From 13c998ae5fe45c4541316f5c8b9fa5b73782d8ce Mon Sep 17 00:00:00 2001 From: aguyot-ensae Date: Tue, 16 Apr 2024 11:11:59 +0200 Subject: [PATCH] =?UTF-8?q?upload=20de=20l'=C3=A9tat=20d'avancement=20d'aj?= =?UTF-8?q?out=20d'un=20catalogue=20onyxia?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../wordpress/.helmignore | 23 + .../wordpress/Chart.lock | 12 + .../wordpress/Chart.yaml | 47 + .../wordpress/README.md | 772 ++++++++++ .../wordpress/charts/common-2.19.0.tgz | Bin 0 -> 15554 bytes .../wordpress/charts/mariadb-16.5.0.tgz | Bin 0 -> 51501 bytes .../wordpress/charts/memcached-6.14.0.tgz | Bin 0 -> 40339 bytes .../wordpress/curl | 0 .../wordpress/index.yaml | 161 +++ .../wordpress/templates/NOTES.txt | 96 ++ .../wordpress/templates/_helpers.tpl | 286 ++++ .../wordpress/templates/config-secret.yaml | 18 + .../wordpress/templates/deployment.yaml | 389 +++++ .../templates/externaldb-secrets.yaml | 19 + .../wordpress/templates/extra-list.yaml | 9 + .../wordpress/templates/hpa.yaml | 48 + .../wordpress/templates/httpd-configmap.yaml | 19 + .../wordpress/templates/ingress.yaml | 62 + .../wordpress/templates/metrics-svc.yaml | 27 + .../networkpolicy-backend-ingress.yaml | 30 + .../templates/networkpolicy-egress.yaml | 35 + .../templates/networkpolicy-ingress.yaml | 63 + .../wordpress/templates/pdb.yaml | 26 + .../templates/postinit-configmap.yaml | 46 + .../wordpress/templates/pvc.yaml | 36 + .../wordpress/templates/secrets.yaml | 26 + .../wordpress/templates/serviceaccount.yaml | 18 + .../wordpress/templates/servicemonitor.yaml | 43 + .../wordpress/templates/svc.yaml | 59 + .../wordpress/templates/tls-secrets.yaml | 44 + .../wordpress/values.yaml | 1264 +++++++++++++++++ ...wordpress-copie-original-nojson-20.1.2.tgz | Bin 0 -> 146624 bytes .../wordpress/.helmignore | 23 + .../wordpress/Chart.lock | 12 + .../wordpress/Chart.yaml | 47 + .../wordpress/README.md | 772 ++++++++++ .../wordpress/charts/common-2.19.0.tgz | Bin 0 -> 15554 bytes .../wordpress/charts/mariadb-16.5.0.tgz | Bin 0 -> 51501 bytes .../wordpress/charts/memcached-6.14.0.tgz | Bin 0 -> 40339 bytes .../wordpress copie original/wordpress/curl | 0 .../wordpress/index.yaml | 161 +++ .../wordpress/templates/NOTES.txt | 96 ++ .../wordpress/templates/_helpers.tpl | 286 ++++ .../wordpress/templates/config-secret.yaml | 18 + .../wordpress/templates/deployment.yaml | 389 +++++ .../templates/externaldb-secrets.yaml | 19 + .../wordpress/templates/extra-list.yaml | 9 + .../wordpress/templates/hpa.yaml | 48 + .../wordpress/templates/httpd-configmap.yaml | 19 + .../wordpress/templates/ingress.yaml | 62 + .../wordpress/templates/metrics-svc.yaml | 27 + .../networkpolicy-backend-ingress.yaml | 30 + .../templates/networkpolicy-egress.yaml | 35 + .../templates/networkpolicy-ingress.yaml | 63 + .../wordpress/templates/pdb.yaml | 26 + .../templates/postinit-configmap.yaml | 46 + .../wordpress/templates/pvc.yaml | 36 + .../wordpress/templates/secrets.yaml | 26 + .../wordpress/templates/serviceaccount.yaml | 18 + .../wordpress/templates/servicemonitor.yaml | 43 + .../wordpress/templates/svc.yaml | 59 + .../wordpress/templates/tls-secrets.yaml | 44 + .../wordpress/values.schema.json | 862 +++++++++++ .../wordpress/values.schema.json.original | 212 +++ .../wordpress/values.yaml | 1264 +++++++++++++++++ .../.helmignore | 23 + .../wordpress+valuesjson de VScode/Chart.lock | 12 + .../wordpress+valuesjson de VScode/Chart.yaml | 47 + .../wordpress+valuesjson de VScode/README.md | 772 ++++++++++ .../charts/common-2.19.0.tgz | Bin 0 -> 15554 bytes .../charts/mariadb-16.5.0.tgz | Bin 0 -> 51501 bytes .../charts/memcached-6.14.0.tgz | Bin 0 -> 40339 bytes charts/wordpress+valuesjson de VScode/curl | 0 .../wordpress+valuesjson de VScode/index.yaml | 161 +++ .../templates/NOTES.txt | 96 ++ .../templates/_helpers.tpl | 286 ++++ .../templates/config-secret.yaml | 18 + .../templates/deployment.yaml | 389 +++++ .../templates/externaldb-secrets.yaml | 19 + .../templates/extra-list.yaml | 9 + .../templates/hpa.yaml | 48 + .../templates/httpd-configmap.yaml | 19 + .../templates/ingress.yaml | 62 + .../templates/metrics-svc.yaml | 27 + .../networkpolicy-backend-ingress.yaml | 30 + .../templates/networkpolicy-egress.yaml | 35 + .../templates/networkpolicy-ingress.yaml | 63 + .../templates/pdb.yaml | 26 + .../templates/postinit-configmap.yaml | 46 + .../templates/pvc.yaml | 36 + .../templates/secrets.yaml | 26 + .../templates/serviceaccount.yaml | 18 + .../templates/servicemonitor.yaml | 43 + .../templates/svc.yaml | 59 + .../templates/tls-secrets.yaml | 44 + .../values.schema.json | 839 +++++++++++ .../values.yaml | 1264 +++++++++++++++++ .../wordpress+valuesjson-VScode-2.1.tgz | Bin 0 -> 149897 bytes index.md | 31 +- 99 files changed, 12977 insertions(+), 1 deletion(-) create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/.helmignore create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/Chart.lock create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/Chart.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/README.md create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/charts/common-2.19.0.tgz create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/charts/mariadb-16.5.0.tgz create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/charts/memcached-6.14.0.tgz create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/curl create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/index.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/NOTES.txt create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/_helpers.tpl create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/config-secret.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/deployment.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/externaldb-secrets.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/extra-list.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/hpa.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/httpd-configmap.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/ingress.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/metrics-svc.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-backend-ingress.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-egress.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-ingress.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/pdb.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/postinit-configmap.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/pvc.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/secrets.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/serviceaccount.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/servicemonitor.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/svc.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/templates/tls-secrets.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/values.yaml create mode 100644 charts/wordpress copie original - no valuesjson/wordpress/wordpress-copie-original-nojson-20.1.2.tgz create mode 100644 charts/wordpress copie original/wordpress/.helmignore create mode 100644 charts/wordpress copie original/wordpress/Chart.lock create mode 100644 charts/wordpress copie original/wordpress/Chart.yaml create mode 100644 charts/wordpress copie original/wordpress/README.md create mode 100644 charts/wordpress copie original/wordpress/charts/common-2.19.0.tgz create mode 100644 charts/wordpress copie original/wordpress/charts/mariadb-16.5.0.tgz create mode 100644 charts/wordpress copie original/wordpress/charts/memcached-6.14.0.tgz create mode 100644 charts/wordpress copie original/wordpress/curl create mode 100644 charts/wordpress copie original/wordpress/index.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/NOTES.txt create mode 100644 charts/wordpress copie original/wordpress/templates/_helpers.tpl create mode 100644 charts/wordpress copie original/wordpress/templates/config-secret.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/deployment.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/externaldb-secrets.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/extra-list.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/hpa.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/httpd-configmap.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/ingress.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/metrics-svc.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/networkpolicy-backend-ingress.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/networkpolicy-egress.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/networkpolicy-ingress.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/pdb.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/postinit-configmap.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/pvc.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/secrets.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/serviceaccount.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/servicemonitor.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/svc.yaml create mode 100644 charts/wordpress copie original/wordpress/templates/tls-secrets.yaml create mode 100644 charts/wordpress copie original/wordpress/values.schema.json create mode 100644 charts/wordpress copie original/wordpress/values.schema.json.original create mode 100644 charts/wordpress copie original/wordpress/values.yaml create mode 100644 charts/wordpress+valuesjson de VScode/.helmignore create mode 100644 charts/wordpress+valuesjson de VScode/Chart.lock create mode 100644 charts/wordpress+valuesjson de VScode/Chart.yaml create mode 100644 charts/wordpress+valuesjson de VScode/README.md create mode 100644 charts/wordpress+valuesjson de VScode/charts/common-2.19.0.tgz create mode 100644 charts/wordpress+valuesjson de VScode/charts/mariadb-16.5.0.tgz create mode 100644 charts/wordpress+valuesjson de VScode/charts/memcached-6.14.0.tgz create mode 100644 charts/wordpress+valuesjson de VScode/curl create mode 100644 charts/wordpress+valuesjson de VScode/index.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/NOTES.txt create mode 100644 charts/wordpress+valuesjson de VScode/templates/_helpers.tpl create mode 100644 charts/wordpress+valuesjson de VScode/templates/config-secret.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/deployment.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/externaldb-secrets.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/extra-list.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/hpa.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/httpd-configmap.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/ingress.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/metrics-svc.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/networkpolicy-backend-ingress.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/networkpolicy-egress.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/networkpolicy-ingress.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/pdb.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/postinit-configmap.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/pvc.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/secrets.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/serviceaccount.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/servicemonitor.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/svc.yaml create mode 100644 charts/wordpress+valuesjson de VScode/templates/tls-secrets.yaml create mode 100644 charts/wordpress+valuesjson de VScode/values.schema.json create mode 100644 charts/wordpress+valuesjson de VScode/values.yaml create mode 100644 charts/wordpress+valuesjson de VScode/wordpress+valuesjson-VScode-2.1.tgz diff --git a/charts/wordpress copie original - no valuesjson/wordpress/.helmignore b/charts/wordpress copie original - no valuesjson/wordpress/.helmignore new file mode 100644 index 0000000..fb56657 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# img folder +img/ diff --git a/charts/wordpress copie original - no valuesjson/wordpress/Chart.lock b/charts/wordpress copie original - no valuesjson/wordpress/Chart.lock new file mode 100644 index 0000000..1c327cd --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.14.0 +- name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.5.0 +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.19.0 +digest: sha256:f14e7183217316a026257bb89543ec1055b763c37dd4bfba26c2c725ac0e7571 +generated: "2024-03-08T16:54:42.092136196Z" diff --git a/charts/wordpress copie original - no valuesjson/wordpress/Chart.yaml b/charts/wordpress copie original - no valuesjson/wordpress/Chart.yaml new file mode 100644 index 0000000..8bf9281 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/Chart.yaml @@ -0,0 +1,47 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +annotations: + category: CMS + licenses: Apache-2.0 + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 +apiVersion: v2 +appVersion: 6.4.3 +dependencies: +- condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x +- condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x +description: WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. +home: https://bitnami.com +icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png +keywords: +- application +- blog +- cms +- http +- php +- web +- wordpress +maintainers: +- name: VMware, Inc. + url: https://github.com/bitnami/charts +name: wordpress-copie-original-nojson +sources: +- https://github.com/bitnami/charts/tree/main/bitnami/wordpress +version: 20.1.2 diff --git a/charts/wordpress copie original - no valuesjson/wordpress/README.md b/charts/wordpress copie original - no valuesjson/wordpress/README.md new file mode 100644 index 0000000..006c3d0 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/README.md @@ -0,0 +1,772 @@ + + +# Bitnami package for WordPress + +WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. + +[Overview of WordPress](http://www.wordpress.org) + +## TL;DR + +```console +helm install my-release oci://registry-1.docker.io/bitnamicharts/wordpress +``` + +Looking to use WordPress in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + +## Introduction + +This chart bootstraps a [WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +It also packages the [Bitnami MariaDB chart](https://github.com/bitnami/charts/tree/main/bitnami/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the WordPress application, and the [Bitnami Memcached chart](https://github.com/bitnami/charts/tree/main/bitnami/memcached) that can be used to cache database queries. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. + +## Prerequisites + +- Kubernetes 1.23+ +- Helm 3.8.0+ +- PV provisioner support in the underlying infrastructure +- ReadWriteMany volumes for deployment scaling + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The command deploys WordPress on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | +| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` | + +### Common parameters + +| Name | Description | Value | +| ------------------------ | -------------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | +| `fullnameOverride` | String to fully override common.names.fullname template | `""` | +| `commonLabels` | Labels to add to all deployed resources | `{}` | +| `commonAnnotations` | Annotations to add to all deployed resources | `{}` | +| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | + +### WordPress Image parameters + +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | WordPress image registry | `REGISTRY_NAME` | +| `image.repository` | WordPress image repository | `REPOSITORY_NAME/wordpress` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | + +### WordPress Configuration parameters + +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------- | ------------------ | +| `wordpressUsername` | WordPress username | `user` | +| `wordpressPassword` | WordPress user password | `""` | +| `existingSecret` | Name of existing secret containing WordPress credentials | `""` | +| `wordpressEmail` | WordPress user email | `user@example.com` | +| `wordpressFirstName` | WordPress user first name | `FirstName` | +| `wordpressLastName` | WordPress user last name | `LastName` | +| `wordpressBlogName` | Blog name | `User's Blog!` | +| `wordpressTablePrefix` | Prefix to use for WordPress database tables | `wp_` | +| `wordpressScheme` | Scheme to use to generate WordPress URLs | `http` | +| `wordpressSkipInstall` | Skip wizard installation | `false` | +| `wordpressExtraConfigContent` | Add extra content to the default wp-config.php file | `""` | +| `wordpressConfiguration` | The content for your custom wp-config.php file (advanced feature) | `""` | +| `existingWordPressConfigurationSecret` | The name of an existing secret with your custom wp-config.php file (advanced feature) | `""` | +| `wordpressConfigureCache` | Enable W3 Total Cache plugin and configure cache settings | `false` | +| `wordpressPlugins` | Array of plugins to install and activate. Can be specified as `all` or `none`. | `none` | +| `apacheConfiguration` | The content for your custom httpd.conf file (advanced feature) | `""` | +| `existingApacheConfigurationConfigMap` | The name of an existing secret with your custom httpd.conf file (advanced feature) | `""` | +| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | +| `smtpHost` | SMTP server host | `""` | +| `smtpPort` | SMTP server port | `""` | +| `smtpUser` | SMTP username | `""` | +| `smtpPassword` | SMTP user password | `""` | +| `smtpProtocol` | SMTP protocol | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `allowEmptyPassword` | Allow the container to be started with blank passwords | `true` | +| `allowOverrideNone` | Configure Apache to prohibit overriding directives with htaccess files | `false` | +| `overrideDatabaseSettings` | Allow overriding the database settings persisted in wp-config.php | `false` | +| `htaccessPersistenceEnabled` | Persist custom changes on htaccess files | `false` | +| `customHTAccessCM` | The name of an existing ConfigMap with custom htaccess rules | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to the WordPress container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | + +### WordPress Multisite Configuration parameters + +| Name | Description | Value | +| ------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `multisite.enable` | Whether to enable WordPress Multisite configuration. | `false` | +| `multisite.host` | WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. | `""` | +| `multisite.networkType` | WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. | `subdomain` | +| `multisite.enableNipIoRedirect` | Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. | `false` | + +### WordPress deployment parameters + +| Name | Description | Value | +| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | +| `replicaCount` | Number of WordPress replicas to deploy | `1` | +| `updateStrategy.type` | WordPress deployment strategy type | `RollingUpdate` | +| `schedulerName` | Alternate scheduler | `""` | +| `terminationGracePeriodSeconds` | In seconds, time given to the WordPress pod to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `priorityClassName` | Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand | `""` | +| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `hostAliases` | WordPress pod host aliases | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for WordPress pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for WordPress container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the WordPress pod | `[]` | +| `initContainers` | Add additional init containers to the WordPress pods | `[]` | +| `podLabels` | Extra labels for WordPress pods | `{}` | +| `podAnnotations` | Annotations for WordPress pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none` | +| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `containerPorts.http` | WordPress HTTP container port | `8080` | +| `containerPorts.https` | WordPress HTTPS container port | `8443` | +| `extraContainerPorts` | Optionally specify extra list of additional ports for WordPress container(s) | `[]` | +| `podSecurityContext.enabled` | Enabled WordPress pods' Security Context | `true` | +| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `podSecurityContext.fsGroup` | Set WordPress pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `livenessProbe.enabled` | Enable livenessProbe on WordPress containers | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on WordPress containers | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on WordPress containers | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `lifecycleHooks` | for the WordPress container(s) to automate configuration before or after startup | `{}` | + +### Traffic Exposure Parameters + +| Name | Description | Value | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `service.type` | WordPress service type | `LoadBalancer` | +| `service.ports.http` | WordPress service HTTP port | `80` | +| `service.ports.https` | WordPress service HTTPS port | `443` | +| `service.httpsTargetPort` | Target port for HTTPS | `https` | +| `service.nodePorts.http` | Node port for HTTP | `""` | +| `service.nodePorts.https` | Node port for HTTPS | `""` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.clusterIP` | WordPress service Cluster IP | `""` | +| `service.loadBalancerIP` | WordPress service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | WordPress service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | WordPress service external traffic policy | `Cluster` | +| `service.annotations` | Additional custom annotations for WordPress service | `{}` | +| `service.extraPorts` | Extra port to expose on WordPress service | `[]` | +| `ingress.enabled` | Enable ingress record generation for WordPress | `false` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `ingress.hostname` | Default host for the ingress record. The hostname is templated and thus can contain other variable references. | `wordpress.local` | +| `ingress.path` | Default path for the ingress record | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `ingress.tlsWwwPrefix` | Adds www subdomain to default cert | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. | `[]` | +| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | + +### Persistence Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.accessMode` | Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) | `ReadWriteOnce` | +| `persistence.size` | Persistent Volume size | `10Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` | +| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | + +### Other Parameters + +| Name | Description | Value | +| --------------------------------------------- | ---------------------------------------------------------------------- | ------- | +| `serviceAccount.create` | Enable creation of ServiceAccount for WordPress pod | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `pdb.create` | Enable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `autoscaling.enabled` | Enable Horizontal POD autoscaling for WordPress | `false` | +| `autoscaling.minReplicas` | Minimum number of WordPress replicas | `1` | +| `autoscaling.maxReplicas` | Maximum number of WordPress replicas | `11` | +| `autoscaling.targetCPU` | Target CPU utilization percentage | `50` | +| `autoscaling.targetMemory` | Target Memory utilization percentage | `50` | + +### Metrics Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | +| `metrics.containerPorts.metrics` | Prometheus exporter container port | `9117` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `none` | +| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | + +### NetworkPolicy parameters + +| Name | Description | Value | +| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------- | +| `networkPolicy.enabled` | Enable network policies | `false` | +| `networkPolicy.metrics.enabled` | Enable network policy for metrics (prometheus) | `false` | +| `networkPolicy.metrics.namespaceSelector` | Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. | `{}` | +| `networkPolicy.metrics.podSelector` | Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. | `{}` | +| `networkPolicy.ingress.enabled` | Enable network policy for Ingress Proxies | `false` | +| `networkPolicy.ingress.namespaceSelector` | Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. | `{}` | +| `networkPolicy.ingress.podSelector` | Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. | `{}` | +| `networkPolicy.ingressRules.backendOnlyAccessibleByFrontend` | Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. | `false` | +| `networkPolicy.ingressRules.customBackendSelector` | Backend selector labels. These labels will be used to identify the backend pods. | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.enabled` | Enable ingress rule that makes testlink only accessible from a particular origin | `false` | +| `networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector` | Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.podSelector` | Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). | `{}` | +| `networkPolicy.ingressRules.customRules` | Custom network policy ingress rule | `{}` | +| `networkPolicy.egressRules.denyConnectionsToExternal` | Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). | `false` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | + +### Database Parameters + +| Name | Description | Value | +| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------- | +| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | MariaDB root password | `""` | +| `mariadb.auth.database` | MariaDB custom database | `bitnami_wordpress` | +| `mariadb.auth.username` | MariaDB custom user name | `bn_wordpress` | +| `mariadb.auth.password` | MariaDB custom user password | `""` | +| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` | +| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` | +| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` | +| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` | +| `externalDatabase.host` | External Database server host | `localhost` | +| `externalDatabase.port` | External Database server port | `3306` | +| `externalDatabase.user` | External Database username | `bn_wordpress` | +| `externalDatabase.password` | External Database user password | `""` | +| `externalDatabase.database` | External Database database name | `bitnami_wordpress` | +| `externalDatabase.existingSecret` | The name of an existing secret with database credentials. Evaluated as a template | `""` | +| `memcached.enabled` | Deploy a Memcached server for caching database queries | `false` | +| `memcached.auth.enabled` | Enable Memcached authentication | `false` | +| `memcached.auth.username` | Memcached admin user | `""` | +| `memcached.auth.password` | Memcached admin password | `""` | +| `memcached.auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `memcached.service.port` | Memcached service port | `11211` | +| `externalCache.host` | External cache server host | `localhost` | +| `externalCache.port` | External cache server port | `11211` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm install my-release \ + --set wordpressUsername=admin \ + --set wordpressPassword=password \ + --set mariadb.auth.rootPassword=secretpassword \ + oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The above command sets the WordPress administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. + +> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. +> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/wordpress/values.yaml) + +## Configuration and installation details + +### Resource requests and limits + +Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. + +To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). + +### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Known limitations + +When performing admin operations that require activating the maintenance mode (such as updating a plugin or theme), it's activated in only one replica (see: [bug report](https://core.trac.wordpress.org/ticket/50797)). This implies that WP could be attending requests on other replicas while performing admin operations, with unpredictable consequences. + +To avoid that, you can manually activate/deactivate the maintenance mode on every replica using the WP CLI. For instance, if you installed WP with three replicas, you can run the commands below to activate the maintenance mode in all of them (assuming that the release name is `wordpress`): + +```console +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[1].