From c71db854a9b17d2be99f6ff42cff5b3ab8a7a2c3 Mon Sep 17 00:00:00 2001
From: John Peterson <johnp@jfrog.com>
Date: Mon, 9 Mar 2020 15:23:31 -0700
Subject: [PATCH] updates to helm chart to subchart latest GA ha chart version
 2.0.25 w/ redhat init container fix

---
 Openshift4/.gitignore                         |    2 +
 .../openshift-artifactory-ha/Chart.yaml       |    4 +-
 .../openshift-artifactory-ha/README.md        | 1268 +---------------
 .../charts/artifactory-ha-2.0.25.tgz          |  Bin 0 -> 111438 bytes
 .../openshift-artifactory-ha/helminstall.sh   |   39 +-
 .../openshift-artifactory-ha/hostpathscc.yaml |   18 +
 .../requirements.lock                         |   10 +-
 .../requirements.yaml                         |    7 +-
 .../openshift-artifactory-ha/values.yaml      | 1350 +----------------
 9 files changed, 75 insertions(+), 2623 deletions(-)
 mode change 100755 => 100644 Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/README.md
 create mode 100644 Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/charts/artifactory-ha-2.0.25.tgz
 create mode 100644 Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/hostpathscc.yaml
 mode change 100755 => 100644 Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock
 mode change 100755 => 100644 Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.yaml

diff --git a/Openshift4/.gitignore b/Openshift4/.gitignore
index bcacc76..29f94fa 100644
--- a/Openshift4/.gitignore
+++ b/Openshift4/.gitignore
@@ -1 +1,3 @@
 artifactory.cluster.license
+jfrog.team.crt
+jfrog.team.key
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/Chart.yaml b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/Chart.yaml
index af5ff44..0c34ad8 100755
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/Chart.yaml
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 7.0.7
+appVersion: 7.2.1
 description: Universal Repository Manager supporting all major packaging formats,
   build tools and CI servers.
 home: https://www.jfrog.com/artifactory/
@@ -21,4 +21,4 @@ name: openshift-artifactory-ha
 sources:
 - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
 - https://github.com/jfrog/charts
-version: 2.0.4
+version: 2.0.25
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/README.md b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/README.md
old mode 100755
new mode 100644
index 76bd6af..5e69a31
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/README.md
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/README.md
@@ -1,1266 +1,2 @@
-# JFrog Artifactory High Availability Helm Chart
-
-## Prerequisites Details
-
-* Kubernetes 1.8+
-* Artifactory HA license
-
-## Chart Details
-This chart will do the following:
-
-* Deploy Artifactory highly available cluster. 1 primary node and 2 member nodes.
-* Deploy a PostgreSQL database
-* Deploy an Nginx server
-
-## Artifactory HA architecture
-The Artifactory HA cluster in this chart is made up of
-- A single primary node
-- Two member nodes, which can be resized at will
-
-Load balancing is done to the member nodes only.
-This leaves the primary node free to handle jobs and tasks and not be interrupted by inbound traffic.
-> This can be controlled by the parameter `artifactory.service.pool`.
-
-## Installing the Chart
-
-### Add JFrog Helm repository
-Before installing JFrog helm charts, you need to add the [JFrog helm repository](https://charts.jfrog.io/) to your helm client
-```bash
-helm repo add jfrog https://charts.jfrog.io
-```
-
-### Install Chart
-To install the chart with the release name `artifactory-ha`:
-```bash
-helm install --name artifactory-ha --set postgresql.postgresqlPassword=<postgres_password> jfrog/artifactory-ha
-```
-
-### System Configuration
-Artifactory uses a common system configuration file - `system.yaml`. See [official documentation](https://www.jfrog.com/confluence/display/JFROG/System+YAML+Configuration+File) on its usage.
-In order to override the default `system.yaml` configuration, do the following:
-```bash
-artifactory:
-  systemYaml: |
-    <YOUR_SYSTEM_YAML_CONFIGURATION>
-```
-
-### Accessing Artifactory
-**NOTE:** It might take a few minutes for Artifactory's public IP to become available, and the nodes to complete initial setup.
-Follow the instructions outputted by the install command to get the Artifactory IP and URL to access it.
-
-### Updating Artifactory
-Once you have a new chart version, you can update your deployment with
-```bash
-helm upgrade artifactory-ha jfrog/artifactory-ha
-```
-
-If artifactory was installed without providing a value to postgresql.postgresqlPassword (a password was autogenerated), follow these instructions:
-1. Get the current password by running:
-```bash
-POSTGRES_PASSWORD=$(kubectl get secret -n <namespace> <myrelease>-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)
-```
-2. Upgrade the release by passing the previously auto-generated secret:
-```bash
-helm upgrade <myrelease> jfrog/artifactory-ha --set postgresql.postgresqlPassword=${POSTGRES_PASSWORD}
-```
-
-This will apply any configuration changes on your existing deployment.
-
-### Artifactory memory and CPU resources
-The Artifactory HA Helm chart comes with support for configured resource requests and limits to all pods. By default, these settings are commented out.
-It is **highly** recommended to set these so you have full control of the allocated resources and limits.
-
-See more information on [setting resources for your Artifactory based on planned usage](https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware).
-
-```bash
-# Example of setting resource requests and limits to all pods (including passing java memory settings to Artifactory)
-helm install --name artifactory-ha \
-               --set artifactory.primary.resources.requests.cpu="500m" \
-               --set artifactory.primary.resources.limits.cpu="2" \
-               --set artifactory.primary.resources.requests.memory="1Gi" \
-               --set artifactory.primary.resources.limits.memory="4Gi" \
-               --set artifactory.primary.javaOpts.xms="1g" \
-               --set artifactory.primary.javaOpts.xmx="4g" \
-               --set artifactory.node.resources.requests.cpu="500m" \
-               --set artifactory.node.resources.limits.cpu="2" \
-               --set artifactory.node.resources.requests.memory="1Gi" \
-               --set artifactory.node.resources.limits.memory="4Gi" \
-               --set artifactory.node.javaOpts.xms="1g" \
-               --set artifactory.node.javaOpts.xmx="4g" \
-               --set initContainers.resources.requests.cpu="10m" \
-               --set initContainers.resources.limits.cpu="250m" \
-               --set initContainers.resources.requests.memory="64Mi" \
-               --set initContainers.resources.limits.memory="128Mi" \
-               --set postgresql.resources.requests.cpu="200m" \
-               --set postgresql.resources.limits.cpu="1" \
-               --set postgresql.resources.requests.memory="500Mi" \
-               --set postgresql.resources.limits.memory="1Gi" \
-               --set nginx.resources.requests.cpu="100m" \
-               --set nginx.resources.limits.cpu="250m" \
-               --set nginx.resources.requests.memory="250Mi" \
-               --set nginx.resources.limits.memory="500Mi" \
-               jfrog/artifactory-ha
-```
-> Artifactory java memory parameters can (and should) also be set to match the allocated resources with `artifactory.[primary|node].javaOpts.xms` and `artifactory.[primary|node].javaOpts.xmx`.
-
-Get more details on configuring Artifactory in the [official documentation](https://www.jfrog.com/confluence/).
-
-Although it is possible to set resources limits and requests this way, it is recommended to use the pre-built values files
-for small, medium and large installation and change them according to your needs (if necessary), as described [here](#Deploying-Artifactory-for-small/medium/large-installations)
-
-### Deploying Artifactory for small/medium/large installations
-In the chart directory, we have added three values files, one for each installation type - small/medium/large. These values files are recommendations for setting resources requests and limits for your installation. The values are derived from the following [documentation](https://www.jfrog.com/confluence/display/EP/Installing+on+Kubernetes#InstallingonKubernetes-Systemrequirements). You can find them in the corresponding chart directory -  values-small.yaml, values-medium.yaml and values-large.yaml
-
-### Artifactory storage
-Artifactory HA support a wide range of storage back ends. You can see more details on [Artifactory HA storage options](https://www.jfrog.com/confluence/display/RTF/HA+Installation+and+Setup#HAInstallationandSetup-SettingUpYourStorageConfiguration)
-
-In this chart, you set the type of storage you want with `artifactory.persistence.type` and pass the required configuration settings.
-The default storage in this chart is the `file-system` replication, where the data is replicated to all nodes.
-
-> **IMPORTANT:** All storage configurations (except NFS) come with a default `artifactory.persistence.redundancy` parameter.
-This is used to set how many replicas of a binary should be stored in the cluster's nodes.
-Once this value is set on initial deployment, you can not update it using helm.
-It is recommended to set this to a number greater than half of your cluster's size, and never scale your cluster down to a size smaller than this number.
-
-#### Existing volume claim
-
-###### Primary node
-In order to use an existing volume claim for the Artifactory primary storage, you need to:
-- Create a persistent volume claim by the name `volume-<release-name>-artifactory-ha-primary-0` e.g `volume-myrelease-artifactory-ha-primary-0`
-- Pass a parameter to `helm install` and `helm upgrade`
-```bash
-...
---set artifactory.primary.persistence.existingClaim=true
-```
-
-###### Member nodes
-In order to use an existing volume claim for the Artifactory member nodes storage, you need to:
-- Create persistent volume claims according to the number of replicas defined at `artifactory.node.replicaCount` by the names `volume-<release-name>-artifactory-ha-member-<ordinal-number>`, e.g `volume-myrelease-artifactory-ha-member-0` and `volume-myrelease-artifactory-ha-primary-1`.
-- Pass a parameter to `helm install` and `helm upgrade`
-```bash
-...
---set artifactory.node.persistence.existingClaim=true
-```
-
-#### Existing shared volume claim
-
-In order to use an existing claim (for data and backup) that is to be shared across all nodes, you need to:
-
-- Create PVCs with ReadWriteMany that match the naming conventions:
-```
-  {{ template "artifactory-ha.fullname" . }}-data-pvc-<claim-ordinal>
-  {{ template "artifactory-ha.fullname" . }}-backup-pvc-<claim-ordinal>
-```
-An example that shows 2 existing claims to be used:
-```
-  myexample-artifactory-ha-data-pvc-0
-  myexample-artifactory-ha-backup-pvc-0
-  myexample-artifactory-ha-data-pvc-1
-  myexample-artifactory-ha-backup-pvc-1
-```
-- Set the artifactory.persistence.fileSystem.existingSharedClaim.enabled in values.yaml to true:
-```
--- set artifactory.persistence.fileSystem.existingSharedClaim.enabled=true
--- set artifactory.persistence.fileSystem.existingSharedClaim.numberOfExistingClaims=2
-```
-
-#### NFS
-To use an NFS server as your cluster's storage, you need to
-- Setup an NFS server. Get its IP as `NFS_IP`
-- Create a `data` and `backup` directories on the NFS exported directory with write permissions to all
-- Pass NFS parameters to `helm install` and `helm upgrade`
-```bash
-...
---set artifactory.persistence.type=nfs \
---set artifactory.persistence.nfs.ip=${NFS_IP} \
-...
-```
-
-#### Google Storage
-To use a Google Storage bucket as the cluster's filestore. See [Google Storage Binary Provider](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-GoogleStorageBinaryProvider)
-- Pass Google Storage parameters to `helm install` and `helm upgrade`
-```bash
-...
---set artifactory.persistence.type=google-storage \
---set artifactory.persistence.googleStorage.identity=${GCP_ID} \
---set artifactory.persistence.googleStorage.credential=${GCP_KEY} \
-...
-```
-
-#### AWS S3
-**NOTE** Keep in mind that when using the `aws-s3` persistence type, you will not be able to provide an IAM on the pod level. 
-In order to grant permissions to Artifactory using an IAM role, you will have to attach the IAM role to the machine(s) on which Artifactory is running.
-This is due to the fact that the `aws-s3` template uses the `JetS3t` library to interact with AWS. If you want to grant an IAM role at the pod level, see the `AWS S3 Vs` section.
-
-To use an AWS S3 bucket as the cluster's filestore. See [S3 Binary Provider](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-S3BinaryProvider)
-- Pass AWS S3 parameters to `helm install` and `helm upgrade`
-```bash
-...
-# With explicit credentials:
---set artifactory.persistence.type=aws-s3 \
---set artifactory.persistence.awsS3.endpoint=${AWS_S3_ENDPOINT} \
---set artifactory.persistence.awsS3.region=${AWS_REGION} \
---set artifactory.persistence.awsS3.identity=${AWS_ACCESS_KEY_ID} \
---set artifactory.persistence.awsS3.credential=${AWS_SECRET_ACCESS_KEY} \
-...
-
-...
-# With using existing IAM role
---set artifactory.persistence.type=aws-s3 \
---set artifactory.persistence.awsS3.endpoint=${AWS_S3_ENDPOINT} \
---set artifactory.persistence.awsS3.region=${AWS_REGION} \
---set artifactory.persistence.awsS3.roleName=${AWS_ROLE_NAME} \
-...
-```
-**NOTE:** Make sure S3 `endpoint` and `region` match. See [AWS documentation on endpoint](https://docs.aws.amazon.com/general/latest/gr/rande.html)
-
-#### AWS S3 V3
-To use an AWS S3 bucket as the cluster's filestore and access it with the official AWS SDK, See [S3 Official SDK Binary Provider](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-AmazonS3OfficialSDKTemplate). 
-This filestore template uses the official AWS SDK, unlike the `aws-s3` implementation that uses the `JetS3t` library.
-Use this template if you want to attach an IAM role to the Artifactory pod directly (as opposed to attaching it to the machine/s that Artifactory will run on).
-
-**NOTE** This will have to be combined with a k8s mechanism for attaching IAM roles to pods, like [kube2iam](https://github.com/helm/charts/tree/master/stable/kube2iam) or anything similar.
- 
-- Pass AWS S3 V3 parameters and the annotation pointing to the IAM role (when using an IAM role. this is kube2iam specific and may vary depending on the implementation) to `helm install` and `helm upgrade`
-
-```bash
-# With explicit credentials:
---set artifactory.persistence.type=aws-s3-v3 \
---set artifactory.persistence.awsS3V3.region=${AWS_REGION} \
---set artifactory.persistence.awsS3V3.bucketName=${AWS_S3_BUCKET_NAME} \
---set artifactory.persistence.awsS3V3.identity=${AWS_ACCESS_KEY_ID} \
---set artifactory.persistence.awsS3V3.credential=${AWS_SECRET_ACCESS_KEY} \
-...
-```
-
-```bash
-# With using existing IAM role
---set artifactory.persistence.type=aws-s3-v3 \
---set artifactory.persistence.awsS3V3.region=${AWS_REGION} \
---set artifactory.persistence.awsS3V3.bucketName=${AWS_S3_BUCKET_NAME} \
---set artifactory.annotations.'iam\.amazonaws\.com/role'=${AWS_IAM_ROLE_ARN}
-...
-```
-
-#### Microsoft Azure Blob Storage
-To use Azure Blob Storage as the cluster's filestore. See [Azure Blob Storage Binary Provider](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-AzureBlobStorageClusterBinaryProvider)
-- Pass Azure Blob Storage parameters to `helm install` and `helm upgrade`
-```bash
-...
---set artifactory.persistence.type=azure-blob \
---set artifactory.persistence.azureBlob.accountName=${AZURE_ACCOUNT_NAME} \
---set artifactory.persistence.azureBlob.accountKey=${AZURE_ACCOUNT_KEY} \
---set artifactory.persistence.azureBlob.endpoint=${AZURE_ENDPOINT} \
---set artifactory.persistence.azureBlob.containerName=${AZURE_CONTAINER_NAME} \
-...
-```
-
-#### Custom binarystore.xml
-You have an option to provide a custom [binarystore.xml](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore).<br>
-There are two options for this
-
-1. Editing directly in [values.yaml](values.yaml)
-```yaml
-artifactory:
-  persistence:
-    binarystoreXml: |
-      <!-- The custom XML snippet -->
-      <config version="v1">
-          <chain template="file-system"/>
-      </config>
-
-```
-
-2. Create your own [Secret](https://kubernetes.io/docs/concepts/configuration/secret/) and pass it to your `helm install` command
-```yaml
-# Prepare your custom Secret file (custom-binarystore.yaml)
-kind: Secret
-apiVersion: v1
-metadata:
-  name: custom-binarystore
-  labels:
-    app: artifactory
-    chart: artifactory
-stringData:
-  binarystore.xml: |-
-      <!-- The custom XML snippet -->
-      <config version="v1">
-          <chain template="file-system"/>
-      </config>
-```
-
-```bash
-# Create a secret from the file
-kubectl apply -n artifactory -f ./custom-binarystore.yaml
-
-# Pass it to your helm install command:
-helm install --name artifactory-ha --set artifactory.persistence.customBinarystoreXmlSecret=custom-binarystore jfrog/artifactory-ha
-```
-
-### Create a unique Master Key
-Artifactory HA cluster requires a unique master key. By default the chart has one set in values.yaml (`artifactory.masterKey`).
-
-**This key is for demo purpose and should not be used in a production environment!**
-
-You should generate a unique one and pass it to the template at install/upgrade time.
-```bash
-# Create a key
-export MASTER_KEY=$(openssl rand -hex 32)
-echo ${MASTER_KEY}
-
-# Pass the created master key to helm
-helm install --name artifactory-ha --set artifactory.masterKey=${MASTER_KEY} jfrog/artifactory-ha
-```
-
-Alternatively, you can create a secret containing the master key manually and pass it to the template at install/upgrade time.
-```bash
-# Create a key
-export MASTER_KEY=$(openssl rand -hex 32)
-echo ${MASTER_KEY}
-
-# Create a secret containing the key. The key in the secret must be named master-key
-kubectl create secret generic my-secret --from-literal=master-key=${MASTER_KEY}
-
-# Pass the created secret to helm
-helm install --name artifactory-ha --set artifactory.masterKeySecretName=my-secret jfrog/artifactory-ha
-```
-**NOTE:** In either case, make sure to pass the same master key on all future calls to `helm install` and `helm upgrade`! In the first case, this means always passing `--set artifactory.masterKey=${MASTER_KEY}`. In the second, this means always passing `--set artifactory.masterKeySecretName=my-secret` and ensuring the contents of the secret remain unchanged.
-
-### Create a unique Join Key
-Artifactory requires a unique join key. By default the chart has one set in values.yaml (`artifactory.joinKey`).
-
-**This key is for demo purpose and should not be used in a production environment!**
-
-You should generate a unique key and pass it to the template at install/upgrade time.
-```bash
-# Create a key
-export JOIN_KEY=$(openssl rand -hex 16)
-echo ${JOIN_KEY}
-
-# Pass the created master key to helm
-helm install --name artifactory --set artifactory.joinKey=${JOIN_KEY} jfrog/artifactory
-```
-
-**NOTE:** In either case, make sure to pass the same join key on all future calls to `helm install` and `helm upgrade`! This means always passing `--set artifactory.joinKey=${JOIN_KEY}`.
-
-### Install Artifactory HA license
-For activating Artifactory HA, you must install an appropriate license. There are three ways to manage the license. **Artifactory UI**, **REST API**, or a **Kubernetes Secret**.
-
-The easier and recommended way is the **Artifactory UI**. Using the **Kubernetes Secret** or **REST API** is for advanced users and is better suited for automation.
-
-**IMPORTANT:** You should use only one of the following methods. Switching between them while a cluster is running might disable your Artifactory HA cluster!
-
-##### Artifactory UI
-Once primary cluster is running, open Artifactory UI and insert the license(s) in the UI. See [HA installation and setup](https://www.jfrog.com/confluence/display/RTF/HA+Installation+and+Setup) for more details. **Note that you should enter all licenses at once, with each license is separated by a newline.** If you add the licenses one at a time, you may get redirected to a node without a license and the UI won't load for that node.
-
-##### REST API
-You can add licenses via REST API (https://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API#ArtifactoryRESTAPI-InstallHAClusterLicenses). Note that the REST API expects "\n" for the newlines in the licenses.
-
-##### Kubernetes Secret
-You can deploy the Artifactory license(s) as a [Kubernetes secret](https://kubernetes.io/docs/concepts/configuration/secret/).
-Prepare a text file with the license(s) written in it. If writing multiple licenses (must be in the same file), it's important to put **two new lines between each license block**!
-```bash
-# Create the Kubernetes secret (assuming the local license file is 'art.lic')
-kubectl create secret generic artifactory-cluster-license --from-file=./art.lic
-
-# Pass the license to helm
-helm install --name artifactory-ha --set artifactory.license.secret=artifactory-cluster-license,artifactory.license.dataKey=art.lic jfrog/artifactory-ha
-```
-**NOTE:** This method is relevant for initial deployment only! Once Artifactory is deployed, you should not keep passing these parameters as the license is already persisted into Artifactory's storage (they will be ignored).
-Updating the license should be done via Artifactory UI or REST API.
-
-##### Create the secret as part of the helm release
-values.yaml
-```yaml
-artifactory:
-  license:
-    licenseKey: |-
-      <LICENSE_KEY1>
-      
-      
-      <LICENSE_KEY2>
-      
-      
-      <LICENSE_KEY3>
-```
-
-```bash
-helm install --name artifactory-ha -f values.yaml jfrog/artifactory-ha
-```
-**NOTE:** This method is relevant for initial deployment only! Once Artifactory is deployed, you should not keep passing these parameters as the license is already persisted into Artifactory's storage (they will be ignored).
-Updating the license should be done via Artifactory UI or REST API.
-If you want to keep managing the artifactory license using the same method, you can use the copyOnEveryStartup example shown in the values.yaml file
-
-
-### copyOnEveryStartup feature
-Files stored in the `/artifactory-extra-conf` directory are only copied to the `ARTIFACTORY_HOME/etc` directory upon the first startup.
-In some cases, you want your configuration files to be copied to the `ARTIFACTORY_HOME/etc` directory on every startup.
-Two examples for that would be:
-
-1. the binarstore.xml file. If you use the default behaviour, your binarystore.xml configuration will only be copied on the first startup, 
-which means that changes you make over time to the `binaryStoreXml` configuration will not be applied. In order to make sure your changes are applied on every startup, do the following:
-Create a values file with the following values:
-```yaml
-artifactory:
-  copyOnEveryStartup:
-    - source: /artifactory_extra_conf/binarystore.xml
-      target: etc/
-``` 
-
-Install the helm chart with the values file you created:
-```bash
-helm upgrade --install artifactory-ha jfrog/artifactory-ha -f values.yaml
-```
-
-2. Any custom configuration file you have to configure artifactory, such as `logabck.xml`:
-Create a config map with your `logback.xml` configuration.
-
-Create a values file with the following values:
-```yaml
-artifactory:
-  ## Create a volume pointing to the config map with your configuration file
-  customVolumes: |
-    - name: logback-xml-configmap
-      configMap:
-        name: logback-xml-configmap
-  customVolumeMounts: |
-    - name: logback-xml-configmap
-      mountPath: /tmp/artifactory-logback/
-  copyOnEveryStartup:
-    - source: /tmp/artifactory-logback/*
-      target: etc/
-```
-
-Install the helm chart with the values file you created:
-```bash
-helm upgrade --install artifactory-ha jfrog/artifactory-ha -f values.yaml
-```
-
-### Configure NetworkPolicy
-
-NetworkPolicy specifies what ingress and egress is allowed in this namespace. It is encouraged to be more specific whenever possible to increase security of the system.
-
-In the `networkpolicy` section of values.yaml you can specify a list of NetworkPolicy objects.
-
-For podSelector, ingress and egress, if nothing is provided then a default `- {}` is applied which is to allow everything.
-
-A full (but very wide open) example that results in 2 NetworkPolicy objects being created:
-```yaml
-networkpolicy:
-  # Allows all ingress and egress to/from artifactory primary and member pods.
-  - name: artifactory
-    podSelector:
-      matchLabels:
-        app: artifactory-ha
-    egress:
-    - {}
-    ingress:
-    - {}
-  # Allows connectivity from artifactory-ha pods to postgresql pods, but no traffic leaving postgresql pod.
-  - name: postgresql
-    podSelector:
-      matchLabels:
-        app: postgresql
-    ingress:
-    - from:
-      - podSelector:
-          matchLabels:
-            app: artifactory-ha
-```
-
-### Artifactory JMX Configuration
-** You can see some information about the exposed MBeans here - https://www.jfrog.com/confluence/display/RTF/Artifactory+JMX+MBeans
-
-Enable JMX in your deployment:
-```bash
-helm install --name artifactory \
-    --set artifactory.primary.javaOpts.jmx.enabled=true \
-    --set artifactory.node.javaOpts.jmx.enabled=true \
-    jfrog/artifactory-ha
-```
-This will enable access to Artifactory with JMX on the default port (9010).
-** You have the option to change the port by setting ```artifactory.primary.javaOpts.jmx.port``` and ```artifactory.node.javaOpts.jmx.port``` 
-to your choice of port
-
-In order to connect to Artifactory using JMX with jconsole (or any similar tool) installed on your computer, follow the following steps:
-1. Enable JMX as described above and Change the Artifactory service to be of type LoadBalancer:
-```bash
-helm install --name artifactory \
-    --set artifactory.primary.javaOpts.jmx.enabled=true \
-    --set artifactory.node.javaOpts.jmx.enabled=true \
-    --set artifactory.service.type=LoadBalancer \
-    jfrog/artifactory-ha
-``` 
-2. The default setting for java.rmi.server.hostname is the service name (this is also configurable with 
-```artifactory.primary.javaOpts.jmx.host``` and ```artifactory.node.javaOpts.jmx.host```), So in order to connect to Artifactory 
-with jconsole you should map the Artifactory kuberentes service IP to the service name using your hosts file as such:
-```
-<artifactory-primary-service-ip>    artifactory-ha-<release-name>-primary
-<artifactory-node-service-ip>       <release-name>
-```
-3. Launch jconsole with the service address and port:
-```bash
-jconsole artifactory-ha-<release-name>-primary:<primary-jmx-port>
-jconsole <release-name>:<node-jmx-port>
-```
-
-### Access creds. bootstraping
-**IMPORTANT:** Bootsrapping access creds. will allow access for the user access-admin from certain IP's.
-
-* User guide to [bootstrap Artifactory Access credentials](https://www.jfrog.com/confluence/display/ACC/Configuring+Access)
-
-1. Create `access-creds-values.yaml` and provide the IP (By default 127.0.0.1) and password:
-```yaml
-artifactory:
-  accessAdmin:
-    ip: "<IP_RANGE>" #Example: "*"
-    password: "<PASSWD>"
-```
-
-2. Apply the `access-creds-values.yaml` file:
-```bash
-helm upgrade --install artifactory-ha jfrog/artifactory-ha -f access-creds-values.yaml
-```
-
-### Bootstrapping Artifactory
-**IMPORTANT:** Bootstrapping Artifactory needs license. Pass license as shown in above section.
-
-* User guide to [bootstrap Artifactory Global Configuration](https://www.jfrog.com/confluence/display/RTF/Configuration+Files#ConfigurationFiles-BootstrappingtheGlobalConfiguration)
-* User guide to [bootstrap Artifactory Security Configuration](https://www.jfrog.com/confluence/display/RTF/Configuration+Files#ConfigurationFiles-BootstrappingtheSecurityConfiguration)
-
-1. Create `bootstrap-config.yaml` with artifactory.config.import.xml and security.import.xml as shown below:
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: my-release-bootstrap-config
-data:
-  artifactory.config.import.xml: |
-    <config contents>
-  security.import.xml: |
-    <config contents>
-```
-
-2. Create configMap in Kubernetes:
-```bash
-kubectl apply -f bootstrap-config.yaml
-```
-3. Pass the configMap to helm
-```bash
-helm install --name artifactory-ha --set artifactory.license.secret=artifactory-cluster-license,artifactory.license.dataKey=art.lic,artifactory.configMapName=my-release-bootstrap-config jfrog/artifactory-ha
-```
-
-### Use custom nginx.conf with Nginx
-
-Steps to create configMap with nginx.conf
-* Create `nginx.conf` file.
-```bash
-kubectl create configmap nginx-config --from-file=nginx.conf
-```
-* Pass configMap to helm install
-```bash
-helm install --name artifactory-ha --set nginx.customConfigMap=nginx-config jfrog/artifactory-ha
-```
-
-### Scaling your Artifactory cluster
-A key feature in Artifactory HA is the ability to set an initial cluster size with `--set artifactory.node.replicaCount=${CLUSTER_SIZE}` and if needed, resize it.
-
-##### Before scaling
-**IMPORTANT:** When scaling, you need to explicitly pass the database password if it's an auto generated one (this is the default with the enclosed PostgreSQL helm chart).
-
-Get the current database password
-```bash
-export DB_PASSWORD=$(kubectl get $(kubectl get secret -o name | grep postgresql) -o jsonpath="{.data.postgresql-password}" | base64 --decode)
-```
-Use `--set postgresql.postgresqlPassword=${DB_PASSWORD}` with every scale action to prevent a miss configured cluster!
-
-##### Scale up
-Let's assume you have a cluster with **2** member nodes, and you want to scale up to **3** member nodes (a total of 4 nodes).
-```bash
-# Scale to 4 nodes (1 primary and 3 member nodes)
-helm upgrade --install artifactory-ha --set artifactory.node.replicaCount=3 --set postgresql.postgresqlPassword=${DB_PASSWORD} jfrog/artifactory-ha
-```
-
-##### Scale down
-Let's assume you have a cluster with **3** member nodes, and you want to scale down to **2** member node.
-
-```bash
-# Scale down to 2 member nodes
-helm upgrade --install artifactory-ha --set artifactory.node.replicaCount=2 --set postgresql.postgresqlPassword=${DB_PASSWORD} jfrog/artifactory-ha
-```
-- **NOTE:** Since Artifactory is running as a Kubernetes Stateful Set, the removal of the node will **not** remove the persistent volume. You need to explicitly remove it
-```bash
-# List PVCs
-kubectl get pvc
-
-# Remove the PVC with highest ordinal!
-# In this example, the highest node ordinal was 2, so need to remove its storage.
-kubectl delete pvc volume-artifactory-node-2
-```
-
-### Use an external Database
-
-#### PostgreSQL
-There are cases where you will want to use external PostgreSQL with a different database name e.g. `my-artifactory-db`, then you need set a custom PostgreSQL connection URL, where `my-artifactory-db` is the database name.
-
-This can be done with the following parameters
-```bash
-...
---set postgresql.enabled=false \
---set database.type=postgresql \
---set database.driver=org.postgresql.Driver \
---set database.url='jdbc:postgresql://${DB_HOST}:${DB_PORT}/my-artifactory-db' \
---set database.user=${DB_USER} \
---set database.password=${DB_PASSWORD} \
-...
-```
-**NOTE:** You must set `postgresql.enabled=false` in order for the chart to use the `database.*` parameters. Without it, they will be ignored!
-
-#### Other DB type
-There are cases where you will want to use a different database and not the enclosed **PostgreSQL**.
-See more details on [configuring the database](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Database)
-> The official Artifactory Docker images include the PostgreSQL database driver.
-> For other database types, you will have to add the relevant database driver to Artifactory's tomcat/lib
-
-This can be done with the following parameters
-```bash
-# Make sure your Artifactory Docker image has the MySQL database driver in it
-...
---set postgresql.enabled=false \
---set artifactory.preStartCommand="wget -O /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar" \
---set database.type=mysql \
---set database.driver=com.mysql.jdbc.Driver \
---set database.url=${DB_URL} \
---set database.user=${DB_USER} \
---set database.password=${DB_PASSWORD} \
-...
-```
-**NOTE:** You must set `postgresql.enabled=false` in order for the chart to use the `database.*` parameters. Without it, they will be ignored!
-
-#### Using pre-existing Kubernetes Secret
-If you store your database credentials in a pre-existing Kubernetes `Secret`, you can specify them via `database.secrets` instead of `database.user` and `database.password`:
-```bash
-# Create a secret containing the database credentials
-kubectl create secret generic my-secret --from-literal=user=${DB_USER} --from-literal=password=${DB_PASSWORD}
-...
---set postgresql.enabled=false \
---set database.secrets.user.name=my-secret \
---set database.secrets.user.key=user \
---set database.secrets.password.name=my-secret \
---set database.secrets.password.key=password \
-...
-```
-
-### Deleting Artifactory
-To delete the Artifactory HA cluster
-```bash
-helm delete --purge artifactory-ha
-```
-This will completely delete your Artifactory HA cluster.
-**NOTE:** Since Artifactory is running as Kubernetes Stateful Sets, the removal of the helm release will **not** remove the persistent volumes. You need to explicitly remove them
-```bash
-kubectl delete pvc -l release=artifactory-ha
-```
-See more details in the official [Kubernetes Stateful Set removal page](https://kubernetes.io/docs/tasks/run-application/delete-stateful-set/)
-
-### Custom Docker registry for your images
-If you need to pull your Docker images from a private registry (for example, when you have a custom image with a MySQL database driver), you need to create a
-[Kubernetes Docker registry secret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) and pass it to helm
-```bash
-# Create a Docker registry secret called 'regsecret'
-kubectl create secret docker-registry regsecret --docker-server=${DOCKER_REGISTRY} --docker-username=${DOCKER_USER} --docker-password=${DOCKER_PASS} --docker-email=${DOCKER_EMAIL}
-```
-Once created, you pass it to `helm`
-```bash
-helm install --name artifactory-ha --set imagePullSecrets=regsecret jfrog/artifactory-ha
-```
-
-### Logger sidecars
-This chart provides the option to add sidecars to tail various logs from Artifactory. See the available values in [values.yaml](values.yaml)
-
-Get list of containers in the pod
-```bash
-kubectl get pods -n <NAMESPACE> <POD_NAME> -o jsonpath='{.spec.containers[*].name}' | tr ' ' '\n'
-```
-
-View specific log
-```bash
-kubectl logs -n <NAMESPACE> <POD_NAME> -c <LOG_CONTAINER_NAME>
-```
-
-
-### Custom init containers
-There are cases where a special, unsupported init processes is needed like checking something on the file system or testing something before spinning up the main container.
-
-For this, there is a section for writing custom init containers before and after the predefined init containers in the [values.yaml](values.yaml) . By default it's commented out
-```yaml
-artifactory:
-  ## Add custom init containers executed before predefined init containers
-  customInitContainersBegin: |
-    ## Init containers template goes here ##
-  ## Add custom init containers executed after predefined init containers
-  customInitContainers: |
-    ## Init containers template goes here ##
-```
-
-### Custom sidecar containers
-There are cases where an extra sidecar container is needed. For example monitoring agents or log collection.
-
-For this, there is a section for writing a custom sidecar container in the [values.yaml](values.yaml). By default it's commented out
-```yaml
-artifactory:
-  ## Add custom sidecar containers
-  customSidecarContainers: |
-    ## Sidecar containers template goes here ##
-```
-
-You can configure the sidecar to run as a custom user if needed by setting the following in the container template
-```yaml
-  # Example of running container as root (id 0)
-  securityContext:
-    runAsUser: 0
-    fsGroup: 0
-```
-
-### Custom volumes
-If you need to use a custom volume in a custom init or sidecar container, you can use this option.
-
-For this, there is a section for defining custom volumes in the [values.yaml](values.yaml). By default it's commented out
-```yaml
-artifactory:
-  ## Add custom volumes
-  customVolumes: |
-    ## Custom volume comes here ##
-```
-
-### Add Artifactory User Plugin during installation
-If you need to add [Artifactory User Plugin](https://github.com/jfrog/artifactory-user-plugins), you can use this option.
-
-Create a secret with [Artifactory User Plugin](https://github.com/jfrog/artifactory-user-plugins) by following command:
-```bash
-# Secret with single user plugin
-kubectl  create secret generic archive-old-artifacts --from-file=archiveOldArtifacts.groovy --namespace=artifactory-ha 
-
-# Secret with single user plugin with configuration file
-kubectl  create secret generic webhook --from-file=webhook.groovy  --from-file=webhook.config.json.sample --namespace=artifactory-ha
-```
-
-Add plugin secret names to `plugins.yaml` as following:
-```yaml
-artifactory:
-  userPluginSecrets:
-    - archive-old-artifacts
-    - webhook
-```
-
-You can now pass the created `plugins.yaml` file to helm install command to deploy Artifactory with user plugins as follows:
-```bash
-helm install --name artifactory-ha -f plugins.yaml jfrog/artifactory-ha
-```
-
-Alternatively, you may be in a situation in which you would like to create a secret in a Helm chart that depends on this chart. In this scenario, the name of the secret is likely dynamically generated via template functions, so passing a statically named secret isn't possible. In this case, the chart supports evaluating strings as templates via the [`tpl`](https://helm.sh/docs/charts_tips_and_tricks/#using-the-tpl-function) function - simply pass the raw string containing the templating language used to name your secret as a value instead by adding the following to your chart's `values.yaml` file:
-```yaml
-artifactory-ha: # Name of the artifactory-ha dependency
-  artifactory:
-    userPluginSecrets:
-      - '{{ template "my-chart.fullname" . }}'
-```
-NOTE: By defining userPluginSecrets, this overrides any pre-defined plugins from the container image that are stored in /tmp/plugins.  At this time [artifactory-pro:6.9.0](https://bintray.com/jfrog/artifactory-pro) is distributed with `internalUser.groovy` plugin.  If you need this plugin in addition to your user plugins, you should include these additional plugins as part of your userPluginSecrets.
-
-### Provide custom configMaps to Artifactory
-If you want to mount a custom file to Artifactory, either an init shell script or a custom configuration file (such as `logback.xml`), you can use this option.
-
-Create a `configmaps.yaml` file with the following content:
-```yaml
-artifactory:
-  configMaps: |
-    logback.xml: |
-      <configuration debug="false">
-          <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
-              <encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
-                  <layout class="org.artifactory.logging.layout.BackTracePatternLayout">
-                      <pattern>%date [%-5level] \(%-20c{3}:%L\) %message%n</pattern>
-                  </layout>
-              </encoder>
-          </appender>
-      
-          <logger name="/artifactory">
-              <level value="INFO"/>
-              <appender-ref ref="CONSOLE"/>
-          </logger>
-          <logger name="org.eclipse.jetty">
-              <level value="WARN"/>
-              <appender-ref ref="CONSOLE"/>
-          </logger>
-      </configuration>
-
-    my-custom-post-start-hook.sh: |
-      echo "This is my custom post start hook"
-
-  customVolumeMounts: |
-    - name: artifactory-configmaps
-      mountPath: /tmp/my-config-map
-
-  postStartCommand: |
-    chmod +x /tmp/my-config-map/my-custom-post-start-hook.sh;
-    /tmp/my-config-map/my-custom-post-start-hook.sh;
-
-  copyOnEveryStartup:
-    - source: /tmp/my-config-map/logback.xml
-      target: etc/
-    
-```
-
-and use it with you helm install/upgrade:
-```bash
-helm install --name artifactory-ha -f configmaps.yaml jfrog/artifactory-ha
-```
-
-This will, in turn:
-* create a configMap with the files you specified above
-* create a volume pointing to the configMap with the name `artifactory-configmaps`
-* Mount said configMap onto `/tmp/my-config-map` using a `customVolumeMounts`
-* Set the shell script we mounted as the `postStartCommand`
-* Copy the `logback.xml` file to its proper location in the `$ARTIFACTORY_HOME/etc` directory. 
- 
-
-### Artifactory filebeat
-If you want to collect logs from your Artifactory installation and send them to a central log collection solution like ELK, you can use this option.
-
-Create a `filebeat.yaml` values file with the following content:
-```yaml
-filebeat:
-  enabled: true
-  logstashUrl: <YOUR_LOGSTASH_URL>
-  resources:
-    requests:
-      memory: "100Mi"
-      cpu: "100m"
-    limits:
-      memory: "100Mi"
-      cpu: "100m"
-```
-
-You can optionally customize the `filebeat.yaml` to send output to a different location like so:
-```yaml
-filebeat:
-  enabled: true
-  filebeatYml: |
-    <YOUR_CUSTOM_FILEBEAT_YML>
-```
-
-and use it with you helm install/upgrade:
-```bash
-helm install --name artifactory -f filebeat.yaml jfrog/artifactory
-```
-
-This will start sending your Artifactory logs to the log aggregator of your choice, based on your configuration in the `filebeatYml`
-
-## Configuration
-The following table lists the configurable parameters of the artifactory chart and their default values.
-
-|         Parameter            |           Description             |                         Default                       |
-|------------------------------|-----------------------------------|-------------------------------------------------------|
-| `imagePullSecrets`           | Docker registry pull secret       |                                                       |
-| `serviceAccount.create`   | Specifies whether a ServiceAccount should be created | `true`                                |
-| `serviceAccount.name`     | The name of the ServiceAccount to create             | Generated using the fullname template |
-| `serviceAccount.annotations`     | Artifactory service account annotations       | `` |
-| `rbac.create`             | Specifies whether RBAC resources should be created   | `true`                                |
-| `rbac.role.rules`         | Rules to create                   | `[]`                                                     |
-| `logger.image.repository` | repository for logger image       | `busybox`                                                |
-| `logger.image.tag`        | tag for logger image              | `1.30`                                                   |
-| `artifactory.name`                   | Artifactory name                     | `artifactory`                              |
-| `artifactory.image.pullPolicy`       | Container pull policy                | `IfNotPresent`                             |
-| `artifactory.image.repository`       | Container image                      | `docker.bintray.io/jfrog/artifactory-pro`  |
-| `artifactory.image.version`          | Container image tag                  | `.Chart.AppVersion`                        |
-| `artifactory.priorityClass.create`   | Create a PriorityClass object        | `false`                                    |
-| `artifactory.priorityClass.value`    | Priority Class value                 | `1000000000`                               |
-| `artifactory.priorityClass.name`     | Priority Class name                  | `{{ template "artifactory-ha.fullname" . }}` |
-| `artifactory.priorityClass.existingPriorityClass`      | Use existing priority class  | ``                               |
-| `artifactory.loggers`             | Artifactory loggers (see values.yaml for possible values) | `[]`                     |
-| `artifactory.catalinaLoggers`     | Artifactory Tomcat loggers (see values.yaml for possible values) | `[]`              |
-| `artifactory.customInitContainersBegin`| Custom init containers to run before existing init containers |                 |
-| `artifactory.customInitContainers`| Custom init containers to run after existing init containers |                       |
-| `artifactory.customSidecarContainers`| Custom sidecar containers            |                                            |
-| `artifactory.customVolumes`       | Custom volumes                    |                                                  |
-| `artifactory.customVolumeMounts`  | Custom Artifactory volumeMounts   |                                                  |
-| `artifactory.customPersistentPodVolumeClaim`  | Custom PVC spec to create and attach a unique PVC for each pod on startup with the volumeClaimTemplates feature in StatefulSet | |
-| `artifactory.customPersistentVolumeClaim`  | Custom PVC spec to be mounted to the all artifactory containers using a volume |                                                  |
-| `artifactory.userPluginSecrets`   | Array of secret names for Artifactory user plugins |                                 |
-| `artifactory.masterKey`           | Artifactory master key. A 128-Bit key size (hexadecimal encoded) string (32 hex characters). Can be generated with `openssl rand -hex 16`. NOTE: This key can be generated only once and cannot be updated once created |`FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF`|
-| `artifactory.masterKeySecretName` | Artifactory Master Key secret name                     |                             |
-| `artifactory.joinKey`                | Join Key to connect other services to Artifactory. Can be generated with `openssl rand -hex 16`  | `EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE`   |
-| `artifactory.accessAdmin.ip`                     | Artifactory access-admin ip to be set upon startup, can use (*) for 0.0.0.0| 127.0.0.1                                    |
-| `artifactory.accessAdmin.password`               | Artifactory access-admin password to be set upon startup|             |
-| `artifactory.accessAdmin.secret`                 | Artifactory access-admin secret name |                                |
-| `artifactory.accessAdmin.dataKey`                | Artifactory access-admin secret data key |                            |
-| `artifactory.preStartCommand`                    | Command to run before entrypoint starts |                             |
-| `artifactory.postStartCommand`                   | Command to run after container starts   |                             |
-| `artifactory.license.licenseKey` | Artifactory license key. Providing the license key as a parameter will cause a secret containing the license key to be created as part of the release. Use either this setting or the license.secret and license.dataKey. If you use both, the latter will be used.  |           |
-| `artifactory.configMaps` | configMaps to be created as volume by the name `artifactory-configmaps`. In order to use these configMaps, you will need to add `customVolumeMounts` to point to the created volume and mount it onto a container |           |
-| `artifactory.license.secret` | Artifactory license secret name              |                                            |
-| `artifactory.license.dataKey`| Artifactory license secret data key          |                                            |
-| `artifactory.service.name`   | Artifactory service name to be set in Nginx configuration | `artifactory`                 |
-| `artifactory.service.type`   | Artifactory service type                                  | `ClusterIP`                   |
-| `artifactory.service.clusterIP`| Specific cluster IP or `None` for headless services     | `nil`                         |
-| `artifactory.service.loadBalancerSourceRanges`| Artifactory service array of IP CIDR ranges to whitelist (only when service type is LoadBalancer) |  |
-| `artifactory.service.annotations` | Artifactory service annotations           | `{}`                            |
-| `artifactory.service.pool`   | Artifactory instances to be in the load balancing pool. `members` or `all` | `members`    |
-| `artifactory.externalPort`   | Artifactory service external port                         | `8082`                        |
-| `artifactory.internalPort`   | Artifactory service internal port (**DO NOT** use port lower than 1024)                         | `8082`                        |
-| `artifactory.internalArtifactoryPort` | Artifactory service internal port (**DO NOT** use port lower than 1024) | `8081`                                                  |
-| `artifactory.externalArtifactoryPort` | Artifactory service external port | `8081`                                                  |
-| `artifactory.extraEnvironmentVariables`          | Extra environment variables to pass to Artifactory. Supports evaluating strings as templates via the [`tpl`](https://helm.sh/docs/charts_tips_and_tricks/#using-the-tpl-function) function. See [documentation](https://www.jfrog.com/confluence/display/RTF/Installing+with+Docker#InstallingwithDocker-SupportedEnvironmentVariables) |   |
-| `artifactory.livenessProbe.enabled`              | Enable liveness probe                     |  `true`                                               |
-| `artifactory.livenessProbe.path`                 | liveness probe HTTP Get path              |  `/router/api/v1/system/health`                        |
-| `artifactory.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 180                                                   |
-| `artifactory.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                                                    |
-| `artifactory.livenessProbe.timeoutSeconds`       | When the probe times out                  | 10                                                    |
-| `artifactory.livenessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `artifactory.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `artifactory.readinessProbe.enabled`              | would you like a readinessProbe to be enabled           |  `true`                                |
-| `artifactory.readinessProbe.path`                      | readiness probe HTTP Get path                           |  `/router/api/v1/system/health`           |
-| `artifactory.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 60                                                    |
-| `artifactory.readinessProbe.periodSeconds`       | How often to perform the probe            | 10                                                    |
-| `artifactory.readinessProbe.timeoutSeconds`      | When the probe times out                  | 10                                                    |
-| `artifactory.readinessProbe.successThreshold`    | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `artifactory.readinessProbe.failureThreshold`    | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `artifactory.copyOnEveryStartup`     | List of files to copy on startup from source (which is absolute) to target (which is relative to ARTIFACTORY_HOME   |  |
-| `artifactory.deleteDBPropertiesOnStartup`    | Whether to delete the ARTIFACTORY_HOME/etc/db.properties file on startup. Disabling this will remove the ability for the db.properties to be updated with any DB-related environment variables change (e.g. DB_HOST, DB_URL)  | `true` |
-| `artifactory.database.maxOpenConnections`         | Maximum amount of open connections from Artifactory to the DB   | `80` |
-| `artifactory.haDataDir.enabled`         | Enable haDataDir for eventual storage in the HA cluster   | `false` |
-| `artifactory.haDataDir.path`         | Path to the directory intended for use with NFS eventual configuration for HA   | |
-| `artifactory.persistence.mountPath`    | Artifactory persistence volume mount path           | `"/var/opt/jfrog/artifactory"`  |
-| `artifactory.persistence.enabled`      | Artifactory persistence volume enabled              | `true`                          |
-| `artifactory.persistence.accessMode`   | Artifactory persistence volume access mode          | `ReadWriteOnce`                 |
-| `artifactory.persistence.size`         | Artifactory persistence or local volume size        | `200Gi`                         |
-| `artifactory.persistence.binarystore.enabled` | whether you want to mount the binarystore.xml file from a secret created by the chart. If `false` you will need need to get the binarystore.xml file into the file-system from either an `initContainer` or using a `preStartCommand`             | `true`                    |
-| `artifactory.persistence.binarystoreXml` | Artifactory binarystore.xml template              | See `values.yaml`               |
-| `artifactory.persistence.customBinarystoreXmlSecret` | A custom Secret for binarystore.xml   | ``                              |
-| `artifactory.persistence.maxCacheSize` | Artifactory cache-fs provider maxCacheSize in bytes | `50000000000`                   |
-| `artifactory.persistence.cacheProviderDir` | the root folder of binaries for the filestore cache. If the value specified starts with a forward slash ("/") it is considered the fully qualified path to the filestore folder. Otherwise, it is considered relative to the *baseDataDir*. | `cache`                   |
-| `artifactory.persistence.type`         | Artifactory HA storage type                         | `file-system`                   |
-| `artifactory.persistence.redundancy`   | Artifactory HA storage redundancy                   | `3`                             |
-| `artifactory.persistence.nfs.ip`            | NFS server IP                        |                                     |
-| `artifactory.persistence.nfs.haDataMount`   | NFS data directory                   | `/data`                             |
-| `artifactory.persistence.nfs.haBackupMount` | NFS backup directory                 | `/backup`                           |
-| `artifactory.persistence.nfs.dataDir`       | HA data directory                    | `/var/opt/jfrog/artifactory-ha`     |
-| `artifactory.persistence.nfs.backupDir`     | HA backup directory                  | `/var/opt/jfrog/artifactory-backup` |
-| `artifactory.persistence.nfs.capacity`      | NFS PVC size                         | `200Gi`                             |
-| `artifactory.persistence.nfs.mountOptions`            | NFS mount options | `[]`                                    |
-| `artifactory.persistence.eventual.numberOfThreads`  | Eventual number of threads   | `10`                                |
-| `artifactory.persistence.googleStorage.endpoint`    | Google Storage API endpoint| `storage.googleapis.com`             |
-| `artifactory.persistence.googleStorage.httpsOnly`   | Google Storage API has to be consumed https only| `false`             |
-| `artifactory.persistence.googleStorage.bucketName`  | Google Storage bucket name          | `artifactory-ha`             |
-| `artifactory.persistence.googleStorage.identity`    | Google Storage service account id   |                              |
-| `artifactory.persistence.googleStorage.credential`  | Google Storage service account key  |                              |
-| `artifactory.persistence.googleStorage.path`        | Google Storage path in bucket       | `artifactory-ha/filestore`   |
-| `artifactory.persistence.googleStorage.bucketExists`| Google Storage bucket exists therefore does not need to be created.| `false`             |
-| `artifactory.persistence.awsS3.bucketName`          | AWS S3 bucket name                     | `artifactory-ha`             |
-| `artifactory.persistence.awsS3.endpoint`            | AWS S3 bucket endpoint                 | See https://docs.aws.amazon.com/general/latest/gr/rande.html |
-| `artifactory.persistence.awsS3.region`              | AWS S3 bucket region                   |                              |
-| `artifactory.persistence.awsS3.roleName`            | AWS S3 IAM role name                   |                             |
-| `artifactory.persistence.awsS3.identity`            | AWS S3 AWS_ACCESS_KEY_ID               |                              |
-| `artifactory.persistence.awsS3.credential`          | AWS S3 AWS_SECRET_ACCESS_KEY           |                              |
-| `artifactory.persistence.awsS3.properties`          | AWS S3 additional properties           |                              |
-| `artifactory.persistence.awsS3.path`                | AWS S3 path in bucket                  | `artifactory-ha/filestore`   |
-| `artifactory.persistence.awsS3.refreshCredentials`  | AWS S3 renew credentials on expiration | `true` (When roleName is used, this parameter will be set to true) |
-| `artifactory.persistence.awsS3.httpsOnly`  | AWS S3 https access to the bucket only | `true` |
-| `artifactory.persistence.awsS3.testConnection`      | AWS S3 test connection on start up     | `false`                      |
-| `artifactory.persistence.awsS3.s3AwsVersion`        | AWS S3 signature version               | `AWS4-HMAC-SHA256`           |
-| `artifactory.persistence.awsS3V3.testConnection`        | AWS S3 test connection on start up               | `false`                      |
-| `artifactory.persistence.awsS3V3.identity`            | AWS S3 AWS_ACCESS_KEY_ID               |                              |
-| `artifactory.persistence.awsS3V3.credential`          | AWS S3 AWS_SECRET_ACCESS_KEY           |                              |
-| `artifactory.persistence.awsS3V3.region`        | AWS S3 bucket region               |                       |
-| `artifactory.persistence.awsS3V3.bucketName`        | AWS S3 bucket name               | `artifactory-aws`                      |
-| `artifactory.persistence.awsS3V3.path`                | AWS S3 path in bucket                  | `artifactory/filestore`   |
-| `artifactory.persistence.awsS3V3.endpoint`            | AWS S3 bucket endpoint                 | See https://docs.aws.amazon.com/general/latest/gr/rande.html |
-| `artifactory.persistence.awsS3V3.kmsServerSideEncryptionKeyId`        | AWS S3 encryption key ID or alias  |              |
-| `artifactory.persistence.awsS3V3.kmsKeyRegion`        | AWS S3 KMS Key region  |              |
-| `artifactory.persistence.awsS3V3.kmsCryptoMode`        | AWS S3 KMS encryption mode  | See https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-AmazonS3OfficialSDKTemplate |
-| `artifactory.persistence.awsS3V3.useInstanceCredentials`        | AWS S3 Use default authentication mechanism  | See https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-authentication             |
-| `artifactory.persistence.awsS3V3.usePresigning`        | AWS S3 Use URL signing  | `false`            |
-| `artifactory.persistence.awsS3V3.signatureExpirySeconds`        | AWS S3 Validity period in seconds for signed URLs  | `300`            |
-| `artifactory.persistence.awsS3V3.cloudFrontDomainName`        | AWS CloudFront domain name  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.awsS3V3.cloudFrontKeyPairId`        | AWS CloudFront key pair ID  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.awsS3V3.cloudFrontPrivateKey`        | AWS CloudFront private key  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.azureBlob.accountName`     | Azure Blob Storage account name        | ``                        |
-| `artifactory.persistence.azureBlob.accountKey`      | Azure Blob Storage account key         | ``                        |
-| `artifactory.persistence.azureBlob.endpoint`        | Azure Blob Storage endpoint            | ``                        |
-| `artifactory.persistence.azureBlob.containerName`   | Azure Blob Storage container name      | ``                        |
-| `artifactory.persistence.azureBlob.testConnection`  | Azure Blob Storage test connection     | `false`                   |
-| `artifactory.persistence.fileSystem.existingSharedClaim`  | Enable using an existing shared pvc | `false`                             |
-| `artifactory.persistence.fileStorage.dataDir`             | HA data directory                   | `/var/opt/jfrog/artifactory/artifactory-data`     |
-| `artifactory.persistence.fileStorage.backupDir`           | HA backup directory                 | `/var/opt/jfrog/artifactory-backup` |
-| `artifactory.javaOpts.other`                        | Artifactory additional java options (for all nodes) |              |
-| `artifactory.primary.labels`                    | Artifactory primary node labels                  | `{}`                |
-| `artifactory.primary.resources.requests.memory` | Artifactory primary node initial memory request  |                     |
-| `artifactory.primary.resources.requests.cpu`    | Artifactory primary node initial cpu request     |                     |
-| `artifactory.primary.resources.limits.memory`   | Artifactory primary node memory limit            |                     |
-| `artifactory.primary.resources.limits.cpu`      | Artifactory primary node cpu limit               |                     |
-| `artifactory.primary.javaOpts.xms`              | Artifactory primary node java Xms size           |                     |
-| `artifactory.primary.javaOpts.xmx`              | Artifactory primary node java Xms size           |                     |
-| `artifactory.primary.javaOpts.corePoolSize` | The number of async processes that can run in parallel in the primary node - https://jfrog.com/knowledge-base/how-do-i-tune-artifactory-for-heavy-loads/  |   `16` |
-| `artifactory.primary.javaOpts.jmx.enabled`              | Enable JMX monitoring           |  `false`                                        |
-| `artifactory.primary.javaOpts.jmx.port`              | JMX Port number            |  `9010`                                        |
-| `artifactory.primary.javaOpts.jmx.host`              | JMX hostname (parsed as a helm template)   |  `{{ template "artifactory-ha.primary.name" $ }}` |
-| `artifactory.primary.javaOpts.jmx.ssl`              | Enable SSL           |  `false` |
-| `artifactory.primary.javaOpts.jmx.authenticate`              | Enable JMX authentication           |  `false` |
-| `artifactory.primary.javaOpts.jmx.accessFile`              | The path to the JMX access file, when JMX authentication is enabled           | |
-| `artifactory.primary.javaOpts.jmx.passwordFile`              | The path to the JMX password file, when JMX authentication is enabled           | |
-| `artifactory.primary.javaOpts.other`            | Artifactory primary node additional java options |                     |
-| `artifactory.primary.persistence.existingClaim` | Whether to use an existing pvc for the primary node | `false`            |
-| `artifactory.node.labels`                       | Artifactory member node labels                   | `{}`                |
-| `artifactory.node.replicaCount`                 | Artifactory member node replica count            | `2`                 |
-| `artifactory.node.minAvailable`                 | Artifactory member node min available count      | `1`                 |
-| `artifactory.node.resources.requests.memory`    | Artifactory member node initial memory request   |                     |
-| `artifactory.node.resources.requests.cpu`       | Artifactory member node initial cpu request      |                     |
-| `artifactory.node.resources.limits.memory`      | Artifactory member node memory limit             |                     |
-| `artifactory.node.resources.limits.cpu`         | Artifactory member node cpu limit                |                     |
-| `artifactory.node.javaOpts.xms`                 | Artifactory member node java Xms size            |                     |
-| `artifactory.node.javaOpts.xmx`                 | Artifactory member node java Xms size            |                     |
-| `artifactory.node.javaOpts.corePoolSize` | The number of async processes that can run in parallel in the member nodes - https://jfrog.com/knowledge-base/how-do-i-tune-artifactory-for-heavy-loads/  |   `16` |
-| `artifactory.node.javaOpts.jmx.enabled`              | Enable JMX monitoring           |  `false`                                        |
-| `artifactory.node.javaOpts.jmx.port`              | JMX Port number            |  `9010`                                        |
-| `artifactory.node.javaOpts.jmx.host`              | JMX hostname (parsed as a helm template)           |  `{{ template "artifactory-ha.fullname" $ }}` |
-| `artifactory.node.javaOpts.jmx.ssl`              | Enable SSL           |  `false` |
-| `artifactory.node.javaOpts.jmx.authenticate`              | Enable JMX authentication           |  `false` |
-| `artifactory.node.javaOpts.jmx.accessFile`              | The path to the JMX access file, when JMX authentication is enabled           | |
-| `artifactory.node.javaOpts.jmx.passwordFile`              | The path to the JMX password file, when JMX authentication is enabled           | |
-| `artifactory.node.javaOpts.other`               | Artifactory member node additional java options  |                     |
-| `artifactory.node.persistence.existingClaim`    | Whether to use existing PVCs for the member nodes | `false`            |
-| `artifactory.node.waitForPrimaryStartup.enabled`    | Whether to wait for the primary node to start before starting up the member nodes | `false`            |
-| `artifactory.node.waitForPrimaryStartup.time`    | The amount of time to wait for the primary node to start before starting up the member nodes | `60`            |
-| `artifactory.systemYaml`                      | Artifactory system configuration (`system.yaml`) as described here - https://www.jfrog.com/confluence/display/JFROG/Artifactory+System+YAML  | `see values.yaml`    |
-| `access.database.maxOpenConnections`                      | Maximum amount of open connections from Access to the DB  | `80`    |
-| `initContainers.resources.requests.memory`    | Init containers initial memory request   |                     |
-| `initContainers.resources.requests.cpu`       | Init containers initial cpu request      |                     |
-| `initContainers.resources.limits.memory`      | Init containers memory limit             |                     |
-| `initContainers.resources.limits.cpu`         | Init containers cpu limit                |                     |
-| `ingress.enabled`           | If true, Artifactory Ingress will be created | `false`                                     |
-| `ingress.annotations`       | Artifactory Ingress annotations     | `{}`                                                 |
-| `ingress.labels`       | Artifactory Ingress labels     | `{}`                                                           |
-| `ingress.hosts`             | Artifactory Ingress hostnames       | `[]`                                                 |
-| `ingress.routerPath`              | Router Ingress path            | `/`                                                  |
-| `ingress.artifactoryPath`              | Artifactory Ingress path            | `/artifactory`                                                  |
-| `ingress.tls`               | Artifactory Ingress TLS configuration (YAML) | `[]`                                        |
-| `ingress.defaultBackend.enabled` | If true, the default `backend` will be added using serviceName and servicePort | `true` |
-| `ingress.annotations`       | Ingress annotations, which are written out if annotations section exists in values. Everything inside of the annotations section will appear verbatim inside the resulting manifest. See `Ingress annotations` section below for examples of how to leverage the annotations, specifically for how to enable docker authentication. |  |
-| `ingress.additionalRules`       | Ingress additional rules to be added to the Artifactory ingress. | `[]`  |
-| `nginx.enabled`             | Deploy nginx server                      | `true`                                          |
-| `nginx.name`                | Nginx name                        | `nginx`                                                |
-| `nginx.replicaCount`        | Nginx replica count               | `1`                                                    |
-| `nginx.uid`                 | Nginx User Id                     | `104`                                                  |
-| `nginx.gid`                 | Nginx Group Id                    | `107`                                                  |
-| `nginx.image.repository`    | Container image                   | `docker.bintray.io/jfrog/nginx-artifactory-pro`        |
-| `nginx.image.version`       | Container version                 | `.Chart.AppVersion`                                    |
-| `nginx.image.pullPolicy`    | Container pull policy             | `IfNotPresent`                                         |
-| `nginx.labels`              | Nginx deployment labels           | `{}`                                                   |
-| `nginx.loggers`        | Artifactory loggers (see values.yaml for possible values) | `[]`                           |
-| `nginx.mainConf`        | Content of the Artifactory nginx main nginx.conf config file | `see values.yaml`                           |
-| `nginx.artifactoryConf`        | Content of Artifactory nginx artifactory.conf config file | `see values.yaml`                           |
-| `nginx.service.type`        | Nginx service type                | `LoadBalancer`                                         |
-| `nginx.service.clusterIP`   | Specific cluster IP or `None` for headless services     | `nil`                         |
-| `nginx.service.loadBalancerSourceRanges`| Nginx service array of IP CIDR ranges to whitelist (only when service type is LoadBalancer) |        |
-| `nginx.service.labels`       | Nginx service labels     | `{}`                                                           |
-| `nginx.service.annotations` | Nginx service annotations           | `{}`                            |
-| `nginx.service.externalTrafficPolicy`| Nginx service desires to route external traffic to node-local or cluster-wide endpoints. | `Cluster` |
-| `nginx.loadBalancerIP`| Provide Static IP to configure with Nginx |                                 |
-| `nginx.http.enabled` | Nginx http service enabled/disabled            | true                            |
-| `nginx.http.externalPort` | Nginx service external port            | `80`                            |
-| `nginx.http.internalPort` | Nginx service internal port            | `80`                            |
-| `nginx.https.enabled` | Nginx http service enabled/disabled            | true                            |
-| `nginx.https.externalPort` | Nginx service external port           | `443`                           |
-| `nginx.https.internalPort` | Nginx service internal port           | `443`                           |
-| `nginx.externalPortHttp` | DEPRECATED: Nginx service external port            | `80`                            |
-| `nginx.internalPortHttp` | DEPRECATED: Nginx service internal port            | `80`                            |
-| `nginx.externalPortHttps` | DEPRECATED: Nginx service external port           | `443`                           |
-| `nginx.internalPortHttps` | DEPRECATED: Nginx service internal port           | `443`                           |
-| `nginx.livenessProbe.enabled`              | would you like a liveness Probe to be enabled          |  `true`                                  |
-| `nginx.livenessProbe.path`                 | liveness probe HTTP Get path              |  `/router/api/v1/system/health`                    |
-| `nginx.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 100                                                   |
-| `nginx.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                                                    |
-| `nginx.livenessProbe.timeoutSeconds`       | When the probe times out                  | 10                                                    |
-| `nginx.livenessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `nginx.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `nginx.readinessProbe.enabled`             | would you like a readinessProbe to be enabled           |  `true`                                 |
-| `nginx.readinessProbe.path`                     | Readiness probe HTTP Get path                           |  `/router/api/v1/system/health` |
-| `nginx.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 60                                                    |
-| `nginx.readinessProbe.periodSeconds`       | How often to perform the probe            | 10                                                    |
-| `nginx.readinessProbe.timeoutSeconds`      | When the probe times out                  | 10                                                    |
-| `nginx.readinessProbe.successThreshold`    | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `nginx.readinessProbe.failureThreshold`    | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `nginx.tlsSecretName` |  SSL secret that will be used by the Nginx pod |                                                 |
-| `nginx.customConfigMap`           | Nginx CustomeConfigMap name for `nginx.conf` | ` `                                   |
-| `nginx.customArtifactoryConfigMap`| Nginx CustomeConfigMap name for `artifactory-ha.conf` | ` `                          |
-| `nginx.resources.requests.memory` | Nginx initial memory request               | `250Mi`                                 |
-| `nginx.resources.requests.cpu`    | Nginx initial cpu request                  | `100m`                                  |
-| `nginx.resources.limits.memory`   | Nginx memory limit                         | `250Mi`                                 |
-| `nginx.resources.limits.cpu`      | Nginx cpu limit                            | `500m`                                  |
-| `nginx.persistence.mountPath` | Nginx persistence volume mount path | `"/var/opt/jfrog/nginx"`                           |
-| `nginx.persistence.enabled` | Nginx persistence volume enabled. This is only available when the nginx.replicaCount is set to 1 | `false`                                                  |
-| `nginx.persistence.accessMode` | Nginx persistence volume access mode | `ReadWriteOnce`                                  |
-| `nginx.persistence.size` | Nginx persistence volume size | `5Gi`                                                         |
-| `waitForDatabase`                 | Wait for database (using wait-for-db init container)  | `true`                       | 
-| `postgresql.enabled`              | Use enclosed PostgreSQL as database        | `true`                                  |
-| `postgresql.imageTag`             | PostgreSQL version                         | `9.6.11`                                |
-| `postgresql.postgresqlDatabase`   | PostgreSQL database name                   | `artifactory`                           |
-| `postgresql.postgresqlUsername`   | PostgreSQL database user                   | `artifactory`                           |
-| `postgresql.postgresqlPassword`   | PostgreSQL database password               |                                         |
-| `postgresql.persistence.enabled`  | PostgreSQL use persistent storage          | `true`                                  |
-| `postgresql.persistence.size`     | PostgreSQL persistent storage size         | `50Gi`                                  |
-| `postgresql.service.port`         | PostgreSQL database port                   | `5432`                                  |
-| `postgresql.resources.requests.memory`    | PostgreSQL initial memory request  |                                         |
-| `postgresql.resources.requests.cpu`       | PostgreSQL initial cpu request     |                                         |
-| `postgresql.resources.limits.memory`      | PostgreSQL memory limit            |                                         |
-| `postgresql.resources.limits.cpu`         | PostgreSQL cpu limit               |                                         |
-| `database.type`                  | External database type (`postgresql`, `mysql`, `oracle` or `mssql`)  |                       |
-| `database.driver`                | External database driver e.g. `org.postgresql.Driver`  |                       |
-| `database.url`                   | External database connection URL                   |                                         |
-| `database.user`                  | External database username                         |                                         |
-| `database.password`              | External database password                         |                                         |
-| `database.secrets.user.name`     | External database username `Secret` name           |                                         |
-| `database.secrets.user.key`      | External database username `Secret` key            |                                         |
-| `database.secrets.password.name` | External database password `Secret` name           |                                         |
-| `database.secrets.password.key`  | External database password `Secret` key            |                                         |
-| `database.secrets.url.name     ` | External database url `Secret` name                |                                         |
-| `database.secrets.url.key`       | External database url `Secret` key                 |                                         |
-| `networkpolicy.name`             | Becomes part of the NetworkPolicy object name                                  | `artifactory`                           |
-| `networkpolicy.podselector`      | Contains the YAML that specifies how to match pods. Usually using matchLabels. |                                         |
-| `networkpolicy.ingress`          | YAML snippet containing to & from rules applied to incoming traffic            | `- {}` (open to all inbound traffic)    |
-| `networkpolicy.egress`           | YAML snippet containing to & from rules applied to outgoing traffic            | `- {}` (open to all outbound traffic)   |
-| `filebeat.enabled`           | Enable a filebeat container to send your logs to a log management solution like ELK            | `false`   |
-| `filebeat.name`           | filebeat container name            | `artifactory-filebeat`   |
-| `filebeat.image.repository`           | filebeat Docker image repository            | `docker.elastic.co/beats/filebeat`   |
-| `filebeat.image.version`           | filebeat Docker image version            | `7.5.1`   |
-| `filebeat.logstashUrl`           | The URL to the central Logstash service, if you have one            | `logstash:5044`   |
-| `filebeat.livenessProbe.exec.command`           | liveness probe exec command            | see [values.yaml](stable/artifactory-ha/values.yaml)   |
-| `filebeat.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `filebeat.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 180                       |
-| `filebeat.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                        |
-| `filebeat.readinessProbe.exec.command`           | readiness probe exec command            | see [values.yaml](stable/artifactory-ha/values.yaml)   |
-| `filebeat.readinessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `filebeat.readinessProbe.initialDelaySeconds`  | Delay before readiness probe is initiated  | 180                       |
-| `filebeat.readinessProbe.periodSeconds`        | How often to perform the probe            | 10                        |
-| `filebeat.resources.requests.memory` | Filebeat initial memory request                  |                          |
-| `filebeat.resources.requests.cpu`    | Filebeat initial cpu request     |                                          |
-| `filebeat.resources.limits.memory`   | Filebeat memory limit            |                                          |
-| `filebeat.resources.limits.cpu`      | Filebeat cpu limit               |                                          |
-| `filebeat.filebeatYml`      | Filebeat yaml configuration file                | see [values.yaml](stable/artifactory-ha/values.yaml)                                         |
-
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
-
-### Ingress and TLS
-To get Helm to create an ingress object with a hostname, add these two lines to your Helm command:
-```bash
-helm install --name artifactory-ha \
-  --set ingress.enabled=true \
-  --set ingress.hosts[0]="artifactory.company.com" \
-  --set artifactory.service.type=NodePort \
-  --set nginx.enabled=false \
-  jfrog/artifactory-ha
-```
-
-If your cluster allows automatic creation/retrieval of TLS certificates (e.g. [cert-manager](https://github.com/jetstack/cert-manager)), please refer to the documentation for that mechanism.
