From 09bc9215c416b482a0ef2f0d701e1d25a314c34b Mon Sep 17 00:00:00 2001 From: Kienan Stewart Date: Wed, 9 Aug 2023 11:52:54 -0400 Subject: [PATCH] ansible: Add and manage replacement git-mirror instance Signed-off-by: Kienan Stewart Change-Id: Ib38ceeca6f83b05e975ad7013fcd6d2d52e793f3 --- automation/ansible/host_vars/git-mirror02.yml | 61 ++++++++ automation/ansible/hosts | 3 + .../ansible/roles/gitmirror/defaults/main.yml | 73 ++++++++++ .../files/grokmirror_2.0.11-1_all.deb | Bin 0 -> 55810 bytes .../ansible/roles/gitmirror/files/update.sh | 58 ++++++++ .../ansible/roles/gitmirror/handlers/main.yml | 13 ++ .../ansible/roles/gitmirror/tasks/main.yml | 137 ++++++++++++++++++ .../roles/gitmirror/tasks/mirror_instance.yml | 22 +++ .../roles/gitmirror/templates/apache2.conf.j2 | 25 ++++ .../roles/gitmirror/templates/cgitrc.j2 | 10 ++ .../gitmirror/templates/grokmirror.conf.j2 | 16 ++ automation/ansible/site.yml | 4 + automation/ansible/vars/ci-instances.yml | 16 ++ 13 files changed, 438 insertions(+) create mode 100644 automation/ansible/host_vars/git-mirror02.yml create mode 100644 automation/ansible/roles/gitmirror/defaults/main.yml create mode 100644 automation/ansible/roles/gitmirror/files/grokmirror_2.0.11-1_all.deb create mode 100644 automation/ansible/roles/gitmirror/files/update.sh create mode 100644 automation/ansible/roles/gitmirror/handlers/main.yml create mode 100644 automation/ansible/roles/gitmirror/tasks/main.yml create mode 100644 automation/ansible/roles/gitmirror/tasks/mirror_instance.yml create mode 100644 automation/ansible/roles/gitmirror/templates/apache2.conf.j2 create mode 100644 automation/ansible/roles/gitmirror/templates/cgitrc.j2 create mode 100644 automation/ansible/roles/gitmirror/templates/grokmirror.conf.j2 diff --git a/automation/ansible/host_vars/git-mirror02.yml b/automation/ansible/host_vars/git-mirror02.yml new file mode 100644 index 0000000..f5961e8 --- /dev/null +++ b/automation/ansible/host_vars/git-mirror02.yml @@ -0,0 +1,61 @@ +--- +cgit_sections: + - section: git + clone-url: git://git-mirror.internal.efficios.com/git/$CGIT_REPO_URL + scan-path: /storage/git-mirror/gitdaemon/export/git + - section: kernel + clone-url: git://git-mirror.internal.efficios.com/kernel/$CGIT_REPO_URL + project-list: /storage/git-mirror/gitdaemon/kernel/projects.list + scan-path: /storage/git-mirror/gitdaemon/export/kernel + - section: lttng + clone-url: git://git-mirror.internal.efficios.com/lttng/$CGIT_REPO_URL + project-list: /storage/git-mirror/gitdaemon/lttng/projects.list + scan-path: /storage/git-mirror/gitdaemon/export/lttng + - section: efficios + clone-url: git://git-mirror.internal.efficios.com/efficios/$CGIT_REPO_URL + project-list: /storage/git-mirror/gitdaemon/efficios/projects.list + scan-path: /storage/git-mirror/gitdaemon/export/efficios +cgit_export_links: + efficios: '../efficios' + lttng: '../lttng' + git: '../git' + kernel: '../kernel/pub/scm/linux/kernel/git' + +git_daemon_conf: + GIT_DAEMON_ENABLE: 'true' + GIT_DAEMON_USER: 'gitdaemon' + GIT_DAEMON_OPTIONS: '"--export-all --max-connections=128"' + GIT_DAEMON_BASE_PATH: '/storage/git-mirror/gitdaemon/export' + GIT_DAEMON_DIRECTORY: '/storage/git-mirror/gitdaemon/export' + +grokmirror_instances: + efficios.com: + core: + toplevel: '/storage/git-mirror/gitdaemon/efficios' + log: '/var/log/grokmirror/efficioscom.log' + remote: + site: 'https://git.efficios.com' + pull: + exclude: '*/deliverable/*' + lttng.org: + core: + toplevel: '/storage/git-mirror/gitdaemon/lttng' + log: '/var/log/grokmirror/lttngorg.log' + remote: + site: 'https://git.lttng.org' + kernel.org: + core: + toplevel: '/storage/git-mirror/gitdaemon/kernel' + log: '/var/log/grokmirror/kernelorg.log' + remote: + site: 'https://git.kernel.org' + pull: + projectslist_trimtop: '/pub/scm/linux/kernel/git' + include: + - '/pub/scm/linux/kernel/git/torvalds/linux.git' + - '/pub/scm/linux/kernel/git/stable/linux.git' + - '/pub/scm/linux/kernel/git/next/linux-next.git' + - '/pub/scm/linux/kernel/git/rt/linux-rt-devel.git' + - '/pub/scm/linux/kernel/git/rt/linux-stable-rt.git' + - '/pub/scm/linux/kernel/git/rseq/linux-rseq.git' + refresh: '3600' diff --git a/automation/ansible/hosts b/automation/ansible/hosts index 22f95ab..1b18de0 100644 --- a/automation/ansible/hosts +++ b/automation/ansible/hosts @@ -182,3 +182,6 @@ node [py3_hosts:vars] ansible_python_interpreter=python3 + +[gitmirror] +git-mirror02 \ No newline at end of file diff --git a/automation/ansible/roles/gitmirror/defaults/main.yml b/automation/ansible/roles/gitmirror/defaults/main.yml new file mode 100644 index 0000000..6d7bdaf --- /dev/null +++ b/automation/ansible/roles/gitmirror/defaults/main.yml @@ -0,0 +1,73 @@ +--- +cgit_configuration: + - ['root-title', 'EfficiOS local git mirror'] + - ['root-desc', 'mirror of common repositories used by the CI'] + - ['enable-git-config', '1'] + - ['enable-index-links', '1'] + - ['enable-log-filecount', '1'] + - ['enable-log-linecount', '1'] + - ['css', '/cgit-css/cgit.css'] + - ['logo', '/cgit-css/cgit.png'] + - ['favicon', '/cgit-css/favicon.ico'] +cgit_export_links: {} +cgit_sections: {} +cgit_tls_cert: '/etc/ssl/certs/internal.efficios.com.pem' +cgit_tls_key: '/etc/ssl/private/internal.efficios.com.key' + +git_daemon_conf: + GIT_DAEMON_ENABLE: 'false' + GIT_DAEMON_USER: 'gitdaemon' + GIT_DAEMON_BASE_PATH: '/var/lib' + GIT_DAEMON_DIRECTORY: '/var/lib/git' + +grokmirror_instances: {} +grokmirror_instance_defaults: + core: + manifest: '${toplevel}/manifest.js.gz' + loglevel: 'info' + objstore: '${toplevel}/objstore' + manifest: + pretty: 'no' + fetch_objstore: 'no' + ignore: + - /testing/* + - /private/* + check_export_ok: 'no' + remote: + manifest: '${site}/manifest.js.gz' + pull: + projectslist: '${core:toplevel}/projects.list' + projectslist_trimtop: '' + post_update_hook: '' + purge: 'yes' + purgeprotect: '5' + default_owner: 'Grokmirror User' + remotename: '_grokmirror' + pull:threads: '2' + retries: '3' + include: '*' + refresh: '600' + fsck: + frequency: '30' + statusfile: '${core:toplevel}/fsck.status.js' + ignore_errors: + - 'notice:' + - 'warning: disabling bitmap writing' + - 'ignoring extra bitmap file' + - 'missingTaggerEntry' + - 'missingSpaceBeforeDate' + reclone_on_errors: + - 'fatal: bad tree object' + - 'fatal: Failed to traverse parents' + - 'missing commit' + - 'missing blob' + - 'missing tree' + - 'broken link' + repack: 'yes' + extra_repack_flags: '' + extra_repack_flags_full: '--window=250 --depth=50' + commitgraph: 'yes' + prune: 'yes' + precious: 'yes' + baselines: '' + islandcores: '' diff --git a/automation/ansible/roles/gitmirror/files/grokmirror_2.0.11-1_all.deb b/automation/ansible/roles/gitmirror/files/grokmirror_2.0.11-1_all.deb new file mode 100644 index 0000000000000000000000000000000000000000..e12f34f6f450ddd7770f400ef16842b54a5f9fac GIT binary patch literal 55810 zcmaf(Q;aSQtggqlZQHhO+qSXBwr%4Z+qUgBHrLoQ=TG+8=k_#BlU}qJZPF)iQer-1 z7gH+%7&CJdYhwp`6Ke-!7jGgWB4!S5W_DI4c4kf@BBuZH|BcK{OdM=%L`47j|1~2R z76v95Q%46k7e_k=H)9tDA6K{kZ#^>?JL~^6FoL0KW&8%RD&q$7aT!6S8c63rEbJM7 zCN^QqZc$0;Ig>Vsgz{JVZPwX{W?(As*i%Q#JICY%5dkI#CIW`bW+Hsgk<|*l?{+1| zUwE*xbNG;|345Jwv3`mh<{F_71)D;Fqz)iY_?@q)opJT7=kCG^E-%xu(N z`ZspO1N%7Z7gM%aIiNU~ct$!07IrZ%jGkgwZ(0ul{s|6AuKTsiRvJ{uhx5rqA+Jd` zfZcC4VhCZ2Cza1v39@`z5Ku_TACYvvA0`R_OUV*8X{rWIO+@*aY=ahW9 zDv6)ktv>s=mOKqUyLZW4rg{206Eecn;b}s|{TV~u$xIhMuO+iCbyi+~{QLc@lH$(0 zVIT>;Z8F1-mt-VK8fQMZDL_UFo}8z>m@<(V0iVi#qCj9-ooOI(wsQ$}Q3}(hyG*?