From 312f082ad252d0ccbcd355a27506a24e93474983 Mon Sep 17 00:00:00 2001 From: FroggyFlox Date: Fri, 20 Oct 2023 12:40:41 -0400 Subject: [PATCH] Add documentation for the Tailscale service #458 This commit adds basic documentation on the Tailscale service: - configuration options - important requirements - how to login/authenticate - what to expect on the created networks This commit also includes a fix for Sphinx's basic css theme that was not properly loaded as we expect. This corrects all images that weren't actually aligned even though they were defined to be. --- .../system/services/tailscale_config.png | Bin 0 -> 61239 bytes interface/dashboard.rst | 2 + interface/system/services.rst | 215 +++++++++--------- themes/rockstor/layout.html | 3 +- 4 files changed, 112 insertions(+), 108 deletions(-) create mode 100644 images/interface/system/services/tailscale_config.png diff --git a/images/interface/system/services/tailscale_config.png b/images/interface/system/services/tailscale_config.png new file mode 100644 index 0000000000000000000000000000000000000000..6cb7830fe058151b626f9293900aa6cd8c2a8dc3 GIT binary patch literal 61239 zcmd43cRbg9{5Sg5rqDnoqf!w<5=y9qN>)a8va&*C&ytjkBqTx<*(7_1Bq1bZuVnAN z&hyiC{m!}1xgWp#-1j-Z^LU&;dR&+F{jB%<^?I(?=ZTz*Bqaqs1&KtWymI-{brNZV z7Kya+;I=LJ&XkL(JN`p%aaq-hM4~Dq{*eW8P#qwV4w9~1x}a#MHPUWtN7J}gF**Ou z>_f|u^AzMe9Vm}J>bQ`7a07o|{N-In?AzE6>WGtFDBv4>aPaX}dHIDnHg*-agC{;7 zy#97;{pIn{6VuDO=8s06Ka9-Y+rR9<6z&;f^?PI_}(^OM@*m^=fj;B zw;fuOlBb#1Q^`mF+{VDFR z3MQMFnmWwSAEXc~GdR0-$G-EXrktes_~*gFlK1X??6_r+9>Ra;7pZ3LIA>PtC`mEy zx<}@n)}gFhydi@2Q%Cl4Yi)|u%(L0IW6QN;d+y)Af8@v!lEuox3pwRrKl&?U za&GQ-*^@m>g;9!1@01dhUsfBK@*mjZet&g&J|G|7o;ExHgOKPn&n|-fh^Cf2O3Qq_4k!u%DcqJWRwn_scHgIRsOj60ai}Y}!Um&3fuo z04|oSMxZWlEcYpQ;ljm~KUeOwX7+cLxa%1hY}mPP-{scKJ1uFtTS-)&(T1}Lb4IT| zx1`@bbMMcy!W5IHWZa);uU}K1zj~EIUS8h8K3c-(y+W+-+ULd`tJ^M%{d)^sGK?Dy zTRt3hoFCg9mUVZm?aV4ajrf}zDO&hj?ev!B0!IN785!9_PtWw*wM=VVPEJn5$&0Q` zxHIvoXPHUQ4mHlEIwXnMj5FKX18^l#rzw;GTk(F>SeQ&tXg5%KU6aXH1yJ25#~qRsPX zUQC|m;>C*^Os*$So;-5&=wJo;p@-RLj9$ffrs%}dCnW$gX&S%TLRr#;pVy@Q{Mf-o1NwVR?C&g>vjpS$Vm9g7OJI>1e0L zskd+6{;?+0(bbK+Sybra-EL-^Ln+;G`P#Lzrlw$T?;Wdxo~3si@8mr7_I_*G|8*=6 zmvw7>ZFMYf-Lf&^#z0o5OQ}Kn;4&41;CW9f#%zo34Hly!T*>)tPs=afyT_NLmZ7se zH|mxydxu~BNyVm3n^Mg?MVy5M1cGs6H`J_gSJ|s4DUaAVre(>iwPcLdX4E7-YcxJF zC!&V)u2_jvh<&eBklP{A|26Q8?O2%BnAT0~)9UE#;}X(VkGRWC`Axi{zP}OMnqN?G z#&M1_EiG+ksPQRlxZQ(R^CHH8%08ETVrxHS`=pbW>bz_dbVB`ejC80MrM6d#=}%E! zM@Pp!babDqxQo8A_?^4{G5nw3jvj1?o&J2lT!Xey(JeKVr#R%tD?X#cZ=~>1J9}hb z@)_-(Z?mdZlDeqqrj}tmXyP4i*FzpmK^$sl&k}8L98G#l;(i|q{LrJcTe~Xggq^*8 zPSc*hztB{oleTl`&Mw~eKOa6zHSh&@Zr=U(2d-f)rZ(hS#{Rtcn2Xyc_tv`yFZXc& z^ThydwF+;~QQ`;PhuFUu1{0@Rb~BF0r1J6K|9|NDp7+<^pHDV5@JUPL|1ERp#2@_o z)5{Zok20~7TGxHRJt`jl#>%&##L6 z{qO#M+IAY^XbY04QVhZlGg-&5krV=_o@ z(O3WZ_ndlydiwjt@%YKUeEHJ#BThk(fr^5HLhx?SCj1SX*Tu$orFF$W?7rUr{`w1? z8&P4`*4D80Iq9~?$6wDf)BGCDJ#JGrYsEatn``>_V%rX16vICA!1)vP!Yw}jN5Tz1 zEc2Yk!jpRO^2C$OO2pT<__X$W@`hYnSX!csyQ_QU?_DfAah#jmFMw56C%uJd-wrmf zo)6ac+;*>xAdq+^Y@5l$3UC*(jl;RL4h2QVJyF`TNrY;z~-v zt`hDgZc%K_qc-~||1Qkz``!{PuVQZT>`UInO_FZVEBj}=ZDBwAtDm=#?Vr2b^EuZz zKFzS1ci#>aGuk*V91cx{4Ift8oz2^*BG^N$zo?ybbiZA^iJv`O*hn!Q7{!)cA{9gL zL43!Ib3RVuiW>2=olH?%Q$F4LdtTe_>ShmcWc;D}cY_GX)L|`qT{}%doVA_T|C^ii zzi+Ys_>hyi;|r(wq)TH1Y=4mRVet<;~fQ0yu5m9gvR@(`m4s2)-3Dl>Xt^$np5u^HN@mJvgP@S zEIm%v%&X5ZxsiKsFlxOBkYS`Pr=j31slt!>cCi~7De-1e`2JG{*^LWUF6*nd1*@U= zC6m)LNL5pn4u7tj2z*Xh7Tc%3w%uE+D^+2_wJLRVy>9e8agI@;W@RRW_3wave4gxK ztJ>^f)+^8a)rpSSpEK)4n8K^3(SLG*a zMc2b5nd~0|+091{^V>~mZ=q(|QT)-Ufhd{oTPQ6P`r}l%~{>)ffm(U!j zSFv^RVVT@O`W)0g!L*R5Wnj3-%~_>o^>f+s=;tpoUHwVH#I2rfQ!L>)al)roWZAp? z>E4FaTVf>RAMZCJ)E4k@0=Y^O8yi@OG``s+%FSvCgE4d6=G5is_B7TRMHJ74+xkY;o*7aI9?D8 ztS~(o8}R`@#45HQ%NZbPWIE0cm80c;`juhQl6q@nF!xP^pNXn(V`6mpL-z~WaPHc* zYiX7JoC_Xln6P6|U9{xJnl2vuDLow>ooy5pJw5^*k*LmPpFeA*7t}L|x`dsv`u!|0 z&;y9Qx56*he){*y+Vc3d*JlH*hkxe$SYPP%TkLtt{hiMzGVW`8IU{rkt2%a^s6W(EPAx-0~< zQTOco{3Wjn7aFc(Js$8ZEon~ECHwO2TVKgmX1(6eKIc{@N|&rVGVdIy3g%`-$M{_x zI{j%ocUOOZIaZ9_`fZ>^s>A5pV&Qr9oDk z(O>0Wv>Yl04yRwmOx8&J;ODw!3n+K}c(TPr5IOIxz&M^B#)M5#E5g$D2= z{gm#+OCj527Y$Xx-MX{u>Kzd>W7E#55rS?H9t4F@P)Yjd*7%L_q*$TGhPdUoa7wI5j!XwRTr3LihXqO}K|ffZ~PuB%WN~&_9XhU zO71c7oGDjnG0Ft@`BL4IKKI$!+LRY$Yyyo9(pb&w#nPu6Ro-0mFyVS6BPB)flO>zQ zss1anvQ1ge&d#&z9A4LlLJcJ(wg3(`WN|3PE57}B&%?yCzP_G~jV;o3ea%5tODnwU zOyJu;Iq~scrQHh(qqJULUOG7QW>bFfj5ud)-jJ7~t|AFHQhwv!zPnZW=vtVdKgbT4 z?W}`D^seZ-MT_H7%SJ{-!tG)~DPoGGV%T zZ}caKe@)G6p*ZCvda$+prJ)3e{erdc{y0xgPS(vci#WYRwI0+5&7YZ>(W%W4G!FbF z$QAZIi;;Yw(sBB(MRQ&KbFUwpGOnHozC$dea4aP8OP8Jn1${1Y->Ug@2Q3Xvs&>hS zaEGDe8#Zp#ym;Bc;VguJrMcOO`FU1WR>@A8tGQDWgN24*R!#cqi{qCiEi8C&L|M_* zAMaNDmeNNx3!Or;Ivk$TawyBC8%PsfNsL;!PpeuS4=e;53=|$RKpKwo*_Tnuz#yj3 zt=%|dH#4(eiz%1FGWh>cCH=JhUyevNF4 zLtp?=p#NO==?{GhFsESd{)xuLwb6*FG(#$2d86pt|3V zaDEhHq{2xzA5Q|8d4ZKLFDK^)AP)%u%mnEC5*Fto$`WY-y$0yyLP+cQkGMUZuImL% zDn%<(QvBu}BiFZT5B-QEs+-&Q?{ZGg&UXbF^hKD$?hB*(m=~?i#T!YufvQ^eec6Sz z*U_b_Q zBQ1$4X&c1l?H0N{Pli^HHU4SKIi(PDtvjuP$!dSv-5WpWycF_m?w}x4L|$-byOGSG z``No21=5>YH2ikB{pW(ScwSLx=R4^6wkau*Q&Ih19EgyVr#U7Y{>^*;DWXwghrL=$ z`uzMCv#3jchZ)o?H2fU^Q-WB#=tR@F;dD9rv7XE>FYyx|ly+!a=YAAu7sQIFn?){Y^ON;b+$W9dkAOTD78WjLu~dE2 zE}LoAqY!y@e|5f8u!fPv_LK09uhItj%na^tu7q+d1CY0UcmdhrVtVT+7!BkIdz^Cn z@QWwa2ECs=wxd9{6#R)%p2>=&VmkNb`B5pAOw$nc6Ni$kU7SScUf%qEeNVBTL{j56 z-Qh8|HL@`!VD}Yi2vP*Oc78oQOMk}l$mY$Pp#$#NQd%w0(|=`faByb4GvcUJkQ{Dq z;qqAC@KOQiAunD&(m_TMQ4|0&l0pCF3=!GXR|uB-b%0vyZxOJp{= zUYLl7M7PX^^?LDf(K~eI?C~Xqe@Xa%BTxKS9Q^Tr#fN;6K9COxSq2GJbMCc}t#53E z3%y%P(b}tbQo*?|*5xIA84evix|x*MUIPV?B_)#CYg|ix5$pK;+;6IZBG$aYby-)F7miArU$gTp-fDifnWQmF5$@4iiG6p@ zk=yrU)mWaUo~vNM%IMA9ajx_aZJ(<@yDaYhsUX>Ad-I*4aO>h8ff;(}tv-ju9uZ)E zKI*_2majMcX)hGJoV__OPn!g-y}J3csprGb$ts%(a%=zccu`Z9qz`?$JGF?)+t2GYsGPuPlmK$Q z1@j%fSo*rCk9xOn=iOKpd$89b{ z^GANDDW!I1u%Z2_nFBEOOoMDgvZm1d;l29yNh=&0_qq$CtynvI3Pn@8{E(Bi~Y|Y{(9pE?BhDHjMc2SU%tG}lbYE8?dN^` zRX-+SqW`=UaVC%gr|O4?DAYX`f{@s6|9CHN=jfRC`t-_F6}M@7ZXm>kv4VLm&@v_x zq}*bZX^;}dc*Q56e7pAT`(rtRgQ^rdodE+teLSgMOj64PSuM!mi;phBrLnz0E0(ZSrx$d zw!n><{#|{>b?w|9R+&C@?ccZ_fSCJVzFZD>Su(-`Ek}ddb{>$K;IvY~T<;`&=n0Ug zZ)^()R904IG1YhF@ZrPz1k4zY1v~-soCfQ(8mvD`TyE;EQo~;#jp`J*0^7}44;{LX zPlOssf;kh5|AnNu;hkvV)m$_ED5E~7%!dzNzBZ)Vszv!q-fY4ulK!%z^}+iAq84#x zvR4i|HmVEqUcX?~)i7!HtzgT882{zQWtBNIaVtR{+hu{@LQ8?aT;w+wjUAg`?+{B@ zJ*k-ZV7=?fd)f!`VxQzTJ}5C@8ID$Mu2~r}jWye}<{lw7$(xfo-6~=!qD6}LimPUH zOBW^M+?wg1H@MNFS*~hpx9EiGjzE*he*J&~2dbax6>`@MR+fc5ZbS#^aXFDGEQh~T zv)*XYB4a-%va+L%5WmGt@Z;_N>ccB*b(cyWXx5z@{zDrVz-(_CZSATxK&n1t3 z#O6n_+*e9Ra(sTUL(K22fD9e_`za|BRh5Sw+ciwnV$aL-WQ_TaxBG1ntj!zmRiPRy z_Gj>n6Ek;m%qcu>-j?nE^5s5Y7;!jMw(Zt?!N&*Ma;&iLVr5>>P;(Mn4-aktt4j|s z>E*Q>$&&b0V#9KAQ33lw&lH0eF>C3D58^j#d)#Q;pOn?nLoofxo^otWYB!*~cKu~F zDrS*yVBT^{fdFsAwXAH5XYPUN5t;(FtVFawaD79*y_KbsI*Q8*2-ZWOjbBmC4Qx9N0f7NCJC28$DmjDQO24l|fUo zrqf)@ZP1(z8#dVWJYjvWmcgEGP#uM94m)QL$({!2wCo}I9yz6^yDvvZMs!mAmaRvc zQX;DE9-WmmYB~Xv5-n$F04!%8ARgK6&e~U}pMLzvM^uN^)s^v)m;;lRf(#?=dBG4D z>f)6+fMswWtW%VuxQkYvW7p7esuV+DAdnd(?~&FlzxVIiI-I7Zp|Xe>8?%FwzJWvm zI1~ch_Xzjrl-`$}pGr$-1*$K`$M0rjtcC{g^?-T)1?>EmTx$-%dLSGgrv;1OHLrU*AkWU@#AgE zi7MTeVKGL8+yU42r0bd!=uXvx&D+0x{ThW1xAeFhl;*u=9zT}FhOULl-bY$K1Z1sA(jCF`{6CI#;-nZM-@nYx}NIK`F4WPmcfxa4S@cT!iVKdZ3Qp z;-e2ab(;$0+Cd#QE1D!xLQ!t2eu%z4YpsKRfD&1}cqIwHe8VG|MbbCbueH5fLrw1F$uB9N_mRaIW+6T$=r~0h3)9S-f%*f!6JYld_U2j_DiOqO!Hw z54^rN`YRBoZaT~_KIvYt)z4;G(?ba<@Kwrj-N`1KinV#Z<5?QigjE8oT$YmB7^01{tbIqM;49&l_q=U2i74qq`j!n$^ZL_oApShj2 zZpt#1;n#(d$<sGtdrWfWarpb70 z9Z4yVPNbEMu+NZ?7WgL%Q052Y{an@~Eq!uS_;Dg_!^wGu^TpFoOSIp1ec>W~=m>p;0=P+Lk+golw^EINvnfA~ zQaPP1oo@R!_H#niosOQ*=Vv|bJOnC!#0&j4qwcX?@2%OHF?Z*y=xO(2BNHCQc$u-^ zr*AZJun#<)m;1K1NoMt#+umU9midjFCFjp>SE7|P-c1`Ga>e8JfdBHWr{QM0;9hio zDfIn~TdCfHdnBr7QHhF*{;rLvRW~mXS5&0gO3kz>%*PdQm*aCdI;{w{2970_(Z zt6Q+4mvr;w^z@E6FU`CG(#W5wm*UcIs_M3wfCNrZHRz3!XnkL*t+m$c!^N0g77h`N zX*(UKHg?5G`|wDDtjOY}bvY4idTg)+&vaCqG>h(wuLR7KJ4FOnD2b%$c0BrmtAy#C`z&4S|{h1Z*&=Gw|hId_2P$%ZCFIu3D}qmS&q0Bri(kii|a- zy{})2emfjvL_a-H8;ku9_4)-Gf2z}>WkEIMD_+Mr(-_%^8o+3;@}8yaC86BG2Tk3j zo^k3~Tn6d;11c|p^CQXN=9sa2^Oh|HF-BqYXfZYT^pG5F6oo@Nm`ihFb{5uBuI+fT z=&rBq=gx(>xsgbq_!1~RARJ)s&PSpkl`Vxjoj*^)AM_wsfSL)7{hFO!c88Wcst#O1 zsK8NM-7WWKc++65$HKWrwl?