kXSx-<(LJo*6fqdNc$
z>PQV&svfCv7%4Jy4Jxg|^kTHN<@ZL*SErVHf=5JRF)<kTwhQ`uEct}NiDcDjyhUhM
z2K8YhQ64q30!Y{ES#g?V5~NMND(}3R8!KoYQkK2C4ogJ87fZcUc}yE6<#aWmT1rBu
zl7lJNV#&zP*sf>p(QD(Q;HEyaDJlYj?;Y6%M1o|e6Q`)Z+Oji9iz=6jO@to;dxgbs
zRyYZ?G~@<+?`fV3hauQi+55CAsdmQS;<INB;1r?^uX4Q>hyn@siq8{HSj)aJWsGk_
zV&Oxv0bgJjP|J2aw=061v=l{zVfETpnVnSjLvbq^9~SR{oUn)=gt<QbQ1DGZk;0ub
zd7t3Juu4DatT))w(flP`EQ;+udTgh=PO*rSmnDj$RD6nBf!QByd2(zV-acai7THPT
z1a~fjocD|DQ{tVfppisX)>!RFY*kV`uqW8+$sZ5bM~cs%L8ic`>YMh$mQ=Gpy0g;U
ztE$<bGn=ABrQd{7OI{O9|8>F8vjqaKMmI#XFU7e%a7wZ5E<cK;ELfCnAv_?$1V-|H
zMJzKSdP;67^V&UIkh9o4|7(iEg;@*?0lWg+zw&%$!^7nS?qF{y>PK-=Gt-^dmdR+M
z^%}&B8e{8mV-0fmxHn4ehT3-FLY4~p!CVXglatPt#F_ZiS`?DwM;n)xhDd(?_ddb8
zm7UmIom1Mmp1M8pF29*GW}ukV-=I?ECa`*%JiW%4Dtrj9WWqXz6*UC;V8G`99#;Hy
z`hN8;716A&A`^-{a6=|?nBBcJS}7jms1;Uj<5~+fOq22BvvtXsDh-VG62GCD?}J%H
zE?bsQFHvJ|-f;#uh8QqH7DzhF?kkyZss?|XrDgWnD)S>eSdzVga_m_*BL&e%d=?k8
z(P)J$Mu-gv7Z0Jvh8XS2=h*#Oltsx}>x(@LQ-^e2%)F=!^C}K2JT?Sy#j>czuIp+0
z-uxPhd->j6wLf)#!@%9D?r#`c>hF`P--pRm{kFSE%O3{dp*zwPV!%x{?ODX;E0ZdV
z2YH<=>>S0uMwLvuTM&2_8?+crs2Vpf1RssSji<tsdcqSD<YY9M&r4J(Crm)vIl4Y5
zH;$%${K*omB}ObO`FHl`i_XqZA0N#ZQIM69Q;>>&07kqWfcT;gnB#q=dfGyxgMbu4
z*f&MY2Gc}YM9r1&vb%Q~Wbi`Gj=!&A_hB+)+l_CIac(#pwGZ^$T&+3OY+ts&*+%A@
zGG(G!&Ax1Hf2k&Y*zZi+XmZzc8uuFQ+#o|0sx9W$Bb;}h4K+o^F!FoT5oKj0;YD=x
z<P`(O&aIlk5sVBxThS6b(|>CBNiNzw{jKx)Y=R)0U7{K8a|3(w_IKxPm-9;f^DzY@
zo`SasJsFcV{7!1{vI&1Lz1Qe9Fu(RqjfW2&4_oRy0O#Bpqd#9b&UV&YQm~h#8!Zt(
z)qybufApt$Ik3sFgrVUvT>PhC@S!;;HM~u-={gvim#0SMI~+8#`iM=2kE|mNKO?!m
z*rC*}8cPZdh!C;r<YzyNil~b;3CM#*7p10@hST5tTG^2~9$@f!dwGjN^uKIjdFx5t
znt`3`8|7QLxaYc9aIx|Hl5|lP{Km!O%a3S~+;rnsZ|kkAx%~WdcszrmIb6Yi<8*DY
zJac^T_{lsOqxRhdtApC;pV~i*yK3Zg8k-bRGA*965jT*Xtp<E>1Mb2P%5iYuSC@3Y
zGi*7mz`JW(lnO?25K5Dy_0w;zRu&TPq|DIiTn@2W^J6nrux;V0%hHj~DY&byo%yjS
z+UlWE*6zzt9;@%N@8~pprmU_U-{t$-hLZ(Ge?_4W>MLuNqMi`zE9;W<s!~u|%Yhz~
z(@IjWm|;YNwy5-D{Pi?NFJ$yC)9Cro9KAPfiPa@f9QHmn*~_7<Vk={ABtEv3l?r_%
zn*>=JQ<lWL4gs2tg2sm?G`m`%2{Tj38;nY*zmhW@qb2PVDahK%{~GzU{v!dghTlmM
z%9N)>D4Ey;Ywr*sJ{S<y><p~^lLSq8zU(6XmxibGeohLm2;xAKCLRZ`YCQv3=R$nf
z0QE~D%8R*#&UU4K5RmlKA7_*iii@Jf+Q;T?*M2<@C%=(=-ck7+{^-l+tSY;>@0yKB
z$F!WTKj<lF(A@0Z>bVbEs#Sk|{#%*|0il}J6E1`!`Kf?c*%%&ZC#JP~a6{cB5dTdL
z`rx5%5{Tncs}VO9Duv3j9{Kr)j;hq=r+6c;2QAA}%)=m-c`Xf+ePL}VaahTbjc)eN
zeBMC5gp%1G1ev3hAd?tM+eW1$pHeZJ>8Omw&2$#^E76FUN)+QfA==^TUKz%ObPAoY
z{)mCHILY$3(4@IcBHFt@%ygbEVWu&%`X?GDA3P<0)H)@$9+XD(r2L?sz2F|?Q1wA%
zY{&|Sv^K6e1nl@*LE%FaJHFBiim?M%1+fub;fq!}@Ew=|Q%{8y+CALk{6}ib2e+l&
z-=3VY5WkgLZ7^Wi`?X?%WqH)QEIK?gxK>fB08EdwxsLSr1iHRA_5S(Mbswl||0$?^
zFjT_X0I2h>2^?YPqXtMaYZdqD*!Ihqn~_H?n{=$_-ewu}Sx9}u0h+n_7q|;{%?2zV
znw0ap1W_y?RSp&^HibqZwv>21!V&8x6rOZMUlKfF?ZaA@B+<u`F-q%9TT|fm%22NB
zVpJuI_>jtgng53m8pj&*o*k>M_|WXiCsS7>mmzP2&ph-~I-FRwr0E3&>DWS>5|`7O
zBqUbw5qztk?Qu4yzqKj?Y0|3LanN`nh=m)mWAqDZA108opOv7O^4M%PY>a2PVlU76
zTkT7$tG&!|N01CL=QZmfMm>x#sT~^gb*X^zVFFNd#sgVX{lSnH+DXBAMc#h4c-QPS
zq<!T3`g?7%$lF~nzHd$#cuECpviBGxQ1A<C)Va(2i;IVT`$MrZYJ*D+J#IWDA-T2_
zne^W*MI)2Ss3)<Guqh1T;FlC4(s4~itH`RB{+m(?T;K+{j6#Hcv{aXcGtaEN1KrRt
z*6&wI9K}chj;L0wB=wdy{Pj@sP4aa#8VCNmEKCBGs(+Z}tHtkIFMxHK?{@xi9>sgC
z-=Qxbj6x@?=K#b4)Pako?Yf-JiHh}dFX)udlD-D7c;p5;R9}U$AiC-P=f&P&GjRu)
ziiZ|M0M@G%v_?mzpfw;mQ6N^I|3dkwRnm@x(Ux^%e`dIe5_%IxBmc!9`d2uH%UyPo
zDNsaM?g_ms-}bpS515w~{9qaO(Y$MKsK2mn1+N+wJg5sM@z|`TD*!6=&)G+|NP(CA
z4azVSI#NJdYYK>!;<VjSbi(`E=(dEIc8gPN#>}3)PPm>H>irsLsTgck55fa;1Wf3o
zC8uf_JtK`jr^9n~QePgjp;6xGFpFNC3D^{l;{Wlyv4pB_{fM`GLcaFRuY|0Iwwh1;
zYkcAq)RHo69Df16JgfRBB{7g6xmJJkb~t$Hccv__J)pxee7|QfKN=6J6yk9&Eod(&
z{qf`T|5ZYGp?b2s<qIe9EIRw162ftDn_L5q_M==hCi@p&#%IfYTd2PV)tC5-<;xqf
z6Du{O#H$1I9P1$(!E?Mp<iiIf#y8%b_P4ICfuX*QeTxP*_6-az>Ko`=)ECUQR30zn
z^PBW}ANc%(>GR!P0|To!4vdT}>RU8q;`f#p_}MM`tPgzli;d3??YeMiMc;~nk%1LM
z{2v&K-=U!qUE$xz$jJJE#Wc++-CEq&H^4&!4g)w(j?IkRfwejxpyl&{whU77D7M`%
zczkexiepn8rE;x!2NC9!_4}TL`duJLS^Fl`Z>TaASCYL>Xk6?rRz?H}$`@f$7@5E|
z7J@dwrfTo6STMce7z8ecK3U3#>qJEK#Ugtxn(OXjG(M>{N(KSxnnk8z7=4V8<0_7D
zHgaiq!i|!4PBT;_YD~d0N;*!sOg6QrctpV~b5WXiTtg5`bv2=qGP_7qEUG=?eAipS
zW!9x*UwCS6_Om-#=Zyr`1KapWEk8$TA$7apzQFD3+N=TKGxN;vMSN=N(90FNQ;Zd7
z`w=>Hf;&Xria9L`$^LuOV4r3PL`m5y5b52c*XrW^{y>q<S3{c&uU)4bu{r{{jMcf&
zkVdSIA#IJ-VGSM?IS0OwaCr^C`<F*s@hG^9PY8#6F#0GzP;i}_Q$NbMb-<sQ^(jiV
zq9W5eTR|~yow~@hDp)IOwW5O7gpd}pxoAYYx>mTq6^gWa*_j+~FNaB$BV24sYMSk-
z7wh)d3v0B?UWiXBo!DbVd|AEmVY~PzEdl3*cR7p5i0{_llUkP|0$>+(3ep_{6Mek$
z)hr%kT7ybRg4GILvp<+D=?kWP`L-Vm79Y$aDK;!d_TkjHlX)oQ#~|$~2gJ!d917&?
zUo5XTLxi5@Q-bKg;fsQ(q!;RgM=1ZLpz=W>OEE$cfPzx|P1%?;f`rNu<7E!!!+wRJ
zF~kxG{Xw|oU|Ww<e8XhsvultRGW>d4<YC^r$!B5jQ%O=W3KZqq_aUlV>#}%*inucU
z!m;U^OpyL9?PcY&0zm6bT!l72KRvPa#=~|i;ai4Y+#yjIA|OZRmCaZW`B`7Bm9z3|
zZ%wN?GL*>Y<_P%fb@>syN_IiN>-UOWY|3Z!Q3XLJ94YW*9+qSra$4H*)gN|nk-MO%
zLtq^GJxFVeVx_MK3y1Z!BMI{ktad9g&-0rtM2}hV!B}S$`hQX<QUF|JiTM+z|KQR3
zTu>wkM!y>H!40TbOrSNu`kz}--)#$uT0RZ!^Uo6~rYd5pw571<n)>PTGp-8|rgsT4
zlRp!QYh)wZ|1+V?7H7EsXL`74BE&N;-_?ZYmn8-q<7fB|Gl?A$4AR6dfoaq1!80+D
zOB8v~teND|Z*-{7ABawG+)sy2^)vb~#RtXjP2O*E3<IyiyK!yV|6_j^0Xa5X3QhO-
zxi7_Y8pk8_-2R69%kiB2Eb&U(|8sxSZ1=DOJ@@r^E;)|vAHMI#b72*2&d)Z6_TW*t
zVR@;o7YfHgXl<6sQ+34KVznEEMeQm#qZL%NB$YlR1=Wu9yUSw~kw7YqC^%loI=xLW
z_|ROZL#@pVVNXKZ()jJAQKGV;ZGogoqwr@3-EKphkUgMweb9y!TG$dp=d{Ef-IQQS
z5v;L%!uy#ef=(xGTX&Yvxt=oUN(z;&Adp5cYzl0oCU%>2#Cuyms(#elV{YKb5D*QX
zQYcT#xYU7oO1b5i8=5+F2iF@L+srShV?KE6H%HtI+14PN35XbNhipsDmLHav6)RLB
zp-o$1?qFUc#ICY;KNde3!l$*Z$yQUk5#xMBx8&j3nwjd;<=Y*VmXZBTd3ByXDej|@
z#+~8Ix`WYu!}b(0UCH3ui$zR+IH#1-T~WMD9%st&M7R=6God@MvR#oqwb+^X?sjpR
z@}MPZNLx!Y_PFiW)7ECoxmoi(^7F+v3DRH82fH(6-$FKEzsg=7asl34x1sA=VAl1Q
zTAc8C_<%?pCP4jNmE8n%JFHwRv%|`3Dcn3=H?tiXJjv(S!WUj%Lgk!aZeMhhka^fl
z16dA0P--~0rOzaMn^$Z%M89Z2)WS#K*TP3n2E?373lsm55(+W#F-L3NOEI`bc5=+o
zMdL9?MRrO>3Wd&m?#0ZL3Q-d@VKx9qHS|Nw5$+MvLunmJdm%YHoJ*{i(gayeFozO&
z1$A6rR@~#s{FKwV7f+XhnJBfEmiY&TiQSf0U;X1(B-U)>$X5HP&;qlUO>-t5BK}fo
zrdOcM>17y@nzG;CqAZ_B<4-pQr!u~Hw6vD!K!7qFx&)?Zo_^&`sFYNlbnNi8iri9G
z8DZOY19-hTd_<yu1U?>?z*BmpZuOijDv_i)CA7b&$fz+3vQ)DVZ0Y5}96gDUr<y%`
z=V-riiQC{+WH6o#ixA~p&f$MT(??$Ak#HU>+#Ka+R?4jsJr`h0loo_2B+k;Gib+F*
zCsX-8BYW#TMmIc)gv?3P)AjYTr|%R+__7f+a_$#9wL;kX)Zdw)Y?*mMZ<o@X#LNA3
zLa^eXtskbwkY_t-!~|1gWNAG6p7c4oYhK$fK`nLl-u3phsJ~!>l{on8Og+>);T){8
zrjAMgchc={N*6rnP8Hdo@)G(^JiLXgc6F3UJ>&uSGb@t1b``UPIicmt{+Kt+qc;Kk
z(@6kyZ#+wXg21f-`8&6*Opr4_3v?STBNo~3Rw~uba&KvSN9xSqMrW){?#Y*)J(w>*
zNe~H$Os5x=Pd?%&O;o=Y@P<^EJ;V+1OP=Y-C)t{6u&?~Ur<xylJU&2Y7Z(}vu6(sh
ziLSv!n2*dp$+N8=Ij8){Klvlx3};#04Yb7%?ar3t15?R1jpegm%`bZJS+CX(-zWNk
zk^@IFYCrP;3TFOtlfQB2C@|#Nzd2~^v+mrz0UJFM()}y##q8n@iRzqwqM?pezyvb-
zgz7EP&s{nclCB)J)jd+&!gN%#58p|(pH(!IW#6n&5$@4PJxdRyW^|*-zU{g5!+!GH
zmErVqSyzvTz6C5Ic!d1g{2=}`@`T{r8M0SdA~_*)@k79=j4USvw9Ec+^4t!4%p*oZ
zoGa(7%k!I!mB;Y4qt42g-IC9~H9zKbyivJKUemcIR^%wHp~=<`hHDqzp&(etav||n
z=mBb2%-9;K_UyJNNk)RU9GA%xh?~&0F`N*21d5$q<}0&V1V4~LrTtwrvdJyjFYRK1
zDvBagf@nI*_0amu0a5%mmWDRM+6V&_Nqx10Be)=9nrFB6K7^JbdzlpM*?{a1{=(yy
zVl$E*!x7{5q$rBm^wo^&x>EvN4XArc{v%mpVSP<L^&+$}gbNU-0-F$dHbvz$5Bik~
zH=l+ae^I{hGGC#rOg{TY{aK1w;m+LD@Zkx-+X5!0Vw;0^>%T^vr<03qa+m7ALR@iN
zz<H4uuv}D&OF(t6Hu*9J-@Ged%H5etUjK?>4>1Yt=*X+X^h;jiRVq_^#1F%r68*Ul
z0=;4@{SLXQde;1yKj6}?1;TX@W659BhvZU8cXT2$r|B_?zj$QF`gtDOvSKT5jgA??
zAAU29muYanTCEHQM*qQ^ha&^qSF627@jrO;U@Ei0yFAw<q91)T{pjA1DCpmF3#{{&
z_gOEVNp^vv9vS;5Yy^x=O2MOU{r9S=boSvlLmxz>_ibWBUj2qgqE`I&fm^G$Y7im4
z`)2z|P0=4k=F=`7<r=vjPr<mYGu}ddzS%2PhaEbQpHM$61^w`rd1KTYS(*3ztx2gd
z;y9+y!m*3je>K08^7_tCQS$myr<Llx2A^O5uK0W(%;Jl&pQz%KWD}_=ZoMyd5N!D>
zqtum=l&{+TBTrV&c0z3;TsX3MIMC-6qOmU_cO@|qqF4ytB3(!-Njq_@M1z9@ej?zF
z+A8(`5b!=&>T4?N1+r6Wgh1j=?aveN^CfvmutE~8e9-wrB`RxO_26kNQ{RBs9{Dx3
z+O2X9cC%ayqDWHC2iu7cr}7xoHxl|FPEP5YD9@y{q(ffS=M#M;p`7eM-P?6Me`juu
z+;D!rX4-~9p$S2(T`H#p)#NEgs^6-!Qe}FmYTSk043iI*<tCeBkI=REH>TH2I!P@`
zHLl~C0Wa;(_om5{<I<#<w~v(BI)VF0neD3tnGgHLK1-CE&o;wIgZ?+KMFhMf!Cg8a
z$s4}PIvv^TC9R#h!W2}Bx94rA;tO?wDgLS2oh~leo&D6Qdg_muv+(>lq7b*xoqfZ?
zkN4+~Zs`#+)Gb+@M1&br8Zvn!t~vSgwBk+sNQA^I4=eF#<NLT<_rE)_WRU<4d>Sjc
zwX&mO`S+eixl>tp!58tfwGr3+J2H!Pbl@a42P6XRS7;i1*e`-eoG+S`;3XyC(_3Zn
z2F$Zsubx*vi|Cw${s{Zp?TI14g(=XU9SU%{FycDttL)4~GlbRB(|<$xt)uiU^KP#e
z4N_qXIJd)ttGp&j`$g6h{E40a;KNJHTD1sjKU>V==0X~HF#*%A%V+)_SNg<{Xg@>`
zfJw=b&_p2|u85GK*jbN3zR@d0&Kx5|y0E0oNe^Ra|Eq-d3_%;<zN`gYsV6U?)(HKm
zW<!Y+E;62$^jp0Z+}s8nBl*$U?XX)Om~-t{4_9cnF(3%5;^S$vNarG5BaSi3WfM4y
z(}(#MBxPqyDWiMdlhE%g!t#Lc6P7^Jcs{}P`t|rm8^TX*X@E#IHH#1S7O4<#m(>Rd
z9S#APXh0k+p@H4!Fkm;riFD-)R^_u+=L<+}_@JEDodrdVwW3fp(ge}sA~E#nR>F1U
zWeEv{5X#pEwU$nyz;U@_PrfGpx_K<Fk=M9!Dg2ulz--3w=%79Lt_Cf&)2!ilQew4_
z#i_A1);4KX_~6||$RDctt9~<v&3etWW|t(2c;Kpzt;<jimHTm++kQ(8`p~3?-pRDF
z<;}(S+LrdUv(Cti`!(ODNb?_5mWtyC^F{snY1BS$60t(%>lPLGc)(kTIl0KI4jey`
zU0aiI;&^`KrhLIT_qJ~Jo3^^Tf-=0!TCJ|GsNH^%H+?Q50ceLL+Dj(cZq@69zfu(i
zZk}fy6Qp-eS{A>1&~qXCyf%(7ll-ZM#)sz6c!~X_Wh_*TApsLn?4{PE{9VRcMl?|`
zh#HqYm10lPlVx-B_Mv>ynZt|n$_8sv&rdUY@&3@p0V3s$mYP(9Tl`Sq`e1M;C{7Ld
z;qPrhqT?AsX-rz+*P?L_o2^~W+I0drukdIAuRmSTM}J6hQM=xEkzVc8TEiBa^e^6^
z#J%jWZsoTnO3TAAFJ?+XB*oC!D9P^Mg)o|OS880kcp3#{WVF;nDzGhW5;s@Vc&R~}
zEbXN$5V@9W$?IKx(6g=?Z?3@hISiu@6IS4Fv<_Zcf%l|F4wXw<rpA2O?<VMpyDzmZ
zhgK$IL6b{THBRLX`}B*1<Yj`yhXX_Mf!0xw70K2O74>QX3f{YwQHk9`*tXGvwK!Y`
zu-s(NNJxL{{*b=G*lDIp@^vnM-@qG<nVa@Hb-@SE+_gLq)#Odje#*18Psn2GsJJaW
z9A&O$LkQFPpQXNq!6b6XPtT{{mRByzr?Y3Co-aQ-{q0^q;oX=&OSSM?6c#UGRp4y5
zRzKS5FRVXq%QDGSW}B759nD)zwkbq2JYssC3W%71L4=sg7@14;W?w$Iy!C8`K8YG?
z(?i}<ZQuOpi=6iRG-f^=c-lYyTTRNLxrS3{vgtFF3&}Z%f~AqlBUA<sT?(cAYZ9cr
z{7$+f+NWKl&E%~5NkQg=SHM?G09ttPucd1-UoJCnS>jCJyuVf&xKz^mR(xvU()7Po
z>ppl~>{v6I3?mjb|E_S!rYIYrzC_z0I6PGXIJ1>E{d#%Trf-dA_IguDC@J)BcJPxo
zkpC=%Txyx22D*}Lf8KYiFPGL4!S+~w$wfSSWnR51FU|mC)-deM%o<p@FK@kjo0Ln4
zbY0`75FSQA^S@S6=Az$@xlQ#igU9N^-}gpft7hw-1g=VU{Pw)-7U|#W0|psWj)=NI
zEU+&v)b_TSYgxy5QSTbr^uuR=ZX$qV>2~NiItx2rb!~E|`c;IN+%b5|7W0+pPPvCR
zDgR%#@i88+X0H|J(2=dg%v9VqQlDdrF<(nSY?;&6__>#A+waU)X%%jC<P^IK?di$v
z901ZEp=js9U|_R;J>omrd6tTc_5QLpGs_7APoAteu4r+Gp73I8<D{H4Te!lxj-+n$
z>2e+yLu5`8J+M#J!wi01YCO`FOxG;EE~(r78a)xHS%GR)zjC@&i@x|7pU{WmWOin2
z*&p3-m34+8&A?IVk)eIRK_s+aT$f(2lh%Mgow&unsUCM~5^C({<8cT~v2x^d56L*b
zL&dmMtLS8Cq}bU52S~Q^CBc*YLd(d92|P(N&+?V;5A0hYX@xdt=F=B5*W}V-$lAp+
zV)z7$`<iCYJJKuRUjjCEXTdYds!@SuY~uU2@=^Ou@@N-sE8TT6XYgoFHAC|*%<>`)
zjBTf2Mt63fd6rQ8<<psgeY0;%AGcpNM9VWkxQMl;VLLF*`z3=EG;iiyhRX-MQ=dqn
zSLSw&^bLf8=#?+<gGcIvKJdYBr4P>SlK1KWzN|w-1AY8k6i1KR`_fEbOiPoJX>*`w
z^W9bg8nfM})_m}6H;JZP5@U<){y?HNi#4W9_pE#x-XJ&U(@>0Y?DKjV?`EdvWWzio
zZ_WFI$Sfr(hPVdJRB|grwdXS(dIHJgQcZg2T8|EPOAki{lfVrn2=>6ilp`<udug{3
z&EDYWwd|!(BTuce8L^a)92RZK9%%@y*wOzQd!Z=SC#b(2l`w0W-E8D`=PyV~g0#I+
zqP*Y#y?DP-avU4Ne@E<9LYErhK(mW%gI0Y;Rd6#(>ys!`I%yx+O=Sb~u!4E?tYnvI
zR(yDau6Yc;l*XVDAXQx?caVeg#?j|B`Pw<%MD0d3;e+SA>4Ex{mUfuZD1f3xssvhG
zs7_wG_dN;C59}RT!clUCh9%!7SbUfa|Gt+1LRb-w&2@}=X*^&TrVc{;Vgoj(StR^=
zu3u&Hvnv7i{Nvvkob0^<$OnzfzV15n(;{f8OZkfuJxz7ILfRIA3!$#cNkl=Ar?L!(
z##oGE;--T{+?zmL!|$XE*qVoO>>6O!J}xkQm@tRSKNw3k$sUb4q{Ppy49u$iPva*K
z5tK&-iVqV&IX8i#VY3p#ZFly7QPZ%u_6ISizz#Djk^rsOPt(la+~p<OQm??PjQU%w
zGWM7l!S5U**k2LYK1=}nH7#IkLIobCKS{h^3b)xvd@0E`%uHe6D9HvI%0_33(<b&N
zr3~7vu6RRpM^!%pwyJBdnsEj6$9=PXmO5B~6dy?)Je1}2Kh#MdCR<*gYQdGDT+6Ad
z>i%YgxkQgaoMA8iA|u&U7(xdi^Q!~Q>~aPrW}=iCUdVF$Hv#BFbGiL(D_Gid+K1}>
zXtcLlS9d6_bk3s{ADXTFuLHJn--{UZMQY85$p-z{o%=3ORbg(7^o@-rI<qJ3PVLGe
zm`1pgw)+FC5KC&IO+^$#6t^KOwVfg8d@ytpgffjvO#)LcX(%jt{RvKSdZue#51FpD
zQ<{v8ukFsk-aRI3ZOo7o0`8l@Wrfg)Y&G3oPZ&|A+Y$&})MDwlf;S^+ToRMTL{IoY
zu3Td#4AR&lq!WlL=lwUnparka$F_H&I_^VrTD-k}al(vX8tP7hPi2<btV3<`YBlM@
zgeL#`d7FGO2)J3z`p|6FQ|#_OIic+rf`ET@&|`lCPd3N?9fHV*_w!c-K^T~ywg6*+
z0!{UgaK(v@Qn<1Vl#%y0snIzLGYwKtAd<bY(883_&5BpeZnkeI;fs2hc*m3ZA*SC)
z(s3-yE9Z>&yr_BoeRao&<^a1pYj^Ftxc|?g(qE`aA0{+;>HoDRzo905n9$_N^EUZ6
z2~S?m@1$&v!-`5mRT8KMdsF<An)adDv`AA;XdLOWu1-LRyRal0`<5I~yi<1<*&Bjs
z?N-oKclL&zJW(ZMSgPUI?HD{lO{27FBfA-y;Z1e0c$CJ#$~JF3zma;iW`Dif53^R8
zuTjv!y-^>+O!Tpqfi#V6A2I_`r0utKESh}3l>@ir)k9$n<_H=engiS<5npP;HBZBu
z$=AH(yMNV8PBrT)<)?NOVv<Mh*9LOX@MyAEl*BndPVo5993tz0y{x|7GS?oboE&JZ
zXDOE~QmXD%#6nRyQ8z?C`V2bGWdZs$Qsjq!-?Z>;MXZ6Nl&7sjl7pf|<YkmufKAi4
zw9Pr7UHY_$R~8o^T;E1Ff{7~{!J>6jRFv%Oe~fY-Qe1HDMq%RIDB&eGl1n!Sa!wyi
zWg!Ji%O}}(J>Wc9mZ<D6epr6b!I^VG{qmVoK1*M-QX}P{c+){+t=3^<4c1m^N_?<_
zzKOMOc_4_KR-R@9sdr=lxHz=?NSy05VF$lq?%U=iYSV`aZGIxPS&G1JbC7HxunlY7
z<i}pbYPed>`Y_pQ_)cmYDKzQ4@(c5+4=9~8N?cE@q`&SI%38RVClvuSo8F*=jJPx=
zp+(ue9(fVK-XdUqm<-rC4>orolf_)XK9RRw3lL|^oGXBfj3Na<+yGf&vY0Rq0J6MC
zw7S>uJ1I$T5Wjt=^j!ki2T$p>;8+m9%M+v;)*ya;+eJoRj5^_W)R+&Gjm<SJW8-Oi
z4(lD_Pc@s-q-{;^d*dOFz-I)M4--b<js#D+kn;Av-d?93Jk+MXs-}FH(A3-a+ti`X
z>krkG4-=aDz<%cSaAsZzbYNX&$rDImY0#qLKh&5Ho>v)eNN=3@fzVa%PR&NXz?5U^
z8nAkUr@BF*q54eev?aT_T+KQg<QLIP*xw<FFEhgHH~GCAyt2uXK9=1yOnyZ~5?t@%
z;&2dnl>Juw4Ya0J{Ld1c!+2I|%NhCfi}ETi!cYy4Hv`$T$s=f&xr?_QG<u!iIySY=
z1&oak9-AheKK(;YQsBPGf>rL~(vpQTXns@D+}Myb#}5&hqXmo)6M(re0mEvyDi6;X
zgTi#&>Yea7iU?`9#8Dh5LV;IuIBS6Bz%*yyAvse}_%H#AS3d8MloViIlL9nH<&d{E
z!E=cYUMtNh+S~$9V=EnN-PR7Z$=9egA0{;U;pa9vFuG5ZrJKa*`x|wqZrnlxqV%D*
z-lXPyaC7F`{wB3lIzi>#<B_h3x(lo_5;nEQ?$Mb4p#^MYCwK=}L^56oB=-vvADWQ-
ztQ8WO3CP-%<BO)Xj`XMk5^|=ltZtg35;Rj%I3^2Rd(%zHVEsC7Pl}NCr~UzVg^(Ja
zbNRmytK0Dr0qBE~)5aHpnho)BhfL;8Z!W24LLc+X)Q2#md28><r>=&KI7n1HhW2l^
z^~9T+lHs})seoAe@E~$e=GWAK*cX=IQ(kl(u$z2GM!YHpQw3|ylLaMW6z1X+g&RbK
z*$1ub3jx~myzzH}&Sb~(w$e`kqV&DUUl@qHpUmgOt>2OtZ{mZ_P8(1TbcfguH_Z5B
zS(UV<1ex-;peCN+N0#?Zy5y^bl=!?X_j9E)rSOuTmG$;yLID+6!k-FTrheR6>Cdj-
zRI|}A|3eA$-`THGP#a`uPy4aSJEDtdJvIg0IggHzm!d)jZEX^=GPV4c3Doe;BH+(a
zT-3dg&$iRS$>V#dn@Y@nGs+&=>1u0)=cKaJROchay$hJ<f02R#&_$)!N9EzfzcNcl
zlM$G*cx{gNx!l&IlGU$#C1+lk&-%E}!q4)dD8V3SR=LkEp%TERe96r!=frT$lwIN@
z$@ycmKOf@HXl`F;-oPo;={ZO}rF7dj5k_T4Q`(z@k!<EmdE(a+VDC0seJG4&NmINr
z{SK9y;|S+#%Sd#~tJySCXekjCp-K!A*0%0!kQ?1>1R&6<5k33oECP{%%l5bGY~|Fd
zTfvj!92$hFZI4!)54NXS-Kj%W(q&57b3Eo&&irp~enN{udc#KowMCSIn{FqhpM>bj
zW3@9at&zO8)vJP%BsrKN1R!S@YypW1^hac-RerD~;HiR^m9RGDa@1e4;xD8DO(liB
z^Sc;~NM)zUtiYSiR=YOOLthb#9B+ze^XlguEjn#EAB#Fc`c;S!VX39y8kzO1Pz9`M
z*&8G6RCgtMP#NeSj096&CFP)G$7^M4gCgpOZ`o^}3P}OGWE|!B_aX#+okWb1^|Wrj
zh<tu)MLeJ2bDGAh`JI$_S}8PzsVIr(K7_OVE1F6lwrc`SGq2^Z+HGwdL^C7d%-8jt
z;lJRci8382_~#i<PnHx<YPF?wW)?wG1bC5cHdrvfbaVL<*@lwG^A$qLNLK@Ya%^P}
z@E_dXbXe+5?2`X1$b2yAcXMw|&6NhbbJWzPViw_0j4O)(l9VD+5!`f%C-u{`lZE-E
zEkBr5A}?g^Nm?OVDF&=9TL@r2C_iottwQ!I%8y<763+#by|Wyfg&G_E11Y9Indg@n
z8CVw|GSI3FP<;$~p!h?~<(mod(O=#6w;@xd7(HD$kI9HQzIM^O{4`_!Eas+-gfSQ7
zZ9`nJt1eHIt%$=ohpI5Rs+qLW{>g}*l0(Q2xdZ4ifw0fB+BoD(?si!f3ZbIVf+GFU
zEKmB10y*`H#vh>L)pMgjQFglu5j+~DdQ{h-a<dMs|GIyn0qeYJQL&5y1n7l!;w_dO
zWp)VE4bWsFx$c4hvw$PKQE8@Qz3&XyYt`8p@dtMnL%X;ph&P(X;Q1qre#}f2gCuC{
z%B1h#O5UsAweBam%H{A>CuyUvy1!KoCxfVjno8xR9ae4oyx$LIV_c)?XvWSY_tEy9
z&Kx?)(<^we{$zfReiRZK!RTu-eGf)sMu|agH|bs`Skl*N_-V++h=U&6Uj=Ept$#P|
zZp;<NsPcrH@)K66<P2GlwErp~pF4696VN_ousE&5!R#{z&}&^T$6(cS$AH_JP%2Y_
z*87x7kcel_)zN)g*uzD_L?;gQN-jg}Q!^e5dhV;OL#-B~8U3|AnwayPulX|(j9KS1
z@i}2=)q^-bIcVGcVC#%YwJFb<)?WC0w>d8g>|CH~He2&cSZ@sJ#WZ%wr0{B`Z7?+_
zSX2X|@*vW{iY4)R)cq<z&ltDK7gTuXk;_*Mm8*6^M~eITP=y2<B~!J-8=(Lz(Oub%
zIzVmlLqh-Zy0+SCalMuU6E!Lm;S6Z=e2ANNn%@2GH1=K<DKz=3E)@Cm!6do=_hQ?S
z;1aujb+vp=j#-gHXvP`|`b>n$=b#=4xdEf(zlEe?x|&<LG|WfjvraZu)Q+ierVJFD
zuixG{#rx1#;RzHb2(Q5YDNQ50X_N#e;`KNl5g*|sD3SjjM`fS&x^xV}l`N}O{GhZH
zxJhy^OE<%5Z2I>%HkR%*HVr1Kc8bQw2g_9689Y)SPa|caZ64H&ARVe1OK?y)BegoK
zl=IT;;c)C&bSjGgkA3&Bvv8yGNK@$gLHe9Bu#`jJcD;%{)rEni`{D(~-^sI#$n$9z
z=5szSXSAb`6UbE>`A9W5+2!78ATHJ7SJ)DWQYN*JqqRfhKNzV|ha==Uvh*`~Hb;xV
z1aMU<hY5PRb);NdcX>vH;gTCwZy@Bx-VlfGX15pKt=r$&n!_o_R@?Abr?*%^+6Fbw
zK6soZ5N6-0vH4!hqZP5OVf)&#JMlFqHpdCKQBZW|=Tzb+03?t+0qAo{3md(;ka9|t
zw_0e&Qrr}U$Gzlic147dr4><P_Bs`4t@kbC0fO9Zabf&}t#ja;M+w?YwYWMvkd~wN
zQ`o*TLC+a3mmpk~cn2OX){ks7PS|{k2eji8N|@3~v9eVvfE_{2=bEr+e0?61qEvwh
zJEY3(%@@9BcRv5b{(M0n)5m`?M~D<S<lv+q+vse_lID%NIl?s|W9mgYG(OePL^(w^
z7b;pq8RfRjHTe?ij5souvo@L~n_>sr8FCTwi+q_?dr^?BH);|ge>}i2AJLWUJj8Qd
zFuCAC-<8)g@Sac4V)M_D%8JjKXh0NH*;jE>>XM`+QpudEq{!9cgI)Qt+*nK=1FSBc
z*$UF;7r((Pm2B#E6TmNmfI`Hp4v2`?fo|vXgckZftakk>A)*flX0=TOHa{HLSlVV<
zv?#ZyTd9ak(xUjSE#)oQ79+3_y=)7cJ-zY_r2H>f1JB=+0eIimo-{by`n~GOrQELg
zuco%;n_5?r3GMR|>*}{km_8$iVyKyi-()!I8p$a;&7r2VHxehL$<_X)tGp!oq42Ev
zsp^zGW|Y8A0v;jcltG+h2R6k5!6mDV%U4p{HiwArSJo>2TwiK+j5&h%0V)n2QBb*V
z-+M$E6~FG~B>usvOWxztIiJh(E4jH^!l3j-r44ffT=?PHUP<EJ6@_ngXXrX5d}s4|
zx}<_&EkQoD_jIYiDk*lL!1}~OD<~lA=K;m0^s;lU^35zejMroD8>)=^!&mF=LcV`k
zG>`D7PN9<|IzFX82a5%jWYxK%(HB+-I0KqjBxn}(bYbc(#(eRrba62kcl(OGZw2&{
z#+CKy%F>=Lwvw}8Z>j_NS?Jt15wxu@+gX`cjtM|fKxl=JRO&GdSH}DF<Ty1wjJ#jj
z;}<V$+&QsF<Dr>i>#5WOV#ir{2zqr}*0v(MYm4NauIzgrX}ZC+2YhXAwj*5E^_eaS
z1=JPh&%?y}Ugw>PlGjI!<%gkvBMPs|;AB4~&4n~{rwrvQSLH`vn4hv%fAql<ucfx8
zhf>NQO`A5%DqrIJq9}b7iYzlltbkPOCRwj_69U@gTsE0pG9W}ho|OJBuMvO1c(xzU
z<1Z)w0L9LwMjCpBX%c(!vB(${<rN%kB?|CUOv2BSbb7=7D3U{c%5^MiB&wt>@($i;
ztmls1TFPF}{>$t64z7hNN69fGp@UX-n*`U0?OE~%X~+EkU}X=dwi}*wIonaGxG|sX
z%*Kvw&#p`!4cQ5)9DR1BQn-v5fqvLPmU>U%!u!borbQeX*wV7`B4*?lDJX~Kb`P&5
z8WO8Fd)F3%v(x%MSF?A(^}X?c>pNEEf!FtFK4&17_E6XV-`4h%#dR-YZ7Ttv*7m=6
zZHwrQ$IOtYjT>{b2OD#?&jMG*ujedqyQh%Ri3PrrwYh*gLg=QvlC0hhJeZp~6&i{*
z1!<S$ynUS(_=+@D=Zj30<o0wXTRRYuerfPus@p=2>`drekgoGuUlD84oyhCC@o?79
zql)(G&dy0!270>5NTn-(Vy!O(_3R!6nL(v~Nd3+^B+kbYyDINt4}I5|28v`p+M2q9
zS5()^yy!cCkME)dt}&k04+}*6xIV^E)~Jg5)D)x{^c>P~A{6m7H7Oc@Y7a?QC;o|G
z(3O2!AkK4Qmh5b_9N9UrjAY(`kwl&w&Aa3#R%BNPOnR;xh158#73Ja$*?<{>h2x^b
z3$ov1mU?jR*RV@cg?U>A#nrY~Ev~Y<gpl`<%1#fELrgRy)nw5i07Yvb)=x@db=~fY
ztK$^;*jERvx5*eqv5Xl?fBn#$eoEuWuJjP&F+%W_-jt<9Y=9VV3CzkPh+sxUi{+Wx
zt$F=SS#-$sg-!_0yS66pJVW;xE01h3;4~IOu(=ip%7oNC*#?boc8n4>%~4s@<Pf%v
ztO50*ts?o4*`i&>U#!_5&9}?Qx1ru82WoM=_IdGaK3ELeEAnn0=_h}fsJNWE0CX1H
zCE(9ey`b%3@)w(al&3)Hv$51?o3*pwZgz|WD`L@AlB063BXUOpP3+|h1@S3?=)(jM
zPy3@LGaL&2%0m`#|LPE1`X{yI!-SU3O)Vu0rIhnCab~<fpLrs~K~BkFP0Fm0k7^R1
z%-eQozZM>JxCF~6vyEEABX%o)BZ*`;Bhh7@NEa96?bq?#nS4)`RD{}<q3!NYss28&
z^I@e3zFfP$_H@s0{{N~=K3EMdm*8+g_ar~oGJ>p@Mg$A0@Y2hzr{OCAQ<{9^f04%b
zz_RymC4fqVYcLjVGY<nO9}JWRJ9D{ES?g=!By!~HrlDwIeprj4=$qwaxBvpSL=ArB
zeLM5~Do}187GCn`BTR-A`}s?BSEin=dA6>oqY`u8thu)G+CgHL{8eI0ncd%250}DO
zib1C1Q{k)*&O_iNx~ERBC}*K|tUBz25o-;nvC3ZmsU`}um=%Aa0!Qs5n0Q9Kux~sl
zTz+noSE@-LCNz0>Ym*u}5SXTC65f?pHbrvw-%X7k*r)hAOmN9P3hN{l8taPJt8pJR
zqhaIt2~XEF-y#3Kw-pR|Hp&~94d@KE8A@4nXh$a==4G0X&g`uI-P9*St_pKTcAlq1
z?tPzQkVRE``EsRF`OnVj`r+af{`1FC);|i=&_BLKp!whx@Wlj%^^dGO4ak!EA|*3W
zGQaM8$yrKou;k>tg8lVWMUz*~&%2II*ZBk8N}IGctF6?B16fjBA%(^(tWij+8<BYw
z>r&YC@aH_#9I`gJ(of2?G;GzRBwFiBl7>^yh!&tM(aUH)208Cb+F9j83zepHWIb#`
zdfy)UYAlqZ`js$D5;KHhKBNqUq*RbCu{t`OvSzua5l>0OOj$Dn!;Yr2J$#C^McmY<
zq$e@|oE~aGY-ix+L2566mBR-+*p0R##rI&laSiX;?R07nzQFnWEzO?~p1-esy19T-
zUJ9GYs`vwFF6WPiL3TRSc0OYwkyp7R*)Pzz1xq6h=S+rG+(<ZP<hZ+buFhvDm+_U1
zaA>elx~We*?Q@BcVHuVkL&K9Zn$j;<PqfAp%+Q0FoLw!I@j8an<UxTA=oG%b3guUP
z9YfP|zb=`woQ#_f=A#*gssP2%=}$^}O-Iir-YIZt7MZ<4KwXI15{JXdfStZ#!@zc!
z={G=va9y>I>o2ryS!4%C4@3t<|3njl9{j#0%?Hy1QGpO5MHGS_O#5teA{iGgd#J(b
zK@HlJ0cUPD2C*tV*)FPZX=ZjZqCeddez*K8*tl9?MH3N8#G(o{_)<bPK{hF|uw*P^
zA^1;gn=<7)KrTA|mim+_Kjm-tr{f9r#|IPF3wSWQf<xt(+z3tA$9N%9U+Axpj88~?
zbQn+=bcw;KFHyPUVgq%^q-P4%=Tzw@WrIX;7$opnN(Qt)!5ENHG^7mt8iQn6_u0tX
zF6DE*_<Ek5#RP{QAGU3d^`;$l<O6Z_+q^!i#e*8{ysAcG6hlaugAXPxX5>88iU&;t
zLn2<INo>Rc!;3DqrB-Xh8nLkTCaPE0A{Z<_9=%CxW~r6}fks2R`L2ALR3za7HBE-H
zGG)|e13l{j5?)*_rR$<HkJ#(bDGDX!azE)*TK_-P9#bjhhNkhIB}z`~Je>D@@D!fP
zoa02r>^TX}J9)2ir4F(L*w>-<N1Ej?@qs|t2lfQQlGI)dvVEGS=WT2hr(>0^eidME
zW6QcUZwrNBxEEAkmHLmOJfa}h6z}oCuc<#HDzv6I66NrhMm83y6yDReGHLIQSrd`w
z^Ls+){TMecDW^00&nflshmbb!-U4aIlDL$VZ`bE-Yx4SC`P6qXrD88-b&x2v)U1)O
z%~NLd8TnE{Ellf*3)#qEK6^baP=k=Vy}U>7NWa&q1QhB4RS%dgK7=wKeCdYNkd~2R
zGYONe^@oOq2ViV4=rzM`!bieMi#NYJWo!qZM+Or3I{{z#$eS`UA;`+8!G@9*_vS0O
zF#|=tMh8)K4^3tt-@-j)S<>z{zw*0$rH)W_#N~O%YE{H*yPQ{6#|B1MFjA1l>$5Q+
z7#}z}$@rcd8I@uXH!m6f>rd$J25AhBQ;<otJsY8vE85RfDd)g^L9ToSS~|7jLtbKO
zKPDJEBSEodps@KqY&?f4A@aMuTKUvM64k2lpwG499ut7_i?RrdGLU|m(uH{~%Jb^`
zh+~6K`}+c`jqOQ-XrINjQ-|{tF<~fkbnJ46k0rAjIp;LCydg6>V{B`id@iD$MJOJ_
zI4?HC^T4z6T|g<~(|&s+REo9fJ0-(_WK%=;62ow><zYEvh?*Tgl+Pc@k6N40hyvh2
z;li6rn57}?)N}`e91cMomT$P``Xip}Z|ytRH^yABPHb7cD;9^8KfjXj{p<#Qi8W};
zKFnuAIhcKWN-F(J2W>uL&=9Uk5Na-bESW}Le`wTZ>Jm{KA53k256Y66(3s>*Ms1pe
z=6j!?jL=l;F9{0MM*gki^R`#8aIl=Sp6S4=(x5?Pf|{S2h|H<=?fDro$EU_m$-_)z
zo#W;50F$29Xm<N!F@(w)d~w`>llzA$_3c`q53sc4FM?m}(kp%Z07FfV>N;>teJ6k8
z`4x0#n-)ng1HPU>(dVTl%mAx;WrfP$Oj2)tF2tm5P#1&SdVYeUF7SyjOc}$^y(B1~
z2VUVAtLp@HeZ1t8k>n|8?`zvzuMI+Iq>RFu1y>mBGqO{)8)g>+Om@;fgyzCwt2)r&
zw_QP9%zWO;yzQ)IK(WRILcBIaPYXIoLzz&$Bn{zM+)5gH{Is^v!*&LX7|b-z(O!2M
ziZAu&gn|6Tk^DH8(v|sfXXl;l_?OY{koAGHVr?ye;2d$KoKSV+2)JL=Q2JBAc+xtN
zJu|A3ifouPk4EOT(L5I3ZN4*YL=c{)F*sjiaAwOGc+o)_drPFz=VJaZY)nI}y9*l2
z?u`Adx)k4W9lNh~c?sT=?(%j5|5ujN`8*+}O#<mYJN?u%wf1}v-&x(x10j*xjqzGe
z!<W%XbyXh6k*_tl?N$xM;Vl}7?k}Vj85#&#UPvdgCa>Ujy`gwWRVU|0VooYbz=Jwu
zQe9{HbPR%S+2&rj*9F=2T!Nw1Whr;jpQY4hV6SWC%yrI+?yf$wveOj}BQ9PuC`0%W
z%-UgaO(K(!(*gx6jN|-kISuy%Nh6Bf^cE@re7+eMRDr%Ld7^Huwlli-FghCRHT+IG
z)>a{wW36#EGhDk!<LiURR~&vQH=antgt5BYLn2p`l7GL>ik7S;BIY{F^kUQRlvDsD
zf@o4m+DSD&rG!MYUh;Q>O3ZzO&+B}Rp!31diTq~gbuh_JP<J7JRpg%RIDq0!Jlv)m
zb>Tsw^oTZD*DY&)yPWo;=m$)clqOxcg4~qXv)Q|$#y3C_Z_kUH@~#W=rFZ9DszCs^
z1#kH4s1yiXoLW4=)V#}UX)5lFlC0%*DS==%A+un{v|jzC3C&=HJ5)_WUNO_-QEjAo
zaraZPu>M+)if_oK?ZHwgl*@>x^PdQPk<tN4UlbEzw3^LENoF*Boqw}pi{~XQ3Mmi6
z)NH^+5^lsd*Orq;Q12-*X%`L__ZcClW+(aCYVp?e!HCiQLz^gs{J`SyBka0?!&5UA
zZgVPJApXNGcnx*$=fN-V;8_yb@A1dwGYK2muAh<%xj*@Z<4U5-(jir`J`86wMzdQ-
zhgDmomXU@E^ST%Z4W1o3)w3ddXp6<mNW9mceU<j)n<t``7fQK1H%s}boPdUlnX119
zH$z38`er}#(daF0@xW7f6~W=eH{x3b-xRx6z;Nfd+VW?6wj17~p8eevxtk2(g8AR{
z5#{lpD`h2Pg86s_yCz>Hlh!wJ57w;*qbWu+>PvO#j=tc#{)QJAbM^OrrAiNEY?;P+
zj1K3;=J+t+PWUiSc2EmtN?6v!An6Jh;@uB#8B2lIy!tI#mXjb%ETiRa@n`hreeO+?
z;~DAOJkZf4zSwC`2+BqkMG(t(M8C`mtIK@;+0^B?#VsyQEwZ1dPQ880piEpm_V4Mj
zyIUWNi`DF{TLw$KYtR0zWqQ%{UMh``>U0#@nK8JHmQp*}+Zn3591Fl7S{8;CJ2}?m
zs#`1mIJ}dg#nS84SiaR_Gvc-OY*=&1Zdu19X``5=YW7RA_iD9|V+)M)aaniz`2?U)
zby`!Ylk7jSdWm3H<pzTqlY`PUp_MD2&)y=7C*Fn~&`Hy%)4!OuCW;MNERDUXemmre
zA}VB=rc8YmB6S7t4Rx<i<_H<p^rfx#2|kThSYiq;sF0gg$_2tM1WIk24n#BP2OkgL
z(P2$oQrb;lEVk;ZV5V}p6q2>XSl8-3KD$as7(<^hlloN&8H`$5J7xk=TEt4K)}P4h
z3UgRN+VtS=LJ>)|krY2O8hovWo?ggzjavv+^+DOBqE>vhxH}Yel0~cJHkSw^vmN2u
zdmm<`x*i*ioUEmy|G?33v!?~m;e9Y0*G}Vud3;aD-+d{jL+a%e{4-$SD4Q(3yHKUF
z!&V+*5WMLfxXDvGTkHzi`_!ZlQd5L;(~nb=auJI?sz9-SWlm8U^h;%S|0*g=@p}1V
zNfIwhDrqpHF3+U5f~_ElL%3#v;tU}+@6sEqylmXj$m({nF#@U<UQoWbB9N>3fCfKu
z;UCV<tIdCOf1AG*I~oVEeA@8E0Ep!a-P|WNCO(+cv)9T8crr?1YHDh(ka#VBMZrYR
z)T<whnbNRnWLSj@imOG45gJ)<^Dq}BxtU=kRtrV$bgp-t3@3-FU5MX(w`s*3qv&ib
zIRq|nw|W#gx)(<|=~tl$ImW5J4|7FnOdQurlbL+Jit)0vAt`NtMKaInOc?;(B{{m5
zWBz|o3%jiTO_K1*s(<IH`nPk4r|RG4_346XKMi_f(89(P#k^T(UtHu{>a=SWS<c6+
z<bu5Ns%GifsgEZ@WB*~MZ<czxnwN^@9ucTR_w^pSoHUY@4HEFJ*+ch997=h1DQ)vq
zNiiiq$9`8<4Qiwg{f@Xb@MG=%@WT;mC4LAu8mwymgmA+LV}zMOAwxvmoS(WBD@P8t
zuy*8gki`I^ljt&gfeKY<j67({F%mhEFcj*lvi$pYHpilxb_}8!8-wblA=Y04ZIIoE
zf)G4qUBi>9gKPHJLG$72;69zJ?N#S|F#R!-8?`@>`eh;{?}y5@J$W}0C!4ZZ60Ss8
zF5XXyH3X?;INcfylk|KrC|qsAyWZ|{i?`<8tMbJ#H}*=?67Df6bE`n_e@<xA<(^rm
z@w^hob9?q5>X{D{diL)Vd)7T#_R7rOWUxn_1?jz$XS?k_cx9>I+OjW<$!Mu_(&&m+
zz3z$xjOQ1Yp4*j~teT1s6S{Kd6S1D=H^_DyTOIiqBL^{6xxHea$(MmhGSHpuUnX;X
z(9M5Obo0PQ`BsQTGu02%&9<e2%!ejqR(@MW<*D<$zA*tR7dy)~%)43E`g^620&^}E
zs)zkje`yia&<S~qHyZ7Nn8A{QYikv^fF#@Hm7^!KaUF1s(T}(Q{}P7cU#Jz#wJ<h}
zWuxI^Zo49Z4pM>ft{4cCQ^9~`#j8ZjzrUOoukiI_VY^*2&$=DU6v^@$ktT>s(lGN0
zxFu<9cENW_iMzwvF3e~O{lMbU@8Az9O?z|!7mfj*ddw?YZ-ul`$C+R6=f$&bz9@d=
z-x-*B(5ezL#-?H`U%wX|nwguq7G+j(X-0usOg21Xz%)GKpCGP2ic^0LBa?N?woK9}
z!;q}Z8jC1ZIGrHcewZHz`1C`Aw6-OOPO}c^K@AuW`?`8&`n8+CFl4GZ!q`g1v?oDI
z=#7o}t0-=~I5j$pr9fXml^tdyrbXw2K`=GbOq%#L1-yX?^9X4fi%NgapTmT1YkWB{
zgQBy%W-2x?+}|4!v_~VxYc(F&7$n@6qM#(3!hhrbv@?bKJ~U%8?U3TlK?@*%36IpK
z6QWs@_eSmj5k+jq*6}~T9IH2*3x<YC4))GAg1QX|j7i^ObAae?7AL)1-_b~+8f#Tm
zk7^ZOVspNdzP3zX<6kkb{PE?sYm~}Q47jtYwCCzq=oZ4gxO##)zLr7&Z!f<@6{A?L
zUbE$)OdUX~wmK1A*&A3w%GwsyVyia+=L2Q_zxmm}vn2BDt#^*c_O>OMKJ>Yo$18Qv
zi~db2WQ;?;$tII7*Rxx9=f#<M{cMRKNBe4qc{+PQDxx{rdBEB2Q8B|*;Q5i3`i`_o
zQO{CuX_pPddG?ajO1A@ESdr|=ekNO`mA;D=%o~iXAbgBtYq;z=(VKn3W%W1-=l!x@
zB3@3*cvfB`<ea#f-FW{oZDE-(6!?znNqJq+Uab94R}+<P*=RrQe?}S*wHMGckw9<p
zD*GbJfxP&fwj+HzAg6(CrYKM%locg-UT?MHuM8$6E<w1#ye#kFmWas=WJBogU~OBc
zltQsY<s!`WNa)v5axszpMzTpQyS;k4Ff`*m5sdKs2p<yJz{*|&hwO=>r&^n09Pywu
z(I#ZfSJ$O`8A|dFY8#-Fk%?;~I4cTNe~U*7a~7oND5p@S+3Ed3KS{|z7KK_-eLwjw
zG`yV%fOjP>wl^_gDKDMriXIMA-o8%;qw4|1&mSk&2T{Xp!b;R9XFXc%34?b=1}_Up
z@8?6W^Pla=MR##VSpxz|vyS?B80ew3w_x2UD(L9wW2HDr$2xwu{6<nF;Rug?Kdqg8
zCOfe00~Kii*mCr)u@rF_I_p!#Yibv%%eJ?H(q0+?oR!;jcRPpb_L4L+3+WZ{F(_%O
z)HSE+k8O!4=e9kd&B)`(`5Ebw>e(n7c<RrB5?op6E9@$o73O7b(RmUl3O$>i&$&e3
znKiB(IoS-1a<g_sFqjJJSx^A5#R5P|q3a$81Uzk)`}^9JOY!hT!<ZatlKGJx6sH{_
zS=fdLqrM*J=9qiqlubhKemIPL#bsVA+J$X@kO?r7eoNUV4EDy8A`msR%8EiI-m!ds
zj5Mp6?@=g1QzX>Y_MX|0$(jBpQc<799f-U0PtWI_!zW(K-wRcrMl&wvKvN+qoD=k6
z1qLjD(7M1+SAdAE$i8o79begvvqzDA$ku6|$!=lS%i6V~*>;Du9rC$y#V^vQ$BpYa
zVVgFHD+q6i#V{hBSjXDP9)hCqCco(DcPmPPAPh52_cG6c3ZcroiHd%0d`S?`9ncEU
z@h+}8+)$sjWoo<Noon8P^0EY$W(#}KaZv=A!F0?i-PUmD7`@&7?3(TLKRbf?I+)Hp
z<cTNWcsYL<F1uv?zRREM0z^U<feJRg1uD5X%vHaUV>`2B7#$uts0N)RFrVJ9fxj|F
zm3dgk*fZKNnEM(3ux{1pe0I6Av>eAwWb0L!Fk7Yt9I@3Ji8irG;Q?SGDZBeabfJkN
z3kY>Qk@K2rzg_7#Bis!xPtU}p?DNdB@|m3at{P>tuW*5}5$elw{E7Xef^IXYwby_9
zZaJH?gN+m`%fGM|d~l0l|IrkBB%ft*i$Kpx5djVG=eu8f@?-tW7D6kvZ@VFtd}(yn
z`5?dsxCEFU^rpZww88?V|4=b{{(xzbTz0a2nP%l}Pv_kuw!WhM+<vEtnfWFPe+wJ5
z`D|vv&E$8d&*zVg>-`lznU=kO3$*WaE@VH(hOZaqYpCx=VR^S_aSY~aTRj|G{}ums
zF^UIvWZOG4lm=2TiCJtgip6>{iasb1sw(ADII@`^H1qbFrxNq_7c6#oK@kOU({)x#
zt{sL2=1XB5AXHIh@@A==HX*skV7|pq&@`uQVEI5u*1{U%?G?i4Hg=V5d~K3890!@&
zh_;AIOKsqAx^~hw!V|T%;QM#VHkJqL*zKO+7hB6HK2uS}KL4e-cO*c(!=YeL!m)#b
z^f;WG^z%XbylHDr?5SuaA@3YgRF>$i2y~_@u=>@6QNo=!t`c71@wH-nxWC!)4PQ@#
zi;2PvtvFaJk)0~hlN?Uzx9!86!(Fr;qhFF+)PDkC3@w1|HIB@IIoo!oCr0soQ1>~g
zNJXSq`+hF(&WqyDXXv?NHQ0g4H3fuxGliq7I8!!V5&!i?<3wgd25#@?QLVJ8BmMPq
z!p{Cif?GxiN;I&Cn)jwoL|ZmZtT*M^`AY*k2HgM1FF9J;zGkpJ{n;%n$_xsr;MUG!
z0mCg}n_hLoOxgHIbrcMNT8|j|=I#jDdW=p0JMLTTj0z`Y3!J-78x7ip3?qi5>8$ui
zR%7-aj3`sHpH9&Y0t&mb`(#y7#Bf*kOY0r2s(eC*2?Y%C3Z_0O{<1Gm>5rXPdQJvK
zCO|Q>yjo=c3xdK6Qgg<;7_f%S=^pI|r}c|iW<O9JQ%OW^yH*XX<BB$bnZvNz;X=z-
zJpAH<ZlLk4=njYj5-se^JE-yHxw%0ezgf2ors~)b;!&med7j;rSFY>n5$!>fxt;<}
z;o9Q`_1$l#`Pms}6W*99pF~uD(xG>fFXgJda)yp1ZA&o+bMDV)oz3~3@Dq@%sb}YH
z@8|SvnvJcX-^v;>Cq5s`PZ5AA2N|KbamL!&$?lg;g$dnZo`FcH;K&IXs^P=A*V)iy
zH#|}a0PKz;USU)9XjWzYL7}NM?0vjV+5}6Ajx<5;TE`$}5mh9o07#FtejDmP_cl{o
znJ+>Pqg{p{BXpjPAvy3$SN07}@<C4h_=}l(2?5zh8TYB$SC~(FyPgx&DHpwrOcP))
zNjVsh$gqX(qIzssu}!|MLUoN)R$XihPckoLH;%h(6`t#rY}Ou^XaAR^usg7M<#;4|
zQT(vz{3=LM@xdxFW6Cw(NthCeNm=W%H4!3k*g48=?HvaiiSLUzSr#-NOiS>>Tf`Y;
zT@sPxrm197iNE3BBmoFZeBqh!&xaNr&ShDrmg;vfE;IjrIF(9M6FMifNI%9XfVjmJ
z^8?abu-P3rmz!#nsms!mH?@Ixsp~$t>vrmJwaBaSW_ALw@bUQjayS+VTTIkC!LL`c
zXcW<&*G~~CF&#Y-R&y6;V&6bQ6WbxAj!M30AYaG`Ibo})lvJ_YmgAxZ5jXtl*K#JM
zm{xR%-EwYRl^-EH+J`W2uM<g9?gRKSL|r&xDJyUn<S*6=W?B3GN8aURdaLggHI*DB
z8n{FwXl0k8fM4Nj=9MFP3}ak*WHc$9j0$_dn^56TV>2?*sBV_AtxA1Ij!&enS82Xb
zR_H#3+H{Tecz&)<^V1J%RwfHwaeA1tcAQbN_CC#v4^6|CfjRSg0gROVMC*l5lKH<!
zJOkQ8AfsKWlDhX#3hqLzv4!JSAPQ1NV%A8A$X4HENeH)*8O6m=@zz?xmF#m+_Y6M3
zq<=w}wq9vlSGHJ*2P)Ys8UDq2_7QfcRbHo^V%kP{VQw}@a}^PL7^Jp&BgnE*Z6x9b
zM7`PB^q0mzEZ<@qs+)aRYpe?7MTX0e;GK~=wOZeGwc|>5P9@ahXCKtM*C02{M48e<
zROB62^<PJ%dD^hQd9o8)IZs+kT1Wa^gK=z=b+O`u=S_>s#z!xumTJ<UZka}L2>&Om
zNyAA0->D;ga4~AF0~E;oGYyIl%|S6TFaL)oGK+&yv8G3iCi%>~@~~IW@1%)cv%guf
zne4fZ&OMSweQ4SM-ROC#QDp@Q749kEuqcE#8sNZ@g*fph>TblADl|mtF1Z7nKAdij
z!-EJ|<*NpBB!PM0eMexP3r@tobFx76K?PL9tbcpUkcfuZ68oWp9s_;6LEUQ?ssSI|
zfQ&mq&fnZJ23}es$Kr)DN>7R_R6a2Jb}plG0@~rOh!2+=sjTCQ_MIu}X(6&KWBi-6
zt$pagmZ@^4v~Ko+w(T{7)(4}B7G~zT6YwcqRB2s4)(X71dclD?NTd(-yZCp0!<LEA
zB1K;8Qnh39j;0c{qC6|&@Z-I3h7gw_vF%t4+2V%ZBvNy|QSw-4+~K<-MT*~K*MdS-
ziX)+Cq4&<-3wvW?%>JW$AJie~j5o<0K<C*rclPs&pCj);kU+8=a^G64?4OfEP-%FU
zZHykcTDU(zA#h(>@1yAHYG04a;h^t7-^o|IyD+u8YTwldjX$Dl4Fs*-su}UY+=1pH
z@Tc#8G#9R@{umqEMX8Zqek+r0bB@sbr7)dn%^B6L`nV6w>1pYMm3dtQBO_sx-F8q=
zm)Y$bWWDwweb@(MPt#HLWvLMi|FS~N)o-dm_uMdOmG+C2=|{3?h1bLT>liA#DN~e!
zOe0tB3+`n7Q-Z~Zro~CdrpnvUJya*80v%59WlO<2DP}D@-d@3ya<1k#ECc+7@lu%N
z@G1X7l=LebD`FA|%~`2d6!s|bpY)#+mF$YuFbP<elIzq4t6!_1<|*-R`o7X->220l
zb-9;`Gbk%T5mzhZlOEbh@?s(p^6T<h%cK}Uq~}&$gu%ZRhn!&l6ntn%kN4Gean)c(
z%1qfEN!KU*FN)n>SR%DPmmu?X%ZqiyT|a>ez`x}aI)QBQQx_HYZzEf0YI>QkJ~vxu
zG|kOycl!DYM|aXb7YPZH_ALh}vF%#>K96wR>KNCmqJ({V)(IDhozmZgRSxtxn%uk2
z)8CI3qdXa&Tg@-~59^wu(Z$<frQ|$`c=(L2&mqwVw_XSFh-S07+iifRn_`gwL(0H_
zu^3c?R;fKkV?dd`4r>z?Nu<sdF$5`4Qnx-PEa=E?7<X5Z?+Nwl<<it)^T#5gt8^N5
zfu|zLEYYdER;Z=6$Ban+L<iOabfj+_%cm(%LN-4v(tzKecbx?T2~XIT*$qYJG<8^g
zfMw@eIjX*5CjoD=p%g$^d<ZSHm4IZ+Q<jAt&LJjYGF$^gs2cXvNw~7DWPQk3Yr<e;
z0~8Hb6r$u`@sr8L4OH!r#rzuR*cEWGk~HPVJ2!884S&8h_7(If%I*W<zl(s2?1s^N
zaY7G$PXk-sql4&j6^}&shF?v>cIS!;twlI#gB<N6>g!`>nM=uus5CO+(FnllvnWFA
zm+;gIUsQGT_7kl*(C$|Kdh_gJKI2_mwg@V3tJzz|%5)X7yH>v*rh0Nl#-<g?SQ#)i
zMC1)VlQcURR+rtOsNL>KuS)y0&3?c6GeAS!mDbp`{JGIXvQWI!X4|?+Wjf)3>Pa@l
zpb?FU8nJDNZ%W%NsaN_y=$TI=_>A<4>7I7;(C(0<Z;qBrUd)k4>)HH)ubw>V0b&_{
z1G>Ic!3RN>ozyXD7$aLpSVu-17R1x_P$Yz9Htg6nmiuCVc$$)LOONzMHcPR5;l6-H
z-Z9pFMpNs|li(<|;E-(pgZXm2MkvNQrbzsyz2iyrpPPjGVFNgJ3mw^M1h9tA-mKhV
zFht0tp%)gp|N6y;S3j%){ba9aZTSyU>IkW^Rm5wL>jY~JKX4;B^rE4EDxW(9baz2T
z(Xt$6K&60V{fRx2^qphe(z36kB36!dyyau6B;fNc=1NCltrWwe&Taz4E6oz-Xi^lt
zMn2r$ie3_$&B{7@M^T|jS&*@WrvV4r5^2e&!FIN<29AvmUpxWj4%CK)BG!#W(OQXT
zl;9CnDf97k66M!0e25{PKb$Wc7d^1Kl;9~77_q2_Y1T&b6ZjLL(a{KK5f&whZj-N2
zlj)0P$0FA=RC4O--$~f{tx((Zc+S3Jj|E1k#@%Teis4)aU`FKd?8M#qyz8`1RH!Nw
zqN1Cq@uSan4d*k|m#chsIAcI~rfvfVh^r}x_|Gmfa1w`ID{gH(NmR(BPttH1AZE;N
zzJ>JXJ}6lMHvatZ4f(v)`B7L-R--<-35B*sLd)WCkv+&W12>Q8jYYU%#Ei;%WV?>o
z1`RQUcP7ck?EBO%A{;X-bl(ScAXH~DKN}?%S){kem@I8t>As>(Mi>t5_k0Xy7gRzk
ze5Ulwv;{gVB-ODL(smAUQK84OvMw0hlh^0vyeg<|ca0rP0ju_6<smhJ;_2}CIYB>T
zaWS|PxjgEoU=r%$@1*r#y~YOVD)lII773lJ#WEXKtI*U}&~bb~SLO?GY+}G)+aN^V
zV1+o-wqkJ2K7Xfo@-G5JXOaE!on(5+v%jeH?#!pXChxj7?><*KvG-_*G1ikN3$oww
zSuR;6h9^GP$aCe8POT#=vj%%dpQgc+ES}&)WttIsWYIvi?sYg8YMlt~1vy2<Ah%lP
zn#wv3Y72_&Ul1{-k||McS;R(%YX%`j9(q5i5TX^L`a~y<4r;(x2w-e={hWy#2!3MJ
zf5qTGslN${&{{-_8pQ%g%X9MS*@Fzp{OtRX#_8G4J6R3c_aLpax$ZrZ6Owj;kF~St
zV_6Xd>yg$Exj9Ahu)REPo<lWAOlsZ|yE%Djb^D^Ycw&0^VO=A9u3L6uCgr_%_Gdp~
zMvM>1Gfj5TXTiE*g}$y7DMpjrXFal+wjca7F>N2uO0LZ;`EA=nKg(z5SNpt$7G}<$
zM6A#(py__<4nC?sTOEGHnbxx3bzPN*qjT9tTqv>yk!3_#`lpdjO2chaojRc}Qy;;I
zsys(n*d(GJ-Rq{Zi0;OHK@Ah(s%?-nVUtl(Z$kxRcQg$L!{nGzEj}B&uPzG9bTNx-
zI7;{orJlbRk7%ye8*EG$DhpbCgeZCT4haz1g6-MWK(0nJTxrBD!O^_q+2w{{5AbL<
zwL2Guutwgka``9=$p!*D+W%hTDm?czLC#yf1v13^@W9q8JWlVC##2ARJXrX--fW6_
zytFBg=QFR&d+F2=-&mzjR9DD*PyB<Pt7fl%(uh+X*IB=}=qk~?Iuipp#2@0su-i(4
zsy-6?FEk`zkI&$@A*vyBo5m}j;msIB0ZWU?(l_As_^DxQ*H74tpoFSWqj7<#7Lq0^
zn9O2``JGw}vxoq;OD;%C-m0&IT}S&-25>6pSW@HYMk~LjuOzrNV?S|cm1cx?bkC?t
z5DtHf!W%3gP?v#AUM}6)UrGld`(^xNr$Cpmcs3Dj_rp~H%g<QRJ#3H68XQlZ-eudl
z!xs1q-cJp&gC^tV+qp@4%ztIUlb&D+ZZ+J|7mppxPhw};!tOK%R*7}OsdbMxgQWr|
zYu}y*B(zd(gR-minOB#U6OJpNIx4mdx6;OSXSUyXt?V*Rp5Pup^ETl;pj_4~NdnfN
zp9~P&t1D)s>iJcq%lTQ??wouH;C4w=%guS}HW5)9@uf@OF6AF4KF8ss$R1OdwXgMA
z2xPRx4lHY2C99q%c~{W18g|-i(h8j^F}sle*=<ay>>lhvQ_0LeYHVIecabkWq}UfE
zG-&y^2o1qKXeio>Z}IHO!TEQf{1TIw<8mi=YH@cns9brIj=45|Wq)t5@-(U?YZiW=
z8@dXQpTU->TYX{x<VOgv6g-qZjLiXG4+Ba3-mU%gq$b}F-VhF+>{+5mNR(s{XJH6_
zzAU=u-AmMDrS?lzJIb@~;;GX0{=9n)_n}wvGU<2{J1GK;(yKGrxb-o$do))^;*2a_
zXKB9%{Q;-VMW8(v=UGYsfE75u2#Sy<(gxGZ#s-u#`L8G`h`*$pjOb9W9|`r6t55^s
z*tIsV?Crs2P=Ab!B9vz@Ro<jk5k~fwgVIzzH!I^`Njv0&^=o?@SsAZ=Hf=oZ+IN5x
zAE}uapl>0R|0V##S}k5lDr@P8l_2fU6ATAdK$kFt0{S1+z7KBSd){xPrcsVb0Tl}w
z19MT?Dv^(t1Cb?G!OK7(jnNWhRzj|Y29hKzTkVO^`m|`AU&k9r=_Nk|e=LWe!$1|(
zsrOao_wwyS9Li_Z6(1%H<<y_I4rSO{@{52{eWC;W(F&xyL`Dmd<aWF!qDSukM)inW
z6Z#(y?-5?gi4vy_M8n8GCd#Ba(gLY$bpI|*{X4LhwEL)1OFE6eDn592-kEwM^WR3#
zy#{UU1%C7tebfhk^gZQA1+J0bn;z1(PGUKf25H=_0_W83v*<ge8GRk?Ppa~@#Y{;H
zOBbusTGp^pbPNg>AGY(g$k=c#e@!ewb-A9C1*0&`zn5U1AKEmAg6s&@;+*c-7UUbU
z6@1h96OzJjh@;FNX%`94m+U~sH1RXKtBOJjz_aI8FizHtLTbWG)uYfGF(AEhO{gwI
z+XC4q*()P}kg{%2LnyBYa<maWvQp<Mm}EE-@F;@9Hm4jeM}GpzEoZVOAovb0L?3b@
z>D-lFMEF?L#b?PY2oBI${uYvGg=!7FfR5IrR;;&(CC<as`0FgjfY226wsfV_hNcY!
z*&juQEZ~8r1MD{R#9lRceU`XeH+_s~XZ*%QYOYS`c3@Id=Bf-*^Q)RZADX1*FMknB
z(*bJ;l8g|#)KtOpzFOecfm4DU5Vxk@twwz~Slnv*_kBG9w@?IFDLdyq&R`8Bl4zkD
zEuJP-6BH<8)`_9j{#bpbQR9EJ_a<<b+;?H;n{LgF&gTIi$ccf*7G?}m>(yP=jO95s
zGdjo8NE%tPTlMNyX&Uu(xBHMrz8Dxsu|cu~=1_uTizB-Z;lqjqhyt5kCEf^y#h}e@
zj6(uwL)bMT*=QjNf&|#_?|)R)JL<jHqr>cO%GPxE|2}^I-~V_25f+r7fs~c2P4-Z3
zJZ+3BjH}3TM0BZOZ1%;L2oZP8seg1HL3qS`^8@NSV$;B*3R*AcA`%oVVhlD}E@m`g
zy#C4%6be&}HVQp~9w6chcnZ1qE7L?_-?gjNz9+Qo&ry6jkSab^3JYSxL6>5Z#`UO-
zmj#&Q-CiL+ky2;;Ex!qa56h*<Z*tY*P+3wHPcBxx*D508?ejZ%M1*Tu6D_QYu=ye=
zk}l@eJk^=_J~<OR_ds1q7ID4!OMJ4#mrNmBbP6W+m0XBwZL|ht=gypmh*e9_98^&<
zK33a^2Q>@3ORY6EHQt+@7uw@?Wss^u5ux)lcL5WTjh;n=Sgp#}R;wbEf~>5@HL@c_
zdBZXvnq8mGQ+i=Pz%i3B!5DAAj>y^+iq!&)zDfV3cw4<RQVe44ila0uoAxFIF8X&Z
zcd?>75!TgL4#*T(BWaZ|nPd*GAi@XfjO9>514?K#H?SNSQmQ*Z^9@22iv&rgii}QX
zYjBQMn&MWeH$V|50*kB^WZX4EuZ`LYv*<9iYEx#{wDtkRDK)rqS1wT}15?PpWC9${
zu1Q!rHJaTw%$xK0ml&BgMY5=l2<N<kBLmXA#ENSBxDIP7mjF%C$|Z=kR1di^rYC9k
zHmJQFya%H_&=h{)#>+4K#=GQmf|b-i<FQh8*?sb5jVR@^lac-cL)HwzCA&VY(2U6Z
zjV@Dyi_Cnz2{3fUTji-rK{$f))scEkog3lzzXr1tAQXc{eLpBsv5+sg`+_P6*v7xO
zJHFvgT7b-v6DIG;x%|YKbr#u)Ts0Un%YutTF?HXpYQ43uE-{#O-D{O)yQ*tC1KlJ$
zuXxYSH>iK5vy;-9Y7M3Xk(3Nx+J3A3%hJBp=D~4D@aEaKC<x813_@<SH<0}G+C=DA
z&9!yk*u9gepq5%$p`?urs`a@)Cwr&<sjNy=#AAsFy7M`5FA@;ZG|H#{SZ|wLA>12~
zC_68AC3@85x9r?;a_8muiV*JzWXp}aPW_?Ul^H}{NGaG|Ht{VyKSO*N6WIiz7aXU6
zC-8V<q3lBbDqRWvHQq<Q9_O?}4K<UUzacYG|ELRD#Wr0gS35fXi5YtNz{VbD=MIT;
z^wZknY|lF+z{sAP<?w7VH-Zp}P+c^~veSqI1SAy9f%UaeWXFa!V$?>yGf!ySO-<4W
z-7I$qtc_Ao&0y^<Lcf^<N^dr^>xfPU%s(j>+Fw>(31^DF;td4dM-?UHIWgJ=9{`d%
z-Ht-YrjZ#}kg;c%cGI7|Qh7%xlSMTad|cE|09*Y$W(J}DKveV{!VGHj;t!a}fzxe;
zY(q%`@B9PV3iXfL3IU*5IsAGn{>z^j1_opd905jqSoDVkp03!r^Jh4Mm?A1c`=x=p
z!qKA(az`*IxLa_b+|xn}OEL;1C4k~p8I^imrwU|=TeEm@%l+nSMWI%3my$*i`?AGK
zYP9Q(S`#3pm2gpX5Zd!a?HoJVrZ@s20v#!F+95^FNCFBF$rAi}>319KBb2aU5-sG>
z`beW=I#npjz~MX#afJ*;_7clb_5Q;BGGOUk{qhG2tY&Xku*Q9L3XuSPAqSReizkAt
z%B<Wl2uqbNZI?W=Ejul1q?BqXz~s+&E5q)KU>Q^@>py#sED_X^0IJL!x&*UCF%I6x
z6Fv0zP9{sb@Ru@33Ew7{4kVOPyb6Z;T~k88aApNe3dF>t`=2Nr&o5%iwC6Ox5QkCA
z#1Wu9z>yOK_eT8E9#C5TZxfvuJ-tsH2Oi+<joH&`Bv<d-`OT!i6|#ljU=z5CZ`g?t
zL!?`x;ZpyC$HgUGgsdVwo;Nxm&Ep`bmMxc6Q_|&KoBA*Lm+I;dxPDVamT*>yBHt~)
zaUNC1-Rktr?okU+x_-<cB1V&b2TM4MK(Iqm<Y$WZL9!!%J+G5?T=!Xp?Ea7wA;@k&
zKSwf~4e>GvMASmV%|GgNRq-;e`_l?Ns}&^p!pz&1b%Q*Or9E4e5*YFCjP~~Bfp8>H
zBKZ~CNugu5Q~mvos1D}l6qBzw)JIM8IxvPlx0k+MB1S2y4}f?l&9LTglONwL|G;g6
z`hW2kInP^!lTpmp8KygV+SZ`GL@F1(U1qHQsgQ~q*B8yW6xRh~gYN&`OcptkCUG`F
zKhj~3jz_Mu3Z8Av`1VlxApZ$Q6Xw1gz{QaaK>br$eJV>n6>d+g`*sPE(;>6}g&C9>
zWpees3H&D%%`R<n{LFXOqB8!rU01Qp*R0vh#oq)PSI6;R3xFSDF=rl9dVHm@mau7W
znw6MtG%2>w!7hpTCd8>?v-CTm!pMD+!@9O}_7~MHh7#mb(NW*6s&`av3F^fuzg2m>
z2-RUNR!RICmTPA$${Woy%yKL3{w|7N%O$=?$K@8*O+U4&3>7ire+!OJ!d3qii!u2!
zx9cuzUas}d+hncPKWeR&p<Z=^{N$f$K-U(ph!ll+fXfmb#iB7g32X#TGnS5!8ZJbJ
z3ow3zx@Bg*S-@7vWI<(ks7dt3!)Cnu_&E|zlv#V96yTy28K;6rCC*WQ9$_Za19(Zm
zT=a2iOZ_td;Q!1_SE6V_KyhWttG$5Y&aZ!9Ck|h7?0C9WlOG&8(NE1jp-??nr#h7L
zI~PbqF{Q$<$h8p5-}`n7V!KH04t^IhRZzWv(2TY?n)!_Wizi+r@iXYyI}qIp$ZpUY
z=|A8p<h$|R!5sn=AXmgUqN}|@htR-UM(%37Km-x;L;oeei_wTOFOoQ)41XTM5Xj<l
z)xrG$8!_AR)piWLk1;=g?Z$excxG#3`PyuK^V+j<xENBB-&f{0<Oz)yMwmO!sb5-e
z{3eCPNcp}$H;|)K-bArK=R@{)cF*OzFMdLoZ(Swz`F`(f2~NW&8zSG)_LH--@7>YH
zmqdM1U%o?c(&cQurgj;jvbs$F&D&JHpD^tnXzzJs=0N+(^Rq|WPt49fxubn0NeBA+
z88uGn=kuy1{f}v`)s%j<DZlgI>i!?8`aeH&vi;%=@5t2ql~U6F_x?LwevaSeV{qqZ
zKG43{w)eM9{<S*0b+EnXv6+MID<7Rb+@5>nqQmXI=XV}xcUrdmZ<zA?s`8J{9Bp6u
z$m~t+PFGF-piI7L9c466G4{9oUwT~cG3^|daeb(LvDB0NJ50Xbo#ys@%D+VUyG(hB
z;U*vRcy#7^8P|dK9HP;?tD&j<rtt|J?5ERzVA}hbD&1-wlkwemY5U?Mm(84Df+tP6
zZ~ymt9zSc!(eI~Z{T`b=*q(dzq66){kI4F+-!=1tm$vsZ7V;>=8XdXpP=A7Ip=n%_
z{$<AX?@fPg(_d408P&xw0)J}C|BxwvxV>NfHm=@&>V5hpJ+E&u^?;kP^`yPC)cXZf
z&wyu3T9Nc$H0kfC+B-k<{`SQ-|Jglyr{8Y!fj;$H(>Mhlze2meW!k;Vba=RZ-^~8@
z>6_bYcehU;;E&(eN3p3LpLRMIwOYX+==pxH>eZZ+>)ZEztbO`ed+nrZ>;BpSYidv6
z=N#=lYuZ~e?a8=qZ=XKWUVE<^P*Z&w#k16(|3f_<_%ZdVbIW=))syvjnR+*ydT%i6
zLA^(2ZWR1<L;I=Ong3+bQ&T&Vz8~e^z5hY?&l0Pzsl1e0qx_;NkAb@S=vR)3+JDLa
zU_<`6cAux-`3tDmLT>Vdre4R4=XiThVaFr+_T#ZK_1)Cob8|iaADjB<^3(@@x?A#3
z%3sv~9h3jC&enMInBdJD1aBS{ym@Q;*unOR8|B~qx3rJl+&=N%_OS!){Wqy|&!wRe
zfoeh4LE63dKk9X-EA@?ApRZ89XUcz@DbF~|c}l+h-fDhfUv9MXtmnVW<a6#8C4XGM
z_w8=A9yk3WYf>Nm-Z`n>lhpf3Q}4>E-tCj>y+FNxWa{CwVf!oLOY-ff){#FB)!<L^
zf4!mpxOpC99scbF%<~-ecK;{6kK38&Gt~P=Q}0eQA;BAhF`CBdQ|=||ZJByEnR-X%
z+;jh(mwWsnd+HB-;W?8pqmz37(9{b}`r&rxgOm2-zDruIKQi?O_oHc?(%+NRyZn#z
zx(woparIuH-Zz+f)AlFrT}+HNZ=gS$Zl>F^<FM&R2Kuq-?=$IdFcodOZD%ljX`o-3
zwT$P(CVdbtY`$%;DgV=^{@}T@^?!Px-#Q+a{_SVyJ(&NjslT0dUc1b;DpbGz_VGi~
z|Cwp;8Iw+bhF(6>o}2lROWRihsfUCbI&6Vdm6Y{uqMKi&-N#;*84J6nzozns$=-9h
zDa4Osn#>S<J(^B~K$`8$v^!9~b!tu8mv+8?M8A^$!z0q0#{U%MKV!<rW@ysBr2lUw
zT|`Xs+4NufV?EymovipADX)T*lD1*y#rmF~nf>65oMHK7{!(u9zv%j&p$l#lI{%2=
zSIqJep;Hx|KYQhl{>urB@he}Xji&XL^tCHmt^f8<b^G=CNcwM^bUSWa{;hwe%l}8}
z%V*Quf3DL%p_9w>A2R9oKDXtcGwH4=@AFgoec7ZxUG4Xy!lxO205muI)J%I$10B@(
zO{U)GXEdAnxB)ES<nfuC+E;#R_IP{lv5OA2_ddFl%8%?i(2mdVKHNSr+vRCpD125B
zioc}pd#1hUV%=Wbi~~C3ap4a>CH#SDkJ_d^2!+`fc3j$yVWtKeJaQR59vVuv>u}^!
z-Osn0{gw1l@F%M~2eMkdOqaiwzvWYKbEcWTl=e<h@3W@fq;n_bKSB8)H|2j=I^i2P
zu4gE}aJe3r<qOrgKH5AkpEh5j-ovKehg2_y|AX#*1il>p?}l~<F1gz7#&KLl{r#{y
ze`wk}VA@mTINE+{$3vP47&nh|)c3FGp9l9i+->vxPtwmb)Y~xi{=gto1%Hk3a<qN!
z!0eZ1M**N2chfi}eJ`O$@~_e3v~;k{U(&zRq;HsZ)co&a74K5$x^evkzRpqq4@~{f
zoBBe>{P-9;M#l3D_3UTBxOJ~d|Lb3?$N2?QU>yFQ`D>S|b5h6Oa=&zr^y74Cs%d>>
z9>=&O-~UG4uVeaU9ahKfqqKL<UatIZ=W(@3|CDL(TdMXRnE?waI_;k73TzsetjCMA
z|8u6De{9-O>j6H0Y?gcVQIXpixx<kmu>*MI#`gYu6wu6U3@k}gzp@^u-q>n==uLV(
z=1jlP+4qiH4}qsAsQ1@Ry?IlQDZ?l!RzsyU^}CPU7pVWdseikv&wLF&zh2JwgAfvI
zjS{PX<>5y7Rf;yXE9rar=P$om&*vJ`Zd3V_<ewt*m?{6q_4CQPe`@yF2z-9D{o)m~
z{|o06;2Xf_6Z(^JJkLJ|-m1qp3E#^8yiED)P5F12_E`y}edE`m1F^Sc>OEE)m!$tE
zlWtk8P4XrEPfhyo830#!O09#s*N(|OsqVF7a!=mee(}W2ZSAj|IM#mY#A5s969?Pp
z-g~bk-b>;U60hgy0ZDjfG%`DE`u#utvR)4fav@)Z2L|ANW|VZTrRXLZ|9jr1+qpwG
zqwhZ?Gzw@)lk+O&e!!Ib&8plZBJWi4l$n|5+E;P{5ci%m<v;lKy4`QA=niw=H^4`G
z_CN0!b+McNY`af<qi*+IW+T*kSN8&#txlKR&^~w3>_xjrFQsZ3P#H-dNPqjkuGRYc
z@6`RhSf9snfpgaRv5QoHYJU&O{@&1j@v_;cXU5E<sXs}7n*Qu(@uhFl|Ju9sI7Fi$
zABVh@XWe&S`}EQF+6OAE*$n40uPb4y{>Zc^szv##bsROX+uG-5XAiPJ7j%9<L4OZ?
zn;yTFBMCl~^iP`fo7E@`{RN5nu#qv!x=6V%nR0ddR?;uNTDN;Ww7q<4U5;F_>)7M7
zpStL=osaIi<NWT~w_lECMCS{AEA{Mm#{6Q>&!e;8(MK-2Uig6H?Pqrs?dNyg(0*aZ
z9sE4N-w3q0PAi#}jBgZuDeHU=Vbd+K9^Vht@#GCnc=Cq!v%6;Rzfd~nCHnhU->&<!
ztZ38t1dq%??EE`Z{-0Ot@TlCwkBGeFJo3A9m(2Wd`xBSk*nZ-YyZL#51Sm-sKwmRW
z?aTh2qy6Xh>G4>)fu?V4&%Lk2FHQ9Yk3UQOKQi^DJ^8@nW94#E?q%xz<#+3TpH#I}
zz4J3OpPs7U*a{V>Yw44l+k0-6%7PE;`5!9V@4(K)ceVH5rLfIm)02#+UjBGh{(*LU
zeS5z_wYJ>fHRC>7m0PNpYg#XX>z5e!pP2f;GIXvXGYq~`eA{8cS4Z3T&Hjy%Xt$}K
z9{rqRbDn#TUf+LE$BPON106&B;ZaTw0g^dG*K?Lmn6or{MKeZe>R;gE%kq!;2KQ$$
z|2|U=Xr8%;J+b-c4-UfR+_G$$&A07eTh;##$!{9hVal!1<j<ORKVGf>r$oN+n8?Eo
zJ<9r@-*prg_wF6-&cOBD)c#4@e}VSn!+PA`I<)Q;-d6j2K=$`mS@%C_UghTb`1H3Q
zWZk`9_xD*dABA5JU9szCi(f&nkM1bZt6Cqa*E*)_!IG-4X<m~4dCI@RlsDa|b|l??
zHeJ?1()XD1AF0;)aarfl@`R&6-RwOh0o`=aG(MmFV<?{<J+9|-uPM)c@hGGfc#?fZ
zuL>yy0c416$~3hn@bx6^eZ{o*O{P8Y%XuNYn(9gV3)H*h20ac$!Ri}VzBSiseXS{P
zuAjznNjn|NzuA<xBGPf~-$(gxH02=?)i<vE6O{K&d8?8cSN>VbFPQR^^t^&UU!wdm
zQ~oagmJfJ6KLgo4!ww03+SH%a@30x4Gxe);FZb1C{!I3Djr#Vp>%o1c^fS_LJ>Sm9
z*85e{ucdFOhZM@_4QuV%{5#uwPL9Jz(r)YR{CA^<7g%NWu^#1kM$s*@4l(t<*3^^x
zPCk8aD;8J%-L#I9ewO;znfhGCWqC<I)sVh!(k*G$)V_@8%e3=7ro7yH@+rIoRdOEr
z<WoC7V%d?g@ID7~_$AZM*XU-Ht&XJspC)}{ht5#vo%Tz*=)T$ecGT#geH4>=@4H#A
z_oqyIs-B^z_7^qo95&F9P^x6pd}SY>r`@lZb}d}K*U%&5>Iswgb+_p8Sh|CC;v_Wd
z(WJeYdiR-nfS~%C`jPb0ls|3CBf1+~Ugq;8<<FY(_MAc?%*;SxjqB$H>iwFjHx2%1
zeKUHODa*^aI+XvHro6?kM-89ZG%kV1)71N2Q||+6_68o|69pdk&!7-z;l&!NsU3lz
zr)lTVt$M%ST*2LAA}2Tc38)3(OJ3SB^C#`S&@?3@($ucZ>*9BE?oQ}-ExmNN(epRe
z^QpI=df#d4{iqp_I%kIOe{ly_e>pQf@uv19{R!HeyG@Vda$US}J!IU^QvPaF-m=Ev
z#oH#~y_czX$kem=hkAF6t0&{@usH8G^(?+@nvaa{KD(Iw4rr>6TSg&Co4;z>;|Qzo
zdXq2Z>-9fv@>$>W9MC6r%zRP-j4k*5rk$p8<HmXM-d5|IZ`bQC<>a$=0ZsJ;uJ=<f
zG4=3sQJ>m>_}BBZw*uF{SMGjOJCgnh+Ii1O-T$m^rg7hW@}HsnK~sLUItPX?RrD4l
z?(Cg){M*$3VcNU+U9Hy7+@bsbyy;)@`-(0{9`)!&$3;%8=<=D54@iP_g{Jl;{WR_0
zeP{ptWd9}oUX!kK6<!cFWc>W8_pqt=-&f<U^W`_N_)krv$C2?}{H@q^-K9rB*XnDU
zkKCs*<=<_}zhKI<UXKeJGxW8RYgT*)eB{iJjg$^G^&{)^6#ZOrN{{Pt(+`s39W#G*
z{5|kx>e<hrXSJS^{u$F=9nR|IEnOz#nkK!Dr|RXmo4(Twc(C6(o~gHwC`Wxw>nG_i
zejD_vnXfq}ihhywr%d{fn06{U1o0L8$`gImM>9MM9yrE7-+s5=r-P=wlY*zXfbO}p
zy$4yx;Yso)pL$Qw&PPo<Vf|byx=M`;Z{PlbHO>Df+Ix}q{_gwqxQeR1A-%GKQzf50
zik|uiY#<Wb0X0NZKl^0<C`I0SukPn3&HP!<`n{~|gKtDF`1q9aK?VP``vuePwD8ZA
zTVJN$ZSU9PvHD@VzoI|uELWPJrg_Qw&7p+)KGV)0Rr7jWnAuN>9JDUqHu9nqGruxw
z`5N)rN!tAc{e0pBdc6N#)sL||QThsY!{Fb1Ku>q@vY7`)U}PD;v>PqzcAu!)eO%<1
zb@}`;u`4LYzql<tCF^|*qWhOjKj%$9>K?pR?m>|(EvW^!^qrKy;lBR;Y1#)#|2*YC
zY06(=+HWc^aPwu#|BxyFmTEjDKPdS>W%4hdqP@Kx?p#wI(n)=a4(T=HVHwAL)cY+{
z@3W?!!rwnMzTT76`$($S=X>h)zI%MV7pS+ZtLr^puQ%qtka1q@U<bR+di$uipL$ni
zy1!M^Uv=)4o<N;@unMA^>GT4!uTRqMr%k(7|6<d3=eoZ+)1OWM7L)$%1L<9pUed>=
z{fABZ6Q=yF{rHOWCVa%xGc(Km1GjcgA2ID*Qt0u#(;#@}Z{%!B-l*(=l>SS}8{teA
zy6vwl9BjY1fVfqDd1>KxoA7adIY7d3_4CDr+26cmBrcI5_e}rSeo*)S`AZ~qNKZA?
zKXSfr-`)Q5j+>w(Zsz9!k^EhYMh>(%fbvy)C;3<Q<JUi=`?33>=Bf02N{?IV`3xSx
z$L08i$P<MgebPfL^AX+O_o`8-c^Nse!iSaJ!p!;z?5E{I($1GmJNBNxq5Z@Rm-|>g
z`br-=^pEQP_n7_#&PK_DWW2{H|6Qj1dVRdC&tqa&RJXG*Cjpj~C9LG3at@`PKQ!&!
zV%kB$G=qKa*zrD3y#pW9<DD_}WW17o$fUoamOg48a-R1D+?%HS$4q$!sqP`;=cDv~
zH^{kI>^~RMpVWWB)HmR$?mbDjU)%g*%l~szzE1zu%fFKJQS+33UuHbNHKO09@_R9Q
z{vA{PvD)~X%AcbA+IQ;x;Hpud^xIVa6O{j)DL<!+H_{6}`Oi@Pe>COqHs#qTW9Pzs
z3;hZ!a-<Gl(!bQRUwvIijZ5HhE<zW6uKygUd+(NJc)W^wr>M8r)U)daKaGCzlfv4m
zZ`^u3N&TNQ^(V<YWt`7b{)?u(g)cSEo0`Wd@ZO4Bt$$(afhyFe=oaX0MYr6AJn{x5
zW)Q1NW5J=zHH}~Bp;NTm{w}?4@6*M#{1v)O{Qo-QXhTPq9vZd&(*9GlbK10XqiLt9
zUrB#~@_*NqfA@s)GR{_lPQaA^W>a3xU&*hyzfYFKY=p;?)H_ByZ~ksQ-}f2>r0xf0
z53BU5L-)|RubKUZ=37V0i=^G+<GNkq>8MZb>&)*f2fMp~rl$1}IDC=%tA9n;cXjpF
zq1~<9cJH`xcO6fTT7RiOx6o?+sHtz)hx)hfo;kAH@{{BGzmNLQnfm{e>HqNV)(yKa
zp853dnOk@7xNSF)EJou6>HjI}f6pU&{C~&P7rROh5<W%;z930bU&`(KtGXP&s;{YC
zNq?C_51R6Ssa9UnpD^i@@Po9oA7bkVP5HOh+8MQ;Qhtr{KW)m_>268?g@*L!Mx>8w
zU(WLjwDV6*`M+hxQ=Mn{=b0biK;xmw!BYp?oIxpi*wp{<C-gc#XzJVhZ%98qb7~~r
zF>c-0807zL+ONxBM$Jdsc}gKEJ&-!yl=S~#+PTz>b5eOzj35d6o3?yiekA?=ndui*
ztNI4pso(qc@z?pbdU_oW>gi4MYHDY@=}qm|=R0a&-o~us>sqa^|D=W!SZwtvzu&z1
zzL9lWqu!0Co)wKt`lx=?x>DYLb$s&_>FcH)yM6*HlKwH1{!ON$f`9bz>OOm~)~^Bn
z2jxDifqx?&m2vDvi1Inp?v<upoBsDqx*ea~D^mU$lYVP`91ta94~g+w*|%+H_xI@a
zyxEkOb(VHcn)LUYbo@~eUtFx@c#{7&P5!?z1E|g`d`aD}`sVi2Qbh2o)O-9<-QQW$
zZiOeHpGdR)?|w{|vvNqvsTy|NZ#DUEG40s&YX|D}$d`T(nDodXSanY-dCVw3kE2l9
zv(L`9pTV`{S!lXva7`iQ@JJC|Ij&LgB=df0KYGRQ*YmOT#2s>-+|-`Sl)3(aFUa^u
z)%Qv796%mt>i-yj%Lm_F_m`P@Ol@t&*EF>!>E~!K|Fj;@*QwT;<*ZWvY0BGA_EJ8<
z+mikf)6TP!$XCHZ#V^9*o=46lnt?&HA_f1_&b}Ye<Ei6;dcSYf&5u1Vrw+n*nRe_r
zW&DzEzrpmwru?^>0&<R|{EA8clu1``s_00Ot9^HQkmUSJ`Tt_de~&58Iv6=DdK}}w
zbsI-vrrX|osHPvi$<%-32lf2FRMoG`iz_}~$un?Op81)PGKz8ge)bT0pC1}t=TUGc
z>+pHXXQuokW?cR2@S$=Y#`XIW?fjl;$I|=b%Fh8@Z~I|A&Q;Uzxbi0`|GlPs9ezg5
zOWHX{`R_O7>-SMp`KKxW8B^ZUqfO%xczBWW|In2GJv06a9xx&{{^!ThPJN*t9LB<T
zd<6gOC-u5a8i$PUH06KIl&{0Rq`zR&r&+J3DgWyO?J&ibq<`6@Z<%>w|5Jy1^l{2>
zk-MW$4r#@C`ux+5{p>hTk|6Eh{MYn+FPYIL6yC1nUy8p`dK7goZg0OdGyCh!Sh^X{
z$-VRB^{v*OKcf2^C2yAekC^;AJtyfOH|hMUz9#sPbO{>y%clI-=;Dq0?vvl4{J${e
zVXf46aChs-?#mAC-g#*EjzhaIKC=7LL%T0Iy!)bCcjNg;iKhMqKF`tKn?9rG$*<~D
z=UT;~z^v>8&?^`OSb9bOs>=ypkoxzS`pY_5^Vyc(nMo(&1zGQlkD<RX?d+=BQNJ~f
zU+V3r-WN^18htR<eoX3}rQUCwdX{cLJ~GyBL&otm_3UT)2U!P6|Bt3UL;&hz9dBu0
z$;FOuKff#64#^ldpFPK0t!w^<-j6ryX2hO+;(U%#@1UtSXX?@CSbw6cD0hx}T~qI5
zRZr-V4z{Xe<s-6=&r<*AO?^FTWw)W?Z#2zQ`hA&t|EsBI?^~|asqF5hetZLdO&3^S
z?LYOu<+IycXSL7N+h^*1Pqki;%wTVP^wC+Qejh6hjhp5#=`YjHbEch(O*`Yt?}b?W
z)hWx%{7zB+OBXP|C#d)PrrrnY^HcN=Qs-Imum-X~2;;{4W!gFZIlaEq%uk%U-@A?S
zG3D=`vb?OvY09UjygkA~y%Ek}?0I~OdVkB*`v$WfoX4^7E$i}S>iv?bXU}oddhMh9
z#V}p}(v<%R(+{g$#b3ZT)GRwut-iO^<x0_}cIBMhN4w{q()-|=cJ(<^CO#@<T>Yo0
z|94FNZ|keCRJmj8%eucv{oge8EnZ~ZH$({C)UVXL@)qQoKdQ$K%cef+jrGfx_D)dm
zq^UPaZzTPkqkPYlw|q7Gt2|zs#wY2|Q12sC_9NxLLitCxQT|Gp_RmaN-lzRzl>aGH
zo?q3c;>uV#`gdCJ>5nTT_5QP|CvYeqG}J?r_U9SuML)JZ{3+}G67_B}^|o_g?>*6K
zeZbV4cApgdQ}01jZ(hyL+KG$gT7OOZEcKtF{!d(BeQEba>i<(y-{KFOZn|&nG`}>B
zL(=yme0j;V)2@}5bo)(eN9MCe`9Cx5ESZYn8N}K5m+K*LAm#4=alO9}n{tY8ftE3P
zNTr`guRhc3r{|U2M(V$4>VMb}^7KPc=kfQ(p4&`k{IK*tsI(>N_xw#go_|-3r|wUq
z_~Ij_9S!k0X8y@YzF5|w-jAiD!7o_$AeKhgD_xA+k7pRqvHwPo$KpjPFX<a5eG=Z6
z@~zvk5i;d19op2dtV4(LpEcz_dyzDt<Scdhz<{1d;-37Ki$*O(Q$LdaB>n9B+j@R0
zs+aNW@jT^!(v-LBc{TMU{dY|IPn&kCdrfZOziAOu<9f@y_nyQK?5Fg2e%Ano;{UkJ
zM*C9{#bWlCN3wt8=KTcyJowYPAG5q_T$27FlU_e(lK!10{jF21(@T_p(v%NOd08h(
z|Ds91)9|;D-{$^DZ!&v)#$NhwqI{El;=~=iDgQHi{I>lb<t6=;N&h~>xTy8R2*Rx2
zfLsZ<IZkw&VVjgAm(AWaGEBm_aeamUfA44YxF8ACH?I7ZceYyL&*}1)Pblw`e~j`6
zP5DPmd4<<7{a6t<gw6>S^yjQ*X~y<1_tcZL_q=KEYpeFg@?kQc7pP}Hi@yY)O8Re@
z_P);)AihxDK2zb-!|iiBW*+QEs7>o6<J^B2e(OK4*U9P;IaOo*2&CRw>irc{&(06t
z{@A#CU-0JB)cavm?^-htO;1ktKRZnMm#F`oseh?iApAT&CF=Oc#Gdofi;xpNvJ(wG
zaajM6av&+~bd;p%SI6Rs6Q@|~zo*w@UmZ_Wa6SS*zGGW>Le}pY`nmk?>wfILK8Y_l
zDf6e^x0-qnjvk*nhf0ohRQzKP<0~f7kmF&4V6*;B@FC~^zPq7eenF4(Js0T;>fBd;
zs8xT;ZcO?^&GGpiHzK0Gi=PK&06)cvAC73H+iU7y=KCW3|Mvf&`w!}PNA<7l^Hl%G
z<=(!&obN?rx@+8j8OMqD=`qQ__Wb!K{Z0Q!kK^Y}5!S)zO_0l<Ck_u2|FN3CT+_VN
z{?pGdoA&Ja0pE<p5Buo%CF=c4Q}3SodMG*OD0{`5h-;w-EbA%tqv!NI{ze^s2G&!-
z&v98#tPHQ_fwl{PADRDC_Ymjqmvn#fw|q_OBKOz}l>dq;e^!;Q`<ZdRXYz^ny|i=X
zy}<7Cy5GNT+WDB=hpf~2*?Y0*M*wl)GWfwSJSXFk@|XP+U0&8%zNT@$jl8pzKWfTz
zHK~uFW5gqFmIo;ON4?LOdi<(B_$=t>et!6An@Nc}z0h=TU;KV#LZ;mVrd=7oq}y*&
zJ2Ji#luv$HuR~}m+Iw)>+<i^!auemBp#G|<|KYlveH6YpAn-+0m)ScpBN|3eP5nsv
z%k=YaenpS7PCrZfo4=^jA2Q=VY05up(!X?x&Zy{@QRhZtD9`?Ev-NH>e8~8oMEKSH
zbv=%En{n9m&zbb=OuDR_l>beW{xOpdTo`*<^gMMvxH8_neJJjkx!zRVVrlQ5FYEsQ
zwP~-y+bTYh!kgTa#&3W)LKn~cFcjPHMjW_IwXkf)`JR8S+m**O<g3=PvLmjy`_#p=
zrzFrJX#?iTM=s-v8tzXw+xj>^Wgfrv8@j(o>hJ^~Iht-i+J0%*%rCWH-gRU9-0nO0
zi8=PJnL7s)zL$g}l-Ov0V)w!J6T44Q>N`dcM)s}g+?~4*`Ok0a@qN&YyQ#b!>8C0G
z&rJC})%uxzR`w3cE*ku+;%8tQee6j4#Jwu8^s)A_o7yK-sOkM%L))+7wn+QG`&)WE
zC(U>izohgjH?{X8$3ag4@@s})pL(ZK@W5~Db}T%8Q0}`M#6KK7eEy=d3K3%_AaEyL
zHO>2K@;*;{f6uh{pcLj)<5F^A;p4tzB3_sFU!t9BUex3II@L;Zzfyj#i@e5^xA?4S
zoRWTm@*gtg&9&J$ueVYD9OXZ1%F8_EgYQytbej5+de2brZ<%_Q-#9g)p0xK8^{)Nj
z_562BXM9clNcvm`A7sk!QKg&9%eYQZ{(4h>TDs&g^*%wpQ>Nadb-0FZHt!=;_WrXE
z?&v4X^}v3@wDYh3m7d?98v&cbFBPAz@D@npkzLB)4R3%0v(N8pKY0KG?7;Qy&mTD0
ze)_;7sdthF@p<4VX@^Pckv8)q{BlZuc`vyK$h}pSB4LYP4v}zNWjsN(2GsN!GtS@n
zeLc?aHXDIm)8oR24B;g;P6;SF`^jAp#EfOfk@hnx*49lzG%k^Nh{WUkWJo(sfh<pa
zfdl>=Jm;?vY4(eF8vH7z;J>DWCyyAH#{Ivh7IGXsbaL!<{!owmoqE~F!q0t_w{LTw
zo1**^l(%nRpP!=qvy`{5OHTvOFHzn;9Q~FF?F&556|I(iwD~U?xCGnGzIlQi@f7v!
zL&0yH(9b^dKS6o>cJI&3=nBBCc`t<?(d-@8Di|;(B9N0a7JW9Zzl{Gy+O_X+T7DNi
zG4qu%bf!<eEAPku>W}q4^Q-#Qc(C7lgm?{#UpWD^N_Yhju~>UG!Ht~n(==jVXXKe4
z+uo;yp01y7b#L*O#>{UG-%sP(f1dX3lY<AV^&9e^<lO7HQr|+{Zm0<)TP1tn)V|>5
zy{C!S@~3(|ZqdVUA+Lb$K6L39v@NBv#x{0?l($c*9Wdn;9sJ>D`LpcT6V$U$omn}%
zsyD`uLB{<&_3Ue87n%NK-6h>VJ@!AFboQ|x&%DB`;-dca(6Th{tBiL)LVWvBm!+fc
znQ#wXMZL4svoBu#q8S(R3)b`Jg|txL;>KpWzPXsSj^1*|+@U0yOXmIg&fGO;Hn&#t
zci*3{<m*crf2Ql%>38!s)HR_$cg_9I+%>mu%w4mw*?V_Jook9>J<n-rrMI+lKY!+D
zvwUOYnzi*jTiRG!U3s_4OV@kkt*>sWVzjw=n!i_8ui098XlbQ)&1TwN&S_SX(v62#
zveWCUE2~=@L;1zlO14R}*KFkKr_|}Cn`!;;6UPtfmgqWrfT65zQh0T}wYb<@-f&yj
zcDI(6d)LalSJ!0gtBm$c`ao_{mshiN**t}H&GOR9*4b;+16ixx?@%vgwFY0!TIabe
zXFeNB*RN^G!&*x`rX_29;PyFp-t*?2R<@k7SU25t=go6_*S9t{v$+TJby=-BXFhV-
zguOu+cZ$@Bi#fOBde?N~Yh3SL?`kbCb=TANhp$bS8K=D7buB6L>l@eZ*Gcnkx9b;K
zoON^0$)a9*O?Lm*e5ZA->gC$9)jUn(sPKxS<99+Y?sU>TbAvGRdVbgM=B)$k_ivra
zS2j0Vi|@O|&sNuSuQ;=rl*!3T{?KB!y0Wq9M5hDaae_P!9N+5{-Mn+8Rpz$V(}xxx
z%(K>M0Ax8|RO4RE*VoyN+tP>bB!><Hl^mI}PNH+Jy6NOqC$Bnm)q$&yp1jIi+gzus
zFbulABF?*Uua|Tk_efRUqZ=or#lCuBy0NIMdR><phe0QG^CV4!BQ2e^Z!5lfP7PpT
z!TdP7yxL8duWNmH>CD>lJK~Q@Cy~1-4XYCK^Yk@8KiJn*TW;s7bVL1+C7YjLUE7$S
z@8#=xF+YD;e#le;mB3_j$4~sg4gEan1VtPkX{nrv1M>8U!k|8)jm>oq;QajU>gRTc
z5_W<pNkXScI#JXq3Nw^eclB)EGwTr2tzMCi{l#_E+Jv3$j08YpHI_EkmeYsT){?+#
zxV@y~II-`hc^GC%dZYw)S<8M{SF4+LlO%FtH%NNEAG?tObv;BUP$Tp8uCX}7E7C9y
zujnOCo;$rfb)8PZu9z0fNxQ1)Am09@^X}IDwJC>Q7UiAD4GTYr;~=qJ(ShkxudhCU
zD_dt=PxUEasphk_vGk!_8gznHFi5ey3O2oeG41tOP|tP3F!Hms>&1@OagMYG%2a22
zY|~D5I?o=+d#2e=x07|_ZV_j35vD%pXu1>Z`1h}`KD3ygSp_40D3=j-{VYt=qSJBm
zULN;2&HY8joP-iBWoOpHGwIpI?!z=#B%$lYJr9JGW~tjf($ZP`)Iwc7SFG%Pr}<U?
zeAnDH*UbquEiBN`!oscV96^@wx@v7m_el0=i5_A%jk>Yd3nMpiydJYBT{k~aN0(2s
zBFodT>vjDwi2WW|XMH_=xNKgdzL2A^y0sbJq<#ddNU*fR4NR9#COAFxI&SJPDVos5
zrf7rOc_+!UAP!u=DBLJxNmT1Bts3tXsMqnct@U*-gT*sBn<wk+Cq?3P0w-{3o2%qV
ztG~#Yja$z*ww5;ye7m8>t%(9_jWczD`T5&aL5s|f2$T<>VTE8f*B@ToTu+xkD<{_#
zN(s3op&=M);QLV+dSQ}xlRR)a1UhS<-gK^pg@u*XmBp2<<>iHiTUJ+Y;g@~)Y{l=t
zuDlhp)#YVFZ7eL%10&1VAIy))EjDTqeRJ6{6DcQ~kh)2pb~{}s?Q!+63H?Q;Jwm}o
zzA4w)BDd*cmafrs*mY!gbKi}60Z?+JHBe^EUf4qv>NV%$9bWV3Ou8l)HeL0yEcToT
z$oHWWf?Qx<<(b7ax2J~Xg#`_zSDWKCGE*(#RO@^rRAO1s5DE(m#nQ^s#_2`D8Vd^_
z&X!j<w$}5-eC5G+bUwPz^k{yVJN>$r{-s)Ra{_g8q7abaSJ|~938J_Y`+3;uMcvGx
zC&`uSp+?54{rP$GLpL)Fs3!Y>&}}KSsDQIVi1gz_tNCF!51~ukti#PGqbRRGNbUaH
zkA(T8+kv3z<YBk##zl~u%a5$q*2>aZ8K1`=-p0clz9i^b#!mnJp--F{+x?2_nV;8F
zP$O0IC>X6!Hqxz~=Isw}Z02WV6483D>N5{$&d^V~S&?`dKe)~yxbq_Aye~qgYT{2O
zPx^XqdC}Ay+=^O@k>IQ_>_oBW=e-2fw_T8pJP2vO8$<O4VC_MW9e@5cj!@HESWpWx
zJ-}`USe-^-)ntGhDKzN>8sf&`$?K=Xlh?1Wp5d@B^|sPwL9tCu>U0Qws0+~R@s)zr
zSb|rBF4rho&@%ry9^Bm-wp6zXG`L~x<x!VK@8!K-8Xal%m3Xxfa35kAkEze(o1ov#
zv;-nyDq@=oucc-H!?FfnyaBf-WNG3jPTI}=fP2(S98mXgF*BE<Sb~gLd~kKCSEB`_
z54l}TdwJyhP8x6<XJO=}Tu3&vp_LKG*zwclrTbSP$<Elb=Xg#x>I6Lqy&#3F;F|9%
z^7<hJjcHgpha0cxWnmHa!o&$dYc-@4W~*n;tge{CTtI3fivnI<n0BcSDd#$A$IH8(
zmlwd#V4>F1iZDAHOIgLHI-M%fNwU?ohZnith45WY*VdryXgQCPDDgXS*9$T)Ex5-<
zl(PiVh~<ARuqfPyTn&sa;s$Vo40gQmJ3&{@O|c|Pr`HOeeJRM0-K<B4G_U8uZ9B=v
zTAnQm-!0b@)bM7$Aye%*P^(c9cpdoW6a+e=Tx)erL@KRY^^X$8>SQO->6#MbsE5dG
z))nmm4H!pIR+*plx?aHrsk3VIupabS)*f12--`L-(u!<+Q~)noC-9QY>GYszYWd@-
znQ3|pA6nWxEyPorEp0xmyX<97;G}SVJ;!x?2Z$IfG)=#wB@oW24uc{py4^g@;v_7x
z9{hH-!6L_SOWA_Lt$m|miP9twqaaaoo-D|Lk-icZb~WD!0&+agP7lnqoNg{H3q_hm
zah@bzx9H@72ivbsS5?Bcpcl0MFLlE_==A)^@1#kb=AK_0ye=7P62j@IjZ+XQgLdFX
zJ&=J99);3T)m||X6<gq-2fynkQO`}nBu?DIlO7bIp^C@~s|A?`MId47c6;5hh~qTP
zb0KBQ11S45BxiC0&`S<go-gN0a3<^Ibi19x%bmpci`WMN4wM-KRO*=KXE$lm@Jha>
z0le+Wq14okysFkFaw71>5!JpN?5l3OUdh_@eZR51lp(!Z+RWFv^ZB<t`--{{kaTK|
zG1VT@i^M}<!jzLN2PA6wW2R~78w5(MZxYodDlGFfA~rop#r`2{GX%i={NU6Wvy45|
zOUj6m908CW7nVAYazV2?t8uVb&%INzg)O*X#M31>1!}cIooas2KBv3zy`a;HlWq`7
z`xgHCDmbpLxVVxoDONFo+vj*A01N#%>;W|O0%apg9_p$)esQ%Z;Q8n?NxSf90kTA7
zcxeIr*9)jKtz@>sLiV-9MTsa^lDz>5(^UsgKpc{(Sb&p?)En%!@FFml+jIOP_Yn*=
zP1QFuF_Z}djy<pN(l{?NB-7ngI7+p+unLO4sRlV#LgmVRB$xZ*##WbR)68|_u9G04
zf$t6(P`yCeX#YmUOmj1ZoLKx&zP_q%P@3{U(q1Rex<LS&EjPn(F==p$n<ut+j_j03
zuseR%@twd225Ht@NR99}O42Y&Qtm(x<h_l>%~i!0(^+1)Ig&d5jXPc(1B!hmUU`p^
zNMIoSMcT2LpG`BR73k)X>lSg*O<ms)0OX-kue@jOwf<g1bRJP0x|!p70rIZNh<m7s
zG|btUP6YLVv@b=SG2Q+;9VI-l^AF<?(O8js33N=5K<HQ5(@cCcHQ}#qZHQbe^3!ev
z#w{YpNxT@gq#Wevid@Eur7_x&G;rg@qY*^hBFq6*l-c7)R}vM$L+c=4#*(Q^H}(CL
zzjBw$QsvN04Q3lg<!zjXgnvMwwOA6capG9CQaOUtxEF{rsjtNNvFTIT&{YU$z_}KU
z#-hU6^yd3v9)(Gg6n@V~v~@&yioQbAbU2p04fXixEQT%#!zA?GnDZC{5jyJ?ci{}J
zVkd#Yq^~%MGbeR5N`A$(R&6R!az5C*8+CoZQ<S?@;?`+JibzD0)N|p4p=jmC>K7?;
zBaM;I3bj%y?G6YNF}-}IPi{~O6b(J{(S-%QHN#THMr|Rmu82*;$yMjkTn!b6mwRxw
ziB}{kKo@loN^y2y@#erPX&y3FhZ3PTY6B-itrB#RH;6{hlFBW^Ikv7}T}KrUfmiOE
zQuCI{i8{!OT0!S!J|t5fd&vERKxpDJ*NXEsjcS+xSX8d$P&28H*T<o78W4v25DsaS
zqSQq#JHW$K>o@jvAuKF~>>WS#VND_@6Tv9UYVxKzU!!qGt#zc2p<i?|bTGXz6C^hY
z;YOOETvYNRi*P(qEqYLB1!NDyv}9+k)HK5l`xZBrOF={eEGx{3kUZU_$TH-~bYL?l
z4cJ@Gh5gPtQJN*5i^Mxk(OhvPw-jku!3d`^GKt=RL|N!XvMOrP)5=I6C76e$frm6G
zbsTUX>CChelxb?r)vBOU!+F(K(1kPE3VMoukC!$U^D}FkqJ(1kdM={j9@ll~`s}yO
zRPE}c>}inHmlkkbnJ_ppW-Cj8Ki7dJz7$w`LY9Hq&@aa#wj3^IwX?BS&n9{eCh|^0
z<^lb@i~J?ham{j-N`hi_S#+ftf`Z(4gkeV*CWNSD?0YA>e)XKuX=;2Z?SK_~=^DRm
zEG&Rg)jx|;VHlykv#*K1mRK*!%U-<01tktI#87Ki+oQ*zxiZF*Wm{)#OMWcaRsB7n
zuo*M_o6|KT9#scvVL^9roEfSmKv}12Z-2<w@d1o_wFJhUj%Km-eo9BEJxu=mJgYfB
z&v1k#K8_T;LEx^dS+-REYTnu$8Z3yjUYu|hLbRH#?c0i1ecB^|=Kn1l1}lNOccY~M
z%gRTzRZI{nA%a>wg@yVIa{9MLRYw%Er8HR{K*>Q%!@_al!m-Qov!sA;A>9C<R3AE8
zuPJP{Ea;Tj*O!z~FF<T_<KqUx%p|<L*G>Gi0|khfFoC@PDo(<Hnq~%G(e}95+-yZ%
z3<3DZU=M!hZjgW2ylxM(w#<u>fb_yNM&50;!lDuWY9Sa!)C%_P-^AEr6>Lk^V*XPY
zdg2`2F5;FRw?P*%Pv~+J)aUqL(RoEucw?nT9;T#ymQ7I>qj8B*qJ>!pshy}ZY9-3e
zLnXBC4$wU$iEOM+p9HZJCqV~6Pmy-efL8QL>n`D(tM<6G0+rN9ZzIJ40b!Kc4N#_g
zkW3}LZEYLq6%u=4;db@2n)o>G3lS)yUtzW59HuMH5d(Bm2M$bVQOVl3_g#J0sbZ?G
zgWeEk!C>1^tE4Z$2u@8@*2+wlIWQJ%qY#!BIR=2J7hK^6WQ~NVm34Y0{Wu-nRCYR*
zo;nEhf(XVa#QqYyEZdW0BYxaGz1pkPiN2&pCN+jYUfkL&Vp@TRE09n?k2y(!r7hNq
zCbQhuzPhfaDN4Fl+EoB!tI;MvhgGi9reW<MOf@rClxts8*xIgStG!$eWf9g@hU0fT
zNEHeM$6co@%+x@c(M>gt%5iGdY2Jf2DPZ&yq%uw_X1BF`wLglroQi}8HrMi0;IGql
zdwGB&%)x{OS)nj&l4aR~k$hyL*eThC#qxC0R**6{7X!Nh3+T8DGccl@fn7{P5fMM2
z#;vyn2BR|FH7XNDam~+5$@%$1+5$qfa-u~*L?l`u3=U=J9-2c``fg7w7<JY(Je*!F
zjK#7Css=HlhHLLcVVq+(=m1wGn>p3$Cc1yE){OiB-oKZk4fBPXv7;k*%m6jP?`WM&
zcp*9&ZsryAM~CExtXH5CSgx*<ds*Deif)#&^<W&8GiEUM1c<(4TUrX&RZ4x9V@UrW
zL|qhBh39k-zjq=O%%h7cIMl0wonm(td%uTThxo7Dl29i)E~&y09F*BA{o?B4>O&Z4
zFlVH+S(Ktw_R<7#2b-Woj4FE{=uMMF+c-ZZ@b!T99ML*PSBcNrx7%AAccK()`XFie
z3H^Q(Fazy+A{bDv-YVl(=fN6&4f5a&z)sFX+TcPf_pnRF@*jH3W~xDy3nf>kq0CDZ
zI7QFYQb^J^%5p;abh}X$7U&f?>qs{B4h4FuBN+WqtRfzCsGCJ$5T(ejyk61uMLD3e
z*b#(Co1mXFSc=#N%>n4MvY%2Z$%QTk|NYk93CrYUMd(Mp+;ttmj$+e*KE;wjksK?-
zgpl%P4tg^e>sC=zVcjaOEwKFpqvcw}Hr4TaGAOL^(DsShh?v<#F`}ZV<GI+Jbd=?P
zy+~g})i6ZbXp7NGjK(cZux3xOnM4^V(ng!DTF}Pwbx5jVT+L~ZUNp?PF*gl+UWBqX
zX3O-VsZ;aX3SL%_-!Zjrk!RSudMPp?F{eM$QX6{{OW3zI<sv6#euUBV`jRrliDM5^
z9dUUPb&^bsxJ}-^cZx(=b0)(~J_53es@paWw6eFbCx%o}2Sp&pY#bSD@!T>7&(%ag
zv$4%}LX%yp|4oBvFx(CXI<Oxh_e+gXF?X7<rH&^&X<60r*H!_#r4_MV!oH4`jj|xa
z^C4qv9Wg9MRM}U=qL5)Yu9i5|Ccv~7<lRmWE4^;d3GjKS4Qd=U9E&CO=4mDQ<Oc7C
zIchP_b7N$@$S6(bNQ(ICxdA%ao-!-xiV$?^;SI^jtZ$K~qNkYPM6M9BA!O7XOOTxB
z0j4#s(4sU?T?fP6Irt>WaoyZn!%0gc1`h)ztay<mAongrygE>(0-8Pq<@U8zEaiwV
z(d~($w(NO;{I}>~v|i-k9H{Slt9_;QIXfvs>g%dJXii6+G*zO417C#ec(b9{<8tq6
z&8V94v~bXi0z6XC+=dRm9-@MLWpLn+gM-m{dU$4&0l>k(4Lu4-2D7;?>|(v?3Uepv
zGUswdYl$#3@z4>XxJ5&cnLAUpxqa0~u6csI9Y4=aC5`7WbL=p5N_wK#V%f`F3w_$z
zV+8bJAuQ0xowk+Pd#Qj6^zd3jkmY7YbuU$g`UY6d&+Ttbfs|VTVBW=wL+(u6?mBUf
z^rWxzzTz4JZ&$<W>#bT2M}eR&Qo$g|46AjdG+c&Z7;6i;ZNVUCFN(a#>wp?N9GX`O
zgWmRGus*fEt<JF_!M3*WFstujLSRX-M(k2=$t==DaE8PSavV-rhcv_B*>)1wp@`dR
z*t9VWdp$fVLN~;bF%s6i&-l?Ar`~b<@%J5By!pUwHy*jIZ*yHPC%2wEajZBkf-=Nd
zm+KG$4^O+bjh1y)Ze71}>q?fl*3y-wj0><>ZJm%`F{WQFI}TK?)2Rw2Wg%B=n&rqY
zYnNL&C96XI#Tb4dtHPWTX$ERp#aav%)Ez&7pr|FZ_l7-=b<G$~Zh^`SG{098>6$bn
zdw%`|xAs!Hj4xatcc3Nh@ICIbT<YBDc{fEgSzus|3|*n2xbEPke75k<x*rztHu+J~
z2z4%8cPxa&{CvHz5EY_IInGpsH?W4!idKu9p6ex12Z<RrH$IT5%n*f=v)gWwq7tJA
zs%57$Ak3@xJw}Bi6s+Zubd`})Q~t{`RNqjPS>VNf2EE+Fc*5@ipqhp83^kw^Ype#t
ztjO(~`I=%mBgXL%PWF8=5!Ap=ktQAdihz=W)fg%T^2^);f4sxE>*Guy@EB-s-mTCd
z-Va5iBULROc#p4a$^b-wK?U|7+!|zXf<=_{ylw*G(pe>>i-my*W<6jm;&)RIqF9`C
zaxq+VoE}7~$tx>PW4DVjHC6z~I@|)QGh>>pZ=4HITDzg+=ZM?=2#XEu6dJG84XhOx
z*Os@$<i3kztQ+Fd<zv^7I83C>m8rb8Jd05lBlRh|n4iTFP83KgW#>^A3#ZYiRg~j3
zq|dU7h#{g?vnr;6vF#K~LPc0QSaio3p&w8t3oMAwazop4ick)V(T}Mha#FA!l^0b+
z3c-Qt#&G>o0j#I=`Y1Bt&MfOTxRPIm6;O(7AnbM5Uk4%L7(DdixF>%2pnMH&ve9;Z
zMzXdx^Dn^SjXW6tKZPQ73A`dbEoiU^yV!9iI0Qt93d9=g6=<OUq8+sIPMS&?A0=24
z$??Do3%V3C?f*MVQR?<J!jpx;DNKo&>r|B0bkEQ0a`W@ot1CiCKe3`YAw<M5xgm&Q
zetrxIMy){I4nQ1m7G@cu8^6=x?o(oY?u|yfp&C$K(2Y|9ff8=3QMg{ieZ}ySFz97I
z)J+UM0Sk)OVf5WLqFu+)SD@4o8pF#wZYO|@#Fj2bo~()NJ~OmU7EUkUA*u8V*EV<Y
zm+2tB_FR;+5pn{1lYiBAJhmg4$etl=hbT*2^k5#w@<MN;c9Kv5ViZ!Bzg`I8QEr#Q
z1s7=35#y{9qeyX(ofjPs(}STQ{#Uw7D9Ynt1d$8>1tJ~9eo)w^S9D`e1mY+PJlwl5
zy6;9_p<)HqfLIgGgLD*>{KCS`V@xOiqAg_WK^(tu(Z?IProjR`J5DXfiIn;u`J(t@
zSx+sZL~wX822PMIr!ms|p;F~hodRP|+>kiR;P6mM`B98NEd2olrEs&7N8*|-++hlP
zo@>{#wN&)N#1TqjhbzHJqf80xN0e)5GolHJw<ot=4=F-K#G?>91V98Oiq5O5!uk3l
z0;6=$ExN=r!BT;6L@Jh$WbBiBrKV@X2@lJ6;&Wx<-s8D$7>3wN7N~s?HYqa=$s4Rj
zKc!EQkERnFH5cO!gwYuss4~JCQN<3;^O7!}!M!L!KY(|H7TcNI8(F}@!aDyQ5XV4q
zux%V}l)4?%(!_xZJ(dNjhndPWP1UD>HZ$vF__*VyEiPf@6cm%%Frug~>B9ej*e9=6
zC?l^+kUfIfd3l^-yTCs5g)&kDI)MW1gx-IPAyv9D;i_d<;6VY$spXV==yvlS*JjcU
zJwz!EJ7OVxDpM3Zvjy-sSAikSlklI!VVz(Ou^&VH*vv{OQSInd%{ws><d!xUQzS^%
zOpl&0h`^K$PmP|JyS)M`aJX2XVsWa@%D(6!P2p;?q(iVonB4&4%l5GSb_t7N7Rh+=
z3U!yK5!yUF7`w_f9~H%5p;3!g;WSoe>x>Qofw)-<Tx1U*FYx+{AQ*!TyF|r?3=}JO
zc)aOk<#2muOClu|-Co#(#qnMCITJUo(&3f@WuwzAwe{jqLk_dtMGJ?39pxsQX)~=j
zS4&PK<3L`Ik7Mk&EDgN1^1#MKLGyS{!^&^5A0b#_0wN7M1m4oFKpOKSC=buD<~kZ(
ziq(~iX+=RO95nEF(x@yw_E#8<PKC<AR~)X#^{`{YrbHrC(SuzYdssb*U`IOZ83xe5
z364EI3>i4s+dR<?N6rr-qAlRG?qKE0byyvU>SPWMYC2G`2aBP{i5NIKNkE*QjG!=8
zCl}Oog1c*WT7ZJKiI>yERyRduAi*yIvohE2m9MbVYb(4p>VbejbwsU7(q7R+h0P`@
z{lz_s0r>Vg|NRxByikh}@H*-uSY<31u{srWj5k(O50ec-h+rw9Oj0!ZVWNz(Eb!@l
zR;<xvgODsv30LXIg`f6N-oa%K7=(-*A>^T!0eGF#H(yLx<PYNaDr(XaiG(W1QBo%m
z&^URBYJYqcL0zxQrelH)ZPhC<ON5m3W$FZM5xw92>sl?N5e$kG%*T|@Mt+LU#tTU7
z=Ih)bi@l}$@rxnqn#x&R&Wp{(jnhkoXyyXkym30r2$$M%vFHG<CfAb%fP$+DbcS?X
z*Aq5NFsp*k(Q+J%i&uL2S^RAzyvT9+U8>b>!bAupA{~PL<q~ZZvdc{pLew~1Fi95*
zMCFXQXLXfmz__udl~WZZf|=>|csWw5!W$S!IS4NLIE@3&N#Q~=!<*YdSQ3jRfjSjc
z=EA~l@<W!yprz`t>ad=%wkI4=u&PC!eu$p9z@UA+g)wW#$a1vA1&pxfAS7-`_!_}w
z+ZpZEa|95pIb~ibf(d%Pfc@$w9bC}Sp{a|;>1Y<Ywkt-DsTS?kg(1hgpIDi7%CM8W
z1j-bzXbky^5Mb&nVS(y(hxXx-`YG{s2@xWJ%7i6C+D3qKbrd`Gqo`?{O13JcFyZB2
zS<4E-$GE^r6C*qm%~gZ}GqJsh>w-`f+zeJySJ7x`Lk>ET#yA8=?62d5uUc&Kx?orM
zw_XtxSi?IW8Y(E1a<Ib)Zg5r0qC^$4^Lmxm7m2lt1tf;S=*$UZ-M79YRb~}Bk)t{J
zX3kt6MKB@;H;D;vR+Ca}>t=>L;xH#(fHAudMOzV$!YB;hNRhE7@Ueasm&yWrD<~NR
zn`saKDwba|WaZVRrbnVNn473+Ya3DSKd?2o*b0FGmk1at*O+j1iAThG0^Y(;a*W5;
z7~M;x>qx+^QGF!%Oo)Yf0wLDHoYeL)vV7S?*bp!;f@#@UJtMLd$4kSAco&e%;upY%
zo4i3Hc3fK!H_}$mBh-yUz<xqJgpnA$(w5{6w$;4TDs-TTqI^s-5p)o}H6gZxfZ;<H
zAJ(>Lf^)v6@|Ywx=?SJ+5%GvYxoo!_slN7vS#5Bk3#^hOAUuti5_=P4nIKHq1Pd@@
zYCEn}mraGn5ZXQt9S(o!<8(q43?X&v1<EGJEAj}Q(|eGJ(z#~rFiJ%6l4W=xgqRv*
z;!$N=j3=rDnfAiMAqI3@kEc4l<NNbgHpN&r^D?4V6KI<_eFUk2=OKM^2eG!{($_2t
zT~`E|fn1n6$TGkLk%C=9*qWwM#P8M4j00P91mK#p9t)R<C_5Cc*dBqsM#Ui;^sZ{D
z#<gjV0<C$WL?6ZuFYigP6MGaI+7t-tmnjEwv%xdqSGTqb-7SYTBsLdP4UC`(sw!c`
z2Flp25PH_`_HhI1YWyZr=*XS8K$V=`1H#rxG%uvbc`gCwt34PoHzf%#mew)Am&l;Z
z4Q2otE8*lZtt6%iTR2drJQ>5y#i}R*;Xe60(KrzKO5hPZYjTMWK3uG?(T4NygzTL<
zqg{C}CRG9F3u349J_Mt7M1m-cz(AqCrj2{NCFKT)ZH4<e6mq!?awEXS5M$6luby1(
zr&wWJgyxjRMRE$cfg55L@SFvsodR>2x&?8Na04x%w|E&sl$Eq;0BwlRIJsKqG9t}d
zXg+Mny=L632Us6j0W%ypp9BEIJ=5<7=zjHZ&>NLg(znZmtHCZz-r+u#ko*CTlOj@=
z$(3elRijG$s7c*&^R{9cm+P?e3bKY^By!VE+99r9*24x0i<6Nh%YirHl|%=zT~sEv
z0gg>kH*#_P;rRs#)LQ21z$0aI{gIQ*%}NLc+@Zw!G6&y@UoMdFx{$oGZDEMEhX}Ji
zVWIm-%Tjr9Li9MNu?@_%{>Ppe4f3xeCG2!_R7)5!XPq8TT>u$1PD6oiAA*(f;ap?2
zLiK6XfQWo=eM<zNL{`BLwu3P_NE3x!?L<;21`4ee2}chS2s)^fci<K^h^ox;QKY^t
z$67qL&mzT$4b|zR#|YVPkF(#!ZH)+zB4RU{Rdp!%ZTYlX_p2y&KrC3{yCD`O+;$?p
z8(0!MCbb-|DrOkwSBo6hB1sWkA{F<9y<$Nt-h1rOrYA3l`=z_c;p&&boVkhsHC4Z*
z%~FY#fr0uy%28$uiE537J-#eR4zTBCTCdmPb+eGrjv>-i$QoSB`%VLcGrCaoNSE5;
zuiDAQQ7XfAl)wN5YWJ{ztP@Xe38t?;oSHj_TNI~2yb)p|XZiB3l-xNI^s2%X+quKw
zVxgQmK?nyxOm$GYZEqN^F7SYNgC72eNnRkoOFH7PDF?h9@@ssW6W+`a-6IzC1+fG5
z1Z$_c9EUo({nws#B;+9~1k$IK5I1mLH^E%3fMRunoDI+(S7n(BAp+Vp!wKU^xJ6)X
z+m<U{j=iYBWkVtjgPnC-WtqOVteZhF7<_}<153pEJ7jfV4)J^t3P@uCi6;>g;sbJw
zS%~7Pjy9wV^DIY6sOZa6HGh+=!!ZQi&F%BVNe|s-%wuq2#tUq<_5q*m#@S0;H*nZC
z4E6}JAQJQHZosTV0>M4pC3MIN4w;~lo8_-N)E~m1U)K`$<>sx*v$-xi2u-Gty($v4
z6(0~G84(u#qBtAGnIbhFGDv@#KJ9u=bqZC;EAy5HL=}ph0#zoevYtew6pBSMx6%7i
z{m|uYX-_|!Q$n?Dt>f0SmAi`O4GH8*<Omj<_$98wD(tuDYwDLB4e$(-0RgZ>h!!y=
ztj%fT@Z&`KDLLN|?xQ?zlx9Fx5}%s~6=3$39^`t$%?eAw9${$k{8x@9EaZha?*w8=
zDM4+B$k`>N4OTB4R)o;n$}={jb<IPFbtSt3a;7;yZ>KpdS*Xg?*HR`DD0LMbBWi<_
zb$F|+h_U{G%cz5Cs|Kaj;RCV=o?e4yw^J)u!f0vD0w#-8n0nL^ILOw|@pjHxSVmiy
zpiBk+`~)@O&CCQcOlNHa_AKO!EO+{ou7jLM%*M@n1eZdgkEb&-%B}7N^gZ^3I}Q%M
zqE6&dEwLYS0(oH%x2OVh1Fi?ulvVyVI@e|!PNMBLFlMSL7%ij9QP!a_!AIqG4uh9w
zQmo}hZ*_~;iDa}nuT>pZe;tuO1b5k(n!H|$tjD}FBQZ`f;~`#LflMo8N@eagCd5uA
z<ILXI^9RKa>_M5xtDu<aMR?u@gmp(Wij^AN#W;3}1)P2=HZ*~2UeJ`=OiW0Of9OaJ
zYu!Ke$OlJVc5ePbzz3d+s7C1Cu?$Sr105O=!hzr|6K>Tzgd!M!tD^GYIz`z>FgJ)l
zZ6QA$YR7#zBnFcoW{Bt$m$hv|?RFdnwd=XKdM?puG-<00!|@bo5(!(6Xvq$E8Y#Wc
z<*vJoYhfhxaW={n{fAL;tjgP#HAM=5)AdjsKpq!}u_4^m$s1K#ux?b>JSvo*%L9nY
zFL(oW{-&}q9G;gcrE@|0ICth7+4_=tYzUZ$c@xniLS8}i8I=79GHdx2x@UQ6q#<^`
zRm1=qadEYW2^G7hf=EkH0`&r|EMHzO@7(fn)jH4($%7LF2U^ZlSsv3-uSdMETs=7p
zU6^o1jwn}+dZ^i`Zf}xqWJ^mjdMqs6Tu2Gt_)J2srlC?}nhYvw*h5P_r8q!pM@v1Q
z(Ed3#<5s$>Bxb6NbRbW<S!ZzH5F*C)I3C`{3Ovozz3jN$;g#pFJOM%sDCEjv!mTLw
zCHW?1EbGKp!sA{2C@(y+LY)=rEGJN2`k?4DOT56nED@ejN+EX7xwRbx@jis*KpBJ8
zXbkDlnmkY|E&^*0`Um*UT4$(S-Iw)9?ckBBnp&c)sb(E6%=3}kWDWx*U1!XM(?Cp`
z$lGN+s-4#*O+#}|*7E!TCF`bQh?xt<(hzmXFfn)GYPGp~+MGG8d@4W~YR+-goOHQ~
z_UlOqOB@9ef+{!lloxu<p`b3|h0LE~vv}_>=50`{G{L*Myka@HSyiB;aa*E?KkOi^
z*po5vQ=dG`i60FNNzWx5Lk|HgXr;C|N*CD=0OQtGnW!(8urhvW$LBIKo~I(-Jr6?V
zXwWccG$Y%{fl;AQCXb{nI=L^@3D}ZEV)_-Sr|vA6i|f;L8&b}@+7l{Qe+(U%>EH$N
zG_SE^ISkE(HW74jVenEe#?Xjf<@r?@VZ;PAh?HYtn+blwwI*-a!B2%Q*Q=UeS>#n7
z-DIdK_i-ZB5HlLM?4a3pqFxd)bbIcabS4tPm^sJrji73H1MYOfqY59lW<2ar>Q2DO
zCB7Tl$#F|xA<>ERBCL1Hdv2Xhmnaor=W1R;a1QDtw>(!aIHxjpH;h-8cp8Lj?-I8Z
zje^$cDAKYoOlwnYRq<Q2d~fb~JpzF^$R`P^BSCI#X1U@cV6Ben#?N_tE*lm&J<r3t
z2b~L{B*))Yqi$%PeU-P3P%#m97JbQxL+rT|w!MaztBoIpVFYVmXDJs;`f8zsT7IFe
zgs73t47I7@fK1L5Q1677W~+Le`<WJ{YK-N<DhVSir<n&LiILpvB7DTA1<<jXvQtI^
z*cV1tO9AUWLNO_o@f`wI@}KGenUQ$NV115L7LHt42VscA^)DSr<~{%s4#PaAq?t@~
zp+gE@F4g&YP3H)!nf7i`1jDg>8E#2IvQvv@O_!MK_Yk0Ucq~n<MQf7BsU&go2B0|L
zSjs2hsa$lWxPLny2Fg%twS3vTF)*DdAQ1YLaq;Q~qzTVBcKnDN+)@&fTQ)HP5lH}D
zUYBukjp(3GG>B-g^7U2E_(_E8$rz~|RRx$++;-JuCZ0d;hlGG-1kytGi|}m#BaPI6
zJApiBTOdBi0}x@Sa=>wN>^ShaLlMT#1D*qA%7s&yZgjgPc<45HNiQXs4)#}YTiC*=
zv6(>JuMqxp2R_h;VPKD7HJCUFmr`Cc+H-E?gY@pIybg>K7e_x{NDO>T#3JghK2X0=
zMe?dR&xM7P>krFW=kzHav;xB>80w1&8O0e^uy}mMd4%T|@^l*$Qo~Ob19BWudq0mm
z;*kKvRgg3a#a*X~gsOPCBqQzt%`sJFCqi2i^Bg5M0R{1(eeB|@1#fJ<j~_!JBu`)y
zkB?a3js&Gs2c#-fi<7zC)tKU3nG2|zFmQl8gsA-pld$o_EvR-GPd6oe?TE;L1tqLd
z!IMA3Q_^~MHJv((8E%8c44YU?wS3TJy1=--E?E#=bmCSMdWwj^SlSSDqLZ4(c3)Qm
z{6yJTm9L(MVi-nv4otXsQxi>%GVK*r&6X3YGua<EMCm>1?g4}5Rzvrnl^c&T>l$I;
z)Hl8ap&IWGI00VWU2scvGV1cQXk>7_A>R!nudc+r4IU<aBM3S%FU%JO(fxr&u@~uE
zAxlGzGXXO~^;&>L<8q>Dh5=e=`@<ggI_aAM;h)ip%gb;X@gXCw?QPEB>ba;w&ac<H
zr;rG_Skib|2zDHV%*J)E8{R4E^L1V82x6U3&cy2`8hRjaq))fjX4F^DX=?0sMF^#f
zQrPYI$j7k9igGN(AuQD3zgmc(8dopl+3$cw&9S~n0bomy^a0~Y4am@G>R0qMV1Tk~
zUmi#Ic)iH&;u_F_k1Cg>5d!;-KkG2~8oQWzgcl^pl8dChgF`Mv>ox}4cgVM=_e8wQ
zjn6Z)@^S+aeQ@CHimf;4HQ0GQeaxahdoy#_g;B@n`6=RAVzl2Ao_eTMIb5}C(*(8@
z!)KTH?QuphT#Um+MX>hpz}pu6%}&R};W|q@!sS+v;$lA{?)<o}N0>lz84i@u{g~?}
z)@qbQ9}CU(+N=12RJfwh6*=g@JBXs-6vCeX7}!mCiI0nLAm%tq^H~xReZHz%H(WW$
zy@sw_^6*Xsd`1yZ2|EQyZIVV-hFslu(~+y)E@6!$R13VD!}I1)34;`P1Gzf2Mx>Na
zR*Z@v&0h^=i=~9ssCf^2OFU<-NZPUhV;5yu&>HZlC{{2C<RYwAGRu{e6M5anZFn~|
ztMcj?v9ANPyiwce)tE@w^L8o-21jwX=ygIdKeU%rV^8HuOl%xIP|$<J%OearQOx#-
zA$z5uRWdq8`PQ`m<7PBMOBe@eo-zVqAg?BLKQ@7bXM&SvZ_#mVX}L~AASnoMnii&-
zq4Ux4$9@>Xc~zxgS8&xKDt<@!b~VFtys!4~#%(}d_$;?^k5Gm&3Vd{z$bT(D(n`Gk
z`=}8<%T?RnNgxywuYPq36cxm=5IMX>B=6Ag@~X?VvDb3-CZ37{d#6s)>2?VF6CtRt
zbtFo(R~IzOwQrJ6)x1dq7QW+R{^KH`>WDQg9xvi%*T3-NS~3oFxRLQWSWsZohy#sk
zN&AutcWwk9t>Z?uUJg=LH!``g%?($x&3sciU;255AQrdMz;hL9)>*asBlIp#sHD}M
zjfZ#=Q~cGWDOgJcR}%Rp>ap3}`&ITd%|(jDLGgpkD2IeV91#<05km=@GI`UqgT_N>
zC2VNz$Z$d?q!NTXf?OW)1w8sn)EXU9qt_49L@;#OY%E?ysVMf;m^78}uEDUnH^;qn
zqUEO@?o5Pu@|G57M}+kvKdpiC1OaMbEJfI>Awdi<F|8s(3xZ=F=0Z5c8w!kvH|EFQ
zY16OS#1#bu0w)rQ1vefKGmY(c#Ld&gmx$nYypMw+vM;A*=;nDfwO<4DV)Mxvp&%fZ
z9R{OB8uYRE!1$m()#io<Gy)h_Vc)~s8X1ot1}UtU=)PVZNYKn(PV9WBXFq2@;;djr
zEp^kU+#4x}tE<|s=Zp#mZgjZ)$~}!=>e@ZnZp>~{AAu=mpu$ti#Iyz9D^coY(CS_6
zfsls<A?9L3N<Aa`G&j|VjW9ZBe<R)8f-4e@k6x*w>j#NwK2qG;dFlXs*jGf&K<jxp
z*29N%vOO0_lG{DZcsdO2U<8_!MKMh>uAy^3xyhv0!&xiC43y}T_zYCro2Z9R<dG7`
z({G^kmQWw2Vg}YF)B|tnaL*G9E|yn4`bt!eF=`pBmh^A(tPqW0VS-+jXWY8D3S>TA
z>qf{$rSq`N&C>ytdk?RuxoK9Gy!rV9D-X++<Sxlglp=pfpuH0;^;jPfUu{%lnAiwL
zKfIpEBL<s`>v=(Y7>T(&3MWsi5;`w}x~mtcS`IXa-7vf@mlv^>U(1<v{Q)tZz8xcI
zb&(Es2%{8sbKK?K5N5hxu~(b)$%ohS<NB?az5p@<#=f#H%D5N0fd|;|VCkU1<xWwX
z+h;YZR(yVbc{Ni(xx{He|JDFY#?nwGVVrSzVv1)5J$wyauZOq4hRM41xB^1!RW`!M
zUgZxrjEhpv)4Q0pJCGPTh)0Vz0%HZO*Z!*8uE+CbG~f@nNoWLDh$<YP)Z3rRkhpyE
zv)^G)$q(!5juL~(D+;m#!`)gb%ajU_QrMWGcO|YT`i@SF10~o_%kMOQw|$Qt-SBG?
zdyAK^ikJue;t&B?R~~cQ-cT*mHl#L@<!ut-zsBNInM}-+Yu%JsI=l<{TFi+!UM?bj
z4Z|TXJ>4#*8mPe4>rjI1^pyklQ;|qqx37R)ohl^1qry#KhLZ8P4LWSl74LKlp@zYa
z@ZA!}UIblL5fkE9ckSy(rjq&zrB54?#B^#JFMAyZ^?oOh@e)FUrXmdB>2!F*1lK()
zi9`9WC}d-quT+8u_?G}`LnqoCErsfCm+&4KDa+$mI5)5~>X~0TlR^H$tyJtUd}30F
zM<|R*789VC08^5qEE4LLFIpxm?i408$beFA0JqYY8s<SgOp68jv<YSk<Y_ca;6z^D
zz>6vu0$<*q%Re|Yj>@4U)LS!o9H2fuZ&|Ez1f;6>t#sch>_ou(js%EN8V%L=JzMen
zubz{CD+XmM*>u7Mwz2pS{&K9an+nO`!iFRN=IJ>J;bn4_ZP8k~DZs606n%gNSp#b$
zHdg@9lo$5}RZ+In;eub>*eZ&pvjkJ5(~uac;-5g+$gE2MW4Y?90;(_VS}K+uucV_4
zfg3M@c?9rwAQm;PRUXkn%S4$K!|huiKMw<Fqa-3&GXa*NBC7R~(W$k6UG;s&{~Ct|
zE*YW@<4==9)>ky&R6t-`NhPi@ud~J&Bq@&u@w%=In1>L29k~yO;VF0j5KD7=o~~mV
zH*o{YasnzHh4s#)o0&i-aq<F;Yj}J!#05n-*eZK^Y^&5sY@2|4n8s)WSvL$-v769J
zB=QC#sE_0H>vl}NF2M|9{2uZ5DTo(bvtz0(n4pb_-6vi>6W_Mg?@98u>yWJUx|VuF
zvzj%nj(#r_p9vb6$fbM4p2t54FA&~3Cwi%-E9*DPs~cy%TLiJZ(j0=!gI+Dp`lyAf
zP+Gqud@KR57rR@6MS`@zfhBYC6D4kVmkHQRqnc3bKKOdDgNePA8?nGdct6lf*T8oT
ztK6wd_|gW0NO*9!+XF$zFkx{BD=Haf{U#Y<sGmls0irq)!UnY_-jYerMOdP<M$e%d
zK>rF=kT5vLiE!W$TMAESk02AgjVdonm1GPH7~F+pHL=pvGXvJAhWjGL#RY@6u0udl
zNUbV+d*jy4C%QV_u^^Z&5<a<$`C+#}0>tG|=1$-CwC5LHGEW-&7%3rW;yIgFdVckr
z#G}t|eOYV!by!^P)MLw29^3>B7Kv*&dKriKkJW}vJL@pSgA+|>;blD@5P)eftuIF%
z#)()f;7rN8>kp4ORBC$1S5}%2RaGKTjQ|6Y?+`Iu8S&y$AWxW&TRhdet~(LhiG%I>
z*yJZJ&soDKOwn@RBfWl}c6kN?r$W^D>TOsx{M&KKV~FONSIzAM&b-I9y3S<=N*N|&
zRQ_FZycChtf5bRgDYlm>PkQHgQ8P|s7oa@~le!zM&>;j--N@3lT#aV9uYN*5Kb!I(
zv~a*wlizRW*W(OQ>;q&l9<f2$24qwradLB_L?$5zvbI>zN;Vptd6#T})E&n~8$wGB
z(~`V;&4&1OC2cHubr~823PXd*&Uj3msOY$;s?Y`{gnZS8R!RaQ9tZ6q+{1PpmqRfd
zA2GPmt`uqk6f-_HsJ2<bvPT@&k-_CKkpw~|a7I7#JC=$o$>Fcgeh!D9auMwi#}17J
z@75xw7%=pawTumWpagT<27fsW&6Y5{E$(178uDHa5o8?XkoZ+|vRe9p$ua3iXQ9q_
z{ec1kx{K;G5%v|3C7f51quC&=r0;hHDkL1N)2VLqi7gTASF~j5`nr<fMp##~O0b1R
zn1e8licDqG@YQp)tp}yhLJ5V+p$aRP3S$J>GSs>Zl6W4xO60n!V4ZFq^TI?=8?0dH
zF>4)TP`zZ01|mhThmZyXOZ?i@;ds4XvL;f02O}q*7eT5@lv#16Aqt1GDXI$;l=SAS
z^Ncmxk^)ndu!wk&$S*j`7I{nr4;#cZ#fmFRunO-H6oAmJMpRP=wK4uGUK!op=tOY#
z!8$4kV5JGWDJMckWZq>P;W4Ez8zXfc|CV+LpOVo$b4~*u6Ws1(C*Jp7ujlh@y(nBz
z?+&_S*H@&8R5w1D8G}UWMBGY(o#W-9eK1vwO`d<&GG2`cAcEvBRDLJ|SVKgSocZd|
zOCVT_dYzFGwO*yGbXfFVyH1J6$15Y~kqQDvO4J(*bYI=!l^2{34U!RLGQl85f~Aif
z;H!G2=G_SY;#8j4lD%h1>N4`7E45GZZD=(urBxT~Fv?9NP|n73x*>v&um?@*5po78
z0&lg`S(#hz#8hsuZU<2sZ=0;0&d(69=j<l34b*8Mc9=}e+eFX9yLcim8dZ=mtV<HC
zx$HDD3CY?zPLnA?fRr?^`U@eAh(pDtEy6(oe>>H3S)gob#0r#!7$2cTi5~@9!vE#C
zN<>&SltmscOv_g6cpSH$jnCu*n9FP^iIYq=<rP;iM@fX>C>0%REq|ZqVJ+<rIYmr}
zwM(#rr4_;^n_hIta(Y4A<4UkF-gJ||O@oEBo2kYR>LAzA!(idX2l8Pa$~dZ4CJ$!j
z3k&rn;C=UM35HRQopTNGOeH786?<UTGDg|2D0K6L7aDUB&Zq3xsDiKV*y&=^@IjuV
zjnRzuRtyq`v<-@urV2XS)5}7QEg7F=!FwC0m4hc?uicbz@Bp2}rUg(=+mJS%qj@dk
zn<;Yd3+*N#^pQMC!D|#9-i#2df@-t21KShtJEFabB|wBnK5qqxX++(c$wI-%y(-7?
z3IJo`_`1mJ7#zp1hs~vE9_!;{eR0Wtl_1@!>FQRCB@OG3bly^Wq9Ni{LyhQmfcrdm
zaLy=#D21*d5=wOuHJ~P91*!1&u+;Y}m5ZMf$R<OGgU=o)3Y^hbLbl;m4Ml1=W_)_X
z6lryWEwWgk=m4uMc14OzweePSKvM+)M!GSejgM&A92+S7dey2THMP8=lo6;RO6<{R
zRHY+9gax=3`8*L2@K~1@$Ln6#lqn%~eAA_wm2Q@2O>m%xOJ)rM80Ko{CXjx-z}EG8
z5aT%xy1Y7XNI#k7D}z?&qvc&xEms2=$zw3;6$PwY(4+AbCBPUKNiXExb4Ug+g>EZB
ziSU7@RJm3S?bdJ3iKmwbG&7bk#_|+fBM&O9JiWEKv<B#patIgt>=hv*dfc*|4v+5m
zMa0gDZ_-{(eAk||(D18xw}DsjFsKz49Itj4jS|*5Xn)vF&4M>IG=U({{b0C6oH5=U
z_G92HAeKc1SGDn&$3w~kpv7I9Q?fx8v(@G0Jmb2;pkP(x3`!g~s25h6Ypi9=3uX9<
z65K=@Vt#Q42@ui+9uwkh3Ti2HM=aNLPaPpoBK`#L97UKq;+!^edIQVt`28;oGPDA_
zD6G_YxS05V-3%tOzexZ1UYA(@*uG(5ifu9I5avQb!`aRLfxND&-ICjhaw1L;;2wX@
zFh^}RxaPXxYhoJ2brpIM;sZCMdkH$P*`8^1!UQ^7$$N6#olf0vO@n#mFQ&`Q&mU6d
zg)*z0y8CS6`p<{_)hxFooP5FKzBu%SsEtJ_rKCE2l()1{f9$?4^0Ajda;plVD5KJL
zX;6!y9<c&rw7ue?N&ITGm|$F;rHmyk&up6ts-{$6=TJX#K{IGz63iV7G*7)G5Fwb(
z>T5<=?*<zMsxGgtt`9xv!lN_9Z0>}Fe#M(H;;I@^uENLL>|o;k5O!2Va%?7Yo-&Fw
zm;Rcb<zyW+vLr9t%jU$$Em6wI>na&k8iwOGw`SA8r0YD`hy@yApQ_urPaHB3??vPE
zS4mnk7?%MkEYSmxZxMFCNK|YZT-GY|P#fN>Dhxr@OE6!=2N?uB(rb$q^ywNBhK%r`
z9#5*(4Y4(~#=|(oPsNMEgTmx>L0G2B5L;+K^|<A6Ye84RG=tHCTQ}-2A}6|{JJG;%
zZ>r5&RH91YhczWyYLR5TDwE?jZm!Q-A%)u<Z3v~eTQQkN);XrXVeWJsoDAIYLMWG;
zPnaz1HqZcj8D0bRXlt6>cn$A{F5*ERD@1RKe+I9)SST2CH<TMx8V(uRSge`r{`=Lg
z320ioDa)QI)H%F<{ddFm15`u4A|5BYYLN5JnagG?+ai&>^<m-3$UMVv&T~VDFs-Q<
z7PMrLd1)Y~M1XpGLJWbk)4Y<lp0DL;`EZz<cX)UK{vyq@ULb*GYWahX;;oYpt=^SB
zYz?O>*ax*m#s<sr`wKb#ne?o@Yitbd<Pu5<x6fm9y#OyV-eKxTBTWq%QaX%znH;+;
zA{^t|DiTX|?bm~K4;_s`oHit}vHQPW(`yfNE)*VV1Y+#?b?@ER{7m>f_e~_Uh`r-U
zyST)RW6s1V?1*q7WP`L+5w98C8N`c$fNiL_Ya2s34*>;A33<plh~dKuqBgiFO<_O=
z3hF{`#}Ui^JcTGCw!Gfv*Yr~M3!c7``<SQAFlR<@goFU<3~Gc7brthygVma-``AFO
zy_h{0lM>|#$cslA?qBl!t>rbXL;I9)-`|X&d4g*YE}d{2h{&L?5nYNmWZBbH?Yb_p
z=X0VjFAkk6-u%pAS9xisOC)gdrWjq+iZV@*Xt_`1{%$&Wydu#z%!$+(hoZwfnvjIN
zHH@dvk=E^-rB!A*$*I%|j;nQByjg&?5^IQ4CT`PsW=dcsj4G{`To;hWho8$_UftNh
z>*tQmB0h9_Yvq9vZY2FkeGI`LZ{W1OsBJ-r2`w*5Ik*xt6uGu-W;w|wB;NNZT}bdB
zjN6?8*VBOD{1%V%WSs<Ctr3Bk?g%~8_>4)4NF2j;VxRFpWz0_vi8@)gV55PB1sk|t
zN1`-$qmA3Id8koA0TpT;`Fsg?G_Ow*bBRc0Na!WjfYL^C&wW%a$8?R}mY-3k3+p@w
zf*}y9Sq$XRp$52<2JoY#my26jy^nsfM@d!xANJnGM{*-M_w7Gr?y+F3kF_PfAAJXd
zBWWdD@a{^Gv|ivCMuWx2OkH(%^;UIDGY0m5zrTpgB$F(%s(Pk-RyNk~YNR2HOy(mp
zGUAKx8<75fK*Nd;YM~P)_+dkkGHjy86e*gPCw>5zPMaQyFeQhPL{rVjN(cCj1hlXX
zCL%NFj%ezRn!>a`CgUE|#|_OxsCvM_259+)kUrb;Ox@9!W|d7Dha5tv1IvX?F->Ap
zBtqM(E~pKXIum%mxe@!O0~IO;SRlhPXNdaArhUZtEj3~^wL3UGfUuKaLz5Uze}8J*
za4lu&|JClc7k}K|{$Kw5Q<jW6E4SCfV7S4$0#ca(F%MI|t_el*@N;?@yVKS`wJ1ej
zZ(k!k#VkYcD9VXmG0R%gC7i8Cw@5JSN^c&$Kq6q~uVY3~Y?GG!QFw-i3rtF0#7ahe
z?nAP^4H4>asB=jYvcNI&015Kj;Z<RH-R}2S_iw7(D~g@p04T|8xB{qkBa~DS7x1pz
zCCJG34Y#yr&s-A)O?!|PUC=c-RxMzsI~mOBos&;rl%B<7Un*=R@Sfm<ppaA_p~s5Q
z2T8;}6SO$hT@470e)nc@|K$ScK59Hc^yM+98*%6AR3IBm#?y%-X%ya-WdVsb-E8`n
z1jpgoVcC4bRT*XocSF`d9H}*P`F*N$d-bOr86#K$C?Nr3owYu40mFDMqG~GtVscWZ
zJg5#3x`1d89DkRQ{PWhI?durJ@<_F|jj^gutqp#x2KCMy-ElGzY_a_kx38Et{al=A
zSUJ4s`1yI1f<38`BSvqU#H-u2GG8s{^qbsnsv|!CrY@q^H4Rz>CD7v%T{vTQi^(n{
z`Ie}=zIT7h{03uJz=s1*5G4n~h-2@0i5h~pR>a8IE2$Dkhv0kOUFp9Xj&iAYUKfDh
z;-cyDqz3AarJ3F|^zp$Hqrg0ke@gw_6*nMa!BcAjf27XXdZ_0Guq5@^;-rpmJo4l)
zGC$~_Si+!5(iYHkjvALx_4+sTPcjFs6Dboq?SK|dM8J_;LSPsY4s7lWEt+w?Y|XRA
zM#LwYtuUn7tCj8i)vDg!+-z@Gt1obze~@}ZaTE$=lQ3HaK*tDSTEQa{{E>sByV!r&
zF;8LOus5zk%|>69q=T9i?L3(wQVnuv=><lQbTcF~ZG^0De^n@fy-tp_<Q&^@uH%dX
zD<y`zzdU-(k~1{4%!Jd>TgOq)OAe{96gTVy{Q{=TPCvykij*aNMSKFtH9h9@Na)Tw
zp7an7$jlo)ipfJIo(Q9t=<JG`(C7|n(Nm4Fo5g*HrT{(K5|yWz=zS)dhUVSo2J4p7
z6PK6vBQ7uXhRe(8syyO~=~S5ng^h=MpmrdEC(3?NcM$};5D)s};U>qD`8av>1Go&Q
z1BGrSHioF}@yDC4KsAZ_i%qwwu_I8nqJoC*C}Sm(xvsy4n??<e=D#{&)~Xs)FU^2t
zHn>|6j3q1qjj~Q`@0Mqs1kim!>JbR;ByZutcOP|n5=?vO#3Y!G-}L7v$B*KYCZrH5
zf{L@kp&XCjQg4qV<g#NC@CjfQ1@cG9PvZL?%=JktmAS>V6e5nz>y2_v!4ZOTB{|Xv
ze(9oNq7Dnf-S(t|78<!nrw~E?52sjUc2Y`l8`;pj>!Ue1`5bG0Hn-i?ZKc&Lh%AyJ
z;#*2=bBudxKGxo0Ht|1B)u4uM%IGpS+05LcFvw2mMhIOAgfqlDV5K2C(4yVEHZ!}w
zVcA8PJT{i@?SIB|!AGZHH$hAVsFG)l;pmS3!Im(HI}ZI_TJG(NWV|ZevhS;3zLtN}
zJ<)jd=J*s-4oA^Zi^Eri;)}V9(%m2QnlQcF{sNV#|9uFe;#dS^jL8MSjl-~v?{TLm
z7r-!n{p@%8e*GUFuI0;OvvYM_4KNPe72;>qgqv`+B_214oN*uZp2Mcvx6RjghkZJU
zYVa!KjmJnE;3NkD9tB0!<e|TFBnQKE<;P|J*U_yIK#+6l*bBlG0uh*+=!e^Oc3(10
zyS)6uHq8YQ_yBMBn%*_`PnS0Q5gN<%TvibGKo&8iRxoQyc20k%T6$0)LopA5{2k0t
zN2L~f9`YgjklZge9(O;Ru!KF38a4lN*!_gZtA}f*@$byP$XH_m^e^d6*qbO0BN#~J
zr3vgg&XhXwCTA+-PkE1!BZ;r#{*(PLq^5?0Go}Jqa)MVnx&uwe?JuK_aF0ynN(e`i
zJP&*WQX&<*>V99*Dxo7tz_meM1q@Ag{h9mv75#k95H-_40Rg|T!Gsasf&Dl&`m>YH
z_Kfw4Tt}U`4Z3d5?P!K-<ZzjLw}6NVPBRLS>{67}W1Gdu^>@tnw0r7g@J{Znp!gv2
zKyV0;5JV&k%|=K=tM_@Pff>t2M>%@I3A$wP6ys-@L-<E0BN{0O5D13di)gCQ(_xWp
z^hbrf{c!duM>fj=r*_q^N_;OZ2DFe+W2dMLQR*C6)3`m(jPWjrY^&SXL_{^AKB}y6
zw&$bD0(2F)2W)aIHeChIv@dK&p3`s&4zi~`#oC&AdyM5&78MnNOBe(~!QGged9KRR
zc{W1=&?XOshJ<p>HkIS^(-;!Ce4lj5ca;4#l-N)K(<bP0>Gtz6g{6Ueu_3XOG%?|x
z&}^d5HY@-dfWVQc;gkcV)H#RUv+R5H#KVH5X_}Pe4KV(c>)<lG6z@Nf6P?)_XD7w-
zj(c(|2mv@!+LaONlTZs8n!W*Wzb;1gpv+L;>#DoE0z{<#G`o914qoys&?seXlo47y
zyv;mR9cn65_QMD9vZ*g6E-qe;iMGq#VZ6J)VomEy)mJapS&qU*j_52Y7~vls-SNoB
z6O<(ET@Z>(VAhNA%XOiAn9Fa7eWlg<2?D|vh#u@M=%8f)Ploe_-Z8WpM{U|AJVv@C
zgrJ~mB&;SWD+!oUM+);LP#(!2t;Mq%-NAp|Y<BJF+0J9j%(W=OWxjj3Csw-KHV+Ua
z5V_lJ1!e&;N>-EKib_sJr6jxOZ$0*Sk|qz=*K8Tr_Zvv#3_&B$?x21lFoyU9<|!6=
zpPBnc51#gkt!nZ@O!mk_9*X+67?RW^ZXzbP+dTbXo&9<_m}vl+N+>c|Xf4-C5ajBj
z$`uzS_evUFA}5)pI@8F%mYt7+@g^K*vkH`=gnV=)oJ>#>a?<QuXk-1FxR|7A&2h~<
z-;kLuzo7w_LuLdF4H<?|e7)%#j-*9gdTIIb6+UDTlh+|Q60}q99O>poh(JlTEdc8<
z6fYc}_p`EGJ@;TTmlv5W9@c)E&5MkNg3~8)T~aRv2~akJaYqdj@!&o@iFiaR;kpU=
z<94HUtm`~R!j)r1h8v=wy5-wtC^F-2dM9vI7t|66Wz70FJgvjSpEtR%26i@4*~3|;
zCY7K;GiH;zk6&ybV6+>?9skl6_J`heNp9X(P%p70p~8d9w$2l3I@Tyb$#ORr?a}DK
zMfFgQ)Kl4_piya6+`l$T^|k#^6#m}46|?3y0<Jkh?I4PqgJu>AoW2n}*k(NY$t*K1
z(Orc^EqK;uBX%o6f{*M07(YT%42QL}{Vgvsr(;KpGI<i(x7+(GS8~N;D)6vu)qo%H
zq39TzGP$XLkj(;$nLYsb(MI@i$Q=K0zx!TVI7p}#+H}5)x1~W@0a0i$UC<-PCRC8v
zWbWK^>DkrFVqrdSl$$p;=@?dJLdp^raZqy9x9g;S&n6;LV8IB+x~81;C`w}A0Vz}o
z)||ok;Afk5Q;G_1E^3P|!a}s-mKbPAXhrDG?2SK+LSW!OL`NDGYBa*|8HOdk1R+Vc
zKY@K>Ojyn(dlXUoHXyCY@m#O?watufFAe&g1V6s%g+Wc@<6uBPxUC~SV%o*bj4dzR
ztFlV$atC;tw{STD{A#H{r%nB8u$xE0pH~n3iZ76|O#lV#2Y`JO(W7%04}NwelkLce
zM-ZlQv%rp2?6~Y|!mKz-?AT_N56$N1EA%~B)o%!)Bey|C)EZJuWUm3{xT^;ZTii=R
z&V58qvAG1c!&=t)0^H1PY1j{s$u{@24f~-nII$ia<?XueA;(6CZ4CkixM}d4!qT!<
z+u@d1ADRc6yjrP^u)WL#lHu-w6lvN}hei+*j$B~A<`8E>dIONctc*#kC!yN8(X&Vj
zKp$C{mS8q;PQ@9s3op0O9ZPyL`vJZk8pnoUzDC5Qppqd%B)}1<NRPVSUL0EZE^zd#
zweay!a>-t_G_-DypA4;yY56a+HS?2B(*Ac3IX1LV4dt8?a^$pe+eWZ)o}o@pAVVy^
z?wgHRbm%3~!fs+Jrr1t77Y&#DNj_3*3r+Y!@vgFXAsj|Tlq!AdZwYg_@P=M@VEw|R
zAniQuHe~;Wquy*e0sz?m8Oqx~K3qT6uOI`52!*h_qe}rbR6i+<Mmh%@*}~0xM;aY$
zM!QG&FAypKO##XZJ1!f)*{#g{cKsUtOAC?Srq=B<w=+SkNCE_x^9<FD9Wxg<*Iu&@
z3;%U_sTSG|uyr8J^iItru@yt+OSW1Cw^~g~*cR5Uar6h{jQVygh2b)AY&D*7KBEko
z4~p5XOJp(Nog*7n3#4}-On4cmC~fBH;JTa#KA9u%AVQkpgGaT{Ad?(Aq_OZfIjv71
z=&iePAQ1H#a*TtZ_|uSJ*l&I^0uLZ|$g_YCY$@&~jBxnn!u0X9ZSPn68MEMI@TP&k
zma2EDgbQlwWyisr_nRa0bSEd90-yjid<j~js&Fs_R7P3o{$ba`0`*K?xa721@G%yb
zBHpx)8qif7FvsBI51`nPLVq_GpL9Ga8YML^h&X|W2(M}1iQYRodyrV$yuRJ;gpKGi
zEx@i2tEM6&YAD(2au^23b|vCm6^Bn^SL&MMTUkLF4yjh2vTsjK#jnJ!xNm+sy8?21
z4fu#!e|&Di^G(0}$?Qts_Q%YElZzQ=rK?~xQ7tA)61;iHVs`KBUwPKv^PYAk&Y*y8
zK_}vWprJBpii-od1l0TRLb=Zw_R<q}1pqK5jzk1lrK}-b4Zo=2!|cjoW1eE4NJLgy
zb~#bTu16Gr*cJCqwJQxlmR$?KX8q>kZISh3EN;3N14~U%>;B>Hx-}uNWC(%brjq9Y
zGRMov_H%e&yxS$7Ib3{JSG(8S&vxzW4NmL3&-T0eGm~(w;XG*ftIhVe@Z#hR{DYu!
zpuY{f&)z^Dx85Op^xI$+CaXYyb-h`ycKgr%&v11G%8-JZ1Wi65&v_UAwtoGv3ZCYj
z7kwixzOJr$`36OlcNhH24zje*j2aa6uzbw8dH$6Zp$VL82B#?#g3g_7p?{AcbFZ)P
zykt}a-w8e3m3gordi7E+G^V!?!qb#wNxX*Q8dbjl6pnvdyn|LjD~{0ls&KkV*2M74
z3j3sLdgxlnO*EBH+SaSpdi%C*z!7iXnu_EvjXcMpH>`)iX1Bcqn8H8h0Gr5v(xMc}
z3y9N^7Y1`ogn)^`g_r(^sDi7034#G{>sEd6PhV&wE-&pL|8l)uSJ%UW6&e>ZLnK75
ze%@Xq0R=~&0Kq$`s&Q{K0$?c2nfR1GBGrFVxc8O<W%BGGROBo95z1A77uX+(kboP-
zZJ*pDeQ$oAYL|pj-zDPw8<w3qS)(e1Tb8BN^OS6|LUeobJN1he1{NSJ!%Yj}+hZ}W
zIZ_bijYj<4bVC_Rmr`hVg~l0ZZ_Z`<Y109GwAh!7BX0+aNii+JZpsxpAQff^`}e)n
zmvJhP*#bao`}XB;c-0FrDh%H(+<r)&z4&MQ7e-O+@=_GV{%K*9pJ^^qn1%uiY8a7#
zDn;~C=i-O9b}*O>2EeQ7VEA)jwQ{RgNXYG6xBU!`hVxxQ78_<*2&bm~>_2CA&AfU)
z<F<R)-`BrwS|D4muUoOIt0*3uExiT&leuNp0Ex|j`5*%!xbpl%OzZ61)!GFn?&MD9
z#JhL0a0SE3A2Q8*Vv9qQ^vI%m%kKtFGnRvxB+_k^s(9JMvmBoODP*{)IP8#&fN;UY
zG{&3{YB8Vhb9&y4yu|e<W?T|3?g-Bg@!}EwX*TSsZ8Y04<XlawyTHI%<SLCOv>pAc
z;{fWcwk!~E3PY4FyjLq%cQG5aeB?{xwGrI<qp6I+VD;~ZuML%lu8mU!mx-fU;FZUT
z!@I_yD@)h$=?jw}dJb_fghL2cQ-%d<A^|V!^@>i}XO;7U$1g&dFhh5h>T%Jn?6U`b
zF!@O}yr^k~nj%XmK43qNh*pd($;HosF7;&m*U`^Grs<Sj7~DPV-(Y#}6mCw)gSuO)
z%yVjTP^kub)n7jTpyaM?e_}JkiOkaw@Bt$4WFXk=<-&>I3P*};!x^$SRSVLYe?eVK
zyYD$zD}kYeWJVAZrkIz)(qWt)V}`O8m_dpjXa~q#7l0dWciK75`UOEO(!3RU@hl}A
zX^dgGI8-nXODDkrfdkYvXjcI?wd!NbzX}s#u0j&fzHWC{ndCwxsDvUgM?expDo-=M
z<@jI`df4o%oAu`PgV3h&JYi~Rl1{LCWd++Z`>KD(iN^(_wuM2|km~AMnCeS-ZNa$<
zMYPd*nfc1xUQU(unZ|@vKjITdDLOBZU$e>Ul|h*`F}C<|>Y&I9U~WUO03|%;LQ&Zd
zwb8Q*%kSGgC>-a=f2Bz#3YE69DBuHu7qXGE{kUb{)A}SdyvM8Z^77~4^3tr!PhTuv
z(@ewQs2`K($!Gx32U-wQ1WBd@I5bck^yjq&T>8)^oHHbpio?K=qbd>CMOceTkTIQo
z^*0UGVy~pQVc+V9F3g?~MJjhoenZiG^;*s+jkuj~xg$wU(oN*Y?6rl*SSx6%3C-&0
zl8pRQkW()X*-D2=)v6^f4r6Z87~zzOug`1)KMY&Y5jFp7@pt;nw(!%OJFs#BOXL8?
zchwEbA%IZo0Dv0_P*YLb14o3Z?()(kRbKw%&BMJt3uuPsYbO@u1><7)qH?&P<UGUU
zi;#|kUIsV=vqX@r_S*Zu!I{8mA0_wIPg<Bl+Kz=vI1|k%d|a^kTsYGBg%NZHAj~C~
zqeZbgyF{FtX%DF)<X4!cfX}O#_6K*(PD7K6$;id%!?YUfAOkb3K^dx4vx~fwN+8Nu
zDN2SA77;`iyIy&GR}QZ}_3goM>&ZYQ8*GHmS6zzFrb;yDn6j*Wi=>I{KS21h0N{EP
zG<cu6LDC#C1LYlOXXjsl=tdh20jd;KWiFwB{_4Uv+7&u_3Sla$q2ZnZ50C>#Qfqvq
z3H{~(GdB7qkpQ3|DU)@n9XH4{p7juvgs@}q@`J=c3fw)!!JcNGVLu`l8aSgPPC;MF
zM*t7aYO4O3{`T5QBa>s(_uCs;LjkG#q!6LG1Ue?Cc*?aC%jhW0j65G!7I}Uyls_ov
zLG6w7v1G{YwR4{Dn=fk4@d_hoJaQ7RLLVe{&8`Tufl`*C8|dtEJabR<7UbBz2_ifs
zgPl<c6qX{hGPZBe(gfcoG^l4$$H{O})Ief%Y!jaN^)nN&w~~*s6amgLjB$yqc+i{H
z9rw%YOv4En9Qr<o5d%GWN&%KKQ?FJ(?%s)$lo8UsRb5sJic+*6aQ<q_+JaO5u-&wk
z<cH!vLf9yP5|)oMQCu{ecBsdnzCtfLk1*a~@xXtfA5>*HFJxa+&*#&M{KZF2AbmuD
zK~X8g)tV@~7xH*6T2<lGMt-+xDA$OPx*nWWS(7D*PpL1y-^G(p_~eW40Gx19$L>cN
z91D45$x^RRRRfwNP)eGapuK9&OGn7jG0!y_OG48`fx(RqjXCS6<>=5k*2mPqWg*FV
zxHbHf^?s4hICW4T4x*fEkwgVE#Xsp0pV{-`ciRV&zF&!^%{P_}x;Mkx0H>rB`9BNG
znctN%!FQIakgPpK46J-gDWU=?H?2R^tJd~e=!a0!jToej3V@05nv0I-`tlO8lZ^y|
zmGnejCvQ7&P7EKS{~V3R2;6tKy_V{dUoJ1dH2+1x_Aes_F~G+DyA756<)vfJGfkD#
zAK@Lxg-nA4$~xbWIiJ_~SfXvZ5vTv)hp+lpJf`KZE=>QZI}!TEN?H%3*J$w)>@@em
z7q0y&2e%>ic7!k7p8}*~4yTT+o6$5_*DVY#YcdN3;%R~@?I+2JX@CZpC3gE242PQ&
zj~fl=T>9&%a1*Kc#xA!J;dV&?3eDh>(xVV+74a6_B(wb`zbEx!hjLgFW+;z!Ds$?+
z=AuleLuGO^r4$BuxZjzJPKH7L>yT!C^xfd|Vz^CXki-ymi0bq3-S6G#aai0%?R6=9
z!#_>Df*E_N{pU^lp6nR!v4HNb3raZK5hyA;FUa=jZ74JB96S^wE}^D^^i4*PkORJ(
zV2^%iynjFh7#2!2cVGn%)=dp}t5>74ytjqn9SMB`caX-)@qA4MFF0Z<^h$`31is*1
zcTmz9x6GakQZ;}lPj2L1TMm~*#vmM_B+Z*2eJ`B5%u+ShCtnFDy5<a!;=ps(OBll*
zJtYt{?9=;AOl+_CfoAU-Hy*MsRZHK)VI><~7>{l~*<`SXL=Yu**if|7(M!`Nk4)-g
zteLZbvX+IysiJ!F<L`=ncRiQ?NRbsx(eU09#i|NPD)eg%U(5PJPbvgZ!A29Muu73Z
zg8`T|sBu7f@64)6^<tFD{Mif2;Og$-_MPe&u_Tc*Vnw#Z9Fw*|Xp!=gLc>c-ch8<U
zjdLP=(HcW@Q^=A;yNNJ4xXsC&o1oj`SHN9!(Dt-jQ*%LL4>SPglirxzbEL%~Ene)G
z0~hPagP!Em^+5i-q~JDn#7bvVfPVz_z&4Z<zRaEDdNFEV9_|0lZ{$uSx6Vk$)m;^o
zUBTQl=agq~9Nha5)8RbSP|la50NoJalyut&!>U_CZ&eF-J<PweclNHY=I~A$Sg6AQ
zcm#wFiQa<v7#mpQsA4CKVFa%tMG`|~W+^Tl7SL`}7e=aT-%@V=3uP6o<A#G<Laid=
zQwePE^ylGi*55Nh`92H|7l~V@#$LO9g_y4WaMpuj?o)~L@^^>pW8rH^P<&u7^JyFg
zDBc0q1k*nX7`QUh2Ist<?7;clqS-PD-BICFkxN6zC9VkGNuj6grp_5LArXct41cb!
zH>jbKLfD6?I&el3ZcC0vMj-AebR?mT#5Ei%#^ZX9q%4U$D1Iq$Td(W9D2Nm=)I(_2
z3pbqL1GOlTgg6orM-t;wh9O08?s@i9^-9lSvpdN9?mQ<K5ByOma7T1!L|j#r(B0M|
znEqvF>PgJ8e3dOM8oz0^`Z=IFT8`m|=KwZ9&bhWGUSdN0#mVoCP>c&j##R8vt*|yb
zA7aq}Bu3vvY(RUxmrWdcO;}2)TP;WjQ*i0=i|Z|Rt(>z9A9Gaa`*y?@1A1c+(nt|M
z$Vl)pty1v*eteDlJRuGElQENI*lP5KV1FJuK~N}^R7g2BF(Q#wuhI@i+{{K<&GOW@
z0y|ubG;RmOWP%P?0wEN=>zz~dVJhFT5k^9odL#4<BUC=XCWX@*Z}cX>yWo~vin|!3
z*oNgs)M-x}+s!z*z;{%T_2FzQFjW)wbz!I97{Ns#Ctlr~*lj;z<Lvfo<;-utbsbJy
z^W)>kZ?}t5xm>iIxB&)&ftC!l*uj&g*oa&ZQbV!>Qz^nc=1`+V=2~~&igXM}8VU@7
z4vWOq!Cn2z7(LD}UZ-$72VsHeJjt^%^un+D6aUr%#cK#qDeCNCm6oddkGJL_)Pxp{
z07gRky%jM=x8@&zHa8{fqBs|mwSl*|Fi+&~CtHF%yC7i&TlMvIn4u#;HKqzP`w{Fi
z1Gqu;QpE`)p@w8=+mTcLq245c8FG)rAR;yvWp*YqCGZ-l3WbnyXxm5edXog88&P?-
zOn4=%uE5M$0}+#I53v3I-JRG~G+*NNI;x@J4G1)Gsvj=Pn9V%FC6EM!bkg`^smekj
zA3>I(V=#2~F|dj)F++|Oz8!Lo$if17U=~R!h=Ll%o7NaEbNmK{l6?ANz1?0P+X*D$
z&j%j(f$F}V=oR|4q{KFg@sc>f!M!8sIRUz8x1Z=&aCrT#C;OMEOi@Gs57{u4uz|O)
zoYB7}MH|S`z&*qcfh5XP_OBd(=LTsCr;vF#>13Y;?ATXi)m|9#=xufp)W}l=&fv{Y
z#9uU*X1%C0GsqWT-wsBL&`{AKMIo+n^z|({b_@&~HhED9)Pt0KZWBp*O)k9bZhx~p
z2MvbppI-d-l})Ui=d+xC;wwAFG;eomjuEw#>8SUfoMf;~3KR<V9;oywXZ9BH0{p3{
zZX2{qTBSuU<2vL7OdP4LftfHk_M))5Xr1_ZQ$-s)nJeO&nJHD21N}#CH)6@oS_YsA
z8G*e)Q_n&fBi@6M%DC{iLtIk=Cx55Z)xsgepa&F)5S@o(wL_3Z>aUL5Nr@1j-`8wT
zP?n*lf}1GpGLP$PB!p6&3n3_j;znw&hrZU*IsB4OUob!UE^i7>&dVw*IGodkTBx7>
z+1Iz<-cp?>6a8w-zlpKSV2|KTST(Q%RD$~KugY3D{jN`6=uO@$8MrA8nH`>RL?LVf
z_pr`LP?{PqKng@ZhECJ`{DcI?J*dyln}@*1QG!g2fS@Jhn#@);W9e<AJ`CTqZ?A4Q
zYx2cH>I4H=OqRVP3__k?h%~(Gy(L*X@(jwo8~`AKYpEbEi=vSvgcW=I$Nl~8)b8`R
zxdx_36$^wAf-*HfK5htGQd2h|09jss=vecYtCdyO!xOLW@zQT)y@W9{9`(~!Djk*f
ztpn`}${4aC)J+;8oFCoMcaTJ~rz0=#mWQ$mH#f$+qNMDeCrif@V*^=04J1K7U@EMb
z!`nQ}uf%cWCAn>P@q=q*s1c7{`~MkqTM-NAP23{fjVP&TQFzz=1A%=IbykD=oi~+_
ze2|1EC^6Io4CxJ_M@0OkhOtd#P~q({F|Pg&`&La<Xhn-<u(ib$!%I(3v$#S7tCU2S
zlt@TA$4)a=>#K`@ZQuUU%xoDLD^DcTfc;jd!JiK&g9ZowyyLK?gB2Kx6|p6J7#uSp
z)>1@qa`*@t{^7FyDvhoW2vvD;;V13+>cg@mb?gt@VorR1(a$$bO-Z_bb91M(?d2X2
z<CTmkt>bXau?#6gXm9|Cc*hlum|8lwU}8sPCaqQ{50^e0kon2%mwYb0CjWCMQNZCv
z2PRf(Yk@a<Nz=?|C4wT^*VSDspZ3iyye+bcUHOlIF#?tBw1P*h1ZwHo#q%C<(lY?T
zhTuUWl%#o5`t*lOGtj#B5Y-kqZ8!!17pZSs+C;-(n2Mo7DeeU9EyO#jO)drik&`xJ
z?eixAksKdb(jJrhE{r1NS8uEOzBe}BfiDWY8>A!6k<k>KQsRqD4q4qAn#;VwP%=5s
zk3zy4sB)B7t-M`YOmQh(X@nODM>b+w{2NAr*|VTgVX=qu6GG9kH34cwxdE<QBP@_o
zqP*We?CN%J1Q$AWa0{Pa$V_H?*J`D#c^&#j;v#*0E8X(7PSXSKJr$`ZfdV1DF8@^j
zLOzvxR_d)eXCixsiY%Wh_sn|c#*q_w!kGb_IDY;i;drLo_-;lpmZ>H*lqGw0QXzk0
zrizNjn)tqSz~!aw05X0OzUcten+|x2R^#h%H1gkeEPJdqy}Cb4zMl}WdB)`UAof;X
zaTMKhUKhuI?b9Z@<KQzd0LJ8tc;&GF93PRGuVQKx0X)(Haunc}B}pO9>O1>YA7dPr
zkEdt%kJy3muuRK^NTSTR{(pJc-Xlb5%y!coE|gc+T~tyH1JIR%92X>*yM5FzL;i|@
z$mQi9h>G|V>UpOx9{ur|XATz3L!0mp4AX)9$ZePI16C_OV71}{#I}6%$(Kv^#TcgZ
zLbzQ)K2kDiuy2R!+&XR=j~g$%Urj&t+sTPtGllPl=rKI0kO3n$WCAwFM}tpRlb{ia
zM~vOjCSze{%i4xxO9#vbIk|+gLdc+n)W-Ugy+I<Nf~rIR*wLvn)oXZQ%3v*9B&i<Q
zHE<i@O9TV%&Xo9{a-=-|$^8VxDxJ7<Fj?dFNVs5c8UH4s1NGiqFo>;D&%-i(jR)tu
zd%nl48|UcQT*I7?FcHZR;8ZGlJRF-(wObGIC%#QXOtK75SgFSy8j;o`YZIcF1++Y0
zE;@BK@NrM4k|?N1z)*V@Lfy?_u1|^@hRh?@_Hl2@DgyW<QgH3y{SY~%{!NDadL-X4
zLQBqhic4pZ^GsIV#;`EK295YB!6oBhQUH4-1NIDtGf%-GK<OUkG4+lO{-Wl-{sV3D
z|Mx}opU!xWkm_Dvh~IiFl6T&&8W;_TkN)v-Q{#(M-_k%X4y&yFcmXz=b!J==w{u-y
zG64S8`|Q2);azL<*fUG$<T2~yNiZgd0AFGdMFcO3z^lqQ>jcvuU@-k`A;B7U7AkHi
zYG1$q+3;keE7-Mjh|r<g&(cy*1@2t;@pl6b`yH_#xI+j$q0He2QGfG~|M5`#=h2MH
zqZXGQT~GKLaRX;(N1Z#Mp9-cYn;epceEMQA35$u2#~kL|nm_cUKYU_RZ%0jWm*Ywx
z!ZIosVkht8+D0e)nRk2&(la=-AbSAe+N6Y-y&d26=@SgI4_G-h%s?bXwkYqYvPcAt
zfn9s)+Cp{)`}ZVc{A|YO<SGYH2NxBq3ZkGmt``IQA2`>Jw<Aha&i=Z+RpC+S{C1!P
zq$*8<Bn_@$7RO};J_MW|&hvd&T+Q6P;L1H~)8(j69XnD$fT-aF07N|)$`jM8D!K%|
z3FNWLGNS~}Os`>6eU|72;!X$AlEKkGmQv1{{FWv|L_;HtVA-S<Rj4>a_L}AroKrv?
zvR5Ve6Juu41;?}BCvElU13&{#zQ$kP=V4wTxn7sJ)I|-%H1c6XUI;Xdzaje7$3DYD
z%u58Uhnx|Gq-g4(+o{vwV+H9sEFrfUfmRSg4_~tQZy2O!*@7ctafAt|E`MP>8t9ah
zhLl=dmYcvq6Hv}@qk$?A5SqO<6B^c!pAKDc1B1qux}-b~QbFiKI98Of$Wg{DQ`ucU
z^N9t33imj0j8zxosRYaga^Q-#(2M%8FFA60ayYCIGd}wFg4y72#H7H9fwT$oXc_$A
z0Wd6cNnJ1l{qyP04kFG5i>e|XBuxZ~%0mMvx5|`^Ns67XEFFYFP;x`De%M?$?QUNx
zo&4`%Le0Us?lvZm$eb?MBquqF!RF-UTl{oknEd$5_RrNjmo;?Rnn-x1p??D65R&I2
zg`{UEb97KE(WeQ&*9_z5x6L0UhdCIgW3LG_Enp^HC{b9eBSbM4u;ws9O12}hMl^eR
zlXT`YuFo*(vuIaBTEPgcD_DEuH55=;Na=&*99*JJZ?UP$-qH5gZfIBtC-IhX=<js#
zp&x*e?q98r=i5q6>)PhWWs}7%z{)nD?9^rgN09*29Cr*9lF6Ti_26d{z?2-`!Bic8
zf&ABD`KOylz;%fSQ`gubkH&^OnnxOjKbrVG&PNdUndB>jc_?AgCPtc(oB>BHu;kGl
zI!Y!7Yxo}*KFuatf4FazkQVtuCc`h)t{Ek_JJgc{^pcVm85us%5S@%~vtXVKdB*-I
z2KL!_=N67InIBvh?7{ASQ(Xgn*6#1&I|kAdU2E12UX&(4D3eWa4O`(y-Mvsa$~yS;
z-~md6m(W`my||ScDt|$I<cu?9e^hla^D<Oa5Dpr=ywP!Z4gwUE>kwWLkjaqJH-Tg{
z9YE-B28Zh>kblne(0d~0olqGnEJ$c(Q!vFZ!oxFYAIVHiHfP`7U0t(xVC_&XiwY5E
z0IC&a@`&**&+zRhqq&cPk5ZyW<WW>mP;fxSZDGW{PD4RHZ-Wpt2OP<;U+XWPv04DN
z?ht0Oni?~TKV)CE)dB{<YxY-#j;QN>vUg%LKw_W_{Zh)|7vMAqMF`B-4bIW%jw31G
zF((*^q<8D~YJ0~C@3m3Up(5DDlx?->$>tqSG1TRxa-PFeQw7w<y7u8tyqSCFiAfxL
zv_Eq{KYog3%GdQ8Nt*y(P-H)8mp5f_a~7amsp1o4!JyTY66uD5i4LzAPQ5aK<&Cq(
zlhh7I(GLP__(o_SZ!3lJf9C^S;2%ftii97Dl?o6pL44UA{vk73aHTKV#4}y`Q6DNB
zwm$5`HtamgSvXkD9E1&`YvcYn`W3mrzYJ{vOaXZZx&$x{(2&lU-pARZR5|7=AP$_8
z0M(2evM?|S%9;W^qvi-0T}|Qz3i(uMedNLbo0~QTyqzJa=C=?LLgfX{2<u;^V*ADG
zJm`As|E^X)3^2LFuGdi-ZnfAv8S^kuM@@l$ycO6V%c9L%kl$n;jrHzlk3;t@x$9v@
zePLa!ONvR+^Ca53=&q}m{_XAcyTMb}QMJ|YhYTh@-~@)TsHA|K9R_5&P!I^T#RHu1
zy{<e~4@i%Mhg@GTlI@tp>lEbR#_iBFxsZlBnNNuIP^5g6lHbB$L~OXId=gC-puBfF
z60aB*A~`!ACOVcIJ!kFuxp~r-wNbUMV}Qd1c<}m7JY(>}7DqUy@n_OzkX1;7wgjPu
z_5_+`UYb!LJerz6e~jdFwS8wLRl-m!k@kHBby4P`RRQTEhqQ#x^{%@>!24r<BPanO
zJLxuWueMZ`yrGa0UgI_YB=AR)TR8*!8~RU?WAB1>ntni1)+HQlK@O@6U2;sE{{aRd
zecisU>UVSV0wrp>)K3qZn3ML2LZF{{TvC~N_5|>kID)4cA4;A97&-zGhf5qaZfac2
z4F86CE?s@N&fSr6;4m7oog6G!p5i~`yk+YaxoOP%BG2T_(@ASO_wsUit-cSM>?86v
z_+y%{si1&YhhlMrA*IG+YPRRcbUY+~i%xa}eBN|8cT2N~y*3WPt0WbGWa3SMSn&yB
z?{E@-X~+hwsh{h%8PLG#$s`N>8OSv3heFLsjY3EfHpGuO3g$x}KjqIcLnn8spau#>
zRU6#$P#{T|&+P)o{Sf(<Gj}OSA`t>h5YouRVl%Mr;G+71@3q{=t?XGx-jmA-()B0+
z@>T&a5M`Oe77no5^X9%=DSwMqx^xco_a?Xk;lmD^G$JCM+p~FUAwl>Jr+nw{ymFlB
z)(p&tI<YRN5E{`CzXtj-yYU*muM&mqGKMToL%mY?Y}}2>iSGDJ^-Zs+<26i1@tELL
z&~l!!$2@04{GHGY=%FS0Z?&BY|NsApt#nPANBp7~aTs!tIKaP-t@L;YJL7PkDS6~J
znj?+dbmY^ir_ED26h6~7di)!ocMC;Zf|DM^BZ3Hnb$fmbJ>A0aFd*Ao$&*_r=<gh^
zjSQk~^cw=Nn)bLsdc@XQ!6zP**r?*XF56~iW16}Rr@whPf_~_>2_PE`SB;7oOAt2I
zU-PzkykAaknI|VhL98Ei9jt6w3<bMM@IGVcItNf%L&laug2B<BgP{#w&rOJPSqXaA
zPeKRCo!r0KHv7nU1w&#?+yg>p1t)T4Kj)~6XSYUg0SZqvikT038rO@xqqc<Q@vHg4
zC#{1d;yIM`lOmO6ZA$$ee~;zVoPOj9mwo{rHa)YS9ApHM(k=}u4k(1otstDPr=_p!
zrCLxb2kZl|1s=9)El$z)Cn%_FkjBvxP0Uf4(8v3CH*1)*uQ#e^Qj$lD0;FrfgrGHI
z;vU{DeSaUfLB3P8ZX1EztUHVi5l@;n-9$ff7;*g32eFCwIqDBa?`YhOsZ4;I|F7D-
zi5tPqF$W(JOgz<e8J_8;GacoV(-7BqjRY2H5@rEB^XH%0&W<bs6$Gu4Q1>1(X{A2c
zKeNq87T@RFqkvyk`+Bnxa@G1CtuI(mG<XKlK?J!af0R^sszo`tQMxlTc%HFIfJx5g
z5PrCScikQyXAHt;%r?hsWj9}E9lizn4yqx`8*)>dJ$-{QI>VdJeo4UKm2Dglv`2h1
z^UmDLDPocvgS}Ol331HT%GG;F!RQZ`Ghu>8FeF{v&Bw4a1VAHeaPIV_kXUQUDHnSy
zapXjXYAwakJO+-Xs>RPPG7?FMERZCWD^sw|k_jBjxFU4Y1WObkx>1#qZJb#R)+mQ^
zs+1nT5{YJ70plr@+|?S12k2KjQeplL{Rf?I_M#eDPq=SkK?gA{vUq=Ev*$K3|GPf2
z@vF&o7Qp7v5(~*Uvg{vY{LcG;vj_d89gOjTh!EfdH8HSJP65oPGcEm@u`3~c3Mg1Y
zd$o;~!tAsiJii-CLxEy|WV*up<m4X^`P)dw>Z`xFSPLoTFXs#7$3J!VOIq`QDuv!c
zewxTLkO!d<V;T8mDhG%J_c12*EofoIL%3d0=z)U_8!*?`hj#E0?So>dfH5wqYZ9pF
zPYz>x#8kONbBJlFGIY^k3<_Z`vx(-h;l8|l#5a|>S0y+83~z)SUQ@FEXAM#R1IEaK
z^AN{_OdP}yY&P)N;QVUV_yZcROF_ELC9DTJnsK^&4J{>%nec;B1DuE{9J1kl9@WlH
zD$|D9=|1IsXO14dN}r2m+|9BEzT36UrmpT=_cH0|1+s|oulpYy=J+8Op)w0>0y?s7
zA#&*6M}I)Czh@NnV5O2VMA-uI3249qiY6bm62!&mV0OWe1vw#-Knl4K$8CrwE$!Hr
zMg<X11fMyrgbha?p+1r7o!{6anEpXIk^N6E+wPePU>*lMm<iqvt&j<7o$@d=%WdlW
zNKh7djc8Yc@R0xd#_3q|<K8AZSIF2?qHAMHpKosKYg+sBL~@*&(Q8dtIj~~5bQ{<=
zSq>Atjcw(VN)p6C7I3lvp$XEZ!QSa-+Eu3!LLZacf5QPQlh=*utPHphW&P?eYNTC<
z*-nhwzu;)0L>5zTzvgfeR8%kOyn9j?_~gb8-U?ECXo(tj0#@fR^^d!EkAO~qga$4f
zQKk*Q<+v7n5jt_szG15k&+tP0BRIv;A~^<zB|+gu(lNghU({R6H#2;t&lSm5SkJm{
zm<VvywH10r0-k&yXY|Au^e&?uy#P@OClAZvYF9NIq0J`xN)s5EYTb$$!ElB$x4cwJ
zGv{~CG6EWw$GK;hNOhGd(B=YwUd4_-e*L&@SzSRsyhXeK8fei~qjfE)QbMrM4wW^)
z8`kRdrt{l3qCPazghYklIYF}s$~dYAJp{|K5ACTB%|l8Gm=atvBKEK@NNJTBlElC$
zQ=<+@Hy-+p42hwK`r&@}y$r~|w%2!5k;!I0c?-ZqiW=ZpL**2{t}~lD`ewrg4Pu*E
zZjomsPeNcfgY7x%o6SRFxP=jYCxigoCZr|$kPrS+OIDqh0*^qaxy_lA1`(<DCV#ly
zs4h)p|K$q3g$kS#ip7>LkvY?Zv@L;W6zCu)UuLv-{bl&+i*(qV=bsoM4t2fV{`7Fi
z<9HO#D!5yrwS*)3s|$0fpS*@{{6sK0lsJ&Z1@cfBgF&n&gh-%X3nZ^MT<#xy9!xD;
zZ*D8m<WaPz<+yKQFOT9jT?e2B1ynk{NtTT>Zd!eY8>8S~IRQ;?zWS+scj)Hm6THXR
zF}b|-2M0Q^VQ>zgp`+nZU!C>INGeS}SsF;MGFw0lme7(!c={5^nY+<^`ja$VhsvCB
zdEVjrRu`>;)$z@0^?B3Cy0%K7Y=U_PQvpSVOsch+<d$uB?3)`+2^Z}<e8)ndFUGqO
zjcDv{mm!`xEc0U}yhAJtUFbFYH5JQHx~46*+fiKlT9_EHzJgbiFo4a6QUYDH$6n{>
zM$l)M+yS6sBq5>_7h#$k8TSi}p_~6|f4{le+<*1<O+_TFZF+BgdaIe+QrT>nGuZ(T
zC!<#C8$VxT0AG&<-wR{N$B)KccdclfuW#-@H==7t&Tl$iJ=15|w}<&lKX;VUkaQ(7
zOz_9?eA3zzO3}~Uwv!GmLhV%E5nQGYpA#9g%>_^d0=3++vVh))Aa&Gj$dJQ_S!B!{
zY<0!f*mtTuW=w{&x3E(9n(A1DW5!j~A3~^nnwqk2YJ505n@7s|@*of}I|Gh<^sxO5
z@3$XBdzc4s`+-`DVS`R7t!g-!nzwWH310rXuB8JwPjURk+t_a@4%ytli@6YKg6^t)
zbLCyQl8u38K?*1ON-+^?@)j*PH(3jFH!nUPCz0cy`~)sflL%RJ{^5xkk8LQ@ks$u)
zmW%ey?Bmjg;>Rv(QDGSWfR@6h13?u^Bx@!kLXTfv{7!EEo*KJWa{~t-Z=M#0-hGK^
ztMjm$jBQEfO`NrPNq&IO=7K|fn-~<8=kKEjjX(o>%mx0VNEun)pL5z4M$(3>hie#q
zD4*w0n<MvEv=D`^85-d(_ivC6e8yaTBOyuB3`kRR)U-hGh0l-yD+$TAJHYG|WRo3p
zGeJfS+Gr{ZGhp^o8b5R2k-0D$J=;V3zK3E|X(-c0gbPqIRYJCh><#kRekh4l?zVTR
zkzCzf<AsVbHz5~8xZ&%xfAah9KKbN({`Vy$-wiRG?P}HTc3YBJx({mXM%;N>)#PJP
z0iYcfoY8nEqqkU7HR1FSTqX|&0Ke@wTC>5vVubH@SL@CF9p!j!<2okVY*TGP$OQIp
z2&pkuMKbwonb(v95Jx5#7?#X!ma}*LB}dV1jVri)D;n8fY~Q||Hsebc|Muq77xqs3
z$G==}*VQ#C?CI^}#yEFV*gT{g4t8TTlDSEJPJ4FzC>f5s89=8xU-E1+nEX>lB9Z^(
z(+Ryu$WMeV*KxV#)BWKm6v%C(;XkVdW|$$thsiz*!V-?=N~jq|Pdn(w@yEbP&c}E=
z1ePU<Mo*CGIBicq*Z8;;y*jjb>w+LV!lRsjMn6AjfSFFC9>`&eRAu`KX}2ibI}&rH
zcn;HFcGcb8=JqvJE8V`8-K$0fDh6@QSvBWWt=sYFo&(c){_CRtb*2QrX*h-=N1swj
zjBo>fhkwHdyeRLVBdid%;2)lnjG|u(X({-pdf9uMyX&Pzy7aarD@MI9gQqKHwbG@v
zTCud|M%1h>&wQ*~YHhGvY-y;O3IV|A!5_L{$5SpuIQ7&T(0TJa4&d+kP4aC_7ZCFe
z2YzY^!*vRO;`F<wcBFsp2Y>P8lfyGds(E*-r!cc6w7#)_h}L$exT$tOiRju7?`~`E
zKKN@2SG}=C7Mgq@rT?gO;bSq4N4-DurN5ySmReC;aCxcy^5UQEUz+!GM&d<>e@Ua*
zS7r_OxKm)GJv9x6iOOKEIl&N2tm1?+Whl9(A2J<G^J9HyZeVz`i$k)G13_%H_xk^c
zm4{=M_=;3MKn#kVFpYWnY+WZN^y$AsY+FtI6Ae=Mz$9TTLvmonkM733ai>U`&~yAH
z|CCj0X!<FnX6WE_@8E|LS$Nz6k)z$elaSTT&Gz=<{*Ahmo7--C@#DXK|JCQeyZYvj
zUw<plRX;Bn?hQll<}mc`&abHLzu(Bq8bLosKo3x*?ZBh40h?<Vzu&@r@o%lxAj+dN
z^RyIiq~Z|bF88h1EQ1xf4Pi&2DkF|E0$-gF!Ah1vE?VbGzFv0NPCB4ZLCHa+m%G&&
zI(!Xm`opJRUjC^6@eSSZ%DFg;_YUziX~BVmGyi%MemF>rxontqs}|o$MQ8of)$0e?
zV-8;E!3sxTeBza_E{2ajJ>J1^bK*uNE`o|+B)$*{w}J`mjmT6y2`t#<<@0?0>BdXN
zuj@W0DeR^VlnbcWP~*(3(t=rc-7N{7mls{dLD>AOT@o>4M75Tzo-nd=$jo76&)m&n
z#7ys}av1O0*HELhyQ>DV6<H>rC4w}ik_if{M6|<3cRa_e9@~H1I|_nm2`I7@(sZO+
zDfea=J&*aOy~%N6<)kE?Mk-_tgILo=WNb=pvR)fGV{>-MdkEm~7!iAp@fjdZiRd{0
zeC~&_@jJm2fT)S{mP|=RK<KNBFScyXzp&hW>U8sj$iEgFp%Nf9lsZIM!6XHr!{%iz
z#pLao{p(@i60tLDeVY~4LvfJ+e9#m?9H=^^G2>h2SO59O=VX(DQFCDQhiI>)BCLYX
zE@mr~HF$bOOqcV?Kw!w^0MeS1Nd#a#4Foz<^BDW{K_;*7CLt8;CvzyY6=b4OE`mN!
zmX%KPmm3LfdkbJZvr(jsDuOLQ$Ps@k;LNbIe)_w)IqFUBmJA%aoG_|p=zHd*eb1QO
zhy%1`n=pv$f}(ql9!&b_i<j^&3!3l%kKq;t3Yq407fVTpP^yfj<BgxOxZe!c{?srn
z?S_X0oxM2AN8B5{L1&_fAtt)^^Y$9F_O+V77_?ryM)9^mYb0arF&Xf)ZEiOz%8;tt
zn(T3`!|3x}J(vc7Xzs?7iwD&~6mdBZbx_II0W-soqN{N*JIUpxN>*vBmtS3Kqd=8G
znX<dOuHJ1`?~{yR8o<$x+HHtl0HMN}`>cIp1qfHWa5I^Y71DP8>reXSW^#<1)E_IP
zFI<!-lrYcG5eKfx6Fn&W>)eA*^pZC~Y+voViK{F^`I}O1sLA|+o_n};j+`a6-fCvn
zh22-`I;Nn3$C8l4E}FgbxZC_VyL)nCB`7OKB>UlMLC!k$;$6qGbK#+qJXJI~@%AnN
zqTWOTm@rvECpK@V4Qq(;wp!AcmsU&qrO==EUZ_sG%gfIt&ZuYC`I%ENb7tn};S@4^
z%m0W8JGMsswuN#%8g2EO%&{=<X!r^5%=WoiZ*XJYY*=@n>z{w>H?$*GLTni9k8FKc
z)vn%%79I;BSwm^QhS(h0$pSJ`3C17X_c5)+k;UBy+xo5o&IB(zGApD~v31}p%nm>6
zfY_PXbsN}Y1RMpG(hm^Z-oEyb3F1JU9jENuk(96ok<=oun?(Sju(dic!<H|@mYKf<
zo2(Z(NND1TvJ_~#$QYnHj;;aY?Oiv#m!F$q&XU;&mi^_#K60J&D5^J8C^{t1{FOW0
z_2~m^!3w*xH`azVpw?puByb_2(U9Cs@3eSdK-}4U0S6yyXj(M;$e7-~Zm)i6D<QZg
z#TS>tNl5;qAY;{k((Df=+@9WxhA+bxT6h<TLqXX@xO$Z1q_{V;clIALauJczK|o0g
z8ml5k?9NS~(I)KrXuMt@KTC306dRJU@j9R`MU=2z=Z@OM;fAs`6jh0wP&vT)#7yd?
zQv)OL6O)*VhKKw1?d2r^4PufX+Spi}ly1#YiCUVxW(pYxKr|!ebr<@!3-dDhkb|8r
z8UG;FA7thSVI*#X%e*mTazXTzgr#7J7AiQiA-fyo`L;ezmbS1J%h_VJ`d0t!-LOO0
z%%bLEfO{9gl%Ceq=pwJjv{B7PXFA}e^a0B*GBf+7<4~9vT{yX8gFVQTASL$<lQ~LJ
zIwdSH+kC0SvLt&j9B~gn@<?!$3KVEN*BQCUk}MI9jz8znvY5tw7vE~b_(-r+%wkL~
zinzk$IC_HJDNF#)Z}fONhT-uSo3p$O>(X$u7*?y{yh2Uk5WhpPypP|x=)228RG?N8
zD#BvO_Bt_4%gr~9uwOJeq%5sPiJXqZhp#R^tE=7X?Pn&WvwQd1epi2{;P_Py$920W
znfzM_2y)<TYr%p981B!mH|zSh!75sXNv^-(FIKz#Xa7g9tRkWxs4lFd7`h{Xg}<#|
zKdgcef7QkH=Jw&O7HOM*y;!s9>^HCF!>)`loiq)X5m<3B+@0#bCN~fJ>&z6v^u-Ty
z|7s;aSgnR1*ndadke`qx%M!-Zy+=kX-*2u!ii(p`;D$m!%jSq0rq-+5YyD(iIue(?
z-zqkSK3)^GfNL;hO#ngZulA#SWZA3xvGgM0?BBJ*=m%>z0q+X`xkynf!pfUVF1s`5
zf1Ladkrn{cqA!T!q@lp628oryt1O$Vy?E*sUZC9`UDEoty3vzwOZvHO=$Hs3Y>WNX
zE6&`F4?Kze5vd9`&p2IoRRpAumN?_G)J?V|C&{TxX2&IZL=~(UUn$A?M`L@Z9fY<H
z&YBH8m}Tw`oQa$_`GA9C!eDNWoqV$PExh}Zs6fPNO+YhAP>qyC<yRNx(#W1YjX`j5
zT;E0#xYV=Js|)c+`(8v<YLlv~n#kW5sKu*zfzD-CeM*5Kl`RY$r+att$dH}fj+&sU
z$v=xk8T{|f83Q_6VCy8RLr89!7MxzH1@Dotvhf}*y*?2-4&!K2s{{^?#&FryW?KhW
zjyZkjXcVS*sl7WOu|YDz=JL@kY>|Kf#s+t3CC*fTRi0#_xOy~@{p1!)<;Qg%x7Si%
z3(0N*K3Qr$Y<hP#oZ!}pIDW96OgG`V_UMjhrvGYXq|C9Bc3<PjzouW|eoM(@2*2j&
zna(iC2XbiK)pLy+){L|YRLitgW-kT>f|S5Ug{~jhPTN+J9Jmmyv~tb4Ne)Y+H`yh}
zYj9;Zx92r|+;%AXrfnbfo^cOsbK(wZbt#KUA*iMdW!fCw>Ydp!zkD?pN|Why<oK;!
zH4f69T#jTq0NaKl8jrG6PDIHM6dG&!KOzz$6t!gBTt(2r8n<@Ao^eYU^<X4Mn4>~F
zUW)6y>zai!HsOoy_Imz-!El2+I1@liS-u@P9jV#!@?TVThzic_epBzmP)}sNF(&+g
zT7A-{ur6XhdmyhG>zCsHXte}qv%&wd|4!Hy{|5kGmQX{Xy>LIC%x9l7r>)AQ-j!q?
zxde#3g(R@II!u}{^5eZx;Kh6U<5c!v?QYvDIF=H_0K8j-^eNIcJj-1AppT;!!y7<L
zf@v)}&hp@*6SMV*!y*}0bvL8!zPzglGRQW-7D&OV=x`uak2Woo*}~^xugaH>ev1gt
zXokgjr(qy@5dC`r3sSDX4)R(~yeUk_oNR{6XFad%@8@Z7?g-E+Ziog&NK$)G8;0RA
zu_jwkQc7Act!v;nq+f;I86Vl2OzSxPyxlZ9g+@I<?+IS?c1z=6Tneg?l3gjvZYt)h
z?XMnGnyNbz#@CX=-tI;2O*7R1S_xN0IOGLU0U_2H-9aYxt_NQC4+|#<)kN;fBml78
z)0%J{MJQ$Ec}}q`JGD9bZ&e;kKB0e(ZB(w+g}X|A-Zw1B0)WX4h&_gmrr8=q|1SAR
zW1w^S>z_$*m)}>v{CjKDI2L;Z716_Phvd~2^K-kCf}<8*fez6simKP}>6o~BZfd;k
z7HFRcNcHfEk8&dLAmEMY5IKmc%n9rP8++Er&Gn6!mllCLnoZ2N>BhI*zK23~K)VYD
zdCV%JXcw_<j2{bp^dz?n+s_1Cqo29ltg#J4FnFO|jKXSVhhWqokr&1z1m05z0cE8N
z4dVBgm;C<hmMo(GSUsziI@_z&A0MuD0ocxIDK7+lj}mS!WFt(j(dW3%@eeNU36p*}
zgdE%P@!xKv()Q(1S*;1SpcV%Fo&t(9Uhcx$GB<44?8s{l^s0`8lQ^$obTAny2B5JS
zrl$wP<$1eqi5}yW1qBs9=9@LKbk;Ih9ON+=SGDt)bq{Hy>%jJSURN3NeJO<?RZZ3K
zLXYdS3})U4{@R6U|FG+`x5SS@xWUoWfXOT%KV`%_wzj_|!VL(*!2w&igwOso2N5d~
zS42;qa+m}jZAnYmeJ5N377FI)q?-)gVg?^_96<t&daV~%UkXFyl;Q5T8u;MHP>WSi
zXW_m<{HP_ma?Ko(h7jX2M6fr($6iO8RGb!KP>_%TK0+ck&BaxuDRS*SUZ=;jLyNCR
zouS>6&?p_cT7B}6uhHP+9|XPk4?BqEa+ZMp!^U|-q98E^G!5C2q@hp8CQnaA!%HTe
zGdE)fOL$&LCWuJtFkdJUYS)ZUACl>7W!#}m@pc?*>$=_V)o#DSEumHc-)?tLmI0_8
zwQv0}jUxx%se$o{TjF+rCcxiR0pi}1Q$-xTx-h4PKgH4P16|6BX1jw5ddfBBZ-Awl
zY2q_6>ou6@H{@hajk<>xmir`c5vm1c(6?+h-8JS*@Lx1Ea5<;O>0I<aLP%NR6|v6v
z(fFrd;){}a6Le8REC`{|5bNES__}H1&O`Sb3Eut4KScra(-;0(Nv@f{o&L%uy7Z5$
zU#iX2JXs>Ik^gJbPpo!HlIf3RHLl|h7>Gzgfn*c_;&8birKMFpgnY3d(4xxtNExRT
zq}!11+~>Ty5LLGR>52T;l$%!mPBtS_XsxhFMnF@^5yP)TgbmP;B;(rKmm4YW?{0td
zPcMG^>IMHXEU}YXgb*Q8#EbqYQ>o;LB8(f?*H_!yx)nV>_r%`JA07OmoV?0Xp}Eh(
zG64i5u^n4Zu0yzEpz7<kx_y`{1nV0heIsM1vo?_?CExN7dfB${<c<KcouLimil8F=
z5R9uII60#&ZiS8#voKHrpMyz{$Q3~&wu&QYgVQhZMvIe%ha6;iGcQRa1k`$x85|IZ
zCgd}hi#po1!<&}oa&nK@F%ykQMpTH#8pqZokrcIDFniO{SGX~g!y2Ey+2(ej#inxD
z1Rzlqn66GeSUbSc?%v&Ya!4cG?{!;K;enJK95J)LgH9H+(sjxx`=;2(>lWGonnG|C
z)GA7b%uwbA6GI6(><#WCCKK=ADFKWgO(+=*wkEI^kRUTZ1sML*h0N67%fI-Oxa_Zo
zxx1l{vM6uvfVz=p0;5NT3Yr;~QI*FW0%@jqi*ptvn!9T$)swvc_pRtOSGV_M6WX`a
z%!QUh=%kbq)Aa)dvar!<6spx}3>@b7o7?u!f&|~07s#DDm=qY@BPx8)sqYp4cmB7<
z#6;wK3aD>INDPhpbtJ{#{QZBMj|fwV?0~HlCtOB>FA4%ud}!r{5PKA)?t4(JyXSBF
zbv;a1W=KEzT-r>?U+gEz=NvfqzlyedlW%d)`1Hm9^N7h9hTcarhB&v7Izh@sK_Z7N
z8>3TT^yY6oJMH+L(+9E`54_0(j2X(PY=<N{!F2Nfz4ItOs>`y?Kghbf5_EMQEkSog
zE08FKJVSy3vO%d4BL3&wppl(mgVTGWczjcD2ergYY$!t$7gf~8q=~7POiJB{SbK8u
z8SUERnhWLkZOu1Hq)-}04c)`77QJO9NrVQE63ea5^W2Tk{2j;rwLb4noFk*g0em>Y
zKhj_QAq$?P!E4a{(570W*dCas#||~~glyn|YhYUgm4f%MaPK*%lTga40GkcyLf!z6
z5(MBGEEEy)%2H%Dy~%p;W;)tExKANSdErl_Z;Y3(_oRQ2-Eutl;1vUkLktR%Damz+
zO_yKJFSW>iBs2*-%}b=P!{K3ok}63D;lBAdoW0m^qs;T*IOd~sh=kFgM(YH+E4zCO
zM8|I47sKA|rZKKq;qFwZj=eQ3hkIr5{aM3au~Z6O)fFrgki<w=LvbEUpg+ko;-6T@
z(H%!TgrS=R;}D)xM^!gfQPf~BkcVuF7W*W9KGZf1Z*yPtKAy|ThK;MKI2#5`WKuXJ
z*0X{ha28UI1#)E?)HWG%`D$USka{%fU|cA}7~<Nl*e5$0tJQck`kU49qO#mMUNTDV
ze+-ZCC1TW(H|R>l=nn!k=BQvmCKkBD6Ai(LYsdTap;`s28Le$Kpb2Z-<+J@A;9sOf
zwYTt(ON7KQn!)^EfQ-yaLAXeFe+;v!qYD&uI=YYe+{r``=lgkPg05XC#o7W1hA!k>
z18!K9|3<Ap!=clWddA+J-%WZyW&cYhNm!yB>3WTB4ux~Xz=s_~uAj4OB=$jaP$d2U
z0dGZAIKqgZy%!M85MxhkiZyXCNCpXk5*KWTik@LZ(Vb+7D(N8_ULiE-k@U@k`88xy
zby20C+Vh){{9=yeC~pf+8IF7E#h?)$tdPGg_Z?}2j$%zaQvVcU2N>6h!}q`0`YeOQ
zC~5q;0<*sJAZVj^6#eynNjsOYrf6j?^=9RoO)sLA>RB2qG<wH$9OhE<E-JtnfN{f1
z7mYG9aIqAqOdsIgj6^l0DY&^A==HVeolA86;d%(S$=W^}Q6Xsp`86a{xORji9YtCW
z??s&f@&XE-B2tF~?A<WhCLaGXRx|2ISa-UTIM8~{;Ms=Q_4(-jqzpui88sTswU+%r
zMJ(|h-1vligh)>KH@x2mWIZ)dxu%MwOHvRDn5B+TwYjv=eDzfyH88P(4iXE6kP!Kq
zE<+(kV5I#0!b=L1uD3SaF<wwfK)hzP(gnI&eQ82Ploptc>oKWOcH=cX#&u8#2&nL|
zlk#aKO&7M4Gn-=4G8|W%wNPv$#7<c+zToJw&d$4MnzMgj88Z32{^&e4XUSl%u86s^
z3JK-Iu2P9mdmF|Q`W)ZV&zSRaI|AfhlSmIb<mRA(>yI7J<+U6K-CBz>4f~~iz*#D5
zmG&TuIN?xMjz5lvFG!HdJ#GXR<1RxK@7Ec2F%Z%J*&!oRFb|yxddkH0y;&jlbMCSJ
zo4Jh&oQKYYMrG^MBh#b2*;L5HsO1oY2#AP-t1R5%Sc6@XV9yWE+aKH|u^#0@miN5Y
zs?C#I^(8Y$3Kn=9vJ-&2qcknS$zVm!7#3-v>m2<z(>Y)uT<0A5ApIhPzluTagqcPC
z{OCxZ;%m)y732(YoWN4TTpomi<U;P^%@r@c;5}-XWz;M*tUuzG++f-h7JYmA!7BTQ
z$VGif(%6*zy2+6isn#jQij^dbhNl~fMFTubD0`FOJe4;Qn&+@BmurzG(fe)9R^QbM
zn6u=N|HkhQC(A^~0{d=sE6NBY8#EpnX$nNF*gR<t&b=q#qW~SPP7}Ntb(dd5_b;ES
zA|`rBJlMIE{d+-tL~$_u+JnLLQX(LqsQ!b)2`EmK2cG+BNW9IB`K(ljw$qe4fmlcN
zMB4aG-##bXF?oIeYI3R-n`wcuty(}6+7njKUO_f+W_$3lej*+A^^u0q@BItO=tL<(
z%q#|!zXfltjaO`$*_n9IxGqq7-iCCJAd^0Lu9lpyE4Gf?*RmNCUCgNhqQo~N8)o_i
z0ls51<Y{L|D0v;IBI-A-aFWs{q(mXxEMfG4o3<0Q#@}Mr9=3}qMCD^upaCg?NplV~
z4krsRyP?8#EzvHBn5ouEVe2n5(26F#*xwg_yK7?Zl@A32N-z#5s0O|xXjMLRxY67s
z)MPDklLhrum<!y5uOS%uUAylonR}ND;8Ni(4)x?66;)M;Y)yoIgB{__tT8n)Aa7hr
z-N>l>Q@^)Gx^Ky<>z_}_d`N;G=edXi4%_+>nK3c_&qfa>^LOU6LySe-<*46M>)Z&V
zJRM}kq?CE*;5pvMe6#-p1&I4^Z(9v)h<GAB`mhI>AfZ(x{h)2a6@{yt`X}1$-ykm<
zVLsyeX9>u!selC@9Cc|Ef}6%^=I=dH9lJVB-a3rTDd`H(Q6u$y%3GO`F6Ph|LX_~;
zg@1z=&i&v;o+BKwe^69fg`$eoHbg<*QI*Gs+H3u6^Q~{HdjW0D0$3TFI3Qw1Oka3A
z^ol(a9T=}4x3>8w_hyQLFh9Hjbtk~dLDfd!d&-nkj$T=W-#W+p#JgE0YQ6f&$7Zex
z>JvT~CpYIDsEhXaV_T6?iBG7X$|<}oyPNkX(sH4a=sd?u-NgAOn&TV}7qGC3KoM0e
za8y0c>oQzRA<5jn6Vw&cPB=NFIUv0&<8sw46RkswMM!aQYLs<Kt}PDhD>Lje8!h3u
zzai_C5ISb&jBGroc4l!k580bV9|Erf0|*ZasTj}F;u5Ea^=ZeNFv6BsS&@=n%8^S2
zmUmdht`EAr#JLdGYChufQom)nJG8ec-PTDgpM0z>kL!-rYUmy_z2Cb>^Q?deJD}_?
zMQ_~~3z0(xb!H=<Uq0g_d<rA;rRy%+YX&;4exg|?6m`Ie16w@XVF%~Sbe+r$m{}Y-
zi$gw225@_)-FIRTb?F=9sv>P+{0(>*GmB}A<w;rR07Rpt1dz#QBoHm<1(=^klN$Jm
zi))@NI3HMFTF|DDMY1KcGr7n3<z_VLPBU`ISQ8hgdJ@@XxItu7xO>O<ypn^FIi1P_
z&M0!x@y42GP?7)%p!Oq(kP$L_wf5%x8BH*cGFA8~5w{3uNn(9?eBQZ0p6x^xVklZW
z&JSIgz-&;kc?#uPzaNbV0<rzTjkH2_HvI7S$O&1bf!0>LYkVRf(!pnAxgG&D5wMNV
zlr#n{LRCW~7S%HNL1SDN8EHcZ>P}97A8aTOy-99UrXLZw_x^)@3O7pNs3SWCpL_w-
zUD9m>ZuIX<`s2bgA3Ms^5VmX~a+Wz24nGOm4a<y5(EyFQ08-P4-Q@s<{r9=?E1w(A
zACXPH4<Fz?ha_-tCOc{~r6f@UuYcdxrIbpg<p1Yc`k}@nB?Sr7359%!Wz`u$2EWGR
z?<@M(zoJJ0F9)AEY0e>)h2)})TdMV?o}-7ni(@|8G>(@$_$cg?FQqc8Dyhwc8I9<C
zLP&mL5BXJlQ;+B!P{oda^>pW?NSqaM*|5K+QNStm*VZ{ltbvEc|8-`<&jH`N0t6E<
z<V181txCU-A`6?qZ4k%6UcoqmUordW-}I26p)9cwi$&StoZ3s?w6L^o-<_PaM5o)D
z6`iB~0GG%ZR5vT7LAV(tFcmnrDwsju=@;^H8t(3znp)MWEs@+)wBXE*?#wlSVoc#M
zr94X3IOyD5URrq?f=1?R4rZqIP9GkI1A(v-51J|n9`cjYp^qZ0<ntg8Y(ta`!A2ur
zAPNGbw;gr2mOi#8#`I6}643$bKL05O&HSg^ebu!N$0|qqITF^#exxRO_|P@UcM9E*
z$wXA4T=-CfWgZ&xq2E6qN}#hxI{*yzGkrZN753FNyBvSQ<u^af=Id=Mp7ztp)J=!}
zF$2j=MPEK62-rb*L@=;sO^=><Y6T9H(vb`Uz^$%D?)&10d&C)PPbq3-mMp1;RA-p`
z%l>{_dRSm+z~Y7ogp~n&M?@wJQ>^)kDDb%5dGzG`;I;@cR!_I*sv}OihPI6FPoXa=
zng%W30NK%+blv=|?oEC6H$3<N+w7)-wF|C@FwYX|5KLs)1a?y;9tn}QQ9Oka_o5Dj
zc2FV`ArTui{FIy$5n}${(bH%;<KLmm`HjMVg;D51SM`hbtuQ3K_+MZCFR3QCSO4j#
zblkxPaquDDNRVlgPNL2Tl0t-jY6ub&lXRBn9P17DQ<%hC5}H{hf*EGdIEE!k?tl#O
zPIw5~l;kZ=Yl$qZDd9LjJ`OZiSfx5-kxC@eF-(1UeLg-8uNE0=qpHd4+Yb5)ik7i!
zWmgN2!f^RRhe4XsZ$xLKj4h2A+LkEI#d)xXgEbN+7NHSyLw{;wj4fyH&M>;TGGHjc
zQKh-;SH_)rzsG`mm|CT!ZO5jK7C4mbCZl-j4rqEr<zlf^Ff*yGw}~YSxW>U*(hR@}
zpSD(QsIej*VJEW!6B!75a|cI31%`aqTACjoD!@d$It)QQG~m97_X{2ftO)#&Z3dS;
z$i0;3dDq?QH=a1upGqBSEb{mruP*)!d;c)QHU1aI@|S)33#gRQjYwMz9ex?q`O4fT
zP${m=Jy)JMW}%X{tX883`=Agv%s^bEQx7x45VHWlK~HcE>btJZvh3GFrt-fdr_4@}
z@q6dT$IcdL_7FZ1r9`l2<cg<bWG9B{Rr!*+FZb37M+2uyyasZRN1`~NQ^_bSx$>3c
zaXRCP5|A^ne&7AH8@KfD&D{<E1UEuJ0?wbFGL{(wt5p|+F@ahKz|(?$r};K{3alOG
zDgJbP%nndqSO3+Q&Vwd|v$z5w1e7Wfs=5BEOqCNmLPpIkG^%_=Nbfa7A=5|-#LBbw
z6L(7C=Rhwy5bfZ&ksDw#4Y^mp=H*zqE9z&h@RB1v8l{9M`a;iXO{xbH(pl=iAPh}W
zjcT~e*1Y0Z<yGDRzt16!5+=NU6M8I>A$7?hiui8Mon;)+;xX6Z%ip}-++2%3iYgkC
zHE-7suSEy*Ta|t8k&bh>eXdxe{pijmA3{FinFth%v@O~KIhY(c3vna6ygufa^`;0i
z^@DA}+M=DIp!5kNMPyz(R#vSjN@DrO{SQ)N?uJp%t4uve1#8G)if`AsDB$JQn%TZ!
z$ZT_ZV#klwU1}oFaLB^sH5!js6^xwsFcHY<zhWx0kFx&C48$}hdVI^-?#vP3t{F*1
zidJt8QncWh3Vl5?nR2Y?crA0ezt12=tGBcdkT@w4;1N-iwY5-^j&8isn>wUF*C8?v
z@OBGV`EZlzl+5V4WxrQhx3t>rDuIGvxJrCd_Ffh;;do4sTsixb&+qoJf#B6>cd#$w
z76%~o;Ws$6As=?U7<%dU;U<a|QPpcn^Z@rT?$O8i+ft%Lb$kHulsZA;MIc%vEn)G=
za)(+RgUT`f#jf2yT(d8JuYVd3=gUvNl4Y~tj7Uj31Unmk^yBWG+?cJgd9@rgIC;q-
zqe4ms(hA{>Jkv<00>fi3zY>l#%I|p=9B)+T!J*IW0YHqwpWJiyFrS>+y!h;+LthQa
z97sv)!txN7Q2}c&QyY&{DkT++1mWKHN?3%X58#2&A+%<XL#PxX*c-$vx!(=|t3~;5
zc^X89()oCW@?UT&@Hg^P`8OGi<Q6}N?t^L%{x9gJAdlq$&61J}Pugb=-UOpnok7*h
zKjBgnEn0;)J?g;oOxqyJhKPApX%a)#s+DT$WuDu#b7l@w50Bj4KKbIiPdFXx`cmAV
z2|(z7n;?Y#EB}bt>g1pL-yJB@?>?FQ_<R0F{x@uOkYYoazfM4m!aOLPOrz#G5Bp%N
z`!IW@rZh}VdFd1{`S_U*P<ndo@&Ee+5ujKpR!5B136&a9wG7*hB>2(D9rc)e&Byzq
znK5P#XoN~<!TU~-ljzbcmD<)2i_1SanJvs4ji2=cN@hTIrGE%TgGPGIhnRlgD$^-d
zn0lTMvzs%s$sI$Xl0gfpAPxj6UQ&3ThfD=J;$SMA(Uj*J!(ovFmoFjDg+#85bGX6J
z94xobeCRfyL-X{6*LAffG}VGA#!(NaF#(-<|Nh~T+apH(NriBzbj^^Ete^*jkvX=8
z*d{HAggjDf*mG8AqF?NCY;PsIKFKn))6R*0i3dm{9^VqLDM!O&6_ymPs;)wQkIXzh
zV8UbX{bF&Yo;HZK#*wFmu)?urQVBNR3c_G<Zy!g|j5AGF5^(Yaq*tqnpvZExO?GhH
zHj)-4r<pv0M1d0qzSPJ7x!v1~xV?90>L{8cn;(~pg%txGG{{2;iqj#|fG2;i#J74$
zi&<$5BsuO${7@ZG!-7M!n8x7SaL8j49Q}Dn!Ck#=TBPXi1f-9#gsv9;)eaTbu#s5E
zaQ!8+YL*a6tCb0DKfpP5<Kai`-^<gk)|-2{!Kn6hJ6|LlA1$59k(;eCPXDUY)||TR
z?lETI{}DIub9Lbk3YNPY&RM_P>;aMMSu5r*bea@FSwp2QbrT%IDG$HFxo_UxT0$G!
z=C4Gt<i$VRzr0aRRO;*7+ve~u2}d6bRE;8%=%|E|zC$F0O#mK|);wL;K}Fpo0&;An
z{tXwZSHhkuondAj`2=6r&D~J)M5?Z?cJiUH&jkS$J46vsB9feHfA!>p_;~|VD~dY!
zqC2E}M2w8LmxX^8Gwl~X0QnB}v8uiPVHPz(-=EtZqu|QR`ymuDQejK^MZ7~E<D78$
zGm)>6xmQy4(G)0cCJFgSyeb-CE2OA3kAhF;UnV=XJoZoSp^5lhJg^JPmY4$@f0vN#
zP@8(cb?eh`#W9DszYvPwp+Byz6#`rNI-ypOKfR^Th@g4M5}!>K=-qwa7!yU&R6<Gs
zilMB9+UbCO<-{A8K=gwQ;W~rAE2FljD&rsy20BJvsV-gfqb9KROJr(3Mpz<3<scvk
zPTW6B;5#rpdqV7IcjqUC8CXlQC=+1Jgs{;{3l8kaIHh8~`qU#`xXSgF1H@TWF4N*z
zSB?+>BURtPyk0`#PR$~O&>B8f78ne5K%q%@N<Yp#|3e!sD@R89{N|lRVL?r~1}p&Q
zM+0qFLJH0G)IT`vvg^X9>G<AeEv<sE=n;W?tj?8mCaa!vDvX~23V1n@*Muc;c$?|-
z#c4JS-Kl|CnvnF#N12`dntrO0J~<BxG(OPWhQ>NZMKm^6S~satlFCVTf)Zd%z@_AC
zAxVYipI<U2#Nci=wdnPpo$InPo#u&oS;tA&P-~CY2u_%87MAe9?mEWpJTA_;sP+xJ
zLju)pPB09tm5`YlweQhl)eNZ)K^EygX|};TPw?`)d0%Dmy)ZyTT~6&wM0HdvqH^ZF
zZl^e@$C;WPn|3-K7pHDLvxSO)Ioq=QA?-}{U5r-^s*EHFss#m%^*OHf*i4?bFTEz3
zF$yQA6>cWAfN;PCfXh1Z(wy&eR()(iIJv#KQyyALp=7Xb#Wf;}&W~_juok_R3Nx`x
zWf_QyqFSTW&>*2Ec(49yZzi1j2)$}am+;rjz@OsS;6}gWbzFoDKpUc+uCJrhk&hw%
z973p6;;@d&*YQ|W{XrO*#?@~sao1ZAO3-&E_yDAhB-1-wHjS6&>Mz+cg{c3EN1=Sv
zRCffzPkf(#p!Gjp18mpv6kZReBZ%X!flHJ+<JRGK<Q-4+cHP9nyLPwVBFF>JaN7J*
z?O->4Q|w^RZmu4b1QY^LbQlZVJjCWjlF41{C+gud!ti(UsP8E+Zg(y|&+#@`w;3R?
zqH8H1u<?1#A`Q0o%!e@x10^I#%S1wE?qOl}=tm*SNuV0$7pOgRh-BQOEa~<_H_d+{
z71k&b5Q_&%1pSA7)aE@}6(M9m>O97q!LSQ)wPrJ%u*^ZL;@5Qz_aa#AtM<)RRZD^I
zNy`wzT7;BnR|A4c5ds@5!)eW$q@`XS2A4RdZao$r7wo9ftWiVmO)LZsYH%y##!dF{
z@UOkR&C`4vXmn&Qpr*+XQ6Gm?2*eg02}$Xr?CaZaM|w7_J%CK8xp(jeAyyqp?&8C~
zEf~J-a5q0-ET`RILe>OeI>fJ-j&?s+3UbZqIrBaC3O?6uUleu+w(=6>DdbcU@V2&X
zJ%>WV$^}wqhEg^A<MtMjM5RSm2<srH6d=Jxc9~2rPe^LED=Vio-8FT?Hm1ort7Z?^
z1!)rKCQKLkenSsp%ZeP`>~(<?OdWxE1$<^U3Rj%tb(kPKaw?qwHuyvL0n88uQ{<&N
zAAnGbU;;)zRLZ9G%3QNAzT4dP8)b~&5k~xt9ER2J7<wqC%_0s1vqG9i9SvXTp}Dv8
z*2*3nGvgmq;0N2jpqcTK5VJy^u7h<gl+D{*>aDM@)`vuuScxn7E$3?^zLR~Y@s{C{
zYmge)PDpu~UujNqeh+s=+g$u0fBcRpl6$yqRBk;KniIh%1)UaRD@3tSMeV(pzN^NQ
z(#_q6we&s_XvAe9qb1AJ794no%jfV(kHq9l2o8!S1#$=psAiVu4ra%CB(YuGws588
zjA7Uy9wU%VnR%&tog-iGyXtmRo21`C$mB?J2hyk-`aEF1K^fMuA@)!sckbAQku>#6
zSdS6@(OFScwNSjpb(8_P6S?K#hJGxTj(5I5T!Cm#1+)^bxRUHNhP)SuGcjFxEBUks
za{JiJ;ne0FH*@{R_ZEl?{@O2s9(;Z%5O;bnL+Gvz0Q}?QqY{A8c4jgb?24hZ>ai=E
zED^&HrcUOZ<sv60`ZlQ`dSia#StLOr^zCOnC`u*|qA+T|d3~$ks0gm!iWF~$oOTUg
zEfmbe^1ACSrBnLW{^qk@6*wdf?d^X_!=e2{WPFXdR}42=B_|6*2`C@d-+19hO5P>2
zu<!IlMzV01qtR;`JN&weQDP7#Y)o|;OW@6ajl1!jF9}2Mmpr+J$FGF9oESp|shPp;
z9BHEE|A__lk)Z1+=!&-R224oYBx))%z#d@x8L$vmMQcSShMp@NC#Ib&E|@CFBIHTo
z*9e*#*>jyB9}-M05;6;Q(tu41YuL5S0}WK?SacTPlZyuT0a_JLu~A>qc!Nilav%yX
zT3Hf;nv#nz`6LPptc#nT^{Rtdu)fO1gW+E#gI&Qu01{A%@#R%=Q4IU1FL>YKDj!d{
zFa(GsQ*eLBfmOKv3IuF|jJ=wDL)6v1>j#tfJuF7dX#_4pV#qkZD6IJ7h@X9Mv^<|0
z5w^(^YQzX(!Xkt&Ri8YX$d(PU%gekHn*6XsZ9&R#lnv32i_H+|9^}1T`iQ`T?J2*R
z3v*hOFC9ar>tLPaOmsJ?3-q@n?vrMe=EQ5W397exlttXI4KP~d$0|hVIqK)AqDFM4
zB_dE=Og$0Ed0BHYmzQ5jLa3h*eFm<WAPmj-aOAb%+tI4jZjs}@K6AAiC&mOzc&E7#
zo2#nY4vzt<xeSo!TI#d0f2r{=r;jqZx5J+GT0+;^2X_LX2lLLe8w{|qT8Rl-ee(U+
z5bhl~3-iy3BNT30N=yl06M!?xv}w<orX6-&$T8bb42H^(tc(5XZnu#nP)?Z(`1~RS
zbzbx5R~JH}JlryvY}!|Tz1`hZ_e3%zj|uSn>iz-cMjk^D0LLSu+?@;wcv<nG`|G1;
zh}n%XxQ=iXh>rG!Kdd&VC|%T>TVsN4_ach`=>XBAbrp0tDLQU_<V0R!&DX@TYajo9
z`%Am~SGbOspPvO4hK3JmvkI|sV|>qj{-5qR<{p1OBJB}=M23bl=Y*6qm<enb!Cx=F
zy=!m3y%V=;e_+s}4s9&&1|xh}sjl+X4S8jTqCw%c3(}5?2YgEr`jB|MchBjk=JE?I
z<DeDpxoy(bJdbE$98%<mF*vyEf}_Ii)f|QHJ`oCCTu-@v(rtsISdd<PKn{-CQrC@4
zWr|6>(gZrhoY=@Uirop=67g^3ic#Lxb%K#}UTMd_nT`&HchIzE5_7PgCxhZenCGF$
zU-wSIC{e0jzwC4tiY(hP80Jm$Q0ZaX%=E)YP7F1fERNHg^>s@M-k_ev2jPE&ZFwXR
z0`pA99L08k)wm1H)r@!(X2QS295N>zAp>F^_o)$H`0H0nk}T859>LW_Zh=E~1i!bx
z;MlHK-^w3fH;4A^$YBT<7>E$TRS5VIZSj|z<bV%>F2`Oh9R$&CB&3M~^d`bh>7Buf
z^oeBCBU|P}2V6p%etBt|u6EQcc6s|k-JrMk%GW!FXdNGoE#pR%_{0$bv77}y%3~i6
z2(56Bn7se6Kt;dae?KE2Keq1<Qgkz^JwOkmi#p+_Kk;sQL4L09ecwtCq9>3zBe}Yc
zfW!>;_-K&?5u^x?A_}uPuO^MzCC_QW3??72B!M}BlQWlK{QT-d#8gPM+}`(gl*2tK
z%V4+=W_QGZHg8!=1A99~Bg8XMZlh`pDpNjYdXuxDhtEp|9kOoOwOYjS8mR=SnzXE_
zAOR{u&7v@oPVTw*uA*e7x`x7B9&BbF6)j;fT!?g+g{G63Plj$)6;s5HH*jsGpXI{@
zK|$f2UA*4k=)itd`uU!)9}Q-3{=}`3+~OpPdFBg&u6edq?SfXOS*?U06<yL7k{nu+
z_f<-$i;|@%xdGz06b5*+R3B+t{VYle5*I@%dd-Oo2F}2H^-?%SiaGXM<r+^3Sa&g!
zS;%UF3CFtIYsQS2k?tq;U_O=}9p4x!H=>>i8Wv5;$qMDJuP*p|i#apT{7x4KXF}1I
zRUvzWNb|3%5dAn`bGR%5yMmbctO$}vtOlwZJ7{u=x%LZ;%NORIqZO8!zq9fqU7Hib
z2em573V3J3D4xtuL}f|hE-&M%T64sblU1LefLGzz$B~Gbxjgi>N#&;EZ|>7st&LF%
z+IKz8d4O%JPX`yJ2uNggOP(hSg~Qz>rT^oh_|I3?RRkPrz<Zu3fQ*ZvzMS1VTsosh
z_^+f-iFTG?WytUsxjFY*Jgad`4jFSaEAWVS)Es@g0v79_hBTuTUrjRM{wy{l?Y^-v
zpO_k;y>5Hv6U}Xpcr{38l9g@KAp1-Gsdthc4czQebJS=4z^zHE$e!DeTSZAL0q6?P
zp1n6<p&D<qwBO-{kIi?e!G6SNkg7&>E{(!9(XdiPfb0u$oeQ?c#p|f07u-;^Z+Dlk
z{vzLCq-`4UBRL6Xhy{}8!gau0i{pK;q)Xs;H!#q55_v|#0|iGS1tcZ{xDF(yWUnqh
zKsgfj?Hx6nS}YD*VM6E{Ip1|tLLzRAoV_lQ?0tJBWn!o}+v&ad=qQ-G{p6_wC?vsv
z5><>kq%_SODoYb1HcP;5JRE>cWt(Jv7FNMI1#!jQb`O`_R%J`Frie*{7iE>vmvp_m
zsC?**!R4i~yY>Vlh^M*loIlUZ4&r=AF`x-iwz7uQDy=|!+wjG+c7>}AM5(jMNhQJU
zfJnC}R4>iINb(;{iaqi2>votHG@ob&vb6ZYO2;nw$@yCspB)A|fp?qNZ)AQ`g_DpF
zsYwOIQ7%fi!)1AfaarRYG@O5Fu&g!~-Q*p>9z-k%0TKtrwhHObKN@S!&-=4R7#uqL
zOQ%ImwQ}<6HWZ@^(iy{V-pX-t<|3(F4Y0{#m;dou6lDv7gIEsvewN?#pdhbCOi9ac
zg#=s5aUGg>hH#|^^!nG_YYm&(=nPLVL!$zToWoD9PLy8bq5yDDj0qGDjoshK=B?k(
z6p(Syj`WH7!_a_m#K!FT;x0nE3<t1iV${PWQ|VoQDIrl8DuB7=;qBG+<|leU|D9@-
zhdu1>>nypvd`s<@{JF>Bwn6NE5YH~xoi>h;P}zi#U}*uBG|qieOcBI6yoK3+wY#lm
zmr&LPq|`v00jE}3kqb1Jp5hy6%<!VP%*Y$(>>I3C;N<;!?K4Pjn9Ghc<`vOH3EOa5
z17TAo>$b|nC}KbEuewF)eplSI_mwNSfK3KckE9EQkS;LiOqo>NOg*hi()1GP9P0k^
zu-R#UkZtWk;E)1RgT{{cE!})^-R-kPyI$r)@^HI(tK#f-I;1)q5}6FC-kNu27VuR;
z!T&Wi33Liw(Sqlz%(cfn?t0(0KV=Dz)AHbe>K}M~;z$Tk>^0X#2YsB#Z{?TFqyi=>
zLMP00;eQq@WwtVLH`PPvT-ZQ-8XLjV3lcy7fd`41a8JY}1AFIu&$l6-%s9&(t|0{L
z6Z!8DlnG#in=7|>(G~;;QW7d4kqXYOLa{Zu#~wK(I5&hLj8`j3wrT6Uz{d$OD!?gx
zJ0(K|2=Odt=BCZKAVb~cL7Br!5(#ovgNTw28~l5TDNpmo4>n(%?5lfCg_5|ny0;yi
z9ufLi8HLXHgr@)1Dj#KpA*@OX53oC#OjVwRB<a8$CGaIMnPd!4KO<z<X`B5Oi7}zu
z;7MhjcW47*_=Lv7^6;GTq#V=V?ta#wGSF^nozS_4KaW_3*O+;pHSf33UNs;}TGG%F
zSRRx3GOy2=3fS(<Y+T-Nz(uq{gEO=an>38@2Kjhh=$kEc9c@>!7qP&>weX$hDSRnD
zF_hOSWi=&TCd>l!x0)lzXvV4iUOF-R*a(KSNsv)Mo;e~q#JKd>2zySpf2hkQq19;{
zC~-P)(k3m^iD$nT;?K$V@&G;-!k7{l4R9g6eab2}bKm5-3;l6M@1ESCskI1^kXciy
zOcXA_NjfN47&?5WrCu9mzxZSWq~ZrdiC|CC;l=y=r!3yd*-i&ZEF3av77?Mx3z$gm
zHzc*Lwt@|7K=~4(r~)|Y2v9SjmTn$a=lp^Qi#<*#eyUyJLPE$3LaJ|}Favv@mL=s=
zSjU6g^Z=j>|MJrQVFZ{w^F*ZjY{$b=3`XTTs0o^uI8|+u8zVLG&<5$lLKhpmCXH?@
zWG(9^OVCEFi5?jostUl`WqPnP`9G(k0oq284Pa~&XdiWPC!YNG(Vgjg7QKv{|3prV
zDa2ct3iSU-gO~=<*o!Z=QVQ2LUp@e7?ukU%uP`>y<nuYn_!iXce}*zfj2;HOz<LW3
z3iN`IOWJEP)_<FLDn>NVx&TUX+^#|*z%)fomx1j+V+a$?pbAPs>Rthv#S%O-+N<W2
zfKzy^XdDTwMWI1o;?SDBrNJqLdmXbclQ0+3W#(=Uk}6MRcXt>2LH~jYFzg%sLqj*>
zT+i@3uMHrJJ%=1bTXIID7=uY|F1aUoQ+ikx4#y7eNocOICCD@fwb|n)YssE=WZu#I
z22f!aK_S})%(c=)8y>v~-21b#>av{OmAw*z41ZoI?^IzzPm^@GhTe4)h3Ds_{BOKA
z5U4-)Ld1QXzby!>QbrG6yr^194x7m#9JXeH@UF2iZ?A3n=?e!rQscH@KGTY{x&Ya)
z+Z)O0(1n2E3joXksH-|>TIyopgs#a2ebyQJ!~T5&GP)8LlUp)+Kky%4>Ay>q#{_A=
z{KOo`j|76SOnSTyy@%1(HF@eJieQT>D`uDP1TB1UZW>~s82UmUgHlgbhMcxQL%}*|
zOs5S$Ktge-+3kCjA?t?7a#{w|?}N)3jK?uJPfD_3D~AdyUNV@l%M4yAHbji9UJ>_w
z=SG=-?eRQ+x(7bhV|t8#Wr7J|X@UtRd}g!T8BYVX!;4A;^vas#DY*$8Ry+xF>8al2
zdvg&R7%2hj+DOyZvKLLgx!#RaNRfpp^*NFLs-2#_H@e{A&H01IeO>rL?=zVQiXRJ?
zbK2vP$1QkBp`v9vN_xSY1%m&N4<k_hnb5q83C<X?-KGtAPvma{kmxM<nIyA(tp2EX
zXAk1Y#Tx;}Z@1zLkrk?VUP;@clyxFPzUE@T%Pl$R1M;3Q1lo@QTEI;iQaiwa@{G2d
z%QCpV^F-l;^_PMUXAtv7;6aW-UdNfecTSBmOgIVO13Qo~6=_~sMiM5;;-;YUz`GAe
zn|^~aog^H>UVMCwd&ABoz9Qw}!lKf*o?Nj_JlRw87*oY%U>Q3D$>{M^lF}1H6-%aB
z9NkpvENWyQAaAINQJOGwmT6|eM7M?)8E0*>o#>0c>yz1fazA)q7~<bby8Ft!n9~%r
zm#D`S9mM0J|Lt9O>5amqH@s5I<M|UWy&)eiQ+D!N(hV)Alpsdc1KfZag|Sa}#K?Ow
z39})Lqy5eH0oV=|?TsK}ey9KSmHda#hF9uw!}8MyK>^Gjy5Wpj5ea&M(S6o{d%5#s
zG!iR9;22JWoLWec{OGSfGW&2PA9P^KUd<+O^j_y)9ax4aWg;9Tee^dckAisvM7WOd
z3*q%l3KOn4dcwCkahw=PISAdLo(6R%0mh}AxFr9MrNrg>ve^sMI|DociN2<WLZFxs
zW*6%uDRAtIAPQOGlY17ss-TK)vwx#*EHwoM<%aMj$I#_exW(?GTTJ1?Vp>e9daKD#
z78aevf&$1-IFumNtaH}VROy~!)~I=GpOp6Fd1meSX2X9z{te|3B%nIDuo(_#l7Nrs
z7aX|P5^Fs<H5z=yHUJ?+_9LlegvE}Y7wRQkCGmbSmq|nIRTvTof}~I4*F5FF7iJJT
z9H;@r^5VL~j><$i3p4mR5&Q*!;KE-|mH}QY8pUtk?KdI`V)y=a6QUpu7Yz`=G7|ym
zgS)^<-M<;FfkgfW=ig<7HN^wgN|07TLS(GgSZ;rL^kecw<Z-X6PT<Vq(4<LH1(2?Q
zh|VRoFkJS1hkhdOM?kCLuf3p5zh7Fs<dOZ7iEmFCU&wYf+B@a!p&U#mNuL7rjMKUy
z|G^kGw6y)pYzyZbIJ9rcnX<O936b+a`8tF13mz4WsMtbvcx7b^laB+MeEMPpj^XO)
z-PV<e$yjTw_73#9!0u-DiT>7$(Ve4_Gs7N_ZaBH_K}-mhvve2*eFfH4b}AscHDp}-
zi~YNs_4XQ{=>KQ$&3ofGvUG2K6aym|o{Mfy?hCJAyl%BUW58}3mV4em8W%*a60azd
z&Bd|?=<j}i=R`#ARh3mNO17nLSR^a6GGjS$;>1~=$GyoH@#(JT-E}JOH3|OAd~$YK
zXpUCPIfd*lDfi6DU_}|uZ+p_6h~y>4q{8-(^<a^A7jyla+zLqx@LCE9@M}_gOfs}o
zV|Q2OA&K#7-rV2bRcAFxj1mi%!U*%*T-ll`gBfU7tTnKtTsKvOf-|9#okun+DAcu(
zj0i>vx|+4e8A=4jdcns{BS(=j{_gzE`Q6vQzA9*TQ%jBapFW%3X9Ph+h9)lviW|Xg
zN7o*=DIqjR_8k!jNn($%GMisH--AoG@alOJb<L!M^qrw>oSaZgaY;GKkMiT2H+S<<
z-?YVHcBPPl<W)tn2+;o&0b=wUATpbLr90^$=4EccJ#lefHS;%Zm|vmpYE$BfI7>1T
zUA}(u!|e<69^FO>*(c`7v0g}PBO*v(RI}0HZY1vrIvU~fu-8QX<{3v05N>87Z)jPB
zu|=U+1QJ9A&6qLOq)loN>QWz`5h-5d@Pvpqqz%V|(t!SU%`7U)+pCLv%`Czv2e}Uw
z-hL+RPxPIWmAkH;FcWKBJhOIpAZuUU{zT<CTDq&N>rb5&-sT<^KVVoek%Dc$aOy-Y
z;&B{lM%lnrxZ;Pmfsk_mx;aT`2_;t*`+{x5R5x#I#CX{KKpYcJS0f3OU=muRQa&!C
z23kao<aRea`+VU&+BcOjL|9|#PRvw(6XP!7+2E)X4e&!w?RbAe)U&xH^Rp<S{Z~n;
zNt;69NZ1)`;|3gerN5a<U_eyxew9cy!)44rF+{g1l0Y3`)N_Grm+-C#xFWGpIyE58
zGzwix1~wEdEUaRtLQkil@e%C|OH^+Y$2e0_1q%)pp5PKx%xXP7<q7?cE{==^Twv89
znknS8hc0p=ulD7z6J=OG)N5uQDJabB!pk+S$Gz4)VEpb)Buip1NW!5m0Q*i#<S5Dp
zpB}$^nQtglFouTx;#`>Gi>vB2B~dLa{a1;oHNVE+%fHdBfHO!LNKS$Y*cqNOULjVu
zw@uK^RxT5NR@_vtLQ;Anxt5>3A$@_JNyFZ0ihmGa0a1n$G<~GSU48NjW#2t0lD~3!
zDNJ`);!vRqA*O;p@$wcd6p3JWS2+xW89>I`Jx@RvNovm7EtTKAx3_R}y-Oe)#COqs
z!I#AF@i%tbKE!29Vpu6rG7uVSrq`~jeUJ%>v^0E|BLn`SJZI%djnfR7P&gQ$ePK6$
zIRyW^gY@hABYBHme@;(l{h96dfBI~6n%>oFhyTYWL9!3E(}6_rq}$h5=Kvc$`R1a~
zd@)rL0w9u@3z1xiYI2g9K+==&_c8G?4n;HfP~r?~Lk;qX3LRj&B6Y?=$_}w1CsgAt
zva+zy_*WK!1N+9g4&xpq!FV17+S{x^V{MBYwba}u!FJ_02_ZE&+FAP&4Ryd$avw`w
ze!Sqv<xj=iDT!#XQ8g(cm2_g-7gZkOYIaS~-%JxuPP!(@#@OAetq^QZ(+cUR`;U<=
zILwpSLh2VM`$)(F7qpFxuH@X&qSMoUbdNA1of_G+!a`k{XI3t0a2=xns9*8@l#C+b
zgB#u9R#X4H{x=b%mfSOHRdG2$<t4dz<JC918P2Q9C)dlDbjRAcCv<-@3HW|&ibGB8
zL_C|zu#D7>6WC~pJ0ZI)+Rd<x-6qC42mx{jApn{T)ztHXoCj;Q?7G)j?E*Y3is9_#
z#Z_65H0d%yEXb#s#9hxKR&;go3;CC$Z~Om3rnO~&U+E2QI5(ZxV!d0Ei{x=Tm1W(+
zf62xKhY;zep)p7w)fMY<pC#)V3!Ox8s$ziuw7e)RCRY96FuF8J-<`vBbMvm>jx`#Q
z7($jzTp7UX++@xHZ4e=@E+i5yL@^{xaegJ-22Gk#>@629<g7Zv(bGHxemVYKH-D~4
z=6ok2?4Ch7r@-MMZ4H?@(lnW6@s9kPkLbw0BCj7`rVQiup53~+{6!E@jj_3MScXl|
zK(x^1-CSLq3Eql0GW4%+_@mpp{uj60-hFnTaX|b+_OM|G%&?m7$heweF~2FI83$lE
z+9a=NBEGcTZH{~OKw4op)nUs%M?o6E++8Elugv0?H-%=+@pIO?FT0)|Hcl#l1mp(=
zej+y~CvMJxW^i+Ua`LtNRkYc+x<$;+U*_v(#5XYu4aGU9AUrR_9CSx~v?Yd@lc&cL
z=RdGCII(|#FzB&phc<F+25m&CXdBm{ppy3r>InOmyJ)A+s39j#BOTF+({W~+rSN{%
zoMalYNY2n2vYD}8Z&^P5y;}9n_r5Q#&H8!%bOR*8nl<Ehp#;>+0@4Wyyg+t>C2H8Y
z7PQY$CBCN#S+yCi)phGEhgc0D4iN*riJ*$120jm|Xc+F8@3>nAH^`$`q*(jD<{z;E
zk|V%F;j?bRWdcYXQ;~uY9(utU*Ie&*j#YzzRB#-9$;P3NSV|pT)4)Uxxh`u}TbWbd
zNc<rHSs^LF`!c}leQN9Z<s&t9L#otL8>^7YS^SkGYh%mV5bz*VDuAx1x1qyPFPR9C
ztFVabDuSJZPU2J=-Emm|x|7FtQ`HEZEgmClpTj$_1{FJeA%~@bWxbaG`-3m;w1P8o
z%K^|35=o9cqK2In-oelBvN$%{@BP})`5euJ?R8U7sfD|t25qKA*i6aXD!F%N=M!SO
zuy9`}(V;A$>sNJ`0K9zy0&nTNesW2q{+EWTFtN4IO+{G}5=X@$BFQ9xanjJqP14)W
zHAr6il+QwxDCjAQ_(PtK{uIHavz)XCX8*}acQ!jYu`IKyng&PfCgH>qCrJgzW()E1
z^k{7~ws{$VC;GB=*1W#SxD!%i-3>D*yT!DTEoO`F!zc0zP!ao$Pd0f>>`Vq}U9;?L
zZ&7mH*i)J{9s7kYtQvOv*1^Chxu1r(jSBoRUX`H|M=x__ljLZgo-$a+=v;r+6SprJ
zWz*iR>Pja;D7~75>L~W8^CF~2CB?K8tJa?pl#$evDmZN$Da7SE5qD#KAJ-<cmNHH%
zqsR}1+FJr0-b~8>v8ti=!5}IOS7<VC>#A{d%@mIe`*;ba4N#a(T(VP&vvf29driN#
zZ_QTSaR88ve{~}@WMp=<lne+{5i=`UeU4Ya+_G0YUNkQy^LootdnBgRx=PstflUGS
zfUIERE;5)$ZhNOD7^=}+i7vK!Vu2ETAK9=2IMf=zb&-urXth9?Gq$<WtDV-E5~A)S
z-rHwwEc^Lf_8+Jr=Ur~71cU_|cRW=rpe$|Z@<EDnMPCnFM_xkCZwg#9Y3a2uNyQIX
zNAG_Dr5q;!LN4$?Q)(hrY(tH=dDb5&??XYS^0O(+knj;%eUff_bV1)RtYZm>TW0j)
z!Qw{ZPEOdG<s)H9)${Jt=j%2pd)S)r9g_?L;uHi<C56Bs4s7UkC+p7JuxfqpINy!?
zy<m6h4*Z~w4t8W>xE1i&n80wqX>R;zn4kUQpsty%`Pk+r8T<hSh*d&N2B){(n-4qD
zZ4kQA`U3iFX8k-+zS!E^2AU3tQ;66@r7ql)qqiK^ow3jyY6^)vo#G`~{xmeMle(ZF
zBMHgEA*3>G=qh2ik33HM++sEDg9jtY0fY<4J}tun8)-a{tJ-HDsqH&#i%CdH$*DaA
z|0tGfy2G}Z=Au14r3B-)sb9Q<C{(xaCD+d*nQ8*q3WG!h(pOO>62g+fTxY7SZu?`J
zYBWNTvCIGtb}(vwa79oOOpGq~=0R&a(g&Gpt9m|`{mq;9a34c<cl!`Fb{QPa7GHdh
zOI}EQW^sDk<!<|0wNeh~Yq9}?b(eEQJN85Qf64Q-x`@3AW~Tzb7KwnhU=$p%*0l%b
zu{tN&ASYy3lis{3NdEYqf9I*2TRbF9NhVPy6{M72Cz8B8G~lqJryI<wi61n^s%mni
zsi(!KD`2V#-sjPS*DYgtDj6I6JC@jmSzI_=EPQmIxn*c)k)ocKy`=HrdhzOFwxdkt
za{9LvCEL&J4-2QT;p1^X^0_n`7oIS)o}B#s^0sIj$%5KoTk0#vg~{U{+Fmvk2Li(e
zVR4(491o|HVO)8J4z_=(J2G~Q^1+=S_a1BZAX%ew=9Uz|7xJT9j3gZh<)Z?3NNW4&
z(d(p5pR35Xw<eLc+Z^I#^f)!^#p$$p{0H_dfI%ef#3^~>c|g7Pv~B-bJ*<yo!zM9|
zi@?$4@E0a!WQAik`TI(`sFlOamlSkg@Js4KirnESoS84H2W-P4l%_qB(E=2073Snk
zv*A(2fYCD4uIXHktOzX}k2eb!8rI4^3M8#DHX;2X_dm7n?jD-lj?~nWc<2C**YU!E
zaG~u7Y$Hxbvt0puO&|g%Z6>+mqt!T*)K#`azqM=-l5rn>$O@*)YA;oNVE641gfKh^
z;%w|CaGlPFV5I^-(#VX5205RO%zBUfz-}0*OsY2oUY7(rDw$&;NF2T5**d3uKgExu
zILT1YfCvMUuJzl(Z941rn!art#P4wRNv2Cs#hjUdE#OzYqK7ybS2ggFlqj`h;G2T&
zoD~TL5T**F+l=$MyjgX#phOQ`cH(QGDyS+c2q_7fm&qo}aH?95w8Rddey|;=+JRdR
zm_BUVd7S1T_t_RHeIy}BBWfLB@Aly<2O-atgm*$9pHH>UW+`}(YqH;M!9!|cb|SaF
z!66Y#`P#4zZX=qC#4!iFSG}7mZl#cnOim;ic6AW`!8i@_jM8#O&|F%lq59bC3M)>c
z#=KDw4~mNSQ4KFaRkeQ1*O$|6q_O6!S&j))L{S8=Cq-u%PUh0O#@dMK_MnZLefuFg
znJwO&rZ;iERxo_PJ1T_bHOWk3Kg+F0Zn)H!Y|k`V$}QWOn*%TfIHg%hssz<|1-4aZ
zuhQ#|#n@oN*ou`&>A8-MqdO*#@RAA(IU#A8xw<ACaEnw$BAWV{W*34e1?;ksR?t;}
zQK877fV939gj#p;*%xjF?U&|Ey4osjygJ3tWsi1av@#Vn*6i(_a{(+M%(+Qf0$xMi
zCre<MCw15uytlMd#OA}LYUf=Z_|8H0g~1g1Rch*p8JCk}w7mpOlKCH&)a<@(@{s?)
zx!?V^B|8PBlGH<p;twZCs!#v&Bd~Z}R2`wEZx%5Nrp^j$0RF=Sz)CskLOQ#bjvcpQ
z3pu%cV}kdR<p|kroxzrbA>~x#UKm||oRB#aK(r=U-U1gehVk0J506?v6c(3~?Gu4o
zS_4}V*I=q+1~c53@AhhHw-+Bp2a_o}uP>1adDOvhdF(#9yKx3qGzoc7=^zT4$G)m(
zW7A|TgoiAIyoA>-rMexE&J;$_{TG6rnQ>EguZK8_!NaQ{Lq?>13zwh<`CjV*1a;ui
zORPjlbf|}Y(0Z76Wg9%RAH2OWne3K|8{lDh14;lbFg^)U>k@wqOKa!01haTccDCok
z){D7L2p-u^k8i9dg5~8gk^GcwF=wng>tdBif4{pNVD%uz1b3vifGWKk$%aPv0HG(`
zpb!thJ5dPV;^dz9w(g-wk`%L6*xF%vW3)!~D|-!=F1JV3RznJ)CIOL~+HcqkrTm6~
zh=b@mESqC*Q+hIG%gXy;DcQN6B)TcEq@Xf_Ln+yivYt#Wl*z`L6$d(uMgcFjm^dAf
zu{tz==3kRHEMD0juNcTWa(^gtNWjAtW@>|1yh=Lk?$GPvN5|gwo1_f|wvIH|wiFJH
z{hMncYqiyxp#oX(`2S4CTYm_g^V;frXK2yGp#^ZUq#^>|68PRcNlZGpt=k+}$5*r9
z;Bn3X0aLP+wD1k_6KU^&SuJ)=2<SnEr$dDg-3OOVRd5iDNU-#<KGhAP7e#;}b<%1+
z9%Sj7W*{sxvDV}Hbf^b@jUip;H}`~^t-q_2Z!(!u0-$6P#pK5eoQ^CdQ@62qL)0}Q
zpkjDPbQS3bbe!_49G5i}QYo8pWZp6)s9(mMnRS=b12~u<Xmt=v8`|jl*#j?y85~Cu
znf5>(V42VaCWdxOe`W4^SSVLnl(UekBuc@$AzOo7SRv!$PJqVRbGU#NfQ#A~!N+2c
z)AiCli6S4J%!xZ?Lk9%T#lYTZ!=>NOt+JtmyijiK`&ZU*YEWB=5eJ}yBrDpD+;wof
ze<>tcB{55-YqGw2SE7o2i!{a#oFuX$QxrNiWes!aP&+%(6fV1A4bwIp6sgMA)APy6
z&o}S1*OXOVR<95&97@8a2$o({S7d8~w4|5T9cKD4$d_;pk#O)t(+<{+7z{>yBi3)&
zo<q!00USsXA@thHziNeR``D*;41NF2>oW|ctGic<G)a|BjCv$1lA~o6p&$p>*Y!|S
zkc<mV&R9tBp?meQ1Z4N-j$RE(*QuZ<F92hDO!4umDl1`$;{;DhnK(%I5ua&(*Q45h
z?z9>TxT6P&J>Wm!;jzQ3)q17bYZSRlUgrxE*;ruz#fi4LNup=n#moA<xI8`m?)>iV
zq5)`{zo^tRDQfGaUd6zCAuI3CFY2>%fd=sj=HgHQem8_#TZ%QzJD=Q|ra%HVXp+1t
zF*hhLg*-I1clzPz*7)+uF!B-a092>R>ms4>#v{j2uk?M}yW?PycFc+^TLbB&aMS6o
zO0R)AB)OWh?xL-r(PKaFFF&ARx|6JIQDh140O!?!HQ|*sgTH~JUvXDFpb^8-Q9r;o
z*t?Vif#qa~(OD3?L(|^E-5g^u+iQl$(zsR4+zVx7!FKw!a6kO%v+;*UX$i`U+$0Yd
z^c3ea@4#Jj26e!4<83rM3?;?TGr<$CKP6xx_Nqh*yUL4!abezkaw2b%?*N7^uQOk>
z7L)Jw?O^H=`UEN$%EpB*&FApgUv`Y0BA`$H#y{VJy&#w`OL8B{T|qd!P2T(Ug<4Q{
zV<{oVi^3pI3ZL{^p%N2Y#0{9P`EL-+wF`b>`E758Q$84o!2CjNS|amh%Z@ZxKKnG}
z`bwGXt*nRq$qEy2X~)BvR8+*EQwoSxF&x<p`pe_~%K)1Ghe3a3S>fH^onK7nB9af|
zzX<=Q<H~_xI1Q32p<=f63c*j7Iqn}W8fTx^PKJH(Mr9m=@)E%U85oZBtjb6~=EZo>
zRIrM>2fcSpSfHnd;n6@O&K#UY+6ODctfoB=&*95PdZI;eDX<Ul91%D+8~HelG;7E=
zO#Y)ZCa5E@kwJ{{*z1Yts#P)YZvy8i@9k{giBG_G$paS_%40u<(uCx2x<pr%_&^4V
zGr^R*NcuCRt=dPEQiKN|BGB3xfUWbCi6VUV`Do>@7r|pI-vgUrzyaQ`z79y6DN0$$
zQ2TO58tdyrJF-oQ+`c{+c+a#3sErIqGA4jUmW^31Z26)e>Vj7dXjDRgn+wvR00&eE
zB@9Q`(H-(Es1625K(l4_^VOp)DsXNA{eX+2h)A*zXF;@ei;Bc#kaj(i6*7)-LNB;u
zQFVl1Gec>hQtf{2HWJW|1E6@p1CSh)3QNBqLm9w*7G?m^F5rJa9OKGJC4A;g94ANe
zZ18v4QNZ4mE#=57Z{vGD#M0vA6alAPbJ%EbIofT~SZv*<H5-u)b5~rPzf^pq%7@>&
zBEyk9y*OvSM9oc?jT{`*a`9uiEJAJ#r^v$X1I<cGA+r@l#CwIxOfGcII>dBJjiISK
z#8<{^ylKZ&IQJI<z)q>1a2Xl)2E*LIRvSY+U0k3gIDA40=oM87_<TMOzX|!0^~H8u
zl-Zjni1CboHta8^VQxEj-lSopxn_7G$jPZ#$FL9!(sj!*#w`eWt;r5LDlr9=T_NE5
zOh^F*s}QzyFGO{9c}dAPmp?$TnQN-hm7&@MXBTi(@T4m0T^c!ZbyuIYmtW|K?%zNA
z^Oqf&pd5t905;-mliEkcm=@?Z^CcBXqXrD@%?v<wNC!uTNeBZwB#t;K5>G?uPz=9n
zF5NjtJ%yup85STpvFz2tzF|8uk{o;?@&q9%M6}Rk70`PpQiSL(ZbZCuIz^Yn=nTHo
zgJ86qF@d(A?)67H*O(C~-|TF6c#DP&Qkx9F>kb&tu}!sC{{?b$U*ON(pr42Lp7yve
z8?~!bYW*vmp+$pe%7y)i)0VQ6%#YXZF?*^>=R4RNBlN+OplfA(#xRhE4t4O+QAHs-
z6x8#or3yH$LOfwk*x%2}+m&bbaR{Evy?bAaf31#=B+C^23^+Jo0y!uv35BTw`Y#ub
z0bDv-vU{m9S*`BdA6RcVck#~!^oUDFpYs+6sqLcP>FmGfPk)jyksnVK90Ly!M%J=I
zD`2xRKsdoq?m5&nbUII3yF2q?;70c&*8=F$@z>MHmSo5n0?`D>2`UcRy~nrg|BmeC
z<vp}d<^9Wx^UK#tA0bjmDGtQyfk!$H1m^gf=C=_Nlj!E+Oz3ed@CJ9t4CvTfhY9q8
zB~?@jD7{UX3p%8n?e_M&J8K@q!dNPSNpy+<0Tln^%$k2Oj5O>rU52x^$>Y9V#sW7r
zj^B%kE1}M%WQ_87k2CS`h6hWRdzjs_kGD2<$K?u;1)>b%@R;g<fj@Bun*e<}#c`me
zApKC=d%KCN>T_kneH!L|K~qEiU*sjSGHkC)iF=sE;d=d{)g`0%;f$U=^7BzQWKxvy
zPx*0O2w3iLP9889pA3E*|NX#{_~n!TsEV7HSO0O-ygY{$?A?Fd-c<i#5|k>TZ@4`<
zzxp#JwP_7|Zb{0D=lSh_05Vy<y7_Z(5}$bb4RS?KZf^hM|Fc(4Y5*Xh=OK+Zj!7!1
z{#?DhKk**^vQF=arz3d-D^n>6@<jEjEGD}W-~^0>p@V|^La3rc?&Zb?@{cIQb5pl5
z#mpwhSQVK((B4EsE;Yn?NZu=cp4?<VC8p2zN5?8<|CTmLrdXZAxSTe^PBn0n99U%m
z9aCN9q(HIRH>vR3IjsxDDd*$!OPE$~ee%|?IS^i5UXg2cVG?+050*kq@kHAaiwl}!
z;3Zlh#{!rh{;P|tqP{=7JtsSW2lzO519+}Lq-aXr87KGXX0|*m5Yt@Uye)2On9hZT
z3xb_jut)-;o8l6OrVal(HuU(Ou6s)jOy%Wo=;E8=_VrnFeJ)KTU>*9P(veu&hKb@I
zPVbV3rqRIJz8q@)S`5&6Bn_cZ)F|r<9Jt_W7=lR~f@qk!PJF0PwW^skwaGOy-5)oW
zx)w>-cvJIF*Dr}7ff@?5A~l>;J23O3Tegl=Aor4%<mQp0Y2hn_X}Kyhs`$;r+zs8M
zLP^#)>7$*?@;(gIFpuPviY59|3Ce_xH-dwkEWskENsnw2{AuG`wm$ZJ<6~j-4BLWp
zmI48J7y(S*hNTDlo0T83sc8}+K58b(rEO3L7|FeSalLELrb=B)d0I56E@A~WRIgrC
zGFZe4*5z(JH|TgPle52uMrkeK&i7_fuY9s?2d6_Etm@Sq<^(Qr4B2m}mvhw@9>4MZ
zic#uA*(RCdxXN3m9X4BX6;mn7lnaL?(d!$wmP6lww)~4Q#znk4B5;&9d4o)_YnV%i
zy?9IVv+hJg<<1A!vcZv^n3frJ+=S=rP`Gd8!eQ^<*>Mi*cb26%EP)J<*$$GLaH!A+
z+iQotdP~>0&ICIhX~c{}5~fi|q6KB6ZIucev$^z0%}FhKfS><Vy#4RS@=Dl5dOv!3
z1GQrTB=;TM$Lc0(;o&8GEc}Gv(b2r|Egzzp!jIP6z>ntFS0qsD?`OqjefElfE=0Uj
zQgRzY!z5cE<QbO2;+-F|@w5_?3ezf=y!QxnRLuy`&OB1PmN63CXwsk>I21U%Q*wRN
zwyI6uw60(y%gIIY?&|(7`A&bt#m!A2OF4|AyeQ}lB*y{XL=xNO%3;0GwQMVCOnlMA
z!j6%vjr~C`GZ0z<;Otp~SnQK*Yxk_jY+z3CGsZ-w05kQgWY1*s_q2y?(`%ujg0K9F
zge#J$#q7ZWqDIfw?_DbsEo-;M`eHp4J~O4oo7acQ(H6yQPDckGVMx{vQWz(w%Lq81
zAwyCq?wmQRYz-?&|E`kMHO7bBa0vGzj?7I9;7EWoxs>r`uvq7mgw_EEyip5mFknK#
za#&Z#eNDmS(E9v|buRV!4#8tsolji}M<OV`vb4(J%2RpjMlODPLx>GUR7gFZAIo_d
zIM@cU(<={{9V4?_H%*I8Q*o}&^1L7)DP$`*P248(AVnyWjs>U*$mk<S5!C(!4J@^2
z{pG_tuw?}twNf!x=Zb|{fh8Bzl?V!I@YREiEu_18STB0P8I>-k<77#<P;Q}JGzFI5
z%8&02R7_9TILbol3ob`p0HGY$MA>BQWm4w);4X~H8O_1{f#r;&esP2!wLePY0`laP
z^p=)F{-d>ji#)AZCK3wMHLsQ$ByF-@LEE6bjXM1@N+SVFncQ=j$ZTpTiuxwt%-_h-
zIq&}R6MI_hLPt_$fjN19d44Cy@W3mhCWKJKCwG%|ZbGHz@-xdkY`vbE?QN<psVdOF
zH2KQi*62s)ckgB;FuR)MYm?d=qD|5!5|;o9s|n5FOw%&k!FBhxV>D`aBr&za$1zq$
zt#2Y(QZ=4BsS$^kn$3K0ediP;db3VJSM8Eh%qJ57&wb_rIyRgLbJH<<ZVX?|Jl~N<
z>L=y-C6vb2HE2AzK}2LdD2T=3GzQlLV{>xTvrYt0Pyddr{Zw4OguU8iG3k4UsWQ`V
zpS^C7A{V`I<tWRKyiXz)g%f}GR4Hwlj`IA8M-p(87rK5-S#*=(k`5#JY0zZ&ag)+3
zasEl^{nCva#`d=`5S`=hP^=;{|8mT=HYtD=!T)be(82U}!ZbXq90!)bm#{jjPa((D
zLjZJ<IFe{jKwMl(%13uBPQ-Lm-?hGGFQxW}yv-y@1IpX03TtckONZOAu^sVHo7~dK
z<gRyKVq;FItDH!SI?<iwfCPyHS%NFFHBiY7xOGEw$Oe`C1@!nsg?wiq9A6QElrknX
zl#&2G34|{R0)77tr~nz9_gV+kfee&BGvotY+d}XXg$SvdiJOJ<J(n|d4UG$&6r@3?
z_yMxG!FU@Bl)2G{e<t#(MHkwy8S2Hbo?kPtd)v2rH7tr$)Rh1zkx37U>$Wj+yOd_P
zX&u+;scv86%80>A(6kCaltM(Yv&`v^8bY<N3eXvZYpczvu*JTT+QKC<-cxUwcM1t(
zih~uZXfRtcD6Z%k&Di{gv5e|YZ0Ot>*J1nT(KUJQ$%)B;JUOYa?#UiwYpxrrI{&JF
zVH7sCJVnYeMU&)Gz<4GB4Td7(giBxx)gA%+AbIKC)y>V-Q68qP5T+iy+0Pf=oJ&sV
zO?!1APF^2JIF%$-jADTY5`EHL-Iy}EI6cE82pJ0KeCpzwUv5uN?~2#W+1pnXi8}iu
z!2WQlsT-3*KVN#$@IAW{EQb%E7+3bjV_AvhZjG#?n@f`0Ztv)<t_7EsJ?KH7fWE`<
z^8a<bMjC_C%!d)p(^L6NB=Gdq$)dFd2@dW(7aw$pKgVHokZl_rZHQNAnVXsT?Mp1h
z1gdH+K#nnoL}X4*+=7-`^<Sh^{TET^y@zFl!(_hV)S;6(qeY$m%bW_3ogfo(Q7Yxy
zG62YdXp_76Ne@Y-ioj(oI1fJQAw4*M@ktMj?6PWO$<gmh5A}wFo*zi;>O&(_oz&k8
zR1*fr|1b82QBcpH{<xeGwZD?8frFq}k(>>`cGi-ZQX8r#P?T5%%`f}uFtS}fwBgX>
zPs<pIu~y&_{bW2`{_<}}G#*y2*$=DToJBA@Yh-R$&%U)LWu~Srb|f1*7|%q6@Y3M~
zjfk3Bk1ZEBtd)KNpPqILc*DKF({-f<zk{Xy-VY_e1&evNDhJ34fjUD}Abrr^zlVxa
zZO!LTmEK|3@!Lt}*xqzVLV&yxasnzk!G{RmwK-}(`>@MwcvN$i_W0=h$6XYIC9(RL
zd_*;DoRbECa{0icqIg^(B#$J6+=XJYq5uIJpPRy2J*pwQEMxt0J3Z}|+Xlt^aVY5z
zERQ?QzsC#JnLzCz_9|;*YruRKt=$>JAXHRCxag;3-GkmUjA0zl_qBVM=|%aG4h$=6
z1%b=R!S@c^wuD<vl1^M?S85xF`k)K$eR6_|J7isYg|o3gont0i<A@t*ADr1cu$^4B
zEvY{e0P%gY5+g#JQAP?V2L^L#NAzRwH-@+O!Ud55qh5!3oA?Ekz#fqyKHu@KEp#OQ
z^-V*OdnF+sp5Ede05~#eqLw7@l*H)4_04ZNvZnRHMhjBv>wR*DVD22KmgCL7Xj(lR
zhIqF-{G|86>qeqy<^@!7woyW<(~#F~QEd{H`M^7SH&(-#-IjCo$}J?zGQsGBL8ldJ
zOJav>wvgc%eVivz+v}-~V?UM?r{YNjvHCR}6QR^2UR+g$pnI{@!3gspXJo;LEVPQH
zzVYs31@@kNcXjpp{+f0IG(2v7;191!7rxV^6;3dsV@WY?v#<ojLUM@6AL8?&I(i|A
z1&w)xJp$b5Tf~hiZ+rH|U<v(IKs`7zkh(Swht`zK0#N%``EjgHZ+OQMqq;6l2t6?h
z?wYdK$%iH+b3nr9f)dIJhwG4OhOAiMXZ72w$$lLjFKFp(qUqGS;J^sCZm1^Q65yan
zBADEEtl7miw)pmew0&pS+?Si?XK=4^BgnXJT#S?9#nv88`oZ%{{PY{i)fK1ccy0Pw
zccIfQ&L<TYu@E&-#t(2_CbUZG4meVix_w8ir4C}+t4gYqJ@$++#^kaEsH>-8VD(Wr
zPchl`1ppgpnKGbgFi!($z=Zycf(CodYLrP?$za;LDej-Wsm3{y^BXVA(>C<09I~}2
zf(j8EM=lI?TKCY=D0HPG@IB;Nimm2{4csB<L{mC)$T%>%q}`87X=J9m9^%h*q5*e@
z0S(nDcKGi@sXICOx=$mQ$Jjf~Jp_YKPKIO(8sZ|WNPdc{FQb~|OepAxro+fIt?=pE
z#9AJ;>3GWk!|;(Pyz3<MYlJPX1fMwK%q(L*IxP39>f1}n{I8F#vC!iem;od@nIHdo
zaa9%<z2M4H^V4`P401d3UA#T}rQw&p8dq41yJ>-j$*NdM=^OQ6APbV`FR+4g9yWW?
z1Ej`EPEP8696(av`Y=4KCL>?oCnillmT+wtd>ws1HYGy3^2}iCKm#*!btY~A8PK~c
z(a&<r&ri3LiOB?#!pFZdKBV?_fB)w_pdkA{B9bStLW|Oe5UTN-go5Qz!Vuj_3elkw
zN$xuX7Dn}|yyyM(=!1&l^QX2*%Kk7b%jq{puBOPT0N;|@k|@u8Tm_?{dS+K7vrfd?
z%{u$N7`OlCM`CR;wAiQotCRSf&>SkfS)w@(w&%x_TPJiuT{U&qQXd9RDCi(#p#xHQ
zG?FU??t@B8zvbmr;}msJ#K7$*NlQp&)R|3U;grE|M+l5NMU+4gjJhE6A$Ez&Np^w4
zaZ26_;rT7hnB8um{Ds*9W~DG7L0cSgqb_d<M0FVe8`k=7Yf>jx0pKH3)jrtwJ9A8b
zxs^G8BpVUfsm3qZ=L?(ywKvzJecjlkQODZHbzmNWjhNcQx`N6kC(s1VBrztXgIouG
zq&Sj*=HE8;i+67}m>RNK@2-#>Vy%V-KJ4uF-J3i1eo)qGkbj!cCkdfWAcK=4SOFNb
zcXZ}}aXas-lv=7pga)gCEG7gO8on?oEuU7*9X2B7Y;<6u;wq$s=^SVg)B11rX#}Go
zot^oQR+|`AB$9w4mcU2R6vAaX9cd|IJZ!WdtM8qF?H@xyT_L~?7DUJq6WnnyV+uS7
ze11qDjT$&6iSoQ!u>o8VA9>}2Z0uDDGc+z7TrXUmYUtJax+OX*W^92FWbNZD;on#)
zg&*7|=fvzLcU9AtYi@Uj@@p+aC1jWR8Q?njzK4N_14h(VE3W_M>V+=jaa8aNi!vQG
z7}K%e04!8jg&-#}g$J(zwft7in0-A&cyJiyF?9A6p?anq_K?>P<;M3-RqP5wa?9!2
z9JO5u$gnPLT}515!hDx{lqCj{M`UGK5%*hgHi$&Mk1`qOA_jw&GV3CS-nS&97IQ&e
z#J>vzxYI^^Z#8{_KvKfc*yI%S22^xP-jGcYc(20H>-@dDVlxkjyOl8zgfaQifS=G0
z$vpUgop1pG?9n!7PcMQv2fvFNEO9S>fR+u@AP753h)+&I8jSV*Yq8AF#3L$jC~Z&z
z!&}#(2O(-+(&)kUV;xhTTonKF?#Xxj^SrrG`p&+IkzDgrcTpOuCC<KIUcu!0_UtX_
zs5F$+E&>&;@GJOX8H+96Utf;3c85a2jG?=e5TuJs4sPq?UV~AXS-r;^7F`Ru@wSeR
zs4_X?Wv#9xoP5_v>wmntdP$(cOyu*YKWN^MI`w7@X4S=&eE+%pkUL`ifH8#G9Z(rC
zd9oxU?E`yBuN<jA-4-|)J5}=C0Q<>SaolMyMF32tNl*aMl!M4k`-k?D4xu9^9{Tk6
z2NY5}VpHhM*v4crbWo%mSR#UsRKJ5@mI_9**rDAW50K8Wy3CT9<HNYKOeA{9ncR)J
zM7fZCy!0axQ{f-@gyRx?*SaDYRN+jIXU;!!WSvC3yO(TRVB;=?>8uOgQ(RL`1THUu
z^-YtAeG6@x5m+33a}=VK9**Aw`{2|^r0@;aCIjCd2<wv*!++8d?y*LEUdk~i6=YF-
zp*A+w#SxzU!x{|c2@tmHlm5^6?dd`<O(><j`c)te{&MxJtmG9<vTi;g6H`A)TR&uW
zz`LD|hKZu-;~}oR`gK!7H~3?;{p%buerDie&u*_TG}VGE6$TE9#!N_W1K$H_NW#|h
z+n&f?^sNBQiDHOVB6a(;SQ=S(z1y%H?NS9N3pqkDq&G>^W+Z7zYQm9J*OyN;*XBpC
zB#M{Kv~8MO68OVgy5^;tAW_}R0C*f?{03qkV9$aO1JhnRS|f)_O&aNYo`yR{D|>j;
zESmYXhB~L)#_0QEv`CQeC;ch6MwSn^5aStijTV$bKs*I?4nADhJM-Rok+n2*{khDK
zmBK)&!qq{>zy_fgBmzzeBPh&l_(|Sh-z^udYf7DCD>YRe=M?5qnP+S~6FS~G5N2d2
z(v_G`*%_5V$}kAuXJ-y0xMAU!sO8jeD?FVjX8FRIyTiRyK6Hid2W3^kZTY`H%Zwfy
zEX;B9GV|^P?p$F<X3JpL0}+^zHx40p@knh_m9(oVVIV6HfSRU=^CGLg+7nza(-i3B
zRkV*|6bzcOSzTq8<w<O7fJuQ|g&3ANHH5fEZii3VrdZ$`fq%mgV#&h@@#GOa9;8U-
zULi24gX_oarmoeL5_l*??t}><G02+}%p`k*q~uuMcf;hcg!vW8a;6Vi4i01q9C`({
zLnzF^x{yuG)>twmK}&K6umqCY!4J{2$K$u}Fq<0C*|9L1rY;-U+F4cx*UHKZmiHSW
zpM7B_;M-b-@k3!-0dEUxAKb!Nnedab_l<R`>D8lPTa~awlg|>t^^^KpgNt(eIQ4mm
zl)LLZZo#)w9hVuu^+dc>4)j%W5W-*(Iq1Ps9H^Xw<O)l}*z&i|l<Q`i0|N^uhPbFr
znnXCtAKHUIeU_;><OYP<2(IoBF0kAu$4Gd6c0e1u_T(?YbfKg6H{Eo_JH?tweY~P6
zj1OfUR~V<`%*G9J>YHlJ(Y|g6v$L?AXuEeZzUm=(U~|I?r?wxlPe)!My8@!RR_6_s
zXWf8rTgrCddTCy8rZTq63!&tmJk$?{Mo$nA?i8^xf2twv>Biu8b3Z6@a8~mwYDhts
z^W?a(<IT^X?adWmtwC=M!+<K4mc?QA9lLuUNh|;9Gu@jbyEo@*^36agM{_OB=xw;(
zSCFY)1(gqih4oUBJLN;RSHt-*>%61q%<H$;9gu8HiU{R)U^n7FXcLV5?&`R=MOkW&
zf#$e>rGJcX7|z&!2lR;>=kN!~Y`-TH8muPL5lLB<f%m}pZ;~1&Q!fCMRj``OMK?mG
zOUtJ8U@a}qP{FdRJn&UgSk5^tZk(Zej$-6+Ne#lcm+h5%w}{RI3`r8vAIIcc>}(RJ
zQU(hnp(lWz$nXYn6pxzithhsdmz@Q$6_i7q-lRN4B)o6#>{Vsa^mKMf;QoE~*K5cv
z=iHZNYyrh)T|+|fq`%(@nBecS)9fN?AeEdzN(N*XZJcEMPgbDuKp74HJMD4WaI6Ks
z6<#d@5aQW#8_swJdyq&K>z^)P{*I@aKpd%6S=oX`k56=Crw3a4=Xcl5Z*Yo#Ebd<Y
z<-V28RQ!k0HGik}!_eT=rWJ?Q(Btp|X<20*I9q+}2^=0b&_r|YWhuZLlY_0xAzHG$
z%%!nxJj@7K!@}UJ-<KU6S1`>g;OL0GR<Z`#q7;{dn2vhSR?-tck$Bb_G!8|@25%l#
zl88<6Q%-!=gDU|WzkAp+_0-~1pka)$zQZiV0*DjaBy$qr3>|n+EySerfr}-5a`FnN
zC&40f-v95W5<58|)t}^P`kBQ^Q{sLnl^~4Blo&M4<XJ@W{r-N^Q4{dYJ=i6|4sHz$
zvl*9Fc^SERvl$ntpDSTdjZ5l73HZ!jz9XrxZ&pj0Q<Fd(=x1@-w5A&(uHo&w+lWQ>
zYjSmahE9$3e38+LtG86W$Otr~rodFnd>3IPAj?+Lft)yZ-}>PeE$j#KHGK@h1-=^8
zFy1CvQ&nMwQ=A=ac*7GDZ48rt$rDp^n50Q3C$fZuYg8B3aOTWWbLM)HbYu;h>cP=E
zTi~pW(>f%vg#voNMyTY1$!($Kr>CZ+r>ENXef<A{ZGhvVkF%^Os}NOIkuvHdc*7fx
zxlmPS?439e(BSKLXN>)f8MpA03R=~og#ih%HJ+838jH`a?{6gtjR{8o;2Fa(foaRs
zoXl>I?A>9~!n;A8MGH+~BBr=pFf$-ie0pl9*myd3D-VhUckuUdpoJBavX~l5Oy8q{
z%lv)!*@ie!C)|^D5u)OKPug$1%M1oo@;OYqP|yTm&*qXk&|Q9_Ld7cRp4Tsy%w6lo
z3C9wsHb_vKS53rbsN?jxrm^({rK7Yyl0ag?tvFDcpn|Zojvx$8#Gmjr*$B6H&+d&6
zXX`FxiD1bsENaiIn=C@p3!AKzeSa=vSYBOSST0u6P_w23DV<fJnI#W&3vIMf8VTDO
z052&%A;g@MmmGwx$I)@Fi)O={X9b0^5}GD}7)gbI8{V6N;BDAw##~#>b`=IpIP61B
zP@>Rye`2<nHJVGkdYVd34qL+pFA6Kx516SqK~E7zY=Z`OS7?fB%-*rwIwwF9cMO6s
zPW>{(lB8MMLzSOhgtu>)%hS{E`FF>Pkow~4HTif|b9Qr^lZIYiT|o9}4&?FeU2*#=
zrYsdj0U0thA8;=#YCzaDgtD_TPs1woOHq&AWf{K}R)eTK2B?I>2Y(G(g%lX7w+8#+
z@&HY!(jd#N+BD<|L~T%EBdWCHjaH|n_hqYNziP=dE=p2***H1QlN+!u8?&FrUQNiT
zb#=;d;zfB>B}@SXi2+K+)G6=T?f&Vj%o(SIGIVhc{SLuAyy+qXs)P=C`L+ciX0s8M
zHVOSiD73LpNtR<tm`nSP=9WeA2z4j$5>ZRjWJQ3X2KN=)muQJ2Hro2^8TgZv;d(wf
z=@#_KiS?z5Or4yFYM9$#+cjD4v1O14krqXn6DRKU^mZj8<t|Iv72EfP?N?D7E!-{e
zw&o39Zt6abUfsI!WkL!JDY=|<paGUhSs8mF4D<otb{C(qL*IZaf_wV^tRy7Yx|Dfd
zNWV)0+SdPJxw*P6^D#zG_8p2I3+T}jl1ka(&8}*c7}Gq#WXep+#ZtJcuQ>na@`uYx
zLziF44yWSNg{&~v9aX2IvE~()-`N#kkhy|WJjZ6QgB)MG#|r4KKKsIYR%byU5It6D
zlAWVJ9PkB4b98Z~-0NxU1t57tHc(YD5{owD!r0KCJLSgL4?nRV%fpQ13IoPbM^2yx
zZ8DK=?K)#7!%2hvexzAM5|z>en;TJ*(o;hF83$AX(~{mbAJKzH?8wq#`iSAORfXjD
zmv3*1YqB6^g=M7i<#nFcNkHxp$E@z^GgTkP5ba0HdHcKZDT2HqSdwQ+f$7V3HXon4
z#Qi4ygO4Y6VoPowLSlWAqK89(XeB(5OGEfOaj|}=AuP+V2@t`WWQaT#K)|^a{tg14
zA8h!*(!stL0=^(1ki0Z}1Aq5#F)I0?hAygL9LGu07Da*Ig){tI@_yqn&JQ(o*uEL*
ziP%zQSmOj<8anLQKA86L*eTmL44gb|7DYkoK~V}4+0KFcjYc6ql;9OnDDYYdQ3Jni
zC0;*YvjcVan+)$g>ey|yAFc1T^dVRb<Dvpf3s!8b7LMcN6{?0c%lEiwnd*%{J-vN*
z2@29zH<J{K$9N~HGe<m&`2SLyIyK3)Y8E<_JSn&l|0|h4U-7FPMmA*rZLB0C20}Wh
z*z^S|Lg;&sSxGiM4a7R!gR_%1H+v(*m>_-1vDvQ!V2enW4+#_+WL9%=EGq|}p&r`@
zQPySE;M*rPn#4zmF*sXX&XL(dKBv2GXHt`;742r<xdeG5ApwK3$|S)3X52%GDPea>
z*@9Jia`MBq{Ok^|bFbJ&d0_+b19V{C=EQjdma&nS53tH~CT&i;zFu5^mmmqU$Pek7
zM=m?q7&Z0CWg910wF^t(QS^mKhH+Ej^Ua8Do?YHwT=>b~t}g$^FI{K)WD4<qgJ4|d
zWt+r_)K1%Eis?LjdwB`ZuWAifJn<-9Fe_c(9?2~D!EhGH;iefZ?>dLBy&(&s1z8aZ
zk{s^$(?A*H#FXgnAuPr_OaUT`lYccVFZGCY1;F(xrQ!hGO|Zs&TVMDdhI%9|KIH4u
z`pBjJjrI+d0D2@Ftq9lX;!v~B%FgVa=ANz4t1?uK5;+$I2&_SvYcV|&K5DMRqI;ja
zvx;iB+;-s9zL3&L9jNc{j6T+2F;ISy0sxn>DBu7uOIGw`pn43laht{xH=Mowvaz?X
zV4DC|#8K{*VeHjKU12v!5yRVY3m!$ih|JsMBdv_}16z1IWKl05w<m)IkQ6f10C+cz
z`=A=pMyZCC(N|a3q*EAZd865%KmG3M0-@XZOW@p-+I4q+d9Q%`vb?BjxV?X)!G_!?
zpv<Irz86;|(_${|ELiX0?8b9=xD-u%`U}tu-xt@{O}!ObUyK#fn$$=ktx11wfZsSa
zn(>kG*FW(H{7<tHr+#FW94vAKwtLms<9?_bdT%@ei%rm~aTiM*vSrKyqsLl(NbjsA
zeh2<9@a7crIj9XABRtx>MMvi*sM<AxsQX~KA4}bljtWzl4~AVCd8EQ@S9f20QYW8i
zNmdi3Ev%sTPfOCRA6Bb^b$=)ZkGU4rRo=C40SG9Ye`jZ6OIijb5Bg;PB_08Ej^0j5
z{oC>AUY7OKaEEsK>8A&pV-?ZGEQZc7EOQcv$Qs&aj(uVhdSI#IZ(zxeSH)T=v>*>F
z4pM1Q5Jb%cgk&ca+Tvbjk2nL&pf9GUp7AdKC}*^Z>2KfhcdApzFMoigr^V7@PulL;
zAC_`tTC%!u_~^CiTub$q5lW~3<5A3{qbpFV3`sXCGWd%Ch9fVhQ=s9|2%Y+8Mq268
zWB(mv8`!x?KoOFal%7Ei1uR!hs6w0qdWcv~%u@e(ERi|EUCFC3p#-Y(AUyX|Nm}Si
zrY8@QGNL;_>n_W-Fn*R7dr*~-H<whDc}AuRDK!QC#?vke|Ke^4<R%EQUw27_wt~yt
ztX{^u8!B6FigUj7^UXUw-<RNSR8p>jXPRUwSecrzY^l*eQRpRmzMq_wN9QUNn3Prc
zUyWc19C<A+uQ?ge-ouv7A>3TQr{M@)&=Wtt^*PEW0qczTEZ>9c(z-9Jn$TDlg9=y_
z9sz=>S8kg+ey={wu~RefwlXXH)MJT`26w2L4|M(785$kDPfniRr-JLkKZI0n?{6A@
zujPaK>DG&O7O2*uv@46?Xb`F!#DAl2^f#j5w?@S0xRV*#w{ZoA33W~Q?=Tow;7)Fn
zy-%jV7`?)n0=h^Nqo$WMjVZkx6xcd71(cQ6FGz@XTI>XjF(8vM2q09~hJsyhN*zX8
z_)!e5$+oo|TsNB;@dc9qqlQ(Ku>lqWKZK5c#4QVOi_~vCh*r}ULS97LZdps?BHPoE
zH>Qa-Y6M_;#6o#}x5<M5Bt@n-4Qa?!iPvYv9mt^N{hh)rQw3Tv$zB+Oc2LF`S{v^^
zQild{nRs*TBWNMEj&j0mR3Uf~#*qYO{@BL=9T^LjHrmI?0+f|XS`5Y9-Nf#Z<$zfS
zC5>OhKw1KC$A-gVId&#RP=`Qa1HK3%BpD<6j)6(Ni6nKWot(B*-^ED+#vrww7P)Kd
zhGbK;(p<oX5+EM(A}vId%~G_67Q$ZP#nBnv1#SL@L;6^&Wb^`K1^5ZaI6+@~+{4_8
zvQIy%?r(0I%eyleVy|w1Nq^PC(w2dMUxVUZ_@W=jw`_=ay<Z+l5&K64$IGs-ZqMZq
zAS2>|J6xs#bw~g~RfwOvNR9VCDRp-Cnf#ZR_h+@}0aB`8E6Tx46jX^w<^S%QwB(2K
z{{kcFXY<GIT$F84LrI?}c?(us<{1Qxap9#Z_YP5d3!%uCq?81T+Y(4AK@TX?Twnvp
z4%rhzT4udFy)ERI7_e&>bTeSzFPeYeH&QBhA7j{?+>bDg6T;He3gmuVM6=wFe{^0D
z13T`XF~#7{N7laRb8EbfM{HHIT+=||j3FGt?~M5t;0zeO!=<GR%;=4c-Q<jtQ9S+x
zHzaTaLIP+2CCEg<x(RmEVTSUjtG85gTKAa!u|&+9Zp<FqJ+{1~n{7L+Ku9zZ8EIh+
z_jTUj7uk1Mw=`T=YA2V`Ld)G4OhnR1qX$kR01$aoCxzG6SZ<THxo?k!(HI#fZF5oV
z4qK=}17mCD;rmS@5GTpWm)5XQms_!OGBp?E;?B=G+v9kWMbbH(`m{lisuG9+Du@oj
z>GBP3fYfDAUc1b&(dmV4FH5l*&YBxZ_M=;@da&Nxn12Kg#9mu=TMe0C1l#Wx-_qx!
z(}EiDONRZQK5H+(Sh)A!Kl}5SO9w$+n~&$NtJ&NA2!tZQVxW=0wA<#cTk7|`+eQwL
zNeyS2vmlNM>a>lLfWulMz)(WmWpxIYG|5Vi9HC!<t1uJn3!)^gQ*r>Qe4>oLAhT`b
z3p(bJ;SQ7oLUem4a0p?jkf~kC_S3)o2n{S3)wDOMU`R5eM{X?D23`q~Pt;~oX2s`Q
zI(1Y=v^nRV4-IF_R#>%F4B|f9viNtv3WYlGb+fHuYwULX;-sK@VHDIEa0S+G|9o)@
zSyIfYSucw>=#r6pbh39FMgnDYb@2-ajk7IYKBh!yI0E=p5Cg_yh#jY(C<K6Kd8|$s
z3N|@M1qa4FI_nKjBnSE|?dFx$Nt-7{1r9#Np)u-e)S{t|?3#0|(@VdykoKDf(tzq!
z_-mF#x3^8;M<CFgNzKvO?YYm1PSa{Ve1)DDCMkgVtf}!WovPkvp@MK<1HhjaaFbBy
z#Gd4q;U)&1A-n`>t1UEM_%ZXa0sd(SFJXWsEc)>ynew(yMkF?9Z{dh5NTfdpbOC4|
zM$AV66(Di~M-!F4sJY<{f`9>9?gXQ1xAZH}M`Aoh{YgV!2WLPIt}<9^UhE4G>hz|5
za80aeaqAAQUh^;-o--pL?q^9}2t4)G>jm^NJFw?h!2ZIxMI~hK^^&eAP*o&QWeLnq
zoJM(cQIm39gMipb5L&?H%%#3{Cb;CsCJoaV7FblnsmHPc?FCe%1gi$1l)=;whV?ll
zSP)rV-l+~6jkaz15P2&JIlq~<ET7q|%62Z=X(VZzFL!IGtqE&fqzM>!MF6&Qw|5VE
zB0~s_TBjjr1G`fhhF}Q>0T_!g6jg!bQOjw;?C!_z5ofRxTFjsb8y{{s(xR<3vMBQd
zRHER&o4%074@Y>HB050lMI;;-IcOJAZ4e?w&Zba|3OP6XI-#{91y2jkt+-7*gqk7H
zuP-3X&EHPVT9yckS_F1yDMgulJztMtW|0kh+6x+fa>A=mP7IzRRZ@ZliTNY@gZ$^%
zFYssQxPL)ikII-WqigvH3C>}f)g@5@WGV%84){6aOEkxr>dkfjV{vnLUR-?r&)`zj
zRFd-W0s+K$$ue<*0CGJSz0rahieqf7TJ4N1r)}tyZ>VbNUN0RCnty5&2zgSP4kmY)
z0rR@Odr3k)K#MRFB8@#+`(NE%y*aP`o^>ij3xX1u5%@TBR~;Zo2oF@m#*5h&d-w{v
zx9#@FkS`{_9rf#+HNOf}G|gwI{hVUch{uWJfo*(x*Y=iy0LK>0lVU%`r5=aCRu?|(
z;a$@f=efuL9V(){1?Lo=1NJ|M&WEbog45Y64?hrd`}*vf6WRH%Gysk!)>u=(J5v>H
zNdtyAC~8x0IBYwVB?hI1M^chViKP&(M`;29jRSC*ZGa;QlXY<Yqc*GGQns3={Tso1
z!O>X@V=JgJEjyuUjD6z}yGyEcEf^oZyYn{}fSV5S;EZE04mA5DF$J+3mhI5l-yPe9
zhLY@xs~-drRs?<s4_inf7x;=`{-wZL7=^ONw>t$ChKV3fP`Du>FyL<4429Co01mGM
zK>O|-4Sn<OMf38FZkN_jw?77coHfl`!YTGsYK(|siJM<iYQWH&fEhnZLpNX>F14_v
zj3<CyL5gT&L`c`(`n@R<bVRr?$cM^`ux8I2b?}hhefi|}x~a~Tcte<8&hStW9u!^T
z`v&vZ3feCXMX1BQb3qvOp2Y{kWypKJ0peHAJAc!cICqZW%|USUt{JT907Pf-Fv>EI
zVXG6&sqX3_9d*n<(#g})qAsrag}MQpH{fehv@Zq<OI1*(PfyKV($r@c=OrcfBpm&E
zdWysS{#VFpUvrE8jxl=CQmy;rtNI4Vj&5nY);<rsJ*zLy<Q=kpuKDiiso<!|H|J*I
zbc)m@m{WM~KQ-ey**+T_FLDS3vy77Z#%oNPT5e3cH3DMHKk4$xi6afKt}ZT!JQ!m|
z##(5GI#XOU*+?MZ_e1vtkQc)>g-2EwkE-iPo|~A*W@cEgZZh{o$innJ$W$3%lfkG1
z;$(>nPmW9Gnw@?5?(a)DI(Ilr@AMQIIBacLC2W7V%u|uHP1?zpPU4;MQ;^rQ7;Cu-
zY=nN*I^Y-t(=*&Mmsq2UM$2+!CEk90$x-G@%k(_DE)Cj!eD(8%M}rQn?_<4-J>^rg
zT?49JHy)O0Zcd0aM=q~>OW-XnWIsK>Y*C{w?AiP(Hdo}cDK$~n5-|d>9s6W<mwTxk
zGZF)#=tsA2n31zeklz_27@qDgm2mp3;uD^WtDW@E96VYt2U(cWAKhVOfd@MM)$-dn
z=NFCDRFf+<!kBVIy}E9omvh;+L)=Ao6x!6rOj;l|`lz7-8|gJsLo5_SQi@pTw>@TS
z6+<5fN+i9Hq<4%SfcfmjB=Te)=T?~&D_-Jh@qgeZ;~lt-&+Iqgr;Zc=(<j0a_~J{F
zE1SOOUPO2+0=uG)K#)d}@*?@x%sA~%-qVH_9z2blse{(z3@@ib_kH8fH0Lf{$*U2K
zJKW&{M2{#5Q!fMB9EOHosS1BUtfCh^$5Qr<E-v4ZF=VC|GzSKe%3N|iLQv=O24-1A
zP`ByveKJ7WNTW@Xi{jnY{ax~%{)ioyXbiM&1R^jnBQ@Ye;%mFPDc&8T(R3&uHO3#c
zR~O=wFDt-F0JP6IgCN};ZRNsxt3lu@x7sFXq%(QsY&kyre6?w^(lYsOVxddRR;ltO
zO}NFR8TZ%h+s5V+3*hwB?cAI&VJUBbBR3D555cO|O}k}xIo&a>&XY<sQfhF!ldXO)
z7VvT3HQHFm-Tz&gqF;WgE6ewcOKND<xqh6SAhB8@E2iAHPZux%hF^2WpflShG?R9f
z#Yqf0bb{fD{*6Po$_|?T->RWM*94zd#_#8lW){YZ<4ERonr<HOinPS1yteYubFz6D
zh4%+JkbF|Fd!6)ExeiWTNq4A!{#2pb{b;;Pi4|J|a#zFRQ>Bz`3H$Q+mP5>^?o|0l
z*|)?1%||#{?EV9HmL1-$E-f>x#%c1k+6pt5iSMiP%iJl(anxkEha#Zp%L=F{T;1Yr
zGuIEB7_)o*jvW;vky3&0jxXJ*ghUEKu$EME@p-b{@4<#LHut`qEC-Q<eOB0tpr;T`
z0ijBXMOHVgKX+_~EaI>^wnH=;so$~D*q#2i`{}xkF%n<s?s1QU1azplXbH9XEhpDw
zjr*sA0nY6`eboIz)=AFXX+VlFKteS~*qw7K!FOCGq_mQ1n^o9D!#VwQ-hGfd`6Si{
zh&90%avCq1OBis@By;Y`i{|b-JcE~il|ROtNj$mN4~94U;rV5C(@5}B9*B7WpD=_W
zHIOQBqC(dyZsEZlo!*pG!b9>!y&`H0Xr6dSQ-nE@cF7lIZLbVyjT*28!8Nq$sbNB<
zKoJH>l?Gu-cbwZ#I<VR|X`jYc3d2xSl^{76pyTV)w(Z<5H3brany<8Z4)twTn4%Q(
z#jV`8ny^WJH;iO;2&*@h*{}$i44!T8ov_$}J>BFmMJAp{^Ccq`5L=jhB-MAX^}B3@
z_lowALB&lgq+hU##t^Qw7*@k6>g=zS?B*6N3@Ka`R^o8p-~Q5ux@f`3|4!Z|>q+Q)
zn?h)$z?@~cbB8!##yT-Ej|A5<p${8vY61`L-pC_)CB|=Wl6WFx*W(K!(}|j9aq$lg
zdA)FcC8!l(of1{_6<9+ESIs+Uh#yj58spX?0Sn(Vlg79lA=0#S#{)dRtO()c4QZTY
zYV;GbE%Rkij*w9p33^6W`cYZJd)1dCsB>%*@tI~(y2R;Kj<kiSnkF;au-VLG+KcMS
zz6gagC30a+q)1>$`o1Vcj&(-A$36_QZ?`9I?F>2Y6ofQ^1X`fg+Z3+tVju{J;f)$q
zL7*79-(C`>zAO|#`$r?sQVt3yb#=iw{h~=;lq|vPnFlTSGHGgJ<@vBSgomD-$T3n5
zw4ech>%J|AT7B$r4ejBvmA0^=D8)&urp?F$<#d#prTYH-#<mp!#rj!Q*C|ZsR4Jgy
z<bvjyxdRmg;qpDk1M#eSRY+2Y^%u)+TEO#tajlY_ne-SlG=t&Pn;tfJ2~Gp}Im!w!
zaUTWTYXuR8z`VFC7~vxo1F1~u%P*LNvToSQ3N%X`M4sIV&1swOY?Y~0o<%r>r+~av
zU_ro~?n8K9m@uh{=4rOf4wmzrr<jN#&mwn;f(|ONNn)gC)Fk7_CXGaB!lf%SqzXP%
z(s2=c&HR*Kw8tbhN^0TlJ+aDP&#qeD0Ez)bz0|}dX%g2ZyZ_`K(d@AeUogQBd|d=Q
z6)Y-Y-hxp@YU{e0vMG_K-7>^%g#1Sd8(<ri)Tj>|Z3I!;oy}ITlgN2Dw4T=Cw6ZHI
zF~ZaDethc2`8mJw7aOAdr-yDCzb4KzQmUh-f|Oe7MR>2xKpu$t9`F7BUJLg&zdBP6
zNlYYO57c#rudJkII%s_10CpFp9Y%KP+52U^46{0{@}kPhmWl$&HP=Q7C+4#+$Tz>~
zBDnlM(GuF^O_e4Vq9BQ|oWnAuj+%@FF?BgHTO}orXO|W#$VEkjwZn4g24{TwPFlU{
z=jJXKkW=;UOe&uei2%yDxWR!X2<-x~F?f}6HL7ZK8u4&z!NvoKwrZAu4wpOP53@{k
z)U+=f)4E*WNZBtN-%p^jXPaq>#uG)+Zh!Dz_|!Pbn5zXkObcA1^Ifp6G>U4{q2}wG
zvFlUmz9F&lh1mu&H?pjzCN3K(nJ1UB4WgFS)GZ>uzF{AUwIzI;QUDL5G>b{6rA!B9
ztyk6^VivkH%I+FAWa~~8*{z&fp<K>^(7WSJZ>2a4#bl6~2a0K6(j3W>0d>FhT1*#c
zLfax8?0?$@G?RiH8^4AUJ@@mJDz_*GG=avui#vpLnjEq<Bz%5J+JaVJ&TMg~O+=48
z?(%g86Iz<a0PcTtb#c~ST)jO#eQy5xhCgh3prh?i3EPJ=65w&9GKm^N(@jXE3rco-
zS?!ngj$vF+rMoD%Yt@$T4S9)-C^}Clhf~!`dO$^GkCgFzd7Cfq$d2fihWI-g1-Kyz
zp8ZL!+z+k9Kdk!OdE%;KtZT?V%Q#Osa2ZQylZ9b1#X6hYXq=giWo?}mwAw?Xr}RJq
z4Deb-oZ6_d=#3uC3u|9I?xOAXg%xWsRt>Xrcw2!qrF@%{4Di<xXBfB9OI&PV);x00
zhAQaEKm&DM4w*$N76+Othz9q`I{gb-OwaYi;g=wGzCQb<xVV>dHf*sTSTZ$7nT+x>
zyf1_6y^ibOwRzk1y<0hlJEnDt$I3hkL&`id_Ha({{pJ2Z@JPj#C785LO{Gc<C37l;
zoVK{~3+sr{A5e*RyZGh(o2fZ*pF}!jT3{%ywzHd})(WsDrY=4sg}>w+2q~U!<-c)l
z0XrP2sZA7@eh%n^@u)l^(jfIgX_ESQknscLAr^x}+u+b@+;;u&?>JwC$Y_Y)HxH@?
zzdX;9^TmA_uvhETW;=!1@I35v*-2*B#Nf?a%De|&N(yv=uE-K91d2Qnm>P)*QqTR&
z3Y2L9Qq)y>|0wDD_`0+-@8N#RZCm)i37d%1PQznJY|P7_=i4*t;+N)z+7()OB`V_Y
z-9h@CPf!h1OL|paWqB+Z84{nC3sxtn&YPD{;_23*eMGqu;NRM#j!$YIvIPH#m8-+m
zFb*+uNEwLbwt$HX)Fe?*ws>g@0W`sXt!iL>paxGd$8oTaDuQT%q>H1Cw!L>6sL2Fa
zB=kcZrEI-yQ2PdI7H!4BXe{M%^h@WE_>F*#1dtv_pdeC5L7yd}cZ8`MH>(Q-B{@a4
zA(%7l1~F%#y#hhohiCjofRv^{DfDU((2=+e`z;O<ux6U50t?a?OKJ2qGZHT5p>KHH
zA^>ZEM}FQ2ERPq)agN*D8sNv8m&fgcJy$h^iW_zv0;i;1`Sd~0RY&N<gNg`dg;L9!
z8o&4sti#pyT01S<G$nG{vMM4kjj;t(@tA`HF<#1MM=~j!gDQfPlVQ%GO7{bOLe_Q5
zy2xt+J&^|mHSO^w=saqJ!-&!pkpEs=B)EP3ZU|40mo+x=bXhB);W2tYz+}t<0HCp!
zI06g00BUOV+Gqbbf)pG4#?(@QN%8x5LVxCj(4YI}ObF5<@O$}J-R<%x6PI8U0WBzm
zw?xVWZbU8|L!)n)pWb9gR<rr^9AjpTt`0cV5`79P;<-R4a)^+w5vDx5z9{gVA7M^Z
z*j88!3rMv|QbW#E`c#(0l`n`mu4L1I*&d^LTc#i#B_rPyZ_iXY{8YSUd5X$7Oq|%K
zQ_8a`oF}2ej|X5^n%&~h=i92Lg%%u167&oR*+&8#bXzpy1r0Dir_x|;CEJeEQ!^5e
zI19a^+LoPQBQzYuL79x%BQrvvzR655jgwl}(^HF9voS?Mg?-WBf7IPE_*dUek$`-T
zI%_;x<`_3*cG2ml#S6$m&rL)_a%wojT@i=SLz+7Qq1M76Cnp!5Icq;q>WA^#H^)8m
zQs!FGJ<V`#8>4CF$G~^IZ4Uj^V6zBWWz7_VBuW$8rmeyZ4@3rHNFz?u*<A;;=t*b(
zi=y3al`JNX<lRGjkMQ=J;trRaRIQifw)rjKsu78C=r7Kc-DP>-m<n7q%5HU{eDEhH
z&o6*6lPQe#1Kw8nB^Xb+M5N(17ko!~#Q>m&`tg$!LB{B11OTyx!?HYj=?zuJ`6~my
z&dZz7w+RY~Ne9>>f3pmMja>kuCnE79DC;mzU}*16HRm$PdjvQMj4QxeqR*3H1Kd-9
zy*9`)pthxt)-sp2NQN#rnfMMcY+6q4BCll(%2(cc1hf);ww0I-_haNx?BAwU1pFR&
z0@@dO(X?DVZz=#TVn0r!D2M5%yK!TSG$D@ea;7AaEX{z&$m_Vm8rje!_XSXaGV=Da
z1_x+UMZ@vk;ux|@H3hU6d_7_~BpLcb-th*v6de-8q)nIwQypN{r#tfv{<Iz+@$G1p
z{_?@0v)f6H9GWMx2X9x6F4b_iHmphX4WO~8yduGSh^iUA%Eqo1wc!}BVcPkX3eey!
zCRterK}miGknKSA^>~Yu!JEBBq#!e)Y%?SVJrOK9C9yW<iX28}3sVCm66(}ImO*+!
z+n?9><gbaD7;3bduIopLpkTz23KKSQRFQp)P>k*{;xRlo?Sj|(9-(q#ygi985>&28
z?zaL;HbIbNb=g)?njs&;cnMr7h+$78m-HuoiblLr0DWB&nY$siH~5}@qHqZGE^C1_
ziu@)eF$+8!B%#0j>~jGWRrRs;k#6nDQ70sEG^TMS8Dr*I<|%*r%rpvb>P2fXKMYY?
z5<Tm#Tnc@xq^sQBT{K_oUq+y|z8+{?#-NZbv?>LK3VSnWV~S#YiT2uq8$rHGV;Vdi
zVZkOP6nsH)P=8aGvOvxuSqor)`9;JSBjb9A?fbmnXyDN7=0p|6HZx=3?oJ}uMgqc$
z(CRSLOfy2I?(WaK(ciZvk_q6xEW>PZP^TaEer}x$wa;dn@7bZvF!GTb#Oh7zQI0Mq
z+smex4b+0^!O4j<&SYd8(@{@6qC!L|m^GtK7b)|Q^bjDhu&sSC-mR4B<-<Gj1ZoFR
zbno7&fSJ6y1wX$ckYMK8n@#oSR{~4&^*=@L{hhv^Nu%Yz)Kqs0++>b(GH=-vfyC$Z
ziy+!-%K9P9A5m|a8w8Zhy~Ot>h~Q?R!POihTk>*srTpdTeJC_^f%o)pJ#&HlNiDg4
zthar&ben<3Y{;h}{j1CY@unaJMKaN9i)+pg&Tq-QyuQA=0WO0s%Yiz>ZYVM7BG^DM
zP6sy}x&-@C+P3!04hN1f7JUj@P7Hu*g|!Bv@S&nUU05ooGwr-QG$B1N&tFOcEh?6=
z@nT|!RZ_MwV2oOcGrHqJgEQ3Di_J;8W>8%RTy7M}A-1S<;~v=geV@9fN|1=pDA<4o
zPVq=db_G8x6$37Z+6MU^-*ae}hAMYw%QE{?X%XQN(tSN@RsbY|nW1aZ?R#lTeEW*%
zCGBXLUlbJqttO7kfMuXpj@^h&mWHNe(~OGZrxL7Ja*|sz6i`6AAL!-9?fHe7zhjvR
zfR!OEXZk*4Er5TP6eWj*jFU;;a8?-I@d%AtTn*XnD{>JoYk{Jzu<jz?k4vhLLgKYD
zSLWier)#k({lem<#C}DLTOxaP)p8~#8yML6PK<4_($S@PCP>b{B&Rke=Q2TO2+xCn
z%Q2&mFio=-3{1=>!7o6G7;NH@&gTR+RA>rnI1K#0Gl|sBeV7a{&Qb34n#bgj`4NYC
z#5tUZF`$S2<aoyrn0-u4->*1F1W8zcF;Pk+)R~xKEeL|2XzbHdb3~i$g8Pk=0VZ+-
zE#v<n+w<t{`yfUs3XFIYc#ch+dE$vvxim)U@p~v1*&`-}#IZ*bJ*f3{PDZ2<%h;q4
z%@JCdd9{O%N-tw+bqE<%z97nLxIp0agjUD3;J`($>uMj)kQm$%tniRfeh$DXp3jH1
zV#WZpJ<W2MIZo0Rjw7tbGz+B~Y@RtjLo9y4Xw5OmT>3Je1ne6{Eao^Vd9a!_<<i*4
zmvNE`AGS@UdWiBFHfTpixywx)8~l5zI*!<6q`M4uQ~7dm#{F^H<0jLnU0ncnM{?63
zS$YOx9%tbsi*3AedWXp_H;}W!zw8F%eGR^97T+J%bxiZ<J3$m?BrB707B@KJ180Ld
zH?PU0AFen!U$A?~y5&F|7E&|ngxnPwJnoA7xCPEFzV|9`x<PE$$*%mQ3_~BNKExx#
zIxodP-It#jjj^aQJ4t;EA!3z&U_G(qGD@wY3R0_te=bU(8Ca=bU$jr3KmE!0%#<8M
zjy{x`5qJuNmLL?QO*s0jT6?G#bI*BjBX_2TWt4Z}OoI{xKU6LGk{E7lrE6tjMM1i1
zO7bhL+C@fk&A71Q53%dWsC~FSfQogytL&U_a6_n?Er4twAC)lQcrG4biF~qqG^loZ
z`l0NeZsBU$4C(&+l6Asi2$yl(kd#P7Q~ZFEs_oSDLryZ%qTOgrZIc35Uy<&gBoKNH
z7`n_!NVhvb{MMEtYT|<*K~AnnB6ypi@IooqAl{SzfFF?}VElGO)JC^Fv`14PuiG^I
zaAdjrVO`u6XJqI*wD{D+F(n{zRV##6I6y{sJfL0uW@={X-J7-MvfXH&ywE*Ox4Wf1
zCo%h4kPPmdY>Qn)vm~vx2KFDV56iJ77`1~IUSB~dU|g&kCGWz_Kq%x?33z!<&2lCn
z7-F*;njgJsGCaGxIE#El_jl(P@n3`wzy|E}9kP#O9u;6FR6Z%vg}A2FH=>sx{$BCY
zIU(6$Ss0HtErR3&a9rx(DZM5&QY;H|ZQPvw&qqtMyRvbe$Cr{Qyo#-#6tIa^LXPKb
z2A88WWvPs>UX#m4zo4K1+$E`@CiO|b!B3%A9(Le%D#~cyKJ1kZG2d5YfSBj(73zh_
zBn06L=S%1Vi{&I|DbzdC4!hRpOn8SvG|@C^?~4yWb%8&c&>g|VKtnlZ*2ZG9S5w@{
zS|<6un>Y?jA)~es(6uN|$$X4r#(7vUe$3<TJ|jQZ@nHjiUzQi3CzLQhv2Gth$J;cR
zzlVV;vwm)u@?(b6r*?gatr$$=^;*-YnGE3t-f|*4XaCdOT*(<Hhtv!NgNoWta35{y
z>%c!5-4agE|9O92y_VnjMjF)u;K<1+%bKuc47#i9lA&}H`%$VXYxWy=zE*8Kav||L
z(4*M*Ii#JH@6KK~@8<p_&Cc7Eel>j~mB1^rob{W%cTtmfCXERHHOP8f<<t#48Omwj
zWLqeU!t-lTGLx!G8$3NrHy$?1$L_P}i^r`4v$bqq5@le%kVxT!Vkr)1)eUY}&>2FG
zR;k<-C*PsxjmR3OsXQa&CySy2TXRp(+lpol4^~rm4QXXq!(bEXPjVIwe#=Av1-)S3
z(HOpUhiB`cXX5}`zcRP4FYjMYMVR3^*d2L5N7lo%tWXqyH?H+wAJ9~XT=SkGUxv$t
z3RsG#!JZ(;qv8LLvs{iTSI0v$+J6BaTejRPd6ea>X44Ao>Acc-1Mvz9a;*Rn3T)mM
zue4Kh9CuK6EB(={RO|6%g_V2k2~&&v!vHi1GjR@h2xZlE4&d*|-rlqe{l=%~SaWSL
zcHcWRY@IY^0K87pwqD>RWEQENv%Xt1lX}%euDZz@=jPsTWs&Zy?~ZB^9Pwey_VG*=
zTiy7fiK^ogkbR$B7})em>T1*%CzE&B(ZQq-O$CMYt|3wN^zx!oUv<+bVY5{-+wEe6
zO?Tz|eN%6P=n&(xtOAeJW@V3+qu_g`-p0lZ(*(T508WO)mL9G!PX^T6aU6NV+AT#K
zUf>gs*o%65l_ama>65sx755IlfI{LuxW%X5pG6d;FELQX`s@zbozq+6QXPMgL-~y-
zx9^P1Hl)kJBS7o~Y-PlEYh-q}ar@~2zryEpe4G7C38f{G2#1S#Azpr@pK8d=<dEE*
z-Mzb3K*lhrGSE<^nw*%t)TNkfy#=-8)|D6RF4mW*LGptJrcHcqrxZpd0$6(JO|r?V
z2;1P1UIb%ajH^7Rz$o>B8SaBf0&h8iOMg@_Q$zev1R*6AnSwhy1a|>5-Pev?%Rs%(
zA2e1n8==MZRJ}GE2gol0H*7&zB<6{G-lbqF%;~=UJ^m7sK4&ICVH!g<<3&p$qbw|4
zLb@Pi9S!TZ-Mtb8wBNYZsJ4Dn?#@_Q4hI!{lrr}c-_P+#!C0ZoPA`6#b(a8=(I#m_
zUJi6YKC{9osKK(Z95Rz^x(nO)2jKo?yn2wQuD}xD2!OS9_`Z>$p#<&X!Xdd*2L=#s
z%W1Rnh>Qz{guBX$*jGS~xFCk$Fq=Zn4*x~~B{GWrNQnh68UGT;kwe_z2OY1E>It&F
zev~Ca?D*`mcq1DTbRa>V!9nIV)O*T^*=xHO#2P>=U#+U*t^rR=!iw-=r9fE$u#}P=
zNKWA3`eCO~eZc9d{qdg{S7mXb2cR|0OWvN}y*jIk>!PB>+O!d}&MII%0_u>2SxWKg
z^rlB?Xo&Ud&xw?mS_n%**hC3FIw+H<I#;b>x~oqKIxrp9xF3$1&m@4I2;eJ$U8n-8
zP~aj)cO25Y-VZEEUmYxG9mf>%62*^zQf`DFXb*li-6}ih)nH0DjT8vLR1gE5bbJ4@
zxY1f~+-5odQR6Dn2f@{u-gHQBy938a=$xZ{db<1M5V^WI{~t>IUY@_XIA3+BJGS@D
zI7CKJcC5C?=hfx}P~{jK5L}XADU=+0^J<S*!6z9zTKxFfGPbM~25M_7sVAkxx6O@m
z;z>TN4|hx>bd!xqOVn$}Q&odjEi2PObLuK>3y=`Kss^?-!9c)7U9q>yM!;s%R)AMV
zuq$AZ)v$jIzP|kG3Ho(RZdK6&5)dX{$ouz4zn-q3jRu3UyJ_~m6tL8NCzuNG&s72D
z6sL-Ah?e_E>ZRk>g$pVvz(Mn<D1n7l;UM(dk!O2T{_@t;RFiuRo*!p}l1lC>2KEYq
zARtp_!5+eZ77A%s%FQr0E#FTmFICD}|13pzy8p}3r$fk-Lr!A0d}I-4OBQCi*HXU|
z!ez2^o*V)^2MUniLHcR|sVJq?jtO4phY4Rbir|of9@nrD)CqW6!ck?s_^kDRskE4J
zkcQu9!}G1_F}{(LlkyxK{}->6k>@-N^dwCG!rND}&>&}y^EmQB>IK|e!aIB}kB*EB
ze*0tpa(?&KWv#=-YYJsB@)DLDNX5A?*^T0(GM8-Aqr|k_U=r<axqSuGLsMw?_+<<&
zu%$T*2^d2Ho-2nq{l2)qCUMdC-$<_U+11^vMn)qcy8u|UJgQ3&mjyO=aDCm<G7}_K
zt8ZS<Q>)e=5c}uASci35-oKnZ&V+1sOO)$w@a8q0gv^Dqf(C{J5WJcS>-Np-b$wHv
zxT;}9n{A`l%Y0%ouscTuV}<k<)oXIJ$nL*EmW_`Fv+(3Z%|fM+lZh0m$h&v$bX?|s
z9cQ3k64)deFBM9{*XtTO7|PvmNh(>lA;tEb3R|RU=sY{JD6DJ#z{eZ-FE8(nU=<g4
z7w4C+&jjoj0ZG}6s-lvLuN35N7S-aN^2SHa+03ZLITxG{+C=>sl;eIKguqfHF+%Gu
zD&*L{gDJ3?i=CRUv11MFZgKHraBnGUX)})K*5-L%z?4bi144sK8(616se}&zrnFjB
z?Zn+$No3K_L7Epok19AThfFt^xg}}39^^7bjuH6vlZE?aW>Uizthz$PR~d9)E#ve$
zQk!p}lbr4M%HzbFg?0skdt9s$kho&B$UqqV*n?pkQ}_Y=IUMoQCV+J{Ni!IBk!Q!B
z1N=<?9-B?le?ZUl-S0~-sMrb0Gy<@xN_`w~HvPjvnoh^XHP4bBFF+2u(wZ07O=Zw~
zaMs+N7Z)H7qQnhm9~Gx;#Gr2`fLIp-b=UmUKq6`9Elq(lazsU}Kx>^K40bOAOFjv)
zqEiBEWmuu6MXrqbv*#<+;F82@O)EY*`T6FZu~%-2%Su#h+g5Z8OjEFykS>OEAATa?
zZNn_>)|Vh2C)L%PH>k+y_6<jrv&sT#0Z?{-d1gFxl>G4OwDBnj2;o4fVt6#L%SLxR
z`(Hwyc@A`=>e2~BaaCMiU7q9FSC@?2#)f24vfj6~CzH2{9FH2+CLvm#^dgAN!B4Y|
z8sGNNmOUo2P~vB8jrr_R;zm7eH=X0boI?%|$J1>vGJ28VjSE6H5QhDT@7y|~sE&Yo
z_Y(r7(5aasJ3rnHWUBF;4F`vT9E-;6fQ>Q5&9XoV05(5F)i<9H*uz?6@?2mMo<IFs
zR)YI)j*MKh!GnOt_MSuFC3wFJ8_-A(T1lM_?uL(b(X2@7iJN~?9>jWKQnNOtge<93
z_9^_`dc`IbPu;aQ%`bxV|I1JzKEHZ%4K)1a-7Q&xGBl^B5Bl1+T7~AHGt1?@wscUn
zv>j>0DENRX$e@UVF!dupl3)S~{s=?VgOlu-kS|?=maM+SER=8O3qj_q=b`R=211MX
zEtiTrKxh%`TsH4Bxf#L1Y|c4WU^_#5s%(JW)x)~DEV_PBU)@VF8_^4*7WrTGudn3~
z*R))g@Qo#D&N+clXje2u>>|MSO+AHPT^8D5Qjm1*^mLm5%BzSNpEX4VVTi<l=K`ra
zi&?|n+HfmlN1=g{jU6}j1sLr0fCJtD=gQ%b)wcroO1gN)W_nE!NT{9dFO$9Quo)bg
zaf7b+4c<M#s(rRJY<X~(KOL^LZIk-pwaV%ur-uuOE;F0|Do;B(kx4l@aXLk6y?>G2
z?iV>c90`sqOtK2EJ-J+M44?%E9kY-wEbrlDwcLJMl(ITMEy@W7;c!7ac@=b-$1qC1
z<bUr?YcKD8nXF9Ne6w%uFMcrGfY^nrIBhc6nW*v2$WG!MKfK{kH9j2Yx#E;oecD2<
zuoT?15V!x}hUsrcSm6{H2naHYyU*wUX&u0Gl6rUphBq8TMi0~lbI~47DCeV(&JIx%
zQqBtR!$5FACcc!rRz$%8yU+X@??_+7H#H2t9LbKfbn{_%EQpk`sI9xx%g{6so?@oJ
z_K<<h!x7!>!;%a<RE>Lx-LirD$uQo&b+ZMJ_OtEty<wM(<dn8^)?*Tks~o>lm}OC&
zaa149`ttM{S=ez}TXj<}2%nC0>Py;mlpHR<?dtnz=JW8Ct5>{OkH(X>Qf7@qZncui
zTN3oEDyTs@uR--&Bd*(oSa#&?o{tZ2;jA1<TyHy9dm0h&DcZPAvNWxNNzD478Fyy|
zGm`5CMS8U>sxXUklmhHiw(Oc!+fX7gjdJKzPl6kggY?zi-HlyZldC{R-OZMa9!qvL
zZaL&3Tpv);2UU|a)J+jHm`6s8LvGTLhc?s279#19IJhA>s_LxrfewW3qfbvF{*b+C
z?wF}N%FF;f%!?BJpL#y=qk#L|#b=)nR?d&acKXxWHaaU?brJYs=`|1#RHc_R!l)%x
z7b_-cgU4TZ9>2HE{?lje<rmu?_3xkk`AZY&8h)*BzvLmN>4?Zuygsr3#1AwLe3VyL
z7sNPtBVMD;#KEAL#E_6d_}2O*wF0ZCGUeHuf*O5;w+(pSasM)%09O_TxPNgJ;inGR
z&%3M7w!P|!$luS@Ar9B2lc~&IOx_f?uQiE2PO5|$cM3EJidcZ0&84khhjoo629U*9
zCDpC4v<BHAt7{k{>t2~cHr5JdqGYp?H;@4r32#i4NLh-#=3XkI?V39HUYY<4md8Z_
z3SCkNnyeF~;TPR!gD>J(Xlu$JJwK{zU!qo4X+>h6N3tf|-8)rp0c{kO6=6i8OOWR#
z4y{J~wz+j=o<T&%BckO=UWGzc+byP{fNzkaKYccsd2_NbX<kW4qKqBG?MiSi34E<S
zmw-rI#Ce7B7{lb_RRxk@F1fK9PD;{!tD#s0w6*|>Vpy8XzPMCwcT>^d4#`UpkTP7i
zBn}4x>^7STd-KkTh)8&-X(uRg86?I?kvmPTm<Y;bl7wUeF!%g~p!Sg`f)U+3553U&
zKJh4-$g}dkWeSqk_sh}~$XaOAgxYCveLhmTtS49N6$g}D0g+rrbqr9iWW>0u3*XeV
z*;|veC38niw~9%GCDFxX&Kij}X(0X-`!yqn^o(RoN%^YN0EXu#fzGcbjK;p>E-uEa
z$PZS9Kc`q9nal&Z?z*u&qFWnkmz@uAXW+G7Mmi-eMWM^G+uV>Zj0I(S-_uuZX!yW$
zHKx1TbU)>j?0cJDuY2BOx1isV4DY8yKI+ms%@*3_2>g8WZkUgyY@VbI#kI*57%_d4
z=IpM|NkI*E9El1dI;im|0yh}K&xXQ5>-?2OE+Hokw2?MFVj)Lq*f<IG%Fh3Hm%5<u
zk%%tuk#~fJ4-0u+C%zQGi<4O{Is!N0ar@t&1%~)oC2B&4noqJ`?eHwKp)S&#YSg+b
z*1eC*r;w)F@iWo(vW?0XOAiH15v72vI)xT;s*Yu9ZWEJ`J)Nd`JD7yO=vYjrMk|NS
z3q1~Devt!_4S@iZ7aHC-jCRBE5Cd9umY?0+UPD)_`#5}xXZ4j@s9xAM!1y+)M>&ad
zK+kULyMnu+Ljp*?xs-zDQKfQ0UOGSmRVa}Gvhs(O${%{w;9lIgYNspegE8s0;40TO
zMdwM9mSu#&ju=_FSy)8}lMAzWlQym6Hu9<9L8ng1h0XeX)ZF9z#^o2Y%)u~E(=x!Y
z@|p&YdyZ`Gs_GM?)JM=eW}ER-%qQ{Lo=G12Y@6v*myOLeUj(zSm^>SY31*aqzSu>p
zU&uNVh4nM%ksrH-THLCdFkg_9c%RiWOd~ltSx6(%441AKj0Z`Qo~9@R-w$LG%e%XJ
zNS8#6Y(>vPhkn|>N76ru4xXHRYk!k2IIlXO;5i7@@Q=0}6k_ab^{UIpp!@3jxsZnY
z-jK{|G!_5ZT#|oMY5V{7z?=csc<R1Tso0fe1Z{<I8EWG#UFd=!n&CTSTE4UuJAR&N
z$<8S9G3uy!hjwwb)NP+5$fuyvZ89IA3m6+YGBDIzw~L)teSub~Vy&73>r3!tJE7Hi
z^i3xDf&}g_fO{^foo%m4*d;UHkJ=~)*>MtiIYe?VuAncj-xfD5$As#2@v?Cv><eQ<
zS96nhB{#8F+-L#G#AIRB>{Y1aXY;r390II}Dxt*7&q)pq;}vHKYocTOM1B?*B-j8d
zAlO0MP4o@6HF;!KKMaS*aT9K+RF^Wad0*#BUB=#~DeGWzhB-O8f?xg)9rnZR3*}{)
