From e0f763cc75e371fdb07c9f72bdfad45ca761491a Mon Sep 17 00:00:00 2001 From: sus-admin Date: Wed, 13 Nov 2024 07:54:45 -0500 Subject: [PATCH 1/4] added new blog post, corresponding images, and a new config file "/_includes/figure.liquid" --- _includes/figure.liquid | 84 +++ ...24-11-12-Cobbler-v3.3.6-Beginners-Guide.md | 560 ++++++++++++++++++ images/Cobbler-3.3.6-Beginners_Logical.jpg | Bin 0 -> 59187 bytes images/Cobbler-3.3.6-Beginners_Physical.jpg | Bin 0 -> 46257 bytes 4 files changed, 644 insertions(+) create mode 100644 _includes/figure.liquid create mode 100644 _posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md create mode 100644 images/Cobbler-3.3.6-Beginners_Logical.jpg create mode 100644 images/Cobbler-3.3.6-Beginners_Physical.jpg diff --git a/_includes/figure.liquid b/_includes/figure.liquid new file mode 100644 index 00000000..a8d54dab --- /dev/null +++ b/_includes/figure.liquid @@ -0,0 +1,84 @@ +{% assign img_path = include.path | remove: '.jpg' | remove: '.jpeg' | remove: '.png' | remove: '.tiff' | remove: '.gif' %} +{% assign parts = include.path | split: '.' %} +{% assign ext = parts.last %} + +
+ + + + {% if site.imagemagick.enabled %} + + {% endif %} + {{ include.alt }} + + + {% if include.caption %} +
{{ include.caption }}
+ {% endif %} +
diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md new file mode 100644 index 00000000..426dc5a6 --- /dev/null +++ b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md @@ -0,0 +1,560 @@ +--- +layout: post +title: Cobbler v3.3.6 Beginner's Guide +author: Sus-Admin +summary: Getting started with Cobbler v3.3.6; basic installation, setup and automated PXE client provisioning +--- + +This guide is intended to accompany and extend the official Cobbler [Installation](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html) and [Quick Start](https://cobbler.readthedocs.io/en/v3.3.6/quickstart-guide.html) guides. + +Cobbler is an open-source, system deployment and provisioning software which can simplify and automate operating system installations over the network, as well as rudimentary configuration and patch management capabilities and some other features too. It is a modular solution for deploying systems via PXE, where you would normally have to setup and maintain your own DHCP, TFTP and HTTP servers to provide the full PXE boot+install functionality, Cobbler abstracts all (or some) of those services and manages them for you. Cobbler was initially developed at Red Had and is best suited to deploy Red Hat Linux flavors, like Fedora, but it is fairly capable of deploying just about anything, albeit sometimes requiring some advanced customizations. + +## Table of Contents +{:.no_toc} + +1. TOC +{:toc} + +## Objective + +Starting with a fresh installation of Fedora 34 Server (or Workstation - [Fedora download archive](https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Server/x86_64/iso/)), this guide will detail preparing the system for Cobbler v3.3.6 installation from source, including prerequisite/dependency installations and network setup, and then provide all necessary steps to install and configure Cobbler to automatically provision another LAN host with Fedora 34 or 37 Server through PXE network boot. + +## Environment + +This guide assumes that both the **Cobbler Server** and **PXE Clinet(s)** are running as **virtual machines (VMs)** under the same **Oracle VM VitualBox** *(Windows 10)* host + +- The **Cobbler server VM** is configured with the following system specs: + + - **BIOS or UEFI firmware** + + - **64 GB HDD** + + - **4 GB RAM** + + - **2 vCPUs** + + - **2 virtual network adapters.** + + 1. VirtualBox VM ***Bridged Adapter*** connected to the primary physical NIC on the Windows host so that SSH to the Cobbler server will be more accessible. + + 2. VirtualBox VM ***Internal Network*** adapter named ***"cobbler"*** which will have no external network connectivity (closed LAN; no internet access). + +- The **PXE client VM** *(the target for network installations)* has the following specs: + + - **BIOS or UEFI firmware** with the following boot order *(See* ***Tips & Troubleshooting*** *section below for more info)*: + + 1. Hard Drive + + 2. Network + + - **32 GB HDD** + + - **4 GB RAM** + + - **2 vCPUs** + + - **1 virtual network adapter** which is connected to the same ***"cobbler"*** VirtualBox adapter described above. + +
+
+

Physical Network Diagram

+ {% include figure.liquid loading="eager" path="images/Cobbler-3.3.6-Beginners_Physical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %} +
+ The Cobbler server and PXE client(s) are not shown here, as they are VMs, not physical workstations. +
+
+
+

Logical Network Diagram

+ {% include figure.liquid loading="eager" path="images/Cobbler-3.3.6-Beginners_Logical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %} +
+ The VirtualBox host (my Windows 10 laptop) is only shown for completeness, it is not used in the procedures other than the VM settings described above. +
+
+
+ +--- + +*This exact configuration is not a strict requirement for deploying systems through Cobbler, but it proves that a PXE client is able to boot and install an operating system over the local network without public internet connectivity, using only the resources immediately available on the VM and the Cobbler server, aleviating a potential bandwidth bottleneck at the WAN.* + +## Fedora Server Basics + +As stated above, this document outlines the procedures necessary to install and configure Cobbler v3.3.6 on a Fedora 34 host server for local network installations/provisioning through PXE. Additionally, necessary adjustments will be made for security through **selinux** and **firewalld** on the Cobbler server. As such, it is recommended to keep things simple and **limit the number of additional applications installed** to the Cobbler server to **minimize unexpected firewall and selinux complications.** + +### Updating + +If Cobbler is to be installed on a Fedora 34 *Server* host, and automatic partitioning was used during initial OS installation, be sure to extend the LVM Logical Volme to a more usable capacity (recommended 95%): + +```shell +lvextend /dev/mapper/fedora_$HOSTNAME-root -l+95%FREE -r +``` + +Update the Fedora 34 host with the latest YUM repo updates: + +```shell +yum update +``` + +Install **VirtualBox VM Guest Additions**, either from the YUM repos, or the Guest Adds. CD included with VirtualBox Manager *(YUM method is shown below, but VirtualBox usually recommends using the Guest Adds. CD)*: + +```shell +yum install virtualbox-guest-additions +``` + +### customizing + +Install your preferred Linux sys admin tools and configure some convenient bash settings, for example *(PS1 variable controls bash shell prompt)*: + +```shell +systemctl enable --now ssh +yum install neovim fzf tmux htop net-tools tftp +[ -e ~/.bash_profile ] && echo 'export PS1="\[\e[1;32m\][\u@\h \W]\$ \[\e[0m\]"' | tee -a ~/.bash_profile || echo 'export PS1="\[\e[1;32m\][\u@\h \W]\$ \[\e[0m\]"' | tee -a ~/.bashrc +``` + +SELinux and firewalld will be configured after Cobbler has been tested successfully, disable them for now. + +```shell +sed -i -E "s/SELINUX=(disabled|enforcing)/SELINUX=permissive/" /etc/selinux/config +setenforce permissive +``` + +```shell +systemctl disable --now firewalld +``` + +## Cobbler Basics + +> Now would be a good time to power off the Cobbler server to take a VM snapshot. + +### Dependencies + +Download the Fedora 34 & 37 **Server** installation media (.iso files): + +```shell +[ -d ~/Downloads ] || mkdir ~/Downloads +cd ~/Downloads && wget https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Server/x86_64/iso/Fedora-Server-dvd-x86_64-34-1.2.iso +cd ~/Downloads && wget https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/37/Server/x86_64/iso/Fedora-Server-dvd-x86_64-37-1.7.iso +``` + +Install dependencies for building and installing Cobbler from Source + +```shell +yum install make git python3-devel python3-sphinx python3-coverage openssl httpd-devel +``` + +> Cobbler is also available through the YUM repos, using `yum install cobbler` + +Download **cobbler v3.3.6** source code from the official GitHub repo + +```shell +wget -P ~/Downloads/. https://github.com/cobbler/cobbler/archive/refs/tags/v3.3.6.zip + +mkdir -p /usr/src/cobbler +cd /usr/src/cobbler +unzip -d . ~/Downloads/v3.3.6 +``` + +Install the runtime dependencies and enable system services *(systemd will probably report some errors...)* + +```shell +yum install httpd wget curl rsync dnf-plugins-core dosfstools createrepo_c xorriso python3-mod_wsgi python-cheetah python3-pyyaml python-netaddr python-librepo python-schema syslinux tftp-server dhcp-server pykickstart ipxe-bootimgs ipxe-roms koan mod_ssl python3-pyflakes python3-pycodestyle rpm-build python3-dns python3-file-magic python3-pymongo +systemctl enable --now httpd tftp dhcpd +``` + +Install the GRUB bootloader and module packages so GRUB can be used as the network bootloader for PXE clients: + +```shell +yum install grub2-pc grub2-pc-modules grub2-efi-x64-modules grub2-efi-aa64-modules grub2-efi-arm-modules grub2-efi-ia32-modules grub2-emu-modules grub2-emu-modules grub2-ppc64le-modules grub2-emu +``` + +### Installation + +Install Cobbler + +```shell +cd /usr/src/cobbler/cobbler-3.3.6 +make install +systemctl restart httpd +``` + +Reconfigure the **cobblerd** daemon as described in Cobbler's [official docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#id3): + +```shell +sed -i "s,usr/bin/cobblerd,usr/local/bin/cobblerd," /etc/cobbler/cobblerd.service +cp /etc/cobbler/cobblerd.service /etc/systemd/system/. +systemctl daemon-reload +systemctl enable cobblerd +``` + +### Configuration + +Reconfigure the default Cobbler settings file to match the local server: + +```shell +sed -i "s/manage_dhcp: false/manage_dhcp: true/" /etc/cobbler/settings.yaml +sed -i "s/dhcp_v4: false/dhcp_v4: true/" /etc/cobbler/settings.yaml +sed -i "s/server: 127.0.0.1/server: 10.0.0.10/" /etc/cobbler/settings.yaml +sed -i "s/next_server_v4: 127.0.0.1/next_server_v4: 10.0.0.10/" /etc/cobbler/settings.yaml +``` + +Optionally, toggle some additional settings: + +```shell +sed -i "s/pxe_just_once: true/pxe_just_once: false/" /etc/cobbler/settings.yaml +sed -i "s/enable_ipxe: false/enable_ipxe: true/" /etc/cobbler/settings.yaml +``` + +Edit the subnet decaration in **/etc/cobbler/dhcp.tempate** to match the **enp0s8** interface: + +```shell +subnet 10.0.0.0 netmask 255.255.255.0 { + option routers 10.0.0.1; + option domain-name-servers 10.0.0.1; + option subnet-mask 255.255.255.0; + range dynamic-bootp 10.0.0.100 10.0.0.199; +``` + +Cobbler should now be able to start up and run `sync` and `check` tasks without fatal errors: + +```shell +systemctl restart cobblerd && sleep 10 +cobbler sync && sleep 5 +cobbler check +cobbler mkloaders +``` + +Finally, pull the latest official Cobbler signatures + +```shell +cobbler signature update +systemctl restart cobblerd && sleep 5 +cobbler sync +``` + +**The Cobbler server is now ready to begin importing distros and deploying systems** + +## Fedora 34 PXE Deployment + +Mount the Fedora 34 Server installation media and run the `cobbler import` + +```shell +mkdir /mnt/Fedora +mount -t iso9660 -o loop,ro /home/fedora/Downloads/Fedora-Server-dvd-x86_64-34-1.2.iso /mnt/Fedora +cobbler import --name=Fedora34 --arch=x86_64 --path=/mnt/Fedora +``` + +Optionally, inspect the imported Distribution and child Profile: + +```shell +cobbler distro report +cobbler profile report +``` + +Create a new generic Fedora 34 kickstart file from Cobbler's default `sample.ks` and configure the new Cobbler Profile to use it: + +```shell +cat /var/lib/cobbler/templates/sample.ks | grep -v "\--useshadow" | grep -v ^install | sed 's,selinux --disabled,selinux --permissive,' | sed 's,rootpw --iscrypted \$default_password_crypted,rootpw --iscrypted \$default_password_crypted\nuser --groups=wheel --name=fedora --password=\$default_password_crypted --iscrypted --gecos="fedora",' | tee /var/lib/cobbler/templates/Fedora34.ks +cobbler profile edit --name Fedora34-x86_64 --autoinstall Fedora34.ks +``` + +> This new kickstart file has removed some options that cause fatal errors during installation, and also configures SELinux in `permissive` mode on the resulting system, as well as creating a new admin user named `fedora` which allows for immediate SSH access to the installed system. + +Now, create the **PXE Client** VM according to the specs described in the **Environment** section above and note down the vNIC's MAC address. + +> At this point, you may run the following commands on the Cobbler server, then start the **PXE Client** VM to test a manual installation over PXE. +> +> ```shell +> systemctl restart cobblerd +> cobbler sync +> ``` + +Finally, create a new Cobbler System, replacing `aa:bb:cc:dd:ee:ff` with the MAC Address of the **PXE Client** VM created above, and sync up Cobbler (leave out the `--static true` option to configure the PXE client to use DHCP for its IP configuration post-install; if using DHCP, you may omit all the command parameters following `--hostname fedora34`. More information on Cobbler autoinstall templates and kickstart files in the **Tips & Troubleshooting** section below): + +```shell +cobbler system add --name Fedora34 --profile Fedora34-x86_64 --netboot-enabled true --hostname fedora34 --interface enp0s3 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.11 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1" +systemctl restart cobblerd && sleep 10 +cobbler sync +``` + +The **PXE Client** VM can now be powered on, and