{BZ{fdEG)N8Wdp&s^cf2p>%y}asS&kf(= z$^@RDrYbRWNk!tlO0g#&rT!u<+$#(Q>Xz%9d=o_dDcmCbLA2v{Q{@$=eI7S7o2ZY> zy?tu9dC^Y5jM6R6nfrU#9U6wGpA*bBJ$e>j^C8n#N641p1h?k{mOP$}ygek{q(_^i zZ@Twb&l+Y4jkku?l8cq|{ODqLXno{$3wY`7+hez6y~<;IHA(wS9z}0aEOVG+BY9;} zcS!#d^ozT`-EpbWq>iS@a#MAi+Z!EPQa(LjUi^9+?Mm)}2pQXrkqZkw?TLGSc1F!w zj?-mrjNGDlX>zW_e^8@P{yFyT_X0;-5`@w_zdqJAF|&JJL^LDWL4*uK#%1ObDsu8S z5VYYhGpIm~`itV2Y8pc4U?3pB~`OolHzJgfIT5{@r%;s``z(!#|VYIRpKxsHmh3 zf4Z6{a`bqTD8OZ9WhD^r@cekV_kS?0A6=2Dh6ZOsmQioOPc zzVG*MOX$s?z4u24FD@)R3kiuczpba&H9kH*wV{7}T-Lzg81{&1M}A0H7{iV&?rVcA zV9anmoO9!z#TYrkU1Jb&+GinCrIcu=e?q2CKI+5VK*kX5sDhG`=0%0OD=RBA%dbL0 z?5o$v{xqktpobFY6)ow<>o8*&Z0QF60E+{xWouZ|E{nw@n%S~SN>Ju1zkaQ+x_Ujx zW_yz!jTUui^%gS?A$yr8`j~}-GI~64Ah@S@ zghkS3>2#~D-aB1kTCpLHjWf<(mEJ5uj2ZdqwFN`%k2=M4zqC#rSLNs|{_%msg<9C7 z$GQK^(3k3qC-o@csuU}bUIX{wTS>D$GtSHD{O zY`U3(_C?(PJKWsdtEcln4tzgVd#)5sq6Y8>p*;OR-`^00C?sUCUaM|B&#!E+(nnG3 zDXa|ftC~6Uce>B)E#zNX&`|AESG{R09@^X;eMl0GeTNq8S68`ajP0nY$Ix?{Y& zQ}O1ubV_e7ZpOB$~T zTJvnVp&FfaadAOA7GqAkzh3xw{f6ptdgAQYud58njiOy)W=`E6dkudgPDFp&(*6wx z4Gqo1Y6BKHJMg%NZ)URP%4JL_ylFH(DkKzY+!#NofAqLiUOA+JThI;8Ep)k`oB1x5 zk5<%lx^ZjGbb&?p1Ccx3qodLTHLqI=orUlpj*RuS5$mc|oueeOJ$vuRKQC~|RHqb( zC$p+0d+A739DdK=JEyisspzrI9+IGMC-1DCDLgP-d$lLB$W(fT0)gVx(S+7Lz=E+K@BWNB4G&! z?z3@5eWL2A;{Art0|HvI%sZ8acU9G!-K7|J1og(>{bX(^cdnX;QGgSyaTWlTf~}th zJj5q0*1!k0@)<$Bl*NT5mZl`O6Rdl58-GQ{H*chRGcboU~_tezSWN4)0IcT|!#XH_|3qgAht-7L=0 z7HQglFeB{Rj*>w6Z)=7*s(s^2GNOfs1yT9tCbDZa=A`eI>1=}8jN^~%i>zr(;f|@`tmuJ`rZ=J zYYc4&dJMUyxL&C}^tAjFM@oK_t4e}eM*P~Z&M5KifQk=dj0j=whL*j@2R0`^TiM>8vhkGYn`<7n(V3wP*PEbiZeCW_21YjuLu*SmS zDNf4TDEQbBnsVNlWwJV3ymTnP)7s(ypYe|`1%KF)qojrya~m7xef(GOQyD;TvH<~B zEvHHG5gQ@cymhf*5Yb8@*9>+Ri9$PLMTCVl!s$cvkFlDns;3o9j^0oxVPsdlw(WRQ zsdrI6taAgnukF5520Of>lUn~k{T1e?OP zBZNzX>R08t*2Bq5$Mh4x$wz8Mucxrxym^xl356Z*#ckK+P<(Guy>=Y>04t&I;$Qp)%#3NmyMUORxWA(RvM0_ z2pP9~Jd$BmsVYECvss~4=;Y5G6)MqWna!P79G&+W(t{#vCpKhX8%^lnILSP9PPHl~ zlD04UrPHKiv-Q2QAGty;%r!@>>q#`?Jeiz5dA7T$L##&`GduvC^=`=9na0njOZq=mSoSiC59?05^_nGek! zFrXe9lFr^2dn>eg2z}bQ#1?rJhp3FNqS+`Q;@pNZ z>CJFvH&zosOKi#{yELLBc!&pK{Pzn-WjB2VCI-?ePgG4$g@&J~GMO7*G*OW(du5gE z-OVhV@rQeZ*I|~3si?fHQtTJ?pDNoUYl!q_Ub`=nQ!t^D9bfZ8|0iVdv(`h|dslmD zU7jBg<6suFILPcYaUsnlr)>Q*l)Dyy7wFx#+_^Eh(vvPLc1!c)wFHcs*Foq~ijwi{ z3q-`1UrEuF-6SRtpwsupnVi!R(=N>}jFbeOj$*Ai&V`X@BHR{0$l2QezVLVJx#B2w@moC zC#Bs7pXpq?9#p`Y~f z^*x593y~AUCm?o0r0Zcgb82Ki!)NiDcbr2#Q%Td=jF<_$La@;qRHv_yu6gKvh=>^$ zVu7ZT(i0z_zabmoY~)}jp)!!w#8pC#CgfXyi)v(49+qf-_xs0?mN$#1{s8GzUeQeSg55Xeltj4b5&BB z{SK_>0sTcwIZa0#6#Z`|<>KQ5{V^0;B;c87%&8Fm67B?g=0(U!V5rCv)fFs7{6-Bx zqPOsMSeV9JMIvR~^En6T4-+-t5H&*<8ao(y7-SKlnL{$V;N*0U1Yzv=>U`%`=&^u# zPh*TAFJm#$J$+}G{thA(69!hq8~Cm(C_M4?{aNM9B>WX6K3S3O?~>hP7QZV6onewt z{vhTdxd?@O=1<*5tPPk2)lhwqd;z+AM9oZf9##K}lvFS3Jz;l19~!T>%)BJwAM=7sr@CilP2{Tiu%PHWzT%5$S_g+4urp%#bRPQkW)-F24(GI%#P{)JN=oL* zai7;c{`@h-w)ZU8IV36?A?!E@vu)$NF>$3kU4Jn@HD5n?LhWN0gaq#c0#r&$Mor0# z2n5=s93xI_GPZrHL`q4C$#LW)@o)YxamdF9hJqrD|4t)J(ER5!5dUdDpllyqmwRb< zu~}Ace}BK$zrpj!R1$Nd^2ROhE0qU{qipm0C*_X}y~IsdS3E!zS95dodCR{)o!q*( zw5)*8P{~B+pv3&Y6C){y{yzy?Jg#&0TyT`a)DG5x;j7OkDFqT>AC9zsi`|~gFoR>U zYsSO{6tVmeCiojb{9}If)Tz*yFLlF&4@h0TdX`jDLiQtB^Yxc65-+&NF+@>)^h{?7 zb=u;kqcj%mr4;82D75ayk4VoCi73wa*V^L|r952cLEQ4QDL=x3jM$F-S|cY>s0a#* z&{!Q%->aCM@m#Kd&3)U>)hsBwtLAn<0&MWHK^XD@6W_A(ZWs#K0X0~Z) zrn`O1N%1U)Z~uhJRk9pqAB}|1DaSV_3I>%fyuX)OuG)s({#YHuAgiT>yG;ZlL5PXr zJYI<5ij5&D+(^D5Sz0mKi%G-zSXj$#cPkkGrn%5~o*_O72D6XfbRSyDrY@AU9^}e# zM*MMHVU`K%vv}qko`4P+=_hSOe z`-bmC9sr#iS~lTcLOg-;b{~b20DYvwg`VxJg^CHv)%`AODUjhGFuOF9pSQDPgkpRt zko^s*tb+CK!o*3G8;tjjW?HN^M*#)zL#~Jjkb*RmoDkr`GI@4LtQnDPnB_=d5wMk4 zZyQ|8l)@!1z()j25hx-e(TE6CCe1#-^E5qmrpdI&YIG$b{>ifOtLzia+uc}>D;J(K z?~awKIZM*~bWNPP=qudteE<;{n>=*#q(9W@I>b^*SRds?unv;O!GmtZ=oWZqZpOif zI|aD+PcCgm$h8}_1PS;@cm@If{v}Ar#RMZI*NT$%h_Dgi>=AARo++jrx}|BNDBKCj+jxyF%mRCcr0&0Q}Pj*(8#^_1k`#r8W8RQ zX&;~A&H~5zpS5o$1TB0Ot;aiF0~_Ck_W=V<|x-d84;N~$5kKNzO6p0l_ zgeMTU-0ogNi0zMIOiuMx@|m^0L|{)hO@(0KCO;FqeTBxfzrHw*;k;?&vvULnaws7yALUGZF499wr~IU&Ag?~h>Hx`Q;TCI1NDZmC2ATX;vpk=hE{o!wS>VIO zuxX+5@?#7?ARMBH+KMFo2mLBKNFccqquH5Q-y~C|X#W3Mami zj+FQ@nXoTd=7Wg*VHw$oYGAy^cz6EV1w2;|3{}0C-w03ZfxG+c;OB(}JDCU(X~@;Y z{3TAL-(#=VK|FO-dvpgR=9tk$iBKRc2nuAU5Tk};f(xsMe}bemU}sGvNe-?Hf}fY+ zocSCO_ziggqBo(1zsKAwNUy_c6p^Zq5OIDF`-lkRkYMG+A~J+b4>LX%5`+e|<(}QU zA5`jnLP!U64N2Epbkje`YQjA3N2G`aV~R*;4Jo|3T@!W)(i)_XaDfiH(j@U(uP0}= zKrB+r9l7%1xF;IppBLdx+>4}f8$3vYPYkykV z$KZ@u@?qp+ae-P*YB|h0(^po;FW)H26)`N%e`z|l!0RDYcC1M(n&Y+^zfLvaU>9eXq}VX>Oli0Xpli<_C5)rooR?1?$1;In=ZcEl&M ztWyBz&YcK?6VWk5n@LMFFIr4v^s9nMAg&wT2%8L+KRKnfjJ3X=9=14(gg2?!AicZa zTK`gXs<0a|2$$7bwIZQncYqWZ7l$DO%+yh9oC*Fk&6R+dFNsL~ppMP1Vw58Wbe||) z#Jm7P0MzjB5DH(MFIrD(n*Nx6TbB&67=QK3M${&Fh_?kD30A9?w|67qL}M>Y=;%a= z{K6m?JO`xFhfTVniD6QPh*ULcIr^+G7p?08g`qHb`m;#pYJ}FKA8A_~w%ush-}Spf zZ@N5(!z71dU6iXn0wrl-@wvzQhZ~rZ#}k^4`(pHSJtdwUY5-0ga{{sB^HWps;U?Ed z+U+$I``3ymYrmzEvmAW7Z7lL2SL6e)yhr+m?|w^jaHL!2=r?_AO>%T?vCOmP$dFTS z`^uk`to}%!ou1+`g<%iHG4`)9ZV%jceEYVzdh)K0MCP~eL(47&P6aQgIR`?lY6Ls& z!w1gAzJ0st_Q29G`cR=`SRt1M~`|CV@H5FSh=+5=@u3i+Gx}e#L~ckiCc?nAR>5PQK=?PTol{4tA5ZU zM?OV<-Vxb4Bz(T0y<_?y77=1YK6(ZQ2GV6|={rAO`=FR?B}P>U^EgqffPU-Nt;m5q z_Vc4wOA11txBT<{khQPs?DseB?i=x3Q7L-|2d`i&60`Vwxik)<{ec;Wf;MAtycV&> z%ZR$s`)t7@x_9>V*?|#19mM_M#nNJ|v8YJjju%W2)$_ESkB`q$$kEVpc@SQSkB|R8 zcn|*f+ECs#SB^Jt-n@;C4G0e2S`2M;8x>XN5F@d`UK0xpeKb2Kr>@Z1(K<9bngw-| z*qKOeFAc^53f+dyh*iR4_4^t|RA4%8USFsXeV>@vhe@k0Y?7hAY4lkNjHLZJxiK1oqY)joDo*g1!z}o8a zDLCQ8D4>>I_hv$f#1N0q)2C9^F?`2mWo>E14++fY->Fx!w5kP^3=a>w)tn36MTckK zJ|1ni+!MH)1RKTB%Sl`>YO<7}Asb>iL^FVfLwu9S+hV}b_=j?ljM<#w>7cy5r;A@R zCKu{X)=>ExruNktbLuC1U~dw=6>R$(!cyS18IrQw4!Lmi`JJ14slyw>6LL*ZP;jDT zsz1}7zTA)xcKf@vPjs$MfW|~2M-r)t{|evrix+v1ANSlwF~!Pm{PNC+!0OQ6%d)jc z&gDzKw#tvMM*I;P<@d}x>aA~whpP7UJ6R-p-!G&(*QxIJKtKG(?6cn2j0_>PQIZ>1 zZo3|Tk`s82ex$yO0fWTZsxU+9(P&JV813&3DYA2L)D7PIbMNfnDg52q1x*T)B)k)>=ol830dbYbav3J>Y9C%<4|3~98tMzj9%gfCXwF`epwe5OyVTP=e|OF4!t3qt zH{d&o^K}=j25R1Y{P?jhpx5;TH|q&MYwKH;-PePdPOwBb8)mo}tNCnJbbf7p?q{Po z6XTJG3km_nQX1*~O@f>!5|vUe6*)T|9vlpL8+$vd&X6=*aaVvN_dmh;aicL%a?6jfYYqI(si^<8gjxxn9{3x&X?!p zL?v_Wo2$e=ctOH3=4bQ6qY){yH`=r{DH^ z<1{O4>vzA?|52LCX1j-m*lYixs@c2#2cNs?pGkh{OB?=9j6Xhh`2OD^-b;J@i~kN! z|IeM?|HF@2l~|k0Dmr=V)22cUwzMAMAhN#57l3?}@ekf0^o8R48%dC%PT_aZP;Lh# z7)e73g0&#-T!2IxRKy!B6|?i|jGdhquUt7!PG0G>H0Tf&Eqdhal9_*g&*X_>kUy(4_zy%O5XSK|GRp zH3NwE(NNV zB&uXGb0r>G)u9coQJhe@vG>u^8MVDM7axo6C(n1;h!Tt~^#D9&8Z#z$=SEad|2Y|Q zji6na_v?Wpd-?KXwXulx6;`wjNX$EYBub(F+7G@9wwox~O6ZvI6T68}=-amsMVyy- zbU*JvXL^arJBTE2KYoOc|E0E;6`~1xI3z)P%nR6~SH2Xydl+Kv03HaD6UAFty2r+9 zkfYuQL`VV$>PxQ`VPR$UMB|tOlSPe>&P-F&TqK5K@j0p=4R_Vl)Zm_N#W}$VS3$P~ z0PCHsU>-x^X)ob2k#6#24teDDFhy-F_%8*5cm1KJef~jhyFb zqtOk6giuZ`JhKxYKFf6TeO|l3_3B6twl5LiziT@=t8aJ~>KN|6)z3dXJnnZK#{#OC zE;RLgBwx|Z$R;3Q;Y~cm7!njMjCF1Ikr2b7h{T$WjSX@#shC-&5ie+xF@-M7vkWjEf3fjodF zpi=zLC2>mKiLOGDX=k{~Kx*{Ur`uu2rRH`J>O69@mt|y*AsSD>dg#q^ii%~}mD!k< z7;Z`#0Qk^Gyc+qCsZwguAMZ0>FSKV9xadQE&k4lpPt1HCuZwZo7-_GJICZdWZ&( zd()OJ*A*2n!IDWVT%l$%>}rlF~sGDImyQ?*YHgJ!t%uhM)LimeN8?Xv?(de~{Vbc(Ulq3un+u7Nvyt}b| z`}Sy@m$7*TcqexM0H)B1#RSj55?jAMNnOBZyu&AoZI-EX>6df#+joo`IfXTE-DO#+N zn&~XJP_!B+@7}eG%neJ_*VmV3@7@4}+2!P(IgIXrVT74*e@tP%693C!#eAAnt<6jE zwuGe28`J_?g--kN#vTm~4I&li@u~vvDT2&!7qKlpUUY`KaDKMJ( zaY)>_rJk3sac7cp6@f%6m|cks_jf}+LiGmHFCRE&y-??BUoZjM(f0f=Y#KAIx@ zBxpmh6CQheD^{&uZzNNl&F6`(yL{``8zp)b-&;ybwEFt`xUr9ZIkSYFwWh;Fr*`Oz z1dm5s0HiA86mIY5d+&FLmjuO-@C=bP$;gt5u9MTyxQ16$K>^*&X+_rF)&_pk1vP|_ z9CZ-vg(h?gsa}bjvgG!GiXpUP#^&T*bTNS+CO=+~PFY)y+bL|DVS9wD_54MxqkDwZ zYm79pz+={u8jaEGa90UY&^oW6Ko~a}9rS(EV~Fk}M<#M>h{+n*hTv$MId57JWgB9x zK~LF}KeG;}FI(KbE5GrHG0K!K7PN7S_$;^Uf6FhE4R#ez_5V;IBF9MbqLJ*{ySD<) z3M!eL`wQeT8jxu@U3AA!QEYJyj32?I$*HLx)GcDB^TzawT6lQ4n|^bu+O1oMaB|t% z**_ee4j9k-$f?+o`$$CB{6jNQJ3KssNFVs|J9rgW0HRY6f_}U)z}buyE}OxfxTCOv z7yyR2hc1ey{Rq5vY9zh(mq9|KU%Apt+CSY!ejCbuY|D)=598-f#<-M0)2 zE300F`-e=xuS&G#2GYq7m5pEMElLu1hxK*^MGNnrz$Kf>B0Js!i$qACBnkO{s5KC&CLM_5YxQ`{YJbiuCO#&&3O@;Z3&8R6;7Gx zY*278$EzB+6^n+%S?XG(cZD1-4@5S+pyD7%Ic!{CBHM_PWnC}$!-c5N%$4Z<#6-mw zcQRMkstG+iJ3%DiG;%CAyEQkf5U-DeAxH$YxX?9=4*lAODM3a5I(@F=+ z>#CF#5*$Tpl2Gmlu@8qgPHBQ?_+#ePy|av2ZI;_%6PPxqmatc2B8HI7(KC5$$215! zj@cFB9%1zm$PI%X697t{fO{uxMpP0GNvF=7Z48o4X#4>G6iPrjbiqN)Phu7KVpQ!