zXD4=c>d=B#svFgJl0b{LPDD|VcAntOgFT+aKe@me>P9UKSyjK$Ifv;yhZq3hUy5Yg
z!kp>19?N{(5N~gaYbok$E^fsqgts;Du>BIMWqqV);P28~%wckVYJ9v2x0tY<I#V~1
zIdb3LH8N#+Uc-9~`bCaggQ6UJ<d&;$nX28K{>TxZnhQTVliJ|n*_$02juEec;V6o0
ztu7wjvizKIbPp{7B|qVigHG^$ieS+^qdT??o;hO?VZ5rA%b7Vy-Cs)a53li}5U`Ih
z1n<D}nh1-+UDTaRpK>T#ODbnFT((ju&kz-r94+wpd3i)E+YbY9i}3id1Xt9j3-SB-
zNg+ubene2b3QM0dwZW5?`#pa|+(ZGj@-=MWgsoacbY)|_mp4~$yFL}nRF3l#fV3z}
zD^pOudwHkNO<74u{p3zH45n~PDRNkrDeexz6{e}WB;P;uRGCxyPMk-G6<QdAh6lPY
zENlq54OGXRo>~^0Z|k)PQ`Uf2`~B^*#x^^m63ROc$Vjw3;?>Ho1Dt5;C6ymb&|EG&
zvyC#`LoAGo^V>V37JrrM-tVre@pbaL&x^}5d#oU_o4;NNdyTuz+yDa6>FIapcXt<!
zxks||MlU+}LHoe9Z6B{LeP%Fbv6>%#^jEP$%!x&;bUT7k-iCP_c~sUUIL4XW`3OFs
zW4g=l+R69t(^L*p50dRT_H!bADPGW}Ud-j-I}r;v%SKoZ?&|ME7^VX!{;D#F8rXy&
zuvs3so6DEO1@u#K`Lg-Qht2mCiL=FAYMLOyVw$g->9AeC{3LI$d?Mii@z5rh%r=2|
zoDUpXc$!hI>iR4F<KteW0bJ39hMGj+K^w`nSs1jsCSqlVj9)+Q0ZRz~x7c}*C}&M8
zC<Y4yMy)V<%#E4(>*F4_GHPS!KJmT+dfhI|8HKZ?>8PB2d)Z!n<O5cRaRI(d1gKBk
zBpmtYat7iDl{Cim<kydTz@V)uISrN#(fiPoYLWSX;V>DD7e1Mfd&s;bNaGCRP=Ezu
zDr~k7*+)NIsIMyXfbt^Es8*z^Z4$<C{m{0!T0U}nwgR9Er0Y5Wbhga$#SL?y`6WH=
zV;Hd`J9T^#KtVVMYBbF=0Czs5QzsN?;sOBWD8{gq6utqT_+vVCtXFp6pqQRX8`2m9
zlIxn7MO@V%xl_l7Nt3dAbye!Ts3UB<Q^#+Eu*P+mL%rIz&7wQxU{A-&@XR)+&OUuI
zL9E;RYutTgUe<N%x59G{T>@TFQSN74Jd%y@XnmW?I4CSlg!2GPD8qUr%r@VqJ~D^Z
zvQSJ1E=z0B{y?2=nz}%FEe+h%^YVvwSgjkjga{w@kO!eam{uvt7;|}>4%;8xVYP1H
z+K`M>KY*Jr%7D;XJmP&s4y$#8Mi7%k!Wv}1kWv9jE164M@o_k;)(u!#<piS3kP{y8
zLBbiaFkl~(!)o2IQFn+lf!sKFW#rViG;D)o%OBZcwQj(2Qj|&e^vKVm_@W}=VJ>GM
ziNk8$fW?*MwKPGH)j^h*iwpCkaagSzvYbjZKTIiMNg(rDHf{SM`vW_y)(sa)V-#iL
z<SU!DPP0YJY&2YdaEH~pQ42{k<nWXg0nm|=I|+_YfdkF|hjv&EMl2VrDi96sCpO(k
zGCqEiJVoD=d_<FsDrf1k0+zm|*f{4%6{Feu%j0o8*i$e~O$&z1SCR%L&4~R1uE{Ec
z^g5=7Mbd@eKAWZ$b@3)6{Lk)h$pr0FE?oAJ34a<pX>_OYpKKi+A3(y}=1hb}YGbKz
zC7HDnULdbbq`q)){b=J;n6^F{HhkjgN$ov>KfI}%Rd@yp;1{LI&;r&qg`9a4lGW3)
zx!Y?;Yc4rxE)QQ_QBtC<#Eyd$Dwsa{6e?+^`BNltm{~jezC1-rC4SPMa%)C?YV+p$
zP7q?Nqy!Zu@;Ftn<Xa@wU348Y5<1V&dh(Ty?|<oIrAA@X*v8WvyYcM`0?5O|omP<M
z8BpD6Dv(V=-T|C66|Nu7M<JZtkxxn^HJ5e$NK!wbo|_TaISLgZR51(V77Vup{|Z5-
z>-*bR$8XRU8m4Y6JAOJ)U8zS-{~vqr-Xphht$X{U7}!FP9ON`uymO9VKz8iCh2tcK
z?Bx6rY&42wQJUAIX{CF{iUREK{{B`K?@jh))IGZO#*Ri7Ib?BF)v9%Q*0TunsKN^?
zqL{8f-FcKl=z6?Z&C*|}u26xZHyA3{^dqFn%Y80OG}zq3f$=Jc(kK%a`z)j2MI$;F
z`Si281B)ZQJ>a>|%JSJ}bN%wxX=_%*QrrLLEkd?I=kw5T?rBoZcEQw_?V`5O-JMOW
z>XuIg)!}XdPLdlBXf8{y1;NhXXg$4ILR!9bEu*4<z7>=uQHklNQOR!XE<fsmsj1`b
zhc6a;JI3|q5nW^GUHd2b@n<@&GMNA#_z(F^giYa37(tE=DpJw)8_;rl^-;gjZi&bO
zQ^U<_eW$$FX8qDE?cZ5>grsPylGASzE689uc9+jM&KfA|R=HGO$Z+7QTmEW5$Tp-^
zHD~=f#xcrH&DjR6Da4?p-1a|w#@ai?x5rvP_<fO}*d;ZPz7`ckFhU?La@v0B$+g+|
z?U#wN_Q<w%VEI)KohkJ{=UB?aw_j%J6f@;tW(pP1_<@hE{EpCm!DXgC=uGweb7y5J
z)jO&%geb=^;A`?=Uy0x*!vgPJzv#mcxyw4M-A$c8;uUEKTxx<6X124^m{}<CZ~!3G
zsnXa3`Nhn3*UvGtAHC7mU)p2g4)(>~+PxB9$E1L2PvhF#UDFuF!ryzb_dej+)bo&J
zj(0g&fltBjf8OhLDX}2oTloIQy#AB1CY$Z&R7WsLrujvl6Tu4Tq~}?li!($p$7X#`
z6OWvVi>WF$$fsZcUDUycohfSoIVE7Xb$p}Wt?uvQAMKBtSWTLurU{+H6Sy){&yOWq
zyI$*er&s0Ocq}h!9drvEV@gXI_T<~2o^Z(qDJ=_yP+#8O-`sGn2W65aaIyJW%0NR9
z5%slm4>qNZo*P8`m(}fG7>!e#5-4?<9zTY40CYLP%{YVovqL|}Gc1L%Bbnf{5<<a#
ztYHAvSfm9(R(Gjp!zVHc|5H7HtE+kdXZYmZ7W00~ATPi}nF`*_0D4$5G_7TD@mfEu
zD){Qf{VnOqy;ecu?z8!!``c$iyYU0I0slH-8UVE{A;Zbx!Gb6|0X!(l&0)}I{v5w7
zi4VIZ4!5{2fs7A3Q}2IndT~azSmI}%%0rSV-MKm7dUGNCU#?&OjJM35AHI1185jUt
z_h@|$OK`+VU85Zie8v7_GKc<xrtKOgrW7Cm;P^w1$=$E-KCz#PQq?sK!r+pO{+07N
zheINbD;VTpk)!BDh?Lsvr$2|sJM$7apAVeNi3TazQckR14%7l8KwL;|gj{m@X{@#F
z+_%kQ!Fx%|(|?iu7HXX5@^|^QQJBeQu7j6wWI;Lg$`p>Go=(F7)@VYbaValn)er7C
z{ra$LR;fN?q)p)WKl%s2Q0M+|p#i2A6*@gH&7i2UChwz<E3z}kE)7W(n<@!~m@_Q{
z%BSp=Gs(XfTyY~vLc0iCKc=@D>$TM`tFG(kfN+^*TE{cnZvuVcmAa(Kg-5%E60+Pg
zeN)q3#dce=3yDV5vU_A9)qu24SBn3Z!5g@-u!+E7K-w=C56)ife7Jys1yfXc1zk(Z
zm_tHkz&$!Asi%E?@6CGk+jZ$u%BF<%_RhAwhnP&MIEW!2%#aIF-KiT-Ki?O9d?;mD
z%`5zv`k1EKDC-*9k_%0E07)b3%M=<_++IEXvgo#hTfDUza6qeeGt8&~0p@VP?9~K=
z&x6leLoZYWWsrwKgu`{l&zsc<TiT$vcl#Kg;4o*h0qG^G^l2J}2?<|UqR<T%q<3*A
zzkzJ<qt7piha}Mg@KRzy@naShba5v?8h5ho+YmWpa-_Am3~?|iqJEQx)|8g651i=%
zUEZo#>%<Re?;=fMn$%O*79yHdiuUn8>Gj>UzL|ZC66Ctvv8-R`msJM4P8vY)04cG3
zUFu@Uc9$#`4lgeVNC+{dD$arBMc+DFWBHr`mHl`mI11zU(h|zgf*cmcB&>XmvD+J0
ztr7=cuDtHk{2KvY8gSmRQB@Tr0HX`38@+2V-UEz(H|CwC09&_x(@%5DU>rEw>E~lo
z=zBxGX%-j_el+*OxGFW1-iCV5llA%N6<|B}PUbVY7HEkJVi!bBlL9_UvIH*IvO7r8
zK3jQog;`(UZmx@s!T^8sZb@EX^_yAW=r?cRnr4*&n#Bl8uoWO*NCM8$iTmozLZhoK
zbaNE<>93vR5CSyJiD)_OnUr!&Q(&gFi{qmEKdkO=SJF`#xY~OQN@#Q;6(_|-M65>X
zAFz_Ft1K^UYae_#(lo&X-$!|9;RAQI4+n08qXyr;lrCVRfFmyp637l*xT5FAZ-LO$
zVs*p5vi$FaGd=niQ>>A)t`lO9&BcL8k8+9=N-XNKgF@4ifo5@Gsln7pfVRGNPPgSK
zG4=+V$C&ESo)bx?8-~X@W|8?Kh_oMxt0QX?RbDLYEsMpU1>*l-s~a1Yn>mebFiV<d
za)k4zMBPI9Pn28f<)xQ!ibCX{s2B%NE}UCPaMsIfXvwvFb3@gfSQ5^!+xv-6e*Edl
z9<$`T$s1hB)}}UHUi{=5nTcT{rEp=QvdoJTUodX96x!iUZAmMB>1<ky{|q7<`@?oW
zMfSyvIi|J@a@@EgRG23Pse60n^y3&iBA4j-?&!JIfQJ|sItgGO*D8!*Fw@dUW6H2N
zIRJ2SSv?@mK-bOJSV}BKf{1`!wDyQIP<Mv@a+fZtYjcS;3>>k660UtQqA|lr$3?-+
zE0}Kc_B9MD=Z%y;WAV_~Rl}C64Cfh+f?Sw7zDB+Yfc;*^Z~G9o#b~7eEa*i}YyS3Z
z2F$XZ5w!M)jjYo8tw{y8VGl7!+WZX7Lx4b+NgiX)(r&rQ&kR?{d@Sq&g88ui(0DJ;
z&(y_p{jf7-HOb><`jbH(zfLiEew9Pfs3N+_;7H=SZrycyo3>M<NBL~=%CbMBY5g=;
zC9Iq@M1_t=nvuIpAI(r}x`8w;Xfm8KQfU<~SPJ~$a}1Ie9MFoG)_FfDMw-;WB|kTB
zwT*sPsqcpnBaoKPjr8rRubpGiO<?_~!OHAMUX{Z+49^6C^NPqv{UPTZq^wj+=F0%0
z!c=h<lqxM$!M>3J(8%hHzC!St7I;b~X}OWChS>dZ$5d$oS7??1rx5%=@A|n16V?kR
z(jdii=!qf%z@9YkU{;5qnX}k462RDwr$DgaD>55}PdWvZTOCiim@gMc=;8>G$*R*%
z@6DOvfH7?#TzT|pJT#)X<;>XKxmYx6qD!=kr*p!9<9APnZ<5Ei8Da~KJmJe4=o{bF
zmFmhH_eM|KTDZlcM+#T}n#|l{(dT&EV(_Z(Y+1Gzi+&$OarfkZiv{`KhCywycygcQ
zz(e_?xLIxP*M`5B@(=uB?|!cv#***3C6_sNeMWmr<I|kudR<|c7;4&pc*2yK=+etD
z&jz|-Djs5E=QZVyi*j6omzUt>)#c1S>6vZa?uX+bk}^s?n7acy4^>q}&bY-vT#DE~
zY&6L_UEV=K<b6B|Gx6hTe~T)Sh^_$<B%7(uV;o_*@ASUs;c?B&O8l@ZaTwZ*{djQp
zi<L8nG^qW8{`x$jJ$^Ak2iQ@>(NJ!DK5j;5f<mZZiX3o8ktOgfb5sqM;XV_zS%Viv
z_S>0Akm^9hz`)zW|DyGqMf&)}crL`@tR+jeJH>}i1UNJ%4MVDg%b;`xV0(TC_b4l9
zbL^!)=2QSXhNT(kzVwCJ{0(07lLc$qq=1C51@1DA)YM^-J}GZ2c%k{W!#Rh8+5{tT
z8oh$f_Az~%0u3BaYJmpBY}`S{cy$Hy!_#(v)b*WKUahTBM~(mUW|ixkal|VK2II3~
zjQc3>tJQM~t_d$8IXdgbpnp^p3Q4r4rgAW{r~f#gsQ%lY_K7RDm{>)>z_szrPV!cX
z!VXZRBDbQ;s7h#mrt*x!SNWjFpK;kYZZGd->Q-TKzh0Z$yCpfA)mnfcNfIW$m-&hY
z-7xl%nHk>lVZJ4CRV(#8t@Ycb-SIE<TQ-y|;D=3DrF_cVl&7jBqB#X;ZIjot`X<`m
zDDxv|m+E7wosiyVsUK4FT?84OUdNlK)&aG!q=s08_4xDGbKQ?!jA2P1sn}GSK0ifV
zk`tR>jB@VSGU*v5C{uf;Wt1e;xo2@2mI<T-6`AMpu0LdOZAyaj%b8<tV&V6eUHg*W
z*<=D}GAI!!3(u>Ha7)APUnK2QXXHBank+oL#Xrl|thbEau=Q@;Gw8C)h0q8XSDBbf
z`fv;cvg<%SZnR2mqsb?RdqQ8XXXgtWY7#|$sY;+0dq48z8TwuGnK}jq=kGewG|CU(
z++DA3owk+lm_8Wq*6)^gYkf_jfe;p8NnDrr`bO5I3T)?}b^TA)0Eoi4;H-hDEcJz_
zY;ecZ&0TqQmFwbHo>-XWdP6nqyVv>ZhORtUSG6Txr<%U`N+$njQ^+VCSl=Fl_O95O
z>wdg-Py0Q-w4W%YP?6<Zt(Glf2h{__NSi$M%BslN-cvVj6&_--?%?T(c?OLj#C(i(
zsq-v|sN<nqH#rA)safWmcefah&(_8B+gr09n$}H2&}VrLj^tX)r*Hb^e<;7Le15zA
zP7sqkM~?bP8iHw0m8BmL0u#jKfo~AO#*PTM-Y@c=#iIY7nf1}{i6M(3vj4zvB2*QN
z08K>$9M9TL(kkPS5ANo<-?KW9xt7m%U8xjy&idLQb}jv&q@QCI`XOCtlGM+!+I!cB
zFYV_nudcqg7~7wvwz|2kO;}!C^%Is%gbcxT1saVpyyuFacGulNzkA|VuH7!95gP+S
zH=u=;DuP^zpK<yT|M6>!u61X&-8ojGAoitkQvAaHP=WmC@;+VKl1UL}6w#=qLUBhy
zV5AT0;EqO4@{d<n4;JSizy8O4`hUJw&UWuLb{`Heso%}G!cwUyF1)OaQ1u~2p7pg8
zji@K5_{P9qo?3CG_tb^Hyfs3!k}4lhfP*YC^kMSB(KQ!OKZdEf^4%A^(J>zU_Lw85
z@{NXURERtKH=Jxt-@DC*(K)s7Rn}eacBq>;r_-D+W4r*gN)^Yx3E}`uA}B38-u_)D
z8?<;$?zpJM72mAhE^`{SaT?Hh=1#C{F)b&l_fjeOgE*C@J>#3Kb{u#thigYHzin(-
z80$dCn&nf5Dwc+8*1)XKKat1P)$~yyL+K35Y+y%;;HR{=eQeWl%{>;)-albPJ6R1y
z1y2!FQI2sAajI7-LPCRgY#n05xtbpI(4?fr=iret?7<Mrw|Y&NrAFHiuJv`zL*ORg
z_4vxff+1#MXx9{Her#x^N$vgkg9nphhjw)(LmPg0e_Tf$DUE_2$td0S8Rm?)fqbNc
zqm)))9)ZlfGe7d*Kdo0U*V=NH4esra`2@187f|R!TtN8D$Ay)~f@68gXIx!58}#bR
z*`PyNx<0~_-!Qzf{{asZy3_Y|(;Vx|Mnz`W#%WAjHF~0P4vc)+!NPIh^uzUy5k>j#
zht>MEzMHYwWsjf9v(<U!Cux}|j!_lllZxlqp|<LXrf!G(xr3D`uf)9=N~foks?smx
zC`pa<oX|0r?chy~QmWnQHZ=0!85nLx1UB<seINL!4~leE5O_Da2fJY+O(6%bXg-MN
zyAbn<z6A4N@SZKz>n7sIPH8w>ck90X&O3qXKn<fcXqlJOhZGV3T8xY(G9iJjVV+t$
z3=Ufi^h0DfskR<Leo>|a>N{ehpYWXfTPtcpev?BzhYTMUxvppv=~t1QC-B4Ogt~Sq
zSaHAbs_$?K^ZPsVcYSl;x^vE;>aW=cofaQJT@&SlxFSo_pv;IRxJ@yfq7VDwt@2j@
zEoZdkM3i%&EaeL@NC#7Q?j2JbD`i1{1{#y{M^WUG03Ccpqlb4MEFW$HhR2kGiF#%R
zX3wb)D0)B63Kf=dNPAi`RCRq!8)<GtKYav#V3|Kmp~ZO&KrK}TerAvwA-Wl4>xTPU
zj^eAU)+QQW`~-Db06tHX-73N;iDIulpoX9I!M?et#<m@=+Na*9#$@n4BleLrSdu0g
z8=o5g$oJx8%iXerzq;C~!9IxC$I9!VMAP8h_%H&`5<ge5#<lfR18LRFkuj~eK9Hnc
zSmvui%twsde#q6`qk_Rr!pM$so>5Ur?oL|hWC<~Ln^&*fXgl_Xt=v&vLRE7;*ywso
z_%Ol!-qJn<xu*+?YRMU7DHL}N?Zd!+bz{Zc>jkm8_2g=JYtG<vP=^z{EQpU~x>A{!
z3RRZ<%%Luu8e<de5!u(onzeH2pU}TN*$q{xW!j3<F&#_l#a>~)ia-}Cr`DU(CQucb
zh2sXe!_u{ya<-vFn*<|No`aqWDd9#nWx~d2^JC4iE);JrvquUrzgrv5y4zLBpMT-c
z7o>@5#WjE9YrX!}(7x%fZwbsJ**I*;eCH#m?U(I;?vHHozpkI(-kJ5S1zq)i<tsbn
zufF|-f&W>*v3to57z{`EWs$urc&*>~QFE&t3;&l1{(CdY^%kS`qYn*KNey`v7zvxP
z^`0L2QMJq*Ow5Ypo3BKwU)4h0InGe-488hR8RxgF^?LR8mv?UrgKY+F|C7a*u1#*Q
zOANKjf(#g1&d<;*2%$F@Ke}n$FM@<VWOfOP2<q+Go7Ba^&gx<z;(~n7u0letucfov
zwwOYi+iygLl4^+KFjI6|smN1)|CL-gc7l837;T$oH;h*8&d-fEMz4!k*{Dt2-f!;7
zXXg^JPF83ey6~}>_Rz^A3Zqf&3aB6|A`Ei0)9{wV*NheV*|&bZk>tFb+vATSN#&*s
zUfNRfRysmo04fKYSo*o-t$No#T^Xv-A9nkA@8!7n0nHvB?wvON+{j%{DdbLVQK;bI
z)c_7m8Q{j%a+m98lRGDYwQ%aqI;dQ^=7>TA@u#S)8R}1WlST4u=*h#)`fgSKn*2>Z
zH@r3fvUJ*z5Ej@CMF4t~{Kf>6hI<@Hmp43#2b$Y^DrfZ_D)IZ~uQHmh4a0yI{Fu@B
zS&^H}hfX8ZaTSr_mSGMHC**loSI_xVRB9hFGjSr@lP**H)YyBhn~3f+g)Ejxm!Jrs
z@rIiv0aAgklPhOhCf|JZU;4JZF*~)s{dyHf?$(12xid<NBeSt6TA>vc0pBdpUX+DZ
z?#lsjMxh;H5`JI4G@YL@X9Y*AUzaNZWa)^+vhpHw>RIS%+$MYF>F@SBGb2m(d+e~a
zeR1MIT5kITyt}_4bP6VqpKkBdZQ3fXEr-ma+<RcYU)JyB#yF=Xk?jE##bM|x1KcMp
zh&Z!U-K7T)*ETBBw|5&^jy1ZhcHrAfU?bjs_v-ql1hu{mFzYuD`2L?VT;Kc?!In^M
zMMlRa$;&V*@h<wFpk4j;MWHwXvGc?L&Go!R<-fuqDe5=#$Taa#El{v3aPo9p{r;=|
z4F^5a(@h9l48F<$6ryddPSX@*sK5Z*%ksEKQRD!aiC3gi44Gm`pM_d=POraact5`}
z#dURESoGn!R~_AUQoLv{4@x*IV@6o7y1^Jn@!p}Q{or6I<*9?Wbla>K7_q><X?&Ai
zUdwh`Wye!bRhl@DXgQph0h2B(u)F0{10Su&1Hgx=0TWWXJ_d?0l?5HYhz-#3nVsHT
zJkj{Dm^UDL?b_*yGP3X)75+&8KBBHHkP~JOcK=59OpqbDpweZU#s>WG_g~pYBhR>D
z{KfK1Ds3;fPg6=r1G`5W1DuJbnRMyQiz3EK?p;68=Z?Q~2wzkVvDX_CMC*m|Gvx;y
zZ&3qctZz8en5Jcq7sjp!K}$P2!NgS?8}B34U1-2*aZ#z11~g804R3qgaR%cd`b820
z_ysHgNnoVN4%=dpAFns=yy-2wbbb5sM*dx8-96oc@nk`?pPt7c!bAEmDwuGSfODX`
ze5OwxE|<(|jJK<`fK9WCUSt%aq*bPiO4`1*S080CO4;|d((w|{(*Ra<MV)C7H%r%D
zKhub&SFZ05R>acP8CWEES^zl*1wp&IAP7U$+w`p`8?U3O_M`NFL`#h=o!75dw_@g?
z^CX*Rt=%o_Y|hfjR29WEd+~kGPgBEk<PD+2qRvF#t)Zva*LSZ-s+Xl$O?8(M>f!=s
z5IlF`XOUs{y0tyhuZQoM0~#7pmZt>pnj}J$={`X$SQfq*u58O~16HD@vH=QmEQtXy
zn}JKs_+|dxm1ayG-tE6N)!f~N|EpDQ<E~G#yvdH$3Zg0P&i;pDlvXS7uQe0d(%jlA
z^numzaPwo&xv_=H2ZEFnGD~QQYpNnA^<;NvgWEsRdahCV{vK35@n5MKP|(S~qJIlb
zNCUc0z<7z<+YC&_CmNHpLS0~}cFT{+n9SCwBymQs6D*F%r*W9r$M)7Uk}cTLUtQIe
z+;%t1Ryc@vR>k@Ct)?EU4mjnuz!!G2C{A=9`E-xTF*(OKo#Sg{%xy!$j;4S7>LqdC
z?d@}h(zkj?HrsyGpRV2YVq^I(30o^|c6yI}a5PpJd``91?FzQZvxBDE_ohV2R>Lka
z5iTXM$2^B|cYC@;=I5C5k6y&GnNFINR$C3pfhy&=D6oA;<X8hDQ*s<1zJa$MsG`)w
zK^PVAuM=3N8b;2Ywg>t-=CO0l>b}}`VjtYwQQAw2iQ#%k8f-6GPvjAaOhpp-NC8bR
z`@JRxH5`WiM?v8iRB=f2>*mD%q&Q<vsBWA$^sEW#*bp2{7Pa>CLu(gxmpgALB-FYz
zx_IThJ<&LU3d%U4^&t8tlg5g}TTY}R3BxwSYs@fzr*fuk#Hp0?=!;}iKSWr2*C{0N
zM1_(tkJu$yIqL0sny>kwazt=0M`~$`;=h|AnMc!*x=dJ8J`4+$qT{S$N%hX)q4ZVU
zV;-&xe|tCY7kQLMM2YcxNFYTe7G68XofSWpFodvhSX5MsQ?o{2!z#wQYJYwD6O~k*
z0|ltN4~Aiw2Ey!tCt8#tmT`BvPu=l1Fwk~Sw%LdoLs7<+)Xxt_iTfwt{`5pp2;yDZ
zEMV>Tg+%pJ`nRX}4LL#cPASXN+AfZi!&4L_cgCK<b#7Wm_V#5v%(3e-?WD)f@kWVM
zi7qlF_>#1Yf(Z1d$kDEN8%3>ue^}z(k6BWLljRCDybgV1Pu>&9EXQB8&jS`jW&3%M
zPSW@wuYxpCAlJkJYA>HkON}J9dwiYb!73s+10#h55JY_=`7@@GV6RC%s1H1Cl7cGf
zHlXiZhFyh!of~eq!hCrCjKj~u%rA+JkT*)AR8(}GkH}Z6n>M`Q!UkQw;G||}3**DA
z@nA86%?N$~t%&|Hbv<kIj1b34MNyvl)D(GHNVK6r5T3zx>+I2ULLy^Bgn|yciO1@U
z3KWooM4sz|_Udu$<wz+1H<4@X+S32aKEWE72Jt_+{_LbaMWthQ*`F@%*Cs=gD8%sf
zpg1oos>xB?&b3Vg8;(pJCEEKL`Q1R;*Lo^40q2Al5<Ic39?d^{oGIs=%Ze7qaS8Ia
z$U<PasF<_OWuvq}saj<(wWZ`rgbAk$DoFb~3ijQPUSx;#Z?Bi$7%_9Fe>KauWT2Vt
zU-<j~lfQ}~{`|>zPks`gYC9o*3~VM0=u%EU9-uQS@nl`>gw33MBOFiuOUu5~*uW0|
z)0yz$js7>WvLE^LJ9Bd*LU#5Mbe9+>X-3a@N{|w$AS%jo9Sx?NdKaR$%#MVr`zG6u
z)O&0uPXud9JW75)0Yph=AT!2O8kBxL$32TpM)|Y(=RMX^osYHablP}r>~k8LC2>)f
zte}MMi#;#?A?BwSkc^=^Euy=3sXdM{#@Cl5;eRnKPdfSbm>ih5Ih6~Af}G0(mQKH}
z3G?<G1L;=b`?@j#=2Q^U)Dw?9#7-I8(1~{TsIOdF-2GSU+Q$HIiEfKAo|Y7H1O$yW
zsc6X~xJ##+fHPZ|R6GH{^h+;>VhXO&)<hd9k6IYQv?Utb6|$e`3mbgH<nI5<z0mSJ
z2q1A}x3{wtj_zwGszqUDK@r9Q<$@5ZQ5pcs$$pA`^2}3}>fIArN0|vH^=7an<Af%K
zc%zNKeIjXep=}8Q)<%s>QSLBmByKou)w~o4Y9(CRMMxz?7Dknn6ui8%>&hLeR*5YZ
z4^0C7884XwHnZ8Dy8R?w)DtpnQ790wGG%+USNqDUb%FO;crMOwTebIlYV&Q>j|Dz?
zGrE0yIXpmh!*<I$zx!3Ts;UW(d4$J$9i2wG3)*$`j)C5&ZB0q<(jkeE=yWG@E4KPu
zdJUKk{es%k`V532Hj*<N_ez7{aBtFj^ErG#my7%Kmc|j%z*M|QLz<&mNCKho&t4iX
zK4%xZ)2#F$?fUbfRlU4~IEHe=I0Ls<5xMDI|NP}+4T7F{e1{ZoPvB9}Ez;|n0opSO
zJ}4}zDon^t#Mp$r>od~(z$eN0iw6s0Z(^V#%IyL77Q`+{atWK%C?Clge)ii*gx3ot
zZkZ{8-*g^v-ZFIsH|F)9j9p<r*o<%EJX75gl3?)+ODDw|AN7!!J*s-!b9C}w&bkrc
z?6Y5voe$yihw+Vmx4OTJf3!cMhL;v=8QNx@Lb;big-)c#UYXpk-6M|*S|rz-<?a2=
z4LZ@M<Aa}8n%uWnlsR^KeeHnv?VySd+{TIhvdX9;tilYus+5K`TXL?jD89daySA`M
zao;JM$jaC+h{2N8beHO)II?<DPJe4ZL`v#!|H2ndk9zmHx>t>sLSGDZ5~W%t479kG
zts4CjY_xXHX1u*1d2xSRr@{H#GcopmAim4rCv<7%(Jow!mn4V5L0UjqU3#F0@FmFm
zaDVBGv5B`%ab?TtH+Li{e?^N0AccwI`gxjYKl52sz3Y=YVJzfN+NYEq3b?M9h_L{9
z8%d*dQeuN*;j~G$?WBu!%_*4{`hvycXCaDzE`OI_8(Gz27j2^kOKPa$I`cK1wlp(g
zHN8?UG3U~KTVs+8)49h*T)tpTD)wmrmM8~qdGv9$>23&XGLsfbnh63$LVnGG=#=Xj
z)7@y>oX$buULvqb!gud7iqm%2{-j`Md-To)-+QxO{dQd%8|X9TGS_#m@)oBx_2VQX
z1POi-t7huP%T_)4R?X}z*YRJUlmffJGYQ4oMM9}bdv#Lu<2kOE=Vaj9Zg2ZIA?HSS
zNC4WVdYd$FliVLEl)(t2Q0Pzr7?q~Xj7NlH_Xz*^^~_4GQ`h4!*meRBvtF9CVOIGh
z7*fh9d;>^J*75!3Rl{|#H^O<bU;19(7h}IThtKKBV}e$DT@#Gxlmb!mU6caCCed?E
zW+ObGbVw^E_UVINOKFZ0lQQgm@RzWfT601C{mfEK2nsg{hI~STlC>ADrDt&<$>u(<
z0lV4|VW6nE^i%po2@gblZO<8ST#TW6pTM9Ylq>+Cq{JDBF<|theRH)oKP4Os-I!Uw
z1TXYw`SD*XhZnM+ux+;5Ge;PKxBHJ&DuBNT&{i3!q6{!d<-P;HkU-y<V%XWQdk5KC
zQm(Owv%BT+6N{NTPd_U&rL``T9NI!m(ZP#`WIrN`t1ByttE*NN)5D)U<0AXJytb;!
zM9L{4JTbI@VYcm+$wz&5UXgVim3J+jedupgP#<5c-n@ff>~{5=S>Nb4Zya9)>NAW<
z$OH9*i9933J8|En%qFGZ&xRiuAE8qCHDhAN;?lq#oR%KV=PF8mq|{U{U91c`i<H;;
z_8b0hyj15S?O(#VU>6~54!sb-wz{%D8S#KaqIEO6wr}4LU3YX`>*bb^p5t}nU}RL5
zlxRBpdzbZlS-%<(B<0e>mV<2P#}8p8gDTY8K~{OF11YskfTTq}RhC<K?KuRFGLqt!
zb)=%xUoKgg$SVn-q4S%-&`}Qzu)4(55OPC!V{|1A7*iMZ>IG5v_#ia3<8a&<`MG)P
zNGkFGPDqob)ZYuxRn8=PZI3t(@_Cx~F>+v=ka$t<UzDlxGWQ-C%bxd$lx&q1&!F7`
z;5JTl9~>+VGaXgKz6a1woa{PZyW9w%Kn~&r=>_!JCWh!6;#U~T-Sq>W7uLcHvN*5E
z>6LLFLjT07l7Q_XIC>UsJ#87omrWHHwR%)Fz~qI`=q%$)3g%*5%qwTBJ*+N@x7$a|
zIY?U;hlN%w7R_q!z)fOIO!`mXHT=}|@5qfqz|Z8b-AASMyLeZJ0kRfL9Fm*t{Z6m;
zwk{x&$~R$q6;pFrzt$O^KTBdno>JfG?m=jaMgK$-hfn^uSXgv2TnDt{Tr8g4Cpp;^
z{-}ds{GCzSKkVJ_b;DRtJ%jinT&Ci^gj-K2XF`=_bZ{fnn3^!nwwt)QaI{@D4!T@>
z@pdavV`Gi)izR%qgy$?_YYO)R#>Zj)k}3~r+d+eR5Bk`w&lB<`K+c>WagZOp5BxXd
z0#6%No)9`$aa8195VgG>CvC*TBNt!7gmvLFYr;=7PTpf&^rx|RthbO%Iqk)?y;vRR
zusXVf5w_~W57N+&GH5deNqAUzyFM73X}oNi>(@8eS68iRIT0+ednR*jp9Z_b)lN%A
zUY&fO$(tNiV;!a`HIzjp{H)a0ZP(wnTdlX3sgjFd>wnRJUTh{6m?S1$u5?1<R)F{J
zl4}i9-TwY}HYX{6{^9HY{Y{<H=Mi*1T2rA$h<^C!fPaQPQ#!3wL7qmrglr;CzC_X+
z`d_v|!XSdO3#*FO;6XVh6$%#dB9T)6%+a^>VkV&oO~qs3s_@Nfb4TNsVu{7QmbyNg
zKBhj&*tkG+g;2K-Z<$=;_5;sI`jKj2xUnt^4{E)r!Y-&uKYnku<JA>)hOQBFt3+KB
zc$>y*&#e09ngO8w=c!*laiwwluHg{=FkPV9M9*e%#;#WvvqiJUl4w~f<%(65Fk9|Y
zYoourMKI6S#jupr@_b)iS<c(xmA>P6R1@Ah4BBIt@@rVF-NrShTKI*+)FVtLjYY%l
zVuYXX-^h+U*`Q<}?W*w3oRhn`7c$!j{-rbyA}=l2ktHaz_UfqyB;)DHXp4bM1)Eo>
zj9-^`t7Ua98&W5P0m-=1mz09k5GeWJj>-Kvv)uN+JSNw;TIQ>N0e-Vypj~1qtiUnt
zQJ{RMvRm>Y!<!y9gq`eOvHM0|pOhv*A4$z`09ghnv%7SLmu|~mY3Qur)28*CpLuyt
zt?r^mPM|<unzdB&!zJfK(H_ClQ}}*N5VpRyyAa?X_vwF=By{e0tumg89cUSi+Swg+
z8>3$cO3SQ&GxnzcOV+BrvF$F})e<`?j_P`5VK?;{hT6+&{auT>!JUy3rWt1eAq;VN
zBFQ#{?0#|QDiEU@A=2UqwI35)SJJW2v0dzX?}+1#HfC86C5a~#ltx+%Omn=QSogHj
zA4+X-vLDM77kgn^`Wn6gFMwAFQE=e(x5A0Pp=Y@;7cCQ=uK{Mz0mw5@t(GMceG8xY
zAkA@(ft=C8FiBa`{8)i+@gQ{PV5%*Qdh(`hgcE<_%zBwM5f0cuX`$cff)Fpeh*s(m
zkf{VB8fbJZNTj~lUq6py_v|}}`r}S~h^$Pie3OJRsj;5&m?p{DR^vKVNuC5%7@<gL
z_|=>t^&$K5eZQJIh+)|Xz|@2Qi#Zbo6t?Rie(Z_dsmQzIoJpjZp+I%S+RF<mW489r
zhn$0*L*HIaX_BXSlWCm83=NlZm+d~#D4+^2gnBuJPZ};p^Jy6ckF&0Nrp3<L=_?8a
z7ZzqJFu@Q&aR$1*(SH5K^*BoV7zJknO%pQUjfU!@+<%CI3p0$H6psaR?L1IC!tJUF
z1^01$|D=KoD^tRlAB92$775sMmx6oj581g6I|T>W!c-t-=}}ivB#O(ht>8YYp>Hd=
zBFQ2J)e=aaBnV_4TBmiV5L8&)ujvzbw*-!|T8q))l|C)A6WXoOi#-y$`Qa@eW@p;K
z*n!I0K(-M>1eN9Vi3HvANqKOOv(T)v4mNkC@^fAMN(<Y<EZ3WC^X_%Nx}ndU<B?8k
zu!4kwcGrgNzAA1t6nm9NGfZ?n<xH+%)6J^mFILfC-`riVZUsDG<4-AlSC@CM%q_o-
zC!XeM?pJ;k5nLfC++2M6JF0U3`1S9^|Ni6Gd=X8&dtXFOy!j;h54ljc^QaY6Uwl^Q
zPXC8+<2RM|bz7p7%SkpEx%@m-^s6I-2Ry4YMgr;!(uz(MA_qtMR#VNk2ox87w{-~3
zjf=$(w||9-QUv$RLP7c*a8F+R&=Qzij*+auKU%K%1;zsHp^A$<hXWBPVj!Enxw_RS
z<7Z>X^}Hkm`aW{DqV@mB*$Z|`ERZg#pC8_=w8X~)I2>3rRE|V}Q0;yHm0TDG^(@Sn
zps303Uw(K0T&e(vH#|HxI`ZKj{2-Pl{PCv{*l0u@Q}!0;J8YG2X^r+1`#`%=Y|HZB
zNVcM#hl(q}m0sbMF`@Zw$-c+;o?vZEe`<f4?fKR%9tQ=lSvu>LAp607cZ(ATqp1>_
z22-I!|5$??;Bex#UJx8slL&LM)Z@bGGNv=eJ75)!4OA^21!=IYb{Uny@aruh5&3iO
zhso79-ojx-2Qa`138XKy8|NV2UTF1r?cDzIWp3gAx9?ilwRpDIH64+O_h(U-(ICKU
ztiNt|jOV4us)8h@38S3ye4)wNo)_2Qxz??&&GVP7TE{}9t4A346)mf>P|}=JLcC`e
z)*^g<Tdghv6vL)Dh7zg|h{}{XNtT?}xKjdjedX*15!UUC0Q&-@<7k|h5$Bm<D@)Jm
z?QM*4Tra?%@75Rb^~Hyys}#L^NXA2E6Jdw%5ua;!y17WPFGUEYy(o+$yltW<LZGoN
zMY5o_S#-S;e_V~Q4G%UpNw^M-p9eqaajo?6QQ}K4E4azfgjrlk-OnL1w0*fRi?P2L
zE9#!eZx-M|3`a9zux&wh9g*y@^5XX8MUdrqMS3Y5>Jaw?I)l(vm|V97*)wjW0r!`v
z7k9?5;ui7+)nx$^Ld7(GQn}%vt|4CzEwZ+)y4!vz?jJ`@z3QB{#ra%aeY^VC(*{Sk
zc|^R}NZr<$v=gGgnl2E8nCdUCf7AfLvBGz5s0}4`kg>VeG;zLKuUFEYCMFB$Yg{E|
z6b;-lJ>8`m;&Yjho2FjotP_IyWoKmh_WJG>)1m{y(aHnRoo5CdRx>U3`ekm$b?gtD
z8+O*XDQrgI+wSG1MAb#FFUz;9tzh`6Y>jc`cd}7sLQ-mdZ8j_m>Byu~;0FoJKDjXS
z*4IuopmET}%0dOA*V<r9ibR&T`n5#O>E)YLKmzFFRFd}u!rNRt(}+Tu6F-#!xu!dA
zSl>NyE{O#Fd-5tw5>;41k*7T}%S0wlE3anVojKlVh^-WqcMw3#Qs@I)eAnaw`TIXi
zpA9m|1CQw(LY_jG;B+c4C=AwPeM}F044I1Bk$Fj>fW&pyueDgA-?L)hooEF#GXCZ(
zc`EzhyZbej#iNz#)`dT~rCqT}owt<*3y9NGY#pdcbt)AC^|cd?*6!%tQf_&+bw$w8
zqZOtX1#mMHgs*wFfA>MfY@LCr37ryo7|h<jy)%Kf(ldPdo4&cXBo8#&qQh2^`Egu$
z0f$_7`9#yvES_%dJBvnTK!IqvCu97DI<@abarD!yz7Z5o7KAJllpLD2O|wpJx``QU
z8=(JPzW2l*G`Yna(Dle-9*ph5fdSt5u;Y?i$`g%XWZkNmNgNzainEDy-{A1xn~%>6
zLar4MOQ>5Yq+_bjo4o>o2XHR;=&YDSr^vRi(YmLR(#SLE(o_50g0U5fSO_Bog4_hR
zofD1eS*aH*^ut=A5Zaz*!9W4^v*q3SakcvO{*A2uZmIZL|5~FiU!XEAghKfMN0!A(
zXnXENrx#w9XXJoNBFXf4CY0R2VS3H{zNc60Y4QWTYKcP*KCkw$|0MhSR3AR`4pAv5
zdPQ^oOxMbdw(5gb^FuXrc)}%g)T*Hg<=f@0G390{(KPXFfPQ8nO`_mwO5k5~>!!Qq
zvU08*D8uRV&urzK5i3#{U4?l?ywL;Tm*dK`)wiAV|3zsXQSh`P?GaWwn;3q|flX``
z{0tQb?%fio<Ta$h(o2G0ye{vx?R_og@nW(4NcZn>BSUb<ui-5c(7euJ8LrK53)sU9
zhkKPrE_s4|rae?VFD?b90ZNmGtuz_w-|_VKlP3A^ddEtG5WKqjp#~M6NWlvo>g3yd
zFDJ`qz2a{sPl3@^ejj_yQ+|PAiM<BTbS2o(z4lsfnA<WsS0ba)VZE0-B&vkpT-9<j
zm<{o_zD0lDP+VvCZ2K00w|iu)(^!GiG(jF!I?U4$pyuvhIn^3G$h+;5FtG;ZANYQt
zD98eM(nfcB^U=t^+c4){4Dt!Rs@SRWdty?Qla~<gQ+%XDqF`7NEjHJkj$*pGNMPNC
zVqhBG=zojN&Y#~II+nS8>oirHbJ{6`Q%%_9p8w_#-+a|*r_Im`Z=ujCZSQEKTWuq5
zAJiLxq>@I7;Hf3&yL<T!-*Nnk-|JaZHytECCAJ=n#7dYi_RlhbIYq&RsUoU{X*S?y
zdFQM=;~+Pi%{Z8DLxMm6UDWV}e%necrPH2y{l-?7`Z`Sce~y(rfWQ@<*<3u;WZRFn
zzD$gx^m=t0|6t>!iuNnlch~x6d1G#0-o1kT^xxt_<$gx<y+Bd%nw5cU&x!lGhg!(^
z0by}p)vtjt<>tO5V7uIy8(_e%sNaISEX_bbXB-~{Kql`zkvtlg==d*CihKj4G>xFr
zf;NrN#)ot}k8<G;>0N(>(N3-{rEbl??v^dRu;){>Zwk`gVVRc|8Smcp6AjX?{MfM)
z*@d=P*d7%6R>&{^^!6A1a@&rB<Y%$?3Emu5;P?L&<I6Yyl+|Ep7@^9_(3G-3#BS5t
z$979?`qQJ$uh(yu62!gE@9%8JDu>vmfRmgOzX)<4w)5zoQ;Oh>ZUp`*JT;nTnqgR0
z5mIT~h)JXFo3GmF@6<Y1X?wX<N@1N+OG6Y=POBs17qHAY`MZpQJE|sQ*Kjfk2@J$9
zro{LoJy@h=gd5GjKfMq9sS~H(iGTbW9w=_H1W>k9T`!5T|CLdc<+-7hDfYB75$bC9
zE8}qZ!Z@_A`@}pFX%7LdO6uo%=F4&zdL;KMo|gC^rq$W{ht97b`mxD;sI5{jED~bJ
zR@ifIv*cbfyDE0G`$-DhAmq|7u?nK1NDO(Rk+A2M_l&U5s3u}X-`ymO>4wSl7(9Sl
zP1u>38BgbR_@U+eYL&yL)ee+}uhvU4QLmP3=_)CE-K%_sDX+Az$iAamhqs(avkoli
z&MoNLc3LCzvHY^bCA8l<1xsNHMdf-H6LDm&nvzH9(LR`~(?n)JknnnL)fQt{Lvo~0
zV_}uh^;rsNLiCDjuGfXgy1_RdNNskrJ{*7j5T7Q;UbnChaA5Y%mnKn{P(2kGx=Z<D
zNwwa@&dTnZh)L5v(2IONQ>T$H^wI6F&rq>=9n%uqEylAdl_^uI`*HLgbdiEaY3<do
z1b>L2tooO69!sedhEYgRlME&<j4uto@RSZ3O?Sr2ds}iO@CczXK?cQk;CVTCz%6p5
z*$?~#&+)hlD<IN&q?0Q16_YwVTJqKE=BR`Gkj+Mt+1D|!4=MpwDLFE`*?vDzIiGeU
zV~0|35;|nZMipu)fY%E2Q*6YTJ#NRQg@X1pr1LHuc8L&+bQ}7!iW}{a_JcJGbix^|
zt{$Q*bQlqB6V38Dt<f0`nBnJvdkCfRjPHy8>onkJ_vw*qCTz8iBy6PhhV@7$Vg)y=
zTar58$q$JXL=alviVcd4NchvwlH?i`4(?2LYp&1W5IbIm0pSAJs*;BBdCBgE0f^vW
zN4Oxw!~<<;$7NlZ?SKB`*ONDQ(|aIUiVu^qa6gn)RYdSEcVsEMGf5{5j8A;@^yzby
zfUG3W==9*0MFhFBFpDD!+&Rx`r{~e+w!J92**~ZcmWuQ1TTN1PWAqvy%aUh%Nf3oV
zpXeE1(H%>ixzSArSz3D?sEW$}CE8Vj*pKB$?KH@h-yf3LzVuF2Wt5b}rL+zt+|e8J
ziF~DQ%ETf)s>N=A^kkUyc&$8IA7*T1`a)QPA#p7!Y+!3!v(-(8Ece1<VY>`H7xENw
zyhq*AMe(U%(3OsN20`XQqan=8nTh3{gF6mdA>EfBwph0YQI($2Y`uWid2l|lQjZ@*
z8<+1-?GawwaMA4b=AaSOSy^$)dP!<xf;t0-ajtS{3{k{U@!=<iVmeHPf{i`e71Dfc
z8NPug=rZ0`;Eh+cB+NsVumucs%7BPO_a8MQ)2X&yxB7M+lwJBb_jDBGzV=j_`n2pl
zEPZ^c(N3L*_6rX1D<(MJ@SJt7;J~3oB(H>+WuD`$nW8Qy{>&-u9rkzPj4T@)!N}5Y
zmyq#-w9#+>ZVFK{f<EuKs`SRHD2J8V(PKM`2?VEUm__uLPK6cPbrO8Pcungpq{*Oz
zh>Uao3*_YTg`Q%uXe0zGsD|0p5^AwM(l&y48`<C#Ququ&&$wGj9Y$(dzn!QK(xWr;
z&@FH|SW<89+w9EL({kiT<=hW9taRw~Y46S{FnCGR(SSE>b$V!IcIc`aevO|5gE#f2
zs{c7pe*CHFoaYSvF1*0{>wT<1BxtEuLnP#BZY{bzP#+@J`=#a+x@nhR95@#J2r6!d
z?eJ$$+uoh-p4py$40P~F=c{li+r{<bC-+khX=3B_*c6m~$mx)hD%m$5pObTU&@S-f
z?QLM~oiAghG)*d5Dg-<|djCStRU`><rtwnw$LF**{@ZGg#IxYfTBY~(#4iszjSNi2
zU`YH_K^mJ1kE7_M&nj3nv#G>rZBI=|bhdPHbCOF{<YLkBdVV5W)oIhD$c*u_)W8@>
zTP2L_!FSeX_NeMizVHgrx|G>{4CuPixf#yQRRJ_`vH08Vh8Ere6YS1F_ko}0EL!K4
z23ZL-4{_+J%J&izZJmp5(nJK(f~pb0Co;jK8CLONmC8K!Y?e>f&~aN5V&^Oaff8gY
zhBOJkW$>|mb6LLhBSyWBW-XeqOTHB26>B6SXRa_syaMnYVCV6?eon^7aOUB)7%bsV
z?|$sQ2h&zT`IdlwOX=}KiyHFqgKzoR0#R1-iQl&ZEuYe20iTix{$X}t2$w4C<V9A-
z6!A!8NTl%eAFbNGx@ug-tE=a?5;G{9K*6cvLr|aB5rq0j&6hN=)D(3DjEvrq%QrU=
zzT30GwW=M;!Ma54@cRLd(eUL71Ml<{4sYY7)Q5Li!cksOkzG}wbW&2XgO6x}4E75g
zGuB5T`O!8f?YAZRT@j?SNY)*qlqv^VR#N#-dsPdy9Sp61h<5At)C=}Zd(k&EC^7;v
z@zOLCxRQL^VSDkJ3u_*<m5|@obiUV4s$b5|EBg^0MQwtPLm+C2SJH{|M2mmVr`pMR
zSY$b`@|<L{=K&h8lypxVMV3FOqkM<bJyQhS!zT?(Khi-ZJ;hx9sB^{Vqr4L__%9>o
zh0d!Fl0>Sja0GQk<0Xh1X7<uJ1pfsrShwHpLEaU+?4}!25d~vV8eNxN(N97uQWb`r
zKozIJv~5vY|DF?BJ8jNZfN{r-+Osh7rNA8}UY?OYt_o20R4PRQmRooE3}c-F1}DwI
zDhIynR$-ClGP*R5CF506V8Q`Fc4anYI?N((*ECXvB*=y4IPYg$cc-j(UuBTeJthV_
z<j0VZ#~KkfvB6zw)n2>ZG>$Zt1Aqx)aA$QPjkMx@x*JDxqWPha{nLaWDcURhaUKK0
zh$4>K1K~%f6Pw+566%zuDK;zh%~ws$zpdwxWSexaA1+Q`P2N;D8_)eD4nyiXs+<Z!
zkC?htI}cvfcQKCd&(iI|?OlTRCcC7;A+WjwAbu%!a#n!=s!BS;4emJQ!0aJ@7!YO(
zwMD~ipLW}^wAS*oKuD{0pthu!!q4WP_l7P|7%`0_0@y+*k^VzTCoBa22;hr{f}YAy
zQ}RusGd6KnCCm(8(RW??pXi*8^CF@$?a>>Q0z{fR(kqmLz*#WT*3gca`z;Vug1sFW
zDO#n1HHmj2vHI`rpP}8J*s(eHo&;q|1qA^AFs>3)YRoH6f|J6~<lEVlupmH9Sb>u#
z(OnpH1pmHs>JOK1{faD1y*x-&lqwo@iW|A(6@5`2{-#OnCCE!cpk<aPenw)E({$f1
zezAIc_y#^PC!zh=hi+iX8?{DN5zz?)dc93<V7~4#_Abqh6F6T>+AxF^*1PG32f27<
zieJr^T4_dg#AI)6+cJo$z)PTK!tBYVjB%&Bu+!XCDW7J?0vwIvsL)ZCCV-M$rOBsN
zkqk*Vb$cPi`ejhiY<pbE<T87s9BuEso3uq{SVjj{NNw<RD()e$0<$(1Oa=1e&-ZuY
zre+X5m}*IZ9g2>oNJ$Q`H3EMuc@Z4e=4xNvHCFwhP^#8Kch*J-t?-@lUYqqxv$TK5
zs+W?(kU$QF|0GPYCc4YVz1kv;8@oc_obm>M=F49V>A9x#w83`vW@g7%*{b5nTX&b|
zo>2X@k)QheHg_6MFDt%>epMZ~|4aoYJi4x6cCW;krpd`|JmqIDPCI^JH}{{%5<5a-
zkfL5B_KlFz9lFMXi^Ogb7$mq7L$gwIr-4#ERmK?v15D)sTJ}BqX?rm>Fum)SRW~I<
zKeHL;wq^6EpauzdM<5cW4=)fx8q&m}f>{M5X7Boe68;EI#MY{aowc>q&O0Gsyjj`)
z84A8zq2MD?q<solY@k@KojjnjYcRL2n3En?RqO?kiA-J=g^OCtwbKvAK{_UxjQrKF
ztOe){K)~cN9dluXi?H}szn*9qvlS#~ERh6YT;{YC&~e~pI_+YVlV<tAzJ7R=Z}vm2
zyEeBVT!|Z1NY}R;m|B?&1%+-}5!5yTbZaH9g?MP~9UmpQ#c6U&>@me9nFg^g2x!tW
zv@8R0_$0bIX*!I69w%Ca{qtsaln}BQ0wAT382DwwczMVuYs;{As2xJMkQ!fkVP2B6
z(yB;M0PUH05JifIhvpYa9H7xkh`eoO*iMR+k#Or_x7JH-#PlFMbr{WFSS*f$uJ7?N
zah!23q2q`uXvj0E1K90j9zFJ6lw``)q`^Xlwu@py*CEPczpJ@t1al75fqvQS)4L#f
z=bF~x@`k^6`xPhBX-8PLkT@N&RoXT8SxW5)vCTQ1v&&)N%x?Lf+biL?N%^3Q?Fg~W
zd7c-sQ3cZTlt$}e&i(u%#nwBnr+rY5E<B_QRFWtkE<g_0o@6iD&Q_H^z!6PqKNDM*
zBRI}DgA;8aKnw6Y>T5?z_k*gf&TQLh^-Yw+=gRotp-rH$->{IkK#RvIZ+A3ISaIj6
zil-N4k^5knd?<;^k`Rr>yq;#vU5;-8!0ZsO6VSr;-8-=3&s-Q+vK}=+udHC4@k#0j
zbO@VAdXE8m?aOxH?CY1c=FV_(tOjbobe;yFZ+N$FJ?ayKoHB_Zjgpu`Cc50tU=VrH
zj*9s`r^Lj!Jq*iBa#lK4C)Bwrl~s7aBP?$#gB_ATmFGA!b+YNtgthfE&oD_khh!aY
zotoX?AdUD4AKfljm2B5^){f!>cjmcj59)267hw!^hmdEa;YOFVW*<x66m&dfo1a<k
zLp?!7>0sa@wp#GVDvC2poFGa-aI-3k2u!Jjm<I!IBz~0Ec{EWw-4);HcdPrm_(%IA
z((AQ;hv5=~&Ix=K$4OM?X$o?~UYXvcqXgn^yK^tzDboO0fa42(g+>}9BIQZdI2u5!
z(&n7+PdrK9ZI>COLEwLTU;XF3UYD`~eu0JI`y2E6PsZ*d+lZ@%g~IuR3sBOPIf55e
z06MdQ%RMsgc@86=Y%T(@=Yd<U|EE4_<5f8?vAIywmnN}poeLQ5U@~h-h~3`b+=%}L
zB|GF|i3Z78(C6MJ#N^uHimbH<QgT=Bx$$3Cw}0UwZgXL0*Sm?sSIDjdx)g<}3ORr=
zqU`U_Wk=$+dv^{#jMPEpG0dXW7)5pWZkN*G`#}!Z1Gu`X2XNR|yr(`66%`2JHp2vZ
zR`ha@*nTcb^`$M;cAn?-aq{B+_V30rwDGrR;@|y%R_5;$N|_Fmu*%aXJWK(c3wyp*
z%7eh@yz;oriM9xg!`1Cv(C|xJ#htqCFJomZGd6eBqevz_NYaRGC#<L>_erPMl^gE*
zLHcMsF`wN*FWNwPajzq)rCzipaKhC{zZE$-9EGezY3_aR$$+ZS+O3Pl!)avcwiQyp
z0StuDn~7cORVhc*B`3;au{EY2sNFmFxIBCcU>Ko5a=@mudPG)_J+8<Kmc?9z8Rb2R
z7x2TgO*rh8gO>4lx44HUu5DV2QR>OMp3UbCAMkS<p_93%(T-gMBS2F-%+hCkitt?o
znS4}<6(bKhXqa6;S;(O65`;ZVmY_^`-PLmZDK?$#dvDgO->ypszBT1C*LTG$aSe3_
zQz$gKc|=W0AkAGSZai>s)*~UKb8}sg*tw{J_f-Wnfn;UWICqTRgoaK~HvsrZV;DZ#
zs|QWbcwN*>+(p~>EpY+fqviIl^1+C`90q6j->J&=2op9dUB2g_5znsnT`Rqh(GL!@
z)S5;|@PenHI5SPeEi0w2$Td2;*lHamYZK6F`B-5OyS}@-G2gcdwy{YtZ{1#OHD}%0
ztvQP?-Wy}%7^bGRqBU#^|F#eeHx(oQagnf-uvjL20Uv`t-Y@@{W<*(<Do*u^61krI
z4-Wo(OxWb3ixrd2eJ-ueuqQMHr?IpfGk&OJX*yP4J4oYqXVh^qqVD~H?^SU1!Z2oF
zosC_6ZQ3{AYja#u_lt!s*jg<9EM;B)wYssU{4cF3H!$OOFs{qF5z%ci*04~}c5zp3
zdE|!<zgT(O42RC>+&k(vl-|#@j$URz3?GGg3O$qhG<GIfj4hGkQw)<GE>Kllaw4m%
zD=Vw3t5#Nr&1m<5JwG(E&te#`Q~I>Rq-TII)#n7+?3IHaJw9hXOMBA>9F=!1jmmE~
z*TqKB{N&BMCDFsxZ)Sa?-@Kt)H<F~OyI&*$ZTaB40K7~Zdi%bE<T^QH4=}5sHhIk$
z8C#sCnl2nv&{C~kDwKk|)TGp!Wj0$LcnO1D!eGmKl{iE5XYnx)Fh=cSR=#7km{X;;
zB9&myAz|I^_>MgotS`1$Ja6IwT|5YV+xq_SV~2S}e`WyiP{2tQjr094F2=>h*htKT
z=6Rd@wXvn%C#=MFB_)p=$4mxX4RsWQPH>bu`EeEHGzAb0<<?zC9#ThHit(zdHjW=9
zGl@t1vMha|TL~2v?$SBm9$=?(9OhY4_=FjB1a(R-MC<(fk?(cJ)E+k`SsQGGjgg<5
zxB88k2|yo(&O!yLroM@H*VoSZe%_mD_)84EGqV75Q_6qpu^stdnQhCyCvuEa7;mvF
z42Vuz>&P?pfQO{2I}L4-K6Ext@Y=kl*c9n3HxdOCdnKc9WkK;}p61#M6rr}>^<xLj
z^TS&BAZQg-Or|hCEv2%WN@Nf)w};$f(eqADa5#x+4}%7OiU(lvSbQZkE^!i4*JT2@
zRjQgY_+pb?9cN*T-H=PT>-Ej`)zyvwVQ=%Xo6}&sq1eHOT8$)Zc1`C%NVNJOmzWM$
zVtldX#G+g*<QLm$_&mk;*t2dJiQU$%satFUE)Ky4>>SEQ?z1&;O{-leJZJGfup`!D
zVHq;{p!*~zE6E?VZNcARPqu%c4c_yHvG{tc|1t%SGX+edsC6_tB%!&MQxT3sK-nZP
z4h!nkj6BZ&xf}qO13+Ump3@nzCqO?QKOj`u8*r!AAjI&?%BYI6BEfQL{HFi7;8VMV
zhw=^zd+b9O&qO??jY=;`O1K%lI0aPTn>wz1kj;F!A$6JLUf!^Uw1(MsiOU{Csz3ER
zO_XPK8QSHzhpt(gp!Ra!O;+WREUxajPfSsfHPLCTA`_UIhHciab&P^_4yQiuo5{ay
z&htdvdWYQ3Qd<fK-{^v6B_R!nK8jf9C6$DECN)US#V@5}rn3sBDP{VS$^sQt#L<DU
z!aJ0?9v{1YSp}O{<j{Uy-mR9^wQv^!t4yl0h@rCyNS~3nAKY<~I8H@O=5e*OZKIq!
zDsqcy@J=y&6b40*MJ&?sO<$JicJA)jttrG7nJR!rD5jgRr^*oT%w4(&OKRF|pZo1S
z>J^GkT&b_Ku!u_ohOn)|*})Un>zqN6yq{&6BEYF)!0sRn2=z+m3<q%_0yR~O^N;)V
zzhQWB_td!7XA&r~l*X;8TC8qvOd$<?0p$L&e)qz_i}stbH~n97d+m*FovuSENb3MM
z`y)3Cz|a@dO2>+ITGMYY1PT;r+MegBE(*zAG`pu(=f@c_^@R4g!*-q=Q%W!jDDf)c
z{44@ZUu&Dn9cs$c4Cz4S;wO=g6Nn*VsTh~W3bk@+&H6t3z$kjzuF^TV>>R|zT)~H0
zkX?csFiN5tgyl--4%@UPc;PsKO(0QTrlfxEW8bvzA?7X|K37<{O}kixkpHO^;Rf_H
z@mPKDOS`yfz!a`kO+NyCT>qF!X36dwC4r}Ch1w@GkVvufRNe9bieX!W?~NdzC34PT
zGzi99W!^Y>oa1y63B5`aU{%!i6*F#^`;x<&n?I)PX}q!}d%Nuyi;4E8Uq<)4CV5kb
z(L=fe<+NG$;c`ww;kq42tO=0!d#Qd-XZBoc&(R(ZCe~5IY&C^JJ<ncsiH}56yc7d(
zG3dh7kXRqhSTnGxL-1s~&kE@Dos+4`ign`W9_}u+V_2~AaZms8C9FBI_D?U-(xb&?
z6qbNtXct>zOFD@ja){6Ej@B=c11|Fi>(8EJF3UWjW81e*?V4wG;B};;BD!c*aM4k8
zP=SG|zo6||J*A@B*G%n!`ZaSO*KK`gC(rQA0Pw{grj!s$Xq{zXs&??qO!ITuH@TNM
zh|_VIA)`T5`JPXc8!s#>P|$5=Xs#4vdK|4uT!&A$z~$S1+oXVJpFX9L+)LE?iE?}M
zX}@oaa`<4*nIxfjoNN!lxB^~8{PS7PnORXB2!5T*`W*J$&ujw6>$8Wuc;A&dn2yg(
zY~8{?3O3p!q0wnbyQx&?#6WXZL9$d6)J(hk(~EOBjQw0R^gl~7n7aaBhe@G$X&VKb
z=_Ao`(PV_UwV@LvrQQkQwD;hmnfaLa)Y(;97-BkQ8fE;H241bso~!$q9>{o4d}eF6
zo%3EH)dR|MnjW%Q;L$-KHo$?iN<-do3SOEoa$?5oZeAD9mE(SqV(XM(e?gBJYC!r_
zkgLL^RY6`TSot1<%`qx>JV~FSa(LYGj;&^$D$P>ZV2GF$Sx^~#l0j+5F_UGN#-lUI
zxG-zm&{RTwG4=Ey%~GgAt5|(#h8v2isV}ZnkR&Fg=C~~%n{p<mb;@|tossAUns5yt
zJuTQFF3O^Y{^OW+&?Mj}u{(h8#(Lfbskl2SMh}8fgRyUaBFM}|i)XV%-T^Kfv+N~B
zo+_{OOA{r57$E%nF~hV%?YhmTP1%V`nna640A5IVF|w%ay$DAy$m1&1hPG#kf%J)V
zj%$Y|MnK;^-d6!s|JvRc!cmt;T2nrsW|{FwPPazb(T?-fYIN%M5nNjl(4#8C0p*P^
zhHR9W7-)p{6=Jjnp7WG9NA1!xa`m9N!E5GJKEW<jW$b|m4SaUP&QSL3TfW-`Y_$8O
z2SKK@m}XR=bm!Vxz;>8?4;%)%g0PYo&<HB0nmwTX+@3nNeXkdl)s(YE5&iYx<kV2>
zNBqaGa<;wCov3O<p+F=KNes;^1j2((>8jq2R(B3|+AD5T36LP_`$S~{tOAtX_^9%c
z(cAU)oz&Kas2GoUeNdDE`C(24d*xy8?-`D>3}>dyy(kP5*hnIs`Gf=yXE>V{^A})B
z+S%<%_W^!p!>R>-CxH}(<q;`el&p)BuxfpgQ!`$97f<tW5{SOlbX-y)rx8h{L0g9~
zC&wXajn+20IP^W@w}HZkrsi-%yhkAAg^(pjROb7T26`HGy^}y{S`Bnw&T(Phjz=n@
z%MQJ6y&@=l(pnB)d~P18+%E_$n~Z+HI;FO$&PyJVSQ>t~@(wSp9g$$Q@9ZZfr-j{v
z#y~2ijr1eMMK!U92{Xup){x8XiiEwaQqymCtQO<5swI~K@tNgi?i*7ErSZXW>>!t#
ze#2PdeuhyaE51V*raTW9LFnw0G6Rzf#PDE-scGSMi}n31jgDxl0tQl;q#*koS5SD0
z2`wB{O+LI?d0n0OC|Pz%IP~=Sc=2DXjl->tkA`vz0Bue=5!Au-v<5!Z#ta8(-ubD$
z?1;;b&}GBt@g5{>E?__?;NaFTb$C`oYwPE69zbdkLtW%(<{y=kf0D{7PIG!;CS|Vj
zfJkkP!EVzB50CjBWwUmSR!SmAkkI0;BvlY%eC=Yi+IJ)$HHeznN)r(?RNBz4pv2@t
zBD2I+J6=D```9D<aR`wh@r67SSUpID$oJ~DlNZ~;(fL0%E7J4|8QUbEnL*x}#Ipa=
zFc|nxU7f@MyP^j5H+Oa>?`&1Yw8VwI$YEFON6GIWz>qZav<Ar95+%(Jr=L3;6lC;k
zQ$9a-q#3zgX5oEEteVOWV_-`lx<X&KELJ2R2K#F^K5<%tr0E&{%r)Ei^X5H{OH8%r
zakvoI!(-Q#@p4_zMp#FYDTPp?ja^^x)IB*n*udlSB?TTuJrpZM9spl0Ko8MK$7Dkf
z-&mIk?@jp7(u!bYn65}|?5D0>L`}%r(C5tBFVkv%%be;d!uNgD#WFjF*s`_>3_h!0
zR%x11J)a9H?_eeDvk97IaM`j~7TPunr~@9ewma}W^WI@3yJy{5cqnazid2=UA~s>5
z=x`|^i9QR^L9=$MFK9LO9L>VaM@`XB!1Dm6f}ZMuj-bG{VckRMCq_!?(LQY_gG9%X
zL)RXq0-Dkkl5G+g;w~DCkMd)-=`f(5@l&WUbeShQ30*GPhC|6*ZSHUGRMznw*#7RK
zntB{IVHwjUhjLXOgbjz0@JZ5PJnnQoKw0D@%!42-NtyV-*noQ<uPmOqg56W@b=U}0
z6w^wv3cRu`ERgyEd;QRn9k^8k%4_NB0}VzN3F@^G)<G)uBxBj$X{oOg1<SrBQ(fqY
z2yTNxJaDJcH<qxzun9mG6-o^KbJ%ISrENC~4eNU?j-6WS)3AtI`oSVSwwjvS{x^5)
zcgwrAzNV*|^rA(dU6=RzMl8}fW*7JGz=Y^g!LL2PtvDC2bDFSy_vCx~s)p(^sCeX(
zLD^>lB8^K=)5xA?r~rXM0#g;#zvC(FUH|9nlxp^Y?NL*AZU38<K$7hhfE(3b0l)($
z!;f=1^x7u7!0I*J6iJ|!A6jIuyR>VZc1(K@iB#W~%ez<RR>~LvMpG^or6umZmte>?
z7oXbhg4^Hy$FFUhqCb9J-Tt0i{_yqx{-$O;a|@tluc>d_enJm{vulS1>>?Rq5~?JE
zpd5mL7+Kie)tDf~>h<f@ZQalK$Lr1A=C8I_ON|_#o=eBi=4xQCuKxN)nAi?{Ana~@
zcKu0vUfz?;!`}4??lH2P+N5D#>9i!t2^ej-$MjU0M-#I@8K=thv`;L=gEW1;4&iO`
zDodSJ1Qe_}da<YX>GaF&=8+we+GW6h_V(u9^6RvOq_;G=PT(r_B;<U5`*yA0JpJ9^
zBXpiq$8dG^%>KOAvXJd-y0Rh_f4925Gyk%km~Al;wO~|fEUUGCZ8m#LeCV%8_aQ|O
zn%q-i>JG=AH|77`6r!(PX%yAK?AWpj>CfRAkACGD=vP-I{JY7yKa+VklESXyD&M#A
zxW2u)zNN=`Q--zSL$WF);9pSYlu%j~Vy#Ty+9;3r^;X;E=%8(T3QSa-U*Bqu(2ddS
z;uY;f7;-=>2e1!usZ5%OLV`EG=}1#+YQuJQS<~`3pF1xSN?gFzHOt#NSL@K5Eks%@
zewH-!^QOO^?acBEe-iO&&4fX{DH8O(h>E@xw_jF#?8-OonR?i)Y?ZiXRJLl$R-}Iu
zm7%z&gI69mANH%inOTP-oo?$tWYO={2SOAXQiTJRMVy7wwwQPJ^g-O}gPNVSspyCm
z{Y626`tbXg(EQgG9gnIN_WD;ly%<TZvp#ec#ud!ZWmXo19nfxjB%nOK5nNB*>=>0^
znWO|S;!BfzDI9GtKmAz5(c-S!60A5>VaER=MO48TK$R=OdejkjXXtTABaR+suBa3x
z0z!SCg|Xe){QKjI+?`9FbsB1b#BYW^QsZ5--9Cdtxb<RTy`{}!QBw$u19Z1~&Lw@f
zT8mDjuoN#}ZWdKmm4<|MqzllTzLZ6@S0DGY=QiGttCe&j=Etx1Z)6{}>yCKdAfhfd
zhP8c~Zdc`7y{_m_CqK3>o&fA2!bF6$UL__F=T)k-Dw8eFw1GWl$8>dN$8;*2pj-0c
z=G`qc|97j`*C-zMb9uAUva|`O#1Vg(GV%(dhA0(#pS}L{f1!PbUhS0SxS4rX`piD+
zr@M7)=!NxbDcLk-5_%cDX@RM*4&}n|)8}86`gR`-ru9bun@$-Zg=m+-U!Scz>vDTf
z?C7peQHgK^#T5M}MVz2z`>QM4rjk8i6oXsbXDt?e+k4Ym70D~w$j7=s%f~=HixM+p
zu%3r9lCQqH;;XN&>aQMNpO#@aU!o1;JsW0nz~AZOm8q9{9K=*VWJQW$nVM{?4rj2`
zCr4zTHXPN#xZNIG7D3bkw*g`&=v!c(MQv@CxA!+UhX|#cXDKrlnX^68AgEI9M=(nG
zKAc!h!n}sFv#)TX*2N*ux1Z+>9=jox-(RE3f_~+&Zy~+BzJf9-A?=bTxkrr?XQx<z
zgS&>WKAR$O1NYY`5M)~F+n0Df(g{8R!Wu^&i4-sewh+5_y+yM&f_i>?Yu1l2<Sk(b
z|Ig@OTQvj^3FBb&ng&wBVXk3vEnvB{yFE_($E+yN#bWU5M=6wq=EGU;Wkju^Rt<Y@
zfwc>x31ZtC06BQ^K!@0AKJyt?Z|;z@D=@hqh7~B~qJ}ANaes=GuC7E%k2SmQ#P99Z
z+$&K(foBTe7mICbuRi(!4|Dw#u#ENHX8HE|?iH&tjCJbM+bl{GI{4N^K<;}tcWYnS
z<=KK_`6oM9qlYk8Oqs%hgMGHB3mH!80*k}SXi-fhvV=H4PU9kUd&rLVppUPgqJ4U1
zzy(t&juDD4dgm@57(4qlj)$M_g8KF}ul@GcWq)puRPpjF3|#qH%gJ#NF>budC|4S;
zpo(}|OnjJ=K6Ao#4{kyN)`Avexm6(B8enK<%YR`=VR*~0$=_r+sf~KL=yU)U3%(~q
z31JdIQD29MxcGFH|9^D(pa|xsy1M$=HT?K5@C;@hhuuZn!k%Nl*Bgu=^Y7m4m&M%M
z+);l6itkrMUYO+?E~L%7*ZJz^`rmYEtj}^gv@V*naf93n-&i%QR3GT(<fKde2EpKv
zRM$8BWyyDw%dvm|vwkCTem<WAIz-mtEwM{x*%O|nfVgM?x0|1$e&xc`_mY##1K8Dp
z@x}13u4J0KxjA~`n7Nb7J>ZGT@6Tk`PGn@~F<=_wzuMK7)Kj=Oj*}4IlDKZ9f{=_@
z4_*+k58KdDB<g8XXSrHc)!VO4xRhDH{qwzzGTWv+c4swP_Q{JMp0FnEzu9~sJ-Kdf
z!~l|+^%NU8PAg%S#7dIxW$xnB-@nK7{^1N$5xZ<35k&Nm-q;^b7M8Mlu`vI<*EhD;
z-_LJM@oc@;@4o-1?1I0s3zk-up+Axh7nkOre0=Q36@B<Z>F-`8sZe&gYc{bU$%WKz
zzLUQBRw#9d4p*@8(+SnkRbEUc`{r9Sdb2wL?DwV3=P7SQljej_h}ZTLC*ZZdai47i
zuHQbn52TqiGW$yxd+n=qd)u?A+k89L9Bu#~h676S!QBNe=r}d7%z2cfg*r2?$rsvT
zw(Isj%AYX&I$rDs!%*P7qTnkGD4Ns#ox_XVhN-7(|2Wtf-)^07vR&*ZaxYYc)}9xY
zUVz(bBX3NSw3_<k*LBL;EfIHQ1aDTQ@@&>Ee|KjjjRBWY8W0!Gt02ZL#ux4`cgn6l
zi2eqPxBTALg>SE4x@s<$zKz}MEDu$9e|LQo*<WjTsdAs35dl)@d0AYtuq8RN_0U7#
z=B%dM``2Tu=|1p9e#*17RLvJd6cvXB4P(lXtX<lpJ`U!ekvOTy<{;r?qLj+W!jss2
zKYB3#`^q5>aziG@37+6vMU%}S$P1#Tg28ctsjr+M#Zalm7`qFxyP&KTmwa3MDEf0}
ztb)WOXbVp;ZX(a_mMzJ4)Ady&<n8yVq`4+a$|4mSYY_a9?}rJ|(zGH4XkFG_FX_Hz
zVg;H2DlHg3=wer7Si{pRP>$R0R<GZHBiNA1Jj_<=ul>2jNL$R5Qig!mEFO)wh>i^x
z;{#tz{=XTkh*l|Q*1C<sVQ@oya^icesO@fRcYb}AG`}gMtAD@uj){lK0}@hy8;m+R
zO_D4@OBOVu$qX(rN2$BEHE{!TQwD#Sm7yY@UVruS-{5X|sUf<R!r+2_hC`!ZWsdIo
z>h<;Q^}m;^e_fY`0CaVu?~J@M39T2<yGr2CU0y7HdH$Cle*F1P-`%@oc5vE`6gooi
z?P;2r3VwB(bJATPiBsnaI2*|>4bUdm{C;77s7(G77x-EZtmTcleQDjc2oIl5O_W3{
zU~1AdZsNY7d+c`aL+ac`5WNwG_l!m*78Feg>H2Q@%8ivykUA!BR)OdQ%oz%_V(YFG
z4XQ@?III7Yf_N3426muetk0lDln~|+eliGQig>TC{>Gn9)0|j()3}hq2rRbDiP>{G
zA$z$=ar9T!R>`V6DaIOP@cVAH3m{Kcz1$jY-e8`}0as{`hE=+N=ifI{wQjF8B5-fU
zkR3UuQ>)c??6gbZD)%p!E-t)uBm%sMWSdtcR4M_cC%VW<>Q?Q<-ObBo*zZFfA%j$p
zBv14Djcvi~N7{g-6W28JBHzJeJ}r1;o|b;WF`b15rcHy9J={CLAL98q1}yUKht>ME
zzQfzvUfEOsW>@=`!mF2%Rd{#r-pE--0w+tcTZ1AhRVo>+p1PBJPPtsHd3gX9G0Uq2
zayJkFq*F0v92RjX7`J?fu+c_Xf08}&%%ZhMI7NYq$tiBpVznsu{nn%`p)}R&jaiC_
zunS(^a)hp}aZpMPbLG)~G$8@b*r#qhrBt`3xjxtI&^is_M<$h~^hDCqQt<P=ak;zB
zIw;@0u6#?{TvDk~l1a@^QJTP{;5?e~xEoG6lut`Ppu`iwy(l`x(zXfXYN#J(;lkUB
z!7kiG_gtA(vA9pBhyy><1S%xBy6<g+z4Hru;pb*641mj1J8f{c9qJiT-Vo2_&}@|%
zu}!TstF1<Pk4N@)^_<4g?<q@?2)R~;3PbqXE9pXNWhshh>e-`z6I1B`wdEAx*3I91
zWwjrO{Z(gkZ6x42X;q}%P2w=Uc=Fv7_inLc6kg7hwE-}TU}hC0RB`}Zm8ARjeJ9$&
zeJi=A=^~rdQ=tWcxRJ|%0n7<j*I{%eD5Einl9USKMA1+%M;#CDIME=xoffpgsc16$
zGV-bV;W>LSiP&8{$}fP!8i?vuO3hP@q2Nxm`r9lBU^Jz%`!<zs-`V7i=vY8Nt<(f0
zsi(npB`bAuAslkVmw0}@Nn<*K>O6F1bHjnSj~T+QH>15$pZ^x)C7G8a5C;7c1GkqZ
zUuZ3bhdkez4fZ!D5DayvC!53r=}FI!BrYXpD4m`L>SuCPy#?3LBg8-4{`IynnGNl)
z_!~Q*)FlvGShH~1B4u#a+N)2yB8ziK;E!K7B^<k+-jh>gJ8&xh+tt5hOZUO<ahB0{
zJg5jaQbnc-ZS`AXHS<0Jn3xvdH(%8NpwSKr1tJs>P*!n$LpKnYzqKY5P8M~4fesbh
za%%@ozH)luPR_K;6h^d~<k4GM!r|)ZJFmy}0=IIHU2w>*QdplXhN2I&*-pU}H>+Di
zj7)x5U)TNv>nu;JFfy3Dbc>@@m?*5hG92!tXxs|0qHv+bJ(CdF2QT%ysIk6uVbK(g
z=p@4Crgd!n>gJ9^hj2#wBabkth%F~zMT0m;-PQKTLp00OQnE7qv@Bgkb|(s<J*6QP
zeBP4N9~24>_C^iW5^H5Roe$msjbSk*&8dGIuhKn-?cUUITopwg#Mn{^CSvM<AhU?K
z81%XW#`|R&kZ%c;Dg$!M7+>zvP%Jw(+T4+pTGaAdOKlOkq)K?WA{Bu-m6tRZ4}FdG
zJNj5!Kd7;?_zd`hW@-LayaE{~XA~xmjc-GPn@9ymi>n>qdwPtmipTF@JjU}QU&U1l
zd|d@nelfo3ATd}={O7y1v#2-U>Wz)a_sm%G0qZeL$F6(9o=fBh*qWHu!-vS3)LH4)
zWW-XhG;{?^lB!E{TdYa|hf66k1u|kqoD;Q8q9`uleh08FHv5j>s4F|2Gx6i9utlE}
zACTUxiW?~itxu9R7d!P8{pUR78w|t~XnArDtjnmVYeISl$35!7-|5msHY&mtr$Ge`
zJ_VFfRONvrG3=G$yuP<`8Jib&fd2Qlck64j`R;yA3osGH3z@@Ipf=0061N2yJPuYt
zYaIR-N9@1m;)w=mwb>aDys}JkO@*8(*+QwLtLg*Kp@Bw~y1&16zVWc`QiKJ}U)KLi
zR<pRY5(Fh@DFS?VB1tsoz#l*r4UU{HZE!|8(FG#*!yHFX+TMFO0JWSxq$p+u(bHTu
zg%$?0v*VU^KbjEfySue4Zkk;Ih@#^Y$s_te;DkPtD|0al+}Y-GyH^^#TFmJr_)i*t
z88DSNH<Ix@A6r18OIp`gY)Rgm>2A6vm-S#dxz#M6a-HAboh+_CziM6NZ>9)Z>Hs#Y
z*K#t1uxik6IHFoh;v{U<`dYKW+({$_Hw4G5;@JD>Tf74vO@<@n!G7W=nj_UcTCUAM
zy0^ptBia1DOZd_q%>I|HHI;?n{!=ukQY%YGK(+PiHLul*e%y44p<9hE3VChsdh=@c
z?CIp&BjvTm<HpzkPe5QTOJF(4FgsYyR@MT3Z)*f~R8oahRhVXwqDhLu)d)_mK^s--
zQ9%S?z>~Fka|2uzQ5la$eN_kyCx*vHAUyT8np<t8sK-wW3v+X$g75fKro?*ey{AV$
z?igN)PjB=PbY=HJQ@<E&EJB)Ma9w(gD^0=}#YobW7}dUy>#ZBBns%E3%9k>E05A=v
zgPds=m3~N*#ROC~FYVvZtQi-_=&#D7eD3C`sjVss;m7uY6vwO7D%BtPYpd@P`r^HW
zN<g+N1B7mfYG*(;Rm|e9ubpU+ghqJtPwss#Wj{5_Alkakjdq~&ZPJH9XNe}BS(yM>
zQbsq|I@@!iA-8fJqC93|#J-$E%X)elTUrLnL=?2p9of^VOnvW$6Akeb^w0C0Yzh2)
zSaNjR5+;rv{<$n%K{1S0&WWVgOz@OpGWBo0L&~w`OtQGuj3Yqr@*oc*Vn|@u1f#t(
z^EIuAARZZHyk_q@x8Y5rU`-KK<WnL7buF{D%kUP$lvx3u(T<`%FXzY!qr}V8NMv4*
za$qujxJ7mDSqdq?0s#W|W$cjv2X-<4{m=2{DGxArrnkKwVPjbt^p4dLtWU{d*unXH
zGJ;Sj22?oaMN$!8=v_b2XwN+>L?TrHyCum6c=MzRy`B|o_RQ{+Ss7so3Gy-JkO2>(
zD?rj&82JH=6b;%jJ*8+O=lHlpVy}3@ZmI_ECSwwggBSK^7e;cp?0Xrkp9G-^s1u1R
ztiq(h_uZ$~5U}w>ONTneN+iwEjrJ4~#2_K*G?CF7c|w2JH}|bWAftN^R9bUT*p+hL
z>a;hj4T#p2u)7&mM2U}o6I0e#Bus8|ahtemXgqc;Ql!{zHrF%ftBkkk!5&j6uVdu&
z{LP|(_P?}5FF?F<#&e-rlXI_?W$;KYQZrCM8`vWz4sd%+mE(91ZM~s#^6h`xV)iA-
z2e8k8p-bmS^3@fX`<yUh<<ZfT22u59l-l>L+Z$QD=fZryncAOB2x<D51rZFX;CLjY
z(zX)lSe|!Hr%OE8T|LV!M2~1JLBdoZDk!&QYuj$ogCqM9_Vyghi7W`Kn+~BD!lu=k
z&_u-vEK6A(O72wKmJmktLWVs<FIeafka#YfWj%VKk4PeI^x$BIh`O_zNeeot<zW$1
z70tnD9pd3;c!asO+ot`7HUbh87l?8Vl?IGMHVo$?AdfA0JG?WR$%M|a<-zBw05iE@
z$JGXjU8q-AkQ!ZGL25Ld7iTt89!yIG;^YoGJhN+NjheI{M71^JFs8mF^Z!DAw85Tj
zfPhr^Vr%qnmcXtQbw9_7m2h2Fmq6NzW6sThx^mwT*GNF;^+H7Qq{u!<d7~<Rajz(2
zv9D^#n&iJmRpfnmmHU;+FL9-`jI0SO7jcn?VXiV-K0~BNgbn3#R&%0xa~w+8%kWyA
zQ0!yPCkn6!3wv^Y#|KO(cd4{S-CnP$IbT6y_*=yJ7p7sMglnk^s7jF2V*9q?D~DFg
z_gx^ixoz%j>22VtlD;^!@!O!Kagn%;oX~U#mc$65{Q?L$b_o*@Cbp6ZpLNfw`}xki
zvCmD&7{Odc0Uu<)rufy!vtgQyDI%mRq%Ja*;(PJzGj8H4O=93F#KJwA)Jrsa%GY}Y
zWjejroe3KF-v5XkV#hvU*PG;^=@YMS?_eJI)7u|!3s+lyP>~pg1$hE5lozFNRTyWm
z?aUj*j(k;SA7T<XG7>P*WmF23sODuIY=cLTnA=pHRWRl7;3wj<cqMQFFpXjfY(e-&
z8@Aaq?`cvFe4U+=tpi<=pLl`tgCMP_+tLJKCD1jH>4W$AXl<SMizi=J^J@ga=BzfG
zb*4@x_V$F8jnfMPSk>z%?d2VD@jL>~6M=+{VcY;3W_8gaws=bTjPwuen1<aV;T9Rg
z!RD{2DvEuKmvROqaOd=XecA^YnZLqON%1EcBvny1j}DzPf6u)VYD=j8@t-%VT;KE#
z9r9+!TE5gnd6_9=FApN(HOPiDX}C?!`%%N;w??lbZi70ksQ$%w5o*^7qxTU;HeTr}
zaMptWjhubqSAhCx6O)t_BU(J>;EtgzAFOh|v9JM~Ot&GV@h+6}A@JLTyS-<7D=Kwg
z>N~ysO`=eoJ-$bIVO04QjR61`V1V_mpJ?Qb=9Up##huih7KAn-o+kZhS~2`Uid(+o
zJ{1dRz@s6Ckr=Uc7CcPCyp(h@$z+Jdx6o3<kckRJFD~y>P_yu<APEYy(>R7A9inkv
z`5bJ6J5DAG%dVl~|L&IkKpYOC+~Ufd8Q*rMXvLx8ee$U2@{p8L)16l&*PYI5eM>*x
z?lSk}$Di8%x_xMLZ5@d?77L3^JvY1DcayBFe`AHqS{RI{zn`|snd>`SYaRN}9wU~O
z;CD}4{8(1ki=Qlmw_Ob2<RG?VUqmD?2$>CeHh*6$;F%JP8ov7{p^-h&!ue*LxT@bF
zLOIbZntl3*ZfOb-Bk<zE$IBGh&tEKT0mEWZ7cgAbk6S;ouEea@6*<;COnqtJ6SDya
zVr=LytqiZOkm1wMdsWSZWJZgPo>$Y|FC8>zvG}X)ta4d|bpz2kC1(HKEyM_vhrx&<
z{!iG+5Z)Pxcp7U|E4VLyb=u{bI0mput@q25x+lSQl*UHiMAn>_{3%n?a0f#|>U)$P
z`vtWCwA6ER@?~lOu?yn?Yj;x&@O_Q!-xjT{iJGd*q7_^L&fSkoV&+kR+u%Iq%msWB
zN8ei;2F-g~1X`URZm@kvyf-mm98`u0N<kv2qoy9rK?qyZH?jkFd~VTXly~rD{fMqJ
zf!zZ*Ug+RRUZ9LAAR!MH5Z*Y<C5Gf(D1^xnLQ=$Yk_aqu9#x^A`h`ldn|s%Xmc_{1
z+8Jp-bTqNh+Aa(IMi+on-H;4T!+fkwVq(D5JaPR-H=SZ!GoJs{fC6$usTaj1u0@8A
z;AHKV?0~ni)(|x}>??>;S)<OEk!B1ifS5)K<S`IDT_d1ggWDw~I14C`k_>z46yN5^
zbwe3I_d<HBm=d-p1qO$Pt#wk_4*4K5-pq~9%@HMR&{?E`qTIalV;sl!>ic~_?84r)
zBoWmieJlo>1}V3@1nL=b-#%SNiYm4o-uBk_8>021T=Xfv(eGCGca+b{kEnGfJ%dbg
zwr2qQjpUB)l>=VenM2B>2yK0RySXkl;7e9--YvnBuV_(tqu)q_3)WB?!g6YS9b_4J
zV{!5(?mOzOV)64b0^w4C7mU2~C*S@=6Gbjs&1mt@9APpvW`ApR(4A1Hn&Ex=(76fJ
ze)`r!2Y5ihZ>-&v;G4=g^C75UA`sB5c6)>X`-}<vKDv@{W|Yx^#)IyIT}^0mx32sc
zzVZmoTljHGMIv;<G-=dLXQ=noycB5>&?V<tR2~avM)Q6QlA6@xQ3Sdi-W)n>W<{C3
zpC0!Bw@|B{fYQ@sN&r60=<yFLj?<nB5lCUkwmfPt(9%-=FmWn;*bm-+##D+)3t=&)
zv<w<lQEd{+94gaC_=w|9tjK4}5pAZW5M_Wu__X)Ldem<?<@rZhPm)pbo);15DJd&I
z<otWA&wapY$|(+*B8HZb8rM*83bUu_$X6Jy%6`!HK_x|JI7l&!>825o-Gf@Xl19$E
z57H0(fk&L7l%kawieaF%4vkd&h^P3TXDB&b7^6*`!kU!<;c3o|;Y5F6Ax$2iAb*R%
zD}XXWK1YACp5uJH8x-d>VM=ug#x|uh39+@A<MV?_;<P7c0FX4KPT%-Gy_hReX+n+j
zk<9x3L({{^p`0+UN~P#B$MG|9Xr6bjjyo>{nrEdjPtysH2B{gg>fZD6v4(%jqY@r!
zP2+<wDgf(L!pC^XQTYg8TKD^E;FMAV(a%9x7x;)UA%>@c2PoF$++i`sc7OE!W7l6g
z0KU1@u1M4N*>ONxNwEwG5|8-KIMpG52-+wC<n@I!yGi~JBB1UN8fUxvoLhqksLS}b
z!JULo2q1f?F9Li=#Kpa2Uptkb>4ox4EamUENWFYqE1Jc~Dm3)0!<lxoBP~-@+-+PJ
z=Shx>-`aj8L<_gumb4!v#VMvjLs2(HcSmBeE_fX&i&k_Nn?3n`2`4sT>Y80I396D)
zD5D=>3EdKBktL1mdTsy61piFC6$o>T{g^!ugw!{UeT6UzY8QooX5xV_R&QMmHGkRs
z|LnbKZyZ;a=k1T;2W=EwGc}30u}8vVK;F8Ia<vW1cD*Pxh*%{)rbu-rDOnBFcc0%m
z_r{tLxsXZ8DywGNq!`;>&OQ72AJr_>x$dCN_+k*tcjanJQLfsWz)4?^<>rv3IPiVx
zu>nQ{ISMoBg%403b!6+cko$UVnaA5HH*`^e*^kYxSvGrXyMX<&g&WpYy!e1h(viid
zl|mH(uSoU^7sg`w0So8G?>2I7#EH8WQGu+u23}QrF=>0`?QuqJ)sY|@jP~H(L$c(1
zFG{n(Lo5%=MhB5N2}qC$;a3Dlh1@_T;^LXcIh(sVySHcipxvuBnPcBx^?V~Kt0vAV
z06-++rj@<?7BBDSt`vbcd#rs$L>S&>sZ(Okv92Pn>-G&Sb(mD-)QBZg$5@c4-P4=S
zv;vkJ4F)#11VJ#F<L=S2@bQe?WC*ajqzz~p$S>Aln9yEJ|0b({qYszVd`SO~o0njd
zNuphmX24gFi3N;iT1bNU%zbBD0Wt6v2AIfqLF8dfF;zubRfGYZBs~*g!?|l`8pk^$
z{#owO?GPnj|NkBFjc#wE1Y8*p#f)x9X(2!~qdU&D8hZx?T;R)>S8o`TRP}J?s0?|P
zTS(g^k7?9J^<AFOR82VP!o6o3=<AJ*Fgf*uM0(XfTx)Hs3zNIKTD3RQ1J^ww=g4Jd
z?y8HL5Rq>P=B`$MyVL5Z;Kkh)r0CJ8kKnl<5G%^l8fT`}eEc}FpSE%P^L+YARXw2@
z)U#^|$dc+^RTsJbn}L8_>iZPSga8(pID{Ft0}0Q+1`I@o;A#+QZCd3a)ra(a%0UY4
zb>`XrVpbV8e!B-3)#WQW)Ky5Crw7mkwf(t7d51T&vq^&U&*rPkS2`Ozj)V?h^pB_G
z0TBC5Y3q(GQ;M(Z!l2}d9u~_!XrU7N9<8Q|l+_2EM2fS=Tx^oS>&w&BIP0rq<Epx*
zT$eWEaS%|X;_`Rh4QD$V<1uON!%^5kI}l8DSVew87DoksekSRGy!vgGAsR4Mi!h@@
zW+YYAR-~!-Bz$*eh)I#+s-y-XrY4X|I9(BXG-w%|O0yQ!;R^kP?zwYFA-i&X$cAR#
zB6>h;knCE#oKC!Z9js^^mH0c;jHYuqWQ54ti)SLRq1tA>S(;1YTcfr!lv`WU^^lC3
z%gt6gF!^=hqtk-E+~nvRun@iS8Kd0zvT7Ez=tr^HAUFL&ynvbK%Ba%FtLR#Y`?v(}
zLFzE1jOtIjZ)E6kh-1G0l;xa{UZP~--WK&884%ECtWMxno@v4=t%{tuj6HHo&(ZEu
zDm=i4sDI;GoSpc1{j8y9Hm%Ol5&Fv$Mx{)l)i(4W!k)6EYI0I<!h~)Tk#)i!zr*QO
zj>ckp+vZ`OWOYG9PWWme*tYG(rF|aQ`8$>Vp`aQtK(umz9y5GX38L7rI0|<#*iJbq
zP|m|*FXA-hYpf-ruBIVoWANWNom!(w3y}@4FS(NCM7ET99ZOMH6Q;OD`^z({uxHG=
z2QsQt3#aNJ3TX#dmn8^=jilAKCraMd)iGs6m}{x6i33PVdLGz1rrm|rBS}Y9cU0BB
z+FC2*AR-1>swEbNm($xG-?npwiMk|%QAx|H;fV{<m})p6|7eShaw9^t%|s{H%9hu6
zL+H50!us`0L~s_3(RQg@;ZkB=2ppx4Qb&|Ms_3u{vf=CeB@l#i{ahan<(+&CfGO&C
zqO727EX9#*KX#U{40p4}I~bDGPZY$*HP2_<Zc0w&0HNTtCERyDO|X4V7TB+nVby4x
zJuma(JTKuVra=_Jibi*wM*e$09V-mF=74u-GDRJVB}_?Vj7e`edDENjGk^pjcFl{-
ze#~EYzD<`|ZNl<yv#GCPfb|Q?`h}89>Fosy431hXHvG%uTh2a)*sd|3&Pr-Q1AxUt
zTJWN9w#$F^PwwtKEpkGi8h*0bf~pJ$LImY_3m*C`@Lz(!zNk0CcC(0P&y@L@2n^gj
zCVc0vxgr2aeZ3}+PqBp7>;JsD{!dVXv@bOEN5W3lYh}{(sS%1FH>4?VuC4%H5RcJ%
z{nO^nkGKLiuWG&NuL#nPi@43EW?6W_zxfm~+vVM@Vm{wNY6YFwuyM4%PLnhQY+*sr
zwSMw$%x>C)l3ROp_EN5scH|!dU7C4e;#ZXyIn(BNY3C<A?o|ar>m=gX?UQy#4E)|A
zFPCaU_+Ahh!7{WqUH7(5<WXm0=yF$<KF1VP+m1=LqRq;ccBCpr5*v`xHCe5WO#8J3
z7WJm4C-PVF<8ODjVuDg8&Oe;Gl+t7&uKlQq$UCZpU3OQeN46c&o=qR9Y$0&=x5j%>
zZ=TT<QGQ3oj3dCZbHH`k@+v1}(qBIKHC6T7L*dDx;H5O{zWBAKXKD*^MZber{|3y}
z<Ye??KTQoc|2&iFA{C16khqBerct0m%PdY9{`ei1L%fHJal&e_1&f>c$6F2m!)jdJ
zZ11FH3<o{<1FVJ$04q&x1{Rh?&pL#wW+3(B7LwjUi7y#!gX{nLXGi@D$_S21P-FFa
zxxwm%`1<NP$*QQX>Eed1J-EKSdhbk($aLSY-d@<91Wt=QipasBGu#wAe8Sxq+B&Lp
zvdvED+p%=|m7hdXOo~hDLi-trt8>AjiJL~VEk>7z!S?$>C5&EozzI9L_u-$`sJ7^K
zp9~Qj_%{R&x*PqGXnAS~&*HC~7C7rr+Jzl?LC=>VG4qXC|MZ!Zt=3Q6{<J#usC3R5
zSps3WV^I%%;x?wXr&c*FOe~pEG@=9ywX0R05cPh~U`NDpwnM|p*#tvTJpjY;cApU7
z4s|{%1=w9joA>B*OFA8m%P@<kyY4in&epWcFy(j4!yY)dFpFb<Y1~6wW$%FLIA77}
zJqHOLC%tq49KG^fzA7MIr(D9V@Sc&j*27?Z>7h#NTtbn!41-i$w4?VP8gBc>&M0vE
z;S6X?u%5<tW`_3@$K2vnN&?^rf^QF{QfCN8t&f{NYv_-JYet4V-SPt?>!s~p(|*P&
zMc5K#JQ8V&hDJacX8wMs)DZ(o9_L7hNlD6&PmMf2|GJ#Gi<4ap4!1>z&uBZR0U@R2
zBZ5TfMY-@0Z;6l&9Mty3`{-#=hdk&%$5xM%h=4!Rn}`Hwvo*K(n%a)0-*>~kXLYV(
zLKMWIXCv^xxNH9X4s20TI^=MEeO15ss@C~`BYW*~$wC76CAl;#rsNj6{LPLnjvYVU
zRvz>he6Wy7MDA?Dea@eM6^a~?q)us}&|YHF4NVwG0#C9=QrK)g#{$LmZxzq%(Gfps
zA1846=$e^dS0pEprPKsOUvR~`YfDmQ{K>R+uAA67*X@DoPY@um#0$xg%$QQt41N3y
zf%+av7HCXbqydCi13LxgREH#MJ@*UV{iU_ik>8)Cg3*u5I;xPvq?t%MQ^!*O2riy3
z8ob0(lOOM{f2lQ#pWmKHIOQ7{E5Fb1RoaOmtkbe0or)kQGIZDw{_3(MFf;IpOx&%1
zg!MjNnEYW}YCEwCBkfKu$jYwsU*Tm%K_gKr$iotJUBa5S9g4fY#LuSd{Qf%V)z9R`
zYJv=m;31a3Fz4R$uw#m--U2Yc<Or=+PvsbXE5FNQlN2q{kxcNcz8!(H(`^DHD*%-^
zA_+$F$;9_%tXZ@$rVayCnh2|!eg1J(^lc(UO2c}3;Wgen8dszX3!zq+5DlIkno5BT
zCGgLBWr;+4k!yLceNQqAt*X|f+rVz`zU`J3M1A#@Om?#ySrlZnQ}NJ0sM`u^0_uB5
z*2d8JD*h;G8nIsgC_iLVT@&)@=rzpfd$hfLby?YH8qIx*{I-;|ExMc=ir*Lol`N^G
z7tP(cv{D}qvz#4!&`vzenQpX;F((9lNjq++)ukvgM%U@CE-n3Zn;nr_d%sKc9Pj{r
zqh!6pU?k2Bk2y%Eqd`)QWoSj+WazJ6T50AE?~*Aj4RVoQ_tEOea6C@SX>&7bye4oS
z+HaO%ttF^AHVM&YR~<AHKj=9_Gw~0j=L~I>1DVpJ*w{g@P>_%?oP&@=e{D3Rp$W6k
z27jlKv*BWl;;08_Ta(q6QLc+7ScP@N;p+^xKLROr2AjABPJ+Nows(b~<sps%L?r38
zBEg$N7VQ+_t}SucUJRV(k?22JQi%YxFO8eLCM`Xihnx=8S|{1Wskd5bJ`&|ulC|_7
zH&^?5TkY|*$4x=6`PATd0m!yQ@7d>RA5Svf4N#0E@bWl2Plb&KwJu@R)@)Fy0uPI#
zbs#m7Be_S0^EhZBAHq_02D2t6>4L1+-GVIcR6mP>NgwIsqKFm9thfk)lxu3T6<p@m
z(%b&EG%vL@j{&Tt)~KT2L<$;pMrJ%Z$Q+zWx6fmL@$3fNL)#!(_60baY#In;;3ecG
zdq*vSgyig{Hn`OiN}rAL!Lzc*&-6zS6H0{CtPI=+yZlvi9*JZh<KbI~#Shi}u^R$T
z*V&&zj3*l4&wzf^M)6JcxexT~;PF4_e^XYw>?i%>(C=GydnF^cmou5;*av(wB+3y2
zh$L0*J9jO~&R!0jq%*}gO=Gc1GS8z$P*MV+4w|7yzLvdo<_`uaX$TpnN7<iOH-^Yg
zDNz~ze)v;X$v9xo&~qI?=xr@OT_sc=0HBjmT}(U4LZP(WwKIQ`nH5x0MyXa_=RT?L
zB0hCEhd(7d*OsLL`2~6n#dQ4Q*Mi7r%hL9g3)p<3nW8f~&l78+iIb@_-;*{@qoT88
zUfGtEQ7e#BiXLR(SX0Wzt9G2TkHYyyW8Li-QBgsdg5a1WRA-u~)3`slMzlTa2Sz_^
zZ6&KQ;gZquR@aX9q7nGjs-^Z`8y3Z+Q`RR&*_UmXDEFA$+xa!spT6|uohxhSi+v)q
z>Of##@Y?ne+Yi#MRr~G94QEX{MbBETKDkQ@VmbWBxz_l-l0WdDhu<(=qk(GjVQC+{
z_Od}pDHBkt>gA>>Oc;3KPTu8`Prwx}Stb61M*Tsf&gr#BA>Iz7RZe?<zblQo$q6oN
zP>C~Ih?2hE`Cb1Ad2cohf0R9aC<$@Fl%7|pfQ_i>15pD49r$tX^2e7n*W-=IKf<1k
zb&D`aM_yJDT}vKar&|nnaw5+=ukHuo_-J|ug3$>_OkhCQyfUsmaAPIYW3-hH7eG}w
zTaUb6tH;|3$95k-9GeaU-PSrCloX3Fz8>i0rJ>@2?h$npA`XVBe$o-@*?Rp{e_Fw#
zO0U||$HS3@f?kAf1l%EAUjTTbc&Y+7tp~ALf`y6!+M&3fXS1}B|Alljqvk=nx!X(Q
z5+_@4^$nl<ns!!`_9Vl)uzNLv&=qjl0X9+Vp~+B^qa~B0cpu<^5MazKty0bfe}C&U
z8)Wbua0Izwqd`=(x=Pb34D(!?%Dv@bw*_e;)vZc2kLM(0WJ9I`TP<NzT6YIIy%Uv;
zxb!v`yOZuNeSU!QG4B2O>bQP%HgY-urVwt6pUfT{dfyNw1a23I^ti0qB)#%`nXtv0
zvjW`0$`Hv=co`AwTKpl?Sx~k(;}^G^{E|>J5HNCMT#)Ie$!a;xV?q)P#2H#uQg&o7
zb;i|*yG`I@`-<3obk$}OQ4;C_bp>6S5dH>p8f6kqKIFE2clYh5_7;MPCliKI`os`X
zC*c(lZJ%*s9ykF2k8Z^m?v4SSJW1{*f*etq1$@dF<HdRTjvcmjk20{MOB@^qX;4Zw
zBOOI+viFT(%Q1`YZ5_f3DWO%3_ctbgm|QJVMMf}KWEfASRALhnT2GSRK+3HC+@++Q
zhWDTR_{}H0Rp}0r3LEkzS#+?>YTr~@L0vlu34>w@*_D%$INSo@W=+Z{mM#<kb2e-P
z3vgBevzrB6CM-Fvq6|{CNix1U3WdB)zA!Ll_YytH%C=)Gn?R3;Iw?4BR6nK^KoZk;
z7njcUf#WtWF@~S?(!>KNm_((NuC=+%dD+JncCoZ#at#6RGl5sopDSe1Cn#zs9=W|=
zp94~BlF(G738CiY6wKk4+67X(*BJJ0T#sXx)^rt3O;KlM7<&@Du?uj|P22m`-Q@=l
z6Ue@rbRE#Ru*3)Ka{rrlvEagzN@c$k<OQ_R1Y($$-JZCN%I}UuRP&m$DPpe#T7#@3
z|9wDIJ7G1(c0MqU$5fWf`*GcmS-dC={2%NB=){`li=d4HV(5vxYxLHZ{Lr)<8s(|u
zP0n0Zo)%=-)g>ML`~vtr4vGx89p_lq?NcNlr<9v!&RLq3dF)dQ*%Yvmp~MDoZeh#j
zO1Tg0Tu^gb!4CB*G8@6cUD&yuLhe&H@Cc=AC=ALntm$k`5mSZrBRzh5`O}7q#))Km
zc4;3QAAVGTR^d9BhoIxfzSR@<J-o{T!vg738woK3$6c{=6A5(I!J9c5l%XAi1_=sy
z#(%^Ix+{b3If}hpyq7{rlaYN#FY$t05QT|vrO;!1cXt!$m(&0&Rn@e!q{+M0Bu)_k
z$nY9Sa0*?M1jIuOjrR;vv-P(w910ZybgJJ)VIMkgcJPG0)~Ni{P8`K&CCQ`Sh;1o9
z<<`um;apq-7x6rbX&nYqXYG}KLNaxmq{G!#BVKZ~X#*SEwMJFVy|ie;XPcYX7dgnX
zw^Y>0r=<~2z&8ae9IS0@x$!OS_hklcBdN#oa4l?0Z(Z)6Ttvo`SeO?%m7nlMW=B6J
znjTB%0ZdIbHzxP|PNt`)aFA+k3>}4P5HWA_ODV-S)X39as=${L2)wE=ukQM>4(a#1
zd^HW0(opGt#8Lspd;c7N(DF<0isS&6gw7ETL(PI7ZBxx+Cg!s<jHO^tuOHHaj~p-@
z(_RMDe&FJA9qQR!L}K)nrJc74F^||`!-UfH=|bCD;f#<9YoD6^D2`Fgz#68vUB86G
zJ{!jRM!Mt}yN=R`W3^IO8YwQ-&7EMW!tv^g<S_jgJhraB<+l9Rm8rJns`d@)g`Ac%
zTT~@sw!?uIu|aqd5%6mow*(dtC>u82vBSx${3Rb`KxFy}>wYCZ!M+Z0gw!;if&5Db
zN(o~-WJVFnC|D`HW~m3>R8Ronl!*HaVmm?+oZ;Se6yh96JTFM;gW;pEPq=qSgX{Ir
zg!Hul_xx;@b`NNHDKOnJj<Op0HD$9Wj^ix}VH1HgZ>^dOKxeiBw@#8QxFkm0EtGA9
zxOgV_v?60sB6qtP7dIQ^t?|FSc`dZ_g_?z)>YX>QZ7ZNunv2&&UTUlwK$$EtOyXRA
z(urJo&yQq=^?eadR9$YsA_pzLYvBQcXhI*8l(r28ICf%qj_+wFVa2+gip9OZS8S@M
zU@OGpNdda^h1&JNTYmGsOkbU$?Kz&5ou{mNyGBF?YnXBc`h5c!y>p;U*666#L|L~C
z>@@wSD8MZYj;T1;%Kz@_V=T{PynFX_G|mJrL78Hlmj>1<poCD^S^cywq88GvkQfa`
zLWo0rg)<SgJD3Q7__ugG3Oeikl3(3*(cm-DQtya4DlOcNJ)$!Lo#m(v48w|+TkmG<
z!;ql0tQ?S0_WeuIP~`NAe_wkk$J%jMm2g@VWMPPH?I(0J!mzTJ#$@=m)_&S1Xg{UC
z%x|AxT<0$&#GXYo?11f{uENj)BwKfNJe9LBoc9Yj7aJ=zr8w~;lLp$aiog!}1>4K&
zF27pxu_@PR0bN}Wirv5InQ={;C%kqjdv>Ew`=hrMg5xe|0?+qx-vlB?B(D1zBGZ0x
z<mYR-yZho&zwn!D>Lv)8KH2_QH*z5CjVMTcz6I6jg1;K#X{hK2N!ZxsTeM%+!zF<)
zT6Rr!^Z5nfNj1^=j!5~ssL4J7K$I?3<Pa?Q_w1C`Yo?@=9`GhTp^+%E+vvpJ-hnS8
z=~`iXUen-f1uhkrej!~Otfdxa|NQ8yy10Ax^md~HwwE9QvoT3~(dq=eQmc>j(({~7
z)(w7Vs<Wdimi{RcXye+M4x+BafKx=(>wMFg@GJSz?J8wKVusUH){BVxC4NGoii9oN
zp<6X(+I3f^=ZBMfx>=$J+o@bwABu=_Kyz|w)RQJ<NLh3@TX)OZCaq%<fZnIGd*Ykn
z4c&+b`%<Q)I^_YyQfZNvH5z+sY3_@{xCV7p?^ab2mv{s4WEwO9X;7!hKyw)c-QUWa
z7cXwE*X!|$I$)E(eB4}rs_*#o$N%T^j~#Q_`-naKkC;3Wmtjh473oq-pLmGZB~KhP
zxNg=~AL(-`I-Zg2)`vKrG0b_<Z?$b0^P*5I@QMDs)V{R?c2boI9g^^*5uf*bvt!8X
z>jyov+&t_E?Yq&c2Jc?5(R%))yl*#1b#TyIwLz%VD}nDRNP8f(Oq9b#dV1Hx!4Yo9
zW5H6I@?q8J4-SaCY<&sGxIxvekTfaYm;ii%DOdi-!BPE}CCzh(#XO%rlQ}q*#vqVT
zE@iS~rgFkAc1K<}aW`x=zh<q@-R>aElt~v+5RNjE_jW>5^J~?;WxRbf%bITA{3r%A
z>L@9#LqiTp>0z6s;4MuzZGIes_vlED@_&qj-4INf72wGwMdDLki^;MR51;>dy9iIE
zb$N4H>TzB;a%yai^qiS+qGXDlj^Pd3ctMLR`a3pZTqJG>7s%?=F?ZaK`q=5#I&L>J
zk@-!Z{q}(Uk<>wc6rGsEI!$S|J0$_f{-)8=hi}f9h-c7Nj^^u!rbxUQXn6kPlgy(1
z=tisBs_$JW|4ehc-?5N%*alET{3U=17Rb->$yp$=!I^yfhXHI7kH~0=529+a7?r<O
zjD$<hxZqDE;=$|&r0d~WY8seVL?SVnfDa<w!6z0La7?gmRd_%bHN*>m>@+kdOx{+7
z+iZeSufYODQ(%42`_}6(e&YAPi3TX$i03Kp$RTA`nR9D8_~L4%Uj$4kr&7E9qG+~%
zh3EZpFTO`_ji>~<IihiUg^B6J>4Ro5q83AP-U81%YHEyxiOuuE!GaFRs7~=F8m#3Q
z?L70)%tr%g*~8%L>-A%7rL`Ob+w$I+v+wFS&f%sbNR78Q!%zocjQDTmW`s1lK_cB3
z!0z-DVnZ(TLasiHa%IntB;0m@4<lT%?o5=0O+*H?2R8bcN8N|&hT}S&>hK3g1P~JX
z!WjPN^wM65cXD@;>e{bAY#RnV4U`JiHbj>%1EN7Bz(vOQX`|~7`CA_n!sFD;a1#q&
z3Id@79FSy3yiZl-g0aj{xbK^y2Hp5lz2Se8e-T~dABP324b7g_dv9hzXN)1gJqI7e
zko80ZA?p&kqdK83e+5-npim`tDn)MRn3C$7M|tcQ#!DuCV)C#_65#yBw=v2LKj(Od
zUV5uwu~>aW-$)sAczsjh(+>WFY!V9{xJNk3y{pxK@?YoEJb3SmeDkXWy}x=x`2fPE
zm8SBJpWeK*XxCj?=wNi6K(^m(-}BdB)Eu+MBu!K=UgeTFf(n?_0bXYU#X*x0%~ZMM
zZaDSa4~Ef+FByiM2$>G4hoIekzk#pRo9p~)%o&V7JU6~KI5)zU)eTG!rtS9bMGX(T
zyuFaI3M(PgIVtf$dpUS|Ijm%Q(-G%RgoWK~e^ZiQv%RQ5qo!o<8D9V!k7hVt6{K{F
zrlTz)s=wX}@9mpw@^qhU%5Sf)5nTuMt*t%l_M@RZZGyi8N8e2rXfs~K=Y7(tQ#vX&
zA*urzdMa09o08xtNgiLVMvpIf^I5cAOr12Z%7Ew|Jb@5II?Zrd^rDZydr&1(=Y&!s
zPFb(;GyKo=UP{7dQMI<qDl<EJNv&-=5H=>GNjM1|Y#&8QVmt`xj5qH1FI?xZE}!MM
z^+(_3|MNyDTGJ+a0-E6#Y5Po&jUJM{{z9_=^ia3wT!Ikf0YKtZ_gqU-NRrhF?s1?z
z!!p+xcYnE^$Km6r+ywS^ls%xQbCLgbGfJYJ8Qqh+F>9ZIi$0CZ<@%XTAnIh29ChOb
zwNxWvXqQDPror<4r?M~o@OnL{c<h`cttDpCn6@JX5`wxch{qhZ#4P_4whillq@C)F
z$-@*dVZi(MSY=#h+~5~z^#ma_{<yG#i1ZFgDR}M!xomI_;UmZHlT0PO@<<D|f7%^s
zn{X1jJ4o1%xKzqDqvmq6y}h`C>0H#+Gg-OB&tW)d`J@N=I7y^+$>^TPT*I9Mf<_!<
zahwDxc@}kUv*)_IPAWre&s;{>Gaxbu_FSIE0{7N=eqiyZYYh@rVcpWa4$v3k#*0hi
zOX22FYml3q{)>gMUboGv)@#?S>hP)xwF^BQ$%Y(E*&@TW3TNuwPvM*qGAA6|R$&tw
zL>WDJ3|g)8Ye-a{fvayzk~&y+auMSsrm7UE850RAp}Tf?L0cvAj8e=lYLK0AQDw{T
zqoKEJm4b26p6xoVady^4fgxX&1+kO%;v=oriIQYLAJxSTy+b^)T`c2S#^v~0p2xY5
zW#Z8esHO`~%h%-czu@eHtNNPbfmb2PE7}W_wChEZW5?frAJd)KZ3h_D@9Ru$E}uQW
zz4-MNE6m~sB-VqC3KODJ5h|R!_<k*Or=|F@Eq&;c<`1&x`*FL2uWh;h)Ms(@gCa5S
zD`Mn1g6~snfDI4gs>}=-0}a)MX)IpQ>0L*P=#D$;jCxC9=Y4%=v*WD74_m0)&KB-9
z01x(Up-m`hL4=se*e;WTOz;jrkS;aHnY~M!-1&!Q%=-XE6x`{TSGgK9pb3Ok7SWCj
zoNG`G#7fj_hdGQrnuqUmLiO;C_fnd=H8{?o>~ZA}-!E#;G55ch3o#IpCoJJ#e>t!q
z&fi4C4dL<s=7;}WulMkrNn?(OQvQA=?}HdpKYgpc3m@Cd!w^WM@{m}U#T8!NkSN%|
zpvBf~&EBv{DZUM(m>8ZPNzv56CbeY)>$NQ#*vkbv;%VJ<$DXWvagGt#_LwVT!6%@c
zctIf0!v=%9<%%}W^j^$q2@5d1&3_edjNr%6<sgmAAZZ$baFYwas|`9%B{{2G*LboD
zoip2n8BubOi|Vj}#EJO#myeXvM>3`J&H~@BYJS!^ZT%T(M6;P9G)2il4GkXQ=}kw@
zs1q0y<r2Nag@fBtR;d(Pt@?_gg-Qyo-PnggM-DYOgMfU2*N~QjG-@}3Sz-RR*-7v0
zgEw}lYd8g(wDGbS*s8qD(6B7(+WWyt_M6VfdrSz1I<H!j(-5Qb65|6$lLYF_luLUV
z&nPl`l2fgt)mai5y?5;M-+yeaH_lH69wQ~i)oSpag#h=1jLu$fQ~51v?~+?bj8DNL
zx@As6au7mdPlj}UV2}ofeR$`?Py8Z<d{DP`)Gaf|mcfwsqeOz)4T%l$AQfv#g7?*B
zVMV@YK~FxQ)UYQdzej<79~cj4o#;Z{M^ea8n_3#TtNkJ7665Iz=)WD5s9Co5=TDX)
z-ZzACuOT179FA2%e>YZcyATHqwGrn#*3z{`ory8(ETh@A-}VXQ(Kp``7gsjkMfF;X
zrHT!R6<|a+q;y1*7pE4>!NI?G)F3kLWJ>rPE+Qg%uljvr$iyiC2mN9V2vRg&3&3Zi
z9!9K^p<nFa2HndNJc13h?>${d2qQ~0l9Qmr-=`uB)QN|MLC51%m*tnAwBf5Rm4Vz8
zBuJX(O%tVI@yMwRCoD65roF`1>lT6SLGsuUg-6(pgT!EIZnd%rk+O$Ifp<nZ6?8`;
z2gMIPx(CK!*GSy;w?W#)BdOJ6w%QpxhNdi}H-bzEWAy~BWdt!j(2XZqmwyz-+UA2S
zsYvnN_3MoSzR{tPu82lTF&YZrQ48&*&ptiK1pgR|c?3IoFBhV>@J<ojaLhmVhw?Ca
zfom4iMLTGkkR(lUOE~iS6Y2CHe;_eci9i1cZTd#afm#Q!NTtjMvG?$Ayvb5-uYt7H
z>IYhomH&R1Z!ApI2yM-xmdxfk2O-s&CT?OA(C<g8k@@!fg%p#AaUE0GO}p6;uwT5V
z(gL7IiaDHkJ}Cy=4;wQ8@t}*Yz#N!h2t}}swC5zg?=+Uu3~H5AN=pLCL}YDe9`}cj
zcTa=A>6O%Yf`3bOsw9SWPsdlZ^d?p!=0tEO$QJn7O`KI!uhKySv_5O!55Fb%)|>c8
z{b2yl$g7Jx`<@H?irjB1s;fhTu^&Z(Ml`)?oN$irewkn20|m`$UAiqgg?1T7>yYUx
z0_Z9A20kd(=<FVY_5)BZ1SpBt#&Y$XV^Rw)aUCXt>$?}zOcLvH-f2N`m#Xe7{e@b1
zHkMTW)^?-7ZQ@aPUnM1tt@(AZnafLHQaj7%xLeBSmsizBQ=&kO1lFyt!wjg8GUZ*n
zx1DoUhE(JTeza32w%^a&n(!?<))3||KwpXd$^ef}7+`wS*@oDmtBv3Z`qMI8VBep=
zyE}D}boq#4&a0PYfs}!Dr|y{d7|%`<GLR-DB@LG-jtlb)D2!0D*ZRw6n?D0g9uHea
zI%da#mlkzO%})haaM&`lp@n%~+Y-iTgU~xhclW?Ek2o8kMDczS;0dGBgwpVJjFclB
z54V%D^#N|*_FarM=4``=OCS_7T3Aq|bNb2;s;?K;TQQET0Gg0`C;)n4pf^0D`sCYd
zp=!nc(0*;=YnVW5n!G`cxe!huOu(m@lClsltY{))q&j49{Y>;fEKXGZO}o^qD-(Rl
ze`SOk3~W2M`K6yCRqKeHDDWP%X3}}FC((8Vcya}4y`(yQNjk<tM2f0z#ZVLM*Y{D;
ziUkb6EW8>_ep)<{DLPiPW;w#Af1V}0#RD~vHm9$)@h7s9>L_~0HI2llz>J|jYIwsV
zkl<kWPOVuIIiZsg8G4>i*>oAz;Jz8OM7c0`77cpe^)uijQ7)uj_0E>N1U_9>$sq7d
z1Q@R-NRMth(=4Z2o9<3Oq`>cn6#Ga!07hxtR{@c4bGCIz?M>$#QfzCI^pJ|zQ=r>c
zt8bK5?UsC&FDUl>AqW3Fzxw*WMMd-L|Atl3e9l9&L{+D02LJ(6xv#VJy><hf;@oZm
z?&Jcel$TJzSpgK*Z^H1#bIy7|XLci^c4%q04*^Jt8AuyJOnNt<Q~jviJ!cz`4cTP=
zKZR^#>n!ay<eJv?*SFw;fAv~+<@i0xutO>Yh+h)7%%s}mBwft+#9w<^QZ<UkPL)`@
zTd?2SOHrVMGEV?0qk4Jf#_7jIHRuee%$i1*T8kPc(w-00jv@r3P{!F^J=+SOH1p8m
z%Z8v#8NZ-XEJUU8kiU<sD^fg$whz2oO70Ih>z&4O7x;?|UxoG&V2&gd)rMkag3&c*
zvF)bv8LV*b%}y(@SdAuDq(&>!WeMId{{}s#5*jh5Kv;%8UfQYH9cj_`Hp=H$arEw9
zLw~;(u=a}>z&_j}xFVyNWT3I$GMeNBHTql!_@w2XGWVdjT7MC-Kcjj3u0Kx8;{pkB
z(oHrCn0YO#_wa@@&1$H7PseQ1&eFESmB`X`lrT;*1;J=-V8v)@k21=6#bs`I=B~<b
z^G;4=pbG?E1c-isk5teS2iMQEghvl9z3T-#?!<_i-7rkUw4k%uR4`hNU}lEdP;*3A
zNfY0s4V~bO!YPi0jK1Xv(hKU}UT(+^>((uzP8<<X(*iB@XespdN25E=v~njC-_AJW
z4Cksgxu@4zkx?D<7~`}%tbTm$Uh4l+mz`m1g4dTQ^leu<6wv~(;sRDxrarx48pPb_
zj`8A6I;dNvclyD&`=A5eY#Sj1p<hX2R{?}XT!_P02tY@=w{w&L3^LLn=6C?@1!xuZ
z%kl7Wo#@VYCvA;m(6$3w3I{am6&ps=%3RmuBc|C!=3E$Q4yK|D8Pl9G6Lb||V`yty
zaAIu8c*OdbSM&Xncc8nbfe+9by*f-G4OGYS&MnxhwvFcDMOawt<Aqw+kHwPc`=^9a
zFG&|y&nv46j5cX=GhWlt8cuWwmDyv8et?>0)!5^g{<t$e(<}+;0<a4x&K`cqy5f9J
znk9|qJbQQ+=;la1V`e(kk=x!B^oGS6kPareJEpCZ9yTiLNY^zU8mjuz7Tnxgf^By~
z3&}5@gj7j_s!Et+mNCdO!dcdo6{SteTWy9Q(b%*B#7D{&;%~0MzXoNh<V;@N@Eeb&
zS?&R)M*j#gduzmJcl9%Yo{vK{XRNo4ei(OGw3zu(e=cL&<Al>E4+;lYcaK9VikdvA
zAbfgMvH63#`;K$mr3*W}@aH2p-XBZFi~p%NH$d=R3LroZT)Z#IWC3ce`jkiVvA_4T
z#ld}~&DeCa>Z@8^Z7$G9AWwpLE_kkda<yW%^emSCZQUcZr{~|_5N7_G7s%dc-8GSn
zew0T=5+rdJczNe2m5;TVQoBOS3SN<%qjyCieNerS68$)@@~Aal^j&wUZYS*@s$lzO
zD+=3h_BE-|?tfjvnhjjK2|c^IDe|k;%1X>9lG(4*Zd|K4UbkAgd!N49-r5<0oGy2|
z1!k6@S0{9lz$gdC+SI7W7Z;oA>SB0Xzu_)}f9EA>?bmc<qyI(*$b;=w<#xjj!TqqK
z9q!L)QcrAw0#gt}!+uTb6)f#A+>myKF>n$XfT6*dM%`#@8tgqXRz0BtH6|^px0mJC
z7*!N5iZ{2lgfvW5vK;|Uuz=t|&<=E_d8MaSwhD9|3jN3gF6q@GP32$SZJ)Q~@YpBH
zscaa+F+(UkJkA*&g@dD?sB8&&2sF+Er<8yWO+-d2n=a>|X~W|A+ru0zheW?T6@!%2
z6(Ex1qC{o|sdO|E4AP^Ar01ync&9d!zfI;N1@2)}0X);Gji<f$tmvgc1y}WN0`Cbm
zQZd*BQ611<7+mfgQPEw!&)h8>DKLwCA+Z?#6Aq%8M0#C7jJfS^cei59^lctnCNk+y
zHyU<aq{etvoS{@DM3wF}?4kXa+WvXEEskOT(pp*jI}I$(MR>YibW2?tAP0fiGXap7
zk#v>ot{%VCom<iokoz$(T^z04V<y^a3MadCoRVFU3FzP41e%0$n1mh}U`um?iBWV{
z_lU}tCtA`7w{$|DHrp-gq{wrR!<Psh>dMSE+ijJe_4*s9{yeG3Y1tB8cMGw_T@N~{
z4JUXMfXMgYy%zwm&QyW$v~Ts!J+D@j3z)&~t^H>-D`WBj^UpJ>?5=3(Q5*6mA-xvB
z4^5lQ4+y#q)J>Raw%fqR%1&Kxlp9uA&hw-%aJOiyRlB|f*2Y^WWTp}q%`Bv!smGxv
zs!}&K!eNZ*ZWUIy#q!DZdi2R*ci#4UJEXD`l5dm8Qh`5~!~<=#c(J8lHw>~Vn+l&f
zR==M!GS+4HHq}v7!5`+;h1*{*1x&YSKpmiAjD#MtK*A1k;asHAf7@mkS<|A;(lhcY
z67eP3Pq=-P8w^m-r&AePxf_bRe$ElSU+#{O9`Lyzn8MHVQZp-57w<X+e){L*jpZNn
z*FRoA`|fgktNFNMJ1b@A?xY(5K;GVN{a}1w=iqKz7T2IzNP}vDL{DQ60oOmExigb}
z@829wZtOgTT_Q<MPq-i>rc3iq;GNMxm3z&ae)o1We69lq@VQ<ZX(|Ji8@hoN%s2GF
z&jv)2P?b}SXO^#fGzK-AAwt@5jV(bv78*g28%cJxmkxg2MBG^9<bn#fLYD9{`mt7i
zN`nyMA9%?zOeXg%z18;yo8N7!;2UWV#*0n<n%4)QPG=eI83fWZ&d4GfTtDYAoF%=5
zAu3zzRv=AGQbwe_kQkB!3Sjm8nXQO)3qcXDs_80{xfquicnQ5na*R^ds7E)+GQMA|
zqKFb8{xN`}pb{XNsTa?Rs7WfAE?e7Dv}FN!T!i>f%WZnU77OrPgkD{EQBK6&aE!)$
z^|Zxm`Kq!%*GloU)f*fK8{o?1U6=J1PShV(Pb<@^`sM9&&MG{ZrsO4vLD+|B!$IgT
zpYy0bV#;b$COBbHb85m>aYeSuzBJH3ji|LtWIdb*Iu>=URy9iW4s0@h7DfSX*sQ9O
zfLZ~YBAs>0V&~g5NvkV%yVELFVZ&y?pZpliVNj61rUXV5`Ko<FSj)^S{cv($_vTIt
zB{>BUAffwl)I{`pKj`9c4o@maC~xG!%!|U>!-1d<&pEqcGKO=}QD+71T7|uD(CkFj
zS_cz~A?+CGVjC7zTP2ub*1`09n!zz)#TxmF3p~$5v9=|9P)JkPWZuIz@llc8jbJY6
z^3w?S;=E8k(S{W}DqXL86XWggXXj};)y<V<MM3Y%lz!ovl#)0%*IV4<B~Ka2aX}ej
zmVjwi1-+;2Z4a&I8a}!-BDzaM*>=prNbc=LotMv1>9|F7#thd8KGDL|O`0Vbuj5<J
zbjUg5a|>cU5k3x&IZp(Dg(I$hf35yt^rvMeIVnSw17m0=Wdrc?3C!dP6CC<<cDY%<
zMV+iT#MloaIskKu(vPVh`+h|_rgDw`L&wv?!7qWS>s8eC<luTpCj1yX;yfGmdmxiX
z^;annY)M(4pb1o-mC_woM5`FNj^yCp+hH}~?v6YMek=OO6qE%4zn@X7axTBs{AaEE
zN+-I<qw3XV<d-ZCwE?sOB2+~%s>Ty~n_phdyUFH1*Qpdsj@60J6HYVBpBCS~%*@Q=
zGc)C8{TVm$m-Ge#m!jkIS%Z&W`p!wLq^?sR#Ld*e9pa{jLv&Zq#a=~I8SJfZlL@*I
z$|NLW;^Oi;-@Lil*7*ieRJ>u78P%O8OmgCMk;$YUdwSDwho0WO{F&LEYy5xtc;ut)
z{o~Uy9Q4PZePEiAF=C6o%<T4YLe1y);2*!WzBjjGvb|}7Jy&}8>wSVTob0(9A9ai0
z@k*X{M&=jtpo~tzGVt*IMTUTc_BR{hJM~=aUyV*>bsq^G6}K#qS)@KthEHp6_~*EE
z)>dAv*IF+swW2mLs&(~zH2J$)b*e3?Z(Th)(In=qm;0Ko$s2^tTc}sb_y}pBE1dqq
z=DEvR!&Zt7TAD|6l4N*Lbw{_H+hZ<f>SRKGD(v|`v~tKwr7u6}^TpzBs9sFR1CNZa
zNDwupPF!C0kX$sJ)~<2s_O4(tqCiTW5PS4!rQZjPM=0g-%Es$Bu0lVh%!;BoGJL1h
zB7v^;T2^O7CUcP*74wfc)CNggWS|zuIaLTAj&4WTpN^er)$4rI*fF0;;I=6YlUeVq
z%4`5jm*xHPC^wYdXTW%ng9SFHI0;VmDBs`ooviVGjF;mj{j3s4N5m+~vWUv9D6XZI
z+EmI9CH#-|R(AYMG=)$7TuR*82X-IT<BZM^Ju$~`?Y!;*FZIMSGi26N8$|Jgc;qLF
zyy(Y|y2bB!B}I5VbRiEaaikx|NoDZKCsh;F6GzLyPW@M-Q(4{ji?Nq<ups>?Ela>P
zOpXX0Gxp!NB%Kot@1b<9OB!w9dT#>B0TUH(ya}`M+Odjrbi8nJ$z1Aor@0S`|DW9M
zCT}mnF@&Hd(bPB!(GqMp;k`Q(VM!XYmzO!vdTHd5Z+XOa=(@GJ26t!$0}!HfDF~-U
z-QO=pMBns^D)}<Xo1EX<Y6$`om(^W<HD1D8gFjp8Q7=&-Yo?8FxwpQ#pxPgyb{+wR
zP!VGb>OA&o9-De4QNS1Z%UN@F{Js4qx&=#+#7V6$a-_KbnO>z@0s~ERT(Gy#6}he;
zZAv`aapD<z-IBoAUepX^DHs?XfNq1VuTK!+A2mMKZdyMp0Ri;AaV?ES`!mtat9sL1
z-Mp5@>}VrmWXA$ol96^@=cI_+Ae8D!d*0I->h>LF5%N5(^6E6tsqVI}09_V!lq7CZ
z0&hsQyUqoh5OGk+B8MZZiok1pB3dArJWe!A)zyAgmuMxr`Ss#PN{i`MD49EGeG~>q
zIRvg(luAYvqV)awN5iF<=%%wN>mK#Mc@f2aNMRKqMdJX=r$>=~N2{X~Vn?zaIW;if
z@0H*F2;(?%W&`EAceCr!Qy&{Fv-PKvzxnFl&TXSTYUr^JXoZrRh)!~pSBev&HD<I(
zDv0hCdi><OA3o8=U3OP~IeWv1U_SZr2hFB;8TB==3>g)6IT{4*S0K~T*c@`*o{ajl
zQ;<u)S90E)%rjF@Oi><ifPNJ=byDHx+^HuXP~F*0I(GnflM$>LtACHL@;5hkxAAxS
zBg!|MTtafOR1AhyP$$CNrHzMPc|`kOIi*c`+P}y%1=1AZz&L3EL<rfWf-^WRkbZZ|
ztOv|2#rAF5?XZ!XjrpUzQQ|D+*78#%T{nZ(>N~Oqx1V%JOWew<l}d#+!tc&fPTP1I
z7)7bkF4qgyDU;M+YckmZbT!u9*Vk+PdM601Puq&5L7-n}4FQ3_O$qab;&sa`?Cb=s
za<%&TdP@ati&<%}JmPw|HHpE)l;SP?^HB|i**t%d5sKTp9pOA+=0ldM*9<I$WIJos
zt@&zomH*Eh_MQKZm+L%a0(xlT)fwf?AjD=Fl^dh63=h2w1QKuqajS9$TJfoWn5UI{
zQAC^P*q3f;BAgRe_P`9y9FC6ydq0(0JfTx}r@iO$Ru=#A_V%i_w{^$th%@LJ1THcF
zu=b<@mTtPZmWEC|gYEqKQnBrsY`9rNdDwzXsMQabcI(V1yPfB|-p7ug(hIJjF^mCX
ztVkDhlk@P7cIt0$i^m+vH@gLt59LVhoZj_zqTo~j<W<Zu_wZPu6Hkw2H`Vp}M4s19
z^6hQhNSP0fc`zqklEtbq(tGpfw;GM(i<{qsRf-khE^Oai0~_*WqgY=fW~*^zK|>{+
zJm9bA<HS;uJK@Ien-XU{`zOErM9q5@1OxkJI)pi;%=ol(0F;ZKwQ-q=oj=;I6Euxk
z(c!dx-J|uIJ?h#T$?k~XuN;dC7vk5g8DAMn$n|<4A=}$J@hDnhFCGyW6aCPA<BTES
z)@{}M8QjDjuE2Bzvl=QL$VY20WMXOm9CGZ#DZ08`tvVW+QK9a8ikvvEqqy)&F9Mb(
z^YdEJ9fmrjJ4p`^#~%(@{rRZ}Y^+7lW@)r1a>6>%dWv21;V?bcVG?go0uDUoj~*4T
zCBf|JLF#twIA!R=u{r(Nhz_?et>2h|EBauBqYUCOOY++DQXdR-43*a3yQcypry~QQ
z5$cIR;fo5WV4(s-#JHB3-P6ZEAg95rrkFLyIN_u7Rf#FzdQ>Mo(~iLDN==zzLHah~
z)key&sj1Nz3a?%jQCIgdcs1Qxw(bc|HhH!5%!)F=DSSewct%HGaUyb$H+^oerhdL4
z7`;@6u4NzHvp@&hq7At;vI~YP=6#(ocTv^C@qnWdH`MS28IXxo!cM3Ak8Vio^_kP)
z|4Rudv2jyp4}oyES{(_>B}<5b#D8V`)N{)I5fM#l`bd(j8yh05c0xms+?l7*9qF+;
z-SH1~R+4HnrPXd>A9t@M>m7NO#&kpQ(v);WN)oBm9F6A@m&b0hP1$#w3_!|-ZZwb#
z58CU<Q2tFmHklkI0J5-W+Pdh#ckC>>fH{KDx;uimw;fIw_ecitf-(RVlg0z(j$7T4
zlN+iaiO6C-;!Z6PvToopVWw~l{0r3qKZM^8Y>gxXdnrUdj&FJUlj%;SozOxouK_m8
zPa{b}DNIxdsEtJV9&xxwFY-(*&##)i$-)c>VT!O1#PZ%A^Gj^UC3oh>9<ZNq`#e#h
zI{?yc4HkL;$+_KS?S$pL+HV>lHp%x5U2yKRp@<^-cSe`V=l`{ECWMS4E4Y4|NmsN$
zP=b|rdm{q;=T^T6fsDNoC4()iy*x9SpAlC>+ms8oO$}O|Qp5X|QWyEPF_gtr0JdaJ
zh#oP{V^kfcO<7b-Oj{%Kt-yn}-Z2{*9cnnIIngFQH1%N3{Y}@`>XD?DMpAmajch-v
zt_;^w<1q8|d)G9%#V(~?k?gB~C3VBZ{e3WHNyVUkDvwYbA(3=gIi;YennFmBS~3ZR
zGHhkq&LOy@KcYw}?s7K^&|H3dv-y^>%2zXmniiNMKJI70qD7e(0~<`yoka5mh+3|G
z#wh#ghVtS_-)p>C@Mrtw+f9Bcy}0CG@>NLL{WgMt9-P?WSY=}Nbc<f*#t2LpS*~DH
z)9wS*a9mF;(D``;ctdolC`b*Xi!PYzPW>D5h)(O@ce*<(12ClpC1T9druuvL6)sq9
zTegkOO6#B?nC_(}AQfA3=|&%DVPXgF=#vKDZ?@He($U*xYi2p}boh>u%KeXKez*lO
ziI)QkSfK^^o{<JCqahzykhjF~by?3(uFxt8Cn*t*Gy&kk5yMENompZp620{vP`<0}
z`R=FiVKP@fb1F;vNzsIRN8tlBe!VX8@>e)aSzm0(5!}9cQQTaSPrP0`AyHpZK>35T
z?yjD`d9g<XAI{36O``#Q-fO%nOUPkqHMx6?Ln+{xWtmgaFs>1g7%JdP0Q$e1Zgr0V
z9b6c7QrOH^zkGgk1N`O7%U3rdF$%Or4qZ^zDahag+c>=8vwMxkIx(GR#8OiS&U_~o
z9>rC?h|+woFRBCV_$M8OFXV>@|HMl(T!r3NSX#(~UPUjGmh`mg$W7!m(p$65i2XPJ
zpMTs{o^!2^DD>dMqGe?vjU=-&p?tiYRQ(-K5(6&tuRy*JU)Yd_6?9`OuucG&F$m+1
zVgX9|!!E2M%ukrugg+d>@$tR6cN`@2xTZr;l%dN42~z~*K6Lv*KK;G+<J?^Hv~@@}
zH5D;ig<WrGNm0|h7ZFW=N9=ib?LPDB^<EpWIj|k=Fy!a<buJk05sg2=8IvT}DhM*F
z!rZlo4M)^)t;yjN#xyjT0cy6wS7R#F5ixlm`2H953u9ysz}aIR%F5EqoHll4T$#Ae
zFip`n`s)w>T<BITjwlHVh|Q2z(BR<f{ja0uI9Yk~^3BEd&9&4*UF9!dQVYc(ldOWG
z$&94mst4}AAY|{{_rSr*+PlF5vK}XNQ70_m;Yeb8$K3J&!L+ZbX^sPOgICmLY;tK6
zJARGTx1_G>_ELIxUDW@5mtQem=}}EfI6s8q!4cuX$vyX(>LQH89JAT2$N63GkN)Hi
zsRrHtrPNgb%Zwwo46>*OktX2C$c6i?RsWr%IE3$S=?gC1A`};vh87kohcWp9go_t4
zjs*T(oL%#`zJ*bm(I^>P6AH9yW$Ka!NB9@VW4rf=9yiWggrHZOgh0BN&~4T^ZSFyx
z{T{3LV=+fwHTuO6F&`#pb6}-%XKSUdR?Z)SmAYDW`lI+VoIj&U%LX)jgTSW0a=sJT
z87Z1`9Zv2uZ=E>plC%hQ!7uj>o#@1&(<fr?I3C@)sDqZcq$KyNhgKd_7ZFbn+*zaE
zM~z35SRxTkL<<t6n>e*y6RLZYowe|FRFB_qs!60_LllwaEYb`ze9#11-i+fH$G7-$
zT{{5ThYs)z>0!Kh-?p81%S<9oAUba5+CJeTsp<?LT;_RMAzgZR?z;CLzICdcpCWFc
zg5Ewj8LI^7SVG`4f;;PEvPf*O=cz8HiCuxv4$x1#tM^%qmL8Ovk;S5{Q55UiS51tI
z-?OZKtMoczF<}#g_|Hm$fZ)dnWY%~OAD>6iD<uQ*nn;h2$r9qxc^n=w<PQTTXtm3p
zN~Kh=Af@3~>1Y$@ep+*Y^SW*feTWD2+TZtwrd(Y~(F~48)bG(3a~kE8fFx4-ou_$>
z57z=S-e*C_YRb`r2`oxu32sl6q*Yqdb+Sq@yZHP4hS4#!o<Jr?YMJ7q*O!&HPXU4l
ziRsZahn!eo@ue9(SME2W@qs?#>-4vx2s5O=gYRS9p?27>ySBG>%LSk#7z1=%3WkZQ
zZ2s$wHA*k+`qCPMwje&Wz_nnQa>m<1DL}^&@42qUz%6Q2p_<f;u=D}GA{x?th#R_>
zCay7*ygZ(dLbnM8od%bxzA5Tk7maSG6H4HnuN!($Mh1|Of?8&PEC#c<-vJQTBE48j
z$}_`Q^t*0ZPI;jt;vy-4ZSzr(4OpfD@!;om{!-N8?zMx=+qAuS&|yYH`v5SIIEf+}
z9g3KLu*2+6^aWXhOMEZw>;RRtYpP(=9~^S(B>h2i7TWSWY7nnoBiBB6rzO8ne*ESW
zmPykCz7gW2vl`9H`4gl_1t|E+V9S<9JRh*m_Tp!s{^=gp&R;&h&r{T8j7+chR{>k(
zX`N*kn49aGo{!rts7m>@rh;6&ym?)3Kt8^>eJx2yKBysdiKO{BaKaS%BhdCg(;dt?
zHrRdIB-%V{@-b>-DS^%_uRvOmBP8&-b^hzcOPX=ko9k`&?!lp_Dc|UxgJ-`c{2Y=;
zfKVhIzvLqiJo~+z9uCV4viya*OZr@qPLt47y78m~+Ti+qgy6pxozATs++2~c5;6tK
zf;Qu2MVl}DXl~`?`X74bj>$8a$+wNtiVkHs<Fm-rh7&!>w>^s2q7#xSu(`Xw7R<62
zfX3m!_#6M#rhEsp4m7=JA+ffg`Y^0AWPT15s5Hg2iM3}Kmmbw)mTe|IBL=ibx}-+v
zH9-->H>PMfXBgm~g$sCnuzj<QEl8LNw=YC^mKR$(7ZNK8*o=$Um$%O^O8x@NNwToa
zX+f77uV`v%ggUyz9vxWgbIGH*eg4H=^Ouix3VdX}zPrBsjm~D`mExSyQSa9sZ-cJp
zp<$)+QTfVfY&nd#p($jY(fgESNISOiZD$^!v<3LhZ?<VWACYcpW_%E~{Sc!-QAE&I
zWk%eW$$b|xac(qagKm;UL6iq|EKqvg)z45fHlwAmU%J@>oPW33)YrEc^=}ezgZD=b
zr9&x+Y(*uL=4;1L<L)6YQnKKh6oATzKw$$h-scd1cL_ZG=FJ|WvtEULr?rfIQkFcB
zNdb`r{r;rW>IU$TV@W14rk&ycQ@KJ<f_omz!%JZ|YN2mnuzk)U{Plvi5RJA7iYff8
z8&b*u9)z%{YB+AMWBVegMGWT1OAMxK;1{Je&5og#ov~0zma#iY6GhO9R6Dgc**<{K
z1fG6TZ-kQ+UKJWT@&O@NB+UrtPFRh3m0w*}xdbw|CQ`+&ys5||yCGqn$8*3%L$D#E
zEcN0-A~)UlEkKWnzJDoCixXRuojdeKpO&8V-VAW*(VM&A$XN8o@_D{d1>c@LtLrkB
z*d`?#W9tegmdd`s1rP6-%SVSuBxyGoIm7k1=OpjfDMi3^TrDjLbR+dAnbq$5yRQl3
z)K6$Z8iB?f(1~W^b?<;J_Qem#kR*LlmR*<|MUsQCRn|qVY|D|@-W*=%FO+GOX{5!j
zG=VnW(9f|1y&2OabAxjcx+%-JCeY*6q%z<dgE#1<&;Im}yVO?prQs;5AyhDgZCglv
zSCjLWepkBP*qnGX$njNRUiH=l;@@Bt_D>8&7BTl|<Xz*qDa6q+y5oQzX_w?bS&<Q=
zKUx%%%N`LkDhk2UBUn8Z#s3TM&i3}>OHga468MIFg|fiL+%JDyp%dGinR11Q$p|hM
zO_gS3O)KH>p8oW)KEU9ajHPpMcv5rowXC3jBVsR%Lun3A`|~1CR6gGP`q^}_mpAJ*
zeBx$99fth){G;ZM-f0(`*Wz>j=*QRJ$qz?+qQU4;BkPd%hxf+z-Zl{?Gi3-53=43t
zOMLmtH-vyg!CZ;$`%PpY>Uc-{G(Amo!7xYD^>b7pE3!ZP^v|O$Y?sXhtPBJrBA?+3
z@lurrYFiHOHhxQ~@g3c<Ga>(G>(>6D3F@P8h;nNLDvzS@Zen{^$4HO+ZiJF3%P3Pa
zq`_R`e?Cq`0qdCF)DF}x8a#P>a~*zjl|K`P#T)3#2`qXNB_-`jO>EgzzsiFL;^Kz=
zmA>^Jc0(@ZZ&i&-BN^#-6Mkg<{{1fBRO64@ouYB3l0tV=w`IX~EpNr2>XG?EJLj|^
zZw5}s-)A>$5AhhIOLTYbwlTxK2atV&-Udi-&H@dt%P>>xO@*u^fG<c(cDU5kEDU$I
zm`nMQ6eR4{qm^D9m?jB?5)q$FO73fCWyOJbMtAGfj~kKTL`|_?0VAgEG12wP3u8%{
z8`nxW79+4lcB+J&$5WNz=`rcXM?h;@;bNtu<sm~z%}>7g0k|LdnXc1i3QN(cT;2d%
zBMf4Kswp%`aR*SkRpv(tDh~%@^ff2r?58^L%!7PrFoU=3%f!(GV7~|R1(K?fmR0+G
znVmca-E4!D!3$ZvxptmN#y)H@t^U<{m*~uEzQ4PDd3XDNi<_G(cJ%79xVr{rygQ$J
z8IEJe#@mvNM>fFirKG5ltxjKXq$w6t6_uLT)Lyn?bYMR!lb6x=0$~)?mKV!;JVLhZ
zIrG%Hx%UWf3MeHe$P{8|mDF=cZj-y(a;0Nt-M{lNJNIbyntA|`(Qur0jK{HaKX|U%
z5Ur!@>f%L?z+@rFdKFFxzE7AYo=@p|MPdPQkNJC#nvpTc1j`U>@u(3{@i5gubfDhE
zWW0TFUEZjt-pUIK`(9j@#Le`l1E)_Y&=dUq5H<tuD=+9TPihHOQroN96Me_eflu?e
zTe_4|P0wf&EJqq3Mbv`=<nK~0MgAPKOUAs;f2}WGZ=?uOrdAeISe8Br*Hw`O*b9T}
zQ*PfK7fOs)tCtvXKm&i#s>XT{zj<M~SiV(eHZTZ;LG5z;oSe^+@I{08@=zVV{%GfY
z?Us$T@JK&zlAYU4qF3lH{`%rseO+(Z4V052gIFSfh@+a`co6x{U8jC0v~OrGuWFng
zs`@86eJ?7{Z!$yhjmeB}kuOBn&=Q{CMs~>lBIGz)vE~IU`-7N+wOUyLe_$3(gw6sn
zQg&skz!#<b#jRuZO>?<kmlv;YE~^0_*XPu(BuK$Oh)A;}yeddY#0e{2<HfuZlH9pV
zhilD^v4}c;z~F9?Um8|%4e=KS$=aS4nUO?1jQ{U;lYY#r%ij_^M44+ClgS*$9&OO6
z=?q{J?pizF7c^+$1z`S31m-{L-&!oboo~!nA@e%0;M}vi1#Q@^i@LaF&%>&wG(M~_
z42b{2!Clc)oN8HLXn{EFV>^4Px=zl4dk*<uz7k_0s4id06zNSvj|CvZy&{Q9=ijmf
zvhXq;G_#ghksh1B`S$u&-WW-L&6Ib>4L(;AK5?Cqdloa+cEt~ypK(Z*O9I#d@LQoa
zq;Te^DnR0F>^z^4n4|3%eP~&7K(bx1ZB20$wM(@c=ybKZ*@_ny!*%;qow2RTGk;N#
zE!zZ1rdWqfgpb1z^2&-ZcZsc%YoYkwpZ()g9j_h;`=Rx^{gAU4XRrPFaj<i!UJvov
zMii?75+g>vu)@#oJIF)MN7;mQW)mK`{^GHLx&VbKNz@O)kj59iqbc8aQp&N8@zsT`
zhnV_|n~kKh)2}`TYc{MCgmhDJh{m@(#zH5LgS?X!c)lWv?<ivlp_=~e+Pv%CT~$Z(
zEb`7n&l~%#jv*G9#yYU!BrwuIdlxxe#~``5ia*pr>fDzU7U)|kB(^EN%12O|S1Soo
z^xQ-<s~3c+HZWG+3k!v8Oe~Gs5*pEjH02d00-ua+ruPD$I`YkBS|^EAmjz*7q*BMw
zi+z2wFj7f!zkPn>8$Hi2vJ_)HMEU@%+{&LYQ1PR>AHJ6ORZb#;sKY5W6q3P}dgykj
zi(h|aFG=VH(_xqU4bEQ-V<tQnTgIHJ*YEBYPX}F{QC(^1Y|=6=pazawcU9&%(m`X(
zc>|(ksMFxEv|%^thn&PA0i8Ie(3HMZ5}@v`cQ0a)?j32%yr(Y;eL9ViC=lkJm(bw0
zKQBl6>A^G$2~X9iY$j_YRPKEEEj)r<3qaa*O*+zS|NIS3)1O%zb>q#sB4yH`AJ0V!
zTghZqiG+;h!79v~cWP!FIkgJfOVSb|q=yZ<%fYEFPzI#nCI*GA*T3W&H`(TT&k5Hq
zX8Oj_Q%YtdGTCFKMrx!$c8O299cgW()L@~wf;f50UbklVIAt&;-P6-L&&wzifFpfz
z>rv`oH1OO-&%`MwB;Ukgl~zfCi>QusNZxvW{w@a8vggkESo^!CuDcB7B_KvaqjWlr
z`J91PO;c8%Ej2dS^&YVf^M1JT$4722=U}qlJ3DPPH}G`o?#gKI^Ij)3oZx8C6+D_W
z$0adiRd0`QQYq2Mz^1;oemb&q-C>g(?F`UO)mN)CXdNqu-qW^}a8?=lc1y<1RDb}g
zQh;b#0mde6ZJaHp!|yfalL&s|H}Z?1Y;dKM8&BL{6Ouc(Qae2yT{iFF7{AeLq1k!P
za_pIOL)15MI`SrHiX0+FTgg(1Hmd7LFL#Xmhycd$wFkXNHSt|KlagNmn3pfb0#n&D
z$5c!v9w8mshMyoYNe&1Z4NaI5T)>kaV^=gB#F_g>hm)ptQ_rqiIC@}^TD?Bf%B`XC
zVkqyWWp75i*o^Q4e0lV?&;Fqlv@4+*?c<my_}~b!(YlIs0OFP?7iyj?52KTUPVsX{
z_p(O!)8JVNl7wLHDMi3>#F9)j_<N1zk#zJlE5!1l!)fHzO+|QO$hebT+E`Z6_Yh34
zeT$DT3rcWhNc%~4!Q~gU?~|8IIo0{0n9`gohCB~b;JHv?$u?2y+T*PM{<^H;@PGN(
zdE%AXyIC$#+*oG~U*2t>i|i($1dy0ivM?x8<J;X<VFN^e7j~E_M-a~#4-o#L&=;kW
zoTCio`Rk8Vmi%?#|MxF%qFQ1yS$9do_o#V1PsUq9fk2(c<O}lkjx)(q!_P4fZchSy
z)qa6@nKT8u`8dVof~!0Ho&A)s@zdLiE_t0)=|&UjXpApL7>cEikS`c?Kk$01kmlgT
zRjm7M%<J{VDgNxb$T2&422B_xi&AGaM*t7h*{v64`Q%~wsy=3XvY;#QhuUZBI?D*)
zL?Iqs0b>(p+TYM>T$#<}u)g6o#RNyE#l!0~rCsAleAcU#%~+X*(c{>($arO#<(PJU
z2L3W)LSv%<_c3l1ZC3Kz8?_cc|H%C^m|WuiWWv09l|zmfI!H0BnkdZEFbHzI?}STm
zBad&9x4iYr%uz8P`9jhI7n41wG9X4ePD<%UlWz}%O(%Z*LO-g21CqHD@=CnKFCmcS
z(X|QN8qV8S>8oauoxuUP38nKFFK@+fgn^v;CZH!8D357D2vrV&T$~}2cAZ2yKfbWc
z#%pp^l_d1)Bu~h>lR_^3KL3rkS_3*?&`Y`*+Ewh)!qU%ag*?fglG>AnvA^vy`T6m~
zu>h+CzKV$uCP6KCT&s(Y;UrAIA!zeey)8{>`TwiB1dvmMeL+sXa-EP%Q`BI&+4PRs
zhC$#SVrzAdC*^`v^xqPO+zk1Z-YD^V<@#z5?S3i7ndW5;c_hA<lOsJd)XSTe86}R<
zK)IL&0In3FpQkk$%l&gO=9$}Rq0oSLL@l3R`>6y{+={6A9Nxg-LJ_(q(wMva`+`Ua
ze?X#@C3s+@zE_b)t2qS7<Q_{4)?U*m#Sj@rtS@QOa7ntOAQ858BW>eiR!NWw)kdo!
zteOPsA8Yb|IqkQ9lYhHdkL{iFW8Hj7Kg^!|iaSyT*frXL5P;L2#M|;6zw5GZ`a5-_
zTJZ_yx3-2Fe13N5lAn09A+B&qr0MrKc46giX8b@g*cm2v^8YtUOli}-vXnAG94l0L
zl1x&vwGvKu3qI)sd1$3RY_j%geG~#cc9T^pwCP90MnK@wU>IkZG~gg?C=yF4ZJ;7U
zHrfWtL<3u|KkT)3Q6JFw=3OzP)AxEQs2kpr=E3IEQn&QUL67PGN)|7hFBd*=ZK=|E
zM-u1QO+HpkA9R>idDBz@&a&LA42^hZ3OGLq@OPqooI(ngwPSyDfsHgwvDm!;v0Z?W
zkKasHpbsK^d$++Sas4mI)?>0!fz^PqXJl;FKp*;8)EF!<c6;dqYk!YeI|f_Y8ZjBa
zSQEyi1dOc(BhIkDtN9q%O4a;jUeX6%)Vd<3qfSB^Aig#-7&^0V_)_EbmXXPN%cy&=
zt0d4UNCtc=C1*rRar#LmfvQ9U9`#g>3^AWR;u7{oE227&AdXo1`$3UJXAP><$zlu&
zaA5_~erS_sojGQb?=eTe!=~)qg2oK&vV$L@ZCOL%1?e={I#dTP%D&&TI&i|`c)clh
zaBXl#`EZVi#9PUx!&TTCxd5mQ`N%t4n>}jDfCzT1-rvR82j|8fik)GqaV~qC+2}L3
zb&-6loJy6*&>f-)2i-{+I-G`y*0@9f(fmq&2<spZl;7YOfEM8b^2iLueWcDDz4C}Y
zmX>fk-&>4nT0X~xTEE!v)5yQ&mkVjFbJ=LBwjq1oPs-GfeL#IZc+vExgRg}<5@HRh
zvQA2HCrx9+bP~KE)cj_9VIcvgqah>{k*e&~H7UzJMWi_Ydj7e6e)&Ro%R*J@Zi$Pp
zW#F_C?z~WPuQZx&JyB2jcgJ&w`_{ch`MqwJ3IVo@h#%F%Kz~&sovms-v3g}6SB92`
z)mclU8;<PMQPG+;BmO~ZQHkJ@277$e;T%~a+)YvGiX?|KA5iR|F!iU+8(D;yI(wjj
zSp`xKY3UVFSctF6&+uN_OBy0%^=vdp172M@rIRH?LAYPK0;|-?)r1&yk>?a75RT@T
zuRj`ZV@rI)x0`Uh^?opZrd#Ar+B35vC9jA&(HcriQ)!OdQqqAfb}_jAUB`ai51K1N
zqZgNr8~{MgZz-gaku#bSA2dyr$b^Up-9-dT7w$bUIGdy9%G9&IOkJR?v^bd>;Fp)`
zX%9_G`ke{Vh)%S%6r7&Cae#UNtWsYL_Rn}F65kJ~M)hlYr%6uA@RkGPcaY58xor1D
z&$%8zLXf-q*^sikXLrwZ?Uyl`lm(4cL5UJQ>*Oi>*8UUZ1Ut4Kc9w072~L{OWD%bU
z`G0LpdFJi|3o(eQxwxQ>flMF*w7Nlqc+!~<WMZN9Z{-Z@lC&iinju4Km4i99Z)Cib
z8q`%#qXPOwY@|KF$qQmY8YD987KC>uB=mqGkx|Exq9VgGhBq9T_WRW!kn#~K=pZIC
zgGq%#kJgM_Sg@A%Tf9@3D<=xckWViBS^db_<H|Ufbz##W!2cvKll;mcDE(ZzzT55U
z(jW$!)YIMqfleMt){RC-lsYfyi-Qh<K2g~YdxNuaDB|2=*h80aRdQiUAot0p&oXQD
zJPN-V%^>tl9Z|YR)jHn4Vm1xNcy`SNCWMiO;5<soc?t>=@gbZG{pJ4r{N3gg+Dl~6
ztk+Mf{3SUW{VlLU**&{$V#W=FQS(VSp-0{_lmIkMV#5{P2m1Hk|I^tZ#b3+|iYFeT
zYtI%n#%yy4xB&gBd{YWyo+drnaLYn0vtKFBs75G-6LwBNz<Ne`g2H8a<XC&bDqHet
zF)1{R+Py)vME!aj$mZ+HzlDeMf5K4%g21FH<yGo~28aiFG#I-tdjq*@x$L(zc2~f%
zqPJrlRREooR6<5g4dzaSWIn<;+8wfNT5R*1bbEFdSA7|S8o}-^C23jj(cuk15~7Pd
zWgOt%QqtF+M3`eoALMC~PZkgMRTV80ie7CYC|W>z+VBAC8<KQh2a(`tjBn`=*v`xj
ze$5+wsmuY|N_?{RDO4uSP35}P4Xu4J3!)O&zhMX3@*L7I$gL(5qm;B6z(n-Yl!V9<
z*fZ!hg~*<{FBFY~C%(3*E5q|evdA>4cXDQU?x-WfaUqK^%^M1JXqSp5L1=yS^3&!p
zi0gI?bIPuPOd!OI&0H0LD8O$l%M@<jug*z46DD*VyKW51JD^2A5E^90AzkdZ8S6Pd
zJ*>#uIZMK*_8z4!RDvhKPeB}@moGp8p|x6-9PQx=zT^nW_Ug%TKra<(jNky$uK*|?
zKz211%1#O&0>#!hFJ9bSuh+NFC38YxaPljPtMct_`}<cU6+OMpZ|6~v{NaPf>mM}!
zU+XvBXiOr9bW=aO+#*{qD&7f=)i?#1QVLK@f!*eg^60J+oyi2<A0`2RSji1V6qbEI
z*_7=JB`wE=NTGdlaommMN>K+?m!I8%zU2Pqez;U{vTKHNei*aDaZrZ{GY_zLs=)9$
zD!H`ZyvM3q5s8avkn%t_KlxE9u#;I*)Hy`iraZvcWUBZ5&K$K2zKg5L_s9{&=R`|&
zNe^v#%-n+kc$n-YAYo|=oDfaL$p6zikJ_D``wvtS728Z7isTS$F;+gdeN{s$%b7ky
z9p$Z)%z)L6_cH;Dp5%o<BH1z1==al(cS6zccoN^`|MP|e{H-7@2my${Mm(S``q}8*
zhgaO~o8dG4$sc(0ArwL;9+1*r1+SL`$DX>hW-Q%BM6x2xuFeo8&i-Ab;%e1$zNLHh
zXt#PM?4c8aR(n<sv05pIkW21%n8a!YlaN2%SzLXmP7YN|r(WXfB{hL2fxbscT*0xK
zlb64*O>PgiEPW?tNV5sa@{PipHV2gy6<h9R3G#P0fp}ELZuiseu*$)qaBazh+*jG0
zT_l$vp!snIh8zHf0^4CXv1RNJ5hfiIRWb)DYO1L{28nXsXu4fcBaRXpM{!d)Gp@&(
za6<3Af^$4sl9{KIZ8u_y{P-A);Lazt1VKu92nKBt;Tb>bd_KzR3?u~S&QN|izdV+;
z{d~R6oBCZcIH)KRABsndENXE;_uR3aEpLzkuh;#6-<_(419b1AzT@QtKMSlJfN=pm
zkEw8(r$xJ*GSqjskV(9E9s9jLN^C+&DdOM5!H<0L=%R!CAAMk??)Ps$MQtB3pP5=l
zbynO{?lXacge5TWsK!H!107>J0jHclR94t3RDV+{j$1{KKw?}{>x%=I{$ludycj5O
z>2FTSPkX&xr;eSg{&o)erA*5XN=q(G@OPSY$gZoDB^F{Kx$u_YGQqtjjXS|Tm*Oa{
zoMQ;Gv2m)%!6P{_8puiFKE@^nq}ea3G^T`cVCq;Yz3Wez{qRF5%1Nh+fdDa(fgBEC
zSh`bDJrYDR;d3nLKoDW7C@>EM27WcgQ$dsv7$=Q^P==h)F=d^91c!3Kb4pRkhX@Sq
zqys7gT@LtA@VpaFd2hR@O>R$UM*z?}6{`ePDgkV+YASJW-dq5%epd_8@BPNe=Ms#b
zJ(xU2i{g~7Y*_Aim6`^VbeKH#&ezs@MF`Gz9jW4Pt|gZ)>k7DpA<}y+W#T}tH~1@Y
zi*;AqLvoa-WVCcUc}^q2^wufuFCPnnwMB8g5PeX{!Wau;Y?bMk`Sm5{>foN$>dAIn
zZ*G59@Ykn2CG1*Ta4m4jVLvZfXSsibxgwtZZgp9EtoW!vD+Cv@qWTX4>aO;=Ek`<l
ze$VT#oKlV<{WV$UUlGLt4$Y*xA!|eH;3FF80hSM}LK<<ZL_@aM9O3A50(2rkyt;)%
z8YkQHFGH>*1q!`7)-_%;kua2FCcu~1Nldg#%DY)hr5DR`{#a|(ty84)24*N1oLoyO
ztX2fVFi>NF1A`#%OZ04b!ylWxI=^|Vyx_7%7^DfwQ(~t&J<2W8@6LCn!(Y;T`i>gp
zlq4da!LuOuO4`OdNYi&Nq4#Pg`@F&~I>jD=p#Wq_6c<?~IQgVRzgtn;a;-&Y_ekLy
z1-aa$Xjw--dH`l2ty@4Lc=wYUWJw{zB$?&=pMUz{=btXVeDcFjKmYjkdVK-R^zBTE
z_~##u?`&76E0!?f_=d#2N!dItVaZ>kDY9hd!{(hph;7VJ5Uz4CWWJLh!(d@5u|g>o
z5e);px+)_@3>=3nsyNW?#dk_3yDMsug!>dl$xkJbNUFH*wo=~Ts@ATks}1W<m=bcc
zH_Mh-L)R%OFnLVaE%V~IBDsa=uI-fcr+3L2+}hYp2G+oal%JF(Jx6D<7TO3OSehCA
zgR3O+!TAx;i{%L4$Q(XfxL4@2lPJT8XcYm54%it5sQiyy%r+8hmwB><k36`!DC}Uc
zbx0Edz>>hL0<)?aWXjDw*jl0J7%A>JFUPG^&|z+5Uca6B9XLQO^XNEFU=BQS(EP<{
ziAg*q$(FQ}OcGB!0vHCwq`@5qIyuQjS>zE$&YpnSBX9l^M+m@t6<v`U=>(`XKW$Q<
zaHImJj$JorIxV8%KY$5RoVCLdmG8ybu7mHGaNbhA5Yorw6>W^sp$ibb#Jxf#QEO^F
z)J-c2(77n`Aia7d@&u{$N~SRbkinfm?MjmzXr!^NS2V00X;eFe3rl~iDlv7KC4#RH
z;SX>p)u|il6DI5e;p*FMpB0d4Frmu`uOPTn$a8sVOI=4~)O@7x-36R=pUwKqonN_Y
z5><zEa*D`EBLP`*QlzxgowZ}W%)xd|=N6o`Cs(C0Sn=J0QwBM?)Wjez3IOsenuif*
z%*A!uUOjQJt{CY-gT-q*6X6bn6s+j1!S5GSn#B+Y-rXaY(h5m<B*Zw4T^<^;ZrW<a
zmlkp>pi(H!D?#W^JOS}bcY;KGqs{etVG);l(m7$FdqrzbG`h^DJT5cZc@^}EO){Xi
zDaGkbl(!=oJE1gi(gTebq8QVoFC|y2cG;QpcJAYeq?Y?hIn6eil-4LANV?<SCB<Gn
zj%^{$JPmyL$rCwIda6{y3W%f#H4+{@nzqyB2U9}&YIRrJ&3029ptz=k6!~rttCf9{
zyiS~>HqXCfHM>4hz0HnZPP%>8qGX~iVX>ldXS5!o_f$J3uC`-3=`3|wvF<DUo0$W8
zUM9eC#$jEh0Bp8j;i?s2V#?_N*XwR(eFcMCl_Lhy`Jg&kmbS_j!zcv^w5&kWqoF2+
zX>CiO+natA>~>!y(Y;Qk%Kl3D$Q410StoVhe9vTpK}sJ9@~Nr-WP0%m2#Q&I&ro`Q
zsOu)7_Ef+)*($eV{8$8CYjy4;ws8n(z!oO7c!G36ZUwwF7RX$;g|fxJi|spN3EJs*
zhr%I4$jPLW1(n@~=0qhuI5?SbX<>)DRG4Ebm;7K{`rh%HR;8j%N?4HMn@VuAl9rlJ
z7ceR8-`nS;zk8h0+?hnu#JHvru4F@sR2c}^vZI<9HhIY5x;v))&2pXq)X5BJ1+?dc
zs%3aC^NVb%UH2%z$TyzqkWYBIM;!<~jfs3l)J6=HP+4dl&xi|FMM~F$oF*HdA5hso
z%LR2TqarOCai^$|Xg;f`?5q*as9#-7z5(x<HheWTb5uD?KfcjB7I>e$pyPiX<qX*=
z35H~lpnrP_-G^#2I9gsi_ezQwy4RgXT!N8c;*zd^UP&`?zN7m3&^6@BZ5F<3E4bKR
z#?aDtHzRth$lqIvgjT@l^YbhXXkS>`REqr+$<rqg4J|_D?S(X?1~AH29WPVlX)muD
z&onVeR23yuP}_;e*(b-j<jezep^b#8Os8=sY=U;IHP8n!rHc?#hU;MN#*ruUm@RR<
zX8yR4=IEzXeS`##JjxFb92XX<BiR#=i+j`^7r?)<ddO@=De_7|sX2IDcE5dH-^NtB
z6SfX*o1{slHrHWnFQtp5KyAN#6+YoN9f8s3F7j=8c_~UnSO-B&xl91iJ#8U5W%6Eo
zz2^-mYzs}<3CD3iZ=xF<fa*a&H8w@G($Zb8xLspJz&F?tfynJfq({~+=b5H-&^v&Y
zLX0q@b5mW=1A^n;F~EKZ@ejJV#<Ppzoa~uL8B0kEW}^8inPu%-$>qJ%Y@OJ;2>MD?
z5!(zXz`<ibqB}C<?P0BA*}b`O9=ZGa{M_z?72nW!v7+di?o5f5U(@|?rPmV@gCcr-
zc4?0E^w#pJ)_M^Jx>_;iF(r0mNws{P*FZZU9)n0sqbcdkgd#uKlp`pwp$nJsYfzv`
z4U4>XUzWB+NAM8J>!x6ahv^{Yl?~Vj#PmxNt3jMbP##TrF==MN{!yHULkldHV<=BY
zxrg$igOt|}Z^@h5#aA-$bHJO-$n=DJ=jdlPzG7vlQvLAgFON*<{0BLDUw37j)7WXa
zeSyJtQMNtCg3aBvM!_yhOG_nnXNdt0pU(7DLrEB7ct@*Mx4=L&78Ta?-ObIfcQ60r
zW_#=0wWQ-X=pc88J+CpVCiayO@62Ik$&5D!5O;5JN1^}DP^jCpLSyh(BqFU=KW*N~
ziR$x;L{;5<^5rLYCLZ=P*9f4Dgd<cGn1OTw^$5L00FEeiMHbs(rq9vvTl5vZk#GGh
zEJFTI-zzQ3cyEkJ8-Wd;!#3$_j6z|}ORU;YX)(8<6RU|^ANS6p_0!b@_lV#@5jsSH
z&lLwY<zpc%#DNE)@@g62csKij4czkx+8a1?PkiqeLI|w~{4566s-*3ZFLk2IVmpM8
zp`$|^&`FaGgfScaEx!%<<reiEXM*StSPS|OIhzYbpbJa5@aF;R#W#9%i-kVX!*~Tn
z?FG@soC*O+r*nxOv~Z_h)pg0byuSMl#G_w<y_RWQUN<-TW!I7fvXDx*_K+WOJY}_d
zkthG6cekil?l(C(ZA+3kEhxGNnI^@Ci6mn~IfKPFu&3R=4llUCXi#cJXo}jp{H2`4
zZ#nA=8HlHhBF#}SlZ1xfjdV)Dy>MOA7-hhg7x($dQ=`0d^b)A;=IRxFRE88Z3F_-U
zz^8^Wtf8lSry@-$*LlMQK2F*1g)GIzHEF;#Tlthf3)7U{_)q<tbt8P~5Q@Y#smDQ{
zg0G=71ZZ+teP9k`A$+a7dej2hMU<Bbec4T<h&q3{UbBhEN|}4EpC#l`lK(x|Z@h5(
zmn=v3KvyKZo4{-Xt1V_WyLPxkzt~#Pon0K#ecRcmyt%pp24b~p_fF1~9flJ|qg}(X
z0o)f=K{T(90*4``3Tr4^5!=_M^1Hk!{nq`GxbLv>O-N_kpr*I6N1mXd%(-iB+uzZa
zcC3|+v^Dp~98<^A-H)~=Uzm;RO^}x{gOg~ond2$SL*qqxh6VvlYoiTvX6|d>I)qgu
z@OW!t`GW9R!R3;lyb(kXdK%KHnOxtT7!2{C$xZS)7YsR_7b_H*7|y$)y9zG?6DjM6
zIo0(vU17K4?cmoTL}o-;D2-d_%1aaX1Vn>b!@U<MJ9_0<?9m%=WcLfn56?%-QpR%O
z;80z+Pj&_2)^lJ%KH6c+tJNoWNda~n|0%C-1WB9UEBOQeai@=ogU~5Gp%thph@~Qb
zH1c<QY;;xUX+4;@Ms^lYS&o!l$>NLd&^DQ-hRo>>b`_PjFRyh?1cYS9#2qd6Q(gHd
zoP=LOc?ee=l8LyDE&c+22<<GQ{5=jDx?{DXM=rOAOb^!R=myrU+?nAIo=$w9`RGHF
z`S^92(JLAgp(6J{dg*brkLeF-ly8BV!qPx!p%<5FR2PL0WLj3Et_-dpC6s5`;jyEM
zN3h#=NTn3G=MnBskTL@es^aYFFetg{9ODY$`6lkfri<{JxdCC?c!4ydq~C5qM(|**
z^(}t)7NNTxByn;DqMY=sI`BX)(ICNaK1WPu%*Hx6gpfKo8ZMU<u9niFz`0Y8eW9h6
zrFB4Qttkhg^yTgu_@2_NIVabf*iu7p<*=mfxPV5DZ#v@Boy;A{&(>%1juZi_+l}BF
zAdfB!<R?r6n*cC?L(=gN^<%pjR=N9H7iLGbLopCd+TO{EW{H=V6nG}ISO?fbGC2C{
zM=j<%Rf*^Ka!jp9+nS)?36a%a666FOftLmgSq)9v`5o5F^sD<wIw3jc;;I&=N7iH!
zMQH|BBwCA9`M7IGd}q&`k6^!qUkM<*65l=6be*MDm6SA?Abm$tclFvi1~GrC2VYO4
z2(UWP2Fce07RegRM@&Ggk8vJT6D(;aK?J68ow*>a9*Ox+8xMa0k>?A+mB148eXS@a
z;g3GeqTlqFA2xpnKsh{}9ebWR#Y6pX$3AMkG-@Bg+vx;~wk<r0DNx*5(gD<$7BLyf
zsuDnRS06S5HLVPByIUM6+skrmjLo1a-rUyGB{d5&qSGmr>}eT*U)YAx^!jH<Ib>|S
z;S^WUbP#o6q6A>Hqyk?yEo}*feJ#mg#($B&DX1^FmaGcj`<wjhXZ=TKXvY6jZ*Eku
zP+yL}Gr?IeuCx@tfW36eT=;1JLLWbaNvkYONQR1oVZcdJ17Fm)==!%g_{E|lZs_Vu
zJm^*ll=Y=V#uVTsgMtCxP>4>nd)p~PlTTjX;XsG}h4#tR_GlWHml-{SV+Pk=Jnp5f
zcRm!So9L`b`RexKSuUYPO0Wuvb_3l(I)cE*yKAD5>F&gEnY*joS$s&Bs%<KI?2=dz
zX{B0@)rE_tFPfF~l%dyl$$7uy?%gre_PO^L)36WDqHp2@o*D4XqT=R64+CN(lrGZW
z=QHa>w?YMfdN-e+Z%OIu!XQqXkaiMdeZ0sI_gw*VydWP?`YPbBkpOqM>^33OMBl#@
zWTEa57{l610$F{f5#5+1=DGkGAFPTdta-!Wx*NCCoESL8zLHoXKRda^a6w7b@$Ljm
z{_=5itr3JjfBb(wZ@~q}?-|O`e&&!?9aH}j6an75C~YdVKjvmUo6P9gt$h_LkPc}#
z+A@n~ZdtHi(l*3E=z=Lyf5VAsE#eN(94zxXP1wsEmsBZLMKXxU`gq+SiksiWIr+tn
zVx`jxUB_X+qIA1j=^pcEjBt&ZzQ{Mfilg}{h{bb%MicG~w|qNzUl-C5yH+;UrZ{QX
zU!DksbFg^iq=SxPz%QdoJ17>`gs^M3FH$5DNM758i9!)F^1^_YJG2=Q{LBpV%}Sp!
zf#^c4*DS<mpY|Q$he!A0|NXH&1a<+SC1$$&M^=SslOsF#W9s*kj1PTvq>Bq*dd)C#
z-1zhfCSf{8RtY1P?07kTN@wKX4gJyYbm!(tm^~csBN;eUY>?(30jZbxF5;(;Mml=q
zv)tY3cB=p=4(4A7#8*isiXemxY6SGLHZ>tmiFFFiw8vT(b8sg2e5FbAtV&V?#Ii|)
z7==>4g3Dsm!{f`l?d{DAeWM7H$+m^~_GRBvypuI$I>4#tUMTP4oE@Pan(*1?=JiGX
z;%0M8PhwH%!-OKHxB>PGS|Ce>e9O@-XHb^xz~Za?4XK3jclsmBH=A4=d8NQPg;9dl
z8UV4)_w~vVpB*fFB02&lA!0LsJ=G^oSl(?ml3|4sa<h?-QVwGPlBD+r%p8n6<nZX0
zBfh?H;EvshNK6_ukBb~Do^nsw3E)!=?jlM-a!w`6!Q`HYjmj#2<%^fbBcDLJQh&dx
z{AXh8qybfbF;&#Cff!$f<lJ`Qnl^fPd-;O6;ZOWmjNo3Yn7^)@(|t0sdH$B6cJ4aM
z+!@ho)sLv<(qD8Oy>%@L?^ZM44%&x##TaH~R5e*6Xp>f7NuqzsCQQB^+Q`t{w^;@i
z8SQs2WA#u5vQ&!NCEr2+t!bpzpl!L&gma&XZ0Kk1GlMA(9j5MUnl~exa$!HqC&~20
zABwJ=fRmypJQ;z(cYWApXULFnJEL<MOTozsiyKVRbOxUTV>~UwhAKc3x}pRh+E;gk
zi%^BSwG8DmY5Ql#I^k&2p$L*S=(dd&_`3A_ETk|Y!H%{aKD?UH1e89opcb|4E?RPT
zJ)o|K7)gN#J1z~m$|Mt|QZ3XG&dEknjt4SJBWjRY3SSD%4j4)E(;3-Gv<b{<jfA04
zG^9D%<kHCI(f}(v@OIgww7t44p#(iqPv!S7Z?121tW-HmGz*eHk@I2y25o~z9U=P3
zy9G?aHVYcv(k(}%j~;6FF?cgjU`a%!k-_&Ju+b7xw4Vhxd$N1GtsR`KhoN^qKKG}l
zxnzEl=(JjW>C{-K1ISsWm7nKPXozuS(p_{!eaU*wdu=$;{hOBpXD%;YuiZ-*xcg+}
ziXDQ(`$8Lv3+HMh5N+7x<>p3;*H<g|OPBfNzVk$+pzaRFAxsRI%pk>Ofjs04j)O|7
zDqy6w4A;GqWJ&vxE}Lig?(v9m2TYUMwKdV6)optgvAhlP30jFsrY83;+X?smV|hLQ
zOUIFntdZgN{xs*pwM4xqt{KL7y32z8zdr6+4>y-guPviGep`jkkJ6sTS^`UwO5lM)
z3Xr);)GT%tiRC3(ATb$BGIDi0-A3%L9o=S^2kcoc8p=eCPfWrmZC9I|b?i>K=q_zI
zvX~jb9)jtQV?;)TDY26cbnT0yW<-7MKDpPg*LHsGpO4=@rLFtzA80>>um!Za3<|pL
z>?nf&3%<3z{rGYT?EewB3ooLm9I{;n6b5Z6bssY#tNgI3@hO}7$rnFha5G({s>=?y
z96G0*j?~d4pv48<VWfk^QCoRvtYhvJA0-L)jFL<ZWF^q5A!)Zkj2S;W%8vgZ9-d>Z
z)Y&K>cP#d!FP~ptRZpdeN%nu_@k`vTCLBLwy#65{|BUc^(z+Y|KfcU3Nm<kO35|*i
z3|#$NT`qqi7~St|^-lFXUKG*D11m(NkigQ(HxDLm*P&NOIo)%q=TG>DYEGkdh{Urg
zj(BRYh|T&jy}FYc&SQO^o6jx-f7gg`GwNlUE=6m83-p5<;g0W2Noh2KZYSR1I#GKj
zbw}Wd0nh6B)(t-zWw%b$WP={>1ytCR@h@>`UBUCNllkZGbDg5pqg;;aw!kx4=HgxR
z>qKALnzbZu5TNV{^ynk3lmGwNdlMcxt}9JjKSe+bhI_`7j(w@&2&0YDgslalY-7e~
zBw{5Ks;Vq!R*|AV_`iS8xl1e=8B1m@B-QE}tBMudUC%wsd)}kRNy*VMtbdEXMQ5WB
zJyvuC$Ucxve}ld?r@!$b;d*-Z_dDPF&yl0Qm4;)VOn9#%hG1VY3=s9W*d1g8Rzgc}
zFWM7y@n^r%5@1}?9LTcRJm5N#n~T5b?nVM%fe<%mWO0$Dnb!r*@%FO3d%+QH;+Lo?
zd4OLlgyLL?M>_tkMe$2q;m{EUaTH5IS7Ed1#4m@F(s93{KH=fJyDr4`y|{RO4L^j6
zt$crXdvkaDzqCJA2Wik)RIp||_VW4XLvQV=F5HpDA_E#v08K}Osaiqou-?!^k^MbB
zlC&mal1ieGClF?HvES6PlMvaF)%CHCU#d;%p7AW<V+~-JalxcpgxQs+#-Z<I6c#WH
z3qe-u6Jik8FQD^}Y#}P~l=N7Zl!R$wInQT|IJ>PtHp{k>!Tn<QN;xNF0aAv#3Buxx
zhvbzYHfb9Uq*Mrbb5U)!4|>7L&TJI$R4LTr>GgHuQKO&r^;osa48{f)J7_Jdy!0tL
z2@)Ua1;*xMTrJHoB-h*PwZzfg=)3LpcM?0aTg!AhCI2r1Zx!WUO^!$hu%Mk!3e4_C
zFW6|^jft8~f*L*;@!#Om<QU5E{-9HP@FH+LN)WPt%f~&EM@ls=*Yq2+#kia(@I&UM
z16vF@r(hhwJ@0aA-rOoNa+cq_wLffbD($|+lAsP~LR2pxdIm6R;7?fYAd}XrH>=hz
z*Gm{FpEQ5UXXMlsHUI+s_;I~NbVP<hR;8q(WiE6$QU*kd3hPVH=8VvuIB`*C4n26*
zO?FrkX?9sC+X~1#JF$^Uvk&RAk9c2OtC5;m+H92Sy2PwxahU}s7+AEz0w`NrP|5Ys
zBG>BF0UOrrJdPWM>ie1p)r~q;ym6b3x?~@17zY0N3Ey0)V3p(&Bo##zrP@~a6mc=0
z52t;0rXH<dOfL%>xV2BrAk6Vl5ys(&?lo}`KRm&-*R$9gfq1Oem0mlmRSVo13=AR!
z(k@OQ+47ym>D6%5P&GCI`cY=_z@NQraq>=xv&`E&6uct-!eO<x`PMPExkCa!#Wi3}
zWa~&K-pttc8zCdtGoHN~l;Za{)wLd_eTz|d3WDxIC|F)1!8*e9h$+dC*HDW+hEp?4
z@!PY^4^ootNmFBnJ>OhbQwg(=*iQ1sBT_gb3Qm@FRTCLB?fm^fIQ549h)1h;-DZU!
zg7iNBM3-l-%IBq>J#V|mQ5bIDUIWx{+Uu^$MJGM!x{~ZNeI0)Q(YDg9qO`=Lm`fUj
zWTp3S`{a9h+3`=r=33f3#zJ&+agci~!>AxeiXGTowasiOL}_dyQ}%VWFVgbvhEO7T
zEW9Lyz&XVK4<1*jHE3CL^<H~?i%eH}NlkbSAi;+2b@n)wh^W&<xhqI!KvSP^0Bu=;
z>g|m)^5R0hec>LTY#pOg3n>g#U=<_+pf4~AkL>aBM##v;8lH71QflCJb|Sg~B6XiM
zOKu?QqBBg1y66#uYTd$Zm47;dfh2<GSkx^CV(1RewpNSOxF342RjUzctk>B+zMfWu
zsubLkD$ii))PeYMkq_WRL0|NNiUMy15NQXn+HcCc?DE+o$&x9N*%)M&JKe|VlJX!~
z?&jc~(Ww=8x-m9Q8ZfRfHbZ{9t2pWayaHPMiQm7qN!=<`x83Uq`uBSsmp9EAxn@3K
zess}_Y0tyZX~AlxT42&YZ3{$u{S%Idzs@)xWOEHOV}bLM?@YjmG6OMmae5PK-DRZZ
z>HrwIcC=TrQz_EbMN&RQue77;w4?~o7|<#r4S|)^S%frflOm@2HFa&Y&kH9~FtlRT
z-)|y`FUJm?M~PE<V0k(~B;``}hENUFZoniu+g_G<e}Q$|r9>QazFO&3j({_(oK-h*
zu{DHpA$E5C6a$d7g>s-Rn^EkvroZ8AYaVuKc8qm^M@=al-%Y9-By8>baKafo+qzBO
zUlYZjfCE}N(=<^=W44MjjZ5mh>AKQTJRoAEB6aTPRHT>4Op~rgk42ibc`!m#(d5BQ
z4764N%;|Tx2T0pJ=lb5{>$3U<;JU!7UdZpV$`#}WSb5mZDVI<QVTachEHkA^MM3d&
zfTg8=QBs;n7y|}(8BFLs`=XA8MIbLX9yCETJmK7pDxXTp5ma&<)`Pq5-B4JSWT-nH
z8`tfu#ZVm%!S$AH7W@A}K>Jcvp_|y|a_?&O9sh+oQ6^^gUYm&U^*d5J*!uS1k$3#`
z&KQ?pEq~9S{;K>W+PMF@Qk5GSPRPs26H2Ij6XdW<T1S_;VPa)2I&(XN*2owc3fT;j
zX94q9mDS(x5INQEI=k!(i6yCHE^e>=-Ie69Z*JFe^3th5=q!m@CQ=Am<yjxzG|{o?
zS(n5pFC5hfLa^T&_KmAE_M=+LA(XBVVsSKU_ubf9it$&UzCM)t+gTrWZ9vnsC4cFy
z-QVy4`?=#fgpL8%JYIWVT#0aO*Q;$$z><>4ZRmy$Nketymo*?@7Mxs|n2*O>Xrt2+
z?W=58yf$1_jpU!*vz__VHni&ea4ghL3~DK|C>xER)h`SUWn*iETj-PTOa%-)0sUL1
zj>Z12B5W}|YzwrkQ}^!F2dDSclMJ`3=X5Ot#aQD&h$T6Og0@cSNak$k`mcPTaq%h(
z;o%nc?9Q;KSzp{Y&J#O1V)ijPq}(E`NK6mw&~qe+Z6-&qKhflj?+~?^jcn*^U>ssP
zo-Zf-0|fI)O)hGV=d2*Nj|^55%%5o*DZ6TVb=$P<))E?3*PNCB2vA49vA;@lU#Q6#
z#1Z<YpZsead*IiOL*bTEyl-%_6L;zm-YHl=`DeTV(nJ0`A@UF0Ugre1gN)?R3gW$l
zk%MGTYvVH`*SIVe#E^r+A>R_vG3D*!awLZAOGlf<a3p~2!kQq2YH%M^4iKV20C}#(
z+SXr`p&`jfSc#CaU6GL^`^+aR#wp=R480ni0GBIDN=HGLyrl4e$4Rd$mG^O&&2(UF
zn5?D>S_>EuDFRSIe<OYm9=53&q0W_}m$(WCM(@zpX}(KG%==Ra!Qey>902-pDxnoR
zVMyIa-YXjQV5J{<b)3Mc6iW~xtI6N%=01)oaj83}1l&VbhUASEGI3D;x^5g%Gz@mh
zEXD<)t~`looIcC7RTPBhSw%;+rh5z+dZ^Vuo3Zn9mO8E*ob-4dq-w;|ja>t<n^&&B
zDPL&=v=K^yxJ#LQ$UevcAsGbmM*UWeSZwY(Nm$xf5-O=lp9qTpZiGaVRIMQJG51fm
z!%Ry(u>3(%kXax_9>lop+F_l_nYdeE>@&EXiwlF>nP1MLPRM?nI7=qgQhm^j+5vho
zC(ip=%+@4U$MOkwzN{N1=Hcrq0DvlW3JDyrUP$ezII{3O>ud7^Y|Zq07!;p>@>j^|
zu5Z5)%XrcX7Ta1I&|cDcM$S*`{ZL7{5ov}nb<?vLLkY3(c+_esa5#&TSuUNq9-8f`
zM9#%Ur&QPU8X?8|yfv~|wlM)6qk8dUvO&&WL9Q9+^{yfrZO@^}h<j9*lPnTy;6|jL
zqLS(nZ*O|gv2SMNn7~xwA?0wfSsTKcpxZM@+IY}rEs-06Gp7mIqsiA?WI>kVwMzK^
z;<*>|pT9rJ7M&brF_`=Qx&<1*uX00l<PLT2+#nzilM-7nw=MAQxt`96Ze*83d<>Vn
z6gu_6zH{bwZ<tuF|5b-y()>lZuWMC+4}1?qB02CG$WHu#Q?0!`F?y5wz{zS)gKml|
zJk3d-xB)r3uv=RO&KdhnA1j8+B_eA_8;h2MG!_U9JS>Ji4NoB=IH(*vr%;WM!4(uG
z%KzZ5d8u(<&8ZO?V@Ks^pM=h#*B{2rtA!ApobNEn(GqRrCbb2noO!Ojx78BFG}PQR
zz+j=<2`We)lfp^ZV*LHgwK3b_F^dpGt#c48KDiJ5`imd5M}8vXe98IGk|En4rWZGZ
z+aaWC1KtXI@!?0Ku|%4^L3)8hf!s2M{Z<O4*u5dHgo}#<M6UkhxdwsNn(t>6C<)v2
zV{st3=`aXVhg^LRYK1x?A9ca;FtU&#`BK6zfwm6(OhQ(x6fsh2m#tAb0uWgwdBzuQ
zc+R4|r<NMr-0feBT3<j(gO!`49xw)#R>6fcm+FG!5>9;}gts@_jV_4iQr^I!xFno*
zFsw*ypt;<f5M9z4mdcHAJwboz#BP93Ff0lCDJqhiclQoQFX=(-KB)mBi^Hm~*d>dF
zla4}1Kff_yNeD0_$0LC<bSQNcaBS*JXU=saq>q^k*8@ei8+iV{DDG}HRe6e;>N~xs
z+9SxE-wMERrKmmww3Q&{kaHqmv#Seifou2e>Dc*uWM{Yb^<2YSO*gB71=M~_jj@mt
zXzYc?GlYz8{6`UWNpSr;c-CT4@H=<mKZ0ynvDUCdh`oid)1fj~$VREEYOYNTLth#<
zLe|6br<5B^Y?MCpQtg4CG1HyoNq5QOZDG&s)3;KnL=z(m!)=8HSwc$)l2)`Rb!B2)
zr!?VaBb~6kw72Y|5=5>ZKBXqD6%VlJN^oHd5Wh%B39X1HsDW(nx$lrJlT8bRejMEY
zjJ87D^#qAPSST}+SrX6cDwNvI9vrJ8nL9T;%@`OQmMsbJ5XduuXrARFXI}wLPhegu
zDYPL-#YPa`$3@N>qXr3C6tx5L+(C*BT;wx~9GvZ)aIeby>XPTmp`?L>*hRyrm-0DK
zBXl8n5Z-gJDrSjbc_*Np;BSXdBk+mrHCG=-=K-xW)wQ1#A?_n}F3!sey3QCULqzvF
zC|?a;)I`LFKC3}e=;)}L1T&;BWWYo(?#0+G0pvl*v^Tspe2f@QKzIuuE_9{yo58>L
z@Y*d!OD`_eauH4}xR!s~KGWF8_SDt<smW1R%hP-6OU)yy_<YxZQhS|t0)(#*RbvGI
zJJG0zTvPL%{==uPt2+Lqo9Z~w6|Q8DY^H#u)+%#yt=}l4^d9KhBq1@F=%EkP6OMhP
z`eUGHtzmz#wz?~8T2Xt{lMVXv64ryf%BW!pZ}$5+*`~+n51;;B-*En!r+E;k$JzC-
zwp5EGwNIS`sF7I$9ZMNjaGS-{_(Z1n?wC0DTY=Fvja?4g8+@4CYd*BQ%x-RU9EmbW
z6b?#Zxy`AO>2jPNx$oX$?#Y#?H?Zn<lqg*L$ZnDX5o^LA{LLrb8zu&Gk#4?BksOtJ
zW;;I7Qd=Gl1JP{)*MVQhaVB*TvfNXSLw#x9z5M`j>&66HHq2dLg4GPixV2h3uaLyU
zB7(z;l-e?=TRJbj``@n{w9#<K`eCYsz#9y9B&V=JL1J6PDkn1g>~|kP7Z%K+b_mR`
zC}V2P-}tmk&pNz6U(i+CG6gMKaKC0BcctjM-gm>Gx^WN8ZxJ-$X_+=|<t%8a?V0#d
zIva6;_+KuTOq4#tr4K?sfP$Q)eF@usfKmEpRmc{eRslRW_%MB9wh!mRS2{jS`Usys
z=4$CVu`RixmhNbj@@V8$3i3#_GA#1~?nR{a8If1pFA*qbY5?tKA9K%*_G=J*C0Omj
zvs=_SH@r%?0lE!buztes{jCeUjlz;yAEyo#MPq266i92qqV#@Ui&Dou8fUFb1(dQV
zt2D1ucqc)p&kl+E(K}Wn3IGL_@59JaLTZIa<;fkZcBw8n7#`IGW#%*ByIw*btFQRB
zpVql*$KhcetkVb0qYfzidk{EMNzaE~38J~Dw&~je{UGf6haKy#&5DZvFmaYq8PO|3
z!fwJI-M!(=Bkcqw@5#sdNu7Z`Zz$oXFm);bG!P!c!F;ke^nNy&sMGgRQ$E)?+4t$j
zr*c^wQ*8`RDKE_=;B1Zar*h*%Ye9KfD*sSpv<B|^(aqtg1L=Lo3c&S2&WXGyM~jH<
z$G1D?N0xwuw?J7r;>Yzs)<o2t!qXk5F=~C^kNds_L$eK+IE&GdfR#iZM67UD3e@9l
zXYu>)x0+0PGZoi-aa~*zgnOe%MJCgTyMf;3DakpNB;6NRH>zxEsw&A#DlUgN+%#0N
zi;@I;0@}w;%BNyI4%HiN2Jt~yQ*w7#D@y|<|2oJ8mbjjcY|22xVRQr4(a~0lrKqxb
z#J&$~>%azu4o4m3mg~gRxt!B#CFq~~qac(SeVm}_8Z%vZz;szyt9wYJeTP1h8*{rZ
zgyfg9j}Y+U{HOXOWPU%ZG6h)x6cF<o;46hWNa>h<<ZR_hFY7@xw^<X*LvQbKJSDiP
z#*^t7A5($Cf(iA*+9AtCoG|l`ojI;cB(K*^_+7k?&PI247oZy}7Da(_Zw!Hs+Tnzn
zoP@G2p6e=oV{q4*!_nyIV_v5tm_vio|CRa}CAz7XY-i)k91y%O>pV|WuYi}4)Az`I
zXU@W+Mfud|?bhiok`Y*)l$>p4Aw%Lqee9GF0YXhqA}VM2!9DjG4vp1ch{I|Sq}29-
zJ=Tk;8JAL;ni#aI4f^cPjnp9Pw<1*aspy3YA=AiIh3F}Nkq#%D{kpokxfKw&8&QHI
zq?QTjA*V37jp;M&SL=g6NZE>N>TJ{*Ip%_Fs!7?JcY7YD&6PDJ#AAvOQLHuxsLwi5
zg+z7omq84i8#leb!Q1Gysw4sU?o%iPO9Tcy-gxBw!bvkjT7u}11k7m)L4DKv>vy|h
zx(YozNF_!9noQFGB8?nxH!8eV;FrNWKAfH{<w9r#OrH5EnVlsB-<V=PU^Xpa-glQ4
zY`YIxs}}aSI7}d|uS%aJo%VD+u85y`vW!~iU1eIG5o7oW!FeD8I24HV0II5?M<Vl~
z5Fn7gG!G{*#?AbVHU_R#%MUHq-lm=`qIQ@q3K^F^gyB`;7a43*E=Iur2mSp1Zdd)A
z^RKh#+vv4J^>%ue@2=nOGU1)9Lvnm-I5yIp!ax<+0DbA%?^p$&n%9nFB|fUD*2)nF
zj?DpbTpSAIcv7Z=GJy#)UJ<<fx_UjT$I02y$#W`juMklO78Oz;P)fAhJf~mHc>Lkh
z-&0~@qB}}sxy^pAL<XJ#9r{?d!{i`{`^d7B_)=6>Qd}Ezour~S)#Y$(rod2B*UW5~
zAC~HV+G3QIo7ibWh>=TIP;Li+6V-uWhXdqd=5YQD`fbWKB(y(Jb%Ie@qZ94Cr>7M-
zu=3L*YncTEkzkyJ9(5?<99|C0>Ld3({24trT<_6O=N-7{DAHLcR9nIdE?~VlK0*tW
z^bd0h%qnkn4s92y&~Zw+73g<c2{YN}o}ilj2uV{(9#Ne!2|P%ZaKUvo#ED}|OYGky
z*#k<lMptYs<C5}*RQt_?l1hD)<7~t7C;3g9_Z8H&r-%?K<v|{}@xl9=+k`pME#uVn
zDKu4iI9Rkn{;OFI(?`8NINqCSZ|OZ;-+{@bEE81Ym_nNi+<?nr+SFm)>s)PY6HcR)
z^bz<(uoHvO@g+&MbA4W;u~zlBPljJ#Fop1jeVFjr^LY%ST_peoCQK+zlL|_x3`a4*
zWHFuO(wQ2=g5k8(Y)umqA6DitDM)6Capuzm?PH#8$fA$E=h#eCyxwm2l?~7Q{Dv`i
zf<$UFx=skZJ*nvM;Z2V>`pdVrNer7k`qMCE1(jJ=dtOX>)rm*{({K4!uU@i%{Peud
zf0SHV^c>3paSHoLLo<6>)wgT4h$O$F2&tD`BwiWUxMj_?4^7J282W<2UcNX@dJrYv
zP(L7tOj2Qj`fy1+yKC;t>@vG9NX-3e3y$EI+etNCDG^?J_)IVJgDR8PYsw6~5`hlk
zHmpEY<*ZzY3uDy%=IY}~73!aTK)Xb7@l`N0GaS^tNsvuh6jv}ERICuO4&~y9woeYS
z>E>6(2R7)t&8yc&HbqnjfZ!av+Y1BNB@$;ZerSV!f^eGIgs|G(R^+3L6lUE8)aCG#
zw2EATJV*?7HuygG0at%O4JBV7Ze0-Rgp^*&C1lzNn|8}Am#=MBxRbe22<KNE#gLPQ
z%;krh6|Rn$$>@>Ep-z2VW`R^V2eXyCg4g{mhx+1atgdFuE%4-9<?z>?L;bM)=1cYV
zxPbRFaZny`jTVBMJIQ5dr{-xEjU0~C3Z!3esOol5K1X?)rjW+Q@hIxl?7h0js}(&)
zcegbX7C+WM-v!4e|MR5Xs!ZDY_VsRi_v*DV6_N018B#XI0o@h`C9D-vq3-CtXDW8h
z1~d-2B?TBh(qSec-3}cEMAuT$rMRUWD~fov2fZ)wakOSkDX`8JevlyJq?>u>35R`&
z8Q{6f23V6aQ2dN}(Jmyf^kG+%4euv@;eiG{dglZ8NBeKERwq@T7OOHxlbSX!ob^ed
z>Sqp|#<>qhB&(Q8w68=92eV<{RD}@nLB^yLEjX5%YSllnzje06pl+2)u^1^i9y?K5
zy3n7)v+GF_G@JaUD^>gQ7{TbZqG#=hoT;XK_U9j_>QGM>ss8Z?C1OO(u)K39mJ8s3
z4mD}OOW-i*wa04aG)Ag=m~o+aoEaBW)c$1p>lU@pmolxcCZiJ!%XkxcU#<4<$Y{B{
z-cV|J%WvOYzcIaWGV)gHq;`P8NCCsc-l(`ePhVWf(-J1WxZvsjS5Km*jQ4lBz)Km*
z2rR7YP-m_19h72hY;*1GK~nAFl`2u`ek*h~Z;0iPO2OszYo?jrB(8`1*DI4E%wT{5
zg3w$&yFX(`OZ7`e29Lb|lW*kLm;Cm^q&79%Mde0CI`heO+DF`Y@Qm>T5s-@WB!f_c
zV%5|d>(RtK>55MD6n^&O^QLV1iy;qae~#K7vceBXMb^9Nr3A5a2cxePwax9?ls=s#
zm)Y!E&$YW&q|8rNno0HM^)6FIiW>^L+M{HHSLBdm#18yvDq_>S>A@EPV$ltCPToQ(
z*mPkylt%>eYSjwp|8tj7h_O2gi(a9`5qrbSNZunwE-ySUA-2_*>7E<+WT<@S>3VeE
zqoE;^H}XcSf3n_;j4djncpfRORKLrEkT^xJw__)UA+id9U&;L!7hm&VH4hKHlBO+!
z<T`t^c}4A2KmBv|&v&AKtCSL%p(EaTIVGuiLtS$+xRhY@!Zar_5|Cw4ARy^~d)an=
z9A9b;Bvn#=8X>F^>IbDc#*t?;_F~iTI2`obOm(N#t5tqWo!`|;kQi<1rD}C!<}fyt
zUB$h1xh=9=(Jdu~l)5s->#Fz}e2EmvETtf5krow&PD3!56ZcPQnx~G&*jdxnzAS7u
z2}$(G$=8Es-zfv8^pRk*k1*>^KRdH`aiL~U$~hj^4eNv)ruT`mEuN;5D#5BO0JaQ6
z1X)SqvplgH=pzj4^x!m`>BB4I9oC!Op6qAjnhI#J3G>jeNP>&goa%ON3Q+&xp7$@d
z8g!D~l0_C#4><=d;-v5nXsxEX>m(K3zOn`gSq0Pr3UF>A#5<=p@Y}Nsthy9W2|Y6D
z$gC?WDd0R{kAH$(qf^DBp@o@_47eYC+11DmqcDr`ZumZsGcj*ZExY>U!bM5m4=jvl
z!=p%(5<Y%lTn_1k;72ot)LwkAV&uega9X~rDOesCBc`r|u8A%OWduK06~=j#6LD7_
zT9L`8#g`vp-M!B-GS(_bkV-!fV2Vq<Kmk-vD6sne2c@GxO?ogt#9eIT?P9_fL~rX9
zzH85q%78REd+}r1#Y-on(bv34dtw?^omtc8JOs<^Yi-y_E$GIgYK-rWGCyL9iQ%fO
z@)MqsfN5*V4=gd3ML~u5Ff8zHcn;A&{62%bp2|uaRZV`I%%6n=symsJX83Geq$nJx
zsHzNhB;XGzx^_3_JMM94le2F(+v|&q?{DPi#QK=$Og_S1bCA^;!$}21R`_)spj@ci
zi?cfQR-Tt{Cj2{p<0CqAPCcqmxL+1dI};sAbKo}k6%SYE+&E$2{`A+GVKbgZn``PR
zXXm(o?6jQIQ!TuvW9lrrxUiY1lUmDfvh_6C%8}{2X-p-0pXwn5P5f@%O$lL&Cy~1X
zKpQYlJ3;DYR5v7?rd*6iC)G^Y(Vf{WG3&%#x=SBXRvBM{_RjQk@ZH>zdZY=6x+;W}
zpq19Yx}J{_kOY#t%?f~dq{w_SYA9VmNR@+2E=(RWALe8)6Ce*7W^f&q|87GtWkyjz
zKr4|?HS@Rxq}E=ZP(M!BSEjuLjj(*!zQU=ZB!CX7RM#RtTu&fhF$IhPHWUdxKD_Bc
z`#o}Y$jrxKk2X~_zST-=embBkk;3Bu87b7E;`gi7PrG+wh(tNOq=l3lr=$z)bRM-m
z0Eqii^Gsj*NcTtMsczC<!D4%;*wpFFI4cScfG!W!L6q+!Jpo2dwiEqnEzZ0yJxGSa
zDsliR5yv<kXa2EyjLzc|xR)ED)rMtHdTt|HDv*$%A#Eu*7<7X;0ZxOulTnnoBZRtl
zK9wXIU2TnA{>|Idczcc=Drp9HR~S*mos6(DN9Nk#_?RxEph8uRybg&Zav(V&ShqCs
zi75(-sH*Qt{s=;;+FfUtVuC;DI_m1EW4*I!AZY=nit3vb42b=RW&V_DAV>A$aUTr*
zY7Xn827^KXEHx57GS7!yElY;L+CNLZ9}ii0?}Ivnlup~|C)PeK%Q&hN@Us<FdGi<_
z;4%ozuXJUJcm3p5HEk`NrvuG8Z==Gg0<57j^(iJT#RR&}+bKn|hYk9mmguB~sRL_4
zs8?PGSlJPO2Qd>P)<z(HCj?MrS@g9fLN_*bKUAnC&PFc;0a^rA;AbgW=y-(QKb~p9
zAz>vXZqCUGXw@rU+k%fBOgjS0yziW;eKC~+rUzrS(nSMBjdE3ij2^Hm_Tf${NP&ex
z2X6%4Ed_vVuve4D>tk=fzMOCDP^YE{QyJD_o<(I8E~j7mP155UCS63LC+*md>5@@H
zNb7|$Z2REY;9K&X5-r;h(*Ax{IR7@}?T{}JV87zwY7d=Lv=Suwzn`*H;b*|&0otFH
zVMNKhW~naYPW}~-|0$#1N{CSp#fiG$A)i`QLL!knAsIhO7{-8iK5#y@&hnj9E!4O?
zY~jpqQCHE;+#mqi5(;t=esH95_l8NA!?+Q?KsH(Bs;@z|5eX6zRf(>P3zd!1l=b_=
zr+?QT0mbBemA%U=5-cR+<l^F6`PX06KPDRf`F~EUb85^}O|G_oEs2bIP(=8sL%_3S
z2bVZqo2ygbdFq+%Ry?KEj#q_&llag}rmm_o*}Y++;nP_-vxoEtKC_Ryo3cEjI%)#n
zenPTkMp){D+)buf#1rkMhaK_mB4(9CSwI0FPZe-V11Y`Jz2Spd<sb8icb70Dj(5d@
z1CvGWBu?yL<aKX&`Vprp<v%NXaGZZCEI1TCu5$O$&u>hjmpJe_-BUjfYrr?5%$U0L
z_;b}br037Vk85yU$Dk}V&14919(h!L5K;=P$U*V9mp`acepp$&t8z*WZdIy0k^zc+
zKk<S%j*~1&h2yk)!{d)bUzc36q2C+rG<?GNP1aN+%*-bBlREHnN(fc4S64YoX77%(
zN6*I3?yFGi_kiG&EZXb!_1z^kLcZHxf5$KLem$9**%;=yK|xgSWUakSvI5!>hZMx3
z3QD0LQAPRC>F*hoy?<v!9J-EX+L3`hQj}Pn^Xh0*A?pEvNcBaidCCgbmzUDB7xKG2
z_Ss#S!)I|9mK|oBS5&`jGSSVN^L#fTWgp_jD6RO%H=hjd`q=8>g=%2DRDrS@NBqHv
zxbdK$h_AwlvfQE0GtipMtMLR6?)o@J!zx3A(#zc<anrt-_g8UwC>e{03}te)LD<0I
zEDGnNO2!ja^^ZX=&TytC<+dS4CS@DKL&v398hqtG;Zu9@>=S6#W1yi0kz@xPFs`ZE
ziKnFnj2|M6SIRWVBmgvj?!-$EGCxj+fjk}EW5<)&bfn+EdDVMnd3esTSwUcCA*3-7
zN@cO**3eZ92=mnR-FMxb+M7Y;ga{V0j9hoJvjOZ?$aSp<n92$7djrqUPveZdWYEjl
zODGvaf`uE_xzG*i-t1prPK@*dWw`g1EQ~=nx?!G*v0vg=X}|Iz44BV0_cmKMEvq`a
zySxQzmz8UXy)-;L552OMa?UUuhMq@2;K+T?ey3zbhyJcEFD{;ME~~HMMELxZA9<xr
zj`>y~|90K}he9bXndg$s;+K(7s_{Ui6+2-!;|o1{zM6m9FLY7i>b}i(wUUpB#+Rt?
z<adHC^eY0UIcB9F!<AiV?vID~hy^=EK?v(vOe%U@`>CX2+-&zSf$ndzx7X4m*ATWH
zcIRfdg&7peLGuf|jn|TkDOzZwe9b;oY_F~aHUAYq0oY3Sd1Kpx)#?ZN$4hCA4Bi)o
zpzQbE@#`qj!lt!a37eL@$WoM1a4U*Dz(Gz<6>GuMOScRY?raMmy<6Gs?e3)h<dmtx
zT1*p)#Ro}@$KeaivL7}#m0hwv3p)^6$Jk7c>-T0U{y|S(@HX4r&cmt_uo2LPxPi!@
zRF9wRjOH_8@rG^4a;3Bal?1{d4oF@|qm<eTa^=~^_e^M^v*k>as6nY)qgRm47<5qy
zq<I4sK*=+B);qZuyK0XhkR2pHWd#Z!-t*(;lj6hc<X=4BZLfH6Q{H8l@~B=<!&mCR
z7u)MM)sAnyxUM;#Hu+`6r@m32V$I1<*C#pW3bCZ$$*?eTX%Tt_4!GK_#lY{~p@sK?
zk@@DA&F#zE?DlSNMsu^hxTtW$2pB_tjQsiYPt1hN0tpf|a$UP<U}Dx+^ziE{zk4Me
z^7*I8qJYLz%mza#Eb|y;T;AsCw;}K_J3Z&KOm9v-T1Vd#=XK&jWK<Kmh2@I%%Wcp8
zewS!FU*j?PQ<C3pF3W1SPgP6)yxHHz)%EReQwbR{8FVCQ2PxEhS?m@pHEE4}Hq3Ur
z>|JzV2M!t}jRlOR8f^!|&vnAicZ~&Y`tGHnlLS%jlu=5tXTh=2=DXw%p9Y_QVuTm$
zsdfWW>)_pft%X~&2c7mlHz~54TgpSPH}$%Bon60D6mc~P1t4QQK-V7rb)^09Hv5TY
z^EK}e>^?HzHJ>Ao+<dFLmf}jT8@Wjwx&;-1-MmENcdn1Wy)Qw`5p*v>AF4A(S`=b>
zhXJM6@(gBRoi^GNFijsHz7^5-?)F9%MF$QBEpkAKrof?669dDFl4i`#rnlKE2aBD@
zqVTFR$nz4izcllO7qN4LyjCsLF~F1o-`5H8`6$fGsDzYSj%ESh8=d%=#lq!_i!XnI
ztngcIq~RAAC$kZcSP~1Qw_bG@7hk<(i(bF_LN?(Ek7-NLN9uQ$<8k4Cd})j<|9B6d
zD=tgcSsi*+kfv<mOi+rV+3IUDBco0cnGMgi!zw3)X0{i>2;CF!4PXJyJx)H3z6@us
zqJcVd{MG5UWYNWDnD~B_gQ&|hhk}!(<9J$0><yB)-TQj?S2>JTxakq(rAJ|uW|7PF
z_)WIkueTyzYXYjASZOFpXJv#MZLYOrC6v0Z_t&b>2W~qaE^Y+YekkR}9ZGBJ@%a6D
z3$laS5+3Z6=<Z^+op`HVZ+CZnySYN#Ufn25%0nlNGlF6v#HEt5WB26w-+(7Nh#&~g
zau~rPv?UHU^ZjT44Ygr^`{^c8)7xYmoYxr^oa<FiPGx&yE+PKP_Cw|idNIesQY@2{
z{+PXO=E*R(OGlaK#LsfSmcoX94t$qA(d-2^ztQ1y7}R_5AseP|xPQHz3c4gvf%7hD
zN_+XC*=*;UW(#`OBw{6Dlv6q!2SCp3O2y~LXiYPdu^AEHJ@7t%`9ni<{gcwAvQm<m
zMXtvYRSt`!4nrvi%-_#$VSiOM_+~dJMG-=K2rt>|!sV*-Z11%bkI9wr2Du@L{b>O4
zBc&lCRs}Uq^}gyo5fP>@Uhm8g8HqYfs0UD@9K#$bE*chK?-3)s^hai`74l<i)EZc+
zvG)ABLv1;8-1=USI+dK+91U^El*n;wAO`0S+3)}qo_$0uR*#I?!2##~OHF0!s8ytn
z`qhdZyjmS@!=bL-r%X5cf!Ha!Y(qv74_SaM2|9z%L^*YVnt?Z|KqC|aXG4*G_F^2-
zAY@t%<Jc_U`?AIdu;)?Hon(W80-Fg|Roi%V)~I3rE5rQ#UJdKhl@Cz)5sYt@QUXDA
z?HU6*bT~yNE8;PRHqmw%{q8xPY)y!PW!7IU@-JB+EEn^eEEU@eVGAu$LIcmwGNg&x
zqK5oHeUO1>g{py`TbDCms%uhB$+`3EqD)gx(C)cxeOCBzsMQYldY)BvkXr(obN6Up
zdSct+Kk8K>(Way3CFl}7sJ^3NOX-dE{+7}Eey^2Z89n(QOCU(|Dn>&qFzCEGVvF_O
zZ^DWPqz7vG9@X7D`4)15`$K;H!Hnp3a6scPrRHUfv6U7a^!;|IPaf`=X{9(ED#b>*
zPz5UJJZ_qTqsNEk!OO5Z)qFzW(fACEi0fE0O}-k^ceNV*!rVGrCPHvPNV{-(10+o3
zus9GQN9UjovOWOWo9k$Q%-l%G#_Sm%b0aXl(}3wfG)|`zA*GiJElM(tFTB$`t@hRE
z3Tjg4&MiKGrje6xAL9SXvQi32o>P3_#TA;HIi(+HvKRLIK1?~P)%YD7OVniKH7F1E
zUIg7PHdx_j==FYr+qPelVA4Ppkw;A+#bUUG&2YNU8dvW=V(w{^a0-Sa#Vo3e8URq7
zimP?IE2g=ndg+JnZ$W$%1p0Lx!CD+sc&{L{*TL<2Hi7<=kF;8bA3u?Mm6Vt%(Dp-4
z<B+5#5l+QRGvyn+e!q)c4gGQ!al?=;JgjMi6!X!c5+CQnWpx5W_9HB?#<=NdEC+~@
z<4G_J1mp+Cb8ktoIZE&qMwCKjE($kHYEigNE$jEX<Q{1<8qI_tK;N4)p`*$ETCH^2
zr>JSOw?61$sO*gshyWxn)7mJpQVV{T&`=UO74F11#fe-dxiMG4xxd$Gp58j`Y<*~a
z=6xmYgxL|0@qK3WP#K){nUy53!FNOSjlh-XV0L$jQ=ZNyIN-M~T?$aeHNHHk*kcdt
z?EUjwzyCAk<oxSDeENG0cN(#8es`*}-&QO=dI~mFtvaOVdBpVkrpJNT)A`rK+9JOR
zj8$i18i$HLqAZ(B_Xs!?7;+R;#Q$(#RxVHks$(e6&8RVdqI%boS^@;|Ge6JyLRI+%
zAqq{g_+Ag3`{@-+Li>sDf^>-U03e8`1g^vy%tkyn(FRZdV-W@}7?DR~ym-G7*AD6#
zQdg;fz!|oem()@h*y4eu@Q}QE?{}0A((k4P@Oi>wR*5M}A)rc$z*kv8z@o3j%ua?i
z+dim)Y$M)Bs)1;C#)r)QM#)o3CnwZY!prO>goEF|Gj4$>vrFMO_P0*G+e!AfEG?ak
zn%kKx<N%d594|3sPAv8I2-{CdqXwyQ66VI&Xbq|XMZ&yY#S{Yvw9yTK>O{>!d{yO4
zoRFmH_Yw|K!1Ah20LNy0IgY_o9Hb;JOGg|x-8yl^WqFgs2F6)Z;wx}#(!O)S4)nTk
z?*{(iQ#G^;&Js8F&vU%YI%%x3tX5?cZ~5voao$+2Oa8q0J$e(xD#)ljE_o5-%`MZM
z=p!L-JZt9KgIYu<$h?D-eDVNN$jI>^FsQrgYWt=lF$cIkOWLETH1$5bI4;}_n4H-2
z?G2MX9$&~!-^>ZGQ~RbOdebXvrc;q_GQE+&ex7?7?52qmM#R@lR@qcrr>>a}JYYXU
zHS)gmeNo)qY^w4bnTR%sY=ZTvnFX~V-6HVtxTGoYLdPlD)y>rhouK(iSl0N#A|tr~
zh8nl@J<``Wk(v&uv3SBheE8~F<wstarX=fxz8mHE*G^Q=o+j6IP7O0#(mTxfn3c+p
zd}uH_og-tmHTJCOOW;%ez#TP>JVGU1Vf>-gOz|_Ie8g6bB8~{A26SBqr2aMgqjTGR
zcgZo67YBy`9}z%!{{)8pZz+DkrirJy1Wy&Ct@YlMuG2!OSyvxeozyeemGxviz=}dg
zQJyBvfJ6?K<UUZ<46Jn!<HIwv+PUqw6?IEmP7|y8@Sq;SWky-<#$ZEGxSR@PG?0W8
zQie)Y)BY{XU9|T&CZ>1jiJqiXbwC(I=w6K49mZt_S{$%<E!YAX0lE4lJ!|yVW5QBg
z^)O;&J4O0zckbg2hScE#*+b4mO|q}#!+fxVA;+T{h)F-YYe>gi-Xo@5D&%2PM<k%u
zp~^GV^yBSK^E3ZwZti<*k`tDa8od+lNB3H=>ONfLO6;XckQF&-^16bjkF)7y<jT{{
zOo!2B((rE1k^gcC6|&UQpn!BEs-3{aqSc_*QxGcmn9e0zA$FhCthk>i>VV6V#H}LE
z{IbaNB8xob(zv-KaX=tIQ#$w5HKTFQA9H=fXUSNfS0M2Fx7StqFqWB{+^Ad;qYhtI
zZz@SI&Arl1ow%%{A_)qgaU9-u-|;-bkkOuq_di&1fquDLllX=mxW3$6|14uwfMt#H
zFbqhJiG0%T26vq~RP$PbNwm*d^+^?w!i{hV#Jw-k_;b^Vrd*GcC$F-Q4Q9q^Y~#l@
zjHenqbMh~9l+K22bCPsx$`9lP)v;s2_%6ksEf6}rO)}Zn_Pm|Unx_23<>j`>Zb>D-
zX7zeW;lg!O7DbU!LXw@{xo)*dg}W*wL#$y(Xcj`Rg&mnU-HPb#=Jxd(27s*C+`iLI
zNuXqj{18Y<O8P^J4u5#lecCgU41TO3PUOU72zVapMJd~=105Pt2DpB&l?*AFa#a$;
z3F227Ir=!LdUs580w$IY_k_%7FORq(5jkLraJ}wh!v;B?Q&17mEgY}Rd?^L9_|4cT
z<o)mN3JlBZH#f3i;A-%Qhew{{l0?CR>EE*W-SIJcm)YIshU80?HM!AoK!OnNeVbsZ
zv0c$+_6|an=+EkhX40Y6AeD#+_)g(ubrwoSz2exJoQp*-CYPkFNsEL^jeLd-<f(pf
zpD;nUZF)-_Y)rUhs@$v7jPutCQzosuF`L&v#y+GhLFQAW+=qRjRMo8yHfu`<G5h%w
zwq1eN=J}P+uFGH*7%(|_O$xargbub{>ig8s!8)$VsRf^Qxb2!DYmZe)KyAnd$oG#D
zk||+>^eLOkfNQdW{&RXJkN3*bH$*Ab?DMe79S6}`<4;ud4b6)t1`TebZsvSP=WI}r
zoU(0F{2&%~&!o!0CEq&_G9sNYP%{RzNtLG_V(sY9&>4^)M7p*Uy8sCMD&SldrN$gL
zoq;*Pq&=E{V?kBT1!FPZaO*5Pup*kpGXEsL4xrLgjTpZ+4T<h(c79~g(2uLv&FF60
zB6xJz#9=A+dm5`A0fp^aN{&$Ig;U9`-PA3q`~~F)ta>;Dx;LC@HJq?u4wjl6rSDS!
z%^&`$?-mKVRaU!MDfo*+MJCcj2L6|jkNOZ8Ry%=j{E`*I|K~&zaUSGK<dl+oC~=<7
z9nH&7cg=ee%ZD(08L7DmWs-otWMx7YdfS#GkK2=h!V)p8b>#SFZsmm-YU*T|$Zk;L
z(va2l_z9IDT&?&RrB5|^gV6$4D_FhY)xW8V@2a;ih*V0%%=P#DVa+AWAq5$rp9XnK
zPh!~F5ca)0tf+;(<>G>)SCIu8@oRn<7V3`H@6(=8H77Q$F%)9}GQw1{-5r>W{d91+
z4``Z91|`I&euC31DPxG9B!xyYD3=_iXQ<A0n#vdq27DK=h1Pi>3x#!N_(C2AE(eJX
z1rM5121V)Sc@m^72>@v#2F%sAr|r3^;clV2Cq78<vrHe*+N$fKDex*>hN3CFP@&Uf
zypg8dLa$kQT%mzFQ31V^la|Mu)djgFL05NS-7I1KQEaB8ZDry1+LV+YrLo~#ay^*!
z10;ZYR0gsgD$}M$5cXHA%;l68cfb$kW5r?FhmM<u*gP!24nNqEbvX4cyWrRsuow}-
z3hLCs5I1tcG@LyJ3jYDkZ$q7ym2sRRk_yNx5vvG*(}pG?_E>wc<W&UCQ-NA_hUToc
zHz3zj>Bt~*4}=&nEfN^hDsf{#M>gJub~p8G0I0Wfw{$$JXasc`Af>boF!Q2CqQ=_0
z$-cV1gP&*1i3ItaB*51pkTpkPz3fGqipc;WDM&E%3dMF9f?c3`wXirkZp1X|OIm-J
zV&%1rmoIP2%~lObtVw6J7#UIs|Ag0BQw0z3!iTKHKLONZ_eMFTFpJkTGjPb#q^eDs
z5z;C{nyD`tKjo5ke)SqYUDenrGMDa~;FP|&u<X*GqvR?L_>gs2b^YUFWDXqK>*aBn
zx`h-N0s7YEY+f*^iWmIi!VoK)k?D?|Cbe$at$V9Q*t+*)<2g0V%@%j@Mx8`dMcY;@
zAq8(J+nZkuQ!zB`9sij+>_qdyX$3iaf?LCn+}sE3eaIa(o<O=}K)N5*cFQAfqZr>?
z?&AJ(1$LcsDlgtfk2vEW;SR#RP`b6oa;Ig9D$(CTN>Ug`Y8ZqR$@0j;9{KagAp;2o
z$Rsa>LK|<Fz|Hg_vuqLeC0geb@KVMmy<Ap&n2A~s{K<zNRoK#O>iPXXGv>4jZnK{i
zDyi~nFVDbb)=rM{{>>+HVR#hvyCJ8Y9HK{wsv}|1Un?JaLv>x_mkd0Lcsf}Dkuc)#
z@TTSfm7IKANx^{>0^eLovAWz%3w%l<f+i^Jy4%0s<j%<BMYPO*o)66+hz&^)2%#*M
zVb99*KhV=GP!bYbfWr;Z6xNhY$cg3{WNZ*sS?m#b$dL<$M4}GvvBTU@uLn1DDwHOA
zteHHg5IIM586;%uRf08<E6qr{4(<u4vG<!|@49NyuJd=dip?H8QW>O>pw>>6)|q%;
zcM!Pg>(Bm9odK*!5#F39<dfFr|NPYJ(&aOTi*>%kZwu`&fzQfKfNy58b_?iphPijW
zZl!I{=~UVln@Ew`M*pmKTg6}>37v9QMkFu60UhDb*OwM_fp4|%31iqYIc+=?p0bd*
zfLY@Gu}`dSa#);&_<J5@7|kJ72C71vpjsi+Y8jl!y<!ncEi<4o<}#Gij_NmX6$bc9
zSPL2|X8B;p^`PF8>nxC2?@U${__4g&@x8L}4fkd5ZB3aC*(3qQy*=zpm^m4psWKaC
z<Ef=M@Hwho*!xDO#dcFNkkmKz3i1R32sd%FF&B?`L_--_;`T2iw~A5jnY+bD^ian-
zK`~S6@uXrl9Ihs&`0#}ZT(?sPhb39C8HzA;iN(bp=~Kfk(KO~Dz-dh<H{?8iwac#7
z@RHwTw_;Y5gx+BUjS#lElL&YG!99)m8auj#WPQKAlGCg5q8c80sNbEOBaEZjnqgul
zQo`?0VPzZj=xU9=FjP!miixG>Mmggc4cMhCk(cBvxk#Nul~ire?(s9Pj!(?)*nmco
z@>sC95Y;yu==WuwI6|U2N(f#DaOMJNIlO5g%bJOM_*E2B!;h>ULE1!Bj+cRx$&c_M
zilJ++y^r=p#pU+8@@ZC$-zEzwG$zTULCW!?FG;H&QOZQr)gsT0omBV%vCCG<sA5I@
zXUsfnRhI=@qV_9fH5FIVw1PdEb!xWDv)}#w&hMV#q?<_fqM3s!$RmosQNe=uk-mds
zY7VB~Pd2wF<42ZTuPT)6<^qK%0xZB%M&Uyl>+a?#Iej;qT3SEoy=Znai@-zg3W(A}
z`z&QndM_U8zK1)xZ<ndrdBk;-5L@STj`5P^9`rcvx|tO@rlH*`PR27fA0%kJvGcc1
zE`&y}vpPL{t{`3=mQDiCR)OnJ>GY;E*QlMlx1u9oT>SX<&;0xmo%a9SWjm@B{JXZ+
z2d^YqgaSHvV%g1Z6$wG5m<faN>01QN>I(Ah_R`aQ=1qYi`I{`5;P!PTz^f_(c?AP$
z=|M>tOR-Y9puZs$`=AT&L|L|r<%doAyj-9Rm^m`kEGky}c7fV7v!zTF$B_zB(CtSl
zVj=dm$GEpOmHO3awN?Y8!l3w6>nLzjd@-7TKn?q{-2G&KbBPU@b;>|1!JDOoP0{Y6
zvUCDX@uc6XKsZVDkGqWL-lYd~q1~Is6+ns~vfb?_yZq)KVhgA$T3<G$vlNzsvq$|@
z*S`4dZdhT<tNuY_P-g+@SH!5CiWnbq(h3_5LTVeM5gyIL7;Ov{$?nsjq7tvN=L8vP
zP@XAep+;v)P+LSPHFSx1fT6B47Am4sz!ymT<bQq|{HOK4s!_hUz}5R4=i^H$<ZY_B
z9lud8%9uq-7Uf#pErXS5N|LollpeiQbBrGjnyqDLTA=384qK;)__2uBa2^xeC}z_o
zBIhJI=2HyweTh)97j4ZnX4jPP>xE^_Y<3z(^3zrt_804qRNs+6Ki@$F;F!d|i+$YV
zA%>8AM=q+tW~9wXwgWOXdm(4@R#c@lZ~{0j9O63;l2M=9+n<Lb%!(HyXZSQlFe%12
zSEx_5r?>MXG2yQN$;UI6TpZ>&*Q5+W#ctP^njJBwcC_YeM9nvl5pKoymI9)UmSE1C
zaWKrI;eQ^1*rhoW$Gh_&sG!c`(TwPB_`PCAZyg{_G$|<kFo{_?FnZu-My)(Gn$&ZL
z&(66^ozJ(s>}I{)t*c8_geQXf!1M9crvxR-sF{3wi;eVlqOXIad1PH{2_)e3j%|7%
zgiH+^trcMQxzQPRpV~)HRZLa~IWo%NByN}jIZmjsj4U}%4;>k!qjhZCm8D|JSV1RS
z$d5i!sy?kAqCCJyMW%$~fJ5Q9ezYNyZ?<DIFYiJiqj(*0ive&7J?73>MZW{t@acbL
zq1Q4W%nM1O1nsEw!T#NK5m6TCYC{!E^#c(ir(;FfhuXvJ6w398uGU=D{?T^oy6<q^
zFVsu^vfuo(f<^qcc&*<T1OCpWMthmnRLVguwiiYG$tjuMWY-(*r+3w_L@cT3=SJe8
z&o19)R9nsR?M`57wZps0T#C|B*-r|?9^Pc%N<}f=iuKul0Sb0V=YYph9tK~2tBQ^-
z#I%vYd><nU(mRTGI^xThy!qy;)In~?#=pM1@($|7;Svx%Cj{r1i$@J_O_4@0qavKD
zSYYhxN^>ksyu)?Xtxbr*4`3QCYS$&hsZ6AbQ|J2P7hao~1Z@inD*px4HO`5g5CKsy
zwAY&#F4DJrakPhSMs`FR#-8AkL=#))ZC7h7*j^LT`kw!!1^az1|CI4d`71-0VLFke
zBiUv4s#fN96quHTv+FzPNo?kkBy0SeqieBgm4Ei!PXa%MJDp0|9tEsI2E&~Dce>`I
z)%7CnqISL8*W!|2V_IjIkT3l6o#+0U|Ng0Z_d;~YMzs*$H98`7uGkwH)Gb*|yj3mA
z$(OoLttcJj1Fpw=4`0bT^;}A)Ibn=b$z`MPDW#uxjQ^{fD_j6?2|}XQ7I!<9x@X$H
zp}_3dfBE*?|9f$<Ui0kHV%_orqKiEL$>8x%)YEo5>Uos=Lv_C!4;~2B1F`uU!;<(R
zfP1i!F>%vU3;-iBBHhMNjjtQyxyUZNW1y@E35xO(ypN&lI#SKFV9%p)ixnXkPaTbe
z1=L0N$z07fDliR7oQhPgm}11R4LYVgsk~sp5YZo17dx*ik6LY@xwN}L<LJVC`wM|O
z@5}8k?Q+mnY>UK!2A;a5<W?j2km~&1V!-4m0131!)Z(;uko-+A5R#Z~scd&~p{{q)
z=c>uB$D@M}mZV(@ps98uP=g30`QTvf9lY93a1#imJfyhci?`x@4?PcDqt71kNE4T%
zL|<y2VrSz5H|x0EsN)Q|5Ku`a@Np=?wTO&puiFQ^p>^;=#m_>iL^ZYb4H4bjHPyiR
zx?iNRpL#i1M3PyBN8dUzRQv;7M5?CF)(CCN){=PT6h5^#lGt}S(n?}sU)pa!zq)N2
z2V}ssXuaDL<)KN;vHcr&S{N~@wh7XS3J)o6X)Q&xrj9!&ZM-?&wFu9MdahMSF+Mr!
z@zTl!>G|n?PMmCfPoPlz;9JJaHhGUa1!YCMy{5M#>p5zGq2`dK_j<RzMrn{4b|EN<
z9SY8t5yb%<<yw#o_5O`^8QCK2WVzVUKv*?%b|CVN=`z)>lu$h9Ik4GKuK?zVveKaG
zsqzQ^u;+DR%`)rBxSza%T{Uf6t=hI>{oKV;kDmV!5!q8Mp5IIP1OL$qIRv34z(6XY
z;j9M_Gp3N6FD)B|?!hNLh=w%=wVOsCii3)X5?K__;O%SD2&~tJnG?WqoCR(jCxq8U
z%=WCE36zJtk@cnDD8fZeV7s{hPbM|B&xB+<dVW3B0%{KrHx4Os&BG+&q&v_82o#<)
zMDD+uq6*F2vGaQ4`<y^)MfGa+^Y~6}mwRVfsr$W+B#V+m3vQokms#mxl4@ke)and7
z50jS=Id05(RsnVt6h4TD?d6;5Z?Cfv$&v2gUFF+LcAD#UZgzzRm*^BK*>0^GR^$o3
zF_s>ui%&^Vw4Lr9BfV|j9=_UKU2cF|srJy(Fe`B4leY~0WX;jn9ODP#p?QM`xt)3#
zHz>n=u={x<Se7!05ECu}FO%Ta)B`7ri+^+RfgGInBQnj1<M>M}fYclzCsQqkDAG-P
zF{LU$2#FJd$WqYh=4!jnWizU{4SvS8BIb}Y6)8$~qkTKeP{QYkVyb7_KiW?ku>qYh
zS-=G`S5>H-b=BXA>J09_v61nEH+IaKxm_4KDf^HBh?~2aBlxKEcj2+|AK8-4nz^`m
zsg}2{C_mgrqZ1YBS1?OyLXqeS{~9|Y2LU;|PW4KU^oL!q-jIGH>s3!WHMwho!y$Mv
zY`X*vsC&cQE*g6)1o#fki#@!+b(U-U)ui8y32p`B8YaKaqS6Tuhm@iV@t6BPA)F=}
zN=}yc;0(vPl`_52i3r(M*W%UBQ;zsTkXwN9vV>9Amlh64=S8^l!jkRpdH@%b)@T|N
zE4>DVcuZ7#e0EBPYFAM>w*)%O!j&rvo727qs6igE0WzspEs<8M9gg`GlI*%%n}DYz
zn~*G*hvb_u+G1dui^o*5!J_|;RriNaWmeiC=+Yyvx7o0ZmrA~NqFqPt0BMC}UeJtL
zJRC<>nq_HRus`4>(tB;v8jo8aILU5OZ5ane4oX<2%v^ic8G^oq>kOH8;ret`xAmaI
zq9(TenOg=&`pz21r-Q$v&SHK-xTNEqYOgr0GScb?T|;Af<nD8ob~!av{+`4=>o{=p
z&LX98yF+&sf08355gRQ7*~$xw)Ppc1BU=%)FpeSFEc&7v`p$X5!!eqja3_&nxw$G?
zkIidH=;9bm19)L_GLz5<dUrHiM^&1RP{lX5d)F(sclo6djsxy@)34RPzL9@O^<<os
zyHqUuUA?^&QzEK@6zoswLkI{M$V4gC)kYabry~RB6=^U($`9k;<fs8<A;R?HLh39_
zL{?gGanWr7-jQJocwde6fHMVv4XBC(CBnMA^t%}%j$S=R7Z<$|7(9umS3iW%=IspS
zZhN_|FSp<qzS94C&Ohu2dgzT4M=?}gU<7e*`ehjAL<6vV6k(WjZg%v}=v_18vJOYq
z&Gg!*y?M=1l>;^7|B(~RjH{kB?>=iBLN$}~-*)jZFiJ@UsfFX=X0TI_NVT(a=D?&n
zbyS`PPbokG5?EQ6tJU9_j_uoh<9ivN@%lc!e)UtbQOJBXTShi`AUqa~A3PEOBJw2h
zz{dk{XpgY&$R+Yhc}Zg5p|Jsa*Flw^ksplN;8FKWat#$WfQx3?sP@}^W!jG;PRJQX
zHl6(*?kDqQB=<E$(<6IKfEW!5WBDFK?l0V9($LWjHXI(G#xlBbM)(R~cT@(T69sj^
z-)9Hq)Fso4&)#D%c`5#=G{mGPUnPh;C&lzykj^gLGJfUegr1~K8ieI?7<ISI`Lo#U
zcOS1;D5#kIA$h#sN=GnG;A6g2PK_QahQEFxf7M{7!b=tT4@MS#MHgMI`UhH?QoYcM
z<=tx$=AZ1}ZvOet%j%Pt=BHH%DN<u@iOnssxyAmQ<pRboL)RzSqN)HXVd9#5&5~)}
zad81?knPBkA$?UE9Eh+CpWRFO@rO@c{(pqGnplOt^^=#<ykT=9ec6rWx)v&5eYTdK
zhw6>8iizgcp6|pCE5wsktga|mx*K)Qf2>(oA>6Ru!I`~+m668@Fb9+x&V_?0_dV1;
z6(?zK8Sk7l$$q8(nUiY%9BY#cl!kaB%t)YxJ*}*1x9L4LQ0aiw@Ukc)(w7r=P{Pz8
zwaoIft6;U#;|?u_8TY&7Gc)i*iQY{7YE}J1Khk)1Wvb#mFIg+tU4>0vqi4r84DMl#
zC%{~LCR25l?SI~@|0>c8Sr2KbND2n+Q@5^G@<ZLbT7Ao}y%jQSs4_3}jd&_Hw_jYB
z(zu9!W7)70%F3kxC1_g)3O$*Xpf5e!B(hx96dTTjvF6;n4G?1aAfU-_41?GS^~@(u
zXAD>X_*=A!##rC(Uczz7xuao^*<STpx9{Lqdmo*)=c^k5JHrdaF+dKGgU?QSaAY5b
zGSK@}{%iP123>U%iSKT1^*w}VUR4t92xB}LW#E&{<BEZ$!@&L9%m^b8WSHC6NJCt=
zt7~+Ynrcyh+F|3;d>?diIQzqA+b^wFKW$kPs#84dI_)L;;1Zn2;ZEEp77V|r5KUKU
zd%O9^4C_wL3K%U=xfo)|stmt$3()_)YP*TyX{XU}&j<S}2`DR_#cU}rjCo~DM3Hz<
z$hPj^(#+=3*u5LcCU67M$MAZ*T1)<%*i{)+2W}KP5n*6#tWK0+83uSzzstuZ4lhRt
z-C835cUZscj$I~Gba9~!imnwTa8+XowPP)z0(U6SX>pw;DTT}+!-IHmAkTq3^j~sc
zX-&38ju+L5;slBgiNgJJbEB88MqB9JC`#jMm6h2Izu+_Frq$~IZEi$neSvUoPx;;^
z9((MC5C!!f?d)qZ1;|*&86mlddB&Ph#Bh3ed-|>@uv*!jxTwYp0)UPf8f#X+Ndwvm
z{n#?)KMs?eq-!Eg<O&oy1`Oh$CxH6`?%NE6&-d4t?}l5yf8$SYw|~pty`&WgDMfpc
zT*<S#U`-apz;Mc{CXC_WXcR29z9`>+2$u=FD^DGGas1Q;d_wkbH!#ZTpA0T#3=6E}
zWdOmvQ<Zos&Ub4Y;E8y$1-Pb{Kz)Ux_I$ge+boWw(bd~`&`Dfed@0$)-|zmmDJw>k
z;cH#pK7sE5-ZVJ^$gK6!!o|aa=edf-v&IEGnsTSFZzLxtCjt$yntbt6veEhb5jW0=
zTL^sBP9ajUd|5Xv8n3{wldy8G2w?1Q2~XIscH`>?CXqHb&D+)<*dapx2^$~7zN4Ux
zod8|eD)Itl6ITXg-HZ$_tH!lzpo6SeMiX^e{WM3y5l5;9odAlk-5Yvoq{I3cL0<Z4
zFYqFpRYh}{0?41Tok|B#2LiKJ1o#W#sEP2mz*%!NXv2fBjhP1z#Hu^^mKKBr#>hKc
zt$u70qE)YPB&gmhrH0-k5|6jdv=2%E&~_AhCBWl=qd9D!Ud;Mqc+=F!8hFXU_^JR@
zzb|cPrVwSGg74$}B|#Q)18Rk^fU%6gl8sE|kxw;KG`4tpct3nf1uoMlg_OsoR!-{^
z(U6-yrEVbLNA@6mMPx1@N!eJg>*|Q7UKbt0g^KZvq{bi^yO^{XJ*LJ4IvC3F1i*Ia
z6d1=qI-#=Gn9lv%OoGi}>4WqLp|TELG(-;S&UHDGnqld^#rZ<L<xBFj0`sOS%t7+i
zBrmuLxH#T~^v+mg>(|?Dv*XoULd0D4iyM3^KV<o<KvV!~OJ%I4DPxl+epVCqsCkiG
zki@fNVx#qzH_sOZ=^J@X_(!~c`oxkGqx<bteOslpH4QLu8IR03;@j}&!ShEPT}|!y
zi4$pD0%Hk+JP691sl^43)Kd?dq(rre1k{4HB)vvumLL5F43A7@E6EOCt-j{Jvgw)>
zKCh%`51K^?;c#i9=Z%bsMnUDHP5A83KYaGtkNl61*xe0$G|MQcn0SyoI1EKkn%Drk
zLWD_oE-u<$HJO5GSO4m{DMjsRMt|7(MQV!i>O;K?ix-i@0G7%;WzWb3-9TZkda->e
z4$?-5Yq=y}z-ef-L8-k29+dx(Jbj6?-uj))0WD`Be?9g(V>C3^m3PT{UR;3<Xl4&>
z&{s#^Z3LD1VMrpaF0R|D6*k&SVNXc{Q*NCg;pKbvZ-W=It)1xNx8$Yi%R@D^>4O<E
zyr0dV9;jQN^MA6Jr<GaeK@3Z!n!n&2daf4cdCII=C4lLW+M$c}2<TIwHENZZ*?W&8
za&%q(n&w-kJJd;>+Bq;Yk7|vhgxp=ptotl*1T13J^*o4Z3*x(!kif{kyD|&;=vIF3
z>%2WZrF|x1c_b8|`zJ9X@*zSvL^(>7U+%;1pINqQGv9A^XO(^5iEyhxF)1ndz}Ndx
zfe%^M_16I23GI83q+u*xeb&r&AO2$)sv^)w8B7o<x`jQQB#!vo!6eZfdnBHJ-kNhs
zl)V;dzS+j+C`<$xB5DM($OWcZ0fP#w6z`nLL5Q@En8%5!Zi%L9tz)R#XuYn2ixkC9
zeu$I<Q>DpCV}S8w|775~AVU%~h4FcKo2?F9#o8S!=dpTu^TodjftdP}&A~Tj9hyhO
zEUdx^DsrXtyr8d}&^bt-;Bp2-nWq)ynKYQJ(JfDM)d`A}H<nodsMRgt9E0slsx4WI
zSUWOR^w9NRbTvZDpHOAcNl-Qg#sY|?8I2}mpreYlhRPz(sQw;-Cklp;O%lODA|Y7p
zR}s_$y^*)CcXw0@HF;<{cgRl5NTOO&R>BgboFSNTFq6ejM!geUM(kgEu^9+)r8b2%
zY7$(kG$N<h3B9nwh*6XD%(|zA8Kdi+#(eA$8Imki;Lvh20Cj|E`I;p%9C<z{s>@5)
z|BC-M3VG*!Dfv}Y_aJlyddd^++Romw2YpiSm~x46xjyk6QqiG>lGB<@qhSMNx6O^<
ztb8njoKmI$Dk<v~!e`fPnYrwnZc0#8Kuv^M1vycaQ7NaB5~L3p86|Kv{P&<AMn`TE
z76rdUmLb?C5*EP+nT0SgDHLG9E~B}o+C-r&!`LY+YPc5#?5r5bb~a3IqoY5*xvsZl
zchHU({1#t<<<3+UT&!cC$}a>ffM3IO(7s^I_tBCJ2=RRuJ1#Y2y+oOvHtALmk@8!9
zv3qrQMY*?qXIH8=xksCpNWPZ9_+{0AEP&=KuQ=nWXTz$ooeOXc-=;a034dOb(8RrU
z1ysHwS+j=BkVFh(h4!j-7ighHqtd2L28t*`2|#86DV9UL(IdIJ{npe#;^)e)iC#-O
zh%^}1vzU5A<iz5rF4=4C<xleJm4LR@T6m3r@sfl%H6uS{?=H8Q3br4t|MbW+uGf9Y
z$VH-)egK(uNxZ2H{dUQZZKln2BaX=Jp(K2SI6}Gr%R%g!i*_;2y<~Prl6Qe88BYwg
zq@nfH6DfV2Tjt#z>B9O-00~etl84F>54Iz1caQ8yy^eL73mmqJ^Fbd7Y956*^k92`
z%gOMCBqD3Gc1b7gUM6oWagquydm_KJWGt}U<ptW^rdgQWP_r;KqFDvpSbI1-fhpIZ
zCDSrt73whCpt1jf15WM4!xwwO0lic61+&I-ufn$;R=`4`UC)V-G-q#TFq-$P-8Q**
zTuIBm(TiU;55d>Uap2@8RzL=|IwS0LI~1Lz$aZgiiaejEu9Je&@E8V<N(1c<o|j|=
zX;f(i&a|SySthWyz9dr}gj34Mri+U|o8OiRHPDJ`i_0_>0R1ygbO1ZxWQ;zi-D2gt
zYo)Hqsv|IY{cg4T;#!5nyp2SFQ()+1wP5}v_!R{YAq!;gSpmhqy)GmbSgVvZNyJ2c
zv#_8X19{QvHKEobN1AZwk%FdLrTJ8_#(~%>jq&j96w32)nTGgO5=fLgf^>8mbfPpJ
z1Z2Y#KJs3Q`${r_zNA;NjjjBo5~tgdAA4^%!b2tj-b=VpV%Z|<%@#bb4W|CfdqDZl
z>h3PNfw*Y4)z~7Pm6HV}9CN6?s9IMPRjik=Y*bP9`9aMCseZ85G|p1~@s^}O1`cx}
z%E1QUZw^qhSsBCI>=rsj=4Pqm!N%qJF_?oYLiKDCqqS)4XhBD1rH#4R>|s5VI+<8G
zzm1#N24^r$=8ENDn04HcYE<xg4n}1#J=TGGAk81Ag-Zw9%6@nR1!zPqAs8A8$-TC!
z&Q!1~s(zs+kto;&GMQQiRT^X%j1vFUmyAd3Df(<C#cm{#l_<zxu#oqA6~<KiBk9%W
zQ_1LnzjQMCb3D7+6dia3m62>SJXfpd*K#_c#_dH0$^SSruv*A5g%XhBnrI3>^wClu
zTrNEO{qOYhG=g0HAcw9d9PoqHiUqQZ{Oe*~>=y~YUoU-!X1f1h#Hc>~@8(^Wgi3_w
z@Q>^bK5f>a`C**?vI-InxMQIUQ?7(;v?f5jw$I1d9N1$%hNH2gJj1(Kk_CYxA4eiO
zB(5{AH#DYy;`ahT^7UnHRChH(b+r<e!A>JHm~w&yA#Rima^FgrzkA>5N{}&PO1@y!
zGOeL0rKCMDx{UTE%6<|>6-AmPe29Ca?Y<UMCw_$Vht2+VRa#BI6Y%Vu3q2B>^vE-_
zXGNX>DPr5hG(ZtG$^16j;z{y7%Y7eu^D3hhMj^P?arxf2)@Q8TBRx7IkUMeQxmH_2
z2@47&PoP0DJW=!7i0&za%PLC(VZ0<g34%u0f;5^=j#{I#rqD*L+x)Qo?Ym2L(1O6=
z%Mr!KAY_q>gGcUbDH>kNV|HT9n}aWHQm(oRON$hqQIQbZMIAHv|M6NVwqU6V)n2wQ
z5`azw5NEA$fiwf19KA4y2sILTl)iKT(;3r}3}I#M=LM170tXYaQw|XP(R#0`@>#kr
zAU4q6LSWiW2JWcWrS96exHvLEgQcKVr#VelYr!t%2Ps|*I2;`lsy)GLTJ=E#RxC_s
z*;@ztF<Lp8P*Au4WKqIIBy<$$iBCP44xLtH2l_z!Ll`CMTKimQ^}tz?L58jr0nBi4
zI<6;l9#+W^f8!B8XRY#U<zc|`pbvU*x=J1I2ypQd=e0+GjtYQyI1dH*QAJU$CaXK>
zS85A7(uN7wO|eG35^0XC#NknQkg<VkVEARDkZPfcY%KUSeXU!Yr08>Bu8usF04d$q
z--(>m@na9F{wxY%TJH?<<K&tEU3R6+bPCOt6NG$F<(hB;4mYmsOr4b-YeLwOo(tM*
zpo1NZ?6J-RgbEXm?}%6h(e=mgeB~Ar9El;w2?568vmfs~oof3(BkE`OQk+9s;e&O9
zMM3seXPVhdoGvI)Ly`sw1Tp05$G~D)#P<?YriEmmP=I4Vst@-TFW0CP^_4|-k(QF&
zfBbxsK$kt7VAhkeK^&V=4H~iaP}xIM%&_618DpJ>iC0yu42VTA>yO;mlSK^c;rNZo
zBBd}7po+#S;6N>)IU<cLq+Bc|DFo-yd-b$|)I%k<9=(pPG4G-cpmY$+M8KP%(IH;)
z@X`4KIN?Im?XmOOP2>O--j!==?dm#Cye%whQtnV%$=)GW#oLCr9Y3nNr?Xa%k9e6m
zp%tV^a{Z;5BPTYi=Jc_c-CMv1@n#5d4I-_O!n)ma$~rt@`ErX0Tpq?k3|7K8JdFW$
zL=(`KOFueBiLWTc#UZRfF%GddI=0|Fwq_TGrkB8X57HFxd&pd<nqA{>n5AMXDSs6K
zZGa{oZ?LcyG6KD)qK3fD*vttLk*%Q>p(ap>@<5^I!bu4Wh)Z8zeAcmWaWG14$9F@E
z6f<?oBJDNg7?WIDM`Ub){{)suX&DCO>SkZ4KInS8dNbc{uJChyeFyBHfY0#2AygwF
z@%-+U9IrnAWZ~l;&T7h+dHANNg3;<m5~a7~iY6&X)qF+lQ+@jGT30|TSQxxTU_+3u
z_^AKH_$2JryMvIC*(RL|GBv1zyK8cChDrO444rC3BA*~p>~*gtnGef1!82isCmfC)
zH@xli=ID0Hh|59O0vPH&;XCQV>?U-;*H93(pb}MGVRf~eaLOZfgpE2QXanI7<YY0p
z74hq9-@3>&A*{AiYN|?a_u6-Nmxd&to^isxQ`4dfqaBh~+iFnTy@y-TqGSvx^7BvR
z&x0Xq3ONLp(p|qLkh^C`tt9qG9UE-(8e$LQ!PWa^w6r&6T*x^g9}ks0q3qqVk#57V
z3B{W-UnC)}U!rVwfX^LRwU|wt@yEJjrNv|DRp8-+D1=Nr@(FcmaU=D*GiC_Q$9!BQ
zmNmi8W~B!5SD!P;b2!-K9~jAU5;b(Tgn6MVp=J!|aF2vIbpj4<9L#U?Vhr!@>tNe2
zU~cu{S|hlXB66GWj=w{^1p1ThZ%VoduL#7*gyLY|Z^N;}?)9E?k{HQP5k8J2gk0;C
z!2b_>t%-N3bm;1rOgVlNfbrbTHDcE!@}k}hZZl>)`{X(FQ;n?RrNNJQeq5*bMgj<o
z09A_ukK;8!rACU7%h<^^Q{Gtm{R;8@qx_J3Kyd(SJf|pM1M9(}y``Kw;Uj@gy^!DK
zF;%9cQ*VM7^s1H<O(*vnPnAzmvC@pE4lt_MK7K8CoIN4+=qMZuiiZ8F2gT9OY^$1*
zL)aaZhaC_%76lKELt%}<y-4(gl}6+qidQd%8!Aa^sWCse%Vuso`4k>+F-f+hY5`{g
z3kI=aC(&-|T(Mp%HfV<42Yw3mLSoS3rP5_pT0)PRvMPfcwW>Q`RwdCEfL?g&BTrpc
zrGhI?3ii~HD^V;5OG;6vsBB!ab#;o)1C&)^ry)@xCm=`AgT_gJN0i83S(T(yfplv2
z+Bj7JjwhhvwpUb1=86}_#HkvE>u7CpHRQ{_K+UO)_yLJ9VG0gMJOV06))#_CyF2=^
zS@jkyrk|#yGzL^@AsJR9A<V(2LRxr4x4%4_2qp<bsnY7&Xwk^=C?pKmcf9=FS`1hC
z0QA4UmVY#M5mt@M9_ifZx!pTO7OBiCRfBemF$u*u^25Q`NhT=S*`DK)rfn<*b@|zU
zL&n$?)OrJ%&ic)EQ>yc$v89$&hb7T$530T5s~ZtoA#xNih8rf}T*wQRFn@D>(N{Zl
zV##2|{4HZx#~{jQN0@rEbB&)W#v7trBw+vv3BjRIm~AvHRu$`g)~&^hDt-6M`f~F#
zS@P<4a)$2qn9F$-5Q5SUP3msl?$)=Rfx|^~cC}tS8Kl!<-K8!Z5qU>ll(^QC`DjNk
zf%uF}V2Z^MbWQ{`WJd1+`bcBi4^d%MGVvU;9#bs)u49m~Aa2of%E)R}+X-4zp(}49
z#7F<w$E*w@#j@3ulF`j+6F`gJdP-BFESc~sd(LNvnQvlwvSgDO7gp|tDDhHtk!99v
zuvN7?oBxr-!KjqziUOM#=umXB45Um0PCF_g>sEhAjg`qK^ZL-)_w@739OG{h6e%^|
zIhd$)JU_<|B;c94SW`J1?e|YJum~BwVNR%zQ@n)HA2XsNQ_8H^BXj>Cofuh`pXh30
zEwupFI`yhHB>bx6|Mm7wwG)QI*xYEahCorNrJIL!1+Ez|Eh#R_9T~*`k~1&W#>mmp
zIt4^xMMD=z(yJaqEEN9G3ZFN2TqNpsOYI;U%hPW1r|r52mNLb(_Lu_7_#JlrL6(j5
zDA8eGoH>GT!G@CcAr5^3ciZ&=N<>4ZhlZujpE<e*O7as(1c;)Nv<}bZ9B-r~f`{b6
zL%FlG5&BTTi%+Eu$9KTq7NNKddM~s{mBv5S@6yGE=@NPY{Kk|x-@W@I4G{9EKNdoT
zvX_6Z%jy=4*B|%0;*Z?5+U@`NzdL_lh3GvfD^hTq((L~KC|=#IoTi_eM^0Yp{{kwi
zxVhVuuD@QZUvx?Wk}nfFaECMi_~Ik-MHr{<9g}aP7K?r>p%!u`Y6vzf67C~K+ib3V
z()L5%1=UB>uSj=~8XhhnM(ODq(2u|x1@Rih=q7L=gi)S*ex$q`y?ai0-K_79phH3}
z)D-Os+F?mjIo?(uPOX615mmN=WgA>bhLhCK(F`z@xF8Q2KEWf!EtTac%xq}&6j#L=
z0*LR6-7b5ltEm13d9N7tME8jIT-3Z$#3v-M?A28f6L_S3=9=QX6SgL|L!@+2H5D!@
z<-lpu#I)057}K>SQ-}3E)z-7AWa_qwa;~ssLna}R5?sECK>h)Bzph4xG*lPEujCd{
z%r{a~R`X<lNr5diOCjiyLqYH1BP&S10#~{iH=XAZ-fVvuH6d9B`yi)!_m0U19W*73
za9t!NY#fP~M-E4-6(>DH4A0VLz_=)wp`a36FQJ&i@$g=tWdE|y-l(C_re+Ko{8~J%
zF^Jx*U`;e~kH-sOj0F{P;LU-e%vFN;;4W#0v0BxM<R-6`w4^c`FwAwe+o`f`5F+3w
z^3#IarX=6#@a^1l2{A|e0z6-cJU=Hl84!9&Q|v`)f#>NZHmbe%6?OH})k^vDSy}^t
zIZ(%Ae>S-D;W+@|G0FrHBkPPb>Vb{~vddI3SN4?r4=@Q{6Z==&2<NjN)mN{HBJ)YL
z+84Wx$^&6)AT)}=xk!W#(x`y(_*D*rj>Bz)#ZzS?m`EHvoj{}_m`C{O`&wS&GE#Ep
z*Ru$YMj>k|W&^n)?~WqToSACo4|a3<WA^s1m8p7VqO>vRTD5zF36B&qzpvS=YrSD*
zO#%K(ap{IqUOp7=oMv-3a>CW{%Jr+=R!WCZv6K*YNKJ#9CrkEq=epJSjjGxK78{%6
zGpK9XBi#*Ub`CL|)k?)sS1S|4S*=L=(I?h-)!P@6b1eJ9S0@pd3>W2Vk9rAloRN#?
z5&tdFD0+9aeHuo^+*DPz7J=BhyG0HLQt>IMAW4=SKRE~#G_rSJ`{HJ>j!lCrzC@V^
z*j;w(o4dVKfy0*`#KL0^|0cOW4CCQV>Yz0PIULWZ2W{^To()-c$5@}gBU_7b2e~T1
zL{MOJ7}h(BAky+I(&7vP0EHgCtrIE<?)SnX4R{n6dBUoQ;J}wMO9%JJAf40LIdK>l
zpi$r^LqYMgL@+7M(iM>rG1gGnQ3OT(Y<!S8nOt!FQ~Djf25~}rJ2$9zXnRjqDlSPi
zihmm!OP%!2noPCJj?rRBN~)A_0)sz7m+%EF-CVW%Ll0{YIvSqwS=Z5TE?z69Ju+nB
z1tWnz=H#SsuKloFe&8>g4l~enSZsfyc<?3i8}R<_RM68AzCL!v4a&DXpOQ=@JkFAL
z8%v!yeMv2yp7pKA%^sw~S%Hb@nlRy4@<U`rsQ$nwV2ksD+LPHQW!4;?T7>$d3=P80
zkw!of0op4hR1HC@VvJ_F`;gB8l>z8giJPl;M`sltfA6lk!p<DN7pMuYR*#}DNcb=m
zvxtqO@u){c<lHVl0J4z47eSYY+ZBwHaw+omK>LAYr5~{zjvhsRO#wLkx3Fy!i>UQ6
zY>et7t$dEWP&AQ$qr9bU@}J0G9!}lS&v|i4blj)Bha^mv#*=$`vng2TL+V*FXAxxK
za%f%MS|%!~dZDDv#l>F`ZAv{;?(;||!<c^AwI_XQ?pxXqsvxptij;W=KGyXO;8B<)
z{7k|OUvQOsc?h1-Cm7s%g+#0anG?oNsVw`KmoNU`H|uY|`0-EQ{5U|M2+OC6n3HbU
z3AOatK0Cw?Ez(Z^W@=8l1rSu~!^Kft-~nKj>g*=kAnR2}YN#}fgeAk{@>YIs;4F^6
z)<44?!~~MP4vQ(#WGK!d=?#eqvFGJV^OE-aZlXVt%XJFpNl2O(NLlDoil@T?DOS5}
zN%ywqZE_-{&n>B`>)lWbmjGk+YDcwNBsLkK;D!imV~dxW4!G;SFzb|5lIqU^N|gGI
zCcrexV=-v1n$%hs=>=<vw)Q%=Ec?8tW%v#GvbZX-@|kDyJ*W|bwI51$UiXIfofD(%
zI+s;_yWYRv)FNM@F)0%oDkS$5oz*Bd)jdsFq7e;Vq~Hxgl!~Fn9<7KqRo82ge7pqm
zfr$D7Ih8rt_mT@Ue*3aUy1UJ**KI3t9K%8dMOsh*WXb7w=X&$TUW)_W1gx|p?Zp|#
zcA=OdAR9%BICgXM?*1zAStRrummUBWG;q+Hbu2kDcAd9N)F6^c2qaeSXXHeZQS6eF
zeC%d7?Hw46W>OIYC;1gkAF>+9VQU?^PksD!`A69&ik~3*!34Wy%>ozs*Lqcz2vOk2
zPTY_`HncDWRUd*huA$XNiYa~gtn&kP5msuKcy`H%s^aT3M9HQ8mxZp}s6+=|B${P`
zni4}peN#gCE(+wtx8@=tD9~+1=_ed}E<SxbYrO^J={2Dj`*sHpl3nfzVd@w{kQgo-
zAEHvb+z)S+_Zr(qE7`Ogcbhmt$X40ClhfkG^{qNo#tw^tu?qnSiCNT;b9|Vh#S3$<
zub9^8Hi!jv=vjc&E&=EfMM5TT*kNO>cnv%CgU~FW+@+MQfnEcahHp@FLv_i}R_Sj@
zcDKY{8M?QV!*!tAWSGPyeoCRxVQFd`Hqzdq;hVp`o1Tk<ms7ylNvIt}9iqy23^uws
z8Ke@KxPkU*WAq>~NRgq&R{{kr3=cu2yQ-eCpc3DJQX8cb296BJTi}KeMZ#KQQI%>n
zR_atVKpWj7wFgccBnQDymRCmEQz~J%`+*?XZFD1Zx{K7*T3Y?h4HVu|Xq7JI@Df4V
zkM{{rD|w*H9*^wf8M-2AS~wT^G=Q0t9(NUB5bwj?jU2ihWj={&Q12kgoSI|8?(8Ey
z3DvXOMT#1y3|0!*zzXG{zf!L;=FmR4=NV-vZ2CT9Be}gYINc-#^#mI|SARaBKb0yL
zLs=&1(ohTTqw>tifSyEiRdog<(Q;H2!W^NLUIucc?OnYRSq&mC&-sM!b%kaM)pzdI
z{1??j02+2^ZN7-F;Z0^)G8<J{6DN>jk*d&H1F`BX+_<|Hl`1C{OoXILQsSj_vmuIF
zE*{bPY6zq}s$Ex!Wgyn3(xfpn5VXV#FlK-;XC+iHV$3m?#xCGDsX^Z(lse}dBAU=7
zSpJmGj>LN>-+%~2=f<fiY*h)X?OvmE3el6%yS*%gXn-Vam%vmh0zwaA_qJxXI&agz
zLf&zGy%j*G;f{j)#&y`pVdj?!1-<R-diNcBU(o+7E5MJTQGvDE3rWL>bBzD~E%KH~
z=l^wNSAMs-<g_IK`$JZKp_wU1=KpVsS@6)w0yNi!uA2nNm`bpQs<7D(iG9E8Dy`<_
z?e4C)4eL#%N-?^SwpBq)oi7)o(lHLzGaN8IzYhrJ5-xJ2I6OD7-&w_-neHwr+cY7A
zuw7U3;sHEBfb;286r!_uwU;2=82xkJ+w<=vq-#?&3ds-j+wXzESjz2KJ8G<dy1Ti=
zFJguoc(<H9B{n<^d6o7J4d*G*(^TDtu($0*PJ0j#!oL+IxGNmL?w(kDROFq@Vni~p
z(fkl4w^GZOqEb}3@(CNk{zqt77Gw98XMWlj&8<-g$)lY8QY@CG0{Wk&;`2iY7I-s(
zY-}=WF_Qp>j*l5IetWZV`Ub_ZF9huuI9k0r@bE3M*|D*XeZk&-!WY8!3prH~UASBL
z3U-!6H-~+&w~u{+xVendtxU2WB(ME|M<Rj8riyVSqkdy%jNYx@uXh|HKC<<{KGepT
zR(LvGC-Ef}p{s`Q64w~8O5L@3JTd}?t^k$;+&;)VtH-xDH9ZZ)u7|Dg_Vu>hdxvK=
z*W{>#?0rw*v;rw1<Dd&wGH)c*Ky-z7hZI8Eb$C<rkr=>9v4xz{Grz3M>=tTWJP|jq
zD`2a<5qmbegv#Si3MFu2u$$3%0Dh1)($RP9t8``ej8e3^&>;^I+{J~ELhY6$q%s^h
zG~Cpf!eXVUfm-jxPXHPLqSS&zic~cm5W}(JKGhQ)c9Zd1ICGec*v~E*a4DKwt-YJE
zd5z-w8l-thQ13<giwye0k6=?07bOoKj!F+cN3FjY^<$!~1GS(M&R9yf`qaMmFacXd
zsAoOeVQkzF7C>YdALlh`QkkTwqp(Pj=g<eyd!kt+`YT@A2T>d(uDJN6Zr<szlzOcj
zi@WA(vsV?1Y#Ttr0>%_y8)Y_}9FaJ<tNAYJdzLHQli!V3rPoN-Nr4Bvl$@g|C~%7*
znn&*Ky|}5O>%MHu))@#M^cpcVa|E`jiNj)71KzU^`NC?Yf=*rIzZXE~Sg_YvGe&I&
zj95$ES3E%y9?@$e=_ZDD-z<LJuU_9>|Evq?^<FRhysH%%SX5q~t6WPqEVvD+q7soc
z-K7VVW+~ssp?p!BKy~3SH#gPpKS);U8Uvf8qo@}t!oVRxo*M6zt=4id>~`vmY*&|$
zBh{3<mPwYS3t3GK_NOQkNo5yR;sL)g3z3Sb1O;5z$1MSkUeD;XgQyRXqXv~aI(j46
za}a@GLy?Arxg?>ji7beQDzjtV*JcSGd_b)jyAZ^|!-DQjR;@pkD6ar_t35+mI>0bg
zhyxDOJG#2xyR5D@;COt}KyN5)A_cWoh>Y|YsA9?Sq=+$*MeMBJ9nbipR%}l94dS@Y
z9jRK6Ih|08T}||;_h+F?>)_x9h@ZvifP4m+uyM!rtO5q1ahoYO#GHre;0yRolN8Ts
zNR~FdwC2P+eKcY>Dx_XFHlZJu9`b^<X4H4u*hGqK^CXyc?#Pn^0e=ZeDMHb}Ijz5S
zhaX(MG3stMgX1&9|57p<Px1e-a{NSi4gzRfvDNg6cKYxng#H{qr-~y{3dl3N!_&>e
zm0fW(@TYp#UtJYqTl-j`AjRLLrvH@A6}gX~AZQ9piVO7a+|H498R7Vl3Loq-F*!PO
z-}MAZE1QWoF<NchD$$^H%hl@CAR$EaxsYlxx)EJrY{mU@`W#_2k(^loLda{VP&o11
zZX9qkQfEsqUTMA6Cl6Fp+)fx-6inXkM8|A3Q*a-6U+UDsoF>8Qh-TV<6QIdGNRvjh
zEvV{PCJA0ir^+*<Wf>%^9!(Q@1qrsjW0Cw>{XAu5BqhYy33x`%k+QP6yk`t)m4S-n
zI8X8n%#K+Z8zXcLyhXQJ{<{_o^lAkNdbL`wNs~%8OI29kA@`aTYY%ExDC5)`n0r62
zm!<C~*b4L+%4RUcFh6TOJbj(*U+1{puYJIwuKS#E-{cg8y~PkeiV_V{_?gQR{#X*u
zjs7w5mQ+ooAUin;D^%*FCOktxsl-Yo&Sin4w%CCVK`K9z>;Z|_ioa01uM)hkmjeB=
zQMc-sqEaBqb)m~6@DWTg3J@d(tRO+I@LPksTIEy{<c6gY&Eo6lgmoK20=8)hz*5@=
zWv+;wC<yg5fNKG(2MT8Vq*%k<6ab6J>7;RW-%d#1y#3;$d3%!tq8fK`VE}e&54(XB
ziYQRwNX>k8S$S`q_y-C}qPD_*FTW^05E>R`1eg-=!7OG#eEKk$dfeBK3)zxpbuJ+$
z3@R##d&21~qN;btvwlmc2=7?;c?8E#+n58Cg8Q$ro|w=?NUc#q@pv8CQzXwMh)On0
zrMqAxasT5KGj}M6BF~NO!GZlJMUV);d4cPQaMSwrkpVKTO0P3&8~~FR0Cprw2(z6B
z4l0iT`<tt3Ezi%Alvm|Nae`YKZ*M9g8$7E@6dY+pGs%#N$Rxk2$hKv-WV=_qg*=Ru
z10QG}kT;+^cBVRa%{9x_?<LlyvJfbuBFx#K1<?W=Dbp%jbi7+$sGq;w)RmYe+G164
zRGCO(WG>(qBtq&JNwboU+&%LhH|n%=eaBGndT4uKcm-8OwOpT~1Gf9BGwP<fw+_~R
zj9-=74IXf8W?Cw$=<k}{v1sk9&mS!QXms(r4%Xmzo1D{kFSWYgv5}QmQ}>amEp<5n
z7}W@6GRJiOe0$4G4?Qz(|G3-ULiM0MS7ifop_T&J0sI$^mw-JNm#SK3$8I-zvRKM+
z<!tYE&@ofco19p<JS7QTJVsjMm|8Gq$n_lUaYJwtRT`<|!&DmAQk#~_6V&sutr^@q
z(`kIisu%m}hPSJA?P9P~?x(7RN)aQ%zS`b$_QZOl6WeUvVQT<bCm{Xv7@{UO6{5v{
zgU@b_e@<%%UJ)*JW6C~MIiA!9YfWfc<LJnmR-v?~#jGElJF%{>b*_ab<GxQxMyZ7^
zf|2qd7(<j6huzDO0<@hX>0q%bAluXpmSw9d=KSH){^8O+*?dm6c5lkEmB(2BJt`=(
z7y=C~Y!bl5QPJ}@p|TI1SryDyaR|N$=1ZKN#_uzXTP;O%W)u>Ja?8Q(i=Rr$HBF0h
zcyiXcNN&;N0Nuf|g$fT~73>HPH&+)ePC4cd2FICSn*(tS!79#baGd~(2x)R0^~G_0
zt*e_Ko46lD22{I$|MY)+Zm1^?CSKBRWlb88r7}Hc<yU`{B5DVgr~=?>0Fq#v-g}hB
zwWLO#m?IZ}*IN0h<RrwRaHxTn{{QTK3w&fnm3J!&tBbBL1O;V4Ktu`YPIsp>0+N}@
zFp-(bm}G{R(DXA2lcYm;Co_X0paP1hfcQdKVHX!4?5C_C`01j!E~4NEf+*;sz=|u2
zy7)jvm*xAPbN+Svb|rU`&I5*3eoX#-?>$v@>eTzxsZ-+25$7D8oC2Cz%Dy8shs=)U
zw&hFN$^`VyoJgoWBn+0yc^p~8fecJBXP>b!N~sC6Y6IbIHc`&NL2<DY`#8>1lsD~&
zC!__s8L;F!l_|niBDU=E*!Xf|qa%<kC+D-L4`*BLWzkNSu}`4dJXvD<RcsY!;_7<a
z6d$(Z(M$+)cAP$3J2Ey>@7X$>!z8{mSNmuvw&TcL4)a4?f8A*+g9YsOqSu1ZFuTdL
zV}}s7Ah>K$uEH`4RD7M5$AI-xarIc8JNbu3S{Pg7nGc8FSqB_fD(5=jL_u$emg<bM
zoKL(>JKgFps1p~IiJ@#JkJ+*mRkk#og-X6w8P_wkl9D(&lzURtIH4&Dx!4Mh>dNr-
z2m??tV>RJP1wo)DAA)!mr$7UB^r&VH(&Rufp3KSRPO`aOsv>P|#U&V{mGd3Rc39~Y
z(VaAtINk!^Z@%vXF%rT%sB^H0wsT-o<T%ikNx-9Xq6412I%M;?nPhJ9CdP7`OQBfB
z3yU}q#yw%>66`(2gI0sU#fkH^+hEsS85_ezY;k(A5!;{+c<u#nFki;@AzXPSaOD~n
z9$M69LNJ^0d?AJHi&7`fsX;jmU$|l8c`Xbvn;*q;Ik0**NlzP>F#2=J9a^q0)V-;h
z+b@AP4){Org6A@Lnr$y-<l;(EJcPZmLT(t+;NMMrp+1%Ojc7Z<=5yB!g)r-o0Lvd7
ziYOG?OKG^8k6RxgF@|eYQkEa7vfL7%lr>0jcMDXGIUK@+lQ6XO64X$7cZ=2vyNkot
zE#?a(fyrHP?qXW)u!b#li5jSB6xQzvZ+d#WOX9{EIyuQ8Os&N)+3ya#W`)j_LxWks
zpocqA;V}V+VPpp3KD!=e93Dq;ut+i~lUA{z$&J@x>ss2%HJRO=)L$y=C6by;>3Z^$
z@G(@Cd*R_ws-!&?mTqhDTYI+9g`^0=z6!cn95!v-jMR{p<_LM0{W4q+Y}YZUH|Y_`
zrfD9G%Y#Fre#&^4EHP)1MfbX8`!tl~a(Mx|v#=sh3J!7D&AU#Z*sKl&3e9yO&?aI{
zSx&PRO{O8`A^aKRzXYyaf!{6cwfM?I1U295F2VVfpzDD#lEI40YC;!&SUremR!o+y
z8VJ`%3wK@RQJi1Rf(9LP9t%_0;=uL=H@v~D8ygMos}*iYx<MXQl+DAO?6$%r#!mic
z;U-)U2;q1DPW^Y3(;3)}$)Uh$RF3_*G<VEO<GBKMlyjKbV0Wd3<}Sx}MT4=O`WrOo
zaOH0_)9r?R%If}~L%VJCyNUUZGMQ2#7tgoDsecYSFdoM6N13L1OFTZfroX3qRknBi
z>OQ!vftS<~ISGgPb45%Wal|u^OJA_b19P!Vmu;MRO@h-P3=x>872(_iZpCq@E7k^8
zdxWMLc8+iol7RXfrfnS<7@8=gb=V149dhD{?ke2_NITXZtOjRT;0F^Us1D(qynxM9
zXc5`h$X9E}#?12Nz2eBRxi5r6M87ZO#)(ufZ0J^T2{1wh{hqxZn;64KXzegULD69(
z;7j@#a0Ew3IIfB<Fz8pI|AN}KDHXSMVl~($5gt$^evHNzzhhiEr_}-aPZ;y)Z8Bn4
z1Sx~p#`SSgTLqrgL8eg5V~PcXUmS~ahGNs|2Ctiv(Gi8YxwNfopbjteg`-N_I`D-2
zCJImvz(FNkpyDn$ZfDHF!^4cO1+a9%&P7gaF>$YunDI?>EpVVZtQ0RkljAkqnzKx-
z4y)tK_FcK}GAK;=^)(HrW6k?bQnh@$^=SvCVPFks-LUtFm*L+i0S#u;dA37GIufs2
zhCj{q2|F%LMJ@Fvd=y{HO|CT2fvK%chbl3W7ux|`QE4@eRS+kz!*|cKezA_>au6Iw
zDPp%B_9AL4+?24bVS`~-lUu$#NDfB>EIC&fk=Cr2NzOE2#XF}p^+cknA;XeybX0a1
zy2M$(^aY}9!AZO%Hs2CBwNNT_6&sUZ*0#)`R_@-SnAmldoMHhXabBv_QBI-DP~8-o
zd+;?VSefSFMx`c+NKyE0Ti%({79Kd;+DtD5%T~-#+uGKNmT03s1kK+yxuzEHN(6qF
zu!~W~K?f{CyP!X6O5aI3X!V@hB4s#2RgILTjB7p{DbLh{Q467&nXPk7mM{r{4JY;*
zp=J?p4$72vj;0!%NBSaX+Li?s8Y%!eGpIVosP1RlPGuU$MPU*RPp5F$gqy^4Z9J_5
z3NNbT$--o{iWNfEiUJh^mq5d^I0YlEB>avSLg#*@8sLzP-@^wyFG3^48mySc4a1pK
zLig#L5^GE&7p?teoY6Ta?Ay(PuE!z@Lj&rZc#E7+k%I$}C3F=<WTc~<h(oFcOk0Dm
zZhQ*4=yOXdr~X-h0?U#wCJMM@GF^aiD7;3?IX^FXnUX8#GxlZL-9Z~8caO*=7kK8P
zPdL<`dOj?Ax;qR?@Ozrf;0|$kbrM&GGF6$rjWJiZE9m_pdEBrFFU6$<JPX34PCV8j
zR&5ILkn%27+>)zewlkdIMFiur^uPt071gpK9<+5i=UncD7dzaFhb9F>4D5?G6E=Fv
z8FWy%NC<sPR#pZ3O?KvCzm7jsbupi6!=d~!Jc|cl{6TtXy$RHsE*w*qTe__yk5q59
z6m>42z-a_*f5RmllpKwTCdY_$4JPEJV%LDcDx5<|U?3@AK_cA)tR1r$aL|3@xQC7<
zGVH+kPwO|<QAHf)Mg`k$2v-J7P)_WK^M*L=^gB}U#DQZ9acAaac}9<ujJVLujU5}r
z8tBN$T-7cG$4nUK?Qt-t3zn=fCX+jyX6QvMG_T;*&|06RhLAh4GpcURije}=<6yG`
zhdDZN-zi-Ap<xvoy=$OeO$ssmCt!w~v_o!zt*~~IAs?e=l067|@lGWjN5{BMzft<I
z0~G_!0{pv)OCr42CK0+ePo_L`86o@$DsIDRFJpfW^ZHWSxqfKf01ldL9D~PxUkS_S
zb{;56TRfUkpT8EIyug!3vYdk><gR=Mx6InEW>6X6DZn3oFlpqBp(ByT;XmvOmE>01
z4E7+Kh-Ho$nqH!xP}BRCtj3#8$i@q}01ZB!@_9IA!MscRn6A*B$#UaTTiZ%lZ^Hx8
zczxDm1W^2-Q$Xi}J_!50`qU#2y_m`3+_IiI>XMylz3NWtWEsm)oTW*Kj|g;RK{toC
zRUeMGH`4CJWqSG!ni{A;lMogz5=_C?27M#Hx%Md)I^sU71oqfM_gR^nM=W1((-mf+
zaKQz)d@y28b&Bgv*)W-zc-rVEH(bdTF*DzNWje&T+>;^OjMFqILEDwvYSK9znZPL=
zTswwg&^W{WDY!Es*<O;f;zhZ-%O`3~E}Cw!2_l)6rUh_(+i)1vQ=DJ%>#0qQZA%$<
z*QiZ_OoZ*?nw1TuVN=8ADn*JqSxjRT!bTj-x1n_OYqw25y)A3{_(7vI{h-DT6GE9?
zHnbtrDoY%lSYdP$S~yG(v&9je%XAfC<O$bHX&5GB-YA;qCK^|Jro{%EFSSt8iYq4-
zv^BUYT+9?oaO#BHG;!#l97nz|Qitbdt+paH4?<&sA|cdllC<=|$#k3_Ey5{t1}90W
zz)9OqtoB`Aa?|H~p5t1SkX^r;%i&@K41@VR4m;-M_Ha%)=G&Z7$y6qV?P{3WV0I)I
zBe&d~x^ex(%uNbbwbQlmK|9hiOm2`qq(fWLL^g0q1Xs&A`-?+gaE5~e#x}L;wBu<i
zL0O$*%K>{Da-_SqZ7g3AkGfE8>(BMDkDM-5U9_*7wxnst#aP&M#<_GHo5x9vK&W9g
zuUwyQDaKP6t8rEar%-XQ4GE#)l;JD^7MO*ObXiV+qT+fqQcgk3?V7H_ifXx`>LQYY
zetf^#n{gsh6jwBHSS`Q-Kw{dmcE)C`?N=(MOjtCfs9R)$5)39KDJYsY*RYb7{U5oz
zskAkvdqMG}e8E;L)NV4!KveDU^UwtqdpmsoV!n$S*G%GSbjYVb({=KlBekqt<B^pG
zu^VpSAP<*H!>SWS0E4>lj;&1Zrr*Dza@C7!?Y`Op!1!9(6hm7BmuL^Tx&`h-+A*aq
zi9v2tXWQt>5fK+G7CsP;SSmN_Xjf20Q$r(Tqa$<%9p3^sb=jfON?teHb8^ugcH3b@
zf}2$3e!b9lOEVm)Z0)n+W9Lhvl}))?Wpv8lJfH=SE>5<~SE3z;__b^i_U_uTm9i7V
z#cD=Y7m_k0lZ3x4oa@BR0pdk1k9`fd>e+6@$uZnzh2Xdz1s<d2wp#eq=oIVDIR)=1
zjh54W`IF&6-FkXNg@sqV2<PPR2T{zxpKJ?J#iho=2R-(c;1(haukl!h!Th8>jpMws
zjK;Y)t(ak&7C5zeYV*uITyjlamX@3-uO=oilh6ge_?p%8-ry?(WlIuEO<c>A5U-U%
zHiPDuDA(X+EjM1lD#bY#hXq3(M=#)~2;C>t9U3Y;f0m}+w%v(i)F1>ae9Q*1gec_O
zbGX|xV5rffOCy!;QN)TP((P!LNw|r?QS8Q&utA*$wM_sp$HZY29E8Izh4|PFqTYUM
z(%P{=na4Au6|A~-wT^D3usJs*?88GSHb&uQq!V0~>A7R}cGS7jb^>_ZI1f)|DJ(T|
zFdr&*$RR(}db!ZDnvh-Fcp7sx=q>9qS?kv>C}WI>^JHj7a87oMxSN0(7_Q#z#4*7_
z5mwj`=5(?{gPtIV85z3Wk=!^sOPt@sq)eamFrOnc0-U^&UHE!^v}80kbK4$^NFE!f
zS!dKC7oKXPf`P}Zh7@w*C<Et!7z|Pvrc5EzNUWoMZKWcO0RX22B9%dmdu#De4RPb`
z(m;Z9UD6k&A(VCu;P`<G+4xMAtv6>4B##wA6+^hp;+#N4`LYnXy>3}k0oXhk=V)AE
zi?SH2hoa?eX8sPeA=*1UcR(l(Cw63jRyB*o|KZL8)k{5;I0j0+)cA1h*UXmL0qF%{
zZz2U5k=anp>VU%*X$LgLto3~P@>QZtTdbVIG3iWcNJCttB(U98!?ZL~PEE;MOPohj
zZK_<hj_txSc6!&~EijX(EmAfQN1X{3VuOXq9>U`U#yN{4iWxbHLm0-1v~_3!e8Y;x
zN?UsMV3rSOZ%uPX>BaortYD{FIneWc(8_4RK{+FJT|zZ|4A&BD-ZVP&5T()R?JMCv
zT?Ur$KMW{w_=ArpI<O`dcSD6a?t3@MOSxU-mPyV3oc7DQGM%_3IbKd>l5oD6bXm~-
zvZZIVg-M}JUps4<!(xnt@NsH717#@;GjMAx&QR;Dz}5#z8HMC7v3f^`_KCePPnC{o
z4c@~tSOzR9aGfkTy#sXmaQ=a9pnQ9x9hWHj@!3{HyhGv%0y~E&m{X)-T7ac+2@WW|
z6;wy2V_IE~TC&=E8$8<D`t+czq{h16e7sf8qxg*?RFOprPf~kW+1$+72A!xDwF#~a
z-6Y+=q0uBg7Ify|+AFF{0*W6vj>Z)?@Q#T??Eac`#%2AC6A6_#Y%%5bNxRI|85=jY
zx|hD`cykB#BO>ud8Vo|CFLO+Ar<gqsLMqEfFOKU0=Bj25hCn$v##!aG%Dfo;_be5q
zv#T9vwUP<!!Qkv%(wSG`91!lfkwcMs!04%-604@9%baC3H7{8anFZ^HY6Wh}#;nh?
z9&6=(edRLD^tD|~JH!@w9RqH(fs>6mY@Rv`IJjyH%f^BuCHAtlK(he%C}pfmusxcA
z7eaA8j)8r?)=|X-d_k2nI1P=B5IDt}!8)p`tx5K6qoPMV6E1RFh&a$6%v{V9Sh9v=
zAPH#b<thpcR#|yA_wI1fu0Gze_YI9Hya!@`HkFWtaU}JjLBlXh?*Uv6huv*##IQYb
zb=olF*5vZr#B^=?Y%MZ2_+^}79xBHqb#uUrDZY4fPOZxGtsm{!;DlQX_?;?twBvNa
z4D}<FW9c6IaekyByyiYl3bIkJ<M3rHrzf2<2A*@_>H~MR;r69sLEIvRzAsWuvvzG;
zo=xp~60E~$4%-DId8mjt<whs<>f-+W=Gmy>vl4f$!$B=>pvky7OKASY`A#yJNSkUU
zt`}AZ`*zqBf@4=4OvQe991dQwZwD5+ueX>onVW4a{KUdj7>>!}uoY%M=q_~pnLeGx
zCQ!9B1+zfK5nYhiLNyUPD3#Gsn{3un`Fa)Zlc0l5q<Z1H)Xg7{g6ucpU$^w9@%G|2
zC|$DL#)1`P8ZIVrQ)&|aY%-`Ujn9W_TWjjKX5uGk;nOQ=Fv7wd%O7BsTC8;g{&7{d
zWB>+#V)cjHdSoD@E9bCb2Ap)@z&>tMjAyX1Ulg9hkvogNP|TPHNz5?l6RSSPJk4k$
zRI6a~A%ahs^I4O=jZGp#*{a7^7Kf_r;FhlluPo^V4$@^z5gTM4YnCv75)U(PX3Ngh
zc-l0=l0kC{Cl{J5;_e98>A^?=yXA#M1}1h*2{}Oo^F3XOHrIAb!mnUf!?fg+!6GG*
zkg;l{R9iWTQ;Ut2i74t|NdUtHb+Ox(m%A=;&!TvjPKzg=#^>g=!?UE;)s~^s(lu0^
zyTj73weLZ>pmM;pLM}nVNmlH7<9M>}AO|!{%21};u@Y3B)Rc6HI?u;lHQ4vWVVr#4
z?yJS@BP4NE8K*=`rZWV)W+s@tV2%O1(WIQ&#KJN)Z55cb;9hQ#ZXCOq&{3ywYZESp
z;@wB{9o3+c#hMXU%HXm&=)F<Ym~S@SN!Ki2Z`NaZ+D`WomWK>19f?4q5d%wRGLv;8
z#y&cnBH~atGzM@bj+M9j*v!?utD#$Z=)^HpbaP|13oiWwUa=X4TXDPKT^bI=;RFY~
zy01&iEG~}_T?6(e1md{d5&I*e&MamtItQ0lgdH<Dkd7x|5Db6T=w_x-EfSO3@65jO
zl7i7eZ8(MV4z=NocBR<D6Gm~*8}u45M#4Uyo?~{px;f8yv4azbKWJRV24AbG4EBWQ
zG~=DFsqe;CK&e&>YWKXSzuSr0p9?og8?)>uWmfD}{&=dkd1N9R^s-{&iAyoyzE*S^
zIB|{Hn6J0WRN-C>Cy{E2_I~UM;g_4fG^xLmUAW60_hWS>ak*qk<||Ee;o#D<c&FPk
z3Hn~=*}X7~?O;ra!4#}(a^)P3r<dWDlQ$NK4<tvjnAKXR19Ps2sUmz9mvLQo9{wZC
zWr(ZAde}QIy=~D+VXoEDTR%Z(A6l0*>Q`j!jSa8{u~kM<(9cvE7jav_RwV($L1j=^
zYFZsp=CD<S4Lh#k#&u(zaE6BY3Dh|Hbuo*(u|5mfz(h$>aucO|4jcXOHHTw+9k^@=
zMcnwjn4I{dXwsC;Ls$if!dWgf#p+*Y8P-<9E48FFVn_|X>oAXM$2H!#Q3$@zYyq`M
zY(@;EojII0A1c*4+Pn2fl!_>r6}7kHc5#>%;)oGuH|fxklexD$T-<>*85Bt9XA-h9
zi*9!ZYPTl`0>#M$c1OfaT10BvD_%er=pUQNEJw8_%ErOC)&`3u;A4(C3z{0b4LzPO
z9t~{LDU+Zj+=UCRfm^>OS?=A!c1#YZX_E0yxu|B^yfu`wely!xq`EG<sN$J)`Eo+&
zI_qG?h~2uTm7KK8fFm{f-3al@TP-NJrx>2eE@0ab%^e;pJD_kuQ|f?oq~P#wpj{4_
zQEz6#%wmbh>%)_yxl?hLbuIpij|s`LxwDAFi4B~~X2p0;dUf1C(uo^o#4T?;EjF&9
z@3Shy*NSF1Xs9x~b+*kYt;UcxmpZ<P`|YjkYjf~|-c`cE(*zbgdaY}8?-k0IlwY&H
zv9%6p=BWJH>0G3jT4a4~qeabNA4(-m_&jfr6Brp!PAp|3Q(YWR_F-5};8KKC2Tm?Q
zn-`(N3C;lr48p;aF}PR_FQQ*sP)D1G2Ugs*l<t6k9Qb*hrK5dvGUTn+vHyWPY2z6w
z>t6Y3b0Dbsf@uX@jN?{7crt{~Ol*YMnxj#(w%=FNMsNxHYMAO4a401YOL|=9Aa{H>
zjUC|$JegUnDx-CyAqaTIi_mj=_5hQqe0Vrp%9b{n!kI{##9)}fJp;I@Jq>@hMR8e(
z4Xq}YoyIh@X@30DwYU?u*W~DST5Z_PjCTNf&4~?qp|e>HOxqc?vk(4Zy*%czg#rxo
z;Zp+cEOo^!I+pn!CxL@zcxr|pYdMUJb8DDAMV-!4mk%Rw2!Z69eALNtr?4^ev}I>=
z)#{q=Ga$+WMFlpS88!^fVYQ-`=Ap`g>qN>a+;M<o)~F@PY5NK@nptSh!s*Rqu#fcM
zt60+uTRm-e<_cAu>Qb?ysbt;!R7{1<zaA<xJaEHd68v#Mu@Wzc$MqR0=XRz*S==Dn
z@gk1bMAXcgW+dPfhr4Q`f5Y`R?YLhD7k%N%+zvgrXW!<>g2{X4sR%rb=*j17)CTh0
z%O#X)owCe5<n|RC@QK{0#i0dgX1J7_kj-yM3^&&%aN!k-uZ#^rnYOx*^AlOfMdtrH
zxxr^XX6BpaI1miu##N~Z7sGPI2ugmqED`&JW|H{`amF%B$RY0fh+GlTWG;as%;Un?
zJj^6Iu;0**`ww)FX$I2y@Zzkr|JRk}_RUV9*Tumo=;4#;R5=reNSmb|GE(`AR6{*W
zB0Zy=sv|?g(%B^8dlp+cxZ4<}PwI3(n*7gNuJhdw#eL=-?d{N;bi$MZ?n7tLE6r(e
zF%24KRq7@~4%K10gaaitRnl%}Y}RRAX?zL`NxI`HZIyvpuCL7J#bqt5-coWs`2uX+
zV1JB_HvE;l*Yk2ukDHx9nVg+~C&#%}p0y+SYOcC%w(P)%fb8#Y#Q`|Eq^F2&jm@*3
zJ;LpX(1hgTU1>N$>y(?Vkzwp$>fM(p1DKkG4sOnLQg4Pb(Bpen2Gh?S!_=s8kE6T3
z4-1csyRL6mo(s^~<cnA(!>?HmZkK|IdephNw4H-a@_aIEx}i<z>VorG82NOe_94%%
zMs#AUxtgu$pa~5T{CnZh8$8?NOfBf_o1^#A3nbNrW21IkQc90yXY6oxS$5JAxGoKy
z3S0{$k|}tPlIud`<aT-7#X8^R25!}kcR?tnPMEuwJ7KyNz1+YV<XU~%Obd<*S`a)Y
zqHWB))Nl(Tt!g~#oUo(L)h$rhZcg`a!HKBNakYnOI_!*lB;l(R8_&gDS3K8+WrJ>y
zgBLpw9TvcB(I*mH#Fw?YS3+@BG4a=<0Fba4u64mZc@D=!OVAbJ-0+N~F1hAXG~fO4
z&K0iOtMT&cv3i0R@!*aw)uke9qmyG&q#|(H@ae>@*SRj-49GhWJW5H=xmjAVVLu!U
z*Tyl|+al7qd8Gpv$>P`~+_bgZ^0c8-i1rp2R@=!518vo~EwHVvQWL{IEbwZwWX5S*
zo~EDqW5_rknZ}W9I6!IF!<Q*^a1jcEKp%IYcIbLZp(TrT9+Ty&cgAmxt)Avx0G)iM
zrn!FMVg2d7&WtO5_%u&;W>Oh+f3OhCggSzG`eW%#!f&Q@81Pn_>ueVTkf;^E+-;#E
zK~m1&m$W@tb2qg;b>!?F(bCK}HN-@vmbQ@F?>)Ew6~&7C>7a{D<;u8-x|9_A8mYC@
z<m~)L%uTa`y(1jvPhr7}<t}zi8Xc}1v$offq|Ap}&`p5Ld<m!B)0t8tfrgIz5}cp4
zfJV3u+D7MepO!Odw71hN8fvi&TrR^4K5jk1>1Ws*%vS5SSLs=yXQ<b%Xy@Y+D3QX>
zPCPGnmBU}I+8{+$L1j)<X1<e)P?Z$@lbcM;JRrC(t$%gUrOnlI96BEqW-<luXs|=V
zZO!>~UW_wC9c3%AdVcQ8@U(>c&Y{uEV0~2LxrK%Lxr5sdT)P9K1(+n@4sh!;T5~2@
z3cH#_-HONIoVWm;B~QX7;CefSivv>dVu%iQF_M60eo{40xU~y+e!_wd9$K)ii}tNw
zMC1$0MA|NlLV2b;V6_B0=~N!}0Ub&6h~P(#x+e}t1_Iyfp`HZa%$vJ<N)){#ulPVy
zk;b2gdk0LdVQ7&mV>d|aOLY8@HvHv>M}%48??_>MMV*YN6YXi-a2WJf!HpyFjCD!i
zCyN0Nu8-82ODO?MQ(RSA!hOOWak&I}I+@M*Lk&y?G3^qPmai#*rAa#+Tx1H+2H*yF
z)R~6=bC>2{t|^%36$>Fp`Y0|qGn(ELx?2jQ>kfNLin{+oF6~OCu&0TOld&0v>63Vs
z373?(uS7b5wMgL8@-GhYM=P~ST=R>05@ttXnLTCB{O4FhOwS#5e%9=D2~|thPTTLS
zY(69dXBrCv^srs+$#%G7vALR5z`0*25e%7?QStf{hchD_aVh6ZMY;F_wbISKMvErr
zP(}w_->uWp1!k(LhmUuaGFT?!+9F&t*&%FTcxo|Y$wuFcg_>lpgq3#+$1S?z$z)kA
z)|yFX$za$+o|M|r;&wR71A6P8i*b<$4hW>-Di7I)!oi6ibEF8yq^8(1X#R5=n}HSK
zjYquH%Hd30X@CW+Nv0`n&2O~Z;%OB_*_$_iLB+%+jwn01YPg(`TM}`?4Q9ymo+CD0
z7M8~5b_rg)aPk4QJ#90UB`#-dzQBqFQ;Q5Ph)Rn|-3+ou8y0z@g<<xxc;zg&hr)Yo
z7f#Y-I<U%{G3}Ph*|E1+<t%eAoYcmJP?>gI7-J=}fE5Oo{nD*L*Nh8jaEB_4nY$94
zk%nAQHuu8J)Es+ZS%9{~vZRE|n2TLuZ6aoQZUvVx_s4bzMI2|XaIM{_+(!{l;2MgC
zv0hRxP;AWHz&pG#!$UPLbc8!b@fK*;3pYq;vS$}e>FrW8?!I%C8JutnkDBVD5PEa*
zROk#l0=<pgQo+Ck=P#gf1y!i+_iY^9uyHWEvU|he#{Qn=%X$6E^a+zL@-)WTt^g=^
zVVRFBJUg)}>S!1DmuiZlXF$<V#Ed{@w)4$}8(YF^*XZKHDK7Mim2JU+qyo;;qfS9T
z3_S!+s)D;P#Zy{5+A2A2;wTXMlnyE};bj+>Na60W>_|CVz{MRhpTY`JCjqF+d9)Td
zB!k=5kR430{%Pt&apDP!JlyaZha+g*^zAwoG`$uolazufY!J@wb@YY+c#y@a4}P#S
zCAdi!t-p1ga?NjJgpBUJSbOJEv9)e4bWrWcl{z{~;_f+#!#uLbHA6@Ll(OpyxR8SC
zs0+KEP;S981-h+y>S3CyN2%Oiz#a40XVTjNWD_Nr%UPXF!_zIi|D&&iN(J``cDBoT
z*c4QS(`h@iB}WYR%y5ZbE<tYu>FQBp`z8r=n(ubI;CVGv-c{(faZ+$UQDXb5hVc?k
z;@2>nD%G=M#Mag}SQ*gAZamdQ0TEA$U+M;lY!77;DQF>a@dwWOiDd<P=4Kj~({Rs{
ztc{@}W(zz~zg_R%xS|SI%XGlgId-eCgSZ`SGW$VykLU8`$P?U4sGqqtm0G=_YvxU#
zq_E{>8ix^N;E^4;nS1IuZwN;^vIpqWX=_v2HPQ*o)(p>}lAVIv49K*)O?LZated%5
zsAa`wnQ=0!t{Q9TL@p1jS!~v#%9tW(4qMW*8;l`NT>6;l%#?HSR6Gq$&ddg5Hq@%D
zLzM#)x1jb!44zUo0{t{JH%-QsCZgc%d$Ua_E{s+on{+W%3Ex_iceerIB83v_@c>3f
zP)~b}^ABpy7itM!X}O}(UK2&G`$M9y(|sZqm0b?+-u4JD+E}p5iL0kzYb%~{;X*5c
zqG`&Z8yILl%37E~HMA;d$!LT+h6SRU>AZ(=j;(dv86WoZ?&@k=o9v3WwM|qj1spUD
zeqf%3dn0iCW9vvACuHlBHMjpI)4?XmGQVi_(EMY&95+JZQp9vz-9Us*d1pRA;aaEL
z=OHIJ0c0#0CpbwFaKiQ~6DwuJow5i<bm>!ck5sR~$hdng;)&X1Ua!!QTQ0zF88=Vh
zg1L5_oQENcOdrDpu7|?*kwymhXLY#MDpuohsn7BY4p$KkE?&T0!szW}|1p)u)@|s!
zizVQxllh9{x_FhjWiXvqtAb`nz{p2r0og&YHu1|l27^wiTb*c#FxAkkrNt>VTo%B%
z6H}RHdtJ>=z(>;YVKL%BH0DC_B>HPTz>3aTo}s$NP35^RI2<Tr!>Z6_U3!RQT27M_
zBNMm)9L|Qb@(WSmGP-mM-dEvGAy>$VQ~Ka*Q=^a1aI*#*TgV?r!_!A@qOEPkAbfMc
zyhS<)t=%(k)NXedw^5ZbuWm1<a1tni8w{ZpiD;uCZW`V}aue{BMs95KHRJB>_I7q7
zdPZAGsw5(Pwz!l<4oyB=Xx4>dNOY920h{lFS_7vMWQR~DGf~mvaQ|3k3jLHh)emau
zb_!%1_ZGFatwFUMRlhy6lCDPpTmURQ&q_PS{u@g&^hqv@a}Kr^J}<O?Upe=rj@qOl
zP(9+X+z@HNw^gp3-8=<pVj=>K0k+ZNnCC-FC6*gul7&`*$U3G+fSndx+_*B`&C{(@
z7RrN4clmOzZX;^vc56{<4u$m2xK8*ZFP2l~d>KlKkV7FIF(R6jO*%Y(#L)q^caAc$
zK_sPmC%RVTa4~oRmLV(6fp??9Nj*vBCr3A<?<~REmwwPn8JJBbaOFZO4nvq6v|Ap{
zJWFZ&y~13$O{B(3)uB>WtgUdz@eq6dQc)e7W1iQA`_SNR3VSlR3#um;Nj=XT%%?)l
zC13G$NW#v574B}jaCt|vy}dn^M}C@$L5b#>i-ng%1_QXt7TrpRxTa`NrQ!cPQSK~@
z?t~xb$zCAjnK~4y(yl8>C()O9MGQkmbT`x1KMQ3gqF;&TkOPIABS#b3D4~kG?GLok
zox>ai=2C&9G#n<#jYjq-)k!EdC**RtY15<x7E|J(X%*}o#0wu>=V0!IRR}5pl)a@A
zZpXr5Gx$rG={jbeWM#TB$=ZN9R<Qkr^B_3PjH`d)=LCL9ZHU*E0)}&048*(ogG-+V
zF^=}g2$zOoW>qiWfO!m#w&B(lsKjwSH0D3{>CodRGp}Ek#Gy0mX>-+T4vrVOejSjz
z1H6?<N=ee*<iXY@A;U9SZNc(amv8&Y(LR{|b;$LEc)uPm>;PVe>8#V}Mav!eG>$Ie
zz^k}J7KNH<V>8+aHKU<xVWwRGoWV&CT<lipNOi)~j~vo!z5qDL<pKD0g2mbT&2(v`
z0CQ8ho2U#ATTt%^n+u9Ep2z93LZJiKUzBp~qOF%G$*%G#Dor=H$K4XTI7r(aL(;1h
zN>~jP3aA}WnzWl9D;y+Q!a56t1(=7ziliM^w|2qLml=Djy0lvFEMWFCJ}H;9#KqG^
z0jpWm(ym-6zF@s0%O}R!mFr3+6SxhpgnbrtYJm#N@texwyuGBJgQGRvwv2m%V8o0N
z0j280lX8W2r`oe^t$X)pv|}#=2K1>yqBD_#ouP*83T<bE6*PfSa$B3}+2BguE`16t
zT(tt`?6SOYrJa5^6b|md<8m4ffW*|*_EBtYzR+tpvFp<g?IUiUg0mth4+3d~jVVIc
zPPJQR<m%~J^+Zt2cfhw9R(5DiaA=`%FAm!Yc!|f+ZPcVv8C_VTt}T@9Su=$_e_Uq+
z^HuC^B};0Y9vEuMjor}LOfOfwg!;pdg^9mNJs&2$BJQ6Po!)poC%%xdT$gqP$LUaY
z6yPlaCIMxrA3d7JdKU3^GTL}YZDg$I;;PM>4_ugw`(V<gq}-2L5+!G#8Vkpo9Nbbl
zI=5}0l&cnoaoeZ!%883pl4x(ZcoyyfO4f)Lr)aTugmaws5?r99y2{0d;yPTkyt=e&
z3=ThV&QkA$!l6z$98BO6;5hb!LRHyj+vqGy<s615yUH=E`km}BRJD+KF^!w~%83m6
z>o^#I0wRhymc{k37;sgu#!=VaV2CM=42?rgQYfiOp&O1vqea3+E9uT!M&%A%W7>{0
z7r20~%UQ&Q&s~R<IOv*1eKw$5*Wnt751v(DTrNhkO%d$MI4inN7(n2ZfH*@C-2{g9
zX;hM-g(sgXkKzapgf3Ta#WOe^iMxm4DBK!x(vHALQ;M|EpVmPpWI_UWS#fNk$Th|`
zblEgQ%V_y>+4U7WPtnfv-WXRt;fmGh>fC{Z;c_yAizqWNlSQS1LNDkdWnWHI7PU^}
zIZ$7CA`j0$s7rv{+uAmj3bL@9%wUeBu5YDB2&P%ZRH~3q!bB|%7peu>=FlQ@)6?eZ
zt;@=iuoO{W()kp8xwJzr?HG0;mTC3nDd07zTo`)dusRa%aHn+|T1u^Uv$LdIgAtad
znND07hl?t4`Ey=2*WBJB3L`K`bt#~TmoG;V>)es0)m&)7oT|}5bYK%EGzIERW^fH@
z3I|ZS@-kA(P89l{d<nkMpdj7?*C4LsXRgGFG`lOz`Ee*!{HF&K6STn2WJeqhP|8W{
z`{BryjQ-Y_%|LGJF>Ot<j)zWCxzHCp@?V{{hzpx%Hgbs@`=*DTwKpu`^cFO{sV*G0
z!d1Yw?vQC?BVycc9xR6Jun_zAI81Xfoy>O@p><7mqN|ySP-JO?818GF;q-#G>p%j~
z5l_zry+LotZIg@KbcmNj^w>^>W0sC~C<QVZ3~9}~GKg2al3@k69m#Hx?~GS#PM7VJ
zx6ahG-6u^NYVOL`b)}6H!gQuCN4Ky|B$WiGK5)-5&gABCwoC5Lb00-sOUXqC4#a^0
zoF#(~!V)e|M@#4|n-N-vZEDOgM&!n~!6WtfHpxe4ecMFIZdSxKq?oVaZp&0MkD(4z
z7JlR2kqUvufQeWcTR^ry)(({g_Q`b-F7qo)k0xc*T)upLrKvpZ7Ku5P$3VRrF3<3I
zZ7YH87fDAZhl}L%SodKs44#X0Na8IPOO-wg1J|bF;9jz;kj$mf8QP$o4rN`eg5V*2
zqK3cyrNWf1*{5d^3ka-;JXbK#U#8&C4fmmA8du;YxZ%j{Hu-^VP=1cd-dih?cS2_I
zd^(L8d=9tTbI#iO(mR8FCLCKUC$TSA#0oq-*%1EVXK@mjm}9OHbnuN8Yq<tRh@22c
zy-vb`FXqqiP?LtofBMLl4o%3N1zRhI3v!u4zKFxQIH3UpWgRXet|g!87@V9rGUlfB
z<I{8E*41!Y%e_Y1<4aa*3E3rV$9@Ht?U^LZN?_GuRn%o}ySs!=v(S;N%3bTS+`?7d
zIKK;Lv$(M}n0^I9O~UymJYNmN*)mR|XXU9fCbxEowFt)kWD&MNahxy5G!emPpmT$0
z5GB_a>A_)9n(=ljINgL1Y(9f|W)YXDG$w-E3+7DPuu4(&LlU<<!1re+9q)nxTM3$a
znkXtk6eFpj$y^n+&JN8ZTbP81Ltt^w-jPevgjU3Bi=B)PZ<WdzNac(<d`7otO663k
zQ#^*ck22a1WkDs$Vggae&7(L5S*XK_wg65qVbKTwKKhh}T+uO(i0cse-$u-sHQ?wv
z{23PDjwqMI8gfQTiCu@)F6rB{vXboBidM9>mYXVdX1Ai3&&zIC8rKAMqM!;;<3Qyj
zvl07-%bCZAmgygK#5m<!Db!*|uHU$9Wmng-c%m)Q7GH+D#$f7{NG>~gtUftjI&7!}
zBZH9w9woiQklw**d>qpM`)bP$mVe0cVFko-aJh^fUX%bXvO`J-mt_rCs~tQ6*FhsS
zwB*C|8;Stms+CD4L(KJIJdalp50a`M47ucL76D$`{On-$0)(`LE+?JiaJ4dCnXFCw
z?)(uS%)8knOfgr_g`YR{u5>A4(F^`6Qcjhsl%#oMDneMfVhuJ?_1q|~Ey9;kbSE;P
zVNXa*5ACI_f5$7qWvS4?*06Xj6_<%!U#vPhGL{|7ZM7e$b}^kiE(@rn95jjAmfQr=
zKpEyHx5Bf148J7wNIfPp9foTUi=-YZ#inR#NU&5Ct~5dop~WFFPhurKR>H2(nBG7e
zQ{VYDawAL#rG!NuF*cXMiu}Svy8}PvsLBY$jh|9+v-Qy$enM(P;*ubS$7}&{jF+H$
z!2)r!d}Z*23j?15h1dix0VzYY#abm>oE#h5##UR)LIW{b%f>CBN?Bq>O&A)FO@cwp
zB(wFH$Oa@D7eFkKOOWqGOx}nF0~2%M&?TyhZBf+6&<Re-A1L=VIElxgFlr{Y{zDQU
zs}v_kOW~-6S^^H05_&$3c?dYMDGlNq-U6f4nC37Z8?B8c#6N<>2?LxWj!KPZu~TFn
zRt<a6Q`oqv#YV;uu~La&e#GJgjB9yEM`O8cp^C0KhH4FK*VvHWGfo-Aa3khOz>Sts
ztu}!cUYe4=1l^CYT`x(}aK#bZJTfZ2X*bI=Os};)Awkhf#b6L1mQdO9Xl_U<OkrXh
zs+>w%<T_z&$7G0beAWy3nA9(r<7(~@CE5rhFOJl5dB{<_UJFvM;UZ*M>moW-^K2cQ
zviGjXs+GK~J;X(Pz=}jB>E&}ZkqfdS_s|b-&X#i{qfIX~k=QU>rL-gTO(WVqQ7dIT
zzJlyn1j;>%Y#euEYb5C4s^gQRAe%Df7B~$3&Pq*@=jxc)S;k;vP*q(5;;W99<m&`%
z(8s4@)!c|Os=9J*5ix8uj|}DXvPjV7Mfj42ybZOMB))06WW|;W51~DeShlw>ySjI6
zPpq_cLV7CX3?*f+vbYoqHNfgSvR9SBp;yubw2g?KUq9fx+?QTQjh@PxxXTl~3nDf#
zf*mgH3xr2B8$6Y>l`R+xpqGmc1%%boP*#Q?(3En*lXV*CMe8b`@+e&QN_g*kK_za)
z(&))T7Hun5Mqe@-L+itCcdRl|8qeuiC6~vcaZge0l+~_Bnuzz_mgoAl2lvb;v+%u*
znlv$zh3Qx=X79RT8m9dUz9V+*`^k&qXm(;4He=fVWTl(a`l;V6+|iY45#&?)Y9cF3
zA8oM`%o346GTbnsHMvoyt|S)A2BDT-ts{Zdl{Z9KL&VbPYWfM+f}jjn9lO4JUGGYx
znHV0QL=TOIJW|MlR~+EN1i7R<BP`l#?No^aJC*ohNgcCAIMyWCr=f|u6sw@NE>_>D
z%xZO5;1x$HkCALy8y&pypbL}EewDaJ!yqVcY5`SEzoFBE7YDTa2{h}NjL?;OtR$U&
zc4A8o7219mP*-q|2cJY($f|wPuF#R87T8;rC+aIajY}OvlaXG7AE!ke(@4ri)6Kf4
zSWViygp%GCUu8xbJfNbL%lKGU)spm-sJZAL#S9ViwAkbrW-E0W%vi%yv2smI-@c%A
zn7c+?JX9Z6Vc0YL7S>BOOqRva%IZsTq>3?6Bb5G9ipvF-fU>nra#Vb&|Kj_w@x}ro
zhKXtc5(+qK*Pr7saKvDN;RP}p!W?U&78_z~9xs$px5jm%0QO7ut=K`S%Fr*yP<)V%
zmp@U6_G`59tMPfXDHt+=gCiL0T$n7zWf@~2XT9GG{9<@Ry~OMGtZYwKQBj0K1{nkc
z``SavOeBUqQ4BBj5(ZK3Hdt)pZ3x|Ntt75rWE7at>*3kEVAUmsCOzBOgm$EuHi%e6
zr7RN#O^)dVPm)$_9OrRRyJR?$S!faCz8rEIDQ?xNk&a-(8Cn^ts}AFn<H}^|lvr*G
z;}D{+ZH`G7KUG2_ErEZ0s$o_s!@34jHlg0lqcVwEk|sA^!Q2NXNID#85?X9Ac`ks7
znu}f%mKbV~3GQ5+3`L5569Zvob8ef|9+lvP@)(o?w_>$x$)KW7)*4)CG1Z1g%Jl}D
zmPO5tbTP(~L|kM(Ez6E4D0I+1Fh|ijw29V6GEDu^1F0-9g8}n_6iwI=J318jW2Wd-
z<P@mHZV~I0rdSy-8I`a!UfL3pjLZ*g3})im+Esq2max4*q2eO9Q4@}4#AG0i%fyTr
zv}e=0r^%M8%A=HBtcFYKHe;@anrc0Rq$AT_$Ucv0LK(vlxKml0v?eDoG!;uqjeLxr
zn(dGdL@PO&lzIu~^iTz=_O`5M+**pv0db_ZIyrLkI09Pl1&d#;5>ijOK*xMgMqAbi
zE4Lc-UgSmUHRg<{))HZD5)QVcN@WXm<!1~9>M{X!JSvb@PRI<(9Vt^j+vI+7oJ%ER
zM`l1W!b`8r96<o5mN3aOdYg_lKGw0hC+)LAj1EG@tHTg@u_iiEsf}!v0nJ7y3JrCi
z4Y-NA(Zj&E0cM)gjbjw7RN<DaBvZgb35`RSy+(iqk}P>Je2!sWCaWwd*UBUU=(OH-
zo9sY!DvIf9HHL%OCdQEpx?WVxG4%Gx404O%qb6erB#kPrX&diKs-097-GRg)h^$GU
ztLctTVV;Rjr#Lx*=iI1_Ao4+HaeBd$3{|4+5~^{j<*1CcVHho9QBkQ#&M?@P&>LcC
zVb{;KV=y|TWw|eX?3gP-{L~&y3K|=&$yhCi`SjSxDEbgJk4N<KD`(Rgqe28ZZ2j74
z5gloQP=QIk{)pveQw6=wI2P8ZE#o*Qg>92q4wF<&wKNm*QmT)(IwjHh1b9v>kp;tg
zRCUktL<YeHN#bezmUwVR0_#)6F0ARmED>rLjTB!jbNWiEXuz+8k72DTGr$}?-<2(0
zk|R<10!bhWb!Dxid%%G<O_<L!b2foPAbDYdbXCQChZD7d1#xTsK_DelfxTR8tfq^C
z(E>)hajdPOHyFZql)f&_(44DNFyo4;XfTDa;=r{+h)g;=msQvlDaR;8)G=EWfw)?S
zQZF`)b5+v4Ng(9_txOMGp|7q^$>I&C0;HTIC(^?C)h0J}DDbsPRWNjd9?4?S1FF1e
zGO{Qa*&rLO3}M-U!Eijbg^M>->@0?R=)kIl7&MF;by=r5)jR|oJ4H%hi>OZ^zG_v=
z5<;kDCy~)%UCV13)vK~H#q<F4%aOu1(aKoklvS^eJ!n=sp^`&6uu#CAW2lgo%_Ai=
zM_gnn9kZ@Mi(+hm9urd(jjB>c-&xZ9mC7Sqp`R)Y$HuTK&6lL&KuZyNK+h}{6k%$^
zq68^U6wtR~G=p)<*aVU+f_ZZ?DeXn1B2pj4tPc4Mq&hM&s?&Ly&}rw64rz2s_DRYR
zFmf+iBsrsjgBr+|yg7ATwu;fgVR|RI(}EexW5%%sdc8)@g@KwHp2W6@_|RaW9Dtvn
z5Dk{SqlhgxDk}^Tj19Y|s2GZx!<bYQSt_3*MIveo;ZPZb;VI^^V7rD=FQVZf4NVkH
zzbK*%r37vuBg_gwqjh03<}y%8pmJlu5UZl=x9owgkq59PYDkfsRCdcMbQ53)Oe2BO
zTplBB8AGR>gR~g1O3sz5ReQjIs8YkUQ}GlLL{K)dEt2lAtYodlfI}3$#Ef+`ZX%b<
z;!roG@nGpAi3!K`3e*MlDdZbXHak+8Qk1z?70npW+JFl3QKFI`vh<T@b`%%{3bBHY
z&GJ?=M*1nF;oiB>wt|qUDfmJ<ayBtrD~#Ehsd^6kMfiZ#tSqVliC6{p(#napKZy@)
zNp$j)oVwVRIQ$aDGzB^oBDA0gQ=dY)f?>?PAXicOppD|CyhC-?c%=5|f@53?7T3sX
zcO{w{lsD!$vGH=TCOxA_TnD*q9qIu6hOQWES{bvoJ;a>0N!JT7XH>7Vu~Q`E^iP;{
zptszD)q%(+4|`FW@r<eBQ#zb_B~~p!tAMXTCj{Qci;_bbx4}4$C4eW)-N%Nt570)6
z4%I5VHAibpSuAA=!_tNkMmUyq6sJVDRgl*rkD5GG#x=`$r3H+A7128)%^|Vb#(V**
zJm@{7n#G2yRtr$ohpJe*Nu3{p<+3y?{fQ9SoRG;!zLOU&Hhh`DvSACl2~0DDP#}l8
zsw=IS=&mtM2R-H#=ma?b!6b$gpK)8WN{dv@n04tG=*DaC6M!6J`i!-+wDCeQYt2{r
zm_Yv`yiIEPBY}x6!uP}$Wfg$_8~qIOt(5YCoC*oVgdt^1ko$=(h{rOBw>kMFF90&l
z(bz?J$PEfeMmWeim?2=2rDZ3tbV4Pk?m(h|PNRg$4Gwr<GK>`LrBn<|=T4b~{QzD;
zPbO7aR**TJx9X#iPmRfk;42hGDEd>eI0?O?hHpZYq^99hJ!GYfvnGsH`hE-v;ZRU6
zV8{$nAeZoJ(cmPz+9uG|5*E<tlP2ogk7De?5Z8#f20gzHsf|~t!D6Cj?5JisD;k55
z@!=8ZRWu@d+X#YHR#*z<B3c+kq)JSY1Ns+<0uZZJao`xkr%c;1wroK;h+2cRXzj>2
zRC|#G7+Wy?O+*vWD@8PctPsOrMYVx#I8@@wwrTIB_r&T<vLlX*K_^48F5vN@I#QAE
z=)v(>6>=fIHC{~&qj|(<RPdR@NzJ##p&ui@prTOO5#|?lRpe>6til!WNL?lX=t(f&
zMRRexo|wnsycJ}yEjx}NSPm4Ww{R~5!q7V*EKE$I^OlJ!G)AFsi~*m57%a|hBc)O7
zrXcI4?mz|CAGHxTy~HX)WhT0SEE>DaThTrsOJq<jNA0K84f#GfF@ePue#m+f9%ogJ
zkWD9J=n&D)q_CtBZNqSZ$V_RBcVL%lv8v<&ABUv>1&v6^TBSxiX+r=K!u#3?h-946
zSW!)pAFa$IMeA;?yVhuAnk;Li8dg@Kdk~d+Rfk@rRTzdKHe>mNHJwn){-_|LhiXP%
zV7`P+!@T^)DhF9aKA<~NRiHe$CW$EpNJOtYX<5Xkm()NcBDzyqg5jr=SB{cL0JLWb
zDcOU{3L!MfJSJm!E3-{o)ZhV)Q{uw_CRbQWj7(evBm$9c4&U=K3r5GJ+i5|X=piAn
zD(9Nok~J=jrNS6g*CKw*GF8Q(dO3SWO~m)ny6WnL!m0*d%G`JxOATFx=naJyiZGWv
zH|Zto)w;}n$yW1w8AhvxLoDba*q%ncIfQv@tHll(u8frqk&TXG1#|a9FzLWz<`5Zv
z55XjU^biRg$If?BH^RFImf@#%YS<hv7j?8Q7lyGJA>-t@R7R}Q3Ya5g^;v!}*Qiri
zQ$k-dy4k&{7P0@PuTYO=vLkznqGQ13pFBa4KZapnqKB$Ci$$#NiXoJJM^8HzV|?~T
zYcQgb4~T&A+e82gX-v~39{uGKK$nl%2#6&%??ESX442(3;Txg!o3I=XW)J#FTh(|C
zLEt_eF{3vUz*KlM#%H`9+l(V?@;R$!0l>WI-Jp3!mQ?2iR;9&4@h<x)m~TS^f<>I1
zWCM!uWd?=tHPmhdm+k=C72Dwu1$?eP1+|NjN)^E;8D`2gR4GdVZ>m}xlnThv5D-wq
z<xSsa!8B&~A|C|Oxy)vn_Dphskbw|<Nj$Q*h`Ge(*p^y$+r-FLOxfLQ&XJ79_6gl5
zo9IFBp@|@<Ec&z9eA5Oiac#A@@C$ce#<pPDi{%;`fTo2BysR_<HEiV9)T4}yU**xf
zf+Qx|<+7UU$_H>C<j3@v@*N+9N!4xRw*+&)kv}ova3uOuV`CB%lQ@iuue#+QsNLP{
z1|Q^S@ZNsNi~wJx5c!ikm|E#oHc(i&jbW@NkaMslO~$&7sWP*wtfGowyH%9o=#gcn
zo7bOWA0Qp0PEd_dx(+Og#o-}-i8p;+;v!Qrh7>T|sPzRR$8Na}gSya!>K3g`GD1~4
z*cAqK4|b{sRVX^ea%{>Kz*G$e6IiZWu8<PxEn%67#5S&7+qeEmRl=jXqDhbI?rLn~
z$~E2nvEv3e^!LQptdYO4=qty1*L5Eg8^v|f5*a#2Ow>j(H^5w=Iuu*GR_I{=m#ygE
zN&UMuwy}5pU~EM<zHM05yLxpDaSRN04;pD1J+kV8Bzj3h`nvLjDwRjd+eTv>2iElU
z55@+1kLy7!y+>*y8+$hl_Nzu$rrk1jZq$4fu;08*beb5pV{2EfSc}e4WP<vP7K~qJ
z>?vst4EAk+R;OM;F>Ni549QlWG(+?kZ<Kr>N0<`DHcF1y_jUIliQw8dRH2%Ij(pVm
zh#Kthv>YK#DL*Y|^Z_dPY*yFj*(yx@b26vM%K8QWU=oDHuv&+S#a8=;w#;8Lz{)p*
z`;ON#JFZLABK~2i40(z0&(dNFR#(tImJWszaN=N?bU^%h7&{z{wUv~z7+Gz{s0yu9
zwL6fqn+RcXi3JSgDRac&K_p$D5XBze={gmqS>IBT6)C=8@}-YkuutKhU|LuTe=b9j
zAAUyK?J-@^$`nK93R-pCTmhev9Ht60ei9{p)Hh67@CnUF91rR)G^W1jPljdIg$Xp2
z8g6=SSBs#%W5651pIiZ}Of1G^`KJC^&~QpR>>)a=@PbJqSDs?i)|l+u%OG-HkziiJ
zr9kt-C;Sp^7flZO$0kyFD;i8;OSXgEM|DW3k%3~utjmIr?!7Jwz__gPnUp9y+-Dce
z)(*{dd2}8lV!)u5T`qKUs!k!!@K~6k@nbpX=Sr44R0F$j;pn%Q0TGCfjV_>-mB*IL
zkZx!-k-INuW~E(Pz+WRXUh#k-EW9ykhv>oj3;{r)lOmD@6oGUbF@_kPA)^f*@X?H`
zrbmWPy4FG+z}y)cICxSF{g!P@_r4<ttvT0~ur8qWOrX{;PBplg%|^%!%_mH)4G4pr
zt!_jyi9}tQh`|_5^;q<>tDsW}kBVs{H(0N&8qD?_(>vI+N`9^C8SGxU2ETJy<!IG2
z1HCLF4@Dv>4|G0aNhqxjU$E0B_NMqXWjYr8(w(zf3AR1RyKKtpX=_tYieh#Gn`mkz
zi6ELYM52pXc@Pby2v5`xe9shRTo;L&_Cx}ZM^2a!TQI2#Ckw@lv5W|GG3(kQ#z&p>
zAQ=X9BGr1KiwZOVEcnFI)Z&1P12Bfk3wE(|Y6juGv9EW1_X^maxqR6E00rEOIZdOm
zPR8zP=n>_NArvNoh+TPc99WA9suSv<)+lHt90k_j+Go0Fkf=dUS$s4!Do1sjBq{2Q
z&`Zp>ELpsibxBbqpH;gv7oEO#L3K+=7W|T^O1=@9yuxe{=G&nZ<fU0MVaE;1Wm(Y&
zF{8f9)j9GyTpkjJy?29{gF{fTE)u@47CmnGeoJ-c_nNC9P>^+0d+hJaTo+ajAyye1
z6!Q#|!>kAEMNow~cVsF_KV@kMGFQ^+UQl`{cv-?pxwtH8i)lPGN)zo3g^Q&WmbK7b
zYOf+coB~gNW2eEW>R1hmb^{YU7eL#XY_6*|Sf-?=l|nE~D^asCSrp3vJ%@k}*HpMV
z=G!|r9SAjTj{D8uwPV4TDKTNz4nnP3V24x~3T%(%V{Mx#?6p^wRfd!UhI*J#%7R}M
z*Z@4q`dD^Xw1+9%UmT1Y$JttJ1)#=p2cRS?e>_t~PyH`au)PFTR6sSRh*goH{uRG5
z`U9bZZ9@DOC7A$G;>QLcMjhzL(YeZ!Pxc$3la)y}j9T$mR3P9OC2J}N{Md?cfC+g4
z#4yqLC2_)jML!6j%W@&MjWI4%dy7=(^|E^7HYDbSvTV}{BYtE0Hw^m<pxA%OX1^Fd
z+MCj_cKbqt9RdEvFDy=k$h}kZZR?h`lZD+eF0NB$r3A&ia2)1d==x9-*@3FXmVA_b
zQHe`Y_VAqXti&fr<8&(mgA}H77<tV2vPTG|+k?HPr3hl|or#UGteOBY$3r3G2U71@
z-#55o?NPF$fh{R9J(HK+tJn7pY}~LxmSsk?u4f&%q;-J4ThYC0wf;D&=h*(9O?^jU
zm=oIm?)69Z=&x0M>lAwjR`#u5uRjs(hL!rOd)2D`-t`*?dL;91-mTN}p8meo14^@E
z<G``{W3YE!&no!I)`w$O^=z`w-K*9O9H~Fo_Y7`a-`|75Rv#t3{+`u{-FR9L?kpx`
zw`bjkLHB@YdpDBHwF5nG($E|F`v&`(1)zC+W6w$%*Cmsyu}n4E-VK)7{+@M+y0_2L
z?_R&MXDw;h_F)-{K<)Yo3_!B_b5&3GDu`a<8|Yhk)L?Ux#@gVqjDN$lA{h*%y1IMg
zT9eH>{ODa{>7i%`u!NTAVbI$%*w?2EXiaX-#=%v6M_ZYQaFt4m1nhNh>h4{uFM3z?
zn`|IvS)E&4eJY>64VEHe>FJl8SQJNg_qvkqflfdYTLU)2g|oiT6`*9Gdj%>PCDpqg
zQ6JggGhoHPzHjYH6Ho8@P2I-QsyA)yvuL4mVCMSP_O5p|7zyeGLo0TF&&s|{sE{&=
zP%-p0a*d3x>U9zH9Mfa9QYy9OWSvH;p^jmxqLP6(=qTi^3PDT9nhxHX1Xix>G4@xk
z>0N7aF+Apl0~UC_>T@*mzJX(n99696m<_%CL6sda?gsi<sS~cw^$s*R9}KGUij8bF
zBJZGZl}%%~hlL5v4CS$^2ftD1{jB&>H&GEyR(-3w2fOvB$Z+-AzN7VFU5Itp`UZ~~
zT)~z)u)#G5YlBW)-D}Z0R~;*jeHbG^0fQO4L3FLM6^5xbdOYoa&~L%m+q$z&_7&8w
z3!aiuZmO8GlOy<m13G#zP;4SWq~i_(XK{n6#Mg*N2<>SA24d2k!!z)d#U+N6V4+gS
z3ds!H5S3&YW0H)#de{gcF#_ZuqR?w%V943{BTf0N=2yb74#;D$T86!z8JOxwf$g8+
z9G1T_dk}Rq`e)lVkr%R|qHp92w3-t+Y<J7_*nTBqu(yHkNDOYUe+b(f4BM#lTMBro
z3Q26Iz#Rzu48%?;+MF44VYQWo=X&8-Y!Su!6{Cji!a@+DcEWFL*pG|pwrJ0UP?;O4
zS7htoRzG0LEj-G230rTWwH<Z&g&|h}i>i^D=tpe_3f`}Et5uc?*{RUnY-C91Ov4zE
zVtUjAoM8TnVPDm}*xpffw=R%ueIUMUF{u_Muo_ZP$vP7`w7EIcrHzb3Z3_!E*kp?G
zQhz|#2SXN70^*PjCX&HEm81`GU^4*<dD-E`v=1hu8fYx9l82@RW*^`g$_6oEhRqzJ
zHUn2!Wym2-Xbi^dr}7>46~)4%2I)$T+6<+1VH@NKIUzLFImzagf}8zTw{h03^HH~|
zm~k5EO(HO59IDjSOdHd1l?IH_CUBx~XnYh_Ph(xMn1pro1kR5_E|nrq09KF{?0dlD
zqvUZkKMoSuY+#BkW&_Z6k5{U&kmW~Akzh!U6Aby<Xl%H&)zT2*K!YlgLF)>Yd94~7
z!8XDvB4$(1x^-E(Ha3|Nvo6?L5p<Xw7j@i7S(?pAxjKo%ZQ3gIHw;l>RDqvZeo3=M
zHA6L#<45{AU&SHH26f|?&AOBZ?M;K?LAa6>Bq=dhvgW6+iilO(qCUuuCH7d2wmxY;
zWEQRIi!mBL;cAE~DwF*n4ce8~aox6<N{X07$sDfDvgwSJgB^+q&Ayg5N?#7Kw6)2u
zA*^SyeTa7MRu1?%j#7SpEEaoa><s+9>mdBWfA(hMYh$tQ%foLzbZacO%etLIG?%_?
zm)IwagrQcve3w|?v%;Y+c;zm!_kS_`X4&1l#5OjCn#7yuJTpx5wjb;gdy6GSO2R`g
zGP;#7X~rQwH&e%APw>Cs{Ta{DpU)tk|HLcw`2u1<#~+WJY4nx18=g&kFVUwzi0=;}
zCWsp%=(q9x+lU_|{$m9Fz@5+5B#$8;PaGv)N&Fen=Wn6mTTO4N=_}0V6!9a(j}x67
z{=jEn9?QOK^1S&j!|xNH{XKj3>64^iPW%b!|A*+)JGu{(-o@{Si%Re59)2&%@gIn<
z`M$}ujp)nE(Jv$Yev1_TG{*CBFTS~^|7wQw>0iV5bB+J?q(6eVl6Vr)kN+ILcYMz#
zzk5i(Gv&K0arX#$-#1VC-!t57@&AN$zn&xg2J(3u@u$RJMDTwu-@l)DA@Oq&^!M=n
zkBE;FpLh4n?fvU~zw<rzJwZH<`1K#y`@4yL`9+04^3Npv_afwXIP>qzYpLn)ZIPc=
z=^tUfc4d7yh4}G^`mv+Y@Bc&g&%`+KQlej8I~x54@|h)`PrN9C|5oY0!g#v=&E#|)
z@fM;lA4k96)0F-c@;ynsfOsv@&+jwtHMtx_%n;WS|F_b=(97@YS@QdAet!;eq2d1~
zBE8@9{S(Aj{K(2@f1+O=@8bK<6K^2i@f6d4#N+4IS@=1R-_Iv5H2jAm(z}oEzwl#|
z>s`c$h`xM(L;B;Nrt~}CXZfrV&m&$&^z*x;(idCgf2rs{M?QM*H@O~7+)VW4`JH*v
zAKqg8Pj~u5TFmcK(f=3u_$_g_2dtd;ARa(`EzvLU1mCBLuO|*h(4YP97XRbKXaB^W
z4<-8XKiney?^~olkLg}Oyq0)9@h0LeM4!Jq`2Ksu9}<5XLBDCY=V}zA#7_`EMfBsJ
zFa5EMuRt6o&X(Ta>~8$MkeDEL6Mg<(%J=&dHxa-87kU-dQp@LD%J~Z7SBbYp$luXl
z=F#68LGS2X{EjXv{>K>4i}tX3w9Cs3R}uaCb2;CChWIt&w-=fIQ*(^}cGBHT{CDER
zM4$gCx(~nH^8M#d|6<Cai@1V#4Dk%&`-#51<{JLIS;Ft>rMFo0S2Etu5w9hFo%l`S
z-Nbu|KPUc*7~9k8%d?3uA-;@wAkmjkRQfkEUYGt|e0J$S<fZ>OpI!Pd^wNLTU()wQ
zug^}-uDqR`U3oh>yYhB&cIEBl?8@88IjX!r&vN(*@jl{DhzIXw^(aI1nSMRrA4bd)
zOT;sY=MeqyNAbN2cQT*fMm&#r8PN}aKKcA8@e<-yM4x{3D=a@dzmoad+ptXZ=}#d2
zFmVg<OyY(eJp5(k^V7s{5pN^jNxYl*An_rhFOQ|B|I{)okIxYwC+@S4y+4jvBl`S(
znC~wp{(fHz_ebJF>A%Z(?<M|*xG5t3Hoos5zMi-`g8u*T{XY?}C*B-E|GZaO{`Mjs
zLcE;l=l9Qz{#eSPMm&%B(FplC`ie*Yp$K|M=i+yCQSpC<@!UlGFJfXpD@VV)CiwnT
z;swNu7ny$R9OK_>f8#Sv-2DK1-kZ2D@nE8#pM{2xGu|VK?;xH-JePO@(NBM&;V)vm
zpCEpccvVDtt<pdD)h5peh@U^up8r7f^Yfw>>Cb<i#rOJz;Tqx{L_hw^NuOwu{@3jm
z|DJKfr(5_d4>rE9BYv{Yp06i9euzE4l=)m}e*co*;>z<H)>~J8|H^W7<@YU?qbt8x
zvmE{Ue+A=NtoT0d#rH+><@mdSd^!I1B41JbIljKZc>ja=491%#4tnX_$>(1apUZTQ
zA#U~fxQEYsu->PMMdDkDUm$*u==knsKHf^agm?q-7UBWyFWyXiKk-)Le-Za)e{?*t
zL_Cl9FGRmQoxE=J<n;ufoxIk2^7@V^ufOu-RrTcceNSHPl!ueosh+%U_vE#L@^JF{
zkSCvGJo$Xelh2->Jg%LiJbp_#IC-pOzN6&vCw_PGC^6qr^4OpGbn+PEvy;ca@Y%^D
z&3rp~yqnKX9=*)BlgA}|cJkPj`F8U72R_dxkLxH0Cy(Fr*~w$IS3hp%vy;aYe0K5}
z@#@F7`RwFzAoK0yaSETEJiftaCyy@5!O7#je0K6!M>#loT*hZ7j~7r5P9C3*s2{FB
zadL3&!^y$*A1>dn|8V(s{e{b?tN$*auD@{kbp3_Pr>p-ipRRv!`E>n*%ctufTs~cY
z;PUDB2QGjA>9zkZmY>VtqkMMxJKk&Gd$N37{)YJM^7lnPyZjx(@^bk*ozE_RuVHx|
zLd+0delO&+%kQuG{21{WEKisJ_w)Gz;>8i=?d0If+sVO|x08b_Zzl&=-cAm#yqz3e
zc{@3{@^*4?<?ZC)$~#I9uKb-GT=_dW{MM6$s}E6fh^iltc>TZ|SPz^$e$Qtoj~wfT
zlgB<RcPEb#K0A4Qh0js)ILmA2t{%Aje}wsT`FG{+^6SbuDt|v@{_ZF4#rzyd{3-G0
z#KV}sHxmDc_*~}W7~+Y<j}bpf%rQUXM7KUz#(dO?XA*xv{26fz>+M+)_1DkOzO&?K
zrI(*)k<Y07T<+y(XqNn(>gDHtFF$YlGs};wU#?tSeRAdC>XR!6SAU$`UHx%#clE`|
z+0_>(XIEdGoc;d)Z&*KGLTqP!ND+TU{2lRqEdLJ>2U-5d5{Fp6qr|(2cN42D@5zYz
z`xky}9T+7aw@$vA<>l7p|HSff>+%<{JpA%rtni=l(!a_}|GBfI9~FLQhKmaSE7qGe
zNt4qc@gqb(zkeWoW{&h<?67!mAl^v)I?<2+Ccgg`@mAvP#P1UCCi>y$8t%st;iJ-t
zqJM(%Jj0X6ScLp`H2Rm4&pn8*B<@Re`8b2mzPz96@IK#;&#3ylqtRbRxn4)?N?Ch(
z1Mwl^?})zqXAA%HS;Bvd>HduPC(<94Ha`6HTBW~}@&1tbEXJFTh~KB*mvo0j(7X6{
z;rHhdUl>6jMfZvbdMB6HQ7(57e@Gl;xPMuq@V}zmUcvNEU^>@Cr03JWW0C1y`X@2o
zGI2bDpD4OhBj{Z|_hEirKCfRS`u#htULQp4BlZ*h`tIltoFn~Vq<aJLD&jv8Uy`x(
zmk}Qz{*36SKU;i0eXH@eO23l%@a1+n-+z(#T;^wzcyC1h<{ICh7_W=(|IIPJ62tlY