should automatically boot to PXE and install Fedora 34 to the VM HDD using the "Fedora34.ks" kickstart template created above. + +> The newly installed system will have the password "cobbler" for both users "root" and "fedora" which is configurable through the `default_password_crypted` setting in `/etc/cobbler/settings.yaml` as well as the kickstart template file created above. + +## Fedora 37 PXE Deployment + +Take similar steps as above to import and autoinstall Fedora 37 Server, being sure to use unique names for Cobbler Distros, Profiles, and Systems, as well as unique MAC addresses and IP addresses for Systems (unless configured differently in `/etc/cobbler/settings.yaml`) + +```shell +mount -t iso9660 -o loop,ro /home/fedora/Downloads/Fedora-Server-dvd-x86_64-37-1.7.iso /mnt/Fedora +cobbler import --name=Fedora37 --arch=x86_64 --path=/mnt/Fedora +cobbler distro edit --name Fedora37-x86_64 --kernel-options "" +cat /var/lib/cobbler/templates/sample.ks | grep -v "\--useshadow" | grep -v ^install | sed 's,selinux --disabled,selinux --permissive,' | sed 's,rootpw --iscrypted \$default_password_crypted,rootpw --iscrypted \$default_password_crypted\nuser --groups=wheel --name=fedora --password=\$default_password_crypted --iscrypted --gecos="fedora",' | tee /var/lib/cobbler/templates/Fedora37.ks +cobbler profile edit --name Fedora37-x86_64 --autoinstall Fedora37.ks +cobbler system add --name Fedora37 --profile Fedora37-x86_64 --netboot-enabled true --hostname fedora37 --interface enp0s3 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.12 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1" +systemctl restart cobblerd && sleep 10 +cobbler sync +``` + +## Security Hardening + +SELinux and firewall operations can seem daunting at first, especially with an application as complex as Cobbler, but the basic configurations here are relatively simple. + +> It is possible to lock yourself out of your Linux server with SELinux, so now would be another good time to take a VM snapshot. + +### SELinux + +SELinux should come enabled by default on a fresh Fedora 34 Server installation, and we set it to `permissive` in the **Base Updates and Configs** section above, but sometimes `selinux` can be disabled on the kernel command line + +If `selinux=0` is set in the `/proc/cmdline` file, then follow the instructions found in the `/etc/selinux/config` file for the `grubby` command to enable selinux at boot time. The kernel command line parameters will take precedence over the other configurations. + +If the output of the `getenforce` command is already `permissive` skip to the **Enforcing SELinux** section below; if it is `enforcing` skip to the **Cobbler SELinux Config** section. + +#### Enabling SELinux + +If SELinux was disabled at the kernel command line or in the `/etc/selinux/config` file, be sure to create the `.autorelabel` file at the root of the filesystem, and set SELINUX mode to `permissive` and **NOT** `enforcing` in the `/etc/selinux/config` file. + +```shell +sed -i -E "s/SELINUX=(disabled|enforcing)/SELINUX=permissive/" /etc/selinux/config +touch /.autorelabel +``` + +With selinux enabled at the kernel command line and set to permissive in "/etc/selinux/config" **reboot the Fedora 34 Cobbler server** and observe the filesystem relabel as the system boots. + +> The local filesystem maintains no security context labels when SELinux is disbled, so rebooting directly to SELinux `enforcing` mode will prevent the system from booting properly. + +#### Enforcing SELinux + +Change the active runtime and boot state/mode of SELinux to `enforcing`: + +```shell +setenforce enforcing + +sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config +``` + +#### Cobbler SELinux Config + +WIth SELinux operating in `enforcing` mode, enable the necessary SELinux Booleans which will allow for basic operation of Cobbler: + +```shell +setsebool -P cobbler_can_network_connect 1 +setsebool -P httpd_can_network_connect_cobbler 1 +setsebool -P httpd_serve_cobbler_files 1 +``` + +With SELinux enabled, some files generated/copied/moved by Cobbler will not retain the correct security context labels necessary for proper operation. Create a Cobbler **sync-trigger** to correct the SELinux labels upon any and all successful completions of a `cobbler sync` task. + +```shell +echo '#!/bin/bash +restorecon -R /var/lib/tftpboot +restorecon -R /var/www/cobbler' | tee /var/lib/cobbler/triggers/sync/post/zzz-selinux-restorecon + +chmod u+x /var/lib/cobbler/triggers/sync/post/zzz-selinux-restorecon +``` + +issue another `cobbler sync` to check for errors *(should show* ***\*\*\* TASK COMPLETE \*\*\*****)*: + +```shell +systemctl restart cobblerd && sleep 10 +cobbler sync +``` + +> Cobbler Triggers will run at different times depending on which directory they are placed in, and in alphabetical order within that directory. This sync-trigger specifically should typically be run after ALL sync tasks/triggers are completed +> +> > Additionally, if there is an error with a `cobbler sync` task (trigger, or otherwise) before reaching this trigger, the sync task will terminate, and the trigger will not run, causing Cobbler files to not be relabeled appropriately... however, there are likely bigger issues at hand if the `cobbler sync` task is erroring out. +> +> More info on [Cobbler Triggers](https://cobbler.readthedocs.io/en/v3.3.6/user-guide.html#triggers) + +### Network Security + +reduce network exposure with **firewalld** and secure service/daemon settings + +#### Firewalld + +Firewalld is the default firewall installed on Fedora and most Red Hat distros, verify that it is enabled and running: + +```shell +systemctl enable --now firewalld +``` + +As described above, this Cobbler server has 2 ethernet NICs: **enp0s3** & **enp0s8** + +- **enp0s3** being the *upstream* interface which can access the internet + +- **enp0s8** being the *downstream* interface which will server the PXE clients + +Create a new **firewalld** ***zone*** which **enp0s8** will operate in: + +```shell +firewall-cmd --permanent --new-zone=cobbler +firewall-cmd --permanent --zone=cobbler --set-target=DROP +firewall-cmd --permanent --zone=cobbler --add-service=ssh +firewall-cmd --permanent --zone=cobbler --add-service=tftp +firewall-cmd --permanent --zone=cobbler --add-service=http +firewall-cmd --permanent --zone=cobbler --add-service=https +firewall-cmd --reload +``` + +> Linux ISC DHCP server opens a raw UDP socket with the Linux kernel, bypassing the firewalld rules, so it is not necessary to allow the service/port. Be sure the resulting `/etc/dhcp/dhcpd.conf` file is only configured for the desired interface(s) for hosting DHCP. +> +> - [serverfault](https://serverfault.com/questions/191390/iptables-and-dhcp-questions/) & [stackexchange](https://unix.stackexchange.com/questions/447440/ufw-iptables-not-blocking-dhcp-udp-port-67) sources. + +Reconfigure **enp0s8** to operate in the **new firewalld zone** + +```shell +nmcli con mod enp0s8 connection.zone cobbler +``` + +> As defined above, this zone will NOT permit inbound ICMP traffic like ping + +For simplicity, **enp0s3** can be left in the **default firewalld zone** (verify the current active zones with `firewall-cmd --get-active-zones`) + +#### Service confinement + +On the topic of network security, we should also restrict our Cobbler services to only listen on the PXE server interface. + +- configure HTTP to only listen on the PXE server interface: + +```shell +sed -i 's,^Listen.*,Listen 10.0.0.10:80,' /etc/httpd/conf/httpd.conf +``` + + - Create a local systemd service for tftpd, modifiedying the original config to only listen on a specific IP address: + +```shell +systemctl stop tftp.service +systemctl stop tftp.socket + +cp /lib/systemd/system/tftp.service /etc/systemd/system/. +sed 's,ListenDatagram=69,ListenDatagram=10.0.0.10:69,' /lib/systemd/system/tftp.socket | tee /etc/systemd/system/tftp.socket +``` + +- now, reload the systemd configuration and restart services + +```shell +systemctl daemon-reload +systemctl restart tftp httpd +``` + +> Feel free to comment with additional security hardening measures you would employ. + +## Tips & Troubleshooting + +1. Cobbler's [official docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#id2) advise that installing and running Cobbler in a virtual environment is not possible, but I have had no issues related to virtualization. + +1. Some dependencies are missing from the official [Cobbler docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#packages). Have a look at the [dockerfile](https://github.com/cobbler/cobbler/blob/v3.3.6/docker/rpms/Fedora_34/Fedora34.dockerfile) located in cobbler's source code for a more complete list. + +1. It's always a good idea to manually install the desired distro (Fedora 34 or 37 Server in the case of this guide) to the desired hardware (VirtualBox VM in this case) before attempting a network installation, to validate compatability. + + - Any Fedora installation, whether installed manually or automatically, should always contain the file `/root/anaconda-ks.cfg`, which is the kickstart file used to install that particular system. + + - Depending on your deployed system of choice (Fedora 34 or 37 Server here) if you are having issues, you may want to familiarize yourself with the installation system environment. + + 1. With most distributions, while the installer is progressing and outputing logs to the monitor, you can press **ALT+F2** or **ALT+F3** or a similar key combo to access a privileged shell to troubleshoot. + + 1. some commands you may want to try on the installer system include: + + ```shell + dmesg + cat /proc/cmdline + less /var/log/syslog + mount + ls -la + ls -la /tmp + ls -la / + cpuinfo + lsblk + lsmod + uname -a + cat /etc/os-release + lsb_release -a + echo $SHELL + ``` + +1. The PXE client software that comes with VirtualBox VM firmware **DOES NOT** support HTTP as a download protocol, so it may be best to leave iPXE disabled in `/etc/cobbler/settings.yaml` + + - HTTP can always be utilized if you boot the PXE client from CD using the latest [ipxe.iso](https://boot.ipxe.org/ipxe.iso) + +1. By default, Cobbler's DHCP server attempts to detect the PXE client's boot firmware type in order to provide a BIOS or UEFI compatible bootloader *(BIOS: "grub.0" - UEFI: "grubx64.efi")*. If using **BIOS firmware** for the PXE client VM, the Cobbler server's DHCP service may not provide the right bootloader. + + 1. manually set the bootloader for a Cobbler Profile or System with the following command (the `filename` value is a path to the desired bootloader file relative to Cobbler's tftp root directory: `/var/lib/tftpboot`) + + - `cobbler edit --name --filename grub/grub.0` + + 1. The PXE client software that comes with VirtualBox VM **BIOS & EFI** firmware **DOES NOT** support HTTP as a download protocol, so it may be best to leave iPXE disabled in `/etc/cobbler/settings.yaml` + + - HTTP can always be utilized if you boot the PXE client from CD using the latest [ipxe.iso](https://boot.ipxe.org/ipxe.iso) + +1. The autoinstall template files "Fedora34.ks" "Fedora37.ks" & "sample.ks" located in `/var/lib/cobbler/templates` are used to dynamically generate the specific kickstart files for either a Cobbler Profile or System at the time of installation + + 1. These templates use variables local to the Cobbler server to compose a specific configuration for the desired installation, but you can always craft an explicit kickstart file (without variables or snippets) manually and copy it to the same `/var/lib/cobbler/templates` directory and assign a Cobbler Profile or System to use that specific file with the command: `cobbler edit --name --autoinstall ` **just be sure to escape any dollar-signs ($) with back-slashes (\\), otherwise they may be interpretted as variables by Cobbler** + + 1. The final autoinstall files (`kickstart` for RHEL distros, `preseed` for Debian, `cloud-init` for Ubuntu, `autoyast` for OpenSUSE, `answerfile` for Windows as well as XCP-ng, although dissimilar schemas) are hosted over HTTP by Cobbler and, by default, assigned to a Cobbler System or Profile via the bootloader config (GRUB or pxelinux) under `/var/lib/tftpboot/grub/system` or `/var/lib/tftpboot/pxelinux.cfg` directories, or in `/var/lib/tftpboot/grub/x86_64_menu_items.cfg` file. + + ```shell + curl http://localhost/cblr/svc/op/autoinstall/profile/Fedora34-x86_64 + curl http://localhost/cblr/svc/op/autoinstall/profile/Fedora37-x86_64 + curl http://localhost/cblr/svc/op/autoinstall/system/Fedora34 + curl http://localhost/cblr/svc/op/autoinstall/system/Fedora37 + ``` + + 1. There are several template files and accompanying snippets that come default with Cobbler which you can look at if you have any questions about how the Cobbler templates *(Python Cheetah templates)* work. Located in `/var/lib/cobbler/templates` & `/var/lib/cobbler/snippets` + +1. Optionally, remove the deprecated ***"tree"*** option from the Cobbler Distro `kernel-options` which can be used in the kickstart file instead. This option will be ignored anyway by the installer. + + ```shell + cobbler distro edit --name Fedora34-x86_64 --kernel-options + ``` + + - cobbler still appropriately sets the "inst.repo" kernel-option in the GRUB or PXE kernel-options. This is likey managed by the Cobbler Profile's ***"tree"*** variable *(seen with `cobbler profile report` above)* or the Profile's config file in `/var/www/cobbler/distro_mirror/config` directory + +**here are some helpful troubleshooting commands on the Cobbler server** + +```shell +man cobbler +man dhcpd +man tftp +man httpd +man selinux +man firewalld + +cobbler distro report +cobbler profile report +cobbler system report + +cobbler --help +cobbler distro edit --help +cobbler profile edit --help +cobbler system edit --help + +systemctl status cobblerd +systemctl status dhcpd +systemctl status tftp +systemctl status httpd + +journalctl -eu cobblerd +journalctl -eu dhcpd +journalctl -eu tftp +journalctl -eu httpd + +ls /etc/cobbler +cat /etc/cobbler/settings.yaml +ls /var/lib/cobbler +ls /var/www/cobbler +ls /var/lib/tftpboot/grub/system +ls /var/lib/tftpboot/pxelinux.cfg + +cat /var/log/httpd/error_log +cat /var/log/audit/audit.log | grep AVC + +cat /etc/dhcp/dhcpd.conf + +cat /var/lib/tftpboot/grub/x86_64_menu_items.cfg +cat /var/lib/tftpboot/pxelinux.cfg/default + +tftp 10.0.0.10 +tftp 127.0.0.1 + +cat /etc/httpd/conf/httpd.conf +cat /etc/httpd/conf.d/cobbler.conf +``` + diff --git a/images/Cobbler-3.3.6-Beginners_Logical.jpg b/images/Cobbler-3.3.6-Beginners_Logical.jpg new file mode 100644 index 0000000000000000000000000000000000000000..31f6530f9b68a7395d0ec0e8a353eff950161cb8 GIT binary patch literal 59187 zcmd?QbyQr>vM4-+KoT@~@B{`A5L^-op`0Dy%# z0Jlq6Qy>``6LpB1JV;sY?