- zc6M{TZ*lQ?1n7ykF*Gt{e}0K*1X__cvL`s`eF#ZY#T%(fLH457jGei^?kumpdLA1q z1S=xcv4ek*Jtt>Co@O%$Ca^BJHvBn^kVTqphmnH%dk#^SZ((NwAQ|tbr;o2W6n5H# zj+olu=T{aE@~Nw=W=i^OIUltpJH52gmb0U!WEW-7IW-?F$BCI4J)~cWDHYI9|L4yw z8>?B+meLzw?n+~EW2z1?PbK$W+?{ZVlk`5I-El>!9y=)kF^(PW-+AG}8oF${bmj+p zD+chQho1BAt$c4};LUgfmA~%X3}+i~*VW%KW8Jmb;XuPVogeSXFh0`tC2^-PeV6F6 z)Rk{ZeRbNwTLwT~%Bl~;??7FRvu#_y4mTtA!-w5i5Hhg=Ox%ae-agw|^>%4y<{G$S z>)SQX)3ZE-gF*Td@l`(vWdhRp%5OAeJ#|*6Fl(oXJ6*1<9N)D=E;Bm@v!>bFPyLX+ z(6lb2JmH*4#(bO6|ITaEgk1p0J|^2cAMR}ONJt3(^5s6D!eyrwk(vnZ_f}*|Zum}i z?vRP{E&Z{!oEJes{0^2YDgFI#`_q!SIL~N&t&i5%qdAa7Cnued<`$olPLRB={v$>6 za0|5v9_RjlqKxr-)=XsXnSWz(Hx}8R9;XO8*<-jLq`6H0zz@kSMyIt?8ow)>v-<78 zi>Zo}p`E3-cvtG>z6tR5SU5FY$MSe?R6QWb##!irSw&lrU?x2PVg*?#B}WsO6@wdB2o@A>~@BKUu$yZ>u^@`JpRQaLua z9mL|KOjjV`YcF~3W8JCWSwBs9Wk5BgX1qfOK^I~oi$CWe)Ohke$5PGO&$hljV2pPu z0 z=AD2`C-AC-+mJbCGbEzPB2y=Jdw2w2zH;W0Uf+3#nQhmn+pgLC-luZ+qxXvC9wmd# z={hYg*{RQGo+_E1RVdN@--vtjxSIF%?|+eb*k%zj7BXbYm|>e|N&`umGBn6gC{$(} z86ra|6q<|Dpd^`6hIX_{g-l5$L&=ba`+3>>e1G5JobT^@-}fK)ew_0-`|O?8TA%g# zyszteP1k}2Z3^>OESQb5Whn)EBGE~2{vPod1SD(+3Zdqh>C^XnWWX&hyMJQq_U+qE zq9`y4#IPu?mSxPBmJ-~&<{@;-@IF1Xv=-BtJtgoDLG`%ojKzoy*^{8N>dVPsPsL0 z_Dn?YO(WHws-qy$;y%S`+L|@}0R*R?9@T-qR&m*+57kZli#IvSIfouIEfLisKH_Tn zf|UrGQ*}!lNtOq4K7e?E3g^rkxf5`bF1)w-wNw1Vr%#`XPLG5Cc=@Qn4#YfBNqpqBpCo6`+)e_qwIth0b~aL2AXuZyg%sDu5j`}Cs!qsIf4y7slr>C$*> zUR)4WU}nXrA8%T;oUjO5PU5}*;%MUE!Mid^-T_R;hv;3f z{cvu}ud~S>RR6=yrU|_Uq;G6Yw~-9rDO0#u`W@rF5yZ4~p@x(YnKb}&q^K2{60*oJ zF?68!!RFlP`nf4b;QI6*N3D7`6`vS2Q3@DBd!5E(^jiA(`jT+;I`6po1qf~tTXGZ3 z%Tu`+5rJmjo%}26)^(U;ge1!t(Kk9eme89m>DOi`G9Sq0?mc?!kx`T>b=1%I17%W` zSTM@Gpq!X5WpJ|Zh;ruW@#8{^Lo*`#b@ecM@bF>tTu~znJ&C3Du!l#=Uo0N8o!p#+ zx=zNdIu8$9o$ZN%zX3oqqX3hFgsRfqQ$KbvsdyjsDBN^<$kZuQ0@P+VR)2cj-+$5f zA3x5dt)NZkZ<@B!*`K)mXU&USHZAtLd7y9KzAz8lpT%tm%K3jWR-(zj2pQ__@V0I1 zzNU8}20}t7fJu!!q#kBP1%4!ruG;GBn`gWk7DLT-7k9_Y7cV4^g={8q zpc~yQvKvnKQrm?D&FoFJnzm{sJ=LY?=zO9Mx{er;Q>eP7?Ap3@>yq!?TY_NJvZ--9 z<-vRjzvbiY)>h2Zfa{A=K`V1q!iBNLeEa?6;y0!XsCFSlk*t%L~;^DbdP3z zjh)@nr!i~95M|lv6Tt&DL0B$DS6``nrn7R~0pc#|Iz6}5`4@xdeUopmKYaLYZq0Mq zX6;-jhMHcv@wYMsMBvtnL4n0F8$WkpBq&s!59z04n6EO;vzL~ZT20n#QLkX><;A(~7vUpt#T04>vCB53XuySEDd@*3NfVg5tZb$*R-5M5|q+tASy& zE}E7i73BApt*db?l@qF~hK7b9= z;I}9l|M(XqWw#F>J^(n0Xch*|rmS(Gx4{A?w{l4!15gkR251E%|DOrY&N;!ZNcu!c zqkZ*LO-_yF48>5|*PHwEP3svM?E<8NN$dh3Dl^Oq(@jN>QO7HI%o1f@DRzuEt8CYa z!iAds^YMg=ol+x7*Alq#`lDU34=0tGcK5H|^1KJF07q8gsnGK8IQ`45Ff2_5HO=o-SwVv%*u?JpKnGt>rA^8U6hl-*1ri81yn?anE&qD3rk; z+;oI3trN74i1Q(yfAI?tgj~AIV3Hz-0@Zt6SZL{4J!>UmP}Eq5kDEK46!*S!_0L=Y zjJ+rl8CL%|crc%6gKqu%H*=l1Jt(Lb-^qv(BLFz}`Sbt`+;`)~Sa~$*IjlFFof$Q2 z#tg&bM^^~Gq3-yuGothf1SYD*3>`Ks>y7o*!XF0E(qiC4B(nBLiN)G=>y!&W$Sh4k zB4Y9Ip+hc4o3>o28)d27`!}Z3*ED7fyeM*?!N>c~tE;NCxeDe4R&9{q8I?l%rcsuG zAGcH;Zq$D0A;f>Mdjz7@?LBhQ-(&5?r%RiHO<-k(dc0PC8Wl#^aJxrS9;iVN7aQ(o;m$2 zhBVoMbonta;=Q?K3J-`twKM~R1Ss$vVk;33czgZhdt`3sAwc3IEz*$O%`M{1QafyT zx<=W&UA$wN&xViBIi0uDKTEoyn8_stGS+UTSHACsUC;AfUlbI~gvOvhdYx}v?X}|{ zQ|-OgYZf2^!9!}aA$Hg9-Rs~dr1?N$i>XL%Qo5JdXpuo${*@Pp zrgM|e-q0GWTYM#AyRUL~*ST*UR=Qlip>}hL<6*=~4(0Tlv zKmY&6+xN3F?Eawz_#chBw*O(&Eg#-J)5@j#y|zaGXtzn*7pR?j4Ous2AH|q{Y=g4L z)Fm@$3R6<1a%fn@qz&HQ)Tdy_j=7pjKfmQ}9*$2m%a#WO?4B|!wU$%gImf}fF;{%{ ztcy^}#_Q9XjL%!5wpM!ukJ)a~Wy|{o-nX9TCC?dMdjTwI;;a~+Lhit6YK5uV}797A5OQ^1~gyS>yLYb{SP*J^fwhcQ@w4s9ZlgcZ_POS z7YRDUB)dNvqM*KQ`Nn1@9k2n%361tEn%J%|fAWwfn<%24I)~{m7~pfnbL4iDVNJ6# zrZ~p#Xj&7dGv+0!g45{_&YwR&$m+s*tIV%sHU;T+pLuS6{Iz-ZHHQyV(aC>!{QAkR zt1sNqLYnLuRjB z*^@h1D#_!5Ztt3p-BU!9%xz8AION&mDg3%X^a*g}BZxq-^86BHoqNrT45}a_--PF! zR4|zWb2Ii)%Y#PUgj&57W?b1d!+LPexu+XTM#q1j0o8H|FWtnE2TL+Xb?t{uha)L_ z)v7W_I2Qybd#f9~KC0f?i8EH#gKCB+iYu$%iUCG1x|p zf(`q$1_4d%`eJG0_b@Mz@x+VO#mtL6y2!>E?XaY}z(-KD+!JIj*8D1NM`j zd-~B;MD3oQp2HL5@|B^>paGzh&(hS%CW}~E?H6_%cNvoaHd{p}L~Y{t(ybiJs_1;;175fTEQg74j|+i^3z$L<*q zvtfby<0?b#GLv(CnBy0Jv^3c2wa_ZymwG=DnUqe3|ZC_^;&W#q^~Vonf0i|bgT=^B&kC@ z+_kSid)DEiU0GFgh#Hsk`y{ER@GDS*f0KiuSIl`AK0PPDD65-J=LXd~4hJ<_6q#>9 z+jab7sl5uC37vg4GHN{J&bbs3F=u;ltU+p#C#e?T@J7*_Hf|iGwJ>nlst+$;Zv8j) zoBf{jn>ST9ZMwJpc#)NJWZ_^}t|{)9fSfYNc(tPoiZ-GOskbKNjc0xnO~&`#>W+J0 zfAq}ELhE#zIdi6@>MAX>7_qoR7UQjUDO<3GFOmoGlT1OZ-=KcBJN4xm>6!FUGSWd^ z2@pv|golM&V4MHIP6t9)`VQqQT)k^(+moKjmhc-Z>;-( z0nINqQmsjYO;W*azR2&NZZ;9k7vf``pfJAE?qD3~gBw=lkFFNA_5KbcS~JLD{Hb5B z-a>j*p0T8;cM`4g&*fY?PpZHZc&IyW`O=KDP=o>;5fc4`k_t-TuI;sBbLRvE1}-M! zLU?(=J5;tKBrxTIGmj=j#7>$+lg5!5vYG}h+LKjL;xz>VTore+!-(~(`9EMbP@%yK z;=TqtqojlVNMP*k!l;S-(Sv80Olup<%dnuvn+Dq+Ek7`=>~p0Cs^gHV_%*L5!az9B zteCRo;qee8;H6|zh_N3`OU*j7%*lN09`lKU&)i-*0ClZM1~JF{n{Z3)KsIhoeSU)v z7e-^mh`2hNS_k#qdjrhpAap&P02~@3OL)_>JhQdx)|Hp&kH?RZnA7zZCv}vXl8&@T z-@clZ(BK|T-S2qBEss`Y(YDub(7*@Ij#?;l z_}aAtAb5;6O$^e|)D&Yu(6HSzLax2m-?F*LF)R|5h~Duc3EoC~!FvkQ-Rm=G<27p= z?h#NK#CN+A7hX?HJp0_Lz%hXa!f3A#v+FS6A7=ijWLHuZM6j4X;+1m%C&rw4^ZuCW zH_q>IGLkYUTYLjO5MqdMG~%vUB2d*SU7Jdx&SJ2PLVb1I+nT+4HJqR)S+Haf8vO`k zzC~Ojk(PvA7p_OBf$)J5$OpkSpNfw^o?C;7+vuh;l6ml`yZg)he7`!i$yPzXvA`?N zxR}-)#!(OQlyi>M1iI$&9RgROR^+t17TEqe=Cq-Nk1Z^yY}~lT%}3e*bBAQ#oc9f9uwG8WRyc4juZWaI^FPY`Ebc&2CxS+1VM`cCBGN6D1;n zX2f8kJCDJ(0Q5P}H`^U&BVa7E;bp7Lhgvi0ea<;_c4B9z<(!)E`|fIXhM+t*Gcz+S z=Zk8oD<={Rl`#5lhYv5Z-;Q{_3qsNl&*J9SUZ6xKNllPYUCeCznZI;mCru4fzQT$& zc5F@jTLuOOiesJ~tT!zeLAqI(P*#^$J@Y__cbKw3M6kTK8q-`XdNK7PKc*VC#T;TB zYWfm!h>OPR-rCyBkzh*r8229HM(GzA-?$ip0g@QC%5Vb;2Oa}S9^R^QRT$W0Cb(l zAzFCRF|vkAorTMnCxHfqJlwKG)Zs)i$-W=PsSZrk*xL=&X)U^sG#gv-5c#N?a$Q;* za_D$ijfy|0^I^~g6?*yNoJTYJ2r$RfZFIxNjcIcFa0jl6D;}J)^jhWD`9Yb;kt}WJ zb3Z2EzuyfyjPn>72f@UvRzF{Wx6g2hGd+fEotn}2p2u2D>BgIGh$+F*G1k$~rpyU8 zeiugq_X`uE0A&I89H{dj+y;!$KR#Gac3CLpQRkRhuUWHZabhbZ&YN`533{Oode|5? z$)cGtwV5@8$^$O*`t|E^*hSyLpBg%DDYP<tx*EiqkZ+E4WvSl zBY-jKPFB{Hhqvt$A8nem?tu;h=SFqLxwdajavixhk;hq`7Nk(FciQDMSKa*>`%9?N z3+r22^*ya$Ix;&a$6Wc^Ku-^eaSf<(*H}Q|-?k_Ixp1}h2m{Lzra2r}u={*@U==V8 zp=xTO)3y``8qJ%xQn{O^~iuspU{LYahRT)7{S?II%eNx@IQxVvYFJ8bL&(n2)Nq99Uxuc49_wIf{HFsri zQzJN?rq(j@nCUqDAk)x}&|M`xf9}oC&Mn)hY;+lIW@v1EP}4sEIR@bD4=R?)`z)$$ zGMaXB`9U|y*;}`;<;AO4+i0seDv^ul9IYs0K0z-?9~d-p1eNZLzrTOR znQ1}Fz~2eJ)aHTa%W646ign~e3qsn&VO^+up3yd_Q{Z6bNK=qQo`JRGdj~npvP@A1 z=fIuy1GON!sUxxRmn?s?F@!v82W2GsIMT2DttK-O0*fh=#wyckvqh+amX8kP3{Wk+ z8$ck6E37YBtrKxT0VdL0P$>Ymu4ZVou(V`tAIif;G?Yk|9%G^hL*`>>kz^g}&v_Qoo85&$ldQ-~|p^?$iew+rI5u6t;aBU2fvy?NS@M;jG z!jQn|hH9C8LyV@OoZtjA{^()1cI^%8!SnN4j5Re6=Q|(rXJoJ-3_gp76b&~Ukp3%1 z`=2R;odTI~Q^Ujx{uNw{SXcw9hNTY}SM1GU0vMC$>7H$YQPZ zroS4$|4!lis?MXLG6?d(RBeo|YqpSY%JAzLk9uKOY*g9DoiOZ(265FWkWVHr!N>b* zI2J1|CHLrL;>B!A8f*L-nz@L4d~U|wKuI~8vOZ=a^b`sTIp{s@#)*2maRvh?kFfO+ z{{43qw_*RCAbC$av}EJN5J{4TB&n2up>mlYx$h-XRk)!8HU0#q`ZoMG2e1>KVkiIC->V7UooiBPbxDxZ=$kl3}xLIk%!$@ZyCK?DScr^_57b9p$Btc#Z(;o1uR(MO{4fM zX3!PI78LA7@(^>Z6S7Bqyt0K>!7%ABE&sV$Ye8>DL-kL=DFM;?m$aT^)5s2~jxI!xI zQ}N(6ymAZ6W6bie^h{phI`-*!-~a(4Z-_RP5oqC$gLzcbw{%2Iv!w{FyhQZ_l%>Aq zi=HASCFKOukXS2Zcp{Hwg5K&48q;k?ApnEjmQr3!pAuA0O#_^cUhOmZ@-?tisW35=p z-`;O4yJP@9hOU3#Mp74<+J(7wAu}Ta^9{v7FnGvVdGOlnZal<(K#}5z9IgLAs6uLOG5i^59&Mdf5?F3!wVTq*tq`gH%~JXoJdx*ugZE3M4UJ$% zmim02-{r{c!2Bgh0h6fM$z`Vy)UAZ&Guz5y82EK<@HkfboMXTR^JY%_o|9X(i;;;V zSP)pAWM;i9Tzq0-Z>|_rQuXsAF4e7B)|#-WsBX!Eo1I@}<$?VL#6!38%j1e7^J<^q z;NXnP^e?cy84exHuWr1QQPO?psTXV|(HK5l?RsGuUF!7)cuiT9B+0g!=FSgzenbvH{lni{pSpKp`pJ@g zAB;xvBv5($f`c2;naEv(4^je^V1=&*=EsE=NyMathx56)N|Gv!Z_~o7EGMw2JTxHm zbsma!?1mvpXWy1d?g<%q=p=<#15PWcC{4v;d4s=|^$p~NI(eOLl2iJ=urM$x1nmOf zgec9Mv-ZeWIi!i$Q8bqf_GAE95qS*uffO$CEU31!fr`ma3Jx7K0Fi>>(7*Z@bB`f& zI~YIYC3C;bMhjx?Uc#zN=qMv-Ynjqf!fq^%%#=lB z)Kb~})qlwyaWRTFVqWb9is4=dK!3RTH-5gY%0#}9OQ>6Vf1pHZ@EJ=XeNEgiSiH@?e?U2Bw*9Mbx%?f+0;5P276o#31USo5=8xW_?DOT55O#yC4Y>jzua^EM4*~aE z*@uJ+A{VFGCL;LLr%(RtM(Zf;I~0|bPjrty|G3~ug7awMi^3Yj7H;Z@>kZ?R&_1&H z34PrjSJ(K$ip+D53wreFlZS4bx%V(mSczF>FDQ+sL}%YvG04O{AQje?K7TPHZ*d+1 zl;kYaQ`*NfRf9+HE*ecc*841^hUG}k*wCUJqXkI~{Y!_YUme9YP2cHzu)~OnB2}I> ztFEYnkOBBUPo1giC_W%_)fbcIv06D87QK%LU9sAqhTPY_B^jAhEJFCNnz-26o`x_dd-*b<1e;* zVvw>qH?>G!%Pql|O%DC#-^yt$bg|P?P&3}H3R+!IVG}2Y6=Gc*5pE9I!%qr~c zOAAJO6rRw?