-
-To manually configure TLS, first create/retrieve a key & certificate pair for the address(es) you wish to protect. Then create a TLS secret in the namespace:
-
-```bash
-kubectl create secret tls artifactory-tls --cert=path/to/tls.cert --key=path/to/tls.key
-```
-
-Include the secret's name, along with the desired hostnames, in the Artifactory Ingress TLS section of your custom `values.yaml` file:
-
-```yaml
-  ingress:
-    ## If true, Artifactory Ingress will be created
-    ##
-    enabled: true
-
-    ## Artifactory Ingress hostnames
-    ## Must be provided if Ingress is enabled
-    ##
-    hosts:
-      - artifactory.domain.com
-    annotations:
-      kubernetes.io/tls-acme: "true"
-    ## Artifactory Ingress TLS configuration
-    ## Secrets must be manually created in the namespace
-    ##
-    tls:
-      - secretName: artifactory-tls
-        hosts:
-          - artifactory.domain.com
-```
-
-### Ingress annotations
-
-This example specifically enables Artifactory to work as a Docker Registry using the Repository Path method. See [Artifactory as Docker Registry](https://www.jfrog.com/confluence/display/RTF/Getting+Started+with+Artifactory+as+a+Docker+Registry) documentation for more information about this setup.
-
-```yaml
-ingress:
-  enabled: true
-  defaultBackend:
-    enabled: false
-  hosts:
-    - myhost.example.com
-  annotations:
-    ingress.kubernetes.io/force-ssl-redirect: "true"
-    ingress.kubernetes.io/proxy-body-size: "0"
-    ingress.kubernetes.io/proxy-read-timeout: "600"
-    ingress.kubernetes.io/proxy-send-timeout: "600"
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/configuration-snippet: |
-      rewrite ^/(v2)/token /artifactory/api/docker/null/v2/token;
-      rewrite ^/(v2)/([^\/]*)/(.*) /artifactory/api/docker/$2/$1/$3;
-    nginx.ingress.kubernetes.io/proxy-body-size: "0"
-  tls:
-    - hosts:
-      - "myhost.example.com"
-```
-
-### Ingress additional rules
-
-You have the option to add additional ingress rules to the Artifactory ingress. An example for this use case can be routing the /xray path to Xray.
-In order to do that, simply add the following to a `artifactory-ha-values.yaml` file:
-```yaml
-ingress:
-  enabled: true
-
-  defaultBackend:
-    enabled: false
-
-  annotations:
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/configuration-snippet: |
-      rewrite "(?i)/xray(/|$)(.*)" /$2 break;
-
-  additionalRules: |
-    - host: <MY_HOSTNAME>
-      http:
-        paths:
-          - path: /
-            backend:
-              serviceName: <XRAY_SERVER_SERVICE_NAME>
-              servicePort: <XRAY_SERVER_SERVICE_PORT>
-          - path: /xray
-            backend:
-              serviceName: <XRAY_SERVER_SERVICE_NAME>
-              servicePort: <XRAY_SERVER_SERVICE_PORT>
-          - path: /artifactory
-            backend:
-              serviceName: {{ template "artifactory.nginx.fullname" . }}
-              servicePort: {{ .Values.nginx.externalPortHttp }}
-``` 
-
-and running:
-```bash
-helm upgrade --install artifactory-ha jfrog/artifactory-ha -f artifactory-ha-values.yaml
-```
-
-
-
-## Useful links
-- https://www.jfrog.com/confluence/display/EP/Getting+Started
-- https://www.jfrog.com/confluence/display/RTF/Installing+Artifactory
-- https://www.jfrog.com/confluence/
+# Openshift artifactory ha helm chart
+This chart extends the base artifactory-ha chart to make it compatiable with openshift 4 clusters
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/charts/artifactory-ha-2.0.25.tgz b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/charts/artifactory-ha-2.0.25.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..a3f1ca8e4c7dc27e8fb38ab147312454df6bbdba
GIT binary patch
literal 111438
zcmV)oK%BoHiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMZ}dfT>=Fn<2lRiLzbZ1;rvu;a8<;_R!~a-!B>D>-TNYkO3P
zge24y!4jZt)%8AmA@6&0dnLaI1AqiSB+E{k?%A!{CzeQHFc<)XnZaNN$AV6<Cs@32
zXSjJV!?9>A@I3h2$NRKet=5-&d+@i_Y8C&scXport-bqfx7~i$e!A2CTdV!F-ERF2
zwLT&aOFs!0IR0DfgWD>0?qB4CBl?cSoU*WkuG%#mMd{Bk8#|45%_rQ8X(Zs$+mK$7
znBxEqNW?gm(*~X35Kl>rcoIb{7Brk990X{Ne_=6-uy={4^4WyNb1e9i8bafQ20jvu
z1svhfM+bexNh~2ZYBM$`9W)an;+<ym`ue)@%OqyghR5bjYqB<L)RP#Qf-$~sOsSY9
z<AjsgW1%3SfJ#uk>B))Bn{&(siJM&DaX^}d$se#O%RQ418c{f{U6RE$i+$dyxyUL|
za}hwVxyUD1EaJ5}rlG(zBr%jFb4-H{!gDHSm;Wd2NDZM7%WlF88uF~Dk3&iVQc+gF
z`HjR`X%hI@#}$Rui>zQw=a|nc3dVGv@ZV}0og6)CoF%bGpd*INV;YJWFD$}FG4m5o
zG`~5D+0^Y?5YA)PyrSgVs;)+;G%U3%Gv{_1t;Wt??ay8n|9d`#C2)m<gz%5N0j%Wz
z?cFc;T2G7oe|PW8zxe;B_-vp<GQmk8kQ#c)rVD(aQQJTlGs+R=2&4DilVex$azT7F
zp#hNvUXg1Y6LdWzA@XK81eUKs&PYre=simipRpwH(PhZ4(e(@qv|tI6^?XLd>1VYK
z)b%{VITABsYF|?^L$|l6@lMUnOR{M2WPC{$=<cpo+dv0wK4)Q#hEyCd&3*fGJS83E
z;2@$Q>FhSzEvHtaAs09ZNZhF*Bo+~of1>~k*`JPtb;NS}Sd;_->|HUNqbR0VSP&GG
zDdi%jgx9ES<~#|4A@O1&xP-BR1}q@x73Rb@-H~|3EP$6}lI>cT$(Y0;5rj7=Yx>ON
zP3+HU*u;sLv6%jb<-XgD$JlGu<i8SOFD6)!4ia%fY6!(FfPNq(p(g?1NHATff%*bX
zSP-ylMN?TA@rZbILOlQuHDg&#0dWzI=<Apzk$xZ_ZEotXF-bQC^G@#E)FV87Ktexa
zG!)sBi23Hn6^X}I<tY*A_iHS?S^6uWTmUtP3ce&IOG2?e4K-peRu#Fc9@jQDYWkH1
zSwYkdIpqoLk%&!zbi-U7N#lf*hAP{ippXf~i2!*<0h8-Rf_s9n0z^5Ql90q$E}VqR
zi6sF~k|2Qhg3RS)BxZB2A%w$_2^c5dLAQ5u3QuFgfr2EILX6)*6C7|^$yY1+74|Mk
z=qn<pg-plLTRAV&8G>+#`U)nBiN|7Jc4@}A;2reCPcXj{LE>{PW*yX&C}qq+Kg@|`
zWt?TB`9ad1Xm|nUyn`gOxTz>60`6i@3MP)k-l-uJ;4uj@up-8j3H4l9%ZS_v5{Edb
zctykXl?Y7F<lKT~i{=RzXiU%?hY1dXg(i-VXb3|jhl5AhQ{xSjURFE>sR?8lm)zia
z6cASg9Lg9X>L0MMGCDPUCPl@Du2q9lUEimYY&byF42fKrlBVe^SmDrtS}i2vn#Gq9
z3#hkHEp^pemjbwfA!j6kuQiE9Nz{XR5;1>B0wN!n)j5~z@mLXDKSBscQAtjOd6rH~
z*#-;`Le^wWpKhSHp~vQPqSg?W_#zet3mYnM449;BK2Ji)s)*VMBF2RT`fGr;=*0Tj
z&@<hvx@|pDs=HY^JsySrZdCPn!|rnlg4MYV=$_mp?BT9#Vns8{$O~NX5DPrUoFI>d
z6FN;|wZP=7x17Kvy~b3?o!RxrNN$F*sM-x1Xh?wCz$xSxeo3R6tZ>9)16uP43G%>h
z#Fh+XJJt~RBqE_tLT@2!#Wq{EMEz`48#QbkuyH{b%b+#~z3$;juQB%}tInS1c%Eiw
zumP+2rMKlp2l>pqByq#&DwOH>Mq}-uF%==6(`If^5fXUXL0>nXHQIZwPsS97?$>Vo
zbz4daY00--a+2~I%1WGL&ZWB8L5`Dqkx_bC)g0kfzvM<p!mjVj*(R61v-!oQQ&SV^
z=75DE@ien_+Iy`QG%58dS<NHW+W<nG{zf`zul1VNklDjKnia&NgZ7^8?$qoJ-z;Ag
zlV1~Jv$i>z167^9_Ra})%wsP~BucH;Tt5ovoK{t9zb;nV)0INzlXMNi{--wE)3Xa}
z13g#d8~*#T;@6Zbo{YB2>|r04!1fafND7}PZ-*CJAX*?V;eySPZ`PVm1g3!!U=fRv
zrQM=y8U%oc)E`96)UhQ?Kc-ho)>K%__N0g)aZcjk2?_|lBCt;Yla_=>WF84QCz3eG
z*SrSNIiQ!s?qar)OQ>pFG7I0(#~&*|k)D@Nq~s#sa3f^P_P9dT6v{U~lZcWV%0Vpt
zHeJxVMQ%6gk0nYz2?fOghsG4FLW{a;Hn9u}FcH)eb7G&n)?!KL$t969#~-`0l75;)
z{UI<+Mg7K*{y}KOfm5pmY&una$T6mj@obJ0z8JHc&5Yk{wi~;xO{siX)2n7R*2&C8
z#eH{4D^7_6YIBPXAc~pdA{*$G!TiAjjTc6WMArnSNoEn0b8Sk5YE<H`Ya8Q@Vjf8l
zoGW<*^(UuHoX3QdP$&uKK+Bv`mtrv$3j`uyy0vtRA^?jO5@9y^Sg7RK)3b{na?uIC
zq4Q*}1PS7+=_O@$4D(5Lhla$@TBIDcTjnDtynb;2!YFjYC<8{YMha>tUlHc?*%gUn
z>XVdga-=k2j1Uh6-xj)&r+}_u-k#@ig8m+ofaqoJj~h|UA`%NK_hlLo$@sd1i~dpf
z;NooXe)Q(-q}L?EYvziAjv%2NzB*4Io`pln!ICK59Bf_&o6K26!rVslRZHOnW&xkZ
zL=73`AZUj^@nJ~i(1Fx;dNf4jii9G;L0*D^a&Nj)=fHA%Jfv}9$I1pFlIn(P_=p-k
zmqiQtx72yWLPW4P%grgSdMfoj7A?-g-W7=#ru%A5Z=mj&vmg-!+EWi*q;|o)vNIYp
zCb)=k)Ev_g#|ti4Od2<HBO)THss>olD^iK0DJF0{C8C4mfEARfM`L6w8v*q`7Dh^K
zqCW9(oC%nE1!D@<5}V=yo62dY7-Ob*xkid;1Z=9Gzyz^=+ceFd>Utv)OLZ)Jj=|Dm
zKd=dq0ZnM&k7zhyqdA?bIS8-e{joyR?pP`SWxW_YL?(Lnv?LPk?A<F7?R-_LwI@ZQ
zb;y6g<{lPk%fkW(G{oCx5X^()(qNc37NMk6;?C94j`cWT9uDL?>zQ3jv4tuOrbTKN
z(D}2edSa%7F#sy7-?PSzTq$2RZfXdnQ)Zb|E$E!EL=1_?LZ5fg?z5I+m7v`l0W+_i
zaYSy2mq62FGGQ@6k(8g*zEvnI=>|ahwz-qPB2yZ6(C>yhXt6~VbvY49ly;nI+o)wz
zE!$4f-Ce%IxwWy|RqbU41sj<NU;~kwJPv(J;dRj_pKa!TyI%gcV2PJA{@SfsN={?W
zl2DvuF++EEO=F6&d!NF+VnH$|CtwlGA(Mhw-oIrnI<^+CNUxePoB#5$f5_y(6G7sK
z&yByP#echLQ5tk!V(FT<Ud$vnU{_SiRJsRJuHp!rx(X)RQa|6pFTTC1KA*8`j^ZQ)
zeJyPhVUA+P1lpoLYHg>}N$)qSW|YR?4Ja2b5#FCXt2przke^v7$c?ZDG)}@Ue=8MD
z)XJVtIGlJ`&mJ`|`3yCcw*=RJ8&;K1&3P)}m+`9rVO9tfv0w9Ktl*@z&D-3;kfC*P
z`_ApgySA;Uupy^U3tRb$?Hm;>PNgNL=#nu>y--SXxw7+0XF0)<g-TWNWv!}FFSM<v
z!deKdIflyy$hL#e7`t?p)oK-RUDTAVY^7YL&|FN`ZOtxO-BzJQdS+rsovsmKSR%B<
zk&C)lm<Cc-vy9k&IvVF`#dGGXp*aXJoo9lm(d0L5?A33jcbqVvSVsYltMLabtNtoj
zjHd)tdN??GTn7XL{7EQiY#mHhbmkNHBxk=uZ@RGjX$(7664GB2f|SJ{U6Mru^@_TA
z$b6y>;=tGl=1e@dD}AP#dCwB$;V?Z*MJ&{223f~2ZnViF5^^4(7>7P`XXFO8pKU4-
z=a_Ru!FoC)!CckebX_>Wwb-s|`&+Wuuiu_@hZnuU=-b}=I}N29z@eg4rh~;3u#-x>
zz+fe(tD72ov|SdO!LlpJ!$ClN-8ol2883_-TGmKg9;PRas?q+*`Pty2dwS8aJt~wz
zTv5&J@+k=A(}A?7mXsuY5(R8AC!vruO$&C=(FcBDf>hvcrpPyphDf3WrW>#*$*)Yz
zNSt~SfMvoOg;K|dL<nWvrra3(v>lFX5@^Ez!f5y{Sv-_<y4rn&+b{(?sCUmt_rE_;
z_N*sxLaRG0DZyDlKu=c(3n3FICd#q~$D}Z?S!jxC?OXpkW>aG)t0CKNQl+NW%u4V2
zbE*|t8o_@0Wuw(-HQJ80wq@3IW2{%-eJrr-bj7j{s7FHO7NNhU22lN5l9j4a(obML
z&=5rdrXiB@S_7=5gu<+VLDpQ`fY<AZt9hW0$qe|k#r^~ptYCI!%At$Ie<C>nP<^a9
zF7XlOsqR)~RxQAV<C}nCDP&_Ig-oynG)kn?ekGcMW(tl;>SbWOO*E3SpyC(GA)!$<
z0NSda$|#!8SSYGj4LXllEE+fS01!4(a`Cw&ONvYem4@1t2+Y?w#&aS_T(g9u!nTIP
z1)N@HVCFa~u5P=2CJW`|lm?%5(C@Ah35Yji$jMyNWMO66)nboR076249S}s)L<3Ni
zJ=WNpQ?5zj5D-onq9B>lkZU$|7831NBKLFsa#LC9p^U6^4o_33F)cIU*qhNS;<CU`
z51Y7o35HA83kVLufDI3?$yj#K{M@{~O`V94GheuHM%XY8Mh<GAySq)@x89A2)i$L_
zr#DVHJlanVeRKHgK%Zhl*H0G1UxVfejwwDIH_u}11xnF~Vggq51GD)$*Ha>pdxn}U
z66M3ErT`0JGoa(<e8GPWT)i2v*!=}xVRx_5Zai%_e!+3-Q1FXKLSY?hd2FugRzheh
z2=_sEa<pJvl!+l1GlBQ|A=ieOOmBudYNRBL94T_tCgBy0SqRQASCWilIL4S^0g}TQ
zRC{PuBw_wIOfV^6#3&@hH*+oXq*2RRJ8?=qUKS%##0AuQS-bB{vmI?AP?GwvH+a_@
zjJ`iP9@z{}ZkT$_=p!)atJYU-XPvqy-S0;iZw9^Y;jjQ=M|mk!LpV6-4Tmc#@2#k7
zwch*wV$dBOoSh!^Ul$<U*Y;zorgctxvi+6S4quJV&(4makKKcd{<~hGc)Lg+yGH-;
zxLiJ8{N(*;*gF{XE=Il6ccXXR96CoiHzmc{z9owRnb>N!0yJN^s(`DHHO*@{_s-s4
zl7+VXpB<ic&=I{sa-p3?nrF_*d`w~x@j2S^k~k)z2o}na6~%Op<AvGHwF@!`LB29%
z@dX!T{vOW*wLu`nXE-LlaZ3x>bV|c%=A~xIMd>q34q9Sl$!ejyJ6#W!&o{a+9rRK^
zzP)wTE?a4=Q5|ZeBuJql<R023F<*pU!(%ZyXDk@f-^jki&3=$omTl4rYTV585Wk;u
zSt<8emX+ICMdh19<r`J`W{t|f%x_XRyIh|<HgE7GY^akU$!28Pn9P|VYZhxr5d?ZK
zTY>YJwVP<fbNWH`IS<mRQe~{{Ir!=1V9Ei8w$<$=C?OY$ge9WDs#Y&hH{j#}pwcb9
z;FzCn>_zy?Mh_=qMna(+D%YovU2Q)->{_RyI+c~ePfB3*?1%;r!N6!Ec~ItQ9#}Pn
z*Y9BFaj=A%mE=`AtktAMvheVJXnEg@47z4B75=VPi^|uz;M6ETNgQ<0<}d!(>sbDj
z&89?gKmvj}X-MH6-QBrX0gF#s4Qs8{tg&Wwsj}B2$esoxIlnvEy@J$P4zYM@gE@r9
zSw~Xm%gy_mHGY~_v$waUd7(&V12ZGgkgsw$D=JnMP2wO|(sZV>uokFukSn{Df#<pM
zrAcEHxooquOgfuOcDu|xWFQxO&PtQduAO@8l;@$`wlhpJx1MF&ZU!n+hZ?oDRz|gF
z(vmh(QkLtO78G0RJgBuCZ569q-O^_DvM$zLy0%v}c>jDY)>voS7VE4%drOV+LbcSu
zw6dBhRXzVphQ0p8m;&J*vVC5tuYjDhSZL?g!?V=-2h1#B*I;nMA!@gFo=QE+R>9&V
z<e*!z(1mkSxa$MgUC@{+ZBfGEML?e^JuGV;ebxGEr-o1tC-cyhw3<%ex2;Oc-Y3-W
zpmuAwRYORScuqrbS$Q2}kDQa3GCy-qY1LAjRA$>r1#uh`ZKwr@J!Peuz_DKFEsUuu
zpjRX`7foV<eG0##n2nX!lzx9MA1rg6iPTjhb=jziBig)bH<jGqoDm#|nZ8j%1;xQ3
z3GgEAMf)q|jyb_JNMdp^iwU2x0H{#um7^a=d1C0NJb@W#L#cryyzbZ^){SSMpciXg
z3;+)=+wC$YeiHgP^cEeot6W0u6TB-NR~va8i>;o>Jpl~}_P>j%AZMXx-$K}FwO-R&
z&QsQ$iD^@sV0q)LvW1krE&;&l*+s9Td{e=!OQ#`=iMF`wsXZnEyH=K$Ild$)i7KHf
zEM8@AzMt#6o}F5H1p|9CGSt^8@(#kDe08qeFJjmO;fbQW_J=h)OqfU=`D`MG3|k|)
zv5~tO1s37#kPoR-J~UKka_AuQCI$nzb`^S3KD0wG>_;!HI$ROlah<Aaj`IXv&!{&;
zKIO`Q<u5`!r=D^&;gp5OD6ilpp>bH+0`FzzDZPzYY?=y_Ab5g8R%#B8#1Kt;BxN1(
z1bH*Y((50_^Ez#v#0`YDrqK>!A?kiNl)b>Ak7FO{`>p`#^|!qz@-_N9k{k6<VDEBU
zzt;ZP6}@+zbfOORT@GtenHsQNH>^2`qbOKFX}J9*aWBlbf?Zs5-Lx&`lSq7k46Hdl
zQIIN;tC$ShGSoFM!%0fKDPvPvQlXemu50e{-SpRQNle^vz{a&q>aZHft<rIBUBLFI
z=6be%mn=~rj5c}VOu=O_n&H^@m~W0c@=X}?Pbxr>U+;C70kO!jy5MAD)r-$u7ktUJ
zi3!Cd3iQQj<hn1HNNY=4l5GqDPQx5P4#7?ZXYggAE^FPaUKbterBpm=fa8NFV6HcJ
zQ)Q9E?nM{&-B;a%Z{MC<IKNQy$K1}?cb+;gEnC<NZ-!}TKY^!u{9;7?eFu1zJK+vY
z1MBxoRQ^C`vI7+;tHJ}o;8~b0Z;;Eur{UBznEqa)K~ol`5UX1>;~C>{N>H6=19S=u
z_z9{L)Y(T#C}@DTK5)zpQ}5|_@Ra{fL$QrqOS&&~jVEKbOqtu;3VhMsT}m#21#$5;
zj)~J;)%ToUm20?ZS}o0t$~P~XdK%T14e9bZRBXWBNnftx24|H=cXuzEIRHiI#hrMa
z7K(MCl@g#@HIb~x%_bV^8-@^rfnXoj?6nky5En5PWV+Devyrt@Po;EXD^{4!@1-PP
zzKV)Ok(j(9Gkir^{4!=q=nvSKhA*1A7sXnDcKS9Vu}4CIr{pLmWEf$OylCc&l$$l3
ze7PgrN`Ku?%Kwflx7j>mvAS!NTen*vu5Ld`ua|=MlrlsqXQu%;mX6~?)_jT3&_&sp
zoTq8a%Rs(p=E^S_jQm*SILV8q+H+nmwZoP+rJawsDXqP|xL%NOLE_>9NuMv{o%sdh
z#f<Y)6@p=?7xC()lfucbk7__G*N}x#x_Z{&Xcl{s<6XV<a_|EZQWA<|I;TRe*4*!9
zmF6@YMmQ#KBk+lddvJw;#S*~MckAzk)|7w9&i6vADS2q>0Kfp!zm~($mnj!;K)Ubz
z#zMj!b+Eecfa?5Y6^y?&*gs-}1yN8kZ=WOV`^tooQ;SlP<u9M+MZ^~mnP#h*EwB`K
z!rk_At_ro}1bPYhzG%YthxOKI-fGT0rkj=XzdX7#;$14^;mh5YoR!({Vp)AY)c0Qs
z0^Y3(X!}JodsD2VZCfwlg7u50`B_OV1+GjkRIxs1MDm!1KIIz+%)3liE5sCPuHNS=
zx3qPR1J_ne^GbP9H+>CnQ>(%X_3q(2=?86xA7d;0INRVKxdnc-ovgfz8S`I}`laWq
zwjz5Oi+GW(V)<iP#d78198^#WPnYkBOZPPO*6w;`i4WYDKV(mSz^)5imk2b+H^^+V
zV833;UjN#jixheE#DCOY`3LWHA7kHI3-z4+QsHkuS}lz{^rozj1#YJL;yn_KAoEB*
zZ;E;JqG^6Tw0~={pr!j+-+!r#dI3v(Qz2`)LgX-ED%YWo0<NvJ4O0`=Lkgw{AN-cj
z!eFgkDc?X^6<Wvu6`L3*-le)<^YAvZy3mLPs@MvJP)_0z{V+A5g%nI_y`{mT9^OJ$
zS23pyRB5VUF?%?C?UC}L3Dv9V4;CW+*bz{*tufHxK3pt)h!m<0f!wRzq5#_cZit4v
z=-uvvWlyMYPImSk&DCWqdUeXy$~OAy?bA(n2fq6eEI(D?*0%!PE6Z6>*B0l>NP`q-
zfx2I+tLS)++NP(uhfC!;bgyiO){^hgJu+Udi=WbT@=<2RhblrJt_1y23eaQa>IaBo
z<)QxrM5hl~osYNAJX%wD5Ucwit2L~?U|}_fulaEI-ERIo^TAB8LaOB=bKQh~=O010
z3Z-&DjMIQ61g(^;))1DKoZXt1a>CF(Qr4P+)6&!87crR{!l<vBn@mfDC=06V%buy!
zwptL&$?|K6=h^JKobw^vxENBO^g=IQK&qQ>$)aD?>s7^}acFd9sdYy*#SboLX$n{1
zlfKTipFMqWdj}F-cEWs8-C*`U*P``!%_)>{(hs@7p+^p~fUz${oRAmIB`+&roX3RI
zX-LB<;FEg-$mPqF%++)nVv)q8cN5XrxMKpS>Q?}BNv$PR1+DZbW}!HQxbJ%Em)2-S
zv5dx*Zyz?g8HjJm;vCbsa*|h+Qaq!wwvAX;{;_zSt0WuhTEcR~vSL;AvEJT~N0s!r
z-qCjIf{q@oaV=4|KANtzwu1Gi9H)PLqj(w1kE2CpQp2CGFMTp)=`V}-Ul#8_&*J@P
z_VSlT{wR$+$K*c9S`I4N{bKl<UeyX(%mT7RYBI0ZN6iBEqM24N58@;yd{!1sD_#`3
zRlH@o9OC*om+I=taxX5GvNzxDUUMDTe|;qET1pJI!K|S}uhq%}743(fwWvncJ!7%-
z+%?DPfy(e&P}kC!AGDy>HA_4cShek<aw0wm--j4C9u9Ds1!VaGTK7CjHMZ1zVL3Ek
zlEo8LR}p+V`|ASE@<3GJnBOjLZ=n(J9@cw?e56{uyUXtxYwAiL|0F8CfK<|r<Qw!V
zVB_q*%*WA_vNqGB=D+kN(3>hK^8tF)a%dHA{?fDl(z7b5StOmF+gXB{3Pxd)h?={i
zFbb>PfB$EwA4@OTK*5|he|xoe|0g&O{PbsmfA~RQX>yv~XVu($5T7hzs`K5hEnrHJ
za<Me5im)JUKua1i2H1zTq3pY96D3RSLp9D6{(8PyY3Rm>6De0!@vR)NkDvslZ9Pa4
zdXQ`ePc~G(>y`4Def3+`$!^V=xCJ^Q_Z%+}4me~*&f+htduGUk%X8_KMu=g6Lm!Q?
zcbP=Sy<Ojz$0~)b@p<1m?GB-)4$i!-gF!%~Ot=GWpuJMid>V5dp#aAOaXe8ePbDe{
z13yLcBoH(TNG`Mj#2ajsyJhb0RbL5I0aJYyQf<br(Hw^+Hp+5R2&ST0G|-kwz`l>#
z+gal}sPFl^1Dygr4W4l#;p@m1!kd}U!8(=46;ZK?GDr~jYK<6j4Rm+s%As+iE6;ra
zh`LN}c9~A}P;hF1CBO_oPY2oFQW-p}soFt1+jg7tg-PF%V%WOpeY^U76-uW}kPiB8
zMgsz2+(SZqB(9kxKbpiWRN=<q0e_Osp7VEE6ayjDm3JMWA7a;=IZQ(}D?ALDTTGxG
z*;F<&LkN@+2N3@q!Ynmv7K%i{PJ`p;;`Qiq6&G2v09F+l^^g^Jq)7jET4G}Z4bwo?
z7<n@q_*T|GHhE|&o)ofgLW4at?@2C`rG(<7FxB`fsLO-X=xN~8)@OxQB#r(=r=LAN
z8Y0Zod)mY|L$1;RWa$iWnr=r{Q9&NnB9<HvV&u?qK+t%hLfd31R!y5mlCZecdeb7D
zWZVFqNQ@xBH}*gt>7UC1w2-oMA*`ZFIN=Q%?bmNlkA|cEc^aLIMy53t*bTCr$g!}8
zX@(WEPG6egD9(!&BRET;J#ffXB@ai~qhevg52>dx$<87j-whJvtv5R=f~(}*eGO5J
zOwvhrJyi@xls7y!Hv}>U$^3FvL1)s08p;ls<s3yQvkZ2MyxE<4Y3GfN&R~^UzswUA
z$*KS%yA<H$+EYHuRt|#oXqI{%Lk;c8We~_qI(ahOkG`_Kb}Fc1_XuC}TzBmd<!M)o
z1E+tla`Lgtq>eb&v&>b-JgoM1v7&N8k<5!FPmXG5ln&Z$nLV<~ccfE#m%4A1Uu7;8
zorjKZ$~3bmeJA*mATG7^;V$~wQ1)k#;(k^`_p_32K0`x7(ireQ^LPVa^9G*d-&hDS
z;8hx!pee->E}GN08RO6=jhWElhG1TGKE?vV*W6h$8}jqboGEoa_Hrv9_vGe?#Wk#_
zt5%YIfYU)v_q*X!_svQ7z#YEn?(98tED5CR`&0tJ0kW*lQhp%<u~2P-yT$k<Sy7#Y
zNR0xZ>IIa9qA|xeCPKeryX`E$^8IrxAFwJ_o(y3vCARP=O%+le&74YiA4AF|&o3qF
zhNmiw)`8l=`{#D&bh1&oVPDUvASz)-SW1U&a>Z;VoJ^7c(TNFWXI=q4_Kz9%U*SM<
zk~j?lrXrP5u2RXEoE-ggbkIK>sPl(Z&d}m{2lAO1NJB{OHh_X1^uuPm)lmQMHFtM5
zpCEY9P9LP(CX1D@0jX3W)so4q5YUj6nuHQ2`$VJBKuQb=r!>4t;|?#wYk%`Lht`uE
zPFg-$(J6&Ag!9BEn(UoH@jK8bRRDXcM#l(bSrQlh!UXVy#?V-|h9brSw52oY>k=Zy
zlL_?@1dKGg!#o?eH0m2vPE+T@OBGZ<{fPs`?qtbM`m!p%=QsEYBc@~=P?1$09HY7X
zB40-_lQL;4wU+ZSWwGtXHUv3xhB6w720GUv{^h{ixd0@nU((?EhT19}6r@d%%ZtyJ
zW(3d2Pi^n+eyvL0lpfd0Bdfb1nTXQxsh5wNz|)?Rn5ZaYKAlWR43YlEL|hZ1Mm)0m
z2QmH%eU$n<#KWT|Y9WoYl!;JHQQc(KfuLqS3ki~KH&mK>*~AhqBX=iVLesF2k|pb+
z9%X~F#PNwXsl<s%GMi6lkb|TqSs~$zT3dKbf@~a1u|`u?L~K<P5Q-BB{+APVLCunH
zEL|#!Nd(F=Xy$3sH;D618dLPMN}T7;7qJR!?p71YZT(zOnRTAL41<jgl%}N4(gs>o
ztD#)p%WV4Q5?_{*P`{>5_SodSR7o!j*{h3HcPgstWL+P7jpsU=Dw|f;G_GP_&S5iE
z@yRskY+6G$y)nB|luFlmDg)fix$MEzv7X$>ex^_CL>L{^ex@J)GQYXktP#Q5|GL#~
zrH>%yeEN&?pr~7YHzOg+rAUxlCd@!9X@N<Rl_nmL<kiUz{S>?nrifbxEJMeJn2{*s
zgh)qLACds<E{266Bv?RVoN26T8=FjM2-<D7hk>^Xm`&*fIi`doJ4xn|Sm^D;?}mbQ
zP5o>&zQY0a^&SL$b~u{|N3L6EhGXA(4jI2x$^+$8VC<qCg$&_PP}j6-WGWDh95dd6
zMJ!;`1q7~lE>jywgR-W{hyj~I7Gu7W6)OI_CMUF*_5UJ9sCvByAJidH50s^52cFGo
zm}Vq3mcmMYX>Wx8qxofV$N!68{x{&48>m1tcwm!k1Fgkkr2>GdC`IM9MXqa1#Sx3O
zs0&OXi82MVkb*N~0_tdi&WRGHO(Ij68{>oq0@Mn^Rk{Hv^NZvFvOS$DQb2vfL#a-}
zxMXLLvM7`4mdNB@6(&r_^S5>e{luQ!&*kPJblBaHg)VFzPYh_MuzxuAh7mFW`%k01
zMg5Q4qq1}&`BWlRX+*wi)oL54A5xK79(XO6Cm$f?nWxUXZdj*I&6aY%XHQS4W1gDK
z=yUzVFwJ5mol`wmYX?%YOAJq?9$o`&T%uFV9dJoQzk?3b6uC9CJ420HVPDMeD{>FX
z?<%b<mBrH<LR0ni%NjzE`M+Z}C&sBz$otH@v=T&8rq2MN`P}{&#mub#QznQyh#4<Z
z_n>Q{vN%VPads9AO^HxVBY|~XcH?fSkcpBYIA;O%79G@|oHB796E5kXa^nrDPdsep
zjnvyDrU9G_Nh~1+a7|^jlY_3T5*x_XJW%KTl@CZ9vlxEEgJV_0hMrEB4B()!{ccob
z=`YNn-1fP%XR`AbGV?FV%5UZLheXp<PW*`p<Gz7TFb#Fj^C1f-G*Arfn#GqS9_hW8
zaD<*dS4zI@|0rNnWFJ2&Q_<36LrLCdGbJ6m#&M{?MbtN2OH<6FrUpd)=ZZJ2a8~Ag
zRt)Yg#{(-{02eXAb2MjuqSCi(iyyi;IM*-J9L5a$BVDkW@EG!=0wPWIlsCia%}7<!
z1sj|_Pt8TcH%OgHpaYwl@LuC_tJ#=7?Ym7k)Bp%prlstiZD&Duch9q3IA%AC5t#UH
zZxIc>Ao1^W3g|33>jg62R5qlDT1pJ1=D`&S1y4Jo=Zj@eMv#N&xdmb-M3h!ANb9jD
z!ZReNb7fQI1`W*~Mqqe`ln#39Y%)&};VKfF(rJR%(G2t1XpV12;MAF6Q!1klA5^ht
zX(2UKBgpk%fc3QX^|R&0Y;f(Jubx{QS`pAr>uJ^dYJ}9N#{~N$eg6yXJZ-g7Iw`yU
zNCn?qS!B%oMRftyh91VW$d`MC0-S_PkWlZ($z(!e)q&le%c_?gJ#AIJ<7olY|3VQ#
z=Fvzpsu8$jYC`U{=J{fBwvF^gf!d9B6$xxK+dE&S4FzmEny`3|h2owFZPt|o<OutI
zj9g@XLVB$q>XH;Aa8vvVId#q39b^vYH|tzrk#JO3%`ODtl7<2~b-*(w6B3iys-a&<
z_#-?ep>Ryu8;ROAj(y_GZ_Z`~)`Eg#(k6}2KFXn<HUOCKqaPi+D?eHoKzCq}Rk5s(
zb}7iSxsU4bH+`xpVBo_KyOt)$J~D(!-vDjoiz1~m#3Rj90l4`Ey|bH0U+5lWC1b)P
z7ILEA6md?==YCtIV5C&z_So5NzwKJ@vmyL38!IJOJZc}!L=vROIb%hkFBgW{CRk|R
zYzQwJg)B<=tnlWNkO&9#iloaKJ=;sGO@E`2UD|MMi(g9tqTx5cXvi;y-Pdwy4Q=6r
z^FT@!f_W_9=;C;I)mHyD%-<dTclUW(!6Oow(sds|F3y9d2zbMbMJ24!C0RTM-X&RN
z@HpX;#f-p@-egD~4v#zS`E#qs1Q?ClD?A#_Bm>MSyRl&;1FtMW<VA*pM5Iu*C51Oa
zMAo&WWdcT36^ZL}s~xyd>6UV?=HS5LcR9<>vSwBBf@D)_cdgW~E4%Y>0$762L;C)(
zt}m16?(elFXQ2Ps`nMNS2YcE0$M%nnwMD@7g+&VqbxqFngoe{tav#a=c`hS|CXiNy
zIC2^ilv}uZh#Uv~E|q`D(pwUzQePUV09BH~EfL1eh({-AtGqV?mqGhzb9390w>c4L
zSy@!)-i*viUj9{H7@5?WS+cd(sEb%E9lYTJqXXx>;VkZ*XWkndmTt8IK&nNViZM|c
zZT@K&YyMjuHBn5Izo<<pxv@nIeYP)$!lq0HXX~o{`_;~NbF1;iHp)T85p61czX@QP
z^>(wqgT^tzmqn_1vn0GE{z$|)<dXZ5&|_eN&Gr*5j7fPI_Ir@TTF+~#M59UGwD7DD
zgVEQmR+V<7WnqN0epW2wF?LDG2(F1D^dDdRv)T9pH7oV3^dskv%HjNBdRIZ`Dz(aq
z$k0dMyWbqeZ0eqAJEi*ybK<^@gJqMs(`<rF)~Rd8A(h|z+Bh;WT)+xFvMwy9C3vj{
z^F~UMxsL)Pd$K+PM@&Adt76#qiz4&$?7C1k!|Z8p&9-dOC}}W>Df*AXT9fOfo?A<m
zljmd4oI)nrf`4|i-hOW3W3%B;F|F@GE<^3EU~DM5c4>#LISuJ$GA2*-nU3<RI%PhQ
z;Ge*DeGMKX2`9*Q#{wwInp}FkhBufpli4*5eyRQEFE_7s-Mlt7kiKe)q~b?CL?a|M
zH=@(0+7SBZ=?qZ5K#&;unjvh=)#m81gZ}G3|F8D*`>+4}e_1+CIK26<|NOtlQf>XO
z|NMXI2*k|M3*`o8jK>;)!Xtl{yrG}Cmt@h=U*R01rdN)FTgvKNOg{||i|MB|489(a
zr%!h)ps1%C=&*M_=pA$~dWW6DQLFJ8i%Aq<kN9Z3K*#OYvpx5?-TLwwq9MX)l86M3
z3E}V>Alj`<F<E20fr|2T`l48aXXurb4)x0RH+ztC*}r@e?N5<?`j5|{-TtF{k&g6m
zc#ODCPCdgSoz-x5IbK*CJ7PXeIT3J`I$AlGdovsh*W5}I0k{1Gwf+7CM{q`@IHR0G
zHItJ%Ezns}&)yGnwYzznND8Rrs<I;0Hz4KY2QlY9*F|$2CO8Nd@(Z34zanw9obTXs
zVrmVPX8^ZxX_RM4A-(nay94DIGbYF+$W2=xlL?CnQZ6y+NR3&dop?41-Y?pPYK_e0
zd-~$g#)cZBztVI6`RTdKPDU$FId}G2r31^hb}(9T&RJDW`6bn=y+|sYG4dV|8;}cn
zOt2^)71uP^(U&V!Vr3|rKQ^Vj<f9U>DQ}>@K$!DnP9Sx@xsxd03Cw3k7$Yh%ZMs+a
z`uaw&Xw*!Lxs!jh-pgKiruhBm^(4StP_N;!rmVo5rmEsC=7=4A+1P8e)loJe{WcCd
z$T7b<d#$HWf%t;Na~c9YUdPxYDv%*?^(7nW4e_#@AC@1V{J4nEtRJpt{rKHdWi~#8
z6WcKjn<TtKV@Xw)SOvT!4v_20tqHYvzHGD_twy`E*LwDB$(FTy?>1MxZ58*py`@|4
zC+T-OQ^ALcB_c}1r|IznoMqarR)x3B{q8bLtJSiOzt8g42W&c};j|HuD-v`N4JRxW
zc^Y!-=sff)HQ45?wRX=^MCjLqB&5OBEs_7I*(21TVU!q$Lsx66%HgD1QiBVEoQw#Y
zbWr{F;P`CV>i|nIy0q*V&n6XeAJxAv8W|Q7N&?>kX;gIN{4$A!W7$)tBkj3mwWHpv
zN!Uqkdzyn}Xo69>gMP5DrKeP~_z$|fbAGD*?O*s)xNvCVI`HP{*+p;I5I5q(+i0~~
ztuOcX;BTwdD*SCfeYX4bZ|&V@yY2R~_S2pA-&*axXFKh`q1MOf;C-Kj3mpHg^}%fw
zJNGa0Ibh*5#v%#yjVJI~2I&BtOnq?XBR&G7Z%(dw)BUVg(`PMGXxIvws9f4}%ms<R
zC5ue^*+yGS0s^Lmk#qEcA7>kUglb=``$6Az2dDkh*J$k;U(~*k1j`Ftstf3nETlNb
zg;Y1RAT4YWju>;;l8*#lNt*o+rHlsthkZ0zjPJWQgOfXBnS}Tj>^em1=C;(-z?k&_
z;B`c9z=!UnJG|%(M&I_{@7K3jL_*F36wB%8&d3eg-PwLP=5<888AJ8k4EWt6h)@mu
z5Bo^q=a{QlB$)=BPDR0#+0_p3Q9ZkI9pC&kn0Es(stI~Uf`z)~;^9y^;i4!eZWcyK
z*<7F-7<%R@#YJ_%l~3Sh27Fa-GoG|xza91t2EB{XY4@b3JAN<bf8eKPdpfRgKmCQ#
zQ0L279c<MUbb9xEoIi(gO8h>YZI&6Q?)UzE-CldP{$Za_$2h+^>z^)Vo9$;0WSa%X
zX@Gwmw)x+jahlm>b$j!ZVg3hxZ1!Vwq9QAb7#Gu+@LvPl0jYM_z39H`4tt&21w-UU
z#Ml#Q@V_zUB)!4)1g=}=VprAlEIoWRI`0mL-<=H(_v>4i$(VQ|fQuNe3x3WK_6Vqy
z19ec;I8C44-JyIHy>qNp(`D)^<?m=3lL%#f+?KC?;VhJz?Y?shTDwI9*YxVnLBAu}
z&u34O>-xlFKH0A61!DCpPuyYe;_Z2-)^4EJ>cU`-LH5r<(tbNQ1`Bn`(a9V_J4F|M
zD?o_$Y0?BfJv;1;&d&xHk0Eb?5<DVaLqg?0w0>%Y8kalAsOWrU;6R0G{%C)@h-v@4
zfTs$`@fd8WAag)e`TaKZ*)M@-`p2E4Fpz_$-4f~=k4`-$T{9gF@YKtVh<#eW#;8c8
zyMy`y!cGc&DW#tYxkhsuCc?T_n{xt)l5s#iIXTqj<@8YcGeGRUmZh%KV3FF>S)V+b
zz%t`Sda-pgw`{IF<X%5`>^7~j8}<h8`Ue%m2e8)}yoa`)8|}?oGsyO#zVRTG<4vQx
z&GJxZXs;ULG^)?~tM2^l5QNMEH6rG(JC_6Gcx)cAkc48t<lh;p(6r9dIX@=?1LKk<
z^(;4-NDN)=rL-oSHT^+fwZ3X~lyiYi$;{j>3uLs^OmC+FCp<Y;M?)p<jAM4ql`Dja
zlWHYyD4cbG1ux+wRx%Ox=M)Z<3{UQ)-)#O_B`OEhBOxaZy=O=)cN^#gPBHVRE2<z8
zvzR4QwZ4{^I7=|ij&yc<{QfhE(2$0n@(;k}Cbsyt6pYPDs#btBh^=+o+<pQVU{lF5
z!`klE+di7p=}f?l-7!HNUlISa{36ga>H0o;(=|vc*CS6ru(*P`Xhmxo@9SZ2mU}5V
zytysT5k^;V!`JjH7ai{U`nmx}(-0TVW8ox7Na&HKPk9vJMRRa*)O^$ZM_(OwfyL_|
zIQ0K9BqC7<=5rPk<P(8uz#FBBdV4G93yZ5Q*y`eU!`$0%{4&2uC8DYd5L%_O^xa+U
zo0ISJM|&M3cgZ2yTDHSfU#znj5!l4~6VR})aVXSyL0ALXBsg$^_RZ!|B1|~YUpy9a
z7U%#JR!9TqzV`O>_<i=-XOfDBpiAT&vnBP<JF67ml@!0bGeYF~pnuXGydV9syO2TV
z1NWeU(7mMRE2oYzjrC4m^#*@%uRp@BTi6LsaFi2EU@tQ<mD714_XoK8qfTl*WR~#6
zXNb>`>mdg=tskBGZF$asF8i<v@S}rXzO>MEKE~))qFWm4d$G+A+)7L(mp{fy=w*E1
zg9vVbJdm2p{Cq2$i<GDD#~}Dx=&t9ITyAFxp6ctTIR9CC{x_PDAR;kuh$#5LHddei
zwVplQ+bf*^J=<$P{p<YiQ+#f3n_r+SI`6=CKA{1DU3)Ic;>}10ebIzD+5Do`yNOJE
zLtx5Ue*{0qMopJ<wM$!BOM}(nW`#hOZyZ2v@Fh!i7(6HDb_x0&i8u*8^lTTt()lo%
zOy~`A+zgnxmZi|VD1_-#!F}&TFVAn>GQY@SW!^_I4aEdGpK}vf(D{IFn0tQmM;%Dq
z+0XCEDV&|Jt8lQ<PylTDK7^FjWVPY|tw&X0c#kHjYVOabsKMf66STOTl>exao$n`Y
zs_9p(s<JiUBP}kSl?10v$&GJ;eob&dCzSXIM-g<VQTvW4=ulqBHYBIuXiPkuaDq6S
z6D!SuB7*Yn0iSvBxiS&hC`Vh`srvAAXwseVh<Mu#sm|zo0t!f~906-m&uGCz8*{j1
z5Cj_A`^cSb@D&r;yev)Tr3D^8d)MZi7M>|V^c>DDfE3rtWwADbxkcj?pw+_<SucN0
z!=<*)Dz2I<vUEx=DfS0V%#0EJFPN4^3CXCfI_|ujN(sMz^VHS4SpfUW@y-`(s1r<G
zFddYwHSSVwF9WH~$wlI(z#aX?Sqs2@)U#HL+#gNg9L#f9Yg8$?|91bXfx^zxIbly&
z_1#2$``uhpL(V@O<cyq0Y?-h1VLjX!vSNPld(obf(3KT<2D**|m<e32IJn@sWp$?^
zyR&qtvtcfqdA5si8vM$8G^`X`4@*3!Bs}QmL3r3fyU+Hlk|Y+o?2t}F;vdKdTTAZ%
z8)bVNg*33pB7w?gC14$K1$?TZfd&Bm9gUwoC839O5%8f%i+oEKxf1q({@KdfAMjbK
z|0|=gJ7!F95#z}9V&e100?!|84!B4EZ?|`M^7{Wy`)PakFa7^heC$I7$!@F6R%$AA
z{W%TILDGH2d@S&{WU+mZ;mxjMj^<<)6-iY2=GAaS(*!kF?V35e?4;L@9+HnRKb^Cf
zr0T|B6s?9<h)V<e%IX?=>q)E3NK6HuDy&oHY0?wxLRyUMlx*^{fa!bM706`Iq41XB
z;d=GL3F!a%obSUvch3OOXzelDu4Iw<uYdN;{_C^OXF313UW{po;{_z5auox3&^~Yv
z|8IS{Q@H=Jv%9m?`iuX6ijT$r?@ihcH^*OPbK(1WFiia;{y3JMHTbW{uDOV5I6X8>
zJL^p22JQvAQj-!<a4-4CIl`kx7QO802XNlC*1vK@nB(XVk^frH+Pg*hZ?FC3U+e!<
ze3VN|)!g$;TnGr^SXj|&wWpyYK5T_&)9axNydqX$w#aS0{_f7ro*3=^Ba37!*0DuP
zYu)asb!*hiKV|&aTK^_GK<v_R!XC^6?$iICK5ZA)|IY4T>;KbyiVOK;?%erl^RKvh
zo30lYz%N{qM_uVRq4u08W`5#{zVCF9^M(ZTQDJRWF(BuOsXif)!IwK7^n-quMe#Fl
z6>!T{PD5&1)>z#}H_Kg7#gQN;N8>6(M7MSK<etX!8%E{jkL;mjZpv3QZ!V6<)<L<s
z5MmsqQ~$tbtI=w-*2e5Sz+%GUxlIf!KZ|39j@6^th;$X30Q#>A6Zbz}ja`fXYj4}f
z=zf1&NB-L>+W&TTzI^r<|Nj&psWyO%?<((c{a0TytrP{d;`iA7qAvFf-OS@Qiu%Jh
zihAWnQD0}LsF$`16>H=y!oMaY-8TxvRGUm@JNq5|nlM2=z1Ls%S!?~z=~OwPyWERu
zBp#>+u3Z0nyRDtwy`uf6wfC3&_enl0jPvQJ+upE$q#jtBX8+0}qv{N4@L8Je>NALv
zHO73V)7_z?0PDc*N5|dQqxbucj!*<YPxqZL`#BuFmrv@dBvOA*?c!$_qwe|nasQzE
z>bSS>j83~F^&0*;csm&MPA^99dV^vA>~z20&fa}D=$@bV2BYD@pnrZbx_E!y8x77+
z4tuZm9rf2)TJG@d;M?9{bZ~ZZem3mwJL<RoX|+G>oeujK{dc|5x4rkHcirQ+62}oI
zA*X^~K@N=3jQTzaM<W~Y4K##Y7D&YaMVDluXf}L51X#m2-9hhg^v%)W?DgBh@xG&S
zU#Po4Z{xtJDn0BSydCr}-jBXH>z{txd!N?g#7kl-(u>`zYpYNhmG#pY6E+d@VAN&O
z!?Z5=OH#kG$#1&vx^K=-dRh1I6@J6!WI1?q2O9<|t(TLxE1SyIQ$sa6KO0`W9`uI$
zPA1;3u6#J?zv~Uk&H6FDBJt|F_AsUulO;o$)f)B&aIdmlm6KQ{W?WT2y=z{oZw|he
z)4F%u9bWVghQ03K;7tyH9p8`>9DB2+ohZ~V_M`x0Rd@1`N`1;h%6Dufq=VzPa<0P_
z^(D}B;(xeLw@xol`v=|O#ZmuwX-7lqVJ?nnuuflX3=M~Q-y7z5$)WPKQ5j4_q_y@e
zm4@1S8fd6Pa3~)&6@mnd88~l+R7k9{B!wz;XX>CtLk_nmb;2CMkV<Hw$)hev5`B3c
zEDGpC;*&+j#sDWr3)RrN^fcYCn6QKHt5^MtlYbv|4}cv56Ut4t7>~zPoc!8Qh+1yk
z_XFymuLeV-+;B*`!5uWUk4elWDx=~1;YIIc^uBu{7ZNaj5IUVgxipT6BiVK1(s0|X
zgcTynQ7pNtRR45%(LFxy4Rn*4jUa1Pqx?ExV;snt!37S5_DiE78Yf&u?GD(Ks(6_|
z65yi4i|*-R_xS8ok{RON1}xMB%}VJR45Zw5B*BU$471vI40FmM*VEC-w^Z=o?KIp5
zS0yrDm-2J-&B+(YO|5+=_p?ycOoV;Me6w&e;77;ZSH0tX=Ui<c!+$?kh4NEa7wXwF
zUzJN|n=Ued*){*wYN|W9=pS_tF3tw;O{s1%_Tx84CkN)`35ASVQhpUN)1!RYA6^Xl
zuijqt&rVIjL&`-=$B7h9RjKa>-L#GGW4x&9@WI*XMYn${_dv5}R(07bMpks&Di-Iu
zKIk3xbB)Esr`(<uT_3XDV8rJ*2u!$C6BZjQenUc@#F8HgL^*;my_AJSvcNbdo(SMl
zKKQeGF(IKAg|p;0`>n>FJr&P%HuabUSbI=IbZnIgNQEZ$vg~5#gR_(K3z*-d!~S4&
ze0I>4W3cbo_qEZXsjWIF`A|ibZ28J2M?Q`35yIYdd#6%tF34gt+*7)bW8>I8JRDt|
znZ+t68G(z@SkpO#ZxUS`sM|7v$){-$GqdaH4dLIiz7#=c9hqTO>RtD^f2i2|uvEOB
zY6@0=PkO^)_jR`94YS*KE@mXNZ9|k0la&LbdVb-ijN}PoaT=ga=jSZ;&tvll3px(S
zQZPS;TUM!*OLf-2%@6W^a|nCGKXlaiISB>dP|xf~uKnW#i<sVQ=Z3UQn?shnByR{)
z=#MpYWf0lm>2IT=?3^3SGJwkA+(4Rza+GDcH9-p$M>szj9rj*j0HxkAI_w>F-yUD=
z7vuQnd6TJYCQY_)W#Ht3+joj1J7XreKEw}&wT?p{QNi<}4Dt=>0a)J7#UdieC!9(h
zu(DCZNAiGSi7$m}9Rg%$7_+=OWoVFBOHAIFTrjKhNH|5VW*}^BTS=Fhhl3Q#+d-gn
z<m{&<JPF;YpAXIs-yW#ggbq?+O>&=lY4h7Im64x{wwz!5vDeAS&}lYb^v@-48T5w3
zmz@{qXM>BE%~BX;`}6#H8KZ2gT_2Tuv6xex<x=h0|HgSRXFl22*$&pjth~p6Y-0JA
z#PB#AGYRA2)LVkoO^g@*_`&E9j<e|Rbb@|B?r+Gcml1H#PtWDD$j?rQQs9QD#4z3t
zjvb`(UP)nEIXda+okqh24w6RgvBAbfByrZ#gx2nDFo}akmWAqviXQyr=wm+wg4OHZ
z_y2NBxABF&QX5}<qP5!iqPR5IZTjOb#>N-9wYM%3AGq2YU+BfPMtiyCl+M+ER?Nm9
z>-Kc)4F+d}QT3kG4^>>GswI|_ld~%I6}C53XCn<qM>(SNh{Zw+Ls|q=nXBLqmKD2d
zPB_O?0x|5y1SylQ<Qs1X#}d+I$gWEwf5CoNTDducSH3e@rTgrHe^R$H6I`)ddFxxQ
zTUMp}%$2Hke>loa>{VdY!9j(1V+l!l&2&9Ip+bSr<f4b^3adcn<f;2nUM9X*G-1i`
z_ropA^c6~bPOQHl<`OYKX9QU$>zhH$gFftCbo<A{ys%nH-g^Ys3bS@4m>i?2s&t>Z
z+%}+8Hk~c=s`kqaVrliY4Da`$W38(ybjk~RY4x?N_Z3TgDZtV?-!KU!Q&SA2!J#b7
zPa$J`v@HOFKz+Za_WaS-icM~XM~2K&a&?ahny@7FjghEe>d{xBCp6|NYAd82i&e}i
zb7a;m+GjQCs}MU;D5S@0l7v;|iu5g?+*Q!F63|lqnc1KvpZvy(Vy<p~!xahn1PsN3
zA;JY72b9l{h*i!yaZN~=1<KVlR7p3CUt8nHaO-`_OCz;SL2KWVg^Jt<x3thpG}Huz
zuPP5^-rSL)Yyf0b%-$`fojx<Ipqy3Nrk4_>vzPz;0lU9--T$xUe*M#J``ME_BkJUZ
zoUDQoaPsKt>1|BG>HIbaEi{yb%WRAW?usK2GvRS)j%n(*dDHV<767M#20C=L$#?q$
z<PK7i4mkP=u@K^I>gk_udgkcIgtoV>fpUgSbtd23psm2VjH7kNgz}7W6_|U^h#pLL
zv=tIhicXRVguw#BY^uy}E`+e<Wc%Ju_RsI@qB&Mtc`miOd;RmOwXK~BY|T%}>;$Rh
z4r^4(fH(-)HAnSZTj9IYxnEPsr?99I7`H=@RIlz7_?pZ6F1N^2hlmu8waU|%#Z_+J
z<W_E4`k!E*{Ws8gI=8JScR#=yZasOrYz?PX(>0vO#-34j25ar;!a|fp(-`~2aGSU1
zuLs>jnDxr><t{fX;V5-X0v1kTiAmKKjT2!Q^4aOJgi2K2){qb%4m~(SmxM%eby9&K
z%`>E4W!DXKpf<QUmNPAcVVn~&V=7%DQ^8ZTI*?BH+&nsYdwkJ9KkkjrUyp_dZ+gIL
zRInHh(PxXQ0a!t}HzRY5Fh@S&UQEa8pz(nwa(#Y6!|6ZtiPt}JCtmQ+XiCHh^yv(;
zqn*X?a7^(yAmAFdWha$SLQVwg9Ub-5^3k0vm_{zi;(`r9cs0&O*-J8+5Lmt^O0C*2
zypIV_0<rJ3GIe?b1#CK`L9jrM0xQP~qV@vb9rQ!pYV)V8=JCNu%Gn2y(hfOxDF?ko
zO`lvf!z2jM&da~I(eJ;ft=Ip}$r-+WKu%q~bI|@ia#{}hsmkPKqk05Vk)AFR+hth7
z(kaq(->Gle<+q)6jbK+er~vn4{niF|m$&PErYw7<YSo6l<&E3@Kcs%RDbR#wRA4c>
z(vxc`Mea(xVbD8DXa1aWuQ3VOlyWu^F#X4v&zgcpBaa0v<|7>XBee?&lke6$2nde%
zogc{$D!(g2-m4%X@MQO^=X=keeQll(h<}&_0laEI-))=c?}=pd=JBpo{8db+Gm*h+
zfBj|J2n&2wWnScYqkv7PBz{fA3G>MSU*}euS_~)P4Nz}8dDCKDKDP~u{nMkfy!pz+
z1ITJx#;C*ItGBPK%YV)t<or;-l`Y);get3l*BzWz*RJ0h^4)#TKj-yZMff`j(~++M
ztb?2-kYNK^1zM5%alljaTXBZvN8%3|hWahcH;K5rw;K5ekC^*qZp=Pt$R35<14ivp
z@T&%H10CRq3LH>~J)dfr0TEIT)nd0c-4#b!J*^mM7SkyWabWf)r*2twRS{_BV20!U
z`WDE8PW`q}t<&nXAqxz?zC@e1iWo?+B#KD9Rc~!0opizi8xu~%*(7VY1hjqU<ONZu
zp5ju^S1&PAl|veGcH@9E#PI@-W+79#j_N)pC?FHzikQyl#0SAiIm>Z~5|ByrG(;?k
zVGT6UcLe!N^7)uxon{0g=QRpMhcw<7G4}Fw&-l*g?rw`K_9N#+yHnrEX2f09YQ31n
z1p7<CNjP&%!&LyZd-ug6T8`9Sh7+HWAgIJ?13HHKhlW@<iUR7vJ|`H;yxMc<%R2qT
z75JAM3fQ!`Q>eM%lt9?*$}W?KCO4>(ic<yc7WT5cdOKUa_kmZl&c}l2@CWFc#g`oU
zbTT0^2}Q7gL`l9B^{;0{%%lbh;`-~;x6N0>LjXhhNWvKLB#Kxph`+CrKLcRbHCGv{
z#JO_Sw$UYCpT0FKxLzu@T{+$8oN$5XQI7l|J~{PU1@bNv4_6$B*0&Vy3Hrz9M;D)8
zG(O)w{r@tKKvZh=HR`omEvufE!*U~FYYZ@dwVSIFnRt^&Gz>}HRDG4dwiLjuhq}nV
z)BOF%A6@t-8~W=R4G79IDEll!hsB6WX7Mv8zoHiU^5?2jD0gmqs~hXoX^!D#rAUaJ
zA6xBK{v8hpiBQ{WASC4<7G?O1T@O`Tx#8SELxE$JnL@wMItTPYf42&ss8mfM6A<)~
z3XaZW23a-whiL1(f4H4hAD;J5N9X;+{rYDXh;L~SD0`u5&RC8(orXAgq66VcjmKmG
zBsYe=%8!U~gq%wW#r+!9O(TvWdwcI^^mlu4fSMx(c+@IUMX;!fDtdSHyd;jLp2_#?