~ z$u5D8nowrV`#bpHlo`MV@7!r~J%(c{tIlO<|Gf9XmFHV#_6HLRlYlF*VGw`oZ5yd3 z)t5e}>-A^Fu$E?OGha~>APcj`NyzioEG>bqdoxS;#}bJny>wVWU^)9%oT6l!Dy@rjc23Xpx&FMPTv%jc4OK0)Mh#=h_m>LFH#Yw{ z#2!C7-XvIh#VB!Bv24`lTurupB^1>7%`E;(Uz4knkmgrewQ{I==F$^0sA^GnxB)OR0kqII{C6%8SNLv(!*8-)2K;nVI$whb zmc;{CCJ}*mj&M=|2a5+;ap57}dq|QF0wF;ng<3_v85Jf0VG8XrA-VnvQ_?Xl3?CK& zrH;>Ve#^;Rir*UUAQ`x@@;HNRR`bCD$&?5o8#O2`cX(|X1?D#*=J1^d2U#sAMIKe^ zi~<*>a%3~fbIzDV)G)VPV-0HRL*~}GQVD8sxtZb zy`afjx0%_pMA)@zVy&j62%LXw*hvD`FHoKm>To@DsWqVX0HPf#Ht|2}nkTspDQ?zt zuQW|izA|sMI&IGueo{HUyG$CbRPU@)tA}>h!jO9nl`3QLI@he+GKjv3&oExwR*@W0T+D(Mlt!7d~WIaaISX}`sqU6Vb zAz{wCHji|nHZg4CW`qqZ#$%b}Krbs36a68IvbpBl?*$YRwW}vzpQoz(hFItZzC7e| zLnAFQHu2J;JQ@FnjR;EItI&45NG)jS)6%~Bk^TBpPNq)cP$6w@N}w6PM!7`ujQ}lR zCK0zfb)(@ABP%^2Y}hmlz7CKHlmzGE7GdZ{aVAL-D(;B`X4F+TlHE1E=v(Pkl~?lU z!j$iWV6%D^a~1M==;z`^m)cY~GoRuTMQ*Sjxo5T-FBG@u_IAWvz|$EGU9oQL%bHB0 zLMl|AspXqx`QSs+8P)?|0**IY?~7XBfM%h;xG>}f9I_@I!d)srufL<#jZrx?flGbe zU3=<217f-_@0P$}%#7WP{~vb$L+byJ-0ZBJ9REY_|0VCt7>JA*J`a1M)l?;}#1^t{ z`9xcPWyqQ`fLZiIY3ABD^}Ya5sVm~+wDAZe!>P=hoPR4u0t5sE3={|f01X382VEbE ztFi9uV6Y{!D0wAa!Txo z#_D_IOVys^R1)Xl2c_PX9HO~qXK!E~GPE^;6)`RF-le0XHzuRy{Sb1};T5>(UiwC*hYx+qMfB%wFuONz_l+l8p_v|;ox1etpHtSAR#SIUt>lFAnio)8@wT$*|SEUXa0 zI7_%v@r}}A(+<0_HoRa8H)FcQ z6GZzI{=l@itF)@1H$t4r(CYVahdR6Aomno|X6uPdl|8C+>zHTNW>;?Pyb)@yS>Du2&`Mlf@*=dVpXlZ22HL7~!@woVVWn?s0_nRWcr)+i-1M32elHw!8D5mP zK6;HNf0VA1@}o?~^gxUA%T}4GS+Q+oQdp@mP*A|eL{5!~kFpt)nwVhYMMyL6*#jAQ zd3hx^#HKWpAfP}(My}&%DsYUHOXsoUrRS_EP{P8-$I6xEoJp(u)0rd_JrE@&Z|66| z{Bo~Ki~T^8b74{+eAYyYQ6VPzbqK3tQOa%@nQ&#mfPq9vo7e7TshMIC{$uZC8FL5V z-B2M+jmaZVhN;X9?avt4dA_tP;$Sie9{bcDr{(E-jD5LW>u8H+XrvDg>LJosck3+0 z+O-{%nAX9^$3iFoVfcP;*xJCVO{3UeLmX)quE!p;KdopOWMa6Io06G60J+3{H?VFtO_OW@r^ z!s=xm)y8Rqyn=)LFPud$*x#$K%m6pQ(^9u#3mmazkgglE19 zQp02NNt|?CKda?^Uh{39W@UUaIiZ0Li3CBUCnLEKOylHl@-i%nBdRj&7T9%d9UR{E zn`6aW0CTMC2PUIl8_pGjNF9nn+@=sLEUaFUdgt+k!pSp5L_at86pD0WN?_Q-rV*;` z7Ps^-DPBfma1%uy%3m%}_KCgCqUW#sN*mmlCFkngLHpum-`9&8Kg$@C9CIO{5*eW` zqtKp$VFvn@hsU$cE`hb}YXIdd1q%&@BioTOuDN7$70BJDrGi2T0G&pq`RG$dxx2I! zgKmU?KRvBjhLftgCaYE$)uiw6T?(4Audt@ax?yOx?5~|i87si6Ft(WsCvZ#li7t6E z*?94>@_FW%DOsA{6~#v5l51FzY)QE24BF39JI%g7U{itO;_@em&X{Bvr$?XsCq^p*b!=$Cg5P< z*u06?Fw?iR+^IEcnIf}c&jv#VO$JphDUMcl?6F^DA&K&BWGTuvG{R0%v!>=}><3rK zQL;i}keWeG05hzgXp#aq2z-KYqE1goCrJZ9PS}dmNV38wvvE?m$`Czo z%)k;xgdG)){0bB`846OBZQ_a`pn%PfFhdj~L5|e__rZIyr!%cT@TV*%%n>jYPAxCR zuEaZ={~amSBEvi-KUr!Urt=TmO_~`umcbD(pk!g46&>!6PAV9Rl#%H77DcLRi%Er= z20oG};*%bl7EQ&{Gs2059xx2pcoVV)nUnKSobY&xT){zZ8|L(wN@X}jSeccTk(Jy+ zEs0C67Ilg6Y{PU_Lmxy_DoL}1z75q=Pf(zEAdqmVNG9xI`ayP{DcTbeKqK2oz8}!A z6p2nMp`7?DgS`Fk+Td{u@pwfnv_*z10puS)N*me1PG%YF^I7lf4n26YwU+hB#S)yDJ&>ar3~B&~TL2+I5{5dM>? z($2c3){~W_O9wDSWD|SEVjgG2lYAcrr#wg^#jyiDV0=Wyp! z98FXD_{`ew&hF@-v*I=Pf*%%m}Zv%b`AMVA*_0NqjPF8H_oA6 z1ay1AL|G+0tO0&rN<^6`#@Wv1rnDO?YfL$Z9 z$SWUl*vq%!=eiwU2zUf^MAVGreqWpdHS$=Sn>3?)cL?M!N5$Qarn~IXv4%Q2+NL)g z^0dUJoptLxd|nphi4f?i&*>VW8%SfWoN$l*KYg>4;tEV!;RHWC8$x)DhQcQU+>-R5 z)SF&7HPPd$1)!1SlC@_>ROnIetBt|TNkpIQ$;QxMq2h2@4q?#pNbq2(2|s)IF4*O z$%R-5em<#eBzVb*68BrW`dgjfIwH18IVG)s(LJ=jmud1(+#P}k;g%L{xq9P(ukYem zY{aXuRH*D!!k4gvjbm|=$8g?TH0dQ)?)c%_;aL?tQ*6`M72HW$%rbCuQTVU$fX37( zAI;O>L{@rM1l1yoCD;hzV+8=qF0ulS<4hLR19*z2OjK)U31}F*j1SEoLD&>+{n`s1 zteWRwEIq+F_dhB=yMh~df|pGthi;?dhPqahq(Q|>gUZu= zB=PcZvp2d`4|+8RH%UJs$Tbl}&s1viDsvc9>7J86oq_$Ilp&A!g4QObV5_oMj0lR3SyM!l6vIJOj?>u6EoQorlqkz;N?43c_6 zF)Oe>O39m0oQMl7U|GRjVZe|bxx>s9Tii?``EseA_tG0$s-+Jaw~7UR(H2+wx`OI4 zG_!86mW66`70QUVIeqe07Uw)hn3Rw*EJcd+F(M4fV%ty!DzuurhB|l3v>7eiKOmoLZE~$WWaCJu1YM(Supn0nA{fN1-IqrRDtx z@d@2`<~KRi^~tD%lu>&w%S4i3ApMS*qRR?vY6Ku7o;U-%%noL_pUY5WMPr`D$6oy5 zmFwWB;%s*dx5t#!v~v6k-~y6Lv&{5XvuLsZ6edtGkgE_778#j9X4GhKXTt}=h%wA~ zg2dz$vAPx(T}%-d1iTOsj8Gs1lu#rP8F1WUIWQn!FJcdr%UP%xgfme|fi*nn^Oe=h zND%0Wl{_g0yOLBo8$Ln@Y4)wnRE-ddRK!0Ft7os@+NJE?fSTXFG+oa&p2h-|pbYhM zStmo-F5Rboy;LWpC+$Sj@S12S-Gn^~S~Cg&Y6P{VNTf2cTzGJ?gPNb=kuZr_fVNeL zmNz)$He0Hs_qM+GB`wzz@H;uR5twD(O6D2`f@k=ynXMmwu(urR{*L@QP{-$YBn9~Y5k{LzrSJ@1u?f|sZ5uY8 zQqj-a^r`L3aycGI9r|rMnGfw6&;$y4;ir3-&9~CUsSit}G5%IS4(k+iZ2AG)+4t-A zwE5N4qZz3UkkRnVu`LW3+f1FQ$19!Nj2`AIHr{soNE5N6c4XQSWh4Ayuhhugb`{iX zB=_~s36u-28k#(O)3f+hsQKp-fOhUol3-Ekxz-jtKG@~Y^P~RzBg;9}L*^w0vm+l@ zf#Y8=|Ivr+Yuc7w24!%{(w&Hx?&Xi`zxk@HdQVVd_px8;vZynI_E~)!I2L2(p>e*l zdJD^eW#iyxjrhW1U-Ys_3$+n-$Bhi|>D->NSwLtCXlQc;*I^>oZx21JZl43merwLo zD&v>ydg?7L4#s!jR|E_}Z+8rMKEnp>4tU(YFNJsZ#5^*)fT~~RFE(7@2>n$ZCZTLG zeX=}Z2%j?8`rH(mQqN$=mgvKVTAvMo*0B>Mo!;;dVgL5!XcDT6ayzq>p-g`=4OKbm z2$usbG_?$w1_%o4GxAqkZxn2|e@~`271))!Wscz{gxoPV3or99?;*E*fs3OMGZD7i z=e20z1QbQkQmN(k?XihDlBMY>eCTn)LHl?EpARP5?n+_L?A)?H93`xBulGMKV}#D5 z4OrvU&B64|%_gN>c{1ISJ98q}kiraevwP#gP1y~&FLcDJGP8Mf&UNXt@jl?VagO6;AD0lEn`Zh>C&8bOYDaRS-TCJi%;@K zxHbTe7m6xSTnAHzAQEOlNg|}awP&7lJhdeGy1vNPxT-C%ZW5^q z=^O>n_)lGC9w8u447uGZg7fux*)j)KFryQ31Tl4?MEPA_3qN?jqAS$}|B}C{x&VWo z5qa9|a(ABMvlaV)oPrbMF(8IWWA{t5$2!vHLyE1{yh6EMSUEkbvQCFmm!H=N|1w+m z#V{2bFLi35#rVvFhzFwaF-nj)n&a<^fk|t%&tuuVtAP@o)&bsuntw9bg*wNx1a`8# z+@nbMI7VbkyABcrjJutX6wMHKrFj=mW=_~fP;NmwDd2_%u@H@P-&1v6Gf679AwCud zE5cQ#veD#7#8wge)=}!w1@G4N@Mz-zNwP0<<8j5_+_}?7)sZYR&PSe)p7i|RGK{`u zLz3#Ox$uZC32{kZoXYo<;OTZ%+QlUwk0v#ocyFo(T%jbzZ8eZtDXj}vKsS{X$()df z1sVRd#?6S|hmu0L-WF40=YIlzS`PdIvBYHX8J8TYNRX3)B4`T${icyVUr<=+7a-)~ z$bVAaoIf$7erp2CvfeTzPY*$Y%ZXW@U|MW=pJFb!?%vByPX@8}eio+g9oh^-oT=z~ z-=M2wYEg1rCQ0k5LUmU`d-^~`fiS;v{R)f%8A-D`Q9_weSKC0Ba}1G`$=X8jcJU#@ zeoloizJ#c5WQ|ubFT|Pda9#M5llN4nx53W|nAE^Mq4~NiMk4<_l{J<`e-iBc`euD} ziVIx}o_%2(z8y3#CW_}q2p8E6h+ae+JxNB*aJ+bEG8N@?YOFGG z{KqOg6l`Sn@ueXtyf-9p0`qswN)~0_V}s&cRp@7;vRE+GBd%2>i9QL1Wv_$IU~x7t zvN~4GH*^Nb#Aoh}IR^Msq0#SZYiM0vrgULV0Z@ba61E=$7qyC)7O1K=$bVbq9@#5( zpR*b@qEm^*J##xRbx9Kpp_`LqJoN{rYF4j>Iu}=>bIU0_^NKL_x2(2=;(-5sBlS`wSS~3mdUO`limU()nLDbJcPdLU zo!`kIf(+?P;^UH7BRyDFK=!nx?3seTQ+F~FP9^8MEegOl z$vWXnWtV@MYbUT4R4km7MjcACo`Ie7PK$)5;{i3zR*CWTL)Mqb*dDwsacpA4bt=dB zXPjR%Gw-CrCl)g<^67RXwT7@5X;ElhC^NFn*Mw*VfX!8?#~tI zOsQ@xnr0&9D*gW8xS{X>UEK0kh|Z_TPqn2y|RVJSg(-81D(@_r~@FR zwZaOvot{EHe^LC+@4_wZ68|{+H@^(*Sz=93As7n3zN|&mTU~Ac?Wq9|nxHFMr%rMV6ZI$2+n9FC{4^anY7B>@9JZ7Ag%3YaoSr{ct zcT}JK{qXwiX8+1EQ5u;a1`2F`48n8QO-LiQU5jk*!IAOrs^xzM9Q0UIj^bF05u$js zX8Gnb1$O3_TD2?TqlJSp$~+NSDWEy*eYMS#Ee)W5fQbl-)3eTIDZ@B2dA2lb>06M| zEedxC5(+sfLSHX`C2LTddY*QgxA2PriCurH6HC-W5=o2oi3!jMvYjHa@3YgwNrc_GfJ7O$}AlbF{ zKNKl=9FqHDhbfZBNTzCK*yEEVI-ss8e9Glevpbr=R2Trc(^ysRV4g{x=Rp&*BZ^x~ zouuB_Bx?{KnBMyHtoN7?rL$?T$_nK&Wr%@R@CP4G57*{s(^`BIjYOZ%TKxHcR#&~` zRXyA^hq+}J()GRO0MgbZI}wHvz;yM0Ckj(?iT*{j+BT?Yo~XnHu?hr?js$f@Si>D5 zhlOir-ONLbo+01NOic-Ww0<-&S;cHk{CwEFHHd-`uLz6XS0Gb;dk(UsFLMk-w=`Q^ zIozae;3`C|gb|2$JzpNUbXm^Y3j5&bh4at${ZeT1Z$pB+5ijoUi5>Dw9CB(mh82mp zLwQH2H`kM=Zjy{Dnn>Jdg!{tQ83jqplGxCrz6oaQn946|87tTd`@vxM(#>>?5$4u_ ze`6KrlUcFrU`tmvcrR4clpm27ApnNzk%i~GUv?}u7wS)@m`rT%iGrV+h+%HBj$@e} z=ivzqNYf(%Y)z$k#7Sj@_9@rkw5AtWDXKP!h>@5Dh(A?`J8LIN*58XJiN zKCSK7V~AnZx(NPs_Sf;dP<5HOfv++|dr&aCk~F!J2ZY&_T5s5HrhxgkE*WGG4&j(6 zB^1gr29^CpbruYcB4SleWr3Y;R2HZ(*;8aAk-CN%LB@%4l&G9a1;CVuR&T++h-N~fKFr1j^-Us$mJpFkk%At_+Y_`pmHUHf zbr4@SG82}=;d_rojyuTs;bWiKKj+&OIrY~Xk}CVY8*+|(Egk}uOum1_aM|4m$n4*$ z5LIXr#s8LKydELgfx#t~#e6*@z#9TBq?h-4DJ*JKojDR`&WPXCKxT?zv1A*Fpttex zj*Du5r4qE(>b`*ensq!7-t6;=G|Jj&98kIGgS5{1@S97Y_D5Rt2{FN)P-tUM1QPYB zTVEc9On=7|U{NZvhxo}?!55@TRmFvNNR+(sEojC*zu3{? zU5AAPrAUl-claKYMJ{vY@THydE78KnRe#wF_agm^4{&PmJEr6D-+YE^w-L_QOhh4b z82IcGVNu&(p1TCyk8uOHw{g|QG3Ud2*}Wg*BwaE>N2={LgYD1yVwVzY6h~~65_tA| z?tT~7m(yX2tOK2T|1h0}gL%fI)xjBYkIE3Hh4j!c20Tue{&`Q`$LbE7ljF)5hvN%# zwhN&P?3~CUih!m$aF>+q3pC+;XSmq}8HDJP4*unGn5YS{75N8RJxHFrgafoH3#nr5G3+PM^&cSs*&}9!