+qTsNDu`jIQ`DdyW5R(We)Q3ZkhapQoBF$ehohfZ^p! zagM6Xhz~K_Wt+wd(@OgVxsd_I8+E=8<;p(L`os#9bB?P>-J40vR#dq;-QJtT^(}H6 zd~=9!V|ZS55&f#z)D;}b3~S3Mcb1M1#!U20^EYn^;@ypJltF(r9)5M_iZ%a~)%K#@ z5449`fBou}&$ZC1S*Cg|<)k3&yx!bhTd0WXn3G>DDu}Ks zz&S1^X10-0ow<%X16M|xl*PA3=)SL z@{WpKk7^fU_&Un-3pmvU39o+kWL& zOSVW#j47(@H90oX0qer}K9st`gxNlCk9?x+?0aR>TLj&f{aQ3@_B&4pdNhpf5ll68 zzL|UO`Z{NhP3D>{dF_T9^Ucr5EE%PyAFqwv3*gYQgVw73z~@}ckpigF?4Zm!Yv?l9 zGdna|E?;2`yM{qNe<4eSVIRv^?JqyDy|~{R;TFhIVo5T}p6n=_Y2b!f-z0q^F?Dyb z14*`BCE1%t5(-eAth@Q=bEhx$*V~iJz9kdzw77shXTz~s*}W+K0CwYbEYN0@ zp-yX%$;)y1INV}dWL+(^zD+Nun7iODeDZmvY+f7y(=Eft`);&$s zH>T3>^-0h1_Mn_o3Azs%qIz-q4Kp-r3Q2E3uP<@=VEvzQga_sws2;s(gL-R=D|I(l zj2IZK5^lTgWzD{OPQ<;rHrvC*Qhiun(R00IjpIkW3eyXUp9G$q_F<_>U!~r_$80I; z`=XA24>hfN+iKPvaCh*)j~%b-_V3!%!TQhgEus607Jsnu&QpJzv?VvS)b#3IreTG2 zy_}C?dVcxxcSxSu>w9fQM8~JN!(1urFJZ+)j9|ywP4vB#{Vi;=Z`zs6BC1m0*Dd!A zGY$p?eZ(#ewQ+QvEcrekQkZTx`o8j<^OawWe2BFzBNU(2k z0RO>3bG66pvizs;AAn7Al3nK+K*?k8niCf2oM~X6barvIOL)PZ(@y1oFrTPc%sDQ& zbhmD`{Hsb$+Jfb?{AL!zup~i)m~ym#{g`WOb~!`VPanL*sVX5)dHP?N5TPzkvQ*A8 zQVk;wOIsG|C;cUNkgZ$*mXmmLz~A#37TU8Rj~4M2pO2~S1UnK0GDu@v)qN7wQm+rV@ z3YHBh|B?=W45uR-p&1M7$<}hwB(P_`izF1xdtgox;{i=1wT0H@HU(>?FEpUxsxXJ2 z?l!yk?YkGIzQKj-18UkqtdX2oMtNTi-n@T*U&8Q-jin1jDK-!ylyDgyhvm?DPo6xH zQHC#j()8(#X187;iPbc*NHLNr{IdfL5JE^6*kJ1?F0QVPW$j{OqExDjm>FOxcT7Fs z1&TllBdo*J+}u+}LFbXp$S^J3WXiXI{SKo;SB>a^P74LKSUx}T#Gy_~QM*)VVBg+( z#_dvbaV^49HxP_7-BO3Gn%AiUSLdD=x=%7Tc{3>EmhzTO*%&BRcw)gyUl}?*G}LNE z-)2GcDr*X0b@Kx61ZHa|__PeHKBfHY{*lxGX7~#r%VV<2m2hW0ldi<3TG3M1M!^}H(cDcKo7R+wJnMt*I?623gv^SodZfyFbb7VQd zDsPRdTe8@6)zcWgm7l)#aC7RdZUIDwRVsJGd{+-gho?i?0phN+fo0LRmK1VxiQtHG z;IX{EUV%Zr@8t4J-y?8F?_rb8^hTU}7x-=ueyOzF;eX)ElF!S(EPTCe>>d*(z%Z?} zt#|KQ*Hz5jm#uts@b>A$e{C2aJ9p3D>h{)ud#!iu{M!M(sI#aLz;gb{kIZfLCLek2 zpMWz)pU2FUp919MANFc8$T&zjSIYb6dB4I3o4$IvdhJ@b<$rCRPOtN~iM;pU9`AY$ z|F(AD7zw<@%|GIk89* zmcG)&^f-fZqN;6Hs}t1-VE2T(V+>kmqDz)T`n{c}jCCm01nd|zOG5OjF1{IMcJLzg zg-2nD8*cHDM>5|cIuz{^IZrB*l`1JtG;*Hq!CT;6MSJk2;Bk`fvd1)Q+7sT?L@3~guZ{4?McJ0j*j_UfM?nx09 z0t9>}%a0848%*#rA|d&bMxA4#3RyzL#?Oo43MWsU+6BiKcGBzTykztQIHjG;VnPEC zM;x%7slMiFB1xbVrY~Ej$vK&K{K)*jUPHkLv4NFa1a<2?_N}ZQz|JrH9w`#nI*P}Bf5%Sy?UX0+DUs&mzc)|5hA=sCmI?KS-k|O zEmBdK7Q`_|isKvJ=4Qrug!2PHT7bFzF0W+6563?boS4%^Yx$R(`P|VO5}*cINp~eV zUyCd(Zeur<9*7r{wo!yXT-cN8KXs_ANPzfg_XNP8K7A*P`|iVsn&3JlfFSs}gNS4d zUJDf6{cK-d5`8O`+18D_eIy8^Sc5GiJ?Nho+S<-S95iIr)9a5PAK^-#H45VVZw&jz z$a+LJc~8F}Q+)MWsQ(5UzqTDsn9wt9-`>67Nzd!qySKq35Yh)+4iVGPGcH2Z^DQ0# zx}xor7iINw!1_>->pRKSIrF~RK-mZ`mxq!695l0Tbw%m2NavHsz{&M5s6T*;lZ0f) zukVqUHsOsaQYOw+2u>xtG5j1s1{WRO~0vf^+YG*Z`{yHXpaEj@M`%n|s) zMgU8Ylo(sDli+YsQBl;_rXPr4CjN3; zwPeY5iZy1HscN!+kH-V+&g$Z99m)`N{eYe=(17aeyOs1ffR`NxZ@ZV5mp-`OVBt`O zhtJQSgcVoKbz-tA9=Kj7EjRC=$CYfno?*S5*66UKLYfT>p+tFpzMlF6N_dV_re$P` z{{$#2BO{{})y+SS%MQw;FD~eYRMh`8`)ghkQ6ba%g`R`pp8q3$08ph%!Pl7BSVZ01 zX8PSsOVgVYcEBV=%paT4UVue4b)Px`PMxBt*}Z#R7w)w)`T-0+Af&`U^lH3ReF%@< zx7tG(>ye6CmTKt-7zpCQRK1Y6)rJk@J|1qzZ1E&J+YLuIr(4YWVu=dWv`7KD6^Bn% z$?=2}l%iXw-D;T~?1y>iSD9^uwW$%O^f@?6>+H*a(DtMc9U4%dxrs3fpTkW!IJ_+y z&&Z-2Q-5iS-1Ke^vy?MOz3kwe1TjEsyiS?OvO%`dxK zu}?=5!}->EqZe70g+#~Q#uH?b>^P$o<3?ZAm-F-AYU^_!%$+}fj){q5?mHs~?_ntJ zf|0t^h*J?UxD=WpY#<@qK>@7dLQ@MoggJ>2Yeql?J+IUQy=QCC?A z@`Ahi49|82n=;Pid2wX-bf&vVW^92kghS+Lr;sk~+O^{w;@nQ8#|AWnbiaWN0!*T=@P-7eRhIw-kGmTc98L7Fiv$ z7Sap>0;H!#AMOuSmz?I)9}2|_DMW?qu`-WSnogamgTHwYu{Hd95g0w4x1bqJZvScCP&XJE}Ud%(4v%ZP`+Zm!tX07cRcE%^pkBmJ>s%wp4X=~He&RY6P&_* zmP5k*c^wIC;0~8y7(Kma5MABb2`zm%wG#ZK&8W>W4mzj2yd?7zcv$vUQF&A>K7K?8 z&6>_(P8CB1I7I>3nNTUdcq|R0EFFF-r*PUWV?iKN&{9%J3Fo}{bj{i9jA(ozGh*Q!ZMdES#lHb;laK1$i6@&PEkPy1y zB|530m&jT{4SOlv@uG4bwov$CzD3A+Y3{SXAdd5WMPwQG-i!~mHFs?6HZpMQ@#%Eb zP7y#`!uKPkxF5k)GI*VMV+aRQ2A_VY-Mgmndd3$z5ZIl*-;fTDaWdYldiT7gy?1=C zWCel?RpLZOGKmRndgm5%DUWnCEh()|IV+O(X9Tc7c>Y0sg2SmsE#S)c5X+L2HXL`bbAhwfVcd z-iMrn$5LWoOT!m>7)k!)q?XwNDba5OWW(R)b$sq{O=|iCMbIO zhYw%gakXpE;KRw~hA9~tyUNQd2~Oyr$_M@2=1?>3&X#FqMFBd$#VXLeU0KuhneM#L zXcRF_PCtU|BD6o&RfUXfOv%gKsxKODPM}1OO8+*3O>Pd4mdFw(ghr)rEFt~{c^^Y0 z2EhxjL(9^G46toNh66U~<_CB~p}Bv(-I^QWuZ z-UWz=L?+RO433Ot!`w$WRZMr^YQpbC3c;ns&M}!YvVVh?gdY$&z9LkfLf;j>mk0kY{eB@?Ix^w5w)$bjTi8AMR>GNna7je(S{5b1; zf@orUkQ@9El}1vYR-j;zCJHvOFYUW5nNJv%G#LDWP(j5CWzpO6wHRo%g0qqY%enImE4yC{EN$Z6 z(V6K}wycXP(=06M=FROr=UgyoH(An1q_-yyg<)qay(S{=5qM_})$^ff42Gpr{m%1W z;agenBqtftvKd^&E1XXt8*fRh&!e!4)Rs~x1I=hBU0QqL{U8HF&Els*$uYm{NA)4z zmE91#dF>NV^8++16X@zFjz~F^VDn(*Uq)t{1+7mAHBWd*AdP(W*ey6kMMR%h;U33p z!hMO=n&wB`VOrll0%OX2BXLw?9E$VuEFR^id|cj&Zygd_vYOzKJ9X{4owlSu0Y~Sn zm`(6bYWD8EpSzKn@zq|>Q@)GL+T?HoSCk1D+?ElXs+R0!oT7 zK*&xwYPjC%IJy*kPFcUkh9$*ndRyo+y-Phg#zY?^3!Ev^>)pR~eY|22)u$B3buo9p zqzq?A_JZMAj_FcT%&7Wn!Qns%e=x2k3(-x-Mc>bDSCf$r`gBw7@k*hzX|5!r@$~4^ zoJ(uKP&r`by%Dqdx5%Su+qUy8hR@Dh@5Q=Y3aa>c`C1UH=h0*sUN9cS=pr;Y{c-`Y zIenGPwz8R8Qk@5>{ebwNQ7G7-h#?2tq#zej83UEf9VR>BWTm={+lv=3hO(%KoTW1; zqAcyA=P|Z^INm-#A@KF-)4vQ`Vu}`47T?M@n}}hNCJ#`Lh#XU>U;YAjsOw)o)L1uF zDq_Jt4s&7mdlc=HES6=?=sx2b8a3oFH~KK(~{98N)`Wm8A|%3JNxqaGbAhXu{yz+`Pd{Q#ETOgOK9 z7?rb$i5jy?O=74O3>*l?=+Jx-C^6gn7zLfg218>q#Oi?o54Py$FGWS&$zeoapXA&K$pem|RXmsuB zyEwvKYxG0~mw=j;p<{Jyttp;GGv87Ap@G-FO`20S^m5Zzmn5l6?m{Z< z*6;~gOwQjbqv!X9t>JSW(P@jYlNyu;fh5EQf^*t_Y`28WC3AYM*{~tuW8XjdQxKm$ z!a8*5(CdwdR_eV656+{3;Q8p~z);37K+kOT$U7t?#Le8DQzv}c12qm8=BcN#_WLL# zZpV)=5058r7oytI($c-a(8ieA7g6&vB#ClX$qG~wFCJ6Pr#`+H9X9}*hh|bh#gl4} zy>kv*Mw-lvK7weP*UXBvQk^}xrpdF?0=}W)UZIa(+j16gkhv@L{2s&joIM&e^|p;s zfB`wimZ{DYX!@x@XC4IW|mks+jNx7iM zDh4>r;3R~x?{t&n{qlh`AQ$- zOJS~FJ-(x*Ck`~J%h04}06y=VQCLyMYENEOBei}@HP%ML!X3y6Do;CS* zz6DSe&eI4&NRT7Uws16r0iFJE23IX|>!UC!o5ZB~e||T{K0h}lCGgQ}XDSFqNYce! z30%f`;PfIWCve0=L?b#5&$u;3C5n?gC#RHUM@?I_*p3ZtZT~4hdbHu3Y6fAG@;SJT zX-z3fP=x)_*+3(b$uuarI;1ker|@ep4UOBn0aIH=Ux}@p6QtDK`XGLjyZOdBElff( z-mEjtT48FK5g$-|WNF*d z&ZNbh<>CVg8}|6o5Q>fY^k@YIinPm_v_CH4+HsPVl5+GUqD>@g3AS5QkIuLvyP5b> zfn6-WSiJx6fz3_PB~{#_;_aiOXAz?I! zHmKA(&|JipFld4jGH=(k*jLHay1>HGJ|~ilR-vTQR*c6=fN3OcMeu-Ur}$NVk8Avi zU((0N2W=Tjo^VD)LCuYPgJ&{*oG&(HX~+m(H+b{s4_Og@*`>3e{Rk`ko*TbOl@DsM z=nEiRV27Q-GwqYIDs)kpm(p9M#jII!COCoWGNb-Bu|Wd`jdyg+vN59P0Vz9_>_1bU zpY$;E(^Zu}Bbe@|9xS#ksBUE#ZQdj>wo>4+nz77yNAha7`Z<3FVjaNE+8>_B?=uTq zj@I$*1efsjLFMfsmQnmdk=@`5@hNEsZr`>rwypLEEPvk76|(2^i4mYBATk4IUEp{J zm@2q-`{wMg9Sb4Jkhv}81O=?=hh50x#OR?zPf#X$nd{E*7$o_ub81HH6~Yt%?pNjq zav^44&7M7zuRhrV0(b{gwwT2MOsE?QumRrA2~a61$v_M^y(OrCo=lJq*!MSR7za6A z%X6urB7Fffig<>&U1eRAFv&oa^XSVt!0?P5=LkQmAD}fOY*id~4`C3FmeV7M`jErN zz++V?pGoq@(4ZdXNL*W4ZZF{p3dFn&4~OQthTEI6t@0(xfS0GMEBqXyd}#6L-ap-G zXA3zUz-k5F)*$T*{vRqv3>|9VSn=^$ToQ_KVSZ5s3d9MD_=)#@!nDuaIffmU_wfAC zYjmnK?5Mq_cC>wTu0BepSDb;hQnq>F?vq3%018k<<%dmIxI@_M{Q%RD?6I3s;xw&# zi19P0k$VcihC$r11L`#TMoAk&5fQS#jnR8s9l|cgP&^%wKPHF&9JzMqfm z7LhR zjUE0sKEGb>lDod6w!eb|P(Z-mIjKl5mm_DA-124Tt2Tp>G6jZx{n}gU@HZ_Pd5)o4 zX8UBe2MMieQCNc1E5T8F%;$yby*IZQtJ^XvYA_1dUR~$uoK+fKTR)**XZ53iE`;>I zAV2XAGZnljp3zli({*bJmA0=i^V`n{O_D>6!`?dy3fYeeNNC|Q@80SIVBq{&2hlg? ziu*HDeYm}jr-T0jDgFs%`0tps=C7Jvwl6ZubJ(uas$<76U2~hi=kH}2DcDe74H>z+ zIJ%s`pp(QM&Hj4-Zf@z}j-xBT%yB*NSi%<29mBlmmt~q`$#{O1;K{i=VmpmKy=i!d zZ+62Ql$1Uw-Pttqh2#S>xV=qQW?$Pf0<`08@;8YY=H7Xm+++sijkH@eh=-Lu2g@{i z_rhz$BrDYVqmvhk6P$?EU&bur3+Y)p^d9!`KlVz1+uU6+a_lt#yEAae zc!r$i;-yQ8{9AH%skh(x93-2L_j|kui1MCx!gPELQ|1exhld+oW8Q_`*j_|QNS&d{ z5w)k}^`TZ~oahJ!cdYM%sZ2He6c087_?q0@tu#O39K8HR=#u30uy^e!;D_6xLuYht z#V+c{EzI#WfEa&K8q?5YR*`rmhQ_3G&wwlYp*xi2V30U;sEb81C*Ce_Ykd%R9H~n-fgm1UFI1-AL()2%sc~nl}iMyAo6~Qg{`d=~ryk9^nJ$o?$kYGm2;O3_yye1#gOc z0AD__0*AFY^0^nNtsG~f8q5eYPbJ*$Xx;Z226Q(H?rvd7JUyqGnzm;sxSizp{_;i(7^^ES9o-H9#zP(!S2NBr3yO3NI z2GNach&UTaN})E`dXG`igb<_GA3ug24G7qqc+ez-LkJi7Gz?=$?Z8?1vk)|R6FXAE zHB!;}0tcBto9O~%!D)W8o$b}%$Bc1tV_VuW31f)#2LKblIuS*Xx6mPhQ=DM306G?N zFQLt58RTu^&8DYRXhYQiEllux+@Bi>e)9pv@91VGIcnw6fKlrhrY43Mp>@2$h|ibd z>To#sKCm@Njh3*O(wY$K&O0OC!|k}IXTyr}^<%Rx$^5B74n(@vNz0Z#$9C@86^=iV zL5&rI*QR(wkYQM(OCcKpswD~V+0@ip|FE6S9hy31)iAda|WC!NfX|u_D9}VnO2D!9vHL*KgLQ&0ShA8?*gf!T%x-IzXs{ ztevpf+aG3x4xYmCw=Kqg2FOJl}*;_k&eepv#p2D}gg9 z=sR}p60GJ-VR3KO4jpCy<=bBUyvvP!ea9}Sjdr?v=~Z#JW7_7c%r1yY8w=v#D_7B@ zfL^cR6y8C~dMhRH3IrP6J5cyYPnSWpT__hB`PxF8DBfUy%b>3mo zs%6VV(4kmH9geYsur5lm{rLA79CU+>uuzTfqt&AaJa-L_SZ<*Q5pWN>XL$VJ57DPP zp4+DV>%@Y0#JKaKuy8LY!+HIasz@F_w?p=cwq|R1LIlm-G7Zavzf?V7mmoL*702WP zsW<0N<-t`d-4S7wzBdtnSLAdghN#Me{<97zRZCmD2?P+pX?AwDu6e!BBjyAc40wdA ztx1+|Nwg04Hy~eLN9$f8zFi&T)ma?GQW|N5MAPJQ`B$cQ^?+)xoE|uG$2|+h{;t9M-S-XE^XYF8C?|98z z?rnNLJv}|wz>GU0?@gV+SI)<<^i$?