-{)S4BUMN05~|hyFwJCAM5EuAK&}&_Y!~dOwHV!|J?r* zz|?y(@uzkGV3hkm;rXwUADCOXnPC|AFelIzBOIeFIR+=U`a9142Y>T-{KX&K%iY-> z!=wHOch!Q(U~qE`&TjSZ@HhVsH*|dEsF1@kiDl_@gm_g`>76=6)Y@(gEB6 z5P$+e`cL~YGzOe<0RYis002AwA8Bt=0f71t0N~NgKhl7o0080-06^XFKhpluC(fp> zrhlvMF6Mg2(h>kTC^pzp&lMX3cX99jf%~|)IJgh) zfIB2u*d$oDod9}FcVpE0GZOy|aPQ&V$G-aj>kcN{{viN>a~E*;4)%S5d-sU&@8JNj z?qJ`=!M#UvpOowgIUfbns|S>inE5qK$EZZ5A$l$zZ9odtH{JclO zEbzwl9W1wMpAsl2B%_JGodFPFVXl}vk!euYh2=6n zM-_f=jH;w8%KyWzbWo&=QGNK1`)mza0*`WvwlGR3tu=r1^XjRmVT%96(s0`#3=NTm zCy)H?uWge# zDs})z`P-BS+3!Qeuj!*M-|q4M6xeg_G0Ce8ayI+~C}_nsWDO*Gv~}dk`}^MilOj{x z-rbN><`4@ZCTPhecLC zthSa;H-aa@OHBi4OZ6yv#oong)lb?Z&L5&FnerlhFhV{|&x37ncDo^4zfe7wm3VtzB& zu5;yy|1fcvT>s|DhM%&gmakTmt6`wcl+8yHW9tyYA;(fwj*w5ZgO8RA9CBNKS+ws- z-kzh1v1^1}Cohvj2?Cot`$1|is`-`dYZCccL~D^8AnFAB%T&t2A_9*die>e-(kK~m z=Xt%ZvF(hB?ahJO6HfbY-sq&9)cZCyoJ*VQJ5`qK~r%h9H0XHs_8VVz~}Dk!_uI&L}6J-4IznaV97YZsp= zpcY)UbrT$+=4hjosuN%hP6amMFK;3k0|ASM{3k~U(o7qea`;eF9xydQyc(1i<)3db9giKrXF{!;Y4-H{v)zYu&&T$;EsqP! z0*VeXeY{^BAec69VP{d}P7hX$j?WeHLPy|QvwSr?l|A6LT<<^068gzn?bY9T%<)t! zU%u&49JRWhW}jgQN4HPkvT*naeT_JRN(|Pb!rA&$m*8h{nR$(!j!5HV0^jV(mAh7P ziqTJ_;!zTnEJd9JBCg*J+INw11Jx@dTz1k*2FcFlF$XLy?)za(ZKj6q-DSSpr$tez zN&)b3S`C#|EiOT(BbpYNYCz(jpIZy6m<5+HIpTP zd~!iKV`=27{533!%=W{p)|K#9s_LZS-!^(jP{eVcNN5sOGL$+k7ibqO5Qw|7X5@}3#zEN^WfDv*?N(+EW zCMZL3zj!Z)UIj4HnQ^*@a_lrAA?8Z{3rXUT2w)>|xhxpksM!huE6IYuis2!V|Eo+) z3TN3<$?=T7YsNXL>TJrQ;)aS#9XGb4Am^KJ{#drbe=9@WKM{(ybCHFoq<-vHEIk$M zRQzXcRo;kjm4nR0Z~D;K7?F^b1rUj&sZq;U5T+d-4g1_OPUgQiW8B|G@vVI&Es zPtJVCss+RdT7Gq0GNwrcW**Dy&Abq#Qrmp9Q(E9P36sSNd3c>2AVD++)}+ zxR}8H)aS4+7>I>~>X;N<4UW%vn|N!aT$V&RAq3g%%HF-gxx8 z!TW6h4Icje!XzuUWOIK7Gy^7e_aVb$zj+3)P=(HbCrgqEvHMs{*iH056ENNE9hYzR z`K5R8Zv}62@XO03T#?Ru;gA1NnAEp1`*-PGiB`Nql{z2b@VmvLlMBwZwq5zr&D&9p zK~_$KPv%|e_KT}b5jL^APsDO{-$>j7OqOX%48#-Kg(2lt`sN8ysd@Yy1T=y0tXn{Z z1+z*N-;0q2@Qv$9%GyJsM&eP|F?62;3Z&sfqb4t-b#yi`{bL$`n%552iN%;_*axfW z$}mqM_f`4;Wxfh}7LV6dQz&m>8F92JUp)U1fUW=6PyfI61pZYn4r9Wb$*7=%5Vw=h zUp?@2-v`w$EnejqUY9?^^1#E6-~sLq3i#JkNuV|;1S`DI zRzON0G|d8Cr~y0(0hj=L^C##c6P|fAJ>Cp*0*7 zw#U|yIjqyGO|83A9&ZiL_TlIDotLZ*->3@^cY{FS>BdZgW%;M1HX4cjv4~U>nu+%i z#V<$Tm3~TqxmZq4o78^d8ke424uz+UTS(>dw_hj&xP-}(`)U!;V zc$BE;PnI^+U}virj^$HM$FFk#Hb&a8CayC9t)q|p^I!W?K?fdH&DH!gsV4&0+ISAB z6*!k@+VOpS%T|=A86bwQFWhRLkmjT1$0YD18=;N#*fa;v6Co(`RI~blohc+Mp9e#e zW%EU6(3VO0y}f<1mhuWyK57|zp(>^NQ?TobGsmWFe1=rkmLZGIx{s~vqf~tDE~%;` zR!G9UQdv|@K%RAN9{-bOe;l*OHQt}!5}hU)8Y3WugUIeE7xhQE%Ao_l-4fYwBKS$@ zUv$?d`fmsx{`&r&M;*5lfPCYEzqH|=RyZZaEwEvL(kTz~oL&uNjUGU&6(aZD4=4Jr zv(0$5{Jp{*Q!pPptVV|b+AiUs68qikpzB}R(Yq?V_HpN*@a=I_^p=Rf?>p+7m=aWr zEX;ppcsm;A;GwIznMxHCY9zfSBY#rwXB~d|=+fB*=huCa(%p(!J*3|NQm)Y5=44WT zX3?;>>1ga2zq4xLWa-)%!o2+&|22+^`~JOMqk-|ZictNM%K^u%bs^4~eH`e%e=ADx zB4kNxSfq!lq%ZIA`}Q35?84Pn9r2VCyH?A_NS==G*ri|TxIwAh73H0#kV#m~#m>d& zCdoBG4M00?z3lyXU0?^b%CPjz;5^;VY_sx0?gQi4=m53otjrB%&yj?bXUirJ>0;|9 zraV?r_Am* zvb!S(Nn>Zo{sSfYlOT6dRP^a?no%LyHg6J#@x=!J<~%gB@w;QQvDXvp@#;`OEGG1LSJNCG3KS{O;ydIZ$QOjlb$z2M+^;jxeia_gYr)X_vc+9F5RZ(=7v~26D<|X z>gHoRA%@XImP%v~SlbgNLSr6iBoqw+L#!hthAlzmqNhE{J0qQe!VRuYL_S-5ulr>2SSgXVx!uUI@ac9_P>WLCe5K9d%0T=_TaoFau{GgZIT>3JqRxyI zm2$E}Z91mzZA2H7gZ-t($}-y(+GlrVGuNb&qf%uhzM^ z%3o45hY74PVY?UX6N3x(32q)1p>yR5x+|0X+FYfyz>jR;eZP>k!q%(c2S7U!l_8RV z;TpZMl7bj_gZoX}wg~Z+w>;vDg?)vp4!=f)s+b&(s6X|N8Gi1xl=V9gOBH+nVQxBw z_qk`>8@<|S6P0|^q77}VQ-lr&+9*!l05yx|l($|Nq5^@Lg{WN`ObQO)czZbe~C;8QiWWIA2I zMRRQ2Zt%t}z(U-~Hpn1vV)IDcq}y|KeeGn+sC#6#(eIJrF*KxBzIP&j=9&c2sF&Yf zCZEWe-s@kMxRYa9(1(AlWy{1QC4onDT;Ymi71MO=xtOnQDxDd^qVaf+fnu!vO+jP7 z@a+EGENPGDEC&gP*7Z4s8Pt2H$xpAQ&7^#xjhu5uW`(w-wvP4T$cha#El@NJs_l~s zO4L&NkPGzJ+|(!;Q{bTKC05f+d$zfuWxL7Wl~(M~xm-H3M&Zj*so{b;CZqors2d|L z`Q}w>a-8oYWsc53h9!!~m1qrbnbO?FtOin8n7S%MZ6SJ6ME#@wA%cj5gC*Tga63Hu z$S;gQ$#>>TgVLr&)V55zyOA=-;H@3nID$v!#0*9*yOQdD%$7{62?>G0ZB}2g!z@48 zr7fL`m*#fkz+H9>?&~_x4AR!+JfYa|?0XreTfid|LefxGTmKym$pcaqeQ3(klr#f4 zzW$4~4$UoI>e$gA%pSS!xD?yNDaJ(4L(S!?B}fP;pjyx!8mC~lA{XtJ1W%2^#;tX3 zdlwUJp)dJlgzV@>yN%S81-l81N#7$4IquQ;A9k4CD7`K$gvI0$-_&(_A`u)@@glwZEesDLi>2-b3z7N6Ic>~ zv@p^6CR@vq(vk@|3Zbm}3JT%MT{hB*##jR`98mwbs_8aHWTt7=fW{l|? zOf{{H)asRCb5jmd3?Q0W;FD1Zp|$*kfA=)PS72mUy1&|0jpQVbLety1H}xIPB*SVg zV=kxGm$N+LplQP>B1q%-e?Ftk6@Q5v}KOM+xJ#^vA;Kd#z-g1a>CZOM154=v>G+0In>8hrZB{4cj$1}2HpBLrmp4t^P3p)(bf|GSKoi{ zs*J_Ycf_St&jqIm>L&Y%9%I`#_1lQ^>UVHwySc3rx-`Fw^q{0YbN?n0RNgQ&tI}8W zVtILEPXfI4&?7Y7@SHiq|82M2^xMh;iwLXP3UFbzXBjS%XZ6w*X!a=n;Z zQ8kDK%+C$;7*l<@RCl;kcKma5=-Wf~v0|JyJaF--!$;RFi-iwn1}H($E1G!^+i6k6 zlLr{*vP!kCX=Iorz-4uE(@rZpBSrcA=z?~9lBnW4Emh25rh_vw-f8=TIuF;k-bT7Q zrU7O1s?N!Y{6xp5S=o21uaJH~m>BFsiUoC%!d@G#h@pLl>5NAi6H?zc$&Z_SGv6G_ zmHYf<+FC?wVkTw3G+`Gh!LX&dygyQcdikVSEb{mk&{O_1k+*t$^&;>V;3IK2CSb<( z_p~P+_)6sWeG(FJBZR}SaCu?fz@_2`u1n*Cs6acIc4kM2*5_=TWB_)G_`m92{Qu$mi`R)W_U}EEFF0fW za*cQ;QN*=Y{6Pw*#M|p##eZ>00nkqXK=7&vd7Qkb1fxOQ=;nPY!y6aV)$q0Ar}{|D zs*b{w>jx0Ew&VP^QtiOUo=t*U+skoJZ`insLG5eCSAn<+WkI5t`Q(qMiBssVdm5@x zeiSb3T5UTmLTvo#;yo)f1?{^8rn^=aD3Aq_XeLQ1I*C2;aDz4ICEPoBADdcTGb-wk zKL+C%`p}>Ze{un}_HO~ib$Jv6HvIc?Dyg+eWyf-^^0X^1Xgms$Km8@&Q5{3IK~)jF0Z3DK}y ziM`?I$S|LJw&QR9+r09}lyGU5td>m;qQ#)-rF8UcM75HZ_^8m3!hf`uBS&zfVg((n(shJdh|zREf=B13$^$%umNW)PZ$r4)}}@y^Vd`w zt&xVXhYN!-tYEO3JSNCZa!NJ`vUG`4E1xa3h(?-K+8H?a3smeh`7R_GLev#s^?Pc{ zjqs1KkM;0erf}H9b+f}C@85kEo2^PHx@xvKIh@F0{7oOyBf0x!a)#)^peG|my`)vO zov{4?_+l>t)r~yM*D@1EKj2h;T^{5MSeKeH^yOy#U%~}O(tn8_0gPT^ z8=U1e{f-LacV1WeWS9iC7hm1G0_S_X(ODn|$wkOjBtKA-6|FHzYLg@nye5ptdbOYD zbJ^7;=-U(BWahDpN5|vm+VU$xVLTarfchQvc`)nRvr#GYxf;KJms^tPUazqBZW0Qg zD&!(&i;;x&Y167kN$v|u60E6$i!8y0z6Lwh=!gRJ&ol^vx==O|+d0_h8g{mjzpTns z)X18n*I*8vRHX~iu1DSZxTK+8GLYHuYr}rVVObts7~P`9Vl-T(=KFLrWLT$mBkB3K zxu}<@{@4^t^s?3qH|IIYYo?%rMfKhqdGmMNy9V6sUj~E!gFd`dyp&e0SKkoW!li{* z+HWEK^e!sGc~O&Bu&fy021)==97(m0n-S72E`lWKUU9VL_DO*&l1qZ5+lh%vm+vmh zuCmZwRY5-q>h!c&ACxx}mJ)X2VgeLBo0a`P^L1GU64lrm9m z&A+-n-2&)@2gDxCdM(tr)#;U9Jm~M6(;$16@8&+#IZALPoytaRB)v0GYiH5VWn-sv z5W5*i_tW&ZTJ*90#`?yZ=j1J5I;&c`+{5CYMv+(_m^cAY*vb}*1 z=2)tv5F%Ww8N-Bfl9#EyU!_9!u%5Xvbw%8d-#L0nHg7R-NtGonWxP`7L^eTPH`mPt_u$*5Re>a7(+TchBX z9Q$4O^V6feNBxlY&~edjmnBzKz39Z`u@fGPkiLpwp@r$C;+3`$$XhehzTxqm8QDf% z0-s}Iym|iI5hV9lHu6cX0cgC{Pz?!lTPh7$qy3vo+rb1^jQ0wDz(-OR$&D^}XXx16 zn$I`_k$-BzAyEg?Pm4|%wDg-=RM5zAfe3C0AEbX{5bgHqY1`^pe^;Wh?TE^UYJF~v zevRzsb8&m0WtqP;rj_2I;o#eaeA>gW3-~Y0@_o_OC@su3m*%wCv|}Qpr^8AfwDzYc zQKQlGI$5FBn^LQ}m?yQuTVO$MRwH!owz;siZYnc9XZ^5YP96N4wC5oZx=(YGat6Jr z{QgTkn!Dhaj(2pEl)^RG=uN-&QZZT|c5rO+9qD@uh!)43?&hqr3P}u_Jp7x)N)DZA zT8Zb;ag9Wh_2}ma6(P8*#G0t3Qu$d&`B}FJ>L|=$gXovnhjt5uPKbj-w2>0xN^`dW`8OAT z_apvhQBfL=V1MS92+GH_L9xfPfC*Bs@qO63X7X@15OFy6=uIX4SogTbf<9#> zTSY=}cY;YuuXp(4fNY>SQ22&EPjf7lqLH(x$*8Z2CtdDrz)$x$A>atTDGU!?GGnDFMH7pKy8!ZG#kN98nT(wdc|uyt-J#UCs9WLniP?_gPv0faO7_}lyoEV$k2$9 zuA2ISiF8Y?231hp(eEMO(P;og04+1KyQ%GCuX{X=cC415Mj_7TCTeq9P5PsWu9*V4 z^~vxwn)o`(tq+ByhM}m^K3h3@ST!6zBPBmK+QsFfp0C@lK*X%z=aRxG_*1dZ+~#REo=7XiEAUZG2;=)- z_HB`inkf?#T~z?Qti>L&%}m_>IO8QL^ntYp2gFgI;qa%zX%9(nwro-Zc`i6uf&XWFM&-Rw}_QYN5w8;o=ZnBAn)%vt zgUoKXed%6%PthzlWaFvdSa_SSm@cOf`&3fDk-$YG?7IvGXBnw4;M^u$= z=K&XZuW#0NBD$*pfY-X%bKaUMjt*?;q(Urf{6d@RE?6ccju6pN6*{J(lYc@yN3OWEo{b5q_vP2g^I#FBZ;{?@e{0ylo^m=2+LMUv{JpFmo1eM_Lodq^ku!jE& zFfYf?)fYl*6F*6^B_6A32 zs??TnqvOPebs9HTZdzM?#PL;Uwvq*#BZaP>8$SE_z}vvJCz5+_)+N9+rLwfzm^X{O zj4Kx5%V%rZpIPf*5@}f6MM55Gj&L1|p^fkXgTK#2!)zVIg-EDrYAgnP4alARlE+yW z_9dA|ob^H`R#rCMXTf5Pp1zAb$JLYH_+JZ;ROdN~K+-w_Pp%Hzo$ymuUX3*?AZ<^M zcAQudcmaI(<<@OuE!exjPWErASr<@yN18(qXYcC*I-l_4yU0Fngho&~H7hs&F`2)Cb0gksn+> z)_vyFa4_xTr3ACl?A3Jhlvlf`^KQOB;EXqk@?tf^J+K=Vwbj6E5D=p8M1m(8d(plV zLtrsWoX+uWKFi`>f|_v zRCx4FEYN$Hx<^!Pd05jpZ>GgWw-A!Fqb;OqmuyNQt$`%diu-CDU)of8XQ~H#foE=<#V>^BpJw#j0dnf;?}& zRBSby#%ryA&$X{(m!rk}&8`tfe^!Y9>m>gcz|d<9;C^}>)l5;BQO&5(f0NDBx}{v# z?33YhY$&zZIq_hEepgijRA)2H`}Rgh24Me^SCl*3 z+dcyz*Br$e_>9NqMbBF9`M}yqgf-rfj8S<|NUZ`f7rom)oBjs5{lUR%Qdm~DjDeHC zpFy>;=Gyxt6-dooK2;y{0ZYnUwo}*9%EL^qMW`7gs5*&0$OSmHpDps=)Hn|cU^g)gq1jpFDF+tm6Y0| zItp%LW;iSoGRL5S?AjODvU#$g&4~z zv;32F`3${qWPjHBuf&_ET@j5Dr{Y$#TECfF!0?=QvO}uD=e5LV`kES$AbM^a$#iq$ zp-b&Uk|0z2?#|idWARCZkYd5(zPf7*ZiQOW>O)A}xVX8F(R`QN$Qgq{nY z0q6=iDiYSwbP9h4-sV3{5u5Orz-3H7PKcWi!aY6m0Ap>^3P*XdIV z{$|CrL@nD8VFTAZN!dJ58om7xW~U|pw$)s8*lgrVy#wCUX4rQ5Xc0X8{w6qE13qUx zGE&83Mep3l&W+h1IM5i64aANKn}!Xzn!N~vdI0O@q$5C3_zptwaXprlT;~IIND-IdwYT0hf`t8ihhzg-ms!j7?u+rRtZJu#brG; zOK&$a_~rFd0Xa>~IKEb^n!hM~HSLtmrL2IgSdNmCVBye6y)k|A2vQFIySULSLU$hP zxgHN{B(Iy=9snSm9{gXpOn+O+_-iXUV;O$?UXS43xc(?^6Vn=eZ-VF)QI5-_NTovw zX753a!l6s>pKh1)i9rbb^lNsb*MBYlKS=%8BS}W{?6h;7u9ld-tGbK}>vCcNC8eLM z@0Ew*!I@I2Fh6o4s-@Bgsn*WIBW%|+&HY#F?z9e`VH3OHJ1Nvw)5j1k7j_19%Ci}H zgyl8PTF!1GiR!DESV*;GbD5Z@0fNwxVUsuhWIV$B-PY|?5{&$4cB&nUi16Z3^a_Hl zE5o>6yN()4k}Ct0UF3<+J6FhD*5#S6f3PnXZq#UyWH&Q)5+*DmMl#KdFLv&bUf>9O z&_(@eR#Kb2w+_lgtEu*5H#E(dG5zi9C0hee33-L+Bo&brj-Grs(uh@%W*Bo3l!@h7 z3y9p!&AGru{h4zAoX2YB%$<_<75Q+6nNIFkbPCyaLYq>Q5*(yc%TCV z@lVZscKe!5@DWyNT)zBSNhME>$IJa3 zC2aqs=h)-%jt&-AR{>W>>)M(Tm z+K5|g&3fz_d|j#99iAu?r7V*_5L;X~8wNxOCvI}!ITe5p`4x(FMF2;Gy`|0B#rpVy zs!gWoT`@t0PlNe2=xq25jqoaB!Az5#)g5idwuFZAQyE-QIM=iB1Y|OFj3JD(1dENI zmow+O_O``|W~vc5I!&$%pAK*BW>1jX>4w>hm|NI|i9qXYZB7vrGijw-2H6}ScoGMm z&Xi_ozw+1&!5Exm*Q#~B;%P8Nz+#6aNt>-#jOBKfzx%*VDou=w*anA#_ms;R*rG*v z6V$2+ViYh>VrWi{t8TDr7viYBh@Ry_GX1K9Ru>N(!K?PkLr43=XV~0hNbHJYL<7eG zPxmOKMRmUnH7)m63f7mRd$y#&D!VV4Mr3cEW0pp40kk)dR?I>PsHr!Bp-%&Kxd-&O zcs>Ruehk19C=wK-ZEmeYTN=qZw4bmCQ+~wQ+dot8Lq}1ZNw|G`Rra=m>4Cv*ASILc z!ROTC-{2dG8M9LQ-z=yqdOc8%6wg@TtMHv_(=(yvx=lg@g$+=dH@WKCzTDR50OLT5 zAnM_PHeEQDeK2z8hN6NSh1*~7-Chl!mVOMOy_4??vArT_WVJj@*X(vYq=_4M%VcTo zlv!mAQNH&w%0VW7Dgf91@}1nMoEn0)q$cyei#ngn#e#agZUF~zOKo2mE%p$>g^M00^^~TW5YzKt z!t*v`q~DhaYHT2Cl?f>oo!s&hx)UA_dE8|#F2e;n{JNVHkg-xO{dNN*#eR+p3!y}) ztAqI0YUD|haa81|{u~8g+I_CEnSqB{@uvZTty&zDQLv4-9Kve9kph~$}}PTI1jLmQ1t z5TbOJ+fTxHz83WmuDLyHo1#^!V+uj1dK`krbm}QF*>~HO$I` zVZZO2VD3s5M_ofSFoiEfgr%`-C)qir=J0)Z{dQT&LSs`x9yLgW2IA5lBi7}H=bn*# zdauf-J!%k&S>oCQFL8o5A`uk|Ps(z3z#c$( zI)}(Nb_)Jd;KFZm+=Yw5BgseY z%Ab!g|6KMqM_kwXu3p5Xcr!Jsmudh1C13_lFr|Ty26FU0;=?1RSwDTnZJ>Xc-M@WH#DbN>I5<<*9v2qiF{oA&N5s=+Sg#lvc1y+#0y@H#whgchh(#YL^V^o zolgWN&Ud)6Z|a$;kSfD;>z^0FD^88<4gCcn4#w{)>R4)>S>E@Y8^=VY83pIbQ2K zf%9=SAD~IbV7S4Z_@(*wvgLkN#z^y~Q1u4nL_ZDl%x97&2q%y0d71|9i##dIq34o6 z@IU{vG)M+dkYAP4QH~qNvMv29_0PQjV>FiHdYX`9Ph*ikSifdk=z&hYu1$(I4>Q=~ z0@bk8*W;^_aB;xYVEm-!yr^j>#p}M&7eLo6l|+lLLCsd(XsKNB$mV_m5BXFX=}bUU zGCDssfHC89v;__!q|4_Xp6;e@AyLK8ack`e&U9!`A`q_kTM=5f-DI$N%p_SY0GZZz zr_)H?K~R^j=me29gl-hGP8RDLRhOasEowch+|yucLC&+?p!jTNmWuj^<`#%YcP6p+ zqNBrmdwVYv;xGP%p26$CTv8x1JKw0^6!8->NEj9Dsb}XdM(W15B#>&7igCC9HaF}C zerhRZnht*IllWvbr%k;GZ243VgdJO{ zM;S^c^PK79G9wN)J)b;bbRR?9S3v}e!j)YV(?-;JvVL?wbB_(7AR2UEniK?v$mKFI zZOh7S0|LMNQ)_WJ+SgB;S^vC>A{XjSU4JG2nfsp#|M!xnJOfOFZ8o+!i^4IKONCti zBb*g9$$h(5_ee2;pw~meci@=6QPCrt+0ki;`fbZ3txPP~l}eA#eWoi}$t%J$?;C~j zAh7K%0E+pAg2Uu(8!=<=Mfrw`$=0hqk)O-wjM~>6CD+zQF9C=^+^ZKs%$scpp&-<~ zFNHR@bQ}(M(jWasf1$_bXwa)$QS@m_lHwQ&w*sg zg{JPscmMxaWy<^*4qcbf|G3k)bE%(gP&8m;5>uZIQ9F#U+|ICz-ABCG(EHt4zY~sG z)3r=cv1Fnuw~eSt;k#z5CVlxIjT-Vo{OpBojB{>?`7mt#mHH=sEcJc2KqK#t(9*E@ zr?%yJTt}Q-updglgiqzr5XGe4O|1~0YzttoZGr45xbk|$ZfU>{do7zRP`fNWkg&6- zrDtS3bTfiXV~CT3KNBTuVBaU#rrsOO@F94@Fzol+pV40allB{w1v2F?Ys{-jH=5Xm zmkKnvPcw94$bh7MAVE(d*C&Dg$TbZbrT3hdIePCY=8w~bJb4tFf$Bwjzo}h!e3>q7a zL~lKt25Vg=(7E?@C7NSaTGPRS+`bwoi^~))qY?b`$I4YmVbm=^HpZnG!tEE@;#5q} zu%byT1b={AEkc~YsZWZ2KVp4^0%BFZ7Fv%WKn3ZEm4{u*kCuDWsO-8c7wYDn=@{)N zjL;>+F`ETATG&tPhS-k6-%D;d61yU3#J8X3j&pc1?daFv+3Cz=N>^vQkexk@~N9Nq!-$#VXQCX(EwLg;!ly$5&>KT0`|}v%I*fHlj4m9a3Ta;0P1S<+Xxu z0vzC&PFT{=7O5s*mG@e=R{-g5(b)FWI4iB~EuUG`1>yKB6>)?ld`8QPlZkvIXUq-w zUEWTu)MCZx3+*Fp&8bsGK2j8?+_@B`#f(Rbv-T$qB*g>ICP-xBL7GQrF(+u*@WbO7 zLG~GNTqXzz>pc-j9%j@tu76{a()IOa>(d^Wf&JWxA`x!#-0{8*pfN?=GNS8{W0jGK z)E2bc6v2UxCWK=lMNFFLZP5D^#{uYPYYGt_`h*I;+BvQx6v{=yoiT|5nIMjKWyv=h z9B2Xl)!(o+Q07K3KYVUD+@Ul9Qd6Qc*VG9VW5R)Ab+~8n^t%uu?Ia@yV;tDWEDOfo zp9DXB{7<9!pGkE(J@e0RL*{$*rNf-*?3f5g7*hPdYRS{dz&Apbb0L{f!tRJLm3uWD zK>wS%-WovL7n`zxB{JroUNP+w#wS|bN^HbaI|C>!8~7t_tA#QZ4IZ&4jq)F!PQPxv z2+$&pXV>JUvyFgoCNG7NMn zR+G!gC9v<3gqqfq6!MDPt)%DN>n3p&A97oGiunRW6_<|Ab|4Zp{a0+IG?N~zo=bdT zNDdxxq&S;!T3~qHBEaK=Sm9!${}%FVwyT(w{je}sMy@VN$v(oGr!L(A{K~Cpa*G;x z?r5*sof(zP=@A8G73fRG?5fQz{t;$xctoygtNoFsYO@`@Ae_Oh6L0v9*)sQpBo(XT zwb125m-=vl+WA*id%wcK|>8foEJ z^{)l%(5H%T#>xg8#(%zbfl2H*d4OW+D;o#l@V2c6)0}Lme~t8I7~5QL<&))WBo#)-su> z?9UFsBE@f}mLF~YI$L|c{i+wD#miM+SQ#qa`w{;w&ag|YXyEC=4S&O0%d1M6*`}c@F$W{G~lMOp#yG`89<8ga~Cut30 z2bH{y;r=G_b-V(t#kzNA11-u{9`zMzBt5JeIodK7QGLS1;uY-O;pAueq8%3p8VE$TVv zXotQ_ajdvpCA7$h`? z`4W{GeCLiTZgk{iA!>V4OHJkiOdA42&b4ewJlEle)k_Ow*lM|)W> zDYxmpC9OKfx@@J$+M2l3q>#cI~i9+*S)s?