+XhF9tq>yN>q3sh*k_ z*rrFjKLQq7D?t}LYU{$+dCE<(AXCc--@xBpM<*@^F_X7_LC-!HLfpENhx$2EROg)7 zNv}NwP3($1!pPek+Xh5`n)t#8kgmkk35&^M-3y!i8>=w=v&`}RJpo;-cdy*M8xZ1D zSZ1`j+On(CLb7jRneifdM5kQOmAgAVc!1GEybCdwVYbBzH0 z)|F!6oLXhA=Bl?2AYZg2$MrDE#0Q$nnm#!rS1gjEbDkH_@QN$KZH z_ZK$L7jT!n!JmoLi$ht-qe$fT?|rp%`t3DMSO#$|!=z^8+IA#nWg8`AOH>4T!p8Nl zVIWGN)O{vfDHO>USQ`NjoWLfanL*(p4-FM47w)|rx0??^o)t|KYoDp6j7ihbMeR%rzIO<-_A}LHziTP}(w#s%u;g z|E&yUqKc#a`%`*kjjXH6YzCsJyvn|$GQFAGR6{kbruSr*9>pdKL4KJt7dnmQ81zF# z83HJWJu99~G2{YOBAXuu8=ppIT{3AJZ8S2NK%W11~}>7@X1zj7|a457Ye%jht6oczxgDAKQ`OZ+jb^x{( z&VI-i36BdAriIpM!2(XE_m%vy!$kVct7mYv2=&g>x6)^6lvQ(mRB*!KGFRoey)-zE z#S;p5p>|@O6@$U2jwIJ&)M)y{&r;)Af%L8D3ada0UOiyh>A#t}LQltv6O>-=--10z z5rK>B>Y$D_n~c}zA0{G?XXD8-7mI7K*<4LQS#oU0j-{h0Tml@9b3ehlA`MrwMZ%cP zVX{wqw)oLmKqlShJ$U9pdLQR@!>VX2Hm{J+7s5CxrO$|=(fuIOlAOui)Ed}bX;J0gbG;UP#~qT=p=s7x=;8zkGzy*Wi#6-y?{#l0rJL`5|V`%4|6-eKN^XQ6T> z>`*no9c2X`sJ}AGjiUNygi#K_oBU!h2UFuKkWdidgYT_`rR+MK4wZ*i-3z7RkCARV zi?lAV<lFQL;?9@lv@O30WeX-d$RdTjr{o#4Pt>BWg+oT~mI%CPbwJ z{!5KRo;;xb%H(OI!6pn!{i0u!ksjL+4XEXW6etqRa>SL9%8iz(!SmD#lDpMeJ;PAe zF)rGW9x{OJ99h=*8Q%?%3)bU2NLke}IgrJM!qM)8ZNSt-%>^>#UtRB5=vA5a zx5TB7?~E2kg^%(a{1?X;$+RXJL&r3dnWL4KZ`bF8lJw*_MO0d)OI_r6zl%E!F}$=J zetN8-rx^vGN}^-{oe!xPQ`baVeu0|UEljN{i2K#;X_+?pUgz9}tLh^yy5pSmQG(VD z;q%O!K)%H$)WO^hx)Y0y#klW|YvkpsE@TVwM!IFDlrbtuh|y|xBM_`L^m?OIRO3g- zHZ8Fw(W<%H!#E@L*_>ZY<~uEN;YS3;Gdt0Z?Zhkk#u$T?;HMA@?A_Fey&hO$9^@ZQ znKzuMY~2V&Z8S{DbU=JD=c`OB;?v3NaN6I{a{aIfHw@gXqSrk{_B$eN643eZk379U zlaqSG?SrXxkvt%nFDRF<(S{JJ5xPgfNL06vMMr}?Zhn5)ad?|d9#kA+U5b#JDML)x#tpkQeeo{FSfHEZYV{ECNM^I4h?6hvqY%k)<cH>~;#mRV@Bh63M^bbFP{H~DMhGOr z`^h&aQI&L*BgG;IVYK_TeRvzM8r#tYaHo_O#u;(#Xn;=8xC|YSSxWES`d0*qO@?kKL z?ja4L_EBGgxYZr1CBdPK`xm}!n_J-m(kn(~6ytH&Q_O$Z*hY8f?x zunJ0b<$-on>EX2#rG?k0AZ7?>1jiyeciUm!=wmiC;5c_QvpC_) zti#!PE`1vqqADf!Q#J17FNqITFUHYpN61hf7YYh|EBbe+n_|=PUtGbMtfxQhXY7{E zvpAtQrT+wXAvL%>pMJEb*XN^;lmbhC+6KkvxJK|2!AM(~Ua^0kND4?#h^whGpf@P3 ztBiyX_;8s-J@h(*k!{^c1+Wzhz8X|9y<7NltMf2vH4L7<@gJ=1yq!a`LFqWQz|PRb zgrVH^p-ALZD2WDF)H}284>{G^yyti^FGBKu{>eu$lBTdDmBjb=e2Lu3-{Q^}N2n!g z>T%|QpiFU-Pdah2=f6QwNcdJD^pxLxmQV;5=(a^|WcAk!DxpJ%07IHb&v93kQj;~^ zOPZ{Rl_R^@zFHe_9P0cAHFRLZYBtYJiYduswh@^M7hf z8fMBUEMn{H2sHt`-9{~{#EKsw%`E;l5$J1$LZXyKLa2{h9N)9L3mJ8ZrJJ_sRm$&LG_AN zulK{hOE7h4C-H>e%!GPd8%~^V%yFYSCPtt^hqo%W;~7Kvr?JY5(>4Hy7H5Qns}0?Y zphUdVXl7Eh7)lP7@ zsO$GGZazR$So)+ml===i;~dfdb!1#Rb3Zav8`6c=EDD&Fgr19PQ)^LUgs{`pgrr9B zeP6PZ{=s7mvfPtse>DILozbUnTckHeG9|^4cty7lu^5U(bP zSTd$}JC_C;9F_&IsrhpS85#W@MFIHLxlcW|DLK1l>@u+k4qP6Jdl|J^yBgSUd}RSo4@k@sY5 z8C*X7PpUT)z~Ni`1@Ed}?7j~y!y%P-N!RR7f0Hq=Ae9(}lvt?jI03?3wLo432F|ow zpC?3UBb*~dqg(ghteQmxb^%vWWyX6dqGX?wRaVrJ3e);{N7PpZ_m@MThH=6b17EtC znK3NZNo&y^zmMjmseInqFvkMDYm6>3)S@EYHvm1>vd%U(7z;A(R@Sxi_a@eB^4yk- zrrzpu0HuBfDL6RKG?yQ}gFi?&Z&bMC*_|<_m17=l#GZ5t0bSJM`tZ|%5IOi~Ijk&r zeFql>SE+0^SOJ|Tzy@D^QPPL^cJST~md<1;%5_>w3VVza(HR&-8ONC=?piuQ&Szst z;dw~o+J1w8L74LFgh1X!{klH0#0=M;0*{bbLNZ?rX{8VtDow!ia*T$o4#H3# z^hS=W#a1r*4tTUpbaa2}p?z2cq7rK*Zz*}9wC;eU-wa9E|4}Ey$=N%M6qR0@80S2q z;EU(4C*MMN=#S5^%JD_fNsLyTgi^|5qPL!0T9$&Crz?ml27dtQrT17@>bB%ken=D= zY-4RZ$}ZOd3xqd#Xpp_s2dd>Up>EMM+O|gz0+a!9YO;<1q>joP87KK>`pfZ~ga&u= zGM%19K)n(Z^_Ns#V4O`+zu^n&9C)K`@q#aBey=JrI&n7CgC?H!bWCu}Jo}+fQ&$5Z zloRN~b}w=?EDc51bTtBVB%FbWteW&a{z||EM?jX?WjvUc2sqKsiXCH*gT$0Ucxa9E zFhj|wST487b>(4jW29X$gVi4>1=P-0C0`K_SUMO_L>XJ9BF_ljJFS=S^Az!@Tf0=sfAy^j?lv&M(D!8{lrB{4#VQoL(1 zdf>@e0|sU27cuvos1CSI)RH+NP{d>EVDS&0Oz2q38^7dXKZ$gBv@&CcJHU(Q#*i&Q zzDU4?Dv<3W-<5NAZ^72SvBqbFk)7CdIF(k#W8$EAIb(;dvoRqeb*W9MreB(HnU|XQ zPY=GQwM{m=DN3p@%|JlA7*m0Lj@#~QXUkXBO*l(AarAv|6R(F4Pbf!%9d%(dR6zL~ zLMm`Wm0ezebs->RWtzKh*pO+o_3pq5sme2a1$kr37_kG%BX6$JH0#Bqz~Oj7YVt(U zJhI!1!O7;*hhW~?)W3$OH_-GJpj&2PLAT(`d2Pp31(}ZOSBF4|FsXtH5m6SG!jR_- zk;;mNzV1{sOd*A?!6;Tc0#WR6Mx<&hYhq1Xv4HuAx8`qd07}nmloT1A zi&K(`cr$2hxXx~u?1OdeacmLW`VTaebFG~RMQuk`ocwIgCCHoiCTfo8CixBY9To`1 zPpUxFAu^1iaTmgRjp3G0(7V7SLdd9<*vgelX$@Owq)!w@ZK&C;Y9ZJjf0C6Xx z_`_*Oz63Q)U(FzZj(%^fFYI@~5n!tQ@Z7b;-DC;zv$j>4a6$Yo_pwiw;gK6;UP10W zh>SLG`+4IU1EEvtlJV!hk!}?cOWkMkK?quf9&;ZU^sheGBKP=uIzKPH0Fa2V!lN2( zVI&{K(oXN|jLsALXmWaW@K(>5X{Cc4J$NmB!2`CVQ1}sjMsM}N>cl-0a&qv6>kd(&Sf z(USI0q-=sJ{Bd&HwxP1&(7I3n4_;rC$63jU7`(^bf@j=y?dUQAt{wyGzX@x(5bs#itpex{KmPN6SYq1wND@3GNb zI%YXn%z?F&+lWcorO*P{PNZr9XsD69ET*d0FO?O++Ehl`sfQ;-H%@A?2I$p7*7nT6z^9&t7!OXczl z%2GjB*w71?>tu>#11SfNZ&YLGDyN>3xwb8-^%R5=n<697xC-Ev^U2JdWv9Xt@T1}P zxy(GHm;uVcqXx96toT=+A9CoJe?}`EBmwXwK~04>SF4%YV8hz2R8CRgzrI5%%sM}( z&SA9ngyBZ3o#F@tkcqG4Spty&TlS8Fyu>{({?pIYeZGw~oZAKWP%`jnsF1#}3RAAY z6|(7n{|t_$MH)GIUxIs>V$}&8`mpS{KKHkte4b+mN`~pYcG#lU!q4wq0f7-hQ2e6( zXRx$fFJ6=)p8V4XDDW6_b$`pLlP zwwed?(YDj~lp(VM38*sW-iReQ>?OrT)~_VCVr)Z{t-^NOO8>;`dM~!1o38F;BPrR` z6Sc#?`*3+hUU{Km6lBk_ur8WPhGiS&!8jIOL$EN^;0s;?k%*s*Kh8@{Oa(SV!>t0+ zzr&q4Hw)b@iKyy8)$BEm$E0KVg)IgXgXcd)3Y*HgJ13zuP}?QklvjuuF{*8Q;E*oq zfU^9g8<2|>yqby8n8Y*ku#)E^*sGeWBu-mA zV{qjuT?C1apiJua&~T0D@p>%T+I2ltX{c0PB(OMzh813zbyr1Kms1OX@zPdjUIVqY zTym+xZYAP+S+LGP;Z_Cke9Nisjm?(bhW`cLd-;&u3`_03@S2?u1GZlZE6&2ML?Zeb zQU;@c1~Ho`76CY!3*eSalSIF3g2(ALTonw@smt%CfrS8?YEltR3-bi zMXQznh4aQVXshPyY)|l`SesW>23pQ{CG!C4q=IxaY;`cl{~qIuh=85bDany^<2F-UN_9qQdq}uLmRxmY`AfZC;js0 ztx)m(WG~+ajGkro?r6k5QKll*Zc>RtAYnq$D>!|mjr{FDdzEeNr|%F=S;<%+Bpb8O zJzu@9Q-7wKpQ<_WOoJUN1L7>NQ@s-rt&y+p6+p5rlK7vI2)N z&}f|Z58q99qw)xauhm?r{wQ=Crnk`kx+seCgYK~>=!%mD)DndGB4413q@&?2we;M8 zEwZw%?4oj&17U!GT`Oh$+3*^{SkatF@B0ZLntHYGT56AeDtoaXphE4( zzzBu?-f|#L_twnlUAj(z6f^yovI3y}N1!o(IO)%v9D=S6S)VJKUTd8;AHFR+TVvuP z2zB!_SWaNdz^F?gQ4|koQ6SXVj1#!0N>nsGGnrNxjUKdBW(Vv(y6swZSX6u*D>mXB z9V$K06|k-H`6cio+SnP6|+mNew1Q;gQ7d{VWCzzKCEK z`~?QP(7d*cG&=ahr6Yn3?D^ehB%~Iq0E=MR9o3(`2{e1lK$J>kyesL@c$kT|PRh$< zw=tdEKJo*Kr^Kzo^=#<3hU7hr8`@Kl3T#Tq{rAH7?nhUNeGK z3#IDMYmyeijLirbI2U_od8BqaC1>`u>b|XuNp_1JmlfJFa0$6b62`RJc&nALr6CPO zbz@)ulz3!%@0sE0Y%dv?5fXbfes*UwCtHRQZ%VxR)}pn!mC2-@XfE2~JYBAZ`lRs@u&5ci{mLJdVtIi3hr4QuNd zItz581*)m%qf-&yF{7;VB9Z%)P;`JL)NRPbV(J8y!^!^vHbBY0pedKqWds62397n7 zne8mgXh%YlOZngG@Ztx-TXia~5w7Zm%)@O>4-*ww;38C)(M`!dJjoi=t?>J^vD{~+ z=1S>PgbgFRn1s-SW)RZq zH(v0si%=Zc+}&i>0K_^bd5WN|P#BW$f^_+2M;NB5V4ka;Kx8&awNF+Tn@;8y+r)R7 zo-_+zDH;N)1q*`yApeuKvKGSbLQ)Mmbwv6X0R;1Ed9|vig64x;#XEhJRl4ntG+A)s z75kUvAQu)fR~}}I&yKD#7bxy4F54^l93=!{OH@OVH=lS5?PcRS%+vj1aN z<=qXCq~IK2VI~m$1Hwq(ZNq+T;*l4)(jvd|G2o-*OA~Ud!J@rIX<~6u?Hh8u!Wa~t zJw1Wm*T;N7)SBmp2lr|c;#H9+7HTBS$lnRPSK#jqe*e;zwuSNpz@q%!ZCjgG5Bfd4 zTjEu*QS95M+_?f*@aEjr9+u$MG=Rf+R;BdmUYt5whcZ|6_UFz5QSN*9S~i*|((&ifmk{+@S=hfa>Y{KcPfs|dN_V1-f_71!KIk+GP+ zESc3BmAVF4qxnI8RI8WLgUiY^eD=Tt9SOgeSG$INwT`T7?(;sKlC`&b(}8a3lkyg> z3HTTAR_tZ+xl(Br5)TvHQfC6Ya)2A5gyiP{gQXB@nP4J(+;wvizr(`fWQGp9BtDa% z0hxa37Avu2T$94Dl3X@i*Mby4;NjH_t-0M{+$P|(*uBN0`fmihp8Ex2d{s7QnGU-) zdq&|>cwhFm0tY?uuwUpalY(tX8bbp`Zx1-k=QOvqfK;i{BxR%<07f?^Z;nyes)~{$g!{}hLfQNX@Nr-sqwLh`LARDB_Im1|k9?as~ye;3v!|S;k z@IN&Y1#qwgs)e{oG=5>3I_gwCY*O~}na&$pJ~B2*Vwm-6O&gR`015$*AZ;OD{@}Mx zfT2y=!yLlH8BR>X0dYCeG7h*fwc!N77N~|wd^U|LKiyIW!OrB+v(g--m?f;J={JjW z-+CNbtKT3^Ly8^I=wHI<^3TAwDsNl=K$&AT-rSxEutS_yX4-onE?xHgw2TvCAWwD& zu$0c{Dhso!JFXTp&5djbT=wW@sC9u^&%XZwSg*LaO=)mmM3wGm*NJ&fz5B{o6A3{1 z1>mCNO)sisvt8~1^U)~4r9dQgi?#cd^=^Ht0mL)OIXuPc2QX-&K&g&#gMS0m4j%?SnA348 zdFK#8b~u@dA?u!4r4av8dhmTsLHP4aOVy^8FfNVMc3cCkx1q!cN2(DPJtSfLO*d0{ zzkW_S9S>B+V%f4sViTwG0Ew*80Einl6jX=>_84u&Yb*(!G{MWBWgw!{V=f!PQq4LX zkK?8tj2TXSoUDupNdzp6%B7lt(m|T21lhol!;#OLHk2X3h=DFU*Xuf?8^7{xL6YUn z>R6YN{LUmh<=9+@x+S9ml~!-9|PEi{u2VqcOzHqXr033cro%d{Mp#8Ly_c0d`+!3W)d#H<>a zp=>cMBZcI^6$OTXyXQPjw`cJZij)AEmO@?mM`<5V@bKqbR6LXKNjQ_s^{k0yz_oG~ zp~MPc(E=_>U}s4|tuC&gcSqzeE}?(k^yYH<6!d%JMH=?dH+(#j23l$ z%zuT;$%NAfIlZGU^jYGJ01ivX3lKIpg#0AAdzRn@V!