#^*Lm0?f2KG6VSZ{6 zsoNJ9Cf1}XhyaFPQnwR*1niQK;*1RROesq$_m4-?fB0v*EM6DV5NONWu;(-zco^MP zTrV9tkl4YnHN5T!W3(i?eC9j28^k}tIf8xzQQ$4GU2!*34{woKNiB?^ZQIqTtynsc zFIq5=&7C(-^d@4$VQvOO=neXmCoA$q&4;>LVy>{2FQ)mS0Ihr))1S*>Sm?@{VHc)B zX-{Z4AHw9yR(NQBLIC=s;)FFg$+`eJw?Xy9SEKo})E`-d@C}rA=sEE?cc10mt!K~r z3PhP=J9l+$EJFn`G~mm09OHNgyte~WHsRJ<3U>)|#mBy~`ejW8bO0MEk3jW7jwW*2 zyaRP*m%V>UrNoPI+YCcOBO1??sa3c5_9v7W>!shN1HFGlAz?v46cPXjo30RDIC#!U zwqQW%v6hdERe;qF8c<)|6`W=?kMgqltI8Rl5U^I=2Lnl`J(xKbF#IFBrC6-HVL^vE$4$*hbMBhwQRoe4>gg7ib!a7RE!e6OU8u zZt#t7a0=Lhau}}+=kRQ z{TEtBX21FUDVP(Out|Uwj~YFSNW1WlfgnHPzW8}TGsrPvZx{!=!OT$0menn=wKHZ5 z3BX{*C+Hx6j`~PP6gL7akjlary4Y6CT!!1~2pOIZ!g(v$Vh%?bq=%cg_d|Fr2?d2s zdK$ke^XdwBW?)yCcEF{lSJv&OvuxJ3?T;tgHNl34)ZYxm!;g!bY5vImI6)l=ong;jACq{_r*?n`UOu87Yf7M0IuC&Z4(VTC~=3N)p4k< z{3d)G1K+rC=HWRT#sJe>j;tS4M`vV@9()@++}u z2bm;5^H$yqmi#4h9{tHMTl-);Iaq!{*IlKI7ySNf^;5zJy~bCU2I@)0{U7RO|0nH` zPivF|N4&g3bX)MNZ{1upNR0$C!XdI~UPeBt#82L2C*2Huo&tNrUw-n=IK~8MXIA1a zzaL@sOKRMOa|5XxZ4A7K$8sbTzx2r1%7|J0haPzVKZFO}A)N1Mbf-rB$VLG{_cJBh;Z~wO>*8fK>;s4bO1>bL>ZU~@d!4#Kb#lZ>!z#QAC8x*NhS9vfX}kv^9lt3)eCRvK`g^TD^Xt5P^Jaw{%~hLG(FK_T!G10)yS=a< z17IrM9xRvaA=1$-b~PVvSFM-?N#)4re{gy_a~o%e9y@U46&Q`Xg~q;@o3SeS=O++c5RX`uIZ$IvdW! zg@vrVJ!$;r3XQKHT=mU@473#C;cEfv$+y`E(KdbZZ})3LT4xqhoL$FdZ51?`Z9 z_#tFZ1{y}tCXqKVWg=bBGJgY5w1^*tb<#sGF8$yy;6Ckg$yGj{cu8bP17TILZ+kiX zqo%KAyTR5AX$3`fN!M?&v;eL5ZCXwWdWmyYYISGS>O>2PixjLGn(d#8s7(``y!aE3 zfQgwBnV4js>-3WYYQqCse)|aMBJvH+Laf@LNzgCEQn+H!0EqT$)m58_ zj=~^A32%)ir~$-3vFIrX7C0vf-w{khCM%OLliO!dKu^^Dv9zgukzZ;u8eZIcF18f{{MS?(&gHqf0+I5KNk+EGZA!Z3EgzUZt zlR9qM;coa~NqR{*SVTUcsTlPns22dA^B7HCP0h$d7No4!pv zeB8M87$Y#SBPUNLbJISMh;G?|prs{SQb>H3EDd5d$DqHOM~Z`kJ(cYo2S_IOs!T|j z8y3+5kwJ9~1qfKc9frYokIpwl#UTQD!TgX3?7tK4;K{6mi&GqJKVEEa;u2nc2HO== zm?rcRGY`9^W#Q<*3Et04_o`@3n=W4R6z3vZ^4U>&bcA>%2O?I1Hva>rQ(t?~prZ(w z=@@s@yQ2S9e#iw$#9sJ{D^k86;fCRC4 zv@&2n(Q)wAz~PuQg^VJ+CpfAShe3@OZ{F-UeL8nbSg+SO6<9bVd722>5bUVPmLY{e zyd0NEMtAG`#X8NN|Mfykx6jp+VsEIt?^m<*bxHl7{r6q$7;&QG@q^9kHM!{Pce+p8 z+Kyi@oT!uD%AVLIUP~bod$2hm4?tWu9(1;oL8OUn3$K{9&Ao}KB7)}T;&qa2JxmVn zn}*dOmUe2eQ|ua5_qw8%EJgQ3-~AQ-T$hUIJ4MLzEI`nHu=qd1%317 zuSLf!#{#S64*u2X)s;Peq{c4jNi3L+Kyy$QKVbYwdrm~U!jxEgqoKA$pr);O0~%Q8 z%;n2p&h|;yZgK%+Vs=KIxbq$_ZZTD~EPa~YyhN(f7ld^q> zd#%^T#l`i?LuV8Cp3``;V}Ff0T~jl)8@jZgVNS2XxJIkEsMqXg@{! zZJ6u5@}pPiuLUoJUO1Z87fA{4jd6b|55kyv%wO;KGwoN?Wne<@I2QwntD4SYk~4HZ zj5ZFtpg_m>`?6u*HkBlIf*i&PfYq;sDu{}@s z=i5k^`V4w0V=PaR+yuas(%AG!95Z+BiDb2IOb2w^P#B9iN-0*CNXZx1BV}HU;acu{ z$-rfx^u=?N_jntWp$b;5h{fw8u_Vmmw8XC_%QD45h};DeT|%`68fGhfw8d9L!*sqkLPz#L=1TwzTZtFfgl#Iz3>yGtlb|Era| zlPUNN90(mb%2F=v2(O)MShl@HNAK8rjp$n2n~i-M(!b{XUbPnFMVa+lY&mU`{DU_4 z3Jq>^KS@IR`zQTH{T*NeATE25*$!!IqylJv7Zo{GS4b1o1)n*iZ({MJ)!}$c@dzzU z4=LI?^}K%Q#)=STrYjpi`;^4~S{>un(?fwJph7xnX*HlDg{x#V;kH8FiD=*r4*~GPB{pNQxxBtOTOoB2l+M;) zTyBwHRMhaO>kGCGW-nbZ!=Bry4f-}<9p5u&#?;@KGHJ&d>t|UM+<9^9`_R{4wp0dY zS6U&Hq<)Drf+iKj_#ysR-|1bIg({3SH4pborMwnE!TPqdSEibx2$O@>p$ zoNL@r+yeYVP}UEdDhZL(8~m&c#!^xWAiU1JG0bdIHCeh9kT(u{A3fjjf_S;?>}SmD zxRd1F)rgtEBkrR&WKBtZphl{@)|~Kz9#mB~V78vBd&H`SCF4liU$<@4R@Lj^^>lP% z^j)y*=nKPK!{JzSdbws8yBb2DCI^)0omI&wq)XFbEZ)kz5vn$vf^?_HyQ^Dzy=@4mXzrIU^G zgne6D7By&6d)|2KR>7@L@4X${YQpW}X0_7;d)MCD<@=fNkKyMU)R-4o<3{sa-3}#> zIys{B=aTz}OxN!nQe)J|%wAzj9}fFw`k~DcTmIL3N3D@xpDZc)S*Zs4!jsZvUs7s% zK>4gGQ}n8* z`j}mv%hwr{o)dshs8`DdJxBb!c%^V?R@UxT4R+EVd54dh&kP?6Hc|!!Q+Rf_`Xi{~ znHx)ME7F%nF>~!|bo0=nHf!UaIsPn;eqi%(a;K&wh#0-mwmucVx9-m8gncMuKfD{e zfqut9*ZXddUokzH^d_|~&g@qGeZ!>-*4p~VTSj}odto^FrM+3JIS01%J@{yxO?>zi z$G7G?O^y_2Zt1gRX6&6H$=U4V@HMMY*)DSBoLwfDC(pq;cwcGAJYqUx!!qWr!F~%~ z*H-9EShnl}!nst3^-Ec`!gsWGXnX#n`gKp{?Z68&%S`LRZieyp3yJ4?j5_@?azZY; zF|yIO7j(vkO-u{SU$Y`>>wpIpp$3C@sy@=brZHuo?UYA1NAC(fnd@%JzfzLr6O?vo zWkHL1*EV0_d2}lIQ)3FtmsFJ>pPmf(^5w|rW!*+@30nW*{!zR4Z4@yrhiw^kdRyX| zMmLArZYZsx%HuJ#^<4fVhr#1jQ&k+;IjQ7WvLt2R5)u5&ImG#k6n@MrUS0J z{kM(}hZU$8XapFC^|kI$>xJ8^(jQ%lRur#~v)*2(N$3FOP>V<1O8YP05is$^Q!nd# zo#JM!&9Vvnw&dOLtT{zNImuCt0(Bkl9s6C;cYJk$!RsyKb{U+s)QvV%oHBmaZhS$? z_{`dIQ`UP9?voy~X58T9IxdepZLFa)e(mK28wP(nwf^Pi8LiqC(XJXttX5adJo~n) zeq)7V_2JGNYbX?Rcf6>rP%Lb=P4!_mQlHB(;_E)oYd2u&9?X?ieMbqO4T>L1^ZG3~ zx@n*_MbQzou4`CoraiyqLOrvgz0kpV=sJX--)e!71s}Ik7M(C+uPYlCaG*$`aCxzF z;4x3nAmH(oevRTQO73|Kw-4;L5-Sd#jt>BPag7u>xFuC)?#nHo7t=#YEH z#TQ2BGLq`BZLI8LuDN8~RX8P#s`xan&%E&QZrG}aqHy1keQC+=sxN+{VPc&eX&fTK z;io*}*0Li>ZhUsfp{vKR>S8y{W~*Vl?MirCFZ?Ecy3uyu!GoCqiruC#2Zd4OLm1WL zKi_F*35Z+uJ!!O-rshOo%58Yug4(xhu=7iKQP{ow(t;+=-?vL>05re6WW2ngXRB{E zRwK@bK{*mC=b7DOWZjp1yA@?4p4lI7bn{RCeXkBZ8G zKF3u7IowBDKHpZjbklB_3u6c^{r}b6cSc2-W?Pq8F}2+w2E+h}6b&j8B&yhm1xhZe zMM4`;1Vki*1Vbw$2uMK*O%Q<+sz5*ygd&QxiUbi55fA|hO3o_z?#G_KcV_O)z2A@f ztu<@4-ECE^sy96EbI#d&pM9X;#v>;BV#hK=NeabU__E-P2UsX z&PxX^q|FQzUVcuj?aL%xPwx(PJ6h}BQxEG$vkIsCLf4y|t54T}(Eb&?3R9cmiAI(f zL?WURLY<;qc(fY0NeNOYa!U*Yc1zl29c6~zzMTrzEEz};lMS(`1wgGgKtbAFa%(|r zmHKi42BUB04X!~3$DPr@$?@CcO(Fic~yKU)K%nZUiSMN2)b z;?+?~z5xd(uz3C`jJqTi6?vuSnP|kD((^bN9gYEZo5A9q~_|N#U%@c zo50$!oUVk(q|wbZ;uMUwZn9HWpbiC@0YZt1>iQninI^|dRS1`=FmvdxdA8vL&EnQyeqV~UNu9r)LZSG7mxq7KR=88af5re>+n07gSX#Lhki*caFDf%%l3U189DP@i}8}t zI?CYxQj+W-XLBM|jXUgf&Ui?CfNH|?>-tNC zSfVUPY*H(8;-*D&XP7oK;wkTSX2H??bsCb25rreznVnaIxTwVfrCO3kgW;T<+6kX8 z+l)*(Ema$h(w!ceN;Q;ub!0L{FQ}Ut_UyRenQpyu+&^l0M0m3GuX_5IJkQMp^)7Md zuW`*jxrRF9nZ&m>Q2)uuF3X4Yx<`CAmz2EaifO<3$-L24o@QXzuiw!rT$^xsEw(uS zh73iu-F5RNSKK-?te`Pb@K(=#2m6<8rUi0!Y0;XcnZKOlBJS#cS*TB6Isc;evZ9_J zF=d2CxF((KvQ=C^dnnWU zyss#Cs&U!)`!!N+dbfJ7J9p%dd~wL^Ww%rb2^{jE%6y<7;p82uCyOqxd)D2fIr&p+;Vn^Cs`;G{R}BTI#JjCQA1y0CS}6r!Y@OMw!{}&kz$-&E>fQx8Hz`~!dSi1f=vfc*Q{}8kVC4*lXE(+t?tJRN>+y?#?*3i#!7g0Do>zQ+R*Re6t8rJ6fSwVX@ZKB~Yv~+dhZOjC@%LYhl z-B~_pRW>G8&0tLsJ6!d5m2#JR}UZ#hDJr*18sf=c^n36YOzz*0W+I>4ryT2 zK{sMBt9hUfy;UddTpVI=@@-WWTd@48nu@u6*wF<8YLZvIg(7xeukIKzdUPzI`76240(lWBOa;3fl?^%?;sxAv^@(j$@j=4M0h@mKN$4X0P8kF zw1vJJEcJO00ESrb+r98#mWOI)RP~*$K8Ebx9bl#N8_fA!GvJQiqMC0rjRt=OGNwYSgWogUA+XNYIM zO7&dGNct(i{?9f7FWu-xPvX-rw2AcD-fr-_@KsEp(nt4h@*et&bRM(ju8EmXO1QGH z%2}_gk8f|_>#bkqE=5c7>Q$*dR(7k8`9#EQgYqN!T4BtEw%MQ-6(6m!MtgvlE50lY7Scn~uVaK!3*?Bd|uY$Xc8S-kS*rX)<98u)QK?j|GIkO#YdI-2R-N z*XU2u%8!1}^twAS^E^0JIpTn%XjiS&)rdmzJmK`p4t)Gf!G@ z`)!41T%*cSK8j0B&BBy96!>x`R6?0nRqEJm!$ipslKYG#Sfma$-v(^YkfU%c3X=@a zJNF15RbWAcG2YNN#L37oGT1E(_E8(HCVUHvefk)lxA0kZNgdj9keq-Z36`NLdC2Cy zoq(u6wBnQ@&TJdMfsW40wTsf2m5E&2;^Pbam)^azN?O)?%Jcgwg?Dj}3w)AKzW9;l zxzp@(wy680>XxHMQZ%Nj{66MM|IZ~&oydbYC5cZ~TIh`z?qUziT)pvlN#fco3*4FP z%hz?aTq60GX~o{W?CzU9e>=@V-Y)j-qS*vJp2a2AM*39OBI*$}#>)&z0q3!R#Cxu< zm+NXoTb=iE1`81*N_N_Wh&DWK2B>_kzw~>FFE@v_wHo_NJn?UkX+Q)FjfqJ^SnUEA za+7~%1|p}B#=bZ3tl|31jKn}C906krbPwI9HrFMlBT9D^-LyL+bX(2SSv$6KdQFa~ zMuB&B3L{H4uzGl&rHNOGPeTi!xv!Jjd_fl%T-k>_JlUo1gh)8*2?#ilVk0FJTz0wc z$e>4l&P4YQvrm+N16Y_3OIM&^EaE(O_U-+Bus+~aca{X7h}Y2!6bi2CQt20@sjKg9 zLG#5Sbj$^XGFDtj{LoxL6Z1d)!g0i>%yEQ57WZArJv$YY1Em_`$yRu7Phn|cQ(WAU za~!MBjeZ+uGDIc9V|zDLqx4Vj`93DKRVzxiJ`OYxz0b zzGd|Dda=_X#?MRJLPRXInX{1r)W&S1onGGJ7mlm)BC-t2eU?{MonKi}QlWO%OJgwU zx`Sg->8XbrZ=9lm_?W>#y<|g>`1b+=1noTo&amPBu`2*}=Fkj0J@d#|jwa8MiUbih zL~m9oDzVh?xKyK>P24lxrQ3N*eDth0@A78uVW#$G37Kko{gkRDc^J+zP5G`pc^>7D z+`8}WdE4L90qwvdBY4b~V!wHlTQs2)tkC&RF9q=M8q0uc$wFLPdo32Zqvfen)@Ukb zKB>7?XZnMA7HK#q&!l-815S3YP?rhtl2gPBFa^9jEq`dL(RGuXWt+>e6I0M19FQL;~TbBt(xn0cgu!i1H#4o z2|L_PavjZf>Yn#;8+ywN6f%A>%nP844~L3h^J(9KjTiK zAgV(g%tWIC#KULMklkqqofaFdO=l1aJvx6oO@1E3UrIWZ9^D)_GEGTi<&HU1k52l? ze4aj<={u!SkQHOpI=aMfw#}xqa}|UmTak6AJWbBtgE9&$?xkAY@$!P&cZOfoUo*^HZ>27Qd-oHtyglgD%r7Y?X}HWjVW2pYBT*0 zcdc4HALEt;#+R;t+y&fBKT_V3qv0=$_*86a_VmfsvP{R*2};h^j@5GJ0`S7-;_i?? zok=6z8)v28g!XB4Ge5lfVMCs{nd!NZ(egsR%&m=SlP1riTml3sula%dYaKq!s&ThF zK}T5~@@HwKJSSHx9CEvWj@?*G$))@S+DuHLF52V%iODt( zh@)4wy-J^F88L3gwdLE+w(!(uu5MW?pcVM2=Vhnx>X-8#OALx{LyfGl*c_$u>c7MN5-UF<(uN*eb2@K& z8Q#^Y{5ZmehJ5O^N3NMpP+fBA(S@kUTc!rx@@?17r%?1Z{F86F3?Sy8e?5XDLDmI8%Uh103cL6l{5b@ z7?lArMjh~k(a{>+$jIq-YM~Fb#MKzt7K=%B;U;q^dL!TE=@7mX{Y1B+X?8|$QZjms zOtS4`p9O6^XXjxI*Bn{*;r696ZiJ-(0}UN(D0q;2sE#b4lF8-O`?Nb%n(i$00n7gl zkG+3vzo9k(uuKoQdW<>i4s%1usIE|tToWzh#ki+V`_X7rbrvWTMA@Y6*hD^r2g9uTZ%0?)%lH*yupW!i0j2Q6vPe8>}=oK(!@ zHUKTve6NsfiJ4A7_f#^4Dc*AdnLz<-46$oD{d6y=89YYHAAL=IWPAz$mo?d~^a)?T zw}I!FD9QyUO7~v--lg&EMBBz$PB{FG>aTkOH77v4H&Rg>2yGB>CqR9Y&P~M3gG@35 zhtwGmZFztq1ESw{u=%f0c!