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[2].metadata.name}') -c wordpress -- wp maintenance-mode activate +``` + +### External database support + +You may want to have WordPress connect to an external database rather than installing one inside your cluster. Typical reasons for this are to use a managed database service, or to share a common database server for all your applications. To achieve this, the chart allows you to specify credentials for an external database with the [`externalDatabase` parameter](#database-parameters). You should also disable the MariaDB installation with the `mariadb.enabled` option. Here is an example: + +```console +mariadb.enabled=false +externalDatabase.host=myexternalhost +externalDatabase.user=myuser +externalDatabase.password=mypassword +externalDatabase.database=mydatabase +externalDatabase.port=3306 +``` + +If the database already contains data from a previous WordPress installation, set the `wordpressSkipInstall` parameter to `true`. This parameter forces the container to skip the WordPress installation wizard. Otherwise, the container will assume it is a fresh installation and execute the installation wizard, potentially modifying or resetting the data in the existing database. + +[Refer to the container documentation for more information](https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-container-to-an-existing-database). + +### Memcached + +This chart provides support for using Memcached to cache database queries and objects improving the website performance. To enable this feature, set `wordpressConfigureCache` and `memcached.enabled` parameters to `true`. + +When this feature is enabled, a Memcached server will be deployed in your K8s cluster using the Bitnami Memcached chart and the [W3 Total Cache](https://wordpress.org/plugins/w3-total-cache/) plugin will be activated and configured to use the Memcached server for database caching. + +It is also possible to use an external cache server rather than installing one inside your cluster. To achieve this, the chart allows you to specify credentials for an external cache server with the [`externalCache` parameter](#database-parameters). You should also disable the Memcached installation with the `memcached.enabled` option. Here is an example: + +```console +wordpressConfigureCache=true +memcached.enabled=false +externalCache.host=myexternalcachehost +externalCache.port=11211 +``` + +### Ingress + +This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application.To enable Ingress integration, set `ingress.enabled` to `true`. + +The most common scenario is to have one host name mapped to the deployment. In this case, the `ingress.hostname` property can be used to set the host name. The `ingress.tls` parameter can be used to add the TLS configuration for this host. + +However, it is also possible to have more than one host. To facilitate this, the `ingress.extraHosts` parameter (if available) can be set with the host names specified as an array. The `ingress.extraTLS` parameter (if available) can also be used to add the TLS configuration for extra hosts. + +> NOTE: For each host specified in the `ingress.extraHosts` parameter, it is necessary to set a name, path, and any annotations that the Ingress controller should know about. Not all annotations are supported by all Ingress controllers, but [this annotation reference document](https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md) lists the annotations supported by many popular Ingress controllers. + +Adding the TLS parameter (where available) will cause the chart to generate HTTPS URLs, and the application will be available on port 443. The actual TLS secrets do not have to be generated by this chart. However, if TLS is enabled, the Ingress record will not work until the TLS secret exists. + +[Learn more about Ingress controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/). + +### TLS secrets + +This chart facilitates the creation of TLS secrets for use with the Ingress controller (although this is not mandatory). There are several common use cases: + +- Generate certificate secrets based on chart parameters. +- Enable externally generated certificates. +- Manage application certificates via an external service (like [cert-manager](https://github.com/jetstack/cert-manager/)). +- Create self-signed certificates within the chart (if supported). + +In the first two cases, a certificate and a key are needed. Files are expected in `.pem` format. + +Here is an example of a certificate file: + +> NOTE: There may be more than one certificate if there is a certificate chain. + +```text +-----BEGIN CERTIFICATE----- +MIID6TCCAtGgAwIBAgIJAIaCwivkeB5EMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +... +jScrvkiBO65F46KioCL9h5tDvomdU1aqpI/CBzhvZn1c0ZTf87tGQR8NK7v7 +-----END CERTIFICATE----- +``` + +Here is an example of a certificate key: + +```text +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAvLYcyu8f3skuRyUgeeNpeDvYBCDcgq+LsWap6zbX5f8oLqp4 +... +wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= +-----END RSA PRIVATE KEY----- +``` + +- If using Helm to manage the certificates based on the parameters, copy these values into the `certificate` and `key` values for a given `*.ingress.secrets` entry. +- If managing TLS secrets separately, it is necessary to create a TLS secret with name `INGRESS_HOSTNAME-tls` (where INGRESS_HOSTNAME is a placeholder to be replaced with the hostname you set using the `*.ingress.hostname` parameter). +- If your cluster has a [cert-manager](https://github.com/jetstack/cert-manager) add-on to automate the management and issuance of TLS certificates, add to `*.ingress.annotations` the [corresponding ones](https://cert-manager.io/docs/usage/ingress/#supported-annotations) for cert-manager. +- If using self-signed certificates created by Helm, set both `*.ingress.tls` and `*.ingress.selfSigned` to `true`. + +### `.htaccess` files + +For performance and security reasons, it is a good practice to configure Apache with the `AllowOverride None` directive. Instead of using `.htaccess` files, Apache will load the same directives at boot time. These directives are located in `/opt/bitnami/wordpress/wordpress-htaccess.conf`. + +By default, the container image includes all the default `.htaccess` files in WordPress (together with the default plugins). To enable this feature, install the chart with the value `allowOverrideNone=yes`. + +However, some plugins may include `.htaccess` directives that will not be loaded when `AllowOverride` is set to `None`. To make them work, create a custom `wordpress-htaccess.conf` file with all the required directives. After creating it, create a Kubernetes ConfigMap with it (for example, named `custom-htaccess`) and install the chart with the correct parameters as shown below: + +```text + allowOverrideNone=true + customHTAccessCM=custom-htaccess +``` + +Some plugins permit editing the `.htaccess` file and it may be necessary to persist it in order to keep those edits. To make these plugins work, set the `htaccessPersistenceEnabled` parameter as shown below: + +```text + allowOverrideNone=false + htaccessPersistenceEnabled=true +``` + +## Persistence + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image stores the WordPress data and configurations at the `/bitnami` path of the container. Persistent Volume Claims are used to keep the data across deployments. + +If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). + +### Additional environment variables + +In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property. + +```yaml +wordpress: + extraEnvVars: + - name: LOG_LEVEL + value: error +``` + +Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values. + +### Sidecars + +If additional containers are needed in the same pod as WordPress (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter. + +```yaml +sidecars: +- name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +If these sidecars export extra ports, extra port definitions can be added using the `service.extraPorts` parameter (where available), as shown in the example below: + +```yaml +service: + extraPorts: + - name: extraPort + port: 11311 + targetPort: 11311 +``` + +> NOTE: This Helm chart already includes sidecar containers for the Prometheus exporters (where applicable). These can be activated by adding the `--enable-metrics=true` parameter at deployment time. The `sidecars` parameter should therefore only be used for any extra sidecar containers. + +If additional init containers are needed in the same pod, they can be defined using the `initContainers` parameter. Here is an example: + +```yaml +initContainers: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +Learn more about [sidecar containers](https://kubernetes.io/docs/concepts/workloads/pods/) and [init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). + +### Pod affinity + +This chart allows you to set your custom affinity using the `affinity` parameter. Learn more about Pod affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, use one of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Notable changes + +### 13.2.0 + +Removed support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. To update WordPress core, we recommend you use the `helm upgrade` command to update your deployment instead of using the built-in update functionality. + +### 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +In addition, several new features have been implemented: + +- Multisite mode is now supported via `multisite.*` options. +- Plugins can be installed and activated on the first deployment via the `wordpressPlugins` option. +- Added support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. + +To enable the new features, it is not possible to do it by upgrading an existing deployment. Instead, it is necessary to perform a fresh deploy. + +## Upgrading + +### To 20.0.0 + +This major release bumps the and MariaDB chart version to [16.x.x](https://github.com/bitnami/charts/pull/23054); no major issues are expected during the upgrade. + +### To 19.0.0 + +This major release bumps the MariaDB version to 11.2. No major issues are expected during the upgrade. + +### To 18.0.0 + +This major release bumps the MariaDB version to 11.1. No major issues are expected during the upgrade. + +### To 17.0.0 + +This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. + +### To 16.0.0 + +This major release bumps the MariaDB version to 10.11. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for upgrading from MariaDB 10.6 to 10.11. No major issues are expected during the upgrade. + +### To 14.0.0 + +This major release bumps the MariaDB version to 10.6. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) for upgrading from MariaDB 10.5 to 10.6. No major issues are expected during the upgrade. + +### To 13.0.0 + +This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. + +- `service.port` and `service.httpsPort` have been regrouped under the `service.ports` map. +- `metrics.service.port` has been regrouped under the `metrics.service.ports` map. +- `serviceAccountName` has been deprecated in favor of `serviceAccount` map. + +Additionally updates the MariaDB & Memcached subcharts to their newest major `10.x.x` and `6.x.x`, respectively, which contain similar changes. + +### To 12.0.0 + +WordPress version was bumped to its latest major, `5.8.x`. Though no incompatibilities are expected while upgrading from previous versions, WordPress recommends backing up your application first. + +Site backups can be easily performed using tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +Compatibility is not guaranteed due to the amount of involved changes, however no breaking changes are expected. + +### To 10.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +#### Additional upgrade notes + +- MariaDB dependency version was bumped to a new major version that introduces several incompatibilities. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. +- If you want to upgrade to this version from a previous one installed with Helm v3, there are two alternatives: + - Install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + - Reuse the PVC used to hold the MariaDB data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is `wordpress`). + +> Warning: please create a backup of your database before running any of these actions. The steps below would be only valid if your application (e.g. any plugins or custom code) is compatible with MariaDB 10.5. + +Obtain the credentials and the name of the PVC used to hold the MariaDB data on your current release: + +```console +export WORDPRESS_PASSWORD=$(kubectl get secret --namespace default wordpress -o jsonpath="{.data.wordpress-password}" | base64 -d) +export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) +export MARIADB_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) +export MARIADB_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +``` + +Upgrade your release (maintaining the version) disabling MariaDB and scaling WordPress replicas to 0: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set wordpressPassword=$WORDPRESS_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 9.6.4 +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +Finally, upgrade you release to `10.0.0` reusing the existing PVC, and enabling back MariaDB: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set wordpressPassword=$WORDPRESS_PASSWORD +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +You should see the lines below in MariaDB container logs: + +```console +$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +... +mariadb 12:13:24.98 INFO ==> Using persisted data +mariadb 12:13:25.01 INFO ==> Running mysql_upgrade +... +``` + +### To 9.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by setting the parameters `securityContext.runAsUser`, and `securityContext.fsGroup` to `0`. +Chart labels and Ingress configuration were also adapted to follow the Helm charts best practices. + +Consequences: + +- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. +- No writing permissions will be granted on `wp-config.php` by default. +- Backwards compatibility is not guaranteed. + +To upgrade to `9.0.0`, it's recommended to install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 8.0.0 + +Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec. + +In the `apiVersion` of the deployment resources was updated to `apps/v1` in tune with the API's deprecated, resulting in compatibility breakage. + +This major version signifies this change. + +### To 3.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to `3.0.0`. The following example assumes that the release name is `wordpress`: + +```console +kubectl patch deployment wordpress-wordpress --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' +kubectl delete statefulset wordpress-mariadb --cascade=false +``` + +## License + +Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/charts/wordpress copie original - no valuesjson/wordpress/charts/common-2.19.0.tgz b/charts/wordpress copie original - no valuesjson/wordpress/charts/common-2.19.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..999417ccf52d78fe88422401836ff2a483a4817c GIT binary patch literal 15554 zcmV;zJUzo7iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{f7>>)IJ!UUub4}_Cst}vk{@x`yWaD4lXUCbCh>{W^zLc) zv=9kNs7ZnaK-tr&Gj)KSy!& zr_Dcu!C>&@;6VL%Fc?(-I~?ro|7mz|c(iwTxW9jN@Tb9W@8Ia*PcXOxTxw6o1!8|1 z+`6r5=f02!B?%Qs5SsAg4nTkeo=`SFhO=bM5Em>9M8zg z(EJDyosa-VSX^P8z=((h#RLLbp8FkuH&ep(Paqr;Dj>vZMCWJ}VHnMU2#%w%-&1v&`e`!hT;ll^Wg$QA^bEe8 z9!znRV%F(_z;PNOfjd1IXGtJC-s#ycbYesjfk=Xxs-7T;-`f{gh~Zs0O9I)sj70@z z6C$SBNFiom^fehex~@Th(~JdJ!CYQb%u{>}ksgZ9tTJMsnk65edwh)ipP?wj{EilY zCGvl;_vA@c{vRFeJ;?w2c(&jvP3MeErlKr{w&3FY+5gx3QA_>aS%?!s#ssrtI6Xgo z`u%ey|2tb-kP8kj{Donxt@|>4agZrhw*$}vT?r=vmcQi_BN0rWU#ARnZgp<`^xzWDkKz4$@GtQk zK7P!<0MHaOBq)Dh88Bd7;Y_lb-F{{g;i)V67QuD-4&HGBskjyNtu)%>y!R9&M4)zEtZ?FCI~ zL?`nf@EW9dDis6ZzEf0QnY^W{8eecE| ze(8H&t44%|nzb_J+O^)hAfzO)AZi6~zSNc>SwR{}^sMwQq-$KDeyk?zPL=6YMefHg zo9uw$xe|w!$y|)HZ~lUA7d}8j5~)DJa8MT0MxZ5Bzz&X6F?WWzTP+GHBZ(M;htkw9 zPsY5`F?^+v%GsgToU^`H*O~20Jl}V~V_%EGDAi0ETiSr_@7PkCGyR=)X_@8!sr|fdPu>3?pcIWrw80&KCI0`zCxe5E z|NqJ0Xz<|wzmMmW`TxZfgFtM81^keUb1<<8t)ijCoN^g3;UnH7e z;CFL?N@V~~H`$*JM_8btS0-y)*}7BnrnE}1xT5URbbK``nL6id66@&Jw8GZ{Cu%oi zHF_CDNiy*-zfs!QCP^1Cn*2^jD-z9?zE9p7NgZ)DQrV)LBTtBMOcTEH+$+kjOrqhz zy|WZbQ@&X;smQ<>Co9vbsPJz^C@zq|<1AX8qud(zNh;IzPeCM-Oc>^TMFQE3Jhx|W)oquS~D*#%}Z z65thShf-oItWLtgCP>KegmA&u=fBpvnsoWgM(n1 zTDQ+>c!7hA5i!@cI}i>$OH;}O4p;P$@YK(%ETjG5&E$&qF)6Iq@8oG16BY6JlqO>` z$+S?pK~GU5pw&A6x09Q2-i>>|bQNjt%B|>dhcmEgb>W!JFq4yWOdM4YMd@@k74@df zxDpzxt#U1uHz!w}34W82PTQ*A=UAsS>~Vud!F!)};8(Eo&-5sZdefJ4XQf${0Ji)pp0V;nIsc6MP$D(u|DBz%aR2Cy6^8xLobVj!~hU@BoUa6 zQGgXi#xzSp4=`g?>M4)kP#9rgIHofk!qpV($r&JlB071*Atnilv!rP>9zR~uf2Efi z?%-OQe-355_dBy+2E9N3v-|j$|M~dO#~(j#d$3a?4}1VYF9eg6aCYUFE;OHV|F2>H zSI%rfRHx<}*#KU0{&RnSueSfYKX^F*e=pCy@Bc!+(mGN#!~zEbhaj17Oj#`F@v9Uk zd`iZm^AkrCe5@yBb&)A?E8%%18ot~c=DZ%~k5eF|{XsE4SU0qhz zGLsN9Kw!~|Fz`ZCP;pctPH_@S;X<`2w8Zk^+j+h*Ow`%iJk5X-@#>uqX9-X-#VoJL zAtIN!AT(TAft!QNIA(p7oxvPY0x?AbLaJo;6=jz|Ga=UtiP4B&>!nNnV3-R=jO7SVXe~Y@un+bU`KBog(wv`w5=SUfM1|h;vmz0 zC8D6znq!r$SfgM#Q#Y?o8SLOc)&%0K?$k&(rYyi-7j{q*ZVsw6vn9}Vrm}Szbo1`Y z4)-6!Yt61CaVE|RJWCRX>njYb7^Dc{s}A)E(3ptYYj4c|E}QhgV_9;_f8v%qZ zBLdVPT+)Yx)_&)bR5$E>8TD#kt+1>AZWD|0@8*_pf<_SzJ*92^1I5v2rB8inPhJ00 z3i!s({{LwO{crE!sG|QJ93AdI=zsU|+^7Dh+Ill(G@DGdou|#ZES)f<6q}68f3lxP;Cu*U<~gb*qT24C=sAzca`I+ z6bE6v3(^$Xm20tHS~cqtsU;+j1c)i4SJovV+qElc4{}w{Y402{oCsT}-6yz=q{Y%$ zC6zis^gAVqI_gxXf~!YLrLA5+SK(gc2qTXDGyaptqqIVAD;y0?k59mRmzSj% z^|K3j{`&Q+*T?V=n(6tNGCCt6hB?g`1Q}CQDCTcvl55>WH}17JdSX0!rI+5j1gg(V zDzFv~c!m=|V}ThkOcE|o6sf-N0*yil7*;|IMbbc;O9n_V4z-OWrg(1OUgA_p6)}~@ z9v8AVGa6+vh9E*D<{Lr#yNoGgj3m+&)7%-LM7B>y)^-zlHn)%l+;`K|O>lx4iuzM} z)f2QY7|liz=2J>VZ;GQ>r%LK+wXVNabiSwAuXi;i5$@&VV#=G5;Wy~wSCvZU$WEzP zogqKK7?Eg+I{2xV$^W%aUH>C7nrtrj)1Q{>e@90R`rq&&|I@uZ_pbjr`)nzrsT6>c z;Z!EfCiTOxqxw&A22uTdO{wDnvigshVqF?M?Vj+e2SSvB(Y7|1+sm~!6F)PT8kF+( zQIIw(8S$va9vK#2Vab{MnkYT zTQj}h$&;2EO?G_sZ`oXdX-FoR3l|-y!zbYVpUPU}_W7g%P(!aPjhA~;Uy{79c>gOd z|L0Z8R>#i4w1ih}3$osV2ERVURkoGZbY=IfIQiMVdTT>02<>Yw}^^6TV{jFPY>G_$;65=4;?=*4V#Gd_fktR*qHRPH35$2 zHiBq}BooRoH?J9<5&6EKGHiS!%4Gxp0b>+JBNSY69rT5mfZ_s#Mf%gsh8nGB&Zs6l z@b$F`t4PaPHKu7>eRzW=s~8jg$2tHi)q9E!_X@l~T&u7l@9Vh0{wSiO{@(uha2VqK zZ_wbICr^SyJRXe3!NJ~We|)rm7#!^n2S=l$!Juyt^e1%d$Ae+-$AbgNyHt+9`t5&q zRQT1`-JN&7`RhO3KYQx?Y45*L?_ckF|NPo~D_(RTcV&&QS1Pytn?tLTbz=GC_{4-l zwiL__fzVg~_wuU#3-r6x{_~$Caetnx{w_8!z*o%RpXU6w*nViW{~P>2<}~5v96(F_ zKL>|LRsYZ7aPJ}i$GtrFpa0|U%5N<&NYN=76em($RStZ@-2f;RNra-vO%QT=er6># zcenoPqSmmnX~hX1QfIf!PMG;>ewlCQREk;q&HSqFPn|ovQ4Y*}Bg$8rH_)*P*SIEJ zDc`1~?YmoBwv*THpC!Tv^-8GIR&V*ZPRd3dMIhkfrZxWUCV1d{ars z+W-Qj5|-=OlT%IVuX-rGS{t%x4W9e)y%XIpNo4_&M3kX*i*MtIBJt#)`rS6CShe2Z z2gza$D%)be*SU`D7fdRuCSp{|0jVOrnWq@kes=i)(sIFIW53T06i+LY%UHHv&0(~i zhNGX~tbI75b~<8=B90dyd(gzW*_j5@wWkr{TuGZ-(etbVZB4q?t1mnca|80;Idya5 z2AGLnj1n|aJJKeg!MSoxNzXSwUH~VP1cx12fs9EYH8GG~l*=j6#)=_~TfOrdkBgha z+}5O|3TeRmnH;yiA##5!AJCo)X8GVs*e^6_xeQ<~3gg9r)MCC^Iqh_OvGuZ`RU4(E zMb#AXAMhMXpuH*~f+&+_irxxmQp~SZZAtNR5=s&A9tvXYbzSlHSs(pSPhI~vsXy;; z|My^cP`&^0;K|X${_nj!_pkpu$~+e+2@wl*mfA))wBbfuvPgH`nA}=ds^_9z9Qj{s z!&z}uGB ztedE)S8rDZMoCWW>n(uFo&pQcv4_72CgRH;O2T)zEV8 z#qt|uX<>NOU7ayzDrms*bQb#+rM$(q`EEl->uya^Zyv|StiGj@lz>WOxS)z1MQCi# zj-OVsOGDRKz8Ji64Lfe7VXF;SBgp*P(CQsTivk16>XIS8IweaJAaR@tb%U!?K&AQ_ zOaXC|!OiC>4t#EMS-ZKZr7FN@LAk&JX;MyWy-1)q+48H>r1LX|P(_Jep+rb~JEAlN zI>QV!FeBECgWiNb#535*C5fv-*E!hCI=ZBer^K-wlNbvWB7qF)%*eD`_DvMt zgg6B?mtiL*!Q~BhH-d}th>cgm`zHmb*0W{ ztK&XA?N43**L<)+^?#}Ue>50Y_5Z{DClC7neLVLb|M~nnm5YE}auVYpS7{xT&e6K8 zxWcJd6fvo=Rb3^9?7A&WzM5giNQk9$WLXlxlYR9ki7&G8m|TO`YrDGcDZ^5u)O)%L zO^LJJ`9nr!8O;mS^=i7T14gMUd6!hIVDBsLl{=#Uwi?(6U^tCXfWiCP1MgSw=AA-0 z;l^1M&Eby>MRHt2si&yU`ckz~&{cUM+mM*^`~WGZF?M%l3a_DdTSX)$W)nh835Oj+ zs%I}RWLdQnlH#E2ch1K4EQkh@r!;YBPl^o=MR%37L?UmnT}*RXu;xg#d}2T5ykg6= z7Fdbyt_yKHF)_d^^Q(hrP7V#FyyoV(mfo(7V3i9?&~&@&Fxz64e<>5{T`HUe^DmMY z+g+)e8;kBajA=~}*^JqWEXtX4IYt9jKi(Qk)^bm^@XA4T3vhBLi__?W8MCm|2Bu9; zo^n&GPMt>8xj??@>#e6!Bh*b#snaN;SMI4g#fm(YtA#%1NHuvvtdp38LuFM37O#pQij#V1aGF8WAjU|@KUCY5GMf$tix=iww_P{F*YtR zyId0qhlW|ucFS48{knzfHD?J*=#tB|>mc%Q$~RM^k7&fT%vPP3k~d%&8N1?e@D=Rf z>j0+$a5}{?W+>`$K^dChZr<{?C4=2!=zu}dplyP8J=;p5YowV6-f%F8J@8^2Q#O~s z_r7^SJn(8wdf*)nUJ$Qq0qR~{duny+;FgWU;)a1yqE-RRlN5q4ecF1xeea? zM~5YF``;X_jyI1{6s?H&VTIm@!*&9#fcH^_3`bAehp$d=9Fi=)A>szw#xNfq?zfL% z4fO~)`#Q^5+#i%UWpHpi7WWTJoH96CgT=4cL42=__`%@Mx8w0LxF^GdHF$h)EzA$f zO?|US46K0plQOvB-rhGWvw2|-n5~6eV(RN2b9*5P@pbiMJ;79yu5XfIoU5uT^Xa3n z_#+^R%5>m^QqOUipSxmMT~n%?*wMK>c0Jg+#B-iwpzch~^CGn9|C?C<>-wM06mx&^ z-@~K*gPQ&~9PT~nfA{g+yZ<*2|JHnF+$IbBCYB#dt`ZwiePQw&HHDp(%YbLBQfZ57 zdrC@`dH(030PhN@9y~9-=;yhIbpAUO=@@B=jot2bLcr}gYxUmjTdD|ct>_y6l-iI5 zb#btxzUJwfb=p*IXVU~5Iin*AiPd?jjt;iDk#>I1xGx zQsw$$F;(aKYH{b?O88IWde|(^O))%;uD{lzE}{hmZ1xejp^WCI{S^Xkd+sz>hkHW#xmzo3E=nyeASveZ5w7y`KJ5Y zyeZe{mQMTCA<7nCpft7TG@Wz75||Tkay{1vmlnwwLF0zWx%jt1kbSK zEENwFF^s}F1j>~gt~4i$ba^_e&CLt#COfoSCgnK@p2=1hzAax*U(KI5Y{;p&=XJr0 za55274~7FZhE$HBIzv$2!72T{@bH+K`ZbP)UWsKN>5+U?IL@x7*m#k08WRrE7?Px1 zFc&J28zzISTqYFsR6fPOYG8jWL#qlUo8`^sn`jV9yMX=4u~fnMA5l(W&xfB$6oHEK z8WYBa&ijZ3X68VknV-g@(x~b&fu1^FR7gvSv;JawIx)N%0z*kiOKL%S%8PyH^crPGvmwCY}<^Dt97B#O%h%@ztu0-FxKO z$iz-8%TEctT7pVhMOvA!l9%|Zt=rGcVj%m;GVH_ISgHAfYPR16eo0cDC6n7Nmjqvd zvSWo`;`qq{;3Q!4RM_bt+x#yT zr+S+vRirD=_kmHUQb;nInYb1^hvcN7EL1rj&5bQ;2YQ?(%KvQAkE&5Di%KaOhH~ZA z(lIAsO$2D^zjHPQ)F2;ZTMDa8-7b*F+}Me2S@#h)HH)cccgu5Jb;d6%EV273eM1t?Fxfu61nZ zm>r*h=Ruw`&j`NC>q5>tu>+pxh7aVMCkC)tBAoKW0r;l-#ZHUn0n1rGX#KCMq-26b z+@E0a1D=1!Xe^h^TtSh%<$+&WR~_x3cI2Setg5rHVO2sl{exq>C>^M=4+~q@!}AOY zqzu`J(#tFbZzgpkYX+^bqn*Pw&=Kb zhUlg;ytm`hC{@bIp?srkR|fw=u)HTb5xv3;cH~NR8l_VN!){mqe3`|VkpPBW*vZng zUh0EMlm4sMHfL0M9uQJn3EC>)3BG=<<8V)-=tm-y`_X&%?q`Ph)(-8lmV`=U$ z|KD)$Xs;UoF*rJUi2t~c=TqJP;O1Yw&>ROU=ToC#H7ps(0!8AX{Cb`MH}A$e1&YM- zi%-N&fCu3pdG?(5%-opLXyc zDiEMlq?-BHuCi_!o%HUV_s;XG{)-jsYD=dXv)0}`NcBxVb@^Z9Qn;t{AA5&~)$`wn z2M_l@-p}(1!b-$Y3f+UF@FlfI-B_opI`wiNAp za@wiCR+v?v_T{1=a3hP)9g!gn}eZssc7BHzSfNgIg8|T z(Xv{R7zjR?Bt)vgy1}X6*HZC(-s(zy{ns0b_n80Xa8SSh@9@F?yPxOY*MFVNnIv2= zeF{^B2u-jkqF{_Cwq1B>7Bx=g2^MBXFZQ?DOOMT4Ri|fPu9z>OrD10gW;W`(8E4hr z8~Qw%y+zC>G{n~_WdfuGu>d}PJlWp4%tkm6ks^-u2s+317v}J)c+#Bwd?qQk@u5MF z!tb0WQi`8=@0G9EmnC!#=#O%p{$Qi2dg@lV>QeY^MxqdKGJ_dnI_O8o8zY^DW9dLv zh@wZ)j!Zo7<=*_|LsJ3e_?^`k6%(IEL@g~`{-LgjmgcYNuv0^AD?UXWe^;xj*2Z4- z0-|agu5sQ9t+>CZt;7!K4Nf1r4fe76S?qPTLTL%r6@@0QHp9%Su19d`$Sn*v$)jiW zueGLF4RGOImc22-H_iz9UU?s)d5c9YapKkJcllwv5{^(&Gm4gKA>0m}UPGWrsa)Q3NDRL**|*HU9M3C2H`gb+nlZ%W3L}5oMM!! zJ?C|WS{;1OFjR{qi`I_4ONGAZ|g(I`@)8%-7o>6|l7`8Q~?;J(Dyl!