zTM<VtnV3Xr?zJa}&$O;n3#rOPAjhivkNuo(2c`iPJrfJ#gedp3P@t_H#PvBG<w&20
zP{BzsQ4U9P7*P@#gPKy&_;!AE)~&{oI~Ay1xjIWEM1Oy|oNDO;z*Oie`5G&hrBu0l
z1wFXzVUQ_;?V=C@0%`qr$91I0=~$pq&Qs&y?DV4d{Y5o5(l7VxTaZXKE-{j9-j~(M
zipGx5UXNb&-gMvf&j#S1c+$J*RySP%(5Y{gG$JKoZ|C0V!`Qm6XQ{;{wy9`ka%1SL
zFu?wtigFi&?t!|KQ~CDIpw~Uzcce&>e_v5pQ+9ORKka2=VmcT`FjR73y=_Z_Wgu`#
zVi^$k$Z0wmsMDh&tOt=j-Ql*8{n!$d@-O5t=`qSZ*OE;EN-6-Ny4|<zmn2sK5J-62
z$VF?;0m~F&rgwQy?59Wnu9jUrIMEIlQX)z%HZhwkzM~#A(0A&VhR47=3DIyuLn;Ug
z7>gR{EhlP=5)AodoJ>>k;es8}V5weNzisE1arRo^cuL?3%znk{8uSkP138*!r#3t7
zA8BnUAc%6=xd?Mk{3i&HSu85nZPv`gtv%3MrX!4r+^6D15(iz8c+5CKbLJ~=F8D&Z
zq7Gs)3fMJ?D-m<*x9@s`S7*cCNb825?W6Q$3H^lr{`aM&M4XU&iU0=Hz17Xj!b+9{
z)my^*{rAF~VgLB}eKnK{x)o?w<gpvb3L>pWPs$U>X9PwOPLT3M`V6@snP&rdx7G-%
z<^)T;8L~#dQi7JmtR8wT{7}&Re5vYKFTL5E`RLix*7^-twU61<Xs5hFHTp4>3Sya=
zK`x{Ge6}0ND?ZbLh@;27w9HO>-vMJ%L!QmRW#YY4$&9LYeB{*s&srP%n!V2&OL>l&
zt`+@1luN)CI_zb#pI<euGr<8T7COsihb7B5Pdu}hs!EyVyP`<Cd`m;11{RcGvvOC-
z2c^R3<=>w@WHT|=?oUfdE}Q)C(*Ir@v;0z8-ltrPU^aB_ZGuSny&Edf$8H3mOTg`7
zo7XrFAJyD<-NEVoT>^FSG2l<nE_(NaA7iP&fgYP{L{JeB`$SGMtlSSc-2Sn(yZb|X
zUcZI%ckt7kn&fJgn^gW}k7@M2q~yq;gYGN27NW`cqv5&|vvrV>+d;t^{gH^~l&ctI
zD_(sVVL1^4;-d;FmxfUy_RIE2m!KbEa_!2=2Bq$P)U(Zk&WU&(6B0fS^v*q?)v4a&
zVDGMiZOIuU?EA+wB;%OiOH?-AO5(e&`(s$zr_}^W^_A6gM4>%aCyr_j7sZQ^9k75U
zu`W=#steOa!n@m8^Mm>)=Vyb9?&$?uw@UriAXPOdb^B)4u2p#5mLKt1+J5!G^}_t=
z#Ky(h;Th;-2&?e}y~x9Xmq3)7fP_;qL;fPfb1HX&1>#H@#yFTIWpNVvQsulvIG~qg
z#Q@&Bq962Gr^Bl!s21t>>pSTqYpYtxo9epmk~0RlcMq;V*Jwt9h@*s~m?$sQ^q}jS
zZ2Bl<@f-*{qkfuSR;v9{=W1A5NcIhVN7T(mPOeA{5dgsFkE81u^=8Nm5;$~J?tm(1
zD0uNOaHxSn<B<BtR&sv!=Dw{F{fu0tOB=ko?O(Xb4K%@!EZ(p{Szq6<Yl-9&sB3%U
zT@&<6!iDTMn&XAaLp4cMDs_GE(LisxRNz&+J_NoH#L^rM)_;HYGuomd7X<r=P2lNE
z^wR3f_LFMtDK{4=w0$KbnbpcT5h)o=3a<1bg6fYMvLYGOtS~9#uW*onW&W9L83>Tt
zX2}il(6g5Xi>+z)m`!<w;ijnLZKTJ-*<80?rk*vo6Rn<?49O)>QaPjXetpZQ>L#31
zmzACEV)2|2U{bCAZ@|AlAlH|L6ljCS{L-f}awC+!kWYUs)ZNm3mZEL{^fl_B12``Z
z8D!*_Y%9XCTwj^f_f`sVTMnMR5@D$2;B`=n^z)P=XxnPNY$DlshC+6YB1S{Oi;LGP
zXNFd{U_*!roIQG3_V^^EHw`YZcS&wkdVFvzN?qlf?WcRs_S(%vt_@d$c5&#tf)H0Q
z*YwQ|*p$l$T=*;zPz1||u0+A5p(|#@<#<k9LFXl8!5s1uz1$LnAQxvNx?SdY2Q%Vb
z%F)MYO0Nibn5QY#;ONMN)<P->J;Gd$kx)le8p<nk@|qo-=rx;N_VI})xg-@_uO#j8
zuiXp@cyxu#fJA5r*Vj-2_Kgmr{9CdZrr0?3+e@;zbI{-aZa{#K;lAFfz+RJkQNM+D
zRrmAI$_FNwWKoufQd)dV7JT0^_cMN1-ub^@lEv?WT@uTvpMJ?qq#Etzwl(YMamg_R
z*g8E7!89$`5e4{nBx1DrLkB!WIzMg7?@&R0-^n;s-nI{3iMKZ3I|uFm2ddxZI(>(J
z0%K^p#xf3+VO>6?ni6py(@><Ipl6eB$)e&StUX>8Ba)M#Gm>7CMKwXSA1~zydm@3Y
z8jS5a8i}4;;NX+m=3&Fo_WP-v@NhV&@;oLXxrx+1VgvzwTBs&^uJQCFdL3`eLT9hk
zRIcw>-CcM7*DHeLl~;pfmP1iO3Q^rISRBfc;?oC;`yR8L-Orlk-yDsM3;Ub1liqsP
zWXnoaacoh72{9-FHf`#?pb@ZX)}3@qT2a#}*`>3MFlP*}#Qwv~-jA?r=UBILu~xE=
z_7ReM%qE16Qh7%s8d+IK&Dm35AWyP=sX63gYGe+zaPA~XJf|TsSvCv)T~Zwd*cu%p
zqOlNJ!;$T#W^>agfE6-PVeBitw>`68!O=z%s!NAcB2>5*n6m18BeVABJ+}*GAM3gO
z*$U5XF!?zk+N55~;FSUGzQ^<64dlgdpy4Hr;I@Dym7!1?ge1R8EN6it(<t=GL?80f
zMXKz5qhar&+@ss~-IHU*CbUgh8J4U2W^9Oq3|R#J6rfE&&4+gD`O<!^<|nCHzx+=2
zqMGBVu_@G$JxD@)g=rwC|3@2_4`*WOmlEI2x1@ZhAO@Ekqkx9wdC@aUANy>6&VLLy
zVYjEDl$c+>%rPKKr$8I%5YDvC1!zeP94-W0nsCt^0u<URs}<D?E%BDx*g%K+iaZIg
zXw1U7<Sd5uaAloP8?Tt5Z;nO?2h99T#YY3{ozcoNLG_X>vM`95c!{~OV(2UU8wQ4!
zG!0sv!t4DdAM^g3Bh;(v$(r>uFolS&sQl@`l$tSpe4DGK?^9ORQvJ?12!Awrdf`=t
z+47sCUU;=%R|x@0cx4>4{wW8gQk2X@wMv0z#p>>bR}YdAvTYO#^x_5ToxU3lFS>(^
z+(jbzXC?ht4&KU|D_TU_Ws!tJ`8b;%mKNn@PJ)N>cbP-Z=Kkgi-yTKNHEZvf+Bpy_
zgvzUuHg#22qs*s@(KtVbpS!!-=h*;uKvyqHo;epw*`4Plu@n3LF`EvUP)slrS_<=4
z9Y!NZT|-0l+oQLq2dCYW-Vd#x?rce7jzb@Vg#qmDyf9&<V5C`g$z?8JQ~hekDVh~@
zyXjscM}I`wSws}NyuoKnBooR;oQU`TevZX#iCki7TG=wPs;z}hNeo$v(OR-n6;9fa
z6_Z~R5_*e$$Hz2S6zK@p@2<!Z3w#pqJNl>ZRKfDtJc<eD$BOoR|32YIt8a~1P8rI=
zhJoN{zkoFaA?-g<#g$6<I4S&xifJWG=lBL-I>@n|lg+uy+2j@WE|W;No5%anEe`2#
z<Yeq1XJ@b2B&WZTGqW1()=o-8WtN|g78<ZAv_T4rhPtq)*U?W>wD_TJR@_geHP!X~
zLVYP}+Ge_J%^sM8fi1l;9G|@&oLzJ;dIx8xM^M4EYw?YGI#o0Ek#bJMDZ5Oc=$_OI
zBai_p&WZF*$ON5`c_cFMEbygzTF<S4j3Ht{$W7*>MQ(&-(kw)B>~h7FSsuBczjr^M
zyPs$A&E%+|`fWCNcNSAEQ)L_FI51q($ml8MM5LZ5eYm*vZC=d`v+MI$iy@wqx4hB`
zTuGhsWfhlIe%A21f4E=YqCRqyqNrgNI>mEhiiO)1qDDOjQ7-U$hJjHh>II0UVylAF
zEeOy1$P~B6v}DLiY@)E+9mFjBhK-L{d~6oc<F-0`A&prqBr&peX)YO=9U?6)IpP*&
zBYo`B1DzUedNB(H9&c_d6<GFI`9~_nO1>_^bS#r$=~&~QeOSk}c*EwETd}oG@08vt
z3Z7lVjg$IriLZP|Qq3me1nxxW%SCj8BE~rdWw0+yyskNmrIO`INm0zOGX1fT7%Sk}
zuq-JkI;)Jg`%c~JPZLK`Q_N`WyAh7XqM4S?zBv{1SRd0AU{?#zB?JnP?-}j1^s@0@
zK9S0Uj;btt-rV0W^(Dt?T$d}pYm-hY%|v)rBvZv5v;p_I#*7zyLV-b`x;;B8C7WB_
zMOgOv;yxp)w_s^%sCBhszsu3$Il8M_n*%auS0o?dMQZ5T_5%fs5G?nC+-#CUwvD8-
z%p-P?gchD4m?13C&TeOK56xH-mqg*1h5b;F_zDO6&fXr{*+pN#e|2wOEv;q2=}(w1
zxpMWMP(-<OEZLu=KH(WiaQ=RRuHgttj)GjgZUSfCa1<S*I0-{_`V2RK)GaExh-Gm&
zf0sqGYp797uV_G~)}F0>Ci6W}VqwUt7u%L*j>rwlQ_RwrpPL=lrmVA#en%;QVr@6K
ztt@TzVU4WVfi^af(Xxm&Tcq5E4No=&k1!2nF^`2RU^zDy6ghsTG6lo1Iqe;rkR{+U
zz~*4P;yS|8#s)gaF`g4a;tW>3-2n#;6X__#^VAAd-^st5vFzO;iAd;k#6mQMtP33!
z8hvwP1HFx;6vZpw4PeRg4m#~-q%kYoUWyOfnIF9SfoM~C_*J(`tgv_X^G99{)Xk9*
zn0LAuCMuRLbTYMp>W<#a)mLucJIgyDOFXUv5WRZ>^7BXP$5M6w)<X6k!>v*(>syJW
z@3y-Af#Yi$-eXrkwva5UNi%G&#*i?ZhJFL(f&k5N2uGdk*{Uo0n<$Apm6&qFrCvU4
zq;#D>WN@Z2OCqTs+&=BN8oT1<r+`frGgG2q{dTWVv|{NVEWr(7uC|yTG=!g?C>+oa
zb&bnUPqN5Fz--Z5RUwbZPZc7%j%yUhEKb8WSS~VUj+~Bt?p=m$8ZuD@t4^m<ev&K~
zs>?HeiPQz@$x9M8I4LT*hDpIWiMb?-I*ClnsiTcUD&>J(gHonZRF>Z~c^z9gtKZth
zx?3t}Ep0;f=@T`h4xB$(Q_a+#_R-q>cq413l7l`GL2}d9QR<Vm7$4lCMG86d)it~9
zc${5_Dvei#NJ?}Nj{@fUl2xYpINHt5Lh~+%XUTc4U}Td3ZM)j?PAoUCS7Ma@_&6iC
z#N1KE4IV(9by~M=E)h;R>D>@7DM@rI?oX|_{#n@H!J|GV`0||5uy7jy6@sT_<(A(G
zEyja-CF_7YV;WWk{a`_|Ls^+m(FGOd1%s+)&SR-dkq|;7g`Q4Y6syDMg^pAyXqb?S
z=q^a7dqOTp-i%SNA~;F;)??1?<%87VQsu{))E*(+X~3sUAUcl%NFqd3EI(DXvA(>v
zo@Fd={VG|<K8}k1Q3M85GI2dj?_N{wPUDMQsY?J8eXsXXT6eY5eSZ@x=e9~JaA7$k
zrj{n<_@sT@^CuykfR9$3_sB^_?S=+!Tp{5sU*#2RNCo{mi@K!%JVAoZJuH+TnR4=&
zlA;$q);d?yN?-}MOY+9CC*V4nZhSfkvW~kV7!(AL4*&rg%muV=IT$@|k)~5qJIp-X
z`KH?E2ByPJ#A1OCx)<H!{%Ln~_V!|5ZBDx6UFmiSbZrP5|1q2L5ANQBeJyP!gbGy}
z+SEbA={nx3s2F6R=<%lm4j7wop!NnGipK&`qHxJ!aszFk9%L0XPPrUyDP_57ZVWf&
zhQF=C(Um7^0lyq%bw?#j#{dpaaHERMBOEiSsM4EE$pV-DG`O(cYuF0=r^5?(=j*oY
z_=MgNzc^u5Mc#P${9Fd~qz9?h?AYl!Hlxj2=)H2J%(xBZI^YI}=;h`nfIgU{e4u35
zKD_T9n73tF$(<ml*-#O>NqBW%PA3~vv?^+ulgn7HW+W<hFb#tIcGw&2fBp5>@bvU`
z|MYwHsNH&MJ$gMjdwag$ZhZ;QOtp5arS@Kx88Zj!<m~kIS^iNP3_SN#jtr!SJ?{-p
z`a?*W{_LrOd)_~+c=yyErvnx(vU6^aMGNIGTRcbQEQ!5}`<v?6(!L|7o<riU|DU~g
zZ*SW;7KhK@{uCRCiDcI#B|CBQQ_7yw5@oBEM3tnI_}H!r5la#k2*3cSOJ%;F{eAX|
zz2ZVqvXffv6HDao?Ck8!?#%4$Oyl<XZZo=s2`($Fx=cv5{$I%b3309nnX=W^^q%D)
zaHmqWV4$eAw-VT;m{~>r1}AwS1HQFvXws<7OMBb}QP;i!TcANmg+`^9y5Mn94DXOM
zcSDa76NyOfv&DM=T_dCVX7^qZoW!InON;V|V^iit2?7pZF^4|I*aG7iG;RfAED2aL
zRflIW!J2TM0l|3_vQTe6ho`&*!7hS|gWw66CCJfytZmY|cJ#m~6>3#njMCgu5zt~6
zQ~wf%RDgs>XE^>n&HRukS^Nu8m7;s*l^+mn&leeqIz8!+0AD8BV_$&ALQ~1v=aIA0
zbPdlWK0S&044y&yld&%P2zy=dB_Ts(L1)hM-6j__HGYV4DVE(d850AW{E0@ev201m
zCOIO!94Oxgwt^HiyMTQD*rvyj*8zc>`Ip#ha_VL?bE>sGu32m&o4Zj$RhAGmws5RI
z86Gro4BSMDbOl-jCtKgdzl0nsQsy0Tt(#>oPBf_UlmQ5>*amh@Uy>iR*ll>7CGHuq
z1FS7E2Pjoqg_?fIEVK5-FHogn+T@?s^*pfl(w3w`A7z1x@hw6^8=O3PY?HNYFSQQJ
z$dsWQw<@5e&N4vpHVUt6WvI?$-Q~iBT6kzH<=w(#I>^{P6ZU%bghaxt_*JAJ+KJDx
zmi9sbi05_}{Caq@-~V+8{+E5T$1Tjcdkvx(hIG@!<tfmg^dcRS=N|OACy6E{`xS!l
z=E$F;?aUDGHTT0~_qrd$kc2KaZg+N@&!25?Z>tJL-tv@<*=gK9+imV_Kl@&7oWhK~
z@O-}8L<f`F0v+alI6Y3M2T{Vt*5F93#BqPnZ;9|-9i|x0rYaLFrxQ+JotiIMNSv8W
zkgWyo0h*znwP%lXP*=xKdCZy!OEDB1w}v)L9MZE0@tDvP_F)r1&<rx9iO7psnECFO
zEsaHkLqB}RsJ#Mw=?IAccwi1u&5qq`5H9BDBtyGE5EJr<N<nn>jV_MtbkkXcJuzb5
zWK#>-NKv&QAf=qDhw)QfX(oyg+PHQMQV$YZC`x$l_l?zgYrZd)hZ4A)v)-Zt>*XA-
zvmb}4u%OCSdAo{iD0EO+QTS?2?6{EGkq_{>SW-m5&Xz)}dtprue{Jk3Y_0rAO$}#<
z8^`-@=HhG?`n!DWRU`qxs?JNilxfE~$06I`Jc_auC%VSf1z|QOPNl0TxllH0wh;N)
znD~f01=@8(al(QTp_z)rUxp4xJan2Ri*dF{paV3EiYwju)R>+u4$U2^EQ-f8AZw!y
zN`H)Tf><r4K{X+0+)^^;XQrYClkYncvD&N~`c0gPE}Y*`dw{mL%O~HG(A-GvCXD1R
z$UAGD#HZkV1ljaFaQ%Sz3n|qs-~<jfy>7(+$zYldpzHmLbhlHO(3;jpoyhZ(vn)Ep
zs*|C@6+*CsU)5@?iR=`y_mb=j!kjjh2AkX=n{%mAH$f9PBWY-42yOIDGtQ?Z_uc?_
z%JSO`e?oH^!!*N>2srd5*ii#-jY%8`&~z~#L+C-T1xAp>$0pGATCJAKPGdKdhY?1x
zCD@(QC;z-t#r?A*iLJsRx*t>TVl<BF-SrZ5I#@PWOc!FiM3j?Wp>@f3t(lu*y0)?9
z0fe<CF<Vp>Sftb|j3~CxdOskuuaDaoXTE29U*dabX_j;xA0dDmsvZ)yA2F8938^An
zLRcIm(zqo98vHQd*tZpBB$KPXBHyu~3F3gYavr}y&d$)G(rIj=-$C<e3>?l2yWrdK
zsW{DD@U8n4N5&+(;M+GeZf+NR`^r(LpeC^=G`>T&J=Hlx6QL?gwBPRyvHK2(h{s73
z!=%ze>3}(LEG>?s1r7kn`DKn%s=1f2E|=UJnFQh5FJ$X;*Q<=F6vsdiK2^G^L%0b9
z(<t%`S6Oc|Kk%~~=8VmcZ?SGPcE*XWUz|!{Jd3VEFoAA{FBj=^{i0}gM2Zv%$|Cnu
zYok#xmH_ra6p5QH_Ca6aI-$6TFG7^&#iHI}-uc-sIPz1RcPkIK8_)b8=OG_^W^fb-
z2|i0>cbvz_Ki?&bay5%sq#B|CF0{=sYJq-CVgq=$?{{f{Yn^_@QTGKw_gc*T2J3<=
zm(f26aR!VI*bOK64QUJtjqS`eeiql@pF6-ov^c|6je&zFc$Swq*5T`Z_aurkqd9_B
z5m_<1ErN#ZG@dJ;;=ySE^DSz!R6SFZMG#;wrFt&1do_wnaZ*4jKr-*)&_VHU7#H>Q
z$;V++D;|iWn-8NK7f2(=mIa5Yxz+_Z>{nz-cnqF#V!UO+%z!O7Nu~YdK{g8ME{b#(
zw}Mp!`T6G+WZA|yC4WowcP=c{%@0|rmQEOn2M8??YYdhFes~#OK#%PA?;3OjA@H7=
z+4LJ`Vk`Go;&|+RdzQg@j5R*dWaMyo7t!?0N3mXe5<p(AL%qwpeNf55A8Kg9efg`1
z=eDN~_;J>o!~OOv@-%~$b|J?iel#GzNf$5jS==x6)X`6Q46r#DU(ZbfpX8JEQ~b6O
zTwx}pN)Mtr^uP`c9-3f_yai68EA%H$xO(L#VcG%;U}I#Pbu^^kokLP%lH9)LljWgG
zICc$<t_(HACB%Gs)9VITr26F?@+@n3B$s9U!tq}0`7jFs#}P(h6gJWBh*$Bc6o!Lg
z^Z5dQq9BoydhN2x<@!Miw$cber*U;IeuaYLrudW6Nf2G7vU*Jth~S9Fbmqq=QOFNI
z;4q=FM|-QW==g33hfhWmLFh=52LfW3Kb0}+g&REgA}zX#`jR|0?9Lns6_#qe5h8M9
zh>92l(Uk2P<aiY~61i+O&3`$~!^J!NxpUEbt>I!khG~jUof{E5x_OJ@+XA3ZjGuSp
zU^?7i?$U$laDS=OLXcPzxIBy|*^wV!bVF~CpLu3G+qRXK?-|m&FO7~)<NN$u87pav
zGix3B4(M<a<fk+HLtKU`M>IhLxFC%tNV^L!3^c1uCmQo`q?`-J1d#aF7D4Ycw$R3b
z#->3%ysO!k#m~KYSnSOl_Y}E>WG1Eu%sX~NjK*3j_1=l^%1C@;I1Ik$%?&!dHLwf@
zF-szZO|N}Fp_u^8#G_6h99qFhn4hgI#zShjWN}M8q>m)oK_?>ngybJoF)!E9gh*to
za%R)Fa0rN^YTb+OV-Dd%!<$65SigDKVEtsBhG+5Cl^VerNYa<eElV;w{jM|)<y@n=
z&x;SU3dxL_1mPeKNq8nSe1kUQ1uU9izkjkh0^R+6aMXYG>hR>1l9V+UIRw=%a}yrP
zWE3~P?st<kHbZKrao>WJ7<`Ld5aNvg=VG(RcbWdapU{j$b@m(}9O5{HY{#_kd;(Wv
z&<q|sxNz&Xc}tgx#lNygBnu=g<`-6lF6SB56kLg7lw5Y6q0zxQ$8d^ily`WHrSn)S
zgjh&1g%Wm>$)q(=Yyi_JpjkRtO2!q51TWp-7nax9REZd;Q8uYctZI*%<PSl_rTTHt
zrPF!exOG_h9w9awx5JYr4On~a=^=A&F(14s?b0F%HXn;h>5Ak~K^rJSzaK^9F{E-P
z&D?ZG9%9O^mW~)GsenwfPUC;&ecfp!8J^EJ+q~sGT0fHnT4KhmpN+g?pxq(~$n2!7
zMR%YW2Pi*vP?yO;4b6&+ADzwI^w`bDGxfbs(GjomBu!1dE%v7_3Ho$3oPu|R>72&S
zdxyP9d+#)!z1Lz_1hs)?i`n5l5aXL-T__4Wf)#+zOqv?Iioz~s@uqbph&BMW7AZ~C
zk2cJZzGqt`!DE2)N~CdwG%~(U?s$fCl;a0wcI6M8<jR>v1EhFx^xP>r>#~(p!NcL%
zQGc&{^twMB5j&OCyg;1TX1U)iYN8*VO<{JJ9-#%FMQOGgzlbPw^mjAD7B|Eb*ECPc
zR;O-)A4$Dy2#r5Tt9S+R6^#eofah&Ctd4s8<PrfK5x4`KfXyAh+P+mSD2m!aw7~VN
zXj|bC8+b?G6e*^Xi70P{m*IITa-88XA8Owx&J7$NKF2suaMfXkC-10G7=3wo+QIwM
z6lSN3^S~d!#veYeM2ZH1P=OG%<!2xR!?BPE`z9jn*CE1wWg_f<HX`g75`pEYRLFon
zHWR{331Y)kqXlaFxu|i%FVuiB8eKoSGdEf5$<5)F9Nd|k7|fs*22^C+pkDQdXQQ{L
zy$(wspnM$*y*sMPbW1x^_asj`V6uMWVdiFw6tUZcJe&Y9+~%iyioa#q!fBrHJWaSd
zFat+Nc5!y2g5(t9EX)}AA<TsL^61YOGB!X*r!0^ajR+1;<xF!4u_iowFe(hp1U~Y^
z#kF~s$_x>^;~>nYFDC?`*0!_r?8nx2YrC~0I0OX@6mTpBulVuOQOP5vgwNl|D!p{R
z{?!ixrnX@fY!)RM-k?Yz>DD4<FQ+Gdl4ih*vQ^D`(_Uw&TZ-@&h?qXEfc69tSj0M|
zZ?oML%opPsu2n|UxULKR!~HVkO_=K{FpWkob6WB!2vKWQ9ZeS9^r=NTE$~zN(b+lA
zY`vP^Y4&7l^#z%Ssw`0f%UqUs`jC^aYOVq_|B;W6Ui2&Ylf$xQH@|(|{Pwu{?NE@)
z{4ExpNA4hPk#Sp%TLw~?`3+3LC-9!UQk9*Jw=zu0tRwdU2P9cjKGX+1N9Z9YN%IQ;
z4&sCHVZU0C5Z5A%E@3hWqAR5q;rH9mp8xcGyFH7pnpxBwNAuWCU^Baln#2}Ln||2z
zqO6(1*u_Cb%}bc1eiSxI)^YUxxtq=qs2{dp{IEg)CA^fLktYQbAC27<0;ln^JA8fi
zOK&hd?4LNmml@!BYp3<(v9`^hc1NS$;H0zp{-5vPZ8!hl`wxG5-`Lce{rt1^Q4yej
zA}}BRR15^B?pU^5u-9yd)W@T+z=sd&au6j0k@Ocrv{cKJ@D4OKkec(1b;s;ybg(&8
zSDO3b8C?V(i#zv2f4-Pkkp}*E7xDGZx8Js&2+a5refUiHP{Gz|bctGqX8+xHXdUU_
z&*<M>`f~rJQ#d7^Hb_WzHlDP|4d65Un{YfUr@lYQ*^7+&-FMO_FJ)pFbrfMvP56-^
zZBc0Qh1fQv(F#OZ)2uSAoibQKby!UUFeR5);q#li+sE@4|L?~ieqy^vmiY7L)y&Tz
z4mxa3l4#y^@$S%6Jh;e~iGdpgAb>6|6M@4e64%G>1KdBogUX-ybA#G_=_*wQSSm4&
zMUFif&)mcvqr;XrC;e|P-DHFO^X<3qzInHc+wXq(@MP&M4Y2vFssjI(j<NAXgf0Qk
zb&gA;)sn$^93?o(Dl3r3QVt~S*4fWMci26pJyPf<)NW%{UPBKgFb)vD8N9~V6+$UL
z{KW`fXJ>PNN-|NM&7#P7$)3O|yf*uo$k!a0>0WU{(u%3c`{la};nFNGc3XOJVb>Sx
z=66e>hxGo<O<Z6+Z8vU(NiXrAe3HwyBRu`)@iY1RBTn{NPI}hfz9Ui;9%_8k_OUt_
zePtW8Y#Z{jZOF^Eaqn#N0OJEmy&sS+9(dOf2L8apHHFbXAZR4op)gF!#)NT#O(dNO
z=@%<9VfKgNzRmWgBQL+R+4kRWHa6df@86^E&|H_!CjMlzm=!p+S7gP9N5;fSu1EO=
znVWFxlh{omp*C*kdRFG4+@W#J#9TY>OXiN9wEfSvKzOni?Gn;s3a-in_cWxw(tdPC
zcN)TMrln-{xD9KWr1=G!o@5n{qtN5uYk`&2u#OU%Vy&&ER$E}_jZzW4?qZ5Sa^E7Y
z!U#TLvO8(xmZP&obmKEy%HN2SlD-mrDB8+CJPM+FH+PK+c<7$dvxy&iZ~q}Nz(%R-
z3v3<cf#(6KF~chCfqj+@6>%n>uIBJ}krBV|C${qTyg~gM>UwMd%ck}Y-`C(LJrw%V
z0Zr^j6-rXk99W+A^x)=WhbGIa3gWRcGu-p$<FbA8(UKmLWVd|#kF(S6=yfM=T_DR$
zpm{;ehgwQ|<j&1UIc}%c3d-=mDX4{wqaq1WtEGdbyl(7JjtW79uFX;n%e>v|AD{Mz
zJtKPRcg48Ltxbs0S_Hr1a!}mvp7|*_52En}a3>jl*b&f7upUm7kwBga!)w)=+i-7i
zcxtA+@>TK7q{dc?%Lf&S0AF11`$)Mx*E7{09iF`T?QH*WI2s(je1p@<%38(-ICd`}
zzzKEPdz2^y7%FeX&lb>3A7h<^U4$vGqXe)AXfucw8MvCc8G#2p0ZkSq5-B~$ZU%62
zw<pa6k~F*QQqTtj=xHHH-+gDA<p6rG-ON_=tUm-VTG#rRewr>|OSp(!<A6V!1~g4_
z48tr+D-OE{!>m6ve|h#xZ_sgmv{ruW55Z3YQe^y(2nB~>^^-&JOrSS&GmdN}+{o}h
z6%GGm$?!kkdHBNFzbG00#hr(LVHv)Z%k#fB>9t7b$IW`IxB^uQ(emKA?}im|*e8wa
zkFq#lgxR9vC~rt(aTK{|oh{Zd;;#Ur2}=ouGuQJf{k9h)^y|Zk{F>C~Wv)o!HqZnI
z-BI^Q=|eJ$6173E3G<!sYRypej(*Hjt<b;amu?#y?Cm0+Y;+Zh^mv8ud{awVJMlwS
zdjLwM2TuB<*M}#sSgdA$h$eGPFT{MBp@9@jxJy`Tl#Xs<sE5R;`qeFIxOAjLsqhZ@
zO_(lXq)9>#^oK1lyzt`~Yr+V1)18@~FUMfO7v!<Qi3NO5Xz@&*kU`y0`#7u~G5%H>
z(4sBpF))YWr5pGj=GQSV14dT01&&EwYpwF2rh+K5A}JE2Y4N8%;>W51i$6T$$rh-g
z8%B=3^cqX6DZX!wnE#It^dV0(@=n9z1CuRQmQDK7m<A}#+^l0*AE$Av%wbug&tphi
zK+KBs?HiirMw-I%F(@#ZO<)$_+i5Wv^XgIhbVy<vB!ZUZWi56-EOlDEW6w5mA|!J2
zd#f=3es_eJ_Z@%PDYn;^gLEhq;`|ZU+)r_kVT%Pz<X}E%8|^y-cDp7F)EAX&$*g5Q
zjc^4C={O=WKyA8<H^E8&Bv0{jzsD0fFL>b}`ii_sr<YO+$VU^XcQ&zil@EF{34Q?M
zyLRcUs(2RFJ%UOCFw_L)=5vId9hM_QJ|=QtpYx0m&V{96cQ@(-Eg-yJA*@1kw=i+d
zv;E`hZ-T&9X|6r(TwP9Eycds6$Um8YbBJ{dHwd7I4lPzD=_$*&(my$Ri}O2?COFS#
z0@E4ON<oz1d=X=Jk>dPcIMfPfoj}IwJ?pFgO&h}3P2h{)1e$}o`#@=r`da}jbLA%<
zATDisRC5oaQrGx2O0#KFE~-@Ia3)(q`#f<-lmItP{b^`S^kR}iQ9_t3@piN%(m#&Q
z_Pe9**`VJa-Ce{?Idf8O8Dg?AQs9hFtCTro?pV_djF}A#L!9D7jv3Ymjc`6t+*<%A
zxP~6DgO+obn8w5ir0uzxE8O2G*#`<HA$)`DN0~p8b4Cqm4j}1-vd@p?5RpOdsvmry
zIhXX9vh~Qt$<z<8zZ{_;<-Z<Q9xw^+EDQ?ftH^;0qOJ&NC=@cjjxhf)XLz9;TV;0F
zr$IPffW0e2zHcV)1#X)8;~|bi`f`}Pchnt@4)-3I-6dk&neDYXtit#@kh-j|L#VLz
zn{Y=Ti#vYZz1}nx!v4Y*|4^Iz0DArxr16lljStK1m;`s`as~5Mcw7Zhm%}v_3Rzo6
zn17h_w)A&3_SR=Xm|Fm~EB$rfEPfn?)9A}#aa@LU|K$TSIVQrLnOwtt6*kv_)Ma!X
zLOY12sU>@%p*4Bd?44KdA+|M1lZi6yV?myzzpKfUiCjdY1Yo<;U-y1!xaa47cKnYo
zN2quq-v>TAC?W2CdT98sbb#nkYM&tnM2e3Q6XxRQ!eOF(RPj79O^O~V62M*c1G^Z2
zuIC{RWUn7wS~ViO0X{C1cIkW2V;}l3l_JOc34H>=Xm1ETX7EVr5G~g{{gwvSstM=w
zaY-I^HTAp)NzpYHf80@TWf|KeR(8W17XD6s$Zi4woX6Qs&W0>zRlwRIHKz0rJ00M#
zB!!BjRE2}*=O}R4ht=UwLO2o}{-Fg92SyTS{IhW@PGtE$ebTt)gj}|sG#tR2P}oul
zA{^i%2yWwlK{JG48wlANA#mP@%0S{M`B$u<-CzEqkIDxTpZR<$pTMUYBY&FyY?!Yu
zC_|X#vJr*Bjac_Mh1sKgUtrQe${r`aXGoZO4`T6^>8msSZY>@sHLW<CTa!rQqPX%n
zpc<#=Z$a4Z&v~sBB7R$D04eYKz!V0+vw*XpBJ#WdaSR`SSH-{qfBEhO2V;7Agbo##
zWRlM!dhbZH;v@Yc+{|QUf}JNveyC>c!0EgF5Qj;)o~Mfnxf-F>-b6v6b*+*cnibFW
zJc3eV2mOh&1Ag~HUg)u#@hd0{l4lca9ss8yAmV`L)khrw<CJeYU>n#XyD(yCu0-2H
z8wkm%>V_VF>g;+R^b9C+ZWFP=JSCv5XcT#Jd%C{T6osV(<}_FK1c)w847f$|?8Hb*
z&0zAFDqDy(-4M7*;@*I*XQ4-0AU&2PwAo?Z(1*Yw;Iatk<6?ORrH;Ts>M8-5MeM<(
zAGW|LiOr1NGzBhuK8bISp*v<N40$dPUSNogLd%!$@;t%40M22U0q4d6&JB1ALO?SR
zsx3@uYcXE5fvM&v`nro|(b;M|Qy<k#qDANlIVzE{0ST<b@G$h?H6kr8u*u=P`|F3L
z^RrNchCZ`W`gJ;>At7geb44)F0)&8Cshefb#O<r_&J>cG5t}I(&mx}{cv2Ywhv6f!
zO)q%Bsf8bKQvwTT)^x{X7-vrnOPw+Z&l4SjpOR8CaN;fk1`upz5gMD>LO5P8_2+SL
z1LB0#5blMDpA|L&n^Ty*Nnx@_;5gj`f}3aoCJ^F`3c+H0ar3|6bP-;BgZV22Z@~%r
z%^~?*r2e7?L5%iA0*|6;A1CD%R>SqqGJg)EMb>HDihu4lw_88x(Txar#|d52+hDZ2
zczzlO?v2jDl;FB{LJ4?AVGBw-B3{ZqmyhX1nE8P&c@5Io;lHJhR%VGj#&dpV|4Lt`
z0faGVh=c$exZny5(?x=_f|IxsY{=kIslLQgg~;_e5hT#WCZ9qgu<M8%&3@4NNj~1~
zG-TQ=%_1d{siA-r^=k!zUC<D_%I9=-LeK|esw}6pzCZU+n0CF~f1xvsdPI+B^N75^
z<DHhqNBTppUJQ^rk>etOSPLQ*Q>_*+5mHuxCV?Lpeu4~KH=Ctwn%y`ig-P<+(Z^2v
zhl5UI%kvZbxTvxHSZ(mSf86Uhjjb`77;oq_ZgIk>VgJowk2pRa<CH(~mG?Loyzc2K
z9>Mw7SbvW7bA09fOPkLB9iEbGjLv_2nof+pI3pjAqj?;$wC1mSN5}N@84PH`rNJrt
zEQ#qy`@NU+Bl3nq@RN|d>O)c&$dcjTl--{{KckDQRzD>QiS*upW>iLJJRX!Pl7?sJ
zQf4;G%Qayv#w6lk`1mS%*-cQ8xYJkyi#DX~o`RStB~r?0T3ZtPW^e&Y(e0N-ENYG>
z1H>tCEU!j4z>ti`Ie7+yn5E|NLqB^>{x+&8H)#gvZ{2x78g-n;E#<*wTm7<?&a@+9
z<|p2%n`Ae*jv#qYD}ZRVsywIF-^ogF<tMX8hcACSK6++r8u;he^Wa(g+z;E=^C0j;
zA+s?Z=xG1!=<wyBJ9t|LCGZ7bx5W5J@lxm`y~buW6L@wZ;D?h4+_-ZhA;7(K{Q$F!
zv2e{X>vtGVA~Z(6e2R8Q_@0xT5BM4ebJV$o#<V=EKR$dl=;B9K!?(jx@A&L(_xR}S
z@Z_N1sQ^;~b$Buyb&rmE1JsjmGg7LAVtoJ4kJpW^1k#Qz+d^v~JBZg#TM48cS+-f%
zKz1LVuNzqjq#apyjMPAOj~rL)Mpy%DM_N2Si&A}vwfB)k=c0bdMO`uPaSkAkT}i#P
zEb-wbM6&-2v9R_18;zkCl94lhXem8-y$~&#$6PIumY?42c7~0Z*XGHoz`g@GaXyQ=
zr3N3dy>YqV#;twz)U=ILnB^3Z$9Ib1XysfOL2hxQU%E$c#O0-2`5!T<hmrI6Ga^<E
z1v?;rb#Zd?f;@*rlkLsp?1m8oSBmB{qTEq1C*_e(o@i0VWq9Go1&AoVRwHi%RbQG*
z<?Ix;HFGdN$9mx<Fo&sg+_~^k^u-O?Jc|vgO!dM`KZ!zYvMDJb5D%s>1LtrOC4y{9
za87!^lB+bVb2ql6N;{7Dtpglo0Ozq|U<(@EDD<?=L7}iX6_#z%G$(r3K+A37G!Rtn
z6SPLIJXlwYP|=NJ7~;&4mu?~#>}@Dx7tu|gZ=2_I1Tv56>nx}VW+F{twzo*LXuj`e
z?!KSk6pe+b^pExh(pO(0oCM<?pkK>SDlK5{VWmp&>7aj%3`PnD7biesy{xxVnrK>>
zf6(vegH_^wagsXsi{BFNmqt+8e{ERRmB~V^exFO8({xn<H4w5$NDET7OkqZ4&uV~_
zZQ=OR&d@~Gvuv$O_Xu{(*d?a!E<&9zOigpztrq&f;D1@2#!9+kqT_*6QtqEr0l+$v
zT?=5#!um+3tFARVT+CWA>47yTQ3oRF=Nwr%S%e;3T|J?kY1Ova_jw{U`Uy^@mL*{G
z-R>feVY2&S6a5}USLAo0GR0$^4|5>jbb#X~nLlx{#L(p4N&_*wkGaKl;@;S*2Id=q
zM&b&zVuv~PxpFrV-XPtSyuD=L+!S;Nqr-#l-l#u#3!(&wNkxo;e3xVQZwEMPs3VfY
z=6%{DS<pGEEVVnnb({MkWmB3Z9ba(H-D~+%42lpDVz&uvZH^`qdYTL$ZBUaDq~TDM
z?bMv?UB-kMBpO)k=WW7|V4LiNYk{>>T+y4KFqpx3ykZOF%Za#;UBK(3%Y2Sld}qg?