$$9h1EafbTQXEnS^|_)tNjveic0gap)tTCcoloO=~@C zMW$K2=yU0TeOsAXeLmd_#X;mf~}VJ6+q-9iEW-jiK-Y44`$Z}1HJgcrGu0KWrXNB4UQTzb|vbdYaR zYz;bAZq{_&`1K*QO@{u4$zQ+F3~(D~Fr$TJ(Knk17@NN182FF|L}p-g?uTZ_IGd0s zb*^f5w-B)o?W}d13v`_+3V85d>G1*VpoCYN0ARGG#sRVbCL0D32bBSQVf}PNNm&aJ zJ&}N55M!2NbW8^KW_UOUSX4}0k5nTq4hP^};lL4l=WQcGr;JGtV zJs=oj<(0PDmvlLm_PJ;?3I7BpZ>+c8kU0u-A!7MOip_U+S?HztzH7i1UZMIRP4IdR zB(tON6R-i?jj%F7dnrx>zIKaUa(u>5;;@8@lvP$^Ce%8XCr?`8DQ5;Aei4D>lg76w z1FfLl*m!U%dM+-X&ktBwGAz6@VN)cFKA*Gi^NyepE|~K6IT^8vaM$ZkYPa!sZU{^4Hiq@)s3zAK9)DW+mXJ=eh$J;|D zaI|uuq@Mo%`zJriR6Rt5OxOn!Oy0UFC-cCKHL(a`Ht5_2a^x{J^jySs(`|p`4gaVY znDX%(p&9%$x?g1i(wIcp2x_7o#RGgAK~-q2U%G$t9!s{6kdvcBL_}BSH`4B7sO)+0!;rN{b2-AN1QXFvPn(b;=QTL|pW;m3$xn(7E~M=KmzzZ@9Hi zK|qy{#)2f|CAtWiHK@CQDVm`#Bs_91a$P0ly5Xi^!AP}r>&GK;00bqaq(~dRQhe^- zIh1Up-Tq6L3M^Y_x#rqj??RsNZV`}IlC7HhThVaZri~h`+{#y$A@A1Y)^Sz}M$_f_kr+r5Mm?Z!05uTs$R0HmU8YryH zGIbG1FhzhaxD|vjYqATgX&VE_{jEegYqt_?wPe|Lqt4 zT{`~n|Hk>%f~%=(mf;*1OnE!1lAEl5{#Y!K3!LG}ti}##_gKf)pggzBYJ4Y*_djlv zmpAqOQB2-Wg=>cVs2o(NSd+;x+hyU?vWPgHz8U}S~mOrfxBq9cB>P9bFIxr=U{l|wFq&a*7 zBCg<6yj+0;@)bi|UY?Q00cYO~-_IcX1ZoV&hwCn_0v~E$q@@2Tr#Jl?$&C;QPTQIH zkGTRwT#V4gtcp{+GAWdB zlEWf2Vo&fGELt_}rovpjyiFjyNWPky}_cD!mmNr zl-E)&hQPozhiqe{8ppLZh zD*Z`aRpO%Lsg{0iY46aD?^5D*R~k=+OMo61vdC+8Y_8zz0Z3q^T@>9eRguEnA#pgTH7r5*FtZOiNa?&AhE#x zw7&Lec7Awh&?D$t(l`*r6s@aND!r}u{PkQ);PZJ#mzEydvF7#0nZZR6l4_IYc~pyR zl4+#*OebRj%0Xf>vRN=Cyzv@sb61JQgk<~nkobK+JXMu7fA(dvz4=kmyQw?^DW)rn z(lR~XCw-_)kZ^0SuD?Wi%)Nh7D4*?pLu_2!2GsKISN#d_DoU z3j^4I$S8cFcPA0ZK@e9B)3RDvXAu60$QR;+)RIWJ2hatJpx2n=hM3b|Flh(CP?tH1 ziFc$1#ImoEt22#tnSyPY^uK@SCW4lqg8V|LGO~BPgp2Q+fXBGq%^OT38)NT(PDVVed;d^jyD$( z*zRUw*&{gpRf+zrb)G|Jj!EWvS^cW0>%%^o-Op#{w74CTn=2SjIwiUhRYjfXR`2t8 zq$;L)z*oizvzy_5>YjsE@lo{ZYBNznlhV)3xt8vM8JA8d|7_4n%VgtmJA>4p6s@Fe zMsXk^BC;Pw{jX37B@k~wR3{0<6bsV~G+!Q#p0Y?WD(_p#F|KTE=WKj`d0V*a?(cus zc^YhF@vNw+bTTH_Xv$~fiwgtWXa?J?N}9T@1$1KW#8)n7Jv32<8i!fKiH6he|*nm6QL0j-{2fb<(>QA z9bvwP+eXQ{6z~yUVTDr|kr&6memy}dx=Nuwf=b2-HFjCgSgBoBPvJ~YAqISRgJ@uH=!W=PCDP+)zXI^=HGy*;|9W@tb1Vzb$+qAv>1a6yfh_6LNB652eLsV=c5 zH2A{7jz;kEH#V*)6%OO?0#3BrFyQfmt!ipB8A}@&n5BodChB*K0a9L7k3DF12tIi> zASr*@v5kfZ6;js|@S2`c29zBKHww%`o4Kr5&%mH!$;KI}p7!Q+o%H&4>jsne-a%CU z#T;Cg&IJ0eexB7qb;5k1l1AoRBNJV+t1V2p#|GanHrcVQUT0%BrRC&e^T!K_)fZ6# zdaA{s-Vx~_njdoWP+M4|xJIFEee$PdXct%>yB|Q@wL#TGc6b6-*nXHv4U!vcTaBoA zSSE};k;+>A$vIrxw(lkQnd+NaK9RB2&PzLNU(3GRW_9q<#;j%+B}+%4$>7r?ZpF^A zdf6`p?*5|hc6JSA%IIs&^6bZ$VsHdFOdZB4+yhLW3<8d*>j?gepGHw!0#*)V1h5;D zy#|7<(o&uLelE1f1Z6@U&^|IQiypte`iGiGrt9z|(oIc&q>+HsSs8Oqslg+5FHgm5 zVJYE;Is=)aicCZP+6TU%gQzq<;fi394hNcnk?(D0V8B#;TwF&%QcsYx>dBJ>bPi{e zfsed;(Z$}|C*rSC>}76X2U&yLgyMmIE`RKnuzUL|TplAXm%C2I4a1>&EVTK2Ik=Kk zq!O6cc^{H*g0)SLSNh10xs+o#69>B6ZYal6M7vUR`wbA?#b_9Knu0o99H=|48AD z6r(@N8~g5@kTGuV5uFm+diJ(xK!+wC{UTf1#w|8X?`$s1uPz3#EE4|Qu70hx|hAFj<7nVt09N8)- zHank`Yvxh;T>Bd6<7;q+QCFZ2rY|v*kL>%JyDkhP z)c*Ri-yyo94Sk6@Kv5$5gn98HUtIE*Ls9@u2o$?x&AspQqF5G2zowxppQMfiQh;7_ zvv2XSeiUjH)|zXvM0*Uoaq(ql&lhZm^ssmbKQx=Q42v#gCAav6x8NQ$fht@c8K zIa`X7x7gBJ?;G*TPc7BmV?1N3=tf_`5T9I!LsmCfm98_IIo|eDYqEn`M{wHg%8;oA V*<0RCIN>NMG!31fQq_OC{2zD(Kz{%L literal 0 HcmV?d00001 diff --git a/interface/dashboard.rst b/interface/dashboard.rst index df19de12..c67e7739 100644 --- a/interface/dashboard.rst +++ b/interface/dashboard.rst @@ -55,6 +55,8 @@ Disk activity Widget The disk activity widget displays the top 5 disks sorted by read/write activity. Activity can be sorted by reads, writes or both. +.. _network_activity_widget: + Network activity Widget ^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/interface/system/services.rst b/interface/system/services.rst index dd329031..ee592876 100644 --- a/interface/system/services.rst +++ b/interface/system/services.rst @@ -3,11 +3,9 @@ Services ======== -Rockstor supports many services that are necessary or useful in a storage -system. Service management, *i.e.* turning on or off, and configuration can be -done via the **System** - **Services** page of the Web-UI. Note that the -**spanner icon** next to each service name is used to **configure** that -service. +Rockstor supports many services that are necessary or useful in a storage system. +Service management, *i.e.* turning on or off, and configuration can be done via the **System** - **Services** page of the Web-UI. +Note that the **spanner icon** next to each service name is used to **configure** that service. On the **Services** page, all services and their current state are displayed. @@ -15,22 +13,18 @@ On the **Services** page, all services and their current state are displayed. :width: 100 % :align: center -To **start** or **stop** a service, click its respective **ON** or **OFF** -buttons. +To **start** or **stop** a service, click its respective **ON** or **OFF** buttons. -Some services need to be configured before they can be turned on. To access -the configuration page for a service, click the **wrench** icon next to the -service name. +Some services need to be configured before they can be turned on. +To access the configuration page for a service, click the **wrench** icon next to the service name. -Please note that not all services are documented here as we are currently -working on upgrading the documentation. +Please note that not all services are documented here as we are currently working on upgrading the documentation. NFS --- -Rockstor uses Linux NFS server to support exporting Shares to remote clients -via NFS. Custom NFS configuration is not supported, but the service must be -turned on in order to export shares. See the :ref:`nfs` section for details. +Rockstor uses Linux NFS server to support exporting Shares to remote clients via NFS. +Custom NFS configuration is not supported, but the service must be turned on in order to export shares. See the :ref:`nfs` section for details. .. _configure_samba: @@ -38,14 +32,11 @@ turned on in order to export shares. See the :ref:`nfs` section for details. Samba ----- -Rockstor supports making shares available to SMB and CIFS clients via the -`Samba `_ software suite. Samba is the recommended way -to access your Rockstor shares from a Windows client, but can also be used to -access shares from a Linux or MacOS client. See our :ref:`accessshares` section -for more details. +Rockstor supports making shares available to SMB and CIFS clients via the `Samba `_ software suite. +Samba is the recommended way to access your Rockstor shares from a Windows client, but can also be used to access shares from a Linux or MacOS client. +See our :ref:`accessshares` section for more details. -Before turning on the Samba service, it must be configured. To do so, simply -click on the little wrench icon: +Before turning on the Samba service, it must be configured. To do so, simply click on the little wrench icon: .. image:: /images/interface/system/services/samba_wrench_icon.png :align: center @@ -55,20 +46,15 @@ The Samba service configuration window will then open: .. image:: /images/interface/system/services/samba_configuration.png :align: center -- **Workgroup** is the only *required* setting. This should be set to the - Windows NT domain or the workgroup name. Unless changed, the default domain - name for a Windows machine is :code:`WORKGROUP`. -- The **Custom global configuration** (*optional*) box allows you to enter any - custom samba setting needed to customize the Samba service to your needs. The - possible options are thus all those supported by Samba in its :code:`smb.conf` - file. See the `Samba wiki `_ - for a full list of options and their documentation. +- **Workgroup** is the only *required* setting. This should be set to the Windows NT domain or the workgroup name. + Unless changed, the default domain name for a Windows machine is :code:`WORKGROUP`. +- The **Custom global configuration** (*optional*) box allows you to enter any custom samba setting needed to customize the Samba service to your needs. + The possible options are thus all those supported by Samba in its :code:`smb.conf` file. + See the `Samba wiki `_ for a full list of options and their