_+hy1;Y@wRvaj5WYY zq6#MyUoTfq0g`&Jh#HZBtH(m)Dm+K73tK*24v)UeC#M3QN>|7$k0u;s1Dm7s7u9nV z*Y_X)GD*G&r+j&s^%NVPQ>8W2eFxMkin;2N#Kx@+Sg#cpk|1Sw1bWrnS(tF2V`nX#Ne*Uj~=CF1*}^b zg}Wn!eBM27r;`8U$b=oIX6f%E%*WC4^^NS3WsBikal~gfSniHsWQiv7jM<0I%(#OjY%wWU zAZ4Og5QcFVvQAfi3+efrAEbqNb7y#9IZb6=&8@Qm2jrRej@1~fXYk7oWVk^zpb!k) zxclhPkX9WGpzN7}+z=m>(0V!L)fU*@w2XT0XQ6%}nw% ztmpJB>mSKJq17AH$@9=c1WxW048ckV!B>rL zCOS_Hrj5XYd?m4Ypj+`vMdl3D?9ne_=aU|I^u?czVt_vg6DwCZ?sVNuUV%u%TIWHm zL!8hkor|ej`bBt#?qa-~p9ZR2fpc@q_3uCJY1#q^Uj=QR=N;QMV~XE=)(pV&;IA31 z#xFuQL11MCAFjRm*h+ST1y@-y?XR|tecKIIqBL&uFu}-0eUz3MKu5ZIcQJmi3bcc> z;QwR;1VvXm*^G?so4`#f%}<3QPMzk1Z1kW zZlJve(P5eNe^ z`YW}(_UhapkV-Ih2}U;YWcJ=SdKgh&0O8cRW5r0Et%(eb3j$XDlVy>8QsY!Z<^Rc? zf8ie~uk!GRc;@+75Er z>e!W_TgG`W#Kg;y0qh0Y<^8~slk78lF)Zh+C@nH4u48F)FIgH4p}0YhcsUdRk%Yrf zq`TaHB>vLuYD>z+1Cf~Om&$^kK)*hB{Bqf(g0SJDC#^Kc9T%jn3d4#Vg@NIkm$@<% zYt@`iO)gqa2Ey(htxnKi&T1g{ySg#gRN%N_c?48sIud?@229zDt^r1@y3(O!NA+7l z`h{Yo^Z0$BlSbM(GQ99X6Os$-wUSi1ZoNI@oFWZL<40YIsu`0&=V;-c2B;2>j>>uNGXW1L~x45Yg34RD0ZWcTSBZT3&gbn z8;i?lFA1b`}dYfAtim!c5WNaqE%2Y93|oAL>9 zejFpwt9njdr;M@ROyW^K$KbGvS(60Fv^?|Hs4a3m79c%7Edd1(maMgm}p zHH26H2xA&B{%wDNvW<*BI7%cjhon|;nBSu7LXTx%nX_?_t~qW}U9Fb4$%!04c4Ybs zxN}}|P}SZA{9&d6ixn}##8&(@UY_5nQ68X-RKic{E#SY=gm6*)pwLH}Q0WKk%OUGD zO7I!&M-IuYv;RA?-pBtOOP)8U1JIrYwUzH*KW3>}_*Dju5OcUz>TZk4cv(AC*#)J@ zhi89uG5&dYMt^*sFs7czO{FFRN)wor3lNC!I`6HUj}fg7j0Vm(w2_O3S6}chQ14zt zC~>?|>E%?*baza>)UFF!)>s|B(SKS>GZ5Gzpg0m{33d+JxC}3-UHpeTfy&{l7?^rb z=ULcVmBR}?2;D9IuKAbsNYUD-zKRBFL6q_!l*1TiPZaBFxh!+{SfQ|m@i@5r>}5t_ zfc!XmeDBjylv;qenN9~mPAAk?D2TW+w6D{oU#?Q9+#07#hFL-@!tRJq0^V+l^vr-4 zx6U_A><-BQguWoy29r0};5My~1d$pz-1WPFfwy6F>%lgfJr>n&(g?x z7Ik*izR8;tc$Rr#_6YlRe)CY2GS^Zc{7eu^pZQHA2qO)Ci`@XQ+~1aWrTiNBuvZ`* ze!C$9H3xy93OWo*-r5sw=ySWIU`-{b3ersbQ<8+OoWr9cgWHPfFmS+RRIX)1Q=kgB z?ft)sfq_>V;ZUmBkBm7?dOuR3H$3ivv5xG$3C=xgNd5zzQJA&83N?(XS*9I$Ji?c3zK+y0+|NNonlp>>s!1*Kjx3uqBA^hn`&q^^WTUO4Gf zrr2WA!0UrOh&hYq54Tmp4-iH`4eRq1%Fvby83r+xs7O;FClGSdLo1L`!uUFaaTe;* zmk}8wBxL%c2x2QP8u4J>J`(qt?bTKzpXm4oMX5rc29}J{ggUq+%n~26PNrKOt-j-6 zt!J`Db`8uw#6{-PyXyi^A%kpW{x{?VwpO%79-#s!L!p+G;3K%w=)RqufXX#wktnM- zR1_Py#E#N7X*SPN>`SQ&Pjli6KVpnR#ygK&!8++vvi&y88l6eTQkY;C_%KOfgMo@H zwI@|SqGt&S*a2V&5-$$$3TwjDSz2^2hjaZ`*=&5GTYj{$G1DOsVN1QHN zuDrRXX6Yn#@QS>K#2K?iS0CW8rIwU7fALSYSH(Ryth=bF#GZqQrW6WPCiPJ@?e}5^ zVMINw#p=R(1^bS`m`-s~Vptk5Sf+R=_VQi>TAzz26xUI7(;MR12ha};bgXSWNG!uJDCz1v^%2Mki%n4lE>`N-b>~8rH&MIE#N>B zr4D@i5|F5z*EoPfO=s%wzD+3sv)>)%@Ziq5LNH=+?MP)_=>{xI%_(h!j?~sd99plO zt+Vr*h2_4S9PxIT>yryQNgUs=0B8Ahy|c5g;DHI7wDh1o5;=99`!u#PvLnTx=z?55 zLRt&)83_IAV4>F#wJ2x9PK15dWq5wFopBPBz!tYYwbRT{g7MX@RAdO1g)O7(=V28O zQ2FriZeb2(CIou7!BIMBzG{2P^{6`|D>gewmpXcgvY(1tW)_l7@fzm#MN(7WVX{+N zEF1uXj}(=_-r26RWMYqhP7oAiE{1tI@sb8m!mpHOkQBI$z#%FDWVLOu$?ZCE1am3O zn?lvpv#$Ebc<3KFAw7_k@C0Sag@JbM5U=lTDTWWC(sLks`5a4A83%&cW5 zOe-M?y;NeWjTgOU?hGUN8zC77Z3W|>kDf38 zBQS>r&q|UC5(|d|Lse$fD_P~G!>bIsVgiQvVT&Cun2EC+F8%je+Lc4$7m5TjRsmjT z2Gz-v_&+-Xy<%}m)jA4zXMSC4v3RFK^BG)vu-8f0sE`j13h$goW7ZLBo-n9+Zov06 zU3A3PGBDUH8FpLf8l$na<02XY(IO;rD!PUd=;O$sfx;>q(L_w_(@9~Ub@#jd;utSI zb{eP#+#PU86<(w;6Zk>vD<|vq4#ptyp3_?bc|(hlcA>3=9&a2(AjH_M<62kX)QEV# zH-)0SU?}J!sE?eUMF2)cke*b|Zdp|z*wT%kLa5a7T}reZFp4Z@*TtbyB?&4KVduJU z)B=56xgzOnL!8lLf9ETZzNtB_0bHMIg(>&?hhA&3K{(VrbUEw^MV40^>o?QdC;F3m z5+k-W(4JuIJCY!@%V5!S{ej%3KGpuSN40+?r12+u)Qw%L*`P(HROOg0nFR3(p*u!= zGHFV9{8e#D#DD1=c1Q*hz3za=OD<9oaJ&`yaWq0X%H0W!IJlklCE;F*h>Rp$hq|~0L4enTSlsP`Z<0QhFr9pM_|Ul+ za$%u@vZP;i(<@e_s3}}}W`_{^{s(c!B-K{5Q41NMJc6hX=ou2>N|v=_$;gidL#8CM zSb7$<4Y#*Da|a|1ZDT}&%l6xyU6?_3OA`PPqTdzGrT&HF^rCxLvphM;GyZ)}uRFL` zi3MNMK&=+uq>%DJU;~Q@%%)44gMPGcMtZ&0N(Nc?O3}LMc?|?W#8<7m5caBcBGC)e z5V(2b+<%okI`O=vo8>-w(o4-SH5b$8n2>5-FyvFdySIKtksIw~TM$pcniBf@wX?J+ z?YbOwbUoa{hb7~Jb=A^oFSTRf`Nb#u+#7zq0=oL05wX!&n^I>d6b9)DYwb*8alVbD zQcza?uNYu_?VmM<3eu`|hH!LO1O%=tO+-i}OxOT|2J$w55{E{p5S4F@;5^I`Qy~+o zhqL=O40Nm2F-CeBcCk@M1T?gKAjt-+OJ5d4eU;8{>2Vq*w2iv&Q7|P~yZip84G%4% zk|*=LOq<+|t8@t>@I~F5@rZk%f#Yr-2b}-}2Tvbt-6=s&@FQgZW65f0He4^^bU~PM( zZ{mO0T0nHwLYo+L35XXSObm4gsw44@Q^@bI^Muz~YLMg#2+fAnOsk@`&VaNo$|Zv^ zqU~C&xtMyZ?p3^la85w@WU4^Djg7>}PGbH5tc;H+!9A;BM$=@qWPjTNSiqK1faXE# zeMv@6JB0(|

|!Z$FiaHzeb0@WT4~=9-QhHG4t0u(VqCljCxSq9h=hoEivgPt3$qiO z-hgO=(2R9~^eup|n3aZBGPx`8{!sf1V23Ikc1dB9abgk##~;AnE3uj=7~*Mgs)8vn z1Dyd3D>0O~gh9;O^Cr_`5emT7XxAv>=QyuSYuU`@0Pm>k)#`hWy5nIUONW( ze;bE$lNA+aG$xd?1uT7nZ8Rc?#}2{f8+96iGN%yiTd&SCY-^;NS-w}?jzbp*+%#2# zk+y~Nz)O2LM#N5^Kg1)so-Y5@BRoMvkR1JNCuD#7Y*AR zfkN}?AcF+YNvzcA^;&q?`h!vXRgu}wcTco6c7s2@2=gE$N{j-Hp;U9^U@)_!jC(7} z()U71IB;u!tgHS{ilPkE9fhrbc#^p0t3#kXhVLVC<%E-LS1xj)ewwzA z$3ERz$@+9pSVt|}AfAA5K=v_7M_e4G!EJ+I7m1)xLbASRM=ulr7C=EF znax<+@MbG?k1BTfk3QiQMn=!{QK=OQ`eJdTAO_3jTp?TUvk{*mV*amycY@|1&bk$q z=1ML^b!kPXUkEpeOj01(9$S^&dd6^{#tThVv2%gc4U`{_B3o!;!(uoK8GW_|SK@qO z_?E-oad5kHe&}<*9tO!nT=MgZA(U>uhb!$kmC){xrXR>$A2KbKN4yHVhKR*#oDGEY zfHO(5YyE^|>sPO{rc6H{NeLE!>`=#mdLfXNK_Q7eyHkVCw*r z!7KQ>m<-6~|F^5n$zc8SM>!TLIQ1T2!KMKjaTb1Pa(aTqZz&&G1Ls6h`6#gIH%chb z&_xCZ?6jzxRI`;bYpGBhQ~DaE#6JCG$+G*e2sTsud0fsf0 zAZq$c-6*E%su~H8LScJX<(qxZkhb;R)ZaJV6s8L$?+L>I6P(Q!ii4Iz+Dh#Rzk2B^ zNw1;aoEm2?{eb$N8y%?n!N3;sbW3wzRqt@TusVsNnw8m%Bx>!%W$w=IVs#|1(`| zd77GvgHHCwVaJIr$PvTPe#`0H;|CB#V~^=A5YongnBD=}Um(m5XuWDT{DQaQDhiMc zKnJ~|Dr5Qs6`lux+y^8Y>>w6=uO}WI!qNNgiqy(XG*TXF(A?eKp>6CWCW~}%e1L67 z!Q7z9C!Y8hAZ@3_RL9+kJgT$k3x!n!A8_X~Z21rqUdC-Km5N4RfcQn3eZWJ{Nrm;R zaRM;QBS6l)$CwU50(uUJegIya;k|nG>M;*_GpVPU&&Y}v+eSIr?Q3eLZ<9GuljI) z^O{YI#Tl-OzQz97W}PgJCd*{)xyk-y zJbCr)H|DYaE5+V7n-0}s6ws?h7=KQAwW-I)m272({o1_!G@F}bU*5-f^2#T#y3V8x zGvk-eVY+yww)AIW5(0Qs9cW_MMk@QvUD9^Sh`X zQ~B<1ZFRCve!D)(-^N=NUxh;ThkWugGkLf3+&Z29eb;$jqcCj8&1Ky$Wz+QI%3qtV z%-glAW0}l8hL#rf?U)u)3wLXoDe#4%aPU^?7|vH1O#ODweEwPrCKp zi$z(!-Dn*XOh22Rj%(X)qe}mq^i%F$(s6Ffu2+FCEW=&};&Zgkrb-w}hGs;j$g;4n zup^L#Q%}dxw65zqf9crgFUw>)$c27scQBuSzq7Bz^os4T$ z?OiF5OoXPyk$4*_wgc=>$)!tKW{hs%J%Q+&x&KFdb?`;e*70qnK5wvz~3(q z3gI_t!*UeA*L96T&uTf__>(IXUO#^4pI+&D&DS4^&-ZG7-<$Tc$o^M`{<_)kC#*8EKA3;3pG|%K@EvhQBf6$)4($%*^w>!`#V4K z<6b}e=vA5pvcJ@>4(RRba96IA_gqw+cJWSuW?@J6JAFebrBL|g>6`v(UJ2)0TB;q} zPu!)ST{j&4_3U={_W76Z{DXN`r8~Q>D=WKAuKhMOL7&e#Aq}@l$a>#XrW^P9d_K#r z*t2qB&w6&YwPSC)bahT$?KphbN~ly6QA&8TKPV`zW13%w-fNNJ_uukewf~pBnE27t zu`EZs#3`?`%O3aMdxz>RdJ8BQ@N4wA4J$vI$7;H8-778o)$*#4{jG3ay*+K#S-+}O zJ?Oo9+ugNJ>%t*R6yEDQl%nuPXw>ADQ0V|Tdv2g~@KE&x2cHstEJQ{3MEFhi2Ou`h zH%-v65NTk^P*W?{Ax@JAh>lQuhn|)ILi6+Iip|S*BMF=vC=m%NPh$c_En)M+Wr zGOp-?Wp(5xJLG6k!b?h%&WVu`AVwlk@V>klf;FOI<4Kq!ICOqM;(?}uj16-E3092+ zxMQVEa>5cC21F1hA;h*+;@E~aqL7*;+YBGE4O*;`p>{)PCIk#NZ;$|zAOI^0WJEbh z66z8()RjGg;(WfDXmha@K@t~)bX+lRd4l5u6BpckE#t}p6@j2inmjfS1}6zbnLJ-i zHjvo?rbCz%UUb6-U8Cunp)KE&e{BIPMaB3=wSbv--CDq&h))qBIlp0bcW3bJ449`7Qdbju9)zx{s zowZ$Cp6{FP_LGih7_I+X*6OTJ&gb#1EFXoTg?G3|WjPqmao|0F8;^TmS$K|}zQ3ML zVfY5F{n_mH2YR2+|2L-7>K}jmGH$wahl8^}{e4(>^3bmPXV>(%mvC@eo^7&5&%(L6 z(W|n*(XAQSZ~Axp<7^tm<7GU5-0iN+^uge~27_>KUc-5M6-L2$EI0Ah%?srjcMAQy zdhd4n*H5?iV9>Y7GA$&U*%?__FlhI)G^Fw9(ad`9KA-P)U$_fb=3m>^HevVlmksx* zrM(W>DLUU|RWCfs^wH1TcmH$G($D_C^PXe({&o$tqwly^yJu54I5;>sxDI^pxPNy2 z_`f^u#&)fK=h8Ly&N}fo&Xs6x819+z1YLZ#LUpXddHzSYdn@2xx&VLyW+RK zLWMYVzLvmgd{D-rnzh$3oXes>icV1Ih}=(9+hfz9Ncl?Ci_8 z-M6c6wYqR#-oko?=MUziGH$!`(YI0Co#*GVxA5$ibz)+cAQ*5Xg8|=86cwg7h$LNY zkcwHSh!_D5R_w|=>n_;f<+fZ3fJMPe1|)MXxHm3+!U&0nG?O=8>WI|ILwEv_0PPJJ{AOZ< zHj`{4fq-}*nQ6!J>Sc0M7?r zXsms3cIB9|6eGV@`~Y&q3GPRjv8}YFa%kO{gn zSMWYYHL1QPD8^|dkHicfXg0i97{E{lRf8~O2=R*ww+Kx;G&suAAnCY?K`0J~2sHsu zu>5-LA?dOLivnc~gb-mOj*~$bKsc2N>gC8AK_TbUQjnS z7=of?DajN_XsmWz1u0=qVVm$Kj}}T|QNW5sf$wbOHIjg)LXzR!Bs7ccR4_y2Xj1e? z9v*VYJ|J1K^d*aP3rnr6!l5_-g-u2nNNsZ5Q=vOl9TYVi-8od~0);DiI7q-ibHT}m zy(ts0KGiw=A!4g9xJgr;RhR3BynWmC_Ywq}W zU9GW*2%x7olG#+(W zj0CbngIC8oC+#l8T+&I65MF+Mn_3ZK6ciMZ6%vVad<%v6x8vM7t*Lj`=lk<)!