zeTnaXNp$hQkMTyu@92NUaE|^15&XD%<@orXm#)i?i^nfd7ycNAJCW$(yNAy|B>p?m
z@wt_Jol1N=F)BSjem}n1!ux!>{6_KV@*l;gFOPl6f1LPp;(rsP=wIv6KN>;r=v@4c
zE-L<3>0f@Bwf}b!&nNyp(dWOw_mv%l{!irNMTc8H28egQ!Jd8oTctmq@tsJl5vPc6
zC7w(4(_3hGm#+gE|L#Yyzb5+W?P&Bx@_91xy~G!+n7Mq;=l2g1KT5oe=;yap`rd9!
zcRg`{_-Udaf2;H_W4_vnox~h*n0P7i3gUf4KmDbOZy%=DMeHUz{w5;$S+&ySH%vU4
z_)+4=h<6dcPuyeG%;mk7-wQ++-$i_O@!ig67vGDY<oE`e{wT5T@%Q(9_RH@K@_9D#
zGsG|T%q))s`Tk&Hg805gqQ9N-+)Mm5@sZUt^W*5hH%IzMN%u$M{}5vl@wZBUJmWcu
zSR&pS5r3=n53DyiJWSlT&z}E|=$Efge=zCZL%ifE3ZIGKcPrn&g?J|M-4XP^;QQnT
zlf!?#$?!S-hQ2&nr9YnWo<sZ)@h0K}#GevlOn*<}zQp~B_YfVQK7W@yN%3Dh3;)lH
z;6IAr#g6aFS@_$D{Q3O+Bg0)y^yR-$dY4aE{!UJ=yk{%lg@$+a@O{jmOV{Po&tHXd
zsuHgteuwDV$*UsT%TkB;`E~qVPyW71yp8D7f0=yWL_BxE+Wj|(4-oepwD(EkXNi7%
z_w)U|8;$;9;(?oH?oVFK?}rn+iJORi{H@Yo%6R^ccsJ4U=f^)^`pdldf5>M){u3yN
zN#cu-Ho3f>xKR49GTxhs|4rN}B7R5z^*PetMY;!x|4IBM(dYjxrh6Xo1H_AomlHop
zT<q|lWxQV|e&tw`_qU0Ddacq=GM@kI#k<FGGuQV|lJ3*Qt0ThiHplQTA9paGpAa7+
z{(<;7aaYFs!ie~<A>H-FyNLG?UA({Gvy1l`Pf~nNt_L!`EU_Mu{$kM&%@Y3s9zUfB
z`Zm7rAodd9M0EMMn$LdyTxj@981Lo8D~X?tNH2;{CwIr^JrUved9$^HBZ+S!zLj_>
z@p9tlh&L1eAMrcHM~Q!Z!p!aKXntSn_(z#e6#xIs?>_&2c{+X<JHGrZ{C%F^eSV63
zKRieNTcvmTbmimZ<jQ-t@?B_nR}a@Qe~yp0^V#v?%FUP0wXAnvCf-WCllXJuZ-{>Q
zy|Pws_aU|u4=4Kcb-us4XyKk&G8`sG(Vxn2FF48Q&m>0CZzcV!Nq5j9(O<-PFC`vG
zzLOFBFE#y@<l~=-j*r0zep;pf5##+C@tb**|K$ZkU;eGq@5FdUh#w?=G$Q`LW%^eV
zT|Q5Y$nR3q|0DVMD)DCW?drELpH}I2VmlcjeuDTZq96axWh<AzA@&pRBhE&D0_na<
z{J~QcescuBU*P*M62C(HMg;xALne={#Q4efypHJ0qgDD#81K!*?-O?(wsaE2G;srQ
zj94dbA?``O9G^aa_dZGS|BmTI@qc0j|55xdc6>jZg}(vv=kxPRhWj<qm;XZPT|Qm;
zJ2|=Xo~?Wr8s62z+n7Jc$MYx;$A`<epWhoucO&r&BUX<eBD!`{jA%bg9p2~nPV)IM
z@$bo}<J+hI<7Ugx<HXpgJ?}*H=?~)ji-?yHKN~^6obL}Mt|s<I&{z2WEyUU4Uuybq
zRZJc~ARc>)J-?ag%V%W5zQ2Qb8S%5kDEiYq`l}-79i5Bc(M82SNj~3C{0HKL5&SQ!
z8vh3ok07og`uxwA{=hlLe@e~xc?<E@x;_7x=<~Cq(LY2!H%=PgClDuyKL71}f9MWE
z{~q#DoihGcZ83Zg(dYkfBj|@oKQT-A&++@?Z?|-Ie~01sh<<uMCH;rD8r|oJYu{?m
z|HyD(Ycc%8jOQ`pkqeCPcE;oLe<9!d{72F6{T9pDtB8ZdlZbx&r}F*T#19a^5kdbw
zzW*`te&T-+_op0QJ4bmu+41@LpDlf#J}Te)Fu!qP2hk6I;;B|Xn~CGZ$A~_?tEX2n
zzP(Sg@O{LqiPsVR@Yj3cZX?~x-)8aLNqms#hhN9{w-R4;x`n&LYkz(_ifWHh@zu|?
zcrRu<oNIjVAYbPYuO?ng^z-u(^8X2<pWc&Ae;@hy8S!!Ai_S24`24g=pJqIV5?wzR
zRX$5i@Ax>J{H!DP6aD<QN`DRGxsG@z@%s_+-@^B|6MsZ}73-tV&+e@Edl6qrJe=s$
zpL&*+<2%nbynuKQ@qXfOiGKL^F#Ih<7yi2u^cS{B|0B}hNBk-AA)?RE-b{BNVw%_$
z!Oy+tSiaNmGCY)cBC$w(3(-$+Kfa%D`1S>c?`HV9^7}2)zvf)aZ;E&>(a+!R?>4$u
z5Z4k*#IF;-N%X@z`aX~T8xizLzE2ZxBYr1>-qCe=bl;7jcXVs`-O>Fxf_{qcw-V1M
ze#+5PZqJU8pQHbPN54}9{bxycHSrqab;K7l+)Igj5%-RW&kw)Y^yiW<m(M@)ITpds
zQq!No^v@zbLVVQm<yFx0$>($5WA%I)@fe~<9$UfpJ;bAk>m%q-<NK-iS^Vb^FDCl&
zpGW$eh~4kCaHlL1{l_EX|2)(2`MH<xA0R$Vd`<*EcQgKnhy&*t|3#u7f2;H^-rq6)
z*D&7pi1;1dvpu>aBIq66bNJoSt%{&`bT8reHAI(hKfhD_eirdz;$y^x(z|#sWPCRg
zZ;puH(OvG*-5o*i=sv;kj_%(g=pEhX`29Yj%eSB3Z5LR5d64)EV(dbD@6&&k-*4SP
z=$}hIw-V1FejtMX0lv@fAoRcbfXVqw7a4w?`0qqt{yTrr=uRV^Mf@_+r{CNn{gxK#
zzw;sE=i47P{2_6VkJz)%&rbZ_MvN0z6BkPVUdD4F@n)jq&yRn;^yho=-@<1<{(UHi
zSA5ju@mk_A(Wf6E{o9CV5<f&-DE+;R=K<m#<iqjj$3I{C`@Hz~jL7c|`|YYp{)qT<
z;$uXgpXcvy^hXm*#19gq==b;Nry}S-!}nh!-a>pZg8o$p7(cHk_7jUlpPyFgd-r{z
zM$t#C63-?6EAcksoAx*QGSN?evEy@moX_<C@G49H`TH6A=`S_?edOa#@{u4P&x?@9
zPf5Q!=`*Asir{~@11w(~i2r<`J-_lbhVMAY@KU0m|AmHcUts!<-#f{-<M-SMek-J_
z6F*42l<4Qr<@+m)?~AW9dE86%=|4}pFU^tuQO0xr!4~f|#CwQ-{Eq%HhI>3B{8w8H
zzekJo&y1i?@O=-_<>yNg^sj5Pe8-6c#5WU9BfgX9%j0~${~_@a;z@^CygA|sF)I9}
z40jpv8sc2(KM_IyF~0ZXkD_<!-o|h)KLZi`yYEks{z%fTkD%Yg_s0;Oe1;<E-@^BA
zBfgt>-XhUo!FX;Z?$&PQwl~q2zoY+Bi}Y7|^n1(_|6J)Eo#V&F8^wQ;=`JUpNGwM1
z(<=Qs#&bMzGx6ex_!o=*G{*nFS<?GAet%({?Vgw>`sF=e`adw8_#ET^okyRH;O7#)
z|EGlU{~+<pX?y+!@e$%gr@j9q(a+zfT8!_5v&45T<GX=)EAe)spZ?RG{%+>$_rzUU
z9&aRGNp$7qmya)xrHb!i^4BUqY4X3Ecm#0`(dYk<o*a%N-4!j;U$jW{Ym-+0`-mHf
z#}Iw~iycNkN{o^2c~23&<D*V~93Q(y@UztPKV`ZP6CWdfHf3^~t$%Rs;2xImjqIm>
z=Ji{Lu%B5)JU*iTTI~3~!gOvVex3O3i1d%jSiTFyo4V}zexhH$UT~Owe<g90SS9-O
z?R<X(@igK)pC<ITk<W*SFF4%te=^a}ulxQ=em{{|ilG1A8!Wyb6E}3*^BB>O|6$Vo
zmiRl;y?BL%^XXrBguQ<`aV_aaBIx%e-D`>eK)RbE=nr7}hY;^1-6Ik7iB-nW5yT^j
zZzTHsFK?0l>LV@wz1A3RA#Nl3@jvz?(LaBV{Ct>nukJPe^TfM}KL1xOF@5Qc#z*WZ
z!~KZ8M4ul=Kf-Wh5#ifg4F4_{kC$LndesQ}zvKIBi7r2{jo{}JzQ3IKFT`7kzaajW
z=&=`j$y$@!KEzJqdg5H^SIm)qIq9P4EBt;o@dL!miJvBZiRkmU)ZzW~zDqv#TW502
z5LXgUAdV3I@Q*S4p8W2@9~MFXO1^jLIl8%~x6ts1F#RO)G~&6$ONb8={roOf__s%-
zcProDPQ07=Km`4J`QGK@Q9k#tXFua*$kAUwI!FH)pI^*yyA$KYR78A#;`;;pEWJ+R
z3B<o8UQP7ai5=D={e~r`znAe3Zm|5EL3}&W=ReN(OHIFej{N+<@$)9*|6|0_{+a8;
z{`?;I=>LJwHxln6u3<b;@f}3EsQA9wVtkH&$Ioo(FE#y-$^V~-FQ7aeUw-|V;P<x?
zzeD^!(WgJ3?=K@hKz!(FLLVEjdiH!`fjC0+^Sg}i+lkwVXFN^lFC(AV5KrA``9F<#
z2Jsz4KmY%a;T|NuWRrz|1#w5G-*wRVeUSKT;uQ1y9^#jXw-H@F{rv60@L%)d+m+!K
zO8@#6<3Gve$K&TQKKuOKO+N1>{tt1di1Lh*o2y5D{L2{6Gmm3CBR)ioqQ8pax=DBZ
zEcD0Dk-m>~I|{war!SvZd-;x%*J6dgnsV9cXtrnK4aA#?n~$;Y6{25$KW99@CBBZ~
z(nO#B@A>{p;y)6vi=e;hSWEv~#M_DY6aDyq#dyl(car#X;$y@t!w(V1W{K~)UVQKK
z;(O5&h5r-tvlG)hop=s$C#L(?5$P{h_$SDROaC2S`nyD=@8ssn!^zE+hm+e}%VS56
z@5PkMVZ;v;Zy@eTIUN=uFBiVk3xB;AzH^rFyL;h3=7oP{MEHG3w?FX;;+4b$816L@
z;a#{6FWfbJcHxo{;a$F+{9L}B{9L}H<mbX=nVt*xAfH`0SKs{p!-YTA3;$y;{IL=I
zyYNSN;lJjEKO!Rh8qys_yoGohaSg*A6%pQr+vJ7&H$J;?n<B!yd^`EMd^`EMd`HR8
zjT5fleT3<{e%F_GtMsow-o}F-;t_AQ=PwX%Bfjwjd+(?BA-=zscs;Rr;>`4y@cWg2
zq4!0p&%dHv_NV+d5Z@djPe;ECzyCFHAEFC?Y()5|a4vlpE-L-281L1@yNGuae@c9q
z=x6%ZeE&P*pNKEX&Rl<TeE%@<zli^QlF{EtJUnO5M-q=F7Kv{qK1BQl@mIt@5uaJG
zc#a_Y{BLIZ<HQ=nO%WGL|2X4)4)e8%m?hSUXAs{`Jd1c9@%==fpPTvq+r*y{A6aDj
zTNvNN#9v0l-$OaSk+_kVi;(|6Q_epj?vuCjdKJ;n?|kWRpJV(lV!FF~d~A*2XR+uH
zjEMiue4itZ5Ni?i*HO-o5^pb>Jl{|<^yPU+1bsS!-o<w><2{IU@d*0mq+3Bei8xI3
z`T1AIlP?>;XA?g|jH3T0!+kp<{Dm!s|Bs0LIR5<f?uej&Cez)G=<@U42!0;n`$vhp
z51Aa65xa?Nh`u~F@O_PV2Jx&}=u0iq50L(N;)%1wKUaDe&s_OApXq*__#ebyM)311
zzW)vJzlqNrp1FOzfbU;P94FQz=-c`J2;w`5?|GWgUq?P4B`!PJ<Z>$UeBvjFe*L>+
zj^Qtf2=CI1d+B{Rf`0jk@wb9_5^<R5^Y>N0-<9#b-AiY&=)cQ!<{JNwLjOl6=glV9
zwZwj+FP|6i{W9Y5#Qf8Q{-tA<&pnBU5?2!a{C<+}Zz2BOxP|{r#c;0lFK&_k84>g@
z{cFj`qs0Fv`urTnc(TMZiDwf(M!byZhu@d+evtT2q`P4j`qz^FU0!%U{v-H(aE|fs
zX!MUeIZRl6*qQhoqMzSZ>0^xNSzf$<9TERoeE)aESD#{h9Yk!a+H;(ECh?u_xo+Rz
zNu0*N7w>Ppco$0V_)IZg$LHbX&yRn~@lE_u&G_Gs{J)m?=7{_(G<;M#+al7tg?#Qu
zKKqHs68-!+`tLB@UZmSMg8n|zJwlu<{vD0}Am(co@dRQ%BEM_+-sRKLy}d>Hp$Pg<
zvmSnycsubPqF-L$XSx4^_$cuY#K(zG5dHAWC$0XjJHzm7;w5L=a}@o5Zn5v1wi)J$
zF8o&+k01U`OmDv7D-8b|;_r#?oiaWyA|6Qo;>4qf{lt$DTjhU>>1`wK$@KOn?n`_P
z@i5{M#1n}{;sp7q5#LX|km$?rsZReR<oi<MH;LaN`uxt9{$q^qR^n|D@ju3LcqYHU
zfcP@v2I8?qpFdX*Q(LY6+{1eNKt%nWFZ~{j{{Z6ah(13Vz8@s!iJw~}`imLQ-x9AN
z{-22WeLlWSx<?m@{`u@TUgh;8!+cJ#A6gU9A1!rwzkD2D|9z^}mxE3-{KDG|ldLzZ
zi2IRmKOcj9|2|?=f9uj4r#wDR{5&y=zonwDG2OF?*Aj1t;Ag4nPiv8%rKW#~{QQyV
z>a8npzr0$de+KK_u0+3n`SG_(zl!l5Pdu6U8KNJ5tMnH!o{tbOBYrX>{v+7FRuZek
z>xe!-t<qn{c&;E`MZ6{={+-y)cO|}zxG&M?XTJ11d-3lT5q}gP6N^m$QpV@<`Pzv1
zkK_9jiACag1pSv-?za<X>knI{e}eJu!}9zR`M8Pb=BfU;@7h(->!<zleaTy_-`|5c
zLEJ|C3w>+ySxLEVAWl;LXA*sRwn~3G<2{e)%Kz4g`ChB^S2Esfh;APF%ZT_}rGNab
zCeNt)?CPtNn=h}W4)3Su+SxbR-rT(C$Ow7-j&!@6Zuxu_aWnB(#J^gi@EaKaM&b#?
zVWOWu$LGuW{dD5PM91e#BKTcs`1@N-?;5tFuf5mgdnfV4_uI3dzps-1>^ai^?K>=<
zZxBy^r#-)mcp35Y#B<(f-!CTm=|9!+Me%dvEcyF;=Fbm*2g7}z=;UyH1pUA9{ljOO
zobINaei9)sNB=v9TWtEr8Sh5&b0zUQ;$1|?ub=;ghJOR&UrFpG4iNqHN__A0dE3*B
zewh5em3TVwQsQMqR}TM|&%Qk3XIniwk{DyVe{MwkZ<YRZ#`{s?O{}N4Mby_;>0P{+
zGya3lwfvk+^z+*){RYOfk$60@5E1{a<l}zgTS#{fac|1?;0XCHb$DMMe<GjHI>+R;
zFY$EZT<L3zM1KO~$q|Q$r$oem9pB$W?0lEy<1pel>zNx@{QN9+ct1VI=YNu4$LD(T
z>(l?5bWadBkuFEPhWT^t>d6l8r|0<Gjr?6m{1EZC#6J*SKj6lt9WA~ne*PvRKT-70
zS|a+NM#Q_@yR9AUN!*9n&-&up#T9)14AJL*spEI`V6Oc7{LL2Lr+0D~pgdf@T{~JR
zy^D7X<NpQw{oh557dslg<MSEsvHG(cac`n8pTE$XoTB8jKjqd*bmRW&i1EKw`hLcH
z9Ptd|dBppPyPaoz`sKIK@S_pw-o^KRdacrbnelv;cr)>ii1>GBKCdPoz;)^*(dVaC
z`jZ%MiFlQlo*(~@`Tf^KSME{k>!qguGW(%Bh;H5Za76##D*a2}&h|h&fOrrwNqjx=
zBw~^HUgD35zC54o_#HpzNAU9vzW+AyPU5{0^u8SS=eqx5;seB!Bi8><b@-#n-|@u1
zBA>fP@Ow1hA4fciScstSrQG_6u3nt%<jHh*Ci?YbvBIzQ(jW5D-zg&f3DUWG^D?%p
zwutuCD!pqLKW92lU-yfM{%u$C>FQaAe5{Y)r&aoQa2z|I_yOYO#4CtjAo}Iy!oQo}
zUHA|3`J=>3BEs)z^j{~R8_&0X@Mz-oL_hzxlKw};hltN7{Y#0fi7vkPJ<0KXmwY`;
z{0-6Z_sR%<=9(`jFPE<<dCfJxwdBXe_aQ!COuRIL-;4NuN1;FX0;@-dUt~B)JcsDl
zr&Sjk-5TN>iG4($ew6Pk#8Zi<N6`QE2Q2>Q6JJi;kLbt$Yx3FoLGndBf#}o!b_b(>
zKKYz0|E<!$l<~I_*ANGYzI<Ax|Nrd0cifKk|Nl><P?C`m85x<`85P+TviHhLMhO)W
z%2p&JJDY^a9@!%!8QHS;CfVY5yS-oc=jV3o`Sbjq=W$)<;kqvQ>wY_4$KyF)<2cUq
zyi{NOjD^!-jPKlhX#WwV|JkT_A>*6j33xd~`keHk)DYK?b#NQJ43iIa_jkaH@ES}w
z?Ed|X>i%2!+#m7Zn>f1PdVPv6r7>UD{M==pw7&_&jS<QHZ6!~s?^u9(g4NH%@3J8M
z??HDR>iweoyO+KmRr@H7k-z8<EBy;0(u-foNBmm(yiFbzV0Bmv>U!&O4y=~*V7NOM
z;*Plg`QTMw2S4ZF-*EZJ`}?=_P0@b~E&HKHyqeg3AEf=yD&M5o>Hf`G8~uMn@2qn?
z20vWyt}Xq1>=wc0Q0(vGN85`|;)%|RC;GpBb@>F+w?fxj>C+nZ3}SpVoB+2P`maa1
zdA|c=fA6kyLtU@v2cVy7*uP-d&-SQa5Xto0Jm%w7zZd_Pq0C1jqn}>&GH=81KN8A3
z>iPDnZ$+Nn;VQTmW*+U<S2n2QZANziPDi&QfPOdnLs86L>U^I1>cZwmy`oR%lRgH1
zgY_TVqyA-;x6JDf#`Ss#tNu0oy$#F3VB_TtQZI3esyH%_x*o6kBKQr~zgK;<F>XKR
zfcaq=sPh;7^W0AfUxb0|pF|fwNWB$D^40l;N}rYdg7t6dcWiLa`2-ssyTR|F_J0)p
zIT%RacdVPgB;y=Y!ctKCAC3N37_5Gt(q}jPw`9CE{1|>7LHg6gtv}xNrzzY9b$>1~
z-f4o<4~8S5*5_yZHCO~TF!a3`?+YiuUkv>g#t*<s6J1_aq0Yyv{x*IS;x7qIZTR2F
z_(6CUzA?$=rSl1u{-Tl3b;h42emeNFk&jn>Bm8uPE8rSfd$Oy$71Z^=7f$>2D$W<g
ziT#6%`{h)}ZBWO56}{xC?UzP!`>#~Jf$|moZS4Ll`g0!Z^-JG|b=etqh5evjpI-IX
zSg*I?KQPI(`=39l8BaUi-OmQcL!FOTeLau<Mc)y-JmgW`$VYUsxG(vOU2Vp@8TMZh
z=K_o<`vt_8e47WzH(32B{7wqe|8jIkq3(xX4++UL8I*aFIwHIN7xLZ#55re}y8nJz
z5k>UJ$y4|LJmWE_FF8za)azAW1V5YLNq7ZTnBn@`80!4Qz8v~*;UKsUZiL#t3*+74
zFgOqDeEhbb8qWBE@|C)zFM;~&RewnJ?K;=5GJj2B2V*|(L^6FM@(ebAulf}D&kdzN
zZH)eS)epnZOgJANhNoc4nQot@gY}_a?|%6kOCAg13YFg_u5~`E$@3IE1C#yi>Ukbk
zfz{wpsQvwh{ZZvF5qj}gUilmNfc<SJzjN?!DEYl;<g;{^>&ptb5$=GxA9H3q{X)0`
zu7%;%ufxx7xF7y)_}}7DA8n4yKNb7~o`*XB=RE4gZ+h%nL5ZXNH=OJ8X$wD@=dSxh
zt#9s8|0(*6_^SwYoF9#NUt*s&oc2rbBk}9wPwKSd_rWf#_JhJ{U!6RI&36^?_Cc|e
ze(U)>g#Y94E{r$dtplw;!~H9;0J=&c(o5V|@K+0dWcdG<@tME4d{@EDOYWb)=zqj6
z!vd$v4EMvs@Ww)SKh~oA`x}IxQ2Be8coH`iaht<_a0Qfl6B_mI^62j#{fnypG6m>Y
zp!zKPS@?Zq@AiSUKCJ$Y4`=@#lzky%{S0SZpND?yi+aq*tNxbMwb;#T0+<-;dcEp1
z;U_OF2um3Lz3QiO?hRb(@_%=k;{>SlU+GbQ7(elsJHM&mi?9eR4t2c5jBC5R%C0ik
z@4;?R`y0gg6?hNEUE%Vx^i$Cth8LjLi*AR~1shN7e^U0Bjd)uamw18dDgT@Mopm!j
z0nbBSPanp=fdk-7L%)ad1Mn(*dXtN*{jZ|$2Vne_ZXUA1_OKItY8CfkCwLQD{@3F_
zi(!A#u=iWPN!2g)B{T9_PaihJ;;UUh-hx};PS|OUyWb6_{?%RQgt}i*-Txo-Wd|%r
zAIihM@K4x_zVv~*A2-n5g=N>e{?&vJTAzrx#bF<~#>mI3K9xuRUiBZ~zb%w?nBQ2B
ze(TE<cN_d^otxjy@Z<IF`ctUqyD4^GhtYl?b_0ml;5Qeq4b<^Oe*nAU*p-5HV120V
zqcNTzR)IBPE7%KK_VJXyQviKTrEeP|eQf+lKJB@-@=3`3yinKQm2s<n>6`Rj`X+r3
zG=Jf>e}nw2_<Fwl*2}sbOkVG?PnsF~MfO!AwXaIC-amnTjP)<}F|dCV)>QtcbA1}#
zf~_{V{gr8>V^jDk)cuoqJE%|2fzR=`2!C-6d%yL^$?FRIhP*~WU60fuc2bAfNq>4$
zSD^l6Ax;js5pIE5@RI|+L7z&(5pWDV3opTptb?q^dU%~U#o+;X48Bg>;;<Ti>%gDj
z9C!=ff%%A=9|l^VkMeQ*%G$q8`5e#^c7R=t&j(uHDT4JsunyvFa&_i}1)<(=qD#R2
z=agNr`m~1s&WwM)+2wN<#@gbpi^IxL#|y80`rlog60k083|o+o<fr3Dw0%C6f1rF{
z^{AhTehW-SKQh4rumY6%yUn%kS7i6MAwa!vd#qRd{f=L;f5+&L?r)%e9>wn!cpZu#
z-G9IJJ*aCGjKjXoVC-MN^`nUUGh6}_Zgu-!_a~zCD~$fEXZ#?%2BRDKd)5DfpB3;H
zd~)0U`{PwFe%Io66Wk7U|7Cn1_m9KB41IF)91rXM;qo2{wSUnUL0=u#f&<`SsO?{1
zJP(X&_EKkmRp$_{1NE;CI<XI=Z{bn@fzSHM_@4=9!&Pt+>t>Fze!^>ihB!B&#93*?
z^QzCY-L3y}@NfA14mZ9Io`iaRhuZ#DIOBV@&p};p!sc+IQEzcWKhDsL-|EWm9Ior{
za((^)>i&k;z6x<9{?A-Xd>zkk{aNDQf>QU#M*Uv(ukCdGECsv31yI);+4ObEvo#z?
zU#1xS@v2{f-?gwSe!n&R`>jt)+-xcjsawyNSACw{ZauVzU149S{d?7)=ks~R-`($h
z^<hW&|MSmy0i|zc=q<m!0_dx7U-IZ|=tU=ai_Y@zxBhSDrRN?uZ?ErlEDLo%MV~Q9
z{keV4-_re#(GECffZG39bmN26i*5$``SAbZsQ^vM=Ofq!>O8mO=bXwzxr??F`y=8f
z#QMtgsV-~+n;QLV$#^?h_n_-{^h5Mt72vnNIdQwfZ{SWNpAREQKhVf$1mi!$g>ZF<
z^gnS<%!Di9YUBLys{d%SJ15(~FJU*RmP0hJ`eXDV<zctJQo-y{`wy%BCUFA!KaEc7
z(;4~rtuI5|>aZnDb<Fkan`#OE*P=17TTOTUdM!uYKe69~A8j8heJ_vxBa2@8vhS$t
zuk`aOeSL+#TK&C1-C?!Ah5ZvpT>NA(AJp?>=`(uNr$(O+{#WgFf29xE=u1v$&4=Im
za>Nho`l^lnQnkKM1i8M$Yd^<`zn=KI|Et2NKZl*{-yw$o-RO?M(@^YnK9Nm-mwZbz
zpEaS(ug>4nzmHvb^(pc5A}jzUKkeVr7sjqw1l#L;t>^H}!tQyy66)vb7p%WGd47~L
zp3n6-|K&NIf#-Z*sPlPP^)FLzDfl+*3ax$=3Sg)EXX!t|&x6+2BW?rO1io+NBYk*3
zwp)MYGdXUA4Kusz!g(AM7ImCf%<)`t$ICE933ojPZiCOh<Ho;-uT*x|9pH9&2Og{H
z?oZ&obT(WKFT=#uovs%A5}t(dYPkEUU_;mgPJpYRp07dlZ5SK_*BkxR`b7cs;^!#3
z@9C@bSLfrm{%`X5?wosnY;n!;k6VuS;EaFVwY5GvKcMwt&HvZTzsz^DAm{sq<F2m%
zYW<B={ZVax^?pft!p-N3la2*XIo5=h{zL2n>3>020soVr#MAy`a6c(b0n@`^?Gr>%
zeJ=9O4~xQ*Q1{Dky{v<4XWY7w^}dwno;>d|1bLo$eZB=czjQw&-}<cI{%|xrM;%g+
zwimk=hMiyf+NWKA--D88u<^=-(S9s-hS$D8knwjCFPqZ0=K2%Z4t9iJz#i}<JPQjm
zuT`Mczi8Z#4?lq&pzikw*7*cD2g>@_`Zsw0ixx@tLk03_3-$Y`&c7SFLr~sVi}9YS
z^}9XltEu;2+21L6AJP8*Yx+gJ|KEbq%DeaTC!y}oBmMuoKUN>7(9eZ%3p@(X!o3xp
z|3mQiD(-qa)bsJ6<0U1}3}MVSve>5!XZ|mQ(Y`r$!LA2A-~V-c>DxT|Xzio!72Lkj
z{o9S5-gh?{e-gX!+86K`|2pw?zBBN16W)VQa6UZJyLk?_KbCGJ{hR_9!c}l1)cp>%
zzXrq!Yd-&Vd+FN*`e@Cge$IYW$*rSK@JFcUJEHyTd~%Ryu=z)I{Z;DK-&YUkdurVu
zulnft3D$p9*UzEeB~U&W6*E2`Ek~z+9~j8{=@|GkoDY{lJwKuLSA#fV&F8;vFMS(9
zAFX-RpG)fS`%p_b66*PmX#YB&ROA_K{!v|jlJ8IC`=X_sr`wF@U0C&h5$9GI<2@|)
zf%?0W^|ux7f%1E+Uayf&FTY2&;&;iP;bExrAE<PtZ@cfIPs3pK--k#)Ugc9AzkLk<
zUiEeG(+su`;NQ}B!LEA*+w1x1cHYh304TppA6CChU*Pv?Z9hGhd+*NwgkuM|7Y^Y)
zWT){yvN)31A0rRRcbbv!Msz#j0VwvmKaov;i+rv5()nBZZ<yck>Yu?+3YZB>e%imK
ze;K>n5p1vXjq{}27s>g1pzKioK1lyP&Tjq==OFx;zq63PuhIUK;C~ww|F04!kpHOa
zZ<$fAuBRrtdawx`0=0fU<I+#B{S&)A_>p-i#(d~_UiJUrH!l9l!@7q5c#O;X6P>I-
zozETqPU%aY2d}Z8<XqQ(&nACAwuSY22Fl-)>Ax4#@nRE4;)(wuncTja0hho)@%}6R
zyBYn_^_MaFTN`_=@5i|G-)p}=iS6d?4ty$(yWaGa<DvMDF^RLDzjNFL<$H-+d`}_o
z(FIsn<)Hq1UcFBxZ&`=(yKxhq>z~5EU<}ULmthgu8xDiNL;3q*-9KG_Lh7$f{kq;x
zs-9r|rN(a{`}S%+B%fgIzrlV#JPNNsov&BD_>uJzs2;!dFVWYYP|ugH_rI#oNq-8#
z!ch0e(goXJ@f%t6`JQ#>*NRk*6Epn#JPY>xl65ZsPEgLTK<AZp9#!MtGkgZE^XU!p
zF9U1C7K#5|&xaY^wd51i_&j9!yMkZ69%MYM@x;Dl0+(NX*bp{@r(mG`^Pqdpu-EyE
zPT~jhAKCPhcQxwOeY?iEH9xu^!TQUb(9KsMdx;+n{gd!n!(Qhvb}^OR^AD-L)G2+E
zI@25VMmGJZm)yFz3gw)!-q-Z{nHwVeEk=ADZzAX9Svd1Km;X{I@2l7N9yl8BcX41e
z&gaKr$o(sa;m-GwzyEb0%=7(#`u8X6G2r?$@`)(>g8}xFN;jHUeGK+xXSf&s4Pzv6
z`!_c{$>&b_{8^uU+YFxL^WPPy^9wd!<{;x~|A~UE=aGLmuhx7=mHx>3d@e-mC9?W!
zp!TEGtJnW~YW)Y=ui9SL!x{WYoV4^;>wBXc1m)bg$F-aruN(Gd7#{#P!r$Q$cpTPD
z=GJW;c&)0tmiLH^)!emwA9js%=pW-e@;kon*Q0oDe!@DRkNWBQ7pnbX^|LMeE!6w*
zzZP$r(Z`*PTl?T5=bL<ACg*rL&bR6?37?Z*Fg`DNjo*y8CxVQx=TqX%r@nkiIgg>%
z%R1KmIEj5k>9-SK=EutChEeCQM!gTKeu2k&EqyHf=yl^&-xEJ$pk=?A`|@6)*S}tW
z4~sqz`&;Ur$@L<*0b2Ek)&2<m4z>NLAoGupE-_3Abv~^b*Y%68826=5n+(0^-r>IJ
zb{cwluWibGIfvzWp!4~!=`$sF&y&7TzBiQje*OE8?w8oN!9I|_O-dJUCcFV#@cWj0
z?;*ce$?xBP)^K(@euohIOF<rC%_mQY?B6l^q3f4CJEQLj`@+bsmpq4(?-)4A$Um~_
zB~ST%_WyoY$aMep>bL$U`ZfznJ~#QjL9Yj|da1KRI#=IRIELS)^?&Cp(BHf0e6ExC
zju-v$A3wG8+s$YH4Sn*TgZ%fT^`}2Y@c$;P0B^y!(zv)|Rs6mon*WH7--|les(QOn
zw_dO5=tBe5k2L9BpR~RleG0Z;mi_xizqS61n!f?mF%I@6Z<$ZO>@Sjs#2=#K4<HXK
zepv0Z5J#_D**`K5a(?OfrJi>4_;EbP_nvVarv9!_{*Lqz=YI0cPAC7}#nyS;^?CSm
zK6kwuPRj4D#}sgUsi0$1_!E4kkQ?v$s^cA){WW(j|NYTeMclQn=PLEYp`I6rn;V8o
z{||A*|4W8{(Mdj{v+@yL5%L#ZBg20-bfT|;?vdWjbX4z;?8g!8%VX@Pq_5n6{fAZG
zU-^I9@Gm;aM|4&`qFauC(Y<E)_o|<Y-#PFl{N^<Ld)5DfU&+4!ey#j3qQ4Dea*pcr
zG(G32b$))F*UfKJ;(Y|aglFJIDCdxzugf@R+jFi?R_E($oU<k2FgOElhWfk=YdvpM
zkKg(0d{fc?lCVGhS`96II;9_H=*x$3ex)Dl@$1)o>iX&i$XA}<lApH!G@SOGgS5ZF
zdxVZ3$X@IFt9Z|{?_~e^rB6znlwph)DtldDH1^@+Ffp{|+tTO9PWu;s&vQQ=%mQ=3
zht+<U$NentyViNE`+F7t)_L#M-#;Gx>3jm&YkgwgPbL59Jg4M&<(Gaoaps3HUa0JK
zedT!0R)P(oJdcCbe`P$c#oznfZx1`euJB>CugQ7S3d;M<2I|)R6`j0)iOzZ->VV&F
zP;|Qu|NYT@2ZzB4@HBQ8;a~9D1M;Wy2^8O}Uh14dy;4_nKIiNCxP$I#KKE2c*Vxc!
z<9S;Q{>pye54C^M$@d$gJ02pvd|z^je8lfv{LA+r@}92qdt~oE2mROkcSNn9OF^!m
zGuTQ0ZeS<tPp>zx`hk4^RGH7a@;%@o-rq03;pQ)PQAhdzhJ3}pPuBk*mhA61U1`_^
z4uxeZyZg=H>($(KNvP|||BSm|9F~HSHQ$N!El~gF^WQgL441$aups??9rpIv?=QpH
z?;0NG=PB|^1Z959<44cuCF;8YW&KPr{`=@<@mm+JLASxsx8pf86RzMn^Oy0wS<U<G
zm+UL~9{XjU*YdsfqSxIz)b%vMt~LA^hSlF`zUR^Li}L+>b=VNT2j7P+VQcs)+zI!>
zbktK2TJ;@Ae-l<hU)|`(2F8!UBz(`G*7&~PtNwsT|Bv);-CF(k+MmDZzx@B?GBU3V
z;4OHV=f(*3t^9WbZgVaFUj+I8c3IDjS2;(D8t2Kt!mhs2a59W6`Mpa&epLN=T%M~i
zE_?>|f?vaZ(C>a$;khBtZRvkuqyII@s{xefei{7e^YV3cB~?A6Sr=MA0^KzD3%V7C
zeqb%P9+tvyYrE_5u<(cOx+K)`9@$5({&}6RQ0q^yj?TfUtfQadI@qv|>s!5+j?Lg8
zI2xvB-Q_UW-=lc0e-FB!r<lhFHGhxdxp@w>ACj`KQp1ce7pw|pz3B5ivf5`S@0tPf
z|AG7WV6s-OZ!bVy?@i9BuUO9s>pFckbuRT*=h7~&&%ijGPvu~LI0F6(x4<|a^Lej@
z%WF1FM_h?l1;1@!S19pkavdms3i_b?ah|?(t?%*}40S&r*}MLPwSOgz{<o(8y5E+*
zX^8ac@$(YQ0t*@bJ2M{adU;U#f#kIlo-*<m-CCs!wjQw`q3q8Z@s=|#@dE9y`1RcS
zdXD|~G1PWh-*q~DKIru${(i=<<?nlAzl(h@!`_M)to|eXeio#E@jDj1oKsf*e(Q&j
zN3i+GJjnb`qVEZUoX?21pHIDE&EK*=L?0fb57H04z77-rJiKb;Gs{@dXH=X(`$zU!
zd-BrHTb*A4bWv4b!DIej^)>L{O7(LR?=QNaUiAqZxN~tSjK}*_KB)bNRX@n1|6uin
z@cTL}3Eze~f3Nz~4PAfUgcadBsQr7@i{CQJ?`Ffl-+GCAk@$bZrj1-5biH2n;`cA*
zx4GfpZ+&~>4ujvr1dZ=suUEbJ9jW{#HvIdo&qUmJU}d<@$j7T*{8m(cHyZx^)*mG9
zJs7izo7Z+wuV=4%@%xza+rjYfxBeUA&VX}Ziudlnp1tbD?=0mvmEqrS{UqWRZ0hQ3
z27iQle*M-TC7)9;FL_9QIv*J?hOQjcbtHP<)mH(24WpXBmDKkue1<xtK3z|h=C1B;
za5$9r6#e~<wlB$hOa)j2)-&F3yz1rqr=|E?3x6~Gd)24p{aZeV%J)^rjrYH(t}o%S
zUa$Ih@c$l^e(p2+=~aK2dA|T}!h0|V-%~yb^?H3|@AkW2{nP#K%e+j5^8Iz(4_qFW
z{yU|=V$7%L#J}ib8~)=nULXDhcS8AI`+Z}*ihVNlFTzLu+<g95`nNp9>m{Q6WiZz7
ze8%<u^jn|JV?JK>IXOr4?`^G(^F_w3-{a<RPRQ?Vx?hj%-MOIqH{R&CjLYwxf%@xJ
zKb5#Eq4-~BocCV!%~-#m!Y;4}>;u1ndc8cdck9Kk{^@?pbN?vwaSr|kufbdJk^R3r
z;CKK29W7e4SNJ=Iny@DvZv1^iF~-Zn%24dJ|H!7lDtWhd`(g@Q40ZlVKXSUtKI^mK
zKOcNk#rv6SE5C@cx8h2_ByX#~q8m(o&Dywr_k_CMsIG58ox#@YRo@o>U#ot8Z1mHs
zUgj|#{))oVhJUa6==g~hr2p~gro&b67}V?M8sp{Lx^*@l9)wyShw*1%LYM+hhU=iV
zPs_N(+r+gMFRc2P@cXigr}NReK>2vpw<i9_umk)O>U_NF#ZMpn^@T$X|M5R|^PCK(
zgD*jyPdCPU!oKj^5b4FwDEy6q3l0CVKXLibf;VBVPu;lAU-SvkrG#mq*1yPju>L<s
z-v#!7eW3R5RWE+N!{0C{`Dy?AxG#NqmA<@f^vA1y0e)7%9k5FK`}aSp=+n0ImVeAB
zsz1tnU50x7$b4#@Rj>5zHTsd4bx_h+50OpZjJ&78bMPwE{Sp0$D6a1nWd6OF$H8z4
zTx86zrJsp@ZUo!w`P}fC+xPW4I4*=Mpw=f~JR{5ubHiZm(?n5y5%Mkx%frf0_sehn
zJ>ovy(am2C*c|G75;9&1wudv|51pK!U!dRiUlDgy7~^}j&p;fhU+f1luIu$%pUq=F
zUiC7sn~1X$-Ztv>TQ7NRCw}73-FnLmbHXA}&qoEu8^flsouU7k@ilNA+zoTH&Py5V
z{W`k1+)oH!H1vf!yLyU$;rJ0;(A!-fgvI)}>q_vAuiUk+H`M+<QTcTyzdODDo!?3F
zJPWTu$@g(1U(5el{0FkH(8c8;{geFGc5~w`>DLc%4g3x2{)xYa_-zaOLalFZ=#KfU
zKjP8<!XWkEqVuZ%$?%_^^^zSHgfd^cpOd*iF^uyk_H*$wysKLWqo5VfZ~bhK`TQ89
zehs>WU;cZ&cQw}cBfaZWsQYt;d64rakbl4QFR>0vz%6hG)a$<r<740n_?WR@Mtao8
z!B1=01<JmZJ`FL}tJpWh?veiAGbsHj=CMD1>1Cd*`TlqI(V}UcoYOCH{)bmTo4%}p
z8{jUe{YQ1ZuJbT;TK#-j^*4?Awd(b%KWX@%#`(ArmS-KmYpm!0s(x{h{Ylc@J+Es+
z`8*)c*{M7?78%bEv9F4KAbr*zE?$248Y~U<c@f$4^0_J4&u6+G`TQxLqn_e(TzshY
z5=ZMMd(_tskv=hg(!v6;wBg^<7e-$!g6(y`<$Hlmk{|0{_QfN;+rP_#?9V5BFR>Et
zg;TzEezw7*Q1>^y_Ct;MLydTrzQ3VghyR_bu9d2;Q-=Lb#`E-b{ip{!!wGN!)ctu_
z?OTPj{s(0rmpt|SH8<wVZ+!xf`FPcD@9)-W^8t=C;X$a^r|64t|1DS-iv6}oYX9fA
zu1?8c@?B}<n~L$5RDG6S{OZ0)f2A*0e?=#GJwDLon-=Q%i0b<8s;`0S^{VfS|M5`#
z$2a=vRbLuE@dvqidJ*P^dcGo?ex1ks<5E|!^-3Q;!LApaX!Iwl>&sGCu=RS?SHXXC
zDE%C0^wX<;6Mo(s?ACMf;f~dzUeBU`27NAA^^yJmS`|_KD;3WEKPdZytT(-WUMGLO
z-u%{|@R*NR{d3f%_lfK`U9XJi{?6^g*6hQs#(ot2GUBX*8;yRBW;|HE=+-K~d$~RW
zGX<Hi-});a^NDQwB=j-ZetOmC!+&$QZJ1kU8ChS`;IGDd^UMA!c}V=9J;p!$$o_vv
ziP!!`w0<({aKX@jufx2|znpuL=U&E78|y>-jSAAAK7Yl&+7Oq|G&lpwKGFGo8z7&%
z)EUU1mCycg+RqB7{f`0cGaL0w-A~iM#8CPx^K13bZ+#B(DGvkX6WR2|Jm&9J-v|GC
z-6msyrG`16%%kjAy`CSGzvxDOI-g-ieZkttC64qXQ2nBlzU9Tf0;~!fLY=Rrlk+aJ
z=sS4K->bg4;r|@t1$ZBj&$03zy@7LTmvLTQ!afc5f%GqraL<XX-#cD}(MP-M*f0^)
z^K)aA(>-I@KWKeo@{oE0<?pxtr7^BQ6DK%Mhl}8$-ERDEm}sB7P6OM)-ca{b{9hdB
z>^hEj90bS0>2NOG36H`n(DGlEIwD#xd2}S7rK%pCzu$VvV;uQd{gym+ei3c&HD9T7
z9rfz<rt9-tFL_)bpM&fJ*$+A&zx9$wlCf?dZXh4YOXuUaUh*hHKC{S2^3wVEt(QFB
zC!gWuBYEk3{MJhzeaYuj@{zoBK7Q-_lgAv`h<qe3osZx8`Q)(=zDYikm(Is;{Q>g0
z1@n=Q<fZfRTQBE~J_oIH)q3s@Fy03OJ^$-s7he1JMtt2*iKE|VW?`@OqZ#*0FYi%n
zh_ea)VdN9p^ry-5CX6}JJvXw=a6AO}|L(4j>~#E%_r>dQ-Cj3-6+XfHVpdokj)eDM
z{Xd;umi><3!0(`*Pb=T@<h_7=BtMBagLv9s3hcsb|B4Y`$9oT59M#|Y8(jU;U#Ua-
z8`J2o^e>6gFNxQQxT$_}aneGa-#Bzr;UQRflC!h)6VaW5XJL5tX^5K@=7Cl|tB9-f
z{?N$3H{%KEhxGrwU9R4L;47@Frf>wzvB&8e!Q-swCye=c*yAmxpZlTo=Pml9*MsOc
zp#L3ihg!dj@nHQQ5<ipOJV_ohU)ujIkNOz+{S;1vv*7bTxVZV?0Qe(pGtJ$<2cMem
zu9HBWUq<XQ!-rizmp(p4y|N#Zv;TB|L??Z(f}Qkz0oPflxIT*?+27jVhv<7ju|LeU
z)_>wr|GCe4$@?qfoQCJ1&fjmn<RSARdHh8_f#yTzEg$nY4wnDX&8M!XJog*Heduzq
z-?YBgROhDwYz{wwJz#J6$o}6Q_>%sPgxjF>{TA<!>3OdH+d5jb@Y>fQUK7|FegftB
zE_vwqvW{w?mpls@`KIKYei_R9K}X|!@~ZEG-!X6>ya;vvVbyoTUw=3dO1wixJhAJg
z?1pkJcE=5SvHP0)VmE?ou{&efi=E^xcG54gv-&0PefqsPv+;i1hVkz3EbsBJ&UEL-
z2TL6LLOnmNes=dy!%t_q>kP9UUtZ~023q!qu=h*f9{;`JVE7Bv@$-=Ht3l@fu=o#e
zKk_l}g<*F%0P6V{U32blht~{!i#cvR?SReZyXzrP`)`Nt3pl`|{Wy>ML~~s}ePG>r
z?s^pb2WB$z&8X}H=?jHXUmUvzurbvAlX0m>@`+>Q?^VBoxS3U7sv7<`q2CEldbGdp
zQJ-Uho4=LtAl$adjq83TT<FGA!0a$5)cPCvxdo@}arSfJgVrZs?Bb_`gE;qpfJ4bk
z^3?f7w0&*zZU80kpN;2NoTaYb{>vOQEq6@3!tp1#7V3J%{%QP(eM$U?{c@k|UsL%@
zT*+VO`xg3Y@ElA+{rO;J*ci5f+MoDor2M2opAH7{`#HMKQ0BvmSBrS{p~QdK^fE72
zKXtv9{w4aFP0dGSvzPS}Y`&3AFZ(3e^=#?8GEY4N?1zZ9m;D-SzL8B|nsd4m90142
z`3)Dq#c(}532(qyob%TCtK$W$FN6PgpyV6X?e+O1{jutO(0W-9-_iHsP}YaeC#vgz
zqCRWA>v}EyGW@K9vR@*bz3k^;^Nno!ru0|Vovcfl7wNloPU-n*#rsqnSP%aVpw@qf
zZXBEle}q~;I*RM1t_9Sw7_Knt^;<uOxWVQV+4R!4&D60C?l$_lk@2Xim%2_+$0;bE
z!}NafTYrT3!R8a$^z(Q>-Ve{ibeva(cpqy3Tf-?(_gn0*;z#tKg-9=c@8Dnjeqs0*
zT|(*+-B3dx?HBjGMQm6F)`z;@1WNZI*ZmE>j1T30GQL-72siNk&_3h)t2q2VkQk<f
zFG8K4-+GCgo%s3St42P4>m_a};=co{82R|Em$;3H-vY|-JbJ$T)_=_JF<oFU*bnM_
z{MJj{VZ<K`CmZ?rt(Um7h`$IfH}dgYFL5^$e-}Jr<m0#gF6XBF&M0~8UGL7#X1g5a
z?{ePecW?O}T>ef@|2?DpU6}kGmV8e>_)q6=KGf^;Q9l3g{+wc+Bw6Kj(%(+T^F{R6
zvAYdpVXyoDEaSoY7hNvwBoCQy?LRBJVD)*?_koMxa+qbc>qAL611^G7*SY&ou%4fV
ziJ;E!73>PaQ0rHbcMAOL{iO2|oz&SFJE?OW*ZJ4DI`w|k{(7RH2*v&y*IM7tqkgc@
zddd3-;@pMNsbA;sw_fs)`H(!G2y#AT-io513G1$P^Qr5p%l+2yB)VFxbFFXotMl^_
z{0x2$2f-mQ)b{<!Zz4PdCGYM$Ulu?eKfLzMiPsi(f!&}y-@Y{B%RIb?elfbOhCVsx
zN>(U;-yhF7pS|kEZ$A7NhEt&K-x<a)!e=(P^^g*3eP90W=>U{}e=xv!UXMbzLFwD0
z{|fqLFL|CO{$+R_>iYcFm!hu~VNEFi{zK>Ew|*}1lWlbKp87Y(dYc><@$XLL-}lJB
z=gGOx-LC-U-}mVJZ{hzb{O84g52*D|6W5Bb^^@>>4bH%RJ#0Y!EudF>t)HRdEmH9;
z{W0u<)h|H54(<!m{xtbi`rXY>Ug|Cg%fTu}Kg9ku>`OuMr|Y{$Jg@o;LHfUo{}||>
zg=vDcZ-Z_>e1^Ic!53j>qaR|w4*PA&pYBH&?t9hG2-1Hqbba9n_+yavX;?=ez~$^;
z`S*Cbo}B1vD*YbpZuo59W3yYw!?!pdhV{3*Yn^XD?rVLWt@qbYL_ZTQfJ>qFAKCQM
zhvxL74Qy}pC$i}a^Y_!GU>R5u>i$PIeRJ|`4L^Y$jr=2<z8iUd1;2rVjr=2<KKTK+
zuP?yF2i^4#@U6q{x)IdtsReeQ!|lqS)(_+UXc)-9<P}@xRp`+D&!fcTnF5xC5=ZCL
zjr#-OB6u8X{VB%lop<qjU2x2E(ebgr9n%Z1y6gJzgPZR9*~b$8&vjAwIcyc%jSqw`
z$8pz_;yNyb<(_iad*OBX($j9d1Z)E*!mBV-Jf~X%AAiPOH-<x@RsSve@ca>1&l~^I
zeuS$26wzJ(quP4-uh-v)_1_mhch2pHOi=G1t$!iJ`tnCz{5r5cYy_La7EtG>?L(~(
zHm^2DelkAon5$FH->IC#x*pLV#$TxQUGX~@E`d5;fASjvt$ZW9zwp*~f&Ro~{+@#a
zpq{_wjIW1PkGpwq2(|t?<1J1&-Jz3?&z*8?0*63(zRu)1tNkU%kNC6fe=zJ{3a5Q#
z!~ScPe<k9#g5!;RLhY}n%1`2dZ^XCsy$!weyO*lBn4uS)^hb2kA3eXKll34vsYCi`
z&F>uQe~ERL=CoU9!{9ym<{39$fcLkGuoD~rb$+XT_J7`I|I&{VsvimIhptz2@1ocJ
z3a?)L_QHR9nHM7;(aC%kKqvF5^C`pqs_-Q1^qR3=>#=V3!6~eB>6^qoO1{xpCpnGv
z@?nVmjR~<osc#c?N`2F%KGjgsokss$fcm}a#czD#FN1#=`G`*DM|A%;KPvwd__+i(
zvJUnd>!B&@X2e-{UQB{9c~8s(r$G5UxW-ry9q~5^j)fDTN;jHU{Z}6S527BaFHrs~
zsZ%~*%IDQz`P{1WPs{VaFf5}!Uu%6X<MVm6Xzufv^fgqUx8?J7N8|JLqkLT7t^Ty-
z`;*~NzR!5ZSPz3d>L;RK1I4d=U!vE~GLQOA=pVnu`v5ErliqgYx!|h1?s`2u0`uN;
z<3(W!sPjvOpR_R4`nSn@IMm-q>3l>db(SEn8c=_KrS1PD&Jh?$FMgZg{{ZZC$MsM9
z@522dFzG)|H=Dj|{RHk$6&;)hm%)`V)b?|!V*`AWIFff7z8949OUDndeShK(gA?Ht
zxS!|J7329N^UxE$oVQ}9^L?9jUI)ten|=6RGrW57`yT#V!mUvI&%twI1iY)hPqp;j
z(SM`twf;5kd)2oI(tinbZ^63ogCOmHL>G_mFLzV_QR6(Gf&K)%r|fn8qMw8AH+VQm
z`$c@;vJ(CZH$ffGZ~YPCUW7McYJNY^`9wB-0`g1>Q$Q<!zxBmfcN5_rD8H}hepU{V
z{xAG!|8*E|2HUH6kzGHSd`H5u0rK}-FTb-j<@cp~FtM?Jt1$j9tjPMzcga1+v+=v!
z`|yV#f2Vte&k<c<J>z#edCuzhphP^MszP~gS-;DT=lpz{&k4ni&kJF#?~CiMALVa2
z>fa?Jd%Xjh*U@2|--oUKS@c1lFS0&#zs95g3HoKf2>;9BF?a%AfL`}!CqB39dczv;
zEzW_6_IHndJkEKQ6YBniHQ%W2-)lcA1vu~Zd=F+_{RU6KE5>?T!TGrbCg$^fKB)a4
zS2}r~#Nv4p*5}7Q^>-b$)brzI<N5I@ANPHe)t`Pm@25fe9;le{`DT(w{e1Mhp!k*f
z)9YueNBu$cX=1oK%fd>q0lWcqye}F58h#JQhe-bme%8W+@RZ@-t3G;6S9g3U?_0kZ
z-xqk*i{Iz)pAL3`x}QB5KM3XTw&eX#>yM$U__(V>zdvey5_Bnp)QjKR=#Rk9W4U<R
ze@E^Qgvp<9x|vVjU*CcIz2J9nBpd^$K^-r=_NB?IEUW=*8~J+G&!<nn!Dp#M`tqat
zJ3U=rc<l!ecLbaar@|)0?+A5#ndctp<@qCaTA!Hbl>YoPj`2>Mi@lBWF_68Empni`
zOJ5c{`8!I<&(fztpBI)6(tZ)T6#Sl7pSqhH^)Ewz5yrz#>~(&kUyXhnJQJk7yobEO
z`^cN{9pnAPZ+#`=)`In66C)qL^(A?~t_r(fai50=Lp>jL(beVt1h^A6=Y4aO@p(e*
z_y6VM6v0mXS@8~D{<pq7c3R(*{62wS!e!WN{S59u!To%2rlDW%QNPa6zhn5{js7^i
zsqA(Bq0-+YP7LyregqpYRQ5VvHS(zq--FitSo$H@Y5(G{E%$rFZ{R@qu-b2<zF_y)
zcAxc<$8qAwKCfl$_et^HdsprRjs;;&I2KNUbKpXlETOZDm-zngZ|m{@`m^r7wqKpd
zjc<c`eMNQqOW~|Py!J8adszD)PuT~WFTeFA$md1YpI)DO{j~I`Pr-Vw%6c3K$EtN|
zt@oVR7lvQK?eGo!h<}~$Idrkny$D~1T3?EN*9#7WvyJ^I`WoD?4;vf$N{suZ{|Nu>
zU`HtR=z9Iu|4RJm&$)9c6MPfud_=zoyF>6e)cQXd_e*~n|2N<rDD~)k{MPrSZ&{MK
zepZA{;BvSZ>ioiMKRTT8Ba8iX>evHML$CduW%!Z#(ftpVK9e!OmjC#MexAzzJl9_J
zj~o7_53g{)crv$cTR`0(OJB~=cV@gd900$A!{K<S<Aut;EB?b8Kcei%FfWT?tmJNf
zQbXM@uX;I$Iwf^}Gt;L+#(acT|0ns!CQiyA<5_l+udY8-`Xc0~{U1_wq(SFZU&!z;
zb@kzXKe)i7eyE|p!1!PA8oc$8>I<?@iovSz6F3r%ecrAAqA48f!zS=59GBAFZ}@^^
zJ9s&ryVmO^Q2f7$e*;z~kLs`^92y|M&&jVJ`3!)SQn|dU!4s+7^%)p!z75DPSbg0H
z(g*67&fn74qMw$&5A)Ga&5zdi;C@uq%es6@)hYW$*XvcU*ZBnczC-P|Cs@z%pzJ>#
zKUjZz*~j897k>TrSC>A@x|8!{2l?pumVR*neGB5WQt`C^rreLJdRZ@9SuZl5X^r_5
zovbg>S@SRJMAo0^to8RTd5nNxkcXVhy8jWS?``x)`f`^1FF|?!>HJS|KdS2GIT@Sh
zV^7%Fcs^SCW!PPYiG8vk#JsJ7lJ6qo>iMzsV*=>s;eU~er~OaoepJ;<A7iTdd)$~m
z(aCxdoi*Rqy0F&QYvdvCZRygu_qBdd_utaj_Naf&(93(Hth3c=T|RMNbgT#0!`!?F
z4=~<`gY`E=`K$JT{MDiVQm@oEfP8fSEq%KH`c}kgui|O{Ew~?5^|D@Wvu<R4lrrX1
z^n1~thUcN~&rZgps$Tjc`$_s@t#{cMvfo5!?Y9p($A&;TN2asi=fJ;>{U69)&xfU-
z9Ke59^7~rltNnN8epJ=VJS?FO>3c%fadKGGSnq-Cb-yhA(*gWXCBHdP^40z)b3dx;
zw~)VlFCu-Hb4b@~=?577wDfHZy?if|nEfK>LV2DivhU>_m3?o0{}imh=<2yW&p4k$
z?e7x(mwKhXJI3?V(jN(+k3m15f)Y>9?>+K~s(M*3Md^pEk4eUSiarhc959d3&y<Wu
zRlW2@_LKC*TJN$iWWR~d+Hc9zyZ7Q885|qJt{L6+KQB8b&EeRwkmGQe?NxXE20UNd
zT_<|eQLon*9&o%u#5)FKQlHc-_4KEnSmbTx|C#dlpzQ~QGrrhQ$B)im&zJP=Hu^y8
z<GUc&$8FY$j@O>~DZ%=))|X|!0Q*!CWWObx@x}fuesul1U(%<t#(vfM!7sUeISP)2
zC!p5Lc;ZaXE+u>sW`LEUwm*yCtMHWo`qY_SoE<O`=Zf?}`_F-{W{~<MS)BhgFg^ST
zF3;xfAA(PE{>6nlzSy<LUUbhJ`pMay{~2&Mx+8{uExOzA47w{Yes1UQQ&={SyY2z6
z!?JnZ_*Qu66?c6lzoVQ3a;{6?<y^n}y3-{n?AWBFV|#d{w7b^*k^HwA`D?xCq+YAO
zPkgTLr6B9m`4(Uv3aj~Osq#(CJUkCyhF9SYsQV-HYxxUSA3uQqTI5?FN<8hq8uz2B
zUe=e)o1Pb4ugq&{=2!Y6>oL6gV$6%|*BxA+H0CR^>1Ex%p3j{J6=6R(5pILJU*WaC
zMW5p1U*h*L;#vCU0rWAs{{)nHx}Ip<kE(j9s~~mA{4L~K*DE@if6-a<J&otk8n_W|
zf!cp$(_4A(H1dyZddXAX2k!DdkgUM{pXU*!k8k92f$?euUB2Vt8mQNg=wIXh&pzp|
zlUG{&OT76(#uNKY=ySl_9{t@WkEGa1y^@FSkKg+3<Pn|EiL2o@sPhqB9PTH9^1gbL
zYyG}jj?WDb+Fy3^$pveNINzx5KfL{rd9B9$&VtL~kk{NfFd6Fk50!ld6>p>wufEE2
z9oIQjo^!drQOf0?!1z3+{UyaNgAxBQ@h(B>i^S9Y5kHb&pnTR5_b~jE&xu!{_J0Xo
z67G+KGY!4yQgc6>visu=*RR`9#|yQ68RD0Rox_<=WcTN_zUTOUU=sYEd0Ao1Pdaox
z;WVH0+3;UY#hV>uJh5+yeOvgcM}IldmxofX<e}HE-})Kk5sN-#<@`Aabv~j`SH$f*
z(Z3yH{aW%m2X(xn0pdlp{em#&FLjQgzxAlI4eSr68}*0Ez8LXaLMxvULFN<L{pAc%
zz0xPyPiyFpwV%SOUr4@(ppLiQSRWEEqV1=LF@Jf^$0_R0pH^@RoLIt*&xZQ^3YC3K
z6>qu`FQLkFH`jZLyFBGRFSGH!XW5^@kFKwNG3R##e3dvwVMW*yYWo$~-GyRT8hsZy
z(6ARfi7R#z_j~N78TK0(54Jxu`JR3;Tm{!dU7z3jqr|-cufaP;K7Q-1?_K{kzQ6mD
z@AKvNBl#Ufe(%x!%+B8htcRkL--Wck3cC8RDf|FFXuZU3Py8=nPa_|{^%8dg@rT1P
zMm~P)CGKqEFNQMTdcOSDAI;^?H~HPBC%?lCf@9!gtm8RQeh00}?*sBX=q<jd-NyHx
zx*p5_8sb>~*Ahqkx5j^GXvO=+sOLe)n@S$KAEB;y2lI0PW~D!Qjrs6fFYDtAHGfHr
zd_?yZdeKQ8x__b@hhFNeX!!pL-EtUc{aE@5hJRUCvR`D~%Kp&nR@XC(zvq|$r@>k9
zLF*;%65_9c8;yMY)=S)-#6JL!8Tt6Fm$(;+e;xi~<m0!#-J9+_zXI>Vr`~eodj0h0
z{%|-JPKFO!FL8e+{sOqv$j5KJ#9c@H&2Wd2kKcNUdyx1ipv<?PFTeF~v91onGcftv
z_g`;e)o)h*qvJmzwBpsmPTOB)T=%OD<DbKBuulZ(CGH^NkAP#1eEil++^NK$1s53k
z_^p??D~Z1z%6#kj^;<uc^;o=&TmO6Cal8rNE$^<ILY?2kVxJ?N^+%NbHs&v`%Ks?y
zr{~M7ewRo82Yl9-qt0tk)@f3;PCqo(>%(GyB%Jj}lzlhyUZV1U%$P5)`raP>_xD*J
ztE@XeM?qPq1*uoo=_f}04~zZR;jBNR>|ZADrYiq*#(a6z=ke&jkk9(*_%B(`ty@{A
z@*W`Tw1ZLq!(v}Bob^YP{Wj(=vC98#W4^rV|MckpsL%R4)RnM;Td#}Y68L^aH{Jq%
zR>fU^4)y!dc*9RF?8B>n2R}NmGUQVkHi1o{&O3QMS4aGJ9W%oYa55a)!rk8nv$b^B
z#o>n^xa-^>I@W+6LS3(w|F1@WWc;5>&VQlGj)UMq>YG*7jW2`as=4db)g4R1#&Bm1
zH+~nUtm&=`z%sA~YysQDui-E_4IYu}TF&1__)TqheF|2p<F3Dg<Kb+052mQ=bS>d^
z7*X@LnR(g<rT<5m2R+|j^}F$F&G-5L*nI2#8SH*c%>K&&gWaDw*=GZwUf+6t!>TWc
z|F>Wj_yzPDKdSiiTA%b`3VoRi*TG9r_KTjM$YviX-*}wIsbFFF4%GF@_-O8T<ayK^
zhDzTM|AV2|coA)1J&gHJ#!jA>@;u9@o@YgQUi~6{=iGS$%6X*cL;RiMIVsP_nE2Cr
z(OpHa;{~hVFL^41=+u=NK1Uw8jC@2V{Sck>L%EM8I(Z)m^t_k%E4{7<lm9fh0D3*|
zbv`<t_7|w0u-aFo-(NuK&%^4kScvNN+8@2%<eZfCB=7Hy*tdGVLuJ37{q#4K_uXLQ
zN3{JfVa#8@&+GjweYZY8g~~oJpCjt4&lkbQk7)b!Va)$+=B*NxbuaS}O+B~t`j^ii
z75SW5fX{pKd2uYClNUq3?62`TC>D7nhHt>|=J&Ap4{txDkMjLO4dz?E50H7@V9a-@
z>}xTv&EdyzEDUdc4~zfs_CvluD$Mss`uidI{4M)j@9*&1OI-Q>sy*vXzHid;!m2M#
zebr%O_$~ArKdSiiTHhGHFFX(R_jP(c!m6Kw|0QrG+ylMFk1GDW)+gVucHr}${ytjI
zM_BdO*mutoCp|0!C4LU|eYh1rs`&F-pM38m-^)+qdwKaiLY_-<F3P#0zn5>oI+yPm
z^tr3wv-ERVpOeFwKmEP@9OmyAD4#Rsdk1+h)cah2?$PhzgLoeu0p)voy&iPG)~J4I
z{Z7u~n^5;h@*l?MNo{|U?{B1^q1G>>&$7=}kcaeBKG(&dFFL=iKI`RolVIn^tKRy3
z?N8(Pklg(4Rtl!A?|$FO26caGFg^<Y(#q)%!C>|44Sik1zoj38UVfK2ir>Et|IMkh
z4eSKFL!JLy{O<TM{Jw#!x7+)Uo%wtwedzF!8y^j$n!gFuHyh4}OQ5c2J>#e0IQlOA
z(E6hu^_S5XZRq;?8SDc0!|SkeBd2Qy>oj%O^Wh4(8tVK`;pZ$2wZ1EUe}~V|udK#;
z6`j<Xn7X9Sc3dBW;^$4nUruyyL9rjfweClLkNUzs>m~29#2Ev}L!H0hddWlPL-LqH
zK7r;#=IsLdI*r|WeWr<{t|tcflfWtHvKZ?*^Lx%uPFMiG3M;{?P{#|eeM$1G1xG>2
z`wz~~7{+=HuYGFbWrBHO0XT^GlcBC(<{>G1Iq$_z>o+hDf5Mv7^?^~JSH1W>f&YuJ
zEYBmI&)<wc)6A`d{d_O<m+}2jI&|e>ex756jptcIbUk4ybma{FOmv6fyyh;iKVW_A
z-ZSh^qAN=NDfzsU4%UJ1L){N;A4q>y#S2!SgZu*NZ{a@%`Xn%8koH}vb2p4d-{Knm
z6a8BBo0ProS6}XX)z1mi{{VDD;5axVNc%eUNxlb*fn7?d>uHX@9qg^_{nCF!oPlAC
z7b<&Q-#p%HSHSgfGknl`iMyBhN8l+VAHVey_X_cE!|1%1>i+nxm$*+6KM_oB<m0#g
zBKzzXe2m}ypM<(Ue(NP}LgGIU(-`^qt(Ul2iJu1+H1hFVFL6r{zbvd|<m0zq)@^#$
zZ#J0QSkHdzOB1&Wd>?)Y+rV~EukWaCAHTJGANwB8g}*>uZ*|7&!20k@L;nNg)8T6P
zr=dT__*r-nUX38V#JwZ&+qizkg1SF`>m_b{;wOPAjePvpOWcga&kpk%`S`7GK-}iA
zKb&CX6IOj={0)J_4gXdiiQBq$q}R`3{G5bw&_%TVxXLG?k$(}!e}~86IYZxz@xHJ>
zoMq^DGrk}G4WIh>{{5`U_(yOm%>IefU;EVYiFWt5534?vNB>b>AKzoWe(7bNKVhDS
z!cl78bCa*$e@j>ozrn3=I}ES>CUKv{-_tO@;oqzNH~b%kBk?=g@b6W>6~8;-K9BK2
zZ6Bz<>g?;rus!T!?DtUVyWqcj7~_S?Ua!}6<g){whL_+~cndyk_PN`;bG`_C6IO@1
z-cae^!GEPN#tW6bt}pgyt{(|tHuwtE`dW-Pf}g{lhJGaDTVUD_E?#Na3todd-Y-Gg
zFUEc)Jn?}1tx)+%J@btCmVT_EmwpxJzSOtV(2Gv`D>|zmR^P1os7>6)uoe8w$mbOO
zxeQ~YOK9i|cXaFHO;{dQg?fGXt(Um<iT@sKY2@R#UgCaA{7$f&k&oYciQA9(gW)(M
zAHVhIiF*si{@ksnv{0`fuli^4lN6>5;NNe3F5>5dg<vtL>$P-W8Tt*3Z-v|8u?W&j
z{C&hf7$6_N^_e=k^_2tWfd!%Nzu$U^`v&n#z_*Qj{MJj{D#Wi18yNZct(Ukhh~EZ&
zX5{0yej;%jcXsP&1N^;<yYBmi<L^+fC$X=h?Em0e>o*YZAUp~Gg88v~-LMa2r{hI7
zz4S@?Eq&7co=(4i4bXqT{q18Oma6q2`RRV^d@TEc#(J{s&yq)K^2iLW__fhX{3FJC
ziiRKYE9>3L?|Gl~ui(E7tOlFI1yJTg*I!=Qby0SaUEh*<l5^+)`G07v7ts&IPV@}}
z=-Z?J9Cm}cKjJ@Fy~Mvx-cOK6GFTm2`Dwe<%1-AO+4M3GGJj3T-<rR$>c=x*^Pt4j
z{Ta^vQE)k21+`vu;$L)@|JnGFJOb70RezoS-GPa}bkF0YQ0Fh>aldxDl(1M|cdhlM
z@Uy3@yZ<Mw(aT+T?Cp33e$<C?DE?~@=MR`ZK)eye75{zkZ{_Dz-yHw_ptkQBAYMe<
zmk(q9KVa9Mc?>jPy5C~oGJ@>06Sp)h2dhGz?}O665@bHo_wMKiz`;iT4@&=KkoicS
z`aHPT)9w3_?3=SN(0)Hb+*RG3eM<byRQ^UA`%&!McKf$|7VPzU2&+DZNB@yUUzEHn
z!dkE))ctu-`nQA3XB)bs@HD&(b^Z@Zzc0vqim<N7L)jnJdiJWXj^8Fh`hQUR20`ZY
zDf_e+><7Oy_V0tzcL_3|J3an=?kwb-+G3nn^4_$K_a}L8dWQF<S#Trl$@|hwsMq@?
zbpOEEU%7lz!SL$i<L5b;Jb-_{^|^^(2o{0mp|01`jWYC?8NUH<LwR4;{{7ZV{KuI8
zSkTJHZ+%PN+dqT7;W*=c-mCsw{0xPo0{Hh^Ka2SD;9|H6>h)mh;`Vd<QtRJhyaKEY
z8%2;_;@2X6y#V?6tshSOdGMWYTpvGzC*Tcu2afOWbkpEEc=1~|{`i3V&&PBX?*sfv
zJUxGskLav?5(gQ-8u2WDf%2C){fIXh>VB+ZT-URj`hSJ($fpC`jNLY$>^Bj23)~Jb
z!>h0~`7DIe_k_&v7^v$Le@F0h0-lGKelPbAz);(tG2%;Jy8fGnUdDBQR?#P2pI3c6
z{3M32!eHY?w7u7Sf1^IVzD5}9tJFYuuFQt##=GllQ1?Hq`tta12tR@2px5|O#h=&u
zqz?%Pxp_!A!7(G$^AT44FZ6vg+zB5euGjcc#h=&uqz|vtmjU0q`S=~``S7Y2zg6(R
zakTUQ#282I->ZHEe%Hb5_^o327yUA&f6dU}8tn2+`<>&ANsfD<&Of5`>x_IP@0#R)
zjD7aEvEM|W1$|j4_PSmf{}Em4iLO7jVX*rAA=Wn}pATRgI11`~1I3Rj{=C*Feb_-?
z%CRmQ8S5k85I4VrU@xAdqmAdOSN#b5u7w@hmkW&j=~XX&(+_oZEM?uTGuB^N^_$86
z2s{N75!Y+{sN&CSeSg!BB*WZ%6dUW<66*8A($_Zh;`bB$%emCVnD4OaQ{z83EC3rr
zukoXbKd<#kAI8#`Ud-ESWB$DA#qT-%Uu2#$7|%yb|3rxOKa$T}xCkDDI^RI?ql!PT
z_0=El_J1>YmUVI4SRY>XpW^p>m~EVk*BI*a#;blGes98G@q5|uZ|M&i`dlMizWrcX
z)@e0ky@pj^2><0^W!MFJjUQF~d96?SaEQM2<-8eUJYT}9ABg`+a2nhWy~d9!{=C+g
za-`cI8DV1HOA8zCr<Ojup-;o-*BY=j@5!GT@5`cVgkE&L41IfaBjIRt>pkih82T-f
zU4OR2z3>3k=bu;oW&9-n!NsXP)v-O){=Mq^;`duP1df2(zgPVh{A`DN;Q_<HSAE(a
zT|Y9wtS|@E`Fqt*!OwI!8_qZUd)05i&+l+M+->;xsy~aLi|{JEY54c5-@`hLGtJGz
zD?d4wfQe?f>ldM(k5Ji1BYv>)g4Mr--|t{U>go-3Jz>?Cz<*04UI*fJ3Nn6V_m?w7
z^-jjm&v5B<x8Bx3JwKv5h5j*gufwWv4BSk=4;%9xYJY#JyviDRNu3+H|0mS-)*x?L
zx6`?v3m3uV@G<u3Q^tOc>iz=NSC6{CgeB&=^;84u{!T}C0M41~^p{|G^~dpBai;UT
zaG~QWsQrgke}OoU5hpQx1A2`gRs4CauO9sv0o$=IzBbl}=q8{S-Ec#{2i>zjyLsM#
zZkwSOU1Id2J7nl{qpJ$<q02Pi#nbD_(kC_ao$$LD{=+(bdeQy;cSqL`{-o@6J}bGO
zd6x5+3%{k|Ot{X77b^RW<gpVThw;fPy!kyW{=?gk)AY0SY&YMZv7Wv)&OfjEcktT<
zHfCLqHP*LReNX)Ehwrm4+ZgLJtopC<KL$>OTcOwZQN^Fv`u?ULY38`~w4Ql>e8K(C
zC$D<(n+yNh@cXLa->be9e%r$L@jKS=?^S;kzp;3Kd5V3O+SqS3(G7s_plfL8MfV+g
z(X}!3(H6UT=?5pmX;42ON;6&-mWQnk{ZPh7!8!0ZL%)Ub$9{2nJquGnollk}PL~Td
zT<WgdL#@w^t`^)4&q1wk&iHs31HVZO|Dv0WUUcaV{Y-S5VRm%&J?cvt`Yw!5gVW)8
zcmd{G=K7W!)`7Yo-O*1__9;B-pD^^2-(mbqKBWx3=#HZoT`faDhVc#X-Q}+CkD;!2
zGrIjS3%UZZI;;<8!DTT13g<r^)c(c3F8cX!2@J3P6nUq{Ur#u~@GrUyN;lQe>pm<;
zch#eQkD+ft-`d08aGcRkuljHCGZc;r;NNfkEaK0Di{UD$*Mp^tyV9*Yt$&O03a~P4
z6hV54UyJzl0_5YjehBd|z<V&`D%a0`a2(YA^~*kKIO7LvKgFm&p;2#C*ULQrt>(EV
z_5KJK8ug2=9`_r-Ch&78>qf7ah_-LK+O6vkVH?;E>U{myk0b6>_#6Dw$S17&iTL{i
z?lk;cd6Zal|MN9I<Ill@FrxK|R6fPH*7Mto@xgEk+!aOiYsqsH+!i2zzx4^%x^<Eo
zW`Y%=?tf&{7bDL%Vc7ur`>pRn{DJT$jQy+Y^W*Crlf!zjE&ODIyZ;s301v`k8{Pfl
z@Lkvj>iOD1{KGIId8B}Mi5q{t^Sc$Eh1y>o?3Tl~R2?snXI8kBybc=q`Q@((`F#qz
z!x_+P{#(g^dyw@!itpBw-~E<-R8;Mw^IWH99WOD~bExcdsd)JV#EUHY7s)#d%tYQf
zjr=2<KBLM%TY&tf@A<Hkd3w#LS9GtT7hQ2fFX#9$^lzejH;U+clJ_^TB6-&|@{er#
zuT=h31LQCB^gVVmPfd(^MK=+>=vo^3h3NLeFVKyPVEtB=&oCpOmFPCWKIjHS5&c?~
zf4>0vOJ8KZq%YQddDU0ty-42klK$qNlUbpD-|B~c6?_$4c|$Kcd2bY5T|<8azw%xg
z16{lT`b*fw;e9BP@qRa$@!@a=TxjU$5O@D3*O!~{4t(KvH(q(OV;wja&V!5LdRS+R
z(=Uf_ZFAQh;UG8({s@!*;dFW6eE2(jX}h~$7}ne6u789}VfNi_yac=p^?Wa&{>3mW
ze)GWa>i>vh{gr-xr26@Mko|m?b<-MFWd3D6=zfM(pB(>LU|#qx^cp{^`14wy^kFr9
zxx~CaW9)}5=&bWV&!3zRZ8;}ozwc$<L#5A;|3=Vjyok2X7{>gi&Mnv%-RjP@+EDj5
ztoot&Uj@C!i)j1L!<fI+nS<xnO8WYz(ciG@Z;;=M#PJ$0qV4yDG5>+oYrQY%^?M2Z
zO?Vf|bEGiu3GzN6&->$?YY*CAJkGhq@C_I!-<{;U2L_w}!yYfx{gdZVVfJ&N_s>y0
z7v~$#N5A~VBEMWP*nGzanQv70f0BI_>i)=cbQyiupFh^n-($vl2$g*g;?IIsJ{yC~
zC$jr{KScG)b6TDY`tzd9oAvoGRQ9oWF6Dw&K4+M}K>0*=f2Wzh@YZX6&Pc@jMp(ah
zSj>4L?+Jm<eZBAXI<mfZcxsP(AI}0i!jJd5@$X>teePPnpUCH8$ydJD*va<~;%^v!
z7r~2A`)f+wq4L)&#Qvnd%GCEY9AkXnBD&Vxp9R+%deMERbka}VFVRUJf%<Fd|1job
zH+h_ZGH=%m{cQC;nAnxx;nvR-cm=-2`l<kReM>{^?`VkqNqvv0`j&95>k(Zh?r(-i
z4ZY~{DxLIC`@f5B@J{wC@8=bu?B`MRdosLg^gq=8;*nRV@_P+`RaL!-s8{z#bnVb*
zKv&Svi>@nr(Y<BpMJM&G4A5Uozt5NtnMe7aQ_tgd?5y*;g8E)s?@P)1Aoa?=tZL*_
zJH-BagxH_d*GTP)DY9PF0ufyw^o!ALHuR$V4!!84f69HdoIFSK!&hN3<N4~hz9n%#
zgT3K=BcI5opG2P1;j94p`>kJ2{9oZlxEJd6;J3c^pYA!(6n?hfU3Y>ypZtthgfAR$
z`n*u<-$(ZeOmWWX^Fgg&if#+MdDiI@8TwP`Za~RnEBUO#emB(dEc;SMJ+&Bb3g<(K
zr~OM_(kIc?I^*j47|tfYV$}H_{0Xiw>bLx#A+JF8(GR*j;=oq03)J;gJnZy~V2k7K
zdNoXO!d*9l+P*<J?Y|1Az2w_n<(tFES9Funzk#lbp%>jO^rEx+ag%y#9JzlVdlP4?
z5idG+VYSa3PJ5a6{nRV@jxzEU-97X_p<8L_MHffutbVkno@H?AQP<bUk2!XSKf!O=
ze<R^cnB6!p0{IJMzal_Bf$Yy4_EV`x>`zd~c^KcQC)EC~sQe_KBjlma153Z&(98Ty
zre3Kpx>29#q(7pw`XM@5A66f&^&#u-BI|Dpc|OB>*Y$hVSEj$+;0ySzWBB)~UwhK+
zliQ~pQ=E28z<kK_se<u5I*<L+*e4S|P}lEO|F=i~ZHPMou7iIW`Dp!)5bNc+-->>=
zppRXRe(vDCOy0ZXy=*-1JG!5u--F#b7!AGH_vd;j9BKFy`#bpQf$l-sTXjf3tURp#
z9HGy*VS@8+eW!=IpJCM>$NzKqO=kFy!MM(2y`k^G_!n>toDsqL&MKcNMn11H{swFa
zn;ZI)7u@`$zUa6R{tESc?M8nTo`A^={Tc3`hgaY=sQvq`uW`xMSr@j2%VF%x?*2Ql
zJxuhM8`t>;>n{U-{I>s+ItIgqMt#BN6WRTFtuG7n@T!{MJI4Ho?hWq8WF5pd)`M5Q
ztg{CAe;&Wt;46Q-bypVZ^&@tzuot^J*ms5fp|-z;-`H1OoB?nw+z9`I!P<Xk=tnX>
z8jAnlBS<fG&LF<jdDF<J&^6bm`S1_8AL{;uRbK>um0@Gp8+wf&Rs4Ca?*#q04xhj7
z=4S}h^C7z1=trX)A0qv5{EUP@!CwsjM;Xs{!{wd&rei*+^S^*TQIPs#=-z~t;ZQgQ
zZiautV^GHzyHQGa-q07Jj&ATrI0LSL2VsU=uKuR5(rtHL6Y6{{`_kA4t1oQmCC@o3
z&x>4Z|6cV{=g-971>;cfvoNnwe|YVi5$_8X|8XOprN4x|?uY2xa=)F5r}eG4A650z
z$LZ7|^OxS}r|4w<MQ6>o?1MV^YXqAb{=MqOZ$0I=x#8bhr^O8Y1;($#BzN5Y&It8-
z2&?`w{$Idv8pFSp$Jd6wBIDKJ7ciprRaHKHxYqrg$#|)MT;J=$#!&0;qL0D-STKvB
zufTX!*b;U(^dlLMf7j&``<`P0sPmbFekoi7H^K+4m$*BK|0g_R<m0zq;+`Y^6?oIg
z$8WvFjlulJfimBEzWmk~Bz`Ga12%&?pHS)R<G*nj<Ausz*Y_FubcQ|PDj2MOk)aoV
z1Gzs1&V+N}!)kws`i{Y?FqUz?`K_Nv+*>edv_$`#;&xEa_i~T=HHJQo;eP}AUGTKB
z*ZG7>e~CC(!x%4A_PV|d^yy`o2U_!E>6;n-7JqMWzXq%i8^edyz6<pwjqcWcT9^mw
z`S7a$&ZGa)9`!$<p9|N+y-?>LD*YDx?+9bOP}%GHPLj_#cnJnOzk%#^Jn{bzabmM>
zo`DIW#DCcAD^Ooe*c}doy56wrE938L_>JM;%H#RR-2T@2?8VO^7$03k>kp`Wk{S6o
zX1otv4)?%|@EX+hhu1!F4A<Ama2Jdn(~YNs8K90IUi%k_mmR(ebv{QK*YQJbUxYYs
z2N^Grz6yTo!6xv1!@u8piQ9(wpTW<KeEil++@8em2fsD)@mnu(M-YD;l=Z0BpWpf%
z?7Ls#0eIZlkDVCr3VXn*hJGvKJK=fw_~Z9KZ<8=S0FHvQ4gJfE7l1`z$q3R*-15Y)
z2J0C4_^p???-Bn4*w)C$Z@t9rMEveh=3B3Szx9WRe;4M6<<?~x_%3V;b$*{R-W&FZ
zgAILGpY>z${{x%`7eJlA-})*~xPCT(v*9+V^Re_RL!_6uyYY7!#(VPq=aHqqXXN8m
zFL4tQzZz_7<YVa@he$sGKU3gBxWw@9Rev5o*I<>{uJ85We7FL(jO*^Vfw7-**9l=;
z*a;qlr{P;qJAGw17cPUT<GK5p;byo4Hh9L}Zwe2?ldwj7cfTIo0JlKBz8}@^`gKXo
ze+@PNi`D#pq~`x==2zywotponYW~Zq`Cq8!Kb@NYKh*p;QS*OX&3_#=|Gyjae~-E|
zP+wtK3O0gY!QpTmEFQ=8uQ~jIzHElFFA7q>?2Cz9%f5(D{jx7Qa4q}d1lO`J%F~aI
za6Fs^7r|%fOFmcvmWBP`T(}zk24m5;Z17cB9DWMFhtuI)co@cb*7Yd?Ob)ZcJW%gX
znV%%|+nS$_0p_Q+nxExrezK_f`A*GGbTvOM)covH^HY@m%lr%qFh3dTw>3YL0?f|~
z^x2x9Z@6#G&sFa0`FS)SZr$qr64~Y>c7XlyL4f^HPVJ9bYJa3u`=giIA6K}R^Q*4f
zAM4fr$fNd0j{y54S%Cd9G{F9dA7Foc5nz9u403<y^GQE1^!cp!yFP#Qe%AXp(0+ZC
zkK4cUywT@bWbIEewO_yITGr1z_KU2aH`V%I$F;1VB5HmAtk&~$#`9Os6?y*3IU>(n
zIXC3_D(8kgU*+78=c}9>@_dzZL!Pg4Zpiah&JB6K%DExWS2;K2`6}mxJWu6Zkn>v3
z0eN1^zL)2t>~nb@>h<!dAOG%%yf<fNead_CH(bkm@rOKL<h}S0o-guV{5sDMc`u&A
zwY(Q6;`t%(#htm9_u?~L%X@KU_J_O|Pv%<QgA1}h<h^$x*Ycj5ll>v@wd1&!_t+=Y
zduvf+|754`+^{eF7XG`N(V}_PcP4HR*a!AE^6^_ghPc1M_zB$k`wFZAYeQYX*e_M~
zS%b9ijII~#2a_apd6a_f;WzL*sPhr~@9{Iu@K@;p+0P{YVi+jjK>9WK*$j8WJ%)e3
z^%D0e@z22XMm~P)CGK_N--XeQ`Sx2capMv{0hINv*Mr~s<-}hLe}!A1&c~}h&X(x^
zbCCe1hMA%Euk|lRus#RzH^F1@EY$gTWxN;s3jS>9cQO7ayaMBHb$!$RD<^j6V6r5R
zS>RZx^()Y?g}=kCFuZ#4vmJlC;9kSOSAE9kT%B2A4wwh({JrY)<EIdO9ll}s_p0xP
zpWg6WILPqtRWE*q;BPn_W%&21KZc)^@GQJw`1h)REE($={+Y&IpND#Wz3Q9cHy-}x
z!=-Q|)N!+=b$RIc;%^y#wLh(|l-&902BofN4gX&Cho5);FTkQH+;thK^9if|tny#N
z@Go&YbAJ=u596kE`6YyDVSZQ+R)so$zx|&e&(rX4cmqZwubA*Tm>d>^C85sWZ~v0_
zWh3t=$V=uy@_s?({g#ox=w#kRC-bK3?M@yeU_<<V3a7)la05IG@4&b(xOMZO{eMh+
zD_@<DSAAFf4~FBR^kpH}OW+lF1M2vp_BV_;W1!@*T;(D2r1N=}b0Y~%4YNb7Z^S$|
zh0mpO^PU`rSKku9AHf}P50p4B81cmJWAvg+8zQ~<ovHGA7XK2bjuB7ndnx;KT#J2P
z!(Qx$qZhloT#H>P!(Qwpf3cJN#m>tAbNqe*Go^O(pAG8y_p0xK-@foTJO?FC9wVOE
z_g40&lzk4L>?N+`FL5P*iEHIAc577K>Bv{?J}~kZ`|p+gKU|A_NyA?3W}+9nXV8mX
z4Z~jSB!97!{Kd}7U+jJ(zUW#T@uo4p0Ir1cKB?ay_4<67&vB<<;y>Kyx@=JEub|7d
z&FNl2_qw4M-6{0vp~TVt+v8^lyakhPckw=lBcQgQjD9AZt^B-%T~3$>ir=YR&xEt#
zHFz7Q-*NxXzpGWe66nSMa^+9wFZMg}Blgv?6Z>skYkRRfg}vA{M=y5A412MYzKfmY
zFLu%o9lsKNsS10+!Egec40po=u<cIQ*H7ViI0e?+<?h#kU14wd;%;|811ts0!jtd}
zd}5E&KMf!DdalstlJs*A%u4^p!K<(deOd_f(Wfuq1i0Dg-&6RPcz>yQi&ebNDqblS
zPtT9|PlaFc|2Tfd|L<Ij{{h4i|22*L#cyu>i{E7U6Te5e7Qd75FMdBT{EJ`dkNB1O
z5Wg}X;#cNF{K|aj{#4|1d@a}!er<fd539Zk{<^{*hJP!MtA>6#<7?p=7}5IGDxWJ{
z>;4yi(Y+tO1uMhq@I%-Z`ek2Q#cOTElRV3DzXR+MBK;Wr<V@%KQX0Mkb^T}2UxHU)
zVnbhu@glGq{Ls+%Vtg>10%yXxa1qq`J+gQ6=vV)AzppY6JJY+k2jOiPGlLs{8d~=C
z(SHetz{sv|Y2>|v@j&%k_S3Lm0Dp-fe>pO``C9>Z!-G)IPY1@kz^-tjq2I{(7I+fg
zGxRZEa{0uC@n9mT^NDPF$@6*gO$9R;`TMOeN!(9i&rGhrL!s_xSoQCE^dGFg7k>M}
zZE!a{0<S||kJx|BeX-wZ=u^>`ys$W|Vf0J%Ih6jL0Q$7t&j`g{=P&;K(n}u?(T~T-
zC#8{pMCoH0`7CFA7d!%UXLjpc_tUFBC4SPtj4-F+U-CGt@+gD83akg;hi#zF_Xy)B
z;5m5B(9g@_>dv0k@l{wJYX72t@js?d<gs4A^d+;odD{E(|Hs~Wz(-YVe|+!m&1MNL
z^dcqnB9aIwVvPcdiW)j7kc1?VNXn8z6E!wOu>=vsN)S61Q0y%thy@i<L=ZI!cGRfY
z3;#3s{LbCGliZgq5aGSQ`8@e%W`1+#%$aiM-o2a0{2Dwlfz$eUiT*m&yBFNtoAm=w
z{}jz$eHVL~sIS|b3VV9{Zu&GAz1R`|q<?Pyh<*j^iT+RYNB3uM^~-8#|4Hb?fAPc3
z|Jv5yfbqH$+yejfaUY6!b;h{6&8P3Q`u}bESoBl+U!DJv>RZBoZ!MnjF6${${RG%u
z0zL%33CcX{;L_gzYW=c(?EgPiKM#KD<M%Z3_5G^0_0uEtCsO^MZT$S+c%RuAYzpfA
zjZ`mo{hHlYF80qr{#5Wn@KP832gv^j`~lp(pY&pPC+z(K{^??WJJ$71@CUH>QB`06
z$0NVl04{G2_5t<yC)cw6I@oVmLw_RGe+K(MfYtT4w)N@g=TtBkECluVA8dN@^E~)_
zAvo8?|AS3`5Bz)-d<Fc<#eX;b)(G`)LH{oJ|Fyn8za<Xkh|8y-+jtyo`ty$Fee@FW
zI`D2#@9!qbKZfgd1iOGIgQtR*fRBJ~_CA4K(O>JL7o7*?)wM5n+}f`#dq1N;HEn-i
z_4id1uP-%!7Vjs0BiLyU_5x)d=;JN(M07Gwicn9+>20L-`X7J5=dK-~_d`yb;J)g`
z?x(OXcKt5)-$MS|;1A&L{iGMWn>D+CBE1KU{)pqC_rK+_yiU7-1HjY3n(7mwAN>Ek
zz8<d^5Rb3GU%`6Eaoqn~^lxeY`>XMP9rUk&`&$1^*wN$F27WX-p5qw@_5*eO80eG1
z^TEqNUH=90Yij?W(*Fv-q`$pg`YZnIg1!RW*ZM!hjvlWC@Z%})WpKNTfB!4`Wm<pV
zt){<=P<|u0ul1L@v^VMmUKd%3%xU1I;H}^aP#@0&UEj^`n>4?laq<5x<bMfvJ(1(k
z6V&_rPK0_d?9|ol#=F=Ty}y?9ho8j#8w{QT4h8l8_KQ%T3Vjhc1Dpfu_R}NOmp~sg
zko(aOJQhp_3qZX+sec>nyam1kMxkE7rG6Q7>%gtxFQD#^-v0isziS`cug+iTm&B#I
z_(rPlia6_jNIQD`-1KL-jMu@YFNUALgPjNQJnjXa1*U;||E2ylsQ&`E7W@hP71Zmm
zME;}TE8yp#?oVyk-@cFSSLd(vOX5;pd?VF2$2jSJNIQD`-1Nt}jQ7E&55mu9!I!|D
zF8+)Da+I$CSG(vXzozyh)r;LSv>!E?*IxkC$4mP46Z8$BI||$a?)-=9_t?kwtMga-
zwFd3{1g4$Lanj=>`jeqc0dqlJza05uzZ>k1aj_q%el4D3ya~Po{_XO7BkE&*?lBSE
z2>u4@{x?K^OHKcki(YhMUvzHvMc)_p{?&(%z`+)ui!g7m0&fHF1HT%=>!!h}Rj;4w
z>WBB<<8jm9h4ys4__0y*Bhkg5NcEqi-3n0p+0n&*ZR>xBABUa7@lHp-r-6EWMBlBJ
z^o?P+ruJJ#s9yv9OW<qZo1os`pOF72*cow&cZrYae}ld|biMYIeii1)GvG_$Ch*kL
zc^vaVy+75}uc`hGw5RLEkN%n;*SPo-ss0bNYn~R~PdEFGpc@Rn1a1X&|3!By%FhIc
zyXdDPe>!*xc%_Rz5BUX}{__2#--I}~7|QYK3!V(>{oQhq>A#E6pGft;z<vWQKF7Pn
zCsKVD>=c8SgR8(Nz;D3aV8R(ZUi$ddmc40c_X=<UDE^fpt^0F5{Com@3j7lM8tif=
z_oo|}3F`K4f&LLt?CsR-#cB4^{$YD}z@KNpwVHoFBCYqY!C4%KlfZkx4dB<{kDy+^
z5%PP2dVO8rIYRyE&|eF_34Q|V_LB}WeP)FIM5+(M{#;PvvkhrIK9TC{B=P)+1G|C4
zz_H-f;Pv1}P;bAs>@`ArJ;1|3@h`>2pMJx*e`CS3!7IS|;5u+U7#Pm=^!^=-@)4le
zyA)}$SBA9M^Zmp22BH1&V7lhtLZtQnWy8;lz#qVtBdU(ac@gTn!OpSZXmGZR{UamP
zFM$3I@E-7WQ17qge}?i3FlJ=c{dLo|anbif{xRSQ;NbsJ{Uzwv<=}kqI+y;|wqEyR
zG5om4#h*y^ufxtaqcC4aGv|Q%eETy(y&raKYQJHG`j*h2p!wg+#edOv(ewcqz39Zg
z=-lk@t$qOfsj2;a)px3<zr8en8ty0k>9Bh}cq;6k<6=MQAk&{4p+Ax8r^EhyEk46s
z;uEP};{G=5%RD~G#s1#vAF84K<<RN+!(IHTZT%-`x7!%r2af{J0QLQF=Rv0bJ3@aV
z)%y{Lc3OM}y2K|^{Q}r|3Va#d?qdI7)i2Zhf43U{7oq${a9`^$b!qQ=<o^c7jOBUW
z7>oz|gZg}5g8Y}jP2guP`kVhp^eeRfmRHl?r6^wx?rZ&fUD`Ww9FJcPcpi8ysE^;E
z{}KI2t-n`P)88Q|9}4bk{oyX{9eXy9hkrb?8TcEhk4Gl-GeFU|KS281;D>?s#g7D}
z?*g9&w}Ni{t1Wvi&f)m#{^{|R_G_x&f&TvpR%ibN`0+C67M~9hryr_`*TvP?)BAVn
zL8f0Cp+Ax8?}q*7L5cS&#8r<^r1}qG_cQP-P}YNPzt;qwhubDHzXV@Q=CrQQhkmoB
z{~hTd>Rkpd2mfh%U&Bx7kND@-pPK3)hu!rxwBH1Axuu%;+=DnhQ%$@^S7T4_-`Imp
zUl5@`k?PNb{e_^+$MX<ZJwB1@ABNqhz~?|&54!!?DZGyE2cJ&m^atQStzQtKKet7w
z*ZVnW68CokI0c*omVys}dOQwxd)u^emHwXU(jT`tT%pC`d6)W<KO%$UIvtFg%xOJ-
zq95>IuKxz{h)&~vP6T(NUtfZ5{omL6Yta4|;MXqW^B(d)1;yX9YUr=@YZmk}zL&f7
z?_kq!gWo;i@1x)|pda(JuFHJgU-fsukK}ZoFHe9kgFk_~fBO6pfA+V%4>bQK!Jm2H
zd{FmiCh{)>uLJkCe<c`)8^KkeH;d!e3H%n+{rMVtV@kMwgo|EuS3+L|-NoRw;NoiP
zPye^RH57XrzbX3|zXMhO7x?{QCeJsSXVt}Fy~}(Odn+`1>Cn5)%bQVN1|DepQ{jJg
z{_5*j`u}fzo=*oVe&hFX{0>xonKy3hr@Hkq8~xtb`iorFuRh<U9oau*oy-1FiuL>i
zSX=d9g1>tEdVAvMXV8BQeh==e{x<EpABBE5a_N8EPX7MSgWx)F1E~9xiToTe2wvx+
ze**c>g71L4T=brEdEG{XF<>mH`xB|Y7wja0L&4i!>>nt7l8ZlMk)I1*2A1q6{R^=3
z68Jj!j*I<HQ+d2j2a~}ipgvyb=dk`t@J8?fusZ#+1FU}*?XLx22DgB^|Fx}emdo*+
z1f~Z$oek>#h&~SbQQ!nn*NbkjrmJatQooZ{KgFfJMC40*)%9mO^lQOY==ZZO{TKZu
z&_4=359<9F-JP1QrtL}nxmx`-F71^fU)rm#KU<;y9Bh`y;~xj={SjT1rt4CT{wvrQ
zyPaJ0eUN_ycp-T40n*1}9<&0xf<0a4$63hN=iOrD%e-1!P5qH5mvuP1hV`Z1InYbJ
zi;%tyoDb^bEA_;G(Ou`FuQ!e7OB1jK*beLn9t$RdXMrQYG*I_Pw|^vbVo%rW?d$F7
zdhxGM4gI+kx+}n&z*11RFS=_r-CaoE3qIshU+OK=bdMta1o*s5{ipJIeBK6|7jU{O
zsQX*n`Zpr<=VJJIIk*~J>*D`><X;bN2EB#cZ@s_QMyOu`{W8sNyo>!?BGf0rP70U-
z=D65*(>>~<{|ot1MI4X%U=vV}&%WwoBeZ{@^%946@Vh&h;1ZvG)gKz6{R6EZ4}Wu}
z^ZeO7lerbt=g)J{tp{HNAAx@CEUy32CCp#J)8=wow<q<-%;54j!9}pQ9MtV^xQO-d
zf!nn9@-OA`E5I`^<Mesp>)<Z1kBfhQpnsA2H{!hT_Fsh`H*4+d@o0hmOMAPucvPqV
z75Woh#_wp&eh=u}^pc+i-BfU%i+vft9cagG{4z05^!`Zx<k|l@evcuJZuPH*eHs5-
z5q~%RB{kHGUGY!s>f`&Mi+>-Xoi9PDztY9OgH8Vp{H_2yW1QkaJ-)TA7eD@nKjOzg
z_#<(Z@zMRe5V}XfC&52JU4OHt-%*WT?6kpt&;vXf)a{Q({y1<RxX48>x@1lFoQwWl
z<c}!k^;O;eS>66PYYy9)d;wGTd)a@b{vj^=tJJ>-c7|XbjCWZNqQAL@da+x6ez<>!
zihcOi#Kphg(T<7w%}~#-uMObArf&eh8-YW>F`(wYr?&OtM{CWGAks2_B+j~j70~?*
z$~=+zcChRJhTqXxFI~Ytpv)^-2YP=7LU$TC9+dUBzw{?-_LGs;?ax8}0&o$y4*V5t
zbs?`my}sxwG~Mwo`je1<Iye%%#6>?J`K!Q9;OF3A?1Qo&>i+Go`qyaf4Mn?pd)4{r
zreCY|>sO?GXs0gN3hV&JgZ;sO?ejdXX?!H^GOzYF?lKSc_^-z}iv2&daczKclX2~=
zjqA}!yV?H;_fLC3-^JYj(ct^wXQ1xizzFqX_g>BJ-!AqqMSe~7q7%Pka9`LA)ctRR
z{DEK^SO~ra%Kc?+)o-u0_a4%Ed)4{rrXLA=(yw_)UkBa<-VHtkJ_D`=|FzHSqo(nZ
zxXZlS+qla-)Z;$}<0AIwBQ4{4E7CHq4<jw(x*lma`>$aCkmoIOAEiG}xyI#w_Z`&V
z21@;%a{ksjB)Y?~ABpZK=sTmGLtWZC(Dgq?KfAj4uXWe+PwDGL=+B?%haP|3|1)7%
z=0{tMOGi+ix4F%aWIQLj2rR-l%X1sOy}i}XuA%)x+y~A8&jT-Uxj!6oIqwH^z~8}!
z^Em&c`OM*<-k+(^PXlLxVo%rq0lTZOWV<o2+swtj=##Es{dn*W)L#YG)LstiUk~mC
zqiX2S<<MUNE&#=z-rq~muZ7@Z@MiFK@Lf=^FXa!R{K>u4uaD4v8T4zx|F8A+@sK#Y
zj<~!9x{cq#rWZdyfZyfd_n_Y2NcAnR;&s{u8~~mH>h^X0i3eCe5A81k?**R)b^mq!
zsspTl9qqpZz6X8|>i*ZZzRT4-A3g<7zJ}AsU(5UpJidg}x_?rCvsV8s*wOW;L6;0p
z0rSBpz~?}{es%Q@cD=+&;w^E~<J}hV?hm@fzqaj-!8rET=7adB$6NQut-jA?KDpJO
z0za+-7rV?aslOfbN7|q0q7Q0zWxl)lcX=)Am&5)O;Ck?Vusg;<#zT*PnO3htt9P*L
zzrnc4K6EDf`w^)7FZw3vr|93VM*kby`3p2r-_3qa_0s+nv_Av90(=>C^G~l=qSe#=
zJJ|Fx4l;i4!hg5%+gp8mjMtH%w5P|XIm%ms$ATw-x?Xf*UvzHv`@)X+QC)u{)!&AF
z@-FZ}aJ9?+xv%<F5!ye{dWpmH@cR|;EtmN0tA0a-_7Ajv*#bVd-2*-ez7Fd1zqa)&
z(C%u@kI#@!xt{&a1$F;^x{k|#2mb~=3#&e#N`4f|&jkxy^dpg<2F?XryZGa#zY6uX
zfggfjgFk_dVfR4U*ZmWJnz{5hQhlUx(8pWqFG0NS0PhE%244g>f#RpcIpETtf9><S
zaf?r+ao6X$*p+#ukMFG*FB#W|kd|?MNgLOXk(PB-7vt(?e;dkw0sAcC{$?*>t^v1$
zx_|px|Bl7n&hy|7a5p&W1}>in>h15Z`gd#Xjdy8pV>N#2{)v9G)~^8UHvta;dw_?7
zCxEAb|JvvIP}BHG++|+vZQNxZ>hXV1n-6s{PBO0Tkd|@nhqR3AX-K=-zZ2yf!B4>5
z;Bc(Vb6nQv{;Gc;+8d2_#<{dtou7LAME{P~uK?^f23v#Oz<BUja1i*feO@0mjgQ1#
z=GETDUFM-4|1B6-v0oSCB;(o^X&Ki(NXxjMg0!3ckvDOF&jzmsmw~!JwXGLFax_04
zL;CDn+22f1_pj~ET;37v3ibkZz2qN_@^fzC`stvqzYMx#P~HK4B)Iq^`ukAt1#lDC
z2X+p$y?OBGNcc0rrT^9SLywo}S8M(L0_h*X-@$0K+YoF6cCN;sf9><U)#ER5k$Jbb
zahG|j+kYJ6CicJ9#`Q04TpMfS+6`$p`?4-ZLN^19aanI}`twomRqze)eehGz3%du(
zzV4s+6Xnw1NcEA%K_73aKM(P`9=ruy0X_n*0mV;=^RLMN*FLY?n#L#6xa;#=;x6+_
zkN?#e7a7;3NXxiBhO~_9TS&_~`U7b<`;(S(f6oW61DAtFDVN89x_|qteumawz@@$7
zYW&pw6a8gczn(yP4fra!1^fuy1?~p_wa@dRrty)u%e>m#xXV1$<3A7MBKDs~TE_Kt
zq-9(`L0ZQ37o^?n55qh>4_p8)2ffQU9(6(8zx`Ez6x#EnojNY<Rp+PfpXe{u`t=0T
zYrt2*E#ODsE^s&auYIhK8pcQBF7s+{<1X`1kN@THL+n3|w2bTPNXxi>qWS#`(r)&*
zU>>%*gZtebECF?YBGtFOo$V%ov%yP2-M;8XqI@;@Cip413pC(o0~deyx4je5uJ~7m
zwD?z@KT>}%>Ph{zNbB)9U2E^92-~Z!zTTenYrNLZ78n0SHxcEc+v=kK3Hg76L5$lR
zm+`A@z4#Hmoad?dG1tYP+Sd1nA7j8f!6(2M!S_K~uSdA}yT9!XL%VMNZH~}Cu{R3!
zr2bZ<_4%pCqq_d5z|Ohg*@%<OJKg@lre6hrKLK}wzks^`qJLl0SGed!C-z0>X8*rk
z-|a45=O=?hz;sZLXMf}$r|HMK=x;^-4lw3!Zm%(@+ZX-a&~E}i1a-aWUea_mZBOdo
zr`7-1rM)ubOMBJz=W+D&Y4COMEpP|;Irtm+7ufI~j#m?~3)llZ20Q`O<MVI(9KQn<
z{}C9Mv%zF=y32UIiTroKpTJ*1|GnIwx}ZMZjgj9RJOu3LqQ4vY_k+)YFM^xFt)SlC
ze|!CJ(68O#Z(!_w9A~}1$0EPO^ISdv?D{gNuLECr_dnNfhI&`7VO@{4%-cZEdQO+a
zUeAr3z8<{l9ZtUq?gW!IbAEO0pM!qP0iS=C>xn;s7db8dtb$*6Z{Ym3;F8xl{q-Bn
z;cqf0fpPFx{1^Ymz|RY7=<jgNU;pFWj_$9Uf8W5*(eU$G@J&$s*Zo@#|B^7CIpBFN
z<2wj`o(^6EmVo+vlKAVogSCH)(T`3KaQqAQGM*10uG_%fpdO!py1jZUxL*yy#o&#g
z?q8((zOZvGc*p(R-YcL!|Md3mM7{gK2f%Ytzq;{|`7H6*?Z5qBVsAVAl>T0cdFa-k
z+R}^N)`<TyZ9VAz9ISdHLjP+^-wu9s14n?PK^bR>vmW1lt>4R~U0GlH^+Ip|f31F`
z{oUXC({Y`77F>zz#LF(%i`v#7{~+(zLqYxgq0fhdP5&a!o14IIKsoQ}{=4aaN4=Wr
zcSHXx`2V%O9xpo%IB%Pv+jtyo`irp+PG8CE!tMP1D9+!7)tsM8V6PqQodE7H`**_r
zJK*o&@ei^8`uK?cS?Jcg)c2tNQJ|YW-Hu*QZ~tJ^pM?I^bbP8C?*na5kGJ?U3jLe|
zUIyy=n~}c~To1kvw#59Ec<J@as;PId>yy#H72spwHt;R1d%6GC`{P!BO%3Z$gHCV%
z|7-o~;;qMPf9qx36IStlD*L{)qmRGnTh>tj3C8=sU0)}{{??ZMV)(HfTn#?_7>}Pk
zFO&Q1Jvev!U7mlr*_*eQ_MU`4&pgcjtOY*?_4y?Ed)wZ=)^GF(`x&>IIUoG%QBLdr
zwsO%gLOnNqD(YPbE(Kenp0uymmwGd_dUqrJ5cnAQ9JmgA9efAe4(<TI27ds52MzdD
z2aI*;-@)#m#7*LUpyDRutdH-%{_#4iZr=U3#xENCNE7e~Fwtdyk$rFh_TOco?C<*g
zk<VG=^C9^hLOvhTKM#^~om?mM&sD1XJV-wOxp^~>TMDi#@;S=|NV|QW^{;;%w|$LY
zlPB2D-j3f~jGsQAWPI+$=XKT1huW%t^**-0xAmppucCcDzIuNTHhl%=Mb?u%KV-fC
ziTk>?Z*YD*sQ2f;z5ZzQ+pYgys_B0=>NkIi<0NsbtJOQvC4T?b=eWh}WBm5Dejdhg
zEw~=k=X(+IUjSbR_qKgEd%w7}f2T|Pn_cu`$IZX~n3rzzQ|9%X7$2F}vM)$IIUnfp
z`nNvM@5lEsetTQL3)<b=`gc@Qe<<dU+xW}8>Hajw;REoIXE?3Tm%Y{dYG}W=rqj>6
zavr?~=ThCjlTd#MsMr6e^~d79u0h~Xa1^Nfv#<KIBD8;?^%92^_<b%|;1ZvG)#pTL
z|3K^IK5!D=`;z;>mt5kr0r?%C<MrDcTm;s~=bOvH8Sk*p?R`dle!dO+AA?83?(v|m
z{}j6Kz*cCt4XEp9!p`Mj9&{JD=r_Wy_$BT9f_&Y6XV}%_a;uB~ucO^}!E#XE7hR3_
zGIxTHyo7xd?~i7^#_8e>%#C0?&hN*8^T8jnU+ed2Wp8r*H{ND`2kQO%-NnBR@?NV}
z;jaUvf7!(!iN`=K9)Gx;&wpIU@wf?bm-ls>y~6oZz&YSt#D5{Eg~Kx!c1kpRyYL=x
zb@iqFn(CwBS3MVhb^oNF%i*8&vz^w@%aE3S-r~~VAEE2=D#z;x@DxzqcfMsKm+SuQ
zYkeQuk@ioFuzjf?je1glFw(le?X~u*>)%7rKL)M?*MqwKClRMI@J;Y7m-q!Yaa?DB
zbHRC_ZvQak9{~;qhq&n5VSOA2o&rt+`(l3@2*$!sd2d{AU+i^3{T^WaUfPp-N231e
z;4n~cUv$zR(T#<EJShFs>pzKo{v~iL__fRauj|VXu>Mc9AC2!XGz8`Q40?ZSTQBYE
z-^a*?U%Ee%FYoR3!*yVRTn}*F)W6TM)#ZB_*W>)M9{dg*?D9PH0r>SW_!#)Si@%ZT
zH^EM@jMw!Ra0K4FbL;P+=(h)c*LCq<>L+XQsw4HafRBc*rh4(CAMDBZMkZokkof+E
zIBU&$O3>e>;N9S6@IKUg!lnLH#A!A-8STnGE#rN=OZ_DHeGa$?ECqFcMR%E|yR#bo
zL`}ckMK9k+x)t;HPH+XN`xB}DA=r5eTm!!BVn0&-Zro?@0nIHuuiJvU|0$muR#q<f
z2KWW2>$4)%Uj+S2n%xGUal5+xz11(#?Ei+eZht)DFkl<U<qYs+&`tl=d#ryLx);Ii
z|4{vF;J4nso4=9j&yUc4P4&0H?ox0F;&?i!`yZ+PA=rHad>Z@$ybbL<;?myU>bFK{
zf1{?qw;F$*gMK|I_4Rm(|Fxx;IPQiY!{GNg@EkA=JRiIa)cvi_p01D7ex&+on%@hN
zmU*N5Q``Fa@AE#h7AyyMfVw|>tG_ow`#08>{sZpsz2IZuPEhafB_Cqn{)qW8c<(2i
zeha*92d9HOnX5qE-c7Jq4wmj`{j;#U349;?u!imJYyBV4&M#mC#Op9nkB8_2n(la{
z2Z3k&TVD^Il};(=`IZh|3f=<hm1<jmCB|txxC-mzC2gHNjP>%lwr-xrdKmmE_e=L*
z>^%;9ZuQGxXHzxyq<#!^(P+05*c){7r?%_s{g?KBMcl;SHZJkn1>Fx|J?I+mC;e{N
z6@Qw-uA4s+=gEk-9%sG3d#i7#+3)Vs-_xKw3mgNcg1SGwaUU@N90HyNUI9J;ZU(o2
zAAwCiuljyO*M9^3ci<k-sHOUeus;Z#0~UjNJhBkiY;Y@B4)*$t*Ks^}4wwm^@i~_#
zfmvWSc%a+64Sp^MUj{dVx_^7CUj}=xfp56jFGE~k0V}}Yz(mwL&82?JFF4+Vz~Nvz
zsP|_Z^7nwPzU2CMfwiSy9HIUFrJsj(=YtEt>s|ag@+*$V9B@8(52(lIn1f6|DnfrE
z)lY!^0#M?!7->B|k?OyKorJG>9QuQ&fx7+g4l;cm_*ql`Bh@#8{cfPd=OmZ-M5@0D
zcFMue!QWl%FFnZgPe$lZr1}?Ne+ww_`2lHtenzUlbr;Y3FThj2<@6b#ZvXa!OkWnE
zKauKRhW!s~7@tV>w;|5!z*oV~T;l&2@}JT4+g$X!k>BY%9@p;RAW$FQrpRxt>5p>J
z2a$gPxC&ei?gT#v_4Z1Ue<%1P_%7(HV83I*+OGfFKDJ+-ztS&>i}b6rOaCI(Z-Jet
z?>TOdfuDnV{PtG=Ioc8XYh3J$PW%y_n?HN2{{#Ni)c(HeKdh#|-)jE6vY+&mVCNoC
z;`p13{k_$nUqk!TpwsocT>PnR{SiO#yq^e82d@P6`TtMp2W$RZT8%#gP<|Y^uk{DI
zv{#P&@4&bpIewi%JzkOO4~LzT!8PD!7yF_=0_6k1eXT#prM(fz&jl|4mxJQxhe+%3
zIMDUQ-&<?wZ=>BjzDI*Y!118ozkf>KLGx#HHU2b1c`I;V>$i7lF9rDzfRBM|tI^Lu
z`OV-RE_%tYsr^XxVs|Cl-wJLA&;6O_LlLNtzw}e;HG@v-J%e=5U)YXb|13@aEz<4w
zll~L*W5-Y7{aAo@bbn%@YY!%YBf)*uXTi?-pu}~ai$9{zfqvS4sy_pE^!_YF{)6Ci
zpu|u7bc^4Ct}p(60KcpAw>O@1p9xL}FL8PP9jSiguRQOjflvO%>DNF#{*w+e{qWz}
z-?@J<zXgx{lhc=go%V2A@6Q(0-v)O1i*?;WUB4Z=o#1ES*WkYD-RyqvV!sFaEB*Jt
z?-;N?`rX{6|0nFH`V(L$()OGG&GDWLJ^(%fegf_S_4u|${=U{f33eiFU!QMlFyB4`
zPsTVDfSG9LR+s+#ggEX2b$fdMyQ3YM?{4i~;nH4`i+^tV63n9;z?;DLT;|tr$nW53
zX1U%690=<D5q)e8^+D*K0XKmkgS!1$$S(#j0c%=6QvD$Y_j>?11RMwI{)xU%4fUyB
zwtpUY0T|=s{CZ$7P;c*e<X;S43yw3nej#`%cr{oG*0#N57ynLoY2Qsh&_#bH^4<EY
z_ito``j2p({s#OVtoudPpMQT5p}xY!ZZjAAqW@9zqk)TFbmF(@-0au3{%OR&eH72n
z1h53u$7?h6&1$Is7J84SpXFj-bODst2c<pTpGfu6uNz?ZCa@IL?MJHr5O#Keqx>A#
zEKs*!+xoBJ$8PXfFdF{U1v|L-=celh{h{DlF7;O+|KVtk!(-ql0Z#u7c8TG%9v`>*
zufxumI$ZC5P_JKs_WuU!qu!-pb^3Fw(I0~H-r$koC{VXAe$Pd}ABEpfx%mGZ?9`Ti
z9Q>%MebH^x#;?7L|9h*y5%wPd*K6$ss%h_FssGGA`Y-Flt-p7|{ypGk@I6qUe-cO0
ziCwqxi&Wng<1!KqU|rV-+ktNDeGtmCz)R}#`o13QR*%yILA`%cKiQ?eu0IlXCxQ)O
zx3i1=NcG3T?kLTEYZv>Ik$){%0s87!y+7ule6FVd18Kd#vvDrD0BrL$pPRaZ31DAP
zub=xB>x;k=a3QGcMK?#&Eq2k1PV9>AMi;&A_i^w$(Zzr1m##a*MSl+RGr<CIx{KaT
zcb<#>NsPnO;6>0~?V^7Tx_7|bFL^wsfqMK!_c8RMD|FF+0o`|?=w`U+MfVr<qMPla
z7hPSHi|%|Ez37^wTy(`Q`Xi7(5WEt++C?wAVJN=|ywyc7x{)XsKcpQ!{-T=%{XO6c
z7yF{iK)LuWe(Cl_C-Xq;KIme98S=%Cr;vWuMK5+lw;sAzUG!o{bnim9)kQCMME5y#
zU%BYTj;{O0MepCm>!Ur`6Fdym;~A;GcvF;Rq6{p*h}-)Dl>E1(9Q*>T0KIRsomj9Z
zSOGf^T+DV8kl*+n*2jTS@1j0<#uiQ|f%V@*IXDe027lhh<(~JM^}$&1v+bN;0S^6u
z(@Ee2Fa=x&t^_xI$og{d%a33WEG_4>aO%gLUWtBpy9E6QmxDpkX-xlw>j%M!J2;&J
zW`aR*&`vH-0?ki3t<R6xW-(S)M=<sZ_G=KBfc$5`B;>ycmLdP;=4@vp_<Ad(!I#@0
z4fblw=>%|cdz8cOz$@90Ao2@3aCs8)Uj&Phe}8AxM}E`!Tt5z6aTTXmLRY47qtplA
z@5=Vd!7soHuw@S}UkSUNu10&v?*}G=XMjmyAy^FF1eStNfo0$}upE5<P;Nf~?XCvP
zk^ejB>BYKhz!Gp%AM_7g(vQ=nV03>@$AXyyI2{B>AI<3$F!LBrm%)$D*I@jRzx`M)
zF9$0$MjglH38<G37K8J^5^y^hi+an!mEfs~Y%d9nJ&Du8&ylVGdk;kW;89>A*m@9`
z$API}5PW(tmzRMRCv#eudm5*M;Kb88odQlD%IRY8xidIj1}-_1)1_di;hZi<9KHY(
zkpI?5l!M(zb2<SWHHOnE;D&QJy%DTCfzz?zWnc+7X(E>g!3oKnu7DrCuI2Gh0GER+
z!3r=1^)fSH4@^H7X|PQ;r{lnfz?I;neCWZC3OQX428&P*-amuWE5Ua!fga4c40>?)
zTuyr~XTAt-1TUJ$`6b}9U>SJjl_&?t&*yXsc+)kUE(O!B<#Z5CEkPRWyMWV)U=A1r
zJ=bx$a3RvA;A;!Hd?Wbf^_;E%*DgXi_~K%u!In!n9S3IK$mt+>C0GJ30ZYLhU<LU1
zO<cdy^=UyPE9>&>nI+(?MVu}MeTz9A3$_B|z}7c%c^p{xX6V8GU?O-Hm;}Ch3+p$6
z?}6puw_pX>=T_F2t>bkt?-gbV_%4_TT@hFe_PvekCxTPJAh>%emwQT?L%}3)Ggyvx
z9)FG7FGqgIWn3=-90sO<r`*ovN#J-e1zZf4g7<?f!B@eJ;HKqluN>S3R)Ejk!R2M}
zv)%^ww+#6&fE&TwJ6RtKT@n~X{v5CvydEqCSA%8XiFcvD;O8qiT>-YZpVM*R@&`D*
z672sVrxU>|9^!NfIAtZLgW!YUO7ID=47_O->r26p!3uEdBd`a~0gJ(_z!LBluoS!>
zTnX+5J*(O7AE4(^PM-uOfomS){EgtW$2naL_I#Gp3E*j95_mpX3|<75fa{)zeX!39
zoK6H!24&pqzs~a|3HgK8vpxyDas#Jhp}Q6=LH>l-xjY4&zmd}=V3W5v9R~(B!5+Bg
zZBB0lAK$|1GVtp6I9-Bv7rlY~0QrZ%&*h0=*AF?J0QM<IIruJE3OhHv$@WUY2f=da
zdVdUi;Mj8-Tl;DX*el5C1n?zrBe)eT2QM#ReF>O1i_<}{`)t?)H=W1na`5d7kOoK1
z=X47A#MPWG1D_~C8tk}`(+S|6*K>L$=((BG!o?qOx)i(%TnVOs%;iDw_J&QY_^bpE
zYsTpW@B}asd;}~5Pi@ZnBrvWur-k2l=Cr2^^VCzJ2a~}Ru-9o^o&dH!ozrpPv0x(j
zLK2s61V5R^=?bu3KBr^B?O-|BzktgV!IQxx@VG*hgY}AF4@{hia_|9gCD?Wrm&buK
z!D4U&xDjkN2YT>Da3k340+fSuz+&)?i@1Cv_zqYO4!oMnlfe9II9&`zUB~HIu;JZE
zgSV~VbSZekL!3?oKYfbR72uzs=V{L00B!^ieTMTBz`0-v_$62Y&VG*d#o)x}Ih_J_
zc>(soAz%`izXtWeCtu`r88~7s?18huVsI{40_Ln^eGvQ|^t{CR`Cu`4;|9(z1&#MP
z9SaTylfa!|1^B`))^7yA{D#vN;QH@S4xX`_(@9|0pE;cXZukXy@W|gdod|yL2dB%y
zm49+tc-dc^E&<Qj!|5b&rib5aD+c=+oK6H!@^U%}{2BE4IKQjOOaP;zI2{W<0+xZ9
zel8D!JHQHXLL)9u0mnB+8q5ZR;Nm7+UJBk1t^~_8ZbVwRuqoGHiR)C)jktax{|PVw
z`E}po@-pNf){*PSB7ex+T%H7W+05w#@Xf7AquvQ%BG|SQ+lvDigQZ|zXD$zdAAsdx
z*KS;%0PX=j-8sKIm;kQo!TDuiVNXsMgY^#ObS$_8ECrK#ak;R^VVq6?PfS2Lcp116
zark%}$D;xqy`9r3V4n{-U4nXxz*6v}qhKHGGl0{H;MrgbI1elV>mSYfSg<FU06qpL
z!jCmz8S>vghU=Guzk?g0>+uo$?>UxrIbaZ62_``I1St9Sj)Q+-zvDTb2wngdgWJJ!
z@EfoKJp2UI2VY6#^hU7fNt{jq$AKx}6<`TiFp%}dVA>!~2f?(HIbDW+`N}ySv0&3r
zI30v;+^MXOL;fFN3i20%rQq_@S?}4wc4mMpkw0=Mm#2XJ&){?-cmY@p&I3!pbI)Xb
z5L^Y8fj@zsvsm{R=t<)A7O)&_H;nV+!0uoI7&Dy9W5Hoy3fOW4>VwyUC1CH7T%G_<
z1XI9iU@>?vxDuQ*n(G&XSz|aI1m}Ro;C8Sa{A?`iE5P34;175$SOVS(mVzIH72t2<
zxxQxt^TlN5MzH5(P8Va`8}H<KkbwMev$(th{27dcZWrh|mvxQ6IPi9GCAefN>q^0~
zIh;-bKL#tnnbWwu7<?Wq11mK4FJOHlI223*CxR*9z(Uq1fyWo2K6u((l!LkRIUNN5
z0zFqDU*q>kd#>j4<4c%{;74FNIQx1oF9x?S;dD7zcq_`mfy+3Z1eR$mxr57vi;*q`
z?*dnXzk!}Rxn7gIm~r4_FbKB08|C0|Fa^B$9xkuIJW0aek1av|pnJJI32bv8?1A$C
zx47|L&i@#!06T8s`~+|SDD8|zd-C^q<?rJrLihDHu3rJxd7sm<U^6fdoU)zEgJ2O@
z437Jd%Tqx4dup-xyHd^YK5o*dto!<NW(6pJpD6eR=WqCuxe=7Vx3lsq&L8_VGX)In
z;&d#S@hzu=;6-2w_%&Doo{GOKkOYnZQ@}J({+@#TJ%EG?Zs!rO3~c@b=f{Ea{pJ#+
z<@>7TKeBEISONYBdUkWUeE(Cv?<n8ri$h%H`%($Nu)Y8+2Iqk#;DBFQmk3VS!|4=o
zHdqW!!uJT|`v~&=g9_wF;eGyC?fw50q^E*G@Jg@*9D(=xQ^4MMFFpa3_wh^6UwJ><
z&c}PS@_z6#q*sEM;C<5)P~LY-z<X)({#p{=(`tnGyW+qp4fuVpAb37l3@!lm=l>g5
z*R`@@9}Q<5(z<?S=XzGwZ=k0Orx$^x;HO{(7~Pe1vEX!2x1Z3FpQGK<g;@%I(2LXM
z;HAAeT>_pP&*>mI<8V$FgZK33^h(fs6sKds2FD={E&@xzyN^eG@Sed)gO{Gd=@M|r
zX`D_1cc0E_&rs&mU>TTyCg&G}tIpzd8JIns(?Rfe&@+Pb7lEZ<+tHjK2Yz`rrz^nh
z39tuV3YLHw6HyL!PUdt1xG;^=rQjVIoL&hInZoHLFe;PNv0$mjf~j0y3})qUItV_O
z$LTU~O(CZ@g3XIK9S7cW5vNPRiPv&E1)L2QgO7n_;8P{6F9VGQoYv=S9NuFavy0DX
zrC4VVxU9E5_z^osG1v2f3-+|NiWY*R6BgvB#i!-vPL3~_RiM~A%@d!Qmy;1csVFNu
zJ#ThKetc>$FTb!LJ|{IRH$JDRAUj^wIlOnD-u*mM+tWKfH9svge&$g}CLh_4QmP;;
zH!Zs;JwsWJ@7){!b7WSQh39ybOR3q}$;x!^OizABL0(aQS_b_}C0V(X^XRwKqM6eP
z8Tt9SDyiDd$ekXaoJ{{_<>%#6e~{-X%FQY$Ob-)fXH7~=E+|aRFHBb5BXQoOb8W{b
zWfd0KE){0v=cZ=cN$whV3w`pW7Utz-rHQ-bdEu;JMgcXbno;c*rqgd>4p7@^Q<Kv&
zrzTHM&B~_sgN2#-8L8=FM3PxK!ECCCq-85VD|d>+)|8Aw>T;;N@daTSDn2SIipkk|
zX{m)-q2Q=Y4%5u6!uZrlG~Qx}GCWfYvZkb_Srw=+d1+HsvsqIp9MZmBO_`qRs2iVJ
zP>{ja3e&Uf5mNdL`UlF%X}N{j@z%f29M7?85*8kom3zF*1!|CGJk(q<FPI_Y9Lh))
z<5{^pbn)pKlV#rUq_9h@@zL^R^5tiUq3ra6y!iC&<Seq6T9}a>%uLURyQ;{Okv$pl
zfHF1R5~OF7S5lIdTQoC1Ej1_=RoV)DHkV}P=jGWAT3H#vylgcynA~p`XH3t?Eu5UL
z%J7@BbTUmqHO?8%rs5|%28gZX<Q3(Hx0sunlaXAQmz<fJo1UGKY)6vyD%#1DX1SCG
z^V15Iw`$R`p620{{Jf%IL3r-0+_cGh7B6aN<)Ykz%+&nwF3e0VER?|KSe>MRs=lHD
z&hw<t$|VP^xk|o3I5|H<j3FnRhLaXQ>QBzgpPG!tmXnhz!v-xQcS?L^Gg9Qq$tX;v
z!Jd*`WNlQTrbPi)$XVVmFf-6ZFs~qMW^zsjC256)^(dY;hDzO}%wTqET85ehD&{$<
zg_-eb8P;ARX|@04NHbXlY4NmIsC|>xFDg+c*G6f6c2<tPI&)NJR&G{k7^mb1o#wLg
zLSt@;m7_s&#9>}-N0qH&k%^819#2u1#i0g(-LeXT`FVvIX);w+AzhAgL-O2=!WlGt
z@u_KP8NtGSFp6AH0c}jQlzD}SbW&EX1WvN(BA6R$MRL`EtL1E6b<*f6AlESxWYK>f
zx_D%I=$CZ0zh~#=O)ZiTiHRwxS#+t%ryV#?&0e)OX>nn$siCrkG&-TCoF$osdAVxM
zOqx}gQ80tz6yBR`y1v;vp;%*IlGU1~nrZ5iq^haiSQ=Ls)@*eZRU+E1b+cA)lBqy0
zFJe1CBW-$4!Ibbw(~K-g&Y3!`C?kIsl@w-C!{L5ff`SYy^x;Q^)cjy-<+Fmyr2tnN
zJ@y-?7H6DbThFTOsuC9FY5vnpRg)zzC{s<kiz&oQB}iAc8R=>%P06Qi7&bW96PzKJ
z0!@~j8YblGv^lDwqmtZ$G&!JzDh6k;{oo9jGTo@Mk}UC8L7<hBmQheZms}b!SzXAq
z7MKXs_9qUa4sS>W!PFVK$&<6x<-j@#6eQCeO)m=eQF2vCV>~%MPo|_8bgiA9L2DsT
zO%SJpu5z{gxNFq~A-P(MmZ}DZX#6K<r%sWJQx#pYERif|UD&GeOHHS&DRlTqEz156
zeb9y_enx6mVK7T}r-HQ1jP&@_$&;1;5;ZH+WBrR2#xm>Q<XKr6*>?4eY}(V}agtCG
zFR*f~;PX)~ev;#4z*)}H{M4)hxpJZc0jEM9L`QadI`tZHab#x~TIXFV2)kd1w+`Bt
zSJtUAo~mTz1Pf<XWrXHnc2)W6G^+cNUzn3Rv#MO{sPAYH_bs%c6z0)sqkwx}m|94O
z(#)JZJB*a07ulyH>Ke(_ztW<eVP#FVig+hvZIRj=tqt9BMagrfrf1RN(rF=QYHnV7
zc$VIXN>8^=Q;6%7jNFX;tTY4`rE1qtEhL%4hoYR+0$K5vQ}D^r9$hHt#$j?=c3we7
za+>U4)&&HyfPz-Pef6=5RW<9hm_JFYNF{s)vaH&@WkXz|?t-c;D9FeNdF-q)BcG0P
zVO3HKf^@|$R5!I8VI|L)849mTbI-ygljR~Esx^6Xc2R*GXt;NiY44X!0y&i;Fu4i`
zCI^f3dX+jmxpHTyH96sOYm`9;-0&XfO}1Boy28g(T5Z%}y{p2dg50VytIDH0a_b>M
zC^F;>g)6KD%E~JWkMi^?$6|UYKI-6V&rId|^eUa2Ue%CJFVNhg18@Aa0=kV&&UJW3
zxiSxwfG$9Vc~-bGt=MML8KY1cvfWU(*zuFna%69&8k7SYRv{hK(=tO%*m+u&c+$~B
z3{6Pp(ozdDbo<J&Dz%yUxkaJjwc1iry)Bg&w677C%gQ8OtnERPy4E~TuIyH}V<C$+
zx2lG6t5Q;9;Vof%Rly?13g{jwCns;Z+GpuEwVCsV%a1;2Z*W|RIL`{XT`afeY0@FP
zq%gZ6nZ{C0d2s<{%4BlTUO~u}$1AighE6_}$|@Z$s!~w1=yX-3j$=nv#S{bDebeYc
z%WPTCnk+3lBQ>`um>dl4Lb`%B5qtmB%F^kUf}WxAHmH@6<JNg5SBs{^hRO?q8EILQ
zvt;|x44j*1Urx1>sTs49)Bb~7`7^9x$xp8|;PKKrB<f0;UK3sZtQx3_a;t4{M!vg*
z&Q5Yk(K<}yNc%@xMz*?^x{M@gtOqPsy!mknUyv)?`p<EvdqA`nKClJ!Xhl5`QMvRS
zA(*L-G+|9l&#BxwtkL9T>z3N;Vu6P)&vb#o>ZBovrwm$0G$pLtI?N|3uofskV2w|9
zJlW$cXK7j{op9hVDx_uR(ftD(lPq=G2+s=bU(m?i2c2e-Lx;6W#wm}i+vgck(upcn
z1uDD^dO%nyt1!PP*YOw)1}Fq+bUzm6H05PXv5)K_VMb9EnPJbwLfXu{0&9AZWjZBT
zckMiMAxY@2z>!x~W~FAc3TUOvl>wF2Gcr9obilUHSday?f*F0nyBk!e7I`E9nd2bi
z$g!Tog@sD#s%n`QN2Lf-Ua+c6I<328SL!&Ks48!!J}w2ba;ox*_6zkSF{}rir$^3t
zY(oI7ED4kK{3V{oAv?Dy2L`P?Yl(0v9ZK?M&{G(0jz7&%*N<enx;ZlG6zO>2Z$00q
z3$L79)d3p`o<C|)#wQOBJ#@F9e#@zc+q1LPeedLSJU3FuJ-eiU&r6zqIz0o2d$dW=
zvn_QYPb<t%weN5^+v+KvcG}NGt*4zC^sz_f2b{Ks=1f>AJ?Nwxj9^+eJ&DPhJWEbS
z))P?bKHW;vePviKJ;j?zpQEtj)|1L2NB{VVV!qlkMM8J%S?Xb1e9k1gGn|no@z0S0
z&x|yBK8@Yg&W)duMjr)Df)#mu#Lp$Q%=BE^E`#)-y;6QbaxgXD-UP*nx*F3K>~LF3
z@Srb?o+YUdC{#DY9#c|^N0C3e;)iNgJ*LthCsC8Z8KF!(7fL=kbYhZ6B-ZmK*|sIq
z@l1zYQjay{d~M(CXBE&naFRXc`Sym!mhQYWoR4CpKwX5?vna$&viY_n*|`R#NZr;~
zx}T&Gt#r#s*FXA*WJZ`}3P5@WJrNJfr2B2$3XwiF{Jueb%*Xd1b`_kWgQ1f-F89gF
z*4f623r|eDpmH9bBGE@O_7Ph<H8{^p|LF`Py8K!HNkxmu@qhqL(V;?n*ybpxe9%>L
zngiPDSmmOBv{vcJ&Nk?C&x}+YI2>0VgwfuCLLtXmwm$X93)08JQ*!MEt}<zmvM0&m
z!rB@*Crrd=pZLkClM1TH$A(45L`U<|*2zvlTLj%s&QJ#makJ94K)Z+|KB4V`@~yg+
zwint+sG!nLk~P_So?l1@@AM4yfQvtY;f-GQ1NFe1CW`$jZ&-dXlrKxfqVw!V7Z7#-
zOUSJ>Yt`_%%v-C7rj=Ug7#%xCc4WA~ZXt*k`qRq`QJ#RjoKPkGsb96R3QSK=W0cwR
zXmhzSYN>hjFiH%&$}mQoR~b7EO6)XNc`3EZyV^^s)!tnywafdxN`3EL;G@(6-%UPB
z-Q>H&XIb(1Jch?V^=oM$#+$IzJfvM<nrDWmO($b1m3u0c$8<B2*i%Ejd*Oe?uI@F4
znf02|KTVq&NoLcQQ9;kKU6z_HTU!+ZTOd4yl3pW_ie!v2EG+2@6fX_SAg998zQBg1
zo-e%Nq4Tf!MtaePy4WV(7;iZlmOoPEkEonKOy!TJ{J@K_(!!Wv$<#moZMNwKWV*r8
z#(4ASW9YYIj^!wd(jjbVj5J$zpeS@WisF8h5{_JI=^UaC6siu#dKZkXTrivpsLt>z
z>Wt;0u~ig}<Dzj~M4o?Sd)_8C=n2Gi4#aisWc2Mk&C_wI*`{x!>5jYwWBrubw|`@D
zHKeq1Jq8W6|4-Xky%?W_d#PEk6%X$c6gNhMsrjf~GA6AlT&*`5##nQcF&C514qHgJ
z#Gtq>G43)bGItrIA1Qi@9>3{BwP@)5huWsSYSMb^P^{}T_609oYTjtvZ$uY*;;c?C
z_b#^ttG!#i$}uBw9BM|B+lD7_D%@_al15+<l2K~bg{Aw3r;SnJ#r-MhhHcHm)~1Lx
zGsa7^n(Wy*F}}yP##tc<&-eDR3}vIHGIScrDsL11=HE(mTT*mewxM9PX>ZL)vwaWB
z>2U(4rx7>{Qe{oe^KfhaF}9^xsuw%S7-3GDjLM|;XWHd{f6!ClX|vSykF*w8U>=GR
zX#Kq7x}Eut`A&STPc77M&2F|nloE%YO)KQ=WX?&xP3>s68LN#@^Hz|of5Oa+WHTd|
znyouh*E^nVOk^{ZlYECksXN#V7M_clVQgj?nK_hZ-JzqX^P`kEl#`rGiCoK<VX~$u
z93^&VqG;B&>Pr7~9YV?>BWNp=AO93vrGhry3R-Vtg4uUE{WE=zF%nAuJX>gzC9^(l
zFC9i;`%)VJvv&A<QM`H`#-TcF6eUJo5EdsI0EfCMg{5hCa;$qVZ_r~Nb~OEZ?D^L6
z475O_9cf1JpI&lQY@wD^i(V9t!^TmUT96a=j4=YgqN<uqzlIkbRl&pD%zKnIi$iHz
zO|(4hwCcSh={+*M*n6Cn9u0F?O_FS&<kVHeFFB?sx^6JxdXx99rDim3)M~X!c>`bI
zWy@kNEXKmYP?{aI)9j#~^d7ENKYppF#MyWHonpTb=1osi8l0xq2H(v&LJmb+8lAQs
z4BF|H!k(lK1zj1<m<|T*>PlhHK!>6}Rj=QHc2!G3SBsN0pZsO9v|G}T>8VE^)$8b8
zkgbwxKY!77wmwaa`i*=Afu&}n<}^R%({<k-a3%NnKeWZ;$<Fu`az15?*V#2or;AS`
z-DyFqe`av5LGydA@w{5wv`C*fHmi)y#$Cz|W!&Xm=cSBwv{hRfA&X(Z`CEK1n@N;$
zwi(r&!qmJQ{nmdl{Wh3dIh$I!UtL4)S52HvO?;+OpBdk%)HlW+mD*!0@fv62s^Xt)
z+pJG6wCG9y^z2WQh@xlsN7#jR%mt-%iK)|s4=qyA#G7cHQS5XK9nvrv)!D_)_XUPn
z6G@uG%$|w{>MMtgfSvRXur3aE+G*CQ6SFg6$1+Qv)4;8>eQ!j4YSe^AuT6Vexm5j5
z6va|!oJljrZ(8lz0<B#;-)fhtJ_Sp4an-cbwkbPDGiB#X7sOxbg8vP>1HL+PhFNO*
zVt9p1X^dB0pFM$(#S?32LrKdqM{$@Nj(q9SkFe8Ft$gZXC{5RAXPPT`0*Cy-lhVfx
z+sTm6$~`+<Yv0b7FdPbV9_nTpO@D1U9)V)hGnNK)Y%(pg<oRLOOn*pHmrCniY0x6S
z(y&Cd*?0}F$00dM?f54p8^fuoz#<r@Q@rZx9Y{7pC_-r!3XfeL<?O1Xn$@M^%6%xa
z`!Is~Fv8kWa%tg@q7`EO_(O^w)P)`?G=Wo;0-L3yd<ZS*A*zUWNvmt2s)JS62B#Qf
zJv}S?(ECT(N*a+5jha%7n(`US)3DNM#(##b?nvs6SJR2oyxMzh*f!`8olH)je2uyd
zyM{%MP2RTDm_&^)B=_$yR?@bl0(u_``%_Zgfzc`swLDgJXY3~i?fhREKNDzccm7n8
zW>M6p7OS21QsWwh#m4Olw;P`rz6BL?EHmmCSn)5heXCE`p8DrgSC<+q=oZt{SPO}N
z+HMJ7T~gI;92z}GQA6rsLseu=yMWZ8S!wOAj*L-(IWXv9OSE;`a$n$lYwNTnG&|Lg
zKiS=hP?6?@6xdFLGDZc?t>lDV>I+<8Iblo4i8OM;xjg-sROyhqk_4oP!WFotQZsg`
zFR;vN#+Fbse(j>{AODjCKbnFc9dHESSu~Q1WX(8>hH(*27GVa5a}gaW_{YD)?o=mg
zty2L_{eoGcCY8#e=}KeX^$42PM-<ZZFI2+N<PVvm%c$98IvseYD@Evp6H>IGdEVj(
zI^i5K%e!DmWoH6Z6qrdT>Y2)dx+&(T67B8a#L!%iX-+;Lb~sI8%g=RoUs_Opi*})I
z_(Mg9P!|qSMG`q@(J(Fwc^oQiN**^ogw7dOWe%X>-()u#P36%sbd{j#Ai3%pNLbRk
zIdGPb3T&6@;=FV?EBOLnT9d{WVu8@WEV5g-wz<P7?1v?UdQFPEY()c#R|9oSpgT&6
zml0TkqPlg8@VLM_>xj(;W{i4NM8f6bAvH|bjfaq|hwFx&_60Uu`llUwjI75mznC6B
z`QWc>d1=;F4mIK1Mvwm3%u&Z0&mN(kIf|Olcs6O_E#w9q1$2@yV_H>NCx+@+MKTA{
z?P=ASYIQ!;Q7cr`ooaPgMN+H4u4M(c6_570$c?U3XvdYJXlHZu?W7sgk;6O<^>B8a
zBW6fXQMZ$3OdHl;;?RfPuTdoY*P;-2EQdHc6e_ZwW~n0Skh5r**-{mSmO`ko5l!_*
zEomuO3Rwy_+D$r_g5+W;gpybap^Q<1<<cW<DcBk_rY)wVC}~PQNc|1lr|+{Ju~tP(
zN8dw5&1f*2sUqsTbu$nuatxdq-H0z|v=00sg)g*ZOrO<ABd5!Bc@u3TU*J?;6b_Hu
zP=jF}Z?QeLo<uftcpNISP86z0JPsB4LQ~E3HINIil#|WCr_wx|CJ*gWU*ImwLtBFV
z#j%vEhdWK}s<M{rtJAl2{j+nZDfvBgt(Tno(v)PVsjhzfYup16Dsl!utJRoxzQ!sx
zq3If`SC^)1-NrOsEd?%pjwTz^wZ<y4E;E63@TD#tE$PSbONQwQkflIf+T$sHV!r{c
z`miL9KcVtbfsK`-Z<qQ4cUsZ6B@~jr`gv@Z9UklXgL5^9iYl#UXHliq94f48HGBM_
z@|F}HYoYU_X~X}c?TxR_Oxfa0Uww&Js62+^6{Bu`Y5$Yl`n*eqlGq4B88n4{<|B~D
zxvHEt%$RuI2y7*VZ7Ypd*s_X-8Pii~BM22aHv(%`Ig5tz9znCp+9N_m(RHTTJ*Pdw
zngUYl*fJ!`^i;oPh_;a#lfa#8DPf?_eXMt`z1_K?bjcbznpdY`n$giQG3q(c7+c^`
z_ZIYg{c!8wKJ>4TZmUgSJ8!?G>NdmhpKWXFsYi<S8qrvqMnJL~(GZ3uhlM9cT2>tL
zQGu!AyK@MgHhh6wt%+|7sgp_C#J9%d1=~04DRyi6V8v|Rl`i;Z*CV;pN=BPVNZ6V-
zcakhfVF@m8mZ-?KW-X;t>AZXD>6RJubPA*zXY0pbose$mu7j;ua-EWwA!&Gv0$Q44
zY}n<r4HjBmm-@KkFGu}`zCbst{9$CET$0h&<0Ca}l4E+*6YD6tUr_BxZnQ5zk2BT5
zC~Q^y0;{ISd9ktjZTLflVH4I;HgFClZF!=llVTs9uu;EY-BLg*-9FVrq3LnnR9cr0
zDN?sjEyM<oEwy8p`T}WITx<z7Q>lCH>}IOyUZ}A8?unMV7t7u2C9YAsztqvfT2^Jd
zYA*RhMb1kY^-KzI$yP%uS=x?K<p7A59)qv90`rE$L91o;kNOFZxyo@|-L-pYRjPjM
zduUFojQ@0Tuj>oEWH}*n`{Mqf9U14qE15r3q&Xo4wiBU@QGq9=oAwm3OMQWLmJ_yw
zhRSMbq3uMaOK7O5(k0YcROu2LDy;ev8Y-`J3BAeors_**sN8u8m0VmxLrGjhLm8t2
zcT0?%i<T~-w#FBD&We;Rlt@|eqJOHmYKDp`T{WFWp{pk6I_6pfIuSHzMrSeW>@8<8
zXXUY6B!`Vqk?A;Wm<{Bx5h}Nic@6k*Cb_sWhmts)g);url%~V`vsF*&^X&1fbg~E)
zRf>_bs8WnVg;mEWRNjmZWLEejMi<!LR2`#Gxidy$5HSiR5u;GXsK8Y+o9q>5m-+(F
zSTV9CGLN!sudLe#=R?F$5uKIHMtF#*2F33z8pcKH^koF3Ku!Lzq~)&KIz^#vomT7h
zoy)*k-4|GExj$WcDDKM?F+J9UgofO6%g0a=ZQN!9RfHo(*i0YBMeM%R!D}(0q&6d|
zvHx%f72^xMSoMrN+m3c6cSA*$+;tX(xhn;5H<X0Cp^Q<1bP1h3IqXtjV2$OjEs^LB
zw%xT3b<R89P?7aPH|}_?z&nfRb)@hczEGj{@o7`qWGsa|pE%ua()oNsa`Aj3l*FDI
z$`}<GB^`B6CfZYNjW6(m)m>XC-Id`sJ(bo%sHoCfa2AEu0_QqrnstewBRa1Z>29d9
z-CdgZl8aRoN@~-P+_be--pH3#Jq`QXL9W!%P*J6hI*TfGG*no1M~}3dbaqr~p`)QB
zIvUCt6-bnEwI{G$>I*z?b<~#7h$dEbm$KRR!g_0`t7XdUdKlfC9ri@nCwLe?X9aqx
z>|DALId>U7Y&AyGM`i7nn#+uP)kk~xS|1;otBl7eCBsGZ$NVZE6Ic%)yV3LbZoTO)
zp!W>=ZN_=(RzS&G+Ok$;t=mMqfy%{XU?RQlqduB)Rx@Kfu}jTvxfbDpzpHIlo#|R7
z&_Bl|@oeV@_3^eqy*?OApGBLoEq&91^xoiMw1amdLt%F%SKE4%Y?)C!6fNlXAWU{c
zl``d(|2nrK6$d3?sDn*2YNA;i9->bDDA8{eMQ+snCWY9nEN`RkoICYX|MokRqI+hA
z&o`ZK3B+b&3LI7BzDuU*nHpO_cPMR&JRLjjX<ye<(RwMprtp}TUSfL8yFtAavB7(z
z&zMM6?bQ}k57qd`;c;WqHf~34w~M!;Y|DF5lJ5DW$!JwOEPZSh3)Pk%Mbm^n8J5~d
z(Z`P7P%_g@9N2j&4FEk&5Q*t&)1%PSxKpwG7^G?5)R8{4yWwfxgmUS1vNlK6Tujlk
z9Z`3(&ZM_;FP78mP0p#I9P}6dDT~7T#NbEuX5x>=!~99E`LOp9dTZ9|iGQ)JwBF7t
zw%#K21nxxk+w{Jg3WcQWQkZ>?WW#(<U{C9yr(Hp;zhkFZim@;7DC(xGCtRLD)L-n&
zBzhi8$yP|7X?+;4obb;?79Cik76yhb44Bc)=$Fy-OS7(l@fGwd{iiCof%0@V-5yDr
zL8`O^lFCUM`;(B2_7{58%aYc_4CNZb0;fWO2McxuUqKr+_W}!TgA>%$lvp*SL$~3z
z`#Ff52}@efOR2uc>wn4)ZykC|jzUE**N}VkfsZ7coM1Vx<bLCK8Mb6vjLARHIy8SU
ze>8a$&?MFikye@WxlU8t#GgL;c>7OZsafZ6+DxhG&P&Zw^FxzzKQzl7xymm6_>Zxx
zwyR$hcfI$>E`bwTTP|N`++x%(2+Jxq=bPbKD!k!lo>J599b=2aZ@$M(zE|=1zp)$Y
zNFN{+czRfkbnHQid`?)loH`0b#~w6eXcT(?!9h~556~E$g=BMUdQmrqAj9;uqIO%g
zHS;}j*4iI|0&7vJWfjU888{n-*4?_J$T!WJ3S@Vn?R8rkoVLa4Iz%f&vYUs;%!&oo
zy4|kjt25hvRO+L*bIs@up&Vr?11`L&EZc8Ac>R)ZdM*qkEL~{*XI?nhh#rgI=Nj`2
zKPA-4nP)s?gj5e1uS$tHlxK%$9QiOV#}|xVYF=;!y)vPq`8`V8%UF5s32f~T^!!E1
z>L53of=)vsqG+l`9chZvL#Q8AnuTPPF)l2LRYpO2$G&6@pwJHZ(LN^xcA$j50wC|6
z`oFN%H>)?OZ>Apm3hAx2hm5BwE&Z(jo2;dPuZS+U0qY~yr;J8)teEEMN3V*jx5e8e
z@=9+8^}{L-{Or@8Xj^C$9rW;3t5F-eac^_EAsMPe;$sxWMy&z=BesLqFgNfP20Rzh
zA2@Yx)BeFR{HGjE4_$oBqwd37HWa=i>v9RjLb>AArQb_<ynzugvV(_D_1!<#Hca6e
zM&Y^F@J*BOSV8pqFS0e(^QK3ws06jBcmtO~wo1JnV@1X5Uujou6kQY+6`GOAP*D-r
zR8;gIfB%4V{&4F2;m7e2<hU`E81tz?FHC%De5t<l@ul&Tk5WJR_V}nPdwkb8w!)B6
z|4X*HdNil&wWZynZD0DW?`ZmMuCZLb$n>Ijhr$l)8zWRV@O&NifnK1nO!;3#hDjlx
z<_UUeulCZ*muSa-s9k)KdWriYgT9@TMBh$%jxUiRcW4Y+*jn|Xy}41n>p#K#$oNWC
z`AWT~Ie`v9Kd96X#tmLd-QZp7l^v|19pXc%p+maiO6i|zce99U6y0I?<}_8;DQa-B
zT|^Jz%~*O#)cU^174V}gb;BAz!x8#+6kzqzh<W%?e1V}++kgt{c0qpp_jqNrZcu}A
zgR#SBoMZ0rEsLSCSr&6Gzr-MN&{69+TBXO`5KX7O8=_Z7Q(N>h?CR*3RmRKFzo{2{
zDC4(4Ngc{4sbiU=OPZQPCO6zkMZim^uWf$u#G~T6#`}g9G$Zf;T)fNI;ymoKonrcS
z_IaM`V);W?fAvE#prff;q-5+3yIY4w=X?5gzR=UrJn<C!*QDg=^T>qCO-{CRlhb0L
z^>+%G7hG(3rv=Q54SM}>nE9absCr?It}JK5@hA)(jnFo`wT3i88IPz)KJWcm9bK$V
z;~TrYp50i-?((aOhA0kq@1pv=Yk^N<6i+_IpKwTi-1P=sVLKU(Y0sPHY2K7@m~}X{
z4mr!9Kh|2PWZ-VwfI6u(ZAIHQEf){E)XI_teuF5EJM2d(y|1L=Yy?6XqXG?3h-<4|
z6uP!{f<isAq7x;K9lkF0r#TNDDhOksY)$P_+^ic7)uMm8ZDJ?gNtmDcK4bju^Igz%
zsrkF_W|Oj4M6HP;tchCfx27G(-ci@2DZR^l+s|K6F#L;cvujOSbQ{dM(FPp``35Ic
zc(j_1N1vf?jmF<#P(u0S`0-cRcGND^B#-`i$@`}IeV2EckMNA|D}^6?-$oI>jk?P3
z%UAbS_K*Krd-AJ0rY>~HWA;j?rM1DJ6GM{urm;pX26fwN{WyK^LFGNh(`GV0nSM*A
zu8iics9l1Bcfal3&px`q{bXLIW-h%$>nwWE<Xhm!%s>61n_z!~Xqj*72K*M|adL*L
zTH6g<Khk#G)1UyW^L$UcPO<a}Y@H5{oH`YbM4OmB4O^>w3bX4uH4sgoO`(`g=a`A~
zTKv}pHCvLS*thmHoZ^uG0%V$Wk4v}MjT>A@n|;Sl8~xTYS!y=!N!dO7YuU=&^XLd|
z%ha>LQRsO-HKu<2r`n-tOQC2R&!?kg<hE*lL6ut*c4k_6H`?{RYCd_bBUiNbtuOj;
zoi9^XOCJAAd*pay-Nef`j;wFc98Oc4zC(F<AGvC?cQviTEl_tF*lk#Ws_QE{f2mow
zC3UUk<<>^$2~3BiJ+?7g8BzYOc0KC}q;=2UoA#pKy?xVYN_(RMBcbqE8LB~ltG}f~
zei}&sPlmPagcZ<5$*fNW_8Bi!$2yh`qpQ-epVaBddiWRU29xwSh*}5?MDjJdA5rNc
zNWa8q%fK+CpQUe6D3|ERpMpG--pWfd`wyVSF<^-FRSEKJ0UdtL=$0gCd5Hf!Prj!E
zeb-d&j&!1X8>0T?dRUU)pmCP+=}b*j|5n?sm+lnl*$GXDcH~04PTnKvAq*{O-nyQ{
zEh>FQh)Scav!>b={SVrM5M4h=y8<qRWG6bNp)*6h-Dq8bf*x7O4b|)$e!EGaPt?hq
zbi0VY8yO2z)W3<2l)9$Uw`px<6zwrh$MEBW3z0ieONLhuT!(95jJ3Yh8yP;2f2bjD
zsg3ctljxsZI)^0DIphJ_Kj~axdB4VPc)g*v;q}G_wGY$oc(0ezRu|Qfl8+zQ(s;9|
zIBuyKKY)xTjp4+Y%m%(CFYvL!-$@l0F0}6TaIJAvw+?qv15|TKnW`~Ts<!9>^CxH{
zM#V5J&5v+)p`0H*7>2)ISU0<?wM$o-uzY&@V|MSu&w%I>+XywtMBw<)@2ZQ2|6bc%
z7rLT#IodaehWSD&a^8ecEb?%(fiF<?ra<(LxAqTZhkhIi>w`SH{+q3oLO$vVS)dm`
zxrjdMv8rBS8&}_7rMGUAJjYXk(*^%+w#NCu)2i+)8p+Q>snOdt3rebf{L5`iV~te$
z(ujY#@6JX&>1&R&DLMNhL(&(~?K0)eGj5P9svWoowHFw^;ry^^HFD@MjXQ*0b_>mo
zNoL10j7fB#PH*!5Xy-Rj`3aPN2H6bj=h5|K8uz6L_LVQMdIG~ypuRUwGnqcWvz5H<
z@@UkfGN(c6@GM(s-P>9Zyl01vT}WZQ3N)QYce+ww?8wG4+lIQ>)Uoa!ddlJF3cJvH
zQ@9DOHkx;m+eA%mXIiaVN3j{xTODAGz%4Li&2`G~KW^Lg`4%M68(6XGN@)ZnKb9;x
zlfFQzWoW&_P^F3VqiwVU1-QeBp+NYZMI*V0B5<BQME&Z^5FJ4lj<AP_!W1eRKv$;$
zs)#Jmkzg|F(C+K;8G$iKHl+I}XHtEEjv^sy6^Ze*zl9Gd`GX&Sf$d6ra;1HDt21VI
z>lyvgw6PvNlyin!-#@rmJqNki_(9!U*<UZJ($+|2YeDJr7n<D<qdJET=EPuSj&8z+
zmPd0&d9-EBo+n~Vqao)!|M#}TCS3x}zDBaycLF_XoIu}sPp0p@m(umzELGp=Nj7iu
zZue5^WA9H2KY4HPnG5bAm;UnIVe)Txm`|$bluw%LP13J7-%+V8COr@xNB^vdqRbUh
zE3EBzMbv9i)RWhuwnote-Ws)#jt^=b`Fy6Sc5Lk0A;;<37;?6`+O?Z^phIJa4(itq
zL)2zIWCDFn-JC$5OiZLtCf-u_=Wlt}sQZaEzCV1F`os5^k6Qc7NB&K;{8QDon7^od
zgkQ{G)jh@v|0X{UhU7;051)=L_x$(Rky9OLaR&YKxbc)hSN-$VRsSjVe1I-?-n+f#
zf_W6ByS?|Su-)r@P~|`9eO{%?qCQZyKZx2L#j4%(8)fW{x`u9L%xnB5eqYd7YL@sP
zR_TZR&-v9A!F<lYTixpD4*HWD$Wri$Bfb=}my*xs^Jh?E##S0Q<<e)qFY((I=3QzZ
zxy#(ie%Q}39W&axR~mY~b#=bpC???&vav2|Bh5YfjjK5CA3}>Eyy{Z*9A>HUzGdls
zW1Tv2tc%(dr3P|S)B}D>KH#4pZGA>%eF>cBg1W3?I9$CV)8iecx2dO4ANiK6yTj#X
znK~HJzw1=;4{DMi?QV{`m+u_|5<;3NGzqyyf5V0nSDtRit9dh!KH*HJr$dXpMzT1T
zXA9M>#DygW{d<e?B0(t(|Ik=5q$VQ0bZi|oCASU99-t<j`-?xLkyNohlcp<zb>~r4
zzG}mtYwNA+klLf^Xlm&B@@kqhziv@%=-cWheKe|$Kw^*HkSn!z!&zuR?S`Qr|AltD
z)+=gV>0I5FzlmZVI+_xr3-oQyQKdfZ1@-B17gwPzjj9aeD%OTg{kqY%ubvjtmm;Zk
zBXAXRt(W<oY4s$`QA|;AChd!ySe4HB@3Wh+{_sMgwZmH73@aLI9;%9H+a5!O&H*D=
zf3R&FPnUt?>49z%J<z=e4}h)FnAccFRjv0Z`I?*&C_#a8Xf{0+2sbV9_TOaJw@!9l
zEMLqn)*pZw#EC)Hcj9T1j;D{|UzDfMVgU>@G}3IP3{m*W&`9%`L9{KBm67K7i`1jf
ziwt_AJd!@lw~SS~$b^}qBc(Dm%rZ5MOmTv&4Kv5zt#*LB*$fVyPPf7g4QE5cEkncE
z5GBaaaC1C8HyB}Fq1-xK+`>zFuJ-7&CFR&y%idVFM+vew)*SzUdJge`vNu-j@mp#R
zb79_%V{79qYvb4&CCJ)1bNnRwZlF2I3RdWk-+W;YTm#ZHXsR?#)5#-SqT2F@Wa^?6
zMK27R4U*}%<TUy%P3glN3)7EKdU{du7z)lYX%reu?+8qodbCp0+f(CcOvWk0juCMP
zt(UL*(k$qkMsvWj=$HWxq1sl-BK=9CbLh8oltmnF{LPxkq;E!(zS)udOmYt*(p(-L
zNCq9z>&UYg`r9te<-@H|xv!2qd7{&3bL;*;Af@~nfFn79;_66_4@;_-(y6#HJXE{?
zP1;UOqcXwnfb}jgo&C*2_^}OD4lAe6HO=O#2tjgGwVtV{BDvqnw5?jF#;){|%P8w}
zE5`-i9}?B22LpwUS2F6xHVAsCq0mbju`L>siLk5|{G|dtpDzs|+djt^LwxP!;|F#5
z2x;olA8iV?U!+bubz>WaxnO0+wx&PY<n+SIZQULhq<~nYP6sYW2t1*_)1}8&c#pQO
zJhqBP=L(8<_}=Kh#*U+PrR+k}zl-`CCHC1mOkrJcMw?xgLS19%h6nX=9}`N_=b?^L
z?=hA$_lwKqOcL$s;m%mo;ZfTm>)xiL<%`+Tx|1wZ`*NAFuF}5jch;iY9#xBW<c`*t
zm)EF$cn#NbEI*oh&RX;byi_gPd^;XPOZ%9$YFk^&wH&Kkt3`kFMb)CswIjVrV;-eG
zAv2%jT8_<w=7P~w)^UJVK%g@Py6chj&yngBd<Ok_A{DQ%(D?>*>QWQg@Jo(*Cv~hD
z)1Z$0p)Wk<aVq@ex8HhWu7P?c>@a6N$9Gsi+!{Nv-N1WNc-oAK<J;L^9pgpzPDCG?
zdf7lI-3RVUj{0=N@h3j$bff%{(x&paInEJ-^pHJZ`C#XG`@y8-D3gwz3nrzMO%Btx
zAOCDS>eeMc&YDeXo_QQa*5B_@MY8XNYPF@1wpB%H3eexPgE@X4;7F^JlQU^Ow{>QW
z3M@q3@Nc*|G}hk>bEJI%6=h$jA}t#FI#rkt&NTTDmc&=IY&~rmRr=tpWVK0$K3hm_
zCTc;Y*xh7@mA+YSwuz&SJFa&qwqc5TR9G*LCb^}s7ofvN3kq@zdVb6b6=@@|3@x-(
zE5Z6P{E|nXTGN(WPyHWAst>MPQO#Cu=>^?k$f~SYx6M)X*X`6hGS)ED-lJAms2}wl
z-|r=FsXv{aul&-+D%#F!@`t7A@6|ZdzCcf_3(v`bQw;x)wfBIxs<_(5&)$3P+<gn>
zUaIt7qzDL#3Q`0s%55N^V4|_aPE&|f#g592*b7*LMh!+|K@A#Xiw(;QYGOqrQDZb3
zHTp)s=UG$s>~pX0|NVXc?<n`2nYCuknl&?P+L|>hkzKK}(@%RTibto8&;}jlG-V*P
zfjQg?ageX791s1n-xO{dnNs4f{=n1e1rjhG!kNw>{2DY|Ex8xw5W`2Qh4?OTt3PBy
zcW&o&Qi3!I4GaC5S|NazmnZMM(L*v^hg<Z(-Kl%B5R|+3Ocr8k-4kaq1^uI&JbHhh
z&+9x3em!~!n_-X6Qx7H2G2`cwjU^J^ShCgZ>!_`z@0Uu{`=$SGeyb-(v%%7Q+S0^H
zVX_G{5#D5IVl*%`5oKxmrU(({sMQKJ>GWXnkp#{2kwn;F+q9n`$s#nsMJ&=5n|&R!
z|2O#GGEb28YaN`NxnqFS(4=vL0U2WY7>^+SHqYkRb9QtQPM*{Q$)jBMKAJp9t5J)8
zuE!UGS0L|)=c#qcE%F0M=~Wg3C-A1J$SwmKja!~~XzzI9zP&2{LsYV?Fal0KpNh7+
zpIhNrrj)TbI8h%)pJah2laCW7`#5>Kq-trQ5l%)|RBYIJ%7&dgZz!x&Z<p*SX;U0c
zB0Ea{=>YGSJA4BES#qv!N{A)-s-t04bS_)He$$t}FL{`J2R5%Vb5&ww)wv%r_PdVf
z&9@{E@r#X)k<TSB(dck%>071fZd&BhBq35vcPWA_0=$Dr>!3qWMTfi&3yDhG5;vNr
z0ATaUrZL&H(~#^mCQEHH)S~6DP>O<>PmmjMk&Yb*+bCH{wsCt#O2QdBKl%<YBr(GL
zC!H648?WFb9ecUg*&g}VSe1{1i!e!2=bMC_V`2$zsOe=MAkA&hr12BmvM&!HGnML<
zH13#J=!ja%>6v|Za&1k9i{9Btp)-&uU4qyzlk{MlrX58XhPf+|kC>JoX_1S^){Mx=
zJdq^jj3vnuLM#{uGkjzkhLI`H=rRNhrp;y=CX!5$$Ri???^@(#gPK~?-ASh}lwsd>
zEzv61wY;rmCMBsJ`4b?|!5}pUI~CKhQ?WWhV0H2-_W?iE=P)T0-Z?F=Xo-j`46Q)j
zW%P2{i_^V&q{Sq-{%B~uqd|TS$iwEYR&7Tv1|}KJaTx(wGJ?sI$tX~gE~9|$qoLD|
zo{t&%QV^dFs<05NgM}EpYt4qa_QNqk565pav^u#2JJ60s?mHm3E9S+!PDJ~kcr<>2
z^x;DKaFE`?J&7G8jeX$w{urVAN&0X@Iy02W(GF{5KD*n}JH<xf&iJ?NM8A#C75#B;
z0;$7ib8?*ouS+(gZ$VE#&#y1Ad7hO0fQ@pEN~uxLm!5;Fu-exQ-Ey7)t)tuYcJ)6I
zm=h<<?)82L;`f2ZMHoD(&QZUM-sP6qdr-;b>AmP74G}%0U(v}@jKr_#vuLej)Vto<
zlWd8?w(KYy;2n2${rM~3;#z=YhrVc+=A+y7alCNHJzlMn#`Bh_E7Y~}1Jn)gg3S|=
z1gF+nnr$MdZSjUgjXw}J*c*}+Jk(gB&X#TD)gXi*sj&#x;y(oWRnfS9$yzlD7HB<9
zd^;O4u5k?jUB>t6X+axQrzW6zh0z9%*-J2gIo+3~6|z~hR5d=l1eN(6cc8zc=g0<i
zeR2~O>F<(F_>yrF^^v7ZRpX<u14&y!{)^V(`~ypWnK?@N1H@MGlyzzmEab+oQx`|S
zWQ+b~^e;GNyJLyuAwQT4f0)EoeVwF5r}i>xt)P4Rc($YD3(OVP*d#l9ka8yVFsUkQ
zymE;#=P`tL&#*v1y$u5Emju&AbomVBFVdLaLJwz+d=!03);|^2QSbkXzLofIqjS(L
zg*^Z0aXt&#llnUfx?)LY<+%-6t}t2ZM?9)M^KN{92^V(hs}?X$H9ie@aQPVGDB)Q<
zJh(L?i*4IW_h>&>#<4gkmww#0>Q-p<t$Luh&!tDQjkHyqfe!R%ZXf&*t)d=S6=T-G
z)1V(EQAZMWBrzK#VBlYe11gZ14HD;5OPx;=ye;8KgdC99Rz3I^1m=K%IlB2Fx`Tb>
zM-oBtBhPv!sh1@9VhULfVEv0^=zpdUn)yml<}gS8UKL#>)*)BnIvJM^6a(Wa2ZrB8
z<wAc^9)cd<P2&-`n|~Er4rNNa_cSfEB?_4fvKs_YTE0uOm|+vB!XQX#S1NDy`|=md
zMMzCB<_N|dgFzFvCK%HN1N$kY;Z{64%%xs1>J0`@>`6sm==qp}9x&ynVpVow`L*R%
z&jko`F|Y}Q?iz)GuDx8ptbu}<2Jg<;)y5W*x5OIn5r$x!c*IQnnRzjK06JMAP6t_N
zf!iOW`=q1$Vd4>|`!^R|NFTJ(=th+3S9Ti1Ya6+s&-|~Q9d~l)umKIaVWycVQ1j^k
z&Pwe#9kR#ya6$jaPr**aB;!OJVwyd^VpxNP$t0{OU9G?xH~eO~&_s42)jD<J4l2_f
zJR!AqX(Cecl_BCrk!rP)O=D&9G7)i*@N%+^5!*~kY|?XFvF$wj#!c}~uJi?#t}v_B
zX@z9iUwTM3U3SId<)^EnCUL7^1Oxy0AtF~C=S9~@^yn--qqnkK)T-6-YTja89bX(L
z^D(|&96yh4sJ6v_<=0>1j{!AovUsyRV`5L%>N+A_hjZ*?K1lv6{+3<XeDvBbt`M@p
z35`;({v5s8bWbxw#N88BIua&-BWFQinAy#OVc%iuS(7R^u?xtL1pkr%GqhPJB5)#7
z!F<4^YBEa;Qo;;h^=DSt*POK!fu&;feSuk#UKD{&t)mm}auxy_Lr~8{#E650P|4(Z
zhD#M3!~|*j;B==C(QzC^^qCG_&Uw<oU5(^+rEemUW{~#Bg{kM-boO39W*u`d=UAtZ
zkvnC{P{cniPDUCZm}{~KLA7ciK^vO^)fvzqE$Duqrws3}aw03rDFaMp8=m?E)}%iQ
zadQ$hvEp<vD8Y$*d~rgheN_T7X0b-5^<zGFTBDT>$9}_HHGB{J-s45gK{kNNa3<$N
zdQvynIOT}7Tn5_~^tsu=T7}}$QZ4Az9)_{wuw&5<j$KU4R<(E~C&#Pf>oIXOg8San
z>J7Bs`(Zl<`Nrw-Hom}flT1afYCifVADt;wOcw68(QT7Ph&&&$o)IDkhouUwygBxi
zZp-*)Mk_HSYg-ge{yuCbM?{y{=|xVnn{3AUE-i;BVp%xNwXXCe3&q(=VKMYtxHQgJ
zgMP4|6MsEKUOyX3arV#g>*riB&BsaWG@P`)z&XeZ(H4fbM1L+p=+7nZl(_uBQm$@u
zL>owS4v999=o~d4u8JElHvrK&hG+wb!op?_ENq0RQ7=ZIpq(REOG>qB{<#qx`KxoI
z%c6L~I(1oeH5G)gSSu0=Im!{J13zFKdIp5*z>*2fe~{Cy2f>vI3#mFVCLB4HlPhKs
zXEO|8=p7KQH-r(G|2Ea_+tFtvjPPf?nS`qd(FL)IxFB9b-MuE3oS>#S5OD-8$Of99
z{WBynVR6`@XaAgk=P%{orH~7H=ef}vGV^)^*)q&b3H|}OBCiWDJTUlejC-uO#HF@#
zUuwJhSjouqvATiQz&DiKRwCisN}gi)sgmbPkgBM%A%&j}aBV2;!n7}G2UBV_uoimb
zuqF7lWEtX?VJa&|QNDsrh4HU`*Eh#OWN_33{yj*xu8#Pn6ycYA;RQxeFw`LIJ**rM
zd@g~$t5FxL4OD&`)M{+SZd{<&mD~)Lguec&zvEK$;{{xQNuCAIKG&u#R#06nV7Gk2
z0*chetIbEh=c6;VaSY0s>wGYf8R*#P3}JMhfGj7>K}#^>f|*WcI9Q~qUU+v%?J^s>
zZuT5l@L^lsd;(J9EqMYOu#l30Hr;MBq6rRel{=bIykLME%Uql)NIr)npTo%uIv|c0
zp0)&N#)ruvK9P2DJQ~ZK6DHNjy1G3NM1qG49BzA=+~*RDi!$Pe4;^@XwAg(96Y}9C
z-G!|%eakXPBb-Z`NSX}muf4S8Uh)1A;{LTFZB@I0i;)e{m+Xhx;d7Qk&f-5}fB7gD
zBtPv5$PR$o8SoG89sR=~`B_d5sZI^RV_I|Yn3hno`Xq-kLk$p^ov7qsGcC+opXd>T
zTqEjOIkzyrFK*zM%h6QF-c^n3m+J9-@pr8<k!ENzE$fM$UBVK)lcGw-qxp@WEW_z!
zITk)PIhC%`v0Ap6;<Lu~dEMJ5=XIo(tx@f*xghV0e$E;>!ot7iM()n#O&UMzgdbJt
zhsNLUSjhI+lXBuWaAL^i+2c?}#}OlweTGp6*_Ry;<#IeRtl$GD5+lLh$di)B*Op0|
z9At(-wlo8oDUjz3gb6jKfkHrGpBb*LZ%C2l4e1{{V(Ib6j!y=ze{;Cg(RHUk(Gh1#
zOVkrUOHO~<?5gCj{)^+*e?`Q5z~MdG4Bjp%%Pz!P@31yBg9U0cEVb7h-aF0X&9r!{
z9Nuc;rLL@L+$d$1KYH5`Cjr?a`dNZK74@_EsQLMKVe936lZ7tJqdl(^>=aoty4nNf
zG7X-Ld99$T?gNh7Z7Lb&a>0yF#hY3ujensXIRrM{gWiN@U$I1eU-GwBZqJ8J+l-8L
zzNTJ^xHI-rv<B?Gvjn5-D=~M>UWxw(^^S<YCEp~(_$Ijr1R*0o&YBE!lrYX1O0SaA
zdUCfuejSt%{%ia-!(YeWb&&9P9savRa{6DE$i5&LlisIu<VKL(6G*;giF$^N?McSA
zgE2%1W5D<(xf_gakxD5WVFc3?y^JK?M`seN<zQI*1*ExgiTXlc#QVROls<$bL4+SF
zeU;(cDk##8Bnc{RF5|vkj0=lIDOX5F;&jPSS3iAG;)|l2Wdy!C`XI9BXlo;Pz_v~<
zncD-oESk&Rzu^L5wK=I<<j@)aakL_ChR(atn8@u*h*_2f|CSRa^_e=KlZ^{YuIJa&
zC3aH!R!OoHwB9MXhkMn3PtPff4p--tonI#V(HEB8%J8jax1sI4bB4OB)tyxc-&wV>
zO5ne%dYIuSsy@YS4E1T7&)djq`s%jV%1+?5ZSUb>={;@lYb&fg&~_6CSNTY_=udnz
z?OU}>&M338!}xG?)uJYmqxWcSFugEvP#8bN3E2*HrOsCIzxHjrG(NqcN^k6-8h0$w
z>c$Q?bx@~&w#2D7{h&uoh?uMe;x}h#wYI}$KwOa_KI;(;#WR8U84%Cxa261e#I`g2
zx<~w|JxPAl{>%2*L<Q=X?f=zYoxVj-UCY!5jdJaT8ya1P%CW@Iqu4@kiyvZbUavM{
z5+>wzJ1;ZQ3%8?*o+nDfG`jus;J2~wwPuOTr%_X%MPH*Pt^OdnVrmoQG-1M<T)KYQ
z>fiosx}ZmRbu_FB{n%MlPw6(FYqeqHVXbH8GB#%X;-+X$K8KEU1-^lcng_UDF$X&d
zUq;C?zWG7MG90ndJf>_3ZpCA4(7gzb0yt7pLw#j+S5q*W27#t&6sLp=F)2lL6cI+B
zkd(7Y6dzsYtBPkvJx1csBwoRkPo&@R1#1IHn-d_#lW;rraDdZGcQ=Lp3AUxM8ot8@
z`?sCXf~`lvbnj$sWUiY-gQTxmjOuE^K-=x*q>k<B0M6%_yqBgzpgY@CEQw8}42L;m
zn|`v*+HYHFE_z$(w;d{$2YBB?Be%p9uXh$_wW!Ye)c3k#iLG$b{$AezB0<Cr=w+3D
zz6um0A}mgQ-}o#~;xm0|p2Vf-e|Zw7$LOpdzLh8OmR^}Bu@XHqPl9ad6Z~{A#RMhg
z!y}l`azy(P5caaTz$`*w2TeO*UXSFmx7nd{g$qzackbH41V;nPh_2l-WY*wP%STCO
z+LViC#Y(1IJ;P!NHv)UzZ$TJEOQl0byKYsBV%1&%s|j^M>Druij?R!KV!}1Ckpo?$
zLCWTg8PZs2q_LNlV(NCOL2}c^U-`^r1M5DFAK(W)vk+u)zKnS1M<4K>&wuMPOQkDF
znfxDp+8&N=Ijb6rDeNIfq5B+lAr~CiMz{i9qaNYG*L3x}_`4Wve~~~R%C-0N_cDn)
zIQ96g=Zgc~V0+#AI-3W&B{EJw&Ic#&84!un1`EyYBgN@zi&Yf8vH9qinvdSa@>@jY
zlxCu_rq0!{e$OJ=UDCkQNe+Z(R0y)QnFHaCLxNl#h6M2_06|!3&1l-P{_b-YTkfr_
zimlP>*^aoI1c7CpA&YVENa00|9E<B&r>|3E$D#hl{VFn{Uq#qQYQR1c&Ts5SR7hYL
zTHmnOcqsUq$xS#<PaI?FYXE8!-Ds^1cIU!dbVQ_G9Im2c<glx3RoWTLg3jHu7(ow^
zWue`f8af~wTJ#3dTy}?OyjB^8lXNJ$Z<O9++2gYN&rN0fqy^hoVfsKEeFE!y2sFcx
z3q^g<t_36OuNg)UNUTR6lu|HkMdxUA1+Z%$ta}8*?bL<2bONxG?DUfle-IGx(E%I(
z9s1ChzYuYkJR-ft7p66cwC)7FPBg!EL~<DPt|E@F))5nV_QDQFosBa3A;g!rC*f+v
zP;^BLF%rlw!3)?11LBcIN)#~OBGa_0g@}4^(XNUU<zTz3l7(R)k6j)gPSU|rz5fiV
z_ishjtH1X0ko}ZC5QRI?$Ur^8c29y_mkmL%dMC&g7h5!*q{yNtPB#U^?~!<TPsmh2
zvPqg&jWxZ7w}WA>rEIVTdksE`b}`(nTI8*Fah*@x=maTHNsd^7*Hc0edT|)Uxo8-K
z`>h}t<0*tNoTPkgHVKG}&6nd#IHi%-|HP>nf%z0goWk}i1Bo$q7KHs+2%VM-3TNoc
zS+Q#hzeei{M_}FAN>ml5WBi?dWu_jf7BlEb)b~huji`s$2tji7o}tV`H=ZZ3tm60b
z<e~S}uCo2KkhhDHw66uVk-7}RRH|W6s>5URrcwZ9ix0y|I#8-(w53i31{wL}%q$Ee
zvs_Rl>ameo2o>UxXh<BHA7k?>u_f_gQ<5wwCCP$P5+AfB@nKhz6Y?eTa9a`|HYLe|
zQj#nvCGkO5l8`vYfirAg?kYwW9wFm|4?{2^y1RLCnM?0)Uig@JBq*>SxERx8oia`A
z%?k%LH!mim5$2lfJvIYX7=z|IX1`1~p|w&Y@S_TS0PM3jn(W>O7>v$E?cN~jZ#_A&
zm2bejvZ2v*0o54c{mwafzw<d~)xbn%4=PL7ADQ&8!PKJWC{c#$s79GTHqw}uvps%-
zd}MZjoAC9x2`_|gU&*1=sbSCYgkrf#o=-nR4dbz_dcvf4qf{PgrW*DXjUS#eNN!Jg
zuf2^rrL&S6RdWKhs`=Q-5Nink;KR&g^6o%4Oi9(yiI`DO+&5Vc!-ai+g5N(m8S*(9
zhxphpp&8Jr1(*T7#AWeIG-;}Z0m3H;nduFQR*ZAm*8-{byeL_Y6~=iq0Dz#Q+a+wK
zH?uryjE1gy4&ZK#OxAPaJdD7@8acP4#Mvj%F8|9i-$}23p(ox~F=ru>cJa9C!E`ZP
zLaB}zdkdqAnumVUXD=_gK7wt!N8N6504zi8mu=#)=BAQIcvecSNCCQkg#dXRBr<N_
zWG-w3_PvOv)fcJDRI&uY%hclxKdzoN;b+x-xVtG86QrMsX~ax&^0ebbFk)Rj!HKm!
z3e<ilRL#tv;n&Yr&?xcdcmua%Hqfr@2+S_h!gz!JJ$x;g*+$6a-;`|Se5U@}{5Yos
z=WMV!mAoMPn{8@U!16`C%q32Z+7iPOJiO*Xx&iCYi4oXy@dwxteQlZgCSHeUka4qs
ztsLPq)n^Lf&(t?CgFu*hiaNBJnlC-rXDyDLE@7=-5~1>IQ2DUN!%{1HfT0JX%juwP
zz4%hFMYJ?N_Z2&vO<*=eRHIhF%PV^1pS;H-vEl!-dRMVQ@uLs-d8?8Ig%L1ARq*Ch
zXriD@HeLtiJpr9H(N&bJ;bo~|r_HaS(S(`~S>EfhTS1+*T4}7CR)yNg^wkWpFWO_@
z{ZN$sjyBrp=yM_#^PC8V9o|+b!ykwyIq(N=oc$0B;cVm%kzj>#7M*vTl?YNc{|=F6
zsDb~XvBrN4C99Y8C%zO^Ifooyta79XBH}~$anj+Ps!luO&(5-xpCIm6Cx{<{pCk6?
z@VN^ebP^gsjan1IfB|ki+>-m*h(OchLmAdl4s~!vM2DvTV*f`cO;_4Hchc*x*d@>u
zF5YPhy7lP*wwUJ5A4%ilvoyGX#<x5#Z(6sbC%LlnUe&-+((Fgw9vBay0c1$>)-22)
z>ebbeAlcbh4oMD(t%nUkGL`8CT!dVwMqz((HV!+k;OQugC9a6yVjFua`H*c45g+0{
z4kA8Igj`nb8DsMD?yqS2^eZJusCJlh^TS@VW3nq|ImKVjd4+1*EymeLw*h=QZY->R
zOqT(^{*RXm{BNk8#j@z2r180Bs_s;N*;+LNN+6!ArICLS{evyxe7vQNuS<-{#TD^`
z3_TcMhTV4Lls<3sSWDZ0cZzC87xs4y%f0zlkb_(MgrNLmE#UmfeO)@ai*g<G+5^kg
zb;<SEo*!=t7$V6FuteHmkdo6k`msJECFjn>TJNwhBM`ZE-p^$>32kCucu8<(swOXe
zh)0ln!BujWQN<IFHa#JZp3BhX>9bmN0!4qZF90^}l{yia3vM*<)a8aPlp`>-*(^Tt
zDcCtW_Q#+8`-1Gg=f<UtS1#AwKZVO#`2^%oWJ3UHe%%;t<rHfxJPQ}Ad%ce@!2%vf
zELdFDxN*5|T(ewvQHw8$7<WmuHVR_bVqwDQE2F!D=)$SsA=IpTyszW5Ld-aZ4HEz9
zod<?NBk21)uJ}&88Qb;`aP&<#TR>-wq1i_t<ncv}ts%xUmP0bjaZRKi*F+veV>A+}
z_n0X}aHc%wK+{jtanAM70tHoQ-D-XzS--K5q?LW!)@`fuQQWL;JC2bXGCV{gN&1E*
z*ALwKJlY@N8j;DPb1NKZ=JM#=y(%BYJi1R}WN{u*>O@t5##@R^1DT^tdbQ6@ZhB6G
zIHtiDknLW147s#54Q)v<GF_L^sKmfkDSk3YgNhD%+2())j;5DVclhk(#z0S(GaIP>
z!~^+=5L}ekt1j645Mk?Y0${yrjd!}5K04CwKqtyF5GX4*)c4CvfjRBz5rvHw$-+hJ
zREywJR)8TJXXesX;jJd5$eiBalk0(ev4=KG^%3W*2jkblhq^)*;mVrjV3_&}h81r>
z>tG01Kz=q*L_l^Vxx<4oqK{ZD49CP{IP-HmIvHmNV@F4*xfwwSnrT2-pPY<5f+oY#
zt@EXmjVRf2%1@{=3=x*7HezH=Cd256Qg!T!Ido5AplGXcIuhm>tRJOvMgT3d8KMaI
z;j0Mn&ND=EQA2pFVLm}}+0Z0L?K)yu*Wuv;RWSGtIWgd7+Rei)Etd;1V3-XI<7x^*
z$uLyBaF|jQ4dB*ueg>sSlwN(%6|jNfVk?kQE@<u_hBPY{4)X_gN*qsx36k_V>1vK3
zcUSn)FZimG@h=cv0FqY`335#?O9clfsyjib7c3n@f&!xdzNR1{NDv4Xr4lv>LJi{N
z@^#A}7kem>%h(De3tEA=2<}n%N9|QYKU`sICk{v5i$jEhKh{IC?cdmmbpU3Z3tHD;
z4vvIPYa&dLq|Y{A6Bz}W!SHD_KZCI_RgfbCf?Q2xslpeqgADEK)D92l+os7zLF38E
zN^&oL>D4E1j{W|Cy8g(V4>CHnBHmw0T4BQ!ax==J+JaS~6M96aZs?@l24{swlgcop
z_}$Rt1S3-x8HSAZ-JmQ411;~k;#tHzpP%@TMpNV%w9v-3jYkX9S=cNjBkf{X3DZ<H
zo~C0%aMU_rYMc*qyBQxn!{;aII-vm}zr$>7d&v(m+Qrbg4y#7`UIKlWdZ+T_$~Sum
zMajp<W0sM_lWlJ1yLYqsPH2*^i^=EfQX}8>VZJ`z=9`64-W!pxYY4(>L0{mx!1$}G
z#GjV&;3)|D2@h|D!MhbUb|{@YY%H4$7H%%c#w+8#i(qd%HPm}(ytxEP`m|K%rhwpW
zMZ<^Tlz;WCgWYsM?0@@9GgSR|2kX0=ry|toDF{qyka>B-#kpN~M<_?80nb=Se<hg)
zLk1(m=mrEDPKz7ItJ8#vZ_Le7sWntE=zvPCp@IOY)T#z-6~F`9Ig!voljlco@kKEc
zTI3{v@Q?n`OJ7Vr<)*?xDBnT2wowmnrR(up7Od%T(YYQMou6UonfQyGO|GLC(2_ed
zLrtNFjzT#{?P&sg!jnY<JXw54OUUmcA(Sh3Kx9{xY*%skdMJJ!`Wbg9J~MgSBBGEb
zzK~oiw(Z5C6ALTygu9XY2VXpPGxa&|Hsbrd_)2~^hlMG-VBwos?5l#7BPB?3VOVh7
zJR+B2%V79v**@@8^f|5?2SHNEg3Yl6OJHFM-@^D<HfZ#b#Fia>B<+y>28nda6x)o2
z{~##F<{=ce=UGs?-ibDCN0CsJW??GAAZ+wz1|FUVQx9SMzS5Fw9RnVQ%ahT6=qtjN
ziYVx<zOv*&&?@PBO<WbD(s%eu7X@xs1ehG6>$^{Y11FvEt(Gk4fpgz>d{{!Y%TF{v
z_T<D+zMID2N-LvogK@|CB~Z+3G?Rtya7a#5a88Yf2l~MCjT-DU#Y6-q+H(xY8NYLh
zp&ytSDglWbOk(PXeG%A~iP1rz0;k&i;Eoz%L_K5?)6$t1STHgR(UbHnsTYp|jauxX
z8yqe2#gRqcc=XTl`Bg}UA#9G17ZeN%_-o?f;{#7lmN(fI3YI<tiWPZyu|bske|%yZ
z)s)jL5as>c##YLXNf1P>2hb!vOv>ws$jmNEOQ)LZs$??+z7Mm}1VK3uLqr>kF9T2^
z?QetF7GNXJg1m;D1(S4^P~Y9Bo>sUA^V{ZHkTisSETWzJjE0&WJ=rv+$=D>V$4&{n
zNKeDg$gTEp>sIWMAmT2#%r%uwI{5J7Zbof18jlb{OPYKb0*9@_2L6@HaL--R<&-Xy
z2WiFq)<9_6fuo^#M^DDD$)bX>={OymjzYkzU?$Eb7jqCUf3U;^1vtTDfe@HH6@jUe
z+HFX}3ZTYyBiZiauH+v3I46~_dg*Wnx*ZmYtgG2J)|e6mVKcGvVCttFKJK#|?<yu#
zxd91PUTHktc|<b-dDNz>)|G{5=YsS|A7^`{b`e~A1fJ<I>thFY&}vm4nLJ*0%rFlM
zvAY*W3@ae-(2O%dv@!>6kFB6En3P>Bn$^R7Ax2qx1#$pU=&?S79EW%>njAW4IV}ON
z14G5lR?qP1<#A1Oxk7c6K5php6uJEb*lo}P+eo`&612&VVhv;FMW*bhdeU;j(!w-u
z5laRV-*E(?{my{xMKOau>*byrMg_GC4i9ExessC*Lzm;Y2+_|)uh@uJ;NuDrTj|+m
zrrI9e5FXVyqVlaX$}*cXFAt!2zYyXmnh@vHL_!=9uh3IV1N<w1_;g3ycff$42ngqE
zaQBl42gRK%%UfP!ksQ&nBuDrdGdUvS6=qfEvO;G=b7@&;IvO7;3_g**z>8`q(hR+j
zA_0vHqsK_&vFK?V@pJ^!xH_1|1t&>iYT4LZ#oNoMnEWRS3i*F4wM$qfkXjM(ko5mm
zRSR9eS%g0Fke7$tq8bj3H2grQpWCBX;3$L&<t~e19}LfeGL-mWJW9rb2Q0Q7i2i7U
zZXohuGZ6Wp8;G_9$<aq&x53ut8LBXbS|UK8hm0^NT|7vxjS~7>NWYNkTGLEmxW8c;
z+l`MPy&xEmlx8*3;+Gm7l?6FVNqrF4ff?S%VwV`~EGXDMNZOEdjl~wpp+)IwHi8N^
zv*v@z7(E%L4vHOse30Wn0Oc$(3#xJ}h$DmCnj8-Iu)RkW#A$J*(M}+QkIsPNm;pOP
zs)873t*-+fDk(kK6Ou`8hm24Fl2`8u0tLw-OVt*{+Y$ubfQdyEq|z|=c4LOdYunrv
za0y#ujN(39E<tYBN7!jyWS;1gtMb@1mob)q*2y=Zmn+;pzHoAxzEe=R4AcR-umeG^
za3Kiit^|3-r!$~jXY7F8altS%2s{Shv-D5Dqvg0*+e5RUof2db)6(g#L}A%O8mc@o
zW%rmU`;?-xqZ!QhtjMi@|HQplE&)agA>b7w`_erm@g7FHoGgFosmZ>{rDmjJ72=~a
zsBE9Z!&E&yObHT*p{LzxljG5fZ<gg_%<?$gk8UmplMy#Ue<TNokmcZGY!2Y_6kiHF
zhN?<r^SpP^EHZfL?hkrvnN5hyQ5<|C?V{NGgWJs_>=s!JwVp$5k)#)hD!I^-bE*Wa
zId0)09jxh|s0=Y*ZMx?gTFipDODL>`LD9b+nxyAT)-Hls&qp9v%YEzJ^jC_})`-UT
z)C?G7Gr@K3*c6zp)%mwYM|Zd=@ez{k2uqpSHeG_~J$%N;p!CPU2Ub1S2Iu706qfY>
zxeo2NZVu*1bKc^d<}KVVMBoEn^KXEAu<sfA9^S#S?rmrUB=&%y_t=YPqf=+%=ggxp
zz@G3bHiW#OP&pZUV=?C#I~Co2>Y?~`C~}zPa&W5%B%~uOy~vk|=h~fy;m<JcB3*{(
zuJHQ?IKINy1AHqP6K)7u-|SNq$j}K`a#3yK6T<ou*7rcH9MyqSxXsJl&>-je)NwEz
zweJ=Lx^)X4x<;~GB9d*7&Fp6AL7K1z!)aAFnA{ep3wD-}nO|u%!BgcOvD?wUn|zCm
z($g%<Xcg(2>^J*Ns|M2)sWWpybifcQj>$c;Dlak0aVMLc?G5^;w+(VImPx#e;0THh
z88qS?T9SS&&30HorZ*}!*IUL}AnbI|Xk$A`f2v4zqFyI@MA=IJgbUYC;(z2?cYq{A
z(x)`0`qUuVp$U|hdP>}js1$SmU!${-`TtlLt|URa=@&LA%cn4GW_BLzW_B*Ql~^*(
z$Uni;1my+Q)7?yf@Exc%Cq`k|tlK=;8S}nqIdR6oSy&n`ny!nXF7+Pdl{4jaP-Du=
z?xpv(+^IsEG{R9ziirpd?c&?2@-{|lA#M}mVG7=0LAcIRrWlI-wW9*=_8E(5FrGbu
z#gcyq#^{UyNp$tK91gEFNWLnG8X(GI>qu1jkyqm}X`JO>9U<A_E}5T!6eSw~B{bj|
zG^b;b?6lM-<Ha#~ng%Kf_49`1xwV=wu1`LOMzsL~wFzYKQ6K|=zp}w<ZdT>OuKpYb
z>(5<<g(oVz)!?Aj(jbmR5pvz=@ab;Qk<)UzKzD=Q(H@ke%ian$9khj96~x(>#b(tt
zH0_0pJ+UF^u0x=94_6OG59enx8IsHZa6xN2E@%l-P<1*(6KjCs=#0Z*F<K9GF1V(?
zj0w&bpD$e<@6-=}`VEDL%z1ofV<?hBAnAh^sfAPl+lGsQOp``9AHcdoRt_${Mdgxj
z3jT;aPh%gc#wRUJE^i>NEC@P5u!v3o!H7W2XDuDdl`l}|YH!q`uJ#g0757`R+RH$)
z5FyCQP=}yeRZ0*<HZ80)BfPPm{3MW{^dx2cB%DjxY&bH8C=F_oz?hE^0K0jNS~ck^
z*8ElQuP3?U8K>Vf;`fFs*nlowY_sJpOp11;4a3rnX6QZ)_z}zkAAO}~m6t-h^~Im@
zKY_@wMG$F6fLHRC`<q{-I3%YbfP+>eH`!4L6R67hK}F-4WC)_VIv1Iv5l@m@yVSD7
zTH^^+uGU)2aJ7cLsA<@Xy2MG8CCNb>98~HqU29Wff3$FX5m_W%?+J_h6MNA|M4c@>
zp7BULCW}u&A3J3p=t0mATM+CD8T`8qjsWx*MY-v{X1YT3L>YQcj2n*w3O{<X2bFPJ
z)3G=589qv~5ct6!&N*0zzT#)C6UMk<L&bz|;IN{YX3ml&CuX+P6YC8=dhd)Ty0bY`
zR#RY8jJNM199-7p;POT@<f|Lw-*C`I0msfVWq=IOuK3Xxd2*e|dna6Ks8^Rp*WpVL
zfbyD0p}!^7lWnc<M2Kv!um_RYJ(j*I$h&2aV^(2_a8@6H<wEpHV0P&?viw2xG-oN#
z$J_8_Q}8QDA&(x(0s2JDYA50)$$Iq{IG{9r*`=|C`n~5vp2|5L9q#mJ=qc_Q<0<Zq
z=p%+cf)6r`sGmg-(08q5Sa+DK<uNGbn5i^~HIQF;2)27vX@7K0^U)7_2pbq)Kdn)F
z(j~72zv7wcO!4)jCxej(peH|4BtDdPr^8+LvWajc3VG!1L1)RK$jt2)%I_9jLV+Mm
zpSj)AXpyn7%#-DDcuF(nE`x$ahd$CHB!DGyL8J$y)@LSa5QDITSE=&*Fy%F3hN5xt
z7&c_)w!+QaK%>P1Oy#nOvdR`qauJo-Bp{`LIu0r3TTTj`W(FWTS;)X*8*!1vc9VrH
z>?R8?ruoT&gPO?#nbE(=M3F5oRAP?_98~7HO%&bZK5cV~E(a}AbO+8h6;DNX7#dDa
zf7V%`DoCps7dN`~q7FegW*CDy8)ILoW%JXEeNr)m;8VWGH*I!}9!uW;J0JGK8<*o<
zysz_3FGG`?<?t3b8{Ps1$qu!WXNJ}vJ*EHOsZst8H-GSSQ9EpDVc5_CQK5YsJad7h
zcu%Z$7+S82BmsPMMq?Z%o#VtK!KWrGOfykW2JLRoc$Khx^v~t%<Ta)Qmqy#<hikBy
z1N#J%aLH)WiICTcG!Vz}$F>M>hc$qoZl-}3<8HyYExCfdWRB~n;_0i4*v*fcAU!U9
z)#d^F_Bn;Uq4~nfMB?3#aEV1rqN(t5$C{k1nNfhaCzg$SP5`qL_Q$XNF)=tC)gwtl
z$!C;zhU9l%2Gsy_d6D~)OzuqhBXTdwc5ldj?+H+m$hJ=HkFkLl-XvS81wlW}7l-Pv
z^I-fLJR;MZ2YK-6XfCHO$%M?*DCG$rfrpxQcp2+wIu`3ZFL4>_M}yXAd1G>nOwQ2i
zF&d7$15MH-$o<t}>IT(uBm^^3UN&QD98-<i2V&i49-`;rV&EKg0X#?{a5FtRIz8_w
z=7_;KcUM&3uF`Kv40cH%R;%{GVyzyFwcoH>G0o!u$WM^kJZNwds`8{$#G>i~W+yX|
zZdNAP%PD-?q`wNC1ApRLkt{H1aReKTp(7xM5xbheu8@h(7+L>slVGM$W2s{iK@I&g
z8!T{gZ$J7eUvaWJUC9EkjLwYIX<sf|r_PMd@+~@TWz+9v4v}88Dcfr9;*Dd6MkYQM
z%^=-wQ8=LtVP@unJsC?eC2|MPo{S0}Mr1q(t-D${X1iEb!o?q67L&!L1N1|*j70%z
zH#C55unfZ%Y3lGg5-$uV>B@WrvdqK(B=h4@0f#8gUY>i<3&TkY{GUJ^q0Z3fd;aCZ
zuRR~8)N&xaEoRS$3CaOeG|99Qomeo?9(Myg%mdgD_*~=^8ZLTOU#uU2m_BAf^!+lX
zY09^J%H?Q&%P-@G=w;FMS^Y2gscEbn-sTpi*Gnu=70`sHp$T2!6N0N8w825G*2_a{
z9TepQ)87Y~HW{k*k*@nRH&o}KMML#PHYLl_gzRPiBiS6Zh-{amG7()=BqE5Rj|HoO
z+|`hQ>lEqcz%`!$XAml2&`8wz$m7w9k0+uZCjvCNNGUFXi6K%$Rx^E8oHLZsk=*5N
zo3xf~zi<MSbx7!F)NQC_C`W;xqrQX{&NoYhSDk@ofy-IqUKIHoEvfYxj`lA&B>dtg
zj(0ajk46Z&((*ge^F5|q=-4f3T)kB7Ci~_S<@dxXX!KM5h-tv;rF6OQj!keV7aA~G
zvcWf@yewtC%UqYcnB$Mclwz40xuH!a?EpnQObE<1$t<~4fWVw+Ll``O3e1kAIhybR
zDlpzll*x;k?-&kskJB83!!dI?bOq-x??fAMQCe+`U&DLxn{m(dwfKET{3pgmS=={G
zUgvuRSC-sbg0H(vzSA<mhGcE=oB7grdWrNwMXW0Q6ZS!|N%W_5TMBC1()Y?F{9f4(
zPKS1sJzFl}XZcn|gL<+2!U_prSh1FyQfn(7H{r)CwpD=Mwu-AN1%6fKhDwAtRBkfi
zO_k3v{9NVvEd_pl%M1C0&xI{7H{r`$;(e&Y)%UG0t0r6&xRl6k#z;UP;kj3AP3mzp
z23*&EJbE?aXz*(E7ZdSr^oF_U{YHFCLdY$6#z;^%Cx7H6ef3AaWW=;9)Ta;ueteOB
zgS_F!)ku<m_4s+NdSpV==21RS|8&VUc(+4sF8?#1q58PhnN@6nO+Na4pSXlMcI#2L
zpl~XD=oXSLYScJJoq=tj*)WP*&&`DO5j^<MRyQlu>umLD$^9+x^;FBZS~WWlDmcMN
zM>8yEEa>OvJH}&X)Mh6fX#M0w{5kOyT)R329#C*^8ON<P*w4B*M(E-AN`<d$)DIe8
zt4ddu%GU#>l->iSk1_aI=__#c`RFqB3Z5|}a(X8;r@AwJAVug;>1+JDq3oG5eEqrX
zJ$`*s_78rYUB0CpUt7vwM00s(nfjsfY`k}`&TjEl3z;S5`PbtXc<#Y%*Y4z@-(wMe
zKNG#6@%4`WoL`$tKPbi5UFrQPzILSNmPK4~VHozJ(0zR^(D<&hCC=Siwigcrov$lF
z;O3I2`SmKDd(KkZOTNTcnEq(bO9dravAalM_iH#X-eg`uzc<>9P>_hZ>lHrX07)`r
z1==QrcV6^7+9rOy9G?$Qs`#-^Z!|ytt#390{(I?@Xq1mG%Z_&oP1^p=;%&9`H&xLb
zb#K*E{Ccixdo?Dx{!G|Q!T<2B#>GHVR#;6kxTOr!hFi*Br8m=8%RXf2!?J%e^v^Q%
zfO>UJ`G#_YHk7}@&@1I{F!V<Gc80c>pGk#qX2sbR2%TN=IYXaUJlq1Ihg&=$-Ra{N
z7t=QB;+7BcZMX+pZenOt%NH4XvE?=@gx6cX&#(7ee#j@%?{EEZYjlc-TmQNWD37tw
z_3Ezbd#dsEboD!U-p>^VrIKP9|FVeHofo+_B|Cd%bs&3f@?e5v+Xwj=<}^Hp`9zW|
zg1&tsd7sf|t2GK=Yt;Spjd8zvOmxm;>Pfmy{aXE!?&@zT`4zr`nYojz9=_1!cTHTL
zba<<WK-Q^ico|_9_VhL-Vf3a14{^aGh5C;Uqt7k9td!WLAM@+u(vQ$Ab}UohmNixc
zXhJ$`^M(gK)^osf<knC!Gq8$*kCPO~M7NvwqSnTbv#6J<EiCGL>I;57T=HQFzBcOD
zG`>D!Uz;JGhBKvOvOp^ji^=}M;$eda<@<+do`1v}MFDS2?h(B!<%DG*%1Lx7A9grP
zzoXy9?@E8*jvPw|pv@y+cNnBlb$H1@{g%~mzk>Xa;Jo`=TiSl+MXyMI;)`#FsEUz(
zA&T?s3@QgPa(SE=S4Z&jE<TZ-?uTZ`97AN<(~Pqrgziqd_e2U@#lc7SKiXBg6h5Zw
znjw1`itvMajDzlhoc6f2JucSMM63BvSf4@CI{3_1b%(`kdeZF-1DB&t8N5AuG-mkG
z_zy9|w<LEa{QgaHH@<tRyIBPY{~>urzF$dx$46f#tKY%x3ju#ozb)bSrjpO(dwuDb
zr40Xf>Ax%Z{awY%N`7Bmxt`y`cEH&l(1=o~JDMq!RXjO#7*OE$3Eu*{(`^2#JL7lR
ztKKcSuvBKT>cY~GsSQ4D`5ycDd)1rUK+SD#^HiH;SsC7RZL@>n9c^xE2k71Hw&SZQ
zS9OM~4b5<suM^m8<3tBfcNu<gJbY(-JzYy&ukKXI+_?xtLSPJ#O@>AMy08@5h)jG5
zUYI+JD#g{?e(oxKAE>Q;7Gb)uXnAtll67kNO`J*G#K$ifyshL(zN3hQP*_s&R&mKJ
z+WZDdfzU#J@bQi?jx<$^uE|35sII)Hu?*Y&)75o2#zjZkfO&Q@7xW*E-evgWWMv74
z-IXO5lqB;Iy}Im@GGJd)_A#~k$7Nr@gEgYRDElKd`5()#tN`0rR@_{XEJgIq6}K|{
zLd8oJNc2+0sun2rsut(BNR|P5ev3yD7U`oSWF`L^@1&`(K`NOC)p~X1t(9gz6X9d(
zD#NWt@2>8gEC;#Hw{XgP3w#D8%TcyFV!YjQ1RmgpoY39z(KRPH8EoRqchAT7LTQPJ
z_@JDi?CDY3)BSn-Ug(Z1B6uTe06JVgAZ|PK6k@l+<%k@UVkKeHF867fs@E<hr><B5
zPn>%l1UWV)HzttduaXb&CFtPiFUL84R<a77Eqj|o-eoOszyL;uTyb~ycx}P9x$6Zd
z!!U8_2Tww?F(JbNzVVBs_x2j&r{&3)Z}yP9@Eq9Z?Jzr-j8(t;gqWNy{q!l!G0?T2
zivPpG>+F(sbSAr1zm0?&C!4cEm-a`$1ES|As`0zYsO1FoW~l#wqKP=W1TA?6TJrU+
zOvLrAzG{WZ*jKGCtuhgpR^3Mn!TYK<+lb9oFEHYTs^_Z>#`D$x;HBSxRDavXM10%k
z>b8*Y)opKXYa(uLdoLsIZM&|WiCEX})^<p8YrD@)gcGk7vh9Cw9_y+E_c2vfXVv&E
z%FuZn0^=r%3!jN^amDr52oDG!q1IGx<{WWz<>QqCe7tfS_gS`8K8l6G7N<V+Grm%)
z%ab;KV6W~~o|O7fKWqltW=Q$!<2@@ws;_TtMZO{)Z+@vElc-oH?N2>DrH;Sr8k)g#
z4f_I5twqVW`LqXUfyod14xN<oqo??0c8auw(;KBlc%F1OuR~gMByQas@*Fe-REE^Z
z)?n(C%tUG9={SoI10u)9wVuQfk{B`p9joSKV{TAo`wz^&z)pI*MO^{o`+T@`e%C!Z
z8#f_fdy6O89`<34PfuQ}I-%#{N;RrDeZdmFoCa=IAF{Og=(l}`)q&*3jTdM^=|RoK
z4w@)(Kd?Di-3-D`najU(|AZm7mm!7S{1aWfYC~X~4y?8go$;F((gyXbCp#QEXdcL;
z#G#{A<5~OSPTYY;CKsP#P`EYh)PwuhJx_J%A#hcK-o>P?x}Y0(8H}o$FoAy#lvh;_
zJUv+g{c-xGT!!$YOZ`MduA0LpMdC4+D)$gEWo5JJfKx;POVT4ff*6#Fd+GMFVWQeQ
zhtWlda>yu`7>S5Ycp%a|-F$RLQA~y5woJ7nVyz&WZD@U|->Q<Edw7q*Xx0D#4Xu*=
zBRMXQrr$xju8>sM$tdV#-a|yL2b_Sw2`8DrN!EXxSRDg+X>=dg#rMIJn?ZO0y9$W-
z3&v0r@h<1iHLx>1-%eZP$<!JQQg_>kyX8Fz&y-&5Wx5;2=-p(1Sm|sha5-)bc1taG
zfV&UMyN?)HK%|0XY7zCD5tM^DK?3iB<o5Lgq<x^q3?*EN5hN?zj1Df;s8Tr(!cG;O
z^xbM%<|-F4FeYNV#{b$uXrEF?FMRc?!w3vqBX(CySH$bo9u0QKBEW2qqO>O|x3!iL
zkxkGB%zlml@o*noZ(ZWLfLw{m8-q|>0ftz2FUA^i@!6~;2<&X`Z_I=_xuo-ZrbX#+
z!9cZM4DL)i$WYQXxO8^A&s0v3-)<=SZi|uFq=Q%`U9C%(9jYDVOCfcSJ!(7_63P9f
z%(5jz>H=Q6*pn+k@|^1oNsN!r<80wPP?Fx89%b`6!Oeje`;0qdKGJJCM0_mDkrVOU
zrB1|RVcHs^%b3c5V(Z!prENuwjH3)g1E^a;D1rg0eO8neYU>N1S$p(?_LI@#CLfaJ
z7{Dh(2m*4=B}+OP841YOj9%&K_6Obmatt>wql=s~4BQ}5txtjAP9a8Ck_@8{GU#(W
z8ujt>j9}MU^1I0lJ$1o)neC=`S}4yDo+~P|-e;K;Zxe5BAt>+7EtjfRwQL1Ov%+TS
z$|3FYmJp&~xV`5IK1-g!L{vy_6F&qs7?6{12&y$8WJ%-lTyrtqz`K><TF4O(K@Ca~
z<cNo$S_87>@jF%4PtE^Jg0eEQj&I08ke4V6f|_zDepd)`9B%RQl%uq=pvWNz_h1Ne
z1Va#x>j=uKu+EbdS6Os*cjB^)E?CVltX`Y078Apg&tZ%~dmVEIl*$>zaBOE3#-N#u
zS%#hMr4T}Tv&|c4`&8zUzRfdJ-Kz1kr5d}Ax(hws;end!oiNR6V!8R2Pa$@<VV#Ab
zqDBycvPQ5LJoy%e0Y-24#B0!eYc2}U4>OoTFNXPon<8WY8R`MR^#?OpWgxshtx9V!
zZZBL-jR|ASU6-5Q+1K>*EI6a^WXKnOyN^EArlIYAt%^J9xdpMu?bs=uTR64Qg%0XE
z4Ro;s2bZEs1Yz(lHqvhv=4jy_Ku0~Vu#oQpf!3+~MehxrcCoR|Cu=at7WicN<&!ZM
z+yxTGZ@tc!K%{7=hIZi;K)DlFS_-BYa(z+Swsc{k2c7_gkH4-kLYBy`-CZPS4303a
zQ5QBB=jsIb|D>a1Lqu=(#ehARDz~qNbN?g<!n+;>q2ojZJ>yg1GPx>@qe?H1Z%~EF
z7(+SN@=cS1>$t)xb7@NXu`&eWRcmnq<j2aihfRw2j|$fm(M6E6ssWz5Tw~*gRy%X8
zQgxV$z%MY|V{;44G68x@mY{&%P^i)i3Sxp<)d6j;L4J0a>LRCJ6uDTo{L^h_gJiDY
zgV>fVa0@3aHdy<eXHD*_ROy9iRcHuR?NVv6XmDf-pByUMCYj1mP1`I?1Y%JR&-)zA
zt$CEU1r7rY%@7DRYxVXyO{fTVLI2s)l7`VAwEByyk0GLB)sW$c8E))qOcMOnfAy(&
zu36DFISsp2U3-e--(LM05?uXHkH>`(E;rQ_t^_13k8ZirH59pxI!p4kS>=G3iiitI
zVq~g4OpeLv46r+c7*4f!_vGb7>i}m%s0Vuh@Avc{0p7T25%PwT9_O)m=#fDAsj;{i
z&K~SQaGiv7=|vW^BcOK|5z_Z~GBR@<%QqEF;{;{^O`t}S79z(MGJ_oDRLZD5p)#RI
zxb{a6V6yu>QL&C0p%()IEp5c^sr+I~YX%k8G9%E^9IE^x>XD#XRQk_+4%H}qbsx-(
z`}7Sf2wY@1GWv3Fs=6C$p&JpUp3>w@Q^lP1J&J9(d@jhAT-ty7m{qPl;Ee&**14OI
z%OB#UYHG3&t?iU^Ib%CFx-m)?!s_b5=y`^pheP{h;nH<#2Th#aDiPH22`I}=2{^m2
zSDz5C0jAKO+lA2Q(RnnnKF=&ysR@~MgJ)_8fcMaEId6mc{f7)L3p6+i1&b|cpmq-z
z$kSwjoGf(PP4{?my&$d)^oea3_P_HGdey!)`n4H-!NPVA83PuUo>jy_29}Q8SESN+
z46<H|1vIUT&VpoO+cEXoPRN+Fs98U;*(00OL%7+|j$Y$u%t5`07zTM@Z}70!xIhRx
zgNatElxnE#jjVxZYC@0l>38Zkzpyrf-rc{?eE0>%kMVta&X48SX#B!6b%^V^4)+QE
zmzcsK3b4D+g9mw1fL(S)0o+Hov#n7TWJ37?x6VI^f5V;Md)34EvRyMk6pi=-4>w*=
zFDcWmabr|S>f_FGvYZS`lV>8=nb-q4LcJUP4PTs!a0Hs*vlWN6{pB6+{@37K&T(eQ
zo$2w!)^j{2q~m8{2{sE8u{yOH!a{pp8$BiSIm-i5`d>ODFc=92i!qM4<Qb2uK5!P|
zX00HN6%hu>TC9mdxWN#vRoCNY6}P{roD50-D{JnK;apa*ejOPPU#CWnh5$y7=g$Kh
z@ROO<NM?+Z+-f8@2Cql|1@yi6qqy~a41Rc~5H=s<(=HmbsE=aY;jF<O&M)FVzbI7q
zUg18`sfG4!gWw=*Sp7x(O+37aOqlE!%_loMX{7akW3qwjcSEv~p^eF-iJUV$mHY|O
zEV2`^`$kkCfnA^+M~ucFTlQJ_ISaj%_kJMZX+fD`AU#dpP4_d?v77z}ygY)JKVEbX
zkmy}~gKDJ5_se7W<)il>;Q`<LFKBhu+)b_?g%j^lKgG+Nr--cz<F1R=Mf~2zEx8%$
zLo`POg^+IWd9)=;+kW;mNMGdv3c^ss@LK07$T+>;#t%SO8i!LKr^DGQ(uwDqE>I?R
zt;^S?2iXW(vEnv^heHvFVQQU)JHyo8&M?&hdZTqPr4J(|>`Ps+9l>GP*`s=dB7Ctg
z1*gXbj3IcE4W^_QhN-avut{D>8_zKX9TL@v9L*nntBvM!)NrmYn<Cuvnz{^fUk0;K
zv>$ohQUBg!b}QL)0oMxMdX(%XKYENYF;dOx7K;c2*7P;|yHGlBCHlZ3DshjX!3tQ-
z@FC(tI?5J|bLg0+z;ThpJ3EOxKxejqD9wT*ffAd{m>5K<53@)?P^g6wMt~mO$-lLw
zXU&`2+h8dhCX)NGA)f_>86ULOfdqprf%0gEFLR-EE;WUSDL}yzEkoge5T=IEqVy^&
z=N1|V*@eOi)@~L{5u~oBZNv5{P+UQN$C99@pY#(~Z$`8p2IQB4?Ya;vT(7YOX=ce6
zf{OMDLQu9((1c)}*++7_USX;k2E<M4Vm4+Pkb8QspilEW$}ER7l$|<d)4>2PKK|qw
zibS(?asj)OJ9o+AcS2{`Nu1>7@hj1PaQ~jJesXl$Vz0U_9`s}VTx7YTIR`&M4BlqD
z#6k;JhwHO_A;dPEt`(U`FZb~p!y$a>m^lj|ivtLphRCZu=8T7#Wf{~I`hk+GRdmAZ
zZ9*)Pi0OiCJFf+p%pavY<2*Nykm>w<sQ&q<Wzx-IK!mE(T+CSJ5+hp;Wi%j6)k*Gr
z62q;AuJU=vIa!ULeCU^bA+aN&daUQzv_85m*io`<e(w=EkHJx0y_$G1{>(Z8e~zCI
ziaP_-Nx>%SdcG^0Y&3EbJ!GgU+vX<NOrw|i6e5jINYTk$T8D`v0^NItqG^%@iyZFb
zcV-eCZ*=W}Ko2IdveNTB{bJ`%IS{;7Sg%f!MVQJue1d5ESLO?>CtT!;D>p>$hgtAD
zOG%*U6CnN!HTtu!VbJ*6QuTG|-R2s%x;v%GF{1vIzHW9*)$3*N!s-}N@4~Lol<u1H
zTaW{yZYjUtL`gn5>b2@;WMhY6BLIm5ID$SiASkBbqx(0yqR=YfAS?ycu@`gBc5(D8
znh!69mE0W+-x1N+9N|AkFL3tzLiB|Re?iZ`oPVbcRxG_LfTzoT7|4AWGlT-HuejJ{
zrJxSfY*g9oBhif4MrUT%WA(Eht0QMF1BdeOOk{aD8{IWFi)YKMd5vzh#!;2Mis$)^
zma$qf#ng@~Rrp$r?!HbMY5(7-{y>|#Kd9|u$+%s8$=EN|FJZ7*Nc`d*M7Z(qKLNSN
zW3u*m{2^BuAHsAdg)>fF_8E@o{{c&DMBb7-A;d2&xfpio>SBF|PL{q_P<LpU3?HH1
zFTFlZmiz?M<a84a&Nrn`!sZC!C(B+aL->WV^U4{{m4}=JOuQ#dycd6kBVzScd<pEh
zzgem-!Ry9kZX*o?>+r|$v7+R5nmpZJ0=hsGx<R!Z3B!)1>Qxv&^G7aMy~2wbYvUu}
zq2ZtKumM*88C}fcUmRbZNcd`610A7mO#UKaFq__H>ug!3jk2adUp`an@uz;4n!6HZ
zRVBWX3#elZ+h5r9o#N3lXUxK!?FMkD`Y^~jUoI@pi=pu6`8MBDHQs^Ug_d0~dT@LX
zKxLJ1mghY~s4^Ty7Ne+&rJ<X0+^S%Hj(V3QT_cm8i*0r?CqgEWNu;mvJe07aN@&ov
z`vgA1G+_dI6KByflfKd86;K{k=+Bv$s;_6D{xmzug9&Gb*WZ9xdL7}v48mEpsz0td
z2<O)T*=cq@6~>GD<50F@YMiA>8o3IF0r38;plSIpO}8`?K@|8gUl2~l;rWSdKo~g)
zvVuz}P6qSwlGW5h-Mo-ppwzYsIIlsfl-?rBs?C^T`s@FM0T0<OeH1SQIa0i2wbLX+
zL2>9JG*?n;E*`D=N{ijX4F2nFu$6T^5~W!Tri#C@U?YwUW=>I`u~6Qfz`Vi-lk^RC
z{`3tCmuYkuPSP>b#6GYH?xBM$Z06lQ%-K+s`k=jio`umx03TyzOK!nWFB`N)bwMc$
z6s5l90w=hh5M0lXtPdxoyw5^#Nk{h6P;D1FTyEdAKF_U+A?MRQXbAMdkYkgDSUw$l
zf=ukvmn|jh2y&|pVxkHTk$9y~+&h^Iz0`YlvTz9sQ%F}?$bno)5%pY;I<#~_p+~v`
z3VY}{9uD9a%X_0mfE_f6N9naTLaXry_F3oQBAx&WUa)U`k3}BD1|FGZp^L+M*k@UY
zt4!|BVaD!#@Cas`*1|^+M~+<jLCB&6?}6JaIx`E}J!%(&lenFVsSfwf3*t5%i>P~8
zj%-mbrrW{b%w}sF@vAn-{!A(PFp`Hsm)tc5>jL2`TZL63C#G;Q>_e$*C|1Z0R)ygm
zN_IEf;9K%Jl3dt~2_CM>t7Jz#t+grm^c_X&!yp)!loa$~7QyXV3=!pu3Uz=XWK=YQ
zi&2Gcn8kO)K5(HFuYXtqa+x*^i&hOIkYyNj0-A3LSototK__1y4%J|Tm7*%h;}$id
z0aZ;c>wpbomWOjE_&^x!Qd~=IY+n&Z7-oaY!kwgn1!2eP6_$Wy^*S3g?}SFF4_j8#
z7wmL=cbNl7kA2n8(0Ovx5ohpfmtjVk{>g$!9exnsu|ax?hy1e$)@AxhfQ)+WWLc3N
z4I~~K7Bv?(t#-VHJ1P6HE9(9h!4~xp8+1kWVZlESGS9D#PzQ_bSf~o}a+bUZy1%KY
z{du|st{h4$df}2XW-;gt=LVx`h@C9Nlt}7%jn6|Y83#aAS2f{9Kkl()od(-hRdZu*
z4H%#tizUmk*YgyG+qkk6k-Q|o@=Ki_=Q%=kJDh^cd3d`X2==H|r>*G0Zidolm_5Y5
zF`$^s7cHevw&Y4p18_mg`~XnNi&Q%{_;B(xbM+fO0$RX}h=t@Z{Pl5S$ZkMEk6G*3
z7rRbguyD3JAqX1<1o;IxinGKQTud{qZ?nx&vTXl#YBTN_WTc9);rY?JOA{ndG)J;l
z?eqvu*&Z>JYHjuY-sj4jr=7>59MnYS6A+M_l;h51rJWhA;<{~B1eXu>IBLSKbbaCL
zK$z$(*Is7Ca6h&KSX;8}(a+jgRbU5G<#YJlVUMT!N^bJp;hZD+vSAQKOOGSZj2Js0
zL*!v5)G4|wcC=ky*a0I|tSeDWE-sU$I83{P9z17D4*Kst|NdC5^dBQmH^8ln$7|Qr
z0*+t-yqk~yZ(pr_(J=Z#0Puk7@7;q$TT6N_hY=*wE`p~;v(?U%O#5@O1<Mi;Pxhq8
zg7jFJ)l7%cP54$&fU+AZX*Zk-aMF{muqk&TZU52td4ghgxij^joPv%Nd;5`a)WlM{
z)S`ZTYA`g(rx$ZNbB$ZI5jP@kCq+yEcQ!4uHxh^aNFRQAbA2EQT8PO`ALS86YgnnC
zlW*xEQiE!NM}elp3RIA!rKfW(m2xizy~Y#9KDKHJ*JA3xX#!3ku^=wHY_mMWW496s
zwZc29SiDuWV~B!wX;d;_L5oJ|V=jesmmny^N(Pl`dcz@0>N^8zf%M-j5Pr7+NI$m0
z;W9ZjV&Y%@Pe%kUjcQbzZq|MGa!fJ1^+rtZK0!>MfruHna~8w;POdPuBK!XNh}yKw
z0_|9o;Z7^8$kkig%VJJ9#|J}g5MBu=DHj~gE!ILh-a_s5gdR3{0xS;F75!y`<xsGB
z3IgCWi>OQYwF$@;W)~R<lXI9#>q9LZy1<fDh2gD1yhoq$Y41Mt7Kh0%lR8WaHW!pB
z<<Bi0m`;!dAM98}Dx1}YSgg7rksIF^1<V7!%m%HSaUZmkTpu>nd{C%0>0%f9f``LQ
z2guy_#3;QcV4!GN{EY?SssMR+L2h<G8WO>8i1sm`oA}dOZ}xcqmhYz-l03ZeS6X2I
z6-S4;VJ^}?z0xTM8Q*)NH}|A<3``ED`=KYuadSkazBzh~DwhvTF!;2*<WAlqz1=g%
zjmD}?)b>TCy~pN>$1+)37i6n?E7!WwG+5q)uW~$!N&H<j?6@obJ#H9pvy|4U-^Vv`
z?P)$i3VA>0Od188sm`}Y{%qIScpxqZtlO`4<l%Kdwdx_`RF84^J!xN-Zr^(3S3g4z
z`e)#ro4KU(Y$D#gMIEoPEUq=4_|jSnzLNfzN?lG4OBEgyxjn`^71QNTg_vHQALC9o
zoLZK6dNMFY>6ey#X_9V|HQ0AHf--{wJlbYgmZY$L<h)Y5C=A0D%fjs|E~WEH%qx2*
zTN<Ks$T2)8`o@8!j~cQ-1{k$qq3IJJTBv9PqJQGiWy*vLa%QrXR$6Xh2~jv9s9~7^
zue!#FzncCD(#vhg7R&?7lSMC@i3#)v4?=IYh;A9z*X)sL>|O;R@p(|_YtOS$-Khii
z4Jl%k=HlBq+%V3q>^#zsC3ec@!Jrsu;+t)-+z}7stj6&;A?*-PXk(qa#1bpbA+iE~
z;$^}Ex=!5f{2~xH>l9drUF+Jr++I2XE%1aBU0pT7z_lg07eI_`Dm&NH;Py@rj_3!Q
zwP<?01@Xul@?L3!@PQx$igpq7Xc)M!#*`z6o}}+fOTXBrmsS>~H`rh$dM5FGnB;?C
zl46fJ{OGner7B3V#TTbc@%A>&dT-djs>%C>f-vcWlyW5mno*6x%v_CSN}NjVy)R<+
zWy(xIyZYR))KR5;_OyEs)Q4!Dg8nhEbloB#rj6**sf%r0p17jO<R^&V@>|zMnv76S
zd46Qws7*1CLJ9o{h2Q#lk0!@y*+y%WIuHQqYZk3w$UvQVXp+`Qy?GQggV&3*dD~|r
zc9iZEmK<atd3cH-E7csRR<$7r>n0Idma4=~vv4GZ3xpy%Xu}L1!y%1-jsfS}l0J2C
zu#<k;q;MXZq=!r4JPHaov8Zq;!@qp-0%0rN9oYQnuGhI9D95*K`tysZ=pi0Qrv3Is
zVHB3iJp<<6ff3B&*MA*u%Ou589SUVHOPM{Y*e+X7^x29I?_nyKxdx!FX#8CXLd{^7
zS#Q%|e}{eW5F0Fkq%reLd-Ri@nnnA!opabp+Edtb)W}}(@wz_JvnTHj^Ku>5^Xyc5
zfd^5j?&ZN_Y%D~>QO~7^!&EN0qtvBhZU`>3=<bClA2vgt54v{%F0lBbonR?ogGSk9
zLDwmM?a`+-^*(%`1*(GF6boIuXCSc{FsI?H6j%@YRAMSXkljqk0o!1O-3AsI=JefJ
zkc5e67?80biS)yst}a{T>XG&oTuGn_W^lge<a$)nnnoT`>Y&tJxuCJq2;kGw=bTWA
z9`W%sRJo$XZIof6vYN3@c*V0Ui(|P|XcxuJVE^aGv9Ci3b84~w^{&H)osojj87O?-
z8%@mtf=9bu6o)?F2~^T-w{^Jawg*e$M_C@&)Venr)xpUa&!pVBq#IrAmW`W^VQp4+
zCM!&5s5_%8?>s`fvKk@V8OHst8dt*=dGOIwJpIbJ@d$X8ikB2r*Ix1b0z5@9W|w^#
zbKuGNYd`uTpN5^1zW7vEtcD#pBiWKO?Uub%`46quk(?Rb&#=j1l1^Qb1!b`J!6cn3
zB0A5aQ$z!hhpR)>#*-F=8T5&Q`}~jNzL4RbAh`b(;5KO+TP;u(nzW4!RMa*cAZQyd
z>VMNV94^|%d|~kYfWcz-%V-%NdltnOUo0}_7}d#|2;g{7U3J8xu12Nqw9Ykqu|9}<
zqc<1H^#F?kxnctWeYD0#G*bt)8Scq~JLAW3XJ)v^2<}e;-1~yMl>+?K0`2LD*>oqQ
zpjUa2jI}MPkie%t+Q-As#c{B_#gw^_M5!ay**uDp7;G2I7YVYSTPkNUokP79Qm~Jt
zED1Q@wW#Cj+dLccDrdK#Rx(g$)JkW9+)OA0;dOC>GNqpZ={}@wXDEHaa7sUe!&cOQ
zoYKF?bCU#0ACGBRrJup&9<DszhXuS%C1<u_&?@^3J}rIJ2_qC5nvKU%<z+_MdrWlZ
zZKws;nOPzFDbJ|fHnOv$B9J`AN01X+mZ~l0<829Y6UYq2r}*r&g~OdZ#pj^7NX_{o
z+mDMX>aW61@l$*bw>2$WP}prw2q@aFpcfWR%J3IoJh`yr_I$bdpl-xQKNz>i7(|CW
z!UPSfnhCHlX(JQ0o47x8lSw5LHc1lc?|dfMh*3RZ5v~SL!JjFxc4q&N^yeNU4VG#t
zZ7rdV9h8PtVNjL#H8tomkjYV$4qtDyiJY4vK^7h%Q@BXG7&wWoz`YXXs-X<yIkRx^
zjxzm1S3AIxEQ^Q3fFcZoB)V>-9R{~S=BtdP;x<T_!o9yV!*Pj2tW+khJ|-S%`E)Tq
z#;1dOK2LRg8luS8$B?LS>SBJ3QwPT$56;5Zpc3=VMz64$*yG2(P#S$Xvip`2V2C@C
zzNl=$u>Aw=D5D`B;`%~?2u7w|G7LJiY|$4gL@=OTPHxK6Z#_?P!Lu89>NY6HQ-&e;
z&bomo!N_>ZFl2_?4cQ6?c=|(8j`~fXUw7<SbswE&6@bJq#|S^Y2_S8t7VNrGwI5-I
zih}-cPZTR0RmtN=G{!G%EbP(qLFpVBG>@F5w8MtyKAW0-V|#Ha+TGyBUHI=-{me`b
zNT{F;B%bHYWUUw^a)P^zrtx*E(;m(YdoQ1hFBTXZVPoNXk$h%BnaF2B==KmQd+r{p
z$}5Zt*uzp|F`Jo#H+U9gyFtv&?G@v@z<k)i_0K%6G$nJP(3CI(NxLQp%?FA#3R0D3
z%TZOzw>zvN&l2Y*<&sHNI7(p_>2Rx(^dzaqg+ck6Y5q$*&rQlFoa30;V~DwWGwwz*
z47te@x*KUG$JL(RkL8$Q{8)||Mw1+ysl#i3Jjc6>W;<xV-+63VqYcJ0L~1Y}9>}y*
zh9VkaaJ-;kP^?M_XwWB=q_+Ag2g0Q}61LMG%3I&zbC=oH6bz?R4w1~&Ayd(<rAhp6
z5V7m=oTY^gP;P?UZ-Y_A!qg8lMSyJlDFS3;T@j!%BZcnfva|#0n>Nc<Ztnewjj(VR
zERFZD1DA_YF#dsmEnMlR>T<D|!^1A{8I(WQ@piw_X`?0!oD38$a75H02v>>STq{Z)
zfHQIFqAr3nDZgXHRk7Whb8zIIPPV*c8;>5U%FB(;@i?fMqlybN#TQ2UN4UZ1KmeqN
zHp$0Blk`yO`W^+@G}+*s<Fjd^tTIrjtVCuZs8+S39z(+xA!VS_V15ccCi7DV4b+;8
zDw>}*tJWMYo<}M*GCakVABAg1%bezmCkx7+7}k5*dmt<bdRm4dowz5On_y(adWIqX
zOL}5h7YvlRnH+Ea|I9JN_^})_j3zlA37&I}UP^&Kn2liw7SBFbLj^WR;!A|CV6sxZ
z?D>>a1~@6jzD8HOtlRtlcP?|$7(zbDrhexp*Fi<AbukL9%K$Jw;JeTl(zhOw7jpGt
z(Oe)9#?MgY55l#msKOjznrgWkt}v*es%|zJ9tr|t_Y?9km^(RxVVYEnXJ~M9x)uz(
zPr#}{+Yc@0pgR0njsy)zfH&~CYE1XL#g@tB_>tutZV9Nd23jazB+G?)-j|QyfoLuT
z4DZ4)vI~P$mC&@4YzEY%?xT<O;u{3f4iY0CT$EDty&$jj7!wgcaet)7$&HKM2WPw5
zm|kV1hJ)1b({Mh0+T!@s)aIqX_svMu)N!D8+|Q+6rD9NL{{sez=t|EDuR$k=8Nv0o
zu`SD!)-SokB9!09izzw;Fx(<i0E3H$@t_CD@^p{jEkP$NJQZAeYN7EsUI4G)rgdkm
zM_lO+bCp|=HoAirVmqS0=a#iPL~2k2j!u@qeC%jJ^4(2J8Y0%J0dOFJr}*GN0-3%P
zz0c75hPKhAH~`JEXImZc39t8OAHBuHd3IMl2!96AA<0jV!>{AuxeB=HSr!Qw=NP=s
z22ov2eWT33)pbx&mu|NrN|#uGYi4?Xk16gSc-4fTAYOLpxP*cb&=u=!g6h6*TWWZp
zWc|B6n5xigZCw7t51o=n-?QO$h20UIDUkF+n;iC)0A#@={ZMWsTw&pyDZGwlYL*n}
z{-dw=Y>T15R$6Fmjo&o7N4*)}3)>8JZ}OPAF`ynx;DWgxE|{<9WjH_c6MACuVJPRw
zHmD(&@|EXH<E<o%-HkWtSKx5?75Lmnd>((#i0|W73B4SzN-j>Y1qTPv*CvR5EO~)n
zFC<&YMXm|?g5XCkQ(R9#S?0L1)G||)1#b_SvLNEI1il~U;0=jyXkCJcZ`8j_5b^Jl
z7kS8vh!^!0e6`?;QYo#Ssb*Q`GOS~Ua9z9HWeFdPZ^nGa15ukzrih{dCCZ8rb6gAz
z!6zX4tEfEr=|?>TxDJMxD9~)79!5*CW=pZcXsM{#Qc*#4kk9}8Q}_RsYxpJb?j^oJ
zV82U~fr<NN5mW0BG554AVi{bW)Zjhu&*LoatOR#RYSc5R#Vm4b@@GcAthT8va=ZFO
zA@YuryMs(0DS47p-j7Q@4I<Cc7t$c{N&T$OlE1<i0BY1Zr5BcFk(ZWUNt0#t0Qm&s
zT|^bK2tu81+QxLL95Gde+BDcFZ*XG3UL4+cz?Di|1N%0*gIDT)h*$F_-6hFW__8T5
z1mTzYryusIy92NLu*wBBW@AhYvG*9C5AQn*NZTU#m_I_D1K+Ip`YK+}93D?rD}4P@
zeU2{<a{Jw8*n&sX!qvzx?A&_HuN}|g`0He|1q`eJf+@Oci7R93xRV3nm@<TD6j960
zm=KH-zkGX(SM<GSW5zf8INSh7YPqr#>$yHtF&^s-E5ZeZ&g%+Oins$8+dZo6k>KuX
zJ&cR*@?%Ik_6}2k8n6b{_JhTT<J;+llHzF;uQxT?1gbC$MH+@TPc|%9yB~(%hkbw!
zxM8^|82;u^8w3^IbN3k##|)xwTy9$m{n`h}Jt>Hu!_c~RpN>C=-NG^Is(7p1nu^lb
zECVl#qlrTLi4F5c6CJi8V;4oMC(tVN0-3%CqJ&N1#`LK*+FOV3+(Wi{w>w>}_JvC7
zkLF>#_XmLSXvq^7NCQTOS%S$>8~Y)_Y)aEbvwcx4QGmD?s&woEy2dJ`lWl$zq=wU-
z?lRf$A=zd@BVAKOhl3*G4i(2Qlyi6me=hH2g2P8w&o2z`v)l}DHkNGQ1zMW}mOWr2
zffE~!lKa`%@|LG!MQskN@hZ`}!f{BGYxc{1dfA`Y2`Zf9Q<R=(0e-0dg~x2NLI^>b
zr-$2%8=dLlWINW+dunomVDeQvjYsPnZ)}p()OiTZTPPf<g_v`y#V-bKhs?mqh8)s@
zw>8qja0yxspoQAqZ>ouzDlULQW4d}#ZMDXc!p(udam{2mWV74LcrJw#*-0BsG#gwY
zP7kudmvEm}-0-m|xOZoxRe?T>Cd|Xk6UZBEtTc=`z0(FyvAdCy@*bZu5pRpA`NUj1
zDV@K3VWB(1?ZjwQGD24W<rBbho@&`TT?Bp6Wn^D?cIPW3UHkh8D$`g`_2rVu`@i5%
zhrG?U(I1+QC%hc#QP;7Tu8Z!8k_DK7-ecZ95)NX0p~p&-g{R`Z6tT#CFlxQ1Ft;!g
zwl6e)=`tQ}*^tep78y4*xGuma*1z`zsxV)!DDYN!RTpT+F6Trpf-Tswh(QcXE?*OH
zV9kngH6eEiKv!Ssn^Ps~pmG!{+)O-7AG_XzW4X|SNqWpfpw2zwQR`HXe#m5F^RqoS
zJ&W{=yImWR+fIW`yBvHF8tFlYn!ur0)J;=oMvrPVu}AfvXdL|~{RTsC=(mjxntEH~
z^(}X^L&VAgWYpy?KvG8=26e0#4}~T=bUA)4UtNlyt4ka0<sHa0(%1gh@pU;b{$HaW
zGMyy7*#aiR7oT`6fPQ+*#yKDF`ct18H$SG~zWXCw^P;BU$=QRT^%`*L|2GMiG@_PA
z-{bQ9Hr7iDr_mwM5Am6a{Vj`Rogs;vlusgDMJ1*yGnqg7UPnmY?%OS%-&*Z|Flwgm
z=lJvUc}8#cw^+xT;3ONI16?e0j!3WamBWp>&fW2+dq1ddX?1LOmwN=(hNdH!ohISW
zq;teaL!91c5nwp(mcaTUp9t5*=w$2;ytINo@!JSb$jE6!tUvZRVk~(#yw#nGl}emC
zfZR{At-rk&X;ta`;?{2?*!mqaFsEbdcU7FC-Jtcmirte3k#Xwk3I4S6LEp$?{f*B!
zMF(JOP&n3v*;us;R*%ohJ<C@w--4+S=TK<coV275Sy)e?i}2%E>v=wb9FoZ@xj)GF
z?=NpvBs#syViY8TO+fedl54il4)ow3?X!bHCL7Jt(%+fJw2K=@DM}v+_HW4H3lkG<
z8dZRc&4N1M5We+r$P(+5hiqmTd!W7SfeS!*>dagK!bmA1AlfWXXkf*u!Pq@;c#FoA
z>rywE?{+{Ae!$Q2@TOb1PkYL;Hxh2)IuHQqD;6!=D)!JM<(s`xhJw0V2+lLvQ5O8@
zH+*KjP}*L*7{#{Bz6k7Vz1lbWIj2cel&Zm`g7!kH21zwrofAo_+$uDeSFK5f<s(wn
zN-DmxEva%#$Xu#AlL{+Dq^grt(_Jd85fivL3Gh$g6!HXAARao4(#iLk*3zCq>LM4x
z9pu1JyFEti96H>ngsI_{B@7;(3&sbC;19ETaWZu%q!tQZpJ0KiAiE`@XQ~V&F74am
zXh=S}G_dSo8c3;`Wy9H?xLhfvn|T<?wL%ZIm8U}tTqz|6>JAtUg%M5Kh`z$plTolI
zYPhFqB#vH&k?l(p!`FR4Lk`_#C!83pXPC6x9AvLkh(_AQ(dG=!@;jieJ9M@wh!W}R
zJzsLlN8h-etOb$iUU(+)7%c*mrWR6yzD4Jr4!3VS96JqBnuSN@!$~?wn10w2X9Z6|
zhQ5Mj{-B@qc~1cU6ENn?#A5XVcozrnR)x54DRM4Fotm&OUR#=a10Tn{fme~RyAwSb
zVYEGij&q-kUdGlMfAhNP%XlZ%L0*lp*N8_mBMiP4`Sa*oMoI3*aRmBr#@_(gHw-u@
zhHUZbnIK`p6|xro2CG3*DcZgeJm%S$t1p*Zj2A{&^wp?a$n|XD8k-E3Q{mf$V#9X^
zdo_B8>E1yB<WeMykU^yo*t4)AgqFYGbmk|da~D!qAc(jQCmK#mQ??<;vSyrcAS}kF
zF2SGW+avt_EAqssxR{fg9hBBA$;fWClazMZslrAM2OFb%qhvnH@L+`dU)&$XM>5sB
zS;lCjg8hKnY>TC~mIqrubUK6i)E-%WMxlp<QK5^L1ffDrlU_*jdW)wl&bkI+S~KWa
zsOe*G=ibci@x!dd++JfYNrUQRc2(7&BhiVEM5;M1mG7!eGQz7FOa(PP2<9Sc1X3O0
zQUz){ms1_m$mZQ3c~9kG+3zD|+){qPP5=6VTED~i(2;?3_mBp(_J%*hE0YCD!g3E@
z&t|ed!h_I<sW+pK;k)aB<?7=I?vc$jPH*z4@P4U=j8EpDwyscHBvW1apyQ;8U1A1m
zVwV_#0=vW{ZDq;PODW&2_F?w;FeqmPVZ^kww@q6Jl~R}}-YrivNqNSTWC>Ap6=ivn
zhcFBta=`}9*8_Y^CYt3TOeA?Ckw-+HpQCEL;xpB_vlpuz5B{A^^Y3u#Rn#<1U&)Yr
zp+)wReJ)%!KO8P-*Kkd`2B&36h|%ea=xxStM}5=padBSKm_Fye@8>43uxYOKEMeKF
z`YlBNUA&ULcx8n3arT~@&JeGOICHqhsImv(Fpk0ZiC$CKyJ+30*KcwyX)t=@;LY-w
ztKl#MjY4ro5wv2tV?P6mBE@sdhpPwD&Ge|}*$;?ghe=I<d$rkcuO>*=?jwgXLrq{N
zpDk-HlbLG5eOOVb`%HT8FVo^i`Ws&o@j`V2HN*`ux_piLZTuL&9>Xi7^49aq=7q(7
z#1F$2;5*Cw#<8Ils$a$gJpPoTJP)sAf!ZZ<tycXX#@++IisE}8o_p`yyEl~(Iw*vW
z6bUL)1c?O%rGzRdN>uEHNE1;Y6qQbpA|gUiL_m}%U<HXC3mO#x3mO}O1)?BQ1m5S&
zIkR_n<@f)-3!mJbXP!B8=1kq$nb{BMT~;pMW#R1xhT3$>abKKryf{MC#gR4UcTI$5
z5%EdKLy>TYW%^JAAGPhP58`bEIgjX1=u@+wIKMjdfd8xWWL%o%*tXYf_N3xC9-VqV
zolKHYF!uB&>)!;Obd!;hxl<<SkvI!?5WeNSJxn@m4^PJ|Jkk-52$|L)BxG>Yk7T~(
z#&tD?yZIja`w(VU=$GEr(eF<oyk;J#XNJFkDW^`*UxdHHiF;EgpbJ7*@KyLI`5p}y
z(g}Fu?E|g!X#am>c%8EDtMFQSQS)AOFMcQ+xYixrY!hrwIc;d3a2qx@-<)gQl-es?
zv5qdw8~{)?JkH?c^^EI9ZyYMtz@HjT!lT(g_KRzSOqAG6{t8{(qI3+xBi`|nm5PmV
zuUoy$&MfRS9<1kwm(WzilJIl%rOW4H8)aXg#FYqQPCnm2hZAmKlG~+u<kmr-Q)eyB
z2drgMqMjurwT9NMUx>kQFEGj0GcRSJZoLs-_fFI^uje4$x;Tb<TFl{t^^8o|Vv9|y
zscAD&67T`&nc)Rg$rgkkXZPdbXUY96wt^e~*HQc6elz?_l-y?4#kHTeJW>=1jjp6p
zcefd%t)q5t9eoxc7e^m{NA+z__%HhTEBvo1>;K|y4e@72c2a%Y898j~+u_J}RNsEm
zpVFs%KaKtorF!;9^wF3d{-AipzIKx}kj_V-S%-l)V5FLDPSDiD3TW6Wj>6Dv?Yf|F
zyjls{L=GsFgvIu`GW(NW*A1t?lR^bX+k!COnfAjw)77vLY71Sl6Cy|}o?8t|YZy}=
z4-`$F6N_848j2<{ZI4FvJC^gN%_usRGaYpSc8=d5C<+vHq}EBt8Q|H_I>UCY!Hq(v
zhXt%fIA5H}kvK2Lu#u4eOCAkyt70E`H0ZBWWHun+Wfqo_mlS(XD6`^{yinNjWMjpp
zKv$nr7NaHn`^UeqdLuLjmR@=!egVcLp#%l0_r^H@)_9~JlyCE{HJ^EUoR8iAdVb__
zIau#Mq?X9bmUx*x1RrrXq(m)FNNR&x+-5Poq+ZOVL@iE`>Z2CdzX?V4CL>4ca6qRv
zXlUD*^NZJE7+Ka2HN&uZw}{cslY%zr5!%S`g!p@1zSQtohxcr1>HVz6q866%jhlry
zc1552H5wONTcurxsm^)J2Cj;SP+b*0P+z?u^e7&OvX<fd!HfBPp~W~XA8pGr`XB-A
zmB4$!Yw%w1E7V~snbk!Kz6^Y=3iF|T7SjqxnhwB`rYq64tQe<PM!*_?uG<ZDjNYSR
z{?Uej{}3c0{>?kA8;+Fb6y?8dm8Dn7F?@X4Y@jio+%Lv{bSc;ttn1VdkEyQf(;kc_
zm(cCiqi{RwKBLHelQ9)dHDjZMp=nUB(;g-kYb1(5$CNQy_DvV&HZie4<<t6CuQ29}
z`Phq4V2=!>el+9>o*Eg0QwmdQ--S1roFjRmL?acpk2vGp>xW_%(8?qqBd!(Ws5bN$
zqIYMo7p6%V56kWdzRD9Fw26r`8RdZWwg{HBCSf+0_Z;hJa>|(MiS@JIkaqiShDS1D
zenRX^t6jWKyK{QA_?vViGh;j4Ow=i3D!XxMv%3Vv&H5*qK@~oQ;%1;3ABAETpx2dH
zr4>ciQxj=nuc6GGob{kNxkO4MQC~{E0;~<SC#9wYhGLZkf~?ehm2|SEHC!aA0y1pA
z_CQIr5eh}lhRL9k;C1^H@OoHNH}EMCze${AY8c9ON>Ns^J6-LxDT|s`R$;Q=;wffN
zHO*zk#w4i!%>@Lp{@6J~ZDA-r*{ciIKTD&4_0M=!0sn&nNIr*R%9GC%605ki#*`kJ
z!TP76^YyvyK7llE$qB{lh!b7hEhfgZy#7!jW&!_7ZHq$F+f2A@PdF&vAt9G{O?L74
zBilnU3;5+)6moAha(j5fq2eqOgH<+F&g(`o@cJhvihZyt1mM+|{w^9m&xCW`Fr(Mo
zFUDn2>_}x3kwV#14Fw?4sm6Co7gG__TzC4s;83x>ZVzOpmhVAxf6o~1y^(E1p(_+i
z*=pPG^U#Z&cVTP<4$rEKlRk3b%(=`uyY;enz3{a<b$8&=7ZIksZv~m@=KAQH>vzzj
z4vj}bC@Iy%KZb%6KT{l(F0UU|5jygwzAKE+h<3lWVm<1UflwS>H$vj;D%NSgw&J?w
z80Z8cz_+K_wDl`?p*ZbPnywqcp||Vg;FM6gVtKAzo1v#~)(ht7wJc=pfi4@1qxvH=
zR)qks!Y8vNW6(ahSz`pnZgR!YGNBgT@Tc!!{24q1!<r#?;_lA-a5u|7Mn8&ob@+@9
zh6K_-4|fGLGdv=Y>ca%56;W``5NDj6K7g`oo=Y~_l^~lwbDj9&izcR%id!H~VPElt
zMZvdzSoBGsc~P;?#h=#sV6>yM_;e!`w;t)vaD_vP>(aBj3*wUxq~#6?Y>r0ty3vMv
zokpe?2n4s;|Gh_9(0>tUGBtKyH;Z?@S(@v#r6CkM=q4_VB@QMPIvjHoWb)X@LWYKM
zPM*f$PR7($0M-+zZ$M8p02DTMnOjflqCnN{g<)(jDp>C1uZNM1A$4{y3|$Q)F`iDy
zFq3D!XiA)9PzQoU$A-FbU?C>9k0({()LXm?ZyyhEb?T@iiM>8rV-k=o=mwG<<M(>%
z+v#>(xp6l{`Wjx1HtFiYoW9er+kN0`f?9*!`g~?@LcI#uZkWq9H55w)`|3aSaatUd
zFkgaXo=EUTg~9p|lk5YQm(p9eJdRHdte8Ni!xi&-_R%em(Xzy29Nv8riOu-X>RliC
z-{1=TnMz+b=PC>-|GKJHMM=~RF9G9{K4#q+A_)ckFYJTXzLY*=fc1ay=LVlz7LPs!
zW(ukx^cX!qt)Lad_*PtG7aj-}P0+g{yUD#pZ>N26+i97pnKz;|sn~TNS$$~|BDoR%
zoYfhBdR%Q(jz1ylzC~ZIFc<YWre%v=>891}OgR^Y^4zXw{bAQD5!IDgdqmUto3QrC
z+-$+yE_9jA|MNu2f}zdKZB`qzBD)RrZgT-j%LTo0*SkON`hQ*tx1U$q!Mn>Pq%R=W
zT+1P#hUC@`=K82uDUAh_NA9OsdLtHdk9d0P{yQp>BhZGsioW%URn*L@M5>}J)Sg1m
zxDQ5tqpv0WhRGC|e;j60{vr22(XUgD`|H$6>2Oa<UzTp%@27uA?(ONn8n-XPSftcO
z^P0)x*Fu{^k))H$Z~*To2KWTCtQdS^8uDx7{yDUte(|_xvdHS|wd@o_oE<u34!S+0
z%Tq96ISxNlQ>oFOnz{o=O91#b^FSt*&;yw>U<v>;Dm`Dxbk#<7to9D8n}Y)aw3AM&
z*Rg<2_DduNCQ!od3oXjO;)-Q_Y(+Id#ci;Vo_-gGw$cpN*6?TH$Ow8N8s14IbSGW~
z824d(ZV&Dw;q?*YULSdp9!5Tme9m9aD~}wEnAy*xk=-=AwLAKKlvb_i@1qaXGX95?
z9!oL-A4@7CcTv&`cCSd9hO+_mwB%LE#(!1vbL4(5`31OX*--Lka?j5Az9N49t#}eY
z#?DkP{8lG8_Pd+73ed0BmH6{)d{aC=VuGwJ-xPm4juQ8F{JpqQ`2F}t<o-74AzIt>
zYx3Xp^M1-nnydOa^$*(iJSS}~K6jw!rah5n-m9Lh@BnS-WHnfa*de#<RI;msD%Fe2
zhc9tjO+5&xw;!2be!pInx)`MsH&3R%Vs6m+(?g2A?0xKjTkg%5`<{!gk5U<#<viuk
z?;;oxVpk;1Po_Dc<Rzr~lH}#&TAuuKGV=A;<YlxRX;u0<b9m0W^w-nTw7CTYG5%kX
zOm$|_&K4Wjcky51aEc%-!}8nSQ_s1?e}+}}q~qbpF)Ap>BL7C9$4hz#sk0;Hw-j^-
zzoqQRgzG@&^OdBzi*5MKmdzMdj~L!z4N+;<Fy{9^QB4U=h7}LpkIM8jDidygMrAUu
zsSjkHWTc=HRV#QsT&cv|u&7RMtunJst*L*;6`SPZm(bd#>G-N6epQC?<v*uUV*w^m
z3&!ci;rGxN;O3*qHpGsb9hsyUZYZgAV;0W@Ecm#abd$+5!u#nx@qWC^h)h65IvU0b
zTddQM;43~u@D-mgsek!W??<OuI1c^dCTjQoj84SIggjazEj>QBCM~BKxBKw{+(RK`
z$)V6wP!sN_BC9EjR!2UiDe?RD2TmDYNbR);G{s(UyNPC$qwOvR`Qo0DxiiNhqIl=+
zEFPn5avt+I!#ZA5s-u!hfuU;r{L^5=EJjkoaa)VcQ%*R3^QRn#aUzyj6;~yGMoWx5
zJYMD?iF@FMJ_!Thvn9;6(q_hfbvt8BO6j=lmuej7FJs?+W$jl$&mIM#2WdB_40Jrc
zW(|$;bNfJ#Z$IQ#KMaEUVi06VJV;a?3dHv@;?YyxYx2<Jc_s#^XFiAwD!P{v)B0;x
zDq?2anEaEg=vbs@?0!ujHXosCFGC?Ih{oZ-(6lz$0v4<%0<@y<26ren-@+viD;YDL
zRQ{d_Kd#eR4ia5&1g%Atf{W&t21sz3hB%h)ip-_Dn~U@eKzcAb7^tV<TegwWIH7w!
z)}#PF6`B~P!Za_ufaX&d;7uh48jESU>;SzkvX-_>t<`U1**T|e!8bM&@UbtQWTsS9
zJYUd;Zkdlw@DOpBSO(Y`RZ*?+*iEUkAu#zFo1kL&7PgL?lPxNUlZJh#r=dSVO5>9y
z0u1S2zL%fcd{BI*5TvjMI;mKvFKtSO!0<z4iO(mYl>6n2xLYG<=ubjeRdX%g)guqC
zK^|<OcadALXAQ0?5$px(uV<0TuHjU9W%koUmZ4rBxyN|fKfY*t>mdbX=K_+{8?UKm
z(aVJ1=vX2P311jl#=w82<I$O<?`7#esRPLia%AS83yF_0NDslwxW0O0_!Rw^O-%z4
zDT;us|KXMAp5)N_(jkvg#ds{V5zXt8F$lfI6rC;M4{4zi+MKt=q*zCU3445_NGd|7
z_&7Cp>X;bzaL^U&;8qZN=^AZ_mUE05=1YMljyG-;;vx7N!eIRpvV+#raE1&<h7^a5
zdkfZY!+%y}5q=Onew{>dCLS@Mi4tc$J$Ka@)&g-PyLy;6ml=4n%%I74Jjjy@HW21q
z&2S?^{jihl%q<v01r~(Uk<j;3@k|%lwDoTc7f&A)uO<YZKnj6k=0~sIWs9Xb@AhsK
zgE^sjR8>C=eU5%(>KOgG*(hsjd(2D6A-6w)v1p9(GD+}y_tqV^Qeoa2`jBR8P|Q9g
zL3k=c)$j@G!-9}0(xQ094AdP_SNd{b6qjIN>?a~ERw1ytVw>C)QSTP%V$yKiWRn(V
zeB?6DM>_FQOB}0>_RN%qfOu-qI%2`aU}F`N_w%r(1?~@#Eb{{^+2vNTWjn1k&B5vy
z+AimM7dH#vaX_$5>TcJkF)DXsT46J8ym|7MisU8q(~ZZXB^Wyn_Qc8_5Kk+ow{A=f
zSR4!**~IHeim~tw%iej7Vyv-i21QM>s)AR_<COWfN0l1Ma!;!yYt&CQuD0-_&v`6@
zNdMFT3g*z=HtBQ{NM?K3{+e6S`<so3x8~z+6m6=qmyeHA$=ajq0)M2-AL-@Cmb%i-
zl8G}T`D1W&LVX^4SkL+}$9R-#zizRgzqOi~dDbp4aThrpmbLLP%&{ANQ7ZZp!%kQv
zB$x@Ge&M;adKiiJdi2qa;F0rRkAcRctMNdXX5U$L%-9njG{SM2CLzMW)+IN!rcks(
zIcsIk?VLdiJ7$CngKNV4K~PLuAqlO_DNxgB8QC-r;to)thBporm{we1T6ILn(9y`3
zfeI_-qvLxlt)MlysJZvx?j94sou2tmkSIn1(Z*@!sMu`z(gS3qji>i<F3_rDfYEVI
zI6#?$bYN66&=br=7F+G+ab<nCs)I7y()^nK-=qA!RMIDhCd(_|ffB4YzX47-%{Ta5
zr(X*ihq+$d{7(@%bc*v7RNO!bZ0BZqPZaZ><6sW1yHGxs@Wi?ToX1a-ROaQg&kwWC
zTJ=oBUOJD(dX9rJ`goCX<NXvfW6a-9@r#SZhoZ{kMcEBFgQ14$Z)(&stB`9oGp=#t
z>4(xf)M}6Fg%=33#c5`cy>2u$KBqbP&t;=c^ZMHP<3~jrcT4eQ;-u$XG?586wPRkV
znHzQ4MjBLo)>U<&IsxMb^5G@xt#GWiP8*4$J90D%eq#30%fJ_GMxpMEB8I6s@pmM=
z>2tZ@{p5<I*V*X}@uz)fZk9r2T+wM!j(oo66PNvee7?qpaX()Z6(KlIh6WZ1r}?%+
z!f948)V5^v`I>GX1K>SE3-L^`-x)wl=|N%ecw3=RW_Uv&@BXs~{8Ag2Y7JZ3S!3$7
zVmG*6VVzHvF>Dq;gyI9lBTde_blsf02`6=H2{xklI>Y>dN*fC)dzwRm#<@z+{<Wkk
zCYyB?tTQzk2Q|Hne#}6p3WnRMCK%?hGm?Q$6^!12PwkM%*lIUMvp=s1$Jhirf!rvc
zb1Afbuzn8yT!I%}Mx)qv*Rv)n`<dPN#S%$=!S$(xrlU>={OL5vT{aS1>w4Ef^V0BQ
z{OR1ED{Gl}(U*jfH~4Ix3-pffk$bWr>Sn@=^o>{fo{KLI3?yIc#H1ND3f39H=Ig|#
zc6>Zj;Vmz2EBu)vRw{gbamuH5Tqg!zq^|4cGT=ImwE9rfTf<{5MHsCu!B^aA=O?Q6
z^+8$}mxgr%?y@jb9jq5T;=Qe=ECv<A^$mA1+PMrE@MIOgGKf^J*pI*29^X83f0}}J
z=hKu;>0CfIrT>r);D_`BG;lhQeoF9D>67rqfz!$8r#l!DN~<BEy!tL*guQi#A2Ii*
ze<b;XAitdCqZpT`A13@TM+m^kGUu-SH`3W5WC*?o{!2Q>pTCf(fe>(vTojCQ%ghQO
zB!0=19*ts;{B8}9ME&mt9V5drtjz6We)?QV6Wib8*&s3;69o^49}XM*$?(Q7O}cLl
zf55;l9N|L1w8;1L@HJ6S*JeOIUC*YMOtbX@<Mu?1s#C{}`X`+_cRkGpw`~w_+X!ok
z^&Wi&T6W&?AIbkc%Y>|#VC>O*17Y^+qyHn!QN1DEAJ2yLx6=Qg@%R)bM?mR<3G>78
z>;~~{QM$IPG>-GR%~jjwu-e{Gr1t*`byV+9O~n%XL|pq*3)25rsDgA#t~V4V_kV=?
zPlA1=g$&Ty&9%;$i@FRi=P@INQ;N~Mt_ZCr*X!ZGX`1RGnhhC(2_&q1#2h#lyu<Y)
zUP{0<ORuC6_Da28NA5<k`&|FRH-G3=G-<jj`V7qn>`j|SuZE_j&!STWF$rlSS7vqz
z&#DjXx5byn(jylqnc1m;$2G>|8fb6&Ku;LIeMU}=`+=$P#Yz9$U|gTPs`yLU$nB0F
z*zW9dBKKqY<1S~PV@9b#y=e5a4r`G0y4Yg(tR<c=`)?v(p^<N!`Ion`<{qxy;d%7^
z`lZfV`dRA~JJAU^cLU#>cVM6)umewP{5P}zi+Gb|wn!kV%%vGYqJBI4OPJ>6e+eJQ
zZ#{h+n+wQ2A1`0&cX#9{CaH=h=qY-eCSV&5{~_W|{i|{Rs_{M!?nC;SDEU7Z{o4F~
z9X*CA*0S+>sx#Xmk0+2ULvX$^zk6Ura=#bf7C)V4JMo%?1pgNQ!~FgcKY-u5=$`nJ
z>^tg~q|#7AOu?y6%)%?^gLvUkPamXdQbhMqxX2{5D7?@77DhfpLhI>2A_wRfq0FR^
zr?4fYO3cWIkt<KD^UC-dqa!B1-3l1<YDjH$X$ZRr25C|NKl{QDz`z?O=)%ZL8tzw7
zrSQDs@Z5<Tqesdh5;6#1hC}zUMRo&~h9GR92!qiJBRDr}pnip94rG}FAq#quTz6gu
ziS;BDGfN{MH7{8o4dKLrYjNTLJ~)S1wuTOq^Kj^yFgc$Imzupek!NXc`B}W7H>&85
zaqbo(v8U>}x|<tsM3_Iqrj|cVRDXsZ!`!2O4B29e%ah^t<X#_sS*phJ2%O7lEkJK6
zjR-sir429@HvDi|n>s-ydE)d~tklF*8d`xJuX+X9{VFjP-trr}_huW>urZlri1ocn
zqg@;MO_Xf^4T?5g(__==0cCn@ZY(~0%sCCrhM6_7^&Zz$s<=EM8~fsbZSs0!Q1WZ&
zKw=Q<(c0X`YP(#T)@+Gmb@agN@aG}gtb=2<!f#S*{AOfp#2k3JHS#mLe~y&1yByn+
z;64<Yt&RTz{U(}ii6!>a4^|O#9N<dYs<hHMRnd%{f~vS~UoadHNGG~nnTJ0U@gZ3J
ztPedzsy#$Q3p#}J1Dr<(_ins<Gwx&I6MXYz<O@=6ntqD9lFc|xj8*d#cwbyNV{l3u
zI*BQ1^V3k==BF(t*W$G2(lAnbF6|`(ccy=dag(bninTY9eRPvu8G7!9Em%{Mv76FK
z$Glbit|DXKRWxZ2%(Vn$U|aHM74+N!$oQ<nt_qMb5dA=fuLS$5!U{S_8`z4BRfvmt
zt1^sS&+>hbf}UHSuGsVSyVi5dU!Q>WE{8N^4#M^_{X&$n7owlgD>Go9M9Ty#iyjp0
zVD!}(^Ina;L3@+HdjqGfG4^3>pJ4l9Qyj*oI7?|r58hH|O)6t+QjOl&Mi8}AxTLMg
zpIC*xw(yu$KvmmN)o(Kp@6J#{X()LdXQ9#Wsn9yAZR@ZR*lg+A6n>U!@LK&G9{fxj
z3yCDtlkZ{_z_C+qA$`eI-j_lr=;ham(6n%53>Gs?!<ZKChp{<{s^sHgY!4iW?Sbn|
z3$-qMh@6MQQzLqAA@X8s<W*`9UybY+V1HyfwTw^TJvx5Ma84b5_DBDU8tH%0+LwXm
zOOm{6A(36wwDZLs5X#Aab)7*c5Psn-iHEM%OXADok^3+>Ulv~;kBr03@;Ek5Uah~5
zKa+&U>zSnIlg#M+`J`Rs-j(!c656LiTD{Q^t2bVur3kMif0FEs3?-j(u!-rD<gW<(
zDtRw39PL5aoRm^pW>K2*MT(hg`Xc3Pa_>nwg&%q^VcrK>)$MQW@Xt0o8;}`Wert^V
zEw#ym&?Y|>j@%1lKNWt9+#iPDia@2eA|FK}Bax1eA|FTL{y4fbYR+of8GYA*`(5Xq
zxSqQSR(}U8LofiO0gyG8o87)__v!)5wZv<xYf*Gw<P|e7QuG56{aVVy=OQoA&!)(y
z^z&)t4{A;Ri2Ons_)GKv^#=!{lVWg9icO(qj8kH($h9i=Ld<0D3o)oUP}F?csyWad
zSdei%b#kIH$wb;(KUlwtC1GT!Em*Du=ii~_^qjO=m(ojLGcq|%k@g7t%!K|dbcEi+
z9l?;qoXs~8jV9b5n8z~Mo7zrOBzA}AQ13S<@+69F5mYseXCM7V1Rqy5fN4hia5LJ6
ztCe5<9TC!Z2LixM(@_7&Nv$q^?RX%38Vx_85$Pv%sA%#xm(i)1<+L0EeY-b--hfR=
zaFZ5jlv`X$jlz|frJ<8ou-z1{^`WKo{`F<rGk6UW2x-@-xUUcd>^_*}4Sv;xPM94>
zIrf9uVU~Vk7RtdVBX1L6jM0yc;dz4RSonqLNw>h$j8fx#{K=m}Sve)N5Jykxg|ypo
zR1&o)8_E4z_<d~u(eI<(HSj0V)!0L!H)GQ>W)fsP4$<BcOp3Ss(6mb*hNsfh#MG2|
zDP|4UJgSy7Ac(t-M(VkDt23x`ny(WJ0w@n%hB}o>B2T5xOM{~G(w5M^2fc|FAPv^j
zE52FLJd2R|JeNr{UQ8J%mcGx{^RsCX+;KSl9X=%_y+CLdEy}?P?uWySJRDwVM#~Gs
zi^8eY8?DS}^;A82$G;T2K#BWoc#-r|i}d5>N#Jo9o<`Eg@sAkC_0xC~sHfLQH=5s#
z(Gq$xko5x|RXw+!L_d~(x`Fp&Sbj*tDfOrGe;t!C6lr;SK?UL!RCpY}_4MNvo;L2M
zE37u|)fF}y_vQ*)jC)IkZN|N=!d~NkC}Tzjg`1Hv3%_-3PJ2`h-g;F3J?(U={hs!3
z8maVe8s@1?<^6vrqOK&Oo+P5KB%+??MAX%sh<ch6QCD*!>gjD2cACWOtS}8@5$gY@
zndH=!<kZu%GUl-lQW3v$4;KzB&L`(f;>3|}<lHXK8&S&K@?=3;FpsjRTA{~k)g3KN
z_Z#i^P7X^rtms6)A8Lx$!*l}p6TAEuTO2bect#U+haEZ~c;}TkNW)k*Hq7PV)O}qM
z-?DQ{j%O6|fN4-42rZ{b)`X7J&+*Wk=4FR{TK3S#Qd=|@ubKPk9icDj$B=1e6jyAy
zJGzO*#;SW2I@VZgdV8ee{eESYhb0Em1KmkaOo8j>6KRL?L@WfsfXaRSVZ?fg{d99|
znH-G$7v{TCm~dQyCKAB<kO`T1q3Cv*B!jQmLvEB!F$iwj4kl}Np_z)gys!D`e?9O~
z6GQNrLI*|+z!AhJ&FY~r-gFMov#3uW4Vym|#x}_TdR6!pcE1+>)ZCbeVkz$Mi~6^;
z?$W}<u5@uUI=Uv}LAPgm1PT{RB(x3XYnwaM`6R0iJsa?z>w71Kg3uJ4vPI+-*gP8W
zQ>P%*I~@%tH{&x7+5%KFbe*o*CiZ0HsftYzV;?yC+-aS64zHAd%E8+_919sgufgi3
zAYl>L@X?ueH(vtv_iW^n-YMpdtiP_=7`AQP3`QP<V`%78%&pt#QIql!`9&xO7xe_v
zvk&h2T!Xu7ZqTD1uCPqsFdUBIqjf$)(P1e^Bmt^|SHWfT;wa>C8{ve|b?TM>ng9r2
zv6Mru8EAP=&9kV<I;%6aGM&2<(*0^euD+R&oA0FiJBLwo=Ig~x{!wZ3%0mJ;rDsJ)
zO)S8m<gC`wQIiTVo!q(;{5oBZ^jzK@ciji!ZqU`yQL|2|Wr!*|YVk=74sRZTibB&V
z-u#Qrb`_41dNG;-QtbjPD6+uiY2s;`Rl({rqq>SeCBC#jr38xmqIkv)+6LOSna&4F
ziop_|nEC97GPjbC8C^+Jp#Ajf&|+E#kf?(cOp1ZI3&j!=TA-<E(F2L^F$iILV@~EC
zIPO8GYFtx7OQ;qu!47FNh+c-cFo-rW;Sg*bng!Qqp)cSIbA3TWLTYG`_(T*{(Lhy2
z3TW;oamC(tlZZE3y4&PXc#Og;c&za4qo1YLq!0EkydJ{Ao5NMzW%_kGhAVLnl}A37
z;b0hrmdK3f%{(y1?{u<^XZYks9DBiy*DTuTg5-7S!>R3)4@bUTBZHPT7w2w&E2j9C
z5{D)4p?PFoS_Kh`r~S=Em-c=Y;R(T;ha96Rk-LPZRW5Qfmo}C3A#>vtxw*9WygwS!
zpQ#}`Nb?J$^)h{e4*2G^jw~mZkby%LbTxCL6Uji^JE%B{cB~j@mm9a6RL*p0KuVZD
z9w}{+@ofhpK?7~Z=fmRpBg~L}#9T7J(JfbR#Mu_+>Gx$i<f6C!F7!hvb-2RPPy9E_
zcz(c38hp?f_p}}qXNO~rGM({x6v@GJvb{X9cZK+_bIG!p#W3;ofelOoyi*u%^Ccp<
zk_S=ojO}&Jd=Waai!P-v%U;?Q*6n6C_CFPxh2<USJeKhj*)lref=(P;9e$2Ho(sRq
z?#(p5?~5}*-evc@;WBdn7=DC0$49Ul(risw7I^|U<CbCf|FgJ3qw*{!EX@dc117aV
z-4U5fD}3kbXYk%0_2U_O<v=m6*DsUD%UIEB+#k{QpuYI?HM_soKahJ-bO|<3aQ0av
z`hGo0Zi1X?(iQpHwHvI8irmed1~5@d@5InndUo21IM{nTc25B~rvDY-UtK^Gf(6k<
zRE!|N#E!ZjUCw}67)a5Z;&fWAJo?b!MLXsY*=}?@5nCzgcNLBmqu=rnmTUII^KhAY
z#@H9$D$jU7n%^JEbp5bxdZETa(Icq^SP1)}*gS*DTC4{%jl#1?5TNat$j8sudbjJd
zn=FWtU?`q(*w)eBsv%T&>!>YEAeoCT3p6(Ei0zSRmb3R=kx|IJyYPh78{?7Ls0?t<
zHV4@vFW1sTHKtzC78;MwaOz&<Zg`X-rIEWMlvFIR?~MiarzkT}=_iJ#(6rJNI(pB(
z$@S%{Ux{uoM7IIRn*n#>?k=pt%+>Sgl!|_cd<(g@&{=K$5-a&9atFW>VGu<TabxI7
zn>jIddZIB~BdMmwtN`k`hBB(f<{h<0F-Ox5MRPUuW|JOKJ+{teP|1p)fj?(lY-f&t
za6PG%MR9}*%pSL>+0yTEV)9LG|E~_mTp`%Ds<WCyhvt(g1@2HamY|sPi!k9f7!z)W
zBt2p*{g_ROS@?$&ylGh%T^=v<%@ll!Xt3UgX%a+%(Do%5*px$cT{&h(Jz5u4wh1jG
z?1SydeNoa^nUcOHR6==F5_${gj$oPOb*Jqp5c$8ZJabyp94RexLW`)2SQL6%fTyX%
z^+$<&ld7(pbdv(lAD_H_y2fSDsV7Peee+-=&RRqvel@g{+&l5D8)*1PsE}H%LV9<a
zi+86h$+a@_9J!v0Y($IXkxsY17<%g(=!x;+4^p?cQ5UYKxzBhxv;|uj@sh=;Or59y
zqPnPJk>fUFG9e*zDv6tlku@B1Lq+5&3O!G*=R@VR^qpQ2#KtM}&f-vHqQ?4e+|$z3
ziTVNSLQQ-?7i!^2w6Q8~RA-~&w7wO8mWLj-`wJ4vK`+vc2kePJH1VW0mM`hXXX8)n
zHu%%#LbO4<Xg>ozkS(Ukuy?Q<l$ak!z9b`l8Tp2{$9;?UbkTg(3Wv@gz)NZDXl_L-
zX!XI!NjSzEM?wd4=h2uWr|*u|JR5&nkH()}^x3R_dVlC2YE>sjreP`x;o|lFWs`<6
z$~0x%Sej*f?44t_M_q<JqxcvWp5iu>l{bg>&_mZA+S%G$FN-`)n*pAVY$n&{$h%0&
zy?6{by}$#eRX;$V)xpE+6l^3QJJ3!7Op1~yay}hFi=NmHOIpPax*20mE0IMRkvN?<
zD~>a>JdUgeN%`5<r$I|txz%|{D-AXi4Oo1^2{yyI|1HB8ikDXA)XHus^W82-^}75D
zQ@QjN=8KO#*wLdW8tiL)vW?c;Tp^fI)A2M2NwbT0V_r{eETVNbwkh&@^=2<rj-&sL
z;5#>hs)(TKTU2e|;uZ960}%6)`su3gQtS0DlPE$i#2F`TB}+1s>`9nw$JiyMnpxLr
zQZwD9P(!XO$w)MInTyxO+;iOlk-2Lppj5?O96bk?LtP=XlxWTs4eHQ&I|&Hc?xP?-
z;Qh6vE&}TYkKl-{abq>#=cRpFCdu)&;(`6o)X~2rPFmB3%M0|5Zx&BkUY6kY|Iep%
zjS0SRBQ=L^E+%^~rFOS38qL?xS`y1#u>{o|FijoxgE(3WE8B<D>4S9Qz1-U%!Eojw
z>_Mt>CLlfW&?F`L5A*bc`!ys)aB96}R2^$}%4Q~QH%rFJ1T5Q&V`Di!AEO$;$JU5w
zpWn_fL>%d&E7VZVb-%KEMMT}<<(>IQf>*5$&Z5^%o2zI~7p<sk)HZLJjI@yZUMb{6
zf9H@7Mw}T!&vKrTyOz#Za@Rq%@Wyw^ejA_CkyPbW6?Z46zubjYB~Jk7N`Y@u=Xv1h
zW>=1*QyS|g?RAIF%CYEp=Yj(q&xVj++yTMURS&PY7Ufp0m`<svE7j7qvs83|i$<^k
zTSbSu?x;?#psUwZ&IysXFc8l?p*B{HJ@GiN3LJ7?le_v(Nd`}U*He_YZVvYSGoeya
zB^CYHb;EMWDtgd$SI`wIs%WjhEFb<E%K26z*cn!pJ#wAa!kZD$xJ2-~{02MwAd9Wz
zm(oMvIf3jNe2D20)zK4abcn#1?9`zY6}{W<cC3G<V|_AJeXoGYfdJN>sjl$S7P+*j
zPD)YE0&!=%1-GX2j$pN&ALZ^|XYk*wcHEy`Lj`W;2Cw1Xo#nUF9HG|o>%B%`O1M)|
zIo4g>cf@`49S@D{gEW~-V;z4aO+|Nl{B^o=-V}EgSDng^<y7%2_PbC6iaCc9#f22J
z?&^O1uX1Uq0-)6q_W(r=q+3|;cWJPDl1{FwqEEVzg9GzbbdBqd>Uag^j1qTu=MA|#
z-yiiqZU9WJA<foZ#ZOE9Cy@}C&av)50jlkxku>YBqQ3Vg<W>)j3_srE4xtI)Y%y!x
zG`XMi`uj4D3wnvipQ1fi+?j61WjdV&tKwWGcNJXU3Xat%)45N4tGm9{oq2-Qa;zp^
z$u{;X>TGW!s~@o@tDzfTn`qu6&KDx?<v`;wOF~3dTd$ymHBxm(*My+0+IiT9a2~OD
z>Q!&puU#cDahiq?0IKL$$E;o$lXO<mM~_=~bKSDFioWBzBRZ*?iXL~}T07_mkRLPu
zwLvt#{fvWlRdo0X3q^2PkWNA_ERnd|I@{&$V90szDD&DoA<^TYc1DW4^<niEhSzR^
zA9m6TJy*AeYK=}=H|lve747G7M{3~+LS_5$&bn7W6-{^DVV$0XuElky>RQ(-JUdu^
z1>I*Ydhy*Z&`w{}UFY7SN3IRQ1TGxW6|3rYm#FBoVH?!J#%X=#%7}{o>|!u>I~5(R
zE$1hVB|Lw{^gpo&9X*W}+AMcgIx0FOY8m)i@Z`vw5R!n>HO30{TdC-sE-Oh_tfK38
zRXC8q28`<Jja0Nv+`5x>)!Mp6M-}a!Y#}r%snj|+PfI4Xb-t6k_D&74@!ugQUCcQ(
z<SdliZ0B9MJI6U9cg0a>m85h|ieqD*t)0#iBR;q08(j=bVNF{4;iUpcmG|tV=s|(0
zF~=ysUOnA3TRBe(`beP8v`=N(oqVqjqW1}`RkBX6NFVe*1ItBUa#8NR?-lo0zhVak
zzR2GOUYTYM8r5mA=6T}oq#Amw+zFSKtdl>~${8WRUyjQ067Q;L<)P_CtM;JlMiola
z6)P#{MuBQN6Xb4$e}wRtz^g*)La*$-nO1gRJ!Ghgo^sttdDTQ45^@%c4=P?GuY_AF
zSqVy~Wayf8lyi+htxR>WwbX4VL(Xg=G**{+MeTG&;V`{Qx)O5YqRI*Bk;*E1wcqV*
zlpyZ}vU{xXviw=I+!Gv?#aS%wv;7&nRp7pUxK<TbriI_OT?Ibs_~{qbV0zRKcM-V0
z+T~6B`L%6ItLs{e!z%i`3!s%q)fJHXx9V69Mwwaq?)f1ct9vYjg>%~xU|?PA+e|l`
z6T#tFD<jxnv0v-gu@p>2|E_QSw`%<neNOO8{U^%Zt)kGZkaJjW9p{AH?Ta{jYH_$h
zPNy^YuD>&1?skWqyU%10^UsB%-|BR~g<fgIl(MKg*PG_$XEBbw_Sj-?o_9KW%iN>l
zf308KKLQ^LtB<_mZf|DAq41umqIbD&Ja)l+Gg?~z8aih_M(IOaSs-24+7?&QjPooI
z)v1+qtw#E?*TQ-;j$=Z8w6=a>U3(&cH_o?!qZ_;c;PW;XKvl?8j@75OGfgz<;p~vR
zbDVf{X1|*lLENcYd(*SCt(DhA_xdENqJOzSnm(_+a(aq;exT(2Z~+HQ@jr&n?_lMj
zhekd9Lug+Hs&uK#gB@$>I`x$Eu0XB)W%(b08~6v%4LjP1AOKHGy<B$^GD257Lq+d%
zAyAMv3;b@Umbe#%R4b27+(v{Bis5Uld)LibFQG2;7noxLe-!aOQA9iBSUoS)7hk1^
zOh7_AF|;}Qzv9hvCST0lR;~su{qb%P!jy;~Z+j^RT%%QOZ{n`+!uZmNqq_2K1^*cD
zQh}+{yLGs7Du~-V7my*?zk%*`W;Yf&*q?`c1+MFdlP+g=k{`|#IO2z^2%PMP>j)fp
z3OY~Vn4jHV;B-ISRp2ZA@G^m0s`(xp`ko0e#`n9?dwwjzsLjz$yl(DYrBq?{Rux_K
zEZw5ze?+*sop|0$cdXcRT;Fs2U5~ng?I{o4j&*1HQ<W*S=Dw2ZTqtl&XP|pGT<)s-
z8`UC#DI!ejMAv%U^w2Y1+}-^Tji+2%RsCmZN?1?DIzAP>qq|i*t}9ko&JLkfbbgV$
zgJI{Y9!#1Y=!N$R9vIM7>&f(P{-oy#9QVVw2%O=E#|RuK6`u$kC|X~*uy63PPhgsu
zi>FX0;ruMnwdzuDu`20h?EtH0s%V|uggcA}?2aBcCWM?zgufu{F9!J@UMNjD1I69g
z-}F!S&>S=$(f+*?@!?U}nIMGafr^;bhk2>~XqyX6g(8OeDC@4~H|ixqtLcZY5jay_
z;<d?mk5JOdR-FdUF!8DHV)H`I!vf9=`E_g9*Pk@&uI#G<(aT+0R5xj^FYKb6b^<*Z
zXz4ojV~G)exAcj?re>he`PFsfK@{Coq`yazI7YK7dZ7o3qjX#>K@NodGoUZKyqK<c
zj*1?3-KMxW&x;%5Z{G~;jRQPU!i0mw9dQQB-I@MA{FOj}d&P}|Vtvn2t*>Ok{yDU0
zH-WJ?TeoeCC0WYpC{St0-$|tnWC?RZ%KMVQ%~8i$A`J9aawS^C#9gZEd%C-*>zkM=
zsp0Pxmq|1sr%3J|3ncb}L9FV<{uGQ8_{G4a>-wvhz9+0M_m=0&2QyB_NvWi(*U}Bn
zQqfs1$~AwT*NvK9L)>cu_Ipck*w2?UeXikHI{B5IEAT%dRmY>0Gxb`guM0VChVX4+
z;34i4!7-NCsVLV2@@zVk#@vSUp7>7=IhTu9C%;b91Wr>F(tToEC~#G0t=y&h!@VqU
zBY#@H6?kdDB==v(icJsTvFjO!seH5J3lg}`gbi+B{xFs0od$aJMuxS*4Ayljdh%xL
z#uHQ~J=`}uOXo}t;WV@5n60UNoAr+A<m>(JI(2nJOeBqVDYbPYRI%t97f96=>*xlJ
zbkmDfblqK65++`T>Ra+v^rm4Jit5T&>FaO9EK|OPmWHs8`e}$eFv>z`Zdxg4o+Rv0
z*l{E=Sx#fQyTG|#?y5QW%3Wc|NxF$;tgPy^yqj-VRdRNY<y$->`HIsO_cJ~t<m`~!
zU~Rg498)qB{knx=qQJwQgL2o?Pq=72hYLHG$Xx~1%PXOez~h}#xl3|uf4cLfV2Kvt
zw0Hgj_^l1(FE~F6JS$N5@+Yv0fdR=ffwTMx+9L2ESIfYoeDwlrDPOT|B5*MFje=MA
zr(v7Gfno300-x(=r%&WKukypU2z-SfUN3M*KU^+wLv@QMgQB-gX4y10PRi70q7JQ^
zVxbmTsDPR1=#MVaL64gZpxFbKQeQXE))#bAPL)XveX5<Cggz~-ZuZ7i_Mi=gxp@pz
ze|Oz9E3DId{0FLvDb4_^MgxpzCEyDor^7=mv%P;re6PTitXPsxt*9$wYHPHhHJw7a
z3*_zsfou52A<lCGr#i2?ckkLef6w)qz^g;feN$Pr(f*A1Q{aeN?J<s9-r~+7AtZY+
zFwGS|4dyr}B}5(9H&M&dTrANSCnP6)Pj{E#1!f!0oW@BDOrl*OaNwn@RX*el7ecBt
zUhe9ub>8;;Wr1nDmV`0)+0$*2Nzs`#RrD#>jTvA}=iD~K`p0y&k$(3%ZB=x=>#uaU
zS-_p9D^=As@N!_{Oe@7P@0mXjxLeM${&---OQ{E4capABMMbxH+>ILPX4$%3j*8ws
z+lE5Nk*DvvTaTHBx-)#Pg_TaPqHADg<PjH&Vtas!KH<6>>%ODC?kc+PEtrOK{o}gV
zmC9KrR;%v3BzGalTC$hph|PL9{p7B<W9|5B#F-<B9pgBXj7+D7+@XJQv5VyHrDXqD
zzVKn29=v*NqMR|}zQW%=za{V!f%f^vc^tf&ItS&%?RpYr=6)fRpt8?ruH%;JN@|QJ
zRP-((*y8iA$6cX1GH!v@Rp~S|2$zVzcP`~p!J0Z&+U$^H1x*h*R>qD%LIy7s<^1Ws
zLEr}i^nHS#tIqPKAny^YA=<<wyp_{c@d$o~pu_x4$qa!5wew+t12Z#A1a9b8@C||Y
z1r%Jfh&5@b=-17dPXrD*rE=$}@g72Sm%!$^6YrgW_qcTm&9PR&F501w+H@xA=2-F4
zbg^~Ebarcf!3Db0rOMgqMrNgsa<e|<^bi@-w7<C?@EFT#<lHZJac7F$b@4xpO<ZE5
z#Yi6yW0l2ynRB(=-QhR+djiM&m0+7k4!s1o?!Zg%?>w|9-V<4ORlkj4PIE<^za>Ch
ze{?M#PpC~3Jk}j}HGhdqi_)X5bFsJsuSjn4(CF>#_2Ta5k93nugRLO#MRA|$x6tPT
zH}%6OT-dj+r14UJO02tzzmRqi8XhBjj|J}v9+*J-*oA$O?Fd9>-GRBv--LFpKdx@e
zSk*vWy-yDha$(=}(~Sa~35hg(&l5|-1nTOKZneO*{kia-M*vOhSa%gQ6lKO%)99Zr
z4bxnB6V$56+8ON%TEcFw8(mrw-Xyth_Rn|S#^3oy<gEx~K!Nbi@hks=z|H*dZh_nS
z;VR2nxxgc8KY=s+78oipnUI#mSa)EIeZL#pS7K(K9$w<YzIACYdE&}IPruuB^P-xc
zTsJSOSu5^d&T+Zx;8(uQ6E+`USJXA@4%FQ49vZbL)*Wb1uJzE!6xJOu#b}`ghHEQa
zm~^s5$N5a)+HO-DRX#$w5Yjz_CSD0Ag>b8L^OKz1dz~`5J04bahOdn+I{7JUkh8G}
z^EnKV7Q09~c46SHz8g)*xmx`GNc7n4{K|D*$?}>xBjhe%+J^<E3E(JJKu#5RRey`K
zRN$q7w;>&#VflCY$Ng&rZs+_ccSuSDZ$fK4XA_F%vz>D0u4VVn{x?+4Xv=fP%3ai%
zAa^x<Z>XaE)>)CL!+3x~30Ne|*3LG$+o9DIuO3sLw}CQsEewely6z-h1JkO}buM66
zheQv)V8e9QZ%5w4<n-|M7C|M%e8{67H`d!Y^+iZ)XQ1584UAIuZD0vK{B6Pc8yQaZ
zXUD|?V;JRY(zgmujR92@>(2DAxa$03LS6qNhp$Ay+(5&2yMzeLi$5T6pdv2!%181a
z5qIG2;JX4(4@^&%zQpQn3cNa~@Jd4M5ayy&#a-KPoTdUF4$N*o_L>d8EQId_?+fXp
zp&z0+_~g+T4mw#IQ_=aGEQ3Y}x+cz0c8XqQY)f37?=3iQZn4})L)Zg5IgF1<oQU8s
z$fvb_5hr6|IP*F)Hpcu*PI|s+Ln@t$Ry5&G)m6{~A{KLnoXWy{F_6vn3(q#2tvgd4
zMo70Yv7h`T8a=4p_qL5VrrUSIgPzCz6gIwNpUZ}jrq52P=tHhw)EvR@M?S`({8-)Q
za$<TcY!yA?0;nr^^=LoEN(w~Klj0H9ejC;3gtw9Q!>875KjUeFU@AA`-Gt8RSQ3Nb
zzx@{T*D=R_E&B1mOQ7xVaj44v+GM}2IYy22+G)~O8%J0t;W2ut>&7ZJJP<E;-FT);
z*XQ*457asbvzzaGq+m2_KP34~$g!W;4D^2Xn|hSiq$<j>AN1?*Z^M^};K6Rm2=qWl
zgm96E;Oph>_w~;AJsCuMerPq`6w>eDBV)?3pS?S-m9G!8AFFBR*l*w5<Jj-F?Fc+}
z9{$pb#kzDn%p^W2fl`3MSK=cmn6-eR>{kgoI`+E-7drNH1LGb05r&^aj{P{svWR29
zit}J#%E})9f49GDu;-+crK4C%)LS|B;Q7L^V~@}8=U>=$=XW+8F<KW`w>jRo2{hhc
zuIzE$fw?Vv)OFw;qdl_ve7}&fWgK0gDBHuI{qMu0Dc>iQ!^+Y$thTWSKL?+!?Qz78
zzpt>T2$M~yudwb+|C*w8du&9Nbk&(5?1z03V}%QTv1m+J*odm{1?t?1&21POM<aVJ
z3(G2ZhV&0O@6L}7AA>z8(?WU%w%y??a33I0&tGkzR=UmG06eEH>X8d+#aBrP$15HP
z;Who@B)mZuQ_PGw_5{0A6&-up@uUiVGv9cS#RuNl*yAG#0&iea4ly0`yuK=B4`m2+
z<Ms@O!0^eQPJm@?J}K|~&C)BWzTO7up2OAzHFS;VLYQ}^S1;%OW6^rL9=_0rb{c!K
zj)wF}oQZ|Q-5v?+Z8(rbId<><^HKkptLTUofE>q*JG<`~{jX0eyY=>Ff4^$Cx=srF
z#U{4U#r2uzDaY<BeN+3}F}w4vr!(^eD{_%PUb{Oj-QQm}K55l<bS2FHdEG5<QI6fs
zrLkC-nI8r+%Wmmv=1-8_N%b1$T>r0&ytMlBRM4MJ%{(1WD|E5LOl4K!Z8Q;)Jq&nA
zRaJ!>Xbmjg^Hqo+;+IWi1c!y0YpdX;#~9hq;#33Bh+lxECUjYTo^htCBc1CS-2NFZ
z{OqbM0LO!y3okN^oLs@J9Dt1Ph!|ckiMOxddBUf$5M5teerZkP-eCSJRTaTW&m!Sx
z3jVC%`5!VrU*zu<yd=P%jONMM^8@BzX40wD>w=dF-!5~y3O6R+n`@XDvqk<lf|m>5
zo_ab4C)X0c<ZLFk7XBB4t7;5b`6JNB62I_zmVc@6{}wz$_@bs-0K*#n1#c-Ht)T$n
z<!^DiZW8<C3tqO3ahfin>luq*n_}E|(+f9Te+pjuHuGzXqRnw6E6Fc7lW`=+T(1aT
z+>RBekCW4t4Y9;8YtQ&HhSjrzmkPgv;0;shCRLr$rLG|S(-t_%$*s<EY`%Xfc-AMZ
zPge<5IgR=G!ngWt6ueMyv&Rx)2BkAUrwz;hN94RGcv)|@k4^8{M&VR7Freo}z>WPy
zzAeuO1kbL)^1F%rCo`Cz_e4d5SpK(y=X}cP8Ylc3pc(s%9LwJ(c!}We3I7oo%GiG>
zm#bSjdUa6n{4s19TOQ6vi*4*I<=on{ohcWoYG@$6-GLLouqF$(<+(8$1j6&K<9NRl
zeU=DbB>dTePp``SoE@CrJ4DZSfKz#x8i;q7@Uv?%k*%lH`$&$_UvOFmO4sJ<qK}m4
z>lju?1kV?KZ>dKYLT!>$dIrnS5`7*Nyr2aG)r4PW`BF|yF-9DhndGFZ6#@OP0#5SF
zYqOjuMW3gHzdgWzS@=bDn7?26(ON7gha)oUZpiBy;AFS5fSlKbUnmK>LG({I8+)Mj
zWpyc_d({O_da8OH?@azt!-d}@z<)sag$<ZET`J5D;olPA?-PDjGv;rXm@hz&OY!D4
zH3m_81gAMK!i#_97Q@!ZB$LsY&gkmb{|w+p|K=?JYLPQc@WS&MxA|2navB8W{3!f9
zkz?a+i$x$LKVNVy_M8oz?4J{mvt0070{8}zQzZR`ZQm+pvHT)w-<}Zty9-|YCEMp>
z!5<R5-~vw96v3k~3+b67{fn*FXVfD?s+tnerzLP>w^l4?pU9adcy=mVptInE>NCF}
z#x>E}^C#dW|M!6We}rEy@_&l3paBh7PVqUME;~MXLGbbxjBh|cO;^>1qNnsDD;ZWZ
z1<$U*dX5)7+KBn3eHb4k_%z_8XKFWp`B@_TGU>pF3IDj@MX&M5XOZByH)i=|Wvr)d
zmtF!+^1BD*e<1u^DTi%D&RI=ZPEnwI&Jes<@JYfy2%O~K5|AG|i{<1uV}1Hc`Mei6
z@uvj%Glieimh+u^J*AEbo-6nY3XW?S2BuU_O1@zE-56GD1kaUtZF#QQj0mY}Z6Mwj
zf^QArIlxJNndGnSmtPV7PXYc%!q51a^@&S*o#q^`zTBU`HGz}-j1HXM$)f)v!HWdH
zOYrI~gx`_*HeE{u&lcQ{hqnoyD>#j_>1uH{%PBmJ4hYv~^H-^{g6BtBzQwl-UT`7f
zgN1)iOR<mOR-c)I7u3bT3|DihU#|(SI<cIeL{5WjmXmb}<M&AYng^WnD<fdHmBKF<
zIW;9+6<V>JqRUv$xiTOaFL?eSbd<QPolgKK`B?$^8RxK^jEh)~wdZ|;X9w^-g69gJ
zMq+XGJ(uO=1@IEV^9BEt>8izfbd##i3+R&roXSc5#jMX-;Xf;Q*;#Do<6?*J1us4s
zH_TmvpW9mG+|G8u?pAY+5IpNn#__yuu9pQ@`HXjBSfyj&NBR_WPcle`$Qdqpc{!J>
zJ;Hxg@Z7suPO<RgXmChQ?lcBQ2>%knOYtt4u1f{a7d#tl@aUQ%_>+Pce8w4`BltJK
z$(~&U_B<f`vhLLk^8m)3bluaI^(ndr13X+NIDU5kCpq&2a`p+otUDWQ4bgC2*pB7o
zrLug^1*N76UfO{3D@E+QPVmAW4D3r`IjX(r(}V3cOZe>t&k(zrVuK*J1E=Tlsq#E-
z<6S2F{B|6#&6n^6%<sA$9TqOjZ(#5$Dx=tscN07w!0!T1`IvR6rjav8@;A8y<Hdh7
z-cInR1uqTc`|pBh$2g&97->q?>Bw@*+Hp;sF8CdSm-ne<kXeGi2b}V2Zy>+E5`MuT
zmS2yHuWEjw=zlibdA-OPBX~(qmj9~g|DE84xr|>e`I3hULUt&OupF7rP-}rxz7z!V
z<)HA3FiTBWy2RTqhvnpya(a6T{swSLSHTr^1>v9VIm|D<o)x(|mGLGQi9VX~uO-wZ
zi|28^jFR^GL%}nK`tiyavz+o6*XvoFY;~>0zhk_j$bVk&jJ7Q2bHVSwgl;gO6VQJS
zaI#y*FxGQ}@KaFn2`?2qMfB_{cv-48%(_o;fM*5Io6aTK_DBB+p7Axe4_Mb_uCqI{
z{OpmOUv&h(OYr>VjJJ_^pBKDn4C7`P07-uVr*v)aUf0OAf1+Jje%WwN*YEtJIs+&E
zzXAS0;g^nL;&11&q}hUJx36q~2N_oDfrnJ4x+T`oAbEn92|s5yCuox3tuDjiV5)+u
zF6qn?{2}1R&cAVcWrmCJ+aq}H25vXHO1R9f%vWm|mu^h;xA--z=UbBANrIP*Wckkt
zzE$wNjojd2S-ZKKVjxHQ<c#Eo`6JQu9>L3B;e5B{`E9`qCvw4WwuS>76TGAf>uJYh
z*Idr>i)(YdH%Yn{30}IE`F~5icU>XrO=mt%JTlix!ONw=yWe5_AaJVhtE64!+M!gF
z?u_3ecn;H5Kj4(!lJ8issV4ASDtJCtNYM3>`K#0s!E^A6gRZKg&jmeLPU-Wkf2!E?
zLBUI;{8SSDpMn?9WMG8IKL-sC>60t{uf<0RUbK<r&k_C>!E+X|oGiir61?mJE)U!q
z;4#0K$Y04V#v@S<uw3v$(O-(cisv%FEX?V(_UtQomgM_g67PD8FJnF7G*{!^B4<70
zcL;u$;3a3Ud{IXg^kII+9@acv_`eHY{s+q`7W~4#%rAM0(=}1>8G`3Zxf(9`KNfGy
z@@>3p`mvnsiZR0+E&TNUjF&#k@s1RHy5Kn@Dj9@BDfQwY=9fJY_u<E`VZ8W9meYxU
zRPSqvmZ}=`sB8H4&rsl|e6HpKW$my=@KV9=ZO-}sDR3(P@j!nU8^X8>;1>WV`Na{I
zZ|n5}!E@hWdma)4RnHUtY_4!$N&B29cu{M%=k2VH+H3J$Or-HNT|=&8IeB9LpM?LW
z;KhG&NxNR~zXdNJ#N|0j;;nl<%PDKXco(U6Jq0h=#fpy>e1_nKt+;>R&+4dMmVX}O
zgCxDt8(4mB5!>Mb;dd0gbO^_Lm1O*jf)~<+Ij)NZ|6A~kHjEDxeOeD?`9*mg?@^JT
zFL=fcj9(~r_(1TSP8_cc<J7-`7j9!>RQNq^6g#))cx^jeEO>T=<>w3kJHd-?XZiGA
zhprkov7C}D&fiM~pCWka7PgPgua^Zcc!}{fQI?Z&Gs`Lah5MsEBB!_Dr7v?k@Ho>|
zf#7*Fctm0C_M*kVWjT$+o<9nnE&b^uA}8|}j<<LZ^DW+4@S=y=KFvg*Rf1>iV8uHM
z{)gZ><t*o3iMQ6REI(^I^M4lpOu@^)W8Ah^dj&6ko8_454_#Z_#&QY|GG0&gA1rvu
zUyQ#g_)Ni7m<yVn$9~=74l7ua!~s%nXZa<aI3HyiS`84q>>|doYtmfH1ux#s`qvZu
zGr_ZlFyH2TG8%SjPjD=@32*z&p@J7)#`+HvIm-kuZotod*F`wqgM#NzWB${Ex44t#
z=Qm^iTblU=g6Cv29%;<@mx8OWSkL<zR+Z6VQ9C(M#seZo^#M-$mtzwjU7MuAog@6*
z!1LO>!Y{*diF9#oQW#H*o_o0-4VLtF15WWC3CNi!c%I-wSDS&;xN(<}u9WS6RX)ov
z?91|(ivJM7OFn0P&K7*J;MvKnVI|HU^{L=RxhaPEj__0OX8C1*a*W#qA0&ABSFE8O
zzpWNL?;FNH6MhICF4;4SUbx`0{Yy{5b7a1Bp758AV1C{=tmpS)h~pNg7hbrUNqJ~K
zlKG_%B^&&C^H-_af@gfh0&)c3DtOjsTuzz_-e#1@*}?YYSd_{WJi8~`=LO+ECV26B
zW?m}ze!=tp;rb%gKy@0;^0WJ~e48(01<$>{mXUCw$oW$6tYd7q+a<p$-@|gs0`KcD
z6TEa3>)BW2ydrqc*IXWU3w}uOaw#WvT-tIB%g>eh_D6(2U-05T*`D16|3L7<Wz`IV
zVUM|z?`1jVg8y(P<Gln|f3cjN!hb;U!ZMaqoz15<37&s|`Mrhzm*81VI3JrxdFVA(
z;+5z3a<SW5!Hce9zGiVMe4p5}kmKzlc%I<-(mtOj@xEdCo0)Ilb7i7op>kf5#_e!{
z@RtgnzlZa2rr^#v=9f0-d_i`bD_?MRo4*`hH=g-9G9Ketlv-(Vd0&<(a^9K1{PKIa
zJlOJFy@2uDE7=Z~|B&E$Qa&yJq{Sl~V+E0)JCWt&$#}`ic}(!47F7(ht?;j&#Qg03
zoL;sbJSU5ueHpiMo)^3{fRCBN{IVxm!&H%<`GDy2E~l%7-~$9N6MZcHjNqk>INsL6
zAM_y0Dd@-elY*<MjAzgbTwDlluJ@-go;{lFyh!ja(;3f_^%WZgKO}hJpR8vC!57b9
ze(rDnd?`SIp>kDJ&iK#5zkL?th0<<3B=}~*%dTgB9l?9eW`4;VtbcvMe-=Dr4C`<0
z-+B)7GsF(p34f2^1@fH5rBtbYh0HJ8&GH9Jy_+|e@!Ua-zbJC9dRXKiVEmxq<L8N-
zqg-D)S^j*+3uN9eD)>i&tM6G(AHka~6#4Rg%I4!T!AqNPdTn{G_6YN{Th}lWY(0Hm
z@O-H+D1PQ@iHxRvQ3Kh|?+JcX@KV8LdQnY!RQPA{K<rxKS6<9`?!A8d&lJ2=@&(O~
zx$++qJq3r;Tzdsq9XLns6ukEm=I2X(+4@o@cy6FR-u^iAi%zl~tUaeJWjw1Q+u4?r
z)yo*qllReANW6CyF<!ij`PTj`mNT9&=|yoh*Evs!oRMq?6f<)z0#47xB|YmhAb+0`
ze*UH0?_UvOk6#2YU(fmv)QoqA0%jc2hH?8I<Z;1E9!6f`La{X0F~Li3W&Q|}KV=2W
zDV23rw)}4qyyP0@-z)s{o??D+9^>mo{%XN<UuJx(=;^Fve(os78;hLF1TT_tEQ*J@
zCJCM$V*XmeKM*`;jbDC~r&)gf39et3pD%dUn|}Vsf|rT>mqdQmRV*iC9rM2w{YMI(
zuNb%dO@bG%V7yHDHCKzAQ>;(1$iH6jtT~)7cAT(T@bV8?&awyxIAaaV$vVk$eiu1I
z1<$C*<*>cPdqnW^cUjI!!3R9Ua!N!Wn_o)>&)V$g|0{U@<6N)bmw0c3VX3?owr74^
z^n6Y5qK=H)_wr{w%lvG~uT+uqk>G`^na_W*zV12Z=U?f^-x0h}a9dA1At9tsvB<$N
z)m#&d!BbU}yt;z$&%?lpUw(+~`H}d3C%BUK`76PjKhON4FzfTZ;KKyZm2voH!QU6W
zP}VPDL9)40USK(e)45*Tct;3czOb6%&F5mFezN@f+zy{1at5tuIi>e9e~-lbmf#r=
z`0*ASn4d56TJ42D4>+|yh1dJ-vr_n33o9Dtu`mZX0Gyuhn#eqxsH56#WcgW-GXFR6
zC;(3UtiZh72ZCn@@c4@?C-*UyGgjnWBzTUr&$fS@3!LN+mgh<-=Bh;aB{=AnuB}o&
zPY7O!<2>owXZ~Ux0V*<;hk^x+PZqpL@C>m7*8-)!08Y=XwmwUCsk2^Y96#o=_8A9&
z<mdfX+2Cj{%(YPPvLzgEy5J`SFK)m!rJLZHudtkQ;a@EHP{B(DxB4stPWjvXj=I9+
zpBIFm{SsTOtN3mayg+aaSIqUX;8`y--^$--`RP>*k5hs7R#v|7pBF>aewFplsL6a=
zUv3vXTjnJ!{*K_q_r;8SI}dY2@KWp?qw8(+SE<ggvHYUf80Sz*HQvN{vEUdUnCmvd
zb2l+RNA!Hw@;5Wie=+Z26iZe22kcoNIOT7l@Hv;2nkIOO;3$6P`c&}ptz4476THUj
zET^P1w-4E(PanYxXdyQ)R6}zu7Ci4gmNP~8KM0<)h50t#rdveMGdZVz75;F+Rf(Vf
zso*66JiCPD6ujZ*&k;PoJL`jLVy>Nn=U|ruT~?p--(WdPCb}%XK=2a5W!a@VB6#^b
zEN8TlhIx!P=_Xap4CKp5;FK@<?=t^k;cv3|<!tBuf=AwBe#U#u$GLsxx<YXE0pkV2
zpC@>M;M)cNTJYQ)mR}-vuKqU5&%*)UbP25P6g*#WD`&UhxgRmVz=Tq&;X5p+RPb?v
z-zj+RHs)J78wJn)m~k6#^1Cc2M{vs@D|pr?emQRnu1fuQG9D1f&Se3-kKiSrGJk{U
zxmfUm&;0lgg6Dkh$D3|t`D#1kR{t9X&k)>}=XV7!t;+U4A^CX9%E88Fy7r2ouJ5z_
z@|}#^ZKX>s{;l8@I01(&{s-fw(r|bCfaR3@%Xopq{AGgYXs#Duik!a%&#KJ$D}rDC
zq1dxN<1nqciY(rY@opK69~L~j1LN%kzXAgc(=JWqg!W{*nkaZq0DnpF>;mR<D~);C
zZ7e6d2g{!za%Kx&Ech_N{}4Q@C-ct}J2d;4<rIx)d|oFGaGT)8{Ta`ae0f9gJi$AQ
z{Pv&F4c1!*>U&SY<9F5-CjVRyoa|6KfaRlln(J-Bi>_qc_6wJmGQa!{#_jrnS%T*b
zWc<@KmXrP|^NVj{{92JeR`C4unP~Cvfs_7~1A6`~{49}kx5&BsGqIcC5y9UVJmY4L
z*Vf-wpNsy2PZj=4z(bhD&kC%w`a}2yx3HWp!XF8N#%_Y!cn=F+Cb+HF7k(jn-pX=p
zf3#Te?AsZ)?QnR9$QK;d(_B-5lb%fidTtSZ(H$&jjPSecWI0)PGJc+vpXUY7Y0Tp&
z6iaiR1WxuJ9I$`pE|!yb7t48)>FR!qU%~B(T^I3|;2Fc1kK$pjE52m?vjh510&dz#
z;Xf$+l&=`i&u2N$3qDft?7JBsCHQf{iv@2Z_~fryPPyPVzjg?&hO-=7PC9)f`Ur0O
zk#_~p8^L^A9(wL(ezD+I{z}111h;Z3e#`uvku1mJiv=$cytnAz;5+7Ljbi>4{G;*&
zFMgeYYb1Z45Ilb@<I6=(tW4zG$9Pl0?-V>&@bd)UD0rdZ=!VR7Lhyp_obUEM^`+ml
z{Ji^FzOAQE30@}nK9Q651M^GAG2gZWBLvTu_HdZ+cL-iC^T249%~k(LDpyrie&D%j
zFmNhYS<<1kk?v}R;02Ai{BIUHe+ph$!um`WeDqH&C*xzrZ;*cTh{c6(%R`r+#SVg>
zC32<;o+a()+k$^)@ef&kYKT1=?V)rftHK9s8=#%=vw@rTXJRFTNV3#pf|msL%e4H3
z`MFX~teqbdJV$Vj9pk9IBsNv$2ik#lf~O9vE1K|655XG*@auq+p1B2_AVWit)q<D5
z%`w{f(n=^8#4mZ5@x>BLf#9X@Gk%HSTP?o_mqRo==1TvS<z#)p{NDv1Ab5t@IWG88
z!OI_IIq72mlUB|Q2INPz|BdBmf5h^khPf6Cp0&-79|KPIJTG9MbSOsYEhuHaZQpJe
zJm*u!FA#m!3tsXW;}tntbx80s!EL&Z|H1Oh1<w@z(fy2Pe9m%e3jX&2#*2Eg9VSQE
z<AQRLBjX}lUls_SEpkvj&9znV+?_1n@~iww-dG<Vu)|rv$qpH^Zs$4{qoxU-e;ezw
zR_t&}<O~hSsq`1iQL^q-h9T;H;1q9RfL|#5@^4tr!4mHt!E<H(gOzjPL6)B<_(j5>
zFL>FvEGJ3y+%9-g8RHm^nyddImQy^5iT4P;Oz`Z<jE@j}pWyl5vz#2kFZ)~M2);q^
zIfCc^z<gx4xlRh6_ao!BoOC(Na?0nkowo~rh2Z(Zw|L|q=I8#za%{ZU3!d>a;{(MG
z`vuScjd4ftI!9Pe{vO81N_p!pc=<lYCkTI>;03=k{<z?41kY|!*=Sx-<a{Q0)_&#>
zk#to&%JCKm{+Zx?1kXFbe4K)4uJwW!OTO50vQO~xgUpYKoG!;$zB<Hs6X`Ez3!Z(L
z@rI)Ro4~368WZTh{t<ruQRa7&2s#~S`NgLgZzgi430{U-IJ)e*<Ie@pmi4YvMb8HR
zvYhNDY&WUiYJ}i9Wfcu`q456%PW7lLP>-S~82>4N*8ooSI$z!+PZm4eBDjjNo_4={
zvEVsz#y3koUV2jWoXQEsu+3ac1y`~^@od49Pcgqha9fXN0Vn-+eqCYm&vL=L2Jnp{
zN6GvB5(#x9a?7+=GLX0WYynR4`vv5DF8rKyPS-fGLwbni<TuJNl5Ic!c9`W14anIA
zoZ>CXU^)4s&pBAwKzOmNUzKfa>O0`1PeDM=LE)EIVmaq?F;WA}0>V_aB*4E7xREdW
zD}R=Fw+UWUljS^7lRdIy%va|#zN-e~^90Z9&G;Rp9<IZJ=eA~iCBy0tG!ztXVJ_o#
zy!58vWxf3T>^P^lG@$>bz)4Ql0OnT_Lq93}BX`%882RTV!7C5<;~$Eg?7l3=?pLj6
z8hq?09pUGnFL;vxemQWX&j-~^gkMVRw<fdxmj?Lb1ivMK&lP-R0DlTN$<L7ms&;%5
zNn!a@0{m)%mj>`=z)4Q_)tufxr9RHK_z=c7ivH<l;F_w+19IvCCpqQ9H`NVc9<X>G
z%XwDn#a_XSZeaXLkv}?(^{+nCZ|CX2Nq+87KVPLYKPSMi44nAtM&?WLR3n5xIKY2M
z_*ufY`u}S2n^=y0uQ#v)$2%q<=MLZ$Z^6yXxBbo`!Sf!XaEW~fJu{e}cMJ1JiycY?
zFB7~82UAy8WPZkN%)d$S-GUcB$bfy`Z<9&xRJACe=M}(>p0~4{p(5u~;jaqte-?iE
z9n61G__tSLIb~PyNTa#r@85!#Jix?{Bwf8Kvpz2e<lg|C^eMiJ<tK@peS(+dGd@7#
z9ae?;IoEK!uL%ARa7yp4fcz9pT#)>%;VehCxvIH>mkwk(LnYoC<{${{a}UUA0i5LI
zjbu5Nzh3at(TsPMdej9Sw25~t<L8PUlFSBM>{klNKNC3dbB`w(<|#?n(}L$L<O#*A
zME-HX^F;m_k$*`omQyA;ru)oQD0tR5*5?bscMGn@`|+lD@k;uX3I3Jv?-9Iw3M**y
z_fx@3Ca|0zCvt$=XR@4PIf8VK^hb9IUX;n>Qq$Za$WFmC<ox})(w^6^&2q|DvmMTr
z{JLB4oU1t>{}j6&6}&iu`C)#{R_*JEKKF3EGEJb?2%g)9`PWH$Q?i&}cn$Myz3wM?
zR!ipB6@7{XFR7SfB-9c)s;=l?iRD}+cx%CPD>L3y@LL2g5WJD#O9U_cx4J>>xc#8u
z#lr6={KoY--jWk+pI-$ZDtPW9E^pV1onHY?^Ag#GY%q=m^9J=<PVR%uA188#310Ll
z+u>49wki?4IGxiqOY)^b1C~=Pb~s1mTq$@?2J?rAJy#2!dxGPgE&Stxm!&ZOHNkr{
zWcdYcS)cRyM=cb*<Q29<$psvs%;KGxc$dhzxDm_A&S4ynIp!)BJO?M;()Fx7K!zF%
ze-`6)#16d#FBQ8@5j!jqJnMeuo8}Aheh|ET9OF_P)j8-0s6J*t;O9Rict%f7m+77$
zr{Y=6FQ<c{aGk1Ze$>r^=gK!3Wg1Iu5IpBfmLuJX>d;i;UCVZmZSZQk;3e0w{Cilu
z`q<)e=69C%s#P<VQz8XnsPKmho*@af<srE_^D{)wO5sltJV(B2@V4OJ3SM|CkGHQC
z{Nfg(zZ`yP^Y?X&OF79EextKR&$C&7E9WV}i$u<3;U~8gzUY6m;12<({^*QRbp_#{
z$Aq6#&UV`@zGr1Kf6RS;en-Iz19)%2*9Pz#1>YLL?-e|LzhC|=;8fqs7y9e_Zs1hj
zN|U&L$#yc;v=!rda_-y>qW?6(OD~apm-gffi_hTn_NQdxI_n&fGu4le61;3CmqR%&
zM3o9&vV{3-S&XWFF3ZX4%JDW6yocbqf`2ObGQmp*vz%hV)6Qc#WivS54+ZZoc=655
zzbunI9uYi4(rd@bdj&7Qf%%=K9c$B?<rm62b}^5dfQ|fQ=faCw{{o4(S$i%I%>((>
zN$`?!{(S5Uoa7Xxa(=}n-e&~Q?#ud26Z@YKJYUx1*>S>EW<nDCuLJV$61@6&f4q|f
zZxFy20ypiIq^pmlt9=Jf*QEh|Pr>g9;MWU2CV-C?d`bYHF8KTaz7)98ryJXOyR=J9
zJ2I|@aK2X&Jx2;&_Bq?_e&MeMPWAfbfc(wE&*;JO`(4C>;&_2V@#gJhIdUwW>H(bO
z{1lLLo$w1EW;wRs`P}037~f36aW(G5^2?-uyq&$(6v1<&TprdlU0s~R{M-dhwC&h4
zz)7Eyg1W-wpDn^K6TZ#In=fL1<%xd&eS&ug;By4;8o-|vyk7u+3AnMFtgprgIn0%G
zG2;b)ust`D8o0&+C;jgT$eAtt@)exk*;4Vo5`Jlbzu(H2apvttx>Bt!;dpZ{;CRh6
zHT=d4UeJ^kwDUzD0w;a4Ci(62ot5(<>vK6z&#6wAvV8Rw%by_SZ7Oh*(={MxiSV;G
zvK%{pZqk|M6n?<CoiAD@c<D!s*W_qanc(Ghx%@vx(c$XYh2<1|$;AJUuDcJHY6{pt
zzDp8HlR~AK(~DkI2FZzJN>X|oNhQgo5W-Lql1b5tFo=?3Qi#Gx6oo-ZilHLCFenwN
zK?vcu*4*Fq{H|Ho^UNR4<#X=twf5S3_Uw5%=eX<DyYW;YKgz8q9%jF|{PE|gr?6h*
z?x6n;JoTk~a!rl98IOib=TqKIJ>i|o*I|9`#G||9Kl6lt6Q2J<{v_kJ>#m+?RrNR4
zu)$<Jfxk!3R^xX4livF8BOkwn^R1rt1Sg%VeEGyOn)RitaeF)`w`kpFv;I$zPkH&5
z@r>sm;CnsaM1P{air28cO?znE&?DO3-|-Q6xV?M|k88_~+v|bog3{}OPCeC=_)-1O
z(=!cEohjd5UEBK=9^&^!P#@ImrJh(zjXRzE2s~h(ENAd$ALX;<%Dd~ap)orF^ZTqO
zm6fdX7~^)GLo-UZcPXB3EN{*Lq4Si_wU8%itKL^$XjeM!`^N3K8E@Q;c)vSK=d&9h
z>3QYz)ic%eBaPenhqr4z`*8mnipNgXe6F+q+}xJZllOX78@Ky$#F}FjB;TN)`ZHW#
zx#Ry9Je<?G%ejBOh^JP_>vCPu-dxBPkLTv{8#GGrY4HNDdJw;>bRD*l&+vMYdp-aD
z{>+EZ)Ar?g)62%~I(L~|+VcVVa38J16^z??fO=B+5p3^jJQE|2_cw1~71z11{1iNo
zNB3yE+<E@m3zd(bul&K}_u+|trTupdQa*oy-289xcF0BYXi9z)>p21sa~+aqyVm2O
zp^VG(xVr|cCrkb-@_UTibsO%j+W{9VpN^}?UFTejXYsS>*@Q<g)jBL>{znf{PvT;^
z`~7Bd=UgYBO3$l!c8c=L=&5pvdU6lx{8<mb!nmFPXm9?vk`Ldc`Mc}?9eCsx`JueN
zbWfaq@>`kDUgO37iZVoBstr{>JGOLvM&Wt<9RAgIJaV)0?tSEbm#Qa<pGJNop2T%_
zH7`>SQ$CG1A-@pM;REm=jobN8^5*{^`RMJM&lDRow~@oupPwNA8Lx4fdRBNnWybCO
zB9~PDbJYZQli%RwA19xo-yK&6UrrD1*5^j!cK*A(p1aBCCu&@GfBb`dwJBxHL|+cQ
zLjB=8m0!+xM;o{O4ZM5>`8;_y&tLK2F7>#1#z&|>gr{t+xvjx770Ta%Uw5U(ZRL$S
z(YRgD^kn7T`$4<NN4<P-mGVjY-8`?x)3}@G2IF>n`*}UP$Vd78U9RV(tLevEF#mCQ
zhUdRrZU^t<S)7N3;5R(yd6SWv&uDKx<@hwudm6Xv6MsnS^El_j3C8Wuo4j6Jb^9K=
zZfnV>KbE-XM`hQjC-J!6*Pg^bxE{~;)`j*d^t|i*AzgU#FdOu^Rz1<#>T&tH#RpvT
z`CD)Pt&H3Ghh}R2EA%CZ;{|?SP<`ezm!1t?&l1-&PX&XSXZ-}*g*Tz+c0B!*^6vL(
zd}7=l4^{3iqd{N3BOiNKdHehK?XAW2>QBBRpG*G(cw!;_c%>VZ55FM)hx2V`=ZodV
zhauBH9*-=Mr`W$A7`O9m<;`;w`Q-1)yXQe|MrqvW<$4^6FrP`zZ<Eir8)a@A@#Jsn
z880@!M?yUT{mu)<i}xdMK2^rZ7f&stL0{?`xBETdbuf4T8iI#CpNB_1|AGDuUjM)N
z4$lw2QR8OJpCPojDqJrO!Lv2x{5qasu5r6v`@Nnec%6Gox9cN%a;w!-$^LV5t9z5i
z&99NS!k@*X9pvY5T<yR!&E)R&v^U3UKIPuHpW#*RE1l2xc!lSG;WIox>}K_6Ja2^8
zxxci(opHM#Q@u3LYRrE!o{q`Q<#h4(7d_3rp2Kd@xPv`!WW0Es^i|JX)db`5Y<oS?
z{20&EGtTSTOFl!7yRKMztNIIrOMCi^!@Yd%+ceLV*Wb*zooBY6=IM^-Yw$dNFzYZ6
zkN4Gibt&_&G@fxUP|p{5TRhiaz7C&{r@O1iz0Q2_?V9IGZ=MZ}+j(XNl=jE))IhmA
zK3Cw$v(*0`<2FgEC(Q5LxemY6xV^t@_QrjbeD*^1cO<_G4+hC~wh4mp1oemTjpWDT
z1-ujfF&@3BwEsUmiM##_%!NnsxW!%n^LT>Sw_X1M6P1s})qf)64l-`Hcb~Vt*OE_>
zUq${s@^w>Xh`xM@H}U)@dg8oKbP4~eb@2h(d~VjucfzBdUw{wy{7U0?9dhM5{@wke
z^_|+Tl$Y;>FZTQb<F+S$i`M5Q`_Ij70UqE(#6hFG)W6#6X@@5sC|#d(@oAn9!RL8?
z1HQuZyYMOxmiEuY>v;YG9`^hlJmUH1#_c*JdB5gtwl^_Z+Z*-rlkkzA&%noez7VhQ
zJd1Dke4TMSpTaxZFN>K^g9^>3!9%6%5W&ZJ-o?1>$-Jwc`t&TobNEa6QB%mjUpj7o
zJmB%MA^8{a)Q8Hu>&B{gYo2wdmCm!iaXX*H2c`WN;`xu{u744p#$Erx_o%<Q*Wb{%
z?T@TfPn3B+fG0dZa4Or2^Y(afHJ<3I^XE>k-&W!U^6qt*Huq{i<=%Wc8@Ka`vp&t3
z&q6$he}x}@AM;tI`FF?1;sNXMApWg!dmiiJjr%+KF#F5B-xt4M`Iwg<jmJH&FmC4`
z`b6__kB=YY5!^j*s+&?iio3^)?syXK#QdMYbDsZZ+-_IGo6o@y$Wxv-G;Zga)*oOB
z-2L}P@)<9GH@?^N$MK#ImoY<qSww&F4@((xulsGsllBizncHE-{{}&W2Q{A*&gE6m
z4^QL&@r`?p+wC3ajXTHXe^Y;s{6_NAy!>wRi9eMuFrS7GX+DW(^}16Ef6cfZccIs_
zhJ5_5(w_a~b6!3)O+9-(Z(`i;muyvyJIuz+?L|C<&ld;v9#&7CN6HX=X^oHcypwU;
zpEQ5I+}^HIJopfg;GOUr9#MaV*K-%X(DRwbZGV){15Bo;+I01-_VNwz4W37g+nxgR
z=}pgE@_W7f5<E1$bR9mzTY3I9-qZ76@xh)SG(+<r>-o{f?K~rY=)89p^K9*$_cf;C
zBk^1Vt-pKz{<8CW@_n2?e{ekw<@_0#;DkptZsJ(EyB;2cXZU*u?mY7bp7s35nd-?O
zryh6RI0P@??&lYl;o%m_Ypa8x>@oF3are4Y3XkFLb<4eY5_gZYLuaWc?fEi1>v`ST
z%>Q`J$Msx|2mC(X`&j=qE`O5pOYLqox9X2GZd>^ktp7kfak_jY`M2<V2f174gP%}O
z0e9#B^YKXW@yGmrU=17GXWX7o7JJ9lljKw6dy@YW51pZLAHv(GHEsrfl=;uWL!Fg(
z&$HIy1>8OE95_ckk+YO{$HPT<6yM0WFXLf;A6F;*;3rv!uId@jdAK7U=_{YZJRij4
z1LPxlp=~9e?<eoZ`q!SzJp0R=;@ynf_p>T~JEl03NzCU7y!!9*FBtbndU6-3=X82b
zny3B{pXVGy&vZO7MERfaPw@i#s{>x|Ddt(cUI+sBb11jt89YipizhBq|6bOi{?qCS
zkCfj}{$@ObFXDB!EqLMv<@s|C!6naVebS4y4th3Z9tVuu^H_eg^6v3&6`mL)cb^kz
zHlO@NdGT`2%;|FDcKt(H^=F!EqVvfo?o{499V^}nc);&*eODaxdsh9a3guhlv+yjw
zik_`_{2t{`<9KWJoO;st$zA`wc;bHf&-AZ%o+{0^U!b1o19CT?33vi`>-G&EJgB_8
zpLSZPp4`LoUm16b^GD>}*sit4?RxItqxE!;BQ2iiI4{VrW_w2)xBD?XqqJu+`Mtj?
zKag>Q7u3^puiPE~os8R_1V0b!&a3nA6z<LsyYMuA7X3Y6R8R1j=5rw1^#-0>tQRJu
z<PXRwAL8#*xbte%`7HIkPX0RM_WZfRJAY0jpCex&zli)gFaJLI>}>V-WuE)-G@sLU
zpHG<nlE&TV^(?@v&nRO=eR<1xaXp_<|22HK{vvrE-^+qtYus*EU9aa3^0`;_zQY`P
zcHrS>)!!X&{j&Pg|H@CZwdR(=^K4fm#yxg1^Z8Hte&nBYK3{&4YJ!HZXr67od7g+@
zcz(8VyAGlH+VAV=sr;%u_JaD|>zq#;x9c#?>v^4g_(k%}^MEDlN%40^bX1$a4}}*p
z%0JAwj~KW8S+D;&e6{Cq;=!Y3H0aA`^haJ*e+A!dY%VbD_Ga;9Q+*?0+`ex$gPi;P
z`~vd%F*S<c>B{#Hd5!fk=L38DhV4BY&ws-Gi2ZmIUU*W^uns4`2v3fe=MT~VJMs8k
z@-Fl=d|l(_X2|Pn^MXEjJgRxNK1w~4@!$&i7X7ney>WXU3s2PNOx)v6o_uJYf?qJt
z&@zo1zqNX?*gal!HE!2!goX>6^K}9F*k(<zF57kFa^}z98CgYs44(W>`BwM`cmn6)
zH;BDKPdClez25SSaeMrPz2jjS`6%;Yvw}n3R8R66T^YLft=i+!JxaD=J|pqee$BHF
z-rz0ugy}gSe-zIREPcPSNmldhH?xeSzLXoc$7i9Tj-T`R?kjkDx5j-OkG!p(8D38p
zJoH#;|3JL0=Oc~Vaie?G-%W>0@Eo3Jdy98BGxk1ux_CX+-_d;Ho`;Rw{ut*04(H%n
zJkH;>agS@;U4EPG`~QEJt=7BhNs@QZ*Y3xI1GH`(i~lMJvUn7C`6E}TCyjR^KN2tC
z?)v-*JjWY%3&_`gPun}r+umlz?e-=Q)O=jeAUs}G{saf~$MmGUo^Qzqhn8+v?f2Cm
z#oc;diN|pFyx?s-Qe8c6dyo2ndE#!}y5U*e^*@g1aM%Ako~cpV-*ct<vo+<Lv^#^B
z@eIFTeFy8g7ccO5^fCF)AF3zK{lcAxAH?Hx^!U4-o-dtqyd96XT*bQW(=+9UoR==g
z!(q*{H{&kCvt{xld7e`BBlU#N*ZFWW`Rnimd3S#J2oK1sEeQ1cSk3cIZ@&*;&Gz<G
z{}J>*ffxG8hp=5ouCW30`5dpOrEz;4<{N9ox5&@J(@o^=ezz6R;%@#Ei#x)+AMN!|
zH*WhwP1UoT{y*^GIJvuSJo6Ls_|a_FSUkbsS&q>2G9GEB9(TQ0EvKFszKi_jc({-9
zH_|@`kMjG*?<ZgRQ`X1(J><6<x9eGLRvAfsxgU>uK9`;XJ@@duZ$BO^*75l_ZB0I7
z{;$YyV4fG?nFI9z?$&>saXX*E-nf5~PqrytpT29=pT>2x1i>Ne<QaSm<MuRe`zyTu
zIQdjW{qFB?&Nglz_m{CfJlzQjE<a0oH*TNx>YwHH4>N9$pYX}bH{kxY9FLwNU&K8B
z#)DJkd+{?qSN~G4|2%xP=a(6`;|A^3<9-hMO+0eCychF1sCXe{{+_1SbF^{WlRQKD
zmpGq{#?xoZ-SPhiJ^Q_$LpP`=O1>ZK`U#%Ff1tnlm)hQbv&%^8O9$h2KIvW>x59mQ
zqw)*Ad>!M(`Jb=+*KF@acyxgLQF@-l1N=06C!W4g`6!QTCz%tz?az}pPjia5Tb*C5
zyz5zk7x+6bE$AOsJi(fu-|^;u6TZRodyE&iYaIQITfh_N$@|lv+oJVp{&*RpFI(|$
zp6@em`wR5A$ITXB$s>Fq+C6UGj_2#?OdDf9zv5Byofy6Q*Xl{(?)maq<Mw{q&zsLw
z^6~!KF84g<8|O83g|Bx*g5b2gdd7M^z42+DUy9H7{6^#UJdkDH?s?M(#_jrK9@Bj0
z^8Mq!k;k`b0bao4c$oZ^_+u_VN<Hp;a`d<A$=)v4Su_Zq!xQA)<3f$^w7tu{`Ii|l
z?nnOK!DhxCM}FE9Wr)6{@YSBr!*_VT6c49MdsZ8_<L3B#CGPxi>Q;Fkf0@x=F>d#J
z)a&_>eEKG>Lnrdbn)S8&CB^@{^YdlK?YL?0{Jf&LKg`czdHoyksh;n`=X)M}um0c`
z&F6A=KEcB^^gQbvyE*3eFrG~+&!2S(w&4lxzdW1<neFNio3HjZtoUE^^Vh}yuO6)Q
z=JPxG>}~2loBXUDTF>fp$`F0Y;N_mLFmBf^G+sUKdg)(0g1<*w`A+qB@p^h1w><&J
zEk70zOvc0bbb40edE6bJ&3{n;NUy(xaoZoCVZR>)?)lCQ<mY+$yU3@w-?{DD<$5?y
z+<CaekLu6hy_n~dcrcrFX2ZV4Q!mRuA%DUy^~7*@-l)J6xO-h<k8ykaSDRZ#gT5T_
z6Wi;(Zh0-9#@+Mxg?O0PGY_NfM?B(ri{0vvdVU2S^L!p2=kF)F``yoY0@vO#=V9~u
zg56(9&+o)jxZ5vV@Qml}3hGI`rgeUo?V5^5UzfZ02iM_o+~tq|Sv`?u%DeX&<9L?i
z%Dw+G8;`%Ce2NWQi$@<7oXdP_{i6QDo66VY{BRDQB0rq`op|VN<;~OZ;%yn8e@AYH
zE8c!_zC!*L{VjggxY-ZnNASQL$HN=sv-tV4d3b21irw?9ukZkOkMH%&g{a++3A}-(
z6ZFKhU#Y(bJ_!$fEqC|RH(U>XDf!>=JnqKr@*C@kA5Z>aJe)7>ul>97N!%S*Q}Gn@
zA4tzTc$)k<tn+_(;T!eO$2<JNeCTOQ&jdXEo$`go`o>#$>L5L`KgIh0jYmTA2f3bX
zw@>}i!{p{LF5bo%x36a|zk;8e;{o*z^0_+7&tpFA{<QzlTt|85lXHz1?~g|){{;Du
z$Pf4OUy~0Xsr)hIyZ+5Q@e|mtTkzCsU9qeozt*^&Pr~cpPCn5<{WaL$`umw@L%Dl=
zjN>W%N7n6A<F<dX*T2o>H)uZY{onfk(BDY?O_}HI#%)jD>v@QLhP*jEinpr&swd!c
zP40F6dUyfXv)v#VYTWkc=9Q^{|Bk^6o=>4C#4iN8oc!N-<_Dee=HoT~Q~!Rirwp(D
zROz^<7`MkmsJYg`?XNrVyyu_bndj^{=I4$Ww}ojb9#;$G?tD8D&$LkgtK>hz3%tJl
z6<)iNdJ-*_cRl^_=<)K2<YyVT>si;^t_=B{m;ar76EA;=`2(7E{_$4ocgNe$c&w)$
zNxx;>%gqO1Y(7EWJzl(z7w`=E7FCo_w^sj`_*6XEM(%zO!yY^vk>5yu=z-eah&TT+
z#_fEfCo0dMqX;(Op>}e2J=VUedSYHrFXOf+LVmoBnOlbZSTDbVe5PFeImLr!=I;U9
zo@9Hu+upnJ_-XPu{XZ4|ez5twAzpu_YU;^$P=1~cub>Z}?5q>vPX}n=7w|+!<tLF3
ziod|k{2o!SzYd=Fyt#2Z{~)TKmh?=*Go9t``O6o0q?7z6@@)=LPxu4Pb3O;wgLwWd
z<*#Ple!>&@wRqP<wZG~-U54n(AiSIB*BZC;k9ASMdz{)xeyo?@jnDJEa&?WH_54VD
zv*#_1+i_Ej>(=2eJk(Y5X~uqEhex}~-TO*SYG~XYUVpi9+n@bh>)C?y|8zV}&stV#
zJD%*W{-^Qs!_*TwSAGh9uW@@mY4A+xI?uu5p1*>R^!!77s^?qq`JVr5+-_Hb`7B{R
z{cAGM9-3zle6evm&&6KPO7cna&ya5&qKDVp&%<vvZhO{wJ@?{!J)c8QiXL~KJiC_q
zv%NIW%Q^m&c%+Z~0(>=|kICKp4&lSqlfvEW!{dzGc?R=K_e%;d_k14S&GV)7$1c#g
zpL5>$1CLxNZ>!6=pq2Rp*2VoYT<)I7-R}I2n#GlL*Uy`ZfAHG;oVz#f9`Y%#=Zreq
zt{GnbJmYrU4EfGSXopS4^D#XhHRJeSiH9zbpJ8jwt>zKxi4Bmu*Pk!N6Bo+ovR@YC
zh0Eoa=<U*=j@dzWKIx0)oq3^cG#<W4?tahkhc5q5jp976;E8UfqtufcAP+O{AUt-x
zdVVbaEAx9K@Zc7$|8@A`<`+KL`4m3Xl~r?mNbwgznBRlpt>+Eo6ZE*_>Qy|8pGD7K
zc!<vfoP$rSul+Uc+0x^1I-d4?f$`!z$7%j2(sRwx>dATe3HUzGA2x1#qAzH{-1D!M
zc;q(qyXQ?unjKxt<Hs}Z6?g)7&&#&qIov&O8q$#Y<9D&Y9>J5hYupF%kMZzQ?Z?p^
zhyURDleOPFl0Wqr^=IEz-aTGCgeTvY-$DL+JX}NP|8wyk$I_Ek{%W@OX*~0myfXQJ
z@X-5m_xaBrVfAG4@}qcO^C+JEtu+55o?IvYiE&RYQ%_>O++9D6#|u?--uRpT&3Nv6
z<$u(dpm`(pME(*i<NkOno@=9ZSkJgC@xr0%UroMAWA&szSI=^H|HYH5<Uer$y@zLy
zRL?=24{J4HeU>Tj9>*`ibDR&uIxK>jc>X8#jK$aE(Ze-=*VDYI`s2sTH?m!0@I)&e
zKNoUbeTb+2R=z*^Bac&0a<tq%zZi_Cs_OZm%Rh^Uo>czwMk+efOw8VovIFH4IDRJM
zk$UR6i1YAfyg>h8*8k+@tXm!B$CIzXW3}Y->EDD0wdGIaZCcQi6}-*%R^SEJfseNa
zU*q|=lwU)>eM|Mk$7s6-h4qarUieV^Yb)zq>3HR1KPqoFvv})=hwspS*@RDa`Kj{b
zb+`m?;*k^O?s}kREA>ZDkvC&|M>zjQXQW3pZ14phzF6~#@i<<uwR#G1`J)`qeerxR
z`5by?;h9h5C(!dfp8QH4VY`lQqyEf5&GQ_#YZM;7S?<om%kcO$>ba7hCMT#T@t!uc
zH}e^U=lDBi?(y+;Jk0vI&j~a(6SK!>>LiWp&W8`+3D)6u`oF`I3C*Vm-t|QF<Zuqp
zV6F2u>OX^g)031BogjD5%f{ky&Yy0();d2;`R4RAJ6Sz3&i~iqNj!VJ@^kSY@MyW*
zt;3YI>M5Km@8j}#^gZpUxACs#4?q;}*Kf+*^MdKlBkFPUsoBo%IP?1}o-3n4UmD}x
zUMlrdjobc0NA<Y=_wn?ZrTu-(6Mvfz@%hG{jPjy!JMM6=|6TI&Gt}dr=hiP*e!iD)
zgYWRXvvE6ap8YbG<8vmSWS#dgp8@6<pW1xfTmMgt+j)i;m9E2g_(0G9peNB@^B+Ke
z`ZV>7@bZg|+i`Q`Cz20Nm#3J&Tepjh+xblMdaffMy+!-o{e7;-@Z|II_Vn+jC*$>0
z?x6m4o*#u*d%1KSTH#GR?_}I=SC(<ltfYa*;GqthPapg#JlRGb<MR?b@!To$u6BCn
z*7FSY2QSK}a>t&C$Ip=W<2vL6JbRY>DSBFVWSw7@-%rm_<93}R-ge!Huk`#Le1qp{
z`Xi&%e<4pSf5X#_<zf8XGc})lL-|Yi6L_|{yaB!!57m|PXTXB)QF>a--T81O9$}r`
zan-Yv^3nY|Zig3F+5BD?<M!_)*3C36iaY-w*jf2F*X`TcUw!e|tJ<-RxE^}~kKCw!
zb9qy|t#dtN<*zbsgR_{=V4cs`;bZV5kNfWZjs<vx$EhvM=U?M?KMr18dfe9TqW;hX
zjq4sqhT|zb#kjAye1-DvJYVf>^+YDi-Rpr<@Z6npcRjEX5Ab*B?_4~v&HdV&=K$mO
zew1R|S9l!H;8EN?F4Q_l+q=%|InKE4NzT-K9%cP6!NarVNqh#LenNgXz8a4%kZ<Gu
za!@z*2hYlj4<BaR2H^20<&SWGd<2i+tyza%#_j&v=gq%TclAg6>3HbHdE;a}-&<~;
zRu^yA;K^4s?r@%`KaK}~%H8Ap&&KVz>s~26PO6?OZ}n=aA8ow2UwY{N^_GSWQg|ez
zes_P#yFAX_H#onC`iFb{BaGYrH2KHa-W7OivHE{t++jV{Q{nZD#dDtDYuxrn>F+{M