documentation. -When ready, press the *Submit* button to save the -configuration changes. +When ready, press the *Submit* button to save the configuration changes. -Once you are done configuring it, the Samba service can now be turned ON by -toggling the ON/OFF switch located to its right. +Once you are done configuring it, the Samba service can now be turned ON by toggling the ON/OFF switch located to its right. You can now proceed to :ref:`create_samba_export` and :ref:`access shares from clients`. @@ -76,20 +62,17 @@ SFTP ---- SFTP stands for Secure File Transfer Protocol and is essentially FTP over SSH. -In Rockstor user owned shares exported via this method are mounted withing a -minimal chroot environment for enhance security. Please see out :ref:`sftp` -section. +In Rockstor, user-owned shares exported via this method are mounted within a minimal chroot environment for enhanced security. +Please see our :ref:`sftp` section. .. _ntp: NTP --- -NTP maintains system time in synchronization with Internet -standard time server. This service must always be turned on. +NTP maintains system time in synchronization with Internet standard time server. This service must always be turned on. -To configure NTP, you can specify the address of an Internet standard time -server in the NTP configuration page. +To configure NTP, you can specify the address of an Internet standard time server in the NTP configuration page. .. image:: /images/interface/system/services/ntp-config.png :width: 100 % @@ -100,28 +83,22 @@ server in the NTP configuration page. Active Directory (AD) --------------------- -AD is a directory service to connect to an Active Directory domain. It must be -turned ON in order to be part of the AD. +AD is a directory service to connect to an Active Directory domain. It must be turned ON in order to be part of the AD. Before configuring the AD service, however, some preparations are required. -First, the Samba service must be configured with the AD domain realm as the -workgroup. For an AD domain of :code:`samdom.example.com`, for instance, the -Samba workgroup should be set as :code:`SAMDOM` as illustrated below. Note that -while the Samba service needs to be configured, it doesn't need to be turned -ON. +First, the Samba service must be configured with the AD domain realm as the workgroup. +For an AD domain of :code:`samdom.example.com`, for instance, the Samba workgroup should be set as :code:`SAMDOM` as illustrated below. +Note that while the Samba service needs to be configured, it doesn't need to be turned ON. .. image:: /images/interface/system/services/ad_samba_config.png :width: 75 % :align: center -Next, as correct time synchronization with the AD domain is necessary for good -performance, the NTP service should be configured and turned ON. Ideally, both -the AD domain and Rockstor machines should thus use the same NTP time server. +Next, as correct time synchronization with the AD domain is necessary for good performance, the NTP service should be configured and turned ON. +Ideally, both the AD domain and Rockstor machines should thus use the same NTP time server. -Now that the Samba workgroup has been defined, and the NTP service configured -and running, the AD service can be configured. To do so, click on the -**wrench** icon and fill in the form with the values corresponding to your AD -domain. +Now that the Samba workgroup has been defined, and the NTP service configured and running, the AD service can be configured. +To do so, click on the **wrench** icon and fill in the form with the values corresponding to your AD domain. .. image:: /images/interface/system/services/ad_config.png :width: 75 % @@ -130,47 +107,33 @@ domain. The individual fields of the form are described below. * **Domain/Realm name**: Specifies the desired Active Directory or Domain. -* **Administrator Username**: Name of the user to use for the enrollment to - the AD. This should be the AD's administrator account. +* **Administrator Username**: Name of the user to use for the enrollment to the AD. This should be the AD's administrator account. * **Password**: Password for the Administrator username. -* **Enable enumeration**: Fetch and display all users/groups values. As this - option can have a notable performance cost in some servers (with high number - of users, for instance), this option is disabled by default. Note, however, - that this option must be enabled for Rockstor to be able to list AD users and - groups in the Web-UI. See `SSSD FAQ `_ for - further details. -* **Disable automatic ID mapping**: By default, the AD provider will map UID - and GID values from the objectSID parameter in Active Directory. Check this - option if you want to disable ID mapping and instead rely on POSIX attributes - defined in Active Directory. See `SSSD documentation `_ for - further details. +* **Enable enumeration**: Fetch and display all users/groups values. + As this option can have a notable performance cost in some servers (with high number of users, for instance), this option is disabled by default. + Note, however, that this option must be enabled for Rockstor to be able to list AD users and groups in the Web-UI. + See `SSSD FAQ `_ for further details. +* **Disable automatic ID mapping**: By default, the AD provider will map UID and GID values from the objectSID parameter in Active Directory. + Check this option if you want to disable ID mapping and instead rely on POSIX attributes defined in Active Directory. + See `SSSD documentation `_ for further details. * **Treat user and group names as case-sensitive** -Rockstor 4 relies on `SSSD `_ for the management of identities -provided by AD. As a result, one can edit :code:`/etc/sssd/sssd.conf` to -further customize the enrollment into an AD. +Rockstor 4 relies on `SSSD `_ for the management of identities provided by AD. +As a result, one can edit :code:`/etc/sssd/sssd.conf` to further customize the enrollment into an AD. -Upon submission of the AD configuration form, Rockstor will test the -configuration settings by attempting to *discover* the AD domain and save the -configuration if successful. If Rockstor cannot discover the AD domain, it will -report the error back to the Web-UI; notably, verify that the AD domain can be -resolved by name via DNS (see `Red Hat Windows Integration Guide `_ for -further documentation). +Upon submission of the AD configuration form, Rockstor will test the configuration settings by attempting to *discover* the AD domain and save the configuration if successful. +If Rockstor cannot discover the AD domain, it will report the error back to the Web-UI; notably, verify that the AD domain can be resolved by name via DNS (see `Red Hat Windows Integration Guide `_ for further documentation). -Note that a successful configuration of the AD service does not enroll the -system into the AD. To do this, the AD service must be turned ON. To leave the -AD, simply turn the AD service OFF. +Note that a successful configuration of the AD service does not enroll the system into the AD. To do this, the AD service must be turned ON. To leave the AD, simply turn the AD service OFF. .. _ldap: Lightweight Directory Access Protocol (LDAP) -------------------------------------------- -LDAP is a directory service to connect to a LDAP server. It must be turned ON -in order to fetch users from the LDAP directory. +LDAP is a directory service to connect to a LDAP server. It must be turned ON in order to fetch users from the LDAP directory. -First, the LDAP service needs to be configured: click on the **wrench** icon -and fill in the form with the values corresponding to your LDAP server. +First, the LDAP service needs to be configured: click on the **wrench** icon and fill in the form with the values corresponding to your LDAP server. .. image:: /images/interface/system/services/ldap_config.png :width: 75 % @@ -179,24 +142,18 @@ and fill in the form with the values corresponding to your LDAP server. The