#Z1F#fu9io?INUr{FWsbryS z*v_YlPP`sYK^2R^pzWqndtUSZ(s917>-xH$Rnz<5Y-iv1XSM20$7bHk-AAK~^u?R$ z-oLZyZCAOTyojB89VEb)A9VeYtvCVBYT?y z>lOFDPy6WjzFqi+mo9Ubb2cf=S$Emig)99o*YCb7e8D8lG84!29{FlG8u>HgDw%*y!s-Ld!rtG|9yt7SR>EbKa_0v7R zUD$@>-s1dTQ=bnQRR)DY_sj5D@KvAkzm-6Dropr zNiKTi+yK-_%?~#vAUFs#r?hgx+=sdg1PKsijG#G(9&u<>Ax)hnW^o}LF!FR%@uYQU zNQf7Qd|-XBu*XRiF=X7hy4#12n1DHW8q@)TAWM}sW1d2;z2l6#J9Zf!Kj+jBoXAoI zeHPdtC3+Yo0~KyCz?ZHNYpPA5Y}m9)VC(7EPl8-m#*Lk%EW}XefaK(!~Ro z*8yrT!w3hVC^uv>VJ!%Gh=6Tf9a&R?Motrw5?6@aE$T97eaXs9z~$C2r~?XO5~r$x zlp$t-K;W&ynloS4A02mq2w|&>$k-Bvt&W@}1jCOxFfSMIG>o9tq0`z95quUmV2R z;Gi&BcIZ(;bfJMQKr%=YL(a*_fJP4)B$(JMtfVyNjO3LW4}R)wxm!#w!s6f=fa8!7 zG#Tj3P%}o%%Ly!OXF8m534Nr3-bmmE+Q`Z2OPiUQH7#{U04So&HnxslJn}U7N?ZY@ zSnwrO;+RXSbDN?Z3XP!A> zW9*uo=urVH0}@CSJji9)d7@gs;^gd&Il&-;1hghNH2*j*9Sml?)YV5?yfGxV2+v6>7qk&Hh`A(k%7#z~v4zN>IKL>) z2LoxEQ5CSHIG?h9uJ8&wh1Va*>M@$A$&;Uh5$jglh8M_aWq%uI0L;{J)3Rz;& z^{tWvB}5PZQ9nl z0!g4X=?HDX2}l*ygd3im1O&JaNJOZLsTXGkAgyEslr&gr@Mj`b)Kt_HFnDgDRN9*q z28J8Id3e4R=xtb&glA>jcB#X?hHX!T* zAG5Cxe8P~FYP8kKxAtrRrhx+k#|%Rp6tMs$MvxQHw$3$DrA7ku1I1L(4!18EkrL<- zCabH&nTaQ0gmy4MHnDQbq0@oOpgRFDh}KX+F(L?wu>&eMXVmOL zHn6(*a99e%r3eZj8HBPoeITe~2LLoAm;ooe=&6!JP!1NlN9ETPgw=vf5tt$J#F&^rOv6G}R+!vaz`--0d-EV=qzDxw5eOI= z@PKy*CxZ_wFVX@7FysW;kw54F35XUO0iM37w3&9Dq5%K^fB-!Jb1(o53=R|uWD=Q3 zqzbDa6u}5b)J01RLRDZGEQ!G|1`HqoMj(I!3K&QXQKaOCU=)A@WCPg5eh0v!iUBnD zJ`^6nABm8JhDp`(zoKsX6wnO^B>QIB0B}9QfDnZ^;MAcXeHs92g;Y@+AWiRw@ibnY z{xd*Sqc(toUWNe~a-S6b1I~Pa`AOPbYH*&koJ;DgCH>t>*4`s?R@e>nVN~3KzLl5! z!NBrtRUqfIr%ieK0G<{2455yWvF@T-v-2<@*xp0S6$!|9{z86n{+G9gLI_iDQvHM~ znZ7w&n@%gd`gOXlJ3B+8DcmONHW5I!Ozqd_P#K|1h2p~N?6!Cn`E~?7+`yE-MnZR6^;#YA-5EC~5AZ#Yn{wY)I$pgSm{wu6 zL0RiwQ8RGer;c#h$+|DZsghH~B?f~fnLscUW$ULLZsr_TIw4o#-#tVT=a`rNP9*_l zmaBLi=zzVQL{}aK?5bU2EZW^h_F=i@Z|8XSUP~nuOqntv{gvwBOCJ4S#-W7|* zrUQv>k0IhQ89g+=nY87^{bZo=U-!tk+N+=$bqO}oCLNH5>L_((TP4+-NexKpoZu-< zDZy~KASi4?2>M`-l`NW%g^8Vjp2Xhf?W7x$^AgU&idml6IrZQy$7p*h2y~&3Tf#)) z@Ea>Re`}u;j{c$%!X+od{-M?z;79`ib|b3L-IeX8gJDD-IP)b%i_xl6lZ=>~p{GBn z#xU&f2$6U>T#CuhtQ8SN==LW=k659sMS0zwV`c!98fq_srcE`G_Nl^;Urk%FD7G+x zAp@K|fr>NXc52>b4%hqKvA)(-0WhUOlr)a%CH zFVK|6zu-sK)pA^axyXJ>JFu?A16{Rv?@D-zH~_7Zrv~%1dG{3B2ns4DjG^du#!7`a zb5tNzdg$eLE<`R(@GDRcQNS-f7CJTBQb6y)d7oIqj74>M^*FaxeF-?MH^V2$N7&ab z*luKctdauq&e(aG<<^|Pb` z+@!$NqZi*V7<6W4ykNvMb|l7#2{nRxswxz)qGQ;5J9ih5+hcXZ{S_+i-m4WVU3wMV z%gjDi^B=9daP?J?32sGJ;F?Vgg44Q9BlYS*z5=s&HRczeiV^uVz{b6JMp8~|p6B@i zR$fmWjht))CV)PPL}t{9a&Yl_;RlSf`XOj-7FqwdkAq7U zZi0)a3*iS^4PXP(!dHTSm2zT0@{|Ro!l;J(c8tZ}EM%C+yIb;CdqF~_A0ukK*J0qx z**!9rx#_G)*_^W#3h1j z6;DaNB!Yc6!Di`R$R+lw8^NbdX|%Y1439_7ZMNoCdxce7oitwk!U4AIHO6fDm{H!( zBvIc5*rcMwfu;!;*`w*Cy|=D_!2x@5HF4og1FLXLSloFHPFQ~)v&clE@)%I75|%9V zQaqFi=*&vEjm(C*$2;8s95f>lsC8NvrLV7zruFOYTUQBB9s!GNq(B6nmH={0yThv1 z2*8IuEf@EAAh$*_@Yr*2X=-Af7fEBaY#(dfeov=$#U9I?Yvhjr39ZcMoSXWYHGIvetY_(f)y)PGcBT51 zPw=(}4TkLf&G(1droF_Eqb=mqkE5D)i~>7mAOYrpc_A2?V-nI=Zs9yTTAZ`40FfDp9vUa`&EU)iqo=He{4| zkNtHmg+jSTKH{i)_CIq^Gi7vDjG1ju!fOeQh#?yUW@C?2onwou(4vO}RoQr=rZEY) z({iE+#2Ckk_uEiu#pMxM018DF59!=PY0gAp&fFqEiMsQwKQtUY)ASzk;KJPFEQdce zm7nZJfxnAP_9dPI2;ZFiu4)loUJfivXc<~yv5gQ!PM7g{w&6H^x61pq#-Rh0a1;uJZ3g4labD8gL=6{=4^WgpB^G0KLgJMd2A>RdF>AkRJLF$7|&K zvCdtMC?HAF&E&izJwoC)kqVE9YD7-QwAAARboXg(AXXAfRiTYuf1YAJ?M+pgpYqPH zkFWFCxuZ2>_7v7GBsNwzC1&&YGJdy}~dW0aXHSHOM3tu8sAjdxw9eSP~UkqJdUI0_0vXy=v)^ zCZ3+;+!GT1jX*1x&FqFIJxJYD0sZ7UfSligu9WLvjA0na=n=&!3F;DZCkO7wri!T> ze&UhZgYhD%lW`>?WKZUw-1uaVSsrwn{SKoMYa{HmQzcKq=d-PDaYoT$zkG2#si_x| zpt+9p4--AsIp}+6c$by4N$JpY?B2LK6OzZ36G;t7Y-vUs0)7nthW?aI3Znmj5P@^ zQ!LXADGUWCvxtT=@HA_7|YHk}b5bvP9(;j%;AU4mn^)Fs_IK2$tkjOH-r(g>>?%06Rkg6Mfps^Q07s9XPvQFaqgQyyJEYgvemtuf1lX0B^iIJ z8rOiQ0VNCOL(!kJfLe`rU2M{9p~Sv+g1iHK9nDfxH+k4DA-0Eu=HN#na3L`EOKavTa;FH(p3VMpHa-r!b4uFd_}I zY1QCTFF~jy7yvB{g@z3TRVpf25uc6z@5&*R?@I_~&&!m~*kzvP>rt*eIx0tXCM`wE zTV+j5&T^xs2aKg_sORV&)4KkVKm?HoIRVxrwK`iCu1lJo6zYlCWQF+XCTe3EkBR{N zJUIHV?1hL*UpIYR1Y8bKzK$E{P5%vu{xxMIy)&htnQR=4 zZY`J%fQE1D17#a>_Y9!|+Q=@H`GnmHVtIpXR%n;nDV#%G#YU89l0>u50qaANg&)+> zo{N=Mj8kSOi`B2zm0?g{w=+5-fPJ%=#LkOVBZMbvQDt3Ol(ruCa8&DC0su-~3pM`1 z=^kOx5l9JF5icey_k?A<7FcBdm?N*4DdHx=hQc=&@hBX6?%z6AB7Y!%p5N25lEKwf zVO09X6((zP(`iyyjAi~<2yHoIX469Qbe7YF6W2^)XmC(3=!nLKZ9;|=+I3R+*V^$> zSjayqAm9mav`wd;<+$KUemH0mia{a?y2d&6KjB-l%24uyMxhjMFBpsDrlPRwQuy07 zoAW?Y$W6dD(s?kriBc8v^RcAMecXo<^O+bHfc*XK`_*5@;&ueIarfnYI>*9#P*)7% z1NaDtYRK$?7%IRI1Wr(9vYB-A*KBa$>2li=Q8FIz*(&+Y&TiX)?*GVTwT$>?E&dEv zEApWQ7tyzzl^LFTpfEkfPz*gUYi)PU0&mQ(GV?j`!XF&+xdN6KDv7d3wALUGTd^lZ z1vg68l7;G1$&k=OI;=!p_!$ukcS;4>8uQqpI&kGRrEvTTS$nrbU8Zj`o3FH5v^gp_ z3`D&hQXc;C7{}~0k=cOK&<2zpGhpZi4;Vbx@}vWv9nuY0hg3~v19J7P1ib^?=^S2R zZ++rFc1|7b@noeyJ5h%I4bu)sPK!vl{pYuElp(HQ&IDI=UStC*KJ}{HlD3JG)DNcL zB3pj0S1yC8%qGIKpw+G{sU6VQpKj61>Gxm=P$(6*);GUEthaP91c7fs$$fDDQmYK#GPL&GD<584%Z_6>Tk)nkG z#(FJu@@O(tF&V2Y&B_<05P1CLMF}wB{~)dSSmeqsMr%qbj^zI5`dbbM5sgR24sIZQ z@f46)D({@j29WEu5k}E}*J@E7zdeBTb%96Elns#K8XyqVxE6g4 zLrxb!C#u(L^7MDM-oht~xqc?hs?rn$ptkN~s=nHLbw=?rDr z5Ewi!IT9P5paFqG?_dQ6Tf>BXaK}zogCLyzX6PwlwkgN=Z!tPg^_zr8Kl2fxOkX83 zA+)Am(k}X~z;Q5QPi;PaV;)SKs6b->eDyr44_H*^6-VH9}L&^iow*~5SsRaKXM|22@x%g=#cSe^{A@CbQtH0@E~PtgyY_5&C> z#=LX_4S#EJXd@V9K=MhceIdFC39zT5B#@xg;7EuoJf8B|RO`q!uTtqflosC9m zXj=foQ#_b+_Gn@JXQxD7Qb2TeJZfwLO&~(unm^-ksb>jFpl6RukZYm>G-_vwVDQ}C z1#c3$-;Fr9{`~zCJc5VXJI2I-xEJIPsa%CI4gqS{%f&WBQJm1U))-cOU>Q`;UqOH| zF*p>}zC{=LHY?CM&Gwf0De|+a3 z5qT`|htVu)`C2=(P{yn7z+qZR5qOzFJ(Yd=6+PuK^Z0n}`A? z!e5+-?JD)s%&$9J)xgmYybZOm5pv#KB|5kP$6hxXI8SS$blE>^Uud`4cXnH)e~!MV z{LPhP&3$_ZSEF9O8h^jsf%7I7F_U963}^k_P$B}+@-RAl&>>djBzcq8`0vJ;SE<@| ztptXUt9E(uOKWld=^FY^h*hd|lLpd!Z(oUwtMSZ}f)$pdiga9=+#kg_bCX+va{Z6? zv3qw5&btU9(_nrTB4U!cm{`;IUcD4DHZRGX!{d<&hLK})2->!grXE*{%!j?cOgV=rZHRMi*`tcu=lB=XOZ=T*PIJ6NsjXt zG0wI;{fw>f^v6Df?cNyYl1H{E+5e)S@fJ3Jcs#LRj87)b@}1>sZ!wTvk=w{}C?{7))s&>-y$31XOJJ7F~!5>f)dm={%~8&|YK#bAxdA@nk~fZ3D6hGAnG#`;MH zu5~bW6nzl)-UHX#u2vKkh>Hq7{lepZOQ8#l8V===9VH^)!`U^x3E(S(NxqnaP$$di zg@8=UO06f0li~eK#Rm_hE^nG4=b{i7sp}6S8id;W=c$K7 z+yt%(iI*Q@geu$lAzMpFa38slGniGU)i!vRpKd{v)={?W1u7JDRjb0RJKe((ex9(8 z`TAxCGV07*-dxtnf74^!TD=D5LQ@lx-Mj$Tur_f%rM*&-+`?&=Xzo$mkA_=6YaoO4=LzXhW@a5ulp#ki z$|V`UTsi7M*4kv%`Nx$2;kFp9HQtzcvb9fFwC%ISfJyB-opB&1gxBiIAL zRZ90(m^sZj@_nuun%qn{pC6-2U28a3Fvm&;#wcdol4z%DW_S~qj%nUjjq_FkHHKlo z#Y*^yg>1l1S|!7fL#wbmgdrF4QcSQX;zK&yw*m5}m7E58d z71|%j68V;K*v*WKV@4YxwR%1i{80ybH$5?OtImhC0!4I(#y){ett<2&%z2^;O_nTs z8>2>emgsDYfbkEim{}&3d}_H7pq7e9Z5!bpWO|LMI%NaLcQDlwGmWc0OsZozlZa=s z0%n4$W7PsqgLp{fX5-y_%pLeWAr->{7oZu&y?sn@c8QT~CT4*tf!;?&3#8-V`s*KA|jGs(r7-(y~PtEqsYAh>N3^t)vVgAqoieQ13P2Cg6yv=W1}i zF;(ACMTJ4NZxJ!sSW`4M6n=X4EZM4(zi4-}l6eOZ<`XD9`_+d?|#% zmBOcS4Rn3DAeP91sxI7Y{S6E>y%>~kyzD}Qne@qdUH&SKn=zg;CiDW100le&!k|;cBiA3ARDzVLI;`B>^Ho`p@epIi6yh;?_gT z%t&wFt=#X3kbS-J&GC9xh1duBGLQqyX@r~@R$;9$Tq4_s_yP`*gr<<7HmdWVsHQ17`Ki0OT76TUYfW$z= zw{*jpA!NY`7i$H4zJTvDvXK>EFGGjsHjxzvT8U{a}GvByy*g{hl zHpS1HDM2Ga$ld1NpxjjGzSpC{ZCWXb=sz1HJq<34v%RqfUk#0 zZK$uj4&&iE^7L4VQ4S+!gxBV9Cv$3A)U)JYMcTS`6oF-cp;Wc?a$*vaV&d6!i+d!v8d89}fAAbfAQP_6ur(dhS}SB1mX@O)*!IkvzVaxh_6(&spgYULbD zw})i5z@z{~W_^o`R0sysVQHksaXW2$^eGZhS1}cH5fp+ui?|T+^%cFyKrk z`$rt_7_x}>*C1n4DgjfDA96^cnNo+|T-P0n7Rhf0sk$6;l7z4mrJpr17vN92qxTOy zecZK_&mvK91Gb!&sE&LVT?^!Sx`IX*WJ|9i+_7dZ-l>^vJj}TO#5=4*m>#WyWJuuc4a@yeYThYHKB451{zOc~XwEjfbp?Hu>Ei}P~*~am( zVy>>4gkOZ#1}Y^_=({w`7TzC?(UHRAN=&%dW-zaPLU{dtB>ohDOzua-7KoK(SbZiB zIF(R`!z&@w=Oq@nht+e$0D#!bY&Pq|)RbLBHHcim%$&C2M^FMuhWr`>dCKHqpuL)g z&FgR7KL-9t906_BLO2@~9*NWhyb3rZ$T7HrgOg9MANd2mr6}0(;s9GGhwUw${{OO| zb^~MZrJCg$pm21ZJOzB#0PUkB-;8YKjN6i22Sru3r0jtj50p(NP|^WR zOt3FRxu!+(UQ{X9ZyX~MKxi7$9FM7SJ$3^Q7Jd#~PiJV9FH*Br{czqQ)dX03G;s;M zEQT`(WMc7_b_e8!rgD`)7VI()p~ICn{*NV-VO^JHxxnRIJYoWKr0y{KHNXC-})Lg;m;25jwN7$ExA$c_MJ0%;}7;Ohs4WI?X zmoP*ByFuHgl7&AcBlW<5#wc0g4(>*cH3D}UWe;Dew!YKKC$6h@QDa4|MFMmq$b()6 zY^>Wy0AYq3AW316URA)!9e=0*%2FlW->+b&5d zCi#!v2>gZDwx5%CKvi@ll@+bDr>p}wSFX$3@A7tFL%v!;l$ju=YtaA!