zf&30He_${5N0yYXLw)1Lo<*8ZF=o0h#Zy1X2XmaH@xsUQH*KxCZNq~ta_&w+gWl@T
z@P}}VyUFA)#e;Rqr&*t8oNto<&-=@GdXM~{;;80hgniUs*e!n^zY$Nbmk(iwz2dwe
zKaYInnAWF*w?0SVvzC^wTPu9E=biBVp7%Fy*E#dM#x<wS;_W{2bzUp&pNo(6d?`Kg
zJ-WZV$abB4p8A8I)z6<}4@Mcc_lt#IPX#{u_0n-?<Lf+Mgm3ly1LJnPvcGBEpIFa-
z$rrqQ?Y{Q$$UONRe{3=7u4j%hZs*xyS?PREHeOt}ztr!pC+{Xd(#t=AFZ6t|>*4Wn
z2lM;`4;`iRz%TfD=W9NBujg{SVtMI2Z#8b`87^1P51i+>;-Npazw{^^1P%KspXjQ5
zoa5mxJl9>`k@+maL+8rND(M?FFHldE^H?YHm*J_nPMmtS9t4s8+O8Si{LeOS=O68*
z{^I4m>H2{DQZK)me6o-7oSuW01Jsko%bDlJ#_j%H?e*M1K6!(B<}?3Q<TrcyugOPS
zX+1ZQZ#7Wk#^`B{Pc?4Gt@cLg{+dHRN?vUydZF@RFMkA{@Vq5H-}5t#+x1M1)poh-
zjcIrmzk&7nmY(Ha&mZJ7_o?R$@+}9czi_|&Y0l3V<LPPgmiWEK?K*7m`k%z3Z<eml
z5_&QP4Y-E&taXukMtJ$-jN9!kJf(5n`d^EOpO#-~|GBxnil^qwr;3ArUH)0QyKd|{
zSpC6srG6it_xy7_yP!0G%*E<SFD&)TjobC9@V4t#mw#P(_c*(je8$V~AYUNw-Zv~C
zqW<MxzL#;kZZTfBbg!S!!4vq2tWUK|)U(p-X=vQ`<loRd-TRE!;0a!5cJC*?L(e*|
z=L@{<TcyXtF1+0HN^#AnpXW#7anFx8Zs!@|brtvi?{xANUVb6@2(P!h^*?B+#+~Qo
z8{j)UKM~*Sc~?A?E#2OW@GhPwjNADq)@q#(*4-m`oqWQ}e?mUGR%e(9`GYT2Pn6fC
z8?%4!!}I*yqI-SjSL62hOnd#+hN&m@j9wRg(Z<Ye0G@nWUWIWN;Gu`*+wni}V7mNP
zeF=IGSAW=hJ#Z49x=_Ijn`zv&c%ikn*S-E9zKrAK?J@=V?<x2~&(FoDy;GXM#CY*I
zKU?G8&HOWX><qcPKKug@cb31#<8t52)f4L|e;0oW54V>$<^1_Go@gz9j`tnTy+S>S
zb=uyenNJ0tIbQkK@w{=nANP6N^&39=-O}wnWQ6*2W$J0d^Wux}poP3L`~5LI#JH_k
z=U?#rXPT#bf1#;4A=~wglD~}nkm8Bj{Jj-#KBMq)D@x~Cfv@v?HeT($()=RhcHDsD
z%ANPNk#FMV{~}-LtL@#+Jo{dyp8WapwX8!L&-RxehVM3R*T3BBKj3Qhq}G?-PrKrY
zbJR1G<KYqGwr8Z*vw(cQhw}V6z2Jb6>QA>&zkB~EX599y^Lj4B>%L#QZnxk)J-;8H
z=lMK*tLLxb`#k>`ul_;lxZfGK`ztp^+r^(P3EE#HFC^ug%`UaK3gdRWntMI7$w!*i
zDds*Y{x=AIz;pb5=`$<o8|BxkXPnp5%eb9Sc!h#)J)a?;_VUZg7Zzxq*D}wV*QqDI
zSiTk?hDV>1_hmk5JWWqm=HDs7e)PuekB?hfx}I0#i#<;ox7(Fpt#SEt(ZMP_w_Sb&
z^Evo><#Ty?EuIfvg(o)4`*YmBf*01y$MSkkr5n_fZLH&Sf!!Q)n~VqN$=h+BT#gsE
zsb>@OIb@W23ZKdUrKgW^dpzv*ws$!B1n<KpilYX>_vEL2Sh{Y1yZ#^4e<S_pj8=cf
z%MZr4dVW2=-}Afh4y#JXeayJsFPXYphX>i-fAJjiai6E{J4W*v;q_c$-1a07R?jke
z-oy(#v|Y|aW&>?L${%!c>pZNu;njnb*FP5D;rYGzKF^=TyL?o-y-V=Hp074;=M(=+
z^Q_1GYu?0m{Vgx&b>p+}TorBaS>*4+vp9!gFmJ5ZZNE3}YsT%k;i~F!`G0SgM{svN
z*69{`^dRNk>(W#3<T>(=%;!@)s8*V<cdL355xILlG8E5x`DgK5H{}oG{`j-;;`wlO
z={i>(Cm-$k(Z=oeCJs~2%iJ$U;gOnh^K`g)`-Gm=Ue8wY0iS1Z*V`A|rv6kd^;}K=
zE5_|S3trDEyuq5%`G1YaJl~6t^!(uQY*!tP>z=0!!DC0r-Sd>CcnWvVr)u1;d5-n^
z8{x}6KNa8Xc~5+Y=R=L#^)E1PmUVuY{9Z4=fqeLA&3`BR{gkA7V)f;#Sm&9>?K;=_
zxO6>V#LGQjfe-flOZr1)>OY_3dFTX<8-GXOuEUq%xt+=%PQJw*?3YGzrXNf<Zs%Fy
zjk}P1lDz9_J5fE+cU9~jm+!+fdG*(1-2Hf(#~nBBRg*OCd~e*_jobZ_@$#MSlxMf8
zzY+Z};>qJmx9hyS)W6c}zudU(Pmyn8W9GIC&o)<&+phMLl@IfL=WWG<yYS@OrR$K#
zGbgBLG5O{d>WQ6L>Ipn_lKgMB>jUF<zf}9Aj0Sz#?DB1ue}(zCpQ8R;JGncLO~5m!
z%H8AFMwiDoFmC(1)stzje0@fL1kd5_^_;Kp_-V>V$hW*lJt_P&`tQSYrz`KS13$+@
zXULnfUFB2N6FpPzUUy333C~yJX}mh)hVEs%qUv$`WgwpDBtMLN+Id&`schG;t_OGb
z_lxh-{u=4+uN&|Uo=?X2dOpjzJwCHMzA&BObMkd_Wz0lhek7mb{k1-Px9on+C+g+f
z;e$QzVZ3<1xIo+cDeHeXp5Sw6o#=lLj}20O4->7NQcr=uJ6wF2F#qNTJTX%F@93Ft
z+#cs+z4^R>r#=6Sp4@fnd6u5~4`|#xpCfYDQP<$v8<cm~T`P>+aa(;_x}IO+lRV#z
z=R7~)L5&-mrT&kZ&xLsQVfj5=&^(WaAD6rLwSU3W_;h;CdPx1zCzL;yb$$#F&zAp1
zelH$R%U#bo)6^5pkyoQ<j&ZvV`@HRXm3-zm<%iN=`C;{hf0w_@anjwm?P<QYbUlaQ
zJv|?V$33sW$9X>6xII3TD>Uve%>NhiGraskkC1;~`I*drES_5}e;r?kr`E{N#M@5S
zcFkX3x?SCk+xg_kw_!eW@Zb~mJWbD`Gt`swdct_W&rADH!AE$0E<VZgOYr5MkH$B6
zJ_X<J`Qvz#FG}b0vT?h;g^k*-o7nGFAJumC^zug=xB0{t<rAz!0?*^_I&c*p=5vqk
zI`G(;tiRXa7T@K0cYL4cL+~maO1Ep2aXZiOx0<IrZ@iCZzmX4O{trE-`84r*<{P&?
z!B*wndFDUzUA%mqS?ZbPc?;vVC$?QZl{v2N#0%e-&gY`p>e=D-B#hgh_zvaW^?#0h
z^)E};VH^1zdG~zejK|fJ;(F3Ozj(p8y}!5hdfvrjo^Qa%dHxgqg&#D}0j%@uPpH4b
z%YS0rZddXr<=yj(CTX^Jx7;09<MA}^j;poC?fe&d{X6i2=l|fLjiu{$_#E{#@VuGv
z;_<LY^Era;x&{y9yc`uQ!z1|d<f}iao)G6@UX~8};bGjpk9;Q{$2-xp2`}u^eBArR
zC(PCSn|t%`V%*L@%KO^y((?iy`b$0TI_h^k=Xu9@>W_K-=i`GtAAwhRej7f`^9PL=
zkB4KmMJF@Qjd&J!>)hxm<#YHh@>k*6uzGgltME*jygq)`)AZo(=ULvyBaM_F$?Iun
zJfnQNsr(FH=O2gXTgm5fe}5BCwUKXR-2d><8S*>v&hyouIaS^lACD(akRN1shq=9q
zCr^|&=lZ11v+4<z%m3wd#q;spXn9xF1b^b0j`Dr<w0}-Lu`A@SkiQAfTqd8v_P&Ov
zN66PQ&);4CZ23C!UCaxZcE6{G$*Yi`fQRTwG42YNXWb5>=a7Z!Nu8sfrS$Z{vwh^|
ze~Y)r@YuO>x4*XFK~K5+{cR1NSAP~?#JI!oWN+n9#24X-zVf@7|8ID3zWial`~}tl
zzm0j`ibpO{ei-}l2fQ#yZeBhr-p+baJ>mZH56ORor!JPSXWR}M<r72X?mRFRkGvsw
z_m_1pPfs0sj(v&sxlZ}Yyg)DxPhKtG$@*mR#5MBX%)j;`=08TxkG%!m@$>}wn>94>
zLwNjtxtr%cJc+ksp1ogYp7>w*)6P@s>4fjc3oprUW&T|j+X<WB!|a{ME;MeB=gjlU
zPo`%b`Mj6kiC5WFMp9q?HEw@D)oUoj2C-MH>pgAzt>%3HapQK}2*2mkwH5Hf0?nrx
z`J-Re{6pTj5xlMEXB)Tup~p&lKEtE9UR4f)CQFo0KdF3m#+`x3JpazPUC+VZxckWG
z)9UF=&$;FfZs(KwP%GokW7F{DY~|hc&ylYwALZ|;x^=kKxE*(_H*Si2p8hY`0c*%F
z_VVA751409=6T8M>R;*QN8<(0rx>@N1CM#11J4+@+nZzE-1X!>da7)8dt3w8Sf+f2
zyt`jqXWaIe)2~PWAXrI0`;j)(&HrEL^R%8ULvYt}=7T@Z_I_vFu4i3uKKsb0pHh!I
zZ=C#w@)0lJ4e#Lj#m4PAgcqu3A`^O&d_OP01Rw4BYI>qCsHZzU(Kj`pq?f<Ic=339
zQTZ>}-U>XCk-O`+*YFJPu3KuprJgLlk)A8?H0PO4_#1fQW%axJQQfS1lAe#kQ=Wf}
zr#)}+wt517&uVAJ9c$d~$7$X=+>0;u{7HPP=S%P^TgqtGm(|AYdd7Hsajyq9e~0bD
z*)72^JcXZPr)O^O;o(oUK0Cz00q?3O^qJf}UiZLbAIMMRaVqKZYc!&JJ?B$Al~aBq
z{he26eHwV%H2{x!KGJyc{<~H^+qs_HglE5yuc7~x_mq!rl7G+kK8Z)Zl2^vJ884nc
zy>b7-$9i7#ef8(_>gmn6aXj*ky!kEq#`DH21xE(ui<=f9LjI5s)Dyo*KS{TmJN7W=
zwFLXgS6<1u3FXaYaPig&PmPj)&3>8c^0&%=CBMn}c=;Ia7{fkPe`cCI#&zs(c<`9~
zk<J?T^i|}y$QQF;CgO>2<R`UJzTomTYZu`*=GpNh^+bEfC*aHQTugpAcY~dH>`1x$
zyKn7Qt0#Mee2Rt*uE)dm<)505X4~7_c;sC958`0>$La~1%DXqwH_~|aUTxPt*7I-Y
zDfy*%i%+!QN3h@B{qcU|_IQpwr2H7Zu^f*w|5426_MGx*)|uTBe2*t?R?kxMeLkh1
z<Kz+iWjx+p+qD`me5QPkJa20U!`I4V<lXg2qjmH%Pv<M~F#FMc-f8A~<qOwqT<52M
zZWpS0Fv+`r#f;na$+pn(znFPe`9hv-DW8g;g@=xpSKyQJG@ikKbKY3_Pw>tg)SqY~
zzXo5A2hHW~y0QJ2nt$$V4ovdB@!|PWABK<ie5~=}_SRusuFvP=k(>??_c`#&8#V4!
zujeS^#pCK09S=`(TwO+fo|nIce426H?^pSk{7Nrhdz1PzpQxDATQJ<X-H-jgDc#<i
z@sXb2hmZ4oF8$Fzb)3w$wdS@L&;KpYiGx!&Yd)!e<ZrOOpX0f4^0V<;Ta*tyDF08(
z9h~d@8ToxY@0*IJSIdX;)L|_i`%m7S{`z0BKKteFdEym#w2}sN*PqYf!2$B)=!t)=
zo=6qB>v<k8RFz-Dd8~jZ1Nmas=bpTJ!mPtwy!;z^_CV$5<A33?%JQf2%(u#i$h)3C
z-_bu_+v{HcX}(pSV4kDs`PjHUPBwV^{X6o>`_ywMk0U2+Q%~*>`Q@z76z4a~&*nJ!
z1W&#%ug8h9nz;b5_lwjD`4;BW126m}ch6Ij&Ns<F<wE~sJhzK}cU)~(e~A1k^q;Up
z9x$I9@Wf7e;yv}a*EgQ}L7rru?mWMEm)33NcV#r_%ZGSsYpH)_+-`529`|!AXZ)m|
zte5YLZ}$8O<F+UHj^^2(?R^!`zAJx-Ssl1r`TPX=FkYzbho=|FpJ4w!ghyYLKSh2u
z9=bv99;fQ<QGe`Sc_ZeN!V9m<xts|q7qq?myzM#)AGfV^-CE(ZJnv+@xDFg|J=xx6
z<d=K-oN@c}Uy(;kfBx%pdSatA&!6b2_p|y#W8@Lmr<-xxlbxX+w;y|x&x}>xJx(pg
z!_3qD+;Nj%)F1Wo6?mR?cJDj9RlHC%pJVj4YaKrJ`_gsWiKjjP*LZQ=I6w4ey9Vvm
ze#v<G>x|oc<ZW%2dpvp{kKt~=hksMg3a{rB<F==;Ts`jd^P}<PoAR$%|3!HGE%|#K
zSHI&Cdfey9d;PBd+%n}aq9=`~$X|%>#RKy0c<%HE$EP>{{&=<RrR#jPal2hH&NI{K
zKgV2%7T4`}&1V+#pN_}&%0I`~<GDTZ+jzXI{-=5}wRQgIv=<!wmptqFn!h#wus6?d
z@u=s2;DbG{zF$4#JTEhDw<~_Q=Hu?y738OS`Puk<&lk~?pyxQ&Ve~&7KVE){aXW6B
z?RDc8$nW*?2mY&kj{LjqmtlCck>>9ncb>*$Yc-Me%;zgS0=U25bj*M14}Gd&xt+GT
z^}!?byX)}pjN8ZAIy=gWIrpD^<ilL|-pDsP1on<;KDXfI&of>;-dbt?Uy^^oxP3kw
z;(3i*pLfXTzSKNxv0b$*slSWY-`seyKcas3xH*RWU@w0+KGO3i=t<GT)5oB4W%Z}=
zCwaeVFdi${xZko}3-M@sxqIEO+5zf`<L>(Zc07gOM$chYln<R&+B3|!UFW1X|FPut
zcS6jMXR>Y|;)xFGiPE1qP(3NH=T3Z<=QEAlb<WV^uG9X(LuaVJ3FBT`RrzQ~xqDsi
zAv}q@o}G9e=jlt(=^*tK@J`HsI-ZNFe-PvTg-1HeTafQxO+9hXU&d4TcjRjytbC%2
zdVZz9CmzZRs&GG=V%+YRh2FY7PCnjUJtx!O;t=(Rzg3TWUUsW-+mrQrQsjg0l)s6d
z@5%4*@_&=h^w7BT$X|D;`olZR5Pg|s-0t6aPvza~t4r``FS*-~JMbi4jkb=})sw>A
z>#L98iQekzM1B_@^pU%tM~m0cJllHn9An(hGl-SWb3UHO-8{d<!{;gQ=6S+l>WScP
zo|ExV-_m(*F>d!uH*Y?_kWcng-W_k9YpOqkuhwo0D)3}~<#)0UOYp=1xjP?5LmIcA
zH|_;^!t<+)+x1D(<L+Ny;d#6&^Ql!!`NBYr>(;F^9=T9{3G<wRr*L;aE#PU~?cc74
zYyQ)`d0vF)JWm+6^N(Dvao@E6+}!HdX1h549~1{y<KeB^pw;+$c;QO*xaUFl)zN&a
z{7^<xU*_Tw&zIs+&(|2Y^9=L%0q>w~<Pqwh>g6XGxB2)rn$HCChaM>};1z7|LwNFf
z<<BJluW@@E&hYwcAEllw`3U*(cmY30%M^Ty$49CEJMstCRZkRm$KgmkhP!t_zc6m+
zlkw)W%jHL_e>eS8>#0AuSKg8B-GN8P$PdxW-@%#n)xW~)?`PbuXY4NJkKqCP$)n}T
zX>#}bSPpL>&!^-w8F#Gn8S-gd$9|0`XUpBsy`Irf^9lV}di?Y?Zs(J@NBMi%-kEqX
zRi3~PIEFm#j)#PCyPj>m{yWJ>ng0{?G(A>5u{ovv5j>0Mc$~TxPt8-_-7ngP)sy!8
zS3HAvXWW)$$_G!Wr#8pcNId+syes*q@C5z>zT4%WQT`;nO(XTkarb;}7GB`~9w+}9
zo|><o#d!V3tk1J@cYe4O4?icL(@Ou~VdM7w*@3)2%Vq_~H_?9S=IxiLal79OpR32s
z{|Y?vh5TUVGmV}mKb0Oo&ytUlU%>I%s44v$)#IMO&o*w4lX9<T5&6(2<=u5`jpNi4
z#@%_~O5?U?u-7x5d}4EH&zE=-=Q2GwznS{uUn#$h1M3yzwm;$ZuOc7%UMqYc3mtB*
zp4c|^JjQW51TSotk7hkzGj98nUjN6&?emM=%T0?(_qbo9h5B<l)w6+~?#6A;RIg_U
zp7wkczSQ#y`a`?ae*yE~h(`+YiHzH%rRI~x`?C&%joag}n|B;8Gj8XZ^Ty55li00(
zPM^W4$E!buyVn_};|1Kk&QPfp>%T`mb~Jmt7LR-WF`mE|D<1q~+^+vhZ~fc1*8HpO
zE<OHx8@KnP@GlzoDtg|-Q+RLIr)wMK^S_qPa}{3jyp#FGu(m(gtGv4|T8_tY^Y&u#
z_8Xr3LwR@noE1?|3V)V)&cfroA>f|(9eAR)x30In^^M#0*}(dQ={XzEdh2#GJ*~W+
z`;6P|N;2-Z^c;GU#+~ow!^UksVU8_(yPo_E^2@#a^W+QU^{;~9S3Fcn;vN@9ovi*i
z?mlO`8&BYFeR{NIJ@I#$&wM;yS^Xd51()Bh1L01*(<$mnS5dxzPsCFP%H93qbK~}Y
zw9?z&AIWFPucfDL@dvui-xc!m-HqGzOjT9?!?xDkDvaCx+rWF@c3aVp2)cXs>+(}I
zpI}ev{i2s~+aIg0{<l>hJV?IW%RhsU@O(KviNn<6uG_ccY0tyun$IM!=M>|1KDqkp
z>B{}(8a&)kK7@663ePu{|H1wDdpsE~%^%ZV{rSeF`AeKPlfT6S+cG@9OU19SJ~d9$
z{AYRdZ)DugKh#D&Pm#Y4&kmM9itoU~o)0};{Tsag8;#rkEdA~}c_p61-(ua4?4W$)
ze2x1g+jWm|dwd3k(&HhGH}L!wdXgup$Gs1A;2G*q50W3o`d@&jE|j~+-=~b*aXWbZ
zuanPQq`bS1t=UoefnL4|KGpN~#_jqfPE(IN4@|&Qc#ie|5Rad(y#5;mf8j~bk3W;`
z#akbxqHpl{C^fuKe<-SauCII$J^+v0AaBmP-Rpd`d;l-#tin^z$iHAe*6O7G_{H+#
z-P4RQ01sII6yrXJ=Laf(4Boi2)_I1vp5=J(bLnx?3$O0^rN-_0hkw!rx&6KrkL;G$
zV0#ZcOXD{2dK%+xJuk<*c-{*i;rXS;?R?ThwY_Jty$|38T;C0Xcks}q5_kWt-G%k>
z`kNas-XF=k{v;k7uAX6x`<=_<pRx{Tp3OWjSKhrob_1TgqSU`PZtq9)y!rf1K0cx}
z-=?ejqgR&tlg4e&Qm<zT`S4ZByVq@Y;Bnktw{$#5{Rw;{+xrL}yIMV+@LhNscl`~!
zsV9%S{!w@Vcl{sXxsj#)W!<%1tG(@NXWZ_u;Ckg<|0FzwAJ073<5ApQ*PVZ^deXQ%
z&#cC?o}b-=?ZW%ef1`1`{#(6y-a|g|yym%(<0RBmJ>eJSFVb^6p2ORc--3r;Qoa`N
zFEs6?p2$-9VDi`Csn_JQ>0jmYugiy#AJSX%ulq|GNqrfGmwR4;$335I-0qj?a`mTa
zJED*J6JEZhahuPRf0_K1<fnT1@#NEQ(0{o8!TWf4*wIBO<GgxUO#P{K$`7Z16dtUX
zyYuQNcseI{?+c%Dp5{Nxo6ot%i{}mU?)Z5S&*Lm}@UHW<>UaD7Kl<nYTDtyq`fA)2
zp0~g^d*0EwollDGI*x%~!Ly%h+^+b4cxZ#X9PfU<dSYM7-TmtUJdRH#U$vj|g^kL)
z_mz6%vCXADkKmDS<yUc?v&-eblJ{bNwY@<7Y5YdJEao;257Xo3xx(eQs)xfQ=-i*4
zv3kIFuRGm_XUXf?ToC+&=RLoBfO>*$>OY&;12+tmCwIvMyxWEH*iN~5S)+J+0Z$g>
z-{40KQa-U){t!M25ABnGPygE&F`s|r&yzoKusj<+vN)dkxNq?`9nYBO9`=?Z|1Tb`
zA}>B1o9_?4*apn!G`!>OdgI08?I7h}W<GBXk*90QBlroI$Ya&z#nXssei+ZymNzHA
z9}nuv-)EkK;_AsAEqCiMf2ii!WN(>i{r|T&jN5r8f7Su(ey*fIzMq#r@KWZP({XYo
z>oye6uPOC6@bE{aUT>IsQslcar6$AW+0T@Be)?td%thL+d&qx*M+cYsn9H@jNpJpl
z8@JmVJ6?HrefSHW_))%-{*hNGpZix{#{GH;Uf3;nk6*`)AkTb0q^H7o@o~_b&usGf
zpVh;k)eLsyh0o+SvCi$URDbp-xx22OfF};qy4}V+m*a(9%D=~a8egTJ@LvjU<8d>A
zCj<4k`}=^a$>T%lS&v6ppC0&qBb86$=i+78$OC%Z`DZ4cWgRrS`90FtYTd%WmC>Lt
zXX7h=FZDrq&hzW=y`E3PoBvVT^C%wk`~~Co_{m?a^?X&!7yL;+?&S}=PWkjD%D1(f
zV{QZSa1D-gdgdFq$4Q0P^9K1~n0h|tc&L+LK9|X_E4By0Eyiun3a{sWyurTG?VU$Y
z>~i%qqNmyQ>QCZfJcXz67}pgwZqT^pUVkIwcHIhBtKYqTQh^5}<u@Lz0djciY^~3)
ztWUF1>WOrbyX(4J@#GlwT**9_;RSp=UUjs35;rRUFn&5-sHy%2E%c4MjobB1d)xH{
z-tEuQ^<0d{J^zsY&`lcm4EE#MV>F*odyV@GpDUhb+>V>{dY&a8yIDOud0g0ohrg0P
z$bLD~To~B(k8hU0#Ck5lLu)l|A6{@g>?Y--@94^{ChPNnaXX)kH=n0ne!TiWWj+P+
zk-tjU=fJV*4^LD+%{-HMV!eD5^ZXP~ej#5^|M@qoCto3V*9jRsH&yPQ?;L!K@;UPE
zIJ^bV;w(c@?N)8?NN@fP@vWYpWZbTEaIeN4%Kp8De3!pV*WrHhiTjnmm3;Ma>M1-R
zcjwi)c=~Pa7kB<V;x^55oY&vdxSdb*LG`%v@Ju{~&*X)+BgZrU?YhE0k^O$1al79a
zd;OEhN9L&i7#lOUkMZ!mI<A)D)oxeMto^0y(9pP@XKbE&BB}}A!jt$<?Dx}?>e=D-
z#EjdX#Ix#Iz;X2v`GNnGj+-YReo^_MJPr<;p#Gefzs|VrPra)AN%Zd`pZK@5ztSDb
z=awnIsFF5poN>FJo4x!4<Wp}bzlsa@niJJicwfGo^@-v659IFr{|KJhruF}e{2Dw(
zPk;QSNt#dSztZ`?kLNw#gzxvffQJM32%-TFyi@a!t<*d};XFUlxLt=1UVetlbN!QM
zo*VJp9xbH%+*jMX=>J9j9{X{EbIu#B=~-pmj$5Tt={&#2TY0`0AMN?Ulhu><{21f*
zILUse?Y)orq{tV%{8QxPT&GQDo_~;UP`PxT)hje^x#wkg7th<_{XFks+|D!2^;k8I
z=QJKv)$#K-$L)9YB)pz|c+T@0Q#8-Lo;Sin2b6BtsmASmatCSLrj@l2x8uPf^2Myr
z2YA-=ns=)wd8qPVlOKR5s>_?<bMQ3oUazQs5Bm{!uaC_zZjYbA-u$1(6P~|=&+z;U
z`a@jLXjbO;)J;`?yh`c%OvdMXKFhdWx1hTkhO=GO@0BNTPA5S>Jc(!6zwh9Y9_ndF
zPt*J8!S!r92>RnG+>QGV9`sbtI(iPdUp>*CayOrWczme*B=&pO<#)?}XP&>|xww2H
z{a2;bpB^S}gReAh_gBtaw=MYm154NW7kYB^d`i#Y2h^V#uKsb{ukXQQ+vV<cv(0#<
zuZ}3^r#z^h(0THs*sf{D?L3!y^LdthWTg5JV0{iVFM!zn9=%q61wCW%%ysgs@wc20
z(CdM9@q?!^pIyqA(SJT3zFzM3*JF69pL)8G-;YPgSKzH4)^>%eHex09rIT?x|LiFB
z|HgNx;E9{$KjS;`0<TlK{c`Rj^xUF+C$67wH*VK6;*C4axc#}FkvsJYfIB|F$D=>U
zU*mk(db;vk_sM55pD}pyPkC+DbCGd7ZWnLd5AboGZ#G`M|K6qfyU&52K0_XvEU!oZ
zbUaoe=i^tw&v+7_$~=2Ns-Dmk<p<#p<B<pD?scjy#_jx5-aLQ7vz{L`lm7SAvxV!l
ze#ULj1}}dl-m_Zi@h~3W=lMf;=-|@)eB;G+`$*%~X1iKGrg0m1`7`m6p7+D2dVVFI
z_Iy0P*z<?*m7dSXdmd6c|2ObSo_~ff^n5#>^?bi^yACnVtM2(uuUYaW?vC?^@%Rr~
zw~nma`*<4fgg2P2o&xU9|Gn_gkLqzg9uGL5xbw#QczlS?8$IoAGPjnGt3NYT{*X8r
zW85A;JG||^8?Sa~>3TkamwUdL{_L-s=Vb0jyU6$S@|B)oJ%3ZaKF9N^#_fCtd-<N^
z6MrgSi~dP?>Mwb<%G$8k@brFp9j=Fe!LtYI`By7?PD^XtdEU5v@O7RKH(op*YU%Oi
zULL2W<H<(qKbH01fM=G<N3#CmIqFG$B)^_@h~wEU^2Th}96Y*E?#@?R@la0Qke=30
zsy}+1{A7Br!;{VB{F&|GB|LMA{49F*;^7|huUNNJ=BmHYTkhWXxe<@{lV3{y6+Cl+
zd?}A3d-258^65M-oH9@Sq3h*td&l5~x$-#uOYqoJ@{j5H6OTVH&#_&nJ*ED{oAM2;
z&v-oDRQ@pg>n%JuO+JABN>8gNex`gY-U*MLEq@oEfCs(g-!T8T@o-G;_G9o2^Nh>?
zVBMm4<OccaY}Z6Qc8i=}uNHiOXYau|aU3>Z{gG*M^W&4nTW{x!<YV~U?EQG`ZFx=Z
zU!S}DI=P$AG0&<$yg+_9+dCXj+$i6`{pA@vGF`sZeALL^zIQ#Z$$PP$ZJuNOSIOP|
zI)NuP$a|B2&A2_!6ukTO$K<2DKGThL2o@+`UcFIq9_~L!;Qc&rY22P4^1C(eLG%nJ
zKitb-k0(99i=I$kJ+HEEOUZYuQ97SBc*gT@@pYd6fmb=Kw5R$)ZEsu8%kX}lw=-_H
zH}{R^Ihy@=3;EGr{(gLt=kw@E?NrYaw)b=Li@p4hE`Np2!*6r^pZmP#6YDNt#`*bX
z=iAipo)>H|ZjXnRUjI+z!#^qSe*ea?FDO5<X6d@M#ao3+y*r-td<Z_v^HKO}&nxii
zwMzSE<4q1P^+otr&p$9;eEj-R+m&OT|1@r|+mjoQEgs_T^ZZp_<anrE+FuV}>3JLD
zwm*5kt~V;v|04O#UVa7Mq)uu7mw43k-S}Y756Ebq3q7xk=RI$Y@AAAe-u8&n`3%5E
zdp;6h=lKMDtLKm4t&S}1Ux3f>JnQ;BUyoNis<h_^yshW|;axnh^ODwWwC64Gl;<7s
zS)QMdFZ6r_zTETM@YS9_h;R1%8RPc23h&i%`w1uFy?FLF`D(n=B98MvO7r*Op~{tu
z$u;D6;Q3#4-f(}n;^>#PKD)g6MDRLwOV|Hwyou+7jNAE#3hMuxajPw6yAISnu7EEy
zZqG~Iyq+9B&hu^bgsQ5?J>FgLitg9xO}bw<razA7aJLm#8@Ka}AF7_PmMK_j+|FmA
zH|`qp$r{SL^J=SCmG4l`HEZBb_(;$D8@J=84^xl(oXksjtg0r`llgDQ3ts-5CF+UR
zRF8Y!bT6L3&$QDsx6kqLnaXF`-iAxrFPpW$Zsa^R5YKl~{(jX2ui=T#a`(R8Nv~-g
zD!lDI$GF|z%;CzPMo$Va^w9aUBjbMQoct`VXBxdu&l#HME_#y2i;rvGxDS(0)z!G}
zbMjm8e0@2WT|xC_>M!7KJ<q^HN0;V5!^8Mm=5xk!^(0xJdR)gof(H%M)0yr4&$yj`
z-kX1&H`EhrsC<O{B;z(;rGDx0_9*$}G0JbXF>|Z@Cfl`J>*n6?yV$txY2x+VKt9n(
zJ#l*0<LMUi--_))aQ0j3PxqAHj?cog&E;-=4$3N@!kd#%8MpJ9<jv<P^0}t!NwE&q
z-c~;2<r^9=-mjaHr~hX1E4=)D<O}4}<g31;{>@(gXye8EZ%g%$WIhS<`@H;}<U_5L
zcgOig^5LUP_v0S&vDV7J$9!&jSM%xO<)`8!J)dLT&NJUeJr&He{R;Jr^YXoo+k7IT
z{1V3f9*>+Te;L2=J@w4@dhRi9dkW+~W8CfJmwNgA<Z~yhe>nY*zOSBWTlr4>cjLwT
zi`R4L2l6TnO4l=N+|DO^ih45iyhOgamw%spqFrfzz)JOZ^YSB&+x}2{<>%7BlKcoS
zzXc!X`7iWDFDdOA@u9}ec=_9m+i?TV=k9#<F8Q37-+*uR{3m*{IgRUHXFGkB#tj;l
zu4l}+9XH%d`EhLTGsf-j>voUp?tc9f`OF~Y-St4vkJJ;1$%oQ2*SOuk-Mn#^;t9{!
z(37U8HqYOWS*`vwkEiZ^w|;oGzs7av!xeZQrzR*{qxp>U#%*WZu0w&m&aOf5A|4u`
zem8FGkCo5hGr3>ff`>j;gL}W}6+Cuf={)OyqWNt0=5vDa;_<*bPh>qGz*D$8PQJi1
z7pZ?4`DQuwS2?D1zjrWh`}4dH<@WQ{<m-C*B>BW(^}El>yox7rmLb@Vr*JpVx}UOc
zo_EJ{p5J2J9zW&YeD22wdp?hz0{1)jzD&K()HBx0x51}*eiokbd?3Es^K0<D=Xc<H
zJ)dseu7B)mt*72C3WCGeYM#}OE!|(ujN5!Nq5LZL?|AYNFaHqvD0%m}ogc{e^YZ`U
zqdl*)PV<@Sc?*1o=N*j~kK0k2r@PLXMt;7Re->Zo`J4DY&)4GNaOwK&FkW1r8#S(b
z|DxV{c@}r~-|O)3P0G8^@qU2E#>zXf&J90TPY!>C6XGSt?eQ7)<}(`4dOigY%1Y<|
zI3Dx-Wjx{eO4slC7Ch9bwEq{ppXUdCq504AyaB$~^AqtdjZ6Ex8n^48`b6ti!MZIc
zKh4X3N<N%Z-kl$gGB2pwo~Y*+<8jaD;z`eU;%U!M_>%pIyZ6PCc<`y_^C%w-%Hf57
zbUq)>32x*@^+dYs`OYPHtxfW9R6Y=2gooP6AFiwgifvXt*-74s2dba()VcD0^i0{p
z{Ld-vZ}XKrR9k+s-L2;K5uOgouVCB}Un?K~PutZDuacLiTPwef*C(IEQzyws(;xjt
z`OJRxoWwjg;ko9@yVp5y{+4{X+^xe=-^pXA%g><aRp&>_$MOK*&paV29&eT8Zk>O2
z-a&pHJ*jQV2OZ_L*xtzZ@<L_#93I%#;K6@79^7?B^&PsuWW3|K4DZ*pkrtl+wli+$
z8K&poTKdLa<P%>0G4k=BwVo+@c9HLPTxox$oorV<<-Z``*0?<{rM-N2@{yyJcjw7l
z@C3e*p3m@D1LZs6&419iY1~~848b!v%OBj2XK{Cb&*FJ}CjAHesQy$#jT>fvU5JN1
zmmf!d8lE{;egFf1Yuv8GVs9P(zzd#N-=%S5$EoKg*KgeRRBu+g{?FnG&)=jc)J#1m
z({toc>PdO|<Bi+nB-TQC_j%6y$j|rkbMcj)FU5Cwz6NjGymbEG;$1xd!?>MK=v2*z
zmu-U2cgrJh$lZCb%N}`{{9LwowQ;*{!@d4*$mhtnC%^q?<&$21zi~UCLb=AhfaBq=
zUzpE6d6M(hVZW+pme<qRcyXOiFYS4r{9-Tv4!+v+FX%~kRF8Z8@T$EUw@QoBb-o=B
zdp^y$olpKO^|<x?n|#E}hkjE&dbaZaahxCWyT%>p<&VWDdEORJdEOmg?)eZr+_H4L
zM&TViuP|=6E6ei>cYlA4d^a!uG5Od)ZPyNthm-$cdoPr`<FLm*ZSP30CyrNmKE}A6
zPvQdgjOO^s;e`S6zKna^U+T|zJ*VS)J&)m`<4f1)GUImK=*8+ki~Y3<PYq!{jJxk|
zja%;Z)YvZ{?0F;Owm&^cJvXpjx8Y&Nb&p?P|D&F<Ue8{9h35zVtNdQik1=k?4PByf
zt1<t}$p@`U*Wp&Yo98Kd;v?0=!(&kPpT<pj`F6(bxJmMJ8Fwxozg9hUYU>;Q%nz2@
zeB>JWM)GeIf8f;o+=|!#8Tk-BXOTa%l0C7Q-y`bf`x!6JXM*}4C;v8{m?*ERk9`L>
zR8~HGhkP^nO~!5i{MM!GRv;hH<L*Zn9Y7E6=DE_i?OE#eY$2a~RO7my##Pjl#=l`c
zQ}NVH<-g**`nU07f1A>Ih7Odk^t`EYyFQ60)Z_Z^!{h1F{(tDHdqQdd;Z@b&-1BC}
zZGZGB^|;^XoWjFT%iZU-{-bBC*Hh;p^;dY_!g#U&xzhPRNPe}Ke};Tyf%3nzo}p^$
zi7b@YwZoa)?Z)kTZuWYn;k!J4mY!IqwEysf)f0)7u3IzXcK)%Kl>eXg!6S?0PuaVh
zx&22^)a$8pi27rmw=iz|^RKAK9aq!v;MG$94-b2O)uF7j=j-vf=h5oQC-HJkKX@L`
z;&0*gYmi@}`MCUKJd3;Y$zD9Mv@}2TF!f|`m;V@#zgC(*y{7VM+~w!vvDZuUM}(A5
z;cotS;IU<;`8_U=Kh5?IuBD#n^3wc=coKK{c84?Wo67g5r$%k<_X=;nH!@z_@8rKG
zpTe_mspobc@BYQ3{G3`p@-2^0f5z)S)41&~knctQSv<ziA&#g2^dr@?!Rv_`FZO(>
z`Lv*C5BcgRmfl~g9HpM9=k@S$p0~kwczzZhI;pgOpm95&EUyo{>$fq*6GHW%m6yL8
z@8<av_-M};;|o3i(6}8p`Hj}$OuL!pc3wSg?@BL!IbP@F()r(tM?6m%FZOR#e;w5a
zHx*C3=I6P*{8W6P=X3CJp1*3`_NTX~-#wo?{%FmAwU>_?xA{2Rt54Mi!6OZnuiLhC
zyB6S4&$GsDPl4y-?l>$nA9S=H{$BHOuRq+2=eEhCtiz$lD4)gMb?leM?fHMOH|}nH
zvF8UIt9;h;y2kB%lG`;dA8!o)#Z&lx=5t<HJv+Rf%Z=Nf)DHE;$k!{A=ka&(3gdSE
zRZb~g&)MWNJJnN@`{_ZAlyBnY8yL6aW`9tACjBGHckuEP$j5(F-aYOt!jrgrU1A5G
z!UrFq0nTfz`E>L8FULoCek-2#JZ0R@Kg4n3=JPoo!5KC<u!-_fFW=6%UC(u1e-HA7
z-?hCbv!0KW-|yvL#_P5#-7hQgsOMYonCHLXanBEGs(Fs}ya8U}`HA?XQ%mR56<^``
zMfeWS6ZrD-(w;kA-t(DwzxJj17x77+ufP|3{w2QE^WFGf&ks0G>r?l%(sAqJZ9Q*|
zck#S4zS#2t_zKTQ;_E!0VB8*`kzRV8^B#_$x5#hx^6T)up6|pPoL;(J|KeRduiZ@J
z=KE{h_qktRgy#mzZ(=@+@z@~w0(?In43_^*&w%FY4=$Fw*H7jcxA&u%H=kGW5uSg9
zkM{htPF2h^!k_<Rxc~W*XWZ8d4T{DzgKSLmS%x>}Uwm)!|69)<dJg$p^LLL^n}$~@
z{#|U|W(uP8{7$}%ynEj;XrXb>#K$qATE^|~O<lq7O|`3HZ^x1UHdMLz|NOe2-~{rE
zz5Ho-*7Ni5<(^-KFZKKf<MudQwqM)(W^wc&7;pT4Tc0W96LmDtE6G1Ze|}NZqPX>+
zSM(Y|@~qP1^HqBC^tks!v-Cvy{lKngEgs-e#{H(~wSs*MniR#o?y;ljp<svSdyM~Y
z+x44qyAGX3XdO<aKWHf*i!Z_J;3r(Eyt}??Y5afdUv#D2??(hlelKn-dQPV2+tKRj
zfOj))kCPefuc~<L|LDK)|L|e-KY6SA-SK-hz6zg3|4sPi<CK4f9dOtG(Vrr}VWRTK
z((^d}2k!0{&*Mi-Qob?$OYrhL<;T(U4n730q{A-w2)|^q@@3?|#FKbOynw%npNSuE
zy!P)uxVug}9IslT{ujtMz!&50c~e`w+7#u-laJze;qLwt!}s71k{^jrxLZA!;Ys{^
z-2L4BL-?WhDxV;~5Wn^RvG*R}mK9an@DU@J07XDW8*Cj#y_}u*7Eqc_v~;2aAi>i+
zc3-)P8#*8=CUg)P%yAUNgrZ^`^B^js7|?OR1Y*vpGm4HM;P<Yox6VDM&ffRlZkqZ2
zndkSJp>MxkckK$RR;^m8h_|WWUQPVHuhi|0{qwuP>-hGT2K;BFGw~ix$M|h;C;lel
zMt<J^NqU|?MBK!M9zy)H#B=uliNp_oucjZ6Ph#RHU!n2OvHf!52ft6_CU1H(@uS|a
z@w3>zL;Q`zUE<q_f0ekATGPaDC4L;+znJ*Y2Q>X{#9vGNwZt>xml6Lfabx$ml6d<{
zO=ku9{4>P2e@NqSr>g(`8*s_9*!f?2$C>%O8F<|~{;UE2Lj!(i1HSK*>*+tV0e?&b
zepCZ~Yy-Zw0Y9SwA8EjMG~h34z+csXzqJ9sq5=OG;Bvk^`&)V)-${P{3h~3gt#K7@
ziWUBG1D*c>F6+MKz(tA=_936NhBSWOLpA<|=c#{g?Mr;it2NGNCR>Lo{9&z2c)skf
zo3|bhypDe&(pmIgP3Il#|8nA2U9RyHh_5F7Yf0an%O^F^-$puHKA`Csxv`!2aTflf
z20E_-F7y0{M`%58nET~Y(%JS&P5(hH{l5>e{gy}T_J^_k7ufz(wl{J3-vVAYKev$1
z{zqy$Mt?Z?DBYj+7QUAF{!i?0f4*sN;hzI8`oLkI>DRArApS@T{{`_!Sol6|P3Pej
zekk!nE&M3rhgkR$;4;q>OLhNG=ej=!c-{QGMA5-JtvBlVH+4cTZfJklYEA!Tzti;f
zZ?#%)=Xc*r{3x#DryA&dy#c?m0lx*f%yZ1~8os@ic-zA7Y@l<1Q$G)fHsD7z;G<DJ
zog*9Cdky%K27DuMS;sa1spr|)g`U;Wev0kS_>*qW?b3Q)L;Dvu;1@OEuWi6DX~3^&
zz(3M}f4Tv`z5)Mf1OD3v{I9@eK4)&z^Rt@#d2hFV9nU(x9)D0n`$HP=MGg298t`@l
z{>(L+|9?q7H}})0qP>jkb$`|4qB_}XqQ8di-^}(#&)G=)+r<Bq^K%CAFa4LM{}kd|
ziQnUI8lU2M7XYu5Gv>SRx<j`&-!=4qNZiohLHdW@soVdV-+dnO2mM{+FD3qR;Bx-9
zzPCsr`oFE#8`=J~Y~N=4%ZR^wpTiXLPn@{-lTMp-9>MmXCccQcng45n*NykP4fszQ
z@LxCJw>9AVc=g|Xa07mD1AasUJ_KC&sysl?kG7_^T1PjuU*3SPZop4zz_&Eu&uYNW
zZor@2fM3vnzX7=L&n;Zv+qv#<X=r~1+qZtONVPP2+J_9C?`vFhX{+_|20B+Y;9qXQ
zZv-yuGJL3BmzT4jKO}w|ai+z$enI>W;=iIk@MqvM-nP~M+u8orkJR*UBK-&Z`nx}W
zgvOsi{1D(m=Qz^YN&E=5e;Vm*ChikI`!G%C(Ucp@fY<G#4Gs7i4fwMf@cll4oIuRm
zSx?m8HFl5fXfOCb5;uOUbBW(T+}uMiZlFKjfd6v?{;mf6$_D&14fr(;_&0%zzI4^+
zv|hT1^Z#w)w-7ga)T<|S`(Il4cN*ybtO5U11MZ%w>Hoo^Z@$~UTKCiR=kM%ii@1^7
z`vmoT^56!1=@!kO>u=ICa0ut&kqzyCl+@EVcI*eAp!tW}sP$OTxku~3)+JYJJLh`R
zcNM;0>tcS_jO)0D@8%8o`3?9x8}O?d@EaTO|7gG;6xPqfPy>E!1HQ5W-_U^nQ-l7t
zrJ?;c;39u6vF7<~;;*;xa~kNppaK8OO3k;&S^RmCqW`eg3B-*)@Wuu@?`*(7(tuyx
zfPbR_|4sw`lLq|O2K+A#_&yEyo&6f{hc@7kZor?=fZwwL_ZskHfr~sJ-=O#DW4Iqz
zHnd;YfS=xg4>#b`4fu;1a3fEiakB2Gxv#ytq5WkI_=g(sD6ZeXS%aPA>IOQdpKm?2
zU+!Jk(Ei&E_)QJ?&l>Qh4gLRJL;F8B;CD3OZ+dF|{M-lM75@2BN00Y~<e!H$^yjb!
z{OILcZmhQC!(-51&gJ!%Jb6+Bon;O9%Ny{x0e@cu9yZ{|H{ff4%ly15*Yh*YgK#tP
z`<5DC#CbcN_&*Rons`P$BW~=974cofFJ}8^5#P7c^dEPB{SRjYS9<IZ7b(E#;k(%W
zsIztZchiCNVzxhy?M;283xU_^pRXsK6VKIjUdH}h+R*-r2K-~B^Ze&%I+LVxbwm5F
zvHg<g>h{K*{N0B3KW6(4Y;XKrzaoA;apOn3qk+!78uXtBHsB9yz!x>(Pj0}&2K@L2
z{KN))Qv-fx1OBWAe5wI|P6Pgu2K-{+vR@8*fnLXxxR7sYX#cJT{9~lE{Uw@?xsQLU
zq5W4IaAQY0?;5Rd8#~O64efskT-_ts-srK0&c}%x{pZ#OI`@7`{r)<n0e?~henJD@
zX}~9d%lyCfAN9N${r`Ey|An~G=U)O`#(TXruGbO&wuQgzL{0ynF4XkR{r4TDf8UpD
z{6Oya50K8a)_i^vc%A&Yj&yduQqwt+bbip#{*Mj#eNnJc=AnF*reoyoVZiIY`y{qM
zm+i0Ocb7J_Kb7s5zFN~a^VtC|^LY!$Yxr#&@$Xpkc{cGyU()=E&Z+-x2VU3DiyH9v
zHsIGZ;5Rqmw>9ARK1R>yD_^I_%W_Ap!+_WIGi<<5Y{1h7+~{N9czypoZ=a|AjaK_5
zuqO*Ye24f9*Z29LBkMKs4L$#6UtdW4IO2=g{&mC`S@;&jWeJ@v#Esmz5AXHcEc|T^
z{eLg%@3h)~sG<GUz-3$yeY2jQmF(wriq1i;>lp`S`t!|(xV4)b=>K~Ieqn>2c}jyk
zJfq>>eNzMdpEuxtY{2hm!0&x*J%1k1fIqweU)+EXHQ-Naz)xtvPinwVZ@`NN{51{u
zXahdefIp`Je{;jSpWo2_6%F`X8t`{D;2&(jKhuDJxdH!H1O9#BvX8E~RPUp8+($oa
zX#d9s{BI5TCmZJN-VOJ%2Q}b_G~h=x;70+Maouv69@n#ZP(2N}$gA@xXN<k^1maf_
zU(fcN8t9+N_J@44-=299?CN#rLZ#Zne)Xe8YKHGe`V+*j`mx5(p+WzghVQ<h0lxrL
z<$ko~*P6~fNdLly_HSsw-`0R%-hi8PYWw^3JezamqYdr92wc|X^=u!g*=V(z{Ai~A
zV?L<qoA$;Jc;0XHc=dnru2#c$Z*IVU(}4ep{XG7o`n%_|pZ7tcP~G}Ir~yB?0Y9Pv
ze_{jfH{i!L;Hw+((;D#627E^Y{`>~~9~<yjHsF^47k>D`)q0*!r-AI94edYDfPcOL
zzrF$gQ3L+l2K=uL_&&$g^TPuh@PmQNcz^v>J>DmhuMQ`E(APA+gZMu*&^e0jvm15$
zW7*y#{#N2oB_0vKiMX*F983K4?`S$dW&7iaKkd63e=Ft5(}CCV|HcM9ZNQ(^fWM>x
ze_I3okp}$g2K;Lc_;(ucpETgVZoqE?F6(>hkMz7<$a%Yy_)mYV@xN0sy)X1qk=y6}
zc9EKS{ohvWLBuDB8@ur##Gggn#HAn6px+KP;86p<qyb;mfS=TWpAKBk*+o1b&ABkr
z(0+RZ{(=Vl!Up`G8}Q2;@Q(tQ^}79UdR>mE-R3I|?Z3<RPrXC8U(5aS(}wo9HsHoj
z{e99g^K)lI`v)|{DLt$KKfD1yvH|yi%X*z^*{h>@+HW!KIe_CD+OKQCPjA4tHQ+N1
z__+<ZEKi-hdI{Rgx<BnJI`ZfB+^4T2zUczJz9(^gFD3qq6E!}?_8%gC@J>zV=ftlj
z{^VP9dt-;WiTI)wk5rUTy}$mz&{Ex>Wwfgt$?q;D{`2cJ{b};&sl?a3LDS!tcuxFz
z)UR~4u2$=8;{S(w{xPI~4)JR~rs?d*{-00$-oMrTJfHY0i4QSe(d3(4LcD#9Zhsu<
zzmNF!%QSA{lYdM6vzO~}-J9)SQR;bk_un+05x*Vn@6mcl>)r3By@>d|m+AIbd7A!t
z?B_#>-*S}3e?S4clK7W@tm*UlwAM!AZ#+=X!{<r=G~#DIMB^q;sw95J7LA+u|4HHx
zWnPcz|M|r4|7G3&7}9?g@$0{?`@>~yT}J#IuA`Zs_Yt2Y9~wL7r->hXil%=(>3@az
z%U-8(6EE~*;!oS8adW=hO8l?v=MvKSEAclIKZE!^;Qx|+^cdz(Z6tmG@vpo|(<j_I
zjJR!&J&O3rY;W?965_ArJhN;}YZ>v!{)?VB)6Y|hKWawf++M8-;>XagZsHGj5s&Vt
z`}rU)z=gnDEmYsRVzKGE`tzUJe!p*M`o`|`5#kqoT;s>{x4uZ+w&#DF_yhi;`P0~q
ze@OgSuhsoAdHsJQ{z>-V@Z0@X==nd1{V{n}hY`Q{(VET^xbP1?O}9Ue`^&^TJ(2CV
zOzHlt=fU<q;%BfwhJU_D{CVp&{Y$y;zCrvW+x0vg&3X7a@sHCEZ|n?zARba*GLyXz
z;xUA;KDb%ae>eYOf8twtuir)d5ybEJB;9@mC+JAxk0k$(v;FbJ|K*3e{dVFV;%{bq
zBW-pP|2*Z@``G?D#J60l>AaWtONoEq;{S_@|M0WAeZY<PM&iH!y`F!QA8`fo&+pLl
zY4Y7ZNBmUYi(f%H*Aq`TE~Dq)Nc^VjH63He{v+`lC{Mug>VNk<LC?RvPY)(;+f|Mr
zZriJmB7X6|>v27rA9yqI>uHxZeDy)%e|dtQALDoaSK`|#XGYl18x3yRAAU~!tK5&K
z{^4!Jull0y&sQF-3014~c<ub<?ZlUVO3z!!@4kTeHH<el`{<R#-||k~|F=*tdNc4A
z_<8)r8Yh|7<!o=qn|+LU`<c3**V3VT$kTN{e|EE`WB6e)@vDBR+b`pOJc{^4qVWs)
z;bVv&`3X(Oyo<4pc=^qKKKZ9ge|M5{!_31N+ZQ)!I%kvq4&s0NFO8e`gI-8{f_lQA
zd4c&c@f)e<a9LWvBYq6^BEu)Q6My`9n*PiA-TTo`cPRaF=Dc_~@mpV|$94Td`WK!^
z{J1mq{QQ)3Mu<O~>%M~cImCZ;pgt&0<2=8R_*1!$jNkUv#9#77{oO~h{riZY_A!m0
zO!}W7evKvPzeM~U)JuO&IyVsi9Q*km(m5abgCaklf32qfS+@TL+yCKcJ>KKk{`bUR
zY2_E(L45jl-QLvM*q8Z1%lFgse<bNYq9JeS$;6-X0Nvi4Qwj0w|3%}+kj`@AInSN*
z+0Tslop00aO+N1k@pCC}jo)WG@zzsx|2L5S1;i`r4<9D|*AagL^#@ZI;{C)QcB`gi
z`u_>ycHGq0iNA>bG5qsA;%9xDd`O1=Iq^$A$@!t&_ycg!Lri`>yV<%Y{d%_CIDq&|
zpQ-75fWPnv;)hZmE++nD;urEBx`g;sh<}TGcscP^z+0{Rw|@J(MMU%;XR!SR=j-o&
zi2s_a_WKX?f12$-@i^W77V2FuApY-^C;M}~UP1g~_Q&YMZy|2S*S&}Mm)@%BbGx@b
zM0^YR{{r^&TH;4pe*EteKm8q=&hOa%$Hf0i`F|z*e;e`R0?jA462I44y&rG>o~Cm?
z@dpt<|1}!Ff%G3o{El6kPmJ92iT~s`y8R3I562Pz4EfWX`)i0#{6hD~oC_V|Yhz94
z)zlx(CVtF&H9p4vJeRnw54@iEX}rG}zyEuQXDc+Fw{RUlN_@-Jx<9uQf8;tnKfgOi
zkM|$=-J^)NW8L0i`=!LM{G7($&-ULY9xv11J(BbMBjSHMR^wkKom+{2i~ZOCij#W1
z?$2e{=>D8W`iB$$9{mEZAbuqA^G?$J`8Y2g7ZU$C?=O#I`_~eGCBJLzw3idVnEL$l
z*#5J`?K&#oAbyQCZ$Bo!FXfx=Rjc)T;tzbT9@lkdBb}tj`;AX%{9JzbLBQ|PdT8tM
z?=hON{)feEe>(l|Mj!Ku|DO8)w@GIe@zd7m8NP`4X5t??UgIy~x@5%f%kypx+m8{y
z7sq=w@#hi0i1&2EKQATziYqkzpOOA6fwx+-^+`yk^$xZ_p7&x?Fa7<*?;t;zeqKxb
z_gqIkd#%=wh`)#XDB%ZwMSMH$15YCUN8-m)KAZ90V}o9o);7I@8_8GOiQn>gv$C4d
zONjsSOM1K}PU+RePyD3r;otb(ONn1eJ>(h0uOxn|rO$kh_?9o|@0#=UTf~q4f~LQk
z^ZaY#KjA!>efpoo|NTzg&rk8YcM!kVulvV!_(nYs@3-`#qktc=&;44PDfhVDTNBU^
zkAVJT>!mBu{y?<f$~pk%9`rcOzqGgcc?;VgY_;DmINE=W`sah#|K|{YA@g(1z5YeO
z57_6x)|L<GllKI+e=Xa;hV6|%`t87_KhI-c-jrDv;D_&XP-_e8*cd(MI?}oMxq3d$
zw!R+t0sB0xwZCPD{|Vc-n5Vy)^#4r!W%t+fpK~4Wze&D3nCJ3H;4=RgTlw|dfy?~7
z_364lN0I(>flGfDT}OE$+YtYIg~AVPEqbTM&HP+S{F3+g&)Y{xe;4)1b2OROXNmg{
z)ZaCF+82nwoqFRC+g~R*`u{@fzVj>KGS638^Zew^dR%SpyE91VOR!_8^|I_CN2C1#
zpmU`~=R}3?*IGn9>Z_!)5qRA^SEO_82lf1zbw6!N_vdDwFK;28X|$L5Pq~lY&UHMO
z_}S0V^JC(uUrhYXr)u2T17Ah_Nrz~D7$yBHi2w1W{p~+T{EZLQxS8iK0~h{3&syIb
ziC=uBUSBh=pDP^k4BuO%zPN?oy&ZVn{5<evJ^yz6^Wnf{9?qK7a_Lc|6A(Z9Ks~Ob
zIN+Hrn$8mHfe|;-TDIS^R*%c{b6>;_%DUU}mLDKL*mkqiNau_{>+c#m2c^27Q?wfx
zeYKSK;Lnw`yPADEO*)UdQ;+Kwj_YXH_oP2>eV*>;BI3_u`>(&HzyB{GZu`GpLHsb<
z>&!Y{COG=@UdxX3DdOi^_`d-^9Q*y2Piww4`r%VMx}Rq<f5*tl{ZG;JaH(Y{IfVFf
z+Dpy+9EJOljMu(bei`>x!R`C<5uhV{*!o~UzkTv_{oQj@JwN7N@D13Dgn#~na`@ex
zPmlfiA@5Ds5nm!W=I5i<JZxtB50C2gTFUknaFL(qJwfwBLHzkVk8FKr8SHg3F57PT
zRnR#A{=3Ip^)YVdch9@8rvF#Uf!m1R$^H9ie)j>Va=lnL2A@*@+X!67b*VM35y8=D
z|9{Z*Gtzk>@l$v%SHv$MzH?vQ-uThp0$j<5_w~#9E7|_C`|EXi9qD|O_|Lc>pGo}F
z!0Y70*Vz6aDF@7X{Zr!CSo`9)#P{X-W%4QZdxjqGIb27h*Bwm!yhHW4j34R=f@9vs
zXurCM{d_9he~xzMUlBiv_@gX7e+F<lH@8^po3i~^uGaHo_R%)t$wrOehwDB`{2QFN
z`|!J89ns_ZPo4{FiC@6>t9Xw#^6C}94}d<<zD;w^1K9pjwqHs;#MtrPMf_JE(fu*{
z?MI1!_%w}I?C0m92MV9tdgiCte)KH8j}GT|uLUmib0zuqUc|qtaLkIOcO7u1rhhxv
z#q9SVvHdO9Idv;=>Cc0nuls54gMTMJ{uPZsn+oWDki)X>PqXyK#e##*b17F%{}Z;i
z<@Qp_b6d~(Wv=PG-|`>53wBze|8(jDM*msI?>?G!QH;HDGx2wDUp#^HHcCAEXFV=s
zXZ|qcq0EDApPy#?lcw~#e2a8mLfp1{KaTpjZLhuv?S;Ob2k}OsgZW%(>1iJ${hKb)
z{WRyxzXBI|vdEGrH*VGQb3Dhji2b~t^xtaH|266VyR~2T;d$}iKk4s2oP4_<@pEp`
zxY45?COG>4C5yh#_J5#WYUI)}#Ghg9yW4oK*>zx+qP_6{d6W;^IIgFYPD(l_5I>1{
zbdB!kKePX562E0kucOf?U!dq8*t*KvN3Q}d>vh$CXt_5=`fnCG81LCPX*#D;kGh=n
z*AHv_Fz%PbpvMXw+aLM~w!eXSd2b^9&l5k2enVp)`zrB2@mw?ayPpe={%qm-W#r_&
z&cJtpUvJ%CI>2Qgeb>5AUG~X+Fwf9FEPZ|}+h5LgKcD@43-^od=bAu!rH5S6f8L!Z
zbkLs<TYT~+(tk1IG)(`WM18>aZ@!ImerD166zLpHeqP0Xeu?-aj@A6|dg5OPF8Z6D
z$Mm#Fua}*F{e992$UjET{2xcp=jSMYLejq-?PcBVd44eDv&@4npBDp{`M=i6?}*qw
zI7Rp0oKwpL2mR+fL*pU&{L_%1hf92#b)KHc_67CxC$gU#N&jN<kI@Gv+5R7>KN!9A
zT;Rf2$5F52XIncl4>Df6e%E!R^H84SALDnw$?uMH9Un^kHnyMQJr~b@ssH_*?Vo6!
zJCAs#o`<u@KMyCJ#e$=sFDHG&S69G}E&a6Z=O>WPFKNd!_xev^K1Khu=W_$w|B!aV
zhw;0c5l<rY?RcA0*`FVfKg~RUg#EGY_9f}Rl=mh>|19En@_zIbes?EuS(hzCT3&sM
z_}AF}HtKce+`O51ajE8?LrnXp=>FU1)X$|o=<mb%H23R!;=Ut%_~WBB9h&i4_alDo
zLp5&VXC47Nt+c;`@c^&ocMoFwFVbFQ?z4|3Zrj1yz(vk%vE<CLz-9hVrM<$~OP7<*
zB?syGc?uc#S5LSXtfdg*MzLjoPM7u=Z(#A;l+XwM2lBt++b<KJAa2(8Fx<Okysx7k
zV$MOI_zKE-!=DN9*U%n#DEo5)@jp;c)3?r6YrWv;&*hdp9AW#jEqmP*+uL@47qR_8
zycd}B<qgEIrC-4G^R2{hp}uPF@9!i1^R4^T=YY$)*!F}klg{h7f6czTp7=%7L(DmN
z18~s?j-z}t`tVPrJ?7!T)^~SO-?r_^DbE)>9_Dt?k$&#vK0Sr=zaQ-w|4zO1<HQ|L
zudi*-Jb>*VaggT!C$s(g;3pFLw*Tl+Y`=a)>kkiP`!~g!{&vg0=Sq8w_xIMi-#Mn~
zpFp``<ostE&V{G*yZ=VL@koAmWJ1%i_t7(Gm;3w~dR+g+_M1RQ_TwKcd)GGLGTsem
z>h?zd>|p;tWA*<uo+EbM$cxy1IrT2%UwE6~p#K!|t=V5!5kH6WXA%4PMdHuod>Xm;
zb<#iE+V4Llex`;0opf&Gd1}tb`)0a7_b1=Jkl$TNdyeh*e=ys>it!{{+5S<2V||}&
z@$*yI{z}@nW47PG_FuNzj{&bcug9qWe~sst+1H;zd(lH~p&s~4(!Y-1{ZHDZmk@u^
zxE}9m+!y9vd;|Nl>twy|pJsc9_ai%Q=O?6p@nf}ozMSp<gZL|HPkR;d|3myQ$7uRm
z+ibP&!~5fTwA-v@`$qw<+t*K!eF46`ANlsBZ2uUXQ_|k{hwc#iSeKuCU+>e5=g3a3
zuN{x^8usVSf7k67^ImWd&cA)X{wwtX+s}Rl>72*=pv!(fk@s}l4)bBQ{|WW{m$SVC
zzp#wU_B($P?d$Z$FOtrgluKuj&Uc7EmUb9(4&F@sIlM2JefkUHS6TL-KLHp0>QqZ#
z{X6hFd)GU0Puw5<|2M`du{*7U3(bc|Qy)H_|M0p*<JF5apX|%^dKBCLW<Skum$3bD
z#LNHG?Tugi>BQf|{chyO(9wE6?K%VN*?trCE2A%+0$k3o)@StzehKy4BRD_yx$_yy
z{||B9jXd8*`k!ZAg}1T)&jv30{bJU6ek1Xl*#1P?XN+F-7vi7b`aX;8?^o)1`yKVV
z?-Jji_=l;7983HV;wMlJn{)HA#Q%x&rguTB_0?s1-t748qoh6hf0A`BJe_pDc86XU
zBj+~|Url*#<k&NaA5A^;BkboE;7Y#H-(=+57;xc#n-4D(I_S?vOa5O<`u|FQgz+z5
zLHruZC5PYrFmPFy_0$iI{p7*4Yh6FCXU5opA4hx{_fbeX*FtZR^X@IQ8`J#I3ejHt
zdLOs$@4HCndk@omeh%qeAUOK7${N>Yz(qdTcD5_n{!r_D`2y*0qrPPL{2Rn4I6p?O
zyMg$ML-jg7hW)t-xP14*uW9@SD$uvG{r9P7n(^KVT<QPJn>c}V9tb;_(6Qy@yH3)$
z9slq!w3qq3i1dy9_T`9E6@32_bbrh{JB!)=s(a}9+(mhE>DjvdYck#5=tZHl$2>da
zXLFA`g>=q4Lesey8Dflha!-vvocOaz=NFuRh8wruK>XjVb@?FaTxiLkPZ@lb?&let
zw;vFH&z%}Ka^^(Nn;qZsOSXRn^}4^1&aK41KB@WH@NH`w<{$H5+YQzM7kPLI>uMT(
z{!HL9|4-t%e=zBn#J_)@?x#n5MA3mA?;TpM8h+R%?eX2iEk1uO>0C^I_j=OVMg7E%
z?|nPlAIEW-`S}Ft-_xT1ZML`lwl@KndARcDdVP&tI%-&tcMbJ~b?nb^#6L#;T#vfd
zS_NGA+&=HlWcx#@pTCE6a^U+zzL|HF2)D-B{u;|Kc_HHp_WzJxk%x2RZD;$9_tE{o
zk%V3ZT>4|n`HQ7J#`_qHKi^I|n-11=E+U<e6Mqct6{isYD)I09S<k=+sYl%aT;{X=
zBu%GH+<%sy&r9g{e-r6^hW6NicHNf|{~7L0!f%(;o^0$7N0ZJ;#P7%UONsxO{eL>~
zGX%fq{aOkACWikDw!gu$r;QPR72gpv=kmG44`iH@(W9PE{0HpM+xgv>2#$GJ%6G4f
zK70||U-L9QZ=d1(yova?cy5~UUPe6Rec$-M-VgkMeID34_r033=89J93&892v>SvD
z`tx7bIsR+lvR;drzxFBi|EXu``M=t_Pb~v3d}Yg-jcor>$^oN~oksj8w0rC#{fhVt
zkJs~H&gGAusK5JU?k{tX8)y5i6IzbFfppFzehk;~0yF=_m#)+F58}D-<0r_z+qZS`
z-!;zWt&7=y5#^hi=QjYC@!I)EmjPFHb?dzQAnE*u{dp!oaQ>to*L|$>=*7ez$bDhX
zsXyT!A^dOq0Y5|f`_unx{N3M{{@^$M%6pU97vE<;ud?iNzXUGhvhAYxr5<SKIsTsC
zeHr!e^Ej^CNXNbp-h+PLuT%dt_oIgpe+}>B=KMVrxSTuhw$7c)d5%Au_Y}idPZT=f
z+wWWaybQRE%k~$n<#(S;y>37D{|m?K_ICd4S!{nK;~7q7`yVaW?d`m|?QH*T#zUI>
z*9(Y$^dXwxzDPP35cfGh#y|dc;&+h$k7WDz2#)do)sowv2QK5a{psIk`$uwq%s#q}
z^pAU-md{@${fCX}`G2+L*M2;3;lri$qZz)6iBIzWV)n~g;L;zvj@jvKe**1q|3y7&
zEAewJz36PxvHdB}XZx4Y?_=zoml1#0+5Ph2lcW=M^!#7U@qUH4-Oo|j*<`$SywHuL
z{}=j|%zWNV{Lx%Tga4U!PCM@OFKi!C&YSl4;CW~F^M1hV<oTh%_s2Vfw*GLRwR-;T
z`2W{~Z$;mDJmWJt4Xs7|?k}l-9?pMQLVOAD1xC+bN&MCaX#V*)&##SwgFnxpeaT4I
zpYy(8-y>4CpS1Y-9MWG(Ic)q#FJSvOu)X2KOW1zb9eUm0!Tw(XT;$24Xvd)VZ~chv
z4<f%A`{!>}`vY6IyicE}Cy>s$OZ9x(dFyXlsrkgtqr9E;ZF}#&Vwc1GeAALwkE6Y=
zMZSF(zx&M-HT|pjPUsQDm$Lo!w5J(A&Pl{$>Z^vYGT?H*zTUcrP5`gttAE+3zq|h{
z^o?c*_vs5sf0%OE-0Lp_F8YI=*Yh^Ex9b{RuD%Pus@0!gvi*mT)ts}E<NYJ?XVcHV
zop=lTRL<Yy-t}08nDsh9;SX!Q-8x5(<h~AQSJB+kYAq8S{r~BW8u>fNyGHa_$N^iQ
z&q>FQLwFYH*!KBJwm*^b)9j-c02lgpJkl%J{vWsKc`$y5H<11Vt$WRf+5TRPhcWl%
z>&ZV~qCMH1FW0dBeJRJxdHNmTvW{D54>9}8=lT0RzQc74=YIw9ZL~X`NPG=&8JF$P
zz5FE2SGJzN8STZ+v)-~djtYJBXNe^rUIbkD`3LmN8@>1Sz~#I4egEA;2l%VVw`Scx
zMEs@H2MqsQr|9EdFssh?&1`=N^;=_C`5AHBpYj{xmoT2$=xO^<-)qs1@nFu|zJg=C
zr(5!25pd!2ODsM=gL;}>FXAZD?^u4ukoY?vtmXD~l-ny5{exQHvF7tMX^;LKX!U1Y
zwa31Df4`i35$P{x9q)0D>rlpjdbZqP`!_s6^SRNJ?|iymM?2s4wQPSg?`5Y@pud@T
zi}x}kmwrz=c0TXB+5XLzzVQLUG2Ro&Z$^H8o$bH&e%;TLId4B8K2E#eQ5^4Yh;N}k
zXa(_m&`<YU%kKIR;{W(pP2bc-c?57dzfQ3B#oO0te*QD}bxit?6*}mDWbK#ZNdG|U
zClqh3Q;FYrj{dI6e@{v0UoAS%1ulL8d!JrJI`4VCrlX~CtMxYG7jRuxv!C}`t^5CS
zEC2W1Z2v{t6CT3$R}z1~Cp3L?Fa9)e+3&Vp<qO2^IGNUDJ~{0S<*n_*lhecF)l@MQ
zXKtRAX<W1uzx2x|=UZon+U-{7w6%_#kE9cwY-V_*C?_NS>7|ofy(N=d9j_>>bY^6_
zvppS|DV=Cr9yp$xd6}PwaTR;X@>ZuaIWslg85{4UBO~K^XKLH<XlHn;Gcz_don|AY
zd?ir-r2p&0+tRUOq-67Qa&mkUgxh`*MTwW>Z9j^##0TNi*82JQWa&*zPX=x=IX=-D
z9_vhuq<Oh`^`^zW{T>=($A^Z{^PwSheeudoi$T^&f+CDPCoh~RNS$K&kmE*fmv%Cd
zjt%E$4UcVg^pBl99UB{;M(=kFkKuQ=Ic3{vJGmdEUJ(~jzPz<^>C#TQGcPBmJ8FPx
z9=)(5o!Yc`#%(W7r_>+Pd30!O7dkYyOF9%y@0ut(!$LPJgBa7;jzX`Dyt1vw>nbXX
zH>{|mRE<s#4J|9P88tW$e+8YQomWm!IbIx~qXGIS^X(}*vkWk_T&8)jbG0N>Ck)Cg
za=j!j+hLaVFNM=?53I%Z(avZ&IzEY!rqko2!}-wA%9(O%dW`~CkEg}TnRK#{8R}^|
zI+{-OHCzKgrip9kCT%|t{I=tjc^2lvYlfBlsa<2a<1U%Z^{nHU64k4zk?|dv6}QaG
zvI?ClE3?1}U26zVFfatgp+iGLSNKQK?U}!+a&mh)IW)9U{iz1h-CaWy>D1Kpw#o6C
zt=oo%*3bTB#grKhM^wgnRE4<{q;8bBez6-PN>ks@@&6%y&B>k09+4h??*^G?L?>?>
zpPJr`ajlp-KF!Z6$Mo{-!Kkvr_40NamqnR{enA#gpPz4?oG>pE#|iy*62!S5TcdIZ
zS&gI0$45rW9O7+k3Y&j=vcyhP>~#Dl{JaKyB)rxznBlSUqU=mftNpo3{<5l=TD)}e
zOz4{h0}rLH+m5^>@||{EI+<p_BvCtScY1LmD4&e~U!rIa$cOO>j6m2CdmI0iM!x(N
zJt(6ntb~n&b`)2o&Be{L)8*n-V`Jr{H5Ge@l~bq8s;J8IBrLtS^!isWhzB-U(_#$l
z7umj$)evZ9Q0DCrd%2&u;|`t%yR#roJ*kFqD(S;%XlMoga)LUj1{lK&AX3^{5mc!Y
z1VO5L_utAG?JNtEAaF}RX(v%+3j>G<`?R!pVBN%Y-(k?B1ArOJ$>HtTPdG)D0E1AU
z**aQ|O?Pm(f>{^OMA>5XpL}F|YG$&;&xHW^54cwtw`k)~3*tC+!=N4Lt<ycsotpk}
z{pMucy(h5>KMf*m>c}sv$W3=gVzpC0_p`Dc<yBq<xt@Bh*~}~K$_UDnAIDLcR&75}
zeB*@G%rxe33OYrZ&p;+Q4$hJ?Ejkn9<0Hv>{Ac5II$iox5Yd?1JaDrt2;Cx0io6}~
z&KctPP7r!U>S2A-wm)#N51xwK<&YQ}Qh#)2AUTGH@^Q!%C3%O2mX8$^<HKXqin|7z
zj+RqX=~i&knsjQqoZL{J-6LMxd6YWP^`bDzog%b46A!YmR;R`%MCcC<frIg9!-uCv
z((PquvOF6Hw*1)h*|5x`cGgavDs(HHTm7OX89Z>BK5H-A&`{5^4GnElYbdMN^YO|p
z$|82-6lz}{ht|jA!TGnhg^YKe4|f@+=ev#zjxSOuu|*krQ8=i?I!cS}*`f>U%hYsX
zbf(E2(EiUF8rra9HU5;2s(<V|sJEq4(2%A|u+$0oabu}Cr{~!1=`&6~C<kSdwSzct
z{oT?2ppE#ho8(1UB~afj)^gmzu{AAnkG5K)*e+4JuHwO21$a)aR>p@t9G7m}2|XX0
zPZ9g>KnDj;&!!HNL9+3kC0642@tx9}{;SbMI;l49XgZy5D<Quj#XH@<Y@ErKj-$^|
z|Ijz{|LCLNPTjbOAtloUGS50=qMAAEJ4ELGDvp*lx;vbaJP-1uD%x1|w4G96kMwn@
zc8r_$NTX`UkspchPTa(+>TYw6*S#Fd#S{0cfwNTW51q4T${ENu{;_0xIy|xpQqE$B
z8n)S^`w-`;^5eWpAv()AOmScC7hjIQaIvX&rxsa5Lr;ekr?w;fqZDJDNx1oAL#sb!
zSc_M$U%Yq&{(tG>*%P6Y>DvQN19ivj;Ue}qbKT63qug)15W0m{@)vewwi5{HvMR#d
z_X?-d8t}q?)r)XniZCHX7>On_|4j9-YrZWV#yPXBoXRJMCvYw=72xh&-2~U}sEo?g
zYlmsZ`{Arm4#NRnoKpaE<MfH(rn`~|;iZe~&YLE6S@X-XbUHOs!~6;9;e}z<4uT{N
zvnmNvE#YVYa(X%xsQ!4ky1BusvFUNMgZeH_PP^Cz6HRBV+$koHw&$c#UbKTU^s6}C
z9SsP4l;QM;70U@qm=*e&!u6bi36=$)Zyp;v-lt=$O;vN->%IMT%_MhuIl61f&aWI9
z&(dC9#H-vOto$;IGp}?-zT1W^C+Zi4u{SU~B)+|b(FA(ncxM<AaA>G^LjE7`DkFoc
zz=M6PjFPsOmWkHAV{Nosz##VQw8^q4#_g;sVR*zf!@9q_?ZInoomf5D7;2WKFsCUA
z#2$BVOG+xu8aukbaTiQG^&)=zB=+IZ(8==0nwjZxXYZCTanlR3BF!@|FT+ypt%b?z
zw5mMZX0x!w#Tu5N8eUBLc+qVS>K{EjwO<`7c8&GeW0k?#99A=K#?x*zojgk!_+S7;
z>j7BoV{)_&*l%zjf@Kir<ci7h(Vjj`P3yVZsQxtbG&EG98LlM??Vgw-)nE~XwNq><
zeo=XrzUAVkXW!}P(Fyywqkj&R6sl&%c#T`3m`YCfnW^D(N}L1gl-I+}7O$I`o|w`0
zg2gkQ-1K4N?&<<Hb2ZNtQbWL)-7t-#%nNcKrX-xzyTLN;96k*%Dk|*eBJ{1j<qfh&
z&oL&}4|D<@@UzOzirj7Ic?o;BHR&L4&v_4(-o;BDH;cSBTnlB}b%cTYyccu!rs!%I
zotf$35h&=rl;MFXvLN@ucF-<xZBUf&2F2J-t0bxNERRaBonrIar-9qA82f`a<$g)u
zI|x5c;;PC$KXQ`FiLqD%)cw90^9M!a)GpZeA$v;EGObDSs}Q0cUXU=wFubUL`W<hu
zuM1FdDP-r8C0*Z6%_cAcW0u=v96>PKM4lVCX<XIZ!rh>M7Harr(8|&~(Q%c8NmL}F
zJ;E7;4K*;)VgDxvRm!?EsP`L1p2BwH1yG+Lv}?c7uQ>QM-<UnDrf~Jd9QSj57JIPI
z!T%KHZkA_t<B0pmF}PLxZ^4Rf`acrEljW4L?_^LWQ`;N{Lz%t#Ybiqh;~a$iU#fpN
zSv;i_FEP9#Sy?%LlC&c@9+wYAk)syiZrH(DJ1YG&gn2LYeYx)pEPekO>JOeMJ<_ea
zEF1Oua70;9C8_7b@ag5T=V{%$dqctPZeY%+_S#lEb#bY%kHye#PDe;&ukFPy>{PG>
z_=)e=sHI-NsS0Az{$|fG#-~PxGaR@1_(WN39!;mt;y~J20$l?}n53-y+_nA9gBO7w
zqJ928EPFL<+|5-ORPdapzT1W=F~GIQUIfn_g!(0Go$o|;y|TZ~-nMI1F-&0UB}E2%
zSpc;&O|#v(ZM!f{MoyFlUffRN-Ez2QvEyZK5(aq~MoFZVzb;=SgVWihyfjVo==cmA
z5EYDEYviXDaM;aC)--dHEG=_5s~rdDSik&tVLPx{q(@QfxsCR_5_@kkefQBpCGhUM
z)(!e9yEpE6uXylLK^&wA5GWykN^I5vZtOpBf<Z5Gzs&1~StyCOeCKpIHYGk-ZmP(M
zaVn%$8v0(lYFpC52?r(40uEVyrJSBjho>Pf<ZrO4$t9CNDQz8p8P$4eS3_;+`Na6t
z)G*>wbVv*Q_56ERZgVV9BcK{4g&+7)9Hf?jaN2`BHCb*gcXpt5Pp3G}whg0?xDz8_
zARSRxV)YYk-ZgEPjv#X2_+8WG)P{6yYp+a%S{WoxR3?7x`0d=OS;ziUJsgyY4YQGJ
z+pnBnT_Z4rNIOoeILYvTxeFGu^x{2^#wp@5FN(+yGuUttk0j?|(0`Ec{jTF1em|Sf
zW5_tURM8*1F=J#IxUrxd<rQpSxCB&|7>WngpkB+v++P)&{Z>SnAW8tX^Of>bkNk7<
zJghPpN*#nNC6%^r%u3%H-KgPIZWyzQ{^}T$zS=44l~<vs4?cA7q8(Rx86$2Ys!`dz
zezmY>rIqU0>~35=3^$?#G(hr;s^EoD5moTU7f#~E+Qt|=I`nB!Pllq_bzF8S4P57I
zB)JL4sIa(xl_fFuq6Zg3|0&}So^gF9_TzPk9s3^RvLe=S+y{KjTg_d-n|EI{9hE!N
z>FG%o4AZN&r*4T!f(N;sBvD{HK5MkyUgm7D?G1Zw4+r215A~t)gEEOQHp}834xTOZ
zcrs^QsQq&n!bI*CE@IUDC@k8z?b*kgKO5mEPMqC$R%!QGApsBKy%xt=fqlot3)9jG
z+yHt`l|zgns4$9Lf3O$*dR<*F)HWP+v}EEoh6PUDl8mFNyO^dIrQ^nk!3o8gowON2
zD0-EQIUZESxu9LU&}?wf0=<{mb5Q=>DhP|LU4}5bfNvKZlLxgDp=+_@Ah5^76{3Ip
zM1w-g?ys_P)^>G6xfNQ76+S56i(n@#1K40y4B!Bp1cPhVe~{M5Y_+NTbjEtGw&{JX
z84xpxz?cvo$fBrRD5yS`&+cBJE;<Xdpe7OSO%8m?UWM~oG_L__PTz%jFR0|Ra^_T#
zI1+R>tCAx;*iTZ})Lg%G;K}b_?PO4UYPt~giXonnb51RHhX;!sI1M*Q&%?FY;x^bw
z>>I(}cJ*V4vm%4(2}(}|UsEVYqOl4F${Z1>E!`6oT$Y{-vqu=U3$O$yEr@$V4lT3t
z!1<*jdQX{znye<Gy+eNNz?rFntl?P<aKnpXX!jAt-Lre6$#h3&dzm}QhI9w#c@t!i
zidu9+$S8???NsBFor#&LZ5UnbXQ_u<G?c`4<$Kx{t+{nhVi9S%PBD%c9ZeTT28P~&
zGPbM_(@7X3%shZ8P<Qh#Ohck)0doiHLF{`0%nR5pVHwb(8n$<Pl9vrnAsAi7bu$**
zEs{3GoA0J&h<N4R0}#uStQg0sJdF#1H<98T-WDSMEc3#mfHF}<1=M=5N2EiyVT$hw
zB=3u?=-$ElwK9a5TZ&nr6gGUwsStF8U{bGwyVRBNANf$AM!aITKeP!k?1l9y1kWSL
z1glxe@?}{HX#}f^S5`?>b6p9PCF<@NY8WK#0HHrg97JhI2k+fC)Y2^^Lf9|d7=}vQ
zgqZBk89Zwd?K3aUDP;51ZMP9}ji@d-F~sg+OZ`xtA$xJAd!$tqhPdTJz&n0iISkIY
zdp?ETn#V;2Q!RoC0_qNX@ly#RS;vr)GPVo+3rj6j1{_+5TM6Wrx|jE5-^bv&z!_P3
zVGtnvDdFDSdqSXZXTmI5!nNpUj#z4f8sloHZpwReW_u+=89Hf!$lF-76zK43X7xQ4
zvN^^LO<bu{iTFt2469<S27;`;2tf)+4=QuN)VHqww54!dc_@P!i8c*3%YPBsi5Oa(
zd<yIA7@pqNnI4`VksKyu1hsK-Y{z+kJG00qh{Jx0`h0eLt#cy;WQClj-dHKgB^ZEL
zAo$*mGFRmMf`30&-N;8p_#;yyXv4r#;O6BbN^!wNTz_~BXXbPVvn7rPq$=Tdf&>ns
z>Li7iA!keZM%xU#iS*glaJN@i9J$-{9ysb=qLYILPB}Ph{TxbF+Xvqw$Wrxu0q4Hs
zD7{S<Wq3^bS_Kf0VGO^iQ~I=)EMys+P@jDG?{JZdV*%8l(BuWO1|q*grdIE5s3*rO
zR_R`y3>M^K3Q7^C4ZoU{ZUi$a)MvQ0;B-<0Qd~Lvt2j%MD2B#vl~f)=6yr9cHv^}q
zvFJz$m~%Yjj!hz`u0lYdT9kH`AzLCx@HJe`MisRtEXvb~G#{Sc)fvYYsB{)n9^%(3
zToZD5$z7-Bq8loc3R1GP(PQCf$iQNA?;&t`a+ir@kUTW(OQY4t)04Y8vNbUca4}X$
zV3YJP7@dmVos7$8ooQ#@zIE@nAnzatEse4$giRqwC~wWdrpzOOR$_WAA)3m-@EUj-
z`ej-aY2k*5429uNFTJm3bIvThfnCw|{Ui*tFb)G;JhI-vOnf^~3MdAKv^4m&BAjFe
z0$wA{K1sL#ZrBsMqwODZ>s8Xnf#Qrzfw9hPzyJs$6`=^r6b@x1wI!~OgNV~fBx3GJ
zCw!!2P5UFTn<a?KPDj=v*U1+tgx_pe5xnwV8_6uNr0_Q_w$~e=gAvH0<b_NZV%MV_
zF`4>G=fNrOw%05<wX=HN%FgQLCof;!S+Q#MrsW&(8_=*_XkkSHi*XtT{_>$7-yMj0
zV>6@P@aROK1AXz+h!R8kF4(tbvZA<rsDGYuLM4uMw=!f2rtlfU{gcD^q;GoCtzhG(
zC7YI`8^~hx5HXaZABdf0bcVDD(dU(_rwB`M3NW3Ekd!KD!!oU|%kwo-!%4bVN5|bN
zX^%{XG~2Q}tZqB_nZ(YIfNlB1vTO8`7}9x^ONs)*MSHw@Ct{OKgFk}&N{rI;^C-__
zAEtF^!I_?i|Hpj`RFWM!=fcpDI37ZleL0(YuHykbw0RjI+qT^4hUza!%}a5>DX242
zjww+JBJEt<+wBZ@`vQRudbfHo$jr)V$H`y|LYgqeb>bs?&VxH6N;A0md&IRE$?C#P
zB%@(?oN*@o0RusZT);BNF%d?YNxkWs*<psB!=})`s=cz#hXx<Uc{?e@U{zJihvG1f
z2Q>MJyk_L+oT4J0m>kc+G1_*hGKnyMxUqvf`~Wk8O+&@ji3bBd0_9wGlAbs}NTD_4
zHg#w^ahAiI1F;ukNyWD)cS^mF`|XwtkUvSn<$INk{#NRr*X<Z93(eH9TF7O+D%>(o
z@;He?r=3-lm)aE2PoORiU-h{6n_934ZKUfodlY3?G1wUH{1B0vUWPb>AdNKR&Xcs|
zv}aA%@zg}RW2`f-6b&SOWnh2gq{B4E@NS!bwThC9liP_`u3mTilGUB{OV+Mh+F818
z^V&_A6Wrsm-xGM|vZ{?dd^PoRk%^Fwe@;0$-kE}4fvus$zgJ`k(#()dmLtZDdUcnX
z>$1F+<x^XaM<w<XmT~!`8?#*Fy|ELq;8HIq$NJ)san*taq>Zx$)|l9>xsyan6ff+M
zbld%$4^4SE9l@j_s=k2F02X`L{`^eK4oeBEGkwi(t;#Ey;UQYUrPy7eKKW;RixeL#
zz|RRbz-gc}MUGbonZ8#<xEi%#CWP4nej0`g&rL`f`c%qEFCj=t*aM;p#T4?~7?x%U
zh05eM=>!|Q$?RIe@OAPljxUwBC$pBqgo$Js7*azYSxd93u@awy{`{^cBWYebW&X6B
z!^N%w$uw}oxa}g&5HWjRY#D|fxb$o(T4Mq3-}?XUsT#6q7)t0z9>TlAJV&fe9@XgQ
zy3|Chlg4}IMkSrkrWjAr`@VX3tXu;XZBS%E4WE@*qMvWndU>p_%J^4w2lWy%*dGzs
z-_D$zB6)V%9amq);qr$Fa2$P!Dp`NSNuU9{p^GpcBu2&hQXA5lYR(*$cG=gtKFg$?
zIPAE+iNok2GD2VxPmq6#5d1K`3+lGxd#LOHDt=x@S*WkidOM3THiW7OTPs|w>QAT=
za2ulo84@tDBgzzUu835kH1Df{(s1>Mc^tp*Wub=~e+5+%wHQhr7qO5#tLYG!CPC<=
zk1$~<ZE?aY`a($f<<4PI!!h0@fG0Xc8jN2`^0#gDi&QXe<I4NE^3SMzZnO9i+<Kws
z!7h`y2*0ZdTZ@!ksE1^XEKb}+bafc0(p%O1LYN2bvIP4<6E6ZC1|~<7SB`D>5ppAo
zAo+dB`K@xqemHRD>hlXUoM842v3ALt<r~r1LF9W?csVM7z}~{d4Mh<F!J&k&;QH@R
zjY3FtaOY9pHrJn=8PhhO9Eh$o1499-yx{bNUnQyHDuQV*joR8NBLtn^yd;Riscn*$
z<T!}NDP+IFa3KaD|HS3b*cf#>TT9rJf=&m21=Tdd>6PYjCaSl?Y%{x?u1>e>jL22Y
zX;;XK=Fjel<u17fDBZ{L<)S@2Hav}^3-S1B$~*}HuZjxk0lDGZHYODWWbVC_(@76q
zlCI?K40G>8zUGijJ*qbPGwF-+<GLFsMuw-mr!l^~UMY7}dUB`jVvoSf?Inn;<4q59
z<PMKRr7woZqfR-2{08|Ryt<y3R^n!b^p3STO)C=ko~uPj_YMR|NlzCm1z)aC0tFSP
zs^E|courIoWM^s43AG&*LmV1fU2ZQ&ATrVYJ_)2uRiHYrctkZA5!8W?a5#jiXtrB`
z22kt#YPV4m1Q*7_gYE($q<DCbiDCbV89j)r3`J1rNt={#GHiPI<ecUBFM}Wg<^REq
zC5WPm5%vNvQiV)~-jK_?aJAMYP>e$>%VL=J5%7)Vl(wfop+`Aiu>)8ZV%PIvP=gOW
zvHibrK{g%p{qgo{5{8DP6oQ26AuIyCs<n8fC=U(kN==<9a3Er%rl569Z&t;dHUgP#
zotGn^u%WD$;s=3AS>_j%C&#x=rlU(!*aUT01WtJ2)87BboFia3!7hYD7qyA}wwC{j
z*OkC<9JNT2+g?th&ehbm4%`a(y{f`3&qdjeHuMGLoG5llq(L@0zGKY8>Ec4r?ARm~
zv$P;Eu2<i<NGD5a4`T2x`UqHu0wrO-vCei7S<~H}A^rl{9<N#p6Uf@7VgrFuGz-MD
zjJilglGpvx#!buCZI%lLiYJA6m{c$=d9Xj~!&N?@7Cjjs%S(}4xYDe{k1#B$bbl?o
z+I?~hfpD-d6}a6xh}L3a#sap<{93oy_L0bkU`PaHl}L)7)l9WP!JitRoOWSW5Qcz>
zxFdg;;$#(MZdr-os<JSP-~&K~pFGEHXqJRhZU<v1XT>cnH+|t;xQ)e_F|oauP;X}~
z6CO?}e`aiWr#n6cy&K_c+g;pVn=7cy{jcaXZtvKYK?=ht;{C-mii@{m!9Giht1T(o
zhB7`0b}&|y7^+^B;bMR+S`WD>4Fr5m0BI~Wh8WZ&LMf9dE#fH6-JZ#pnL_}&t-|-t
z+-h}TsY3wTQ0~R4gEB`^=9Gn}UFO1S%_f};>=~doQ;B7Zyp+;X8-nqR5Ei)LB5|80
z+6GgwRYuK6*gIk)(g4Z<@<Q|>#-IR2bigFkKzG0}jGGvomjzrBu;Q1Q-b{Nx{X?8;
zDT)E1U{Zn%1l!Ox$jnCmiT>Yj=7NXA36To`G2_6ZO)Xu7uB>i2XyziR$<ovj6sbI%
z<02yx7pGYNW|0~s2$OARFa{!WttTu-=*NTfd$~s$g-MTP{}xh_D2LE1!x$=Gf%1i1
z->$U-K^Sv!?DDbgWY>0yfan+jpwJv$1cuM<9qBrB=K(ss7AKTonSlBNyRVAQlz=H5
zM2fv?0?JeysA%1scui`s08Vo_)Y8QRs*{{)OBeUesM4vr5^bTA${CR`amRPz2}7Eb
zN;{gh1F~cNCwe!iXi$rrBlgx!6L`u|4kCl=Aws<D5L6#4XK>JRP&Z7fkopD>voyrD
z6QPPC+<Fv0UAEX=^KjZmX&)bjeQ?UcgVoO*(O}41jbWp%$IFH%rQlLu8KW3}l`KsW
zi5ei*HrG<6+i~2E2N+Rn6+KeRu#K4Ck*<I$9z&ADCLZ{c%UqThD)qR;gz3t3T|1xo
z#s0{~d9zUvbmk^fN3%?E^4b|!;b5*~&GgiNntGaOISI05u{#kf0#{F@1KhgP0&ly$
z&3nIr>r7n%gM}`MTcL0VYMdanBEm6ZiA^Mo3<@^Aqt!tRdl?iINQQE9D{2#}pEt~m
z$x1**m~rd1(uGx3Bl$;3#ojtRIx;N9x#T`9RZCDMbk$fjzOJgEbzsNWHCQq!i6&EQ
zqYJzAe@V!9uWpNH0@Qumdmoz#bip`1^iH;`bC$jZ*Y&k;F!0$<x+5@_DUO8=TGf%_
zuOaRON&xhh;S^e*p0VZXZyV(=G9<RtZQyjr?Q(b;!6CYtu)b!0Z7{=GCYeWbC~dm+
zU24$XK871qZQ1{SjsG{T@vNLehD2DnPE?i9q1%b2K%<WDpfsFERvbT5bp^ES(W<YW
zPrs<H+vznjWp_!`3yb-v3`hYX(;us(wjq>MSlLynL<o!-7`>+CUWbiY3>TeU<1=tu
zq<z&<`Uky~W&`c~n^nasrT)MYh14po8&EHsUvukQ5>0oNn5PB?Fbct@J|Jd3;R1A~
z&vM>vum&yg{h=ZJ#{4p8fX;5rRHqtAx2mox3z|JGs=IwNLBZ5NPIFxJ&vo4pP1nqy
z>sgkrclA2TAU&_B#js6il3CS(&cQV~xDJ`VwCi&cW?eZxx@nK|3i0{-g>lc@=&m=A
zj*1~5LAU_wB*2K#E+UjR?-~N+E>e@D*{8@zEpZi;gndOXq9zM35JF@S9sqN!L^apA
z7gUZ+k1rq*U%=GxRycMU#6LOZcyuOe9Q}<^87Ru6Ob1GLMN-oNH-%X${wT_;p;=kL
zpOeN=_Mz>=$e@~uMWAa+5&y-Mgbn#iHmp1uzXDA-huZ-TWG_LTOI!|AtVHuKEtT&e
z2>=H280D`JR*Y;l{Y!hrIF+Dc8G`yzBmv_nSj#6FFj0W{CSV^No7VN>`^v`aZDwK=
zit!mqS%$(QWgeHQzd>0k3z0XH4lO*9i1l6-2*B{X3N>cY2RFkgQA1BnW51ipRQr!a
zYs7AdxEYcT5;N2`mAQ3M#vp*VBu5ArVj%RYMZMV)>V`l?brbgHK%whiC3|Y3%u(tV
zhA<3dBmS~n{VaP`es`4;kHU#gPfPSef^JX<BzBV&DW9}&M0@6+6#pqAUUgodimGzk
z%8v@hGA@Y@LLBhf0+sb~!E&(`lElP@hPyX>eN3nba|j#>G?zgJ3cx2|-Y=p8p};Y6
z>Z(v1^ei@XDwtJaO-2f^xFIuCXh4cdT8b0GFSQ9z*nQRl+%fJMRC4fP>}#h1BJg0`
zn%z&32k?2#OioH^XV}3(7)~)S!ybhL55BfYo8xp}U{jWYR^dkV2hy8Oj5bWcQ&SQ*
z@1xwJ2cISqFOZOH*QTtyOwUo$2i^wQ7_r<46ZQ+nYlON8kmHI)RRW+Tp%-6<?=6J=
z&Tp3i1Xnt1u<ptXT=7dWNa+)%gBKqVLIaTmt8{^Q8klVJk^wo9jxN##u5<t_O2a#$
zs)^Nee^z#zF{x!c1q(PNpxjCjKRdor{Z(T2bX|l1*UFwIQ}SUX^y5*A81Wtj>Lm7>
zz(6t7XJn|4NCzGORD&L#fCE)NfnP`5c^b!vu56>MOn=$@!Cw#5uj@Lb*okVT!V+~>
z5psqI;{fZWctS7pe108Y^1Zw&DcW#<=Mt_1DQ*m<wd>h4WqKzl6P_{8VkgkqB%vmV
zevxorq?h)3D5@#PSvOIR>6*_|K?lWL<fus82t{lXWaFyHh5n;rPkh73EQ#R{K$ct?
zqX2!6dq?`Xr_ri9Nt&aCb+(PPg9`seu`uQY_MKF2H5JZ`;dUz_V?Itccogu233daX
z<>>BS_!E?00WRrjoOxgiM|ezrLPh|76J=t9!U2<^H~`GrdQXHk&y-L)SC!Zg#DfkY
zr8oJ|5d7U*O0O+<tdi(lk<6Zw%=o8{m<I4E2ll3_fCC-Tmau`&cCx$uFeV?$bs5Ua
zbtI0yOc4Q+AyftR(2+q!si(J|+F1)VxLbyNm?4pl2-%2ovG8JPBiyW(5snOx;x_NP
zP+4XsI+N<Jc)SL;fU+|^j*cM&4HOVz;U>sTXzPwi9IykYKZNRbNnl7PhQ;wN(~MeP
z3F0R3bd5ZgQs?;r`?`2mW*jDQ<IhKtE);Qh3VbV0AT8Ch&i2xmLU6$pf>(qGkP-?V
zB|*5954MzA0oZaz+AH0S`HfgfnOXR3eVD0(%!gaJM}flO;KU|mLkWd)XR72U!r&1@
zgD7njYJ-oW_d2@ge9z(l<om3MvEq>G$PI)<?@c{LTH<h^I4>gOIf=?M5Zhy4dQ0w0
ztv>|4h&4DGh@KBrwWmOp3c^HyE0I`&qOLgq(u~3V^t_n+LyvH}>-zv25~9FT^bARs
zL9VB9_cBWxwFEJ;`=W;+fL{vfDJD>sO_O($Z0Hth7ENlo>{SR7$wk3rR1WkDFDy}v
zO<aGdSpavX${v|zJ3W6$H`!JU%P}KGC#9k%thK1hE$L!?8oO>D&8Yc?F=HD-hyn+>
zF32)P<u-|jLwkfOO(5_l9!p1Mhv9*xi8LEV^oblqc=!c6IKt=<749R`MSo!r{o-DR
zV^w8zg$42%28iKG>&7R*ht6xQsp+)Q=&Ygk7NcL#f{>quFqAw-eGxi1d;InDlbS@W
z*6pHF1#ktx(JYk@B#%uWQgteo&%A1!XGnKM;kYQtvV>fuR(kFj19(L%=#NNDLxdZY
zJw5x1tM6hywv)r2ogvc|FAt&ak$rP>oSuwTCAyTDNBEt@BnA>KA5|{SRNP4{7V7&|
z$Lo6w#%*JkJNd}4sHZ9oR#*r$9jS1JQf1H(^B7g2=c4Jut~HI2rF42HeiITD$pc85
zE#ORwSp#L3|L5wBlOVdPqmBt)Y~hFlNr)n(B_OgR!BxSfv|SiUHyBONLQ1_HJzbjR
zn1q0UFrtZ3-WoX*(9dEN)ahBy`E)dRClP6a+ps4A4xV1G7`Zl`96T04wV2t7mzPvM
zp{b6+{dGE0B*NPp(8Zw5BWT0t%~6gUrw#QRTDQ0ud<g;xP{0KtN)iNu6dZl{;C+h_
zieZkLhq%^gH?;j}cj?Lv>o%|7*jc)Mv&8sCl2M8G->S%iav8Txn$Vu)VY!IyLoT4}
zxCuPsJ-SG5??WAkmy9A)1iYaV8c?_l(#Xx*;`~N&4mIC0Y&MQ{O#iAvf&e2Gi?1?=
zJQq)iWI1w&q>doNzs>24U&o=FAgpHn=1rZYOV)4NykU7~^Ty@NFl-1IRHlj$7f{Bi
zQg5=O`hVB&|J{MWLj+hM3N}ZjY2<%luXVdEx|h*`_dM`W>gN|Ou2dfE)J9!h*i8We
zL>@xgVE^#kvNU;Fn31kl$e9iG%rd(cB|qhf!8k;qLAHBE2vY>$Bhu8vYcg#QDMCG4
zW=;uMAK_QX`yr_DgGj3|!Ri>TtK0ox1PV8FJGBcs`u&qoKYzkIn@Z6YGYwW7DnIgM
zd>pAM9F)l{e=UTb>+TRyp$&E&)Zh^H4Uq((i?T0x<gmi+7v)j|SF4hGg?4|?s2r2x
z%_h7x=7O2qT3mPir-+*vaG*9Nec;+4FYj~<ZNa{SrN>=aJ+RlCKO&}|!4xF%NXs*k
zxQ(1FwY)YXj_U-C$S+V?>((+-L}tU(yT9_^PyrprX!u*Y6|<prb!}KU{o7I^C6}ys
z3EI{Z8Zu3)rmE+1^@c`|R@!@Iwyrt|zCy)xge@ScG_5Q}KTIcZ)ha~e!j(>kK8Fqp
zsvv9;A;c&N!T^O(-?{X6a29kk-<0(M@h7{}C9goL79#BN@PmUir`a2Moe)jRo!e5p
z9jdkmq%QOW)a&u^9#mZD-!#SCW*4?c(~z2qu;|FOQZvR>ed>fZH&}DmMlX@7i>C__
zLWpR(?(UA5KV+iqA)HY#rb2QA#B9RA?u7|J=qJcI%@D1JYRS2$cV^Ft5>BbAw23NC
zD^)#V_$X1fK!xVZsf;N0F|1ripH{Nj!A&STfO{!6Dh_BW1=<R#^lTH!)xbdm(P=Op
zzyby>0d`(QjrD4$^Jy8V{DF)UbON<2kYTAW${`c7M@LZz6OX{+9;+B?3>lSkGSWcL
zoD45Q7H%FwR>BmcXRqIYjm#=}sji#lp}a?!r2>~6JWGgBoCp@3vNskEd%<CnscLP4
zBJl_%Zt{MDLPiMeB|pSE{CvS>>UJxl2|3hq{>Larf%5gaw&5;}v82`k=G@N{l&(g|
zOV2qs-=g8US+NYDK7N5X_((4r3q(++;?fP7Tk>Vq8gsrD6>|h@WherOa`jUE2gz)`
zo~fRwP7l>irHn<lOae;x;#EGxNuw^3ymqQawHr5FnC_r5puAy)Vj(cDso$T~#3NR;
zj#$vziL?m_&STs&Ca}+BgB2l4Nup|Ug~virJ-O!qoU7|%envDPE{rhMA<oD8w7L^H
z{ti^IRRy&2ZFp@NA45ibiPwqX?vHUl3iORljd-q)A#@j(tqiHiFnpqP-0VClzu#a8
zVo%;#pZM&%Z7Iv1+&bE*Ad31HE^?eAR=s5!M$J*bds`ZD#|S~MP=O3(s8FHa>UoWF
z(IEH{rZ!u1+l`QLgv!&fq)T~DJ^7)&JM;{_ThM%W`z$xu2tFE!a}<lWmUe)v0^C*+
zYb{q*Wd7n+i8-Uam9Rp1FeF*#v_o*P<;LBE+W9dQL8MnAs~0azqY7XDEIW8;dk=!(
z`ok5ve)Os7U8r%Qjm8_*&l`1q57`MN!6hLqMXgR$jpU`Ot53pjZFj}UmfCXh114eW
zTA0O1P61>W;z>uO#Pm5-;0&+%P>rxt`l&L5k5B0#t((GdAQ^fUI%G8D@Py)8E@dTp
zT?7&V{J-yA8cb_DM{OP0OdPlDO&1VxgKN9JgnAkgyds(z`M|+*0WdMcOaL};<arTT
z2D^NK=-~k>wF-WX!i=min1@Ej<^5z;u3-5Do`(LPbW;HLqG}UT@u8C=uLt?W`snIT
zPt8LOoSj~u&Dxm}E!o6HBTfTX?wartB5|-_f?Ag(qR;GQ>k*ZGr$mo=O45I|eQH+e
z<^n_CN1{01j7NzCxSM*CN`y;lUUOAkA{!b%s6Sv`(`CHGLM&lk^9IUblqmOv>Z14_
z>Hy;ja!c0vgAw616Gxu|2Ld5nVslq821%lTR*<^$R`cqOc1a_AKAjrQ`*K_0@s`qV
za6&=Diz+J^8Bg&Jtbxt+-3q;Gw(76W=KK7#+_UM1)rfiAeQ6ihInmgk-FlRGfZd2V
z^Cu=3^&1QLS!Dl*sBdhoDGY1_{cn=q_PFG>KF5&QyjKyOiA~3P|3oKIQY(W&w+irP
z7UGtA6gFWzrzW$bu`~Lbg=9c^&{9W_sn9rG*K034go#2a@Dn1v2=6bu6%zD^@PcQ5
zX?hsU24?l{?{K{k?TQm?%2CP*_fHsC@yrma)w*gJ{ka&3+-Mp`@2c*_VDed20L%b~
z1H3kcBp&+u;@I86c(cZqe0>*ZEj^PYK}jAsZqiU{U0XD2o}4jzu5oXPu!2w8N7sBj
z-kPCQe*Ym@_tLD|BZe*a${Vc<Txs;SKyXY7FCGFRP%wqgzu9Sw2W4wtZ@Vd4y8cbK
zNTDuNS96eeO?LlZedbV(Dk)1<sAm}GKAlWh>Rl5ZbALl~YUrTQ0wfCD9jG0{+P>Xo
zf*)jn-S65m{m-<@GLmJk42?ZrvIT6Zg)AhB@gXt-iIKP_`AE3$mku=#)7!^FS6P_H
zURC!%JmOI*h;%rz5<CRRfWj^pHHs!`Bom{s7^#X?Vy<5*rK@xleD4{r8c8KWv;Y&0
zl`0E=p1!Wpm58hZD3(VAQD*}+|4_^$wRE()=l&Y!s;7s0`vH3xvXEjeewoS@4`=^^
zB35c(XWG5A)TD)X5C*NGp`J*Gn%9I+DN~iT-=y{rytmc62Iglu)bI*m0)MgRLeGUO
z${yvQl4y^z%eQ;97XO_?b#Qj$+(xP*p15J%weBXVi*KEymLT4TgX0FJqe29lA$}1F
zt;j>|yB0f$BDZyw#yQ#mhhR4WsA*9L9~0Y%*l~49mnFq=B0n18K0bV(s8a!b)mlzx
zkZF5*G%-FrCE17T)t_2@?AP@BS-7vyijMstAbW)iED9|n-ye}kaltU5*_m&cCZjlQ
z+9uvolEP`3R0wBBtSK&K8J=WB5NZFzh)&H@K65jz`O@8XbC73;kav!~=EK?BYblmn
zPUFimjk)5zhJ&8_uVDhnR@{K`OeyNVf!+I=0D(6HY&rMz)L&ecIoW#D@PDRuA=765
zAA1NY86HgwJSP!v06qO(ZpD+6yE%P(jk^}0sq_p3b&*k)+bMAiK)9t{Q38+0FMJqv
zOI_cY|6ztZcqS7R$dNbC@vdF3r%PEMYV2N(J4Noorfjo3@|JHz{boGs(HQMe`x4R`
zgdI-q>U{}mF$_P=ffs$D3z8Q~Ru(o+QQsVO9~0CPhOT94SyAJ`t}gfmimOT<y8O{q
zW9GB1`=Puli;znkjVQ@ueG$P#0~}Z5lIoTmHK}NfMA=ZD-NRgSOi3NH{;!ZrcqO$R
zz$=s?92KrI%W+s!cZIy#Yq6=DoZ6RYg^@&`$iP5w&mkZ;!TnT6J#}SaJh-Cv{t)Jw
z=aNu&p}}1WFBGK6N{|E7vCV?b=BaK(QJq@4kg%oR+1MyW1I?D=j3Au@#e}0&qT(vp
znEMacz3?p8fab32hU@h}JSR%*CFlg=)B9ZWN?^g-wP202M=<qOugRt-OBnB!Vt)K4
z{Jcijxv9B?K*|Y~CUsTs*Y10_{im#ln+K`~xf1PMIE(`Ba+XsQs@AjT`}NSd`Y^xB
z+(uno1aYFi5MCfg%xV9E)+zD*&Qu*EgKTW%&`LJh3jDN@_UFDN@dbNb@j?euB~c#@
z&jQ9M+}GbDL}c1)T({}eYz?X&eFw(uVc|-!PKD?VJaLbphEmjO{eIo-lGHqh)c27&
zO@{Nx0IlPTB<NDn55UZAdg+hdo4c*vKqx#0ZwZRGmQsnH0e#&uE<m95%asLBaEgMn
zMSyBcm2BUE;zEsU+AF-(Y|nQH#}Jo3o@hiY1<J(Pc3%fC=PZPKv?pk^L^$DSx+}vw
zJcwi)26wNKzin23k!{z<0D5Zrw|R-H2x=NvF>Zd9mssMm?iuFYc0!po(BXJc7bGmt
zmO41gG7ovWF1$?{GPa=J_irmW$OdMn?zBAFM6>>HuygA@;g=;Q25thB3_!~6fOmh8
zW$Gs8f2NML0L!wTBs@9jq0%89E5Q%RfQhxHtX_@!)wf;#I~_t)UUCU3@{!1gr@4@0
zWT{oKqzr6<nnBc^Hgyc~KmUekR6Z2Lj$zEJpmQM)(K78LI$&Vd?w-?5Ga_On9X!`p
z;lD84#+G#lalp2GUvOtQTtrkOAq6Ggk>pxtAs#ewBhMYIQr`2xHDa`5sy9<kTU9UH
zG&3=R45Q&vg-YU?Y~<!32oG0Lr0Q!W%ZdipS@V&pDed%Bb8y<T^&WJ2ZJnRT^1P^V
z?O{(M<s0vfA}Ci$_I~OrhBH=L8Z=wCEm|5CTb)NJlk1WyLXsvWy%7%yA<hv?j;G1+
z=$=-@`sp&)f40}U`|9awr>#p=$kWq~H#}A$uy7i$Z+3<ydK85bq=*z0-MsK4dHfME
zRbVFNVbzDAUDQXqkIEZb$HWhE0_%z!1M%Yh^+)7yQf34(_xwrL+PsmHz;%@&-3Rg3
z67Q?e=!JzcqtcaxR^nyy3eRsboG#X5=oK9ewfQ!|x-n30#3%q#8VbCus~4*N%3o#X
zkf4i@cPT%QD5*&2>E7KRl}7`x(-E4CjO37kD)aEd!Z{em#w0{45TeJRfHPsWpZc5+
z8-Vdqt{cJVxRT;oaV^*vwuE?rCXMmR7v9}N79Yc$`aex3XAfK!UQrH$*$m|rVVel!
zgvAj-*a+#Z*@Od|W#JQqa{DN>)<%3C_F>8DlY7uhB<<ljKlBg}uftEEmB3m$vs-%M
zy$n!ryNvLR2UKr)XT5n2=AO$6@zux=!8?~o_C{^_W;%P)OK33&{6QK)9OG3OR<Em_
zgSmSNzCkWO;`dNa8dZICENv~FJ?UjTKrLkCL?V?tLo&J!tgfX#cP|5+k|?31o_zH2
zq|RNLOFS_#HVu>LlosKM=lXcV3D2RzhK$6MyFxmUM<aOtpqi5$KTd|1GmyH7#0pfX
z2zWyDy>_yoor$c%9M{eq`G0u1qvGM~=(M9=DSdLutPvazy~!}WZB+3PRXj)zmChK-
z_(@HxjVJ{rb(!RRS*tKPoJ78NOG4>qVdb}EY|y4q{~cxcp;Vc-v}#v(Pk5(9))uPV
zv@-;iB3)DKNVU}G=A8(6_|W@sd2bgbiZ|Sq1y-+u^r<b9%8vSFSP?v<in8#EdR+I~
zt5%J=seQcyxObiO$*B|O1`@LHG6!NrkmjBvL<El*)Qn{zO44kRg$Qo~Ad}6DP%gQs
zsMB>#DRoZGK698ElUA5;*y|sZ<|KB8X}skiniI8BRLgP#JOGABmmDI;%Cm6r1gx$1
z8a=|!Md;<`2EC-t!iPPH2XIDaU>k*7=VbXwx@P_#JdHBih%A7EP@Y1`n90(e5HQj}
z5BnxW8xk8n1M<jc!po#cMMX}ASS%5@86=kL+nL`vDf_b6HKzDRPZ2(;#sny1mCey~
z@+=7k+K6=DIvA;`eFI0yecXWYsw3(SFxRg;@S0FVE<x8=FMVpVBG37PI;wU1D6@f*
z;yJFge15z8Ww*wGr-v+3XlQ7*im0-7^FC1DqE7c-04Mb}p?KW`=7JdQ|E+<|)1#xP
zH&x^X;{s2U<nl<7aJft|OZxP!92`4^RDFZmf{e7mYLT(3#i&)u-A_oDBKvq55QY0)
zT>MI{ZtW?t49TQz+*0r+Xi*_DvPOcLnus3e!-McJ&!nk*F6<!}Z;c?zNzz2|2x-x)
zC(k*!`5!cq3io)u6k*{}4i&Xd7ciZ(3pPq;(YF{?NJODR&@*DO_<o?~Wn>ex4pFz7
zx8_ph!wx>2B$q)1GOHafUK>cM-go8@{*1a<c)<&mqLAO9r;%0jdNyG<;f@KH_1W3A
z9k4!#Bi={2fuweVANaO%-22vOH3b!-FKtCV<+FYq6~A|>ar70}T*yZ&I4(WBP*Em`
zgho{z#VmsbCx;8Q^*0X}vik?F(F^$!vePQOWrxaol0L)db{fC5@-BP{4o76S6tNGb
z8#NxRbeWpKlzySnbwG)*P}O53P+{xJ$?=&9VG`j%yk(Dr%Ei+%sB40%b3+lL+Uy7F
zV*R)>teM^77kI->3bAybKbQKh!1{{Hf<AI=5qsB0RWCeD<*~$v<kZhi$XmO7`LfQE
z)tm4h($W(_2e&s|1MwIEOcp4ZmerMvt?iPlYWC1p4MI6G{v-nlZ@OaZ7Fsu6K!?^W
zS+%yeL%3m}`e%j*z)&R()$8gy#3Bm8)|qs&NY*b|xxBM+)oIJoivZ<45lvX(IZE93
zJUn0Bt$^EG_r`IwuLA<T8u#FB#INEtDZE3DS|1|X0tVB{0D6BhL51D3P>fdPv!X5m
z&IJ9=^3*nYR;l~1G9h^eBXNYs9z1x-7(6EQ+{x)EA3=@onTcrW>g7w;ZeA}vhfGFY
zj0knj@M<YvO|U=TRBZ^(m<Yd$cSqz6)>2Dj^)0+p*IOA6DlNW+f)scfv#i{z02@(*
z?H=|u0T5b7&Kbmyfz`hkZ8k)^?Iuuj6Fi2Q_$+`WUF>1lG?PihA*<fTm5!od4$@dq
z^$(^1r0Of#Bfr#>7mlJ^C@6?>O!820w0hmr{&#{+p&;+%C96RZH4PE|;e=@flP|K=
zdl+Od(!{pb%z@LR#MVVs*}R+({aI|2d;ifR4@N8aMZs^d>%^rvp7i%QH=5hz+lnbB
zr=4U3PhLpPr=AI)H$@v|sbHJRbJXX>gHwE)Q1cC{AjB1tTV#ykiZLmLl}ITp7?u%U
zf!%=mPEd_9q#~g{q!?lbWT9(1tyDep7lf>ipuUj#tNIIz*HZY%KW*)dkB`du5-I$t
zp2Wa%PH*d&T5@=wOJ1F8L$5AkzE`)$>JzG5BDXVlTo=_yS%-1~#OBw1Q1TAND)E{Z
z@`LeKoIYzU%2o+v>~|3{$o?$xWNoga>#bj@d(XMH)>D9(7`!9~-$#g-msz%^D;V%z
z+ThJgWd@qJItE^D>3xksN(ayLx`%Ee8n*m2phV=OFk-I<%i=xIb(8AiG&D3aEfQwl
zkOd=#U|@${2~!ZNJNvyw0T%pR9%_}g5rXaE<?^b68&e4-HAxF5fjV(vh*J_(1W~Eo
ze)a-k=K~kq!D(J)Ui3R*TtAg4Q-+z~Kz-QJkd`Q>5%7G3^Vr^SiBdkgt6THnG*x3h
zwlll9uqw#wJoO(&(OA5G>Oo`&D4lP@Wwnwj)kd+lP^<gY(AvsG9+Cu6HXboeF`Q_D
zRw(@4rz6EGVpM=dZC4K`yWUfJ)V<!eSUKAeZzP2)l+y|kE<q(Fhhd3m<1J{t&U?^-
z7)l9<`A{!ncop`P4xDqYBku*nSL9)3_mmEl3*-nF2#P}K9Yn$HDILV7qPQrYVDzD;
zWv-qd);&^UdT40-!b<4Wu73bsE`mD`Vi4C3mdx0D<lz%Y<^GD2eyEj^YRl%{BcG&r
za~SFFaD29*a<Dwc?lTWk?{V=j@<6Jy2f^N+WKc$(-T<e0g8Xroz1n-Tfc$P)-Jvm{
zvR06>jNaaTH2`7;#Y~Y=439V--m_u~!nvcfX-KN!*8V(uC@?7^Mp4oi<*{Py<qW&n
zmZx|tS~QS75K$;oir!0<E}mmYAv?VzMfyt7=%ibp0NE5$zD;Vf%;Zvp6)^!G{*WgT
z&_&Eag(r~V@xp`fs5!aE8yg{uUf^TIa7v?;<et(AQxrgk;Q-m^QJ8vrENBuBN^OQx
zwJ33q?1J7U?v>z<qeZxyoNmB`1IJQ{dwv|@i3s=sd*&7yLp2%f`p}dAc94dE2UK^)
z;m}a0Gm1=)VIHms?+WFWhZK?nh7mo}G{mIaP}_NYQmSC!AwiTrI!oL-@a+^Z4x^IY
z^zbMw-)qvTvp{g6XCVw>2;WBb7hF8BGw$h%lu3#kB8sp(sG#lh#pFF;*bx2}4{wlQ
z(;*1cs6e|f-NI7JD5L5ZqH}$u0q*(Yz*lb;2VoR#+%h6BLcKx6iYlVJy*MDaz{P=q
z0OnLw3dL-Ahzs4*#gU@sG8b*+9l}M!DrmbusW}c!sdxjQ25SD9+NHZsCy65|Ay*-B
z0MCOuT%6sfgMcDOYVzVvfx6@-Gk^E#AlT0JQ2Ad92I9#g<`M5cof1rew}?}i(^2KE
z_w8~C{f7(HR=%lNL&Cz~8{z&6r4TWm=D6(YlJYJ_puLWkb-72u>9Z+ojh!z8Abbfi
zF}PVcNHX#zbR3&rohXARf#XidQz)>M;JJ2r>;SK);LeCbhB5rK1#R9iwe$!hxVS|Y
z1xge}ltjTM5lj)z5cmtlHUv*?fO_``(1GMesE*?11rTx~MQI}*l5j-0VgK|{g`E-t
z6OocwIw%Dure)sl*;FAid#FOMf;>ZwcvQS`U@~5CUqjW`6&Nt(a1T*DZd4?A>PVhU
zKsEC{=_&$y><NG)J#}F<M9d))id}ug@7}a3s{Iq-BeN1}2_CmX&=4L#+x-csA&QNP
zXI9$SAMFIj2;+d+owf1?Cm@B*)I)VgyjhHAqq~8NyG^x!0ua}MGS?`Xo_hfzGmI~O
zeyUv#P+jdOiW_-`LjTx{5I0V5W>SxdaG-1_YPv;LjP!p*x1#26&sjFtZ>0s;4ReF{
zB5)#m3+4;GZygV>6c1Os@ZPwTYI0CWAKrfbW(exd$n!UNTBXD*K9ai#f4Wf$l|+HG
zt4U#&e;OL9$(ZgDC9`@B9)Rh-nB8N2K!HmqMbr_(Yhk~&BjIa2_`NGOOC2UWu?36K
zNByARkwUQrL@AVbI@yOg8K%g(SxY7+OO$NGuSd*;36$FgQ-TL55bm4%czzuQ92PaI
z-HRTEH}LBLECOIS$p((9!klMjMr+<1w8m!o#R6N(jD=oF)F&PzkeaV3gpl>xDP*Ar
zW1|<iP(7bBKd#H3)w5QJTE#pdQwnACOIXEfZZ>!zW#G2ssjy{M&7N<F3p4rPT!k?K
zFR1%L+req5#F>dl?PotTl<p+<e4)8B=C_m@ucCHQWDidw7f4UU5@g6`3CapjW><Lp
ziWi?+#z-ddcFWjV>Er}#tN7_e{M2)Xz{Cwx4GfI|Vr=jL#oap){em9eWFo_3B<)Hb
zJ4F3Hd6fZ=V5knvn)>d(TQPK&o^W<BZjCe5S|8q!x-*Ibb7o3;-9pA!+wn_S(2&I{
zhv$%2=S@Yq0a2IkHil{Av91X`&plnL3du;RjXb0~!i^jw+_>iKos~h!db2ogj2fM1
zO{x0FcnXUynDI)#w}_=f7<+}<c=Avo%2m306GXa<uQhXqrp(x6dAxLN9UfKe*$P@l
z^r)XO5L4Ym$bzyXBH##jC01uhv^u@p-)a1X?zkJaoV<~Q+ZyH(F|>%fR<jr)UoPJ^
z$v-??!1<%QVl8F};urIRQmSE<B))@^G0Mq%H}}0}m*FJ~$Z9DJ+s00(%lK~YMn4n!
z2u2K0Q$K~)fiwu_u<ZVw2wEx3jERTP*0O9zG*_xK4a_4K8$VI`6broAs4A6Yv;<D(
z5_OSM+)1N=MO_!n(3^IQFOZ>ec;NkCWV=h`0F+q8N(){M>pOeQ(9oDmyhV(6G;yXv
zG&C@Dq*>h6933KG0IH_E7Mj7CXS~vPbLVR~8uuNEjLE=O@SDWiuodx{*QOKL2%mLT
zg;0u`H+*a559SDu6eC{(fiigaN1u^<>bR7*X`niwUM+&YGTDg(`bwY*j7ChUnQtsp
zl1RN!QHtBGkBexAQdSP!%e35>-7~lS)}OWCBH6)3+DVZ?<$xNgH(|0+$v@EHJ!fIK
z$qJmaj$a{8g5~K4WinaV(<}_lG528KK^7A-)bM&Qh4S6q{Te2Aqzqf+OA+QYLtoSu
zjP!#Xjgx{B6_eAud4%FsFg#7>;{}Nrmqn`ViGD0&_dnG58}pr^c-y0b*5IHhGinyH
zsQBI8jhcDK@*|&20(B&J2j{YAWBuxLtw!WcmJ@I;Lnlf{rpnI5_|)(;o-+|8%MW1O
zsFED-#~_1)GraJnw1oN`+R*>y?#!CwIFc<rKSs~6+?Pj+qONGIZAhv$^Hi2ASyuoG
zjRHjS{`&dcBQh&9BeE6{WVel3Hwl4Nk&&_ba{Qc#G+;=nLtY~I3>ey69%oPG;z3WI
zO4O_i3>zxrBztbDrq7?sr**?Kl`NzPmih=dQ4CyWsF<0)mv<^p8MhHYQo?`m=Y#Kz
zLldz(b-x_8rgO#}nNcEFsLGXL0U9u@ZMxiQ&rjcjXv4vdKJuv5@0{A6AsV0@Ly)3G
zq;PG%{p)wcGpi+mJ>V~xNIg(Ns|mceL5H{pY|T<-3n3!%AJhRrYXS`27jm%y=G;bY
ziXmuYTPP`vWh+w-O*)~lx;BI4&ip>ME};gOtj5WCP7P#2NPAIdjQj=p3v-3$-fcX6
zh8D^EgBbXkre=vA6ESB<q^e9<q4l(QLLLpJsVaz|Z*96PsS|5<Uv9nwZ4nJB$iniD
zvL2fsJkJ104+cmL#T}d{tPa?bvVOtT>SJVIpSHK1WKVTW4I;X4DoLACI2B~brvmJS
z99?b*zbi1Eo=IEhErXJvhvq|2;sqx^b!VO_BthH|;5ZQPI2Uy@N!CQ_g&u+|E?91H
zgxFU+JIKi+G{EsxBN<gD(o4iGCHb57#^MIu{LpUN?xAZQfEUPL2v<-tmcD%P@+ZMm
zQ_eyLKTgnakgL72mfh+XDJaoqHbmA)QE`_KYTtr1sX%oz{ph4tCMxyRw;}W!KzG%5
zC1?yH0>;`1Y%!*HVJ=5nYAoFyZ%Uc~d83aGq?ymGSNx-%+eG+#Q3l2vNkL;a7+2Y%
zO3va08zh)7ui;1B7JAyKhg~j@y5>j<$T^q8<fi(xv4dg?ahZC&=pNxvsFkP(GlS|&
zBRZ|c=mN7^T24iFpQwjr4broxTgdG_5r)^hkDJ@iHM+lI`$4!0#S`)1IFHeZFy^FL
zEue4^w_&M*Hr}U7v=&o-5~Wj~wb_{3-lc>iE5M(Gk1F)$0m@5ZN^k|&#Uazm5djQ;
znFT&JokH(~5qnLJO9Im1(G3N$Ir*ZZ1Xhc87!v1#wpWK_JSU_xE6=KTp9DMd{qB=M
zVvVhHno8=vd*6LRb&vw<PpF4(DQx;_dp`vHZAg`3Zt#dz#7WSScUbi4E5fF(A`6q!
z+liqDHnsNtlS#h1TBFlj2XDRn?s32UpRu@<B^AX1@y3Lj0-_uk`kpXBUb>-!!X<6N
ztaQB_YXJF@1DQ$GNgw*M0+?GvJVX73#mD-?5~~-)dADE<#WVMKii_GHL2V<+_HgnZ
zklq;lc@Lv-Ml_sJILitS#V1E1@gcF7IYg*W5pMX&W+99;iKV0l3-=)OI0gzA9W0qh
zE;%4yAXsWLk>>1pf`NwWeOzL<^dd}6K+N>!as!RShGIrZ7y=NYL|xm-rW7@@9ejYZ
z^G2V#3?McTrxO7SFij7mHc390Go?wc=38YDK)D7aFN(F4Oi>|WzB}uin+$%Z$H{qp
zqu7W6>{5<!ij*vl=o#B5R2cy6tEuQAB_r69W$X_Ku54B--#E9zIuRN^p~<??%w=VQ
zjfA|k3#4fJ$+$)-AYrehKtozmpVJG@UUP*haoOk@XR2Nb3U;*593|XjC3YD|q#m$;
zYrJWSQZ!O8SB5<s=l96GW_|Jgm)5O2O8{aIjyj?5gv4Uf2kuz}1Sy1{2?<_Z2?NIP
zTP4DA4YFAm<x0iC+&A}IEvRA`IBviKWC0oiVBRbQ`2W9QFi~`ejv^}vl2J~A4lZQ=
z7G(<<@&B_$;LRZb3Fg>BqzWPjz!PQzBnE=Vf^(OWw-xX)pba>gk@A9T$Q<%#xFx6S
zx$vZ`67K{YCL%4d*Wp>zbBR&L{Riv_4hUlDdXk^f8E-uoCI(beh(*BG1Oko5oTD*}
z^=O<ijZIY%Mma@ir?0HXw1&5;#<+qZrv{v*FHo2ik}+Y$<i5Jz?e_qp|9I$&mmeN)
z|MH}bE^)+C3jCUaLMQS-nNt0_Z>koXy?E@&c;1_yI)L&9DGllydQu=&Axwhq!!^`l
z(V<cX1%<XQ&p%fdsaEaEEn9xPXCMUg&rt_62&%ypIKvK7P^o8Dhgt9!wHgMd+2%tf
z?NZ^7%?~I_9JivgtL_Qy+TOA@XcbyMtZlICLeK}L*JLeIhk9?%s4=B1JC+yD@T59}
zMJ16-u_z>)J#;nJ7Az4GK3r{lXL_wTi*)TeqSE+&_fbTeK1yr$(Q4Jug+y*8UI6?I
z+>qR^K+T{!o4o+FO<`sWNZwJ{sIL1!>f@jTbFh6R_F_>35216M4u!uZ!*B#tZ7C0)
z3o{*J&jNiT_pdEkndggEwf8K9&P?3)tbiAXx;JxTJ;89M5+wkl(NOd)<z~i4DrQVs
z)4eCgf+pYo+&+95j+_euvfu$xx~GT+5GaH}HUoRPoi0gCpw}(4l;JFzeP9Q7a(LMT
zK@P7Ko5ef0DTrc#{RteASt>z8J$h|oQmULqTF<O!8IVhxk8lE5VNEGm=)N=e*z*;0
zQGQ4jK#y7w6kZfNXzwY7)$M2o$DG&)HXsP3w-Uj4sej8x`vR8DLWte^ozkFo)YdUS
z83GO@t8L)Cd}Kb9&?lovcn|WkYX7cG{khPUQ|bl@LDMIc%4_F~>Xz~Ds+&}X{Vvrb
zk!{ZvR*(a1ppuNrEU@ss`G@U6$BvV80+$QkXUZHXc4utnttZvv!!Bz+?6z78A5ule
zXUVX$z@o%#4P`>;ZvW1q#=76^B>qLv2)jnkJ^@44rWd*N0<H0s*vJl9*B^{MNS!sL
zsI#jADgX$~=?wf6q<hRxKKk|XPS~}Ah6JbHc0v;ta)M{J7=0+-Grf@YN@v7==P%or
zl?!e7SB_T;4C?B%NjV;nt);9hG7C!MViTv;IsaN@?%@umMxtwBqO;zYtUoE=@Fgkk
zo6Q~#8CX!e8pp(F@BPY4zUf#be^(Mkl#`!#hDQ&%7c$LKg%f3lNaG2|AByOdb3j5w
zkrXU2=D07&h-gnZVd{rO`jJRCY-|!9Kf;5tWN~0*vGeWuPWkiex9>JTy?XHj9j2@f
zalM$UC?K#uls{g6@I?SsGhlT<>ANfoZSA1h+efRm9e+glHsxxf43XsPm$by~Q3Xi=
z^#>{goR_+*bfcg$n>D+eo82wkG&k(Q4FjtuXOvLbviZm@vT68@@tm3ATOo!*oS~;0
zx91G#1881m4JI)2e~S8jAtGtlfO}8UVPIy40fOJ05=~5ELz^4px~mE%E{zHq7{R<h
zP;5vn`~#aAdqRIHir`D@(=OFWV%U@#Bq?*2NtJ?QbS5rrn?h>2bS#>0ruggFPTo5#
z3ei_>A-V^Y0l(IhBWvW85Lp3o9(6%SZb=7^^4h6!hhc=6efRCSG|7Jw<O6<7h?r!(
z_UR1Y>$D??S;1Wu^yI%01}P^;og7-^H<lTI6~Za7G5am~k%2(*cl+NXiz2JMhUgY*
zaH>%#a*Hj1_^>S9LIP_wPDlHxkGE?RGNZC@d!kYytV&|-I%_jcJijwB^?2rtPP_GP
zu(PLk%(VM^*i#|ffzq2D^_Ks5r9X@1A>W;TbcM0fL^in%^i{%1gA6U@GR$DY%`7!~
z7Bl@U3j|}iBIQm#QL3dS@#c=0aUt~`sQdAG9~><tJmgxSPA(@4S5X)R_QVE8hD#EF
zp0nU&i2O#}L-iLo{5$^qLIaLq-|l|Xkz7V4_e0mH?&?amYCc#0G-trdXPGQcNuB5o
z#oxlCd+ysz-*~@!yl*;EzQ+F)oqO>^rK$A?%PNuopX8r8`2l8)tSdn%!chXY0n6-J
z1lb&908Y%A$>}>COmSuB6KXzQ=ZtM2@<y2YhdpDi*CA5--5V>B_i}|#6CC2hBg+vB
z@$vn8c#I`eiv_lAH=lQpn;YoQq$grp*xoE2K*L&yW~qgYXYpDR_J<c(eC6D!u!j_P
z7`3)QX9PGL_a;zfHnZ7Y+uMz%bSdZ8WHWQ4x6>G~n2w_!6cRSrn6Ap<BTn4VWjTHh
z&d<OqIc>o%^6>zg(L6($25zFw>n5evpvD$*&WFrI@+?@}xRZa+ZcrPfm>!;Hkeln>
zEqnZ>{3WAfuw$%9vWIXsg8{}GhF!uJ*~&C?KKKRC^VkSh0T@s6BqaP(Sv=G8K0?S8
z3Tkqxe33G6>*+u1;1QH2E&*4kyhUDGcmG)*(dPxRRtlDphmz36+ywPhcX}4w%3Uw^
zH3%MY-t~v!q?2oqI4i2SP)QJNDdNTLl7{Y)G~;K!`K$YEj-!8cpXEqm#nCE&J&-(5
zv{R7;-;>R?$^umz$yJp)|6SneREEyUJESqydFVAjSt-=%M2y@GHJ73GRIOexbi81R
znpjuiOG9gfCL<=V`^ducyE!$rr@(Zj8`HOzy$pc}h26vwLW=x__1AfP9(aB?;UK_P
z1>x^ZuV*6cua0FNp$x<#u$+P93vYiRBrbOXSI>CA2$S}2j}Lb?TK?T*+!{uGb8xx7
z)cEaV9@LZgx$QEA^ew}vf~XG<rs{mNn7eoplz%)!I|m(s$vM*vz}O*WEf&vS?p52f
z4s8a=G6`KF5so&VZ-P@#FHBzKS<j`kg^-kvKxo=lKojQYQtA3T>q}^Qg{e<`RJhL$
z1;}q`P;*Y;l<13(ttrZNcR%l?La-3&nGOd5C~a!F=AQQvRKQZMO(3&txKnKD`{><q
zxHxO*yrG?+AxA0nC#NVJX9Ua8Ex?H<ZA3D{Ia3Vp`Pjp!+({>U!|BF?BLtdNHBKkB
zjNYEiPqLHe`O(Mn$O@oiMhPfMqAJ6A^S!(RcAs|z^c@mWDZ0=^bp!Y&=6mb8<swia
z01^rvD6&DID||jlp_O&zWe3P~RZg62pVw~8W-$^L?l{UrFnN+~E{UU4B>sHynwVTi
zOh^<^0H`gi$TP0t6Pn-FkU!UjGS&~w{*=TZHj0oCnzbhO6o$vLD>Eep>)O4>&G>`=
z|EQbP3F#T%<T$pulo-P11Mv|t8p0MER*23x%LhHJc?x!VKs&fFXPVD)kr<Mh_d}pF
z;%KX~oNWd)`57lVE^-M7W62Uw6+T$^08{(xo4<2HO*j0JVD8~IYD8VY=~-#&-e(E%
zZ!jAvehsDKC56^_9ae4!81IoppfUGN^g)*B7c9?d8Ze2;cXG+&!j)}Zm>}}A#N#4S
z^$cQ)iGYbii0m7Ey-vQ_dk-RmRL#ZUhdWWa1GHq``J1oKjI<~gFj+EiKKSUmBTpoQ
zCAuK~r2Z|I{vjSRqXRzYkQzn<RBcb<KLaWZ093%M?k>@|$TuG$3Ri;~ZYMZ@Ysk+G
z!v5bdLeL69j8!+3h1GzE=!ZK(>W6&u5kfzZ0yt7FP&Nbv6U-V44IaYycV;OZqL_x!
z39b~fxj!nq)8yX!f<t9kP8m7W9tbtyDuBHMZSN3+NWfS-9-2le&+g~SYfbe??Hid-
zdc&VSTYbyUdaYbi9Iw+`*IFYdzcc@U!YF|0A=D-8NCJ^2$29z?Oj?9RZ+p1G6_0!}
zyiKpZ_7jXDg(#yytm3fCtB^pVZ@sI*YRtK*a6u}O-F@z5I$4WW94fYknC=vZr%SR>
zAp`(_*i#vh3@B?dIJYR<w*}sFLA^C~qbPX1y(bb)mB4#+6K{?33~dru$_v2`1Z*hE
zozJz7h_y+$7Vaxr6I%~uJ{<R2$~Pj!LC$Um#GU{tD8nGXV-*(y2pIAjdJo_^R2-je
zvUzc=3>L^-EON9qn>aR+)HCjRZ(~&e8!=KtFv5p`HNUJeV)3H+O3)H9Tk1Q`9kbIZ
zV?2+L;Cs$n_Z^;rIURkXm6RO`+R1{R!i+*Z!zR`36$v5B4nf%rGP0VoC!&AWyEvn<
za?CjIA8Q*Draj2&fC1FR%}MW87KCHn+?62BEbAcg;Oma^G>v5awtxF@PdH11H^Khy
zdiyZwhLi=WmT3ng9)S<aCC(m&R0m~4>59pf(`f`qNSCF!%@{AxwRqZE+k0Vh-~H=x
zd*8L}y6R5Ywo{mXU>X+sFDg(5p3viPxUXRW)l#2}j(I>KEJ!Wm1kX>DVS&unNea%T
zks}FW0_rCioEA~$*6s&$IKuk`*bfGd>xU=Grb!Nwb9pM8CKzd<^~c@igs^b?(YN;K
zuKVwe;fDHM7XO=W|7e6jcp>P06W|t50mUd=S*n7>RK*D1dA1Vu`Zh=x2g=letl^l3
z6+}eWa|4PxV`xLhcE7vkK)eHpV6aExXLb$Tyh3yhTbC}rIT(F`N&epN!msodb)*7*
z2T%kEiBg-S?H4+9Y_w8GNmM|~?S8|w)>`_N0+kgsIoSwM^NoR}c)pbLCDyKBsHApL
z;%j2F!8&V>CC^t1zM`U7d<Uikkl+Y|MIj|xR%KwEaqy&$Q8mjKEdfxp$l5_|tbh%$
zX$hJjTb4t_CdejVR~~lb89)>Z;g+z6A{jD*(0i)xG~bXu?yL7*`iJ}(-*z8)DwNs<
zdZh4~c2JC4TF3c%urj!bfd%8^s09$kj}+ShF4$LKSlivBKzQ0pS^MF?!Ys!sfDDV1
z)J)vG(X~@4)}x*yRQ0kphZEYoE~VXyg8kvuk1ziC`5iAngcc6A8g@;z3<yzsPC)+)
zgwgg^O~H*|Y-K1YPALG16B=X`tvJegy$*BeYPZ+zq`x#MqHO@hJ5)&^RQFGec^}Lc
z^q!2!E!D%UX`^v_9~DN=YS%Q6_xByZ-wnKq!|=#6kkJr5v8a!$8U*%ykK}Kvk2JO~
zLEa-xZMH4iO5n+3$|9jJ=~~~NVNci9ZlMO+wlX7|hn>s;0j!qTJsgh|f?Dl>`N*Aa
z(SVn10VibS0DS=Yb`&>LJmi_x(=8qr4}GkOdB92>Q#Hg|v1+j1J`Pulo-g-s$?&Qz
z^^u&$f?=k<88e~9G0&LQ$hWv{3+3o(l%u0j*xw1F2{k<u-H@|FUQy=tB0KD18TH>9
z<5MR7jG7%hfoN~V%7~=8vlwc92jB1VxcXt0lII*(>5#08!JI_sFr-Dt_#nI}hnIJV
zVK_Hf8p7WPEDfvy6D$n_RFK$>5S?Ko!T6f^E~}Njol$;ui^Q!s7LPZ`AJLj<?$I|m
zKOnNjBk*)@rM2{7w_|q>BG0l4$dqzQcZ6_BfY*(&xaaTcZ>+rCZLqtb1*4S^?h^E}
z(A_5girsa7mx|%=nl17yVj1Cy@izqlR=)L|Udd^G-!;4Uw*<-;$C&6UB83?wz=ENK
zvoVc-M{G2OaVnv%s{*4D4sr?e*Rxx1Wr5|>1-2pCAlH9aM5w?bo!tlcJ(X`=3`c@F
ztw*oKoXrjJJTOwMG#V?VBA!wR4*nRqOjFAAZwQekBBu*~JPb@!7NowdvvviCiK(Oe
z&|Tk2T{dq8muedV$Ob7|WA)fNnVGNUU+uZL&(+->Z2(Gvc7Vt#P9<{OX04AF)5*-G
z-mfCe?E~@1z%P*~S5(s|E?kbg%+&jbarX%j8#+VP_L^5>^4WW+)RX>7>XvA$?!d8E
zAvTd?$f<el@&`z6%m%3zAie?j=YGfkd7O(8EMfvc;I|X%U4yhiZv+jZc`u)me?B^#
z_V#cvQCGyI$060y6c;!%zoX8@MbYwtW7`c&dLn@9<7dVVR7M=Oh-gs)f}H3A)m3=F
zDJzpZe=BngNPUACqf|H;mxv2d{Tn-HxG&fU>>Oarl*!HK%tJ>rf5tdLT<?!~UG`BJ
z5|7>Q`X6?d@cS`YDVm52;wrf@fX5YFy0GZ^a||LtBLL(vK48TDmqY_3m*M;1BqnQK
z6UPjuH-eIYvXN?88Zj<*W8UiUUYwqT{X4NNw0M?X3L_cZTIB81n8VCg-5%cY{7veA
z_|OR**Mr|}2e_{&bte}O4h4=Ksfk%;8-OgUsS`}uPnPj>-1IH74=?2}8Qm9zk5~NR
zbFxL#oFRHKIqZib^Fo1Z!4hzL7<zu^V!B8^dOqjYHN>IDo9B1$aG{81eavPsVY})2
z%@2MX>;wr#Rj9qBsNGn|$Gkmz>#lks#At7Je~Tpz!V-E<id?8}rclJ#<f#ddymMnC
zHUpvBtEl@l9fXVzOp7sO6a8mN1?cZ+9{y$6oRL2yHH(jEAgSKI4u*o+p<ybKW3dd3
z_bMh|EliQXGqVi76#~j<n|x99@t$~vjdX|`s3R+F;<F-uNv*KZ1T&szw;3j4+4kMX
zLt7OUlGOC(32<e&4ooiA`>wh1SNGHT*-xBT{z1xHC3H)clx_w<(`#~fG~8BL;ht{V
z@w3JRN<L`6bbF0FVA6l&WTG7*k|lU5%HotZm1a6j=-m7Xhu$Z)+wJ>~Gez<Nd?_Ld
zhocp>?2|AKZ8f0TuqY!=U?q!7<=u`*E}pZT1|?w^bGg$ZBz-lQNeUYPC=w6S*Rh$F
zm4LA{GkKE9hdK59rZ|zu$s>oleNb5;#5m|$a?Dc_s!uboo0%wE7}?5yJypU$9cp|a
zwR1v=HnWD=AXEYO=UZ@LJa`(q+<5OAULPvTNLvtK%?71Blj59hwsQwEjiG8F{GL$S
zi(s730QXy$2+LUaZcN<KKdEPG32~tE#yYcX9ph!e;&HEiz3uesU!K~}SSd8rdQU2a
zWTv-q#7!{4_?lIr$vOFoBAc$Re(m5Odiw!V>6hF4=5g!diVtQc&iN(Zyt<N&wIQ3g
ziDV=ueK~Z{^lCXgnziN+En?U2j&EeP09_%e-Ob<d?+?2@XkYzn^Qa~in}BGdl+=I%
zzHRSztX^r)^U)iLIlh+)?d$4q!sP#wZ6YO3&EF*b*r8i41*$B+d(3Nq)%-y%$ezj_
zeio#){4tExshf6I-^F^CE-hcoF7qi$Y5o!Ip2X}R4?S7Tr6W4amoLYBz9h}OcysEq
zvg|3s3wuWL8xOke%ki1f!8$f|-{u3HBT(N|oJQy-!4VCZLr>hpIf94pcMX^G)sdSJ
z!c|u6tKmmkN7Hp<)-6GA5DzTj*S09^$Tc!dEPvD22#_#bc>zGG0=+A4H`fBpJik+?
z%X_;|Z}nM7I?Oy_4=|O`s-t}h?=!ZDFZ7p)r%?#NlS}z7EMAEwxr~D$HRU}@Vg(ps
zP_5}3MG2K1(0@TgF_`?`o*wKFW00Wwi0v5|+d=X}q2xL=TK)ch_b3(w5c(cg5wdmg
z+yZ9u4VO!r35UHqgwed<0gcF&WwGl0&kIWY9*Q-!uCBzE9RK6(W4)+klKn1AH?Gm&
zL%;(#H90g7gba|i=Uv=V9RfD)=VFgD5o@Z-Y!4TJQg}5)9RSL2BsgSAoPj_o6@jud
zR4DL?6m<?ubBe1?_Rnn9Cs92Vkgvf%2oC}<yl4u)6n>{L|8H(4Y+86Gw+&Xu-Difo
zNl<#K(7FyQv?8Q{!P$NB5q~MSA+6j_CX4|#o77#SfBGRQ;M*6neN<2-_n>b#-wLDa
z#We%-?N~;WJ>FR%II)OC1EnFA(V=zh>!Vi9j3?YzPY;mb)PfcNt1L$)3dEDZS^%$b
zy{pMRu@}VqAzd0Y#Po?#$1HcB_jAgVBzw9Ag(Nd;njT#%YW*?pp$G~qe3vDuaEN@H
za|z56y(YXeoO&2ToPWdZ?)jh%udD&f#+`3|(34Jtx5Z16lWw@~WmIAWD-jmPBjhAN
zc?Xu_bUwk5RUGg95EnTdI^0h@#yoH}I3tN`&kmRe`2Ir=%B!4%%-y}7_eng5AZmTi
zcN2|5&)0b7=Hnxw%-P%zkQ~j_tLiCpiQcKGn8A-%L^T>9dH@s_{V`ibW7JSdj7a1N
zFQGCSwRo|v@414!Xav{MqrOX`Ocs*out@aYo4?j@3N5#87?B2G$&T>8wvGWFpfHX)
zC<E?o|AGTE5v^y&DF@M#X9VdGV-ev`&q1kHNNNC2<viS}g&qUj9mz-d-l{C)?O|Sy
zta5~Lxbyo8dji-QN|_%m81)?{wq9FafS%|QhTs&0Rv!?q&pw0M#!Z)+brQy!i+Sk4
za$-k@(NCmi-r4_(EbZa&ukA)Y%xGjSIbWjRaBoB*axtFK7$!`F4`92}^-_+@B_Zx1
zl!43;^i9azhz=e1u5UF=HupEb{keQ|FwXFU)K#1X=FYaneAYdZZD3UaGz5EZ^f!E3
z3A$y*&yJrH!z#GtdNt-3!@^xkJtS3&Knrq`qdLB3frzQFLInv*QW+R%fb|bzf`Db0
z!lf$X`lJOA<|bbUhch9JVfH)Nazbbz(5-4~M72GQAD{g~W0$-LJw*@(O~^px1rX5o
zn)kjVEo=bf0mU_k8Hw+Q?ZdT30$bEv!;BcC)LvV?VgFg;Uz%ZPdnc=w4rWlU#i;B`
zbpn5Q!JudCr7$!@S=D@4rnnTk+mI+<fp(Py)}J;*HlvEiHyABQB6CcUfl5REXuV<9
zb2^;a4)=JB!_>o&!%pZRC?!lvDeL*YPK}eY*%M~kKxx1bKuj$Hj<hB~Y+IW%pDH``
zM^CANh|k(=Epm)~#^H~6JYvEogqxXiD@zABC*pIjE{)z3XBRD&R~iF~x_{|XKq3nU
zI!NzGOj*6hvpOumV5D7kx7e1G5h%M3DLfFnHB9tL;<Yc&nJT+Y4}c9ZUZK<r8G<x!
za2$%t=c!qGGdaoRTp3hK!tm|Gc#K&zUswa1CsUuI_eKSg&k;%0Pn(a&@q-`)J!VK_
zaHC<76Q(XX6dKA?L9nBM1(z)RbDnD<^*GFkRysD4F-+&3va70i;LMfyr1~Xc+!{zL
zDDd_{Fw3YGb=WBsY(oRl<Yp!5XHyM|B{GvyYT^pat(n>Vhi(4=T)UTDo<U4RsTGoD
zQm1Mmqu$OOUE-zI{Ng#tymGF^Fu_sOj;0Su0^Nh9WiTg3I(PFgHQOv4?ds|WgG&>;
zA5^nq)FwGLn96XB*lC2<0fPD9MJJ}-8SVmt86Y?*Am<paPoIf3G&!aL!7zTlmI7Sy
zBlggGZa*<Xl-f~C!3~NzMD}<ZUYlAF*^jpp6_~mE9L6bvdo{HkNX*8*yX~AaDY1r9
z7pHLJBCbI-Zk>mdC8QV!AADPL1vcm^3+(EO5FhC#^D}IRMl6R=h6dAth8W$Jv5tw2
zOfpDpbImOY_Y_Hh^@YLE8M+tqNgF#Hdhk#Q`c@t;(UWiSNO{gk8ui^{N~B#lPM-Ni
zA5&uWtZnWBxshs(7tXhiIe8HU6137_10xSKv5+OdK~Pq&-fs|mmJZ7aK(R9cWD2~?
z7ELvS1RH}ZAtmTb=X)9uwqC{87*x7vyGXJaqFUL<Y(>r~-wA#o3_ANfZL<heIea`l
zg|z7Ioo|249GfuOLxBohOG3ADrY00Vpl3?yGS<id^&UqQ<byM!{-o6x1mvd+e7+7(
z9N|Ydw*zS#sOSz;RYzG~MAU2mv<3vWfZ2q|grB*ZhI8oK^qyI(pn67Y2m**&@G~A(
zDmczvlK@sg$4tmPA(!l8dj=Q3HHhH2Z7UeG(FcG%GCk(j9KHC%kf@{<lWgw(mURke
zc@ls}i7MDHW&OKva>yFwkn}b}PaWAGsG@j)Py6EsIkWb62(X38pFh2R_v-EMFJ8Xd
z{PN;=o{>TImL`qFbYm8V@gL@t`Ipq*EaZR!lKW*^l;ZQ0FyZJ9KDf62C^%)BXk_r-
zY<g;orb~2sp?`ylREW;0Nun=pl2!n5wfo~i5qb^^&(Ukn4mWFa(Z;bG*q*l;F0`;m
z3GE=hpLbzQ0x3|F0r_w?_Vf%|{yf+PbL(QrcDpa*|Ge~Cj-cWH{5MMu7$tIO$Z4VT
z)&R}dQ6(98zu(>@|6ScnB?w5`KEOT%uit`>_uVKEvf)IJvr)MDvgu@ugq1Q3k{tbA
z6bXOeKg0rA@4o4Bk$|lS*^NAK!N5-!!Z%)$6bi`3=#V-IMb*~aiT@4|eM?B7WkiVQ
z$;tO`>`8}$bXriQNAV;su&t!|cY!Ful!1_fe1i&0@YdF|`FG3^E)AY26~Zx6zXJ*T
zHzQ@40!t}f%K*<2JSNUb9j0Bi#~7THclEg`Q3%8*X!>DB#MCs9%<{zHOtR`U7$8xe
zW@_lD$!@ml|D)UvIj7X=X@S4CZWXq1+@j#Sfy>38Ytdxkh|qp<`}v=9kT%i};Ka%8
zNHVv?Wo@FoN0_J}EN`RoR^V&pZka#ejQ|_l*I6=s42PjZRCQKs?>^sk?X)FM&RK^8
z(RU?IS5Q#fQ)2quqhqSt85ydwo3sZnPu_x6@55OeTDE7Ln*4#+H#)&t0HFZj0l0ZX
zs#Xn#;29rP>drtxTB526^=CkUkvarw%P#jUXg}m}2=uWrJ49CrauSyHGAa1KUl<*U
z8wr}%Kwxr6EuhxS<HVaT^EVPDCY+`iX-SE|cq-)Q8j7bbI)Gle55ruPKg^vwkEZ!s
z4KuUO`BO+)h}B6S!TR=8W+OA4B91eS&5*l{!BfSAAyN}L9s?4_cAF(PWgC+p(e1o7
z75rASg$hHmWK>|nIYJPPD4Aof7iyI~=VF*132HWX0?q|x*7T+Z2|^V^K6cKT^Zjmj
zJ>A2Xo>?ak0sJ=DPvN8j{~nPL{c4ARls6?s05l%0hdT9ni-scZ87E_M2tXAR6W^>7
zG81?ZX7N7bqo@d&$z4cT0|a{_#s5HjvZATY<@SuvoF6;^l)3>Dia<ju%9G5&^R29$
zfs+cGf;<Ie2UP7tG-6l$x9Y`=4H7b4Ha~QPISV_8&48$Pk_eD9GsKdG{4AVN#cTV6
zl)$SJ7g0$j5uzb<JEfk5OALKw9oI9OiEm97gYQvaf;tc(?Y!`%fy%FX1~DV#k5TF*
zyw-u7w-=J(VLZ!_Fp=!%K7~f>KxDWfX6Jm!a?09?`8%g{sl|!UxO2vbM@0mq8*>x0
zT$y3_;b=OEP5O)vpPWi46~IjdHDQVRH?$hhefrK$2r6{o+lEmpgngkF)|KTzL(%)p
z?>aL$i?Tpy2O<F|yAbHZLUuc#;j?EP>~W@v%fO|<&6D&MIVaCDO9DkEJ>$bCGp&_|
z7&^k`MQHEY@7dW*w^&t4OcfL3+!u*)MV|4!=CexCenN>)4dyE(OKlGrLrizp0b_N<
zzS;=`A2fMQ5|VHOW0Q0DyX)?`&){+0Vc$ws8fciX$Y9a)J^Z<kx5>H-VJrfNgWxb$
zJDS^H^@K^g67sf6*qIs<xp<V$K!+ODx2jpQqB3LJ<3*7Uz5OhK)yZoBPy^iz84W0D
z@Ji-2lBeLnVOu0rN0B0jA;3$6p?OkE9gONl8bO}{kxe2>%0u|mxIw8_Hv$zPi6DlA
z6mTSPiU<!dojCDv$Y|=AbQ=|cCGtwX^U71Tz#Za7P!t+j?yJ5dIHG|O5cMH~cvO|(
z5T`cJ4hE%7_MdMXkZhEUb)SG*DmT%?=HY_~4dM-M|0N~sgs=ZkzL5gZ?L+*}7e9-w
zOYoBv0apwue1gdOcG6;u{-Mehrj%>`Md@fSO-oH$_bL5F{tOfO7vpl0z!3))P-0SM
z1wx)g*3ml}TZ^{4qE`LT4&&~z*Zl8&Sdf_iQ&PdIxb&wip0dA|5?ww+d%#^qtx66l
z-Zr(9E-Oxe03K2=t<MobLw=CI-afPtX8cS)ZN#6dd;nAdjN?eF!4G$sO=%Gh6DPWF
z)_2ogUyE8-&#O-Y-C#~f^}xA+S0x2?FRMFIsQR_KQOP6egY8EWBhyl5A_7|%xxH7$
z7<}kqBhXiqX_m@5od)R-d9(ZK_CY6Pgg7j^{F1&)pU1%&W<qpIfe`5gTwVRl&xgqv
zKg<tyB+2XpuN_`u_?v0UIy5)~0t}Ew^kwK>^9Q8+ByAlA2b6|PcZRQ5<(Y5=a`2kV
zRtIJBo#W7<SRzGD0{0rqkxkEfc8;=G4a0QCXud#yOx<-wmT2Tc2S;9erh%K1(@2qJ
zrwkq3C>fS3f{0)Ihyk7_T!Ol>Aj-<Q3Nmt!uvF<o3^(|U^u^Xy9Eh$!v7`106tRU^
z5}p+*43$q;{M;HJ3!*Dd06^u44f@8)1Nt_nWM&ZL1J;!o(IZr#qBkquZE~Cz4nov`
zxW8#xOmQ2fp2bhtox=NT8lxU>k6b8qp_35rVf<Zn-yBpt)b;p!DI{XnQ}^QV?Q?j2
zPA=J*<_EQ1+{dj!8R2N8@`O+^MRl-v`GB1B(OD8`Rmcf<R4<~XB{U&E{OYU$js06x
zQ~`pR<&AU|hZyTy2h|tHvr_{JodNmlyCa9ERk|`eNK#R`KtdTFB&sPr^G+=VGd6GB
zSz9H8XctpvSJ`xV0k4Oe2m<a33cAvZ`!w$gz)Mzv98reJFky<MHrLM9ESd=_te0#i
z#a9`%H0x7vQL9x#;Se&>d4^^iMB$5TA#szwa|`*YRYlXxszn(28lIE9*ee8DO%yW#
z*#oeS;eVd@`6+C5<9ymDMAUKh70~c10L<gH3q1ukB&B8XTx=^6YlH4zm7UYD4oqI-
z;#N?F4LFK1WZ5UgaCKBJZUwHeu<Z%4b|i*k?~Miu*tuGKSY8hfKg=x-UomnD#+Tz*
z%H`k%1Thcc^B8rWt_NRRw%WwvxQUWdc^S0@MslWt?rtYt3^4wUyWc1E!TatZ%%oE8
zZKu}HqA~|I*eEXm=HsymafCUUtj_YZ|5sO&jY6ZQ{BGK)dlrjzDD(-{_5tn!E0bxJ
z$yzxxOqz{rIWxxwL)p|NARWpB;XVZa;5%lQpx6NuD`qUbM(7+;tx-Thhs^qXXK@R!
z7>TB<6D0vgjDyU)B|j_;$CV;;W4^iAkoicSz_(dbb7G}&)TenCqYKzX1*E*5W8VV>
z2fOdCa}VwdnQqVLJWI`JdCsqv$x@>fJqjj8nPV~fp%4tNIwlw@u>>kj1h41Qb9t5Q
zk=jkO80O+sSID9J-phs2Cz)Ekm%nRhUv_r$QA`6l6O}`dQ^o`y=dXS8ygzCIv08Xl
z3=(|Zo+8?kXrr$RFv$+^Q+1epG=XZdRrmK5Apx@`rW6W-keaXLm7e_rSRfeevp#F=
zI0MBFDQ^PYK3(~gH{#&-WXw8%EsF(1kjL52U%8WJxZyiU^AhSFiUJ_tUl1^c|A9jr
zJ44Ho>05H=(7_e(efa|M248mZ6-?j{7HkmPRJD{vK8q#58f9uLHtM`e=_jcm4M8-i
zs6oQ=2WftXIHT^8%+z^!d|K9?Mh7My$M~ty-%Ir=Y>>1k6bxLX3#dU*p}HY-B&q9E
zzp(J!z?;?)2}}sV>9Y+VS@wnblLl10`kF6VLI)-+;=)J{F45S<nM+D}GAMV-#M&%F
z)Xdyp>tldle|ik;129+_hp?1Xp|GtZq6@96=PJn$fZFx3p$HcWQXE818+;L+tFJsZ
zJ(*;XsDL4`u~14e>%*{NjPt<{hv<>SJdQ4p+0cNU=0G7(hui^p5@QRkkNsKeZ~g$n
z;fz`W^DBA5)Ps&l@<XuYF!r_)Ru>bPRH-na6Hg@&HuCeCQIMh+;!FC@e@@@r*d<3o
zA$`^fX;=f2wy9dne3?F>)x{nn7%t*l1jDJ!9PF{Dv^yIEWX>7Kf?}`;IVS6$nh@N$
znP*?fQxctorxH;}2cM%$=L@<)(21!CYAWQ@0F$gD(;$fk&XlLLx)?OrQi7ZaSjJq?
zwk1w^!eq?G0132)#mC-9j<mE&0%P3L6Or{^->=l)H@6^ME#$p8wqvPy=^{c~kczst
zWHDLPglbPpR9mY;AN5*T?5$Hv<bb?N30_MgDV5I*E^^P~HPbXV<^16b;f-Kk5ld>w
z8x&<uxjsywo--2QjN_e^Zb=0upR9>-l>ZYggUGQA*eH}d$H>M5ZvkBIdw-7^U3xrG
z|2Rj-!bEi<kbd}<01rbZV<M2_2!0cBRo1c3Cn`ODLg`s>z)Rf4;re1JIEUru&{OdI
z&h^hya0BjlCl|M*L_*iwwNa}%PgeW+Rxb;4OH6kkzlQQpjh370{x5Oo-;&4h{hFxX
z#BNXXE`eN|{2|r`@m+TbrR4tIH*imnG;l{a4crli5?!~NfiKEU=*e~J4fw;NLWkU7
zMfj!>$<l!2oTsnkP@TR)@5|QCj>3AlC$uhAhj&0eA8f#7Pauq?{47H1w}C3Ak%R;a
zD)N}z_ZSnAA%ANqXElqf?i5OY6SHS>`7a;H5`q68Y7@##U>Y(x#6nmD$UfdA)gziD
z<qQ6NtG|#a$Xl6Z3!P;j3tccb3usHC>(dL+eq+)PB!94rZ?<p(P<^t0XMfhiJ)Ha_
zCooy(Iu6hm$zTS-W6*}jGr)6KdF;QzHa2&a$hAsZzQhXQXp=My|KXWcy)4cj0uq5j
zc#j#(iAnDG*@l2sfTa>Pc|&v+#mT1(0b5z!12Y6kL}C_~rh(Q68?ulg$bAcYPD~H)
zjZ+V47YH1BtPR%PY=wB{V$zY}E-zpjAYKaTE$l#|tUSFZpW~U6`M1w(Av%V`1E%3D
zY%v}6nYpp6hBfbhC0+E>JvF}L=*EqnW>ExCOA*Q@PYl^29+n&vt8VPj&B;bN(s)Ah
zD(~W?3_y-izwx}Upb31oAD}hZTBLTTp;km>D4o;K2tqv9;8{b}xTx6l061ZfK!XX1
z3=;x=t|yJtBxP(p>KQp9RdQWse?8k%hLJ?X34b*p?pP6Nv6+GAddh6n2%7+ofgXe7
z4LFD=H3%M0uM!^^e)TGuF8U)ENrZz3xetMrlt`q{wI$l%uA*2imWu;S2pFLG7&Re;
z6)o3<IXs?%P3p6@A-Il;q$sl3c#FAc{GKF7XAOchAp$`WWNVhqQ+&ReZ$@I8v`0jJ
zP!5HWt)BkkR^^3A?ZD_+0~7ES0Hle>1T`7t@wSEWaC!dURn%D%;r>XRS1>J*{7^3<
znVqJ)lWG%t;1ca9a)`4eb)LXI>p4d}SxCfo+?A5386@x~07*7nmuPTr8bTzr0=O3~
zHY)sk04=&OPJW5hK8$CuyNbA1Wf1i9FNwmT^DvTh)F1b4gzQ*_3W4Wgh4~Wa+O(J8
z-HBfG@b)!1a*rOQOG-M2TVvh{e`6h)&M;|VsH42F69dFKtBnacYizdq0t!W-XYQb|
zfbA(Y12E2i7`e!*`3<!e{_Jl5rj-BvdvP1A<*l?jKPtFk_?DzUr5ag?1pb7a=+5~2
z!xHL}3iud20I<;KDVKr!dYaf+e?6dKO(PdtjEP!H+|X^p<4=%1o0=pc_TzFNm;>=t
zy3bToLTh6b7=|B?F^+bKzX=UfkVX+1qh-R#!_F~-<_u31k|6U`X5htXvQgrmp7X$y
zG8FfCJ~-|g@w%Gxn9|VCabyl1W=Xh|%wn2Q(-9%Lm|)B1p@q^+)~f6Bu1(Tc=$~D)
z4rMfav1H$zRhM~gM3ZA3U+D6b=#e30_;99ZG9nqsX3r&`=Jv{S`kHL$bM<OmiK}Xd
zGGHF(%sYsltxMj@d9B<NSn+v3dHlcbQK8$^-FpZV%pG@F>l8^2lE?D*7EP4=2lICd
zA-Ynh7AOKofTxqbz_PG3e`f4B1xs`K;R%P)9SC2L1RWfz*CCoTq+B<5)HW-rS4VYo
zLL(h)++Av&YtszwdD`%_2M+!nSSx<o2;5MhflMsd5frHb4DwJp8rw)VfmC>|bv_J)
zzzs=WxZG%@!tpL>MQGy*oLU3xWFz7I_Wg%LEAX%&9ta{<bY-!xOjj-s&;Z@8;lr1;
z3;fqc1XEk?aEPX`tW=+Jzh<*K3eH04Mn<3)?Mb{f<EkZ>cM#+g&~{QXXiK+)0R1@Q
zGVa!v^H$YrI7-|<K!4ix$5~Bn7J>Ey6Wf9m1B+*F=iGGCoNcs^RJws<zPtbY<NfZ2
zwEZiM)KA<>^I>xlJ3~PLrzY)4Mla^3v=D`-KgIUO^g+T8q)_+G{Z_3*7FbYG3;?er
z`Zpk3tle$>BKM_!m!kiRUkSJc#Stk+4bQ-%)#dlpXPkPW0#3jfv|SG%0D!uIz*$vv
z^FjuP{{4<=`FM107U4-CO<7A`I3{?5FtBaeGFI#ApSBE~{F26D^~4Xx^AJL?p@!9}
zeNEQOB~4a6j71^2<w}arnyKx=+8fKvO+duEA?)IuZHYqeR$FBbfdUdoO-a2!U~?;4
zWwzUG_h7-UgR*F%brjpXzq1YM!;-cGW{#9$jh-OAt7f66(_as@ITgQ<)0SfrZcvIS
zsq6r4X+uiW$x&ZP7?Z_i+TQkr%YK)iU-RSH2Ngbb*vC-(Lh(b{<QEj<i1t<A5PYvt
zG00PUCO^e>mL-Yj#6VIkLnZ0qqM=xg7yL^kvJ3Oxw_H);EN)l<j2c`u6~&)9bvXoN
zeKLSqq%dZk)Jb#6yg8a88kSaZ)kHXOkXBCte|ELm)$ChoKkq(v_dj)?bRLG&cg|?Q
z3gbwJ|B4$3SIuOjhM@o9?y-<Qtk&PFc0hpm&)z@fnwQmVeK0O_Sx5{e@B=8fk)5fm
zc>H*Uc=0KmGsK9YhoI(Kh?x!(umT-G^|6Wt)h&WvefPz&3)6Gr$!&^83i`_#G)T{u
z1<zRn1*mQc2qU25#*q2qm`EWSn^4?BXbiEjl;n<nj9o7wi%d9XxP`?y6Dls)S~3)C
zsPH7;LGAS6OEBP6_xVlt@L|{PBXcPqRvQ1NE<wiKM{xww=k?=zk(`%30RM3vRUEr;
zOe4N`XcJHNJ}i}wR5XK8@)3#Mjgj(UjgS&xzr|g|93H;4!hL7>`MVn_L=$9wcD>vE
zrNTXIS%#Lw3qGP=IfsXl7@8{YAXHU8)Koc1=r!R|Y*MNX17ONXlwbV(Fn{~gZ*Sgh
ze*5vqx3Au9-u&_FTUq^LtJWpNu}$A2^?Gr$xoJ<@LJJcPk|3tin*?@jhsazvGFxkh
z?&8{o!z2bY(qTk!y7#6_xot)_KD1{9zl1@EaxVEx(qpgNPcr3aJ_LIaa16DHFoWaq
zPjG~$Y%06yZkiAGVPgK?K<Dz_h!8><Oc@IyW#W2ZL?#Qtd=r-DmU_Zr8FBRLFE;48
z-S^kKkGiI08KUzE?72-LB*$-^<Y7!ZkukH!HLd)#WL7PkY=|Fn_gTd?Ho9WN{JOi{
z+-&#i(+^JpE}5oe7$G0-NbOBFkSumf3=zrCE8T2Rc86&VG*N;)Z)+}_nR&%`DT;#;
z1n8<sbNY|pWeQXRzntv_(izC1XOk(AQ&esD<+eT?`+rEZ%DF(MwhBpQ*<V3Lbz7SV
zmV{lF=7x_(8+zE@uz-GegcCy|r|0xKq-Pu^>V7hZGKCP35a%r+G!1PI@)@5Ik$qlQ
z0F?cUB01HWG3I=astRu@(-B-nB$k~6_TmfKXzy9$FJmaF*9%DEad285weh07*w>oh
z_CYQ6n`jiYDV*2>v>(nyX?Sp+v+M4LnmmY3b~ks_({9*Mm7eLbP#z#eQP-#_*ldqA
zOb=gA^+*l#-+%k_)f*1N&5y7D`D%l&tcO>R853n)1@RLoC)0t;JyINhNbozb;2^X>
z3Tiv6zR#IX<Kl#bk6nl$A@U$}9$3fp3Ep##at(U%WR6m*4x{M~WYCw|AJ#bzRm@dH
zc{cY|YXc_OY6U?P;CLi2tvz)4*cCYxP4IG(gDj!4Gwo#4?PL-1cG%vE?C~WYk|>ps
z{?0(Nrud8226;k9d+u)TIXL90a<@0#e3GS5XNa=C!2MBA`jWmj;4tt!IlkdDpm_1A
z3o?O#iZ~W(aMbEi1UT7Q!!c{TrtzkkxS#%Gc6KaK@&lzamso`~5HQ4NXnz)k!7`~h
z<hr;3C6tCwj%C5Q(^IZUaZ}w>U^}@92disAUYs-)#wgeR?p~Pb5B3}7@VJ6KK!c<X
zVMaK-@p&!zEivjW>J&f}JcUAFG%-uhYjt9Xb=3C)GpDRAM4n^_|H-uan}W9iMY_Wa
zHmJl=4M!+JR3Ai$b2yBTec%6D+=>-Nij?)B;Zs`8W<8mYwKaK}6vHL!sfO){7uKa2
z?Q9x@wE2YV>NAiIYV!5(OSW1eoT*d~X56H0*V!#{`LPfouMTrCv|x3G5o~QGoAp<d
zL*@Vq|K`Kh)u$r6y4q}RxPG>0*&ZO!W6CtidJ;e&4`ahGh3V&qYX6}oz(wU8!d_w*
ze<W@<im<+;D(E0cIRnJ0H7yx7Y$5&>BU%&BT#Dioz?X;I7gtVZ^}5UPQ87;n!yg&{
zZN0tTKENS{w^cz%`gt^Wr4_)ql$NwPSz8!;&B{K~N~sen9vEMSUze#N5Zh60OgL88
zqA%shm-sm4Uifrm-*d_=VAOEaEEz~;mb0%3&O>=3<;-kBV6beVLcIHBN+UB=iUj({
zJgeA9hXjK~=>Z7g3~y)%T}Q1A8}^abfl-sU%xl`Ed=Fv8o96r7Cvj}daXgY~49paV
zXWJaFW-&0u1?or1r%(iNq+eaZ7t$XxyXqDThe=D=fEW%37)fzr+wM!cc_8Y9$D<&g
zl22QK6H5JggN+E99?aIi)#|z;!*Rne(ZY~F7-tbcp@aY+KSwiBHl5k!nC9O<Zm;1Z
zNj1)M(i|rB!d-y?4)!Dg9h@`gwE&CT=^yD@67dA^+W@>L2JSiDg_>`N)`cqE+wCU?
zSAB+e{JBTeK?XCv-F@V3B2?s&aKpZ6Nb+UIv{=4P7+b9ylZrwd;;}|d3}XrjFd34T
z+n(_t&;UeXpeqOrQ10vrf2%Thro3;g^<D99oODEsk$|!)b{y%-LC4<e&^bN$@OT4}
ziVle`H653S>gI0kKyx04<{h+=X$s`MY6=0oF*)D{)J=1qx3<K;=#611%41wnkbRVh
zQcQ7J;$XQw)b3C1mO!I1n>9+o!ePE4%>>1p!lY1viW8<zce%Pa(F{2J>>x>9fP_6r
z=5TX!l4vAX*0aWig(?Y%!d?`s|IlB(<u^yp9i{9c>-9-!e15;*kwU$BSrMih3r2<)
zv`39pIE7inL?h)2ukL(&*CkZHSwEQw%!|5>IEA3dz+&+fxMYTy(fE|Ci`d0G*pX@b
z3a%6x5jz0H28jAIy})f-m_l^`j1Yx#P=(Qp`$k4ws}{|ruqRSPzf`qdKypQc+MFev
z8~fmy_tmv&&r#bYlqSKuQ<GF9kqT+AyYM*4oW%&kxaW6@ZA^@pHhuih3P75k1VEB7
z&vvTtn|HTjRSR_hVZH>`QF6`DuV8DK1#)SFF|Er?R>%QBN77Lq1^tz|RZ^Xr<PL`6
z^4(8wUcLBX^ZJK@)hpd>{_*Pn^3{-1RjwpS$iW@in0|<zAQwd@`ZlmRN0uM#ddF2q
zT{N6kK&|BG=pUU*JLxQj=#G9Sq=pn9p~L@?!##!Xix4i?1iZYB<#n6%ER27rf8#nR
zL`v5#1Ehjf2o=<Jipy?dg*HSffAPQUM+r0D4=S?A*@fgz&@O^+I>}8C)jSL}i7Nha
ze?z4E0p&qrDAoHt#O}l=mAtLs_5`U8(z8m4hnP^z;;U)DyOvmHcemeO?`|a_C$&R>
zA2Mz(%%(wfTnB!9qVU5a^2~iF3b2@3<aLPa2NeaCJq5yMXUxB2^h$?s5CX>?Xj-6}
z5mbkEFPZ6;BZ*)LfBw3YVwpmIvAOLlo&@=S1oKTz;+s%MZJrcH)dxXw+*f<DW)!x4
z*bV;?1us7AUfO?=IZ+_`FuE<_dn(XjS|csdNIjg1x+O`dxZ3$>5zQB5$wnhphzQlW
z29S~Mi6e8{tgnKYFqd>cBwavdVozp<jE{8=pRz^DAAfuE%ZqpKUcGVFKa<lU6(04J
zfRm)L5r?Nd<fNU3jCWMCFyTIl$qAdF!Sii3B9$fi60G+QPEZ@P9*<2=70dM8!jgx5
zM3Iu1()PeaWGRH^z7JX5?5jzh#Bkubr5fh49nE&&0f$S~1uh=%fOKLwxkcU&uC|O?
zdQjgBYsK?wx;KXV`mj0P8bgG&l@Pj#s3XPTWU$~wx=I31AsqsrYIR(?9?}7kAJz%s
z{w8f;#ieldlqZMuWKcr}iC{BZ%!Zp~iA=K6h}sHPOf3c3CBPqYZrBhh%^IZL!qP}w
zsH8RTg&^>5x83jXo`2WBP56L)Klua&-W@IgGueF_c>{+MKK+~&z?&?yr+jZxr)TF9
zT7)>E;Eb#@?y-nPOwBr|FqiJ(#I^fb5-x8as@t}@7g=<w#$<g>KJl8`vFSe#1xfbd
zP|Xqe73~Fh?1<>kAHEK{9apqG&YGEUNgShe)Ho<M(RH=o(<hUJpR8%zCP35$1Q89a
z#gYnJn!#`#oEn>P0uD@#{4{tBIKetG2hvQu=7BX+ePlDE#x74u&h<EQb&LdWnJ#v_
z$0abE{fuor^hY`)_Rl*|qwqr=_BS8|vQ;c#l8aCm@@RJ~JXTof)^9?6C}UQROCpS4
z-0rtBZOR%t=tOI*fZao`pEw0IZ&8wRY?_x|day>S`To$TC|6`A#8ARc#cfLDf!0Wo
z!r#H@VP6Wk-}4?IO`La&3}-HriDvfaJ<W;LRdVP31)UX@8rf!}C{f|M+ka3&&Eenl
zsUq}3<Pua^lG*wct5~ZGM2`vq$Xs1b&JK$V`n~#0K1m6(R$^t=Cm}NPOZUf}Oq;D-
z=TIX$S5{p`niY*7-A!^@<#+eH1{y)6x9Kchte_%-G8LLF3JtMI^pjt;i^W6rSGU0x
zl&7PLM`|!9hA6t)lPL2FbfxT(S1E`|w<(ruXJWx$00zNOq8mX2q7KL-s<|D`k+ssl
zm}r4W0#fm0=&@rc(wiJ<T<TsZ56r-A$Q8pnr!2BEHvd<qQ-Nxy?qe|?3v59jWfZ`h
z!*RFPb#hRYu>b{WYQnA}UCnO)%3UuD0^C%bVS_~Eq*y-A4mOo##@HIWKC5~G2^ZxF
z6skF4rpAV`zj#T(s1y^m>IsaOc{Ip9K4D2MI6)$E-h`;oazW-D??#9D3wq0#umQjV
z$}yFMMF#=2b+V2P8q^^iEL=S;5`1<2O#2Y>P5?Uq7>L|c6>QG@r@Y)^(1`QIoET70
zOFqlG^iOGbwr~idi}@Hz?4l#vtWz;V21#lHBI_+-@1OV)^PStysUbGEwfU_57$^By
zpelX|5|LE9P}kYkW>5y_MESinU|bAQU=8DLBn&DsVJ5eytPR&Y$cg;0IVaE_aTdNL
za&!et`glX07na~G<jmb!ssegPwqMHM`hdVslO@K3n7v+@PlFtr7M`#$#*cugSXhze
zKS7>=%ENk$3hLGpis^JRj@aiXeL}%uAz;(z<mPce4*fb9{86BHzuv+d6#@GIsE*Fy
z9>WNf*I54)JX+$jgTv=~XVxp?a>f#{QA}$XV~=+fO^`~U=DQhc6J*WE?2(09TIIGa
z5@5*dz_6g9@L#m%Y;YgDreG<BF_{UnF3n;^VE!)KoCYSSj6Vb>h}F&m6OSevZ#y4C
z-PyLN5<vUJgN$`C4g@@J%LjQo|Fe0Ox1FRaM;|yq@}Ov&xP-E!0xzpGKDJ%D0ns(9
z_(?BkUofULoeG}{SFZ+rhuh-ZK&jfj=LJ|nFM~&~VUG=fgBDYhfyq9P^G1ho1I_$H
zg?sp6D{#1BE!dHi&f6E@P@pt|lmivB<TaC5S24=!?psh0IQ0h4>&kp&34I9(ia1;x
zgOi0~yFxrZ5}6!1OG!l7$ov!X-XwMbrb6^lLCZLWGHP%na?=y5D}$&auH-yzF}T>~
zOQeM*wK?SX9hMx|&BkU)U~DLA_`5|9$FpQ82xPFcX{z3J=8lmHF2Rl5AyA1?DA5pP
zr<%;{mCJ`VgmwbTK;op-3?jQbp0b)bNN(<Kn)D;){eAkU{F&YE9=1Jsc!KIB(FNkS
z9eHq=@AQl3?FsAv0rm^#qVEuso9}avO1pYiMrJ`eM18UJg*ifKLDfy@4_qV2d;rZO
z*A;<>Uo`5Ts%U3C-b0TsL0ni)XwF_r62&J9W2o8fN`|Kwqo2ZE&}q;snqbCxZ;Q|~
zf%zWQZw`Bctn-e+S-CthPju{^>W643pH0u32MwXM8k{jDL|r{AC*+7J+>&A&R51f;
zQ$r^nDwF>c!Jg|mg)8p`kGxRdq7vcB@#mRa!ztuE>;<{W4{I#9wDLK0=S06A61jX&
z-sp+oZh=UV;Y1RsGiy*9&dgK_-d}HTpxAL5Q3gd?YQVKjJ}32>_kXE{1;U3Rjlp=}
z!ctE`F%8+Z`JADC;!N6Pi9RvVr!DjV0e;*bM%gaE2v&WrMDUnoHPAfvoG?_pPLFdB
zx5K21W*6BpCvav4-9C)`5Bw|{1Ya0$<jxi^4>jO&#a?vUI^7U`3L<12%zw!>a$+S;
z_NDZ9_&<|I=s`4d$g?601c{FJd%n!fQC3RwMvt>FXt#TY;TEo1X#r|L5_?oF0$u?)
z?;GZkzTvQVm#rQS$p(RtI4q(R%m^qYlkxC%3HN9&543I5AO85|m;dV|Q95)kB1|N}
zigf}cd3?+Bto2h##3~@V%{5y`vR?!Z=a@f+$#nh}Pussh;_41lyg-Tq^`yhQtdDJh
zF{Ew+(<PWwf|(HO!cs<*VjPO~uZO|o?W6??tfWpYf*mg5LL<-SzOCm3%b)E8s|#ct
z$Oe;}CIxGQ3iF{&{-?X&h1tsw70dLHzFjO`YGd-ICGG<X6;K%Wxbr5(2uwPR&(r1&
zk-EB|G_Zzn3#V#vJeKZ_<Lr5PCkcuohpcI<%Qii8Uw63B5r{vqJm4yQVeDdlBCa!Z
zx|Y~Ve<yQreusrdr}_Kp>Ht_n<9d(jaR94L4lx*)iIsGa&V^AsKs@IQ;%ReM6cshG
zIcBs-S$HFBMmT(Qxc+?uw#UXkcffKaAj#K@4JxWnJ|o1i)H;I*w*piR>02IV;y5p5
z9uRE1?tm+^#;ARasCpq5M2x!159Y;e|D0^5MGYF{PXhd_qMF!uOfjV=o2kjkrhN=9
zJYi+nob$>{<!|6a-vYRh3w8NgV142?##HPHIHtMTy-#T<fF4n7D&QX!cnq>G>>bbe
z9PLqoaYhrOn@xW#Km1`Gdi=ZT2AyP0<#nh3bhpP@n2yEy+jg=iDZN7HE25xW222$1
z+_Tjsfr0N!EHYcQp}jIz>Ga%Narurwrdz-r+|ckIz#7m7)0!Hr{ctsRXws^G+zK9V
zfcUQ2ZRYnlM~~N7W^eRw8Cp?b_|6DAc=3O8M|zZ>Je{ka3^pJwJVT^iNshwr;5*no
z6wSFo-I_Jy&k8h<QUJOFcgFPvL`toNF9;c%L{mYQ4d<{d5rOMTxoN9kIY|;w=TI|3
zSi0h*7_;dM-o#`K5OnA|@Pp(zFw1OJwj2v1E!!+sUa}iPp=lS~eOYoiI-3Fp<(W(3
zMj>Z=b>i5oaW0F3Q#fd&FabyiQJ7HKPU>ML_;Ze*W1|J5)o&XnfhREJ3M(Q7EAB%D
zcwj2fs5oz07`0>P3{_Wl=F;XbfBW^_tN-)PG3!yr02Q6*n8Seaa<e+6!RImSvj!fU
zxB^cIO&S?<kEy&gD{PGcq{U%|&|wonm{3_5hlzZ|z%s(@pTN{P8|0qRq;`f9Cbh`S
z99ZWPN)BkfAPPdELmxUG>x4y?e&lR9$k8o#^N5tW?Cj?G)QdF*gd&7r0(7Gm&kqAP
zSUu~2tVbIRlzvDyhUmc4yHh5lxFHkHn!e}|WSb91`rHw!D`DaAEY$^NziX_Y80UA@
zeh_YLiMYWJD$<^91eC=+1K^<XbipnBfc?n*+yaxsb+=qFLsuW@6L=eq=xuiOe-lK}
zpMR_Wdv<TxfB|cR1Qq;2`1%=1Kkk|NWRz|~XBjjzXml3-(1(>cqBn9@)R=NPL<?}I
zQp)QaI0N(?cMAn~YcGFzFg%MkEPBYP@Svc?#Z4suZ&|Df`YwW>seUzo#o_ekm5W@)
z%aRBtF|h>kJ)2&7zS9ZTn39x|6iQ=n3w6ixE-6CKIto4OXu>Y@#RWuV5W)Y2cp*tC
z>fsKDrku%|r?qj$^!+0sxgmtZ>Z;+c;a&vsgw3B=Rv#I!70^*(K}QBM<id`K>cYmu
zMaUG0*6e(>hH(BZ7l)o?gS~07`6RCIs*gf_N74<?yWJ4xu0Ge@4{%(dI{aSt%5r5a
z!s3VM^Vq1-O+43MgGeB*DIU#$SW~ZXNH`p_urX2nyuk~*RXP)jw#zO<Gmz{iR=CH*
zD-5b@+$<qZ?s7oBxlJp}poFt8iixF??4|P4v#!w?ch-8OF-Eq6-K285nHVE60eLU7
zrqsqu{RVX8z-y7EM_;ncE!&#^n_>k`zA0=QQ1MgbpMakeFt*zdwcot0#l$dfr_CXJ
z3ROfI*CFlpR)@#?)lxfBf2Ja!pY*3@zffBTNCdS?kizpNo<8d}#nnhK%z0m~%fVhf
zEXFVfR7&lV5}p_}GhAnw?Z~-+xkDYuGjaxAWl8piY4o4dL!L4CZdNplO+K)laA{eF
z3=|}gBx)!nBH_Wh(lI*!7<P~v+ylS~O9BBDNem{x?e)wQa%`~`zt!7o=-dEHlGZOf
zFmOYu$ouWh^;Rj|Ahf8d4go!?e{Yp7Wq**CM94d)Y=D<WO*&6a{KQzGIlDmkm&5W+
z^>Jy4hFGG^+~2Txz_fISf;}6isNt@I0Ys{OMX7hO%v?rn?Wa;<6OuAL1tKx&sr4oR
zJOXp4ewt{15LoQccp`yoSRP2?Obg}3%kNG<LVRxP4W+1S7EtC;^O8db>REh-<vUNc
z#L?gO!^8cyCT`*()HI=oj?F3SkH6%>los(5!xtx2g&qjRnsC7Yo!8+@4|6HE;zJaO
zvGj4XC#wSS&1Tp4Aa~`oijf^c01N&l4vE@AQ^z9Dqy<Sp#LXyV-}e->#ig{eyKSWc
zh(c#jjRj#j@qFzOQ7*n7F1~)VrFvYx4GlIb^k9Y?aztHgyn)l-Zti#T?VKcklu++Q
z1T~CMl$WDo`Rzg6d+7RYb*o<%jCV}MJ`z^|6D5Eo=Zs;+(3-VhcXyPnL8pC2H5=4=
zm=WY$L3LChEG}=%R<Z#lrcdyH2s7wNGjU0;#?lJ_CsaeH@J;p{|Dmn3GNsP?g2)M*
z7d(30In}#V<iqMfMGTi43{z&#EI+Ka`@0aj{Y+`u^<@o1TOW5dxh~|;;l?s6F*Wdv
z3p%{u&4I#=B?2o?O+F8hyP2BHK^Y)S3urNrKp?HowXW@0YN<<Jd(k}-o5;<y8B)1Y
z7jI^1QsoC9Sqy7LT>brNpeG|I%KHF>stVnBmIw3bmvTe;EtQwVlVH_@T%mv|tFV59
z|I1MA2_ag<x1gFTQc#R#Nvwj34SoIN-<mu#K{v3daq6&a5@cjge>>)x2n3Ki3(63-
zLy$1$UO4*9c=Ak8s9B$YQj&8S`plJQCRh@YZIoxieiCwq=1{@I9J4yK`mM?EaFURl
z25p3YpP_qm>|yq6`i7KR66}Hj2K-7QCAl0zlQ(4iivf_A_d@CUAQmQRMXXma$_W8&
zTvpH5hD9TmNKRqfN1UNjTM(K9+90}L;)eoG;i%y<_q0*MfwR5+tGd4{QDhjYvN>si
z^W*@o<@mO8yz@?n;rk9^g>AFn-n5fBDVat}5J<aZQj}l}O6lUnwp-M9VGzUd1*D4N
zK|-MBke@uwZjj+OZTDbs1B6V`z?51;2zMz*U%sFH-Y|y*r0f@=SwXU?B7Q7|W#QUN
zA7=6J#Sj)T^40K5Hi$n(W-H6ftvHy+t6CUfD8Yd|176EPc545R4An_s4#R=)8i}e%
z0)NA8IZ;Y__A;4i4NAj&10iM7*&~_dUi_*RFt$jCgfxaZD6c?RMH_SUs0}z-bB;ej
z?o5ytbpc8Qofvc44{OX6Uz-ZwYoa^DUK=WfgOo}nKoAt9lR&dEilblV3>v-+SuCKm
zfJ(3$K0gb@Tl@0rJ_CdW8x)o86=aj4dFe1j4Q~5Co86~v+vSiWUt`+oNDxWFpu1s*
z@5Qd7cpBI;TO8I?w7|{rvi|K-D&99#BT9T(Bu%Ocj#?mPRL`2I$oh8+3cPOjP}T5N
zYS$rIg~J~31=D4A`ubNX-M+iK{%j;S_&Q!U#U&soDc3DZTV%cd^(c7r>YuOPynXe<
z=KI(0-fn*W?YDpY@jLBc$K#Ap$VQlelDLJ_>w)gAMKRd<#6Jh{*h`ZHm1@y$ie|-<
zw{8UCz?gJEBAmJKw&7Db-td&)kwgp8>!k;?)|nwxijyIAaBuZ*{2cA%kxpTXwiWPt
z(MSZ!=)utzMu~KEtDx>(>6PH4@z;!EH{;T8W%n?FRBiyU<L6(hJBfFhmpJ?5<2(Gk
zy~TZ^f$=x9x=<k#mmW~L_(p#mKRV8moec&CGQ>@TgDSZ0+ea|o2&52V6xLI8B={Hk
z@`T;xbgb=2n?N0*o#R1MC@1?DPXORaiFZk?O>cl==vS)U%3dltdP)P;4U0Dsh<qis
zZjeLYYF%klzCB-$6K<e!v}9CtF=`B8^RN@fM<Etxa{^tj(vWH-4sQaezQw6oj71P2
z#OB!UKWylxST0hoLBR)y1hHiZ;`E&kODA<!&e*qUsV*l3(bt4yB7{T4Qe#+7wDAk$
zV)$NOY3jsHmlx;H_JLVd?7kw7U$YJ?ev)q`w}w6%u8IVX%Cx2u2YpC}b-6Vmo)z0o
zE@%+04<C}>`6G;V0PhaA6OO9fMO15m6hIDi{{9etEcdg%&Y>vw>PmRFG_4|K=`T67
zuRC$*r^AEdj1UY9kQ?P@UnT<@L$x%GHz=!EnT8(=Lp3~E8zgS9r-oRI>>!B|3IL&M
z-<Uu|Sn99q&%`d^yC9VPuoVk4j-YXeG9A?|lG0jpWXgE=N<pILhV(*^z6XUfz=THN
zj5W<~S^k5}+2#;_hOLE59n4JMCN+FHzWHzqrlCcV=Z(v4y}V*xi!kk;j)YHu%^u=d
zYPg%2j$PF^t@=skrFCY_JG*PgMXHn}>FDcXH=P|)V~aMBC&JtdReYJ5+M}m7))nAR
zsjxz$y2Kwdhsqg^0o&48UlgL7GsOJ>tZ#r#f?8*ZK<)^p87eq{{1P$O?eHuub7_Hq
zXmHD@$moRYPG<gcw;w|yO$khdEg((~<fpb%^n}Q;1|fC9%(2-b^QQiky%gV>NNM+}
zQY3UEnimM9N3gpRshdv2N)yCuIm2}^4}9St@K3X@2Ta_Dz%+fzm8IbjINCX1%OaBs
z2r7_)uK+f9HYFLu=?0`6+Bxv1hx5TyP#eKo2iBA!#LTfRFK7&fDf6W*a1)yr;J(eM
zy+%h@uY#A~E&pB4Q9g)mV8604*VgGvolAmsT%;X19ntxK0wJ_cMqxr%XLR=+_QneN
zz!B70pFyBR9X;q2ge<L+;&`}GI=s9~raiHNc{>oMByt=e^HL$yPCeO_DzC67Y{|A|
zX7)67<RvsQ#cd_|DVc#(e<9{TSj0gB&<9T^!EDjp^}LUO1s^~J7al1F3jb^zz*t1j
z^cFcJCPYJexNcd{ojq%0AqyI6{g%-cJe`QA*Au$-h>;9_-m%OjI|-FV++>(47Fc&!
zaV{3bQ=0fr96lJ*AP^G^dQzY$CIeZNhzupr1B9a`5$)WSCK3C*?*%4_>T;Bna2#V5
zGIbxTdDmxtY@c%!BR54vEX{}L-?J`Fm<?-^YB<IqE#t`80nhsu2)h*E<57yF;Ed3j
zXU^hzSt}$G%cDupq51OvX*(2BXQY>k76*iV258PWLg>ZF`dRtn#DX;!%8_%lNuWW%
z?am-1#l@XOh-CY&v1>V<{RiP$YXl-|AT~bEj$~Pd{nA-a9vE0TB>)i^rHde$zb!O`
zmTz9p)+x^tTd9YCxkk<u=7=bq%XZ0Ixw%hI+on-NRYa3W#vts*QQ9^bgj2S1MSZ&4
z|45T~SvPjHgi{3i+%$yY8qObkLL0L0BQ3Zd-H|yaGhY&wBd||&o`)DSZaAVnNQNU1
z{(gH~-GBb=&UT-AORAvpwF$Rz_b*Uu9xUuy)8E5&MCna8tfBz2g@#hzP--4ipVn~c
zQTax;WoBbxwJ$fDz4qo#&RVa?63UC(m!<kXXz&6kqNCEd_7puLkKkGDE>jhJM4r#h
z?Zb<9z<;3#dS?pXjr{_=CoP4%kDwydW+u5Z-c~0MA>CasjLFF2hY=}2h!@cdp$xE2
z(4jTgko63xcF~R`!9`?Cpg}~a0WxA73-^rBVg>I(H+JrlgN~$X0%)VC;Q|#B&iN)t
z&Uyts66`C$ctY_7QV>L{y2ye+4nyJwGdx2=nQK$&3S*2(Xo>tAqf4zLD%<l8dWz6J
z4Zi8_2#Bb-k68xDq`^8w!+n5~mvH$w1MSgeFF|a$pL2Pc%fyAAlV6c7Xsb*vGcu2y
zVZtVitw1eKhkUwJRZV><4_0|TI?7R@;dY7p!<DnW|B;~KKv+!Ht3^LIizr=(`pbj7
zFHwsB3a`~rhD%@#5DT6u0i*eAQS-YzzVx+5PmLGZnc8ewKp~O=F$4@~zmb0M6hKgQ
z?wQy5vGbonPn~sSR|!8fofJA*sxRY|Yc1Ci25HP0az|LSNDvZ!Tdb7zA@woi)P2Xa
zKx|P`SK8Q0xx*%R5%P9=Mm7`=Gfsi6-3Wb|kWPTRo=^GOsXt*@(Kh{rHGPX35v<Oz
zAcIMgL(bX8sb_1aF6OgLO+Z^;D7Wt;)Q4fZc(g6c=m->1aKxMeD?&d_Un_OKp8cZa
z%|k5*ab@6s5hb9Kq%;=#VSHEYwB=ZsChfW0!P(vS&>^Pic)*N!-tf*1+Hv~qs}ADf
z3Dh~5l_Ub1FlJ@?hIhW3JQpnqRMPKPS0<4v$saBEwAVIN$)NTq3<KuSc+H+vFGhD{
zb4$Qvhc@gvRd9QR=_ejw5}=hQ{Lis6MGxU0aVV5H%r+ntlmYWua`Yw0X6Qhk)c`7g
z2gYm8)jmQ=Hi4u9_t|X6vzh_5XW9YlO4J<jGXy2?IOu?~L(2#E9f3Sp3{2qUtR{)H
z&?NNlwtqv55cv?hYKik;#`d8xW6x?4ihJ;Uip70I=|-;@<KS;Z=KN;27n~s$axW<<
zsF^8GEsd4`rR_5&%7sh&=&qn!#14uHCk?{gXSL4}OYye|atJf}Y?uKLKm))!&r)I@
zVx(~aE*gbdeJ)r+XUHBySV8?ijBtH9lcp2L&Q04+*W}feayb3^;|n)H60t9!LXQGq
zLuF&ZcjIZ{u>m{{Pgnaq`~r^}Rb?=3fndTNUZlRs1TU}RdFyxLzX&4tZYxPv)o`&#
zQVh_j>1s&-ff}WjUT^HT=SI@J7x$6Ss9s(D_V@rNx^0Uajoc4dG@!y6j;QAd%9Lin
zJs_NuyO4M<88k^o6b<qL)NzY)CgnL6*ytSJZX1B3x|=&uLc&Ynz$t|c1QIzUKIca-
z6~gWio@T#No3N)sM66m)%Uf9&W8JSfXHv~;$4DFkqG}?!!%rsop=qbDuKwXEDTdQU
z`?lVViTsG?`;_>d_&zzvNfR;_<`${I`^0DuXAOp>k^(zsK<05uvw3+eH|Tj2w*G=I
z!1jDKl@%0eIk3BuR47+WBeZgn@2%WIEo!^uEIR@yV>QF$5R*!l#5WJI2n6}clMroW
zBiXdTBPsC3^fUhWkq(?hw1s63lP-Y51V1{kWlLWbQ#M7k!AS@qF2%G2!$i<XxB6Fo
zx<$0LUDT4z;E)k+4V%%>vosNU(=gPd*KnK`@*A|d<a`rrp#=meT5@39CXUvL?*TDo
zc_oC;IMD{aSUndL@fh;ojUbRUn($f@#s)n+$`UE6)p0RLaU$h5m=^pg_<`SUuRj;J
z-N%ivyU{^Xn{_Q1J<50>1ijR5orXi5U=URx5k#SYJA*pKt(qUqPYQ<ur$lEM1rw;U
z#o^E<pWW$4rK-T+r?emD;ARoC`J%vOgx(`QSb{z~#8Sz^^B}6TyzO<$M>j!-dx#KE
z!ns_4NQnUU#@bDZ+Uu}{(e%r}EguB31fxr))dKgg<x2Zq&+edpyt&&@70Kz%nn0tL
z+&S9m1!~s92Bj9*`K?Kfk)V%^3OhW3sD8nAU%=O4i(M}0TcWL10#&=k8mE6iu(21y
zkeC`=2p0H#ev2jVdAkvzbZJZU2Vtd&pm0RN#~hI7x0T4i(M;QLD|BdVgF^1$Grn-h
zqRgPtus4(dM*u%VNR8G5==z!pwvK=-0JKsUwqD**D>+O@o@ChUEgar)+W^nKu&vOn
zA*zv(AdvhA-Q$Rh!i*Y&5|(r*5VgrO5GCHiG|=DZHNr8BJ5R}rIgrkukVv==aV-4f
zm_Zts$~uH@t+qrA=eMo&h_v19QQwq>2<Hj>GY~@Llt@RNL5Ez>UOZ0B2CIt(GYBFG
zKoQvufQ{Shdac1I_!Y+KpSL%H#TfT;sx{5DMK~(SxJK|Pz*V;k*qbLpFx}rc6q4wA
zF^1wP_aa_MNmH8As%4>G^o(fd5V9#u<w7UR1G-SM^eGf`5%6ZK)_UZtdvr9npY*F}
zTR>EU^#Z{Q6>nddPH^7g3apk7KzTOg3)C4qKFctM(gImwUHJzWYb8)O9_PALiOHDr
zcyP6-4TYNsaRp%kuv%U2a23FCDC(@PqW~0+{v>H5j`Y{k&=5_5M~xCg3iw%6R1^7j
zJJVK<G3qc>umIue-TiAldYQq1_yH7)X-lCPg>BwFNh{}d311KGkOBoUl57|s+NIKD
z;O9$_CaJm??1G7&PkN?~mMs*Xe@WNv-&^1gLS_3;^Mi~?l<IHIsio%^`{o8aNJAx5
z?PX1hK1Ifk=`FCw9rZBK+xL6HUE=46a5V~Tgmt9CM~(y$p`{olrKm0dljS|CPY;!l
z8j6@~2k?|eQK2WW4(OKbGCYsoGy9B2QH8tRf$toI@`y4M9qP1Pfw-Obo<F16d0z=N
zkPN_Tio3o?7Hnn3omeZ>H?XFqaF*96s7`Gd)mqd5_Cs}mJ2#g!35#6-A#ua0jeK2d
zOw%*2tkdwyvI5`-ya69r$jOX_cX4M)J}l-6>D~xMnVNc6%Bzj%^DG?(VhPi24c#gH
z5`;^?)qV^EvmfmSgsTGD@T{%jiKW_gh^|gIcg$iOFPI@lo>FOzTqH%+0s|{32Br#)
z^5jJr=!@^WE7TV>P+=on7PMFlkv)6h2B=~RpBCBPk^(x5uGP1ISV|F(<5z}X(D|_I
zVZMqZsXqoQx^$IR6LM!|kFH{rg~WzGc{4dFj+wZElR~0l!%dVM<cJsKpeT1hXDQ*a
zRmkNkS}}^ywhASX4{DiOV9#-qYHd&Y7OQ^GU3b5`5uyW%Z#h92+JaaxWM4q0@R6Z(
zKGA}Z78^GMDG6w1V#FgU>>!MyUrY=HO5ppv6VW~oTZL1;jZQUpIx$MH3^*BfcAwHx
zM)@!>0`hoSN`>y!)F!IK>;Cr+ojzL#iV=J#0n(nrF3I~*-wm~zP@Xyw^_eDTSiCq$
zU)Y#3oRkt=Hew)qBeW{Dml#kaML_XkN|^z=9Pf=!Ozf6fPT*DmHmB`a-iGP^x0(+V
zi{PgrpT05^i^A_dB@zKMWZF{^69_r*uqlq!C6)zZrX4Sc01Nn$g(2+;2ONpe4~4~p
ztw+hAkSY<QC#Jz=Av;QggyUBAX_lDq^^CV($7!lQIRty;N%m=Q>VdfgE>6Kee!WQt
z9UkOKH7p)9a($iiG}N67>bVoL;sVH<4E9+NKU=V;yV~|&s*zF93^@)&@n~UfdlE5c
zE*=xTrYM4<QzW8DVpD!vBF{<oa9knM=`e7|$V8zp6Kmuin;Ev_GPZMN-xu!vwg=(f
z5Ql;J!5%>Jz)MEZ5JH%Dtf3vLaNnS*qh!;HTa7E=<Q=K~rn9zx4n|Zint8d8XLrme
zMa^~fgG3%kd|BvvhxdmpB!la#FELSLD{FA*t((!a%W@DggbMHFL>?Sga1q5QsZfVJ
zwkl+^CG&gHlO^<Y*SG)+<RE%16b-h*1=>;%yEr90Rc0QH()?M|(Y7N3!yuS1Xh8c8
zOd!D<8Sw?ZHwVfxh-e=*J1{iahlu30A*UhXCt+*w0a6(%f$VwZhbc;&6tO<aB_Q1z
z{;wvO6i3trJfc+wOM-OIV8_Q<^JL@ftc~c0OMoWwfH}~4?E$0HJza4olsYJ-@&=@L
zk%-Nqaweb(A?o3V&@Fd4ybggx=!vjE;PRrLaRGEDSi77nbDp?V?4GqTj@V!ePo_eg
z(-tirWTs0BoH;w3TwLzSP#H%5akhNipo;@<;7~rfoY%*F(ruw&3kbTymXcL4e9y;U
zLI(cv8qeR$y7RKS6Y-m0EhKN!5vjYa@kZbogsiApfR{amKA!oR7%GR*g*-#7Qc>wZ
zIXegMLiIKa&6%HKzObJK6wiLiJV-1g0^G+d^6+#L>8zAt2+I|L0Wj6eE#OP{+7rPD
z5UIisVJ)-nzD-))9&2Jd!wH365fo8Uk!Z!V$Nk~izqap^bwikGl63=OV$*IXE8KW4
zksd-(Se+C(r>d9gPLL<-T+HvY|4>vVtI!7tU62}h5GupM*#6c1eKWt^3y@A_PZEqs
z86bJ%8JUR!%TWwaj_k+V-w3L~t-ygrlC}}~i5lPrfBdaV(O3Hq+na+X1#>~_op@1A
zfH#P{O8BCjxqu)WSHf%-80o514G$X=NWop=*eh)`GO`QPV9n~H%*4K?;Tj##fS{sM
zG+MBK!C62ehn-4j!qX*}6;?DtoDcF#_e9{As?=uQC^J3DZAXMp(0G7|QU*Z>I~P_Z
zN(v^uZI6t{2f`qj>dmh0Hu@jpi(?~E1`CH)2lc%1K+NYy>FK}1?0b@6kX4Vt?8(1T
z5kuG#oFXLBc}z&ac%7M{YqRTPdkb<2I22LZ*Ye}kQJ;Ur{4?9#Fw1<RmYxZRDX9x#
z4G_N+YIHMUv!Mv1ANQ&QZ-VXQ`1u<A3PQxvmLZ0wcyos}F?oaIZ%4)h(le}n1Xx>I
z(l)$rhX~94lirR1H70e`BE3%ik98|fzg=H<G3lfZt(hK{f97tv3s^MnI^>sbaSFdw
zKVc5*D=YNph})n;{$ltkN(Vfnln1xMb#N;b874#nkz$llUjc(IX+s-r`_e``L=3Ul
z(2lHGY1Wee(ncGG8hTMM$1MNG9#3D|C@Rbl4kE@1=N6~VkQbQ7A1)tLaH1hRy22SI
zmE~rST8z!K<*O^sIdKRK98@-|BLF=A{5ZWN7Kiy2bEtezGFi#;*hEN3!lsTo9Xx3q
zapoK^ZCUpOMQk7cJ1qOCb8PRfx8}fjjy?b-MC}Gn9RdJ#V+rYS{<ZpX{!TguvrfpV
zqkhG6jR<6Hl$3G~^;H7d=rp99h>3)j!XLs{&fwuKqpn()=y@d#RV#XWl;YUcaKYTh
z(8NX|6tVBBn)(f9Y%CxTp`S6-2lt(PUXHW6>>A=MFp+lzscfR|iH&iVAy0)mS)YJp
zu(87FO#!Ey-V|U8pfi!X11ua)HAo+5kP4(AQXA60Jir)IKuNx_Bl(ZNY>R#^eWu<A
zqjNa=+~)-pMXe_xDV66T^yoHsqDIHDfTGkL<7mbO_8oSJ1-+^R1yjwzB~R-I2)<&V
z7E$>9JASkY-f_|n+`t8tX*GN=3E07;^+~VdI~jxCeNIVHJm~a)J$6w@Y5WiJ(`<1h
zfJcN$h=d+jJ>_%Y9?6E7`7lYSS;x<AP`GnZ;pi!WLYFI8fS=b8Vv{<gw~7^*MR^La
z=#Y5@Ewo{glrju4Uh&{P>|M_q2w{+@Fr*lbau^)PF0}dk(PKDb)OsYcokF0i*fNET
z4I<mObcxqo@yWO;-Ti`l0!m<#p+N@}n;cZ*F>_f%bN}LLBHf-m5>blTJgr4>mI*2w
z`B;S2oq8mOEpnqBA+U&pi8f^8#`Ijtrr145g@P=72<|fI;VI{2wGN3FJv@A01Rx}V
z1-=+m2!$6AQZ$s<3_^D1;B&qRAK|sKI2A-YkuwIZBz&622weFNRJKwHvgZO6(-n?S
z1$U7#gA*Ct=WJNl>P;srW5{RPI0Xf0l<{I*K_Ch#kBLFAb%jN#8BWXOLU*8ArxF+k
z1yhPsZ@Ix&;%Sra%oZvQLi-Lv8dL;wNYH+^gcwT{yj@dt5D%E1?~*`{iC@P^a?ut?
zcT125gi#g4{j>&-k#B^-43Gzf1T;q&(HOT8074z*wNZgj3)g`1h8jN*z!+87%W-fK
z@6&GEycgZDli~@y3%1-d2yTdgMXzb>ug#Q0Aw4N@&OuPX(9Bp@FHjRovZpuJEnCf^
zE^>Ex9@N$0`B7Ph*7srrK}H@s1woUXLs>Lbwc25(=ta~g$-Oir3~EmdmBG{lF*7!a
zPMUY|o@Y+v$kgM{l(3`YsV9q|BN)}SmmDMeV}|ZoZ#6p}l+kgv2$ir*f=`l;l7HV`
zoCr$DB}~QnvB|;&5$j_)n2X5)=mCo}oFCk?fbYDw733c7p0HdEms^nldkcsxz=r2_
zl@!M}ecV`}nNsv|0^n_j2t?KuraTPNQ!C!N2dD>E05Hz32*hrXZ7}5oMU=q{noxH~
z#08u0*twJ29`Nik=FAaiife`AYF1^n1f`H~TR!`Sj3cd30*9>z4uc{v2m_2~wsPoA
z-azzGcmdl8NYu2b0ba4W=$1irt~HX4T>%96zT3d1J87y%=d^)ap#u1Wx{Sqe>9QF{
zG>k@X4BI)(F{L*jclRy)Y($t~6ydcv4+&?$22WWD@r2`-ZPb{uGpXPdMRkbkxZ>hG
z&j4rT7I?q%I$<(@9hn%wz9Dr61SAnKv|0?KX-8e$a-S?W1&o)?hhcj{79R+S6Yfr@
zJfEJ$@4F>DR15+e_3WKwTI07|IRy(&nI(9!9$y4WR1Pz+^$?o*f<+z{2Og^ySvfgR
zN8e1G!mF!4`17rJD1>f3vK@kj*4+9T45RRLQr8K~B9emv1qz<s6h_t_QjZ?F33W|D
zkN%67l!RV@xF5ktP{2}k;|@6d4W3{6u4PX|oZ*;OUE2W<!->~p>yxN?&7q8g2nJuh
zk3A*ggfD{sMHcre5R1uY45#x%@-yX|pr7}QK<YAh&_SL1c~DG(>5){7Z-f@sRti(Y
zz9Rswh<T7RJwS;X?uh`RiMhRdvV2y<H_(?Tetuq<i>057{wnBxs3-+};7(-f5?k;Z
z#w7UCh;*0?HLhc93=k{;dXi3A1L2|N;GJVj!<=vF5hn#MkXR}PuB3vw2&wUEkt!|+
zLVsTmFNrF9dRUOY71=7JWw<MCMA95+el=R)(h#Bd?7_GLkg{qf{yB}|n^d5REd6=U
zj@JV)_$WUPbv;oZg*A-7h&uHchc<-onx7}zor%3dH3gE1JB*AVmfF%l^XSisB{TKM
zS1i#nq~pG(hn<GlCl>>{MEq$;h<S=yd?Ts$%i*c^;s15LtE+1nD0^GvF~ovJPDrr?
zvYK%1xyw6OPobQFJ16m}t1AsqS<Hw=s4QsYA0R#dxsLYqypo!PoT;QdsNoN(zk^4j
z7Y<oZx8|_|3S3vN$ss^(R|swxWurZ^Dgo*rz$gXdg{ggr0c4bhfjTcio$(hY!&pYq
z<Idp5R9NV3gw^8q3MI8^q{&ysJPTjn!Rf37?8~}+_;Y)rgNW#a<hKeeMbE>`MXZy1
zx%d~Gt-xSG372dW>9ob6>3Ze!n72|T5cg+TS$FeOvm{ZD!X_1^Si2=g@>N2})%OOP
zUmR^6*p-%(=y~Y>e(WB*)`mgn59W*pvXKID1jFvtV5K(FcU+S)_l)m+iLJ*?%z_~e
zGOQT8y&&s^im>7gg0)5TMz7Fro@3+I6TiA{HK=L)Id-jV4Pdqfo3+R10jlr4<4aS{
zq-LUAorO*lyE2y?i$E9&p~Ubi2T-}A+Xr8QJ#xpd#AG&!<{~?JzacpNL4#O9N>VbT
z_JX3-I+-R!<tg%&8T$%0b(%H^VWH1b_EPfY4zWj5TG)|wGoD`8rwcLAHbjdYHXB6q
zl0e)8rw_z4b<bYz3z7-t&Cm=4QcWJ)UIdr7gKd-GyI{fKLy!+JJMr>%P;*b}hFpBy
zKv~w<sQ2aVP~0VSUI^QTAYTTg`sMB5B#PD>swPs;QP~sb@^(nTq45a!A0T|H#-7{`
z!Y(=LFr+n+PaT+Wo<L2`O<9J_6>7!c0z#rt?xHeO-s8#Uxd?Qxjed;+;|vn9d-y}D
zS?n3or|^a2Ttrld#7H!GAGQd{yMRK^!?aT0K7^P*2NX$tvLzwBwcdv;PD3~4u=bD%
zK`Rt`LC4YzDPyLT(=K%}<uoSbUgFkrIZ2uM!cvTzQ!*k4M&Ujc2~k09x6go}GIn-V
zubu9m85(9rR#Jg_FA-!Q2qtE5m~r<m^Nf!}nn-&D0^q!CkOAV<_00qVzwUyAcG~kx
z4-^9klJArAYw3B(OOetdBU$1hQzYx<E`v93P5^TrW?VN6yG4@5lU2sJ0imJZm<MLP
zAd);o;|YRb)O$YZVGItDBlLYz&6&9`c8qc%7x&DdjcTZP`#fx8Xsam3^j=gZXz4be
z87@yLecWw0NVwj+5Rp3M217!A73`^V;|>k)rJZHGDboMoC`4pL{vHFc^F1J2%`*AV
z|6wdLup1<<agw<Gq3DI+*{bD@8{{cycs(WOTb)uFiueI*;S}S|_*|F}W?Zatci>j3
zFhVutHoNAbl2jaFl?Il;tOAHhe8r?4E@;jYJKS~m*CSs7+U^>Om1rHnQWFY3zfGV8
zI47GA-6xst9N8>rC-bUn$o*f+UlH2ID56yKMPn%)@X9F$?F$NqYCwjQY|AlV1K8pY
zflRV<RMHTr(4}|&i-mUV2dWAzP3p0sdP`t@K@3EjJEP{+%PUb4XGPzQyal+XTEKbk
z!QhK|qGam(<b~TkjFrVihj*iFg0Mz$^~QO}=te`??fGMs+;yD<paWt-9iERs)*wl~
zbjYLlMuhJ-W=U21X1g7iDSQuEK%k>V8BSE<E}hME_R5{q=+-&9pDm!O7-1Fa=`L(i
ziA;tinqZ@1^rBc$N>0MSlg=N&$SyWX37Bco90Q$%-wA{Q<{d;_Ksij3#ceo@Un>8*
zwb=%)1o3=wVW_D?YMK2-^_*pE=T8*C0VC9i=$%RP8?A$rp$p=iu#>o9DB7fW9G>;-
zyYmf$u-pH&9<WsPd?D|-z0ore%qNU2=tRVAjQE#He62Q^?C<!datui4Wk53^m0bj*
z3*xekQ1f4QB$vug1k7+VqbZ`Qm4G)u-~j4mHo;1>F_#8?s$~7q5rEuyq@ASC?Btje
z#V_YG&MKrQAjs+*4J`a-uPL5*qWT0ueDmZ9Ik1OiSdMVB(SM}h8`!@~pad*@sYY-Y
zfeGWUPLD(W6a{9!4;w*vF?bl_<{hM-+$}vUNj5!le!F2HN7P6v1$idLcXfi1OVwS4
zVRmE@lw&DiXiOWk7i_^3eM9H7f+ZAE87K!y<9G*R<&0izT%np!aDcpXotI6)dEB?$
z_*85k?WKoED-uQ@(^+%MLyJw>YEuz7p$Oc&ZickS)JHgGI=U0KyVKK^@DP%(Vs9hR
z2BWBU{;BsR1!P?Yl^oK8EflY8de2hxt$5NOo=^HrZXa$3Y?bHhna{(?E;a26v(POz
zYjaE07gLVfZ;Dni5g738P)=Ps<@O#y+4a4!9aRDyMq~hW7UtWV6ohkK7XMRc299i^
zfBXqH87AUOuYC5Up6}9OS@BYo1yM~C^$k)iK9CEANN4u<bW{$gEMN^FngP4F6MNcS
zEMzB-oDH5`XRb1_h&MGkFPT;9LVGYYa2o=?qn`89S+#b%G}&(7lT4PW1-pTYGklJ{
zh|HLkVw@ThtC5j)79t=`;_xeRh6at{phbb3G9V69@JqchSH>@A)C$T&LK7kz8!^7w
z{(36{l)~68qNws;ujOa)((GgOk<eb~-{xDIWl^IBuTJn2KSGV65&LQBZmO;Fc5=f3
z|3tF|00CSXzM08=wlG;DcMd5ob>|THox|S}#?Ac>I|n9{_EG76_)V6AvjII;!h-L0
zX?!ikrV0lwDe8ivJVevE#^BJI&kS~ddc+=3bs9c!5L&C0B(Ucr>&~XgaJbUOYYzGP
zConin7|H`i6T2t~QgK+L=>b8eWsP54vEHWAjkKjP1ifvTKOyFVo|+D|kolzM>MD)e
zs12q4Ej5W2UiD5Er>+*uU^4xTm~b0qQZaanxBR!Pp4X(4Wd%vPQY)XNk#hVXy?`4U
z#tM$WoLCm+!@hmT8wsW|8_^<Mk$f1I^a7HxJY9s-*777{1cLTdTEoU3grW}iB@(|f
z;<jqwj6p5ULNu!=f*%7*rRve7hwjdMPAxKi9%04lm=0zJeSM9^F$|?=Nm?`K>gs11
z{aMzwNH{pj+OT2({))TrZas>5&)j+dm2P%_3t8ew$PJBU1*HHWc6feC5_uosyNwH<
z?@{>TjfLKR&nt+Q!FoWJKZAA)@geb!7=kh0v<6e3uON+zPeO^*zx+S;-mE!pB-z%j
zA5*V44fF7*($Lavl_V2Y)#u)qG>l?ykxcGPQbYgx^La!72mp~INogNDy=`}iqA~-4
z7(6`Om#-C&izUWXl3NibO2=4_Lzm}ZW}=ih0G>9-0%fKY8&c0XDdT;VX2&BkhmtxL
zBAayAo{~<wd^%S)6}#jZy4)3Tr383B$U3R1W;0etVYFRu?gCCOq4_3XvXs9ssoQPu
zl>7m9i2QRZjCo-}B{g&z!-BAy@V)D11FlfMF1D+Xaxdh{L`nqW1m}15KbFi8xo^x5
zS??CEj-d%jas&=JrO^p59TAC+u2TXHXnTamc!pF!l(h2=w%FJi<0ouY9kY6?9dTUq
zwSE6OKM$`#oP0p8fxG?tO)U$9Y78Y1aIm1=tRiHGDSnJ70j8`0x6`$wbR~7ab;)?|
z2v~P7d%}>ZgW|b_RZQYQxkaaq-_ADXgSq3QPcgEb{J>zL&x?@x8L4<#%YFaS%_+l*
z{Iui%h*9s-Zr3>}QjY@lhHC}6%K|A5y#-EB{StX5@=FK}&hOGYKQ)dwAhOGV9uo@V
zy1e7*{UP>~NmeB!bVTUISch}kfm<9<Y+RG6B6xr9_y~J51|>!KoC+3+{LU;V#m25*
zPR^`(M#y1k)UFZW4ci`5IpbmHJjloGJ|3C5wCy-Sf(fbN6DKZ(EO?ArIw4WX$W0_H
zXH4+Yz9aU5Y=C19eaGPmBf9I86IAa}00A}IW~x!98RxpCqhmmT<5+Vnp~DGpTK307
zd|YaNFP=dfb$At2O1nnO`ALTt3p<NARHpD}RK#RE{li77xoTi6=`K<)`J0TdzB|dk
zv8nuq+RIYKc4E?b&K<46C5etTj0agAH?MKo<_C<3fV;H7^F}Ta4d@uiq3f0>+HUhX
zY1+OMyqsA;xVBYI$uPlRIDu1FemkJ9bZ)(1LY)6n(|sAfXnUypd#!_H)c%~B60qbj
zuIu@DseYbaYklAPB(p<I7>!J-L~0nq0Dh>kIwFR5I3|XeNdS7Wta8aO7_H?orK-BQ
z*Tjg>B6=Zzblp8&!k&a4q->C}LjqZVjT_H-I=2t@;7z+QUV+LbCEX$uZzi8gJu*J1
zrQs6fwUadjtz=ntzhFvB5TOy*UF3BEjdayJ>V5ZuY7b8-OaoM)a~FtVVL+}`4f2ys
zDV(xoYRWXpsjfmH<q@aUv7fo$)G;w^qCBx*d9KU=>v?2J{CMtU=!=hzF9EE+CDZ{4
zp`srgQx7`VzGLBaE((zqWn1y<_k4;dO!qnM(hxUjTS$eVD8q?1d4MOIGV~D8G0M?J
zC=qWllob7~$HzNx!*r(Obys}BvVY>gViD{y-LCI9lt?WWQn_3xWRLv0<C-GphS{}d
z=VI=ttAk()UAmf#oy)&O_)2!}&ki!CHE^7yZiALU7}A)>nqns~#G{Y{AYawgFaxI}
z&DXs~z}Z+HQH00hDO;3oLPN3pD2D_%+P2D&s)1`HCv~Ft`03XV@UJM{Kv4>FP_61d
z<j6n09o&>AKv<AeI;jmqcGWN7M~PT1A`&+a7eMo{+oV|IKptz^9nx17LoX(U<qg2s
zG(b))gIyIU-njz{u@i?XbbSC@Qqss{Bm77qNEs59_S~J&7{Zt{KhXL90RsRoqKtsW
ziUyM2OrtGLj%juC8E;AbIrlG}?It0>crRshNj#H$g!Els5l>%jY|=18v6mu8kR-K9
zy=gDFgahfwJ`uA-`G+DAbnz-m;iONLMY02ohS>PPP>0`eZ8>34l?dfj9FU1mmZ&tT
z_%n8yPzlph%5@MGs6-)LcB`2AkU<Y`?yqBA(>BQ%S~DW6pi2yzk{S7~T;fwicFDCt
zRfpIJoMbW@`nq`f3_->R=ralt^hC7A2m_w+#)zRq|3wLuaJzN<UuU!f@dyRxK?yrk
zhM<%gxzpbZ#Vsfxe0boR!fy;Y{Tclc)(W`VN=dN5?O-R5i3~qD$0buYzLY=J?Tsh7
zfE$4eqe1<*!+vYvMt@c~Xf5tD<Aiu+jY3UDVwy}T5=Jg3#0eK*>q?HXOE<IH3Aw@M
z2r7?y;f(F+YRZ-0Mzcyb-8_LvZMYRmPHvjdnv@W*lxS&}eg#B}f-SXY9bdPkgnF1+
z5JC7w`jU*(p47LkLNq*=+XjU)FbYtbf>WsvvP|1ZlVza%d!aqZx2v0nmd__GdU;fl
zacxEIM>xl3!(>ZynDjgf9aR*___Qe`Q;g31jt>j<{Ff%%dioAV5D^Y0GPxL1xrtgf
z^l^4xrfCuS1^r0Q541_HVQ`I&E0+e&c|IY+fV4yG%g_0@r2?vtFbd#8P_v<$hKg!N
zQ2Ph-<-DuaR9c<F%S)85C9huiSS{+-97|_UPenG54GpI%qSPE;ZPk(zKishlgYar2
zsITn)=G&&|ka|5u3+y#uiE)HP$<S2EAN{6OPl+m+)&mo;YHtweoI+(3lvAR@whI%n
zV+4bspO@({0?_AF0W{H~@1knAW;<{^jQt1*%-9+M(=dbD26cw4OAD+TVw0WnUAy`k
zc3o7eXroc!+5s@9@{*LAQ^we}@pA`sA?-S+?Ik6^(6+#CZ=}qY<?2Qgxnw1@$Ov3O
z$t5(<uJzEh6@=R#*X0@@l|lhRDT`jvmF6^tU7=-3CU{)Hy#jYXU9n?V?m8eTGB;&p
zGY(9Y?+=XeZ%~?6P;i3_Q4k`gDgw2bfHtI?P^<{xXZ9rMY~)G3WqR@yNv5HV{R1B}
z351rx=w%)|{gS!r)S<f^J#-f*Wq$)zG0-j)WxN<iwk*?LML$r~e@z2EcHGqjx5w9$
z*`v(k&|xRw9=4?0fvY>Iu|gM9bLe7frW(Svt{lr60XN4dT}dgZ7hIp5jPxOhiXClc
zJ2=!msXTK%N72mmBY#|qNzG^%8JlOsU^*BrlgG=5VS`33AJ^Rj88P_RT?6C%rE8{L
z>6&mNT=noP4HV2OzSvKd?;tysc&5EmrWuM)gn^Gwk~o=F#=DNwSfdSl*o}GojA8}t
zS}q(E#o?9b5KOrY^hCYpaa>0R&NXYU;$bQ$N6YIG4R-8>lj)-be`@4@`t*&Arb+=E
zoJVT1nL{{zA>YO^bk!7-6B!TVJbpi3MWb#Uga$B_4!0kVYV^=YI-5|F__<yK4|Mob
zFg`eJl#9lfsOxAP{zsUJ{&YIHyd>5|Nf+=f5*kJ5G!s;(+kV_}hrs?bD@Ipl)aav~
zS+qP^nDeBvV>j$SvuM<{9$dxvh|oJ$4kh$+|5%rYhgx1>gyPT<6NrKlE4cX~Cx3eP
z<F;9@gmo@Lo0}Tvl7cJh@Jwa0l<xW7_QzK6)YphubUJi|R+r1oJ-qf{4uGi&ShfE*
zT7%uciW3t50jy<#_-oAdo<hLGic1u6q?zZ@90~s9>|7B!HWIvm0x1D2Vk7#lPh%p;
zvEp7E^P>?4qHLA~YJ>OLvHU-jbqxdo>`o{LQ0)Yk=Wu4l9LQbTLMj)8HnJxvV9dFb
zLv#ZNKY6vLmi+5{acC~eR4<P4f;D$i=qPpJ{J$U-)y*H5bct#lbV89_-{7B&&yG%$
z^{=V@hmVHaAoQg=wsm@pjOz&Za)M((6GMfBm=6bu62~tcn6uEu?nqQqS)0@Q7Lt^L
z`&bIH0r(r{+%qEZAy^cjWDMC9>g5gf>>2Hll=R5hHw{HAO>OFv61_^a)tIaI&8ltm
z2dy*>2F9di(uT4p+znE_5vU+t4PyjY6v>~`K>MOHa%J-wPFy33_Mu=gekguitqY}{
zw8QN+pZ;V0{m<sFTd{10L=<k240%-uEUOq$f)40D>4P(YFF?jCOcohF78FfkiaHTe
zQhH0w!`HV;*BKa;Fje-v|Fd1k-bX;I`)vO?Ue@;%lW3<mgN2JRm7?s6?qlJ<T%Zx6
zD@!A>*`kbbP4(PW6MXej>XJp6o*GK|fq}mhr4&f_fk+}4Qwk}(;Myg;v*+uf{<<6j
zumI8mBx*&}l+cY6xPtCtR|}?ko7miHTU?i`&-chBDN;AG4t2!95e~w(88(DHU5IoS
zw$1JGYNd!{GA=2()S<xKDM7RYeaNMLmb!XXZkgaC$2C|Cwgxl>Cg(AKyy<_us+${0
zK@tfN=sKYtz^`yVs%Iuz8GAhXi^W$D%#M6-SF(4eyPc72;5ZU`4M^yvw)Mcgm}!-R
zp3ZTEf~HDxa5}IqjKn}$UjGwIHf8Oq6#Kr#=j)lL`c6%|6wo7E1{{g_tY^|jj_-F%
z&yyYSx!Eic8v?WH1vNN*NF-b2P689jpHF<hb7o5)UVsM9E>H**g+Q=+Xp*ScmzZy@
zh;5l2XyI6M0EgieGsWAxA0Nc}<*!z4bGN!~Op&7$)5>Zj)rdq_NeL+xu-VRC*uBiS
zD-CeU6f2U0jVlZ{tYaLzFZ=Ty2y_UcrGoO!5_OBxM6h?iji2hb>Ga-<jZ}2AgJBex
zD@9Y3oqEW=jwIHCSl%<eG=f@F3T8KL5E>347&<g7ftgpes-S7!U{zG{q6{l6{ou4j
z>4!HoDnI)=G+QGnWwJ4hIax(rBC066def~@U+T7RRwXJ|Qn(#}tHsXC>5pwnb{a?D
zd)<70XTBEQZGISD95W`ATYv+IeINc1N&^p0PhbZ2zwg&~@VPWwm<NQ{g@a3aC4wqc
znh_mB@T@ZWTKk4&zF_1Il1QGWNMN+}caF=xHHQVR;1NI(y9QWx@TDBfmZG^TflM74
z6-p&TZ38mx^;?PO;WWNG>)?*$+-BT-*mX*TMWCXoE2?qSVo<k|NQO4OZtgDE^)}F+
z<^YW0-&6oM(G$VBUfzFR>NW%XtumlG2>G-sXwU}7lB!EA9PCQ7M8Akmp7+p7Rr%cF
zjK~$^l>%kIl4s0MDE&oU<*#$_a&RjU>PCK&Z*?!2Wl<F2l~i!j7Zg*g7o2-Sx=C?^
z&g8+5D^w6<MB(P~A<6cu5Y|L5)e~rdMdxU>6a;P|F!q=t(zD%#?R3u{iF%YSu&OXe
zQo*H<hDew4|Ni#F@4tWKe>2z5=~OqsG2p}V3iw#Ke4XS99K3IPXchv`0zS;$0B+u0
z=BeL?<`k-b+$`0SU=H$tn;bQG6!5oz-432Tq2+=?5HBQNLIbljXMq?P$zivgBt^jW
z-OJo&&kw}Tbv~|i1pkjh1h_d$m^wS^R=o*iF*u?mdc<e$7jkiwmw4RVC~GJaJuImy
zT^YI7KnqE}zFl3f?p}VsEciFX9FLpW1mruNh1Q!RhM&~fJJ#;8MDHA33<8G@N@#!!
z%AgJq2syh|e@shX1~DN%KmaJYK<fJ7-ZJv^7DgpjcbJN1Z2-hc^;U(WeDECG^$of0
zyB~4=t=MpMT?U9*6`V&mLitxOZ`b-xBUOFq96`RGvf09_!4AwW{1N#)I}!<IdK%JK
zchuE-u~6}$#X|G)t2OdW<NT*Vf0NzRs4rzd<(?)~mPH!W1fjr>0{vtGIr`&BB}Tf6
zY#NaB{ku!`=Bt}_O@{sT$CuAuEZ@9)^*&v)Z|+ui@x`ZSpI-802oRtv1AbUACg{t&
zT&Mu-=`DtTKYL4ic~yha;CvCf-A-!c^w!e4VSTPewx$spLl5B^<VUK^5K~HviGInn
zy5DT{B@3cK@HP#?J4ms)nXm~oxW;xI#w9W^n{0h7&dEbf2(E2c=wXRJ$c6nv!-xBT
zxc!gs?yvgroI0hsRbx@5uEmG=yha#Ct?E7(=*X1qd8S@ZR9uL16TC1GMZn-PZV`cu
z=~C_ji9c>2PI<Pe#`0QPb?f@}nt#Oay~C9dZjT!{Qh1(u3krY;T9p8Kn+gw0JJQ2j
z%&CIa_R(`lVTW3<rm3*S%YxVhUBJ5JEu7myr9xyK1aKPUS41vEG=+$>+T>V*gQr<W
zM^Ui$@hEXkg@@RLqa%6YTr|^>KdNA#6eaby{3QEXMYwz}hbtin&`=tbNGr}nXg7)B
zAssp%ZwFsWZ#qhJJ)2EKh29lFMP)%)K>}J-Mn#d(^dII2F*g@?_4@t}bz5un5r*df
z0_qd+72`<T+kW&N5Lwme5W`<A<aHN|_MX{g32UMhC?_;2gI-o?PzdFYaJq&B3%G>N
z&6G~FPIr7Ht;eeINCp#aTqOX>ruIRL#a_W76gz2Ns9G5rVoJZJtG6GZVKn)v8%&rb
zhOzvYj2W+ab-%rYWwEu0C-ggdK(-LT;Qm!|xpfwCMy}jkB-(E}_d%KE=4SbAb$7|#
z@a9Va@y2plZ`aF9aAH?Yx614kif@dWtheH7`K9@hU!Xg&s{Yyh2>F{>YGU~4O|Vc~
zZUYiQnh(BaPfm1AgBq1?f2nra+7*>j+fxGg8R&iw<5VQ5>cGj^Z<0~>Q~ey%{Te?%
z2uLIlZzFype_ggrxP$@Y7oXmLyx@J1F(-KfzO9DLAvcbyTCw|>cj2{+aJ8UZMmi)1
z%0F5gguiBs!}ja@g`yV3!%l1*5!nsGL`BKxLx&~b+~25yQWs|UTm;yhA`Q;nkIg)v
zYMryu6<5k$`2lvjH&B{PWP7FLjL}>pF2D(&CAg1;tB{cz0>?vi$;fmwkKK#NoWD!G
z1ejU$`p`{As2NpESbI6o=G~|K!tqN5(J&Y4<K}8#zClg0?01v8(;hESLh7JUDGYr2
ziLk1xBNoU3e@-U=CmyZ{G7>+7hAAntz-Eq?^oAp67)yjHY!R&Gd$FlUey{^yquELM
zNCh1VHo4M=*g36EUN4FXWF?eC5+8(?LT|Kl+8yOh(Rs_zl?a4s3<^(u-O$GrEPh!F
zC$R7wC9iJODS;=6<gc6^zu%`NS7840RgwNIAVIq3@3s8079Sd&Fe<$A9FVBU1L_k{
zEnWL=5Pq&Ig5`u&m(Ar8*)X1V&{6R54{*&|f<HofY&&QV?R8P&w1POtcOdpBu8#3R
z;0PaXG-vgiW5TD(A|=#~+Nz*=?E6eK*Crhu7%InRAO74Ese)i76eZL!fzv1fik<Ij
zmj)kLd&eiWLY1MK==XoK*+>9M9a<+;rV*r%+5%3D9Q7|2@%Z&A?VfrOt1#&N&mcj{
z1+Sd6XAx$09-ggzaxt1|*knBk&(bzzq)@aYdtMQNgDA9{_DE&gJn_GvvbcdM6ZWs_
z>b{1&?w+F*g=V=DA#X<n1vSvp?{EUL)Mwu&4WKwsRVGl_?^L4-ltDXn2K6mwjNl?z
zbzdhHob99q#FaV+2ys{(fyknM9G0t0Z(;coQ1dNRhk^+4qb)FVgaG71ME*7)v~N73
zir*~xH~gGC{)Jv}o|lv<!kEq0YPz~qxo-)Tm;*|;>ne7y=surofjDuL?UiHs$|1Z_
z-24f8K;ejU?m7YB7M!nSjeWJxCm9p%E$i8u$8t`Iheq6<sHukTD1(B>Tu2NBirNm7
z$IYKsS=?nW|6ATU&<dUf6``c?%aV$%ve1D~Q}eG{?qNDhAtx|J1OMhiaG~l4-jM>G
zKTU-?Ud+N_fHILf!KI@f37+BMUS+$C18B&Pxy{_(-yx=c)flegw)7~UDyxtJOX?EY
zf%Dm*?8ouT2@B91o~T||RtG<r+tljjtz7Q(1%TLoRWu12+}P&E<WgmQOUk<XLKu^4
z;bxonV-$a0U0<zYC1d9M%I*KGL<m{i1!>g?dP!o99t0VB+|O$)`t#X`4{zT6<6`;z
z+4I*DyQ%6b!ucS8g+~*3`o?{@@xZ%UmD^=~wUo6<Dc|z;vfjX`tsQjPkx7or$bkp_
zKIYR(Jjjj&qB66caEWdLxxvb2Pyqt*MAg6uFGIoo7D(8tfWc5x{JvCwyO6(FpVXfr
zgr_J$@2(pCv2O308KQF)%!4o<OYyAXz&!lk(KVbKyj_w)Zd}0(<5RzgQ1x)+?w#PU
zxoVU5<$pC*r)j{Q3`I%U&4}B_h)0;f^WmOIQ+}*WAfS-@)m5$0b~RyGC{FM(a7<J0
zq@GQZK>IhfnHcCtZn42KtU194ohV|2G7{8W2r_gX0<SS%+HtRC4(~o0b!tESOh7$L
z6~X1ispR%7JtDFWOKk~aB}4(lGAVoKEH#VKs9Q>nG{UlMZ_>|UpwBze^V4hBPtXJc
z=ccGbKB~o*>5fQ!7f84}`n9Gv#QRhDz3ZT+{DeTaT0#5T;WOfKcJ8fcd#l+$#`(-}
zYqKo$y#~VI$mA`DhlSqT^;%|;Kfc`G>I>lW-``RVpfYrV0{X_&<R9s}>}k|ng|i3E
zq*O<$axIWM+OB#tOCajQX8oCB!q@C#O^W=Hw%@lcItprI&e9h<38h=8bg0%OjFBRb
zX3n?aRbqMC*2r~W-q5e$jq&Cc<&VCB9JvbhK1BvyIrzLc%qJNV3dE5q`a>{FP1$j`
z=RAX8Rd@`u2%@7%n^|r2BQb4}tc);JbQ^C7xXTLCgSCBwft49ii>b?caz}|NHI2QJ
z8b0cv$Brq*%`@w|%i+<#pM&s}dxdE2`nv=c!M{l#B#&tRLC14VxL`EvYPrL_B?%PE
zE<dUTXZ5(A*=@Yhzv%<v{6pjU@7gKE!l@jp{3-vNbU_Ei%s;YP0$e5X7(_YC0Kkpj
zCDxSd43i&reOB{pjEs+2NC=tX12rC!Rcd<eJI%z2bL6yld2ztzNZNBLuS$=wneLYC
z2<7)jA8<xR6<ho$+3IM+QH&Et8GKp3;fFtN{{Vzmm;vc3zyZQ|gr#1*{Nt~GEI&N^
z^m_U7f4#Z*Btg8afZf(>GXQ}F*a(<4`t;Gzr-VM~i%S3z8PN*PY`oFJ1S|R|HCWZz
z(x0x_J~1&`CO>7_vOIWWKLKS&A+nD=b_;l6ynB-!Swh=$9J$x#HN-VpEdJ!b>ewMK
z+tkS4dH^oDbHhI{ehkd>)7$G&2Q3MbE%y~d%iBxypcdp{TyYXKxRdA$jUR-n-B}N^
zJPWm*T3Dt*SqWQISWK_tj(pUAj1_<nz2LZJ69y(sMCo(Hz8_D}j<FkEg%2&hZn6Yq
zqMz9|1iX+=E{OS1vtjTk-Id%2STbD|(|tNSJbvO9Md(KKmx3^d-+%!0c*I22e%AZW
z1!QmB0wGZ6-&=z&A6c4*9!SF(Bbt$Z2^Jash8&^3NiUK6n)Y&+8_+wj0?*>2-gzC5
z-thycW=d+VhDm_zFX*^VQ@LL?!Q7Vow4Uo_jjnP_{E|DZM+n*-_|Y8vzOQjWM_E-J
zVk5$JgB!jSQ%(qlO|^Y_1LSBPHX#DGSab+E0n}Y+1)WTx?D*G%0qF{9jIu^RmlRl$
zn(UK4NBO$%e<d+p6JG=Q?8hedM+8v;V6evp+!2Te*JzzX<|aALJ~Av%*T5y~3b#>a
z!Q0B#P|<kWU?fYlXOYTlGm!oI+^{1`3iPnvYDmQUE$=8-&G}_vee)G@1C1<HeyW0A
znSBz;kjT>_Awcvw5B-$G&p2et=$y`77?1+<JQziwEQ6wa5*VjkYPR!?b^B_`$~?x(
z7>ogUIJiOx5!FZ^qU>wU2oaZaPvN&KRH9gcdi5jmLEO`e8zLW7E$W7j@R_6ZkP~43
zNwRzWqOq9wA&ezVy%qP<D`mQ3zyio^g(j@~C=8KczJ(8y;ByKT*r~1%Yd(<Uyj>I3
z$*f2W=rW0u0$d9t*y~*(Vv2eD5s<K0p3auduKU?hYlj%oVxjM`GJ$3iJph0x4OgTu
zJz`)k<QfH}T{hv|kURwvR7y}!A~{l$6^^A6yGSq~9CR!dINY%>*7YeZlv>v|^q#37
zc7+!DPyqU7fltE2ONqAtiypRzwf6R_K2W4db!S81K?>SxJM(xrrfJ269{o_&o0Ga7
zs`V;fF$7-QYLk3id;-G(3nM_}nD;Bpn^~i+;uF3}1W_oqS(Si%*rC*ukcukPi0m~t
z01fS!eKC91eMPLZy6MK8FZa>{97>dxqCgj*Puo#}S}kN7>dEBx7<eCvQ1Mgen~WkN
zaE-&j)D}5~uT^9CsD`*ubXEKt1k79h`@Ffjl5S`amS3*P4SrKl8+yY<G)kdqgB%W!
zQf9|^PCq0_c9O40{sM28Gskiwk6v<xhZHlSi?Gw+b9AWg-XB7|eCpvj&Kb)^y12jX
z0uE2H3XO#UlT+e4OBr;G(t>{RBkZ=5CK$iAO@II+FwDvAnZ{J_RqTx9rc@+l@?LK`
zr9ZvKlvgFQ3QhnG<*1@+gR&N#LK$KPP+rbPaq#A4<&aCTR?ZPlv<gG+4H224f=fAt
z@x-SX1XVi&O&z+1j`6f>qj@t|q9>VCJMg6~40pN+CVb%70E@8igAG+l9S3o_S&fr0
z;(c8HZY|2EG>!K$@Q&f^Q-wD~Sjr?0JZMTMZ*cN{ddjX3z4nAYfx`!dF7%;e?Ya(&
zWPdX4iMKr4D*+Qm96HNNY9O+D63-&;JzK-OyqeM4*6D*cAn&!}o|Q<Lg$5par=G0!
zZgb)waVnCGMpKE3yvb^DL;*%G@H65S3_n0W;IEXygRqoTqRZ3Ll?c|cs!ntW`?y}N
zn(cEOZtAMK!`YO5gB^iB5I{an7de7&0cux?uWuI9wj!Oqpv3;OWH8_el)Iz8zN&WZ
zgij<s1T6!j!g+v)wS`}T;GP;_t7Q`;k5n*a=$<cMH@FaKrGih3;#vR?Am9yD-D<^n
zFWWDx+hy;(5RJaf@yk=_RsFD_)*#g0i`rL5AJ8NN{jl*%KTIL46lE#=)WPrQ;b^J?
zTs@uVa-4&+<JODL7Pl!qppGy3=_`X~8{VCmIF};|BT4yEvp{QLF^aZ;^Sed=3s(MN
zl^*>TF`WKM3-Kmgx+ptX10japCB-Mv)zM;?Bgka*C|Y>n@!4fLxzbw$FnZoYcf45F
zeZi<M*CW%#)Sx$1d7w!$Dr|-UR-=<Sf>Hubnq|-A*!#a@+$N`P#8tCo{NOL(5Szw=
zA&s6L5DqW)|BjIx4t)w7B3P=SW~U^BAo_UKMF@6IJwtt}9;NkYZP58%d&ces;?MRl
z)6g|J*2+Aq4KZYWSn&6WBe=UO-GU<Vr5K@pNPUB}b)Q7i&%xfz+t|wI9@};ZVG4Hm
zpql5yKVW<j=oZ>6;lM(#x`D#TdCEIzyP)qG#h6esnXa4B*nscbG+!z6P=Bs;1Xuyn
zOh*!UBx;CA;DwjegEM@D^4csg2-LlcDII{psT5<ZGK`s8fto8G6_to=IEYa|PMmaV
zLmU^L^C?RdH&T}M^50<Bu<A`&p<=@gJr^Y#BTa634S<woBmz&NGW2i^$FP8J`ByVO
zG}pEn2_pn1lK^UuY#s>_ch-+zkyuww(JSR5_2DUCwA57~rbPJ{svG)ZV)Z7{U)P6!
z@5Jz2=%+pKNW|d@YXKWjqjK(DyADv~B^VEEv7|?n2p8a$>C)*8#H{G=@S3u2WsHC0
zBPzt0aym@)ae#pydhBe6>)DyCV(W>xj6jCbfCZ-QwL$?jU$025IezJ&%ZoLkWv*Eq
zMsI$PS41zm@YmlG^wNvSc847)ja@2)0VM?Rl~8gG075}S9DPiFBL}k>_WjX*Ae9wB
zZegh*O2P$Mr!@x0)c5f?L2z~O5D0XFhLpctPpK5Z6v%VOF>R1yJ7&*Lg;)k$u6Y;D
zf8SGb-B>dg=P{k~$-88vTt<L;TvU*BJD%bSJ!tQYzH(U+D1%NbjUxp>Oj4gZd7wMM
z1*bR@M>@sfvUIy+{2=Ryht5ZqAcR&$1+Uilh^KaI_EMw8B_=@^dVXAgd;C*w;vMU!
z{rv0r<Z6z|gLeqodRV|E2}`AzbMv}RAQ!D=9O=}8nk!<J>#Hk`_}j+i-3Emba<M`D
z=H_nQ#hw3&!|^x&Q<QPOSO1Wdt>Igtq7X8;Ch*C`u}qy^gTS@Vm9lglEW)E%?oC-|
zM7HK24x0?ZYcA#B!kZ}2P~Sc(#0fdw5$<N~bIi0%kvzigP%akG-5`_b8elE0Wt~uo
zApDvQ09g4$q#yv{%D(2zRmUyTmZZ!9K0&=^0I$2hj-}!2YXuSI+u+_Iu7Yz8?ioS!
z>r+m>kO~4%9!?ICZ%ZwQ)dq>`sFq@v+Vc`5kEU&C5N2@5So{7xdGTV|Com}YZDU18
zEBQ3NiLDnqvf1oD>zjl?G^I8Mj$)vkMJKa2yzP-q=J$Tmw}}Y@|3gfk@>d@Mvj_PJ
zOduH3rc8-jgN1g6oLm%`aWby0@EtD25z+OZ<m3N7v4B&EXI+v#ZHp!c8p*PBFDO4Z
zF*Yf-SAj6>zpodl?L)H2;VIyN!+%5`j1z7eOY#$|E<z<Zas>$&A44`6bx+W*5N$<@
zlCm>3!Nb|zN1_Ps0q}v*L<jfE0(3r{f-q!+{yew=jB{#6th4&8+{pig*)xW&Zn#W9
z+W_MaTymxmtv8_&<MAjjzbo8r{DX;$@*j|OpRw7y1I-)~L4|${_CAO>peEqrHTQ_A
zx^w)}<sxJ*pbC;voY<+Zk8w`gCwjVrLYDGgTPZ<$t?p55*?^KRgh2uCLE8fzsH^L)
z5;gR2M=pd*GT7P8X~5+vb3<Lo#!M6bt(@FY0ixquiLldrMo<NMl5qx1-vAr;Aq-Ec
zNps%zG-%JzsVa1h2HDH);PwN|v#amg{?FiNx`c6}l$w<wL@LO*Yg|;=I+Zm(EwuoO
z0k?<jLL`Egz6G(f?sHJJ;_G~o%37feQCSU`<WQCL@E^EBm`mL3(E*_ZVV{BPW(#<Z
zT+LEKYjO+)Wb(KNhPWZ<OS+$%T{fT-^%rVfixeha%925m7|=v-MWNZ6Sy4x%@=e!`
z*Xt{FMLr(k^g$wVHC3jv)XZ`din+K_kUwtvg$sR^Sm-NjM1y2JB9PFp+Pmdu_4!gp
z2TCMBX%tO{)D|fw%Go*wIU?(LUuY`PHL;PYRi(@W%mfOfQO1QLA8OMCeI?%B_h7xv
zUcUQ#`S$(uf6@ymlBh}t5m9g&qdcvampt%XxK@OS8H#^`Mxf?BC5$wGEi_TwuhpZ&
zb3$u~rGdzZRgr6^OI=$@Qw3ESGGgEd1E3C0JDtG%<9O^OpfHa@IhKl|X{B(fE4Njs
z=2zFM+>FjJ_boWd7yvBg!KNT<K4F@B&`)R01cn%RQ)uWAG6q-o*YcV&fRfNmA!IA^
z$^`NZt^Xe%e!srgoXk6^0VjqefetoIgNlm7+-Gt0Grgk{+FNRdTCCDR3~&kOV3UP8
z@T(Zs3(H7JV$0#1OAba2wi}si>gL`5IFtq?FuPRL-$p6+LPd~SR)f6&WH<A=bi~Gv
z7(GH)jHv)JizJ|@N-<-62sOg7X3kVEs}F(?6f(gBHILOf?Y~z9QJTdWTDU|vGuLqk
zZ9=!7`fV;1y<fI|plGg^n{V>h<m0!u{Ncxnjf#~<aWql5n#ESaqJ_n60-)$EJdDFB
zqX0Qn7Vj9zvC9d!rh2W;PsL%eoOH#bB3Bm~@-8jP=gZ&UtD<}L)!*+!;ZZ?9dGslD
z*SRbqaious!B9C-iVDDdmlK9@{8AAp#-|HxyLo#kzYIb6p=lWbqk({X!G%;!!b2W0
zVZHGhNGnr6&60-0IV{yfEdDW;i-XyRa%qr<6zHTSn0SL<d;nJt!A;gj6vGHZwj?E-
zL$=1;P|wg9nY?2QX-Av;_&4MyL4)Znb4I%(W*?R`q~Kgxxsaj)s!zd0x2iVcjF4mI
zi%sb|0OG@7j0YzU4g(T|usdcAJaPfHG<b|h04}^&Xm#kiGu$-zoZuybQd|wn!@8en
z_GCJaLOlHckk5m_2T-mdVAIAKBtu7G$o;JG=?8GSHMl5<B`E^|5ut95vq{8TbzTm{
zV6`^fRhhOwe13@`hLBB}Anq?o)IexaLdfJBB?NVnTJk=-xch|tozgU7jqsEOPB|xt
zMa4?ub6M2V>Q1F_-;2dZXd9KoIF#vHuRZcK6;hOdzfeZ>P*HU!;xx9x{{~V@at(PG
zQPajPBjst3ZDv%!`fJ|BoFCNCZ2XJ^LXEG&QYoUqe&?*O#9~9IM9_hxT_cQj6^G5-
z>LK1_{456l*vCY}?BI*YqZ%Bp7}QqoM-fuBtjGDIP$%b6HXV&DAoU8nsO?UtOY`s~
zkPLyB2H6X4G|rA#H`?Ap_G1TcH!mct7KqemoOcij8mCSB4gFU}28DESnuTzbqqsp)
znO@WnHmWuJ4??yj$x@1m#vUG(N1cavkVSd&dZO&n20{W(eh)a;;}}(VI{}ajl`Di#
zRiX{Y6HhpoPSD>8Y4ET~6G5aoR-UCp*U#Q$L?U7%WD7_~Kp+Y6of?sS6Asf41pplF
z0-1@#p0K(fJmJFB4;3(S*Ckcz+4;+8@_J!RHUt7l(kvbnruy|B&|8L4EDUvNP@+OK
z2fi>5XmvjLnyz0AnSEajYz9uB$Tli$IH1Lq$Xnx3tbg>`1TyDnlEWK_CKnNF?ErMg
zg*t{pb3?jY3r8vhwaZnzMAYH#e$y;DFqJWcH@l>(Fq1%8Wg$BHLub65$xBmn$fbeH
zJ!%`)a^SiG8`myxcSKg94njjmteI;6lt0A5H8C^$nla|tHa7;9A+KX$0YOo{bPjRm
zKo3yH@Dt1}X+aTx17cdD6=P@@C%a~{65$II1Ti&spkbO(F=)RxM^gbpq)Jl~<Q!+<
zPEFG5d<Rgwt09^aAtCuJhq0IB``O!f@_H5Yc(`T2)NyY@Bh>!jjV1-|XyD|5r|2kI
zj`NL1<k;~`b*t&bGR%7Hln@t-n+C{;rs8?M-s)&Up(#GJH^U83*Smh&{E*t;;coVd
z+xdo2G>O0dqQ(`BFw767-g7V_AnB(9F4BaeNWk8M8)(~!Q<(W6U59=aB{_+2A)TV9
zRBg1q1yv--2ups&RjSuZ^Yc<Tlr#Y{c8*R$n9Tv-iq4GDVj7|d4upmty%llN#R4YV
zTYliCOMYLKTFWRNoC_1-P*b$!Qr_ID6t@tRZP!;{8)B%|FX0t6jHB=wZ83a`XjK1a
z2vt&E08fH;R8SUV%pFU{!6itArR$U9Xqk&?O^*XTzQ1CneN=ziZ@*Yb#1Vw!W-V0D
z{SSnS;cJIR^ZV)!bl%;)Kt$D$%`Rrc+cgC>$<R(TFm@*>r#RnEAp?iGLnmt*x6pl_
z^AvS6wzJQgO>)sO>Ob3T3RTT)OgSW!#MW^$AW{I%q}OM6FsjHax>0Hve3X{d4|*7k
zh+&UqJ-#E*Te6Vl`6+9=`Hl?%J_w67b>tB_dU|8Tx%v@7*<m^$$3IUh1wO29n+`Wp
zMu0Z~14Qr&3iY33Mu=g`LG>ulzmQ9*{d_{1oEnrrR5-fqVPz8BLyn4*9&$a4U_xoj
zkMJo}{R1T+@^@~>D6k+rhni{%k}B76j!~1*EhCT@H>5e_C-IXCPH$MuC|@nA%<x(E
zZ@i0zhj{$XrDnFr2i<40z))j_Um-xiDu?aIl(_VddGN%l5iyT~&9FqahqD<(Yb3|#
z%#fs%T-y`tJ4kGe7i1x!sALc*l(Ch6eBx)gDSDIPj`!{j1`qb3<@~IHVrD@@#eHsY
zv#JjdMq?4z&2Un<xdYIFILJDDcD8N5-3aMr(n72p6o(3^6>~0uRFq28bw19fV13tn
zfLFR+bGpU3ifZ&$WY5^&AV9NNyjJ}GGV}*O`i?JrY!nCE!Ovb7n=fM8afPwz-FqMX
zwYPwmWfAh-qrdadztuPRmLKWSSYFZ0^2=9-82i9oi{PS<yHD(3|I9@)HbMSJfrLi|
z8qdPX=vUz(L44h8kWr9~l<2`43)0kz91<S_MM91!kZA%ac=+>BqrJcSf`w|xv0gQ;
zT+I*+B_|sYz3|Bl73O-XM$EAuk9jLF_`_4W6eS>XFzs~&q7*5qPNM7~kI6Ww)bQ~V
zp%mDoS`MdV(59_>^^b**997I%ZsBvK(BN;fx9_{N2|d;ZL>2czDlR)J`oUVxYZuIN
zv#)ICSIR0)<a7qJ16&0D5l=wW6eie3bCNl6Fej-F@3a2991VsHx^A4+h6+7ofzsCH
z1ErHPjdKjM4N_IzeUM=;D`Mw9$-$iP1Zo*Ce^b&VN)cJkkkRoP;E79V!waJAf)WRP
z$stXeink}g(KOI~1OA}Ma8}};oZ;J;lUB@NZ#s{kpuqvdwOwyl-<L@9enXk?gZ$+}
zewKH6rieegm06%<O;&=EQ7C^2SSSn8uS|qzPWRBB{4JzTr1K3TxD~OdEP3RcMY3Wx
zh3hR?lbf&HwwOIhJTiABgbA<`h!!B)o1TtI%FIiIMkQOsc;9YNnY|OLUBWu78qrFl
znOh0kB7~Cx5~V~n10iAr8b@nKxn|ijTr=?!b(WJaaw{TNhhz-A9_+^<#MCECcX;L~
z2P&sA`c`OQWR;-#NwqD6{AFEg=TOZYr?A|C{Cv0rec}jvDPxv^W7sINXM~+VED?Sr
z1_-I8_E6OK<3er|$>a>zR~6zWkf5q$zN90lh&Fjria^OWgmN+D_wV||gW>j1I3J)m
zM4+B>UP=Rob+%8_h9m`|HpCF)lnN<9l8Kjhx{4&F2$X3e`bhMULL?JnJG~tr;v=+v
zLfASRxB>KeDzo0r8MMmk8kA__c3CJ`evW-qFyRe^XLr6ryYD{HO^hk}f~xH^*wNp<
zfA<nnnoE)lQeY59BpyJ6hQduc_w}@7lG+uUyR^cKxlu&PzVHQA@Qh>q^1}5-pn4*>
zQN=evI2(x#v?3ZJ%^a*Qr!rJAb6aJe0|`KY=q2EzcUYIjLSsN!f0|gohp(t5H;N_c
zWjg2Im(wv1k$DHH0|WiA3gvj*C1kj_H%s-X10fMv2k0<I9uKBsm`gE_o{zY$+0fSa
zq4FtQ&rqbtna3qVR7Y<enaoE3*bp2K0r7J;Wjj-9=zJHe9OR+z62K-4T@G^G2xh`C
z+wY-=zRSVDp~sXV42%ps*}kUKhQokpL_SO6lJm5zuoxQTBB!s0FscJ9hVNH^E(Ik{
zFxyM&o^^pHA+UfDBCob}fjCoLl%m%KPfShQez;v-BPOjI+#Y-x<dEQbPa3MTD!(y7
z%XzEOr*G?j6+bSTVpCl<n~t0tNEM>Q0h9sgk_U}ucX*t&%AFJTG73(L2Ho=7y`Fki
zLwnMVI9z^>B0TlA)tB(kH}4o#4mPBT03HhX5MncneOVWgav0!|b4qH(m8ClLmzR*i
z^X)nT#MA~ECyr0wI9lg>HFhLIQkQlYy!@S0VjXos_jq~a!I^7A)EMDu;QUJSq|1Gr
zBghNs1rci`$H^Ip((8e()FA~gTZ;CHvVgeZAoGkGu9%ZE-^qXV=HtaDIJ4iqdCrIv
zc|dm?%mpkRF=;;Mh>t_Sj!@R#XlkeT_o>&@G(IE;pkKn%mT)}_idOG&8!>HNk9c7N
zMPb3%JD-0*)4Ky1NXxy)S9ru|QYH|Zh@8ZV8uEv??;B_Ycf<~~f_FvMhQu<Z+UPs!
z<LwciB-H5|hhaS|1@=%jT>OCy6Xw#6?86@xD*;NDgeZ`pAP0i65bE5)=ufk#T#WfR
z<h6AMxiR3tz(a=fz`~B?CJ^<o<06OkNYG7isJd;iF7Z;{5O)N*o^4aT0moOhVGY>+
zvEx2Z3bre*uvbe>4QPod8QwiWw0PK{^4gF7SjQqtBd`EmssQYver?!;p6tDS_u5L}
z&d(bUbK~JU4wLyLgU~NIyc!>9kvtUv>}0r2KFMQE=2<Ua0#6}fEs*y(%b77k-KZ<z
zlJ5qpWhr7kXti@a#j`ZlMZRbslY^vGkSvWBD@n)grD7fF9Bg(GTx>`%CT&zC!~`s_
z(K7RSiF_&fhT>*bnY`s;UgidfJZTB=*ysgP*rc|n_8ufKHIINPgQ}h(VNI?9^M{IW
zMISyCKdyw3oL$5lsJtvC^&oPQGs>L4MA{?%hu4Z;zke?!2t?KM03jCY4awuw+Rc&i
zgwukD`O(Ge_kX>8fz;H8Pk()UDc?Y&5Jd~}Tmedx&;U7aQ>pR-44J~|FE?{CRd1Ap
z$)C+%N*f`&E50C_wEiyh2!tBZIEp!tpNK@^V(!7D3L^ZJJql4&r!$acQis{(0NoG=
zYKgWuI-_e#G#b)TL{QwoR{88k<v7#3AGeLxg@SJ%w;cLF1OPaX^lTZ?o}&i&;%+lq
zL?@0j!oz7uG`c|+4V^F@M0w)pn^BGO1i~4To>38F0`&QqXuTr!>IMvSyM?mrV^e*7
zDQc0n&oYbXu!BsvhFE?K-7fNw0X!H+sLpQuZgoxC=Hds5fa_2Ed`jafW9F9$#VW+#
zs!q4z^k_^*qLV6w7FlX!fi0ZXxu^~y`zYD|P}aowqr;tf9-Et_aHI7$kbJjCR)?TS
z7NsO$A<!F}Ilzk3e77U2|L*=ukES+gpt|9jL{T|F<cnOsYxiXHl8Zj7H0fy<p$dzQ
zNKDH07Q;mq6Eu0ypF3OcfxG=UM4*)6sklTf1)#}N{<gjr@+zs+6Z{moVx|T7HQCSJ
z6&rs&#G45`OoaJ1;yhQ&^2c4X4g7z+{PgkJyBF{OT>ka$+27CJynXh^Td}oRlEkOL
z29EC%gj#Lg>*kH;ecM6!kB{$OEZ@Alc=;Toy|kOeD+luj-b)oGCb8RmQ$Rb7EStM$
zqAwIm<EVogauroIhtQd!F^d-q7ccIV6O)iRh{4f|=pLu9tC>nttQF%wL%@L(dWZ|e
zO=?)J)lr(uj$X>OJ^aq*_`WT^HtF&^!%#~0F+qAFWmYP}afI$z-g7&w>qR5k-asW4
znUfMD4fW5<oBQh$8Vt!6$5|C2c*;SU(W+kQhrfqr54@hB2Vj4us^5g*rr#r2te$P2
zhqF;H|J`f^6hVDk(WYRDaZlO!8q0M=hmjEG>I_RpK@_@YOFrSjgzG6bsgY1_QJ6Bd
z3b8)1xFTMy@lxKdKYwmE5||`OWZPP0k%zkhTYCgN^kF$51QMYal{K+(kBs|wEL7gp
zS2P2YFG4x@Yc?t712P21WM`fgqr(d$xHC0R?)TD$$tNHYq~M`hYB42uY6aNtguHH7
zO`v{K9V9k3FDI~vs=LL5NRj>!?&ZJY-F5Zl1VKW8Coya^aTb{RzMt{nNOV0!W`k=f
zi`YG;x+Y53c6Gz|N3mU1dTrQm+ASG*xfFrd@=D={DJCZpfy@<5iLIaL+fQ_Iiy_U+
zMul0KiY@9a$&Uq*ZY?t+E@s*4%?2&0-tf(a^1I0HY4;-C2YDC$S;<xE(h1%n(f`at
z*_r|Z$MPjfRZFq;%+zEqnFKh0REp>1m+kLxsMC_xDuKw<TpW#F$Z0z%S0M<&ck?Fb
zU2qR4S6D)0hpu#gm~kgOa%Ya(i_)s7@C^vdQ|#=-8Bi?US^wi7;)hCK7btpBArni_
z!EwW_?=>-(+JFgl&4KR#U}BWj9Gvcug|MLd(5N?5`^8YK=riH;c1Rg<_2(9huqS7h
zj>xGKPA6w$<sVtsfCw*@vQ*N*)IR&7${~3|F(f;_(7-H+c_jA>H*jKV^5%z#uNSl;
z2&LeE3~G|2gNoArjO>4weGH=~2pJKXB#zFXYBTX!^{4$!q-Fa`zHS3T$)$?^ee--W
z1$XM`14;?zA|^!cahtNv+z9TbCVIht(r-=kr7mOv;M1X*BOm0jF66vtRJ1=463FwD
zzne<$-;VVwZN5tpt^!qSX-S$PCd+Y4`Zb`MlagXRxbhCeQ~hwYT`zx-GFZy<W%Y>^
zEM=Mz0*HLstOa%4W_rx*H`j!bJ#A#3lkWxXp9fh`B1k+u(oZyb)>2-0shW#4KeN32
zCpwkhpnGwDC*C-DJ`Ywwwk@(-)MK2|%wWr?kbx$glmO}|pnml*_Mr=hPcOadCD!%3
zb~9^&6lDsR1zBX$bC7%Ib}mKokaK>XQIo41rDC<5594C-M*rI@wJHU+Vv0n~gSmL&
z0`W4U29gQ@ZElwXM=}_Am+O=I(vEL)f}NUI^idL#Q(FZaKt@`s(aapDnd~l($#sf+
zn64A#6%jpw>I06oT0#SkS9SQ_S?GHI(2?$eRMcr_`qEj74%#dbDLbmS$h+wEx5q4@
zssisRs-bLeR4z4=Zdhvbb<v&6joj^Vn3Q4sCk3HqzAGQ#A6(0V0wjIv$}VQQUf-08
zI~%k;0qvbxFc8jt6EtYrfcse(WE7AjD6y*7?TUGgr!ng2yj}Ir<~7tSObVSd^Z>c_
za838p0>F=cgf`61uB)+_1$CU=C&!E&Eb$bN+Z85nm@RofQ!U&%*}8Nyh>2=~0HdH*
z$nSM!&l6W6a{0@sHYFGkP`D=mw)wh_ETH19zN2D8%9Td4+Ar`s)$2ZS-|LhlA7w4%
zxdR{F8fV|FOG)4N(PfEXUm@ZgHHCUH$#K>52h=^0Qdb8Sg4Hk_z&;7*guxn})9R#3
zi>M?Wj>z2-?Me+!@SJu>V*utbZ7F<3)}R1`Z=WFUL8G=13=Y)LtQ|aKy*VGy4LxWm
zpmMj23TC0rao5hCis_&+xr|!qBYs7UL0?)P&|AiYDJGtYOBItFB`kwm>{@<9w*IUH
z3TX$5AE=-9aa%Zm)PTrYHe?!nV&Q!P<zVW+@ToELg%t@CUYhc08!M#}0ka&*Bsan>
zZ3mCr{yYLa(j+z{s|*hUa98y@Px^Ed-LBc+Y;pn^7`iyt%hf!1;tbUd6>k7Q#39tq
zp}0ZTZ?%6oKWtbO9hPx8#HcjkmW&Y~0SlFZxqQnbqx-uRHN)cHZt=*Kx67ge)&*f!
znzlhviDI;CQ6<Wzq2;1(5R?9&;mjR(pn=z^pjfL(OyIcs#=>h2(@`IQ+TE^ipw5&)
z?q_^gP>lK)9~BG5agR%Jj|qH}u7`s>Nc8z>00E=NO<dyRS~o=#MA`EYsY2t0pMJN@
zD3Jv7%&Z|HK;BfX=rbUt5W0X$fEF1haOC8TJ^gw~X{+z4KcpOdlU`G5SbT1R^l$m6
zzxdUk+t0SFBTLT@09XJlzM`CUEoTvg@f5Q)WFknwbA{KP6xT~|io2=j=EaYyCyT|<
zA*!8pkAyIU`0&T(zri6mKBinr@xhEM*^<T+%pYzkKA4kwj<dz#jHE8tS*Kuo*VZ96
zqaDq8X`};6p@OR|?yun6yDpn<$HZ^2_CA*j$`k}jFn5=9ZZ=kfU{7AYl@VfQ{ySD<
zrAk+r9;x_*(}yxCBr9qWsCKle&`O8f^n<P3xXq-9J*h|<_>H8nQ>w@GHu8h7*Vjut
zTyD0js~FPq`|rU2z_2W<yUo?|di$CB1X$Zpnf)q%p`DE4TheTRCOzg(o9<NCvOC7`
zQ;$ZO?Z-V-pJ2i8Y^Z`ICJtA$6?l<_8XrY@=A1oV0ERK}hBC?pq5I0ZJxSXR0)Bgl
z77H~-BCKMK5tfa?A^Z$+L$^N2CLk{+r9UhZ5kqs#rAn`zVI+j35#3U_jbPmAh&$$S
zDat{=u7Kb(X&%-0F{K4Lxy>%xIA275qH_IPkP%l+CtHC2tp{f!G#Oz5g2Ne|b}`0s
zOgP?IrxY_?1TdJ7rNFUSu#1JRSSOnQcW2mi5#L4|j@c^Gr|le)O>hRNa*LRf58I}(
z>*qilqZm$c1g${Bcz|~v&{7R39@WY^BhrR6+}USDP!SPjO;suI7aUJz#<Ns80gpGN
z6J|vKOfmd#L_>*g;^>}xz$Lj?c<{}Hi712_$McLmP=sL)%U1+iuq^VfY)_}nzOIC#
zb%`p*JzmG&g)@1}jCld<2fCet8pK`BeM?b=fupXD3c$x~pL5$OC?{%g96bPJq@+yn
z;B@ySri_w$;T$?B2w_ZxXn#yP)Uk{yA92CxVQshU(%WLY1^K$Z|9lBPRSHVMN#jR|
zi_BjLnik!GiTP;(O%WPLnHQ3yqEj<akBH<6e(-E#LdG}-TEK?H=Qpv|A=Omq$Ja?4
zG!PN$f$UtCe6EEigo;My$_STqYC95>-t`LF#`N7D*f*u53+NuGCyy9T7t!yYPl4hr
zw|QO%_Ke}s82}Y^?&EbcmjxPxYA|%<-BA(ypQ`D_-l}P^upVewxmgg;?czOZRXRrV
znEK-VRnt`NL;eR_AOIHlpS9<-bM}sTo~vq_YU7HF4C=xl^s4%)s;0}7Fj<Bsu(0>$
z9a-E%2G6dV&e8Q^h(Mepvf28&kaFix{b!-?U+6jFC|G_<OG$<RncQzSj#+s77dk#K
zz>}(tC`E-_%LGy%vNl``9bc5BH%@RIK$Mv2OyJHna?D#f=>akc-sVy!%C&>)#D@=_
zz0k=niy1;75TtKf;&05Z3Av}zVLRXKKdb-1>Q_1cRCwMBfL%|%`tz(NE>NRzh!_!B
zoQE$M*Xn0uAu0q|w}7h?l;I;h#YK)$c}dc6g(`93&}ew%)sMUsI&~B;rBKH9T;jV7
z#eWw1{)LVdLIZ*g^kPMHKtRHCTcUY0_9PB)xl!c`fOl{~6&h@*3UsuiaH~6Q(rGeq
zfIUgQWmH;u(CL|g@*}m)`b7qfl0@_X5LMB4?ni1n^0<H26mz5j0hTEz7T74q-C!>h
zks{Z#c}Y5Ip&dyUM+D6VH~!<k*wk|CdGLLxCn{2VbFuix)w(RMtQ($34L<Zkh;cP!
zR;HpRkf;5hI~03vW(S7_@H@l~Ey!TPZ`7JAE8SnaeQpF(WULwBqv*tTU1sM!ep3ti
zpe%zS@D6=G0S>Y%CAecmlBa!}qjn#oZ=mrTQ{AQG>V~3g+PfBNO^O}b7{b(?q7J7K
zvPh97bh}gewp@c_`6l@%B`T*=08_>zYiMv=k&KB-_^l}QGJFmuOSo&$uh;h^x>{l*
ze}4G5BjnUmk#;<!iaSLf9JMf$VtY%nKh!djMgmv^Q>U7gynm+eTY;CXdt~;fJo{C>
z%^Sh%m}C#)jW97MA{>$emNijAou=y>oJ4ZE7Wcixj({uZQYmnu90BH{MDmp#R#Ju4
z=LX<}J}^Lx4dnn3G$V=;L5)P!pKD2=Ld;{29xy+mh+(PUdb3_jGQR?LPGY(U1L~hB
z{?aob6)7ca=tiAv*=zo4IQ=>kebFU42If1U<QPO@ScIn~%JuF)+&8m)l3OLCMVDYA
zC-X`6m>Oczi#m6_qaBq^PS&@;zSY|x)g7lX3RR?3IIMoctSs2MDle_dc=Vu=LJE8&
z9X|<%b&L&#5Q*faN{7iH^SYFAqSqWW!p#H5Y_gK@7<U;>9jyEp0$=h7mH*Md(#kND
zt0`%i{vSt1RvvCB8?D)OoSa?zN337HEjz<v|H*5%fNgO}DD{KtmlZOenj=E8Z-ie~
zUgqSU@N~iKpze|;HH`NV?Tw%A15ucsOxAebu7Tw$1~B<k8@qiYt_qENZ$vfZ82ha-
zIm_5zG<Wh^)^XJhovaQRj6pq;Lcps4^gii0gj#z#K3)iq(k;4Fc#uY9KG~fVvP)aN
zPE4Nzc54pOqk`*}NggjJSwaM)spHE^N^U4woVpkOT>I-l_WNNyl3Aixu-}!02N5$M
z{pQE6%EH`*`-Kt3annF?Xny?&64x&s3YG9L>^Ttp@WYVDc(nz@1;lmW%+5>EbPkCB
z#Nb6+7t|M6>Iv<8Vwb`AkRf55$XnIGO{u6t?;|&yDLc%%?^{k?{-(>Z<f=jOsb~*a
zM@n=Vd=teDXgIpg$5315-eQa#ipg+576Cbzmai8rf}&hqt?pKh)M5rys|os-3|Edm
zod)Rjj;$++u2ORI+|fnFE7bpjOpK)SixoHn(nzWto2LNXPD?7m09t@}cGfxOz>MeX
zBh=MWU79AJBb=vO@SriZ#^0UfB0-hIWCN)P`lMw#v8WCzf_@SvPT0&ve!nqJvff|0
zAeGwyra!WRC6%RW1@3q3M(f;$tXZ9q=K=+xNJM+)7wTu()bRL$%UnzG2Q+oubSbY!
z^%DQaxw$p*+BvIXKFF^O^hO??!Vd-`VMVwr4~?+MuKhCJ**T1?S1=+eqPbiU4MhOO
zI+%Q99Q64012Ntb_P+Bywec<_(di4Ikh0>zS^z4gD2k1N7*~*II#s)?dpnzz!ewc8
zRjZO`!V1u=6Wx{#Z8Wphz!D5Qf{ZaIJ_ryZr7Fh<i>=+iU40r487Z)<Vs+hHD`YE3
z_$Ym+3ae)aQXDy4RkqBO`4kqB`z-*Qp_sM*`MbtsaHtW;$r5C7;l9q0^<w4Ew>}tk
z$1fdaCNOwC`NolIA10K=>qS9E$!rMiOht{fzHRTCiJc>%nV+RO;Aa7gkdvc?9KZ$2
z!7d+vGzqu9oF%f&KuG5Ttf1I}@}>jpxI)(qgeTItTVK-<2(%h5SUh^p4CyMga3vUV
zFzPjZ*5;}M0PQ#xtX9Djsw3h#0=l;0>O7g9<-9cvZ9XDv8P%H9wjGGW>xktsbmk(f
z1M3zPwq5~A&e;ESoHSiWMN@CFc(1he_Id5Q-W@yKIan~m001CH%UF}#b8Z850`6L1
zldbMC`<sTtUMchWl#o)?D^{a{j+BInV?!zKh65pyhaEcc^_O}js8#Y~J_PbYnMmcW
zp&#4zX1+Cie*7289M6Xp8gj*;!6HL#vPnS!#^BiuHY_)gv}0D}q*;BlnIY30(b=xl
z9C2@A-4O~$F{~xAzWeQZrSW8e0)k!q3mzc<Wq?3$UV}-5JH4r@J0a;wnv!b>^4-4F
zNgMLw{xpW#W_m&Dk3LFGEg#^bsXA(S?RaqN`!!fNXg$yfFsDi1a5`rpIb!Lrw}>Ej
zd;G8KV*ACq>*aBlHWa$xVZu~mWET4e;uX$b<%lO*5wyj^S}lu(b6SUOSL6w-6d>{u
z-^zfGI`>89*eq~5?hZ;#oNk%j`x}{1S^1!RsE$QFl;kt;Xx9^UVab#3MAU_-bX0q>
zp>iUi0us?9^g}`eVU$sqtFG_QV>6E%HrR#6MwFT}#)o_ty;4(>+%FWOxzi;-b^rGn
z<Ow!R?*$RW=DJ_!1?9v*{+&}ZW|mCnuw`p-4u&SCuP*DO2tw=!l}vyji3~pdO(0>z
zP!PkjYgo`Qq(Rvxq=u(Me!P`=DW&0C&c=>9p05@}zbU8U5K<(4^W#TrejaBqQLbGt
zal(Y&oqp$#m-!V1W?+o^(y|>bMG)@X#quAqt3X1jKrPU6<KTx9(>di+!I-&;+PBmm
zc47)SfO<{Jj|>2lZa1i|pqQ8lj5&mV>nALd4bf+aemIKoc0tr)#bW-`5TKgRr506v
zQUiu7!Ffr4G8oOcpc8b3ITf4g?2oqAPkEn?jD4qY6B3mW!UJ;dwcFFu1ffqlJgIRZ
zWPqrzhO12Y+XcJqOuOl-vnTCQ+)5;p{&3%nJ>fKfMU`lfGX$4B{XH&YV|_OU1c3vD
zR$0$&TQ#uN4i|uZck)#D%t+7iPEdk1V1y{cfp#49j^2>H6E=!J1U^q*e$(NxC1<dX
zkIBe1Q3{)>&*nz2!T3gl9n)2X5$CpC!<4)T9LU0m9FbQ{sCSqDpGK*WXPh0Cf@gk^
zTV>tf#F={ju-0}uX#-5UjR=c_%HZawC~=&-+!Z!VToL5N<<cd#wm?61lR)0Xta-+n
z)vY-Kei=}LAct><1gkT&OOag9!?IT_GTB~kw0~Jbc|{3ugO^Q;*s#NDaLnEo4$Do#
zlZ1x^yZ{{${?B+Ol4Cm~A?OKH46Ja#n(7d#&0)uh(;3cF%dB|ecGZa~?XOY#0C$96
z5Kcyn7xF;Tl%6Z!fY|T+j7nW=Aa$^O<e8d<O!H;#S{U=3&MB8i@B!5DwUnwrR~Y2Z
z#ekl!oql&wuyxGh3NtVsEPxMTNEK@CqbL(W!Ny>L9Gj1etL_V+vFnr0ukQ;|%;61K
zx(?s4yjl10TvCBxHGmvI3<iszo#Q5I9f^Wz5M11ny8v3%Y;FK9kzM>C_smX&fR&X%
zBMX%Q`wMMRm&M3kfyLbQu8<whhbq^e;pwG22#BFfO|g?uBYM8U>73pU0>lk0gM#?+
zW6&*n7oFZt&2=X&Jd(z+M6l1#Z3m9Y1Z`?+xT=_na+Ci)r$Vnz5pQmIsfr5;?zuit
zwF9SaSdY$SVAur0f@?Ww9aNa5aMy&lpYp*r8FLVZrD)_)e(aO5cQ~`a66ZE5@Zf=)
zu1|hBwiqCDXP&?=FW{8R^gP4UT~(~OPk~2FtpcSb@L{4cINy%+cOKH`m&%}IdQtDP
zzUoj_P)l_{?4$CTm6dXg06L(;hWJ_xoAJ4eKd+Gn03J?6O=LIqW;850kI?T)RihX+
zILjJJbs(kfwptgpfmL@J9yz58`h2Y@WGKo2Z4`Jx;bYeWBahfYl~?;H3G?;|Nw}ym
zwQQ*-Xgu=q^K`%tY+6LT5{6bBfY!s6GN$Hq(+4X9h`I(2^cu{E0dxtN`YcYDx*=Cz
zgO+3WLb;<WY6lN~bPve7MH_v*C)w`{To9+8lIg?xJbCGnkmt&qfsph~0!Djz^qm{Y
zf32Y%`P_gef_a~0i{yEIC|KcRh&V8EWW{xow2!F4Dmz^=#t1+FNa=Q?syPo&qr8l@
z?<1H_G72Xsn?QSSDl-|+Ez<E%kQ<W+PKLS+N@|0Gs#2F#aiC4`u~f1nwQGy#K!$FD
zI!|im(K%^h2-O2~Baq!7tKG!9qEl8B%y*g^Y$WHv;E)i8cMVDblEV7q4m5ktG{A#M
z0d(Lq8874~ae6*=AjRl2U`EEoqpBTelG@^iFk)_YMrRpZQM_w7C9Z*JK>o45DqxLh
z`d`@oHn>^D4RZoNc<!+XwAucsL;um5%8t4cD67y?bo_I&Q0Ou_PlTJv0;A1{j;;4{
zkqXLZexhmUPdW?a>}vkF855J;g8CO0UC>Q>#L}6+f8s-C2TfFZq=_3U3qs_!4VoZ2
z%R8cWCqibaMyrq{>;w1<VzBJ6MfpPL9{5H+<-9&Mr4RTJLrSU&@~m@@(MX8qgx3V_
zTZ+TAZ=4t=gkhzAz6ZZDS*FL$c1xpZ-$LJp2nV=k)lu1>9S?rbdw<i&e&U`arwp`6
z!XzNXR*rRfF6{?50c;U7i4ap*8TPV7o26a8nI=&_@@3&ir49$IF~wMv&8U~{MsvuE
zu4-MUQiFijTYg9LvqcTLTmpc|BmVBeVPQhi{mze7%X02*wj#vAV;EBKam4;&=wP5&
zf(*trq#DYhj;Hh<ITZoe1?C5#bS-?ZxVpV8%H|HOmGt8E`;VWN?_a&Tc=>7h@vnCm
zJcdGlFdC3sP`U@k)Cw{jZZXwONi!izpdcrRFc7LBML*cR9nAo_aCHY2Ouz7{FiJDw
zPO$9fu6C?WfU*FE##RN$4sC%WLJ&~z?pT_U@}HAfQ;D20<rBw~USw3F6Tn6MCNfMV
z$;>^M)HT##ryZTdFkxX$YDB_B!%mNop#|-i6d7&kvIKS^YhstfIO#Paq%pt;RPpeB
zIBN7hn3;If^8KBm-P*AWCXK`WmH}kI4JQsvtX(y3yfIGgquG;V7?R2c0wX~30Ic*n
zJKd#4``pg}djMKwTMFOU++fA?ct(IS_vl356=8ydsDc<walc(7=V1<U2v<>QsZ(x0
z2+O%L+dN?&bmNz<3oR+6d9Rc4h1O9vu*+s*-btnXpwpO;?*w(bcQ8NTBWn%W3z6-!
z{8uPS3YeEeq3M7anuX)&mh0Y13d8Y9*RVUH(E(Qx$JZVFXaW5Hu1|)pU%I-K_L42<
z@=nG%N@NsbvUH^?^K610v_d75n~T09ikvp|9Y=fQI`el7GjJx(WY`F(Gp5E=!`dE9
z{RxJMpdsb9K9O|L;)A*0aqWeHxgrtT`0W0??B0LhJsGqKV&YU5<gk>4=0G`pqlbjh
zeX{DvC6_>T^x128+rAF2(hjHoINL_06Eyuf;6&mKod|iPPZN=~bqH{&ThZI~w`TLY
z`7T?@kUnQ#1iTR#Z3qY`61uwi260H-z$ogn1;lPg2%JQf9Buqivm*}pmIU!1;RVe|
z$s$YZ!1(Zl39hnh%-4;n7&QwHF`*<&b6hFx8;ivC23i(pxbt^Sg-WkTvUZgw#BCc)
zCF?c}A}-}-_U7LcMsk%Uypbgz_{6pI7)2w9XOO5?i*x=ZRRgCO`V|a=FQV*#S<X?>
zqL^2KyzR>yfzIjW-#TyYOCWwK)r=4oiMF>o{^ygJJ8T!Hg3On>2ZJj$nz}Mi%jSDg
z$=jhXCCrOZHT$U1q1oh~;`l<U%T%4zD_LJjpErQdiF^>E@ga&3<PeT*zz=TLcdPb?
zX4aHph8C@@s9EC;leUWj_e0Xn>9iy9)mBRypt@891g-&l)$p0@nx^UZ6G@S`8YP}p
zKpGQnL$T=a9{D1fO0sKQ7jp_z3!HMeYf{E}WD`&g5H1qXpkjDsFu0Hr2`A1blEUD4
zj%+9$06H<8LM@(ALi`CqoMWdYHP{#Wz@q1Z#7GjXMWaR=<@vgw4rnIJ%OEoduu%O&
z`nYV6nwbGKcg<-sK=&wK7W6b$w}h}u`;dqG0EECmXPSZ{R}v&Scmu+1)1uE^J%|j7
zJE9gL0;(C4*oru6j+_UoF$)38ux*KLc!cBFS#WS4`SnDwQff`M)M^0vf$}^6M`DQd
z4!{2Z{NSz&%Oy}N$VXJ|mD7Mv=P;Gm*GpQM7F*=e{3xU<xzlhwxGgQPV*=GSb3pM$
zT?HIR#|{E^6PK4!%v12960ajW+2Exd*#N3QLS3hEc7V+x7KgZ(MIfvB$To(`1EN2`
zO_GSCzXVEpY$q&G5R~IS+6bgQ(0Rf{9odB*b>)$LpxQ$88S(rKo7WL*p#y*?wInSQ
zn8E{$TzRaek2lwPC2&4ayyC|>38I+r{gM6eP+A_z1GaLU5Td0nS-YA?bYIDmu?mO;
z09{})W7bfAKX&+R%n|W6#;pR<;=vDH9eYINSF3H0A%S5ECAcE5gv^Q@@R6ec|1a_0
zubjFXKN-Xkl6R=y#E72+<*~-K7t+e8DnYG*Y`x@(j<>8m@D$w>1m-KYHfbYtO-^_Z
zg<`(Fx|h8P8j3&~pck}beT3$YZ3bTDyZc*0Q@0c>(oTxz4Tw2-Eg|vZ*g3Wx&lFtf
zCCX3`7ptMGg=IE5dQ?XkA(3}O>pm;FB|~9wWJjXa%}U%U!V(~Xh}0nBSi*L8<k!)P
zE$*sI;hfNgPLv^6l(mB}pa7Vh!jbJ@cIDtB({#zH7vw-si0wnme)M7&XI>WSFf|d|
z2E*BsO~$_ywb_~bN$A+=HsT8iZTebJ_<S2^Nr4&*WWtTBu9gB-$GzIuI*2n%VYkhK
z!BdGF7+A`d5(j4&9XD}^M-TR!L`lRoj4U%)^+;rA9k1_*G5Fpb2FDvZqA^HdIofo=
z3w#YPn2m)$J;0^@q4$BP{`FI;n%NaKVIt=Qx^MtcU>zJCN;DB`1HO)%Mt;<F!SsEN
zEbV;;=%0=BRhOCygBSg8o?jNL8!BeD_t*Nq@rT?uvaKMGmWqvoq!=7@0DY4X+J{2h
zoZZ<zLcjvs4ht%7LoT*zEA=_pN6w)UDt67~;blfWNDy*;NtzUbanY)tFEel%j$gW#
zneSR=zH6B|`wRce{6P+~fdK8ggG&UZc2JR2xFfv`2Qz*Hm+^(SNCS6^u6;^ESsd3H
zu0dU8vHhZ<UDPjD>Vm2;X?BphUwPxoEIzJrz$p4{3d)gXp><d`5$7OuO>H38V)$}g
z^Wor6U_@N=5xC|faLtD+2Mgb#V?N+am`@VS1dd<2hSX8<&z;k?!a~;@g|0WEWPSeh
z$h9LPSLY*F=SfOA+H|B{P@Z;u($&w%)z8?~PhE6&1en(s*t%li;S68i-YX6sM4F>W
zJnp2#xAC;4I=3<6X?2ap2lD4&X9^u$IJYsfCpZO24|A(7xS}hgctm4IV3x^A5V32h
z=mKC{X$LAp_IkPfR@~wRly}h!{*&GoKbG9k#QEcf4W~aUp~Ru6QgrP#SHvDbmSe_s
zbRB5N{oOrtvb>`jl8I1%TdvFh%2usBca5C9PI04jex=NX{S8TZ$@k?OQq#CaTIH4c
z&HM7dGzbK1p}%H?Lk)JPTz?m3(LdJT<zp&ZrVNXO`*>L<5yueMA6JO76@88Bk0Y+x
z`@({~n!~HD7B-hhSmte1l{p5^)7w4=qdEPTx9j!QV)6TZTJj?Nr@C5id1ZdC<rn;i
zFVSVPcmUr--LIhUA~rDJkq&G(UZ}?R_Z<up=L@JY^0O{41j^>VQJp)ezs2oIj`p~0
za4Lz-_h(B8f?SRnf02e06!-Cg*8<0vYY8WFBNyKcj113kyu601_mlX@K1Jw&f^+S2
zoe9~Xc^OhTowfHjkO-`Al2<qHZ%BrF6^nGa=Eq^yzbXOU#rAS_J<Pl;RH%MS$eam$
zfDJKHH|ia&tW^l}PqTrsuONCUA+HckO^TZ%vLj7Puwrs?*|!3O?c(5!`%M8aHbpxn
z&JyHus{K%-HynwP;s%J-vl~T)V@VQ&2g+bYBifu26)~hi;zBACj_CUK8uoV~ifRD%
zeWZdPA_nDKJeMtj5$vn{6Bt|&Mg@c^iX7V7jT?%;6<?Z7enFi1U-A=`l&dWqhBr7L
z444%3c>s{PM^i1P7Fnc=`LsE9(1K_LpOJPz4gv*fKuI}r%w=XFE)-+n9Aem6x#oLQ
z-Q)Ev7D!M?N<f<fZC5^E8qDsmfb;_(29P5ex76esJ8;{Pyj%w!Dg!gH^Oy%yOVB1D
zI^h^dAa`>?R{X3_rJg!-DFGamcDYQD#zZGfFQm~Di2mJd)_%f`gvnCn4hjb}nLwaK
zd6cBckmD?ZLv=KC+*+cn0G63Nh6tBcJ{@QWZu7vP{;8$J%xHrC5k5=;%2WfRYTz>B
zqyi;Hb$VJ98f~PkaunAxB%wkbzEQTqPT=;^y9KBvujJk+)Sz9|X!dbyzj76g5ib$d
z4m8)ML&Lw$4o!_p(DXiXI}n;5by$iX(hkYBKMQD^Hb-l&#W{4ea74iG!F(k;IpL6l
zN_(L)LvyqVqE6jSFM4HKF4RO3uY^2J$4v&=u@F=#1+LUAky)Y;U#&66qda3*F!_Lu
zZ)zw8Z`5mlRE<Zf@fG2n%D7%J#+?*N3|l1JMuG7ImHd&dwdSAn4rEn$2c)Ph;k2fu
zk{Or*;(oD^54x70P6<0+>y)PlA=|YEPy3bfyw6a{GMIQ22>*dABozb7m6&G`!G+?y
z)ahjM13Td}1b1k(8-Y4{!P8Nj@?e)kvJ)*1r41~btuv(YyvAKk!+5RsO&Wnfv$+F8
zu-sJ>51?>@Yv~+aWhx)~Vv1RdRo1Q~Y#TABDY;+H1r|`Po!JLIB7k3}-vZxOcb7|U
z3Ri2DPy^syz&Az?0RRkn>ofNO(Py48Y_Eihu!>VR_u5q4$z9E!vJU+nJDH4Ji2yCt
zhqzTzJ8v%n0;xw^GIQNvFZZPa_nEAR-;Yv^giy*SMO~9UK#t9G#x-@d-2>;7st)!-
zzho#N2?*Cx8_Cj1r8;4LnE=gTkIDm;3IQH-W_TGSR-(4*cp%Wn(F31O@DjjcidzFl
z0WN*`Mx32d!Sw#hoN<pKiTU|Qa`~g&teCLZ>dz0G^&KuGroO+9Vpp%OL<5kmDH@fO
zsrW?P+7g~5=aWoavI8z9M8U3Cl#BgC4CbGzLgD52ic}B&Z_hmYrz|pj;M=RB5_*cp
zFDV2O_X1HS#Ppm`n$)P~8qU;Tz4dX;BEiq*c<z|J`<r72YL(?JC@O+1>Q4nST&))i
zg%`3u)lq?Gu(QV*1XVsr&m<!RGh1%p`CPwLm8Q7$I|TvN0mI&tbLP+cJAhYQ#?|1c
zt`(YSO&M{eHan;@+TZ*%e2bU!BYpb?Zd-%h7Q&P!Es6J(aRF0hkP2wY@dj$c{QS<!
z&ek1X-Lz{uOQya|QuL_ByQ8pGnYW+aFM+{u>I+c=RIcRP;TPiaTc(vOtPV_HHou?E
zXDU_`<>zXOF92nz@*g$DWchA{hMN*<U`#7u2FmBUl#(l)9PVQzyg}Q$W{YHtJn&~P
zt$diR8-QxECdDm*{kTFMsZO}WHUum6l$|yjNHDCnuHlGEf=2~BD1?n*T67v;@<a0#
zttD1|_819T0HzNWm6U9s<WI?3P^HvxQagI7%-S#M<(HK*^W3@`qO7sN-^g#d7r65L
z5Lv#0!=$`lUDeG-F`Hy9wP#CGy@B_NpZ+Xv#TaQWelbRdGZZSd3Ie1rYPom?rAv^m
zld&hhS2+!;E2$*e9{W(I0B4GSba*s&mjRMf$F^7y(^(?RE~2DFcK(*1l-nac#>a=|
z4dSarV1(QlaY^UXrn6QjM~$GHX^GX4YGy?P%X2pE$V>zzig<Mi3!PQsn!qPR{1I7n
zkUOQ@X&{-zBOI>Ufh*zE6$VxU(-p8ofaO_T>u68!i|FvZ;9-3K)9a5fpS@VV=0E9D
zsKHiu@pAdkm;ayG6gVa+{RkmB%<>=|QnVoj0f`3w`+<o&2}tXT2tBuN=!NCy;GfNp
z-l_4UyA4df;47d<UHw};ju13fMcfT&A@Rm3g(4N@vz2Ai59s=kdJy?(2?D&8hrN@E
z7QJ*(hfQdjSBIFH>Ur1vy0UI82pRmzDA`GlgJDf{f0C+ThMQK@p{=aIzF;dc9h`We
zKxv75q|oQtJIuk9XLi__puY3|&~3mJAWJkje}D1|Yj5R1ERg%=wuhu7z|!&aC{a3Y
z+-1m#$dD~lr=}TwVEi=_u^<FN-$1V69DSRlO8I_IMM{CSBy%7XF(Fo@qqqK9q!i$w
z5rL`DRp)R<6hWWKa|53DwlM2VA+az7Rw~&{#D2slgO$jK<|+b_T%jCnF3oBw911QA
z{0PV+6kS<M#BLJ%g#&0d;SROnZqeO|qfFdF{b{W#juHG@2<r0?DN5nQo?C4AsO_Z<
zgZcEy)>UDY1sf{L|CeCz<c!n1oxlZb1_0Qy3h0F)ygB(y$SL6h9ECto46ZT3!J(gG
z>5sE?po_TPt<8ZZ#}{a4ZYr>2fMjaKayka1KTf9g?Yc;(@rd)nEYlPf;Zm{Tjy9A}
zFpIe&{9%wd+MT6#ojs6ny^C?*GM#jueM`!Czpj)VLjXXNqErs5DotYBklB%7E3_MO
zry&ZTv;ca@7g?5X#}`mJg!98E;0_E{5+?o1*zpC(Y=nme)nNF7Te*|Whr?Bz2dl6&
zo$2I~?VQNQS_&hQXc*kB1wW#XtLMKTuQAuL7!x_G3)EMW5Y|A2ICON+fno?;^?F4A
z9B&8L;Ji&&wH(vdkEW!L2vbh?nZBv76#=(R#C^J_1{*)9tUSh3$N>kss)Pc#<m`R#
zINHb0wZi~fj6!dAFb-s|DiVfSLm1ZSCTljjJ|G*-3v_lrtFtMrNRojtn-g&XZ%)QI
zc4dqSmN;g_RclD{+4V`~aEv{Az50Q+3%i#rN0nA5{3Fz`@E5MhX3DM4^5x??qE4hu
zg%&H1T|AXRkh*SXsmsfCaK7<%YXaRRg(P7U(3R-0R(=MMSncNrloVo5v7=?tz`5qZ
z`jt_=(9yMcDwrchbl3NHDoXP&J65CDwkoDmszz#7J%vDDR+ojeE0jegy4oS6?q!;2
z>+^u#YKu*c9%33fK?R^fsew@+GrjRGhpMDD01T%9dZ>qtA!l{bYU7H#%zz7A5M-|T
zCD%H)BChH|6kHsibTGdKlu^1q>FTG0BaW}D0Ook05=DHlfhrV4H8MMXvH8p$SN$dS
z?r*+rxCM`VqyY=DX(&mXLm^nAly@Wj2EU8P<=1tB<Z7Xx>_2d(dRfaUP2Rz$NJ{$;
zr{WnfI1ts>&}$Spj)A#vo!SbwpD>AI@Ca~p5IH-qFW_uTsaXP?+j8D&ck|?NA$%Ry
zLP>z8ZOa_$zTj6`_aRD}KEt`Bt^fybSg_{=cw1aDz=%`)**Cc3N}es3n|qvS{fzD9
z8kCEK)(OU|sJEoPI86W#;30w3SM5RFt}KkYn&?{=hNhwVy$=x2s6_T<`MQKLQD(_o
z|HYkYnmLy9Es%g`3#GUK-Y^DS8E|@#9|>4pmBE<(n!W{!dKdrjZjD%--AP=^Fh~j^
zB;it-=n45Xo%B`2_`3Km>^7ur*LO0CC0uNHy|AA773{A1w)=}ZNap^|WVB6qvI<0X
z!$<Z4RuH%_e&zZj86-6$YV<bjNkJc6hJbcFN}r*4hGE&%PX3zVQ;~0O#e(KS`jBF0
z5}rv2|9obY?0-$a0$(<+b8}EB!=Y1_qzgr_=~vD!`S@<_-Q0`3u2fyX86)+<3D6gP
zW&1TF=v$q`_os6a1?j*cV7>HUg-dkE;um#};OfXOBUZ|#xUO?JG{O!o_>1~xSriPg
zj2wJ^U?8CTZsICOsO(p+IjeW2)>A_KH%P!vN0Lwi?eZ&oM=__&Y-dp*{i$Gy@Zm%(
z^T-f@|Eg&fi=xt&cq>YX3VL!XRRglfl;gv+`zr^|npTs)qE@qp_r=R8R40G+OKnLk
zV@D$UYW4Y2M9A3_v4}?FK@pNBtYwH8e$~_pEr~cN{SnKSKtZ%Y$<h<BtiC$`qTVSb
zM~wy0r$hlY6-D=+jAILQ@mH?9ShnkUW+OQI2tZLCNKi;6>IpRcqOntGLA_};sz9u9
z*pgQw=1T2p=^KipU(`Q!$jZu7r2=#gQTM9k^oQ*X1?kKR+Dg<AcEwrPuuB4ff+uae
zQOve`Zb@@2#$usyoy1)GyO4#Rb+vD$1p2SM+Wx^Mj)0g%$gB^Hat0r$Y9KkezW;pr
zN(m}SAgF`Y?ZNWsOWyO}MeO5uqokp}Dqq)u$Q<G$u8f`ta1wfJh!8?5F%N=-lqS!j
zEeNejICM`U`OvLZs(=%+vS4tjLK3{M;~@(9q^l3mFI`_<X_(peXg*w$s4(n;^sT9f
zg}TZ06q_l%4-ER_U>m6cs_?4>_;Xw4i7RRgm&Xtx?%OeRzdE=k%wi-h5j7L$R+C{k
zCuBG29h$OKZL|sWOmzk@TN$`>+8y;4M$(YV8xKDbULX^vm}Ok1c^W@O{3wLqjL;n?
zm6fO)B}Iljjo-%5Eme^6Ab#8i`u070jFqQ>v!n<SvnVNlAp5TUFZ~6?2Z2{@iI4>G
z>PG5;xB)KZ?@OwRTC)00D=|tENpJ~ydD42hu#)KkQ(N5zo2Let3+Zwf^w3bmkNRrq
zOPYE(1W6i0#u0+Xr+hUCb)@LH+8J@#TEbnFjzLXg^UjGGbCu#vbLBeNuD3SfNMsGc
zJcKbkW8wzR_ZG+#$1klV%yZ%GnwigW=0Qg|$=B<sCXkpR#EE$nM9fy~TW1t^WnQ7E
zMGFR^)-oq%>$V22B4=`T!=|Ihu_GNj9Vvw>&@<Sf3Rn^q#t`C6AR<xR0;+M18P(4i
zJ;R`Dr{Vr?)G_i2%e*7)Mn&TdFrnx2hZx{k{X&*vL$-~~07bbtowY0XL@d-XSFXBe
zlC6$Uy6T>xAsP)F^-J@qhV6f`(Ah<}dT&WC!l9{<8Irsnrd1)o>kV`XDAmay>PS0c
z+!?QKW!T5D#b0OvLB><ISWu+b9cheX6h<f%C6H$lieeS1EuCu2tUXoJZtj`0J%X<_
z#KHm5Bq5|CwrQ0a$$oY18@mr?xt#mz)?1TzNK%0g6lem*!tyfT)D*MZnM>THBWL;_
zT0-FBlJY~DQJs|9w;r?`qk*`Hu?m3(D`L#3@$p-irM9M7!@Wm{pSKiR^hj^(qt=Sh
z#<<(WYFMZ^7-)_=1VP8{p~)E}SuSfw+^%7bK2{G7mNB#D^+0lUrxeUC3DdvtvFC4Y
z1Vz6B+sk+MzE*Git)&q)L{Nm1xJH-<Dk106&{-=_=V#pWJ6#2D=!`1jn&&I^(jYIf
zy2DV&--OHpXoC4kde_lfaN%h|^3+oM2q(J<x_g=t|Cn_o^Ebn|+pln3KLC;e2!$H7
zO*2AG?j59@U9?S9O2vN0U>2Wfm?|!>Y;4iWhH%bFC<Io?wd==~D-ibV*!54f46(_S
zk46FIQRthKIumKBxpi`pT~NI-GFedeO~D_^SDRdbny)C=1KeB#9aKR1m$zIQ`n^Gi
zKnnxwizt&sY00TYi_0`Nm%PI4;d%u)kSFTE+%=%{-}kpOQztcfpT6hAF*&AmsDIq3
zO{n_=0#D(P`4tQbsw>yUhB|MMZgS0J^V$DnI0`6!xE=-Q$h1JET$p%-#axr-x)QpO
zOCiW5$DBJrM7YiUoR4k_cRy}LJb>={!hRt2*AVB5RIzJ0X_j!qgRHLg8r!>Ae309=
zI>%;-&u%_3S~Az-#H??Xv68>4byJZA_Nb}`CjgX9ITt-XN36$med;Ew<_eg&=InUR
z&%-JDfB52&!C_olKTqKLr*s;SkwVPOC)<VYBDvpB_QUBRh@UC(DSTSA6(%7dA{DdA
z8Lf*ybQuB+@wdgdn*o)yBvoGgD4Q3>&1YC-KP!Jhu7Q(X+FuP{6yzS2>+5vv2DhaD
z#!m<VF;BeNUBL~wR{cBdpXjMAVCF<WAV!OiaD@<4IHuOMk6lzap%ycJ>}`qgZa`36
zRJSsZLe9yybfAKN`L;Z8Mm>q8H=C90Hzgx6w9@2XV4`!)s0-r<@ci*MtA}7E7;COf
zls6=XGOxF!QW!h6q>s8;|Iduvs{6{Z8#f5sSkZj}mq+fz>2$fEln^gCwzxq}o=(Ie
zS$U-9kTsznv9sPzsFCJIWkQlfLT<JsjD58N!f+FG3TgO$mO`3!!<$JV{A~o!E+lH$
zxkj97L0wAtj`bPE$d5WhL7Lyl=!AV3U4^XLw#C8}xzRs~g@F*;5S1Lt#XhLN%d<g~
z@lU2$6vIZ5RUo?JBwY;AH0nY6{&CC$K5}X`^<PP(VsPd$+?eLR&oQli!UwDEmS!DB
zuZv;xV?Ym7xa*kgBaTk2Mu)j6K|TWLOQ~x`h)zP?juoVwi${EVu7Y(-9Bk<UdLtCF
zd(^MM{Nxmc2{jqeWA?ya9SyI~%Ai1^Mc2X*2A#1w-u$f95#@0R{y9mJ6Gi$<yU&j}
zI{oV4n#_HZD_mJuCG;-N)uHYgkN9*eH31GOYPs+xb&A$)t}_6S_^8oBB<M%-6H<HN
z{hlHbpKk?F&61`&6@Lp5AEs0S)6iI_Ai;GoRV!vahOz4>4C%#+^dIzBa3hF}yL30z
z(A8HbTh)VRO2{`Tld2GE1(YS?JB}f9U3fLT`w?fd9|6L#C2?ew*~x!F_x;2pP(l_T
zun7~w<&`3Rbc}$@5zwgerx*bQWm3v%kj8`Nk0a!XM*voC6d)U~zytLwk#}*7fa_wT
zxnQ1R1hOc`6;23+7D*04h@(qH0oB%cf;|XJY8}=!GF~n0m5shdJ>4E`U}%eYS<cR)
zg|gfEvX0uZ2u^k}4o@%wBuNp&h#SzF6y`}bXSO8Z(s;6`XT)`x{}R+01wBu_{<9#W
zMwI9~rR7x7yT{*Q10zjQ|A^yn9h}fzRRIVJDHfmxS3?7z=1~C{uo8kGEFttT#(R32
zN1+4|M?Uh-C_AQEVses?w}7ny<RJt`!vN_Dj&1`1d78I^7`cwgd{X99!V;-7H;?$J
zk&^>Ao>V(Qyj7$PVl$8JiHxpYRO0{(i4t<jgu{h0=Wz|r=*?gQh6V~&3Ti=-wtCt(
zqXY`+0RR?=P{V1UA&^fsXF0@>$Wx;k=mB>!N==XXF#9r;P(2Tb9XbK{K4JWQ(m5+C
z;kbpG50Z?QGN(s>nEhse%i)dT?u7I@jJ!|#X4HCmX&Qs_gir_4nkRiTk@$rsq$+{h
zpgZ)mtC7qpf=xvLV=LMzhDYY9RwL{b!i!3=8&m>?DJ6T%huM(`xSCOR#CuEOz006k
zeQa}OuSVE&2zazeql%D#DOTzOw=ieSqI8llF_AigbCOyc1B5;i?B0Qvav*Q))Z77B
zhy@ht@kOR1|F~M0h2oPoLGc_#J0j6OYDw@u6fTrRq%}XD3`+#z00=LlImim8ELA;?
zPla59&n8WwW2`{JliblhNk5N4GEZgxgn1mr`2Sz1f;FCcNSB_RJ3o|XA%HpLT6Qgt
z2;pb&m>HH)q_|u-$_POfaT0WdMZJfvwuSI`y9WLALH(&y`Of&OO4Nf77NAsl|5?_h
z(adF8rqJFK9TCp|W(<)reI5}g&4Rlwl!TNH0|&6c>lP0EZw5ul9I5RQ-rv?x4N9rU
zdLyw<YIq@jmP%-(#WE*g0N+Ulq+d~hP-m9G8m4Jcvi(oDTdao7d4D|3xOCs_@CK|N
z5_7`8fM{65F*?88xv-Rx3pN=6o1A|=as*7!M;wjAe?S5~NMMm6vf>&>2Y8j_k>iuG
zgRCLaz#Z6CRhGoH^!H}}E?D}*@}CK0JC3A|H>YN<(*!&}<Uy#cI>R?Ea7^R^$3(F*
zD8v472;GnN{=b^yix^64=WM>gUiXE)^9^FT;U7o&vddz7X~4X%`OyG+?~`aSi`uqy
z?OOoEQHjd6s8dj*23$gZdNl(YnSBTuKdM2w5JEv{mb(B2A~!MLT`tZb?r5Xk<-oL#
z28lW!O~S)KSt&saOKLd{gYAIXNHE!6k|8q>&evr-CPYOpyh(>Il4=B-sc728$uv%F
z<H<|f)xI^2KNE+tyA;VR4+!@J1dpH!fj;U^oI~vZli`fYN*IIk$1u4)j;8b6<w7Y1
zzF~t@7MfJLI;7u_PX|U^WN5*RmUTV{ZJIe9zu{RxK+bdA3pn0L%#ngX)>z;A`Zpz8
zGCR7><DCw@vOpc&?x%Ti!)^r~7^4CS%P$pL2;IAukc-(W0^l+?J1|R){Fr?18S8zm
zQO^Ss_}?oKg#Z6a6-ek$sIsK4l0v}HveDIU9&0L?awE$%v&)TSqYTDb&A<-&H#HG0
zXvSA)A*rtogXAG`M(VslNEKn$sR-qRD~)6gyLPF~z9khBjt5x>*be8}vfK{1{+u7)
z`n+Z79aRGi54*t=1*MV#vJ|chs3z4#tltfg<4vJS_Gb9IQ6)g`M>-D|zu;Uc8aRNE
z;(&3~xm*WOtQ3}@KR)flNrys@DCTWZ9g@%pg7yf3pbF@E{6tPHn%jdhQr~VrqWS>-
zTF~ie-lGlua*;_AYrfGez|RigFHmhncLKO};gtfLGfa&Ag=r-sHI~R?BN|K`Ee0u}
zzU3lU2M8@XEt@dxPegtHG-^1OUnoS>9sRE+H((@NIAx%sC4~u=nwz3?BwZPm%;g0e
zA*oYS_PC%_xk3sj<*w8py2q#&KJu&BL*W|dl2mAB=mgYSw};eDFnB3@0~+$Ag-*w*
z+7!WzhRMwPJrK#R3v3MsRjY&XQ+G^1X*cWZr6@9PR6(V19i`CS0vc;P5FA{+T_Ep>
zT=aYyAra#ErQ=EgvTFXx7~$yI*JGCqG^je)Cmr((?#=Z{$D|W`b$!zDMzKqx8N8q4
z>(n*R-^eAe93!vn_@wKNAj5Zj()C8Z>y2D$z%gpTtQsjLAC%LyR9)<nsY5~~s1dA8
zCCdPls$;j24RCbRCGrav!u3gg^q&rTM5C~RDmQLI%6YR?mj%W~xMQd_(}$5Zma~hd
z(<Kf43LZ}sL<j}3IdmxK40$vnxM-e}O#re_&RJX1M3YJP+qR?M-rK<yI@pC$Gc?hv
z94ae{GmwK!YJ|Q`Nu<7v3(uuP6H&kFtfeS{z`G<TAE8neJ2TXD-Z5`3ePH+neyi`V
zuYdej6}SHnw9nOVbt6Xnx3B(E$G3hHww030Yb`om5On<Z`q|$vmmfYZpFjKX$HmJ}
z%NHNtfA~$lw4@yGx6S>HQm$Nh{Ribk7cZax_3`B&Z$4d&e*NzK^4-gS(b}88hku~q
z<+DHkc=Phzr{Aj0ouc-mXG`cHmn{$CC;m_@^Yy}q|C?XDe7$`2@!6j*mv7%(d|EE`
zht-=bEmC^<xKQwmTr6w}@?~%nU8Cyb#qCO-h1qRaS9qhp@y-=g__s^`r5lqa{P;rf
zCISbmda>GW3f`Ar-Zj_qZGM7@^ve?AhR;iijL;?gZ3`*>mQP(aSGS;CD+U%)#I};p
zuWo9pvwoAmBFH8;;oqR@SN|-GrmGwE;qtbX4_|ICrN{NM{K8lIzlmI^ezKJG|L@k$
zCC0Agtm6j)2uMhR*nl9BK_tq8X}N8W?U4e=V_(mhaXiMJVUn;oxzFx9zK=8a+}rIQ
z7R-(X5(>K@MGygtQHW3=5@OE|u?TF)GRsILVgo1$#PIunUww5R-90hbE&HB2^*Z(V
z-t|>gQH~am`~qFi!>KgXzgZt_hRbrcnUdGCD7eS2%6dy;Mf<EqKPfIcRvvEG+sl{o
ztE%=Y6vF&W*SdAs$Eylcs&|B@(@C8<(7by`yXDkr<@Gc*rO9vJ!sVOG%KKJvwUJD<
zowi4L-(8#L#fDO~T5P#ETByy18F>Kskp{J#j8gKtVwmRZ&3t=OG_l+yI<wamr{e1x
z1$)^tcxo#}xp<>VuXe5U&WjJM<)jU%8i!L_kZvrs<a%YtC)gFH7NLU~H#_dKv8l}M
zUHGTGZ_~FdtG7!tPBwd~z{_c#z*0BPmgU}lfqZdD|Mht8@%5{%V0raQeq-)ap5aCS
zZrO+WZ89zARUJtRcT=ujSv8fgbjIDPk=fsx>{ZnyRooB~`Bdhpd97Kkk0ga3^ODd~
z?I?$%c}CO8bh&%njUpn3BbNd%g<%{kv-Yb?YDVaIy_x7D3SCqT3DotgeoFIdTiZaC
zxEg~uY^{8>tNiR8DuJMK3{SbN4=9)33bd3<#p|nMu=g&DFpK@?4#wl>IPX~vj!C&J
zvu^wCN~Z`}IUQH{Uje~WqhCIom#=V2a3`(g0<Q5CFvxXtf_VX%_FQ}83S|2Hy;oky
zQTtb=jzPyZbqPEG1p7MuFd_%@J*I0bGJ!1nzNG-}rquH6V%O|$j~g6p$0eu_D;?RY
zn+spRJ9v=;Ck79ePhL)~9IVD*=j6T$9=3{p{@P-FaO3`+dT=e>kVEsE$jhWEV*e5W
zpB*N;led=?C9YH8)*Ck--0oy<VpG1>NZrK;nz{3@JWMC{ym)f|aIzWPM|N8<tCNim
z!CEix9~nS%iz9PxTO`CkO0ik4X}4`_ORXA@HKXkqB_0@L5a51KV?|v3Oio5=x;i4j
z^mu?@=M!9qzF)N7%9VX>y4kGOcH@g#XhDw={Dm6)PH6(O@oKBO*U;mkQW8Qz&h$o~
ze78G0Jm{O!xua`7E_(@NgtB@1ZbYiyggKNLbIj9Pl})v4Sx;?e#;(rS&CtL~oWf?>
z9~WkJ=Y2I?PD?HUa2>X^#;KL%=%f=@ZN}CE2IYYBq>PXuY~)vZv>IbG66)2QFs^Ue
zjTJm42dqW0oRcyaS`>^(Xv2_$3{pg4C$E`EwVZB;77$sPOp6r<zi;M8T%O~sb-J3t
zsi!73s0$n|Q`bmmqs?yqrf8{dPM=n^@vXu>W(VRHwZ2?3AtFS@lI!UrT&?T5ot%rv
zav-4LHtE!IF3wJ{G2A@{&`1PMHjDXkt}z#T%EK~W`%tNLHQb7MFibhGkD9**9FWC?
zdLBANRe~46-Aae007m2SwAx-FGy*Yrz|eK+HX)6ufI!&5>%kC;4mZ=u`Mip>s-3MI
zi}e*?c(K09=peJKG-IOOQ$rFb(1Hn~x!b#%u4jcxkC7=1R7~Zbtf1?&&4xM%`mQ9q
zZA^>91@Jc?pHPsQ^>8t-T@Ea@0ao?2DpOP)yaD+~sJEGpk7&Gw>T>xApxB(mo9;X%
zyxh(;`I_M+W89L@AeHOI5iz0)%I#GtwACmv8#N1C?4i~RAwxpO>0krO5O=TvE|wZO
ziz$bSOMq`TF4=2!?76FBCEA<iT-D==&M>hS>vHlVo5U@g=8>qxBY;#Ig@xgF44B}~
z_YWgdo4ka8TT6_Y>?%nX=VnRQuDo9s0cST|_s77Kft0mIwN<&LoKt{dle8{~>6aj>
zGWb6`t)3qwEbpdkT#h;Iqe4Rf%x6+vwrWug6PlDK^XWnfqeQcWx65Jus2EnvxdONZ
z)ds5bgOHV>KT1LqT8T6qFov{FbrN1|joka&bXjdravB4_$S<f)o@cY=Fzp;PPBI%G
zF4t<72aICQM6VU4r-!)WZ8<gcT0WZ0Imv|N<s)Qc3n|}`kxK**z0B%jr*@Mom9%`M
z;<ClYzOi7Cw~2_e2aQZ`5XwCX1IS!NkldE;?+_uiwS+7vxt>n-iFmaeA$a$XC=jG$
zHsi8Xk**oAttp?S56=+R?LE~zi#jw(Qh>>C=)tCUHDo>0Q1V+I(i96YB}5$!YrFHo
zSobUkE3^wv0V`1M%bgI5MT%mLwop-8k+Z6JJeePGMoi&_kTo|V1TeU|II35<s(Mvg
z<A}_0M>T4x69yAj;lR}UmYwmo63x`D3P`!7C>{v1T^l4Q@YvsXa98>|T)-uUbul6%
z#h@2(;1q}$q<=+G4cAyrJ)>T7?BQm$OZ7LYm0`ek1L}KWo0Brtw6N)?mQ^mX%5g+f
zWP7|m9-fF1@K4eZGeb0!o^<lDRXiRe+Lqfzttk_&QCa0JtF5?om9Dh|IH6obNF`#>
zb99%8w4<r8Qvo@HsI;?zZ%i8m(X``S^B9e8g`!Y71jYx)OqIzns!Fzpsr4)o(~HG+
zVeh3V3c`7QAIq;m@WCMlW2~A^d{sVwaRQGtEw7~ShXM)6qoQ&SdStY5rJ;*FMAp@G
ztZP$=ZOXRdbKW;`OY3A3eV8b=Tva*Oqv=VR`w6k&{G&o~nwG*YJLOF=%{;ibMu`gM
z(;SUU@%EW>6E`R4CGA#c*LS?>#n;n?P`K&6BA9OG05Y0;#$1DVoM>W*+8RU>OtR>V
ztRSNq+2|4oo+_cd1Wrko1escfyxh(w5v*a~N(7M=JX)qkd!T?y0_K#_=upA<K&R@;
zs5e2e6`Uhab1F7TP<hC=2Z(Xv4iO)kdkg9D++siA_FPp*#p7eqI0ER35!yv4i;AR&
zMC7@h6B1qJkeA|C+O4rhn3R$5YF<q*Q3xZ?aN;u45G{NqL{*f6&T0@`?8A&{l|#r#
z?XZ7@969jV%DAvfnBiXLDuE6EkO%BDMrqX!TDsuiWJ1u+^|2Z9+`=eYL$m+@-Nvw(
zm_izwk_wrxAomuA%eeBj=8{*`v5N&%5IK&kq*KUf+u(7MzqcamRF3#Oo=rl6J=9DP
zt7+u{DI9aGmvLp2@ewjY!l&=0=n$D^m8lZkpd;XdY@!W}=BEB2Z$GXSn*zX5FoIqB
z=n?~#iS5f#y<H!V)#c+c_mRtr=At}-$*QC#77i_(WN5-PSQ2TfD_KnDl~krps2vBJ
zkVvaz3zfH>K%1~B0Bp%;yp0dJDOd8(yoODU(u~ZIVx}R`Ig=1gB)>@quw3V!76Bas
zrcy9Cep&8NCy$Ax)srd85J9Ax%wQ=bLVykEpj<hVB}aXTsrL}Q^#npsvu4{utoV^$
zw$<3!AACvVQKZ~HngT%x+O+KyL5jr9$*Cm9APHGeg_Z=Yx5S_nWcc)11>?hD8!>cu
z7?7rJGKFY4V~Z{-F5p48y7};p*KWSNhs`}gFQBkhCxRm5^+3!>ph^V<448(a+MY~_
zp34#9#<2i5$f)cUkd})i)v2L`ESJL<K?AV)tQ72Q;VToa>roA2?r3@uuKM8?42N7e
zb+mHP(>NvAw(_absI(`?-WhA3DrPX{i>C8kmMC0jLkI<pi5cx?O!fpI<0UKrVz9iH
zB?v#?Sc}b)5&{hQkYJLkD}xT1F>x<2iU~AjY?Y;v?6Nab4-$c>Ga)zsgq9$+J1t(2
z8TqeaUVY%{S@AC3ynUy<Z>MhDx%aT#KW&~H46bAUtEV^b3<eJ#?w8B^_a0s<uk%`R
zAmf^K^(<nDvAb~9Z@bMQIfKWk2Tr-l@lGNg)JjAdqkPa2!bVZmQ)Nh^9tI|4y2fVL
z>(Av|$HUF+_N~E9gq`WRUAl~PI9T!rru*_kw!`20+`Sv0xpR|GVlg#IlEwJmS5A+T
znM}LJNFcS8C0Tu=HrYe;NcIqd(ji<bvH7$6>bXyO;-&>_fY`c$tHFZE&U!ZU`qKE3
z4b~@eCbC}h>WYyo3eDUkIB*I=uB?U;1~*yz5T|gmXw9KkaS)*?31+&HAVgR+cevTi
zkwr8^#IRH<bRncZsnM*lpvEj>RmT?1tXiuyEw80Hwd$=<f@?RWmGfn_AWcd%8q@|2
z0Hkxs3TQCq#|7!r{5@F$MA|7BnZ{LVD8svOjg&sw4XKf&;rOlHoWVq8=zeN5jX_FG
zOk}AC7f*ssmo6GQ0it(Uf!pkC?XNb}dhm*&7D<j;={=*`a&EY{fARhXN#vl9erbwb
z0M@{1@`h*%5Qp}#yJdk4Nx>kb<WOW7Jr!=Wao$AlO^h*UV~K;AV8N7>-cTlZJ{9i-
z)<o@AAwJuZp>27N)C}}|SLZ_$B>@uAfKUm&Z5gLebxs0+>X3Pyp2*zEt3juhs4`Hv
zO>G*4i4Vk;ZV6v8Ri_b2>KoM<L6T(0*k#eZ2LsoP0=4J%JSrr5dur`vFyQ7SY=Cdf
zw})1f6W!$li0*^Yh%d*8w_6|@5N1Ui650P_6+7VpMT6!VW(9@{W0;6%-i_;1Ent9~
zgU879b&UmZKsWZw2d~hVCCxGY8`l9OM~FviPa-La1|)W(p*J~&QnE|{jk9Cn_z)XV
z<moI=Jqapa)4B}UmWFtlSX;)w)0{5L34B`YK{J(tba5wwkhpc3W!%D-Mls-@2YfCi
zQZ&mpy~(&Tc==^$+H~^+IJI2<v>rxw7MF}$FCU1e>|cr+oM;$3aiZJ+lyr9*0a3!B
zgB^!3>QdWyk+~&YQ->M%>E9D_-#qT{-!$tyID;Bz2DfVPX)}^an{mFD@)^NTt^$@<
z71$Cv)+I_MHg4p*=~)}Tl;1AJlNg~DLP{C6aEOaHEkqCwFkCF&p5iPKsou;4s?ZK!
zL?JaV9}o^i4G~NVKqk&kN>m}tGcmsqIHdDAVM@JTPO%4^!s|@Ot**LuNR&O_Dnu7F
z(ZRlu=yD7e;tyY@;ZnT_wRo(LDq|wcL7*1cCJEtjOqanAqskh22pl%X;u|aqBnMK`
zUb^>s<EZoUtp`M<&RU}zwx01uD<<U1m{yuqui@pS3F%FgS8XyM@YL9`DkG)D*3*nR
zci`7%&((19HxtWP+sa(RXc&PBe5Kn^C7i}YZflqx&Q7vo)ixbTW}9g=vo1wgYpNSu
zIc=DOPzbnvjaJ;o8Ib%6BvUnNJ}+S1dc#uxiYatyPGgo_4;mqmk<_PbL8gz1mtHrA
zft$Mxmf-&*1G;ntb|5<OB1YcHtE)Tr^Q!)+-D`SKt>x}xgRedr;JS>}A;wSB8oL5i
zt+|bJ?Cr_)=6pJkU{vn6Njz+2a6J=lr9a=&QJ^zr*(_u6VxZ4*7tn989Ps6{lEi|9
zeQla!`WxllDAFU-?FOBvOmU&QD0JpJ&SP@Rdn`x%ULv&ssiy*zhjWht$+4xh{DhpG
z2_FrwyHm!(?@^YPodZY(k{enk>Z#v641iy{`|67~?v}6KzAd-D*KWLccOY-Oj?M8D
zaY}L+_?XEQW1bcjDUIxTTK5TY%~y)aB|8^}IzlaS5fsYTj)Ek$X9?#$*0Il-*`2Dx
zW;0(FZzr0cI&21UTG^Y{C*{7GtvTa;lev69ASJmCqckefe@KEZgeRggX+<xAPuiE-
zn|0P;mMkMCCD6#BmKC5J7_C!*fO1xklD8WJL5C$GCqoAzxFN+6jmp6La11Kn+_A<e
zsxx05&M_e-KFf@>d`{9g%|q+7$iwjC?sfG_PBBX$qJ-p*3b$1A`|!Dw@dIrMFEI8u
znjc77OxSNc5J<W8#@+^pEV~tYdRVgB#a46dp}6yDHH+pZNj~$&qICLLz67PaFX|$%
z6BhdphuoG+5LYrQ53^w|d>kKXZM*9P^;CpS{!6!IfMb{k^H?~hwQYVQV{$VX5+!jg
zHBz9#$)cq!mdORf+%;JCV_c8kPxcfZbg1+bN^kr7CDtw$R=M<Aj@RvxY+A;`f(Q*T
zTrYQW*Ogh#bV~6u8%gmtS!H+BBl=;iFqSs0<aDddEW)PQX(mSgF{XgWSQ+jn7l805
zX<DOkqQ(*6Yx0MGKgj^Hl0(hp++@O_FvgeSqL~;YStXSY;%h*mSq1x-tmyD#>#_o%
zx@65@x|w4Zogc)?e1hR*D@omVvw|0gmM=7wQ<g2<(kbg^UURZeiW1T@uEWkIF}a7p
zvzXDxXK5M#-<f{i#%iFoVBI2ZOXubT#ZdafQy$EY5w+90jNai>Eq#+N_JHqcFiDq$
z3x{#1dtQVuiy@_pr$L+!cEio&OhlhE^BqW{Mk8vyRz4|;TrqxyXV;5{DTB_4bYzSc
z`iR=DR}ZBD84RqBQd?QTU$BfSphD8@Apdj${gX3S^4<`lop4Y3L2G8*mp#EMo=7GE
z2*_A`YOk!Ax{xe(wRHe0>xJE@oG@MIW58|Yd!9*^OuxR)o5vAGB@ESSaB`s||KTy+
zD12R~aSS2BR4{D8@>miRGe;E-1M7xzcH9g%C*={8ogwm-7Yel&w%o5HH`tH_lxBsT
z@8uzLX3~1E#QGjrY;#CnW~BsvK5NTAg?QL$JTu)Qz$NR)reA<6(w-Y~%=DP6VQyL9
z%<Jp1Ihhq0UC)Q_y18J$5aC^U_1@|I*)5XQQ_Gl5?~=Rr8B8FM^2~9E;iLr{T9sFo
z@K<q0eD>GV+Ne4%+T|5%?UYsCHjw3xo}ylYl`yjA2}>T}$<dU-l#h3Ii4XA9J`Kr5
z*;&RKZe%v5$w()SGa6v)qUVsx65$hNyUQA%hC1!<)3k=q!|LRGgLy@RtChKC!rc8j
zjr8ephK~Eft0bt?$pTBs+sP>`c>*#O(jmFY!`N)s^q#a(;~m;~$leQKf|}QGyDpZ4
z7?2L~#mGu4P7BShteQsd{#N0%OBc`JSDJAj?O8Y*Ji~Fnb!mVhK`Y5;AV8Z2r#8r1
zEcezT!QANqX8dCf{Qaujv9rx!NRwgSdhUF|nDJR#s?nyHfsCHc_5l!)xn~D+y0_S*
z%4NnkLjWO(J|@a9T5?t&%gykZOepqkXWS6Kw=xTM<^2}?vbV}s9mJGOo^HuQrqlGt
zHWQ+bB>FVycHNX(7pb4&fV$=bL<P;s{M3yga$jL&SR4@dFz+)Vx?I`L#b+Tb!$kfT
zIt3SPd}te~&s;Kc3*0K$CSx(0+uB-@yfg5ZXE~lvG>gxLD9u?ESd)8FA0;~)t+NG`
zwi|Z-ywT_+=ATKAKo?HCbjKpqYYv;SKq%4LTrZOu02RO)Om0?mroF2t_(RJdB;Xok
zLnD&sy?K=*bGUnt@o>D6ldv4Mo}-;=N_MuF;8OTA6kQht8@iVI+NLD*5+i-uO@mXv
z2%MS25+}~B$c0Xc=1&9qxAsNxG|()PmACKQ9iT&mBY&O&$q89&d*G`UhO~IPFuCDM
zp0nICg3oCZ`0Pvg8X3KpnH7Td+HbXXy6itq<B^eD+qYT+l!&R*6X6yi{EM)Wv#6BZ
z#ge-!eGFfVE|{Xi!)MJQnFRNZ5qXnZ6B-RQ(kbR&IzRsIb4(f?)!%)I6Jaw$0hR{r
zOk2#fw8>2d(j>BXjPFj-po-vTqjMN|f`ig2gJLA*XGgL2pQqZ}xbSJx?$NKo{qgcX
z#+O*<P3wL}%Z+~rWi!N<<u7eDFghkXN(<|%W)n_gg=fOHD4>iwj*J=zEaMJ|()<lX
zHSXG>I$s^3d8@S;r6dE}WOO9(jJ(+a+1e<J)HCBB`<IP@Gy)r+a3v_jPIpGg0}0_V
z-~DbAo>Wu3n2afd6}A+I@me-0rbRZfGxZM<jXST3&#))yEJ98OS|wuwBW}3C?D?)3
z2A_i%$1l84Cdam>d*C?+|Aw0ziA)FvL(jutCdeK-qL-ehn`Ch)RNV*K<j~L)uPJRk
zKU*jf9hFqlC!-l2Fn&SEz_AvHcGX$nSzAx&1>Ron-6aA5DU5!FG3QyzVYe<CMNWn$
z8MD|kVY?@UR9dpknhq0rzT|0SDXHHNWwPwI+WB<Xu$pP8N++paH2Yam>?>OR9*hEN
zwWh_6JthH_);x<1N}XypT;3c@fWi?n3P6q|jLs}DZNtG)LtcQqHjKxVdv3buu1}6F
zVPcZwTw3JKUWL!F<3?I#tziH*Mq1}-$B7v%B+7g9M8Rw)UvLNZm%ERtGP>6^F}|&`
zoUvaM0LB7nzR)C07WJi^Q}`Rs$fSYb=EO^|dlJIn-Yq)~fiFnp&W512j25H#?114a
zpL3zxq$kI%X4U~eaS*rRSEiX$pgI=L1_B0sRgZBuPZlj4m^kN@wR869C66YV0W`(3
zfQv|}z#)pXF^r%xFHN_v(ftS0g_bdae+flRITTXcqA0><eyd(NMA2fjU5i>{3l|%8
z@MLAE6DEh3=4qoyjI1@)D?3l+7Fs%-7-3*S!=E{JNVdsY$hp2R&E53R)!}GqP<h`U
zbS`xkgeHqeW5~bDZD~8!svo8;3%8Ks^EAoWvd~uc91~`_Y!b*eF*dw3d{W+n8dEmr
zm{1JTgTIoD+*r_pmiHMlH&gUs21$)|#=_kcnu^SJmaK{_F=$8cSz~Hm<D{n@0jU}W
z5#Ra=M>6Fli>dUPb`4!76YCGQ5jD-N8E>h|)gO0TXzOepDxEge0j6h|OEM#MpwS@r
z*Q3sGOubgWb~vwZFzB)2e$d)a(IAAgZ)>RUw=JPV=bHQ^Vf4i!n}Q@91s1}rUV4y5
zg1HY4k(CrPO1Zbk+qnAWk)Da#g=FqSXR`QeI%T`Rs0-T`dL;b`MXqZhaXDp$Xk-xW
zJ1-kQ#f={ltsT_R1mm;t7I)IlV_@W{Gm~d3GYzt7B@D`@<uP;749*2^F-&gEZorr*
zlv%cSbrw$Z_ga&Y%*QO}o5{4Z>%BKzPou2uU!K<w&DG|%lw1>X%z|$m9V&?p8ImvK
zhdJm#Q_m3djb4knx76vNpVFj#A3at2jygsw5w%3q<O%IC60jIrerti7!;M&QGMU~E
z=TW<4p*Q10R&rmOZbjsRTewqApJ+zgGV`(d5Og>43x~2`KE{ii)<zE+n{!9JJyo4j
zwV;EmV6&SPWVOBHutUyVXzwHj`pnjT9yLjHy#u<5b|G?EG>tsVToH0hK12b#vu(&A
zKSONPyEkubU~CED#<hYh9;IEer{wrtSS%6Ca?-?c5S1{L6jpj0Tj+eBbnG1w9>*Rd
z-_{GbWs5T5Vh_@;!x6aodE?K+2pz0;dpZ`V*yGSxxtiD$;}k9hi=keMJzGrLtFSET
zXYXK5z^s{j@|z>4HbD=IJ$w(`=EIp6#UAIpz?Eb*@e^X2bV_@HEkdwYpU9?F7-8j6
zE2!UEHC(cqyyqpYpxj(oE+bAS<x@<cM}_`c?M9l%{BE-rSx2MI^eA!~ZAmG91Vwsb
zkRlJY>E`)dTlZV40S=dQ!!Sj_o7}oHT<_21@8_xIKi+$9{llrY>nRY=Ur6zh{^Px`
zeuDQ8@;}l)n*#Ct*_8hSJb#G)Q9k0IBTi{izDj|3s!aQ@|NcCQKf?bg|2PHW`R?0Z
zBGUWc|8>eL$B*&f{@zJnNKdt`{n!8gfW&tBkEU|@*)B}@qv<`KztJmyA(fA3v^T1W
z_jo?+mA{zE$MXxn8#CxN#CM~<&-KcG@x6~(Qapc9|I1W9#<wUwo~riecfZ%9DB(g%
zjmH52jbG&Y?)NTOQanHOS$oYtn(Ox8j+b`%?+<>_lH>X3|K85+u+onCy;MH>`K6n`
zWXbXT&Ox-yOU1ZH9e)_*Q^Vf*i(j^+cpgT^^z4`a67h=rKq~*8R6d^H`~l_vnDh^;
ze99N);@O|?_<lUUO1Y1;%6~t7Kc0~<RiE)U;{S#OjemT<_?q`Wp6~v5l=SC??rZUP
zybJfD{JZapq7+3u-%;iKMS6TU`gM=A_V+*aRWBdUZ~dqh&p%N<p8wD*Uwqxm$Mf6W
z=`Swinmq7NJXBY-@7sUv<>UEsphGHmAwA>q&ji%|ixH8YQT}!>J`IPJQPQ{hA8~q*
zzl-1ScD(au#P~DDEn@$bz**(L{;^M5meo&Y%4qNXyziY;{^Ote70dtWPkzXr@zXE=
zK_dEb%KQ0y*R9AmzSd3cz7@sKom2j&{_6!R|1<xS5X;_9f9n(Hl)vzwzh))=cAg5R
zN5D<QUP|Tr^Y^WhI7?Cd(WlSufAr&5&-wmafAWfz|5N*Iexh8&eCC|;7rx@<zwk;I
z0s8a*+o^oN{qOwCefz{8T!=6EGrk|sN9TP1!yo!hEAVGujGW!_QS0xVQ~s~M{J^sO
zB_e10uUnhXXAea!`xpMv%YWtXy@asg-{^eIU&tRnL44qD`#Z&#U$fV5*6$BLKYdR5
RZ+=9awJ3hS*Wli3@xQ;v0|x*A