z(bbuYx+Zs_ixrlIF6V9-!ep4aNd}yKn89%dJ&_pNI8U+T)OYa}!CXJEtzi^<w4gx|
za4sTDo#)wIkU?k|EnkI#(<DC;3WUcb8oK-#L_?FG5MBwTd^Jx(6nMhd->YA<Xp+Nl
zKN??Pzw-~aHXWz&!tkAlpYkm!3}wiKf|!<Xhh{aT$mS<5D`9FydZOV>>ZoT@VNC>W
zqr>&t{|;}&5F;WH5=x2+Y-Csa7$p9s6rw>}rBrv)#TackW>*Cvp};&vB&<XM#zKS=
z5@ZA349N*nc*<QMYHb^lEFaJ@{7xS7Lw=LQ{9dfY2^IR5VRevbZ`<uZE9aJ;<6qfU
z`Kiyg1`M>(Z};8|2ECIJD+jdH2j*6&cAycvNBdX|YGhm}94g9)f@cWpv1Kf!7o)is
z*}S_<uE4=-WWf5oaR;X+`%(9tyYDYHF?x{Q%^-5c+^N|xs|k*Q!enJqu?i$xSw+%L
zBCe#7>C%b|8kLj@8%DrfT?4#C@RmUdwCDCSSy0t=Xp70A>X}TK3Lbitmkh{1zZ6wC
z{@v9KQRDDn*xBrC(txW3TtMcWAjx9z>@MI9j`!ewmDsR%@4z>CyUzay-fy&?pv7R}
zDC7&_gZ%bK0(1e<#I|UCCf?KNam>f-D7%hT^e^+{gdy<Vcf`5X$&v*`f1M}Ly(r&=
zNGE*zWfL+l3L*G&9?YV<4On73!oxvYzhDDTk#A$A4ffvdD4OQZP5c%4;wYL*jz>_u
z!{)cmR-a>jdv3jOc$31U8+xyjXb~SI(foitcgklxk1pXbnq)_Qc+m~LJt?h(<N^#L
zT=EzP`kamWXM3-Edw(aghLbr6pA~uv@eq<RiZ+w{DHeNJNKAi3IFo=L^<SMG93J(~
zPP)gvj^MUJX!5oq?G*sILyLjZy`DidZ8vVEp-lW$<`1?mVX4+@Mp6u=E5J|S-z-|-
zLf*GJK%s*k6zK@iPkV#o!y!=$OF_YFI0oPS1^i_zgAg=bTZhN8pPs%<a<dt@n!yCp
zs4g7lz;d>cHGM=89`eW~d|fYbis-3i(NXdO!))9ZhA3IvZ>lXCI~qmY*+U3|JU%7y
zEZ;S5RV=Ns6jXGeaevw87b*r};T=rJ8IPgR4m8u|t3+4i_eNs{H_*7{zu!mXpuBaV
zg~^A@Tg@*#KLO2H`Cd7XK7BIIwe|sWw|EL$WWxF)8mP?hr@k-U6ng#eFibNy2#8&#
zQc(_?ws)=0cAx*)6SC9Er`fJ{mZ^-R#c>M{n?umZ*<XLI_5kOF`jlHio|G5KpKkL%
z3Jz?Ap5<ZEfW0eN_#T-09{BU0|IE@RkHIERzP!moit~#vX(7-~z3@E&F?m_g_f!6T
z{_=qClPS#dburC?aRt!JAvdUFLal==xQ+B8#ww8<e6mDw*8cY-iKcC#v-o=}f8{8P
zu2MExyxglWxDo+?aiN-PT6M_l#H}(<b*L1M7m1(UwC8S`!K8HoZwiOu^_-VLQ>LXi
z4UCO_n#qwR`5|BL`)W`)y(n3n4<V_#>g)}A-O=I6D=_H&<IUlqw-5FY2fe*fe{k3v
z-j`NqGc>BJ-B?ATR4tHTk^z0?QE<+zdxIWe5g5<>OX%I-C|6N(aevThk^5Tk4coC2
zx>LR**W<~8NXdH4(2i-c(5e|R_1POe|Gy7g7iQzCw(cF-N)zw<ACk-Z{ST!H{{0Wh
zcY*sKO4t(W4`y_YVCx8m8P4wv=57r96yTiW<W($rPvgct+{B=Y;l8FPYgqR1x5SWr
z;&hxREbg6EWTdvur%(AuxW1`ugkmI#^O8ha;g|j{^_-z!4kzRbi>_!3^B0}~SZq;w
zQld}2>^emcS@%OcATz^Pk6kyJj+)JuTbo7xMQUiOoDoFRy(qpJVrRVZ@f*F}(P<h)
z(_{V=LZd38O8&JPG*ooSpxx)?1Br>SiZ2nE-7BD>ygVC6@eO`R4Z|!Y;e_-}Vio}p
zrkNk+akr@P-rO@12zN4;jmB>^jd4|x2aR=Ng_sN=m)1h|!yFeiRBFD4{ztJwCGQb~
zCQ+jaf=j3U1pP&jS~_h+CH3kK$*29IQRf$N1)L!PGFb!xB5dpny0uE_cN{I2nv3G~
z!4b>+;x$?UMv+~R#&GOU{IQv2@kAuq!xM~Ma8;&GS%)H0#BP?sBt-g5T7?{+fq`)C
zHh@b3;d%ianJ3jqQ?YLml_pXYtwfz<@>RejdgVs9bfj~*{DB|cY5<`?Ucc!h2ZRPo
zrGS3#hkK+4uC9AOyRK%IlY;Exz^S;pw7PFWRd#krST+#sPK~_6!sx=?H>VkAXJt)_
z6+T=Z*M6X(uh)2>Sr4xHC5=llQlyrIR1Zv$1O?4hl#?o4T}ipfr3lly`UuiGr8o1y
z4=*Tf^UMhNYx?Cn7m7d}F3w3Ma!my>shqk8O9I0e<D3*PH{M)@pqUozmesCJba~Oh
zN<cw1u%`0Y`t=Nv{32GPR8iTDtv*`ZDDccOTyPzfv)qs}i(I%#PTx{>&!xz+ZI}Mp
z57)ZoTG(y<d++L;smPgi^QJ(gzQ+5ra$t5}R<+}R?HP4WggAjQ3_UGUgshW$o<_kU
zv)a#yzisw286AIXUff#|I$9F&zWv0!7y>M<pPfu{FNUi*UV+)ec^};<#x<mpG-JMy
z8m<uHGGN{iW7<xJ0c-RLxK|gTdEj&$uz4FNewcyA&T`X$)ew%O&|Aetvo5@zNqB95
z5s7dVSBkKko6QC=je^UP3tSt=dE^zMjistwp{#h*S@=3I3OxEg(gBY22fK@xV6j=)
zUihIO@{W?WEMjxg(DHU$U~#q>cwqWWQ=+$&B}-g-p{Fhtc#A$QSyz@mLS;d|a4c-E
zQ?Lv092B&%og}Q~mc(y)&&P#(fCygNDoG$B4HK&%X~5)!)HX`=9nNE1LG4n$7W|i6
z^6r!i?BjyBL0ih^VeF*@5*G$z5`Bc{lJ`@RE1CJ0-!b?fSmGw;r>O4yw8u<}h)Ste
ztcZ$9R|ujL61mOi`JuLR){ftQVPNi^U&L@prt#TSnD=3Fj`yq_DWh~(0QDN}ud9M0
z34vLe!#7DV#A$QSUPsXd&@%4Wff@q+4K&Bf-gVYmB(}^>?1xCY9}92983VBMyPcoj
z&zGCv6V4L9nYMRZPulHG-LnP6@JD(8rZYEzUMq||*z(D}lpmA1YC(o(N^*mV1~<Kv
zL4F`lq2FP+SQd@JlLcf{QMRm!8D+_&V;Bk$D0)PEY2MRVD5N28BO>aS_;i~o3TzSR
z^8KK2D@A`NDaWgtlWeZ1<~igqScEqhd=%Y{k;3e?+rzmXJ)Ac}J~L^?S+y4x&r=>Y
zgdNegtGy#X&D1xn{Is>5w94mmH#YdF%F;n#s$kq&*rn_Mhau$9JW|3bKryY7L5npm
z&_pdK42?lz0Z6BV{$6i5JUn@o$904L0XQA>PkV#WTX1lABt|0PYScc-swkjgJ%#j;
zCtMtc6b{ZG(nk}}kW;1CBropWVyjB&On)`%*MhobSFl$?fYfntgkP-)P@T?>faxmv
zyYGb0XuSX;n`ra*!-eVbA#;=<WOFY`wXLDthXM?*-EyJNHw1RCZ5{W6zG36YNxZGj
z*hWFNRJ<#)Iw3Q+iO&O}j*g$={NXUnOgp}^>qsQl+SlfTxr>fE@?YcXqaU=V6fM5Q
z0CP7kUT46P*t1BD#@vm6)|x2tY333h%^_<0RhWSNsD_Z>9FUpWF`hx<kM(&a;5s_8
z8_2X}>!D(b7(e8hxk*^dQ{`{qw_t8avALPiHRu;o>T&Co3gqX?P342NT#oSN0wKQD
zX~^*sO?4buG{Wvii^p#sEy9erCQALekJQ-_$by$UpVzy_Ed!0_!hGLP^T1nQ$Th6I
zFd4w{B1!#ANbbrg7{w7QNuoAs1FSpF9#qH)`a65iVpt)~|HfZf<dy|r1Co5Iy$R6&
z)S4U_W4n&Dh?4T*`3ccI@`?WpY}$tekpF>j_awkTd6knlt$4izDm-Elfa)R${)kU|
zL=lVPn?ApLy60dhyG+qF5Iw}|mx$BVZ;%DA_>(u-y@-_Ok?SM$#tbJA4crWECOiQ-
z;1>_r|CnE|D3?C+D+cjSOJ|uCywx%-v@q~TR(?=AQa`cW+mO&t;19$NM?5yq5Z<ss
zb{<YfT-nOUMTf`@mTDCpNyICdFJ4}fvjX3Q$uS19PlFv=1B47Nay8?(pVD1@9Qk2J
zt6=eKTQrj9`I{>P$~y>Q3JHMSi^-I=eLpeYdwx@_u5qUYA+b0e)9FmLj(Uz(0mVIb
z3%L@K^`cs8qLx!n;%xDVE5}q-oHS_Wdt5~*l<+0vEwBMSMS_%lcSz$Ftxl5l?7d&N
z#s}FNi|qN8rC*B$)f4OAN&3Ga5wk{D)RwDL5(Ilp!$j{{ytI%Br*Zqen$CYMqQ|Za
zP2!iE?Pd|way|Wbh@s&OW|Ua<9Hw^sdd}iNMXW8xX78wVSqp59^@=oDU95rbY|+G9
zooXFnH!@b?wyBKvq<j}O+erf7866OwvX|JOc-UVo@Pw+imjE=X^qrkxcX=V84R4CJ
z*Xg+iyv#BA5<a%5_EguD*MN}i8O~=yNr}VfO!*RD<WRme9&<Wl=5;QQ$#>80#<a@a
z)n5PfEoj^__)GP!%0TR5t~9|v?vD0eAD+At2U>x_%1{@c{e!*!$*6ZSDxQgrZPq%F
zi5dLxGP;0>D-RYS9;FsHaAinSdAKs9hWf6;D!ScM{cVMT+QocRcs<m(MYtT`i-ct>
z-`UFVhfEq@;boCkDJ`A5F|O4@3(Kn}$-#FgVp|_3u4f4SrBM|7xH_w0XU#WWH}u%X
zs^q$g;v2fdvTPtGfylYQm=s*wAPsQ`k_4Hh$F}zxTU-2~Ii{GI6~||FX2)wG|1F0+
zr~_4rd{Fw-4}jn#$!{m946wo&ycmX9B*R!3!*DQ4B4s!+YU~w-m&iqz$G=mXtKjxp
zxz}0KZFTNxsuJWXPqbn@E&Jj8EBL7M*Ew{vp*aAQK-20M+D>6`07rpul_CmsYr9_*
zOuB>N3@WhrjF(dn7zIEVpWs<&jB3TwP1o&&Aji=qEL5gedO(Hy6kc_`bW<2g!ES5u
zAF(l4a^OCa#f+mU)%xZR24PyXHVe6^$&YQ-LSnX%VkoJR6uO;M>hR(2it0X}ef{NU
zj-MX!K_85+!3%4iE+h7e&R9K-lnPdYz#bCo1hivVbO6<Xm%(|gy~z^*m|IuE%k-rB
zSh&lqpiv@3O0-GbL{>TrLsqM*j@9%O1wo{xXrIWcp7MPqRZr=2=UCU{{x3aqe!V)A
zU0p5vs^9!~=r{6l{>Ra3Drq#>8aC}+lF_8v%MP}CScv>02%PffZ?Kzybs|oK3f&~H
zkOLg%L#oi#<XdroBRYrl2M#1$#1c!niei@swJBemYwDcX;nYoFD0fqIEn@H)^(=#J
zDaObV+p;+PMo3sOgCJd;Yw1%t{gve51*fjXdsbWXsl21gxef{x*<!3sDFFaJvFH*y
zjV<=OWg$4V3<`^!9fJoQotqW0qC5gB@5uaNCuZ4#DsWd>Ne#q9E}@Npy7tG$TX*nd
zS&(CK93zmU1^`X{A=!8?z~YM3R4*zFyt7iUb|7B4U1(lIA!2St^I-$zfzvq+WNqC*
zh7u;V2P##$8ec6&Pe}A(e99tf%RqNr6o&4tXFg&$A4mP275ayD&#2OIP-8yYtA+xP
zf*KT%MJ%kJ&d~DUf&B;y#mcHBIuS?)x}tNVTG%_Nnt~|LdPReKISY`*x1iECya}sG
z1Ka-0ikAp+#YBLbV5l1FSp=?T{&>b>fX}1AACnD|)_}o5z%51TE3)BH6Rb2opykfT
zbburNE?et4W>xHT-uliK`ta@X(c#J8S1{5!4qwf4Qzw3qP%f{wQ{`F5Y#Z}eM}Qdx
zP3imNcmY6FPXI}Lu@{9Q5pR<B!n6?zIchWonB~zhM97BIi1eZfA@C<S^M%qhanH~F
zZ2nPdO+GySXzIY~3`iY3H*=8%WgG!|zT6sr(i$tXH%>w&QO6-ODeFuY>hJJIJr-tB
znjOX+oU;X)NQ?8pAHPN)o~lpoP*VwlZs@PIGLUF=3}76%V+j7r$i4gYuXyI(`R>!d
zvPDC`B3kaE?dY$!WNyn{u(cP><0yrIKeCf;1U570uMOTwF-vh=QJ&yO-=Q0~A}1^@
z8Bh2!IQdNUjS=vqFnC=OGI=T#a+VPek^D(#q8dR!kDMVmbIGWHFr)Y9#8(v03Mg~N
z_^dcHfv<uvX5Y`w5$ZPc#d8M_)B*-SG)aPG$-{<ZdX*e(1l0puE!{jC3g~B-^7)0h
zsn$%wMl){J&Adi4g4uJKUBKUQzBM$vb*5UI!c4FvguGrk6QI9|A<KJRRtQwn^Ql=g
z6|(eTnwDfu3}&bD3Mtf(*!p8Pi;~kMn)m@r>07Xhg_9BsaAUd})=nVrhXQxposx1H
zk*b=V3rUHHvoW2R?&qc1HV{wgRs8bgQkt<}HxrexM-{mZ3aw={7bzo^?gE%pHvcDU
zG5w|NQ)tY>%u{&G&yaKq6YewQno`F7!ct60$7bDpbD+|jR<a#`-b_?gSLnYz`ID%9
z$%&uDwKR7B;*vdSwL&?y?;+2V{}5@OHmGAJ<%gXcdU^RV;j|OHIEdx{4sQt8*U_j~
z)0tOQoO#mKx~g-bRzvtsaTxx$tIzAv&noL??-)e0N~XCT^Ah|vWh`fGs~%NNnNkOI
zfRn@4^eVM=B^68UbZ2er&FOx3)B|K?a&-&*dN_Iw{@!~Fx+nVpV^sA5Mn&<iuUF)Q
zuhv{2{36G&N9G{PPlPYxTr0^7NXm-h8#Y6l-XNL|{UEpj&N0kpkp~*L2X9XHPP)gv
zciSIy{|tea2Lu_!lQ%Jzc)%YQM8+91XTZq>asMTJlR_<Yj(>?u_1a2DcqG`(UVgyC
zuO8U5GS5%i@7ryQ(awJKVeZM{j`>d_g0;4@LJniQ`!1iXp{ka%Ex}kVb!%D!VQVX@
zu*-RooM#ed%13y3t*)-Z(lkAy1i3AEZ|b5&^B}H>T)jb9?!>zgf}|_llY((N#_$~5
z=%#>F6Vzp;(tCQ=Eit&YkO*?DvhEck#O(*(>YE+Ytt&+U@?T0`a?$hA_K-{8PnEY^
zf>Ec&2H1*<R9|(0`ZX51dMdeh;t*me9kIM{(Zc|$CY5&S4N5dF`HVB{BRLICxj|`=
zmdcKm0<%`BK}T5CSb+}H$ti$dCETkVu0&z+O+f(N@J-z3MUx8O*{h8!L{||JtD*C2
zgE+u3eWtv3*HEkU;$7`^XYGIQsMkFKZ%)zH0Fdae5OAeowYtJz&CP{lmz~BI`WO7^
z+qd7&zxBR-{q3=^Lx|g`u`E9Qr-_SZi9RSopu>3_C7By$z<GjyKtJ$sB`$={#Gfw6
z<Wt}#5RV4EMNF0ST)4#@g}_l!6!hqFC7`-FV>oQAyG~VY|3P$f!BPGFSH1nK-d?1)
zf7RK)>g;)*KPjoZa9dSK1^vlif#SaME=Y!@+uEH<`hf>j>?Op_3ck{$NYT%)@;c_*
zJ<Ix)@JbG2b-lkWUkv&IELQ)^G<}|FOWAo01XZj{!=)&BvRB05_ihHTdkhQ3?rIHG
z248LzSS6G;srts^4psnrMxlRVvjD0;uTc7|SNm6jEb2`653BH#e55O@_=Wm90Ltd1
zY?$m0qEmP&A;B<hkgQkv_6Q#K0zy6)c>s%qlA>&D=Vj&RGUlVW>bn^!Fh&Z3p<5c-
z!SGAy`+G~maZpbY5s}>5yJu_^ov6}TXNmYRz90eW9-n4zlH~zg(iX2i9UFBABdLs`
zcIyN~uNtg877ZD2N4-&R9}M5@?e&JkgEvP<Z#Bq%=x4qg`2SIEnp2o{V?-YQ$yw|!
zQrNqO;{_RuHxV}f(9d4OAcje5?<X`8ju$NZY>tQFBznu@IE+Bd?Q?ijn4Kn(w-{%3
z7<n71AN2|q_G5lBm7H_eR~Cpo)u6_f`cgxPbJb(YX>?3CZzDBPLe4!u%@Y3{qiBV-
zFElCwcAdCZg#0M{Epe^5NTKiW+RwnYN~8_Y3)4jcQ!s~_OT1KmN_098w>av*I(ylB
z-TmdTKRD~|@1Gs_M%|9nI5_IQI-^W15ZzKe*`QaE`1G=;TDk_Gmnp{OiNE^}$YtH1
zINo_{7R{k!@zYdywOG$Ok4>!Ow4*p{|9g@|)3(4u?MpXlBWg+?;%<5*7>nZ8D=4SX
z15Wzsmd<GTsliA7q&$5v1_cOss;bR{BB#Hd2IY0|ZRNAq$V-KeDVy(V1%I5ajo>LO
zX4RbOg(YjvT>PG}<@pI4!`hG>vZSe%ui0YbEgcb?5<f9M9#~~%3k#XA>s4osr;EZv
zrFNS=y!#mJ8e9iLXd0rg=|N}lD~&o&oZ4;S!69%q%x+{moi}JM7U9SOF*#wuB}`Iw
z>fn_Y8vR1PGiD3)LwZKjMjhuxYrD0rQh)AVtL=U?wPPhv55xUvd;yb=gOsm>?%t?B
zczgCsZ!qNgm)@x(@i(1O-ndlMtM2w>)DT{Y;rHFsQ?iM+TJ07LFHHtR6nJ76+5H8x
zvAFjN1&6D+*lphahsWao4o~Y-Pd<kfBuWul>)f=$EDwb)hGW(o${?yY7`f`qWY=lj
zYO+dm+N+{TJ{D$7J`ivvAE>e_f2yC|Q<&{7(kz-&?c5OVSLh{*#QSgQj|0~iYzuMG
zjh-S&*L?*uw1H&NI12LTTJ(i{lrYSHn+JRBvs2dGup#=ULrGwrTJCy=*Dv(2XdE5B
z{O$PY84h*^&E_?Z<KJwzhcLN>3I4|)!#2nC-Dbnz{Lua@1GEV&uV%z7^x%_wbpe_O
zPR9Y8w{hZ!8E8CPZjv<iO%H53n~&w=rU~iN=jhsK?FIpGGh*hzw3OD}yy<;Yd#sOn
z7n(n*MC_c98vq%9F$kdRAw>Wu@l9O(b`qqqI~I}|no;$mvn=uF*tM%S5VbU>BN&@m
zWF$(ms`7!F-n(o>Np^R+h?1<LOn_B|g5hZ+?A*N`%@XK(X+`oL=N;~w$Q-vjQ#zmJ
zJ=0r8S<!zHy;B%^1L&qvcsfhm6jr4AQ0;c#v{&)G^Ae~4?|C7N_#4(Efq{DsJ%q*H
z%uT9F!9eYH-|L~`dFS;|0p7=Y)Hzga6BLdWV-xLQA?t5xYg_++EMRi80s{#B9*6_-
z5!b~6Im9o72lOfGOrW$W<^rv;eipuoJ(8PJc!NhC>T$9WB?PxmVOFYdl=_KKM-vmE
zVcu#_N$b3stoHJfBT@YHQc%6v<=ay*#;GC0C}TcRlFHPOQKA^14J?J2@OT_dcFe!H
zS{XOLfFDjGa3kLO7_2pkG9nob7x@yEtHdja9qJQae^;u&Qx>H5`%(#<@r@~lT>8$m
znkeK7l_n2dL98njnV{<#OU6;S_bwYaK1tN#>OvB@dhT8WrZ2CNxiw-KLse9QRePGM
z^jZh6n}BLWuFdi~RF&_=0oKI%s$!|}e-%}|NDR!Hx2Y1A((pm#!lGB-K|(Z(XpLfG
zBauN`tkkR`G`7y`keve91?y2;n5@I7GG!idP12>R?V5B|F}#YT%WP&Cq)To1Akt;A
zTJ9iSnti)Q>9Uc?AYE2!R*^1S=XFR|0qlbHs4ZRAVN~fdkGNjx%FQ90comzq7351b
z;p_sIw|qzm(=5Wfi<m&O^~;z}CA*LrC|X0x^xkU}Gb8Y#RasTg3<FstO&xPRqLwNz
zD>XsuU1y2AhuhQ@G1K*nLB3!<!hL%Zj2Ag~kSGE5b;^<mR+k=?UR7j9>9fM5AMn~u
zmr5Od>tfaxL=`p_KMq~IhP{Kt;b8>1V}i!yiw;&(#Gur>NV-Uihj7=)Bd$fhLO71H
z<UT}9CQE^|DfFu&baL1F1d%c&7XmhOKhUx$EBiC%!HU)Y#V)p~*acX_*u*a@r4+V|
z@IjQmaenIA@(RNsg#ak8gzC)ay-p>d&GEhSd1q;?kxc#L8W7oGj$2b-y1aK8RdC@F
z$#}tJd!Eb3--{MuX3QscJq{Kg+=ml)5oGj^Ld#y@cbvu#1sX>O6z`~t6yT*-$E8uN
zH!!ux!vt;YTR!N39q=>o!Jj*lEa53G9rV?o{`B~<@*+ZgvIdN?9j4e4r{VJ_K)JXH
zk9;+_WQIa427bNPxZUp^bl)6}&bs&w&e>^yFj}(r1NPQ~5o`J31AZZE%bcsweC3<M
znxRC3cq^x{)41*ZHX3x#_WCCWhp(`N(!JEQVJQnHWTDmKBtPR+?>fy&yGO1z8SDzW
zZS3WYZ!;^57t$<nZgdkH_l#T~io(`T<@+>k#~5q(Lqcn9D={dcLh}~|cj`YDY==Kt
zhf$sO!eIZ;+DY|AidxLh_Oh&>*-qctSsH@IH~2j(S`AU9SNEn{<BHJeSS1?FGK6xu
z2kZe^_SmrMo22>fP@IUyF+6lwkF_#P$9Q7{N+X@hBCuAQp#jWoDHj&H`ioZ5=uQWv
zK}BW3PODAb0Oqz-mYD8m_KUuE9Q&*lH>WmjJ<Oyu#^+8Gm*8kKH@n8(+nr-<?gj!V
zQO;SEYoF*~fY)Of)0o<)xln_r`d!>p?f$?Gy;1_3Jr(xY>gr@QLoN&`rtbnb({_xN
z*-ddD+;rOQ>1N&}-}-PvWs6Z;tK`Cc%wno`Rq5Js-f!BteDl4zb54J$x5_BA`{#-E
zw)s5GJ>?CrVthDxR)&lLj~EYxvwzzDej88ir|qA1NE!!jQK65iuoyKcTTIvenO$D7
zy=7Cg?23~~&C>LyVl_)srK+e)b{(rgT`JYFEV`1eWSN8KN+XD<Dv-I^LP)8zs)1?A
zhq7M7(xANSVA)%tdZ4MjDuAXB*}H!`eNt4f#b)Swl2u;-fV%@k7#*wmYk4$07@g79
zsO8yk)E&JUc2bfKO12wKZ`8YcRl6%GT`Y!})428d^E8p9$~=pe_cC?3bUU@JeGL_~
zlDbw+w-JOzPt>^~hLvL7<*8r-&)iFNQc1f#+R^z#IzI*7znzLZyWmzjoOJ&ke<7Ru
z*PX_+(|q#~JB`KHT2)Tiia259PyyFD+MugM^Vm&TU}#2-Wl1@~EyuVWEPiY?@sreG
zJDd4eY<d!TmWaY}6naL8h6h4YTMANBTm+%gbQM9UUTC(=cosz|1T%j+gJQg~c!QXV
z$pl)uPuW7Cr30GN3?NnAJl`cvT~W{<ek|;7JeoEHTgy+`)cjCcou^8tk$Zs{MsB1`
z9`Aoc86Dh2KeH4p;Kzj<ASBKs@p|^@I0{qWgULFFrsg-6&f@LqR%h7aL+o+IgV+XF
zKbZwI$p=*NP~5qL(b;kLx6$iCue(3gzr&7TqaV0vn?YJf?____>kj)Tr>_UyVNVA=
z=pA)`>+Pe@_Fi`fhQVozf4u1p-l|Ou3*(L}EQ~?!*RwKK!1~e%h>{Pwd#0u7?%9{7
zySL)fboYvu#(qO#6@Eo@o&vM@n<PvTLW7vzNd~`!rT!{~U+DJuJCH%sg&J`diOLtm
z#c{HT>0HEY;Q9v6$2^LN;$|&>d_Q)BO~I?Gwv{V^6_h%&k3_YGg%Lv3YvTHWtkT`_
zw*H|k5~4gR94|UQEIx<)u2u;~GYH;&7#-}#XzVC{iVcuvQGze}GBx=FbjLI0>9a~2
zzRF9Q7TdSw86#txnYj4&ka<k12U!?R93zQxF0JemvWnQcXJIz0v}u^i8Ui`Fug!EJ
zHZc`rE~Zjvt6fvndqXtR{1l`xdkVtnitVf5Sie^0mKp)b^4O78u~tb?P2<Ap7945?
z(_BUSk#s**i|eN8Vh#!G2_~$cg2CviLb))?5cPDU?5j2PN7LiJ1Qq*tsmX~a=}R|-
zUOzmE!tTFgd`6nov@rkrUh;M^$VIV|>Sfis6`1_`#CmsAl+#rp5%qEHfFg~@tj>Hf
zT95H0e{igC)Z~j+eD%z=lIb$>Lk|o_*wpXt<!a_5(joK)SvT~$<HA=D_h+ooWbs_a
zwhQEMTlMx%VTP;BkFoSd6V#gD;ef9fB=!puYXq=J@5a`avOIs<d92ty%JQk(fmz=y
z+&Xy8H%%GxJi6M9Q%Q*;Hw7+M{V<OUX-91;&;~emlM8wSn39kW#3`=fs<svbsn(|+
zD_(K{X(Xw;Z(u&rM!l~Hb*m!bSG%|V18Z~ZAkUYlQL!IW1hE-g<6{LyPNWe1g1zCH
z?ShQiilRYOYz0|8bu|U90^-xmj(7#7;$9SrLNagLuubXHC;YrgildO9Ha#k16|>xH
zp*p2-R%N-*M|hKlR;a~H(X<y~)}N4b!la#%2-Sio-|TEQnkZPWYdp7Ub&c=M8rz9o
zG5asqy0qw$n1_|vw64|lHC;>2wKidiY>L~7WZqWM-Gn@edTWWV50K@N>s5+-7?~cQ
z!Rn}BJ*f7!Ok7PMjX{RSouHO2UZfh=R*Z${m(T-qQTxqiZl>ogT}_lfzyAB6>aQ{E
z)c)$y;t&CUXiahAtM9if>U-17&hR7m0)oK^<Ygs*A7&BbcC4QutL`f+--(rLM^OK<
zSsAQZ3kCWWYjs;_+fo~!oCbrDu;qI&bNwK#b{t@52q?TR$ghWLakKf9T=R0*SkgbP
zL6Iw7CSRD~`2AyPUvfT#FGT|rMe*x-v_{oRUhaE6lm6g-%GC~`QU#43Hky(qY)Vv9
z`)TK^WUNtB`zjghk_@m$2j=RMCaZhKdofM16O=wl8RQC|n*tr<d)522^Lfq8^Uw^k
zF2?whlt)}f^&m<{LHgjz;fmY77a1I)X&Rias}P|8>pn`|04btT!JF>wqoZNLMotR$
zAI{O<?4kqhq(AEIg2QPT;fGkGqoKGnEXYejmap+Cm`9#Jxxor7xy2#59kU3)&^-?z
z0?-2e#Gm>h4);d%YF*FqliAe0gdXrik_z&jg+3qjy>N6iJlpG^ob>ia{lQu9x5MFR
z*lFC7dhAQBd0Fg>`9W|BGcd*lJV6%C$8JWk2S<LI!4R4=>ZLGa-`|TA1RQupA&@#4
zWx#ZC5~y>iAO&pRD<?Knh7Q~`CHF`*hi?CM%=+HD)M?nV;I}v_h}|zp;dXR59Q96m
z19L7nZCxsaX|w8MuIH67G;Zj6-Uxq9Xq$8U!*H=qS<1L*GuyTnStc1aPa+Ol%)UY_
zYCpvLly#qZnqK&EENyTgnwS6<yt*^Wf5}m+%v6P^q%0kb&PM&?z3%Aj^=NcD6!yWB
z?#rXzK7yGg3y4A2&rDhhUQTO{MlxqG2NoBTa0Uo;j-i-f@OmE5$1Q#K#lyxHsthW`
z*qU>FNG}u2`8=d1MMv0)Krf(V9Lf)4yb9=ieu`v<vN$@oA){+J1%95o&#0fR8neQs
z)HDxnRnh~wcA{kK7PO)u<xiysBRTp6=bsjK3f|>jJ=ecu>m?^8Px9tZRI;YPO`sG_
zYs-qV4vHFZ>+TgU^S!OIW~Y9hI|}n6QA7X17fQeT(6<rej;X%RB6*69`){R(TpL0#
zyUZSF^E4ie;){2j)(v+jgv9q<a!#NG5?Idt8{mS^XHCQ_cviUq`eATmrrT5YOu&3s
z!6<ov52&upgP4Q}l&ZzbS4?Y&tSq7tnfTqg3)4tDVR9OE_o~rI;JKVoKkZluB}PJh
zA%v1S3Fv-DiyVd#qZfI5QcSJ-vdQ6_*sZ%BQrf~a`DLYY3@NUC>ua*rbzO4(X)&Sk
z*IQOc)?=#yZ7hF0wgvP_6fjs+j1)$-@AJ}xp|LJf9P=#E+zygbtQXX2_-!5>_<=De
z#5MUU)l)D~GT2C`e4a*&WDF0qZw-fe$3ar&XicbMhQ9tuSQb?k>Nwo|YccFwgebqw
zgBH<NTJoM}R-CFq%H#GWcvgL?8dNp;t_0hp$W;R?RJM>T&sr1|QkBVMG+P=qz?o=S
zWQBA#D}z=Ex+xA|HDYQEpr$-F4PdZ=>W?6lxfh36g((E!X3prp8TAIWxFd-c8B7$$
zFjkQ$0fZ51jTMZFotc$DvSUJGu|nTe#}O$-oSdy$mc_Zpqebo|JjD<(l$p{obburL
zI=t}X95ufGR;j+k8rS!Xko%e;9OIM1IUV%Tc6@m93LGE48gxg8{S(kX0KXj{frG=N
z-q5KxLtzcr!QlW$_*E;bB^<Nm^A=R7)#kl8&!?V5Xs7hUDLqlCySBlxz0=gu_CTjj
ze>G11v}z48L6@vuu`f<w3_}l`^nN|t?~b}>`-cM%A!Eaza4dkI;xzf0e+lu08V8^p
z>5VN4Z{Ig)x#Ad1$synBVQyQ*rRWC`zl6gUtvr~dCOMCZbwHfcg?@aj<-8M}^Jse9
zjnD22mBBukvSKK{UM-e}2l6Pu3ZrSbwWJy8MYj|{zNuK(1%;+T>KCR8cL6<~#N_tI
zv?|cZYZA@m)Gq~Lb1vCjz1oFLF-viau!yaYMou+wQTh$}cIj(U!7_c5LgW1}4Q;zI
znJ!V_ozkzZ#f(FErMA&7F>VT~Bjs~6Bn#o}tzyC>Db?YtR}j3B5_cO0Sn1a4##nSW
znqYxqv_=it@0PN=g)D?*cIJjth?&I<lnm^LG9OuaNM#_}WB}v9AG?;=fxGgKz!%Sz
zm0$aM-Q!y6a`!j)((T9i8u9lca}owQ{;F9X!YliiSY5V%jZf(gt{kc&L>!tObRw%?
zk%Vjf8~(M7W?l-%z!@a0V)JG1)#1tQ!LZXm7<QcZj<dX-M9G%ldG@pa=aYk<{Xcb{
zJ)WkE^Q|^$KXv}<JZ<=ompeklg*^LwOv5g;wlODBBF`1^U_+gy_ySozUZX@t8+TU`
zR+CO@2e-Hr=dkz%t29Dcz%JnfX|2Vd^8~sV+Be3OMmaQ@tN7##VpXMCVIbUT9HchA
z5EL_>L<17DlLF_j4sd`W3|cC~tL<=xvb$>4T}~TC?re4d`(ff{CYn}pxcbT#@7nJ*
zB3aAUN~so2NLtx})l^mS{-y(-=!?WEEtDg!LIl<4^669YTof*~Ww<n_j4a~TwJ?~l
zwfE!9?pFZ!uMi28p_CwuycF#@aw{YXG_&*2S0yUc-@3na&-$mM!~V&zh7KiY0IUoL
z1<9Q31}y-FSz=THq~lpT{4+P1!i;`vKlW`ZN13`&rfO6;(~Su4yP3Q1)B49Yq_LrQ
z;3sL;L&U+7jD8U<IAuP#3rP`g?;~z$oX;#mbLA$)t3z1APXV0A=$8=8-5A%*#^66N
zGkHP{I_~&76D8~L<e;xQ1ge$2FDsr;5M`}$MA3<_$<vzfTZAdhfB;-^?f^+pL|skh
zqQ(}ybc0{q#K*zej@rPHSL(6MH5IVPrDUmZpaKh^{XrCZ3$1gFon0<TolK-MDCx?i
z)fVcc6_bcFhC#!XH@8#swkr7;3br(ys72S&jLK4h4=pcc)g6ou54wA!{^0G|n_+Jt
zH8U=W+9NM$Wb|vu0IcSrK~2|AMS&=mCoVu-`qHU9k=g5sJQ2}QeAr10N8Q2b?5Mxj
zJvtloPLB@vx}$!Dl`;2Y>!Z63D$eRgFOOz*O3;`v+YNLSctQ))VHm=zk`__m*)FU@
zcy(a;YVOABM_xWo)f;a0m@mE^xA*Jl2Xf&Bgn+689QiN#j!B$Ul{*Ka{k`2Z(S7;g
z@Tgbu!bQNU6$Kvt*OS@8!6(zc_MvtKW8gU(VQS+f+<MWEY<FP7*Cp%XG`5iXa5(8<
zm4S$*G6N)-^{Dljcx4ODgfh*?h}VJOgs(`dyI@jzf#^<PU>bdcF)f#28@e;oFq{OY
z3E@@I#i_WT)nyue2KF_wQR_aKMwnAMLTh1~lFLzDx>mj>H43VJUutOf*f2!LcvUJ1
zolfn->(*rjIx<DIFCmF^QgLKOW5o`GN*At$%Y-24d<(ApAYd+mb2r8BLDS3)0+{F;
z@ZrgD)IB=t4Y&jJ{|-;jMsH7hw)0In&Yi|>_w<ykRjbuDOA-g5IlE+&+WFVm)2_@N
z1o!9o%KMj7f`|lcS%!;1Ovw{*D+8u*YI2cawbkIF6A53$9^%ONz(rNrx8|T#=VJt`
zkpII9XUE))(PoMNs~r<ax3wJ)T+y4mvAy=}Bua?S3*SJ@-Pn3(A+yM_8*84OQsWcY
zU2!=Wb>mW5P=aXmI1?Yt+>PnXWbaUk(}msp<08080>_9=lewEcRsIHk3+7HTW=>Uo
zaEt$g6HL!xn1L|zV9WPR`HpEG4%QTU;K&alaL=Plh?%XRFYR*@dGOFHjFC2cZZf8P
z@9*$NaTgY{GNTKLqMEq~6}I-4P%7E1d7wC|yG=q5h0`bT0C8|dySO!Ut7Z_Ee0`D5
z+yr_p#DaCMF9;juw{#*+z$Y+GU<{mp`rfWF$8rLv@OqdfemKR&$Ph4N&7%ayfjfpH
zc%5~ejqlWxgnxO)m-=iLMHdJoVGObb3C$~pp<u(G3=K%)3?`{#Hw5PpxQi^ByO}?B
zgWv{uFoVh551~g@ors(z<3*C7En*g>S?JCoh!WH}g&A1j07ukl__{mj?Vp|W_j_lD
z`v8WQeiDUvYq_MZ%@!EVU;@eh20{ou^8POl{IQ<}Hz1AS*q_`0KLe;?%Tb)ISl>nS
zH_|7oLKxk9B!uK1hLh+Rrl~s>JV;g4yuJSMX@A&bsvaqptv7q!J31~@2VIX&Zv*e^
z_?*9TQ!s@gM2D0|UW$6>tvvPE(}a7~@V1Me8O_`#UTPsj841C|8$sGCBa?QjRmF@x
zX+oo@h&`3iUJIIZHPt1}2R==ri60;yEm+SB$h?>_YrgNNBn-Q#K-4#MySyxlFq1~Q
z6cXQ*#S@^POL9YiH$$y~^{$)tvP1>gua$M#NMZKc?U9IdvN2VD<+R#Kpff~;13|r|
z7mkG1jG=#*tP@6n^y0d9hKU5uqf4w=7UqsPcgGit7~65?$7Av(a1psD%y259<2VM*
zc#`)(zi~9kwnh}&1J@78<~@$$8-CL{;a5gdKl#j?gQhry0VW}k0<}W;<B(kPDcE=s
zB<eINYs|uEvxrg{??YtBqE$N^C(zB{OWdbFIf|y}*L~j@09m+p<OS7HG)1kLl`KmH
z%*JiftR0Yct!t5~D4-<s%faNQTM;ZcnZR-8U&1#jOtknt_T{T2S_oGe4{#vLcsY&R
zza8L<Kh+46F*LRl-Vp1E?Dt-l;W{|2i7FcZY}7y7d)?dn`_cg=7{40y-<%5V%{Bt!
z(_u8pj{NYV8+v<~E2#@GmpQi7zva(?8n+UHOZg*=h4zMj)!``f)*BV9Vc4A6?=)k1
zbFMs9O|qAF0<26%5qJIRu4$jjZ(Il1XsW$iB?<uhPLsD3ewCgE$|vL3jpvWJ@#IU-
zxaHm?(K3{YV|8I6aImCV6<a<Qe%wQ1@^WI@H3AV$(p4a8nSfe5>j4j9f(Z$IJcJ*G
z)U|mOP4nSncag&0H5@MpN%gilu2`28M)?IMsUL*}z|0+Th-u~~8GjFH2PC%>`ZHDk
zEp>YqfKZz{GJW6xeq8to^!9xr<C2*^Qd<F=n|a`e7i^_`SO7<FE8r8wH<f@W4FxxR
zbO|d#P#Ovl$oijh!wbts0U%?04IVwtO5xCUT7TijqZEeFR)fQKf>I!SFX1g0vFBzm
z=cQsWrq;qr2ha`Q#Qngd7i$&P+}6bewPewhh9U<FZu%nr6Po3{%`P-M7;}5!#0<R(
zdxY3Z+ahTZIR8Hcjk)XRkRE~jf$D1*%n=S)IoSoD9s%LYUEC#3B5yIycExx_{6)l<
zWEZqA-J~7GS^M9UB$|rK+arT~?owRlZp?n&04Grf!7gb0?ci+C?~n3m0elC24w(a#
zSjjl0F}8U5L4hx<X&^lfFpxqCu&JwoN0{4(ptr#K5FG8f8-sKfEdmb#@I!Vv1+U$C
z9Kc-@h>ihszC7gkql$Hh+QH<*oI|*U%o@OK%)j;A%vHWdAMx+6qU1vPKAXqF>5mq0
zJo7K1r!)(qX=-VguXsmlCF{l=K}{A>rjs@|R3?w7XKpD?Q^L>Oo@0v6CcGznNv!!r
zv8Cco=@?c|{Mxi;;`h=@rHeR@l1yqqKf`UbGeB9I8kFOg()v0BwM=-<DEV;;GgoD@
z^pUuu4)HUjRyw1*DcJa?eeQ?tb2lZ#Ovi~IXDM+RoA=DN8^@@V^N94oAaRn}t;a;o
zCAXz1t<Smvj@@f8^5-yGkdnRl<wwdd`@#SB{KYnDd+c5hXy?Wjyp9uadkb3Fb)3pc
zg!t`iMgR{f(B%@e!Or$$I`pruk8k9`{!5%23#qQueI7s<gXd)2MVR>kcn6$+jTcD(
znki^TAkXpLyaLX*x3esZ&&H7lmkvO`@3z}J&wgxex3*h5yFYFJ^sG(t;<Vk^Z(r`T
ziO;z`gKm(`{zWXtXWQEj_&}m4ga`_J(}{5P!zo5rG#@zL&1RFJ&06hjGh#~SH)zlm
zz%@J?IZ?p};fh5r;)XHE{k(X<R{rg^pMf2-@hL4AANfyUM~Gd+wBFgK(+=SyVF{j*
zkI7}PIB$#t^gy~mj6Ycf!A+~x@<VVK`We`Z!p!w~iXYN_m_;PXg;?!J>(Oe_+snqS
z!0*epluBv_(kzMv*u87AJO)@)!J)=$I#U5t^%Vha><CiRY5eaaz<nkS@}aF5Ho>Bl
zNi6h1KW)6X#E~CnO=Yg%iB=$!XEJ%wrB86kbLNCm211CI$4$`Um}%t5d_>lJ;y=2*
zZ6b9NESHb|=j+dX{|GDIoVo1`&f~z%WM^hGgc(x6;wbRP#3@*7jP331?H_;m0sp(b
zy{-Pc^ZoZf{?E?y7teQgUhI7TZ0CQrpFMlNv;99{``%_P{49`w{Ll8C$5JQvJNZG<
zmf%=fcA!d&jik_xed-n31@ucloVG50N?U%^zTA0q;fLNXI3Zu1;(m{q)`2vY(4E6w
zbY?T|lI+Rm%x$4<Jj6jz4X|7`(eaMMR+dYd_Z|TdxaTmSI<FhY#c*?&L@ArONmkqg
zHxardFo14K&~LN`<geBVK@PW=!NkwpsoI1lK1Herc$CI)yo+}>e*#)@<PBj!lEPvj
z!Uw38+~O0+BJ5}U1hT}R4;Pb(e+``Xp#wevKlEUjf$u?cxkNqDzO2Ipw@YzbMPDLn
zj&5RNJut-laGJn0C2gAEko-v-@Xo9?lp6O8ZH;j0A7rBJn<|rhMklF(7ZHI1aCisU
z&1RGT*<3C^x0v4BPqqDjk~ZVZas8d2{FLnfFSfUTQ1<`rAHRR`b^m{eA1XueqtT#>
z(Y~K%FdV~Hb`wM3gp<@k^0Be8A!(YgyVzis4hw!XoH8)kFHx|V!<A2m7CI47$7X!F
z+F8)5e-^ZiJH26}*A5KhdEt9i@f2nX03!b`K$3V#Xh_bKd^;{#zHpMZ=D1oheWi@i
z5kJA3CfzD)Llcf7en{{WW9-K6*w1cusg)BYoQf63VZ8|~;_x_*JaTk3!2r76uZf?*
zemF)pNvts20FDFKpA)@g7YtxVJj>yPat=w;Ss5KaW-A%H*=!d$75mNHeK&KDah}5^
zy&+7X>-EFnW*3me8|c(Ai_9LHgDPF?5To($RgSCzQOY5d0eOM7UErYQNFZ@0QbHu~
z;{v7`cdy=!ZBwq_VV|6vjb}#!)mPpY>MvLcX%Pz=Hh1bAeSqzqjP&2J!HaYKy2bwi
zws;aG^5tyuoWZ_s^S`@oUfvwmzR`d6vwr=lYX3(bY{uUCiVlD>|L^nd=ZgKmv;D(Y
z`~N|H#KVSo1>2W9=P+}*au<2~ewr+>67X{2O<{JoBMC9n!yiWDXdXu)3^VJ-9@>1m
zD;-_zlqx+C>LIquDNyX<Ny(&IaTEo>nZx-xOo)qzo*_|CvcC9{m2p(A9acE$=YH6|
zbp60R5A2689!hNa_4K;qPxbvj&D;!57C{QLn&&|A{{P~|iyzhf|Jje*J74$zhxifq
ze>aZP{623;*Lzrd!`C;2Klo-}V4q`Jkm-|_Mdr8IShlu>-84U0FoGv5EC-DeON;ke
z+G>v)vyXUOb(XjpoKjPt*k^+%2>fvR1~;g3?5$wTtauQWoI4B}#Z+K)^b<%(uY&eU
z41AaQR%GZ^bdL(=Isk4MMwv_9O*swV_#$1*+vk4hCO62)CP4gf94tHtw&KJOGtg*_
z=xkdr-IOHsa-_3J0MJa~IH9MJ^BA<iCy>tEXFt417jt<5=-?#wj>L_xGB)YoL;y+#
z&BH1h7x3mOXpl(S-HwsU0?9<YZ*OsLuw0VZ0s`X`__&BNXw|gX{!r{TO#CSEvm5Lj
zY2k;~emFf9Kg|b_8uR_;j$kp?K??E3yQHX=112wg$`E9Mq+4vA3k;LT6-Je1L7}>)
z?$YhKJH};O%XewLy(HBn&kN>}SBX1@r!es&kH)uJ*Q2nPh`K;_f9_7<=^_Y*Sh@s0
zP`_c~-OP1@G9U&rjTe~2QJBH&EZ;GbMc7T>qy=8vh3|>dGD-2X#A?m`(9d`zVp=LL
z<3*Z9^FyiAOE~pIcBaSX1Kr-Ql^^ggjKrzv^QXlpm9?yVoj>sdNVhddvlz=jpw8sk
z6c_a&&bxvA*eYr{pU@Y2Vzeo_)AD>FDipJj?0c71?GSy>o$L~SvWox<C*XFim^W08
z#JL-KIUhE`W;)vx|7?!MKmWpi2Vj2T`3Y#opnxT65YQtp2k<uVvv34+|Fy17%6#48
zZF6qh*%qfueCqhVA{FP1FMdw(<wpfSIB%^VPUwfMI(6Sy+dT_7(1QWY;Qq_}9b-Qn
zW^R%#Vgsv@)=lrcDI}=*(s)ecGL6sh2RIYUWxWMilBfPsBB#xV<fXN9(_Q$<4L!TP
zbLINkL6n>({@hJ&C`%RWVyJy{5+%);^!Vb~s?OG>zayZt!U^bb@*Rk8GH+U~mLpaf
zyE|!XcFX*^!V>hE2YUpQMZgV$=nCMLrn!uxIRuMXng@AzQe+SpqN9=|kHlp^S2LXF
z2xqyT!VEN<Y3zG20nH(3j=*#Fe5goEq!SUWzFiB(@H&G@=mw`zf~@y8c=ng?c37Uo
z&3^*$dNew1Z?f`sx6}rDw%nxodc{Xc?8l2Jtxq{YGs+e0p%P{f_Kr&I?M0zfolXVh
zQU3Zy<1R^(jUTOXA7kRZIgVn<;@eckd$UZuHw#4*Ke4MRpL<b!BW5i_yu8A3AW>LU
zTIvE?7aW#5>jK`S?JQZO8T3Th;~1ZO?Q9<7<{}AJ8BXZ0v*dteGph?Xh|=s&B%|{r
z3XohQMI5Jeljx03@nnT#Jcn;V8Et+4j{LB70ZE28ZP*o+2WF$S8T1EMMh)jZX1Mif
z6>N;$L1Z4sF>#=nUnpIila^{$<x=A^j|Do7JRuy&pm@XyjNJq_Nyla$4Mjs_?xKjS
zsGI&pIwr=m=qd!wftB5eEp9uy$hWq>#pIH>mm_8MGDv=g?a#s1tIbmN%T|$wx`Z?6
z)B*=nWoX~c+;caDnyMWoylEVz*))Oa$DoQf?VYccf9oj0<iU412F?F~<`sBm@^Uxx
z*@%P|=9u58W6cYE_Z``#Jw~eN;%7BcK7I6T*O%7Fk;S%B!A6xoueUDaCU4V}HP=Gz
zNw;tk7)Pm(gOABR!JN6Ry_uV2t!^CCYs&&4m$ZebiLJxXD%ef1-Eo@umwo`Ju$PYA
zfaIkCa%D}cLU`_0=GHn{8H|crLx7;`6j;~f%gIK=cHUqS=HECrMNNF)E{r66Uffg7
z^<#pfwkd_kb6r@V@$c87+6K{7ghR3b6pxF?(3pI=1b+d4*~;K5dg-)1gTcI+i*FE3
zA7gtkM-GOUyOM<^>;Y`!YLWZ4w6#cKVp5;}c5p_M%I|ka-Iv{A4`)_9=^pn4D&T9Z
zgCv^o%3B}?{&#pYfD`!}pdXb+lnkdL`niBN75b8kHoK8|d#jvk8kpEk)2k@)^cLDT
zMJHk*IZwO8;jjI{{;K3GTUm~&M#b_aV0~9z2HxMa6hR7&h*v<kVql^PUGKcf1}H?Q
zcs*4D+BFIj4*9nhTvR`&!Cg`)%t=sHmIp`oF2+f)vJ@vlsSul{hwERQ4i1mIG)bH=
zy<M#miKYMRZttY~@~Ec?<}S_Ojw5(*`gx19E^&K#0S;DLI2G;}x0urR7&LOl?k6QW
zh!0+9bmUqZJ&cOX-Tb^ZTDtky>lj8o&<loCo33eiei9cC&70M7R8)CMB%a>RqxIbB
z-qVe)5ayER?M@c+bC^5@4IJ=7jH<0W4jp2c{Yj60hd)g}`C<0hB;N8)Pi~iQZw**l
zjcA98U1Lp`xDBL>;TkDflt3FUj(s1uOijsJr_JH6`191p96K#cL5*3colKy@>a8wL
z;UwjYAbJW`q-T}kRGP{6K?SlX1h*9_hGGodwcS@KKt4N<qAbl4Hx?uC<hl~VE~m6H
zt+Tr5f@UnvDDcNH<fn9D6Z-Gp<uly0OtfXac}uRaV3B4pVM98y>#D*$q+NrP&B7k6
zFXBRJb|zJ_I%R}`l}<vFVhypn@5dC$v_kMxdE67g-Vr%6tJGVns*GQKOl!GxEZ_%Z
zGoJ>FsUK=#f<SU1`Qa4AxM8Y!ijI;AanFzj?I-Og;@@e7i(qTKD8%>kdxQoi<OYi{
zM92{~1!@mUJ>@dm9@eFFmt(dp$Xo3JT2ZU=9LTdRa*0k#^7-RcCWf_?LbQwWMe;_0
zKY`<$aR5cOMRqJkM79dyH49f3ctgL00v7(|-^e#oz;G+Y$o8}HY2iw6tc|N+pq>G^
zLc*`Ewy&<XudX%~-LI~;udcS=r>iZF64}Sb)z{M~u|KWyLn%OS<^DpVCKXiKyTpIH
zmu^4K($>G{*XG@^8Y()l*nmlO?JZ4bcR>erw^6sMtF%VEjxkuLc7VsaqdUrCV(P6(
z)flDULtKk-_N$sYY`WPzZc?kI$jeNdv>nZXy7I_2?b9-LTWW9hHx}&Y>-KMhwY^)q
zH$OM{>g&EgUv~++eRh9$HTn4J`!@T&f$=@W@6rceccb*fG;@OhCQUz_MD;L4J=!vW
z*1uD+u%dvfp<Owh$+7v1p!`(w=Sm$~igs)zNn!Y+rb?EE)D}!Dfv)F=FilUB=-kLb
zatqOLnq^u13Mvk&xJdU<MvE0S15opzwh_R~;qAk~y(xR<tzcp3D#MN|Jswx*W_mkL
ze&lLPRRL->ngoaw*AEs69L*A#&Z5Ap3RCT;-k0EKCbgle{Z_YZ0{;>gGN;twZoDav
z^_f^xMq*8zsm$!oj48ug3t!40*Tj}G&{|xHK4{<zCou_05KX5rG2MrW-7<G-?S#IQ
zTj%P%CEJP37N}$rk->#k5$#Rz38yx4#}GJY4se=|_(_X=V!kG%v>_LP4Kl03_j{S^
z=Sqj0OeGJ{X7fP0VnZ<1pxm^LQ5J`}(*vl6(a<#>yha_FQg%@5@c?ty8}$V@a|1tg
zkJKeAUSVsu&$ZIU??*P%8EDh^vNmFhW)Mwj9JgW3+3dhWEI#YZ25pixHbXH@!lZ1P
zzOK$?%IenVwqm~xGVacyo7rEe2wN*}YzZH5Ol>W(1D1AqctEwc{z`XqY=FAkI8DiG
z?lgPSpGb3H^ym-|IbYP8@8XJilp)_7N8!YuTG(unCT;8vXtVbGm)4DB$mNOC5!NPN
zG<LjCKb5AS>DCO#Nor}cWK?6M0G`~`4zR$|5@3~BSk?1QnOj;#w$vgW`W_s+NzE`L
zy;p@uqw*LG^dGra8~PDHmB?%`hpSH?59m%NNJ+k_j-uKF0QSiWsIl8tiyMo?r9@sg
z%=|7Lh5ED7Xp%W592iF_-K5Zv1WsU*KyQDM_~CRoo<VOB_~G<$8b<tMUPxYkoO}iS
z=`7m?JKNieapSSEMlhMH7o=GfM?o~b`8%`+Xql&*chs*=alXi*l>AcsF(kqie^$vZ
zng3MC%_#m9J1oo6LQ4a$oT*aAW^KGUa}#e>UQFP}g})*z-Um+=a#SHd-G!TK@zT0D
z>F#_0S3s!0RQ|NNcrVSO048c8PT|9vJ1SF{_~NYU_AYaJlfVp-1u9;Ik;C(44)(V>
zP1&fpDDY>+xj$C`YfhA;3|6_;O+K7DL=_X_egfF5gs<0Hy~05B@>MG8e&=xX)z(dq
z=C5t`iC9+1Qeb}=Ml6?OHx^f;c8Locd~F&fH%05g#t3}1c!#2B2RM(jn|+^D8_ow=
zDY~IJwn3K{mGjg-cVehghm_5|vYzELL$5UfhKB)nact6V?#Anu2MzF@Z_mHRf7~hh
zLoJ|(n~6(|>*>|m$s1xx(JJ95*1fPeCgGkim+Iuz+%r}T`KS``vHsbrrC&cM<@E}M
zg^XcH&Q^XBR8OQS=6bBKr&b99U1JDnP3qrmxVwAVZLZ+;oF``JwT?s~mZeVIi`lJc
zei0i+W^<t+eY@3p&6O*W)&2j#BY*DOukgi@Q0p8$j_YO41g!c+TBGEwgnv^jpQ6pB
zgfzrCBElDsKt`p!!bN2~)moq$lWf6{_|C8{AmK!|)EfmxJJ-;-$|CC1s2;&97EA^2
zDvg(SK_h_=6p~Ux6&T8>f|{jNbM`EHqI|~)bsK};JyyL^(Ut$7y?5_!+eRLSe}C&!
zpicLR?Mk%eTM}=Ra~#`A-6pml%W1byw<m%~NMcP9{1KELZJPJ9zXvn8Qlu`nlU~-^
zbGora4uHX6F!z}Q?@lzjB<#;mw#zTJhLUH}al^bZBcNdROdN2&?_9+h_{CzUW^+$x
zVII0FxcB|^fAcQdn*M)ESh{Tsz}fx(o;=yy*(&w_+uqrF^3eb9OME^@|G#P3`p@11
z@LHqb&Q%})+-L15sIj|fQ^C^n_t#gja+_^y!S<iOVPNG7=I+g3x@TbRl5f)uaN$OS
z4{ZY%ZyTu8qt&{GDk!fUM58#J<&<(CQ-z1tDp!XOw!)mLz@Ej{hi{pL6?}hz<xS}*
z4{Z`3+9W=-NqlIN_|PV?L??gdHi`GzAmh*9bMc`~;(r~DeTHs}e-bKkwmpYdSFMDL
zq6Mv`{=4_w<tz8wrptkL&rE9mfOj0sP3W&2tiJDOO&-QW#gIR!V#u9qhWyE@hE!%>
zFJ9f^Pf|O?#-Dx`oqyhg(`Eh4^-!(k|Gn>s+w{BBtxQ=)bEl;20icf<^aY4Mzy9d0
zdkd+SnWZkArNX-Eq0$uYFjg5<Y3$*MM`Ukv^RtZb$6PcXN2xpzwIj~hf@wB3qlfbC
zkAInc&ns2F0Ep_CeYbFqztUO!y57@I9$N7(2k4;{?;qKUcZL-C8;{eeW8~0~{{0s8
z<1{z0>{FWxD_08JHr>WoO{kTUuRk7KT%No-IJ`W&`1$?!XD6rce>nd66M0ep>aD45
z=Je}m&U85bOrv?#xitr>!ih7#Ti55UyOR`6bWAWS`F%+{eOXXeRedGk))kx7Sq2`O
zFh4Y5c7MIknydFyY~uba%s%u^*1PbhF~0q28!^vMFn;Kr{Lnl3p?7ix#%|HK_@Q_5
zLqnH`hAs~cT^<^`{52c8_{HY_D*ap@S||T)S|^hSNAW{ziHFt_53MB-;9tG9#AmHk
z^<`Tv&)KQZ(r%gDM~$nywp?DuX!Ou@`R`+#THG|n3esY(=_BrwUq~w=-f085_kGCI
zKKYgWpZ`<wggKAo*ME{?$Wl)$@H;fyXR)LP>F0b@J7B?UMp~&1MY*m6v{3_Q!v)ii
z|G9_^W-5zJSE-!6)S9-`b~5YpXE|SW^js@nws&^T<Ypwy^K5dK9$&M3G8Hkd-~PIw
z`GA=|50EO>CoBID8~+e1^CcxKs0RqBVg#w79>qDNg-+xkIUBGKui`W!E5Z84iZ=&e
z{&Z}PB`|JOzeS|v73j}UKCdMf@aYpYaxlxdeb?{L+q8UsZ|^yi!^F`gCaGR|=tyqA
zeCSC2V8DJbU_ThJ9}L(J2JFvf!2U}%B-irAef1=-g!h+kOMd5)lz;lZ<V)_!-@Y;V
z?KR0ewkDsaC4RZ)<h59NXi)y(MSAceRnPCii}c_{nn?&t8BxumZ06gH9)By2^>k)^
z+6QOWU)`BS9{Sx^p=9BH_gYPPXnFt8^8TUa{X@(91y}aa^8TUay)IDx(DMGF<^4m;
z`_jt~E$<&%-aoXwe`tCC(DHtX9>}IR{1@zcug6@f@qOJ(pR@P934r>qX@6h4;=gPM
z{5x;+pSiRAEw<}V+FbrNJnNx#`+sli_Np~Kv;lu;1Af14z^i>@b3J3TcW;T2)MOW$
z>qE=(FV(XA^Y||p@m?-<bIkNX&c7jMy?$pe<n8W^X=m;-36y`bQp<A+%hqo7=dKvL
z0BKYV^%(_)+RD549{}?Z!gZ$ruFuq|U-zzGB!a9~(3%}q^qFQp)#?88M{O+<v-O$!
z`s;oAgE1deV!oCzDr%3;7c&>{wdfYHUO)(1B%u2q!?~Bl{@sSVyIZ5q_I^JCU^Vom
zWLPJDXqi}}YCCRe?2oe>>CfnWR_iS=nwv}N@qgHxcofgbv#4z1?#=bu5`k_d31*cA
zFH&#*buHYTwai0}Hj}wSxVNB2l<g3?@Ko>A!hIH?&)=_o&N60(an`nHC%-H-o_$4*
zM1EC}?y0qUHHB83r$w3yE|PCjN27PoJXxq|>GGZT7pKuBVSj$IU4F4OlsuD;8|IA}
zK^(JZ;(+tx6;y18Uk-h0HurQE=Ao;Cf&bAR>K{Iz^WzIa8(KONUIT00;I|b*hhHhZ
zE;GjF=H}*;-Cg+q&CSj7|8MSY?fg%BdvCkl-fQn{wf|>xYioOV?|;bV=UcY@j7357
z|Jl6rSmnk2MLx4V^Oen{X%?#zP5VR`FJ^G{R0J{KxNbMD;xyVPUOVfCdn2ZwyY;ln
zzFw&NHg*gD^r<mOc#kGWI3-=yDPrilfyJ&kna!q|Hi0v-;^txh(R;egXQA_-^MoyZ
z>g{LV`QO`lQab;e+dJ)t^ZzA2rSqTnXjpU9;U_vShCGk|gPzs$k-y*x^G<r=L=P+*
zF%S-^3e~TD10Hc-;iHVFEUnj8U1562^0+X<l8!^@VABZw(41I>rR$93<D@!H4bTe*
z4IUwWX@}3Y{|lf0UYtgf&EJ9z%sKz<cDsE3+k1Pv59j|&eD3}HzeGBDU;{JRfEf3F
zW1-aDS_E;Y20REuK2D2;U<&V*Q-{g$gsBQV4r7+Mk6-6}oXyzG+brfUD*8Np7UloC
z%F-=Gz<K<Cduy-E|2KEGANc>5__!S2@No>ps@B;SFR1o~x&GbxcrnS?J~_+i|BhJ$
z7d|J<Vnjv3@*miQtk$_3%p<m$qq2(PFRgNIvugOiliuDAOGDRE=<wY+^VB^?YiBvt
za8k`t_lvBZp@zKJ{4|7`3Vu$-z3Osr=J7eh{n4lDuk%@u|6?P)&%^)scK0gy|AYPS
zi+mnw!ISiPPH2)4*T|*noj~f32pTn)1-$<kyDh%7jxfW{s!tb9Q(m|k49*wx%7|3K
zFfjx>CGM!bh<M-CRV!2wA*{&tipo1?wI&|PduinmspsT;rP_F_pAPkNIF9*q?%YZ*
zF6zV8uP2;FFKI&4kmVilu3gY{p#5`ozb?8Jwb1>2DNWnd?rhC2Rlz<?m#R?Z(3h=n
zk>$MLAy4+n<>7h5x~p?OE+BY&7AngnG3QJhp1<AH>&j==O<zE=wujsWaavQrbP4p<
zK&YFl1EMh}-AQs{ucoO_?X`Q6%~(jbz!ZNQeW*HN<`3Z{hR%vuv^{xwLRLm>)ML4g
zSj>4c=iY$zSKA(Lb#vHjpf187b;AZ`^7vM()p$fs6b%sJT&yL}5tPN3OCdZ>CSNrk
zk#~Ycq&Fdm5xj6o!AUq|;gwC9CcN*z-(!8AGa`kUB2EWnoZaUwJsrXL_rIzCD{jX>
z<2Ccw;m&`H%W$Er+CTM8v)GMM$;1BOo8phw`s`;J{hy+v;ojqao=o}ww|3eO`u`XC
zl-QZ?QmXL;mW2xKv$C?qY^d`U-P)E1t}6TAAdK9}4Y-Iwbg}b~QKhZyI{X~||0nG!