`?%xe=PXXQpyh7oJdi@X!P2 z3iqzL4WtKr>3hI<=MhiJX*3 z(u^aFCi>vCI-Z%I&J1b5eM1FxMpI;hGJ+!BSLaJqV)34V-jmRKhI*Ls#op91Q%H(( zEQDRnbDhAXhLSi(k(;(|HLkIFnOskSxwghp9IeJERYkkH>ec=EHHyH{A0W=N*gB)tF%lX@^vb#X zS=k;s)TjxUq7V56b+wl@94p_8U&|+8L9w#=#@(x$t5({!(ve5t* ztC@6Rh+i_>9cQu~oU)aN|B!05=P1bi#~`h0C%!628w?C}_(xNmN#V0Y6AUpTiNmUP ztW-pKSIb2wGC&CvW7ioHcm;XNM}zBKEPM&IPhN${MWC=t#gihKs^w^K`8LuzQ4qsA zzocZu8ihFQ#8j0;39Lz-?Mq`#DZ5--{AE;r#-Kv7l}KbXo9J^)#Wjc#o~ipL5~*06Pcv|WaR>+k zq~p;ARVSKlu48?#A`GOYkz*tDv3Ye8IMF5Nd31V-UN+cg(#SUsUiyy4E)42qQTIU? zMd5ES_+kd7Mr(W0H$WWks`K1BxrGv92FpTh)o6JKom`=dP12zG685IR=@M*pgN;=| z-zfR5?o@Q}%X{xiWviX}@RQOeiwfr^+oj=6R|6eW<|vsyd{_Ei%FWAj-BumDZqi;* z5KtDH=`p7ngDc7|BZ@*befY8KU#ksvwUY>im|IJZB zEEPx1TgA<&`N=~iilh)xClD8&uxdC=S#WI*ux)eLUi_V(_Oyvy%9hq@XEVwfhHO#_ zC0dKlI%y#Fp$vO+DaShB@8ms$t!~#ILv2c3;pfRoik58JG{lR#lu5GscJ({f{cSbT zRwb^p=~PL7)Ubt7KrkR{iM2}b%o*X809jSC1R)&##4$T(cucNW0&|JyzOGb(WRDcP zhmD=3z1XKNw^=^-s&qrjwBu;In)^xJKwixvredtS_M;()zLdCP5>}7?^6GB&I>)AK z-EBQH-N3xwGQAIHsB_pn$38RyEI>dkVPG zS5XJKGN4TjyqUR0SJoSQE8Ut0ef7a88{7*=!Ho@Q9}(NJ1+*^(8K@KG&AA|&LR@Z3 zcY7FFkM~+Mcb5XILFBrExfcGjpM7p8mW+9ImNgA$`OD{P+B`ffJd5qW7%_sv(Ji-v zm)L(tNBhh+AwnmMrK|wt-suSU0naQ-UN^=($<}Ni8|EJ)FiHsQma{9D%frs z8y@M&A>OccT*9E-8-=9HC^yL$SYx;*3%OxqQpxQK4h?%9n|4B2O4o_JQ8z?&ki1&gwtY*{ku4FR#^cz=F8cjGO!BXH*n@y zunq8T;>cMM%!b`Kwi9cN`wd+da0{tZ;>PpF`5p&<))D5@9|3i}ry<`8+aBz4~jsHKA z|9SBL+{5z;{Xdeoo_+ft3{U>Dc_)xz+|S1eW&;jb@Hy~5Hj^Q z;t(psYHcF&9E%lPa)nr0=8Q8XS73TwzQ?iX<<|;s&;w@>dGNih zs%&h|_okGu(MHV174W`^Pr!ivvVCu+6Kjn7O?_`IP;TpcGhjb+-`mO_nl=skE0$sZQQ$tI=QFXs+%e%%$O7#c|#AS?vEwDHjulZ|MYD68|+ks``KS2E&K*fA{lzI{(kP z=B>MM0y%8^*?58qoZ8(%MVZ_Agq*hS#xc}P;I+I%4v1T(foXu$=pxFk%e=g6el3S8 zrM-R23rEM2HXK`NL3B}bYmJT-zr5IdLT^gFSR-ZI&HQ@tcDuG=Zfq#UOdX4|d&N-5 z8OXJ`&>cmulG)Sx5gMAPj>iIGuj^1)$eb&Uz}>nR7WeFPax~mbeGYLzLY!Ydk0oMq zMKqTM8$1`Sd39#XIQH!g$E8bnF7doa$36RP(YmIt@@QJr)Kx+f^AXOm4b?R-Br#aq zC9ERETNjnZJt(Ww6(gqQPUXf@PCE{JYEB99^$NAjojk6yp*-rJ%-6Jh1zpb*u^gVW z&}l;HyG&P-hOG=*ZDe`CY_p|o)86h>$JD{4*@x6EcV~e;-P*>wfH&-_a=N%C$K1?m zwE)m9Jy-5vectXX>+Gnhgli5#i&}Yy&XCQT2P^mJPNYXs^rw77bh!jkx^jJLF5p{m z=U7@(8H-h+oNRhg$@awhwNOkK zcW!Ix%|%|LZTkhYOKYE&uuKa}q?Kvz^24HX>-vuu`+pe@$?Y!!TXz4~!Qe?X{%`Q) z;r_3Cc{bz!y^#a>wPdclIsU8p_OtQ*Ds$qdKnDqK~@_ZLYUjZobR}dd@OHr=%IV-@Cxzfw% z4Dh!T7#?(29*IV^;}-ni2+whLxhszq>gDBYXAPaJtJgxWMfZ{om|Hq;xOP;rU95hP zaa;55jCJl%`y?S&pY^lY{&!cQn|lG4*#8Gd`%kLzUwcOn=l|~I`E>DL#vGPql%YSu zbz5KS?y9_+*iUIP9t@;#*{Q00p1lBEz4F>@{XCe#s7SrRz^KVBtqnKZ+Awcz6_u|| z)6@4zH`1o53-zm`E5iV(v)J2SHaj`qOtDr)%w3rlYkNJTy)4r7V2`Y}s2M9bUP#Z2D}G9ePExrz3;hZXetVyQA$ROjBYlEJi` zdpJoZHFKfhVLu<}R=dd8-FCQVJu@QbGIQ_U;@Q5uPpy6Ns#g>&os#jq=awzBVdu|> zNpruGrebQ;phK_RJzF%t=-$e{!jUX{m?{fo?5{H^%X6pdv%H~t>&&>e!Ab1$cF$`2+}kshpBRj0W{lyaa4LFU)p3K8Fqa%g zVpRMmwxu?zsY-9?^JMlGF*iuE1&zXnfj5P@9OxpNwU6H=?-Co0_!WPbG*~*iagDhg zIYR-z+Y;zi_5f(`kG|rM>S8Uw#2AGkJnHqNS|rV_lWketNCAljN+VFhaxqwl=4 z1gufwwswut|NSYBVlqi6!<*MJm+1e4!^1&k|8MVT@Sy+S%d-XNNJtsO)m`(71LT5{ zz$hb;x@0>=!6lkt?svA}&6IH9S(;KNIPfWsA{DIyF%rR)B$HiWI6{KV%z{_EM@iV( zf&@==eDjWWDwsG@_xEpNI$Q8mu`IlOdI2F} zyyH)Z=&OG<`W=7tFV$X^0F6*^nWf5V;ho1mze+og{SmtCJoZJL zb{_x#oh^8a7@--5vuDqF$4?pk9S5T0lMti6F30Ha9e>6H8e$2X#1k0PD8#Ho;z|Fr z^)Q(E|N8mqvlq|(IJ}ECmYn~3GT1w+&i}!|;9>sX$Fl|B5|N;o*xB$S88NAEJe5mO zr*jIwe2=5J{Q93e_L6+LZ1{Ytug4cOB?0e8y6CTJ5##+WS*EKz*AqswREiYMbr8`B z31Ec96~;-9h_2^%I$K-t=EuK0d)?{$_Ste#Yu>hfMBC{%T@8%z*8%R9n)v zRy^0b4S3(riBusIXV#eWWN`ff_D3L0c+HOz>D`q&NDJ1yHa1mruk=Hz2 zzEWrYE82WqrUw3*Mz`p;DKlobLk#;DS zFx1bB6bA%FK$0{Qz=J7{k@~U)XEB=K*OZEaXYEvw>?P(YJ_fGLt`0zmdBBLWy^i6T znkQh3J4PjuK&71((LmZ>9RPfd;xxj?kk778$C-sontGj=RMgY(v8;0yB6Ovqa zIs#3Wfz@yXnz&$w{_u%E?1gwlP|_O?dhE%5r;}z;bWS4@EX7q3dprlE!Jp?9^Sv&m zSUoz8uF#x6lIBv5hospf<#iX2cJ;26v=e0Uv++wR&Kc%75sx%JdcU6+2qDJMyaPZ4 z)?SFkm|7z`ngh2;CmM+4${c;u4(t>seGtzlAn*E}PKZaDL++8@60DI%_eE{LkTJ|@ z23ItTLWsyEmR~r=fUgBZK$0CHmP+ouVTgbS1e*Z>>h~p8U$!LuTSk8ioZ$y|BsyE5yKXR2a#zl)b1C(?z)66MnPoPDm(t1Zp6c>a>9w$Y zmk5%Moeme2p$UE(A`%N)nyh;tJTG-LuDkOQ|&`Q1U^?J?ftD(xxbyt80 zjc{aED3qqFSJgxKDn)-}IM;!T(RlwJ@`DxD-TMJXPY!Srn_(wMS9uAG$TTlnT+xY~n| zGK)l!((RNeLlKtdbj_4jqBx2`YQGTA&7O~Plvf7o#PfD5v^?=V#qp0SMOXC1R~y*2 z6a7~SqT-!z-(l$FvkqUUlnHRaoNVt%yD$)us%&@cdP>fvD8Tty;(`~TN8xu)6N%o5 z_g>w<M044jTm~-`EePD4Afc z9X8sRA-@-%0yD>yfgq?93Y4XkA)%Gnkc`Jz4a*oKkueD>46)jK)m`1!8kB+}=b=$~ zl}{sY%Jcw;;5ZsfqYAOm=oLB1p1=ChH&XfMDH1vESD0ZS#-)SJwr`aV|JmvE;GE%^ z@}`@YT+@Sax5F97@LO3U`3-iA)KGL7&0$2vR9D(l{oA+1cL2$u)y_KA|1!+II!x_d z0h&bft`EO_j~QO<@3ekS$pa`Qrc*s7*1O8=4NxMPDukFS8WqMa8qrM8D+jON^v1d0 z>A_Eu3R(>^Zq?svIL-F`5?W*QM}Nzd?kVJYhRv5?BO82E<|c^;hg6%tR@r{62&{_Sl!iN{F`eK9%aOlAbFBx<6<~^UU!mh0Gd%WG zGHZyL@nWj2sm#uHJyA%`Ns_zHjH|(D&blnFmV_~*F(BDB&5Ja_c1^OrJ~MN66+Awb zCPVT_z*vedl+1x}o?*UvlUheN^T;qN4{(AQp;ACdnQcbOI9=S@A;nxaZ$*}!k0_bT zfh^D{dZFxu%4Bo9rYDU=n=ithpJ7g;8SY8+_SC=oy_9m%D^SrR-T#{lah2XQRv1Ne(${5hPxeH$*_-Y4 z1T}x|_y4ArH4}WfNvQ^VL)RYU?eb$!L#o?Jwj?=?K>6LDaX7| znH2KCvk@mDL5!$`L#DY9vLrMi@uw*Yrr08~3--&yzXB*lKWybSBxy> zx8fotAn^OFfz(Si98l3!oe*dC3^zi=>?o!c<}A%#o5Jf=jXFG-@p3l4g7ri`t|9{ zH)qc;;MHq*`s(Ggvo~k2US7bf@8I<1Kj4S6m(O+q6YUhdmco}y1WBxv1HW^Daj9|Z zEYogX5pL}DV0Os#dt|7^FbAD)Nj;dyu-o((Dc zVQyr3R8em|NM&qo0PMYgf7>>eH#&doRbZ9Qt=-3zWXDN5dNz9>$97xai4(8wv@^Hc zj}4KKgqk8a0BA>(rI5+?f4h{~!m_dqRH0mEtA?3X} zoW+0H_%j#`2G95R<-dc$p#1ONV0ZAB-Th}TcAxLR*xh^jm%;AdvlmbQ0tTCBrTS!y zL;9D&+GUk1_mw;_NeG7=lY|XB0ECdE38C{LID#CGAVVDh@C;568-kA=000O;0%vFl zbkC9RbebWENO*&250m}~^90UtUnd*x?)LV2PlE`JFie8oy@2k!6yub20N`*UTPy(jOOR8%H4NjBE&+9Q!Zbfism?a1uz3J0VG8UU?ig< z+L0V(3Fh-4LboU;DT=_wf4>Hi?g@Y)dW$IFQ^-ZHVBii%D4qkHfQ%skDan!u@F@a! zgvJqwG6XmQm@|M9j%Z3TLtu;`&nRL$U>u|Oc!Xoj=Q{u&zfdIK&B}R-6BP zdIu@m0Vhe=>j03^xL|dH`7|3zPEB9bZS4*>)moD1!mNEx5$X$8%EPgf_mSP_y=T2a z=X2|!$LI4r?))E<@MiO6ESUcXPxoI`=l}i3`TrrF`Z8(B8BC zXXq(>{^G^=Xm{`XL1%&zL?K7f5Ontjd;7uQX)t(pxw}7n`fT`YzqkMW-tN=E^S!-q>7rQS8d!_OJbntBOIQ}2vc>)eeI;VIt<*s@1 z1YDdQ{Udm-Y~J7`LJ7xXjOY*?oE;qgbS$mk&XXtL|1cCvbM42Nj9?5>NZ|}|M49-i zUmi(aq3rHbinAC&hIT+gIFiOC;8ST_#xWqbh*BIOX;qdp?*N>HaVD)pTaO7-HW}kd zMo}aTP+^>k{1e5B?CPT6!;DgtZ~$*1j^QZIQ`9g!RBz6;2Ha6U&$2kaKp{n3nA8zq zoKQGHhcRTLdP+o+h$i22sFVbBBFi*NwkEG#q?_Gj1WbOG>YM>6jeSTd^iZ_UR6p^7>C7N0dLAToh;K>tk+?({&UuD*Z>a|$H%;qNJ z-_cxsegkJnCNQM!oZ#2rI>3>1QQ#q&rI71&1%MGu_4-!UAg)+!lro4b#nO+F)xRDxmgjqQ&cZc-;?AoP?%B7=Z7TW=sgDq;-&1t ztn@{XJO;>EeveQZlle?^YEHlm-pGzW%WD=RwWi9s1{5()amY~=-0p#k!^0tE&_EBYA-GGC0D1}gZ?HPA?*?XKS+)_q!YyLuBh!L zu$3`U-=9!C10hVI>>n60AsN9rLwsA1w`j_aUz8>W{9B_mFF2JeXCk=c7{>9u(5QOm z?~SuK7P$mnJ9mk&N#-FgJ}n?z&Rrs|8~BKbwJJE$9mW!n=>d^UAt*Xoh9-en!NAz2 zEL-QG@N${M~I?Gwn(L%A^7mA z!pCbkLUGPQtbT2*bVa>XFbk(B%3?%?LIv_aT3O^@z!u?C<=9EgXx$e4M3|+Jhf|P} zNKVxhjSG*(P2N0W2@sKx^*LlWtPi6ZPOxZ>KsQT2pOAxD7IU1&D9DRveNhF6&rhQzUL-mt5z;fS=Gy(%Ly6LsHRQL1bW=)3NSkOQRA^YJ{ePlAioZ<) zts5dFHLcXLx|kst!E#|3vF|~`lL+ul0F+yomnUGExI1v9? zr8JS-6or#9PB6C(FNWwX4$&)|2-B725xvn@hY4K=s?VYM~v`OS=^ux_4vr568%Ygt%pl`%KXM#fQD+@SqcE2behKmPIL;`02TS8onZkAHKE^;yn_knvRM{?b%0E(~q+jY@b_eIi zeF9;x*X!wZlUX)lRy56yuooEOJDx=phm%V2X%@$4B*x*q#De$$Qu)Q3$t*%HQWWCx zT<@m@%dA4Q0MIC#U5TmU|~= zcc#1{Wjs}8HDOqS#UeyWN`2O*ic}Nd9!QJxTfu(O7cc|g3N6m~w>tpEavMcj=ii=; z-w=LA5km?8R*_p}mQuTO{U<3!foKyH1?rX2Mn&rmfnBC5@~zw$lBOXub=9pTX0OV6 zbBpOeW*Ot6QD!j7WcE<1ugG**+2|<@(RRDKDchki6jBlec{Tf@5~^N7O7Sh^DDP!` zz0iCQXK8Hawse(sW?ETdiXNbvi_;8=mYtIf+{q3Z;~TlZ#SqeyJWj;ALM=apeMcs$ z5x@xtJfjH%uMRGL60>BVQ1Is9^hEXZiO}s@Y)X4-hU8aUDXTF9X*k7Vjg(Q8k67pB z)-~fWiC|0;bPWgv*A%5O4kd5b(xR}_4?&S!lw)WfWPFMeuJe_2Kg{^lwIsxw9wmgI zLB{R~jX?f~n9W4>uEpnTu}Y*pa56~<6+K2+NtkgV2CXuLI#Y92)bsQo->YZtSu)%wG`N zSdUzCb#=)_vXm%4TjiUFvSC|I0N@=%m70hil=rI$afo9EwyrB`?|KJZJDo6p;o;^w zUnOBJL$Sz7ad?9wkfmTu$xPXIii__0!=kRHh}>FnvinwtMopPCKj0WK za7wa-3)Lj|DPSzk&9VH16UGsYgf*kwYbd$JlqAwkdMm0riVJJ0Ou3c?r4?N+M5oc( zGVdpfiMuIEbRQ^}a1CVJN-N`9m>JhSVOQb=ffVwo>~*S5)!ZqYNJ#X02f&yS5UIr1 z#jw5>Ld8(EhQG$md=-&#nx36u%zTMeO!c3}~nuLWW1eP|cr|T*# zv7q;`=sLc{syiB8$j~PSj<8(KLaMA<`3OHXVYG>I(qi$$#`mLbpLS&EKJLN;l%?pWp8LMaj)F6aXF`5ePr<2b&YBdd zdh42$`eiREyZ!Ws!pz!26Z3Kh%pjBN;26P3{M+mGa?g{p8FW%_VaDT>`?}2*Mm{s; z9xhM4^F&*08*F6^jk8#df2Dr3f>4XJ?Xrg|Uw4#vk{+oBhUE8+aU(rgb*#jAjKX;s zqn`-5VYyw^STZMar)LH^%6Dg#Au&Q@LXlXbz%fTutVAf!Qp1T`nC$mn@d)B#4!BUx zt%EQWzb?rQO7!HQzX1ISaQO`lTp%MJ2BH8Kh!HOT40Kt2QzwhJ+9u80>Wom% zdNRUMs1Mz_QbLvWqe36^E^B8}4o{h22%bJ2Jg+OrYWrWA+(i1#*LSRBO8w&GceO1D zS)tiH7NulC8k9GqK1$T@+_4~RM)^ibY&H**asLTYT09`*z$rQqv$s{>;>!?x3}lUe zRiVhg$sg}pKt6~{BgIGm+2jnH8crZ4*><&|hn zkw7RqnV`IU5+7uWG|nbCxvHbmSKn1qLix)NA3*PC75CHF4?cZTbtB;o;(pS6mTI|+ zR5CfArL~-JUFjKof2FsHuTm(;|O^1w+Hz$l`Kv6tT|rg0?OV*v|MFU66}5R*xO zC?z#q#AL!umY7UrmT(Fw3^}3!Lp)Fs&oAFy{-C1CWq7je7y3)a$KPM6Xtek$#7a&v zxx4yThUok%CX<%~%}O%SFGah*+#U1=9o2ur7^8&$RBFKu1lQ_o72=^p14jDlj)0To!AMu9QSN zqTyKjzjZ*vgRrg2vN^WGAL_(DR(r8>1BCl{1W+ddsZ8TIwytwyQztTu>K-`Iu}&tc z>6(!-SC027G!B&ZRoB4~qSEMAtw{TjF+546)t8V6^`GEGsCe<)@Do5WXC@ryZ|nwj zD&O2YIc_5=yP$iK*ZF6aS49d#Ah=Ylm9>p1qTG4zqY~o36>i1L6003I>@Z(OS5o@t zB42f+`rcpzm!<{TA6xQ#gXVsgrB(pqvy6Y_;j|sUrf40lD*wJg^C9TEEr#|`0RJs5 z{H|REm3E05D7iFMLZ>kGXeoGKMRXgOp8y0v)nm8%YR|5fX}mg@gy|oqZnc^psD7Ns z$h036jx|;t4hu#yQ0}dY_S^9faCr*RH=HUi`a9ch%$)~1Pwf;W2w$KWg`80ECU5Hc z8FO{HwNWOv`Y>$O^3F+&sJ2Tkt-tTP$;EP%%jPXO$T_!|s_muq0gyM}vjstr%S0|L zAN8m!QH^}8nU_!HnoLMk2kZFWNqr&S0Tx2h{(z)fMxx#uu*=%m$RrA8IcI^4AhK2& z9=>bq%}GjPGMQhb6v60_B*N&&2^YOkeF5qdu)nqLl`GU*&=LO$3~K?C3 z*s0^FZX~4?6B!Sm$KjsoH`YOs`_u(O=!S_Pr3lSZM;%lctnF2mh~jD#as5bHhWnaW zVzYAe#S<6yrB(VFiSpAQ((#Jkx9q{qaaD$9plSA>FvMkeO!-SNCNzM7ah7}ZQ|Y`! zIg+@{{sJj4rmxST98O^}L0bJ?Ag*>?=ZvEnn8<@Fp-f={8Cz0ka~ATLNs2c@s4>tn z2TX6B$RK)|3dps^7>0g-hL3udrZG~1ys{Ro%(@CGlNDH2B0&B3K`v=6#g9v9P#yhj!)Kl4s~OPO|qZn3I8Dm6v2E$zpl1@i*DIE{q?y?PEDNWCfm57dA)+2QQE~7Q0e3LrZeU-YElX5=)xO%8 zh+c$~i6S54M5KYy?-}FjkTPT-K_OyHM(_v`=#$9uL|I1TIT%qW#UlenzRk-Te%td~ z`6hw(;y8oT7IzpD8tK!lBtiLECzWjrmYkUhNze{RU_y2Po548V0W%cgY_bfKV_) zGeYNJ3o)ibK1)IY`HFqp7vorTo+1uWF)}RH(qWnn!CvuOl{o~@cK1%Pd98RZ=XzSr zwL93`*V$~@6)v|!W2BlxqiMa5tyo)r3u1hW62#b!RKsFq87K-FN~Mo$Zo*tH-kUOm zyvRTm(|=-RmT$KGemTY5nMhJuDq7zbXT}K@?SF(~IKMz4Ng@VL)H@J~mtt0tZ{?ZF zrD&&!V!1Gq`OoC9HOPtSi)7r;yHr2dAUK9N&M3N^QpBbtj=&G<1>pIc<%zN^6neNI zdZAt{A}TRCigzX3r7#6N4K@V3d&)F%Bt8UE*#O`QZV1%da_z+!(@Rdb2DwkIX^5FF zt;Wk|8!k05mny$^xHunMWM6K;EK7aikXe>si$Sw2$(F-rS+Xq$PL-?-bhTdAnf*(R zoPl@b?ADB&r_BSWGMnpe?Cp^5*ER%}>ypdUU)U*^C)uJ~E>E;&$6TIp%dY7m+ySMx zOLfkt58pRcNc)8~6IBD}9n)xmft9b(D|BmjOI6a>_K>df;LbNoG2u{Nz{R=KcvUtE zn{jzQT-vpaXleffF*h#C3LB#g#~del%iKZCK{!R>O-nmim3&=_Fuius+@_GJk^-wJ zRmu#BbuwnN9YyJGio>byxHwct+(kl(#$?zq2pxj1B&QDTX&|_i0j%AGc&y+<6osi+ z*o%ISBE6dZ2atjNJ$Z(VPmw-2tae!S3zd0;=b`1X`u^Vjz*!-IE$Iy~4Wp&MtyehJ zwzO7IvJPU<56nB!j6yY;ho?>9+L~E;D$`V0RJ7GtFR^oY+Dfwed~by*{eF`im5<44>nKH( zVa8D+PsWOp&deJQewI6Q;4p@Gwycj*10weG0(hV|{E98|qU^dDK`TkwuCqD!bUl4c z)9jBza9vbP)k{|ES~?Kra&SlD1)^EX=SP^@v1e8DVgaWn7GIQ*w=PVI2CiYo+peZ2 zrr^5M0u-q&1zRx1sYVI>Q=Azn>SpuW5I1Pok7c7X$fw{U8%3DPSgpAUWKxYRLx1GS zHt3*H>YQ!MvEe`~yYodq)nyu_Pz86Y$)Ak%ndE540qImB4*zMt`Y$VwK1$FHy1s1P z?v9?4HQX5UgOV2XvP5$MwiHg6Mz)i{TC%7li{l-TkV$UG4!4VDNfcR>I2-fl7O2(yGAM1)E z6vAqu`u+0d8iGZM<@DxMwRM)?ZK4 z2NDDihID&l)N_Jezw18{jVFW9EztybYy@TxPEOVx!$aNWjta6<3O+xjC3K6G2rmmqQ2<8B6&&Sc#K0G zZ>bjs>I}2KN(!8usjYK*Yhs2>)mntn%Sl^IP-R4?z5*T#3?pvcBmko1Rl~a}mIB36 zfK%51_tYg-jnK7YKo<^L3X3uw?s7?UR38URXPyPR(zqeo4@toWyCbY2& zQYf{9c8^GHDr^h%J|zr+t%T5-Gz6s2Cr7=x*7Ml4a&Byw`hq6ff&<$sK2uT!Fmaqw zb`rH-nZdb)57L-d%bUigbcUE%XXMANF4S-L{8d%m?SN1@!n$urg1Tb;(>;`<(QA@>P=5Mye*G=q%QrD5j13pAF$u0oCFpIor9{PhlC zF}y`Sl(9TbOXhifV#3b9&JuxY^R+W+lY31x@_< zG0O%$`G1P}N93|qk;`;9{QPiaMTc7*kgP@rJSZetQI952vcmFsge9}gwRM2WE_@wuj3+M`Vw8vr_Mq`v{Evu66MgPpaJ%O3*nj8!+8zKqe}hu8AB z-xooiHPz4ude)+d&BC6wC~z_GnWvU36|w;QY*WS90B9bXOF^KuD6<5D*0RJJ7_=7U zH3FfvEWH&JS{r%a9~fGT($|JVYc(7n0nxr3Ks0~%euPB(Q$nKIAxB>{D4K`S92TwS z+gA#V=Bv#kG};=_Xr4H&uMHf{@@cFBk5-d?LjY+t)K`Z{t0A}!NLmfabz#zK$UXw4 zeKA03b~NWoP-%4pHU*YeM}G~tv^tV&0jAXvT^lm3j_@BJG|isrSAx*m91E!p+q(`rfo2>{frCH`6vYMzznG9YSYHdcpGTg*r^kXo6Ob)eK1^RfU; ztzv_05>Bm_yGKB^KLntf9lczER4W?)j{~Y!s_@FNYV`x-0fE*0mDvQeT9Z~<0Iud| zY9sJ!ZMpio0M@L%%%vgLswV*#fvh=a+#A5u{9N4!+*nOXKEN?+r~DCe?DIp8`CD#1 z&@n$vAM99DXIKMxtcC#(^jH%E8v`G!867tKSmUT@2|!j;%$Ey6R+?ru2twwBFa=#)fQiZCu_&R3IJtQ2I?Tn8d>;aLCUK2tHP8u*31J`22ihnm9YTJEUX(9 zUeJJLR^_V(&8%SVtH(2|*7;A1Xx7~PD`1)x-Q*F~Y$2+dw1bKteKB3t!QR2a?s5jwwj^L?0vm21I+CF)xlvMe%aA0Re2Y&sk6a23!`eF zBHdTeXm)93d^G!;+v!y}qUqRTom*nuh4V9KUphti)_%#_;wqSIDq~a@kWu#u;nLv- zlSn5O7Ktcj2SDkW7rzz!joe|%U2J+Ir#H^xSf(@Keum}5e}v0n*Pba4YA`cO$X$kf zb>6Hmr3oJFz0y6%Cy+qy|+H6-lV*3gzCG^PP`Hy(w^p z=nOM8>Z>F3q~t9rQVhjs<7!b@A6FfDQrs!QDu}p(ioFdwK7xFT;Z&tGQq|IIU%Z!%1t(BJCEQ%`&dkHk_zCYODzA?N&99 z@B}g5x?G)HPndUb4%ig#J$pWcu-EJLz*&qSLt?1v*#3NI?I=$J-%%4VF<}mZ4u_Lg z%%)i!>&1OrhD8?NG0LVQ)Mg|D7v>Cu43h}*zRA=MsF*+0;e`Z1N?{I)A}I~^;SrT* zsEPD2(eF*q7y=V{VEUKxJ;KQl?Cu2-8ey0OyL$oMRenF!1i4?NkjW67jNcG01J#q< zgXVE%8-B$om%N@?mEL0d4+)ej?W9DV@h~&BZhTq&6o&a?bxn&#R3wn>1S!S0P#!%| z((C8T{2~TH{4a(=Q``((Oe}EHivCx+F8qP?`r4x!p~YXFr1&cSdiu`J$unq ztH(1K)iW3l2(#WD@GM;_)iP4vs$29Ys>0Ll%YAcRtQ zWx6eF21B;3rEqLmZZHVSG+USf3RN;NjC;!QP5N#@V)`y+TY5%!De8&2MD$^%YnKyi zk}h#mHy2m)f2J9@)U?G!Jm~E{>+RZ;@%N8&@x#o;rgPXUaSadfTV+WuWRZ6|8#voq zi>nfI4J0JOLJH+ETuw8MsOBaR6o;Vux81>h*RSf{a|#dW#NthD07w9I6_1!grb8`N zKf7{tUv1QC!AZZAuY$uAfFKA-9HUVA6t3hk*%?ZBFBJ2nh7)ztjc^i^$(4>eDSbrA z1SjYUCkcs0SByiRc}VC~oZMs$sU|TQ!FbW?tp`ptT^OX1&596Vq1g!0tD62G zFYKsQD(b7efS~$uiXi191U+q$f69AyQyQ*!Fp8KiF%y`HMqa#9U<#Sti`t2<8jY4u zDH{t*GjT!fg3?y3ND0ngOl`gk8^rtEuj{$5L440+j;w8!N*yYQB+G0e-ZRQlMJDT@ zk5y{ETv40FT3T4#Vx*-t>(d5hX%j`*2ul@uOW`XmEU$#F)T*=^Y^8-|H6kmuD!CP| z(qb9kAF9&Ave(8`YBA_Ggs4<jJ#!&GF^c`N1#U--?fQ zXh=Eb_J~hKB!nNFsRqeuU3{p8a87MNq3#XxsowGSi1+lT#CtNDd-*8?@qFtx5dMmQaF!lLmIZC%Gfzo^ zIa#pV5)z6Cvo>7<1;|hG9cmq5si~DC%8jVqRQX^yR6&jx&R1}5OnZqj7gCrC`^~Jq zHSj^s(c6L{P{9T8g_qaxly4f!cwF_DIt^k84@(nU!aQK-!s$G>=Y&>GfxnZHJVp#I z^_HaxGgQ|Mkwot<(+MhqT{)5Apispr{!T_Z=r^&q=xoMJDed`^XVPwA3{K1+kehQc zx(#$R{RpY%apUMse$lg8yCM}8qaVyRx2(Q?r`83E3mF|MbBOkkR@m9FsLzUotw5URl+?7t;q zg$@u_S-)lGekhX2n`rgH3U!W64P2GLX3e6xl!CIb3>o%XfB?W4Q9d+VIKdIQvw&~_ zdY{rEfFp(yzLljPekY@sU47=K`w6^!33j)wncpHMj{zliX>Pcv^QpXS zv=5`X9Opi#O6X|i44PYl^nf1gWA@S()f8tWLUBIBYoGTNB?j?HYKk2|l31T;%#Uw} zgi;i8a|l`4vvNd9I73~&ff&+?K%EW$JDP_vfj0^;N_vwSN7CRXNl%rpj=SY4C1F7; zmA*#41F__MRVgTm(NGXhI7*_WX&=8& zDRNGZl?#w}$BI&Xp8+t2(GZ*@{uIT{uAYyg1c!MOXkvt14kGb1@bQM*_juLj<>aw( zTQ%-+o3_=h_vYfXkW&%zq<`liW>EGSGr!SuUWq1GC zi{0n@FLw8y{$;Sc|8)2HU%+5%IHzG7VfrV01D@|{OGbZfP*+wcXXf0b=k!Qt<>aYz- zK`vpYkOBL^wD!NZYL-QEO4sT2X2>`}uWg04c1LeDx~4daP*SQL09~o4y4tC<<9agY0)5f}cwLh~a;ir4JU2vzk`O zi@gvemy!oXNhH-|m&G_L4Nb+Se1D3C2zKkf!uMSnMO^d!U4pqN<40VjUo#THg6RR+ zL(yuIzUeuo)So(azZQ+x{N&D3BleybyD9P;{G3btJTPYJju7=N zg2bxF;JE4V4hefEO|u+OV~i8%Y-4m6$Xf4;wvn(;m0IRgzJY2Ylp@3-j@kV*QC_f) zU-Oi2&Z#sui_UIA!8nbhL6WP~ms@gxZNv8k0GSz<1wuIv+j+0FOcMXSGEY zVK_+$<2XDeQ4uZn=~L%2CnPVWL?|f;;RF;JWynSk9K^A{{awXds2mEvJ5mP_rzpSJ zFsDgw5xt|BbCk$Xj$ub0UX`hY1OkAQFwPFtX;0|^zh(PAa`P*a(mACWrHXz(LsRLf`%(0d81pG>4kZn6;y zc?>3qs}w;{M8b)VqC?txMO56UPauc^Ow*nlJ!Ha^UY4^-b`H$(0~JFuCs}?bGeVegbNbs zYD~*IUldR&zFHT6_V-!u<{PS-Q<=J>BvRuvn&AX9t_;_ZqDY-uRqgyv?~x7Vwq*x^ z+=o5{-)!04Ps8}N>U|$RLx~y}l$@R@ZAPDFT1OexB5Mc2ONu~4h+c)SI(QiSZ!1;h*D)O5VNUM<@m>DWp zgaGXIfGZQ@6gMYxwkU#8UreBAJFm3rPQmmc#y1EuxiKE3z)A%(KFwj9WOrS5*meMT zTCRNcVkBApfF$v}W$iaU&Rf>s9=VqUWa)&$NKaQ&6wj2YWjguWk(lPx9BjrdWI(Mx zM<_BLl5cC3z_$juUfuPrO^k0PUv@;qw?)vgD1lAMT>?fZCU?0!&)>eiygEC$xcKGm z`O(WSR(U99r7Vqf+p<-jGXV+lu-`Xmo55}`hb=YMfj-BgIRil;@5d-h_vJT^@boAs z=^!2D&U%!@F-|6za8g*4O2wFIZ<(A9pzBH$YT(%`v`kyx!Wc)8Bb8mXry2JN;qKs2 zp#(-y5(EYWa=I2dzA>%*v!aPfaxCvL2g8?@O5EmYSWlbixw6w_SZ=MW4%Y=+3#Wo@ z*K9ACE9X=D(*7i>wBzqYO(1}rsF`m?@eO^CiN0x2xRK<*JO zwvp`(DxY_{#M-Av?~i<{{-3KUic>@-(8*@XSP=iY`}}#?|MP5bu>a`)d5Gu3hyHh+ zLz2!Zo=iFT`ScD_v;$6(u-CabJNifP8iy!hC^(Vx^cW*L1P5mahd&($d%Z#DyS_4& z`rm=&w_0Gnig#K zzw4YMo>6V)$xV;qB$=FO1zFW6e6`Xm3`M#kHu;sAL|XI9U+0AIvVqZ6$j`-V^?Mt% zuX$NNUdG>Is1~I{%E|Ng4C{07=6liNHgSY`ISu8v?~5>=$*v>Mp5SI@Nq+y<7w zWTm{L`++-FVI(c?T1DCwJ698d)w`G1XZVG5FiX4(y4Y4L^WSIPHgv`Yfp4-qYB!_o zi}_iU!r9pa7PdOL2@Oe1UOu0i4LA9SkRv7#YM5h58$cgky-~ z2J@@zyEG+#qbW(pqclgoUtpRF9*cKXE#j8o3_(YoICMpiCmFY1cB{OJgufGY9zA!>#PLCyA#T z3Rnt7JtYq#3|QhpaH~R6?Gp0~;pC2jPfA;Qx50Y%vitu1`}f`L1tUi+R?Gk`c9sg5 zkcGNHDHJux^CMkFht&FJ_!4Zzgxq8)=-%#j<+%l^JUlxv-s!g3658IDTR?UjPa*p| zn&*X?eEG&ucPW*!QU71n|0^LF0(nE!9L_f30$vdRH`uG3|9|%U>5E7I??XJIV{OI* z9B8;6qoHI!I+CG9qI(BH;Pa_0j8Us>+gQ6upIdl;fTueCHSUSJaC0LnV8Qr*_WZ^3 z()fSA|NJrj_d%Xbj(=;3;s@$lW15%S%N9np~6EqxhPtg}d)p1Z1Ya_4nG$PkW@UM(;q;lt=nVu~n4b-PhDKX)10j1{D0z<+1 z6kax!OG6A<3J`eWe@l{AS?wE6Rg|!WG}ty+7>*oRysIw03g@I(XRMG2Eog>ja{ z$682Z>M<~5&z@RmUQ$Xp2}wKz?~cyeCcQj7b4oAZ0p)ct60k~#k;&lSW`3-wGRr$? zU+Sj<-YgG;C#&PlX~?W#)e17Do@Ji4Jr>2&%q>1tZoO zv!x$6ak}#t(FID9Eng(xTu9TslTHb_2&^J)&tel?Xr9ktJTBE=O9$TC&S*L;*twwk ziytKmM~WBt&uQX(ie5poW)<_z4Vv$OZ{(-~!2vKx zQvxY;D6H1wR+LKe7Rr3 z0uFf2$Ax5;l0;74x^iFHO3yUfY~Bl#@eq6r*4Ll@P=iLE?#*xhM|tY?zZ)JFtT7!d z)c-H`T>Zbdx3~N3QU5>0vtj*jM+P}Dd~OhiKfG_{31QvvzsI@a3z#cf7VjNUF7rW*C-xn`-ANBu3JomK!W7KS#M`M+ByJv&N z+2=`XHh9#8a7Lmd%xETYtzKo(1o6kU!q=+*&8|>GADZFh;1=RoBKpbv_8YIi*`KZA z*sd!OzJHg%QjyNP`a(TfE5&}3l1MkX=X`J>_8Fq`M2#(V>2h@rn&idjM7^EMJ_FkW z+U{X1ZN#;309#dDumjh+Uq8lvZ2GC6{~3oIjkB1cbpyeg=l^GW`_IbpA1|H{9_RlD zc{VlwFEh2+@EI*KHtfefCAV(LRLXIYLmDGKw4;jDV9u9Us0KY@JPTZ`IK48V7rskU;BRffKmVMS+34fPsC$nP6j-+(%8F$x?WT8;w%jC!ibtNvhkuV(0FoJgGS3+Hs~ zCAmR~SG6@|s10i|nWu#DgBU}GtR}Z!t_KF{D`j!h*Tu(JXRUH{#BhqDEJjp9SLLBT z&fA=f^ID2>s~(zhG2!iMNI`}3>JjZ>9S~UcEO&2V>%pf(6QoLeOC zllz23s5R>%@gm-Bf{O8;NC>(&Xx=LI4Vo9GQ;YN}Xr#Fouk|f~tJ-yBRA4{PUVn?r!-jm)okm7Imjt!to4wSSWw-FAB@qTUC6; zLR%Krro~Bgfx=A6Q1zl}bTV@j_`9>1Zy?9gmonE~xF`dDD~(_{M2V3%K9#!m31lrG-__`sWaAHQajW0U5JGbLC3P z?{26?8tb{yz4>BHh0i+Uw1$R6>Qc%5p~N}rKCqqu^hY@9OFV1$eSpH!n~$Zqf_6+lFh+c zT~X$*z0RH{GM0_F=LzW6nmlPjOv{NGt2~il1x*Z=$8i3+mr5En7WKliw-?o?9JQ_} zo{A+TD|bXSvLeV~sh>&T!5QS!VN?5i+S50vSvHcss!Ei-{@}Mj+7R$oxTu%}8xA5& z8*0aAX&qO5mO7ai1^a^n645!aq?oCSuR&=oucF#1q?*>MRUICE{J?fZ9c#5K-8N(5 zL)#mFiY%Yu{+%XuRTYyWwRxV)B|Na)AN2O2Wh5@?Y?xJt_67xQ=*D=A!g&~@p9r}r zai4$NOchE+ty3A4-1;Z3S0|Tm4o*+5j*efw`>~|OC0p9DN)t%u`j8^%%G&_D4osI) zp6V{A=FaJH@OmXK!M&^-^%a_b%{+B_aDH-d^yfoZjl^kj3m+Ulmo+YjetLNUo!(n#@8Ar6+npFFd zVlgY1xc8}^Ee7vJOBYpHN?Ge{WaZ)HtJoJgw0sg;W0=)gN%G+I4>2s;cU8e1|Ksxf z;Od9h2R~labbQas)*;_rgHL_o<1Y~Nw`nCp!^iK%T)ktEEKS&MJ+^Jzwr$(CZQFZn z+xG0S?LD?_&wTT|=bTT!I-)BhyQ(@PyI1CQuR7{~JL+nx(ub3ytDA|ZpOueGGw9aR zizkw6cx*_o{dQp}SE>3F8@)O@YObC}Ugp|agiB5%M$t3mG{Mq+Swm?MYLU444PzF8Gsh_fZW7kyy^GI%*6G)#$7_u{=qo1kiOBTFagB)y{W6LQ7?tkIkbaRBE=Q7zi zptdPknBN_rAC6m<5pD#dw6@Vdw`G`+ClF%oW)uo18)TzG6-%%%U}@?<7Prfz+&C7I zJ)?KG;@I%E;F4LoH=W3EHEo^vZDG6@#hF=s-FX))t5Rzm{|I1}l-bF_DfV1)k+N?E zP#3gEFt0SvI_gE2QKjDA^ExNSKwv*Vd^Cxa^$i)9TZ&Jtol&pGhG&@$Mf`INrS-)?X1_*`YCEacr=l#jmK97%UEXJ-fBbx1TtDNR z+D_6&PduN~N=OqD)3F}Z&8C706zshiq9}|mO=W~IF3ja8(p%}TV7mPrP&xfrwzqw(F!Um(!{cwDR|2^@Y7{c@V|`e-dqqWh!3)(_ z-sc_Kw)bIuJ*vyGrWr!zHZ_ejvAl7*MxBly7Ok-xrPnJx@{ZsTBHa8mY{QID~oVb785rhnh9<4FI|(Zh~X7d4-t#vXl+ zS+CIUL>%LRFtv`mN_(fL^yNlqE85YLfZfHV)w_w7$h52ZwrphTLBDIP>+l|na={zW zuQ@e3SvXKp2KudvO~BC=)S_+yE9IBd%Ao;!u$c<*NE~YmXXT(+a7Cr3Xv8*!KDQbc z&DzG?pt1$0XBRb9TMc{^QT`O3)@;=P<&-M+Gl4)&FM>h7)c%Ogu65Vj0}jQbk)3Hm zA45o;5KLnfD+|<_^y^d5AyMjW)0V-88$>n0hn93CMviQ2Rs)d1uhurs2K(H!sLArj zy7jjo4DbK(|MqF~`T2P0-#+-Fhrjn}2mjppTt|zwdyUw&mTyN*UU)}s6~k~b6HH@= z|14{cxWvJ3jz~2wAEDD4mv}85LDKN?u5p)D*w&%%eZkcK!O~dasZJkybCKbF?AtN^m>wsJC$y zul-nuSm;h@25;?98m~#Q>Nw(D*&13IUu(7GdvP`H>X5v^uB77^MuI!-19YeDu`%hB zHh_go249>Ee{aUb?&^3nV~|E$K{5JFM$0(+iXq$h&o1hS z?5ze8TpRj5b^?eGDEroyVXWjR9Q9beXX_~Bh!~tbntBb_e0IkILsa81jg@PDcdfvhRe^+_2T`PKRsA*&**>nkfrrg zS3g3zRllNk@)KlB6d=LF63x=!oB&DroFm&JS;Qp`f{EP6yD6?==*Z zO{^PdRLr&FVZ;fzht#m zTtrKBd5{(Hw@`n>zpt42NglEgj`RPb>HhJ(EoAw*;rH(TxiQT3&i>i@aGYZ8do$+> z+KX}ro~&kN2hUB4)dJK%wHsVzX{ex-oH1t@=09G{(o%C@&WN5!ZJ(lx-=W$#M4SKf zI;MFC&^VLk6v*sfFA+2{+o<$(4P zYyy}R>n%#Si0q4mpW_ude}2CWSig7<8CWnEoc?42sT4Qyk)rr+Gih~y=+XFa1E_}y zE#VTo1=rbAdEyr)MC5JpF+DpsrD^`jOMCi>{zCuwpO1pQ_&I0o@^r84vRK9DOvdlC zz~oj*zIU~{2bJsW_R`N-V23TMHx1i0uK!y$cdjr4SS(h188I`Qye>M*;m+$;1+~d0cd&kQ4(sF}2|2Kg;O`JR-P{oxuhZz~iP?RxL=$9gj zJcNIeQs=41=uJwRyOql_INnb?#E3K8iFnB__iv;yMm9^Tr2F=(3nVqlb(NA<*C&72f}eATnnjrTC}Zw@+ppj zhgFX-PupXwh0!X0Mi#Stu=L)-)1;*!zH+t?`AJ3PJ0)+oVd{G=V^(ji(4!5$iI4w6lK`@d& z$96Rv>NHDz;(h;z_-3`(F-J-6an!Wg1v*l{r7SqH6^>}ZQU`@E3Xbqh+&NtANckrB zHMSgx$sT5>uf-ljV6~a zF)ZiJvn5by+_BFSH}i|d9#~8(BHA*2r7-v-7){vx0-l_Dm^r_l(BMO&0<7P{XU<3{ zg)eLt$v9@EEyi1caWk2d;^_)dusD}Alc6b%SUsF;Q|CcoCv^Grx{ypYNH1F#p`Q>y zlyV%qJ+EmCU$le&W4#ZeJEL#g#3)Z+i&L;^?b2SshXFO~6k*cZD)WziVhMc}0s70f zEG!W@$t;|o|2U7_;o_*2${?*t^IQ2hVf9H=0wESoVwf#-88Em?wx+Xn?(xq=RyitC zgejiT_&QtnO~u?)UE;Ou_*|5yDrK{^TkYwW?ixT+shAbNmDMPzy(+BjVxpTUbAY2{^et#n3BPr)sKY0j#57z#feuW0cI(U(GstBw&AFI9PQZP8ro4!%Y)X2-ke$X25{#sl$;wf=pbL4> z89B9Ju?jnMjr-zdxb_kd&@)aw@+s_HAw7~xvRCui)9>wlLUST|nt>>F+If|{dS7W( zvf-^&o-pg~KWlWn(%FA9sP35)JxkL9S`uNKdtrqMPxC>4fQQ|?Bcrg+&_sHUjp8QA zIbw`5Gl=meGA3IA_SPn=TBPz%>}H#Z>UnwmC@Xj|sjBEe{l<^R@@fB^269jIB!9BP zpoKe(QCK(f<$!7tBDQfnNbda3qKoGU9S}FKhmVt|oyYUz`26uoae7)$7i~~`$+pcUd@_(saM?vmq5Nr;1b zIzF3&Y?kh;R$EKTb;Bo4Tl3rbe$~jTo2K>yK=ln%swnA^EokeQtBUN;rbt^OW_Oz1 zQ3q?j?9IZO4vl&Jlx#q5ly8Qw&3q3Ot8R^3SW18v|4_XRzKW^KXZ++ta238D{-=jx z(PVcONm)Q;sdkw92;q_DJM_?}t=8J`%bky-r-R?y_2qe5aMEPe!@=Z3(m_djUFyH0 z2xXept5SP@To@`wMr@Ong<)d-SEtHK^bTr~*J)^Ta*3HWrTC+8y(ebOimpbuIY=aW&_oV z64%#9>X-n90h%xE3! znn%%>4mA&|oii=z4yP9CTiqKfJWd`1mcd91ja)_qlk=eEX6??SmahAEJ#Y_>w18B! zw-j#?c2<#1C3Yq;HU~y4*oINVdk&eItt=zy4esR&Gj>)5sUtg+Vw*##EiR|{;3Ih^ zjrI6^wvE=O{+AkeYkYTh+rQn>Og|+x&qRfL>uPf@uGX4veDO(ROX>y)t_!z5wzbFT zJ}FM)v#sBq^MAKq@qB^h7%w;>uJ5R>jwDuHNB<)hu>Fq_Xxs84iU+=P%p}Q~=H>vDdyMFx?qCT8J8M-_r2OROA>rZ)B^esh<7)u-~hXulozrmscGyU~_Bw zsc0xtMpje$8I15j0zGH_|6@X6gf!$Kjrj;xwDuVT&50qT65En)sfE0rD@T{+=3)?q z;a!xByiRt;+=UP0@ing6&wNMy9fGX=Yb9J_uZkE z#xi9Bm;L;xmuYCCN?-(%^?DIBOZass_hG*eys|9vc>tpk$YzkJHQ!Lc9VrPhCfelu z#f@5e$gndgxZzZ71r?yc=cq-9?#&=DlpFSKFCLs=J>tg`n-ApsCAxn*Kj^3D#p7o- zm@^fX_m6qqEIYvsPRQ7O*v`^g$Mu zvC-XD!?x*0A$Ke<+M*U%V*E9e`YslC#OxxM@j!>)jvo3eBcIIu+~(rV?$>HUi`~=e zbcVTppQ@saCzIVcxfgxB^T_`qjE&)6!r1@#e-Q@NE}ZGcpl5Ls;XWZt%po4q~_%2rG#5;&{}h{Iy)v$C>V(Z z_~3A-MrTJrWZfhy`$8T6y1UEevzT_WChb=a(_9mu!kz0n^xUl%C6|QjsZ1 zvqMPmf+h!=O4u?tlgBSbfXxHh(*$3vB91X>(Jd`U-oKzn=G`hn@6Sx!W-ez1BcS@aO98UYotUzwx6uHs-cw{WVX2 z*0ykYHt65{bFZ%W-u>|o*NT5mvM3EV6`P^^Oq-)hnUXrQ`%V|hd@z!dkOrn_%H?~r za&6o`L%d}3Yfe?6?lw+z8{PQZSVvsi$hcavl$@f8QNAwaaCJiwjTqNm&A?0AIER~p zIl#7l&fNON8NB}D7t|vpsEV4~bNu8huh=k72DHCZRc<{5@$wpWi1JrEY)r7~s+Nw3 zZCasdm@@mxSftpxW>gR7w{C|BbTQH)d>mP}nk394r&Fxq^;`rdFY3 z2bEX4mq!)HqZd@E=#RjPPoTcAh5k$^_zBi(zR_MgCuXZdkAp3!cXL!KKKmty;Qc86 zW!IPgQ|ND+UI^g=-&Y~w`UsVcJRm5C-^4TTpA7W0aj$p~=OA93W27nh7Lr^`lpos2 z`9JPX*LzFVYTEcl2d$fi>g^hyJtn=Jh6NIZD*MW$YV-uFejV+@iae(*Fah1Io`Zae zO*;;i4DCjA4SzQ(X=h8So&m{U1%R^_HAK)y1_6*8cANu}WX~Ok_U5WhL6%!_rdstu z%EnxC1|H(lf}JjI?ncd-!CPE{93A8eX(~Ar%`_#fum8fPq-kZgQ-pmb+9?msbO*|iDv}>I3#)C(t!I4$ZKb+Vg*G`WG}ruYQyT}$JbXWOD#i-Bw(XGYw?VJHTVLq(6LsqE(CjR}eMS?D@NKG+tvnC3QTWO)Hcp2%z8C}M#|VlY&M9VmF}I- zS)dMQXouY4aiNfv)@esu=(hyfGx`_CM=!hR9gIAZ(EP}xhQSYfE-&qee=eNc3;xwF zgXRV>k8u`4{_Z?21NLp9kQyZKaSV)u6f<-OA`f}xkncK0VH#*s4c-A{6>@<6E-@u9 z433+KSNg`;{|VWx-yS46=K+MwEWf(1NiJmcizjjje?$2kb%XDg-RC5ToTAhKqAVmB zfjoEh5=U1@&sJFa6@`}Q0rBJO1wbgToXIlWO#V$;dM!K?>vd!mOkjl&o0ck|LC7UzG5oLFoDU%#c7tMDcy5Jd6tC} zgM3iolJ>gi0`O!7Fh&xKaC@+w`M*s}#{4`S1Q#tHY}0gxGhvPXEPnNGf7@Ap-dtVt zkNohBJ>>l$f&_}pEku-ifzv>IS1o!1=~aA576JFAD)$(ac4^CJ23&@?d2iUi)Tpq(1v7()^AU?k>s3?N@m1Z1e8`VZId(#$sJOneGeqMGI|{<<4=PG3oxRfOqlnc zCe|#V%rU_4a@>d%N(fX}ltP%uc#qu4ui*6U-5)>4oojVr>x(ZXR5WdUeNeeTjl57~*BRGy^FvrSS!N-{Y# zsNn}&XMyuo)ibY;ROUM;Ft|CQmMa8j#6+n%mQLO)IEt^Khgj6q6$!;q_0DlSgV!a6 zKn^LFdFgD7EcFSHScu~Qr4&Zs*19B5h9S?4csvSln40eW+Br(WAIwo{eDVUa`=*+?;zhi;?n#5~%k(WMA`-9*af1Y}-R%_5P#9EavdA zM(7mYtf)A84=fa6xn?d21KkMAG1-V9)o=A$$)X_*nv9S$1p#h<;aE{vs0){~L)EA6 z6jnIENX+5nAAET_le3@M;SKh;u^U&eQbpC#Uz2GcM5JFSEHouwdMW8%Bzq6U)^i)F zdFq@fp%hmo?1(@F5)Rcnhdo8<`xK@q6GMPuoJJXPKw(Fpo&C+(&pAj`-{SU5PvEQT za}!chIepLzHPmjt7U4L>97iH; z2_wvs;)Vpg3U_6_2C!O!RIBPL(u++@)gQqD=$xoXs-tRJluiN}r8F>vq`}w~n>mxU zXaxBxpP;h;;R3VRAxy;n)Am9#^XDHJj3h0YIa#SmuD@ziEgoeU6;cz8>XzIyplXc8 z%+24fp)>a#*naCN4umb?7uZtNnU+iL!gA|1=^fJc+B~ykWqu*Xg{}VUI=H9VOsl1L_;>22qJ zix~HeKWgrMKvsLdkF9B95j`=4Tk{J7wluh~6Xp^p3Uj5A%NbllX>VVv@0a3eURDSj z42+d|j(IWqlhf=FI>GS!13l|XkY_x2RDjRMTZ0lh~NwiNxpB_va&n5}KTaEa|w!F*&+Wioetq8Lz9aXOHn zE7(Hh<22y25l2Yyt(>hO3`QXT1zG-17i=xN5)LF2DPQz$)&IGG;SvlF45&p_QfV5c z5GzADV{Ue{ZEpe~m|?Gx5YLPlF{6ey3L9iPt#1`IBiH9QSERc6rRN&_?yr~Zfd2MY zY-R2YFX)7S>!fk~2(l##)ilIGH>F-PP) zBl4=n%FZ&eC61>Z_U(%-o{e_}*0Pcx{ma$i&FnW5k8uJrAX$AfQnWzZ9;PMMrojeX z4+No1+!CeXb_}72YIT<5^SK`zTF<0^LY|I{i(7|4md&pJUojC2v^Lk`+WAUed9YT9 zJSu!2BbSTTUHSouM@~-l@jgR4mVb$w8XnkkBpyqD zvZp5A4+XH|O<+v01pZspo-|WR(q9g24IR=U_61u2w=yzoo6JTjRqc=bi7T=G^R4j> z8--#ZMg-Ct!lEQ477@seGineLMG0~Kg?RA90ND%{k&qcR!eFMRf9qICsgs3AO_?N= z0zn65@3xmb0UP30^I)Ae3{j#>i-k{~AoqxXRKskDZ9eD_gbYeXk)dcj>hGq7Asc>v z8KmbIp;w6v?7IMOgWD_rn;3`2@IFb$lB232t^s8R7&xj969-p1tH9!3X%m~BE%F}q z%{(j^iSLY0@#0~^kN)~A-WHAZT=E5Xkwq)jQO2NtN^P1X6D21e;R*<-Mh!?3sI--7fLn_KNWZQQ-~0MB5=h3=I?Z3zMS0p zR}&cLcfHP)vkH+E4>$wh*USizl}Hm8QercM{l%GE*<$I7T-aPteC|>L%--T!GXpwI zBDfl$;9x7-q|?S0-1}FY2E977Yp0lEa?E@MU>1;cNJ!|~H#%e$$*c%m&LqH!MDg!q zPMFzgG^hB1-V>j2$<2u-#}$VGC+SO+4wPgaph6j0lmv-f0H4!$nI~V+#oFftHI;NS z7^+DDh3Ei(5r*J}UPdZ7`z`z}$QCVYCw_S%{6jNx39DnbaRe5=!X7bgA&F`4r!pUY zG-T@ByJcAvgU1$$)ME6HN>7t+9gC8J+I!3R`%lx$&6VxpNDxPM?;B-(a}yeFgXFo9 zeDcAim5F?zyU)B9-t4hQBicXML=0AJUIAq$=KGH|e|V@gG5xh-3e6>m6CTXySnC1> zc9cp#q+$R9&lTJBk^qwQFd*9$2%rtm{RZ7O`;l_#ri6!V-J&@O6NXR0$rbU>wUE>qxwyw(sCGCH-7m14SQk~|?DP_zvj z5jt$ur_=fUxYW_2kB!;$=9QGi=;CtE<`tv^No2PtBpd=Z#apbBE`prVeO7*i?k*Hn zTV)F{$)p`EvyXtQzxI+vsKi^kS}W{boS?2D%>nbnDPj8Y2(fqE>|%uTPfAbxxTK-a zCflPEyz&W5EO~Lyo+-?sGY zhu8_Hd>*E=v)M<}#&71Hw5fh)>5eUIcECS7nIFZ8t4%pmtm}~zBn@czw#=`*e=Vqc zS+&=cz3xC4M$+zwE0Ap$(otNl$*}j{rB36NkVnxlv+&#IQJ~wSARyrm{ds4*Hp+NG zW%s@(18AP4H44>*KR3mhCrtair0UBBe#?Go=LNNy1;v^aem9I5EG+@5r}wo1TQ@Os z0X5GB8bs`vTI=BNPni`><~cjg9|Z{?c9~D;VGjs{db&3?b6z{ z;jd=)>MW3|lws!KrYbgwqm;r>&oA0b#qULf!+SWB=0r*e%w#;KT$M>>YOPo&M%Sd) zmu;s8z0l?Bxe8#?#L)-IDa#=@<^h-Cf(}SK%tSmA1wyW5g+L-G0u39^{ z<_#vF;}0~(@m&LEviao~BF6?H&Ctwo4D>jY2Bv}5lt0wvFIX2I z2=yE&j6ktT4j{LS6&*6^neM-_AVAmT8JJZCpni(V(R)D-l?7L9V+qETq=C2Dl1O&g z3nGMI1kQ9hIwyO~MvI#5N@_gvG*{raX0~0Q1IZ?p%sdV9P~x)Fl3WVTTre3>17xBo z)RhI_M$PQ;yc%;C4oU)D7pl_)!L%lcHyvPXhc|^~pb0rPBl#u$1C;=1DSTp5i`Pi@ zT};@0t)dBQVpUaDpa#vf{767sKDPEAxe1Emigw|@6x31H7j>hAhYmyXm z$7O7+R+@j2;l7#_Qp~n?NQ|Mx z5@N)|Ke2y-?x1pUhqUt!zqqp!AUp4ovx2dJHaZUwBT2cE2W}EuF6l0BM|yQhmO#GI z1Fq4;2^SjS1N@ErylB8lt#H5&u+DM;lb*C9SOjkZn^e)LK1f?x1i0Ri44~8C$U?ds z0zEZLp>|w;CkxGEP&lGE-zu6D^u7Eo}qkfG` zuLQWOp*>`4(GyE44fLNqQ6q!4Ie14E&?