literal 0
HcmV?d00001

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index dd934cf..669f563 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -132,6 +132,7 @@
     - start-virtiofsd.sh
     - linbo-torrenthelper.sh
     - vmimage-torrent
+    - virtiofsd
 
 - name: Deploy linbo-torrent defaults
   copy:

From 0a85b1ee01240eefd5c8928a7bb06cf53eff5106 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 15:08:03 +0200
Subject: [PATCH 362/504] Move teacher's PC to specific IP address.

---
 inventory/inventory.yml | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 08a7d6c..a6b8c46 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -8,27 +8,34 @@ proxmox:
 R319:
   hosts:
     10.190.5.[1:13]:
-R217:
-  hosts:
-    10.190.6.[1:29]:
 R202:
   hosts:
-    10.190.7.[1:21]:
+    10.190.7.[1:20]:
+    10.190.7.80:
 R216:
   hosts:
-    10.190.8.[1:29]:
+    10.190.8.[1:28]:
+    10.190.8.80:
+R217:
+  hosts:
+    10.190.6.[1:28]:
+    10.190.6.80:
 R314:
   hosts:
-    10.190.9.[1:25]:
+    10.190.9.[1:24]:
+    10.190.9.80:
 R317:
   hosts:
-    10.190.10.[1:25]:
+    10.190.10.[1:24]:
+    10.190.10.80:
 R406:
   hosts:
-    10.190.11.[1:19]:
+    10.190.11.[1:18]:
+    10.190.11.80:
 R407:
   hosts:
-    10.190.12.[1:19]:
+    10.190.12.[1:18]:
+    10.190.12.80:
 
 K200:
   hosts:

From f51bfa1e30ae402c47c7cbed406e2ab1c434fae4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 6 Sep 2023 19:30:32 +0200
Subject: [PATCH 363/504] Patch sddm login screen to show hostname.

---
 roles/lmn_fvs/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 028c951..4c2b501 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -150,3 +150,17 @@
 #      Autolock=false
 #      LockOnResume=false
 #
+
+- name: Patch sddm login screen to show hostname
+  blockinfile:
+    path: /usr/share/sddm/themes/debian-breeze/Main.qml
+    marker: // {mark} ANSIBLE MANAGED BLOCK
+    insertbefore: '\s+Battery {'
+    block: |
+      Text {
+         color: "#ffffff"
+         text: sddm.hostName
+         anchors.right: parent.right
+         anchors.rightMargin: 10
+         font.pointSize: config.fontSize
+      }

From a8f950e08516c69dca8dea5c6efb24139143376d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Sep 2023 07:55:53 +0200
Subject: [PATCH 364/504] Some package cleanup.

---
 lmn-desktop.yml              | 2 --
 roles/lmn_kde/tasks/main.yml | 5 +++--
 roles/lmn_vm/tasks/main.yml  | 1 +
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 69a9c74..d082e4c 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -51,11 +51,9 @@
       - vim
       - mc
       - tmux
-      - console-setup
       - krb5-user
       - unattended-upgrades
       - debconf-utils
-      - ctorrent
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]
 
   roles:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 74bed30..b64dd4b 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -44,10 +44,11 @@
 - name: Install extra packages from backports
   apt:
     name:
-      - libreoffice
-      - libreoffice-l10n-de
+      - filius
       - kicad
       - kicad-doc-de
+      - libreoffice
+      - libreoffice-l10n-de
     state: latest # noqa package-latest
     autoremove: true
     default_release: "{{ ansible_distribution_release }}-backports"
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 669f563..7b3a382 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -2,6 +2,7 @@
 - name: install libvirt packages
   apt:
     name:
+      - ctorrent
       - libvirt-daemon-system
       - virt-manager
     state: latest

From be70ac698476cc89a149a7750184783de8dd25a7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Sep 2023 10:59:30 +0200
Subject: [PATCH 365/504] Fix boot order if necessary.

---
 roles/lmn_fvs/files/bootorder.sh | 18 ++++++++++++++++++
 roles/lmn_fvs/tasks/main.yml     | 11 +++++++++--
 2 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100644 roles/lmn_fvs/files/bootorder.sh

diff --git a/roles/lmn_fvs/files/bootorder.sh b/roles/lmn_fvs/files/bootorder.sh
new file mode 100644
index 0000000..a0fb6cd
--- /dev/null
+++ b/roles/lmn_fvs/files/bootorder.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/bash
+#
+# fix boot order: first PXE, then Debian
+#
+set -eu
+
+cur="$(efibootmgr | grep -Ei 'BootOrder:' | \
+		     sed -E 's/^BootOrder: ([[:xdigit:]]{4}),.+$/\1/')"
+pxeip4="$(efibootmgr | grep -Ei "IP.*4" | \
+		     sed -E 's/^Boot([[:xdigit:]]{4}).+$/\1/')"
+debian="$(efibootmgr | grep -Ei "debian" | \
+		     sed -E 's/^Boot([[:xdigit:]]{4}).+$/\1/')"
+
+if [[ "$cur" != "$pxeip4" ]] && [[ -n "$pxeip4" ]] && [[ -n "$debian" ]] ; then
+    efibootmgr -o $pxeip4,$debian
+else
+    echo "Nothing to do."
+fi
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 4c2b501..1629372 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -70,11 +70,14 @@
     dest: /etc/firefox-esr/policies/
 
 
-- name: Copy pwroff script
+- name: Copy pwroff and bootorder scripts
   copy:
-    src: pwroff
+    src: "{{ item }}"
     dest: /usr/local/sbin/
     mode: 0755
+  loop:
+    - pwroff
+    - bootorder.sh
 
 - name: Provide service and timer for pwroff script
   copy:
@@ -90,6 +93,10 @@
     name: pwroff.timer
     enabled: true
 
+- name: Fix boot order
+  command: /usr/local/sbin/bootorder.sh
+  register: cmd_result
+  changed_when: cmd_result.stdout is not search('Nothing to do.')
 
 - name: Copy dolphin config scripts
   ansible.builtin.copy:

From 09ffead361768f4478ca3970e2004301143e6b4c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Sep 2023 12:05:04 +0200
Subject: [PATCH 366/504] Work around slow socket appearance. FIXME!

---
 roles/lmn_vm/files/virtiofs@.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/lmn_vm/files/virtiofs@.service b/roles/lmn_vm/files/virtiofs@.service
index c070a77..070bd0b 100644
--- a/roles/lmn_vm/files/virtiofs@.service
+++ b/roles/lmn_vm/files/virtiofs@.service
@@ -6,6 +6,7 @@ Description=share home folders via virtiofsd
 Type=exec
 ExecStartPre=/usr/bin/mkdir -p /run/virtiofs/
 ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/local/bin/virtiofsd --announce-submounts --socket-path="/run/virtiofs/$${soc}.sock" --shared-dir "/lmn/media/$${usr}"'
+ExecStartPost=/usr/bin/sleep 1
 ExecStartPost=/usr/bin/chmod 755 /run/virtiofs/
 ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofs/$${soc}.sock"'
 ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofs/$${soc}.sock"'

From 9560228f3b442ea9ddb6e27c90d5100cab90db33 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 8 Sep 2023 11:27:42 +0200
Subject: [PATCH 367/504] Fix umount when virtiofs was never used (slice does
 not exist).

---
 roles/lmn_vm/files/pam-umount.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
index 22b88d9..57093e6 100644
--- a/roles/lmn_vm/files/pam-umount.sh
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -30,9 +30,9 @@ if [[ "$mtp" =~ "/lmn/media/$usr/share" ]] ; then
     sleep 5 # leave some time to write caches …
     sudo -u ${usr} killall gvfsd | systemd-cat
     sudo -u ${usr} killall dbus-daemon | systemd-cat
-    systemctl kill system-virtiofs.slice
+    systemctl kill system-virtiofs.slice || true
     # debug to find processes blocking umount:
-    # lsof > /tmp/lsof.log
+    # lsof >> /var/log/lsof.log
 fi
 
 ## Just umount:

From 3e89571a96bb37daaa23759d5faaa82e0fe723c0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 8 Sep 2023 13:46:08 +0200
Subject: [PATCH 368/504] Throttle task which seems to hang often.

---
 inventory/inventory.yml             | 7 ++++---
 roles/up2date_debian/tasks/main.yml | 1 +
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index a6b8c46..edb8fb8 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -5,9 +5,6 @@ ungrouped:
 proxmox:
   hosts:
     10.190.5.[51:54]:
-R319:
-  hosts:
-    10.190.5.[1:13]:
 R202:
   hosts:
     10.190.7.[1:20]:
@@ -28,6 +25,10 @@ R317:
   hosts:
     10.190.10.[1:24]:
     10.190.10.80:
+R319:
+  hosts:
+    10.190.5.[1:12]:
+    10.190.5.80:
 R406:
   hosts:
     10.190.11.[1:18]:
diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index 013d8d2..57ad284 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -4,6 +4,7 @@
   apt:
     update_cache: true
     cache_valid_time: 86400
+  throttle: 3
 
 - name: upgrade packages
   apt:

From 46a45bfc0f5ac1cc151ade30e5e91fab92cd894f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 8 Sep 2023 14:00:44 +0200
Subject: [PATCH 369/504] Fix syntax in desktop-file related tasks.

---
 roles/lmn_vm/handlers/main.yml | 2 +-
 roles/lmn_vm/tasks/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/handlers/main.yml b/roles/lmn_vm/handlers/main.yml
index 37be389..53ff53c 100644
--- a/roles/lmn_vm/handlers/main.yml
+++ b/roles/lmn_vm/handlers/main.yml
@@ -12,7 +12,7 @@
   listen: "enable vmimage-torrent.service"
 
 - name: Run update-desktop-database
-  command: update-desktop-database "{ item }"
+  command: update-desktop-database "{{ item }}"
   loop:
     - /usr/local/share/applications
     - /usr/local/share/desktop-directories
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 7b3a382..20e4437 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -178,7 +178,7 @@
 
 - name: Create directory for local .desktop-Files
   ansible.builtin.file:
-    path: "{ item }"
+    path: "{{ item }}"
     state: directory
     mode: '0755'
   loop:

From 18e7bd2011fc0d3937616e36ed1a08af15a5f58b Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 8 Sep 2023 18:18:03 +0200
Subject: [PATCH 370/504] delete existing local desktop files except
 mimeinfo.cache

---
 roles/lmn_vm/files/sync-vm.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 195ab92..136f34c 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -68,7 +68,7 @@ sync_all_images() {
 sync_all_torrents() {
     rsync -ai rsync://server:/vmimages-download/*.torrent /lmn/vm/
     rsync -ai rsync://server:/vmimages-download/*.xml /lmn/vm/
-    RSYNC_COMMAND=$(rsync -ai --delete rsync://server:/vmimages-download/desktop/*.desktop /usr/local/share/applications/)
+    RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache rsync://server:/vmimages-download/desktop/ /usr/local/share/applications/ | sed '/ \.\//d')
     if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
         echo "${RSYNC_COMMAND}"
         update-desktop-database /usr/local/share/applications

From 49e092a7dfb6ec63f690bbcb2a0661ff2f38172b Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Tue, 12 Sep 2023 21:12:49 +0200
Subject: [PATCH 371/504] old projects added

---
 roles/lmn_vm/files/mounthome.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 184624d..5cb0405 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -6,6 +6,7 @@ home="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's|/srv/samba/schools/de
 exit_script() {
     echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
     findmnt "/lmn/media/${SUDO_USER}/oldhome" && umount "/lmn/media/${SUDO_USER}/oldhome" && rmdir "/lmn/media/${SUDO_USER}/oldhome"
+    findmnt "/lmn/media/${SUDO_USER}/oldprojects" && umount "/lmn/media/${SUDO_USER}/oldprojects" && rmdir "/lmn/media/${SUDO_USER}/oldprojects"
     findmnt "/lmn/media/${SUDO_USER}/linuxhome" && umount "/lmn/media/${SUDO_USER}/linuxhome" && rmdir "/lmn/media/${SUDO_USER}/linuxhome"
     trap - SIGHUP SIGINT SIGTERM # clear the trap
     kill -- -$$ # Sends SIGTERM to child/sub processes
@@ -24,6 +25,7 @@ if [[ "$#" -gt 0 ]] && [[ "$1" = '-u' ]]; then
     findmnt "/lmn/media/${SUDO_USER}/home"    && umount "/lmn/media/${SUDO_USER}/home"    && rmdir "/lmn/media/${SUDO_USER}/home"
     #findmnt "/lmn/media/${SUDO_USER}/share"   && umount "/lmn/media/${SUDO_USER}/share"   && rmdir "/lmn/media/${SUDO_USER}/share"
     findmnt "/lmn/media/${SUDO_USER}/oldhome" && umount "/lmn/media/${SUDO_USER}/oldhome" && rmdir "/lmn/media/${SUDO_USER}/oldhome"
+    findmnt "/lmn/media/${SUDO_USER}/oldprojects" && umount "/lmn/media/${SUDO_USER}/oldprojects" && rmdir "/lmn/media/${SUDO_USER}/oldprojects"
     findmnt "/lmn/media/${SUDO_USER}/linuxhome" && umount "/lmn/media/${SUDO_USER}/linuxhome" && rmdir "/lmn/media/${SUDO_USER}/linuxhome"
 elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     echo "Einbinden der Daten des alten/bisherigen Systems (PaedML Novell)."
@@ -33,11 +35,14 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     export PASSWD
     echo
     mkdir -p "/lmn/media/${SUDO_USER}/oldhome"
+    mkdir -p "/lmn/media/${SUDO_USER}/oldprojects"
     #errcode=$(mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
     #	    "//192.168.1.2/DOCS/fvs" "/lmn/media/${SUDO_USER}/oldhome")
     #if [[ ! "${errcode}" ]]; then
     mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid,nobrl,mfsymlinks" \
 	    "//192.168.1.2/DOCS/fvs" "/lmn/media/${SUDO_USER}/oldhome"
+    mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid,nobrl,mfsymlinks" \
+	    "//192.168.1.2/DATA/fvs/projekte" "/lmn/media/${SUDO_USER}/oldprojects"
     #echo "Mounting successfull!"
     echo "Einbindung erfolgreich!"
     echo "Dieses Fenster bitte nicht schließen!"

From 7098a431d168497062f16a0a19a23973faab2ba7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 13 Sep 2023 19:34:02 +0200
Subject: [PATCH 372/504] Add some packages users showed interest in.

---
 roles/lmn_fvs/tasks/main.yml | 2 ++
 roles/lmn_kde/tasks/main.yml | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 1629372..71805c4 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -19,6 +19,7 @@
   apt:
     name:
       - atftp
+      - calligraplan
       - codelite
       - codelite-plugins
       - curl
@@ -33,6 +34,7 @@
       - net-tools
       - netcat-openbsd
       - nmap
+      - planner
       - pulseview
       - sigrok
       - sigrok-cli
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index b64dd4b..32eeebd 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -5,10 +5,12 @@
       - akonadi-backend-sqlite
       - arduino
       - bluefish
+      - calligra
       - codeblocks
       - dia
       - flameshot
       - freecad
+      - fritzing
       - ghex
       - gimp
       - inkscape
@@ -16,6 +18,7 @@
       - keepassxc
       - librecad
       - mu-editor
+      - openboard
       - qtcreator
       - spyder
       - sqlite3
@@ -32,6 +35,7 @@
       - webext-ublock-origin-firefox
       - xdg-desktop-portal-kde
       - xdg-desktop-portal-wlr # share screen in browser
+      - xournalpp
     autoremove: true
     state: latest
 

From a2424a4a738f54df06f6bfbee7b024de28240415 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 13 Sep 2023 19:34:53 +0200
Subject: [PATCH 373/504] Add Daniel Werz' pubkey to machines.

---
 lmn-desktop.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d082e4c..364b7d6 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -43,6 +43,7 @@
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'

From 8aca770c40426a67dd2bcde60fcfb593e372e404 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 13 Sep 2023 19:36:20 +0200
Subject: [PATCH 374/504] Dolphin keeps outdated paths (after Versetzung).

---
 roles/lmn_kde/files/lmn-fix-dolphin.sh | 32 ++++++++++++++++++++++++++
 roles/lmn_kde/tasks/main.yml           |  5 ++++
 2 files changed, 37 insertions(+)
 create mode 100755 roles/lmn_kde/files/lmn-fix-dolphin.sh

diff --git a/roles/lmn_kde/files/lmn-fix-dolphin.sh b/roles/lmn_kde/files/lmn-fix-dolphin.sh
new file mode 100755
index 0000000..b7ec7e3
--- /dev/null
+++ b/roles/lmn_kde/files/lmn-fix-dolphin.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/bash
+#
+# Dolphin keeps old paths after modifications.
+# Run with '--do-it' to really make the change.
+#
+set -eu
+
+do="${1:-}"
+
+bmk=".local/share/user-places.xbel"
+rt="/srv/samba/schools/default-school/students"
+
+extract() {
+    local grp="$1"
+    grp="${grp##*${rt}/}"
+    grp="${grp%%/*}"
+    echo $grp
+}
+
+for f in $(find $rt/*/*/$bmk) ; do
+    cor="$(extract $f)"
+    for l in "$(grep "$rt" "$f")" ; do
+	fnd="$(extract "$l")"
+	if [[ "$cor" != "$fnd" ]] ; then
+	    echo "Check ${f##*${rt}/}: '$cor' != '$fnd'."
+	    if [[ "$do" = "--do-it" ]] ; then
+		sed -i.lmn-fix-path "s|$rt/$fnd|$rt/$cor|g" "$f"
+		break
+	    fi
+	fi
+    done
+done
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 32eeebd..6fc7ba8 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -109,6 +109,11 @@
       AllowSuspendThenHibernate=no
       AllowHybridSleep=no
 
+- name: Deploy dolphin script
+  copy:
+    src: lmn-fix-dolphin.sh
+    dest: /usr/local/bin/
+    mode: '0755'
 
 ################# general settings ##################
 - name: Enable boot splash screen

From cb2ed827154e35567cf19245acdf2821e12ae0a2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 13 Sep 2023 19:32:25 +0200
Subject: [PATCH 375/504] Switch to transient service unit. Socket-triggering
 fails for now.

---
 roles/lmn_vm/files/run-vm.sh          |  2 +-
 roles/lmn_vm/files/start-virtiofsd.sh | 34 ++++++++++++++++++++++++++-
 roles/lmn_vm/files/virtiofs@.service  | 16 -------------
 roles/lmn_vm/tasks/main.yml           |  8 +++----
 4 files changed, 38 insertions(+), 22 deletions(-)
 delete mode 100644 roles/lmn_vm/files/virtiofs@.service

diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index 45f5685..c3f649d 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -96,7 +96,7 @@ create-clone() {
     # and actually rename the vm (this also updates part of the storage path):
     sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
     # set virtiofs-Socket
-    sed -i "s:VIRTIOFSSOCKET:/run/virtiofs/${VM_NAME}-clone.sock:" "${VM_XML}"
+    sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
 }
 
 QEMU='qemu:///session'
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/start-virtiofsd.sh
index 32dfae1..9326a5f 100755
--- a/roles/lmn_vm/files/start-virtiofsd.sh
+++ b/roles/lmn_vm/files/start-virtiofsd.sh
@@ -15,4 +15,36 @@ VM_NAME="$1"
 chgrp 1010 "/lmn/media/${SUDO_USER}"
 chmod 0775 "/lmn/media/${SUDO_USER}"
 
-systemctl start virtiofs@${VM_NAME}-clone:${SUDO_USER}.service
+socket="/run/user/$(id -u $SUDO_USER)/virtiofs-${VM_NAME}.sock"
+
+#  FIXME: This does not work.  In windows, there is no virtiofs device.
+#  In GNU/Linux it's only readable.
+#
+#if ! systemctl -q is-active virtiofs-${VM_NAME}.socket ; then
+#    systemd-run --unit=virtiofs-${VM_NAME} \
+#		--slice=system-virtiofs \
+#		--collect \
+#		--socket-property=ListenStream="$socket" \
+#		--socket-property=Accept=no \
+#		--socket-property=SocketMode=0700 \
+#		--socket-property=SocketUser=${SUDO_USER} \
+#		--property=Type=exec \
+#		--property=StandardInput=socket \
+#		/usr/local/bin/virtiofsd --log-level debug --sandbox none \
+#		--syslog --fd=0 --shared-dir "/lmn/media/${SUDO_USER}"
+#else
+#    systemctl restart virtiofs-${VM_NAME}.socket
+#fi
+
+if [[ ! -S "$socket" ]] ; then
+    systemd-run --unit=virtiofs-${VM_NAME} \
+		--slice=system-virtiofs \
+		--collect \
+		--property=Type=exec \
+		--property=SuccessExitStatus=1 \
+		--property="ExecStopPost=rm $socket" \
+		/usr/local/bin/virtiofsd --socket-path "$socket" \
+		--shared-dir "/lmn/media/${SUDO_USER}"
+fi
+sleep 1
+chown "${SUDO_USER}" "$socket"
diff --git a/roles/lmn_vm/files/virtiofs@.service b/roles/lmn_vm/files/virtiofs@.service
deleted file mode 100644
index 070bd0b..0000000
--- a/roles/lmn_vm/files/virtiofs@.service
+++ /dev/null
@@ -1,16 +0,0 @@
-[Unit]
-Description=share home folders via virtiofsd
-## $I is split into two parameters: VM:USER
-
-[Service]
-Type=exec
-ExecStartPre=/usr/bin/mkdir -p /run/virtiofs/
-ExecStart=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; exec /usr/local/bin/virtiofsd --announce-submounts --socket-path="/run/virtiofs/$${soc}.sock" --shared-dir "/lmn/media/$${usr}"'
-ExecStartPost=/usr/bin/sleep 1
-ExecStartPost=/usr/bin/chmod 755 /run/virtiofs/
-ExecStartPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; usr="$${v##*:}"; chown "$$usr" "/run/virtiofs/$${soc}.sock"'
-ExecStopPost=/usr/bin/sh -c 'v="%i"; soc="$${v%%:*}"; rm "/run/virtiofs/$${soc}.sock"'
-SuccessExitStatus=1
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 20e4437..7d92502 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -152,10 +152,10 @@
     mode: '0644'
   notify: "enable vmimage-torrent.service"
 
-- name: Deploy virtiofs service
-  copy:
-    src: virtiofs@.service
-    dest: /etc/systemd/system/
+- name: Remove virtiofs service
+  file:
+    path: /etc/systemd/system/virtiofs@.service
+    state: absent
 
 - name: Deploy bridge.conf needed for qemu session mode
   lineinfile:

From 1b990b8cdb2603c3c7aa560d2f96dab9de05fae0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 14 Sep 2023 18:58:55 +0200
Subject: [PATCH 376/504] Fix entering secret manually.  Fix missing Dolphin
 bookmarks.

---
 inventory/inventory.yml                  | 1 +
 lmn-desktop.yml                          | 3 +--
 roles/lmn_fvs/files/lmn-patch-dolphin.sh | 2 ++
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index edb8fb8..7d94e57 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -70,6 +70,7 @@ L200:
 #    10.190.51.[1:10]:
 L300:
   hosts:
+    10.190.52.61:
 #    10.190.52.[1:10]:
 L400:
   hosts:
diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 364b7d6..6237d17 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -6,8 +6,7 @@
   become: yes
   pre_tasks:
     - pause:
-        prompt: "Enter global-admin active directory password, leave empty to skip domain join"
-        minutes: 5
+        prompt: "Enter global-admin AD password. Leave empty to skip domain join"
         echo: false
       register: adpw
       no_log: true
diff --git a/roles/lmn_fvs/files/lmn-patch-dolphin.sh b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
index 301899d..e89daf5 100755
--- a/roles/lmn_fvs/files/lmn-patch-dolphin.sh
+++ b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
@@ -6,6 +6,8 @@ set -eu
 
 file="${1:-$HOME/.local/share/user-places.xbel}"
 
+[[ -e "$file" ]] || exit 0
+
 if grep -q "Tausch\|Nextcloud" "$file" ; then
    echo "Your Dolphin seems to already contain 'Tausch' and/or 'Nextcloud'."
    exit 0

From adb31d1e8680cb3c3ce63ea56198fdf5703eabdb Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 15 Sep 2023 21:20:51 +0200
Subject: [PATCH 377/504] Restric SSH, more security.

---
 roles/kerberize/handlers/main.yml    |  1 -
 roles/lmn_security/handlers/main.yml |  4 ++++
 roles/lmn_security/tasks/main.yml    | 11 ++++++++++-
 3 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 roles/lmn_security/handlers/main.yml

diff --git a/roles/kerberize/handlers/main.yml b/roles/kerberize/handlers/main.yml
index d0a508b..3ac7e3e 100644
--- a/roles/kerberize/handlers/main.yml
+++ b/roles/kerberize/handlers/main.yml
@@ -2,5 +2,4 @@
   systemd:
     name: sshd
     state: reloaded
-  notify: "reload sshd"
   when: not run_in_installer|default(false)|bool
diff --git a/roles/lmn_security/handlers/main.yml b/roles/lmn_security/handlers/main.yml
new file mode 100644
index 0000000..d9d12b9
--- /dev/null
+++ b/roles/lmn_security/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Reload sshd
+  systemd:
+    name: sshd
+    state: reloaded
diff --git a/roles/lmn_security/tasks/main.yml b/roles/lmn_security/tasks/main.yml
index 7ddb591..3ce31d5 100644
--- a/roles/lmn_security/tasks/main.yml
+++ b/roles/lmn_security/tasks/main.yml
@@ -5,7 +5,7 @@
     key: "{{ item }}"
   loop: "{{ keys2deploy }}"
 
-- name: Allow sudo access without password
+- name: Allow sudo without password for ansible
   ansible.builtin.lineinfile:
     path: /etc/sudoers.d/95-lmn-ansible
     line: 'ansible ALL=(root) NOPASSWD: ALL'
@@ -18,3 +18,12 @@
   ansible.builtin.user:
     name: ansible
     password_lock: True
+
+- name: Limit SSH access to user ansible
+  ansible.builtin.blockinfile:
+    dest: /etc/ssh/sshd_config.d/local.conf
+    create: true
+    block: |
+      PasswordAuthentication no
+      AllowUsers ansible
+  notify: Reload sshd

From 2e0ffda2736f7c837ff22480e6445acaccc4bf52 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 16 Sep 2023 11:29:08 +0200
Subject: [PATCH 378/504] Improve slice and delay handling.

---
 roles/lmn_vm/files/pam-umount.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
index 57093e6..38e41df 100644
--- a/roles/lmn_vm/files/pam-umount.sh
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -7,6 +7,8 @@ set -eu
 usr="$1"
 uid="$2"
 mtp="$3"
+slce="system-virtiofs.slice"
+slp=false
 
 shutdownVMs(){
     local VM
@@ -19,6 +21,7 @@ shutdownVMs(){
 	     XDG_CONFIG_HOME="/tmp/$uid/.config/" \
 	     XDG_CACHE_HOME="/var/cache/user/$uid/" \
 	     virsh destroy "$VM" 2>&1 | systemd-cat || true
+	slp=true
     done
 }
 
@@ -27,10 +30,10 @@ shutdownVMs(){
 ## This is the first mount we need to get rid of:
 if [[ "$mtp" =~ "/lmn/media/$usr/share" ]] ; then
     shutdownVMs
-    sleep 5 # leave some time to write caches …
+    [[ "$slp" = true ]] && sleep 5 # leave some time to write caches …
     sudo -u ${usr} killall gvfsd | systemd-cat
     sudo -u ${usr} killall dbus-daemon | systemd-cat
-    systemctl kill system-virtiofs.slice || true
+    systemctl -q is-active "$slce" && systemctl kill "$slce"
     # debug to find processes blocking umount:
     # lsof >> /var/log/lsof.log
 fi

From b62498da3aa1369243402c3343c8a791d9e5f138 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 19 Sep 2023 19:03:38 +0200
Subject: [PATCH 379/504] Minor fixes and improvements.

---
 roles/lmn_fvs/files/fvs-config.js    | 1 +
 roles/lmn_fvs/files/policies.json    | 6 +++++-
 roles/lmn_fvs/files/pwroff           | 2 +-
 roles/lmn_fvs/tasks/main.yml         | 3 ++-
 roles/lmn_security/handlers/main.yml | 1 +
 5 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_fvs/files/fvs-config.js b/roles/lmn_fvs/files/fvs-config.js
index 71c65ab..c51c702 100644
--- a/roles/lmn_fvs/files/fvs-config.js
+++ b/roles/lmn_fvs/files/fvs-config.js
@@ -82,6 +82,7 @@ widgetSetProperty({
     configGroup: "General",
     configKey: "systemFavorites",
     configValue: ["reboot", "shutdown", "logout"],
+    //configValue: ["logout"],
 });
 
 
diff --git a/roles/lmn_fvs/files/policies.json b/roles/lmn_fvs/files/policies.json
index 1afb738..7f42e96 100644
--- a/roles/lmn_fvs/files/policies.json
+++ b/roles/lmn_fvs/files/policies.json
@@ -14,9 +14,13 @@
             {
                 "toplevel_name": "FvS-Reutlingen"
             },
+            {
+                "url": "https://www.steinbeisschule-reutlingen.de",
+                "name": "FvS-Homepage"
+            },
             {
                 "url": "https://server.pn.steinbeis.schule",
-                "name": "Passwort ändern"
+                "name": "Schulkonsole/Passwort ändern"
             },
             {
                 "url": "https://dw.steinbeis.schule",
diff --git a/roles/lmn_fvs/files/pwroff b/roles/lmn_fvs/files/pwroff
index f95d5b7..108aefe 100755
--- a/roles/lmn_fvs/files/pwroff
+++ b/roles/lmn_fvs/files/pwroff
@@ -6,7 +6,7 @@ set -eu
 
 action="systemctl poweroff"
 uptime=$(cat /proc/uptime | cut -f1 -d.)
-maxidle=3600
+maxidle=3600  ## seconds
 
 u=($(loginctl list-users --no-legend  | sort -hr | head -1))
 una=${u[1]:-''}
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 71805c4..bbad282 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -41,6 +41,7 @@
       - tmux
       - tree
       - ttf-mscorefonts-installer
+      - unison-gtk
       - wireshark
     autoremove: true
     state: latest
@@ -140,7 +141,7 @@
     dest: /etc/xdg/powermanagementprofilesrc
     content: |
       [AC][SuspendSession][$i]
-      idleTime=36000000
+      idleTime=7200000
       suspendType=8
 
 - name: Start with empty session by default
diff --git a/roles/lmn_security/handlers/main.yml b/roles/lmn_security/handlers/main.yml
index d9d12b9..4a3b124 100644
--- a/roles/lmn_security/handlers/main.yml
+++ b/roles/lmn_security/handlers/main.yml
@@ -2,3 +2,4 @@
   systemd:
     name: sshd
     state: reloaded
+  when: not run_in_installer|default(false)|bool

From 27985c08b36d3599e329662d71f9bcdbe8c53723 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sat, 23 Sep 2023 08:04:56 +0200
Subject: [PATCH 380/504] do not abort, if torrent is not running

---
 roles/lmn_vm/files/upload-vm.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/upload-vm.sh b/roles/lmn_vm/files/upload-vm.sh
index d028305..5b66b14 100755
--- a/roles/lmn_vm/files/upload-vm.sh
+++ b/roles/lmn_vm/files/upload-vm.sh
@@ -22,7 +22,7 @@ upload_image() {
         echo "File not found ${VM_NAME}.xml" >&2
         exit 1
     fi
-    sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2"
+    sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2" || echo "VMImage-torrent not running"
     # link private VM-Diskimage to system-Dir
     if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
           &&   ( -f "/lmn/vm/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/lmn/vm/${VM_NAME}.qcow2") \

From d234a1349594b62374425490fea6844fb0344cc3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 26 Sep 2023 17:09:27 +0200
Subject: [PATCH 381/504] More packages for programming classes.

---
 roles/lmn_fvs/tasks/main.yml     | 5 +++++
 roles/lmn_mount/tasks/main.yml   | 1 +
 roles/lmn_printer/tasks/main.yml | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index bbad282..612b9fa 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -20,6 +20,7 @@
     name:
       - atftp
       - calligraplan
+      - cmake  ## for kdevelop
       - codelite
       - codelite-plugins
       - curl
@@ -29,6 +30,10 @@
       - git
       - gitg
       - gitk
+      - jupyter
+      - kdevelop
+      - kdevelop-php
+      - kdevelop-python
       - libnotify-bin ## needed for pwroff script
       - neovim
       - net-tools
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 969f188..f8eaa50 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -63,6 +63,7 @@
       DIR="/var/cache/user/${UID}/"
       [[ -d "$DIR" ]] || mkdir -m 0700 "$DIR"
       echo XDG_CACHE_HOME="$DIR"
+      echo JUPYTER_ALLOW_INSECURE_WRITES=1
     mode: "0755"
 
 
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index e6ce966..65912d5 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -87,7 +87,7 @@
     owner: root
     group: root
 
-- name: Provide service and timer for remove all printers on boot
+- name: Provide service and timer to remove all printers on boot
   copy:
     src: "{{ item }}"
     dest: "/etc/systemd/system/{{ item }}"

From 8463702482d275c212fa874472b1ad6ca2e12be5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 26 Sep 2023 17:10:48 +0200
Subject: [PATCH 382/504] No shutdown in longer breaks.

---
 roles/lmn_fvs/files/pwroff.timer | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_fvs/files/pwroff.timer b/roles/lmn_fvs/files/pwroff.timer
index 299bc4b..c9896bc 100644
--- a/roles/lmn_fvs/files/pwroff.timer
+++ b/roles/lmn_fvs/files/pwroff.timer
@@ -1,9 +1,9 @@
 [Unit]
-Description=Run pwroff script every 10 min after 60 min uptime
+Description=Run pwroff script every 30 min after 60 min uptime
 
 [Timer]
 OnBootSec=60min
-OnUnitActiveSec=10min
+OnUnitActiveSec=30min
 
 [Install]
 WantedBy=timers.target

From d907261f9b13be39faf070ec6b04db5ecb66aeaf Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 26 Sep 2023 17:11:44 +0200
Subject: [PATCH 383/504] Start with laptop playbook.

---
 lmn-laptop.yml | 114 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 114 insertions(+)
 create mode 100644 lmn-laptop.yml

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
new file mode 100644
index 0000000..442ca51
--- /dev/null
+++ b/lmn-laptop.yml
@@ -0,0 +1,114 @@
+## This playbook deploys a KDE desktop machine for LinuxMuster.
+---
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    domain: "{{ ansible_domain }}"
+    kerberize_uris: steinbeis.schule
+    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
+    ntp_serv: server.pn.steinbeis.schule
+    proxy: http://firewall.pn.steinbeis.schule:3128
+    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
+
+    ## PAM mount nextcloud, remove or leave empty to skip:
+    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
+
+    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
+    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
+
+    rsyncsecret: Muster!
+    keys2deploy:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
+
+    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
+    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
+    nfs4: false
+    extra_pkgs:
+      - vim
+      - mc
+      - tmux
+      - krb5-user
+      - unattended-upgrades
+      - debconf-utils
+    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
+
+  roles:
+    - lmn_network
+    - up2date_debian
+    - lmn_sssd
+    - lmn_kde
+    - lmn_fvs ## school specific customization
+    - lmn_vm
+    - lmn_printer
+    - kerberize
+    - lmn_security
+
+  tasks:
+    - name: Add local user 'virti' in the 'libvirt' group
+      ansible.builtin.user:
+        name: virti
+        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
+        comment: Libvirt VM User,,,
+        shell: /bin/bash
+        groups: libvirt
+        append: yes
+      when: false
+
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session  optional        pam_mkhomedir.so  umask=0022"
+        insertbefore: "# end of pam-auth-update config"
+
+    - name: Fix 8086:4909 external graphics card
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX=""$'
+        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+
+    - name: Fix sound on 312A
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
+        replace: 'GRUB_CMDLINE_LINUX=""'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
+
+    - name: Fix sound on 312A and 312D
+      apt:
+        name: firmware-sof-signed
+        state: latest
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        (ansible_board_name == "312D" or ansible_board_name == "312A")
+
+## bullseye fixes:
+    - name: add bookworm firmware repository if needed
+      apt_repository:
+        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
+        state: present
+        update_cache: true
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"
+
+    - name: upgrade non-free-firmware packages
+      apt:
+        upgrade: true
+        autoremove: true
+        autoclean: true
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"

From d34bc5f15c5929de2bc2f799e79d301cf7278b6f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 27 Sep 2023 08:21:04 +0200
Subject: [PATCH 384/504] School's laptops like desktops. Add teachers (laptop)
 role.

---
 lmn-laptop.yml   |  23 +++++++---
 lmn-teachers.yml | 115 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 132 insertions(+), 6 deletions(-)
 create mode 100644 lmn-teachers.yml

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index 442ca51..6237d17 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -4,6 +4,22 @@
   hosts: all
   remote_user: ansible
   become: yes
+  pre_tasks:
+    - pause:
+        prompt: "Enter global-admin AD password. Leave empty to skip domain join"
+        echo: false
+      register: adpw
+      no_log: true
+      when: "ansible_cmdline.adpw is not defined"
+    - name: preseed apparmor
+      debconf:
+        name: apparmor
+        question: apparmor/homedirs
+        value: >-
+          /srv/samba/schools/default-school/teachers/
+          /srv/samba/schools/default-school/students/*/
+        vtype: string
+
   vars:
     domain: "{{ ansible_domain }}"
     kerberize_uris: steinbeis.schule
@@ -44,6 +60,7 @@
     - lmn_network
     - up2date_debian
     - lmn_sssd
+    - lmn_mount
     - lmn_kde
     - lmn_fvs ## school specific customization
     - lmn_vm
@@ -62,12 +79,6 @@
         append: yes
       when: false
 
-    - name: enable pam_mkhomedir.so
-      lineinfile:
-        dest: /etc/pam.d/common-session
-        line: "session  optional        pam_mkhomedir.so  umask=0022"
-        insertbefore: "# end of pam-auth-update config"
-
     - name: Fix 8086:4909 external graphics card
       replace:
         dest: "/etc/default/grub"
diff --git a/lmn-teachers.yml b/lmn-teachers.yml
new file mode 100644
index 0000000..b2b5587
--- /dev/null
+++ b/lmn-teachers.yml
@@ -0,0 +1,115 @@
+## This playbook deploys a KDE desktop machine for LinuxMuster.
+---
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    domain: "{{ ansible_domain }}"
+    kerberize_uris: steinbeis.schule
+    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
+    ntp_serv: server.pn.steinbeis.schule
+    proxy: http://firewall.pn.steinbeis.schule:3128
+    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
+
+    ## PAM mount nextcloud, remove or leave empty to skip:
+    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
+
+    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
+    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
+
+    rsyncsecret: Muster!
+    keys2deploy:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
+
+    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
+    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
+    nfs4: false
+    extra_pkgs:
+      - vim
+      - mc
+      - tmux
+      - krb5-user
+      - unattended-upgrades
+      - debconf-utils
+    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
+
+  roles:
+    - lmn_network
+    - up2date_debian
+    - lmn_sssd
+    - lmn_kde
+    - lmn_mount
+    - lmn_fvs ## school specific customization
+    - lmn_vm
+    - lmn_printer
+    - kerberize
+    - lmn_security
+
+  tasks:
+    - name: Add local user 'virti' in the 'libvirt' group
+      ansible.builtin.user:
+        name: virti
+        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
+        comment: Libvirt VM User,,,
+        shell: /bin/bash
+        groups: libvirt
+        append: yes
+      when: false
+
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session  optional        pam_mkhomedir.so  umask=0022"
+        insertbefore: "# end of pam-auth-update config"
+
+    - name: Fix 8086:4909 external graphics card
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX=""$'
+        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+
+    - name: Fix sound on 312A
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
+        replace: 'GRUB_CMDLINE_LINUX=""'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
+
+    - name: Fix sound on 312A and 312D
+      apt:
+        name: firmware-sof-signed
+        state: latest
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        (ansible_board_name == "312D" or ansible_board_name == "312A")
+
+## bullseye fixes:
+    - name: add bookworm firmware repository if needed
+      apt_repository:
+        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
+        state: present
+        update_cache: true
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"
+
+    - name: upgrade non-free-firmware packages
+      apt:
+        upgrade: true
+        autoremove: true
+        autoclean: true
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        ansible_board_name == "32CB" and
+        ansible_distribution_release == "bullseye"

From fd4c55ffea731899f5ac69b183ac4fbf633f677f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 27 Sep 2023 15:02:57 +0200
Subject: [PATCH 385/504] kdevelop hangs, unusual path ownership, permissions.

---
 roles/lmn_mount/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index f8eaa50..1c8d91a 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -39,6 +39,11 @@
       </volume>
     insertafter: "<!-- Volume definitions -->"
 
+- name: Prepare mount point for homes
+  ansible.builtin.file:
+    path: /srv/samba/schools/default-school/
+    state: directory
+    mode: '0755'
 
 - name: Prepare persistent user cache base directory
   ansible.builtin.file:

From 668eca65858982086c44a8c986bfcd1d639df456 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 27 Sep 2023 15:31:35 +0200
Subject: [PATCH 386/504] Implement WLAN access.

---
 lmn-laptop.yml                                | 60 +------------------
 roles/lmn_wlan/tasks/main.yml                 | 23 +++++++
 .../templates/FVS-devices.nmconnection.j2     | 21 +++++++
 3 files changed, 47 insertions(+), 57 deletions(-)
 create mode 100644 roles/lmn_wlan/tasks/main.yml
 create mode 100644 roles/lmn_wlan/templates/FVS-devices.nmconnection.j2

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index 6237d17..fc2d0ab 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a KDE desktop machine for LinuxMuster.
+## This playbook deploys a KDE laptop machine for LinuxMuster.
 ---
 - name: apply configuration to the machines
   hosts: all
@@ -35,6 +35,7 @@
     mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
 
     rsyncsecret: Muster!
+    wifipasswd: FjgmGBaKEenr25ZF
     keys2deploy:
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
@@ -66,60 +67,5 @@
     - lmn_vm
     - lmn_printer
     - kerberize
+    - lmn_wlan
     - lmn_security
-
-  tasks:
-    - name: Add local user 'virti' in the 'libvirt' group
-      ansible.builtin.user:
-        name: virti
-        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
-        comment: Libvirt VM User,,,
-        shell: /bin/bash
-        groups: libvirt
-        append: yes
-      when: false
-
-    - name: Fix 8086:4909 external graphics card
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX=""$'
-        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
-
-    - name: Fix sound on 312A
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
-        replace: 'GRUB_CMDLINE_LINUX=""'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
-
-    - name: Fix sound on 312A and 312D
-      apt:
-        name: firmware-sof-signed
-        state: latest
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        (ansible_board_name == "312D" or ansible_board_name == "312A")
-
-## bullseye fixes:
-    - name: add bookworm firmware repository if needed
-      apt_repository:
-        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
-        state: present
-        update_cache: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
-
-    - name: upgrade non-free-firmware packages
-      apt:
-        upgrade: true
-        autoremove: true
-        autoclean: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan/tasks/main.yml
new file mode 100644
index 0000000..9dc2ee3
--- /dev/null
+++ b/roles/lmn_wlan/tasks/main.yml
@@ -0,0 +1,23 @@
+## Make sure to use an initrd providing firmware:
+##   wget https://cdimage.debian.org/cdimage/firmware/testing/current/firmware.cpio.gz
+##   cat initrd.gz firmware.cpio.gz > initrd-fw.gz
+---
+- name: Configure WLAN for devices
+  community.general.nmcli:
+    conn_name: FVS-devices
+    type: wifi
+    ssid: FVS-devices
+    ifname: "{{ ansible_interfaces | select('search', 'wl.+') | first }}"
+    wifi_sec:
+      key-mgmt: wpa-psk
+      psk: "{{ wifipasswd }}"
+    autoconnect: true
+    state: present
+  when: not run_in_installer|default(false)|bool
+
+- name: Provide WLAN config during installation
+  template:
+    src: FVS-devices.nmconnection.j2
+    dest: /etc/NetworkManager/system-connections/FVS-devices.nmconnection
+    mode: '0600'
+  when: run_in_installer|default(false)|bool
diff --git a/roles/lmn_wlan/templates/FVS-devices.nmconnection.j2 b/roles/lmn_wlan/templates/FVS-devices.nmconnection.j2
new file mode 100644
index 0000000..d99a2c3
--- /dev/null
+++ b/roles/lmn_wlan/templates/FVS-devices.nmconnection.j2
@@ -0,0 +1,21 @@
+[connection]
+id=FVS-devices
+type=wifi
+interface-name={{ ansible_interfaces | select('search', 'wl.+') | first }}
+
+[wifi]
+mode=infrastructure
+ssid=FVS-devices
+
+[wifi-security]
+key-mgmt=wpa-psk
+psk={{ wifipasswd }}
+
+[ipv4]
+method=auto
+
+[ipv6]
+addr-gen-mode=default
+method=auto
+
+[proxy]

From bfae6ff010042c4bb8a3ce81a0fdd2576dae6a7c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 27 Sep 2023 20:31:20 +0200
Subject: [PATCH 387/504] Separate clean-up-stuff from other tasks.

---
 lmn-desktop.yml             | 20 ++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml |  5 -----
 2 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 6237d17..565a49f 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -79,6 +79,7 @@
         append: yes
       when: false
 
+## Temporary fixes and quirks:
     - name: Fix 8086:4909 external graphics card
       replace:
         dest: "/etc/default/grub"
@@ -103,6 +104,25 @@
         ansible_board_vendor == "LENOVO" and
         (ansible_board_name == "312D" or ansible_board_name == "312A")
 
+## Clean up stuff from obsolete/faulty tasks:
+    - name: Remove virtiofs service
+      file:
+        path: /etc/systemd/system/virtiofs@.service
+        state: absent
+
+    - name: Fix mount point permissions and owner
+      file:
+        path: "{{ item }}"
+        mode: '0755'
+        owner: root
+        group: root
+      loop:
+        - /srv/samba
+        - /srv/samba/schools
+        - /srv/samba/schools/default-school
+
+
+
 ## bullseye fixes:
     - name: add bookworm firmware repository if needed
       apt_repository:
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 7d92502..c5821e4 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -152,11 +152,6 @@
     mode: '0644'
   notify: "enable vmimage-torrent.service"
 
-- name: Remove virtiofs service
-  file:
-    path: /etc/systemd/system/virtiofs@.service
-    state: absent
-
 - name: Deploy bridge.conf needed for qemu session mode
   lineinfile:
     path: /etc/qemu/bridge.conf

From 4ba4836b7d927cfd515cc397c612a2d1c5cd6e37 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 27 Sep 2023 20:33:14 +0200
Subject: [PATCH 388/504] Clean up new playbooks; mind mapping software.

---
 lmn-teachers.yml => lmn-teacher.yml | 61 +----------------------------
 roles/lmn_fvs/tasks/main.yml        |  2 +
 2 files changed, 4 insertions(+), 59 deletions(-)
 rename lmn-teachers.yml => lmn-teacher.yml (56%)

diff --git a/lmn-teachers.yml b/lmn-teacher.yml
similarity index 56%
rename from lmn-teachers.yml
rename to lmn-teacher.yml
index b2b5587..0519f48 100644
--- a/lmn-teachers.yml
+++ b/lmn-teacher.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a KDE desktop machine for LinuxMuster.
+## This playbook deploys a KDE teacher's laptop machine for LinuxMuster.
 ---
 - name: apply configuration to the machines
   hosts: all
@@ -45,71 +45,14 @@
     - up2date_debian
     - lmn_sssd
     - lmn_kde
-    - lmn_mount
     - lmn_fvs ## school specific customization
     - lmn_vm
-    - lmn_printer
     - kerberize
-    - lmn_security
+#    - lmn_security
 
   tasks:
-    - name: Add local user 'virti' in the 'libvirt' group
-      ansible.builtin.user:
-        name: virti
-        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
-        comment: Libvirt VM User,,,
-        shell: /bin/bash
-        groups: libvirt
-        append: yes
-      when: false
-
     - name: enable pam_mkhomedir.so
       lineinfile:
         dest: /etc/pam.d/common-session
         line: "session  optional        pam_mkhomedir.so  umask=0022"
         insertbefore: "# end of pam-auth-update config"
-
-    - name: Fix 8086:4909 external graphics card
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX=""$'
-        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
-
-    - name: Fix sound on 312A
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
-        replace: 'GRUB_CMDLINE_LINUX=""'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
-
-    - name: Fix sound on 312A and 312D
-      apt:
-        name: firmware-sof-signed
-        state: latest
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        (ansible_board_name == "312D" or ansible_board_name == "312A")
-
-## bullseye fixes:
-    - name: add bookworm firmware repository if needed
-      apt_repository:
-        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
-        state: present
-        update_cache: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
-
-    - name: upgrade non-free-firmware packages
-      apt:
-        upgrade: true
-        autoremove: true
-        autoclean: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 612b9fa..f4292c8 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -27,6 +27,7 @@
       - elpa-color-theme-modern
       - elpa-magit
       - emacs
+      - freeplane
       - git
       - gitg
       - gitk
@@ -35,6 +36,7 @@
       - kdevelop-php
       - kdevelop-python
       - libnotify-bin ## needed for pwroff script
+      - minder
       - neovim
       - net-tools
       - netcat-openbsd

From 636fdc19115cf9d8ef848a640f186a518549d6ce Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 28 Sep 2023 12:40:46 +0200
Subject: [PATCH 389/504] Skip VMs for now.

---
 lmn-teacher.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lmn-teacher.yml b/lmn-teacher.yml
index 0519f48..de9ec93 100644
--- a/lmn-teacher.yml
+++ b/lmn-teacher.yml
@@ -46,7 +46,7 @@
     - lmn_sssd
     - lmn_kde
     - lmn_fvs ## school specific customization
-    - lmn_vm
+#    - lmn_vm
     - kerberize
 #    - lmn_security
 

From 53349e3ece0c634d905a5c98e67ec5f74a26a6b9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 4 Oct 2023 13:42:01 +0200
Subject: [PATCH 390/504] Fix unattended-upgrades.

---
 lmn-desktop.yml | 17 ++++++++++++++---
 lmn-laptop.yml  | 14 ++++++++++++++
 lmn-teacher.yml | 14 ++++++++++++++
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 565a49f..0465cc8 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -11,7 +11,7 @@
       register: adpw
       no_log: true
       when: "ansible_cmdline.adpw is not defined"
-    - name: preseed apparmor
+    - name: Preseed apparmor
       debconf:
         name: apparmor
         question: apparmor/homedirs
@@ -19,6 +19,12 @@
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
         vtype: string
+    - name: Preseed unattended-upgrades
+      debconf:
+        name: unattended-upgrades
+        question: unattended-upgrades/enable_auto_updates
+        value: True
+        vtype: boolean
 
   vars:
     domain: "{{ ansible_domain }}"
@@ -121,10 +127,15 @@
         - /srv/samba/schools
         - /srv/samba/schools/default-school
 
-
+    - name: Fix unattended-upgrades
+      ansible.builtin.copy:
+        dest: /etc/apt/apt.conf.d/20auto-upgrades
+        content: |
+          APT::Periodic::Update-Package-Lists "1";
+          APT::Periodic::Unattended-Upgrade "1";
 
 ## bullseye fixes:
-    - name: add bookworm firmware repository if needed
+    - name: Add bookworm firmware repository if needed
       apt_repository:
         repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
         state: present
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index fc2d0ab..0974cab 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -19,6 +19,12 @@
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
         vtype: string
+    - name: Preseed unattended-upgrades
+      debconf:
+        name: unattended-upgrades
+        question: unattended-upgrades/enable_auto_updates
+        value: True
+        vtype: boolean
 
   vars:
     domain: "{{ ansible_domain }}"
@@ -69,3 +75,11 @@
     - kerberize
     - lmn_wlan
     - lmn_security
+
+  tasks:
+    - name: Fix unattended-upgrades
+      ansible.builtin.copy:
+        dest: /etc/apt/apt.conf.d/20auto-upgrades
+        content: |
+          APT::Periodic::Update-Package-Lists "1";
+          APT::Periodic::Unattended-Upgrade "1";
diff --git a/lmn-teacher.yml b/lmn-teacher.yml
index de9ec93..0a5cc4d 100644
--- a/lmn-teacher.yml
+++ b/lmn-teacher.yml
@@ -4,6 +4,14 @@
   hosts: all
   remote_user: ansible
   become: yes
+  pre_tasks:
+    - name: Preseed unattended-upgrades
+      debconf:
+        name: unattended-upgrades
+        question: unattended-upgrades/enable_auto_updates
+        value: True
+        vtype: boolean
+
   vars:
     domain: "{{ ansible_domain }}"
     kerberize_uris: steinbeis.schule
@@ -56,3 +64,9 @@
         dest: /etc/pam.d/common-session
         line: "session  optional        pam_mkhomedir.so  umask=0022"
         insertbefore: "# end of pam-auth-update config"
+    - name: Fix unattended-upgrades
+      ansible.builtin.copy:
+        dest: /etc/apt/apt.conf.d/20auto-upgrades
+        content: |
+          APT::Periodic::Update-Package-Lists "1";
+          APT::Periodic::Unattended-Upgrade "1";

From 022e8ff19b30708626575a507c08abc3e9f55aaf Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 7 Oct 2023 09:34:23 +0200
Subject: [PATCH 391/504] No PXE boot by default; update inventory.

---
 inventory/inventory.yml      | 38 ++++++++++++++++++++++++++++++++++++
 roles/lmn_fvs/tasks/main.yml |  3 ++-
 2 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 7d94e57..1ec28a2 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -37,6 +37,22 @@ R407:
   hosts:
     10.190.12.[1:18]:
     10.190.12.80:
+C051:
+  hosts:
+    10.190.22.[1:32]:
+    10.190.22.[80:81]:
+C055:
+  hosts:
+    10.190.24.[1:32]:
+    10.190.24.80:
+C061:
+  hosts:
+    10.190.21.[1:12]:
+    10.190.21.80:
+C062:
+  hosts:
+    10.190.20.[1:16]:
+    10.190.20.80:
 
 K200:
   hosts:
@@ -64,6 +80,14 @@ K400:
     10.190.97.131:
     10.190.97.141:
     10.190.97.151:
+CK001:
+  hosts:
+    10.190.90.[152:159]:
+DK21:
+  hosts:
+    10.190.87.11:
+    10.190.87.21:
+    10.190.87.31:
 
 L200:
   hosts:
@@ -71,10 +95,15 @@ L200:
 L300:
   hosts:
     10.190.52.61:
+    10.190.52.[91:92]:
 #    10.190.52.[1:10]:
 L400:
   hosts:
 #    10.190.53.[1:10]:
+CL000:
+  hosts:
+    10.190.89.59:
+    10.190.89.60:
 
 PCroom:
   children:
@@ -86,13 +115,22 @@ PCroom:
     R319:
     R406:
     R407:
+    C052: # Laptops
+    C055: # Laptops
+    C061:
+    C062:
+  vars:
+    boot_pxe: True
 Kroom:
   children:
     K200:
     K300:
     K400:
+    CK001:
+    DK21:
 Lroom:
   children:
     L200:
     L300:
     L400:
+    CL000:
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index f4292c8..3289da7 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -103,10 +103,11 @@
     name: pwroff.timer
     enabled: true
 
-- name: Fix boot order
+- name: PXE first boot order
   command: /usr/local/sbin/bootorder.sh
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
+  when: boot_pxe | default(False)
 
 - name: Copy dolphin config scripts
   ansible.builtin.copy:

From 3768d0e77b6c8b2a9f3a130326acf6bd1349bb63 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sat, 7 Oct 2023 12:00:42 +0200
Subject: [PATCH 392/504] remove old qcows if filesize on server has changed

---
 roles/lmn_vm/files/sync-vm.sh   | 17 +++++++++++++++++
 roles/lmn_vm/files/upload-vm.sh |  5 +++++
 2 files changed, 22 insertions(+)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 136f34c..c5a219e 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -65,8 +65,25 @@ sync_all_images() {
 	  /lmn/vm/
 }
 
+delete_old_qcows() {
+    cd /lmn/vm
+    for qcow2 in *.qcow2; do
+	qcowsize=$(stat -c%s "${qcow2}")
+	if [[ -f "${qcow2}.size" ]] && [[ "${qcowsize}" != $(<"${qcow2}.size") ]]; then
+            torrent="${qcow2}.torrent"
+            session="${torrent//./_}"
+            if vmimage-torrent status | grep -qw ^"$session"; then
+                vmimage-torrent stop "${qcow2}"
+            fi
+	    rm "${qcow2}"
+	fi
+    done 
+}
+
 sync_all_torrents() {
     rsync -ai rsync://server:/vmimages-download/*.torrent /lmn/vm/
+    rsync -ai rsync://server:/vmimages-download/*.size /lmn/vm/
+    delete_old_qcows
     rsync -ai rsync://server:/vmimages-download/*.xml /lmn/vm/
     RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache rsync://server:/vmimages-download/desktop/ /usr/local/share/applications/ | sed '/ \.\//d')
     if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
diff --git a/roles/lmn_vm/files/upload-vm.sh b/roles/lmn_vm/files/upload-vm.sh
index 5b66b14..7a05074 100755
--- a/roles/lmn_vm/files/upload-vm.sh
+++ b/roles/lmn_vm/files/upload-vm.sh
@@ -42,9 +42,14 @@ upload_image() {
     cd /lmn/vm
     # (re-) create torrent file
     sudo -u lmnsynci /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
+    # create size-information-file
+    stat -c%s "${VM_NAME}.qcow2" > "${VM_NAME}.qcow2.size"
+    chown lmnsynci:lmnsynci "${VM_NAME}.qcow2.size"
     # Upload Torrent, qcow2 and machine-definition-XML
     [[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
 	  "/lmn/vm/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
+    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2.size" \
+	  rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2" \
 	  rsync://vmuser@server:/vmimages-upload/
     rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.xml" \

From d7d0069dd38493a9f354db6d5310b71ef5e029a9 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Sun, 8 Oct 2023 19:47:01 +0200
Subject: [PATCH 393/504] script aborts if no qcow2-File found

---
 roles/lmn_vm/files/sync-vm.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index c5a219e..6a60529 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -67,7 +67,7 @@ sync_all_images() {
 
 delete_old_qcows() {
     cd /lmn/vm
-    for qcow2 in *.qcow2; do
+    for qcow2 in $(find . -maxdepth 1 -name "*.qcow2" -exec basename {} ';'); do
 	qcowsize=$(stat -c%s "${qcow2}")
 	if [[ -f "${qcow2}.size" ]] && [[ "${qcowsize}" != $(<"${qcow2}.size") ]]; then
             torrent="${qcow2}.torrent"
@@ -77,7 +77,7 @@ delete_old_qcows() {
             fi
 	    rm "${qcow2}"
 	fi
-    done 
+    done
 }
 
 sync_all_torrents() {

From 987e33c9893baa46be58f0dcf5d2e2fe915d827f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 7 Oct 2023 21:11:48 +0200
Subject: [PATCH 394/504] Displayed hostname overlaps with battery symbol on
 laptops.

---
 roles/lmn_fvs/tasks/main.yml | 7 ++++---
 roles/lmn_vm/tasks/main.yml  | 1 +
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 3289da7..eef307b 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -173,12 +173,13 @@
   blockinfile:
     path: /usr/share/sddm/themes/debian-breeze/Main.qml
     marker: // {mark} ANSIBLE MANAGED BLOCK
-    insertbefore: '\s+Battery {'
+    insertbefore: '\s+//Footer'
     block: |
       Text {
+         id: hostname
+         anchors.right: parent.right
+         anchors.rightMargin: 3
          color: "#ffffff"
          text: sddm.hostName
-         anchors.right: parent.right
-         anchors.rightMargin: 10
          font.pointSize: config.fontSize
       }
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index c5821e4..c605084 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -166,6 +166,7 @@
     create: True
     mode: '0600'
 
+# FIXME #691138
 - name: Allow users to attach to bridge
   file:
     path: /usr/lib/qemu/qemu-bridge-helper

From 9b0cac31771735496ebfc60e03f2adc11cfddfe0 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 8 Oct 2023 19:45:25 +0200
Subject: [PATCH 395/504] Leave more time for unattended-upgrades.

---
 lmn-desktop.yml                  | 1 -
 roles/lmn_fvs/files/pwroff.timer | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 0465cc8..2f3ee76 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -125,7 +125,6 @@
       loop:
         - /srv/samba
         - /srv/samba/schools
-        - /srv/samba/schools/default-school
 
     - name: Fix unattended-upgrades
       ansible.builtin.copy:
diff --git a/roles/lmn_fvs/files/pwroff.timer b/roles/lmn_fvs/files/pwroff.timer
index c9896bc..de3fcd0 100644
--- a/roles/lmn_fvs/files/pwroff.timer
+++ b/roles/lmn_fvs/files/pwroff.timer
@@ -1,8 +1,8 @@
 [Unit]
-Description=Run pwroff script every 30 min after 60 min uptime
+Description=Run pwroff script every 30 min after 90 min uptime
 
 [Timer]
-OnBootSec=60min
+OnBootSec=90min
 OnUnitActiveSec=30min
 
 [Install]

From faeeb46ddf01e32d3bf20c8cfefc858fc713e439 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 8 Oct 2023 20:28:57 +0200
Subject: [PATCH 396/504] Show date of last ansible run.

---
 roles/lmn_fvs/tasks/main.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index eef307b..0f708db 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -177,9 +177,11 @@
     block: |
       Text {
          id: hostname
+         anchors.top: parent.top
          anchors.right: parent.right
-         anchors.rightMargin: 3
+         anchors.topMargin: 10
+         anchors.rightMargin: 15
          color: "#ffffff"
-         text: sddm.hostName
+         text: sddm.hostName + " | <{{ ansible_date_time['date'] }}>"
          font.pointSize: config.fontSize
       }

From 2e05599294192c5c69b742e32690b9575f80e25c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 10 Oct 2023 12:36:58 +0200
Subject: [PATCH 397/504] Enable wake-on-lan.

---
 roles/lmn_kde/tasks/main.yml     | 6 ++++++
 roles/lmn_network/tasks/main.yml | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 6fc7ba8..ea70a3a 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -91,6 +91,12 @@
       RememberLastUser=false
       RememberLastSession=false
 
+- name: Enable wake-on-lan for all ethernet connections
+  ansible.builtin.copy:
+    dest: /etc/NetworkManager/conf.d/wake-on-lan.conf
+    content: |
+      [connection]
+      ethernet.wake-on-lan=64
 
 - name: Create directory to avoid suspend
   ansible.builtin.file:
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 3a51738..853f4b6 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -8,13 +8,13 @@
       ftp_proxy="{{ proxy }}"
       no_proxy="{{ no_proxy }}"
 
-- name: set aptcache
+- name: Set aptcache
   ansible.builtin.copy:
     dest: /etc/apt/apt.conf
     content: >
       {{ apt_conf }}
 
-- name: set ntp Server
+- name: Set NTP server
   ansible.builtin.lineinfile:
     path: /etc/systemd/timesyncd.conf
     insertafter: '^#NTP='

From c1a6b35b9c64f4b23865da1c1cea2482c3afa006 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 10 Oct 2023 12:38:21 +0200
Subject: [PATCH 398/504] Support for veracrypt.

---
 roles/lmn_fvs/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 0f708db..787bde4 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -50,6 +50,8 @@
       - ttf-mscorefonts-installer
       - unison-gtk
       - wireshark
+      - zulucrypt-gui
+#      - python-is-python3
     autoremove: true
     state: latest
   environment:

From 1bdb0e5b3887a247349dce90f7b22758c39db780 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 11 Oct 2023 18:23:08 +0200
Subject: [PATCH 399/504] When shutdown is chosen from within KDE, the system
 hangs.

---
 lmn-desktop.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index 2f3ee76..d96c72c 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -133,6 +133,13 @@
           APT::Periodic::Update-Package-Lists "1";
           APT::Periodic::Unattended-Upgrade "1";
 
+## bookworm fixes/hacks:
+    - name: Work around sddm hang on shutdown
+      ansible.builtin.lineinfile:
+        path: /etc/systemd/system.conf
+        line: DefaultTimeoutStopSec=5s
+        insertafter: '^#DefaultTimeoutStopSec=.*'
+
 ## bullseye fixes:
     - name: Add bookworm firmware repository if needed
       apt_repository:

From 445c31b7b7990b3b419d4f95640ebf4796626f49 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 11 Oct 2023 21:05:00 +0200
Subject: [PATCH 400/504] Provide libdvdcss needed for playing video DVDs.

---
 lmn-desktop.yml              |  3 +++
 roles/lmn_fvs/tasks/main.yml | 13 +++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d96c72c..d80e4c0 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -40,6 +40,9 @@
     ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
     mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
 
+    ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
+    mirror_dvdcss: http://livebox.pn.steinbeis.schule/libdvdcss/
+
     rsyncsecret: Muster!
     keys2deploy:
       - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 787bde4..fdf4404 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -171,6 +171,19 @@
 #      LockOnResume=false
 #
 
+- name: Download libdvdcss from mirror
+  ansible.builtin.get_url:
+    url: "{{ mirror_dvdcss }}/libdvdcss.so.2.2.0"
+    dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2.2.0
+  when: mirror_dvdcss is defined and mirror_dvdcss | length > 0
+
+- name: Link library so name
+  ansible.builtin.file:
+    src: libdvdcss.so.2.2.0
+    dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2
+    state: link
+  when: mirror_dvdcss is defined and mirror_dvdcss | length > 0
+
 - name: Patch sddm login screen to show hostname
   blockinfile:
     path: /usr/share/sddm/themes/debian-breeze/Main.qml

From df7ea045766e2c83b59f1e222e68c6c6c9e12818 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 11 Oct 2023 21:34:20 +0200
Subject: [PATCH 401/504] Install php-cli on request.

---
 roles/lmn_fvs/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index fdf4404..a41e5cc 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -41,6 +41,7 @@
       - net-tools
       - netcat-openbsd
       - nmap
+      - php-cli
       - planner
       - pulseview
       - sigrok
@@ -51,7 +52,6 @@
       - unison-gtk
       - wireshark
       - zulucrypt-gui
-#      - python-is-python3
     autoremove: true
     state: latest
   environment:

From 0b413b7835491609ecab5fa4f0bf2abff0b69d44 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 12 Oct 2023 10:00:26 +0200
Subject: [PATCH 402/504] Download fails during installation.

---
 inventory/inventory.yml      | 3 ++-
 roles/lmn_fvs/tasks/main.yml | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 1ec28a2..9560e51 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -96,7 +96,8 @@ L300:
   hosts:
     10.190.52.61:
     10.190.52.[91:92]:
-#    10.190.52.[1:10]:
+    10.190.52.121:
+    10.190.52.151:
 L400:
   hosts:
 #    10.190.53.[1:10]:
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index a41e5cc..0c082c5 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -175,6 +175,7 @@
   ansible.builtin.get_url:
     url: "{{ mirror_dvdcss }}/libdvdcss.so.2.2.0"
     dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2.2.0
+    use_proxy: False
   when: mirror_dvdcss is defined and mirror_dvdcss | length > 0
 
 - name: Link library so name

From 79ec9e57f2024ef495e062d3e568c5bda5b6c2bf Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 12 Oct 2023 20:00:19 +0200
Subject: [PATCH 403/504] Use vault for site-specific variables.

---
 inventory/inventory.yml |  2 +-
 lmn-desktop.yml         | 78 ++++++++++++++----------------------
 lmn-laptop.yml          | 83 +++++++++++++++++++++++++++++---------
 lmn-vault               | 88 +++++++++++++++++++++++++++++++++++++++++
 4 files changed, 182 insertions(+), 69 deletions(-)
 create mode 100644 lmn-vault

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 9560e51..9196bd9 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -94,7 +94,7 @@ L200:
 #    10.190.51.[1:10]:
 L300:
   hosts:
-    10.190.52.61:
+    10.190.52.[61:62]:
     10.190.52.[91:92]:
     10.190.52.121:
     10.190.52.151:
diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index d80e4c0..ada2686 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -1,4 +1,21 @@
 ## This playbook deploys a KDE desktop machine for LinuxMuster.
+#
+# Use the following in the installer's preseed file:
+#
+# d-i preseed/late_command string \
+#       mkdir -p /target/home/ansible/.ssh && \
+#       echo "ssh-ed25519 A...YOUR.KEY...Z" >> /target/home/ansible/.ssh/authorized_keys ; \
+#       in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
+#       in-target chmod -R og= /home/ansible/.ssh/ ; \
+#       if [ -n "$playbook" ] ; then \
+#         mkdir -v /target/dev/shm ; \
+#         in-target mount -v -t tmpfs tmpfs /dev/shm ; \
+#         echo "$vaultpw" > /target/dev/shm/vaultpw ; \
+#         in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
+#            --vault-password-file /dev/shm/vaultpw \
+#            -i localhost, --url=git://ansible.example.org/.git -C YOUR_BRANCH $playbook ; \
+#       fi
+#
 ---
 - name: apply configuration to the machines
   hosts: all
@@ -26,35 +43,29 @@
         value: True
         vtype: boolean
 
+  vars_files: lmn-vault
   vars:
     domain: "{{ ansible_domain }}"
-    kerberize_uris: steinbeis.schule
-    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
-    ntp_serv: server.pn.steinbeis.schule
-    proxy: http://firewall.pn.steinbeis.schule:3128
-    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
+    kerberize_uris: "{{ vault_kerberize_uris }}"  ##  example.org
+    apt_conf: "{{ vault_apt_conf }}"  ## Acquire::http::Proxy "http://aptcache.example.org:3142/";
+    ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
+    proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
+    no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
 
     ## PAM mount nextcloud, remove or leave empty to skip:
-    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
+    web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
 
     ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
-    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
+    mirror_msfonts: "{{ vault_mirror_msfonts }}" ## http://livebox.example.org/mscorefonts/
 
     ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
-    mirror_dvdcss: http://livebox.pn.steinbeis.schule/libdvdcss/
+    mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
-    rsyncsecret: Muster!
-    keys2deploy:
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
+    rsyncsecret: "{{ vault_rsyncsecret }}"
+    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
-    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
+    grub_pwd: "{{ vault_grub_pwd }}"
     nfs4: false
     extra_pkgs:
       - vim
@@ -78,16 +89,6 @@
     - lmn_security
 
   tasks:
-    - name: Add local user 'virti' in the 'libvirt' group
-      ansible.builtin.user:
-        name: virti
-        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
-        comment: Libvirt VM User,,,
-        shell: /bin/bash
-        groups: libvirt
-        append: yes
-      when: false
-
 ## Temporary fixes and quirks:
     - name: Fix 8086:4909 external graphics card
       replace:
@@ -142,24 +143,3 @@
         path: /etc/systemd/system.conf
         line: DefaultTimeoutStopSec=5s
         insertafter: '^#DefaultTimeoutStopSec=.*'
-
-## bullseye fixes:
-    - name: Add bookworm firmware repository if needed
-      apt_repository:
-        repo: deb http://deb.debian.org/debian/ bookworm non-free-firmware
-        state: present
-        update_cache: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
-
-    - name: upgrade non-free-firmware packages
-      apt:
-        upgrade: true
-        autoremove: true
-        autoclean: true
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        ansible_board_name == "32CB" and
-        ansible_distribution_release == "bullseye"
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index 0974cab..88010f9 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -11,7 +11,7 @@
       register: adpw
       no_log: true
       when: "ansible_cmdline.adpw is not defined"
-    - name: preseed apparmor
+    - name: Preseed apparmor
       debconf:
         name: apparmor
         question: apparmor/homedirs
@@ -26,33 +26,30 @@
         value: True
         vtype: boolean
 
+  vars_files: lmn-vault
   vars:
     domain: "{{ ansible_domain }}"
-    kerberize_uris: steinbeis.schule
-    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
-    ntp_serv: server.pn.steinbeis.schule
-    proxy: http://firewall.pn.steinbeis.schule:3128
-    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
+    kerberize_uris: "{{ vault_kerberize_uris }}"  ##  example.org
+    apt_conf: "{{ vault_apt_conf }}"  ## Acquire::http::Proxy "http://aptcache.example.org:3142/";
+    ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
+    proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
+    no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
 
     ## PAM mount nextcloud, remove or leave empty to skip:
-    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
+    web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
 
     ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
-    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
+    mirror_msfonts: "{{ vault_mirror_msfonts }}" ## http://livebox.example.org/mscorefonts/
 
-    rsyncsecret: Muster!
-    wifipasswd: FjgmGBaKEenr25ZF
-    keys2deploy:
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
+    ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
+    mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
+
+    rsyncsecret: "{{ vault_rsyncsecret }}"
+    wifipasswd: "{{ vault_wifipasswd }}"
+    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
-    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
+    grub_pwd: "{{ vault_grub_pwd }}"
     nfs4: false
     extra_pkgs:
       - vim
@@ -77,9 +74,57 @@
     - lmn_security
 
   tasks:
+## Temporary fixes and quirks:
+    - name: Fix 8086:4909 external graphics card
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX=""$'
+        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
+
+    - name: Fix sound on 312A
+      replace:
+        dest: "/etc/default/grub"
+        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
+        replace: 'GRUB_CMDLINE_LINUX=""'
+      notify: Run update-grub
+      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
+
+    - name: Fix sound on 312A and 312D
+      apt:
+        name: firmware-sof-signed
+        state: latest
+      when: >
+        ansible_board_vendor == "LENOVO" and
+        (ansible_board_name == "312D" or ansible_board_name == "312A")
+
+## Clean up stuff from obsolete/faulty tasks:
+    - name: Remove virtiofs service
+      file:
+        path: /etc/systemd/system/virtiofs@.service
+        state: absent
+
+    - name: Fix mount point permissions and owner
+      file:
+        path: "{{ item }}"
+        mode: '0755'
+        owner: root
+        group: root
+      loop:
+        - /srv/samba
+        - /srv/samba/schools
+
     - name: Fix unattended-upgrades
       ansible.builtin.copy:
         dest: /etc/apt/apt.conf.d/20auto-upgrades
         content: |
           APT::Periodic::Update-Package-Lists "1";
           APT::Periodic::Unattended-Upgrade "1";
+
+## bookworm fixes/hacks:
+    - name: Work around sddm hang on shutdown
+      ansible.builtin.lineinfile:
+        path: /etc/systemd/system.conf
+        line: DefaultTimeoutStopSec=5s
+        insertafter: '^#DefaultTimeoutStopSec=.*'
diff --git a/lmn-vault b/lmn-vault
new file mode 100644
index 0000000..0cac093
--- /dev/null
+++ b/lmn-vault
@@ -0,0 +1,88 @@
+$ANSIBLE_VAULT;1.1;AES256
+32636664616238393662376463373731633938323336623065323763613332363661353833643236
+3063383038383733393431626336373261666333373438360a346330663233333338643765366139
+30616635336234653861663938376237613066356130383066653137343363633666326264656434
+3635633262366330640a663839383661343464643938363333393734383737653736326562666564
+36346338623363626261666563336564346533393532666130646534646532613632396561363966
+39613563613131663564653934636131653365633132363536373732303437643938306264376130
+33643262323365363535353036333535663037353938356663346238643836386666663561303264
+64353262633532353236343537373137353135336438366335646532373961343931636433306232
+32383730643962333064653833666537383336366234343730623832336238633537333038353236
+33613164353737323838343465353630626665303836303865663864306332393039613265383630
+31353234626664626133333465386166353635343364363765346138633362333161666438363866
+61323433323363363531396530326365306532656530363335613364373964323665393761313932
+32316330386231623934636661396466613932356531383533653331643431323238646566343734
+32636337613165643164373161376634363361653163636661653762613036336632306138666361
+66656264393033373930613736323037336635633365386662653739316633306138326235363038
+35353366366166323361656161326435363934393239336637393539653532636532366633613233
+66633765636436383165313338663737386539366532323938646562623039613865373132333161
+65366637313966626363383437616631653639656131303932633833643163633831376635373933
+66666430363361656238643833326631373330313333396433666539346431343864336333336465
+34303931653632386238323336383466353266323163383537666538633932383462363637613833
+32346362303464616135333237383061333762623830656162643935616635623166343638663637
+32633962663864626337346566616232333839386438313365323339366435396434323539363938
+36623966343530653366333138633836383538333833643637656536653033386163323064656263
+61633738653461366163643363626364633636616265626232393861376330616234633461323032
+64626537346566303434343534653531306439303563343732616464386333323862323333613365
+31356466326134633961363265336461303462633932653634656334363033323835653765333163
+34353664316361356638333330323364373236313237313962336630613636363038363533653963
+64336463643035613539346466316361393666346136373533343633346464376130393066653965
+64643437376132613731333363396636383939646465346439303737663539646165313164333633
+66333463633865323465313932396265616638383665333239623364356537373930343432373935
+39663635343135613339313937303763613733616662386331336662383865643066373633653863
+34613063636134393965333333663264633863656331363135316238643333393431306236353464
+33633637633665303736663338313061616539376264343536633434313766613466346365656133
+37646434323435313532396633343663616562613937306265643933323461613437633666663230
+64653330616333326665323263663635373936633463663831333932323863323631373033636139
+36366139333230306137356430613761373630666363373062613237383562363630356235626166
+61613239613937346536386465326230623431333233386131383638323563626132663638653136
+38663664636362393339653964663330353663393765333135313965383837333139383832633238
+66616665373336313961393032383432313337336139306530313130306634613939386465353561
+36373462336435303831383764356531643232313434633530303135623134386663643534356238
+39663235326137386130383534363431636139373966336162343536356136616335666561383762
+66666366646261633761666663383566333531323764663664353139386565636661323365636265
+35326637313937346639323136653437313465356532373461333736336437393065363430363262
+32326436373266323835323038326330306635306537316333383864623835636330653837663033
+39613663333232333031643935613066643032353935356238663238383930383035623939383165
+35636538633231383439326432663734613262356339346136616634346461356263336163346433
+31666236316363373132626633386535323635626330613730303134313263646430376433623661
+39656530313135333737656632653731373363653861393562663261666164366161616131376235
+63396435643066633738643965393061376237656232666437366664353037383461393538353239
+65663235343036666538376439313465366333636436646563623961336230346365373764363737
+31616162663438316366323063653334316663646261353230663764383364643864373562323734
+32666262643634663339653332393566356636613662373835313664303035633333396131646165
+61336438333735613963353064393233343565396562383734373365336431643863633938333733
+38653138353763356461326531303733323134323865623361383933396337346533653635353965
+32336236316462656632656161303138613133663861353237396139393930306565313532356365
+39356531626130653430353331373363626264333730346563666234313163613161643162393839
+62356331613863613538376337313837383064373932346138353264663232383565313833346566
+32306366656564393364303830323637323336356665333037623362383363623135646334306438
+65373036656636393536323462363234366538636566373361396530373535333033313233623032
+32373666313462663465373863653433363738646265383338623861366163633638343566393731
+38303162356463656339303337363461386461396639633064323965366464623639366336313537
+39353638616230613264343735333539353366613735363062636233326130666362363363633136
+37313962376233303834313432313565333264343733653835653831343261343437383832373936
+63376461396533613364313236356364393534326339373565316530303437353732653733326232
+37663837333966653238323234316463643339626663643766343735353239633838653336663834
+34373266613336376537363335616134366633373039343934386333343530633962626435366463
+37613562616335363637323361303138653565376466396533336332643365376265643435333435
+32613266356539623230646135333234376135623435666235373266363836653938316266613038
+39653064326661363538343732336437626537366430666639303162653033613631343930643961
+62633432343464333066643830343033643461316166663935383366313665623665346263613037
+64366662626536663765343339343136313863613633316264636531366638303133636539666461
+32383734633837306465323434306338653331356638353731666537623335306532643431353563
+65326339396433666566666631613630663863643935633936313265313866326130383735313031
+32396434643333343962306364643631383164376464316637623739356264343735393838623962
+61323633663633343464663638653761383164363932616630353564666237663530383239353866
+33343236303532366430383331623138633564336538623034643630373138356134393861643039
+39633565343063373533326232383038333330353539346533313433303133366534343033666161
+36306566623361643663333265626561393036633966333331353033393066356138326663356539
+65393066643939373730383437363232366434386636666636643137616465633635393930306335
+62383136376637653861323761646262646162346538393639346139656530303062353764653835
+39363165373633333564353938646331613336316230353331313861363361666265643034633230
+31313033343533386232343039646537336339303434383439353363656632366364656238373835
+35663731313439396435373238363739353935306335646536363961373631373039366331393138
+38663263363731306236323563663965323261626134373532343762363632316339666465323936
+35646462313237656261626138313431303264613032316138613634616133396662356232626565
+36623762656633386463633664363665616564393166313439396138363335666665383838376439
+613237313732306630313738643233333966

From ee85c414831aeb49b1e1c53c6d5431c51f329094 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 14 Oct 2023 20:06:28 +0200
Subject: [PATCH 404/504] Move SSID to vault.

---
 lmn-laptop.yml                                |   1 +
 lmn-vault                                     | 176 +++++++++---------
 roles/lmn_wlan/tasks/main.yml                 |   8 +-
 ...s.nmconnection.j2 => ssid.nmconnection.j2} |   0
 4 files changed, 94 insertions(+), 91 deletions(-)
 rename roles/lmn_wlan/templates/{FVS-devices.nmconnection.j2 => ssid.nmconnection.j2} (100%)

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index 88010f9..e01c9cf 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -45,6 +45,7 @@
     mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
+    ssid: "{{ vault_ssid }}"
     wifipasswd: "{{ vault_wifipasswd }}"
     keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
 
diff --git a/lmn-vault b/lmn-vault
index 0cac093..8002524 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,88 +1,90 @@
 $ANSIBLE_VAULT;1.1;AES256
-32636664616238393662376463373731633938323336623065323763613332363661353833643236
-3063383038383733393431626336373261666333373438360a346330663233333338643765366139
-30616635336234653861663938376237613066356130383066653137343363633666326264656434
-3635633262366330640a663839383661343464643938363333393734383737653736326562666564
-36346338623363626261666563336564346533393532666130646534646532613632396561363966
-39613563613131663564653934636131653365633132363536373732303437643938306264376130
-33643262323365363535353036333535663037353938356663346238643836386666663561303264
-64353262633532353236343537373137353135336438366335646532373961343931636433306232
-32383730643962333064653833666537383336366234343730623832336238633537333038353236
-33613164353737323838343465353630626665303836303865663864306332393039613265383630
-31353234626664626133333465386166353635343364363765346138633362333161666438363866
-61323433323363363531396530326365306532656530363335613364373964323665393761313932
-32316330386231623934636661396466613932356531383533653331643431323238646566343734
-32636337613165643164373161376634363361653163636661653762613036336632306138666361
-66656264393033373930613736323037336635633365386662653739316633306138326235363038
-35353366366166323361656161326435363934393239336637393539653532636532366633613233
-66633765636436383165313338663737386539366532323938646562623039613865373132333161
-65366637313966626363383437616631653639656131303932633833643163633831376635373933
-66666430363361656238643833326631373330313333396433666539346431343864336333336465
-34303931653632386238323336383466353266323163383537666538633932383462363637613833
-32346362303464616135333237383061333762623830656162643935616635623166343638663637
-32633962663864626337346566616232333839386438313365323339366435396434323539363938
-36623966343530653366333138633836383538333833643637656536653033386163323064656263
-61633738653461366163643363626364633636616265626232393861376330616234633461323032
-64626537346566303434343534653531306439303563343732616464386333323862323333613365
-31356466326134633961363265336461303462633932653634656334363033323835653765333163
-34353664316361356638333330323364373236313237313962336630613636363038363533653963
-64336463643035613539346466316361393666346136373533343633346464376130393066653965
-64643437376132613731333363396636383939646465346439303737663539646165313164333633
-66333463633865323465313932396265616638383665333239623364356537373930343432373935
-39663635343135613339313937303763613733616662386331336662383865643066373633653863
-34613063636134393965333333663264633863656331363135316238643333393431306236353464
-33633637633665303736663338313061616539376264343536633434313766613466346365656133
-37646434323435313532396633343663616562613937306265643933323461613437633666663230
-64653330616333326665323263663635373936633463663831333932323863323631373033636139
-36366139333230306137356430613761373630666363373062613237383562363630356235626166
-61613239613937346536386465326230623431333233386131383638323563626132663638653136
-38663664636362393339653964663330353663393765333135313965383837333139383832633238
-66616665373336313961393032383432313337336139306530313130306634613939386465353561
-36373462336435303831383764356531643232313434633530303135623134386663643534356238
-39663235326137386130383534363431636139373966336162343536356136616335666561383762
-66666366646261633761666663383566333531323764663664353139386565636661323365636265
-35326637313937346639323136653437313465356532373461333736336437393065363430363262
-32326436373266323835323038326330306635306537316333383864623835636330653837663033
-39613663333232333031643935613066643032353935356238663238383930383035623939383165
-35636538633231383439326432663734613262356339346136616634346461356263336163346433
-31666236316363373132626633386535323635626330613730303134313263646430376433623661
-39656530313135333737656632653731373363653861393562663261666164366161616131376235
-63396435643066633738643965393061376237656232666437366664353037383461393538353239
-65663235343036666538376439313465366333636436646563623961336230346365373764363737
-31616162663438316366323063653334316663646261353230663764383364643864373562323734
-32666262643634663339653332393566356636613662373835313664303035633333396131646165
-61336438333735613963353064393233343565396562383734373365336431643863633938333733
-38653138353763356461326531303733323134323865623361383933396337346533653635353965
-32336236316462656632656161303138613133663861353237396139393930306565313532356365
-39356531626130653430353331373363626264333730346563666234313163613161643162393839
-62356331613863613538376337313837383064373932346138353264663232383565313833346566
-32306366656564393364303830323637323336356665333037623362383363623135646334306438
-65373036656636393536323462363234366538636566373361396530373535333033313233623032
-32373666313462663465373863653433363738646265383338623861366163633638343566393731
-38303162356463656339303337363461386461396639633064323965366464623639366336313537
-39353638616230613264343735333539353366613735363062636233326130666362363363633136
-37313962376233303834313432313565333264343733653835653831343261343437383832373936
-63376461396533613364313236356364393534326339373565316530303437353732653733326232
-37663837333966653238323234316463643339626663643766343735353239633838653336663834
-34373266613336376537363335616134366633373039343934386333343530633962626435366463
-37613562616335363637323361303138653565376466396533336332643365376265643435333435
-32613266356539623230646135333234376135623435666235373266363836653938316266613038
-39653064326661363538343732336437626537366430666639303162653033613631343930643961
-62633432343464333066643830343033643461316166663935383366313665623665346263613037
-64366662626536663765343339343136313863613633316264636531366638303133636539666461
-32383734633837306465323434306338653331356638353731666537623335306532643431353563
-65326339396433666566666631613630663863643935633936313265313866326130383735313031
-32396434643333343962306364643631383164376464316637623739356264343735393838623962
-61323633663633343464663638653761383164363932616630353564666237663530383239353866
-33343236303532366430383331623138633564336538623034643630373138356134393861643039
-39633565343063373533326232383038333330353539346533313433303133366534343033666161
-36306566623361643663333265626561393036633966333331353033393066356138326663356539
-65393066643939373730383437363232366434386636666636643137616465633635393930306335
-62383136376637653861323761646262646162346538393639346139656530303062353764653835
-39363165373633333564353938646331613336316230353331313861363361666265643034633230
-31313033343533386232343039646537336339303434383439353363656632366364656238373835
-35663731313439396435373238363739353935306335646536363961373631373039366331393138
-38663263363731306236323563663965323261626134373532343762363632316339666465323936
-35646462313237656261626138313431303264613032316138613634616133396662356232626565
-36623762656633386463633664363665616564393166313439396138363335666665383838376439
-613237313732306630313738643233333966
+32373033346534336537616432383831656137373934646130373730643462353434396336633933
+6334333739313565333264333635343130396138333062640a646433353666306666363332373135
+37363762376332373836393434393336303932626438613236366438376535643836343239356134
+6231316166653936310a616632333539343462383265393432336133653238643465623536333434
+39336536623730363339663332653938333965653165396437636138393064326161336266343031
+32613336323461636162356136306162343636333033613735633866366165616539306563646564
+30343731653839323463343434633430393631353662613030316236343261323232613839326539
+63353062376131303264306361623638656662383066393831623164363238336239633731663766
+37303563356663353663323663383065333135656562346636376665343565366264613837303433
+30306166393239663235336433356239343765623736316331353165663931356434326266363864
+37383766353534336630393864633933303363633239633639326134663766303738323237663132
+62616435306434333166333563366132323432613334356436666630653862643165386335393161
+61643831656361633262653764343336343963373239343964663730663265666539656533323163
+62656630396332313263333463303435326632653164636365623930643163363464656637356238
+61383466343130353933383539633338366265396361323963393839366234626538623731383131
+31383538653962326533663130363163353839343837626333356466326438623139383936643830
+63623631363038643737653238373663613239653133383161323364393165373866636634626132
+65666634396539393736393637323332333538303466373231343134373965323761663030616330
+32306131353764626465663231376637323766313733623738613336393033383862366265653830
+61356338353732633139346664373834613935346135623934306665323839326130316538623436
+39353164313638333564373265613532326364306336613163646531366238663231633136353562
+61383635636437623864653062626565326338626665646439663961393161356635626336356439
+62373930653337326239323938663166303531353731646334613134333239623434316232343438
+31366139336365326137363034353638323633323463316130366630346533376665626233353531
+35326332363133616461653339653637633337643134623137313330356561613535633139316339
+38393463363732646635386231333962303337353562653265623530616537653132333735626265
+63623138346337373665316138376234383235313536326232653866346637303066366435343836
+38313561373039356161383733323432636438303130306239366630663163386235326463636130
+34336338313663383034343364616462646239636430303635343637653436623735643665303233
+63396539646431396263633833613862366238306638333533666534326334306163346133666138
+31393830643938656562373732643563656535383831316536396238613633356366353962393136
+32666664633361633261313033633138383231303236383235643632666539303133383763343832
+65623832323165366461666463623835396638386536366464623336343964333666333736353562
+62356434326431316163613037623231383163393263656162306132326666323639333066313734
+32656563633961663736636163656131663961356461323230623236383432393238656264393766
+62643732323765363163383462326536343662376136313165393163333263633365663036626539
+37316565663065366336366235343666393732303631336661323436336666313135623962666132
+66346333323535396235323264353562333264353137376461653332623635616133383061393037
+33633362396461303634346436666662633631663630623437303061343464396661616562626138
+63356533336336373433623137626461363831306564626230396238626436663866303931313339
+65306465633739346436343539646235653934666430623939323935636163646266323031323333
+62316632663030376663656131346332633261323266303339396537326434393935336364326165
+31343161643031376134366636333761373735346334333532343564303061623864653661306637
+32363933316433383664313237623561343638363262333261323638393939643232623365323836
+30323633316336323862363663653632393866306136333634303265396133663138646563653836
+61303234646564616566646536343533313162323564646337373237656139383862616365626462
+61346230613533313763663364356462316633623662323661623765626464373730393530356466
+39336364633333366562316536333561376165363131313639386635353864323964383363316666
+64636363316265653761323833613234396533303563633539336438626561363833313162356331
+66376437636635353432613865333430653135306565656233323330383439656438653738616630
+38653034356662656364666462323464303134616231643862656565393839613263333539343834
+30646461613861343262363263373662313931353530366131386631633735663839336437303236
+32393233643238313531383363366439363730613839643262653037373230343333623862333835
+32323231376263643333356239386232363135333862343337636466383833626561393739373964
+30653134663833333661363737663335323331353161333963393039656365343937346634343736
+30393734336663353063663539623965626638326664633232393732333239306663396631393362
+39363137336530623662323533363637656132323736366233323331373636366237616130643330
+35633738323564343535383231346433386261656230303164343630356139613430326165323234
+34613937613338646632643231343035343334383231366264336265363434366261383838316361
+37316137373437623263383932393665316535373039323131326264343661376531313764316363
+64663837353864653937326331363937626463623730323931363462353564313231366636653730
+61353961633065313364343437383737386361323935623133383734316361333261653462616465
+62353831393764666538373266363963363632363932373565326437656336643033663139383537
+66326631313634616661386262343263373262646436343232613762656330613634343966613965
+62346566613930633234633335636239383533396264616630623232343663383964333065386335
+36643661363736343361343838306638366133303431356539373765396462643331646366626636
+35613432323534613832623266633462306532383166666662363635383162386234663030353062
+62363732363136626432656237613739326137616632643561326335366264633338653130646434
+37336663396538303362343862653565303338656339646432343231356634613332366365333730
+61393238323630663134303032616234643762393863646131636632633832663339373363326335
+61643666363362376536653435666133333263383264383935656639626535626562666465353562
+33666637383066643138663963343232663065303362353930303263343063313637653535323565
+30616636376365343063303537306135663462636131336664653034393732343932376330383163
+64343864363064643638323233623066613034326465636662626639643133643333656666653261
+39623337376538396438386638633330623034316163363932663662653239363132376139333835
+61343532623563353266386339303366383039333832303433623964656533346564633261353433
+39383761313333383834376230353063643665326161643962386330323461656432353763343561
+61353462373234633764333033656131626664376137326162326134316261333939353735363237
+63666632326363613631653263613632366466346330396664366631363537363533323961616461
+63383438333831396162366365313735313833633036303662653961303265663730313933616130
+66333732393234366337636264306166343430353663666666393434316362653530306266373566
+38643066353262616462626338393335623961333233323038633239333664636263653434366436
+65636466656264303763663837316666393339356566386563323137383336633331623366336361
+32633035353731393234363261353431386339663632616133383134333537366239623731373439
+38626163303462373334653663343139323865363638323666643539316664396335666237393863
+33316233393336313537323533613963613539323062323962643938656230376463653734353763
+30373265646161333862353231663963346533633464633639626362626235653136663036656265
+31343236366663643137373435353261626638373733623732323366326536616631636434343861
+6532
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan/tasks/main.yml
index 9dc2ee3..4e9a725 100644
--- a/roles/lmn_wlan/tasks/main.yml
+++ b/roles/lmn_wlan/tasks/main.yml
@@ -4,9 +4,9 @@
 ---
 - name: Configure WLAN for devices
   community.general.nmcli:
-    conn_name: FVS-devices
+    conn_name: "{{ ssid }}"
     type: wifi
-    ssid: FVS-devices
+    ssid: "{{ ssid }}"
     ifname: "{{ ansible_interfaces | select('search', 'wl.+') | first }}"
     wifi_sec:
       key-mgmt: wpa-psk
@@ -17,7 +17,7 @@
 
 - name: Provide WLAN config during installation
   template:
-    src: FVS-devices.nmconnection.j2
-    dest: /etc/NetworkManager/system-connections/FVS-devices.nmconnection
+    src: ssid.nmconnection.j2
+    dest: "/etc/NetworkManager/system-connections/{{ ssid }}.nmconnection"
     mode: '0600'
   when: run_in_installer|default(false)|bool
diff --git a/roles/lmn_wlan/templates/FVS-devices.nmconnection.j2 b/roles/lmn_wlan/templates/ssid.nmconnection.j2
similarity index 100%
rename from roles/lmn_wlan/templates/FVS-devices.nmconnection.j2
rename to roles/lmn_wlan/templates/ssid.nmconnection.j2

From e48c761935c532c27ac868cd37b730c77ff51324 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 19 Oct 2023 21:27:48 +0200
Subject: [PATCH 405/504] Provide a local guest user.

---
 lmn-laptop.yml                     |   6 +-
 lmn-vault                          | 196 ++++++++++++++++-------------
 roles/lmn_localuser/tasks/main.yml |  28 +++++
 roles/lmn_mount/tasks/main.yml     |   4 +-
 roles/lmn_printer/tasks/main.yml   |   2 +-
 roles/lmn_vm/tasks/main.yml        |   4 +-
 roles/lmn_wlan/tasks/main.yml      |   8 +-
 7 files changed, 151 insertions(+), 97 deletions(-)
 create mode 100644 roles/lmn_localuser/tasks/main.yml

diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index e01c9cf..f0359ee 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -45,9 +45,12 @@
     mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
+    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+
     ssid: "{{ vault_ssid }}"
     wifipasswd: "{{ vault_wifipasswd }}"
-    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+    localuser: "{{ vault_localuser }}"
+    localuser_pwd: "{{ vault_localuser_pwd }}"
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: "{{ vault_grub_pwd }}"
@@ -72,6 +75,7 @@
     - lmn_printer
     - kerberize
     - lmn_wlan
+    - lmn_localuser
     - lmn_security
 
   tasks:
diff --git a/lmn-vault b/lmn-vault
index 8002524..a903f1c 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,90 +1,108 @@
 $ANSIBLE_VAULT;1.1;AES256
-32373033346534336537616432383831656137373934646130373730643462353434396336633933
-6334333739313565333264333635343130396138333062640a646433353666306666363332373135
-37363762376332373836393434393336303932626438613236366438376535643836343239356134
-6231316166653936310a616632333539343462383265393432336133653238643465623536333434
-39336536623730363339663332653938333965653165396437636138393064326161336266343031
-32613336323461636162356136306162343636333033613735633866366165616539306563646564
-30343731653839323463343434633430393631353662613030316236343261323232613839326539
-63353062376131303264306361623638656662383066393831623164363238336239633731663766
-37303563356663353663323663383065333135656562346636376665343565366264613837303433
-30306166393239663235336433356239343765623736316331353165663931356434326266363864
-37383766353534336630393864633933303363633239633639326134663766303738323237663132
-62616435306434333166333563366132323432613334356436666630653862643165386335393161
-61643831656361633262653764343336343963373239343964663730663265666539656533323163
-62656630396332313263333463303435326632653164636365623930643163363464656637356238
-61383466343130353933383539633338366265396361323963393839366234626538623731383131
-31383538653962326533663130363163353839343837626333356466326438623139383936643830
-63623631363038643737653238373663613239653133383161323364393165373866636634626132
-65666634396539393736393637323332333538303466373231343134373965323761663030616330
-32306131353764626465663231376637323766313733623738613336393033383862366265653830
-61356338353732633139346664373834613935346135623934306665323839326130316538623436
-39353164313638333564373265613532326364306336613163646531366238663231633136353562
-61383635636437623864653062626565326338626665646439663961393161356635626336356439
-62373930653337326239323938663166303531353731646334613134333239623434316232343438
-31366139336365326137363034353638323633323463316130366630346533376665626233353531
-35326332363133616461653339653637633337643134623137313330356561613535633139316339
-38393463363732646635386231333962303337353562653265623530616537653132333735626265
-63623138346337373665316138376234383235313536326232653866346637303066366435343836
-38313561373039356161383733323432636438303130306239366630663163386235326463636130
-34336338313663383034343364616462646239636430303635343637653436623735643665303233
-63396539646431396263633833613862366238306638333533666534326334306163346133666138
-31393830643938656562373732643563656535383831316536396238613633356366353962393136
-32666664633361633261313033633138383231303236383235643632666539303133383763343832
-65623832323165366461666463623835396638386536366464623336343964333666333736353562
-62356434326431316163613037623231383163393263656162306132326666323639333066313734
-32656563633961663736636163656131663961356461323230623236383432393238656264393766
-62643732323765363163383462326536343662376136313165393163333263633365663036626539
-37316565663065366336366235343666393732303631336661323436336666313135623962666132
-66346333323535396235323264353562333264353137376461653332623635616133383061393037
-33633362396461303634346436666662633631663630623437303061343464396661616562626138
-63356533336336373433623137626461363831306564626230396238626436663866303931313339
-65306465633739346436343539646235653934666430623939323935636163646266323031323333
-62316632663030376663656131346332633261323266303339396537326434393935336364326165
-31343161643031376134366636333761373735346334333532343564303061623864653661306637
-32363933316433383664313237623561343638363262333261323638393939643232623365323836
-30323633316336323862363663653632393866306136333634303265396133663138646563653836
-61303234646564616566646536343533313162323564646337373237656139383862616365626462
-61346230613533313763663364356462316633623662323661623765626464373730393530356466
-39336364633333366562316536333561376165363131313639386635353864323964383363316666
-64636363316265653761323833613234396533303563633539336438626561363833313162356331
-66376437636635353432613865333430653135306565656233323330383439656438653738616630
-38653034356662656364666462323464303134616231643862656565393839613263333539343834
-30646461613861343262363263373662313931353530366131386631633735663839336437303236
-32393233643238313531383363366439363730613839643262653037373230343333623862333835
-32323231376263643333356239386232363135333862343337636466383833626561393739373964
-30653134663833333661363737663335323331353161333963393039656365343937346634343736
-30393734336663353063663539623965626638326664633232393732333239306663396631393362
-39363137336530623662323533363637656132323736366233323331373636366237616130643330
-35633738323564343535383231346433386261656230303164343630356139613430326165323234
-34613937613338646632643231343035343334383231366264336265363434366261383838316361
-37316137373437623263383932393665316535373039323131326264343661376531313764316363
-64663837353864653937326331363937626463623730323931363462353564313231366636653730
-61353961633065313364343437383737386361323935623133383734316361333261653462616465
-62353831393764666538373266363963363632363932373565326437656336643033663139383537
-66326631313634616661386262343263373262646436343232613762656330613634343966613965
-62346566613930633234633335636239383533396264616630623232343663383964333065386335
-36643661363736343361343838306638366133303431356539373765396462643331646366626636
-35613432323534613832623266633462306532383166666662363635383162386234663030353062
-62363732363136626432656237613739326137616632643561326335366264633338653130646434
-37336663396538303362343862653565303338656339646432343231356634613332366365333730
-61393238323630663134303032616234643762393863646131636632633832663339373363326335
-61643666363362376536653435666133333263383264383935656639626535626562666465353562
-33666637383066643138663963343232663065303362353930303263343063313637653535323565
-30616636376365343063303537306135663462636131336664653034393732343932376330383163
-64343864363064643638323233623066613034326465636662626639643133643333656666653261
-39623337376538396438386638633330623034316163363932663662653239363132376139333835
-61343532623563353266386339303366383039333832303433623964656533346564633261353433
-39383761313333383834376230353063643665326161643962386330323461656432353763343561
-61353462373234633764333033656131626664376137326162326134316261333939353735363237
-63666632326363613631653263613632366466346330396664366631363537363533323961616461
-63383438333831396162366365313735313833633036303662653961303265663730313933616130
-66333732393234366337636264306166343430353663666666393434316362653530306266373566
-38643066353262616462626338393335623961333233323038633239333664636263653434366436
-65636466656264303763663837316666393339356566386563323137383336633331623366336361
-32633035353731393234363261353431386339663632616133383134333537366239623731373439
-38626163303462373334653663343139323865363638323666643539316664396335666237393863
-33316233393336313537323533613963613539323062323962643938656230376463653734353763
-30373265646161333862353231663963346533633464633639626362626235653136663036656265
-31343236366663643137373435353261626638373733623732323366326536616631636434343861
-6532
+65633363646535646163353331353934343961306136663461633362323362643537386162346435
+6161306230316364656463313530376230313561653964650a333737336431326663366631666663
+61366333623231316336353362666130653838663233306334353734316338336334313630653339
+6335306166653434320a396232363732346239386533366236623332356231633536346136333666
+66316630313133646537373139636533313638663336343366623464313764636161326432653132
+38303864373736643932383436383331376139333439666166613463346636306235623961663530
+31616339623538663332633539376366663739633831633361363961323039386237323830393734
+36383734643134643530313631643561346266353665646563306334303339323231323766353334
+33353830336131653831636564383635356439363433663133663536653764653133666262303432
+38633034363764396461356130323531616561613734333039393836333338346235633838663330
+30646665656564646561663335643331633562623937623337353933623530363166646666363436
+35356434663830306634396633626139613632363364333163366539396539366434333331313438
+63353163386361396233643832313535383261366363333863383363353835633032376133373361
+61373535356535383836323438626265646330303238636632393034396133363131663031353933
+37393865393336313264393231643831623566666133343836633635353861613836386661376238
+39353461623839323532373064326238623961356466613130323535653437626364303261623537
+35306666373163646134666232356564623764353630333166326261393230623663363266336532
+35306564396430626639623461643035363933346435646363633464636432323462353766363639
+63346464396563656463383961623234366162666236646465336535343234376534616363363661
+64366134356362613535343835643538656333363935313865383436303230373634313166333566
+33643962623963356139396366316563623835313265656461636665396361336237353162646236
+38333661323765303932363237383939363336623765376538346538623836373539373339326435
+63656263343862356363616636366461313766363365636339336439333135326633343935653739
+63623839343338616336626163623261613062643433333331656230303138313037336536303638
+37643639336633386239366463383130623637633938313534323066643930313931313965313562
+66386434303964646363346634393230313132383764323635313430336565343837653536336238
+31303937636165393939653965303766653937376639656333643636623334346261666432336235
+64326366656635303635666161333231323530376236303238336663656562353132373265396434
+63663431626664626130333765346430633061333238363033343737633766633663633266363835
+35616533336666353033316462643732363565663162623630313462663761363333623663336163
+31626461663435303435663161626134343535383832366430653036323037343533356230386438
+34303335666663373638323761303135646330626566373065666130393863666539303037376231
+61643832633463323831623866333432353734313863643235386333396538383531303434376536
+65376336653864636230643861616530333666623036393435333237343137316463613730633066
+61346535356461653734396661643332323666393631313133353333666137613035346237313362
+65363433393066346131323733363034303031326563343161323366343866336338333832343832
+61633762323962393531313164313232356630333935623662383639363336393165343636393033
+34656466636632316365383038613130373535393532646136303063376431323963653163623665
+37353765616633303134346364643564613136633165396162343231626634353831373638656138
+34336536653533326661366332363239626233346436613738626339643433323438356139633762
+66613937613830306530646239363834613533346432376463663230363432343165353233643436
+39666233633266636136383335386539383263356534353563316365613336363965633039396430
+62376339396233653864373031353436633333666636643739313766643037306463323235363732
+38356630623739303761303133366436333536363131663633376566643030643334353137646436
+30666634346232656237363935666337393332333031353534646137373464326237353731303635
+66663461383932613333653665343361393161306462386362643562663861363238636633363231
+31666662613266333832343639376564363865643336373961653334656630313939353762623765
+64633964643332356562623061376335666566383539333334303964636137313539373039623532
+38373763626261316662333766613362633063653062363730383365323839386365373830663632
+34623031363266333461396164613433306338313830373564626439336662303365343335636164
+37373238656238646437636237366335623039656536323732386635633233336230346230336631
+63646238376232346630353565373534623034313639386539366662336534323231626136653436
+39613165336464333433333862333331613761323263636337336231353733373632313530636266
+30343233663161306166623033666664336161613664326636336533616335316462646539663438
+38316533646161656335333938343866623865313235646265373565323862356438383339353263
+37646431643935303965326132323131346231616262313964643736393334656233333864646261
+66353666303666656535326266343262306137633139303734613965333232633766326437333638
+33323061623032326563626132383935626230343030303337663530356333316533346164326461
+39666239303439343135613930363238356531356536333535396238366130663565663332323537
+30346234386166343332353132623036383732336166626662616666663539316161373934333030
+64316539376561613937666562656635343165323636636433656638303031373935616435646332
+63393039613466383034313037383063313830616563646233306164353439653832313463393566
+36353162353365653065386532333233363864626339383232313264333835366334363564313165
+63326135393432636634376534356665633733316133373666366337316566303634653637363466
+63623761623032393361393630613036346637356465643838393366393966373035333861623434
+63623835383132623766366639313837323539333933346165666138626139623965373962663835
+62643661616565353138343262323366653330366164313031623861663234353966383737386664
+30333564613631643762613932396666653566323536353961353933376262323739653338383538
+34666231616635333866306535393730313837346638393665316563323538386366323630383334
+32303361383231313863346166653233616364333736346264393836643935373065346438633138
+64323636623066303537373762303932303963303430383839656361386437646564383937333239
+64306238663130666234626537303466383162316230373633373766346338323865616435653838
+30613435356337613261373330323536646333376333366531326165383336623735353834643337
+32386561653035376663633062373133303036363133303564636461313235373030623337326237
+36666462353337373437326236623531366564323065623530633663363866373364373536653232
+30633634376336313366376161316633323238313261616233316339343230306131643531626163
+38303632653432643436626339373536616366653062613739666233613638626133353632633739
+61663230656366376537346434303266303263663064303932383035333764633135376236316232
+33626566333030346562613531313534326564383130396366353664616439323465616165323865
+65643663643633326435613565346132313866633932636561326536643138643137313836613062
+62313930663338616362336231643831316130643736633566303565626434623666633762643935
+61343633386134373935376339393965333666383731623832373936613764376361653737333236
+65663666353736366266316233646536343763633163383539306364383566383131333530633833
+37666639643663363531643930656332633030373531323334663632653363623936346634626531
+35636535646462623939303965383661346161326231303031346136613462313062303233653633
+31333237333331643138663530393537323231653637363032613133616130626333343739666164
+32343164363965643335646165343632626161373638343062656639653461653637326238303865
+36663830323066363562626666306431316165313265356139313033613065326461363963316633
+65306261633233373066393539326138313238656663303334626362313564393637313930616266
+33366137643163343933383962303539386131623063616632323831306230316264356336396338
+64623931333161336631313163356637336562323738336638363831363064363034636435376538
+35636166303630663466306630383432633030363762323363616562636135376566306630323065
+33303333323563633533653932653434623636303966343466336633303537393137336439386530
+39666431383636646634376332653131353465633664316266383835373332303936653936363737
+62393038646434623265663730653938646438343336396537316436633837383862353839386464
+33376264353537626231393366666139343833363135646233633638666234383566383934323732
+62313031323534356233623932623663346632646464323566623636333433333664313130383561
+33333231346435323266336261623665336630333166633561363963376439323736623362383030
+38393138353337383466366334373130393633393331393632666435373737306237383562343235
+35656163343939626130353537393032643732613631313233366637303663653635306539383430
+36333465306539613935643131393266366361313361313832313630373065653031663564663535
+35343430373061313061616164363530373731666239653130613731323734373136323736313161
+32613430376136656337646563646365356466616539613337393737356662646530386133646562
+38633732396338373361326338323862326138666461306264353137316532636564626230313635
+38316435363965343035303363353831646439666363363130656364636532656430633135383163
+66656532353662616134393439666561616436333463343962393739326337323965366165633963
+383861353830666365343437396238366138
diff --git a/roles/lmn_localuser/tasks/main.yml b/roles/lmn_localuser/tasks/main.yml
new file mode 100644
index 0000000..6b619f6
--- /dev/null
+++ b/roles/lmn_localuser/tasks/main.yml
@@ -0,0 +1,28 @@
+---
+- name: Mount tmpfs on /home/{{ localuser }}
+  ansible.posix.mount:
+    name: /home/{{ localuser }}
+    src: tmpfs
+    fstype: tmpfs
+    opts: uid=1001,gid=1001,mode=755,size=4G
+    state: mounted
+
+- name: Add local guest user
+  ansible.builtin.user:
+    name: "{{ localuser }}"
+    comment: "Local Guest User,,,"
+    shell: /bin/bash
+    uid: 1001
+    password_expire_min: 99999
+    createhome: false
+    password: "{{ localuser_pwd }}"
+
+- name: Prepare generator for local guest user
+  ansible.builtin.copy:
+    dest: /etc/systemd/user-environment-generators/60-guest-user.sh
+    content: |
+      #!/usr/bin/bash
+      set -eu
+      [[ "$UID" -ne 1001 ]] && exit 0
+      cp -r -n /etc/skel/.* "$HOME"
+    mode: "0755"
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 1c8d91a..9ae45e3 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -19,7 +19,7 @@
         path="{{ web_dav }}"
         mountpoint="/lmn/media/%(USER)/nextcloud"
         options="username=%(USER),nosuid,nodev,uid=%(USER),gid=1010,grpid,file_mode=0770,dir_mode=0770,forceuid,forcegid"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
   when: web_dav is defined and web_dav | length > 0
@@ -35,7 +35,7 @@
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 65912d5..23ef2c2 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -30,7 +30,7 @@
         path="sysvol/"
         mountpoint="/srv/samba/%(USER)/sysvol"
         options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index c605084..dd25710 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -25,13 +25,13 @@
         path="~"
         mountpoint="/lmn/media/%(USER)/home"
         options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
       <volume
         path="/srv/samba/schools/default-school/share"
         mountpoint="/lmn/media/%(USER)/share"
         options="bind"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not>
+        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
 
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan/tasks/main.yml
index 4e9a725..31b04ed 100644
--- a/roles/lmn_wlan/tasks/main.yml
+++ b/roles/lmn_wlan/tasks/main.yml
@@ -13,11 +13,15 @@
       psk: "{{ wifipasswd }}"
     autoconnect: true
     state: present
-  when: not run_in_installer|default(false)|bool
+  when: |
+    not run_in_installer|default(false)|bool and
+    ansible_interfaces | select('search', 'wl.+') | first is defined
 
 - name: Provide WLAN config during installation
   template:
     src: ssid.nmconnection.j2
     dest: "/etc/NetworkManager/system-connections/{{ ssid }}.nmconnection"
     mode: '0600'
-  when: run_in_installer|default(false)|bool
+  when: |
+    run_in_installer|default(false)|bool and
+    ansible_interfaces | select('search', 'wl.+') | first is defined

From 5bc3821bf42704b22df35ee97efcacdf0d74b14e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 19 Oct 2023 21:30:25 +0200
Subject: [PATCH 406/504] Apparmor: List all possible homes.

---
 lmn-desktop.yml              | 1 +
 lmn-laptop.yml               | 1 +
 roles/lmn_kde/tasks/main.yml | 3 ++-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/lmn-desktop.yml b/lmn-desktop.yml
index ada2686..c52aeb3 100644
--- a/lmn-desktop.yml
+++ b/lmn-desktop.yml
@@ -35,6 +35,7 @@
         value: >-
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
+          /srv/samba/schools/default-school/examusers/
         vtype: string
     - name: Preseed unattended-upgrades
       debconf:
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
index f0359ee..1659ff8 100644
--- a/lmn-laptop.yml
+++ b/lmn-laptop.yml
@@ -18,6 +18,7 @@
         value: >-
           /srv/samba/schools/default-school/teachers/
           /srv/samba/schools/default-school/students/*/
+          /srv/samba/schools/default-school/examusers/
         vtype: string
     - name: Preseed unattended-upgrades
       debconf:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index ea70a3a..669d442 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -72,13 +72,14 @@
       [%General]
       Driver=QSQLITE3
 
-
+## Akonadi complains if not set:
 - name: Add home dirs to apparmor
   lineinfile:
     dest: /etc/apparmor.d/tunables/home.d/ubuntu
     line: >-
       @{HOMEDIRS}+=/srv/samba/schools/default-school/teachers/
       /srv/samba/schools/default-school/students/*/
+      /srv/samba/schools/default-school/examusers/
 
 
 - name: tune SDDM login

From e158bedfa5aa4c2e2fb55b8add2df714e5f75c79 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sat, 21 Oct 2023 15:18:18 +0200
Subject: [PATCH 407/504] ip addresses mixed up

---
 inventory/inventory.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/inventory/inventory.yml b/inventory/inventory.yml
index 1ec28a2..d9f08ff 100644
--- a/inventory/inventory.yml
+++ b/inventory/inventory.yml
@@ -47,12 +47,12 @@ C055:
     10.190.24.80:
 C061:
   hosts:
-    10.190.21.[1:12]:
-    10.190.21.80:
+    10.190.20.[1:12]:
+    10.190.20.80:
 C062:
   hosts:
-    10.190.20.[1:16]:
-    10.190.20.80:
+    10.190.21.[1:16]:
+    10.190.21.80:
 
 K200:
   hosts:

From a586ac5201d95d09b6ffc285729b20dc8b41e821 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 20 Oct 2023 19:14:10 +0200
Subject: [PATCH 408/504] Combine playbooks and update/adapt inventory
 accordingly.