@^7R6U%2CGhAe#NcO|Y$ zg!34s)YJo`+e)M3_NnnpHKsfvPq+6!x;Q8)w;3S2ddZDSu9NO)iS7drsJ@N$I=ZC< zkS8nO=#v;f{;MD^2G+`$Ab}sxmnoqK8~e7C+#J1p3|UJf^hE5vy>pO7hvI!O*F55`FP<%(UmBhiolH59Kt6#iaBo;&JbAV#)Z1_8eb=|d@R-%7Hmk`JN zX0T5?5M|)nf@_e}B)(=NkVufm6V;hd;(Dx=EeToS-{cY;#?f`aZA_l2Ez#otwD71b zJ8oyCA9f3fusQqwO-zhEA`h%?l{Z6P>vPfiwLxYH4hK%uVwUKpQ?tUuv5FsxN;T7? zOr=rUMW8%A(FLTr;r)mwOFrv}c1N*B@)#I6UOp+Cf9T#^9Q-oASk&lLxJ>!UNA?tz zNvAiUqY~}Y70uu5q-A6cmJRZ`7LGlJHD62(i)R`QTv!JBK^ocW^;z9*+k+{uxC+`E zawgd~6PcLUWOSbsi4GLoe3Lup2G+1gfM(PTnE8JL0eDg`USC$TuV!!reCH(pxX0Jh z!HLp#G%L$lPjz|c!0|eM28OV2hQZ%W)@Tts8zgGC4_V!>HK-*sMw-hR^(8KuldIu* z2!esg0HVNh5M9%X;2{Z>aC1ylKXpI4iy~42w?(y7H5K|+2U!#8M%bVtUnnm|O6NRL zgV|{OFw@D-1?bCN^#4)zmSJseUAQQFx7`(LP^5SZ1PEG!(*nDAf|Xz;Sc_Y5*WDKP zKmr6UkN_b_fdrQpcZy4p;ts{F(3|g``<&;y=X~FN?wP;VoO7-9W34gAGvpobC{lml z8T*8P3_h7We?Q=Lxmqo`%w6zqGVBRhK@&}FDFvjaNwkbOaS%wZKc#qGp>-2&^laXD zG1*%wlaggM;=7gSZ;H@T;-9#?`3+J>=ity6PS1^32K($lD=Q$7WYwe7S3>;3ww9^K zc!h^X6Ds<4AW?)H-bw{jkbqY zv&zA9(OSVJ7gqogOcQ~{S}SL{ImXnZ5hqm4BVRLz(Dvx#jZ-md8sp@hTIm^((Jl}z z+M&U#*hc-NhZH5ENrH`nwed#m;9VCAQ6}2U%u}(laL_DPpI8pSyU%+aA{ia3GPc6h z&A}UOr8+1EK{UM{&-MtXC7294Jg0>F1XWjr=0(8kwO$C0yDjG`DoM4I)DjB$;<`O1 zwV6Y(1MYC1wQZ&T{t~(fn*)<8m3E(t#cqlFc8S2`esLwJ(VK+OrYiL762)nK3^^*R zk}F2#JT1>)<;rb7@B1)37D!XHB_@59#CjF8oy?$ir=VfcNX-Fi0*yQnqZF!0|cgpXxR?@-lRwGESiuS!RpfI)$wNs z${6SKtwjQegR5Q;I0g?4ZWi@89&(dM`=~?t*Jlfe&k<%LmA~q z>UR6y65$-@i-#l>x^YQjuz5Q969x!=!nF6uT-T-d$y%GjGMW|XEK}MmeZv8Ia0$N$IBu2Hinp$@6yArO7^m6T~f$$*Knn_nxdi=tq?k|n(~m#;Su7>cgJas>ZR0tLB-g#70tla{$UXr&S8?hX1paB zG_-9k+SJr7?#R?R=Q-ryvm%|XWK7t*p>07f<*hbcH30IZpk)ThS)6I9z2Xm6OMITB z(yN+YAqF@V#tHEN9keso~L5lAlyjzG42^ecF)i8aHNVGi_@qG}! zYT4yRQo_{uLAjD_QH$qk*F9q05q&6OcND-WM zSVT5CNkzbPKayzVLjzmC*I+v&{*rEX^AOb=0(ZJutKh1(Edi&)tzb_f6)=A{ykYu# zJ~B^Bm?x(D8Rb8oyhnw!)4J0DeQ8ViLKQduk|-7I&5(=FD$o4{9F zXb$lt#h&VG+d96e!tKwBi6=plMzxC*P*h$+ctttM$`JKPOEPvHH(qqo7xr_d{w-!a zGV)Q0Rx>bH!6CY@+ntjT&{65w6<_{z@-q1OkdxZt_Lq0KVG?)=G^Sf5=ioF zLL|njU@+ar-J0>eL1fK5qBikqyVq^`;WKlcQU@-;hYX+w=bU$YY58BdZMx#!N8Oy= zUmO637pr+3-~wf3mElffAy>a^oi7y+-*@>eguJZ^)Exe>XCi{UWUuRE(XAaI}4b;Dlp*JdPN6H+q7vHH;cUvZ8Np z9))XJTE;SXi3rK`b{SIlwCl&pUvx<@O9LLJ&c8gslqogW%0D^Ca8`*z0#EtW5$4oV+zF7Y5QjxF8bM}Y$(wINa+K`_ylFl>i5@(wYH*Pe^@gN7Noy2KrLrBwwX*;fpbdLsP zsu%Wzf{TXibs?V!MU9NbB-M1yvROn7OYQ z6do_P5P99#4>p=uuv&hWhAK?Cy>=eovC<3N1;i9#$xpH-=*KjF$t-Y0L`%pNL`6ff5w2?(hej+l{$Rthi_Ky*@6s8V4Yy<-{L+EoR^ zc@pOHZ%X|lH9gyalf_kwx?#SLOKt9t!vJmtgX7P+EF`DgbC)8KRhv)Jdw7N9J(yk} zNc@-(&}=5Auv3!)3VQnjHo;V^eLXD{4yASrX^qKepNIz>V=za5=q)WvV^A^-jUQVPG0c{NH})cUs)+M;hI)4@jWd0_QW$T<aAJ3vyJS(EjK$XL# z)C1WoS+9>&y`dzSbx)+dv#s$Z|1fi_xFU~O$7-|3RE)lz0rNWNVy15-)!mhEzRrxX z)y9T}<5{bIXXUQ%n4hQoJaO*TOAFZo=}ULfPVCwOSh{Us=I$ZGeok0buDiJq<8xkU zbq|?-18f2Y84?VPKO>!E1el}2&9+CBY5fJd_DH4=kLt#>f$-$KoJtTR6F!!+BWVW$lfA3Jsb}?( zZz(7^k^!fxT{Mxj5M#T9*$=WBf&mPL5YE=*mi~vL3(p~%zmUo(MqN~nqBVqrLiOu^ zQn~-z+AYr%S6%$pkhfK)@o8faY}ST{Hb}=vQS-nv7vdPdWZpR9n4yAZd`v(CZ<+&D z7vnxTL!4$7AAaDVHF)_9GtLVBzKRcM7%H;b=YoK?!!@c!tu`sYx@dg5SMXpn5W+;g z*!8;V@KKef_~N5}UhoM>F7+#$xmvU=pU4ley}F$McGc9%k{}sMH;gH)XZY9f0txp4 z!M}J7X=(?@zwC6nE~X`I!rSvll9TO9OKxwbBRiorYEzCe-I&6z!DfOhi%~SQ7nT+_ zO$3cS$KaEd820`iKT;v3iG~Vt^h{WYHhpuf=bof!pwJ;h6lo{@uy5lXOvZTQWNKCz zq5X`-pXum`JdlPR7ljYw&`f;r2f&L)~aW_i_wvbUHecT z?M=7_Sj!`c!Sb934KDs}y$K~!(Ra%|S60b3@(vBirpAk(nX2=LQ}zAo6BAEE4}%>P zcH0#0yyjv|)x6|RF)=|CWNavIqr7AoyK3IsTyWn&ZY2g$r$<{=^74`jYiYL%znAJN zs1L^KbaV>6iLSlK8hAZuYZar_cA~Ig#Hh`bZV(EobQs?mARz$lR<(lKk4L@_@8>XY zabo&LhvO9q3~X+!`TyK#<#}vNKY=^D9Lrt# zefAxNFVOKV!5AGW>GH)%34EmF4l)tu&J_)RYBUtP!L?;s5in1VHgZ&BoNm!!D@*FvBFXKgV zJFceW?MWzQWRW0a;g|Hk8pApDfibNGWA7A@TlPk3t{6Qw-_w39utWEp@eP)m5aRnF zdtq>=vZMK$gp=EV$8P;k0sSu*jMckoSJ;%({boV*FN5CeGnI2Wt^T7}48?84PouV= zivy#E=eb*_1t)AZI!KfrZ;DWUo#4?u@W63{jSj9!%iwIzbY{^hhACdy^wxsY9??!K zzd2x;k}=0c*HRsHk+}nj0uC;!e-58qKZ@gCFc6#lxHea6IqI^QW>Efum!7q5y;rlgWWy^=w zr;KtTP_xX)_{uqQWp&ewHRpkAf53eU^|9blH#PKa&MC396`&|=YU+4-WV%>U%Ulry zERYWE#iaRjc12rS8&UY8P}(k1(Pw_jif-f1Pw~v0IEVTxnRUzY0EI>iA$dgeVs~k_ zkQAeoRF#bG0v2v%$O(K^rD8-gvH@ zfoF&5VMmp4CR+Ime~+Ecy2l;(w+~N~u}9OdZ6ikW#CWdqt^YMFUQryVP+LTM3m9cE zTU^$62!0F{TnfB%K_h6Y z4c)J8+b;uBYl^})EPE}BXX!EExKgz0s{BQ?*`&6wA}DUjeEG_lI(tV*B%x-WDM|;HJa0*yOkq{Vdhfn*Sgxw2$Z=bvb|bCO*y2X&3OgdvnuB zhM{wa99xi3!!>%39|~1SATf2V;1ZB<5hoB z4{|H${zpe-euDmC+jgGId7zHhbJ5s6Yg>V>KKNCvt-=?$G(26SaFpvCMr6TU&>!cz ztOCvk=NSTCwM|RCNzxy+d+iQ{Ovk^X7-H&}&NF4G3aoZjQ17wazPwAl#6MW@yn;}R z90^^n8dvHeunrS|U~LA5gr!o_cw?UH+&IS(In2nX+$)NjIf~d$5{(d@u;p(oK)-$h zm)AX3F>23ss7(*;au9C%o8qvxth`#>_44j-irVm|dcKjYle#9#@38BQGqXpeZ*IrZ znQYM;$HycK36~M!5fpQ@@6YOciC2jDA8&+cQ2F^+cj|sI2-X8@O#YO-@*GjiKNo8} zW&ms`1pf2KXAi{*r>&M*g8h9xR*Wmh+wg>CK!>g=-ObxG2}_R{>p4+WMIwKF9P&2H z8ceT^XZ^C>^vw49l=tZxm$BH(QY@=t;SM<0Qu<}Q97n0Ac+7ZF2p6M>R%gD5W!Myy zx;cvJ2gQBbH5H7WEtIVYn$zc&F*3YRs&Lm;JDW>C(X&#Ujs0Aoa7Y&q(e`DCRVUcA z5?&PCt%WQn%)Hc}h-vjK`n0(cuc2P2P(GD-Fjxss!Yf!W5|GDL_Ux0h6cpOOUXJF> z8I;0$#Ao){>}Mu!irZF_WNk-A9^Me1L$Fx-x#oHDy_U?@GvNS<2s|yb(KZp}U0o0z zo^y*eEq&cft&1tk8;+-05@4QQ5!v5gkm|ms${sAKp!h4?P}l!JsXeLq4T- zH*L5T6`u`n=_Y360IQHLS<%(ZeCf%kkB`KIE0_8z_!?g?COH zw`MHBlt_C(eHd1%=>%s3a$e79xSX4Grd}7w;}tFkRpT_K(?9iCM4m|7 z&&V6%#W6s@^H$$ACQl~-5!2WC`3J>Nw5+Lw{@YexP<0fp>heIiF(@0}p2V}Jk;2Yd z*c~>?F#I@DsAk!;XbGKYvLRc-88IqfU7o+Vl`im}3}sMmJ;EA~ffMk$Oy+!J(v?(L zsO6zjjf0>7D_|`Pe5j0inxPY+pS)2;B=Z4M9O9q06^yv9(&oKSCD^7|iKhfBqUew$ zjfVEGvy#KA31LTe2@tL-H9@$WzbMz+uRqJ0e!Y5o>qXp|q)t%xZ7pq-YObHu;FG-& z;+T|d!n)g8<>s;PdC<1=QwmWb$|Vx0zq5hclG1)I{I88NeTGoI62cVC`4B5+5SAzV zo1)kAqxdu@Ay4#Knq#6;4{WknadBqxk(8f|brH<^J9I4&Q>3J+Wt_Aeh3b2%I?UEBMq2z!>?U0nT9obI)x65Hx4 zdIpWkQ50j8Qjbd)%FG`r@p?Bcr%SLDBFlQXzpF}ImB9diu4S4Im_r&H%kz2kE+ALC z6fHHN$A;d(K}3cS++E<}EKcDEhlZy(##IyQHAupA2`P?)5LF;uovUaEmY);s+!7mz zN2^rO*~Xc@UH#TQYEfOmlBrU&(UEJYf>Th~kngP(U~UVD;$R<6$`kPYhw~lJ(n8BZ zMS{cE+KP?J^w&6zA^WYqb>* z31cU<64{&;{f`qAt!Ap^eg5w+EPTAV!#jlmmyTm;d|as^FoHcarY{ls95CwujRiue zm9aoDmr_yPpL#*!hz0^pvt)&gagW zJLFGw8uAa@!RWUT2+pp)KDAI@*H6gW&ieQiKB3)bx@G!$G#nw>&5st(e9VFyJp|aR zD)>8&b$bptBy&Zeg`>8JVU_Eux%(0$$G<7^<#5@a1|!$C zL1Eyn&E=}Qlud9kUiu^yj4?$xxqd5i{TJpCEZa$Vf&)8_SFo>APivT>%<`3szi(<6 zJ?0YE>`Y=9tr;nl0|3Ax971h8#U)YOeD(-1N-4+3#&X<3(bE*Tawyv5WVxXxJw~ zKE8eF=h@Si5?hT92cZAKwK4y-9BXLBjXcE?9YJ1o*eolIvo&=}awI|ybb|QRp;7^o zUAD9g?DF6;J!zn9$$r<1J1{6hux3(oE46OE7(xgHEN96Np}oYYvcJSAWT52WOTDXx z-}9hryfMaKGHMJL_^Ue;jjM+Q)z=>ap?Tk;j;5Re`5aXRCa$Kc@@m#LM^ukvrfN06 zb&2~|A7{I;=e@Ql)>Kn_SltEpc8R3~3t1{PC(RJ78WY+_L#&9zteR87{An+5T07~Z zjqYz^^qlG7-j_OoPkek#Oj)I=zdV+l8l+Y4h_}9zV&OC`d|pSqsT6R2KZC0;wp0_x zCX8@M3heq-AK75X-xo7l)4OJO1n3yc6Tm7}$gl--u*#Q6XSF3Qy^`Y|`o(}6$o96% zCJZBmxo_7Am}_^eA2b%OSa}*68fSc_5U2WYD(heC6Ll-SX>M6&4gBg3i1(ACYBxVC zqky_x_HOpjLM%aOaPoUNopa(>rpz}Ms24H&c7-C#{H&f zVl$uPZl(;rxTSTq@A=QzNnIA=H$}2sPV+WRqt$PUSHCH)|397>Uet;Wp&DUs+LT}O{fF0jFj#i znBKxf-_XMxmkgykEsk_-P2KyseqWj#kFnYVP(#ZS z8dHiClU{o>y-y-%Uk8i<%SLHmi+%E^a++qk2A+|EIPx}A_gIv-aA!{s z*UHu7nxf+lyM2vI@-(o@MzSOsDu4Ab5b|9$c!A0G4c=W_JBJ=98_7jF1N4e~{!_rw zit^z>t;0zm(S;~o?ogL(Ka@BUDY>QJ6^#aSmeuJh+mg$nZI7rk%ttMM&T9pK?Ln3J z9j)mjne%RDq-hl94{K_8Xb_Tu;DQ*;P5qf3IsnPVSiGdsMMAK|URqsm@yG=3n(RN( z3#RTJlU*01cNU(h5K1@VFe)}lw$d4F?xD^^^ANCuIWJQ)A0gv zq-B=-+D7YzEL%=pQ@Ssl0n*5zq~hdGSKcV4AZ6?niU>4_$a)ef=Uc zvOenDVE*R$j7~-P?IO|Hh;!ekR{?B+{f}BUSAJ6iQ{}Y_CikcH$@FwmCW$9 zuwh`eakoo0gbt#k`Q{n5zGC2TKrv$dS3Lt;pC$Kiire$<3P0;=gO_cNh2OXWVtusA zcc#?`*hEZVCq><9`2`)R->Q;1lB_Kk*j_jNnidi{JfQPBI#MetigElhpPoB>Ud_y* zI6Ee}>lwUxT|jsXyGlZqvt%OjzuD8ICq`3aetE_8S7mx)aCYGAAgFd$^*n4c?Ou3@ z5Yd}1xEVGtn)$6@nQ);~Gdyax0*_dQ5KlH2I(8@c-u;vzzJ9{aM7Y zQ6?uaAU1ilgziY`FqIWUYGF6L{cy3bgeCQyx+Tv*6Lf*dLNRc&OCOh7X9-9S6G^t( zPs=E8STX%kq5oiz*j4_P^9a5*Ras-#fD?FP7ih1znp8q2^y?y+;?5uTceYo(Anq$Y zdZD{upoua|Efii9V?n9Im(xQkTv?#2Jd3|GK*Ih68)QkaobdXP1NKv@u^R=%9iil>z93R zD+LsEXIz7Z@XJ#?^XB}>jMP<>8&2qjpC^jCo>3o(X8U3xEbdi)C>r(4NTKt2ub-i^ zPri7FPY6RH;(3-H9*ttu>&Y9+YKYLQ*fbV!Wm2o(yVoSALktM2wM7f?=RP1~7I;Ox zL<6>aHkLzd&uu`3NoSXx_Ue310jBi<8d{XA*HrcpN}xqpjw(0AKr#7ke6 ztM?uUP!E5aY*$r|rN*zP>UyQ<2ib%v{5tF}kmljUU+pwmWgTzH4oBDBF?TdF65$=l zoA;5B)GB_nB}^(*u0C)S9i0@?!)wmNF!XENA z@zBVOFWxt`Zw6#sTh!|{Sm(A~08_xF&|fBp0H~=^)HJz}-qc154vzCnZ$^{216KVX zOB~?VbFLEE=+}uCy33R0I{XPkhtvQSfbFbh-yoXPGWWRN9rHct|+0W_^!r;YJuiIC8HhIZ4boFt!YA`r-~qnU;3*$Pw4Jqb4UmKi?F=}yU{ z47JtABkL5c19Uh^80}2~&ht3q@UDI?lC`zslsCY^4%&aya9|Fl7S1RV71cTzx&RoQ zv&Z_vP#HF^noiDqtN^q`XX_`uyM$do&58EfCMJQ7`-V>k>~&Vn#gcaY?S~dyz7?CKJOD-iAzq?aiPBDH<2h|lp-(XAfd zExM|p_E@=>ur%GSD!Jlx1V09r0^Aw}SK1ti!VmnCJjb2=J_;1Vq4qH^2M3G?3kp$; zk1Z!G#8{I?!Kwc&!Ai#BohheV8}>geZ3gZ+$w70WS3-=Rhk7IFu^fmF)reSlBAp#* z?z_#rg-zjEJp-vs5#hXqH&5NZZ5+gxut7DY^RR>yRZ=N`XBZ3MOacv|si;n#Bk{14 zu^@FYisXgXM%=(Hu%u8`r?3@f=^c&cil~4Bb;heqVsuAGw#JJ}xnF_bbJkg892>3) z$ z7>!EF$uN=~xgvvAfI$7hPq?z=*=3hu+ZHcIG`>tTSP`m7cAPnP1*lc)si^1?_X$^0 zliiI|M&{)kG30E1cU~1sWx;gO<7jMEE?(cs@B}$ZBXV8XaZliULAF-z9fg4Azxo6I zw{ef@VQ~G4|F3eztJFzyDNMNB?4`{0+uWc&N6m_{Os{z_#Vxm6oTzfz1=TferQW4RS*EwN`I6yVj|DgvoPkPKyV?_-;v{-^rl2;=hH;Y;tBi#)EDk(U0%eS>hhbjKWCTtQqg`t_(j4s`^#` z;5)6s6I5}19c@P5ZqH?fDNHAH`{h=;CxgTgX1-HW)Stya-Q#u{tZ@QmBkrNX>z0*o zJ7{JC3WxGck5o*3 z#}Xe;Q}3rCv25n->>?tvZHhvO=$aA->%9U$_MK{=XAO&D{et}qQsSVLGi2E%_N72p zyy+0@Zgfo!ueJ}IUM6c4w|;@8+#GU?;Y?Svks@KAb4+%^5LC zO(k3qdvypuDCo4G*=0$Ow-} z4N4hyQs%$9(kxTo(MRNvM$3s+D2QIV9*gqmsFx(*L85lgym&Q^f5%5tN|YF7;`F_X z!7PFjB66?_Gr)AACLi!r%SJ3cVCn|5IeC$ZlL8u$f^oM^)P6~l_CCiXE*E|5iXT(~ zw$dw7I?ZC45A)vuzYi2`G|T1CR{b){&(bk!z?dj8P*J5-`3XE4`)lqqY_y}Ws{LWM zYQYP8@!Y>-BDOz|THEx5P;pjSTl)!#P-=kmiDP<#!u(|cX}%Yn*`r>cs*a9ld0_#C zM43^q!B^W@P3_5vEPxb5sFZc0MJ1tWi;bl8mHFr2F7^^r)NWBz%Lw!-23Q`QGG*t z+@A9tGy7eBG6@@D?+{4$vsls$)1UKmDF#Q&8xSGFK8@^HR!*2s_bdniNevV5b-Iwb zu3w>9av*yF$N}E0U#LBk$O`QI@ejov>#zTt$o?NJi0V&tRF>{OcM5o57>YL?(hDL! z8V3pJ!Qc<5=%SH`F~j64qj_h$AHwY`-rqVV`pG)E((?>v%~hRfZHn)1EFtOjj% zdhd`fKI!sHas8MtIn=d+F8uR9pyWupst#vL$zzSB zj9+yY{dr14JJJMe{8&{qj{D)^gTm1e78PRWgZwe&YNsVf%Va1Y>(lFrhQRYb$qwA4 zJiyZW9-!>*rJz!?t46wJu|E5A?dR0pN5nS?Ssw2E$kOhqtcKH>-kPS4I(-D)*F|%Y zF>Yn&_5p$xE@nubuat_rXDDA4yW;4r46cSIkqi6Fu1zT<-F`4@n%w zN@IBv6WL|A-=OiD1^gzOIO9Qu*@h zRY$zn6ioxbpi4`_KJzstr>0ML{y8#H%W#;(WfE>=$WaFkD(CD6j&)=g)OYp9;$zli zq<^|IRuvP@Tife2#LMFv=>i9Z)}2dbPG9F(GS_Ppflr6a1V_{@+?dY_0UC}Z08?3) z<5*X+-e#glF4Wimknvnwu-Rv)-Dj@$uS}0=`cH6O^Rv`S#*mf-jC-2ilor)`EUVq> z$)j=BFF&2`wR!S+jno&8@iuCvZ5E8(lYcO^#{^m7Tp!dxWF;h?pU(94ITVnoh8zYN z%xwh1%?C=`lGx*p^fBB;*;MYs#358?^6oxcZ-hBV$ zaueST(}I6D)uCb%UdZ2Uw^1?D}_6K|r3 zsU1W%Z7_##II5S&thHNv@a;zY^1Y)LD?QT&A>6>J_T(QNWF^>Q1zWIA5h zxua}{BNdJFlZKKle)xyT9zF}I6f`S~N8}AxusufBhef|J&w&tmOxYENW>y{Z>z4Yz z3=^l!=&ENXf^-yYNOrUG%7h7>}%GTl*#jXGTAO%gq*V8+JtAAfv z8#kM=NCxn^>}v-Z!vZxA6OUyAf$&P?u2_-u^>GVt*!RHr@^#}0T3M`qu15YaA0MVK zaj0r^R8$lANv@8}yv(o_G*mjdJIqzGJ!IWhqY0D{bJc+sc8y0Qu8tpO5*yh-O-Vc3 zG=5olSjQ@g(W4rOYgiGqU;rxxxb_C{pC87#za1|XCDn-^t?$N+&bg%shhTCW_nZY5 z_)8m>q?8s?!te=m8uczFD1{hHEgJqZm*!!Sx!PJ@?%qbW>^_S_^@Y4JztOb~4~Mv| zY;hn%Gppd+8WYc4julx;u3YO(Hm8-<=V!YqQc_$~IphG-j+YIrBBwV=1tF35XKlxBoK7JoG^0n<{90D~}VvW}%@A;rrKpBvi#od6( zXi|=d-p;L#Y*%QA?ban$x7_!>*c1NT%)p6-nJyji%Yyjz4~ z_uP|aTDBgIm{MNyBqA6PX}W125T_i1^Djy=QZ(xX_u%`bnYv!Vl?UX{_`P(#t)J{ zt1`hM$04w-;!qUtGK^{6$kJyBs%nP=iK4JT0ctW;Q=94FXRCuOxk^14 z!qUj&)ZrA{`;cE>hleC?n=r|V$>!jsA{ZBrS6K%~92ISxr0vxraXQgR)`{NM;&C9&;0mKJN3-doNo0GBU+NV@kT4o($OI$v;Jx$G%X1 z(*P^Ws|(gSsL1RXv9$JM7vue`R4F{Ib^A=p4)D3`7@$-E>P`V7Qhqh)o?jp24*-_J zw{}IxP>h^j3_5BOyzZ(As2VJ_1`xuudI%DM#v3u2*^k>*Kd9Cy(Oy1_a9eurSl@+l z=Z4K86|Giwp4(u(!m{werUOq+rcLdt4n}K^qTinWybv|E&BS3#><_z-FZ(`R^wkD6vE7(?eu}0DI#)*0T*K7iM~mH6_FwzC7Z36C*B!bsG4ydmln$Q@_??|SO$Fx z>$}QQRCpKq?~bz?=)|i-QaVO2AkxSH=A(sC1X5TAbHg2IjB)e zuQ=yc@@VjmQeeqj?P?SxmJ=&$cDbx!k1Vos%DUnrYDUZ6$1pi}AbU*gM%mJIL#Yy@ z*FldRuTo^cr52SX1@2uq52?k(-&*`7p;L6hcrAkPn~=Q*@4$HL~8ag`YBl@x98qj;Jyl@hZQmE`0x_M4&J!XicdZRsexYC)gx`3_XU) zMoqfua2~m;#Ic@%Dpot(Q%{-TmPBrTx1p=IE=B6*2DF})GGOF3i-XS|kjXUU$Xz0I zrugDtq1;y(ozy$aEe#9qrH+Yf2NZ<=@8IZ!pX%Rym!`NmX?Si_Tmdpg?7I`B<*Vbe^WEMJKB0VZL}4Vb&O0*hCM z2~b7X8}$o{IM->{4w;7Tba=5 zyu_wWS3B!+Qf*K=(<>t5H5VcmwMT4a4|6r=zrhbA4UJ`5N~Kd8|5{?*oln8 z+pM+=TyxxLlq%Kiq{GIoDz=U2zf3fQI%;5TdLK4x*R1N!7L8dxxi6Wh@FFkg?y?;r zrP^Ku+O$<|4ib^hw0MKhABu&!%%bImGB~jS=8L8Vz~K+f1Q9Z=aYrAk6=ZX#391cE zj0-d~r9S`Z*0+!zmgcD!MJvBh&!LNTJ9^%jEJ!1}C%o~hBvS=#1Of@ryB^?MweBAQ zV|2E>Sthhle9EoV740n}aob16I6cK!lS{9Y2to7e{NW;B#=LddgRhbC%E@~15RoMw zoBquTM|3&{>jkFvP=*}}AXJ4ep>t(Tvk#fMcbUWeMxLcN39IVp>c0tL%mz^VrXR@8 zbYO!5`OlUsvvGo=(`Be6NA6evH(>oI?~mVZ@` zJ-0zt3j7T|m3o$C_EE9<-+ogZMv&IW7pIy+oe6CO$o(;Z%uns{W*l$%e@wcDcx3_a zlIb*lBy1EPy8Z2h=^VAI%s-ILI&OA`C+p#;U3%mY8coHI(3Umh zI6RLD;`t@+((Tgi#q#G$oxR&rEs+w1UJ1%x$LbOsPazuNTQ8B z!13iiDqj!t#KfOW%tY*c&afM=2<#$AeiBGb%q_I->YY{qwh=4EYvVS>*aFC>IlflRa4+ zPl4Q7rl!)qLV~`7$--GJWV_q1QA65e|IRlJHDIk3;b)3sd7Q8FD+>lZ$Iro5#iG{a zZKJR)zoLPQ1S7K5hT$;vcPx6!xPntvUm8r8G!O1TSyf|z-w;K+$A{pU(v}itKs~c7|lwP-hG_{x|Yn9YyM{r2YPkd{?AGN)xbmoS3 z1i2*Y46V83OJrb;i3Ariuzp0fR6n8}r{|5-Y1q79wTL!CxMg;1LKg$RTa)cio+=|D z*+tf4h&A_@H5oA^%-OQ8VvJGR2ujNRdqvPQ?Xhy8rc!bu@?<(7RvH+7mp1A~a;W_* zWdF@IcTVTLnFO$5X)BCF(eDB#Ub?f6pr1ivXA__lCB+ez(J!8njRyf47G z^hu}gzKHrx3dxg~(ZrTVH-i~d*%N4vGzBb%$D_zRle*{d$lsOScC;sA$;wY(Ia$JUy&3i{-4Fvi@e=(4Pjl?v zezEv8>@pgnPvGpA_T=F>+_jan>7P%TWhd;WM;7xQH^cSp;gy!46#9ou@ql}>WN-6x zys{WqcgGZM^uRxdCl5ME@XMsJlb(DTiRV@7)y<0uxhh$WSuN)wz0v%E!Mc*E-6Nmh z9-j+m*RIu!^o_8>n86JtKwi%Eu4^}1xyepWGT6IX=qz7lm$IL?S0m33@}}UHKzVPQ zdj`8eJ7gHgN$N1eZ4}f#&@R+-ydN!%lU3{%G%!z_OW4eS#eWX$hlq$UU5j$e#8*2} zdb61I&Cu|M3U}hQk<(mCM!YcaCk_w*;TU!qAL~`yzNL3^)bpEy$ikYPU8x{PMpi#` zN&Pf<*Jtm?2vM@%=T@wA+t)n*AV zWTX#8mB|r$_I%;0K5DbTSpR4%{=3cyD<6tsm%D0W7W|GR-vssofiC{)vz$><@4Bl2 z&D05+ubFgAGcTj!?yKtR>qg&!Bu&`HDqALLGphG}$E2a^dSoR&IrapJZBUEp)RB92QPn&f0dxH|yP0^dCmTw5Q(GX4v(JZi;0C#)2I4Yby(+hcd}|^20#3 zb_>ev^eOZi%sWM_0NU@mwrMHtI@%QV}$}}zo&=fUGEdyjU*bljd zhRmC@bCB~HMpP%_`?YI7ep5hUI9ldH6*k%ns%wES%5u%ZSK`RoW(~|JbMcEd7*bUu zXL6NL9KVcUOt4lWFsvV$Dl1yHrh-1SI`PIj81pMN?%HP%GgKYkQ*vWVNlDX`YT~e_*rVk`od+m>tlgxy59R}+EWOf(WXo0ULUUu$)#Xmx#`$rvP zcJA9n;+`H8M>(|+#x+(F!zpjc?RIJAB_xzEILLa1veG8!Wg1vb3_s4a;>znmOD{g| z9zQQH@KSZG&RaM?sY7JtXnlTf#(TdpmbImN=0oq}OH%1q83 z1^DNN?gx4PGU%SKw>&Vbr=Z2hv66+IxfB$_p#LG8FGPD8NAntuf^I#(tJkraUGyYQ zV6+<+(QO1F2VA=$0#sDq2Mj+L*OW62fto;KhLuN8YiGW}qZvD#voax18lllC3FnR} ze&uK7a%FIn>qF>1s)Vk9`jb78iZ+av&OGV)ie#0pGDO}O+OG=UtL5wsY%+g(q4MZ$ z&?nI%QM^LVvvk*7GYo)l%=NF(WaL7MM`7>b3Ehi3Y%_IE>`jAO-?q;Js&wE@{C#y_7ARF z`>#%JP3*%%J;-!0u;aSXI=BFjqBwFZ(ufmzfB>`=rYtL}Yrp&4 z3o1^0>Jn?ufeC%igUs;#63BR@RUcuoDE?NU z>NddXxklM^t}8EK`>LS7@?