`250XI`Wt=1a%0zjBtl z`f89&5ILSksh?7>9824R(gD?#N%mlWLXWrz4nV+f3LWTXm*CYVxSBN7{0XG7{h2vv z6l;N**f&ej9niP|;R(zEuuX-XsM?q`nYXi@H7F3IuWz3&o_npc|4|l( zcfIt(*2}PqHCTPstn>H`6JWafNNZ8wD+W};0PhRAEA#7dj|BTTaKwX=QJZ z(x!zS^9M6wDRgSnPehoNkDM*chk2`=Yp4td(o{sE(^M9n-*lmn3biaF_)!n0Aii23h+?0%ukn??>;ugvucKwaNYWB|r~26wwa3%XUFZ>cBH_BAHxB}70pfJ`>yFfTrXr8#Dm1dPtOOVz3#^3v-@TRsjb?LUJqbm-NdjOa%Y!TuW$LGW##k!tOR3FU z1DXtC!Xjg>0eeMS27N-_&DQ*^g$XnOj`htxg(J`-CRUveM=VBwk@;y#5C@4h?zGgM zi%Az*&_IsX6-LLWvx88Lyq$U?{-d%%2=T)p?Nu(rXe<5o{xz{L|4yGnrO;NfR+{fG{I4 zUwErJ3CC7R1=0LRqql(Sl>rg1DSlp49vLTIX) z5GZ*93w@6Jm>D4B8k%31rF)PG{W>9)@?kEAd{1{T`LScp+8py;wkCWA_WNqiO#3@3 zFT4Eb);I29#xg}sJA}x5q_GgjQQ4I&fhipi$kN)c7gT7~sjX{`sj|S~20LVxii*D! zyxX|FI{gYM3$)RQxy<@k+F~Me=w)4HK$##8HUaFa0%V@HXxg9IX<-G#h%^5g3`vL7 zxfBq6IIxaT^=-1oP*KYoea{8FPQ&t-!!VW~82#6uceSwy_a3-A5*}D~7 zQ2$<1UGTRaa)Kxg0qnslI}m1wIY_&$nq__}cEZ~*u+Ek>aKhU6+}*e=?G4!k5&<+O z+}}~cxX(}r>L8j8jCsXWXobKTJ#N+1-I+GMQ~=DkLBTeB}e5DH1 z3UvphtX)LH-u46g0&D3BM(Vu!RKqpOzFpq9krFACF;kt6hFuUtxdcxONX?*o4hx1j zsKfnrTcAQuO(8nqQ1DZKVC16CQ4lg}SMhsNv!MK%h&xIPMP|Z&bElsiOT`x%UfrI_ zpi3nJYYRPVKVnr)PU~p5$79jLz>`q8~XmNbLJ* zi3mY~6 zZ?~WsWGz`N96deE>1!HhjiqpL4Mnu+Ea6s9rd_@eBwo^VPItFvF+(Cj!llr`CTuC= zh$JczIwj=gSfJ6v5gL~t(BySe9?=elg>u4A6VxQLak{VzlD4OP*wJ(xG^P0@PlY6A zR)3LF_i!u`JR>COObmFmI6Kd%QpN&sVeLTPHLPHfJJYay;)Xv7M&s?Zjvbewa|bdI zk>(aG5oqV3xo-=!A}~~N_<|g~Ro8S8cq6av55yhlT0nPSYdgS1hLduirF$7MTQt@% zq*6dr@hn0pijVt0|4PdW!&b^&JHj?6DNA+|ZHL&zOrYyhW*U2(rA#0@TF+GK{HBbI zRO=Rc@B_R?T6C#cxKyBP!V{+k7OqP8jI`*I<4hLd_T>k9bBhh%@jjiZvC@F9d73HI zfF9wDb17-!K3!^bXR7DzBAcmlI{c<0&P^S$<3*)~PSG)LtB)Fr*u(ZG zGxKc~1ygC|zM9-3PT;b4n(4SP-*D%XOi(u7$|^If89+P3+GE&2J=s>XQ9Sn?pJ~cn zEHj&Jm@(FYc574H-{XSY$6V!G6^&H8nJ0F1pgOkC$FTr<%-);pOdKa1=U~T$EG3BQ zy4H9n-auVq0ovAVCm+D=!{Se3O;>gl1lWLfTb%CfC~6rC5mmLE57#|&9awM0)`Xb%3Tm$T&!9QO&poeFB8 zoA_MFEKG7)N0R2!bj9l9;IvVE#94WWorKOFV^F#@tQiH^0Cp*xbEX*Wfk$5At|c(@ zFThT$nuS?FwPf-xkTKWdrKcAQ?V@Xi*g$p<_oD2N@!Fi`F2a4bdMl?FK-ch@oLIWp z4*qkW^Agr@sGP;v7{kLa7lxIR=$n8X;5kbRmJTy&0XBt8Eh$*nN~r-}66~?0WLG+%`gl!p z!WK?@&V{efj4VxXJ;wxeX=2;Yh4IdfEJc1tha&nU6w5UsIjd4Y)kLEvXnXk7QaR-a z?_n8Ts+i6bp|oqml1XJP$R<9YI;+)$Dn64M`Xm+0HGEzh7VA+Z{909XiKa~n_Kcyf z)0fwY?++ZW(Zf(j27ib^vgxwa$!nCbP z``-hKRO;C5vR>KTi!Ru)62|M)M%^9Ta#p{@=I`uP(m*kElb*kv7}YA7ypmoL2Rane z#+wV{**W2MFXTB7PyyZ&XVp?o|D;wWFLlBlv9s1aQTu4KwmaY)u(NhCmrFcq^BpJ2 zJZnoFvoen{mr1?;yHAzo6w|KD_6fI~5BHyOC7HIhPQFdev!qf(xBy1PeOqGpCtWeR zrX`5Gc9fuxV*Rz4yR}IWT%e=8QlPQtiGt{WZAx6HT79-wLKaIjD{n1{LhQhsVI`qr zu8{@N0os(TF0{LBteh^3`6{cD2)fYiva*OhB)e)-$T>jQc%)H!NDlDhg^Nl_44rrf zE6Ge;!=tfMSUtr!F9{r6w9>zW*VjcWvqOM~+WEg?cp2)=Y8eDVY5Jk2J)38=< z6y7IUO6+dFQ71O9mQ0HT{5HJHV~!M9J^GYiW{wKccmv5@4z_O9=JK!w`n7di{MC+y zGQSTky@%`#_?NLJMR^g_|Az1pyY_+l?kS{V<4{@vH*aJXR9=)U7Ga1ZIy~ljz3Tw* z#Cr_6r%Z)1t$D<;{Sk8grj)z8=wB9i{3J{tpTFhy|S)iX1a%ZLS17x)5$hh!Wjndeo_1u+lm{i4iqY z4ysO1l?y<*rnABMy8x4E+RnG+g7){P`K!twC(qC0r*76Bey4k)&mM5oh^!ptU?w#< z%kudOttSk~f!ovF>vJzBOea3FHa&rXrz%`qU{r*Jtx`|9y~0eazGujpgv`VIXAN*9 z_r&v*ghT^je6e^)7?-W3M&@F?6)8Ex(~jsv^7eIQPpyzFJ>JzJ+T75B_Go&KENd$m z2jurWJRVa?5!@Ljz^`>d*pF=K33e;p3L(?|+Mioa5NBEK)}F z9vX1$NCok3bPz@}H8%|6pwFujmKq2*ac&|$@CF(6CumcTixw!iE%-w&PM_WsZyLN5 ztEAGoCfCVQ5xUrWSTwV_7S;tz&n}8D$@+m^L;Ce=FN`^Ilq+IpL39Z353jdN=qOqy zLMsk{>P4C~ct)s!i@i$>1S*!9WOA4QxTr?<8KD5W(KEr4kz9ehyMt;uwaiTcrcSY< zN5=qfbIWnO99g}>E0jSD#LhH$#NYy6L|y`vsshrvjsTk1NB0@88{CwtBGb9(0MZFV(UC%O)g}P36K1>p`2Ywt6GEzs4}_UP^fm6_FVa^lXDE9!xp@AEL_jytzRqW z46tHyPu+L!cX&q~kD2se>u9ETR-oPEqX%t#WXE3ETL7m@VN;Tul>$8WY@qqA5p^c^% zoX?nUGVPIPw3BNk;A_HQ`RAEftsE-=z7u9jZ|lTz1=y~zT+#g$bO+ZmfX|q1GYc5s zA;&~&Nyn{lZPD+wI44&r1NZU!%oP3i)^(9h2OaF^;E8}%CN%${&~HOV1%52wL845C z?F4B23h;umjMmd0Hq3IGF}_j8*pU^dnt`)C4fPdw#yt(TE^SlGU@N$QT@6&@-dfDd(Z6*(01C9)(Ud7p`HuAhVV7+7`_5m@j*~8XherJKHB|z!GzYooSOL!9E>sGBbMN1GN zx|Zu!nB*DT^Js9O%!b6Gu0@(cEYaE|!dB;C)Lye>0OzfW*(8tAz&3Uo#Q*RO@*ZWb<1Bpz?GP zhWAG{RkpSvi2o| zlE|1|mkQW%TvjoXla218awX@f$WVgSmAeQr;Y=fr{(W*rN7t4`F1or2SCKxrt5Ous7`#A(O<4+xdnVm;$L5`s|67OAtE<$)zK4l#2 zsf&?DP608hFokI$6@%+{0S4`FXLVj~66)G5avf z`4QKt$0_*8yb5I=@krTu_K1|-u1WDe^n_-Ozr(|G=35hGn36rpWy z7{ldOEdeAK`2+ec>#OC)_pgrw;(^fxJaB`IB%25;5+r;tLyP7ONb1F{%GJ&7xJjZu zp?TBGg6qbKmh)>tNFp}Oe0=C2hLl_*LV6?^{k*`g`e!o?3Q+DA0s0}ihovXDUjejZ6+rZKvOT_8<>%+>q9Iz-q7H_Oj^>7W?1_U8ju^3bIG&o3@maM1cE(S8PACZB8 zLe$ELlZ0?im5F>0c$E(^MCT(9y#I|^OH6%22I-6@?#ZaK$TtBr)X0Z!a>4sLe4u4) zZ^^YFs>mwmCflMUB#=<0`xD|63TTt#i;6=|2%E~OTC0xDtKt%7+Dvwg!_w2i-haAV zhBz>k{Mq!&o`Z&jLxZXyUe}n_t8&Eva!)}Wcw-wl)epDVBfjla+iM9FP_TtoiW^kp zbdsn{y){m$BoIhLhB74DOU5<=lGY4lauN43v5za;8{GT*z4y)S_5KJPo5!ar@Tbc> zL6W-lGzs|L>l-*n?IAaJQBi#2g{$W)rs{x*yqaD23n2kyQQ=f!S?qxBZo#gFr5vR> z6b;d30*Lxnjmtxt#rghbULxIs$m(Um_(GCX9naZdyLCO|z!$DcMEg7B^#qPu_E7M` z<8(<*YBm(A`JW?>Sv7@>7jh^t4mlJxz|JG)lOZ%IlH@)uXqhvzKqzy*8wj-2YipBG zkJlgVSkIVzH#=?peSr|OYz6(E0rsgr&>#XUz>GAA3j7|g2m&4#5CtXZMgE{U(hun) zERSvgWZR&C!35YQh;pw}QWLE3#N|i6jS4SG96m4Je>Wbdd6$Vg0uCAFKJX}8ZIdj0 ze=ftJ@}@cPk_4FGDhto0$yhQaG5Y0DUnFxa_X_YWP*9Ep(Nemv1e9_17y&hD z<;)|a!sAAXa24bB&U^!=rOY4?5=o!U{*W|6#s$%-}pn)T} z>oNzR^r+foCQ}6(PBJjY5II%E<30k&!A6cLBV`0k&j8sG*%MdgNnt_e;gg!Uh;txw(f!)H-P`@cx2PR^kj`AO z@Eh3*!i1ER4wbSEX?+)shx|*#64Pu<@fE+>hDdHysG)L*Op4*p{<&?JOzr$AkG3AR#s^Sw&c0SAVfBpeY|V$VAILg z0kM<;A$+Mxrj6J=WEw^C6L22EY-)<7rDr;71uUgHJP4P%0241CCvf}(W$53_BA6dY_#(O}3aSy2rB!2+^J`$Cy_ow_xrgyl;#^%gl_>gkfXO z7hTQE4_F~egh#OdLx$1#6m*I%@d$A zAvsYS(}vfAkR``Iwbxhez{|)fptf)B?$rM=jO9EM@>5j&bdmhg!+IcugswPPuUkO= zX@y_(=lf;nuwGGmZ9IbCu-tc_Kup^|FhQlSm9DJPj&hDZwgV24Q<>$2cFloIHF>x+3JQmW~x>&6?g^NWd`IKttIULquus$VM|c}UXI?wq9`h|8!`hULz6;Z2U*(^byiePP~h*^cR7qdXh!jk%Z%I&~PUCBO*iX1vI=EoZsYDL00 z$(oKOlYkXw^iP36h9l@K-<3p|WMWfanZdRErcUuxMf}6)(@APsRe=VZ!A;H+k4Y~z z%yzY5w%5@nT4aRGkSU9+I*j@w6;={fs2|M1?qf3LS-YCcpy6jsk~@y-cE0wq>k|^;cPYx ziI^}3^BB*h{0z3KLfaZuKZS5_gn#Shdd>gcjZ-vCp{@0>!{FDMNRXRfq9WmRI8&GA09rsos~2v&_5dx=8-p2+P=9Rd_-{E)@bR;%1rrzrk}U4ogD;82}3ZMoDZk&_T> zbFHSYPh8o<7(S^$rRT5app8jHI1YOgcG*o>=3sRvB%F3(fG!ncMuaB%KgDB?16b2> z@+61;f@tbnxPf(L3?MBt(@*xfSkFA)mZWZ|ToeGgV$Nd1!?{#>Ndz>@-1ImoWMr%n z58UO<^qq~q8U^tcPA|a4SZ(B@4vKeNrjm2VwZx@XnbaQRhnvwfvOGH(PD^f?FD&uNx=b?L)~+5E7X+bqCb&CWhBG)VWj zG26(3V5!GE5K7SDWXdi`U|MNAS=P75ctAcq+pci?c|Qw@{H``E=LeOk;oKFWlk~n> zS^f>Vh{z=p37`3rt2waVb6`EizXG9B$89*9#-h~FoiH>Qcms*0*2nDAEEWkTSlv!@ zb;aO_K>A=R>1Ws@QO}ac?vNyxghbsbjTrChQAC$T-H=AJFTD<|!Xc-eP3@!x1FxUX z=q=N$P!wGo3S;7f&2h#J8Pw#(0mSagfatFc5OQH%U7}27y2zPs#mKa-{&O&Um1NzM-UuA&p2%H#yNk+l9IM zmA~e0^BtDaY8{S7YC$@9U8~haXWEQto||}5{5(UK7#xE*@ul3gjV?)ge`qdq%UTK# z?4D<^mjnl1*$@#6$jQpXnAW93r3uZKUr%}4hQlnkrt0>k!&N*9D!wOZGWNm;T4h@o z2g6j*SBMQ3;Y=Yb#t!*Uel!ln6x1s9H z$rZfU9A3#bc0HNtoM4{7_ML5`h+VoGY!37DV6e(qd4=pSUTnw7ZOnavZn~l+;ad#~ z3*o9N^)Rk~#;hLTZX*Y(GktZN!YB7;uke6(8%?l4L&?iH0ZBW^i`2~@18)Nx0;h@E zmYH|h?t>()_vR+;R8P0oa?Zah#`)=8gx<0XG940*2D{s6r@zzRRyxqdj=e^elnsmq zVK_%4seMjJP-(vpfPuu9&oOkD!syc+4cSD33tv;9~f@z6YX_Uh1y8(}!N9qN~khc2A*} zUIC(sAmK=AhnQQ<-GJ=XyVt3F@|}Wm7oBP;#Bn&iB%D}^48d9jj$?wkn%4+lFb)^f z!W}uX^LWue0Hk3M?`C1k3S=MnlVp$)c=%sZkds4GMatt}nO&DxB<6|7r|4343 ztvX<^%G|#K4CHb&5V6M?RazI05H-Lv*T@Iar_b_ufis z({5I6+Uq@{&NRAu8deLJ4R935njLSYY47Exy}#15_p;O8UpVbOJ?;ID#3e6V!18G*T;&}-vSE!rwk_!m?$VT5N+`#RFuD5WhFFw8czsIK^ zj^F;{^U24fhf9mKU0P(o>fBklk>V^`SD~*uZZ$U`aI0>w#*CME`BAWf{c|PQE44tm zY)XnAGA2*FvFbCWkIPdJ6QqeiW60pOh2vOswk_A$x)^lSOwVZ)psknIU#jDwL&=iP zBX$|7HyT2v0sE-h{z#($eCPl1@kdYj#v7gFA0L0zxATGq5S9Yx=<1LYd``F`dg;CS z69ldZ637>nTy7)5jI+EX!);A?+bEeZVb*D1b4yAFLq}cMP!GMrJfy@bE#LzIu-ioe z4b-DY?f44e{}dQ~#yRnmaIS?nsdEb|(H?XerB|d6tS8Dp+-tRtBlKVOx@j+-g<)^- ze7FDI-?jW5Qw`8FgIiL6C8Jp=sX!Wgz?F0*bryBM6ok(#+SVjR;aS&N|3Z*?%p zlATbmFFq9Yz6+Uf7?q3=1vfzPI%HTs~o`K_%a16ZB;4IM|mCpk-xao`=2<!d|l5$(( zsJrl5|I!^O9|Yh~v2_g4wGd8PEgJrH5gP9^>O)sH%wG>*J$WZ%V}i!)f^c}e;yNATC}_dM zVeO?_SdRCnhjNp}JQLLNhkn@$W)OH-zK${a{eJ)1-X8q7-|y%DJLvE1{%Nqc|9tRl z@A+V7_fP%7{_g(HpHP1tgD)yGkzoF({;N62*V;toT#`td0qTb&4%)>t zWMk@E$Bbddf5B@Z{j$vX`AQzUc1@yna^Xyrk{y*F4KhXc%D34Go&u7TcBXoN5^8a?V7}h;jkCQ3k2k7wR@aUf) z(1K==wcE>IRFDZ*#yvXj9lg|+V;lu0a*7o7A3Z|^8<>%jt?1D$?v8oE~veFp!=YO!Xzu(WE|DFEc?(W0+zm4+y@4ct33KGzS06gt| z{n~2DUeE=d9)QP>RI{as@nR~0>rco5N~^WrlVrxFLM`=Kc&L7;P;BlzjBfq@yLmH= z+6pN>2NPAW1=&FxZ3Wa%Q2U(B+o=7+yLWBWR_v>dwn8cr)c*ePeOvzTf44gw)cyKZ zP5SrWyZX7`q7h`17)%(P1TVqw_tc+|U>4G7e5~>{tDj$~>qO)K65AUQ^9~kl!mpGf zZDelqLiU`@576(wBk!Ed(buo7G~OrE@x`T7?)+>#cHM}ia#bo$tEXLyGd;<1$$yp2Nfel$FNws812kxv58dKEPB0IywU4rco83n>f^1@#QuA$;J)CMk*bjtH zHNd-@w3juzca4p+dnONi8@1JGxse@Io2S-9M~M7}AoaZ&Q?DGpHlrGz(;*23$@Z%7 zWtm=8i%hQ?-ZijKSj<8;p8rUe0KL;F-2nGDfO2E-W}2$`BKJphWu2?q*(cs67)pE5 zGJ(*?EHG%+lmCtqx;)y&EXa|4pG{*Hktne!ry@Ej=l3@9J}OlvW`T~n+=d_xPH5z` zQvORBV0HVGbU8p2a-HNq%ZY*?UK>4byfw~h4TK-t^`e6p>Bh8?mwrg=I*@Ry1L!)) z%Y3)33P31nS*Vk3U0A)_g`@+z;8 znrtDBa~TZFf;ru1PyY*bI_L^TG?D@o8uYVdS`)O0C1{IG<7Dn^aVK9D#hgaT2(@t> zd)dQi8y%oO!=x-a6ozy7d!ElcJ}2{S^jJB3AG|0*hWv~kD+UM5PPZ#%M}>i%lLd{h zL-E`ioucfLSz$TeL7TgXMUU?T8Wriq=An^fi|XGFM;t82??F;tA0y1j&G()WrZW5= zg%K{Vt8~jr)wg4J-?_)PF_F4Hi7FvbD{{HU#3?uA4HKrO9POLoLj~j72!yERS9cg8 z8nB?Xai7~!{?$lp(ES}cpTU8d?|9u?WaMvr|04%Wo??3DBDmB zooYZnoWG51=N-B8{4s6qnO@8Ql|8#OM31tb5gIWH9sP*2m{WK)Wc_?p*g_TrRPY(N z^$cghm?U1aJ&Sb)I@@1n=LDHv5Prm_G3Erd|7+mw47&YxQ9h~01FvH{1d#!?)sVf5 z!H^_)(9VLjs&3J!xhkx55GK9wW>Ctd>uU^0FL3&Ci`ghC#MHnt3ef`-+UW{Eg$%=*B-cx z>#T)YJwWZYS^WF&50BDUj15l}A7XzAdUJiTNDVkkCXDN(J4=DEuKD^vdG!8eQvmur zSOR|6M?DiO33XLV5MhHqjB$I2dXRpZlOUHSQj>4 z-*$W?TqUeqX)`V!He;F15Gdg@;M*r@gf5*lo{BUdS3?Vlh&|h65$yL@qbthB1hZa# zk%xhPzL`xoyZlOVX-CZ#|MwTGVBX5BU&uwumvSvQ+~5f;<1T{m3&Hh*k~HfxLif!_0iRnObEWEcRH?Wew%w8v!H8&7^b-QZ8yH*oElkh8}+mbb%$8r zf&@CKW*Q@O*W3Mz*E&R(c&?JMn85nQ+Lu^8SGA$s0yK*f8rllG-mceI@d&aue%XzN z;I<7pqO(ln$W1QR{{8FMHgW^^>*um^T9C-ajtv3dI2n^KaNBLdJR>%OE9z189MIRV zHpwOQY*LoUb)OUU!q?QL5&ExPZ&wGJ(Mg5dG)f2`VPB=Kgt&2SmE6T^J$?ECqMn+x z2#^~^g@#IS$i`0un$n0)XHnU1Jbl{Gex)<(ICIUMKL;}H-?uJ4^}B!lcjxJ+|M&IZ zPrrVB+(ug&@SrP{FdZY=xs_kYXujqB-{SjUH&n`M7r+bNf9^cr$-V#F84R91f4Kj> zjdJVvzsPc0hpGl7QAr3S)HNPn7sASc-!LutVvZVH(Meol- z{$D#+H@|nzOf&N;TtO8_P~9)zW0NaNeRN(zvI}$!=x%rD6l8t$781>FrGfqrAQE;K z&y}6)WEO_1l`vO8otncKr`2;u(u)0+r*g1e{cWdHb!M9!+03jQ5!(4(9wC^XglYa{ zxOk$&F1ZK5g;6(SA)+Hlk8vzedy3=qEudpVa_8^@;W(B%oB7p)2=3XAGsv|}U-^F0 zSE$vtr_7^b4bu!}>o4(U!(p)zE=7zj_hquvaR<;bj}-?wNM)vSg=P``&AiH1p?e{C zS8h6)*{qKWkP95nFr@g<))cAo7%8vjs2AwN+7EnA@n3MrOXjoqsOzu3W2`s-&g}Q& zQuB6^E|k~16*5t(<)-x2583iFYBZZ=j_S9jSr41C(ezVk z3pVE!jmC@f}mPMv`v z+Q?I3^P5o1i@Z=K{K9&}kPUk~yQBR< zKz6^w{qLSV^Y_W9KOFgcJHy@4^WA;_`R<_qeE7WI@97D8WA^Cv-k|$>Zx7ieW&Ll? z{@)h3-~6Ss^^2$f^}pPIcH#SB_rG!XKfiSU{TKZ${h{-;BU}8XQN71!4y-cTiNTYD z7uprBqM}s<0uTPbZJT;;AcsAUfww#QCQN_Tf9Y>0Op;miP5+g@pE_}FqntkNMU)4UH)11%BV-bD znwn&~bt;X&9m*K?%o^2u%*aG{5{D zPeaFl$X<70eIEu%ry@k7gp5hys_Uf$oO{ppVM6R@36x2neVW(c?z$;LD1={4iSoF zU#?+K9yKYys;z7n#*kGD{kb1q?`{by(;dA67TZiWL?Ee?1kQLIE{ ztG9cdD9`SMOF>n83`#m6MWhe&m>{^%&OSg{Oc;#s?}_fEt%S)%C|hjiAlg>R)4%VQ zc8)K2$3rH*dbf84oYj2V_0o<)ECf)SYr*q4*V~eCEjF)x53vGxZydT7xITfziV+^e zjkI=Xa8hmo_5ASq6mqDNpd}m75%s0$r4o;l#AH3yfN`6*-jh+9Dasv9QYuLIK9l>_ z(?IS$vK!iUyIH)svhO#lYsm(PNK)m+>8V0}F?8Blc)j*gGpg}YQKV{u#gAl;GF`Xx zfbheaR8!PdIG1F;QL_crvq1=xP;{|BCGCz&-tM&PKa_>?zm5cXgZICCgS~wIzvuh= z5BI;fQf^=VcZ7M7;3&X6(3y412#`iUQ!@>BTpHY1H7dp;t@r#cjNxz`@O(DsKR0YA z^FO`TK1 z!D+y;bf)(enYguP_)bYg<4!?PFW<+~sIHlvlpSUEu%?OGMN~ST**_&>XSS}ie!6+t z7G~cv+g8}F(k^Y<$b1f(I>&&lxb!-kP@7Jtvjj4Df&ePTPk(~2$*%1|8hxQ-8N0EG zr6?dS{A`69YLX3WTt`rxXz6)s()yX80K7ymag<1XJ7g?I?1FHlIx`8wm4RNnK2A-V zdOJ@+BcC9eJc00+b9j>z8iR<@?K#2cZkF+FqyLL-L=xX?*{t=@5uHjgPtQwE>5|h# zrE1O*UFTsdZ>gHfpOQ@Fo=i!C1Ds$DI=wU1ntd6B*FjDZoMp5XQ~!L0+l>W5%RA@_ zY~26C)3B6Yssmg{NIPc8>k|3piFGG^2(nH}wJg=Svoh{OsV)oUe}xv;5&sv;|Ihn_ zy!^j6*n5!wZ=>A0|L3bOv19_0@NHT1-38&C z21HUvK8t+xY#07Xr>C>gh<-usZdK~CBTl45sqS=PnsUzO<_~L;WjIf#uDI!<1!$oz zV_gDY!S0_$JG&6|ZzF+SAx`2D`vkTB(njsi?bR2BE#OA8Fr1^`W;m4l8b~<>7VAmT z26~73i5x@DT-bmQf=!8gE0bCcmDwt!Q>rf^k_i=POM~j=+f!K=ZbD+>cf8i|$h-wn zo!F2T4(w@q!2xiGpcQiRdbag2mlX?!M1v>hqs0|dr?NsLxVt9A$C35{Zj7(aJS{j> zFIk>z=bHI-=?UhsFw>hFcNt`>7x@<=p}M6akw4!^T&y;wDr`)b=OCt0LF6#{Dl)C7 z-{oit6#n?AHCcl_`O1x*>T2fX9u{ZNniEr7YYoT7f+ssv)1y-=I;WE_`+Du8RNCvh zkJMopvP<_>9iXC!CAUz|9GL=7KvWQ`=`2iWH?8ETm54^jXVW3PK2tJb6Q&IPlyGKu z-D)hC;K47~=hC>6kwH)-{o>Gl4){c*AZp4!%GR0N?g|YrJyTvu)Pn*Lz0OjgxTgHK zQ2tM2^RBD|EPDU{?0F&o%kD$|_uDDoF#o&3EVvmZBIyCAMr`;i@e?$}+A4_Am|l_r#n3`}ihA1GdADswNo9?A)<*3?zdvoG_LNK+pUb~@zI#L4s9hMcjoSPDH?-X` z9jaC2yW7uo_t%}u?gssxJ=3B5pZ1jcyy?7mas%z`KfBJncc1TPy4(G3ulc;i6o+BM zdGF`oy+5c1P=k3t&w=6jv+C_D!kYwiHeGSzy0^8>e6YV;y@Q3RhuFE-S%l(VKZ7a# zz3ZX4x1Yh3{_`bJ{L3;E-^osVum9KU;dr*YXM?>ZaC~Q}neSzX`mT-)G?@9bYd8!WRs|8CjRk}Z`FGKtGls&=ewHKKZkFf@lPh4mdAfm@$A&(EL#V)wN@&1QKe5wsxr6#taI?rb=5_$ zGC%Ze?4ftDiovUVq~&bPb+6+BZr)kL@A}>nJhYXdtL;;8A&Ve!tRueK@VqK)rqZ)n zL^PdI9);A%yi9oqo7hNOzs^LWFP|;&J6eAB&o40#QU`n$h7V@&7aEP&LD>T!9gxP5 zkAxG_n_?QJA7B$7nboUt0j7oRaAP>7a6AS_b?qV$&Lt_oBxr&!{$#g7_b(b1u{PC*6LOQpiI{<^7aR9=qk2b(zIgyK=N3hGE;chSMWRUP|F;fLVUIsVGl%&dIzH(K&ZAFt0*$R668y0-+z;4}|452#XZK zO2fgub?zHwB||Tu>Eh!Jduef0c5v_lc`%xLY)ei}Hq&|G++@}vQU^MFX%eGy($rNa{Hk!@qjQx>_ma7zKxOlt3(@f_b6sV?K`n3J|*fF0#wQ- zQprKAi4$$1rZv;ZuS07d<`jzO^Rm`NM(WC>yI z{NYh8P(Mo#u}fcFsZ4@&f^`FlTe)=;O#m%Wb;Z&}?|SGx(4BDZkfI#8^okGRcxp0L zgs9#=O;bfoe08m=m+(Y=c#BQ@E26E+PW3+WXgY4?YQtz7ZBeG4x?W?tN1j( zAunZuK=wOjF#}5?Ab&`i&oAvii(lF(U_>Q&(nQh9SL*vOQQH8)%q<`NR!^;B=POoT zQQHaWQXXEn!C)&5WjoIX+RMew(uoYRks-~oe&L?wsvtv;&8ylIhe+f@qnG2o(H6{h zn5gKmEp0Q6wlkxWqvC8_VJZ;cc%|U(#Z`5STk)|ZGPsJkUOo{=5nWe=_v*QnQk86Q zC{GL9xy?UKxLwIs$Sw&-Tar^9hVcZWL8qhsd^?*GPJJ}!psiUP7i(SVFzKJ$Rc8k3 z3!l;gC#Y&b#^lR;<%fG1hOcP?=EwFgzx?dL0^*roNx57k9PKyl+>IOBwvb3`IOppM ziOFm<3Q3Nj)vZ&)z?P&1QCvy1#zvi@mVA-*j9OxE~$VQ_yW;HXQ5E?oDmbW0@}c4p*ZKVmI^)2 zNBxLNQ_bmIQQQr+D!7ZP=;d2m6PDDX7fQEg_pR~p!bov#=f|5BwsMc~+|jlw#4I;k zuAXwGjFp!tyzDj?`^i?wP&Z9M%FeTtRW59o1)7lkv^WaNrMBo`6mxPx*-R95C+sTW zqRC-bH5VQBZ+3c@#O_7NZC0DZc8ZtDHV&i?+O`2OP||KqKcZ$ST}fN*>1 zq3)FI4U+Y{iV2_KSSTe;_$;>33iTgCJpqZ5x;K|4aY0ZvFh~j4C}`J6i=Q{ueH)h4 zMvrkE*9XQc4p>wv3+^QsM#CaJ!hCLi*h)Vz75Aj%?PUA+-`i*_VgEnDBHgf)vCw;J zJ2C`6i9@vI<3zUBzF?2N_awv#y&$Jhzx(y8RoB|7`KjGOTRPB-f@7vtTaVVshGr_a zfXPYd0o-H{MPpaqa&}=%-_@=#y{D}=FiWiLlq$uf%~4v!W|Nap?wN@L7d-&hK9Nf{VG@_srZZb?_ewT zWDOMq`m5yASH_#F3t8dvtnm984Fg1?3v_|Ga{5vJ##n{nSh$fnpr~CmJ2Rbktu=q~ z*5tZ!?9T87eB$Gf0&5ZSACMwis=s={P7AnJJi>zfP-qIgv71jolpn)Y&MSLM^Y>KM z*h1=p(?gvS{TTjC?>Z}csc_XzQb`;x!!%b{JGgM?YTZq&_pJJBsUueCIJGXz)oAA% zX9vA@_8y}AiUoLD@^1L6{O~yEj*t^G(vb=-+)h8;5=W6(Md9G&f)W*&Ly}Ie@3h!R zJrGoOb3`L#M6Smb9w8a$Y3phgH0Un}=MO|IH3CdNwR^?o|&&hm{#Y1r5UKSHGu7HD1SV7f%KocRu;?Ls`*V`&CRP^u+6G%4m#vs4|o-xLS+c!yaOo1 zkfRCl&&6ztu%ij-?P(h=3Bom?r^*55X?l;fb;P0(9lycxws{vZVjMD<(g?*Y6Gwj= zkuMTXCfJLKT8g#=A?VTIyWQu{I*TO=Ur+dho~?zensK}5!cB-*lAu+)_ z`_JT-ZHD&pP_A1R>VKD*%QJc%6>x$6_iX=p!Tvkge|Z0WE9KVpzn>L8Av|QW1kEJf zN1TNrkZwG#BhnTXb^Q-`T$3;HJ!457O)l-ty)%PY)u|=aJUnb8Cxv@Q=eW!#P`pyk zfoAe|!A)9|!1tx_T6lg!l;w(3aG}oK*2&zaGe6 zWSy^HJKIRhn30Orts;ekp9g2rIGiI+LHxu{NF=GoQO+Xua2lRx z+Si!@^M$9O0BMo0Q3Fw75OA!bu!jD}|P}S@e@Y{}}i;iai z5EHG}X%Mti@MNC`7nhjY5(=N%IUuKw!Y&kFq|Q_oPlL1BNQ*$hoT&Jc5)lg!5@>76 zpeByclF)g4uC*!9%az8ToyyMyflD@!M9yYo^^Pe`gBX$v$TtxsG(?zldI2PcWvPsw ztB1^aN7x&Beu}2Kd70fmcwzUfTTB^l6-3v=L$`FjD&YsOVhc*~#55{J6b+hVlQU9P zonV3VtjK-;XStsZUID0&oU)j1z6s|A{#8Rj2e_DVJ~x>&h!l#Y>Wu{0q8g6RCMNN zSMO3~Bb|BZCy*x71}8e&rN&KH0v$2#2$>%GA@g@8Hm|U|-Ht6mYzpF<{aC?_eh%|95Bq*~9(st(05W|MgQrA_YfqvKm2aj?khi^P zVyV1T{8s(|I#qxc(*UD`=H4)yeoNk1m*<6Z_O2!a!|V$UDdux0j*0SV0mTw1tG;7r zJQwq=mbfiEDke~F4Y~RTWMkp9yIB`fJ4FX$^05NaKGoUE$60e<0hih;id{DDXk8nx zPj0%D<@VlCxAIMIz8P7CyLJ~`-+<~JF$=4Kea6WEUX+)|f+%xwxh~wzV`R18OTpY_ z1xA9fvVu+vf9Fr1yNCsQosByr~kc?$n^62wQGL{N$-sAXBJwi`9aKz>uG&vjGNK1O3ph9hY&sb8SI&$YzJ2PrYKa%|# zH*=?tnf`fU`^D;Oef#(75Dp02BBweSu%N*;)>Ic#fu6v z6#V?E8qJomm$x^pqS!|4hK+oAF=jL+r zHn|)}yHhqfL6Qb0xs)s|GREne4Uk^d?+TK1ZCb%KTHy3V9&B$-g^l&u-az;ou0?HZ zFz;1t0=nDHw!P^^EV1va+TJR9xvuR^cYDWeZ;dT9RTA_~T4>g+=Txp?k(tIhP%D^e zZqy`Nr;=>$)?D8%YPRg=?V{h>z_Xw%Xa9rbDoY0fS>*rqY_H(|)$i{<*#B;$d_()+ z{Ph34UcccllmF-2oBd#sH|qHXBixXgFAvP+jC{~~Ehav z+pDPI!-@U_7`48&uUCe0-YKinH}>>W2>9UV^=)iT3whr9EKTcT{EO$jiiQQ9ZnljH zme6>&SG6yd_HkY75_EdUZA*=f7}cWNO`0%n=6GG(a-q)EhWm4si_sgmo6SvxmKxra zAJ?j7Df>^%L^9@NStHN_|F6OGg8gT=|M33rcFMQ2|C}gfx(OqYgQs`K5|qxV+8mVD zxt>kP8S7>YL*)Qo$~xq9am_F=B|Vjzh^%&L>$~dL;$9`SH@}M1(6L|)M^~!xE-D|b z)Ue`Znaww}rWC7{Lbh7XFIKPCYfH|?nnKJJXOT6pXb3qQxfB+YpQ?8H=HeFYS#fuRvAA?S>!WTipqHd{`Cb=vwPt$fjux*@@=A5v4MvyBH7!7y3Y3U* z$K1t-x_ZmnkC(FlauU!L5`its|FzeDmb3p3p6@;6|GJg39{cY~2H^J+n{MX$uR_#2 zWBY~aRGWR_^YtvgYJ{6H_7;HI%q**#HM7W8I^1PCIVW@B#ZWib5u_f&oc@OdI??6A z&YULRg-MPH86m1|*ol-d`P|Lt0Xa}}>u8rbQFIozDmEa$l`hSg2CK~Nm2!0xKd`*9 zxZDe@=p-0W;Tj*80+lr(E(VfYwJ~@yv;0Yr!&x#}em`weqeazcf}AWh%{yVuPwUN6 z2wlgMFazys3#whaoWB`b%Y9jso#TI&!?qgVIk#rDZ97YXD+gZMPtF~E^9|RF%utHJ z*753crm&pxsl1PCYG$g_J85!K98V>WH;R~AePc+2MMg8u8`QDZCWTb9{pxL2ZQMPp z2ffNpZf{{!3P3r3=<$g#5EV+EGXxy#lwMk9K!1OM278^xJ5efjTm%10`*Vz4F6S{s zJ*P@TCN5TYx-6ytyG&^bE5HK% zfA9HjUjN@6>_5E!yOr|o{J*q1EbD-xKO{w6U&-!J9}e~ri$?vvBraQdk*{qMfWuGi zDqY_?GiVX1+wW^Jxni`zdPf`B(VB>SRg#{{BV7ucvLzH#N9VQy#SXJKt1LHie3%d= zis)RKX4WP>qe&L2S1`xZF!S0mRrV_EDXCadX-_F1SD-P8ApLL9YyQj())BVdtL@hvs$L4sUcaeFa`}| z<4Pq`n}si)@}#giggvq_9`5TGaB zt`v);y7l6*tgfkmoCS^oPikQ)YNWgG{AK`HfW&q6nsWKyn~-oy#}VUX4Kn5e`MGutk5EL$%D;I_85Oi2Df%BB550@RIbspC zlv6@6;V7gL@mk)?)6b`pJ+&U8BfwGg@#qunjvqq^$vQ7sq*JI9Ru_P%9%}~h3)JH>-ToMx5iKup7tM%v+`tbU1 zFW&I(~!W)|4bziobH^YThL}kNhCK(JTy=Gb3C{n^x1gl5J4?pCk+!`kC=CXsb!Q zX6#(THeqNc2x2piaBLlggcQSL&Vm`-GW;*}fzQz=W$r;AaP*%UI!tS$Bb?xnjnj?R z!0~)G?U5)UJmyr8&Nc`#=?{nm6gprdyPqZfs?9x)5<8(*3s{R1d}7WnXg~zQ22+ed z5=}@L6E4u@g!&WY<4B5JaNPh8D=tXLVib`}jYViC1$l+T1+48D)`q4y!ehd{Rx68y znE`-Lefn`WBsh*m+S|GQ#S6$qPa%3h;*ia!QW%xOvFaZFWFrLU=}7fYBjkrOkr1vC z{)7`y_XSOeXtlaXj>jXC5P=5X&hB4YUDd&^_np`Oi)thFP$K()KTl)gQyd~1#j^wn ze?q1hzC1$5Q#>Z`8B0=}HAg|BS2B;u0TQ5gwGax3@HqwD>j1rkbAn8DN2#Q;Q>kZ# z%$K@X3nB6aPvejrAbYx6E$0+280x*P3D8sh%hTZYtP!#ojcN3y)k^SqQMam}1drWr z2HxPAH|PdrNO9C1^t=4oZmSi~!tjKJ)L%GP0QP8(u zori?k6EL$UPqx*qmDCet_2bc7mYi@RNR&KL^HKNxBApQC9M4+_(S#@~MEy*S5*^Nw zFq4i{ClV{|^z}GsD}CvMg*||xiFOMYr zD|Y`8a<(72JJEWC)YA2gfbPn3bt0+0NJ!+9^knIa;DvB9x2LMU6nafxo(lvC$5u-u zjN>sm3b7E2aPuD%CX~S?odNs?1NmTrKC*B&CFoRjgrKKwbUZS+*Y38rkvq&=U{&q5 zrnvzXa-ISOb6}T>T1%!!qj6@&?QXl(!oE+0c*6p+Xu5|`6HQr=IviKdJ2TLGf`gwq zO~^ag073t=aIjPQAF{*<-~EHOT2i4|)bEM5@(t6C3^F|#PFjo326fb?Kgw)}g6kvX z05%7JM+hJQlYRthm@}-!*;g4qq7-dGGFh-n*9vF+k+gv?v)Jie_kK?1Z*VMSzk_^V z`gbb^sy<`lOUiRj=0N#@5y&r*GqU_hqpC@$`LiKtYIVR?qL`iPBjir@5kl6MC@UG) znjgvBf>Oc~7Az+=la%UbsX$+9KTjk`Bq*rFa26r(byN^;z-qWyx-@Dyzx%jG~vbyYw zP>6>l)Eo-Oar35X3*W`~w;8cAaJn16|Bmd#3S;iQLc?c!B=YT(&97funMDV2n6B9K zJZ)wq(Zzv%ylm8plf%=~pWnTIX+I!kTl|5u>4Ebj(trksvr+a-4Ydy-`I2OGvTIxr_xrbdMcf~(a7o-W=ItWKz-wO@!`>W^Bt;rA?n}U2Ss22vb`NJ_tGI@fnTU?|UR)Qfg|I|s`b?KWWilU&t?miYVt zkIg~Ah(G4*8cn2MfQpC3(YwJljLvpwlV?!C)m23|tTl)&qjU4S-;f2Z1IU=%;whaUdlX zAR!+Z8hCxL-)en&7ooT8f=q{mqrvVr+Uf7~x0MQgv13fx=n@MADu`5%Ml_;gLV{Gq zAJb$q8~%UnTwib7HV}W;r#Lvk))bL6*n3)s3~rjC#tM6g9Rx)m8cI4z+$2#WDZBpm z!yQRmPKGQGd)R~dP#6+L-v2xPjtzq!WV{|Ny)ahT!NjVJZH=)H3gg7lCM z`nK;=Is6huG5oG^%V@fPXq-Hx88bW>gvZm06+8$YdUlVRM+e;6ZrBGHNK2@2Aq>@K=jfx6?0g>lx$iu3S&uH4tk`uB@@mG4`XU9xj?9KdNsG$uvr`AMt80g*c zHx%1%S+Jb$-*VdoYGELw;$7(i$)H8k*CInJbM`2%aBJ173Ogjt@5J8K!IS}NJYa<* zY|Pu(4H;{J+M}47>sja&|G>q@vpkdDKGF~6>MkTTJ8;&Lj#TM{$%v@=dd^JnT$bf zJ6NTqXiTcnsAh{XkvHXkXK}BLjgO=_O{dr66<@>6KYoxks!H7)jENK8Gu}>PtNhPd zdd+FgU%re+H#EP?Rlk2nY3xUMuazir)w&Bt7Ih1g@ND8V#EK2i_*y6FJXM;4JeVOf zvXDYc{)0n)y8?!;@K@sJy~t|}gj_-R-%Hcv2Y5phCjQmr@?AvM*NQzGGR1GUA`TGv zEytb%NUqwxk?s&4l8;{^i9Y)URAvRo3}QB9OFs*QjUpE6PieZ_?GnKxCQ4Un<#Hje@Ts0%gm^K@zPIPc{!=nS*s@4vpxlK~xBp+M@2biI2LK t#${X46;UHwX?;w6#!m9TZC9Vid7Q_2oX3AO{tf^D|Nq7iH6#GY1ppko8;k$| literal 0 HcmV?d00001 diff --git a/charts/wordpress copie original - no valuesjson/wordpress/charts/memcached-6.14.0.tgz b/charts/wordpress copie original - no valuesjson/wordpress/charts/memcached-6.14.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..af49218f961439a6cb8b1dc7001ee18d9bcc8ed9 GIT binary patch literal 40339 zcmaHyLwF`kl!as4w)w^Ej&0kvZQD-AwrzK;j-7ODJNc&n+0ABZQ}xuYsuuUWbb%=Pz_gS)%I^>yzj)MX8R(tL^w=sFjlhkf-% zC-uFca77@P%8ARzC70~m3Fg97KZ zv>ae8adjy8hP(tOLWa>1VuK6UdryWA{lvvA;U)dus}_7liGGhf#j+$Txb8|OEo^Js z#Fw3Mm+!TTJ11fQNI4oA(x`dPNV84P9C(bW z#zI@9(^mr;G(q(dQ@Gb0_*DBBkW8{*oOlqbK*0&_O~V}cz^KF@@q?kPi7piV4+w>t zE3<4Ub7~p`hGS475bD*+lu5pElVJ0+tIL;7gaDRmy#3|3rg-w0gTPScv z*{}8`pP6pWV0a{gkvjtyFqyq9BL7qlOP#v}I5?a<>`Z+LiI?@#v-cM=sEepK`57pI zJ}E~=1!j^Q$DWm^;L}(+$`%PB2j);xN~nBis>;iF%xR`-G$S+EvV?G}#cfWFb1#T{{1AwgFUr>E`HwsiKt9C}7(5%?pOcVYJL~lX{U(kl>(mL!N8=5L z9VZE)MT>NLTki3#UV&pYSCh`6f^lv^gu#S~#KjPt20(LhOM&!?$L?$PNwiLGf~3$) zq@nEBnQW32nFg2hh_Ilj!V)xns}>jG=yCdHvV}*2+~OTT#HSRAf;W+W9Z%N;ZoZ#b zab% zBbl18Hab7#;cUyDIZlL=&(Y=XG3@SZcVe)AAexxEfp1p+yTDV>+XF~$JXz@Xdb(rs zFKy}Svn};c{OpUl8>47dQ232nSpPQ*WKUHleEt$EC`h8e5HUP~EYq>}#qW3RzOgt$ zU`~mYijuGyo91Ng$C9*=@cVw_DEn;usAV1R5gQrg#ac_2*Bl%)lgJpaE*M7$F>j=l zV18J8f_=E-AZ@$mv((@rYrvWe6S;Fwy11Q%R9k*eV%jQam_^EwOG2%DoR#D4@MzqtK)chYXZyE7YbJ z!Hgwpd#T}D3wOt<-8O)LcZ@6K-X+ec8mVQol7FX5o9YD<;;GLYP*BvLj<2LjBghg& zo;Dla)@Bp$Nq*a5XfiFVK0w)$O{6K8snVMVHIT)E3)TuCHC46W?BP%n5R9-$KIR8c z^6bgVPAraFI>Wh@AHaM*`yd_*S!F2&63WPFoFc(&j-V>x>&5P;Dl$1jDC5!lZ5fD^ zcr(mXC~%{p8EWl^j*T$X`rOsi zNl&zG&XffV8ecO?mU5IgQGHc#u&-_vhsHUhf+5IBUyLvi>wGa4oh2^U!is>F`<^z` zf^pM?CK^m{2!L5g2oUBQ2q+$!Q^d9kGkb@$~qNo>3yI{QWOt8=^vKW5yfiPRt&RN&1D_-wygV5kf1_>P`zqL zV!U{?H=W53C2gS(4M58|Ae#84y%1sFU`@|;8nQ9T=GZXyC$`ppeoRRwg~M3p zD8K_e!5-mzr@(&}d!bE9*`}k}S*wjf(gU#4L!&1O?T3`z|5>bSWi=dUQPO9}0`slg_# z%uq8qD~{6+o`0-6?j%Jzff*Y~+6s!-r$(MX2!q(=rYPuN>Rs+u?=Sw>e_^%oGU{4a zz~mJVPPJh}aabaxa$U1YjXkWUjH05i>JE)T!rAhK9hxhe7@Yyq6pmY1`)49NomnLo z2`wmWE>>{?&c-!6<%bB?Ohc-MOL)%NNgq)lI60h7VFtXUai(H0h}p)LJ%(Z_$~f); zm?Qmo8L~4=N>xW&qK2xKL#Qz4LGpw4B%|uAFSaNY&%gRs7t}xu2gTYyY&dT*O{pX= zM>}J^H{R1WRl3+XnNAj-dIUj5U|R)iF$N+ygDRcU!w_Yg)B&MksSn3DI946poa6w9 zyKQYS+JG&_>B1xi@5m;SoGQIA*;!yNwff$h=HeTrA;rchS8=1ack%Xp5SC;;O+nn0 zgYY{2eObQOuk!jPn#tP|I2Kd< zFm)pv4ij%rutQdAY}YBMJw?VQYCv;n26K$Pw4M>^OR>?d_U7?dE?(Vj zJ*L5K`r?fj?HA|iDnez*kVrN<=+4O*4oj3pfm!<@%%!)=Si=>qSuk?6)#>bBa5LLv zXdbpbWhYd6#HOK#hl56|qveZ`2vK%gdNGLWH>2b&2U+BU-2h5#*CF@HLV@2MdN zS_??*xgiJA4Sn}8yt0hze6J!+tAVx?c)X?kDr7pWuM6aL)YMQU^s1rnh}TsIUwznh zJ#N-;N1uBaHZ%aR7EEG1ZG zA5DH6$v($B9y9hGH~-V)W>Yk!3kURpN}^h}@+LHm5&)7v%bZ4|U_vxPn}LGD?Vt)q z$+jUFqudJZLSX9{b|G`eyFb2uuYlxtll>E;W%%7Q7Sb z>0LY;y-gv+})Eps)tn%*~>KwKcRGx+U#uQ*DnG@4+F&&obORz7yFZ zQ8uZuUZyW|55mep1E6-Ymqe$;)eLQT&yyfp^mZYgOrO*&UbVE9DY?YbPglxsz78R7 z2|CR`g+_sCo=Fqyg(+9-OK0j;{*xYr=&7&PCGZJ6aZ3dnGx-J#gAmltHRGeIEY9t^ z;%U+sAV_g@t(tl{Y&`Z8%$~6-Toy5gdzAyW#nFzOKYqt3IpEvy60!fZ`Pwd-dUE0{ z-#TzELA7v*E(lf=?rcb8#DEE$CS#T&cR$^?1E;}k*gkPr#aZ0Sj2`i>U8f8FF?Qc3 zr+_vZdzfj;eF%T>6grnZTS3N^h6!k&O zeQ;?`FXj9FNlrcRK~l%O@E14v%Tm&t6g!vbfSYbSrCb%R+EvHWg^QQNp*{A;s$vr- z8?OQ2$LG;g#fuXd$xjO98>`r=kUoFYBjAsk!x%W}9U-T$?i~l= z(<-;eS#ZQNZT5gKf&;ShAj}C4+9@zWf#K5 zWHWRkGwv{*71zKZSnjInfTho>gWG{vp~GETV; zh*ftw7pWjOm4e0Z@9l*8=xu3(Me^rErHk6mOQ=7vcAYQs%{FTodeD}5q!lS>T%e+N z)2Q^!i*kM1zTm8bsUov-&xhW8YKtku1PaB=Y~@LhTlDvdh1jy^&p!E6nl?x&bpfzq z#+CgbU$7m!=bGSkGJ}yyvx7OuHMcPlw3I3~b=SWq(X){Ul-7QEReob*RTXaC9s%Fm zB>du%R9zW&hOwVKqzO3}h3k{>+|Eu#*QLx>Yp+H_`Bb0F|Y zG%-o{viZk}LS!fhd*2t?wG{qLg4 zS$s)d!Nmt_;#vc`!MY6$T)yLv<07kWxXK(NX7@3JBt-OMH<0RL`gOI)p}NeD<$+ zs7H6)BBeUf=V~lSSPWn)uxi`8n$icg%m~BSNOgX^wA6k&*mT=7%{XwbOgI>pysOD7 z6FTvH{Cj1w$v)Yn<7!|jXA)0spsBPbRqFDI+CB8$3+1}i9T#%~zJeQMwG%5pcm!xX3!B|6uReN?3utbJpqpq1ImNo6I@+BtC2X?dIe3?2?2$|Cp*XXH zNlQVa8iOeu3YUs;+988t-^|+RJ410i4ZV+lMJ&>XvW~oKSk6M4N#?6rW=tO74Cjzn z!P6MteB505=y!l|1yylTXwHsyW#0!r_1Hsgy+2Z$L2H?X%8ov(EVLq}+c*A+ti+Np z%#0gQY#WaF_ONMY4X>3KQHjuER0`RsHn~BD_{|cXifu{IO~HAy9m8YJh$sgwLl0kj z@J@Tg{`Zc_K$D2I(0sCfCqm`-{w_g6=3Le@Cwu>-`JoSXAMc%u9)^UW$IVgShAl(U zPmYp~0L|wPVf43Fa-l61S>n@TYB@+fk%Fca=*|NEVCU`HOx~HzDsUydE&Cie!<2v3 zJd+g3Hv$;9Q5qOm8_uaBJKN$ye=}czp|HpgS>l+^k=NJ*%m3Mf;Q8vsa|_l)i}tU0 z@`0?HEuVRZYlcPwE*D@lK4O`nwe#b2;9F=>Tv?oH>Ivrww5@iVi#*70t;=8ij1?|C ze7|{1Sv+HSrk2A&{HOoYp1ZoPQ>2YT0&ddvu@a!Q;kb5IKqfsnOH>?R>Qxn3cxZ&F za&YqKLTEbl*<1HDp7u`?Mra+@sHou$ADcXDf>UW9dkbl9S;naPVJ}L}wx^kKa%3GL z;(uDCo=n3_8pQ(p^yYe&$SR8&)=Us6!@bM6T{PZa*5ACuogSV5uUP=hI&G4FWfDfQ9kJg_XZXwZj~-O4`QZe&dOy)D4ZFo zEeqG!r&hAt37iKcwXeS_1q|vCj9v=Nu1Kakh;|9|gr^%ySM4Mo8^ZSubtLXk>eiMO zLV&O=Hr6jjeF$AM4|hC8u7(m$)N?^oT;742XXCyjclJyq1SGLmB_1$mxQu#y7%Gh> zVk0oArTJ4nI1@t|47qwUM}u*mtqh!4MBkY91U2fzxip()Tnd#DZ1-XPeS?EON>!rD zx>6cLzeu#~-(Rr{HU#7=`G(>4hRFy9Yd9o+;O4?vt9N~a&E6u-l@ak1ejXMDz)jri zs|c9WWqNyCb;+oo@FOs?)7g667q(}XQ=mpzFVmf8Q}c)Rp{jiHyKRLuOYIcO?H+Mv zN<5HfR%@#!>%X752h%1?upC_I^wt$G zYxj81xM0mHm5tKG6!j`oD4FBBoGKMGa;9S2DCy1nS6xst7oK7PQ@Nv1=B;nd4veku z>_YwQCVRvRo%vPDy?uBxQK|O3-H^Gj_{-I`V-dxbkVoZCrt2@p;S9LSc*UY`Tozi! z+;2B*qL-Aelt5c>>EzC)p7hiN8WTFf@*TmasBGTXtU(*oP3U><%?n1ggqPiUercK> zu(cZDD7Y_*BU5RpF2D7{tELh#1|u_R1qx2ULMSa!?k_b&+m+iGRO~U{itJrH41xEy0Ky|1W}4()Fi6o)7i)Prr88qXBQzP z)T`ypU!RuqTex>OM?S=BrHn?7;+OBwl9Cj+qAzMsjZlw8d30X16kW^MwL+{Pbmoz1 zcWj;+$MRMLws)yrLZ#{UYTMyeFXNG*h_%=jaOx)C1%mnSFAcTN@Nww*%)zGvF(KVP z1{pUq*E?K@=MQXiLV$|4Uk)pmsB05`%)?#nI)!aGQzCX>^(`f2>bjXIbkBg+#mLeG zFc*HMg|k$%=#etQz|M8+La0z48nRtp4Ja&8-R3SY8bNW$8}&K4){0uMZf^;r}Rq}|0qOo%F@#OO;vAL$fZBlh^5Lb z@Z5watWvoD-t>FQC<@=7jr$g_SR5PU?8w@;G%sGgBa7`_Y(Dyqm}m)1M-KsAb7c~< z2c5JPp-@P+6SS;labwqnITZX2ts?%T8)A(Dg z{m*WE+mXa=fU50`3utk*unfF}CSq)CdbNUO?Bf7|B@dt40@r0I&D7efn+42RfQ4oO zGKDp+`zP@s;!74M6cdhPl)yJKUeHaz&`e}IH=j&Vo^rM+21HP!Tf1>>nDMLv%wA1v{&dX<5SL8!|mJy;jtI0Bf8?Pw9%uuq-EJHbO-9 z<2~4!X3EouK$>Dotr6Z}bP(R)WFcM#H@_x}X7LU}O>@MX9_$7TR)ie{=czlu)x_*p zM}(EZq#h8 zBhost3=?+C@DFE1wOy?RE66dLLardvOStMJ=o6wO#k)XAVL(wrC=Vvtv{rE@c- zVbw0Q!ALHN+gZ+-yo9IT#y65|t(SF;p=M1xevy`p&DpM8QhB7K`SW<`-mV7A&$`lG zJyxVu*I)%d$-1)bhLm$z`KlhH)OzBqHQZAz_i>~u#F%SlA+!>1tj;=8A2Z%ynP9N0 zqK!LLjV4mF(J}Fv30NUls-6<40^rt{`37*Fi{u8dJiG6(Gy95V>!jxSal-Se*KdLW6J& zJ#~+e@J7rT zf(-{YB50wss7#?aWZPafA_ElnK^zwUmtE zGNDfp&veb$8-Grrute6u5^z+7J9T5Yz#tzHBja}c!NL9JJQ@b1KR#|a2`lb2Ug|S2 z?X5<8Z}xoawzgIZ2oE+i(%`pBvpU&dRuKE_7}K#G<|x;T?yqZlS8A{laD$!5Rxx}a z>#9lnHsdre>^3wSc}@|}{?;J>%_N=OwpV9Uz1g?T}2*``CkYtU{m2MwqNtZi}ag}LLm;JoI6RvZ$DO70#c@%$hA#XDxPh9)4 zAsx;hq5HhZyn$WVu$^afl&j4;H=Rj1+pH|$%Gi4>Jbcb~&u_gK@ufhcGm%6o?l0OE zFp;?(vDf59aRXqOb3B$?N3&|l=BRRLLK`lTX>wjQzOsfy-x%$fo)FM9ihN)%&^<=U2b+-@1# zia@d7Rq9t*xqVaib(vY?a_Yyd9zzA`HUIXHHwc`#c(M65qqFmOKT-3C-bQ$Q{DJ!i zr@kaVV>ntH|F1zH;AHv2!TrUccYV|A!Q2CQ#KqVBQUBuJ2g+w--TyRE8vHyno4Z-% zejUXhAwZm?7x-TzhnxhmU!;=?d8xE{H{j;1K0khTHbJ1r1Kw9yR=THYdhpDuVnisN zC(OJ5YX#b~NOeX|Sd7%Di|23qK$+6M=iPQpPwU-m6j5^{CFslQ$K${*^6UI8g3A5Gpv9p!