---
 inventory/inventory.yml => inventory.yml |  23 +++-
 lmn-desktop.yml => lmn-client.yml        |  23 +++-
 lmn-laptop.yml                           | 136 -----------------------
 roles/lmn_vm/tasks/main.yml              |   2 +-
 4 files changed, 40 insertions(+), 144 deletions(-)
 rename inventory/inventory.yml => inventory.yml (89%)
 rename lmn-desktop.yml => lmn-client.yml (89%)
 delete mode 100644 lmn-laptop.yml

diff --git a/inventory/inventory.yml b/inventory.yml
similarity index 89%
rename from inventory/inventory.yml
rename to inventory.yml
index 9196bd9..cc2aa81 100644
--- a/inventory/inventory.yml
+++ b/inventory.yml
@@ -80,7 +80,7 @@ K400:
     10.190.97.131:
     10.190.97.141:
     10.190.97.151:
-CK001:
+CK100:
   hosts:
     10.190.90.[152:159]:
 DK21:
@@ -105,6 +105,12 @@ CL000:
   hosts:
     10.190.89.59:
     10.190.89.60:
+CL100:
+  hosts:
+    10.190.62.[61:64]:
+W000:
+  hosts:
+    10.190.3.[1:3]:
 
 PCroom:
   children:
@@ -116,8 +122,6 @@ PCroom:
     R319:
     R406:
     R407:
-    C052: # Laptops
-    C055: # Laptops
     C061:
     C062:
   vars:
@@ -127,7 +131,7 @@ Kroom:
     K200:
     K300:
     K400:
-    CK001:
+    CK100:
     DK21:
 Lroom:
   children:
@@ -135,3 +139,14 @@ Lroom:
     L300:
     L400:
     CL000:
+    CL100:
+desktop:
+  children:
+    PCroom:
+    Kroom:
+    Lroom:
+laptop:
+  children:
+    W000:
+    C052:
+    C055:
diff --git a/lmn-desktop.yml b/lmn-client.yml
similarity index 89%
rename from lmn-desktop.yml
rename to lmn-client.yml
index c52aeb3..e4ece7c 100644
--- a/lmn-desktop.yml
+++ b/lmn-client.yml
@@ -1,4 +1,4 @@
-## This playbook deploys a KDE desktop machine for LinuxMuster.
+## This playbook deploys a client for LinuxMuster.
 #
 # Use the following in the installer's preseed file:
 #
@@ -17,8 +17,8 @@
 #       fi
 #
 ---
-- name: apply configuration to the machines
-  hosts: all
+- name: Apply common configuration to the machines
+  hosts: all # desktop:laptop
   remote_user: ansible
   become: yes
   pre_tasks:
@@ -64,6 +64,7 @@
 
     rsyncsecret: "{{ vault_rsyncsecret }}"
     keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
+    localuser: "{{ vault_localuser }}"  ##  needed here for the (universal) pam-mount configuration
 
     ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
     grub_pwd: "{{ vault_grub_pwd }}"
@@ -144,3 +145,19 @@
         path: /etc/systemd/system.conf
         line: DefaultTimeoutStopSec=5s
         insertafter: '^#DefaultTimeoutStopSec=.*'
+
+#################
+
+- name: Apply additional laptop configuration
+  hosts: laptop
+  remote_user: ansible
+  become: yes
+  vars_files: lmn-vault
+  vars:
+    ssid: "{{ vault_ssid }}"
+    wifipasswd: "{{ vault_wifipasswd }}"
+    localuser: "{{ vault_localuser }}"
+    localuser_pwd: "{{ vault_localuser_pwd }}"
+  roles:
+    - lmn_wlan
+    - lmn_localuser
diff --git a/lmn-laptop.yml b/lmn-laptop.yml
deleted file mode 100644
index 1659ff8..0000000
--- a/lmn-laptop.yml
+++ /dev/null
@@ -1,136 +0,0 @@
-## This playbook deploys a KDE laptop machine for LinuxMuster.
----
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: yes
-  pre_tasks:
-    - pause:
-        prompt: "Enter global-admin AD password. Leave empty to skip domain join"
-        echo: false
-      register: adpw
-      no_log: true
-      when: "ansible_cmdline.adpw is not defined"
-    - name: Preseed apparmor
-      debconf:
-        name: apparmor
-        question: apparmor/homedirs
-        value: >-
-          /srv/samba/schools/default-school/teachers/
-          /srv/samba/schools/default-school/students/*/
-          /srv/samba/schools/default-school/examusers/
-        vtype: string
-    - name: Preseed unattended-upgrades
-      debconf:
-        name: unattended-upgrades
-        question: unattended-upgrades/enable_auto_updates
-        value: True
-        vtype: boolean
-
-  vars_files: lmn-vault
-  vars:
-    domain: "{{ ansible_domain }}"
-    kerberize_uris: "{{ vault_kerberize_uris }}"  ##  example.org
-    apt_conf: "{{ vault_apt_conf }}"  ## Acquire::http::Proxy "http://aptcache.example.org:3142/";
-    ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
-    proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
-    no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
-
-    ## PAM mount nextcloud, remove or leave empty to skip:
-    web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
-
-    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
-    mirror_msfonts: "{{ vault_mirror_msfonts }}" ## http://livebox.example.org/mscorefonts/
-
-    ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
-    mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
-
-    rsyncsecret: "{{ vault_rsyncsecret }}"
-    keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
-
-    ssid: "{{ vault_ssid }}"
-    wifipasswd: "{{ vault_wifipasswd }}"
-    localuser: "{{ vault_localuser }}"
-    localuser_pwd: "{{ vault_localuser_pwd }}"
-
-    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
-    grub_pwd: "{{ vault_grub_pwd }}"
-    nfs4: false
-    extra_pkgs:
-      - vim
-      - mc
-      - tmux
-      - krb5-user
-      - unattended-upgrades
-      - debconf-utils
-    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
-
-  roles:
-    - lmn_network
-    - up2date_debian
-    - lmn_sssd
-    - lmn_mount
-    - lmn_kde
-    - lmn_fvs ## school specific customization
-    - lmn_vm
-    - lmn_printer
-    - kerberize
-    - lmn_wlan
-    - lmn_localuser
-    - lmn_security
-
-  tasks:
-## Temporary fixes and quirks:
-    - name: Fix 8086:4909 external graphics card
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX=""$'
-        replace: 'GRUB_CMDLINE_LINUX="i915.force_probe=4909"'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "32CB"
-
-    - name: Fix sound on 312A
-      replace:
-        dest: "/etc/default/grub"
-        regexp: 'GRUB_CMDLINE_LINUX="snd-intel-dspcfg.dsp_driver=1"$'
-        replace: 'GRUB_CMDLINE_LINUX=""'
-      notify: Run update-grub
-      when: ansible_board_vendor == "LENOVO" and ansible_board_name == "312A"
-
-    - name: Fix sound on 312A and 312D
-      apt:
-        name: firmware-sof-signed
-        state: latest
-      when: >
-        ansible_board_vendor == "LENOVO" and
-        (ansible_board_name == "312D" or ansible_board_name == "312A")
-
-## Clean up stuff from obsolete/faulty tasks:
-    - name: Remove virtiofs service
-      file:
-        path: /etc/systemd/system/virtiofs@.service
-        state: absent
-
-    - name: Fix mount point permissions and owner
-      file:
-        path: "{{ item }}"
-        mode: '0755'
-        owner: root
-        group: root
-      loop:
-        - /srv/samba
-        - /srv/samba/schools
-
-    - name: Fix unattended-upgrades
-      ansible.builtin.copy:
-        dest: /etc/apt/apt.conf.d/20auto-upgrades
-        content: |
-          APT::Periodic::Update-Package-Lists "1";
-          APT::Periodic::Unattended-Upgrade "1";
-
-## bookworm fixes/hacks:
-    - name: Work around sddm hang on shutdown
-      ansible.builtin.lineinfile:
-        path: /etc/systemd/system.conf
-        line: DefaultTimeoutStopSec=5s
-        insertafter: '^#DefaultTimeoutStopSec=.*'
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index dd25710..f7176f0 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -35,7 +35,7 @@
       </volume>
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
 
-- name: Use umount script for proper ordering
+- name: Use umount script for proper cleanup
   blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (umount script needed for bind mounts ordering) -->"

From dba478652ac285e20ed5ac75c6c97b6ce5234111 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 21 Oct 2023 18:19:12 +0200
Subject: [PATCH 409/504] Wake up all clients returned by '--list-hosts'.

---
 wol-generator.sh | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100755 wol-generator.sh

diff --git a/wol-generator.sh b/wol-generator.sh
new file mode 100755
index 0000000..02ebd44
--- /dev/null
+++ b/wol-generator.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/bash
+#
+# Pipe the '--list-hosts' output of ansible into this program to wake up all corresponding hosts:
+#
+# ansible-playbook [...] -i inventory/inventory.yml -l R317 --list-hosts | ./wol-generator.sh
+#
+set -eu
+
+tmpf="$(mktemp)"
+devs='devices.csv'
+
+while read -r line ; do
+    sed -nE -e "s%.*(..:..:..:..:..:..);(${line//./\\.});.*%\1  \2%p" "$devs" >> "$tmpf"
+done < <(cat - | grep -E "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+")
+
+wakeonlan -f "$tmpf"
+rm "$tmpf"

From 246c409091aa2638d6868ea0dd06d0f82ea9cc8e Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 7 Nov 2023 08:23:47 +0100
Subject: [PATCH 410/504] leftover pid file from other user prevents squid from
 starting

---
 roles/lmn_vm/templates/squid-usermode.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/templates/squid-usermode.conf.j2 b/roles/lmn_vm/templates/squid-usermode.conf.j2
index a9dd458..586dbb1 100644
--- a/roles/lmn_vm/templates/squid-usermode.conf.j2
+++ b/roles/lmn_vm/templates/squid-usermode.conf.j2
@@ -6,6 +6,6 @@ never_direct allow all
 access_log none
 cache_log /dev/null
 logfile_rotate 0
-pid_filename /tmp/squid.pid
+pid_filename none
 http_port 192.168.122.1:3128
 http_access allow all

From 5f088511c4a79e53ad7175b0894d17506587f415 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 07:31:42 +0100
Subject: [PATCH 411/504] windows-VMs need to know the domain to contact the
 kms server

---
 roles/lmn_vm/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index f7176f0..fc4af3f 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -50,6 +50,12 @@
     dest: /usr/local/sbin/pam-umount.sh
     mode: "0755"
 
+- name: Insert domain in default-network
+  lineinfile:
+    path: /etc/libvirt/qemu/networks/autostart/default.xml
+    line: '  <domain name="{{ ansible_domain }}" localOnly="no"/>'
+    insertafter: '<mac '
+
 - name: Autostart default network for VMs
   file:
     src: /etc/libvirt/qemu/networks/default.xml

From 7dfe19571678ccaf1381d3196b69873bc01c5a30 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 25 Oct 2023 07:32:31 +0200
Subject: [PATCH 412/504] More packages on demand.

---
 roles/lmn_fvs/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 0c082c5..c233a36 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -31,11 +31,14 @@
       - git
       - gitg
       - gitk
+      - htop
       - jupyter
       - kdevelop
       - kdevelop-php
       - kdevelop-python
+      - krita
       - libnotify-bin ## needed for pwroff script
+      - links2
       - minder
       - neovim
       - net-tools
@@ -44,12 +47,14 @@
       - php-cli
       - planner
       - pulseview
+      - python3-websockets
       - sigrok
       - sigrok-cli
       - tmux
       - tree
       - ttf-mscorefonts-installer
       - unison-gtk
+      - w3m
       - wireshark
       - zulucrypt-gui
     autoremove: true

From a057159c24192526f6a0767dfb405b8457a3529b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 26 Oct 2023 08:11:44 +0200
Subject: [PATCH 413/504] Implement systemd-networkd and iwd for WLAN
 connection.

---
 lmn-client.yml                                |  3 +-
 roles/lmn_wlan_iwd/tasks/main.yml             | 60 +++++++++++++++++++
 .../{lmn_wlan => lmn_wlan_nm}/tasks/main.yml  |  0
 .../templates/ssid.nmconnection.j2            |  0
 4 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 roles/lmn_wlan_iwd/tasks/main.yml
 rename roles/{lmn_wlan => lmn_wlan_nm}/tasks/main.yml (100%)
 rename roles/{lmn_wlan => lmn_wlan_nm}/templates/ssid.nmconnection.j2 (100%)

diff --git a/lmn-client.yml b/lmn-client.yml
index e4ece7c..2221901 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -159,5 +159,6 @@
     localuser: "{{ vault_localuser }}"
     localuser_pwd: "{{ vault_localuser_pwd }}"
   roles:
-    - lmn_wlan
+    - role: lmn_wlan_iwd
+      when: ansible_interfaces | select('search', 'wl.+') | first is defined
     - lmn_localuser
diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
new file mode 100644
index 0000000..7610abd
--- /dev/null
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -0,0 +1,60 @@
+## Make sure to use an initrd providing firmware:
+##   wget https://cdimage.debian.org/cdimage/firmware/testing/current/firmware.cpio.gz
+##   cat initrd.gz firmware.cpio.gz > initrd-fw.gz
+---
+- name: Install iwd
+  ansible.builtin.apt:
+    name:
+      - iwd
+      - systemd-resolved
+    state: latest
+
+- name: Disable wpa-supplicant
+  ansible.builtin.systemd:
+    name: wpa_supplicant.service
+    state: stopped
+    enabled: False
+
+- name: Enable iwd
+  ansible.builtin.systemd:
+    name: iwd.service
+    state: started
+    enabled: True
+
+- name: Prepare directory for iwd
+  file:
+    path: /var/lib/iwd/
+    state: directory
+
+- name: Configure iwd for wifi device
+  ansible.builtin.copy:
+    dest: /var/lib/iwd/{{ ssid }}.psk
+    content: |
+      [Security]
+      Passphrase={{ wifipasswd }}
+
+- name: Use iwd but ignore wlan interfaces in NetworkManager
+  blockinfile:
+    dest: /etc/NetworkManager/NetworkManager.conf
+    block: |
+      [device]
+      wifi.backend=iwd
+      match-device=interface-name:wl*
+      managed=0
+
+- name: Configure systemd-networkd
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/wlan-dhcp.network
+    content: |
+      [Match]
+      Name=wl*
+      [Network]
+      DHCP=yes
+      [DHCPv4]
+      UseDomains=true
+
+- name: Enable systemd-networkd
+  ansible.builtin.systemd:
+    name: systemd-networkd.service
+    state: started
+    enabled: True
diff --git a/roles/lmn_wlan/tasks/main.yml b/roles/lmn_wlan_nm/tasks/main.yml
similarity index 100%
rename from roles/lmn_wlan/tasks/main.yml
rename to roles/lmn_wlan_nm/tasks/main.yml
diff --git a/roles/lmn_wlan/templates/ssid.nmconnection.j2 b/roles/lmn_wlan_nm/templates/ssid.nmconnection.j2
similarity index 100%
rename from roles/lmn_wlan/templates/ssid.nmconnection.j2
rename to roles/lmn_wlan_nm/templates/ssid.nmconnection.j2

From 6c26983d85bda36b66a9d7ef3f991d9d97fd5d65 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 08:13:43 +0100
Subject: [PATCH 414/504] Install all updates unattended.

---
 roles/lmn_fvs/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index c233a36..901d354 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -86,6 +86,11 @@
     src: policies.json
     dest: /etc/firefox-esr/policies/
 
+- name: Update all packages unattended
+  ansible.builtin.replace:
+    path: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '^//(\s+"origin=.+-updates";)$'
+    replace: '  \1'
 
 - name: Copy pwroff and bootorder scripts
   copy:

From b4769481fadadb7265815015a9f31747d2562e4d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 08:23:17 +0100
Subject: [PATCH 415/504] Move inventory to vault.

---
 inventory.yml | 254 ++++++++++++++++++++------------------------------
 1 file changed, 102 insertions(+), 152 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 8bd982e..134d5f2 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,152 +1,102 @@
----
-ungrouped:
-  hosts:
-
-proxmox:
-  hosts:
-    10.190.5.[51:54]:
-R202:
-  hosts:
-    10.190.7.[1:20]:
-    10.190.7.80:
-R216:
-  hosts:
-    10.190.8.[1:28]:
-    10.190.8.80:
-R217:
-  hosts:
-    10.190.6.[1:28]:
-    10.190.6.80:
-R314:
-  hosts:
-    10.190.9.[1:24]:
-    10.190.9.80:
-R317:
-  hosts:
-    10.190.10.[1:24]:
-    10.190.10.80:
-R319:
-  hosts:
-    10.190.5.[1:12]:
-    10.190.5.80:
-R406:
-  hosts:
-    10.190.11.[1:18]:
-    10.190.11.80:
-R407:
-  hosts:
-    10.190.12.[1:18]:
-    10.190.12.80:
-C051:
-  hosts:
-    10.190.22.[1:32]:
-    10.190.22.[80:81]:
-C055:
-  hosts:
-    10.190.24.[1:32]:
-    10.190.24.80:
-C061:
-  hosts:
-    10.190.20.[1:12]:
-    10.190.20.80:
-C062:
-  hosts:
-    10.190.21.[1:16]:
-    10.190.21.80:
-
-K200:
-  hosts:
-    10.190.99.41:
-    10.190.99.71:
-    10.190.99.81:
-    10.190.99.91:
-    10.190.99.101:
-    10.190.99.121:
-    10.190.99.141:
-K300:
-  hosts:
-    10.190.98.71:
-    10.190.98.81:
-    10.190.98.101:
-    10.190.98.111:
-    10.190.98.131:
-    10.190.98.161:
-K400:
-  hosts:
-    10.190.97.51:
-    10.190.97.91:
-    10.190.97.101:
-    10.190.97.111:
-    10.190.97.131:
-    10.190.97.141:
-    10.190.97.151:
-CK100:
-  hosts:
-    10.190.90.[152:159]:
-DK21:
-  hosts:
-    10.190.87.11:
-    10.190.87.21:
-    10.190.87.31:
-
-L200:
-  hosts:
-#    10.190.51.[1:10]:
-L300:
-  hosts:
-    10.190.52.[61:62]:
-    10.190.52.[91:92]:
-    10.190.52.121:
-    10.190.52.151:
-L400:
-  hosts:
-#    10.190.53.[1:10]:
-CL000:
-  hosts:
-    10.190.89.59:
-    10.190.89.60:
-CL100:
-  hosts:
-    10.190.62.[61:64]:
-W000:
-  hosts:
-    10.190.3.[1:3]:
-
-PCroom:
-  children:
-    R202:
-    R216:
-    R217:
-    R314:
-    R317:
-    R319:
-    R406:
-    R407:
-    C061:
-    C062:
-  vars:
-    boot_pxe: True
-Kroom:
-  children:
-    K200:
-    K300:
-    K400:
-    CK100:
-    DK21:
-Lroom:
-  children:
-    L200:
-    L300:
-    L400:
-    CL000:
-    CL100:
-desktop:
-  children:
-    PCroom:
-    Kroom:
-    Lroom:
-laptop:
-  children:
-    W000:
-    C052:
-    C055:
+$ANSIBLE_VAULT;1.1;AES256
+39333130303762616132633131366334623866666265643838613066333363383266306466343836
+3532633034666662386365313033616231346138346466350a643131613464353365663666383835
+30623162643332323437383963653235646163393636666639333531346535363737306231663631
+6137633139316562350a643565363962623035353537366638646637613533376466643035623135
+36666133313965346536643663336266353231373964343338343539303037323531303166613663
+35313434636661383030316161363461623331633033363061323938623435663265396436346536
+36623438363865623036653366663030326631613930313566346261346334663762383937633366
+66333066373431326461343365663030343661383564356531323838363866653532383863386639
+33363134323539646630336566653464363537373465343861303632323938653835613939613937
+61383932303031363030323465343737663430393836363564383539393263616437353933306361
+65373339613166616666636366363666656366316661346631663738623630366362316661396666
+36613636393733636634386265643837323264646537323330636533393634623436653761386633
+33363936326666666430646163636362643538386634656465353032316361343530363730383737
+38323163633436663032363565343766376166323165333531373330643138356636336133326439
+39623631616235343734653465616230313130336631653938663464386538363764303434613963
+33306333646462333964663237363765306238316564343132636430326439326362383564306236
+38333034383137623335626131653933643165643230346239346566343636656161646237646566
+38386431646333633763646431356437633237303261316265303832313832333230303634633261
+32323432333464373137346439343063393733383831323738643839303266653537356535346330
+38373135316463636434613764373062616137396332393538333163616137356538633234613332
+61343634353337343861636631376234666134373165303430663936613531373433653238663931
+65373839333165623965316664633532623234613764363535646435316330613366373236343634
+36636432616633336562646661393838353135613534303962303465636536376236616430383139
+34373038306539643063396631373237303534646463636437373964653536336435626133333639
+61663431363730663866626239386264633130666265396133353466383632636336363161343462
+35653632333565383163333537383464396332373230383864633739356534623136626336656637
+63643234666230393336323430646233393731366639303565343535613863343664623436636235
+66323236356435323639616235376266633638313562346564613463653537666137656134323734
+35613036636166393166393036326130393362333066373533623437363639613661623234343739
+30653632363564356664323961393538653166366230396563636438336535646562363230653064
+35326236356230323831383466353863353933636261333131366334623165336631323765346665
+36393063376666663661306637633538376239323633336235613534656462346463393136633833
+31383335386265656631363263303866303763666430343632663039316233633735613634306430
+61623132356331366462393530303165353764666637303134666635333639373666316164386161
+36323936313937396162303039303239363639336161646336653731393861653132616435343633
+65653466653035366234373535393130323736333865633534333864393137386633383739326161
+39386334353535643565376530303836386239643839396130333738373332303638323037653362
+37616638623731366262303965633531346561333439333931393832363733393537396234333035
+33373934613732396564366564656537316265613535316330346463666465376161653566656437
+39653730326331303033643064386235306636346533356433653461623462363563303934666634
+35323437396433646533626634343338306164316337393563346533383835343731643665306162
+33303438396239303038653033366262336339303063643137313930623464663236643738616437
+61353831633332303934323664396363636665633834306638343734343433383937396163323331
+66613063383032333236356261393937326165643636393661353464373130326630323931623439
+38313563333634383736393563303162623530356162663236376663646266313830353738353335
+39613965326331643866326365666561343161613235616431623634623636353534326431623032
+37383336383530333934323565383265356437346361363734353432626632333534363264303934
+38386135366336343939386334363532383761326438316139386230333436396536343439336366
+32663035313935323137366539333561636530633565353066633734313966303836613633613537
+37333266666361313261373434613830623435343734333962363762383463616463643561373264
+35623630623364623731616464343130626631346237336132643263306632653462373366396635
+34313835346534346439636464383431383861323137623466393334366133313732303962343166
+36353236343765323437613566646164626664373435343666623864353461653163333765333537
+63323631646263323465396234633234393362663531353935396236346165626234633933353537
+39363661386562313261363731313735353630386438636232316536336562616362646566613730
+33313063316665373638396464353936656636343735323664396131316338636239333337393737
+66653362653665613034376237663235316465396161623330396133323265653532323632616530
+33393138653533363632663261313364336563626333323034393632326333333464363432366264
+35343663303461366637363363646262626366303461373237366431353632306131326133313933
+33656434653737306265643738303966393939396264356136623466643837376466613464633634
+65623263616438393630363539376534353332623439333939303438653136656132386433353230
+64623134383439303735383934386435636138373966646138346235366434636464383136336163
+34333535373338313336303665343636383334343638383334616631333735373434643063636565
+33353933303932373834313762393763303161646237656236333863623836363332326566666263
+31396563623438616532333962333865323862373731396163623338313938313536663332343463
+63323130336635646338306634313932653133386131613533303332326437343536383863663634
+63313763333064396266653131666131666636656262343262653932643735663537303838366639
+33633137366136386636636631376337656130623563653030356636383362363965383139383436
+32626337623161333464313134643331636261323462623863653431623431663131633261366436
+32366633336331363661393831376630653330666635643635303830656361376639393939353935
+36316237376638306532666536656361383434346365623964626335626633336633323166636435
+38626466303039663831646266663865653432333030393861326430353035346632653063646332
+65643038633464633836343530336166323735373736333965356238316635333831616135316361
+66343037663664646533323234616363643239356631346533303334363534663538633266336462
+62346263633131323061343035366365323763613337323036643366353938666331626230373138
+61393936633334343863373531356131303732656365363562633937366462356365343636663933
+32396436373731346366316266353334663239323561363461623835626461383135303263666639
+31623237373961366438386332633235323362633462343639613433323964316532343339373432
+33393064613937363964653465383330363736373461643464343536303934353264393832623634
+33613662663266323131303837303466666335646136653566333537636238376361383836363239
+66303932626337383165653236663262373236643862666634666336666432393761346539636139
+36623938623366393165376630326264356630653238663937323563303230613438386461313332
+33393534353863366234353033303239363833396332356464353466656639623163313962313965
+37666537356539346531613866376562623632373965363836366565326465343631353964303239
+30333934323565366233326330666563306535333337616333636163313739633161613039316434
+63376234666434363737343366666336663839363562376536383937633764666361363532393963
+37663436306538323232653238303334636331643734393230383463393938323536653265393832
+33396439646464386566333136663263343263306630623234613730356139313534333561626230
+37323031383163333035333264323563343835393361376564666232336632623266363535653533
+36333030363934363137343832643864306532643839643031383963656436326233396261386663
+39343563373965613031363131623363303438373435363735353066366330333264363836343163
+37613739613336323932343135356638326531616237383936333832393834613866333937316232
+34623335373835353662363063316133623963386337303733636432386664313865326634653436
+64333439306437386338616533306465366365623434613537303737626564306561393331663233
+34363164386638316633366161333539383337386666346462363334323166313162636633613535
+37333639363266323632386463656662333139346430666336393933343931633666313966653038
+63633566363730323466623066303733663865623964666164383162356531343436353039303638
+62393961383132323363313437613637383637363263646130653230353164633237343136393436
+34616539353231396438373130613433353463343164383238396233336532343961663564366631
+38646266393637353334623463313939623164396561616133633632393963653232616338643039
+64666266393238353335376338643165323236646231346131396533626665346131

From 0e4073336a131514af635b764d925606d7ac239d Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 09:10:23 +0100
Subject: [PATCH 416/504] printing role without lmn-linuxmusterclient7

---
 lmn-client.yml                                |  34 ++
 .../lmn_printer/files/90-lmn-install-printers |   4 +
 roles/lmn_printer/files/90-lmn-sudotools      |   4 -
 .../files/linuxmusterLinuxclient7/__init__.py |   3 -
 .../files/linuxmusterLinuxclient7/computer.py |  57 ---
 .../files/linuxmusterLinuxclient7/config.py   | 136 -------
 .../linuxmusterLinuxclient7/constants.py      |  46 ---
 .../linuxmusterLinuxclient7/environment.py    |  60 ---
 .../linuxmusterLinuxclient7/fileHelper.py     | 133 -------
 .../files/linuxmusterLinuxclient7/gpo.py      | 291 --------------
 .../files/linuxmusterLinuxclient7/gpo.py.orig | 290 --------------
 .../files/linuxmusterLinuxclient7/hooks.py    | 219 -----------
 .../linuxmusterLinuxclient7/imageHelper.py    | 220 -----------
 .../files/linuxmusterLinuxclient7/keytab.py   |  52 ---
 .../linuxmusterLinuxclient7/ldapHelper.py     | 148 -------
 .../localUserHelper.py                        |  19 -
 .../files/linuxmusterLinuxclient7/logging.py  | 130 -------
 .../files/linuxmusterLinuxclient7/printers.py | 129 -------
 .../files/linuxmusterLinuxclient7/realm.py    | 195 ----------
 .../files/linuxmusterLinuxclient7/setup.py    | 364 ------------------
 .../files/linuxmusterLinuxclient7/shares.py   | 256 ------------
 .../linuxmusterLinuxclient7/templates.py      | 128 ------
 .../files/linuxmusterLinuxclient7/user.py     | 158 --------
 roles/lmn_printer/files/lmn-printer.sh        |   2 +-
 roles/lmn_printer/files/onLogin               |  33 --
 roles/lmn_printer/files/onLogout              |  38 --
 roles/lmn_printer/files/rmlpr.service         |   6 -
 roles/lmn_printer/files/rmlpr.timer           |   8 -
 roles/lmn_printer/files/scripts/sudoTools     |  50 ---
 roles/lmn_printer/tasks/main.yml              |  72 +---
 .../templates/install-printers.sh.j2          |  36 ++
 roles/lmn_printer/templates/network.conf.j2   |   5 -
 32 files changed, 80 insertions(+), 3246 deletions(-)
 create mode 100644 roles/lmn_printer/files/90-lmn-install-printers
 delete mode 100644 roles/lmn_printer/files/90-lmn-sudotools
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
 delete mode 100644 roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
 delete mode 100644 roles/lmn_printer/files/onLogin
 delete mode 100644 roles/lmn_printer/files/onLogout
 delete mode 100644 roles/lmn_printer/files/rmlpr.service
 delete mode 100644 roles/lmn_printer/files/rmlpr.timer
 delete mode 100755 roles/lmn_printer/files/scripts/sudoTools
 create mode 100644 roles/lmn_printer/templates/install-printers.sh.j2
 delete mode 100644 roles/lmn_printer/templates/network.conf.j2

diff --git a/lmn-client.yml b/lmn-client.yml
index e4ece7c..b38d67a 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -52,6 +52,7 @@
     ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
     proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
     no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
+    printservers: ['10.190.1.1'] ## list of printservers
 
     ## PAM mount nextcloud, remove or leave empty to skip:
     web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
@@ -139,6 +140,39 @@
           APT::Periodic::Update-Package-Lists "1";
           APT::Periodic::Unattended-Upgrade "1";
 
+    - name: Remove pam_mount sysvol mount
+      blockinfile:
+        dest: /etc/security/pam_mount.conf.xml
+        marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (SysVol) -->"
+        block: |
+          <volume
+            fstype="cifs"
+            server="{{ smb_server }}"
+            path="sysvol/"
+            mountpoint="/srv/samba/%(USER)/sysvol"
+            options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
+            ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
+          </volume>
+        state: absent
+ 
+    - name: disable rmlpr.timer
+      systemd:
+        name: rmlpr.timer
+        enabled: false
+ 
+    - name: Remove deprecated files and directories
+      file:
+        path: "{{ item }}"
+        state: absent
+      with_items:
+        - /etc/linuxmuster-linuxclient7
+        - /usr/lib/python3/dist-packages/linuxmusterLinuxclient7
+        - /usr/share/linuxmuster-linuxclient7
+        - /usr/local/bin/onLogin
+        - /etc/sudoers.d/90-lmn-sudotools
+        - /etc/systemd/system/rmlpr.service
+        - /etc/systemd/system/rmlpr.timer
+
 ## bookworm fixes/hacks:
     - name: Work around sddm hang on shutdown
       ansible.builtin.lineinfile:
diff --git a/roles/lmn_printer/files/90-lmn-install-printers b/roles/lmn_printer/files/90-lmn-install-printers
new file mode 100644
index 0000000..8f0763f
--- /dev/null
+++ b/roles/lmn_printer/files/90-lmn-install-printers
@@ -0,0 +1,4 @@
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
+
diff --git a/roles/lmn_printer/files/90-lmn-sudotools b/roles/lmn_printer/files/90-lmn-sudotools
deleted file mode 100644
index 1c82b4d..0000000
--- a/roles/lmn_printer/files/90-lmn-sudotools
+++ /dev/null
@@ -1,4 +0,0 @@
-%examusers ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
-%role-student ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
-%role-teacher ALL=(root) NOPASSWD: /usr/share/linuxmuster-linuxclient7/scripts/sudoTools
-
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
deleted file mode 100644
index bf319b7..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/__init__.py
+++ /dev/null
@@ -1,3 +0,0 @@
-#
-# linuxmuster-linuxclient7 is a library for use with Linuxmuster.net
-#
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
deleted file mode 100644
index 701ab81..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/computer.py
+++ /dev/null
@@ -1,57 +0,0 @@
-import socket
-from linuxmusterLinuxclient7 import logging, ldapHelper, realm, localUserHelper
-
-def hostname():
-    """
-    Get the hostname of the computer
-
-    :return: The hostname
-    :rtype: str
-    """
-    return socket.gethostname().split('.', 1)[0]
-
-def krbHostName():
-    """
-    Get the krb hostname, eg. `COMPUTER01$`
-
-    :return: The krb hostname
-    :rtype: str
-    """
-    return hostname().upper() + "$"
-
-def readAttributes():
-    """
-    Read all ldap attributes of the cumputer
-
-    :return: Tuple (success, dict of attributes)
-    :rtype: tuple
-    """
-    return ldapHelper.searchOne("(sAMAccountName={}$)".format(hostname()))
-
-def isInGroup(groupName):
-    """
-    Check if the computer is part of an ldap group
-
-    :param groupName: The name of the group to check
-    :type grouName: str
-    :return: True or False
-    :rtype: bool
-    """
-    rc, groups = localUserHelper.getGroupsOfLocalUser(krbHostName())
-    if not rc:
-        return False
-
-    return groupName in groups
-
-def isInAD():
-    """
-    Check if the computer is joined to an AD
-
-    :return: True or False
-    :rtype: bool
-    """
-    rc, groups = localUserHelper.getGroupsOfLocalUser(krbHostName())
-    if not rc:
-        return False
-
-    return "domain computers" in groups
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
deleted file mode 100644
index bbfbaf9..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/config.py
+++ /dev/null
@@ -1,136 +0,0 @@
-import configparser, re
-from linuxmusterLinuxclient7 import logging, constants
-
-def network():
-    """
-    Get the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
-
-    :return: Tuple (success, dict of keys)
-    :rtype: tuple
-    """
-    rc, rawNetworkConfig = _readNetworkConfig()
-    if not rc:
-        return False, None
-
-    if not _checkNetworkConfigVersion(rawNetworkConfig)[0]:
-        return False, None
-
-    networkConfig = {}
-
-    try:
-        networkConfig["serverHostname"] = rawNetworkConfig["serverHostname"]
-        networkConfig["domain"] = rawNetworkConfig["domain"]
-        networkConfig["realm"] = rawNetworkConfig["realm"]
-    except KeyError as e:
-        logging.error("Error when reading network.conf (2)")
-        logging.exception(e)
-        return False, None
-
-    return True, networkConfig
-
-def writeNetworkConfig(newNetworkConfig):
-    """
-    Write the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
-
-    :param newNetworkConfig: The new config
-    :type newNetworkConfig: dict
-    :return: True or False
-    :rtype: bool
-    """
-    networkConfig = configparser.ConfigParser(interpolation=None)
-
-    try:
-        networkConfig["network"] = {}
-        networkConfig["network"]["version"] = str(_networkConfigVersion())
-        networkConfig["network"]["serverHostname"] = newNetworkConfig["serverHostname"]
-        networkConfig["network"]["domain"] = newNetworkConfig["domain"]
-        networkConfig["network"]["realm"] = newNetworkConfig["realm"]
-    except Exception as e:
-        logging.error("Error when preprocessing new network configuration!")
-        logging.exception(e)
-        return False
-
-    try:
-        logging.info("Writing new network Configuration")
-        with open(constants.networkConfigFilePath, 'w') as networkConfigFile:
-            networkConfig.write(networkConfigFile)
-
-    except Exception as e:
-        logging.error("Failed!")
-        logging.exception(e)
-        return False
-
-    return True
-
-def upgrade():
-    """
-    Upgrade the format of the network configuration in `/etc/linuxmuster-linuxclient7/network.conf`
-    This is done automatically on package upgrades.
-
-    :return: True or False
-    :rtype: bool
-    """
-    return _upgradeNetworkConfig()
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _readNetworkConfig():
-    configParser = configparser.ConfigParser()
-    configParser.read(constants.networkConfigFilePath)
-    try:
-        rawNetworkConfig = configParser["network"]
-        return True, rawNetworkConfig
-    except KeyError as e:
-        logging.error("Error when reading network.conf (1)")
-        logging.exception(e)
-        return False, None
-    return configParser
-
-def _networkConfigVersion():
-    return 1
-
-def _checkNetworkConfigVersion(rawNetworkConfig):
-    try:
-        networkConfigVersion = int(rawNetworkConfig["version"])
-    except KeyError as e:
-        logging.warning("The network.conf version could not be identified, assuming 0")
-        networkConfigVersion = 0
-
-    if networkConfigVersion != _networkConfigVersion():
-        logging.warning("The network.conf Version is a mismatch!")
-        return False, networkConfigVersion
-
-    return True, networkConfigVersion
-
-def _upgradeNetworkConfig():
-    logging.info("Upgrading network config.")
-    rc, rawNetworkConfig = _readNetworkConfig()
-    if not rc:
-        return False
-
-    rc, networkConfigVersion = _checkNetworkConfigVersion(rawNetworkConfig)
-    if rc:
-        logging.info("No need to upgrade, already up-to-date.")
-        return True
-
-    logging.info("Upgrading network config from {0} to {1}".format(networkConfigVersion, _networkConfigVersion()))
-    
-    if networkConfigVersion > _networkConfigVersion():
-        logging.error("Cannot upgrade from a newer version to an older one!")
-        return False
-
-    try:
-        if networkConfigVersion == 0:
-            newNetworkConfig = {}
-            newNetworkConfig["serverHostname"] = rawNetworkConfig["serverHostname"] + "." + rawNetworkConfig["domain"]
-            newNetworkConfig["domain"] = rawNetworkConfig["domain"]
-            newNetworkConfig["realm"] = rawNetworkConfig["domain"].upper()
-            return writeNetworkConfig(newNetworkConfig)
-    except Exception as e:
-        logging.error("Error when upgrading network config!")
-        logging.exception(e)
-        return False
-
-    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
deleted file mode 100644
index 34d8243..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/constants.py
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/python3
-
-templateUser = "linuxadmin"
-userTemplateDir = "/home/" + templateUser
-defaultDomainAdminUser = "global-admin"
-
-# {} will be substituted for the username
-shareMountBasepath = "/home/{}/media"
-hiddenShareMountBasepath = "/srv/samba/{}"
-machineAccountSysvolMountPath = "/var/lib/samba/sysvol"
-
-etcBaseDir = "/etc/linuxmuster-linuxclient7"
-shareBaseDir = "/usr/share/linuxmuster-linuxclient7"
-configFileTemplateDir = shareBaseDir + "/templates"
-scriptDir = shareBaseDir + "/scripts"
-
-networkConfigFilePath = etcBaseDir + "/network.conf"
-# {} will be substituted for the username
-tmpEnvironmentFilePath = "/home/{}/.linuxmuster-linuxclient7-environment.sh"
-
-notTemplatableFiles = ["/etc/sssd/sssd.conf", "/etc/linuxmuster-linuxclient7/network.conf"]
-
-# cleanup
-obsoleteFiles = [
-    "/etc/profile.d/99-linuxmuster.sh",
-    "/etc/sudoers.d/linuxmuster",
-    "/etc/profile.d/linuxmuster-proxy.sh",
-    "/etc/bash_completion.d/99-linuxmuster-client-adsso.sh",
-    "/etc/profile.d/99-linuxmuster-client-adsso.sh",
-    "/etc/sudoers.d/linuxmuster-client-adsso",
-    "/usr/sbin/linuxmuster-client-adsso",
-    "/usr/sbin/linuxmuster-client-adsso-print-logs",
-    "/etc/systemd/system/linuxmuster-client-adsso.service",
-    "{}/.config/autostart/linuxmuster-client-adsso-autostart.desktop".format(userTemplateDir),
-    "/etc/cups/client.conf",
-    "/usr/share/linuxmuster-linuxclient7/templates/linuxmuster-client-adsso.service",
-    "/usr/share/linuxmuster-linuxclient7/templates/linuxmuster-client-adsso-autostart.desktop",
-    "/etc/security/pam_mount.conf.xml",
-    "{}/pam_mount.conf.xml".format(configFileTemplateDir)
-]
-
-obsoleteDirectories = [
-    "/etc/linuxmuster-client",
-    "/etc/linuxmuster-client-adsso",
-    "/usr/share/linuxmuster-client-adsso"
-]
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
deleted file mode 100644
index e25b622..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/environment.py
+++ /dev/null
@@ -1,60 +0,0 @@
-import os
-from linuxmusterLinuxclient7 import constants, user, logging
-
-def export(keyValuePair):
-    """
-    Export an environment variable
-
-    :param keyValuePair: Key value pair in format `key=value`
-    :type keyValuePait: str
-    :return: True or False
-    :rtype: bool
-    """
-    logging.debug("Saving export '{}' to tmp file".format(keyValuePair))
-    
-    envList = keyValuePair.split("=")
-    if len(envList) == 2:
-        os.putenv(envList[0], envList[1])
-    
-    return _appendToTmpEnvFile("export", keyValuePair)
-
-def unset(key):
-    """
-    Unset a previously exported environment variable
-
-    :param key: The key to unset
-    :type key: str
-    :return: True or False
-    :rtype: bool
-    """
-    logging.debug("Saving unset '{}' to tmp file".format(key))
-    return _appendToTmpEnvFile("unset", key)
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _isApplicable():
-    if not user.isInAD():
-        logging.error("Modifying environment variables of non-AD users is not supported by lmn-export and lmn-unset!")
-        return False
-    elif "LinuxmusterLinuxclient7EnvFixActive" not in os.environ or os.environ["LinuxmusterLinuxclient7EnvFixActive"] != "1":
-        logging.error("lmn-export and lmn-unset may only be used inside of linuxmuster-linuxclient7 hooks!")
-        return False
-    else:
-        return True
-
-def _appendToTmpEnvFile(mode, keyValuePair):
-    if not _isApplicable():
-        return False
-    
-    tmpEnvironmentFilePath = constants.tmpEnvironmentFilePath.format(user.username())
-    fileOpenMode = "a" if os.path.exists(tmpEnvironmentFilePath) else "w"
-
-    try:
-        with open(tmpEnvironmentFilePath, fileOpenMode) as tmpEnvironmentFile:
-            tmpEnvironmentFile.write("\n{0} '{1}'".format(mode, keyValuePair))
-            return True
-    except Exception as e:
-        logging.exception(e)
-        return False
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
deleted file mode 100644
index ad9b55e..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/fileHelper.py
+++ /dev/null
@@ -1,133 +0,0 @@
-import os, shutil
-from linuxmusterLinuxclient7 import logging
-
-def removeLinesInFileContainingString(filePath, forbiddenStrings):
-    """
-    Remove all lines containing a given string form a file.
-
-    :param filePath: The path to the file
-    :type filePath: str
-    :param forbiddenStrings: The string to search for
-    :type forbiddenStrings: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    if not isinstance(forbiddenStrings, list):
-        forbiddenStrings = [forbiddenStrings]
-    
-    try:
-        with open(filePath, "r") as originalFile:
-            originalContents = originalFile.read()
-    except Exception as e:
-        logging.exception(e)
-        logging.warning("Could not read contents of original file")
-        return False
-
-    newContents = ""
-    for line in originalContents.split("\n"):
-        lineIsClean = True
-        for forbiddenString in forbiddenStrings:
-            lineIsClean = lineIsClean and not forbiddenString in line
-            
-        if lineIsClean :
-            newContents += line + "\n"
-
-    try:
-        with open(filePath, "w") as originalFile:
-            originalFile.write(newContents)
-    except Exception as e:    
-        logging.exception(e)
-        logging.warning("Could not write new contents to original file")
-        return False
-
-    return True
-
-def deleteFile(filePath):
-    """
-    Delete a file
-
-    :param filePath: The path of the file
-    :type filePath: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    try:
-        if os.path.exists(filePath):
-            os.unlink(filePath)
-        return True
-    except Exception as e:
-        logging.error("Failed!")
-        logging.exception(e)
-        return False
-
-def deleteFilesWithExtension(directory, extension):
-    """
-    Delete all files with a given extension in a given directory.
-
-    :param directory: The path of the directory
-    :type directory: str
-    :param extension: The file extension
-    :type extension: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    if directory.endswith("/"):
-        directory = directory[:-1]
-        
-    if not os.path.exists(directory):
-        return True
-
-    existingFiles=os.listdir(directory)
-
-    for file in existingFiles:
-        if file.endswith(extension):
-            logging.info("* Deleting {}".format(file))
-            if not deleteFile("{}/{}".format(directory, file)):
-                logging.error("Failed!")
-                return False
-
-    return True
-
-def deleteDirectory(directory):
-    """
-    Recoursively delete a directory.
-
-    :param directory: The path of the directory
-    :type directory: bool
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    try:
-        shutil.rmtree(directory)
-    except:
-        return False
-    return True
-
-def deleteAllInDirectory(directory):
-    """
-    Delete all files in a given directory
-
-    :param directory: The path of the directory
-    :type directory: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """    
-
-    if directory.endswith("/"):
-        directory = directory[:-1]
-        
-    if not os.path.exists(directory):
-        return True
-
-    existingFiles=os.listdir(directory)
-    for file in existingFiles:
-        fullFilePath = "{}/{}".format(directory, file)
-        if os.path.isdir(fullFilePath):
-            rc = deleteDirectory(fullFilePath)
-        else:
-            rc = deleteFile(fullFilePath)
-        if not rc:
-            logging.error("Failed!")
-            return False
-
-    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
deleted file mode 100644
index 43d08a8..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py
+++ /dev/null
@@ -1,291 +0,0 @@
- # Order of parsing: (overwriting each other)
- # 1. Local (does not apply)
- # 2. Site (does not apply)
- # 3. Domain
- # 4. OUs from top to bottom
-import ldap, ldap.sasl, re, os.path
-import xml.etree.ElementTree as ElementTree
-from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, computer, printers
-
-def processAllPolicies():
-    """
-    Process all applicable policies (equivalent to gpupdate on windows)
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """    
-    rc, policyDnList = _findApplicablePolicies()
-    if not rc:
-        logging.fatal("* Error when loading applicable GPOs! Shares and printers will not work.")
-        return False
-
-    for policyDn in policyDnList:
-        _parsePolicy(policyDn)
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _parseGplinkSring(string):
-    # a gPLink strink looks like this:
-    # [LDAP://<link>;<status>][LDAP://<link>;<status>][...]
-    # The ragex matches <link> and <status> in two separate groups
-    # Note: "LDAP://" is matched as .*:// to prevent issues when the capitalization changes
-    pattern = re.compile("\\[.*:\\/\\/([^\\]]+)\\;([0-9]+)\\]")
-
-    return pattern.findall(string)
-
-def _extractOUsFromDN(dn):
-    # NOT finished!
-    pattern = re.compile("OU=([^,]+),")
-
-    ouList = pattern.findall(dn)
-    # We need to parse from top to bottom
-    ouList.reverse()
-    return ouList
-
-def _findApplicablePolicies():
-
-    policyDnList = []
-
-    """ Do this later!
-    # 1. Domain
-    rc, domainAdObject = ldapHelper.searchOne("(distinguishedName={})".format(ldapHelper.baseDn()))
-
-    if not rc:
-        return False, None
-
-    policyDNs.extend(_parseGplinkSring(domainAdObject["gPLink"]))
-
-    # 2. OU policies from top to bottom
-    rc, userAdObject = ldapHelper.searchOne("(sAMAccountName={})".format(user.username()))
-
-    if not rc:
-        return False, None
-
-    print(userAdObject["distinguishedName"])
-    """
-
-    # For now, just parse policy sophomorix:school:<school name>
-    rc, schoolName = user.school()
-    if not rc:
-        return False, None
-
-    policyName = "sophomorix:school:{}".format(schoolName)
-
-    # find policy
-    rc, policyAdObject = ldapHelper.searchOne("(displayName={})".format(policyName))
-    if not rc:
-        return False, None
-
-    policyDnList.append((policyAdObject["distinguishedName"], 0))
-
-    return True, policyDnList
-
-def _parsePolicy(policyDn):
-    logging.info("=== Parsing policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
-
-    # Check if the policy is disabled
-    if policyDn[1] == 1:
-        logging.info("===> Policy is disabled! ===")
-        return True
-
-    # Find policy in AD
-    rc, policyAdObject = ldapHelper.searchOne("(distinguishedName={})".format(policyDn[0]))
-    if not rc:
-        logging.error("===> Could not find poilcy in AD! ===")
-        return False, None
-
-    # mount the share the policy is on (probaply already mounted, just to be sure)
-    rc, localPolicyPath = shares.getMountpointOfRemotePath(policyAdObject["gPCFileSysPath"], hiddenShare = True, autoMount = True)
-    if not rc:
-        logging.error("===> Could not mount path of poilcy! ===")
-        return False, None
-
-    try:
-        # parse drives
-        # Skip Drive Policys (fvs change)
-        #_processDrivesPolicy(localPolicyPath)
-        # parse printers
-        _processPrintersPolicy(localPolicyPath)
-    except Exception as e:
-        logging.error("An error occured when parsing policy!")
-        logging.exception(e)
-    
-    logging.info("===> Parsed policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
-
-def _parseXmlFilters(filtersXmlNode):
-    if not filtersXmlNode.tag == "Filters":
-        logging.warning("Tried to parse a non-filter node as a filter!")
-        return []
-
-    filters = []
-
-    for xmlFilter in filtersXmlNode:
-        if xmlFilter.tag == "FilterGroup":
-            filters.append({
-                "name": xmlFilter.attrib["name"].split("\\")[1],
-                "bool": xmlFilter.attrib["bool"],
-                "userContext": xmlFilter.attrib["userContext"],
-                # userContext defines if the filter applies in user or computer context
-                "type": xmlFilter.tag
-                })
-
-    return filters
-
-def _processFilters(policies):
-    filteredPolicies = []
-
-    for policy in policies:
-        if  not len(policy["filters"]) > 0:
-            filteredPolicies.append(policy)
-        else:
-            filtersPassed = True
-            for filter in policy["filters"]:
-                logging.debug("Testing filter: {}".format(filter))
-                # TODO: check for AND and OR
-                if filter["bool"] == "AND":
-                    filtersPassed = filtersPassed and _processFilter(filter)
-                elif filter["bool"] == "OR":
-                    filtersPassed = filtersPassed or _processFilter(filter)
-                else:
-                    logging.warning("Unknown boolean operation: {}! Cannot process filter!".format(filter["bool"]))
-
-            if filtersPassed:
-                filteredPolicies.append(policy)
-
-    return filteredPolicies
-
-def _processFilter(filter):
-    if filter["type"] == "FilterGroup":
-        if filter["userContext"] == "1":
-            return user.isInGroup(filter["name"])
-        elif filter["userContext"] == "0":
-            return computer.isInGroup(filter["name"])
-
-    return False
-
-def _parseXmlPolicy(policyFile):
-    if not os.path.isfile(policyFile):
-        logging.warning("==> XML policy file not found! ==")
-        return False, None
-
-    try:
-        tree = ElementTree.parse(policyFile)
-        return True, tree
-    except Exception as e:
-        logging.exception(e)
-        logging.error("==> Error while reading XML policy file! ==")
-        return False, None
-
-def _processDrivesPolicy(policyBasepath):
-    logging.info("== Parsing a drive policy! ==")
-    policyFile = "{}/User/Preferences/Drives/Drives.xml".format(policyBasepath)
-    shareList = []
-
-    rc, tree = _parseXmlPolicy(policyFile)
-
-    if not rc:
-        logging.error("==> Error while reading Drives policy file, skipping! ==")
-        return
-
-    xmlDrives = tree.getroot()
-
-    if not xmlDrives.tag == "Drives":
-        logging.warning("==> Drive policy xml File is of invalid format, skipping! ==")
-        return
-
-    for xmlDrive in xmlDrives:
-
-        if xmlDrive.tag != "Drive" or ("disabled" in xmlDrive.attrib and xmlDrive.attrib["disabled"] == "1"):
-            continue
-
-        drive = {}
-        drive["filters"] = []
-        for xmlDriveProperty in xmlDrive:
-            if xmlDriveProperty.tag == "Properties":
-                try:
-                    drive["label"] = xmlDriveProperty.attrib["label"]
-                    drive["letter"] = xmlDriveProperty.attrib["letter"]
-                    drive["path"] = xmlDriveProperty.attrib["path"]
-                    drive["useLetter"] = xmlDriveProperty.attrib["useLetter"]
-                except Exception as e:
-                    logging.warning("Exception when parsing a drive policy XML file")
-                    logging.exception(e)
-                    continue
-
-            if xmlDriveProperty.tag == "Filters":
-                drive["filters"] = _parseXmlFilters(xmlDriveProperty)
-
-        shareList.append(drive)
-
-    shareList = _processFilters(shareList)
-
-    logging.info("Found shares:")
-    for drive in shareList:
-        logging.info("* {:10}| {:5}| {:40}| {:5}".format(drive["label"], drive["letter"], drive["path"], drive["useLetter"]))
-
-    for drive in shareList:
-        if drive["useLetter"] == "1":
-            shareName = f"{drive['label']} ({drive['letter']}:)"  
-        else:
-            shareName = drive["label"]
-        shares.mountShare(drive["path"], shareName=shareName)
-
-    logging.info("==> Successfully parsed a drive policy! ==")
-
-def _processPrintersPolicy(policyBasepath):
-    logging.info("== Parsing a printer policy! ==")
-    policyFile = "{}/User/Preferences/Printers/Printers.xml".format(policyBasepath)
-    printerList = []
-    # test
-    rc, tree = _parseXmlPolicy(policyFile)
-
-    if not rc:
-        logging.error("==> Error while reading Printer policy file, skipping! ==")
-        return
-
-    xmlPrinters = tree.getroot()
-
-    if not xmlPrinters.tag == "Printers":
-        logging.warning("==> Printer policy xml File is of invalid format, skipping! ==")
-        return
-
-    for xmlPrinter in xmlPrinters:
-
-        if xmlPrinter.tag != "SharedPrinter" or ("disabled" in xmlPrinter.attrib and xmlPrinter.attrib["disabled"] == "1"):
-            continue
-
-        printer = {}
-        printer["filters"] = []
-
-        try:
-            printer["name"] = xmlPrinter.attrib["name"]
-        except Exception as e:
-            logging.warning("Exception when reading a printer name from a printer policy XML file")
-            logging.exception(e)
-
-        for xmlPrinterProperty in xmlPrinter:
-            if xmlPrinterProperty.tag == "Properties":
-                try:
-                    rc, printerUrl = printers.translateSambaToIpp(xmlPrinterProperty.attrib["path"])
-                    if rc:
-                        printer["path"] = printerUrl
-                except Exception as e:
-                    logging.warning("Exception when parsing a printer policy XML file")
-                    logging.exception(e)
-                    continue
-
-            if xmlPrinterProperty.tag == "Filters":
-                printer["filters"] = _parseXmlFilters(xmlPrinterProperty)
-
-        printerList.append(printer)
-
-    printerList = _processFilters(printerList)
-
-    logging.info("Found printers:")
-    for printer in printerList:
-        logging.info("* {0}\t\t| {1}\t| {2}".format(printer["name"], printer["path"], printer["filters"]))
-        printers.installPrinter(printer["path"], printer["name"])
-
-    logging.info("==> Successfully parsed a printer policy! ==")
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig b/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
deleted file mode 100644
index 20f10ba..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/gpo.py.orig
+++ /dev/null
@@ -1,290 +0,0 @@
- # Order of parsing: (overwriting each other)
- # 1. Local (does not apply)
- # 2. Site (does not apply)
- # 3. Domain
- # 4. OUs from top to bottom
-import ldap, ldap.sasl, re, os.path
-import xml.etree.ElementTree as ElementTree
-from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, computer, printers
-
-def processAllPolicies():
-    """
-    Process all applicable policies (equivalent to gpupdate on windows)
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """    
-    rc, policyDnList = _findApplicablePolicies()
-    if not rc:
-        logging.fatal("* Error when loading applicable GPOs! Shares and printers will not work.")
-        return False
-
-    for policyDn in policyDnList:
-        _parsePolicy(policyDn)
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _parseGplinkSring(string):
-    # a gPLink strink looks like this:
-    # [LDAP://<link>;<status>][LDAP://<link>;<status>][...]
-    # The ragex matches <link> and <status> in two separate groups
-    # Note: "LDAP://" is matched as .*:// to prevent issues when the capitalization changes
-    pattern = re.compile("\\[.*:\\/\\/([^\\]]+)\\;([0-9]+)\\]")
-
-    return pattern.findall(string)
-
-def _extractOUsFromDN(dn):
-    # NOT finished!
-    pattern = re.compile("OU=([^,]+),")
-
-    ouList = pattern.findall(dn)
-    # We need to parse from top to bottom
-    ouList.reverse()
-    return ouList
-
-def _findApplicablePolicies():
-
-    policyDnList = []
-
-    """ Do this later!
-    # 1. Domain
-    rc, domainAdObject = ldapHelper.searchOne("(distinguishedName={})".format(ldapHelper.baseDn()))
-
-    if not rc:
-        return False, None
-
-    policyDNs.extend(_parseGplinkSring(domainAdObject["gPLink"]))
-
-    # 2. OU policies from top to bottom
-    rc, userAdObject = ldapHelper.searchOne("(sAMAccountName={})".format(user.username()))
-
-    if not rc:
-        return False, None
-
-    print(userAdObject["distinguishedName"])
-    """
-
-    # For now, just parse policy sophomorix:school:<school name>
-    rc, schoolName = user.school()
-    if not rc:
-        return False, None
-
-    policyName = "sophomorix:school:{}".format(schoolName)
-
-    # find policy
-    rc, policyAdObject = ldapHelper.searchOne("(displayName={})".format(policyName))
-    if not rc:
-        return False, None
-
-    policyDnList.append((policyAdObject["distinguishedName"], 0))
-
-    return True, policyDnList
-
-def _parsePolicy(policyDn):
-    logging.info("=== Parsing policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
-
-    # Check if the policy is disabled
-    if policyDn[1] == 1:
-        logging.info("===> Policy is disabled! ===")
-        return True
-
-    # Find policy in AD
-    rc, policyAdObject = ldapHelper.searchOne("(distinguishedName={})".format(policyDn[0]))
-    if not rc:
-        logging.error("===> Could not find poilcy in AD! ===")
-        return False, None
-
-    # mount the share the policy is on (probaply already mounted, just to be sure)
-    rc, localPolicyPath = shares.getMountpointOfRemotePath(policyAdObject["gPCFileSysPath"], hiddenShare = True, autoMount = True)
-    if not rc:
-        logging.error("===> Could not mount path of poilcy! ===")
-        return False, None
-
-    try:
-        # parse drives
-        _processDrivesPolicy(localPolicyPath)
-        # parse printers
-        _processPrintersPolicy(localPolicyPath)
-    except Exception as e:
-        logging.error("An error occured when parsing policy!")
-        logging.exception(e)
-    
-    logging.info("===> Parsed policy [{0};{1}] ===".format(policyDn[0], policyDn[1]))
-
-def _parseXmlFilters(filtersXmlNode):
-    if not filtersXmlNode.tag == "Filters":
-        logging.warning("Tried to parse a non-filter node as a filter!")
-        return []
-
-    filters = []
-
-    for xmlFilter in filtersXmlNode:
-        if xmlFilter.tag == "FilterGroup":
-            filters.append({
-                "name": xmlFilter.attrib["name"].split("\\")[1],
-                "bool": xmlFilter.attrib["bool"],
-                "userContext": xmlFilter.attrib["userContext"],
-                # userContext defines if the filter applies in user or computer context
-                "type": xmlFilter.tag
-                })
-
-    return filters
-
-def _processFilters(policies):
-    filteredPolicies = []
-
-    for policy in policies:
-        if  not len(policy["filters"]) > 0:
-            filteredPolicies.append(policy)
-        else:
-            filtersPassed = True
-            for filter in policy["filters"]:
-                logging.debug("Testing filter: {}".format(filter))
-                # TODO: check for AND and OR
-                if filter["bool"] == "AND":
-                    filtersPassed = filtersPassed and _processFilter(filter)
-                elif filter["bool"] == "OR":
-                    filtersPassed = filtersPassed or _processFilter(filter)
-                else:
-                    logging.warning("Unknown boolean operation: {}! Cannot process filter!".format(filter["bool"]))
-
-            if filtersPassed:
-                filteredPolicies.append(policy)
-
-    return filteredPolicies
-
-def _processFilter(filter):
-    if filter["type"] == "FilterGroup":
-        if filter["userContext"] == "1":
-            return user.isInGroup(filter["name"])
-        elif filter["userContext"] == "0":
-            return computer.isInGroup(filter["name"])
-
-    return False
-
-def _parseXmlPolicy(policyFile):
-    if not os.path.isfile(policyFile):
-        logging.warning("==> XML policy file not found! ==")
-        return False, None
-
-    try:
-        tree = ElementTree.parse(policyFile)
-        return True, tree
-    except Exception as e:
-        logging.exception(e)
-        logging.error("==> Error while reading XML policy file! ==")
-        return False, None
-
-def _processDrivesPolicy(policyBasepath):
-    logging.info("== Parsing a drive policy! ==")
-    policyFile = "{}/User/Preferences/Drives/Drives.xml".format(policyBasepath)
-    shareList = []
-
-    rc, tree = _parseXmlPolicy(policyFile)
-
-    if not rc:
-        logging.error("==> Error while reading Drives policy file, skipping! ==")
-        return
-
-    xmlDrives = tree.getroot()
-
-    if not xmlDrives.tag == "Drives":
-        logging.warning("==> Drive policy xml File is of invalid format, skipping! ==")
-        return
-
-    for xmlDrive in xmlDrives:
-
-        if xmlDrive.tag != "Drive" or ("disabled" in xmlDrive.attrib and xmlDrive.attrib["disabled"] == "1"):
-            continue
-
-        drive = {}
-        drive["filters"] = []
-        for xmlDriveProperty in xmlDrive:
-            if xmlDriveProperty.tag == "Properties":
-                try:
-                    drive["label"] = xmlDriveProperty.attrib["label"]
-                    drive["letter"] = xmlDriveProperty.attrib["letter"]
-                    drive["path"] = xmlDriveProperty.attrib["path"]
-                    drive["useLetter"] = xmlDriveProperty.attrib["useLetter"]
-                except Exception as e:
-                    logging.warning("Exception when parsing a drive policy XML file")
-                    logging.exception(e)
-                    continue
-
-            if xmlDriveProperty.tag == "Filters":
-                drive["filters"] = _parseXmlFilters(xmlDriveProperty)
-
-        shareList.append(drive)
-
-    shareList = _processFilters(shareList)
-
-    logging.info("Found shares:")
-    for drive in shareList:
-        logging.info("* {:10}| {:5}| {:40}| {:5}".format(drive["label"], drive["letter"], drive["path"], drive["useLetter"]))
-
-    for drive in shareList:
-        if drive["useLetter"] == "1":
-            shareName = f"{drive['label']} ({drive['letter']}:)"  
-        else:
-            shareName = drive["label"]
-        shares.mountShare(drive["path"], shareName=shareName)
-
-    logging.info("==> Successfully parsed a drive policy! ==")
-
-def _processPrintersPolicy(policyBasepath):
-    logging.info("== Parsing a printer policy! ==")
-    policyFile = "{}/User/Preferences/Printers/Printers.xml".format(policyBasepath)
-    printerList = []
-    # test
-    rc, tree = _parseXmlPolicy(policyFile)
-
-    if not rc:
-        logging.error("==> Error while reading Printer policy file, skipping! ==")
-        return
-
-    xmlPrinters = tree.getroot()
-
-    if not xmlPrinters.tag == "Printers":
-        logging.warning("==> Printer policy xml File is of invalid format, skipping! ==")
-        return
-
-    for xmlPrinter in xmlPrinters:
-
-        if xmlPrinter.tag != "SharedPrinter" or ("disabled" in xmlPrinter.attrib and xmlPrinter.attrib["disabled"] == "1"):
-            continue
-
-        printer = {}
-        printer["filters"] = []
-
-        try:
-            printer["name"] = xmlPrinter.attrib["name"]
-        except Exception as e:
-            logging.warning("Exception when reading a printer name from a printer policy XML file")
-            logging.exception(e)
-
-        for xmlPrinterProperty in xmlPrinter:
-            if xmlPrinterProperty.tag == "Properties":
-                try:
-                    rc, printerUrl = printers.translateSambaToIpp(xmlPrinterProperty.attrib["path"])
-                    if rc:
-                        printer["path"] = printerUrl
-                except Exception as e:
-                    logging.warning("Exception when parsing a printer policy XML file")
-                    logging.exception(e)
-                    continue
-
-            if xmlPrinterProperty.tag == "Filters":
-                printer["filters"] = _parseXmlFilters(xmlPrinterProperty)
-
-        printerList.append(printer)
-
-    printerList = _processFilters(printerList)
-
-    logging.info("Found printers:")
-    for printer in printerList:
-        logging.info("* {0}\t\t| {1}\t| {2}".format(printer["name"], printer["path"], printer["filters"]))
-        printers.installPrinter(printer["path"], printer["name"])
-
-    logging.info("==> Successfully parsed a printer policy! ==")
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
deleted file mode 100644
index 52430c3..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/hooks.py
+++ /dev/null
@@ -1,219 +0,0 @@
-#
-# This is used to run hooks
-#
-
-from enum import Enum
-import os, subprocess
-from linuxmusterLinuxclient7 import logging, constants, user, config, computer, environment, setup, shares
-
-class Type(Enum):
-    """
-    Enum containing all hook types
-    """
-
-    Boot = 0
-    """The onBoot hook
-    """
-    Shutdown = 1
-    """The on Shutdown hook
-    """
-    LoginAsRoot = 2
-    """The onLoginAsRoot hook
-    """
-    Login = 3
-    """The onLogin hook
-    """
-    SessionStarted = 4
-    """The onSession started hook
-    """
-    LogoutAsRoot = 5
-    LoginLogoutAsRoot = 6
-
-remoteScriptNames = {
-    Type.Boot: "sysstart.sh",
-    Type.Login: "logon.sh",
-    Type.SessionStarted: "sessionstart.sh",
-    Type.Shutdown: "sysstop.sh"
-}
-
-_remoteScriptInUserContext = {
-    Type.Boot: False,
-    Type.Login: True,
-    Type.SessionStarted: True,
-    Type.Shutdown: False
-}
-
-def runLocalHook(hookType):
-    """
-    Run all scripts in a local hookdir
-
-    :param hookType: The type of hook to run
-    :type hookType: hooks.Type
-    """    
-    logging.info("=== Running local hook on{0} ===".format(hookType.name))
-    hookDir = _getLocalHookDir(hookType)
-    if os.path.exists(hookDir):
-        _prepareEnvironment()
-        for fileName in sorted(os.listdir(hookDir)):
-            filePath = hookDir + "/" + fileName
-            _runHookScript(filePath)
-    logging.info("===> Finished running local hook on{0} ===".format(hookType.name))
-
-
-def runRemoteHook(hookType):
-    """
-    Run hookscript from sysvol
-
-    :param hookType: The type of hook to run
-    :type hookType: hooks.Type
-    """    
-    logging.info("=== Running remote hook on{0} ===".format(hookType.name))
-    rc, hookScripts = _getRemoteHookScripts(hookType)
-
-    if rc:
-        _prepareEnvironment()
-        _runHookScript(hookScripts[0])
-        _runHookScript(hookScripts[1])
-
-    logging.info("===> Finished running remote hook on{0} ===".format(hookType.name))
-
-def runHook(hookType):
-    """
-    Executes hooks.runLocalHook() and hooks.runRemoteHook()
-
-    :param hookType: The type of hook to run
-    :type hookType: hooks.Type
-    """    
-    runLocalHook(hookType)
-    runRemoteHook(hookType)
-
-def getLocalHookScript(hookType):
-    """Get the path of a local hookscript
-
-    :param hookType: The type of hook script to get the path for
-    :type hookType: hooks.Type
-    :return: The path
-    :rtype: str
-    """
-    return "{0}/on{1}".format(constants.scriptDir,hookType.name)
-
-def shouldHooksBeExecuted(overrideUsername=None):
-    """Check if hooks should be executed
-
-    :param overrideUsername: Override the username to check, defaults to None
-    :type overrideUsername: str, optional
-    :return: True if hooks should be executed, fale otherwise
-    :rtype: bool
-    """
-    # check if linuxmuster-linuxclient7 is setup
-    if not setup.isSetup():
-        logging.info("==== Linuxmuster-linuxclient7 is not setup, exiting ====")
-        return False
-
-    # check if the computer is joined
-    if not computer.isInAD():
-        logging.info("==== This Client is not joined to any domain, exiting ====")
-        return False
-
-    # Check if the user is an AD user
-    if overrideUsername == None:
-        overrideUsername = user.username()
-
-    if not user.isUserInAD(overrideUsername):
-        logging.info("==== {0} is not an AD user, exiting ====".format(user.username()))
-        return False
-    
-    return True
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _prepareEnvironment():
-    dictsAndPrefixes = {}
-
-    rc, networkConfig = config.network()
-    if rc:
-        dictsAndPrefixes["Network"] = networkConfig
-
-    rc, userConfig = user.readAttributes()
-    if rc:
-        dictsAndPrefixes["User"] = userConfig
-
-    rc, computerConfig = computer.readAttributes()
-    if rc:
-        dictsAndPrefixes["Computer"] = computerConfig
-
-    environment = _dictsToEnv(dictsAndPrefixes)
-    _writeEnvironment(environment)
-
-def _getLocalHookDir(hookType):
-    return "{0}/on{1}.d".format(constants.etcBaseDir,hookType.name)
-
-def _getRemoteHookScripts(hookType):
-    if not hookType in remoteScriptNames:
-        return False, None
-
-    rc, networkConfig = config.network()
-
-    if not rc:
-        logging.error("Could not execute server hooks because the network config could not be read")
-        return False, None
-
-    if _remoteScriptInUserContext[hookType]:
-        rc, attributes = user.readAttributes()
-        if not rc:
-            logging.error("Could not execute server hooks because the user config could not be read")
-            return False, None
-    else:
-        rc, attributes = computer.readAttributes()
-        if not rc:
-            logging.error("Could not execute server hooks because the computer config could not be read")
-            return False, None
-
-    try:
-        domain = networkConfig["domain"]
-        school = attributes["sophomorixSchoolname"]
-        scriptName = remoteScriptNames[hookType]
-    except:
-        logging.error("Could not execute server hooks because the computer/user config is missing attributes")
-        return False, None
-
-    rc, sysvolPath = shares.getLocalSysvolPath()
-    if not rc:
-        logging.error("Could not execute server hook {} because the sysvol could not be mounted!\n")
-        return False, None
-
-    hookScriptPathTemplate = "{0}/{1}/scripts/{2}/{3}/linux/{4}".format(sysvolPath, domain, school, "{}", scriptName)
-
-    return True, [hookScriptPathTemplate.format("lmn"), hookScriptPathTemplate.format("custom")]
-
-# parameter must be a dict of {"prefix": dict}
-def _dictsToEnv(dictsAndPrefixes):
-    environmentDict = {}
-    for prefix in dictsAndPrefixes:
-        for key in dictsAndPrefixes[prefix]:
-            if type(dictsAndPrefixes[prefix][key]) is list:
-                environmentDict[prefix + "_" + key] = "\n".join(dictsAndPrefixes[prefix][key])
-            else:
-                environmentDict[prefix + "_" + key] = dictsAndPrefixes[prefix][key]
-
-    return environmentDict
-
-def _runHookScript(filePath):
-    if not os.path.isfile(filePath):
-        logging.warning("* File {0} should be executed as hook but does not exist!".format(filePath))
-        return
-    if not os.access(filePath, os.X_OK):
-        logging.warning("* File {0} is in hook dir but not executable!".format(filePath))
-        return
-
-    logging.info("== Executing script {0} ==".format(filePath))
-
-    result = subprocess.call([filePath])
-
-    logging.info("==> Script {0} finished with exit code {1} ==".format(filePath, result))
-
-def _writeEnvironment(environment):
-    for key in environment:
-        os.putenv(key, environment[key])
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
deleted file mode 100644
index e0924b7..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/imageHelper.py
+++ /dev/null
@@ -1,220 +0,0 @@
-import os, subprocess, shutil
-from linuxmusterLinuxclient7 import logging, setup, realm, user, constants, printers, fileHelper
-
-def prepareForImage(unattended=False):
-    """Prepare the computer for creating an image
-
-    :param unattended: If set to True, all questions will be answered with yes, defaults to False
-    :type unattended: bool, optional
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info("#### Image preparation ####")
-
-    try:
-        if not _testDomainJoin(unattended):
-            return False
-
-        if not _upgradeSystem(unattended):
-            return False
-
-        if not _clearCaches(unattended):
-            return False
-
-        if not _clearUserHomes(unattended):
-            return False
-
-        if not _clearUserCache(unattended):
-            return False
-
-        if not _clearPrinters(unattended):
-            return False
-
-        if not _clearLogs(unattended):
-            return False
-
-        if not _emptyTrash(unattended):
-            return False
-
-    except KeyboardInterrupt:
-        print()
-        logging.info("Cancelled.")
-        return False
-
-    print()
-    logging.info("####    Image preparation done      ####")
-    logging.info("#### You may create an Image now :) ####")
-    print()
-    return True
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _askStep(step, printPlaceholder=True):
-    if printPlaceholder:
-        print()
-    response = input("Do you want to {}? (y/n): ".format(step))
-    result = response in ["y", "Y", "j", "J"]
-    if result:
-        print()
-    return result
-
-def _testDomainJoin(unattended=False):
-    if not unattended and not _askStep("test if the domain join works"):
-        return True
-
-    return setup.status()
-
-def _upgradeSystem(unattended=False):
-    if not unattended and not _askStep("update this computer now"):
-        return True
-    
-    # Perform an update
-    logging.info("Updating this computer now...")
-
-    if subprocess.call(["apt", "update"]) != 0:
-        logging.error("apt update failed!")
-        return False
-    
-    if subprocess.call(["apt", "dist-upgrade", "-y"]) != 0:
-        logging.error("apt dist-upgrade failed!")
-        return False
-    
-    if subprocess.call(["apt", "autoremove", "-y"]) != 0:
-        logging.error("apt autoremove failed!")
-        return False
-    
-    if subprocess.call(["apt", "clean", "-y"]) != 0:
-        logging.error("apt clean failed!")
-        return False
-
-    return True
-    
-def _clearCaches(unattended=False):    
-    if not unattended and not _askStep("clear journalctl and apt caches now"):
-        return True
-
-    logging.info("Cleaning caches..")
-    logging.info("* apt")
-    fileHelper.deleteAllInDirectory("/var/lib/apt/lists/")
-    logging.info("* journalctl")
-    subprocess.call(["journalctl", "--flush", "--rotate"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    subprocess.call(["journalctl", "--vacuum-time=1s"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    logging.info("Done.")
-    return True
-
-def _checkLoggedInUsers():
-    result = subprocess.run("who -s | awk '{ print $1 }'", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if result.returncode != 0:
-        logging.error("Failed to get logged in users!")
-        return False, None
-
-    loggedInUsers = list(filter(None, result.stdout.split("\n")))
-
-    for loggedInUser in loggedInUsers:
-        if user.isUserInAD(loggedInUser):
-            logging.error("User {} is still logged in, please log out first! Aborting!".format(loggedInUser))
-            return False
-
-    return True
-
-def _clearUserCache(unattended=False):
-    if not unattended and not _askStep("clear all cached users now"):
-        return True
-
-    if not _checkLoggedInUsers():
-        return False
-
-    realm.clearUserCache()
-
-    logging.info("Done.")
-
-    return realm.clearUserCache()
-
-def _unmountAllCifsMounts():
-    logging.info("Unmounting all CIFS mounts!")
-    if subprocess.call(["umount",  "-a", "-t", "cifs", "-l"]) != 0:
-        logging.info("Failed!")
-        return False
-
-    # double check (just to be sure)
-    result = subprocess.run("mount", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if result.returncode != 0:
-        logging.error("Failed to get mounts!")
-        return False
-
-    if ("cifs" in result.stdout) or ("CIFS" in result.stdout):
-        logging.error("There are still shares mounted!")
-        logging.info("Use \"mount | grep cifs\" to view them.")
-        return False
-
-    return True
-
-def _clearUserHomes(unattended=False):
-    print("\nCAUTION! This will delete all userhomes of AD users!")
-    if not unattended and not _askStep("clear all user homes now", False):
-        return True
-
-    if not _checkLoggedInUsers():
-        return False
-
-    if not _unmountAllCifsMounts():
-        logging.info("Aborting deletion of user homes to prevent deleting data on the server.")
-        return False
-
-    userHomes = os.listdir("/home")
-
-    logging.info("Deleting all user homes now!")
-    for userHome in userHomes:
-        if not user.isUserInAD(userHome):
-            logging.info("* {} [SKIPPED]".format(userHome))
-            continue
-
-        logging.info("* {}".format(userHome))
-        try:
-            shutil.rmtree("/home/{}".format(userHome))
-        except Exception as e:
-            logging.error("* FAILED!")
-            logging.exception(e)
-        
-        try:
-            shutil.rmtree(constants.hiddenShareMountBasepath.format(userHome))
-        except:
-            pass
-    
-    logging.info("Done.")
-    return True
-
-def _clearPrinters(unattended=False):
-    print("\nCAUTION! This will delete all printers of {}!".format(constants.templateUser))
-    print("This makes sure that local printers do not conflict with remote printers defined by GPOs.")
-    if not unattended and not _askStep("remove all local printers of {}".format(constants.templateUser), False):
-        return True
-    
-    if not printers.uninstallAllPrintersOfUser(constants.templateUser):
-        return False
-
-    return True
-
-def _clearLogs(unattended=False):
-    if not unattended and not _askStep("clear the syslog"):
-        return True
-    
-    if not fileHelper.deleteFile("/var/log/syslog"):
-        return False
-
-    subprocess.call(["sudo", "service", "rsyslog", "restart"])
-
-    return True
-
-def _emptyTrash(unattended=False):
-    if not unattended and not _askStep("clear the Trash of linuxadmin"):
-        return True
-
-    if not fileHelper.deleteAllInDirectory("/home/{}/.local/share/Trash".format(constants.templateUser)):
-        return False
-    
-    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
deleted file mode 100644
index ce8556a..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/keytab.py
+++ /dev/null
@@ -1,52 +0,0 @@
-from krb5KeytabUtil import Krb5KeytabUtil
-from linuxmusterLinuxclient7 import computer, config, logging
-
-def patchKeytab():
-    """
-    Patches the `/etc/krb5.keytab` file. It inserts the correct hostname of the current computer.
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    krb5KeytabFilePath = "/etc/krb5.keytab"
-    logging.info("Patching {}".format(krb5KeytabFilePath))
-    krb5KeytabUtil = Krb5KeytabUtil(krb5KeytabFilePath)
-
-    try:
-        krb5KeytabUtil.read()
-    except:
-        logging.error("Error reading {}".format(krb5KeytabFilePath))
-        return False
-
-    for entry in krb5KeytabUtil.keytab.entries:
-        oldData = entry.principal.components[-1].data
-        if len(entry.principal.components) == 1:
-            newData = computer.hostname().upper() + "$"
-            entry.principal.components[0].data = newData
-
-        elif len(entry.principal.components) == 2 and (entry.principal.components[0].data == "host" or entry.principal.components[0].data == "RestrictedKrbHost"):
-            rc, networkConfig = config.network()
-            if not rc:
-                continue
-
-            newData = ""
-            domain = networkConfig["domain"]
-            if domain in entry.principal.components[1].data:
-                newData = computer.hostname().lower() + "." + domain
-            else:
-                newData = computer.hostname().upper()
-
-            entry.principal.components[1].data = newData
-
-        logging.debug("{} was changed to {}".format(oldData, entry.principal.components[-1].data))
-    
-    logging.info("Trying to overwrite {}".format(krb5KeytabFilePath))
-    try:
-        result = krb5KeytabUtil.write()
-    except:
-        result = False
-
-    if not result:
-        logging.error("Error overwriting {}".format(krb5KeytabFilePath))
-    
-    return result
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
deleted file mode 100644
index c9856f4..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/ldapHelper.py
+++ /dev/null
@@ -1,148 +0,0 @@
-import ldap, ldap.sasl, sys, getpass, subprocess
-from linuxmusterLinuxclient7 import logging, constants, config, user, computer
-
-_currentLdapConnection = None
-
-def serverUrl():
-    """
-    Returns the server URL
-
-    :return: The server URL
-    :rtype: str
-    """
-    rc, networkConfig = config.network()
-
-    if not rc:
-        return False, None
-
-    serverHostname = networkConfig["serverHostname"]
-    return 'ldap://{0}'.format(serverHostname)
-
-def baseDn():
-    """
-    Returns the base DN
-
-    :return: The baseDN
-    :rtype: str
-    """
-    rc, networkConfig = config.network()
-
-    if not rc:
-        return None
-
-    domain = networkConfig["domain"]
-    return "dc=" + domain.replace(".", ",dc=")
-
-def conn():
-    """
-    Returns the ldap connection object
-
-    :return: The ldap connection object
-    :rtype: ldap.ldapobject.LDAPObject
-    """
-    global _currentLdapConnection
-
-    if _connect():
-        return _currentLdapConnection
-    
-    return None
-
-def searchOne(filter):
-    """Searches the LDAP with a filter and returns the first found object
-
-    :param filter: A valid ldap filter
-    :type filter: str
-    :return: Tuple (success, ldap object as dict)
-    :rtype: tuple
-    """
-    if conn() == None:
-        logging.error("Cannot talk to LDAP")
-        return False, None
-
-    try:
-        rawResult = conn().search_s(
-                baseDn(),
-                ldap.SCOPE_SUBTREE,
-                filter
-                )
-    except Exception as e:
-        logging.error("Error executing LDAP search!")
-        logging.exception(e)
-        return False, None
-
-    try:
-        result =  {}
-
-        if len(rawResult) <= 0 or rawResult[0][0] == None:
-            logging.debug(f"Search \"{filter}\" did not return any objects")
-            return False, None
-
-        for k in rawResult[0][1]:
-            if rawResult[0][1][k] != None:
-                rawAttribute = rawResult[0][1][k]
-                try:
-                    if len(rawAttribute) == 1:
-                        result[k] = str(rawAttribute[0].decode())
-                    elif len(rawAttribute) > 0:
-                        result[k] = []
-                        for rawItem in rawAttribute:
-                            result[k].append(str(rawItem.decode()))
-                except UnicodeDecodeError:
-                    continue
-                
-        return True, result
-
-    except Exception as e:
-        logging.error("Error while reading ldap search results!")
-        logging.exception(e)
-        return False, None
-
-def isObjectInGroup(objectDn, groupName):
-    """
-    Check if a given object is in a given group
-
-    :param objectDn: The DN of the object
-    :type objectDn: str
-    :param groupName: The name of the group
-    :type groupName: str
-    :return: True if it is a member, False otherwise
-    :rtype: bool
-    """
-    logging.debug("= Testing if object {0} is a member of group {1} =".format(objectDn, groupName))
-    rc, groupAdObject = searchOne("(&(member:1.2.840.113556.1.4.1941:={0})(sAMAccountName={1}))".format(objectDn, groupName))
-    logging.debug("=> Result: {} =".format(rc))
-    return rc
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _connect():
-    global _currentLdapConnection
-
-    if not user.isInAD() and not (user.isRoot() or not computer.isInAD()):
-        logging.warning("Cannot perform LDAP search: User is not in AD!")
-        _currentLdapConnection = None
-        return False
-
-    if not _currentLdapConnection == None:
-        return True
-
-    try:
-        sasl_auth = ldap.sasl.sasl({} ,'GSSAPI')
-        _currentLdapConnection = ldap.initialize(serverUrl(), trace_level=0)
-        # TODO:
-        # conn.set_option(ldap.OPT_X_TLS_CACERTFILE, '/path/to/ca.pem')
-        # conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
-        # conn.start_tls_s()
-        _currentLdapConnection.set_option(ldap.OPT_REFERRALS,0)
-        _currentLdapConnection.protocol_version = ldap.VERSION3
-
-        _currentLdapConnection.sasl_interactive_bind_s("", sasl_auth)
-    except Exception as e:
-        _currentLdapConnection = None
-        logging.error("Cloud not bind to ldap!")
-        logging.exception(e)
-        return False
-
-    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
deleted file mode 100644
index f1adcc8..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/localUserHelper.py
+++ /dev/null
@@ -1,19 +0,0 @@
-import subprocess
-from linuxmusterLinuxclient7 import logging
-
-def getGroupsOfLocalUser(username):
-    """
-    Get all groups of a local user
-
-    :param username: The username of the user
-    :type username: str
-    :return: Tuple (success, list of groups)
-    :rtype: tuple
-    """
-    try:
-        groups = subprocess.check_output(["id", "-Gnz", username])
-        stringList=[x.decode('utf-8') for x in groups.split(b"\x00")]
-        return True, stringList
-    except Exception as e:
-        logging.warning("Exception when querying groups of user {}, it probaply does not exist".format(username))
-        return False, None
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
deleted file mode 100644
index f73cb68..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/logging.py
+++ /dev/null
@@ -1,130 +0,0 @@
-import logging, os, traceback, re, sys, subprocess
-from enum import Enum
-from linuxmusterLinuxclient7 import user, config
-
-class Level(Enum):
-    DEBUG = 0
-    INFO = 1
-    WARNING = 2
-    ERROR = 3
-    FATAL = 4
-
-def debug(message):
-    """
-    Do a debug log.
-
-    :param message: The message to log
-    :type message: str
-    """
-    _log(Level.DEBUG, message)
-
-def info(message):
-    """
-    Do an info log.
-
-    :param message: The message to log
-    :type message: str
-    """
-    _log(Level.INFO, message)
-
-def warning(message):
-    """
-    Do a warning log.
-
-    :param message: The message to log
-    :type message: str
-    """
-    _log(Level.WARNING, message)
-
-def error(message):
-    """
-    Do an error log.
-
-    :param message: The message to log
-    :type message: str
-    """
-    _log(Level.ERROR, message)
-
-def fatal(message):
-    """
-    Do a fatal log. If used in onLogin hook, this will create a dialog containing the message.
-
-    :param message: The message to log
-    :type message: str
-    """
-    _log(Level.FATAL, message)
-
-def exception(exception):
-    """
-    Log an exception
-
-    :param exception: The exception to log
-    :type exception: Exception
-    """
-    error("=== An exception occurred ===")
-    error(str(exception))
-    # Only use for debugging! This will cause ugly error dialogs in X11
-    #traceback.print_tb(exception.__traceback__)
-    error("=== end exception ===")
-
-def printLogs(compact=False,anonymize=False):
-    """
-    Print logs of linuxmuster-linuxclient7 from `/var/log/syslog`.
-
-    :param compact: If set to True, some stuff like time and date will be removed. Defaults to False
-    :type compact: bool, optional
-    :param anonymize: If set to True, domain/realm/serverHostname will be replaced by linuxmuster.lan. Defaults to False
-    :type anonymize: bool, optional
-    """
-    print("===========================================")
-    print("=== Linuxmuster-linuxclient7 logs begin ===")
-
-    (rc, networkConfig) = config.network()
-    if rc:
-        domain = networkConfig["domain"]
-        serverHostname = networkConfig["serverHostname"]
-        realm= networkConfig["realm"]
-
-    with open("/var/log/syslog") as logfile:
-        startPattern = re.compile("^.*linuxmuster-linuxclient7[^>]+======$")
-        endPattern = re.compile("^.*linuxmuster-linuxclient7.*======>.*$")
-
-        currentlyInsideOfLinuxmusterLinuxclient7Log = False
-
-        for line in logfile:
-            line = line.replace("\n", "")
-            if startPattern.fullmatch(line):
-                currentlyInsideOfLinuxmusterLinuxclient7Log = True
-                print("\n")
-
-            if currentlyInsideOfLinuxmusterLinuxclient7Log:
-                if compact:
-                    # "^([^ ]+[ ]+){4}" matches "Apr  6 14:39:23 somehostname" 
-                    line = re.sub("^([^ ]+[ ]+){4}", "", line)
-                if anonymize and rc:
-                    line = re.sub(serverHostname, "server.linuxmuster.lan", line)
-                    line = re.sub(domain, "linuxmuster.lan", line)
-                    line = re.sub(realm, "LINUXMUSTER.LAN", line)
-
-                print(line)
-
-            if endPattern.fullmatch(line):
-                currentlyInsideOfLinuxmusterLinuxclient7Log = False
-                print("\n")
-            
-    print("=== Linuxmuster-linuxclient7 logs end ===")
-    print("=========================================")
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _log(level, message):
-    #if level == Level.DEBUG:
-    #    return
-    if level == Level.FATAL:
-        sys.stderr.write(message)
-        
-    print("[{0}] {1}".format(level.name, message))
-    message = message.replace("'", "")
-    subprocess.call(["logger", "-t", "linuxmuster-linuxclient7", f"[{level.name}] {message}"])
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
deleted file mode 100644
index d4e42a1..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/printers.py
+++ /dev/null
@@ -1,129 +0,0 @@
-import os, subprocess, re
-from linuxmusterLinuxclient7 import logging, user
-
-def installPrinter(networkPath, name=None, username=None):
-    """
-    Installs a networked printer for a user
-
-    :param networkPath: The network path of the printer
-    :type networkPath: str
-    :param name: The name for the printer, defaults to None
-    :type name: str, optional
-    :param username: The username of the user whom the is installed printer for. Defaults to the executing user
-    :type username: str, optional
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    if username == None:
-        username = user.username()
-
-    if user.isRoot():
-        return _installPrinter(username, networkPath, name)
-    else:
-        # This will call installPrinter() again with root privileges
-        return _installPrinterWithoutRoot(networkPath, name)
-
-    pass
-
-def uninstallAllPrintersOfUser(username):
-    """
-    Uninstalls all printers of a given user
-
-    :param username: The username of the user
-    :type username: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info("Uninstalling all printers of {}".format(username))
-    rc, installedPrinters = _getInstalledPrintersOfUser(username)
-
-    if not rc:
-        logging.error("Error getting printers!")
-        return False
-
-    for installedPrinter in installedPrinters:
-        if not _uninstallPrinter(installedPrinter):
-            return False
-
-    return True
-
-def translateSambaToIpp(networkPath):
-    """
-    Translates a samba url, like `\\server\PRINTER-01`, to an ipp url like `ipp://server/printers/PRINTER-01`.
-
-    :param networkPath: The samba url
-    :type networkPath: str
-    :return: An ipp url
-    :rtype: str
-    """
-    networkPath = networkPath.replace("\\", "/")
-    # path has to be translated: \\server\EW-FARBLASER -> ipp://server/printers/EW-farblaser
-    pattern = re.compile("\\/\\/([^/]+)\\/(.*)")
-
-    result = pattern.findall(networkPath)
-    if len(result) != 1 or len(result[0]) != 2:
-        logging.error("Cannot convert printer network path from samba to ipp, as it is invalid: {}".format(networkPath))
-        return False, None
-
-    ippNetworkPath = "ipp://{0}/printers/{1}".format(result[0][0], result[0][1])
-    return True, ippNetworkPath
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _installPrinter(username, networkPath, name):
-    logging.info("Install Printer {0} on {1}".format(name, networkPath))
-    installCommand = ["timeout", "10", "lpadmin", "-p", name, "-E", "-v", networkPath, "-m", "everywhere", "-u", f"allow:{username}"]
-    logging.debug("* running '{}'".format(" ".join(installCommand)))
-    p = subprocess.call(installCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if p  == 0:
-        logging.debug("* Success Install Printer!")
-        return True
-    elif p == 124:
-        logging.fatal(f"* Timeout error while installing printer {name} on {networkPath}")
-    else:
-        logging.fatal(f"* Error installing printer {name} on {networkPath}!")
-    return False
-
-def _installPrinterWithoutRoot(networkPath, name):
-    return subprocess.call(["sudo", "/usr/share/linuxmuster-linuxclient7/scripts/sudoTools", "install-printer", "--path", networkPath, "--name", name]) == 0
-
-def _getInstalledPrintersOfUser(username):
-    logging.info(f"Getting installed printers of {username}")
-    command = f"lpstat -U {username} -p"
-    #logging.debug("running '{}'".format(command))
-
-    result = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if not result.returncode == 0:
-        logging.info("No Printers installed.")
-        return True, []
-
-    rawInstalledPrinters = list(filter(None, result.stdout.split("\n")))
-    installedPrinters = []
-    
-    for rawInstalledPrinter in rawInstalledPrinters:
-        rawInstalledPrinterList = list(filter(None, rawInstalledPrinter.split(" ")))
-        
-        if len(rawInstalledPrinterList) < 2:
-            continue
-
-        installedPrinter = rawInstalledPrinterList[1]
-        installedPrinters.append(installedPrinter)
-
-    return True, installedPrinters
-
-def _uninstallPrinter(name):
-    logging.info("Uninstall Printer {}".format(name))
-    uninstallCommand = ["timeout", "10", "lpadmin", "-x", name]
-    logging.debug("* running '{}'".format(" ".join(uninstallCommand)))
-    p = subprocess.call(uninstallCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if p  == 0:
-        logging.debug("* Success Uninstall Printer!")
-        return True
-    elif p == 124:
-        logging.fatal(f"* Timeout error while installing printer {name}")
-    else:
-        logging.fatal(f"* Error Uninstalling Printer {name}!")
-    return False
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
deleted file mode 100644
index 3847529..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/realm.py
+++ /dev/null
@@ -1,195 +0,0 @@
-import os, sys, subprocess, configparser
-from linuxmusterLinuxclient7 import logging, computer
-
-def join(domain, user):
-    """
-    Joins the computer to an AD
-
-    :param domain: The domain to join
-    :type domain: str
-    :param user: The admin user used for joining
-    :type user: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    # join the domain using the kerberos ticket
-    joinCommand = ["realm", "join", "-v", domain, "-U", user]
-    if subprocess.call(joinCommand) != 0:
-        print()
-        logging.error('Failed! Did you enter the correct password?')
-        return False
-
-    logging.info("It looks like the domain was joined successfully.")
-    return True
-
-def leave(domain):
-    """
-    Leave a domain
-
-    :param domain: The domain to leave
-    :type domain: str
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    leaveCommand = ["realm", "leave", domain]
-    return subprocess.call(leaveCommand) == 0
-
-def leaveAll():
-    """
-    Leaves all joined domains
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info("Cleaning / leaving all domain joins")
-
-    rc, joinedDomains = getJoinedDomains()
-    if not rc:
-        return False
-
-    for joinedDomain in joinedDomains:
-        logging.info("* {}".format(joinedDomain))
-        if not leave(joinedDomain):
-            logging.error("-> Failed! Aborting!")
-            return False
-    
-    logging.info("-> Done!")
-    return True
-
-def isJoined():
-    """
-    Checks if the computer is joined to a domain
-
-    :return: True if it is joined to one or more domains, False otherwise
-    :rtype: bool
-    """
-    rc, joinedDomains = getJoinedDomains()
-    if not rc:
-        return False
-    else:
-        return len(joinedDomains) > 0
-
-def pullKerberosTicketForComputerAccount():
-    """
-    Pulls a kerberos ticket using the computer account from `/etc/krb5.keytab`
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    return subprocess.call(["kinit", "-k", computer.krbHostName()]) == 0
-
-def verifyDomainJoin():
-    """
-    Checks if the domain join actually works.
-
-    :return: True if it does, False otherwise
-    :rtype: bool
-    """
-    logging.info("Testing if the domain join actually works")
-    if not isJoined():
-        logging.error("No domain is joined!")
-        return False
-    
-    logging.info("* Checking if the group \"domain users\" exists")
-    if subprocess.call(["getent", "group", "domain users"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) != 0:
-        logging.error("The \"domain users\" group does not exists! Users wont be able to log in!")
-        logging.error("This is sometimes related to /etc/nsswitch.conf.")
-        return False
-
-    # Try to get a kerberos ticket for the computer account
-    logging.info("* Trying to get a kerberos ticket for the Computer Account")
-    if not pullKerberosTicketForComputerAccount():
-        logging.error("Could not get a kerberos ticket for the Computer Account!")
-        logging.error("Logins of non-cached users WILL NOT WORK!")
-        logging.error("Please try to re-join the Domain.")
-        return False
-    
-    
-    logging.info("The domain join is working!")
-    return True
-
-def getJoinedDomains():
-    """
-    Returns all joined domains
-
-    :return: Tuple (success, list of joined domians)
-    :rtype: tuple
-    """
-    result = subprocess.run("realm list --name-only", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if result.returncode != 0:
-        logging.error("Failed to read domain joins!")
-        return False, None
-
-    return True, list(filter(None, result.stdout.split("\n")))
-
-def discoverDomains():
-    """
-    Searches for avialable domains on the current network
-
-    :return: Tuple (success, list of available domains)
-    :rtype: tuple
-    """
-    result = subprocess.run("realm discover --name-only", stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if result.returncode != 0:
-        logging.error("Failed to discover available domains!")
-        return False, None
-
-    return True, list(filter(None, result.stdout.split("\n")))
-
-def getDomainConfig(domain):
-    """
-    Looks up all relevant properties of a domain:
-    - domain controller IP
-    - domain name
-
-    :param domain: The domain to check
-    :type domain: str
-    :return: Tuple (success, dict with domain config)
-    :rtype: tuple
-    """
-    result = subprocess.run("adcli info '{}'".format(domain), stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True, shell=True)
-
-    if result.returncode != 0:
-        logging.error("Failed to get details of domain {}!".format(domain))
-        return False, None
-
-    rawConfig = _readConfigFromString(result.stdout)
-    try:
-        rawDomainConfig = rawConfig["domain"]
-    except KeyError:
-        logging.error("Error when reading domain details")
-        return False, None
-
-    domainConfig = {}
-
-    try:
-        domainConfig["domain-controller"] = rawDomainConfig["domain-controller"]
-        domainConfig["domain-name"] = rawDomainConfig["domain-name"]
-    except KeyError:
-        logging.error("Error when reading domain details (2)")
-        return False, None
-
-    return True, domainConfig
-
-def clearUserCache():
-    """
-    Clears the local user cache
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    # clean sssd cache
-    logging.info("Cleaning sssd cache.")
-    subprocess.call(["sssctl", "cache-remove", "--stop", "--start", "--override"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    return True
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _readConfigFromString(string):
-    configParser = configparser.ConfigParser()
-    configParser.read_string(string)
-    return configParser
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
deleted file mode 100644
index 85994fe..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/setup.py
+++ /dev/null
@@ -1,364 +0,0 @@
-import os, re, sys, configparser, subprocess, shutil
-from pathlib import Path
-from linuxmusterLinuxclient7 import logging, constants, hooks, shares, config, user, templates, realm, fileHelper, printers, computer
-
-def setup(domain=None, user=None):
-    """
-    Sets up the client to be able to act in a linuxmuster environment
-
-    :param domain: The domain to join, defaults to the first discovered domain
-    :type domain: str, optional
-    :param user: The admin user for the join, defaults to global-admin
-    :type user: str, optional
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info('#### linuxmuster-linuxclient7 setup ####')
-
-    if not realm.clearUserCache():
-        return False
-
-    if not _cleanOldDomainJoins():
-        return False
-
-    rc, domain = _findDomain(domain)
-    if not rc:
-        return False
-
-    if user == None:
-        user = constants.defaultDomainAdminUser
-
-    if not _prepareNetworkConfiguration(domain):
-        return False
-
-    if not _deleteObsoleteFiles():
-        return False
-
-    if not templates.applyAll():
-        return False
-
-    if not _preparePam():
-        return False
-
-    if not _prepareServices():
-        return False
-
-    # Actually join domain!
-    print()
-    logging.info(f"#### Joining domain {domain} ####")
-
-    if not realm.join(domain, user):
-        return False
-
-    # copy server ca certificate in place
-    # This will also make sure that the domain join actually worked;
-    # mounting the sysvol will fail otherwise.
-    if not _installCaCertificate(domain, user):
-        return False
-
-    if not _adjustSssdConfiguration(domain):
-        return False
-
-    # run a final test
-    if not realm.verifyDomainJoin():
-        return False
-
-    print("\n\n")
-
-    logging.info(f"#### SUCCESSFULLY joined domain {domain} ####")
-
-    return True
-
-def status():
-    """
-    Checks the status of the client
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info('#### linuxmuster-linuxclient7 status ####')
-
-    if not isSetup():
-        logging.info("Not setup!")
-        return False
-
-    logging.info("Linuxmuster-linuxclient7 is setup!")
-    logging.info("Testing if domain is joined...")
-
-    logging.info("Checking joined domains")
-    rc, joinedDomains = realm.getJoinedDomains()
-    if not rc:
-        return False
-
-    print()
-    logging.info("Joined domains:")
-    for joinedDomain in joinedDomains:
-        logging.info(f"* {joinedDomain}")
-    print()
-
-    if len(joinedDomains) > 0 and not realm.verifyDomainJoin():
-        print()
-        # Give a little explination to our users :)
-        print("\n===============================================================================================")
-        print("This Computer is joined to a domain, but it was not possible to authenticate")
-        print("to the domain controller. There is an error with your domain join! The login WILL NOT WORK!")
-        print("Please try to re-join the domain using 'linuxmuster-linuxclient7 setup' and create a new image.")
-        print("===============================================================================================\n")
-        return False
-    elif len(joinedDomains) <= 0:
-        print()
-        logging.info('#### This client is not joined to any domain. ####')
-        print("#### To join a domain, run \"linuxmuster-linuxclient7 setup\" ####")
-
-    print()
-
-    logging.info('#### linuxmuster-linuxclient7 is fully setup and working! ####')
-
-    return True
-
-def upgrade():
-    """
-    Performs an upgrade of the linuxmuster-linuxclient7. This is executed after the package is updated.
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    if not isSetup():
-        logging.info("linuxmuster-linuxclient7 does not seem to be setup -> no upgrade is needed")
-        return True
-
-    logging.info('#### linuxmuster-linuxclient7 upgrade ####')
-    if not config.upgrade():
-        return False
-
-    if not _deleteObsoleteFiles():
-        return False
-
-    if not templates.applyAll():
-        return False
-
-    if not _prepareServices():
-        return False
-
-    rc, joinedDomains = realm.getJoinedDomains()
-    if not rc:
-        return False
-    
-    for domain in joinedDomains:
-        _adjustSssdConfiguration(domain)
-
-    logging.info('#### linuxmuster-linuxclient7 upgrade SUCCESSFULL ####')
-    return True
-
-def clean():
-    """Removes all sensitive files like keys and leaves all domain joins.
-    """
-    logging.info("#### linuxmuster-linuxclient7 clean ####")
-
-    realm.clearUserCache()
-    _cleanOldDomainJoins()
-
-    # clean /etc/pam.d/common-session
-    logging.info("Cleaning /etc/pam.d/common-session to prevent logon brick")
-    fileHelper.removeLinesInFileContainingString("/etc/pam.d/common-session", ["pam_mkhomedir.so", "pam_exec.so", "pam_mount.so", "linuxmuster.net", "linuxmuster-linuxclient7", "linuxmuster-client-adsso"])
-
-    logging.info('#### linuxmuster-linuxclient7 clean SUCCESSFULL ####')
-
-def isSetup():
-    """
-    Checks if the client is setup.
-
-    :return: True if setup, False otherwise
-    :rtype: bool
-    """
-    return os.path.isfile(constants.networkConfigFilePath) 
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _cleanOldDomainJoins():
-    # stop sssd
-    logging.info("Stopping sssd")
-    if subprocess.call(["service", "sssd", "stop"]) != 0:
-        logging.error("Failed!")
-        return False
-
-    # Clean old domain join data
-    logging.info("Deleting old kerberos tickets.")
-    subprocess.call(["kdestroy"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-
-    if not realm.leaveAll():
-        return False
-
-    # delete krb5.keytab file, if existent
-    logging.info('Deleting krb5.keytab if it exists ... ')
-    if not fileHelper.deleteFile("/etc/krb5.keytab"):
-        return False
-
-    # delete old CA Certificate
-    logging.info('Deleting old CA certificate if it exists ... ')
-    if not fileHelper.deleteFilesWithExtension("/var/lib/samba/private/tls", ".pem"):
-        return False
-
-    # remove network.conf
-    logging.info(f"Deleting {constants.networkConfigFilePath} if exists ...")
-    if not fileHelper.deleteFile(constants.networkConfigFilePath):
-        return False
-
-    return True
-
-def _findDomain(domain=None):
-    logging.info("Trying to discover available domains...")
-    rc, availableDomains = realm.discoverDomains()
-    if not rc or len(availableDomains) < 1:
-        logging.error("Could not discover any domain!")
-        return False, None
-    
-    if domain == None:
-        domain = availableDomains[0]
-        logging.info(f"Using first discovered domain {domain}")
-    elif domain in availableDomains:
-        logging.info(f"Using domain {domain}")
-    else:
-        print("\n")
-        logging.error(f"Could not find domain {domain}!")
-        return False, None
-    
-    return True, domain
-
-def _prepareNetworkConfiguration(domain):
-    logging.info("Preparing network configuration")
-    rc, domainConfig = realm.getDomainConfig(domain)
-    if not rc:
-        logging.error("Could not read domain configuration")
-        return False
-
-    newNetworkConfig = {}
-    newNetworkConfig["serverHostname"] = domainConfig["domain-controller"]
-    newNetworkConfig["domain"] = domainConfig["domain-name"]
-    newNetworkConfig["realm"] = domainConfig["domain-name"].upper()
-
-    config.writeNetworkConfig(newNetworkConfig)
-
-    return True
-
-def _preparePam():
-    # enable necessary pam modules
-    logging.info('Updating pam configuration ... ')
-    subprocess.call(['pam-auth-update', '--package', '--enable', 'libpam-mount', 'pwquality', 'sss', '--force'])
-    ## mkhomedir was injected in template not using pam-auth-update
-    subprocess.call(['pam-auth-update', '--package', '--remove', 'krb5', 'mkhomedir', '--force'])
-
-    return True
-
-def _prepareServices():
-    logging.info("Raloading systctl daemon")
-    subprocess.call(["systemctl", "daemon-reload"])
-
-    logging.info('Enabling services:')
-    services = ['linuxmuster-linuxclient7', 'smbd', 'nmbd', 'sssd']
-    for service in services:
-        logging.info('* %s' % service)
-        subprocess.call(['systemctl','enable', service + '.service'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-
-    logging.info('Restarting services:')
-    services = ['smbd', 'nmbd', 'systemd-timesyncd']
-    for service in services:
-        logging.info('* %s' % service)
-        subprocess.call(['systemctl', 'restart' , service + '.service'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-
-    return True
-
-def _installCaCertificate(domain, user):
-    logging.info('Installing server ca certificate ... ')
-
-    # try to mount the share
-    rc, sysvolMountpoint = shares.getLocalSysvolPath()
-    if not rc:
-        logging.error("Failed to mount sysvol!")
-        return False
-
-    cacertPath = f"{sysvolMountpoint}/{domain}/tls/cacert.pem"
-    cacertTargetPath = f"/var/lib/samba/private/tls/{domain}.pem"
-
-    logging.info("Copying CA certificate from server to client!")
-    try:
-        Path(Path(cacertTargetPath).parent.absolute()).mkdir(parents=True, exist_ok=True)
-        shutil.copyfile(cacertPath, cacertTargetPath)
-    except Exception as e:
-        logging.error("Failed!")
-        logging.exception(e)
-        return False
-
-    # make sure the file was successfully copied
-    if not os.path.isfile(cacertTargetPath):
-        logging.error('Failed to copy over CA certificate!')
-        return False
-
-    # unmount sysvol
-    shares.unmountAllSharesOfUser(computer.krbHostName())
-
-    return True
-
-def _adjustSssdConfiguration(domain):
-    logging.info("Adjusting sssd.conf")
-
-    sssdConfigFilePath = '/etc/sssd/sssd.conf'
-    sssdConfig = configparser.ConfigParser(interpolation=None)
-
-    sssdConfig.read(sssdConfigFilePath)
-    # accept usernames without domain
-    sssdConfig[f"domain/{domain}"]["use_fully_qualified_names"] = "False"
-
-    # override homedir
-    sssdConfig[f"domain/{domain}"]["override_homedir"] = "/home/%u"
-
-    # Don't validate KVNO! Otherwise the Login will fail when the KVNO stored 
-    # in /etc/krb5.keytab does not match the one in the AD (msDS-KeyVersionNumber)
-    sssdConfig[f"domain/{domain}"]["krb5_validate"] = "False"
-
-    sssdConfig[f"domain/{domain}"]["ad_gpo_access_control"] = "permissive"
-    sssdConfig[f"domain/{domain}"]["ad_gpo_ignore_unreadable"] = "True"
-
-    # Don't renew the machine password, as this will break the domain join
-    # See: https://github.com/linuxmuster/linuxmuster-linuxclient7/issues/27
-    sssdConfig[f"domain/{domain}"]["ad_maximum_machine_account_password_age"] = "0"
-
-    # Make sure usernames are not case sensitive
-    sssdConfig[f"domain/{domain}"]["case_sensitive"] = "False"
-
-    try:
-        logging.info("Writing new Configuration")
-        with open(sssdConfigFilePath, 'w') as sssdConfigFile:
-            sssdConfig.write(sssdConfigFile)
-
-    except Exception as e:
-        logging.error("Failed!")
-        logging.exception(e)
-        return False
-
-    logging.info("Restarting sssd")
-    if subprocess.call(["service", "sssd", "restart"]) != 0:
-        logging.error("Failed!")
-        return False
-
-    return True
-
-def _deleteObsoleteFiles():
-    
-    # files
-    logging.info("Deleting obsolete files")
-
-    for obsoleteFile in constants.obsoleteFiles:
-        logging.info(f"* {obsoleteFile}")
-        fileHelper.deleteFile(obsoleteFile)
-
-    # directories
-    logging.info("Deleting obsolete directories")
-
-    for obsoleteDirectory in constants.obsoleteDirectories:
-        logging.info(f"* {obsoleteDirectory}")
-        fileHelper.deleteDirectory(obsoleteDirectory)
-
-    return True
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
deleted file mode 100644
index 64a879f..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/shares.py
+++ /dev/null
@@ -1,256 +0,0 @@
-import os, pwd, sys, shutil, re, subprocess, shutil
-from linuxmusterLinuxclient7 import logging, constants, user, config, computer
-from pathlib import Path
-
-def mountShare(networkPath, shareName = None, hiddenShare = False, username = None):
-    """
-    Mount a given path of a samba share
-
-    :param networkPath: Network path of the share
-    :type networkPath: str
-    :param shareName: The name of the share (name of the folder the share is being mounted to)
-    :type shareName: str
-    :param hiddenShare: If the share sould be visible in Nautilus
-    :type hiddenShare: bool
-    :param username: The user in whoms context the share should be mounted
-    :type username: str
-    :return: Tuple: (success, mountpoint)
-    :rtype: tuple
-    """
-    networkPath = networkPath.replace("\\", "/")
-    username = _getDefaultUsername(username)
-    shareName = _getDefaultShareName(networkPath, shareName)
-
-    if user.isRoot():
-        return _mountShare(username, networkPath, shareName, hiddenShare, True)
-    else:
-        mountpoint = _getShareMountpoint(networkPath, username, hiddenShare, shareName)
-        # This will call _mountShare() directly with root privileges
-        return _mountShareWithoutRoot(networkPath, shareName, hiddenShare), mountpoint
-
-def getMountpointOfRemotePath(remoteFilePath, hiddenShare = False, username = None, autoMount = True):
-    """
-    Get the local path of a remote samba share path.
-    This function automatically checks if the shares is already mounted.
-    It optionally automatically mounts the top path of the remote share:
-    If the remote path is `//server/sysvol/linuxmuster.lan/Policies` it mounts `//server/sysvol`
-
-    :param remoteFilePath: Remote path
-    :type remoteFilePath: str
-    :param hiddenShare: If the share sould be visible in Nautilus
-    :type hiddenShare: bool
-    :param username: The user in whoms context the share should be mounted
-    :type username: str
-    :parama autoMount: If the share should be mouted automatically if it is not already mounted
-    :type autoMount: bool
-    :return: Tuple: (success, mountpoint)
-    :rtype: tuple
-    """
-    remoteFilePath = remoteFilePath.replace("\\", "/")
-    username = _getDefaultUsername(username)
-
-    # get basepath fo remote file path
-    # this turns //server/sysvol/linuxmuster.lan/Policies into //server/sysvol
-    pattern = re.compile("(^\\/\\/[^\\/]+\\/[^\\/]+)")
-    match = pattern.search(remoteFilePath)
-
-    if match is None:
-        logging.error("Cannot get local file path of {} beacuse it is not a valid path!".format(remoteFilePath))
-        return False, None
-
-    shareBasepath = match.group(0)
-
-    if autoMount:
-       rc, mointpoint = mountShare(shareBasepath, hiddenShare=hiddenShare, username=username)
-       if not rc:
-           return False, None
-    
-    # calculate local path
-    shareMountpoint = _getShareMountpoint(shareBasepath, username, hiddenShare, shareName=None)
-    localFilePath = remoteFilePath.replace(shareBasepath, shareMountpoint)
-
-    return True, localFilePath
-
-def unmountAllSharesOfUser(username):
-    """
-    Unmount all shares of a given user and safely delete the mountpoints and the parent directory.
-
-    :param username: The username of the user
-    :type username: str
-    :return: True or False
-    :rtype: bool
-    """
-    logging.info("=== Trying to unmount all shares of user {0} ===".format(username))
-    for basedir in [constants.shareMountBasepath, constants.hiddenShareMountBasepath]:
-        shareMountBasedir = basedir.format(username)
-
-        try:
-            mountedShares = os.listdir(shareMountBasedir)
-        except FileNotFoundError:
-            logging.info("Mount basedir {} does not exist -> nothing to unmount".format(shareMountBasedir))
-            continue
-
-        for share in mountedShares:
-            _unmountShare("{0}/{1}".format(shareMountBasedir, share))
-    
-        if len(os.listdir(shareMountBasedir)) > 0:
-            logging.warning("* Mount basedir {} is not empty so not removed!".format(shareMountBasedir))
-            return False
-        else:
-            # Delete the directory
-            logging.info("Deleting {0}...".format(shareMountBasedir))
-            try:
-                os.rmdir(shareMountBasedir)
-            except Exception as e:
-                logging.error("FAILED!")
-                logging.exception(e)
-                return False
-
-    logging.info("===> Finished unmounting all shares of user {0} ===".format(username))
-    return True
-
-def getLocalSysvolPath():
-    """
-    Get the local mountpoint of the sysvol
-
-    :return: Full path of the mountpoint
-    :rtype: str
-    """
-    rc, networkConfig = config.network()
-    if not rc:
-        return False, None
-
-    networkPath = f"//{networkConfig['serverHostname']}/sysvol"
-    return getMountpointOfRemotePath(networkPath, True)
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-# useCruidOfExecutingUser:
-#  defines if the ticket cache of the user executing the mount command should be used.
-#  If set to False, the cache of the user with the given username will be used.
-#  This parameter influences the `cruid` mount option.
-def _mountShare(username, networkPath, shareName, hiddenShare, useCruidOfExecutingUser=False):
-
-    mountpoint = _getShareMountpoint(networkPath, username, hiddenShare, shareName)
-
-    mountCommandOptions = f"file_mode=0700,dir_mode=0700,sec=krb5,nodev,nosuid,mfsymlinks,nobrl,vers=3.0,user={username}"
-    rc, networkConfig = config.network()
-    domain = None
-
-    if rc:
-        domain = networkConfig["domain"]
-        mountCommandOptions += f",domain={domain.upper()}"
-
-    try:
-        pwdInfo = pwd.getpwnam(username)
-        uid = pwdInfo.pw_uid
-        gid = pwdInfo.pw_gid
-        mountCommandOptions += f",gid={gid},uid={uid}"
-
-        if not useCruidOfExecutingUser:
-            mountCommandOptions += f",cruid={uid}"
-
-    except KeyError:
-        uid = -1
-        gid = -1
-        logging.warning("Uid could not be found! Continuing anyway!")
-
-    mountCommand = [shutil.which("mount.cifs"), "-o", mountCommandOptions, networkPath, mountpoint]
-
-    logging.debug(f"Trying to mount '{networkPath}' to '{mountpoint}'")
-    logging.debug("* Creating directory...")
-
-    try:
-        Path(mountpoint).mkdir(parents=True, exist_ok=False)
-    except FileExistsError:
-        # Test if a share is already mounted there
-        if _directoryIsMountpoint(mountpoint):
-            logging.debug("* The mountpoint is already mounted.")
-            return True, mountpoint
-        else:
-            logging.warning("* The target directory already exists, proceeding anyway!")
-
-    logging.debug("* Executing '{}' ".format(" ".join(mountCommand)))
-    logging.debug("* Trying to mount...")
-    if not subprocess.call(mountCommand, stdout=subprocess.PIPE, stderr=subprocess.PIPE) == 0:
-        logging.fatal(f"* Error mounting share {networkPath} to {mountpoint}!\n")
-        return False, None
-
-    logging.debug("* Success!")
-
-    # hide the shares parent dir (/home/%user/media) in case it is not a hidden share
-    if not hiddenShare:
-        try:
-            hiddenFilePath = f"{mountpoint}/../../.hidden"
-            logging.debug(f"* hiding parent dir {hiddenFilePath}")
-            hiddenFile = open(hiddenFilePath, "w+")
-            hiddenFile.write(mountpoint.split("/")[-2])
-            hiddenFile.close()
-        except:
-            logging.warning(f"Could not hide parent dir of share {mountpoint}")
-
-    return True, mountpoint
-
-def _unmountShare(mountpoint):
-    # check if mountpoint exists
-    if (not os.path.exists(mountpoint)) or (not os.path.isdir(mountpoint)):
-        logging.warning(f"* Could not unmount {mountpoint}, it does not exist.")
-
-    # Try to unmount share
-    logging.info("* Trying to unmount {0}...".format(mountpoint))
-    if not subprocess.call(["umount", mountpoint]) == 0:
-        logging.warning("* Failed!")
-        if _directoryIsMountpoint(mountpoint):
-            logging.warning("* It is still mounted! Exiting!")
-            # Do not delete in this case! We might delete userdata!
-            return
-        logging.info("* It is not mounted! Continuing!")
-
-    # check if the mountpoint is empty
-    if len(os.listdir(mountpoint)) > 0:
-        logging.warning("* mountpoint {} is not empty so not removed!".format(mountpoint))
-        return
-
-    # Delete the directory
-    logging.info("* Deleting {0}...".format(mountpoint))
-    try:
-        os.rmdir(mountpoint)
-    except Exception as e:
-        logging.error("* FAILED!")
-        logging.exception(e)
-
-def _getDefaultUsername(username=None):
-    if username == None:
-        if user.isRoot():
-            username = computer.hostname().upper() + "$"
-        else:
-            username = user.username()
-    return username
-
-def _getDefaultShareName(networkPath, shareName=None):
-    if shareName is None:
-        shareName = networkPath.split("/")[-1]
-    return shareName
-
-def _mountShareWithoutRoot(networkPath, name, hidden):
-    mountCommand = ["sudo", "/usr/share/linuxmuster-linuxclient7/scripts/sudoTools", "mount-share", "--path", networkPath, "--name", name]
-
-    if hidden:
-        mountCommand.append("--hidden")
-
-    return subprocess.call(mountCommand) == 0
-
-def _getShareMountpoint(networkPath, username, hidden, shareName = None):
-    logging.debug(f"Calculating mountpoint of {networkPath}")
-
-    shareName = _getDefaultShareName(networkPath, shareName)
-
-    if hidden:
-        return "{0}/{1}".format(constants.hiddenShareMountBasepath.format(username), shareName)
-    else:
-        return "{0}/{1}".format(constants.shareMountBasepath.format(username), shareName)
-
-def _directoryIsMountpoint(dir):
-    return subprocess.call(["mountpoint", "-q", dir]) == 0
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
deleted file mode 100644
index b634fd2..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/templates.py
+++ /dev/null
@@ -1,128 +0,0 @@
-import os, codecs, sys, shutil, subprocess
-from pathlib import Path
-from linuxmusterLinuxclient7 import logging, constants, hooks, config
-
-
-def applyAll():
-    """
-    Applies all templates from `/usr/share/linuxmuster-linuxclient7/templates`
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    logging.info('Applying all configuration templates:')
-
-    templateDir = constants.configFileTemplateDir
-    for templateFile in os.listdir(templateDir):
-        templatePath = templateDir + '/' + templateFile
-        logging.info('* ' + templateFile + ' ...')
-        if not _apply(templatePath):
-            logging.error("Aborting!")
-            return False
-
-    # reload sctemctl
-    logging.info('Reloading systemctl ... ')
-    if not subprocess.call(["systemctl", "daemon-reload"]) == 0:
-        logging.error("Failed!")
-        return False
-
-    return True
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-
-def _apply(templatePath):
-    try:
-        # read template file
-        rc, fileData = _readTextfile(templatePath)
-
-        if not rc:
-            logging.error('Failed!')
-            return False
-
-        fileData = _resolveVariables(fileData)
-
-        # get target path
-        firstLine = fileData.split('\n')[0]
-        targetFilePath = firstLine.partition(' ')[2]
-
-        # remove first line (the target file path)
-        fileData = fileData[fileData.find('\n'):]
-
-        # never ever overwrite sssd.conf, this will lead to issues!
-        # sssd.conf is written by `realm join`!
-        if targetFilePath in constants.notTemplatableFiles:
-            logging.warning("Skipping forbidden file {}".format(targetFilePath))
-            return True
-
-        # create target directory
-        Path(Path(targetFilePath).parent.absolute()).mkdir(parents=True, exist_ok=True)
-
-        # remove comment lines beginning with # from .xml files
-        if targetFilePath.endswith('.xml'):
-            fileData = _stripComment(fileData)
-
-        # write config file
-        logging.debug("-> to {}".format(targetFilePath))
-        with open(targetFilePath, 'w') as targetFile:
-            targetFile.write(fileData)
-
-        return True
-
-    except Exception as e:
-        logging.error('Failed!')
-        logging.exception(e)
-        return False
-
-def _resolveVariables(fileData):
-    # replace placeholders with values
-    rc, networkConfig = config.network()
-
-    if not rc:
-        return False, None
-
-    # network
-    fileData = fileData.replace('@@serverHostname@@', networkConfig["serverHostname"])
-    fileData = fileData.replace('@@domain@@', networkConfig["domain"])
-    fileData = fileData.replace('@@realm@@', networkConfig["realm"])
-
-    # constants
-    fileData = fileData.replace('@@userTemplateDir@@', constants.userTemplateDir)
-    fileData = fileData.replace('@@hiddenShareMountBasepath@@', constants.hiddenShareMountBasepath.format("%(USER)"))
-
-    # hooks
-    fileData = fileData.replace('@@hookScriptBoot@@', hooks.getLocalHookScript(hooks.Type.Boot))
-    fileData = fileData.replace('@@hookScriptShutdown@@', hooks.getLocalHookScript(hooks.Type.Shutdown))
-    fileData = fileData.replace('@@hookScriptLoginLogoutAsRoot@@', hooks.getLocalHookScript(hooks.Type.LoginLogoutAsRoot))
-    fileData = fileData.replace('@@hookScriptSessionStarted@@', hooks.getLocalHookScript(hooks.Type.SessionStarted))
-
-    return fileData
-
-# read textfile in variable
-def _readTextfile(filePath):
-    if not os.path.isfile(filePath):
-        return False, None
-    try:
-        infile = codecs.open(filePath ,'r', encoding='utf-8', errors='ignore')
-        content = infile.read()
-        infile.close()
-        return True, content
-    except Exception as e:
-        logging.info('Cannot read ' + filePath + '!')
-        logging.exception(e)
-        return False, None
-
-# remove lines beginning with #
-def _stripComment(fileData):
-    filedata_stripped = ''
-    for line in fileData.split('\n'):
-        if line[:1] == '#':
-            continue
-        else:
-            if filedata_stripped == '':
-                filedata_stripped = line
-            else:
-                filedata_stripped = filedata_stripped + '\n' + line
-    return filedata_stripped
\ No newline at end of file
diff --git a/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py b/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
deleted file mode 100644
index aa838f0..0000000
--- a/roles/lmn_printer/files/linuxmusterLinuxclient7/user.py
+++ /dev/null
@@ -1,158 +0,0 @@
-import ldap, ldap.sasl, sys, getpass, subprocess, pwd, os, os.path
-from pathlib import Path
-from linuxmusterLinuxclient7 import logging, constants, config, user, ldapHelper, shares, fileHelper, computer, localUserHelper
-
-def readAttributes():
-    """
-    Reads all attributes of the current user from ldap
-
-    :return: Tuple (success, dict of user attributes)
-    :rtype: tuple
-    """
-    if not user.isInAD():
-        return False, None
-
-    return ldapHelper.searchOne(f"(sAMAccountName={user.username()})")
-
-def school():
-    """
-    Gets the school of the current user from the AD
-
-    :return: The short name of the school
-    :rtype: str
-    """
-    rc, userdata = readAttributes()
-    
-    if not rc:
-        return False, None
-
-    return True, userdata["sophomorixSchoolname"]
-
-def username():
-    """
-    Returns the user of the current user
-
-    :return: The username of the current user
-    :rtype: str
-    """
-    return getpass.getuser().lower()
-
-def isUserInAD(user):
-    """
-    Checks if a given user is an AD user.
-
-    :param user: The username of the user to check
-    :type user: str
-    :return: True if the user is in the AD, False if it is a local user
-    :rtype: bool
-    """
-    if not computer.isInAD():
-        return False
-    
-    rc, groups = localUserHelper.getGroupsOfLocalUser(user)
-    if not rc:
-        return False
-
-    return "domain users" in groups
-
-def isInAD():
-    """Checks if the current user is an AD user.
-
-    :return: True if the user is in the AD, False if it is a local user
-    :rtype: bool
-    """
-    return isUserInAD(username())
-
-def isRoot():
-    """
-    Checks if the current user is root
-
-    :return: True if the current user is root, False otherwise
-    :rtype: bool
-    """
-    return os.geteuid() == 0
-
-def isInGroup(groupName):
-    """
-    Checks if the current user is part of a given group
-
-    :param groupName: The name of the group
-    :type groupName: str
-    :return: True if the user is part of the group, False otherwise
-    :rtype: bool
-    """
-    rc, groups = localUserHelper.getGroupsOfLocalUser(username())
-    if not rc:
-        return False
-
-    return groupName in groups
-
-def cleanTemplateUserGtkBookmarks():
-    """Remove gtk bookmarks of the template user from the current users `~/.config/gtk-3.0/bookmarks` file.
-    """
-    logging.info("Cleaning {} gtk bookmarks".format(constants.templateUser))
-    gtkBookmarksFile = "/home/{0}/.config/gtk-3.0/bookmarks".format(user.username())
-
-    if not os.path.isfile(gtkBookmarksFile):
-        logging.warning("Gtk bookmarks file not found, skipping!")
-        return
-
-    fileHelper.removeLinesInFileContainingString(gtkBookmarksFile, constants.templateUser)
-
-def getHomeShareMountpoint():
-    """
-    Returns the mountpoint of the users serverhome.
-
-    :return: The monutpoint of the users serverhome
-    :rtype: str
-    """
-    rc, homeShareName = _getHomeShareName()
-
-    if rc:
-        basePath = constants.shareMountBasepath.format(username())
-        return True, f"{basePath}/{homeShareName}"
-
-    return False, None
-
-def mountHomeShare():
-    """
-    Mounts the serverhome of the current user
-
-    :return: True on success, False otherwise
-    :rtype: bool
-    """
-    rc1, userAttributes = readAttributes()
-    rc2, shareName = _getHomeShareName(userAttributes)
-    if rc1 and rc2:
-        try:
-            homeShareServerPath = userAttributes["homeDirectory"]
-            res = shares.mountShare(homeShareServerPath, shareName=shareName, hiddenShare=False, username=username())
-            return res
-
-        except Exception as e:
-            logging.error("Could not mount home dir of user")
-            logging.exception(e)
-
-    return False, None
-
-# --------------------
-# - Helper functions -
-# --------------------
-
-def _getHomeShareName(userAttributes=None):
-    if userAttributes is None:
-        rc, userAttributes = readAttributes()
-    else:
-        rc = True
-
-    if rc:
-        try:
-            usernameString = username()
-            shareName = f"{usernameString} ({userAttributes['homeDrive']})"
-            return True, shareName
-
-        except Exception as e:
-            logging.error("Could not mount home dir of user")
-            logging.exception(e)
-
-    return False, None
\ No newline at end of file
diff --git a/roles/lmn_printer/files/lmn-printer.sh b/roles/lmn_printer/files/lmn-printer.sh
index e103068..b609412 100644
--- a/roles/lmn_printer/files/lmn-printer.sh
+++ b/roles/lmn_printer/files/lmn-printer.sh
@@ -1 +1 @@
-[[ "${UID}" -gt 10000 ]] && /usr/local/bin/onLogin
+[[ "${UID}" -gt 10000 ]] && sudo /usr/local/bin/install-printers.sh
diff --git a/roles/lmn_printer/files/onLogin b/roles/lmn_printer/files/onLogin
deleted file mode 100644
index 565b80f..0000000
--- a/roles/lmn_printer/files/onLogin
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/bin/python3
-
-# DO NOT MODIFY THIS SCRIPT!
-# For custom scripts use the hookdir /etc/linuxmuster-linuxclient7/onLogin.d
-
-# This schript is called in user context when a user logs in
-try:
-    import os, sys
-    #import traceback
-    from linuxmusterLinuxclient7 import logging, hooks, shares, user, constants, gpo, computer, environment
-
-    logging.info("====== onLogin started ======")
-
-    # mount sysvol
-    rc, sysvolPath = shares.getLocalSysvolPath()
-    if rc:
-        environment.export(f"SYSVOL={sysvolPath}")
-
-    # process GPOs
-    gpo.processAllPolicies()
-
-    logging.info("======> onLogin end ======")
-
-except Exception as e:
-    try:
-        #traceback.print_exc()
-        logging.exception(e)
-    except:
-        print("A fatal error occured!")
-
-# We need to catch all exceptions and return 0 in any case!
-# If we do not return 0, login will FAIL FOR EVERYONE!
-sys.exit(0)
diff --git a/roles/lmn_printer/files/onLogout b/roles/lmn_printer/files/onLogout
deleted file mode 100644
index 9fe8a00..0000000
--- a/roles/lmn_printer/files/onLogout
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/python3
-
-# DO NOT MODIFY THIS SCRIPT!
-# For custom scripts use the hookdirs
-# /etc/linuxmuster-linuxclient7/onLoginAsRoot.d
-# and /etc/linuxmuster-linuxclient7/onLogoutAsRoot.d
-
-# This schript is called in root context when a user logs in or out
-try:
-    import os, sys
-    from linuxmusterLinuxclient7 import logging, hooks, constants, user, shares, printers, computer, realm
-
-    pamType = os.getenv("PAM_TYPE")
-    pamUser = os.getenv("PAM_USER")
-    #PAM_RHOST, PAM_RUSER, PAM_SERVICE, PAM_TTY, PAM_USER and PAM_TYPE
-    logging.info("====== onLoginLogoutAsRoot started with PAM_TYPE={0} PAM_RHOST={1} PAM_RUSER={2} PAM_SERVICE={3} PAM_TTY={4} PAM_USER={5} ======".format(pamType, os.getenv("PAM_RHOST"), os.getenv("PAM_RUSER"), os.getenv("PAM_SERVICE"), os.getenv("PAM_TTY"), pamUser))
-
-    # check if whe should execute
-    if not hooks.shouldHooksBeExecuted(pamUser):
-        logging.info("======> onLoginLogoutAsRoot end ====")
-        sys.exit(0)
-
-    elif pamType == "close_session":
-        # cleanup
-        printers.uninstallAllPrintersOfUser(pamUser)
-
-    logging.info("======> onLoginLogoutAsRoot end ======")
-
-except Exception as e:
-    try:
-        logging.exception(e)
-    except:
-        print("A fatal error occured!")
-
-# We need to catch all exceptions and return 0 in any case!
-# If we do not return 0, login will FAIL FOR EVERYONE!
-sys.exit(0)
-
diff --git a/roles/lmn_printer/files/rmlpr.service b/roles/lmn_printer/files/rmlpr.service
deleted file mode 100644
index e89b994..0000000
--- a/roles/lmn_printer/files/rmlpr.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Remove all printers
-
-[Service]
-Type=simple
-ExecStart=sh -c 'lpstat -p && for printer in $(lpstat -p | cut -f 2 -d " "); do lpadmin -x $printer; done || echo no printer found.'
diff --git a/roles/lmn_printer/files/rmlpr.timer b/roles/lmn_printer/files/rmlpr.timer
deleted file mode 100644
index a8097d2..0000000
--- a/roles/lmn_printer/files/rmlpr.timer
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Remove all printers on boot
-
-[Timer]
-OnBootSec=10
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/lmn_printer/files/scripts/sudoTools b/roles/lmn_printer/files/scripts/sudoTools
deleted file mode 100755
index 7459135..0000000
--- a/roles/lmn_printer/files/scripts/sudoTools
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/usr/bin/python3
-#
-# Script to do some things that require root permissions as a normal user
-# Currently used for:
-# - mounting shares
-# - installing printers
-#
-
-import os, sys, argparse
-from linuxmusterLinuxclient7 import shares, printers, constants
-
-
-parser = argparse.ArgumentParser(description="Script to do some things that require root permissions as a normal user")
-
-subparsers = parser.add_subparsers(title='Tasks', metavar="<task>", help="The task to execute", dest="task", required=True)
-
-subparserCache = subparsers.add_parser('install-printer', help='install a printer')
-requiredGroupCache = subparserCache.add_argument_group('required arguments')
-requiredGroupCache.add_argument("--path", help="The network path of the printer", required=True)
-requiredGroupCache.add_argument("--name", help="The name of the printer", required=True)
-
-subparserCache = subparsers.add_parser('mount-share', help='mount a network share')
-subparserCache.add_argument("--hidden", help="Hide this share", action='store_true')
-requiredGroupCache = subparserCache.add_argument_group('required arguments')
-requiredGroupCache.add_argument("--path", help="The network path of the share", required=True)
-requiredGroupCache.add_argument("--name", help="The name of the share", required=True)
-
-args = parser.parse_args()
-
-task = args.task
-
-if not os.geteuid() == 0:
-    print("This script has to be run using sudo!")
-    exit(1)
-
-username = os.getenv("SUDO_USER")
-
-if task == "install-printer":
-    if printers.installPrinter(args.path, name=args.name, username=username):
-        sys.exit(0)
-    else:
-        sys.exit(1)
-    pass
-elif task == "mount-share":
-    if shares._mountShare(username, args.path, args.name, args.hidden, False):
-        sys.exit(0)
-    else:
-        sys.exit(1)
-
-exit(0)
\ No newline at end of file
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 23ef2c2..7023c0d 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -3,7 +3,6 @@
   apt:
     name:
       - cups
-      - python3-ldap
     state: latest
 
 - name: Disable cups printer browsing
@@ -19,66 +18,20 @@
     state: stopped
     enabled: no
 
-- name: Configure pam_mount sysvol mount
-  blockinfile:
-    dest: /etc/security/pam_mount.conf.xml
-    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (SysVol) -->"
-    block: |
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="sysvol/"
-        mountpoint="/srv/samba/%(USER)/sysvol"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
-        ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
-      </volume>
-    insertafter: "<!-- Volume definitions -->"
-
-- name: Create /etc/linuxmuster-linuxclient7 Directory
-  file:
-    path: /etc/linuxmuster-linuxclient7
-    state: directory
-    mode: 0755
-
-- name: install linuxmuster-linuxclient network.conf
+- name: install install-printers.sh
   template:
-    src: network.conf.j2
-    dest: /etc/linuxmuster-linuxclient7/network.conf
-    mode: 0644
-
-- name: install linuxmuster-linuxclient python libs
-  copy :
-    src: linuxmusterLinuxclient7
-    dest: /usr/lib/python3/dist-packages
-
-- name: Create /usr/share/linuxmuster-linuxclient7/scripts Directory
-  file:
-    path: /usr/share/linuxmuster-linuxclient7/scripts
-    state: directory
+    src: install-printers.sh.j2
+    dest: /usr/local/bin/install-printers.sh
     mode: 0755
 
-- name: install linuxmuster-scripts
+- name: install lmn-install-printers sudoers
   copy:
-    src: scripts/sudoTools
-    dest: /usr/share/linuxmuster-linuxclient7/scripts/
-    mode: 0755
-
-- name: install lmn-sudotools
-  copy:
-    src: 90-lmn-sudotools
+    src: 90-lmn-install-printers
     dest: /etc/sudoers.d/
     mode: 0660
     owner: root
     group: root
 
-- name: install onLogin script
-  copy :
-    src: onLogin
-    dest: /usr/local/bin/
-    mode: 0755
-    owner: root
-    group: root
-
 - name: install lmn-printer.sh in /etc/profile.d/
   copy:
     src: lmn-printer.sh
@@ -86,18 +39,3 @@
     mode: 0644
     owner: root
     group: root
-
-- name: Provide service and timer to remove all printers on boot
-  copy:
-    src: "{{ item }}"
-    dest: "/etc/systemd/system/{{ item }}"
-    mode: 0644
-  with_items:
-    - rmlpr.service
-    - rmlpr.timer
-
-- name: enable rmlpr.timer
-  systemd:
-    name: rmlpr.timer
-    enabled: true
-
diff --git a/roles/lmn_printer/templates/install-printers.sh.j2 b/roles/lmn_printer/templates/install-printers.sh.j2
new file mode 100644
index 0000000..9c953fd
--- /dev/null
+++ b/roles/lmn_printer/templates/install-printers.sh.j2
@@ -0,0 +1,36 @@
+#!/usr/bin/bash
+
+set -eu
+
+printservers="{{ printservers | join(' ') }}"
+hostname=$(hostname)
+hostgroup=$(id -Gn "${hostname^^}$")
+usergroup=$(id -Gn "${SUDO_USER}")
+installedprinters=$(lpstat -p | cut -f 2 -d" " | sed -z 's/\n/ /g' )
+
+echo "Hostgroups: ${hostgroup}"
+echo "Usergroups: ${usergroup}"
+echo "Installed Printers: ${installedprinters}"
+echo
+
+for printer in $installedprinters; do
+  if ! $(echo "${hostgroup}" | grep -w -q "${printer}") && ! $(echo "${usergroup}" | grep -w -q "${printer}") ; then
+    lpadmin -x "${printer}"
+  fi
+done
+
+for printserver in $printservers; do
+  echo "checking Server: $printserver"
+  printers=$(lpstat -h "${printserver}" -U "${SUDO_USER}" -v | cut -f 3 -d" " | sed 's/:$//g' | sed -z 's/\n/ /g' )
+  echo "Available Printers: $printers"
+  for printer in $printers; do
+    if $(echo "${hostgroup}" | grep -w -q "${printer}") || $(echo "${usergroup}" | grep -w -q "${printer}") ; then
+      if ! $(echo "${installedprinters}" | grep -w -q "${printer}"); then
+        echo "Adding ${printer}"
+        timeout 10 lpadmin -p "${printer}" -E -v "ipp://${printserver}/printers/${printer}" -m everywhere  || echo "Printer ${printer} could not be added"
+        installedprinters+=" ${printer}"
+      fi
+    fi
+  done
+done
+
diff --git a/roles/lmn_printer/templates/network.conf.j2 b/roles/lmn_printer/templates/network.conf.j2
deleted file mode 100644
index 5cd39ce..0000000
--- a/roles/lmn_printer/templates/network.conf.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-[network]
-serverHostname = server
-domain = pn.steinbeis.schule
-realm = PN.STEINBEIS.SCHULE
-version = 1

From f7c7eb1901d4158590263e6c9b5ae92a32534e2e Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 13:42:02 +0100
Subject: [PATCH 417/504] check if rmlpr.timer is installed before disabling

---
 lmn-client.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 6e1ed14..e7035fa 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -154,11 +154,16 @@
             ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
           </volume>
         state: absent
- 
+
+    - name: check if rmlpr.timer is installed
+      stat: path=/etc/systemd/system/rmlpr.timer
+      register: rmlpr
+
     - name: disable rmlpr.timer
       systemd:
         name: rmlpr.timer
         enabled: false
+      when: rmlpr.stat.exists
  
     - name: Remove deprecated files and directories
       file:

From 6edbc8dadeaa020d93182bee47bac807e7cb6a3a Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 13:55:22 +0100
Subject: [PATCH 418/504] nicelevel 19 for ctorrents

---
 roles/lmn_vm/files/linbo-torrenthelper.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/linbo-torrenthelper.sh b/roles/lmn_vm/files/linbo-torrenthelper.sh
index 8f6d4f1..8c5f2a1 100755
--- a/roles/lmn_vm/files/linbo-torrenthelper.sh
+++ b/roles/lmn_vm/files/linbo-torrenthelper.sh
@@ -25,7 +25,7 @@ OPTIONS="$OPTIONS $torrent"
 
 while true; do
  #$SUDO /usr/bin/ctorrent $OPTIONS || exit 1
- /usr/bin/ctorrent $OPTIONS || exit 1
+ nice -n 20 /usr/bin/ctorrent $OPTIONS || exit 1
  # hash check only on initial start, add -f parameter
  echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
 done

From 70c45c477f6ed784354f358d0d649df33effbd48 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 9 Nov 2023 16:51:09 +0100
Subject: [PATCH 419/504] printerservers vaulted

---
 lmn-client.yml |   2 +-
 lmn-vault      | 216 +++++++++++++++++++++++++------------------------
 2 files changed, 110 insertions(+), 108 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index e7035fa..3cac788 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -52,7 +52,7 @@
     ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
     proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
     no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
-    printservers: ['10.190.1.1'] ## list of printservers
+    printservers: "{{ vault_printservers }}" ## ['10.0.0.1','10.0.0.15'] 
 
     ## PAM mount nextcloud, remove or leave empty to skip:
     web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
diff --git a/lmn-vault b/lmn-vault
index a903f1c..359df22 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,108 +1,110 @@
 $ANSIBLE_VAULT;1.1;AES256
-65633363646535646163353331353934343961306136663461633362323362643537386162346435
-6161306230316364656463313530376230313561653964650a333737336431326663366631666663
-61366333623231316336353362666130653838663233306334353734316338336334313630653339
-6335306166653434320a396232363732346239386533366236623332356231633536346136333666
-66316630313133646537373139636533313638663336343366623464313764636161326432653132
-38303864373736643932383436383331376139333439666166613463346636306235623961663530
-31616339623538663332633539376366663739633831633361363961323039386237323830393734
-36383734643134643530313631643561346266353665646563306334303339323231323766353334
-33353830336131653831636564383635356439363433663133663536653764653133666262303432
-38633034363764396461356130323531616561613734333039393836333338346235633838663330
-30646665656564646561663335643331633562623937623337353933623530363166646666363436
-35356434663830306634396633626139613632363364333163366539396539366434333331313438
-63353163386361396233643832313535383261366363333863383363353835633032376133373361
-61373535356535383836323438626265646330303238636632393034396133363131663031353933
-37393865393336313264393231643831623566666133343836633635353861613836386661376238
-39353461623839323532373064326238623961356466613130323535653437626364303261623537
-35306666373163646134666232356564623764353630333166326261393230623663363266336532
-35306564396430626639623461643035363933346435646363633464636432323462353766363639
-63346464396563656463383961623234366162666236646465336535343234376534616363363661
-64366134356362613535343835643538656333363935313865383436303230373634313166333566
-33643962623963356139396366316563623835313265656461636665396361336237353162646236
-38333661323765303932363237383939363336623765376538346538623836373539373339326435
-63656263343862356363616636366461313766363365636339336439333135326633343935653739
-63623839343338616336626163623261613062643433333331656230303138313037336536303638
-37643639336633386239366463383130623637633938313534323066643930313931313965313562
-66386434303964646363346634393230313132383764323635313430336565343837653536336238
-31303937636165393939653965303766653937376639656333643636623334346261666432336235
-64326366656635303635666161333231323530376236303238336663656562353132373265396434
-63663431626664626130333765346430633061333238363033343737633766633663633266363835
-35616533336666353033316462643732363565663162623630313462663761363333623663336163
-31626461663435303435663161626134343535383832366430653036323037343533356230386438
-34303335666663373638323761303135646330626566373065666130393863666539303037376231
-61643832633463323831623866333432353734313863643235386333396538383531303434376536
-65376336653864636230643861616530333666623036393435333237343137316463613730633066
-61346535356461653734396661643332323666393631313133353333666137613035346237313362
-65363433393066346131323733363034303031326563343161323366343866336338333832343832
-61633762323962393531313164313232356630333935623662383639363336393165343636393033
-34656466636632316365383038613130373535393532646136303063376431323963653163623665
-37353765616633303134346364643564613136633165396162343231626634353831373638656138
-34336536653533326661366332363239626233346436613738626339643433323438356139633762
-66613937613830306530646239363834613533346432376463663230363432343165353233643436
-39666233633266636136383335386539383263356534353563316365613336363965633039396430
-62376339396233653864373031353436633333666636643739313766643037306463323235363732
-38356630623739303761303133366436333536363131663633376566643030643334353137646436
-30666634346232656237363935666337393332333031353534646137373464326237353731303635
-66663461383932613333653665343361393161306462386362643562663861363238636633363231
-31666662613266333832343639376564363865643336373961653334656630313939353762623765
-64633964643332356562623061376335666566383539333334303964636137313539373039623532
-38373763626261316662333766613362633063653062363730383365323839386365373830663632
-34623031363266333461396164613433306338313830373564626439336662303365343335636164
-37373238656238646437636237366335623039656536323732386635633233336230346230336631
-63646238376232346630353565373534623034313639386539366662336534323231626136653436
-39613165336464333433333862333331613761323263636337336231353733373632313530636266
-30343233663161306166623033666664336161613664326636336533616335316462646539663438
-38316533646161656335333938343866623865313235646265373565323862356438383339353263
-37646431643935303965326132323131346231616262313964643736393334656233333864646261
-66353666303666656535326266343262306137633139303734613965333232633766326437333638
-33323061623032326563626132383935626230343030303337663530356333316533346164326461
-39666239303439343135613930363238356531356536333535396238366130663565663332323537
-30346234386166343332353132623036383732336166626662616666663539316161373934333030
-64316539376561613937666562656635343165323636636433656638303031373935616435646332
-63393039613466383034313037383063313830616563646233306164353439653832313463393566
-36353162353365653065386532333233363864626339383232313264333835366334363564313165
-63326135393432636634376534356665633733316133373666366337316566303634653637363466
-63623761623032393361393630613036346637356465643838393366393966373035333861623434
-63623835383132623766366639313837323539333933346165666138626139623965373962663835
-62643661616565353138343262323366653330366164313031623861663234353966383737386664
-30333564613631643762613932396666653566323536353961353933376262323739653338383538
-34666231616635333866306535393730313837346638393665316563323538386366323630383334
-32303361383231313863346166653233616364333736346264393836643935373065346438633138
-64323636623066303537373762303932303963303430383839656361386437646564383937333239
-64306238663130666234626537303466383162316230373633373766346338323865616435653838
-30613435356337613261373330323536646333376333366531326165383336623735353834643337
-32386561653035376663633062373133303036363133303564636461313235373030623337326237
-36666462353337373437326236623531366564323065623530633663363866373364373536653232
-30633634376336313366376161316633323238313261616233316339343230306131643531626163
-38303632653432643436626339373536616366653062613739666233613638626133353632633739
-61663230656366376537346434303266303263663064303932383035333764633135376236316232
-33626566333030346562613531313534326564383130396366353664616439323465616165323865
-65643663643633326435613565346132313866633932636561326536643138643137313836613062
-62313930663338616362336231643831316130643736633566303565626434623666633762643935
-61343633386134373935376339393965333666383731623832373936613764376361653737333236
-65663666353736366266316233646536343763633163383539306364383566383131333530633833
-37666639643663363531643930656332633030373531323334663632653363623936346634626531
-35636535646462623939303965383661346161326231303031346136613462313062303233653633
-31333237333331643138663530393537323231653637363032613133616130626333343739666164
-32343164363965643335646165343632626161373638343062656639653461653637326238303865
-36663830323066363562626666306431316165313265356139313033613065326461363963316633
-65306261633233373066393539326138313238656663303334626362313564393637313930616266
-33366137643163343933383962303539386131623063616632323831306230316264356336396338
-64623931333161336631313163356637336562323738336638363831363064363034636435376538
-35636166303630663466306630383432633030363762323363616562636135376566306630323065
-33303333323563633533653932653434623636303966343466336633303537393137336439386530
-39666431383636646634376332653131353465633664316266383835373332303936653936363737
-62393038646434623265663730653938646438343336396537316436633837383862353839386464
-33376264353537626231393366666139343833363135646233633638666234383566383934323732
-62313031323534356233623932623663346632646464323566623636333433333664313130383561
-33333231346435323266336261623665336630333166633561363963376439323736623362383030
-38393138353337383466366334373130393633393331393632666435373737306237383562343235
-35656163343939626130353537393032643732613631313233366637303663653635306539383430
-36333465306539613935643131393266366361313361313832313630373065653031663564663535
-35343430373061313061616164363530373731666239653130613731323734373136323736313161
-32613430376136656337646563646365356466616539613337393737356662646530386133646562
-38633732396338373361326338323862326138666461306264353137316532636564626230313635
-38316435363965343035303363353831646439666363363130656364636532656430633135383163
-66656532353662616134393439666561616436333463343962393739326337323965366165633963
-383861353830666365343437396238366138
+37663931383332613032386465663865336137383262383139636136653636623834343537316539
+3930303237653661363630656261323537663931646161370a626232346237383930396362646564
+34336337383932663166336166363933316238336632323364623161643136636438336637616530
+3064373439646363620a326433316565333630643238373062343037653038316263383233346533
+34396639656533656664323665653231633537366362616265343436626466393836363439636633
+32656532373038396638393861313832386466643735393737626138373032353362613039336530
+31306131616263333861346434636162303632356536656134346263623863306162643063353039
+32623930356561356333326334613666393639633436363539326436333530326337626538396562
+34353230306637623265623465313064623536343730396661306331313365343731366332613037
+33303534643231653439653962636237333962656631636634353730313535616637343666626364
+63633736393832663932636230356665626538313133333331323334336333353238623561313939
+66653138666335633330386263623937326164346663616131363833383536306162323737313736
+31343162633534366438306538376238333062646266666136376265383236363162313061326531
+62333531353630613639353166323035393038666263623931653631646263323062326434386361
+63646538656134616435663531393132663638383165643037303461643939373839626665663265
+61303961306238343635383231646362626639623232623333366338356361343737656665613431
+34363161626266346438303235363032646235303933383634303034343536626332623761306361
+39616239383161303334313936393632633866623031373265386661353330396432396364373330
+36386264633866316337393765333039373361653338663462663939323839373732393736393361
+32333034663966323665303532313039333438663466366435653136623166366263636434303966
+61303934633939373463373664376230363831383630633639663031303237356166663931386635
+30303461663236326536383439396139316232323162343965353034656464616431643439633837
+30346231643561636263343738613239396361383238636261646262373137383461373432343635
+33386631653139316436313532646630626230613335633538306666386163653439613462343662
+30626130326463393336643039396433643266393266646238353566306633643561386430613161
+30363263616231353661303030356638323438373466633466323833393463663562343933326631
+34313162383433356662346166383761636438636466633462396230383133613038323666643233
+63383138616637363830613661313236336564636162383262373064336365303435313463323564
+39313539656136613564393239343032373038393266656366643639303662646534306665396237
+35393264626430373662376231323165316333353263306637313962663736353633636661663961
+37336134643031323361333538613933666634666363313535636631323366613066633037653939
+32643165393631353534623435613732653364303833356436356263356438363961303665626364
+66363463633665393737616265613439326361353134623537626437303566343962626364623134
+34343165626230383039316134343238653933386134303936346162613261386539353064303330
+36353135323235663165353662643735636361646239333238306163393235663461613938643163
+34373464376163623961646262363437303563386333633764346366343066313065386530633334
+38306138616436653732316638373335353437363162373830623864633139313130386464666233
+31366165373539343766643135363136346430623335333061656664656338386661353366613865
+31323036633662636364343664626165346561323664366263383762343036373338346236353738
+31666361613036663861343937613364323130356565353161373431303732396337343134373538
+34326666346132656234623365643137343864363138666139333032393636333537626336313365
+65343136356261323637303833633132343334303366633063363437316331383434313164616332
+35636430643666626631353164646361303034366461343331376363323535303265353435323764
+63393935353731633364326365316238313031623662323235316237356663303236633838336365
+30323862656562643134363362323335396336666532336338346561623163653861316165633731
+61383736353137643339353638373035373136353161643737353839663833646230633230333962
+33363030333139613338396635396332613738363837356566646661336638613838303764616334
+32653234656265313566316463363235373337623634393764663066613530306166613238653164
+33636339336135666661303338376439636334326634373538326233653566346663376166346239
+33376130633439663130313637653865626464363531663035643466343932323439333638303663
+37346234316233373663303230353631646437616534396639396139616262383238323938666533
+38613061613632333637303731323564343664386365646562363766323734613332323462303266
+38626133643638376663343337393836663265633763326136336436346130316533373131366534
+32386465353938383266343930386362636265363761303431333730373261306564333137326562
+37643362316161643436633066343537336561623033326165623837633464663163326630346531
+38653233336639353938323932383761386230383639666265346536653035313530363665653562
+39333834313736316430666534353134373561343337323330376331323532643137663938306463
+30313162383230333138316339663432633962303161323065613039356464626166643430373465
+38343536343261346232636464316332336664643638653665333535366362303461633665666237
+31333937373762363166663936623034313934353137636266663665623066373239363164633731
+66303066336134343566313030613866313332626338363634336639636239613032343166366331
+64626130613163626230343366643063333766313530383734626161336565633635643639633361
+39663931656632333539383430393465636634663734656662393831316639316138663636373761
+34346363343966626235326338333264313266343334303533393932633032616661643236303537
+32653239393133373331623538313365636538326262373865373533646332663862373530363130
+32663938663266643461356237333139373133613833653333616464663635663131643336363534
+31313131376163633331326434303961353032633862366137326439363838383064323462643964
+30623433326361666136326237653866386534626133363334373838643635613436333035313364
+64393030323230393336373566393966326637363932336133333762626437373163626231336562
+64316538306366343732333031373765303339373436313535636231623739653932363064646461
+35323735393032333433633462313938626666303466356336323031343533346466383631653839
+32306139393039333336633639363034343566646164646334663561373563393434326233353863
+32336437623662396430623261633338623130386631616333373732383239386139326138643761
+33393031396563323566326262363037663439333233373435343039633664643064386665383931
+34653133373334346265656361333036636163386462316636643637313631323965623139313864
+37346161386539636438636533623563646535373731653336313130343365633365663533316233
+33343938333435333865653863363266326334383961396537373561366130316632376135393836
+63363033616164326364613537343037343632383638656237613633633139626363666163646537
+64393665373036396536376466633666653038613166353138636462633934306336396164323831
+32613434623539666439653131393365643738383032303930386135336664636239313031356330
+34643661643762313739386661326238343036633936376439643535383766323731353464616336
+63316438303937333232666339393635653265653066626335393839313131316164383131626637
+64313831306637313135633661333632376235656563323836656335303931663731303366326161
+63386137393835303339643933333130646532393262613635366139326434333731633630393433
+31646231616339363839623833326665333936316538343339663863356362356435666162633534
+39313833363962666139326535636133663332316431323835383035616161363032383766366363
+33653730616164313139623163356234633538356232386332656631643833663239663038643336
+35396563653433376661303961663563663333313132326263366137373263623566626634636332
+63393536303963626364653862333664616236386461323865363333663936363235653064383864
+61363464313434643938366230613139353034333330383435336364623136626565663764633230
+39383064323135336132356663366435333164313435363636353230386365316631393636613262
+37373666303836653664363266303534633037616630656633333466643631313865646462363931
+66353934393637623634326632326334616266393636343662396663373236326333663932333235
+36616439333265396266616364333239306166646335383462353235323661353837616534333433
+32623637326434613738326538323661356566373833393836343036373361393539363462393265
+33316237333532663266306139323464656530363539316364666638386338633137363533313065
+38626538323064656561613431613039323937333738353338323331656362306538613463393661
+36306237646264383338666563656239353439303265623763353839363032326261636238353235
+30353666373633396136336361363164353835646432643938316533613262373462626435646335
+62646134663362366266663565633934616166353363663039653464353330366130623930623237
+61353162376264646132393831376433303433663339336439623430346664353761363061363436
+32616539333066356563646363333133626262366566616133623635323335363936336362333062
+38303239353434306230663465623736313035376165623838346338383238383666313133333366
+62396633386133613538303565663332333730346638656161356637623931333062313462393562
+31336135326533653961393661656162653561653139333161643139363962373138383661303838
+34396461616538396331306331666434396537663534616465376565313837373232366235313830
+66393961346139393763333933326537383161373564656131323837376233393565333937616566
+39643961323236316661353331346164363137323536626665643864393137353964313465323930
+3334

From 5818c027ace9cf30980405635782cc0a1fbff961 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 11 Nov 2023 10:05:47 +0100
Subject: [PATCH 420/504] Clean up print queue script and implementation.

---
 lmn-client.yml                                |  4 +-
 roles/lmn_fvs/files/lmn-patch-dolphin.sh      |  4 +-
 roles/lmn_printer/defaults/main.yml           |  2 -
 .../lmn_printer/files/90-lmn-install-printers |  1 -
 roles/lmn_printer/files/lmn-printer.sh        |  1 -
 roles/lmn_printer/tasks/main.yml              | 16 +++---
 .../templates/install-printers.sh.j2          | 57 +++++++++++--------
 7 files changed, 43 insertions(+), 42 deletions(-)
 delete mode 100644 roles/lmn_printer/defaults/main.yml
 delete mode 100644 roles/lmn_printer/files/lmn-printer.sh

diff --git a/lmn-client.yml b/lmn-client.yml
index 3cac788..2980123 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -52,7 +52,7 @@
     ntp_serv: "{{ vault_ntp_serv }}"  ## ntp.example.org
     proxy: "{{ vault_proxy }}"        ## http://firewall.example.org:3128
     no_proxy: "{{ vault_no_proxy }}"  ## firewall.example.org,server.example.org,idam.example.org,dw.example.org
-    printservers: "{{ vault_printservers }}" ## ['10.0.0.1','10.0.0.15'] 
+    printservers: "{{ vault_printservers }}" ## ['10.0.0.1', '10.0.0.15']
 
     ## PAM mount nextcloud, remove or leave empty to skip:
     web_dav: "{{ vault_web_dav }}"    ## https://nc.example.org/remote.php/dav/files/%(USER)
@@ -164,7 +164,7 @@
         name: rmlpr.timer
         enabled: false
       when: rmlpr.stat.exists
- 
+
     - name: Remove deprecated files and directories
       file:
         path: "{{ item }}"
diff --git a/roles/lmn_fvs/files/lmn-patch-dolphin.sh b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
index e89daf5..7e7c8e2 100755
--- a/roles/lmn_fvs/files/lmn-patch-dolphin.sh
+++ b/roles/lmn_fvs/files/lmn-patch-dolphin.sh
@@ -9,8 +9,8 @@ file="${1:-$HOME/.local/share/user-places.xbel}"
 [[ -e "$file" ]] || exit 0
 
 if grep -q "Tausch\|Nextcloud" "$file" ; then
-   echo "Your Dolphin seems to already contain 'Tausch' and/or 'Nextcloud'."
-   exit 0
+    echo "Your Dolphin seems to already contain 'Tausch' and/or 'Nextcloud'." | tee "$file.lmn"
+    exit 0
 fi
 
 id="$(grep ID "$file" | sed -E "s|^.+ID>([[:digit:]]+)/([[:digit:]]+)</ID.+$|\1:\2|" \
diff --git a/roles/lmn_printer/defaults/main.yml b/roles/lmn_printer/defaults/main.yml
deleted file mode 100644
index cf3a823..0000000
--- a/roles/lmn_printer/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-smb_server: "server"
-smb_share: "default-school/"
diff --git a/roles/lmn_printer/files/90-lmn-install-printers b/roles/lmn_printer/files/90-lmn-install-printers
index 8f0763f..8b32a2b 100644
--- a/roles/lmn_printer/files/90-lmn-install-printers
+++ b/roles/lmn_printer/files/90-lmn-install-printers
@@ -1,4 +1,3 @@
 %examusers ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
 %role-student ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
 %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/install-printers.sh
-
diff --git a/roles/lmn_printer/files/lmn-printer.sh b/roles/lmn_printer/files/lmn-printer.sh
deleted file mode 100644
index b609412..0000000
--- a/roles/lmn_printer/files/lmn-printer.sh
+++ /dev/null
@@ -1 +0,0 @@
-[[ "${UID}" -gt 10000 ]] && sudo /usr/local/bin/install-printers.sh
diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 7023c0d..0132ebb 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -1,5 +1,5 @@
 ---
-- name: Install cups and python libs
+- name: Install cups
   apt:
     name:
       - cups
@@ -18,13 +18,13 @@
     state: stopped
     enabled: no
 
-- name: install install-printers.sh
+- name: Install install-printers.sh
   template:
     src: install-printers.sh.j2
     dest: /usr/local/bin/install-printers.sh
     mode: 0755
 
-- name: install lmn-install-printers sudoers
+- name: Install lmn-install-printers sudoers
   copy:
     src: 90-lmn-install-printers
     dest: /etc/sudoers.d/
@@ -32,10 +32,8 @@
     owner: root
     group: root
 
-- name: install lmn-printer.sh in /etc/profile.d/
+- name: Run printer script from /etc/profile.d/
   copy:
-    src: lmn-printer.sh
-    dest: /etc/profile.d/
-    mode: 0644
-    owner: root
-    group: root
+    dest: /etc/profile.d/lmn-printer.sh
+    content: |
+      [[ "${UID}" -gt 10000 ]] && (sudo /usr/local/bin/install-printers.sh > /dev/null &)
diff --git a/roles/lmn_printer/templates/install-printers.sh.j2 b/roles/lmn_printer/templates/install-printers.sh.j2
index 9c953fd..0342369 100644
--- a/roles/lmn_printer/templates/install-printers.sh.j2
+++ b/roles/lmn_printer/templates/install-printers.sh.j2
@@ -3,34 +3,41 @@
 set -eu
 
 printservers="{{ printservers | join(' ') }}"
-hostname=$(hostname)
-hostgroup=$(id -Gn "${hostname^^}$")
-usergroup=$(id -Gn "${SUDO_USER}")
-installedprinters=$(lpstat -p | cut -f 2 -d" " | sed -z 's/\n/ /g' )
+hostgroup="$(id -Gn "${HOSTNAME^^}$")"
+usergroup="$(id -Gn "${SUDO_USER}")"
+installedprinters="$(lpstat -p | cut -f 2 -d" ")"
 
-echo "Hostgroups: ${hostgroup}"
-echo "Usergroups: ${usergroup}"
-echo "Installed Printers: ${installedprinters}"
-echo
+cat <<EOF
+Hostgroups: ${hostgroup}
+Usergroups: ${usergroup}
+Local print queues:
+${installedprinters}
 
-for printer in $installedprinters; do
-  if ! $(echo "${hostgroup}" | grep -w -q "${printer}") && ! $(echo "${usergroup}" | grep -w -q "${printer}") ; then
-    lpadmin -x "${printer}"
-  fi
-done
+EOF
 
-for printserver in $printservers; do
-  echo "checking Server: $printserver"
-  printers=$(lpstat -h "${printserver}" -U "${SUDO_USER}" -v | cut -f 3 -d" " | sed 's/:$//g' | sed -z 's/\n/ /g' )
-  echo "Available Printers: $printers"
-  for printer in $printers; do
-    if $(echo "${hostgroup}" | grep -w -q "${printer}") || $(echo "${usergroup}" | grep -w -q "${printer}") ; then
-      if ! $(echo "${installedprinters}" | grep -w -q "${printer}"); then
-        echo "Adding ${printer}"
-        timeout 10 lpadmin -p "${printer}" -E -v "ipp://${printserver}/printers/${printer}" -m everywhere  || echo "Printer ${printer} could not be added"
-        installedprinters+=" ${printer}"
-      fi
+## Remove all printers not wanted:
+for p in $installedprinters ; do
+    if [[ ! "${hostgroup}" =~ "$p" ]] && [[ ! "${usergroup}" =~ "$p" ]] ; then
+	echo "Removing print queue '$p'."
+	lpadmin -x "$p"
     fi
-  done
 done
 
+## Add all printers needed:
+for ps in $printservers ; do
+    echo "Checking print server '$ps' for available printers:"
+    printers="$(lpstat -h "$ps" -U "${SUDO_USER}" -v | sed -E 's/^.+ (\w+): .+$/\1/')"
+    echo -e "$printers\n"
+    for p in $printers; do
+	if [[ "${hostgroup}" =~ "$p" ]] || [[ "${usergroup}" =~ "$p" ]] ; then
+	    if [[ "$installedprinters" =~ "$p" ]] ; then
+		echo "Print queue '$p' already available."
+	    else
+		echo "Adding print queue '$p'."
+		timeout 10 lpadmin -p "$p" -E -v \
+			"ipp://$ps/printers/$p" \
+			-m everywhere || echo "Adding queue '$p' failed."
+	    fi
+	fi
+    done
+done

From 5b652b0e28c67d6de0f10232b537874367e1af9a Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 13 Nov 2023 15:15:07 +0100
Subject: [PATCH 421/504] fixed filepath (link does not exist when installing)

---
 roles/lmn_vm/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index fc4af3f..9c506a5 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -52,7 +52,7 @@
 
 - name: Insert domain in default-network
   lineinfile:
-    path: /etc/libvirt/qemu/networks/autostart/default.xml
+    path: /etc/libvirt/qemu/networks/default.xml
     line: '  <domain name="{{ ansible_domain }}" localOnly="no"/>'
     insertafter: '<mac '
 

From 47844f301924c58df4a2dd74abe273eea00f441c Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 15 Nov 2023 13:46:35 +0100
Subject: [PATCH 422/504] extra network interface for TIA VM

---
 lmn-client.yml                    |  1 +
 roles/lmn_networkd/tasks/main.yml | 47 +++++++++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml       | 17 +++++++----
 3 files changed, 59 insertions(+), 6 deletions(-)
 create mode 100644 roles/lmn_networkd/tasks/main.yml

diff --git a/lmn-client.yml b/lmn-client.yml
index 2980123..dccce59 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -200,4 +200,5 @@
   roles:
     - role: lmn_wlan_iwd
       when: ansible_interfaces | select('search', 'wl.+') | first is defined
+    - lmn_networkd
     - lmn_localuser
diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
new file mode 100644
index 0000000..735f987
--- /dev/null
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -0,0 +1,47 @@
+---
+# temporary disable network manager
+# in future network manager will be used for wifi sticks
+- name: Disable Networkmanager
+  ansible.builtin.systemd:
+    name: NetworkManager.service
+      #state: stopped
+    enabled: False
+
+      #- name: Use iwd but ignore wlan interfaces in NetworkManager
+      #  blockinfile:
+      #    dest: /etc/NetworkManager/NetworkManager.conf
+      #    block: |
+      #      [device]
+      #      wifi.backend=iwd
+      #      match-device=interface-name:en*
+      #      managed=0
+
+- name: Configure systemd-networkd ethernet.network
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/ethernet.network
+    content: |
+       [Match]
+       Name=en*
+       [Network]
+       Bridge=virbr1
+
+- name: Configure systemd-networkd virbr1.netdev
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/virbr1.netdev
+    content: |
+       [NetDev]
+       Name=virbr1
+       Kind=bridge
+
+- name: Configure systemd-networkd virbr1.network
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/virbr1.network
+    content: |
+       [Match]
+       Name=virbr1
+       [Network]
+       DHCP=yes
+       [DHCPv4]
+       UseDomains=true
+       RouteMetric=512
+
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 9c506a5..f013d5b 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -54,7 +54,7 @@
   lineinfile:
     path: /etc/libvirt/qemu/networks/default.xml
     line: '  <domain name="{{ ansible_domain }}" localOnly="no"/>'
-    insertafter: '<mac '
+    insertafter: '</ip>'
 
 - name: Autostart default network for VMs
   file:
@@ -158,12 +158,17 @@
     mode: '0644'
   notify: "enable vmimage-torrent.service"
 
+- name: Prepare directory for qemu bridge config
+  ansible.builtin.file:
+    path: /etc/qemu/
+    state: directory
+
 - name: Deploy bridge.conf needed for qemu session mode
-  lineinfile:
-    path: /etc/qemu/bridge.conf
-    line: 'allow virbr0'
-    create: True
-    mode: '0655'
+  ansible.builtin.copy:
+    dest: /etc/qemu/bridge.conf
+    content: |
+      allow virbr0
+      allow virbr1
 
 - name: Deploy rsync.secret
   lineinfile:

From 7fed0e879be04679c464d108e168185259122654 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 13 Nov 2023 15:41:49 +0100
Subject: [PATCH 423/504] Implement reporting service.

---
 roles/lmn_fvs/files/pwroff.timer     |  4 +--
 roles/lmn_fvs/files/reporter         | 51 ++++++++++++++++++++++++++++
 roles/lmn_fvs/files/reporter.service |  6 ++++
 roles/lmn_fvs/files/reporter.timer   |  9 +++++
 roles/lmn_fvs/tasks/main.yml         | 14 +++++---
 5 files changed, 78 insertions(+), 6 deletions(-)
 create mode 100644 roles/lmn_fvs/files/reporter
 create mode 100644 roles/lmn_fvs/files/reporter.service
 create mode 100644 roles/lmn_fvs/files/reporter.timer

diff --git a/roles/lmn_fvs/files/pwroff.timer b/roles/lmn_fvs/files/pwroff.timer
index de3fcd0..0d11a63 100644
--- a/roles/lmn_fvs/files/pwroff.timer
+++ b/roles/lmn_fvs/files/pwroff.timer
@@ -1,9 +1,9 @@
 [Unit]
-Description=Run pwroff script every 30 min after 90 min uptime
+Description=Run pwroff script every 15 min after 90 min uptime
 
 [Timer]
 OnBootSec=90min
-OnUnitActiveSec=30min
+OnUnitActiveSec=15min
 
 [Install]
 WantedBy=timers.target
diff --git a/roles/lmn_fvs/files/reporter b/roles/lmn_fvs/files/reporter
new file mode 100644
index 0000000..0a87541
--- /dev/null
+++ b/roles/lmn_fvs/files/reporter
@@ -0,0 +1,51 @@
+#!/usr/bin/bash
+#
+# Send stdout of some commands to monitoring server.
+# Collect the reports with 'nc -u -k -l 1234' on 'sendto'.
+# Use /bin/nc.openbsd, /bin/nc.traditional seems not to work.
+#
+set -eu
+
+sendto="collector.steinbeis.schule 1234"
+
+cmds=(
+    'uname -a'
+    'uptime'
+    'apt list --upgradeable -o Apt::Cmd::Disable-Script-Warning=true'
+    'systemctl --failed'
+    'w'
+    'ls -ld /home/ansible/.ansible/tmp/'
+    'ip addr show'
+)
+
+r="$HOSTNAME: ------- $(date) -------
+$(for c in "${cmds[@]}" ; do echo "$c"; $c | sed 's/^/  /' ; done | sed "s/^/$HOSTNAME: /")
+## -------------------------------------------------"
+echo "$r" | nc -w 1 -u $sendto
+
+
+## below is the corresponding collector part:
+
+# #!/usr/bin/bash
+# #
+# # collect messages from reporter and drop it into log files
+# #
+#
+# set -eu
+#
+# port=1234
+#
+# logdir="/var/log/collector"
+# [[ -d "$logdir" ]] || mkdir "$logdir"
+#
+# nc -k -l -u -p "$port" | while read line ; do
+#     sndr="${line%%:*}"
+#     msg="${line#*: }"
+#     if [[ "$sndr" =~ [a-z0-9]+ ]] ; then
+#         if [[ "$msg" =~ ^-------\ .+\ -------$ ]] ; then
+#             echo "$msg" >  "$logdir/$sndr"
+#         else
+#             echo "$msg" >> "$logdir/$sndr"
+#         fi
+#     fi
+# done
diff --git a/roles/lmn_fvs/files/reporter.service b/roles/lmn_fvs/files/reporter.service
new file mode 100644
index 0000000..09f6378
--- /dev/null
+++ b/roles/lmn_fvs/files/reporter.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Run reporting script
+
+[Service]
+Type=simple
+ExecStart=/usr/local/sbin/reporter
diff --git a/roles/lmn_fvs/files/reporter.timer b/roles/lmn_fvs/files/reporter.timer
new file mode 100644
index 0000000..dbfda49
--- /dev/null
+++ b/roles/lmn_fvs/files/reporter.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run reporter script every 15 min
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=15min
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 901d354..ee841a7 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -92,7 +92,7 @@
     regexp: '^//(\s+"origin=.+-updates";)$'
     replace: '  \1'
 
-- name: Copy pwroff and bootorder scripts
+- name: Copy some scripts
   copy:
     src: "{{ item }}"
     dest: /usr/local/sbin/
@@ -100,20 +100,26 @@
   loop:
     - pwroff
     - bootorder.sh
+    - reporter
 
-- name: Provide service and timer for pwroff script
+- name: Provide services and timers for some scripts
   copy:
     src: "{{ item }}"
     dest: "/etc/systemd/system/{{ item }}"
     mode: 0644
-  with_items:
+  loop:
     - pwroff.service
     - pwroff.timer
+    - reporter.service
+    - reporter.timer
 
 - name: Enable pwroff.timer
   systemd:
-    name: pwroff.timer
+    name: "{{ item }}"
     enabled: true
+  loop:
+    - pwroff.timer
+    - reporter.timer
 
 - name: PXE first boot order
   command: /usr/local/sbin/bootorder.sh

From 70b5a515655c44cdecc8415d89e8cb14b2ad642d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 16 Nov 2023 13:22:07 +0100
Subject: [PATCH 424/504] Make sure order of network tasks is more clear.

---
 inventory.yml                     | 206 +++++++++++++++---------------
 roles/lmn_networkd/tasks/main.yml |  21 ++-
 roles/lmn_wlan_iwd/tasks/main.yml |   2 +-
 3 files changed, 116 insertions(+), 113 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 134d5f2..dbd998d 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,102 +1,106 @@
 $ANSIBLE_VAULT;1.1;AES256
-39333130303762616132633131366334623866666265643838613066333363383266306466343836
-3532633034666662386365313033616231346138346466350a643131613464353365663666383835
-30623162643332323437383963653235646163393636666639333531346535363737306231663631
-6137633139316562350a643565363962623035353537366638646637613533376466643035623135
-36666133313965346536643663336266353231373964343338343539303037323531303166613663
-35313434636661383030316161363461623331633033363061323938623435663265396436346536
-36623438363865623036653366663030326631613930313566346261346334663762383937633366
-66333066373431326461343365663030343661383564356531323838363866653532383863386639
-33363134323539646630336566653464363537373465343861303632323938653835613939613937
-61383932303031363030323465343737663430393836363564383539393263616437353933306361
-65373339613166616666636366363666656366316661346631663738623630366362316661396666
-36613636393733636634386265643837323264646537323330636533393634623436653761386633
-33363936326666666430646163636362643538386634656465353032316361343530363730383737
-38323163633436663032363565343766376166323165333531373330643138356636336133326439
-39623631616235343734653465616230313130336631653938663464386538363764303434613963
-33306333646462333964663237363765306238316564343132636430326439326362383564306236
-38333034383137623335626131653933643165643230346239346566343636656161646237646566
-38386431646333633763646431356437633237303261316265303832313832333230303634633261
-32323432333464373137346439343063393733383831323738643839303266653537356535346330
-38373135316463636434613764373062616137396332393538333163616137356538633234613332
-61343634353337343861636631376234666134373165303430663936613531373433653238663931
-65373839333165623965316664633532623234613764363535646435316330613366373236343634
-36636432616633336562646661393838353135613534303962303465636536376236616430383139
-34373038306539643063396631373237303534646463636437373964653536336435626133333639
-61663431363730663866626239386264633130666265396133353466383632636336363161343462
-35653632333565383163333537383464396332373230383864633739356534623136626336656637
-63643234666230393336323430646233393731366639303565343535613863343664623436636235
-66323236356435323639616235376266633638313562346564613463653537666137656134323734
-35613036636166393166393036326130393362333066373533623437363639613661623234343739
-30653632363564356664323961393538653166366230396563636438336535646562363230653064
-35326236356230323831383466353863353933636261333131366334623165336631323765346665
-36393063376666663661306637633538376239323633336235613534656462346463393136633833
-31383335386265656631363263303866303763666430343632663039316233633735613634306430
-61623132356331366462393530303165353764666637303134666635333639373666316164386161
-36323936313937396162303039303239363639336161646336653731393861653132616435343633
-65653466653035366234373535393130323736333865633534333864393137386633383739326161
-39386334353535643565376530303836386239643839396130333738373332303638323037653362
-37616638623731366262303965633531346561333439333931393832363733393537396234333035
-33373934613732396564366564656537316265613535316330346463666465376161653566656437
-39653730326331303033643064386235306636346533356433653461623462363563303934666634
-35323437396433646533626634343338306164316337393563346533383835343731643665306162
-33303438396239303038653033366262336339303063643137313930623464663236643738616437
-61353831633332303934323664396363636665633834306638343734343433383937396163323331
-66613063383032333236356261393937326165643636393661353464373130326630323931623439
-38313563333634383736393563303162623530356162663236376663646266313830353738353335
-39613965326331643866326365666561343161613235616431623634623636353534326431623032
-37383336383530333934323565383265356437346361363734353432626632333534363264303934
-38386135366336343939386334363532383761326438316139386230333436396536343439336366
-32663035313935323137366539333561636530633565353066633734313966303836613633613537
-37333266666361313261373434613830623435343734333962363762383463616463643561373264
-35623630623364623731616464343130626631346237336132643263306632653462373366396635
-34313835346534346439636464383431383861323137623466393334366133313732303962343166
-36353236343765323437613566646164626664373435343666623864353461653163333765333537
-63323631646263323465396234633234393362663531353935396236346165626234633933353537
-39363661386562313261363731313735353630386438636232316536336562616362646566613730
-33313063316665373638396464353936656636343735323664396131316338636239333337393737
-66653362653665613034376237663235316465396161623330396133323265653532323632616530
-33393138653533363632663261313364336563626333323034393632326333333464363432366264
-35343663303461366637363363646262626366303461373237366431353632306131326133313933
-33656434653737306265643738303966393939396264356136623466643837376466613464633634
-65623263616438393630363539376534353332623439333939303438653136656132386433353230
-64623134383439303735383934386435636138373966646138346235366434636464383136336163
-34333535373338313336303665343636383334343638383334616631333735373434643063636565
-33353933303932373834313762393763303161646237656236333863623836363332326566666263
-31396563623438616532333962333865323862373731396163623338313938313536663332343463
-63323130336635646338306634313932653133386131613533303332326437343536383863663634
-63313763333064396266653131666131666636656262343262653932643735663537303838366639
-33633137366136386636636631376337656130623563653030356636383362363965383139383436
-32626337623161333464313134643331636261323462623863653431623431663131633261366436
-32366633336331363661393831376630653330666635643635303830656361376639393939353935
-36316237376638306532666536656361383434346365623964626335626633336633323166636435
-38626466303039663831646266663865653432333030393861326430353035346632653063646332
-65643038633464633836343530336166323735373736333965356238316635333831616135316361
-66343037663664646533323234616363643239356631346533303334363534663538633266336462
-62346263633131323061343035366365323763613337323036643366353938666331626230373138
-61393936633334343863373531356131303732656365363562633937366462356365343636663933
-32396436373731346366316266353334663239323561363461623835626461383135303263666639
-31623237373961366438386332633235323362633462343639613433323964316532343339373432
-33393064613937363964653465383330363736373461643464343536303934353264393832623634
-33613662663266323131303837303466666335646136653566333537636238376361383836363239
-66303932626337383165653236663262373236643862666634666336666432393761346539636139
-36623938623366393165376630326264356630653238663937323563303230613438386461313332
-33393534353863366234353033303239363833396332356464353466656639623163313962313965
-37666537356539346531613866376562623632373965363836366565326465343631353964303239
-30333934323565366233326330666563306535333337616333636163313739633161613039316434
-63376234666434363737343366666336663839363562376536383937633764666361363532393963
-37663436306538323232653238303334636331643734393230383463393938323536653265393832
-33396439646464386566333136663263343263306630623234613730356139313534333561626230
-37323031383163333035333264323563343835393361376564666232336632623266363535653533
-36333030363934363137343832643864306532643839643031383963656436326233396261386663
-39343563373965613031363131623363303438373435363735353066366330333264363836343163
-37613739613336323932343135356638326531616237383936333832393834613866333937316232
-34623335373835353662363063316133623963386337303733636432386664313865326634653436
-64333439306437386338616533306465366365623434613537303737626564306561393331663233
-34363164386638316633366161333539383337386666346462363334323166313162636633613535
-37333639363266323632386463656662333139346430666336393933343931633666313966653038
-63633566363730323466623066303733663865623964666164383162356531343436353039303638
-62393961383132323363313437613637383637363263646130653230353164633237343136393436
-34616539353231396438373130613433353463343164383238396233336532343961663564366631
-38646266393637353334623463313939623164396561616133633632393963653232616338643039
-64666266393238353335376338643165323236646231346131396533626665346131
+65343732383530343864623831386139383135366432373638333330643164633465336363616566
+3834663038326663353535613133626666656333613130390a383830356534373337653433333236
+65633337373634393664356135366234303835363562653862383032653236666462333430613663
+3238313863383862620a643630666130663639363836313632643066656662313937626636333637
+39653630363433626535663665633562333534656530396331326532653434356630323462633937
+64643339656131303065356232623038663734323832613965313266663132386130613965353364
+36303030646634366165623632666533626162663430663761336538326232616131653432383633
+34343166343936613434373037616331383632346130386165353031616132616361356663633333
+63383866646537373463306533333965373065633130353630623263396436636335633531303136
+35636431396332666634613133393961353766653832613135343036393430303435336532353762
+36613062343663313037383539373362376238376263353233356138643461623431373231633432
+65626362653533333163653038326432306361383335396530646534303930333366643838316538
+64306635353937623766323034333235396539623334326232663763636330633537383737343461
+36613238393637633830666465373066636639313833666432643766316438633861333563653633
+35396532623936653132363635373862343138353766373034343135303139353166623237643266
+32633963373061393833326238316334636562636234663532656564313134636131343339646334
+62623038633861363135306134326466383237376663636566386163336363383661313961323761
+38626432326664373330306362373863356536376561323534343636353030376639656464616361
+34373539353637353837633833323935626663653466666264363132343836303537376665353262
+30656138616531616532343031323261376235636161333631306263623263613737353837373838
+34653537656231383435396365323064643961653932386533383664343033333436616236343065
+32663837663833623939373161373866643332303339643536393663396433626631313262356437
+35343663616137613838393633623034393262383736636634303363333463353737363535336332
+34303766643831666538343030386230393531386237313130663464393862653363666563333164
+38663039356239616339613565323763653339616665613634356164316234326134343632663032
+38303539376163373166353865653038646233613736376237326361316132323834643037326430
+35306231613166616562336262666233313731336262336361633135333563356566633438363663
+36333236646531343663363961666561643065366637393831323464386232356563353134643638
+31393531623266633534666131323233653661396261376639356665613630346330303663303239
+31326163303332653631636462343834393766626538616135373062613066323932366265616164
+37376130306462613130363331636466393233636261313735386562323035343066353030313664
+65646134386534323061323733643537616565333939356433336633316537383535636661316231
+31313362313338313839383632613364396138643934646636623939633130316433616565376132
+66306562383966396131323132623064663365313663636666663337363735663032623031656638
+65346636346137663962373863653434343134393531336538616134373136373361363330316130
+32333732373035363533313462376335613364616462353664633562393064346561323737303361
+38613431346535383930376362393763363438386338613736306264333638356661343533636362
+65356238623533636632303461616132343833323861636632636133643666653135373330383263
+34306264653038353664306539623836613266356631663764353538383163633136653338616261
+32393638616231633937363132373861343231326232383130623162636464633636653532333862
+30383162653862326661303064363165343464323835326530353836323464396366396238363831
+61623836656134613036383265306465666263663066646238373739306338366233333235336464
+32376439643838666138333864393937316534653735306430313930353165303261333432646664
+63633432613539343433313438666539616131393634646665356531366535333731613338663964
+33636538353530336661343564356131623937306164306137626139346462336532663064323838
+37396561376365343638343532323534303835333966333530373937396136303032376663663831
+38646238653838653766336337316135323730356364303333626637333562393562363433363431
+32336235316163303463396461333035613433366138666561663734313539346433366239666132
+34326630666437323762353839653635666466613930643330636666663661393630623262343735
+35356362343339613166656431346531326334383164633737383531616166666238666231633238
+39323730393262626566363136666339323235306430306466333232373664303236376265626334
+61306466363138303463383666326330613331613463616662383138656536663266313866656330
+30663234393730363333383830323234306430653734376233636230356562643530636364343639
+30656233653635396230636439366137626634396536363038306561656231666262363737356565
+65646463613830623732623537326136303131346564336433646166366564356363393438373162
+30613837646332373363323166363234663632366139633637363530393966333534383735383139
+31363435396531666233313061626139326137323738333765336237373234346238636232363630
+31366431623035353965326231636431303730393037363466346237663032356261386562313039
+30353761313135303438373233656534343962363535383565383934393130356633353135666439
+62313039333263633634386464366661623666363730356265633831616462386566623934613235
+34363063636136316362613235306633636630616663326563663539333332656162636631376266
+31613364303061306539626365303962663938316461396462303863653131346337326364626334
+39326662666430346632323136653335383861333730633064323963616564663535653935386135
+33626130333433346362656235613364643434366339666162323761383864303964366330303861
+61663935623766653930376163366130336562666231316433326137333463383831613934323937
+63626239643730373835363761613065303765656336626565386664323563656636333638656566
+32313231643763646532303336653465616261613965663136653430326365336530656464396630
+63313164613238613334326535613031633861623135366130373461313066646536346565376365
+32626564353930383763303462663734623030353865333034623034323466646433333163633139
+30663836393461346664363163346138373166306239396132653735633461313036663337336337
+38323238633561303237393161323638303962616131636138353963636163396563363066353562
+38356637353231623031313261663537383931323464393030323235353762646164646539626666
+64633438323766303038663865326565336439616638613632646530316137336263653461333835
+35383938633861343635386364373665393661393563376264346433663030613465323439386335
+34616566636230373330643564323937656637313232616139313737643332666662643262616266
+34303531616663353066366261653337363533613364396239393836363132343636643638663863
+61653863363535646336626536623963653862313066383366376161633339303537653765353666
+64633964343864363862323936613565643531396336313839336438393333313162373836383836
+34313238626132373436386237646532373831633630663563643835316638386666336438366235
+61666335643734643938363465663465666563356237626139333836653032336336633762353639
+30323334373136323033346661373861376435396662383861333030663866663336346562303936
+35366665356236623862306163396536326564373661613436323435313566643132356631356334
+33626261306634623164656534663132383932313666326665323836343462636435326561666139
+33616131386634666138396431653161376462376237636262373638666665353432343438386462
+66643162373866313838303862393561323063303236616333376235633533663733343730663136
+65646336663736323031363234373032366535633230383935303561613031303664653966393632
+65643265366237653430656463393337626439373339643565623630336162303232396364656539
+39336631333862326638353365376661393233386236653930386530643133376635323038363734
+62383863653837666331633438396337313262343235313265356262323430326162343065396163
+32636363313965653736306261306337643166383330613434666433623637313136356139623132
+38353761613036363062313038333030646237666336646462326233323137663635633232396333
+31396533653332396230386339663639386337613639656539346130626663323665393730363239
+33333263616339333535616237633763316262623763393562653764393235326566616165376164
+35366632393731643235376366643466613132373333326462663336336432656661383763663438
+36663239343161656363633363313862643736363636326236366232646335313766336161613536
+34323533313563393835313066393237303366396165333261383133633332343835653862303331
+33346432356262396138356239663633333864333936623861663931303934646361336337306462
+65313337326531393533333638353663336139343365376437343035636462303138393339346264
+34396138346232666166336436333634633361353565393661343838373834663438393138373732
+63346639346535313835613430373839373366383266393039613631643830353933373834383538
+31613339646261346439306139633337353366313832303261663063633837383438366565373733
+64656366386637393836326663363532626361373231623630316439323431643434373233313063
+33663966643539623731356238613033316231633338393965636136313463383937353830643463
+39663135623664316666363531316339376135663139323865373538623165613033313132326130
+33336565396632303131653635333133663162313538333035376336353737646633
diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 735f987..2d511bb 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -16,26 +16,26 @@
       #      match-device=interface-name:en*
       #      managed=0
 
+- name: Configure systemd-networkd virbr1.netdev
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/30-virbr1.netdev
+    content: |
+       [NetDev]
+       Name=virbr1
+       Kind=bridge
+
 - name: Configure systemd-networkd ethernet.network
   ansible.builtin.copy:
-    dest: /etc/systemd/network/ethernet.network
+    dest: /etc/systemd/network/40-ethernet.network
     content: |
        [Match]
        Name=en*
        [Network]
        Bridge=virbr1
 
-- name: Configure systemd-networkd virbr1.netdev
-  ansible.builtin.copy:
-    dest: /etc/systemd/network/virbr1.netdev
-    content: |
-       [NetDev]
-       Name=virbr1
-       Kind=bridge
-
 - name: Configure systemd-networkd virbr1.network
   ansible.builtin.copy:
-    dest: /etc/systemd/network/virbr1.network
+    dest: /etc/systemd/network/50-virbr1.network
     content: |
        [Match]
        Name=virbr1
@@ -44,4 +44,3 @@
        [DHCPv4]
        UseDomains=true
        RouteMetric=512
-
diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 7610abd..470ad6d 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -44,7 +44,7 @@
 
 - name: Configure systemd-networkd
   ansible.builtin.copy:
-    dest: /etc/systemd/network/wlan-dhcp.network
+    dest: /etc/systemd/network/80-wlan-dhcp.network
     content: |
       [Match]
       Name=wl*

From 25c9a4db4bb747636d5a79f11f29d0b4f748e08c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 28 Nov 2023 11:17:12 +0100
Subject: [PATCH 425/504] Implement netboot VM with macvtap interface.

---
 roles/lmn_fvs/tasks/main.yml    |  1 +
 roles/lmn_vm/files/create-vm.sh |  8 ++++----
 roles/lmn_vm/files/run-vm.sh    |  5 +++++
 roles/lmn_vm/tasks/main.yml     | 29 ++++++++++++++++++++++++++++-
 4 files changed, 38 insertions(+), 5 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index ee841a7..6e3fa61 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -27,6 +27,7 @@
       - elpa-color-theme-modern
       - elpa-magit
       - emacs
+      - filezilla
       - freeplane
       - git
       - gitg
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/create-vm.sh
index 5f858bf..bd1669f 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/create-vm.sh
@@ -41,8 +41,8 @@ fi
 
 # hardware addresses need to be removed, libvirt will assign
 # new addresses automatically
-sed -i /uuid/d "${VM_NAME}-${VM_CLONE}.xml"
-sed -i '/mac address/d' "${VM_NAME}-${VM_CLONE}.xml"
-
 # and actually rename the vm: (this also updates the storage path)
-sed -i "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
+sed -i -E \
+    -e '/<uuid>.+<\/uuid>/d' \
+    -e '/.+mac address.+[[:xdigit:]:]{17}.+/d' \
+    -e "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/run-vm.sh
index c3f649d..1f8a714 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/run-vm.sh
@@ -97,6 +97,11 @@ create-clone() {
     sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
     # set virtiofs-Socket
     sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
+
+    # find macvtap interface MAC address:
+    MAC="$(ip link | grep -A1 "vm-macvtap" |
+              sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+    sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
 }
 
 QEMU='qemu:///session'
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index f013d5b..08101fb 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -177,12 +177,39 @@
     create: True
     mode: '0600'
 
-# FIXME #691138
+
+# FIXME #691138, better: prepare interfaces ready to use, c.f. below
 - name: Allow users to attach to bridge
   file:
     path: /usr/lib/qemu/qemu-bridge-helper
     mode: '4755'
 
+- name: Configure macvtap interface
+  ansible.builtin.copy:
+    dest: /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection
+    mode: '0600'
+    content: |
+      [connection]
+      id=macvlan-vm-macvtap
+      type=macvlan
+      interface-name=vm-macvtap
+      [macvlan]
+      mode=2
+      parent={{ ansible_default_ipv4['interface'] }}
+      tap=true
+      [ipv4]
+      method=disabled
+      [ipv6]
+      method=disabled
+      [proxy]
+
+- name: Adjust interface permissions for user mode VMs
+  ansible.builtin.copy:
+    dest: /etc/udev/rules.d/80-macvlan.rules
+    content: |
+      SUBSYSTEMS=="net", KERNELS=="vm-macvtap", MODE="0666"
+
+
 - name: Create directory for local .desktop-Files
   ansible.builtin.file:
     path: "{{ item }}"

From d29a1926756f68698a6823e61f7d207d4ac2f5a5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Dec 2023 09:26:39 +0100
Subject: [PATCH 426/504] Add users to wireshark group on login.

---
 roles/lmn_fvs/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 6e3fa61..5717a59 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -64,10 +64,10 @@
     http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
 
 
-- name: Allow users to dump packets for wireshark without group membership
-  ansible.builtin.file:
-    path: /usr/bin/dumpcap
-    mode: '0755'
+- name: Add wireshark group membership to users to allow dumping packets
+  ansible.builtin.lineinfile:
+    path: /etc/security/group.conf
+    line: '*;*;*;Al0000-2400;wireshark'
 
 
 - name: Create firefox policies directory

From e89ecc1f3a2b2c46eaddd4e87942dfb225883a72 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Dec 2023 15:33:56 +0100
Subject: [PATCH 427/504] Use apt hook to modify permissions after upgrade of
 wireshark.

The previous solution did not work for the graphical user interface.
Group membership did only show up on the console.
---
 roles/lmn_fvs/tasks/main.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 5717a59..d45749f 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -64,10 +64,13 @@
     http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
 
 
-- name: Add wireshark group membership to users to allow dumping packets
-  ansible.builtin.lineinfile:
-    path: /etc/security/group.conf
-    line: '*;*;*;Al0000-2400;wireshark'
+- name: Make sure wireshark works for all users after installation and upgrades
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/92wireshark4all
+    content: |
+      ## Modify permissions after installation/upgrade to allow all
+      ## users dumping packages on network interfaces for wireshark
+      DPkg::Post-Invoke {"/usr/bin/chmod o+x /usr/bin/dumpcap || true"; };
 
 
 - name: Create firefox policies directory
@@ -181,7 +184,6 @@
 #- name: Disable automatic lock screen and user specific modifications
 #  ansible.builtin.copy:
 #    path: /etc/xdg/kscreenlockerrc
-#    create: true
 #    content: |
 #      [Daemon][$i]
 #      Autolock=false

From e1ac7eb798b6c0ec2b83ae5c34af10a9f1ef0ede Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 7 Dec 2023 15:35:44 +0100
Subject: [PATCH 428/504] Ensure that suid mode is persistent on package
 upgrades.

---
 roles/lmn_vm/tasks/main.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 08101fb..b4f7cb8 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -180,9 +180,13 @@
 
 # FIXME #691138, better: prepare interfaces ready to use, c.f. below
 - name: Allow users to attach to bridge
-  file:
-    path: /usr/lib/qemu/qemu-bridge-helper
-    mode: '4755'
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/94qemu-bridge-suid
+    content: |
+      ## Modify permissions after installation/upgrade
+      ## to run qemu-bridge as root
+      DPkg::Post-Invoke {"/usr/bin/chmod 4755 /usr/lib/qemu/qemu-bridge-helper || true"; };
+
 
 - name: Configure macvtap interface
   ansible.builtin.copy:

From 877396dc15b306e0e90720dfe2db9b1f0677c746 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 11 Dec 2023 20:27:11 +0100
Subject: [PATCH 429/504] Move task to the top before the last apt run.

---
 roles/lmn_vm/tasks/main.yml | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index b4f7cb8..46f0c20 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -1,4 +1,15 @@
 ---
+# FIXME #691138, better: prepare interfaces ready to use, c.f. down below, macvtap.
+# This task needs to be run before the last apt run to provide a ready-to-use installation.
+- name: Allow users to attach to bridge
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/94qemu-bridge-suid
+    content: |
+      ## Modify permissions after installation/upgrade
+      ## to run qemu-bridge as root
+      DPkg::Post-Invoke {"/usr/bin/chmod 4755 /usr/lib/qemu/qemu-bridge-helper || true"; };
+
+
 - name: install libvirt packages
   apt:
     name:
@@ -178,16 +189,6 @@
     mode: '0600'
 
 
-# FIXME #691138, better: prepare interfaces ready to use, c.f. below
-- name: Allow users to attach to bridge
-  ansible.builtin.copy:
-    dest: /etc/apt/apt.conf.d/94qemu-bridge-suid
-    content: |
-      ## Modify permissions after installation/upgrade
-      ## to run qemu-bridge as root
-      DPkg::Post-Invoke {"/usr/bin/chmod 4755 /usr/lib/qemu/qemu-bridge-helper || true"; };
-
-
 - name: Configure macvtap interface
   ansible.builtin.copy:
     dest: /etc/NetworkManager/system-connections/macvlan-vm-macvtap.nmconnection

From 7ce165553d281ee872e1fcf3cf10bc3ce9936add Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 18 Dec 2023 12:57:15 +0100
Subject: [PATCH 430/504] Automagic ansible updates using the reports.

---
 inventory.yml                              | 213 +++++++++++----------
 roles/lmn_fvs/files/reporter               |  37 +---
 tools/collector                            |  24 +++
 tools/emitter                              |  72 +++++++
 wol-generator.sh => tools/wol-generator.sh |   0
 5 files changed, 209 insertions(+), 137 deletions(-)
 create mode 100755 tools/collector
 create mode 100755 tools/emitter
 rename wol-generator.sh => tools/wol-generator.sh (100%)

diff --git a/inventory.yml b/inventory.yml
index dbd998d..aea43e8 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,106 +1,109 @@
 $ANSIBLE_VAULT;1.1;AES256
-65343732383530343864623831386139383135366432373638333330643164633465336363616566
-3834663038326663353535613133626666656333613130390a383830356534373337653433333236
-65633337373634393664356135366234303835363562653862383032653236666462333430613663
-3238313863383862620a643630666130663639363836313632643066656662313937626636333637
-39653630363433626535663665633562333534656530396331326532653434356630323462633937
-64643339656131303065356232623038663734323832613965313266663132386130613965353364
-36303030646634366165623632666533626162663430663761336538326232616131653432383633
-34343166343936613434373037616331383632346130386165353031616132616361356663633333
-63383866646537373463306533333965373065633130353630623263396436636335633531303136
-35636431396332666634613133393961353766653832613135343036393430303435336532353762
-36613062343663313037383539373362376238376263353233356138643461623431373231633432
-65626362653533333163653038326432306361383335396530646534303930333366643838316538
-64306635353937623766323034333235396539623334326232663763636330633537383737343461
-36613238393637633830666465373066636639313833666432643766316438633861333563653633
-35396532623936653132363635373862343138353766373034343135303139353166623237643266
-32633963373061393833326238316334636562636234663532656564313134636131343339646334
-62623038633861363135306134326466383237376663636566386163336363383661313961323761
-38626432326664373330306362373863356536376561323534343636353030376639656464616361
-34373539353637353837633833323935626663653466666264363132343836303537376665353262
-30656138616531616532343031323261376235636161333631306263623263613737353837373838
-34653537656231383435396365323064643961653932386533383664343033333436616236343065
-32663837663833623939373161373866643332303339643536393663396433626631313262356437
-35343663616137613838393633623034393262383736636634303363333463353737363535336332
-34303766643831666538343030386230393531386237313130663464393862653363666563333164
-38663039356239616339613565323763653339616665613634356164316234326134343632663032
-38303539376163373166353865653038646233613736376237326361316132323834643037326430
-35306231613166616562336262666233313731336262336361633135333563356566633438363663
-36333236646531343663363961666561643065366637393831323464386232356563353134643638
-31393531623266633534666131323233653661396261376639356665613630346330303663303239
-31326163303332653631636462343834393766626538616135373062613066323932366265616164
-37376130306462613130363331636466393233636261313735386562323035343066353030313664
-65646134386534323061323733643537616565333939356433336633316537383535636661316231
-31313362313338313839383632613364396138643934646636623939633130316433616565376132
-66306562383966396131323132623064663365313663636666663337363735663032623031656638
-65346636346137663962373863653434343134393531336538616134373136373361363330316130
-32333732373035363533313462376335613364616462353664633562393064346561323737303361
-38613431346535383930376362393763363438386338613736306264333638356661343533636362
-65356238623533636632303461616132343833323861636632636133643666653135373330383263
-34306264653038353664306539623836613266356631663764353538383163633136653338616261
-32393638616231633937363132373861343231326232383130623162636464633636653532333862
-30383162653862326661303064363165343464323835326530353836323464396366396238363831
-61623836656134613036383265306465666263663066646238373739306338366233333235336464
-32376439643838666138333864393937316534653735306430313930353165303261333432646664
-63633432613539343433313438666539616131393634646665356531366535333731613338663964
-33636538353530336661343564356131623937306164306137626139346462336532663064323838
-37396561376365343638343532323534303835333966333530373937396136303032376663663831
-38646238653838653766336337316135323730356364303333626637333562393562363433363431
-32336235316163303463396461333035613433366138666561663734313539346433366239666132
-34326630666437323762353839653635666466613930643330636666663661393630623262343735
-35356362343339613166656431346531326334383164633737383531616166666238666231633238
-39323730393262626566363136666339323235306430306466333232373664303236376265626334
-61306466363138303463383666326330613331613463616662383138656536663266313866656330
-30663234393730363333383830323234306430653734376233636230356562643530636364343639
-30656233653635396230636439366137626634396536363038306561656231666262363737356565
-65646463613830623732623537326136303131346564336433646166366564356363393438373162
-30613837646332373363323166363234663632366139633637363530393966333534383735383139
-31363435396531666233313061626139326137323738333765336237373234346238636232363630
-31366431623035353965326231636431303730393037363466346237663032356261386562313039
-30353761313135303438373233656534343962363535383565383934393130356633353135666439
-62313039333263633634386464366661623666363730356265633831616462386566623934613235
-34363063636136316362613235306633636630616663326563663539333332656162636631376266
-31613364303061306539626365303962663938316461396462303863653131346337326364626334
-39326662666430346632323136653335383861333730633064323963616564663535653935386135
-33626130333433346362656235613364643434366339666162323761383864303964366330303861
-61663935623766653930376163366130336562666231316433326137333463383831613934323937
-63626239643730373835363761613065303765656336626565386664323563656636333638656566
-32313231643763646532303336653465616261613965663136653430326365336530656464396630
-63313164613238613334326535613031633861623135366130373461313066646536346565376365
-32626564353930383763303462663734623030353865333034623034323466646433333163633139
-30663836393461346664363163346138373166306239396132653735633461313036663337336337
-38323238633561303237393161323638303962616131636138353963636163396563363066353562
-38356637353231623031313261663537383931323464393030323235353762646164646539626666
-64633438323766303038663865326565336439616638613632646530316137336263653461333835
-35383938633861343635386364373665393661393563376264346433663030613465323439386335
-34616566636230373330643564323937656637313232616139313737643332666662643262616266
-34303531616663353066366261653337363533613364396239393836363132343636643638663863
-61653863363535646336626536623963653862313066383366376161633339303537653765353666
-64633964343864363862323936613565643531396336313839336438393333313162373836383836
-34313238626132373436386237646532373831633630663563643835316638386666336438366235
-61666335643734643938363465663465666563356237626139333836653032336336633762353639
-30323334373136323033346661373861376435396662383861333030663866663336346562303936
-35366665356236623862306163396536326564373661613436323435313566643132356631356334
-33626261306634623164656534663132383932313666326665323836343462636435326561666139
-33616131386634666138396431653161376462376237636262373638666665353432343438386462
-66643162373866313838303862393561323063303236616333376235633533663733343730663136
-65646336663736323031363234373032366535633230383935303561613031303664653966393632
-65643265366237653430656463393337626439373339643565623630336162303232396364656539
-39336631333862326638353365376661393233386236653930386530643133376635323038363734
-62383863653837666331633438396337313262343235313265356262323430326162343065396163
-32636363313965653736306261306337643166383330613434666433623637313136356139623132
-38353761613036363062313038333030646237666336646462326233323137663635633232396333
-31396533653332396230386339663639386337613639656539346130626663323665393730363239
-33333263616339333535616237633763316262623763393562653764393235326566616165376164
-35366632393731643235376366643466613132373333326462663336336432656661383763663438
-36663239343161656363633363313862643736363636326236366232646335313766336161613536
-34323533313563393835313066393237303366396165333261383133633332343835653862303331
-33346432356262396138356239663633333864333936623861663931303934646361336337306462
-65313337326531393533333638353663336139343365376437343035636462303138393339346264
-34396138346232666166336436333634633361353565393661343838373834663438393138373732
-63346639346535313835613430373839373366383266393039613631643830353933373834383538
-31613339646261346439306139633337353366313832303261663063633837383438366565373733
-64656366386637393836326663363532626361373231623630316439323431643434373233313063
-33663966643539623731356238613033316231633338393965636136313463383937353830643463
-39663135623664316666363531316339376135663139323865373538623165613033313132326130
-33336565396632303131653635333133663162313538333035376336353737646633
+30643431666466366336636534366239663662626665383762356437633130393565373162393137
+3537333262303563623965363839356263316533633036630a323138643764653031376663323439
+66666637636562633233626539666565666238623039333565323439336235353635303633306163
+3636663339343963660a323662313032306363623237626464303166646231646461306637306332
+36613936313631336131616465316136316336623063633432626637636433333365356234356235
+66643233313837343163366365623939373031336363633066373831323833336463393565306637
+62323364653233366539393065643338623231303062333761333464376462306536653839303762
+37636435353532313431636430626466353031616263653531343963306139363237303737643436
+66656336343134646336393163393831313435616263366337623130633661323838393861323238
+33356661396562346461386663376536363235626639333430616163613262376361346561336563
+62356137633931643830643532363563323534626339353334636635643739363439353437356535
+32343662393936356130316134626330336531653864313138366638643561306433316135353463
+36613364316563353865346165366566643132346261613638373366396237356361386335376134
+63366134383561653462303731363135663333303963356662643935356564373366326130313734
+37646536386135343731373534363366386637346233643337653733623835626630316336646436
+62306335643562623464613637343736643866376633353761346166613831313936616665313562
+31316438343731303064303830393366303339343736623365653864383432636330373032326136
+33643837396232656136643262643438393531353639643665613965376331316262626634623065
+62383066363832313030376532373064346237666639306436373862613736373162313939343163
+62363930316235353538303632613964373566626464633738646138666537386166643064353562
+38653161356262336634373734663238643738643962333039396263646334653932636638633139
+31616138353633386563356233316231373037336166643737376337316666396337393735326434
+31633437376530333634323666336330623234646461316362663834663763363038363639636131
+61616431636566346231343634363337306566636234616638353637393137363139633735393033
+33393464643765616239326232323933613237646234393765653230313330623638323861653265
+35633132323539333863323662386566383162623464386630326632333638366163663964613636
+34343361666532363331353438333232326332323435653439396362613361313964303038383966
+61373036303264326434646561376639386134326236323966333135353939326165303737616436
+64333738363633373563316165303763393737303265636337653632663362323237383566376131
+61393436396530356331363035343635646434336435656663653839346266363038346261366330
+36366534346532656233656630653131396534356133663534656233653864333037653530353062
+36366534373135623336393637326564663634643633666236643030396537346161666437626433
+38623133646165333663313034643063316635356436373166323439306462346330643762333730
+38656633646565316336363231643138666231386234313534373339383863376530623463376462
+34666563363065663230326532343136633131356132396138336362333032386266393435363963
+39336265633533636239643139373332623539633666393333623233393462633035363937643130
+36666433366330643535303066366564376535313561323630646630633232316662363737623830
+66633336623563346536356538623761356262653465363831346131323933656137376634316239
+65663662633366623365303934653364363030666439303461633331653164353565626438353963
+33353933363362306464383766366635393737373334393965383661666535356630386235643363
+36663238626236303530386332656633326333356231386562316532366634343961633934383731
+62653837343830373262323262313861303334393035356131333939366166303333616332396237
+35353037666437653165306230646263633636656266666339643034303631633836396363313964
+63643832386332313766623661353461386138353536623261363761383334633762303966373063
+38656538373934333031333434373765316139383466306133353238616138346531343538666236
+32636438653133393639333961326264306665366462323034613366363832376666653466383730
+36323561646639333666333435313934613934633863313062306561613361613231376231366630
+64383561343037636433353538623434383637306461343361353133363130313135386434396662
+31656633663839643439633563636265346239393032643166623030616431386437343639326165
+61323463313466636630323264396239376236313639376231336666306464303262623764356235
+35646638313330623031656131343338663537383262646436383665363535383861616361643638
+37633263346338353834306365393964363538633566373236366338616661653733653031383335
+65626234343066356333303438613762656239643433333338323761633230646364313364313964
+35656439396163393231306239666132326166323763613839656338636231616134396431323231
+34373333366362316336316366343465346565646564643263333865376239383532306531333666
+65323631623739343431663931386461643137353237303863353934653939663164323730643564
+33633535316432653836313334393064303766616562333262656464646133366532383364373065
+32333436366335386561633664636566613134396164626431323162623566636136353464316363
+37346433613630666464383830356665323138303931363432393661313263613432636339613236
+34333262336232363066623565613838386161346662316131303265393166636265326161626666
+30343639396132653536383163323862333365623664333735316138343763366337656132326165
+30636330633561623534656234313665393933626637393732346362626335626531386436326363
+31306539303564633364653061326463653864623061633034623430326636333863343963616632
+38366366323161343034356337663163623938316432633764383634663835393030623637316662
+37666566303464373963666234636561623130633739356666643838323663353230623361623734
+35373133353937356363386134336539616537616338373631313738623138303666366363323032
+61623636323137376437343334663437613937633738396462383264363037653133653766376565
+65303964383033323034393034656262376663386261656461323662376162343366396662316661
+37356136653632373362316432353664343333336532643531633134653039343430616436343835
+64633234626666643466366439663664313463353162626536343739663161356436613533383630
+61313264613832333032613630376266346334373136626339633630666630306165343234373639
+31356330323230623665653762613866396361326330376630666565313734616633353065343430
+38343137393230373633353962633365633535663264323131336635323637323235613366376135
+62343431653466636536363131393038613664656138373063393630623564313735343430633365
+61313137333439333330333466613862663030633565383531356261373763333235303164626565
+30376365313139633066646534316132393466343533623361323065613662386666343965616361
+33306637383161653333303031353335303337663231643031323335323336346533303566346433
+61383637663462303163333233623864316137373363383732646262636136396462633933303738
+33363336623265353136633966363833313332373136346166373837613531616539633238356639
+35623035376264306661356135633162383136303836643937393838346233356430623838353066
+64333433613262633335613630666563666666663030343633633164386461313563626162343033
+62313934356465616132393465333063373733393463376430333736613638313438333765376436
+37653435316637313537393831313835306335613838366631333335396230333135326530383038
+62623535386363633333373361313332643036633932316430643935396662373033653831393462
+65633337633037663534616337333230353336323065356633363539353035333037353032303133
+65316232636336376665366564356562386133386130303338376632663234376265653837643932
+32666130323831373537336565383461393833646336313636646532356635646334313033323736
+31643933386562656364363638656334343035333638386166333362333330626464373561333636
+65336362343034363037633831383935306364376331366462643064623262633139313335333862
+31643730376437383130666534326337656136656161373534313464633135333761643834383832
+61376132646431386532396239363562613038646162373763333535393930326632306266393933
+62393336613436343535373834333232343935616630363138613735666532326538616639393939
+64626164633139643530666438633731386431626163363032313237653530336137383230633934
+39316564663463626462653830663765353464393065303533333966623364373337353031306238
+30663764666162346362356465323831363533343664303834343635393963333861653232613531
+36333363373538313266336661663239633563323366393635383338353761363039323836373231
+39623039303765333830343436353136313164636466373136393835393363313762303631356262
+39356230616637363333383566316632636535393661393631343533663664393033343766656665
+66386434613633616466356536636339636439646463343038303337343662383762303564356430
+64663466376237376231663366333331653261356335326239303364323638633635666633353364
+35613332356238303266323737393465313363623132653463646331613436363636326439656366
+64636538313335656237636235643137373938323539623836306465666462326635353965353465
+34396532393463633565323731666463386465386163643862333666306433343036333430356164
+37626165333036653138633337653336336334616336393764373664393138326666373830356239
+63666530376266313564633832363138383136373830316635326437326666653236313532303766
+37386262356464323731613633316338373232633530323262333933626563393430396136616365
+37633835313363623236646533613661653065646564306334353135623336346436616465646135
+63643333613765313935
diff --git a/roles/lmn_fvs/files/reporter b/roles/lmn_fvs/files/reporter
index 0a87541..9d2e85e 100644
--- a/roles/lmn_fvs/files/reporter
+++ b/roles/lmn_fvs/files/reporter
@@ -11,41 +11,14 @@ sendto="collector.steinbeis.schule 1234"
 cmds=(
     'uname -a'
     'uptime'
-    'apt list --upgradeable -o Apt::Cmd::Disable-Script-Warning=true'
-    'systemctl --failed'
     'w'
-    'ls -ld /home/ansible/.ansible/tmp/'
-    'ip addr show'
+    'ls -d --full-time /home/ansible/.ansible/tmp/'
+    'ip route list default'
 )
+#    'ip addr show'
+#    'apt list --upgradeable -o Apt::Cmd::Disable-Script-Warning=true'
 
-r="$HOSTNAME: ------- $(date) -------
+r="$HOSTNAME: ------- $(date --rfc-3339=seconds) -------
 $(for c in "${cmds[@]}" ; do echo "$c"; $c | sed 's/^/  /' ; done | sed "s/^/$HOSTNAME: /")
 ## -------------------------------------------------"
 echo "$r" | nc -w 1 -u $sendto
-
-
-## below is the corresponding collector part:
-
-# #!/usr/bin/bash
-# #
-# # collect messages from reporter and drop it into log files
-# #
-#
-# set -eu
-#
-# port=1234
-#
-# logdir="/var/log/collector"
-# [[ -d "$logdir" ]] || mkdir "$logdir"
-#
-# nc -k -l -u -p "$port" | while read line ; do
-#     sndr="${line%%:*}"
-#     msg="${line#*: }"
-#     if [[ "$sndr" =~ [a-z0-9]+ ]] ; then
-#         if [[ "$msg" =~ ^-------\ .+\ -------$ ]] ; then
-#             echo "$msg" >  "$logdir/$sndr"
-#         else
-#             echo "$msg" >> "$logdir/$sndr"
-#         fi
-#     fi
-# done
diff --git a/tools/collector b/tools/collector
new file mode 100755
index 0000000..b8073b5
--- /dev/null
+++ b/tools/collector
@@ -0,0 +1,24 @@
+#!/usr/bin/bash
+#
+# collect messages from reporter and drop them into log files
+#
+set -eu
+
+port=1234
+#logdir="/var/log/collector"
+logdir="/tmp/collector"
+
+mkdir -vp "$logdir"
+
+nc -k -l -u -p "$port" | while read line ; do
+    sndr="${line%%:*}"
+    msg="${line#*: }"
+    if [[ "$sndr" =~ [a-z0-9]+ ]] ; then
+        if [[ "$msg" =~ ^-------\ .+\ -------$ ]] ; then
+            echo "$(date --rfc-3339=seconds) → Message from '$sndr' received."
+            echo "$msg" >  "$logdir/$sndr"
+        else
+            echo "$msg" >> "$logdir/$sndr"
+        fi
+    fi
+done
diff --git a/tools/emitter b/tools/emitter
new file mode 100755
index 0000000..bdd75d8
--- /dev/null
+++ b/tools/emitter
@@ -0,0 +1,72 @@
+#!/usr/bin/bash
+set -eu
+
+## maximal age of file in minutes:
+age="15"
+
+pbook="lmn-client"
+logdir="/tmp/collector"
+debug=false
+
+## date of latest git commit in ansible repository:
+git_date="$(date --iso-8601=seconds --date="$(git log --date=iso-strict | \
+                                 head -3 | sed -nE "s/^Date:\s+(.+)$/\1/p")")"
+#dir="$(mktemp -d)"
+dir="/tmp/emitter"
+mkdir -vp "$dir"
+touch "$dir/${git_date//T*/}"
+
+hlist=""
+n=0
+
+find_outdated(){
+    hlist=""
+    n=0
+    while IFS= read -r -d '' file ; do
+        $debug && echo -n "Processing host '$file' with IP address "
+        d="$(sed -nE "s/\s+drwx.+([0-9]{4}-[0-9]{2}-[0-9]{2} \S+).*/\1/p" "$file" | head -1)"
+        if [[ -z "$d" ]] || [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
+            r='([0-9]{1,3}\.){3}[0-9]{1,3}'
+            ipa="$(sed -nE "s|^\s+default via.+ src ($r) metric.+|\1|p" "$file")"
+            if [[ -z "$ipa" ]] ; then
+                # FIXME: Outdated report format, trying fallback:
+                ipa="$(grep -E "\s+2: en" -A3 "$file" | \
+                        sed -nE "s|.+inet (10\.190\.[[:digit:]]{1,3}\.[[:digit:]]{1,3})/.+|\1|p")"
+            fi
+            $debug && echo "'$ipa'."
+            if ! grep -q "$ipa" "$dir/${git_date//T*/}" ; then
+                echo "$ipa" >> "$dir/${git_date//T*/}"
+                hlist="$hlist,$ipa"
+                n=$(( n + 1 ))
+            else
+                $debug && echo "Host already processed before."
+            fi
+        fi
+    done <  <(find "$logdir" -maxdepth 1 -type f -mmin -$age -print0)
+    hlist="${hlist//^,/}"
+}
+
+run_ansible(){
+    local hsts="$1"
+    if [[ -n "$hsts" ]] ; then
+        if ! echo | ANSIBLE_RETRY_FILES_ENABLED=1 \
+                        ANSIBLE_RETRY_FILES_SAVE_PATH="$dir" \
+                        ansible-playbook --vault-password-file ~/.vaultpwd \
+                        -bi inventory.yml "$pbook.yml" -l "$hsts" ; then
+            while IFS= read -r ipa ; do
+                sed -i "/$ipa/d" "$dir/${git_date//T*/}"
+                echo "IP address '$ipa' removed from '$dir/${git_date//T*/}'."
+            done < "$dir/$pbook.retry"
+        fi
+    fi
+}
+
+#################
+while true ; do
+    date --rfc-3339=seconds
+    find_outdated
+    run_ansible "$hlist"
+    t=$(( 600/(n*n+1) ))
+    echo -n "Sleeping for $t seconds now ... "
+    sleep $t
+done
diff --git a/wol-generator.sh b/tools/wol-generator.sh
similarity index 100%
rename from wol-generator.sh
rename to tools/wol-generator.sh

From aa23922590a7ebed13b57a2ca1fab5c31da38519 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 18 Dec 2023 12:59:07 +0100
Subject: [PATCH 431/504] Update firefox link list.

---
 roles/lmn_fvs/files/policies.json | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/lmn_fvs/files/policies.json b/roles/lmn_fvs/files/policies.json
index 7f42e96..08797b5 100644
--- a/roles/lmn_fvs/files/policies.json
+++ b/roles/lmn_fvs/files/policies.json
@@ -26,6 +26,10 @@
                 "url": "https://dw.steinbeis.schule",
                 "name": "FvS-Hilfesystem"
             },
+            {
+                "url": "https://mail.steinbeis.schule",
+                "name": "FvS-eMail"
+            },
             {
                 "url": "https://nc.steinbeis.schule",
                 "name": "FvS-Nextcloud"

From 65e5d5f3ec22042acd50ec9b5976b6162ef17e07 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 18 Dec 2023 13:00:16 +0100
Subject: [PATCH 432/504] The pwroff script fails in rare cases.

---
 roles/lmn_fvs/files/pwroff | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_fvs/files/pwroff b/roles/lmn_fvs/files/pwroff
index 108aefe..84ee525 100755
--- a/roles/lmn_fvs/files/pwroff
+++ b/roles/lmn_fvs/files/pwroff
@@ -15,7 +15,7 @@ uid=${u[0]:-''}
 talk2dbus() {
     local display=":$(ls /tmp/.X11-unix/* | sed 's#/tmp/.X11-unix/X##' | head -n 1)"
     sudo -u $una DISPLAY=$display \
-	 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$uid/bus "$@" 2>/dev/null
+	 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$uid/bus "$@"
 }
 
 ########
@@ -37,7 +37,8 @@ else
         ## shutdown:
         #talk2dbus qdbus org.kde.ksmserver /KSMServer logout 1 2 0
         ## logout:
-        talk2dbus qdbus org.kde.ksmserver /KSMServer logout 1 0 0
+        talk2dbus qdbus org.kde.ksmserver /KSMServer logout 1 0 0 || \
+	    loginctl terminate-user $una
         echo "Log-out user $una after being idle for $idle seconds."
     else
         echo "The user $una has been idle for $idle seconds."

From e57c9e5b5cd15aad44058326cb8e0b67030be3b4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 19 Dec 2023 18:38:02 +0100
Subject: [PATCH 433/504] Fix failing sssd-pac.service (#1037930).

---
 roles/lmn_sssd/templates/sssd.conf.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/lmn_sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
index cb7a301..9de11e5 100644
--- a/roles/lmn_sssd/templates/sssd.conf.j2
+++ b/roles/lmn_sssd/templates/sssd.conf.j2
@@ -1,6 +1,7 @@
 [sssd]
 domains = {{ domain }}
 config_file_version = 2
+implicit_pac_responder = False
 
 [domain/{{ domain }}]
 krb5_realm = {{ domain | upper }}

From 6c7209e82b7bfacb235ff62789ffdcc009e5c546 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 21 Dec 2023 22:39:30 +0100
Subject: [PATCH 434/504] Implement cifs caching with cachefilesd.

---
 roles/lmn_mount/tasks/main.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 9ae45e3..a4be96d 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -5,6 +5,7 @@
       - libpam-mount
       - cifs-utils
       - nfs-common
+      - cachefilesd
       - hxtools
       - davfs2
     state: latest
@@ -34,7 +35,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
@@ -45,6 +46,12 @@
     state: directory
     mode: '0755'
 
+- name: Enable cachefilesd
+  ansible.builtin.replace:
+    path: /etc/default/cachefilesd
+    regexp: '^#RUN=yes'
+    replace: RUN=yes
+
 - name: Prepare persistent user cache base directory
   ansible.builtin.file:
     path: /var/cache/user/

From cbd6715cde016d4f908d534029cfeb836145ce93 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 9 Jan 2024 15:40:22 +0100
Subject: [PATCH 435/504] Add alternative PDF viewer.

Okular has problems with document scaling when printing: Too large
page margins.
---
 roles/lmn_fvs/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index d45749f..b5c78ea 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -49,6 +49,7 @@
       - planner
       - pulseview
       - python3-websockets
+      - qpdfview
       - sigrok
       - sigrok-cli
       - tmux

From 7161f0ed2873a747e1fe440f45d14ee7df39e429 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 11 Jan 2024 12:16:59 +0100
Subject: [PATCH 436/504] Avoid cutting off network when configured over wifi.

---
 roles/lmn_wlan_iwd/tasks/main.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 470ad6d..17780e8 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -12,13 +12,11 @@
 - name: Disable wpa-supplicant
   ansible.builtin.systemd:
     name: wpa_supplicant.service
-    state: stopped
     enabled: False
 
 - name: Enable iwd
   ansible.builtin.systemd:
     name: iwd.service
-    state: started
     enabled: True
 
 - name: Prepare directory for iwd
@@ -56,5 +54,4 @@
 - name: Enable systemd-networkd
   ansible.builtin.systemd:
     name: systemd-networkd.service
-    state: started
     enabled: True

From a29d89a7ab16dd5f81f36b32fd01d716fa56b045 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 9 Jan 2024 15:53:53 +0100
Subject: [PATCH 437/504] Revert "Install all updates unattended."

This reverts commit 6c26983d85bda36b66a9d7ef3f991d9d97fd5d65.

From the linux kernel update from 6.16 to 6.17 we learn: It is
not recommended to install updates unattended, c.f. Bug #1060052.
---
 roles/lmn_fvs/tasks/main.yml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index b5c78ea..adc3357 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -91,11 +91,6 @@
     src: policies.json
     dest: /etc/firefox-esr/policies/
 
-- name: Update all packages unattended
-  ansible.builtin.replace:
-    path: /etc/apt/apt.conf.d/50unattended-upgrades
-    regexp: '^//(\s+"origin=.+-updates";)$'
-    replace: '  \1'
 
 - name: Copy some scripts
   copy:

From b4d9cbdb9407908ad8842bb0037898908d7b7f17 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 11 Jan 2024 17:11:00 +0100
Subject: [PATCH 438/504] Remove unattended-upgrades leftover.

---
 lmn-client.yml | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index dccce59..6e89ca8 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -37,12 +37,6 @@
           /srv/samba/schools/default-school/students/*/
           /srv/samba/schools/default-school/examusers/
         vtype: string
-    - name: Preseed unattended-upgrades
-      debconf:
-        name: unattended-upgrades
-        question: unattended-upgrades/enable_auto_updates
-        value: True
-        vtype: boolean
 
   vars_files: lmn-vault
   vars:
@@ -75,7 +69,6 @@
       - mc
       - tmux
       - krb5-user
-      - unattended-upgrades
       - debconf-utils
     extra_pkgs_bpo: [] # [ linux-image-amd64 ]
 
@@ -133,13 +126,6 @@
         - /srv/samba
         - /srv/samba/schools
 
-    - name: Fix unattended-upgrades
-      ansible.builtin.copy:
-        dest: /etc/apt/apt.conf.d/20auto-upgrades
-        content: |
-          APT::Periodic::Update-Package-Lists "1";
-          APT::Periodic::Unattended-Upgrade "1";
-
     - name: Remove pam_mount sysvol mount
       blockinfile:
         dest: /etc/security/pam_mount.conf.xml

From c24ea63ed83a3d52ef367f5caade89510276c75d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 11 Jan 2024 17:16:05 +0100
Subject: [PATCH 439/504] Work around kernel CIFS regression.

---
 lmn-client.yml               | 19 +++++++++++++++++++
 roles/lmn_kde/tasks/main.yml | 24 ++++++++++++++++++++++--
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 6e89ca8..76e22c7 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -110,6 +110,25 @@
         ansible_board_vendor == "LENOVO" and
         (ansible_board_name == "312D" or ansible_board_name == "312A")
 
+## Temporarily fix boot order
+    - name: Make sure kernel package -16 is available
+      ansible.builtin.apt:
+        name: linux-image-6.1.0-16-amd64
+        state: present
+
+    - name: Set 6.1.0-16 as default kernel in grub
+      lineinfile:
+        dest: /etc/default/grub
+        regexp: '^(GRUB_DEFAULT=).*'
+        line: '\g<1>"Advanced options for Debian GNU/Linux>Debian GNU/Linux, with Linux 6.1.0-16-amd64"'
+        backrefs: yes
+      notify: Run update-grub
+
+    - name: Remove "unattended-upgrades" package
+      ansible.builtin.apt:
+        name: unattended-upgrades
+        state: absent
+
 ## Clean up stuff from obsolete/faulty tasks:
     - name: Remove virtiofs service
       file:
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 669d442..87317c4 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -130,15 +130,16 @@
     replace: '"quiet splash"'
   notify: Run update-grub
 
-- name: Protect grub menu entries
+- name: Protect editing grub menu entries
   blockinfile:
     path: /etc/grub.d/40_custom
     block: |
       set superusers='root'
+      export superusers
       password_pbkdf2 root {{ grub_pwd }}
   notify: Run update-grub
 
-- name: Allow booting default entry
+- name: Allow booting grub menu entries
   lineinfile:
     dest: /etc/grub.d/10_linux
     line: CLASS="${CLASS} --unrestricted"
@@ -146,6 +147,25 @@
     firstmatch: true
   notify: Run update-grub
 
+## FIXME
+#- name: Grub timeout
+#  lineinfile:
+#    dest: /etc/default/grub
+#    line: 'GRUB_DISABLE_SUBMENU=true'
+#    insertafter: '^GRUB_TIMEOUT=.*'
+#  notify: Run update-grub
+#
+## then remove the task below:
+
+##  original line: echo "submenu '$(gettext_printf "Advanced options for %s" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
+- name: Allow switch to advanced menu
+  replace:
+    path: /etc/grub.d/10_linux
+#    regexp: '^(\s+echo .+ \"Advanced options for %s\" \"\${OS}\" | grub_quote\).) (\\\$menuentry_id_option.+ {\")$'
+    regexp: '^(\s+echo \"submenu .+ \"Advanced options for %s\".+ grub_quote\).) (..menuentry_id_option.+{\")$'
+    replace: '\1 --unrestricted \2'
+  notify: Run update-grub
+
 - name: Grub timeout
   lineinfile:
     dest: /etc/default/grub

From 00194514abe7852688ade157142b2df10d4d2cf5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 12 Jan 2024 13:24:14 +0100
Subject: [PATCH 440/504] Improve kernel regression handling.

---
 lmn-client.yml               | 36 +++++++++++++++++++++++++++++-------
 roles/lmn_kde/tasks/main.yml | 24 ++++++------------------
 2 files changed, 35 insertions(+), 25 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 76e22c7..11f40b3 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -111,25 +111,47 @@
         (ansible_board_name == "312D" or ansible_board_name == "312A")
 
 ## Temporarily fix boot order
-    - name: Make sure kernel package -16 is available
-      ansible.builtin.apt:
-        name: linux-image-6.1.0-16-amd64
-        state: present
+    - name: Check for the buggy kernel
+      stat:
+        path: /boot/vmlinuz-6.1.0-17-amd64
+      register: bug
 
-    - name: Set 6.1.0-16 as default kernel in grub
+    - name: Check for the fixed kernel
+      stat:
+        path: /boot/vmlinuz-6.1.0-18-amd64
+      register: fix
+
+    - name: Work around kernel with CIFS regression
+      block:
+        - name: Make sure kernel package -16 is available
+          ansible.builtin.apt:
+            name: linux-image-6.1.0-16-amd64
+            state: present
+        - name: Set 6.1.0-16 as default kernel in grub
+          lineinfile:
+            dest: /etc/default/grub
+            regexp: '^(GRUB_DEFAULT=).*'
+            line: '\g<1>"Debian GNU/Linux, with Linux 6.1.0-16-amd64"'
+            backrefs: yes
+          notify: Run update-grub
+      when: bug.stat.exists and not fix.stat.exists
+
+    - name: Set latest kernel in grub
       lineinfile:
         dest: /etc/default/grub
         regexp: '^(GRUB_DEFAULT=).*'
-        line: '\g<1>"Advanced options for Debian GNU/Linux>Debian GNU/Linux, with Linux 6.1.0-16-amd64"'
+        line: '\g<1>0'
         backrefs: yes
+      when: fix.stat.exists or not bug.stat.exists
       notify: Run update-grub
 
+## Clean up stuff from obsolete/faulty tasks:
     - name: Remove "unattended-upgrades" package
       ansible.builtin.apt:
         name: unattended-upgrades
         state: absent
+        purge: True
 
-## Clean up stuff from obsolete/faulty tasks:
     - name: Remove virtiofs service
       file:
         path: /etc/systemd/system/virtiofs@.service
diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml
index 87317c4..99c5c84 100644
--- a/roles/lmn_kde/tasks/main.yml
+++ b/roles/lmn_kde/tasks/main.yml
@@ -147,30 +147,18 @@
     firstmatch: true
   notify: Run update-grub
 
-## FIXME
-#- name: Grub timeout
-#  lineinfile:
-#    dest: /etc/default/grub
-#    line: 'GRUB_DISABLE_SUBMENU=true'
-#    insertafter: '^GRUB_TIMEOUT=.*'
-#  notify: Run update-grub
-#
-## then remove the task below:
-
-##  original line: echo "submenu '$(gettext_printf "Advanced options for %s" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
-- name: Allow switch to advanced menu
-  replace:
-    path: /etc/grub.d/10_linux
-#    regexp: '^(\s+echo .+ \"Advanced options for %s\" \"\${OS}\" | grub_quote\).) (\\\$menuentry_id_option.+ {\")$'
-    regexp: '^(\s+echo \"submenu .+ \"Advanced options for %s\".+ grub_quote\).) (..menuentry_id_option.+{\")$'
-    replace: '\1 --unrestricted \2'
+- name: Disable Grub submenus
+  lineinfile:
+    dest: /etc/default/grub
+    line: 'GRUB_DISABLE_SUBMENU=true'
+    insertafter: '^GRUB_TIMEOUT=.*'
   notify: Run update-grub
 
 - name: Grub timeout
   lineinfile:
     dest: /etc/default/grub
     regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>3'
+    line: '\g<1>1'
     backrefs: yes
   notify: Run update-grub
 

From 3a14705d4234f4ca954bd02866658a2aa28a7231 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 11 Jan 2024 17:23:27 +0100
Subject: [PATCH 441/504] Inventory, emitter shows more details, and minor
 fixes.

---
 inventory.yml                       | 218 ++++++++++++++--------------
 roles/lmn_vm/files/sync-vm.sh       |   2 +-
 roles/up2date_debian/tasks/main.yml |   2 +-
 tools/emitter                       |   8 +-
 4 files changed, 119 insertions(+), 111 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index aea43e8..c37b10f 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,109 +1,111 @@
 $ANSIBLE_VAULT;1.1;AES256
-30643431666466366336636534366239663662626665383762356437633130393565373162393137
-3537333262303563623965363839356263316533633036630a323138643764653031376663323439
-66666637636562633233626539666565666238623039333565323439336235353635303633306163
-3636663339343963660a323662313032306363623237626464303166646231646461306637306332
-36613936313631336131616465316136316336623063633432626637636433333365356234356235
-66643233313837343163366365623939373031336363633066373831323833336463393565306637
-62323364653233366539393065643338623231303062333761333464376462306536653839303762
-37636435353532313431636430626466353031616263653531343963306139363237303737643436
-66656336343134646336393163393831313435616263366337623130633661323838393861323238
-33356661396562346461386663376536363235626639333430616163613262376361346561336563
-62356137633931643830643532363563323534626339353334636635643739363439353437356535
-32343662393936356130316134626330336531653864313138366638643561306433316135353463
-36613364316563353865346165366566643132346261613638373366396237356361386335376134
-63366134383561653462303731363135663333303963356662643935356564373366326130313734
-37646536386135343731373534363366386637346233643337653733623835626630316336646436
-62306335643562623464613637343736643866376633353761346166613831313936616665313562
-31316438343731303064303830393366303339343736623365653864383432636330373032326136
-33643837396232656136643262643438393531353639643665613965376331316262626634623065
-62383066363832313030376532373064346237666639306436373862613736373162313939343163
-62363930316235353538303632613964373566626464633738646138666537386166643064353562
-38653161356262336634373734663238643738643962333039396263646334653932636638633139
-31616138353633386563356233316231373037336166643737376337316666396337393735326434
-31633437376530333634323666336330623234646461316362663834663763363038363639636131
-61616431636566346231343634363337306566636234616638353637393137363139633735393033
-33393464643765616239326232323933613237646234393765653230313330623638323861653265
-35633132323539333863323662386566383162623464386630326632333638366163663964613636
-34343361666532363331353438333232326332323435653439396362613361313964303038383966
-61373036303264326434646561376639386134326236323966333135353939326165303737616436
-64333738363633373563316165303763393737303265636337653632663362323237383566376131
-61393436396530356331363035343635646434336435656663653839346266363038346261366330
-36366534346532656233656630653131396534356133663534656233653864333037653530353062
-36366534373135623336393637326564663634643633666236643030396537346161666437626433
-38623133646165333663313034643063316635356436373166323439306462346330643762333730
-38656633646565316336363231643138666231386234313534373339383863376530623463376462
-34666563363065663230326532343136633131356132396138336362333032386266393435363963
-39336265633533636239643139373332623539633666393333623233393462633035363937643130
-36666433366330643535303066366564376535313561323630646630633232316662363737623830
-66633336623563346536356538623761356262653465363831346131323933656137376634316239
-65663662633366623365303934653364363030666439303461633331653164353565626438353963
-33353933363362306464383766366635393737373334393965383661666535356630386235643363
-36663238626236303530386332656633326333356231386562316532366634343961633934383731
-62653837343830373262323262313861303334393035356131333939366166303333616332396237
-35353037666437653165306230646263633636656266666339643034303631633836396363313964
-63643832386332313766623661353461386138353536623261363761383334633762303966373063
-38656538373934333031333434373765316139383466306133353238616138346531343538666236
-32636438653133393639333961326264306665366462323034613366363832376666653466383730
-36323561646639333666333435313934613934633863313062306561613361613231376231366630
-64383561343037636433353538623434383637306461343361353133363130313135386434396662
-31656633663839643439633563636265346239393032643166623030616431386437343639326165
-61323463313466636630323264396239376236313639376231336666306464303262623764356235
-35646638313330623031656131343338663537383262646436383665363535383861616361643638
-37633263346338353834306365393964363538633566373236366338616661653733653031383335
-65626234343066356333303438613762656239643433333338323761633230646364313364313964
-35656439396163393231306239666132326166323763613839656338636231616134396431323231
-34373333366362316336316366343465346565646564643263333865376239383532306531333666
-65323631623739343431663931386461643137353237303863353934653939663164323730643564
-33633535316432653836313334393064303766616562333262656464646133366532383364373065
-32333436366335386561633664636566613134396164626431323162623566636136353464316363
-37346433613630666464383830356665323138303931363432393661313263613432636339613236
-34333262336232363066623565613838386161346662316131303265393166636265326161626666
-30343639396132653536383163323862333365623664333735316138343763366337656132326165
-30636330633561623534656234313665393933626637393732346362626335626531386436326363
-31306539303564633364653061326463653864623061633034623430326636333863343963616632
-38366366323161343034356337663163623938316432633764383634663835393030623637316662
-37666566303464373963666234636561623130633739356666643838323663353230623361623734
-35373133353937356363386134336539616537616338373631313738623138303666366363323032
-61623636323137376437343334663437613937633738396462383264363037653133653766376565
-65303964383033323034393034656262376663386261656461323662376162343366396662316661
-37356136653632373362316432353664343333336532643531633134653039343430616436343835
-64633234626666643466366439663664313463353162626536343739663161356436613533383630
-61313264613832333032613630376266346334373136626339633630666630306165343234373639
-31356330323230623665653762613866396361326330376630666565313734616633353065343430
-38343137393230373633353962633365633535663264323131336635323637323235613366376135
-62343431653466636536363131393038613664656138373063393630623564313735343430633365
-61313137333439333330333466613862663030633565383531356261373763333235303164626565
-30376365313139633066646534316132393466343533623361323065613662386666343965616361
-33306637383161653333303031353335303337663231643031323335323336346533303566346433
-61383637663462303163333233623864316137373363383732646262636136396462633933303738
-33363336623265353136633966363833313332373136346166373837613531616539633238356639
-35623035376264306661356135633162383136303836643937393838346233356430623838353066
-64333433613262633335613630666563666666663030343633633164386461313563626162343033
-62313934356465616132393465333063373733393463376430333736613638313438333765376436
-37653435316637313537393831313835306335613838366631333335396230333135326530383038
-62623535386363633333373361313332643036633932316430643935396662373033653831393462
-65633337633037663534616337333230353336323065356633363539353035333037353032303133
-65316232636336376665366564356562386133386130303338376632663234376265653837643932
-32666130323831373537336565383461393833646336313636646532356635646334313033323736
-31643933386562656364363638656334343035333638386166333362333330626464373561333636
-65336362343034363037633831383935306364376331366462643064623262633139313335333862
-31643730376437383130666534326337656136656161373534313464633135333761643834383832
-61376132646431386532396239363562613038646162373763333535393930326632306266393933
-62393336613436343535373834333232343935616630363138613735666532326538616639393939
-64626164633139643530666438633731386431626163363032313237653530336137383230633934
-39316564663463626462653830663765353464393065303533333966623364373337353031306238
-30663764666162346362356465323831363533343664303834343635393963333861653232613531
-36333363373538313266336661663239633563323366393635383338353761363039323836373231
-39623039303765333830343436353136313164636466373136393835393363313762303631356262
-39356230616637363333383566316632636535393661393631343533663664393033343766656665
-66386434613633616466356536636339636439646463343038303337343662383762303564356430
-64663466376237376231663366333331653261356335326239303364323638633635666633353364
-35613332356238303266323737393465313363623132653463646331613436363636326439656366
-64636538313335656237636235643137373938323539623836306465666462326635353965353465
-34396532393463633565323731666463386465386163643862333666306433343036333430356164
-37626165333036653138633337653336336334616336393764373664393138326666373830356239
-63666530376266313564633832363138383136373830316635326437326666653236313532303766
-37386262356464323731613633316338373232633530323262333933626563393430396136616365
-37633835313363623236646533613661653065646564306334353135623336346436616465646135
-63643333613765313935
+36653038383332316532323731623637306566383038396533663833363262313338326366316330
+3961333662363366373565363331613137343231363161390a363766313362393636303236333638
+61313864666164306162353466396531346332363136383363643439623934653935393934393164
+3933653963316361320a623064653563666230316533383062653432356332366139633039663334
+66633961313336653735613030643033616562393636343161623665653835643736613962633231
+62616335353836336463393466333363326166343030393565313366356634303337636362646139
+36316232353737326236363230663838366664663130343938656239353538633166383836623862
+37366265363138623364376330633961373663313631346538653462303561383964366138363532
+39303230343230356338333433306438633439323036613064323038376436383766366561613231
+33383335643664336537643638323763616234346331356464613463613265633438663361393063
+37663161626634636439383136313964393432356664636438343966663464666461346136343536
+61616266303531666463646531313839366137303436663835333838313731633835383231613539
+61333163383534663266633430353065643565393736626134333235303564313064313139306138
+64343335653539656130643538313931666330353465373866303235656237333933306162386663
+34613439623136613437303961613335383939333465363836666330373364656436326239633332
+30626132626135393163663434353862643261343635306639393436306434386332643366353831
+64386537356363353966373361616365343562383864323766366136323164343434363263646539
+32643266363530363766626561323433346366386166326463636530383931343665643765353663
+34636138306266643562666431323439386166373330323138386139383665353964656433353837
+36336361306461313763643837323839633033653636323933346531373661356463633265316365
+64346230653839346639306565653431393838313466343437383439623732353839353038346637
+66653234333033616430366634666363336534356533383663353634373861636561613161663665
+65646164383336356231333234633639383166303031353233323266653535366165386237363361
+33313233346133313935353864356332393736376464393238326166333964616361386263636239
+38353662313761343835623462613963633563396637386330333435333261336338653532653436
+64353035346661303130633436386364313936333066353437663266366437386262363330353034
+34396662336231613132646232313738356563373263633065373064383932323361623664636463
+38323066306466653866396636303662323930336438663730333465653063323361636562613464
+30333333326134326436636564363836383733336664643138616565623037636538343065373661
+33646235353865346164356534396637643137633366373731313336666461343961333362663865
+33373837396139613033623732666235313036333864663263613838613931636163626635643966
+30656431316165356363323437326234623265366132333761623631353966363036363733393462
+34643839356664336362386263313563656331626266383633396235626565336362313366656435
+37623539663561313038646466613661333462323564306339323335656331323930653661393434
+63353433633132663234343437356637663365636233613064613431383839666535653361666362
+30323266386137386666303738613363396635613962343761363464613835643736303735393434
+30666437396432386434613135663334643636633966643234613830653737653532656638643033
+65623562343666373835353662633635383563333430663939616537353363333465343631333638
+37386565343834353436356337646537393533313765313231333464363161636339303663326662
+63316136323961333565373464326532303338343363653832663730333965383836613161343564
+62616262323831343466383939636633323465656130343038643566643730383964383134353837
+32313935666435353139633935323137353933306235333530396632323732306536656462626264
+63346237313530633537626634646366393961323634356561623430633261306139643936303530
+32363961356461363233303762666633366464666137653331643063646334393633373535653262
+33313430633636336239386537643831343066333663646564333232363933663066613531343866
+66353838623039346139396664626132613835303066356330653261626533623039343035636637
+31303534333631323138613734646331313230313031616330366561613638313334386338663230
+36356163373634643337383433373335366133363263333234616162353232363837323861653231
+64613235623465633031613565396563666261633837633035373063333934363062343438393137
+30343938636163633131373165353938346235393362623037383064343933323634373735383634
+34333039326366313037376435663866356335333036313363663132306637346266626666646538
+36633139333738336239396230663765333339353461326363353131336166396462386133396536
+31383030316561346636633431646563323864613832636332393864623031333331303933626461
+35373836383134383961303035326137633866303161373732386536356266613138613833333636
+65343765656232393235653838336465656339373765353332336230343861653661306330643336
+62626432316539626562656633616337633262643932616563383837373235363533653532333765
+35333566363463323837663761396262323666663363643761363833373831323765333536323335
+63333636313135633137613339303132333765313663663035363663666631656230616665653936
+31663166323866643764666136633438633838663435653330393736333462633166343138336332
+32336630396339653032343338343833313862353737343062333665636534303135303833306235
+37386633646632376331623264356361323834306337666535376662333961393133343961643637
+36343433376532373362633930633432306562313930303862323835663236393639363739666563
+63376164636634396131363364363930343035313539393263343833363561663136626239356635
+66323264313639616666656564363339383363353930626138376631643931623533613838303563
+30303633663733303133653336666266613135356236646538366131633763313665396664666539
+32663766323665656565653638306630356237356163663139306437373934383663666463643838
+65376234373862633363353937613439653264373033336230613962323630323965376462393862
+61666661336566313232393166346534323733663233383631363433633439623535333963393930
+39323637346339376537383632393239376538633135633431613937626132643634383061313839
+34373563393064613266396263333431323536353436616237623134653962363463323064343131
+63653966353761373335303738356638396165633730633038623061633937313531396430346131
+36313936636431646663343966613335663537646334336439646664626463353134393633326239
+31383135383739653562323164633063333139393364383336303664383731396361313665636163
+31393364376138643438626239383831323832393538643738303266376436656264386234306465
+33633934383737623332616534393162333830333534396331303435633333396237636163386434
+65353033353336313462356139663035306538393731363065393365373433623931353166653238
+32663638333337643032666365346437623565366630323831323131663236343130646136306131
+35653335316435326462653362613737663864616561333331633236383330633764333834393533
+30303239313731356635646434393065666136613261626661616535363235633334376564343664
+38386235386664623162643735653564633863306437666434663739396137323666663361663265
+34386463313533623034363362386531616462663438343862346130383066633666643732376364
+34396339353465336536356136353137303664376232386465303037663038633630313332363361
+35646462326538656263613636653239303931616166623732363636316235316162386232393432
+61383637353862303936353161363564323339646666393934373063326463356336393332663666
+65653165363135363366666361323232333934353638653464653633326264373737306263613661
+30363331636262663438643738353965356163333735613032303234653761393063356334366264
+32396263393133323338323939623031383836343634363635663232646466316662323337376466
+61666434393236656534326238343963616536373332393866306632326630616362326464363535
+31626335643537313032653334643964393037326531613333316630633034616232386664366335
+38346139653564663165636565623435633066393830643430353037313066383138393731616234
+31363762383562313863316164306330326363356231313261613833373931643438376632343835
+62636134343230313462396137353530323632613534363564303664336163366532303961623265
+63316535363266656164363062363063306435653362333066626363333061383037306436386630
+37303034633566356535336563363762303839326638663230383335316432663931653339373738
+33633164336666343065343962356561643462343665663430383337653639646266333130306463
+62653633623064393433383836356562313230323633376365366633666530323362613239623230
+62313664636138333232303362363363616463396532616139343430353036336334653935626332
+61636230366466666333366439346461326262366138326133363130653431353963383065613139
+38363333396430376532373232666138323637643763353564626432626336303131333032646531
+63353364363264343731623463333834636531343830366363336433653234303230363664396430
+39333463373862653336303130656361356161616264313730353165666637333866653133663339
+32626635633635316463333335323239363631333638656263346666616537336664363930306636
+36346537323766663862653730396663313339326232666665663761656438613236303833313936
+34653763393433383465303061343134366132363565646464323533313964386437383462313438
+39623133323030353938393732626334323832643233626562623334373434316162373331616336
+66653333363762363631636436396165333531613333386263333130306534623335373862373337
+63333634613564613230643235316139376234633961323734396133386437616261336430373864
+62366130383962393634353136396435636536363136613361396565636436373733623761326437
+30353932353135383465363833376630383066386163336662303032363863343531393432383339
+3761636665353966616234653830663661653662303130333138
diff --git a/roles/lmn_vm/files/sync-vm.sh b/roles/lmn_vm/files/sync-vm.sh
index 6a60529..d18c3a2 100755
--- a/roles/lmn_vm/files/sync-vm.sh
+++ b/roles/lmn_vm/files/sync-vm.sh
@@ -75,7 +75,7 @@ delete_old_qcows() {
             if vmimage-torrent status | grep -qw ^"$session"; then
                 vmimage-torrent stop "${qcow2}"
             fi
-	    rm "${qcow2}"
+            mv "${qcow2}" /tmp/
 	fi
     done
 }
diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index 57ad284..de11773 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -27,7 +27,7 @@
   apt_repository:
     repo: >
       deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-backports
-      main contrib non-free-firmware non-free
+      main non-free-firmware
     state: present
     update_cache: true
   when: extra_pkgs_bpo|length
diff --git a/tools/emitter b/tools/emitter
index bdd75d8..1347bc1 100755
--- a/tools/emitter
+++ b/tools/emitter
@@ -11,6 +11,8 @@ debug=false
 ## date of latest git commit in ansible repository:
 git_date="$(date --iso-8601=seconds --date="$(git log --date=iso-strict | \
                                  head -3 | sed -nE "s/^Date:\s+(.+)$/\1/p")")"
+
+echo "Latest commit in git at: $git_date."
 #dir="$(mktemp -d)"
 dir="/tmp/emitter"
 mkdir -vp "$dir"
@@ -18,16 +20,19 @@ touch "$dir/${git_date//T*/}"
 
 hlist=""
 n=0
+running=0
 
 find_outdated(){
     hlist=""
     n=0
+    running=0
     while IFS= read -r -d '' file ; do
+        running=$(( running + 1 ))
         $debug && echo -n "Processing host '$file' with IP address "
         d="$(sed -nE "s/\s+drwx.+([0-9]{4}-[0-9]{2}-[0-9]{2} \S+).*/\1/p" "$file" | head -1)"
         if [[ -z "$d" ]] || [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
             r='([0-9]{1,3}\.){3}[0-9]{1,3}'
-            ipa="$(sed -nE "s|^\s+default via.+ src ($r) metric.+|\1|p" "$file")"
+            ipa="$(sed -nE "s|^\s+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
             if [[ -z "$ipa" ]] ; then
                 # FIXME: Outdated report format, trying fallback:
                 ipa="$(grep -E "\s+2: en" -A3 "$file" | \
@@ -44,6 +49,7 @@ find_outdated(){
         fi
     done <  <(find "$logdir" -maxdepth 1 -type f -mmin -$age -print0)
     hlist="${hlist//^,/}"
+    echo -n "Running hosts: $running, to be upgraded: $n. "
 }
 
 run_ansible(){

From 36ee4039bfec99f60b93932d626c61571bcfd449 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 12 Jan 2024 13:29:12 +0100
Subject: [PATCH 442/504] Send MAC addresses via 'reporter'.

---
 roles/lmn_fvs/files/reporter | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)
 mode change 100644 => 100755 roles/lmn_fvs/files/reporter

diff --git a/roles/lmn_fvs/files/reporter b/roles/lmn_fvs/files/reporter
old mode 100644
new mode 100755
index 9d2e85e..fff637c
--- a/roles/lmn_fvs/files/reporter
+++ b/roles/lmn_fvs/files/reporter
@@ -10,15 +10,16 @@ sendto="collector.steinbeis.schule 1234"
 
 cmds=(
     'uname -a'
-    'uptime'
-    'w'
     'ls -d --full-time /home/ansible/.ansible/tmp/'
+    'ip link | sed -nE -e "s/^[2-9]: (\S+): .+/\1/p" -e "s/.+ether ([0-9a-f:]+) .+/\1/p" | paste -d " " - -'
     'ip route list default'
 )
+#    'w'
+#    'uptime'
 #    'ip addr show'
 #    'apt list --upgradeable -o Apt::Cmd::Disable-Script-Warning=true'
 
 r="$HOSTNAME: ------- $(date --rfc-3339=seconds) -------
-$(for c in "${cmds[@]}" ; do echo "$c"; $c | sed 's/^/  /' ; done | sed "s/^/$HOSTNAME: /")
+$(for c in "${cmds[@]}" ; do echo "$c"; eval "$c" | sed 's/^/  /' ; done | sed "s/^/$HOSTNAME: /")
 ## -------------------------------------------------"
 echo "$r" | nc -w 1 -u $sendto

From 2c0182ffe6f99db8bb65edd2bdc6b982e4041d69 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 13 Jan 2024 11:05:03 +0100
Subject: [PATCH 443/504] Cache file and directory attributes for 10 minutes.

---
 roles/lmn_mount/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index a4be96d..dfbeb4a 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -35,7 +35,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc,actimeo=600"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"

From 73e6fb1403ac968528588ad7520023fb7b552412 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 15 Jan 2024 10:53:03 +0100
Subject: [PATCH 444/504] host added

---
 inventory.yml | 221 +++++++++++++++++++++++++-------------------------
 1 file changed, 111 insertions(+), 110 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index c37b10f..0829529 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,111 +1,112 @@
 $ANSIBLE_VAULT;1.1;AES256
-36653038383332316532323731623637306566383038396533663833363262313338326366316330
-3961333662363366373565363331613137343231363161390a363766313362393636303236333638
-61313864666164306162353466396531346332363136383363643439623934653935393934393164
-3933653963316361320a623064653563666230316533383062653432356332366139633039663334
-66633961313336653735613030643033616562393636343161623665653835643736613962633231
-62616335353836336463393466333363326166343030393565313366356634303337636362646139
-36316232353737326236363230663838366664663130343938656239353538633166383836623862
-37366265363138623364376330633961373663313631346538653462303561383964366138363532
-39303230343230356338333433306438633439323036613064323038376436383766366561613231
-33383335643664336537643638323763616234346331356464613463613265633438663361393063
-37663161626634636439383136313964393432356664636438343966663464666461346136343536
-61616266303531666463646531313839366137303436663835333838313731633835383231613539
-61333163383534663266633430353065643565393736626134333235303564313064313139306138
-64343335653539656130643538313931666330353465373866303235656237333933306162386663
-34613439623136613437303961613335383939333465363836666330373364656436326239633332
-30626132626135393163663434353862643261343635306639393436306434386332643366353831
-64386537356363353966373361616365343562383864323766366136323164343434363263646539
-32643266363530363766626561323433346366386166326463636530383931343665643765353663
-34636138306266643562666431323439386166373330323138386139383665353964656433353837
-36336361306461313763643837323839633033653636323933346531373661356463633265316365
-64346230653839346639306565653431393838313466343437383439623732353839353038346637
-66653234333033616430366634666363336534356533383663353634373861636561613161663665
-65646164383336356231333234633639383166303031353233323266653535366165386237363361
-33313233346133313935353864356332393736376464393238326166333964616361386263636239
-38353662313761343835623462613963633563396637386330333435333261336338653532653436
-64353035346661303130633436386364313936333066353437663266366437386262363330353034
-34396662336231613132646232313738356563373263633065373064383932323361623664636463
-38323066306466653866396636303662323930336438663730333465653063323361636562613464
-30333333326134326436636564363836383733336664643138616565623037636538343065373661
-33646235353865346164356534396637643137633366373731313336666461343961333362663865
-33373837396139613033623732666235313036333864663263613838613931636163626635643966
-30656431316165356363323437326234623265366132333761623631353966363036363733393462
-34643839356664336362386263313563656331626266383633396235626565336362313366656435
-37623539663561313038646466613661333462323564306339323335656331323930653661393434
-63353433633132663234343437356637663365636233613064613431383839666535653361666362
-30323266386137386666303738613363396635613962343761363464613835643736303735393434
-30666437396432386434613135663334643636633966643234613830653737653532656638643033
-65623562343666373835353662633635383563333430663939616537353363333465343631333638
-37386565343834353436356337646537393533313765313231333464363161636339303663326662
-63316136323961333565373464326532303338343363653832663730333965383836613161343564
-62616262323831343466383939636633323465656130343038643566643730383964383134353837
-32313935666435353139633935323137353933306235333530396632323732306536656462626264
-63346237313530633537626634646366393961323634356561623430633261306139643936303530
-32363961356461363233303762666633366464666137653331643063646334393633373535653262
-33313430633636336239386537643831343066333663646564333232363933663066613531343866
-66353838623039346139396664626132613835303066356330653261626533623039343035636637
-31303534333631323138613734646331313230313031616330366561613638313334386338663230
-36356163373634643337383433373335366133363263333234616162353232363837323861653231
-64613235623465633031613565396563666261633837633035373063333934363062343438393137
-30343938636163633131373165353938346235393362623037383064343933323634373735383634
-34333039326366313037376435663866356335333036313363663132306637346266626666646538
-36633139333738336239396230663765333339353461326363353131336166396462386133396536
-31383030316561346636633431646563323864613832636332393864623031333331303933626461
-35373836383134383961303035326137633866303161373732386536356266613138613833333636
-65343765656232393235653838336465656339373765353332336230343861653661306330643336
-62626432316539626562656633616337633262643932616563383837373235363533653532333765
-35333566363463323837663761396262323666663363643761363833373831323765333536323335
-63333636313135633137613339303132333765313663663035363663666631656230616665653936
-31663166323866643764666136633438633838663435653330393736333462633166343138336332
-32336630396339653032343338343833313862353737343062333665636534303135303833306235
-37386633646632376331623264356361323834306337666535376662333961393133343961643637
-36343433376532373362633930633432306562313930303862323835663236393639363739666563
-63376164636634396131363364363930343035313539393263343833363561663136626239356635
-66323264313639616666656564363339383363353930626138376631643931623533613838303563
-30303633663733303133653336666266613135356236646538366131633763313665396664666539
-32663766323665656565653638306630356237356163663139306437373934383663666463643838
-65376234373862633363353937613439653264373033336230613962323630323965376462393862
-61666661336566313232393166346534323733663233383631363433633439623535333963393930
-39323637346339376537383632393239376538633135633431613937626132643634383061313839
-34373563393064613266396263333431323536353436616237623134653962363463323064343131
-63653966353761373335303738356638396165633730633038623061633937313531396430346131
-36313936636431646663343966613335663537646334336439646664626463353134393633326239
-31383135383739653562323164633063333139393364383336303664383731396361313665636163
-31393364376138643438626239383831323832393538643738303266376436656264386234306465
-33633934383737623332616534393162333830333534396331303435633333396237636163386434
-65353033353336313462356139663035306538393731363065393365373433623931353166653238
-32663638333337643032666365346437623565366630323831323131663236343130646136306131
-35653335316435326462653362613737663864616561333331633236383330633764333834393533
-30303239313731356635646434393065666136613261626661616535363235633334376564343664
-38386235386664623162643735653564633863306437666434663739396137323666663361663265
-34386463313533623034363362386531616462663438343862346130383066633666643732376364
-34396339353465336536356136353137303664376232386465303037663038633630313332363361
-35646462326538656263613636653239303931616166623732363636316235316162386232393432
-61383637353862303936353161363564323339646666393934373063326463356336393332663666
-65653165363135363366666361323232333934353638653464653633326264373737306263613661
-30363331636262663438643738353965356163333735613032303234653761393063356334366264
-32396263393133323338323939623031383836343634363635663232646466316662323337376466
-61666434393236656534326238343963616536373332393866306632326630616362326464363535
-31626335643537313032653334643964393037326531613333316630633034616232386664366335
-38346139653564663165636565623435633066393830643430353037313066383138393731616234
-31363762383562313863316164306330326363356231313261613833373931643438376632343835
-62636134343230313462396137353530323632613534363564303664336163366532303961623265
-63316535363266656164363062363063306435653362333066626363333061383037306436386630
-37303034633566356535336563363762303839326638663230383335316432663931653339373738
-33633164336666343065343962356561643462343665663430383337653639646266333130306463
-62653633623064393433383836356562313230323633376365366633666530323362613239623230
-62313664636138333232303362363363616463396532616139343430353036336334653935626332
-61636230366466666333366439346461326262366138326133363130653431353963383065613139
-38363333396430376532373232666138323637643763353564626432626336303131333032646531
-63353364363264343731623463333834636531343830366363336433653234303230363664396430
-39333463373862653336303130656361356161616264313730353165666637333866653133663339
-32626635633635316463333335323239363631333638656263346666616537336664363930306636
-36346537323766663862653730396663313339326232666665663761656438613236303833313936
-34653763393433383465303061343134366132363565646464323533313964386437383462313438
-39623133323030353938393732626334323832643233626562623334373434316162373331616336
-66653333363762363631636436396165333531613333386263333130306534623335373862373337
-63333634613564613230643235316139376234633961323734396133386437616261336430373864
-62366130383962393634353136396435636536363136613361396565636436373733623761326437
-30353932353135383465363833376630383066386163336662303032363863343531393432383339
-3761636665353966616234653830663661653662303130333138
+30666538623634343033303531393564333966386231373138346566373430323933396662333833
+3133633431636139343530353439383833316636356639320a356432373962623238653937623236
+33353264343834616363623861663632653439343166333931666663383331383636636235636462
+3431346235316330330a396435366662323665336162643233313832633634343430663039623162
+36666264343864356334333665303263313061383366323863303839336234656463366466383331
+38643863653236633436383933656630306238366133653165613162653564343937383538393730
+30666438353535653162393630613338323831623062383639343861653034663565633864633864
+30343761366262323561306432303764356331653534646166643235366232333233643364353839
+65306239323236353132373335666263356337386630333231623030353365653563636365363130
+32633139363561626436393261313236616331303638393833396631336464623135366361363261
+66353434376431393866323933326431363764343234306465366566306462383737363565663465
+38313366643462363766646538363865313265396538313830363566633962363965336539336136
+39366433316563613932363836623863616532393330623066323333623831623665376239313466
+30393965353165323662623761393032333066643861343764393066396539336239646634316638
+37373439373634333232323534663134636237356361376337383939663964313130383362373062
+38363533633065633862383337653365636130346465353462303765343730623933663234643939
+39623130393733306630383863393865663830626534396364343035323963326166633663363363
+63326133616338363536326437303939363466636564663265376162653436323032353930613932
+39363462373934653335333534363463376438383063386266656535343964356539613463633638
+30376331383230383135636464366639643339333364643561386534313433623363613366623965
+63666663656366373538643732383731353836376335643565343034343839303138663139303066
+65303838313337663939353332326362396633333962353833313630616464666432326430646466
+36376462343737643330383834373261363336316333363539646265396362393965353764366430
+30306339646363613461313435623761646562356333366266396534613138306134656538653363
+38643365306366343136663464333063313265643664666164363531333739393562333438323463
+36383330633339616361646436303837616333623130666536316135653563653135656236393763
+65333861653666346434653164333131616461373862353232396665633861633837356665306332
+66326561366438653235386664353463633831633631346464353262303133346633343133633066
+62313963616336643233383162333631616661613265376633623338316363626139393932313632
+39613736666530363136393061353131613230326337663130393061616135643964646436316562
+30363037616439396338366637333763313030373438306530306662356531396630373631373332
+62326635633966396330376633383562333638346261653461313961333061336132633930396461
+35366163363736353330666637363339326539343938626161626634643432353138383334636434
+30613230353435663030616361313166323763313933343033306434353931376536396533346139
+32393666663132633763326266326439653033656666373362666566643139653736646632323862
+65353838303133653266633636663534343739346537376665323035356662643231616334393962
+30366537663336323339633963663434363661303733653764353837316537643366353535643336
+33653663663436646563613239343339636366643832306638653138366630663538313061623831
+31323438626639343737383330396637356537393530393064323164333832313065626266616532
+63616239626365643235663265343339633734656135393835343634383865353930393561663030
+37646366393638626237646464383236633137623466616163366334336338376232376164343633
+32356465316462363665636266303561653461656339373834326265383438316235323963646464
+61386536643639383430333864636566623866363232333632623132376237386461313738643936
+36663461323462316333363963326436633965336430363234383833386638313938623536663466
+37663731613363363330373330373732623032336662343434383961343963623861396464356261
+61366338343966323832306335643432323561363738326334333836613864386637313335336163
+65373865626364326362666665353833313761333132373233333666623264356631393432636530
+61326435323862613939613563643639616538376638616630396631643666343234323733366635
+37666335333761623135353135636335346462663066366665663330313564653338633766363863
+66633337643938653363623463346235376632336362633538343961666633666261613937356666
+37656330323933363736326438363331343131343933623938316330613961313238656535353664
+34653166303630613034346238386636346539323661353830613139646333633530616333626262
+66653538663937386130343461623564303030653663613133323962636634356536333136633961
+63616364313330653633366433656634623163353833393530346432333432653463303937623936
+61613364343333393764303436376636353932623564333866623135636435343136613131633166
+66356233366334643039396230383039656130623164376338653632313736303339653862633365
+39313139656664386437653939306536303639376632623230623739326334356636343930343839
+62386237393836636238633966323662666165393330613538306463396133316565363435636164
+38623637366330393832306666316439313462656134326334306633333638353364653338336239
+37613931323265666165363264643035616437666366346133636465663438393662323531343235
+66336665653065656337343162333537383138663932333235333933633538323236373639346237
+33326339326230303538386133623637346333633832633036626636323736636531383162386262
+33666163383764363136396262613333386266613931653434353132333335633534666539353239
+32386264663336343462383331643931346135383361323930643235343766666665653335323637
+35646436626166646430613031653936396335363763653164333533663031386639316432613032
+61623161313731336161373163396433613233623966353237333339643866636435623437366633
+35376466316464363361666338396635326439326665383032333066396662333336333263636436
+35623065373432633237633230353139613963653139313864663663346637653861613766626262
+35383365663366646233326133343132656333393864306365636162626338623136316239353965
+64336131363639336339323637373166396264373833363863656239336235633937396635633666
+62376434633039373136666530366331343435633532653832663339306664393733653133326662
+61383266316239373666316664633863646561373763386334336464336231613530353761306338
+31373166396330383862623433343136656536653533356336313230393835306663633837376133
+37376138616662656363396430366338313138363463373036353466346339303135646663656335
+34633964663234343161366335383730323832396537663138666431313439663065393931363836
+64306332663930326164343730663433646438633666626138633033383264363339323338353233
+64393565616262396636363939616366656231303266343864336431343734396465393430336334
+64336262626436623831343437336430383264626561623030313434333362323564353537386163
+35353538623066653832316232663065646634326562323238346237323635613661386263316564
+61643532626635383534613439316462323631366562346566656139646438653765663235393966
+37356231363561363534373465633236653331613235656163303936333838633766386431306430
+61313061343535313261623137623330383237376465373766366539613565376661376632386234
+34626262623431363766353538633063653862313539636435376335363631333932663532313733
+31363139616338646563346433346630643263313063343338636231633830306134613466633436
+63613665613737636133393961626335303139313761316338663033623836626534633234396139
+32313262353031336436343038373032303138653963393535376432343861653733353939663837
+33646230356530656535633932353363336138313762646332643864363036633837366463396264
+63343936333863353835366338653265663162623464613639363461656231643531663433333662
+36313063333461366632646434373839646665666231656661383635636564326362383134663236
+62633965316361633533386262363233613966366135353965316130313264373539326331386264
+66333965393533646437343132323364323063663632643961656535303961373337623838613934
+61353564323963316537636636373236303835393930383737343361396162646131383362346638
+65623238666239303032303366626562396335613066633364616236623533386165623864316639
+35613662393262306432366463393265363065376266653764613235663637316132666462393836
+63373366303261336339643033343436303539613861366236316462383664663734646138663239
+34383036383830656138353566343632333365656535383733353337663231633530373366666532
+36383739336337366565353561643565643736333036643330653765656361313366343638616564
+30373637393230383537353830376637663137376330306131303366303531313533346135306531
+37303764343333626636353134663339383563323863666430306462666436303930346133333130
+34626262323335303064633237323030666236636236643032643339613361383465356264376636
+38646563316362306533326233643966633438333533383135386631343862346433666563346436
+39616431626361633963363534646531366132313335303939623334646631613066623861313662
+66633638333035616166376335343265383032613837633539663266306266353665643139366132
+36333937373733643631366536343433613832613039633239363630353839326332643861653766
+33303564316630363936663238623062346437653761323036633566663432643135343134383739
+30353936346666336230336536303033303265613663653833336433356432613738636231386334
+35373836316462653964623636316539333062356131323439373835396265336662316636336438
+38363162396337653762616332303133663661656662316465356134336133306464646639343739
+32623336346430396439653936633831353264626562626635643636663539353139663033346534
+35366636643736613135383562616265646363663238643333636230353933323038353132623237
+323336343937386564666161323033656566

From 5ed4c2a13580a7c5a55f456964016d8b4bb74838 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 16 Jan 2024 11:47:55 +0100
Subject: [PATCH 445/504] Attempt to shorten login time by ignoring group
 members.

This is seems to be the solution for larger groups.
---
 roles/lmn_sssd/templates/sssd.conf.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/lmn_sssd/templates/sssd.conf.j2 b/roles/lmn_sssd/templates/sssd.conf.j2
index 9de11e5..0c10c3c 100644
--- a/roles/lmn_sssd/templates/sssd.conf.j2
+++ b/roles/lmn_sssd/templates/sssd.conf.j2
@@ -16,3 +16,4 @@ default_shell = /usr/bin/bash
 ad_gpo_access_control = disabled
 ad_gpo_ignore_unreadable = True
 ad_maximum_machine_account_password_age = 0
+ignore_group_members = True

From aa8bc09ce69ca8367f99d4802f3ec6fe8ab1a849 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 16 Jan 2024 11:54:45 +0100
Subject: [PATCH 446/504] Implement time stamp and improve reporter syntax.

The directory access time used so far is modified on every
ansible run and independent of the ansible module/playbook.
---
 lmn-client.yml               |  4 ++++
 roles/lmn_fvs/files/reporter | 16 ++++++++++++----
 tools/collector              |  6 +++---
 tools/emitter                | 12 ++++++------
 4 files changed, 25 insertions(+), 13 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 11f40b3..0167843 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -85,6 +85,10 @@
     - lmn_security
 
   tasks:
+    - name: Timestamp successfull ansible run
+      ansible.builtin.shell: date --iso-8601=seconds >> /home/ansible/.ansible/stamps
+      changed_when: False
+
 ## Temporary fixes and quirks:
     - name: Fix 8086:4909 external graphics card
       replace:
diff --git a/roles/lmn_fvs/files/reporter b/roles/lmn_fvs/files/reporter
index fff637c..18f0eca 100755
--- a/roles/lmn_fvs/files/reporter
+++ b/roles/lmn_fvs/files/reporter
@@ -7,19 +7,27 @@
 set -eu
 
 sendto="collector.steinbeis.schule 1234"
+n=0
 
 cmds=(
     'uname -a'
-    'ls -d --full-time /home/ansible/.ansible/tmp/'
-    'ip link | sed -nE -e "s/^[2-9]: (\S+): .+/\1/p" -e "s/.+ether ([0-9a-f:]+) .+/\1/p" | paste -d " " - -'
+    'tail -1 /home/ansible/.ansible/stamps'
     'ip route list default'
+    'ip link show | \
+       sed -nE -e "s/^[2-9]: (\S+): .+/\1/p" -e "s/.+ether ([0-9a-f:]+) .+/\1/p" | \
+       paste -d " " - -'
 )
 #    'w'
 #    'uptime'
+#    'ls -d --full-time /home/ansible/.ansible/tmp/'
 #    'ip addr show'
 #    'apt list --upgradeable -o Apt::Cmd::Disable-Script-Warning=true'
 
-r="$HOSTNAME: ------- $(date --rfc-3339=seconds) -------
-$(for c in "${cmds[@]}" ; do echo "$c"; eval "$c" | sed 's/^/  /' ; done | sed "s/^/$HOSTNAME: /")
+r="$HOSTNAME ------- $(date --rfc-3339=seconds) -------
+$(for c in "${cmds[@]}" ; do
+      n=$(( n + 1 ))
+      echo -n "$n"
+      eval "$c" | sed 's/^/\t/'
+done | sed "s/^/$HOSTNAME /")
 ## -------------------------------------------------"
 echo "$r" | nc -w 1 -u $sendto
diff --git a/tools/collector b/tools/collector
index b8073b5..fc855c8 100755
--- a/tools/collector
+++ b/tools/collector
@@ -11,11 +11,11 @@ logdir="/tmp/collector"
 mkdir -vp "$logdir"
 
 nc -k -l -u -p "$port" | while read line ; do
-    sndr="${line%%:*}"
-    msg="${line#*: }"
+    sndr="${line%% *}"
+    msg="${line#* }"
     if [[ "$sndr" =~ [a-z0-9]+ ]] ; then
         if [[ "$msg" =~ ^-------\ .+\ -------$ ]] ; then
-            echo "$(date --rfc-3339=seconds) → Message from '$sndr' received."
+            echo "$(date --rfc-3339=seconds) → Report from '$sndr' received."
             echo "$msg" >  "$logdir/$sndr"
         else
             echo "$msg" >> "$logdir/$sndr"
diff --git a/tools/emitter b/tools/emitter
index 1347bc1..aafbd7a 100755
--- a/tools/emitter
+++ b/tools/emitter
@@ -29,14 +29,14 @@ find_outdated(){
     while IFS= read -r -d '' file ; do
         running=$(( running + 1 ))
         $debug && echo -n "Processing host '$file' with IP address "
-        d="$(sed -nE "s/\s+drwx.+([0-9]{4}-[0-9]{2}-[0-9]{2} \S+).*/\1/p" "$file" | head -1)"
-        if [[ -z "$d" ]] || [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
+        d="$(sed -nE "s/^2\s+(\S.+)$/\1/p" "$file")"
+        if [[ -z "$d" ]] || \
+               [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
             r='([0-9]{1,3}\.){3}[0-9]{1,3}'
-            ipa="$(sed -nE "s|^\s+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
+            ipa="$(sed -nE "s/^3\s+default via.+ src ($r) metric.+/\1/p" "$file")"
             if [[ -z "$ipa" ]] ; then
-                # FIXME: Outdated report format, trying fallback:
-                ipa="$(grep -E "\s+2: en" -A3 "$file" | \
-                        sed -nE "s|.+inet (10\.190\.[[:digit:]]{1,3}\.[[:digit:]]{1,3})/.+|\1|p")"
+                # FIXME: Outdated report format, try fallback:
+                ipa="$(sed -nE "s|^.+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
             fi
             $debug && echo "'$ipa'."
             if ! grep -q "$ipa" "$dir/${git_date//T*/}" ; then

From 2a79f3c304de9e20ee0b5beb5dc92aaaf549dbe5 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 16 Jan 2024 12:01:30 +0100
Subject: [PATCH 447/504] Fix console login error message from pam mount.

---
 roles/lmn_vm/files/pam-umount.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/pam-umount.sh b/roles/lmn_vm/files/pam-umount.sh
index 38e41df..0d90dd5 100644
--- a/roles/lmn_vm/files/pam-umount.sh
+++ b/roles/lmn_vm/files/pam-umount.sh
@@ -28,7 +28,7 @@ shutdownVMs(){
 ######################
 
 ## This is the first mount we need to get rid of:
-if [[ "$mtp" =~ "/lmn/media/$usr/share" ]] ; then
+if [[ "$mtp" =~ "/lmn/media/$usr/share" ]] && [[ -d "/run/user/$uid" ]] ; then
     shutdownVMs
     [[ "$slp" = true ]] && sleep 5 # leave some time to write caches …
     sudo -u ${usr} killall gvfsd | systemd-cat

From 57e090034daaf0cb807036487d1638e4d12532e4 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 17 Jan 2024 13:05:22 +0100
Subject: [PATCH 448/504] Move ansible stamps to root directory to fix
 installation.

During installation, ansible-pull is run as root,
'/home/ansible/.ansible/' does not exist.
---
 lmn-client.yml               | 2 +-
 roles/lmn_fvs/files/reporter | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 0167843..100a088 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -86,7 +86,7 @@
 
   tasks:
     - name: Timestamp successfull ansible run
-      ansible.builtin.shell: date --iso-8601=seconds >> /home/ansible/.ansible/stamps
+      ansible.builtin.shell: date --iso-8601=seconds >> /root/.ansible/stamps
       changed_when: False
 
 ## Temporary fixes and quirks:
diff --git a/roles/lmn_fvs/files/reporter b/roles/lmn_fvs/files/reporter
index 18f0eca..f665a6f 100755
--- a/roles/lmn_fvs/files/reporter
+++ b/roles/lmn_fvs/files/reporter
@@ -11,11 +11,11 @@ n=0
 
 cmds=(
     'uname -a'
-    'tail -1 /home/ansible/.ansible/stamps'
+    'tail -1 /root/.ansible/stamps'
     'ip route list default'
     'ip link show | \
        sed -nE -e "s/^[2-9]: (\S+): .+/\1/p" -e "s/.+ether ([0-9a-f:]+) .+/\1/p" | \
-       paste -d " " - -'
+       paste - -'
 )
 #    'w'
 #    'uptime'

From e30a7032a52fecc6c721f8ae1cf033a3e4ca4489 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 17 Jan 2024 16:51:12 +0100
Subject: [PATCH 449/504] No 'cache=loose' mount option for teachers' PCs.