<+OKEkyRqQ@IeH)WUVVHo-*WSY&BEAr*FFa+Q(8Dz#k zHW|?n5z_V-+pIoQwfExzn!wZ}6MD^PO3K`C_{$WH+2-w^12q2^b8j8i*7pDTa?WXc zYS01&iWdpi0wuVgB7p=?kV24y1P|`kb6TLdgplAANN_0VZ9c=Txd%o!%p~HTUE?7zv=Ej zv0a<|sz!!Pk1hetZ7J7aj%oTF9Gqh%e%#J^i0h6y7K!trEoPC89Wph{CC!pfa&$W^ zQqN}uUUkv#O1SV$^tmQ~($>&H@jl~K<^|wt@x0a!BlMeSYvp5#kd8kNWv2}jUFK*D zb9K3RFvq?55G|p2N;<1rB@(r9g!1{<-)u8t^K^0fg9{W-dRiq`LOO+7zemgd3Mo>C z4^E_hY}0Xxp{1pJ+4Ur3|E-<_%Vg=y-n6HYnQ7FRV@1-uH#JVQG}#@m)I5jZJ1D)T zubx%Zz~}aXNsdv1Nnt^MsE0h(U2CQUFTGhwd$SZkYf6VPG=JhJlDDAnNbL~cPS7}huXhuP|x;3IpowK46=>P=q3b28Jf=PFl zEdi!F^|h77h0st~R6zZOL300`p^?4VexhG0f?kX1it7?FX`L?waQSITX6o>#+Q;li=*wm-T@{dwE zDr311vKW<%Gx3AZ|MHg_XMT&_cTt;nlca3k-Pmzji9(6eYhxhyDn08e{j*@~v&Wp+n)Fgb&ad+m_yW}4%$`#N*%o>R$>;Az!u%YClUIk%i1PFk5xXPgXGFfj zA5MaWM?pA;*+Pn$Y?x`^v1w@AbmpF1$R$wl5*O9oIqQOhA!qcYjKG2&!EF@rEZrDP zcT~;Zz9J{PS~4(zmYw7l5gzx_z9ZAgVCO~3sZsi5rlPCUU*5&betbHVJeSaHNMqz0 zWmGr0ryZ<>Ing3zX{q=q19mBAkRz&}1zDDUtqexUh$fUai79eg(pK3Dr)xW$*OYW$L*REL7V^=5n!RgB{^@Rp} zS~JSoar(=i+#2&r@!o%q**&%Fg!`)0N|N++s)7|9ek_3!kGQ-NJiqIX9kP zrwI^)Fz*W~NwCzU7PN!+BT0>b%=tn+& z$(X0HLqI|&po3KWFfzn7;B|!ZB-KdNxTY2?eYJjzGrARMh;MdMqL0t?z(rO29WxQq zOUhFkEf%8aM4aBafIyia5p$nle{D^iQiYnM8Z zLV=V%yu>?{XT}}Oilw*Mw8j5Cmv;dIK-?U;^=9^H%!q zdtmOQdRe}mz7v|`jp86)^~3b!y1VD=&cqIlfzm+g8;!7Yb$2ek&hrN%Au-O9xlh&7%P%yer~L`z;H0b*oS0?q(IrhN@e_RHUMPhcfTc7&<_dBbkmHbVuI{q zlFf1TR%o_IhE!1HRV9Ve3;jd!i{GpSMWB_RnKy6qW{Yd??fy~Dm zlEHoAN$^lye%wewVBeJ8;;<-YrOWr{p?3{lQ#It2j|_MVbJT-`s2aRx!v${puDU&p zbVd3ijUbQH@YRx?6UQOvar?|Zx)?W%S;2N$oeAoQMeVC|@+HMZ>0E{R1cxy54B_20 z1o5CJ8UJ8879Dk+5qcOaC)@SmT&&v+%lrQ{Fi_J zaS!)v)9S5Zth?5w!SG}ZwWBo4_ir!wO8f@0baNY|zJ~N*H4z)SXgvViJqM_IKPngx zSS;rZYj|GM-0{BUvWC#oPBH;^F_>e#Eu;OLZ0+&Jp6|zPild-nZ;`*r5(6LBOcl}n zO(u3$bCDsxPqD_;UcMzm14`OEXw zsGV+yOg$3FsSGyLSusafJH0+g>{ad$9ICrnsV0*})?moUp8Xg1=zmWEwDDgq`2Wi^ z^pF2N2k}3@mw!2pPvnY!dbcin{ZfN>lT~mmWWuI8y|xZJq~GR=8w;54Cn>mq9Kt%6 zJ2uJR7x#QfT{0d6d53;l&d8smN!<0w_(?81-R$4=WXY*UhQ){^zCebllhekz(bau{ z@;uEeU2ctIO&lU>$y^R@iWEpbmAv(b6cj*a@Lb1`V$KPp_ZkSoNL9Vf_+?6iQKb9( z^JmR`ROy5euLu00kdYkr26bfazp zq|cL6%`zRQV^?sj7D9xAIZ4{hkxWvWqb%R31KIll6Z^VBW%JG$-|@$Bb*Xt=X4i+J zea*=8{TxAS!jwlsTN7n!MBvC1wngo{aaQrQLV#X1cx-(dU|d3(qShTYR8GO~WpwsD zQ4$J`OmXO}Kn+^gMz~|3PzSfRK$n0+FG1}*O%J@XCNMwcu(;#Rx!vL~WVqXZzm3AB}j7 zEcUg;KO7f-JY9875hU%hp^hhVO7c3yZTk(>=WqbnR3Tul1Tejqe4drH;+F{#|0YOb znMxbCX0aspQ6Hmg46V!2=#cuxuduRB@tG!syW%%)2tf|f>NZS1b(zR?3qMe=-wW5jh1y#k(A8#v`o?2^4w{ zH1eUgItX!P$wJIr!Za10G1OYA{8!U~j>sEXua0F8)N^{BYE;E$Yih03de z4YXk}qceA%nueM>ml)oSM-s(vh(10MhW0vVVqKDRDXJU04ctXW3p4YzDlgoF)AVV# z%N%B3R1mXU+NPgwco^xhr5XIzkWs^sp;tSy*FDOPTN0U09knWGH*`joN?e?*YZD3fJWeThB3#(pI2sZ5OtAqJ}^!6}!quLGH4vG>F*)3kSc0 z9&hTyO|IR-{woD&g9EHFCyIk?R#+ph*>e%zB1 z49mdEGBc0Kd8o{YM5Ce_j=hA>l9PHCrWEFyVTw+OZ!WOZ8bdX0#@t>c%5f~4Te><2 z5Dx%U04EwK+&#5aTe96E^Tu~uUiyO zC4e0eV552cM@qUVPHswU|;m2!oRQC`0fhQJ>=SE62UzjKL9Q|03G)s$Fm*j1R;Ym-_~|6`tgH|fK;hN0LxZ;45|i`S-gm$2t568T%4aVVtuX*`bsQeC#&05GH_7PAt6%G*T5i+75YK9uZtL86$El>zh^IXhUL|s1}b+r>xS& z+W$U*A^{gElf9?u<5{8_p5rU-{~8YbGV4ezk^aE<4Xf~jPPB&2B}>E;c$y$dA+vx+ z$;}l2`QsU&@EPP&YRk#PX3py3q6}Q}xRkM6!ake5(R1q@9g&dNby@eUJ_?_42JhG> z=6Sy3AlB67sltAuKWn8UM)+Nb_o|Y(L_lHtPcDf@M|>JQU40mH8RSSdgtKc z59Y@uejy6BnWg$)V5z`q0b{gCdXOl6!0Ic{JHXfbmBf=yGeYWSajH9B2YIKQiP9Sr zwH=yLnd^#ijU`XPOLWa3Fu%YZ?lwO>B9fm1wW5J)k?f!EZ;+ZaPgpd7)Fy-sje~YF z$zQm86zHZ_RH#Dq6U)h~N2~HrAOfE8JAtv)cYn-fDh?h!%MlOwH6yXiGdDnDU!UiO z$CR2UJ`?6v2;_Uv<|vlHF8*|k-u9q*){rt28T(tVZUJ#$OI0hHF+U)GM+)uE+7Fjo z2X@iRMxik}(?1>ZK}I1YD_`I=Jxh1j@c%R2^dG#7r0A@mp{BzbR&8yQ%}yz`VA7#K zqg!|fuI9ao;AF7UOH!zd?UBhXNzNQtmvPfstLy@>zyV))A8#<+2*S5r3+lY$R!SH~ zb93-rx)6vjI#W+-eX`P@CcS4L?~?T!(mvXxWLzIJddLM3HLbKa5ENqQ4fAjC@R7)6_=vflB{LRyxxJCHI z@V9&r3Yp2*gM~K3E@M@uy#DyFVio>_7wtc~8Aape2yfg%zLrmNEc1hvQkD}mHu;SC z&xi*4Lt27)j7iFORWRMyn0~0oGG3J4!?6?D$zPfq?5f<3(aAleW|-(Qq`Wv=jqsq3 z>ARx@apeS&T;Pn%$N z4~~p{JBKk*^HE(o_xvZKNzn35x#j8uEf1!Qfg-s~lA~*Q;A*cpuxQjwQ|8WQJt5rn zDR=mKu|2F$*ws2OdHdY(Y93>4(*K^8C~dlke4|~mZ6Zoicv`d}%Q}u!TdsuQSFRe; zz1u{PQiWU&zA65uV=fewZfcB;Ye$xJq&(trj0X9090}TnZPxMk<(-}fg_KB23VaB- zj{2L7>a-R6hx5amn|akRtzx*~3gs>vTV1)Qq#IM*xRYPH&be*^H)%V0OZgp|Tr>P! zVzHSKu13ofi>nGonYkp%V-gk;7yE*~1x`d$IA4HSt~XKET%$FGw@KAn(YEg_)C=IB zy=ID_`Q9?Mjd>fiYEks0d6}fWmUbuouSo7@8vHY^BC{#G0j0;)31`41ORwP&;P+vde^ zYmuuGicD}IIQkJrvf;+)5m#X3kRl~B34|t=TNj3^5SDKjfeg~OiSr#D$#!)b>@uZW z=s4FqK6;x}+-hxM*)yqAnqz0iS7i-C43uCkss1$jv7)Ib_-N)WQOQI~*UIZ}vimsh zn*t%ki`Z}^YL@ZaZH*0|Yk+NsK-=TJ zrMd^@j!l+FN5X>1PXsipik>5jocjG%i+Vn;X>4vLCG}YFJv^&4LX~86pQJmU9w$>0 zCnw+VuR*B`24oAt++1l*iNUGJmFzxKTU_lPOR@tAi=cN1ox!2dDei;gVY#zD0dEN7 zxX4%c{6?Az=mL`|&cX-Vd3DCw>|C0xeZADcJ45Kv>?@B~UO_=7eJ;>fL`Pqb6xrT7 z^5N|mb;V|W4VEbM2xoND&Wz2XDPpd&sQCTJehrZ{Oh+Ljmf{1h#y+Z3Ml2!l#KG#8 zJnen&@xRHWDPC&irbcK~r9?RCfcu{CzgfddghD9~@&F+pQ?OCeb$$@Gpsv;b!rgc{99y@aDtLb{r0@t;KDBbDY4zh0) ztvsa-O&Vwf52*&<-cs*G*^tZFNZ74BnA)L*HTyZ*-0>N9vPf}9PtB%@%(raN>^?ufj z(CA^;-HQD(Im#|_6^uGID7grhzg5X~Ow>FNtIni4(lmDMZ8v4;^=U=M(K(2CYwGzQ zJcVnu3G(zBnzF!jFr1b2mXB(_+5S;htX^fnUdkhms9!6C5eE43yZoS5Vxj0yI&ad! zl&n@6*A7M_8P`FFEbpT+zw6n%Y?i`S#@5sH>tjz}97%$eDg{U^D-J;en~U}chJnQP zg4VPfJ#plFy9*x-3|uV7vg`hhZ_#Y5bOVykmz-!a3xjIx{@bc9hou7ZjTqbo+5Kdf zf5iV6SXxOVeYw_ibfna(vebTvmXi{{c>nUl`FFfv4i3#r$W`0Eq(h0THm&y~wG`011NW8&BDSttMwTiQ7 z$8vz==Ef+oW`VO$*Z}D3f5fpad>OK5@{_UQSP3|Pj${HYACLo2(k(snl6d5Orq#S zC8j&o804prh$(?~_)^_ude*}9gK~eZuN7-zBRQZMXtr7~#3<^t>ZaZ5ts8|M)o9;H zI?#?O-?k2uvp0o8RLUnsT8j`z5em7+bfyI#O0FQLrpuy)gFoD zBEe2@P-1bkKu%7Mh;uV3P_km2L;#H290B3-*p{QmQ#x*)vWu}jm=kX9;Kc)ZE)%rh zEF}sv%~>6d3+Kn7GP+J4rwr9(nflfMWq}^mRG)eLxM;G?e%J&V($l{-+BR_n)Y;^Q@bXA zGDQ3u5yIQaGWPAd!1BC6%X2Fc@BZo*Cc^L{^VUNC>hm_>HgOM6mvd0qOSKs9vsME5 zo2)Pgc=t`X2sjoY4BIxid9fLLoO%0^S1$cU|5+mIigtN)B3O_L=Zuho_sPEB z>zBzqJVIHNdPJ5bnF7m(ghOBh+3eHFAKu@zoxgYL?r|KV29>fwMD_}Pr8H?O1j2GN z2R}0G_{|cbCAu4le84ngJU_(f5y;PA>>`)}zFN5jOqh&+J}xcMRX{KnA3o&{S&%SX z7F$bn80>H_0jqy?7Fi;WiPnf%K{$ZOO08agFWK`WMv%FnT?6@*(~RUe7%Dqsi#z zsnv#RIHzV7H=Y(1of#K1lq|rOhRMXtjE>l~dgIIBQ(cb*A@+jnGfdb+lI(~~>LzgOC9 z|0W2T_N%{Ab<|J}><{fNdT_<_*N|CK>5;knNV3))nnWs0DwoeF?R-Ud)uUqx628=A z_?zrZ&FrR?9P}Q#tv$)f#gb1c(PZ1$SS?{$`GC(?yK>w2Rk++3bKy;uxIrKV{SkiP zwW%N5C?M`8ILVS4i+1K%R<14IcROxd55O_JaLkLt#! z$%*t8ExNzKL%UPCT{;k&SjeR4r7*1+>L;fl$^aw9t!hh}c%!=F-E;~Pb#a=Ia>I*R zsrpQ*9_3u$ADt54|8XBIZ(x5DWHWU@_JXedsX&otBi9nIqaCi+#m#r4)LSO4Giy4< zo3L%%niIS>Up1;lk(#RYtkk>e2$r;vXi!}~&iz7fueaBpCPH`8Bx%mcR-1UB-IJHT znBPQCTNOB@@XSj4z#cv4X{%cdnSWdS2)L$e1CFwbIs|}__|GzFB%9DhxxVUt$EkJF#+6lt`?u404SHjtjS}(gwBCqrK#P^5v8*P9+dHKdVRef?~}t6c$1!W z>>3BI;H1#^pNBTrF?O7V`u)+_$H&uWbQ0vl!}upd)#pRrrjd;0FKdpYTw~u(QAC)+D)dY)Ade=@s z_>+B1F-rC1KSvwp>E{hudsDiy9mw69k~m{W_+ls?3N zC86E@1T;UENJs-(m9(yCewX}OcsDOk+4Z_GJ3B{7ldig4cIC+9!IzbGvR?)VuvPDA}*9Yjrx$-)FG`ZBCZXWXNzs`!ql zyS~)6*`S}3xIw>j3qQVv6#1M8RX7}H*CuTnu~?-+{Ge&vU`{)El$rZw@a0w2*NXJRrf8qqRT4jqU?r39x;vr9fbNR*aO(kQJ#d!|Hmr;T)bbPpKg zZ_LApwje!5)R9@US{O0y70N2BcXsH_d;;$z9f3|ba{BVa`yPwQo*De$C99_-W6Lt+ zja^+N-E8iyB)0*Lc$!x?ue*aHQcNf5SMeQ3xHGVpJ8AInHb>vq7do3agHC~?XxMSu;T50nhsaby zpJ5Z_B{Lelnb#P@c*fiVEm`|kE?DJ=$ThwS9kccxyoOaCO}}O>*b`AH2Ne|TWb?G? zjn`p^8Px zl3w%nkxX@{>a4s3s~{z7GtfMK_uJl3{ov4rJP!(A{5^Hw$SUQ4+*Hz+sO%{~;%&>S;I9A#?AAn1a2fG3;(N;i-(nNNB4MMn5 z30E0S8~Y_{TaTnXjT5#Z7L8+*a$$=}*F*eDv-~M&f1UFYf4TSy3GPpCaC<%A#@8Yj zRY@)j>K~Olk|maGPjT_AD>QBqu@TM>ziRZg(e%`Ln?0MlW@qNh^37eBByKy1oTT&Z z7mcQ@f`%sSUtr?!?j(90%6=l!kDdLmoBvFOIP{FT=Cf{acp(kR8_YHqC%3N3lObnV z$V;0Z5}QVLft#(c>|Su$Yk$hk)4qw4$6#XNj}}T|2ipOJ+X%;-kjpK6USge^CL#$}`; zbA#RwE%kU)bncw8=P`np`fRk8=PO_Cq%W|>(4|P;{X2T;5o||E3Hw;H^s7Sa+D-{VjfayBbuCrLgUU9mjP1`H`RyV>xg_qjS<2;^ft0VXPZ*nzA+*t`234 zs5eR;&4>a29<=~w3q&I-MKFX#zl8!P{EH0O@saULhI`*iUe~?)z>x7Z5FQe*o#qGg zU4&7>{HY=%XK8WA0Q4dA&_~2Sskr_bxH)dG=3LMc^wLH1nSX@c%4tum9_( zf7S^9>kj|p9Fza(?rOKG=xFaHYoIh7D{819N5Y)Rn0D5mtsW0T+lfz(zDGZnRVbV- z@~yQsq6g#GzSM#3p^+7811gJ_@FE%==&@Z(uDq^BNQm9^;I032^zXOsqFl8X3QGT; z?2egfpk4L@)2b1&MKP;2-Feh7QtCMANY@Fr42e^Jn;V5e0Vt38joV3KlP)5$yvsE)LQ#-NOq@QGUJ)~?W zP(shJY_8tvygX6bH#4NUSq+!<4QQ9;7>G|~{|ke|^k9=+?qZEenTJWff11_WiRIeV z(n0;0RC^Jt1>^h>!xX)tc}|IXsmR6&wpy zQn4#H(MMB- zMHx#@93RZV31}y*SjrOz0mox4WG}DppK2v4=BgR{X|RRm8|D+Ma45X@*-qV^JEO-o zx^O=&H@n`iB};5QINyR7aoeE??wBOE^G_x3ev|C(E|(2DGX-S=|0dh{TH(0E*1-NW zX$zxOsPl!WWLhYx+8q`IA7N*YVCDKHt3uk4{V~7OH#^1Cqnt=>hug-R~orS(tsDq3V8=k$UiIil%=2;d}R^` zf`e1EO>UbP+3!ZU^V(vD1i>F~?By&;Rq*)PfLKhwrc=ive7H|+M%yIJb7DrL1pR`& z#&Y2JR&F_E`HbLOCm#Ff;9|U^J9l>|WUfj;IxC>c2sZR3Hc@jYu_|*kXYaDHqulX# z)qWJ`ydJf$@?slEP8WLv$aKF^Qod-1-x>{mLly`G(g|J#^yur;(HXbO_%(;Tdw^xn z13dq(;HKDj$z%5b&$`Ygi+4HaTef4lrjMrO%^1Mr(*3t4%ehYuj$by~o-m01^eI*) zPl)F6q_~EZsKbW5@Xg9AiH7|#{jwzOnDK+PyUg%0qfO$Lg`TO|NDxl0w;l69-kcw< zziUmKPTz>5N)x_3KfY!EolLSmky~#+wNHTK;WvxdWDXlIj74>Yk&yYiP4d|>`xhdz zG`+~y-OevP<^!xkb>v{**9wtVN`9n4!I9mU53%}HWxP_N`mmci0S|t+^GfV6(c=xwRa zC>G#`6S*NwL8i>j2OPNayJ1f?{|htYRgM8T7EO-8yx4%f4uBW>Jez|eJXkI5#!N2YYNb0;Zr*+j&-cV4 z63m&!`ZHKL-*pM9MzxcmUvBecn&Fe@oTnNFk!q*o^jN8usz6M7{O4$)^HDqQGz(}n zY4kd!?ol>7|Be!TL6O$w6w8D4jOAvV^ZK~?vX|rp%=!)#NX-o(dXP+(AI8PPAVA0d zXp@GUtcou}dAM2FY>kY}>3QDJ0GD&a-7ukO;k?O(G|njMya~+DbDvK=j zXVUFG0rVDu%k5us6ExEyL9hUs(lmyWUqfDh;!$lXQzzvYoki>a$nRD}8;K%=+f8IE zwmOv1Spt9q?O4*3;%g(0sr?zBhBpQdKJhoHHd*R3M89#0=9L6Xsn02{*@(~NJT3!D z+f;CN4xsF@t>gEH<)g^uF~gxuxv@F?5KB=Xv!SoSwZeE2NOwJ}hWwp*>AnCupYQ;e zAqMu>)O!1A=$X_&+r-0epHvBx$|46Z&um@m0{u1RX$^^u5XJWDl>*K{jp_uEV_qpa z=*W(em=&2?RaKsiR()O?qM3vqXnssF>~L;^YcQBBls@Yev~Tr?8afDKqxxPNIzM7& z7-z_I8O7-o7N?dYIO5x>qPa*3WkBFQh$Jmavai-yqDuey>+QVL?8xi19$`aSW&y}M zhZdyW;KC^X?Jvl`OzrAR0)f7HpIIfEVYjSJOoaVR(3M0%+o{QipcN1=u@{n}#ur!B zj9L}bMLDDUrj++?Og?K?*+oqLh8+W674To~-VoMpPRMIoT=t3rvU*-yebFVtc^zL> z<3EIE0!)Iv=KHBZ(_4kN>sU*@jW^i=j3Ka2anTi4+qC*d1>ScBpD zi_&QgY#A1>Rgc(+(_Vg)TCw~CEvA{uR}~pMIwfXI<{T)hM-SN{RH)0a#xBoaVnn=g z&2zTJ{FBB8e2hpgJkJnGvsXtlQBULc)F&6zd-NiIV{Tw{-J@^w9qXlfaAZ+~i5z_q zfM)ATAeXlKbbsx;rdbR0XEeZ!m(xNAx#Evm^wwLC)bcoza^&;-gh^Y^C$&79KBoJ^hqvF$a&Si4sVOmLEon@SZ`<{CScLg2 z#t^;1VkijIOo-Bpt(%Nj3iJE_*jfM7CctTUnD$vr+W9Mq;fHJ|L253eV*B06PQ@~` z9b|x*mbcW;5)xnYwju`T3!fC8YTfAVMZ1tA{_$T*f_my@ipLQ8PxNiWW{2~&Z1<09~!MeEs1py@*b9X6m^N2EW{l5* zNi<{P$nYIK6%}F!30a5`Hv9f*EaU2LvLETg=R=8hm*Urb14}pJ+&=_Y`Z7}!F7{^@ zyWiep_ofXn)K+b2@_bFJ5K6KCNenWj7>RVgz~#mBm^T{?;Bc6wt$U@N zD&jWLcQwyM=8n&VCUJtg({~Xklil<0v~N`4S&OU3M{abPg5p)`m4X!BVoC$=H^dF; z%@zv!;#hJ8Jk{=pLcB2u*84tulT>QS1$!BJ-U<#h?e#@yE zl%SDb=~@|mYxEnOr!E#jUEp~nk}|5i4d4Ts@h02;g|*3$*k53E!%K}d{-D+{qJgB@ zKHu42^r+GWRIP*~-QMFkCjp&tcvg3jGxqgW;o)ovOz$)(`qxN{oYmCPNAMbEEJKWL zeS2tTp2(%}q!TM&U$&DwOAiBp{(PaM!0$TUKyO^HX)2_B97<-p{uHHM#fB@$)*SYiQ{2EH1Rkue`dlWzL43q@_jy9db)M1O%jAP>1usOR zSGmiGV&{tq*dPd*gDHErfoNiT26x_=vnGGOhkr^AANIYCG<9UIE-F{7-$x0Z{35|6 zQq4dh(zH6N$DpHa|I@^lyMWq6WE-N#uuaU<)q`*TYTiOxQ)I^pk4?8o!=17sC<*|B ziSZ8B0lA>~B>WH06aj~;{(7I!%M;e%>?wk-ft`ogo1_;?%18j~JutdUN~HN)P~LGF@EJk=akG zJ(H(uyu?a!&14TKByB<>UgM8k%jqaZ10bABYCSn!@$T(}Eh%A`%HP5McTv&$0BgPq z!$kf!SyZNW33fHcobmi%M`DhG`k7S%v`VEUGwBy?So(IO#$uYBQElf|{^-`Yl=-T| zxJSVt$TvTJY{dST!gukhPU@o7)k78GIeS@!7xEFtO;N}YlsV%0P=>pRt) z>sz=^38;!XrnVHx5mZ)GF-;tk?eDWL0d>BppMV^yb%`TEtDd7-0Dx|^fIWhb3gw)s z9Eyj}#c-%aQ+S!fjl&Jm@ zc&e+i1K>V+Qbw`XATDJYA)xaW*Xnt=LI%e09AB@m+OOqiek zPZ82pz3&?<99R&4@cQgq-dN#D{e)CLL90jzhN!L&_iWAq8j46XTQh;_@sKr=4PhM4 zX~-k*-ZT+zzg{?VK8ALvu7Tx13n{k_Y5RIU9y>O@jarRQvxKEWx}!m=rlUsue^$TZ zNek)J! z|CP?~GM6w!-|90;$Q$1W3j?^kZ?<#r_Ibi+f=^ReYqfl9t~g-kAT!FZ7c6$LBxp*9R%~jPlhsuvsx6uC+BZllB@=t8n5vsV|Wu`4~?x z`f>)MffDx3Khn)j8^IAjzFXVA*x*@tP@&fl`(wMbK1eC6EgB->SsNCs95*2J;y6;s z-Pmre69QKl-cj|mU-v-IJOh2>dfX&gNzTY87U$3quH8{$Wgz$m~Sxwz|y1aR+Vo@hnkQyn2CHEtNh_SV*(e zu5&iV{#|?{$&q|drdJE-t!~-JE&My7(ljKDYoXM@b+17&h(@eL(^^@eKqF?y9&wDm z)+huH+@8|I3ju(kNFY@G$XNb+RCM@0u0c0i(^dO0gk`}RHi(G|ari;** zVW=-}^=bXW&H!brZ{qpVhME`%pm3dZRm8YbeiPNZubK)-h|&1C86R|nzk@m#NrkbS zKC89so%FKog6_{QOh-HGy|1-DNgR8rQ@ou0ri)&I$p9Gcgwj?baQ1MOq^L$Jy-pPj zwO{K({$I_VS5y;d9>pzdZxj;*29*+|j|M^qhZaaMKtc!x0y+?I5(r9*Qk=DcKmZ|x z8bC>bBtTRogg&lxLZ}HvQ0XP03`G=lW|pUYoIPis_W7Q3pT7S+-^=e_)#z@qh{Dad zdBKQ+8fG+Ip%y6W{=6HZm5r?&yyKD$$e;>N$gYPbD6>*aaryz{%Ye7JPT=pgxy`0<{18PBa7Vgedt?gr}n2no%3 z8I{Y$`!|S!zxGU~b)ieC6QkV$X6;${YJsL7q@wTBf%|6WNW-HCYUVvy=tXZo@)0=&ju4};D$c55b(E5 zM~;1lgxxGE3PL>ayt-63fUI4;Y>cR&+eSy+e_>pk+2WBI$}Q(15VvV&H~RCK0}JR6 zg)MM)J_Y`DCd8bwg`B?jSn%&&h>H8{UzZ602MUaUd5F+Itt-;=WN0AQp?K}JivsOOGQ+4X3QzR^c^aI>F2 zt`u%VY{gmQfYqwTYS+w(-}xee-oONTHa8peZ8Tio-|T9!*qnFlnzw`iOX28*7LG-- z|KVyCDHjkjPf3yG6fRQ*KYIoFLw4S1BjI#y`xzImOAPZ*h1Q&?nJ{%IG(BR)7q)T_ z80OqeIMe;67OWO?lK(Vp=qcC5K?^$FKX?L{{2?rGnDXn8x^GKmxR2B_E3UWXszB#e z@y}huUbe<7lF7EHO@0w}JLs%y58F`yLSkJD%i-v!UhupRwOz{_Cq^zgVOF?Tetqc_ zn^P}gUCeilM&xVT54Mm5Vli7;z50SMKz(oQ%5-c~sNIWa(>Fd^?QROG!Pg_ouH@UN z4g%KJry;}W4oS7v4#Gyh3S{m$okR_O1{(RNd>*;A7Ub&YnU znd*t}g7xou`)NcE1vO)&6Wc&Wnm-1JFY(;4wXC^B$bIAdHc~lZE#4_CL!t(4U%}#ONzLZ zan8>)PJ`u?$pa0HB-YqqrcOq8=~l`HE|d?PAIp()p|w~Zl@=22=}#NWwa^)yMqe>O zu#e26avAdwt%M-r7?ye5Yc+&Sd0hH_QzmV=IlzT*q_I(WD{VCcMlClfV@EB_!XRmz z?#jRIPxmIZgnZYSyR)ebl>Q*KF*#=6nhbP|ts6=g=uyB9>kN}`As41~VW=a*CO0qL zvo8tIpF$s)XScwFeAQxhq#L7EAg?A9LAn96i)WZlHsC=3&P0rtwSz1{fKEl+_Wg@F4BGqOZsCqGaJVdlORBrbqlG%BVR2?0kN@B_{b1G@9yq{s_Z?V z7cpD^(&#c)_R=P{S30s-@?fhnoUyJSO%&<4EOc)q`mr!XES&!*n0 z53Qb3clAvy%4hX#qx}66A`{nv2U^I_k1A8sSCTMkO{Tvc{DUV1#wSirC~#9j`04^6 zKZu|WBWOR=;tb7}ERXK7&T+fiDll-((aU#x%|owPty+l)+mTOsKT(_s;lAO?ub6L4 z;CDf+%1iE9MLwFIL^%4QsU>6Z>$T?4ZpV(3$xgjnvc&Z)mS9w?_CTNm#8N4(D@(RVHN}7QWaX& z+nnG8>h2C0^Ye>6XAy5APb;0m_S%$+d$#1V{7Q`<6<|fW%XMPC4-7Z=j;tX4x^GeL zH;D`CRqq!x)RGl7{w2C7%iLJQWNiIp+5Hw*HjcV{ul7xWkwfyJ;e`yb7Q_Dut>4Ui zkBU-&vg_r&YG^aX!-@ z8ugQclY3>qZx&eQqms5g*WY{cz+1}7w}<;i|3hZ{?OXg`#6xc7&MfbeBFj4XV`Ng8 z>Do)fM~!2Z0_wQ8UXqC5gJN6;qg+IFCnx{beSaxB*3PSUQV$L0>0NTLX!^(3hv{%g zmLDQALLpTuY6|W7{Bq)NEq2Az9dh6z{=}$A-bS=Yc{>%g46~74Idch@!zp!|&&82w z6;G<@yUnILxM^X}a5TA^%wD}QMZJJXY%U5kHIdBs|wnb&0l z9UsdK?K}~}z}A5NX|Qm_OzFUqC{jL772(xOCpBJSaXq3{xu_h`(m;N>)Q(lR1-(&a zgnJzP?g!iJJt5geWUIQAuJC$@QNG$paKkMJ+RksoACNj`c&f6==ER(>Q@d<2tM`VW z#@~uDDs`=T3Cpq=S=AdDxls!5X9>>FfIIYYTtiK&d=yRI_u5JoJ1D)L`lx!bg*&^Ol!TIgJ&D`UBCD)IbCNYKt^6YfC$K6 zX}v|~8)b%ept_(`&m(@|z*Tw9lUNh#acZ2+Vw(39xT~P8?