individual fields of the form are described below. * **LDAP Server**: The hostname of the LDAP server. -* **Search base DN**: Specifies that user information should be retrieved using - the listed Distinguished Name (DN). -* **Certificate path**: Absolute path to the TLS certificate of the LDAP - server. +* **Search base DN**: Specifies that user information should be retrieved using the listed Distinguished Name (DN). +* **Certificate path**: Absolute path to the TLS certificate of the LDAP server. -Rockstor 4 relies on `SSSD `_ for the management of identities -provided by LDAP. As a result, one can edit :code:`/etc/sssd/sssd.conf` to -further customize the connection to the LDAP server. +Rockstor 4 relies on `SSSD `_ for the management of identities provided by LDAP. +As a result, one can edit :code:`/etc/sssd/sssd.conf` to further customize the connection to the LDAP server. .. note:: - The LDAP implementation is an area under active development. As a result, we - are seeking feedback from users on further customizations and settings to - implement in Rockstor Web-UI. Please visit our `friendly forum `_ - to share your feedback or provide input on further LDAP expansion. + The LDAP implementation is an area under active development. As a result, we are seeking feedback from users on further customizations and settings to implement in Rockstor Web-UI. + Please visit our `friendly forum `_ to share your feedback or provide input on further LDAP expansion. -Note that a successful configuration of the LDAP service does not connect the -system to the LDAP server. To do this, the LDAP service must be turned ON. To -disconnect from the LDAP server, simply turn the LDAP service OFF. +Note that a successful configuration of the LDAP service does not connect the system to the LDAP server. +To do this, the LDAP service must be turned ON. To disconnect from the LDAP server, simply turn the LDAP service OFF. .. _nis: @@ -205,10 +162,7 @@ Network Information Server (NIS) NIS is a directory service to connect to a NIS server. -In the Web-UI, click on *System* tab to go to the *System* view. This also -serves as the *Services* view, which is selected by default in the left -sidebar. To configure NIS, click on the **wrench** icon and submit the form -with appropriate values as shown below. +To configure NIS, click on the **wrench** icon and submit the form with appropriate values as shown below. .. image:: /images/interface/system/services/nis-config.png :width: 100 % @@ -220,13 +174,60 @@ with appropriate values as shown below. NUT-UPS ------- -A (currently Beta) `Network UPS Tools `_ -based service to orchestrate graceful system shutdown in the event of a power -outage. Please see our: :ref:`ups_setup` section for more details. +A (currently Beta) `Network UPS Tools `_ based service to orchestrate graceful system shutdown in the event of a power outage. +Please see our: :ref:`ups_setup` section for more details. Rock-Ons (Docker plugin system) ------------------------------- -Please see :ref:`rockons_intro` for an introduction to Rockstor's -`Docker `_ based plugin system. +Please see :ref:`rockons_intro` for an introduction to Rockstor's `Docker `_ based plugin system. + +.. _configure_tailscale: + +Tailscale +--------- + +Starting in version 5.0.5-0, Rockstor provides an easy integration of the `Tailscale `_ service. +Tailscale is a private mesh VPN using `Wireguard `_ allowing, for instance, to connect remote machines as if they were on the same private network. +This service can thus provide an easy solution to remotely access your Rockstor instances and/or their :ref:`File sharing `. + +.. note:: + A Tailscale account is required if you would like to use the Tailscale service. Please refer to `Tailscale.com `_ for further information and instructions. + +Before turning on the Tailscale service, it must be configured. To do so, simply click on the little wrench icon and a configuration window will open: + +.. image:: /images/interface/system/services/tailscale_config.png + :align: center + +.. warning:: + All settings on this configuration page are **optional** and set to Tailscale's defaults. + If you do not need to customize Tailscale, you can simply click the "Submit" button without making any changes. + +In this window, Rockstor presents a set of commonly-used customization options for Tailscale. +If you need to customize a setting not listed in this form, you can manually enter the parameters in the *Custom configuration* text box at the bottom of the window. See below for more details and instructions. +For convenience, the list below includes the corresponding :code:`tailscale up` flag; you can thus lookup the `official reference `_ for further details if needed. + +- **Accept routes** (flag: :code:`--accept-routes`): Accept subnet routes that other nodes advertise. +- **Advertise exit node** (flag: :code:`--advertise-exit-node`): Offer to be an exit node for outbound internet traffic from the Tailscale network. +- **Use this machine as a subnet router** (flag: :code:`--advertise-routes`): If enabled, this machine will act as a `subnet `_ router and expose the listed physical `subnet routes `_ to your entire Tailscale network. +- **Exit node to use** (flag: :code:`--exit-node`): Use another machine as an exit node. You can provide a Tailscale IP address or machine name. +- **Hostname** (flag: :code:`--hostname`): Provide a hostname to use for the device instead of the default's machine hostname. + This must contain only alphanumeric characters; *underscores* will be automatically changed to *hyphens* (this reproduces Tailscale's own behavior). +- **Reset unspecified settings to default** (flag: :code:`--reset`): *Recommended*. If set to "No", you may encounter some issue with incompatible options from previous settings. +- **Enable Tailscale SSH** (flag: :code:`--ssh`): If enabled, this machine will run a `Tailscale SSH `_ server. +- **Custom configuration**: This box allows you to enter any custom :code:`tailscale up` parameter. + The possible options are thus all those supported as described in the `official reference `_. + These must be entered *one per line* as if they would be entered at the command line. + Note that if a parameter entered here is already defined by the form above, it will be considered a duplicate and ignored (the setting defined in the form above will take precedence). + +When ready, press the *Submit* button to save the configuration changes. + +Before being able to turn ON the Tailscale service, you need to authenticate your Rockstor machine to your Tailscale account. +Once configured, Rockstor will thus display a "Login" button that, once clicked, will open a new browser tab/window to complete the authentication process. +When that process is successfully completed, the Tailscale service on your Rockstor machine should automatically turn ON and your machine will then be part of your Tailscale network. + +Once the Tailscale service is configured, you will see a new *tun* device named **tailscale0** in the list of network devices on the *System* > *Network* page. +This device will appear only *after* the Tailscale service is configured, but whether or not the latter is ON or OFF. +Once the Tailscale service is ON, however, a new connection using this *tun* device will be created; this connection is named **tailscale0** and is entirely managed by the Tailscale package. +As with any other network connection, you can monitor its activity using the :ref:`network_activity_widget` of Rockstor's :ref:`dashboard`. **To start or stop any service, click the corresponding ON or OFF button** diff --git a/themes/rockstor/layout.html b/themes/rockstor/layout.html index 619571d7..7541f15c 100644 --- a/themes/rockstor/layout.html +++ b/themes/rockstor/layout.html @@ -3,7 +3,8 @@ {% set css_files = [ '_static/css/bootstrap.min.css', '_static/css/style.css', -'_static/css/syntax.css' +'_static/css/syntax.css', +'_static/basic.css' ] %}