Use the default 'cache=strict' for the CIFS mount to
provide extra data consistency.
---
 inventory.yml                  | 224 +++++++++++++++++----------------
 roles/lmn_mount/tasks/main.yml |   2 +-
 2 files changed, 114 insertions(+), 112 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 0829529..7313a3a 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,112 +1,114 @@
 $ANSIBLE_VAULT;1.1;AES256
-30666538623634343033303531393564333966386231373138346566373430323933396662333833
-3133633431636139343530353439383833316636356639320a356432373962623238653937623236
-33353264343834616363623861663632653439343166333931666663383331383636636235636462
-3431346235316330330a396435366662323665336162643233313832633634343430663039623162
-36666264343864356334333665303263313061383366323863303839336234656463366466383331
-38643863653236633436383933656630306238366133653165613162653564343937383538393730
-30666438353535653162393630613338323831623062383639343861653034663565633864633864
-30343761366262323561306432303764356331653534646166643235366232333233643364353839
-65306239323236353132373335666263356337386630333231623030353365653563636365363130
-32633139363561626436393261313236616331303638393833396631336464623135366361363261
-66353434376431393866323933326431363764343234306465366566306462383737363565663465
-38313366643462363766646538363865313265396538313830363566633962363965336539336136
-39366433316563613932363836623863616532393330623066323333623831623665376239313466
-30393965353165323662623761393032333066643861343764393066396539336239646634316638
-37373439373634333232323534663134636237356361376337383939663964313130383362373062
-38363533633065633862383337653365636130346465353462303765343730623933663234643939
-39623130393733306630383863393865663830626534396364343035323963326166633663363363
-63326133616338363536326437303939363466636564663265376162653436323032353930613932
-39363462373934653335333534363463376438383063386266656535343964356539613463633638
-30376331383230383135636464366639643339333364643561386534313433623363613366623965
-63666663656366373538643732383731353836376335643565343034343839303138663139303066
-65303838313337663939353332326362396633333962353833313630616464666432326430646466
-36376462343737643330383834373261363336316333363539646265396362393965353764366430
-30306339646363613461313435623761646562356333366266396534613138306134656538653363
-38643365306366343136663464333063313265643664666164363531333739393562333438323463
-36383330633339616361646436303837616333623130666536316135653563653135656236393763
-65333861653666346434653164333131616461373862353232396665633861633837356665306332
-66326561366438653235386664353463633831633631346464353262303133346633343133633066
-62313963616336643233383162333631616661613265376633623338316363626139393932313632
-39613736666530363136393061353131613230326337663130393061616135643964646436316562
-30363037616439396338366637333763313030373438306530306662356531396630373631373332
-62326635633966396330376633383562333638346261653461313961333061336132633930396461
-35366163363736353330666637363339326539343938626161626634643432353138383334636434
-30613230353435663030616361313166323763313933343033306434353931376536396533346139
-32393666663132633763326266326439653033656666373362666566643139653736646632323862
-65353838303133653266633636663534343739346537376665323035356662643231616334393962
-30366537663336323339633963663434363661303733653764353837316537643366353535643336
-33653663663436646563613239343339636366643832306638653138366630663538313061623831
-31323438626639343737383330396637356537393530393064323164333832313065626266616532
-63616239626365643235663265343339633734656135393835343634383865353930393561663030
-37646366393638626237646464383236633137623466616163366334336338376232376164343633
-32356465316462363665636266303561653461656339373834326265383438316235323963646464
-61386536643639383430333864636566623866363232333632623132376237386461313738643936
-36663461323462316333363963326436633965336430363234383833386638313938623536663466
-37663731613363363330373330373732623032336662343434383961343963623861396464356261
-61366338343966323832306335643432323561363738326334333836613864386637313335336163
-65373865626364326362666665353833313761333132373233333666623264356631393432636530
-61326435323862613939613563643639616538376638616630396631643666343234323733366635
-37666335333761623135353135636335346462663066366665663330313564653338633766363863
-66633337643938653363623463346235376632336362633538343961666633666261613937356666
-37656330323933363736326438363331343131343933623938316330613961313238656535353664
-34653166303630613034346238386636346539323661353830613139646333633530616333626262
-66653538663937386130343461623564303030653663613133323962636634356536333136633961
-63616364313330653633366433656634623163353833393530346432333432653463303937623936
-61613364343333393764303436376636353932623564333866623135636435343136613131633166
-66356233366334643039396230383039656130623164376338653632313736303339653862633365
-39313139656664386437653939306536303639376632623230623739326334356636343930343839
-62386237393836636238633966323662666165393330613538306463396133316565363435636164
-38623637366330393832306666316439313462656134326334306633333638353364653338336239
-37613931323265666165363264643035616437666366346133636465663438393662323531343235
-66336665653065656337343162333537383138663932333235333933633538323236373639346237
-33326339326230303538386133623637346333633832633036626636323736636531383162386262
-33666163383764363136396262613333386266613931653434353132333335633534666539353239
-32386264663336343462383331643931346135383361323930643235343766666665653335323637
-35646436626166646430613031653936396335363763653164333533663031386639316432613032
-61623161313731336161373163396433613233623966353237333339643866636435623437366633
-35376466316464363361666338396635326439326665383032333066396662333336333263636436
-35623065373432633237633230353139613963653139313864663663346637653861613766626262
-35383365663366646233326133343132656333393864306365636162626338623136316239353965
-64336131363639336339323637373166396264373833363863656239336235633937396635633666
-62376434633039373136666530366331343435633532653832663339306664393733653133326662
-61383266316239373666316664633863646561373763386334336464336231613530353761306338
-31373166396330383862623433343136656536653533356336313230393835306663633837376133
-37376138616662656363396430366338313138363463373036353466346339303135646663656335
-34633964663234343161366335383730323832396537663138666431313439663065393931363836
-64306332663930326164343730663433646438633666626138633033383264363339323338353233
-64393565616262396636363939616366656231303266343864336431343734396465393430336334
-64336262626436623831343437336430383264626561623030313434333362323564353537386163
-35353538623066653832316232663065646634326562323238346237323635613661386263316564
-61643532626635383534613439316462323631366562346566656139646438653765663235393966
-37356231363561363534373465633236653331613235656163303936333838633766386431306430
-61313061343535313261623137623330383237376465373766366539613565376661376632386234
-34626262623431363766353538633063653862313539636435376335363631333932663532313733
-31363139616338646563346433346630643263313063343338636231633830306134613466633436
-63613665613737636133393961626335303139313761316338663033623836626534633234396139
-32313262353031336436343038373032303138653963393535376432343861653733353939663837
-33646230356530656535633932353363336138313762646332643864363036633837366463396264
-63343936333863353835366338653265663162623464613639363461656231643531663433333662
-36313063333461366632646434373839646665666231656661383635636564326362383134663236
-62633965316361633533386262363233613966366135353965316130313264373539326331386264
-66333965393533646437343132323364323063663632643961656535303961373337623838613934
-61353564323963316537636636373236303835393930383737343361396162646131383362346638
-65623238666239303032303366626562396335613066633364616236623533386165623864316639
-35613662393262306432366463393265363065376266653764613235663637316132666462393836
-63373366303261336339643033343436303539613861366236316462383664663734646138663239
-34383036383830656138353566343632333365656535383733353337663231633530373366666532
-36383739336337366565353561643565643736333036643330653765656361313366343638616564
-30373637393230383537353830376637663137376330306131303366303531313533346135306531
-37303764343333626636353134663339383563323863666430306462666436303930346133333130
-34626262323335303064633237323030666236636236643032643339613361383465356264376636
-38646563316362306533326233643966633438333533383135386631343862346433666563346436
-39616431626361633963363534646531366132313335303939623334646631613066623861313662
-66633638333035616166376335343265383032613837633539663266306266353665643139366132
-36333937373733643631366536343433613832613039633239363630353839326332643861653766
-33303564316630363936663238623062346437653761323036633566663432643135343134383739
-30353936346666336230336536303033303265613663653833336433356432613738636231386334
-35373836316462653964623636316539333062356131323439373835396265336662316636336438
-38363162396337653762616332303133663661656662316465356134336133306464646639343739
-32623336346430396439653936633831353264626562626635643636663539353139663033346534
-35366636643736613135383562616265646363663238643333636230353933323038353132623237
-323336343937386564666161323033656566
+66633761313137346437356436366332303964316235643665363338323632656562336339326565
+6163373036366531373930326330303835663534316466660a393631653931333335306437313436
+31333364363064303365336138663439656630666565636532666132316633666633396338623537
+6465376331623462390a636563663661326530646237353239636630316634366238646530323462
+33633564613565333039663662353835366439303164633338366139343165626333323836613533
+36306133616634303961373035336239643866306539366138346663396265303662353765636330
+34363734303062363733663265616363626136373338326134306434323766393339393237393836
+63303336636264656435393261303965363639633932326130666232353265633661636339316334
+39626232346466313831643034643761313137373739653330386233343836636430626462636135
+62386263343131326439373163393230393732663862333530313533616537376133373032626466
+37613031633765303466363661643132656437356434383364323432636439323832346233363638
+33383234373935616166383237633434333639613936363231313732626562623834626462316531
+61356432643362646439636634393662353739376363623130646333326435336564383461323932
+64666331643462303262353064396437356262303232616164646136393638386565303438383664
+30646562383563323735623266386239643038393531366364386235663534363736653935316161
+32323533393465303830343131623365316466366130363233626535396331393034623363623632
+31303731346261666538306361356335336162356361376366653662383839333039323132336538
+66623230373065353137356132653132343866663165663732356338326634616530333661643836
+36633336383134313931663061653635366333633663343763383730333134323538313933343536
+39616635393132666535653339656363613431373461316263306130653530343638653562623866
+32613430643437636261313662306636656661313633383833646164306566303362373338643331
+39626232306465323239326561633135303163656539643036313939356666343564376264643434
+31343434303665323330343061353535306536653266393563643033323463323031386266303363
+64313439306139616438633462613239663566346263393431656230623766346539653134666166
+38656536303765393938333965373437633238623461326632613865636564373435333234383338
+66366234303731343233363730393939313536646531313435353065373466326665373133343331
+66313239636562666634366338663937333636326534346561653132633334323937333162336364
+31316364656166343931383039343638623138373639653263373635363031373731353735393563
+37303731643536363630363961343633313739393237336261653262336161666138343336343438
+63393166396462616562386265363263336337633837663562313338626365383063356331343061
+36646265633364366234333338616161363738653561663565626463356434343663363135623931
+62346338643462373636623235393739323964666138626464383161653638393532626465346234
+66393730633635643962353139616465623236313135346131333139396264313134653762316165
+63313830396130343439613961353836383737613566376333306263343061616663623135393935
+38656138633263383734303133393132366534666638623566633566623530666630656462386565
+33633961633261666538653535323465376437666337653931663361306466626465306233353964
+63336662326634386538353464373435373262626137626462613863346539333464656538373363
+36386338326630666563323034393762303035393538623032646565323432316364333362333739
+64666235346130373562666564663834386238636132343730326631393938643530616437393938
+35616137626632613537333965393537643833303139363034303266643165333234353431316133
+63656433643137383966333531623038366164656533643835616564343736366234353862636434
+66643066663061366132373735316563356532643639343563393662396330376239373664383637
+63353235343661346238353133613834623130653861343331386539336361623762393531303533
+34633932616535356130396263333664393836386531383531313836363134326665386333616636
+35643564353639656431343139323264323936346336656163383836356662336337326562626336
+31373938613537636335393863373366323430623365373137323539353435633931383866313863
+34613661613235323733393461356161303134386332323031626635666238336337643466326666
+61353363353536376538323032386462323531626539363066636435633733356132353930653363
+64626238636364323034623761306639393939653038366537633939626236383162616162663136
+38363439656435633761376462663165613365373664333733316339326435316231633930366236
+39343934343337663938363234343838366263623436373230323365346635313435343733346635
+61633066663134396134333664376365353431663331383362316538343135626564313561393839
+62353737333163376234383561666231666537386565356133303339363937316534363265346464
+39393432666563386636653563366232316638393237393434346235613264353764633037363163
+39393865333734323139333865393363633636343931633832386364353766376161306639336134
+30386239373231616139346439353233613630376230373264343064383036323161386365396234
+64666337336230343662383863323062323733303535663935376532323336643262373437613834
+35313962636531643435373362393063616230613964383839383138653131626363363236376438
+35313131393831623966666132626661636339303761616265316232363039363036343263346565
+31633737653432323431376134393765643234343461376465643831303666643931653963346365
+62323530633332613266383133663961356332356637636261373666663565633732363465393462
+37376564636463643930373062343763353764353835346134313865353236373835323235383561
+65613038663538396463343863633033313632666131323535316136656261366637326131356230
+61383238376433373166396132346265623034666231346261623064383539623539343665336239
+33386536336363383134663432626139616532353335383431336635396531333833326137353662
+36373866393533663934363861303464313137626337623065613033666430366138363662623862
+35303734333936656163353962313566353337396661623861336134643231363532303939623335
+39376332386635326537633431313562376336626334333534646537613036326136386339333934
+36323865633362646662306438303632616166663462356661336262386461393933363433343231
+38613932663836633866396364326538303839613163633632653865643334343331663561353334
+38386365303433626530626233666632326632616332653465613933313865333134613932663362
+32386161346333653732366138666263666637623131393936396535333064313166656262613339
+37346162353866643131363530656236323535663732363134333931373736663432363861613063
+66633537353461383131653735343663613630323063393162656433303831303862323335626366
+39373664666431363462373634613636653033386463373537323461613730363031386463633030
+37616362353433376561343863393361353533356438313061653664366661373238656261336437
+32616536656464396563633164323239616265366233626432613331383839663230623662376131
+62326633646665303635653739643239323763343839663864663336386261316639633737396264
+66623635393137346133303764613138356561636134343566613366666365303762313639626666
+62633834383662336561396661343634376438666264653135393761356339366264356639653065
+35616235303063623263363730393137396139336532363262393338373937613964396161333331
+61323339636163613238353662333637383064343665386334643566393066356165323637306135
+36666538346232313637333066356636303434373731383338653762646433633637373630353339
+32353464326637393639643631623837346661653464633164653930666338306363313434653832
+62353536343764623430616163613663323934616331313433643039383966316437653033343962
+33323062346233343730643436373936626535653433323432643235623966623434613365343238
+34643163333232393333663134656364306562303964636631396463663432633964303862643635
+61386461306266626338613533646164356237343862353366663138326163613162303234386134
+65363737323930303537623134636266346330363437383434373664323536303433346536333736
+32626332343730353934356633353831656436353131326264333538643461323631633436636335
+62313738613661383238636237613034373930343964353030353434356361646138653537386237
+39393236383131616234366466393863313133666366383361306631636334316633313834633539
+64346364663862663935663037326664343133333765333437336131393961643139313436343733
+61633937343465336332376636313364383336616461346566333734633062643532333262363566
+32336334633833663733623132363737383232633231636438636264653635306634383465306630
+35613136666135313065613062616535353333353662633961343334336137616464616262316133
+31363661386536383833616435316466646639636238346365363461343137303836313766393966
+34353436636565623739656136386236383461666461653032386664616563303766663635653866
+31326537343330323931343163326630333335366437373363653436363438356365363965326237
+33343365633837393831303266376634333961333231663937656662343963643433366665643433
+39366430386134356332393665646563363537663132333937643762366334383931633637663730
+32623037353332333663613331376562616130656265623863326534376335303530386564313763
+65633732393936386133313863393664303530393761336661623732633661663465393130356333
+36343932396431653566626430643062323233613933383465656335633066636166376561656339
+38333233633765363833343734323264363265643464343765653032383330393739373433323738
+31613166633865333764633562663162326534623236633435663038333765306638643930663638
+36373065636331643338343931343964643766373764363737333831363061336262353662656537
+38306539376665346461646233383761383764366432636138663936366434396664303661356433
+34333734356661366637643034656331396164353233303739306161633236333965313161623763
+65613637346235653431633537666431323930666231363038316632633935326233303861383961
+37363039373539666237323466303264613839366239386337303036313732613034663762666337
+33346261383261363566313333666130393463623062343030623338373261646537316137623163
+3065
diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index dfbeb4a..aa16fc2 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -35,7 +35,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc,actimeo=600"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc,actimeo=600{{ cifsopt | default(",cache=loose") }}"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"

From 40962fd9dede9cf0304f3ae61164b51ee42fbda5 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 19 Jan 2024 20:08:19 +0100
Subject: [PATCH 450/504] distribute VM-images with aria2 instead of ctorrent

---
 roles/lmn_vm/files/images.list                |   5 -
 roles/lmn_vm/files/linbo-torrent              |  33 ---
 roles/lmn_vm/files/linbo-torrenthelper.sh     |  31 ---
 roles/lmn_vm/files/lmn-link-images            |   3 -
 roles/lmn_vm/files/lmn-mounthome              |   3 -
 roles/lmn_vm/files/lmn-startvirtiofsd         |   3 -
 roles/lmn_vm/files/lmn-sync-vm                |   3 -
 roles/lmn_vm/files/lmn-upload-vm              |   1 -
 roles/lmn_vm/files/lmn-vm                     |  17 ++
 roles/lmn_vm/files/upload-vm.sh               |  67 ------
 roles/lmn_vm/files/uploadseed                 |  83 +++++++
 roles/lmn_vm/files/vm-aria2                   |  30 +++
 .../lmn_vm/files/{create-vm.sh => vm-create}  |  27 ++-
 .../files/{link-images.sh => vm-link-images}  |  18 +-
 .../lmn_vm/files/{rebase-vm.sh => vm-rebase}  |  12 +-
 roles/lmn_vm/files/{run-vm.sh => vm-run}      |  47 ++--
 roles/lmn_vm/files/vm-sync                    | 131 +++++++++++
 roles/lmn_vm/files/vm-upload                  |  70 ++++++
 .../{start-virtiofsd.sh => vm-virtiofsd}      |   0
 roles/lmn_vm/files/vm.conf                    |  14 ++
 roles/lmn_vm/files/vmimage-torrent            | 213 ------------------
 roles/lmn_vm/files/vmimage-torrent.service    |  15 --
 roles/lmn_vm/tasks/main.yml                   |  52 ++---
 23 files changed, 444 insertions(+), 434 deletions(-)
 delete mode 100644 roles/lmn_vm/files/images.list
 delete mode 100644 roles/lmn_vm/files/linbo-torrent
 delete mode 100755 roles/lmn_vm/files/linbo-torrenthelper.sh
 delete mode 100644 roles/lmn_vm/files/lmn-link-images
 delete mode 100644 roles/lmn_vm/files/lmn-mounthome
 delete mode 100644 roles/lmn_vm/files/lmn-startvirtiofsd
 delete mode 100644 roles/lmn_vm/files/lmn-sync-vm
 delete mode 100644 roles/lmn_vm/files/lmn-upload-vm
 create mode 100644 roles/lmn_vm/files/lmn-vm
 delete mode 100755 roles/lmn_vm/files/upload-vm.sh
 create mode 100755 roles/lmn_vm/files/uploadseed
 create mode 100755 roles/lmn_vm/files/vm-aria2
 rename roles/lmn_vm/files/{create-vm.sh => vm-create} (69%)
 rename roles/lmn_vm/files/{link-images.sh => vm-link-images} (57%)
 rename roles/lmn_vm/files/{rebase-vm.sh => vm-rebase} (89%)
 rename roles/lmn_vm/files/{run-vm.sh => vm-run} (71%)
 create mode 100755 roles/lmn_vm/files/vm-sync
 create mode 100755 roles/lmn_vm/files/vm-upload
 rename roles/lmn_vm/files/{start-virtiofsd.sh => vm-virtiofsd} (100%)
 create mode 100644 roles/lmn_vm/files/vm.conf
 delete mode 100755 roles/lmn_vm/files/vmimage-torrent
 delete mode 100644 roles/lmn_vm/files/vmimage-torrent.service

diff --git a/roles/lmn_vm/files/images.list b/roles/lmn_vm/files/images.list
deleted file mode 100644
index 1129e07..0000000
--- a/roles/lmn_vm/files/images.list
+++ /dev/null
@@ -1,5 +0,0 @@
-win10.qcow2
-win10-SolidWorks.qcow2
-win10-Elektro.qcow2
-deb11.qcow2
-deb11-virtualbox.qcow2
diff --git a/roles/lmn_vm/files/linbo-torrent b/roles/lmn_vm/files/linbo-torrent
deleted file mode 100644
index 958b2bb..0000000
--- a/roles/lmn_vm/files/linbo-torrent
+++ /dev/null
@@ -1,33 +0,0 @@
-# default values for linbo-torrenthelper service provided by ctorrent
-# thomas@linuxmuster.net
-# 20220317
-#
-# note: you have to invoke 'linbo-torrent restart' after you have changed any values
-#
-
-# Exit while seed <SEEDHOURS> hours later (default 72 hours)
-SEEDHOURS="100000"
-
-# Max peers count (default 100)
-MAXPEERS="100"
-
-# Min peers count (default 1)
-MINPEERS="1"
-
-# Download slice/block size, unit KB (default 16, max 128)
-SLICESIZE="128"
-
-# Max bandwidth down (unit KB/s, default unlimited)
-MAXDOWN=""
-
-# Max bandwidth up (unit KB/s, default unlimited)
-MAXUP=""
-
-# Supplemental ctorrent options, separated by space (-v: Verbose output for debugging)
-#OPTIONS="-v"
-
-# Timeout in seconds until rsync fallback (client only)
-TIMEOUT="300"
-
-# user to run ctorrent (server only)
-CTUSER="lmnsynci"
diff --git a/roles/lmn_vm/files/linbo-torrenthelper.sh b/roles/lmn_vm/files/linbo-torrenthelper.sh
deleted file mode 100755
index 8c5f2a1..0000000
--- a/roles/lmn_vm/files/linbo-torrenthelper.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/bash
-#
-# thomas@linuxmuster.net
-# GPL v3
-# 20220317
-#
-# linbo ctorrent helper script, started in a screen session by init script
-#
-
-torrent="$1"
-[ -s "$torrent" ] || exit 1
-
-# get ctorrent options from file
-[ -e /etc/default/linbo-torrent ] && source /etc/default/linbo-torrent
-
-[ -n "$SEEDHOURS" ] &&  OPTIONS="$OPTIONS -e $SEEDHOURS"
-[ -n "$MAXPEERS" ] &&  OPTIONS="$OPTIONS -M $MAXPEERS"
-[ -n "$MINPEERS" ] &&  OPTIONS="$OPTIONS -m $MINPEERS"
-[ -n "$SLICESIZE" ] &&  OPTIONS="$OPTIONS -z $SLICESIZE"
-[ -n "$MAXDOWN" ] &&  OPTIONS="$OPTIONS -D $MAXDOWN"
-[ -n "$MAXUP" ] &&  OPTIONS="$OPTIONS -U $MAXUP"
-OPTIONS="$OPTIONS $torrent"
-
-[ -n "$CTUSER" ] && SUDO="/usr/bin/sudo -u $CTUSER"
-
-while true; do
- #$SUDO /usr/bin/ctorrent $OPTIONS || exit 1
- nice -n 20 /usr/bin/ctorrent $OPTIONS || exit 1
- # hash check only on initial start, add -f parameter
- echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
-done
diff --git a/roles/lmn_vm/files/lmn-link-images b/roles/lmn_vm/files/lmn-link-images
deleted file mode 100644
index 15a6a14..0000000
--- a/roles/lmn_vm/files/lmn-link-images
+++ /dev/null
@@ -1,3 +0,0 @@
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
diff --git a/roles/lmn_vm/files/lmn-mounthome b/roles/lmn_vm/files/lmn-mounthome
deleted file mode 100644
index ed958ff..0000000
--- a/roles/lmn_vm/files/lmn-mounthome
+++ /dev/null
@@ -1,3 +0,0 @@
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
\ No newline at end of file
diff --git a/roles/lmn_vm/files/lmn-startvirtiofsd b/roles/lmn_vm/files/lmn-startvirtiofsd
deleted file mode 100644
index a56b156..0000000
--- a/roles/lmn_vm/files/lmn-startvirtiofsd
+++ /dev/null
@@ -1,3 +0,0 @@
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
diff --git a/roles/lmn_vm/files/lmn-sync-vm b/roles/lmn_vm/files/lmn-sync-vm
deleted file mode 100644
index 1947e30..0000000
--- a/roles/lmn_vm/files/lmn-sync-vm
+++ /dev/null
@@ -1,3 +0,0 @@
-%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
-%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
-%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
diff --git a/roles/lmn_vm/files/lmn-upload-vm b/roles/lmn_vm/files/lmn-upload-vm
deleted file mode 100644
index 599e9d8..0000000
--- a/roles/lmn_vm/files/lmn-upload-vm
+++ /dev/null
@@ -1 +0,0 @@
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/upload-vm.sh
diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm
new file mode 100644
index 0000000..1297be9
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-vm
@@ -0,0 +1,17 @@
+# vm-sync: Download and synchronize VM-Images and xml-Files
+%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
+%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
+%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
+
+# vm-aria2: Start/Stop aria2 as systemd-service for VM-Images
+lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
+
+# vm-link-images: Link VM-Images to User-tmp-directory
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
+
+# start-virtiofsd: Start Virtiofsd as systemd-service
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
diff --git a/roles/lmn_vm/files/upload-vm.sh b/roles/lmn_vm/files/upload-vm.sh
deleted file mode 100755
index 7a05074..0000000
--- a/roles/lmn_vm/files/upload-vm.sh
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/usr/bin/bash
-# Push VM-Disk-Image on server
-set -eu
-
-show_help() {
-    cat << EOF >&2
-Usage: $(basename "$0") vmname"
-Create torrent and upload disk, torrent and xml-VM-Definiton on server.
-EOF
-}
-
-VM_DIR="/tmp/${SUDO_UID}/vm"
-
-upload_image() {
-    # check if VM-Diskimage exists
-    if [[ ! (-f "/lmn/vm/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
-        echo "File not found ${VM_NAME}.qcow2" >&2
-        exit 1
-    fi
-    # check if VM-Machine-Definition XML exists
-    if [[ ! (-f "/lmn/vm/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
-        echo "File not found ${VM_NAME}.xml" >&2
-        exit 1
-    fi
-    sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2" || echo "VMImage-torrent not running"
-    # link private VM-Diskimage to system-Dir
-    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
-          &&   ( -f "/lmn/vm/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/lmn/vm/${VM_NAME}.qcow2") \
-          || ! -f "/lmn/vm/${VM_NAME}.qcow2") ]]; then
-      echo "copy private VM-Diskimage to system-dir"
-      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
-      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/lmn/vm/${VM_NAME}.qcow2"
-    fi
-    # copy private VM-Maschine-Definition XML to system-Dir
-    if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
-          &&   ( -f "/lmn/vm/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/${VM_NAME}.xml") \
-          || ! -f "/lmn/vm/${VM_NAME}.xml") ]]; then
-      echo "copy private VM-Maschine-Definition XML to system-dir"
-      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
-      cp -a "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/"
-    fi
-    cd /lmn/vm
-    # (re-) create torrent file
-    sudo -u lmnsynci /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
-    # create size-information-file
-    stat -c%s "${VM_NAME}.qcow2" > "${VM_NAME}.qcow2.size"
-    chown lmnsynci:lmnsynci "${VM_NAME}.qcow2.size"
-    # Upload Torrent, qcow2 and machine-definition-XML
-    [[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
-	  "/lmn/vm/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2.size" \
-	  rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2" \
-	  rsync://vmuser@server:/vmimages-upload/
-    rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.xml" \
-	  rsync://vmuser@server:/vmimages-upload/
-}
-
-# if less than one arguments supplied, display usage
-if [[  $# -ne 1 ]] ; then
-    show_help
-    exit 1
-fi
-
-VM_NAME=$1
-
-upload_image
diff --git a/roles/lmn_vm/files/uploadseed b/roles/lmn_vm/files/uploadseed
new file mode 100755
index 0000000..eb64945
--- /dev/null
+++ b/roles/lmn_vm/files/uploadseed
@@ -0,0 +1,83 @@
+#!/usr/bin/python3
+
+import os, sys
+import subprocess
+import xmlrpc.client as xc
+import ssl
+import argparse
+
+parser = argparse.ArgumentParser(description='Upload a file to the bittorrent seeder.')
+parser.add_argument('--rpc-server', required=True,
+                    help='the RPC server IPaddress:port')
+parser.add_argument('--rpc-secret', required=True,
+                    help='the RPC secret')
+parser.add_argument('--dht-port', required=True,
+                    help='the DHT port the RPC server is listening on')
+parser.add_argument('--no-cert', action='store_true',
+                    help='do not use SSL certificate')
+parser.add_argument('--cert', help='the certificate to use for verification')
+parser.add_argument('file', help='the file to upload')
+
+args = parser.parse_args()
+
+rpcseeder = 'https://' + args.rpc_server + '/rpc'
+secret = 'token:' + args.rpc_secret
+dhtentry = args.rpc_server.split(':')[0] + ':' + args.dht_port
+file2send = args.file
+torrent = '/tmp/' + os.path.basename(file2send) + '.torrent'
+
+ssl_ctx = ssl.create_default_context()
+if args.no_cert:
+    ssl_ctx.check_hostname = False
+    ssl_ctx.verify_mode = ssl.CERT_NONE
+    print("Certificate verification disabled.")
+elif args.cert is not None:
+    ssl_ctx.load_verify_locations(args.cert)
+
+s = xc.ServerProxy(rpcseeder, context = ssl_ctx)
+
+def make_torrent():
+    if os.path.isfile(torrent):
+        print("Torrent file", torrent, "exists already, please (re)move it.")
+        sys.exit(1)
+
+    subprocess.run(["/usr/bin/mktorrent", "-l 24", "-v", "-o", torrent, file2send], check=True)
+    h = subprocess.check_output(["/usr/bin/aria2c", "-S ", torrent])
+    for line in h.decode().splitlines():
+        if "Info Hash" in line:
+            return line.split(': ')[1]
+
+def check_seeds(bthash):
+    active_seeds = s.aria2.tellActive(secret)
+    for seed in active_seeds:
+        f = seed['bittorrent']['info']['name']
+        gid = seed['gid']
+        ihash = seed['infoHash']
+        if f == os.path.basename(file2send):
+            print(file2send, "is already seeded with GID:", gid)
+            print("Info Hash is:", ihash)
+            if bthash == ihash:
+                print("The torrent file has not changed, exiting.")
+                return False
+            else:
+                print("The torrent file has changed, replacing torrent.")
+                s.aria2.remove(secret, gid)
+                return True
+    print("="*19, " Uploading new torrent with aria2 now. ", "="*19)
+    return True
+
+def upload_torrent():
+    s.aria2.addTorrent(secret, xc.Binary(open(torrent, mode='rb').read()))
+    subprocess.run(["/usr/bin/aria2c",
+                    "--dht-entry-point=" + dhtentry,
+                    "--check-integrity",
+                    "--dir=" + os.path.dirname(file2send),
+                    torrent])
+
+############################
+
+if __name__ == '__main__':
+    infoHash = make_torrent()
+    if check_seeds(infoHash):
+        upload_torrent()
+        print("Upload finished.")
diff --git a/roles/lmn_vm/files/vm-aria2 b/roles/lmn_vm/files/vm-aria2
new file mode 100755
index 0000000..39b3ae6
--- /dev/null
+++ b/roles/lmn_vm/files/vm-aria2
@@ -0,0 +1,30 @@
+#!/usr/bin/bash
+
+set -eu
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 2 ]]; then
+    echo "This script takes as input the name of the VM " >&2
+    echo "Usage: $0 [start|stop] vm_name" >&2
+    exit 1
+fi
+
+COMMAND="$1"
+VM_NAME="$2"
+
+source /etc/lmn/vm.conf
+
+if [[ "${COMMAND}" = "start" ]]; then
+   systemd-run --unit=aria2-"${VM_NAME}" \
+                --slice=system-aria2 \
+                --uid="$(id -u lmnsynci)" \
+                --gid="$(id -g lmnsynci)" \
+                --nice=19 \
+                --working-directory="${VM_SYSDIR}" \
+                --collect \
+                --property=Type=exec \
+                --property=SuccessExitStatus=1 \
+                aria2c --bt-hash-check-seed=true --check-integrity=true --seed-ratio=0.0 --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
+elif [[ "${COMMAND}" = "stop" ]]; then
+    systemctl stop "aria2-${VM_NAME}.service" || echo "Aria2-Service not running"
+fi
diff --git a/roles/lmn_vm/files/create-vm.sh b/roles/lmn_vm/files/vm-create
similarity index 69%
rename from roles/lmn_vm/files/create-vm.sh
rename to roles/lmn_vm/files/vm-create
index bd1669f..5c5548f 100755
--- a/roles/lmn_vm/files/create-vm.sh
+++ b/roles/lmn_vm/files/vm-create
@@ -2,6 +2,20 @@
 # create 1st level-Clones
 
 set -eu
+
+source /etc/lmn/vm.conf
+
+while getopts ':p' OPTION; do
+  case "$OPTION" in
+    p)
+      PERSISTENT=1
+      VM_DIR="${VM_DIR_PERSISTENT}"
+      ;;
+  esac
+done
+
+shift "$((OPTIND -1))"
+
 # if less than two arguments supplied, display usage
 if [[  $# -ne 2 ]]; then
     echo "This script takes as input the name of the VM to clone" >&2
@@ -11,16 +25,19 @@ fi
 
 VM_NAME=$1
 VM_CLONE=$2
-VM_DIR="/tmp/${UID}/vm"
 
 # Create User-VM-Dir and link system VM-Images
 [[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
-sudo /usr/local/bin/link-images.sh
+if [[ "${PERSISTENT}" -eq 1 ]]; then
+    sudo /usr/local/bin/vm-link-images -p
+else
+    sudo /usr/local/bin/vm-link-images
+fi
 
 # change to image-directory
 cd "${VM_DIR}"
 
-if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "/lmn/vm/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
+if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "${VM_SYSDIR}/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
     echo "xml or qcow2 File does not exists." >&2
     exit 1
 fi
@@ -32,8 +49,8 @@ chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
 # copy machine-definition-file
 if [[ -f "${VM_NAME}.xml" ]]; then
   cp "${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
-elif [[ -f "/lmn/vm/${VM_NAME}.xml" ]]; then
-  cp "/lmn/vm/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
+elif [[ -f "${VM_SYSDIR}/${VM_NAME}.xml" ]]; then
+  cp "${VM_SYSDIR}/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
 else
   echo "no machine definition file found" >&2
   exit 1
diff --git a/roles/lmn_vm/files/link-images.sh b/roles/lmn_vm/files/vm-link-images
similarity index 57%
rename from roles/lmn_vm/files/link-images.sh
rename to roles/lmn_vm/files/vm-link-images
index c9dd084..a3a06df 100755
--- a/roles/lmn_vm/files/link-images.sh
+++ b/roles/lmn_vm/files/vm-link-images
@@ -1,12 +1,22 @@
 #!/usr/bin/bash
-# link VM in Use-Dir in /tmp
+# link VM in User-Dir in /tmp or /var/vm
 
 set -eu
 
-# change to image-directory
-cd /lmn/vm
+source /etc/lmn/vm.conf
 
-VM_DIR="/tmp/${SUDO_UID}/vm"
+# change to image-directory
+cd "${VM_SYSDIR}"
+
+while getopts ':p' OPTION; do
+    case "$OPTION" in
+        p)
+            VM_DIR="${VM_DIR_PERSISTENT}"
+            ;;
+    esac
+done
+
+shift "$((OPTIND -1))"
 
 # link system-VM-Images to User VM Directory
 for i in *.qcow2; do
diff --git a/roles/lmn_vm/files/rebase-vm.sh b/roles/lmn_vm/files/vm-rebase
similarity index 89%
rename from roles/lmn_vm/files/rebase-vm.sh
rename to roles/lmn_vm/files/vm-rebase
index d97a778..cc6292e 100755
--- a/roles/lmn_vm/files/rebase-vm.sh
+++ b/roles/lmn_vm/files/vm-rebase
@@ -10,11 +10,16 @@ This script takes as input the name of the VM to rebase one level down
 EOF
 }
 
-while getopts ':n:' OPTION; do
+source /etc/lmn/vm.conf
+
+while getopts ':n:p' OPTION; do
   case "$OPTION" in
     n)
       NEWNAME=$OPTARG
       ;;
+    p)
+      VM_DIR="${VM_DIR_PERSISTENT}"
+      ;;
     ?)
       show_help
       exit 1
@@ -31,7 +36,6 @@ if [[  $# -ne 1 ]]; then
 fi
 
 # change to Images directory
-VM_DIR="/tmp/${UID}/vm"
 cd "${VM_DIR}"
 
 VM_NAME="$1"
@@ -70,8 +74,8 @@ if [[ -v NEWNAME ]]; then
     CURRENTNAME="${CURRENTBASE/.qcow2/}"
     if [[ -f "${CURRENTNAME}.xml" ]]; then
       cp "${CURRENTNAME}.xml" "${NEWNAME}.xml"
-    elif [[ -f "/lmn/vm/${CURRENTNAME}.xml" ]]; then
-      cp "/lmn/vm/${CURRENTNAME}.xml" "${NEWNAME}.xml"
+    elif [[ -f "${VM_SYSDIR}/${CURRENTNAME}.xml" ]]; then
+      cp "${VM_SYSDIR}/${CURRENTNAME}.xml" "${NEWNAME}.xml"
     else
       echo "no machine definition file found" >&2
       exit 1
diff --git a/roles/lmn_vm/files/run-vm.sh b/roles/lmn_vm/files/vm-run
similarity index 71%
rename from roles/lmn_vm/files/run-vm.sh
rename to roles/lmn_vm/files/vm-run
index 1f8a714..c5cbad4 100755
--- a/roles/lmn_vm/files/run-vm.sh
+++ b/roles/lmn_vm/files/vm-run
@@ -8,8 +8,8 @@ show_help() {
 Usage: $(basename "$0") [-n] vmname"
 Create a new clone, start the vm (if not yet running) and run virt-viewer.
 Squid-Proxy will be started too.
-### remove, old ### User Home will be mounted on /media/USERNAME/home
     -n   new clone will be created, even if exists
+    -p   new clone will be created persistent, so available after reboot too
     -s   qemu:///system instead of default qemu:///session
 EOF
 }
@@ -23,31 +23,34 @@ exit_script() {
 
 check_images() {
    # sync vm-torrents and machine definition file
-   sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
+   sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.xml" "${VM_NAME}.qcow2.torrent"
+   [[ -f "${VM_NAME}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
 
    BACKINGARRAY=()
-   imgfile="/lmn/vm/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
+   imgfile="${VM_SYSDIR}/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
    BACKINGARRAY+=("${imgfile}")
    echo "Imgfile=$imgfile"
    if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
-       if [[ ! -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
+       if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
            echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
            exit 1
        fi
        # sync vm-disk image by torrent
        echo "Try to sync VM ${VM_NAME} by torrent"
-       sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${VM_NAME}"
+       sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${VM_NAME}"
    fi
 
    backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
-   while [[ ! -z "${backingfile}" ]]; do
+   while [[ -n "${backingfile}" ]]; do
        echo "Backingfile required: ${backingfile}"
-       imgfile="/lmn/vm/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
+       imgfile="${VM_SYSDIR}/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
        BACKINGARRAY+=("${imgfile}")
        if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
            # sync vm-disk image by torrent
            echo "Try to sync backingfile ${backingfile} by torrent"
-           sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${backingfile%.qcow2}"
+           sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${backingfile}.torrent"
+           [[ -f "${backingfile}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${backingfile}"
+           sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${backingfile%.qcow2}"
        fi
        backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
    done
@@ -62,27 +65,29 @@ check_images() {
        if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
            echo "check failed!"
            echo "sync ${BACKINGARRAY[$i]} again"
-           sudo -u lmnsynci /usr/local/bin/sync-vm.sh $(basename "${BACKINGARRAY[$i]}" .qcow2)
+           sudo -u lmnsynci /usr/local/bin/vm-sync get_image "$(basename "${BACKINGARRAY[$i]}" .qcow2)"
        fi
    done
 
    echo "VM-Image and required backingfiles available and checked"
 }
 
-create-clone() {
+create_clone() {
     local VM_NAME="$1"
-    local VM_DIR="/tmp/${UID}/vm"
     local VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
-    local VM_SYSDIR="/lmn/vm"
 
-    if ! [[ -f "$VM_SYSDIR/${VM_NAME}.xml" && -f "$VM_SYSDIR/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
+    if ! [[ -f "${VM_SYSDIR}/${VM_NAME}.xml" && -f "${VM_SYSDIR}/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
 	echo "xml or qcow2 File does not exists." >&2
 	exit 1
     fi
 
     # Create User-VM-Dir and link system VM-Images
     [[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
-    sudo /usr/local/bin/link-images.sh
+    if [[ "${PERSISTENT}" -eq 1 ]]; then
+        sudo /usr/local/bin/vm-link-images -p
+    else
+        sudo /usr/local/bin/vm-link-images
+    fi
 
     # Create backing file
     cd "${VM_DIR}"
@@ -107,9 +112,16 @@ create-clone() {
 QEMU='qemu:///session'
 
 NEWCLONE=0
+PERSISTENT=0
 
-while getopts ':ns' OPTION; do
+source /etc/lmn/vm.conf
+
+while getopts ':pns' OPTION; do
     case "$OPTION" in
+        p)
+            PERSISTENT=1
+            VM_DIR="${VM_DIR_PERSISTENT}"
+            ;;
         n)
             NEWCLONE=1
             ;;
@@ -132,7 +144,6 @@ if [[  $# -ne 1 ]] ; then
 fi
 
 VM_NAME=$1
-VM_DIR="/tmp/${UID}/vm"
 
 # check, if we have to start squid
 if ! killall -s 0 squid; then
@@ -147,14 +158,14 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     echo "VM not yet running."
     check_images
     if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
-        create-clone "${VM_NAME}"
+        create_clone "${VM_NAME}"
     fi
     # delete the old vm
     virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
     # finally, create the new vm
     virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
     #trap exit_script SIGHUP SIGINT SIGTERM
-    [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
+    [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/vm-virtiofsd "${VM_NAME}"
     virsh --connect="${QEMU}" start "${VM_NAME}-clone"
 fi
 echo "starting viewer"
diff --git a/roles/lmn_vm/files/vm-sync b/roles/lmn_vm/files/vm-sync
new file mode 100755
index 0000000..5e2c6a8
--- /dev/null
+++ b/roles/lmn_vm/files/vm-sync
@@ -0,0 +1,131 @@
+#!/usr/bin/bash
+# Push/Pull VM-Disk-Image and Infos from server
+set -eu
+
+show_help() {
+    cat << EOF >&2
+Usage: $(basename "$0") command [args]"
+command:
+  push_file
+  get_file
+  get_image
+  delete_outdated_image
+EOF
+}
+
+get_torrent() {
+    if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
+      echo "No torrent-File found"
+      exit 1
+    fi
+    lockfile="/tmp/sync-vm-${VM_NAME}.lock"
+    if ! flock -n "$lockfile" echo "try to acquire lock"; then
+      echo torrent seems to be in process.
+      echo waiting for completion ...
+      flock -w 3600 "$lockfile" echo "...completed"
+      sleep 5
+    else
+      (
+        if ! flock -n 200; then
+	  echo "failed to acquire lock"
+	  echo "Bitte noch einmal starten."
+          echo "Beliebige Taste zum Beenden."
+	  read -n 1
+	  exit 1
+        fi
+	# stop aria2-seeding if running
+        sudo vm-aria2 stop "${VM_NAME}"
+        cd "${VM_SYSDIR}"
+	# get image
+	aria2c --seed-time=0 --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
+	# and seed
+        sudo vm-aria2 start "${VM_NAME}"
+        if ! flock -u 200; then
+	  echo failed to drop lock
+	  exit 1
+	fi
+      ) 200>"$lockfile"
+    fi
+}
+
+
+get_image_size() {
+    torrentfile=$1
+    length=$(aria2c -S "${torrentfile}"  | grep "Total Length" | grep "Total Length"  | sed -E 's/.*\(([0-9,]*)\)/\1/' | sed s/,//g)
+    echo "$length"
+}
+
+delete_outdated_image() {
+    cd "${VM_SYSDIR}"
+    qcowsize=$(stat -c%s "${FILENAME}")
+    if [[ -f "${FILENAME}.torrent" ]] && [[ "${qcowsize}" != $(get_image_size "${FILENAME}.torrent") ]]; then
+      sudo vm-aria2 stop "${FILENAME%.qcow2}"
+      rm -f "${FILENAME}"
+    fi
+}
+
+get_file() {
+   cd "${VM_SYSDIR}"
+   wget --no-proxy -O "${FILENAME}" "http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
+}
+
+push_file() {
+   cd "${VM_SYSDIR}"
+   uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${FILENAME}"
+}
+
+if [[ "$(id -nu)" != "lmnsynci" ]]; then
+    echo "$(basename "$0") must be run as lmnsynci user"
+    show_help
+    exit 1
+fi
+
+source /etc/lmn/vm.conf
+
+while getopts ':' OPTION; do
+    case "$OPTION" in
+        ?)
+            show_help
+            exit 1
+            ;;
+    esac
+done
+
+shift "$((OPTIND -1))"
+
+# if less than one arguments supplied, display usage
+if [[  $# -lt 1 ]]; then
+    show_help
+    exit 1
+fi
+
+command=$1
+shift
+
+case "$command" in
+   push_file)
+      for FILENAME in "$@"; do
+	 push_file
+      done 
+      ;;
+   get_file)
+      for FILENAME in "$@"; do
+	 get_file
+      done 
+      ;;
+   get_image)
+      for VM_NAME in "$@"; do
+	 get_torrent
+      done 
+      ;;
+   delete_outdated_image)
+      for FILENAME in "$@"; do
+         delete_outdated_image
+      done 
+      ;;
+   *)
+      show_help
+      exit 1
+      ;;
+esac
+
diff --git a/roles/lmn_vm/files/vm-upload b/roles/lmn_vm/files/vm-upload
new file mode 100755
index 0000000..e3d62ee
--- /dev/null
+++ b/roles/lmn_vm/files/vm-upload
@@ -0,0 +1,70 @@
+#!/usr/bin/bash
+# Push VM-Disk-Image on server
+set -eu
+
+show_help() {
+    cat << EOF >&2
+Usage: $(basename "$0") vmname"
+Create torrent and upload disk and xml-VM-Definiton on server.
+EOF
+}
+
+
+upload_image() {
+    # check if VM-Diskimage exists
+    if [[ ! (-f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
+        echo "File not found ${VM_NAME}.qcow2" >&2
+        exit 1
+    fi
+    # check if VM-Machine-Definition XML exists
+    if [[ ! (-f "${VM_SYSDIR}/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
+        echo "File not found ${VM_NAME}.xml" >&2
+        exit 1
+    fi
+    sudo vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
+    # link private VM-Diskimage to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
+          &&   ( -f "${VM_SYSDIR}/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "${VM_SYSDIR}/${VM_NAME}.qcow2") \
+          || ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2") ]]; then
+      echo "copy private VM-Diskimage to system-dir"
+      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
+      ln -f "${VM_DIR}/${VM_NAME}.qcow2" "${VM_SYSDIR}/${VM_NAME}.qcow2"
+    fi
+    # copy private VM-Maschine-Definition XML to system-Dir
+    if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
+          &&   ( -f "${VM_SYSDIR}/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "${VM_SYSDIR}/${VM_NAME}.xml") \
+          || ! -f "${VM_SYSDIR}/${VM_NAME}.xml") ]]; then
+      echo "copy private VM-Maschine-Definition XML to system-dir"
+      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
+      cp -a "${VM_DIR}/${VM_NAME}.xml" "${VM_SYSDIR}"
+    fi
+    cd "${VM_SYSDIR}"
+    uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${VM_NAME}.qcow2"
+    uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${VM_NAME}.xml"
+}
+
+source /etc/lmn/vm.conf
+
+while getopts ':p' OPTION; do
+    case "$OPTION" in
+        p)
+            VM_DIR="${VM_DIR_PERSISTENT}"
+            ;;
+        ?)
+            show_help
+            exit 1
+            ;;
+    esac
+done
+
+shift "$((OPTIND -1))"
+
+# if less than one arguments supplied, display usage
+if [[  $# -ne 1 ]] ; then
+    show_help
+    exit 1
+fi
+
+VM_NAME=$1
+
+upload_image
diff --git a/roles/lmn_vm/files/start-virtiofsd.sh b/roles/lmn_vm/files/vm-virtiofsd
similarity index 100%
rename from roles/lmn_vm/files/start-virtiofsd.sh
rename to roles/lmn_vm/files/vm-virtiofsd
diff --git a/roles/lmn_vm/files/vm.conf b/roles/lmn_vm/files/vm.conf
new file mode 100644
index 0000000..b10aa9f
--- /dev/null
+++ b/roles/lmn_vm/files/vm.conf
@@ -0,0 +1,14 @@
+# variables for LMN VM submodule
+
+SEEDBOX_HOST=seedbox.pn.steinbeis.schule
+SEEDBOX_PORT=6789
+SEEDBOX_RPC_PORT=6800
+
+VM_SYSDIR="/lmn/vm"
+if [[ -v SUDO_UID ]]; then
+  VM_DIR="/tmp/${SUDO_UID}/vm"
+  VM_DIR_PERSISTENT="/var/vm/${SUDO_UID}"
+else
+  VM_DIR="/tmp/${UID}/vm"
+  VM_DIR_PERSISTENT="/var/vm/${UID}"
+fi
diff --git a/roles/lmn_vm/files/vmimage-torrent b/roles/lmn_vm/files/vmimage-torrent
deleted file mode 100755
index 4ec8bd6..0000000
--- a/roles/lmn_vm/files/vmimage-torrent
+++ /dev/null
@@ -1,213 +0,0 @@
-#!/bin/bash
-#
-# starts tmux sessions for each valid torrent in LINBODIR
-# thomas@linuxmuster.net
-# 20221103
-#
-
-# read environment
-#. /usr/share/linuxmuster/defaults.sh || exit 1
-#THELPER=$LINBOSHAREDIR/linbo-torrenthelper.sh
-THELPER=linbo-torrenthelper.sh
-#. $LINBOSHAREDIR/helperfunctions.sh || exit 1
-LINBOIMGEXT="qcow2 qdiff"
-LINBOIMGDIR="/lmn/vm"
-serverip="10.190.1.1"
-
-# start of functions
-
-# help message
-usage(){
-  echo
-  echo "Info: vmimage-torrent manages the torrent tmux sessions of linbo images."
-  echo
-  echo "Usage:"
-  echo " vmimage-torrent <start|stop|restart|reload|status|create|check> [image_name]"
-  echo " vmimage-torrent attach <image_name|session_name>"
-  echo
-  echo "Note:"
-  echo " * Only qcow2 & qdiff image files located below $LINBOIMGDIR are processed."
-  echo " * The commands \"start\", \"stop\" and \"restart\" may have optionally an image"
-  echo "   filename as parameter. In this case the commands are only applied to the tmux"
-  echo "   session of the certain file. Without an explicit image filename the commands"
-  echo "   were applied to all image file sessions currently running."
-  echo " * An image filename parameter is mandatory with the commands \"check\", \"create\""
-  echo "   and \"attach\"."
-  echo " * \"check\" checks if the image file matches to the correspondig torrent."
-  echo " * \"create\" creates/recreates the torrent of a certain image file."
-  echo " * \"status\" shows a list of currently running torrent tmux sessions."
-  echo " * \"attach\" attaches a torrent tmux session of a certain image. An image or"
-  echo "   session name must be given as parameter."
-  echo "   Press [CTRL+B]+[D] to detach the session again."
-  echo " * \"reload\" is the identical to \"restart\" and is there for backwards compatibility."
-  echo
-  exit 1
-}
-
-# check torrent
-check(){
-  local image="$(basename "$IMGLIST")"
-  local torrent="$image.torrent"
-  local tdir="$(dirname "$IMGLIST")"
-  cd "$tdir"
-  echo "Checking $torrent ..."
-  if ctorrent -c "$torrent"; then
-    echo "Ok!"
-  else
-    echo "Failed!"
-    exit 1
-  fi
-}
-
-# creates torrent files
-create(){
-  local image="$(basename "$IMGLIST")"
-  local tdir="$(dirname "$IMGLIST")"
-  local torrent="${image}.torrent"
-  local session="${torrent//./_}"
-  # stop torrent service
-  vmimage-torrent status | grep -q ^"$session" && vmimage-torrent stop "$IMGLIST"
-  # skip already running torrents
-  echo "Creating $torrent ..."
-  cd "$tdir"
-  rm -f "$torrent"
-  if ctorrent -t -u "http://$serverip:6969/announce" -s "$torrent" "$image" ; then
-    [ "$START" = "no" ] || vmimage-torrent start "$IMGLIST"
-  else
-    echo "Failed!"
-    exit 1
-  fi
-}
-
-# starts torrent tmux sessions
-start(){
-  local item
-  local torrent
-  local image
-  local tdir
-  local session
-  for item in $IMGLIST; do
-    image="$(basename "$item")"
-    torrent="${image}.torrent"
-    tdir="$(dirname "$item")"
-    session="${torrent//./_}"
-    cd "$tdir"
-    if [ ! -s "$image" ]; then
-      echo "Image $image does not exist! Skipping this torrent."
-      continue
-    fi
-    # skip already running torrents
-    if vmimage-torrent status | grep -qw ^"$session"; then
-      echo "tmux session $session is already running."
-      continue
-    fi
-    # create torrent file if there is none
-    if [ ! -e "$torrent" ]; then
-      START="no" vmimage-torrent create "$item" || continue
-    fi
-    echo -n "Starting tmux session $session ... "
-    tmux new -ds "$session" "$THELPER $torrent ; exec $SHELL"
-    sleep 1
-    if vmimage-torrent status | grep -qw ^"$session"; then
-      echo "Ok!"
-    else
-      echo "Failed!"
-    fi
-  done
-}
-
-stop(){
-  if [ -n "$SESSION" ]; then
-    vmimage-torrent status | grep -qw ^"$SESSION" || return
-    tmux kill-session -t "$SESSION"
-  else
-    local item
-    vmimage-torrent status | awk -F\: '{print $1}' | while read item; do
-      tmux kill-session -t "$item"
-    done
-  fi
-}
-
-attach(){
-  if ! tmux list-sessions | grep -qw "$SESSION"; then
-    echo "There is no session $SESSION."
-    exit 1
-  fi
-  echo "Hint: Detach tmux session with [CTRL+B]+[D]."
-  sleep 3
-  tmux attach -t "$SESSION"
-}
-
-status(){
-  tmux list-sessions | grep _torrent
-}
-
-find_images(){
-  local search="$(basename "$1")"
-  if [ -n "$search" ]; then
-    find "$LINBOIMGDIR" -maxdepth 2 -name "$search"
-    return
-  fi
-  local IMGLIST
-  for search in $LINBOIMGEXT; do
-    IMGLIST="$IMGLIST $(find "$LINBOIMGDIR" -maxdepth 2 -name \*.$search)"
-  done
-  # trim leading and trailing spaces
-  echo $IMGLIST | awk '{$1=$1};1'
-}
-
-# end of functions
-
-# check parameters
-if [ -n "$2" ] ; then
-  # trap torrent parameter
-  image="${2/.torrent/}"
-  case "$image" in
-    *.qcow2|*.qdiff)
-      if [ -e "$image" ]; then
-        IMGLIST="$image"
-      else
-        IMGLIST="$(find_images "$image")"
-      fi
-      if [ ! -e "$IMGLIST" ]; then
-        echo "Image file $(basename $image) not found."
-        usage
-      fi
-      filename="$(basename "$IMGLIST")"
-      SESSION="${filename//./_}_torrent"
-      ;;
-    *_torrent)
-      if [ "$1" = "attach" ]; then
-        SESSION="$image"
-      else
-        usage
-      fi
-      ;;
-    *) usage ;;
-  esac
-else
-  case "$1" in
-    stop|status) ;;
-    attach|check|create) usage ;;
-    *)
-      IMGLIST="$(find_images)"
-      if [ -z "$IMGLIST" ]; then
-        echo "No linbo images found."
-        exit 0
-      fi
-      ;;
-  esac
-fi
-
-case "$1" in
-  start) start ;;
-  stop) stop ;;
-  restart|reload) stop ; start ;;
-  status) status ;;
-  create) create ;;
-  check) check ;;
-  attach) attach ;;
-  *) usage ;;
-esac
-
-exit 0
diff --git a/roles/lmn_vm/files/vmimage-torrent.service b/roles/lmn_vm/files/vmimage-torrent.service
deleted file mode 100644
index 576e6e1..0000000
--- a/roles/lmn_vm/files/vmimage-torrent.service
+++ /dev/null
@@ -1,15 +0,0 @@
-[Unit]
-Description=VM-image torrent service
-After=network.target
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-User=lmnsynci
-Group=lmnsynci
-ExecStart=/usr/local/bin/vmimage-torrent start
-ExecStop=/usr/local/bin/vmimage-torrent stop
-ExecReload=/usr/local/bin/vmimage-torrent reload
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 46f0c20..f6c34ff 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -13,7 +13,8 @@
 - name: install libvirt packages
   apt:
     name:
-      - ctorrent
+      - aria2
+      - mktorrent
       - libvirt-daemon-system
       - virt-manager
     state: latest
@@ -80,6 +81,11 @@
     system: true
     create_home: false
 
+- name: Create /etc/lmn directory
+  file:
+    path: /etc/lmn
+    state: directory
+
 - name: Create /lmn directory
   file:
     path: /lmn
@@ -91,6 +97,12 @@
     state: directory
     mode: '1777'
 
+- name: Create /var/vm directory
+  file:
+    path: /var/vm
+    state: directory
+    mode: '1777'
+
 - name: Create vm directory
   file:
     path: /lmn/vm
@@ -127,10 +139,7 @@
     mode: '0700'
   loop:
     - lmn-mounthome
-    - lmn-sync-vm
-    - lmn-upload-vm
-    - lmn-link-images
-    - lmn-startvirtiofsd
+    - lmn-vm
 
 - name: Deploy vmimages scripts
   copy:
@@ -141,33 +150,24 @@
     mode: '0755'
   loop:
     - mounthome.sh
-    - create-vm.sh
-    - rebase-vm.sh
-    - run-vm.sh
-    - upload-vm.sh
     - sync-vm.sh
-    - link-images.sh
-    - start-virtiofsd.sh
-    - linbo-torrenthelper.sh
-    - vmimage-torrent
+    - vm-create
+    - vm-rebase
+    - vm-run
+    - vm-upload
+    - vm-sync
+    - vm-link-images
+    - vm-virtiofsd
     - virtiofsd
+    - vm-aria2
+    - uploadseed
 
-- name: Deploy linbo-torrent defaults
+- name: Deploy vm configuration file vm.conf
   copy:
-    src: linbo-torrent
-    dest: /etc/default/
+    src: vm.conf
+    dest: /etc/lmn/vm.conf
     owner: root
     group: root
-    mode: '0755'
-
-- name: Deploy vmimage-torrent.service
-  copy:
-    src: vmimage-torrent.service
-    dest: /etc/systemd/system/
-    owner: root
-    group: root
-    mode: '0644'
-  notify: "enable vmimage-torrent.service"
 
 - name: Prepare directory for qemu bridge config
   ansible.builtin.file:

From 330e688fe8fca0a5cfc5c60ea3a877e936110cd0 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 19 Jan 2024 22:08:12 +0100
Subject: [PATCH 451/504] sudo privileges for mounthome.sh and sync-vm.sh

---
 roles/lmn_vm/files/lmn-vm | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm
index 1297be9..50f8db7 100644
--- a/roles/lmn_vm/files/lmn-vm
+++ b/roles/lmn_vm/files/lmn-vm
@@ -15,3 +15,13 @@ lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
 %examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
 %role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
 %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
+
+# mounthome.sh: Mount old novell home directories
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+
+# sync-vm.sh: sync desktop-starterfiles from server
+%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
+%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
+%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh

From 917b45aadc02bc9be73ffc6c605002468d2dff03 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <rdannecker@gmail.com>
Date: Fri, 19 Jan 2024 22:15:04 +0100
Subject: [PATCH 452/504] move sudo-config for mounthome back to separate file

---
 roles/lmn_vm/files/lmn-mounthome | 3 +++
 roles/lmn_vm/files/lmn-vm        | 5 -----
 2 files changed, 3 insertions(+), 5 deletions(-)
 create mode 100644 roles/lmn_vm/files/lmn-mounthome

diff --git a/roles/lmn_vm/files/lmn-mounthome b/roles/lmn_vm/files/lmn-mounthome
new file mode 100644
index 0000000..062c4f7
--- /dev/null
+++ b/roles/lmn_vm/files/lmn-mounthome
@@ -0,0 +1,3 @@
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm
index 50f8db7..74736bd 100644
--- a/roles/lmn_vm/files/lmn-vm
+++ b/roles/lmn_vm/files/lmn-vm
@@ -16,11 +16,6 @@ lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
 %role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
 %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
 
-# mounthome.sh: Mount old novell home directories
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
-
 # sync-vm.sh: sync desktop-starterfiles from server
 %role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
 %role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh

From 57ec856f499f7fb0183fbabee47d06e6a82d8967 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 19 Jan 2024 21:43:32 +0100
Subject: [PATCH 453/504] Avoid exposing passwords in the process list, use a
 password file.

---
 lmn-client.yml                |   1 +
 lmn-vault                     | 220 +++++++++++++++++-----------------
 roles/lmn_vm/files/uploadseed |  34 ++++--
 roles/lmn_vm/files/vm-sync    |  12 +-
 roles/lmn_vm/files/vm-upload  |   6 +-
 roles/lmn_vm/files/vm.conf    |   3 +-
 roles/lmn_vm/tasks/main.yml   |  11 +-
 7 files changed, 156 insertions(+), 131 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 100a088..41ade4d 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -57,6 +57,7 @@
     ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
     mirror_dvdcss: "{{ vault_mirror_dvdcss }}"   ## http://livebox.example.org/libdvdcss/
 
+    uploadseed_pwd: "{{ vault_uploadseed_pwd }}"
     rsyncsecret: "{{ vault_rsyncsecret }}"
     keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
     localuser: "{{ vault_localuser }}"  ##  needed here for the (universal) pam-mount configuration
diff --git a/lmn-vault b/lmn-vault
index 359df22..9479d19 100644
--- a/lmn-vault
+++ b/lmn-vault
@@ -1,110 +1,112 @@
 $ANSIBLE_VAULT;1.1;AES256
-37663931383332613032386465663865336137383262383139636136653636623834343537316539
-3930303237653661363630656261323537663931646161370a626232346237383930396362646564
-34336337383932663166336166363933316238336632323364623161643136636438336637616530
-3064373439646363620a326433316565333630643238373062343037653038316263383233346533
-34396639656533656664323665653231633537366362616265343436626466393836363439636633
-32656532373038396638393861313832386466643735393737626138373032353362613039336530
-31306131616263333861346434636162303632356536656134346263623863306162643063353039
-32623930356561356333326334613666393639633436363539326436333530326337626538396562
-34353230306637623265623465313064623536343730396661306331313365343731366332613037
-33303534643231653439653962636237333962656631636634353730313535616637343666626364
-63633736393832663932636230356665626538313133333331323334336333353238623561313939
-66653138666335633330386263623937326164346663616131363833383536306162323737313736
-31343162633534366438306538376238333062646266666136376265383236363162313061326531
-62333531353630613639353166323035393038666263623931653631646263323062326434386361
-63646538656134616435663531393132663638383165643037303461643939373839626665663265
-61303961306238343635383231646362626639623232623333366338356361343737656665613431
-34363161626266346438303235363032646235303933383634303034343536626332623761306361
-39616239383161303334313936393632633866623031373265386661353330396432396364373330
-36386264633866316337393765333039373361653338663462663939323839373732393736393361
-32333034663966323665303532313039333438663466366435653136623166366263636434303966
-61303934633939373463373664376230363831383630633639663031303237356166663931386635
-30303461663236326536383439396139316232323162343965353034656464616431643439633837
-30346231643561636263343738613239396361383238636261646262373137383461373432343635
-33386631653139316436313532646630626230613335633538306666386163653439613462343662
-30626130326463393336643039396433643266393266646238353566306633643561386430613161
-30363263616231353661303030356638323438373466633466323833393463663562343933326631
-34313162383433356662346166383761636438636466633462396230383133613038323666643233
-63383138616637363830613661313236336564636162383262373064336365303435313463323564
-39313539656136613564393239343032373038393266656366643639303662646534306665396237
-35393264626430373662376231323165316333353263306637313962663736353633636661663961
-37336134643031323361333538613933666634666363313535636631323366613066633037653939
-32643165393631353534623435613732653364303833356436356263356438363961303665626364
-66363463633665393737616265613439326361353134623537626437303566343962626364623134
-34343165626230383039316134343238653933386134303936346162613261386539353064303330
-36353135323235663165353662643735636361646239333238306163393235663461613938643163
-34373464376163623961646262363437303563386333633764346366343066313065386530633334
-38306138616436653732316638373335353437363162373830623864633139313130386464666233
-31366165373539343766643135363136346430623335333061656664656338386661353366613865
-31323036633662636364343664626165346561323664366263383762343036373338346236353738
-31666361613036663861343937613364323130356565353161373431303732396337343134373538
-34326666346132656234623365643137343864363138666139333032393636333537626336313365
-65343136356261323637303833633132343334303366633063363437316331383434313164616332
-35636430643666626631353164646361303034366461343331376363323535303265353435323764
-63393935353731633364326365316238313031623662323235316237356663303236633838336365
-30323862656562643134363362323335396336666532336338346561623163653861316165633731
-61383736353137643339353638373035373136353161643737353839663833646230633230333962
-33363030333139613338396635396332613738363837356566646661336638613838303764616334
-32653234656265313566316463363235373337623634393764663066613530306166613238653164
-33636339336135666661303338376439636334326634373538326233653566346663376166346239
-33376130633439663130313637653865626464363531663035643466343932323439333638303663
-37346234316233373663303230353631646437616534396639396139616262383238323938666533
-38613061613632333637303731323564343664386365646562363766323734613332323462303266
-38626133643638376663343337393836663265633763326136336436346130316533373131366534
-32386465353938383266343930386362636265363761303431333730373261306564333137326562
-37643362316161643436633066343537336561623033326165623837633464663163326630346531
-38653233336639353938323932383761386230383639666265346536653035313530363665653562
-39333834313736316430666534353134373561343337323330376331323532643137663938306463
-30313162383230333138316339663432633962303161323065613039356464626166643430373465
-38343536343261346232636464316332336664643638653665333535366362303461633665666237
-31333937373762363166663936623034313934353137636266663665623066373239363164633731
-66303066336134343566313030613866313332626338363634336639636239613032343166366331
-64626130613163626230343366643063333766313530383734626161336565633635643639633361
-39663931656632333539383430393465636634663734656662393831316639316138663636373761
-34346363343966626235326338333264313266343334303533393932633032616661643236303537
-32653239393133373331623538313365636538326262373865373533646332663862373530363130
-32663938663266643461356237333139373133613833653333616464663635663131643336363534
-31313131376163633331326434303961353032633862366137326439363838383064323462643964
-30623433326361666136326237653866386534626133363334373838643635613436333035313364
-64393030323230393336373566393966326637363932336133333762626437373163626231336562
-64316538306366343732333031373765303339373436313535636231623739653932363064646461
-35323735393032333433633462313938626666303466356336323031343533346466383631653839
-32306139393039333336633639363034343566646164646334663561373563393434326233353863
-32336437623662396430623261633338623130386631616333373732383239386139326138643761
-33393031396563323566326262363037663439333233373435343039633664643064386665383931
-34653133373334346265656361333036636163386462316636643637313631323965623139313864
-37346161386539636438636533623563646535373731653336313130343365633365663533316233
-33343938333435333865653863363266326334383961396537373561366130316632376135393836
-63363033616164326364613537343037343632383638656237613633633139626363666163646537
-64393665373036396536376466633666653038613166353138636462633934306336396164323831
-32613434623539666439653131393365643738383032303930386135336664636239313031356330
-34643661643762313739386661326238343036633936376439643535383766323731353464616336
-63316438303937333232666339393635653265653066626335393839313131316164383131626637
-64313831306637313135633661333632376235656563323836656335303931663731303366326161
-63386137393835303339643933333130646532393262613635366139326434333731633630393433
-31646231616339363839623833326665333936316538343339663863356362356435666162633534
-39313833363962666139326535636133663332316431323835383035616161363032383766366363
-33653730616164313139623163356234633538356232386332656631643833663239663038643336
-35396563653433376661303961663563663333313132326263366137373263623566626634636332
-63393536303963626364653862333664616236386461323865363333663936363235653064383864
-61363464313434643938366230613139353034333330383435336364623136626565663764633230
-39383064323135336132356663366435333164313435363636353230386365316631393636613262
-37373666303836653664363266303534633037616630656633333466643631313865646462363931
-66353934393637623634326632326334616266393636343662396663373236326333663932333235
-36616439333265396266616364333239306166646335383462353235323661353837616534333433
-32623637326434613738326538323661356566373833393836343036373361393539363462393265
-33316237333532663266306139323464656530363539316364666638386338633137363533313065
-38626538323064656561613431613039323937333738353338323331656362306538613463393661
-36306237646264383338666563656239353439303265623763353839363032326261636238353235
-30353666373633396136336361363164353835646432643938316533613262373462626435646335
-62646134663362366266663565633934616166353363663039653464353330366130623930623237
-61353162376264646132393831376433303433663339336439623430346664353761363061363436
-32616539333066356563646363333133626262366566616133623635323335363936336362333062
-38303239353434306230663465623736313035376165623838346338383238383666313133333366
-62396633386133613538303565663332333730346638656161356637623931333062313462393562
-31336135326533653961393661656162653561653139333161643139363962373138383661303838
-34396461616538396331306331666434396537663534616465376565313837373232366235313830
-66393961346139393763333933326537383161373564656131323837376233393565333937616566
-39643961323236316661353331346164363137323536626665643864393137353964313465323930
-3334
+65646637366132333430346461646331313431363233363736306264633633396665626332623934
+6439363764316132383635626137313764633162636362340a613832323934646431663632396361
+36323539663238363738393131363034333561343233383238396234613434633334323235626637
+6266326166333334650a353637383131313136613635333237616361353732663734613833306538
+35643831653332346634616139363032656433623032383832363837653231306465353766343961
+65313134303434333635306634633731313462396535383662616134653762343732366431373032
+65346564663335633936636662626162636134636339343463376166666333346133616136626665
+66373064303562323564363864366363663336383862336632373436666330373465636135623762
+36656632346664326463646666313663343662363865343166376363313866663536623234383561
+61616637653630316230626337653135396134323636303538346435663639643662646133383363
+39393234333934656166366633356663326162396431383362306339623534646162613339383836
+39666464666163633033653434306365393933383232653364363062356133356239626538633338
+32303030626538373637323533303964643838383331366365326465666530623965613731663261
+33626563386262353531353635356430333633633665393230613561633836653636636639313663
+37373736346234313134313232376164633332386563383863343266626231373237643063663533
+39343939393331653665633335653264376531383364376565646239616231343531336134626531
+38396630363865376161313835376261646637383438323537626433323232353632386439393933
+32306238643436653666333561643764633831343962643165356232663932633763396437383634
+35313763323633643439376333643836613637613339343731636633313064386231613135623832
+32643934376233663865326534313735633535316635393932646263313135373633636333333737
+33386365363830336139323763303734383966616165356462333734333666343830356234616662
+30616434623237653138623538643331373432663137323333376632343065316431313734333965
+64333237396236666664613466623039626634343238363136363438663730626132646562646536
+61653562666636613164373464663931356565623862306332653230396230326636363638393862
+62663765373436303831613435383866323138316633336532336632383065343537326332653235
+30383764396361396565323035346531396365623130636538396238613037353438346365363331
+64383636376566306136653033613638323865653266383136373231353063303434636332363166
+37373462353530326663386139333536616138386431373763383838336365336634366339636637
+32356263653964343461393162396539303534343562653032643461626235373339666363646637
+37633934393036356331363563303330316234393535376338646235663235383966396634383166
+37656633373562643530663037333735396638363963323837653831396233653962356536616236
+37323139306131323561303061633136303234316335363361633766623530303762663465353163
+33313733386265346333663065366536616533326364613231313330373137616130373539313131
+37316637653934653035373965636633626262626561313338646261313530356163356364663834
+64663037666133626261386266666633336666323362373237626639373535333937336331353039
+30313833353766626332376432326531616464643364313232386633613361623234653536313830
+61626666333037393564303738646333643534623138366264353339326331386433343733623837
+63646431646533383331356334656466316465623735613537646536623364636632323566626233
+31663263623539343562383836366134366236346539386532373735633237373363636438366632
+39613330336365626137363765313930623262666263393835626532333262343265313761356333
+34623663633636373734326662363865396635613933393464356436393161303132663564366437
+35323166643762333862656561306239343034643562316534316236636362363162306131633961
+31653736613732643930666338333131373634333166633466656663636163396266306538626666
+65326163646137373236633363663063383162393435356163366665653033666161333037303035
+35396334663135373863646664613137666565356161353865316164633939323037323664346331
+63313230333565336232663166616465363038326663633066623531363338623430313332333138
+34363532643036343831353463356665646363363239643835396661356665393035303561653337
+62663335636533366334643636653366303231353630633166343832313133303663393836623036
+33616563636266356130356635663538343236356632376461626532626436616334386330356430
+62323864323534333032643737656164343633636365623664336236626239633138626230383536
+39306534383933326638666130383139316334373530373335633238316238353038643136366533
+38396661626661373964363630633963373732343161663065386539306637313633303534663466
+66396361373163313865373131636239613930333963663462306636626431363934343136616330
+30643763343838316338643463323833666639616437336361303363393361356431356266353233
+63366366336231386530313961356538613136366530343338353063343332333165323763613566
+34653133633532613332376634616234383237666261363038613437646366356332636530623534
+30613735663666636232623230633161663064666436333161633334356336383038386535336133
+39663963333031383961643232636539313137346132336462336165313862653366303135353730
+63303834313462646633333232646661623731613439633434663266303834376635346438356438
+39303066663633656234633131366330356363636535373034613037363837326562306562663538
+61316666643230626662663266373330643865393938313232306130376333306536393930363037
+66636562396339633763656431653036646361313632313932636231626333303337366266623238
+39616336656537363439373231643132363264306135346437386465326265666137353032336261
+61323234643662653233353737346661373630376630343635383834313038373162643135343434
+37613634333330326132623437623834363539343037643764303631613463343863643065643063
+33326537376130346365323361343266663331343038663037623438666362656236613065366235
+65363130356133353739623733376531636438643535633731646431653837343531313531373436
+31356139393363646262623664663261613931636330663436336466633038643763336337336330
+33393433346332623538653262303462636363363338346538376463373838363036343634363131
+31636332343931643436393464656165616631373339336537623130343630346164383830313165
+36316364653739646330663762356332393262653931613933643963626433633532353766663632
+65616262666433383763363636303131373064636261616661613139373766336639376336393962
+65336332303164353763636332323031363363653262386331313038646564393131303366653834
+33303464303566656363343464336164363264626436306465633261386464663764636431353037
+31363034323331333235346137653139323835326135653337323339346239383038363861313638
+31363136353037396634326239306665303230616131363965653439656361356538623135613238
+66366639333331306337323562343934313532323633613034353863623839636135393465383832
+34323031326262306161613439323836646538363136336537313266343662383935373762666138
+64336132356662366436326664653234303034623066313736353439396334653630643136336431
+31386330326636303334313535363564383964623538656666376136366365633538386139333862
+65336662653965343035306534393962616438636366646664383231316365366435663763643663
+64383034336565663561626262636263616336303066396164633464313830363338303932356638
+32373162313330303935316137366435373532346363386461303933643237383830623335626639
+33383335653436353831303163656530613962303439383563376534663738383035346433303834
+31663863343864656463643433383938393464613865356134346261663333616537663066333965
+32366466373165633936323232333237383638313434366437376237653837363532393564323035
+64623234376538666237653938346634346532656135333165353864383739353737643965636539
+63626134376330346538656539333362633765363735656161323635323164323038633139653663
+64616466353137623937333237633163646266326437663833393437336662356465336566353832
+30653063666261613534393439663664326336353338393439336137386662316137666236636337
+32326336396430633136333064383164373033366230333832333564616364663931653233333233
+62353264343865663865323461643032633465336564646161303039356266303738306435353131
+30376431616631613463313666383664343962306265613361376365353361303162653834623631
+33643762306232636134666366373637353234353265303437306261383861333235383530383638
+62353338323535333438376335636339386161326564623037323861343134396637366362646335
+66633865386339666265396438353362333463376361306666313331353063313331636539343835
+66326661386532343865653365356531663365663865666439653039643333363363653838616436
+38333037353333373866316333613538373263386334626665363239353162376335373238613737
+31616465326138663934356530353263653133636232396134316163343131316664633964643437
+37353937653665326638663631383733646563336162643361643366633564663439396639373966
+66356163343731353430626537326466393538363939313134343464643666323037356639323538
+35626137303439316233313664326535396234326432396132646361663936636362626232383530
+37366334333035656638383161663732393864333562373761303031353262303666626436373065
+66396233393864373463363065373461353538626135663937656330326632663863353438643838
+63663438356663313039616135393833623838366530353735333161663739366431393139623737
+63306464353039323065623765363665663266393934653962303761383362646364373239313062
+38353737663434646138303562303835373439653137656234653333313234366436623963386636
+66313837393636373537663030393331613633306531306339306261636366343362333736363465
+32316662666664636437393736383130663235373266393263623131643339323266633633336334
+30643737396364303462363262653332346637643466323339633435323436366430626339393537
+633439343732646238343833663731646631
diff --git a/roles/lmn_vm/files/uploadseed b/roles/lmn_vm/files/uploadseed
index eb64945..f38d853 100755
--- a/roles/lmn_vm/files/uploadseed
+++ b/roles/lmn_vm/files/uploadseed
@@ -7,24 +7,34 @@ import ssl
 import argparse
 
 parser = argparse.ArgumentParser(description='Upload a file to the bittorrent seeder.')
-parser.add_argument('--rpc-server', required=True,
-                    help='the RPC server IPaddress:port')
-parser.add_argument('--rpc-secret', required=True,
-                    help='the RPC secret')
+parser.add_argument('--server', required=True,
+                    help="the server address and RPC port like 'IPaddress:port'")
 parser.add_argument('--dht-port', required=True,
                     help='the DHT port the RPC server is listening on')
-parser.add_argument('--no-cert', action='store_true',
-                    help='do not use SSL certificate')
-parser.add_argument('--cert', help='the certificate to use for verification')
-parser.add_argument('file', help='the file to upload')
+pwgrp = parser.add_mutually_exclusive_group(required=True)
+pwgrp.add_argument('--passwd',
+                   help='the RPC secret. Either this or --pwdfile needs to be ' \
+                   'provided')
+pwgrp.add_argument('--pwdfile',
+                   help="file containing the RPC secret in the form " \
+                   "'secret = \"token:SECRET\"'. " \
+                   'Either this or --secret needs to be provided')
+certgrp = parser.add_mutually_exclusive_group(required=True)
+certgrp.add_argument('--no-cert', action='store_true',
+                     help='do not use SSL certificate')
+certgrp.add_argument('--cert', help='the certificate to use for verification')
+parser.add_argument('FILE', help='the file to upload')
 
 args = parser.parse_args()
 
-rpcseeder = 'https://' + args.rpc_server + '/rpc'
-secret = 'token:' + args.rpc_secret
-dhtentry = args.rpc_server.split(':')[0] + ':' + args.dht_port
-file2send = args.file
+rpcseeder = 'https://' + args.server + '/rpc'
+dhtentry = args.server.split(':')[0] + ':' + args.dht_port
+file2send = args.FILE
 torrent = '/tmp/' + os.path.basename(file2send) + '.torrent'
+if args.passwd:
+    secret = 'token:' + args.passwd
+else:
+    exec(open(args.pwdfile).read())
 
 ssl_ctx = ssl.create_default_context()
 if args.no_cert:
diff --git a/roles/lmn_vm/files/vm-sync b/roles/lmn_vm/files/vm-sync
index 5e2c6a8..0e3646e 100755
--- a/roles/lmn_vm/files/vm-sync
+++ b/roles/lmn_vm/files/vm-sync
@@ -71,7 +71,8 @@ get_file() {
 
 push_file() {
    cd "${VM_SYSDIR}"
-   uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${FILENAME}"
+   uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
+	      --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${FILENAME}"
 }
 
 if [[ "$(id -nu)" != "lmnsynci" ]]; then
@@ -106,26 +107,25 @@ case "$command" in
    push_file)
       for FILENAME in "$@"; do
 	 push_file
-      done 
+      done
       ;;
    get_file)
       for FILENAME in "$@"; do
 	 get_file
-      done 
+      done
       ;;
    get_image)
       for VM_NAME in "$@"; do
 	 get_torrent
-      done 
+      done
       ;;
    delete_outdated_image)
       for FILENAME in "$@"; do
          delete_outdated_image
-      done 
+      done
       ;;
    *)
       show_help
       exit 1
       ;;
 esac
-
diff --git a/roles/lmn_vm/files/vm-upload b/roles/lmn_vm/files/vm-upload
index e3d62ee..ddb83e0 100755
--- a/roles/lmn_vm/files/vm-upload
+++ b/roles/lmn_vm/files/vm-upload
@@ -39,8 +39,10 @@ upload_image() {
       cp -a "${VM_DIR}/${VM_NAME}.xml" "${VM_SYSDIR}"
     fi
     cd "${VM_SYSDIR}"
-    uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${VM_NAME}.qcow2"
-    uploadseed --rpc-server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" --rpc-secret insecure --no-cert "${VM_NAME}.xml"
+    uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
+	       --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.qcow2"
+    uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
+	       --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.xml"
 }
 
 source /etc/lmn/vm.conf
diff --git a/roles/lmn_vm/files/vm.conf b/roles/lmn_vm/files/vm.conf
index b10aa9f..2a50b69 100644
--- a/roles/lmn_vm/files/vm.conf
+++ b/roles/lmn_vm/files/vm.conf
@@ -1,8 +1,9 @@
 # variables for LMN VM submodule
 
-SEEDBOX_HOST=seedbox.pn.steinbeis.schule
+SEEDBOX_HOST="seedbox.pn.steinbeis.schule"
 SEEDBOX_PORT=6789
 SEEDBOX_RPC_PORT=6800
+SEEDBOX_PWFILE="/etc/lmn/uploadseed.conf"
 
 VM_SYSDIR="/lmn/vm"
 if [[ -v SUDO_UID ]]; then
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index f6c34ff..7b4adc3 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -163,12 +163,21 @@
     - uploadseed
 
 - name: Deploy vm configuration file vm.conf
-  copy:
+  ansible.builtin.copy:
     src: vm.conf
     dest: /etc/lmn/vm.conf
     owner: root
     group: root
 
+- name: Deploy aria2 RPC password file
+  ansible.builtin.copy:
+    dest: /etc/lmn/uploadseed.conf
+    owner: root
+    group: lmnsynci
+    mode: '0640'
+    content: |
+      "{{ uploadseed_pwd }}"
+
 - name: Prepare directory for qemu bridge config
   ansible.builtin.file:
     path: /etc/qemu/

From 350f4c26465a32850600193b2c03b139e985bc60 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 20 Jan 2024 14:33:12 +0100
Subject: [PATCH 454/504] Configure a valid DHT cache directory.

---
 roles/lmn_vm/files/vm-sync  | 9 +++++++--
 roles/lmn_vm/files/vm.conf  | 1 +
 roles/lmn_vm/tasks/main.yml | 9 ++++++++-
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_vm/files/vm-sync b/roles/lmn_vm/files/vm-sync
index 0e3646e..e84b68b 100755
--- a/roles/lmn_vm/files/vm-sync
+++ b/roles/lmn_vm/files/vm-sync
@@ -37,7 +37,9 @@ get_torrent() {
         sudo vm-aria2 stop "${VM_NAME}"
         cd "${VM_SYSDIR}"
 	# get image
-	aria2c --seed-time=0 --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
+	aria2c --seed-time=0 --dht-file-path=$DHTDAT \
+	       --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
+	       "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
 	# and seed
         sudo vm-aria2 start "${VM_NAME}"
         if ! flock -u 200; then
@@ -51,7 +53,8 @@ get_torrent() {
 
 get_image_size() {
     torrentfile=$1
-    length=$(aria2c -S "${torrentfile}"  | grep "Total Length" | grep "Total Length"  | sed -E 's/.*\(([0-9,]*)\)/\1/' | sed s/,//g)
+    length=$(aria2c -S "${torrentfile}"  | grep "Total Length" | \
+		 sed -E -e 's/.*\(([0-9,]*)\)/\1/' -e 's/,//g')
     echo "$length"
 }
 
@@ -75,6 +78,8 @@ push_file() {
 	      --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${FILENAME}"
 }
 
+########################
+
 if [[ "$(id -nu)" != "lmnsynci" ]]; then
     echo "$(basename "$0") must be run as lmnsynci user"
     show_help
diff --git a/roles/lmn_vm/files/vm.conf b/roles/lmn_vm/files/vm.conf
index 2a50b69..d774c3c 100644
--- a/roles/lmn_vm/files/vm.conf
+++ b/roles/lmn_vm/files/vm.conf
@@ -4,6 +4,7 @@ SEEDBOX_HOST="seedbox.pn.steinbeis.schule"
 SEEDBOX_PORT=6789
 SEEDBOX_RPC_PORT=6800
 SEEDBOX_PWFILE="/etc/lmn/uploadseed.conf"
+DHTDAT="/var/cache/aria2/dht.dat"
 
 VM_SYSDIR="/lmn/vm"
 if [[ -v SUDO_UID ]]; then
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 7b4adc3..8a73e3f 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -176,7 +176,14 @@
     group: lmnsynci
     mode: '0640'
     content: |
-      "{{ uploadseed_pwd }}"
+      {{ uploadseed_pwd }}
+
+- name: Prepare directory for aria2 dht.dat
+  ansible.builtin.file:
+    path: /var/cache/aria2/
+    state: directory
+    owner: lmnsynci
+    group: lmnsynci
 
 - name: Prepare directory for qemu bridge config
   ansible.builtin.file:

From 4ce97f54867eefb4fafa20a7b46f8e837f5dd6a6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 20 Jan 2024 14:38:02 +0100
Subject: [PATCH 455/504] Fixes and new desktop starter synchronization system.

---
 roles/lmn_vm/files/lmn-vm    | 19 +++++++++++--------
 roles/lmn_vm/files/vm-aria2  |  9 ++++++---
 roles/lmn_vm/files/vm-create |  1 +
 roles/lmn_vm/files/vm-run    |  1 +
 roles/lmn_vm/files/vm-sync   |  3 ++-
 roles/lmn_vm/tasks/main.yml  | 11 ++++++-----
 6 files changed, 27 insertions(+), 17 deletions(-)

diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm
index 74736bd..4f90db8 100644
--- a/roles/lmn_vm/files/lmn-vm
+++ b/roles/lmn_vm/files/lmn-vm
@@ -11,12 +11,15 @@ lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
 %role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
 %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
 
-# start-virtiofsd: Start Virtiofsd as systemd-service
-%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
-%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
-%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd
+# vm-virtiofsd: Start Virtiofsd as systemd-service
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
 
-# sync-vm.sh: sync desktop-starterfiles from server
-%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
-%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
-%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
+# desktop-sync:
+%examusers ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
+%role-student ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
+
+# vm-upload:
+%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-upload
diff --git a/roles/lmn_vm/files/vm-aria2 b/roles/lmn_vm/files/vm-aria2
index 39b3ae6..7be4ac2 100755
--- a/roles/lmn_vm/files/vm-aria2
+++ b/roles/lmn_vm/files/vm-aria2
@@ -24,7 +24,10 @@ if [[ "${COMMAND}" = "start" ]]; then
                 --collect \
                 --property=Type=exec \
                 --property=SuccessExitStatus=1 \
-                aria2c --bt-hash-check-seed=true --check-integrity=true --seed-ratio=0.0 --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
-elif [[ "${COMMAND}" = "stop" ]]; then
-    systemctl stop "aria2-${VM_NAME}.service" || echo "Aria2-Service not running"
+                aria2c --bt-hash-check-seed=true --check-integrity=true --seed-ratio=0.0 \
+		--dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
+		--dht-file-path=$DHTDAT \
+		"${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
+elif [[ "${COMMAND}" = "stop" ]] && systemctl is-active "aria2-${VM_NAME}.service"; then
+    systemctl stop "aria2-${VM_NAME}.service"
 fi
diff --git a/roles/lmn_vm/files/vm-create b/roles/lmn_vm/files/vm-create
index 5c5548f..b669890 100755
--- a/roles/lmn_vm/files/vm-create
+++ b/roles/lmn_vm/files/vm-create
@@ -4,6 +4,7 @@
 set -eu
 
 source /etc/lmn/vm.conf
+PERSISTENT=0
 
 while getopts ':p' OPTION; do
   case "$OPTION" in
diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index c5cbad4..0e11ad0 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -156,6 +156,7 @@ export XDG_CONFIG_HOME="/tmp/${UID}/.config"
 
 if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     echo "VM not yet running."
+    sudo /usr/local/bin/desktop-sync
     check_images
     if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
         create_clone "${VM_NAME}"
diff --git a/roles/lmn_vm/files/vm-sync b/roles/lmn_vm/files/vm-sync
index e84b68b..b115154 100755
--- a/roles/lmn_vm/files/vm-sync
+++ b/roles/lmn_vm/files/vm-sync
@@ -69,7 +69,8 @@ delete_outdated_image() {
 
 get_file() {
    cd "${VM_SYSDIR}"
-   wget --no-proxy -O "${FILENAME}" "http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
+   curl --fail --noproxy ${SEEDBOX_HOST} -o "${FILENAME}" \
+	"http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
 }
 
 push_file() {
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 8a73e3f..d3630b7 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -150,7 +150,6 @@
     mode: '0755'
   loop:
     - mounthome.sh
-    - sync-vm.sh
     - vm-create
     - vm-rebase
     - vm-run
@@ -161,6 +160,7 @@
     - virtiofsd
     - vm-aria2
     - uploadseed
+    - desktop-sync
 
 - name: Deploy vm configuration file vm.conf
   ansible.builtin.copy:
@@ -259,7 +259,8 @@
     dest: /etc/xdg/menus/applications-merged/
   notify: Run update-desktop-database
 
-- name: Sync .torrent, .xml and .desktop files and run update-desktop-database
-  command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
-  register: result
-  changed_when: result.stdout | length > 0
+- name: Copy initial sync starter
+  ansible.builtin.copy:
+    src: sync.desktop
+    dest: /usr/local/share/applications/
+  notify: Run update-desktop-database

From 5a2ae0d33c2753c8362d33b66f1bf0109a34ba1b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 22 Jan 2024 10:06:33 +0100
Subject: [PATCH 456/504] Add files and variable missing in last commit.

---
 roles/lmn_vm/files/desktop-sync | 13 +++++++++++++
 roles/lmn_vm/files/sync.desktop | 13 +++++++++++++
 roles/lmn_vm/files/vm.conf      |  1 +
 3 files changed, 27 insertions(+)
 create mode 100644 roles/lmn_vm/files/desktop-sync
 create mode 100644 roles/lmn_vm/files/sync.desktop

diff --git a/roles/lmn_vm/files/desktop-sync b/roles/lmn_vm/files/desktop-sync
new file mode 100644
index 0000000..4967e49
--- /dev/null
+++ b/roles/lmn_vm/files/desktop-sync
@@ -0,0 +1,13 @@
+#!/usr/bin/bash
+#
+# Synchronize desktop starters
+#
+set -eu
+
+source /etc/lmn/vm.conf
+RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache "${DESKTOPSTARTERDIR}" \
+		      /usr/local/share/applications/ | sed '/ \.\//d')
+if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
+    echo "${RSYNC_COMMAND}"
+    update-desktop-database /usr/local/share/applications
+fi
diff --git a/roles/lmn_vm/files/sync.desktop b/roles/lmn_vm/files/sync.desktop
new file mode 100644
index 0000000..5646f6b
--- /dev/null
+++ b/roles/lmn_vm/files/sync.desktop
@@ -0,0 +1,13 @@
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Sync Starters
+GenericName=Aktualisiert Info über vorhandene VMs
+Comment=Sync VM Image information
+#TryExec=konsole
+Exec=if sudo /usr/local/bin/desktop-sync; then echo 'sync erfolgreich.\nFenster schließt sich in 3 Sekunden.'; sleep 3; else echo "Fehler - sollte nicht vorkommen."; read; fi
+Icon=bittorrent-sync
+Categories=fvs;
+MimeType=image/vnd.dxf;
+Keywords=design;VM;diagrams;graphics
+Terminal=true
diff --git a/roles/lmn_vm/files/vm.conf b/roles/lmn_vm/files/vm.conf
index d774c3c..8bd4189 100644
--- a/roles/lmn_vm/files/vm.conf
+++ b/roles/lmn_vm/files/vm.conf
@@ -5,6 +5,7 @@ SEEDBOX_PORT=6789
 SEEDBOX_RPC_PORT=6800
 SEEDBOX_PWFILE="/etc/lmn/uploadseed.conf"
 DHTDAT="/var/cache/aria2/dht.dat"
+DESKTOPSTARTERDIR="/srv/samba/schools/default-school/share/school/AdminIT/desktop/"
 
 VM_SYSDIR="/lmn/vm"
 if [[ -v SUDO_UID ]]; then

From b5bb3c9fa627e29534acc1d6cd40b2961536a893 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Wed, 24 Jan 2024 10:02:03 +0100
Subject: [PATCH 457/504] create VMs without xml machine file

---
 roles/lmn_vm/files/vm-create      |  23 +----
 roles/lmn_vm/files/vm-link-images |   5 --
 roles/lmn_vm/files/vm-rebase      |  11 ---
 roles/lmn_vm/files/vm-run         | 143 +++++++++++++++++++++---------
 roles/lmn_vm/files/vm-upload      |  17 +---
 5 files changed, 102 insertions(+), 97 deletions(-)

diff --git a/roles/lmn_vm/files/vm-create b/roles/lmn_vm/files/vm-create
index b669890..4fb2a67 100755
--- a/roles/lmn_vm/files/vm-create
+++ b/roles/lmn_vm/files/vm-create
@@ -38,29 +38,10 @@ fi
 # change to image-directory
 cd "${VM_DIR}"
 
-if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "${VM_SYSDIR}/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
-    echo "xml or qcow2 File does not exists." >&2
+if [[ ! -f "${VM_NAME}.qcow2" ]]; then
+    echo "qcow2 File does not exists." >&2
     exit 1
 fi
 
 qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
 chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
-
-# virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
-# copy machine-definition-file
-if [[ -f "${VM_NAME}.xml" ]]; then
-  cp "${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
-elif [[ -f "${VM_SYSDIR}/${VM_NAME}.xml" ]]; then
-  cp "${VM_SYSDIR}/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
-else
-  echo "no machine definition file found" >&2
-  exit 1
-fi
-
-# hardware addresses need to be removed, libvirt will assign
-# new addresses automatically
-# and actually rename the vm: (this also updates the storage path)
-sed -i -E \
-    -e '/<uuid>.+<\/uuid>/d' \
-    -e '/.+mac address.+[[:xdigit:]:]{17}.+/d' \
-    -e "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"
diff --git a/roles/lmn_vm/files/vm-link-images b/roles/lmn_vm/files/vm-link-images
index a3a06df..efa083c 100755
--- a/roles/lmn_vm/files/vm-link-images
+++ b/roles/lmn_vm/files/vm-link-images
@@ -22,8 +22,3 @@ shift "$((OPTIND -1))"
 for i in *.qcow2; do
   [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
 done
-
-# link system-VM-Machine-Definitions to User VM Directory
-for i in *.xml; do
-  [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
-done
diff --git a/roles/lmn_vm/files/vm-rebase b/roles/lmn_vm/files/vm-rebase
index cc6292e..b235760 100755
--- a/roles/lmn_vm/files/vm-rebase
+++ b/roles/lmn_vm/files/vm-rebase
@@ -70,17 +70,6 @@ fi
 # rebasing disk image
 qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
 if [[ -v NEWNAME ]]; then
-    # copy and adapt machine definition file
-    CURRENTNAME="${CURRENTBASE/.qcow2/}"
-    if [[ -f "${CURRENTNAME}.xml" ]]; then
-      cp "${CURRENTNAME}.xml" "${NEWNAME}.xml"
-    elif [[ -f "${VM_SYSDIR}/${CURRENTNAME}.xml" ]]; then
-      cp "${VM_SYSDIR}/${CURRENTNAME}.xml" "${NEWNAME}.xml"
-    else
-      echo "no machine definition file found" >&2
-      exit 1
-    fi
-    sed -i "s/${CURRENTNAME}/${NEWNAME}/" "${NEWNAME}.xml"
     NEWNAME="${NEWNAME}.qcow2"
 else
     rm "${CURRENTBASE}"
diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index 0e11ad0..eef1010 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -5,12 +5,18 @@ set -eu
 
 show_help() {
     cat << EOF >&2
-Usage: $(basename "$0") [-n] vmname"
+Usage: $(basename "$0") [options] vmname"
 Create a new clone, start the vm (if not yet running) and run virt-viewer.
 Squid-Proxy will be started too.
-    -n   new clone will be created, even if exists
-    -p   new clone will be created persistent, so available after reboot too
-    -s   qemu:///system instead of default qemu:///session
+options:
+    -n|--new             new clone will be created, even if exists
+    -p|--persistent      new clone will be created persistent, so available after reboot too
+    -s|--system          qemu:///system instead of default qemu:///session
+       --memory sizeMB   memory size in MB
+       --cpu num         number of CPUs
+       --os OS           operating system (win10|linux|..)
+       --data-disk size  additional data-disk
+       --options options additional options for virt-install command
 EOF
 }
 
@@ -23,7 +29,7 @@ exit_script() {
 
 check_images() {
    # sync vm-torrents and machine definition file
-   sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.xml" "${VM_NAME}.qcow2.torrent"
+   sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.qcow2.torrent"
    [[ -f "${VM_NAME}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
 
    BACKINGARRAY=()
@@ -74,10 +80,9 @@ check_images() {
 
 create_clone() {
     local VM_NAME="$1"
-    local VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
 
-    if ! [[ -f "${VM_SYSDIR}/${VM_NAME}.xml" && -f "${VM_SYSDIR}/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
-	echo "xml or qcow2 File does not exists." >&2
+    if ! [[ -f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
+	echo "qcow2 File does not exists." >&2
 	exit 1
     fi
 
@@ -93,49 +98,65 @@ create_clone() {
     cd "${VM_DIR}"
     qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
 
-    # Create machine-definition-file
-    cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
-
-    # set VM_DIR:
-    sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
-    # and actually rename the vm (this also updates part of the storage path):
-    sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
-    # set virtiofs-Socket
-    sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
-
-    # find macvtap interface MAC address:
-    MAC="$(ip link | grep -A1 "vm-macvtap" |
-              sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
-    sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
 }
 
 QEMU='qemu:///session'
 
 NEWCLONE=0
 PERSISTENT=0
+LIBVIRTOSINFO="win10"
+LIBVIRTOPTS=""
 
 source /etc/lmn/vm.conf
 
-while getopts ':pns' OPTION; do
-    case "$OPTION" in
-        p)
-            PERSISTENT=1
-            VM_DIR="${VM_DIR_PERSISTENT}"
-            ;;
-        n)
-            NEWCLONE=1
-            ;;
-        s)
-            QEMU='qemu:///system'
-            ;;
-        ?)
-        show_help
-        exit 1
-        ;;
-    esac
-done
+TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,os:,help -n $0 -- "$@")
+if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
 
-shift "$((OPTIND -1))"
+eval set -- "$TEMP"
+
+while true; do
+  case "$1" in
+    -p | --persistent )
+	    PERSISTENT=1;
+            VM_DIR="${VM_DIR_PERSISTENT}"
+	    shift
+	    ;;
+    -n | --new )
+            NEWCLONE=1
+	    shift
+	    ;;
+    -s | --system )
+            QEMU='qemu:///system'
+	    shift
+	    ;;
+    -o | --options )
+            LIBVIRTOPTS=$2
+	    shift 2
+	    ;;
+    --data-disk )
+            LIBVIRTOPTS="${LIBVIRTOPTS}  --disk ${VM_DIR}/data.qcow2,size=$2,sparse=yes"
+	    shift 2
+	    ;;
+    --memory )
+            LIBVIRTOPTS="${LIBVIRTOPTS} --memory $2"
+	    shift 2
+	    ;;
+    --cpu )
+            LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
+	    shift 2
+	    ;;
+    --os )
+            LIBVIRTOSINFO=$2
+	    shift 2
+	    ;;
+    --help )
+            show_help
+            exit 1
+            ;;
+    -- ) shift; break ;;
+    * ) break ;;
+  esac
+done
 
 # if less than one arguments supplied, display usage
 if [[  $# -ne 1 ]] ; then
@@ -163,11 +184,45 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
     fi
     # delete the old vm
     virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
-    # finally, create the new vm
-    virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
     #trap exit_script SIGHUP SIGINT SIGTERM
+
+    # start virtiofsd-service
     [[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/vm-virtiofsd "${VM_NAME}"
-    virsh --connect="${QEMU}" start "${VM_NAME}-clone"
+
+    # finally, create the new vm
+
+    if ip link | grep virbr1; then
+       LIBVIRTOPTS="${LIBVIRTOPTS} --network=bridge=virbr1,model.type=virtio"
+    fi
+
+
+# TODO
+#    # find macvtap interface MAC address:
+#    MAC="$(ip link | grep -A1 "vm-macvtap" |
+#              sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+#    sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
+
+    virt-install \
+             --osinfo "${LIBVIRTOSINFO}" \
+	     --name "${VM_NAME}-clone" \
+	     --import \
+	     --clock hpet_present=yes \
+	     --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on \
+	     --memorybacking source.type=memfd,access.mode=shared \
+	     --disk "${VM_DIR}/${VM_NAME}-clone.qcow2" \
+	     --network=bridge=virbr0,model.type=virtio \
+             --filesystem driver.type=virtiofs,accessmode=passthrough,target.dir=virtiofs,xpath1.set=./source/@socket="/run/user/${UID}/virtiofs-${VM_NAME}.sock" \
+	     --check path_in_use=off \
+             --connect="${QEMU}" \
+	     --noautoconsole \
+	     ${LIBVIRTOPTS}
+#	     --dry-run \
+#             --print-xml \
+#	     > /tmp/vm.xml
+#	     --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
+#	     --network type=ethernet,target.dev=vm-macvtap,xpath1.set=./target/@managed=no \
+
+#    virsh --connect="${QEMU}" start "${VM_NAME}-clone"
 fi
 echo "starting viewer"
 trap exit_script SIGHUP SIGINT SIGTERM
diff --git a/roles/lmn_vm/files/vm-upload b/roles/lmn_vm/files/vm-upload
index ddb83e0..732b59b 100755
--- a/roles/lmn_vm/files/vm-upload
+++ b/roles/lmn_vm/files/vm-upload
@@ -5,7 +5,7 @@ set -eu
 show_help() {
     cat << EOF >&2
 Usage: $(basename "$0") vmname"
-Create torrent and upload disk and xml-VM-Definiton on server.
+Create torrent and upload disk on server.
 EOF
 }
 
@@ -16,11 +16,6 @@ upload_image() {
         echo "File not found ${VM_NAME}.qcow2" >&2
         exit 1
     fi
-    # check if VM-Machine-Definition XML exists
-    if [[ ! (-f "${VM_SYSDIR}/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
-        echo "File not found ${VM_NAME}.xml" >&2
-        exit 1
-    fi
     sudo vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
     # link private VM-Diskimage to system-Dir
     if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
@@ -30,19 +25,9 @@ upload_image() {
       chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
       ln -f "${VM_DIR}/${VM_NAME}.qcow2" "${VM_SYSDIR}/${VM_NAME}.qcow2"
     fi
-    # copy private VM-Maschine-Definition XML to system-Dir
-    if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
-          &&   ( -f "${VM_SYSDIR}/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "${VM_SYSDIR}/${VM_NAME}.xml") \
-          || ! -f "${VM_SYSDIR}/${VM_NAME}.xml") ]]; then
-      echo "copy private VM-Maschine-Definition XML to system-dir"
-      chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
-      cp -a "${VM_DIR}/${VM_NAME}.xml" "${VM_SYSDIR}"
-    fi
     cd "${VM_SYSDIR}"
     uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
 	       --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.qcow2"
-    uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
-	       --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.xml"
 }
 
 source /etc/lmn/vm.conf

From 3c33cde8c621cd7b5fb272ebd045e37e6bbc893f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 24 Jan 2024 13:00:59 +0100
Subject: [PATCH 458/504] Webserver playbook for linuxmuster.

---
 lmn-www-server.yml             | 43 ++++++++++++++++++++++++++++++++++
 roles/kerberize/tasks/main.yml | 43 +++++++++++++++++-----------------
 2 files changed, 64 insertions(+), 22 deletions(-)
 create mode 100644 lmn-www-server.yml

diff --git a/lmn-www-server.yml b/lmn-www-server.yml
new file mode 100644
index 0000000..fb751fc
--- /dev/null
+++ b/lmn-www-server.yml
@@ -0,0 +1,43 @@
+## This playbook deploys a FvS web server machine.
+---
+- name: apply configuration to the web server
+  hosts: all
+  remote_user: ansible
+  become: yes
+  pre_tasks:
+    - pause:
+        prompt: "Enter global-admin AD password. Leave empty to skip domain join"
+        echo: false
+      register: adpw
+      no_log: true
+      when: "ansible_cmdline.adpw is not defined"
+  vars:
+    domain: "pn.steinbeis.schule"
+    extra_pkgs:
+      - vim
+      - apache2
+      - python3-flask
+
+    extra_pkgs_bpo: [ ]  # [ libreoffice ]
+
+  roles:
+    - up2date_debian
+    - lmn_sssd
+    - kerberize
+
+  tasks:
+    - name: Override home dir location
+      lineinfile:
+        dest: /etc/sssd/sssd.conf
+        line: override_homedir = /home/%u
+
+    - name: enable pam_mkhomedir.so
+      lineinfile:
+        dest: /etc/pam.d/common-session
+        line: "session	optional	pam_mkhomedir.so  umask=0026"
+        insertbefore: "session	optional	pam_mount.so"
+
+    - name: enable apache mod userdir
+      apache2_module:
+        state: present
+        name: userdir
diff --git a/roles/kerberize/tasks/main.yml b/roles/kerberize/tasks/main.yml
index 25ec4db..ee17a3e 100644
--- a/roles/kerberize/tasks/main.yml
+++ b/roles/kerberize/tasks/main.yml
@@ -1,28 +1,27 @@
-- name: kerberize sshd server
-  lineinfile:
-    dest: /etc/ssh/sshd_config
-    line: "GSSAPIAuthentication yes"
-    insertafter: "#GSSAPIAuthentication no"
+- name: Install kerberos packages
+  apt:
+    name: krb5-user
+    state: latest
+
+- name: Kerberize sshd server
+  ansible.builtin.copy:
+    dest: /etc/ssh/sshd_config.d/kerberize.conf
+    content: |
+      GSSAPIAuthentication yes
   notify: "reload sshd"
 
-- name: kerberize ssh client, authenticate
-  lineinfile:
-    dest: /etc/ssh/ssh_config
-    line: "GSSAPIAuthentication yes"
-    insertafter: "#   GSSAPIAuthentication no"
+- name: Kerberize ssh client, authenticate and delegate credentials
+  ansible.builtin.copy:
+    dest: /etc/ssh/ssh_config.d/kerberize.conf
+    content: |
+      GSSAPIAuthentication yes
+      GSSAPIDelegateCredentials yes
 
-- name: kerberize ssh client, delegate credentials
-  lineinfile:
-    dest: /etc/ssh/ssh_config
-    line: "GSSAPIDelegateCredentials yes"
-    insertafter: "#   GSSAPIDelegateCredentials no"
-
-
-- name: check if firefox is available
+- name: Check if firefox is available
   stat: path=/etc/firefox-esr/firefox-esr.js
   register: firefox
 
-- name: kerberize firefox for sites in the local domain
+- name: Kerberize firefox for sites in the local domain
   lineinfile:
     dest: /etc/firefox-esr/firefox-esr.js
     line: "{{ item }}"
@@ -32,12 +31,12 @@
     - 'pref("network.negotiate-auth.trusted-uris", "{{ kerberize_uris | default(ansible_domain) }}");'
   when: firefox.stat.exists
 
-- name: ensures /etc/chromium/policies/managed dir exists
-  file: 
+- name: Ensures /etc/chromium/policies/managed dir exists
+  file:
     path: "/etc/chromium/policies/managed"
     state: directory
 
-- name: kerberize chromium for sites in the local domain
+- name: Kerberize chromium for sites in the local domain
   copy:
     dest: /etc/chromium/policies/managed/idam.json
     content: |

From d3aac1b0e70b976afec28db7c2068f1393c9672c Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 25 Jan 2024 20:09:06 +0100
Subject: [PATCH 459/504] Use NetworkManager for wifi-sticks only

---
 roles/lmn_networkd/tasks/main.yml | 44 +++++++++++++++++++++++--------
 1 file changed, 33 insertions(+), 11 deletions(-)

diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 2d511bb..41f6db1 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -1,20 +1,31 @@
 ---
 # temporary disable network manager
 # in future network manager will be used for wifi sticks
-- name: Disable Networkmanager
+- name: Use iwd but ignore interfaces managed by systemd-networkd (wlan0,en*)
+  blockinfile:
+    dest: /etc/NetworkManager/NetworkManager.conf
+    block: |
+      [device]
+      match-device=interface-name:wlx*
+      wifi.backend=iwd
+      [connection]
+      match-device=interface-name:wlx*
+      ipv4.route-metric=2048
+      [keyfile]
+      unmanaged-devices=interface-name:wlan0;interface-name:en*;interface-name:vm*
+
+- name: Enable Networkmanager
   ansible.builtin.systemd:
     name: NetworkManager.service
-      #state: stopped
-    enabled: False
+    state: started
+    enabled: true
 
-      #- name: Use iwd but ignore wlan interfaces in NetworkManager
-      #  blockinfile:
-      #    dest: /etc/NetworkManager/NetworkManager.conf
-      #    block: |
-      #      [device]
-      #      wifi.backend=iwd
-      #      match-device=interface-name:en*
-      #      managed=0
+- name: install firmware for wifi-sticks
+  apt:
+    name:
+      - firmware-realtek
+    state: latest
+    autoremove: true
 
 - name: Configure systemd-networkd virbr1.netdev
   ansible.builtin.copy:
@@ -44,3 +55,14 @@
        [DHCPv4]
        UseDomains=true
        RouteMetric=512
+
+- name: Configure systemd-networkd wlan.network
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/60-wlan0-dhcp.network
+    content: |
+       [Match]
+       Name=wlan0
+       [Network]
+       DHCP=yes
+       [DHCPv4]
+       UseDomains=true

From 0a0e942fd09e04e9992a157da3f81febc85ebed9 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 25 Jan 2024 10:35:55 +0100
Subject: [PATCH 460/504] Remove update notification in task bar.

Updates are managed centrally now and users cannot
install them anyway.
---
 roles/lmn_fvs/tasks/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index adc3357..afffe10 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -50,6 +50,7 @@
       - pulseview
       - python3-websockets
       - qpdfview
+      - shellcheck
       - sigrok
       - sigrok-cli
       - tmux
@@ -64,6 +65,12 @@
   environment:
     http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
 
+- name: Remove update notifications from plasma-discover
+  apt:
+    name:
+      - plasma-discover
+    autoremove: true
+    state: absent
 
 - name: Make sure wireshark works for all users after installation and upgrades
   ansible.builtin.copy:

From 138c4f7d7e28237c8b3209001f8da8ec128fd8b8 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 25 Jan 2024 10:47:49 +0100
Subject: [PATCH 461/504] Simplify netboot VM start by script.

---
 roles/lmn_vm/files/vm-netboot | 24 ++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml   | 14 ++++++++++++++
 2 files changed, 38 insertions(+)
 create mode 100755 roles/lmn_vm/files/vm-netboot

diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
new file mode 100755
index 0000000..2b18831
--- /dev/null
+++ b/roles/lmn_vm/files/vm-netboot
@@ -0,0 +1,24 @@
+#!/usr/bin/bash
+#
+# Start a netboot VM
+#
+set -eu
+
+if [[ $# -eq 0 ]] ; then
+    arg="--memory 4096 --vcpu 4"
+fi
+
+# find macvtap interface MAC address:
+MAC="$(ip link | grep -A1 "vm-macvtap" | \
+	  sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+
+XDG_CONFIG_HOME="/tmp/${UID}/.config" \
+	       exec virt-install \
+               --name bookworm \
+               --osinfo debiantesting \
+               --nodisks --import \
+               --pxe --boot loader=/usr/share/OVMF/OVMF_CODE_4M.fd,\
+loader.readonly=yes,loader.type=pflash,\
+nvram.template=/usr/share/OVMF/OVMF_VARS_4M.fd \
+               --network type=ethernet,mac=${MAC},\
+target.dev=vm-macvtap,xpath1.set=./target/@managed=no $@ ${arg:-}
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 46f0c20..8681ffe 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -247,3 +247,17 @@
   command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
   register: result
   changed_when: result.stdout | length > 0
+
+- name: Start virt-manager in session mode by default
+  ansible.builtin.copy:
+    dest: /usr/local/bin/virt-manager
+    content: |
+      #!/usr/bin/sh
+      exec /usr/bin/virt-manager --connect qemu:///session $@
+    mode: '0755'
+
+- name: Copy vm-netboot script
+  ansible.builtin.copy:
+    src: vm-netboot
+    dest: /usr/local/bin/
+    mode: '0755'

From 1622106e3c9851c700f778a4045e47bc05bb3d02 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Thu, 25 Jan 2024 16:36:15 +0100
Subject: [PATCH 462/504] Calculate memory and number of CPUs for the VM.

---
 roles/lmn_vm/files/vm-netboot | 32 +++++++++++++++++++-------------
 1 file changed, 19 insertions(+), 13 deletions(-)

diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index 2b18831..19036a9 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -1,24 +1,30 @@
 #!/usr/bin/bash
 #
-# Start a netboot VM
+# Start a netboot VM connected to macvtap device and fraction of mem/cpus
 #
 set -eu
 
-if [[ $# -eq 0 ]] ; then
-    arg="--memory 4096 --vcpu 4"
-fi
-
-# find macvtap interface MAC address:
-MAC="$(ip link | grep -A1 "vm-macvtap" | \
+mac="$(ip link | grep -A1 "vm-macvtap" | \
 	  sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
 
+if [[ $# -eq 0 ]] ; then
+    mem=$(sed -En "s/^MemTotal:\s+([0-9]+)\s+kB/\1/p" /proc/meminfo)
+    cpu=$(sed -En "0,/^cpu cores/s/^cpu cores\s+:\s+([0-9]+)/\1/p" /proc/cpuinfo)
+    arg="--memory $((mem/2048)) --vcpu $((cpu/2))"
+    echo "Set options: $arg"
+fi
+
+loader='/usr/share/OVMF/OVMF_CODE_4M.fd,\
+loader.readonly=yes,loader.type=pflash,\
+nvram.template=/usr/share/OVMF/OVMF_VARS_4M.fd'
+
+type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
+
 XDG_CONFIG_HOME="/tmp/${UID}/.config" \
-	       exec virt-install \
+	       exec "virt-install \
                --name bookworm \
                --osinfo debiantesting \
                --nodisks --import \
-               --pxe --boot loader=/usr/share/OVMF/OVMF_CODE_4M.fd,\
-loader.readonly=yes,loader.type=pflash,\
-nvram.template=/usr/share/OVMF/OVMF_VARS_4M.fd \
-               --network type=ethernet,mac=${MAC},\
-target.dev=vm-macvtap,xpath1.set=./target/@managed=no $@ ${arg:-}
+               --pxe --boot loader=$loader \
+               --network type=$type \
+	       $* ${arg:-}"

From 496f99b519f607dfa1c687eb1c31b8cb525454a2 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 30 Jan 2024 08:06:46 +0100
Subject: [PATCH 463/504] laptop class CIFS mount option for faster
 SMB-reconnection when switching networks

---
 inventory.yml | 228 +++++++++++++++++++++++++-------------------------
 1 file changed, 115 insertions(+), 113 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 7313a3a..58ab70c 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,114 +1,116 @@
 $ANSIBLE_VAULT;1.1;AES256
-66633761313137346437356436366332303964316235643665363338323632656562336339326565
-6163373036366531373930326330303835663534316466660a393631653931333335306437313436
-31333364363064303365336138663439656630666565636532666132316633666633396338623537
-6465376331623462390a636563663661326530646237353239636630316634366238646530323462
-33633564613565333039663662353835366439303164633338366139343165626333323836613533
-36306133616634303961373035336239643866306539366138346663396265303662353765636330
-34363734303062363733663265616363626136373338326134306434323766393339393237393836
-63303336636264656435393261303965363639633932326130666232353265633661636339316334
-39626232346466313831643034643761313137373739653330386233343836636430626462636135
-62386263343131326439373163393230393732663862333530313533616537376133373032626466
-37613031633765303466363661643132656437356434383364323432636439323832346233363638
-33383234373935616166383237633434333639613936363231313732626562623834626462316531
-61356432643362646439636634393662353739376363623130646333326435336564383461323932
-64666331643462303262353064396437356262303232616164646136393638386565303438383664
-30646562383563323735623266386239643038393531366364386235663534363736653935316161
-32323533393465303830343131623365316466366130363233626535396331393034623363623632
-31303731346261666538306361356335336162356361376366653662383839333039323132336538
-66623230373065353137356132653132343866663165663732356338326634616530333661643836
-36633336383134313931663061653635366333633663343763383730333134323538313933343536
-39616635393132666535653339656363613431373461316263306130653530343638653562623866
-32613430643437636261313662306636656661313633383833646164306566303362373338643331
-39626232306465323239326561633135303163656539643036313939356666343564376264643434
-31343434303665323330343061353535306536653266393563643033323463323031386266303363
-64313439306139616438633462613239663566346263393431656230623766346539653134666166
-38656536303765393938333965373437633238623461326632613865636564373435333234383338
-66366234303731343233363730393939313536646531313435353065373466326665373133343331
-66313239636562666634366338663937333636326534346561653132633334323937333162336364
-31316364656166343931383039343638623138373639653263373635363031373731353735393563
-37303731643536363630363961343633313739393237336261653262336161666138343336343438
-63393166396462616562386265363263336337633837663562313338626365383063356331343061
-36646265633364366234333338616161363738653561663565626463356434343663363135623931
-62346338643462373636623235393739323964666138626464383161653638393532626465346234
-66393730633635643962353139616465623236313135346131333139396264313134653762316165
-63313830396130343439613961353836383737613566376333306263343061616663623135393935
-38656138633263383734303133393132366534666638623566633566623530666630656462386565
-33633961633261666538653535323465376437666337653931663361306466626465306233353964
-63336662326634386538353464373435373262626137626462613863346539333464656538373363
-36386338326630666563323034393762303035393538623032646565323432316364333362333739
-64666235346130373562666564663834386238636132343730326631393938643530616437393938
-35616137626632613537333965393537643833303139363034303266643165333234353431316133
-63656433643137383966333531623038366164656533643835616564343736366234353862636434
-66643066663061366132373735316563356532643639343563393662396330376239373664383637
-63353235343661346238353133613834623130653861343331386539336361623762393531303533
-34633932616535356130396263333664393836386531383531313836363134326665386333616636
-35643564353639656431343139323264323936346336656163383836356662336337326562626336
-31373938613537636335393863373366323430623365373137323539353435633931383866313863
-34613661613235323733393461356161303134386332323031626635666238336337643466326666
-61353363353536376538323032386462323531626539363066636435633733356132353930653363
-64626238636364323034623761306639393939653038366537633939626236383162616162663136
-38363439656435633761376462663165613365373664333733316339326435316231633930366236
-39343934343337663938363234343838366263623436373230323365346635313435343733346635
-61633066663134396134333664376365353431663331383362316538343135626564313561393839
-62353737333163376234383561666231666537386565356133303339363937316534363265346464
-39393432666563386636653563366232316638393237393434346235613264353764633037363163
-39393865333734323139333865393363633636343931633832386364353766376161306639336134
-30386239373231616139346439353233613630376230373264343064383036323161386365396234
-64666337336230343662383863323062323733303535663935376532323336643262373437613834
-35313962636531643435373362393063616230613964383839383138653131626363363236376438
-35313131393831623966666132626661636339303761616265316232363039363036343263346565
-31633737653432323431376134393765643234343461376465643831303666643931653963346365
-62323530633332613266383133663961356332356637636261373666663565633732363465393462
-37376564636463643930373062343763353764353835346134313865353236373835323235383561
-65613038663538396463343863633033313632666131323535316136656261366637326131356230
-61383238376433373166396132346265623034666231346261623064383539623539343665336239
-33386536336363383134663432626139616532353335383431336635396531333833326137353662
-36373866393533663934363861303464313137626337623065613033666430366138363662623862
-35303734333936656163353962313566353337396661623861336134643231363532303939623335
-39376332386635326537633431313562376336626334333534646537613036326136386339333934
-36323865633362646662306438303632616166663462356661336262386461393933363433343231
-38613932663836633866396364326538303839613163633632653865643334343331663561353334
-38386365303433626530626233666632326632616332653465613933313865333134613932663362
-32386161346333653732366138666263666637623131393936396535333064313166656262613339
-37346162353866643131363530656236323535663732363134333931373736663432363861613063
-66633537353461383131653735343663613630323063393162656433303831303862323335626366
-39373664666431363462373634613636653033386463373537323461613730363031386463633030
-37616362353433376561343863393361353533356438313061653664366661373238656261336437
-32616536656464396563633164323239616265366233626432613331383839663230623662376131
-62326633646665303635653739643239323763343839663864663336386261316639633737396264
-66623635393137346133303764613138356561636134343566613366666365303762313639626666
-62633834383662336561396661343634376438666264653135393761356339366264356639653065
-35616235303063623263363730393137396139336532363262393338373937613964396161333331
-61323339636163613238353662333637383064343665386334643566393066356165323637306135
-36666538346232313637333066356636303434373731383338653762646433633637373630353339
-32353464326637393639643631623837346661653464633164653930666338306363313434653832
-62353536343764623430616163613663323934616331313433643039383966316437653033343962
-33323062346233343730643436373936626535653433323432643235623966623434613365343238
-34643163333232393333663134656364306562303964636631396463663432633964303862643635
-61386461306266626338613533646164356237343862353366663138326163613162303234386134
-65363737323930303537623134636266346330363437383434373664323536303433346536333736
-32626332343730353934356633353831656436353131326264333538643461323631633436636335
-62313738613661383238636237613034373930343964353030353434356361646138653537386237
-39393236383131616234366466393863313133666366383361306631636334316633313834633539
-64346364663862663935663037326664343133333765333437336131393961643139313436343733
-61633937343465336332376636313364383336616461346566333734633062643532333262363566
-32336334633833663733623132363737383232633231636438636264653635306634383465306630
-35613136666135313065613062616535353333353662633961343334336137616464616262316133
-31363661386536383833616435316466646639636238346365363461343137303836313766393966
-34353436636565623739656136386236383461666461653032386664616563303766663635653866
-31326537343330323931343163326630333335366437373363653436363438356365363965326237
-33343365633837393831303266376634333961333231663937656662343963643433366665643433
-39366430386134356332393665646563363537663132333937643762366334383931633637663730
-32623037353332333663613331376562616130656265623863326534376335303530386564313763
-65633732393936386133313863393664303530393761336661623732633661663465393130356333
-36343932396431653566626430643062323233613933383465656335633066636166376561656339
-38333233633765363833343734323264363265643464343765653032383330393739373433323738
-31613166633865333764633562663162326534623236633435663038333765306638643930663638
-36373065636331643338343931343964643766373764363737333831363061336262353662656537
-38306539376665346461646233383761383764366432636138663936366434396664303661356433
-34333734356661366637643034656331396164353233303739306161633236333965313161623763
-65613637346235653431633537666431323930666231363038316632633935326233303861383961
-37363039373539666237323466303264613839366239386337303036313732613034663762666337
-33346261383261363566313333666130393463623062343030623338373261646537316137623163
-3065
+63303732343036386466356537363861643266383035383662643235626563393563376361643465
+6136616332373563366361376365316530393833303030300a383934353139653738646332343162
+30383237613330366635653362316631356464333431313237356138383539653866613931373531
+6132353838653830640a386665323538393166633035613132336363373537376163643534376362
+63646561623062363636303863343536336363373865366138343238393435633461313163343035
+65663264316130326336323161333166323462643835373363323331666332303133636635386666
+31663361656533646233343936663332363233353836616463303661373035633534626337316430
+65376333316463663932373631353561363839353161303235626634356230366334326235626430
+65383737653538343638636165646639323535393834636232613833346365663634383336353632
+34346361393131643863636563376134316163343031353666663034613362363235393266656163
+33376439326236303866383763303532323335303263316332653039333131643232383562613437
+30313838376337376561656338616566356632316236663734363937346561383761663635646237
+36323234306465306430313839396238313739333262653966323666663961616239636135396639
+31646130386363323930373030616439353265303261616333653730346532613562333464363265
+34326237343930316435313561643033663332303566663836333063373164313734383230663865
+63613934353761336238346135336233383237336130343831336439616665616436613630646136
+36353338633062366439336261333538393032623335663664373933633965353032333136656138
+64366366303432383733623239613532336666343864656132633063306166663839663638356539
+37636532383935376565623161643431633638393064653562653963393561626230616663363362
+30636335626633363732633431303436306633666533653937636166643566383033343238303235
+38373966386430666235356665623030656566316464633531323833356435383262323638313833
+66633930393435313663653239303439333035373132303633326263383264616631653133343032
+34656236373962356131376562356261663066393162373039346232393364613964313865336565
+36303463373633643134663939306432393632663831346138653639616232353437343866623434
+62653139656361613137343938383838306437333230313564326663373636366433653438623166
+61323532656262663532313663316433323838383834613433656432356533643131653933336537
+63373361636539623832316236366664653262396365346365356561346362343866336432363366
+32333037623735656535343538393364643033386137306563306137616433343239373764666364
+39303237656666313937393635303932623738393239313662333537376134336532353963633636
+61363164336536326633326564343433666430393537383639616630656433363262646366393537
+61343533383963373533636135643138613136393031363032353332313862353863626634633739
+37393232343462386230303034313639623134373465633066613331386338646161663435643633
+63373130653839623231633336643461663130613661353133363338363335376538616639623134
+38623731393164313133333433303862646434326137396466343162393333396161313937373662
+32306536363139363330386465306237393434373937633634656331666433373433303662646364
+37643731656436306463356236616337386461386463356539663362373130383434663932363735
+62393935303963613061393534363366366134633064346261656437353833383662363364363061
+37323437363065636665356234353535663766636338363236616237323264663162393134653364
+33393462643033343431356463653338393830333737643538616664656131346638623639306565
+30386436643863306237326532393637313161313061303136343362353135333036636638373763
+32386437326435623438326635646263656464343231653535633364386463343539393838383364
+61623733383534366335366339343664653066373031616639613131313266623536323530646261
+33356432633633393564613336396131633238313831313162396539393530373366333462333437
+30636436656531633162323630336630343434373635313563303131356534363036393162336431
+36636162376239303866663236616630646439393732393930663237636231306134666361326333
+33306161396534386164343262316337653562396234656139663564353064313062383338306531
+35653631616133366564666330663264353166306630353732386633663061366430366266303465
+37376163613330333635366661333665616430316362333936623030616537623230303137353831
+39653566316462623131663735363631303566373863313430666266346239306532393530303438
+39366261613038396338333861386565626139393066336134613165366132346362316232333764
+34326238646233363035616461356336356534323538333137306236303933393930336336343038
+34616236623635323765343536316262333837663831646637363233643133653630303139666337
+62656432373163643537616138373739356164616463626438343164303934323266393636623963
+34326465326532323135663837376265653964346661323937336163373337353830316461636339
+66363139393938336539623261633035386231346563386366663162343334376639363332393636
+32616136663234636632336363343765396161613439363038383838623566326432666362383762
+36363366653462653265306664323435643561313338396231343661383435623331636632313862
+36366462326238383433653233613931353033313262646339646331353236636137366632303432
+36326433343131326130333062346139343263636132323338326163376531613633633130313339
+66396231393965666535343834656139626265326535393135636335326365323136303336396361
+66303930626233346663383066316636663639643233353136306537336134646433383433346661
+33646638346133646162306562323365623861386534663332363739623462643439313634366230
+30616265613433393162613834326634373331326636323766366432383861396135663135373135
+33366166396365663962376538316331663161303862343961323335613033383137336261393037
+37343761333234376466343534653030393936613064366563656633333565396431303039663062
+66373138383736663036396531386330373137303361636264363963393138386232316364623766
+36323362383439656234343462653239623030343466396339396335346639313565323261333232
+66303139616238356465346530366639306639386336343939353663376132376365643361383936
+65363761616661373834336438343364323166386162626234613431383737336133663235336434
+66663032333530616633383837623837626665376230363037313438636632666261653666663431
+32643232383932323566356530663665613934323564663938336238653465663535393461373765
+62656661656234323637613961316536653064633661396363636564643836363636663361653062
+64336630346661303633313938653038306633343937656135343461323432316230653531353138
+66373838343232656432623064396533373033393630666161623331396566646539666233663961
+65626135333562376264376665326663336134363431653237383034636431393463353038366364
+30366666396363363664356635653934353163616233353538393434616634643230383162663532
+37333632376631643333323664613436613230616137616532616634326435666238363562633661
+34616239393133303533353264376463666436373563333864386634343838626536386638366437
+37616261303761373831313264393234626130653232616432373536393335366638656334643265
+64376633623339343135313131383837356232323437313364616438666632666438623237303534
+31356635383233356164393762653361646131363337313031303333343964626663323636656564
+34316164346235373162646234393462643136633430353731386564326137396634333663656532
+36353063646663353464336438353362326236313063386564386639323036633038333232663233
+61613366343335353362323735663162333164646661613032643834373237393230356235386537
+35393737643337646237653063376565326164663965346434306538373434656330363738633935
+39656164623939393434316235373333333865363536346532363834646438616566663662626165
+33623739326336316630323032663437366462653566353136383161613834353135303332363735
+30303761613632663662376236653931626131333834346137393166333933643332613732633464
+30333431646664616138336566383662636535333233666161616462616261373934353762663834
+36333564613361353938336436333830656233386432373366643632323238386538646337616262
+39636533333135363337643333336135663537313539303062626266633437343163363436313236
+32323533386161666136316662373465613261386163626637626138636539633139623830316333
+33636164346634323330663461636131396166326564636563656535386562346530313435663436
+39653663333764373961303932623266326463643335393336356333356661623666353533373066
+36356365366261383130643733363131333130376238663137303261353334313136616332646662
+30666430386264623438663330333337316234633863333264613730656434623437613738303465
+66313162393339383632323937363634663066313235653631663032653531613362323937333066
+32383233313135333637393562633266326261366162623362376366633863383537626133303762
+35373038393331383663643966353066303663396234653261323836666234393138376563373661
+31366636643562643939633661643061623664363131626666393861623164613365333036636161
+36353832326438303565306166393939313132356262663563386161366132336335323235363831
+38643039366561623364396537376138386233326433333537636265633865356632613137613233
+39373632313832636235396637366263386531626165643764386138663632396366353433343163
+32323564393034363561656633666265666661613263653838353833643364346434336562396566
+66643936396163343430636130643963323666333936623932666661613531363436313333616131
+39613430666438393264303634383633376630653439386135363664343366633062616438626632
+37656535643838316338323062393335613034653439393064653139373262636363613335633139
+37646631316536373032346433346663393566663562323432313263616331613738616236393335
+64366636626463303265346265316530356663636538653036633133333361666334643934333763
+39613766383332316162363636393063396236323034373239356138646561303334646661323139
+35666562383439353965636132613264336235313235393161323236346539396436333665633237
+34323762323664646233343934653731386563346239653935613036346139343562653136393532
+61373135393932306462633762306261313130306163616361646364653036623761386163663365
+37353866653431613838386566306236376663663763626466393436386137323834633436636262
+313934393539626666323236353432346437

From f62969b2c2023a7a4a49ebabbdcdbd72c26059ef Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 30 Jan 2024 08:26:55 +0100
Subject: [PATCH 464/504] remove deprecated networkd and NetworkManager entries

---
 lmn-client.yml                    |  8 +++++++
 roles/lmn_wlan_iwd/tasks/main.yml | 40 +++++++++++++++----------------
 2 files changed, 28 insertions(+), 20 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 100a088..2e06594 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -233,3 +233,11 @@
       when: ansible_interfaces | select('search', 'wl.+') | first is defined
     - lmn_networkd
     - lmn_localuser
+  tasks:
+    - name: Remove deprecated files and directories (laptop-class)
+      file:
+        path: "{{ item }}"
+        state: absent
+      with_items:
+        - /etc/systemd/network/80-wlan-dhcp.network
+
diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 17780e8..8eb2960 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -31,26 +31,26 @@
       [Security]
       Passphrase={{ wifipasswd }}
 
-- name: Use iwd but ignore wlan interfaces in NetworkManager
-  blockinfile:
-    dest: /etc/NetworkManager/NetworkManager.conf
-    block: |
-      [device]
-      wifi.backend=iwd
-      match-device=interface-name:wl*
-      managed=0
-
-- name: Configure systemd-networkd
-  ansible.builtin.copy:
-    dest: /etc/systemd/network/80-wlan-dhcp.network
-    content: |
-      [Match]
-      Name=wl*
-      [Network]
-      DHCP=yes
-      [DHCPv4]
-      UseDomains=true
-
+      # - name: Use iwd but ignore wlan interfaces in NetworkManager
+      #   blockinfile:
+      #     dest: /etc/NetworkManager/NetworkManager.conf
+      #     block: |
+      #       [device]
+      #       wifi.backend=iwd
+      #       match-device=interface-name:wl*
+      #       managed=0
+      # 
+      # - name: Configure systemd-networkd
+      #   ansible.builtin.copy:
+      #     dest: /etc/systemd/network/80-wlan-dhcp.network
+      #     content: |
+      #       [Match]
+      #       Name=wl*
+      #       [Network]
+      #       DHCP=yes
+      #       [DHCPv4]
+      #       UseDomains=true
+      # 
 - name: Enable systemd-networkd
   ansible.builtin.systemd:
     name: systemd-networkd.service

From cfae3f22edd89dcb004231bad60b5dae1c051395 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 27 Jan 2024 10:05:27 +0100
Subject: [PATCH 465/504] VM chooser menu and much faster direct kernel
 loading.

---
 roles/lmn_vm/files/vm-netboot | 59 ++++++++++++++++++++++++++---------
 roles/lmn_vm/tasks/main.yml   |  1 +
 2 files changed, 46 insertions(+), 14 deletions(-)

diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index 19036a9..dbb13bd 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -4,27 +4,58 @@
 #
 set -eu
 
+menu=(standard "CLI Standard Debian GNU/Linux"
+      kde-desktop "KDE Plasma Desktop Debian GNU/Linux"
+      gnome-desktop "Gnome Desktop Debian GNU/Linux")
+img=$(dialog --clear --backtitle "Virtual Machine Chooser" \
+             --title "Choose the Virtual Machine to Start" \
+             --menu "Start VM:" 12 60 6 \
+             "${menu[@]}" 2>&1 >/dev/tty)
+
+if [[ -z $img ]] ; then
+    echo "Starting VM canceled."
+    exit 1
+fi
+
 mac="$(ip link | grep -A1 "vm-macvtap" | \
-	  sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
+          sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
 
 if [[ $# -eq 0 ]] ; then
     mem=$(sed -En "s/^MemTotal:\s+([0-9]+)\s+kB/\1/p" /proc/meminfo)
     cpu=$(sed -En "0,/^cpu cores/s/^cpu cores\s+:\s+([0-9]+)/\1/p" /proc/cpuinfo)
-    arg="--memory $((mem/2048)) --vcpu $((cpu/2))"
-    echo "Set options: $arg"
+    arg=("--memory=$((mem/2048))" "--vcpu=$((cpu/2))")
+    echo Set options: "${arg[@]}"
+else
+    arg=("$@")
 fi
 
-loader='/usr/share/OVMF/OVMF_CODE_4M.fd,\
-loader.readonly=yes,loader.type=pflash,\
-nvram.template=/usr/share/OVMF/OVMF_VARS_4M.fd'
+kernel="http://livebox/d-i/n-live/$img/live/vmlinuz"
+initrd="http://livebox/d-i/n-live/$img/live/initrd.img"
+kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de \
+                 swap=true live-config.timezone=Europe/Berlin netboot=nfs \
+                 "nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
 
 type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
 
-XDG_CONFIG_HOME="/tmp/${UID}/.config" \
-	       exec "virt-install \
-               --name bookworm \
-               --osinfo debiantesting \
-               --nodisks --import \
-               --pxe --boot loader=$loader \
-               --network type=$type \
-	       $* ${arg:-}"
+## FIXME: use passt, needs more settings for correct DNS/gateway
+# type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1
+
+case "$img" in
+    standard)
+	arg+=("--autoconsole=text")
+	kargs+=("console=ttyS0")
+	;;
+    *)
+	;;
+esac
+
+http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
+          exec virt-install \
+          --name "$img" \
+          --osinfo debiantesting \
+          --nodisks --import --noreboot --transient \
+          --install kernel="$kernel",initrd="$initrd",kernel_args="${kargs[*]}" \
+          --network "type=$type" "${arg[@]}"
+
+# --filesystem "$HOME",share
+# mount -t 9p share /mnt
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 8681ffe..7d7e1b6 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -16,6 +16,7 @@
       - ctorrent
       - libvirt-daemon-system
       - virt-manager
+      - dialog # for vm-netboot menu
     state: latest
     autoremove: true
 

From fb4041b6f2bb120be051332318bcad40ce5c0a78 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 30 Jan 2024 15:17:02 +0100
Subject: [PATCH 466/504] remove old desktop VM-starters

---
 lmn-client.yml              | 25 +++++++++++++++++++++++++
 roles/lmn_vm/tasks/main.yml |  9 +++++++++
 2 files changed, 34 insertions(+)

diff --git a/lmn-client.yml b/lmn-client.yml
index 41ade4d..8303300 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -197,6 +197,16 @@
         enabled: false
       when: rmlpr.stat.exists
 
+    - name: check if vmimage-torrent.service is installed
+      stat: path=/etc/systemd/system/vmimage-torrent.service
+      register: vmimagetorrent
+
+    - name: disable vmimage-torrent.service
+      systemd:
+        name: vmimage-torrent.service
+        enabled: false
+      when: vmimagetorrent.stat.exists
+
     - name: Remove deprecated files and directories
       file:
         path: "{{ item }}"
@@ -209,6 +219,21 @@
         - /etc/sudoers.d/90-lmn-sudotools
         - /etc/systemd/system/rmlpr.service
         - /etc/systemd/system/rmlpr.timer
+        - /usr/local/bin/sync-vm.sh
+        - /usr/local/bin/run-vm.sh
+        - /usr/local/bin/rebase-vm.sh
+        - /usr/local/bin/create-vm.sh
+        - /usr/local/bin/upload-vm.sh
+        - /usr/local/bin/vmimage-torrent
+        - /etc/systemd/system/vmimage-torrent.service
+        - /usr/local/bin/linbo-torrenthelper.sh
+        - /usr/local/bin/link-images.sh
+        - /usr/local/bin/start-virtiofsd.sh
+        - /etc/sudoers.d/90-lmn-upload-vm
+        - /etc/sudoers.d/90-lmn-sync-vm
+        - /etc/sudoers.d/90-lmn-startvirtiofsd
+        - /etc/sudoers.d/90-lmn-link-images
+        - /etc/rsync.secret
 
 ## bookworm fixes/hacks:
     - name: Work around sddm hang on shutdown
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 893e8fd..3227054 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -260,6 +260,15 @@
     dest: /etc/xdg/menus/applications-merged/
   notify: Run update-desktop-database
 
+- name: check if sync.desktop is installed
+  stat: path=/usr/local/share/applications/sync.desktop
+  register: syncdesktop
+
+- name: remove deprecated desktop-files
+  ansible.builtin.shell: rm -f /usr/local/share/applications/*.desktop
+  when: not syncdesktop.stat.exists
+  notify: Run update-desktop-database
+
 - name: Copy initial sync starter
   ansible.builtin.copy:
     src: sync.desktop

From a410f4528c4b231d5d0e928cf2475d24906dda1b Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 1 Feb 2024 08:13:27 +0100
Subject: [PATCH 467/504] 2nd nic for TIA-VM (--bridge Option in vm-start)

---
 roles/lmn_vm/files/vm-run | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index eef1010..293ed4f 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -16,6 +16,7 @@ options:
        --cpu num         number of CPUs
        --os OS           operating system (win10|linux|..)
        --data-disk size  additional data-disk
+       --bridge virbrX   additional network interface on bridge virbrX
        --options options additional options for virt-install command
 EOF
 }
@@ -109,7 +110,7 @@ LIBVIRTOPTS=""
 
 source /etc/lmn/vm.conf
 
-TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,os:,help -n $0 -- "$@")
+TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,bridge:,os:,help -n $0 -- "$@")
 if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
 
 eval set -- "$TEMP"
@@ -145,6 +146,12 @@ while true; do
             LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
 	    shift 2
 	    ;;
+    --bridge )
+            if ip link | grep $2; then
+               LIBVIRTOPTS="${LIBVIRTOPTS} --network=bridge=$2,model.type=virtio"
+            fi
+	    shift 2
+	    ;;
     --os )
             LIBVIRTOSINFO=$2
 	    shift 2
@@ -191,11 +198,6 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
 
     # finally, create the new vm
 
-    if ip link | grep virbr1; then
-       LIBVIRTOPTS="${LIBVIRTOPTS} --network=bridge=virbr1,model.type=virtio"
-    fi
-
-
 # TODO
 #    # find macvtap interface MAC address:
 #    MAC="$(ip link | grep -A1 "vm-macvtap" |
@@ -209,9 +211,10 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
 	     --clock hpet_present=yes \
 	     --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on \
 	     --memorybacking source.type=memfd,access.mode=shared \
-	     --disk "${VM_DIR}/${VM_NAME}-clone.qcow2" \
+	     --disk "${VM_DIR}/${VM_NAME}-clone.qcow2",driver.discard=unmap,target.bus=scsi,cache=writeback \
 	     --network=bridge=virbr0,model.type=virtio \
              --filesystem driver.type=virtiofs,accessmode=passthrough,target.dir=virtiofs,xpath1.set=./source/@socket="/run/user/${UID}/virtiofs-${VM_NAME}.sock" \
+	     --controller type=scsi,model=virtio-scsi \
 	     --check path_in_use=off \
              --connect="${QEMU}" \
 	     --noautoconsole \

From 89f851bc735ea327704d4fb1093a806d77700853 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 1 Feb 2024 09:08:33 +0100
Subject: [PATCH 468/504] vm cpu utilization optimized

---
 roles/lmn_vm/files/vm-run | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index 293ed4f..4934797 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -208,8 +208,8 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
              --osinfo "${LIBVIRTOSINFO}" \
 	     --name "${VM_NAME}-clone" \
 	     --import \
-	     --clock hpet_present=yes \
-	     --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on \
+             --clock hpet_present=yes,hypervclock_present=yes \
+             --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
 	     --memorybacking source.type=memfd,access.mode=shared \
 	     --disk "${VM_DIR}/${VM_NAME}-clone.qcow2",driver.discard=unmap,target.bus=scsi,cache=writeback \
 	     --network=bridge=virbr0,model.type=virtio \

From ccec0f7feac8e857106eff23294542e833f34c16 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 1 Feb 2024 15:01:59 +0100
Subject: [PATCH 469/504] fix owner of starters

---
 roles/lmn_vm/files/desktop-sync | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/desktop-sync b/roles/lmn_vm/files/desktop-sync
index 4967e49..580d43c 100644
--- a/roles/lmn_vm/files/desktop-sync
+++ b/roles/lmn_vm/files/desktop-sync
@@ -5,8 +5,9 @@
 set -eu
 
 source /etc/lmn/vm.conf
-RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache "${DESKTOPSTARTERDIR}" \
-		      /usr/local/share/applications/ | sed '/ \.\//d')
+RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache \
+	           --chown=root:root --chmod=F644,D755 "${DESKTOPSTARTERDIR}" \
+		   /usr/local/share/applications/ | sed '/ \.\//d')
 if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
     echo "${RSYNC_COMMAND}"
     update-desktop-database /usr/local/share/applications

From 6f00bf85492e03fc851d54c628eed63fecfdbb55 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 1 Feb 2024 15:50:35 +0100
Subject: [PATCH 470/504] enable, but don't start NetworkManager

---
 roles/lmn_networkd/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 41f6db1..786a89f 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -17,7 +17,7 @@
 - name: Enable Networkmanager
   ansible.builtin.systemd:
     name: NetworkManager.service
-    state: started
+      #state: started
     enabled: true
 
 - name: install firmware for wifi-sticks

From 202ca254660b8c1383ce178766bf95607c9956da Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 2 Feb 2024 19:05:34 +0100
Subject: [PATCH 471/504] Improve emitter logic: Only run upgrade tasks if full
 run not needed.

If a machine's timestamp is older than the date of the last
git commit, do a full ansible run.  If the time stamp is older
than the trigger time (given as argument to 'emitter') but
younger than the latest git commit, run only the upgrade tasks.

A single outdated machine triggers the full run for all
machines in the list.
---
 lmn-client.yml |  6 ++++--
 tools/emitter  | 42 ++++++++++++++++++++++++++++++------------
 2 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 100a088..4407a8c 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -74,7 +74,8 @@
 
   roles:
     - lmn_network
-    - up2date_debian
+    - role: up2date_debian
+      tags: upgrade
     - lmn_sssd
     - lmn_mount
     - lmn_kde
@@ -85,9 +86,10 @@
     - lmn_security
 
   tasks:
-    - name: Timestamp successfull ansible run
+    - name: Timestamp successfull run
       ansible.builtin.shell: date --iso-8601=seconds >> /root/.ansible/stamps
       changed_when: False
+      tags: upgrade
 
 ## Temporary fixes and quirks:
     - name: Fix 8086:4909 external graphics card
diff --git a/tools/emitter b/tools/emitter
index aafbd7a..a7fdd82 100755
--- a/tools/emitter
+++ b/tools/emitter
@@ -1,4 +1,9 @@
 #!/usr/bin/bash
+#
+# Run ansible on all hosts older than the latest git commit.
+# Use argument "$(date)" to update all machines independent
+# of the last ansible run.
+#
 set -eu
 
 ## maximal age of file in minutes:
@@ -11,27 +16,36 @@ debug=false
 ## date of latest git commit in ansible repository:
 git_date="$(date --iso-8601=seconds --date="$(git log --date=iso-strict | \
                                  head -3 | sed -nE "s/^Date:\s+(.+)$/\1/p")")"
-
 echo "Latest commit in git at: $git_date."
+
+if [[ $# = 0 ]] ; then
+    timestamp="$git_date"
+else
+    timestamp="$(date --iso-8601=seconds --date="$1")"
+fi
+echo "Time stamp at: $timestamp."
+
 #dir="$(mktemp -d)"
 dir="/tmp/emitter"
 mkdir -vp "$dir"
-touch "$dir/${git_date//T*/}"
+touch "$dir/${timestamp//T*/}"
 
 hlist=""
 n=0
 running=0
+ansible_arg=""
 
 find_outdated(){
     hlist=""
     n=0
     running=0
+    ansible_arg="--tags=upgrade"
     while IFS= read -r -d '' file ; do
         running=$(( running + 1 ))
         $debug && echo -n "Processing host '$file' with IP address "
         d="$(sed -nE "s/^2\s+(\S.+)$/\1/p" "$file")"
         if [[ -z "$d" ]] || \
-               [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
+               [[ $(date --date="$d" +%s) -lt $(date --date="$timestamp" +%s) ]] ; then
             r='([0-9]{1,3}\.){3}[0-9]{1,3}'
             ipa="$(sed -nE "s/^3\s+default via.+ src ($r) metric.+/\1/p" "$file")"
             if [[ -z "$ipa" ]] ; then
@@ -39,29 +53,33 @@ find_outdated(){
                 ipa="$(sed -nE "s|^.+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
             fi
             $debug && echo "'$ipa'."
-            if ! grep -q "$ipa" "$dir/${git_date//T*/}" ; then
-                echo "$ipa" >> "$dir/${git_date//T*/}"
+            if ! grep -q "$ipa" "$dir/${timestamp//T*/}" ; then
+                echo "$ipa" >> "$dir/${timestamp//T*/}"
                 hlist="$hlist,$ipa"
                 n=$(( n + 1 ))
+                if [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
+                    ## ansible run needed at least on one machine, run it on all:
+                    echo "Triggering full ansible run!"
+                    ansible_arg=""
+                fi
             else
                 $debug && echo "Host already processed before."
             fi
         fi
     done <  <(find "$logdir" -maxdepth 1 -type f -mmin -$age -print0)
-    hlist="${hlist//^,/}"
+    hlist="${hlist#,}"
     echo -n "Running hosts: $running, to be upgraded: $n. "
 }
 
 run_ansible(){
     local hsts="$1"
     if [[ -n "$hsts" ]] ; then
-        if ! echo | ANSIBLE_RETRY_FILES_ENABLED=1 \
-                        ANSIBLE_RETRY_FILES_SAVE_PATH="$dir" \
-                        ansible-playbook --vault-password-file ~/.vaultpwd \
-                        -bi inventory.yml "$pbook.yml" -l "$hsts" ; then
+        if ! echo | eval ANSIBLE_RETRY_FILES_ENABLED=1 ANSIBLE_RETRY_FILES_SAVE_PATH="$dir" \
+             ansible-playbook --vault-password-file ~/.vaultpwd \
+             -bi inventory.yml "$pbook.yml" "$ansible_arg" -l "$hsts" ; then
             while IFS= read -r ipa ; do
-                sed -i "/$ipa/d" "$dir/${git_date//T*/}"
-                echo "IP address '$ipa' removed from '$dir/${git_date//T*/}'."
+                sed -i "/$ipa/d" "$dir/${timestamp//T*/}"
+                echo "IP address '$ipa' removed from '$dir/${timestamp//T*/}'."
             done < "$dir/$pbook.retry"
         fi
     fi

From 9590af9ba2b7ef7731d68805fb2a8947898ab094 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 2 Feb 2024 19:29:27 +0100
Subject: [PATCH 472/504] Minor fixes and improvements.

---
 inventory.yml                 | 226 +++++++++++++++++-----------------
 roles/lmn_fvs/tasks/main.yml  |   1 +
 roles/lmn_vm/files/vm-netboot |   1 +
 3 files changed, 115 insertions(+), 113 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 7313a3a..8bf7724 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,114 +1,114 @@
 $ANSIBLE_VAULT;1.1;AES256
-66633761313137346437356436366332303964316235643665363338323632656562336339326565
-6163373036366531373930326330303835663534316466660a393631653931333335306437313436
-31333364363064303365336138663439656630666565636532666132316633666633396338623537
-6465376331623462390a636563663661326530646237353239636630316634366238646530323462
-33633564613565333039663662353835366439303164633338366139343165626333323836613533
-36306133616634303961373035336239643866306539366138346663396265303662353765636330
-34363734303062363733663265616363626136373338326134306434323766393339393237393836
-63303336636264656435393261303965363639633932326130666232353265633661636339316334
-39626232346466313831643034643761313137373739653330386233343836636430626462636135
-62386263343131326439373163393230393732663862333530313533616537376133373032626466
-37613031633765303466363661643132656437356434383364323432636439323832346233363638
-33383234373935616166383237633434333639613936363231313732626562623834626462316531
-61356432643362646439636634393662353739376363623130646333326435336564383461323932
-64666331643462303262353064396437356262303232616164646136393638386565303438383664
-30646562383563323735623266386239643038393531366364386235663534363736653935316161
-32323533393465303830343131623365316466366130363233626535396331393034623363623632
-31303731346261666538306361356335336162356361376366653662383839333039323132336538
-66623230373065353137356132653132343866663165663732356338326634616530333661643836
-36633336383134313931663061653635366333633663343763383730333134323538313933343536
-39616635393132666535653339656363613431373461316263306130653530343638653562623866
-32613430643437636261313662306636656661313633383833646164306566303362373338643331
-39626232306465323239326561633135303163656539643036313939356666343564376264643434
-31343434303665323330343061353535306536653266393563643033323463323031386266303363
-64313439306139616438633462613239663566346263393431656230623766346539653134666166
-38656536303765393938333965373437633238623461326632613865636564373435333234383338
-66366234303731343233363730393939313536646531313435353065373466326665373133343331
-66313239636562666634366338663937333636326534346561653132633334323937333162336364
-31316364656166343931383039343638623138373639653263373635363031373731353735393563
-37303731643536363630363961343633313739393237336261653262336161666138343336343438
-63393166396462616562386265363263336337633837663562313338626365383063356331343061
-36646265633364366234333338616161363738653561663565626463356434343663363135623931
-62346338643462373636623235393739323964666138626464383161653638393532626465346234
-66393730633635643962353139616465623236313135346131333139396264313134653762316165
-63313830396130343439613961353836383737613566376333306263343061616663623135393935
-38656138633263383734303133393132366534666638623566633566623530666630656462386565
-33633961633261666538653535323465376437666337653931663361306466626465306233353964
-63336662326634386538353464373435373262626137626462613863346539333464656538373363
-36386338326630666563323034393762303035393538623032646565323432316364333362333739
-64666235346130373562666564663834386238636132343730326631393938643530616437393938
-35616137626632613537333965393537643833303139363034303266643165333234353431316133
-63656433643137383966333531623038366164656533643835616564343736366234353862636434
-66643066663061366132373735316563356532643639343563393662396330376239373664383637
-63353235343661346238353133613834623130653861343331386539336361623762393531303533
-34633932616535356130396263333664393836386531383531313836363134326665386333616636
-35643564353639656431343139323264323936346336656163383836356662336337326562626336
-31373938613537636335393863373366323430623365373137323539353435633931383866313863
-34613661613235323733393461356161303134386332323031626635666238336337643466326666
-61353363353536376538323032386462323531626539363066636435633733356132353930653363
-64626238636364323034623761306639393939653038366537633939626236383162616162663136
-38363439656435633761376462663165613365373664333733316339326435316231633930366236
-39343934343337663938363234343838366263623436373230323365346635313435343733346635
-61633066663134396134333664376365353431663331383362316538343135626564313561393839
-62353737333163376234383561666231666537386565356133303339363937316534363265346464
-39393432666563386636653563366232316638393237393434346235613264353764633037363163
-39393865333734323139333865393363633636343931633832386364353766376161306639336134
-30386239373231616139346439353233613630376230373264343064383036323161386365396234
-64666337336230343662383863323062323733303535663935376532323336643262373437613834
-35313962636531643435373362393063616230613964383839383138653131626363363236376438
-35313131393831623966666132626661636339303761616265316232363039363036343263346565
-31633737653432323431376134393765643234343461376465643831303666643931653963346365
-62323530633332613266383133663961356332356637636261373666663565633732363465393462
-37376564636463643930373062343763353764353835346134313865353236373835323235383561
-65613038663538396463343863633033313632666131323535316136656261366637326131356230
-61383238376433373166396132346265623034666231346261623064383539623539343665336239
-33386536336363383134663432626139616532353335383431336635396531333833326137353662
-36373866393533663934363861303464313137626337623065613033666430366138363662623862
-35303734333936656163353962313566353337396661623861336134643231363532303939623335
-39376332386635326537633431313562376336626334333534646537613036326136386339333934
-36323865633362646662306438303632616166663462356661336262386461393933363433343231
-38613932663836633866396364326538303839613163633632653865643334343331663561353334
-38386365303433626530626233666632326632616332653465613933313865333134613932663362
-32386161346333653732366138666263666637623131393936396535333064313166656262613339
-37346162353866643131363530656236323535663732363134333931373736663432363861613063
-66633537353461383131653735343663613630323063393162656433303831303862323335626366
-39373664666431363462373634613636653033386463373537323461613730363031386463633030
-37616362353433376561343863393361353533356438313061653664366661373238656261336437
-32616536656464396563633164323239616265366233626432613331383839663230623662376131
-62326633646665303635653739643239323763343839663864663336386261316639633737396264
-66623635393137346133303764613138356561636134343566613366666365303762313639626666
-62633834383662336561396661343634376438666264653135393761356339366264356639653065
-35616235303063623263363730393137396139336532363262393338373937613964396161333331
-61323339636163613238353662333637383064343665386334643566393066356165323637306135
-36666538346232313637333066356636303434373731383338653762646433633637373630353339
-32353464326637393639643631623837346661653464633164653930666338306363313434653832
-62353536343764623430616163613663323934616331313433643039383966316437653033343962
-33323062346233343730643436373936626535653433323432643235623966623434613365343238
-34643163333232393333663134656364306562303964636631396463663432633964303862643635
-61386461306266626338613533646164356237343862353366663138326163613162303234386134
-65363737323930303537623134636266346330363437383434373664323536303433346536333736
-32626332343730353934356633353831656436353131326264333538643461323631633436636335
-62313738613661383238636237613034373930343964353030353434356361646138653537386237
-39393236383131616234366466393863313133666366383361306631636334316633313834633539
-64346364663862663935663037326664343133333765333437336131393961643139313436343733
-61633937343465336332376636313364383336616461346566333734633062643532333262363566
-32336334633833663733623132363737383232633231636438636264653635306634383465306630
-35613136666135313065613062616535353333353662633961343334336137616464616262316133
-31363661386536383833616435316466646639636238346365363461343137303836313766393966
-34353436636565623739656136386236383461666461653032386664616563303766663635653866
-31326537343330323931343163326630333335366437373363653436363438356365363965326237
-33343365633837393831303266376634333961333231663937656662343963643433366665643433
-39366430386134356332393665646563363537663132333937643762366334383931633637663730
-32623037353332333663613331376562616130656265623863326534376335303530386564313763
-65633732393936386133313863393664303530393761336661623732633661663465393130356333
-36343932396431653566626430643062323233613933383465656335633066636166376561656339
-38333233633765363833343734323264363265643464343765653032383330393739373433323738
-31613166633865333764633562663162326534623236633435663038333765306638643930663638
-36373065636331643338343931343964643766373764363737333831363061336262353662656537
-38306539376665346461646233383761383764366432636138663936366434396664303661356433
-34333734356661366637643034656331396164353233303739306161633236333965313161623763
-65613637346235653431633537666431323930666231363038316632633935326233303861383961
-37363039373539666237323466303264613839366239386337303036313732613034663762666337
-33346261383261363566313333666130393463623062343030623338373261646537316137623163
-3065
+63326664303233663339656463343839323837366433383038373332373536613038333538393534
+6536636139316238653431303736363333303465326631390a386434326334313338323863383262
+30623931313333396335306466393138646530313239396437313133383563373739616537616265
+3938613532643835650a333030633265356261653161636333613331356166373036363266653937
+35383434386263326539613165366538366465396135636562353462356633326139353862326163
+33393931353034306265663139663535333564653365623661323534663734356264633162623963
+66313162653131633465616536353832326165373431396334336231356165376533653632623032
+35313036653036653530313636396632656562366335646536643433373030643762636463333037
+31303462306333356537386130613634383364663832316163323834356266326363656364343264
+38386564356331316666306361653662393633343264323330303930356236336333323564303366
+64376439396539366561626335313138313132386666396564343133376362633634393837613065
+61343135363963633932373235393962316362613233653539666535343535323130376461626664
+37346536336166373134383263333337353435373139366135663364333162383266393635653838
+37616363373532313339646530616339643230613261633830656234663862356162323466333238
+65363761323339363030313565656436643439653933666230343430633032616362663930373161
+63346439333961613535643630363261376436636565313463653632303763613366646164653561
+66313962633238633537636261353366313939316530356132383132333162316262393365373265
+34353733386232396466353865653364633865616130633361383537303333643030643338613766
+34646539633732393137623335323937343834636361643331343131323834363336653864306232
+34353239396263633564326234366638333439353830396537626663363231373733653663376639
+33376336643931666661336234646635386332646634346264656466333130666238626662373134
+36376333376165663565363864393637666661316136383964646331353239396632653330326632
+64653430323332353565336463363463356439386630623066313434353865363863343965366134
+64376236646532656135306265333238636564663738353131366362366164313639393534653934
+39333464653661303764353764653765373862653535323933353532366233626337616334316161
+34353138356361373865386431623230623138646163343664373935633038306333643831653638
+30663537643566393762323765663437353236653162613535643165376231333866303363326130
+65626534316331616136343439366432343734616537363966316438663839643661613563346237
+33386532643661613663623830346634376338663763373931386435343335613838303337313633
+32626635626261636661313134366464643763326162663736346137623765346562393339336132
+66313961396534636166386463663363616163643230383165653864393566353863313135363962
+38626161313164666461323431376635363461393031353234646330643235386232356439333661
+35646561373638306362623061303537316463363962376632643736656562376437376533313464
+35613465666639353936323932393039616630396530663135336334613038326365313637626437
+32663666643562386430393039336463353863653431326263613032353761343865326234336637
+39646134353439386630386635626365353434353065336334653238346532623563663637623162
+37386332383439353436653630393534353963363765646332356135623537653738373835653766
+31313965643134303565336437653665303430653531373164366261333532396662343261363230
+62333661353461643362656639303334313038623561306639383266363365656239356665613766
+39643334656166643162303362626665663633343030626237313930613065636162623937643332
+65663836376435666433306434376332363364393866633832343236363434343363306230336663
+65313363303335353966366132343530373966623036343936346537613666306466303762383234
+39656430333837636231336462636535343464386633656633353838633865323535303230303839
+35326165353038373238346230396137386132336566346539373064313637616136623262306162
+32303237653461653230383766306134393834376566333062353732373831393665663831616235
+64366331363861646363383131313534303965393165646130336561396430323366646538363034
+32363536323135346438353932326565306262666666363735393735613463376435343135653831
+36386237626364613239616263313037663730333734396339313034333036656330323033636162
+61656161633262393535396464656164313365306131313062316266326461303162376633383863
+37643164656136366237343539643638396564303633316633656338383731393132656638653339
+35653035643861646137616363383230623466396536393430373865306136303635346535623837
+32653462616436343639633033326465346365386463643232616531383761303738353037396663
+62613962393836663832333466363066613863663163613937643334646661663937373331306364
+66666538633634383961316532313238343637383532376436643738303932383465303631393836
+31643135356332666530313633656633323561353139656566306666613534376666353233633932
+35653436663461616331313037363031366563643433373365663663613936643030663463333639
+65353062303161363466336366323531646437616238643561326533376161383137383930333066
+37643330656162333538323866313232396666323565623836393033306331366330303831626433
+62346164663864363533646366643662386161343033396438353533386266393230323538663962
+66663730616361393364643565616538636633333230636266663864306539616165663265343432
+66373537313837316366363061343233353932393337393133646565653834656363323164313331
+63663639663434643734343461316430613139303761383638653633306430353162306539636533
+35623661333939633436393934663066386438313539643163376234653135313865323636653261
+39643662356562343239373265386666636166663335663331623663303136393930663866333365
+33363934646564333532383666356236383032386366313764346263623864373737303965333236
+39333234613535353062663233373565336335333662313631613861306430343437396366646631
+64656337373230633036623131303433353138336536613233316535353637386461663632636238
+30656663633931373730366163323431656361326635346265386137623565666161613931366137
+32366539613863613561313164363339313635336365613133613139396665356234663739316666
+34353638616331326663613134663135363037306662666162346566623832646338393530396636
+39353162323332373235633031366439303962343139646134653630626362396465373133636462
+32613632616264333833656133326339643461373534396439666164303538323531383231376334
+39633931323963646632653136323766343565653066353764346466356335646434373562363562
+62623530376435363838663663616161343161646566373364393836346137373134323236613966
+64636431346131363839386265633330366464643062356631366336343738633837343966386264
+32313537373638393961396365663337636233303031646439313337353532336565363661643361
+63613131356265643662646535633862303537656664343931363265653732633633653534353235
+61383861333561356666356537366436663633316666323137366266666562366430666461313961
+39363332356361646339396663613836323133623763663939613737323962383633333330666266
+39396363643132323262643831623430313735666365336566306266323632363238646339333832
+32613161373034633065313036346562656237633264653535663666393538343166613561626432
+65656464393939393333373430353233613566626430646431356339316133633830353566616339
+31336366356638393462623835376235613137646338396331643937303362323331643164626632
+66386438303433303932663064623735653035316435633639643464343465346164306635323130
+61383361616366343534366336386337346233653866633339646566346538393762333835396661
+66343164353636623637373630323838333531346566323532386338646538323833616439346433
+35316566383333353537613765326665336136396564326661633933306237376433353138636461
+38633164646534616265356231626166636134323662323232393630326531313266383064313564
+32383165393038663236353331393163396465616536343463336132663835626662623831323034
+38346639373261396161623861386565336136363635356530366166643639613565376362666338
+31616136353733373931376166653432323566613335653964303536363662393261306633656131
+62343332386638643634656665636233616635656637353531393461636239343664343066613763
+65633836346238626339313164383036626264376265633638383732326338323432353837306638
+63666266326665313065636139613538313536366639373330636530343237653438343763346332
+64313735633132636239643236626439613833373861363433643434666535326337303266383232
+31613361643935383961376461663338313263303865346332313934666639646633353233376537
+65336538353263376530373734663336353638313136656430653537663135663266656365343666
+31393264393831366536376565356463653635333037373266613436653934643231656165383163
+35613837633633623031326631393233613836313039326236363061353536356132373534373165
+30346361323637656439633562373532653465636636373361663830306139323365303433656235
+61393364663937366464373734663734653134356665616532646530386666393734376536643630
+39326636386166376134336666363234306262666632626663656462343664393365366130393731
+30343165353035333066633564613061393631323034623561636532346564356339373466643666
+66666565626539383936346331383133323663666133333235393134353465643863356337656662
+35323165393033616135376662393463313639653866393366653932323963386263613733646565
+65643961643130633666666663613131356630303566386334633763356664383662353731346563
+35333536636165343936613463653663306639343436626265393065653036353064363861623037
+65386635663933633137303765326665353462633762393130343233316533373438373837393066
+66633965333762383437353937656265373639306534323139643630626363623165323664633963
+61613936303463356164333164623437626434303066313633303135316138663137306564656462
+65366236636664653330326132376464653161633166363963383961636635663365306464333634
+64663234306565336461393539363465353734646533393930636130363234316335376531666362
+3239
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index afffe10..cf5d2e4 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -53,6 +53,7 @@
       - shellcheck
       - sigrok
       - sigrok-cli
+      - texlive-latex-recommended
       - tmux
       - tree
       - ttf-mscorefonts-installer
diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index dbb13bd..723b366 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -54,6 +54,7 @@ http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
           --name "$img" \
           --osinfo debiantesting \
           --nodisks --import --noreboot --transient \
+          --controller type=scsi,model=virtio-scsi \
           --install kernel="$kernel",initrd="$initrd",kernel_args="${kargs[*]}" \
           --network "type=$type" "${arg[@]}"
 

From 1e91e30a3f909410cf0f10880f763f2f4767420e Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 4 Feb 2024 10:07:45 +0100
Subject: [PATCH 473/504] Add RAM option to allow exploring DHCP.

---
 roles/lmn_vm/files/vm-netboot | 42 +++++++++++++++++------------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index 723b366..35549ba 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -4,18 +4,15 @@
 #
 set -eu
 
-menu=(standard "CLI Standard Debian GNU/Linux"
-      kde-desktop "KDE Plasma Desktop Debian GNU/Linux"
-      gnome-desktop "Gnome Desktop Debian GNU/Linux")
+menu=(standard "CLI Standard Debian GNU/Linux NFS"
+      standard-ram "CLI Standard Debian GNU/Linux RAM"
+      kde-desktop "KDE Plasma Desktop Debian GNU/Linux NFS"
+      gnome-desktop "Gnome Desktop Debian GNU/Linux NFS")
 img=$(dialog --clear --backtitle "Virtual Machine Chooser" \
              --title "Choose the Virtual Machine to Start" \
-             --menu "Start VM:" 12 60 6 \
-             "${menu[@]}" 2>&1 >/dev/tty)
+             --menu "Start VM:" 12 70 6 "${menu[@]}" 2>&1 >/dev/tty)
 
-if [[ -z $img ]] ; then
-    echo "Starting VM canceled."
-    exit 1
-fi
+## If the menu is canceled, $0 stops here because of set -e
 
 mac="$(ip link | grep -A1 "vm-macvtap" | \
           sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
@@ -31,24 +28,27 @@ fi
 
 kernel="http://livebox/d-i/n-live/$img/live/vmlinuz"
 initrd="http://livebox/d-i/n-live/$img/live/initrd.img"
-kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de \
-                 swap=true live-config.timezone=Europe/Berlin netboot=nfs \
-                 "nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
+kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de
+       swap=true live-config.timezone=Europe/Berlin)
+
+case "$img" in
+    standard*)
+        arg+=(--autoconsole=text)
+        kargs+=(console=ttyS0)
+        ;;&
+    *-ram)
+        kargs+=("fetch=http://10.190.1.2/d-i/n-live/${img%-ram}/live/filesystem.squashfs")
+        ;;
+    *)
+        kargs+=(netboot=nfs "nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
+        ;;
+esac
 
 type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
 
 ## FIXME: use passt, needs more settings for correct DNS/gateway
 # type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1
 
-case "$img" in
-    standard)
-	arg+=("--autoconsole=text")
-	kargs+=("console=ttyS0")
-	;;
-    *)
-	;;
-esac
-
 http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
           exec virt-install \
           --name "$img" \

From 191948cf8a8b4115876d07a236734a7b20d83c4c Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sun, 4 Feb 2024 20:10:46 +0100
Subject: [PATCH 474/504] Enable proposed-updates repository for some hosts.

This makes stepwise upgrades and testing on parts of the
infrastructure possible.
---
 inventory.yml                    | 227 ++++++++++++++++---------------
 roles/lmn_network/tasks/main.yml |   9 ++
 roles/lmn_sssd/tasks/main.yml    |   6 +-
 3 files changed, 126 insertions(+), 116 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 8bf7724..0dcc8e3 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,114 +1,115 @@
 $ANSIBLE_VAULT;1.1;AES256
-63326664303233663339656463343839323837366433383038373332373536613038333538393534
-6536636139316238653431303736363333303465326631390a386434326334313338323863383262
-30623931313333396335306466393138646530313239396437313133383563373739616537616265
-3938613532643835650a333030633265356261653161636333613331356166373036363266653937
-35383434386263326539613165366538366465396135636562353462356633326139353862326163
-33393931353034306265663139663535333564653365623661323534663734356264633162623963
-66313162653131633465616536353832326165373431396334336231356165376533653632623032
-35313036653036653530313636396632656562366335646536643433373030643762636463333037
-31303462306333356537386130613634383364663832316163323834356266326363656364343264
-38386564356331316666306361653662393633343264323330303930356236336333323564303366
-64376439396539366561626335313138313132386666396564343133376362633634393837613065
-61343135363963633932373235393962316362613233653539666535343535323130376461626664
-37346536336166373134383263333337353435373139366135663364333162383266393635653838
-37616363373532313339646530616339643230613261633830656234663862356162323466333238
-65363761323339363030313565656436643439653933666230343430633032616362663930373161
-63346439333961613535643630363261376436636565313463653632303763613366646164653561
-66313962633238633537636261353366313939316530356132383132333162316262393365373265
-34353733386232396466353865653364633865616130633361383537303333643030643338613766
-34646539633732393137623335323937343834636361643331343131323834363336653864306232
-34353239396263633564326234366638333439353830396537626663363231373733653663376639
-33376336643931666661336234646635386332646634346264656466333130666238626662373134
-36376333376165663565363864393637666661316136383964646331353239396632653330326632
-64653430323332353565336463363463356439386630623066313434353865363863343965366134
-64376236646532656135306265333238636564663738353131366362366164313639393534653934
-39333464653661303764353764653765373862653535323933353532366233626337616334316161
-34353138356361373865386431623230623138646163343664373935633038306333643831653638
-30663537643566393762323765663437353236653162613535643165376231333866303363326130
-65626534316331616136343439366432343734616537363966316438663839643661613563346237
-33386532643661613663623830346634376338663763373931386435343335613838303337313633
-32626635626261636661313134366464643763326162663736346137623765346562393339336132
-66313961396534636166386463663363616163643230383165653864393566353863313135363962
-38626161313164666461323431376635363461393031353234646330643235386232356439333661
-35646561373638306362623061303537316463363962376632643736656562376437376533313464
-35613465666639353936323932393039616630396530663135336334613038326365313637626437
-32663666643562386430393039336463353863653431326263613032353761343865326234336637
-39646134353439386630386635626365353434353065336334653238346532623563663637623162
-37386332383439353436653630393534353963363765646332356135623537653738373835653766
-31313965643134303565336437653665303430653531373164366261333532396662343261363230
-62333661353461643362656639303334313038623561306639383266363365656239356665613766
-39643334656166643162303362626665663633343030626237313930613065636162623937643332
-65663836376435666433306434376332363364393866633832343236363434343363306230336663
-65313363303335353966366132343530373966623036343936346537613666306466303762383234
-39656430333837636231336462636535343464386633656633353838633865323535303230303839
-35326165353038373238346230396137386132336566346539373064313637616136623262306162
-32303237653461653230383766306134393834376566333062353732373831393665663831616235
-64366331363861646363383131313534303965393165646130336561396430323366646538363034
-32363536323135346438353932326565306262666666363735393735613463376435343135653831
-36386237626364613239616263313037663730333734396339313034333036656330323033636162
-61656161633262393535396464656164313365306131313062316266326461303162376633383863
-37643164656136366237343539643638396564303633316633656338383731393132656638653339
-35653035643861646137616363383230623466396536393430373865306136303635346535623837
-32653462616436343639633033326465346365386463643232616531383761303738353037396663
-62613962393836663832333466363066613863663163613937643334646661663937373331306364
-66666538633634383961316532313238343637383532376436643738303932383465303631393836
-31643135356332666530313633656633323561353139656566306666613534376666353233633932
-35653436663461616331313037363031366563643433373365663663613936643030663463333639
-65353062303161363466336366323531646437616238643561326533376161383137383930333066
-37643330656162333538323866313232396666323565623836393033306331366330303831626433
-62346164663864363533646366643662386161343033396438353533386266393230323538663962
-66663730616361393364643565616538636633333230636266663864306539616165663265343432
-66373537313837316366363061343233353932393337393133646565653834656363323164313331
-63663639663434643734343461316430613139303761383638653633306430353162306539636533
-35623661333939633436393934663066386438313539643163376234653135313865323636653261
-39643662356562343239373265386666636166663335663331623663303136393930663866333365
-33363934646564333532383666356236383032386366313764346263623864373737303965333236
-39333234613535353062663233373565336335333662313631613861306430343437396366646631
-64656337373230633036623131303433353138336536613233316535353637386461663632636238
-30656663633931373730366163323431656361326635346265386137623565666161613931366137
-32366539613863613561313164363339313635336365613133613139396665356234663739316666
-34353638616331326663613134663135363037306662666162346566623832646338393530396636
-39353162323332373235633031366439303962343139646134653630626362396465373133636462
-32613632616264333833656133326339643461373534396439666164303538323531383231376334
-39633931323963646632653136323766343565653066353764346466356335646434373562363562
-62623530376435363838663663616161343161646566373364393836346137373134323236613966
-64636431346131363839386265633330366464643062356631366336343738633837343966386264
-32313537373638393961396365663337636233303031646439313337353532336565363661643361
-63613131356265643662646535633862303537656664343931363265653732633633653534353235
-61383861333561356666356537366436663633316666323137366266666562366430666461313961
-39363332356361646339396663613836323133623763663939613737323962383633333330666266
-39396363643132323262643831623430313735666365336566306266323632363238646339333832
-32613161373034633065313036346562656237633264653535663666393538343166613561626432
-65656464393939393333373430353233613566626430646431356339316133633830353566616339
-31336366356638393462623835376235613137646338396331643937303362323331643164626632
-66386438303433303932663064623735653035316435633639643464343465346164306635323130
-61383361616366343534366336386337346233653866633339646566346538393762333835396661
-66343164353636623637373630323838333531346566323532386338646538323833616439346433
-35316566383333353537613765326665336136396564326661633933306237376433353138636461
-38633164646534616265356231626166636134323662323232393630326531313266383064313564
-32383165393038663236353331393163396465616536343463336132663835626662623831323034
-38346639373261396161623861386565336136363635356530366166643639613565376362666338
-31616136353733373931376166653432323566613335653964303536363662393261306633656131
-62343332386638643634656665636233616635656637353531393461636239343664343066613763
-65633836346238626339313164383036626264376265633638383732326338323432353837306638
-63666266326665313065636139613538313536366639373330636530343237653438343763346332
-64313735633132636239643236626439613833373861363433643434666535326337303266383232
-31613361643935383961376461663338313263303865346332313934666639646633353233376537
-65336538353263376530373734663336353638313136656430653537663135663266656365343666
-31393264393831366536376565356463653635333037373266613436653934643231656165383163
-35613837633633623031326631393233613836313039326236363061353536356132373534373165
-30346361323637656439633562373532653465636636373361663830306139323365303433656235
-61393364663937366464373734663734653134356665616532646530386666393734376536643630
-39326636386166376134336666363234306262666632626663656462343664393365366130393731
-30343165353035333066633564613061393631323034623561636532346564356339373466643666
-66666565626539383936346331383133323663666133333235393134353465643863356337656662
-35323165393033616135376662393463313639653866393366653932323963386263613733646565
-65643961643130633666666663613131356630303566386334633763356664383662353731346563
-35333536636165343936613463653663306639343436626265393065653036353064363861623037
-65386635663933633137303765326665353462633762393130343233316533373438373837393066
-66633965333762383437353937656265373639306534323139643630626363623165323664633963
-61613936303463356164333164623437626434303066313633303135316138663137306564656462
-65366236636664653330326132376464653161633166363963383961636635663365306464333634
-64663234306565336461393539363465353734646533393930636130363234316335376531666362
-3239
+32303461343633383666333339333262333762643838373665653431333135346363343062333463
+3130396663333866623733626265613433363133396561660a333266323331386662663066636466
+64376662306563333535313135343362646533623639316531636633323831343431396231333362
+6364656363346464310a313264656362376336626539643639386264326462356163363837646663
+33633330396639313339313137653039376261646237613931336133306238313565386232366236
+65346631646663633564343466353235626664653063373962306530613338653731666231663265
+37663766313736653562386366646162396437326439623134306466343535663964393636643561
+66613439323966313534303234663930643766386437376639653331643865326231306434373237
+34346139663262376162366565343765303538336532323937636335636437303066643437363838
+66373637313237666639653132316235633632616464656638666432653861316462376330666264
+63366330313962373237323831303235633963306433306262313036653834363863363735613931
+63376136333931646163393337333565383532303837613762383234356637346563613930303330
+65623635643961646161376137633736306262613665393763356538613530323436303164646461
+30663265363364313439356134376435656333636132623534313137393038343936633264366261
+34393761333431343331626165303638663035303831363962376434646635666439383964636534
+63343639343934663663663761616139336434656230376638383531343062623836363339653266
+35393536386436656130623734306330363161636234396464623936663335393561666234386464
+61373262373731613039663638386463383131393832373634336563383139616163363830316564
+33303762346534336431633663656335373237336433363065363337373730636336636563626634
+30653236363166616531393936333134383339303930613434313132323232393666643436373232
+39306132333866626635386134633133343862323338326138623230373239363963313963626534
+36646466623333323966306531656537376234353832333237613361623730363630623464613063
+61383633616366393939373062643637306636663965303235363936663361636165353063303864
+66623134363736323634333838633065616130333439626466666530383535363066336662363131
+65626438313563303261313434613639373438633166616533623739316239323661653461306364
+37383531626335353637333734343638613365656636313164626135303834626330333332643830
+62323566316662326161636134666563333135653934393761303062333763376139386135383264
+34333066366366306534343533623833666430636438623465396431623334323636396262373562
+33623239666431653030393766343436623863373435303863633735663065306666623634356335
+35306130616333306438323434616139316666633262346261633963623234633438393737323062
+39313062353336386339663735363363663932356238346439656635643734623431323433636165
+62356233383530346661613338353735623662643030303363396263373337383532636438343937
+36333664326263636331356536623036336566663963303165313665353532326239326266663232
+64386430383861653462643737636634653838333230653235356666633964376566623037636337
+37323536666531333835373034393438313031323931653633633365656331653038376537333139
+64393331386131366538383530366332376131373738353135616138643338613139643835396665
+36623331336331633961613831643834383332306135396633613135663131653035303966393461
+37306532353931336463376362316531383630373634663262313432386639646133633431363138
+35306331623337353234656236653263616161326565366537393535313234393236653233316532
+63636238393038646166663038636134653466633863313637643139383566376636363663663363
+39393564333431613664643937356364343564386563393661623563656531303539323062326237
+63653965313862373964363734653765343431373866643835663538356239656432646466393163
+35313130616138346563323937363266636236323063323233353761373332376234336266626462
+34323038303564336462323461336166313862316665363031356238616535656266326135396666
+61333962316331353638363939373532376438643638626162373836343838366435326237363362
+38653931623932313838613538356561636433313935323233633063656632376663323966663839
+37666332376266633865383161336638633363386238376363353935393236613266306138356338
+61643930646665313135656438386161663365613866353934386439356534333062363333306132
+61626234383234393332663765633136633063656130313538353564373836613462383362663230
+62376338646262303337333537653566636434636538646637356333663566396332366462303165
+31323835643033333965663036353561616566343237613830316462363264643865363361623464
+31613831363436666563636165383461386265663865623833373963383830343661656330376530
+39306231303661616437313333346630313536633637303862633437383231336436306132336138
+34623138376234653635353736653639393866356638663463303331313462353662613436333362
+63643265333237633366656462323063623537326230643531356363636539343139663636353663
+38323639393964383666646235353763643865366161363138643838343332623934343464353562
+39363534363238373131393663613330353563383131373831623630653164666130396436613765
+38616139646538633563313836656365326164306635313965303562383935343333323935666534
+38633534356332303030353430626331376438376339613430376132323235653033643431373135
+62326630663062303532636561313731346465313132366332356264333963643838386535393634
+62633265616436373134643339666339653661666164313266323838633661656565386461333866
+33393163303066353336326533373461363062306131613538636637623239323830313038313739
+64313164666165396134373863663533303861393136333735613339383763383862393837656435
+61373235326463306431386638383665616633623466353561613233316262356636663634663264
+65316437303363633335373838326632653264323430313866363435633938363936663430333562
+62393835346236663337313435343135303336326664343363623434326438333838633432326639
+62316636356465623235376236646430616530336662306137633137336461616331626366316166
+30376162623234346461396532656464386635333838313638393261653434646466383765346236
+63666538613866656237343631663935353139636435666338623966396161323966336266336665
+62613738346632376363353839373066613963353032643065356137656666653532656634323762
+64383263333264386233303861303439363936653538313761306665613836643263393035353638
+39316238623538633730643234313963643831363533643136313732326561373864303164653536
+64363636633764336362343566336232346666626461323833306339666431343761613562643835
+61376263396531343139323231303437386633663638323033346666386362366533633832393761
+61383731616339633162343231316461366636656463373565373635613036613963326538306433
+32396334616336356463313263336633643865356339373132356562303861363361346461663936
+35666436386130663161363364636365313234356235346230336664303536646632386630373834
+64623130323038663563636264633964613666333734386662326637626461656436336430396662
+32376263653331393833313666343261346136383534653832653366373561376166323463303735
+31366630373435663961353363656139303266353638376330666537353934383532376265313732
+62323665613763666639613038626566633763626162363034383034323335363331653064633865
+37303366383731306463643534626466643831363830346531623564353238323436353632383165
+31353835353439636538356166616231633831386261323966303663313333306165613265366635
+34656232386235623036396131616162663730333162383561326436623666626130323164376337
+65363133663332633832663936646130613762393464663835356661613232643665636537323937
+65653330303465376662623433363933333637613532333231393736343565643638653734346439
+31613433626362336637383261626163656630623061346235363063663961636530663032366533
+64353932663931396231643738393064616239363964303764636665333433616265333737333664
+39353231336266643536326462653533613330373062393964393766373966656133663135306462
+61353062326438366165373331653936313130656465313734356664643731333133306338626465
+39386664373064623837366162373033353333333338363230393262633130346636343939633536
+32316136373061396330623266633561623238623839626262623564656234643037303636616364
+37343337386464636633623563656436353761363363383138616362633631663335323830616566
+37333062663137643764323731303965666536326539393063633262383539343938326633666135
+38646631333463376339323865613938326530643836343763663435613234323562623830633266
+64363065376432623861313165353130383538323831663238363938386533633637626163616461
+62363662636431613964613761646434313034643830353331343737646266343233346337643364
+33346234616237303865613531656561343366613938363962336631323664656330643461373664
+36613533326165323039626338613765373337326136306334626238363830323334346634643938
+65613634646565646631616362313231386261363664343163336332303433326634663530663537
+35373663376562613131373734316139653935333966356666396236666530373734313237626432
+32623130663839346263383538353664363134663733386238376637666434323161333537353234
+35346133626565666563386162303165353430623432366365616436383037663739303365663738
+61373664656232303035633534393130653036316465306562396364646338666364366137373338
+66613635383834653835306266623738366233396538363166353163333839626638646562323535
+33313531323361626239363965633664346338623731333336376165353664336235643531383630
+61656263343538303036643737343633616338653434653033313763623565366331616133636166
+64353662346638636534626336353861613234646365316436313437646161613735653661316130
+31323762363465666639663137336263623937326261313030633830313234363936383766343531
+63643133386236323263646663316639393964636462663862623831306338336335303964383364
+37373865353330386138346235643537663366316466386565383633316664363038346439396565
+35373334616239303739373235366232646232303234326661303933336632656235383635616131
+32626230343531393265366466303362326562353130393739653637303333656263376336616133
+6561393566663363613936333561653030366535356534663962
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 853f4b6..c6bec56 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -19,3 +19,12 @@
     path: /etc/systemd/timesyncd.conf
     insertafter: '^#NTP='
     line: NTP={{ ntp_serv }}
+
+- name: Add proposed-updates repository
+  apt_repository:
+    repo: >
+      deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
+      main non-free-firmware
+    state: present
+    update_cache: true
+  when: proposed_updates | default(False)
diff --git a/roles/lmn_sssd/tasks/main.yml b/roles/lmn_sssd/tasks/main.yml
index 082af5c..069f67c 100644
--- a/roles/lmn_sssd/tasks/main.yml
+++ b/roles/lmn_sssd/tasks/main.yml
@@ -1,5 +1,5 @@
 ---
-- name: install needed packages
+- name: Install needed packages
   apt:
     name:
       - sssd-ad
@@ -7,7 +7,7 @@
       - adcli
     state: latest
 
-- name: provide identities from directory
+- name: Provide user identities from AD
   template:
     src: sssd.conf.j2
     dest: /etc/sssd/sssd.conf
@@ -15,7 +15,7 @@
   notify: restart sssd
 
   ## Either one of the variables is defined:
-- name: join the domain
+- name: Join the domain
   shell:
     cmd: >
       echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |

From eeec281bb02070685f6e317c6ec2b02d616255da Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Mon, 5 Feb 2024 08:21:11 +0100
Subject: [PATCH 475/504] Fix path for RAM image.  SIP client on request.

---
 roles/lmn_fvs/tasks/main.yml  | 1 +
 roles/lmn_vm/files/vm-netboot | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index cf5d2e4..3079016 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -57,6 +57,7 @@
       - tmux
       - tree
       - ttf-mscorefonts-installer
+      - twinkle
       - unison-gtk
       - w3m
       - wireshark
diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index 35549ba..a60a783 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -26,8 +26,8 @@ else
     arg=("$@")
 fi
 
-kernel="http://livebox/d-i/n-live/$img/live/vmlinuz"
-initrd="http://livebox/d-i/n-live/$img/live/initrd.img"
+kernel="http://livebox/d-i/n-live/${img%-ram}/live/vmlinuz"
+initrd="http://livebox/d-i/n-live/${img%-ram}/live/initrd.img"
 kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de
        swap=true live-config.timezone=Europe/Berlin)
 
@@ -40,7 +40,7 @@ case "$img" in
         kargs+=("fetch=http://10.190.1.2/d-i/n-live/${img%-ram}/live/filesystem.squashfs")
         ;;
     *)
-        kargs+=(netboot=nfs "nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
+        kargs+=(netboot=nfs "nfsroot=10.190.1.2:/srv/nfs/debian-live/${img%-ram}")
         ;;
 esac
 

From d285b9dbf034de01ab8a01e55d883ece898ae03c Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 5 Feb 2024 12:59:23 +0100
Subject: [PATCH 476/504] vm-upload must be run as user root

---
 roles/lmn_vm/files/lmn-vm      | 2 +-
 roles/lmn_vm/files/vm-rebase   | 2 +-
 roles/lmn_vm/files/vm-upload   | 5 ++++-
 roles/lmn_vm/handlers/main.yml | 8 --------
 roles/lmn_vm/tasks/main.yml    | 9 +--------
 5 files changed, 7 insertions(+), 19 deletions(-)

diff --git a/roles/lmn_vm/files/lmn-vm b/roles/lmn_vm/files/lmn-vm
index 4f90db8..7d4011e 100644
--- a/roles/lmn_vm/files/lmn-vm
+++ b/roles/lmn_vm/files/lmn-vm
@@ -22,4 +22,4 @@ lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
 %role-teacher ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
 
 # vm-upload:
-%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-upload
+%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-upload
diff --git a/roles/lmn_vm/files/vm-rebase b/roles/lmn_vm/files/vm-rebase
index b235760..4182390 100755
--- a/roles/lmn_vm/files/vm-rebase
+++ b/roles/lmn_vm/files/vm-rebase
@@ -72,7 +72,7 @@ qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
 if [[ -v NEWNAME ]]; then
     NEWNAME="${NEWNAME}.qcow2"
 else
-    rm "${CURRENTBASE}"
+    rm -f "${CURRENTBASE}"
     NEWNAME="${CURRENTBASE}"
 fi
 
diff --git a/roles/lmn_vm/files/vm-upload b/roles/lmn_vm/files/vm-upload
index 732b59b..1fbdda3 100755
--- a/roles/lmn_vm/files/vm-upload
+++ b/roles/lmn_vm/files/vm-upload
@@ -16,7 +16,7 @@ upload_image() {
         echo "File not found ${VM_NAME}.qcow2" >&2
         exit 1
     fi
-    sudo vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
+    vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
     # link private VM-Diskimage to system-Dir
     if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
           &&   ( -f "${VM_SYSDIR}/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "${VM_SYSDIR}/${VM_NAME}.qcow2") \
@@ -26,6 +26,9 @@ upload_image() {
       ln -f "${VM_DIR}/${VM_NAME}.qcow2" "${VM_SYSDIR}/${VM_NAME}.qcow2"
     fi
     cd "${VM_SYSDIR}"
+    if [[ -f "/tmp/${VM_NAME}.qcow2.torrent" ]]; then
+      rm -f "/tmp/${VM_NAME}.qcow2.torrent"
+    fi
     uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
 	       --pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.qcow2"
 }
diff --git a/roles/lmn_vm/handlers/main.yml b/roles/lmn_vm/handlers/main.yml
index 53ff53c..6af3160 100644
--- a/roles/lmn_vm/handlers/main.yml
+++ b/roles/lmn_vm/handlers/main.yml
@@ -3,14 +3,6 @@
     name: libvirtd.service
   listen: reload libvirtd
 
-- name: Enable vmimage-torrent service
-  systemd:
-    name: vmimage-torrent.service
-    state: restarted
-    daemon_reload: true
-    enabled: true
-  listen: "enable vmimage-torrent.service"
-
 - name: Run update-desktop-database
   command: update-desktop-database "{{ item }}"
   loop:
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 3227054..3409db2 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -197,14 +197,7 @@
     content: |
       allow virbr0
       allow virbr1
-
-- name: Deploy rsync.secret
-  lineinfile:
-    path: /etc/rsync.secret
-    line: "{{ rsyncsecret }}"
-    create: True
-    mode: '0600'
-
+      allow virbr2
 
 - name: Configure macvtap interface
   ansible.builtin.copy:

From 8383997e5d4c465a94aa83af03b5f73a5f28fc19 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Mon, 5 Feb 2024 13:10:25 +0100
Subject: [PATCH 477/504] additional bridge virbr1 for usb ethernet adapter

---
 roles/lmn_networkd/tasks/main.yml | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 786a89f..4a50c3f 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -29,21 +29,33 @@
 
 - name: Configure systemd-networkd virbr1.netdev
   ansible.builtin.copy:
-    dest: /etc/systemd/network/30-virbr1.netdev
+    dest: "/etc/systemd/network/30-{{ item }}.netdev"
     content: |
        [NetDev]
-       Name=virbr1
+       Name={{ item }}
        Kind=bridge
+  loop:
+    - virbr1
+    - virbr2
 
 - name: Configure systemd-networkd ethernet.network
   ansible.builtin.copy:
     dest: /etc/systemd/network/40-ethernet.network
     content: |
        [Match]
-       Name=en*
+       Name=enp*
        [Network]
        Bridge=virbr1
 
+- name: Configure systemd-networkd ethernet-usb.network
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/40-ethernet-usb.network
+    content: |
+       [Match]
+       Name=enx*
+       [Network]
+       Bridge=virbr2
+
 - name: Configure systemd-networkd virbr1.network
   ansible.builtin.copy:
     dest: /etc/systemd/network/50-virbr1.network
@@ -56,6 +68,18 @@
        UseDomains=true
        RouteMetric=512
 
+- name: Configure systemd-networkd virbr2.network
+  ansible.builtin.copy:
+    dest: /etc/systemd/network/50-virbr2.network
+    content: |
+       [Match]
+       Name=virbr2
+       [Network]
+       DHCP=yes
+       [DHCPv4]
+       UseDomains=false
+       RouteMetric=2048
+
 - name: Configure systemd-networkd wlan.network
   ansible.builtin.copy:
     dest: /etc/systemd/network/60-wlan0-dhcp.network

From f8bf585b5fbf898b6da31b19a53c4ae2ffa14b09 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 6 Feb 2024 13:39:02 +0100
Subject: [PATCH 478/504] Set virbr1's MAC to en*'s MAC

---
 roles/lmn_networkd/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 4a50c3f..3f80187 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -38,6 +38,12 @@
     - virbr1
     - virbr2
 
+- name: Set MAC-Address of virtio1 to ethernet nic
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/network/30-virbr1.netdev
+    line: "MACAddress={{ ansible_facts[ansible_interfaces | select('search', '^en.*') | first].macaddress }}"
+  when: ansible_interfaces | select('search', '^en.*')
+
 - name: Configure systemd-networkd ethernet.network
   ansible.builtin.copy:
     dest: /etc/systemd/network/40-ethernet.network

From d93192dad840a894430047b86f59140c1bd950c0 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 6 Feb 2024 13:40:11 +0100
Subject: [PATCH 479/504] clean up some deprecated networkd configs

---
 lmn-client.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 6052bd5..adf1456 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -268,4 +268,7 @@
         state: absent
       with_items:
         - /etc/systemd/network/80-wlan-dhcp.network
-
+        - /etc/systemd/network/wlan-dhcp.network
+        - /etc/systemd/network/virbr1.netdev
+        - /etc/systemd/network/virbr1.network
+        - /etc/systemd/network/wlan-dhcp.network

From 2cb8ff0c51f47c3543b8ad71a966b98533389762 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 6 Feb 2024 13:42:04 +0100
Subject: [PATCH 480/504] A134 hosts added

---
 inventory.yml | 238 +++++++++++++++++++++++++-------------------------
 1 file changed, 121 insertions(+), 117 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 081a7c5..2db7cb2 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,118 +1,122 @@
 $ANSIBLE_VAULT;1.1;AES256
-37356432653036643435373435613837356666343833373265643161646437393763366439383562
-6135653064333338366562386134666331653462643932390a653065353834363738663563373237
-63613862393833633835316337303336356136613537623032356236633736363661373433333632
-3562633235343730340a353735356265396435366639623632396139613735316136346436653963
-33393237313737313234666462326635626639323333393835656530633830376339623336353166
-33616437383061376162363261633365333032666336363736663934316134383738346433346332
-66386662306162356537313136636663656532363832636538656365316262393135336365343063
-63363436636161386133383666613063316161666631383864326538376637303239643636643035
-32356563383762663532356135366363396661366237366534323963333736616436653331393638
-31663136393165323434393163323237656162333065336365646133326464623166343963376633
-36393365353037346463626237336433353036383631393734353831303430306463656634313631
-64313830613139356665323538663136353366393366353062386165636162626536626139663265
-34313839633138333762366636653935373730613031393237393231393534383231333366616432
-61656438323134363837646534303736386665393038653833646666353831323064613734386534
-64306264643331356537663965623766623436373462333264613835656564356461363761303836
-36636463356331363161613332313163313966313061313638313736396564353661313262663065
-30323265363230623939353461383233366364366464633065633531316365303462383934386264
-33373631333731323864633830653838633964323563336165326461653166343832316331396536
-62656532323539313965383238343166636339393564366365316666393362633435656438313161
-65353135393038666333333334653036643161333365306130666134343934623036633736613732
-61653133353561636662616666336135633864373133623163383034623731396239663566353339
-37333566653363656535386363356566656132343834653764353331343837323538623530303537
-63666464313362646635616661616463313464343834353564393430383936643032646361336533
-63333136646564663335373166373936613761323762366535326563626639396133646361363465
-34313465653838316561663366633034613632306666336265363935643863383135323063613931
-39383064363036633039633265643165653833353063353064373435613361336338643861333738
-33333335613063323434313437346564356632333931356566353937363435303830333235386134
-65363237313730666330303437333864363232333532646334646164643363323032653265646235
-37613130313361306535623836633533386135326266626165663231666434373732663636393630
-33653139666238346266323065616663653538656332333632663262393534386134663130353565
-30383336353338306539646135393930353835343662633130363834323733666337653266373137
-64663633646232636562333066613532383133343061323532346363383838346639663634326139
-63373435393337333563303664613333366130326430316164646634653530656666353438343437
-63656134666265613237363139626565323534663838393664353331643834313835343261343962
-63316633323535633766323632393835336538316335353837376631316261333163383337623539
-35356363303338343139643335313865303963643135366430336232626133333735366566323861
-66626663343734323363386466303738633538363230613930613132646662303938643764373265
-63326437373965383834343934643064363733613363623965356432376662623261333739636264
-65376337336564353737333336306434333635346130386430613161303036643137643266366237
-34663430303735356362303130376233636461383065306230663335363038356130613262396364
-34623938353739343262373465393331663630303163636636323565653539663539303365346461
-66373861626532663732373730616265343337353933393238633934356264323635323538336238
-30333333653332313731313162346432633564303237616331666436353566646332613937616230
-31343461376630653931613337663633613137363836353132316666336532633932376136613862
-64383230666665366366636139653966326533343864316161666435353161373235396266613666
-31646665323066366432656663323165613137666531343539356239393737333762393362323863
-38353837373138396531383238643536323261643535623765373636653766333435613939333062
-37316463633961646331303261653936643761386538626164316133326538366462646461326335
-65343562383535323464653535356232343435373833643532376662643061323632643434363131
-64643961333631343038636164623634383466373236656565313434636164363134636235616133
-61663866346239353362396164656363336530643231393238643039306432633139653463616438
-65336461386539343462323664383534396635323663656636313032663561346232386536653031
-32333531646561643563643237383962626432303165393765396436393931626133303732353538
-35396534623339373636313564343637623631333661393230656334666262363334653061616632
-61616432363763383864333466313338616536376338343131303261663535626433343337343631
-37643964303163616564323733393566373238633963643936303861636336346338363637656131
-36323762333037356463346262643332333831623865306362643438313061663533333935396439
-66313632633963373532633537336264306661653463656363666434363364633638666330333938
-38386566343464363662633432653363306536323132303362356161636335393637303262343531
-38383938393234653066663737333434316663326433333965326562363737663834313430653565
-36646363386361393738643930366466633232396431636263303637346330663066376133393465
-38616532623361376261323134343662623834323338643963663236303136303061653265626465
-37346565373162306466356135333037353762656533386435643132383932373831303966643961
-65396436623735303736653564353535343333366334313737303337376564313136633438646634
-37353665636333383336623365663030333735353932623531653638646231396162613537316264
-35663338663564363461363738623538616338343138356337656466373138316239633133666139
-65353331346661663264386363333263303636313364303464363361316436303362633839393337
-66356165326165333838336162326431616462633362343062376431646665396665613839356433
-32633531353030663031623135316530616231643230643130373463636139633562653430393062
-62386662613564363531346331316437353364376662366233383561616263366262666633373265
-62376666623134613935356535343437653336623665366361376238366534623839643333626538
-34373839343936373039343861653962363237353566383038623734653566313966626436336338
-35393562626165313237333533353332343764323430393266656633636461353138336366303431
-34646238323166616134333431653164666438333136383435346533343530316339653164396432
-38663131303630316637633131323136393763393161656330623063373532623439386165326633
-37323462663430336564333333306435616439353739616132356661373461336239313032343762
-37646366383263623936393465303064653336316537616235336137343163666332666363386463
-36303661336162316630383961323363336335356161366236333761666330613931336363653831
-33323534336262303034313533663562313732306433633666386131336233623561666431343235
-64366161366532376536303036633133653266616432376239313064363230656334393562643761
-30343564303261363966303065626230326439613062623138323438653366333733626664353030
-66376362643233396236366564613330303835393537653464333466653031666536333938623730
-30393262656531663630346438653066316631366362366165353331303263373235373332646663
-39666161383830373334623561323438313635313837656630366237643339356266393032626264
-35656265303036316662316338636236356339633362393965323439633361646436316334363761
-32363133616161303731663430366233323234383139393763363137626330633238656638393737
-36613161333031643134376162646135306134643731343165326165636332616431346364346436
-39353335356361396461326230643965653362656439336133353131376536383536613731363363
-31303833333962333433393565386237383561313337353336363939343739343334643030343162
-33616532666661653536383361623732646333663962363934383534653963663034303065363265
-39666666353638323832353730393137356465626639636437666663656366646664363931353538
-31333731373838613463346462643932343333376535323839373831363732363437633338373534
-62656236653735626261316161646531346334373138623761306562653330393834353163303038
-30336632306630356239663365303131363234373333666132303236323333333461623939393935
-30633861336530643638643238356435346636656161306635323561663636343663623833633361
-38393433376334623537633130383965623531646634306233356234346661343434376132666239
-32393630653935376164613662666661353235323135636137363661336333383331356339393061
-35383430383935383939353936613335333461346536636333353031616661393833346561363031
-62656262316662653135316632363766653535353230323633383565663038303165653134373563
-38656462353261316366663831303766633535643263653164623265393035383965323064376163
-31643230633861343836643438316239366336656232613664646466646433636163616262646166
-61376531386637313831326261623038393038333130323338653134623037323238373230623539
-62663631646333306130656563643931383336366565623563303163653863666166306338623136
-37643865383632616562306666616263316161653439623537313937383361326232653733343639
-61626265343233336462636131316332343263383365383463363565633630313832663832363936
-66396139663433383461646238313431326165356538316436383066323336333033363633316363
-63663437373538353262336666363038643265376462396563666363633633633461643938613338
-35626663353661613663393232663030356237373934333731393134333538326463636364306238
-37623462623833623238646238346131383436663366363437663135306134626538316139323261
-63343636386536646134663464373035356264306363646666653339626661636131386137323438
-38623031366565353431663061663262336231333732333631316233316238643938633131633863
-31336265613662303730633862383564396262633936666262333832316130613637383464363766
-37343833633162313730633235343736646466653230356339626636626330633366376535316136
-37316465333436333738623139333564373637303831626539666537313632333664663765636337
-62363330653432363433396239653033623532623665356663363861656438623632306534666135
-64323737646564346161333639346334323235626232623764626436336362653363663736656637
-6535
+32343539633332393439373063393862396538313636613664613666326366356233623237313662
+3135303164353365313564353766396662633466333665330a353233633164653131316666353763
+62333065643237663065326564306364616637663733393563363432666130633939313332306339
+3234373136646237350a656233343730373437393737333936373361346266636135356633363536
+30363035366133356232346461333732653335326562373666353462623463366265653264616337
+38666239613863626264323266613365353766343938616233633833623665623764386232373663
+39666531666639623865333035343763656264663866326535646232346166616637393435383161
+63376334353331656339373065393233356565656663363434373964616631656335613631666339
+62326332333130626636626531326133643838383135326238373263306437396437363631303132
+66316264363633346534633964346464613834353930386439633130376332383833666238303764
+62363633626462613432343063393138316261386538396461383066653238303665316463356439
+30386635393432396634613434313966383838626165326434653730313638393134663566383031
+31313937383733343335306235333263643764613339386663303132336534353831343065363834
+30396366373263663361383066303664373637366539383866343032306164386666356537663662
+36363164396461623931616439636538393036323231626433653631303531626261373761336138
+34353365316664633731366437663462633838336666666634326431316365653238656236633839
+39326132373932343962366639346263386638343664343461656138656638306537353364613635
+32616136333031303239656237643666626466303631373536656436396531353836643564303837
+36633966316563393561343665356432636639383734653630393061303930383131353366663961
+35306465326532376333656237343962363766656636363639626336653564363238353530623465
+66616133323336323538653233383936383237666533363966643763303832353331633665363464
+65626637386631666636313637663939393631386238616337353262333461353130346335323039
+30626234393439613030656666613662643930663033643435393163303437636633633333643665
+63373531646166326334323566663665666133326265353464336339623532663339373530346366
+61613330366632623835626633643261353132643335613538343838653337616463633237336337
+62366534656233646465643563306239346536336131333862383131363366653837353063373161
+36333435313932303565333431386234306336366565323832323739616631663062376636663264
+34646335303539643561336263626633633639373562346238366433623637633166393437616261
+65633530666462393632353362346164303863366362366665353837366634383836376563363330
+64326139373732656664356431636531343161663430376563643438316263656231653363323635
+63373232323730613236353733353762626263313634663161366237336461633464323861643835
+61646333616163663636373232393637353034613562633837313933623435336663393964313862
+61306637663266373665646262356261653934653664633231323632313264363532633638316237
+61633639393239623835383436663765646333313763613464333763303335646238633764383230
+37623435393463363364326535623434643934383362626563323264383364323831396466623165
+32343231393834663136333036616330363362666461356438366136646331323965323632353565
+36303463303331616339303464636263336237623434613733383335386266333865663133386630
+31663134363533373031373738623638363434346236646361363161373139333035626238363235
+36336162333062386164323637613565303532643035623039616532346131626235653938633163
+62303531373832313332633661666435353038356438646436616137396663646131633963373431
+63663934313138643331666361353831303761323335346130346562333034356137313866356430
+64656365346138366637663435626330623464396239663666663837666630313638643436373463
+35333730363539366439613563663066393365343634373865333833666530393538303533363661
+30336138393530393730346366656237333339386130323565653665303366313564356363366432
+32393164663465623830343237393630653630356636376632313966643533363233643362643339
+31343464323439313631623034313033666139386430653463336665646464316138383565623365
+39343962373032656261363236356235396633373962393537613535663738616465646530613932
+65646637323634636165666164383539613531613430663864653962633465656461353064653263
+62333232366439356235643035336661636536363063643035353965363838396564303333663830
+62393635306236353931646634393435613061393261363563663534663634643636316163316234
+34316330313165663632646162623432346333363736663337636130373666396132336364636562
+38663564663666633732393331306366343233646233313739376630303536613131373936326333
+32626431336566306365613935306638613532626536613361356139616439666336323633663466
+66353662623731383639376336326239386162393261336565303861656439646366653238313635
+65613930623162333864393635353838346436356262393832326665353539613736643534666139
+39383965383763653833306134366331633035333139623761633131363535316431636339363333
+37386261303737366236663262656436383134613461623230373566653562646332656362653732
+30306662373734643937306533313863636335633338626132343533653866356332633739666332
+65646235306432326566366364653764383137653238646333363066646665643764393137373234
+63383366653335623564316462323235323934313063623234616338613264366637316637343936
+30386666393836313932393237326662613432313333363735373939366166616233323838343061
+36333866616530626463666266643232353132623036326361613166306462333030643334316132
+34653562326237396237326166383236346161343933646432336465353130636136383830376533
+39633365383062393563633664363766353265373966346461393439626563623032633933386530
+39346166373338373563373736376334326234313063386138306637626266613363373866663538
+63386332376432303833663633623039353161643064663237396166336430643861623966346632
+37323164616463363038393061623331653637353935636563643538363864663732353164396565
+32386164313061366462633664666661306230373365363239633965363765363032656661313237
+35373762386461396634616237343864633236343030623430633465343362353335653461363937
+65633931306464646636393838396565366665363233386562663939626131366462343036323765
+36613634326530646332393638653338306665323936353630393938613534383763346334616139
+36393634323133323739346638643864346563623835393732333035643438353463666162316632
+37366363363735656331346531383233303462616133333736316433643539373337336335326564
+36623162333239316534353739353832633964313964303833653931373766326263383030323032
+65363233633936376464383665363535363064313630366361303630653762323234633364633734
+37643737663633306136303163343166343665643363616565633934316231383339356638353061
+34353633323535653533643035623965346637313733363936386631376362333938623336656464
+62316261643137643130643934663265306539333237383432383430303737343134653235363362
+64383663663061393961373365373661323165363465663165343537663035343364343233316133
+61663937613462376237303930373736303138316639613233616266613432386163366463333036
+34383736393130326238366138653231363332663838643438333665326630346138393536623434
+30653936373666613061333064633563333265346166323864643435616132326134323263623830
+61643761366438376638333330343863356537666637313034643236646138613363646536373833
+63366538633539353133336666383465376664656563633033623136396138303436643232636132
+38663132646466313561656432323938393662656138393738643362353565353662656235656631
+32663233623064393037653336396432643464626539626134616562653838363663363465623339
+34633838383030343065353130636665366466653932386438656431653563383664346131336234
+30353035333338636534633635326637313633343365356531386334643636323936653938613761
+65373636373463383439333133373564316432313737663461613030336133336637323239653466
+31306330343261656666356231343032353832303437613362663137373738643236653138636132
+39356237636133313764663438623035303835366464313261343964663939313837666263626131
+39326161663237643738616436343962653833643435663736646365303939343533326464323764
+39363138343263343433653637643430396165396364306364613665633630396166336666386166
+66323161626539343531316337363735383063343738373831333534356136623065316537376430
+37366332356533376137376662346537623633383863353437393338646538663534353036303731
+32623563353563613934643963323966386338366264663664303965343831393761656465316534
+63383865383966346533623132653634643532303238386630613238373363396337393962326534
+36393238376232333139316133336132623634633531343339666663643836636336633737353033
+32303233623961313535393237613930656639303039633961623363656535326639346631393838
+36666462356239386366336262306432373930353932653762613539356139616263626663323434
+33613963323764356437303566306333343438326335366233333933623438633338353131616266
+39393139373564393566386534383333623730313339383431623131643761383236613863393530
+61373565656333643639326539373663356366333332373464666531646462653733383032326566
+30333564613238323435653765616431643237643039346338643166346131356138653236393663
+36326237396436386334613030373535336664303837343332323261316630666439353261663564
+31633465346635636331366266373062353837653737353237386661653331636166643463316135
+62653235633165303932356336366330646338343566313235306336326438323236333338376662
+38333630626134396361343061333533303235393231383736613934353131333031393332633539
+63613231393938396633323133643634633337313134323630333663306362373366396330633435
+33393866366665396132363665336363393263316438336666373230393532356265326532663936
+39633533613132386536636433363663623861383135643366376137643263363538373161373366
+37656339366630313564346530643163633536633330633265396637363362633734396638666263
+62346639613864376135383534316133666237663865306430353632623631376562376334363563
+35636636336663396531356530306664326430366339363133353133333831333237386630393661
+36666236626663336636323535333333383036656434653031323033393765333138336462383164
+64636565326262373235333566653438316437366564613834643831333633616531643861653432
+30323565613438626131353164353261376334633361366164306230336665363661373331303162
+33633863626439636434653831386432366264376263353734363766666162363162376639336366
+62383735356530646131373065306336353338333634373462613435313530646462343733383139
+36643864356134303865646635373236613264613536356465656236616232653830323630313936
+37633531613237323838333830646139393263653137656665393433313566326266

From b442573b863eb787ab9078fdc0d8f0baca0a6e3a Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 6 Feb 2024 15:23:52 +0100
Subject: [PATCH 481/504] Proposed-updates task sometimes hangs. Try fix.

---
 roles/lmn_fvs/tasks/main.yml     | 1 +
 roles/lmn_network/tasks/main.yml | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 3079016..c21adbf 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -45,6 +45,7 @@
       - net-tools
       - netcat-openbsd
       - nmap
+      - pdf-presenter-console
       - php-cli
       - planner
       - pulseview
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index c6bec56..eee1e6a 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -26,5 +26,4 @@
       deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
       main non-free-firmware
     state: present
-    update_cache: true
   when: proposed_updates | default(False)

From 72a134fcbf6277452039d86470d3cf10bcdb371b Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 7 Feb 2024 16:42:09 +0100
Subject: [PATCH 482/504] Fixes for the laptop role merged before.

Packages need to be installed before messing around
with network configurations.
---
 roles/lmn_fvs/tasks/main.yml      | 1 +
 roles/lmn_networkd/tasks/main.yml | 8 --------
 roles/lmn_vm/tasks/main.yml       | 6 ------
 roles/lmn_wlan_iwd/tasks/main.yml | 7 ++++---
 4 files changed, 5 insertions(+), 17 deletions(-)

diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index c21adbf..bf97e97 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -47,6 +47,7 @@
       - nmap
       - pdf-presenter-console
       - php-cli
+      - pipx
       - planner
       - pulseview
       - python3-websockets
diff --git a/roles/lmn_networkd/tasks/main.yml b/roles/lmn_networkd/tasks/main.yml
index 3f80187..31e9742 100644
--- a/roles/lmn_networkd/tasks/main.yml
+++ b/roles/lmn_networkd/tasks/main.yml
@@ -1,6 +1,5 @@
 ---
 # temporary disable network manager
-# in future network manager will be used for wifi sticks
 - name: Use iwd but ignore interfaces managed by systemd-networkd (wlan0,en*)
   blockinfile:
     dest: /etc/NetworkManager/NetworkManager.conf
@@ -20,13 +19,6 @@
       #state: started
     enabled: true
 
-- name: install firmware for wifi-sticks
-  apt:
-    name:
-      - firmware-realtek
-    state: latest
-    autoremove: true
-
 - name: Configure systemd-networkd virbr1.netdev
   ansible.builtin.copy:
     dest: "/etc/systemd/network/30-{{ item }}.netdev"
diff --git a/roles/lmn_vm/tasks/main.yml b/roles/lmn_vm/tasks/main.yml
index 3409db2..0d87a4e 100644
--- a/roles/lmn_vm/tasks/main.yml
+++ b/roles/lmn_vm/tasks/main.yml
@@ -235,12 +235,6 @@
     - /usr/local/share/desktop-directories
   notify: Run update-desktop-database
 
-- name: Set owner lmnsynci for menu entry directory
-  file:
-    path: /usr/local/share/applications
-    state: directory
-    owner: lmnsynci
-
 - name: Copy fvs.directory
   ansible.builtin.copy:
     src: fvs.directory
diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 8eb2960..6d627be 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -2,11 +2,12 @@
 ##   wget https://cdimage.debian.org/cdimage/firmware/testing/current/firmware.cpio.gz
 ##   cat initrd.gz firmware.cpio.gz > initrd-fw.gz
 ---
-- name: Install iwd
+- name: Install packages related to iwd
   ansible.builtin.apt:
     name:
       - iwd
       - systemd-resolved
+      - firmware-realtek # for our wifi sticks
     state: latest
 
 - name: Disable wpa-supplicant
@@ -39,7 +40,7 @@
       #       wifi.backend=iwd
       #       match-device=interface-name:wl*
       #       managed=0
-      # 
+      #
       # - name: Configure systemd-networkd
       #   ansible.builtin.copy:
       #     dest: /etc/systemd/network/80-wlan-dhcp.network
@@ -50,7 +51,7 @@
       #       DHCP=yes
       #       [DHCPv4]
       #       UseDomains=true
-      # 
+      #
 - name: Enable systemd-networkd
   ansible.builtin.systemd:
     name: systemd-networkd.service

From 1a9cb2d68ae9ae9395203c61612dde53a2b41aaf Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 8 Feb 2024 07:22:37 +0100
Subject: [PATCH 483/504] fix path of qcow2 file for outdated-check

---
 roles/lmn_vm/files/vm-run | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index 4934797..ea0de84 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -31,7 +31,7 @@ exit_script() {
 check_images() {
    # sync vm-torrents and machine definition file
    sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.qcow2.torrent"
-   [[ -f "${VM_NAME}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
+   [[ -f "${VM_SYSDIR}/${VM_NAME}.qcow2" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
 
    BACKINGARRAY=()
    imgfile="${VM_SYSDIR}/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"

From 9320f6fd67ede95b44c5ec4c38b33b4f87b680e5 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Thu, 8 Feb 2024 09:22:26 +0100
Subject: [PATCH 484/504] allways pull torrent-files from backing-files

---
 roles/lmn_vm/files/vm-run | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index ea0de84..3ad76db 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -52,11 +52,11 @@ check_images() {
        echo "Backingfile required: ${backingfile}"
        imgfile="${VM_SYSDIR}/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
        BACKINGARRAY+=("${imgfile}")
+       sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${backingfile}.torrent"
+       [[ -f "${VM_SYSDIR}/${backingfile}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${backingfile}"
        if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
            # sync vm-disk image by torrent
            echo "Try to sync backingfile ${backingfile} by torrent"
-           sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${backingfile}.torrent"
-           [[ -f "${backingfile}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${backingfile}"
            sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${backingfile%.qcow2}"
        fi
        backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
@@ -72,6 +72,7 @@ check_images() {
        if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
            echo "check failed!"
            echo "sync ${BACKINGARRAY[$i]} again"
+           sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${BACKINGARRAY[$i]}.torrent"
            sudo -u lmnsynci /usr/local/bin/vm-sync get_image "$(basename "${BACKINGARRAY[$i]}" .qcow2)"
        fi
    done

From d4f6d91f15a8782f45bfd51f533c1c80f24cdb97 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 13 Feb 2024 20:13:38 +0100
Subject: [PATCH 485/504] Allow starting multiple VMs where the first uses the
 macvtap device.

---
 inventory.yml                 | 244 +++++++++++++++++-----------------
 roles/lmn_vm/files/vm-netboot |   9 +-
 2 files changed, 131 insertions(+), 122 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 2db7cb2..ef71d1f 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,122 +1,124 @@
 $ANSIBLE_VAULT;1.1;AES256
-32343539633332393439373063393862396538313636613664613666326366356233623237313662
-3135303164353365313564353766396662633466333665330a353233633164653131316666353763
-62333065643237663065326564306364616637663733393563363432666130633939313332306339
-3234373136646237350a656233343730373437393737333936373361346266636135356633363536
-30363035366133356232346461333732653335326562373666353462623463366265653264616337
-38666239613863626264323266613365353766343938616233633833623665623764386232373663
-39666531666639623865333035343763656264663866326535646232346166616637393435383161
-63376334353331656339373065393233356565656663363434373964616631656335613631666339
-62326332333130626636626531326133643838383135326238373263306437396437363631303132
-66316264363633346534633964346464613834353930386439633130376332383833666238303764
-62363633626462613432343063393138316261386538396461383066653238303665316463356439
-30386635393432396634613434313966383838626165326434653730313638393134663566383031
-31313937383733343335306235333263643764613339386663303132336534353831343065363834
-30396366373263663361383066303664373637366539383866343032306164386666356537663662
-36363164396461623931616439636538393036323231626433653631303531626261373761336138
-34353365316664633731366437663462633838336666666634326431316365653238656236633839
-39326132373932343962366639346263386638343664343461656138656638306537353364613635
-32616136333031303239656237643666626466303631373536656436396531353836643564303837
-36633966316563393561343665356432636639383734653630393061303930383131353366663961
-35306465326532376333656237343962363766656636363639626336653564363238353530623465
-66616133323336323538653233383936383237666533363966643763303832353331633665363464
-65626637386631666636313637663939393631386238616337353262333461353130346335323039
-30626234393439613030656666613662643930663033643435393163303437636633633333643665
-63373531646166326334323566663665666133326265353464336339623532663339373530346366
-61613330366632623835626633643261353132643335613538343838653337616463633237336337
-62366534656233646465643563306239346536336131333862383131363366653837353063373161
-36333435313932303565333431386234306336366565323832323739616631663062376636663264
-34646335303539643561336263626633633639373562346238366433623637633166393437616261
-65633530666462393632353362346164303863366362366665353837366634383836376563363330
-64326139373732656664356431636531343161663430376563643438316263656231653363323635
-63373232323730613236353733353762626263313634663161366237336461633464323861643835
-61646333616163663636373232393637353034613562633837313933623435336663393964313862
-61306637663266373665646262356261653934653664633231323632313264363532633638316237
-61633639393239623835383436663765646333313763613464333763303335646238633764383230
-37623435393463363364326535623434643934383362626563323264383364323831396466623165
-32343231393834663136333036616330363362666461356438366136646331323965323632353565
-36303463303331616339303464636263336237623434613733383335386266333865663133386630
-31663134363533373031373738623638363434346236646361363161373139333035626238363235
-36336162333062386164323637613565303532643035623039616532346131626235653938633163
-62303531373832313332633661666435353038356438646436616137396663646131633963373431
-63663934313138643331666361353831303761323335346130346562333034356137313866356430
-64656365346138366637663435626330623464396239663666663837666630313638643436373463
-35333730363539366439613563663066393365343634373865333833666530393538303533363661
-30336138393530393730346366656237333339386130323565653665303366313564356363366432
-32393164663465623830343237393630653630356636376632313966643533363233643362643339
-31343464323439313631623034313033666139386430653463336665646464316138383565623365
-39343962373032656261363236356235396633373962393537613535663738616465646530613932
-65646637323634636165666164383539613531613430663864653962633465656461353064653263
-62333232366439356235643035336661636536363063643035353965363838396564303333663830
-62393635306236353931646634393435613061393261363563663534663634643636316163316234
-34316330313165663632646162623432346333363736663337636130373666396132336364636562
-38663564663666633732393331306366343233646233313739376630303536613131373936326333
-32626431336566306365613935306638613532626536613361356139616439666336323633663466
-66353662623731383639376336326239386162393261336565303861656439646366653238313635
-65613930623162333864393635353838346436356262393832326665353539613736643534666139
-39383965383763653833306134366331633035333139623761633131363535316431636339363333
-37386261303737366236663262656436383134613461623230373566653562646332656362653732
-30306662373734643937306533313863636335633338626132343533653866356332633739666332
-65646235306432326566366364653764383137653238646333363066646665643764393137373234
-63383366653335623564316462323235323934313063623234616338613264366637316637343936
-30386666393836313932393237326662613432313333363735373939366166616233323838343061
-36333866616530626463666266643232353132623036326361613166306462333030643334316132
-34653562326237396237326166383236346161343933646432336465353130636136383830376533
-39633365383062393563633664363766353265373966346461393439626563623032633933386530
-39346166373338373563373736376334326234313063386138306637626266613363373866663538
-63386332376432303833663633623039353161643064663237396166336430643861623966346632
-37323164616463363038393061623331653637353935636563643538363864663732353164396565
-32386164313061366462633664666661306230373365363239633965363765363032656661313237
-35373762386461396634616237343864633236343030623430633465343362353335653461363937
-65633931306464646636393838396565366665363233386562663939626131366462343036323765
-36613634326530646332393638653338306665323936353630393938613534383763346334616139
-36393634323133323739346638643864346563623835393732333035643438353463666162316632
-37366363363735656331346531383233303462616133333736316433643539373337336335326564
-36623162333239316534353739353832633964313964303833653931373766326263383030323032
-65363233633936376464383665363535363064313630366361303630653762323234633364633734
-37643737663633306136303163343166343665643363616565633934316231383339356638353061
-34353633323535653533643035623965346637313733363936386631376362333938623336656464
-62316261643137643130643934663265306539333237383432383430303737343134653235363362
-64383663663061393961373365373661323165363465663165343537663035343364343233316133
-61663937613462376237303930373736303138316639613233616266613432386163366463333036
-34383736393130326238366138653231363332663838643438333665326630346138393536623434
-30653936373666613061333064633563333265346166323864643435616132326134323263623830
-61643761366438376638333330343863356537666637313034643236646138613363646536373833
-63366538633539353133336666383465376664656563633033623136396138303436643232636132
-38663132646466313561656432323938393662656138393738643362353565353662656235656631
-32663233623064393037653336396432643464626539626134616562653838363663363465623339
-34633838383030343065353130636665366466653932386438656431653563383664346131336234
-30353035333338636534633635326637313633343365356531386334643636323936653938613761
-65373636373463383439333133373564316432313737663461613030336133336637323239653466
-31306330343261656666356231343032353832303437613362663137373738643236653138636132
-39356237636133313764663438623035303835366464313261343964663939313837666263626131
-39326161663237643738616436343962653833643435663736646365303939343533326464323764
-39363138343263343433653637643430396165396364306364613665633630396166336666386166
-66323161626539343531316337363735383063343738373831333534356136623065316537376430
-37366332356533376137376662346537623633383863353437393338646538663534353036303731
-32623563353563613934643963323966386338366264663664303965343831393761656465316534
-63383865383966346533623132653634643532303238386630613238373363396337393962326534
-36393238376232333139316133336132623634633531343339666663643836636336633737353033
-32303233623961313535393237613930656639303039633961623363656535326639346631393838
-36666462356239386366336262306432373930353932653762613539356139616263626663323434
-33613963323764356437303566306333343438326335366233333933623438633338353131616266
-39393139373564393566386534383333623730313339383431623131643761383236613863393530
-61373565656333643639326539373663356366333332373464666531646462653733383032326566
-30333564613238323435653765616431643237643039346338643166346131356138653236393663
-36326237396436386334613030373535336664303837343332323261316630666439353261663564
-31633465346635636331366266373062353837653737353237386661653331636166643463316135
-62653235633165303932356336366330646338343566313235306336326438323236333338376662
-38333630626134396361343061333533303235393231383736613934353131333031393332633539
-63613231393938396633323133643634633337313134323630333663306362373366396330633435
-33393866366665396132363665336363393263316438336666373230393532356265326532663936
-39633533613132386536636433363663623861383135643366376137643263363538373161373366
-37656339366630313564346530643163633536633330633265396637363362633734396638666263
-62346639613864376135383534316133666237663865306430353632623631376562376334363563
-35636636336663396531356530306664326430366339363133353133333831333237386630393661
-36666236626663336636323535333333383036656434653031323033393765333138336462383164
-64636565326262373235333566653438316437366564613834643831333633616531643861653432
-30323565613438626131353164353261376334633361366164306230336665363661373331303162
-33633863626439636434653831386432366264376263353734363766666162363162376639336366
-62383735356530646131373065306336353338333634373462613435313530646462343733383139
-36643864356134303865646635373236613264613536356465656236616232653830323630313936
-37633531613237323838333830646139393263653137656665393433313566326266
+38383465623339626331366539333538613135393462393632613263313263326532643537633365
+3265306564306636343038653331626664313961303066650a386131346435383132363563383361
+39643835343065326465396235306266653364663634363637613331336633373334316465346337
+3039333964623234640a323933613137646261336562316237666331313434613731633761386632
+34336361656238376630633064393439303062643234336432353263633265346265623035643239
+34346431316333613431396437313032356239633664323365616261333063373130663533343662
+66646564353733653636626233363265303961376433303765343466663634633738346166623934
+39643538643663393634373161643432306261633364306363376133363966633463353735663265
+37326465633861633931646262623166653733623036663235383831353038333761366263303363
+62356666346438383464333662613762356334333563356565393230643936623064616334643232
+66383835653933346361343832613433613433323536393631353562386237346665396266326161
+33646264393534306465306265376562303965636632303861343537386432663037616231663632
+62383861383033303633373436343734353733363037396639333239636635663561306637646564
+39313635633038333734613438363231643832393733663731363332323132316539363264356264
+30626463613939623139363837393835333439633461386161336237323831363735653035356438
+33653266323466306630363934656461313734353965306238616532336261383235633035306331
+63653637356162633939363563623138366162626263346632346465383861656536356337623665
+35363438646534346332323438656363356233366335343236663830373262613861323137636663
+38653839346461343130656163353561643537373566653432663561643963323466393462393035
+38323266356532386334366232323964393530393965623564663936306633626136336561326566
+34633431623334616138626237386538356331336238636366626263363331656434363865386634
+66363531353762316535316234616361613930313038336231613265663839366531326434363238
+34343132616564666236323838323938623435356166396361663566363663623762306464653063
+61373332616134626333383865346332316132353062633566353137386634336366363634383238
+30333530633731663164396566656338353662623261373537336630633666396338633765376439
+62383962346665646363393466633231333434666637663832646130386663313430336566666666
+66643563656264333032346161646464353236653232656330646531663934326439666463343036
+62353362306337623732366533333635316366343262343530383864346638343666306636663831
+65636531666132353565356337363462376163313665353063356366366536383564623736316230
+37653662633832333738356536303961333063326533386639613936626130363330336662633735
+61656231363237313261316263613163333238336134313561666362356336316434363863373334
+38663365356464663531306132356537346665336562343462306333623534366665373666343232
+37363330656161353063646637396431366632663561343435323439666565363563623230633330
+39316134303861363265396438663730303262323164333139663532303537333438623164623031
+66343837386564383662323763346464376164663837663839616434396434663838636162333433
+38326361616137333630323733643662326533383837306136623034646335313930316138373734
+39333766343362366239643066643530613230333330346462303237316234653036656262353664
+37306266333930336134306335643731643562633630306365653038633664353736386331336131
+32303130393962666335656631653833386433653437326463346162633163356366353531363461
+35353136623836393834386561373939313666346339316236373135333564663262336232363830
+31336438393737653162373538623965643766363537306463643466633834623264653263306331
+33333461343532316462623330313037333931633264356536343032363464346337336561326633
+39363338306163626430373439343537663764346631366566376632343431393237333836623236
+33643865343466636139303366396536343731643238346431643132636633336364643065373166
+38316361383663623532643839376533373933623036306430663064643036323334303234323337
+34383330393761313862633663333265323532313130656236333937376265323136313235383836
+35623933616633346431346634326330363736303232363038323863323134633735363232663664
+38303731633463366432313764646264363165373038623630633165356130326463376134623630
+64376566623062313135393764623537323034306236313164613037316230383037613664303666
+38303833313664336562346234373934626161663339656335646538396561303337323037666135
+36316130353465623863626666363864666463333538393862343333323836626265643030383438
+32386464346632313834623432633332393665666365663532316532666233303830353239316132
+37663862656635396432383934356436313239653636616363353532306638336663303430373733
+62323362653136646334366261336530643437663663383835663162326631633835376566626437
+64613037373536616164626662313363366438613233623234656538613963656134356263376562
+32303863373333316538633861363930383133343135313530623630663663383365393534653561
+37396530636434613032663361386537336464663931613637666134343030386332396364646631
+38333765356264323833396261656363393761646533613433313330616531393038613435396364
+33373637626563643034633166613463393564616134346461323632616130376136643837626465
+33393732633737636637366331393631396161346637363133366337313163666338303535356533
+64363433626663366566366332626566643834356534633034303731653230333236326561393461
+31646534356564386132646362366664333463373866633461613764616462363065326235623939
+30333065396666646462303932656132353737323534373734653363636465333739313737333032
+65646436643165383335636264353036623332633562633938653434316237623637613934613638
+39653635663635663165633666373666353734356531633064623566333639323330363063373630
+36663162316566323738663931653732363634663463303063663231373237623562393966366531
+35396562633461626236306134653035373834313561613661636331366335646632353562356661
+38383837646262323531373765373962663365313939623434336530633564303937613434396431
+32663330373763303535363635623164663864623262303232333431313639653133326663623436
+38663431396666313231653239386630356635363037353436313435633539333661383263656465
+31383464666538653762313863356639653765386339313165633035616361366464623263633932
+30356633653335666332356431353462353139626534653761636631316437343065313461623738
+63616466613166633332363437613438643863323765653065663831333033376462333233626262
+61346230333632666365343138663464626436393264633338626137323531333366363665316139
+64373663363037653064663632643564373266656661643839303564636132363366613832623236
+66386239623730346235363832316332323932316662306432656533386137643336646563333133
+35323538333532323162373761343834346236393035363863613837646164373238353866666462
+32353937633036393164373337393236333631613931383836306137623335363466393139623161
+30303865656135303863613466646634646662353931303563306139313933316165333038353636
+63393334383538626533333137353836303965383038663733396664643032666532366664343531
+30326662373566656462363866656332316130666132616666353362613935363833373534353235
+35353261653862613033343065336435633063633732323839626338626139613466306531343739
+39633264636565303662396461326465636334303662366362336361393564656637323139613430
+33643134396636616430353031613837623461636639363832343365616163386136363535643462
+33353930626236393862366534396461316139383738323234306635356466633061666232353565
+30633133666264356533623963353433373965666264333539623766346461623037343532303433
+63313065333361376465646336643562386334386465376236356334313065386464346334303763
+64346231376564333734643539643139663636626338353462353131646630663331353738646538
+62653130313161346638383161333437323262666663323763343564346330373262353730626532
+64373934613662653262666664303865383262663837383361306531663364373731343664303466
+38653361393666376639333961346238303634313164663961663938366330383963383530333833
+38373938303030356666336138643238653762666430333536343633353935346636613334333737
+32353034383530636339633439303630343363613364646235666462623135333163383962663363
+63653661316366386462663736633635303265336666326361396332323864306135346339373934
+32323136313030373365306261323736666263363138626331643130383865653334663838396130
+65333736393363623334636237653963303235383335666138306539346564313636383630343935
+33313233393232323663316463633237626461363737376334393630396632383936343961313761
+37353134303634376664643463653931366239343532376231663638626234393939636663306263
+62326538343764363433646464623938333065623365663133656633373662353138363936356437
+64333231376131323263366239323462663833363365383135663430363562333364653235623339
+30626339663964633064613937326161346133653435623536346561663033383730386163306165
+34383330336636316461346133656430306362363031633536663131363830323332326466336262
+65333530306462613766626636643635613663613432613632386338323764316163613337656238
+63366530663465333530336539336664613334316264663338333463356436646336346232326166
+32653664666138353930373836306662306336383461643632373031626461303065316637623837
+37613538346233636265336139643033383433613565623539303665353732623762663762643132
+62643431313132333039653435353939356564383762366331316663663262366266636130633737
+38633965333366333466623132343366386465316263353566353065393463383930323937316539
+37653137313638323330306332373766663266663332643062373966356635653537643632666138
+37336561383132643962313862613933303065363135623434383737626138383030366264643230
+65656138373639393931306263346139383137656562633631333365383538333963356364333936
+61306261306533313038303165393134393830613439353730656131633764646235353966313637
+39353035626465343931386135323934316561646265393239346361343164373461373462353663
+30626630383336663730643038636235313062333339623366323335366637613934666133306564
+35626466366533303763363662393739613430303834663834386438333338636333333263643866
+66336138356236303338333239363266313766373964643862653437366433623733643162636466
+39383364353133383538666634653635636463326238626665346162633032393935383733356532
+32366633656365633737383265616631363035646533386335356361353337613739386632646635
+36343833633335316563656438373261326366333031616133356266646366306137343737303761
+64646635366664643835643266303237643664343935326239306233663062616437353432346162
+39376564336161383265633131393530326236336566616463376632663431376131653835313438
+33333335363034306561636564313930316537643835666435633061666363306536383362656239
+386331323239626265646535303333313536
diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index a60a783..f756fa3 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -18,7 +18,7 @@ mac="$(ip link | grep -A1 "vm-macvtap" | \
           sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
 
 if [[ $# -eq 0 ]] ; then
-    mem=$(sed -En "s/^MemTotal:\s+([0-9]+)\s+kB/\1/p" /proc/meminfo)
+    mem=$(sed -En "s/^MemAvailable:\s+([0-9]+)\s+kB/\1/p" /proc/meminfo)
     cpu=$(sed -En "0,/^cpu cores/s/^cpu cores\s+:\s+([0-9]+)/\1/p" /proc/cpuinfo)
     arg=("--memory=$((mem/2048))" "--vcpu=$((cpu/2))")
     echo Set options: "${arg[@]}"
@@ -45,6 +45,13 @@ case "$img" in
 esac
 
 type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
+for vm in $(virsh --connect qemu:///session list --all --name) ; do
+    if virsh domiflist "$vm" | grep -q "$mac" ; then
+	type="user"
+	virt-manager &
+	break
+    fi
+done
 
 ## FIXME: use passt, needs more settings for correct DNS/gateway
 # type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1

From 07f34be5464727aac3f8623de539ce11bc2f1e17 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 14 Feb 2024 15:04:57 +0100
Subject: [PATCH 486/504] Fix VMs with home on CIFS.

---
 roles/lmn_vm/files/vm-netboot | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/vm-netboot b/roles/lmn_vm/files/vm-netboot
index f756fa3..2f4c062 100755
--- a/roles/lmn_vm/files/vm-netboot
+++ b/roles/lmn_vm/files/vm-netboot
@@ -4,6 +4,9 @@
 #
 set -eu
 
+## Imporant for all virsh libvirt calls:
+export XDG_CONFIG_HOME="/tmp/${UID}/.config"
+
 menu=(standard "CLI Standard Debian GNU/Linux NFS"
       standard-ram "CLI Standard Debian GNU/Linux RAM"
       kde-desktop "KDE Plasma Desktop Debian GNU/Linux NFS"
@@ -56,7 +59,7 @@ done
 ## FIXME: use passt, needs more settings for correct DNS/gateway
 # type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1
 
-http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
+http_proxy='' \
           exec virt-install \
           --name "$img" \
           --osinfo debiantesting \

From 37e4108021853b2c109f895962a756c8a9914967 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 14 Feb 2024 12:49:27 +0100
Subject: [PATCH 487/504] Provide dual screen setup where needed.

For SDDM, the projector is switched off: dual_screen[0].
For Wayland, dual_screen[1] is set as primary screen.
---
 inventory.yml                             | 269 ++++++++++++----------
 roles/lmn_fvs/tasks/main.yml              |  29 +++
 roles/lmn_fvs/templates/lmn-fix-screen.j2 |  10 +
 3 files changed, 185 insertions(+), 123 deletions(-)
 create mode 100644 roles/lmn_fvs/templates/lmn-fix-screen.j2

diff --git a/inventory.yml b/inventory.yml
index ef71d1f..04cadf7 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,124 +1,147 @@
 $ANSIBLE_VAULT;1.1;AES256
-38383465623339626331366539333538613135393462393632613263313263326532643537633365
-3265306564306636343038653331626664313961303066650a386131346435383132363563383361
-39643835343065326465396235306266653364663634363637613331336633373334316465346337
-3039333964623234640a323933613137646261336562316237666331313434613731633761386632
-34336361656238376630633064393439303062643234336432353263633265346265623035643239
-34346431316333613431396437313032356239633664323365616261333063373130663533343662
-66646564353733653636626233363265303961376433303765343466663634633738346166623934
-39643538643663393634373161643432306261633364306363376133363966633463353735663265
-37326465633861633931646262623166653733623036663235383831353038333761366263303363
-62356666346438383464333662613762356334333563356565393230643936623064616334643232
-66383835653933346361343832613433613433323536393631353562386237346665396266326161
-33646264393534306465306265376562303965636632303861343537386432663037616231663632
-62383861383033303633373436343734353733363037396639333239636635663561306637646564
-39313635633038333734613438363231643832393733663731363332323132316539363264356264
-30626463613939623139363837393835333439633461386161336237323831363735653035356438
-33653266323466306630363934656461313734353965306238616532336261383235633035306331
-63653637356162633939363563623138366162626263346632346465383861656536356337623665
-35363438646534346332323438656363356233366335343236663830373262613861323137636663
-38653839346461343130656163353561643537373566653432663561643963323466393462393035
-38323266356532386334366232323964393530393965623564663936306633626136336561326566
-34633431623334616138626237386538356331336238636366626263363331656434363865386634
-66363531353762316535316234616361613930313038336231613265663839366531326434363238
-34343132616564666236323838323938623435356166396361663566363663623762306464653063
-61373332616134626333383865346332316132353062633566353137386634336366363634383238
-30333530633731663164396566656338353662623261373537336630633666396338633765376439
-62383962346665646363393466633231333434666637663832646130386663313430336566666666
-66643563656264333032346161646464353236653232656330646531663934326439666463343036
-62353362306337623732366533333635316366343262343530383864346638343666306636663831
-65636531666132353565356337363462376163313665353063356366366536383564623736316230
-37653662633832333738356536303961333063326533386639613936626130363330336662633735
-61656231363237313261316263613163333238336134313561666362356336316434363863373334
-38663365356464663531306132356537346665336562343462306333623534366665373666343232
-37363330656161353063646637396431366632663561343435323439666565363563623230633330
-39316134303861363265396438663730303262323164333139663532303537333438623164623031
-66343837386564383662323763346464376164663837663839616434396434663838636162333433
-38326361616137333630323733643662326533383837306136623034646335313930316138373734
-39333766343362366239643066643530613230333330346462303237316234653036656262353664
-37306266333930336134306335643731643562633630306365653038633664353736386331336131
-32303130393962666335656631653833386433653437326463346162633163356366353531363461
-35353136623836393834386561373939313666346339316236373135333564663262336232363830
-31336438393737653162373538623965643766363537306463643466633834623264653263306331
-33333461343532316462623330313037333931633264356536343032363464346337336561326633
-39363338306163626430373439343537663764346631366566376632343431393237333836623236
-33643865343466636139303366396536343731643238346431643132636633336364643065373166
-38316361383663623532643839376533373933623036306430663064643036323334303234323337
-34383330393761313862633663333265323532313130656236333937376265323136313235383836
-35623933616633346431346634326330363736303232363038323863323134633735363232663664
-38303731633463366432313764646264363165373038623630633165356130326463376134623630
-64376566623062313135393764623537323034306236313164613037316230383037613664303666
-38303833313664336562346234373934626161663339656335646538396561303337323037666135
-36316130353465623863626666363864666463333538393862343333323836626265643030383438
-32386464346632313834623432633332393665666365663532316532666233303830353239316132
-37663862656635396432383934356436313239653636616363353532306638336663303430373733
-62323362653136646334366261336530643437663663383835663162326631633835376566626437
-64613037373536616164626662313363366438613233623234656538613963656134356263376562
-32303863373333316538633861363930383133343135313530623630663663383365393534653561
-37396530636434613032663361386537336464663931613637666134343030386332396364646631
-38333765356264323833396261656363393761646533613433313330616531393038613435396364
-33373637626563643034633166613463393564616134346461323632616130376136643837626465
-33393732633737636637366331393631396161346637363133366337313163666338303535356533
-64363433626663366566366332626566643834356534633034303731653230333236326561393461
-31646534356564386132646362366664333463373866633461613764616462363065326235623939
-30333065396666646462303932656132353737323534373734653363636465333739313737333032
-65646436643165383335636264353036623332633562633938653434316237623637613934613638
-39653635663635663165633666373666353734356531633064623566333639323330363063373630
-36663162316566323738663931653732363634663463303063663231373237623562393966366531
-35396562633461626236306134653035373834313561613661636331366335646632353562356661
-38383837646262323531373765373962663365313939623434336530633564303937613434396431
-32663330373763303535363635623164663864623262303232333431313639653133326663623436
-38663431396666313231653239386630356635363037353436313435633539333661383263656465
-31383464666538653762313863356639653765386339313165633035616361366464623263633932
-30356633653335666332356431353462353139626534653761636631316437343065313461623738
-63616466613166633332363437613438643863323765653065663831333033376462333233626262
-61346230333632666365343138663464626436393264633338626137323531333366363665316139
-64373663363037653064663632643564373266656661643839303564636132363366613832623236
-66386239623730346235363832316332323932316662306432656533386137643336646563333133
-35323538333532323162373761343834346236393035363863613837646164373238353866666462
-32353937633036393164373337393236333631613931383836306137623335363466393139623161
-30303865656135303863613466646634646662353931303563306139313933316165333038353636
-63393334383538626533333137353836303965383038663733396664643032666532366664343531
-30326662373566656462363866656332316130666132616666353362613935363833373534353235
-35353261653862613033343065336435633063633732323839626338626139613466306531343739
-39633264636565303662396461326465636334303662366362336361393564656637323139613430
-33643134396636616430353031613837623461636639363832343365616163386136363535643462
-33353930626236393862366534396461316139383738323234306635356466633061666232353565
-30633133666264356533623963353433373965666264333539623766346461623037343532303433
-63313065333361376465646336643562386334386465376236356334313065386464346334303763
-64346231376564333734643539643139663636626338353462353131646630663331353738646538
-62653130313161346638383161333437323262666663323763343564346330373262353730626532
-64373934613662653262666664303865383262663837383361306531663364373731343664303466
-38653361393666376639333961346238303634313164663961663938366330383963383530333833
-38373938303030356666336138643238653762666430333536343633353935346636613334333737
-32353034383530636339633439303630343363613364646235666462623135333163383962663363
-63653661316366386462663736633635303265336666326361396332323864306135346339373934
-32323136313030373365306261323736666263363138626331643130383865653334663838396130
-65333736393363623334636237653963303235383335666138306539346564313636383630343935
-33313233393232323663316463633237626461363737376334393630396632383936343961313761
-37353134303634376664643463653931366239343532376231663638626234393939636663306263
-62326538343764363433646464623938333065623365663133656633373662353138363936356437
-64333231376131323263366239323462663833363365383135663430363562333364653235623339
-30626339663964633064613937326161346133653435623536346561663033383730386163306165
-34383330336636316461346133656430306362363031633536663131363830323332326466336262
-65333530306462613766626636643635613663613432613632386338323764316163613337656238
-63366530663465333530336539336664613334316264663338333463356436646336346232326166
-32653664666138353930373836306662306336383461643632373031626461303065316637623837
-37613538346233636265336139643033383433613565623539303665353732623762663762643132
-62643431313132333039653435353939356564383762366331316663663262366266636130633737
-38633965333366333466623132343366386465316263353566353065393463383930323937316539
-37653137313638323330306332373766663266663332643062373966356635653537643632666138
-37336561383132643962313862613933303065363135623434383737626138383030366264643230
-65656138373639393931306263346139383137656562633631333365383538333963356364333936
-61306261306533313038303165393134393830613439353730656131633764646235353966313637
-39353035626465343931386135323934316561646265393239346361343164373461373462353663
-30626630383336663730643038636235313062333339623366323335366637613934666133306564
-35626466366533303763363662393739613430303834663834386438333338636333333263643866
-66336138356236303338333239363266313766373964643862653437366433623733643162636466
-39383364353133383538666634653635636463326238626665346162633032393935383733356532
-32366633656365633737383265616631363035646533386335356361353337613739386632646635
-36343833633335316563656438373261326366333031616133356266646366306137343737303761
-64646635366664643835643266303237643664343935326239306233663062616437353432346162
-39376564336161383265633131393530326236336566616463376632663431376131653835313438
-33333335363034306561636564313930316537643835666435633061666363306536383362656239
-386331323239626265646535303333313536
+62343438353064306334646339343562363666323133383166663932666133323032346635313632
+3233353735353339663737393336323662393336323539350a393563656332623361373263336365
+62303036303062643966316335326533346532653961636132343538653432656432396562633538
+3632396262653165320a373838636564633838626330376663643865353931333036343131393234
+39373435363134373539313335626135323037653739333935356430656563353666656238623332
+39613266376637623932643064663032663965396165623966383231626130653561633531373265
+65663836303438613063653566356234656663633031316662643637393461386530383461333333
+66366430636633623762366334666338316663306637643663626162333266383963656430663066
+35343132366562633563336335336130353531626363646631353663623964303261613530643962
+61356436623664346137633239643032613665323464663961373463653338626266636361316332
+63336466663363396564343264346335303936663261333061336133623635326430363862396263
+63303166333837323036623461653331666266653764383738313330333036323532613630396137
+61346133636265306664306433313963616131653631626131313430393839356536643361643632
+62393064356139393633363836633337323563336530363434386535646631656434613830336336
+34663534383334393139656233343730393231333333386330383761306632313861333363653066
+62386562326464653936613065656265613035633534363866343532373235346338356639613337
+33333763393466393965616634646430393939333536663166376264626135663662353761303934
+62303666616162393361333631656239386430663134643966323936373437623666383361343931
+63373832646137363030363665393066623235316235353332623137303437626635353164393033
+32613764323034343161333062646635336566333761376631333562316234326430376339346565
+66666535643636363831366234386236636133646365616436646232333636333766393139663530
+32613430626363343466393136306466393933393236636334333237616666643439303362666436
+30326135336366353635633661643036653631633930366661626339333637663461366663643262
+61373835303763383236336262363335343961366632373132373462303262396235633230666530
+66663266653430646438383739306161336366373164626235653161613763346339346661366136
+33653239636230616234346363636262386465396364373335383064323831373539643939396639
+62323833303063643437653261356130353435343335353662366230363238323664313265363061
+33663664386638333664323336373865356233643463636263373130383339326236353638333237
+63343830633638306634343633346563613531316530353463663662633531323637386631343530
+36376235643239333766373835343466663639383130373332346238386539653363373163623834
+37363135313263303831643832633566323736303561393634353739373563316539376566336335
+30626331393738666638306365346238313862363739303066613136653034363930613561663339
+35343335326533366333336337376366656331653133343361316539393531616232656631613463
+63333535653462303963626336333533376336636466323863633434363635353433366137343664
+34356636376139313033313137366564396634633631336431336532623365666364383734383636
+37306165656261346530666136613738363535373034326439393265653639633132653863306563
+30313361343434383831363965366264393863613339383261313462626136633239393933626465
+34353161373735643933666430353038623331646563343336656338636239646235326265366462
+34363832393261346339386362383433396565326562393136616337353662653134333535346437
+63383838353731656631323537353338613433626630623736653337323261333830306332643738
+30666131663535343239346332303766306661326436653637613134316365316233666132653932
+61353465663962653838373962636533303730303364393963643135316335306562363936356263
+35643466333138613131316562376236613161363863333566346163333130616163316431366635
+35343162333337393436633639386333646462336634366533623330643339616564653266333934
+62646265323730366339386637656561313036393138323735323832303933323766356466306331
+30303030303264626235323839396564356533313334313636653331373334396331393563366238
+32393066333064373238626334666131353131643464343961303130323935383332393235383332
+64663335333265396466343232336363306666666663623632633531313863313138343061303037
+39306430373537663461656330656463623763336233666361653331383165326237643930316464
+30383830663466383065376665313333613161663830663038363765613162333662376532303364
+36393265643636353766303062653365666263326465633063333333363234363765663738323663
+64336164646661636231363437663636373234643361323035356139343764653062323439393361
+62316438363635653233626333393739396237356535326463306235616465333533623763356564
+38393065323835333232613865383263646131313063333662633865636534303166663465383333
+64643861336465363138383764313063336561393266386563333635643761633736313339616561
+33613639393836656232356533653466346364303538333437323739663165666636663433306336
+30366339613532356465363235326330363266646134326236626635313239616437326439396432
+39343833363233323239303964373238343231366363373633363739306636373937656664663830
+30636335373339666538613034393661323661373038316439373763356365333838323838646434
+31366630316435343466386535656636663633363331636463633362636436643030363333623438
+39663936323934373838616233643334306532376565323233333664343332326165323332643732
+64663437666133316561326663383832363765633462306237623230306233383333356534303664
+33306462643932353430306439313539376236316466653330323365653166633563613239336437
+38383864633064303362303239343130626564613431666433626663346131633633626365626164
+33323436326430303761663765616165393132396264383266666530366331663632623662633534
+33383233653636316239333661303766626266373964376265636231353334313963313339383264
+35343938366664613763623037313135343838656434366334326437623130616563313335613530
+61343765396635656338343261363030313734613663336337313365386662646165646430373636
+61373434396639353339343238626239383161633135393534363133313331393036656138376534
+66633633303864613632393439396662653232626635636563386230623136313737343262663231
+36313833646565306237393536336231313830336135343232356263386663356537383832373530
+33623534313938323765313737643236316435336238626366636265613936373064306537336430
+36326434646538646462326636666237393631383561313463333262616530616363633833666165
+63613831353666323639356537373763616261626661633963636361386165386630383765616135
+31353234343733393464376536316162636230323136643266636437646562346330363365646466
+63376238366137333238633739393633663838623432333961356530326563333833333538383766
+32333933363238323631613232373731623664303839636132393736346533396238313932623264
+39613937366338626536656230633730653463323230336430373838613737646666366662613935
+38373161323737646464383732306636323461646439383932353131626437373463333931346361
+62373138363462616438636537626164366461313665333637666663333139333231616261313833
+32366339633831376537326238636464313433363836653331353839303233346538623038396138
+34343534383130666137306562313139343335303434663432333865396430323138616130623335
+66653163356334383038313034326163373664393161656232386331663161643430356563393837
+37323532653034393333356137663966633865393864623638353338623066636634386336303139
+61633666643235616133363439373163303361666365373431633762393965323764653730383536
+65303762343133383565313461623031633833326531326636343632323636666633643733386563
+61373064343339323837306262623364336232363761373734333136343230373964616361653031
+61636161633538636538396436386362396461303737633732653763663137653864663733633836
+61643337663030323031326438646533363365333530656434643933326638653137663839396464
+35313065393665343037303733616164363065333062383030623830623763646132313238663434
+66653362333463343261386463323234303663303661306238646466326466376136303232323232
+63323963646234636438303265666331316534393962386538356339306537363464353830613764
+66656264393965353138396538653435303435383036616635343434356538633638373762646438
+30656236346662356562646665636138303661346634613361343766343435343862313233313166
+37616564663233333131623563303737383438323832396239656462363966663934616133346630
+36363939643932353739383535633434646163656230613261353462633631613135386638336665
+34303139323436326364326236626536663261313134663935343365653534346437643261363637
+61303532373435356663646136396139656234333961646364393035393864313236663764323766
+35643666633830376133393566386562306432343563653035333033306138316161653731613061
+34313335366363646334316564323265643631666466393632393533356135653539336261623761
+63366633636336393562636238316132386333363161383763386338623830343839613338646665
+35316632316339393265313334356637393762383966386539376634636263323638323037373736
+38353862633864343937613331303939663038346235616232643264623439313363366339313230
+33666538623834326330376533316536666531666466663035303238356636356465646230313230
+33636235396135303362363831326130356438643432343737623430393639623363333439353534
+33616636626635326138313266333366653765636637393033336237333038663765366539616439
+36366333396562363761336131626632353036653066623133666262663662623765333732663534
+31643034616132373363393338623132616637303630616437363930623633666635646664656536
+30316564623266353763346563346337343661626630623834303162306337343233303663616230
+66656339373335663331613261656331393164396262656234653838306632613966336164393739
+31353035383832396262643539373839373662646133326236666536366134353838326136663735
+32666438313535313166356166626330393933646536336436323531306436353539376464656563
+36383762643331663933663362353765383363636532366438306232636537353231663665663164
+64343439653766643862343331393538336330633032636131623862363734356232336333303466
+39303537373830623862376162303563366539313066643766313561306661663034336533346130
+61343461316136373661356665373266353364386462346235646263623061396561353966336539
+34376430663961376439326437663434363035303536393439336164386235393962666134386439
+35646133303232316566653038313735383233313435356266663739333964313530393964346663
+63616635396135363661373161616666323239306635656161383136323831336638346564643561
+37396130363138663761613231393264633861633836323236663931616330633035303632353365
+39383734326337356138626235346238363537323262633839393762383462373033653031326363
+66336631333230313166626531326435656430373538396436623430643062333034306135623136
+34386334643839613437333063663663316138366634373931313434323039303233613664363765
+64333437353662626538653930336263323537356461303031316537653566333235353239626266
+62316631643132626235656231633566663365396232366564306166383264653363356433396335
+62343530396237363337613837333338613561313063656530393933653164323166633638616561
+32633830343461336466613338633865376663373933613231303938316534353866393063616139
+65663766666632613366636632653931363232303339396231636235396230353138336134633763
+30636362313564316332316134343661313664333730366362633762346339366265303633346666
+39623539386461613232353065343862613463633465633337306435316639666436393038646337
+33393932656438656431666439336437633465336438653661366566613765656264316233613162
+65393061383438643364613030643835646463633235323138636264613834613034396166323862
+37663236386538666630663866346539623734396664376632653537343430306539633362366666
+61343637616163663838653361636364326162363739303436643733343337333561633934623239
+33303666656530366231613539623037343233623931616335616365386564316661393336363139
+65363564336638326662653237373665383061633930323338336338633836306636306262363733
+61663364383130626466656133333636333661316563373731383434316230396337626237386263
+33323436373830326437646131373132653831373333663863373166366437353661303966363362
+38366435633562373734313232363739636232376164336235313632366535306465613530373336
+63666136316333366362303566336636306366333330656561663738373439343033333433643339
+33313835643164356563663366653065373037633633623137366630316637393364646563336664
+37333132356463316437383561326636646434353664303863393332373836643165666139353561
+35653537373364383266653265316261323031643735653333353232646239346338323066313061
+39373634346563376665613763316439383932653166316363393530363966383461303233333930
+64366263363432623563313535666131613765326639313338623830393062316436623036623732
+3836333637666134663839636634616464373539376263623131
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index bf97e97..40dd22f 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -188,6 +188,35 @@
       [General]
       loginMode=emptySession
 
+- name: Fix primary screen for class room PCs with projector
+  block:
+    - name: Switch projector off for login
+      lineinfile:
+        dest: /usr/share/sddm/scripts/Xsetup
+        line: 'xrandr --output {{ dual_screen[0] }} --off'
+    - name: Deploy fix-screen script
+      ansible.builtin.template:
+        src: lmn-fix-screen.j2
+        dest: /usr/local/bin/lmn-fix-screen
+        mode: '0755'
+    - name: Deploy fix-screen autostarter
+      ansible.builtin.copy:
+        dest: /etc/xdg/autostart/lmn-fix-screen.desktop
+        content: |
+          [Desktop Entry]
+          Name=fix-screen
+          Exec=lmn-fix-screen
+          Type=Application
+          NoDisplay=true
+  when: dual_screen is defined
+
+#- name: Avoid starting kscreen (confusing autodetection)
+#  ansible.builtin.copy:
+#    dest: /etc/xdg/kded5rc
+#    content: |
+#      [Module-kscreen]
+#      autoload=false
+#
 #- name: Disable automatic lock screen and user specific modifications
 #  ansible.builtin.copy:
 #    path: /etc/xdg/kscreenlockerrc
diff --git a/roles/lmn_fvs/templates/lmn-fix-screen.j2 b/roles/lmn_fvs/templates/lmn-fix-screen.j2
new file mode 100644
index 0000000..2aa7cc2
--- /dev/null
+++ b/roles/lmn_fvs/templates/lmn-fix-screen.j2
@@ -0,0 +1,10 @@
+#!/usr/bin/bash
+#
+# Set the primary screen after login
+#
+set -eu
+
+sleep 5
+if [[ "$XDG_SESSION_TYPE" = wayland ]] ; then
+    kscreen-doctor output.{{ dual_screen[1] }}.priority.1
+fi

From 665109ef5563c93e96b90f72b26f6049a82b2128 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 20 Feb 2024 16:35:54 +0100
Subject: [PATCH 488/504] Improve emitter and time stamping.

The emitter failed to keep book on hosts where ansible did not succeed.
---
 inventory.yml  | 294 +++++++++++++++++++++++++------------------------
 lmn-client.yml |  15 ++-
 tools/emitter  |  31 +++---
 3 files changed, 171 insertions(+), 169 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 04cadf7..07c0e05 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,147 +1,149 @@
 $ANSIBLE_VAULT;1.1;AES256
-62343438353064306334646339343562363666323133383166663932666133323032346635313632
-3233353735353339663737393336323662393336323539350a393563656332623361373263336365
-62303036303062643966316335326533346532653961636132343538653432656432396562633538
-3632396262653165320a373838636564633838626330376663643865353931333036343131393234
-39373435363134373539313335626135323037653739333935356430656563353666656238623332
-39613266376637623932643064663032663965396165623966383231626130653561633531373265
-65663836303438613063653566356234656663633031316662643637393461386530383461333333
-66366430636633623762366334666338316663306637643663626162333266383963656430663066
-35343132366562633563336335336130353531626363646631353663623964303261613530643962
-61356436623664346137633239643032613665323464663961373463653338626266636361316332
-63336466663363396564343264346335303936663261333061336133623635326430363862396263
-63303166333837323036623461653331666266653764383738313330333036323532613630396137
-61346133636265306664306433313963616131653631626131313430393839356536643361643632
-62393064356139393633363836633337323563336530363434386535646631656434613830336336
-34663534383334393139656233343730393231333333386330383761306632313861333363653066
-62386562326464653936613065656265613035633534363866343532373235346338356639613337
-33333763393466393965616634646430393939333536663166376264626135663662353761303934
-62303666616162393361333631656239386430663134643966323936373437623666383361343931
-63373832646137363030363665393066623235316235353332623137303437626635353164393033
-32613764323034343161333062646635336566333761376631333562316234326430376339346565
-66666535643636363831366234386236636133646365616436646232333636333766393139663530
-32613430626363343466393136306466393933393236636334333237616666643439303362666436
-30326135336366353635633661643036653631633930366661626339333637663461366663643262
-61373835303763383236336262363335343961366632373132373462303262396235633230666530
-66663266653430646438383739306161336366373164626235653161613763346339346661366136
-33653239636230616234346363636262386465396364373335383064323831373539643939396639
-62323833303063643437653261356130353435343335353662366230363238323664313265363061
-33663664386638333664323336373865356233643463636263373130383339326236353638333237
-63343830633638306634343633346563613531316530353463663662633531323637386631343530
-36376235643239333766373835343466663639383130373332346238386539653363373163623834
-37363135313263303831643832633566323736303561393634353739373563316539376566336335
-30626331393738666638306365346238313862363739303066613136653034363930613561663339
-35343335326533366333336337376366656331653133343361316539393531616232656631613463
-63333535653462303963626336333533376336636466323863633434363635353433366137343664
-34356636376139313033313137366564396634633631336431336532623365666364383734383636
-37306165656261346530666136613738363535373034326439393265653639633132653863306563
-30313361343434383831363965366264393863613339383261313462626136633239393933626465
-34353161373735643933666430353038623331646563343336656338636239646235326265366462
-34363832393261346339386362383433396565326562393136616337353662653134333535346437
-63383838353731656631323537353338613433626630623736653337323261333830306332643738
-30666131663535343239346332303766306661326436653637613134316365316233666132653932
-61353465663962653838373962636533303730303364393963643135316335306562363936356263
-35643466333138613131316562376236613161363863333566346163333130616163316431366635
-35343162333337393436633639386333646462336634366533623330643339616564653266333934
-62646265323730366339386637656561313036393138323735323832303933323766356466306331
-30303030303264626235323839396564356533313334313636653331373334396331393563366238
-32393066333064373238626334666131353131643464343961303130323935383332393235383332
-64663335333265396466343232336363306666666663623632633531313863313138343061303037
-39306430373537663461656330656463623763336233666361653331383165326237643930316464
-30383830663466383065376665313333613161663830663038363765613162333662376532303364
-36393265643636353766303062653365666263326465633063333333363234363765663738323663
-64336164646661636231363437663636373234643361323035356139343764653062323439393361
-62316438363635653233626333393739396237356535326463306235616465333533623763356564
-38393065323835333232613865383263646131313063333662633865636534303166663465383333
-64643861336465363138383764313063336561393266386563333635643761633736313339616561
-33613639393836656232356533653466346364303538333437323739663165666636663433306336
-30366339613532356465363235326330363266646134326236626635313239616437326439396432
-39343833363233323239303964373238343231366363373633363739306636373937656664663830
-30636335373339666538613034393661323661373038316439373763356365333838323838646434
-31366630316435343466386535656636663633363331636463633362636436643030363333623438
-39663936323934373838616233643334306532376565323233333664343332326165323332643732
-64663437666133316561326663383832363765633462306237623230306233383333356534303664
-33306462643932353430306439313539376236316466653330323365653166633563613239336437
-38383864633064303362303239343130626564613431666433626663346131633633626365626164
-33323436326430303761663765616165393132396264383266666530366331663632623662633534
-33383233653636316239333661303766626266373964376265636231353334313963313339383264
-35343938366664613763623037313135343838656434366334326437623130616563313335613530
-61343765396635656338343261363030313734613663336337313365386662646165646430373636
-61373434396639353339343238626239383161633135393534363133313331393036656138376534
-66633633303864613632393439396662653232626635636563386230623136313737343262663231
-36313833646565306237393536336231313830336135343232356263386663356537383832373530
-33623534313938323765313737643236316435336238626366636265613936373064306537336430
-36326434646538646462326636666237393631383561313463333262616530616363633833666165
-63613831353666323639356537373763616261626661633963636361386165386630383765616135
-31353234343733393464376536316162636230323136643266636437646562346330363365646466
-63376238366137333238633739393633663838623432333961356530326563333833333538383766
-32333933363238323631613232373731623664303839636132393736346533396238313932623264
-39613937366338626536656230633730653463323230336430373838613737646666366662613935
-38373161323737646464383732306636323461646439383932353131626437373463333931346361
-62373138363462616438636537626164366461313665333637666663333139333231616261313833
-32366339633831376537326238636464313433363836653331353839303233346538623038396138
-34343534383130666137306562313139343335303434663432333865396430323138616130623335
-66653163356334383038313034326163373664393161656232386331663161643430356563393837
-37323532653034393333356137663966633865393864623638353338623066636634386336303139
-61633666643235616133363439373163303361666365373431633762393965323764653730383536
-65303762343133383565313461623031633833326531326636343632323636666633643733386563
-61373064343339323837306262623364336232363761373734333136343230373964616361653031
-61636161633538636538396436386362396461303737633732653763663137653864663733633836
-61643337663030323031326438646533363365333530656434643933326638653137663839396464
-35313065393665343037303733616164363065333062383030623830623763646132313238663434
-66653362333463343261386463323234303663303661306238646466326466376136303232323232
-63323963646234636438303265666331316534393962386538356339306537363464353830613764
-66656264393965353138396538653435303435383036616635343434356538633638373762646438
-30656236346662356562646665636138303661346634613361343766343435343862313233313166
-37616564663233333131623563303737383438323832396239656462363966663934616133346630
-36363939643932353739383535633434646163656230613261353462633631613135386638336665
-34303139323436326364326236626536663261313134663935343365653534346437643261363637
-61303532373435356663646136396139656234333961646364393035393864313236663764323766
-35643666633830376133393566386562306432343563653035333033306138316161653731613061
-34313335366363646334316564323265643631666466393632393533356135653539336261623761
-63366633636336393562636238316132386333363161383763386338623830343839613338646665
-35316632316339393265313334356637393762383966386539376634636263323638323037373736
-38353862633864343937613331303939663038346235616232643264623439313363366339313230
-33666538623834326330376533316536666531666466663035303238356636356465646230313230
-33636235396135303362363831326130356438643432343737623430393639623363333439353534
-33616636626635326138313266333366653765636637393033336237333038663765366539616439
-36366333396562363761336131626632353036653066623133666262663662623765333732663534
-31643034616132373363393338623132616637303630616437363930623633666635646664656536
-30316564623266353763346563346337343661626630623834303162306337343233303663616230
-66656339373335663331613261656331393164396262656234653838306632613966336164393739
-31353035383832396262643539373839373662646133326236666536366134353838326136663735
-32666438313535313166356166626330393933646536336436323531306436353539376464656563
-36383762643331663933663362353765383363636532366438306232636537353231663665663164
-64343439653766643862343331393538336330633032636131623862363734356232336333303466
-39303537373830623862376162303563366539313066643766313561306661663034336533346130
-61343461316136373661356665373266353364386462346235646263623061396561353966336539
-34376430663961376439326437663434363035303536393439336164386235393962666134386439
-35646133303232316566653038313735383233313435356266663739333964313530393964346663
-63616635396135363661373161616666323239306635656161383136323831336638346564643561
-37396130363138663761613231393264633861633836323236663931616330633035303632353365
-39383734326337356138626235346238363537323262633839393762383462373033653031326363
-66336631333230313166626531326435656430373538396436623430643062333034306135623136
-34386334643839613437333063663663316138366634373931313434323039303233613664363765
-64333437353662626538653930336263323537356461303031316537653566333235353239626266
-62316631643132626235656231633566663365396232366564306166383264653363356433396335
-62343530396237363337613837333338613561313063656530393933653164323166633638616561
-32633830343461336466613338633865376663373933613231303938316534353866393063616139
-65663766666632613366636632653931363232303339396231636235396230353138336134633763
-30636362313564316332316134343661313664333730366362633762346339366265303633346666
-39623539386461613232353065343862613463633465633337306435316639666436393038646337
-33393932656438656431666439336437633465336438653661366566613765656264316233613162
-65393061383438643364613030643835646463633235323138636264613834613034396166323862
-37663236386538666630663866346539623734396664376632653537343430306539633362366666
-61343637616163663838653361636364326162363739303436643733343337333561633934623239
-33303666656530366231613539623037343233623931616335616365386564316661393336363139
-65363564336638326662653237373665383061633930323338336338633836306636306262363733
-61663364383130626466656133333636333661316563373731383434316230396337626237386263
-33323436373830326437646131373132653831373333663863373166366437353661303966363362
-38366435633562373734313232363739636232376164336235313632366535306465613530373336
-63666136316333366362303566336636306366333330656561663738373439343033333433643339
-33313835643164356563663366653065373037633633623137366630316637393364646563336664
-37333132356463316437383561326636646434353664303863393332373836643165666139353561
-35653537373364383266653265316261323031643735653333353232646239346338323066313061
-39373634346563376665613763316439383932653166316363393530363966383461303233333930
-64366263363432623563313535666131613765326639313338623830393062316436623036623732
-3836333637666134663839636634616464373539376263623131
+61363036653134613330616231656533336663303062323734623234393436623962343935333162
+3430616335383530383366383930626563383931323538370a623162333933653466353034663262
+30366438363835663932373330386539353930376139373461636264616565376665336365336637
+6333653339623062390a343137663763663037393237346130363463383966613036353539306161
+39616162363836376531623132633465393231613261333261386465376339383031373066643462
+31373236623937616237333632363236616338626133616164313634343063323133303835336266
+32643265633533393263346366366162346335323236393033626235353433356664396363366465
+63356539636163666265646366333732623537383031626538343137663262333739303531323566
+66316137316538643132323538383936336435356534353032613733633138643932613737626233
+35323737366261633664336437613730386232666564643361643031373033643739653031393231
+64356433396539323164373931653863336562333161383230336639316266633365323462633865
+30333235336336643331653034653134353166326336373266353632633234343338323166343332
+36616335653232613435313236626665386437313263633864393432363765303362393931323337
+62303165346631636635303039376666643061363839653961393539646566346361643334643163
+37666663636238306266396165343037326362386662613466633662396231613633373138353131
+30343462633865626139383933613337363661333036363237343336323966306563633131383734
+35313266346366653338346464356666653537386264303866303562333963616562333933666236
+63613436636164373264386639326534383333336261323232373437366136316336346536353938
+64633932326665656465353738336136366634646434356136346365346663356339343639643538
+30333734616535653064336335363366636635326430643138613461313666633138626134366364
+65646636303261363936323364653137626538356339306333323038376364356635666436653330
+66633837313830626434393239313062386335656339623661303461656362396265656238323034
+36653537636239623366636233633462393636663937353535303261643363393133343638366631
+62326562643634353235366163643063323464643532376330613862353034633561626339323165
+33316163376630643131323332393266396331353531366264396461373538343531383262343361
+61656430343863306163626262613434313737656335623863626662376162666235623539326264
+63333666343830303934373761376432663139373637393939633930373038663063316635346664
+31623635346638353364343862363432353430623762336462643363326435303663343132656133
+30666265343162336137646230666662323033313561353336306461666638323761383632393230
+30396337646130373266306463663239373064393236643031373037326230653836383932393164
+64343231326366386231613231313630386266303463356231303065643762383334663666656566
+63383936373030376263363935643663623838346233343736343563633262356564633437373662
+66396633346233633432343562373038663834343238626333626430386233643230373930666532
+62383336633638323136383133613762346261613963353437656366356461653262346230333733
+38653862343331316631653231343066323835306634393632366566613230343338303961336235
+31343466393339653065646231363136633866626634376563353931616464333432323231643832
+34316234643863653763323136373135666336376136346339376664303232386532383063663036
+33383236383363303261353138346234363063623736353132663230306230663137366565343162
+36326666376336316534313630336464396338313866613462643236336461323239303635393330
+38356136653035306538386365306232613966333332393035376164373932656139666233633036
+64623966663135666234306231393062306338356461626332316630353964356336323261363236
+30646534353766636232363437633037373766353866343033633630393437633739663530643439
+33316338336538383165333766613634636163666266306435353132663538366138623438386131
+37656664613833313530663031633833373634643031303037366264646233666232613638636532
+36373835663332656462643135366635636639613661663436376433353966343135616561323135
+65346636623833303733346430303563666230613430393364313534656430336532333636396434
+32303737336662373765336665376431303033623063663761373431326234343764393961396261
+37303264363662313663663736653935366334336562303536346532343464336236646665666638
+64636437656261303938636563393838326633306131386235663838326564373739373565393834
+32613131316433306162626339316436376432326365663239323338626231313434303833343433
+36633937613161643934393538633434663838303430353434323463336438343734333363323232
+34343262306334613237393134323834643438336437386565666333373665626131616236383730
+32643132343764383333393936643032623064313566333831373265383932326630653634313034
+38313839616535663865643234326131323961363036343336643432363735356461353938333835
+33306665333638363464336463396464666466613935323339623437303034626136626461343366
+35396465333436326139373862323533366237653836646465313436343637373365653266303362
+64316633636530353461373563363736383437373932356333366138346361346536636334363334
+63666430353038373639336165363033626566303633383731336639656363626330316633366139
+62346162343332303136336362376438396431333436383362313733353861633135306237343635
+30376535346438376138643161626338353562396232633837666233386235623131643333313161
+33386465306231303330313030363432323462393064363266363331373338613665356564396134
+64613762633533346136646562353338393131663164306535653038623035623231303137356233
+65613931396537313737303235663730623165663863393937326466653265393463623062636237
+65356337323236643661333863366332303239303231373036303631316431656635633863646333
+31383432646666623131646230323937366332626537633131383238656436636365336466313431
+61326637616533663330356265643331656231306239363661366136303135386464646332643834
+33666338633664353531656463653930326161323861663963643063646338633635636336393738
+62343730396234653132653139343330623932363835643766613239356333326532316136626638
+35376663323438313238383332653630333432623061616561323834323935323365343762616232
+38383538323239656130336336383132386666653338333662306331636138306435346636393661
+31386366643639393734393037653764363865326235313663393030356233313137373733373364
+35626337666530656135353539643734653861663534353762333433646537646636666533613261
+62636433636330333437643861306236613330323838333331666231633437306139336339356434
+37616134616366383239663233643864613762613862363038346631383162643432623766303934
+32306530343434366334386464316533613239623335623633376633313638353531353963373539
+34663330636362326537613233373132646130386662353864663632666233356335616533363334
+64323830396132356538646531656661613164353634383939623361373734636237633030396463
+62346161636332386633353064343764373631643962373664613863336337346333633234646565
+35653137613736313630623465663739386238306530316637646664633233333461386464376161
+38363735366161323166333662333930363837306262346261323831303336356661316431653537
+32383262363464626337666131376666323535396231653338636262636532333235313564633764
+64383431376137373464333264353638373733366633303764396139666237333939653130383166
+34616535363635356166663162383037643263636531303465616633363561636130633666306339
+66666665373136633963333162626636346130323034653836613737616234366564363063353438
+31333064636431613462366666666531353139653566363662353263666666383035636231613335
+61336530623664666534613364306634333632373333636564663537323530393339396636396566
+64376164306238366465623164633034383937396235666538346333613931383163623132633335
+62353834383530656537303434373838616432313536613433643433313562633630366465316464
+36316564376362646234323438613062306362333535336566633937326565386264643162376662
+64656338366236386537643564306131636230373939376439363939343134623639313238323865
+34353734663036353535356664393635656335623633373139656534386531346139646565656634
+37633363336636656235623465356661623433323832373539306533626433663737666233366666
+64343034613137616562366161343165333737373831643963663932306665623465363631356165
+32383735626361346539653134336539363038653736323466613366623230623266623265623737
+61393464653735643539396330366266626366633966633433343037393539663436336630333264
+34363864356565303732646163393562653064393731623534323637313865666164643239653166
+65636131656462623231313963643831626365353066646134633038393031626537396433363035
+35373030616561356464386661333966623163383431373731363932656138346437356462346135
+37343538343264613032613833653666636263653465383635313036626134333165383137343862
+66363066623639373137646364303462303031346661666130643034383234346265353539336339
+31646265376463363530633332646530373339346663636365663936363338346532623032323231
+30313630633836656666356466383166393036663431393962313861383634636535323463306135
+39313164303263343464663335366262396366663138336338616330366663383166386338656430
+37306464346136363736353838636439333863343761346461336337353065633433353333363961
+35616637626331646330653866316165653462353532373137393235386132366431306430346335
+35346333623766303963613162653164633762353738346361343732353939346362306132623261
+32306334303965633162336462396337353037613465323632313038656566323866343936386337
+63353136373436363065393163626237396665653035643365373865613162393164613631383530
+63376232316362656466386564393139636131306564643331623861353636313438323031396264
+32663334613438646662366530656233373466643066363131313864326537653932383737373932
+61663333313538613034663461313964313366643332393962346639313965653734623463383331
+36343936323332393633346232626439366262303635313466633665313130376366313561336230
+62366139373563306666383562616335623664396236336164643262386363643037396665623865
+65623864623939653265623733343361356432303438623736623330393164323039623465353266
+31363562316438316461363839373833366463316262326632373238643338656561643566626337
+63396431366562373831623337643134663139663832383630653330343331306262646630633261
+65333262323463636534623137653534653665306662666365303738333732393264386132396633
+36613362303663326337333138316261343135666637626133383833393234353836326233616637
+61646130383264383430616637396365633561646132616361383830393966306139633966633635
+35373531653737356562323739643465313139663831643730663238653962383961636664343930
+32393836656230633432323631643631363364643161383930646666376665326163353131393733
+38653530383264343233306630393865646462373761363135386461336239646662386239336663
+35343337656564333434363963333137623237333361626466663236336565346661393634393163
+34343466353064343564313533306630653764613239323638313837343335616134376631323461
+39616132656431373265313738643234643733396361373637393433343666356338383736333137
+65653962323561333033613732653630636131623938393037373935613364313936623562343938
+61663736626538323565376631366363333430316334356136333863656635636665653563643435
+64383135613935363130303437313861313739653333306638303839366166343362633130666532
+37653139633639343032373737623161346134636538643661363666616233356438383266303565
+38353536366232636637333331303739616230303332656534333633623336316266376431333861
+33616232636137613537626230353163326531333336336434363465633466383530633733386535
+32386638653531643933316661333137323236343330656631336139616336613032366161633839
+62373065653937343162336331623639333437393864386133653663353235393938653235373333
+33386263383839396138323566386361393933623332343762653864626439613866623137633963
+63383632653636353065316531333465353763653565616230303532333763393731343165356666
+63616132376139666631393066323438353335313165316539626562646638643865373234303635
+33663330336638653463373337656464396463326231323739376238373264356136636362386164
+32353238383262633061353466333531646236303465323735373035623935356564656138623735
+32393431653163323935613663343064663234313436643463633465376265633466333036386363
+36396434303164343532343430323639346535613663643031383363386161643236646236373763
+65623965316138333037643138613731613833336663393732353439366539393439316536343938
+30366663363539626639326565343931323564336636386534326663356562353339343732333930
+65613064663437366437386364303366356165343639656532373664333030363639353937363463
+34356538353363366331326661613237326163386666313639356335656366633333616264633766
+62396262323663376338363466343333633663306334666634633662663432313861323738303961
+38396561663436363461626465613663616564333236343834386261653462656532656561393636
+32666431646433356134376165336562316234326435336437636133323463366364393034363733
+62633739613634353733
diff --git a/lmn-client.yml b/lmn-client.yml
index adf1456..cfb70ee 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -87,12 +87,7 @@
     - lmn_security
 
   tasks:
-    - name: Timestamp successfull run
-      ansible.builtin.shell: date --iso-8601=seconds >> /root/.ansible/stamps
-      changed_when: False
-      tags: upgrade
-
-## Temporary fixes and quirks:
+    ## Temporary fixes and quirks:
     - name: Fix 8086:4909 external graphics card
       replace:
         dest: "/etc/default/grub"
@@ -244,6 +239,14 @@
         line: DefaultTimeoutStopSec=5s
         insertafter: '^#DefaultTimeoutStopSec=.*'
 
+#################
+
+    - name: Timestamp successfull run and send up-to-date report
+      ansible.builtin.shell:
+        cmd: date --iso-8601=seconds >> /root/.ansible/stamps && /usr/local/sbin/reporter
+      changed_when: False
+      tags: upgrade
+
 #################
 
 - name: Apply additional laptop configuration
diff --git a/tools/emitter b/tools/emitter
index a7fdd82..be950c1 100755
--- a/tools/emitter
+++ b/tools/emitter
@@ -28,7 +28,6 @@ echo "Time stamp at: $timestamp."
 #dir="$(mktemp -d)"
 dir="/tmp/emitter"
 mkdir -vp "$dir"
-touch "$dir/${timestamp//T*/}"
 
 hlist=""
 n=0
@@ -51,24 +50,23 @@ find_outdated(){
             if [[ -z "$ipa" ]] ; then
                 # FIXME: Outdated report format, try fallback:
                 ipa="$(sed -nE "s|^.+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
+                echo -ne "\n Outdated '$ipa': $file"
             fi
-            $debug && echo "'$ipa'."
-            if ! grep -q "$ipa" "$dir/${timestamp//T*/}" ; then
-                echo "$ipa" >> "$dir/${timestamp//T*/}"
-                hlist="$hlist,$ipa"
-                n=$(( n + 1 ))
-                if [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
-                    ## ansible run needed at least on one machine, run it on all:
-                    echo "Triggering full ansible run!"
-                    ansible_arg=""
-                fi
+            hlist="$hlist,$ipa"
+            n=$(( n + 1 ))
+            if [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
+                ## ansible run needed at least on one machine, run it on all:
+                echo -n "✗"
+                ansible_arg=""
             else
-                $debug && echo "Host already processed before."
+                echo -n  "U"
             fi
+        else
+            echo -n '✓'
         fi
     done <  <(find "$logdir" -maxdepth 1 -type f -mmin -$age -print0)
     hlist="${hlist#,}"
-    echo -n "Running hosts: $running, to be upgraded: $n. "
+    echo -n " $n/$running "
 }
 
 run_ansible(){
@@ -78,8 +76,7 @@ run_ansible(){
              ansible-playbook --vault-password-file ~/.vaultpwd \
              -bi inventory.yml "$pbook.yml" "$ansible_arg" -l "$hsts" ; then
             while IFS= read -r ipa ; do
-                sed -i "/$ipa/d" "$dir/${timestamp//T*/}"
-                echo "IP address '$ipa' removed from '$dir/${timestamp//T*/}'."
+                echo "Ansible for IP address '$ipa' failed."
             done < "$dir/$pbook.retry"
         fi
     fi
@@ -87,10 +84,10 @@ run_ansible(){
 
 #################
 while true ; do
-    date --rfc-3339=seconds
+    date +%H:%M | tr '\n' ' '
     find_outdated
     run_ansible "$hlist"
     t=$(( 600/(n*n+1) ))
-    echo -n "Sleeping for $t seconds now ... "
+    echo "sleeping ${t}s "
     sleep $t
 done

From ad76bbd1f1295d97d63f787f4622d1e66d377196 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 21 Feb 2024 20:07:09 +0100
Subject: [PATCH 489/504] For some laptops, wifi is off after booting.

---
 roles/lmn_wlan_iwd/tasks/main.yml | 44 ++++++++++++++++---------------
 roles/lmn_wlan_nm/tasks/main.yml  |  3 ---
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 6d627be..301144d 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -2,12 +2,13 @@
 ##   wget https://cdimage.debian.org/cdimage/firmware/testing/current/firmware.cpio.gz
 ##   cat initrd.gz firmware.cpio.gz > initrd-fw.gz
 ---
-- name: Install packages related to iwd
+- name: Install packages related to iwd and wifi
   ansible.builtin.apt:
     name:
       - iwd
       - systemd-resolved
       - firmware-realtek # for our wifi sticks
+      - rfkill
     state: latest
 
 - name: Disable wpa-supplicant
@@ -32,27 +33,28 @@
       [Security]
       Passphrase={{ wifipasswd }}
 
-      # - name: Use iwd but ignore wlan interfaces in NetworkManager
-      #   blockinfile:
-      #     dest: /etc/NetworkManager/NetworkManager.conf
-      #     block: |
-      #       [device]
-      #       wifi.backend=iwd
-      #       match-device=interface-name:wl*
-      #       managed=0
-      #
-      # - name: Configure systemd-networkd
-      #   ansible.builtin.copy:
-      #     dest: /etc/systemd/network/80-wlan-dhcp.network
-      #     content: |
-      #       [Match]
-      #       Name=wl*
-      #       [Network]
-      #       DHCP=yes
-      #       [DHCPv4]
-      #       UseDomains=true
-      #
 - name: Enable systemd-networkd
   ansible.builtin.systemd:
     name: systemd-networkd.service
     enabled: True
+
+
+- name: Provide service to enable WiFi on boot
+  ansible.builtin.copy:
+    dest: /etc/systemd/system/enable-wifi.service
+    content: |
+      [Unit]
+      Description=Switch WiFi on
+
+      [Service]
+      Type=oneshot
+      ExecStart=/usr/bin/rfkill enable wifi
+
+      [Install]
+      WantedBy=multi-user.target
+
+- name: Enable the enable-wifi service
+  ansible.builtin.systemd:
+    name: enable-wifi.service
+    enabled: True
+    daemon_reload: True
diff --git a/roles/lmn_wlan_nm/tasks/main.yml b/roles/lmn_wlan_nm/tasks/main.yml
index 31b04ed..7122c7f 100644
--- a/roles/lmn_wlan_nm/tasks/main.yml
+++ b/roles/lmn_wlan_nm/tasks/main.yml
@@ -1,6 +1,3 @@
-## Make sure to use an initrd providing firmware:
-##   wget https://cdimage.debian.org/cdimage/firmware/testing/current/firmware.cpio.gz
-##   cat initrd.gz firmware.cpio.gz > initrd-fw.gz
 ---
 - name: Configure WLAN for devices
   community.general.nmcli:

From e3db074ba7e78945db8d771e50b6e1bb3a65f7c2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Wed, 21 Feb 2024 20:09:06 +0100
Subject: [PATCH 490/504] Use groups instead of boolean group varibles.

---
 inventory.yml                    | 294 +++++++++++++++----------------
 roles/lmn_fvs/tasks/main.yml     |   2 +-
 roles/lmn_network/tasks/main.yml |   2 +-
 3 files changed, 148 insertions(+), 150 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index 07c0e05..bf91fe1 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,149 +1,147 @@
 $ANSIBLE_VAULT;1.1;AES256
-61363036653134613330616231656533336663303062323734623234393436623962343935333162
-3430616335383530383366383930626563383931323538370a623162333933653466353034663262
-30366438363835663932373330386539353930376139373461636264616565376665336365336637
-6333653339623062390a343137663763663037393237346130363463383966613036353539306161
-39616162363836376531623132633465393231613261333261386465376339383031373066643462
-31373236623937616237333632363236616338626133616164313634343063323133303835336266
-32643265633533393263346366366162346335323236393033626235353433356664396363366465
-63356539636163666265646366333732623537383031626538343137663262333739303531323566
-66316137316538643132323538383936336435356534353032613733633138643932613737626233
-35323737366261633664336437613730386232666564643361643031373033643739653031393231
-64356433396539323164373931653863336562333161383230336639316266633365323462633865
-30333235336336643331653034653134353166326336373266353632633234343338323166343332
-36616335653232613435313236626665386437313263633864393432363765303362393931323337
-62303165346631636635303039376666643061363839653961393539646566346361643334643163
-37666663636238306266396165343037326362386662613466633662396231613633373138353131
-30343462633865626139383933613337363661333036363237343336323966306563633131383734
-35313266346366653338346464356666653537386264303866303562333963616562333933666236
-63613436636164373264386639326534383333336261323232373437366136316336346536353938
-64633932326665656465353738336136366634646434356136346365346663356339343639643538
-30333734616535653064336335363366636635326430643138613461313666633138626134366364
-65646636303261363936323364653137626538356339306333323038376364356635666436653330
-66633837313830626434393239313062386335656339623661303461656362396265656238323034
-36653537636239623366636233633462393636663937353535303261643363393133343638366631
-62326562643634353235366163643063323464643532376330613862353034633561626339323165
-33316163376630643131323332393266396331353531366264396461373538343531383262343361
-61656430343863306163626262613434313737656335623863626662376162666235623539326264
-63333666343830303934373761376432663139373637393939633930373038663063316635346664
-31623635346638353364343862363432353430623762336462643363326435303663343132656133
-30666265343162336137646230666662323033313561353336306461666638323761383632393230
-30396337646130373266306463663239373064393236643031373037326230653836383932393164
-64343231326366386231613231313630386266303463356231303065643762383334663666656566
-63383936373030376263363935643663623838346233343736343563633262356564633437373662
-66396633346233633432343562373038663834343238626333626430386233643230373930666532
-62383336633638323136383133613762346261613963353437656366356461653262346230333733
-38653862343331316631653231343066323835306634393632366566613230343338303961336235
-31343466393339653065646231363136633866626634376563353931616464333432323231643832
-34316234643863653763323136373135666336376136346339376664303232386532383063663036
-33383236383363303261353138346234363063623736353132663230306230663137366565343162
-36326666376336316534313630336464396338313866613462643236336461323239303635393330
-38356136653035306538386365306232613966333332393035376164373932656139666233633036
-64623966663135666234306231393062306338356461626332316630353964356336323261363236
-30646534353766636232363437633037373766353866343033633630393437633739663530643439
-33316338336538383165333766613634636163666266306435353132663538366138623438386131
-37656664613833313530663031633833373634643031303037366264646233666232613638636532
-36373835663332656462643135366635636639613661663436376433353966343135616561323135
-65346636623833303733346430303563666230613430393364313534656430336532333636396434
-32303737336662373765336665376431303033623063663761373431326234343764393961396261
-37303264363662313663663736653935366334336562303536346532343464336236646665666638
-64636437656261303938636563393838326633306131386235663838326564373739373565393834
-32613131316433306162626339316436376432326365663239323338626231313434303833343433
-36633937613161643934393538633434663838303430353434323463336438343734333363323232
-34343262306334613237393134323834643438336437386565666333373665626131616236383730
-32643132343764383333393936643032623064313566333831373265383932326630653634313034
-38313839616535663865643234326131323961363036343336643432363735356461353938333835
-33306665333638363464336463396464666466613935323339623437303034626136626461343366
-35396465333436326139373862323533366237653836646465313436343637373365653266303362
-64316633636530353461373563363736383437373932356333366138346361346536636334363334
-63666430353038373639336165363033626566303633383731336639656363626330316633366139
-62346162343332303136336362376438396431333436383362313733353861633135306237343635
-30376535346438376138643161626338353562396232633837666233386235623131643333313161
-33386465306231303330313030363432323462393064363266363331373338613665356564396134
-64613762633533346136646562353338393131663164306535653038623035623231303137356233
-65613931396537313737303235663730623165663863393937326466653265393463623062636237
-65356337323236643661333863366332303239303231373036303631316431656635633863646333
-31383432646666623131646230323937366332626537633131383238656436636365336466313431
-61326637616533663330356265643331656231306239363661366136303135386464646332643834
-33666338633664353531656463653930326161323861663963643063646338633635636336393738
-62343730396234653132653139343330623932363835643766613239356333326532316136626638
-35376663323438313238383332653630333432623061616561323834323935323365343762616232
-38383538323239656130336336383132386666653338333662306331636138306435346636393661
-31386366643639393734393037653764363865326235313663393030356233313137373733373364
-35626337666530656135353539643734653861663534353762333433646537646636666533613261
-62636433636330333437643861306236613330323838333331666231633437306139336339356434
-37616134616366383239663233643864613762613862363038346631383162643432623766303934
-32306530343434366334386464316533613239623335623633376633313638353531353963373539
-34663330636362326537613233373132646130386662353864663632666233356335616533363334
-64323830396132356538646531656661613164353634383939623361373734636237633030396463
-62346161636332386633353064343764373631643962373664613863336337346333633234646565
-35653137613736313630623465663739386238306530316637646664633233333461386464376161
-38363735366161323166333662333930363837306262346261323831303336356661316431653537
-32383262363464626337666131376666323535396231653338636262636532333235313564633764
-64383431376137373464333264353638373733366633303764396139666237333939653130383166
-34616535363635356166663162383037643263636531303465616633363561636130633666306339
-66666665373136633963333162626636346130323034653836613737616234366564363063353438
-31333064636431613462366666666531353139653566363662353263666666383035636231613335
-61336530623664666534613364306634333632373333636564663537323530393339396636396566
-64376164306238366465623164633034383937396235666538346333613931383163623132633335
-62353834383530656537303434373838616432313536613433643433313562633630366465316464
-36316564376362646234323438613062306362333535336566633937326565386264643162376662
-64656338366236386537643564306131636230373939376439363939343134623639313238323865
-34353734663036353535356664393635656335623633373139656534386531346139646565656634
-37633363336636656235623465356661623433323832373539306533626433663737666233366666
-64343034613137616562366161343165333737373831643963663932306665623465363631356165
-32383735626361346539653134336539363038653736323466613366623230623266623265623737
-61393464653735643539396330366266626366633966633433343037393539663436336630333264
-34363864356565303732646163393562653064393731623534323637313865666164643239653166
-65636131656462623231313963643831626365353066646134633038393031626537396433363035
-35373030616561356464386661333966623163383431373731363932656138346437356462346135
-37343538343264613032613833653666636263653465383635313036626134333165383137343862
-66363066623639373137646364303462303031346661666130643034383234346265353539336339
-31646265376463363530633332646530373339346663636365663936363338346532623032323231
-30313630633836656666356466383166393036663431393962313861383634636535323463306135
-39313164303263343464663335366262396366663138336338616330366663383166386338656430
-37306464346136363736353838636439333863343761346461336337353065633433353333363961
-35616637626331646330653866316165653462353532373137393235386132366431306430346335
-35346333623766303963613162653164633762353738346361343732353939346362306132623261
-32306334303965633162336462396337353037613465323632313038656566323866343936386337
-63353136373436363065393163626237396665653035643365373865613162393164613631383530
-63376232316362656466386564393139636131306564643331623861353636313438323031396264
-32663334613438646662366530656233373466643066363131313864326537653932383737373932
-61663333313538613034663461313964313366643332393962346639313965653734623463383331
-36343936323332393633346232626439366262303635313466633665313130376366313561336230
-62366139373563306666383562616335623664396236336164643262386363643037396665623865
-65623864623939653265623733343361356432303438623736623330393164323039623465353266
-31363562316438316461363839373833366463316262326632373238643338656561643566626337
-63396431366562373831623337643134663139663832383630653330343331306262646630633261
-65333262323463636534623137653534653665306662666365303738333732393264386132396633
-36613362303663326337333138316261343135666637626133383833393234353836326233616637
-61646130383264383430616637396365633561646132616361383830393966306139633966633635
-35373531653737356562323739643465313139663831643730663238653962383961636664343930
-32393836656230633432323631643631363364643161383930646666376665326163353131393733
-38653530383264343233306630393865646462373761363135386461336239646662386239336663
-35343337656564333434363963333137623237333361626466663236336565346661393634393163
-34343466353064343564313533306630653764613239323638313837343335616134376631323461
-39616132656431373265313738643234643733396361373637393433343666356338383736333137
-65653962323561333033613732653630636131623938393037373935613364313936623562343938
-61663736626538323565376631366363333430316334356136333863656635636665653563643435
-64383135613935363130303437313861313739653333306638303839366166343362633130666532
-37653139633639343032373737623161346134636538643661363666616233356438383266303565
-38353536366232636637333331303739616230303332656534333633623336316266376431333861
-33616232636137613537626230353163326531333336336434363465633466383530633733386535
-32386638653531643933316661333137323236343330656631336139616336613032366161633839
-62373065653937343162336331623639333437393864386133653663353235393938653235373333
-33386263383839396138323566386361393933623332343762653864626439613866623137633963
-63383632653636353065316531333465353763653565616230303532333763393731343165356666
-63616132376139666631393066323438353335313165316539626562646638643865373234303635
-33663330336638653463373337656464396463326231323739376238373264356136636362386164
-32353238383262633061353466333531646236303465323735373035623935356564656138623735
-32393431653163323935613663343064663234313436643463633465376265633466333036386363
-36396434303164343532343430323639346535613663643031383363386161643236646236373763
-65623965316138333037643138613731613833336663393732353439366539393439316536343938
-30366663363539626639326565343931323564336636386534326663356562353339343732333930
-65613064663437366437386364303366356165343639656532373664333030363639353937363463
-34356538353363366331326661613237326163386666313639356335656366633333616264633766
-62396262323663376338363466343333633663306334666634633662663432313861323738303961
-38396561663436363461626465613663616564333236343834386261653462656532656561393636
-32666431646433356134376165336562316234326435336437636133323463366364393034363733
-62633739613634353733
+62636465313664316130643937633138373336663266653735653837656531643434376333346263
+3561613034343632326335636665303061393038663234360a666535313031633638336564383562
+31366134623734393837313837663131393737633165353836383963393461653462663238313731
+3964373961636465330a653461363531353132636663633632663262623466353435376234356134
+64613761643437346433643230383862663833393235383334646631393464363364343234623533
+32303434356466376434336532633731656463666535313564366261646235323466303934316436
+38656632386138616530396631383835336535343039626561633731376239613637393230643261
+37663431666231626361353064333763376333313236376166313064623931636534633037643765
+37356233336236323531363735396563373832613861633138303661636365383035643431393635
+66636238323862396538393931393031313832636439633362383338353465373232623663343561
+66663263623064356538343462383235623437636334613130653961353763373135626530643732
+63333761343934303265303864303035633466353865373030363338643238393438323830366539
+37643638323033306165333438626136336663643963303963376662316639313461376436383266
+39643334663264313534346531656463316138306662663562313763383431313933323063653961
+37643762303234356534653932366265373562616265363038306662376536623336646662656635
+66383934316639656166353561363365656461616562623234373361383234613865363264613938
+37333962643061663263316338306430396362323262383432363461376235313062633039323262
+64376430373965326162643863663936373066356532353533383633323339633836646238333933
+64653966343261663938623436376330366139636161333631373363623966386339376365616430
+30643363666335366262623231653031656637383561316462363861366630323763366137366363
+38653238373363353638396534313464343965313433343232613661353233343434333930636136
+63633738623438363933656264366637396266393061313864666465633339656638353539356538
+38383535386138623432373933643566666366383361636234623736303665343239663065643735
+63306133353036343365666661383666356236396364643836383930373134613333616263353037
+63363936666132336438633861306136366337393864646165383635613536343364386334316230
+30346532666338646562313432363064346462346562663963636432633366663864646232663635
+39373336623262643962333839346632653838653335376437393061363337373635313938376536
+30303539636666623831613861333234366562353166653239396363303134336539643632623134
+32636534613066656538643565313264343834303733633839303338366263666566303562666435
+32383136333038626634366664366566616634316338376639663136313436376161333966303063
+35663736653766393136666636326531636632333964333738313338386430643663353037623031
+32383266343338346164333939616234333066613333626435326639366662383261393739353033
+32643365303861663062653635386534346232623335313932333966316338333532633733323764
+31633562396663626464663963363631663235633534386535323730396630356633643961356134
+32323936643430343866346135343433376231396235386462353336656530363665316433613062
+61653130616565366333656461393032333333383435666165643865386462313561323933386436
+33316435626638336436333136653438613931313766356139646664373037643238383338623766
+38316330613663643065373032383164313538666261306332633335366133376466316434656530
+66306135306538623930656466633137333732343766356437663230343934613864326366623063
+33656562306665616238303136333134386135323539353836616530356432336134343537613436
+62343732333730353438663633636634356133396265656636366434363063663138653939303537
+62663631616466653465396536343265373465633137383730643964613761316630613732663930
+65396131393334616261336134636636366535336433663337396565333836333663613964663161
+35646539626235666561343861303839346664326161666163383064336638306436383662613137
+61373833653731643665376465643237343633353130353063386430376463653831666236613066
+30353630383338613130303830646238633538303863303733663535653966636165303866353433
+30343835626231323161636638613064353835366330626362346332316137346162343563343636
+65373261363735636663666162303938363566613862313039366632613666383933663762326538
+63376430383064373833306330646331653139626335303537326665316538333037636566353839
+38363938313439613334363837346163323036333834353930316633346664623064386631663662
+61323838333137633264316663623562356133383636653964343163636135333264666132646334
+36346365333837386230623961363338363431653562386461356138376132376532373339616662
+63636461363464363963616334646361633531636434623635633631386465353838363061633561
+35653061653930326666616139303434326264613164623765626438343334663162326532623136
+34396266383239353439613539303434643031633930346366343265613936336465613365613030
+33356565643064306464343164306266383939326232643930316233306332656662373862373237
+64663961373338346364616530323966393034326539613333623634623938613861313166383632
+39626635346466393339636437393138396234366639623932336435313233353239333836393734
+66323366636330663035353132313634303830303763616433363864393666326231663663313661
+35366333396164336366346462323965303633613135656438653432613438396531333064633665
+33613436643261363438356231346161353830666437633437346262353731353539646161303463
+65623365383730303337383732616161616339396634363936373237326161303363633839326563
+64303033356537313865333637363236343661633630316432366662353636386238663332393236
+34613965393039373862393063326135323731326434663161373837663166653230306466663662
+36356139653563353130353061323831626161663832323831313032636439393533343038343766
+35373632613061303135363836373162323063323930366564316632343061346531636461646132
+65656535643536643161343066353137303131653362383635353633653531663631656661656630
+30306637633561623165356133343433363636646264613335313034663734643766613461343230
+31333137373162393765646136356636376564336532313336656537656135366430613662343430
+37613361373566663036363035613839366332333834393839643037356262306136623463643334
+65306438366435353730353736326532316432623136326639363463323266383737633465376336
+37346661666238633333366563373864333866396232636263666532623765656335346366626637
+39353762623162366534333065323262393666373631643866623361373861333736303132363661
+62633137363338303766613334306366313765343037363635396138623533323565626236393335
+36356135623861353464396430653832633661326164393537643165316165623635383263643038
+30373836633135633133363762633136376631613533333263623764376464333338316432306239
+39653030396562363936353338616465633661663666393733326265333066623961663761623561
+65363331346438353734323361386331356639636131343839623332356535666137666430326637
+32316533316565653232626237343665313638333136636162353162653630666462643332393665
+34313963383963356630326232646631643662636238373565356363343262613233383266333532
+33313430396239323832303036323636393165353662303264623633643961313664336663366539
+37323865393335363335346334373465393930303237303333313666376632316664663633323464
+35306137636165383733393664643635393364383037363564653662643536386161653161306262
+38623431346563326430306134393064336633623763313335313466316237383233356463386361
+63333038643537386331313565303661386631386162613234636262323938363761663736646435
+33613637366562386264663537313139623939343936346534613239643635653964646164303365
+62666463666137616433353738353463373264386434613862313166616234363665366161326637
+33656562303161386636373066336133663330333262323534643137346338316138636362666263
+37306162623161333238393264643863316231333763653036366263633334666634373036323939
+64633165666435633630363435303939333733383831356436343937313435383338633233396164
+39386665383233643461656137343138323264393631633163346666336138653437643835623464
+39373638386333656266663338386264623565373365653862323030396264353262356338646333
+64323634633439393464656138656361356231623934363337633266326337353431393764396231
+65613533333032373435663932366537656236613161313166373733363065306634623933326237
+66356136363165643232333830613237386132616261313435666336643533633463653737316365
+32633034366163376639343033373930303430623239363038376466663031333466366337346265
+61313133353733363037306331613562316666643430353635393037336434646434636266343265
+35373736306166343831313532663465396631376539303863333731313032643131636234396563
+32393836363537376335313230356364343035323865326566383033623236616664316535383266
+34623935613763343732383337613564333564616430316136366137633461633661313432346436
+31343332343039643433653964656434383962313838366266333638363466643639343730663732
+64383766656635623933303933306261626137393733393565656366666536383263653765623236
+34386538636134303035363965373038336137663434613733373831333935366537326536323864
+61643332636630313066383065333939343131313230333234336332306530373933633736326239
+37356563326435653262643461353432373061383333666234346535326561343030353537666438
+37613835623634393034383134396364316339376238666661353230326432663339646165333635
+35636264663139656333386137333763643332373765346133336337666638396437316664633962
+36646536383066643133663065653035393362656132353533613434383131623766626437366238
+38383665646431626264666236326366323132623636373834313932383939316331663366306361
+30646334303663643665646433376433656161653435663034333438363933663431343064613865
+64373931613865343530613136333739393138656234643034643765333434393166333663346134
+65646364373031396334643735343231346163363438383832613533643733646135376563323464
+61636662326533323435383738393337363138376464613335356430313864623766386461373235
+30306437666162613232363130346365346334333039306264396336353632363664373635616638
+31363931623766663032653766646136656361663062633633323131363835663365343132653636
+65633631643464643638316236663166363037386662636338626437373439353132343435666632
+64366266313438613731323834306266393961376332366164363965396263376130393036336664
+38336636656138323430363163303232373733366633616234323835653462623735383266363432
+66353566353633303638646535346537366635333332333065396264323365376635643666376262
+38326639663464316531613439373030313166386438323261633766313761343937376530623834
+63366432343130333932393762373932356262343734333564633061656532396136363239653532
+37303537366633366463383633633062636665623137383262666565376161323762613137366238
+64616235653063393666353830316238613239363466646465383334653266623564366361373463
+34326339636561303834303161393834613664653036326438303631613634323131393538646561
+39656136626334636464333735336636313361306261313161633639666233303139623438383335
+64303835363635663566343961393264393732643934306464336430323862323339626663343535
+30373733383636353862636530623161376366626137626138326636323665616362373063623431
+36636366663764333432373031663539646532313063643130313937376663316630313465303132
+33633561353739353064303334653064396333666238386361396663396638633730363766613935
+38656236643163373530613637666535633363633666306364623134626163336439623262396532
+39356339366538353733366262633138316166316639346663666632653066393032663463323564
+65316339663936363861393832643661663661333730363038333337363631653630346265306534
+36326266346663333932326231363339666661393339326639643132636636643866653735303463
+35663464386532383963303166303338356238373263633332623033303765306235323630323431
+39613232383938616265653839326434366433633561343739643436346334613136363632666466
+66623431346264633639366132633264316364363637383063646134643631323865663836366636
+65303737303363353466353964643035303461313532383435336635623839383066396131373330
+36643838643731383835313761653566343930616161363634653831646638663363373038343263
+30356361323461353161333935616366623836316266346564656165626637363135376564343937
+35613933656462663861666238323063626566336439656463393435356135616234663164336333
+38316262363430633437353232666238623633653438643137626433383436383366383438663032
+63623465613561366130643864303061373234646231613830336664623361336139633032653262
+32393034376361383463326236393033333435323062636366303737306438643565386665373764
+31383431666666623836353738333638656531623036623531333564383939306162613166663738
+66313330626265313861666235616165616363393839623433373934323934633639626336313835
+3332393364643730363361323964303238663933303938646664
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 40dd22f..27dfd80 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -136,7 +136,7 @@
   command: /usr/local/sbin/bootorder.sh
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
-  when: boot_pxe | default(False)
+  when: inventory_hostname in groups["PCroom"]
 
 - name: Copy dolphin config scripts
   ansible.builtin.copy:
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index eee1e6a..022cc5f 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -26,4 +26,4 @@
       deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
       main non-free-firmware
     state: present
-  when: proposed_updates | default(False)
+  when: inventory_hostname in groups["R202"]

From 05481f114f0f7cb9b168f16cb4ef13fba594ff1d Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 23 Feb 2024 18:54:51 +0100
Subject: [PATCH 491/504] Add missing host.