z``_O7=EM2_5}z5h>}F>lsUW|qpUcdmQs=mR_Rw99{I#A|-5p-8UiODLqO=N93PE2k
z{(MgGc~#)~ZIdA8rx)BJwP1m~f|{HHKcC?CxdaO&64Z;SrGWi%u>P`v`cqN*p5qIK
zZQUkTe=+`Vvlc%C|KHr(-I|X7df@+G<a2-i|GC+&e{)gIiyja~9;bsNg*?Oq9G!jg
z`>Z@re6n1mYUlImjJ4;#RKvv<L|L8#%sKyCJDb~O{cm&oA^!7=e3mOBRLLz4b-wkT
zT)-7YgZ^>>M0)K`y<mCX<$I65QjKC8@aLPe*YA%`E}nngHh-QTygh#Y^%nenesc62
zAACf9qHzH}goF=B6z8Pi5*v(SU8S30oG|hW`HHk6^7Tgr_!If{pCr;%zC^-UMsTQz
zr<f*<U+&^Cq5H0#;`zn#tCN2{|9TY~`{EOFo}b9?gx*|{)~kO9<nc%7{!G4Ze|o&8
zXANzdiy?zq7u?nkmmpr9yg7dU^=cwWt6h*_0|Db;pMv#3zVka7G8&Oq+knL8!k08o
z;&h-UBOxhCU5-FnuiPKV|1sG7`YR3Q4d<D}C%a~VOTnOW5hW?Rf!W?rLD29KIT$YT
zF>_GruTgT$LcVN%Jw5*E{cV?u&`;bs_2m>|LHc~0Mon@RCkf$6go~zWM8r*8ghP#K
ziJ-VJz@UNrii<Jw)pPlUJIhZim3`u2sMa&`^~dv*qfg#XH<B{H{)%k9*ofHmMmkRX
z9;SBv{y+`ysks}gKlK}|KWd}(pZ(bU6N!Dxo`8p7G5plt|E2mDx4QV%XTJQuS<e63
z-FwLY`XZkNs;;zJt^2+BXI5FcpG!YDl>anMmhCq`8vD)ycYY}=zy9ub9@J=X>$F!0
z{pM%=kDn_<e$AwArP(j`sXhO3I>^~AlD#WFbI$*^JoDc9Z}06s_<z34r*!`HuIuC9
zQdIc0axwt5?>{FCBy3N;3x4XF205M^+`Q;K(ODcu*}ZSTsm19vnC$a~R<kyRBQPJd
zY;31sqidEQ@=-=}Mpj-tzitQZonUi?1cx-Ey*P=Bn2F$ragQlB6ugcLha<UMHf6;P
z&#%19`W`E2yWyHQ-8ba=Q~6KfKZ;Tgvg{L_do{!M5cEfQ*X9-mpR1zPkTb4B*-C4E
z{9Oli{!WTK9(Bh3e*A%~{5xH7m~zW=Kh}&k*S|UIh5Bib>Up>hgPI8`N`FbiE0#un
z=td8}#65OSIZ}js>~#$ydlJ28Y#54f2iFPDl`|W1p$k4cwJ+tj?kTT$x<%w4I01OP
zbXO0H!qk7uXfgD9x0oJsUzbO~V5D+Wp%RviQn3KGO3%)~+Wg5mr{_z|u!j43Tio)c
zl&Y{IGy5otC5hAI!X~(z8r_Drx29;Qp00~TQA3ebhGo0Y)kR&GSMWz)$Y1zVEB~c~
zIQ`Iaf0iQpt;E53`rnhO`akWRovjD??@N5#uvIrX5Vl`=AsvCrsC;XsC!IUxa~g@O
zsq(LEEA}kzJndKLiilzA??SDzxSXyy=lq9E{vL<4U@8mz793#i`QMzX|M6t|LI3+A
zpV{ZXNQ9dbyxfsjUS#x(UX6P!Pg%i0l_`=M6=XR+;85pZmj!(MI70&+uoPA)PzCj+
zr2DX8&pZFOz4P7AT>I}{+5YpS-G1=@ev!{2_y3>c(*LVp^a`W1uJ{p+(>Zthed{N4
z&VR(Rgil877E%B9GyD9v_jaD_PSyY0dyxOX$fu-P`{()(v;Ml=gl3trCB_`<8O~LH
zEziZ0E+}~Sk1j%RANc`wfo{0Mw7UEN{^(gnOQsX=i8+-7bisXAwKXe8l#O`WVY)qP
z&axy9si>H(`st95(}I+fd;PqxisqEdx1^kl+QpDd%#dnsrRwjV`B$6UAhB1BM~<Kc
zL+G=$s)A|)-7+C~Nd*JD-%43HTUmn}Lk#KG?w%NrT+?1@oU-b??3k4Xq5AQYQv1-`
zv<<z*!CHLh@UzfCT!>=arV-PLIk!yYA=3r_O-J>qritZW^lT~`#nb_rsy-j5abf#R
zmm#hQR*bV!w|76x-UDzVe_yyiJnq=6=I|jOji_t-Zjr|-+U~LYT`P3|eBoHX^ATy~
z{p;yr>zbo)BwQ5VKs44r9XO+_D9%YMTME!XSP*sH=AAz73xY0p6o3!z7oKFV`%7(C
ze5WV=)WGA|YhTtEs<`CTg9G=$u$GSI9#chFk87wSXBihU)L8iRY2T?Yu3|q9vP?T$
zt6sOMKaW2bVFDS#dyoC^T7%LT5!{-D_xt~}znH9j{5&E@$LANvhX<D@XQ$-!?DBY@
zTn-uO^CaOn5CaG`B&1p)QBK4-gAD9G&k58$7bMFWX$RXuTdIH#<eNB2NRN>)VKikC
z8D}I;358I{T&Gc)=PSjFVNql*HfkTL>V?;`bTX9)@4Q)+15c_rn3omgVD9*6i6Pz5
zzN=VW#fX&)7K=S~d%TE07%@`|oQ;{8MHCjDLtROPnkm$AT9-vClY{;^On8G8AxcCW
zR<Cy+72_U0Sn;brMujh<V!V~bFBFi<qK%cB@k&j<$o*U`rhlGDT&t|O^J;`hRvhWe
z<kZz^Eanlbw6r(p9ye28=RD`VijHZ7_)oYTU7okseuF?_o%l1y$)>#cOL9q~E`?>;
zBamn~WOB>CySzM~n!$9#)|ms<^PBQWo#~;{(vqaC7}Mm4C3MnZAy1=fUC~2j#Y;Za
zjO8(p7KZ0N?n5f#5#!@xVNm|_KCC{ClX1>2hdC2No>Un)O3=!0`0&ISGJThTSAOF*
zcUlr(vze#Id*HT*#~<b4?A-qB_?W!&(J5`r9Zrr9>5d1-2X^Ok<AYo3*kJT2XuXaF
z6!YAwbQkxvf(~k5lE3*++q=_wXZ98AyzUnlP|LR2fB2xQt&!isoJT`OR^G2bYQOVM
zfZtRra0(x&sC|tqc|1#{HyLE|L-T<rwLNaV@>G2Zb4tzLfGNAfEFuKX5tzQNz-5i3
z@^vL<FJ?<D6>SQ=@H(X_^N4knfz-b1e(Q-$cBrQ{HlLbtXumJng+rwJoBM%Z@Py@V
z=q#`e`{k0O=pCLiHB`v=6>Wnn?~{^Gw93FT#XDxaQ+;FH%|}|ph89#jrVud$4OO9G
zOJHR7>-UP9n&tX&rgKhzB_d|FTE2Bt?F!glkK*6wH_w~$ajnfpt?B<vKGraw1@t_>
zTY4qJyr81eHSBj*U+BGRDp|Bg`vP%AB}DwaGDqk5|Ffuf_YAN(@jvbM)>b+H>&ezb
z{NES(%=Q1fuJ{Zr+$Ot7l>p<>Q7rN?G|7B9js{Ctj`?#q;}`W8-d}mIxgPDsU6}Xo
z`yR#V!8MH&NeC6AyFdT^nBsrYXCD8*UByTLGmro8?ru-<|A+klFY~Er991vYu2x<X
zYf#p2HBQUXqi#6Q8fmXNfk+jxrnRyzym!}flYjEd=kA%WH8mr3p~qTO+vk11&MoQ}
zP6MB=R5(Y0a?32b<Wi~|Is3&~)ghOu4LNsuE9DkvGynNVAN9)59R7dD&R_VM!~b`l
z>^>>S|L;BI|9zRyQu6;DyNUccSnZb!x~;K)m<CaE!*5GZ&S)GpbD(7#i`Boqd`mGO
z*4%a}6^~aoO7Wjts71=mSEf-pXHsvR?p`Yz#*Dpo9zQu(sq+4pGbUSlTaV@^-Pew-
zqw6no+V97q8>UwI(~ODC09AkeErgW2^<P^MZY}vbp>_8eRJW;u>J|v6!)UrWadZp%
zw=3GtxQ{O0ab}J;ysm?be4(;7c6E?h?R4Fly5V*+XImGex9ntR1@0{xvNv-h#O-#X
zI$U7Z>cr>R3vsK>5VxN19a=8g@W7=Jeh+Pyd?Vi-x(>~>0M6|_TBn1Q<o{sEl2JTJ
zdCu-n#+;Y`ySr7k|LknHcOK;bFY$Rq&S@bD94<B7d2%ykDd~;lB$D@CM#C#QU?ONd
zBA3Hh=o?QEF=R<X1_|$>^*T-mO-YKhh_4xhaXH`1tMCy?*#KlovYO?rAAevGh5>xF
z7Lc<vnGl}Bn{rAdV>wCUlm(68sPn#4@SHUskwZQj@s#{{*dbAzi$*Yriw*cMPQMZK
z{*!OOfAtr`!G`>g{!?718x~NHhF9YZ3O0(ydLVAH#(L1BSB>?c7-fz1|F7|g{7Cbd
zj|Dk7Iu?x}%lU6CEE+)^F}i`z<@~qC*-xj(7o9(POPBhT&i~<e2dA%(-<-V;M$x^E
zG5h@Q?CebG|2v!Q2m9|A`8*=uzsmW*ZBW`8QUVDx^1tbTC4A60ND`@QgA`qGQb;xc
zinWn!BOZ=NEG<|hC0lqvo~WSFc=U+;vK4FwTf4uK7I{l^^0Y~|Hn%n#>*OGc2u%sk
zure5yl$MgT*W|R|a)g}GXoB2=${Sd62dKL(p9djX6tox%XT)ti;+`4tRr~=tQ^85s
z?Q-(I$9W-&oMv4$F;}t=d0ON=feO{dkimUVcpv_)%8Y?BOQn{8WyK3JlFYOi$_1v3
zgz_C{a$9<GJ03dRQKMMU9*o%yc`A6q-ta+JBDm}Hl;{Gc9ms77`4#Jtt*4cs3oh{&
z$~kvIWqFnJQ5QyJABvnFr`K`LQ@Ndz@k#N@#p<R3Z_x_Onf%7%lw7e1A^^(2nAh6R
zDqee+MO2cE+aFiwVHKP_3ATbZabRp|7@JQFj0-m6^18`+!9uuO`UxG7ZbS>(qk_H5
z204w`g(ROYxf#ac5Nf>BC}NTAv8&}gl5tVU4JBiI(HVcUV)(gB*bFuiLOa+A+6F{>
zyLQ_<o$m-87ekg7afsJt!QBBYJcHEsrbpr!Uqy~yl8g#*!}Cb#zEaUNZ$H&<KdYTf
zx5$z%9%)9p5;vWK=EWffXm%~ECmNO|=Z=DdlL1<0<Wvf;1aiae%X@}4eAWPgpi*O(
zM;p%`El6BQB|K;NquRx>V3L(+8K0cvHg^8+8_hESMraX&e1=D3q?$Mt1x*q(b=j%y
zR!_~vk!Dsrcl$R(E^yqJBj(ISnuWb1VSi6kvc2g6m$*ir2=ob|apRm>rwk0M+A9oL
z?j%)O;M*FwbKXv*pmNRZ;Rwcp<y~N1_B)NCt^^;4a`$;2sdfo!-N4%<&O<5~^1czh
zVlXK^VI<u|@|m1vtcaytXeYR3Cb;Ds=6;;Ah-5sH+)ss-kRHU92;?gn&86xDS`ZBE
zb=T&RgM+pnqW#P}9?CUY$jt)^g&E6*B2?#hQ~%yV-K>B*hYjon?I)HGY~#rT5PR;<
zvxu+{bd)7bb7LfC^v0-*#zJ|bp*Z|#>gK}3_a8WXU5Hjb1Eh+syueOhb;$XT4oo<T
zM=Vq{*?y)_CSf6RvYhuM395z-pe-bHoQ6X!&BJYsmlumH=v@tZYsY|o$)v1bF=NuL
z>nPo|5O)m3Z3FQw&95++k&I}jZE`TL?#EBg%iH>8+yi*|Amzo7<)p7xT=2mFR*6g3
zJ>5b7v5>Y5q^&8OEe4@&AXu!IcXBaEn+B2rG@my2ENyNfQcwA{5+5q(G8S?o+D}i;
z^O!^actS0GZXt#N(vw<9HLq@&S2s)R@RpJA0k<!;^-FDk<~~1_EHIY*Ss_sMHFn)1
zWVMRtiDKOElO(=kXsFuX*ob&20(v6?I->vKX%O<!2D=g)*b-(#a@WB)j@SlX2Bw#C
zOAXq}dBTEWF-q3#GBzugF@Fzt?H;z3qy#XYcqG}qI6gRfdmM}+5co#4AgjHcU$K-F
z^0=-!FxnL`)E?-2nWx^2MpVete8naXn9Z80K$D#qvfN3;$C5vZgo>eM!wv`VFBJ>@
znE`HjN{1DMeUKbHE>LEXeDi;k!2a`GU2)G>R=Utp>6*t88M0(VuD1!xbDrBVo|-YX
zme`M-plv}sF(BG5WvYtEMteeh$YX(+{J}-!o`ErSBphJ})v}TV+Ln(BhCA-bM*dxm
z6k&(l)k9Wu0*^({bHAX1aWjkymMFFXSBGE){80(4m}Km^>ul@V$r(PiSIb;zIsu=g
zBr#^S8gi}F8q%96R@SZ6e7b~+RxIqe+tuSrnNM4LeGX@+&cZOqbGM$|4;i61q9wLl
z*V|~Gl1f%nsW3E(gfE5ih@2d}g_iivY|SCI=i?`dcD3w~XOpw^_?qPtkWt53w~3OR
z7^C)Dz)a9iPNaNDqBw_D#!~RhneLWFdaN&{LJ3mq$!JwGlQFDdd#QtD7~7^@j(g$T
z*)or3NR+S-aUqb>q!zAp_AF;DA=fLlf`O7|>?knLv#@Y3uJx0*=Vup}2d9^$MP6PU
zAN+7~`kJ7@tn=0S`nSFOMPq&a=<KJ{%agaq<n77p?=H#9V{&o)f8U*493PQaXBXt)
zl)O8CeQ|Jf{MGup6v+E%D~W~b_GK&XNp)hv$Al(m`6w$mT3jcqE{jv%kmr4x2-aO|
z%GF9KT^VoI*CS3+UJ%;vv#^i@tgnAnnn-F?UnyO~96;FDo2pY!95zxphaw-t6h>oF
z!1U$I8njfma#X#9<oLfRyu3d>yFBg$qv+Sw@;7U8qRyaV+|yPlYSeX51~mb7_k!Kv
zLpMOfwf;7ic#ufw(eUbq<`MW=Xc6}kw!V&{B8Uu0WZqfrZU)bS-7d`Gloz-d>lI#K
zw-Z}mC*R4N1m~tu-ymciJjv=?kM9ntP|rnQkq%?z7Zh8;zVqv<^T(Ru4U$@}*hEOo
zMgYAuhgc|TViBQ|zB&ahSbv;!SOL$&Kn^~KX41c|Y5`|B?txP%5W@}lNo)uZ6gKRJ
z<D6)c5Nd+Lz4a*$uql<GZF96NLqbENKA5hq?22E?X%?pg2i%qc*RJKHl{bv;SBt?l
zRW`rM*Cdx;<Q<jcsUEcRZR`0?UE;G?;I@_}0EXdCWwC5Fh)n}x59N^#%iLW!GZM16
ziZigqw)#A8MLozXw?+m$A&*-v!3ucn70-_pH$ukq*cocCVyHQ2^8=r{4zOJVY<s!w
zMy2w^D`fVP4dT>=zGI-*YhebuUlh$&9&rI~Yk=)#w6U#V%Ym__VLV$3MB4!YM0YSA
zC`*fxz=4ezWs>FZ!K{tfdwdP{9i`EGEm$1Ln+Ec73$(Pj8?<*d5J%sU)6?o@XGn7v
zVd7)P@=+`V-Wo!T@s83)6Bp`^fx5HA)Y`$G3uM~>X?s&sjg&~v$3P8W`$uPnnu`l%
zOGB{|;}KrNV2>ePjKYShLdFddggJ{umyA=eph;Cyn-rzorOhP9oC&lU=ByyA2LR4U
z4g;35Tq>l5lANZI`&QhCc_^JYk}}d7iUZmVGc}=D*vD5<Du8>)nr?6&YfZ_`p&M3Q
zC?jlIW+j57c*#cSf+Z1W0;hz5*Df9n9b2hcTQqxdO7jUw$iy@gB%~dXL!MqU^m<V3
zm5@Je1>~)KQ`!Ec)L^e!cw##+CTv&mQdo8;wmChqBc47klxXZ6G-FOwGN~VN8%sen
z5iapOGZg3%AnJ!#Y_efAMJGE};!o2`L~dxF%3aD?8nN6Oby2P=KDanW!{j(|jX#}u
zlqGS0Vt7R{&amt3kmm(Ub=eWueFr8&2ksLCcX#SEqDg|#9v>HEi2gI0Wy!=h^~51d
z1rrX?Jp**BEKBGEdT@TC{D)S?Lt4yPD5Y%MnLu*_cZA)F5f))0+YXE!4a3*{tL~>C
zoq`ly*I(!P6_gk!Z(kiq<P5i6Go0T=tH5)2I)nQIeQM`sEQlu3f=fv;Lo6Qg@QUTc
zsb3<c@`#UUoR)-KXO3HXj@xy1Ixqywt+WPDbx@JxIA;||F-I>T9~Zbe(BD~rTkylg
zx39Pd*WhZY-EBJ{&>1jJT^r{jFd#UTTrku^&s~2v#^3mC7n!5f6MBrLWW*yp+i^<#
z7!ETv?Ou{o+gZRIN>g%jZY>XRg|uiiic`YUDC2SJ-2B?T<OA2nLC|n?gsgE&!E0L;
zuc;%8v?ymJ$I=w)>ho>@p98aPVEW{wO#fhmK-q0XlcY&TEQ-e?z<)yX0jqNT0bskg
zj<7D6ZEPSMw}?;d4oxbriFTdp;x=ZSZFPUhf!fOmd7HtG1LT>3v54{8wqr9#99s1`
z0G}Fw(*l$fEJliv#&`us6{ZQiD#{X(c3h29M<7~cx!cZjYR_2Siqk%yW`x`NcBmTU
zHRpqbk;8<KBZys~0|r;cyNfrlbr|idWPKMYyBer-)3b!BJ3i_K7@1PUitx%7a)CxR
z2ckKp%h<#=9Th=&vfk3ka#HxF!^e~lOTutS5Cjb=ZKnh6X~wcm1s%BLYhJZT=~S7B
z-CVkmhC_Ca)R-T|Ihu!g+RAb^iUreY9K;!DQxCKZtKD>zjV%)sG?`&}tyCbXn51D4
z@|>M>o^;~>u&xW%pwG$)Dllc7f*PghV&X$pfxEqN8YL{~Gg^#ulW^+|fU<9vyMEd7
z#J_+0FEZk(yoX&Y$(D-QImq&@XYR|)e|^Yk1iFUOzl8$<!*}HPzE`jWqC2&%E{vxd
zhQp!`^(8NlpJSnNcd>ij#ux>w{TUB!mA6>3Vx%XyQ`{*$F;kf43e#Sg3nfLIgA{Q%
z?Sev}dj{y%Ox#S%crKJ(1tpmSrZ*0+SaB?sW6{N6C;9yVc$#8nF5De6yS77{Sfs5R
zj`O6eIka|@-wasMCDEAaOE_gWX!?ia?*iX8lisZN@#3YU&Bql&J=!NTn$r<0Sndw6
zWoEyG!R(pC+P1Xb2$QV0LFpSLnim9zFgL3ft|S@Nyjc}Y0m>fa+~N9L!L!OKfzl&!
zWIgLY9-==G6aaKg>$@B8a}XTY9MDfKXnUo+91rw~84H%5C*wh!s=EKqyXJW8lynF5
z41#0>Y8qPG;oLf#fJ*+j;4N))h-^HawmCS%?Nv<`N#5M=Fu3#1Zsj`=cd0aUsmBPj
zRFc73g$kvDq%D(wk<fH7_DR|tmrdVThSsJ>Tf5t2bu22jNJ>4xrBp<@$`*IGX1fA5
zPW==~My1sG)^oC|JT9;X3^Aoi;sV~XNU67jJJ|5TGm)TmIO^8k4Dm7K*@RG%#G)X)
zuSDyDlY@)PlUE0amuDA0zyI#+?XeVl%A(GezQ4UO7C6iH{%)%~1Yr0V_~8je1LM9s
zf=1KGx5C(RB9zHpuulxwty#;rjtcDr^Ax2i5^t-^VH$FotAFcUV86rkUIgEoV!glX
z@}n<o`CABF(6N=udqRsLI)wCvo)kl6jdAB>La}|XNqJ7w28vD`v5@B0?v0Z`E0?zZ
z;WKVf;)2leYOI2(>NvV<*r`|pxPtY5LzuTYNj*maX{&onzU_#+U=G9p#%v<V+vwoh
z_R!Dy$kF70|DwN2$1+J~?2fZlF^+57MyqyNL(;)F@S>HKj#Lb-Pn41wp^hmz5wKuC
z@?1qTy3ox@bVT-_wDqn^p9Nh;Irz~66BiD^XBF^3cq+=hMT{$2#AyginUEWnGZIn-
zSMphRr=M29b{X={6L~9oR%IQVSa6b$(=`W}Ip@oG1)c^^91!L}x3_)LDX-LCI4ma#
zyJm?4#T>zsnQnS-%|(NU04qi!pYt_KU-DA{GNmCFSnHkx!W@%ntL+R3I}QXt&7tyM
z3TZ);IHgj@6q<c_XWhhLFQNE7b&RlW8@gY*Hk3)*l>=#<OiyAHQ2`K2H|+MojnIu{
z?9R~}(b=93uYw(gGg^w(fiX;e!!mZDr;aUP)8c9>Xm2Knwpxw$r13uKc8)K8Jid7U
zueWdBAOGv};^6(^+3D%AyyUxNEL>W1QX|?+QHr_RpV<V0_7aAWCw7yc*(`#3O~l(=
z@cG2-2I&rX`_)rHXck+TCj5WT<2_Xo*7AtDw)t)$wbc~1{&h}6cJ7u&@7ghT^ceLf
zi93(6Jw1l9PhbiYMVmi*0<`54Wkn0bkmpi6v}FO9c>Jv=wdg$f&p2n~Wx{*LGWQak
zd)juHTX-fCe`~238LE4#O|K>kVR2E&k0q#(S^PUm*fF2!A=`DP6yDdyYwfkcPzVd7
zlt7>^p>bL`xeMqWSw$YSraU_dWM^&Ir{06Q`yPrS8}KHxKpp3&6*Rf{Mm<%wSP5_2
z+j!sPf~qC5WKft%99bB<6)@&*_Fk}SA((udr@qAKTjUJ-vT-ko!*_WC<<H`rMd+H5
zC&tMTv92*Yl1aW<;^y50`}R}<R;g2JU687jMX3-d`c=icipnH1Ia!mwpiFyD)#fBz
zWuJ9RGzBpLA<ts)20Dky0D58oEwJpig<!H5l*eU32<AXPQJNeiKrAtd-Jregz%WTL
z$`bc<2Dw(5v(WE>@~p3EKT*n;1pdq(t)Duivkeg>T`3cs(h=)Ai56N`aG;pfm%TES
zZVZWj#YE+Gg*k&SXwrp1&XnJ%<VT(+6B75ykX|!Fk>ywuL+#KeamMlnb(b8)qR8Xk
z7|`Pu2sgq0fdj|VT^Y{z^qOi}YNd7L9)X01S8+NBG>^d$@u;_=f;?jz_u{JQ%BJrQ
zZ$pWfptarLnFGSaGjBa}>4c#e@3faNe$~=Rvap_2fI3ro(Q=nmm3J>OI!?h`8re)a
zOq8=wpH@KCYqSBJ?h>EL1KG9^Oy<HeXL>hyY9ZLXg{SUa!lp8;RRaK}_NZHQh6x_!
zXwSs|#HK7L1#iLmI;Y>{6{vgWsWH-JJR&qL;+E-yp*@69J)>faEL4*<;II@EUF5~3
z`T?*KH~Bb)03PKz)_OQgi+qC4a<H`tJDSNacrrDZP5sOhYjP*6M=#&MyLhwaP`3%K
zwX~xQ+$z3DN2fg9+}R|n7|J!lk^m51%}7rkSAB2NBq0SKg^*GpkEkF#B~Le>wt+9P
z4?{W@1&f?H*g*WJrQLMN7XuEQxNnf$Roo9)OeEGMQJFAxB&4olG6r*dcn)F2ZIAU^
zA4WM4Oxu3JL1LM$1M{hYxmBVlFv)s3zST9><QQ)_je05##=?G50o(e>b!7sb*=CO1
zDx4kd_gQn}tRo%LGmzYTLaw*$XnVi<;noYDE(gM{hR}XiK3xXGS<YI<>Y=c#1Znw=
zlVzsgrFkzda(U|9EIyu^!w3n=P7oF339pmmw9oU95vWv~#3Pd{GFDFSQ0}vmZqYfW
z`($*@;9bG{MVClnZAkN|Ycju0dYe14$3PZayl_`P9cAItoXYYO+g%kBNiZf-UzaKd
zBx89pF*zCNwQco9*NX1bm~|o>92CL(wZqwc-!c1MKFPDiG7G_E4mg6Hl$H-NIeW4d
zY-;(-zGKn@oZA3I{?4|EYVvHvWc7v$BDXQ*k&b@uifxtPNpD0D@=<rq4q+qu+de@X
z<;@5o-5w3ESQ>Q|Ytj*Qrql<Ed|!_)v291&tQc(pG#UYU*P_v$zyAvbn)Pf=fS_gw
zH*pe$G>_1+W+B<!3vWNVkVlfUjDtY?TR-OmlQ4@pBmsOG#2hez@t+oMdm3(s`GPhq
zYsXTDio=80{U`I@GRW9*@*wuSHH7g-!9>w=LxRmqHlx8;jw@PWIKEp<5Nv8<Q08f`
zlLGIPwjIW1BP_nt+m_YtIKlZ_HG&t~#|afA<tfQIFBTcZ3E$tY9OPKh^~KABLoIhy
z3Vr9LdLm@?l9PzvqzR`H(K#jL`=ghK@|32Kb_nt5sZ=P0FU5}Nhxh6!xYH{QIkqEj
z*T(TJ6i5_o{yA%S-{n)P|MlkN@c6WIe7|GNuK%^Q*WTVO)&JUVKY8f?^F=;n-bY=o
zZ`8#)<4NrT*$OtB<a?Tqr8Ka$xw%vOlDrf4H#Tl=ZUPF!1Uw&X=s5ok=*V_?eDStJ
z4o;8A;o0fY$>qt}X$LZC-*t|g<l^}J;_T?%q5QfDPaU0fE-y}AzLVbofObHR7zkUE
zCj`39+lpGz3K2u8my8%qRVGS4!g@9#PchEM#F8}St!63)HFfiy6l&F2!v}>MAL`ij
zCZwa-5ot@UhmQwC@(k0EV_^(R<$3XZYGNVJCV4y<7KGoVESEw9nt7mB6wl-Tz<9c8
zV#OO+JV}s2E@e<9yD2<46JP_HkYfNnHHmSmBwCCS2Pk?LSpH0b!7?iFlN1<XXjMe5
ziAm$Cq8d!PDOUqY#*m>BLS;tN1qmM1X}Ppe0|w-kvZ-X_JmZ21i&eAXdXH8VloeQt
zAgl2jzRGV{-c+V>If*#Me>XuZqe?<nP*iS&#6V6)G^GQEnc96K#^F#+tSQA~SblGU
zv!?*t#mr4Csfp)gHICPCd&Dr#Fs7zoOi0FZNKaYa-TcQI3@62EM7#zxE<{07P#VOL
z=2Eyoi18Zfv6S`WFs6wQ-I=G|@}K#5g{<-%{*|w+xw{T2TTy%+M`H;qCoX*`0PF+H
z!x+>7H$M;P3=aWp%M__$d59G#J5i>zEN6X|=NQQ{QZ+HIK>dT<2UM<v-e5Go$e(-T
z0;~_9&0)HV)X#1td0~nsk)nOGloWzs@PVd2|D^y3hkcy&eq&)VJ$0H+@VlG|CFOx*
zam2zQP2-U215)HP6*j6)lCu0JF*+k9h#mmf^cQFvyn4$F`6!D)pMc4!W!gwQZ^172
z3L!-fH?836?2cFzQ>dQdEc+*(UrjLuh;@`R20kPy%^ra`)ypsk08yuwHG(n&Mgqq3
z@9?Fj<ff7UL#jxL8or>pTgr<#WQM&dJ6wcy%LpwB3Z<!3EUTQY0<mh-HNC7xRqpN}
z%UBx4A4rcS{ASH!;fUq&HCDNm2oWn~3Xo$|<3O!mK|&npiT6OD<tZG+NRA<?Kj$Ol
zRdOhzO@dei#4-aGLDV-*NY1Wf*vh7B3uzLT&>qkAUp&{_?4Bmm94^b5U}@3Bz}%Z5
zPvB4xp2ve2Ds@in`7}S)e5&sq|0XG;Phn3|v$mn$!1sWdoQ-H~&L>oVlawOy(!`Q`
zIZGxaiPI}UTrW<6PNcHBrZ*kxhxKU)mqgRKBMnlgCMB`Mc;D{&p=9Oij<4MD@)<Bk
z))~(rQ0o@zE;aLzz`Q*H8ded%!n8z2+`wBrubq6;ITQs}f22vG*|r$>MscB-hn72l
zx?tv5D<iej>rJY}3cbs4-Oao$TtNlQ3vzf#?>#o8NuTh3z3{TwZBJIrnpPAnyzdQL
z=6wP+dUBq|VN>oxk0wAzH@SQ-1>s|yYU7<e1uoK=MU=!-A?#rR{EOzytH^eCbjIMR
zGbb`qv1>^z3ej}0EF%hG@mJxpa14f%q6XZN>IvL_dGn#PVq`5B=}m`?cvRqE8)|gL
zA{=8f5R3?EUs{a(2{@j;n%D=81b?lX9z&jrEDpzfERqQs(fkVSU`9I9A{P_!AXV0E
z*dst}B_&E`wQ|Y}LWz4;gO%wcT#~QNvh@j^EAqGql>Bj28q}t0<}75u$$JxT9D4`_
z``<B33-t2wJmYv>OM%xpe#nTn0`gjlRdU!vvwSUCk<J(|*Miq8GtMz{xiX{SkT?h;
zl7;jpD8+$X@G~D1DkZ#(6=Rxc^1I=A65Yg7)<}8Uf}I!fHT>BMhcq8Z#feX7QcPO?
zoUtZ}^PFAt5Q1{cx4HJA7u;xD%vKVZ;&hgsW4J~#k%XEhbkelnWGu(4R=_t(uyFM@
zSIjrO7=-1i5i729;4Qd8+s+1^Q^|Dy2D`J$K7=eQ<N<@|Gh5_aphC1pGF+>(dn0<q
zniyLkr93?$(4%?3uWBo@Bx$Pu#-ohq1#XPt14>X<QX#Mzy)uac+#{1llx2xjHzBYA
zuq=6(nwpB6#b=$x^(F|!#jfF-DGQkpG>_qQ_VYL$XpM%&`tEZN{;F6bG=WlMN&y`8
zRDhnk>*Kuqf?kj=JOu<;a3$pVlT$<7$gR+KT|iFya{rAkB#O9@G;KDeh*jSOI-v4r
zU~)=vU$qyOk*#wsL<<lGWj**<%1`*WYFu<9#&IE+ny`VX%&aGGWr7k{oW<baPQZx^
zrD|I^q1~K`UY6dE5lE^9xR}#Pi4wKQq?J*1QnaFB&zQRMv{Z$+gAT9Mv_gdz*uV#^
zh|geGRlSdp73>7$g1MHV0EQmXiREl%E(B3k!dLX?NqMj(Qf!30_9oI1$1+Xa+{nJ#
zj8}LKCu>?&2oPdPYs6Sls(fa7*M7t3RcpA?u_(wu&R0$k^^Kf`aTYVlv|Q2GXovDM
zwNPqOGTa^eCtRa?%$_qQ8g8s8E%hj!sua>3otdLJm2`sIqi}}zij7N{sx+IeXy}g|
zIwR+-pmEyNa<iktgLaTkrWWT6YzDLh(S)c8b2~N_bvGqjjF^<0nvO65BwE<xrq+fg
zh>H1?S*kC&A@|fUU~;N@V8(LHqvPttLCmVRlIg43M_ROoH3!xHE5%Q4^~&kl<;mgk
z3V|dFNIaoJk0C{FXB_u*IV_;!q)cHJ_R9gKRZj}V4O9_3O?0dhtva~ZMZaQdz!`8M
zu!QC!cy+*3W4IEpKy0)i38O-)Q?8X>y<$%*r2UG0Jx!|TXmM>Z<WZHFIfs9`%-ka~
z_gwo1C=&NApOIJQz}|q<@Oj>x#xm8io@3=wx<Lh&`lXWs0>m{`9|v1XoJTFW$cfpT
z6zb(B6De3Qng>|Gk%KNRrqS%|HwX`?N*f~|O&sM_N+|wxB3%+Jiu)7KHgB#C8b$Ko
zxzu-DigcjpsVfXEauS+|eGx|<>3}{(A>Ejz(RgHP2DucY84K!vdOOQJ4G`><9H~4^
zV6DPRO;8)OOn-=&I=@9FimX-vVk;QyQ2;0zzMQR)Kq{)FK#YczT0JSZLV~xZy$Y9+
z3iYt7=lzP=H0`m`Rg9}u5!X6rjuOC=Lp#<yJAo;0m3IppsXOE&6s08{d1e`-sgyJU
zZ$oxL+0nHcKv%U=pa{r2ENUk=O;_qpCJ51SkQn>Mq%1``#w^E-RcpGklD-_VY{)@T
zujg8ymr>1>m<7{x2nIo*=o)G7Bffvi3;B}q-oX9R<EWI$V><x#PF^E0H8IXuE?C6S
z5hRa+vn6UElrBtr45Jbaa)yLIQ6~g6GWLOm4vPoIYY>vN0nO2`RMtI|FJLbqms$W3
zD)L&((WZhQh}>??4i(u8la_C5HwGOs;Yc*1X=?MUKW(QLmE5n0R?oO;txif!H5nTa
zKg+1#sR;zd$YPpf09>4sh>0+ddul6;(h(2hY5S}`O?uzdZBTIqAf}!K<R})PI<Z_n
z^%Kn{UMA)cn5p(AsKA2eEmbVb24EK>j55|%u%_KGb@qjw>ME4Qq~WlvqPkDVh443b
zjX>!tvU1QNC!H1Y@}P6l(a8Pj<np_-cbDX+gNuuU)60|N4mrDU-STIz$ieB)<cE{f
zqb6Z7dVoJ<5L9MX0<{EL<d{kA2?9GQ)qH9~ZV*+V5arV>miNi!$>p2lCOJJjZJnIH
zx;Qy~ef;+L^s-6b9$y@OcW`=n@bcu%$>q;LLa$CPPmenoK5(F5oF80Vo*ce=b8tb<
z-(8%ab&m12MQ>rk5~-_+jHd!B2SThbL#@y!7n)@`&+=G`=dj?u3XlZ)vmDp4m!h>%
zi17$?70s?=0i0d%Fg9v3GIix=1#7J9Xq{GOk@lVj<c&e8eCbV0dvOBJ^AmaV5_Zi}
ztcZXxQce;ub{0d%^NC|>(VnaVqKB=?AZ3Fj9<VfIYfa<rZhEF%WBHj&@2e;%2okX*
z?twrDlN;n*2;;ZVLl%UFg#hn(_4z>V>0KW@Cq2Do3HAU`76A<79?^ks!<TRCkN_JT
z01>{{$QGv|B;6=if)rrTrW-??E&$aWIvi4oB9;@Hqt9I4;^wXv<D@7nx`55G;W1<U
zCQj96I(*f&7_83piR)R(WhWd7cEEXb6DO|i@QR3nXBi!^CddTiLZ#P_bG(gc(jTW*
zxPeQsA`%1|hUB4#4;+|@wI<M^6wu3tI0eHP(`j@agOgO1@#jLs3JE&6L4n5;@GKw)
zp}Z3$7BuITBRkDEoI~-`P>SyUaV<LwXS&<86dDdWM=K~;Iz4AQ*jx!EeFprb2_;0b
zf~FzEMPz6ORorg^bjL<%T$uA{ytj#-JK?=VS)o8~*^q2UO1|i7fnq3y)~{mWxqDbZ
zzT-Di6GBzeAPn&70JiIch?X>Qydg&BR&Eh6;;OGDBeiT4<_nUJ^`cmgZY@O)87P~u
zN>>B^EDt=Mcfd{G;3i^ymPYu-kS9@v>73>x;6z%uHdwUBd7S6gTc#|>R0x*K<D-nI
z&1t)FZ=!?^yP%20fW@g1=5HKobi_t87bM{0(<6DWR)xXA?+54S$EQap|Js*ZXbb0J
z_<|d{Cx3&f+!$XHA>?ww7n&-J!nY=9v6{yT%dwymYI9Ai$@gQHM1rt1Ot?U%-^*!u
z#R@@IK7LxUN=iaQecMemF<~krYJH9-9gtP5udIwV&KcFfzgi=pt%I5>hJ2hv7;>-X
zp|k_%+ID=i&~k8+7W9L0go09!69~vpjL<}I+k;R!47Ab)g&%=#guq^*pmu?nnd!?|
zyH<P5hOB^xRL?}n7gw@82E(=F!7K8v@I9X@_yyX<Q4t$|yuzIJyBhP1HFD5A9LCq0
zQ(9-@$H`<e`9wbI9;YQQ>nC_z5lQ6eOg{NE-GETCDjzU0muvr&AhbRr83A5j%6zWH
zc&H#O#YJF^hN6s!<7oZ72i7v`nd~$n(?XN`ypU5B|J;HIcS07D(CcIm6?4{bt&|?V
z^z>rkJy0is-%<S5f;XV8!<aV(P2{F!rLK!c2K<^~^>A0<RMrwJuZ!t*1%JP2`M=+%
z6#s9U!`<f?GvoiacK6zw?Q;D8&dx*p{}=gG^#3N`#e*SHNl7SMLN_Dm2@ZKb=Q#t8
zDB^+%a>NQ6C!*0<CqLL)`t9K9H;r{4?tzz|hdsvi+n1%5;t}^njr|5xTFw&gcLf;6
zgJCjp8xLXG;DEIKTzPo`Z+WR$frUujwo*E;()l^{3gyG}ODluRv|wQ|&ROHKROR%$
z15?ddTT5}NvA_V>aYlH*(IN*#DuhWXhrC5DZ+Iz-3_}A#nqq5o0YP;Xk=JOv;WQ$c
zD~u)8NW@c9&DDhjLUn-XPZ+&cHY5*qeI;rSX&NPr{Kk7|8Z9VTD$+=2dqb3EKF*XI
zCQf^NET6+v=AiKc4TWmfUIu_FU#PRuE1LmkoF`qZ;BbP~LA5o-(B>mZ#6z0?PNyMa
zV}iy@%$kqwtN5I4dnKA6l%(o9r>Y#=FV1rop6!uU%4ytKGomwsPGXi8jc&Kwqhi=t
zB0EyPgR4^ORSUi3dKD-Ps$-+%BUMux<<73p;k*0(JT#bA3#C-=VS*i=W;f9MR)6<i
z7r%Ugi`pplB`|C0Kx|^EnzDOb#sVAMKo*D!WvnVk*z()p2iVYz_f_75=WVpRC1pQE
zaL7j+5^OSNX~;H|D{<rdR~KimH*l8U{Cx2C%{Sguzj+lW3=E}lA+Qcw&^U40#Y%}O
zk0ZZKsNb;PTTHWp+38JkaJb(f3Ku`qQL;~d2buQUpU>W1yzl(nxjcURUQYJ?;o0e{
zlh^Mq4y080!lE5{S-E1bX^XId(IXqSBZ6s&aFRM?rkg)bn&gJ5$}!kUe<<06+jF4_
z)hAIi35Q;n1?<Y%su&u4tilHb)>xx!QJa&cE4ACk=<;HMGO*Cy0TcTB*hw+>W`Mq2
zHHw7q2HcmN=D*yQl#b6gET{U0r{CBc@{#?4r}pa>(w)*c<d|X&Ez*)}_G3^0U_hV0
zHQ7k3uOZLTu7aVq{tl5AQ44GVo`Lw9`YS}b?VzH*#!b)(&yNW9k}8o+V}1Sf?DBYj
zeVv>XWCY4#0hP2!pWTpAoI(&+sYK;tp&~NL$vI}ghkWE@f1u3<>W#zIq*7X-yMk^p
z1eKM7#w*wx725AKlH}te8y8L(fM#%^?I$=;Ax!QuI5~&0-(9=`#*h88;vzsCKyGju
z1!qzzmDh!;o|Lj1zxgg+CLy%bglI9KL8rkdxK=%OZ2E5ce7K&Up7gy2DL0TTgN3sr
z<5sb?C7c>hGr2lhrM5+w1WLyRHz5{lO?5U1HWzhwV8780$ZLgRu%e}f1=XAAS~ix&
zou73sUtb(|-k%?IIzOFV96kSf^=jN>VUfUAsrnzSlza=mzl?_L1^IR~QTN=7mXiYB
z;^a5M(~K6w=PMrrDatv^Yw3x6S|Ptfy3O7WX|*C2@`$YgMz;d;PHlpFm-Z&G2rX}9
zIlGQAbiGvV9A~><y{*oqEBADv3-{}fQyBY%!~nt-NY7}~18;+OZR*;)JVjzObw(^z
zDw6M@gTo->low3MUwp||uMC*xUI6WTo&+Dr>Oq!i1JGLIAU7{K&**m*uaj3k2&wUi
zNtU9foaI~|MqAwrBw2~|5iQ~nA^_xLJkkZnp{E^V5sQMxNg<gIcnQ$cV+-woBy5I}
zqsp^l?UrtUql3a2I>AZSOhPJ{z<b05UzmDh#^PveF|!o1f3eyX@HHp?!b~NQn+g24
zbooCbZ_RW~Ndq764PxQ!gM6UYr3!-XlkL6DO)C?4z1!J{t3o-4=kM&5TBXgn?QQu;
z_l=k?=QYluSCGnKsk)o7+8mVQ3CPQd#-Hw6Z0c)a$}m`FStQxK+*|DAiz?vyx|I-A
zei3pZ358om-5<kkfQd9Zwl9HFht6ExIR=e}6f8%mJUA(vDfwku05QUbi!zhhmnAe!
zS%hNa5`x6V<tr_bUO1w`BmB<&s&!$p@Ey&g8=AAVpkWx&BXVp@{FbLbZ;M=?qUMLc
z(QB%S$1R8Etbc70W#ivYv=@Ak8CLb|HP{aHe1k9>KVRA1+#Idk4v^Yv0JC*V7-lkv
zjpr-v*YVw^qXF$K2}thASyqVP!$>?|X%BAu@`vXuJBz&xeUb0HFC{3;Z%W-Xmfex+
zi7dMv0OeMDQGRpwM%1+;E^R}5#xB%?@b+N$HV~#ZVQ=ScJ^toR#O&nO(-}}45vmRw
zTeFC=@_iQ-?OP75r@y<ox$N}I2$(^HSmdal4rZ*p{OZE{UpuCr@Ye3ECD)8Q4_~#a
z(F^Yab}uPoWkgHls_JArPNFsR>h>7Q4xEf=p?uy|A_CTibC2yWiiiF#&+o6^(O1QI
z7km0cH)u4Z76n2_gf?<1KWMS4Y{pUMfZH3tq=;~kNPTfIBr!-<uGlQ`VHd6h0}O{$
z0s~mJZ|J0{-YyAaI_@*eS*tgWlfpCbG#2g7sUv7q7oL$+)j5W$YMZMR{iUGNH@SP0
zwI;@tL6j$p$S*^dvtL&q8IxGc!6o#(pSDZ2ye6S*x3sCz2cz19QSDJ>-<Fb!Wx7?7
zn^-EzK=M*#SH(zsG`u1#m1>h-h|pS!!!Uj+gH^Aqy0=TJAm1H)bK-3GH#CjD>9As)
zJ^Jpz{eh+teBJ6GExpTr=Hpy-3Gl4xYYjXJ+9ifYGo`vAK|70<zuizB$X451RKBJf
zMp7Y^AxDL9_}aWySOU;;jq<LBn{w7cu~T_^T4;&yntI+~@578_l^sfv3*yhpp#)V<
z!1dU8LDtt#-kzUbTppZW?yp15P&073|C<VkIepbx1BF{P+Oyt;I!xp&8mAFW!%5fP
zd&=Dxt4?8xy$|^f8PRm2=ZpcXrmU;6XF!2h6F;T=nvaEE*co<piiI*YLXJ2@`e_rc
zwKZ7_DZ~Jwl{79?;Iz~kwU%G0+Q+Dyl5`CI%mH-Y$kEoKOEUnAvXd0?f0UUy#muje
zCd_*X%1<I(C<+XRTtkI1aX7S-No~5KI}`o}u5!nZ>pF=rKef8IlL^Oh&#v~!DiZNL
zmHUkrImF&0)b_qBe4xr8j$T3hrS+{cM}k8BqUDQGEj46ovrAYoFfSP+X8rSx7CDzE
z&*|wY7u|Ku07@Wo4WwOTr3iwcQLmx86z(-rdtT&YX3Sf11Kv8m?z?S(=QW?R3pINn
zd~pS~18JA{?XlCf18M18E1eXcI^^TD=(>9<7Ti=^M(bOc22ENxffwE8VtcG!-&DJ|
zC`q)t!Dpfgz{;WoVNWX*%!^8gb{2ggVXRg(`dl+bZLq4d0!^Wag5~)oTCv1({^Oz2
zB`z3^e#+y5y_I|zpjr(ir6XmHzQ*J?0bYg%As;{5hNdh21_b?al1MsOAp!aHsU@f0
z%C5uKx3Hd;qJkI8LBVxb!jUsNuvOJC`*X-|1lcO#Qlm@WL3$;liF&b2M`qrevz~J1
zHS;+Gt-T<$Hq5UD1*Jh7thsKbXn?Y&A;S((0}!L`>n-n2r?51zf_%&n39S~HVtY%E
zfMkC+P{<h0`p52h63@4s({%c()3`K8<@8lY_Yb3D>f)_nn26AE=D&>YL#bk%oJ&C6
z(^sAMC+A)Fj_b-DRLlamscR&3tp9?^c&|EyeUM@_iyR3a&f1MUXI@Y%3TT>5$#)$~
z!F}9bB?<L;+85;Ca~@3lB8ao+Uw=d_d?Nn_=ynfYL)&lNfy-=1>3f1r!%g_O*%wd+
zr9`KqXG*WBhF-d%`;zLyp|w_gQw$kI&cI-goL`C|GvBvfyG_h-a6R^#-kH)AKl3JG
zTlJQf%;)Ww*M&XMotU0~{qgnT`TLWjPfG%@tsNAIAC7;XrU7jHq=GWm*U1lzWs=E^
zVx5^#ZrDI?L`!UU-A2ivY~lHIJGkf+Ig=8fLQ5!h!ZIFVXVZXqw`V!^x9ky8b5X!@
zNMJW3gZ)FEMw@b?pE4ngG#th$Tg8l342JaVVL}HQSY^lQXD=VK6^jfu%>4%uXz<hb
ztmtePU6RB-Xo3Mz{sn`QzQ9Kge(FH^C8L^})jNwLY9xcMCMfGLg6i7!qv+~lT0z6%
zs_N%O&u?e@i=WxfcFjRmQ@_greMEl3J~db)z-@K1zsTvuot=B=pjm668-hIl`s2Y*
zo%fyX_s6G4=VvFUm-CM;Lde-5=BaxB;`sH++3BLMI;=vzd~kSp-08^Uz7W?y7#_EP
zB^)1K9A7%XH1BYci$~E2XQtuX-wM6DtDb)O?9K7}(}TCiE;F@3ZO|e{jC1G{)72AK
z)QYp{qG+y;og{U?IUr9>gBg1QBOVGlA=OO=&LPGQB^#3Qh+<=qZ{#$MSTHO`*y7(X
zc=F@+Ef@o)<LZbu8{lGG1pw&iho)g5XZn}U(GOpon;ZaUI@@{@oueNv6<b~l2r_fK
zwrP$%y{vJX#8=Gc^syB9?PkGMP|Ng##yg#!X2y$sj<2pNm*uOg#<St@$aY~}rGoG*
z<H`hw5U{a&>6Y72ReM}ea8c%CNoQ+8!(RP1229_g5NSW^fk{D`4X>UGU65R$vBQpT
z+EQbXU?iFZ(D%#LxW~3)I<gcnh>PL42iq?>xQbriD00R&ut(R1D5U(bq2FCoDdJe;
zM8u;wp?T0Cr5oc%@6ymgp-vYwI984o#UOpv5p<l*2ypjeLG(;)svC3$qZ4v1$vk3E
z@;e=90mmnlwZ(2QC)nmbuCLbhf-LsOyRgU~w*%xQ4x8+3zkm7e@Q33|!z&j9bPt!=
zkIP(VAPSd|e&=iL&y9AcwtMh6rlWt`4rTv_BPkdASOGjac#Buw!NuvPlJf924s$Me
zzo=;FtgoAjR?l-K(fan#U+ylEQ;;*zo+q4aowzzZ;m@pFQaNI)Cr6x1D|#sb4WS&X
zCYS&B?&4UUh_iR63!l<5tRL893Y0osi$ZdRJAku<Y-fO&X6fGI4$n?64^B>xFQx=G
zB;Z4A6pM~3q`(iOr17%}%};eJVONdS{bheCy?0+kxfXoe%U?7u!6itgsB*)#*H!r!
zV$o={19BW;QF9|1#3}j3u@C;b>in@*7ai<i6eE9~b^Xic3lZ||SFIM-F+>FX>+KsN
z(m2alL0YXB`YCil>Rg8BE7$Fn7f$fax8V@VQ!07r`HJHeUD+^DHW18<2JY8Zplx`j
z!ox2eh?uu%zcOz7Am$)3OCTZ33bEn&MK>_keq+sgdQo%&*rmg&@;?mrAd3|$ild<t
zanVs7U1KRq;CC&TK5z%F;xyV<&o*clt2p<4a@}r>SV1FNP`L*w9kG2f4W>Z|w)4l0
zqFJ`@9uD{tWGVk^QAjE~Qou`OyH9>^{h=FNx`K_VRyWBt0U&Y08alrN^AuXCm&DTQ
zlVGC;`3<>orJeR-i`72wFP`35$ChvgFTGQQd;WZSa&uB14K~JU{J&#H-eL#aAK0WE
z_MyGdPEv$=$9BDS1Ld6{qM=kMQjA?Ic^FnbM<PP{fla!oI=r&w^(2?XtPC$&NyT)D
zBIoG<N}^2#cNvE2&QsaNl;_{+IICxGA4c62>o8ukd;&dKA!EZtd$~{30;-V9KSe<Y
zY<<14z7EO{z!Iub+lZSoD>lqen>NR)4h(fy&(iBS=cyF=zgk~!z%`;?(^)=tPaqY=
zXFgbwQE7>^(0JU?*)ByqVnNkGxnh$BIxEQAgU;pgg}j2Ff4#~xmI{%OTn^M4vJYf?
zYpub;Atzsdv`>CAM*}DVphhmn3Jxdbb_c_d%yVzd8DxKuK%3$szGlh926}`gzTh-A
zF75D$remzV`zJzhnXQ$k4@7^7|IiUK>Pe^$-a}u#-j|k~lIDd9GwN}mwKycBNlPcd
zwImO1C2_%Wnmo4<p3f%(1>$~40GS|&Xm)nBgy3X~rn)LkNCj&`e+V?PNx4i<8Hye`
zWWcd+e1BZXCqtSfi^<|&5fx$Ck8`L9FNXvxfa(a8+|Y?ISuEX!X}%k1$O4k8ZVR;v
zjkpk&3XJe|>Wi9^rwZTL6^o2hRhvGjzG%MZaXNL)Oy4cP$;a;DW|460z4FD`F<cDy
z&n><`J2|c8741F4EA(^KXHesK(NkD)1QmLpJ44+&2R76Eoc#Az7`-pvD_3|I&a2;l
zK5xgD<GS_x{RJ4V+4bAA+skFRU<D=Lk+06c)g8EM;Fn*iDQ6@FXc`t!6SR~I@ZABP
zJRm{6`80Lw4r(w!z1mm+asRMpNJB}f5`oRL>+9|??@rd&n`C|c;<$534$k2(=)SYQ
z?i6K0<gBj;4G4F}dVwm9!wU2_bfROOrw0khI}=4v30n^9&O<YQ8eP*ggw$7U)Q<(}
zu>wT+ajfgN>&$L&gO@_29p(=;a8t<rX473RMywb@MsepRF3_*hW5o?)DF*uAK%G}=
zt1_8z0aeT*ilIZ)bSAG=(Y{hKro=}P20-g*-RS|EL~^{+OR5`>V0q#0@~T+Vob26+
zGOK=fFr5$sMKSIxlz$C-?K*h`lGsjpp`!UFb`w|%WsH-=G+UAv0#8i=P)JcpY@I`0
zogOPGl9b&famoV8t58$aC6^35(6FSgC$E*JsTnzd!-^I&<v+t(Ri+rfEr74wNAFI^
z4b%)xIE`$xCx{=_TdB#mp;Id4e9T;~V``ot%VFEu?r$WBZw}5+9ywpi?+(sST53za
zJ5Z)-RZCH<1;p-vT#cCr`;f7)5M<@w>57S4R)`gvdh`;^LZ=R{SusZEPq{7~iiD;U
zzc>)Yoh^7lLtEph(}~8os-3}gm(DmPaRCMf-4k*&PKr279NJmc_r8_}<V`0buQf?r
zJQk|qoO0o2<ASWO7dIR#xgh#9)9~oHm+<gvef_Ix8AlE>g%`34CEhjDOn6AmdBJtY
zf;^^q5hQW=cx{eU;$HZQxwJGeC8tQ3&w~vG(UVM^?tHgb1oah!GkZQ`M$M|%B3e*+
z^{e?UBFHGwLh^J>21(ep+%@d?QO+uXd*Lere7F=7h7Yl*>2fiteq1q@xfNc7=lh{P
z_F^fI<cvlWV|AC@+mCRwF|Sbkc4CZM@gU_ni`IgMDJ$dxw~01T=tT0I(p|xGbNbDB
zb_h@rOsQd$syYWj`VB{ct8*u)>7a#L{qX~vxMpTmELRF|ZEX+s|IdA7YyKnKB`fkG
z)Y<p6(Fa<(3oVtR7-1bCdYT?J(-(phREm}xz^qgHN*R1Zo=wiu<7<{rI;u>M&Jhqp
zsPv6I+TBfX6`%lK@p_+8D7Fb6w^CMG*P{XUp~z`V-aK6=3S8bcAVEUQMbjR>dvI}i
z^6KF5^6cX0_urkpJ>FnN=)O13xNBHaMTejSpy0YHP}5=({Yz8T3x$czS!#5i5(egR
zGw$UL*QgX$thrG;zYi`(2^zc=#$SXTYP8r@Hp}<ekY2}poHud$C1+D<IY5noO1qva
z95qP;BXv=ygL&$TR4CY8F{qx1HJ~&~aPW?D!E~zz*RjeOmbfNvD6-XhaVOM(AZ+0C
zQ%J3<$Y`t&P7ZZdwJ7{~zmBg?6Ed>cmTL69Ph8S{-{ZUxMNYGgvU?lZXF>A;EA|O1
zLifE5IXr1JPMj*Cw#=!Ww!0QMv1qxdDPPuV83oqo!qv6RJl1UdzX$0=dx|PbdYUp#
zUa2kzvg)}&1?eVyKzrep#75WIALZ8^(ah;3ARq2g^{_v1(73O?b?vVzv8)`ZRynz8
zJV-(T9Q_Djg!bOIluuc$ruAWzwD9c_%}oCS`S)9@2#XLh=OuTfw|txyOAR-YZ=BO&
zxKB2UQRY#BdT(Pfy03eCy@J+N^}|0Id4nWosP>c<H$1;O=Sdt+8V&DH9e&6Jxq;-t
zbO3ew!BB<&1j!)bH%^N^Q~xj^m=?{_kdJd{?2oqzsO=`S@n*;{&DkyG5vLLjP+Kh=
z=c;oK+~1fB*3hLXx+%^$gBhFb1o^moOY55+N1cG?EkN${SInWmuv9_8-^`;9OW;y#
zR;(Vnb?RPtv2gnlv(!y|Z;_9mx_~Ri%khSZbvhTnLDmkCf=1&23&5@R#s#{Wp}GRk
zSi0sXEn+7o(4e=fS3-IWk{KPM0#fkMhK2hM<U}wRv|^_Vz5(G8v?ARbqEj*R7;5A-
z?5Qk=j5sLWH@z&2aQMcFHK~d>kutLU9%rME<;PF(4>euyTeF^!r>P{0Ye_}rCCEbp
zHRHTuqbj5r8&c`Y;81xSYRY-fxr?>GEWg&$yQL+`dFvNiRe)=O*CDgAyyEw7|5Yk^
ztqhvFat8>HZhb-8<6|`Tun!m}{`MsZPGBW&ky{&}zJL3#ZxB?Yag1#d<?Q0LT%mU1
zV&SST(*iZ+ej9!8l2mKo^edp%yjH94*)Vvf`aWU;L@5gmZVI_}C9Z0=0#2&cXPfQK
zwLtF^iX}tl1QR-;Dey+mR6r!%Zg(yo<U3MM18+)qI@iDQ;f4--3Wq$#j$!gAKY3jp
z%<7~&xn5ZKZy`^iHP@<cGK&HEq~JVRa|#LTa<RGroLm3b5syT{GAsb>P?cAB37VW@
ziBXF>uNaQ%`-!)iyqG2#BX2m3UP3nmmjCH#a{4vhzW`!>-L=f2Vj|^buP%)uE~(|o
zX$1Kw4pi3kkc$FPpj<Z^lknZDPJe*<W=7uZX)(942)W7;7A9Bq@LH2}pfA!q(row?