$WjDh5c5Oh;|cth3B@d#ulcohGPLv$xgI zt=q+C2X2oZsNPoO4pUiCz?c`oHBseQ{7oanQHASgOYf;N64AC$}T5upzA~ zo0L|9h5{iSU-4}fv2RGk=R0~rmHyt^hnmIsoXWQs}*8jtL6wb>9Lj&${!`8j$E z;U1UjkI)SxVTHugsUYOn)Q@cItv{tpwVMd zGF_N~=2_k_bSzaL(T;Xo0i9jBpd()?`}U^<*_=0#3Erf}vU4@u6dATyAbvgo^dSfd zD+%8IhqWCO=p(LJrywR&>NJGZG-AHqkqJhW=$&hT@H(O?%jt^@Vn@^4*3ZtA5x0AZ%;z5e8}tvKYnLhp74#;~dCevi~S8O{<^l%1`_RULa6rZP|&X*A&OOzXf=lJpI~^ z{sf*cUtepy0ZH?A{qg-*`AXJvD&ubdOdy(C;uEA;&hrWQeFS{mIEKPVe3?)V$Te(j zA;}{n1^hg}LHuXOKzu^u`b5(G>sq2)NzE;!tPdnj8;LWwgqSq$WutH|3(JXJK%}&!Zr>ieNr!LS@$O@G+ab{Bgw(&< z{x)+{^qDuR6Svsz2|jDNQ`@9lYqwKQfUUh|bJKYDnTMPI9X_&YSvJi-k>R;ROm*6+ z2Mt{I*PeGl7@7Zc>5Fs^y(Meqxn$a&UQ@w>`{jfe_Ie{I4U0R{@@^>fphKnrCod?A zXf^t+VzgsZK+!m@naW&+jmI%r8qpbNc-2&}9D-VOu-Mu8eY><={(^eYJiE$pXt5O) zhhrwifG}hxOjTV@a;0?Z08b8C?mbg7BsB_k$ck76nV$~c_r$<~;bX|`AlfHbv#haJ z-=;3jzRzTn@nowIC*4`0>F+1u@XpLy{ME!c4;TEEJ+;2AiiC8ASLSHgwO8V%eT*x< zNf)IRb*M0^cY(t{gWU-dCwu>a& zkHV!eTowK!VH1=DH$NY%A;p7TOzhrXGsttIeGG$(jm;)VlQf&#QD|&$U|d%f*1{?w z5S2i0YOIhg9vkV;2afz=r)@k8#Tn z1xR89#d2TE7`cXaJM0f+_7)%|yc;EY%anw#15&Lak zy=GnNBsGy_&CyxphVoS*64g`v(o$5nj{JR{vO<8or5b00%FObcv0A>$& zj~&&^fclr`9p6^qj}dY$>mOJH&&@&_^B-R?MAHp-NH}3gOkX-}lzi#S)3D>1RCnVP ztSWE4DinqYkOY{h^#LEXFk#!?fQ<)ThF?gHTPSs)tr`LNYnt8ohUk{?@tu9FX-&;!3j~= zE%f=yC z4WGK!Mse12z}1W+oDxv0i+ye2e7pt9S=hQ8s%g##46s{O&2x$tWMYaTWE&rNA{AA; zctPL$B1hY??hWoVq-2!uv}HC$-SHDTKxI@x9%NS;pBv2R_p}XCdS%Tbg|kmM-;q&`*-~T@e8wG zrz{Is`gP`~n4dKkRYhqN$Y!GRK#s9T7t2ztOF)6+e3-c4weFRRq`VZ?ml?~kQy~xV z!7eY6bE-U&@0J4XAdgoLt^2D82szAGACbkZDOdDLCOg(LbH@cx>8h1ePK)_^{5De_ zT?MO$=Yn4Hz9nZD&rM1R`_K5QYHn5`IreMt$9qQdrTkpoUax zU3tb(jih_We6-qJbcMwOMMiF;FCQm%z7pHG;BcbNm?(`8tY%+LV6DzF|H@)7WQ<7t z{sDWmis#~nwVlqc2EdS%a=ClW#fchlZW`T|AoaW}Nc#7h#nFRV5sI#LP(IhFdNiOH z5;$8a_%k#cuXkYSLd`!>YB5y#FH*n8jgi=Qy&K<{qcjaRH*X;eoX5)R*G^n59U^X~ zjN9lTl*^N!=GBh2qaI`@$2@M+8R3b2DJJYK6NdWJYV5%xw;F8B_|y2C789cYkwK3D zH_!Le)j|Ssz`b-Pdy;vS5kymG=Qk4PQm5!BzBx*<(@#WZd@~*;ZL zeYE~YAn()Db!E-oPFaKPoU3JJ;TBc=^6%Ti`bS7gahRr8gr|(_=icY%4e{(w_#SZi zF#Czv&ioBOJHJrs%Vu76(|?Jr!nl$+O|u1|!VWprx}>&IBkq9Lh^F%!0v8!e&xy>_ zkxxGIxi!3r?G=1MI<*k!Q=NIy5^AFCBMx|Fm+i_wgVvnacyLQ}c7m?q6nd_f18 zQkBfZ+cV3?v|52MDAB5QmdyM(d<+na`eA!fFXF&Edri>+Y`bOkNDF+{c7ko&c31CI zZwp1NWyw&+*3mx6!9aFU(FxtiRj*Kw>gIJWP}|eTnRLD~_Ru+9`9SO6+~^su+a+rM z_8+}7+@yyEVJs_UyoP4%*?Yfu;Hi?``GG!#ul*@}@V0$;D7@06;nmrh#y2%{ zRmA?U<3soS-d#fv*^{=#^b`n~vA^g}}S6Hil@Lvit1wt+bxS*H7J7 z_$2^C;SqhB`0#sfc6R5N#`1^2KkVt>0eVHAv~%nLjS{(&Brvege(?xGpCdqeXm!Xh z%a8We@m}}}KLn%?KFRt%Fk}LmUtV4=?g9+_bAiZrH7?()4y`IggAgf|E}gwTw~8E_ z8J#pVZ!5i|np@J&VY3H|dvmG#K*=;Np3=LZLCi*v&_A}dE)1R%KlCiE1YFo-?w4dTM|4xS%zi2apWR+d1$OP==Tk~1ph264$ zfjXcgE>3>W%a0j*+{0tx79)m~zYUOWTZPIF?ScyCiezxqxLcuc+;Hj}iHyL(n1kz3KDhTwew3-Fm|V z?hEB{Oa(ATY+T#>_1c62ToO1LTx;=YKCxiZQ($`hE5Aq1ynbfw%^4Q=FDOZWBrj&A z+B5~_r!y5X2MX83s5{)sw0ZTc1LRaBu11Jn^m?p4wswJQ1lL z4xd6gf47cA)l=~zNbS#95vy5I*Bi@-q)G2wAA8b<_M+n^9hGqD}LHABG~4t@izfpU!Be|~X&7`y-@Jg=>QTnr_-zjbK^ z9X@Wh=hW~OQ{2qYIx3xUg?CgR-^}3-Az(!Tv_H6 z8-Ea`SS77>Aje-Os8eYyC?&|2G3kj7OPo8vzqbcdgdJR9d4eLTrY>hXmhMq|72Z8p z$A|khoArC2@shLBS&F8hzP>)U*et{htJFV5q7|i#f(U_PvZN;dhud8c&_mQ?UF z5YA-HB2KA0{UB-k3o1s=EKH@nGe@Yu7(R?b-31<=14iNY!Qb$}=`XLiBW}QPTJD_n z4kqZ$YWkbz$}dlBLOy5R(WA19^u<-$aXP7XVxD~FL$_h!n>ht(f^+=~>jd4Pre~Zt z1r5tS#P5>huq7h(;ZhuC*xB_uOk})0#MQj+w_%O~7wNy^vFd+2FwYjl$Ndt`ljhXB zarqk#vuZsVtF7T*&C-{s%MV-mNxzt5ej|H*_qTsE`G5C+JbeO%@_hJ#8MdZP&s!Ib z0V@S?)@l!_V-749UR0&)#1Ed)c)<`JQhD!dcE1&ruxs`hI;lnv1)D{KqfMR;;)wki zHG8Ol>iB{A0%)36Lp~Y~6pE!Q)8wq4Or`4eEGu^|8w5ZQ1xuiZ30Zw{9OMV^dgtQ& z`ybEktbXPr-){|n_v6B8w_-|v5KosWZ31(Ljo-d(B7qW(ei!Hq$he;#@!sy-=Sl72 z`eou!Qof0%Y_C5R2Crw+=a9wTGjss{y$Oh0_$Mwzg3guE6wiTWg z#-vc2%lX&t+r7QZv!P7hDl?2{sNThn-WwIAO4r9FOQSrMIg&GxJ;i`;RH{VLNITnB z3||EkSLv)ZKu+v5={#ge3T!->k%R4*q0}y1A3tcdrwmU=^5KHIWKPk^WakG$GVOs* z8MWMQNUjy#=fD^DPeh~L0doJOI(=Jx&yWpNlV!hJe~2rd2Co6#p%&KiVHZ8xHF;rU z5MG>rXLx;fX($isN<+s%*DM?^LFSOUr#N%X`#Vh!g()tR_qU}k0BPx2?8ZswoM@bb zg#p+)4x}mtZZ8LlJ?DRMsl5SbW-sc$f&Z>Q1(=_|J46J|*a2xM{lZ)Rx2mOyhHn*Y zSgHJyKtY9&mgbSBCHbhqOLcOhxmmci21rY(spx)l0sNNt``Z1o1_orF5X}Lx%`(|- z-Hq33_Ny}Yg=Nb^B3VV3(O7Ei38BV$=b&m9cpJu;PhnwqpEc;Mn>e$Y3-3&|cw7mi z^izCzcTNvk<^>}I78-{XL|Xedn7G4iysL(L3G3?*I*1fI@VrNCDp78V0vN4JjJW)^ z4`w#+CdtX1#92`DfX-J$IyCQQT)akPDBbScVOPJHd{yeV4_kX8lTkx(y9Q{BI#bd| ze6}GAp}6UdIf_G@s)#Een&8ESaOe+;4f07jCIC(@>dQY{!;5uc+VPP+hO@(N&8m$i z(}x-d>2(<8tsR=>e}9=TAFogJ2Ru^K0Qnl7uLZt`r&jB&zx(T7Uix-`zKIqy_dqoN zzNxOaHgU%)35WM{%14}@P~D_2)U2)kRF@hLJ3E)!!FyS3Et>dDFE2?KGG1=UKd%sI z++wt3Lj*zD&Fve|yK=mWjc=Dr7~hpbLFQv(Y8V$W5hUq+IarZm+~_*bJZ)+NhwW`uRF8ptDD1M~5Mok^a>eO^ z@Dt3Q#!{yK2iz^6r|c72%kFzjvDFt^gg?VTV84Zf8x*K*Kzxa}qzN5o?3 zrmH{vQY|rztBr_YaAGILSz;C}LSvaqOh{-5JooI=2S?jm=DMdIbG*nus7b}}f480@ zZQA{Z7y6$)U=hK%6u=fT^QzNdsw@uU!Fz#?xY%6`Mmv~)2{WWH4d8p2wg?n21{3CS z+{ERv?1yF{OO)7tVrf|JXrIH)$efjz<}fWTrHJ`5faa}Ehg@&+-8ZieY@g&7z#1=? zu6TL1a}0%D!z9xG&0YwVKRLk_0sJfpg@L*ZWvly5IImW06%mZ-H=T8f|Yf zy-Hyw=G4$#qRQA*%_BM1c+mf-1Ko#%{}BHhCUrqXVWdZxqAZKy0~|37l}8<} zB9u1Hpx%u3QoV+02-nyiG{!VQD36Gr5(&rotxJMdm_1IFF(ZO+722)t|KcZC@odl0 z9=M8YAWx~3YGH4qETPwtpH`Zy2xsR1JFrFF!Te1$0TF;z=9_wnD5WcB$WCCwN+9yn zWk-awmXi0pxZ?h}4NZ%zH<|_f3jsmR;bZbrg_hisXr>2Dgs|v+6;{3~j5>2fUu$0B zXlY^u;WF4CP5?VVrnZM!0@@aVI|w&lsd2woo(3DpQOFa;HNg1F&<*pBAj;+~A_!!_ z;V$ngXviVBO(2-KazCt|TP{NXMlbd{Miz4Wx_j3FF#v4jHrOEfC_{HB3pa2AWXhpz zK;3VohOpZFkk5vUX$;-&xwD3{%jSNV;p@~qb20XL{7Io#)KLDgVJ;fbS9Ie_2$^!T zgxB$R)2IEqCYSB@VLo%G-@Zv1C2Q{-HXzY&N;W~EN4E-Bj$w>9Sjmbe}C@qjmm~DOjaqJP|EQC2cF>dEQ#$hfcV+iUQVADLFL^ww%~xJ7W$V?;RmI? z;DERmj^`>R-H0ZN)qJ{2-a%exE$xn6m&3MNzj*C4FadtpzLl|ujjbwV9rzze3g`T2 zl`*;00Qh*vzhUQUq4UIo{k3Z(bbnqa&jnBid&TpM{*M zS`y8d5eT`5#fyDH=fux2s2(%^=(A>BnFE~24o=lMCI^0B%g?K-{Nxv+0k8LXO*ZLC zE`309pNVKT-pQY7@}6#se7LqfvQ1RYVDVp+Mfk0Wl6hcsM#UI*NA-(lx~cC|AG}BZ zS2fVBkm7p+Hw|;S_IARb(A&iIjY(T$_$w-%oE;dAtZ5n9N|M1f?#+?GF}>nUz)u8z zMYeQpDrl>gQAG}|-C9~_MK-YET2?d)y_CE0kBWXe4En?B(XBm8D{sk0UX}+UV0T@e zIPc}YS|%~2^kSo$+E)&7ygG`U>C~r3tC4!^o8B z3t3fY=xcjb1a){&78QYQM){NjKoEB;msB+V$MPl{Ny*7X_&3JHyG;+^*s$9*5#h_V zGtVcZ-gW< z76iWCEx6XE4aqPK36VIVR6%|HKaSam2Vk6Ku!O@UpA`YnE0eoFU~z|Z@mfAY-$`Mw9FToGmj209q*$LBwTC=AXCcN9xjFoL*-WAtmm z3)p{7c>cLmE9hHXX*3dxe?9ZK30Iv_R@7HKTDvJPWT`D5P?+qhQXE@z1i4!aj1YVV z^SuB&!~y8!X;8|lGErF5$RG%G_EW^2JfJrdjYu!{o}!%f?b$8CNao#+Vf3itmqGC^ zek^b}{2cf^YRj7nY!-Oqz)cSv19VNY0R~|YdT*dUsV@AuaE7aQJiwF8dvCsXci?Yf zS!G?2;&+Mec1TPf|D{lSLE}*g&Yfewt6#wOT;ZtLqfjsQU3q;!WdwPEbMZ(!c?5`y zo>z7)v%ucmuhrI10iTchzOewm#FKuYM*pq`H1-&J?XAe!3vltG7ewG39io$`w&=Y;J?RJukIQ%ee!H!Z{%!EiEr8?#EE2BmOuqvRg+UMQ8Fq)K(dEHawE_!kXj+W7+R2wLxNl8rDXVuE?fC3$cF1Io90^m#}Zwg3Allu@6iUXnYPp`KN^KF#} zLS$qpQ#i+#HabbwzMzV+ZYR``Y|wkw#sug}Buf{SM(TcGCeo1D2<8NWw=!Wm6rBH? z=p{8lMx4@t_%Fy?hLZ9gb$}JAls?}{fGQXT0cAxV=1m9DchSh5qOs zItu{(XF?~xMa~8fR%Fo1J27Eu7>87rG=q(umyLoU(Dj~Y#w2B?x6?gG5*nC?U@6Un zfjefm$d>H-v#woH3E@DuwkI6jmCaeQ|Kl3WV%Lug>;{1CEYTP{I&;~r zNc8?s|bm2S$WEv2P_>nD!%8OOoE?7!p$X9*Q_ zq6?l8&1EXHMM7xdul;KZRDxMn$f=41fDUoe}bIwY;69>Ht69 zAMJu!tkVfQjHmVYftVM5e(7HPbk&1hOHeddVb11QM^mFF_WuLmKp(%R>07mSYd@EA z!}$8F<+%ly8yj{kYJ=s(R%#!w>R=Vaq%Tb9$bzmDH3&n>w8<)5L!GL~W$ zp=9C2DhKP_siuVEQ)@;RK%cg4@~wOC)iZq>XO{2$Ml(eC3{S)W#xN5VN486F3l8La zCDc@W>#VrQjUMglHiCi_ULmbs+ZGd~#ikFoO{ty>h9iOE{`DR>KRg^6Nvw>>u&w{p z5gnwMHF5qS))H&Q+|g7EQMJ^-hbbA^XKVHv5&Y+w^+QtijK z7XnF)WV=MlqJ?D5OU$>nCBsGtY#OVLs;Wq+^<$Xaz&YPih8z=@GN#JLU@Me`x8z{i za+ly%ONqwL+EGfpXF<@DfC`rCv0O^?@ib^ z&H$G#Hmw5|93y}&U}iv! z$X0=kx}Ja8ij4syu{ksl1udtO#H6%smUbGuXSxC87t!XI4RsA?!>~^X8_1@5tZu;p zoAUcX#bSerj;*K=GW%C)tXjs<@sI|M`ljZ6U8Ltfq(0x?mSzBb%Yua!+*|hm;ht65 z+nR;8O4kBcYjM3?gsUxhFSs^Xr!QSxV?0G%)U=yAuDYO|R5x&L0zQu*91I2naB6mI zs_dBR^vg_-Z7G6sB)0WRR7_V1N5E-dGi{)2dDCVAU1dR#={q@Vr|a?LJr&B0l~n0g z!8M@c--7cDMR+m?+IHT*N0q+55jWtf!m-o~mbl^x&>>s2egXK5=1DB~lnyItS6nMw zQ4Lo&=zS}{x&;T|z$i>sHPX@76G{-E4Af%hcf+*=QpZH$>V%OA;A(bt2jyJM5E1qi za(z!1y1KDxs^vVo#wjLJ6=iEg(8qPrI-qd1!DbfYYD<1OT+wIk4q$`o=p{i(cIJzn z_{xM(b|7L%Wmtg;2b*cmg_Udo)U2#5OPBQ!JeS}K&9|1swUF_`eJ%7%=lD%aS%r|f znR6*wX>T!o5~dxU^^)Ax;MHNxDkQ+AaaFOp)`Vy`T;1R^fpy?OE%0jORY`!zHD;73 zThldUSS}M<1&Ni^UGj$tGTs^0WpO<`smWPNzNHgjIT{?=Ktz_p@@3Hti9YxJgSz6} zfnV!EeJ)#ZHGzNDjA#d3mCEq8)IiQ14dm_zrO)b^G@!PucqaL*P9y`J(R0AfE|3ods<@^@1#tri-&l0&&&WR$H(xP911(q(sV*QJf3OYp+? zqVq>1srnbTDGAZ*v9r)ExD+h+ZPs{OWv z_31K!ILR5hm@&j>Gzl*>x8Se37!bDH)1}NUxO}~sE<9Ja{}$2ZTo-#LbP4X$;kXj5 z8&a_!RiZ*X$qlJ#KdR8B%ZAjpA5}>8_@Acrr9zi38&YsTdU6CYPe;0R*^t8f(Gw+% zlwUf~rOSrYv>!c5$~5gq6}oiUkec?Rr%IRLeiVvevp}yd_9HI_&6C`Xf=2~)x^z;H zTK6N5R8Qe)(vLj4bW)GP`_Yplh9xb8jzH%;I{5XdT_i00y zioo(D3DZs&H?CiY%Rq)M-o$y5RB5J*A0oZeNy)8RO=QOdg4`zGQYW&xpeYo{zlsXR zXhNBCErAn(iY4j3I^C%=VY*a8@^vB1EjUN+fqLl&3!{j#*f?BEE{TkrzYZ|C2`gSW zgc7t32qbhH@DwJ=Hb_y7^K=^|kWJAx_-y{&(|>FYbeskGp9C*8~El3v~hD%@Oz$q45qKWZD-P#ro;t9S&;PCXLWEm3? zV-s<%eLpH#gB!}O5(?w{yg$^$FU{GITjbp%6A94qnx!%S7FbBYUb=bwPm{f_IaBN5 z43a4ddMrwQQ89*8v=cB@SAQZ^{(c-6@9((sekx1I~BT1Jl#0W~{ zbQYLQxf9hw*H3OVGv4 zqXqoptu5d3`r2Zz);;b=>C-#Awe@9DqJW_N#jd-h`RPfnxu9j;ZKMlF?=Z&TTlvAey417u`jRnxjT1DjFTEY;QdWN8ZZ7>aod-1Y z3xe?nlFa3h|Fw`+E<5r|u=1Def77!xU6k&7YRCPEM^ML;y6i%irpjNE0^w(AxH#CH{e! zXQ;THypUf^WsvFGU$Ebco?CEvmJ@+f^j2FJFN=FKRHZ;WN9-C$=pc&ZuM2vGNTZ*J zN;w8h4PdGOA?v8XlJrUOOK={|C>I9_hP=CFO5bL8;+IGm0BRujh5vm$EqY@;s=y*p zIs$@;I^bXa$Y}heXwzb^tH(E31j|5`s*LCp979EBr?Js@2&8lMzl=L3hXK~VNSw$-Z{O%lY)q&5sC z@H4=I1Il8ZjA5EX28lq3gPWODvDNO*u2r~j!9h;&zjNh%rH=ox3gaN=PCXT`oFSFg zLEKQe;$tOXyK(c?DKJ(dzz5khiq8;?=O)tnDP%B7P~u&Cuf5fDVVElOLIOE|ABgc0 zqKmyjud*lDTl5wZP^q(wIYwm)7|$!3!gjSVK`6FWB8C*FXkVF`?9e?vP5U&L$mR)R z-DsjgIdS~tcoi_7UtUF_O?3yz6(-Q5NPr#iUP6kj7E$6WqM zUH&N9!M29LR5qq#HGa{ji7t5-LxIi(g91(G3v~bus+<*W>^W|LD2?D=JF~{;7F?cD zmB!$sqQqsGF04`}3@S_)Qx|BE70)^+XTzg7rpTa^(C1PZM2i#^L4kqd0cEZeX~# zj?D7=$e1JWG|@%se}_eXy4o>)x=0vLk|=HZbS@~5pjL;0M8@ajvDX7dUS!G z*G3ok`N_~FcpuiKi-2s3#Np}3MRxDSbkU%cXLp8JgouFCM=9&wg3DK-dwg}eoGAD7 z7Sb$97vt{!NS`LUWbt^QHQ3HO^{oj32O!AevCViHl-us3C+mHh)?G=L6q5tJH6&fA za|=$)stRo_hZ>J`9cg+R&($Pd;OCD7cBafNI5DegPM$nvg7+I$T*M0oClefjqt6-T zIYTQ(M7+N!h<-@IC881DUj#xQve6v0+sh)8glE07t}<(}K-_{$lhxw*^wP&EYY)Qb zSpp17>xsMPhr#o3A~Z%V!2!+bibBKpfmj1h&Jy9_#1ZG1l7ogrvRmcg#i)u~%MgeX ztgn%oi)K^0ZIv1>r;Xf6C|)w$&(wX8z(w6}Hau2!kMES(&a ziicBF@>#fMou6#NmE+T;kf`I-M5lzp_(zyP5(N1W7ZL;b9L4543a4- z^PDWgY1O1FzPjq+ggy(z2u#enUp=D<;bf}-VfKoZF2|MY(`6MW*zO|b@wkZ-4I6!= zEY=-yYT|Ka*-{Hskjbt0nm(Zt6d<{OBAc3_j?N~bELFC%GOe>pHEYa8m)hrGD>QZl zi5tqU^jJ0984AmSl8jA)?e}ioRg>oU?)d?nl!x?@;S+xyznCFlT2E<=5_NA|B}Kd2 zvm8!GQ-*8;!CUR%qqDnF71JB)NEVRH0aN!s=|t~6ki;sbO^moO2Qs|b-(w+8imQ%^ zgG^ELAdZbW73=SS<74pHv+0I!a#>C)3>f^Ajkdnd4e|3*Hr3s{y~8_y+h#gwF&E` zY`%1q@U=)QkARILY1`%;(hRiLqTbp2qMwC)pyzH1M~?}!b}`9X^Ql((GnW& z8kO2`KCt##vql9r49eI>O43whi$Ic`7zzlS8YVEn>8Ha1IGzAC^4ls^DoQgke~Vc$ zAb}h>wf6mNzqb;uP2~&9T)q`_^jYH~`iF8v)Y{i_zzL0&kgnT5(6T{#rwIM(0@4|R z@!uI1=mUw+#y>9u{m1`tGXZ-2Kht{VY81Eym*4+{YZ`5>|K9YhUqz6UPvW#n|EmY| zq4pE+5=pVy->KNjDeYH55%BP5>SSjp$ z4S7k*oDXaCr}Tp4Fm%_`ac9%<{RMPHG##Bs$3vqx zDxVaIP2?UUJ7wjh?6NU@`KLWSTv;qk*VfFOely2DK{c#?=BzsRoxSrxpY~LtWwCa; z2D6Cz&2*>hePtSb&?k`Al=42Gp(Lr@+iId~L&j6TnXYubzpSVa`n0DpD~q+!wIMsJ z-%MA!-d_gS2YuSp#g@eu(KV1s)^BDhy6TLRPvi7B{IsVtEQ^Kd+Bx#&ql8BOt{v{(JfC=(U7oNCRxcK&Yv)L3&nmuImnRSdEm&+xx>h5l-2xT)?D%bA z4X7vx&+WMdmpfhjwg<6)|ObcC~g@RRi0{T{&aokeiGDO!7T9(^PBVC_~ zf>rBqcYVvJYX>dMZRYqnX;X`zW%R8&T^DFsZZqfR5?V~7E5!Q6s%nz?t3!5m6P^I5 zlDt3dXBmCV(zTX{S-oChcPZC_(^3#PvP;5~&&^zYZo%cBcdNGy0>xaqK8L&wwZ0VE zYw$~}&e}lN&U$RE#qJX9S3S0&Sa2QqgT^oK@&sZK2a9#0>mMZkd6#Dy`@llF{z2lW zcXsDsXBB(aA3c72muIc~`UiMHBTVddazhCT{|UW59eWj#)Q2E zmmS!(jjo*%xi{r;f3}nj#GncmYo=?bMDR^{;GZ*H7a9lZc5OH3c_)FOkOwOH(x0tB zu!=lTp=%d`piLgAkotK%tE{gTx^@u=g7Uz#B&c~-kq0Vt?II9_<$-5R*j4te3SGMh z1Woe5v!(1B=-NdfXp#q>GhLUK2e^Ptpov;U^P3TN7qi~fmV6IBlUB6 zR@t{ax^^-Tgyn%}Nl^3LnXaA80}b-PGbZev*Vj(wfkt`Y*-~~DJE2F{PUe9|dEi;o zbybYw+?lH9N*BQuE|?JYkg5Z*2fmgweSf)EBU=C5}kRX=R!Hl(6u74 zK3l@BPSvZtzlm zEvad0tT{aL<9b%{gYOs-*l*@svSI{^I)F0pUe0zY7R(Tg6Dchi&`*|4i)WR4Mjazk z`_0@}bm~X?+=9#Z%ib^O7;)HdCKv>*d2M*=&mGp+6H2h4tmFCCp^6x3gE^YI;LP04 z&`LtYV5TzM7$Tc+gC+GpWQajo@6kUi*|U7Q7I9-+<2=2$rK<5VYb4$@vQ`n%_YCQ) zoCS!-nU2eQ?y$aEx?&;_yN0co6mG$>DFvVaH!~c~%Ber2c@l#$(hQ5@N0<_P>1Pde z)zmQds)hb8a3bYZOwAw?EUrfug1XS$S5 zal*?y0fI`2HA@gT*{Vyi;3+?=+~=;)Rlh!KrS2^_aZ7ceE+$jNpY;8LyV7+=31#ov z7uhoYfK$4Re4z*&$L>akNSsj|j92~?o;Ap?|Dt0>r}p)=8Vz6Zt&KWwQWsifONYh> zP@4|_MaQ}(CQcBeM=p$YmIr#0FmOz--4OO5g_)J!5xK^Ul2paMg$zq2jDr|WFhQ{m z-}1{C3j$MI29f#a=1ho;kA}l37PEXjh-f;rrAq&Sp5=iAts>R&qVDt17-_lCPc&>+5^;I)L zUjqVIY)jnaz}CAq&T%68lKOHCFPTm1^ z{Y+^+I%7RHXG}VjN?{*ymQ$l0WsF{9sdV1Vu!=>l=B!;BR99A+=M&TNU=Gvd>oi`+ zH2w?t?z;<|efOOviX1=7PWB}67l-KWdy4|vwyz8wP+Ps;ix)r()Hy4U*UZ4{7cmkL zCtN3bC=73bAT_<7A(o~$H`$|1PRAl>O=El;$!dh88H%o4nO07=tpPYMkTSSn4i?AFQ5fr0rZkwr7-mBAh2l6fPa`#ml8xj- zO+gB;Y-~A3)ryB8$B1n^Jv6=NmEPD8O?u?Eje$vJLxKWFDkopD@Vi9dNO!=C&s2sH z(&3r-030eR>5iF~avuC5;gwR03hAT}?ZSfNgpPd{)DVUOrC9<6;=^AHR0kqUUcB3V zwKV`g(;IZH;_i{~80fXX=%yu(+=4KVXwKkN?s{DALn)lAjcAff8mW=0kCU9$d;tE6 zNnDrrC<#Qo0x2YLij?$Zg;F}1;7Br$lOETT*h->Z6(t6k4r3Z|DHBF06Y7t0G7fb+ z{en(?M|RvA=qdTj8P)6hH3!FOnkyCu0#13^qHJSe#z761$OUC`TO8&@F0%rvGc*OL zFY7ujZS{J`YD?#WQ8G>DUL-BE9Ad9!Nfqc0pCj0tP+o}eoFT5qqMX_wrbr79W>fds z98b#gKLMu_t2~QU+AgyNl9D#G4K~t|UDhT^wfkm%( zJdt{MkyNb2PcDCwc}vx(I2YZt5|mTZ+WIL237t-5hpmqV-%`ua+zJm?<8pKfljW0N z0?nf3qB>BLgWOMgw$P~8S8D7?4R2qKL|?w>0X;142m9`{2ue8u2gwbb^B&OYNk=^Z zEI|3fKmx#v4mbk4doTC3lyN+<>$D}U?y5-!si1Blrp|lN089l zl1<=fvyVF?3=4;rVr)10R+AK=spU3b$PMch7a*5gQ9q+`pU@Z$U)a|Aa(jnF;J$q$ z$#S40%a(el)^c10#6<=_%KX9q+bA(~<=h`m;J=3zsMX(nr$2oI+$@0L!Y|tEwXIY$dZWmMV4^#0v_C@-h7xF0 zUc$uF37D8E#FqmB97^)*E^@FS|L#+iU7%S4vl)fKDaDq^G9O{H72Fv z{b^yToxy9Bmx0kdlfnp5SgNfm7qd%{!fYTxTC+cwRX7+UL=08585puDzf>i4T6J>W zP|$w#F^&oRbJlq&Q(Z;E2-BC)EejP@p584|LfhdsKG?Cs)vOl=d(W z0Bo)q0ROM_^Gd+0^&HSzbv+jh3N)Qxf=wUo?KyrEmpy) zX6&4JHF#Of39HXyB9w}bIJoq;)5~oD!7m9OGsxyuqmP`313uHDh@csc_|O#n)ojx* zWSK3cfXW3QkrKEy-TT|Nk%i&?o1X$N?VebvMM=K) zc-MO#*Gad2n~NXYP2PQ)JuO5+5^9QI0aA{d}9lK_nAm)8+`#b#tWBpeNPx6w|2r@yT@=xhgxGzOg%xN;cI zmG@Zf;3b;%$T#F3o{BCTb(0C{#+?05{KP~~S8OnwcwyKT+*29pUw@>OlOW4c3JRWD z?eaT-cM3yS+z;!c9UA$J$4ru)+U+wFjA5Kwm!^>(n3{St;%sWrE~Gd;qbvpI6#!Ogw<9L? z4`q;176L2;96|vNs>#tQO29clplk;?DxBL$dBIOYbF^jY(s>Qk?fO{wI3UO14xtWv z48VD@$HSdh$gZo@WG2~0P){wn~l6g#ye-|u5-T3&) zFCSbMyGO|7WXfj5-A1m|rR1BQh>71b?v*`A!mfO+6ytV3{p*QZJsTV71@%cJh~u2H zc+Tl~lA!!%+#>eS_nhItXHzxegzzbH%{x~u5I~E0ht4A3lQZ699IV@NG17oy zPKi`rb$7NDaT3cB8bG$u8@*-hczv`b3%L4|+xe>lbFR-=l*xb!b!1K6`y@_OR)A?7 zQt&a&_`7bxbN;CtU_(ir2qQUIL$kUR!inSjO>TZiz242ujfVk5kMVIYR7FJZ#o6ie zSC`MbJ6`|qj`Oo3$!td(&Mj*t3h|B91M!&aB~K%C!>Qc1w~=6@a^dwz*tU!c?1ub!P< zoxOf_iC+JJPG0>J{dD%~*)}3HnMj@Ueat27a>Ayt|9Y9uYdX)Cx;erMaWqb)wm)Vw z!Xvo|?5wRg3LH3S)%KgpaJ;{)@yU;xwMeE9{y=nqbLYGF(eL;B2YY+)-+sSe{_mi_ zv-_99-u~fE|L}0IxBHj=VE^D?@E6oy#{ic-sbs-_>EF4p^5DLb$GVz!16_ zR4x!ukmO3xwhOf#4oPw&RkmS4C-)qLt_toB#A7c%3eqkT53P=^}Gv?sU;8jljC) zbj=VPsqADY2F9rW=A~p}+pqyR2&FvCA!}5g9935XpwFCTo6Bp;?eGX`rOKI=X6$p5 z2rsH67EgR?v)2kKpiD>Xe{yPbG5w2{}S}G3SCLDVN%#RNjz%WNZ2LI3GS3 zmlxzJlJqP(l(mE>8*tH9K>Y-{*JSP@_lMW7UF53G%SBru6$x^`Ke=$_zyHVWbWr!x zCk6C}4_)mIvaAPLB?f(+li*p(X*9l+OC}9zG(J-)F4gPj%A(97&tMfR)Jh;<5$_DOt9#s#rirJLfPor$%QX7P> z2%l<%cfY2&Trhign7C}tJY2zpXb8?rci36{8<7D*{WQ$*?MZM(HabIX5&Ri$N9v#$jd+EWi3qD#Q}94 zrin_y+i$hSmJB0>gAK#IbM9){^^ah&Zk35norri- zn@qNlrnv%z715l}v#0+;oeuhlA{t2n3Jv;2Hmw<2#1gbcrg1X2rnplsiegTqWQ1HC z$6j$UW|fZ6Hvm*d4wde#{k^=;Y+jT3HriD8agL5_h@lM8rrO|Ov(xozx1&nO*2;p) zcj0(;iB45^DU7h5?x4<>NJX3f6UeB_FTOr9lG~#C+u9KatL^t7DX(uMEXd9O<2S-w zhW~fj2v^rty7jE;^KEzE*~_;zle#;Ls$o#K+~ry`r&5>q%$VBlXrGN98aA%4f*=;| zS6?tewAg~yw);Gc@~?VYgYIwXQtMOwt$k^k=Ks0vyiHFF`+p(n^=(c7me~LI5Bhs0 z`~P5PfB(_`{}9h-v;SMswX9op+83dbH56!3ZUfrgBo_?nC=)=(Asgbbu$Ido?KbR! z3rcmZV!%GE-$u6cPHi}U%4>V371Kdu%Qg?uy{xB)RvU#5kHcBaDcnHI{Cv!P!hi~% zf?Llp4aOw#+Ra%E_guZay~4~1GMy2A%BC^q1i613csqk`->u3g&2->(vIaq9K(6Yt zHyaE|f(LF9txaXCM$OyeDk8}Z6*)<*#ReI>314%R*b0S1b1ewwe$T54gF1Fy4)k0RPMG>Rl zd>(?W@AyCO+;QEmvzE>35o-^<#b11Xa*FcMV(nHHA7Xz6esg!RNOhPd6UOPEDx~Ww zC|p#1eW*OWc-9tyJ`YyF-`zsP^fP< zu1m7_T6>@2-kYZHw*{c36qIoeHir%9?ji`E5$>rdO!*dp!+6q8M7=FBwgRKwF4s_beSFng;J2CSxT*R>&UMU!uFz2A zwD)-@z9mepEV!*&x(#=iv;iR!R6LVBJj<@P`>p4kpc_0_(erhL=9hTgdejU9`t%76iH{+0wrm+^yw7@oKYbf0u|Oxg#$@&$i`0u#F?9>QQd4jecIA~rM4Pj z!CF{<7G~TJTeDyK-T(Yo=jkv1{pnv%KYiMC(N+OH=p#zlB}9cn)~Wo`jplQn|Ft>) zwL^;B<^Xuf{m-4lorCiE@803TNJSInKQI#W(J}IJunH8U`!9JE6yr2?Z3m||HFAQ} zb+g)xqb>5sij8uXi2*|O19ma;J!bh6>f0r#Gw3q`IpvKCGY znx&CN^(6uZ0?A$Y%2R!e*pw!f*X~ICLw4yRm#5K*_*oEc{?;G5HU1sV9%J(F`kr)r zUl-(!f8uF)2Z^G^{;%T5-tzAEUzYFxyE}V_<@?`*z5e6={}9hZ?*Gu&)r7NjJW+DK z66;eF6Ih4hR<6KV2C>2-mQBJk9uif~bL?$pbB042fKL5fcF^xj)?DT^c_E>1)_Stz zka*B!w$Z>hb>kt%$;3-omL0F(cVQ#qB+34G1(zY+5hY;&RaDV#zwhP>Zw11^eL*-_ z0m4BBVFeVu{7rb&Y+9<2*u%=)ersl=ih@pYo0cSXVWNj*dG8=>xX!as?hSR3R=m2% z)b!8`svhByw zAXT$THi{a{P?~QHWmLfplHVDP;Hpa%3$`2~H|=WuYzx=P_q{XmvyR+o?@yZmqsHmc zF>>EU=O>q!Z(mhvRoVJ2EpjWkqvtkvdaNxvg_rKT zYMS6zEYb0Q$&5rgbs#5pUbJn*!k~~~aEc-Mh)x-z61vXK+iM*Su@e0q`4B#TEnxqU zauCMtfbKd;i3+eN;Y!eYqObQh^1*i%`E?=JU^kl=U0%HHfXApQgmKtvkF0(Z!lyJ+yF;;^1dnZlvu$#yzxbe)b=87_*{HhJK^`~MsMBK0 zf6MN2NCP@1BC)}-27HX%|5e&+>@gqLG*mO{Qs>2yRJSDe8`1kl$p5*evgNt6AT7XE zIfAP8pqgL3#WqKjdg(la0O#lo$UU2(OOW-^D@dNQ6_A({A15R@Qdv$5bgt}N=V=(K zTEZLwbrvkfI4@pWl9|}wxGD$R&EIx9O>4Hzk}W`GiO|-2xr6{biPQ4Ru<1mHU9uN| zjiYYCLPSUCnnuByK<*UB`CUNEhGfHVjBp&wnJv8aAkKNQ;R123(pI^h{1$4n?Wu67 zSmU%n+4@WTb>m^V5iTc;E&FD&)o=&Mu}l?5B}^4S`H0ep{$XxqtI)j=ysHFG0h;x3 z0W!m3s`93qv_&F|R4f)O^$LGj`+_ei{!12l4Lr-2y8h~0#(ML2VZJwO&D&MJP+#sr z*hIx@p2VRx5Gm9YO+&6;PZpNzP3gB^WUE8e3Yt}x>gVQJkCXCM^G~HM7!Q&y8jT?f zqk7HBjLP@Dm=lwdghnHV{sWD07!I+2EtJy_WTVRh;4hM&X2#WIHFZX1AVHoAo8N|8 z&dNS5oABWZkJ~5{y{F0nCRRCJYU0Yj#6pR%f#@l}FqKMvXLqze2*~btxc}Y3fxk~i z{o%;p+ZpbT4tMwc!`(suaCq47_cVasm~Fh+8+2dn?V)T)MgN=M{(B4DZ@%qpz4P>6 z|7HK#h3_Zb|AV`KzU%($Tm3D6(RtdDHNI_CZu2(_R|W0F(8gNhHNpFyK>RJHV(^Vqs_ph&VYv%aTjkM}JjTtEpD^VmXh% z-5q@rroZZ6`rA2^Y}S0!zsl!R=hkVI)n;}O<$>f4`9&i{-ctd>w=QYMZr7ImWVL%| zQQ{$Z1){dv{AznFeW;6kF@$-$o(B$-!RvyXg){wc6oFNn$l3+hV)dx$^8zxD-^i z$Drf`Qbf9%#{|K7cJTtra>ihMf6sL*t`a7fk!-b^MQB?!SO30S**U)A9S@lw7rVVH za;Wc4)9tZUOha zdU1&a9Y-W^WCc2+z7)J5b+Ft{bskKO7`wW2K}LC|D7!bwsUYKTD(9`Ik=)zJCbVle zvwU)8+b>nqavLBb$(0wYr3UrI@M&w{i?x>py&5kS#i}M){6yxc(6n1dgde6-O;JbT zT(bFA)s_@51|dvB(Z&9hxE-6lebKJ}@U)Qsbu7qxJOAC2GJi?_?;kv#|31j`@bbSU z%!>p^0p@|uKU>FuH1U~|dAQ@+;Kr&_H5Tb&&+kef){X<7&u0CXy6qIc=*}!pKjTAx zbZj_fC3dOW;VRpgd@Ve^du9@?YjU}3Lr_CCV|!sK~dP&-}qa(yXbXIAhQq z&TA^^hzQx()%`V7>a@vLvH7bqqa-=9YI@GBSY8b;%@vQTsdGv=I1N~q&iuTh5VzKJ z->Hdc+^Goa_48O8)wM8_vZ2BpE~sK=5!Lo*=1+;(g{iA8pHE(~hMBj*v{k07w#h7Q zWH|@TBFBKDxb&i!cA8G7X#yEMK>(HFr$0g1IMOnlGeX0~G!OHn|~{9=Ix+@u)R zco9RfqNSI)iSw4A0K7zRa0FTQL&jpnW`rZvm`SUx4D{OdacVO3XK)G{`2^AA3536# z!=0Sa7(|S2&k4S^b8&AQ{a4VMJzhEtu>y~K2_i>=&I zC6zxVnaVktk^~1h!5VdXW|}qoIt;Iaog!GvXe*}v^({^}mIN*DppRhV{wJP>wfs^o z;6;qIW4gR6lV6=#ck+uM>*Q3ca-A<$#(jL6pBD1JB8=OM|4Zfn!~UR@|Ml>2XZKP5 ze~9P7{Xd_-kL4yHx12~D$l+Q)$Q+H^ip`w5c@Z578R`NXGW)hH`Fch;rvZ`Nk*AT5 z4tC*BI=xIsBl;e>-KNxKr<_QMQl04nm=b1l@`ts^GMwk2tKD?j0JKn7ur7hGVD}s0 z76+pKHWJuJ#7P`tpCI>J7rDQ>w;vSF5I0K0aE|^+aVY0Cka7wP){~+Qv<~GH*@uK& zWC0%pn-cp}Cbt?YvsFl^R3Abl6DrV_M%A-dm$EFJgv7+}c+T0#+yzmMWFajq+|&Gk z1Mm((Dl2ecY}tPuPLu4>OlpGUS}m#+)@5(A^+#md2gu$ zEW7`Ia9Ga&(m#02|Nbz~XUzX@=n76oiAZ{|QzJI~o%jhFVr><~XiR4$LNO;0nEq-) z1ku0L4ljAy5DV&~geW%~DXm8=K~thlU}n3fvK z`>=$D!-MAOtKypkG@afOaNXM4ARp}SHqT%M^blL;I?G7h>lY}czjrqh_x1~v(mz~* z#NV$1_)Zb`{+qdfE3(pN zlLdAYLw*HQiE*gD)bWk#+|G(+kgK&)sf#LoN^+HX_U9r8?^07;^t|w*m&G1>9jh3; z%12s4V~%?*7jSdW8s6)3OYqQEg08kt!GSD-#Ict6nuX_8VKbGU%_5@tjPfX?M&@P8 zJJ`fV+WI{ei9USJkl)ervwwYqd5}Bct1x^3!M8LTv7@>RKsq3eVIB!5q&LMh%0Iv) zZkW-legUVI>9Aus<#;>;M|JHY5Y8nlzaeOXXL1lT$^FY16;kuJlYZT|H+zvnD+a9P zW`TmwdS-R2K~SOT#O*kcS`O*k!@i!FxUC;)SCVp zi`szZ7%;=HHx-q+&NZ30VmjAW2IkxF9F-3Fnn36W_mQzY1Y?mRSZz4CSJru>EM)iv zR9(KjVJ1J-p5PSzUU+#-FZ~L| zqHcj?pQxF9k{ix$CPZ72G8|KZq%tH?xnM1nTCQ0PvT_kos0;BF|E3!Id$F}LQ!-KB zOuUI2rnHTSH$IXgnD`^iFzkBhEe%5ieqJNWMWW(9l7w)5AyBVRtx+jZ)tsO%+%L+x zrG#01(IXve+6)lKQNX4d;#4zgI#CyW&sa!sRBY<)gh0f;gdrRRNX(~0778=uB~9n2 zS2bczX+G2;9x!HzohUHXr!jJVm1twm9z{CTz7xyhQ=)DqK&7lAwanMiD{|8`>}Ps2 zkmKYj@zB`_#QcOQvfoDHn#L+hrZ7h?5xGI2(I%|2Lup)J)A;*?JremXI);wyo+TvP zC}Q@e0|&D@HtY}!aUHLB~O8$3y2?&{#9n8O3D|lp{~>MmaAO255txA|qS~KU}H>?w9dHZ1Y!J zDw8OkU|m7dR%zTsGr$a~x?t^~cRh3gd?%b+tf+)8J>nBso|;WnF{-Ce^HdQNUmdIJ zAv{qZo)j3f0x0iTjx7goscco<(=(}KGlT5t7`ZOWV&-YaS9+cES<838b#3>7?C?Z4 zthWfO{Gg9KJ^cKnMbUtvte=$pR~AyzgoeT!ljJ8d|ADiq+%hu(MbegwywbjENe7iH z2bFH2&ccqNgzWk!OLqYosCEnsdsox*3?~>A*^sg8G)C@B%0@;FYH^~SwX5g5;{~!w zD_)<~ku5J9qpkHBWLG;LM@Ak-@~xEqh=vDy0r9QiF#5K$icj+g^72g(*nX!jW?)SO z{eZ6 zjTZy$mEvaULQ<-XO-*EQ6>+^D5K9qVSA_RwSZcXSF*uZ`h3(ShUnV>o$yUg2 z2uE9Tr#cDa2}XlXNBw-2P6?+z8g$TB8pqXAA9a}YU)`oP1LcKJX=Nv9szAo%{e|+w zJqg1XGy(IY`|jOa3l|X2^rMu^MZ(d3+s5s

BqWyo9yBJ|ZzmN28FG7}}z7O1!*E zr}fY@DE*ev!n36H^7aWlAqR6OMYf0c0Cn_6>OWf<+LYIFO8eDWeKNUn+Viv@; zD#mA#ykJ}9NxGo|Zr}?<6P<-Z$#X_b&=ZfQgrB(%d zPz|koZfnAdTJ%!s*35opJe(OR&b40Nudr3RglG4*)gWfs*>W|=jWSkQqVS5-Ty3XV zpupWU2dP`nQdXH|O;&h9@ze4sC^y=ogHg=MjIvZzbth~q;iAoAS0$G%_RqF@SETM` z#BD}fqT}__a8+0MO7d%d=}#N~59M5QZ}I;IJBK?J|Br*cNB@t9cs^JD2Rr`ir6Mo{ zF`sG~tENC-7RUn+W$Af*Qhyq2703h2FTN2|>MFNF=??%S9Q;|0dxej-xT_;bmrwL` z!01Y~LX_Xa*W<;N79NrV)2!CgpSH*!;0RDCQjYvedoGm`$fyTO4F%_ ztZ_7tTz#ES3;v%6SGb@1A3OW|gX;Z{$NY~E@_YvV9|eSGhaT!oDLX;R{H|icCpZ>L zNfSPcvuK6-hfr5QqGZvX%bK_#s2CWeX4j}_*GP+>_tm@$Lvqn3j^o9F@v0qGRmzHc z$;@b2gh!aq&5N!415ZIe9&HI)gOSm5 zAo9Rz=B3W&pmALRA{^c0C|b3$uaxm1Bav(^8dA#x1EG&P2oZExRXElAN+_N$TU=?e z|ErV5`-}gw-!JF?8yp@!>VFUOJox^vf;rPjBwXFX1Q($(Npde3ZHaAWUWy{MQF%-f zy`mS}+f349{TAwU&C8bY5*j+THeqhOzUyIz{;t^bX!Ztk6VQ;nj~P#pH%9d;8^h#3-UvyD(sEjasr}qAGUJd*jk>yr>VpiQU{zK>eT4R z@H0Q_Y;2{$RX52caX1XqySkder8BqC-6Zp#RlinRVwHw->#`h;cD}J@&~uCD5cNka zu%jifhri1Yn$ zLV9{!qa{JO2J}=pz&y>*v9?ZGG@|2|INmn*B1Viu22&cLm=)saZzJ+v;>iSiF;Pp= zmLLRe48GevJm@T!D0~g@m4-IMtAg0=`2f=t$8hGnDpRXApAigGEXjbiWs*E;24!k^ z-(x|}B^Lp;t7Gr)nVO=t5jLfXYS^_Cq`22Kf_+t^$jvpDk4Q}L&i;X%vadsXd3^5r zw9x-wj+*H6c7?X@XM8_Yr4d2&@~A7cuFK z5Ow)0JYJA5@q)2r5l^md%|0`OSk<{D)LcAtk(I)|qjOxA6DWRE&VoPCC_rwPzk3&a zyZKRZ*CSV@zkGXg@#^f=KaS8vK6(_8g!l;w(3aG}tW@!zJ{`$7vdpJXoo%FL%t*!R zR*}NN&x5mQ9L^CZa+oC2w>aR|LsooH9-#uxNlxg>LQ8G!5bbMVKEh3S->6F#Lv zsG4q#;Chvb(UHCh4DcZ=L^?IbXt+kg!jRoq$)7>@P_9OGu;gRN64X^*R$wfB&wnjn zfH}sB>YK1rHJ7!tO^}gZ5+P?EBypVkilR+C8o^4s)W|QW?UpgwOioeDBY#LS+O-7a z-cuyCYRkVW0~_f!;PQ{cIG4<4i$w%YF^w!zHFE{KZAbA%%QFC&iPq~h3fvq$#jC;9 zA?CJ($|tvksYL(k92v;>!# z{iEY-&brl<;hBPHdwA%YwpS&*@EWF|mQGBiT0+sNIWsvURnZ9+NMF7e@Wq z1dde6dFGv7z?X6M8Q0Q{1((Xv*g^d&S|A^EUKITu^}m`)so>h&^!2eI+i;&-1-Aeu zrlHK)Rt1;$Fvu1|tm6jtN!aTgrweUE1{))SUIG7xoQf8F+30PqY@{;}{S4A%Ug2Cv zyVSI4OQ0jhEg{oGKNNl!V)KejwuNigb1*2$H+86qsPxA&zxB`??it=nq7UwteD zjslKXF$OF<{~hd<QV{+y(6F zGq8=NV0Viyq#1}7#gt1FNzkIo>&EwPJSyBI+Voq@|TyxdZnOqx~4Qaf^^l@%J)#tX)h2Gx;UpWH&PHSNgl*SMKmZKV43()!EQ z*TwZO)FFT*k*48POH^C^LRI4OEH$ddg@Vnhv8Iu(oZ>ZW#{~$AqX8goLb*-6zzV_D zX~;DPlfbu2Fw~rNtlJ1-FkMCRTFnsUgBN@FK#m3O<63K>=0G%`%lbvtOno)wTM%Jh z>mJZl2h(DV{ks@)+U$U9v*oN&7-$3cEsQy)*_!rlW5{XQ%$m(OW)LgP`z=j4O|9I~ zfMc5d!p%1}J6&as6@y;amXcD?%yU?+R?r!o17p? z3zJ;VmX;agbjcP(ugZ4?NxE5D!8KaoG$4<*x3?AL93 z(}P%H-fwGrYiQ-Jwm04E7jAoNZJ}wBpzqT{vt~V~aSY4MG}eN;g_-7FO`?lblCO7a z?rs+~Q+EG$(a&w*S@NuE|AX`@D+U5t=KpoDSMmSa9qc^X{~qG`jP}3z<^O)Me#2iO z|Ig<)`@taZ)$13hR}MpZ);zw zZR4)iC1~^uw=K0cVl<0x_i4hopXGID%Y|B3U%5Y5y%_z~&1QQOVa5&b%a7}}&x-b+ zn2BV}$!bQRCH`N7!;1Z9clYuB-@`ng&;E0+Na;R|Ko*sLF_xelrew-f9giUU9Se zjMkKDv0BVFtNGR9&3bLk+E`PFnJN@T^NPlhHIXY(p*@RkDYB=rBh++Jo{t5{Ue%zm zkT_e-!2OyR7LV*pGBn&yd=7|D1Ck}5ClWBZBkE+q8qP&~UX|EVK|GV;xR8YBn#{Xw z)HUB0?Q4+Aqi$1!R6-K+A<3W(Ak7PnG}LAbD>3oLO=a;2isE!hiD}5GTwBWO$0AQf zDFJ!kqL$9dV;dWav;Ns^P0M%C)hrRq+p{)0g(#KFv=ujOB+zmv%N=IxHDwd_cB?$6 z7A*BPq)u@-3-sy6K2~jb&88}Ah$~Xe?Tl6n8oHz9%ATw*+k9n=9Tkyq#VKeIEAP=5 zvR?I|^@#3;d*nrb&JIMEa}bb~t4nhM-6DI9#TAh;-xZ3%rWciL4y<3mf+F4{99qtN^T$8!*Vklc`2vUz>PX8o%G9L zPJ#gyw()T#RAnZ_tOMSFGq zrm&jvslJUnYG$g@FVf_sc083l-Y8;f^sO-s78$*9-lLASHYuce+i#v`RmYyQ#i&== z$+J@!l>$)04=p|s2BSjBbB2LqozhFo4CwF2Xt395JrlKJ#~tXuwmr+(W$!$OsTa4e ztrcXhj@k>|2H8t?ptE$|a_=ZZyIB07qo(fd6>H^C`z$V2U-Yx0{%>zft*rn{^#8rX z-Ln3_yLa$-|L;Mb&*%T8)nQo%6#XHo>iSA{hw`wnPgykT_a$@LDvNxsNdOM7+$LQ= zb7s&YQn%mNVsb-ogZ1_{$a-rd@-<0%Dvxw6Zt8|mO&wjD1{7PHy%}Y_k>hGYlqjNe zWg4hWdPb8hQjcJcr(xl?W3KEq*i&+`qS2mG->*Pp5<&Xkpx6GIB}~!s{#7wOHVsUG z6I|a#v)@Atxjx^jbc*WCI#y7amQ#7Pp+DVCj;a&bxNmTpG6id|WgSyJ$+PMx}MsEe_8V%@W-k-j^Ga6G zD-;=%W*=KQTQuVGSx>vFFk34d%9!WCIwv4uh_8b=g-% z6lov5i{3@X8}S?QE~?RVRObqEIdd8VUZ=s)t7rjG%|H1@JgKs^EQv7=0`#QYm12=p zw~jYuam@uJ6gUbzsfFdFkovcBgV;{Wy~e=e}8|!UzGm` z2mQlG`Ts$l4RnqZ$zufMnuiIO8%BhNDGedXc8vXNJSM_(Hqh0C3MA4vW;_u{Oh_1l zw+fo##GlY;yp1>saYAQ$!^_{}C~!7VM8?X$c}p1;v>z$@e>xs|9ffnmBB&`rLNVbe zq!IBP@7d+AmvVb@Hqa?hD0*{xi2}-n#=@wM~ROQx~&^#6A@&>PGtO9eW6_FOn#%-Qe6PaKa11ou=q z&VF~inebUaWZQH)Mk5vmggbOP?tQTqhNks@@%-f3%je!SSVJF6?tdNhcMePIe}89Z z|8f04#Iu3Er%8mT)U1XVbjYQ=aVp8daZb=LKay}-eEqL2lO$j65}uf-^!N#jsV{n= zD*CG?s0~@B1D5MCXK5^1iXt);vN841kR&&RL>VBep656l8|doAU!Pq#&Tqf{CS_tL zATfyo68V&9xm)gvN4h=Op|uh82<>?9z4yjnh6$Q5K0iXtr$@aWCu1rSKJN~^fce*i zdzAHts(;nJ>=OF*StM9U961V<^*={xECtQ17=VXk`o?rW8#vcA3XYIe!Rh!Vj-4q< zuoQnK8f`K)PIP3~EgWB@r1Y%NOgi8-6mfCz*Qr5JN0nvgIiT%el?^(V;3 zkrcV$xB)I!%t**$6p)ppF*hNd{eW5PYhDH36!1K6j2`6(R|9LFMW z?OMO_0y66wl~2NIjIuHsI%FOniz%M58!OknksDis8!!I-BA#xnL~G zY1S+SNnXi3CPzqs+T|b=5aDwQy4MkU2I~Zw;+9fLWusEh3Yjl;F9#v=9#7+t9HDG= zIgYgomvnWJl?3dm_T_4@Th;{Gi^ep1?>Gq_FKbq{li;!4%)lEQc!O?0h7?ELLBGon zb{!{9!|ykSKYg;8ExOA_oX_j^_?SG$G0gu^3XLM2B-E4A7BkL{eo2zU~KY z$QGdJc#ad0VQQg!sE!0Hs8M5q;}<$YbC#kTmWBZe={1pG1R;pLPdG+28ZkaqEJE!I z!k#2`SSV@xBtkS2366ZC8yk`%XCos^o8mSKjK4@P8xsEwv%i6?=|}cVI2%X}T|)$X zSFWpb$@N7-BA?_dOCJO;#gjQbRpq77YufT`BuG3ujz}2CV{#f|A(qkRKPF5lgG&xz zg5Iz&of34Z8bZ+0HaZ&_+HkA#n8S9dxV7B$Xf!TB>~>wp z!M;y~c*z2?4BQhaiKZ;b9gZ8}E_8H3aPXGXguI3c5cJQbon6vD$qGGu_YdkgQlVMa z?zy(|4fBZ%3N4wPbRjt#(ovJXQJ4;e*9~MLwuFEU1Q-CIH$V-uy3J_zdBKk;CtHwA zmWh(IHRHQ?Jwuqihn z*~JQD?)`{{2YV#)vn!jQJ~@R!2XUB>*z-JXW+c(!|kg_fQ zz}fW3dWkfm!QpIF{IURDW_HwwwV}8Y1)=_iVfk#L*yS~uFYNK!vP`$_P~W%89UDJ= z0{l4}_OS(^wX~v&i+|Z_LT~H?OufKfy}o*W=_T)zf=+ga1LA)FVULLWgIgRDw~cwb z%rWrJ$Hg!=XCujxMvVJ%=VT%~!q*qW;S56ZEEu#5DdF;AC@lQ%cTUz4F9c-F~{;O=FWSwt5VQ{ilN8ZPbC&+5%cymkY zg?BN|aLAwjO^mpi4tN1 zIvNp}mJz{8%4JhQK;Z0E4Ru#ZP|%88hg#$Xn?}}^9s#0>AmK2H;^h zM?;oORHYpl->yNv)sUQ8Wvqko7u(#awyCTuh(+PNocS9(S8}l20VX7~6UA}oidXpu$4>`BJfr&rE4v?nG~Wr&_6Xe3z|j^>C8krL6qOC_W0b)*SZ z_$0!dGRYt$&(<@gjV^ZWfDs|PH!RDnM;y)NMCM@RqX0djwAk#SsYN5f7K`96B17*b zoQw!JjOrIQ8c{GhLa~7Psnl#>&K578+0L)C-Cw74tR}d(k^R|C1?l=&5Yf@gM1P9L zYVyn&5{72Gnp%DqWR!