---
 inventory.yml | 293 +++++++++++++++++++++++++-------------------------
 1 file changed, 147 insertions(+), 146 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index bf91fe1..c8e9421 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,147 +1,148 @@
 $ANSIBLE_VAULT;1.1;AES256
-62636465313664316130643937633138373336663266653735653837656531643434376333346263
-3561613034343632326335636665303061393038663234360a666535313031633638336564383562
-31366134623734393837313837663131393737633165353836383963393461653462663238313731
-3964373961636465330a653461363531353132636663633632663262623466353435376234356134
-64613761643437346433643230383862663833393235383334646631393464363364343234623533
-32303434356466376434336532633731656463666535313564366261646235323466303934316436
-38656632386138616530396631383835336535343039626561633731376239613637393230643261
-37663431666231626361353064333763376333313236376166313064623931636534633037643765
-37356233336236323531363735396563373832613861633138303661636365383035643431393635
-66636238323862396538393931393031313832636439633362383338353465373232623663343561
-66663263623064356538343462383235623437636334613130653961353763373135626530643732
-63333761343934303265303864303035633466353865373030363338643238393438323830366539
-37643638323033306165333438626136336663643963303963376662316639313461376436383266
-39643334663264313534346531656463316138306662663562313763383431313933323063653961
-37643762303234356534653932366265373562616265363038306662376536623336646662656635
-66383934316639656166353561363365656461616562623234373361383234613865363264613938
-37333962643061663263316338306430396362323262383432363461376235313062633039323262
-64376430373965326162643863663936373066356532353533383633323339633836646238333933
-64653966343261663938623436376330366139636161333631373363623966386339376365616430
-30643363666335366262623231653031656637383561316462363861366630323763366137366363
-38653238373363353638396534313464343965313433343232613661353233343434333930636136
-63633738623438363933656264366637396266393061313864666465633339656638353539356538
-38383535386138623432373933643566666366383361636234623736303665343239663065643735
-63306133353036343365666661383666356236396364643836383930373134613333616263353037
-63363936666132336438633861306136366337393864646165383635613536343364386334316230
-30346532666338646562313432363064346462346562663963636432633366663864646232663635
-39373336623262643962333839346632653838653335376437393061363337373635313938376536
-30303539636666623831613861333234366562353166653239396363303134336539643632623134
-32636534613066656538643565313264343834303733633839303338366263666566303562666435
-32383136333038626634366664366566616634316338376639663136313436376161333966303063
-35663736653766393136666636326531636632333964333738313338386430643663353037623031
-32383266343338346164333939616234333066613333626435326639366662383261393739353033
-32643365303861663062653635386534346232623335313932333966316338333532633733323764
-31633562396663626464663963363631663235633534386535323730396630356633643961356134
-32323936643430343866346135343433376231396235386462353336656530363665316433613062
-61653130616565366333656461393032333333383435666165643865386462313561323933386436
-33316435626638336436333136653438613931313766356139646664373037643238383338623766
-38316330613663643065373032383164313538666261306332633335366133376466316434656530
-66306135306538623930656466633137333732343766356437663230343934613864326366623063
-33656562306665616238303136333134386135323539353836616530356432336134343537613436
-62343732333730353438663633636634356133396265656636366434363063663138653939303537
-62663631616466653465396536343265373465633137383730643964613761316630613732663930
-65396131393334616261336134636636366535336433663337396565333836333663613964663161
-35646539626235666561343861303839346664326161666163383064336638306436383662613137
-61373833653731643665376465643237343633353130353063386430376463653831666236613066
-30353630383338613130303830646238633538303863303733663535653966636165303866353433
-30343835626231323161636638613064353835366330626362346332316137346162343563343636
-65373261363735636663666162303938363566613862313039366632613666383933663762326538
-63376430383064373833306330646331653139626335303537326665316538333037636566353839
-38363938313439613334363837346163323036333834353930316633346664623064386631663662
-61323838333137633264316663623562356133383636653964343163636135333264666132646334
-36346365333837386230623961363338363431653562386461356138376132376532373339616662
-63636461363464363963616334646361633531636434623635633631386465353838363061633561
-35653061653930326666616139303434326264613164623765626438343334663162326532623136
-34396266383239353439613539303434643031633930346366343265613936336465613365613030
-33356565643064306464343164306266383939326232643930316233306332656662373862373237
-64663961373338346364616530323966393034326539613333623634623938613861313166383632
-39626635346466393339636437393138396234366639623932336435313233353239333836393734
-66323366636330663035353132313634303830303763616433363864393666326231663663313661
-35366333396164336366346462323965303633613135656438653432613438396531333064633665
-33613436643261363438356231346161353830666437633437346262353731353539646161303463
-65623365383730303337383732616161616339396634363936373237326161303363633839326563
-64303033356537313865333637363236343661633630316432366662353636386238663332393236
-34613965393039373862393063326135323731326434663161373837663166653230306466663662
-36356139653563353130353061323831626161663832323831313032636439393533343038343766
-35373632613061303135363836373162323063323930366564316632343061346531636461646132
-65656535643536643161343066353137303131653362383635353633653531663631656661656630
-30306637633561623165356133343433363636646264613335313034663734643766613461343230
-31333137373162393765646136356636376564336532313336656537656135366430613662343430
-37613361373566663036363035613839366332333834393839643037356262306136623463643334
-65306438366435353730353736326532316432623136326639363463323266383737633465376336
-37346661666238633333366563373864333866396232636263666532623765656335346366626637
-39353762623162366534333065323262393666373631643866623361373861333736303132363661
-62633137363338303766613334306366313765343037363635396138623533323565626236393335
-36356135623861353464396430653832633661326164393537643165316165623635383263643038
-30373836633135633133363762633136376631613533333263623764376464333338316432306239
-39653030396562363936353338616465633661663666393733326265333066623961663761623561
-65363331346438353734323361386331356639636131343839623332356535666137666430326637
-32316533316565653232626237343665313638333136636162353162653630666462643332393665
-34313963383963356630326232646631643662636238373565356363343262613233383266333532
-33313430396239323832303036323636393165353662303264623633643961313664336663366539
-37323865393335363335346334373465393930303237303333313666376632316664663633323464
-35306137636165383733393664643635393364383037363564653662643536386161653161306262
-38623431346563326430306134393064336633623763313335313466316237383233356463386361
-63333038643537386331313565303661386631386162613234636262323938363761663736646435
-33613637366562386264663537313139623939343936346534613239643635653964646164303365
-62666463666137616433353738353463373264386434613862313166616234363665366161326637
-33656562303161386636373066336133663330333262323534643137346338316138636362666263
-37306162623161333238393264643863316231333763653036366263633334666634373036323939
-64633165666435633630363435303939333733383831356436343937313435383338633233396164
-39386665383233643461656137343138323264393631633163346666336138653437643835623464
-39373638386333656266663338386264623565373365653862323030396264353262356338646333
-64323634633439393464656138656361356231623934363337633266326337353431393764396231
-65613533333032373435663932366537656236613161313166373733363065306634623933326237
-66356136363165643232333830613237386132616261313435666336643533633463653737316365
-32633034366163376639343033373930303430623239363038376466663031333466366337346265
-61313133353733363037306331613562316666643430353635393037336434646434636266343265
-35373736306166343831313532663465396631376539303863333731313032643131636234396563
-32393836363537376335313230356364343035323865326566383033623236616664316535383266
-34623935613763343732383337613564333564616430316136366137633461633661313432346436
-31343332343039643433653964656434383962313838366266333638363466643639343730663732
-64383766656635623933303933306261626137393733393565656366666536383263653765623236
-34386538636134303035363965373038336137663434613733373831333935366537326536323864
-61643332636630313066383065333939343131313230333234336332306530373933633736326239
-37356563326435653262643461353432373061383333666234346535326561343030353537666438
-37613835623634393034383134396364316339376238666661353230326432663339646165333635
-35636264663139656333386137333763643332373765346133336337666638396437316664633962
-36646536383066643133663065653035393362656132353533613434383131623766626437366238
-38383665646431626264666236326366323132623636373834313932383939316331663366306361
-30646334303663643665646433376433656161653435663034333438363933663431343064613865
-64373931613865343530613136333739393138656234643034643765333434393166333663346134
-65646364373031396334643735343231346163363438383832613533643733646135376563323464
-61636662326533323435383738393337363138376464613335356430313864623766386461373235
-30306437666162613232363130346365346334333039306264396336353632363664373635616638
-31363931623766663032653766646136656361663062633633323131363835663365343132653636
-65633631643464643638316236663166363037386662636338626437373439353132343435666632
-64366266313438613731323834306266393961376332366164363965396263376130393036336664
-38336636656138323430363163303232373733366633616234323835653462623735383266363432
-66353566353633303638646535346537366635333332333065396264323365376635643666376262
-38326639663464316531613439373030313166386438323261633766313761343937376530623834
-63366432343130333932393762373932356262343734333564633061656532396136363239653532
-37303537366633366463383633633062636665623137383262666565376161323762613137366238
-64616235653063393666353830316238613239363466646465383334653266623564366361373463
-34326339636561303834303161393834613664653036326438303631613634323131393538646561
-39656136626334636464333735336636313361306261313161633639666233303139623438383335
-64303835363635663566343961393264393732643934306464336430323862323339626663343535
-30373733383636353862636530623161376366626137626138326636323665616362373063623431
-36636366663764333432373031663539646532313063643130313937376663316630313465303132
-33633561353739353064303334653064396333666238386361396663396638633730363766613935
-38656236643163373530613637666535633363633666306364623134626163336439623262396532
-39356339366538353733366262633138316166316639346663666632653066393032663463323564
-65316339663936363861393832643661663661333730363038333337363631653630346265306534
-36326266346663333932326231363339666661393339326639643132636636643866653735303463
-35663464386532383963303166303338356238373263633332623033303765306235323630323431
-39613232383938616265653839326434366433633561343739643436346334613136363632666466
-66623431346264633639366132633264316364363637383063646134643631323865663836366636
-65303737303363353466353964643035303461313532383435336635623839383066396131373330
-36643838643731383835313761653566343930616161363634653831646638663363373038343263
-30356361323461353161333935616366623836316266346564656165626637363135376564343937
-35613933656462663861666238323063626566336439656463393435356135616234663164336333
-38316262363430633437353232666238623633653438643137626433383436383366383438663032
-63623465613561366130643864303061373234646231613830336664623361336139633032653262
-32393034376361383463326236393033333435323062636366303737306438643565386665373764
-31383431666666623836353738333638656531623036623531333564383939306162613166663738
-66313330626265313861666235616165616363393839623433373934323934633639626336313835
-3332393364643730363361323964303238663933303938646664
+66666430376464636332663265363563336234653231383266303361616534383565353231376231
+3331346462376436333266323735663364613336653235640a636635316333313365346264633931
+34393534373265343830373732353363343438303738656638353361336438353432383861396233
+6163313166343561310a323937313562326532356638653563333330373131316566306632316464
+63303033303932643530623136323163666139373063636264613135376466396530373436663236
+63643735653862373536633537656130343163336632643932316164383464613439376333616335
+31643561393063653561306431343161326261633230306261346337636237363563653936646631
+39363762626130393533363139316365326334366530613133633265353138346338376433316536
+33363065373937646563646665356638386266643236646265616238636533373061396636666263
+39343266333632646666663431333630316339326436323161623832303030383638323362303034
+36303431306632323133336134623630303438346462393462343731646536303433653538623663
+38393862376665373661303065333766376335326536353163613633353331623432346633323963
+34636633383835386235343361386631336163613430333831346232376338646439326630373537
+39326238356635323763616666393236643635623037366631636365613032303532353737333836
+31353635366537663037666264623330393637393931353066653539356231316130633330356361
+66653735376632623763326439646137623335613031636266376533323336303936323335636135
+66303737373362666338366330663034333865346338356236326664393966386631333938366434
+62376665666530653063386531383262383539306436373963616133353635393365363031383936
+39336438653439333135623135353862373035346131616638626631343461383462363835633430
+32373861656662366434663238663062303863356437356234363862356266613462653839303238
+66643234393435333465633563333163383937643137356634666339366465306134363263623764
+66336339373665376331303365373233633761353864636265343139383433643533363632646666
+65323033363635653865383737373138323661363435336161643539326237653362343235366430
+39343164303963663264656366336636386136386133636236653431303862613939663638333431
+36396464383032313065313766326162326534323631353739643935346165326364653436373838
+31343339363465383934646235393061336663383661623634383937343062333135656134646362
+65386335656134396362303963653330616337353731636437323036373166333061303861613361
+61326664326266633536326431346337303530336235623237643263623031343965313733383934
+36643965376637633832326139633336396635636536366530383930363436626436373164663064
+64363733326438646533323337646531633233366434616365636633613563613638333336393230
+39333634613165623331343738613161643737626637323132393331653063313930383262386565
+34353766393536663234653430663761613730623361663163393737333536636233663534643432
+31333737623132353230326437613538386237393264636335643033353364343533353136616436
+65373031643462396139623639643431363032306630346438386137343765643030643038373765
+33366364316132333630636334333331633062393732373037336464383736656364313934306636
+37346433326566323761616264333162393938636232613566376235646663336566373565663539
+37643561646535346134386436393563393963336332626364616664636533323762386536343861
+65626333326161646338656537396561326465643162363937363361323864326461653033343531
+39313065653261363630653432313135616633616161393331303130303665383066646663316362
+34313463363762616165356463616433373264653335663333363937663965303766303064343764
+31656338363232656563316437356338656635386535623161373233306337313437343138373736
+39386538616663353437633065363261313437346536333962303162333166363763343439356364
+64633336363932373336383130343934373334643664386331643738653665646536393961626461
+63386638666634336166393939336432383437316166316235306464323335323731613362316437
+64303037323461666636373831326539613435303333663266313438396138376436343461643434
+65316464306137373137343139623634663765346231343064383634643835373533363634383037
+65376238616232653235333931366564666132323031343561306565316331656438653137376234
+33626632373065373366626362316663303564323861313636396134326631356332666133346234
+32613038386139306130643362306165313136613633383433323934636132333332613466623866
+35306463643438623464393234656432653939366564386230643139663131366539626138323032
+31323763646161303732363631386662623432636238366161306465623466643334653936383132
+64343563666535366337306538626630383865363835643938616465333534613332333932646265
+62623261333633613931633930613833333634333935653634346264326365356239333762653266
+36623739363564353536373863336661346133333935613637653132363033656131326430633739
+38646166313535343336363364366531323364393836343731643466376633343431613262376362
+30613736653536306433626136396532323530343135663339356435636664316566636137363866
+32616635373036656333326365646234386339366663633038353033326131333039663837646530
+64613630303131343935326639396633333663326337636237666565616163303261643764343564
+37383435366663326630336334363032343562393466663237373133636431306638393333636564
+36363133313032633235666437636339623066363735663433666535623939363337333164306137
+37323736353066656330636639373037653338383266383135376439366365343164633235636563
+32396537323235333564643063616135383339336464306536373237383166646564336330316438
+39346533363133656635396136303465306333343037376136343132623433373430366237346139
+39393032666338313431326238386664303035363765346465353763306661326235643536396338
+61326339386238653135353638323830613234356238626161636366613439653136626139306463
+39313966633462316236393938363664393764393062663839383938646231313565623231616538
+64373762363038373464376335323736353861653666623964366561383261623535306561656236
+36616161333639306639633166323337346633363966303863613130326232353736616161616566
+61303337653339643165363764323063396566313238336166663233346332346563383930333065
+65336130383265623066393733373965373635316661316561626238353730363738653464626636
+66396437633032323664663834646361346134666338383232663939643561623135353564623030
+61393932323033346362613761343163636461663039613963666633353831343234636331343130
+36313638333266623432313036326437353337656637633938376537653466316434613465343431
+62373565663434323963666537613963666337326161396238623466343036303135393466376437
+32366235373736303533653936353935643339313165373366643363646138663938313566393734
+66616331613237636339623431373661386464313238353831646261313463613739613334613430
+31373639333734633664336636623265643939383330656138306237393565393939313463616138
+64623433663464643435626230343632336637333532333539613961633339646430646134646361
+30636139343537656630666333616666663438623961353064663739646466376537376563613535
+36306634643166383731393065653132343063653331613166343562643139333934323339626534
+63613061356332633537346236383966643164633861633363366237663736343761386430393565
+34626239666566346435656633323764323966373735663531316330386135666133616139333263
+33303339326564643364663038383332646236306537313463616331393339383938396335666139
+61636664353135653237653730646564623832303836643432646334646330393135393830653765
+30383931363338386264306536313236383365386464663131613436306433373136656431663136
+61356436633466323837343539633334613661346265383833373366633536643835633130366163
+39646662316230633066346335643535373462366334343330376232616339363631363262613737
+66643030306462383361316666616165613936613163663336646531623164346262346139303332
+33333836346534623732646365323265313938663964613830383164653437666533633564633430
+39303362303837393736633632333539316461646364373035336435663263346334653665353531
+38383836333261653863396232343535623536623934653039343130373033333231333939663633
+38663430353336353736643738383832383837316361353831303439353333663139333263353636
+31346235373535323036656261333963663937386166323962383163343638383734306665646333
+63613861353030636662323364316663643864336333343339373838623835613837383033373738
+63323965373236633734646366653032383862643033653164653838623032383337343033626439
+37396431336333663162373633323832306436383433303131346638663866396161303937396534
+62373365663436656638326634626230353338303465663630376231346634306663376335613261
+32373837303464613263323634626339346465313338386537303064386237303365353662636466
+34323436393634623430636339393438363363623730326237346361393931373833326166353864
+33363665396337633238366566363630363133333062343335346132663938336231396562326433
+62363031383761656361316539383036653539633633346466663831343232333263656139356232
+34623763306566356637636561333261366231363664363537323765303036303064663530393235
+37373037393965393463616239623131343663336263613934363165636363326633363665633032
+65313839313932386662633331393564366630376131656537646534653931373530333538343738
+32373935653763383933366262396336303739646265353833326638623931313363613162653035
+39336364393136373331346235326338313362636635623561343137613736623864363662393862
+37643433383365616265323331353964383064613335343430636166303561313738306532313133
+65356631653262393965316438313439336235373633613935636363326466353233396462626665
+61306633653033333364666564383035356430393235386335616535306163323137323066396339
+33383735353637613133383830343261353836306233623639303562663962356330323963633239
+38326534366431653130633166313962623934316138653837653763353935326332643034326664
+39343464333134616435613462373139383766333762623236316536313362346466386265643239
+32333265343634613562306430346438356662313139623134323135376436363162363334393535
+65323264656562363161326363616161363832353938666634383462373231386636313733333161
+35643564643732383239343865616662323463316534393237666539343264376536353335333436
+35396464623937326331623965376533396136643435383438323337666332343364303435393936
+66386262306262633435653365323561393038353965356461666639653635353263373837626430
+33653235386432633930373135303034326265373436333731316633333638316433633438663065
+66363137373134356561373932626365663564626636396638353633396335366438323339333231
+38316134376135306430616466616364656435656262613633663338386666356432643732333630
+61383861343263373739363536656465326162643561633139343161643432363631343133326363
+65363331643161386166623063366336626333356337386137633631343163636239333163396266
+39616261646332636463396134343839366137306439626539386336316261633531646632316134
+62383162663732643365363937663735363062356330653236623437663632323663613461306234
+62646439316464663038343962343332313065653434383465633565326165663532643437616461
+65386362373333386335666538363064373663386638656438373961346362303035373931646566
+64373839613965663166663163366538383839303838636266663036653265643865396237623331
+63643065353231303631303839663666386637373663343063313132333633353130366465386531
+64633636306166663165616433363564623063313665313833386662333938356631656563623435
+36626132336231386137336638363233626138313734333738356532346533333837396335613735
+64383466323936336639346161646236313536353838373835313138646138653066613739353562
+66616136626438613636653236393934663331623662306435373664623464373866313466643863
+64623435386537353966623666333731343438313033636533636134303635393530653937313363
+33626434653231353164363430373862393364303032303462643837616539316565326332363166
+62663963323438343734396334626237636434333562626161376463373637613764356539353965
+33363836353662326130643764396137383139623231376639613161386330646230666562383432
+36376363343435363337343432303564313263636333313762646335656561346336633733393031
+38633132613964623461303937363435363631346238326231343433393166333432316236626537
+64316530613632306565336530376233333665323235323132656266663631323533306438383061
+30383031626435646137646463366531323231386539323031396235336263363462613133326533
+65303061663533623330663465623464323935623235386665666266373433666238306433366163
+30393766306331633062326364323663326538646461313834343036373462306166323130383866
+31363934663633633562333037326239306362383766636433393931356161653664306630633366
+62326131613065393132663435333261633639646230353839623361643034353365316131316435
+37306436383237613431646432373238643763396330316336663464623832653666313530306431
+32363766373039616134343039616138643237333638323037376236393462353434383737393736
+376634376163616332376562386639366464

From 94b6aaf64034e4e230fd1e3de573ad4d8ce05a16 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 23 Feb 2024 18:56:46 +0100
Subject: [PATCH 492/504] Throttling not needed with patched apt-cacher-ng, cf.
 #1022043.

---
 roles/up2date_debian/tasks/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index de11773..955f68c 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -4,7 +4,6 @@
   apt:
     update_cache: true
     cache_valid_time: 86400
-  throttle: 3
 
 - name: upgrade packages
   apt:

From 8856b74e917ff3219139b981abd28672617a12f1 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 23 Feb 2024 18:58:07 +0100
Subject: [PATCH 493/504] Install customized CodeBlocks packages in all PC
 rooms.

---
 lmn-client.yml | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index cfb70ee..8e66529 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -112,7 +112,29 @@
         ansible_board_vendor == "LENOVO" and
         (ansible_board_name == "312D" or ansible_board_name == "312A")
 
-## Temporarily fix boot order
+    - name: Install customized CodeBlocks packages
+      block:
+        - name: Check for old CodeBlocks
+          command:
+            cmd: dpkg -l codeblocks
+          register: codeblocks_version
+          changed_when: False
+
+        - name: Download codeblocks zip archive
+          ansible.builtin.get_url:
+            url: "http://livebox.pn.steinbeis.schule/codeblocks/CodeBlocks.zip"
+            dest: /tmp/CodeBlocks.zip
+            use_proxy: False
+          when: codeblocks_version.stdout is not search('svn13456')
+
+        - name: Unpack zip archive and install packages manually
+          shell:
+            cmd: unzip -d /tmp/cb/ CodeBlocks.zip && dpkg -i cb/*.deb
+            chdir: /tmp/
+          when: codeblocks_version.stdout is not search('svn13456')
+      when: inventory_hostname in groups.PCroom
+
+    ## Temporarily fix boot order
     - name: Check for the buggy kernel
       stat:
         path: /boot/vmlinuz-6.1.0-17-amd64

From ed7dadf612ca873df590ad3fa8e77831ef857ae6 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Sat, 24 Feb 2024 09:30:48 +0100
Subject: [PATCH 494/504] Fix ansible run during installation with limitted
 groups.

---
 lmn-client.yml                   | 2 +-
 roles/lmn_fvs/tasks/main.yml     | 2 +-
 roles/lmn_network/tasks/main.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 8e66529..037a403 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -132,7 +132,7 @@
             cmd: unzip -d /tmp/cb/ CodeBlocks.zip && dpkg -i cb/*.deb
             chdir: /tmp/
           when: codeblocks_version.stdout is not search('svn13456')
-      when: inventory_hostname in groups.PCroom
+      when: groups.PCroom is defined and inventory_hostname in groups.PCroom
 
     ## Temporarily fix boot order
     - name: Check for the buggy kernel
diff --git a/roles/lmn_fvs/tasks/main.yml b/roles/lmn_fvs/tasks/main.yml
index 27dfd80..1dcfcc6 100644
--- a/roles/lmn_fvs/tasks/main.yml
+++ b/roles/lmn_fvs/tasks/main.yml
@@ -136,7 +136,7 @@
   command: /usr/local/sbin/bootorder.sh
   register: cmd_result
   changed_when: cmd_result.stdout is not search('Nothing to do.')
-  when: inventory_hostname in groups["PCroom"]
+  when: groups.PCroom is defined and inventory_hostname in groups.PCroom
 
 - name: Copy dolphin config scripts
   ansible.builtin.copy:
diff --git a/roles/lmn_network/tasks/main.yml b/roles/lmn_network/tasks/main.yml
index 022cc5f..0c7176a 100644
--- a/roles/lmn_network/tasks/main.yml
+++ b/roles/lmn_network/tasks/main.yml
@@ -26,4 +26,4 @@
       deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
       main non-free-firmware
     state: present
-  when: inventory_hostname in groups["R202"]
+  when: groups.R202 is defined and inventory_hostname in groups.R202

From c99ec444f8e7bd9dde81b503b9c7343c467809f1 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sun, 10 Mar 2024 09:58:03 +0100
Subject: [PATCH 495/504] create printerlist.csv to inform VMs about available
 printers

---
 roles/lmn_printer/tasks/main.yml              | 20 +++++++++++++++++++
 .../templates/install-printers.sh.j2          |  7 ++++++-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/roles/lmn_printer/tasks/main.yml b/roles/lmn_printer/tasks/main.yml
index 0132ebb..419edd9 100644
--- a/roles/lmn_printer/tasks/main.yml
+++ b/roles/lmn_printer/tasks/main.yml
@@ -12,6 +12,26 @@
     line: '\1No'
     backrefs: yes
 
+- name: Listen on VMBridge
+  lineinfile:
+    dest: /etc/cups/cupsd.conf
+    line: 'Listen 192.168.122.1:631'
+    insertafter: 'Listen localhost:631'
+    state: present
+
+- name: Allow access from localhost and from VM
+  blockinfile:
+    dest: /etc/cups/cupsd.conf
+    block: |
+      Allow localhost
+      Allow 192.168.122.0/24
+    insertafter: "<Location {{ item }}>"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
+    state: present
+  loop:
+    - "/"
+    - "/admin"
+
 - name: Disable cups-browsed
   ansible.builtin.systemd:
     name: cups-browsed.service
diff --git a/roles/lmn_printer/templates/install-printers.sh.j2 b/roles/lmn_printer/templates/install-printers.sh.j2
index 0342369..3e6629c 100644
--- a/roles/lmn_printer/templates/install-printers.sh.j2
+++ b/roles/lmn_printer/templates/install-printers.sh.j2
@@ -23,6 +23,10 @@ for p in $installedprinters ; do
     fi
 done
 
+## Prepare .printerlist.csv
+mkdir -p "/lmn/media/${SUDO_USER}"
+echo "Name;IppURL" > "/lmn/media/${SUDO_USER}/.printerlist.csv"
+
 ## Add all printers needed:
 for ps in $printservers ; do
     echo "Checking print server '$ps' for available printers:"
@@ -36,8 +40,9 @@ for ps in $printservers ; do
 		echo "Adding print queue '$p'."
 		timeout 10 lpadmin -p "$p" -E -v \
 			"ipp://$ps/printers/$p" \
-			-m everywhere || echo "Adding queue '$p' failed."
+			-m "driverless:ipp://$ps/printers/$p" || echo "Adding queue '$p' failed."
 	    fi
+	    echo "$p;ipp://192.168.122.1/printers/$p" >> "/lmn/media/${SUDO_USER}/.printerlist.csv"
 	fi
     done
 done

From 30f24bb666a11f6fb321d1346031e1e6dfdcfdf1 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Sun, 10 Mar 2024 10:00:26 +0100
Subject: [PATCH 496/504] delete old VM-images when running out of space

---
 roles/lmn_vm/files/vm-link-images |  4 +++
 roles/lmn_vm/files/vm-run         | 51 ++++++++++++++++++++++---------
 roles/lmn_vm/files/vm-sync        | 35 +++++++++++++++++++--
 3 files changed, 74 insertions(+), 16 deletions(-)

diff --git a/roles/lmn_vm/files/vm-link-images b/roles/lmn_vm/files/vm-link-images
index efa083c..5489ed5 100755
--- a/roles/lmn_vm/files/vm-link-images
+++ b/roles/lmn_vm/files/vm-link-images
@@ -22,3 +22,7 @@ shift "$((OPTIND -1))"
 for i in *.qcow2; do
   [[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
 done
+
+# allow lmnsynci to remove old vm images 
+chgrp lmnsyni "${VM_DIR}"
+chmod g+w "${VM_DIR}"
diff --git a/roles/lmn_vm/files/vm-run b/roles/lmn_vm/files/vm-run
index 3ad76db..5ef6e2a 100755
--- a/roles/lmn_vm/files/vm-run
+++ b/roles/lmn_vm/files/vm-run
@@ -12,6 +12,8 @@ options:
     -n|--new             new clone will be created, even if exists
     -p|--persistent      new clone will be created persistent, so available after reboot too
     -s|--system          qemu:///system instead of default qemu:///session
+       --no-viewer       start without viewer
+       --heads n         number of displays
        --memory sizeMB   memory size in MB
        --cpu num         number of CPUs
        --os OS           operating system (win10|linux|..)
@@ -76,8 +78,9 @@ check_images() {
            sudo -u lmnsynci /usr/local/bin/vm-sync get_image "$(basename "${BACKINGARRAY[$i]}" .qcow2)"
        fi
    done
-
    echo "VM-Image and required backingfiles available and checked"
+
+   sudo -u lmnsynci /usr/local/bin/vm-sync update_usage_information ${BACKINGARRAY[*]}
 }
 
 create_clone() {
@@ -108,10 +111,11 @@ NEWCLONE=0
 PERSISTENT=0
 LIBVIRTOSINFO="win10"
 LIBVIRTOPTS=""
+NO_VIEWER=0
 
 source /etc/lmn/vm.conf
 
-TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,bridge:,os:,help -n $0 -- "$@")
+TEMP=$(getopt -o no:ps --long new,no-viewer,options:,persistent,system,memory:,data-disk:,heads:,cpu:,bridge:,os:,help -n $0 -- "$@")
 if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
 
 eval set -- "$TEMP"
@@ -135,16 +139,39 @@ while true; do
             LIBVIRTOPTS=$2
 	    shift 2
 	    ;;
+    --no-viewer )
+            NO_VIEWER=1
+	    shift
+	    ;;
     --data-disk )
             LIBVIRTOPTS="${LIBVIRTOPTS}  --disk ${VM_DIR}/data.qcow2,size=$2,sparse=yes"
 	    shift 2
 	    ;;
+    --heads )
+            for i in $(seq $2)
+            do
+              LIBVIRTOPTS="${LIBVIRTOPTS}  --video model.heads=$i"
+            done
+            shift 2
+            ;;
     --memory )
-            LIBVIRTOPTS="${LIBVIRTOPTS} --memory $2"
+	    mem_avail=$(sed -En "s/^MemAvailable:\s+([0-9]+)\s+kB/\1/p" /proc/meminfo)
+	    mem_avail=$((mem_avail / 1024 - 2048))
+	    if (( $2 < mem_avail )); then
+	      LIBVIRTOPTS="${LIBVIRTOPTS} --memory $2"
+	    else
+	      LIBVIRTOPTS="${LIBVIRTOPTS} --memory ${mem_avail}"
+	    fi
 	    shift 2
 	    ;;
     --cpu )
-            LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
+	    #cpu=$(sed -En "0,/^cpu cores/s/^cpu cores\s+:\s+([0-9]+)/\1/p" /proc/cpuinfo)
+	    cpu=$(lscpu | grep "^CPU(s):" | sed 's/.* //g')
+	    if (( $2 < cpu )); then
+	      LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
+	    else
+	      LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu ${cpu}"
+	    fi
 	    shift 2
 	    ;;
     --bridge )
@@ -199,12 +226,6 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
 
     # finally, create the new vm
 
-# TODO
-#    # find macvtap interface MAC address:
-#    MAC="$(ip link | grep -A1 "vm-macvtap" |
-#              sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
-#    sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
-
     virt-install \
              --osinfo "${LIBVIRTOSINFO}" \
 	     --name "${VM_NAME}-clone" \
@@ -220,14 +241,16 @@ if  ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
              --connect="${QEMU}" \
 	     --noautoconsole \
 	     ${LIBVIRTOPTS}
+
 #	     --dry-run \
 #             --print-xml \
 #	     > /tmp/vm.xml
 #	     --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
 #	     --network type=ethernet,target.dev=vm-macvtap,xpath1.set=./target/@managed=no \
-
 #    virsh --connect="${QEMU}" start "${VM_NAME}-clone"
 fi
-echo "starting viewer"
-trap exit_script SIGHUP SIGINT SIGTERM
-virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"
+if [[ $NO_VIEWER == 0 ]] ; then
+  echo "starting viewer"
+  trap exit_script SIGHUP SIGINT SIGTERM
+  virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"
+fi
diff --git a/roles/lmn_vm/files/vm-sync b/roles/lmn_vm/files/vm-sync
index b115154..a9713ed 100755
--- a/roles/lmn_vm/files/vm-sync
+++ b/roles/lmn_vm/files/vm-sync
@@ -10,6 +10,7 @@ command:
   get_file
   get_image
   delete_outdated_image
+  update_usage_information
 EOF
 }
 
@@ -18,6 +19,22 @@ get_torrent() {
       echo "No torrent-File found"
       exit 1
     fi
+    cd "${VM_SYSDIR}"
+    echo Size needed: $(get_image_size "${VM_NAME}.qcow2.torrent")
+    echo Size available: $(df --block-size=1 --output=avail "${VM_SYSDIR}" | sed 1d)
+    while [[ $(get_image_size "${VM_NAME}.qcow2.torrent") -gt $(df --block-size=1 --output=avail "${VM_SYSDIR}" | sed 1d) ]]; do
+      echo "Not enough space to get ${VM_NAME}."
+      FILENAME="$(head -1 vm_usage_information.txt)"
+      if [[ -z $FILENAME ]]; then
+        echo "No more old VM-files to delete. Unable to get ${VM_NAME}. Please contact system administrator."
+	exit 1
+      fi
+      echo "Deleting $FILENAME"
+      sudo vm-aria2 stop "$(basename "${FILENAME}" .qcow2)"
+      rm -f "${FILENAME}"
+      [[ -f "${VM_DIR}/${FILENAME}" ]] && rm -f "${VM_DIR}/${FILENAME}"
+      sed -i -e 1d vm_usage_information.txt
+    done
     lockfile="/tmp/sync-vm-${VM_NAME}.lock"
     if ! flock -n "$lockfile" echo "try to acquire lock"; then
       echo torrent seems to be in process.
@@ -37,7 +54,7 @@ get_torrent() {
         sudo vm-aria2 stop "${VM_NAME}"
         cd "${VM_SYSDIR}"
 	# get image
-	aria2c --seed-time=0 --dht-file-path=$DHTDAT \
+	aria2c --seed-time=0 --dht-file-path="$DHTDAT" \
 	       --dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
 	       "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
 	# and seed
@@ -67,9 +84,18 @@ delete_outdated_image() {
     fi
 }
 
+update_usage_information() {
+    cd "${VM_SYSDIR}"
+    [[ -f vm_usage_information.txt ]] || ls -tr *.qcow2 > vm_usage_information.txt || touch vm_usage_information.txt
+    FILENAME="$(basename $FILENAME)"
+    echo sed -i "/${FILENAME}/d" vm_usage_information.txt
+    sed -i "/${FILENAME}/d" vm_usage_information.txt
+    echo "${FILENAME}" >> vm_usage_information.txt
+}
+
 get_file() {
    cd "${VM_SYSDIR}"
-   curl --fail --noproxy ${SEEDBOX_HOST} -o "${FILENAME}" \
+   curl --fail --noproxy "${SEEDBOX_HOST}" -o "${FILENAME}" \
 	"http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
 }
 
@@ -130,6 +156,11 @@ case "$command" in
          delete_outdated_image
       done
       ;;
+   update_usage_information)
+      for FILENAME in "$@"; do
+         update_usage_information
+      done
+      ;;
    *)
       show_help
       exit 1

From 7667f12399519329efdc45d22bf5037023f3faf8 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 08:59:53 +0100
Subject: [PATCH 497/504] use correct path to rfkill

---
 roles/lmn_wlan_iwd/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_wlan_iwd/tasks/main.yml b/roles/lmn_wlan_iwd/tasks/main.yml
index 301144d..c8ff1c1 100644
--- a/roles/lmn_wlan_iwd/tasks/main.yml
+++ b/roles/lmn_wlan_iwd/tasks/main.yml
@@ -48,7 +48,7 @@
 
       [Service]
       Type=oneshot
-      ExecStart=/usr/bin/rfkill enable wifi
+      ExecStart=/usr/sbin/rfkill enable wifi
 
       [Install]
       WantedBy=multi-user.target

From b271d4978e80dd461799d73d4aed095b8d305c03 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 09:21:07 +0100
Subject: [PATCH 498/504] Create vm_usage_information.txt in not exists.

---
 lmn-client.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lmn-client.yml b/lmn-client.yml
index 037a403..96c6b32 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -254,6 +254,18 @@
         - /etc/sudoers.d/90-lmn-link-images
         - /etc/rsync.secret
 
+    - name: check if vm_usage_information.txt exists
+      stat: path=/lmn/vm/vm_usage_information.txt
+      register: vm_usage_information
+
+    - name: pre-fill vm_usage_information.txt
+      shell:
+        cmd: |
+          ls -tr *.qcow2 > vm_usage_information.txt || touchvm_usage_information.txt
+          chown lmnsynci:lmnsynci vm_usage_information.txt
+        chdir: /lmn/vm/
+      when: not vm_usage_information.stat.exists
+
 ## bookworm fixes/hacks:
     - name: Work around sddm hang on shutdown
       ansible.builtin.lineinfile:

From 4c6a499cf02d217ded0ab9e15b5f4c0f6c5b4971 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 10:39:18 +0100
Subject: [PATCH 499/504] Fix misspelled name of lmnsynci-User.

---
 roles/lmn_vm/files/vm-link-images | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/lmn_vm/files/vm-link-images b/roles/lmn_vm/files/vm-link-images
index 5489ed5..e4c8618 100755
--- a/roles/lmn_vm/files/vm-link-images
+++ b/roles/lmn_vm/files/vm-link-images
@@ -24,5 +24,5 @@ for i in *.qcow2; do
 done
 
 # allow lmnsynci to remove old vm images 
-chgrp lmnsyni "${VM_DIR}"
+chgrp lmnsynci "${VM_DIR}"
 chmod g+w "${VM_DIR}"

From ac97b0d3a414acecc9427d871e245fd0855cfed7 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 11:10:46 +0100
Subject: [PATCH 500/504] Work around interrupted dpkg run.

---
 roles/up2date_debian/tasks/main.yml | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/roles/up2date_debian/tasks/main.yml b/roles/up2date_debian/tasks/main.yml
index 955f68c..b71d0d8 100644
--- a/roles/up2date_debian/tasks/main.yml
+++ b/roles/up2date_debian/tasks/main.yml
@@ -5,11 +5,21 @@
     update_cache: true
     cache_valid_time: 86400
 
-- name: upgrade packages
-  apt:
-    upgrade: dist
-    autoremove: true
-    autoclean: true
+- block:
+    - name: upgrade packages
+      apt:
+        upgrade: dist
+        autoremove: true
+        autoclean: true
+  rescue:
+    - name: Looks like dpkg was interrupted, configure manually
+      command:
+        cmd: dpkg --configure -a
+    - name: Try again to upgrade packages
+      apt:
+        upgrade: dist
+        autoremove: true
+        autoclean: true
 
 - name: install etckeeper
   apt:

From ab70115e855c98bc0596b538145f798e6e180571 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 11:19:50 +0100
Subject: [PATCH 501/504] Fix Desktop PC that ended up in laptop group.

---
 inventory.yml | 298 +++++++++++++++++++++++++-------------------------
 1 file changed, 151 insertions(+), 147 deletions(-)

diff --git a/inventory.yml b/inventory.yml
index c8e9421..845c75b 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -1,148 +1,152 @@
 $ANSIBLE_VAULT;1.1;AES256
-66666430376464636332663265363563336234653231383266303361616534383565353231376231
-3331346462376436333266323735663364613336653235640a636635316333313365346264633931
-34393534373265343830373732353363343438303738656638353361336438353432383861396233
-6163313166343561310a323937313562326532356638653563333330373131316566306632316464
-63303033303932643530623136323163666139373063636264613135376466396530373436663236
-63643735653862373536633537656130343163336632643932316164383464613439376333616335
-31643561393063653561306431343161326261633230306261346337636237363563653936646631
-39363762626130393533363139316365326334366530613133633265353138346338376433316536
-33363065373937646563646665356638386266643236646265616238636533373061396636666263
-39343266333632646666663431333630316339326436323161623832303030383638323362303034
-36303431306632323133336134623630303438346462393462343731646536303433653538623663
-38393862376665373661303065333766376335326536353163613633353331623432346633323963
-34636633383835386235343361386631336163613430333831346232376338646439326630373537
-39326238356635323763616666393236643635623037366631636365613032303532353737333836
-31353635366537663037666264623330393637393931353066653539356231316130633330356361
-66653735376632623763326439646137623335613031636266376533323336303936323335636135
-66303737373362666338366330663034333865346338356236326664393966386631333938366434
-62376665666530653063386531383262383539306436373963616133353635393365363031383936
-39336438653439333135623135353862373035346131616638626631343461383462363835633430
-32373861656662366434663238663062303863356437356234363862356266613462653839303238
-66643234393435333465633563333163383937643137356634666339366465306134363263623764
-66336339373665376331303365373233633761353864636265343139383433643533363632646666
-65323033363635653865383737373138323661363435336161643539326237653362343235366430
-39343164303963663264656366336636386136386133636236653431303862613939663638333431
-36396464383032313065313766326162326534323631353739643935346165326364653436373838
-31343339363465383934646235393061336663383661623634383937343062333135656134646362
-65386335656134396362303963653330616337353731636437323036373166333061303861613361
-61326664326266633536326431346337303530336235623237643263623031343965313733383934
-36643965376637633832326139633336396635636536366530383930363436626436373164663064
-64363733326438646533323337646531633233366434616365636633613563613638333336393230
-39333634613165623331343738613161643737626637323132393331653063313930383262386565
-34353766393536663234653430663761613730623361663163393737333536636233663534643432
-31333737623132353230326437613538386237393264636335643033353364343533353136616436
-65373031643462396139623639643431363032306630346438386137343765643030643038373765
-33366364316132333630636334333331633062393732373037336464383736656364313934306636
-37346433326566323761616264333162393938636232613566376235646663336566373565663539
-37643561646535346134386436393563393963336332626364616664636533323762386536343861
-65626333326161646338656537396561326465643162363937363361323864326461653033343531
-39313065653261363630653432313135616633616161393331303130303665383066646663316362
-34313463363762616165356463616433373264653335663333363937663965303766303064343764
-31656338363232656563316437356338656635386535623161373233306337313437343138373736
-39386538616663353437633065363261313437346536333962303162333166363763343439356364
-64633336363932373336383130343934373334643664386331643738653665646536393961626461
-63386638666634336166393939336432383437316166316235306464323335323731613362316437
-64303037323461666636373831326539613435303333663266313438396138376436343461643434
-65316464306137373137343139623634663765346231343064383634643835373533363634383037
-65376238616232653235333931366564666132323031343561306565316331656438653137376234
-33626632373065373366626362316663303564323861313636396134326631356332666133346234
-32613038386139306130643362306165313136613633383433323934636132333332613466623866
-35306463643438623464393234656432653939366564386230643139663131366539626138323032
-31323763646161303732363631386662623432636238366161306465623466643334653936383132
-64343563666535366337306538626630383865363835643938616465333534613332333932646265
-62623261333633613931633930613833333634333935653634346264326365356239333762653266
-36623739363564353536373863336661346133333935613637653132363033656131326430633739
-38646166313535343336363364366531323364393836343731643466376633343431613262376362
-30613736653536306433626136396532323530343135663339356435636664316566636137363866
-32616635373036656333326365646234386339366663633038353033326131333039663837646530
-64613630303131343935326639396633333663326337636237666565616163303261643764343564
-37383435366663326630336334363032343562393466663237373133636431306638393333636564
-36363133313032633235666437636339623066363735663433666535623939363337333164306137
-37323736353066656330636639373037653338383266383135376439366365343164633235636563
-32396537323235333564643063616135383339336464306536373237383166646564336330316438
-39346533363133656635396136303465306333343037376136343132623433373430366237346139
-39393032666338313431326238386664303035363765346465353763306661326235643536396338
-61326339386238653135353638323830613234356238626161636366613439653136626139306463
-39313966633462316236393938363664393764393062663839383938646231313565623231616538
-64373762363038373464376335323736353861653666623964366561383261623535306561656236
-36616161333639306639633166323337346633363966303863613130326232353736616161616566
-61303337653339643165363764323063396566313238336166663233346332346563383930333065
-65336130383265623066393733373965373635316661316561626238353730363738653464626636
-66396437633032323664663834646361346134666338383232663939643561623135353564623030
-61393932323033346362613761343163636461663039613963666633353831343234636331343130
-36313638333266623432313036326437353337656637633938376537653466316434613465343431
-62373565663434323963666537613963666337326161396238623466343036303135393466376437
-32366235373736303533653936353935643339313165373366643363646138663938313566393734
-66616331613237636339623431373661386464313238353831646261313463613739613334613430
-31373639333734633664336636623265643939383330656138306237393565393939313463616138
-64623433663464643435626230343632336637333532333539613961633339646430646134646361
-30636139343537656630666333616666663438623961353064663739646466376537376563613535
-36306634643166383731393065653132343063653331613166343562643139333934323339626534
-63613061356332633537346236383966643164633861633363366237663736343761386430393565
-34626239666566346435656633323764323966373735663531316330386135666133616139333263
-33303339326564643364663038383332646236306537313463616331393339383938396335666139
-61636664353135653237653730646564623832303836643432646334646330393135393830653765
-30383931363338386264306536313236383365386464663131613436306433373136656431663136
-61356436633466323837343539633334613661346265383833373366633536643835633130366163
-39646662316230633066346335643535373462366334343330376232616339363631363262613737
-66643030306462383361316666616165613936613163663336646531623164346262346139303332
-33333836346534623732646365323265313938663964613830383164653437666533633564633430
-39303362303837393736633632333539316461646364373035336435663263346334653665353531
-38383836333261653863396232343535623536623934653039343130373033333231333939663633
-38663430353336353736643738383832383837316361353831303439353333663139333263353636
-31346235373535323036656261333963663937386166323962383163343638383734306665646333
-63613861353030636662323364316663643864336333343339373838623835613837383033373738
-63323965373236633734646366653032383862643033653164653838623032383337343033626439
-37396431336333663162373633323832306436383433303131346638663866396161303937396534
-62373365663436656638326634626230353338303465663630376231346634306663376335613261
-32373837303464613263323634626339346465313338386537303064386237303365353662636466
-34323436393634623430636339393438363363623730326237346361393931373833326166353864
-33363665396337633238366566363630363133333062343335346132663938336231396562326433
-62363031383761656361316539383036653539633633346466663831343232333263656139356232
-34623763306566356637636561333261366231363664363537323765303036303064663530393235
-37373037393965393463616239623131343663336263613934363165636363326633363665633032
-65313839313932386662633331393564366630376131656537646534653931373530333538343738
-32373935653763383933366262396336303739646265353833326638623931313363613162653035
-39336364393136373331346235326338313362636635623561343137613736623864363662393862
-37643433383365616265323331353964383064613335343430636166303561313738306532313133
-65356631653262393965316438313439336235373633613935636363326466353233396462626665
-61306633653033333364666564383035356430393235386335616535306163323137323066396339
-33383735353637613133383830343261353836306233623639303562663962356330323963633239
-38326534366431653130633166313962623934316138653837653763353935326332643034326664
-39343464333134616435613462373139383766333762623236316536313362346466386265643239
-32333265343634613562306430346438356662313139623134323135376436363162363334393535
-65323264656562363161326363616161363832353938666634383462373231386636313733333161
-35643564643732383239343865616662323463316534393237666539343264376536353335333436
-35396464623937326331623965376533396136643435383438323337666332343364303435393936
-66386262306262633435653365323561393038353965356461666639653635353263373837626430
-33653235386432633930373135303034326265373436333731316633333638316433633438663065
-66363137373134356561373932626365663564626636396638353633396335366438323339333231
-38316134376135306430616466616364656435656262613633663338386666356432643732333630
-61383861343263373739363536656465326162643561633139343161643432363631343133326363
-65363331643161386166623063366336626333356337386137633631343163636239333163396266
-39616261646332636463396134343839366137306439626539386336316261633531646632316134
-62383162663732643365363937663735363062356330653236623437663632323663613461306234
-62646439316464663038343962343332313065653434383465633565326165663532643437616461
-65386362373333386335666538363064373663386638656438373961346362303035373931646566
-64373839613965663166663163366538383839303838636266663036653265643865396237623331
-63643065353231303631303839663666386637373663343063313132333633353130366465386531
-64633636306166663165616433363564623063313665313833386662333938356631656563623435
-36626132336231386137336638363233626138313734333738356532346533333837396335613735
-64383466323936336639346161646236313536353838373835313138646138653066613739353562
-66616136626438613636653236393934663331623662306435373664623464373866313466643863
-64623435386537353966623666333731343438313033636533636134303635393530653937313363
-33626434653231353164363430373862393364303032303462643837616539316565326332363166
-62663963323438343734396334626237636434333562626161376463373637613764356539353965
-33363836353662326130643764396137383139623231376639613161386330646230666562383432
-36376363343435363337343432303564313263636333313762646335656561346336633733393031
-38633132613964623461303937363435363631346238326231343433393166333432316236626537
-64316530613632306565336530376233333665323235323132656266663631323533306438383061
-30383031626435646137646463366531323231386539323031396235336263363462613133326533
-65303061663533623330663465623464323935623235386665666266373433666238306433366163
-30393766306331633062326364323663326538646461313834343036373462306166323130383866
-31363934663633633562333037326239306362383766636433393931356161653664306630633366
-62326131613065393132663435333261633639646230353839623361643034353365316131316435
-37306436383237613431646432373238643763396330316336663464623832653666313530306431
-32363766373039616134343039616138643237333638323037376236393462353434383737393736
-376634376163616332376562386639366464
+63633264306266356564663836343363656536353265653630623231313232316232373364396234
+3236316538656536366265323139396261613363653261620a336663633534646530613832646330
+37636232373730363966333835333935346534373737373366333137393336343333386638373236
+3761336362363136320a313937373361636337613464383266643763356436623163353164373133
+66653337346637633231663433653465353963656561633037633131643931363439323737303636
+37313630326337313333633632343232373562363662396161343866393031383564383239626461
+35316334333464393064643534626166333264663932316533303963343038653162656232656165
+33346162393633633736623532386333653464646335626236356466343439633130653836623462
+34613337623034313834663231343830623836313037313435306633356131326235346364643234
+65646361336234343937653139303034333438626238366531656230653639373636346565643035
+65306130386331643037633165613635393433653537333238393365343736623932363432663166
+36376266313936393931366333303863353033643962303861393536383966343932373233356234
+64663834663965373038333265616532313161656337613035393736653864393562656630326561
+66343634383139386133326463633333313164303638313636663361373036396235636332323563
+31383337636535313139636661306430396335323237653364333838616434363931333861656262
+35366431646161396234666135343663343266626538363833356666613932303766373238363030
+64353666363662633836383135313738376235653565323039323962326665323334303731393535
+35303161636133376631386437626432363463383536343530396533316330393537643036346438
+34373939373938356466363261643936323964313232313331623237643564326239353861666636
+31363462336137373365333366383635303639643263303633386637303839363531336133353035
+66643039313764353935346133396233373735626163383734333736383062663038643464323137
+30613239393864333365663331313634373338616238303735646532386135336664623635373934
+34633366303736316438613733316230343039373434653565313631623931646363333139363332
+66353934396632613330313061336336626531656334633237633536613138393938353364623137
+34636231643565316435356334663736326463643131393135636366373338326233636564326165
+31646632326430353036363163303839336638393962373665346237373831393639376231396362
+38366438656236646436653634356235386238366233666433656161316636643035353165373837
+30653036346236306162626536393937653235306236313036633135653139656261666361316336
+66333835343735333937396362353330383139663635386236373531653837383231356535326330
+64323735383833306463636461373061376133366261356166626466656365663730383133353062
+35356136623464656662613438313535316466323538313438313963383532616232336564346534
+64333736316238393232623763306539373034366566306561336161336630613133633762636131
+34653565353031373436666363613164343964626164366537646438363965396366623765383333
+39656630383564623735666663643836363963356563303137343064373434343336663536353562
+30636165623032343136363534373761626638346432323661653730633264323837356163656132
+66323533316130356364353536303536613365663536346431306634623938613531373465323738
+33336132663431613338653432613863323665393532346130313332316366633439323664363361
+61323233303732393637303366336336626638353931663365326266386632666235343164623336
+65653861353133353661646463383133613733653561333136656665333338636331616262346661
+66383862323664626632613865663933313338633839313864303366306631613565633734353564
+38333137633933323538313632393233373836653365333531356336616265396163353365356162
+66636637646436343834313165363830346339636532343362333133666437323862636439323438
+39363934623766666464623838396465323539366433653334636365653665356237373235646661
+63316135626430363637383637363366313563326165393263393539353738313936373365346364
+62393931353138656633343933313337306266623834653038383437313238643530333130623666
+37653532333966666564343131316463383836373831393964333664653538616662383733623462
+31393131666662323236623838343630316434303961323663346262656538313464393564323132
+39623037323334613632666536366363306139646431646465376535393331333366333537343561
+66333862353036393930623632313737333062363464353437663966313438636261306165353032
+32306533363463316661653334306261336236323366353037353461613632633934333734373038
+37356230613336353938633562343632633031616635343461316333373062646137396163653235
+65653661386637376330313438323630353432353064383263626339333262363566366633613531
+66636237363265313266323038376163356437376532656362626436366235393335646165323061
+61663162313463613431393762633165653035343061333035333439616165646237356633323631
+65333861663236633064646563346233653231656430623564666265363834633635336163313864
+39646538613164393161306137393065623935643937393935313438363434623538373963663461
+39636530373739306333346132636533633861363530613437663632303963336634376639366134
+31323032393135336136636338366634393236303334633664343865613839663966373339373239
+61643765393539626337303264373133366265643438333935666633343738653761626437323861
+38633030653931313762333764316134393566306435303338623832653035393766663539663164
+64643136656338343334396234363139363337323033333163323261356431356362636435363838
+64333866313031333937353034376337346631343338626364343034616635633138313039613464
+33336439356438616234306666646132623230646161373938656239323134653435663734653235
+64646338343161363364316639336538646439313939326337346339376466666136333165636161
+64393732313538373334363431363836626364643834333265653135653035636330656464613731
+36316266316430336166393564306462363232336335626335616165313734633466636534353035
+37626637633534656235363530633866633062626537383935313763373562633737313032643462
+61353561366639306437626332643633626463313663366561646331373735393032616332326562
+36626266316236363930616662636134623865356632303465316266616663353039616261396663
+34373037623763393263316166343131643531663134616165386636653562336135346333326461
+39623964656137323439316166666132616561666235633439326464383937653738336435646134
+64383661363962333838376135323864633234386662643864336132343231366266363632313666
+31356339633938316636616537633335333564396631336238383063383164393238656438646131
+31373164313062623930636438346437623736353830396533343730366162343164393661396263
+63383837633335366534343137663634646631366234656365383235353532626163393537376537
+37643661666464303133313362366230313132363738643765613735613462333861633736643664
+38303537303338626139323566306536616236353563613862323435636165373434316432663864
+39373033326134626530663932623230396531636433346432653262666430653866656330613861
+64646265363562623663353532616663383830383633366462323235383966383263396535363536
+30633266386339656230326365303330376138313432653132323138333863663961613538623566
+62636565613130633166656639653264376461663737356162336331313834613662353430656431
+35313237633837623562396539623336313562313765383035373036333233356461366336383838
+65616164623762303033633130636364666630633465633435616666313031343863386261373033
+39623638313761393434333431646638363062303437373765666435386531343339323862666132
+38666635363431613530313766386165633032643836663861653434656231383333666633643266
+32333336383334303763323237653934313032643261326233376335616230386234346161353431
+63643733643634313133336332663933656363393861633831346261353334376464633562326534
+31663066656130363965656361626464613463323764383036623063386166653839366637376135
+34646466313836353234383762376165356439626532646430313730326166313839356263633966
+39643731613363613564356337653931626666363337356138333335393463393865666636393532
+33353366633465303765373936316334633331323930653235313231343039616238663433613365
+31373866666466363965346637656435383433626563313330316132376364366532316331343534
+32353462646536343538346130383139663334313331323935396537313835366161613539653164
+38666265306664623666396530383464653661356562613037323362303361323537326239323661
+66383230386437656132653966333062343536623861373461326333646266366430613563306436
+32623132303966323638643639343537643135396566323630313038636465353830636439343465
+34333136613435653037303437646439623035643539623663633561616137656138373063653662
+35643830613235663931386634626463333331313864666662313534626464663635616437313061
+66373039396333336639623637353839656333386635363733636636306132333130643131656438
+64333561323464333631356465393665613635356265343764346531613538633137366231343032
+30323832346266653238633432383334393661333737383761303238613734623534646232633562
+63643066663363306432366662643362663665313431616665653239386666623864633639383431
+37393630636363303438383665326663323561653335396238353138616533323965353031336465
+39383132666564333661383831323539313334393632653865353662373439663438656534653133
+63353562373637323436316530666639613637353866633931343536306230323765643335376563
+33626661366339663161653334666232626464636134623537336237663662343833613564306366
+64613132313038663761626562323832343937316136363666393438656165653666326463656565
+39663032656537313563346138323731626562396566646535633830636638643463323334356365
+65396564633530386237626664353734366336363339336162373139373036666339313531316265
+63313266316238383363333262373038653062653561656466643837343863633562633530366433
+61333663366361306233353463646636386335343131396461613562653264306432326663313436
+37656538356534393065386263373264623664333738306363373465323663313831323665323862
+37613366313361376137363663393334623237326663383766663736333133353931356264663163
+65653439356463393938626331323835383232386638323531326661613433343833343130626531
+61656461333565666633353739626266653138316163326565336461333934376235376639623338
+66396662323338663966653731386633623331626339653664383366316466653661366630333966
+63343930363565343464373731386237396363353562633634663935373733373663356537333134
+38623362633936616533646535626533376366663535626364646536333333313664356532356130
+33366164303836643730656439386537633761653032333061306261646364373961323334623831
+35393832323830336633303030653963393532376466353966333039313661373263303136636534
+65623830646662396236626263313763623833346236343361373465633434366131326362663034
+64323161383832663765636566363932613434353031653031633262363233653630343736653436
+35333435663562303135646531663033373538376366323638333031653962306563383733393235
+64333763663163306537346638633763363932336337633039633865633931656136356537366466
+66373639303037623066383239383335643664666362303364396465633361396536383133653939
+31336438646531376364303731313430396464373432646234356637663966333665636136653761
+39396138343439353565343139643165313864643132386633643836366564636130623666303933
+36623563326434656439333962336132343662663936653866316163633339336361376633396530
+66356639366330613335353633613831303535633538633233306666383761633864386538666266
+61383861393863626434613333633430396636666433306533623432356464633764663433373931
+38636538313830366438313964666430353237656639633763386332613636636462653634343831
+62626638633863353165366438656465376466633966356133366263636666343632313761653766
+65336461346531356631376462623737316538373363353230333436303532333835396435646634
+39306438663436636532373063643138366531313936306135666466333765646630336532313238
+64623530626334303638626364343864613164353732386262323439343735383164333232363434
+34666165353366343566656163373738663065643132303734623533326634346238343630643838
+64393833646132613761356334306539303233323466336533363938313633343834356239613034
+64653935373761396331323936616334303561613762623733613637653031623564366538373630
+61313733333863303630633036353535393532326134636139343532396163346537383665663838
+61386637353566306134393430366633636437616565343465393333306138376462633131623332
+65343035653066396533336238393365663432393537323431366532353232333036353662386363
+35313162646432626632633032636162343764343463366236386438323131623766363937336436
+31333332373731643164626137643162393964393334643237393133366237323562623839356534
+31343163656366616638663265323939663765666563333239306563653265343765613432633430
+63613231326333313437313166326236346538656236373933313262616334656264376430626263
+65396261386439646562343235326630353265356362666131316664343430343534353062613232
+64313234323430396139373331356434363663646339653566303638623839383330623630613662
+33653863333534656665313362326338346338303434363932323635666463323536343865386235
+31366134643263303630653534306364616466323538626335366231333762643961656165316534
+34626532393730323034663434386234313939336262333266656134613938613433396337376531
+343631376663336639636437653165333163

From b4a78bdd84ab1e2debd998e36253bc76de6869e2 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 11:25:18 +0100
Subject: [PATCH 502/504] Revert "Implement cifs caching with cachefilesd."

This reverts commit 6c7209e82b7bfacb235ff62789ffdcc009e5c546.
---
 roles/lmn_mount/tasks/main.yml | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index aa16fc2..c2cf63c 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -5,7 +5,6 @@
       - libpam-mount
       - cifs-utils
       - nfs-common
-      - cachefilesd
       - hxtools
       - davfs2
     state: latest
@@ -35,7 +34,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,fsc,actimeo=600{{ cifsopt | default(",cache=loose") }}"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks,nobrl,actimeo=600{{ cifsopt | default(",cache=loose") }}"
         ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>{{ localuser }}</user></or></not>
       </volume>
     insertafter: "<!-- Volume definitions -->"
@@ -46,12 +45,6 @@
     state: directory
     mode: '0755'
 
-- name: Enable cachefilesd
-  ansible.builtin.replace:
-    path: /etc/default/cachefilesd
-    regexp: '^#RUN=yes'
-    replace: RUN=yes
-
 - name: Prepare persistent user cache base directory
   ansible.builtin.file:
     path: /var/cache/user/

From fe7ec2f2e9d9aea552a9f1f73316c72637325641 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 16:42:18 +0100
Subject: [PATCH 503/504] Clean up cachefsd leftover.

---
 lmn-client.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lmn-client.yml b/lmn-client.yml
index 96c6b32..75edb58 100644
--- a/lmn-client.yml
+++ b/lmn-client.yml
@@ -170,9 +170,11 @@
       notify: Run update-grub
 
 ## Clean up stuff from obsolete/faulty tasks:
-    - name: Remove "unattended-upgrades" package
+    - name: Remove packages we do not need anymore
       ansible.builtin.apt:
-        name: unattended-upgrades
+        name:
+          - unattended-upgrades
+          - cachefilesd
         state: absent
         purge: True
 

From e7aa91e7f80b3e934c277a5a49c32045bafd9856 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Tue, 12 Mar 2024 18:34:58 +0100
Subject: [PATCH 504/504] Make lmn-client a separate repository.

Remove all playbooks and roles not used for the lmn-client playbook.
They are almost all maintained within the debian-lan-ansible project
at:
     https://salsa.debian.org/andi/debian-lan-ansible/
---
 README                                        | 123 -------
 README.kerberox                               |  14 -
 cloudbox.yml                                  |  54 ---
 edubox.yml                                    |  68 ----
 fvs-desktop.yml                               |  58 ----
 fvs-home-server.yml                           |  21 --
 fvs-homex-server.yml                          |  17 -
 fvs-vm-server.yml                             |  34 --
 fvs-www-server.yml                            |  29 --
 host_vars/blackbox.yml                        |   4 -
 host_vars/bluebox.yml                         |   1 -
 installbox.yml                                |  46 ---
 installbox6.yml                               |  36 --
 kerberox-client.yml                           |  27 --
 kerberox.yml                                  |  62 ----
 kiosk.yml                                     |  22 --
 livebox.yml                                   |  89 -----
 lmn-teacher.yml                               |  72 ----
 minimal-krb5.yml                              |  10 -
 minimal.yml                                   |   9 -
 roles/aptcacher/handlers/main.yml             |   3 -
 roles/aptcacher/tasks/main.yml                |  37 --
 roles/backup/defaults/main.yml                |  15 -
 roles/backup/files/backup.service             |   6 -
 roles/backup/files/backup.timer               |  10 -
 roles/backup/handlers/main.yml                |   6 -
 roles/backup/tasks/main.yml                   |  33 --
 roles/backup/templates/backup                 |  51 ---
 roles/ddnsupdate/files/ddns-update            |  35 --
 roles/ddnsupdate/files/ddns-update.service    |   6 -
 roles/ddnsupdate/files/ddns-update.timer      |  11 -
 roles/ddnsupdate/handlers/main.yml            |   7 -
 roles/ddnsupdate/tasks/main.yml               |  27 --
 .../ddnsupdate/templates/ddns-update.conf.j2  |   2 -
 roles/debianlive/handlers/main.yml            |  10 -
 roles/debianlive/tasks/main.yml               | 128 -------
 roles/dhcp6radvdatftp/handlers/main.yml       |  20 --
 roles/dhcp6radvdatftp/tasks/main.yml          |  39 ---
 .../templates/kea-dhcp6.conf.j2               |  20 --
 roles/dhcp6radvdatftp/templates/radvd.conf.j2 |  10 -
 roles/dnsdhcptftp/defaults/main.yml           |   1 -
 roles/dnsdhcptftp/handlers/main.yml           |  15 -
 roles/dnsdhcptftp/tasks/main.yml              | 100 ------
 roles/dnsdhcptftp/templates/db.RR.j2          |  17 -
 roles/dnsdhcptftp/templates/db.RRinv.j2       |  11 -
 roles/dnsdhcptftp/templates/dhcpd.conf.j2     | 139 --------
 roles/dnsdhcptftp/templates/localzones.j2     |  17 -
 roles/dnsdhcptftp/templates/resolv.conf.j2    |   2 -
 roles/dnsmasq/handlers/main.yml               |   3 -
 roles/dnsmasq/tasks/main.yml                  |  24 --
 roles/dnsmasq/templates/dnsmasq-dhcp.j2       |   3 -
 .../dnsmasq-tftp-netboot-installer.j2         |   5 -
 roles/educontainer/defaults/main.yml          |  13 -
 roles/educontainer/handlers/main.yml          |   7 -
 roles/educontainer/tasks/main.yml             |  70 ----
 roles/educontainer/tasks/setup.yml            | 181 ----------
 .../educontainer/templates/contcfg.nspawn.j2  |  15 -
 roles/educontainer/templates/hostname.j2      |   1 -
 roles/educontainer/templates/hosts.j2         |   4 -
 roles/edulive/defaults/main.yml               |   1 -
 roles/edulive/files/gnome-edu/README          |   2 -
 roles/edulive/files/gnome-edu/auto/build      |   5 -
 roles/edulive/files/gnome-edu/auto/clean      |  10 -
 roles/edulive/files/gnome-edu/auto/config     |  18 -
 .../hooks/0001-plymouth-theme.hook.chroot     |   8 -
 .../live/0010-disable-kexec-tools.hook.chroot |   1 -
 .../0050-disable-sysvinit-tmpfs.hook.chroot   |   1 -
 .../hooks/live/0500-desktop.hook.chroot       |  15 -
 .../hooks/live/0600-wireshark.hook.chroot     |   5 -
 .../0020-create-mtab-symlink.hook.chroot      |   1 -
 .../normal/0030-enable-cryptsetup.hook.chroot |   1 -
 .../0040-create-locales-files.hook.chroot     |   1 -
 ...0-remove-adjtime-configuration.hook.chroot |   1 -
 .../0110-remove-backup-files.hook.chroot      |   1 -
 .../0120-remove-dbus-machine-id.hook.chroot   |   1 -
 .../0130-remove-gnome-icon-cache.hook.chroot  |   1 -
 .../normal/0140-remove-log-files.hook.chroot  |   1 -
 ...150-remove-mdadm-configuration.hook.chroot |   1 -
 ...emove-openssh-server-host-keys.hook.chroot |   1 -
 .../normal/0170-remove-python-py.hook.chroot  |   1 -
 ...0180-remove-systemd-machine-id.hook.chroot |   1 -
 .../0190-remove-temporary-files.hook.chroot   |   1 -
 .../0195-remove-ssl-cert-snakeoil.hook.chroot |   1 -
 ...emove-udev-persistent-cd-rules.hook.chroot |   1 -
 ...move-udev-persistent-net-rules.hook.chroot |   1 -
 .../0400-update-apt-file-cache.hook.chroot    |   1 -
 .../0410-update-apt-xapian-index.hook.chroot  |   1 -
 .../0420-update-glx-alternative.hook.chroot   |   1 -
 .../0430-update-mlocate-database.hook.chroot  |   1 -
 ...0440-update-nvidia-alternative.hook.chroot |   1 -
 .../0500-reproducible-glibc.hook.chroot       |   1 -
 .../etc/dconf/db/gdm.d/00-login-screen        |   8 -
 .../etc/dconf/db/local.d/defaults             |  34 --
 .../includes.chroot/etc/dconf/profile/gdm     |   3 -
 .../includes.chroot/etc/dconf/profile/user    |   2 -
 .../etc/libvirt/qemu/netboot.xml              | 151 --------
 .../qemu/networks/autostart/default.xml       |   1 -
 .../qemu/networks/autostart/intern.xml        |   1 -
 .../etc/libvirt/qemu/networks/intern.xml      |  14 -
 .../includes.chroot/etc/sysctl.d/sysctl.conf  |   3 -
 .../lib/live/config/0001-VM-MAC               |  11 -
 .../config/package-lists/desktop.list.chroot  |  13 -
 .../package-lists/live-systems.list.chroot    |   2 -
 .../config/package-lists/live.list.chroot     |   3 -
 .../package-lists/localization.list.chroot    |   2 -
 .../config/package-lists/school.list.chroot   | 100 ------
 .../config/package-lists/standard.list.chroot |   4 -
 .../config/preseed/wireshark.cfg.chroot       |   1 -
 roles/edulive/files/livebuilder.service       |   6 -
 roles/edulive/files/livebuilder.timer         |  11 -
 roles/edulive/handlers/main.yml               |  12 -
 roles/edulive/tasks/main.yml                  |  75 ----
 roles/edulive/templates/livebuilder.sh        |  32 --
 roles/exam_homes/files/archive-homes          |  23 --
 roles/exam_homes/files/archive-homes.service  |   6 -
 roles/exam_homes/files/archive-homes.timer    |  11 -
 roles/exam_homes/files/copy2students          |  26 --
 roles/exam_homes/files/examode.py             |  75 ----
 roles/exam_homes/files/fetchexam              |  23 --
 roles/exam_homes/files/mkDownloads            |  12 -
 roles/exam_homes/handlers/main.yml            |   6 -
 roles/exam_homes/tasks/main.yml               |  58 ----
 roles/firewalld2if/handlers/main.yml          |   9 -
 roles/firewalld2if/tasks/main.yml             |  80 -----
 .../templates/interfaces-static.j2            |   4 -
 roles/fvs-client/handlers/main.yml            |  10 -
 roles/fvs-client/tasks/main.yml               |  61 ----
 roles/fvs-mount/defaults/main.yml             |   5 -
 roles/fvs-mount/tasks/main.yml                |  49 ---
 roles/fvs-sssd/defaults/main.yml              |   2 -
 roles/fvs-sssd/handlers/main.yml              |   3 -
 roles/fvs-sssd/tasks/main.yml                 |  30 --
 roles/fvs-sssd/templates/sssd.conf.j2         |  21 --
 roles/gnome/files/defaults                    |  34 --
 roles/gnome/files/user                        |   2 -
 roles/gnome/handlers/main.yml                 |   7 -
 roles/gnome/tasks/main.yml                    |  64 ----
 roles/kde/handlers/main.yml                   |   3 -
 roles/kde/tasks/main.yml                      |  37 --
 roles/kiosk/files/kde5rc                      |   8 -
 roles/kiosk/files/kscreenlockerrc             |   3 -
 roles/kiosk/handlers/main.yml                 |  19 --
 roles/kiosk/tasks/main.yml                    | 115 -------
 roles/kiosk/templates/sddm.conf.j2            |   4 -
 roles/kiosk/templates/wifi.j2                 |  18 -
 roles/krb5kdcldap/defaults/main.yml           |   9 -
 roles/krb5kdcldap/handlers/main.yml           |  11 -
 roles/krb5kdcldap/meta/main.yml               |   3 -
 roles/krb5kdcldap/tasks/main.yml              |  34 --
 roles/krb5kdcldap/tasks/setup.yml             | 197 -----------
 roles/krb5kdcldap/templates/kadm5.acl.j2      |   2 -
 roles/krb5kdcldap/templates/kdc.conf.j2       |  15 -
 roles/krb5kdcldap/templates/krb5.conf.j2      |  26 --
 roles/lanclient/defaults/main.yml             |   7 -
 roles/lanclient/handlers/main.yml             |  15 -
 roles/lanclient/tasks/main.yml                |  99 ------
 roles/lanclient/templates/sssd.conf.j2        |  22 --
 roles/ldap/defaults/main.yml                  |   9 -
 roles/ldap/files/slapd-config.ldif            |  43 ---
 roles/ldap/tasks/main.yml                     |  91 -----
 roles/ldap/tasks/setup.yml                    | 100 ------
 roles/ldap/templates/debian-lan.j2            | 253 --------------
 roles/ldap/templates/slapd-TLS.ldif           |   9 -
 roles/lowpower/files/powertop.service         |   6 -
 roles/lowpower/files/powertop.timer           |   9 -
 roles/lowpower/handlers/main.yml              |   5 -
 roles/lowpower/tasks/main.yml                 |  17 -
 roles/netbootinstaller/defaults/main.yml      |   1 -
 roles/netbootinstaller/handlers/main.yml      |  15 -
 roles/netbootinstaller/tasks/main.yml         |  30 --
 roles/networkdresolved/files/all-eth.network  |   5 -
 roles/networkdresolved/handlers/main.yml      |  14 -
 roles/networkdresolved/tasks/main.yml         |  26 --
 .../templates/20-static.network.j2            |   7 -
 roles/nextcloud/defaults/main.yml             |   7 -
 roles/nextcloud/files/krb5-nextcloud.conf     |  11 -
 roles/nextcloud/files/nextcloud.conf          |  31 --
 roles/nextcloud/files/nextcloudcron.service   |   6 -
 roles/nextcloud/files/nextcloudcron.timer     |  10 -
 roles/nextcloud/handlers/main.yml             |  18 -
 roles/nextcloud/tasks/main.yml                | 322 ------------------
 roles/nextcloudupgrade/handlers/main.yml      |  14 -
 roles/nextcloudupgrade/tasks/main.yml         |  27 --
 roles/nfsserver/defaults/main.yml             |   6 -
 roles/nfsserver/handlers/main.yml             |  24 --
 roles/nfsserver/tasks/main.yml                |  94 -----
 roles/nfsserver/templates/dhcp-send-domain.j2 |   2 -
 roles/nfsserver/templates/sssd.conf.j2        |  22 --
 roles/prepare4clients/handlers/main.yml       |   7 -
 roles/prepare4clients/tasks/main.yml          | 241 -------------
 roles/prepare4clients/templates/git-repo.j2   |  14 -
 roles/sambaldap/defaults/main.yml             |   4 -
 roles/sambaldap/handlers/main.yml             |   7 -
 roles/sambaldap/meta/main.yml                 |   3 -
 roles/sambaldap/tasks/main.yml                | 133 --------
 roles/sambaldap/templates/sssd.conf.j2        |  23 --
 roles/shorewall2if/handlers/main.yml          |   7 -
 roles/shorewall2if/tasks/main.yml             |  74 ----
 .../templates/interfaces-static.j2            |   4 -
 roles/smbsshfsclient/defaults/main.yml        |   5 -
 roles/smbsshfsclient/handlers/main.yml        |   8 -
 roles/smbsshfsclient/tasks/main.yml           |  77 -----
 roles/smbsshfsclient/templates/sssd.conf.j2   |  22 --
 .../files/store_id_regex.conf                 |   2 -
 roles/transparentsquid/handlers/main.yml      |   3 -
 roles/transparentsquid/tasks/main.yml         |  63 ----
 roles/webserver/tasks/main.yml                |   6 -
 sambox-client.yml                             |  20 --
 sambox.yml                                    |  56 ---
 209 files changed, 5758 deletions(-)
 delete mode 100644 README
 delete mode 100644 README.kerberox
 delete mode 100644 cloudbox.yml
 delete mode 100644 edubox.yml
 delete mode 100644 fvs-desktop.yml
 delete mode 100644 fvs-home-server.yml
 delete mode 100644 fvs-homex-server.yml
 delete mode 100644 fvs-vm-server.yml
 delete mode 100644 fvs-www-server.yml
 delete mode 100644 host_vars/blackbox.yml
 delete mode 100644 host_vars/bluebox.yml
 delete mode 100644 installbox.yml
 delete mode 100644 installbox6.yml
 delete mode 100644 kerberox-client.yml
 delete mode 100644 kerberox.yml
 delete mode 100644 kiosk.yml
 delete mode 100644 livebox.yml
 delete mode 100644 lmn-teacher.yml
 delete mode 100644 minimal-krb5.yml
 delete mode 100644 minimal.yml
 delete mode 100644 roles/aptcacher/handlers/main.yml
 delete mode 100644 roles/aptcacher/tasks/main.yml
 delete mode 100644 roles/backup/defaults/main.yml
 delete mode 100644 roles/backup/files/backup.service
 delete mode 100644 roles/backup/files/backup.timer
 delete mode 100644 roles/backup/handlers/main.yml
 delete mode 100644 roles/backup/tasks/main.yml
 delete mode 100755 roles/backup/templates/backup
 delete mode 100755 roles/ddnsupdate/files/ddns-update
 delete mode 100644 roles/ddnsupdate/files/ddns-update.service
 delete mode 100644 roles/ddnsupdate/files/ddns-update.timer
 delete mode 100644 roles/ddnsupdate/handlers/main.yml
 delete mode 100644 roles/ddnsupdate/tasks/main.yml
 delete mode 100644 roles/ddnsupdate/templates/ddns-update.conf.j2
 delete mode 100644 roles/debianlive/handlers/main.yml
 delete mode 100644 roles/debianlive/tasks/main.yml
 delete mode 100644 roles/dhcp6radvdatftp/handlers/main.yml
 delete mode 100644 roles/dhcp6radvdatftp/tasks/main.yml
 delete mode 100644 roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
 delete mode 100644 roles/dhcp6radvdatftp/templates/radvd.conf.j2
 delete mode 100644 roles/dnsdhcptftp/defaults/main.yml
 delete mode 100644 roles/dnsdhcptftp/handlers/main.yml
 delete mode 100644 roles/dnsdhcptftp/tasks/main.yml
 delete mode 100644 roles/dnsdhcptftp/templates/db.RR.j2
 delete mode 100644 roles/dnsdhcptftp/templates/db.RRinv.j2
 delete mode 100644 roles/dnsdhcptftp/templates/dhcpd.conf.j2
 delete mode 100644 roles/dnsdhcptftp/templates/localzones.j2
 delete mode 100644 roles/dnsdhcptftp/templates/resolv.conf.j2
 delete mode 100644 roles/dnsmasq/handlers/main.yml
 delete mode 100644 roles/dnsmasq/tasks/main.yml
 delete mode 100644 roles/dnsmasq/templates/dnsmasq-dhcp.j2
 delete mode 100644 roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2
 delete mode 100644 roles/educontainer/defaults/main.yml
 delete mode 100644 roles/educontainer/handlers/main.yml
 delete mode 100644 roles/educontainer/tasks/main.yml
 delete mode 100644 roles/educontainer/tasks/setup.yml
 delete mode 100644 roles/educontainer/templates/contcfg.nspawn.j2
 delete mode 100644 roles/educontainer/templates/hostname.j2
 delete mode 100644 roles/educontainer/templates/hosts.j2
 delete mode 100644 roles/edulive/defaults/main.yml
 delete mode 100644 roles/edulive/files/gnome-edu/README
 delete mode 100755 roles/edulive/files/gnome-edu/auto/build
 delete mode 100755 roles/edulive/files/gnome-edu/auto/clean
 delete mode 100755 roles/edulive/files/gnome-edu/auto/config
 delete mode 100755 roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
 delete mode 100755 roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
 delete mode 100755 roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
 delete mode 120000 roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
 delete mode 120000 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
 delete mode 120000 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
 delete mode 100644 roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
 delete mode 100755 roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
 delete mode 100644 roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
 delete mode 100644 roles/edulive/files/livebuilder.service
 delete mode 100644 roles/edulive/files/livebuilder.timer
 delete mode 100644 roles/edulive/handlers/main.yml
 delete mode 100644 roles/edulive/tasks/main.yml
 delete mode 100644 roles/edulive/templates/livebuilder.sh
 delete mode 100755 roles/exam_homes/files/archive-homes
 delete mode 100644 roles/exam_homes/files/archive-homes.service
 delete mode 100644 roles/exam_homes/files/archive-homes.timer
 delete mode 100755 roles/exam_homes/files/copy2students
 delete mode 100755 roles/exam_homes/files/examode.py
 delete mode 100755 roles/exam_homes/files/fetchexam
 delete mode 100755 roles/exam_homes/files/mkDownloads
 delete mode 100644 roles/exam_homes/handlers/main.yml
 delete mode 100644 roles/exam_homes/tasks/main.yml
 delete mode 100644 roles/firewalld2if/handlers/main.yml
 delete mode 100644 roles/firewalld2if/tasks/main.yml
 delete mode 100644 roles/firewalld2if/templates/interfaces-static.j2
 delete mode 100644 roles/fvs-client/handlers/main.yml
 delete mode 100644 roles/fvs-client/tasks/main.yml
 delete mode 100644 roles/fvs-mount/defaults/main.yml
 delete mode 100644 roles/fvs-mount/tasks/main.yml
 delete mode 100644 roles/fvs-sssd/defaults/main.yml
 delete mode 100644 roles/fvs-sssd/handlers/main.yml
 delete mode 100644 roles/fvs-sssd/tasks/main.yml
 delete mode 100644 roles/fvs-sssd/templates/sssd.conf.j2
 delete mode 100644 roles/gnome/files/defaults
 delete mode 100644 roles/gnome/files/user
 delete mode 100644 roles/gnome/handlers/main.yml
 delete mode 100644 roles/gnome/tasks/main.yml
 delete mode 100644 roles/kde/handlers/main.yml
 delete mode 100644 roles/kde/tasks/main.yml
 delete mode 100644 roles/kiosk/files/kde5rc
 delete mode 100644 roles/kiosk/files/kscreenlockerrc
 delete mode 100644 roles/kiosk/handlers/main.yml
 delete mode 100644 roles/kiosk/tasks/main.yml
 delete mode 100644 roles/kiosk/templates/sddm.conf.j2
 delete mode 100644 roles/kiosk/templates/wifi.j2
 delete mode 100644 roles/krb5kdcldap/defaults/main.yml
 delete mode 100644 roles/krb5kdcldap/handlers/main.yml
 delete mode 100644 roles/krb5kdcldap/meta/main.yml
 delete mode 100644 roles/krb5kdcldap/tasks/main.yml
 delete mode 100644 roles/krb5kdcldap/tasks/setup.yml
 delete mode 100644 roles/krb5kdcldap/templates/kadm5.acl.j2
 delete mode 100644 roles/krb5kdcldap/templates/kdc.conf.j2
 delete mode 100644 roles/krb5kdcldap/templates/krb5.conf.j2
 delete mode 100644 roles/lanclient/defaults/main.yml
 delete mode 100644 roles/lanclient/handlers/main.yml
 delete mode 100644 roles/lanclient/tasks/main.yml
 delete mode 100644 roles/lanclient/templates/sssd.conf.j2
 delete mode 100644 roles/ldap/defaults/main.yml
 delete mode 100644 roles/ldap/files/slapd-config.ldif
 delete mode 100644 roles/ldap/tasks/main.yml
 delete mode 100644 roles/ldap/tasks/setup.yml
 delete mode 100644 roles/ldap/templates/debian-lan.j2
 delete mode 100644 roles/ldap/templates/slapd-TLS.ldif
 delete mode 100644 roles/lowpower/files/powertop.service
 delete mode 100644 roles/lowpower/files/powertop.timer
 delete mode 100644 roles/lowpower/handlers/main.yml
 delete mode 100644 roles/lowpower/tasks/main.yml
 delete mode 100644 roles/netbootinstaller/defaults/main.yml
 delete mode 100644 roles/netbootinstaller/handlers/main.yml
 delete mode 100644 roles/netbootinstaller/tasks/main.yml
 delete mode 100644 roles/networkdresolved/files/all-eth.network
 delete mode 100644 roles/networkdresolved/handlers/main.yml
 delete mode 100644 roles/networkdresolved/tasks/main.yml
 delete mode 100644 roles/networkdresolved/templates/20-static.network.j2
 delete mode 100644 roles/nextcloud/defaults/main.yml
 delete mode 100644 roles/nextcloud/files/krb5-nextcloud.conf
 delete mode 100644 roles/nextcloud/files/nextcloud.conf
 delete mode 100644 roles/nextcloud/files/nextcloudcron.service
 delete mode 100644 roles/nextcloud/files/nextcloudcron.timer
 delete mode 100644 roles/nextcloud/handlers/main.yml
 delete mode 100644 roles/nextcloud/tasks/main.yml
 delete mode 100644 roles/nextcloudupgrade/handlers/main.yml
 delete mode 100644 roles/nextcloudupgrade/tasks/main.yml
 delete mode 100644 roles/nfsserver/defaults/main.yml
 delete mode 100644 roles/nfsserver/handlers/main.yml
 delete mode 100644 roles/nfsserver/tasks/main.yml
 delete mode 100644 roles/nfsserver/templates/dhcp-send-domain.j2
 delete mode 100644 roles/nfsserver/templates/sssd.conf.j2
 delete mode 100644 roles/prepare4clients/handlers/main.yml
 delete mode 100644 roles/prepare4clients/tasks/main.yml
 delete mode 100644 roles/prepare4clients/templates/git-repo.j2
 delete mode 100644 roles/sambaldap/defaults/main.yml
 delete mode 100644 roles/sambaldap/handlers/main.yml
 delete mode 100644 roles/sambaldap/meta/main.yml
 delete mode 100644 roles/sambaldap/tasks/main.yml
 delete mode 100644 roles/sambaldap/templates/sssd.conf.j2
 delete mode 100644 roles/shorewall2if/handlers/main.yml
 delete mode 100644 roles/shorewall2if/tasks/main.yml
 delete mode 100644 roles/shorewall2if/templates/interfaces-static.j2
 delete mode 100644 roles/smbsshfsclient/defaults/main.yml
 delete mode 100644 roles/smbsshfsclient/handlers/main.yml
 delete mode 100644 roles/smbsshfsclient/tasks/main.yml
 delete mode 100644 roles/smbsshfsclient/templates/sssd.conf.j2
 delete mode 100644 roles/transparentsquid/files/store_id_regex.conf
 delete mode 100644 roles/transparentsquid/handlers/main.yml
 delete mode 100644 roles/transparentsquid/tasks/main.yml
 delete mode 100644 roles/webserver/tasks/main.yml
 delete mode 100644 sambox-client.yml
 delete mode 100644 sambox.yml

diff --git a/README b/README
deleted file mode 100644
index 9760129..0000000
--- a/README
+++ /dev/null
@@ -1,123 +0,0 @@
-
-        Run Debian in your Local Area Network
-       =======================================
-
-The goal of the "Debian Local Area Network"-project is to make setting
-up Debian in a local area network as easy as possible.  This repository
-offers ansible playbooks and instructions for the following machines:
-
- • installbox:  orchestration of automatic installs in the LAN
-     - set up as gateway to some external network (WAN)
-     - provides TFTP installations on the LAN interface
-     - automatic installs: preseeding and ansible playbooks
-     - package cache
-
- • kerberox:  serving a minimalistic kerberized LAN
-     - automatic TFTP installation of clients
-     - centralized home directories on kerberized NFS
-     - simple script to manage users and machines
-
- • kerberox-client:  the client for the kerberized LAN
-
- • sambox and -client:  comparable to the kerberox setup, but
-   home directories are shared via sshfs or the smb protocol. 
-
- • cloudbox:  nextcloud server in the basement
-     - setup of a home cloud server
-     - dynamic DNS name
-     - nextcloud
-     - backup with borg
-     - …
-
- • kiosk:  school's computer, hackerspace, …
-     - auto login user
-     - reasonable defaults
-     - temporary home directory on tmpfs, reset at boot
-
- • edubox:  deploy a set of containers for training/teaching
-
-Contributions like patches, suggestions, pull requests and/or further
-profiles are highly appreciated!
-
-----------------------------
-
- Instructions
-==============
-
-Installbox
-~~~~~~~~~~
- • standard Debian installation:
-   - user 'ansible' in sudo group
-   - WAN interface configured and connected
-   - LAN interface not configured/managed
-
- • optional:  customize installbox.yml
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook installbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
-
- • the installbox can be used to install all other profiles
-
-Kerberox, Sambox
-~~~~~~~~~~~~~~~~
- • standard Debian installation:
-   - user 'ansible' in sudo group
-   - WAN interface configured and connected
-   - LAN interface not configured/managed
-
- • optional:  customize kerberox.yml
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook kerberox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
-
-Kerberox and installbox provide a local ansible configuration space
-which can be used to install clients and/or to check/modify the local
-installation.  To do the latter, cd into 'debian-lan' and run:
-
-   'ansible-playbook --ask-become-pass -v  -i localhost, -c local  kerberox.yml'
-
-The kerberox-clients are automatically installed using the included TFTP netboot
-installer within the LAN.
-
-Cloudbox
-~~~~~~~~
- • Debian installation:
-   - user 'ansible' in sudo group
-
- • check/customize cloudbox.yml
-
- • download latest nextcloud-*.*.*.tar.bz2 archive and place it as nextcloud.tar.bz2
-   in your debian-lan-ansible directory
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook cloudbox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
-
- • use 'nc-admin' with password in '/root/nc-admin.pwd' to log into nextcloud.
-
-Kiosk
-~~~~~
- • Debian installation:
-   - user 'ansible' in sudo group
-
- • customize kiosk.yml:
-   - WiFi parameters
-   - package selection: extra_pkgs and extra_pkgs_bpo for backports
-   - desktop environment
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook kiosk.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
-
-Edubox
-~~~~~~
- • Debian installation:
-   - user 'ansible' in sudo group
-
- • customize edubox.yml
-
- • run ansible:
-     ssh-copy-id ansible@1.2.3.4
-     ansible-playbook edubox.yml -v --become --ask-become-pass -u ansible -i 1.2.3.4,
diff --git a/README.kerberox b/README.kerberox
deleted file mode 100644
index fd84d98..0000000
--- a/README.kerberox
+++ /dev/null
@@ -1,14 +0,0 @@
-## After installation of the clients, prepare and copy all machine
-## credentials to the machines in the following way:
-
-## Log into the Kerberos KDC (kerberox).
-
-## Find the kadmin password to be used soon:
-     sudo cat /root/kadmin.pwd
-
-## Then:
-     cd /home/ansible/debian-lan/
-     ansible-playbook --ask-become-pass kerberox-client.yml \
-                      --ssh-common-args='-o StrictHostKeyChecking=no'
-
-## Enter the 'BECOME' password and the kadmin password obtained above.
diff --git a/cloudbox.yml b/cloudbox.yml
deleted file mode 100644
index b487d1a..0000000
--- a/cloudbox.yml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-# This playbook deploys the cloudbox on a minimal installation.
-
-- name: apply configuration to the cloudbox
-  # hosts: cloudboxes ## 'all' is needed to make ansible-pull work
-  hosts: all
-  remote_user: ansible
-  become: true
-  vars:
-    if_lan: "enp1s0"
-    ipaddr: "192.168.2.50/24"
-    gateway: "192.168.2.1"
-    dns: "192.168.2.1"
-    ddns_domain: "something.ddnss.de"
-    ddns_updkey: "138638.some.key.here.635620"
-    ## 'nc_download' and 'nc_checksum' are only
-    ## used for ansible-pull during installation:
-    nc_download: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
-    nc_checksum: "sha256:d32a8f6c4722a45cb67de7018163cfafcfa22a871fbac0f623c3875fa4304e5a"
-    nc_apps:
-      - calendar
-      - notes
-    backup_opts: "--exclude-caches -e '*/updater-*/' -e '*/preview/*' -e '*/files_trashbin/*'"
-    backup_dirs:
-      - "/etc"
-      - "{{ nc_dir }}"
-      - "{{ data_dir }}"
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  roles:
-    - up2date_debian
-#    - ddnsupdate
-#    - lowpower
-    - nextcloud
-    - nextcloudupgrade
-    - kerberize
-#    - backup
-
-## Hosts in the the 'only_nextcloud'-group are only upgraded:
-
-- name: upgrade nextcloud only
-  hosts: only_nextcloud
-  remote_user: ansible
-  become: true
-  vars:
-    nc_dir: "/var/www/nextcloud"
-    nc_apps:
-      - calendar
-      - notes
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  roles:
-    - up2date_debian
-    - nextcloudupgrade
diff --git a/edubox.yml b/edubox.yml
deleted file mode 100644
index 76b188c..0000000
--- a/edubox.yml
+++ /dev/null
@@ -1,68 +0,0 @@
----
-## This playbook deploys a series of minimal systemd-nspawn containers
-## for educational use on a host, for example to learn ansible!
-## All containers use an apt cache on the host system and forward port
-## 22 (ssh), 80 (http) and 443 (https) to ports >= 10000, 10100 and 10200
-## respectively.  A user 'ansi' in the 'sudo' group is prepared,
-## either with empty password or an initial password to be set below.
-##
-## Modifications of the initial containers are kept in an overlay
-## directory next to the container images in '/var/lib/machines/'.
-## This allows to visit and compare the work of students on the host.
-## To manage the containers after installation, run the playbook with
-## one of the the following tags:
-##
-##    --tags=start    start all containers
-##    --tags=stop     stop all containers
-##    --tags=restart  stop, then start all containers
-##    --tags=reset    reset all containers to the initial image
-##    --tags=purge    purge all containers
-##    --tags=setup    purge all containers and setup again
-##
-
-- name: apply configuration to the edubox
-  hosts: all # eduboxes
-  remote_user: ansible
-  become: true
-  vars:
-    contname: cont
-    ## User name for the user in the container:
-    contuser: ansi
-    ## Password for the user 'ansible' in the container,
-    ## leave empty to log in without password:
-    contpwd: ""
-    ## Adjust the number of containers here:
-    containers: "{{ range(0, 49 + 1) | list }}"
-    ## Additional packages to be installed in the container:
-    cont_packages_extra:
-      - bind9-dnsutils
-      - file
-      - locales
-      - xz-utils
-      - lsof
-      - wget
-      - bind9-host
-      - libc-l10n
-      - traceroute
-      - bzip2
-      - netcat-traditional
-      - telnet
-
-  pre_tasks:
-    - name: install apt-cacher-ng
-      apt:
-        name:
-          - apt-cacher-ng
-          - auto-apt-proxy
-        state: latest # noqa package-latest
-
-    - name: enable and start systemd-networkd on the host
-      systemd:
-        name: systemd-networkd
-        state: started
-        enabled: true
-
-  roles:
-    - up2date_debian
-    - educontainer
-    - networkdresolved
diff --git a/fvs-desktop.yml b/fvs-desktop.yml
deleted file mode 100644
index a97a744..0000000
--- a/fvs-desktop.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-## This playbook deploys a FvS desktop machine.
----
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - webext-privacy-badger
-      - webext-ublock-origin
-      - vim
-      - emacs
-      - elpa-magit
-      - elpa-color-theme-modern
-      - vlc
-      - gimp
-      - inkscape
-      - bluefish
-      - git
-      - gitk
-      - gitg
-      - mc
-      - tmux
-      - wireshark
-      - nmap
-      - netcat-openbsd
-      - net-tools
-      - ghex
-      - thonny
-      - spyder
-      - mu-editor
-      - dia
-      - vym
-      - tree
-      - console-setup
-      - virt-manager
-      - libreoffice-l10n-de
-    extra_pkgs_bpo: [ libreoffice ] # [ linux-image-amd64 ]  # [ libreoffice ]
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  roles:
-    - up2date_debian
-    - fvs-sssd
-    - fvs-mount
-    - fvs-client
-    ## Choose either gnome or KDE:
-    - gnome
-    #- kde
-
-  tasks:
-    - name: Add local user 'virti' in the 'libvirt' group
-      ansible.builtin.user:
-        name: virti
-        password: $y$j9T$DuSvAO63v5LvoJmJ1rB0B0$D4tovIz79AdLHs5I6tYa7rxr3SWknQeUFvGaaKvUpo3
-        comment: Libvirt VM User,,,
-        shell: /bin/bash
-        groups: libvirt
-        append: yes
diff --git a/fvs-home-server.yml b/fvs-home-server.yml
deleted file mode 100644
index 1369dd3..0000000
--- a/fvs-home-server.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-## This playbook deploys a FvS home server machine.
----
-- name: apply configuration to the home server
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - vim
-    extra_pkgs_bpo: [ ]  # [ libreoffice ]
-
-  roles:
-    - up2date_debian
-    - fvs-sssd
-
-  tasks:
-    - name: enable pam_mkhomedir.so
-      lineinfile:
-        dest: /etc/pam.d/common-session
-        line: "session	optional	pam_mkhomedir.so  umask=0027"
-        insertbefore: "session	optional	pam_mount.so"
diff --git a/fvs-homex-server.yml b/fvs-homex-server.yml
deleted file mode 100644
index 28d4ada..0000000
--- a/fvs-homex-server.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-## This playbook deploys a FvS homex server machine.
----
-- name: apply configuration to the homex server
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - vim
-      - systemd-journal-remote
-      - python3-ldap
-    extra_pkgs_bpo: [ ]
-
-  roles:
-    - up2date_debian
-    - fvs-sssd
-    - exam_homes
diff --git a/fvs-vm-server.yml b/fvs-vm-server.yml
deleted file mode 100644
index f8fe613..0000000
--- a/fvs-vm-server.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-## This playbook deploys a FvS VM server machine.
----
-- name: apply configuration to the VM server
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - vim
-      - libvirt-daemon-system
-    extra_pkgs_bpo: [ ]  # [ libreoffice ]
-
-  roles:
-    - up2date_debian
-    - fvs-sssd
-
-  tasks:
-    - name: enable pam_mkhomedir.so
-      lineinfile:
-        dest: /etc/pam.d/common-session
-        line: "session	optional	pam_mkhomedir.so  umask=0027"
-        insertbefore: "session	optional	pam_mount.so"
-
-    - name: allow all users to use VMs
-      lineinfile:
-        dest: /etc/libvirt/libvirtd.conf
-        line: 'auth_unix_rw = "none"'
-        insertafter: '#auth_unix_rw = "polkit"'
-
-    - name: shared directory for ISO installer images
-      file:
-        path: /home/ISOsVM
-        state: directory
-        mode: '1777'
diff --git a/fvs-www-server.yml b/fvs-www-server.yml
deleted file mode 100644
index edf75e1..0000000
--- a/fvs-www-server.yml
+++ /dev/null
@@ -1,29 +0,0 @@
-## This playbook deploys a FvS web server machine.
----
-- name: apply configuration to the web server
-  hosts: all
-  remote_user: ansible
-  become: yes
-  vars:
-    extra_pkgs:
-      - vim
-      - apache2
-      - python3-flask
-
-    extra_pkgs_bpo: [ ]  # [ libreoffice ]
-
-  roles:
-    - up2date_debian
-    - fvs-sssd
-
-  tasks:
-    - name: enable pam_mkhomedir.so
-      lineinfile:
-        dest: /etc/pam.d/common-session
-        line: "session	optional	pam_mkhomedir.so  umask=0026"
-        insertbefore: "session	optional	pam_mount.so"
-
-    - name: enable apache mod userdir
-      apache2_module:
-        state: present
-        name: userdir
diff --git a/host_vars/blackbox.yml b/host_vars/blackbox.yml
deleted file mode 100644
index a1f3799..0000000
--- a/host_vars/blackbox.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-allow_download: true
-backup_dirs_extra:
-  - /home
-backup_opts_extra: ""
diff --git a/host_vars/bluebox.yml b/host_vars/bluebox.yml
deleted file mode 100644
index dacab7d..0000000
--- a/host_vars/bluebox.yml
+++ /dev/null
@@ -1 +0,0 @@
-allow_download: true
diff --git a/installbox.yml b/installbox.yml
deleted file mode 100644
index e4155f2..0000000
--- a/installbox.yml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-## This playbook deploys the installbox.  Add 'hostname=XXX' and
-## 'domain=YYY' to the installer boot parameters to set hostname and
-## domain.
-
-- name: apply configuration to the installbox
-  hosts: all
-  remote_user: ansible
-  become: true
-
-  vars:
-    ## This interface provides the default route:
-    if_wan: "{{ ansible_default_ipv4.interface }}"
-
-    ## Use the first remaining interface for the LAN:
-    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
-
-    ## LAN IP address range:
-    ipaddr_lan: 192.168.0.10/24
-    dhcp_start: 192.168.0.50
-    dhcp_stop: 192.168.0.150
-    in_inventory: 192.168.0.[50:150]
-
-    di_dist: "{{ ansible_distribution_release }}"
-    di_version: "{{ ansible_distribution_major_version }}"
-    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
-
-    ansible_user: ansible
-    repo_dir: "/home/{{ ansible_user }}/debian-lan"
-    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
-
-
-  pre_tasks:
-    - name: validate if interfaces are available
-      fail:
-        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
-      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
-
-
-  roles:
-    - up2date_debian
-    - firewalld2if
-    - dnsmasq
-    - netbootinstaller
-    - aptcacher
-    - prepare4clients
diff --git a/installbox6.yml b/installbox6.yml
deleted file mode 100644
index dc66943..0000000
--- a/installbox6.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-## This playbook deploys the installbox6.  Add 'hostname=XXX' and
-## 'domain=YYY' to the installer boot parameters to set hostname and
-## domain.
-
-## FIXME: works only on bookworm (kea-dhcp6, atftpd)
-
-- name: apply configuration to the installbox6
-  hosts: all
-  remote_user: ansible
-  become: true
-
-  vars:
-    ## This interface provides the default route:
-    if_lan: "{{ ansible_default_ipv4.interface }}"
-    prefix: '2001:db8:b001::/64'
-
-    ## Find the IPv6 address: FIXME: not needed anymore?
-    ipv6_lan: "{{ prefix | ipaddr('address') | slaac(ansible_default_ipv4.macaddress) }}"
-
-    di_dist: "{{ ansible_distribution_release }}"
-    di_version: 11 # "{{ ansible_distribution_major_version }}"
-    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
-
-    extra_pkgs: [binutils] # FIXME: missing dependency in di-netboot-assistant
-
-    ansible_user: ansible
-    repo_dir: "/home/{{ ansible_user }}/debian-lan"
-    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
-
-  roles:
-    - up2date_debian
-    - dhcp6radvdatftpd
-    - netbootinstaller
-    - aptcacher
-    - prepare4clients
diff --git a/kerberox-client.yml b/kerberox-client.yml
deleted file mode 100644
index 567676e..0000000
--- a/kerberox-client.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-# This playbook deploys a client for the kerberox LAN.
-
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: true
-  vars:
-    extra_pkgs:
-      - webext-privacy-badger
-      - webext-ublock-origin
-      - krb5-auth-dialog
-    extra_pkgs_bpo: []  # [ libreoffice ]
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  vars_prompt:
-    - name: "kadmin_pwd"
-      prompt: "Provide kadmin password to fetch kerberos keytab.\nLeave empty if done already"
-      private: true
-
-  roles:
-    - up2date_debian
-    - lanclient
-    - kerberize
-    ## Choose either gnome or KDE:
-    # - gnome
-    # - kde
diff --git a/kerberox.yml b/kerberox.yml
deleted file mode 100644
index 084ec74..0000000
--- a/kerberox.yml
+++ /dev/null
@@ -1,62 +0,0 @@
----
-## This playbook deploys the kerberox server.   Add 'hostname=XXX' and
-## 'domain=YYY' to the installer boot parameters to set hostname and domain.
-
-- name: apply configuration to the kerberox server
-  hosts: all
-  remote_user: ansible
-  become: true
-
-  vars:
-    ## This interface provides the default route:
-    if_wan: "{{ ansible_default_ipv4.interface }}"
-
-    ## Use the first remaining interface for the LAN:
-    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
-
-    ## LAN IP address range:
-    ipaddr_lan: 192.168.0.10/24
-    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
-    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
-    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
-    dhcp_start: 192.168.0.50
-    dhcp_stop: 192.168.0.150
-    in_inventory: 192.168.0.[50:150]
-
-    di_dist: "{{ ansible_distribution_release }}"
-    di_version: "{{ ansible_distribution_major_version }}"
-    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
-
-    ansible_user: ansible
-    repo_dir: "/home/{{ ansible_user }}/debian-lan"
-    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
-
-
-  vars_prompt:
-    - name: "foo_pwd"
-      prompt:
-        In case you would like to prepare a test user 'foo' and have
-        not done so yet, provide foo's password here.  Leave empty to
-        just continue
-      private: true
-
-
-  pre_tasks:
-    - name: validate if interfaces are available
-      fail:
-        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
-      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
-
-
-  roles:
-    - up2date_debian
-    - firewalld2if
-    - dnsmasq
-    - netbootinstaller
-    - aptcacher
-    - role: krb5kdcldap
-      when: not run_in_installer|default(false)|bool
-    - role: nfsserver
-      when: not run_in_installer|default(false)|bool
-    - prepare4clients
-    - kerberize
diff --git a/kiosk.yml b/kiosk.yml
deleted file mode 100644
index 4e2126f..0000000
--- a/kiosk.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-# This playbook deploys a kiosk-computer
-
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: true
-  vars:
-    auto_user: debi
-    wifi_ssid: "YOUR SSID HERE"
-    wifi_passwd: "YOUR WIFI-PW HERE"
-    extra_pkgs:
-      - webext-privacy-badger
-      - webext-ublock-origin
-    extra_pkgs_bpo: []  # [ libreoffice ]
-
-  roles:
-    - up2date_debian
-    ## Choose either gnome or KDE:
-    - gnome
-    # - kde
-    - kiosk
diff --git a/livebox.yml b/livebox.yml
deleted file mode 100644
index 81d0916..0000000
--- a/livebox.yml
+++ /dev/null
@@ -1,89 +0,0 @@
-## This playbook deploys the LiveBox.
-##
-## The LiveBox provides Debian Live and Installer images on top
-## of an already existing network with minimal modifications to
-## existing infrastructure.  It does not provide DHCP; the idea
-## is to chainload the LiveBox' menu (iPXE or Grub) from PXE
-## infrastructure already in place.
-##
-## To chainload the LiveBox in iPXE use:
-##  > item livebox Chainload Menu from LiveBox
-##  > …
-##  > :livebox chain tftp://livebox.lan/d-i/n-a/menu.ipxe
-##
-## To chainload the LiveBox in Grub use:
-##  > menuentry 'Chainload Menu from LiveBox' {
-##  >   configfile (tftp,livebox.lan)/d-i/n-a/grub/grub.cfg
-##  > }
-##
----
-- name: apply configuration to the livebox
-  hosts: all
-  remote_user: ansible
-  become: true
-
-  vars:
-    extra_pkgs:
-      - lighttpd
-      - nfs-kernel-server
-    extra_pkgs_bpo:
-      - atftpd
-      - di-netboot-assistant
-      - apt-cacher-ng
-
-    live_desktop:
-      - gnome
-      - kde
-      - standard
-
-    live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/current-live/amd64/iso-hybrid/'
-
-    # The edulive role generates customized Debian-Live images.
-    # Make sure you have sufficient disk space available (~30GiB?).
-    build_images:
-      - gnome-edu
-
-    di_dist: "{{ ansible_distribution_release }}"
-    di_version: "{{ ansible_distribution_major_version }}"
-    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
-    boot_params:
-      - boot=live
-      - netboot=nfs
-      - components
-      - locales=de_DE.UTF-8
-      - keyboard-layouts=de
-      - quiet
-      - splash
-#      - noroot
-
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  pre_tasks:
-    - name: preseed atftpd
-      debconf:
-        name: atftpd
-        question: atftpd/basedir
-        value: /var/lib/tftpboot
-        vtype: string
-
-    - name: find available iso images
-      uri:
-        url: "{{ live_url }}"
-        return_content: true
-      register: idx
-
-    - name: find and set ISO image version
-      set_fact:
-        version: "{{ idx.content | regex_findall('debian-live-(\\d+\\.\\d+\\.\\d+)-amd64-', '\\1') | first }}"
-
-    - name: define ISO image map
-      set_fact:
-        live_iso: "{{ live_iso | default({}) | combine({ item: 'debian-live-' + version + '-amd64-' + item + '+nonfree.iso' }) }}"
-      loop: "{{ live_desktop }}"
-
-  roles:
-    - up2date_debian
-    - netbootinstaller
-    - aptcacher
-    - debianlive
-    - edulive
diff --git a/lmn-teacher.yml b/lmn-teacher.yml
deleted file mode 100644
index 0a5cc4d..0000000
--- a/lmn-teacher.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-## This playbook deploys a KDE teacher's laptop machine for LinuxMuster.
----
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: yes
-  pre_tasks:
-    - name: Preseed unattended-upgrades
-      debconf:
-        name: unattended-upgrades
-        question: unattended-upgrades/enable_auto_updates
-        value: True
-        vtype: boolean
-
-  vars:
-    domain: "{{ ansible_domain }}"
-    kerberize_uris: steinbeis.schule
-    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
-    ntp_serv: server.pn.steinbeis.schule
-    proxy: http://firewall.pn.steinbeis.schule:3128
-    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule
-
-    ## PAM mount nextcloud, remove or leave empty to skip:
-    web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)
-
-    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
-    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/
-
-    rsyncsecret: Muster!
-    keys2deploy:
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0 andi@netboot'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM andi@yogi'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7 raphael@uranus'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA raphael@pluto'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy sascha@america'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ daniel@NB-20-DW'
-
-    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
-    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'
-    nfs4: false
-    extra_pkgs:
-      - vim
-      - mc
-      - tmux
-      - krb5-user
-      - unattended-upgrades
-      - debconf-utils
-    extra_pkgs_bpo: [] # [ linux-image-amd64 ]
-
-  roles:
-    - lmn_network
-    - up2date_debian
-    - lmn_sssd
-    - lmn_kde
-    - lmn_fvs ## school specific customization
-#    - lmn_vm
-    - kerberize
-#    - lmn_security
-
-  tasks:
-    - name: enable pam_mkhomedir.so
-      lineinfile:
-        dest: /etc/pam.d/common-session
-        line: "session  optional        pam_mkhomedir.so  umask=0022"
-        insertbefore: "# end of pam-auth-update config"
-    - name: Fix unattended-upgrades
-      ansible.builtin.copy:
-        dest: /etc/apt/apt.conf.d/20auto-upgrades
-        content: |
-          APT::Periodic::Update-Package-Lists "1";
-          APT::Periodic::Unattended-Upgrade "1";
diff --git a/minimal-krb5.yml b/minimal-krb5.yml
deleted file mode 100644
index 225abef..0000000
--- a/minimal-krb5.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-# This playbook does almost nothing.  Useful for testing only preseeding.
-
-- name: apply a minimal configuration with kerberos LAN integration
-  hosts: all
-  remote_user: ansible
-  become: true
-  roles:
-    - up2date_debian
-    - lan-client
diff --git a/minimal.yml b/minimal.yml
deleted file mode 100644
index 9cdf982..0000000
--- a/minimal.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-# This playbook does almost nothing.  Useful for testing only preseeding.
-
-- name: apply a minimal configuration to the machine
-  hosts: all
-  remote_user: ansible
-  become: true
-  roles:
-    - up2date_debian
diff --git a/roles/aptcacher/handlers/main.yml b/roles/aptcacher/handlers/main.yml
deleted file mode 100644
index 2d70698..0000000
--- a/roles/aptcacher/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: start apt-cacher-ng
-  service: name=apt-cacher-ng state=started enabled=yes
-  listen: "start apt-cacher-ng"
diff --git a/roles/aptcacher/tasks/main.yml b/roles/aptcacher/tasks/main.yml
deleted file mode 100644
index b1f0ae3..0000000
--- a/roles/aptcacher/tasks/main.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-- name: install apt-cacher-ng package
-  apt:
-    name:
-      - apt-cacher-ng
-      - auto-apt-proxy
-    state: latest # noqa package-latest
-
-- name: check if preseeded installer is available
-  stat: path={{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg
-  register: preseedcfg
-
-- name: enable apt-cacher-ng for install-clients
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^d-i mirror/http/proxy string$'
-    replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
-  when: preseedcfg.stat.exists
-
-- name: test if firewalld is available
-  stat: path=/usr/sbin/firewalld
-  register: firewalld
-
-- name: allow apt-cacher-ng service in firewalld
-  firewalld:
-    zone: internal
-    port: 3142/tcp
-    permanent: true
-    immediate: true
-    state: enabled
-  when: not run_in_installer|default(false)|bool and firewalld.stat.exists
-
-- name: allow apt-cacher-ng service in firewalld, offline
-  command: "firewall-offline-cmd --zone=internal --add-port=3142/tcp"
-  when: run_in_installer|default(false)|bool and firewalld.stat.exists
-
-- name: flush handler to make apt-cacher available
-  meta: flush_handlers
diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml
deleted file mode 100644
index 680efc2..0000000
--- a/roles/backup/defaults/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-borg_pwd: "{{ lookup('password', '/tmp/borg.pwd chars=ascii_letters,digits length=32') }}"
-borg_pwd_file: "/root/borg.pwd"
-borg_key_backup: "/root/borg-key.backup"
-
-## alternative: "ssh://user@host:port/path/to/repo"
-backup_repo: "/var/backups/mnt/backup/borg"
-
-backup_dirs_extra: ""
-
-backup_opts: "--exclude-caches"
-backup_opts_extra: ""
-
-www_root: "/var/www"
-nc_dir: "{{ www_root }}/nextcloud"
-data_dir: "/var/nc-data"
diff --git a/roles/backup/files/backup.service b/roles/backup/files/backup.service
deleted file mode 100644
index 6f653c2..0000000
--- a/roles/backup/files/backup.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Run backup script
-
-[Service]
-Type=simple
-ExecStart=/usr/local/bin/backup
diff --git a/roles/backup/files/backup.timer b/roles/backup/files/backup.timer
deleted file mode 100644
index 866729d..0000000
--- a/roles/backup/files/backup.timer
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=Run backup script daily
-
-[Timer]
-OnCalendar=*-*-* 4:00:00
-Persistent=true
-AccuracySec=15min
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/backup/handlers/main.yml b/roles/backup/handlers/main.yml
deleted file mode 100644
index 3a4f8f6..0000000
--- a/roles/backup/handlers/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- name: enable backup.service and .timer
-  systemd:
-    name: backup.timer
-    state: started
-    enabled: true
-  listen: "enable backup.timer"
diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml
deleted file mode 100644
index f263d5c..0000000
--- a/roles/backup/tasks/main.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-- name: install borg
-  apt:
-    name: borgbackup
-    state: latest # noqa package-latest
-
-- name: check if borg password is available
-  stat: path="{{ borg_pwd_file }}"
-  register: borg
-
-- name: dump borg password
-  shell: echo -n "{{ borg_pwd }}" > "{{ borg_pwd_file }}" ; chmod 0600 "{{ borg_pwd_file }}"
-  no_log: true
-  when: not borg.stat.exists
-
-- name: provide backup script
-  template:
-    src: "backup"
-    dest: "/usr/local/bin/backup"
-    mode: "0750"
-
-- name: provide backup.service and .timer
-  copy:
-    src: "{{ item }}"
-    dest: "/etc/systemd/system/{{ item }}"
-    mode: 0644
-  with_items:
-    - backup.service
-    - backup.timer
-  notify: "enable backup.timer"
-
-- name: run first backup
-  command: /usr/local/bin/backup
-  when: not borg.stat.exists
diff --git a/roles/backup/templates/backup b/roles/backup/templates/backup
deleted file mode 100755
index 1cc3c5c..0000000
--- a/roles/backup/templates/backup
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/bash
-set -eu
-
-BACKUP=({{ backup_dirs|join(' ') }} {{ backup_dirs_extra|join(' ') }})
-OPTIONS=({{ backup_opts }} {{ backup_opts_extra }})
-
-export BORG_REPO="{{ backup_repo }}"
-export BORG_PASSCOMMAND="cat {{ borg_pwd_file }}"
-KEY_BACKUP="{{ borg_key_backup }}"
-
-MOUNTED=""
-
-MNT="$(echo "$BORG_REPO" | sed "s|\(^.*/mnt\).*|\1|")"
-if grep -q "$MNT" /etc/fstab ; then
-    [ -d "$BORG_REPO" ] || mount -v "$MNT" && MOUNTED="TRUE"
-fi
-
-if [ ! -e "$KEY_BACKUP" ] ; then
-    [[ "$BORG_REPO" =~ @ ]] || mkdir -vp --mode=0750 "$BORG_REPO"
-    borg init --encryption=repokey
-    borg key export "$BORG_REPO" "$KEY_BACKUP"
-fi
-
-if [ -e "{{ nc_dir }}/config/config.php" ] ; then
-    NCDB="{{ data_dir }}/nextcloud-database.dump"
-    sudo -u www-data /usr/bin/php {{ nc_dir }}/occ maintenance:mode --on
-    PW="$(grep dbpassword {{ nc_dir }}/config/config.php | \
-                   sed -e "s/\W*'dbpassword' => '//" -e "s/',$//")"
-
-    echo -n "Dumping data base into '$NCDB' … "
-    mysqldump --single-transaction -h localhost -u nextcloud -p"$PW" nextcloud > "$NCDB"
-    chmod 600 "$NCDB"
-    echo  "done."
-fi
-
-echo "Backup ${BACKUP[@]} to $BORG_REPO."
-borg create -v --show-rc "${OPTIONS[@]}" ::'{hostname}-{now}' "${BACKUP[@]}"
-
-borg prune -v --list --prefix='{hostname}-' --show-rc \
-     --keep-daily   14 \
-     --keep-weekly   8 \
-     --keep-monthly  6 \
-     --keep-yearly  10
-
-if [ -e "{{ nc_dir }}/config/config.php" ] ; then
-    sudo -u www-data /usr/bin/php {{ nc_dir }}/occ maintenance:mode --off
-fi
-
-if [ "$MOUNTED" = "TRUE" ] ; then
-    umount -v "$MNT"
-fi
diff --git a/roles/ddnsupdate/files/ddns-update b/roles/ddnsupdate/files/ddns-update
deleted file mode 100755
index 00c4bc8..0000000
--- a/roles/ddnsupdate/files/ddns-update
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/bash
-set -eu
-
-. /etc/ddns-update/ddns-update.conf
-
-DDHOST="https://www.ddnss.de/upd.php"
-
-if ! DNSRESULT="$(host $DDNSNAME)" ; then
-    echo "Could not resolve IP address for '$DDNSNAME', no update."
-    exit 0
-fi
-
-DNSIP4="$(echo "$DNSRESULT" | grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$' || true )"
-DNSIP6="$(echo "$DNSRESULT" | grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
-
-REALIP4="$(wget -q -O - https://ip4.ddnss.de/meineip.php | \
-               grep -m 1 -oE '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' || true )"
-REALIP6="$(wget -q -O - https://ip6.ddnss.de/meineip.php | \
-                grep -m 1 -oE '[0-9a-f]{1,4}:.+:[0-9a-f]{1,4}' || true )"
-
-if [ -z "$REALIP4" -a -z "$REALIP6" ] ; then
-    echo "Could not detect real IP addresses, exiting."
-    exit 0
-fi
-
-echo "Current DNS: IPv4=$DNSIP4, IPv6=$DNSIP6."
-echo "Detected:    IPv4=$REALIP4, IPv6=$REALIP6."
-
-if [ "$REALIP4" == "$DNSIP4" -a "$REALIP6" == "$DNSIP6" ] ; then
-    echo "IP address unchanged, no update."
-else
-    echo "IP address changed: $DNSIP4 → ${REALIP4}, $DNSIP6 → ${REALIP6}, updating ddns."
-    wget -q -O - $DDHOST'?key='$KEYAUTH'&host='$DDNSNAME'&ip='$REALIP4'&ip6='$REALIP6 \
-        | grep -oE "Updated .+ hostname." || echo "Update not confirmed, it might have failed."
-fi
diff --git a/roles/ddnsupdate/files/ddns-update.service b/roles/ddnsupdate/files/ddns-update.service
deleted file mode 100644
index 6c1da59..0000000
--- a/roles/ddnsupdate/files/ddns-update.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Update ddns
-
-[Service]
-Type=oneshot
-ExecStart=/usr/local/bin/ddns-update
diff --git a/roles/ddnsupdate/files/ddns-update.timer b/roles/ddnsupdate/files/ddns-update.timer
deleted file mode 100644
index 0fb72ec..0000000
--- a/roles/ddnsupdate/files/ddns-update.timer
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Update ddns IP-address
-
-[Timer]
-OnBootSec=0
-OnUnitActiveSec=20min
-AccuracySec=3min
-
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/ddnsupdate/handlers/main.yml b/roles/ddnsupdate/handlers/main.yml
deleted file mode 100644
index 1022036..0000000
--- a/roles/ddnsupdate/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: enable ddns-update timer
-  systemd:
-    name: ddns-update.timer
-    state: restarted
-    daemon_reload: true
-    enabled: true
-  listen: "enable ddns-update timer"
diff --git a/roles/ddnsupdate/tasks/main.yml b/roles/ddnsupdate/tasks/main.yml
deleted file mode 100644
index a345036..0000000
--- a/roles/ddnsupdate/tasks/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-- name: make sure /etc/ddns-update/ exists
-  file: path=/etc/ddns-update/ state=directory recurse=yes
-
-- name: install ddns-update config
-  template:
-    src: ddns-update.conf.j2
-    dest: /etc/ddns-update/ddns-update.conf
-    mode: 0644
-
-- name: install ddns-update script
-  copy:
-    src: ddns-update
-    dest: /usr/local/bin/ddns-update
-    mode: 0755
-
-- name: install ddns-update.service
-  copy:
-    src: ddns-update.service
-    dest: /etc/systemd/system/ddns-update.service
-    mode: 0644
-
-- name: install ddns-update.timer
-  copy:
-    src: ddns-update.timer
-    dest: /etc/systemd/system/ddns-update.timer
-    mode: 0644
-  notify: enable ddns-update timer
diff --git a/roles/ddnsupdate/templates/ddns-update.conf.j2 b/roles/ddnsupdate/templates/ddns-update.conf.j2
deleted file mode 100644
index cd84e74..0000000
--- a/roles/ddnsupdate/templates/ddns-update.conf.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-DDNSNAME="{{ ddns_domain }}"
-KEYAUTH="{{ ddns_updkey }}"
diff --git a/roles/debianlive/handlers/main.yml b/roles/debianlive/handlers/main.yml
deleted file mode 100644
index affc752..0000000
--- a/roles/debianlive/handlers/main.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- name: rebuild di-netboot assistant menu
-  command:
-    cmd: di-netboot-assistant rebuild-menu
-  listen: rebuild di-netboot menu
-
-- name: export nfs
-  command:
-    cmd: exportfs -ra
-  listen: export nfs
diff --git a/roles/debianlive/tasks/main.yml b/roles/debianlive/tasks/main.yml
deleted file mode 100644
index 1def349..0000000
--- a/roles/debianlive/tasks/main.yml
+++ /dev/null
@@ -1,128 +0,0 @@
----
-- name: download debian-live images
-  get_url:
-    url: "{{ live_url }}{{ item.value }}"
-    dest: "/var/cache/di-netboot-assistant/{{ item.value }}"
-    checksum: "sha256:{{ live_url }}/SHA256SUMS"
-  register: new_iso
-  loop:
-    "{{ live_iso | dict2items }}"
-
-- name: umount old iso images
-  mount:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
-    state: unmounted
-  loop:
-    "{{ live_iso | dict2items }}"
-  when: new_iso.changed
-
-- name: prepare live image directory
-  file:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
-    state: directory
-    mode: 0755
-  loop:
-    "{{ live_iso | dict2items }}"
-
-- name: make sure loop module is loaded
-  modprobe:
-    name: loop
-    state: present
-
-- name: loop mount iso images
-  mount:
-    path: "/var/lib/tftpboot/d-i/n-live/{{ item.key }}"
-    src: "/var/cache/di-netboot-assistant/{{ item.value }}"
-    fstype: iso9660
-    opts: loop,ro,nofail
-    state: mounted
-  loop:
-    "{{ live_iso | dict2items }}"
-  notify: rebuild di-netboot menu
-
-- name: prepare http downloads
-  file:
-    src: "/var/lib/tftpboot/d-i/"
-    dest: "/var/www/html/d-i"
-    state: link
-
-- name: export live image squashfs
-  lineinfile:
-    path: /etc/exports
-    line: "/var/lib/tftpboot/d-i/n-live/ *(ro,crossmnt,no_subtree_check)"
-  notify: export nfs
-
-- name: configure ipxe boot menu address and headline
-  replace:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    regexp: "{{ item.reg }}"
-    replace: "{{ item.rep }}"
-  loop:
-    - reg: '^set 210:string .+$'
-      rep: 'set 210:string http://{{ ansible_default_ipv4.address }}/'
-    - reg: '^#(item --gap -- -- Customized Boot Entries.*)$'
-      rep: '\1'
-  notify: rebuild di-netboot menu
-
-- name: configure grub boot menu addresses
-  lineinfile:
-    path: /etc/di-netboot-assistant/grub.cfg.HEAD
-    line: "{{ item.line }}"
-    regexp: "{{ item.reg }}"
-  loop:
-    - line: "set root=(http,{{ ansible_default_ipv4.address }})"
-      reg: "^set root="
-    - line: "set pxe_default_server={{ ansible_default_ipv4.address }}"
-      reg: "^set pxe_default_server="
-  notify: rebuild di-netboot menu
-
-- name: prepare debian live nfs boot entry title
-  lineinfile:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    insertafter: '-- Customized Boot Entries --'
-    line: "item {{ item.key }} Debian GNU/Linux {{ item.key }} NFS"
-  loop:
-    "{{ live_iso | dict2items }}"
-  notify: rebuild di-netboot menu
-
-- name: find kernel version
-  shell:
-    cmd: >-
-      basename /var/lib/tftpboot/d-i/n-live/{{ item.key }}/live/vmlinuz*
-      | sed "s/vmlinuz-//"
-  register: images
-  changed_when: false
-  loop:
-    "{{ live_iso | dict2items }}"
-
-- name: prepare debian live boot loader ipxe
-  blockinfile:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.key }}"
-    block: |
-      :{{ item.item.key }}
-          echo Booting Debian GNU/Linux {{ item.item.key }} NFS
-          kernel ${210:string}d-i/n-live/{{ item.item.key }}/live/vmlinuz-{{ item.stdout }} \
-          initrd=initrd.img-{{ item.stdout }} {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.key }}/
-          initrd ${210:string}d-i/n-live/{{ item.item.key }}/live/initrd.img-{{ item.stdout }}
-          boot
-  loop:
-    "{{ images.results }}"
-  notify: rebuild di-netboot menu
-
-- name: prepare debian live boot loader grub
-  blockinfile:
-    path: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: "^menuentry 'Boot from local disk..'"
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.key }}"
-    block: |
-      menuentry 'Debian GNU/Linux Live {{ item.item.key }} NFS' {
-          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.key }}/live/vmlinuz-{{ item.stdout }} \
-          {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.key }}/
-          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.key }}/live/initrd.img-{{ item.stdout }}
-      }
-  loop:
-    "{{ images.results }}"
-  notify: rebuild di-netboot menu
diff --git a/roles/dhcp6radvdatftp/handlers/main.yml b/roles/dhcp6radvdatftp/handlers/main.yml
deleted file mode 100644
index 897fb0d..0000000
--- a/roles/dhcp6radvdatftp/handlers/main.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- name: restart radvd
-  systemd:
-    name: radvd.service
-    state: restarted
-    enabled: true
-  listen: restart radvd
-
-- name: restart kea-dhcp6-server
-  systemd:
-    name: kea-dhcp6-server.service
-    state: restarted
-    enabled: true
-  listen: restart kea-dhcp6-server
-
-- name: restart network interfaces
-  systemd:
-    name: networking
-    state: restarted
-  listen: reconfigure network
diff --git a/roles/dhcp6radvdatftp/tasks/main.yml b/roles/dhcp6radvdatftp/tasks/main.yml
deleted file mode 100644
index 17ecd17..0000000
--- a/roles/dhcp6radvdatftp/tasks/main.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-## DHCPv6, RAs and TFTP
----
-- name: preseed aftpd
-  debconf:
-    name: atftpd
-    question: atftpd/basedir
-    value: /var/lib/tftpboot
-    vtype: string
-
-- name: install di-netboot-assistant and installer package
-  apt:
-    name:
-      - kea-dhcp6-server
-      - radvd
-      - atftpd
-    state: latest # noqa package-latest
-
-- name: configure radvd
-  template:
-    src: radvd.conf.j2
-    dest: /etc/radvd.conf
-    mode: 0644
-  notify: restart radvd
-
-- name: configure kea-dhcp-server
-  template:
-    src: kea-dhcp6.conf.j2
-    dest: /etc/kea/kea-dhcp6.conf
-    mode: 0644
-  notify: restart kea-dhcp6-server
-
-- name: set IPv6 address on interface
-  blockinfile:
-    path: /etc/network/interfaces
-    block: |
-      allow-hotplug {{ if_lan }}
-      iface {{ if_lan }} inet6 static
-         address 2001:db8:b001::1/64
-  notify: reconfigure network
diff --git a/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2 b/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
deleted file mode 100644
index 305bde1..0000000
--- a/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-   "Dhcp6": {
-      "interfaces-config": {
-         "interfaces": [ "{{ if_lan }}" ]
-      },
-      "option-data": [
-         {
-            "name": "bootfile-url",
-            "data": "tftp://[2001:db8:b001::1]/d-i/n-a/grubx64.efi"
-         }
-      ],
-      "subnet6": [
-         {
-            "subnet": "2001:db8:b001::/64",
-            "pools": [ { "pool": "2001:db8:b001::2 - 2001:db8:b001::ffff" } ],
-            "interface": "enp1s0"
-         }
-      ]
-   }
-}
diff --git a/roles/dhcp6radvdatftp/templates/radvd.conf.j2 b/roles/dhcp6radvdatftp/templates/radvd.conf.j2
deleted file mode 100644
index 2d52dc2..0000000
--- a/roles/dhcp6radvdatftp/templates/radvd.conf.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-interface {{ if_lan }}
-{
-   AdvSendAdvert on;
-   AdvManagedFlag on;
-   AdvOtherConfigFlag on;
-
-   prefix {{ prefix }}
-   {
-   };
-};
diff --git a/roles/dnsdhcptftp/defaults/main.yml b/roles/dnsdhcptftp/defaults/main.yml
deleted file mode 100644
index d91fadf..0000000
--- a/roles/dnsdhcptftp/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-name_servers: ns1.{{ ansible_domain }}
diff --git a/roles/dnsdhcptftp/handlers/main.yml b/roles/dnsdhcptftp/handlers/main.yml
deleted file mode 100644
index 1f48f0f..0000000
--- a/roles/dnsdhcptftp/handlers/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: restart isc-dhcp-server
-  systemd: name=isc-dhcp-server state=restarted enabled=yes
-  listen: restart isc-dhcp-server
-
-- name: restart bind
-  systemd: name=bind9 state=restarted enabled=yes
-  listen: restart bind
-
-- name: restart tftpd-hpa
-  systemd: name=tftpd-hpa state=restarted enabled=yes
-  listen: restart tftpd-hpa
-
-- name: restart dhcp-client
-  systemd: name=ifup@{{ if_wan }} state=restarted enabled=yes
-  listen: restart dhcp-client
diff --git a/roles/dnsdhcptftp/tasks/main.yml b/roles/dnsdhcptftp/tasks/main.yml
deleted file mode 100644
index 8eb02e3..0000000
--- a/roles/dnsdhcptftp/tasks/main.yml
+++ /dev/null
@@ -1,100 +0,0 @@
----
-- name: preseed tftpd-hpa
-  debconf:
-    name: tftpd-hpa
-    question: tftpd-hpa/directory
-    value: /var/lib/tftpboot
-    vtype: string
-
-- name: install tftpd, dhcpd and named packages
-  apt:
-    name:
-      - isc-dhcp-server
-      - tftpd-hpa
-      - bind9
-    state: latest # noqa package-latest
-
-## FIXME: preseeding seems to be ignored
-- name: configure TFTP root directory
-  replace:
-    path: /etc/default/tftpd-hpa
-    regexp: '^TFTP_DIRECTORY=".*"$'
-    replace: 'TFTP_DIRECTORY="/var/lib/tftpboot"'
-  notify: restart tftpd-hpa
-
-- name: serve dhcp on LAN interface
-  replace:
-    path: /etc/default/isc-dhcp-server
-    regexp: '^INTERFACESv4=".*"$'
-    replace: 'INTERFACESv4="{{ if_lan }}"'
-  notify: restart isc-dhcp-server
-
-- name: deploy config files for isc-dhcp-server
-  template:
-    src: dhcpd.conf.j2
-    dest: /etc/dhcp/dhcpd.conf
-    mode: 0644
-    backup: true
-  notify: restart isc-dhcp-server
-
-- name: deploy config files for bind9
-  template:
-    src: "{{ item.src }}.j2"
-    dest: "/etc/bind/{{ item.dest }}"
-    mode: 0644
-  loop:
-    - src: db.RR
-      dest: "db.{{ ansible_domain }}"
-    - src: db.RRinv
-      dest: "db.{{ ipaddr_lan_threeoct }}"
-    - src: localzones
-      dest: localzones
-  notify: restart bind
-
-- name: link zone files to writeable directory for DDNS
-  file:
-    src: "/etc/bind/{{ item }}"
-    dest: "/var/lib/bind/{{ item }}"
-    state: link
-  loop:
-    - "db.{{ ansible_domain }}"
-    - "db.{{ ipaddr_lan_threeoct }}"
-  notify: restart bind
-
-- name: enable local bind config
-  lineinfile:
-    path: /etc/bind/named.conf.local
-    line: 'include "/etc/bind/localzones";'
-  notify: restart bind
-
-- name: adapt resolv.conf
-  template:
-    src: resolv.conf.j2
-    dest: /etc/resolv.conf
-    mode: 0644
-  notify: restart isc-dhcp-server
-
-## stop dhclient from overwriting /etc/resolv.conf:
-- name: supersede dhcp client data
-  blockinfile:
-    dest: /etc/dhcp/dhclient.conf
-    block: |
-      supersede domain-search "{{ ansible_domain }}";
-      supersede domain-name-servers 127.0.0.1;
-    insertbefore: "#send dhcp-client-identifier.*"
-  notify: restart dhcp-client
-
-- name: generate rndc key
-  command:
-    cmd: rndc-confgen -a
-    creates: /etc/bind/rndc.key
-
-- name: copy rndc key
-  copy:
-    src: /etc/bind/rndc.key
-    dest: /etc/dhcp/
-    owner: root
-    group: root
-    mode: 0640
-    remote_src: true
-  notify: restart isc-dhcp-server
diff --git a/roles/dnsdhcptftp/templates/db.RR.j2 b/roles/dnsdhcptftp/templates/db.RR.j2
deleted file mode 100644
index 3bc6776..0000000
--- a/roles/dnsdhcptftp/templates/db.RR.j2
+++ /dev/null
@@ -1,17 +0,0 @@
-$TTL 500
-@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
-                                1          ; Serial
-                                3600       ; Refresh
-                                1800       ; Retry
-                                720000     ; Expire
-                                6400 )     ; Negative Cache TTL
-;
-@                       NS      {{ ansible_fqdn }}.
-                        MX      10 {{ ansible_fqdn }}.
-{{ ansible_hostname }}                  A       {{ ipaddr_lan | ipaddr("address") }}
-_ldap._tcp              SRV     100 0 389 {{ ansible_fqdn }}.
-ns1                     CNAME   {{ ansible_fqdn }}.
-ns2                     CNAME   {{ ansible_fqdn }}.
-aptcache                CNAME   {{ ansible_fqdn }}.
-homes                   CNAME   {{ ansible_fqdn }}.
-ldap                    CNAME   {{ ansible_fqdn }}.
diff --git a/roles/dnsdhcptftp/templates/db.RRinv.j2 b/roles/dnsdhcptftp/templates/db.RRinv.j2
deleted file mode 100644
index 3f942c1..0000000
--- a/roles/dnsdhcptftp/templates/db.RRinv.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-$TTL 500
-@               IN      SOA     {{ ansible_fqdn }}. root.{{ ansible_domain }}. (
-                                1          ; Serial
-                                3600       ; Refresh
-                                1800       ; Retry
-                                720000     ; Expire
-                                6400 )     ; Negative Cache TTL
-;
-@                       NS      {{ ansible_fqdn }}.
-                        MX      10 {{ ansible_fqdn }}.
-{{ ipaddr_lan | ipaddr("address") | regex_replace("^.*\.(.+$)", "\\1") }}                      PTR     {{ ansible_fqdn }}.
diff --git a/roles/dnsdhcptftp/templates/dhcpd.conf.j2 b/roles/dnsdhcptftp/templates/dhcpd.conf.j2
deleted file mode 100644
index 1096ab3..0000000
--- a/roles/dnsdhcptftp/templates/dhcpd.conf.j2
+++ /dev/null
@@ -1,139 +0,0 @@
-# dhcpd.conf
-#
-# Sample configuration file for ISC dhcpd
-#
-
-# option definitions common to all supported networks...
-option domain-name "{{ ansible_domain }}";
-option domain-name-servers {{ name_servers }};
-
-default-lease-time 600;
-max-lease-time 7200;
-
-# The ddns-updates-style parameter controls whether or not the server will
-# attempt to do a DNS update when a lease is confirmed. We default to the
-# behavior of the version 2 packages ('none', since DHCP v2 didn't
-# have support for DDNS.)
-#ddns-update-style none;
-
-use-host-decl-names on;
-ddns-update-style standard;
-
-include "/etc/dhcp/rndc.key";
-
-zone {{ ansible_domain }}. {
-  primary 127.0.0.1;
-  key rndc-key;
-}
-
-zone {{ ipaddr_lan_ptr }} {
-  primary 127.0.0.1;
-  key rndc-key;
-}
-
-
-# If this DHCP server is the official DHCP server for the local
-# network, the authoritative directive should be uncommented.
-authoritative;
-
-# Use this to send dhcp log messages to a different log file (you also
-# have to hack syslog.conf to complete the redirection).
-#log-facility local7;
-
-## The tftpd server IP address, for all clients.
-next-server {{ ipaddr_lan | ipaddr("address") }};
-
-option arch code 93 = unsigned integer 16;
-if option arch = 00:07 {
-      filename "d-i/n-a/bootnetx64.efi";
-} else {
-      filename "d-i/n-a/pxelinux.0";
-}
-
-subnet {{ ipaddr_lan | ipaddr("network") }} netmask {{ ipaddr_lan | ipaddr("netmask") }} {
-      option routers {{ ipaddr_lan | ipaddr("address") }};
-      range {{ dhcp_start }} {{ dhcp_stop }};
-}
-
-
-# No service will be given on this subnet, but declaring it helps the
-# DHCP server to understand the network topology.
-
-#subnet 10.152.187.0 netmask 255.255.255.0 {
-#}
-
-# This is a very basic subnet declaration.
-
-#subnet 10.254.239.0 netmask 255.255.255.224 {
-#  range 10.254.239.10 10.254.239.20;
-#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
-#}
-
-# This declaration allows BOOTP clients to get dynamic addresses,
-# which we don't really recommend.
-
-#subnet 10.254.239.32 netmask 255.255.255.224 {
-#  range dynamic-bootp 10.254.239.40 10.254.239.60;
-#  option broadcast-address 10.254.239.31;
-#  option routers rtr-239-32-1.example.org;
-#}
-
-# A slightly different configuration for an internal subnet.
-#subnet 10.5.5.0 netmask 255.255.255.224 {
-#  range 10.5.5.26 10.5.5.30;
-#  option domain-name-servers ns1.internal.example.org;
-#  option domain-name "internal.example.org";
-#  option routers 10.5.5.1;
-#  option broadcast-address 10.5.5.31;
-#  default-lease-time 600;
-#  max-lease-time 7200;
-#}
-
-# Hosts which require special configuration options can be listed in
-# host statements.   If no address is specified, the address will be
-# allocated dynamically (if possible), but the host-specific information
-# will still come from the host declaration.
-
-#host passacaglia {
-#  hardware ethernet 0:0:c0:5d:bd:95;
-#  filename "vmunix.passacaglia";
-#  server-name "toccata.example.com";
-#}
-
-# Fixed IP addresses can also be specified for hosts.   These addresses
-# should not also be listed as being available for dynamic assignment.
-# Hosts for which fixed IP addresses have been specified can boot using
-# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
-# be booted with DHCP, unless there is an address range on the subnet
-# to which a BOOTP client is connected which has the dynamic-bootp flag
-# set.
-#host fantasia {
-#  hardware ethernet 08:00:07:26:c0:a5;
-#  fixed-address fantasia.example.com;
-#}
-
-# You can declare a class of clients and then do address allocation
-# based on that.   The example below shows a case where all clients
-# in a certain class get addresses on the 10.17.224/24 subnet, and all
-# other clients get addresses on the 10.0.29/24 subnet.
-
-#class "foo" {
-#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
-#}
-
-#shared-network 224-29 {
-#  subnet 10.17.224.0 netmask 255.255.255.0 {
-#    option routers rtr-224.example.org;
-#  }
-#  subnet 10.0.29.0 netmask 255.255.255.0 {
-#    option routers rtr-29.example.org;
-#  }
-#  pool {
-#    allow members of "foo";
-#    range 10.17.224.10 10.17.224.250;
-#  }
-#  pool {
-#    deny members of "foo";
-#    range 10.0.29.10 10.0.29.230;
-#  }
-#}
diff --git a/roles/dnsdhcptftp/templates/localzones.j2 b/roles/dnsdhcptftp/templates/localzones.j2
deleted file mode 100644
index e71d0a7..0000000
--- a/roles/dnsdhcptftp/templates/localzones.j2
+++ /dev/null
@@ -1,17 +0,0 @@
-include "/etc/bind/rndc.key";
-
-zone "{{ ipaddr_lan_ptr[:-1] }}" {
-        type master;
-        notify no;
-        file "/etc/bind/db.{{ ipaddr_lan_threeoct }}";
-        journal "/var/lib/bind/db.{{ ipaddr_lan_threeoct }}.jnl";
-        allow-update { key rndc-key; };
-};
-
-zone "{{ ansible_domain }}" {
-        type master;
-        notify no;
-        file "/etc/bind/db.{{ ansible_domain }}";
-        journal "/var/lib/bind/db.{{ ansible_domain }}.jnl";
-        allow-update { key rndc-key; };
-};
diff --git a/roles/dnsdhcptftp/templates/resolv.conf.j2 b/roles/dnsdhcptftp/templates/resolv.conf.j2
deleted file mode 100644
index 36d45af..0000000
--- a/roles/dnsdhcptftp/templates/resolv.conf.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-search {{ ansible_domain }}.
-nameserver 127.0.0.1
diff --git a/roles/dnsmasq/handlers/main.yml b/roles/dnsmasq/handlers/main.yml
deleted file mode 100644
index f549f18..0000000
--- a/roles/dnsmasq/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: restart dnsmasq
-  service: name=dnsmasq state=restarted enabled=yes
-  listen: "restart dnsmasq"
diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml
deleted file mode 100644
index 00f73a6..0000000
--- a/roles/dnsmasq/tasks/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- name: check if dnsmasq is already there
-  stat: path=/etc/dnsmasq.d/dnsmasq-dhcp
-  register: dnsmasq
-
-- name: install dnsmasq package
-  apt:
-    name:
-      - dnsmasq
-      - resolvconf
-    state: latest # noqa package-latest
-
-- name: configure dnsmasq dhcp
-  template:
-    src: dnsmasq-dhcp.j2
-    dest: /etc/dnsmasq.d/dnsmasq-dhcp
-    mode: 0644
-  notify: "restart dnsmasq"
-
-- name: configure dnsmasq tftp
-  template:
-    src: dnsmasq-tftp-netboot-installer.j2
-    dest: /etc/dnsmasq.d/tftp-netboot-installer
-    mode: 0644
-  notify: "restart dnsmasq"
diff --git a/roles/dnsmasq/templates/dnsmasq-dhcp.j2 b/roles/dnsmasq/templates/dnsmasq-dhcp.j2
deleted file mode 100644
index 77201cf..0000000
--- a/roles/dnsmasq/templates/dnsmasq-dhcp.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-interface={{ if_lan }}
-dhcp-range={{ dhcp_start }},{{ dhcp_stop }},2h
-# dhcp-generate-names ## better use grub to generate names
diff --git a/roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2 b/roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2
deleted file mode 100644
index 2289ac9..0000000
--- a/roles/dnsmasq/templates/dnsmasq-tftp-netboot-installer.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-enable-tftp
-tftp-root={{ tftp_root }}
-dhcp-boot=d-i/n-a/pxelinux.0
-dhcp-match=set:efi-x86_64,option:client-arch,7
-dhcp-boot=tag:efi-x86_64,d-i/n-a/bootnetx64.efi
diff --git a/roles/educontainer/defaults/main.yml b/roles/educontainer/defaults/main.yml
deleted file mode 100644
index b58b8b7..0000000
--- a/roles/educontainer/defaults/main.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-## generate most of this list with 'tasksel --task-packages standard'
-cont_packages:
-  - systemd-container
-  - openssh-server
-  - sudo
-  - python3
-  - auto-apt-proxy
-  - bash-completion
-  - ca-certificates
-  - man-db
-  - manpages
-
-cont_packages_extra: []
diff --git a/roles/educontainer/handlers/main.yml b/roles/educontainer/handlers/main.yml
deleted file mode 100644
index 70b52ec..0000000
--- a/roles/educontainer/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: enable and restart containers
-  systemd:
-    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
-    state: restarted
-    enabled: true
-  loop: "{{ containers }}"
-  listen: enable and restart containers
diff --git a/roles/educontainer/tasks/main.yml b/roles/educontainer/tasks/main.yml
deleted file mode 100644
index d5dfc93..0000000
--- a/roles/educontainer/tasks/main.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-## Prepare minimal systemd-nspawn containers for educational use.
-##
-## Port mapping to the host:
-##
-##  container 0: ssh → host port 10000,  HTTP → 10100
-##  container 1: ssh → host port 10001,  HTTP → 10101
-##     ...                        ...            ...
-##
-##  User '{{ contuser }}' in the sudo group.  Password is '{{ contpwd }}'.
-##
-
-- name: stop all containers
-  systemd:
-    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
-    state: stopped
-  loop: "{{ containers | reverse }}"
-  tags:
-    - never
-    - stop
-    - reset
-    - purge
-    - setup
-    - restart
-
-- name: purge all containers
-  command:
-    cmd: machinectl remove {{ contname }}{{ "%02d" | format(item|int) }}
-    removes: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
-  loop: "{{ containers | reverse }}"
-  tags:
-    - never
-    - purge
-    - setup
-
-- name: remove container overlay
-  file:
-    path: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta
-    state: absent
-  loop: "{{ containers | reverse }}"
-  tags:
-    - never
-    - reset
-    - purge
-    - setup
-
-- name: start all containers
-  systemd:
-    name: systemd-nspawn@{{ contname }}{{ "%02d" | format(item|int) }}.service
-    state: started
-  loop: "{{ containers | reverse }}"
-  tags:
-    - never
-    - start
-    - reset
-    - restart
-
-###########
-
-- name: check if container template exists
-  ansible.builtin.stat:
-    path: "/var/lib/machines/{{ contname }}00"
-  register: cont
-  tags:
-    - always
-
-- name: import setup.yml tasks
-  import_tasks: setup.yml
-  when: cont.stat.isdir is not defined
-  tags:
-    - always
diff --git a/roles/educontainer/tasks/setup.yml b/roles/educontainer/tasks/setup.yml
deleted file mode 100644
index aa117ee..0000000
--- a/roles/educontainer/tasks/setup.yml
+++ /dev/null
@@ -1,181 +0,0 @@
----
-
-- name: install packages
-  apt:
-    name:
-      - systemd-container
-      - debootstrap
-      - auto-apt-proxy
-    state: latest # noqa package-latest
-
-- name: prepare machine directory
-  file:
-    path: /var/lib/machines/
-    state: directory
-    mode: 0700
-
-- name: debootstrap base system
-  command:
-    cmd: >
-      auto-apt-proxy debootstrap
-      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
-      --components=main,contrib,non-free stable
-      {{ contname }}00 http://deb.debian.org/debian
-  args:
-    chdir: /var/lib/machines/
-    creates: /var/lib/machines/{{ contname }}00
-  notify: enable and restart containers
-
-- name: provide complete apt sources
-  copy:
-    src: /etc/apt/sources.list
-    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
-    mode: 0644
-    remote_src: true
-
-- name: configure locale
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/profile
-    line: 'export LANG=C'
-
-## Use 'chroot' here instead of 'systemd-nspawn -D …' to make it work
-## with ansible-pull in the preseed debian installer:
-- name: upgrade container
-  command:
-    cmd: "{{ item }}"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  loop:
-    - mount --bind /proc proc
-    - mount --bind /sys sys
-    - mount --bind /dev/pts dev/pts
-    - chroot . sh -c '/usr/bin/apt-get update && DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get full-upgrade --yes'
-    - umount proc sys dev/pts
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.')
-
-- name: provide {{ contuser }} user account
-  command:
-    cmd: >
-      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash
-      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
-  register: user_account
-
-- name: provide empty password for {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "passwd -d {{ contuser }}"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(false) and contpwd | length == 0
-
-- name: provide password for container {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(true) and contpwd | length > 0
-
-- name: allow empty passwords in ssh
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
-    insertafter: '#PermitEmptyPasswords no'
-    line: 'PermitEmptyPasswords yes'
-  when: user_account.changed | default(false) and contpwd | length == 0
-
-- name: prepare directories
-  file:
-    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
-    state: directory
-    mode: 0755
-  loop:
-    - multi-user.target.wants
-    - sockets.target.wants
-    - network-online.target.wants
-  notify: enable and restart containers
-
-- name: enable systemd-networkd service
-  file:
-    src: /lib/systemd/system/{{ item.src }}
-    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
-    state: link
-    follow: false
-    force: true
-  loop:
-    - src: systemd-networkd.service
-      dest: dbus-org.freedesktop.network1.service
-    - src: systemd-networkd.service
-      dest: multi-user.target.wants/systemd-networkd.service
-    - src: systemd-networkd.socket
-      dest: sockets.target.wants/systemd-networkd.socket
-    - src: systemd-networkd-wait-online.service
-      dest: network-online.target.wants/systemd-networkd-wait-online.service
-  notify: enable and restart containers
-
-- name: enable systemd-resolved in containers
-  file:
-    src: /lib/systemd/system/{{ item.src }}
-    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
-    state: link
-    follow: false
-    force: true
-  loop:
-    - src: systemd-resolved.service
-      dest: dbus-org.freedesktop.resolve1.service
-    - src: systemd-resolved.service
-      dest: multi-user.target.wants/systemd-resolved.service
-  notify: enable and restart containers
-
-########
-- name: prepare local sysctl config file
-  copy:
-    content: "# Avoid 'too many open files' error:"
-    dest: /etc/sysctl.d/inotify.conf
-    mode: 0644
-    force: false
-
-- name: fix too many open files error
-  sysctl:
-    name: fs.inotify.max_user_instances
-    value: '1024'
-    sysctl_file: /etc/sysctl.d/inotify.conf
-
-- name: generate links to the initial container
-  file:
-    src: "{{ contname }}00"
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
-    state: link
-  loop: "{{ containers[1:] }}"
-  notify: enable and restart containers
-
-- name: prepare nspawn config directory
-  file:
-    path: /etc/systemd/nspawn
-    state: directory
-    mode: 0755
-
-- name: provide container configuration
-  template:
-    src: contcfg.nspawn.j2
-    dest: /etc/systemd/nspawn/{{ contname }}{{ "%02d" | format(item|int) }}.nspawn
-    mode: 0644
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
-- name: provide container hostname file
-  template:
-    src: hostname.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
-    mode: 0644
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
-- name: provide container hosts file
-  template:
-    src: hosts.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
-    mode: 0644
-  loop: "{{ containers }}"
-  notify: enable and restart containers
diff --git a/roles/educontainer/templates/contcfg.nspawn.j2 b/roles/educontainer/templates/contcfg.nspawn.j2
deleted file mode 100644
index 9f8b5ea..0000000
--- a/roles/educontainer/templates/contcfg.nspawn.j2
+++ /dev/null
@@ -1,15 +0,0 @@
-[Exec]
-Capability=CAP_NET_ADMIN
-ResolvConf=copy-host
-
-[Network]
-Port=10{{ "%03d" | format(item|int) }}:22
-Port=10{{ "%03d" | format(item|int + 100) }}:80
-Port=10{{ "%03d" | format(item|int + 200) }}:443
-
-[Files]
-ReadOnly=yes
-Overlay=+/:/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}-delta:/
-PrivateUsersChown=false
-BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname:/etc/hostname
-BindReadOnly=/var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts:/etc/hosts
diff --git a/roles/educontainer/templates/hostname.j2 b/roles/educontainer/templates/hostname.j2
deleted file mode 100644
index 3c3ac55..0000000
--- a/roles/educontainer/templates/hostname.j2
+++ /dev/null
@@ -1 +0,0 @@
-{{ contname }}{{ "%02d" | format(item|int) }}
diff --git a/roles/educontainer/templates/hosts.j2 b/roles/educontainer/templates/hosts.j2
deleted file mode 100644
index 9767fea..0000000
--- a/roles/educontainer/templates/hosts.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-127.0.0.1       localhost {{ contname }}{{ "%02d" | format(item|int) }}
-::1             localhost {{ contname }}{{ "%02d" | format(item|int) }} ip6-localhost ip6-loopback
-ff02::1         ip6-allnodes
-ff02::2         ip6-allrouters
diff --git a/roles/edulive/defaults/main.yml b/roles/edulive/defaults/main.yml
deleted file mode 100644
index 5834054..0000000
--- a/roles/edulive/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-build_dir: /opt/live-build/
diff --git a/roles/edulive/files/gnome-edu/README b/roles/edulive/files/gnome-edu/README
deleted file mode 100644
index 83e60e3..0000000
--- a/roles/edulive/files/gnome-edu/README
+++ /dev/null
@@ -1,2 +0,0 @@
-This config space is based on:
-  https://salsa.debian.org/live-team/live-images/-/tree/debian/images/gnome-desktop
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/auto/build b/roles/edulive/files/gnome-edu/auto/build
deleted file mode 100755
index f8d8346..0000000
--- a/roles/edulive/files/gnome-edu/auto/build
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-set -e
-
-lb build noauto "${@}" 2>&1 | tee build.log
diff --git a/roles/edulive/files/gnome-edu/auto/clean b/roles/edulive/files/gnome-edu/auto/clean
deleted file mode 100755
index 4b8ccaa..0000000
--- a/roles/edulive/files/gnome-edu/auto/clean
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-set -e
-
-lb clean noauto "${@}"
-
-rm -f config/binary config/bootstrap config/chroot config/common config/source
-rm -f config/control
-
-rm -f build.log
diff --git a/roles/edulive/files/gnome-edu/auto/config b/roles/edulive/files/gnome-edu/auto/config
deleted file mode 100755
index 96e38d3..0000000
--- a/roles/edulive/files/gnome-edu/auto/config
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-set -e
-
-lb config noauto \
-	--clean \
-	--cache false \
-	--net-tarball false \
-	--ignore-system-defaults \
-	--distribution bullseye \
-	--binary-images netboot \
-	--mode debian \
-	--backports true \
-	--linux-packages linux-image \
-	--archive-areas "main contrib non-free" \
-	--mirror-bootstrap http://localhost:3142/deb.debian.org/debian/ \
-	--mirror-chroot-security http://localhost:3142/security.debian.org/debian-security/ \
-"${@}"
diff --git a/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
deleted file mode 100755
index 16095e0..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/0001-plymouth-theme.hook.chroot
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-set -e
-
-if [ -e /usr/sbin/plymouth-set-default-theme ] && [ -e /usr/share/plymouth/themes/lines ]
-then
-	plymouth-set-default-theme lines
-fi
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
deleted file mode 120000
index 996f766..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/live/0010-disable-kexec-tools.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/live/0010-disable-kexec-tools.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
deleted file mode 120000
index 5ddf090..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/live/0050-disable-sysvinit-tmpfs.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
deleted file mode 100755
index a051368..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/live/0500-desktop.hook.chroot
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-
-set -e
-
-echo 'pref("browser.startup.homepage", "https://www.startpage.com");' >> /etc/firefox-esr/firefox-esr.js
-echo 'pref("network.proxy.type", 4);' >> /etc/firefox-esr/firefox-esr.js
-
-dconf update
-
-#sed -i "s/^/#/" /etc/xdg/user-dirs.defaults
-
-sed -i "s/^#WaylandEnable=false$/WaylandEnable=false/" /etc/gdm3/daemon.conf
-
-## workaround https://bugzilla.gnome.org/show_bug.cgi?id=730587
-#dpkg-divert --divert /usr/bin/gnome-keyring-daemon.bak --rename /usr/bin/gnome-keyring-daemon
diff --git a/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
deleted file mode 100755
index 13ce126..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/live/0600-wireshark.hook.chroot
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-set -e
-
-## allow everybody to run wireshark:
-chmod 0755 /usr/bin/dumpcap
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
deleted file mode 120000
index 58123fc..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0020-create-mtab-symlink.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0020-create-mtab-symlink.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
deleted file mode 120000
index c5ab625..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0030-enable-cryptsetup.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0030-enable-cryptsetup.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
deleted file mode 120000
index 036e7e0..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0040-create-locales-files.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0040-create-locales-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
deleted file mode 120000
index b0ccdb6..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0100-remove-adjtime-configuration.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
deleted file mode 120000
index 8b68c5c..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0110-remove-backup-files.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0110-remove-backup-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
deleted file mode 120000
index 4d55b27..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0120-remove-dbus-machine-id.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
deleted file mode 120000
index 54f6a9b..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0130-remove-gnome-icon-cache.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
deleted file mode 120000
index 2b99cec..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0140-remove-log-files.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0140-remove-log-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
deleted file mode 120000
index 0c3cd2f..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0150-remove-mdadm-configuration.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
deleted file mode 120000
index e57b8d2..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0160-remove-openssh-server-host-keys.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
deleted file mode 120000
index 858a942..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0170-remove-python-py.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0170-remove-python-py.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
deleted file mode 120000
index 6cecf66..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0180-remove-systemd-machine-id.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
deleted file mode 120000
index ada76d9..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0190-remove-temporary-files.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0190-remove-temporary-files.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
deleted file mode 120000
index 9fc0723..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0195-remove-ssl-cert-snakeoil.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
deleted file mode 120000
index f893dcc..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0200-remove-udev-persistent-cd-rules.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
deleted file mode 120000
index a6ee33d..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0300-remove-udev-persistent-net-rules.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
deleted file mode 120000
index 380fdcf..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0400-update-apt-file-cache.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0400-update-apt-file-cache.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
deleted file mode 120000
index dd7150e..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0410-update-apt-xapian-index.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0410-update-apt-xapian-index.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
deleted file mode 120000
index 4da25f8..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0420-update-glx-alternative.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0420-update-glx-alternative.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
deleted file mode 120000
index 13b49d7..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0430-update-mlocate-database.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0430-update-mlocate-database.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
deleted file mode 120000
index 0a65196..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0440-update-nvidia-alternative.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0440-update-nvidia-alternative.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot b/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
deleted file mode 120000
index 9d4f095..0000000
--- a/roles/edulive/files/gnome-edu/config/hooks/normal/0500-reproducible-glibc.hook.chroot
+++ /dev/null
@@ -1 +0,0 @@
-/usr/share/live/build/hooks/normal/0500-reproducible-glibc.hook.chroot
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
deleted file mode 100644
index 23408bc..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/gdm.d/00-login-screen
+++ /dev/null
@@ -1,8 +0,0 @@
-[org/gnome/login-screen]
-disable-user-list=true
-logo='/usr/share/desktop-base/debian-logos/logo-text-64.png'
-
-[org/gnome/settings-daemon/plugins/power]
-power-button-action='interactive'
-sleep-inactive-ac-timeout=600
-sleep-inactive-ac-type='interactive'
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
deleted file mode 100644
index ffde793..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/db/local.d/defaults
+++ /dev/null
@@ -1,34 +0,0 @@
-[org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'dash-to-dock@micxgx.gmail.com']
-
-[org/gnome/desktop/input-sources]
-sources=[('xkb', 'de'), ('xkb', 'us')]
-
-[org/gnome/desktop/wm/preferences]
-button-layout='appmenu:minimize,maximize,close'
-
-[org/gnome/desktop/peripherals/touchpad]
-natural-scroll=false
-edge-scrolling-enabled=true
-tap-to-click=true
-
-[org/gnome/nautilus/preferences]
-default-folder-viewer='list-view'
-
-[org/gnome/nautilus/list-view]
-use-tree-view=true
-
-[org/gnome/settings-daemon/plugins/power]
-power-button-action='interactive'
-sleep-inactive-battery-timeout=600
-sleep-inactive-battery-type='hibernate'
-sleep-inactive-ac-timeout=6000
-sleep-inactive-ac-type='nothing'
-
-[org/gnome/desktop/screensaver]
-lock-enabled=false
-
-[org/gnome/desktop/interface]
-clock-show-date=true
-clock-show-seconds=true
-clock-show-weekday=true
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
deleted file mode 100644
index c165d75..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/gdm
+++ /dev/null
@@ -1,3 +0,0 @@
-user-db:user
-system-db:gdm
-file-db:/usr/share/gdm/greeter.dconf-defaults
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
deleted file mode 100644
index aca0641..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/dconf/profile/user
+++ /dev/null
@@ -1,2 +0,0 @@
-user-db:user
-system-db:local
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
deleted file mode 100644
index 6a993f9..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/netboot.xml
+++ /dev/null
@@ -1,151 +0,0 @@
-<!--
-WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
-OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
-  virsh edit netboot
-or other application using the libvirt API.
--->
-
-<domain type='kvm'>
-  <name>netboot</name>
-  <uuid>60ea84db-de6c-493c-8e3f-8e9a99ee19c2</uuid>
-  <metadata>
-    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
-      <libosinfo:os id="http://debian.org/debian/11"/>
-    </libosinfo:libosinfo>
-  </metadata>
-  <memory unit='KiB'>2097152</memory>
-  <currentMemory unit='KiB'>2097152</currentMemory>
-  <vcpu placement='static'>2</vcpu>
-  <os>
-    <type arch='x86_64' machine='pc-q35-3.1'>hvm</type>
-    <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
-    <nvram>/var/lib/libvirt/qemu/nvram/netboot_VARS.fd</nvram>
-    <boot dev='network'/>
-  </os>
-  <features>
-    <acpi/>
-    <apic/>
-    <vmport state='off'/>
-  </features>
-  <cpu mode='host-model' check='partial'>
-    <model fallback='allow'/>
-  </cpu>
-  <clock offset='utc'>
-    <timer name='rtc' tickpolicy='catchup'/>
-    <timer name='pit' tickpolicy='delay'/>
-    <timer name='hpet' present='no'/>
-  </clock>
-  <on_poweroff>destroy</on_poweroff>
-  <on_reboot>restart</on_reboot>
-  <on_crash>destroy</on_crash>
-  <pm>
-    <suspend-to-mem enabled='no'/>
-    <suspend-to-disk enabled='no'/>
-  </pm>
-  <devices>
-    <emulator>/usr/bin/qemu-system-x86_64</emulator>
-    <controller type='usb' index='0' model='qemu-xhci' ports='15'>
-      <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
-    </controller>
-    <controller type='sata' index='0'>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
-    </controller>
-    <controller type='pci' index='0' model='pcie-root'/>
-    <controller type='virtio-serial' index='0'>
-      <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
-    </controller>
-    <controller type='pci' index='1' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='1' port='0x10'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
-    </controller>
-    <controller type='pci' index='2' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='2' port='0x11'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
-    </controller>
-    <controller type='pci' index='3' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='3' port='0x12'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
-    </controller>
-    <controller type='pci' index='4' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='4' port='0x13'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
-    </controller>
-    <controller type='pci' index='5' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='5' port='0x14'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
-    </controller>
-    <controller type='pci' index='6' model='pcie-root-port'>
-      <model name='pcie-root-port'/>
-      <target chassis='6' port='0x15'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
-    </controller>
-    <interface type='direct'>
-      <mac address='52:54:00:VMMAC'/>
-      <source dev='INTERFACE' mode='bridge'/>
-      <model type='virtio'/>
-      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
-    </interface>
-    <interface type='network'>
-      <mac address='52:54:00:46:a6:25'/>
-      <source network='default'/>
-      <model type='virtio'/>
-      <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
-    </interface>
-    <interface type='network'>
-      <mac address='52:54:00:5c:fc:08'/>
-      <source network='intern'/>
-      <model type='virtio'/>
-      <address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
-    </interface>
-    <serial type='pty'>
-      <target type='isa-serial' port='0'>
-        <model name='isa-serial'/>
-      </target>
-    </serial>
-    <console type='pty'>
-      <target type='serial' port='0'/>
-    </console>
-    <channel type='unix'>
-      <target type='virtio' name='org.qemu.guest_agent.0'/>
-      <address type='virtio-serial' controller='0' bus='0' port='1'/>
-    </channel>
-    <channel type='spicevmc'>
-      <target type='virtio' name='com.redhat.spice.0'/>
-      <address type='virtio-serial' controller='0' bus='0' port='2'/>
-    </channel>
-    <input type='tablet' bus='usb'>
-      <address type='usb' bus='0' port='1'/>
-    </input>
-    <input type='mouse' bus='ps2'/>
-    <input type='keyboard' bus='ps2'/>
-    <graphics type='spice' autoport='yes'>
-      <listen type='address'/>
-      <image compression='off'/>
-    </graphics>
-    <sound model='ich9'>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
-    </sound>
-    <video>
-      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
-      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
-    </video>
-    <redirdev bus='usb' type='spicevmc'>
-      <address type='usb' bus='0' port='2'/>
-    </redirdev>
-    <redirdev bus='usb' type='spicevmc'>
-      <address type='usb' bus='0' port='3'/>
-    </redirdev>
-    <memballoon model='virtio'>
-      <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
-    </memballoon>
-    <rng model='virtio'>
-      <backend model='random'>/dev/urandom</backend>
-      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
-    </rng>
-  </devices>
-</domain>
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
deleted file mode 120000
index 8339868..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/default.xml
+++ /dev/null
@@ -1 +0,0 @@
-../default.xml
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
deleted file mode 120000
index 08b61d4..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/autostart/intern.xml
+++ /dev/null
@@ -1 +0,0 @@
-../intern.xml
\ No newline at end of file
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
deleted file mode 100644
index a0e5425..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/libvirt/qemu/networks/intern.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<!--
-WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
-OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
-  virsh net-edit intern
-or other application using the libvirt API.
--->
-
-<network>
-  <name>intern</name>
-  <uuid>399d67ae-263b-4aeb-995d-fe0a44f00132</uuid>
-  <bridge name='virbr1' stp='on' delay='0'/>
-  <mac address='52:54:00:93:e1:ee'/>
-  <domain name='intern'/>
-</network>
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf b/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
deleted file mode 100644
index c038e6d..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/etc/sysctl.d/sysctl.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# Uncomment the following to stop low-level messages on console
-kernel.printk = 3 4 1 3
-
diff --git a/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC b/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
deleted file mode 100755
index 784d836..0000000
--- a/roles/edulive/files/gnome-edu/config/includes.chroot/lib/live/config/0001-VM-MAC
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-# Fix deployed VM config
-
-set -eu
-
-NIC="$(ip link | grep "^2: " | cut -d ' ' -f2 | sed "s/://")"
-MAC="$(ip link | grep -A1 "^2: " | grep -oE "[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2} " \
-	| sed "s/ //g")"
-
-sed -i -e "s/VMMAC/$MAC/g" -e "s/INTERFACE/$NIC/g" /etc/libvirt/qemu/netboot.xml
-
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
deleted file mode 100644
index 86881fe..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/desktop.list.chroot
+++ /dev/null
@@ -1,13 +0,0 @@
-task-gnome-desktop
-
-gnome-shell-extension-dashtodock
-gnome-shell-extension-dash-to-panel
-
-plymouth
-plymouth-x11
-
-gstreamer1.0-vaapi
-i965-va-driver
-
-## this confuses apt-cacher-ng:
-#auto-apt-proxy
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
deleted file mode 100644
index d73ed96..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/live-systems.list.chroot
+++ /dev/null
@@ -1,2 +0,0 @@
-live-manual
-live-tools
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
deleted file mode 100644
index 1e6ef96..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/live.list.chroot
+++ /dev/null
@@ -1,3 +0,0 @@
-live-boot
-live-config
-live-config-systemd
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
deleted file mode 100644
index f952ab0..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/localization.list.chroot
+++ /dev/null
@@ -1,2 +0,0 @@
-task-english
-task-german
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
deleted file mode 100644
index 2c90ba9..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/school.list.chroot
+++ /dev/null
@@ -1,100 +0,0 @@
-#
-# This file is linked to all desktop configurations.
-# Put desktop specific packages in the desktop specific file.
-#
-#webext-ublock-origin-firefox
-#webext-ublock-origin-chromium
-webext-ublock-origin
-webext-privacy-badger
-
-vim
-emacs
-vlc
-gimp
-inkscape
-bluefish
-
-openboard
-xournal
-
-freecad
-librecad
-kicad
-
-git
-mc
-tmux
-wireshark
-nmap
-netcat-openbsd
-net-tools
-thonny
-spyder
-ghex
-
-codeblocks
-gprolog
-qtcreator
-obs-studio
-
-mu-editor
-dia
-vym
-shellcheck
-xterm
-
-tree
-console-setup
-virt-manager
-sway
-
-task-german-desktop
-
-ssh-askpass-gnome
-keepassxc
-
-#nextcloud-desktop
-#nautilus-nextcloud
-#thunderbird
-#thunderbird-l10n-de
-
-#texlive
-#texlive-latex-extra
-#texlive-lang-german
-#texlive-science
-
-pdf-presenter-console
-
-libreoffice/bullseye-backports
-libreoffice-core/bullseye-backports
-libreoffice-common/bullseye-backports
-libreoffice-writer/bullseye-backports
-libreoffice-calc/bullseye-backports
-libreoffice-impress/bullseye-backports
-libreoffice-base/bullseye-backports
-libreoffice-base-drivers/bullseye-backports
-libreoffice-math/bullseye-backports
-libreoffice-report-builder-bin/bullseye-backports
-libreoffice-style-colibre/bullseye-backports
-libreoffice-gnome/bullseye-backports
-libreoffice-gtk3/bullseye-backports
-libreoffice-style-elementary/bullseye-backports
-libreoffice-help-common/bullseye-backports
-libreoffice-help-de/bullseye-backports
-libreoffice-java-common/bullseye-backports
-libreoffice-l10n-de/bullseye-backports
-libreoffice-nlpsolver/bullseye-backports
-libreoffice-report-builder/bullseye-backports
-libreoffice-script-provider-bsh/bullseye-backports
-libreoffice-script-provider-js/bullseye-backports
-libreoffice-script-provider-python/bullseye-backports
-libreoffice-sdbc-firebird/bullseye-backports
-libreoffice-sdbc-hsqldb/bullseye-backports
-libreoffice-sdbc-mysql/bullseye-backports
-libreoffice-sdbc-postgresql/bullseye-backports
-libreoffice-wiki-publisher/bullseye-backports
-
-python3-uno/bullseye-backports
-libuno-sal3/bullseye-backports
-fonts-opensymbol/bullseye-backports
-ure/bullseye-backports
diff --git a/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot b/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
deleted file mode 100644
index 094fbcf..0000000
--- a/roles/edulive/files/gnome-edu/config/package-lists/standard.list.chroot
+++ /dev/null
@@ -1,4 +0,0 @@
-! Packages Priority standard
-
-task-laptop
-task-ssh-server
diff --git a/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot b/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
deleted file mode 100644
index f885636..0000000
--- a/roles/edulive/files/gnome-edu/config/preseed/wireshark.cfg.chroot
+++ /dev/null
@@ -1 +0,0 @@
-wireshark-common wireshark-common/install-setuid boolean true
diff --git a/roles/edulive/files/livebuilder.service b/roles/edulive/files/livebuilder.service
deleted file mode 100644
index ccb12d2..0000000
--- a/roles/edulive/files/livebuilder.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Run livebuilder script
-
-[Service]
-Type=simple
-ExecStart=/usr/local/sbin/livebuilder.sh
diff --git a/roles/edulive/files/livebuilder.timer b/roles/edulive/files/livebuilder.timer
deleted file mode 100644
index 3051305..0000000
--- a/roles/edulive/files/livebuilder.timer
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Run livebuilder script weekly
-
-[Timer]
-OnCalendar=weekly
-Persistent=true
-AccuracySec=3h
-RandomizedDelaySec=3h
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/edulive/handlers/main.yml b/roles/edulive/handlers/main.yml
deleted file mode 100644
index 30aee83..0000000
--- a/roles/edulive/handlers/main.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: run the image build script
-  command:
-    cmd: livebuilder.sh
-  listen: run build script
-
-- name: enable timer for livebuilder
-  systemd:
-    name: livebuilder.timer
-    state: started
-    enabled: true
-  listen: enable livebuilder.timer
diff --git a/roles/edulive/tasks/main.yml b/roles/edulive/tasks/main.yml
deleted file mode 100644
index 4ffb7c8..0000000
--- a/roles/edulive/tasks/main.yml
+++ /dev/null
@@ -1,75 +0,0 @@
----
-- name: install packages
-  apt:
-    name:
-      - live-build
-    state: latest # noqa package-latest
-
-- name: prepare live-build directory
-  file:
-    path: "{{ build_dir }}"
-    state: directory
-    mode: 0755
-
-- name: copy build script
-  template:
-    src: livebuilder.sh
-    dest: /usr/local/sbin/
-    mode: 0755
-
-- name: provide service and timer for livebuilder
-  copy:
-    src: "{{ item }}"
-    dest: "/etc/systemd/system/{{ item }}"
-    mode: 0644
-  with_items:
-    - livebuilder.service
-    - livebuilder.timer
-  notify: "enable livebuilder.timer"
-
-- name: copy live-build configuration
-  copy:
-    src: "{{ item }}"
-    dest: "{{ build_dir }}"
-    local_follow: false
-    mode: preserve
-  loop: "{{ build_images }}"
-
-- name: prepare debian live nfs boot entry title
-  lineinfile:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    insertafter: '-- Customized Boot Entries --'
-    line: "item {{ item }} Debian GNU/Linux {{ item }} NFS"
-  loop:
-    "{{ build_images }}"
-  notify: rebuild di-netboot menu
-
-- name: prepare debian live boot loader ipxe
-  blockinfile:
-    path: /etc/di-netboot-assistant/ipxemenu.HEAD
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
-    block: |
-      :{{ item }}
-          echo Booting Debian GNU/Linux EDU LIVE NFS
-          kernel ${210:string}d-i/n-live/{{ item }}/live/vmlinuz \
-          initrd=initrd.img {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
-          initrd ${210:string}d-i/n-live/{{ item }}/live/initrd.img
-          boot
-  loop: "{{ build_images }}"
-  notify: rebuild di-netboot menu
-
-- name: prepare debian live boot loader grub
-  blockinfile:
-    path: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: "^menuentry 'Boot from local disk..'"
-    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }}"
-    block: |
-      menuentry 'Debian GNU/Linux Live {{ item }} NFS' {
-          linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item }}/live/vmlinuz \
-          {{ boot_params|join(' ') }} \
-          nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item }}/
-          initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item }}/live/initrd.img
-      }
-  loop: "{{ build_images }}"
-  notify: rebuild di-netboot menu
diff --git a/roles/edulive/templates/livebuilder.sh b/roles/edulive/templates/livebuilder.sh
deleted file mode 100644
index 92f7aab..0000000
--- a/roles/edulive/templates/livebuilder.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/usr/bin/bash
-#
-# build live images and copy kernel, initramfs and squashfs
-#
-
-set -eu
-
-BUILDD="{{ build_dir }}"
-
-run_build(){
-    local DEST="/var/lib/tftpboot/d-i/n-live/$1/live/"
-    cd "$BUILDD/$1"
-    [[ -d "$DEST" ]] || mkdir -vp "$DEST"
-
-    lb clean && lb config && lb build
-
-    for FILE in vmlinuz initrd.img filesystem.squashfs ; do
-        ln -vf "$BUILDD/$1/binary/live/$FILE" "$DEST"
-    done
-}
-
-## main:
-
-if ! auto-apt-proxy | grep -q 'http://127.0.0.1:3142' ; then
-    echo "Cannot find the local apt proxy needed to build live images."
-    exit 1
-fi
-
-for IMG in {{ build_images|join(' ') }} ; do
-    echo "=========== Building image $IMG ==========="
-    run_build $IMG
-done
diff --git a/roles/exam_homes/files/archive-homes b/roles/exam_homes/files/archive-homes
deleted file mode 100755
index b5932dc..0000000
--- a/roles/exam_homes/files/archive-homes
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/usr/bin/bash
-#
-# Backup and remove all student home directories.
-
-set -eu
-
-HDIRS='/home/'
-DIRS=()
-
-for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
-    H="$(basename $DIR)"
-    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
-	echo "Skipping home of '$H'."
-	continue
-    fi
-    DIRS+=("$DIR") 
-done
-[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
-
-tar czf "/var/backups/homes_$(date -I).tar.gz" -C "$HDIRS" \
-    -P --transform="s%$HDIRS%%" "${DIRS[@]}"
-rm -rf "${DIRS[@]}"
-echo "Archived and removed: ${DIRS[@]}"
diff --git a/roles/exam_homes/files/archive-homes.service b/roles/exam_homes/files/archive-homes.service
deleted file mode 100644
index 311a449..0000000
--- a/roles/exam_homes/files/archive-homes.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Archive students' home directories
-
-[Service]
-Type=simple
-ExecStart=/usr/local/sbin/archive-homes
diff --git a/roles/exam_homes/files/archive-homes.timer b/roles/exam_homes/files/archive-homes.timer
deleted file mode 100644
index 829e8f0..0000000
--- a/roles/exam_homes/files/archive-homes.timer
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Run archive script every night
-
-[Timer]
-OnCalendar=daily
-Persistent=true
-AccuracySec=3h
-RandomizedDelaySec=3h
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/exam_homes/files/copy2students b/roles/exam_homes/files/copy2students
deleted file mode 100755
index ad501c8..0000000
--- a/roles/exam_homes/files/copy2students
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/usr/bin/bash
-#
-# Copy content to all student home download directories.
-
-set -eu
-if [[ -z $@ ]] ; then
-    echo "Argument missing!"
-    exit 1
-fi
-
-HDIRS='/home/'
-DIRS=()
-
-for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
-    H="$(basename $DIR)"
-    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
-	echo "Skipping home of '$H'."
-	continue
-    fi
-    DIRS+=("$DIR")
-done
-[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
-
-for DIR in "${DIRS[@]}" ; do
-    cp -va $@ "$DIR/Downloads/"
-done
diff --git a/roles/exam_homes/files/examode.py b/roles/exam_homes/files/examode.py
deleted file mode 100755
index 459ef35..0000000
--- a/roles/exam_homes/files/examode.py
+++ /dev/null
@@ -1,75 +0,0 @@
-#!/usr/bin/python3
-
-import ldap
-from os import scandir
-
-HOME = '/home'
-BASE  = 'ou=schueler,ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3'
-#BASE  = 'ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3'
-LDAP = 'ldap://ldap.steinbeisschule-reutlingen.de'
-
-def fetch_ou(uid):
-    l = ldap.initialize(LDAP)
-    f = '(uid=' + uid + ')'
-    try:
-        return l.search_s(BASE,ldap.SCOPE_SUBTREE,f,['ou'])[0][1]['ou'][0].decode('utf-8')
-    except:
-        return None
-
-def fetch_uids(crs):
-    uids = []
-    l = ldap.initialize(LDAP)
-    #    if 'Abgang' in crs:
-    #        b = 'ou=Abgang,' + BASE
-    #    else:
-    #        b = 'ou=' + crs + ',' + BASE
-    b = BASE
-    r = l.search_s(b,ldap.SCOPE_SUBTREE,'(ou=' + crs + ')',['uid'])
-    for dn,entry in r:
-        if entry != {}:
-            uids.append(entry['uid'][0].decode('utf-8'))
-    return uids
-
-def assign_course(user, crs_uids, home):
-    c = fetch_ou(user)
-    print('Needed to fetch new course', c, 'for', user)
-    if c:
-        crs_uids[c] = fetch_uids(c)
-        home[user] = c
-    else:
-        print('No course for', user , 'found!')
-
-
-if __name__ == '__main__':
-    home = {}
-    with scandir(HOME) as it:
-        for entry in it:
-            if entry.is_dir() and entry.name != 'lost+found':
-                home[entry.name] = ''
-
-    crs_uids = {}
-    for user in home:
-        if crs_uids == {}:
-            assign_course(user, crs_uids, home)
-            continue
-        for k in crs_uids.keys():
-            if user in crs_uids[k]:
-                home[user] = k
-                break
-        else:
-            assign_course(user, crs_uids, home)
-
-    for usr in home:
-        print(usr, home[usr])
-
-
-    for crs in crs_uids.keys():
-        print(usr, home[usr])
-
-    for k, v in sorted(crs_uids.items()):
-        print(k, sorted(v))
-        for item in sorted(v):
-            try:
-                print(item, home[item])
-            except:
-                print('No home for', item, 'found.')
diff --git a/roles/exam_homes/files/fetchexam b/roles/exam_homes/files/fetchexam
deleted file mode 100755
index c28d0fc..0000000
--- a/roles/exam_homes/files/fetchexam
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/usr/bin/bash
-#
-# Backup and remove all student home directories.
-
-set -eu
-
-HDIRS='/home/'
-DIRS=()
-
-for DIR in $(find $HDIRS -maxdepth 1 -mindepth 1 -type d) ; do
-    H="$(basename $DIR)"
-    if [[ "$H" =~ ^L_ ]] || [[ "$H" =~ ansible ]] ; then
-	echo "Skipping home of '$H'."
-	continue
-    fi
-    DIRS+=("$DIR") 
-done
-[[ "${#DIRS[@]}" -eq 0 ]] && exit 0
-
-AR="homes_$(date -I).tar.gz"
-tar czf "$AR" -C "$HDIRS" --exclude='.[^/]*' \
-    -P --transform="s%$HDIRS%%" "${DIRS[@]}"
-echo "Create archive $AR containing: ${DIRS[@]}"
diff --git a/roles/exam_homes/files/mkDownloads b/roles/exam_homes/files/mkDownloads
deleted file mode 100755
index 556d376..0000000
--- a/roles/exam_homes/files/mkDownloads
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/bash
-#
-# Prepare Downloads directory.
-
-set -eu
-
-HDIRS='/home/'
-
-if [[ ! -d "$HDIRS/$PAM_USER/Downloads" ]] && [[ ! "$PAM_USER" =~ ^L_ ]] && \
-       [[ ! "$PAM_USER" =~ ansible ]] ; then
-    mkdir --mode=0777 "$HDIRS/$PAM_USER/Downloads"
-fi
diff --git a/roles/exam_homes/handlers/main.yml b/roles/exam_homes/handlers/main.yml
deleted file mode 100644
index 7db5f01..0000000
--- a/roles/exam_homes/handlers/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- name: enable archive-homes.timer
-  systemd:
-    name: archive-homes.timer
-    state: started
-    enabled: true
-  listen: enable archive-homes.timer
diff --git a/roles/exam_homes/tasks/main.yml b/roles/exam_homes/tasks/main.yml
deleted file mode 100644
index 784b0f8..0000000
--- a/roles/exam_homes/tasks/main.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-- name: enable pam_mkhomedir.so and pam_exec.so
-  lineinfile:
-    dest: /etc/pam.d/common-session
-    line: "{{ item }}"
-    insertbefore: "# end of pam-auth-update config"
-  loop:
-    - "session	optional	pam_mkhomedir.so  umask=0022"
-    - "session	optional	pam_exec.so /usr/local/sbin/mkDownloads"
-
-- name: deploy mkDownloads script
-  copy:
-    src: mkDownloads
-    dest: /usr/local/sbin/mkDownloads
-    mode: 0755
-
-# https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh
-- name: only allow sftp for most users
-  blockinfile:
-    dest: /etc/ssh/sshd_config.d/local.conf
-    create: true
-    block: |
-      Match User !L_*,!ansible,*
-         PermitTTY no
-         X11Forwarding no
-         AllowTcpForwarding no
-         AllowAgentForwarding no
-         ForceCommand internal-sftp
-
-- name: deploy archive home script
-  copy:
-    src: archive-homes
-    dest: /usr/local/sbin/archive-homes
-    mode: 0750
-
-- name: deploy archive home script service and timer
-  copy:
-    src: "{{ item }}"
-    dest: /etc/systemd/system/{{ item }}
-    mode: 0655
-  loop:
-    - archive-homes.service
-    - archive-homes.timer
-  notify: enable archive-homes.timer
-
-- name: deploy examode helper
-  copy:
-    src: examode.py
-    dest: /usr/local/bin/examode.py
-    mode: 0755
-
-- name: deploy exam scripts
-  copy:
-    src: "{{ item }}"
-    dest: "/usr/local/bin/{{ item }}"
-    mode: 0755
-  loop:
-    - copy2students
-    - fetchexam
diff --git a/roles/firewalld2if/handlers/main.yml b/roles/firewalld2if/handlers/main.yml
deleted file mode 100644
index 81201d4..0000000
--- a/roles/firewalld2if/handlers/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-- name: restart networking
-  command: ifup {{ if_lan }}
-  listen: "bring up LAN interface"
-  when: not run_in_installer|default(false)|bool
-
-- name: start firewalld
-  systemd: name=firewalld state=started enabled=yes
-  listen: "start firewalld"
-  when: not run_in_installer|default(false)|bool
diff --git a/roles/firewalld2if/tasks/main.yml b/roles/firewalld2if/tasks/main.yml
deleted file mode 100644
index 3147677..0000000
--- a/roles/firewalld2if/tasks/main.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-- name: add if_lan with static address
-  template:
-    src: interfaces-static.j2
-    dest: /etc/network/interfaces.d/static
-    mode: 0644
-  notify: "bring up LAN interface"
-
-- name: install firewalld package
-  apt: name=firewalld state=latest # noqa package-latest
-  notify: "start firewalld"
-
-- name: flush all handlers
-  meta: flush_handlers
-
-
-## Do not run the following in the installer:
-
-- name: add WAN interface to zone public
-  firewalld:
-    zone: public
-    interface: "{{ if_wan }}"
-    permanent: true
-    state: enabled
-    immediate: true
-  when: not run_in_installer|default(false)|bool
-
-- name: enable masquerading
-  firewalld:
-    zone: public
-    masquerade: 'yes'
-    permanent: true
-    state: enabled
-    immediate: true
-  when: not run_in_installer|default(false)|bool
-
-- name: add LAN interface to internal zone
-  firewalld:
-    zone: internal
-    interface: "{{ if_lan }}"
-    permanent: true
-    state: enabled
-    immediate: true
-  when: not run_in_installer|default(false)|bool
-
-- name: enable services
-  firewalld:
-    zone: internal
-    service: "{{ item }}"
-    permanent: true
-    state: enabled
-    immediate: true
-  with_items:
-    - dhcp
-    - dns
-    - tftp
-    - git
-  when: not run_in_installer|default(false)|bool
-
-## Use firewall-offline-cmd when run during installation:
-
-- name: add WAN interface to zone public
-  command: "firewall-offline-cmd --zone=public --add-interface={{ if_wan }}"
-  when: run_in_installer|default(false)|bool
-
-- name: enable masquerading
-  command: "firewall-offline-cmd --zone=public --add-masquerade"
-  when: run_in_installer|default(false)|bool
-
-- name: add LAN interface to zone intern
-  command: "firewall-offline-cmd --zone=internal --add-interface={{ if_lan }}"
-  when: run_in_installer|default(false)|bool
-
-- name: enable services
-  command: >-
-    firewall-offline-cmd --zone=internal
-    --add-service=dhcp
-    --add-service=dns
-    --add-service=tftp
-    --add-service=git
-  when: run_in_installer|default(false)|bool
diff --git a/roles/firewalld2if/templates/interfaces-static.j2 b/roles/firewalld2if/templates/interfaces-static.j2
deleted file mode 100644
index 9724fa4..0000000
--- a/roles/firewalld2if/templates/interfaces-static.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-auto {{ if_lan }}
-allow-hotplug {{ if_lan }}
-iface {{ if_lan }} inet static
-  address {{ ipaddr_lan }}
diff --git a/roles/fvs-client/handlers/main.yml b/roles/fvs-client/handlers/main.yml
deleted file mode 100644
index 6a3b3d5..0000000
--- a/roles/fvs-client/handlers/main.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: run update-grub
-  command: update-grub
-  listen: update grub
-
-- name: enable tmp.mount
-  systemd:
-    daemon_reload: yes
-    name: tmp.mount
-    enabled: yes
-  listen: enable tmp.mount
diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
deleted file mode 100644
index 6a98698..0000000
--- a/roles/fvs-client/tasks/main.yml
+++ /dev/null
@@ -1,61 +0,0 @@
----
-- name: set homepage
-  lineinfile:
-    dest: /etc/firefox-esr/firefox-esr.js
-    line: pref("browser.startup.homepage", "https://www.startpage.com");
-
-    #- name: set capabilities (wireshark)
-    #capabilities:
-    #path: /usr/bin/dumpcap
-    #capability: cap_net_raw,cap_net_admin+eip
-    #state: present
-
-
-############## extra data partition ###############
-#- name: all devices
-#  set_fact:
-#    all_devices: "{{ ansible_devices.keys() | select('match', '^sd(.*)$|^nv(.*)$') | list | sort }}"
-#
-#- name: mount data partition
-#  mount:
-#    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices'][all_devices[-1]]['partitions']['%s1'|format(item)]['uuid'] }}"
-#    path: /home/data
-#    fstype: ext4
-#    state: mounted
-#  register: data_mounted
-#  when: all_devices | length > 1 
-#
-#- name: set sticky bit on data directory
-#  file:
-#    path: /home/data
-#    state: directory
-#    mode: '1777'
-#  when: data_mounted.changed
-
-################# from kiosk.yml ##################
-- name: grub timeout
-  lineinfile:
-    dest: /etc/default/grub
-    regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>1'
-    backrefs: yes
-  notify: update grub
-
-- name: keyboard compose key
-  lineinfile:
-    dest: /etc/default/keyboard
-    regexp: '^(XKBOPTIONS=).*'
-    line: '\1"compose:caps"'
-    backrefs: yes
-
-- name: tmp on tmpfs
-  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
-  args:
-    creates: /etc/systemd/system/tmp.mount
-  notify: enable tmp.mount
-
-## make sure gnome keyring-daemon is not started on sshfs:
-- name: disable gnome keyring-daemon
-  command: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.bak --rename /usr/bin/gnome-keyring-daemon
-  args:
-    creates: /usr/bin/gnome-keyring-daemon.bak
diff --git a/roles/fvs-mount/defaults/main.yml b/roles/fvs-mount/defaults/main.yml
deleted file mode 100644
index d27fc27..0000000
--- a/roles/fvs-mount/defaults/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-smb_server: "smb.steinbeisschule-reutlingen.de"
-home_server: "home.steinbeisschule-reutlingen.de"
-smb_home: "DOCS/fvs/home/"
-smb_share: "DOCS/fvs/tausch/"
-ssh_hostkey: '|1|vZQ8Yc2MBY3tYCzTCVOmaIRnep8=|kCp5RNmtBR7WSBX6L9fo9URSOmI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFil1umj7jbBfJ7o80WDXToPidypuD915VNM7mN6mMF/gSJ7QYKtYDgBOR5KDUSB5dvc/itlSobw4rYQr2rE5dQ='
diff --git a/roles/fvs-mount/tasks/main.yml b/roles/fvs-mount/tasks/main.yml
deleted file mode 100644
index 6b84542..0000000
--- a/roles/fvs-mount/tasks/main.yml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-- name: install needed packages
-  apt:
-    name:
-      - libpam-mount
-      - cifs-utils
-      - sshfs
-    state: latest
-
-- name: configure pam_mount
-  blockinfile:
-    dest: /etc/security/pam_mount.conf.xml
-    block: |
-      <volume
-        fstype="fuse"
-        path="sshfs#%(USER)@{{ home_server }}:"
-        mountpoint="/home/%(USER)"
-        options="allow_other,default_permissions,reconnect,password_stdin"
-        ssh="0" noroot="0"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
-
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="{{ smb_home }}"
-        mountpoint="/media/%(USER)/winhome"
-        options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
-
-      <volume
-        fstype="cifs"
-        server="{{ smb_server }}"
-        path="{{ smb_share }}"
-        mountpoint="/media/%(USER)/winshare"
-        options="dir_mode=0750,file_mode=0640"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>virti</user></or></not></volume>
-    insertafter: "<!-- Volume definitions -->"
-
-- name: make sure .ssh exists
-  file:
-    path: /root/.ssh
-    state: directory
-    mode: '0700'
-
-- name: provide public key of home server
-  lineinfile:
-    path: /root/.ssh/known_hosts
-    line: "{{ ssh_hostkey }}"
-    create: yes
diff --git a/roles/fvs-sssd/defaults/main.yml b/roles/fvs-sssd/defaults/main.yml
deleted file mode 100644
index dd40e38..0000000
--- a/roles/fvs-sssd/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-basedn: "ou=Benutzer,ou=fvs,ou=SCHULEN,o=ml3"
-ldap_server: "ldap.steinbeisschule-reutlingen.de"
diff --git a/roles/fvs-sssd/handlers/main.yml b/roles/fvs-sssd/handlers/main.yml
deleted file mode 100644
index c7c508b..0000000
--- a/roles/fvs-sssd/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
diff --git a/roles/fvs-sssd/tasks/main.yml b/roles/fvs-sssd/tasks/main.yml
deleted file mode 100644
index 3879cfa..0000000
--- a/roles/fvs-sssd/tasks/main.yml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-- name: install needed packages
-  apt:
-    name:
-      - sssd-ldap
-    state: latest
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldaps://{{ ldap_server }}/"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: do not verify cert
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "LDAPTLS_REQCERT      never"
-
-- name: provide identities from directory
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
diff --git a/roles/fvs-sssd/templates/sssd.conf.j2 b/roles/fvs-sssd/templates/sssd.conf.j2
deleted file mode 100644
index bc39a46..0000000
--- a/roles/fvs-sssd/templates/sssd.conf.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-[sssd]
-domains = LDAP
-config_file_version = 2
-
-[nss]
-filter_groups = root
-filter_users = root
-
-[pam]
-
-[domain/LDAP]
-id_provider = ldap
-ldap_uri = ldaps://{{ ldap_server }}/
-ldap_search_base = {{ basedn }}
-
-auth_provider = ldap
-auto_private_groups = true
-
-cache_credentials = true
-
-ldap_tls_reqcert = never
diff --git a/roles/gnome/files/defaults b/roles/gnome/files/defaults
deleted file mode 100644
index ffde793..0000000
--- a/roles/gnome/files/defaults
+++ /dev/null
@@ -1,34 +0,0 @@
-[org/gnome/shell]
-enabled-extensions=['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'dash-to-dock@micxgx.gmail.com']
-
-[org/gnome/desktop/input-sources]
-sources=[('xkb', 'de'), ('xkb', 'us')]
-
-[org/gnome/desktop/wm/preferences]
-button-layout='appmenu:minimize,maximize,close'
-
-[org/gnome/desktop/peripherals/touchpad]
-natural-scroll=false
-edge-scrolling-enabled=true
-tap-to-click=true
-
-[org/gnome/nautilus/preferences]
-default-folder-viewer='list-view'
-
-[org/gnome/nautilus/list-view]
-use-tree-view=true
-
-[org/gnome/settings-daemon/plugins/power]
-power-button-action='interactive'
-sleep-inactive-battery-timeout=600
-sleep-inactive-battery-type='hibernate'
-sleep-inactive-ac-timeout=6000
-sleep-inactive-ac-type='nothing'
-
-[org/gnome/desktop/screensaver]
-lock-enabled=false
-
-[org/gnome/desktop/interface]
-clock-show-date=true
-clock-show-seconds=true
-clock-show-weekday=true
diff --git a/roles/gnome/files/user b/roles/gnome/files/user
deleted file mode 100644
index aca0641..0000000
--- a/roles/gnome/files/user
+++ /dev/null
@@ -1,2 +0,0 @@
-user-db:user
-system-db:local
diff --git a/roles/gnome/handlers/main.yml b/roles/gnome/handlers/main.yml
deleted file mode 100644
index c29a95b..0000000
--- a/roles/gnome/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: update dconf
-  command: dconf update
-  listen: update dconf
-
-- name: update grub
-  command: update-grub
-  listen: update grub
diff --git a/roles/gnome/tasks/main.yml b/roles/gnome/tasks/main.yml
deleted file mode 100644
index 2ab9029..0000000
--- a/roles/gnome/tasks/main.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-# - name: gnome hibernate by default
-#   apt: name=gnome-shell-extension-suspend-button state=latest # noqa package-latest
-
-- name: gnome desktop
-  apt:
-    name:
-      - task-gnome-desktop
-      - cups
-      - ssh-askpass-gnome
-      - gnome-shell-extension-dashtodock
-    state: latest # noqa package-latest
-
-- name: make sure /etc/dconf/profile/ exists
-  file:
-    path: /etc/dconf/profile/
-    state: directory
-    recurse: true
-
-- name: prepare for gnome customized defaults
-  copy:
-    src: user
-    dest: /etc/dconf/profile/user
-    mode: 0644
-  notify: update dconf
-
-- name: make sure /etc/dconf/db/local.d/ exists
-  file:
-    path: /etc/dconf/db/local.d/
-    state: directory
-    recurse: true
-
-- name: modify gnome defaults
-  copy:
-    src: defaults
-    dest: /etc/dconf/db/local.d/defaults
-    mode: 0644
-  notify: update dconf
-
-- name: configure gdm3
-  replace:
-    dest: /etc/gdm3/greeter.dconf-defaults
-    regexp: "{{ item.rex }}"
-    replace: "{{ item.rep }}"
-  loop:
-    - rex: "# disable-user-list=.*"
-      rep: "disable-user-list=true"
-    - rex: "# sleep-inactive-ac-timeout=.*"
-      rep: "sleep-inactive-ac-timeout=600"
-    - rex: "# sleep-inactive-ac-type=.*"
-      rep: "sleep-inactive-ac-type='interactive'\npower-button-action='interactive'"
-
-## Bug #698504
-- name: allow print job management
-  replace:
-    dest: "/etc/cups/cups-files.conf"
-    regexp: '^(SystemGroup lpadmin)$'
-    replace: '\1 root'
-
-- name: enable splash screen
-  replace:
-    dest: "/etc/default/grub"
-    regexp: '"quiet"$'
-    replace: '"quiet splash"'
-  notify: update grub
diff --git a/roles/kde/handlers/main.yml b/roles/kde/handlers/main.yml
deleted file mode 100644
index 855b467..0000000
--- a/roles/kde/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: update grub
-  command: update-grub
-  listen: update grub
diff --git a/roles/kde/tasks/main.yml b/roles/kde/tasks/main.yml
deleted file mode 100644
index f09eb42..0000000
--- a/roles/kde/tasks/main.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-- name: kde plasma desktop
-  apt:
-    name:
-      - task-kde-desktop
-      - sddm-theme-debian-breeze
-      - cups
-    state: latest # noqa package-latest
-
-## Bug #698504
-- name: allow print job management
-  replace:
-    dest: "/etc/cups/cups-files.conf"
-    regexp: '^(SystemGroup lpadmin)$'
-    replace: '\1 root'
-
-- name: enable splash screen
-  replace:
-    dest: "/etc/default/grub"
-    regexp: '"quiet"$'
-    replace: '"quiet splash"'
-  notify: update grub
-
-- name: switch default browser
-  blockinfile:
-    path: /etc/xdg/kdeglobals
-    block: |
-      #[General]
-      #BrowserApplication=firefox-esr.desktop
-    create: true
-
-- name: add some favorites to the KDE menu
-  blockinfile:
-    path: /etc/xdg/kickoffrc
-    block: |
-      #[Favorites]
-      #FavoriteURLs=firefox-esr.desktop,org.kde.dolphin.desktop,libreoffice-startcenter.desktop,org.kde.okular.desktop,org.kde.kate.desktop,gimp.desktop,inkscape.desktop,vlc.desktop,org.kde.konsole.desktop
-    create: true
diff --git a/roles/kiosk/files/kde5rc b/roles/kiosk/files/kde5rc
deleted file mode 100644
index d7525ca..0000000
--- a/roles/kiosk/files/kde5rc
+++ /dev/null
@@ -1,8 +0,0 @@
-[KDE Action Restrictions][$i]
-action/start_new_session=false
-action/switch_user=false
-action/lock_screen=false
-action/logout=false
-
-[General]
-BrowserApplication=firefox-esr.desktop
diff --git a/roles/kiosk/files/kscreenlockerrc b/roles/kiosk/files/kscreenlockerrc
deleted file mode 100644
index 0ac7312..0000000
--- a/roles/kiosk/files/kscreenlockerrc
+++ /dev/null
@@ -1,3 +0,0 @@
-[Daemon][$i]
-Autolock=false
-LockOnResume=false
diff --git a/roles/kiosk/handlers/main.yml b/roles/kiosk/handlers/main.yml
deleted file mode 100644
index cacbe56..0000000
--- a/roles/kiosk/handlers/main.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: run update-grub
-  command: update-grub
-  listen: update grub
-
-- name: reload NetworkManager
-  when: not run_in_installer|default(false)|bool
-  systemd:
-    daemon_reload: true
-    name: NetworkManager
-    state: reloaded
-    enabled: true
-  listen: reload NetworkManager
-
-- name: enable tmp.mount
-  systemd:
-    daemon_reload: true
-    name: tmp.mount
-    enabled: true
-  listen: enable tmp.mount
diff --git a/roles/kiosk/tasks/main.yml b/roles/kiosk/tasks/main.yml
deleted file mode 100644
index accf9b8..0000000
--- a/roles/kiosk/tasks/main.yml
+++ /dev/null
@@ -1,115 +0,0 @@
-## Check which display manager is used:
-- name: check if gdm3 is installed
-  stat: path=/etc/gdm3/daemon.conf
-  register: gdm3
-
-- name: check if sddm is installed
-  stat: path=/usr/bin/sddm
-  register: sddm
-
-## gdm3:
-- name: enable auto login in gdm3
-  lineinfile:
-    dest: /etc/gdm3/daemon.conf
-    insertafter: '^#\s*AutomaticLoginEnable = true'
-    line: 'AutomaticLoginEnable = true'
-  when: gdm3.stat.exists
-
-- name: auto login user in gdm3
-  lineinfile:
-    dest: /etc/gdm3/daemon.conf
-    insertafter: '^#\s*AutomaticLogin = '
-    line: 'AutomaticLogin = {{ auto_user }}'
-  when: gdm3.stat.exists
-
-## sddm/KDE:
-- name: enable auto login in sddm
-  when: sddm.stat.exists
-  template:
-    src: sddm.conf.j2
-    dest: /etc/sddm.conf
-    mode: 0644
-
-- name: kde global defaults
-  when: sddm.stat.exists
-  copy:
-    src: kde5rc
-    dest: /etc/kde5rc
-    mode: 0644
-
-- name: modify kde screen lock
-  when: sddm.stat.exists
-  copy:
-    src: kscreenlockerrc
-    dest: /etc/xdg/kscreenlockerrc
-    mode: 0644
-
-########
-
-- name: graphics quirk
-  when: ansible_product_name == "HP 500" or ansible_product_name == "HP 550"
-  lineinfile:
-    dest: /etc/default/grub
-    regexp: '^(GRUB_CMDLINE_LINUX=)""'
-    line: '\1"video=SVIDEO-1:d"'
-    backrefs: true
-  notify: update grub
-
-- name: grub timeout
-  lineinfile:
-    dest: /etc/default/grub
-    regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>1'
-    backrefs: true
-  notify: update grub
-
-- name: keyboard compose key
-  lineinfile:
-    dest: /etc/default/keyboard
-    regexp: '^(XKBOPTIONS=).*'
-    line: '\1"compose:caps"'
-    backrefs: true
-
-- name: hibernate when lid is closed
-  lineinfile:
-    dest: /etc/systemd/logind.conf
-    insertafter: '^#\s*HandleLidSwitch='
-    line: 'HandleLidSwitch=hibernate'
-
-- name: tmp on tmpfs
-  copy:
-    src: /usr/share/systemd/tmp.mount
-    dest: /etc/systemd/system/tmp.mount
-    mode: 0644
-    remote_src: true
-  notify: enable tmp.mount
-
-- name: mount tmpfs on /home/{{ auto_user }}
-  mount:
-    name: /home/{{ auto_user }}
-    src: tmpfs
-    fstype: tmpfs
-    opts: uid=1001,gid=1001,mode=755,size=4G
-    state: mounted
-
-- name: add autologin user
-  user:
-    name: "{{ auto_user }}"
-    comment: "Autologin Debian User,,,"
-    shell: /bin/bash
-    createhome: false
-    password: '*'
-
-- name: check if NetworkManager is installed
-  stat: path=/etc/NetworkManager/system-connections
-  register: networkmanager
-
-- name: add wifi config
-  template:
-    src: wifi.j2
-    dest: /etc/NetworkManager/system-connections/{{ wifi_ssid }}
-    owner: root
-    group: root
-    mode: 0600
-  when: networkmanager.stat.exists
-  notify: reload NetworkManager
diff --git a/roles/kiosk/templates/sddm.conf.j2 b/roles/kiosk/templates/sddm.conf.j2
deleted file mode 100644
index 7d36fa9..0000000
--- a/roles/kiosk/templates/sddm.conf.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-[Autologin]
-Relogin=true
-Session=plasma.desktop
-User={{ auto_user }}
diff --git a/roles/kiosk/templates/wifi.j2 b/roles/kiosk/templates/wifi.j2
deleted file mode 100644
index e4bc20e..0000000
--- a/roles/kiosk/templates/wifi.j2
+++ /dev/null
@@ -1,18 +0,0 @@
-[connection]
-id={{ wifi_ssid }}
-uuid=a9064ab4-e5fc-49d7-bb6d-8a6073c0e757
-type=wifi
-
-[wifi]
-ssid={{ wifi_ssid }}
-security=802-11-wireless-security
-
-[wifi-security]
-key-mgmt=wpa-psk
-psk={{ wifi_passwd }}
-
-[ipv4]
-method=auto
-
-[ipv6]
-method=auto
diff --git a/roles/krb5kdcldap/defaults/main.yml b/roles/krb5kdcldap/defaults/main.yml
deleted file mode 100644
index 0aa00f0..0000000
--- a/roles/krb5kdcldap/defaults/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-kdc_master_pwd: "{{ lookup('password', '/tmp/kdc_master.pwd chars=ascii_letters,digits length=32') }}"
-kdc_master_pwd_file: "/root/kdc-master.pwd"
-
-kdc_service_pwd: "{{ lookup('password', '/tmp/kdc-service.pwd chars=ascii_letters,digits length=32') }}"
-kadmin_service_pwd: "{{ lookup('password', '/tmp/kadmin-service.pwd chars=ascii_letters,digits length=32') }}"
-
-kadmin_pwd: "{{ lookup('password', '/tmp/kadmin.pwd chars=ascii_letters,digits length=32') }}"
-kadmin_pwd_file: "/root/kadmin.pwd"
diff --git a/roles/krb5kdcldap/handlers/main.yml b/roles/krb5kdcldap/handlers/main.yml
deleted file mode 100644
index 098de30..0000000
--- a/roles/krb5kdcldap/handlers/main.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-- name: restart slapd
-  systemd: name=slapd state=restarted enabled=yes
-  listen: "restart slapd"
-
-- name: restart krb5-kdc
-  systemd: name=krb5-kdc state=restarted enabled=yes
-  listen: "restart krb5-kdc"
-
-- name: restart krb5-admin-server
-  systemd: name=krb5-admin-server state=restarted enabled=yes
-  listen: "restart krb5-admin-server"
diff --git a/roles/krb5kdcldap/meta/main.yml b/roles/krb5kdcldap/meta/main.yml
deleted file mode 100644
index 36ca9ba..0000000
--- a/roles/krb5kdcldap/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies: # noqa meta-no-info
-  - role: ldap
diff --git a/roles/krb5kdcldap/tasks/main.yml b/roles/krb5kdcldap/tasks/main.yml
deleted file mode 100644
index fc3cce1..0000000
--- a/roles/krb5kdcldap/tasks/main.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-## Install and configure krb5-kdc-ldap.
----
-- name: check that domain name is available
-  fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0
-
-- name: check if krb5kdc is already there
-  stat: path=/usr/sbin/krb5kdc
-  register: krb5kdc
-
-- name: install and configure krb5-kdc-ldap
-  include_tasks: setup.yml
-  when: not krb5kdc.stat.exists
-
-######################################################
-
-- name: allow services in firewalld
-  firewalld:
-    zone: internal
-    service: "{{ item }}"
-    permanent: true
-    immediate: true
-    state: enabled
-  with_items:
-    - kerberos
-    - kadmin
-    - kpasswd
-
-- name: kerberize dummy user foo
-  command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
-  register: kerberize_result
-  changed_when: kerberize_result.stderr is not search('already exists while creating')
-  no_log: true
-  when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/krb5kdcldap/tasks/setup.yml b/roles/krb5kdcldap/tasks/setup.yml
deleted file mode 100644
index 158240a..0000000
--- a/roles/krb5kdcldap/tasks/setup.yml
+++ /dev/null
@@ -1,197 +0,0 @@
-## Install and configure krb5-kdc-ldap.
----
-- name: prepare krb5.conf
-  template:
-    src: krb5.conf.j2
-    dest: /etc/krb5.conf
-    mode: 0644
-
-- name: make sure krb5kdc exists
-  file:
-    path: /etc/krb5kdc
-    state: directory
-    mode: 0755
-
-- name: prepare kdc.conf
-  template:
-    src: kdc.conf.j2
-    dest: /etc/krb5kdc/kdc.conf
-    mode: 0644
-
-- name: prepare kadm5.acl
-  template:
-    src: kadm5.acl.j2
-    dest: /etc/krb5kdc/kadm5.acl
-    mode: 0644
-  notify: "restart krb5-admin-server"
-
-- name: install krb5-kdc-ldap and krb5-admin-server
-  apt:
-    name:
-      - krb5-kdc-ldap
-      - krb5-admin-server
-    state: latest # noqa package-latest
-
-- name: prepare kerberos.openldap.ldif
-  shell: gunzip -c /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz > /etc/ldap/schema/kerberos.openldap.ldif
-  args:
-    creates: /etc/ldap/schema/kerberos.openldap.ldif
-
-- name: activate kerberos.openldap.ldif schema # noqa no-changed-when
-  command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/kerberos.openldap.ldif
-
-- name: make sure we have a kerberos container
-  ldap_entry:
-    dn: "cn=kerberos,{{ basedn }}"
-    objectClass: krbContainer
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: make sure we have a kdc object
-  ldap_entry:
-    dn: "cn=kdc,cn=kerberos,{{ basedn }}"
-    objectClass:
-      - organizationalRole
-      - simpleSecurityObject
-    attributes:
-      userPassword: "{{ kdc_service_pwd }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: make sure we have a kadmin object
-  ldap_entry:
-    dn: "cn=kadmin,cn=kerberos,{{ basedn }}"
-    objectClass:
-      - organizationalRole
-      - simpleSecurityObject
-    attributes:
-      userPassword: "{{ kadmin_service_pwd }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: modify ACLs to account for KDC
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcAccess:
-        - >-
-          to attrs=userPassword
-          by self write
-          by anonymous auth
-          by * none
-        - >-
-          to attrs=shadowLastChange
-          by self write
-          by * read
-        - >-
-          to dn.subtree="cn=kerberos,{{ basedn }}"
-          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by * none
-        - >-
-          to attrs=krbPrincipalName,krbLastPwdChange,krbPrincipalKey,krbExtraData
-          by dn.exact="cn=kdc,cn=kerberos,{{ basedn }}" read
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by self read
-          by * auth
-        - >-
-          to *
-          by dn.exact="cn=kadmin,cn=kerberos,{{ basedn }}" write
-          by * read
-    ordered: true
-    state: exact
-
-- name: add KDC indexes to LDAP
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcDbIndex:
-        - objectClass eq
-        - cn,uid eq
-        - uidNumber,gidNumber eq
-        - member,memberUid eq
-        - krbPrincipalName pres,sub,eq
-    state: exact
-
-- name: add AuthzRegexp to map access via kerberos/GSSAPI
-  ldap_attrs:
-    dn: "cn=config"
-    attributes:
-      olcAuthzRegexp:
-        - "{0}uid=([^,]*),cn=gssapi,cn=auth     uid=$1,ou=people,{{ basedn }}"
-        - "{1}uid=([^,]*),cn=gs2-iakerb,cn=auth uid=$1,ou=people,{{ basedn }}"
-    state: exact
-
-- name: prepare password for kdc # noqa risky-shell-pipe no-changed-when
-  shell:
-    >-
-      echo "cn=kdc,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kdc_service_pwd }} |
-      xxd -g0 -ps -c 256 | sed 's/0a$//')" > /etc/krb5kdc/service.keyfile ;
-      chmod 0600 /etc/krb5kdc/service.keyfile
-  no_log: true
-
-- name: prepare password for kadmin # noqa risky-shell-pipe no-changed-when
-  shell:
-    >-
-      echo "cn=kadmin,cn=kerberos,{{ basedn }}#{HEX}$(echo -n {{ kadmin_service_pwd }} |
-      xxd -g0 -ps -c 256 | sed 's/0a$//')" >> /etc/krb5kdc/service.keyfile ;
-      chmod 0600 /etc/krb5kdc/service.keyfile
-  no_log: true
-
-- name: dump kdc master password # noqa no-changed-when
-  shell:
-    >-
-      echo -n "{{ kdc_master_pwd }}" > "{{ kdc_master_pwd_file }}" ;
-      chmod 0600 "{{ kdc_master_pwd_file }}"
-  no_log: true
-
-- name: initialize KDC # noqa no-changed-when
-  command:
-    >-
-      kdb5_ldap_util
-      -D cn=admin,"{{ basedn }}"
-      -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-      -H ldapi:///
-      create -s -subtrees "{{ basedn }}"
-      -P "{{ kdc_master_pwd }}"
-      -r "{{ ansible_domain | upper }}"
-  no_log: true
-  notify: "restart krb5-kdc"
-
-- name: add root/admin as kadmin # noqa no-changed-when
-  command: kadmin.local -q 'addprinc -pw "{{ kadmin_pwd }}" root/admin'
-
-- name: dump kadmin password # noqa no-changed-when
-  shell: echo -n "{{ kadmin_pwd }}" > "{{ kadmin_pwd_file }}" ; chmod 0600 "{{ kadmin_pwd_file }}"
-  no_log: true
-
-- name: add default policy to silence warning when using kadmin # noqa no-changed-when
-  command: kadmin.local -q "add_policy default"
-
-- name: create machine principals # noqa no-changed-when
-  command: kadmin.local -q 'addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
-  with_items:
-    - host
-    - ldap
-    - HTTP
-
-- name: add principal to the default keytab # noqa no-changed-when
-  command: kadmin.local -q 'ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}'
-  with_items:
-    - host
-    - ldap
-    - HTTP
-
-- name: allow slapd to read the keytab
-  file:
-    path: /etc/krb5.keytab
-    owner: root
-    group: openldap
-    mode: '0640'
-  notify: restart slapd
-
-- name: "make 'kerberos' an alias hostname"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 kerberos'
diff --git a/roles/krb5kdcldap/templates/kadm5.acl.j2 b/roles/krb5kdcldap/templates/kadm5.acl.j2
deleted file mode 100644
index 5e9c641..0000000
--- a/roles/krb5kdcldap/templates/kadm5.acl.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-## access control for the Kerberos KDC
-root/admin@{{ ansible_domain | upper }} *
diff --git a/roles/krb5kdcldap/templates/kdc.conf.j2 b/roles/krb5kdcldap/templates/kdc.conf.j2
deleted file mode 100644
index 7a64706..0000000
--- a/roles/krb5kdcldap/templates/kdc.conf.j2
+++ /dev/null
@@ -1,15 +0,0 @@
-[kdcdefaults]
-    kdc_ports = 750,88
-
-[realms]
-    {{ ansible_domain | upper }} = {
-        admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
-        acl_file = /etc/krb5kdc/kadm5.acl
-        key_stash_file = /etc/krb5kdc/stash
-        kdc_ports = 750,88
-        max_life = 10h 0m 0s
-        max_renewable_life = 7d 0h 0m 0s
-        master_key_type = des3-hmac-sha1
-        #supported_enctypes = aes256-cts:normal aes128-cts:normal
-        default_principal_flags = +preauth
-    }
diff --git a/roles/krb5kdcldap/templates/krb5.conf.j2 b/roles/krb5kdcldap/templates/krb5.conf.j2
deleted file mode 100644
index 11d3cf2..0000000
--- a/roles/krb5kdcldap/templates/krb5.conf.j2
+++ /dev/null
@@ -1,26 +0,0 @@
-[libdefaults]
-        default_realm = {{ ansible_domain | upper }}
-
-[realms]
-        {{ ansible_domain | upper }} = {
-                kdc = {{ ansible_hostname }}
-                admin_server = {{ ansible_hostname }}
-                database_module = LDAP
-        }
-
-[domain_realm]
-        .{{ ansible_domain }} = {{ ansible_domain | upper }}
-        {{ ansible_domain }} = {{ ansible_domain | upper }}
-
-[dbdefaults]
-        ldap_kerberos_container_dn = cn=kerberos,{{ basedn }}
-
-[dbmodules]
-        LDAP = {
-                db_library = kldap
-                ldap_kdc_dn = cn=kdc,cn=kerberos,{{ basedn }}
-                ldap_kadmind_dn = cn=kadmin,cn=kerberos,{{ basedn }}
-                ldap_service_password_file = /etc/krb5kdc/service.keyfile
-                ldap_servers = ldapi:///
-                ldap_conns_per_server = 5
-        }
diff --git a/roles/lanclient/defaults/main.yml b/roles/lanclient/defaults/main.yml
deleted file mode 100644
index 29dadef..0000000
--- a/roles/lanclient/defaults/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-lan_homes: /home/lan
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: ldap
-krb_server: kerberos
-nfs_server: nfs
-min_id_sssd: 5000
-max_id_sssd: 20000
diff --git a/roles/lanclient/handlers/main.yml b/roles/lanclient/handlers/main.yml
deleted file mode 100644
index ec063a1..0000000
--- a/roles/lanclient/handlers/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: reload systemd
-  systemd:
-    daemon_reload: true
-  listen: "reload systemd"
-
-- name: restart rpc-gssd
-  systemd:
-    name: rpc-gssd
-    daemon_reload: true
-    state: restarted
-  notify: "restart rpc-gssd"
diff --git a/roles/lanclient/tasks/main.yml b/roles/lanclient/tasks/main.yml
deleted file mode 100644
index adaee16..0000000
--- a/roles/lanclient/tasks/main.yml
+++ /dev/null
@@ -1,99 +0,0 @@
----
-- name: check if domain name is available
-  fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0
-
-- name: preseed krb5-config realm
-  debconf:
-    name: krb5-config
-    question: krb5-config/default_realm
-    value: "{{ ansible_domain | upper }}"
-    vtype: string
-
-- name: preseed krb5-config kerberos servers
-  debconf:
-    name: krb5-config
-    question: krb5-config/kerberos_servers
-    value: "{{ krb_server }}"
-    vtype: string
-
-- name: preseed krb5-config admin server
-  debconf:
-    name: krb5-config
-    question: krb5-config/admin_server
-    value: "{{ krb_server }}"
-    vtype: string
-
-- name: install needed packages
-  apt:
-    name:
-      - krb5-config
-      - krb5-user
-      - sssd-krb5
-      - sssd-ldap
-      - nfs-common
-    state: latest # noqa package-latest
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldap://ldap/"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: enable pam_umask
-  lineinfile:
-    dest: /etc/pam.d/common-session
-    line: "session optional pam_umask.so usergroups"
-
-## oddjob-mkhomedir works only with sec=sys for the NFSv4 share
-
-- name: provide identities from directory
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
-
-## Activate machine after installation:
-- name: create machine principals
-  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
-  register: kerberize_result
-  with_items:
-    - nfs
-    - host
-  changed_when: kerberize_result.stderr is not search('already exists while creating')
-  no_log: true
-  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
-
-- name: remove old keytab
-  file:
-    path: /etc/krb5.keytab
-    state: absent
-  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
-
-- name: add principals to keytab
-  command: kadmin -p root/admin -w {{ kadmin_pwd }} -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
-  with_items:
-    - nfs
-    - host
-  args:
-  no_log: true
-  notify: "restart rpc-gssd"
-  when: not run_in_installer|default(false)|bool and kadmin_pwd | length > 0
-
-
-- name: make sure the home mount directory exists
-  file: path={{ lan_homes }} state=directory recurse=yes
-
-- name: automount
-  lineinfile:
-    dest: /etc/fstab
-    line: "{{ nfs_server }}:/home  {{ lan_homes }}  nfs4  sec=krb5p,_netdev,noauto,x-systemd.automount,x-systemd.idle-timeout=60  0  0"
-  notify: reload systemd
-  when: not run_in_installer|default(false)|bool
diff --git a/roles/lanclient/templates/sssd.conf.j2 b/roles/lanclient/templates/sssd.conf.j2
deleted file mode 100644
index 91d230e..0000000
--- a/roles/lanclient/templates/sssd.conf.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-[sssd]
-domains = LDAP
-config_file_version = 2
-
-[nss]
-filter_groups = root
-filter_users = root
-
-[pam]
-
-[domain/LDAP]
-id_provider = ldap
-ldap_uri = ldap://{{ ldap_server }}/
-ldap_search_base = {{ basedn }}
-
-auth_provider = krb5
-krb5_server = {{ krb_server }}
-krb5_realm = {{ ansible_domain | upper }}
-cache_credentials = true
-
-min_id = {{ min_id_sssd }}
-max_id = {{ max_id_sssd }}
diff --git a/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
deleted file mode 100644
index 32da1a2..0000000
--- a/roles/ldap/defaults/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-ldap_admin_pwd: "{{ lookup('password', '/tmp/ldap_admin.pwd chars=ascii_letters,digits length=32') }}"
-ldap_admin_pwd_file: "/root/ldap-admin.pwd"
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-certpub: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
-certpriv: "/etc/ssl/private/ssl-cert-snakeoil.key"
-lan_homes: /home/lan
-min_id: 10000
-max_id: 20000
-ldapuser_gid: 8000
diff --git a/roles/ldap/files/slapd-config.ldif b/roles/ldap/files/slapd-config.ldif
deleted file mode 100644
index 4aead37..0000000
--- a/roles/ldap/files/slapd-config.ldif
+++ /dev/null
@@ -1,43 +0,0 @@
-#### LDAP Overlays slapd ####
-#### Attribute Uniqueness ####
-
-dn: cn=module,cn=config
-objectClass: olcModuleList
-cn: module
-olcModulePath: /usr/lib/ldap
-olcModuleLoad: unique
-
-dn: olcOverlay=unique,olcDatabase={1}mdb,cn=config
-objectClass: olcOverlayConfig
-objectClass: olcUniqueConfig
-olcOverlay: unique
-olcUniqueAttribute: uid uidNumber mail
-
-
-#### Password Hashing ####
-
-dn: cn=module,cn=config
-objectClass: olcModuleList
-cn: module
-olcModuleLoad: ppolicy
-
-dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
-objectClass: olcOverlayConfig
-objectClass: olcPPolicyConfig
-olcOverlay: ppolicy
-olcPPolicyHashCleartext: TRUE
-
-
-#### Reverse Group Membership ####
-
-dn: cn=module,cn=config
-objectClass: olcModuleList
-cn: module
-olcModuleLoad: memberof
-
-dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
-objectClass: olcOverlayConfig
-objectClass: olcMemberOf
-olcOverlay: memberof
-olcMemberOfDangling: error
-olcMemberOfRefInt: TRUE
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
deleted file mode 100644
index 6acabec..0000000
--- a/roles/ldap/tasks/main.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-## Install and configure slapd.
----
-- name: check if domain name is available
-  fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0
-
-- name: check if slapd is already set up
-  stat: path=/usr/sbin/slapd
-  register: slapd
-
-- name: install and configure slapd
-  include_tasks: setup.yml
-  when: not slapd.stat.exists
-
-#######################################################################################
-## Use the admin password saved to file (available also after installation):
-- name: slurp admin password
-  slurp:
-    src: "{{ ldap_admin_pwd_file }}"
-  register: ldap_admin_pwd
-  no_log: true
-
-## Prepare user directories
-- name: make sure we have a people entry for users
-  ldap_entry:
-    dn: "ou=people,{{ basedn }}"
-    objectClass: organizationalUnit
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-- name: make sure we have a group entry for users
-  ldap_entry:
-    dn: "ou=groups,{{ basedn }}"
-    objectClass: organizationalUnit
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-
-- name: add group for ldap users
-  ldap_entry:
-    dn: "cn=ldapuser,ou=groups,{{ basedn }}"
-    objectClass:
-      - posixGroup
-    attributes:
-      gidNumber: "{{ ldapuser_gid }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-
-
-- name: provide simple script to manage ldap/kdc
-  template:
-    src: debian-lan.j2
-    dest: /usr/local/sbin/debian-lan
-    mode: 0744
-
-- name: allow ldap service in firewalld
-  firewalld:
-    zone: internal
-    service: ldap
-    permanent: true
-    immediate: true
-    state: enabled
-
-- name: add dummy user foo
-  ldap_entry:
-    dn: "uid=foo,ou=people,{{ basedn }}"
-    objectClass:
-      - inetOrgPerson
-      - posixAccount
-    attributes:
-      cn: foo
-      sn: bar
-      userPassword: "{{ foo_pwd }}"
-      uidNumber: "{{ min_id }}"
-      gidNumber: "{{ min_id }}"
-      homeDirectory: "{{ lan_homes }}/foo"
-      loginShell: /bin/bash
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-  when: foo_pwd is defined and foo_pwd | length > 0
-
-- name: add dummy group foo
-  ldap_entry:
-    dn: "cn=foo,ou=groups,{{ basedn }}"
-    objectClass:
-      - posixGroup
-    attributes:
-      gidNumber: "{{ min_id }}"
-    bind_dn: "cn=admin,{{ basedn }}"
-    bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-  when: foo_pwd is defined and foo_pwd | length > 0
diff --git a/roles/ldap/tasks/setup.yml b/roles/ldap/tasks/setup.yml
deleted file mode 100644
index 013ebf8..0000000
--- a/roles/ldap/tasks/setup.yml
+++ /dev/null
@@ -1,100 +0,0 @@
-## Install and configure slapd.
----
-- name: preseed ldap domain
-  debconf:
-    name: slapd
-    question: slapd/domain
-    value: "{{ ansible_domain }}"
-    vtype: string
-
-- name: preseed slapd admin password1
-  debconf:
-    name: slapd
-    question: slapd/password1
-    value: "{{ ldap_admin_pwd }}"
-    vtype: password
-  no_log: true
-
-- name: preseed slapd admin password2
-  debconf:
-    name: slapd
-    question: slapd/password2
-    value: "{{ ldap_admin_pwd }}"
-    vtype: password
-  no_log: true
-
-- name: dump admin password
-  shell:
-    cmd: echo -n "{{ ldap_admin_pwd }}" > "{{ ldap_admin_pwd_file }}" ; chmod 0600 "{{ ldap_admin_pwd_file }}"
-    creates: "{{ ldap_admin_pwd_file }}"
-  no_log: true
-
-- name: install packages for LDAP
-  apt:
-    name:
-      - slapd
-      - ldap-utils
-      - ldapvi
-      - python3-ldap
-      - ssl-cert
-    state: latest # noqa package-latest
-
-- name: add openldap to the ssl-cert group
-  user:
-    name: openldap
-    groups: ssl-cert
-    append: true
-
-- name: restart slapd with access to ssl-cert
-  systemd: name=slapd state=restarted
-
-- name: make initial slapd configuration available
-  copy:
-    src: slapd-config.ldif
-    dest: /etc/ldap/slapd.d/
-    mode: 0644
-
-- name: make slapd TLS configuration available
-  template:
-    src: slapd-TLS.ldif
-    dest: /etc/ldap/slapd.d/
-    mode: 0644
-
-- name: activate ppolicy schema
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif # noqa no-changed-when
-
-- name: initialize slapd if it has just been installed
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif # noqa no-changed-when
-
-- name: configure LDAP TLS
-  command: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-TLS.ldif # noqa no-changed-when
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldapi:///"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: check against self signed certificate
-  replace:
-    path: /etc/ldap/ldap.conf
-    regexp: "^(TLS_CACERT\\s+/etc/ssl/certs/ca-certificates.crt)$"
-    replace: '#\1\nTLS_CACERT\t{{ certpub }}'
-
-- name: "make 'ldap' an alias hostname"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 ldap'
-
-- name: enable pam-mkhomedir
-  command: pam-auth-update --enable mkhomedir
-  when: foo_pwd is defined and foo_pwd | length > 0
-
-## Use 'sudo ldapvi -Y EXTERNAL -h ldapi:/// -b "cn=config"' to modify certificate and key.
diff --git a/roles/ldap/templates/debian-lan.j2 b/roles/ldap/templates/debian-lan.j2
deleted file mode 100644
index b2014e1..0000000
--- a/roles/ldap/templates/debian-lan.j2
+++ /dev/null
@@ -1,253 +0,0 @@
-#!/bin/bash
-#
-# A simple script to add users and their group to ldap, as well as a kerberos principal.
-#
-
-set -eu
-
-usage(){
-    cat <<EOF
-Usage:
-         $(basename "$0")  adduser  <uid>  <password>  <group>|none  <given name>  <family name>
-         $(basename "$0")  adduser  <uid>  <password>  [<group>]
-         $(basename "$0")  deluser  <uid>
-         $(basename "$0")  delhost  <hostname>
-         $(basename "$0")  ldapvi
-         $(basename "$0")  <file>
-
-     <uid>:  User ID (login name)
-     <password>:  Password
-     <group>:  If given and not "none", the user is added to this posix group (in addition to his
-               personal group).  The group must already exist in the LDAP DT.
-     <given name>, <family name>:  LDAP attributes 'givenName' and 'sn'.  If omitted, <uid> is used.
-     <file>:  File containing lines of the form:
-
-                   adduser <uid 1>  <password 1>  <group 1>  <given name 1>  <family name 1>
-                   adduser <uid 2>  <password 2>  <group 2>  <given name 2>  <family name 2>
-                   …
-                   deluser <uid n>
-                   deluser <uid n+1>
-                   …
-			   Every line is processed like a single call to the $(basename "$0") program.
-EOF
-}
-
-BASEDN="{{ basedn }}"
-LDAPADMIN="cn=admin,$BASEDN"
-ADPASSWD="$(cat {{ ldap_admin_pwd_file }})"
-
-if [ $# -lt 2 ] ; then
-    if [ $# = 0 ] ; then
-        usage
-        exit 1
-    elif [ "$1" = ldapvi ] ; then
-        exec ldapvi -m -h ldapi:/// -D "$LDAPADMIN"  -b "$BASEDN" -w "$ADPASSWD"
-    elif [ -r "$1" ]; then
-        ## recursively call this program:
-        while read -r LINE ; do
-            $0 $LINE
-        done < "$1"
-        ## reset cache after mass import/deletion:
-        which sss_cache > /dev/null && sss_cache -U -G
-        exit 0
-    else
-        usage
-        exit 1
-    fi
-elif [ "$1" = adduser ] && [ $# -lt 3 ] ; then
-    echo "Error: Password missing."
-    usage
-    exit 1
-fi
-
-## Range of user and personal group IDs:
-MINID={{ min_id }}
-MAXID={{ max_id }}
-
-## Range to cover in a single ldap search (must be smaller than 'olcSizeLimit' in cn=config):
-RANGE=399
-
-HOMES="{{ lan_homes }}"
-
-COMMAND="$1"
-id="$2"
-pw="${3:-""}"
-grp="${4:-""}"
-gn="${5:-$2}"
-sn="${6:-$2}"
-
-domain="$(hostname -d)"
-
-if [ -x /usr/sbin/kadmin.local ] ; then
-    KRB5=true
-    pwEntry=""
-else
-    KRB5=false
-    pwEntry="userPassword: $pw"
-fi
-
-##################################################################################################
-
-nextnum(){
-    local id=$MINID
-    local bsta bend all uids gids num
-
-    ## Search for the next pair of identical free IDs:
-    while [ "$id" -le "$MAXID" ] ; do
-        bsta=$id
-        bend=$(( bsta + RANGE ))
-
-        all="$(seq "$bsta" "$bend")"
-        uids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uidNumber>=$bsta)(uidNumber<=$bend))" \
-                         uidNumber 2>/dev/null | grep "uidNumber: " | cut -f2 -d ' ' | sort -g | uniq)"
-        gids="$(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=groups,$BASEDN" "(&(objectClass=posixGroup)(gidNumber>=$bsta)(uidNumber<=$bend))" \
-                         gidNumber 2>/dev/null | grep "gidNumber: " | cut -f2 -d ' ' | sort -g | uniq)"
-
-        fuids="$(comm -13 <(echo "$uids") <(echo "$all"))"
-        fgids="$(comm -13 <(echo "$gids") <(echo "$all"))"
-        num=$(comm -12 <(echo "$fuids") <(echo "$fgids") | head -1)
-
-        if [ -n "$num" ] ; then
-            echo "$num"
-            return
-        else
-            id=$(( bend + 1 ))
-        fi
-    done
-    ## something went wrong:
-    exit 1
-}
-
-
-add-user(){
-    local id="$1"
-    local pwEntry="$2"
-    local grp="$3"
-    local gn="$4"
-    local sn="$5"
-    local uidNumber
-    local gidNumber
-
-    if ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=people,$BASEDN" "(&(objectClass=posixAccount)(uid=$id))" uid 2>/dev/null \
-            | grep -q "uid: $id" ; then
-        echo "User '$id' exists already, skipping."
-        return
-    fi
-
-    uidNumber=$(nextnum)
-    gidNumber=$uidNumber
-
-    if [ "$uidNumber" -ge "$MAXID" ] || [ "$gidNumber" -ge "$MAXID" ] ; then
-        echo "Error: $uidNumber and/or $gidNumber exceed max ID number ${MAXID}."
-        exit 1
-    fi
-
-    cat <<EOF | ldapadd -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
-############## LDIF ##############
-dn: uid=${id},ou=people,$BASEDN
-objectClass: inetOrgPerson
-objectClass: posixAccount
-uidNumber: ${uidNumber}
-gidNumber: ${gidNumber}
-homeDirectory: ${HOMES}/${id:0:1}/${id}
-loginShell: /bin/bash
-cn: ${gn} ${sn}
-givenName: ${gn}
-sn: ${sn}
-gecos: ${gn} ${sn}
-${pwEntry}
-
-dn: cn=${id},ou=groups,$BASEDN
-objectClass: posixGroup
-gidNumber: ${gidNumber}
-##################################
-EOF
-
-    if [ -n "$grp" ] && [ "$grp" != "none" ] ; then
-        cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
-############## LDIF ##############
-dn: cn=${grp},ou=groups,$BASEDN
-add: memberUid
-memberUid: ${id}
-##################################
-EOF
-    fi
-
-    if [ "$KRB5" = "true" ] ; then
-        kadmin.local -q "add_principal -policy default -pw \"$pw\" -x dn=\"uid=${id},ou=people,$BASEDN\" ${id}" \
-            | sed '/Authenticating as principal/d'
-        if [ ! -e "${HOMES}/${id:0:1}/${id}" ] ; then
-            echo "uidNumber: ${uidNumber}  gidNumber: ${gidNumber}"
-            mkdir -p "${HOMES}/${id:0:1}/"
-            cp -r /etc/skel "${HOMES}/${id:0:1}/${id}"
-            chown -R "${uidNumber}:${gidNumber}" "${HOMES}/${id:0:1}/${id}"
-            #chmod -R o= ${HOMES}/${id:0:1}/${id}
-            ls -nld "${HOMES}/${id:0:1}/${id}"
-        fi
-    fi
-}
-
-
-del-user(){
-    local id="$1"
-    local KEEPDIR
-    if [ $KRB5 ] ; then
-        ## Remove all kerberos attributes from LDAP, then the whole DN below.  The latter should be sufficient.
-        kadmin.local -q "delete_principal -force ${id}"  \
-            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
-    fi
-
-    ldapdelete -v -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" "uid=${id},ou=people,$BASEDN"  "cn=${id},ou=groups,$BASEDN" 2>&1 \
-        | sed '/ldap_initialize/d'
-
-    for grp in $(ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b "ou=groups,$BASEDN" "(&(objectClass=posixGroup)(memberUid=${id}))" cn 2>/dev/null \
-                     | grep cn: | cut -d ' ' -f2) ; do
-        cat <<EOF | ldapmodify -H ldapi:/// -D "$LDAPADMIN"  -w "$ADPASSWD" | sed '/^$/d'
-############## LDIF ##############
-dn: cn=${grp},ou=groups,$BASEDN
-delete: memberUid
-memberUid: ${id}
-##################################
-EOF
-    done
-
-    if [ -d "${HOMES}/${id:0:1}/${id}" ] ; then
-        KEEPDIR="${HOMES}/${id:0:1}/rm_$(date '+%Y%m%d')_${id}"
-        mv "${HOMES}/${id:0:1}/${id}" "${KEEPDIR}"
-        chown -R root:root  "${KEEPDIR}"
-        ls -ld "$KEEPDIR"
-    fi
-}
-
-
-del-host(){
-    local id="$1"
-    if [ $KRB5 ] ; then
-        ## Remove kerberos principals from LDAP.
-        kadmin.local -q "delete_principal -force host/${id}.${domain}"  \
-            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
-        kadmin.local -q "delete_principal -force nfs/${id}.${domain}"  \
-            |  sed -e '/Authenticating as principal/d' -e '/Make sure that you have removed/d'
-    fi
-}
-
-##############################
-########### main #############
-##############################
-
-which sss_cache > /dev/null && sss_cache -U -G  ## clear cache
-echo "==== $* ===="
-case $COMMAND in
-    adduser)
-        add-user "${id}" "${pwEntry}" "${grp}" "${gn}" "${sn}"
-        ;;
-    deluser)
-        del-user "${id}"
-        ;;
-    delhost)
-        del-host "${id}"
-        ;;
-    *)
-        usage
-        ;;
-esac
diff --git a/roles/ldap/templates/slapd-TLS.ldif b/roles/ldap/templates/slapd-TLS.ldif
deleted file mode 100644
index 236841f..0000000
--- a/roles/ldap/templates/slapd-TLS.ldif
+++ /dev/null
@@ -1,9 +0,0 @@
-#### ENABLE LDAP TLS ####
-dn: cn=config
-changetype: modify
-add: olcTLSCertificateFile
-olcTLSCertificateFile: {{ certpub }}
--
-add: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: {{ certpriv }}
--
diff --git a/roles/lowpower/files/powertop.service b/roles/lowpower/files/powertop.service
deleted file mode 100644
index 150c2ff..0000000
--- a/roles/lowpower/files/powertop.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Run powertop --auto-tune
-
-[Service]
-Type=oneshot
-ExecStart=/usr/sbin/powertop --auto-tune
diff --git a/roles/lowpower/files/powertop.timer b/roles/lowpower/files/powertop.timer
deleted file mode 100644
index 4cd5f71..0000000
--- a/roles/lowpower/files/powertop.timer
+++ /dev/null
@@ -1,9 +0,0 @@
-[Unit]
-Description=Run powertop --auto-tune after boot
-
-[Timer]
-OnBootSec=1min
-AccuracySec=1min
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/lowpower/handlers/main.yml b/roles/lowpower/handlers/main.yml
deleted file mode 100644
index c0c1c9a..0000000
--- a/roles/lowpower/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: enable powertop timer
-  systemd:
-    name: powertop.timer
-    enabled: true
-  listen: "enable powertop timer"
diff --git a/roles/lowpower/tasks/main.yml b/roles/lowpower/tasks/main.yml
deleted file mode 100644
index a4fc825..0000000
--- a/roles/lowpower/tasks/main.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-- name: install some packages
-  apt: name={{ item }} state=latest # noqa package-latest
-  with_items:
-    - powertop
-
-- name: install powertop.service
-  copy:
-    src: powertop.service
-    dest: /etc/systemd/system/powertop.service
-    mode: 0644
-
-- name: install powertop.timer
-  copy:
-    src: powertop.timer
-    dest: /etc/systemd/system/powertop.timer
-    mode: 0644
-  notify: enable powertop timer
diff --git a/roles/netbootinstaller/defaults/main.yml b/roles/netbootinstaller/defaults/main.yml
deleted file mode 100644
index 2b791ea..0000000
--- a/roles/netbootinstaller/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-tftp_root: "/var/lib/tftpboot"
diff --git a/roles/netbootinstaller/handlers/main.yml b/roles/netbootinstaller/handlers/main.yml
deleted file mode 100644
index 75ce256..0000000
--- a/roles/netbootinstaller/handlers/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: bind mount images
-  mount:
-    path: "{{ tftp_root }}/d-i/n-pkg/"
-    src: /usr/lib/debian-installer/
-    fstype: none
-    state: mounted
-    opts: bind
-  listen: bind mount images
-
-- name: rebuild di-netboot-assistant menu
-  command: "{{ item }}"
-  with_items:
-    - di-netboot-assistant rebuild-menu
-    - di-netboot-assistant rebuild-grub
-  listen: rebuild di-netboot-assistant menu
diff --git a/roles/netbootinstaller/tasks/main.yml b/roles/netbootinstaller/tasks/main.yml
deleted file mode 100644
index 1296b0b..0000000
--- a/roles/netbootinstaller/tasks/main.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-- name: make preseed directory available
-  file:
-    path: "{{ tftp_root }}/d-i/{{ di_dist }}"
-    state: directory
-    mode: 0755
-
-- name: install di-netboot-assistant and installer package
-  apt:
-    name:
-      - di-netboot-assistant
-      - "{{ di_pkg }}"
-    state: latest # noqa package-latest
-  notify:
-    - bind mount images
-    - rebuild di-netboot-assistant menu
-
-- name: provide preseed file
-  copy:
-    src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
-    mode: 0644
-    force: false
-    remote_src: true
-
-- name: make the hostname resolvable from the LAN
-  replace:
-    path: /etc/hosts
-    regexp: '^(127\.0\.1\.1.*)$'
-    replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }} {{ ansible_hostname }}.{{ ansible_domain }} {{ ansible_hostname }}'
-  when: ipaddr_lan is defined
diff --git a/roles/networkdresolved/files/all-eth.network b/roles/networkdresolved/files/all-eth.network
deleted file mode 100644
index f2578d1..0000000
--- a/roles/networkdresolved/files/all-eth.network
+++ /dev/null
@@ -1,5 +0,0 @@
-[Match]
-Name=e*
-
-[Network]
-DHCP=yes
diff --git a/roles/networkdresolved/handlers/main.yml b/roles/networkdresolved/handlers/main.yml
deleted file mode 100644
index 457c60b..0000000
--- a/roles/networkdresolved/handlers/main.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-- name: restart and enable systemd-networkd
-  systemd:
-    name: systemd-networkd
-    enabled: true
-    state: restarted
-    daemon_reload: true
-  listen: "start and enable systemd-networkd"
-
-- name: start and enable systemd-resolved
-  systemd:
-    name: systemd-resolved
-    enabled: true
-    state: started
-  listen: "start and enable systemd-resolved"
diff --git a/roles/networkdresolved/tasks/main.yml b/roles/networkdresolved/tasks/main.yml
deleted file mode 100644
index 2918d11..0000000
--- a/roles/networkdresolved/tasks/main.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-- name: move /etc/network/interfaces away
-  command:
-    cmd: mv /etc/network/interfaces /etc/network/interfaces_orig
-    creates: /etc/network/interfaces_orig
-
-- name: switch to systemd-networkd
-  copy:
-    src: all-eth.network
-    dest: /etc/systemd/network/all-eth.network
-    mode: 0644
-  notify: "start and enable systemd-networkd"
-
-# - name: install static configuration for networkd
-#   template:
-#     src: 20-static.network.j2
-#     dest: /etc/systemd/network/20-static.network
-#   notify: "enable systemd-networkd"
-
-- name: enable local stub resolver
-  file:
-    src: /run/systemd/resolve/stub-resolv.conf
-    dest: /etc/resolv.conf
-    state: link
-    follow: false
-    force: true
-  notify: "start and enable systemd-resolved"
diff --git a/roles/networkdresolved/templates/20-static.network.j2 b/roles/networkdresolved/templates/20-static.network.j2
deleted file mode 100644
index fbdc83b..0000000
--- a/roles/networkdresolved/templates/20-static.network.j2
+++ /dev/null
@@ -1,7 +0,0 @@
-[Match]
-Name={{ if_lan }}
-
-[Network]
-Address={{ ipaddr }}
-Gateway={{ gateway }}
-DNS={{ dns }}
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
deleted file mode 100644
index be2e996..0000000
--- a/roles/nextcloud/defaults/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-db_nextcloud_pwd: "{{ lookup('password', '/tmp/db-nextcloud.pwd chars=ascii_letters,digits length=32') }}"
-nc_admin_pwd: "{{ lookup('password', '/tmp/nc-admin.pwd chars=ascii_letters,digits length=32') }}"
-nc_admin_pwd_file: "/root/nc-admin.pwd"
-www_root: "/var/www"
-nc_dir: "{{ www_root }}/nextcloud"
-data_dir: "/var/nc-data"
-allow_download: false
diff --git a/roles/nextcloud/files/krb5-nextcloud.conf b/roles/nextcloud/files/krb5-nextcloud.conf
deleted file mode 100644
index 89415e9..0000000
--- a/roles/nextcloud/files/krb5-nextcloud.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-<Location "/nextcloud/index.php/apps/user_saml/saml/login" >
-  AuthType             GSSAPI
-  AuthName             "Login to NextCloud"
-  GssapiAllowedMech    krb5
-  GssapiLocalName      On
-  GssapiCredStore      keytab:/etc/krb5.keytab.http
-  GssapiUseSessions    On
-  GssapiNegotiateOnce  On
-  GssapiBasicAuth      On
-  Require              valid-user
-</Location>
diff --git a/roles/nextcloud/files/nextcloud.conf b/roles/nextcloud/files/nextcloud.conf
deleted file mode 100644
index 7c8baa6..0000000
--- a/roles/nextcloud/files/nextcloud.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-Alias /nextcloud "/var/www/nextcloud"
-
-<Directory /var/www/nextcloud>
-  Require all granted
-  Options FollowSymlinks MultiViews
-  AllowOverride All
-  Satisfy Any
-
-  <IfModule mod_dav.c>
-    Dav off
-  </IfModule>
-
-  SetEnv HOME /var/www/nextcloud
-  SetEnv HTTP_HOME /var/www/nextcloud
-</Directory>
-
-<Directory /var/www/html>
-  <IfModule mod_rewrite.c>
-    RewriteEngine on
-    RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
-    RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
-    RewriteRule ^\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
-    RewriteRule ^\.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]
-    RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav [R=301,L]
-    RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
-  </IfModule>
-</Directory>
-
-<IfModule mod_headers.c>
-  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
-</IfModule>
diff --git a/roles/nextcloud/files/nextcloudcron.service b/roles/nextcloud/files/nextcloudcron.service
deleted file mode 100644
index 79f01dc..0000000
--- a/roles/nextcloud/files/nextcloudcron.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Nextcloud cron.php job
-
-[Service]
-User=www-data
-ExecStart=/usr/bin/php -f /var/www/nextcloud/cron.php
diff --git a/roles/nextcloud/files/nextcloudcron.timer b/roles/nextcloud/files/nextcloudcron.timer
deleted file mode 100644
index eda82c9..0000000
--- a/roles/nextcloud/files/nextcloudcron.timer
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=Run Nextcloud cron.php every 5 minutes
-
-[Timer]
-OnBootSec=5min
-OnUnitActiveSec=5min
-Unit=nextcloudcron.service
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/nextcloud/handlers/main.yml b/roles/nextcloud/handlers/main.yml
deleted file mode 100644
index 2446778..0000000
--- a/roles/nextcloud/handlers/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: restart apache2
-  systemd:
-    name: apache2
-    state: restarted
-  listen: "restart apache2"
-
-- name: restart php-fpm
-  systemd:
-    name: php{{ php_ver.stdout }}-fpm
-    state: restarted
-  listen: "restart php-fpm"
-
-- name: enable nextcloudcron.service and .timer
-  systemd:
-    name: nextcloudcron.timer
-    state: started
-    enabled: true
-  listen: "enable nextcloudcron.timer"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
deleted file mode 100644
index 565682e..0000000
--- a/roles/nextcloud/tasks/main.yml
+++ /dev/null
@@ -1,322 +0,0 @@
-## Install and configure nextcloud.
-
-- name: check if we are installing
-  stat: path="{{ nc_dir }}"
-  register: nextcloud
-
-- name: check for nextcloud archive
-  stat:
-    path: nextcloud.tar.bz2
-  become: false
-  delegate_to: localhost
-  register: nc_archive
-  when: not nextcloud.stat.exists
-
-- name: stop if nextcloud archive is unavailable
-  fail:
-    msg: >
-      The nextcloud archive nextcloud.tar.bz2 is not available.
-      Download the latest stable release from 'nextcloud.com',
-      check the signature, rename it and copy it next to 'cloudbox.yml'.
-  when: >
-    not nextcloud.stat.exists and not nc_archive.stat.exists and
-    not run_in_installer|default(false)|bool
-
-## We can start with the installation now:
-
-- name: install apache, firewalld, php- and db-packages
-  apt:
-    name:
-      - apache2
-      - firewalld
-      - mariadb-server
-      - python3-pymysql
-      - php-apcu
-      - php-bcmath
-      - php-fpm
-      - php-curl
-      - php-gd
-      - php-gmp
-      - php-imagick
-      - libmagickcore-6.q16-6-extra
-      - php-intl
-      - php-json
-      - php-ldap
-      - php-mbstring
-      - php-mysql
-      - php-xml
-      - php-zip
-      - unzip
-    state: latest # noqa package-latest
-
-- name: disable apache modules
-  apache2_module:
-    state: absent
-    name: "{{ item }}"
-  with_items:
-    - mpm_prefork
-    - mpm_worker
-  notify: "restart apache2"
-
-- name: enable apache modules
-  apache2_module:
-    name: "{{ item }}"
-  with_items:
-    - proxy_fcgi
-    - mpm_event
-    - rewrite
-    - headers
-    - ssl
-    - http2
-  notify: "restart apache2"
-
-- name: find php version # noqa risky-shell-pipe
-  shell: ls /etc/php/ | sort | tail -1
-  register: php_ver
-  changed_when: false
-
-- name: enable php-fpm conf
-  command: a2enconf php{{ php_ver.stdout }}-fpm
-  args:
-    creates: /etc/apache2/conf-enabled/php{{ php_ver.stdout }}-fpm.conf
-  notify: "restart apache2"
-
-- name: tune php-fpm
-  replace:
-    dest: /etc/php/{{ php_ver.stdout }}/fpm/pool.d/www.conf
-    regexp: "{{ item.regex }}"
-    replace: "{{ item.replace }}"
-  with_items:
-    - regex: "^pm.max_children = .*$"
-      replace: "pm.max_children = 10"
-    - regex: "^pm.start_servers = .*$"
-      replace: "pm.start_servers = 4"
-    - regex: "^pm.min_spare_servers = .*$"
-      replace: "pm.min_spare_servers = 2"
-    - regex: "^pm.max_spare_servers = .*$"
-      replace: "pm.max_spare_servers = 6"
-  notify: "restart php-fpm"
-
-- name: increase php memory limit
-  replace:
-    dest: "/etc/php/{{ php_ver.stdout }}/fpm/php.ini"
-    regexp: "^memory_limit = .*"
-    replace: "memory_limit = 512M"
-  notify: "restart apache2"
-
-- name: provide nextcloud site
-  copy:
-    src: nextcloud.conf
-    dest: /etc/apache2/sites-available/nextcloud.conf
-    mode: 0644
-  notify: "restart apache2"
-
-- name: enable nextcloud site
-  command: a2ensite nextcloud.conf
-  args:
-    creates: /etc/apache2/sites-enabled/nextcloud.conf
-  notify: "restart apache2"
-
-- name: enable https
-  shell: 'grep -q "VirtualHost .*:443" * || a2ensite default-ssl.conf'
-  args:
-    chdir: /etc/apache2/sites-enabled/
-    creates: default-ssl.conf
-  notify: "restart apache2"
-  register: cmd_result
-  changed_when: cmd_result.stdout != '' and cmd_result.stdout is not search('skipped')
-
-- name: make sure data directory exists
-  file:
-    path: "{{ data_dir }}"
-    state: directory
-    mode: 0770
-    owner: www-data
-    group: www-data
-
-## install nextcloud:
-- name: download nextcloud archive
-  get_url:
-    url: "{{ nc_download }}"
-    dest: /tmp/nextcloud.tar.bz2
-    checksum: "{{ nc_checksum }}"
-  when: run_in_installer|default(false)|bool
-
-- name: unpack downloaded nextcloud archive
-  unarchive:
-    src: /tmp/nextcloud.tar.bz2
-    dest: "{{ www_root }}"
-    owner: www-data
-    group: www-data
-    remote_src: true
-  when: not nextcloud.stat.exists and run_in_installer|default(false)|bool
-
-- name: unpack provided nextcloud archive
-  unarchive:
-    src: nextcloud.tar.bz2
-    dest: "{{ www_root }}"
-    owner: www-data
-    group: www-data
-  when: not nextcloud.stat.exists and not run_in_installer|default(false)|bool
-
-- name: start mariadb during installation
-  command: /etc/init.d/mariadb start
-  when: run_in_installer|default(false)|bool
-
-- name: create database with name 'nextcloud'
-  mysql_db:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: nextcloud
-    state: present
-  when: not nextcloud.stat.exists
-
-- name: create database user 'nextcloud'
-  mysql_user:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: nextcloud
-    password: "{{ db_nextcloud_pwd }}"
-    priv: 'nextcloud.*:ALL'
-    state: present
-  when: not nextcloud.stat.exists
-
-- name: initialize nextcloud
-  command:
-    cmd: >
-      sudo -u www-data php ./occ maintenance:install
-      --database "mysql"
-      --database-name "nextcloud"
-      --database-user "nextcloud"
-      --database-pass "{{ db_nextcloud_pwd }}"
-      --admin-user "nc-admin"
-      --admin-pass "{{ nc_admin_pwd }}"
-      --data-dir "{{ data_dir }}"
-  args:
-    chdir: "{{ nc_dir }}"
-  no_log: true
-  when: not nextcloud.stat.exists
-
-- name: dump nc-admin password
-  shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
-  no_log: true
-  when: not nextcloud.stat.exists
-
-- name: enable APCu memcache
-  command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu'
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  when: not nextcloud.stat.exists
-
-- name: enable acpu for nextcloud updates
-  lineinfile:
-    path: /etc/php/{{ php_ver.stdout }}/mods-available/apcu.ini
-    line: "apc.enable_cli=1"
-
-- name: allow access from LAN
-  command: sudo -u www-data php ./occ config:system:set trusted_domains {{ item[0] }} --value='{{ item[1] }}'
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  when: not nextcloud.stat.exists
-  loop:
-    - [1, '192.168.*.*']
-    - [2, '10.*.*.*']
-    - [3, '172.16.*.*']
-
-## nextcloudcron
-- name: provide nextcloudcron.service and .timer
-  copy:
-    src: "{{ item }}"
-    dest: "/etc/systemd/system/{{ item }}"
-    mode: 0644
-  with_items:
-    - nextcloudcron.service
-    - nextcloudcron.timer
-  notify: "enable nextcloudcron.timer"
-
-- name: add default NIC to public zone
-  firewalld:
-    interface: "{{ ansible_default_ipv4.interface }}"
-    zone: public
-    permanent: true
-    immediate: true
-    state: enabled
-  when: not run_in_installer|default(false)|bool
-
-- name: add default NIC to public zone, offline
-  command: "firewall-offline-cmd --add-interface={{ ansible_default_ipv4.interface }} --zone=public"
-  when: run_in_installer|default(false)|bool
-
-- name: allow https in firewalld
-  firewalld:
-    zone: public
-    service: https
-    permanent: true
-    immediate: true
-    state: enabled
-  when: not run_in_installer|default(false)|bool
-
-- name: allow https in firewalld, offline
-  command: "firewall-offline-cmd --add-service=https"
-  when: run_in_installer|default(false)|bool
-
-#################################################################
-## kerberox integration:
-
-- name: install libapache2-mod-auth-gssapi
-  apt:
-    name: libapache2-mod-auth-gssapi
-    state: latest # noqa package-latest
-  when: "'kerberize' in role_names"
-  notify: "restart apache2"
-
-- name: copy keytab for www-data
-  copy:
-    src: /etc/krb5.keytab
-    dest: /etc/krb5.keytab.http
-    group: www-data
-    mode: "0640"
-    remote_src: true
-    force: false
-  when: "'kerberize' in role_names"
-  notify: "restart apache2"
-
-- name: provide kerberos SSO config
-  copy:
-    src: krb5-nextcloud.conf
-    dest: /etc/apache2/sites-available/krb5-nextcloud.conf
-    mode: 0644
-  when: "'kerberize' in role_names"
-  notify: "restart apache2"
-
-- name: enable kerberos access to nextcloud site
-  command: a2ensite krb5-nextcloud.conf
-  args:
-    creates: /etc/apache2/sites-enabled/krb5-nextcloud.conf
-  notify: "restart apache2"
-  when: "'kerberize' in role_names"
-
-- name: allow https in firewalld
-  firewalld:
-    zone: internal
-    service: https
-    permanent: true
-    immediate: true
-    state: enabled
-  when: not run_in_installer|default(false)|bool and 'kerberize' in role_names
-
-- name: allow https in firewalld, offline
-  command: "firewall-offline-cmd --add-service=https --zone=internal"
-  when: run_in_installer|default(false)|bool and 'kerberize' in role_names
-
-- name: allow access from kerberized LAN
-  command: sudo -u www-data php ./occ config:system:set trusted_domains 2 --value='{{ ansible_hostname }}.{{ ansible_domain }}'
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  when: not nextcloud.stat.exists and 'kerberize' in role_names
-
-
-# sudo -u www-data php ./occ app:enable user_ldap
-# sudo -u www-data php ./occ app:install user_saml
-# sudo -u www-data php ./occ ldap
diff --git a/roles/nextcloudupgrade/handlers/main.yml b/roles/nextcloudupgrade/handlers/main.yml
deleted file mode 100644
index dfe1270..0000000
--- a/roles/nextcloudupgrade/handlers/main.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-## DB fixes (only on upgrade)
-- name: add missing indices, columns and convert filecache
-  command: "{{ item }}"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  register: cmd_result
-  changed_when: cmd_result.stdout is search("updated successfully")
-  with_items:
-    - "sudo -u www-data php ./occ db:add-missing-indices"
-    - "sudo -u www-data php ./occ db:add-missing-columns"
-    - "sudo -u www-data php ./occ -n db:convert-filecache-bigint"
-  listen: update and fix data base
diff --git a/roles/nextcloudupgrade/tasks/main.yml b/roles/nextcloudupgrade/tasks/main.yml
deleted file mode 100644
index 7d6d0a5..0000000
--- a/roles/nextcloudupgrade/tasks/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: check/run upgrade
-  command: sudo -u www-data php updater.phar --no-interaction
-  args:
-    chdir: "{{ nc_dir }}/updater"
-    warn: false
-  register: upgrade_result
-  changed_when: upgrade_result.stdout is not search('Nothing to do.')
-  notify: update and fix data base
-
-- name: update apps
-  command: "sudo -u www-data php ./occ app:update --all"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  register: cmd_result
-  changed_when: cmd_result.stdout | length > 0
-
-- name: install extra apps
-  command: "sudo -u www-data php ./occ app:install {{ item }}"
-  args:
-    chdir: "{{ nc_dir }}"
-    warn: false
-  with_items: "{{ nc_apps }}"
-  register: cmd_result
-  changed_when: cmd_result.stdout is not search('already installed')
-  failed_when: cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
diff --git a/roles/nfsserver/defaults/main.yml b/roles/nfsserver/defaults/main.yml
deleted file mode 100644
index 4aea529..0000000
--- a/roles/nfsserver/defaults/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-export_root: /srv/nfs4
-lan_homes: /home/lan
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-min_id: 10000
-min_id_sssd: 5000
-max_id_sssd: 20000
diff --git a/roles/nfsserver/handlers/main.yml b/roles/nfsserver/handlers/main.yml
deleted file mode 100644
index 224f948..0000000
--- a/roles/nfsserver/handlers/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- name: bind mount exported dir
-  mount:
-    path: "{{ export_root }}/home/"
-    src: "{{ lan_homes }}"
-    fstype: none
-    state: mounted
-    opts: bind
-  listen: "bind mount exported dirs"
-
-- name: restart nfs-kernel-server
-  service: name=nfs-kernel-server state=restarted enabled=yes
-  listen: "restart nfs-kernel-server"
-
-- name: restart rpc-svcgssd
-  service: name=rpc-svcgssd state=restarted enabled=yes
-  listen: "restart rpc-svcgssd"
-
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: restart dnsmasq
-  service: name=dnsmasq state=restarted enabled=yes
-  listen: "restart dnsmasq"
diff --git a/roles/nfsserver/tasks/main.yml b/roles/nfsserver/tasks/main.yml
deleted file mode 100644
index 65ad478..0000000
--- a/roles/nfsserver/tasks/main.yml
+++ /dev/null
@@ -1,94 +0,0 @@
-## Install and configure nfs-server
----
-- name: check if ansible domain is nonempty
-  fail: msg="The machine's domain must not be empty."
-  when: ansible_domain | length == 0
-
-- name: check if we are installing
-  stat: path=/etc/exports
-  register: exports
-
-- name: install nfs-kernel-server
-  apt:
-    name:
-      - nfs-kernel-server
-    state: latest # noqa package-latest # noqa package-latest
-
-- name: make sure the export paths exists
-  file: path={{ export_root }}/home/ state=directory recurse=yes
-
-- name: make sure the lan homes exists
-  file: path={{ lan_homes }} state=directory recurse=yes
-  notify: "bind mount exported dirs"
-
-- name: configure exports
-  blockinfile:
-    dest: /etc/exports
-    insertbefore: EOF
-    block: |
-      {{ export_root }}         {{ ipaddr_lan | ipaddr('subnet') }}(sec=krb5p,rw,fsid=0,crossmnt,no_subtree_check)
-      {{ export_root }}/home/   {{ ipaddr_lan | ipaddr('subnet') }}(sec=krb5p,rw,no_subtree_check)
-  notify: "restart nfs-kernel-server"
-
-- name: "make 'nfs' an alias hostname resolvable from the LAN"
-  replace:
-    path: /etc/hosts
-    regexp: "^({{ ipaddr_lan | ipaddr('address') }}\\s.+)$"
-    replace: '\1 nfs'
-  when: not exports.stat.exists
-
-- name: check if there is a local kadmin
-  stat: path=/usr/sbin/kadmin.local
-  register: kadmin
-
-- name: create machine principal
-  command: kadmin.local -q "addprinc -randkey nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
-  when: kadmin.stat.exists and not exports.stat.exists
-
-- name: add principal to the keytab
-  command: kadmin.local -q "ktadd nfs/{{ ansible_hostname }}.{{ ansible_domain }}"
-  notify: "restart rpc-svcgssd"
-  when: kadmin.stat.exists and not exports.stat.exists
-
-- name: install sssd-krb5
-  apt:
-    name:
-      - sssd-krb5
-      - sssd-ldap
-      - sssd-tools     ##  sss_cache -U -G
-    state: latest # noqa package-latest
-  when: kadmin.stat.exists
-
-- name: provide identities from directory
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
-  when: kadmin.stat.exists
-
-- name: copy home from /etc/skel for dummy user foo
-  shell: cp -r /etc/skel {{ lan_homes }}/foo && chmod -R o-rwx {{ lan_homes }}/foo && chown -R {{ min_id }}:{{ min_id }} {{ lan_homes }}/foo
-  args:
-    creates: "{{ lan_homes }}/foo"
-  when: foo_pwd is defined and foo_pwd | length > 0
-
-- name: check if our dnsmasq is used
-  stat: path=/etc/dnsmasq.d/dnsmasq-dhcp
-  register: dnsmasq
-
-- name: send domain to clients
-  template:
-    src: dhcp-send-domain.j2
-    dest: /etc/dnsmasq.d/dhcp-send-domain
-    mode: 0644
-  notify: "restart dnsmasq"
-  when: dnsmasq.stat.exists
-
-- name: allow nfs service in firewalld
-  firewalld:
-    zone: internal
-    service: nfs
-    permanent: true
-    immediate: true
-    state: enabled
diff --git a/roles/nfsserver/templates/dhcp-send-domain.j2 b/roles/nfsserver/templates/dhcp-send-domain.j2
deleted file mode 100644
index 6933a9e..0000000
--- a/roles/nfsserver/templates/dhcp-send-domain.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-expand-hosts
-domain={{ ansible_domain }}
diff --git a/roles/nfsserver/templates/sssd.conf.j2 b/roles/nfsserver/templates/sssd.conf.j2
deleted file mode 100644
index 815ea54..0000000
--- a/roles/nfsserver/templates/sssd.conf.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-[sssd]
-domains = LDAP
-config_file_version = 2
-
-[nss]
-filter_groups = root
-filter_users = root
-
-[pam]
-
-[domain/LDAP]
-id_provider = ldap
-ldap_uri = ldap://{{ ansible_hostname }}/
-ldap_search_base = {{ basedn }}
-
-auth_provider = krb5
-krb5_server = {{ ansible_hostname }}
-krb5_realm = {{ ansible_domain | upper }}
-cache_credentials = false
-
-min_id = {{ min_id_sssd }}
-max_id = {{ max_id_sssd }}
diff --git a/roles/prepare4clients/handlers/main.yml b/roles/prepare4clients/handlers/main.yml
deleted file mode 100644
index dc6f9ad..0000000
--- a/roles/prepare4clients/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: start git-repo
-  systemd:
-    daemon_reload: true
-    name: git-repo
-    state: started
-    enabled: true
-  listen: start git-repo
diff --git a/roles/prepare4clients/tasks/main.yml b/roles/prepare4clients/tasks/main.yml
deleted file mode 100644
index 9b1415c..0000000
--- a/roles/prepare4clients/tasks/main.yml
+++ /dev/null
@@ -1,241 +0,0 @@
-- name: make sure ansible is available
-  apt:
-    name: ansible
-    state: latest # noqa package-latest
-
-- name: generate ssh key
-  command: "su -l {{ ansible_user }} -c \"ssh-keygen -t rsa -f /home/{{ ansible_user }}/.ssh/id_rsa -P ''\""
-  args:
-    creates: "/home/{{ ansible_user }}/.ssh/id_rsa"
-    warn: false
-
-- name: slurp public key
-  slurp:
-    src: "/home/{{ ansible_user }}/.ssh/id_rsa.pub"
-  register: sshpubkey
-
-# The following seems to be necessary to get rid of a newline:
-- name: define variable
-  set_fact:
-    sshpubkey: "{{ sshpubkey['content'] | b64decode | replace('\n', '') }}"
-
-- name: enable backports in preseed file
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^#(apt-setup-udeb.*)$'
-    replace: '\1'
-
-- name: preseed client - add firmware-linux, ansible and git
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(d-i pkgsel/include string firmware-linux)$'
-    replace: '#\1\nd-i pkgsel/include string firmware-linux ansible git'
-
-- name: insert start of managed block
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(### This command is run just before the install finishes:)'
-    replace: '#\1\n# BEGIN ANSIBLE MANAGED BLOCK preseed/late_command'
-
-- name: insert end of managed block
-  replace:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    regexp: '^(## When installing.*)'
-    replace: '# END ANSIBLE MANAGED BLOCK preseed/late_command\n#\1'
-
-- name: insert block
-  blockinfile:
-    dest: "{{ tftp_root }}/d-i/{{ di_dist }}/preseed.cfg"
-    insertafter: "^### This command is run just before the install finishes:"
-    block: |
-      d-i preseed/late_command string \
-      mkdir -p /target/home/ansible/.ssh && \
-      echo "{{ sshpubkey }}" >> /target/home/ansible/.ssh/authorized_keys ; \
-      in-target chown -R ansible:ansible /home/ansible/.ssh/ ; \
-      in-target chmod -R og= /home/ansible/.ssh/ ; \
-      [ -z "$playbook" ] || in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
-                             -i localhost, --url=git://{{ ansible_hostname }}/.git $playbook
-    marker: "# {mark} ANSIBLE MANAGED BLOCK preseed/late_command"
-
-- name: add pxe boot entries to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/pxelinux.HEAD
-    insertbefore: EOF
-    block: |
-      TIMEOUT 100
-      # Use a temporary package cache during installation, install etckeeper.
-      LABEL tmp pkg cache
-         MENU LABEL Debian stable (amd64) + temporary package cache
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
-
-      LABEL kiosk
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kiosk.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=kiosk auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
-
-      LABEL cloudbox
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + cloudbox.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=cloudbox auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=cloudbox.yml ---
-
-      LABEL edubox
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + edubox.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz hostname=edubox auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=edubox.yml ---
-
-         #LABEL daily
-         #MENU LABEL Debian daily (amd64) + preseed + kiosk.yml
-         #kernel ::/d-i/n-a/daily/amd64/linux
-         #append initrd=::/d-i/n-a/daily/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
-    marker: "# {mark} ANSIBLE MANAGED BLOCK default"
-  notify: "rebuild di-netboot-assistant menu"
-
-- name: add efi boot entries to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: EOF
-    block: |
-      # Use a temporary package cache during installation, install etckeeper.
-      menuentry 'Debian stable (amd64) + temporary package cache' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   mirror/http/proxy?=http://{{ ansible_hostname }}:3142/ pkgsel/include=etckeeper \
-                   preseed/late_command="rm -fv /target/etc/apt/apt.conf" ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + kiosk.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   hostname=kiosk auto=true priority=critical \
-                   url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + cloudbox.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   hostname=cloudbox auto=true priority=critical \
-                   url=tftp://{{ ansible_hostname }} playbook=cloudbox.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + edubox.yml' {
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   hostname=edubox auto=true priority=critical \
-                   url=tftp://{{ ansible_hostname }} playbook=edubox.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      #menuentry 'Debian daily (amd64) + preseed + kiosk.yml' {
-      #   linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical \
-      #             url=tftp://{{ ansible_hostname }} playbook=kiosk.yml ---
-      #   initrd  /d-i/n-a/daily/amd64/initrd.gz
-      #}
-    marker: "# {mark} ANSIBLE MANAGED BLOCK default"
-  notify: "rebuild di-netboot-assistant menu"
-
-########  kerberox-client #######
-
-- name: check if we operate on kerberox
-  stat: path=/usr/sbin/krb5kdc
-  register: krb5kdc
-
-- name: add kerberox-client auto pxe boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/pxelinux.HEAD
-    insertbefore: EOF
-    block: |
-      LABEL autoinstall
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
-    marker: "# {mark} ANSIBLE MANAGED BLOCK kerberox-client"
-  notify: "rebuild di-netboot-assistant menu"
-  when: krb5kdc.stat.exists
-
-- name: add kerberox-client auto efi boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: EOF
-    block: |
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + kerberox-client.yml' {
-         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   hostname=${oct4}${oct5}${oct6} domain={{ ansible_domain }} \
-                   auto=true priority=critical url=tftp://{{ ansible_hostname }} playbook=kerberox-client.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-    marker: "# {mark} ANSIBLE MANAGED BLOCK kerberox-client"
-  notify: "rebuild di-netboot-assistant menu"
-  when: krb5kdc.stat.exists
-
-########  sambox-client #######
-
-- name: check if we operate on sambox
-  stat: path=/etc/samba/smb.conf
-  register: samba
-
-- name: add sambox-client auto pxe boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/pxelinux.HEAD
-    insertbefore: EOF
-    block: |
-      LABEL autoinstall
-         MENU LABEL Debian {{ di_version }} (amd64) + preseed + sambox-client.yml
-         kernel ::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux
-         append initrd=::/d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical domain={{ ansible_domain }} url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
-    marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
-  notify: "rebuild di-netboot-assistant menu"
-  when: samba.stat.exists
-
-- name: add sambox-client auto efi boot entry to di-netboot-assistant
-  blockinfile:
-    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
-    insertbefore: EOF
-    block: |
-      menuentry 'Debian {{ di_version }} (amd64) + preseed + sambox-client.yml' {
-         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/linux \
-                   auto=true priority=critical hostname=${oct4}${oct5}${oct6} url=tftp://{{ ansible_hostname }} \
-                   playbook=sambox-client.yml ---
-         initrd  /d-i/n-pkg/images/{{ di_version }}/amd64/text/debian-installer/amd64/initrd.gz
-      }
-
-      menuentry 'Debian daily (amd64) + preseed + sambox-client.yml' {
-         regexp --set=1:oct4 --set=2:oct5 --set=3:oct6 "\:([[:xdigit:]]+)\:([[:xdigit:]]+)\:([[:xdigit:]]+)\$" $net_default_mac
-         linux   /d-i/n-a/daily/amd64/linux auto=true priority=critical hostname=${oct4}${oct5}${oct6} \
-                   url=tftp://{{ ansible_hostname }} playbook=sambox-client.yml ---
-         initrd  /d-i/n-a/daily/amd64/initrd.gz
-      }
-    marker: "# {mark} ANSIBLE MANAGED BLOCK sambox-client"
-  notify: "rebuild di-netboot-assistant menu"
-  when: samba.stat.exists
-
-######################
-
-- name: provide git repo if not available already # noqa git-latest
-  git:
-    repo: 'https://salsa.debian.org/andi/debian-lan-ansible.git'
-    dest: "{{ repo_dir }}"
-    update: false
-  become_user: "{{ ansible_user }}"
-  when: not run_in_installer|default(false)|bool
-
-- name: start git-repo
-  template:
-    src: git-repo.j2
-    dest: "/etc/systemd/system/git-repo.service"
-    mode: 0644
-  notify: start git-repo
-  when: not run_in_installer|default(false)|bool
-
-######################
-
-- name: add clients to inventory
-  blockinfile:
-    dest: /etc/ansible/hosts
-    create: true
-    mode: 0644
-    block: |
-      [kerberoxclient]
-      {{ in_inventory }}
-  when: krb5kdc.stat.exists or samba.stat.exists
diff --git a/roles/prepare4clients/templates/git-repo.j2 b/roles/prepare4clients/templates/git-repo.j2
deleted file mode 100644
index 8ac7cee..0000000
--- a/roles/prepare4clients/templates/git-repo.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-[Unit]
-Description=Start Git Daemon
-
-[Service]
-ExecStart=/usr/bin/git daemon --reuseaddr --export-all --base-path={{ repo_dir }}
-
-Restart=always
-RestartSec=500ms
-
-SyslogIdentifier=git-daemon
-DynamicUser=yes
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/sambaldap/defaults/main.yml b/roles/sambaldap/defaults/main.yml
deleted file mode 100644
index 575579c..0000000
--- a/roles/sambaldap/defaults/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: ldap
-min_id_sssd: 5000
-max_id_sssd: 20000
diff --git a/roles/sambaldap/handlers/main.yml b/roles/sambaldap/handlers/main.yml
deleted file mode 100644
index aef70e4..0000000
--- a/roles/sambaldap/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: restart smbd
-  service: name=smbd state=restarted enabled=yes
-  listen: "restart smbd"
diff --git a/roles/sambaldap/meta/main.yml b/roles/sambaldap/meta/main.yml
deleted file mode 100644
index 36ca9ba..0000000
--- a/roles/sambaldap/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies: # noqa meta-no-info
-  - role: ldap
diff --git a/roles/sambaldap/tasks/main.yml b/roles/sambaldap/tasks/main.yml
deleted file mode 100644
index 846bf69..0000000
--- a/roles/sambaldap/tasks/main.yml
+++ /dev/null
@@ -1,133 +0,0 @@
-## Install and configure samba-ldap.
----
-- name: check if samba is already there
-  stat: path=/etc/ldap/schema/samba.ldif
-  register: samba_ldap
-
-- name: install samba and provide samba schema
-  apt:
-    name:
-      - samba
-      - sssd-ldap
-    state: latest # noqa package-latest
-
-- name: provide identities from LDAP
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
-
-- name: prepare samba schema
-  command: cp /usr/share/doc/samba/examples/LDAP/samba.ldif /etc/ldap/schema/
-  args:
-    creates: /etc/ldap/schema/samba.ldif
-
-- name: activate samba.ldif schema
-  command: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif
-  when: not samba_ldap.stat.exists
-
-- name: add indexes to LDAP
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcDbIndex:
-        - sambaSID eq
-        - sambaPrimaryGroupSID eq
-        - sambaGroupType eq
-        - sambaSIDList eq
-        - sambaDomainName eq
-    state: present
-
-- name: modify ACLs to account for Samba
-  ldap_attrs:
-    dn: "olcDatabase={1}mdb,cn=config"
-    attributes:
-      olcAccess:
-        - >-
-          to attrs=userPassword
-          by self write
-          by anonymous auth
-          by * none
-        - >-
-          to attrs=shadowLastChange
-          by self write
-          by * read
-        - >-
-          to attrs=sambaNTPassword
-          by dn.exact=cn=admin,{{ basedn }} write
-          by self write
-          by * none
-        - >-
-          to * by * read
-    ordered: true
-    state: exact
-
-- name: configure smb ldap backend
-  blockinfile:
-    dest: /etc/samba/smb.conf
-    insertafter: '^\s*server role ='
-    block: |
-      ####### LDAP Settings #######
-      passdb backend = ldapsam:ldapi:///
-      ldap suffix = {{ basedn }}
-      ldap user suffix = ou=people
-      ldap group suffix = ou=groups
-      ldap machine suffix = ou=computers
-      ldap idmap suffix = ou=idmap
-      ldap admin dn = cn=admin,{{ basedn }}
-      ldap ssl = no
-      ldap passwd sync = yes
-  notify: restart smbd
-
-- name: make smb homes writable
-  replace:
-    path: /etc/samba/smb.conf
-    regexp: '^(\s*read only =) yes$'
-    replace: '\1 no'
-    after: '\[homes\]'
-    before: '\[.+\]'
-  notify: restart smbd
-
-- name: modify samba default create mask
-  replace:
-    path: /etc/samba/smb.conf
-    regexp: '^(\s*create mask =) 0700'
-    replace: '\1 0600'
-    after: '\[homes\]'
-    before: '\[.+\]'
-  notify: restart smbd
-
-- name: slurp admin password for samba setup
-  slurp:
-    src: "{{ ldap_admin_pwd_file }}"
-  register: ldap_admin_pwd
-  no_log: true
-  when: not samba_ldap.stat.exists
-
-- name: make samba admin password available to smbd
-  command: smbpasswd -w "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
-  no_log: true
-  notify: restart smbd
-  when: not samba_ldap.stat.exists
-
-- name: flush all handlers
-  meta: flush_handlers
-
-- name: add samba attributes to dummy user foo
-  command:
-    cmd: smbpasswd -s -a foo
-    stdin: "{{ foo_pwd }}\n{{ foo_pwd }}"
-  when: foo_pwd is defined and foo_pwd | length > 0
-
-########################
-
-- name: allow services in firewalld
-  firewalld:
-    zone: internal
-    service: "{{ item }}"
-    permanent: true
-    immediate: true
-    state: enabled
-  with_items:
-    - samba
diff --git a/roles/sambaldap/templates/sssd.conf.j2 b/roles/sambaldap/templates/sssd.conf.j2
deleted file mode 100644
index 6e6ac14..0000000
--- a/roles/sambaldap/templates/sssd.conf.j2
+++ /dev/null
@@ -1,23 +0,0 @@
-[sssd]
-domains = LDAP
-config_file_version = 2
-
-[nss]
-filter_groups = root
-filter_users = root
-
-[pam]
-
-[domain/LDAP]
-id_provider = ldap
-ldap_uri = ldap://{{ ldap_server }}/
-ldap_search_base = {{ basedn }}
-
-auth_provider = ldap
-cache_credentials = true
-
-min_id = {{ min_id_sssd }}
-max_id = {{ max_id_sssd }}
-
-## remove this after providing propper certificates:
-ldap_tls_reqcert = allow
diff --git a/roles/shorewall2if/handlers/main.yml b/roles/shorewall2if/handlers/main.yml
deleted file mode 100644
index 7d41138..0000000
--- a/roles/shorewall2if/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: restart networking
-  systemd: name=networking state=restarted enabled=yes
-  listen: restart networking
-
-- name: restart shorewall
-  systemd: name=shorewall state=restarted enabled=yes
-  listen: restart shorewall
diff --git a/roles/shorewall2if/tasks/main.yml b/roles/shorewall2if/tasks/main.yml
deleted file mode 100644
index 0974a2e..0000000
--- a/roles/shorewall2if/tasks/main.yml
+++ /dev/null
@@ -1,74 +0,0 @@
-- name: add if_lan with static address
-  template:
-    src: interfaces-static.j2
-    dest: /etc/network/interfaces.d/static
-    mode: 0644
-  notify: restart networking
-
-- name: install shorewall packages
-  apt: name=shorewall state=latest # noqa package-latest
-
-- name: copy shorewall configuration
-  command: cp {{ item }} /etc/shorewall/
-  args:
-    chdir: /usr/share/doc/shorewall/examples/two-interfaces/
-    creates: "/etc/shorewall/{{ item }}"
-  with_items:
-    - interfaces
-    - snat
-    - policy
-    - rules
-    - stoppedrules
-    - zones
-  notify: restart shorewall
-
-- name: find files in /etc/shorewall/
-  find:
-    paths: /etc/shorewall/
-    use_regex: true
-    pattern: '.+[^~]$'
-    contains: '.*(eth0|eth1).*'
-  register: find_result
-  notify: restart shorewall
-
-- name: fix WAN interface name in shorewall configuration
-  replace:
-    dest: "{{ item.path }}"
-    regexp: 'eth0'
-    replace: "{{ if_wan }}"
-    backup: true
-  with_items: "{{ find_result.files }}"
-  notify: restart shorewall
-
-- name: fix LAN interface name in shorewall configuration
-  replace:
-    dest: "{{ item.path }}"
-    regexp: 'eth1'
-    replace: "{{ if_lan }}"
-    backup: true
-  with_items: "{{ find_result.files }}"
-  notify: restart shorewall
-
-- name: configure forwarding in shorewall.conf
-  replace:
-    dest: /etc/shorewall/shorewall.conf
-    regexp: 'IP_FORWARDING=Keep'
-    replace: 'IP_FORWARDING=Yes'
-    backup: true
-  notify: restart shorewall
-
-- name: configure shorewall policy
-  replace:
-    dest: /etc/shorewall/policy
-    regexp: 'loc(\s+)net(\s+)ACCEPT'
-    replace: 'loc\1all\2ACCEPT\n$FW\1all\2ACCEPT'
-    backup: true
-  notify: restart shorewall
-
-- name: configure shorewall rules
-  replace:
-    dest: /etc/shorewall/rules
-    regexp: '(SSH\(ACCEPT\)\s+)loc(\s+\$FW)'
-    replace: '\1all\2'
-    backup: true
-  notify: restart shorewall
diff --git a/roles/shorewall2if/templates/interfaces-static.j2 b/roles/shorewall2if/templates/interfaces-static.j2
deleted file mode 100644
index 9724fa4..0000000
--- a/roles/shorewall2if/templates/interfaces-static.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-auto {{ if_lan }}
-allow-hotplug {{ if_lan }}
-iface {{ if_lan }} inet static
-  address {{ ipaddr_lan }}
diff --git a/roles/smbsshfsclient/defaults/main.yml b/roles/smbsshfsclient/defaults/main.yml
deleted file mode 100644
index d2c6c70..0000000
--- a/roles/smbsshfsclient/defaults/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-basedn: "{{ 'dc=' + ( ansible_domain | replace('^.','') | replace('.$','') | replace('.',',dc=')) }}"
-ldap_server: ldap
-home_server: homes
-min_id_sssd: 5000
-max_id_sssd: 20000
diff --git a/roles/smbsshfsclient/handlers/main.yml b/roles/smbsshfsclient/handlers/main.yml
deleted file mode 100644
index d54b258..0000000
--- a/roles/smbsshfsclient/handlers/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: reload systemd
-  systemd:
-    daemon_reload: true
-  listen: "reload systemd"
diff --git a/roles/smbsshfsclient/tasks/main.yml b/roles/smbsshfsclient/tasks/main.yml
deleted file mode 100644
index 922c34d..0000000
--- a/roles/smbsshfsclient/tasks/main.yml
+++ /dev/null
@@ -1,77 +0,0 @@
----
-- name: install needed packages
-  apt:
-    name:
-      - sssd-ldap
-      - libpam-mount
-      - cifs-utils
-      - sshfs
-      - hxtools
-    state: latest # noqa package-latest
-
-- name: add URI to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "URI ldap://ldap/"
-    insertafter: "#URI.*"
-
-- name: add BASE to ldap.conf
-  lineinfile:
-    dest: /etc/ldap/ldap.conf
-    line: "BASE {{ basedn }}"
-    insertafter: "#BASE.*"
-
-- name: enable pam_umask
-  lineinfile:
-    dest: /etc/pam.d/common-session
-    line: "session optional pam_umask.so usergroups"
-
-- name: provide identities from directory
-  template:
-    src: sssd.conf.j2
-    dest: /etc/sssd/sssd.conf
-    mode: 0600
-  notify: restart sssd
-
-- name: configure pam_mount # interesting options: posix,mfsymlinks,nomapposix,noperm
-  blockinfile:
-    dest: /etc/security/pam_mount.conf.xml
-    block: |
-      <!-- volume
-        fstype="cifs"
-        server="{{ home_server }}"
-        path="%(USER)"
-        mountpoint="/home/lan/%(USER)"
-        options="idsfromsid,modefromsid,mfsymlinks"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume -->
-      <volume
-        fstype="fuse"
-        path="sshfs#%(USER)@{{ home_server }}:"
-        mountpoint="/home/lan/%(USER)"
-        options="allow_other,default_permissions,reconnect,password_stdin"
-        ssh="0" noroot="0"
-      ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
-    insertafter: "<!-- Volume definitions -->"
-
-- name: make sure umount is not blocked
-  replace:
-    path: /etc/security/pam_mount.conf.xml
-    regexp: '<logout wait="0".*'
-    replace: '<logout wait="3000" hup="yes" term="yes" kill="yes"/>'
-
-- name: make sure .ssh exists
-  file:
-    path: /root/.ssh
-    state: directory
-    mode: '0700'
-
-- name: fetch homes server host key for sshfs
-  shell:
-    cmd: ssh-keyscan -H {{ home_server }} >> /root/.ssh/known_hosts
-    creates: /root/.ssh/known_hosts
-
-## gnome-keyring fails with sshfs:
-- name: disable gnome-keyring-daemon
-  command:
-    cmd: dpkg-divert --divert /usr/bin/gnome-keyring-daemon.distrib --rename /usr/bin/gnome-keyring-daemon
-    creates: /usr/bin/gnome-keyring-daemon.distrib
diff --git a/roles/smbsshfsclient/templates/sssd.conf.j2 b/roles/smbsshfsclient/templates/sssd.conf.j2
deleted file mode 100644
index f39b856..0000000
--- a/roles/smbsshfsclient/templates/sssd.conf.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-[sssd]
-domains = LDAP
-config_file_version = 2
-
-[nss]
-filter_groups = root
-filter_users = root
-
-[pam]
-
-[domain/LDAP]
-id_provider = ldap
-ldap_uri = ldap://{{ ldap_server }}/
-ldap_search_base = {{ basedn }}
-
-auth_provider = ldap
-cache_credentials = true
-
-min_id = {{ min_id_sssd }}
-max_id = {{ max_id_sssd }}
-
-ldap_tls_reqcert = allow
diff --git a/roles/transparentsquid/files/store_id_regex.conf b/roles/transparentsquid/files/store_id_regex.conf
deleted file mode 100644
index 3d88f21..0000000
--- a/roles/transparentsquid/files/store_id_regex.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-^http:\/\/.+\/(.+\.deb)	http://debian.mirrors.squid.internal/Archive-http/$1
-^http:\/\/.+\/(.+\.udeb)	http://debian.mirrors.squid.internal/Archive-http/$1
diff --git a/roles/transparentsquid/handlers/main.yml b/roles/transparentsquid/handlers/main.yml
deleted file mode 100644
index c103a79..0000000
--- a/roles/transparentsquid/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: restart squid
-  service: name=squid state=restarted enabled=yes
-  listen: "restart squid"
diff --git a/roles/transparentsquid/tasks/main.yml b/roles/transparentsquid/tasks/main.yml
deleted file mode 100644
index 63f1199..0000000
--- a/roles/transparentsquid/tasks/main.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-- name: install squid package
-  apt:
-    name: squid
-    state: latest # noqa package-latest
-
-- name: configure squid extra lines
-  lineinfile:
-    dest: /etc/squid/squid.conf
-    line: "{{ item.line }}"
-    insertafter: "{{ item.insertafter }}"
-  with_items:
-    - line: "http_access allow localnet"
-      insertafter: "#http_access allow localnet"
-    - line: "http_port 3129 intercept"
-      insertafter: "http_port 3128"
-    - line: "maximum_object_size_in_memory 10240 KB"
-      insertafter: "# maximum_object_size_in_memory"
-    - line: "maximum_object_size 512 MB"
-      insertafter: "# maximum_object_size"
-    - line: "cache_dir aufs /var/spool/squid 20000 16 256"
-      insertafter: "#cache_dir ufs /var/spool/squid"
-  notify: "restart squid"
-
-- name: configure squid store IDs
-  blockinfile:
-    dest: /etc/squid/squid.conf
-    insertbefore: "TAG: store_miss"
-    block: |
-      store_id_program /usr/lib/squid/storeid_file_rewrite /etc/squid/store_id_regex.conf
-    marker: "# {mark} ANSIBLE MANAGED BLOCK store_id"
-  notify: "restart squid"
-
-- name: provide store_id_regex.conf
-  copy:
-    src: store_id_regex.conf
-    dest: /etc/squid/store_id_regex.conf
-    mode: 0644
-  notify: "restart squid"
-
-- name: configure squid as package cache
-  blockinfile:
-    dest: /etc/squid/squid.conf
-    insertbefore: "# Add any of your own refresh_pattern entries above these."
-    block: |
-      # refresh pattern for debs and udebs
-      refresh_pattern deb$ 129600 100% 129600
-      refresh_pattern udeb$ 129600 100% 129600
-      refresh_pattern tar.gz$ 129600 100% 129600
-      refresh_pattern tar.xz$ 129600 100% 129600
-      refresh_pattern tar.bz2$ 129600 100% 129600
-      # always refresh Packages and Release files
-      refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
-      refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
-      refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
-      refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0
-    marker: "# {mark} ANSIBLE MANAGED BLOCK refresh_pattern"
-  notify: "restart squid"
-
-- name: redirect www traffic in shorewall
-  lineinfile:
-    dest: /etc/shorewall/rules
-    line: "REDIRECT loc 3129 tcp www"
-  notify: "restart shorewall"
diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml
deleted file mode 100644
index f6b46a8..0000000
--- a/roles/webserver/tasks/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- name: install some packages
-  apt: name={{ item }} state=latest # noqa package-latest
-  with_items:
-    - unattended-upgrades
-    - screen
-    - python-certbot-apache
diff --git a/sambox-client.yml b/sambox-client.yml
deleted file mode 100644
index 5588c82..0000000
--- a/sambox-client.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-# This playbook deploys a client for the kerberox LAN.
-
-- name: apply configuration to the machines
-  hosts: all
-  remote_user: ansible
-  become: true
-  vars:
-    extra_pkgs:
-      - webext-privacy-badger
-      - webext-ublock-origin
-    extra_pkgs_bpo: []  # [ libreoffice ]
-    ansible_python_interpreter: "/usr/bin/python3"
-
-  roles:
-    - up2date_debian
-    - smbsshfsclient
-    ## Choose either gnome or KDE:
-    # - gnome
-    # - kde
diff --git a/sambox.yml b/sambox.yml
deleted file mode 100644
index 6bf8c04..0000000
--- a/sambox.yml
+++ /dev/null
@@ -1,56 +0,0 @@
----
-## This playbook deploys the sambox server.  Add 'hostname=XXX' and 'domain=YYY'
-## to the installer boot parameters to set hostname and domain.
-##
-
-- name: apply configuration to the sambox server
-  hosts: all
-  remote_user: ansible
-  become: true
-
-  vars:
-    ## This interface provides the default route:
-    if_wan: "{{ ansible_default_ipv4.interface }}"
-
-    ## Use the first remaining interface for the LAN:
-    if_lan: "{{ ansible_interfaces | difference([if_wan, 'lo']) | first }}"
-
-    ## LAN IP address range:
-    ipaddr_lan: 192.168.0.10/24
-    ipaddr_lan_threeoct: "{{ ipaddr_lan.split('.')[0:3] | join('.') }}"
-    ipaddr_lan_ptr: "{{ (ipaddr_lan | ipaddr('revdns')).split('.')[1:] | join('.') }}"
-    ipaddr_lan_ptr_threeoct: "{{ ipaddr_lan_ptr.split('.')[0:3] | join('.') }}"
-    dhcp_start: 192.168.0.50
-    dhcp_stop: 192.168.0.150
-    in_inventory: 192.168.0.[50:150]
-
-    di_dist: "{{ ansible_distribution_release }}"
-    di_version: "{{ ansible_distribution_major_version }}"
-    di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
-
-    ansible_user: ansible
-    repo_dir: "/home/{{ ansible_user }}/debian-lan"
-    ansible_python_interpreter: "/usr/bin/python3"  ## needed for firewalld module
-
-  vars_prompt:
-    - name: "foo_pwd"
-      prompt:
-        In case you would like to prepare a test user 'foo' and have
-        not done so yet, provide foo's password here.  Leave empty to
-        just continue
-      private: true
-
-  pre_tasks:
-    - name: validate if interfaces are available
-      fail:
-        msg: "Interfaces {{ ansible_interfaces }} found. WAN: '{{ if_wan }}', LAN: '{{ if_lan }}'.  Two NICs needed."
-      when: (if_lan not in ansible_interfaces) or (if_wan not in ansible_interfaces) or (if_lan == if_wan)
-
-  roles:
-    - up2date_debian
-    - firewalld2if
-    - netbootinstaller
-    - dnsdhcptftp
-    - aptcacher
-    - sambaldap
-    - prepare4clients