z>6lcctXw7&urRX}jjXs%EGa&<awK_-6Xc>0rk}i2BQWFsTNm@XV1)wGinABM=KazD
zr4k$JB_EQ+Nf`_w#D5hgupN*$bex9H`i%&y7ek}Shz;_*+hbtfS!j;?-|7|qHu}(#
zkX~2_{ww?6!V>Ir_Fh9~8s;n#0WmsioDRw!yO;8}oMss$<an=Pp=w|w>Idz;7z>uG
z?^-k(#VN`bp=ybLa{gFKk?Z80d~Ps?Rtuc`V&>tIiZfT0d9#G0?BMXwi||HZYhY7R
zs$N%36js%81Y=czO2wN)meM&{b>eH<TTg<`U^8gj0OlK>N44rD4s;+9f-*>)?UR*n
zPtM<89Gt#Bez8IxsnWjtWMv&2>lvVA<y)v0e)M9+s^X^e-;71b^KxGbQ{5<*vR>*v
z%%(dIOcPesgR1_Y@soq^!}tP)wKn2iWK*seq^H*j@6p5;<!+fXVB3j^N8WevRm)pq
zF=RM$se0Oiv+ihJ?+=)_9=lxk%{fD6(#pJ`Xb;mBoqI<8ihet=M56l}2k^evJKbXm
zzj4l#AFhv~{D<0PQW3sCnzS@mEYGr`pPV^G)2T(-est)`iw3EhdHv(13<_iCk;H7h
zj`pmUg6#XG63hAqve8QhuJ#fx-7)C%c?+A<sD4W`9qv=NQFEg6-wBf|fmLYbTS$D+
z_N&q8NXZtYmoo0*Df?Dq-O#lCva8y`mp8@(CdC|hMbFvw<~jp_Hw$-bYNzz(EWcxF
z06>B{4bQ##%xUTr(!@wwF6U93+&F;nGUc?9BwLEAQDUpp(i$kqmJQUQG*Fcf>p#}k
z?Y1@2o`3!E@Xb32-tC<HzvEAME1M1xP1QTi^m>tZ5cUZZxT5mK^V5)}`ZvE_n9lM|
zCN{WE_mZ<MP~twu9?%p*orrB6!c#|3cePO?44US(PPaO1_gqsogA1qg%GCIVG*l$!
z(aXBNE7e_CIEvN3lR?fh$Fj0^_tq=&7<L!yfa1*hle#990|)9k($J>+sSfvK6q^$R
zT`9^@Tpf6GoHgDs*dA=l@AUW4^arD@uWzldms;{k!gBqmLP3=OUSHoXJx^9CDR@Dl
z3B?Y6x8}yp;)DvWe<Z7I&nmd>fm>TpG+X4zY%kb{#@&V4?7`qS;y3A{7%pS14#T=&
z=hU8fT`xM`vwkPYd&J$=z2dG#Y~VsCt_VWVQHv0h<py;Xv|#;lLOKk4sgRtF_%$^x
zPgJm6l92WFlo!xFWyF<*YpQ%D))=l}bn2zJa4`KQ76lYFY`6?0yM|Dt3p>jBkB7L`
z!+0=cq9Ce>;8%@DMArmXCV5<feh%iY9)|8zTTLRknVy-GiJAz^Od<x|#Ioy9t*kYr
zvTyl<0n~tmK>CCn>CT|bB+XUj$~iC{R<5dZh=LYzXgK!zy2^95PdZt}5N)6e51Rs7
z`h3W-W(*X?{XX-r31IFl7zCs{ns~U0dfg^^U(B5cr$I|j4tVVr;3;``@kW<Lt^jB*
zI(PU$HL_A&LLqXc!WU~pYAUksoztf+bbXo#TfR+?h&DOL?J)H~l*iXBf6nuPbC820
z_;&i~ah^PX{9Duu_wB>`8yj%mzdP$(e%i;Qe|B;CX=4f@k1GHQmLt1(*EzoUH2pwU
z!&9ot8vU#T(Itd#9g@1%UZ*WG=vQ^h_;=0t>rP>55kTn;J}yX%Y-cJ|N!_>P4Du3=
zUV?#l8G5cHTit`!6Oz`~ElsYk2eyfmTOQqQsNj;~9m@b{PO%0(Z{4ay4*x#l;T6kC
zJfZ^#)eV!evJ_QxBPK|QLE{CHtcL^s%#RX_qN;?Ril;VVZY6MJD$uOpqmULGN!+{j
zIeg^Q&zjN)+(koTnFRNCQn6Hw@m=Or`zCA#fd+?|5dM7SM&3fLGqS<6Vq@yY-LUK4
z7)_+Ws<;@>Tffn3+S(1;!A?8)jpoMj_FD)6@Ifz5i=0k?KH%L-2pb4t9`uzO9tE$}
zvZs)b0(c^j%x5NhLS}ODrh=FJU6~E0tYkTBnQ}nW0q`mm4%7M35vu9YF&^s##cEJp
zgw<_MMMXf`$#qPf#h^+hx*#<$8cETt>+OZ|wM?Pk>Eb*$Ev{-2x6OPj(?{v&8tS;!
zy{wP}Xb4h2^=<aUS8M_kt$$3<b78pV1qs_|@_ro}awJ8|veo*MYmu|;!m^1(zO_a@
z-fCszd{DO5lziK|J8m-3ug%C;3L1;+5;dBHs8l7~(DKDq3NcTokSAu!Wah~4tway{
zyaGv6m%WM%HW%?PHET4h%e)Sa6*(=?{(d7Lr!9y*!X_XaIK!4uASFR<sBS^3P?5R;
zb2f-Yq1pvuCmj$3G$YcO$;L^7zx(n6#@moAkFVt!HsGK{z0sR)w8XA;Y@7pLze*3N
zynWYv<Ce}EZn$_WuVjHlAViw6!?ZFUwM^Nk4Y}49%&n!?)zZMH%lvq@X@?J1&kAx`
zSwtS^Y=GZ9u3>`_yl)03<^|Gfso&7&F8SQq;Sa|bQ1PvEdGYfn`-o&gDVDKP4{4sM
z9&ouOJ|H=!^8g#sII+JTzdbm4gPndM9YMvN;WjyFfxO)A@+M$F`}sIgMQ+4%yYAVh
z-#2_P0K06&LYfODHNqvXyq}^JHzTD|{Wy5-X`GO2n#X)BNWuq-xE=n4$&X+l*4@H&
zbm#19Szr;>0f~mt3_HkpG{s}UTEQa$EvHWp-X3?(4-SuCkZ;e=j-UkD3(wa1_+ub1
zd0V_p{IdQlTrHm-lix{^lgILZ|4ttx%6^R5jSbOE_+V-RfPoo<hveHgXRk|j(UgD4
zWi)Xb7tWe%v@D8~p-GdBQ`L0}Vou{iH(zF8l17U;Rs#)(EWCo4A3kCjrD-Dm6CFxQ
zq(H}1zYX(TPnp-V7_XagrYgV0shzBf5-o-?-Z?pD%9t2b$>Vh5Us$<XJq}dA?PFgc
zXg{ahtCXMDE%a(>iFnm9z=-d4B%To#eh@`<(_|l5IEIW^oNxUMO{n&X*CO*J8^o#h
z8bYqRKY*##FyKtZ4nBIc__PprOV4WQ3E2Q@oRH!V3(zk%<fhYaSfUL;XV&q(Bc8?u
z2bG@=unIsf4;=}4l9+gah3U^+sudHMM^pDgQWdDuo6^CbD)*%`_1dhh(V?n-19d%g
z!J!y2n4#6IKn6FCHa9lXHz1g%dm3qa5@zv)culLdoNC{og5;bRWHpY+=9=SIm+NL9
z3JjOY$LWE1Cs@8uHsOoDc%AccCjTr`pOR6_vY1!sOr>~$Lg=0%o=@*cIUz0<>N;G6
z(BR}boK8*d3sILwMNLXd8E2{?{M50Q5WVC>Ngn6Pco3%~Li?L*JuhQkiVVNhykA+7
zdRk_Y1lh{q4Y4+BL&_R8h{^XkxI7H@0GN`6j<d=cSj6cdQ9*GCzz7PpIpX0kzGf|+
zM8?1@ym$ij#90#QRf%AbbACNhA|hm&l=Ldnm^(B4z9OG#&WvwZZ^-$TH%IlIo>%2>
zDvm|UVu3&gQ9plG6)B4JWYr|FdzzG-)&A)4J>lm6)tnW%cq9ZRHtV#4%1uzesp<QS
zHRU%pZa|k1DoqK5t5UFsrXTseD&8;^;_hsbu<H^F$5N~KJ$Ew86`mT=i7Lb(@9AQU
zq!H`ZEnv5XXkRSV&!?(X!JFUN952Yx!D{WQ-IG>20^>XsAxouFfmRDxlV9#97BF5i
zA<-nIqd0_mS2iN!I;QqY?2l7m$pV~>I=@@H>)=hSFJ*wIj|-D|WoM-;(P=}c61fFo
zl67MeH<o(EWN|e<mLCCr-z~DFYxxfJ$rM9XXaj2Szc1oUyr*gOzR2V7N^CrWIOtX}
zWUV4gT6!&OW>us`L_Ese*p-~#sEL$qifT^s&xEFfF&!||N)*rx<_cSgfa+eL%Fx-H
zNPa#o3fR;Jn#<d&TOEm7K8LL#-6xO8sk6Z)+C@TPX*ltt_3*IPoMCxVAA4Q#Mw1qj
znBNZ%6+5u4sS6iTH3e6dwBpw+&p|Dw=>%-aTDI0l)KtrLM9C4BfT9IRz&76<@+S4k
zB;-JMMvX^|{NjhU^ZmWxS+HqI$MsxHpXV&+Yf$MRmSoTabpQjepaoJ&6L}9R2HjPY
z4+!zDZaEjlZ)2#Z6Kg8~Y_-doyh;j=J4`V19!*>}rVCscNFKIT?Jia4-A_7xOS5t^
zP`Ug8B(_@7PP5(vHy2rzS5r}HL=0Jy5E15aR$%$9`b_6lH;>t*CNCzJbWO;hcQI6W
z=T!9QjC6F34K2?(vvF#M`wNIzZ#;Ou0;YSvXf(~>pyj{@p06C9op#RN9Iuctp+Y=g
z35UV|auMh;LY}kW5R(rM)SDhWfXUL3OOP{Qs7Hb~bi&8QPb&8K7{8r@2v8GvR0HMt
zAn?LZ`Ct&Ig8-ijUefUDGN&Osr-h_^9H$a60MGET7yp2c#=rcdwF_OpekK22{YPtS
zGyJ&yY5yN@{=G*2F=9f{0sBY#?S_7-YPK6Vkty74sFi!0u%UOMRB{E^jn+EcANROV
zBOd0Ato!-O$?2;zTlafv!&^D)lbrSKo^SYb!f{{JPDSnj3zIk#EclHT#k~3abZ~Kc
zfAjg)FHH5K0pCl0kEOmdE{YaZhiHM|DTelNK&{IEpS|~QYa>Sz$M0{y3ayj70YbNJ
z2ua4f+4~Y;GJGZp9448aXLb(DZrSclyVcWbL)ege?cYZwsaxt+|FAJ6vx}d*onT9<
zQmIrbmFh=ZRhgTo=?!=vkx>HiKJ8YcSbM`kI^E_a!S-|2#+l=YkI!N1&)#bE@oY{#
z^yHJJTc>K4e}>*mcWNH+Z;q-7A6w8r@G_{FT;JsaQWdm<7Y<E_RoO_F)o^oywL-~F
zU*Wdl9=?dferqdJTXP=b$}%bvov7e{84#)WtIQi=3?~YC+u3E<+Csoyh+*H;dee~K
zbBdH7s+vh?SY%N?nyP$j9C24fa3r6IES;5SK;HL&Ml#IE$ikscR6l|E{)oho98KK}
zpu^*ud^j#@p<=8xA9+M@l0VX=eNTI0D7=?iax04bfpd{$a7?(y6y(f>h|ypH|A70;
z(VL%|o#P5od5YJhA1NH>syp9V@;$u|rG#5>j<W=_+50%?qrd!e^8W1N&B^P*`TpR?
zi}z=5xZsP4*oso$jmhr|!ZPi5PUc)oK<!?)`_^x(^diwhd^K;&++cHmnLfsySC9nm
zPJ-?He@d5+9AzLJAOx#bv=9~7G(WJEZGifWHlvXG?H4WR2IzF~esF&B_Tq=*H%G6I
z_RlYVdHd$CcO-VW%rT}~lsGwYBTp12%aj!u7<gMs4bG%^I*rK`Cp1nqWf3{P4PN+q
zaJR1FsST(R2@H9;90up+{SDsb0-q&%D3J^_)^eZ~FKO~FEOT}GacZ@cH^5fwCOx}P
z)AI4!=SKVYArbP4&!eo3`8kx(?4O&~jZ^ul`MGf$YrobF8s^_-hsLb(58mK0AaCDw
zGq3&ta2bNUFKR`(;;0(Jr~@sF4G~u%G%%WLIp~y4>jn+^4jirmobR8ZoYHyDsFMSn
z8Ig=Z(d*Q_lclax_xbFuZv(ECTvIsMau>*=T3WqAmI5CR#mMmpk2Ol__!Vh-_G<qi
z6V?`rqUC4`z@aQ+ya<TKOgHFkAv4oiNSDsx*WYU4lmi!fw+kHY#w4Q5=hPdb8<hP8
z&mQu6APgTV@X>-@kLahRF(?90@N}5XD#6n-s2T8{yW3r5?f~2f97*{&55ov$<}7I)
z&ls%+qXKX-eJ&+VWojoiYWhwnWQa&%WC4CWc}J7em@pD1)zC|T>kD55ZXvz~T)4-i
zUbjBAo34hXz-7s+p+0IJIA;eNaQ6TVfcsJOp)g9#%%j++@F*Ez#tbo<Dukzc6Pag9
z11>#g8+>Yj!>KwHqbit402P*6%glRS^{K<42DmQ6bHMEke}jgG8P>dx<&3ezI`GPG
z*P!)KL3$4%Gt#qHbre=2DZiJTyO1X=FXeM88*hR(7|A6-rCRDX@xx}704@W5rp^vm
z>G-Zt)Q2UQsF+*PO5F@>E3-5qEVzuL#ju<zY5Z@rFc4Wnr>Vz9++tFyl;I-j0j(R-
zVP#wtRmyPT^e7;5OI*e{!GRy*H#*ar;LjmWVhuc72fQ)U<}kVo-mOQ?&ch|Bt&^2Y
zQLAC;9BOyL*>$Luad-~3J7M%PN4nuniT9*(aguI&=^2r4R>Z0i@LIUS4{r&umB0&r
zVHy0QH`$6rF9j|=h&0X5^lP$>v<%n=z@=eR1FkdRrPgMxz)#aCh*RnbOb!C<&visj
zKOBI8SoeYmJz1eYt98bkfu}$JHlkq1k?E_o1h^T9^VE+(%fX=n9|j~rH}yz2z<89I
zgryNG7f7%3m9jZYqxU-KTzCamk}t-P=+^N0;q)`}BWi9k_1F}EXN6VuRt5;YI_f^^
z?YwYa`3a;(fixr=Gx7<0WbDszfW+ILx2e1^Hg<Q=jC=xH86GDjW}7ZL5aF4b(~5YZ
zx0O{Jx=1)Fq=os$`OdPW(pd1^7)%&Yn=kU@?_<r7GyLI}pJ6!(vqE0^^FAw{tFNYg
zg_c`CRlcw|jH;ukXD}2YxYFvA_a<0wVc=?URP!0yP}Y*dxqeh~EilMuB-ZmIxoH_m
zL}i0C1-^Q_*w_*kp}LT)u6vW^t*hN2bqJ^NjLi{Fqwnl!-!uoVYQrr-EuGzJ#X}`<
znbyj}X?4JPPuRPa2w3jGMmV&UQEt#d=1QpRI$;uD!;7RKbDeA~0?$7RHUTaap3DJC
zfOgS9`O9fuXku$6Q7~M7)2mElS&^H<typFc1feb5iSm_Jpz<g~ID6%g5t>-IjN4;#
z_1>}?h!m~4>OC^h(G}(i;dCTi9HmRW44pQUt$_^BB~mj=evD``6RwB>_@1Qk(+fsC
z*Q8`oIY?cHIK51_Dsv|CcpqKYzgwH7J7fSj)84=JBnP^0xb4|mWFGg!v}~!uNg@Qf
z)xlKnC*oxsYy4I@d6Up(3{!eM-A;?nE$Oflcq%W}1Y9LER#rUw8;E#JNkz0DicEUB
zN5(ocb}8`WI;sE;Iiu@mhK91p-tnnbAe8|hr@hk0nsJ)D>iCrJ#o;>|k|7+MGlIQ<
zFqSC_5_sqb<;KKP;DMGtdH~nyGpJ`XEP0DkdhhWmIygQ&<7&rLC@WVpKOqnqxdB=q
zL<$=u^qG-)dy{icDPqRsSP3$P2Qf*C&tEFds--X^N`oRBz-xOrPAe>_8i*8oXasW+
zr3Pr=qM=9w#)hzJP}}xK`_cwnB~&`4aZ=8MY1$>ovRA=_FS;*wn!h0^$J=V)s+G)R
zzqNIE!ZrV`Es&`2Wk9ds48bAlb$6a_t{+7WF@f#+a1}W9R(OdkUCoBrn#;OgJYsy5
z6+8ccV;_%<*I9Ifjv&xctBDR#)6g!f>72WV48Do@0$IJ*qvHj~dzJLVvf7UyPM>gn
z?}>1Gc$9t3zZG9P0~N<?BPj?n+p&5{Lc-W-Oh-iJC&?SFRcQm&7)89beT`AWNBKJ5
zFcFJzGPB)Uav1%1etwExlLYbhMZ`KWT_hy#;K=V>_BtY9yE7v=u#MgfGilyFBmw5v
zcN%)a!UkWc%R~-MUs=V$kKqROUUZivR}+$v*r#5Gk|M*8^a{~QLPV-i5>IG6mto?$
zMZH12Rq(1qEb-@rE|MH(HzLVwh6r!Q5M5YbG42F0wt%bW`79=EMgvd11ike`f4+c#
z21dq<#J?m+wk25te~GoMZx}M)BQfz*!^t9$m%Ev$`ZK|P!0#J3s8@>^Z@Y*|BgACe
zTD$~&6DPn`gpNxh7Z8gH_WXK*A>!Kjr3JhbF*5r}bYyR%=Q2J$6^PjdhJ=x}trr`)
zp3P-Q9fDT5krNwvJPo;VgPyHt6XYpplN(<}Y~&EL%8jogHgbqr<;GVL8#%<Ra^tIr
zjbdPgl3{OTnwqpcEN`m6>wwF;ctk}TX`wqj0`GIODN^agQ<7-E#w379T+j=1&h%m*
z7cdkltPWqDf>VCt6Lu2nr~;!28<d&e%;Kxx@kVZxjw4*#vl+SQ&}VoQ2!ojNaMsd>
zsdVsaDa_HtlBl-{k<BW+Mu)E)m^JZARApJWYXcJ9%FL|WNTfyF)SM}clu?=C=J?Y|
zM8bnK)2-n}`4)cyuEN5)L?=*SP|J&3OmL)3REMwBoy!7#h7WOq5B<1!*rbYS+D5z%
zUXn0b;2^CZEic1aS~#S8mQ_GBPmvpR%FhRhbXK02-{v6GF$cb2GK}Hf4}%PoTr4Dw
zIWoxh{5bcgvP7$tcg9`FcvVv^Q_`RNa{{6dEa!9)dh7-bcb{e6Yeg%ydgmMyHx0D1
zICW_4lqFHDbMDBzLBn?E636z0qivgiqK<;O#I-0C6$sSCEw~Z|@&53ZdKP1w1qE5g
zX-++2pm0X8_jBwg<RlzhaH&Lr`Tr!tl2zAHpdxrEP`JQrYKFp2xBJ>(!rZ2#pjTc_
z7v(1P&Mw9br`5Kv&2rl+WuJNskk)8v7gxy(Ch2Z84c*GxJtY+opmMwlHgjYeE&!W_
zDi3|#^8_qkY4BI&Gf@>cHKia_@HUq*KateYGY5P?NG>D55-5o0fma41gUooZVm4)Z
z6E2nVXf<*Ftd=SG(*YjO$N*T{q`{c~;7rm&w=vRNb0IdmP6*>D>~$+0ajU7oN0b5a
z@u44cG~j)SQa<T`1Ev!(bzjqfKqG;~xG(~6X<A@e3ulzigEFt=gvM7m_7Dp&o1u+%
zr@bk2;%i!z3ct8Uzb|kghKaPZB?B$+b4BX#E1!|=;%K_I!+US>(^?*3TU=Ef!UUEk
zoO*CjyqHU|s!rF+mxmh>O(l2b(kR5lTZA4C#};Qk4TY?k9fjQ`{q=Pe!U@Ye8Qj3(
zF7jcb<J0oFH~G{87wQN+?+sJn@WPd;Al6xTc%xg+e1>1)@yA6Z!3*Fc_^JXt2QC^_
zfv*Mb2_Duiq5Jg{2jHa|h%=KEsRb_ZPr(E5+KJZyS2U>wKE@Fq`^j~x2ywE5%b9k>
z+kn@c`Hf}{2l`2r)9_O?q<$}cUm`TBTJe*bvKubuBNCrX_@xy~Tk4Tgqs5QHK>&V6
zGD>54dyx)&O6fEp16enPgdRMgOD*^{{D|bQX#eyWsTMbAsEVzKA#mg~cT96~ZVA}%
zHgFOKQruZ!L-m04R=$`MPo(AtFE)F)%o6ZNi}6S0fL4Sre$74Yn`5W@YX#swq-vK;
zUjUwuH1xfC5xWHNEK|H~=6T@YTd+Rh#yztD95e&24GHp>kiC;C4OXAIx-~!g<g<hg
z%hnuxu$f5K2)0R&5(ec*l!~6Yzql)~A--aRU6cJXdhGu^K!aU7`=Rx4qJVE~{WAEf
zkp({2*46W#N5_m0>*6{7Ck^3|PxwU!9e8_8I@7ol<Iv;VejYTzFDBDs^j#i5(a1`l
z%1;ycG$8NtQJg9K<NddYw<ueoWgX}W;0*y$0Kfn9;9~#a;Ak+o`041Ei{rz!Pv4Lc
zR``RXgR`S^4UM(J&#Ztp_<Fjq%v`uu__jxt6uwnV84XvLSc?58F=4ZVtf<FOgCCQS
zTp49cXo$$C$j=<F#7%w!o(vQ(^UKtN5l`l+%lR@&UoL*LiWg+F36}a9o+2mCXlX2x
z_cTc;a6~FMzZL;-*^wDxhq-0ozv|V<l;IgIBDD-vA+-(Qv)%nGmX8EZ;WK|4idYL7
za$IDC{htR<ogd%sA2@>__jmT5Rlb`Q;D0Egz!Eetu(=&IK74ht^x>-urVoXasnMC#
zIDE?n(4s0dP!w`92w$<=Ec`m<;j+T;!#A(3eAsnA&e;I0Bm>_gN8vcWhFjxL<oehv
zE*nW3fPQ^^2<apPAF~3lG==^Xxjrl5%%9#4Ah<=b=86ywILcH#7ZgEglM-(PCf!#m
zwD*Hzl}Fky$&94mJNvMTgWVHZ`DbwW)47r5rEX>mMvkRRsd?Pyrud#^C7bagnem1)
zFV&okXE^lP{GR5V1HbfQE*LqD2|vF4aB83F`?EJlHYhnd8bL~r$Rn<uTo-+`B*+gq
z@I60)M<1Vh;#m*cf{~gJLp+X@NYk*JGmbYqIs&@zeu!z99MU=VLyJT`NSh!J+DOT|
z!m1vE<?IQJ_(WbYpB&PwFre6bBz}b-<!|aI2ddd+h-{q5Bx;*WPVy&meTx0KAbzwt
za@iAMKjs4H4>`wEQAJ7*wJJ<fRnU@#jBkFD|6Ii6RX|6sw7|U6@~Q0e9})jGwOS}U
zjjjSzy<{y1JfmzSa6JHJ4ZsV>y%o6ayk7(GG(_lK76MZQo&^$RgkJ;jg1T=7o>%%&
zje1`RoNHqPc(Y1#=L}{zCSDc@E`3krGjf=vDPYhL>h(3tUsR8YG}YxEL==IWJd0F5
zOc;+8*{e}wymD_P8eWZ_idJ|q`3JtlCsD#&2uLnxFf+6?vykxq=^F-A55z$r3gd6q
zs)CHoN<3dRz>+<5_=CZZ$^?KKzYp5M=VM|j=gr}oAt#dZz1`jK8+z*7iSTJjEQ%3A
zOJQM&@b%}oI?^}iJ|jAaa{9Sm(u$qM;Wi5<wl8BTssSF6z<%wlKvndzb+HAKl>(2O
z<`*)6mt_}Pa^@D`_6$N+;LY*}H2_|dBgg>0T!x_Lz{|1#8Nipz0aOY+6_uandA6$n
z4g&ITbC!Q`ULANoedRp@AJdqeQW_{PB*>zgz9nOJ9gelKk5F%9j6;wFkbWV?K|q4E
zex{D9lT}7fb>@#Dy$XmoCC&&l(wWgK$D@w#B#V$Z`tdfQu`?t1^4j6LG3$sK4tvk+
z3H{7T{bT;AE@12bz5SbB_|G8Z5{VU?5t-u?6%T?Nz=EF;isU&wzV9}8zh4fG8D(}f
z_z$3(ZbUd{B2piVY}U#HZ&RXGm3>hG6&V;Gmu6rrV#ZkBg)d#K!QhR3g_@15nLqNY
zYVbp;nPhp0pvwH<2Ss>%gXs=!09a@~TyK;mnl0$~%o-Kcko#nwl*TBfiB;|hsiJaP
zA@s_$(<OzT;Z-BAB=XW?#4tdP4(-;$uPa&bhlW=(I~Q+SlW-;Hz7Fx`>r}*=QVLM5
zP{S%wEmOprYGMF9CQv*5K>74F1upv`VP7zTTcXwNz~_Fruj)xJ1AOj>S|Mr;1+Kz3
z1zw?mRst_gaJkHyS16#3fag`v6@eEN&}y=msGzq4uFbm&c$o^i6z~cKv=Vrk7Pu;K
zOaAox0=`}aRKt_qp8{&m=qqcVMP%+@^(^9WTfI}qty%W(65X?i+FBIP;;?tBby~oE
zMU~USa$i~BG%>PTLdykQnYy`@fU8h80eDW|OqI>k4+mMGjUmpOX`2a&=Y9y(dJQEC
zi$Uu*=satLro5GUN8OOGsQCmy@P=AAqU<xj!hZ4tjZcN9EF*;tiD=B8H@B<T36;J{
zGUy-vfJ&;-s?@1KF!ATA1_Ec$ELayxr>+&zXEm?UA|&V+OHiAYcV%3k8A-b_6km(j
zxJ@orJt%}UBAzJ6?lgbb{C_{3oxJX7FrSDQpeMiVzkLJTk<0r&%;p7xrdg<TZjO!P
zrVZc0!&gW}Oe-9W2uD_{X&>j3X|JMT*Ml_l>oSnb=+&hl?OJsn<SN>99mt$6od>y!
z4(*52m@||`!@7Yu#CSorjqPzPdZb>fTH&cBR4oH|q4ZOJODdT89C!8E?dpM>_j5a3
z?Jm9|$P(aOU8}5KqA*Z;omT8>l|oSlaFJl<wCG!SgU;Zm6nZ{g%?%oMR-l2o=-Di-
zDA=fA!$TYAwkRb<JB=NW^EZS1`M^bYW%-yo;L^G66&`;ip{K{fr`r&+K}a9C;Yc(b
zrW+A^URridh7p0=xu~-Vf1k>{dYT7#<sP)`JFZOn;~A7mzl!}NA)&|wF)?;0lfDr$
zoW~E<afTo_OEME>7MSm4Rpl++VQx5z2#(PuiAOl`=c=1X-OCmM=mv8f`V+zukqU2U
z!F-sGIwAqR5*a)`;dvAgD4IB<SNzZm$R!bO9wtuPDiV7P6*VFIsOTY<3W>^DIThPY
zbHJp8PSxQvy*`{q>`Y&dRl&G)dF82WX5<tDr_2Z7!l@sYT%2#vA&CNdji8MRFSc{&
z(n<C-;2(WUGU^+dt5%lZ;%&C|r9i_&Oy)EkkYu=xh62+$R6?UM8frBatbPDShgFca
z){aw1mqvsM*f7G<LP!H{HP<TOr8e18%jj~z7rw>GL;-)#_;KLb$3Vkg_vxy_R{)<@
z0e>CSMN|SEfIq(-aBJ1PCMEMK>gB=6h6zkm%_{+(tD2_+w@0_2<?7{C&OBGFut}xD
zrOFhR0Jpx3s5SS}eO!DASy>0ufY&`v$PHij9$~TS=`+lgr&GhOttMR=#LDtsIu2_q
z=v4<kbHK5JzirX367Uum90UBi3UgJ1*PU<-@arnRC0QE#;Q<XN8oM2cqUK7)GRmI<
zBEriax^snAYPBNWQHdR*9uZCImE%*yMYq|k51D*cdt)7{lG@*(p`M_9B@tK5Y7Yb7
zX<~a5az#pelLTu|W?zm{?#6B6vG%*R2|SlcKSzVx<j^<aC<oN@7*8htSRSu=fF5Cf
zEQk!Z@yu^E5&ift{19?P{xupamT|859Y{Ih3+-Q4To{@%DO(mOsvr|oL3J{J%vW1f
zU4qN3N+}3PHmuPl;LMUF(l4!I2>xxB-d+6K@gOUunN9BouDDCVGF*c5ge|QQkl8Yu
z0x~_I^MH!(&Z`1q_enmsBK>aA@afaaELR0UtI=;MK&6iA3Yy(9T>;uDFTh{{Wc5YY
z0hQ2hDL^`qACn}4l+8z{XGaJ7=SPSAJK=Vng7q-h!}$4mvehQK6u0E(Sp#z|9NMh>
zK_Q!Yn$N#7oB0y85K2+{N`((f@mWi`gYL@Z4y+{lx`hsGD1GG;2R4+xa&ZG2N?*CG
zfwJw@7c{tsdIl9Jm6tNOL1%YX$)FscuUommPNJ_`v%red*R57yMd|C-DX^mSbt@DI
zl#+m%b$7ubPUfoyS4_P^q{>_^l#z&fD^zgSfQuB&2ddJe`Oq(5h=S83Z6lsLI2DGO
zg$PQxp(dB|0`Ps)EF|z~06gcD*a!=Q6KZXtjf|jNf8XoAtx0-X4?J%PEp<-G0q=FY
z*1X0|fS1}qOWjn~IP+2~XsN?W4*1^EGcTz&pa54F8L*TVfKl5Gb$x4{feO&FjVmgL
z`y#`t_Tq4*M0xR%5Q!?aTsZZX^uTF?y<VcAVgh<;g8GUCO@TA%!d?m%9OgND)FmRW
z1uk6}52aU~?H=^Aa#vKYcW6VnTJXN$-tLWHD`y^Ao3-!fH;6-zC`+a>VZR5Z7elB_
z9F7CZ4~A3Ge(*nUzztF1lQv%JE~o*A$G~$u&FiEZyt21Q4fyx&Gq+d&7@Y^6{Zn5B
z19&>q(zKt$hR#6cz~3`|*PmAaUofk)#5#bVY8Bh<z*E2OJn*KU0&r_h6azR^3RTUL
zG!?!+^A#D+UW&v3ZUJn>$-wE*X#eMdXJu~naE=nP+sn*y;7@m}ZF+X#bw0Bi63gX8
zSP{74J!=8J`txi#aJwI^2K@Gqv$eo;9<>_q+ds_$@YGS;tZ|_Ycce_3DYwCk+J=Vr
za2pNh*YY1U#^ZnpZ>TxrUv8FTW#Zt){-xz1(}sg+ilBzqkj7I@O1Xz>m}XEHvGv8$
z231R{^#1IPwNuki4hLp^z_sD9kS9R-$SdLyY0|w0hY~S=dmO}NlL0+6SGP(!3{@qc
z997nW!$&Q{SrZ(LTKl)hK@nQgqH-<niVi6bf)>qiSTh|Kap0!YveRJ^2c;xf8x9#e
z)Z>sN!74a}B)OvTN8#UQas9kOugI9r31sU|y=dNvUgAk#IkHxY3~j)rv_uoXh<c0!
zklrlaGtyHJ3ML>39|A*?DjLO<kMbNR;~C;3xad7wfD5y@zrZhV!0E!h9sQ&u@=%{H
zpu|Eyib#4hf_jt`{g((g5<bp2iUMEwH~Zn3&Y_KTfiUUkpwC~1Xai!G5(?SW0Hi=$
zzx;4S7on#*Y?k0h^60IGA6+C<x)gqNkrWUF{3d=tMg%AJ@EaM`ijiujr9Dh2VkCr@
zf*1vK3N9p={|n7=h^GWRC!usHKTY8=;pojzIb2h7fr(9iBiz_9$TNH{<F)Eh9Np?|
zTZANP%}dwYtaT2gbiXA5W{E#`$F##cvrZlO%c8$*8Eng)_XZ80yL)c0I67a71hd(D
zQ|S>wkX)yc4*X*hCNU1s8`)mHHg6+;0?$7)d`S=u^CVW|_xHL_pIX41&&;0)Cy6Cf
zUGCwOH$<|b36K$je$|}re%oLP=gM5EtB%&B$lc%6Yg`FdcUxY+3i91PE1Qt>kC3Gd
zl7CmbV-9KZTJsfHq{)NiQZJHAFiDe_$2;SaiWid~l#pDP=Xe#^?5(5#_O>457O<9A
zk`(N^JjKhw>hB{d*mZe`r(o4Ten}muHE0lnkSihW2Nq3##ZBK7;g)cazD5Ldtu?Kb
zBQ#dd-9yJ=1TtU01Q@?=r~mwIh;TezfC7|IG=$_Qe#jCW1Vgvgdi3a#7TD;a^EZRm
zxv2d6Bjib;GNu{fPzBd1Enn7NRnfTH2zyXul@XL&Q55hE%Lf3p3`UbOv)>vHha=2p
zEgc=?IG{$ER6~DnAtdIP3(tNDUY^CDA&mIf?r$&KrVsr*!Xf;(t#vX|BWTX?FW*s5
zM2Kc>jVQvGpf19%wsMzzhOO4|L`+_Jw&Nh6R}A4rLg(Oc47BxW*ojFJ`{WV_{9XkS
zwS<oc8D5wyAO9==&Jh}I{M&}gurT$L*<u9g75+gImf-Qnj^1)}a~nkg;aA3(OoX}&
z!LxJ>e34a0huczGK*DWtPMG6RT#z!a=<_#&Z8Y&?rV2|d?74c*FQWgYV=uD$tMdqZ
z9$%yl!Zu~mX$HAkqL?ORoVZ*y3{#c^N=TmonS}}Bz9T#){Z`6F9~UDsP6E|UIS~ZR
z;3fXI<8aJgMmU*u652@u=JGF)<M17$fBlhM%QXzg!9qsZijlu#Nb-9?!>QN?A{v?b
z{BTXf)3+7UWnt4Q2A3*65v8Hc($ie%h{^K5TSzf_zs2PP-@i*_CXjvLKa!LC(7UBZ
zs|>hTjovO;!bg=gq&=>vtHxO#9UU0#N`W#$j<N4Vc?-_K@Us?opxW~Vjzf|V=K8Qa
z4j#`*AGJB=?JCR*!Re~8Fq|+nmov%uT&8fy^P4`IB+#b9Qa6@<p5IzZiW{@9qyX@o
zDV0-lv|8{eu7ZP&5NttmW)LBvh~M}{+ADdDJ0nw{CGoX(e4J(X$y1!n(3~VQ>WSF#
zUyV%eEI&#ng&NhbcukVT52sHcFAnjZ@U8PiPyK?~6Z}NLc%oozS|rt+E0=!A^*iw;
z9??Z2YRNH@EFw4CFxqx8IUXT1%|PGW6(HbS#@ab(e$D@M<q}AqEpV(licG$p(0EK7
z#sViMA~nCk!S+s3Og~*aBkEl{%>O6n`EGr4t}Z*$7p{-m&$<ozFcMn(m~GVv;{Y?(
z7e^vAQ{Ln@0LBJ%q=BiAZsdN5$yMwp1pRMk<8o)SlhBVOL}sCc$nOZ_MkibZLFaNu
zwEDAsgpFVS_wSwGwl+H(?$&1MNRM|qk9(cRyMM05zhn(kDd6O#Tf4|6ZOhKi<u+)w
zeo?j#zAZ&+Ffe6#p59ogVQE5y(j*A`VJa-d0W7L6qA|QL;Sln@(nX>qLFZG9uhaZ#
ze~a<8+d2*rjXj|@cocMmZN&U}6kIEX4^1dnY^13W=bh9X%W+n_Ih*ZH+vdAJhHY>B
zx4#KA+vwap-sIfYMxDnyXcQCt@y~#rnczZ=AvmUw{_^&hiyu!0=kNC49{p90&LwJg
zRPe>fogDnDKI*jeYr;q;QufhOpY+jR{&u$i%f;a6?8DI+{O9=K=t75_>&4aIl3u4L
zXXk&lA;pRDO(LeT<kI++C53ba4`q2FUG(Kk70RDKBlm;Y4EBg0-hVh8qE?Gv#^Oa7
z`r$NpU0Oub7<&Xcj=DJIZcMiO2y!N<d{-7_(}>Lc&_g(c{Dvr?*h3>3IVrC-ko88Q
z2-bG3$+oyl$Re-sP%xQ53ob6;0^x^f0!6XtM0&L;*atLBVj2W|7#b@ZFo(v3{(!c&
z{^tBZ<0~9{#B;W`wje~9#B3Xy&i&~uL04GZd1XeLt*!4Cj5w3Do9qJD$nUncq`Y;}
z37_$m&!mfCszFcuAP|C*GNJ%x+P^Zt=vs-NpqPw_e@SFIIo>c0+cGF7Zd(#pUtX@w
z>w4v_S)|xdM}znh^w!)j(ln88&Pd|01Tw~sQ}Vk)4!Y%Z1ID4TL{xI-(9W-G0%@Ir
z!Xv#n8hIrAfMn~GomFEIf1hoy3=J+01SUc-SkXzfHx3-`t!hoosivR>QUV{&r}C;%
zZ4SBJ!cLH7o1^!POcntO{O}`dEs?A7=rpgwFVmaf0FK4v_z0TD(qxp@e>{Bt$e)}s
z^o(4Rn2}SiS|8}@mOJ-WhSBYIyU+Lb;J@8&H}~J(UiazFfAn^r?e==ldQW$H|IzI|
zf8N{u57b@jOiMlsmf-k5y0?avpWGkh^9cRFA7VN+E-I1<5O4t+2+_i%X#$i2&`KVe
z4O?3Xp>vVjIA@-aY3E{P<nWX47@FhI!^$ASI~k+7Fq~N*1dLh?;T(bnpQ6`Ls5zlA
zV&j;A^q1)XLAGOfE`aRu7{U_h1WkMrcyMJCRh|=qT1s~S)1mp?pj<J`Q4@aBc(Sr5
z812=GA&d&awX$7}X&e(4(a_`c%&Gw@b7L%L2lrc<`p!iNDFO!s$I7%a&g%c7cdw7%
z{f(<;`w<?`#NE;yD>XEmrkm7UNJI3iV23OJqrapTNiR~2pU5S80!y?BsK2^SGehd@
z3a9IM1{LWUVN&ZXBF{;x>1KX7bz7V$TkmK>wzgDAyl{x{IHUQaMM6Ar(3e2;nX>MR
ze!@5})^Cn|;Yb2;Za^0oAr2FmAN@d}ZZXSe3KBbn&-hfateUsUNPrk4!9-Or9t_?X
zHhRU5urlz@q^lwwslth^aw@#gb0GLU@}v4;q0FSr3YhX@I?00>=D$siyq?9hNE~SE
zJ+rEKd?m;FFwlY%%}fc!IoFz-i7Ro!@z$W7Q2!w&DoZ+<q9Z+kWI<Bdd5$Bu^+T4(
zvES;s=)hD?1=1qc$25^xbXD<tW;cOeTsO^4K^Yhr3ofFVCUi^#u!3Lq#Q(bLzdQ23
z(*DIe=xbNJt6Iaz(3dYA#scw@5+~NNF2Ff)`SCuI>ufwm81rd(F$RevioNy+gE#%&
z{Lk8qx!k!BlI&vaM>Bp!Lx@UC;iE??!DsPJK>qMq-roa2t%!9YUk3W}g~R^ylKpr$
z)km>Ek*}rb@ZCVTl<`0KiIq?lSEg@?R%T)#@db4Fzm5O?OH3mASNF;0-`&rjkuRUG
z%8OaJ9F@i`|J;&L{R!H5%;omQr;GGzBzO+JMBjb4nUWI0@mJOsJ!az>nG;2fFBwtx
zBM9yjXQ9dx7SJinnh2^~1ayi((gaGz81@gDD4w@U{J9@aHOiAXrg7Z>(1`ahTAUx7
z2Iea=!co*g%EVvnptt_-4cTGyzZ;Ij$&McLB}RXGiP~+X(^<EJ_in%xUTFd6!+;Sy
zHCdW#U>Wb%|Ly$t1WcWe8(P+F!<2XJbyTnMY!QAW-bE7QknwFz!Z8I+hNg!9ap03M
zxtQZm7bEIjUqCoiH{FX=GLHdGqZgd_7cs%!g?#xy==*NkUp0s@V;ADmj}RKbcFVUJ
zQ~J>-7cv9H|84zm$K67mtd&|fFcMuXVjulqju!+?_2tyz%P+t<-03vlu6<1q>6S~~
z@W^GZj>zL)hV~Z=DKhl#1Diad8A-CWK!0;If#{rEk~sD~;=IC)IPc@2OzQMIoyTB-
ze=LP(MB_vUTL(3>J_622A7_caAOTBotRCh^ns+Y~!|+)(M}Vs+2t5|fu;&?AOlWKh
zgfGH?wBw><Q!&)FkabzB3wn_NF0{o#LL#QFb4(=f%eiV5)cQ2HC)dRwU5ioZL?*a`
zQ&hc;bERFnc@CA6$&@6BU5=3xqQ~#{-yRK4_YaN)Rg{J|%qQ<0YBtDBkIhUT=q-&2
z`qlDNnv~t{?^B?i5TlOj)k$JPI&;ht5`!B!lZP7z;(D7xg@FJ0A=NcC7lYzVvJTmO
zNc@S?`D>Gfc%>paFcVkviT_EsT8z_F7az&Bn~iuzq5zN0F&ramMBZ(*)l2Y45(;}e
zOGt!zZicktO(fL^&*RD)B4HBygo*3|Kxj0>42=ln_DnJi?Yc7m*e*H^RpZL8-+~tW
z^y#ie$9>Vga|O0!)ltd!56UTg9+cAu<<w|%H_B<HPFS)-`!BjLdO2;=T;7H{XXEi7
z^v7>Ve?;O47U%J9rZHv5Kb_e01?7|}4tsv6;}N|iZsAPNxdNxwIDTR{LZyUk>W;(p
z0|?A}nFp6*`P4<KI*fj53GFbm?FuY@k>+_ko`EYgXpbZHnxIUQaK_PzHeoe2m=O5r
z*QN>M>WCR|V1yQw=yc<(%r`&sq!AJ)C|-nI!1N2mY~Y<=hwIB6-L1az67JW2p?dh-
z<tO+4`~LLx+5X|t#k-U9qrq+7eDzQD`)~Kz?z3+0{rBnKUiabs_dY(h_g|>kgWgLM
z0l!W%;o=TANL5pm3H=%enJW=*i9(20L|KIYScNAuaB`82;Ud^||HcL1j{CP(YYQSK
zWO_M_LUN@S*rBm-Hw(Dtbq$vn9A-{iS;jL<sxlE2G~C>lVNmcIMHt%J@+e0d;mL%I
z6As`{TU)Iyc*WMy#A$$a6#EojP<!qt;ngN0Zuq3Z@FBY;6a_dTEJ=IP3GZVTW%WZ;
zYCeE7jCDo<9VttJJ$~)r$NhJ&kKUZTcITekDkE{v{ab5m>+s~~cjw1%kI?Y|ogMwp
z`{T2tL-fPR8QOn`<klAy_-2+uOLxQ;Bl&83g_)u>P+ie@_{`mNKMiG;LiMfBVB`@V
zf8;6<f|#=e$`_?idNlCT_8Y^l`@Oq2-278(3%Eb`=(n|%A+@z7L+Ai6Ihz(jTM$ey
zzcnmJGt6W=?@uC@qg-WB;aPkEK9XzUwh5!>aPXO2AXQCWt3e0t0gy(^OijuxSe*a(
z_b!_$?vosst)svR?1fsjDQ$kNwWatE03R+yoHM^mfOnr<aOn$CO3Q78(cGU(qRFf#
zDQo$um`VLN`3kB>V9u|yX}T6M;hGi+d8cgPD5hf>9mRY8I#~pPs;*2vK~6Pr<(Tt-
zF6j_)44uFoBJ`ddeUg7|N-Nsd7C&VBTOe*2gcta8vaP^Eg3UQeFrNt^k*nr8o{{lK
zG(7qwO#HHJ(NIx#DC#vMfd%?6BoG*GBIbu<Qix6fGh_k*JS<IV=Sf_ZMBzGq>h|7q
z(W`)tKZ<mNI4#MnkGdhZHJdFGk6wkF=^X~UXfVc5lk!UX#mI0>h&$A3Z387XhET{`
zPb~Vf%O^vn_b#6t@sKyN&`LQAd?XPkEaa^C7;?A(U_&eKogp}KkqQ*mXY}Jf`soGB
zDleqTO^uS@66Y*|9}QlL25hK8EQ26DHWcylWyVw2p$#r&Q)4%ut8#oDDvWnrbSh)(
zhhnXfV1Z$_NrwC0+z*Gy`70Xc83VplJ@~)PLG*<?C}F)sGO}c0u&iugR>EgM0m*3y
zk7LSGscx*o!HiO2t7Iw&C*320WQto2Kr#dCM&8#&w?YgvKw}pj1iqM-pvQ)IX}}?v
zt`Vbiu|-v%T^F4#<YqG*t+Qi=OCou!xacG>@}erHjLDo{N|z(vo-?Ns<~q^&O%}o;
z!SF&p@r~dos4Y%mE|ycBCBW0RbX6BI(n=c2eSF5dyu2oC=%OF6AIK0P=?5lGet{nB
zZ$1+__Maq1PhE7vr3e7u7FF7H;=eye8=23)V)K|dB!q}-e$Vwi6!>EjGP3ES!ACz5
ziHO1x#WCE>ul#@V^BRPXPKiu%9@6l;1YOZMzE+NS-z5<FuZ{#+pN$h2IL}4LGKV<_
z7N@Kz7fgzNA@9>*Q}QVh<_(F(p0?HGHoDzbGY8S<`YNVZg88qYgull9TnpkmVtKaz
zOX}$5T+;>TkiQPiEhlz@K&yTyJaf^Rq@?v2C<=XD-W!6GYia5nr?Efvxk||ei9Csn
z$H5s?q6q1g*hhRHBqB?K8YZOi90!~~<!j2<zHfbNpWJ0ay1a5dpSgVVuLDNS{lB}r
z_bhk+-`jik;QxIuACE*_Cl1FxVf~f^me4-R6#f>{5}WnY>uMI5>4>X>D^nl4Q%a`+
z!I95EH*O(y0QS*yx9j#=o<Ail=_5A7JA2Ri-q^zv@;x4X-y4r7U9$J$#V*+y?Rnn!
zBi!31FLrw0cSn1q_l!LA2zlo1en0Vg&v5r?Z)bN*UbIpt**@Co?sT2*j<d6O-s|=E
zp7nb#+}_^P-isGcx;y=D_hI)JK2`glUqaUbqi+B2?B?S?_V%7Vd)WW?@iF&5LRJY-
z*ux0jUMxT;p9sU&!6{48!(P3Yk2M*V6X1AC?rr}+>*ekLdrx<F9`^rzd<+*sq^u8p
zxx;1pw|?rBA#&bjVfiBETpzWcz4qJLT{>FyQTu5-bxfN3)=s@{vDXXn#Xs;RK8dnk
zpXQ81nYPovKk>%!H@`V3j5G64AMO5uX7LTIzqbG9#Pb*PbqRpl{ogI<|Ic>z9`^rz
zeAc!9pBDGPPVLTlQS9`rYU4c3ZJcM7+kfYeGl_3v{k8qi<~RuM@BA<B|EGHo`~O}(
zUv>YNAGgi6&eO{M-}~cC;+t51zW?RBZ+0E)fHTPLL_y8|@AZoLANHO<ec1o^@xhV*
zLEY^ydo3JA>7TuxyXSUW!d)d2_jKVJG@-HflC_O+D3cF6F$u8DhnGIq>%|`6fun`c
z#>v^?tG9zqnXNcPWFE~hgTj*FN)j@E<OhBt;{IufSb{?j#~yRWbRGph4#&i8k#OpV
zq>rXFiGtRQ&Pm_MS)<t%Xguw-{4t+}YBBPY5YK(ENMOc@@OT)1G&X=gpK5<P(7@^S
zx}SQz=WY~ETOY~w6^%VGpK4~4?2nd{xg$78{3b;eyh%9fDWsLA9Ef2wGRJ<<&%)W+
z|EFQhB_Eh-UWxCt_QZ?*@&D%$#)q5pEgrg)IPGBk&??w_QhDjvyptpb>c1+qN$a1p
z6@6_EfA~~=YURJ?khCg{YWct0eb&p#|DA4k_rd;qFP}$`(CdJXa9|dcN%Pr*&*mxQ
zDc=SMPmw|}a}l62I0Ig6^PRV41TrML(Jal|S>AF_#f$R(Q-KQb90z=`h+}?kWX@*O
zN@V-un>3rU@ZG{wa=HitnOnN`=uu0I0t#=+>3#J1OY0Fr<`8`}zgGW#hvy_~p$*xG
zZ$%<v)%YiJomEnY-=!)1K%_jKUk|ju!EaLva-+DVUfzediOD28zqm}6)rGidj#J^R
z?cW4XS%=RVhU&w6o|>BM>(ksTUvZcgLJ6KKoxt(P$j71cy%WE9+7gMoWi<qx5l0js
z6F(n{)G^=~@ZElJg|FFn$e+mhB^W{>z7sC9-)$ojFrxgbzB``0qseJZ7zvZ_#BeDU
zj5i0@ryY-uS!cmW>`WKFM>+t2bsj}AaiRsJxO2pJEtxkwN>S}29h87{5(#xCxR&nB
zoT(6wV+;wK@|@tdR!d{<=H|uh6H74r$kIHx#EGcqq}oA;&qPeliDLf}C&W=}-BGiB
z1oKV#mVZ&jw`w}D5|HOn=KZ_^*9)lG1(7R|Kr_Zho=qC6$je8M&~bv2MI18pYJcz}
zY|MB2Z;z2jMvEz=2J%BR_e0+!BaIeS8i;J|0ASX6#D{li=!`I%IqA5Nv3RtYrn!kB
zPCZsGPyGCYl}Y88rZTED30a=m4Ul<CO_Lc$MHL6$aFcJeNAOP-wARl-<YP93CI(Yq
z8w0i=DXd<}o9SYZ|12DVPDwoXAv&4$(`eusLG&slvGS``PI!8q`H1==QR~?v+-L6@
ziTe}wI;M+=gD(zl$>W|%oHChXmpU02NTI`$m?YygI=o8MtX<fwQ{1G53UrYp@Kcah
z5I3s}oVyn}>5L0vr%vz)nPG4^pX4IuS3+<&{lq0SlV8biB(tR)i@GYYDv&XN5QT&w
zHl7i00jZ3khD)2D%^%xt;e;(E2=+Le@=Kc|FK-%+=8GWlqkuRm9B~9c$^b(OYe4Rl
zdc~RDdSMh{;4AVe0r(bb<@c=I<9*cYc6%*@mher6vG9N1ACI}TxIMzz_tI(F!D8r6
zOMW3i8Ca`o5RV?AcQS?(7Fsw1l21N^%+$(TTMp@}q?SUD6$$A)pNU!>P!K1r1(fTW
z)&_zTTU@AHE$udMMQ;HF<gG6FKe^T+%jL>%)t{WD1AIx&#DGj#G361=uEX&xrXgL3
zuu(rjbLx>kqTx28lgT#t5+~#WM^SK{{v`tGMf$`s4lJ66#Zm$*_PzV8Bg0S~u|Ccf
z4%}HX4<5aKf8hMQ|HgT9^x^0YM>|9A0C4N0Hl0k`0^ASEEjC<$vnQRPp)t`R^2h{o
zEkeZYwh+ih2a(|$t{-p;LrDgmCb~^Uu*AvvQJ-rbV<<<!1>;{$`nC`UFvteU2;UWB
zoMnTe1643eOESSZz*VW6Co~rGfU31p3g~ztsPpQ>aiEPN657wNFSPIER!gq}AaQ_`
z3Y%>i^NbNuc6PLX`1Z)1dyixecPE(<C#E!U6i0H63S!)xcoDX;ao)?i*O}=kk8sM<
zUk_c7x!GW+YSWdWDuc*1xxo)4-dKGlj;Ox+h5z&x<bockCMsP)AQps7`XNgQ_Ba!B
zNB|<d^kW)=RrC_aJ{K6RM|^n|l0WzX(UsOTPi1OLyaT!l=@w2M>?kmm6g`xU3KWH?
zCC|SLUgbEL7##X>AK5Oy91Ed;t73iflHw=c2;q3j?g&4fM#lhcKc2F_feTitXVaV`
zD&9|{BV;ncq8?d5r}u{L&p6;z%`dB&nn;_BJSK91SJ{<B>;}&tC);w9jq#iW2Vhs?