*|q|r54Pyc56mVJ7*5j#l}#wiX(j}yVd8R<&!cHrOLZp=i| z%|TH!-TS-UVw=&_Rv3nC+*4&pSB?bw?9O(&3DbY>_Wlmrns&Z)EDz29@L4?ntK7!+ z(D$6-z-LqCV3ZI(MXq`0su_ZbHSfT!Q_gvhamnP7NQZ(36mtpzhje!VN~1u##Gl02 zpAZAcHZr%DcDz2?k_BA-$?g2rk<>TEb0B2Nzk!N?L6G-8iGhLmY#N7DDdA@G(M@>H zKXn6am|)-;ag@R?dVPUTU%z^Gc6Ijp)g^lU13G#2 zPxRB-t7qGYP-PT+FPX290MaQ42cC0DNTG9MEK_D(>Z1@x;}nkx8nYSU5gg(ZKBYqK twm1r$kWOi$d1_@i-WPjZ{rEgSkI&=t_^j#qzX1RM|Np0Nxe)*i1OO&m!m$7V literal 0 HcmV?d00001 diff --git a/charts/wordpress copie original - no valuesjson/wordpress/curl b/charts/wordpress copie original - no valuesjson/wordpress/curl new file mode 100644 index 0000000..e69de29 diff --git a/charts/wordpress copie original - no valuesjson/wordpress/index.yaml b/charts/wordpress copie original - no valuesjson/wordpress/index.yaml new file mode 100644 index 0000000..73be1d0 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/index.yaml @@ -0,0 +1,161 @@ +apiVersion: v1 +entries: + common: + - annotations: + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.19.0 + created: "2024-04-15T08:17:31.201694+02:00" + description: A Library Helm Chart for grouping common logic between bitnami charts. + This chart is not deployable by itself. + digest: 89e4008ba84ebc4b1838b7266bd991958f57eedb841e9268726de971dc78cfd1 + home: https://bitnami.com + icon: https://bitnami.com/downloads/logos/bitnami-mark.png + keywords: + - common + - helper + - template + - function + - bitnami + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: common + sources: + - https://github.com/bitnami/charts + type: library + urls: + - charts/common-2.19.0.tgz + version: 2.19.0 + mariadb: + - annotations: + category: Database + images: | + - name: mariadb + image: docker.io/bitnami/mariadb:11.2.3-debian-12-r4 + - name: mysqld-exporter + image: docker.io/bitnami/mysqld-exporter:0.15.1-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 11.2.3 + created: "2024-04-15T08:17:31.2084884+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: MariaDB is an open source, community-developed SQL database server + that is widely in use around the world due to its enterprise features, flexibility, + and collaboration with leading tech firms. + digest: 68baeb5bed0d05469e805fff6745b68ddd77a585033a0d03fcc90ab108677529 + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png + keywords: + - mariadb + - mysql + - database + - sql + - prometheus + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mariadb + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mariadb + urls: + - charts/mariadb-16.5.0.tgz + version: 16.5.0 + memcached: + - annotations: + category: Infrastructure + images: | + - name: memcached + image: docker.io/bitnami/memcached:1.6.24-debian-12-r0 + - name: memcached-exporter + image: docker.io/bitnami/memcached-exporter:0.14.2-debian-12-r10 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 1.6.24 + created: "2024-04-15T08:17:31.213548+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: Memcached is an high-performance, distributed memory object caching + system, generic in nature, but intended for use in speeding up dynamic web applications + by alleviating database load. + digest: 729aa0fc402dcc3eb493028ef124a744f907b8dba997519bb7dea588703a3c5f + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/memcached/img/memcached-stack-220x234.png + keywords: + - memcached + - cache + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: memcached + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/memcached + urls: + - charts/memcached-6.14.0.tgz + version: 6.14.0 + wordpress: + - annotations: + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.4.3 + created: "2024-04-15T08:17:31.201694+02:00" + dependencies: + - condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 13bb5d3f211ed22015c505a6d6508eabdf6f7bcb1e45f462362b0c5c870ffebf + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - wordpress-20.1.2.tgz + version: 20.1.2 +generated: "2024-04-15T08:17:31.1874317+02:00" diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/NOTES.txt b/charts/wordpress copie original - no valuesjson/wordpress/templates/NOTES.txt new file mode 100644 index 0000000..722c965 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/NOTES.txt @@ -0,0 +1,96 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +** Please be patient while the chart is being deployed ** + +{{- if .Values.diagnosticMode.enabled }} +The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: + + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} + +Get the list of pods by executing: + + kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +Access the pod you want to debug by executing + + kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash + +In order to replicate the container startup scripts execute this command: + + /opt/bitnami/scripts/wordpress/entrypoint.sh /opt/bitnami/scripts/apache/run.sh + +{{- else }} + +Your WordPress site can be accessed through the following DNS name from within your cluster: + + {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.service.ports.http }}) + +To access your WordPress site from outside the cluster follow the steps below: + +{{- if .Values.ingress.enabled }} + +1. Get the WordPress URL and associate WordPress hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "WordPress URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/" + echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.service.ports.http | toString }} + +1. Get the WordPress URL by running these commands: + +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "WordPress URL: http://$NODE_IP:$NODE_PORT/" + echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin" + +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "common.names.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "WordPress URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/" + echo "WordPress Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/admin" + +{{- else if contains "ClusterIP" .Values.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "common.names.fullname" . }} {{ .Values.service.ports.http }}:{{ .Values.service.ports.http }} & + echo "WordPress URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//" + echo "WordPress Admin URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//admin" + +{{- end }} +{{- end }} + +2. Open a browser and access WordPress using the obtained URL. + +3. Login with the following credentials below to see your blog: + + echo Username: {{ .Values.wordpressUsername }} + echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath="{.data.wordpress-password}" | base64 -d) + +{{- if .Values.metrics.enabled }} + +You can access Apache Prometheus metrics following the steps below: + +1. Get the Apache Prometheus metrics URL by running: + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ .Values.metrics.service.ports.metrics }}:{{ .Values.metrics.service.ports.metrics }} & + echo "Apache Prometheus metrics URL: http://127.0.0.1:{{ .Values.metrics.service.ports.metrics }}/metrics" + +2. Open a browser and access Apache Prometheus metrics using the obtained URL. + +{{- end }} +{{- end }} + +{{- include "wordpress.validateValues" . }} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.image }} +{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} +{{- include "common.warnings.resources" (dict "sections" (list "metrics" "" "volumePermissions") "context" $) }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/_helpers.tpl b/charts/wordpress copie original - no valuesjson/wordpress/templates/_helpers.tpl new file mode 100644 index 0000000..7483623 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/_helpers.tpl @@ -0,0 +1,286 @@ +{{/* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.mariadb.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.memcached.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}} +{{- end -}} + +{{/* +Return the proper WordPress image name +*/}} +{{- define "wordpress.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the metrics image) +*/}} +{{- define "wordpress.metrics.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "wordpress.volumePermissions.image" -}} +{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "wordpress.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}} +{{- end -}} + +{{/* + Create the name of the service account to use + */}} +{{- define "wordpress.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "wordpress.customHTAccessCM" -}} +{{- printf "%s" .Values.customHTAccessCM -}} +{{- end -}} + +{{/* +Return the WordPress configuration secret +*/}} +{{- define "wordpress.configSecretName" -}} +{{- if .Values.existingWordPressConfigurationSecret -}} + {{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}} +{{- else -}} + {{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for WordPress configuration +*/}} +{{- define "wordpress.createConfigSecret" -}} +{{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Apache configuration configmap +*/}} +{{- define "wordpress.apache.configmapName" -}} +{{- if .Values.existingApacheConfigurationConfigMap -}} + {{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}} +{{- else -}} + {{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for Apache configuration +*/}} +{{- define "wordpress.apache.createConfigmap" -}} +{{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Hostname +*/}} +{{- define "wordpress.databaseHost" -}} +{{- if .Values.mariadb.enabled }} + {{- if eq .Values.mariadb.architecture "replication" }} + {{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Port +*/}} +{{- define "wordpress.databasePort" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "3306" -}} +{{- else -}} + {{- printf "%d" (.Values.externalDatabase.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Database Name +*/}} +{{- define "wordpress.databaseName" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.database -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.database -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB User +*/}} +{{- define "wordpress.databaseUser" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.username -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.user -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Secret Name +*/}} +{{- define "wordpress.databaseSecretName" -}} +{{- if .Values.mariadb.enabled }} + {{- if .Values.mariadb.auth.existingSecret -}} + {{- printf "%s" .Values.mariadb.auth.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else if .Values.externalDatabase.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}} +{{- else -}} + {{- printf "%s-externaldb" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Hostname +*/}} +{{- define "wordpress.cacheHost" -}} +{{- if .Values.memcached.enabled }} + {{- $releaseNamespace := .Release.Namespace }} + {{- $clusterDomain := .Values.clusterDomain }} + {{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}} +{{- else -}} + {{- printf "%s" .Values.externalCache.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Port +*/}} +{{- define "wordpress.cachePort" -}} +{{- if .Values.memcached.enabled }} + {{- printf "11211" -}} +{{- else -}} + {{- printf "%d" (.Values.externalCache.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Secret Name +*/}} +{{- define "wordpress.secretName" -}} +{{- if .Values.existingSecret }} + {{- printf "%s" .Values.existingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the SMTP Secret Name +*/}} +{{- define "wordpress.smtpSecretName" -}} +{{- if .Values.smtpExistingSecret }} + {{- printf "%s" .Values.smtpExistingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message. +*/}} +{{- define "wordpress.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.database" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - Custom wp-config.php +*/}} +{{- define "wordpress.validateValues.configuration" -}} +{{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}} +wordpress: wordpressConfiguration + You are trying to use a wp-config.php file. This setup is only supported + when skipping wizard installation (--set wordpressSkipInstall=true). +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - htaccess configuration +*/}} +{{- define "wordpress.validateValues.htaccess" -}} +{{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}} +wordpress: customHTAccessCM + You are trying to use custom htaccess rules but Apache was configured + to prohibit overriding directives with htaccess files. To use this feature, + allow overriding Apache directives (--set allowOverrideNone=false). +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Database */}} +{{- define "wordpress.validateValues.database" -}} +{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}} +wordpress: database + You disable the MariaDB installation but you did not provide the required parameters + to use an external database. To use an external database, please ensure you provide + (at least) the following values: + + externalDatabase.host=DB_SERVER_HOST + externalDatabase.database=DB_NAME + externalDatabase.port=DB_SERVER_PORT +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Cache */}} +{{- define "wordpress.validateValues.cache" -}} +{{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}} +wordpress: cache + You enabled cache via W3 Total Cache without but you did not enable the Memcached + installation nor you did provided the required parameters to use an external cache server. + Please enable the Memcached installation (--set memcached.enabled=true) or + provide the external cache server values: + + externalCache.host=CACHE_SERVER_HOST + externalCache.port=CACHE_SERVER_PORT +{{- end -}} +{{- end -}} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/config-secret.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/config-secret.yaml new file mode 100644 index 0000000..9dff348 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/config-secret.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.createConfigSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + wp-config.php: {{ .Values.wordpressConfiguration | b64enc }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/deployment.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/deployment.yaml new file mode 100644 index 0000000..720d8fa --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/deployment.yaml @@ -0,0 +1,389 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + {{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }} + annotations: + {{- if .Values.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if (include "wordpress.createConfigSecret" .) }} + checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }} + {{- end }} + {{- end }} + spec: + {{- include "wordpress.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + {{- if .Values.hostAliases }} + # yamllint disable rule:indentation + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + # yamllint enable rule:indentation + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName | quote }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "wordpress.serviceAccountName" .}} + {{- if .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }} + initContainers: + {{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: "{{ include "wordpress.volumePermissions.image" . }}" + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + args: + - -ec + - | + mkdir -p /bitnami/wordpress + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2) + {{- else }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} + {{- end }} + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }} + securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} + {{- else }} + securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: wordpress + image: {{ include "wordpress.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.command }} + command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.args }} + args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: ALLOW_EMPTY_PASSWORD + value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }} + - name: WORDPRESS_SKIP_BOOTSTRAP + value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }} + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + # Override the default data to persist omiting wp-config.php from the list since + # it is mounted as a read-only file from a Secret + - name: WORDPRESS_DATA_TO_PERSIST + value: "wp-content" + {{- else }} + - name: MARIADB_HOST + value: {{ include "wordpress.databaseHost" . | quote }} + - name: MARIADB_PORT_NUMBER + value: {{ include "wordpress.databasePort" . | quote }} + - name: WORDPRESS_DATABASE_NAME + value: {{ include "wordpress.databaseName" . | quote }} + - name: WORDPRESS_DATABASE_USER + value: {{ include "wordpress.databaseUser" . | quote }} + - name: WORDPRESS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.databaseSecretName" . }} + key: mariadb-password + - name: WORDPRESS_USERNAME + value: {{ .Values.wordpressUsername | quote }} + - name: WORDPRESS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.secretName" . }} + key: wordpress-password + - name: WORDPRESS_EMAIL + value: {{ .Values.wordpressEmail | quote }} + - name: WORDPRESS_FIRST_NAME + value: {{ .Values.wordpressFirstName | quote }} + - name: WORDPRESS_LAST_NAME + value: {{ .Values.wordpressLastName | quote }} + - name: WORDPRESS_HTACCESS_OVERRIDE_NONE + value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }} + - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE + value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }} + - name: WORDPRESS_BLOG_NAME + value: {{ .Values.wordpressBlogName | quote }} + - name: WORDPRESS_TABLE_PREFIX + value: {{ .Values.wordpressTablePrefix | quote }} + - name: WORDPRESS_SCHEME + value: {{ .Values.wordpressScheme | quote }} + - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT + value: {{ .Values.wordpressExtraConfigContent | quote }} + - name: WORDPRESS_PLUGINS + value: {{ join "," .Values.wordpressPlugins | quote }} + - name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS + value: {{ ternary "yes" "no" .Values.overrideDatabaseSettings | quote }} + {{- end }} + {{- if .Values.multisite.enable }} + - name: WORDPRESS_ENABLE_MULTISITE + value: "yes" + - name: WORDPRESS_MULTISITE_HOST + value: {{ .Values.multisite.host | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER + value: {{ .Values.service.ports.http | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER + value: {{ .Values.service.ports.https | quote }} + - name: WORDPRESS_MULTISITE_NETWORK_TYPE + value: {{ .Values.multisite.networkType | quote }} + - name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION + value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }} + {{- end }} + {{- if .Values.smtpHost }} + - name: SMTP_HOST + value: {{ .Values.smtpHost | quote }} + {{- end }} + {{- if .Values.smtpPort }} + - name: SMTP_PORT + value: {{ .Values.smtpPort | quote }} + {{- end }} + {{- if .Values.smtpUser }} + - name: SMTP_USER + value: {{ .Values.smtpUser | quote }} + {{- end }} + {{- if or .Values.smtpPassword .Values.smtpExistingSecret }} + - name: SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.smtpSecretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.smtpProtocol }} + - name: SMTP_PROTOCOL + value: {{ .Values.smtpProtocol | quote }} + {{- end }} + - name: APACHE_HTTP_PORT_NUMBER + value: {{ .Values.containerPorts.http | quote }} + - name: APACHE_HTTPS_PORT_NUMBER + value: {{ .Values.containerPorts.https | quote }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.containerPorts.http }} + - name: https + containerPort: {{ .Values.containerPorts.https }} + {{- if .Values.extraContainerPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- else if ne .Values.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + mountPath: /opt/bitnami/wordpress/wp-config.php + subPath: wp-config.php + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + mountPath: /opt/bitnami/apache/conf/httpd.conf + subPath: httpd.conf + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - mountPath: /opt/bitnami/apache/conf/vhosts/htaccess + name: custom-htaccess + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - mountPath: /docker-entrypoint-init.d + name: custom-postinit + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + image: {{ include "wordpress.metrics.image" . }} + imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else }} + command: + - /bin/apache_exporter + - --scrape_uri + - http://status.localhost:8080/server-status/?auto + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.containerPorts.metrics }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.metrics.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: metrics + {{- end }} + {{- end }} + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- else if ne .Values.metrics.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + secret: + secretName: {{ include "wordpress.configSecretName" . }} + defaultMode: 0644 + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + configMap: + name: {{ include "wordpress.apache.configmapName" . }} + defaultMode: 0644 + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - name: custom-htaccess + configMap: + name: {{ include "wordpress.customHTAccessCM" . }} + items: + - key: wordpress-htaccess.conf + path: wordpress-htaccess.conf + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - name: custom-postinit + configMap: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) }} + defaultMode: 0755 + {{- end }} + - name: wordpress-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/externaldb-secrets.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/externaldb-secrets.yaml new file mode 100644 index 0000000..ae5edb1 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/externaldb-secrets.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/extra-list.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/extra-list.yaml new file mode 100644 index 0000000..2d35a58 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/extra-list.yaml @@ -0,0 +1,9 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/hpa.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/hpa.yaml new file mode 100644 index 0000000..2426dd2 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/hpa.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.autoscaling.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "common.names.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetMemory }} + - type: Resource + resource: + name: memory + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.targetCPU }} + - type: Resource + resource: + name: cpu + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/httpd-configmap.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/httpd-configmap.yaml new file mode 100644 index 0000000..30a434a --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/httpd-configmap.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.apache.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + httpd.conf: |- + {{- .Values.apacheConfiguration | nindent 4 }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/ingress.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/ingress.yaml new file mode 100644 index 0000000..3fe25b4 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/ingress.yaml @@ -0,0 +1,62 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ tpl .Values.ingress.hostname $ | quote }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ tpl .name $ | quote }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }} + tls: + {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }} + - hosts: + - {{ tpl .Values.ingress.hostname $ | quote }} + {{- if or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" ) }} + - {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }} + {{- end }} + secretName: {{ printf "%s-tls" (tpl .Values.ingress.hostname $) }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/metrics-svc.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/metrics-svc.yaml new file mode 100644 index 0000000..1731ac3 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/metrics-svc.yaml @@ -0,0 +1,27 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + ports: + - name: metrics + port: {{ .Values.metrics.service.ports.metrics }} + protocol: TCP + targetPort: metrics + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-backend-ingress.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-backend-ingress.yaml new file mode 100644 index 0000000..7133256 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-backend-ingress.yaml @@ -0,0 +1,30 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled .Values.networkPolicy.ingressRules.backendOnlyAccessibleByFrontend }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-backend" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- if .Values.networkPolicy.ingressRules.customBackendSelector }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customBackendSelector "context" $) | nindent 6 }} + {{- else }} + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: {{ .Release.Name }} + {{- end }} + ingress: + - from: + - podSelector: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-egress.