#oPktrx>y- zbt#t#oa=d~h{^KS`Wh>$jN~WbKe7xR7s{tDbFN~Dd5Z48AXi}_lyTIr(yF)*%0F0G z!n|QT$7-MpB&gFOT=vo$=e3a_f6&A&*5@wrbrT?s6n(><6<_{j6W+@8_ds7aLrBA( zW;wVKRfcJPpLZp8O@DX}P!cnsfT~s12Pn~i(16&9)E|JIQJ$DGb?|b&Wb;cfpbrm) zo}}~<5cK2j;&b@V!^L^|%%f0jZ7Kx0Kx8~vJt#bP(ACEB>_%c1e7vtDI)5BH7{gI? zs`*IR?+w03!X=A+bl7z8LOd7>k5UI?f(Hf6;_pn0sTO{zDpG0{eUrS$0y!!H%u9vF7Ru&>C z>1zq7a#*=T!B+%d$bU$@bkgK(sje!bamdJS=gI8pnu&C-r%qGAFi(0j^tyIc;wbXT zZX$+uw&;E~HiEgGmgA1#s2C6NxpJ*wG88lEkx9vmQ`!BZ5e0HHwTHH;^g0;zxX#B~ zYTUFpJwRX5XBD8BIckY+YiktGzYPI}xBfO=U?itjwobPYGh9T@4QDfSc3}O03RX_0 znALN`%saphF;t;ovv^%3157!X5hggHYbWi746M`2oN~Z8(WI-R`5*ex3SftRpfvY)RfZq-p{QWDKlyjF z!#@7!YcveUfsU+DU04O7hjN~FPkq=AQ|xJL91_gt*`d}SRhR;gKUFes!dZSgC}c@? z?;<=k(v5;s!f$#_1qOR*go-+-HuXd@4Eqd$a?Rp*WjF6|Cj2zwmeMK$VvdHYOr;4bmUO$o*ID<$8ZvBtJ?b>hL=Wy(d z69+xn=Fae8reWbT=)hQ6?>RvRTn>KfQ|2BzPk7a%3Sd3^X&8kjTKKDmB?%lj+&e-ce}!~BmpGJ!8BVFpqkvxZ=m&+84mX7YPfC3>`C>Tw zcNiSU?&HlsK2-4Uwj-B<-&q54t}dTUgq}mQn8?B*)Z;Dt$RY&*rhG?Up!r2j8mtTf z4?$57t9zLO^ltF9riZHner+zJ-&>+_$fUq5XeJUxGK(Ee=QC?@c>`$hsH?DSfB{21 zIW)=vm>{W+vrM(SLhn*e6dM?-LWFM?`A(8BO^l& z^JPx1X_bbVC>huH!hK7V(Pwl~T{mjWkE0a~q!O3NA`x|Hfvj6ZF$WS*rnJfm^6OVn z_{g&=CGLHuUIOt30h;5bJR`sn1}?Op;ST0ln^NFcAmiSlWd+t(Y`8Bqo zEt{dJ@>udEKP>q?-XB;)yv4NYUObC8&wz~wDLlgO$3+PzFgX{7eu+@Bm0+GQ{rWiz z_7<506q6+QnfSzG<%`s(ScG<*m_Pc@yQM*nB{rggTgtMtb!4acEjS45F*92rf5>3_ z^}Or(jzC4{k1+x8d6yptJM!bM9t->}^$Ng0nF#{frebx3vQ zW1ue}Y2{B_w~%e3t8ODXwPb^BUOYt}1aR9QkTU>lE?q~-WB?;(kB`ErpiOunv@eJS z|5vD*D_KrzZ=iaxZa9X3xd?3T3y=b0ju2bUT=Y*o$MqQA!}8UDs{O4Bj!s z$8;S`e#hm_ZWHbUXF6=A={mfNh4GP&A@bAm)mfE_ z--etA7|r-oFs}Tto3&jEey{qACl$Bbb90kx13Km?r$?n~f#f1fb+{?%=n22GfQZWOfP1 zo=bPwF@}#PJP!!Wg1)mVIq{UF@{*Z_U*CBSPtOiaE2@WL-=#@nwPrbh*;r_qUwuT! zBpOl*b9cCJS|NuM&6oS*?l~8pC;^B-2V&!LdP_!_jG+ z>Y3oNzvzxk=7qkK{aiVf9Yg{g_QL2L^(vsFBt$eHY;?oMr`w{_9N6uM?$j?N;%z?v z4(WE0c?HE62F5eN9J&+9qayLbOhtDeK0Oex)w>>vkFng#LA2@qK;mcz%y4vCo8 zIfE9s{`Eq-(3`AmZ^^z2=Mov87-Xd6C9gEQQke11{foZaYwTY#++a2^@vIehKmU(RiO?uG8M;R zSMGu8u5M4vB24;rp80PN=?oPX!dMGvRhjN zNl`fYQcMOhfRKaSl`_+HH^8#{q$~R!-341YOB<;-lJ1HZ9e1YBr$7}c=egyh(PFYT zn-Ic;+w8zaNdcpi3v{0!DK!LL!d!#6*+k}|!POAlb5Rv%G`)>>e2kp2W083QqW&D@awcF`3r^3;V{o=wUaxfBACviXTP~5iQD| z$mAdLL&pPPp5*a|PG;ZZ-%!0j8wInsdO?a$L>*_T&*N~r2*Eb5#sn@lZ1x?V7d}#S zx3-X2810pC?f-adR@4+TErXB_@BP{l2Pt9toB7YT!rKL;Vi>dsm>QQUp%4#TFkUBcT%#FT#LU}`g!ZV=;YeMg-JhNw*)rzBu*Rq z2EDY?ShbAC)_ukbZN_>AAWs4;EyviTE5>fGrV({E%CDklvYPkX$obgV*Lsx3D-5Zz zzPgEn)>wWN^7fdNXxKO(m9)7PvvH*AHLmw+{0GgB8vD9psI`r20f=iPI>=snle*v~T8%HRta&ID{GfA6sB_%4lqv7Pk# z1EEh4$)~*&Fk!WJwbE7%CU+j0S$B0RdmZ8-DuJwev8|?H(o`U(O z^H|R3FW`rAfRQfso8H=RR=>mQXV90WfxM>j>>eV-;~e7UgDe+*86`cPhjseorWOHK zvL@!_@dU_NqPSsW(}lkG)&oMwlywB=J|6``(k$3_e|^xSWVl+yru7L0r7T3F#@dR5 zv{4Ai-hn@dcKf>0d!J7+U=XR&fu6AtB{B=d_W9@H3BMO8X{?iDJ~}%Y68b!&@AGct zv<{<`r30JAK=MyGBOai?20T1q}&Z@ zUj8PTt*{TxQFSO37cEK@^Tb>ttqzK4@|xupP0&dQmg@IHRFB1)A0pwLjtiQp%81cc zjX3>DkMBFl5f;S68EZrO764GEpYxe*Edzx$7;ouI7S(D5=<_ZUiqWVkDkuR*_BN`h z9d7ac-FY3!Wq)gbI6za@p&W%6>O(X-;z4^3FAfwi9oGr*=9L6&5w_KKz zQTC1IsHmxF+}HM0KKC+j0v+Yc|C1%|e6-$<%8^davrE^2v(EVF=~^S}?nin&ThMka z^#cMw-%&DYkQ#|^s8Vk;p1GZ}?Fx#?eykg#OaN0(6S|P3w*4bP2(|sr9a<;kaPSpl zY$Mx&fH}9Hqa#kjJl*q*_Xwr^fkf;v=28k~5Pt|Ec8<=!A*P3FToiMEq&j6CmG9UH zUvHrbq^BZ>#*^YHkz}nk8O;Ig8CuOfF!fa}v;nko(YqEkX*Rl~RU=aRWAPIQDr9_) zReo)fQI@}a2E7`a^vymaG4MkqMs5Lc#84+0KMXNM@?GtFg!K#e{~uiAwE%Ep zB&}avAde9W-kNck3fgrNc&!0xHER^8ff8~8~ke`F&w*6i(X%b(OH`UJ%2H7-N(O+Zwe% zelXVQf-edE5THJ^Fy+$O;#k4S0d^RqhZ4`K(mN zA7YB*!6^@)Ti`UtjpdI@w;IsGi|{e&g;&`)%v(rx>spI1#E5Asiy*!L<;V5$*zI9TZ zJkz>HR4!IzYsItVfsb{gbLP%c>@v-}=5bJJqTp*i?LM8L0%@ekL8F$It45B}{NrrG z#x9II6*7t5hw2O0p}L9Sj>nwlvDxAkR2!@C7EJ#k@YYBvsXdh?A?EMpY}^E5wQ2oF zUD?8gx0AULP-rZyYmacX*lr4}=&<{dyOP2k~3Z62^xL7{gy zY*{6p_3$%*x0E0#REwt6D-QBDZ|`fkb@o(YRT=V z^kiZ&>WKrP^(*-TDCepDR*Z(F=UVB#G&6@3oVnwY)H9^^00p!X9Pe3EvF=8tN)e5?Ux*?dhWAA3-332> zunS&CheFV>4T`KLtqk(aOouopkjoe`6jq^(0x5N%;0Cl0ldm8P%5gbJ(ar?M6$D6y zTp=7IQve&S4l!ji1$A8`(eJR1fR;=vy+2(S|Ayn}7^Db-U9gC}(;G)GL1q-l-wG@Z@V=zQW0>FxeFXqMN{J zZf&amMu0Ltr;LrK?tB1Gg&I9w8JnbipDi%uxiCKno#s1;1y?n=@-J@A_!u)7L0D^2 zr5xrnif+j@rNuL%3+D*9s*Lnd9RAU=SGIKlOxmm@U$VY)r?`U30*c7&cDz8oIx+U! zCB5GadYHuF{v{*}q?G2zHaQ{J<7iyaNpxlHj_mH=;mjXVC*Pv%OMKE`eIt!P^7<^M zvHxt|sQ^glI@?g7rhsscxjqCV+ZaO*P`3}}Jj*2biPX(R00M%!)^&#K2*&Q%{(D@& z&$$d;atK@bN%ma85Z5sRWV!O1DIl!Yd}tX z!EglFutfwRfVPQXDgEafC?`3n%ue`YU~?*^-M{>fXa;Sk{l$gSNcJJky3Srf`50B5 zh8j(H-m+`X(DWFcZ_CpH$fiz;YvL@(sV?G%ET}@q?Ff?7z&d!hn>eJhF*s5&c^U&& zBwrI&&}}K9>uHeE+Bxf3K*DviVm||henqf$NoJ#NApk2biPi<-22H#a*~pj%eAzW? zyF@>+oiC5=jDB18GYQ5Bu^K&>F|F0bJ6AF%QgwQdci=M&JNFiN#HgNMSZja8FL+pF za_0fdr#BNd+T2kp3~y(-f{G%I2<-rkJNT%p$lg`*{!N<1auqNDhk1x}I=u6-a`s}~ z`!hl{?^L(B2H09Or)7Zb7Kof!c0SqKoy|Ci^#VyoTQ5^6X|2|1cro&Y`&|^fZptC{ z7vy$H5qJkh(Dmidi_%##WxM+i@SA(+Pj*Ux;M;j37YE{#069-atXtMY7*Y7rK~-s? z?}YF;hONkY#H8n&ueQQ4ozmvMB@Kjq;$piwyf$NzGchz%Qb>)Y9z< zbNX(YZ1y*`UId@)#mBqG!lWU$Bt3hFK0;&o9T!|!WDk}2_sBVd?c9$}h@?&Ixy5*cn@ z(wIxz@Cw!YFzBAOcjzXM5m|RW7W!Kp_K;-aA4LA@P#$WP7W>3IOnF$Cd8%Iu)sGt4 zzo_D9TT8Z+bON9{`~Q5v6x@4igl9JVN1zss8QeF3_#6>>iAk z|0+43GEu%|WYw2-hC(|S6;8ry6%G*(6iv%O^rgy~FM+c$l%PMHSh|+X1h=A?Dc&dS zOe`#DMnF9+^kiI#KrM4C^c$d;*oLviMp0;}_gZ~1%QllD4g8{qMq5xqD;op!0(Qzm z@q>gRYsdTD<#J4Dn44LDv3dNdrNMq+QX4nuo3ciLH}{TXP(Jt?q6sfI;TDTot#5te z;KsNO7-gKlLAB{(L9!ryvg1!knAsKw(Z#$YspHZ+SVPNQd0c)ACe(}zs*Rc~kQPF* zAQv4CFsYEUs#X#9wFpVIvbTSib zyn75}gns=6No9t|MiN5LbVrjF<2M)JXg!Ts43QjC0k ze_@k`k#P3d?|*J9a&HM=WdlAIy#O`mfdM19KBRyFAqU4Kg6#;ZV)w919j>MHe+eM8 zQwKAs{qNYR?ML>`K}i-;Vj>&Mehj{pCI|B6vzp~A|1^P|@v{!guKgn>=|XB$83(sy z)2)3l-7%9>T~mctSdH-2pACWy(+{rgA@~p9!7$@Z%=Ahqz3N6H#i1!g;^Glt7?32M zg=Bq`{zs7QM@YzB9IjKiU6f0M~s*ce|TwLd4Z)h!o}u(G%iuBRj(KaAJrZ zCpHz=A@?!+@!q*CdY$Z80TAZHmwPi|mSUnQLj!l`=Putrr#Z3n@=9DyxoM>Ogj^#w z6j*46A4B0yX8N^P75p-8q-R(kptR)N{^xnT9ruTbZ}>UZ)*(rAzD4R@GTF1pw5tCn z;T(B+XV_gnv-P*^*cJfDOPXCq1yfcqsZR67QgOv^r~&|iArF_9nKauks=(EmWe-4b z{!T{d@3Yg|J7fA5ip~}YjN^P1LiZ50huwbT8upB2jzPQ%RM|W}R%qfAS}D~6$*cEt zeTeaY(7Isn^+^>%F7XChXBJk?f+HcDZlmDOU+&rpD{Zofb@h;J9(sw|T?;@Q*_8R} z9&wjQQzh{Y*;4`{*13byL%7K(xMygl;u`Uh&w9JChVriV2sYTO5c1C*x_rs5^dTHA z5Wyl<^-!_WdGruPf{($;boELcewU4b$C(8O#XeDbLV1AJY|of5l-VM0@GN*DE@ow} z4*~|ZTV&%7KB4M@+$h~qlcK5NYJPhaC1~P-i&LaS!uiCJ?R{AK{5H12+OCG*g&*SCr(1U>JIM8OMT>sEY<`9t zH?PLztvBQE(2V&cWjm22Vqtp8dXmvBk?dbrtO^Rwh2s+W8eb<7fPpV@Mv^l`K7f@h zn;$h${BUP!OZd{W!KGT%C+^yEz1bVYHH@4kIUc&)A}&1c-|m~VmVU%6)V?) zT6t)|!t%ZM*#MWAlt%_IJDvI7cy_GNKC?6LOAOltDGvj<=8EhE-J#LC+{NHlo)E>S zos2xvg|#`oZU2O9`7oE8U4dkjYg0O+j5dx8$^oKd*r-$Y9LdS;HI-?vWRe%sE2&ep zOiU67UPWg^u-rJXP?&izcaGt}J3M5hV$fMG6oUY{EO(poY-jWezh--*&vJKq9a;Gs zO3I22!`Lw_B$>S{zTCNmE&8gXmo-VZ8^<&K@u$*f?Z>a<(h6kHG0#feIz2|ZWib7G z3GdHhR=JEKD7nvj{w?*Ibp`aQb|DHZzwY8kGF-$1kx01pB zSe17HoluXA;|ka{XRuG3bPW>5aaVy|dmq3KV`1xPnBQUJf~Sn@ErCa{Y@B53Wcygb zvL43`H5UahE2cn#tiSDWTTMRCotG)|_|E?$WXQ8`#X7*&EYqAr0-?os%R>SUK~d-M z`VgN7z@DREdnkeFNE2F5$>|{yYTgbJ)zm(2{Ba+380`ChMhw7OGr+UKSCC4at_+U@ zOJSgFWU*Ih4#MUubaeY7fY_V-womg;<6wy- zPyn1pXL>#rsGPjNra1YJzy60BJK9C#l#CJ);G=PCypl@$eQR8*t1W9B>#zf(y?NIO zdj*j@5aoHtDGa85VH^Uil1fkk%4@YFC+|oo%|LZ)KLWd`SxQiA98pwQw^q=X2y&D* ztN3nb;(I#l95K&D(=U6EyQGgvxT`}Ri6352JPCT7lyf!CCy&V;DfxRB5w7@G4P#Ta zY%?^6r#;45#Axux=x5112O>um*3$$k+0F96J?Y<36v$w!v;IUo@Qq^4(c@qE6fziC zp;x{7O)15S{PwG!7{U|OZKYG49Jp(dS{r5-AN|=-NB^*qd|m3T;xw`S5cpcD_djLP%!UT%D6|0lua*9nF!Fz{GAuA~sG0wFm;t{_m~s65a3hg=QS_ zK6aLbsmYFjwJuEl&*;K#zwF%n#Jclf&3tO&&C!ckqgx(7nH%&P%3BtV1k}JSnhsoL8ebsY+boLS4&Nnexkbg7BjRj()H9s#1;woy?L4u8nK7 z-JMRMh>_Jim{p%`QAnBuZbS$QM+G$s=MC^&kP)jQbiNv&CWau7YvXl};Po6Ec;fCT zuo&Ytm)_W;D@@xcpQd2!zLT5S=e+Am=kVq#5Q^=03>bEkA-~1}4dyCf~w<;qS=xt