__d}U(Kvl!Q8_;ci@39 z(o#qP#+<0xR)@7BEmgirLjCUG_%1I2N5Cg~2RoF~gg#;A*goN$RQa%v7oxnS#7sFj zh=Js(K_1sU1rI&)-Ox08eb~sC?a;Zs)!yp;px3K#t_f4SFaQ*s_L1bRwg%+{oo~V( zH$?%bs+vmRvk(xD%{eFkwG0>#Z=5wVBb@OC`3ZgRl1Y$uO;2)94wd&%&Vy=NXiFXs zZ{PNKPFc`Ig6#k7I>V<>;hB(~w%~_2AzLp7VL68jfgA| zLt)^3H4S&3jt@;r zs#V5estK)s?NO|&Hw3(m14a>|JsU_nYPL<7s%5g&l&!*&(Ia!z?3~n3Ih&j_)905s zmiDBkK_87PDIMPewP{at8@y}Py+Wj4&8z_C5k8IuPH-*E40zMQG!3*yBDh2wmBfEi zNE+lLyZPs?qZu7eGg;5ed7&W>=;0b9R4BT@{{h4EIK%qRM<)W)reNnvN!uzBn=hYn zIykZ`X8b+Stt0wa^C;!kTYxK8;{A&Ro2i_?j|r-#UpTX1NHWy7PbMx`8ksQN^$<`- zjqD~m{I5OoKx6)I$_rpG4U$GPr-GZbu4l5P@SWg-AAV)G`Q7#I@T=J+ElGUxrJ^SD z+f}Q%KMG~p@QK^cztTEi`K4^=q9H$_a+Mb+#5&Yz30NpW zy%T!x@WXR{_qpf$+;p1t0939mS;8p2j2J}c!<5jpZX!Ub;N9Kod4+hLw|bw&=jhncDu*B{n7v& z0jdBwz^gyke|vmOcIg0s@DTuT@7sUNjN<_Sq(1=gWb(gdOg{hsqR#*TqW`~T|9wyF zjU0^r)*ROD_O6*30I;6}01)T^0FQqI01tHkR(8AjCw*hMEuy*Ym)-5h9AE=51uy{Q z0Z;%0z;(;<0$u=k0D?DYfHdIV-9Pkad+(O8aIpRm9u5vR&V9TG5ANgLzyIJN(ZdJ$ zg!uRG6A%*+5XPZq&#HLUaFAu8r`RO!YKSo750gVk6+8!*)<|Eu5xfVtqQ^X zTw2Y+x2%apKRY{kwEvgx+dUTcoxAsNaBmAGi2-+S zmEXnsbKN+%if_lpt!`p$lBYZ`A3swu!r_H|B2C+6d=*hfM$V^d+%zzc%f!qt?W>l) zSAH`Ic=)HY#P^5+l7J&c;zwAorHF|EuV3H!_bg0a14}=ZVRi`=6P>tbREbK;MFlLs zlYDdCdWiPts5fjs@<#@8OH(gmT(st&W;nPQik+3BNXAkFy}N0}1_fVDg!R!A3_fyj z<6+z4#c^v-WA=szTn4o{xA%%JuAokzr?5pG5S)>nKM%Qdxw57hqvziUPjF*w<(>1J z;vV^Gs+$3-nk{o($1LWac+v0cEi1N1xecq%t-hA&nR@mN@a4KK}14t3j^S z3T38CkZzcUni^1J@P`T*D0uFwJ_W5Zflj)ET`mS2p{oN$)HSU|SRnx!tEb1YAI6ej zc4fuHb~E$j#+0_1#F~>()9}1-^^6qn2@R#!>9;t|KakWqzUOePUvj)`0ENkMg=xc88k1W*)bggm*uDm{|3B6LZmK!f_ky1_l zWapo{phkb)le((>6Zxxuk1hNLV5WRfQ1pm2XHIwC{4~1#22jCrHna=et+;#(xdBW> zU1By~W3!!-pXyvQ^V|S7JFlHC@jW?j03_dU0LLab08!MyowwfD4dgyw-}zkd`Xo!< zoyC`I$(Fo|m+UL9{C{0SFa`&d4(S@kc3;}zz*xN~9B&1we1}ANCx1-y{ zyh5AHDV#fUW|jW@{Tahl=q!DD{TP8MEpuC>hu5!Is(f(n^uyhEKTnrKo6UK8#ghi_ zW6`yc;!g2Nt37lk-7nY9vhZ}^Y3lWOGxbQ$81J;Cs>IDyY=%;RYAmxPCEu2-Hz$%t zRArgKtV@?~YA^{is!up>QD&Kuz8|9CcdgxxN-rzUF}KLwVYtRYp}a}>~k zLWmX?n2RpFO zrG%U;t9Q6Pe6;s4PWy7G(A%1NjBSieBCW^XQNN6~37_(hcrN@={CkZc z6pRHbT@g50%PtT$vZal2r5mig0ch{s00K6Ab+c^A-hFFTU#$vbfNo2L`+nk(7Y*Zi zF1yUi_9pgOlgiRwb%17T^O?=zRhn5^0{fSi(vGpp^G8|_qRkan?FNkvuE){f-KK0srosNo#ebv#`1tGJp$B?zl%mr)q*bwt3LB zaY^b-Y%pC*(YL6xZ{e0oQfGJ1rj#)cHvamk?xagP)!qOsy(uI!zerwTH0mSeX?Pke zGp!jR3Q4Q9eo{wFmv;y3P(I-pQ+<~}Gk4o89SOJub!@|t#!CoNUA^(M?0u>+)RQG1 z+*tBJ^3-q$qWftMoj{$m)wQMV(8G$K66tftA@PH{`TOiAV^khCcA?FMd(0@oZy>@Q ziyh3z<(jL3jq0>IObXk4&a)1FNxC|ZXY;9QGwT^~X7y#=Dg>1k1)NWJs3j9$;?8g~ zRO%Qoc$#VRhtb^a&H1ixmboIDzLpv^zGkiSx(nsHD-LHjvHr}tuvZ2IeREy-y-Fm0 zc=9VNP{B4%oMn`#W7iD&jm4Q2`3p+uK{YlGWX zq%iY)hz}BI?Cvc*e#akh6bU&uf=ii=(01zqX&Y zeB@N*+?$2%$1JD&>DtU1XY--1H@Ps2!+Ov(-?C>EqsL0NY~9Fv=-T*P;X8U$Gd zz~b)_Rw+p%mH{%EP^TJNME(*w#D1_U92Q@}D~M}57-c{DP44cPFsRBkYTeAx?jnmy zE>e4!W9Rpjk8);Zr%O;|cKWRBal7`Y)OkBUGNtbW&2-1UrFd8H9O`~Mk~=DWnodkHxI%|!YNq9faO{flYf9ki`Eb_)C? zXjsLXODY(8NX9QPtle6ilAVyvBEv~i9xGTA4*3YQXYj?Fdh{{nFPP)*z2Zq5XY;oX z54mD}IGj_GG<2+WOT7q2aqs8mgO$_5+!kChSe{zuGS2r=Wtr8n8E1Atu9ucMg?Tw> zJ8o5NtliYA$iRwgOhS?B@1*lp|9LIFx3e_R%!-v7e_F}ser?Z9v~bEAbNK-hKOa$p z|26XYhrZ1hMhvL*bGR;bOwA*E?iQrJ$Z|R}C9s{;g*n+~t=FV$(fUn^dz{}vV2IS$ ze&oeIF(WAp2U<66&NmvD@Sl?eto0i0b_Gukq%h;Qvu>Y#KES8`J5a0GeIvmZd2oM) z98@e}6~EiMAh#RZzOTF9d>wX0+t?3T_mJ*AI=6+O>QE|sv#BHFTgd!@Up$e)nBM3_ zC53cupBE`c5Y*yI0h_1P!mQ7^4-u)8K-8>PAoFo~=Ep8~3+aR>Kb2kUr;wX~d(fq0 z%4kwp$_k?pmw)}r;~q{|!!4!8NyKi5Tee&e%XjVV#>r%--M}Cd&-Td_$d>jts_@_j z@JP7fUcMV$_{jTFO~Z=L71H__)CBy*Jbj+!V&{>%twk10CsUQS4dtIdR4`ifcFvRU ze7{iZ`LjMLq56HT7bv+JCu=n?dKFOy_L45Ch0SZrej6n-sFqw=1rk|^PU|x75OS;u zmSwAsJ1zd@wDK~}RO{4#YH$ku=7cUrt6HveHo<5AD*vZ}!}c^<9gQx7+Zwh9Y|j&u zs!IJcERM~Q?Gt^CxB&<)q|R@U4d?0eUFIAi&l*W@07Tlwng0X9lK~g_ei_7_#=D5a zdaTPqWH*4vc>;oZe$+K^j!^vIgjF2zUJp=Bh|98nFA%#Jy6Tbjh}6aR^wp5<-7fB$ ztJ-Hh6`bAALMulm1R-w6F`dJ`4+%cLdD6B^E12A^5cZRTyy}Mm>;HBKD#Fxf;X6PYFIPuB14a^nVA||2||}Or68h+BcpXP4s;T@tJwrcuG=^ z5y=I@TJuw;ui9l7&uc#201_fB$wYU9x5o~Ir#jn0CJ#+5$1c=LjtlMdMK`8SSt4#R z!rz8QS-sN+i?5h8^Vo$}j9d5dF3|#Zqu8d;mkfh6=NN41xiJOXbNRTnVWG{u(RZU; zTfv{V^K%4L6#InszD^SonC%Hwd|xaRzka{HxvEi=5^30K{}xf>FSdPT7$smQI@seO z!zT8^8t1V?eFbj^mrIaB{b=^O*iKP^wh@kyz%~#`;8_PD7a>k^~xhX zr*!RgRJQ9?H1AGaiu1^RKsa01}QV}kPZPK}n7ofRzg)%8M6+IdTmvs6>?7G+~HNHWP zIaXt;^s`7PYDOOI!o|)iwTXLq5f@6Z@JlQ2Zkg?( zGey1Rbb}!W1|02|iT24=JV)j^PQ|9uGwagHQx413xCk`%k+1Gr9giDgX)VE(iz3N5KxKYrX>C<+R?TJ1gR}vSGfD3n9gLDfs`n-fdKP&z7WjEjTkLsNo zHbIdViC86Yqi1F)A(7@i2&Sfy>_G9yxQ0aa)Y0MSbatcu=0c~M9A|{+$Dxl+)!{k) z5yYV0=Mi-+PKb})2z1|@*--`t70$S zVjcu4T`Z`{0i`GSzMs`9urf^X{4-muX@BDnZM%1BKe>-~<1U!!UGQ+z{DZHML_q$N89^tb<#2#!uoR<%(D*mF z+`HVoD(1MDX`}gr3Fnh;ufE7ezuW{jz4N`4hjn!b9((C zIZXsb0wiP|&nS78rg>!EybKPx&-# z;p4RWf99Ogo(c<@;uJUxwPTT2y1r+7Vo!~{`oS3qOcPRiYmIzf5tO87=&1Yp24Hn{ zYkdjiR!^NyZymG}?+X<3zS;!|v~TcjGTZ=4{Yek-*Ae^vy{scS11W@+rmr$`Byu~B zuK#AVtvrDH*1E}YKl+;>HK85uoBjQ{fJxUDlFD_stGn{u40%)q)eIVBr#4%5c2|O3 zyl388xixQqHusg*}Ao5gB+Y8 zf4?#s7N(ClOL-|A*(bFd@oKQpVNw=jeTGT7@TFVpaKXd7DlsU!$f%*R)E`g1I=0K2 zb9JbjW~_F~S=nemn#-nK_?&`p%WjL&XPB%Hr5P-P9Tos`M%|^lM4S)~@^ch(zGt9Ir zr_w}Btk$LK^{UV?IHMe3=)A@e&=%76L<7pWaH6qw9{P1|=2;z3uM!aq%5_FHc?5H0 zG^i@tFZMT2!E2~>os!^(^FE0MHxM54=e%?ZAcKuy4-_E>7fV5a=ey(x)5n4M+b!D!b6v97s{XBI=C^`n2w#56YS$vXp2@U z66yek2Y{s`C-X8s9laRrklMh-5hldiUfH9r{+N*vmn|f2Jy4`2L0v~`>MqKXReqM{ zn0_py`Fis0C;rOP@%9D!rq6Y62@mL7lRFvito2dkY7=HoF4eEkz`~aW*Ub0_HFco& zV^W<`SZ#**Nx$c4hT6T38CNp#r6pFbqn5|pOp`DKE3?THmR!-KE}g)!D^A4R@R0K3 z;0b>IXlG>-ks`+glNT@Oa>ig-1VtT3iEG=^F^e|<_hgxxE3#7jlN7`_YB)~+25`bo zDH2w1cmr^*@B!a#lTnv!!MzU&-eJz)#u(-BEKS+DAdMQ!zhYc!e0FaDm)&L3#SQL= zCYh6@;d39mMc$=)oxN>h^r?`K`3NZQG=J4yknke4PfBMkzYbz>9i_40lnVD!ukzxk z9GONT#T?UUbAITFRlzZI{;!ikCQ;EY8 zU`oLmp^K?cw7!>BZhprlr8j`Xrv?1pQ=L{kjni&p${mM3C+DecbTRlh0AA>2<7))uOZA4Io=m`rJ^~hjIg1C5Z9C%w99z0AjpHPW|^|YpaHK=nK?5I5?mj z%L{FAWv!ZflkbJ{PP^S^9VHe^B`|j(hK1RP&!)vri4$HP2O>1%C2b@L*V*sv=11Z=WcW9nDI@>oES4*d%`%Pz+)?a zu9j$`t@WFxYv9m@N~FHXxeD%K+ukGB@6U7@t}}3@gVP*b>#D9b&D6Xj(jG8xQZZM9 z^MN{Q0%L7U&Q6)X!IEJr#TOt))OaLB?JGDt?EV8JOdkw1@Gdt-NtUEgupf4LE>JBR z6$idZZzxZ9*KR2NU&uFSnaFaf}O%X(F1Q1ffCvEA~NU5l{me@Fho#L z`QVzLXX$}}+I@r7tqQ7_v*s{+yXW4Mo8VACH|w8!dd1x|H4l&xvhvr^qMk1!RYxTXI^o+*6A+-S?vtA3rT2c>2s5_ zVlQCLMWgP9%aO)Pj$2wwDf)Se$+$?Rxr>)n&l(Jmi@ab;Is4}~ly^!q7 z5b|wTnt*QUGW~}mAi7Ur#x5sZ-p0joS%l`2&?TYnYvb}&^T_82N`|bjMcIYcG+RAR zbH5fl2)+|ha%EU*%H_Kong+fSdtsJ9q~Jcvp<&D4AnU57+BRuv6uHNomB>3mqcmR% znQVsv86 zV7Syj{rJ0QGNDy*9(SEk+_O=2@%!}2&LTvlci=*RwPx7G#|5iTT8n^Jy;8UKdMGv z6@i?r(%|2pOeX$d^f1CN7+xK)srYFjT+SIJF_teb)y7Z#w2P;nyK2JnpiRA5LxwBu zFv}#F-OB7DW+jO))m)_5e(vF?Lc)74n=@>O^o*mA(_(35D#n(dO`*R8J?Kb&_^GMb zhDW}8Z|F&9+-IW}o~*t_w1<%;Z8#C)cHVW;-HE*Q2-J{iM1h(um@1dv8)d5LKoj4X zMV6aaQi)7I7KJk17m6sfAKym80AP)r)Fy|<^?UrcQ{6U)v*uqQ={;wa|1diEh?b)@ zW!4MXXnUTT<2_I<>73eYei_bZ__{9h zGT7nR=hiE3UpxBFx4g;Gcf&3!_XTR?ES$X=^M5 z;W}35@%BO*UugS-^)kq3hCmf#g|hiEjLA+Nxz=WsR%%pLdSRKt9R&s^#6Y0BK~?FC zc#9g!GClBsy*LQIjKQ5*ixu9=YBr{MtfyTz)x<(eK!|4U9T_j5j4RyB+ z+L9oe>`pUk+u__IZ$~`$(t-x74I?CpJC`r`@aoo)5 zv+qTn$gCEg(eO0&1aal(QwD~6W9!80rzIe^*@_O!_JUaBJD1yyS4lhwE{MX-{F%#j zfZvZ$ApPw4(kA+!?lrR%!k6-A#ph?s$4Jfkv2eMr$QG}Pkt?08BK~|Q+e`L3WcLj~ zIh}Eo2A`sxW+K{dmYpDAzH9eA@{)0OGJjTw^c^3nB4+*95?3c~y~K{TH|Dp^3)a-0kQB>5y&%>-Qrm$R@z4^J4I!a`UTQbzkT5FJ1_P`3S zcvr1m7f1#)RB}=4SS^c0k=NR{i?UJCwi|2j63*pevN#)K15B?d77cf-CwE?9>MMFF ztFNf#s1Sz*dzx%ln(~a56gVs}=HA8+xprq-0)hb_UI>eVttP(_UMQ$aNt)M|m#VyT z@B1+-X6Zx1JGdFu|GDwg=kj^s6tQg=4>C>?pHbM#-mFjIR{w>jEwNOdW|k#1@A+&2 z{Q0XSHejhdH}vi^F0=W6cm4m?-ASgh&~W6|F2;xPzo4tt1aG@sYA&nD>&k%UQc^U3 zE=({+d=?4Ax{Jr)Tem-8YnWBocc|Dvd#PjXoo9~psA}NcAnW8PDA*!(8Ed@(u)ckL z*aM+{+}Ha};?+zG=-?Y&`Lm&rz-_;oE$8^>)~34?kp@oYgbfm{9{rFywN@t8b`GNi zZD60Bs+$f+f=JbzZH?F)pib~k$n^V~jpwGBqAc^-ic-Q}z=nqO-KmBI^g9d~^-|1% zSjj7(_kG7tp^u*wo8Y!3=YB?*XIMG;LD5*0{^ug)p{i+^Q zkgF%b$I92DVUC&T*j48W*8ereST~EX;u5fL;Z~a#Q?@1*P2hkMgUh;|2T@j*t2X_% zOfP*Y1e&hrfS7RoT6gx1D_KE8b_J1s&A4~&M|NV26PL`pwmw0NV0E*_`D&IRhrEOB z<=o4%uvz|8eAdHHDf=?@2BRTi@CZBUC1yWjTHqvZhs;)Cu}?tU*O zABQtols4HrlW?&xK z&Rt6hh7h<4l2`i*Vx2HP8Ywa-K-Vs2Y^)C@9a{&E_x4{(j%^i-5#2k{8*=d7e;yUp zQ&;Pdw8$xHxnjwsFimzpW3sbAqz{R~A&&kKJxu=4N_#y$h59o$KXe@RVi#8=8AK%B zL=f_VKeY4th3ZzZku$+=AMY4jaX4)kt+{N??_!Ojq2QZvZdKsT{vt?Ht|!sG7XeRo z%5j#_4mAfE*sa@=te0)M6v%Q~!Yj;BCZs3SoQ=}C*~j8VpPg-|^tSRv{a|C> z{m?64Q!uQ=)sjyOBEjV4+r4yr#*=+Tl%9VsLJETCo_GW%ZESk23-au2@024{?r0hw zp6C_xt}2(g1sqFrA6CMQH_w^nR1VE7ev&2at z2~gU3z+=s;M;USBW2}={Cq(dBlxXJT-`+juz)zb+CQ=%%;$mZO^Sf$_W}b1+_M+*?HKG^#&^m?E9^?BQD=u zXiaFLx;ADn`_lc;f@hL$X(##@sTnr_z22Eye6HEWzz$Xv8XLEDNqAdA;%!_W#o;{D zP_pLySnTLqq)f&~mjN3=I?KiokUMv$)2w0g==y2&d_RvZM)EB2wYv-PhRON#t)qL( ze6P_MF>puCfPc}D!_q;!==RYj3JfviR8N?m)5-{yZP_puKo?eRRfeg;&rtkW(sIBO_y320fH?z2mT9Aj$Cod&ue!z1zWtCLei z2-<5Kt$QgRj1Ct|R_e@`RJ8d-0{OSBZUAp?0Oh&!E1yr>T%}#cVk_F#VFRnty|7{W z`xNi?7tOk#4+rZypmfz;606!40|urow-rOSJNirI$V94fnadw$XH?}Ebzfje1sExhsb{ZFU(Sne~_64zPdiWKkb-Z{9H|2_c z?a};2v7y82`9X2@U^b?;EoGT>ebAajQMhvcs~kZVr5TT&3{!-Gg-c|kER221;9YhG zgO}+{F$Oak1S2ixt0tkZNTQiXx)LCnQWytZ9P4?`trI`Qha)aif9Ibk>;RWhDRu?- zgTo~tIf#p$3gqFqd)^@1gVAV9b~d=?i<-^-`t$U3_vI^v^Ms^)?@14&0`aP+o@tw4 zVQbYdZA@t|wBnSnYFvQqOuT@zGQ>q8qd2=?D?pcngX)CNOi<4pvTQAK0uXXRmOh<1 z?=~@@;Ba`iQme^cC0foo1BxaSqz+M6A|1_VMbf<)az@05Tc^-1tVHTpqg`J&`=oB6_Er^2e^km^dj0RlmAlIg^3l8hDmESyo{+g}jvi`bkuQ6U6HVYFs z>2wwhlpw5JhW*+I^_$?lGs5$Fe1gvk9v6y$Ew)3tYe094NM*QUp1fCjv4-~2UEV*x z0dNJT3=421t7ckF^DjSXyPw-8p$#nS8!jJ|H(gO=j{Etq4Oq;}|0}2sP|u3n|J`%z zgtorg^3VeR1vlT__>Y&me`8IMYEh2d=HwaGs?VdMf(_G4Be}|Txk--{e=rEA)Pyd{ zOoX4Kz0~$u@2j$2|HrOdyt}NuLu!YE?acesGii&0CyS4oRXlAqW>OffgY0HfRcZEq zTi*cq8$av>U}Ug%hnr~?`Fmp7!1OdB_P1uL5Ek*cuLLXM>;Dmc(gvkCf1cpz%|G}) zzQ!SC$v>inXB_Qt-msWNf;v+E@B!b+$lz^W#;7dt25=GNb5KlHY@s`^kr3tuHtY#E z*q#~5GRTCa#9R9Css^u!FvbdYKb|}m!xiWS1>ReGdFp>yd&J~?oA&!JA<7+8?mtTm ze#R-G61#Y6T7~qConKm;1+lf%vvi1tgZLk{MG8qiMsMk1M*Q(aV@xv0Mv$Ky3Rl5Z zAa`hyC2Ok#+D+aA`HK%P!`c07z&aRU8);hm9)uSS_XZ{YmCat+i!NvJ$1?p+x< zQx<@|n3oYaCNu@94$f(14|I+NYyl_lai5A@!Jx}}vM%=T@inzCI_gWdMgM%Q8q zlZe&mBPeeP)-d97;H-N8=&VN1d70!;`&}b{n>|PlS>7ENk%mFgmB`9_o!FHwQtNr+ z&Sj7%`wW6MtPQQY-4~|co=-+CvFi@`XX1ipLhO)F$D!V>LFZYaRfcz~EM&dxm!jH> zsXL3>DssS@mjbOVPt_>VY^@4()po-3u_RnY#jDcph{5TtsG~d%Ba>bE7Gx5Xx^i<4 zZ;JkvkbV{~ui9G`_`A~2i>mDQaODiVF9^ZEW?{3dcAr_884h?0Tp!mL6sg7g!+G-6q;%gIl`&zgn*Ea0j>mzio@*r)C9owZt==D5F3I%Dt37Y*kZfybV0>WX>QPaM|78xdfAfpC)ot%K)7XRmOB&FzW3uq80AgTVR)ogfhYq zEqUP*m7lkwV4CuoKsjLQt2n5L2Ul0G18Uw75*Cc+FqD4&DxV8{l%M^fnzZmeI zTj|n~Ws`eG_P({q%P=L~N%z1!C$#xcQ+MvY_|;;Q>Nkjkk#6_pyxrrLeNTGo!2}Pl zaK5xG#H{60l-3*Kr8t^dQwV{5NvF}R5ahylEHfk!W%)c^=CRG=4`<)xZRHYx#7$~Az!hwY zxjaD?H457=ezAZoUqG-3OX;jEes%9v05hIC6iKxD+jep`j3-Myd46f zE1SrBqVY~+g=WHo!=^j+s%9t;WtVk*sz>Mb--cvR1{2mwPHI4Uz>Id}YBtOhiFc4H ziEq5Q{>114+_ZjMEJvDsNR+VQx4h`D;_w&;jH`NI-2kq9ysp7Ze$6-mYKkVgez=Rz zMS>Om(L|LSM6Y@|@R_oAxa(`>Y31w~PK6nO{2Jbp^Kq|vtTx{+8~ySuQX(+RYu_X~ zj?ukL#+v(TG%*;#0_?A6VIlg2Uli=7{`(#KJ9a(ud;4}n)!W1nxyhJvIJuU?f%NS6 zBly1SPSWYl_MQ}2h+;&}E;Gt0TBW|EbLhNX~BoTtgonB z{vba%gmfgD#WjjG#jLvYBbBsV9_VDJ{sxeBuJdWFjaokE+}ik9+&4fz+c&CLQKf0W zW1UHC#bd_RW6Gm?tD)Iw0>XWcp9vRV&^=nk&yGd8I>x@qNxLV~5cH&EIOsll_56)~0i_=95tojxO#!Pa*VLf{Ev96k4TlG(HsCzm-1Cj=bk5O+Qf8gg2+n$~X|o&WgpJ6A38E-FByR1j zR2UO8n%3{m6wxQFq@xSok&R=^81Phs_%9|x;kinXehbwh;t;6Mr;~<`DYpJX0jPCu2Ey@_4nx zp!5`CnEWIQHBF4VBAr+*Lm|3OCYjE1O>NyI0yTWBY5RhIhtx0Pfn?N!Z6pfc8c^puJ*$ zLdLH$$SPD9N2!!K?9z?G@Z7_EaJH4EQWU}+yxwjo1VYr7!n@6@5DJCSvQuZNjNSV0 zlvemC#qeeq+kL9QGixI|g+*(_FlQsAQ>s|jSAm#5L$O8i?s_??>fy=@Fj*D_IHjFU zAVnSayu7A+m56f3H*nzU-N?n&buZcIZ6cMfaa|MR^Q1+UK~>#w5{Q?$w8(vJJTx3Y z?Rj6XS|Y>BKtK0L)JQO0H%*XbG#+ZN@@pNM_=wTM$o$UF6IVi}j~>U<;P2O8ETKTB zgrg5F3mHWzBG34EvyCCv7oeQljxU>Uu#?{4et5O{-V!Hia>By4mMScMls$0deK+mv z-dGVjSC~`M*&Cu3v1($pZH#!aU(sNWEE$v!p%b^oE=KR1aB6Olb! zpy!EmSnPn&5Si_5mS9u1@uMF!bB$5Y@R^Vb#F!cyN* zPI8j)M;Gzhb6`jyNvmby0c7~JH=9G_C0DF}vZ766O9BM3?Q1 zpR)z1Sq@K0E0u2)zsx_FWil;V32Cwlnr7zoYZUCnuX&8LD+6mOh^L<@O)8A!ht1z( zvMCD6$Lacce5D1LlVY6ndbM1fmR>WcU{|Bkq@@5-VD@!uiRc)@&W&{PnCT~ zlx=kS4JG8~Z{DLRD$0vZPxsL0kL>2?o@MN@W$uG*%S)1ES_j3(#s(y?v$I>|t}6Vf;XiQfTvYj%z7 z1=^4*MkcUnluG3J~n%NVz)Qq*?J> zKbSVMa*50U#R!y(8=6>E1ykzwZK)g3NLV`hhmRR61=Ziekg7!RPCYbD<&0fx#8wNk z9)J2x6n3#19q8SAx~aY}roW|N3+(P3QHAH~2*u@x=kV(VTpG+=>Isd9f6|?tMbG#c zab6`{TdbSsP0ro`(B0za0$bCJm0yC4#QvV_{SAWBbsUVkToA#nA3Q=U- zoyzxZtJMV8OhQHnOsrb|mv8s{E$FDtJD;x2xc55K3rW+w3r339H~<2n>Nz}BBLgdLZMHJf;<~J} z0_8Q|WY?KY#ieLW37|^>Z$|gWU97(z(xQa7Q_S41wi_8-jEqZ)QHovJ#raKq`J#aB z@h5wlR2`Eb05#&OgBfmJ>k%Au#P9<>Q^quiCMa8B>oil`mcQPZy2@JEDS{RkTMel% zv(y{QXO&Yw4J2JAU0TXaKbt&h-0f0GScVx3su@gbX=)C??b7vnOxT~F2cL)tkMmx- zq`H5~+V^$TBt|nNh_iV6BD5`vu_!xIbwPXPnWV!D@4^pJtr?{cbPPju9iGrD#)AvT zs&(G4TS8K%#stZUD_)X_%+(Q`xGgr^S~i>p_j1VfC57U^>uU+nF-q%~Iq4>}PxO%w ze4LUe`!3vx+&1r~s`@V-Q90iL_LxTbLQI{lYwez_`me_&zD1n-D}rPCuSqk@YM*pr z#^eR}!rTnv;o;@!p8deCWO%KC<)&L@#6Xj@Rc@}YP8QF7rkIuJubC3N*4l*A;V5Ni ziU!m4f$&awv)*#iQM7}uwx@v0c?TD1^pJdG96TZ&99xZRTdNTK#&UT=`{W_}I*x)` z%>2Yd!Tj0~o3KS}ed2&uMC_j_Xo^SUMTiz|Uwes7g2kWF&1HC$qT_$;TTKc(M zRU_Vtg4 zFfF8>WKP9@pn{4|anGq~dY;eH9$_2pQYe^U1w3@9+tqWpd^T%zn=kEnVtg$0rqT=;XE8ZP3~-{7Pdk69Fg!*`r(9$}ls14>V74j>=qm%Me$#kky2Ib7bwS+DLTnB)r(+jG;vB*d5dW~l!6m_2TjVUVqxfyRniD2Bi*zp1@S=AfJ~I|jTU|^tZv+EF%h)xBRehsL zLcF7LcN;B+>Bi``Is9o@=Z!EGbq(QsNTZz=n>a*f z8`Swk#1RB+v#$D(SCX63%9q3~e7?r`;#TOh(bC@!b z7Ze+Gf5FK?Fg89b)FWYgYh~dCAhp$Usg8E_+!&1U>a6JwtoUNB8%L$IwdY+Kezf;*x#TZH+a`g$}=7)=TDOw zn1fHPs9IZ~w2DPC?b)7Fn{gUFLh@O&;wp>R45zXw_0H5e8cl5^L5mVl7v=mF>de8N zl-!YEV5En5hD=U!rl$VR5rusBmBPxxoN~)W9l5#Q!iakaS*aCib){3JfrZYSi^ut| zw_uK+xOk7Li4+?+AQ7_Hd9C2#s!+4&g*g1Mr%%ijBy6_&H3B+Phut{X5wPk=wGha! z#UNNtJm*;j(p4ki;)tzqR_WT`(%Vw)aFweOp7<`}aK}}WzXP$;>Gx$pIZcvTd~oL~ zap4BgOPYE;q@G4Lf{1$Cx6z)yN1Nz!aJ9<0+~^(nqhf${+`#*}UyF+ky8Dk1xiNI` z|B?6JK}|kvpD+GUP-%)tFDgyC(mN{BoAeTj^co-pLPrGw>Cz!I1ws#|%j5Zmdwq8^_1<3eD=YG_Wts`9=xwK7xY0+ufqrKy|eJqvWzW7t;u~O-r)YnOS-OcN0ywl#$HN9<7rM)flmZh5N z@aY7Wel!q52rwjPQAM)j9k!nUN=k!1^l&k0fx{k7#n>CAta^164lpMf)kZX2U5uM6 zqbIdw+=;;USI_4H`O+8`OT$xX4uo$Y4uPzFH};0y&)bkE-{k*SQV>c^BRyuZT z0ZmJI8v&X}x7f4SuFRkjwc@+|vFV5(Aufh)Ay0gy(_e2t5-*_cc6Ih(j5Hci=CO|& zhDHxeQ;sC5G4`)}taUM&5e|qDx0DVsS~V10-Oev6xaOP%4q^Lp6RI1IWjX694UYzP zaQqXJ>GCSn=ISZ`HKygi|B`A>%tO0uoPr4_uRUBpJ()D9ee&u^evgb-Q0J~A$!j`o zoL{}glG{`koW;%E32db!W9RHVLm*Sz!G18Y=yooSkpBGEm*cH|6Wc)3&;C}$fNVJ3!L_R=euwq2A2K26YN1h`XDxs!9u-F(WD;5 zeczV}sUu@xErmofEImwCv-dd?v@^6U*qrhyPLZF>QoCF&lH|ebn(oZlZfJ4+==t$- z#Fy^D{42NMV7hs+@+Pe=i3V#1hpb?