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-egress.yaml new file mode 100644 index 0000000..9c8a442 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-egress.yaml @@ -0,0 +1,35 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.egressRules.denyConnectionsToExternal .Values.networkPolicy.egressRules.customRules) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-egress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + policyTypes: + - Egress + egress: + {{- if .Values.networkPolicy.egressRules.denyConnectionsToExternal }} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - to: + - namespaceSelector: {} + {{- end }} + {{- if .Values.networkPolicy.egressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.egressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-ingress.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-ingress.yaml new file mode 100644 index 0000000..c05c1e6 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/networkpolicy-ingress.yaml @@ -0,0 +1,63 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.ingress.enabled .Values.networkPolicy.metrics.enabled .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-ingress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + ingress: + {{- if and .Values.ingress.enabled .Values.networkPolicy.ingress.enabled (or .Values.networkPolicy.ingress.namespaceSelector .Values.networkPolicy.ingress.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingress.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingress.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.metrics.enabled .Values.networkPolicy.metrics.enabled (or .Values.networkPolicy.metrics.namespaceSelector .Values.networkPolicy.metrics.podSelector) }} + - from: + {{- if .Values.networkPolicy.metrics.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.metrics.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled (or .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/pdb.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/pdb.yaml new file mode 100644 index 0000000..07c3777 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/pdb.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.pdb.minAvailable }} + minAvailable: {{ .Values.pdb.minAvailable }} + {{- end }} + {{- if .Values.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.pdb.maxUnavailable }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/postinit-configmap.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/postinit-configmap.yaml new file mode 100644 index 0000000..48f8b63 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/postinit-configmap.yaml @@ -0,0 +1,46 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if .Values.wordpressConfigureCache }} + {{- $memcachedFullname := include "wordpress.cacheHost" . }} + {{- $memcachedPort := include "wordpress.cachePort" . | int }} + 00-configure-w3-total-cache.sh: |- + #!/bin/bash + + # Add permissions to edit wp-config.php + chmod +w /bitnami/wordpress/wp-config.php + + # Activate W3 Total Cache pairs + wp plugin activate w3-total-cache + wp total-cache fix_environment + + # Choose 'Memcached' as database and object cache method + wp total-cache option set dbcache.engine memcached --type=string + wp total-cache option set objectcache.engine memcached --type=string + wp total-cache flush all + wp total-cache option set dbcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set dbcache.enabled true --type=boolean + wp total-cache option set objectcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set objectcache.enabled true --type=boolean + wp total-cache flush all + + # Revoke permissions to edit wp-config.php + chmod a-w /bitnami/wordpress/wp-config.php + {{- end }} + {{- if .Values.customPostInitScripts }} + {{- include "common.tplvalues.render" (dict "value" .Values.customPostInitScripts "context" $) | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/pvc.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/pvc.yaml new file mode 100644 index 0000000..9d4f62f --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/pvc.yaml @@ -0,0 +1,36 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.persistence.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- if not (empty .Values.persistence.accessModes) }} + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + {{- else }} + - {{ .Values.persistence.accessMode | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }} + {{- if .Values.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} + {{- end -}} + {{- if .Values.persistence.dataSource }} + dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/secrets.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/secrets.yaml new file mode 100644 index 0000000..22e6a04 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/secrets.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if not .Values.existingSecret }} + wordpress-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "wordpress-password" "providedValues" (list "wordpressPassword") "context" $) }} + {{- end }} + {{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }} + {{- if .Values.smtpPassword }} + smtp-password: {{ .Values.smtpPassword | b64enc | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/serviceaccount.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/serviceaccount.yaml new file mode 100644 index 0000000..0ee982a --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "wordpress.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end -}} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/servicemonitor.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/servicemonitor.yaml new file mode 100644 index 0000000..e0aa8a9 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + {{- end }} + endpoints: + - port: metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- if .Values.metrics.serviceMonitor.relabellings }} + metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 8 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: metrics +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/svc.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/svc.yaml new file mode 100644 index 0000000..b8739e1 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/svc.yaml @@ -0,0 +1,59 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.ports.http }} + protocol: TCP + targetPort: http + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + - name: https + port: {{ .Values.service.ports.https }} + protocol: TCP + targetPort: {{ .Values.service.httpsTargetPort }} + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }} + nodePort: {{ .Values.service.nodePorts.https }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/templates/tls-secrets.yaml b/charts/wordpress copie original - no valuesjson/wordpress/templates/tls-secrets.yaml new file mode 100644 index 0000000..728ab58 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/templates/tls-secrets.yaml @@ -0,0 +1,44 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +{{- if .Values.ingress.secrets }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ $.Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.ingress.hostname }} +{{- $ca := genCA "wordpress-ca" 365 }} +{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/charts/wordpress copie original - no valuesjson/wordpress/values.yaml b/charts/wordpress copie original - no valuesjson/wordpress/values.yaml new file mode 100644 index 0000000..eaf34f9 --- /dev/null +++ b/charts/wordpress copie original - no valuesjson/wordpress/values.yaml @@ -0,0 +1,1264 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + ## Compatibility adaptations for Kubernetes platforms + ## + compatibility: + ## Compatibility adaptations for Openshift + ## + openshift: + ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) + ## + adaptSecurityContext: disabled +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "" +## @param commonLabels Labels to add to all deployed resources +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed resources +## +commonAnnotations: {} +## @param clusterDomain Kubernetes Cluster Domain +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] +## Enable diagnostic mode in the deployment +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the deployment + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the deployment + ## + args: + - infinity +## @section WordPress Image parameters +## + +## Bitnami WordPress image +## ref: https://hub.docker.com/r/bitnami/wordpress/tags/ +## @param image.registry [default: REGISTRY_NAME] WordPress image registry +## @param image.repository [default: REPOSITORY_NAME/wordpress] WordPress image repository +## @skip image.tag WordPress image tag (immutable tags are recommended) +## @param image.digest WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag +## @param image.pullPolicy WordPress image pull policy +## @param image.pullSecrets WordPress image pull secrets +## @param image.debug Specify if debug values should be set +## +image: + registry: docker.io + repository: bitnami/wordpress + tag: 6.4.3-debian-12-r20 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Enable debug mode + ## + debug: false +## @section WordPress Configuration parameters +## WordPress settings based on environment variables +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#environment-variables +## + +## @param wordpressUsername WordPress username +## +wordpressUsername: user +## @param wordpressPassword WordPress user password +## Defaults to a random 10-character alphanumeric string if not set +## +wordpressPassword: "" +## @param existingSecret Name of existing secret containing WordPress credentials +## NOTE: Must contain key `wordpress-password` +## NOTE: When it's set, the `wordpressPassword` parameter is ignored +## +existingSecret: "" +## @param wordpressEmail WordPress user email +## +wordpressEmail: user@example.com +## @param wordpressFirstName WordPress user first name +## +wordpressFirstName: FirstName +## @param wordpressLastName WordPress user last name +## +wordpressLastName: LastName +## @param wordpressBlogName Blog name +## +wordpressBlogName: User's Blog! +## @param wordpressTablePrefix Prefix to use for WordPress database tables +## +wordpressTablePrefix: wp_ +## @param wordpressScheme Scheme to use to generate WordPress URLs +## +wordpressScheme: http +## @param wordpressSkipInstall Skip wizard installation +## NOTE: useful if you use an external database that already contains WordPress data +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-docker-container-to-an-existing-database +## +wordpressSkipInstall: false +## @param wordpressExtraConfigContent Add extra content to the default wp-config.php file +## e.g: +## wordpressExtraConfigContent: | +## @ini_set( 'post_max_size', '128M'); +## @ini_set( 'memory_limit', '256M' ); +## +wordpressExtraConfigContent: "" +## @param wordpressConfiguration The content for your custom wp-config.php file (advanced feature) +## NOTE: This will override configuring WordPress based on environment variables (including those set by the chart) +## NOTE: Currently only supported when `wordpressSkipInstall=true` +## +wordpressConfiguration: "" +## @param existingWordPressConfigurationSecret The name of an existing secret with your custom wp-config.php file (advanced feature) +## NOTE: When it's set the `wordpressConfiguration` parameter is ignored +## +existingWordPressConfigurationSecret: "" +## @param wordpressConfigureCache Enable W3 Total Cache plugin and configure cache settings +## NOTE: useful if you deploy Memcached for caching database queries or you use an external cache server +## +wordpressConfigureCache: false +## @param wordpressPlugins Array of plugins to install and activate. Can be specified as `all` or `none`. +## NOTE: If set to all, only plugins that are already installed will be activated, and if set to none, no plugins will be activated +## +wordpressPlugins: none +## @param apacheConfiguration The content for your custom httpd.conf file (advanced feature) +## +apacheConfiguration: "" +## @param existingApacheConfigurationConfigMap The name of an existing secret with your custom httpd.conf file (advanced feature) +## NOTE: When it's set the `apacheConfiguration` parameter is ignored +## +existingApacheConfigurationConfigMap: "" +## @param customPostInitScripts Custom post-init.d user scripts +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress +## NOTE: supported formats are `.sh`, `.sql` or `.php` +## NOTE: scripts are exclusively executed during the 1st boot of the container +## e.g: +## customPostInitScripts: +## enable-multisite.sh: | +## #!/bin/bash +## chmod +w /bitnami/wordpress/wp-config.php +## wp core multisite-install --url=example.com --title="Welcome to the WordPress Multisite" --admin_user="doesntmatternotreallyused" --admin_password="doesntmatternotreallyused" --admin_email="user@example.com" +## cat /docker-entrypoint-init.d/.htaccess > /bitnami/wordpress/.htaccess +## chmod -w bitnami/wordpress/wp-config.php +## .htaccess: | +## RewriteEngine On +## RewriteBase / +## ... +## +customPostInitScripts: {} +## SMTP mail delivery configuration +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress/#smtp-configuration +## @param smtpHost SMTP server host +## @param smtpPort SMTP server port +## @param smtpUser SMTP username +## @param smtpPassword SMTP user password +## @param smtpProtocol SMTP protocol +## +smtpHost: "" +smtpPort: "" +smtpUser: "" +smtpPassword: "" +smtpProtocol: "" +## @param smtpExistingSecret The name of an existing secret with SMTP credentials +## NOTE: Must contain key `smtp-password` +## NOTE: When it's set, the `smtpPassword` parameter is ignored +## +smtpExistingSecret: "" +## @param allowEmptyPassword Allow the container to be started with blank passwords +## +allowEmptyPassword: true +## @param allowOverrideNone Configure Apache to prohibit overriding directives with htaccess files +## +allowOverrideNone: false +## @param overrideDatabaseSettings Allow overriding the database settings persisted in wp-config.php +## +overrideDatabaseSettings: false +## @param htaccessPersistenceEnabled Persist custom changes on htaccess files +## If `allowOverrideNone` is `false`, it will persist `/opt/bitnami/wordpress/wordpress-htaccess.conf` +## If `allowOverrideNone` is `true`, it will persist `/opt/bitnami/wordpress/.htaccess` +## +htaccessPersistenceEnabled: false +## @param customHTAccessCM The name of an existing ConfigMap with custom htaccess rules +## NOTE: Must contain key `wordpress-htaccess.conf` with the file content +## NOTE: Requires setting `allowOverrideNone=false` +## +customHTAccessCM: "" +## @param command Override default container command (useful when using custom images) +## +command: [] +## @param args Override default container args (useful when using custom images) +## +args: [] +## @param extraEnvVars Array with extra environment variables to add to the WordPress container +## e.g: +## extraEnvVars: +## - name: FOO +## value: "bar" +## +extraEnvVars: [] +## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars +## +extraEnvVarsCM: "" +## @param extraEnvVarsSecret Name of existing Secret containing extra env vars +## +extraEnvVarsSecret: "" +## @section WordPress Multisite Configuration parameters +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#multisite-configuration +## + +## @param multisite.enable Whether to enable WordPress Multisite configuration. +## @param multisite.host WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. +## @param multisite.networkType WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. +## @param multisite.enableNipIoRedirect Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. +## +multisite: + enable: false + host: "" + networkType: subdomain + enableNipIoRedirect: false +## @section WordPress deployment parameters +## + +## @param replicaCount Number of WordPress replicas to deploy +## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1 +## +replicaCount: 1 +## @param updateStrategy.type WordPress deployment strategy type +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on multiple pods +## e.g: +## updateStrategy: +## type: RollingUpdate +## rollingUpdate: +## maxSurge: 25% +## maxUnavailable: 25% +## +updateStrategy: + type: RollingUpdate +## @param schedulerName Alternate scheduler +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +schedulerName: "" +## @param terminationGracePeriodSeconds In seconds, time given to the WordPress pod to terminate gracefully +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +## +terminationGracePeriodSeconds: "" +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods +## +topologySpreadConstraints: [] +## @param priorityClassName Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand +## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" +## @param automountServiceAccountToken Mount Service Account token in pod +## +automountServiceAccountToken: false +## @param hostAliases [array] WordPress pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: + ## Required for Apache exporter to work + ## + - ip: "127.0.0.1" + hostnames: + - "status.localhost" +## @param extraVolumes Optionally specify extra list of additional volumes for WordPress pods +## +extraVolumes: [] +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for WordPress container(s) +## +extraVolumeMounts: [] +## @param sidecars Add additional sidecar containers to the WordPress pod +## e.g: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] +## @param initContainers Add additional init containers to the WordPress pods +## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ +## e.g: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## command: ['sh', '-c', 'copy themes and plugins from git and push to /bitnami/wordpress/wp-content. Should work with extraVolumeMounts and extraVolumes'] +## +initContainers: [] +## @param podLabels Extra labels for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param podAnnotations Annotations for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +nodeAffinityPreset: + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set + ## + key: "" + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] +## @param affinity Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} +## @param nodeSelector Node labels for pod assignment +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +## +nodeSelector: {} +## @param tolerations Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] +## WordPress containers' resource requests and limits +## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). +## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 +## +resourcesPreset: "none" +## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) +## Example: +## resources: +## requests: +## cpu: 2 +## memory: 512Mi +## limits: +## cpu: 3 +## memory: 1024Mi +## +resources: {} +## Container ports +## @param containerPorts.http WordPress HTTP container port +## @param containerPorts.https WordPress HTTPS container port +## +containerPorts: + http: 8080 + https: 8443 +## @param extraContainerPorts Optionally specify extra list of additional ports for WordPress container(s) +## e.g: +## extraContainerPorts: +## - name: myservice +## containerPort: 9090 +## +extraContainerPorts: [] +## Configure Pods Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## @param podSecurityContext.enabled Enabled WordPress pods' Security Context +## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy +## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface +## @param podSecurityContext.supplementalGroups Set filesystem extra groups +## @param podSecurityContext.fsGroup Set WordPress pod's Security Context fsGroup +## +podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 +## Configure Container Security Context (only main container) +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## @param containerSecurityContext.enabled Enabled containers' Security Context +## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container +## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser +## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot +## @param containerSecurityContext.privileged Set container's Security Context privileged +## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem +## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation +## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped +## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile +## +containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" +## Configure extra options for WordPress containers' liveness, readiness and startup probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe on WordPress containers +## @skip livenessProbe.httpGet +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe +## +livenessProbe: + enabled: true + httpGet: + path: /wp-admin/install.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param readinessProbe.enabled Enable readinessProbe on WordPress containers +## @skip readinessProbe.httpGet +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## +readinessProbe: + enabled: true + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param startupProbe.enabled Enable startupProbe on WordPress containers +## @skip startupProbe.httpGet +## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe +## @param startupProbe.periodSeconds Period seconds for startupProbe +## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe +## @param startupProbe.failureThreshold Failure threshold for startupProbe +## @param startupProbe.successThreshold Success threshold for startupProbe +## +startupProbe: + enabled: false + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param customLivenessProbe Custom livenessProbe that overrides the default one +## +customLivenessProbe: {} +## @param customReadinessProbe Custom readinessProbe that overrides the default one +## +customReadinessProbe: {} +## @param customStartupProbe Custom startupProbe that overrides the default one +## +customStartupProbe: {} +## @param lifecycleHooks for the WordPress container(s) to automate configuration before or after startup +## +lifecycleHooks: {} +## @section Traffic Exposure Parameters +## + +## WordPress service parameters +## +service: + ## @param service.type WordPress service type + ## + type: LoadBalancer + ## @param service.ports.http WordPress service HTTP port + ## @param service.ports.https WordPress service HTTPS port + ## + ports: + http: 80 + https: 443 + ## @param service.httpsTargetPort Target port for HTTPS + ## + httpsTargetPort: https + ## Node ports to expose + ## @param service.nodePorts.http Node port for HTTP + ## @param service.nodePorts.https Node port for HTTPS + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + https: "" + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## @param service.clusterIP WordPress service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param service.loadBalancerIP WordPress service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges WordPress service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy WordPress service external traffic policy + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Additional custom annotations for WordPress service + ## + annotations: {} + ## @param service.extraPorts Extra port to expose on WordPress service + ## + extraPorts: [] +## Configure the ingress resource that allows you to access the WordPress installation +## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ +## +ingress: + enabled: true + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: mywordpress.lab.groupe-genes.fr + paths: + - path: / + pathType: ImplementationSpecific + ## @param ingress.enabled Enable ingress record generation for WordPress + ## + ## enabled: false + ## @param ingress.pathType Ingress path type + ## + ## pathType: ImplementationSpecific + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references. + ## + ## hostname: wordpress.local + ## @param ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + ## path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + ## annotations: {} + ## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true` + ## + tls: false + ## @param ingress.tlsWwwPrefix Adds www subdomain to default cert + ## Creates tls host with ingress.hostname: {{ print "www.%s" .Values.ingress.hostname }} + ## Is enabled if "nginx.ingress.kubernetes.io/from-to-www-redirect" is "true" + tlsWwwPrefix: false + ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. + ## e.g: + ## extraHosts: + ## - name: wordpress.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - wordpress.local + ## secretName: wordpress.local-tls + ## + extraTls: [] + ## @param ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: wordpress.