    vWKEogzJs0yJJ_cm{&2l{mJfVum1Y5oJ&0x(StW(1e>PDi_3rQ^2rBg(0YUO)e(u zTe48BZ-gGWv7>qJ!zi2V$Cewg0hmmOOaR$|5F}}AIcbY6WorWydQC(u(a^LaO7VS- zT^vDi@(Q!ufZqt_^zM=Lv zwq2LkwgDxcH6G7kgP$8do6P__55|>-8x?~J*iFK11Z&rsveNw zQ$xhU3Hc-O=?AbWt7q$TJNGu7fr&w*DO}MV&~H=Ojh#jE+r@+EH{fxu6vd~5F3uASEQ z<5u%Rok)HWX2%Rho_8qy#_7?UtM#C_k$Mi+zb^u5!?62-s;}tV)3l(gh9~WcTQYX9 z{pa0UWpi7ftx*02lOc~JL;7M57A306+RCnSFXk6ybJ~&N8G4cJ6Qas=In{T9xA3OJ zwhT3kCd!)2nxAb*X?jOn<7xfi`3X6g@CK{zEOhKd%qdLl46bE~3ogl75g%LwLNyz| z(Q7~SlE5S^jJ%?u)fqAz0}dy%Ph+Z^(8}R-cS(R9NwNNHN{JCRVIqGFVIO9-P~1Rm zGWZt(xf4;Tz=Xs{#*UikM96r1A4%k%SUeg2{DZ=VmTNL)L>-phI<7T7&&w#S->|{N zhE&;3>(yu+XhNRT)nG&wF+kN=26QGdA=YYh&_p`ea`1c!>@_v=hWuX|`42`V@Ro}b z+qVtE%Zh;9pm?V&CrOMzAY)am1ZuRNsvBm~9w26c0;{1ehcWK6;q7%87V;nkKy9=y zliV~emKYDMhx-tNbR&!(kPrEncF1`04dwmy|1crGyIjTx?8p!5rdi~l6l#FVIB?=- zlq@*yF;oAX0fzM%H&@b${Nzd=){gR#>CmVWK>bG|T_B;^T>470+J7X2*(jKwHP#yh z+Ag!bLC%=g%+M6p>|x7obs1HTUri{k@GRG97T^E?G#5|{^{G)Ps6Uzy>-X|~sS@P> z?$$*sBh^PvRvEb6kY2C*joAW0X^@Ko9O{_Pu{H)k5^~KzutxlKThS|-(G{j6XAQkM z3v^4v6LnMZFrp|*MF<6vx(eYA?BQ7`4?mn<%8<_y@>U5M$AUr($kV?O@V4qb8us(x zQVVOQ%@Wruh6+JXoXfIgU-_yr7F|!kEMYC=xp;?s?^;gD-8UnGTiel)ZLrKA!XL3Y zDtD0(#N#hu)qO>_;0R0ajhp2d5IjJb460+!Am0y2*{i<>6kw6ltOJ&i7Q7^!H%<o{ndU>Dqcz{#IMcm_rHguI;^m?ozvP%Oh)&Ft!RocY%si<>P7)Fv9G zH`|=B6ZtUTj`c=(^Hji>wKszW^IWcXll{5o^NlkQsMe5azKoPxW=O$9id|-Nk6k0O zAk(22m3|}2T1j;C!~%tr&L58UE(nReuPE zCs_v#L0t@hRDU(O>^g|sUfhnRid1@GDHdJjTcEvSDXp- zVYPRC*a%}|9;Dowv#SxW02T6$M?58_ygCum@IS2w*{Ok#>Pg5ULV;k|KO*12o=_q% zmX5KSm7zK_abynb$woev%H0r|skV{vaMS>N+3wnour%#4q887ioh=Xj z=lou4-lAm@xWB%dR|FGvrGu0QxL)Uz0AwjpwCymc^In6lY|wLErl;0={;BDUmxOj$ z%$dmfNjTNcS!)%ME>ScNC`WC#ImCqhp^D@Q@DKLN-G@ClSY zf4gk3G72{}zW`iz0lfdC&Z*bh+sFNdydbkGd6)v2y$QcZHsTvwNW8bm@ZM%lpCEws zQWi^GZ>E*e5D8u?Datot;pEhFnyn43oY#bZQS7$ja0nOUS+Y~j6ta`t!&$c!DY%ot zn|;A%9~~4{wz%IF$X0cW@w3}BO{Q(=!v?DXSvAUjb6VH-V=a|`jPHd}qK>s$U;}2q zx7aUkaUx7vV`QP##}^gG#*m&VuFQWvzmX%edNrX8|t=!N=!-bK@QfeSS@Gi`6;I1v8sUooog zPE@;bfxVMXl}_5eP>QxC5zr5-O?5KK1S}GpwH+w;>u>DPQd(H4s#F}$>oYUYBs@KV zd!b+{W(YG>XoSNY3ZpA9ICiGaTx~F);FIHw{wBB3AI0CIoAK2*=)g(0-EBwhzoX8d zC-lJEyiLC+jE`?&cyZrjJLNQjc`jHR~HX(Q2sP&s6C%ob2+1DQ6a zCIhW}TxGym*R6z#q{>mbsKgbP(DuR{J6<{>XU5$NGn0y?>2DoKQ}u%^s&Mtl8WVqc z$k(&H(LO(*chvHcMeMz>{dnNAbLg`B$oLk=V0hgdP8g@g@Hd!XY4DtJ7>&WBqtm;p z9L?};DGu0fEBdK(B)GQje48db44?CaQ7`B>KHh~Pi7xXG7V~Jgqb4_n>yLUQ03R`^ z15g^`@%Lezj0a=J8^Ayl{&N1p|6((v7im;jn%XqV;A|<}{LJYyf8UHb&$KES-<524 zq5#*u@zrRMOa}3gal2%F>GoM+=ejO)m?9WmJE^eTcm{WHNr}QzI!~gaOq$f_yew&r?N=TONtb@3tb~!eCMa{MW)?QO zW*O~1w??sOx*dl;9B=mC{Ul-hlA4}ID>T;cDMGjQ6`L7RdH5E#5>RzDB_O_C_$1xV zc%Bx?=d`$l;AoEJvhm`4^ZX-JzD=~9-`lSCY$?=KTV$6A+hZ_sNR21Z>$z|qG6;i^ zYpTG`QL*QUN|hnI@&7?q73PxO387^KM3A@FG&uBKkTZJz zXDeoRIt$|lx@hL7p~$YH&48zoR^^7p%FhWAGyrNu`y6o|oI=dmc9;nsw3M99oo5TB zUg;c9Uq_&bL;)vP#17WFu(qZ`@9>|V!-&jg#Kyqw*U&$+Y3;zLwtZdg`8t4tEYs*` zEwjbpNY@$!1o<;Ms>@5bqaKU8EPvt9ix2xdw2JnY(zw@yi@S0Bh6o9yt!WM2?b4&Q zDGRi&)j54HTvGJ60@70(6aq7;TZkwRv40Y=Q7sS{TlkuJoGix~bb?%{4W`FHQ(dOW-x z%olJ0A1==?&wJ

    |Ol!0Y9Si=p3IPSTw(f@%6)ibp_%c+!%q|K*39y3F{!!25Ku{ zBi#yeqn`_Dj5f4iX~0-_iA#I3OhxH>O00!~bDB)W1|`s zDE!b93nDc5mab+#tiF0<-Mf-ctjAtYoQac>XdM_oCK(e4#{SV!ON zW0e1o1|9S(j@W+mkG|9WB{w3k4zelr#Ep!E`G>8ykFc_HkPR@<6G8G5)xqIz`(rw6g3)p{Fq6AxsL}pT? zXV_p+e^on3#j?%;MJy6nNQ&Ay+vYIonDvPc|IekxdmG%tJaRPV+WQC4(Sd1f*mudjUoDV65-@{ zQK36nj69{3RUAQzs7Q2CNM~DxRYze}n_RFd{l~Z{K?eY0l#YF#X_}_=X*#F3{$n(^FB0X5k!uYlZwKz|)dHktDnhRZt?WP^=QIR46VRwdQU*=59D) z0#7z=aRoRcDfwFUs`tS_Y@z@hGpKeHAS{fN1X(m#mDP%>r9|76lUP%*G14I+p|KPKntI)z)av0yvPY>!zV)+d3#*^7mImsNsjYy-0WqnbFRl$i2qe)H>POy5>{IH(( zL|A&ELz`2!H`YV-40w_VY?)w@3{~8-Zi{od(#s|4J#C|^J5kMqOIA3z{ALkYg5A5t*TG{Ca)186{=0YHkV8K(= zjv9hjh{!{}Nj$oEkokkFx-CV*LQa^<@&CgXrvcg>5%M0d)Ho9 z=&pnRUOyn4&%N)9)!r}!q_t>3aPCz*r-*ve6;zz$Yk$p6U&&=3VWkyf`eXl40{xHw z9{F8{C8C_G7T!A&KtHeE@A4=Zl^KgN2RE!=Thm9d^^eX})F!?J25R)^K@n89TW+ z?Mz7LN4na+OsA7sK*pfp5>NQqF#emCH*wq)}@&YKoWA@X z_?s`qTH7n{)(d_ISB_bYeQj)vU%1(P>E_9pMXP;ux)<&4h(%~pw6`ZJ3~#ZB21D|@ z!>6xMIauL76fdk@A^N^~Ai1`#wJMYDy6ZY=&<_4pjIYwbqGk37Qy9 z8&Sv6LP*K{ehGnnJLD2hDHo5(@=Rx^DKQh_Ok$Rl>Krg?3mXJ`l*Cr{ zmvL>8C|CcU(eqzDQ5vK$kO_Ff1D&CMI`3|O`jH=p|hUmg8 zg{_3U7qs%QZtvV50pm~T;5?r8kK^elB0sltE(=rwjykWl{&G!Uf|L<|0&vf3A9vP* zeiLmu`^0JWF)VQ$dRbb?Er9Wx#q?9Az2qK27?V=E7F{ON@^_oa*-qrlK<%M0>;m#i z>#Gp`w-SRM3J&oXx|Erh|I7n_AbuwdZoE37)|ujvYK80C$ZjzFL5%e@48Wd3L&CSR zbdhvB354bO=-W->dkTAk;x{hrQk&HG95NeB-R|aOsm>1aBss>xGfPZ{Bg2NeOp-qA z;<;T3Z5_E)Z=t#~ljL4GEv+o1%6x*s+I0CP_U#Lb@pskKpWThFdjpmmf!=)F z(m{43Qm!m-(N+KE;CMCIH9Yi_W(+qrH(hVrHWYp5ueb=dAwgp`NjG2!FraDb zrpBDuupMBTvY}l{YgygyI$37SVU-Zv@xYUAAe` z{au$Q&4yur9K``I!_Mpj4@$N@GqJTr8;OzX{-DEl+%|+A{Od#~r^@r#; zu`+rS530HVu?8uy0+ptOSsfZ{>#}(L?h+5#e=Z1xA!hj z3DceFoho#aH3b$vb0^RRnd2gOPAZg%_=$QXT|4XW(3jlSi4eKBHOK>B5JEgx3@<6^ zI#DZJdhig0ze~Fh8up#iv-a&|Q3&J;lmmqDnzFSXIj=~mE|H;6SyS5SR?aS6hs}on zsU?JwkY6IYHlTUdv59D+QlyF~U88*3O_5oE#7C!{kx)VDP{2;@1A_cr0M@O+iw4PO z$*0ilC9;M1A2z&_>S zOmft>SJ^t*GID{hw!V;mutq?sGtd|5p<(f$BSMQ+TkjKkJ!8`~r<*VU=ylJ6FWQIz z2)69B*__g&uBoiy#IhrwcVsv>Y}cL$2SeG7LQ?8lIRUO)#&h)8d)eu_$f%GT-;od? z!S9mY&ezs@<#vET#}Lfwbc4Xi$X1-nJhb-^#H6qqj=>B+CzMcYh4O?ad{rae4$fo4 z7!bMT=i}~GhA^l&5v-TpmgF6RB9{gDfzFgtg#$da6wnn?vBiWgJZLRxYU@vUFBJ9C z)=Pn}O^vKPH4xu2hqfEJJZVI666ES_P279Fn2P9AkPfuc!lkfly+h`DWs)*JPX4jf zu8^wBrDs#i_uhCN=hM?T|3tyjnv1IO5_<1%sq~||;#X|9d$tI*)Rx63ruH(JIQ9&- zv|A@Gbl=Zsror&uk=k>lbUY}%z(MvsImN7<9LQBeS3e$4oDN%~-kIKW)=y<{)8Ar@ zkCi6Qb57CboSxWhN$J4ylh)}d96&K$Pwu{qZaVjI=RcP#-2c%oi?L3d+1Eixso7Dt zg5den=UVOMTGeL7Vg|Y2a?oe5j?OT9H3xb@kil;a`8A%I9R|^JGJtO>ch0`}8w%IY zR0-!#<@M0Y6&ye{RP$blg@OY)Uq4m%&e!2zSGUvga2}@g9^F3F0N;J+pUfZIF$cnh z2OBK#YQvfJq7X}jJ;bN2DQqXu5>Ra(5xDQX~S#d&C}nRjnds!G1PvsxAr>?f|KHfc140r2J>cN?t$|7#096PNgHD6W z9oc~OsvA%_JJ9=wkq#ghC1@-m1x>r9194-hNl^SL1bb$%P!info/web/last-modified + + popd +} + +## +# Vanilla composite repo +## + +update_git linux-all.git/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git + +pushd linux-all.git/ +## Add stable if needed +if ! git remote | grep -q stable ; then + git remote add stable https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git + git fetch stable +fi +## Delete broken tree tags +git tag -d v2.6.11 || true +git tag -d v2.6.11-tree || true +popd + +## +# Ubuntu kernels +## + +update_git ubuntu-xenial.git/ https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial + +update_git ubuntu-bionic.git/ git://kernel.ubuntu.com/ubuntu/ubuntu-bionic.git + +update_git ubuntu-focal.git/ git://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal + +update_git ubuntu-jammy.git/ git://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy + +## +# GDB repos +## + +update_git binutils-gdb.git/ git://sourceware.org/git/binutils-gdb.git diff --git a/automation/ansible/roles/gitmirror/handlers/main.yml b/automation/ansible/roles/gitmirror/handlers/main.yml new file mode 100644 index 0000000..ca512a8 --- /dev/null +++ b/automation/ansible/roles/gitmirror/handlers/main.yml @@ -0,0 +1,13 @@ +--- +- name: Restart apache + ansible.builtin.systemd: + name: apache2 + state: restarted +- name: Restart git-daemon + ansible.builtin.systemd: + name: git-daemon + state: restarted +- name: Restart grok-pull + ansible.builtin.systemd: + name: "grok-pull@{{name}}" + state: restarted diff --git a/automation/ansible/roles/gitmirror/tasks/main.yml b/automation/ansible/roles/gitmirror/tasks/main.yml new file mode 100644 index 0000000..e726602 --- /dev/null +++ b/automation/ansible/roles/gitmirror/tasks/main.yml @@ -0,0 +1,137 @@ +--- +- name: Install cgit + ansible.builtin.apt: + name: ['cgit', 'apache2'] +- include_role: + name: common + tasks_from: certs +- name: Configure cgit + ansible.builtin.template: + src: cgitrc.j2 + dest: /etc/cgitrc +- name: Configure apache2 + block: + - name: Enable cgit configuration + ansible.builtin.command: + argv: ['a2enconf', 'cgit.conf'] + creates: /etc/apache2/conf-enabled/cgit.conf + notify: + - Restart apache + - name: Disable default site + ansible.builtin.command: + argv: ['a2dissite', '000-default.conf'] + removes: /etc/apache2/sites-enabled/000-default.conf + notify: + - Restart apache + - name: Enable https + ansible.builtin.command: + argv: ['a2enmod', 'ssl'] + creates: '/etc/apache2/mods-enabled/ssl.conf' + notify: + - Restart apache + - name: Enable cgid + ansible.builtin.command: + argv: ['a2enmod', 'cgid'] + creates: '/etc/apache2/mods-enabled/cgid.conf' + notify: + - Restart apache + - name: Manage apache2 cgit site configuration + ansible.builtin.template: + src: apache2.conf.j2 + dest: /etc/apache2/sites-available/cgit.conf + notify: + - Restart apache + - name: Enable cgit site configuration + ansible.builtin.command: + argv: ['a2ensite', 'cgit.conf'] + creates: /etc/apache2/sites-enabled/cgit.conf + notify: + - Restart apache +- name: Install git-daemon + ansible.builtin.apt: + name: ['git-daemon-sysvinit'] +- name: Create git-daemon base path + when: git_daemon_conf.GIT_DAEMON_BASE_PATH + ansible.builtin.file: + path: "{{git_daemon_conf.GIT_DAEMON_BASE_PATH}}" + state: directory + owner: gitdaemon + group: gitdaemon +- name: Configure git-daemon + with_items: "{{git_daemon_conf|dict2items}}" + community.general.ini_file: + path: /etc/default/git-daemon + option: "{{item.key}}" + value: "{{item.value}}" + no_extra_spaces: true + notify: + - Restart git-daemon +- name: Create git-daemon group + ansible.builtin.group: + system: true + name: gitdaemon +- name: Add www-data to the git-daemon group + ansible.builtin.user: + name: www-data + append: true + groups: ['gitdaemon'] +- name: Install grokmirror + block: + - ansible.builtin.copy: + src: files/grokmirror_2.0.11-1_all.deb + dest: /root/grokmirror.deb + register: grokmirror_deb + - when: grokmirror_deb.changed + ansible.builtin.command: + argv: ['apt', 'install', '-y', '/root/grokmirror.deb'] + - ansible.builtin.file: + state: directory + dest: /etc/grokmirror +- name: Create grokmirror log directory + ansible.builtin.file: + state: directory + dest: /var/log/grokmirror + owner: gitdaemon + group: root + mode: '0755' +- ansible.builtin.file: + state: directory + dest: /storage/git-mirror/gitdaemon + owner: gitdaemon + group: gitdaemon +- name: Create grokmirror configs + include_tasks: + file: mirror_instance.yml + with_items: "{{grokmirror_instances|dict2items}}" + vars: + name: "{{item.key}}" + mirror: "{{item.value}}" +- name: Create legacy pull directory + ansible.builtin.file: + state: directory + dest: /storage/git-mirror/gitdaemon/git + owner: gitdaemon + group: gitdaemon +- name: Create legacy pull script + ansible.builtin.copy: + src: update.sh + dest: /storage/git-mirror/gitdaemon/git/update.sh + mode: '0750' + owner: gitdaemon + group: gitdaemon +- name: Install cron + ansible.builtin.apt: + name: cron +- name: Manage legacy pull cron job + ansible.builtin.cron: + name: gitmirror + cron_file: gitmirror + minute: '*/30' + job: 'cd /storage/git-mirror/gitdaemon/git && ./update.sh >/dev/null 2>&1' + user: gitdaemon +- name: Link cgit export directories + with_items: "{{cgit_export_links|dict2items}}" + ansible.builtin.file: + state: link + src: "{{item.value}}" + path: "/storage/git-mirror/gitdaemon/export/{{item.key}}" diff --git a/automation/ansible/roles/gitmirror/tasks/mirror_instance.yml b/automation/ansible/roles/gitmirror/tasks/mirror_instance.yml new file mode 100644 index 0000000..22c7703 --- /dev/null +++ b/automation/ansible/roles/gitmirror/tasks/mirror_instance.yml @@ -0,0 +1,22 @@ +--- +- name: Create storage directory + ansible.builtin.file: + path: "{{mirror.core.toplevel}}" + state: directory + owner: gitdaemon + group: gitdaemon + +- name: Deploy config file + ansible.builtin.template: + dest: "/etc/grokmirror/{{name}}.conf" + src: grokmirror.conf.j2 + vars: + name: "{{name}}" + data: "{{grokmirror_instance_defaults|combine(mirror, recursive=true)}}" + notify: + - Restart grok-pull + +- name: Systemd service + ansible.builtin.systemd: + name: "grok-pull@{{name}}" + state: started diff --git a/automation/ansible/roles/gitmirror/templates/apache2.conf.j2 b/automation/ansible/roles/gitmirror/templates/apache2.conf.j2 new file mode 100644 index 0000000..d302abf --- /dev/null +++ b/automation/ansible/roles/gitmirror/templates/apache2.conf.j2 @@ -0,0 +1,25 @@ + + ServerAdmin webmaster@localhost + DocumentRoot /var/www/html + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + RedirectMatch ^/$ /cgit/ + + +{% if cgit_tls_key and cgit_tls_cert %} + + ServerAdmin webmaster@localhost + DocumentRoot /var/www/html + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLCertificateFile {{cgit_tls_cert}} + SSLCertificateKeyFile {{cgit_tls_key}} + + RedirectMatch ^/$ /cgit/ + + + +{% endif %} \ No newline at end of file diff --git a/automation/ansible/roles/gitmirror/templates/cgitrc.j2 b/automation/ansible/roles/gitmirror/templates/cgitrc.j2 new file mode 100644 index 0000000..e584e5e --- /dev/null +++ b/automation/ansible/roles/gitmirror/templates/cgitrc.j2 @@ -0,0 +1,10 @@ +{% for entry in cgit_configuration %} +{{entry[0]}}={{entry[1]}} +{% endfor %} + +{% for section in cgit_sections %} +{% for key, value in section.items() %} +{{key}}={{value}} +{% endfor %} + +{% endfor %} \ No newline at end of file diff --git a/automation/ansible/roles/gitmirror/templates/grokmirror.conf.j2 b/automation/ansible/roles/gitmirror/templates/grokmirror.conf.j2 new file mode 100644 index 0000000..cd8ac11 --- /dev/null +++ b/automation/ansible/roles/gitmirror/templates/grokmirror.conf.j2 @@ -0,0 +1,16 @@ +# {{name}} +# +{% for section, conf in data.items() %} +[{{section}}] +{% for key, value in conf.items() %} +{% if value is not string and value is iterable %} +{{key}} = {{value[0]}} +{% for i in range(1, value|length) %} + {{value[i]}} +{% endfor %} +{% else %} +{{key}} = {{value}} +{% endif %} +{% endfor %} + +{% endfor %} \ No newline at end of file diff --git a/automation/ansible/site.yml b/automation/ansible/site.yml index b946476..af3d745 100644 --- a/automation/ansible/site.yml +++ b/automation/ansible/site.yml @@ -10,3 +10,7 @@ - import_playbook: node_standalone.yml - import_playbook: node_sles.yml - import_playbook: node_el.yml +- hosts: gitmirror + roles: + - common + - gitmirror diff --git a/automation/ansible/vars/ci-instances.yml b/automation/ansible/vars/ci-instances.yml index fba5728..d69f3c0 100644 --- a/automation/ansible/vars/ci-instances.yml +++ b/automation/ansible/vars/ci-instances.yml @@ -82,6 +82,22 @@ libvirt_host: ci-host-amd64-1b.internal.efficios.com # @note: `meta.address` doesn't set any additional information for libvirt VMs. # containers: + - meta: + address: 172.18.18.1 + lxd: + name: git-mirror02 + target: ci-host-amd64-1c + config: + # Using a privileged container here means we can avoid doing + # uid/gid mapping and reduce the work done during file IO + security.privileged: 'true' + devices: + git-mirror: + path: /storage/git-mirror + # This was created manually: + # zfs create -o mountpoint=/storage/git-mirror tank/lxd/custom/git-mirror + source: /storage/git-mirror + type: disk - meta: address: 172.18.16.1 lxd: -- 2.34.1