zIv5}9b6ez2dbOBLNX*)O)ZXiM-@a;p;lJ)n_07K|{B%=^m!m}@qO`OV43ZiwLa2{3
z6Pd4AM@w(p^Z*<S`%_2cGRvKXa1Q3FXC$L8kPluqynIG!m>g3F-)NB_ehxsx3l$5&
zubh@%H6+=xQ$nN}%MoN1j(P;86CEjynUhdwM4W(Pk9b)s59UC*5+|AA5G1xtB&-bt
z2|jY9Jd(tM1iA%Age*Q>Pn(f2QKxGud&;5`u*0J1#cYIK2~yn_`OOqU6=jZ+T&r5<
z%bHg*9*U+vj<Crk=*9s9A*g2}xHbs5Le3KSenwf6ehrP_n_PqWb@t+R%^)VT_x+CB
zd-lTZy4}vsQ#AMX#7UB7If2)=s_iW_sPm$=w}j(C%`8r_^~fAL#h_n<P}zn_f8bqn
zqe<y5UM-o<1zh~_>$OO>E*r=)%<&>bIFaG}BTADdtFDH~uei$h7bfvF7*ZU8l<OIL
zuBDJ2h;f7+d47Gtzr7HHyKL4+H`2h29{s5^^1}|BsV~TQMp65aLQqyR^TVmzw$Ze~
zWJ}lDz%h?=j`%`9Y6KH)aFGV#-03Z!Ax1*xL)C1}l(?D0k1v9#p$N4;4TPXLkrl%{
z>Qa|84&~hOyO3J0;A^ENCKQT|FJx+fJj2N^;MSb}W$K>F&VxL)ar}_$jWqOR7%=r9
zY*JK`Bk|k^!^JelV*)0`Mz)GE4aX!(Scemfi)Ge{sQ91GBQ>f|Lx)cIb({&F)P8u)
z;hpMrz58gln-|9Fj%;pH`E6g^qfRN~@<MN(Tu1zJ%>UC@cdO%5xL1$WUw!nBh6EmJ
z;-ruEp6>3n%ohi^B&xE&;wrE7s5caQuVf`BVRBaObQD-a<9kX>*_k;ZNjPEsaH_uR
zJmMod93PHwW_4E>_9gbRGyuZkwO&L}E1M_lOU$8cds>S^;(DIu(f1i5{9htl6<4y9
z`FI;Kx(&3Dc|*6g^!t1Vi5EFUL*$-GBQ}kZ3qBsX5`O6O7wst^Pg<RtoL^N|bqIrB
zD|OY#pkp{`>9dr~fri%csUkK<7G>B9{|50>y`c{RS{?0TZZY_c1G?}W89yEK>k_%b
zLC|>=6PCpOIFacjoe7Nrb%nVycG+hz08GyyV}^LEaZs=8ivQzBy7ks|sxtT|=z}om
z%a=wZo*G4MVrg#KHl8JA;XnPWzsmN~K;CxRwl3}Vw&d5;jOJZ)opCIp%9&3?Kb*?3
z_;D$WJsVnGiA~OZ5=^)Vf^8Ji0w^$xBOhh~NkX^Lct$D9*QiLLLhY1|X|%)neE;Xc
zcIrulgo=aE>z|Ic`A_J-&`CtXL4wC0;U!0_g<!Llas?r?w5!q~Me=jWa}Z#E-cp63
zQ{ta~I7n^w%2c0@I3g1o6ZI;i@&%0OBJ^%81>jI?AOs{=D)R?SLv1S#UQ{KW6|huw
zIWXM!z&Hk3e8t_*^Z5lYePqo)cuR@gLMW|3VZGmLc(BFDsHCHzlu$7YN@$9U&nJGV
zTVbR;5Z-14oqiA%jg<{gNu?AswipS#+HF81_q^YB+FXRfu768ClGda>BiQ>n_7idv
z!nPNsYhS$fEfSZr=OXfOLIz2U6EeNdx!&n{euT3_!i0g7=|2^%9L;ovtnwZ>#=&rm
zB%MbBDTfKHe8O5Ln*H=xKcnyn_8xv#FPGW`-hws4^fze<6NOY9_?f+p@MOaEDB;qP
z&_KrXGZf$v37ELpQO^6!pTdGJdF&XvOGgX?PZa#*?mU9*1S9|kTkptfW)2QL2ZxF8
zsBhK_hpX2K11K8(oDoT|GZCeXq%-wE&QqTH3LW{U*13;<{jG)M5~$V%ts$b`8@)wD
zy?vW%v7f0yMF#nxJx!;s8(_^7zkm@|A=GRz+c08;BAX8Qp2~44?6U_ZePB|>9_!&z
zeXL3rO$*<VG{_+hZV=CX5VFu(%7I}_=g|UQ@uiv!564Cjg&9Dh;vjbRp1t*3X$-{9
zUU%MVNfloDI*3^xiDJ6y9Tf@<>&>!=jr6Q7mKT?&zU(ol9tj|iRul!-F8X;U3j`!o
zblDaOx%d?~%k=|w_{MSzN_!%3iT1oGC!nRZ5tsAWc<}L=OujGtjUGKhG?Z9yRdKtJ
z_K6P{fzcx*V<93$qRH@DUQfg@8+l}rN4OrQ-V)<vGbIw3Vvl4NMpdre;1copAqpxB
zVHEh6B!r^(p$7?ceE2Jh>4-E^8k)Z8D?m;P#1TL`kF?J4&1OqAKIMN~9g9Lg@o{iS
z0(`BTB@l{CQ$>$|C)2d2U+%RKnqWUz#N>Py6E>rP*GJDlr-NnIzU{SIDaOm8vv)Vx
z7z;Wl{Bp@u_PZE#C-I%#OG1l=5)w_b(bx<zmOB2BeSA)m8Cd`uuyKreH(7Mq)<l?Y
z+TZtHJQoe}xAYW`w>0#*Oovtl^!2*^hOkzi7~t8|M{_ZX*o^!)uo_(QU9sDhu2x9k
zeJ)mmuMJz>V@=&ioOB^l-?gs$%<z}(797BGKBo_EU<EfYtB2GYurB&Ysk@!ctIWcV
zdFQA#;IyL16vbXvmh=b}WNuN+RR}t}sIv>ZGI3WT@DM5r;BN&tcs%q&q8{>XP903R
z8E49a@IsxDn6zM-j>1dO=)O+;M{WF%vLmsM$O)f(N|uFD6aV?V82{7T?LNf++{<Tc
zOGfwb<08TdXu(%AU*%|2Rgy<U#_)(F(_34umi}&xL*8F#$;3mKJ{C&y=g*n%d|UId
z;6KV5r!t9amR~!qQUxk8*MR*{Jhw{2dtcO(DjVA@Zs>mgoLV;Bck0~ZKd{TOD@Sz2
z)4Q<Fb-+BQDd(-vpB>~+(i(}HKcC80g}!`Q0w)mZ%OfT(F*&?Q2*A%p-b=WhsAozp
z_uFL{sh3TGQJbG-lCCnn=;_Je{Po$<;No<DF!=f8?C|B|4Wrtgc<B`dNCfU>Gb$wu
zOHX>q3=T#AU^I+yGJDzn?0PuCnqyAt<@cqHZqNub^6V*c9FL5tM>boW2$DLo;#r(U
zA;*h6pUKKAa@J~Uyj{aply^qQiRZ|1lH?jWKL3kwk&?Xp?j5-#@psKA<Oubt6g2#*
zh~$v)@@4z<b+$5v#cCtTwEVo^NQ)lp7j4D6n`k4X39`2_Zk3yo%^gQrQ(l&Gmz7d4
z;fjDVu0@Wc%HKE+irDV~avX4GX*Mo$-s>fui_WR&%a`2VExInkIG%kRt&NU#)IhGa
zTAx4P3H{&Eg!It>lDM0O6Q3!)s9^69c8yh5OFig-(IzoA7&y-xK3PI$>2j%ZPlAA_
zi-f88QI!%{_pT^xSk`YTiJW?kwAIUgJEfz_y$+Ak91~5py*oKPx;Q?~Ni>mxxY>3!
z<&>Y0Is3Kyo68cMESQTuFXks9d?)|-(%vkfaC&lfo<m|4@cfPltOxLvtHGCc`fAm1
z<u}zC=1<T@T02;0Zz+Fy^G$@le9>f3+b)D8Bj}s^u_Qlo93aKxlonrSLko6-FffCs
zbRUOGzDnZ^=J;Bq$i`?wuF%{M7YSi@f0W}>=@^v;H@j&XnV)eomI=v$p<omD(RYPv
zw~d(Ps^Ri~XY7%|(b<RN1IspP47jNfcd}NWKl39chA_nqKlI2ar1q3<G;;lrkHt`T
z6IRmY|07qk{YCAx#*DlwA7>;|tlU7~{iawvHTKoWO<U!OW=y~?$DM|ZP*1#m1N#2g
zy{vt2=egT;yKe7W*Fj7UPzp)L0m_D%F#xEVZf56{`pJg*dxEFv1|?KRHs7F_Ov$Go
z{Ln*fC;t22y(f=vWQy<hCMYhgpZCw+9lv{>It4%|u169wPKbv#wAtrT$Q7y2F!=Ii
za~nl606Wc2;lq`cB{2=B!L?EPC!q*mQeQ>-#2F?~lL(_IrrtutTWIDSxAnviCp5L|
zd34NNJ$+CXhuxXcD<`2H@CgQABS%7UI21=~X{^uJx&JR=|GAivAR;kylW4hAFxB>-
zo#(yo^PK%>XQ%s6|L<NtpFelD(4{}`!+Yt(4+xk0FXx;r;~D9rt<IM(E#9hi^eF<r
z2CZIdY9ex5vYjJ++YE^$WW19#02e*sV+N;1cKOi~9dPjyFTyc;whRCC=Yz#$;(tPI
zCmW1!9!E&G&Q>dnk&`e)wuRppIPfPv@eqz85wY3&nTXM$eZpbzi7+%GW4vIp$jMKs
z`CeM2d=hvJ;h2cWb>gM>ppB7mMV8hph#ri{c(a-^*$Jp7q@5G_%nxas(guwv#+3l|
z$77gQ|7G(<(eO+U5iyE!{%5!v-!6?{6#HQ^LGAx!&VRCYZZrXR88#{Z_aBjagrA&+
ziB@0M$7vQ4t@lR#Ds0wsZH)!BWW_Ut+G4ux+c1$n-l}{fnB|Nli&&TxaTLWgihW>)
zG@l~e`lK-@62_crA!*uu(s2yYz{vcP#0PX9aV~2A^<~d}>U6i!UwZCyr`tyE0gf;v
zPV@<LIRna3+}D1h5aZ*uWs*f2vd(31L=xO<8+U{pr2kzSK<2*hetZGXpO*?mDN$A3
zad>q|<8D-8PAm#wBDq&YE3j-;Qx+PwOGS#lHN?NwJZ>O#pI>C!Pui$`(UA4Z_=Ix_
ziHqsI_(UrwAdSE29*wnxWPG3I)n=LfOlz+c>9QWFqMi2P+I68}PU%l2C)DlSaeF<)
z77-Yt#KuVd93e4>^i}67c=|k=rhNeAJM{}kY)m7v-5M<tBnST<cwxuwb&*F2gF<ft
z81j>C#3;HVX{9-T9t9%hs3>DQae%J_I`zkHYd>Ign>QEr;-G>p;`f07SYHY80RQt^
zxz%fhWN|28*0VL!M4L=dm%ayCess+wb+V~yp0Q`=KUp6*w5oT0abe*c4SXsItAUtI
zRX?h}hjj?I8oiOowWXM-+CABQ-*OU3ni|*Ve7XpIF_-FR5Xfo(Fq-CJ)Qzb3iE-%d
z2hj|_Tg*|fyAm~xJS9yis~_V_Qd#S|9GPt$%jj&w&r0dihIdA5_54~%-|UTcNzT=5
zPfKxb+OKr(6?U#lGBn}2Ml{ivYDxNNT{+TA^BZ)krA!{d)dU-jlWL(xb(N-a+R~s4
zaj%W0taqrLZdT%0Z@t7+m1|;})~0IOs?pLrLbIYSwIkAg^|IV(TE1V3BR08XNZm10
z7~w58%jYO#-J&cbV<jC6`5PPSm?b@z(mKn>sMSNux;|*851Q#$*G%n~Jmsa|@UkbH
z*KWwvI@3-a)UyRK23cxv=6jaz$P~Otq*@01VPigQ%&)gGU*~-yg~wsFy-4>;Y@}wG
z$pMjdT7@+!?_Z{BSejMAsT#Gcul2!Pd#2x9LKw<y;aGW!iV`uZYI~OOpxSl^ZNwB-
zUX6ytv{DDA(VWrD{C8OrCh=@gIa4D+)?4dj?Mbw(cJ7TN3hMej-mHCeF?z0tKNP9#
zxxJR6nVto#j&|0JVfCc5cWXd7)$uM#D1%=7e+ts6gj>sy&`gzOC!IZ=Rz2-X`ZXXP
z@9D_t+zZL17+8{CdAZb#5)#(qBHCrzq%3!G3>sv5j>~bt-KzfmK#Lb_e^oUMG@^Cr
zVKC4gX<`*xm_|t6vRDj8+6bqlN%ySe`sdHWY3p<56QmzpG|oN7XrYuPy0@)G*#$aU
zepc3wwevB@C`Wktu^LXTp5l2$^?~|di~3d(o(o@9aRD`EV?BuUK=crD&_Oq9yIT*M
z%;xCI0GMcc;WJTUKzM)Jy6FK{H|X~TO*A*pdO&)YneJ}d$ni5}-P_~4BJgZM4Ts};
zcT<7#ugIC84vi9PO{;m-anpmGc<8rgR}%e5HFM%sUI(?rUVq?|v*NsSDoqdi{0mkA
zzG=ws;Qvt3ZPVzNzjzkY3I4tP_jbDgD`V)U<5;fUm9tS?Q)vj%jsIDK!194BiB&d2
zkz%XSt(tnv(s0T7>f|gXag|kQSyJDc$oJ2djptQKxC+S!Zs?gHnqe*3vXbO(>pg?a
zCnaY?5(R*68*M-mZPdOLf2Om*$;?fto6Ly#3bkcYjW)mMeECu-VYA_Li=SLa<d|_1
z#(p?$BUel!M;W+iiC<g^73DXvrOSrwbAuB43!Vp?_TEL!WElrQEp1|r(NSyI%=zyx
zJ-7FCDWANQD^VLqk#hXosq&gkTUPr-er-4QhtG<iCE`DX9czxGWs3pV<p0>|c6<5w
zkEhR`Kg56B$43iNr!m@afA9ms+}8mep|+@HkTX%YH|?#m`WNj@i`Ro$B_jR3P$?o8
z3~x7F!-0~kT>sGzy?$o-Y|Tl6`Gu;VmOXD8{ca?&PZLLq{9{p6K2A1<NQ20?Qh96X
zl$<t~WkmahNJ{N81`TH<_7i?s8!c5mKCQ8sy;6x9tt?3OW^LVlY0*VD$PYb!>)0uK
zYbj#`aXB?d?#tV_FfKg)NUpchV{uSxkItZkG#Va4LHRJ~2C)!-BxB(P^pby_suPxz
zK09~o`MrW}db_1)R@fTpU0w|+NLAG%1@p8pv#%R=`0)8gK1-bcxd$z$u|809{`YpC
z=JS8;?LE~0zn{-%EhxN10g%<gw#pB8y;4{10JlD$Zr<VXZGU$C*Eq)^l~3&oN%>xR
z*rca`7_xFj1;VNtRD(m>UC+t;a6sL|X9@XlzMMA~|F!b}>GN(u{_pHP$p8EJG?4%0
z#q2s;?q@dJX1@pg|J~_7zi7vU;qs6>73_{7cY3YUJxcz_r$N;@P`OfKh2V4;`5}(4
z57To+itz|1vu*Tvbe#~U$??yhA=RSz9ew!%C_Yx;Ng{u^L8E6+NjT0UTa@Va2U-)B
z`?AzQ=a?s*Sus$IBdoyi`dKl|zu2j?g#4Gz0uH+zFJ}R)mH&Hr`M>l0`Obs<zmHGu
zl}$N>XlZS&0$B>C)y1&{^hcJ&x#9?#1j!Log~;i}9Zky&i^w>unWfou@<XVkY{*FO
zN`9~IU}iGhENyJoWe{+3wHm6Bvvt=*rl{eW7D5y3lJNomh)NOP_g*}gUnDr5k^~B8
zYE4y*qve^VoC{O~8gQ&2)5yP~yw87@kpE^blO;}o+V`KQdpY^P`}FC9{(mo@ocy;Y
zDCYbx#J-Vl*f<$V_g`sN8`zVpo*#eYb3+OHh<XD<kj-&2p1skgwcNxS<0_M<s`@MY
zK|rsNA3|YKy(X0u)SA@Jz9`2^a|AS;avJ8i&iYMaIyb@Q=%qdux@Eo|OJuyx6){>B
z=5lMMK8^WI>jGyLlp)keou0PY+GgdLWZ9#drG*3d-{A0j_$+h&Gg)kEN$-#P`(LkD
zxc~K@KYcj=@8eVD_-@8ty5;6M(d6IqFc&wrlL-I5AT2fd41=^{Nx#hPUe88tGock6
zVN0veXi&8_^%&T*I8|X|@rnG}eEjfP?X#5p2kyt?F<peo630M|{O|5P+s)tq_Vym+
z|Gj)ZTdD-fh2ED7Z7)-kYb0{O)|d-rW8<Ls!%F@o&$vu(e(fbUKFjZaSzUE~`+sL=
zC$InQ?md6-|Gk%ww*SlC07}fgvQ}@|Q$bdQ*B#TCPzGfZ@)AJ~Vpkn&qW-PgQ3;Zv
zR+2=5ki~+_?b#)LjXU-qSb8-jUB2dW?zMEu&gQ#E&Ss%3V<hz8)i-@Bh;k1A&9PUd
zpEK)8Rt&m+>5IK{7M7-H7}ch;&bcDg^$3-WV_=o?tHrtqxgwOo$0@DaQ+Q*!L(}BH
z=DYeI<+IHBpGBxSV03J13aUQ;cb@L-J<FZ{PoH)l-v96A)6BTg<fW%9fYHsKj|Q^I
zz-laNT1*spul+|pd<*VKFeNvzov&3f9M(~EFM~=ih4PWrIV=yKcgr|-%n0@Z!Wa~8
z2WDc%!KQN<AbciU-Se?icvUf9Q`GPh4~<#*XG!ZO{{*?WqGex+mSozcpOlu;9P{)l
zVa14gR-G~9ycf-QI-=fwo~?n1wXB^709u!1Z;SfI#xvqA0ut*!AzV+>z7~?ItVg@3
zk^v0MU8b0pOGErwsfsB`5>hW!@Uo`*w>Fm~OJ9>z&9q!8X(kgt^b;)|srsfIblPWi
zun7%FoaY4X%W~j)&sE?jB%b>r4DdR}V{%GjpLzo_rlF_fQq{~5h7AX-r3)D^Vn4Y)
z5a|o@Md`UzH5z16Xu@8{bP*Xy<wuikmO;m6Kh&|&e@{=BwAxhNy??XH2w97zZt5uJ
ztjZfb^z<BsiEvInNXt3u@95%y0H5>mY)(CgpB~!tJ#77QX<nM1J?A)(N)X{mVM?Z|
zgj}*>cqXna%NP?z7x9=d6K48#Uu4oSH(J)|28D8m^>)k=3M<1uX*GVNeH_#o`C*66
za^E`R+!r@F*NFK?&yQugD%(=dIlr6=fA&spZ2%j-Xy|#jyXpWFKlGaPMb4a4DN1Ij
zi<~+BB>vq)PDm5vh{9(s3vt9|G-(@O2b3jGCUg;cZFGbFp2Gm4PdJ`3G@j9`5IJX6
zTRdKb`%Kov=r1D*P?c~2Zc!r}BBsciRTyalijHqN0a>0^#GbRPMN02}lNHHzW{Xi}
zSNVH|bR1Vmh^16WR4+JI5EI|BP+0byTag_bGM^Pi5?<OF@zwG9yZyJv7l%i$-oMT<
z6+}PERg6O%UrWz3)Slpgk$iGIkBk=6GCwc{PgSn|pEnmDPTstKdvtMld}fE+Zm<p7
zbwEx}&dx91y?^`ar~*ojhoA|hBI8%-22BxreYk(VUrOd;gzF(r@Sz`<QPsNEMLJxZ
z9i6^8KG;7$K6!WX_T=!WgcPaGqTx{Q2W3=k;KX6i<XA=O1tY4M)(?JA%VGwqs!;mH
z565rHreBuGQM#0MYFt-}Y+}o~)(A@*f<G9Jrs^Yb`-xnikxB8_IvapqL%`zg$v+>-
zb-&JOXC<CIc=LX6esp%Re|mcHZvSn`qLkQVaFqVryaSg2d%F*?emohRR|vUfj<|9l
zwIZj?$4UyEyV(qD-T=2``ab}pH)rmgf3iN|Y`nbcuGFp5<=oU!krM*{lB79<?b?RX
z#Ke?*%FIj|a+X^TD!u6-+igcfv|+yD{D2&@KR^;=+oa2~n66_|Yr?Q7p=IWTLlWR?
zn;FRDGfV6IfKjPM$s8)O+mpm65wFPgqnHiz!?4A8Oc*<##e~gh;8hHiZ<-%!g8g6-
zlO{vun=XHuFf)SNcemN*{<gP+9Ae+|R@Kj%+T7JIThEqd$sBcV#gn<QR%OcEFt^~!
z+(@@#%iLHi@MXD8V>QL3?xZygB6W&M69u&5-e%oZ-;l9JO`u|0YsrdLQ%<OUC39)5
zDi+kTn7ofdc!>r5CK7_yqylX~x>YH*0_%%sCh{qX@ds^J+j?0asER$y4Q3Xcge1{~
zNOJ+wOn3;XU<#@10<gj*!9vzQ5c5^jufTU>)z2hg_5G?)7VdWRyDPD^l*n3%5T&)=
z8WKbgUZ^>uN{%NokCN*{KklQ?O#qf|ZI*9bCku2j@S=3Ki^#(X86+`I$n;u}wvbT7
zY^3EAF^eah5fS{?uIiZHE@K)5emH#(P5LNY1VIZ~d>|U=2ttG%1lXUSE6+pa1)TT7
zLB(Y%_>bs-3Z7BoV>prMl&#5bs2YkKhbk|YwL(GR9oqOp_eVhpgEIP-dU-)^mRm9=
zmUS_a6CS=cyO)J+vo{>$2K4)au)Ja_3sscsS^ht*K0_rJa<jrtSy8A5@8CQ5tmgl_
z&ir4y&-V86`Tuu&z3zkm?|ppk#k03;V3B6&Unm;9aQw&_-qy2M4)ZO#_V&JY&ExC)
z6w7R44^G8Ror<;eYqo8$2DjpDqzAv^98FepEVgxC#l==hx}{u;^PO%1copYjOV<bQ
zV)QTRU0jdmgM0Be=}GwDUi{!*{NP^v;9gwi5%Az%+|0dr{hq(~;=`ObL8oXPLotAT
zF3sw^>yF<YpC7)u*gtzcD5ZHNfaTncYf%0f2Zw&#6zQM$-;`3b0&NN8R)~vo3q_W<
zt~^I~aBy~fdOiR@=teHA<q(#^P`!>WiDi|~WxoW(D$D;3I>a~2A5cZhrY`j2mi6F6
z|KLNfeb(heue}lL)f9|m1=rzt7SoU}*a4l-{RFk?WYXTOqu}6|cLzV7oxD4FKe#wJ
zdHeSGyn@Ti5+xL1H$1KRF>PQV*R%fg(!qy|`5?m}P1tbD(3!goQ)r6A(lX-i<-$Wa
z!JUN@tnN2opv&Q_Qnp#fEq;X~7W_hv!b@v23*;mUpl2IxK-J{-rTD8bUVAL=CvEh2
zb2+~=^bo2ce|ZSi&{*UlRO2C3;~`YzAynhvC{*JPOQ>dUx7MG_G?wv#C3K!If2x0U
zSNIA<S2n6h1jS?Y5@<R?7hDZnOW&1(9sUi%JRZV}?mWEcA<AZ*Q8v=wVwEtP(yk5f
zJ9$is<x=w`GLu%L`ZqQ;X2Z8OOU~%Rlbh|nSu&HmdIKvP-})BT>?Mr1daUj+sQ(gt
z)%}=wsC^tF8ha#02}NQCY8}uuU7(N<kN?CXGWI9e2%~hE4ZC3+exq?ZooPTvIB<=t
zM!x-Kdv!a*;r{vl#o*-q*}>7p`?KRxTSFB4VKPDO^fuK0Pp|Wz?7tZc=F}rEJ)iN}
z112TDFY=DGxv3Fzt(Gl)E~op0!B;hG<&pUpv1?iRrpmTyMN+?Q-<`2#mL$>Zd=w!<
zkvJyu-&!*Ni%;FPNJ*SE-q`I!u6jwbk9Lc@l6}BiU774de*GK$J@e2yuh=DH-j<8j
zcjYb_aV>oGZ=Wrp!c1;s(1MLztBr1%b4KPB+^CA38@W?8jza$<Ty!i7{6j?dw;Iv?
zM@(z*jaUeqSqE2IRTHJ<SF^@wxRk+g)rGa-u=G5NriQw>e_N0Gz<*2Jfz3o_{q2*_
z5<i?mxV??YIRjeSH~El->GzA#RgGW(gYhr3rHBILqQ}S*{>^W6>(Ak!4_!yUjZ)b9
z1m%VPA&bF776bH$NL{c@{Qu=R4FO&%0YF{-_wG(H{=fU|A^!h9K2_y<S1#zTM~eSp
zWBHXl6M^gp!Ga&o$EPiRYRP~1(K{NFmT{{qb$W`H^KnXWJSB;^^ciEB(d^5Rv=NQI
zHbXvq?)9^z{ErFtmP`K9K>k15d!Cd3J3D(1`Csnk(=2}DZcYi#On>APqM)YBfbn(a
zX(^;pQ82RnDV7VMY7|iHy}|(w$Nac5LK}>6+HbUmZFz|?J6n;+jh~{E>g3H2#x<Ob
zs5Dss<fY&}vQgAG)_E11S0t2K`w@&R)fMmR7O|ZCUt09Tr>_40?z6o9-`m}NkpK7c
zxf99$Zz|NI0BtDAzKI_H%L{i6x5mJ$fDFKJbB4pIvH+F++6U<Nb*dV%(b2ogEYs_u
zWs2!_QH-bE9xX)AHD2*BeK<>tXQ@mo_O%7>H}<JL|J@l0=KeIKF<BKx&H3N$_IAzl
zzxVw4^Sy`j|2{tM)K6L`KfgOV8+>h49zI{;Q@j7qj`k1V9=UUGbr_ZVzxTAe^Sqbe
z|GnLZ{eLf?N9a_n_27Trv|7JrfBd#FOOlB7JDsbmE8WqV#?#Iw@)^P*qN9J1apJ@z
z06iE7nIrWahj>cnT)|@3EFp8WadLL}>g`}tsBJhzWFE~h^BJNc0$&j3kNm(-u0h$N
zAz}#*Jsf+?8Pj<b_*|!RTdhZr(D|D`AD;cW)fx_mV;V9Vkk(_wPb%bxEWts*`;G#l
zaWZcUeUHN=rru)AF>bZaXFe0R4m6@PVM&Z5hA^^{V(KTe#mF7gdFllw|LaHxjtt%=
z@<<fWYajs)`H(*?MkEeNLYNq`-|2izzjA%Lsgy&sV1777$&8?1e<Z;?!+_7xWwT8b
z;qga2RdkNsR_m3(L`;UEF%Hp)pamnIpg4fXQN*&*KFV)kMw@6tV;yO}3feN#3F5e*
z12MiIDr}jHG%C(8LnA^$ln|B(Kl>{he-t>pdwu-wZ|FGWBx2iWOyb0mGuTFxU_rvf
z1GuL#os(on7Qh_|jW~Fq$E%-C&&(M_G4))Zb~XiXoW=wq0hpf<)@nH@BRlH3y`3j5
zM@(eL?e(4@8jHVn-L5kt3Et(upMF45OfP+YF(xr$i-@bve9jz)Md*<@xaLdbhm#ny
zBwmb@MNA}r0SBrD1ah^`Y08=WOF=3i3I9{7vY^zX;r!Z>Ukv+IEbfRzeOdD|ra$Kp
zMX;${U#4w)An=UnWKwJ>=c{sO8lG!>(FywX6vuc@I2Zi3@hD3F*hGxL4nu*@5(dL$
zzoKM@6UCuwRN^6T5euTi1O=E@>#t~Q>)emFw)*Ie&l1GvE@#Z-P8kAWI4H5l--o_!
z75FkN)K49c1SBEwvrcnu3s}i7yJbC!M2^XvUJ{1Xa_gj}^N5BdOc=t9(Xo#cwLvq+
z5DOJR2aP`@f2U*=KqoW^=oL(quRhZ#o-WuZFvu_WlEwoW++;@lI9>8fahYqiZZf#2
z$>#<g65*G{ncyBj9I(KBrQWR@<Sg?+OSWIz=XQW$qC*+R1Oa1bWa_gdz8;nn_BAv|
zhj7%PW8MqJvfFKztZq%vF!X~`yy|*u6RnKb8fNgcjgdu$(MuA?zDF1uS~_oj`xAXH
z!+Y!#Rlz?c6HPmRvlCU0c*0+EXu<=#5S<{^NV<V??PS3SXg(S(l#ehoh>-)(gb;VU
zqRQ>rzM|Nh`(Zkll66goxZS$m$wZ|I@s!3%eq>{!pquH_Q?^I`!&(?t2Yd$;)t=q+
zOL~LOvL9iS+E-M6xsTSdrt6z%z8-;n%>40^9xQUFa^b^uCVq3oag5h?;@qI&ufGk^
zhDQkl4`b|kBF-8`3ju8~lFxpV6j*anAv8ncp@@2HvoKNJ1GJoQ=|p97H0JHa<?EW?
z;KteAgG;Kleb%s|BD6fNQxz0EZI9lYwjd@duH&vxm!GaN(TFlXp*2&rOcYMiJOA9E
zVKEx5@r<>JCV1MUn`NR2UL%KA03Lom-+v8xBEKxXq}oKYtO(1lD9D0HBviP&&kY(L
zPu|hwG$xFMg=4R-w>i;Dd8^<JWD<nqqQtw)j}k_!iCt}?kiEQ~PT55L2@)C4#oZRM
z8C?V(8WF_EYL~{ki9*)()#NTrlnav+dDPbqbAtv6SWyznul$LRgWwt|O#xY)HnP`N
zVVOlt46t$KbC!=uM1)<yuu~Oui!~fC3Zq7o)hEh3t~SY4P`&*`%ZjI1Pu3fB9QsKX
z2`s~loG9xqH_n=m*EO7@<rB4>tj#C7=Hpd6N9TU%dt|iCbSo!nJz1Mibj`=>4H~i}
zCdqiV3j0=0)OxZupXi#8*Bdn453cZa<>9yNL`#zw4bcsPBu2-FpvQAr>6;V3tIrJ@
zc2^Zea-zBT>FUvL(2w|17|qoQ4G9v62X`|x@dE+|e1bhNxP+JJ634e!Cf0C{TD;q<
zu4zXibClNW7U(a5>Ut--0RF6mSFkYL&qpG9QH!CycYdN#-WXPdS8htV(~p{HEr#~q
z`H6y8xXQwB8|wzWTg*o!=KBvCv$SCA+U8_O6%Bj06h@V04~ka60ZEY73|`>;1kI^O
zT(lnq^on>=(eI-n4Tswt#GEGN0!LABt^Iu!`w8KH2Xu^sAv}f+>11N3aM>>_P1Igs
z!8k{=6-}2C9#KI@pK+0_lR+OGy`u@~qXY0)=GUAl6xijb6b`F6%U#d$Qc<?SrWr|B
zTBJ1vb<gD|>|_zZ0gJs$9FB=+2xmr;#1E&d@%RlI&aW>tpi9jfCR*_TVS~5olf*4Q
zYq-5sJSo}W6`myS=Zw)1U17Gli56a3Z1Bq8UhedBgDzqmdUTF@U3kdHW7t4JG{fOy
zPGWy7Z@U+^-sVILuc0=0w)fF{_^g$6WxcCv<5+H@$n#?~p@DbD{Ck6jmNa8Sw86N{
z5Xm_(L)Ns#oB4@m)#oZSBW<E0`3-_JGziDj#T>j<?rNgzTT#7UUCEHfMEN-n2M1i)
zVjMCoU6$zDZQ5&{sF5(M>^1Fd5hnheAkkR!8oJdy>QP<iMD@&Nr7Nl$Rm^w;N0Dfg
zP&CJWh-hs0YHR*tx{iq!($iH+T`)TcN6cvY_cR~giWoFU6()){JPKy|F=&rSOUSob
zDMR^0?aB5^S2Rmxmioo%u4+a;KS-a3HiV9QV)Jmw5g62Z3*|S3L!%I`K0}263#WDs
zWj=Px7GA1=maKYZ<grdvjZib=rpQ*T=<ObY^$clsBi*1wA0#V|uQ~V16Go<OTM>;$
zsIF_G4fI@ObEtv@<e$iRA^l8U_Im&vC{p>YjRb3(XahZ0z)MS|DtjkPS7cQ8iHH1f
zN!m3;b<M21k}%5gZ&CP|yQ8sWxyy;xT}p3|%(V!!%*{}^YYSU8VkBgK;$Lz)OlUk8
zQb`h_5Oq*WZW^ylCyh2RQ9Ty7!TYG@jjaN}A&U2oKR0NYh6%4|?lk<`>fz;G<nHNn
zgNA!gcXw9gU1Opuc(}%ZZCTMY?D!5pYuKZf>;hGLbYDwCkTVd;k+wlXt*9831OEJF
z#aZSjYGxHEmAbj)1O7zKPi$46p`o5xU@d3MdRMe84?*r}f8X<B!la1BF+o@wt*>Sz
zMC@|R=c-S2T@(HFw_EgviH>K)TLdJwTXOU8l)00$=f@WerQOj6O=ij*EiYy3^Vwa;
zHLaKqw!yQZ)=LH{oqjl2c^VB+MZ+Xstg2-dC#t8lwLgKJ#`Mzn2!wJf8}{(jmLqt$
zPN}r!6-^Ci<<~SQ>XlIO&@E;Hb3^#9j~A;Iuwn1~L}hidN)>Q1^86U`aa^mtDyN!G
z{|@GSgNE()$|Aft(K<Km8`z2i>3)5Xx?gLjshstiKWk=PEn{+-6_8JKADSWF?tZ2z
zeCp2#_I{52gq(z9^4ro5RryTJb^f~Aik^vd&-XFe8#H|J+F##_)~SI-6%edrcY3l&
zz{AhWdtRr#`9x)Yd#;%eWY(W5Vf2pktH>h;6OAZ8E|@<JAsl@p6Nxgn&w7-G^-UB{
zCj5e16DDzk_GP<!p6vQ2n$Up6b(a@(gU-`-_c~P>;InFPeMK8w(m1@g81fb9DdQ3f
z4(<sRu5$@a$Yc>Pvd#&wZ$-uO)GPIJqH;CwV~!H=x+WS?Z@>QP-C#u{>aq3n?pi1M
zrhZYYSM+Y?C;_i)qJ`S7B`V;)=lL>ejZ_Tgq7>}i&iMx2MjDk&v|8*IW_n+|d+V8k
zKUzbDVL6QfM*jcV`}XIyZ7$LNtiJ*)-Py#cNJ&ndhwkQ^>%?yAX`J}lPO{&mod_Z!
z2@OSP0n(0I_kZ8PIRFSgB+HJ{Hl1kp+r}h_$HBqDd7mw58Mc7CxX{fQhMRK?+gj|_
z7P=Y3a2t+cJ4@XH$6$7JBZlFI9D~~4inq3-n=uTVa|~NtqZxQh3*C%ixE05+72MtC
zLN{O-ZptxikM3@5p_?%bpTRMF=9;&5k8a2?+=^q^67GKXN;4+sJcaZ2Lehwx_+@pQ
z!UwQEu2~aQhKIG<ei)hRZZN)dYrie%0bQN5O?tT^&rja;j@ewurK^zUs-pE0KIdP?
z59f;DphGg+-FtY<M_oM=_^aP&RVaUr_Ox=)-C7Hbv%c7`z-xhh`r@|lEm&Ww3!SJJ
zQsgTfQ?3ZS^aBpRe5@f3JR0=-w~g{?T&NdD*)(1?u=3AY=XMqfrr`Z3()YwQwnGnf
z(a=rtGwWGn9UDw<82BU7WJ$)1&^!}!n(+vN{n14;CVWzx13F@H%($RfwzHLZ!(tGB
zlvQ6eMZT1m{AGSypt|Kc_}3VNugE*dEU^?hN%%)bC@Fof@0l?pw$9QPe_NnNDa$T}
z{D=|V*RRyz?koSR&so8yQ{6&xjnYEF`{M9Z#$-wxQ00moi1bbdS0|T@L<!dtDDb{O
zpdyi`nD}(N_vsdPw2Zqv<r$~R0ZZtzfjzn+@P>@pL`dfFmMj2qxgz*|wq3l1f$#S}
z<LmlD7wb4cJ>HMvl88yhQplLX<V46hGK8?!FZH`3gY7Of<8vnRY}HDy$h#R!y@l!a
ziirG6^F~)>?{mJcFLXkAl1p|zlT6J-Ql&~)<d~;?p3n7R)Vv1xs+x}qo9V(M!MY)j
znPf4vV=<wVj7c)17jQl0QN&ox;`I(HSLES#7YgGlb+d(<kFH;-X*kJ~@@fqP)-H7L
zxeJwy#(dM8^om?oFVgb&U+N~^0@bZ7bUoRvP+j-!pFws%`;b;vx}NTS&1AQ-(Diip
zYbLvug|4T&Uo+XQEOb5H{hG<{oMn<n>UuX;9PccHtnhj%wi*Nbv=DOBB=EPL>gRLy
zcA*=EhWrykLZVIjfgR0wR1~2jLP8O9z*<|j-OA(J6JfR>dRKRJt*cx~g-t6SbEc;P
zl^0@b*Xb1*{q7x?kc*y*Bwer}X=_%Z-L1UEf_?2LgU65Be~g-!x;AE_DON(Vm@Bu=
zFBCbk{XIPvDbIvlL7gz!Pd4MApf`+JCTu|RS*Z{7{q%~+ESRMF`Rx|EWpZQ}N*$8=
zrnVCDTC<v0Fa?6^l&G#46oO+$Vy+@_0e8)K>BC@?g?_dZPV+(`dG~@wtP=h5dSRC7
z8W5h6%NdVmtGD*^e_sxDd73eKQB@sXkux9y#J&#6(Zs4?F*d^6C!3f+mA}zP7q<Ry
zu~3}cIr6@v+CmLee3NyWPj0i!tuAz<9OqwiZu9Cw*XB6?JLNVH?2Ub`V`_bw*JL>V
zN;8|2=EYu<<@{^TZeCyLnk?sEb9VEB?rvcJUTydG8Qw3m(CzU?8<>UHnS;ORQnz3Z
zwhP_J5c4$~V44@YLLvAyYXX}Wx<VoNHERN!7rH_r_%&++n-{u5A^1<w1a4%A`I-$d
zD;C;JcK<@EyR|dAksaorKy^2=!~7Gd?nZW)e*)Fr$PV*0Q(bVuK1?q*B4}4+KV6zU
ztSr6YQeeEx1(h5t{c3uQlo_ZpRQyq<Vz%{ZzD4q}E$9LBMNBhxmPwki>Gc6kZ=g9*
zru~<fMD4(%-?Jqs=T8L`i^hqxH(LEwt7XMYMx$9#VA(6*J_-WGGV+lvpTZWr@4A2f
zGIH5<L80x}_8x`g2O$ajMCXfyb#GP${O1-SIBY$C^-~l)ZDQ(fJ@NC?`7&@xopo1a
zU0HED78ga`YY5z_r0evOa9j6Imlj(uyF8&$=qbOGCE+&Vs76*dExqCxigw#aqp;Q5
zPrz+YlY?a0C6xSo|M(>qBmwogO-`taWHcVND6+*GHTwe7+r;E@W^0;w1;wFY_UG(U
zFtNq8mvo-2g0WZo{NEynspX25s<OZLy7}d<_s0&D3om6kh1`>Vd36%AjPgY3rXBL$
zoC5Opj2zA9In0S<bgGJq`>}{rXf$(SB<4LQfUDk2Tn3rwL4ACc(KHSub{ObB0<Yyx
zt91mbUX@9aPLm~(Ok<JD(yLd=OH&{`MN@Q~W141<CTb$5iCe1RvRjH=dS%>+)51hE
znog_k(i{`rKyK}fPC)?;WFWS+!eTy|FsXY&wNtD03;}>f7rUjDr0mj^QimR(n0=-S
z9fi_^VY3S+m0pEOvjbU)UArz(e46qJk7#OVt-3@=5=jp8CKq{<GD*ig;hDy1aHbA%
zA5RJ(MYZjp3CVxc10_U7RPT;H%3PU=^E68G7|z=Wktrx(4tO=fGj%y*lED?Ev2w!o
z`4{tYoq5R_lm^l_)2cbay5|cjxhgI$$)<TirJVwf8&=K$SG96O{=pEb-l?FWj?YjZ
zF1@L(fHV{Z8WPZHwZ3nDsU;FTox$otE31YmmDm`PL1mE2>s>p}nmQ*dN2*p&8Irb`
zOxo2Eo0_HV`T}oQcVyMHnrod5Nxw3$RqX~2B&(fM{IM%8FU8*0UKIO!F1%BcEa99O
zgo8uUb!cyi@hAwSE88+j=oAxX#hN+L?^6fHROrLSQzTM;fdNOaLb9JIQ6FRNaTL-Y
z&pU)_CN5LFs112|j#SW3jfBJqR_^suZ-J&co_fG=^HhczqHrbgxF}&)+#a)h92)zT
zzB^<?g0r3`_PrgSiSkT1ZeiuS*K6~1up9Qneh{-Ur)lscko^&^+batRiPL+27ITwH
zoGL?}j_JbCMYzausZ{Ta$`=~VKzSeKDid@58}88MOeCx!UAJaV;uv=vzc6fxAZ-}7
zSD9MdA;_hWA2l3YUN&>pAqh4nf3E_Yo4lo@-rWP2f9Ae|tu#RkFkuVtN>))O>&#Vk
z&sSzE_Yl$B(3RQQ3mzK8lbA<Y*L)b!IZK{X#kz!r(~$h$Rx>JD{4Cd(vuY1Xd#~R=
ze%AgYY_*P3Vx21tAQU44ybV+_d)!WzVG2VG`lu#+*4&$cV^b1#t~9?8i<FV^(v~2?
zMXt(v@1gK3ks0O`&J)IT*(#>Glk8I8oa}-NaAJY^n^O$ct%{;YDCj1FY6fZ|4T>q^
zCD-&X$5932My=M-1OO95gv%vGvBYq}9(u1$Ob<8)QE3)4A|@eibb$yS{OzG|S?@<U
z88i3deCVfP+*@}pTIVyNnECRiCnJt|I_+uDUup)+Y++-Gh!SB!X6ZxB<;YBhUzi<*
zP$IRx4O)E&Z-U0CPPjQTuc&Nr6I`y~u|eY_RK#i$O36erHA4X<jTnlU?=7!gAYO5w
zOnIiS6n&T2o5cJ#z-uNbz_?>BB(pIZdPdOj3A4+2E{w9bacUtsN{NthJ;lHI9=u(a
zWS*-Gw>`p;OwdCW5~QsrG(t2tb7pBKmkYtuEWi}$VLT#AV3$Tb)q-X|w|X46CD)Vc
z$~sHfTq^2NqQ#mLe-XOsfNYAm;po?3<Eo_cpG{f`5<$6QTGu4OS9vr8QX^T+QvJP_
zfr{E~4SZu`lKx^DM$2MyLc<}%s<~7$G78mf)Ybp_A6u_5#KICIbGVL?$HiU{;l#oz
zR{$#v7hQ9T)r`UWg10V?T*-gc<m`7}r!k-{xeE#Bp9~&9+Og5bx@XOC7%qgvSS$kZ
z5Vxu5N3SjtNrJC|Sb8Vt<6~t#m<{?Wm=gSp&$$*HsWQ}5@7&n(tc<)j9HZ}uW*pE;
zM6r>?6ifI2IZnj5hbgo40S1j8^wBe8`K^PG&ec3z&XXOp!w&3*I2F#1=D1qO04xf>
zQKGNm|H+x;nu4D(1kiK6(|1%^dd9+usb!gAAApD?nS~6_L7zEq6^)R%lp<#;Wr^cl
zKiJPZc$o$%y9~^%g9}ar8X$lJP3m^gTSG`@HBbg)-zW$TpC)2VlS0)Eln0teLeKsa
zQ4ve2<U)1HB_ngXL}^s7WFj;Wfmlce-NjJDo~04jU1=GwQKS2PQ2Kq}-0G^T25$WP
zdqQv@&}#5~W4~AH`fVJe)W~&M40+8LYaagHzqn}nqT%61>-z?<d|!uE?NO^~2dZ<r
zYIvkS^w?te;aNToB8vl8l}Eeg!`qEmMO9Kq-_jZ#>N(YYHq(a#=Ay`$X<-773D}QN
zhrm$#C^L)7A^A~UvJ22q=412m0BFfB9Kw{Ly3Yi{>wo%XF%`LFNmAyXVnLK>>d*G|
zF%_4!DqzJG+tsX*<`VE~1ImKR6c8K1J~n3Nkvo&FnomJ33K3<9M8adi8%!w~Q<?r>
z%g%fd-tdFnO+RRC<}5bxcyQeu8r!ZIzSI`b<!Dk-Vp)2c>0JxVw((S7S&FG{qp<`b
zUbC}AV$STR94rAbpG<g^Cs|1LH81J7S!3%&tFB^rZTY+wG6U7SLt`CovfWo~u_^G^
zwXVYo_|{9h?AB&yWm0-Uc>*eFo&p<e^w#bGz*R_2ioD=oNDxw)kgR5~gF>f<IVkuc
zMGTA9T$5lyvzc9oldHp4t0)ISF!LCJf)L2zfdWdOZ^jnLt-;Wd6iRvOP)``plmG+|
zE&glpy?B1uCHwErx-jE8Pr2r=!j|QP-WOFMf4SQ!kZ*@5Ow(a#6)cpwWa<J56Iazz
z9-&i{&_psC8?FN;&QrpTY8bY9LU{t1x=bVZZ${I2yfhkM;Kq`~X!2Fp@<DJcB%2^@
zd>@IJ-ENnWFMa%IcW=T5@uT>DpN-k$_z4|6WKRZ<_Tv8D<PnXZ>^|&APww}ggb#aG
zW!jTMWE0g(_}IgGHS4_G8$1qP?(IF?v67M_(kRggg}~^N1=_?Q6bUeA4lpqF@Aw=9
z1oXfto4(0}r(DfgjK`pqQU(;%sIVs{af|g8C@1@OB#6AHwk44GB%gvLKr=mugkf=8
zz3*NOXgQ6I7MzPM@c4Hwz#7`isQRdSQ1V%$i42Tz(u-M?P{{%_fdHr4LGQ9)De_><
zraaw2?9~))Ro)#J@fNmPKM3hh_F@q3k^j{Hd5FjdItLKJvs|Y7HZQNIB1|8k!s&pe
zOD_zo2%5A7<O?yHX^}T#KIA{pB>8}80ga&Lx*AsO;u?Ta=E5?)mQMH8PFWU?Sw_P$
zw99aO`uopqo@(S&Kevba4<*p5{d0TxbK6_j&+R|{Fcz(M`VuO`!vMKUGD-E#;|Mk6
z#Y61=Rl^iecJIOcU9$-wk1QmMxU#_LHtk|5snApOmp3%6$l?W!5Q2_1nX;5g&>NK!
z4Xt9YLcDyikrxiQNa(VVfJL4ya;PFpeP<|hUhvQz7=w4jG;5e$GM1A1?PK+6X-wW9
z0Qn)WH2^tHR$6>MxNF1QLakN+DuhZ0^<kV5-`HPD)<R2-!2gM+OaEn~^HkU1v*jrG
zG!>E=Zz<T2W|u27I0jc{4f8fIk&K+YK0AMLdU*EX&Dr5;xA^nmnfJ%Z{@K~P*QW>G
zqoY?x=LgR|?4Q0kt3Q3W|MKAI6kvYx;$Z)LKP3A`lP1}m@>Cz|=BevB86TL)>cCfR
zYG`(4<)(vDCk^yPp&?;TuEA=P9?O`D^}fhFbxAg{E@UO#1NB$vcVY5zGCAi8wO!>}
zM5sSB1xBA+ZetXZee#hl$(W^V!ZZActE#(!D%4GSHik1SB4@@-A9YEi3_{@Hwo>|-
zYk3HWfnJPAeHt8dl}SF%kyC>C&8Un^;W#Rjl<Ug|eDz*0Sb8?&6YH{ZfYOO^9sxdf
z&51a|lk<ZV)-q}Bvk$_4*zXzz+d?SC$7pDDE)yOz-h{t(OnAl=lr=R9WP5L<?9zT*
z#1I0wGCH+0z<b`<lA0~cwy?e_JEc4D)9VsYD2C)2Rp_tNUDbi+oHTtHBOm8|ZMxUr
z@{G)=HO6QHIQA?^a78rvZCRRS9OB#$-R!D?lutKl4wmYE_^`Q6S;9Er@@Y>mv$vSS
zYMZ}ls%mDwtA4S<-K^6gZx&NYW7cXNWp@-wnZ6&WTmtiEEC^^vGPxU_a@+XH8CP=s
zil!vT-oQu#&RHnwnCLf6k@Sw0+^u+u-UE`Rv6v@I?-q1ph2)gY8Azk6=4Jf*4CNTr
z1w5lM_iqvBh3Jc^P>2!NQIcnouNhM{v(A2Yv7VQo<<faNN%Bwe*zChf_ssW}-v9rX
z?rQj@^ik7%pT0jmJb8KaeE<CD^{e7L>q3b9o6oGPe5^8_S)0`&p%I&bB}$PGjdS>b
zJnDz$kv<gk#KL_HRJl;zXEHZ=5e*+wazjjoX7K<4A888KYW=7oYLH10N)jPH<_qVq
zDaOBQ{zuE+ps?bZB2!3-dzUU2YNzWc;@yjZVX!~)G$wZsoM5?Q9BojlqzXELyt;4k
z+n;zEgV)`Qw?BpGHe*rX#oM0<-YwR#oT3|B#=#|TNyd^<O&kFL#a(g7kR&l77o1&!
z^2%6+^igOVBx)OB3fHOZeXWTu44nqBX(2hJGT}_x<pRb7?Cz78$8fy-=nezMNJylJ
zCfS0fiHfHYBV*0$P5387lsU~J+*f_b&;ZyVjB51nq4J`)$djZuc(nU?fG3YGxB=(L
zX*#^pKrWFrxuk{TrIvT}KK3pKBS4ruWd)AW1-}Ct0?ELv+SR?}3Hn>6P5Xdeo4}mR
z>94|pi;VO6!a7?5<AFD1Iz?wGvWM7sWIUeCXLtwQyJuV`t>($Qlm-LeEzy6`zjv>2
zWCXWK=l>Zywj1zO%SZb5HvXUX;1mkWgr^_Xki54$a(Q{_tEq&X_UKsTSubUmsyBH2
z<Uy}s%r|JfgS`E<UrZRya?O5bl7HG{i1G(JR-S^LF{D$K;np=Y!x)p{7Bqz(2^wI*
zn>a_Zpd};#n*I#kB@NX~r<P26)>y?D`mQo5g)|&m8Pp<W7XFEtDv$WTV+rUmD;%|#
z9N#I#T4(tf?UBZ{1}1Bn-tm%L>f@$|yN$v}_dW-<OXY@fHE?#R-U-ca)pZa1Y@IR9
zq#Fn831jh?MjuI09G*$_|2*IDR_o~153dP%`t)Dq-aYi#teg|YvV1}A-D|mqZ}sg@
zO<ri@JHu1rT}t<~fTIN)6^7mj&Xc4vgpCmhORcNUfZ)BPsb$PEFgu6j1u`D!#a;Qj
z;yAeZmj})=;Y|@$<A#5WVaDaJo_j8OzGz$UDPH530$G)^r$@O%aEiv><|1Q$;$pAW
zStb^X@?6W^+`CubOsl{95529|W5B(8EkfQ8ejz{XpYOjMk|NB*cw|bj4;Y%Bm}>wX
z6U~<ghv)l8`qOi(L@wkBeXA6XJeU)y?$$c!cg;;`ycMeB`P82b2I2h>xGQ@vMBtaG
z>4}<wN@32YnrAK4+Q0??=aR%m2J`N8Ou=S}4NVDMETo{(%sDhbW15vc8s5X;MwPvm
z?t-E+%B5s!)^pr!ILqcq=grBB)BS^^S1*FMNBhCai-R}EC;Km7?s#*y(qYLnpd^$T
zcLgs>C)QW1RXW*4cgb8_;PoaM7$87WOnpcgk@x{#z30Brnj|2|78-|DT8ttsgt9mX
ztFc=+8uY_QVLy-$A6s3VeWfR;ntYQIG360<lZu#yzoHyT)y(wJ5Z8edcM6e`7gJ3M
zG_rs&!34%!+SQMpxpX1Lg2`lAF<Xp0l7#+~A>_(1E+fv<$>$S`2}0%h_<|dYjFn{g
ze9mG{GnQ!S_~`iL_38QktMegozM^ngth1<-_FTUf8krWN=JX>YAOz}foePw=6E)~L
zQxbWd&6vF8_Lu=GOl?9qxVKS!*Ce1pfN9i;ffLevku5ckZ_-qSCe0jc{$l^-%h&Hd
z93G#X|J(KbbZH9YfC{&qlmrzGfP+@R9VayX=*zO!y5)yJfeI2W*%vGk3q1=fqj$)C
z?`SxF3Bb#<lGewH#zh2^Urnz|Y{@y)+Z1Kl&^-ryn$R|(5fZf1Ve80P7qpO|*$iYj
zj9SklJEl(IBu^472r*;HLW9J_oC3tfn89UeTfH_edPoC0<eBE);W9%exYY{C2xgrv
zM<BL<z#<vO1ZugVR(==c{7Q+vQ1?@+L$|K4QbVsh|2gznu2s0M%W_Mv&(aG+3U{3p
z;>dtKYmP>b`r&_v|2-mONmERpHyXf`(!GS2419n-A1Y%D&CZg5yat)wXlO8JBxt|x
zj?NBG-yS_bge+AflnPuB=iSlkmj?w2+p%Z2&=7f?Fh)(*q@R+0AQMJ=V7ySwIOgwH
zug?$9!t9gDCs&%NagBAlhw+lgJWV0QjWimeGzC!?5xmu?b!7B@cTp_`Al`9zlM9on
z2YO1j5QdY#KK65k_AStCo;B;(F&82xcdek}!3Fv(7Dz_^lJr3x?X0rAu}>@_0ndou
zPPo79_^-9-nTY8W*bDzs*LOKEx(?smjp8nR6oU0dq??brMp;8Ma>*?IMdcN`PO3;!
zoxACj1T*3zBMIIV%Grbc^ZjT0XXeenNH3c&dRjus7oh|4KA4<ko>pR)y)%Nrzw<?A
z;$x^oLSr>5a8i|5ftTLOqhSnmn2Z!7A@z6}+>0PX@;NikH7ImC{t*DI_-`1}2>YaG
z?0g<^nXpBLT<dXICX&^z)=9YFU9Aa04d8k!Rzvr{nxR|ghk>&ID<kkd!idljO}stt
z8t?W3bj4QqEb`q_xG6G@jv(w5&KZ^=u>dGRks6{?fHj)2IV}u~K)I|1qoe_!aH%q%
zh645Ucya(`cnv6>JJ-_=iKSQ+GbzFN|N8CBN!+|;u9zfm&JIuOEx@IUNRhCjf%VQZ
z;J@?i==|0G@e$ZA9R}Yibu*P3%9_G0B){MZn=;5f(L6^DzID@C@s+qVT$J~%#<cIg
z{kHMbqS1tcq#VqsQ{fhhAB;;mJ={MyJ`CsaZN}*L`~63Id+^_WzhC`tf3SQ1yTSd3
z_XmTAg9p2V@A|v_-Q9=Zk^c6VTmR*nHUF;v*<)1~_m%vfi^Y=IKz><MiqSOg3E2=P
zYcn)t7=DDJD4Ekm`0ZqVO}`D#zX`v*9T~Xp{6BioubltEgZ}Qf^Z#f3HjMfG+(6%`
zOlF$HeKmK?Y7x9V{S~9YDuf0N95jwy)Gqs5#_S#g1D;NVi$GgxWg&RJZs+dXDJ>X-
ztga`<8=n8waj6^7gzL_~KJ4Z5zjy!9qi^T`&-nej`G6YBQ8~a=$RfTJX@Ct$)-s-n
zfsRRBB$7aJX)Hu$l|nXu(hW|<Esq2DtbqZAXha*lz2iBog@5%9{I$Pp&wq2ynH!C<
z{`}wXKkPrMod4Z#{QsZy>vYHq43{#loF+$oVOH*R$O&jIyWpg?Hl)7#ao1!MgG3!(
z2yVBqU3sx1tccu7at68U&|c|9OikBLc8E_-Z6ywjG@(;=Qq&1(bvh=ZYuF;5z%wMj
z|Iz9YQto0%=1cqUS9H#b7G9S_cuGj%HU5b$@vZyHc&j{5s8YJyGw*M3HCpLwZPm`5
z4v}m!BsWf`q}L2x=_O0IG*?Ijo?41HB=v4ugk*F&B!fY?S4yq)_(6-1PRG?*papPD
z#16bRu^7Nm-Punr=~CSxd{ShHB3zL>3C)<w?sN%D6vF^NLGJh!Bko{#4hqfjIJsgn
znC3iYJs3dsIt$5yMUJ@$@fq}_F~CiANc^F2q}N5Z1ee|_B~(hf)K^*+6G8(G<KJqt
zf6Qr`mn*YZVr0U~y4D67xw8{2L|i0Q1jjpET(FS*f@UnRd)>3E?U03!xB9_4ytT_g
zeZ9<?-n4qwS;cH(89y5aTFep9<S2t^Bt@R>pZy32^VR<G5sBG2pH7Y6-khgAW@8T)
z>ztKL>i`B;y^iia5NR-`Y8JSDTLj0jdEfLQI?JTdMKARI2Rq~Fn8(6fn`B|JybCmM
zPI>C=FxIA{8}8_X)*-$fb66Qs_qpL{*jd#u3LUmg;v7GRksrO>=@=jSlOl*>X!E{-
z+8@-ahAA_SM<us=bW+U(Ikjath7$$8v3mG==Pg3YiS!Ja9D?g|GtFtHIt3OOqN6g&
zvS<bmt|2vBCpOz8H|7YINe<4>j&uuhb9;jG<w=fPagFR;M|hBClrUT`5`$?>$WV)r
zN)VAjHixmKk0A|U^l_2oXz+>igh`W1uC4FpkL|E_!`>v=vw+b&PcptpSm4INE4Wh(
ztQU!-;Y7ssm3{WcSil6P4iJpr0IlkoHD`QC2L1k^Re~ivDQ1jj_kB$1{P`0uo*RpP
zV6sK`TIPWnsx)h)>3}R6q7c-Wy3lOrfnc2kOqbx|W8AQ~GP%)Bus0fXU4r21r+A<s
zdznVz6t}UI_OuSv9N?!LebE2ZOoy?vnWy$ojnUNvu<iz4mHw58v`fTf(lxG}ALwF{
zEZtwI83UWIh-lKlXsq%Ud=ftF$vn;YoY~Ypmo!0_!543y2k-V@1}_ia9=_DmUXeu>
zM*G3K3=|0@Mx}L*NX#bSu>m&uu1oGve1Opqo28yL2=V&-aH#o?A}s7*W$?BLS)FAT
z`Z)DmZB3<KqQPsQ>HP;cyGfoHZ><T2U|Jeb_SV%zpTlL~^#Zhj%$Fa$XXc<4iBmMa
z0Ys`DwVUSzFuAIn=B{J(ok2EZ5YZV}gbYBFC{-57JoU1WXo>*1U)Z!O6Lu*5*G(5F
zZav0oxN53KN$gP#eI4n>_7PrCL;FU*ItHpx@`2XxP+MKiPOV2;6`$Mc=<T(W{DCLT
zXIY<Dy=%V&T#>ecy37u<7NR!!Ne!ab1^Ww3QqQ3l962OSqOYC>a^JQ}gAq}97LN&)
zQ}u=B=fmg-M%$MVGE(ARjgA#EL)x@OmB`ji(p1sNIv@XO(|t!14b|$lmMjeZV$3bE
zI`!{$$$WKZtMmD`Alq$YQp-i2HCwKs27ysRCrtH<h=3Xtuk)5yP&2)96~Z-Gg<dI{
zaSeRV>Q#f|zOonJIM0Z_2cY2x>n>%B1601c1|;{IAz^H}Wq{mD#SYf8z#7YfOax;V
zps_5NNHGT^lnTID7GyJ;0>w7QGOr^&qbev5y?nEEM8s?uG|y%%&Ft;E5<P(jPO%oI
z=gQD3WW}NNWH-)Jl~&gxpXVR34)Mrh`s0|Ev4mU&pdLh*IGW)9GMTFkp3j8J++%12
zPbv-OOXoi|Un=nZ8a&wz2M-^I{jlHLeL&{%o>vdVrD0unype-Cuj_hOU_AN-*Ou7o
zkmgj_!)qqA>cEi3WW?B;q3$N;$;Sdsezb5cL6r8={EivAgJzz+YLi`e8FVW<zS>w?
zI&&>MS(E$~waD}32mSN|b{?wPkX#w{GU@zBZ_Lx4n%M^|nhDZA5JmpeuwA-kD)&il
z*tW6*cO`*w6@umg2!ZaeGBZ`#!VO@%617Sose-7o*T{}-G$y&LDJVskB_nmJ<}AKD
zmHFvCheT5}5um5^CPai>F~jQA4eJQ=c2)0VuLg?3x^*ruNy=D^Vc$&7IjAkBl12;^
zh#P4tB9TUHk*S`Zy(Y`5w-EUMdL7#<7il0SS{PS|lirILdb|_Ae&CSY?^lVjm5|Ga
z)I1%c9Cad;rWbzmY`M^~F_zylvenTENY#=3Ye-&+l!2K>W<yB5)GFH>Ku8oZI}tK7
zg1qIUUJ4pNqX|tT6T|Y#w)3Z;HdMVkV49CrP-GRe&w3r*W1#1wCtT><?F@%z_9w={
zhNeqDmv51COPOHAIn<)G;bXCx>m~)=x{y<I;+M#9*%<((i(H@KsZn7INkT}EspZpR
zE?^le3;|Wp`q0Fz=_W>7q#9AT2wmGV@EF0^OrQXB;!W%5!~$DSmK3waWCQr>dNm(7
zt_PlA-k|P_5|PJ&ahj4^Tw<3rNqQa0R3>?p1*V&ckT7*SbF1oVUcnj6^c13=&{7kS
zK|jR*(^q<<)KyQoXzYvx4UL@+Iht5?OSfc{L_NfR`H%i(+8gzFJ7_n3(r(+}S*Jvc
zmzrmc(3MPa0Wmn(m%c7h*>l(Po!ZgZXNF1hB<Ye=)P@43IN`7gqFZ-KG!sHq>ovGh
znG6ZJJ6-H*Jcl%qkc5#+jriEhi=QxqB>7Lw$&}IPBiM1gbUIB+J<T8#diFU@>6FC{
z;MbG~a$Xvpwg>!^x6hr%-YV){kER5zOL>LfaAT3D@n=&37c6xR5inS3)gQ17d#uhO
zTEixNDbLbX-2izHlw+7hM`6hh6N~8XhLXA4P~;XNE{Rd2eDBS}&*D_c6$WXiaxi7N
zxp2Mk3ttOk=mGjPGIH`3;~%XK&r&5fGnJ2VUhOtaqhj1|2W?G4;nW|Cm>H8tKu#Hr
z-$|aa*C`x(#eZW%^7sXBptu@6%VjhxIWEbWNuzQGl@?-1Ut=PNy;pTD$7Z~O=8~jH
zz<S{&Z0U7yQh_Pf$(d@Er#W=jda0<UwOe`%IK}|elDA0<RTPGC(0BHlC{;*xh{39w
zXQE2+DQxHsubmR_(!*}RK%sB$UI#L^nvl%x_H0)c&@>Kcn(@Fs+3q+Qq@IIOJop7;
zmeIf@32Bj1Y_PfY?R3na-p51o{+AXpTVPw)xQ2y@U-~T;BHnLeEsCn24G8kqGfX?j
z4bbM{8&Ja932oL{Q#aT{9Zk<L__>6oaL&FV={F>`=&>Cf_4`_jqAnv0a~ZU}EI$z8
zIp-DHf35pMB<718Z1{#v2D7pI3%$p147}0iY!1E~yL%6hIXsCLx&E_1Z?#HEaLrLM
zwK%O6RbSTSWV~)Lch^>oy~V9>zL<*`bK-*CGsJrDhLeO(x)`TWPOWPapkZ&N?7D?{
z(Po&&i@d0*ElUO;u1EqbA9@>gIz*&q7MfM;mh=2133Ru}{ER!Ms!O^w;t6(hw>nu8
zGtGxtTcXT%9FR&Wh7FHe#u7Asm^w#5j1qpqQl^wi#$rmZW8L(Pn1)R)`gWke4HDoW
zy^i-WJlSd4#!v#j(X9v_yAN1Gm%dtpkVRQlG0@L4K4&7&+{3*VA=Lu<L-G)Kx^lJo
zAsMt<<%;whPiODT%%-%V)rw8PJK?iNd8Ig7hM;*WnkGF=nNXVap{3$aJuI9wByBxL
zyRivsZrV=<j~`)!s*vvHaV%1<NjkKud3X>{QBtDS)(r!5jgvX{f@e{`1Es-*J{0%+
z#?Q(Wd^*R?&|9N!@2+MAlECeQb6o3(56g8(Yu;ZKhtqF9U^O4GM)#;K%)0I%WktIt
zm$C+Qta?UmVNSQCm@x9~2|Xb-l3S-9Yv^1vrE8{jtEk-ydPhi|{{CI&2DU?<x&m#@
zIoH9*xZoYo1$D+GYr!@hrWe4_{blhV8^-^Hm?9(mRf+V*V_Xye_u%1!YW&aO{$TH0
z{Li29`@Ka-`~TqXwuhu`#00(1f!T8*r#<{<r`^@fHLIZ8VrpW1hDqr%&QyCyeuq=j
zuDgr5cU~_FT;rh^e9p53UhF%Ux8mhQ$a&j4_<wY(Ls`S*jfQd`T|ZEv6mA;90|_>-
zg9V-|{u?VjSv||jOzY}>-BqcvH}}$W$<mlf7$V`Z2UeUCJUixTdq@UNZ|J8sTy+ia
z-lRO!{l4IB_wtXH|6dC~$AfMHJ-6ypWB($j?sL}&bML@yr<<-3iyL?M+O2Y5uh_22
zq}TNY?@(l}JztLi>-P2fy)6Ut7$!hYab5L>B}C}2dJWjH+kfzQMFWcx#~w<M0ufy6
zXp#Sguy}s*W=nwRuWDccF|WX()%5RGhsK#7H#s&<*zFyq!X5blD~?@Ht_;Vu>IjU5
zNEl65kSwF}@djQ=t_nDGJzD9zY_FPvmhz@mlIEs>S~b_lM$~e~<CvxO^Q$>VZngr|
zOXc^#FzG@4LJbyxH`w%Ah}GxZH@DfqRe-5(EJW$JDm)eFR;lw=BG9h8WQ-Q%&jwgQ
qRaWX~Ho*Myidy=Ae|*cS^zHZU_wBd+-~R>x0RR7ytckV&#t8tqjXEd*

literal 0
HcmV?d00001

diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/helminstall.sh b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/helminstall.sh
index 6f0132d..b7e77bc 100755
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/helminstall.sh
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/helminstall.sh
@@ -1,23 +1,30 @@
 #!/usr/bin/env bash
 
-if [ -z "$1" ]; then echo "Skipping creation of persistent volume examples. Ensure there is available PVs 200Gi per node for HA."; else oc create -f pv-examples/; fi  
+if [[ -z "$1" ]]
+then 
+  echo "Skipping creation of persistent volume examples. Ensure there is available PVs 200Gi per node for HA." 