>(iXj8(??e|ELKYyxSw<4Ky2tuF$S3*dvrmM z4WZRm_t${>P!Hv@55~X1-&?1m8jBK&I-Icxx$gxn&8Uzz)Emm3Im;Gb(h|+}{ByRL z7X5DqW%f+NBaB(%*Nu~!bNQdep&umHqQjau2FJi2(uBVI4>$Dj2dJipSyYs@4|||LP-(49WJBiL(o^fRdb!JAa#5}!>OXY( z5kI|>Ir_k4Ec9h%4O*N62Df%>VFlSFt)WXK+n%;RINXUp?#@hae$7#*j~>90Ozb}9 zSnUfDNyT{@x{7WZB6LH6?qNyhYrG&YligmgmWoPn=$#~+jH?#Tx@8krPWZ50bDv*j zt6I;bcYSt$3R-*YZrqTZ_}jpT)fmL4PwCmJ{G9~x3Ip99E6<#IQC2Ub9-^D1Y#uxI zl`FjjIQ}mYMVqRHD`mO@Q)zi={rVX@MX)Knd{f0EagzEGJ`1OAsf_!$Is;+iiDMB( z<3bvG^Q+25V2-9W@yR-cz=bKo_#Z(W?xL}5ONQ|e%Ok84ujwF z-Lh&_rSo_dBj^veet0+?J*?A}dI%P8p38J|XL*pUF(A*mf2aOTPL5E-99?P3Yx=IA zO~#!5_Ii~3)}Z<8Lm8GfIspMhnE3F4bOoY+=X9^%I{&5t=H~UbH$xG}XOr^fJc-VY zbq7KGenCPX3#LOZv!eGO8K~{JrktoXk2o*$w|G&^P-GF}KHdDG@%EtSWa&LSgiZ%E zo48kfd9ADO?rqgvz_jO9Gt8XWiUili_*1=tY}XgVri$&~e4a>;z<`cSlB`6W8&WPu z87vz`VFl)TC^)=~Q-M-zKw_tMFgfW7RxgH-X1 z@pS2Aa*|I_V?vWstILA9&k)NG%2p#+7fb3}8{-2&p&}0bBAb_2r)XpIkPSD)i{=AE z9jDy9!C#B5-rJzEuk!k{BRh2f#MQ_kTV<-30m`(3wp?`f&X5sVL4}s9#bX~1qD+7S zd$q%At1l&P@tYX_9wl2*W#{+M=*et5;ju2h^>Y=Nq?PaR1ZW3=~z~rTK57ZH*A*C+l68)R=fVHA? zq1Lnt-iUrzuVYB_PW4xbCIO7moLH=Wc;dlw!W{Uik?djS(n%&58!6K23`^ju9XE4c zhS5ovG|~35ap35O^xUsT=Km6D-h?p2=3GB-!19R8;T3hbsz+I0sVd@Yt19|8B{(NJ zXfJA8f)iMvuUL2O_kvJ-z_nGcMijnE{Ci-8q+siIl7_i|kSU;(z?)2TYjM!fvanJ5y`d5Dm&-owQ^5Uyq+7)%f?(o{l zY1^ZzW{{GOv0LCxw2_yjlN4bjFU9ctRiN69$||!vRyrXYvgq16Zc&Mh3AaBNR|J4d zN~}v?zPy}eB6=S!PJC7oOL=u7hYpNm-G?)vFm$@RLycW}F>2n}npB#0i*h-?XBNNd zj!Lwlu@Bi`}3GyUI~gD>ghdtIrZld*L`b? zx4(uDV(3wTG#=HzfpVlAjW?5uO7@e5L8-VB5z8GObF@^9DAJ{5EzWXq150F0ttg+nGPh=be42RxLsz$k&!0A_3u7{QIQE$L!W%>nCfCU%SBr`bQ9>Jd zzeKMT&N^Ye=p@|{+wdAujCuW>Y3HDp=X>f4rWb>rs-%o$LFf}+lAx#YrIp@^^+Ajr zuD{qQm2^@R@AeVAk#3O!9s2$*7gqp3RC>eOeG{ge;6r`dK6~;=_m!voeM`7^qjpYh z?37g6qveNQ?tCmY%pgp$&8~8>UTS_U%F?;9xa%D_IkeABg^Z;ca`#Jx#=C!wmeLaC zEa~isQHNh{hsGMg8h*oS0PX(8)DG^K3k_XI;d*Kdn65C+pfsRtGBXtjl)%u2Lr!8%ApVO#Zdo;>EeaJe1(D%ws{AQ>oyD3kFXEKxQACPudWY- zt&TQMS$`+|-XuNAywN7AjP;)ISp7J8`$6TMLhDfaRX_-7GyA#pr>ix)j;%@bm;1(l z?(Nw!4oPUWd^F9&2T*rU=;GZdUe&qA)|K^vi8vSvgnBe?ml*6N^)hg@)pP4nXiO!wP$vJraf;=aoL_1!ENnVF&KQ9Pn+~(7mIgurO%rjbQjf>s^-_DR3ryu{L7e{dW1NhW^g)>`-R|NqDocqJgQCOsXr}9 z7!+Jm%AHcDXI`>DU1hv_WZxVeE6-EWU}hM(8Jy1S^S-~T-tWqgcq>2$X)v(gPn?62 z9kL4mc|3WIb*~bGN{Ch}+;A`y>VA8n>j78nY;i@4ncA`qIb+Uh*0O)*j)Q9-KJ?}7 zeD>s}zr1d|wb6ZSxnSG4=??A8`J_)nviNgrhlPLEWsqL4h|x(z*srbEd-qOEw;}$H zeL>R8iI&Cg+Ym+nXw?m~V5&D+xFl^{*9t#TLdl=f1UBEi$8&j0Bw0%PvM#lJ-baG; zsnG))oP|x@=6;iOET1PLu6!j$-!c-0n6r1H{`8#){9zW1jue<)W;INdi_4gq+kvMD z$~@>7mzk6WVw2bjDx@D-Lq0hcI-Ls?3LW{MCPRm;=~5GdZa5jbJN^24OG|47F!$%{Wl@l9xYNs%GTw>kZ4TiYi0zeJbXHu@UB(GlY*6`a=;SaR2?HnE$ za3HY475U(%*kq!dBR^|$QTe`uODU(Jg6*=$2*0)IDu5z@{QCPi54_FX=DHpo+f8lZ z7$8?yYhiqrq#o(r!R2g@dko9AU3Vta0!P%Krfqi{Rt;(m-W&s~$$|Q6u8`ASz{VzG zkolsfv10$t5K^(SUN`-rXxi40j}rWpwpKMCdllYw1W!SAJPvsrq=$iZl~zp+Y`B^M z1QinX?mB!0o>e46RF$tQz+V(NW8jXa$jB>~PLX0fndHfq*k!nkt8>Sh3tVA(?E9r$ z@Z=DkP+9`RbPN-SuW-ce&4J__+m3>}*TAj8Eu8!+$6#RXBMcMNO27 zw`Mh_u#2A9);A9Hksp}-CF=5S*i3OjgRXM7dESUUI|1$p3M2kp4HN*LyE6zz4r?VW zPpfFX8{qEp*dO&V08+pB;|*L{So?(a#n@Cg9cSq~LOZ^o>>7K3!J&LK6=h$=ofhM* zf7Mi`2}`yFw|Fs?_s}AtcgW7;edhK5ptSfED78&oCjiyc-(zk7jRHr!m9Rl9v@qLD zTR<-b7LiAvwg%k@O`5Qfiy@xU9D(-7O<`(I-c2B)O&LVKCu08j({G2*yq(j>UVAof zbD3@-*79y6N*wPr_hQbtG35NhLS&@`97qMK!*a%;FUI;0^oD&V724#9^?eb#wX4ZE z4q!2D-Ts^geEz+XoQz5(CiJ9bJh4_K2RdPF`&P8SS+Pjmjn%b)fMkRWn))`i5?zFk z6dCK7>OqK4`d3qb1Tnrk<(YHH(op}l^ZT*|#!;OFD4eIZNb`(gVN)x}$Fu-GBzvzU zsc|-Io2YpvjnLJ|yj8L>`~2^w8Lbdk|F$GBx{9;E@+)AcUUOaS?a0#2czWvq#6d*r zrApicKo#@Wz6%`;;%G*=O7&)&ul-3EXpdr0(p_ie6$Ox#1UH*!%oBiqvF}W654@T# zcKW_Pd$Mx@5+V)3@K#`yi>O{_Sv5v9AFxewC*pCSZAN0K8U;n- zkHnv0cGLI2tRPR7#sb|SbC5IR)sx=4%_9Wn*C1*&=$dfe4v-!u0!X)C+0Hou2%hJ`T*8^U2N;VuJg`cB4(^H;vRBQpfvr~ zDD$6|EQ9K8v(2T=7YnZl_o9BBUp~C%2Dd0$hyxb$q`rj;#G>?GOxA?8ucvFpodv0E zoAAMt0U7JD7rm4MaT;v9^@sKK6>c2o$mAjI9lQ%qz8L?Sb=->wr@M!#V4$tS$mzdsD!{4tL8Z7Fs3Zw+9$Ce1h%}_SdLY z3=)Hzi6=o^EV}qmr$*ek@brjchMS6ad|^=ShXohm^L8>ap{Qc5M!a>eq+XIXCBt8$ zm0}@LBA;Fbi71URv z2_k&WyImo6$HzSU>k2(wdndhADu3`@sqLI_UK+0a<%ZVv)s$sYK^aA_+BlD@FUs zCOtcJ7XWTF=#qk#)qX$Fdit1}$owQ}xthpV{-dB#bBf^Rb7cWg-he>WjgXus{g>#c zFB{d|z*?Kh;3M5mos?CxmubPA3y8MDOyD!r4gc>P4{q3;G@n^3(wlYmM&w2#YJY8& zJI5=^?l+)N-Z7Zz4HU(XTNo(}u*o!mI`g_fe;sNXJbp3kwx{LZXqD$0UAkS|f>LDG z%P5R1j_Lo>5x=mlifLYzvrLiIZvbE|H!&z0{v*j5B9Ec8|)b^33?te}tCostH zoG|@B0{Z~Lsf}ogLo+X;1cE`>{qy-4t2d2t4WlEA_rzkwnjBq6ea0_7zty|%`9GBK z{|OWOMr@6N8-kEygIafh!E&;xwTC>J{BYaiTYN0-rxo9mxLw@kJN0DA884N^5u-&Hy#*+aOSK0v)BRb98~kI?=jYREijRoDmE09 zQr!%R;%_c3wH~V7-|k7qJQI`LdSET}tKB-CE!xL*CZb74kmxSQNq*(_ zb=e5|lF};giBXQQNqAh9Aa~6+$yG|5C;Yx|y}i2d;$G_PU!t;2GiRj42XYq!p|Ww8 zcP;=2s9u6{?gxm*%aCCxXNmN!5+gTab)ZRzjAw4klX_-bL2pqnxj%}=vW9wU3M?_i z9KxaNagmJ&t?Ys;C zzaV7VJjVgpnSo`vTk7*Xwaxk-$mwfch`GimW(3Cb&1*1X(r6Ok>`sF+9Q$)%us1ZV zM*6Zvs-6Y&%a>`V@$emcAqpmdc8tteF6c#1$)5ppn>#LFwY0+)HpK@D#V2t?`734U zIIZC-LSygCop=ftbdwlWcknt<-=8f(tKt-zTAidRY%RI#2R>cx0~UUraKeV%DmIsX zoz1%e6GS8P1O>PFQIlgkagpVIHYmc!^Q)wacH0NNrvU;FDKd6y>Z$O~;U$DGX4G@FwM z@HpOV(Pv`ES==%3(vRp>{hGWZYG)3i{9#y zCGoR3vU8M(*Hj>-_^A&wdI*4VCX}w0n&6B|HuPcK9CMv99(-lJBB|Jv{741U`VbjA z<0dgHN?@~djuwk)`@|P3kyqdX*RwsrTf>~+2)Ee82Aw9`cz)R>@sSiQ`EvJkmCVUZ ziuPpB&&)R3j$m`w>VvQgq+YbqOEG?WRy{1Mg)R?cvP-l$y8`VKbaX85iKcji4Z2Ll z_=QS}DIW~1{d3xdSYh1NZSM+hgOCkTHCrqhTRDOKMR_rHP1dIsLsSu!X?l+R?7k0w zsg9OEfb9IPC+O^E5g75hMyzL%OPON8qSeG@$Y73PMAfL-S~<+FD!*jr6Ti}rGzHsD znPXD)oe$qP4ZO=6z?MlRNq#zY+tVIPZPT0rlMKeiwbVaXB_cbT0Hw`QN|YKE>5&VN zrVNgVIiBumwHvl*h4s^V976tt`#iMw9Nyh~y(aWo<}v>RbI_LRZ{kY7dE zecZqkR4NNPc0EW7PSnG}>sxufu`A8j9W#e{LKo@nkA$UpzSS;ER9F^iZwBl6Zg6k23@u;vVWV&iO5!ZbDZ2$gRXCJS_j>(SHA1#I!a4I4bt5TxWm?`+iWaK zH=Ld~j6BoW?z|Mkw(=<2wS;ucRJE_EMCAmc%fsC>93W-eb&Pc=A7x$rms@6|)a=Dj zl@E8R*c~X&<7T_}-=D~lMWjJ<)mB4upX2qPq&dF)$Y9AhMJkz4;a3C4UNVw?BV&rQ zkwh@5$aPTn0TC`{Wu>l;5fPbRh1H`dcN2ep`)9eD5JE)t>YtcZvoPNpS61R;@A`TV znI|B&k{ap=R;Zw{C+Sh^4zZl4XAu?o?M z3D7IhdgC?7{rk&JM)W^XE)~D<$EFQb0A8G zy=|(d!&ydDsw>$*Op$7WT)tdv*tIYso~}0c=Eg2&7;F$3D_TE>oQL|e)R{5`CWR1D z^HK0jWDklDm9{GSMdU}z7D>)y^=aJlU1X)>U)K;NKwLk^Vc@z*kNM@dMfNB{@nlu4+tA(;rJE6E0Z<}i+&Z~ag2;6Dy^<=&yp z1C3s6w#smPIplt(>fm(e@BkSiT=(G%Hldzcp4TL%p)CN>U~3tR7!cyA9A+*bD+a3@ zxT<*DRig-*#SKtbzixO6690I1$gt6YjL)eC!%u13R=Fm6Xn8E*{(Z4d(PH;OANXl@ z%*C`w31eQIh~T7buK?S`kFnh8eS+lsm zoNlw}(#Wy~Ox+`J6qFL<{4h5>%i+_6L<)9u_l#^wO`3qXCBl)Qb)x$gL?Y%bKmzcI zf{NdtA?;nF}FQk`#Jq==Ty5|u`#SebkRempO>Q{uVfPR={#;I1&Ha>mLaDs zE4P>jC^CLf$m+M;yefSfMO2ms^VBv;U!C~vz?NO4)srT_+@CuWMlQ4>Q7#eu43kw6 z(b?kP6GK1`n?6+%xrY>71hpAV26G$Rxwc)ss9agk(`@t;xbWV71JN}=4usB53r_LU zA9bcjr*~McQRc6fNUOw)@5;^RnR*8-EKVl{mz9@30VA-E8}1TBA$*9L^I*zf z`&n)fi@WGFtwM%Eoa<-3mJ~!$!_SGgKmHO0?LYZA-_1ID+J725#yK0YDMi}STuG}dr)!9G1vH4T zRf!hf>R-3UFAx#GCwhEdR71g<7v;gR)dZ%y-7LsylsCv&lRhXJG?-R1)ulP%SdN~x z6nLk*qz*jVVg#ST)OF7a6jJ}>2KfHjR_^+=EPkoNP(Xvg*jYSh$AdS`*Cj8_*Xbnl zqCkAYr7iPF^WUByieCmY;$2!-1nTAljUOCOjO)=!3n`cofGd6S5>0T**axRS1Jwi> z2DPn9#0Tvs&Vu5*(oLV$$?pMMZ9$95NjSyKRzZ>DQV2?)At5hrp4{#a*4wcC`-;7(bMlg=J2d z?hoE*`?m+T)9)=suPWNO=9kn(nXt8#SsAi(d%qs0itQo8Qaxc*A)an=nR2_}>^XKY z*{FQDzSHeoRF)6*Gu7Up|H-%PHUyrRdNjL3x(r8fdlci;-Bk_(lnZoE@lHpS*fdSAnZtTo$3+>SkgFz)I-| zAnymlX?zZA(6v0iOLI_D=M^Su%DsW9wzj@*ir#L>6F7`fBF0|z5-ux0Y+ae>VViS* zE}_eZr6*OBw>rhQFZH>O_YEbPPcmthhpVL`{N|)@GN{sT zwIx!ZpXvC}2y!dOVjnIX;tVP-h;L{go0BwIq+8-n6Nd(DzQnUg@59uca%BjdZ}VHDoRpdQN@I(RMH zE|Poo;>~3J6~F||Gl6zzm&tsNQbXjjuf*FoD3W;ydkvbmYk(euxhfQWN>R|(cPR86 z*rk6V^PqQ8ls`Vnx$z^jr0VRmg@pykY}fn1SmirGQ@Gc?%LAn%h(t( zqUFUEbvYDMLRWq)y$wvF$6G0}?|G&mP}({e)~FNLNgDj*MYKUqV5xG75nUF7cNa*JMdrqHy7Nk`HsGx(ugt!EcDGs@?_R-lUV?J<9 zj7jGx%ek*;T8#eBa5EoUZZV$c@Y!yCuPvI!u4UQwOm5XLg(=_vV@UW9<@rCse*V*; z5m#xtfPZsLgT75cPmKu|OwiNyX|OrUXN}{Wm1Z3I;p6H7Z+#ik-V9hIKia={sq*fy zZ01~gP9`2g`mLWQ>;nMO` zBqjjeee^6)oYc4PiRUfMKeKt*2ej1 zx32#<#e9K`5IwkGUhZmC1UVXNI`-R%fc~z&l5}jYovwgC7Bd!Pa+WLgg6Vhx)wHRL z;0nEl#VDvheG`4-A- z1AW?;xLemx&&;)&fD>wdE%-7)=l!?P=|nv;0~ABfYkn@t)v!$NWK(v_sjrYFk{=Ww z8>*mMpYgk547U%b&B)?x=?9u)eKI?8vn7Vh;LflvaDW7Fq- zcJLIA!u2|L&w{=%y%d9_+}Ry3H61&LZ@In_p+((0$9#F8Y4ulPzl=$+mSygK-P@2B zVV`BUIIDD>n-=S8^t|nB6i>`@T|i%LQOlHLT?y@1o*R&2qSG`u>?%z8I#MjGb{j0P zGy9F8O&R&Bz86m+#|*&?9iN*r@f!`a-emecC|#S70ctKR#2I|`_okvCHBg5{;k`+8KPzk0A1WL%B&>Fw9aOKY^6tuET5e} zt!eOb@!{4VriZuGbaun0Phee3vX42BZ-$D!hX&iiKkb``wxu()2VwJOBsJ|2V2lNe z=xX1GPZU@7uWHq|VMk`wUS*7Yikp>^aL(DZmd~kQ``o|QB=~A{c!%=j=&?}XvwBRn~bI96bPR%1&+V)z)#zE4k<7Kg9$5JZ-s{w`)G_` zzx1w|6qXzUx)y-=F`u4%B$7G7flKZ6if)#^gvi7T2UxmmW>rZ#L5&7Qa zMD&>R^~;uR#^BP-wP0_*P>gY+0YJF=Hx2Iy6KYGJvadBIM0f8l+3} zS$J0=CEG)D5xb_QYOi(>Bv7co6@`?mnyaRp2W`^SHsxR)cw&g;K*<|v0h%c*tumJM z5F76o{j6n5r&G*5bprX_M?gB{%KgOd!U5`&TxEUtDy+frkB%+C@i~-f3J;v8AQRQ) zO9sVq1A3t7G;UsCA+p~eB2~0Hgjb4fb8f-7A7_8ix33J9!1FEl2>K-cy3W$FJBl!V zIYRVxstGGWv^^EyXJ3nui7zpjlIE|Y>Vem@a3{;PaFoC^6x_RDoa6#CmpbzJXYIS^ z)}QS5%A6o%0nJ`%CLmgb;IMoa{{L(TiG5gILN!>}6PF2%y$53D`>y-FdISN>Sl9nUo| zezS|L=+wv3SuJn5vWuS;7MTcG-r>ra zwB6H+?bmj;c+F8ONk7;G9BRpUazeSwTqn4Y|d3NX@H5?|d0ThvEmNrRJL(@LmE*a!&?t4xvp+N7PPG}`K5BiuI40gKc z`pvAQESzwzrg27o-p8bYX^t2;wFOKCjhzvgN)m>!Z%8Z${If*V(%V`^vM7azKY$0k zbcIvu zwGT`|$t`|gIZD%1>fPi^o&@9|Ic*6U;YxMd_|T2@^oB3L0dC)e4pi61J6~D*aVO`l zy+|6TzfBcv;eJ$C_De6nS=$vpNxg$KdL`McgIQ_>;4&ZP^5r1r8ClR z<*&^YdwjR7mF2YB&cXC(f#aYIPL{*niv*mwqWH(ewP}g-%9V z1xmNCTi%&+H!un};`?5LV|%Khz@g!rf8PmzkhDu`vc917c8{_!HY}8n{r|&V%Irlk)O(ZywN}c5YSF4rE zS-|5^pkXb_*o-&RWw1gIQQ7B1agv`}{55XfM$?`Bm?fuXrhfJp%+%5dwbi?ZThiUQ zj`P(i(1~bdw=^B^_|6xw^)h{nZ@jYf*db%hubs`#hXvoWR%o$%CO2NwuN6C6B*!bM zy+HYJXAkRj=UbzU?Ni)f7Q@dQPhc}^H%!a05^4CNIc+@w$D4f{G+4dako1p<`jCYQo)_NXdU*v+hyeDGW~>+j;zb zLPN|@$tSS#OpBl+64;{FSz|pwVNO5v-n)cbd!BPxRp6w?fL{`Pu zg=u)LLZ7xXVx^f&$wp}$ko=ujO|Lh|03U^lTyn>*t!DSRPqI~#N5pQBC=~c5^V7o1 zTsJMIo6Rj1m;eeJk~zPe@D9i^iqZ0H%}uBCv3}YMu(SJLB7x2erGu@Ovgt_}2qb_? z9`rc+OSHHP7brCuk0bNji8Z3Os`^W$u0zaV-=ef_f(v6t*a`Je6O?NS3eL%9Jik6}JtjlvIK9=DKQ&V~l(e3HB;_drqN(sNugZB5YW6t;;x82)c zv}%*tLAvO*M$Eah9rV30+pzGF7Z~?iASt1@Ne9{Uo9jL3b# z+cvTk>XlCX+26+mgA?p$h2BITU(G*Pv9qP;S5kpc4`rRfxb{~tgTYCi3k9ADl&6ZK zoB8CUsx{KtxxU!Kpd+I)>FCI2^{5=OSgb|U(wdt_3xpJyF3%b62n}@Wtc_*{o|p}g zt0%B@%q+npq`%rMt*L3BG`>2iA*5EiuGnf=v{*D!_)JC1x;^i5A7L~Z=nZMRaj=^} zfF+#rn&Ag(^s=6|wy+myRdlI!R(CyCwy0qA4qJ}3=~~J7N+zczpBU7nMg|uB)1j=a zIN0v!v73jUX&y~N=!*c|nmFo~8gMpXwxEGB%f3tI)9AOT#z9~W4u5(~$F%IM#ikSS zm&mwK@hrg0iBM^$VyiV62yAC_2OVF~C-fM57Muonetw^lpQJMYi(MA>C>sHI2wd2j z{;tp6c(o&+EIHOuOp~U`g9s>-gNw;)ca$@=!|mU?$#0oUy=a;Ch|ZW=JTTuYXDKHe zkMfKTbg*!1*6{!fcn<}={Kdk*17zNRu}yTFniazIPo=k6mp1J7ghyU+z6B_EzBn); z*2CSNVdUWuz!jP?n4CVi1iV^nH(ze|f4)_e;vf$9?XBfE%f08B>2B!TlFedNGqn}= zdo_Gtd0LWA7|d?IFa`-UUq(JN@FhV3FEEm!$8i}J$L=zfY4F~Q z$%|V(&jACqZt+YlzvLES1+Il@I@Mm@pxuKMs_0r{a{zp4!M!sgZLn4KRh1yWON?5?)&WB{~wwueEMv`t>D7|LMaAch*Pa6bAYEQ3x_ zmlfWFXY>8n0_9H7Uxy42X^VdTOEaL+`QPw77{8a%hkUg@GOcvA;1Km}OF29|++!#! z-z=21h82akAEJKkK!0Jd$$y9v0UIIdYYgqy8dY;wip)~X{C+(zUq6SYKZJdCQ)9-(KKIGp#+zQBg|91s!9wNEE+n+yax8I?pmm z#r0y^x{#Rbo>ba%`Voprr8WC?Li4&QI}1s&pMTH+=>sl!3AE;Okc1t-wa0PvXY)%( zziTvO)RTrjyYBa;Ecwy#&xdT!gi_jHeK5uO7CW1j4L!rpOc+|TGRe7^1YX;IS*mwf zPO&!%lw;TK4LJW@x=gy-Pq^j()X;ve=@`+$4r z%>^9P|Lj)FleA_1C7RbIXCuV=g`lG8b7leiS}Qi9hv|-mme+t`Y?f{Z)XZq^w7yz}Ms zakj4Z|8uJSCn4(p{E#kBUi_xv5iEM`Q~Q@F#^sQ~|6ti;zZj*n4iGv;z!%X|D&Ky^ zFa`GW(@#odcUWvZe|AXXuc(pGUohFXO{Qqe5gjwsYHX8cB+u_Yt?QlP&cspto%S!0 zLQKNZoywb!JW5V;aA=(AGHp|Wa7T>jw@AWORi(kD`IK%Z^O5EP% zTb9k@?NkAghsVk|?1xe(tEh^io>In98+4FOYi$feT70F1q0-MfH68AE9!<<9s!Yi> zm=8)OSQl7%;2P9ejjtaBj^gZF3Ou=Phy$LhzyHn0F#YkOkadOXvTvsFP4pIel{fB> z#Y|tkg;A43$XG+a&IhDwfY(HOW_=3z%^-B>^>C8Immo#Fhjl~B=!oUfjau7TUyoFN zfXVK%-mu;x10=6<%ZFqvSjtj+5&e7xP8g@T#h%Dj1SSF9l8U@o4Dup_>$5zZ7w#wX z%gdPMe67kG$J+R8JeYB>2i*HCx~sgxr*rl$1#mG-JOJW>IG`L3RPhL`YY&9?cY?7J zdi*a|P6ahy2R0080CZJeB*Hz9Y!QTMiryWWhx@w4q@)p$*pxKgyc;X?e|=<6maOA3sVEgS3-0%0$JftZSD%VSa3=-doQNjQKB;6S+7=?$_%-F0uu^4R z6|v6eiwQ7tpe>`gtC=`a@Ta$x?qGBCiPtPY+3pB6pG&2yDm0Ys5lNa%la$pn z?61#_^WC`lf=iVsU%e(SDdQ`B(inzsHuKte8tAlTchbi2^z9+2$z<>KkG7QU`{!UMX@XA0$xja1cl>dRlXK3l6^vg8q>uOD4h zDmm8G*Fk=7)Fs>?q}%SLBp)~d&PzA@+-9Yzo5JS_-rGa5L}8mQw}(Rp9>GlpU$Fog!ox-`|#gj|_e zciaQ56*6(L*%)9|WtiY#Br-`)o#@$V|KUAu#6J!M?Xu=?B_O60*!fu$$!u1dem|YIF8hbB6y|tiNTxM!>}fpHP74ByVjwB8m+(AR^Q3v# z;%QUJBG>n;F|a$NwuYyNAr`=$-V#?iv|hXF8J>ik5;ERBuJ>hakF>wl?r8A2t)2$f zoqReQk4N7~X_;5i6sA5DSWCBhLvPd$kjrn;a`G!dWIETP5;Q}7A9EYdD{`YTP;_#{~!nu`SVF_jRN7NJR8Li z{a)ln>*NyTiD-0|)P%x&i$TQjd-<(ko#1vdo&;A**ajyvWJd~JKAC^Fybaa~ZNRAM zc1vXa*xu{;29n>MDZgJHTT3eSagQaY?Pd)r+=h2ElSyMerDbg@m;Jag;qum1jCN69 zRXf@BMryjgeT=t1I#xj%gouAt|;Jy#Tyy z)_^Y-kasLk^GK6C53{W-bjmA5FOSYgg1TE0fLF!`FkM}5(cB4GA(U5naNSzAV zmMXSC5Zp07IQlx&r|!*e^Uik@`(&CHU5tnLuM(GUrDaf)%yAzfZ3nNoO5fJ$b6^d| z7P0yGqI^LLaPYi-!s5@Fm3M&7XIQb0K{$nB$yf>Oo?68=jTu{CS{`Vo$N+ z!G^pE$?#S#5U_6yq+?tOQNKC}7#9ybmwk1Vhq}$P%m7xqhnx<+Q z&3qrsJbOvs??ap(DZv+44Jr*(D8Q=W$wA3;qW2Fr#dC z2K#{&9%XGo0MCxDSE$;X9Q91SeeDXaEv7e7{ z7K&uHf!Mw#*p5KlsNaI}g)bJO=SF2nI7|QHx+dZN%M=iK^#EzP^R@Qwk9C>eeJ}+z z%Uno#PW9P8)u)1Cn}%h3u!bhs+D}l-t#2)6WqC9QYMd6LLl04IY!B}I{3y2YRR*%s zeyG@`g;MrO7aT0{paC!W2GCBJ{%)RV&JWMg<%x{R>V7+6$y7ILBSGApd?%PMT({^u z4}ZmFxy@zPNbpo(3R3UXGComnM7WqQ+Q6YejBUq`z{=#e1S-m3I&akK>EKoVk^ihi zUiIIve*c<`?-VQe@M(r*ow{f77KWv|vspX_TN2@_TO$-Ys!AQL_b@9+hW8?uZ*X~w zblY6pKQ=X1n*$iA9xTllkSX?FHHm&*2)X?aBBrZ9qBcRG+B~(%;g(%{`hHSTw0tQZ zjCNYuxyH>IQ=pn;sG!lOz6DhcuT!1vr$kt~s9Of_eaSiPJ$YEIz>@plTKn#3xWBGn zA|Z)Rlwgn`I?=_b5k!mLTLjUGUdA9KL>ti=(R=S>j2_W@XJ)j~qK)23u6M0_*S*iZ z&+mQLyVm{pth3hlkMliy@3Z%(^q&9G)aS+YTp*S0AAq&{0|h6j>ZSu7!!I*c+IP8C z9^7d;`0Q!!RORUG?2*TQM~%x?b~*R<%fdrLyMU9)>j{wA`4x$KZ9{%CyIhXW z1EOw>Ix- zTTidfCV#i!E>PRPV3m*4zo;y!<7)C%X9C`t8@t<)dHcjvmytS^8L$hJ5fcYtqK<>h zOc?|VnYuH?hYp%xMZAP0oq5P*t%~e`-u&zd%`PN+cy4oWz-*cMlK>6lN@M#NONltL zdTUXTvs8P@?9Su9m6&p;H7ACNWie)Vye2;S-D0eO*2euSbG-<9?WhXZCKK#bMFmX1 zOAqgsHDYCWX&ruX8&#VN2>B;-+JDvd{$H)q|8kWph;nLb$zL@Flk3Og1vPZE;zc!g zg?h_;9OWKq)tI8sK=xDdwyjIPL|D!