+else 
+  oc create -f pv-examples/ 
+  oc new-project jfrog-artifactory
+  oc create serviceaccount svcaccount -n jfrog-artifactory
+  oc adm policy add-scc-to-user privileged system:serviceaccount:jfrog-artifactory:svcaccount
+  oc adm policy add-scc-to-user anyuid system:serviceaccount:jfrog-artifactory:svcaccount
+  oc adm policy add-scc-to-group anyuid system:authenticated
 
-oc new-project jfrog-artifactory
-oc create serviceaccount svcaccount -n jfrog-artifactory
-oc adm policy add-scc-to-user privileged system:serviceaccount:jfrog-artifactory:svcaccount
-oc adm policy add-scc-to-user anyuid system:serviceaccount:jfrog-artifactory:svcaccount
-oc adm policy add-scc-to-group anyuid system:authenticated
+  # enables hostPath plugin for openshift system wide
+  oc create -f hostpathscc.yaml -n jfrog-artifactory
+  oc patch securitycontextconstraints.security.openshift.io/hostpath --type=merge --patch='{"allowHostDirVolumePlugin": true}'
+  oc adm policy add-scc-to-user hostpath system:serviceaccount:jfrog-artifactory:svcaccount
 
-# enables hostPath plugin for openshift system wide
-oc create -f scc.yaml -n jfrog-artifactory
-oc patch securitycontextconstraints.security.openshift.io/hostpath --type=merge --patch='{"allowHostDirVolumePlugin": true}' 
-oc adm policy add-scc-to-user hostpath system:serviceaccount:jfrog-artifactory:svcaccount
+  # create the license secret
+  oc create secret generic artifactory-license --from-file=artifactory.cluster.license
 
-# create the license secret
-oc create secret generic artifactory-license --from-file=./artifactory.cluster.license
+  # create the tls secret
+  oc create secret tls tls-ingress --cert=jfrog.team.crt --key=jfrog.team.key
+fi  
 
 # install via helm
-helm install . --generate-name \
-               --set artifactory.node.replicaCount=1 \
-               --set nginx.service.type=NodePort \
-               --set artifactory.license.secret=artifactory-license,artifactory.license.dataKey=artifactory.cluster.license
+helm install artifactory-ha . \
+               --set nginx.tlsSecretName=tls-ingress \
+               --set artifactory-ha.artifactory.node.replicaCount=1 \
+               --set artifactory-ha.artifactory.license.secret=artifactory-license,artifactory-ha.artifactory.license.dataKey=artifactory.cluster.license
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/hostpathscc.yaml b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/hostpathscc.yaml
new file mode 100644
index 0000000..13eef79
--- /dev/null
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/hostpathscc.yaml
@@ -0,0 +1,18 @@
+kind: SecurityContextConstraints
+apiVersion: v1
+metadata:
+  name: hostpath
+allowPrivilegedContainer: false
+runAsUser:
+  type: RunAsAny
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: RunAsAny
+supplementalGroups:
+  type: RunAsAny
+users:
+- artifactory
+groups:
+- artifactory
+- jfrog-artifactory
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock
old mode 100755
new mode 100644
index 7037cff..97b3164
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock
@@ -1,6 +1,6 @@
 dependencies:
-- name: postgresql
-  repository: https://kubernetes-charts.storage.googleapis.com/
-  version: 7.0.1
-digest: sha256:dcdafe9ab91ccf0e5883e2b5dd9ba13e82190b5e16e6dee6d39fd16a04123ce8
-generated: 2019-11-10T13:12:29.836238+02:00
+- name: artifactory-ha
+  repository: https://charts.jfrog.io/
+  version: 2.0.25
+digest: sha256:1de97dca862a0b7e74fc937fbeff231119071a00cea8e42f92adb87c59fa554c
+generated: "2020-03-09T12:41:44.126599-07:00"
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.yaml b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.yaml
old mode 100755
new mode 100644
index 756a19c..1b41f8c
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.yaml
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.yaml
@@ -1,5 +1,4 @@
 dependencies:
-  - name: postgresql
-    version: 7.0.1
-    repository: https://kubernetes-charts.storage.googleapis.com/
-    condition: postgresql.enabled
+  - name: artifactory-ha
+    version: 2.0.25
+    repository: https://charts.jfrog.io/
diff --git a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/values.yaml b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/values.yaml
index 242803c..1991513 100755
--- a/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/values.yaml
+++ b/Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/values.yaml
@@ -1,1330 +1,20 @@
-# Default values for artifactory-ha.
-# This is a YAML-formatted file.
-# Beware when changing values here. You should know what you are doing!
-# Access the values with {{ .Values.key.subkey }}
-
-# Common
-initContainerImage: "alpine:3.10"
-
-installer:
-  type:
-  platform:
-
-# For supporting pulling from private registries
-imagePullSecrets:
-
-## Role Based Access Control
-## Ref: https://kubernetes.io/docs/admin/authorization/rbac/
-rbac:
-  create: true
-  role:
-    ## Rules to create. It follows the role specification
-    rules:
-    - apiGroups:
-      - ''
-      resources:
-      - services
-      - endpoints
-      - pods
-      verbs:
-      - get
-      - watch
-      - list
-
-## Service Account
-## Ref: https://kubernetes.io/docs/admin/service-accounts-admin/
-##
-serviceAccount:
-  create: true
-  ## The name of the ServiceAccount to use.
-  ## If not set and create is true, a name is generated using the fullname template
-  name:
-  annotations: {}
-
-ingress:
-  enabled: false
-  defaultBackend:
-    enabled: true
-  # Used to create an Ingress record.
-  hosts: []
-  routerPath: /
-  artifactoryPath: /artifactory/
-  annotations: {}
-  # kubernetes.io/ingress.class: nginx
-  # kubernetes.io/tls-acme: "true"
-  labels: {}
-  # traffic-type: external
-  # traffic-type: internal
-  tls: []
-  # Secrets must be manually created in the namespace.
-  # - secretName: chart-example-tls
-  #   hosts:
-  #     - artifactory.domain.example
-
-  # Additional ingress rules
-  additionalRules: []
-
-
-networkpolicy:
-  # Allows all ingress and egress
-  - name: artifactory
-    podSelector:
-      matchLabels:
-        app: artifactory-ha
-    egress:
-    - {}
-    ingress:
-    - {}
-  # Uncomment to allow only artifactory pods to communicate with postgresql (if postgresql.enabled is true)
-  # - name: postgresql
-  #   podSelector:
-  #     matchLabels:
-  #       app: postgresql
-  #   ingress:
-  #   - from:
-  #     - podSelector:
-  #         matchLabels:
-  #           app: artifactory-ha
-
-
-## Database configurations
-## Use the wait-for-db init container. Set to false to skip
-waitForDatabase: true
-
-## Configuration values for the postgresql dependency
-## ref: https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md
-##
-postgresql:
-  enabled: true
-  image:
-    registry: docker.bintray.io
-    repository: bitnami/postgresql
-    tag: 9.6.15-debian-9-r91
-  postgresqlUsername: artifactory
-  postgresqlPassword: ""
-  postgresqlDatabase: artifactory
-  postgresqlConfiguration:
-    listenAddresses: "'*'"
-    maxConnections: "1500"
-  persistence:
-    enabled: true
-    size: 50Gi
-  service:
-    port: 5432
-  resources: {}
-  #  requests:
-  #    memory: "512Mi"
-  #    cpu: "100m"
-  #  limits:
-  #    memory: "1Gi"
-  #    cpu: "500m"
-  nodeSelector: {}
-
-## If NOT using the PostgreSQL in this chart (postgresql.enabled=false),
-## you MUST specify custom database details here or Artifactory will NOT start
-database:
-  type:
-  driver:
-  ## If you set the url, leave host and port empty
-  url:
-  ## If you would like this chart to create the secret containing the db
-  ## password, use these values
-  user:
-  password:
-  ## If you have existing Kubernetes secrets containing db credentials, use
-  ## these values
-  secrets: {}
-  #  user:
-  #    name: "rds-artifactory"
-  #    key: "db-user"
-  #  password:
-  #    name: "{{ .Release.Name}}}}-postgresql"
-  #    key: "postgresql-password"
-  #  url:
-  #    name: "rds-artifactory"
-  #    key: "db-url"
-
-logger:
-  image:
-    repository: 'busybox'
-    tag: '1.30'
-
-# Artifactory
-artifactory:
-  name: artifactory-ha
-  image:
-    # repository: "docker.bintray.io/jfrog/artifactory-pro"
-    repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-pro
-    # Note that by default we use appVersion to get image tag
-    # version:
-    pullPolicy: IfNotPresent
-
-  # Create a priority class for the Artifactory pods or use an existing one
-  # NOTE - Maximum allowed value of a user defined priority is 1000000000
-  priorityClass:
-    create: false
-    value: 1000000000
-    ## Override default name
-    # name:
-    ## Use an existing priority class
-    # existingPriorityClass:
-
-  # Delete the db.properties file in ARTIFACTORY_HOME/etc/db.properties
-  deleteDBPropertiesOnStartup: true
-  database:
-    maxOpenConnections: 80
-
-  # This directory is intended for use with NFS eventual configuration for HA
-  haDataDir:
-    enabled: false
-    path:
-
-  # Files to copy to ARTIFACTORY_HOME/ on each Artifactory startup
-  copyOnEveryStartup:
-  #  # Absolute path
-  #  - source: /artifactory_extra_conf/binarystore.xml
-  #    # Relative to ARTIFACTORY_HOME/
-  #    target: etc/
-  #  # Absolute path
-  #  - source: /artifactory_extra_conf/artifactory.lic
-  #    # Relative to ARTIFACTORY_HOME/
-  #    target: etc/
-
-  # Sidecar containers for tailing Artifactory logs
-  loggers: []
-  # - request.log
-  # - event.log
-  # - binarystore.log
-  # - request_trace.log
-  # - access.log
-  # - artifactory.log
-  # - build_info_migration.log
-
-  # Sidecar containers for tailing Tomcat (catalina) logs
-  catalinaLoggers: []
-  # - catalina.log
-  # - host-manager.log
-  # - localhost.log
-  # - manager.log
-
-  ## Add custom init containers execution before predefined init containers
-  customInitContainersBegin: |
-    - name: "custom-setup"
-      image: "{{ .Values.initContainerImage }}"
-      imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
-      command:
-        - 'sh'
-        - '-c'
-        - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'
-      securityContext:
-          runAsUser: 0
-      volumeMounts:
-        - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
-          name: volume
-  ## Add custom init containers
-
-  ## Add custom init containers execution after predefined init containers
-  customInitContainers: |
-  #  - name: "custom-setup"
-  #    image: "{{ .Values.initContainerImage }}"
-  #    imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
-  #    command:
-  #      - 'sh'
-  #      - '-c'
-  #      - 'touch {{ .Values.artifactory.persistence.mountPath }}/example-custom-setup'
-  #    volumeMounts:
-  #      - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
-  #        name: volume
-
-  ## Add custom sidecar containers
-  # - The provided example uses a custom volume (customVolumes)
-  # - The provided example shows running container as root (id 0)
-  customSidecarContainers: |
-  #  - name: "sidecar-list-etc"
-  #    image: "{{ .Values.initContainerImage }}"
-  #    imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
-  #    securityContext:
-  #      runAsUser: 0
-  #      fsGroup: 0
-  #    command:
-  #      - 'sh'
-  #      - '-c'
-  #      - 'sh /scripts/script.sh'
-  #    volumeMounts:
-  #      - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
-  #        name: volume
-  #      - mountPath: "/scripts/script.sh"
-  #        name: custom-script
-  #        subPath: script.sh
-  #    resources:
-  #      requests:
-  #        memory: "32Mi"
-  #        cpu: "50m"
-  #      limits:
-  #        memory: "128Mi"
-  #        cpu: "100m"
-
-  ## Add custom volumes
-  customVolumes: |
-  #  - name: custom-script
-  #    configMap:
-  #      name: custom-script
-
-  ## Add custom volumesMounts
-  customVolumeMounts: |
-  #  - name: custom-script
-  #    mountPath: "/scripts/script.sh"
-  #    subPath: script.sh
-  #  - name: posthook-start
-  #    mountPath: "/scripts/posthoook-start.sh"
-  #    subPath: posthoook-start.sh
-  #  - name: prehook-start
-  #    mountPath: "/scripts/prehook-start.sh"
-  #    subPath: prehook-start.sh
-
-  # Add custom persistent volume mounts - Available for the pod
-  customPersistentPodVolumeClaim: {}
-  #  name:
-  #  mountPath:
-  #  accessModes:
-  #   - "-"
-  #  size:
-  #  storageClassName:
-
-  # Add custom persistent volume mounts - Available to the entire namespace
-  customPersistentVolumeClaim: {}
-  #  name:
-  #  mountPath:
-  #  accessModes:
-  #   - "-"
-  #  size:
-  #  storageClassName:
-
-  ## Artifactory HA requires a unique master key. Each Artifactory node must have the same master key!
-  ## You can generate one with the command: 'openssl rand -hex 16'
-  ## Pass it to helm with '--set artifactory.masterKey=${MASTER_KEY}'
-  ## Alternatively, you can use a pre-existing secret with a key called master-key by specifying masterKeySecretName
-  ## IMPORTANT: You should NOT use the example masterKey for a production deployment!
-  masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-  # masterKeySecretName:
-
-  ## Join Key to connect to other services to Artifactory
-  ## IMPORTANT: You should NOT use the example joinKey for a production deployment!
-  joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
-
-  binarystore:
-    enabled: true
-
-  accessAdmin:
-    ip: "127.0.0.1"
-    password:
-    secret:
-    dataKey:
-
-  ## Artifactory license.
-  license:
-    ## licenseKey is the license key in plain text. Use either this or the license.secret setting
-    licenseKey:
-    ## If artifactory.license.secret is passed, it will be mounted as
-    ## ARTIFACTORY_HOME/etc/artifactory.lic and loaded at run time.
-    secret:
-    ## The dataKey should be the name of the secret data key created.
-    dataKey:
-
-  ## Create configMap with artifactory.config.import.xml and security.import.xml and pass name of configMap in following parameter
-  configMapName:
-
-  # Add any list of configmaps to Artifactory
-  configMaps: |
-  #  posthook-start.sh: |-
-  #    echo "This is a post start script"
-  #  posthook-end.sh: |-
-  #    echo "This is a post end script"
-
-  ## List of secrets for Artifactory user plugins.
-  ## One Secret per plugin's files.
-  userPluginSecrets:
-  #  - archive-old-artifacts
-  #  - build-cleanup
-  #  - webhook
-  #  - '{{ template "my-chart.fullname" . }}'
-
-  ## Extra pre-start command to install JDBC driver for MySql/MariaDb/Oracle
-  # preStartCommand: "wget -O /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar"
-  ## Extra post-start command to run extra commands after container starts
-  # postStartCommand:
-
-  ## Extra environment variables that can be used to tune Artifactory to your needs.
-  ## Uncomment and set value as needed
-  extraEnvironmentVariables: |
-    - name: JF_SHARED_DATABSE_USERNAME
-      value: "artifactory"
-    - name: JF_SHARED_DATABASE_PASSWORD
-      valueFrom:
-        secretKeyRef:
-          name: {{ .Release.Name }}-postgresql
-          key: postgresql-password
-    - name: POSTGRES_DB
-      value: "artifactory"
-
-  # TODO: Fix javaOpts for member nodes (currently uses primary settings for all nodes)
-  systemYaml: |
-    shared:
-      extraJavaOpts: >
-      {{- with .Values.artifactory.primary.javaOpts }}
-        -Dartifactory.async.corePoolSize={{ .corePoolSize }}
-      {{- if .xms }}
-        -Xms{{ .xms }}
-      {{- end }}
-      {{- if .xmx }}
-        -Xmx{{ .xmx }}
-      {{- end }}
-      {{- if .jmx.enabled }}
-        -Dcom.sun.management.jmxremote
-        -Dcom.sun.management.jmxremote.port={{ .jmx.port }}
-        -Dcom.sun.management.jmxremote.rmi.port={{ .jmx.port }}
-        -Dcom.sun.management.jmxremote.ssl={{ .jmx.ssl }}
-      {{- if .jmx.host }}
-        -Djava.rmi.server.hostname={{ tpl .jmx.host $ }}
-      {{- else }}
-        -Djava.rmi.server.hostname={{ template "artifactory-ha.fullname" $ }}
-      {{- end }}
-      {{- if .jmx.authenticate }}
-        -Dcom.sun.management.jmxremote.authenticate=true
-        -Dcom.sun.management.jmxremote.access.file={{ .jmx.accessFile }}
-        -Dcom.sun.management.jmxremote.password.file={{ .jmx.passwordFile }}
-      {{- else }}
-        -Dcom.sun.management.jmxremote.authenticate=false
-      {{- end }}
-      {{- end }}
-      {{- if .other }}
-        {{ .other }}
-      {{- end }}
-      {{- end }}
-      database:
-      {{- if .Values.postgresql.enabled }}
-        type: postgresql
-        url: 'jdbc:postgresql://{{ .Release.Name }}-postgresql:{{ .Values.postgresql.service.port }}/{{ .Values.postgresql.postgresqlDatabase }}'
-        host: ''
-        driver: org.postgresql.Driver
-        username: '{{ .Values.postgresql.postgresqlUsername }}'
-        password: '{{ .Values.postgresql.postgresqlPassword }}'
-      {{ else }}
-        type: '{{ .Values.database.type }}'
-        url: '{{ .Values.database.url }}'
-        driver: '{{ .Values.database.driver }}'
-        username: '{{ .Values.database.user }}'
-        password: '{{ .Values.database.password }}'
-      {{- end }}
-      security:
-        joinKey: '{{ .Values.artifactory.joinKey }}'
-        masterKey: '{{ .Values.artifactory.masterKey }}'
-    artifactory:
-    {{- if .Values.artifactory.haDataDir.enabled }}
-      node:
-        haDataDir: {{ .Values.artifactory.haDataDir.path }}
-    {{- end }}
-      database:
-        maxOpenConnections: {{ .Values.artifactory.database.maxOpenConnections }}
-    access:
-      database:
-        maxOpenConnections: '{{ .Values.access.database.maxOpenConnections }}'
-      {{- if .Values.access.database.enabled }}
-        type: '{{ .Values.access.database.type }}'
-        url: '{{ .Values.access.database.url }}'
-        driver: '{{ .Values.access.database.driver }}'
-        username: '{{ .Values.access.database.user }}'
-        password: '{{ .Values.access.database.password }}'
-      {{- end }}
-
-  ## IMPORTANT: If overriding artifactory.internalPort:
-  ## DO NOT use port lower than 1024 as Artifactory runs as non-root and cannot bind to ports lower than 1024!
-  externalPort: 8082
-  internalPort: 8082
-  externalArtifactoryPort: 8081
-  internalArtifactoryPort: 8081
-  uid: 1030
-  terminationGracePeriodSeconds: 30
-  ## The following settings are to configure the frequency of the liveness and readiness probes
-  livenessProbe:
-    enabled: true
-    path: /router/api/v1/system/health
-    initialDelaySeconds: 180
-    failureThreshold: 10
-    timeoutSeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-
-  readinessProbe:
-    enabled: true
-    path: /router/api/v1/system/health
-    initialDelaySeconds: 60
-    failureThreshold: 10
-    timeoutSeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-
-  persistence:
-    enabled: true
-    local: false
-    redundancy: 3
-    mountPath: "/var/opt/jfrog/artifactory"
-    accessMode: ReadWriteOnce
-    size: 200Gi
-
-    ## Use a custom Secret to be mounted as your binarystore.xml
-    ## NOTE: This will ignore all settings below that make up binarystore.xml
-    customBinarystoreXmlSecret:
-
-    maxCacheSize: 50000000000
-    cacheProviderDir: cache
-    eventual:
-      numberOfThreads: 10
-    ## artifactory data Persistent Volume Storage Class
-    ## If defined, storageClassName: <storageClass>
-    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-    ## If undefined (the default) or set to null, no storageClassName spec is
-    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-    ##   GKE, AWS & OpenStack)
-    ##
-    # storageClassName: "-"
-
-    ## Set the persistence storage type. This will apply the matching binarystore.xml to Artifactory config
-    ## Supported types are:
-    ## file-system (default)
-    ## nfs
-    ## google-storage
-    ## aws-s3
-    ## azure-blob
-    type: file-system
-
-    ## Use binarystoreXml to provide a custom binarystore.xml
-    ## This can be a template or hardcoded.
-    binarystoreXml: |
-      {{- if eq .Values.artifactory.persistence.type "file-system" }}
-      <!-- File system replication -->
-      {{- if .Values.artifactory.persistence.fileSystem.existingSharedClaim.enabled }}
-      <!-- File Storage - Dynamic for Artifactory files, pre-created for DATA and BACKUP -->
-      <config version="4">
-          <chain>
-              <provider id="cache-fs" type="cache-fs">                   <!-- This is a cached filestore -->
-                  <provider id="sharding" type="sharding">                   <!-- This is a sharding provider -->
-                      {{- range $sharedClaimNumber, $e := until (.Values.artifactory.persistence.fileSystem.existingSharedClaim.numberOfExistingClaims|int) -}}
-                      <sub-provider id="shard{{ $sharedClaimNumber }}" type="state-aware"/>
-                      {{- end }}
-                  </provider>
-              </provider>
-          </chain>
-
-          <provider id="cache-fs" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-          // Specify the read and write strategy and redundancy for the sharding binary provider
-          <provider id="sharding" type="sharding">
-              <readBehavior>roundRobin</readBehavior>
-              <writeBehavior>percentageFreeSpace</writeBehavior>
-              <redundancy>2</redundancy>
-          </provider>
-
-          {{- range $sharedClaimNumber, $e := until (.Values.artifactory.persistence.fileSystem.existingSharedClaim.numberOfExistingClaims|int) -}}
-          //For each sub-provider (mount), specify the filestore location
-          <provider id="shard{{ $sharedClaimNumber }}" type="state-aware">
-              <fileStoreDir>filestore{{ $sharedClaimNumber }}</fileStoreDir>
-          </provider>
-          {{- end }}
-      </config>
-      {{- else }}
-      <config version="2">
-          <chain>
-              <provider id="cache-fs" type="cache-fs">
-                  <provider id="sharding-cluster" type="sharding-cluster">
-                      <readBehavior>crossNetworkStrategy</readBehavior>
-                      <writeBehavior>crossNetworkStrategy</writeBehavior>
-                      <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
-                      <lenientLimit>2</lenientLimit>
-                      <minSpareUploaderExecutor>2</minSpareUploaderExecutor>
-                      <sub-provider id="state-aware" type="state-aware"/>
-                      <dynamic-provider id="remote" type="remote"/>
-                      <property name="zones" value="local,remote"/>
-                  </provider>
-              </provider>
-          </chain>
-
-          <provider id="cache-fs" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-          <!-- Shards add local file-system provider configuration -->
-          <provider id="state-aware" type="state-aware">
-              <fileStoreDir>shard-fs-1</fileStoreDir>
-              <zone>local</zone>
-          </provider>
-
-          <!-- Shards dynamic remote provider configuration -->
-          <provider id="remote" type="remote">
-              <checkPeriod>30</checkPeriod>
-              <serviceId>tester-remote1</serviceId>
-              <timeout>10000</timeout>
-              <zone>remote</zone>
-              <property name="header.remote.block" value="true"/>
-          </provider>
-      </config>
-      {{- end }}
-      {{- end }}
-      {{- if eq .Values.artifactory.persistence.type "google-storage" }}
-      <!-- Google storage -->
-      <config version="2">
-          <chain>
-              <provider id="sharding-cluster" type="sharding-cluster">
-                  <readBehavior>crossNetworkStrategy</readBehavior>
-                  <writeBehavior>crossNetworkStrategy</writeBehavior>
-                  <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
-                  <minSpareUploaderExecutor>2</minSpareUploaderExecutor>
-                  <sub-provider id="eventual-cluster" type="eventual-cluster">
-                      <provider id="retry" type="retry">
-                          <provider id="google-storage" type="google-storage"/>
-                      </provider>
-                  </sub-provider>
-                  <dynamic-provider id="remote" type="remote"/>
-                  <property name="zones" value="local,remote"/>
-              </provider>
-          </chain>
-
-          <!-- Set max cache-fs size -->
-          <provider id="cache-fs" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-          <provider id="eventual-cluster" type="eventual-cluster">
-              <zone>local</zone>
-          </provider>
-
-          <provider id="remote" type="remote">
-              <checkPeriod>30</checkPeriod>
-              <timeout>10000</timeout>
-              <zone>remote</zone>
-          </provider>
-
-          <provider id="file-system" type="file-system">
-              <fileStoreDir>{{ .Values.artifactory.persistence.mountPath }}/data/filestore</fileStoreDir>
-              <tempDir>/tmp</tempDir>
-          </provider>
-
-          <provider id="google-storage" type="google-storage">
-              <providerId>google-cloud-storage</providerId>
-              <endpoint>{{ .Values.artifactory.persistence.googleStorage.endpoint }}</endpoint>
-              <httpsOnly>{{ .Values.artifactory.persistence.googleStorage.httpsOnly }}</httpsOnly>
-              <bucketName>{{ .Values.artifactory.persistence.googleStorage.bucketName }}</bucketName>
-              <identity>{{ .Values.artifactory.persistence.googleStorage.identity }}</identity>
-              <credential>{{ .Values.artifactory.persistence.googleStorage.credential }}</credential>
-              <path>{{ .Values.artifactory.persistence.googleStorage.path }}</path>
-              <bucketExists>{{ .Values.artifactory.persistence.googleStorage.bucketExists }}</bucketExists>
-          </provider>
-      </config>
-      {{- end }}
-      {{- if eq .Values.artifactory.persistence.type "aws-s3-v3" }}
-      <!-- AWS S3 V3 -->
-      <config version="2">
-          <chain> <!--template="cluster-s3-storage-v3"-->
-              <provider id="cache-fs-eventual-s3" type="cache-fs">
-                  <provider id="sharding-cluster-eventual-s3" type="sharding-cluster">
-                      <sub-provider id="eventual-cluster-s3" type="eventual-cluster">
-                          <provider id="retry-s3" type="retry">
-                              <provider id="s3-storage-v3" type="s3-storage-v3"/>
-                          </provider>
-                      </sub-provider>
-                      <dynamic-provider id="remote-s3" type="remote"/>
-                  </provider>
-              </provider>
-          </chain>
-
-          <provider id="sharding-cluster-eventual-s3" type="sharding-cluster">
-              <readBehavior>crossNetworkStrategy</readBehavior>
-              <writeBehavior>crossNetworkStrategy</writeBehavior>
-              <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
-              <property name="zones" value="local,remote"/>
-          </provider>
-
-          <provider id="remote-s3" type="remote">
-              <zone>remote</zone>
-          </provider>
-
-          <provider id="eventual-cluster-s3" type="eventual-cluster">
-              <zone>local</zone>
-          </provider>
-
-          <!-- Set max cache-fs size -->
-          <provider id="cache-fs-eventual-s3" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-        {{- with .Values.artifactory.persistence.awsS3V3 }}
-          <provider id="s3-storage-v3" type="s3-storage-v3">
-              <testConnection>{{ .testConnection }}</testConnection>
-            {{- if .identity }}
-              <identity>{{ .identity }}</identity>
-            {{- end }}
-            {{- if .credential }}
-              <credential>{{ .credential }}</credential>
-            {{- end }}
-              <region>{{ .region }}</region>
-              <bucketName>{{ .bucketName }}</bucketName>
-              <path>{{ .path }}</path>
-              <endpoint>{{ .endpoint }}</endpoint>
-            {{- with .kmsServerSideEncryptionKeyId }}
-              <kmsServerSideEncryptionKeyId>{{ . }}</kmsServerSideEncryptionKeyId>
-            {{- end }}
-            {{- with .kmsKeyRegion }}
-              <kmsKeyRegion>{{ . }}</kmsKeyRegion>
-            {{- end }}
-            {{- with .kmsCryptoMode }}
-              <kmsCryptoMode>{{ . }}</kmsCryptoMode>
-            {{- end }}
-              <useInstanceCredentials>true</useInstanceCredentials>
-              <usePresigning>{{ .usePresigning }}</usePresigning>
-              <signatureExpirySeconds>{{ .signatureExpirySeconds }}</signatureExpirySeconds>
-            {{- with .cloudFrontDomainName }}
-              <cloudFrontDomainName>{{ . }}</cloudFrontDomainName>
-            {{- end }}
-            {{- with .cloudFrontKeyPairId }}
-              <cloudFrontKeyPairId>{{ .cloudFrontKeyPairId }}</cloudFrontKeyPairId>
-            {{- end }}
-            {{- with .cloudFrontPrivateKey }}
-              <cloudFrontPrivateKey>{{ . }}</cloudFrontPrivateKey>
-            {{- end }}
-          </provider>
-        {{- end }}
-      </config>
-      {{- end }}
-
-      {{- if eq .Values.artifactory.persistence.type "aws-s3" }}
-      <!-- AWS S3 -->
-      <config version="2">
-          <chain> <!--template="cluster-s3"-->
-              <provider id="cache-fs" type="cache-fs">
-                  <provider id="sharding-cluster" type="sharding-cluster">
-                      <sub-provider id="eventual-cluster" type="eventual-cluster">
-                          <provider id="retry-s3" type="retry">
-                              <provider id="s3" type="s3"/>
-                          </provider>
-                      </sub-provider>
-                      <dynamic-provider id="remote" type="remote"/>
-                  </provider>
-              </provider>
-          </chain>
-
-          <!-- Set max cache-fs size -->
-          <provider id="cache-fs" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-          <provider id="eventual-cluster" type="eventual-cluster">
-              <zone>local</zone>
-          </provider>
-
-          <provider id="remote" type="remote">
-              <checkPeriod>30</checkPeriod>
-              <timeout>10000</timeout>
-              <zone>remote</zone>
-          </provider>
-
-          <provider id="sharding-cluster" type="sharding-cluster">
-              <readBehavior>crossNetworkStrategy</readBehavior>
-              <writeBehavior>crossNetworkStrategy</writeBehavior>
-              <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
-              <property name="zones" value="local,remote"/>
-          </provider>
-
-          <provider id="s3" type="s3">
-              <endpoint>{{ .Values.artifactory.persistence.awsS3.endpoint }}</endpoint>
-          {{- if .Values.artifactory.persistence.awsS3.roleName }}
-              <roleName>{{ .Values.artifactory.persistence.awsS3.roleName }}</roleName>
-              <refreshCredentials>true</refreshCredentials>
-          {{- else }}
-              <refreshCredentials>{{ .Values.artifactory.persistence.awsS3.refreshCredentials }}</refreshCredentials>
-          {{- end }}
-              <s3AwsVersion>{{ .Values.artifactory.persistence.awsS3.s3AwsVersion }}</s3AwsVersion>
-              <testConnection>{{ .Values.artifactory.persistence.awsS3.testConnection }}</testConnection>
-              <httpsOnly>{{ .Values.artifactory.persistence.awsS3.httpsOnly }}</httpsOnly>
-              <region>{{ .Values.artifactory.persistence.awsS3.region }}</region>
-              <bucketName>{{ .Values.artifactory.persistence.awsS3.bucketName }}</bucketName>
-          {{- if .Values.artifactory.persistence.awsS3.identity }}
-              <identity>{{ .Values.artifactory.persistence.awsS3.identity }}</identity>
-          {{- end }}
-          {{- if .Values.artifactory.persistence.awsS3.credential }}
-              <credential>{{ .Values.artifactory.persistence.awsS3.credential }}</credential>
-          {{- end }}
-              <path>{{ .Values.artifactory.persistence.awsS3.path }}</path>
-          {{- range $key, $value := .Values.artifactory.persistence.awsS3.properties }}
-              <property name="{{ $key }}" value="{{ $value }}"/>
-          {{- end }}
-          </provider>
-      </config>
-      {{- end }}
-      {{- if eq .Values.artifactory.persistence.type "azure-blob" }}
-      <!-- Azure Blob Storage -->
-      <config version="2">
-          <chain> <!--template="cluster-azure-blob-storage"-->
-              <provider id="cache-fs" type="cache-fs">
-                  <provider id="sharding-cluster" type="sharding-cluster">
-                      <sub-provider id="eventual-cluster" type="eventual-cluster">
-                          <provider id="retry-azure-blob-storage" type="retry">
-                              <provider id="azure-blob-storage" type="azure-blob-storage"/>
-                          </provider>
-                      </sub-provider>
-                      <dynamic-provider id="remote" type="remote"/>
-                  </provider>
-              </provider>
-          </chain>
-
-          <!-- Set max cache-fs size -->
-          <provider id="cache-fs" type="cache-fs">
-              <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
-              <cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
-          </provider>
-
-          <!-- cluster eventual Azure Blob Storage Service default chain -->
-          <provider id="sharding-cluster" type="sharding-cluster">
-              <readBehavior>crossNetworkStrategy</readBehavior>
-              <writeBehavior>crossNetworkStrategy</writeBehavior>
-              <redundancy>2</redundancy>
-              <lenientLimit>1</lenientLimit>
-              <property name="zones" value="local,remote"/>
-          </provider>
-
-          <provider id="remote" type="remote">
-              <zone>remote</zone>
-          </provider>
-
-          <provider id="eventual-cluster" type="eventual-cluster">
-              <zone>local</zone>
-          </provider>
-
-          <!--cluster eventual template-->
-          <provider id="azure-blob-storage" type="azure-blob-storage">
-              <accountName>{{ .Values.artifactory.persistence.azureBlob.accountName }}</accountName>
-              <accountKey>{{ .Values.artifactory.persistence.azureBlob.accountKey }}</accountKey>
-              <endpoint>{{ .Values.artifactory.persistence.azureBlob.endpoint }}</endpoint>
-              <containerName>{{ .Values.artifactory.persistence.azureBlob.containerName }}</containerName>
-              <testConnection>{{ .Values.artifactory.persistence.azureBlob.testConnection }}</testConnection>
-          </provider>
-      </config>
-      {{- end }}
-
-    ## For artifactory.persistence.type file-system
-    fileSystem:
-      ## You may also use existing shared claims for the data and backup storage. This allows storage (NAS for example) to be used for Data and Backup dirs which are safe to share across multiple artifactory nodes.
-      ## You may specify numberOfExistingClaims to indicate how many of these existing shared claims to mount. (Default = 1)
-      ## Create PVCs with ReadWriteMany that match the naming convetions:
-      ##   {{ template "artifactory-ha.fullname" . }}-data-pvc-<claim-ordinal>
-      ##   {{ template "artifactory-ha.fullname" . }}-backup-pvc-<claim-ordinal>
-      ## Example (using numberOfExistingClaims: 2)
-      ##   myexample-artifactory-ha-data-pvc-0
-      ##   myexample-artifactory-ha-backup-pvc-0
-      ##   myexample-artifactory-ha-data-pvc-1
-      ##   myexample-artifactory-ha-backup-pvc-1
-      ## Note: While you need two PVC fronting two PVs, multiple PVs can be attached to the same storage in many cases allowing you to share an underlying drive.
-
-      ## Need to have the following set
-      existingSharedClaim:
-        enabled: false
-        numberOfExistingClaims: 1
-        ## Should be a child directory of {{ .Values.artifactory.persistence.mountPath }}
-        dataDir: "{{ .Values.artifactory.persistence.mountPath }}/artifactory-data"
-        backupDir: "/var/opt/jfrog/artifactory-backup"
-
-
-    ## For artifactory.persistence.type nfs
-    ## If using NFS as the shared storage, you must have a running NFS server that is accessible by your Kubernetes
-    ## cluster nodes.
-    ## Need to have the following set
-    nfs:
-      # Must pass actual IP of NFS server with '--set For artifactory.persistence.nfs.ip=${NFS_IP}'
-      ip:
-      haDataMount: "/data"
-      haBackupMount: "/backup"
-      dataDir: "/var/opt/jfrog/artifactory-ha"
-      backupDir: "/var/opt/jfrog/artifactory-backup"
-      capacity: 200Gi
-      mountOptions: []
-    ## For artifactory.persistence.type google-storage
-    googleStorage:
-      endpoint: storage.googleapis.com
-      httpsOnly: false
-      # Set a unique bucket name
-      bucketName: "artifactory-ha-gcp"
-      identity:
-      credential:
-      path: "artifactory-ha/filestore"
-      bucketExists: false
-
-    ## For artifactory.persistence.type aws-s3-v3
-    awsS3V3:
-      testConnection: false
-      identity:
-      credential:
-      region:
-      bucketName: artifactory-aws
-      path: artifactory/filestore
-      endpoint:
-      kmsServerSideEncryptionKeyId:
-      kmsKeyRegion:
-      kmsCryptoMode:
-      useInstanceCredentials: true
-      usePresigning: false
-      signatureExpirySeconds: 300
-      cloudFrontDomainName:
-      cloudFrontKeyPairId:
-      cloudFrontPrivateKey:
-
-    ## For artifactory.persistence.type aws-s3
-    ## IMPORTANT: Make sure S3 `endpoint` and `region` match! See https://docs.aws.amazon.com/general/latest/gr/rande.html
-    awsS3:
-      # Set a unique bucket name
-      bucketName: "artifactory-ha-aws"
-      endpoint:
-      region:
-      roleName:
-      identity:
-      credential:
-      path: "artifactory-ha/filestore"
-      refreshCredentials: true
-      httpsOnly: true
-      testConnection: false
-      s3AwsVersion: "AWS4-HMAC-SHA256"
-
-      ## Additional properties to set on the s3 provider
-      properties: {}
-      #  httpclient.max-connections: 100
-    ## For artifactory.persistence.type azure-blob
-    azureBlob:
-      accountName:
-      accountKey:
-      endpoint:
-      containerName:
-      testConnection: false
-  service:
-    name: artifactory
-    type: ClusterIP
-    ## For supporting whitelist on the Artifactory service (useful if setting service.type=LoadBalancer)
-    ## Set this to a list of IP CIDR ranges
-    ## Example: loadBalancerSourceRanges: ['10.10.10.5/32', '10.11.10.5/32']
-    ## or pass from helm command line
-    ## Example: helm install ... --set nginx.service.loadBalancerSourceRanges='{10.10.10.5/32,10.11.10.5/32}'
-    loadBalancerSourceRanges: []
-    annotations: {}
-    ## Which nodes in the cluster should be in the external load balancer pool (have external traffic routed to them)
-    ## Supported pool values
-    ## members
-    ## all
-    pool: members
-
-  ## The following Java options are passed to the java process running Artifactory.
-  ## This will be passed to all cluster members. Primary and member nodes.
-  javaOpts: {}
-    # other: ""
-  annotations: {}
-
-  ## Type specific configurations.
-  ## There is a difference between the primary and the member nodes.
-  ## Customising their resources and java parameters is done here.
-  primary:
-    name: artifactory-ha-primary
-    labels: {}
-    persistence:
-      ## Set existingClaim to true or false
-      ## If true, you must prepare a PVC with the name e.g `volume-myrelease-artifactory-ha-primary-0`
-      existingClaim: false
-    ## Resources for the primary node
-    resources: {}
-    #  requests:
-    #    memory: "1Gi"
-    #    cpu: "500m"
-    #  limits:
-    #    memory: "2Gi"
-    #    cpu: "1"
-    ## The following Java options are passed to the java process running Artifactory primary node.
-    ## You should set them according to the resources set above
-    javaOpts:
-      # xms: "1g"
-      # xmx: "2g"
-      corePoolSize: 16
-      jmx:
-        enabled: false
-        port: 9010
-        host:
-        ssl: false
-      # When authenticate is true, accessFile and passwordFile are required
-        authenticate: false
-        accessFile:
-        passwordFile:
-      # other: ""
-    nodeSelector: {}
-
-    tolerations: []
-
-    affinity: {}
-    ## Only used if "affinity" is empty
-    podAntiAffinity:
-      ## Valid values are "soft" or "hard"; any other value indicates no anti-affinity
-      type: ""
-      topologyKey: "kubernetes.io/hostname"
-
-  node:
-    name: artifactory-ha-member
-    labels: {}
-    persistence:
-      ## Set existingClaim to true or false
-      ## If true, you must prepare a PVC with the name e.g `volume-myrelease-artifactory-ha-member-0`
-      existingClaim: false
-    replicaCount: 2
-    minAvailable: 1
-    ## Resources for the member nodes
-    resources: {}
-    #  requests:
-    #    memory: "1Gi"
-    #    cpu: "500m"
-    #  limits:
-    #    memory: "2Gi"
-    #    cpu: "1"
-    ## The following Java options are passed to the java process running Artifactory member nodes.
-    ## You should set them according to the resources set above
-    javaOpts:
-      # xms: "1g"
-      # xmx: "2g"
-      corePoolSize: 16
-      jmx:
-        enabled: false
-        port: 9010
-        host:
-        ssl: false
-      # When authenticate is true, accessFile and passwordFile are required
-        authenticate: false
-        accessFile:
-        passwordFile:
-      # other: ""
-    #  xms: "1g"
-    #  xmx: "2g"
-    #  other: ""
-    nodeSelector: {}
-    waitForPrimaryStartup:
-      enabled: true
-      time: 60
-
-    tolerations: []
-
-    ## Complete specification of the "affinity" of the member nodes; if this is non-empty,
-    ## "podAntiAffinity" values are not used.
-    affinity: {}
-
-    ## Only used if "affinity" is empty
-    podAntiAffinity:
-      ## Valid values are "soft" or "hard"; any other value indicates no anti-affinity
-      type: ""
-      topologyKey: "kubernetes.io/hostname"
-
-access:
-  database:
-    maxOpenConnections: 80
-
-# Init containers
-initContainers:
-  resources: {}
-#    requests:
-#      memory: "64Mi"
-#      cpu: "10m"
-#    limits:
-#      memory: "128Mi"
-#      cpu: "250m"
-
-
-# Nginx
-nginx:
-  enabled: true
-  name: nginx
-  labels: {}
-  replicaCount: 1
-  uid: 104
-  gid: 107
-  image:
-    # repository: "docker.bintray.io/jfrog/nginx-artifactory-pro"
-    repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/nginx-artifactory-pro
-    # Note that by default we use appVersion to get image tag
-    # version:
-    pullPolicy: IfNotPresent
-
-
-  # Sidecar containers for tailing Nginx logs
-  loggers: []
-  # - access.log
-  # - error.log
-
-  mainConf: |
-    # Main Nginx configuration file
-    worker_processes  4;
-    error_log  {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;
-    pid        /tmp/nginx.pid;
-    events {
-      worker_connections  1024;
-    }
-    http {
-      include       /etc/nginx/mime.types;
-      default_type  application/octet-stream;
-      variables_hash_max_size 1024;
-      variables_hash_bucket_size 64;
-      server_names_hash_max_size 4096;
-      server_names_hash_bucket_size 128;
-      types_hash_max_size 2048;
-      types_hash_bucket_size 64;
-      proxy_read_timeout 2400s;
-      client_header_timeout 2400s;
-      client_body_timeout 2400s;
-      proxy_connect_timeout 75s;
-      proxy_send_timeout 2400s;
-      proxy_buffer_size 32k;
-      proxy_buffers 40 32k;
-      proxy_busy_buffers_size 64k;
-      proxy_temp_file_write_size 250m;
-      proxy_http_version 1.1;
-      client_body_buffer_size 128k;
-      log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-      '$status $body_bytes_sent "$http_referer" '
-      '"$http_user_agent" "$http_x_forwarded_for"';
-      log_format timing 'ip = $remote_addr '
-      'user = \"$remote_user\" '
-      'local_time = \"$time_local\" '
-      'host = $host '
-      'request = \"$request\" '
-      'status = $status '
-      'bytes = $body_bytes_sent '
-      'upstream = \"$upstream_addr\" '
-      'upstream_time = $upstream_response_time '
-      'request_time = $request_time '
-      'referer = \"$http_referer\" '
-      'UA = \"$http_user_agent\"';
-      access_log  {{ .Values.nginx.persistence.mountPath }}/logs/access.log  timing;
-      sendfile        on;
-      #tcp_nopush     on;
-      keepalive_timeout  65;
-      #gzip  on;
-      include /etc/nginx/conf.d/*.conf;
-    }
-
-  artifactoryConf: |
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
-    ssl_certificate  {{ .Values.nginx.persistence.mountPath }}/ssl/tls.crt;
-    ssl_certificate_key  {{ .Values.nginx.persistence.mountPath }}/ssl/tls.key;
-    ssl_session_cache shared:SSL:1m;
-    ssl_prefer_server_ciphers   on;
-    ## server configuration
-    server {
-      {{- if .Values.nginx.internalPortHttps }}
-      listen {{ .Values.nginx.internalPortHttps }} ssl;
-      {{- else -}}
-      {{- if .Values.nginx.https.enabled }}
-      listen {{ .Values.nginx.https.internalPort }} ssl;
-      {{- end }}
-      {{- end }}
-      {{- if .Values.nginx.internalPortHttp }}
-      listen {{ .Values.nginx.internalPortHttp }};
-      {{- else -}}
-      {{- if .Values.nginx.http.enabled }}
-      listen {{ .Values.nginx.http.internalPort }};
-      {{- end }}
-      {{- end }}
-      server_name ~(?<repo>.+)\.{{ include "artifactory-ha.fullname" . }} {{ include "artifactory-ha.fullname" . }}
-      {{- range .Values.ingress.hosts -}}
-        {{- if contains "." . -}}
-          {{ "" | indent 0 }} ~(?<repo>.+)\.{{ (splitn "." 2 .)._1  }} {{ . }}
-        {{- end -}}
-      {{- end -}};
-
-      if ($http_x_forwarded_proto = '') {
-        set $http_x_forwarded_proto  $scheme;
-      }
-      ## Application specific logs
-      ## access_log /var/log/nginx/artifactory-access.log timing;
-      ## error_log /var/log/nginx/artifactory-error.log;
-      rewrite ^/artifactory/?$ / redirect;
-      if ( $repo != "" ) {
-        rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/$repo/$1/$2 break;
-      }
-      chunked_transfer_encoding on;
-      client_max_body_size 0;
-
-      location / {
-        proxy_read_timeout  900;
-        proxy_pass_header   Server;
-        proxy_cookie_path   ~*^/.* /;
-        proxy_pass          http://{{ include "artifactory-ha.fullname" . }}:{{ .Values.artifactory.externalPort }}/;
-        proxy_set_header    X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
-        proxy_set_header    X-Forwarded-Port  $server_port;
-        proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
-        proxy_set_header    Host              $http_host;
-        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
-
-        location /artifactory/ {
-          if ( $request_uri ~ ^/artifactory/(.*)$ ) {
-            proxy_pass       http://{{ include "artifactory-ha.fullname" . }}:{{ .Values.artifactory.externalArtifactoryPort }}/artifactory/$1;
-          }
-          proxy_pass          http://{{ include "artifactory-ha.fullname" . }}:{{ .Values.artifactory.externalArtifactoryPort }}/artifactory/;
-        }
-      }
-    }
-
-  service:
-    ## For minikube, set this to NodePort, elsewhere use LoadBalancer
-    #type: NodePort
-    type: LoadBalancer
-    #type: ClusterIP
-    ## For supporting whitelist on the Nginx LoadBalancer service
-    ## Set this to a list of IP CIDR ranges
-    ## Example: loadBalancerSourceRanges: ['10.10.10.5/32', '10.11.10.5/32']
-    ## or pass from helm command line
-    ## Example: helm install ... --set nginx.service.loadBalancerSourceRanges='{10.10.10.5/32,10.11.10.5/32}'
-    loadBalancerSourceRanges: []
-    ## Provide static ip address
-    loadBalancerIP:
-    ## There are two available options: “Cluster” (default) and “Local”.
-    externalTrafficPolicy: Cluster
-    labels: {}
-    #  label-key: label-value
-  http:
-    enabled: true
-    externalPort: 80
-    internalPort: 80
-  https:
-    enabled: true
-    externalPort: 443
-    internalPort: 443
-  # DEPRECATED: The following will be replaced by L1065-L1076 in a future release
-  # externalPortHttp: 80
-  # internalPortHttp: 80
-  # externalPortHttps: 443
-  # internalPortHttps: 443
-
-  ## The following settings are to configure the frequency of the liveness and readiness probes
-  livenessProbe:
-    enabled: true
-    path: /router/api/v1/system/health
-    initialDelaySeconds: 60
-    failureThreshold: 10
-    timeoutSeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-
-  readinessProbe:
-    enabled: true
-    path: /router/api/v1/system/health
-    initialDelaySeconds: 10
-    failureThreshold: 10
-    timeoutSeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-  ## The SSL secret that will be used by the Nginx pod
-  # tlsSecretName: chart-example-tls
-  ## Custom ConfigMap for nginx.conf
-  customConfigMap:
-  ## Custom ConfigMap for artifactory.conf
-  customArtifactoryConfigMap:
-  persistence:
-    mountPath: "/var/opt/jfrog/nginx"
-    enabled: false
-    ## A manually managed Persistent Volume and Claim
-    ## Requires persistence.enabled: true
-    ## If defined, PVC must be created manually before volume will be bound
-    # existingClaim:
-
-    accessMode: ReadWriteOnce
-    size: 5Gi
-    ## nginx data Persistent Volume Storage Class
-    ## If defined, storageClassName: <storageClass>
-    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-    ## If undefined (the default) or set to null, no storageClassName spec is
-    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-    ##   GKE, AWS & OpenStack)
-    ##
-    # storageClassName: "-"
-  resources: {}
-  #  requests:
-  #    memory: "250Mi"
-  #    cpu: "100m"
-  #  limits:
-  #    memory: "250Mi"
-  #    cpu: "500m"
-
-  nodeSelector: {}
-
-  tolerations: []
-
-  affinity: {}
-
-# Filebeat Sidecar container
-## The provided filebeat configuration is for Artifactory logs. It assumes you have a logstash installed and configured properly.
-filebeat:
-  enabled: false
-  name: artifactory-filebeat
-  image:
-    repository: "docker.elastic.co/beats/filebeat"
-    version: 7.5.1
-  logstashUrl: "logstash:5044"
-
-  terminationGracePeriod: 10
-
-  livenessProbe:
-    exec:
-      command:
-        - sh
-        - -c
-        - |
-          #!/usr/bin/env bash -e
-          curl --fail 127.0.0.1:5066
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    timeoutSeconds: 5
-
-  readinessProbe:
-    exec:
-      command:
-        - sh
-        - -c
-        - |
-          #!/usr/bin/env bash -e
-          filebeat test output
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    timeoutSeconds: 5
-
-  resources: {}
-#    requests:
-#      memory: "100Mi"
-#      cpu: "100m"
-#    limits:
-#      memory: "100Mi"
-#      cpu: "100m"
-
-  filebeatYml: |
-    logging.level: info
-    path.data: {{ .Values.artifactory.persistence.mountPath }}/log/filebeat
-    name: artifactory-filebeat
-    queue.spool: ~
-    filebeat.inputs:
-    - type: log
-      enabled: true
-      close_eof: ${CLOSE:false}
-      paths:
-         - {{ .Values.artifactory.persistence.mountPath }}/log/*.log
-      fields:
-        service: "jfrt"
-        log_type: "artifactory"
-    output:
-      logstash:
-         hosts: ["{{ .Values.filebeat.logstashUrl }}"]
+# Openshift artifactory ha
+# Requires one custom init container
+# to resolve the user id perm issue with redhat
+artifactory-ha:
+  artifactory:
+    ## Add custom init containers execution before predefined init containers
+    customInitContainersBegin: |
+      - name: "redhat-custom-setup"
+        image: "{{ .Values.initContainerImage }}"
+        imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
+        command:
+          - 'sh'
+          - '-c'
+          - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'
+        securityContext:
+            runAsUser: 0
+        volumeMounts:
+          - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
+            name: volume
+    ## Add custom init containers