`Y4DORIe$j2?4VY!X^Q=`g2%Q4ANh2;h}3Cy zdVP6g`{mw6-=|N^jJ1is{6Jf2U31HA?64d9*a54i&-5b13T5l2J^T#bh9GOr?13K}Q-@}8L z-*n0w<5#Rlm#)9-P1tzTIohpexvt8*6u5J~j=>Snnqn$>gL3Sb8Uq)ucY&2jHZ*_( zkuNqGwY&iBL!bgUx3ssQpiXN{?`1EmNOuyc@3ryDufXwnod%k@(&tWNx`J=f3v(Od z)Nu!MkU?CpNs@dGXhE*%J#m48mOBeoIQr@in;6?^S#efpS0uXQC3zoh~2-Ey^X?GbNp(i1-wU4g?L5z7w7xw#dm~WMSf#liCb|b zOJiO}-(73zFV6UFS$z9*xUO(7!DG8yoMayk zxu%KEg^dCt39X5OfW<(iCwp!WYWCrhpo)lt?sJI%1BZf*D6U2=1N(|f$`Ro0fU?~- z-rG5-Z(98bTYk*#OdNduz&!iH@;bwxYNf3tO|^J!NQk%53wzMhKjwGU^RO8vsIhq- zbQHG6rxRU>9HD76{ZaIExZww%gxBcK&9Kmc`nj}-kDf4w(B~VlV32O2gfHY=DGFbd zYbVJ7XQU2oGV%}}jKiJ)V-?9;l!j?)PM|pKE9$j8x3->Hlhyr)(6!lAYG9f@8;iOuLFYHb@xPTyirplfty$FD5g!_ORQ*3TqJg+0lRNYVFzv%gK<# z1}E&VZXF3N?)}hNKl+O^R@O9Gg4RD|9i-4wa`A?6Z@0KipII$5r}iA;>>r}q_po(O0?qHS6xq4j z)`uRljGdj|y^8OxYQYhHB|LvD;#qZaR3d+oW%rhGfiGplWVAQWSxL=;wRb*>*yYY2 zbvR@$c26{a#6!6Zqjy2&x>Qwu6jH67ju8YNHM?N!ZL>c`ZG9}rH{t~kF@v!wCmz;vvAU&W-+NSwf&q*?)PxIhh(BF4vZ|u~JXM3C_^Wg7QTXZ_8%_p> zTyywXBA=F}YjvsKJwlH9+7Z-feH!oQ>5B5`-F}YCQ(ExDwb46aoMIEL!qH*tUcBS% z2lk04jgBVIqQ0S0UEl9r2H;*6pK|W53%=oU-HtGR&Zi{%fA<{!%e?WQZD|jc7WG_BWkWyTf)qu5o ztjax|KIOoF`g_%r%48Ac!S`!0KK2(O!3X+#8Tcl4pR?{@#7fTXLCd=qR4Jv6lu{zP zHPB+tADCV;Re$-$ZEUOVgliK`_FRmOS+6d?f!di;*E+{m!HdY`OmfD5-M&xi!Y@po0x#zAkGB|URs zX8TFcljmK_s!F~G&n-txwEnunp?k!2HObVpfA{1c(i29yX+co=EdJ=Pm|)yvvi8G~ z+Yf@$(|ayVg~mQbQ^Wb42T^R07bMJ@W4(`1>&=RrS5s-Y8)s?YUN!U7E|apWEVECa zo=s@ZtvC_MSVCntov)xWh9*(@ib;OO&sA=q2=CNgh)VVLU?5o;mU$WUhtwwjDy_h%=P8>$ zeW_t9pL0NxqpFT5%QgxN5vBrw(J8Q=^i$^bRec7e1FJ6Y!r0$D zWm2oA4OTp`%JIRt(W+Vx?+d1MwJeHqccA*C)h8H=BG`$xR;X@M^7I_KOs zkgDDlavUjeMnQU{w?q2X>E5)hvq-XWDmKRVJDLkH?b#e?74E_-!}y@`+IzQhlh5Bo z;b#*BN-N$mS|te~|1~;u?nH1}G4Xa9rj;Tk*ZO-HM(F5S>JLrndtQ`0NqYwRi<5{M z9}&8VAGH`^LF|hXJ4`3IoE=i52mm|f6FnPBT66o&w9A`~LBpwsCz2Ya%@s4gm3o<@ z)mqcmBB8Sb^}T8``^_JeiduZ@+Gq8_Q3`k7Q2m0}iCV80F-xutA6x^`5sZf?Xt;Q2 z+X!Qsf08~$Tsdc3Punt7)v;$IGn^6zA9PEqiid={sS<{IFO<6+_K^IFqcl~c3?o9+ihDtDH=cO5|%6)EY)*8GUwd< z0|Y+<^s`o8#c&NDKo0X$c)I6m(iz3nkS0k_RFsVhrmlL?T8cNV()|DodQ zDN<$e=Xlnczu}hRtbK`{tDwj4@-Ghmn#6e1Eg0dtz1QnPUkCnEEo;)3>xF16&>xy0 z7K3lQu&X9dB|qd5S}e(f5122it*Ti}d+%XIUELNu_n}+4hTWJv#(u9Tg8Bt}hYxv~ zVa?C-LvlIST{$oTuHRo(fxsK}F@0EE*>~jcd7z=6t!H;&+%X$xgbmvrhX5o>-aX8} z3>3jE>YIwWh+vM%B*-yyQoTdoNyE|Q7kqh`O8__x%_j^?@0PNja#=H}ABwOh>Sc z8XmiLPL)92H|7kqDB2}B>3ONp(i0>>5kgC^!a!ZU#J`KQ+I{q4;}^`u3nF5_oZZv50twhck5wha&2VptCghi#%5OQ1{9gxT;_6Y z2p-Qr{GDa(WY8+J9Hdyn_AvencLOWoT!e{T#Zj0c9+K@-O6b}0&pSl_eym$1bYZp_!AfG7i)+Tt#V9s)%pFE? zDr$ztaxz`_tc)*5Yni`!_Tv-Su@?7Mbc0}*hGq}K@0kzvW8WX={Y@U;#LsYRIkFr4 z4|AqyILfE5hC?Pz+2Q?mk?~HEF$u~R^r`cl#$D_zLT0R%dDdktx7Xez{!V9 z>IoaE>kp1{BmJArplyc_*vy8<>ods|&prJ3aGM({v0&2NdoGb#lUbDhp!nbBPb-aM z0((8Np#u5V2VJ0cxhDbxSfyNK1VTLyCD2RCTbvgnQ9RLOTI^g?p|YMIf-D-D? znCJ-*_9)5PQ0arfN6EP`k_7nR)aO`1q0n!Rjd)gbyS3@2*)u8wD+NZCLNZE#o{CFu zG*){Z>vX2~yVCb%FJDEAaPzyiqwlGLr&pUw zLAKP_B=UyxwAh&8XC1ih%wjm==fY8@(pOC*#g;*eQYq)KK9(B4Ea2?%O}103IY9IT zw%!O>+PYIKe=vluk9*@0V=-YS0F6)AZcrlswO-}8qzpJZSC`!ms}EkKP21zgiEFxJ zFJD$gryF^OK2GdRbASOXlj_~js(e03V}r-atmL)eeBT?LOnJONC2lx?G0G=;e1*Pc zW9n?;zC#Vqhw(g0R&0_DcPu@Hbo!LAcQp@-4YwSL(5udTZ`bFtf`cQ~_I$v2)Im$A zt{eSFd2cerl6`sWq`Z+no12p&2jjsd9{QmxnIC!e0xqAz;{mTm#g`7qW*6tORC5^v z+4oeQ=O(votce>Ro5mvOSz~xMW+WTIP5AJbGcK$Dj;G%LRA~7({j>Z3R9XGUUc>7@ za__r&rv0e30vhM{gvrxNcXqao?!alZrvdSjVRuAAW@Zk41l6}Szu7P4lhnTs%L@K% znz7X@xWcrRb+m*`Eby{=#5?`wbAIgtaWpzLkwwd@%AO#t6H38@^V}4F)h|Z3t@97e zs1!!lkPi4YBc2HnHc8)m81K*vcM@6W^R9qdZDDM;(TB#xW3>B{UZS{Q?*qMwhxrKc z!#VAS5qyvRx;n9|;mfaG-giES)n=Q$`-r$G6PLt^iB2hEGfXDkw}Mhu9f9$tm0{0( za#|LjU0-bQF}=t*QERf)yRqw{(4jh(8Oe6hV#J(?3Zd1DMkNgqlNVtHvp&Eiriakw z_x7m3k@=Bl%BM%*qBt43`jpQPL?8{> zJl1d-oNPE|jq9S{fGXCC3O9|o%?XogYjiM69^B9fGT7=ES&s9H6#t?J9UK~1CGRLZ zfvJS{YhQh?C@prxlSH+en%}`vr8BaFJpSUy-qF)$)l{w%to$RQbS?EA2IzlyAyn^7 z6Oz>9`O3tq3p1!2)N)vde#~^$+cQkU5yL`qZP;)S;2O4H%Z}4b3Xqfn^~ZI~N+>mDp%hH3 z5oHJcS!OUpfoDq|1|Nk35B4+C#Ud6sCl_%0oKsNA`sny!P(k-o;bogam`Qfu0gGh)Gq>wdDKA zS6)S1D0RB7A-1D$=Bg_98{v5IHLmR4!+~G_LF4xDu|5D!Mw1vX_P~>|UIb zl%oVCfV}w9tdXmBk%?aF4~TNA4MgIpTVy9YH~5%vXiAEMkKWC%fF%1Q*&LHb80dj; z(|tWr|3QV2;{svY`rY!p?~iO7Q5>Zo=dne8R+)Xd{0zZ@6nm|_W5$DQ-m#czT5N{t z0Wc_zC<@SIl6)H#v;_qUZKKj)N)7q`m#XFq#Oj( zGqEK&c@Z(5b@s|u3wIqq?!tC9I<$+idY$g;7mJcpCIGdn%Tsk7$4suq?pTpp9YnGi z&Upl=T0&5MqYb{>ODi-w_+)n>DcGNw@lG3J58f)ms(O=(UO8 z;Uz08@^sg1E}HS=BS}r5-utxPw#;(|w{IPot~5^bnhJV&X6A3l!7n1O8OuMsy*xqt z9>)xWd`=xd(}yB1p8k2bn>MH8Ve+WY@T_O&ZIk?_@#Y&F;+O6lk76o)>A{+2zr|$z zDq`(j)Qe{JNv|R*%&F=CdR`PFB{K12iwyj*W{};Q^NAYX^952|g`% zU`H3ZElyBB7lGxp`cQLw_Zu;A};ys36ifkSNIKIE_~=b0kZV)&k_sd9nqEfRwYBV zh*CC8z6feQMZb}<5Ze#)SaOco6$9)O(|IM@S4G^o0wzXDjPk{ksLa$wz~1>=dbuH` zy?DldD%4*nzgcCouJq%vGV8C5xh4>II^3FwSo3cvFa!gfdwHkO+Wo3d6*e#!C}tZ9 zm2hb6VYQ}^Pzvr>vz8P3&DW~Kwx!)i z&$3RO1aTC-AKG5H<~l=OBH>k%NJXPAHd-@O85!@&ucc#+=rntxeMqu={&N$*`2)$X z{h9}F$LM;Od%DulRmk?rv_QguE~}}VLN1hg@~!%M<;$^&Nm%A9E@sx$%p(Thco2@_ za)?6n&JcO{`no|x*egL(G$*W3!l!B2x-vFU4&uRx_iZj&9B(dLa{tgz)VY!d*{l=5 zV3R~n8W{#oWu5u~p(&!>!yq(GT!3^!&Dc z9>!Con{GJN0u~^jdIgoh~k1#7w&!TP!LI;!9tn9 zV+LRIO4yAdre+0^Nl%`fgBz}-;F*kB;n~@|d`<$SmRzfUrE1IUqQ0i61>VZyC z6E@k`qT`dgsw1Y)+522HH|_Y5+1uWM^X_-1kM8%zs#M<;RqLva1~A@@I9RS>Zt$eU^v7&tjw z?m-YihK-!OSHXyySHV|IujNiIIE|SlO=u*$etAD-1d;x*+4-5Ag?eNi?dt>E;tMD` z#bWF^G>ShhP2Hnv*T|UKNX=Bml#VMqmxSwx%s#C%&ho62GhVV9Z>m?S)Z6M$+-gmp6!4rW?Z4By8ox_KZ2Qp6#7JVZ^ipl}}+% zd)~HTP?Ma9aKr1$QV$00gefOpr~&K;+1ndU+h**oc^@%ecfeam>9h-ngROjHkr!Id z;k4QQjAQH@8i^bCoDgZCgrW)cfw1uhj`{#=p-iL)xmi5nlWkdd3oibZOe@2 z_JfV^cg4&7dm#^-F10?CmOMF{62LmS3(~~zd-ec<;LitsrFw{>eBO$72ZfJTaYmJt zD1IHZn;gW{t`yZhl3$+V6dRM!!$`NO=*x)mxu2C@^m+fWPsYmzyY*hh3hfWcDka=@ zoF+OtfHy*YL3dtQ^9suR^Es$KKm2Mym+^zpe8j6lC{N=5q3330vbK{<8(aH>2c(&=bRgmS%Bl{=Jn zw!^-ll&r^eULuCq<;aQ9)Cc&;6|wU%_5C7U0Q1&6*s3V7(DFlhdGYAiCq9O1PllYv zCsCLmqOZErIUH3x*kbN~Ix&fe{au*y;mouVP>0bJoX;@jc4;E!IUdvjfYnXp9T--) z7k)`)-|N{OKfsmeXCw*`wwBPb9p^qv?RM)ryv&j+j4a(U;hEwCMg4eI>e-Vk8V{6o{0DyX3LomMQ8%Gj7H5AMUo8J1qh}6} zutnf5x%=H{?7XO3t30&&VhL?9uz}e(M0T0H9t0Cf+0paxgS~*Z@14p8i5vYuQ8<#a z=&$vYzA^{1(vU{krTm$kklLJv5M;lt)lHu_#zT8HGL(NKjp)Z9ctRD#N5tP*6b1(N zx<_jePYkF!=Lt9Ter(sSZL8R;$d8G2G{#&iJHq0w`z9Eb(eUq&@!kq)kePD}kA$lP zNWZ__u=Rw;NEZ&2x~7Juj$63sX{lib9E9XqDaD}l1qN9R|;<g5# zhqfKr!(+*))!!v{JN~Q#-A|o9sXqvTz)(aSpk`Az8cpt~ROtZQhMl+cK z2geLK@0pz$g=Fi*Bb_&!C#|WM&QrhO;&nOqbt}$QeR#aDv2t@iiqv?FdkZ};ULY`M z=|f&_6B^#xg(ayI5|uQ9>Z{)$uJKU3B!|1K)_uMon%cJY=UF^@*C%Q?t!{etV>WVe zKL4AJ*YZo%I>Y5zJjy8VPe51r+_|j%kTA5U*wFUt?VI7#QTE~%8$SiAfN?F9)4{}e zKU;3Yb;smui+1Yd%)Cq)`e(Rpn}m*}J@;I2#O9wej1n{X0pxQ;b=@)Az>h=U17I##;X;GiUcA(%EZ8oJ0el) zgtDc&DesFl&Mt|i&iC$;*@1H7JLH&IPrH$ss_LgoFqLpEm_BMDU^mQGQ3~`eGqAhn z(&8&I!Ek96aYQ05=ZP>*Tet?5T27^Z;hoAOpRn5u)`Dfst0rAIXftmg?pmTxb72#1bicLzgPnLYFjqWPH3?mqYb0o~G(qH6k!W1Jjm?jK)pyw3Dse(ZH3v$3rru8*4(%UNY;%nTT+- zgF2+^5fdw@9r^8qD~FGCO1^%!pMukIH)SHRc) z+LTFU2KRxBEtYtf?D=eA99REQVkFSuea~T^+u&DN7I~f*Vpzw%-IRCwBoTrm{X>6J z1E8AgL!F|yMQCa`A;)Xal=O$*)4g^f7R6BmMLqFtB}#7Ag|8p2SQm%HU>&pYigGeJ ztz$;5%s2Wr@7*r?xUu1?+wXZ^ea3{}A922F_G}v;Ejay{GiFq>H`Oqq@G0^U^2&bM zOI_TvqjfwDZ|Kt9zE^e*LaOXLcV$vnTm3z^!TFqv}2hh{i_} zDOTjM1$(+XSYa*Fh^p|?JGwO@<;zeQD3#|~|Ivy~SN-C&1c!*?{l1$3{S!O&AEqJS a{?(cG|L?T#-x%5cQ!4pCJ}mQh{(k^?rBk>7 literal 0 HcmV?d00001 From 928fd07daf8ce6931e0fac5051fe14fb12b0d17c Mon Sep 17 00:00:00 2001 From: Sheeno Date: Wed, 13 Nov 2024 19:08:31 -0500 Subject: [PATCH 2/4] fixed tip about toggling between available TTYs --- _posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md index 426dc5a6..a959f300 100644 --- a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md +++ b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md @@ -449,7 +449,7 @@ systemctl restart tftp httpd - Depending on your deployed system of choice (Fedora 34 or 37 Server here) if you are having issues, you may want to familiarize yourself with the installation system environment. - 1. With most distributions, while the installer is progressing and outputing logs to the monitor, you can press **ALT+F2** or **ALT+F3** or a similar key combo to access a privileged shell to troubleshoot. + 1. With most distributions, while the installer is progressing and outputing logs to the monitor (over TTY/GUI, not serial or IPMI session), you can press **ALT+F2** or **ALT+F3** or a similar key combo to access a privileged shell to troubleshoot. 1. some commands you may want to try on the installer system include: From da7f4b3f75255908a16e4d8d75916fa5bec6ff92 Mon Sep 17 00:00:00 2001 From: Sheeno Date: Wed, 13 Nov 2024 19:55:56 -0500 Subject: [PATCH 3/4] corrected some typos and restructured some paragraphs --- .../2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md index a959f300..187d7bef 100644 --- a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md +++ b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md @@ -267,7 +267,7 @@ Now, create the **PXE Client** VM according to the specs described in the **Envi > cobbler sync > ``` -Finally, create a new Cobbler System, replacing `aa:bb:cc:dd:ee:ff` with the MAC Address of the **PXE Client** VM created above, and sync up Cobbler (leave out the `--static true` option to configure the PXE client to use DHCP for its IP configuration post-install; if using DHCP, you may omit all the command parameters following `--hostname fedora34`. More information on Cobbler autoinstall templates and kickstart files in the **Tips & Troubleshooting** section below): +Finally, create a new Cobbler System, replacing `aa:bb:cc:dd:ee:ff` with the MAC Address of the **PXE Client** VM created above, and sync up Cobbler *(More information on Cobbler autoinstall templates and kickstart files in the* ***Tips & Troubleshooting*** *section below)*: ```shell cobbler system add --name Fedora34 --profile Fedora34-x86_64 --netboot-enabled true --hostname fedora34 --interface enp0s3 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.11 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1" @@ -275,9 +275,11 @@ systemctl restart cobblerd && sleep 10 cobbler sync ``` -The **PXE Client** VM can now be powered on, and should automatically boot to PXE and install Fedora 34 to the VM HDD using the "Fedora34.ks" kickstart template created above. +*leave out the `--static true` option in the above command to configure the PXE client to use DHCP for its IP configuration post-install; if using DHCP, you may omit all the command parameters following `--hostname fedora34`.* -> The newly installed system will have the password "cobbler" for both users "root" and "fedora" which is configurable through the `default_password_crypted` setting in `/etc/cobbler/settings.yaml` as well as the kickstart template file created above. +> *The* ***PXE Client*** *VM can now be powered on, and should automatically boot to PXE and install Fedora 34 to the VM HDD using the "Fedora34.ks" kickstart template created above.* +> +> > The newly installed system will have the password "cobbler" for both users "root" and "fedora" which is configurable through the `default_password_crypted` setting in `/etc/cobbler/settings.yaml` as well as the kickstart template file created above. ## Fedora 37 PXE Deployment @@ -418,7 +420,7 @@ On the topic of network security, we should also restrict our Cobbler services t sed -i 's,^Listen.*,Listen 10.0.0.10:80,' /etc/httpd/conf/httpd.conf ``` - - Create a local systemd service for tftpd, modifiedying the original config to only listen on a specific IP address: + - Create a local systemd service for tftpd, modified from the original config to only listen on a specific IP address: ```shell systemctl stop tftp.service @@ -476,7 +478,7 @@ systemctl restart tftp httpd 1. By default, Cobbler's DHCP server attempts to detect the PXE client's boot firmware type in order to provide a BIOS or UEFI compatible bootloader *(BIOS: "grub.0" - UEFI: "grubx64.efi")*. If using **BIOS firmware** for the PXE client VM, the Cobbler server's DHCP service may not provide the right bootloader. - 1. manually set the bootloader for a Cobbler Profile or System with the following command (the `filename` value is a path to the desired bootloader file relative to Cobbler's tftp root directory: `/var/lib/tftpboot`) + 1. manually set the bootloader for a Cobbler Profile or System with the following command (the `filename` value corresponds to the `filename` variable for the Cobbler System in the generated `dhcpd.conf` file, and is a path to the desired bootloader file relative to Cobbler's tftp root directory: `/var/lib/tftpboot`): - `cobbler edit --name --filename grub/grub.0` From ff0417fe06a931cbf14bf7562740c0401f3e080d Mon Sep 17 00:00:00 2001 From: Sheeno Date: Wed, 13 Nov 2024 20:00:47 -0500 Subject: [PATCH 4/4] signing --- _posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md index 187d7bef..37d0109d 100644 --- a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md +++ b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md @@ -478,7 +478,7 @@ systemctl restart tftp httpd 1. By default, Cobbler's DHCP server attempts to detect the PXE client's boot firmware type in order to provide a BIOS or UEFI compatible bootloader *(BIOS: "grub.0" - UEFI: "grubx64.efi")*. If using **BIOS firmware** for the PXE client VM, the Cobbler server's DHCP service may not provide the right bootloader. - 1. manually set the bootloader for a Cobbler Profile or System with the following command (the `filename` value corresponds to the `filename` variable for the Cobbler System in the generated `dhcpd.conf` file, and is a path to the desired bootloader file relative to Cobbler's tftp root directory: `/var/lib/tftpboot`): + 1. manually set the bootloader for a Cobbler Profile or System with the following command (the `filename` value corresponds to the `filename` variable for the Cobbler System in the generated `dhcpd.conf` file, and is a local system path to the desired bootloader file relative to Cobbler's tftp root directory: `/var/lib/tftpboot`): - `cobbler edit --name --filename grub/grub.0`