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: wordpress.local + ## http: + ## path: / + ## backend: + ## service: + ## name: wordpress-svc + ## port: + ## name: http + ## + extraRules: [] +## @section Persistence Parameters +## + +## Persistence Parameters +## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ +## +persistence: + ## @param persistence.enabled Enable persistence using Persistent Volume Claims + ## + enabled: true + ## @param persistence.storageClass Persistent Volume storage class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner + ## + storageClass: "" + ## @param persistence.accessModes [array] Persistent Volume access modes + ## + accessModes: + - ReadWriteOnce + ## @param persistence.accessMode Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) + ## + accessMode: ReadWriteOnce + ## @param persistence.size Persistent Volume size + ## + size: 10Gi + ## @param persistence.dataSource Custom PVC data source + ## + dataSource: {} + ## @param persistence.existingClaim The name of an existing PVC to use for persistence + ## + existingClaim: "" + ## @param persistence.selector Selector to match an existing Persistent Volume for WordPress data PVC + ## If set, the PVC can't have a PV dynamically provisioned for it + ## E.g. + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param persistence.annotations Persistent Volume Claim annotations + ## + annotations: {} +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` + ## + enabled: false + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy + ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets + ## + image: + registry: docker.io + repository: bitnami/os-shell + tag: 12-debian-12-r16 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Init container' Security Context + ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser + ## and not the below volumePermissions.containerSecurityContext.runAsUser + ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## + containerSecurityContext: + seLinuxOptions: null + runAsUser: 0 +## @section Other Parameters +## + +## WordPress Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for WordPress pod + ## + create: true + ## @param serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: false + ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount + ## + annotations: {} +## WordPress Pod Disruption Budget configuration +## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +## @param pdb.create Enable a Pod Disruption Budget creation +## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled +## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable +## +pdb: + create: false + minAvailable: 1 + maxUnavailable: "" +## WordPress Autoscaling configuration +## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +## @param autoscaling.enabled Enable Horizontal POD autoscaling for WordPress +## @param autoscaling.minReplicas Minimum number of WordPress replicas +## @param autoscaling.maxReplicas Maximum number of WordPress replicas +## @param autoscaling.targetCPU Target CPU utilization percentage +## @param autoscaling.targetMemory Target Memory utilization percentage +## +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 11 + targetCPU: 50 + targetMemory: 50 +## @section Metrics Parameters +## + +## Prometheus Exporter / Metrics configuration +## +metrics: + ## @param metrics.enabled Start a sidecar prometheus exporter to expose metrics + ## + enabled: false + ## Bitnami Apache exporter image + ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository + ## @skip metrics.image.tag Apache exporter image tag (immutable tags are recommended) + ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param metrics.image.pullPolicy Apache exporter image pull policy + ## @param metrics.image.pullSecrets Apache exporter image pull secrets + ## + image: + registry: docker.io + repository: bitnami/apache-exporter + tag: 1.0.6-debian-12-r8 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param metrics.containerPorts.metrics Prometheus exporter container port + ## + containerPorts: + metrics: 9117 + ## Configure extra options for Prometheus exporter containers' liveness, readiness and startup probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + ## @param metrics.livenessProbe.enabled Enable livenessProbe on Prometheus exporter containers + ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.readinessProbe.enabled Enable readinessProbe on Prometheus exporter containers + ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.startupProbe.enabled Enable startupProbe on Prometheus exporter containers + ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe + ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + ## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param metrics.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## Prometheus exporter container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context + ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot + ## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged + ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem + ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation + ## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped + ## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + ## Prometheus exporter service parameters + ## + service: + ## @param metrics.service.ports.metrics Prometheus metrics service port + ## + ports: + metrics: 9150 + ## @param metrics.service.annotations [object] Additional custom annotations for Metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.containerPorts.metrics }}" + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator + ## + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + scrapeTimeout: "" + ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus + ## + labels: {} + ## @param metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration + ## + selector: {} + ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping + ## + relabelings: [] + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion + ## + metricRelabelings: [] + ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. + ## + jobLabel: "" +## @section NetworkPolicy parameters +## + +## Add networkpolicies +## +networkPolicy: + ## @param networkPolicy.enabled Enable network policies + ## If ingress.enabled or metrics.enabled are true, configure networkPolicy.ingress and networkPolicy.metrics selectors respectively to allow communication + ## + enabled: false + ## @param networkPolicy.metrics.enabled Enable network policy for metrics (prometheus) + ## @param networkPolicy.metrics.namespaceSelector [object] Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. + ## @param networkPolicy.metrics.podSelector [object] Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. + ## + metrics: + enabled: false + ## e.g: + ## podSelector: + ## label: monitoring + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: monitoring + ## + namespaceSelector: {} + ## @param networkPolicy.ingress.enabled Enable network policy for Ingress Proxies + ## @param networkPolicy.ingress.namespaceSelector [object] Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. + ## @param networkPolicy.ingress.podSelector [object] Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. + ## + ingress: + enabled: false + ## e.g: + ## podSelector: + ## label: ingress + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: ingress + ## + namespaceSelector: {} + ## @param networkPolicy.ingressRules.backendOnlyAccessibleByFrontend Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. + ## @param networkPolicy.ingressRules.customBackendSelector [object] Backend selector labels. These labels will be used to identify the backend pods. + ## @param networkPolicy.ingressRules.accessOnlyFrom.enabled Enable ingress rule that makes testlink only accessible from a particular origin + ## @param networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). + ## @param networkPolicy.ingressRules.accessOnlyFrom.podSelector [object] Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). + ## @param networkPolicy.ingressRules.customRules [object] Custom network policy ingress rule + ## + ingressRules: + ## mariadb backend only can be accessed from testlink + ## + backendOnlyAccessibleByFrontend: false + ## Additional custom backend selector + ## e.g: + ## customBackendSelector: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customBackendSelector: {} + ## Allow only from the indicated: + ## + accessOnlyFrom: + enabled: false + ## e.g: + ## podSelector: + ## label: access + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: access + ## + namespaceSelector: {} + ## custom ingress rules + ## e.g: + ## customRules: + ## - from: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} + ## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). + ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule + ## + egressRules: + # Deny connections to external. This is not compatible with an external database. + denyConnectionsToExternal: false + ## Additional custom egress rules + ## e.g: + ## customRules: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} +## @section Database Parameters +## + +## MariaDB chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml +## +mariadb: + ## @param mariadb.enabled Deploy a MariaDB server to satisfy the applications database requirements + ## To use an external database set this to false and configure the `externalDatabase.*` parameters + ## + enabled: true + ## @param mariadb.architecture MariaDB architecture. Allowed values: `standalone` or `replication` + ## + architecture: standalone + ## MariaDB Authentication parameters + ## @param mariadb.auth.rootPassword MariaDB root password + ## @param mariadb.auth.database MariaDB custom database + ## @param mariadb.auth.username MariaDB custom user name + ## @param mariadb.auth.password MariaDB custom user password + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run + ## + auth: + rootPassword: "" + database: bitnami_wordpress + username: bn_wordpress + password: "" + ## MariaDB Primary configuration + ## + primary: + ## MariaDB Primary Persistence parameters + ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ + ## @param mariadb.primary.persistence.enabled Enable persistence on MariaDB using PVC(s) + ## @param mariadb.primary.persistence.storageClass Persistent Volume storage class + ## @param mariadb.primary.persistence.accessModes [array] Persistent Volume access modes + ## @param mariadb.primary.persistence.size Persistent Volume size + ## + persistence: + enabled: true + storageClass: "" + accessModes: + - ReadWriteOnce + size: 8Gi +## External Database Configuration +## All of these values are only used if `mariadb.enabled=false` +## +externalDatabase: + ## @param externalDatabase.host External Database server host + ## + host: localhost + ## @param externalDatabase.port External Database server port + ## + port: 3306 + ## @param externalDatabase.user External Database username + ## + user: bn_wordpress + ## @param externalDatabase.password External Database user password + ## + password: "" + ## @param externalDatabase.database External Database database name + ## + database: bitnami_wordpress + ## @param externalDatabase.existingSecret The name of an existing secret with database credentials. Evaluated as a template + ## NOTE: Must contain key `mariadb-password` + ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored + ## + existingSecret: "" +## Memcached chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/memcached/values.yaml +## +memcached: + ## @param memcached.enabled Deploy a Memcached server for caching database queries + ## + enabled: false + ## Authentication parameters + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/memcached#creating-the-memcached-admin-user + ## + auth: + ## @param memcached.auth.enabled Enable Memcached authentication + ## + enabled: false + ## @param memcached.auth.username Memcached admin user + ## + username: "" + ## @param memcached.auth.password Memcached admin password + ## + password: "" + ## @param memcached.auth.existingPasswordSecret Existing secret with Memcached credentials (must contain a value for `memcached-password` key) + ## + existingPasswordSecret: "" + ## Service parameters + ## + service: + ## @param memcached.service.port Memcached service port + ## + port: 11211 +## External Memcached Configuration +## All of these values are only used if `memcached.enabled=false` +## +externalCache: + ## @param externalCache.host External cache server host + ## + host: localhost + ## @param externalCache.port External cache server port + ## + port: 11211 diff --git a/charts/wordpress copie original - no valuesjson/wordpress/wordpress-copie-original-nojson-20.1.2.tgz b/charts/wordpress copie original - no valuesjson/wordpress/wordpress-copie-original-nojson-20.1.2.tgz new file mode 100644 index 0000000000000000000000000000000000000000..377eeb825795f25411568184ab563a00b0df916b GIT binary patch literal 146624 zcmV)GK)$~piwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ}bK5wwD7rtpD*pqHGUvsfV@mQzoLSv7d#_`ACa#TbmF;BC zzPVd5L_!kQ6u|*NJDMc#Z-0d^5+Ff}l0TA}HEVYwlR%@{^=fx#?=PUgdXw#+jB!Z+(!XkfRBq^8q+GxmW`L z&)@{H0rCoEu76vvCensS4!Z5!Cuo&zms@I~PAf`h&8Zg|Z!>d$t!zXntM9#Mu#G5|N*YcNgoKP8m42&E{AP!eLq25SKbNfKc$3(U|g6o8^G zO5i9)(HhV==U>(UpeQ8_b2%m?#DiXsq6uc4&V#LPr5B-?uA-|q1sWf_A4?5GieWUW zHmly>L!(=!RRuUCvl&TNhs)taa%TYammr6jH@Piaj1UVcPE|jDAv79_5e1k5K1G5T z;^+kfGr~AXNt(rwf>BH+6P!!{Od>%gjuH-LFo6>^LkV94AdMj(6FTdHA-P3#oW)>{ zIAC~|#%L3u8${(THJ=Sa)qo1P!O0r)zITr`bs2Z6>20`qC8kuTg7^WHeOM zYaz%UrwH`~iq(m~Rxne)yVc!Z``W_!5uSGIe@w#b)!SIG{`dE`_bTiE_U_aA{}@ks zeR_xmXlu9IFF@btBJ7Jc!C%o05*l&FZTxHtzGnL>xZ4~tyeo+ zd$7N~xBc?fX!OHhU+(UpaI63F<>=MkPPp?bigrii5!~Jjx5HQ4FJah6uU@{|TAQE* zQOHp=0G;jr_HNMM3Hm==ZtV?T?hbahyZygzZ|&@D{dMpE?L4C3Sv3D|V4NX#w+%q! z{NH-Hy|r7>|6ld{PxJpVp6B3zq;rZVQ|_$M&(@xUi{at_1aFnv8ypL*29GhK1F%2b zKX`K_6yRrT&(@wl2mgm5skeZimBy1o3TKET%H(JL_E63}rGb}=3}XZt+5`#V2=FQ7 zfKM?4w>XXgxj~fT2uU5TTzeDXB#g62XmGYL+Z4Lo7*8^aBB5(#Ox4#qndEEP@Yru&2l~BG^JjBY_wQ(~zMsMwQYCWuc4hGEKgD~y2UfEO zWR^mXM>xiO4qyaRz2}uZ`g=A)G(jA(T-9eqQ=wf~BH04uS&9-i#ba*DtAB}kt>H*W z?ie`Db@K{c*}?@1Gm82AKx|V!a0Ke*R2JmP)Q4TfbwZFf$}I zGZ0e%;{>dWUC10@(+iFSMxxzB%=j?Q7#FjJ z6_{^qiXjLQSWgj^EsLtf2mu)1!a3X61QBL(2MpFDA|wwm6^gbv8oUXaLTPq_bF3>m{n9Ramii0Y^;my#58Jf;^mvra6XjJTJtk(v-SV zB6P=D9E)FoqnQ{g1lFa{HM=-TJc^`vmTl2gkkP+TsB9AoXEo`qAy!RUAe3YkqFY*v zK!o8WA&lb?%t(ZQ=8!_ZCyMrKnLl39;d z%_=<(C#+|4s07u`HI!fVIxqm|M?W85T%P~q!|DFX(Lc+Ld$l10%k23aXv4FM4eB#qp5DIGk6o5T8IQzxnGKHPc&BDVfaE zXEe$t;37pK9?NB1y-;gBU{jJw3#jOY;yz`ceGToP!mCZKUB;lr{jx#sW`k4-6;3~Gw?zzR*b*c1Sn>*FS7XY_>^!# zDwOaS8lE$Eu5*Fk#iSRJko7{6gec|mho0^|bqLdYo>CMDYNIGnuZn434D0~d&FWUq zQe{<+=YW|G>urEo9Ln0XQPIti&oaivAkAQsNgyFbP^e*=XXWyp!Vq;^_L4((ExV{T zXhBM%An$NbbVl_sNGZO790i6Kdb$DBotQNxU2zMMR(B89Dkr&AEI&mB`7U2O{1Wv* zcS$Llr9Ey@j3Lf(GGSl@8HxZ&07`B!C5cqfZy?123s#l3KD&0oC=Isl=T-xO(}1gu z<`sl~FO{(Z>rB5=wJIeCvVa%Z5HcqIC;@qK}vf;;XR-f+>`Oq+Xl-vL>r|Qy?8uB+Vc&R%3H| zc6l@aCt`Z&^57cH!Bt^ZGd;Yr%KtJ&3BddXQ?gskpsNbnR|WS75rZcQp=x&_)HAya z)8mA3p<0UH z;1>T5sSxS%ofKde&t?pbvslcwImsj{FcF&yG4*4syHm&kj46WA+)N2pqRV|swU8tU z3VBdWIHfBTt4Y8~0F%H>nZTf0rdL4@N5q$>l-L+4A%CEciua>P@2D}$StOt4;d8XZK?g9LBBN;ivI8y&hcQrZ(>R;p#JFOp@<1L%<~mcYP|_BS6LWSc zSyKFzM*~Je{gxq$5d(@{E0WB#MQ@ZU;~8YtfhH+2l)Yeu^(ECWI5F~7b`geLs<&Nm z028?jlFB(o5r7O_!8pDWcwQwWL04U?Rg0PV7l~t zYlmO`Wb@$NW~Mdup<)M>m<|c!#|h>a(hrJ(1BJg>Gy&R7?O|Le^Kfh_l7Q)Ncj5SiSH2N6E8N)Xyo&)p|g_!^ssntM`bW7|>3E}31 zBS+F*UAn~0& zhd}P7A{65rMCbY9RH(`KGlzQ5*^Has+TisZ7hm5H#uZL#nF3S7c)8G!P`8knkL5yQ zyQ2!(TYCqL*|_JW+&#NploC!t604%A{!7uHN->Zn1yC%;_k7g;K=VP!hUb(VPdXXZ)I82LHU>6y zj|OE_|3j^bljU++Z1VOs-~W0@BP7aIuZerABe2DHS!Xa9W_w(Qg^1 zD7V6T==P%;8hddly5u{57HV{U+HE%e#Vj>N*7c4>ZZ9(?Js4ESl|g@_I5&n#lpnpC z`AH|NsTKLXWfSt8umoRPF^-a(_mG;si=?HpZuqy`#X-2MrqpO-b`wSkGY*_Tot@)4)D%Rsg?UcoT^-v*K z`I?Ux?#ZN9sHqh##62n~v}UCD@>9g8YE3e4JbiGWcKrZ_M&qq4J_v5Rnc2A2FU(GY`BK$wvT)wG%*eoN@}KOKx#Q9m%SK}o zM~I5u4$DSrc_ehMc0J;abmF+GK|}#Q#py9QN2;=ixW_}FsQ{=hCAdOt<8j)>L`eH6 zgfs$&rx#uD&XNnpeTpPPCR>2ye9!T7daPCD9LquBQDHe$Oi6LPYSD9004=IH9b9m* zX8Er*Ia5(2@2nh>KM~SB)O|oy6Lo7&^abBQs>5$#Icy> z1?=8)1KjHF1>*W5($zUqN4i&zg&z#xD|1pPuL;T{V9`Nkf0dk&#t5WDX_uUyCnD2%|AU`tF&0(p4mHuQxs(} zqEd$M$I<}EQSrXj2&j{6xnmZ(5e>9kmUXyo=oI9Tl{d_@H3xfc*O_TgHr`2#n?~tFX;-;RK<`R54y3BQz!y zO<@u(M<{3Imvl0X1t~>nCY@CD)Tnf=vOmr^k;3Q#(Hk71{V)`NU6N~*fDL^b_qjj;|Z9M=T#v#v`az7OXs;aWO9>9FwM@lJ<#Wqyz3nO(k8OGp7*Kv>2 zi@9L~_HF~zH^~62w5%(-&F7kPe$}DUR2dhBBNWPgR212*==Ziar%z_P%c%iY-Z2Rg zryZqo60%ve5Lo*lm&`79nhFbOT}$c(lrFaTFWB_OCU_Bq;=dtDAr}hMbql9tTx3VgATcjkwHX3wY>|5W2wqC|PwA(3{o zKT?xP{o$Xo?Z=AT2swyuds+r6F{fSDd#Vw$Iv5Pf4)rOC>Rk387CkGDMuB64=fC(m zR^HjtRg;6EP-gTikji&maIB2RLMy*AAEi-Geywgi$(XA><`f!Zb?XjlZB%p(-C(%^ z>nZI@E?4B>?LKMIT2*-fT2#6^ z00Kp|A0rVe5B>unEdE=#q!W{sI| z_jv!ZvY227g)(}a#K^>jxwL-Y6+3s>#466^5Ebq9%uX|JG-oD{+RI+#H`}Bs3^A=c zNYBD0*HITa6=)|2$t=yJpTE99XI%$y?R)yW=8X$vAAsav0SrSzBYo$PB<7-_kyGoi zB!sl%6HLe^U^D4dHA4~3W}6^}bb>a)NB!@%`mv!c&&9#6vJDyp)N}{y&Kv7`kQ!r3 zqD(T+hOz{o5Q+d!l+z5hgZtD6v>C-@<8^|t2csxe(K7CO$#@7fO4BrVEuUt~WI$}&6zLy9Aa*bU%R2?bLlY!DqH>ST~)^-R6c`q?O1J@-19(d zSH!wv1g%N+=JIlA(Xs57;i=3@wJ$u?pRKtS<$5A255N!oANuAmHUK~D?(S4J%?D29 zrMAto`wRBVrSrdoGOEs|b~e}ckYa$`ZRTJ5f9+el@Dem5#tPSkA&CU{s{7hNU)Wy4 zxLbEk$y~WtJFbts_naXf@F@z)U!;8x24-Jh=)a{~8-24jgcDD)bz4GkDEOkv2PR}euBVqT_B;26mB$PK9>NwIe4smD1f{5S z&V12ugs|yvmDskBFcqBFrNgg0q08BE<7;rVd&*xHVT-ui)-RekyA~irZ*h`+RN{(( zU)5%OGs$9kJoHb=0T)NI5FomgO|(|6=(r(%vS?t`~pt0tw!HZ*7+u@I^|N{bt6RrmFRNk%m9eV zBCk~&)-}QiI2>01C|Jch_V*90RiJJVtRgl+^+AIm=m7lM*?;@CqeQ7gHC;;E3C^>G z;~CP|NINBQssmu8K4YLgr(=AB62#c1>=PD0bwDRbd6w!x6!#!(i}$9aTnO^~;wR zswmS}N}CFQ23eXST2xY=sY)+|iQ2yexqCn|0b;Kgj9?6t5K-kttz*5+;9MR*E8#kY zHz)@wca);2si+*2(T&)6${p5De_L!9Q<5;my7CA(w+D!dMXa41sF<^xvSJaIA|wgJ z5fa<`jvlsg7I!wmDAN(@Fk_jVSU+R_CL86@);&A-LPpp>B?Q*nef7g%cQ!=ZxB3zn z<^Z$g1@GoSjoncGAsTptV5H8f^h>jg`k&w@LT@3BP!ve-`MgB#TqzNBCUr~$DBoH`Y9ZlT!)htxTElB8<*M+Wt-0@(lXEed;N(fZJ;}Gb$hVzG5pP<_^9ncn zTMNdUiM*PNRqJd+-oDB>nZfeC8ttPC2nBG=Q7)g%HqvgS zK*3zQxTJ7A#vwTRm=Y$BP<&S|>~Lnv(YAauL%%P1l<2qRix38gy8Ph!fV?FzdacEX zA6V);Ycn9Fv{6T8&2?E#ohX2m^ay`8uQevP5RX5%e%C7~Q0m0M zZmPMz%BTtUEw5s80B7VysfGsYg;Tg5g}UFxo9a@r)9=@ILBo^c#Mcdd8RK~9nPn#6 z@v&h=)SYw|DZxf!T24RBiY-`ksknNWTTK-)*U5F`4cIIQ)WcE(R0 z>y$m5Yv@g(@+?sf<8pz>mn?UCTWO-G?eXo989|bXzS^l>)N~NSSSaapl1VMe?AdIM zqY~=yPIF$P(K8#9Cf941qvoY{qBzGGkw`dY)p%*Kcc$csur(QA$8ODcxJpEWK=j6 z(kygY!}O(O^(cl?Yz0lIOQDiFd{{7tkRlC1-AywFIdH5S5HCua=JV$(_MylD34W4! zCrl&z!()@Z0jz619f#7bDorwR+wO1od;Q&Bf4hfgVr7z@lvn43^wh)(V2T5r1OrSnrB9`HKO)MrA-Ha-; zaHK5KC5~}`zCrQK0>)504j7&Yf;(iiny~s4k1u3d6Vx}iI>oF}pWre3<@Qzw0N;-y z25xU}t+**NxQGtVgmSaffy9vs=!!MuxRnQG06u+EBM3UTx3}H@Y#u-j`*#bNC84A6=o<5L{FsG2t)doQ6lzUxr#)BGrK@QZC9W zJf*j@!+d8Uk41D>zR!C%g5fpN`IB^a_0~%%XN<);3s=i1i)qG?wd$1jl@ftwGF`^3 zM#eA0OqEG+A9kjEf#or)A@OBw5qRn{mte0t#$tKOlnV0&d22ZxFXIL(>UG1MnpBoJ z$cp?ymgf258qHtGS@psy{z3-_PWApN0mGvc9cI|AE{5ZUIVX&9f*`C>+Nkrx(dqI&2tLJD(`k)bHiI^TTv^L8_E`~-nT5?hBk|Z`a zFvhL`Y=Oe**`)^!fUxMrX1!=N>V%2qq8b>}*GUn#jkX~lLql12W<(S0Qm1Iq;qC8J>=;rP; z)#F)Tto5V(8kBi0U^iiQ06>imk{#svPiD6Osa(ii> z)Hl!(cuW+FqLI=uuJxsC# zKd@Tc{@Z@_x1x&9h|mc-zFM8mCb*sAaB4D9G7!yWI(Z<^MHnUtP9_C7p%bZn;JRh- z+5m*+xfilHmbn+ot;su>`ay}yA*!;DpODCkYgMJKwxQ2N zG0Rq2)XlBSc^t*FBy1SVqH1$%VEyoDczz@V-J#Uyz*PwaL^VphJW{= zBwkzO#lNEg*y{g`>j6cOLv^BwUB0+a$?75+2o zQnV7qLqum-9<;LoP*+YR$;hn?`kX}i60Z*XSBP?5Uu;QakUN>5L2poA6!*RKCDa!( zrxFaO(lt9Kx3;AROqtsTJu8iFEs9P)-L^nY!qsM|&SqKsx5$}Wn>E*; zH`g$TDj^f+Zf)CHbGP=?CpT|ybG}(M16Rm6D=V&+bGFrHn;f|*n+@2%Wc9|2))zHx!-s=o(6>T06h!JG>7bw)Op09J%)Q~1NXEX zuCEcyM`>$$I3LZqML-`td#sQ?g&9Q$^~qn9!usgb38}dKLhnAOuJs`#4H3mSak9gq3Jm|Z|mosS$Uf}j#iZ6YyF#)s*Du4=h&vB^N z4f_4+^~bKZ)M`as{v~=w#=s4BT@8$CQC7n6*ZxeQv>BLlS{Q%xESjBY2%f6SWdGWz(yjMl?%o*IIj8MI$F}U>c1|69U%Zq9;nZ z_6#TcChr6|!3myaGmyv(BfS*S5G7nF=tK{v-0AAGCyL}bsLA#aRX{sQEx-x<*ar9v z&Xs-~A&?c-wb?cr4eSY=bAa6qd6lc0Q$t7TEe35rIXN&$+<}dXxV+;d^eTNL zNc_yi-tTvv>?vo1W)LSzC(}^$U-f`g4g?LN=9;QStAb^$H}X~9fdP2gFJ7D&O|7)R zo*+(f$ZAeDD48KXMH!P<&}6QHUS7qMmTIOxl@>((HfJ4q?+(B`27g*KW2Z#WUg^5_ z0!!0trM_2ED=cqrQW=5+1Hor?G97AbYw{vhV`wVFZed<3VO-yy*Tm#D$l;`>`tnvK z7qYe$`GG%@A<4zaG9US|sydcnV6v56m3>Xq2wL#ht*uu^t8Iv}*4W?@(bn!^obDKJ%}3?sBCj>mqD>2T zing{G{IYS^7DHS<0^4GktHokl40pAtY-YApBeQv28tS5Hz0@Ot zCmI_y=QmiH4ZmmxG_LpMWtvZ%9 zQoJ?K-dpILTw|*XpHtuZy#&&6+xG?2sYl?>VRhWbtD$vd(~VR9+d5<|WcoLKv|2$k zKT!34`2!!LR{QgGc)IxTv`rp^d)e0AC1*k7&iQWH3zh2f zhE~mTuv~BMIp4ujjXy-@gQXByEeFDqGvGe5A+&S|@a$z;`3RW22z8keYH}mA$d1q| zKY}+yf+t5pO_qfEJPEZbk}s}bu5w#(olo%;9nYmLNVP>vPj^-Bc zyBNk+;_7y!H+OEV*(5`kB_Yaht!S_dDPGz@af*<;f%1&SbL(A2z*wX&U7%^vHHswK zGIZs+`mHt&a+<<4jb$cZCigwe1hqB7#%wfK6Ih@u4N~kUHAQLV$r9~N z^{m-P#oOUB(!P$X1kwhj^x5-LKmn3qJEjJCq^jLk;K=8^0o zlyEUIbToR6*^ANv{~{!1#>WQqQfYl(88J&_rzEn&x7jXBwR({2Hc+5yyA8x@+RSpC z%Sv=~;SzkFHLMj(^*$kEST(NxmPt7jY_l4FUq`A)^+pa#Qq!PQH*LO zpn1yS3`(DKQHj(+k=uViVzx+@cU=@+6&>ZBt4M|~iUuWPn8TvEJr;%lIep6!~cT~@3ic9@qnF++)w#c+=cqJ0G>&=H54S4w0}=?EqB1Ck_a zOU5qAkqM2jMLsG^{0Jpj#R8iUc{r^@=$qhR@)nm0#JUO4#}K9JBHH2U1z4By;a~1F z%N(?t$ZXS1&{zETRys9HKNPa{zM$8KO5jiZbMwX>H27;ly$dF!7aTL~`BCrM8fG7{-aPt?mfQ3zAOG zgDX?bkhA;!mG_vYA*`0^Bc$OJa};s`-1N_W*;OlpLcx{3-XuD1 z#b&XA3_wvw<6+v`&-hem9-+RVRO&_r-;7VYln_3IjNK9%<$%OXkm|P$m2*<(?51X# zdEZbqV}k6nN>%Y56rrTOb<;AwcHI)%3mH8>wD;I>b*s;H#AE3VA!rkrMgo!qV@w$j zXlAr*`Lt`XetPBc9G|Oul*uH3fg$TxYE=eIuQvTmU7MYni!c^L73T&9NPY+ALmvE3 z6)^lT0HdV*EiHkwSbj+H4AObsd0nbL7oxXZ&yM})&X+3ptQ`Lj03R!B+`28}|B)m| zUY`lRKUilQ%RpZ?=3iU5tA)L5jdgPnIm<#)3b6?ME(-pDeuXY>hu{PLFnkh-3|sfZ z&seUfxgM7<%LkP;cR!A`(Vro`0!S0L+$hMsBOZgR(u(<`T)D2)8e3khN{ek}Et4U( ztElNUw}>bGOy{*302%(%3N&2@S!$NGkgG}l24H8WzqbIWl;2gLMl=)KYE!-lp@h(L95tu}0-ozEc0A*3i$9+IpJjsyd$ zaO(`fQpg7#`S~Pcx#tkLM)RCG^Y!n_DgVn9B>?jmtO!R~)vxlZ*6CZ}5^E`3PEYgW ztP?Z~VK_z61E{tJv`4u$pDH(_^?Q$knJgbd`y1J5XETG<>*C<-QAQN zgJ`kn3q2=)9l&UY6S?|(7knQzq?%S*%nE`)r#sJOQ16>I09#wzTU+izT2x+nB`r@*?^=2wiqtHm@>^*Yl_2l1 zgesWs`su**EuNY_e|dVo)u)JM9+DKJKpnimI7rC9m~)Xrtd$pC{*f=;M!(EErb-JMr|+1lOfzuMjD_xJYx(%;_N+TH#O=s!r0OHal)q<`t(xvg^N{vgl6 zoBi`kaJqkTB=Zh+4}_M{JvF(7)aUm{=NHFkr*;XG@lX`n9}ay*_S4iZ^=$3??@c_7 zk&x3|rfI&N;#ix5rDB8`7$K=^NR0$V;QQ}IZ7hziQhR)a)anC#hjx=u6zT5B{1a# zAp(GtFwPFfZKtkxrtOZt$~G5X@yBvCjnaOR>@_8kO0)u10J;c`vWbJ9i=BAg5;Km$e~Wno z&VB-yZ;rt5?C@_O2*3!ksQ`Lxa1^|PVrB^U50W|AelbUt6IMQ@B%3IA-!X|} zaw{h5;pv6i(8+^CF&%K?Wb({=@##~AJKZpT9nb||zI5vd-(@#p*Ycj%@DEkuwJ%@v z>5)~Un&uyT`LZGKxy;YU=boO+u6WL?bhnk$B}XY!@i_+`DOGlLQe@uh0yArhCf}XE zm9hphMnWuDrTCVod*j4SkD4DI$fWI(!0Pe_IC%T+;_~SH!}0LP@78BH!Ggm9PB*}F zaF)oBXW~s4yc65`E5rYJZp36vt^m>b%a{x}sJ|&A7z(EZbR6{6R!)p>l>j_u;L8{G z=@USSAj6>7vqs31)~?sFn)$Bi4FJvcI^Z*4SwsLw2m}!H5D$AY?Nx=}#UI~EVhw(5 zVwTT+6Y<1myn zuy3uD^a}=8S)h(pI7bez5rANfZov#E8AnC9O&cUQ9-8!fCTe51u>1ZZ({d=`B&ep8 z6Y#6fQ{}x3>K|Id6Vtg@je?}#K#9p;vWw? zV1bA-BP<#U#)RHN8nqi{b`$p64)vm*E$lk@e-@7F*7mDzzuWI_-JQIx2lYPNERAUr z5u+%la-Myo;vqD8!AGLi~wB(UxZ2s>TymP~L`q)IJxLEG-9 zBA3ft(>lTSC?;l0APMs>H*i{=%(YtcRqt?QjpCHHBw3Ud@_vPjyC6l7!veY7U@5hZ z5oBm@7X;CUM-eRFw#fBusb6c#>llunJF*3FeM+aLkJN*3^^;s3zw^Yka!u=|IzsX; zpzTI!Iyc`Mc4xq%vU-y1dDlph>I___p`PjR!Z}rsM8h1bpTEu)zsP|ob9q9J6#9yT zONI4#+(Ih2fORQ}W1LJb;lxTZEklQ{RMm-3x*CX@^f)bmnJ6T=aYMVDi5Jp3(a9OK z(*d1IL!AxR)*)K_+UB_jf7;uBKTJ`aA}Yh^EZ0V}{daq(zx}dg|K09yzk0I&KF0Iu zQ}6p{YX>BqQ#_e+@c!f$QnU$S5<23KGeO~SiUzC2?jXQ4l{TgB zv$bF3g~~))&>#nUJJP@_*1!;E3;{-F2>d-a5^7TvMscJL*ko`clc*dsus%}$n%Zn7 z&oEOIZgfp=grrdkJ8c1Ld|Zl!ET|JpYQ>9CijoK=;oPdDrIR#KpUO8K4Y;G<<^tS^ zReklr5l?}=E(Cvc%I0UD_fJ~`x|X{6iET^zo+F;o#9Ta0k!?9ti3MMMxdQ%6eiybfXW1AyfV?dbLoc46wlFL}P}V4d_xlIkxHIJ~InF|Q_E|&Z_HLc0 z@p7P?^{h1fHf%S(OS_%?XQe?1-9h}svx{sz#vef^=y=H8NPC(|3nVnQ9Cek;3Yuh+ zIk-8?O3svx!y^G4ScBvakYLh^70RI~SWgIFiuxPCCbsP4l5}x+QX3Oo)>MDZVA|Y$ zbpqVYOE2b7)tb{Q^~VWJm*mh!P^~#sCn5O*F{*FC+6|M%tTUL_b1JM-*3YI*LvSx_ zYVLZx(MPh){WSi>qO_k4%NOx%6!93K-zp`Y>ueqCVp=D!?BObXgTrQ|rhQ)WjYoc_- zR$#o`fYol*m4zFY+{)!3yJz1~br@Kj1rC1npAcGgTqixt-Ky-p=c8cvKbds;tK}X$Qu}|FP+w{kJZ;rJ7acB(a2ivpEbb6 zV^G)MRA5)U^T`>vm2PPRYIpn2u%}!(4%{K5=0&Y>!3*t@hkD-JH$K>`*=ejy2391Z8xoXo;=;$(emt+7bFv{{=$hWZQrx^!MKuXCJk8qxK zOJ2spRK*}x?!*O9F}|#8;u*;!;4y+cqi9nBRN;y(P`Ysoq8`~w@72B6HscBw3~Rn) zUt$~!VOg1(_CzXe&Nk${T}QK&&zsFI8w*Q``LVc^!E>WJeeHNgl1cQfHfOu)Oftb8 zb6GHw5zbOdZp`%;9mXmu2b|&cv8=jHfvz?|s%`_Kgk@B^hnn^z+;zx-D8M&L4yHN^ zm2qK|PUjv1|9JTN!^P40`=j#@Z_X|*>kAu%M1|A+lcV~QVni&k!?W|tyECWMv6taY zz23Gywm_-{mu<_thepON_B^%xSnL!$j3}GRxzOxa)b;Tj48bou;F53{Yg!nEq0Eh{ zqPvljP#qpl2+eD0ev0ZC*vGu~t#);z z$AYqZSlOTa7a%@^-!j6DnKRGn<1sz!nCvS0C5;MKFP*MeezrVTWG$WO#WFVo-;Mv0 zAxPETx00HvVs_@Tw&ro*wU1X@XoI4;xsZ>evq$vb{Bd`>pTTHv7bRikGQ`)OKY#S6 zz5G`(G-fDSPWUgB|1Y;+R^2`|52WMmH)OR_uQ~^^N1GgR8%u}medk(m=~#A z2HM==dlKglCC*uj!hw1DT}mR|&B2ci7|js1{he>L$$lL;p1%b!FCp!lT3uiqmzW#S z+>T-1G?Z4ky3w>cS4W^d{}^Ve*tlPC3OSn04Wjx_g%&6OfU~%+M)MHl?b&;Km~p~F z7~^D8Ivdp9P|R6!^~(e4+U#q>tO16u_EZGmUZzV60{>vSZ|P237V?xtHXGO7yIoQ> z)$w&biC-%NT|%Jj9I>iHLJ4e5Fs2_W?G>Zv#nwuH_7GUtfWIsDD~%oi;S`0}EStGo zSZ4uQmm3Q3UH4M+diOPCXbAZfbUZuX&Iag$&wx$g_RBq%%@%Z^{3aKi6*@QFtLS>9 zjbzV^lbM*j7ml<3CAmh4Gtrw0RwtLKRGnjVB~93_V|&7hZQHhuiEZ1S*tTukJDy}> zn-kl~K6$@`wa(wFUe(>zPZ#g|Dt7Xi>oIH=)B7pA zQ3FDa1=0)O6r*3rg2ivwqEYG9UAKAvbh2;iDRt*1oq~mBifPZ) z?#EG}yOf6p)X1@rHwx#R-_iuNk@6napD}COQB^-bZPuFKBlg?#!;|t1N18VMZ}mQ% zGKKUZlbb5H#m%~iEpxXDTJppPNhyp3G#M%`dXA$<-BL>D`E<3-`uZL{KQb)j`BS1L zc>3}VDSi448Q&TeA4Qn2!1%$^23*B^X;+9Rf>>@C!(XVBGxd`q1f}*oXqLRJS;(5J zJ{K(C*ZIl;)To-7Av+gGM0784Ey|C&NwQn?M&+PKhyuJ8&1zw>^#&#S|C(@xbB+Clm)-7=ot&Joxr0Jf4a?_K|kq0XkMs&X@Bz#X>)B zZ8pWUvfQB$|6jQut?sS(_wMIAkI0XOBz6S8WjhDJHl%DaNSNL)** zu+yF*hz}Qp;fbr$YWK%!g7MO(8f;4jyb4;FVmhN+;{!C*Tx9|^*}~L!LIwViP$f?` zH@vU7*L9WO^09}SSs zE+ag~g_j*OumAN}_dU(g>zH%n5AXTt( zfy&~6)`?|cXS3El5#E)-RX_*dI};yIKUdqP*_QGt6&tsVXSs~pwfiWWTT_64Pr%E% z+h}b}qs5ZjfuSoFOPZCXr@Q~_-ow_!dGUSf`obD?nxU!i@X9-uWL@zGi=8#^8jW3F zw^n1m^>vdYD%_f&LC%red1dk5K9ZcJueH z@a-$cota-9uB;9W&&Wt4@y*{$RwrY>B?%Q~6>!&eTh4ei_t%S^T)Tj8m&!r0Y44Kd z(A9g!487VD?eQ)CD+HA*4zvFH?lAgercH+^x|4Otv+@2sU-{%ZUFci?y<)##yM{V@taeIxH6FjJ z;FbULHga}(zQcOmU0ojC0&dOl$Ho=tf>Xh@3+&YAQVV(4ktOH;em_T4>iy+!&h+$Q z_byHUnKM~hH%SDBtEeFsIqh9XZ`aqUwbva%-7k|><4G)2MU;N>hd1Xu2G-l!KH6h$ zegc0kfpmG-1-9`@Cka*@>f%boAhZUgzwal;iT zW#JX)L5V$7+n`m2@z5p?rQhm&plb87K~O7+!m@_8`|QQ-F9_{h)w{XJ9hH&{34AT| zI^}@$JxUoaSm~ZXv=fVT3up^^bW7;trh^Pz-$OtshN-JP6K)&UyoQNvl!>CvAK4~c zxY(iM!(;v$JmpR94{gwn+T4agmD9cZ@H)I4&r`gto02bXWgiUFR0hHvHP(R^quy|V zr6@S|6~aQ*zHzrp9t!rbpC4S3ZBHROLHg#m87h#Gy2rtjXJQhsu$Oc zw`l$5gM3=g8%NL>-DlsLb8$99X_%yT0wd93Z&-1ED*G8Mk2lCFya?;VrgPB$!Nz z>e<4&97P*1AWCmynO?!i7Em#6KoxtRu zW9W~nlH;r~`^s~y<460SMzfkc4t8EPLMxm zZNIJ4GZ`uaOm#%b)M^9n=ckPHM%wMWOVyXxC$NvdzC#ekzEI`M#~455iP@0szzBzlVNILz+zJFIoDrke(U(FnX)Q5L3u5=Ys}+ z)|F~|dzK2p4)$u1+2yyl+BCG6`wMwNq8+=F<*Na4VS6xPN1~J6Fo}4(QP1TmkP|Mj z@1V6@c63}kWQn}*@bSxCTff-XY#$d5e2(CAoj~4vy1Q#7ZVF?#;SsrCy&NL3a7N@rn>-^uaUdq%biZ#xy)QsUV{fMdANh zm4hrjZU9j1k83p<4LBBxY0xJrPLrtg&=)}idmuC^DnhXLo1Vp~w$(#sRvR8;(pm>k zN|WN-*FUEoK!0Z-4U}uh#_V`|1jt5#yZ$pfvKe#eJzo&`a!4Fgk{mLzI{;yf0rovt zp#wcU&X=xKKX%4E1^9(NJQ_9DSGcEMWot86Qf%+_i-sAq{qCvRK2{>h={Rh_9n*$( zSWF?K72G`aJ^-n6j;xS?yW>8(Z%6ft4VzoLbj?|J-8mV`puPdKUP-my!NI zWSrlBfzG_r@_27%^I|Y{&G({*Ka*;8d?!>TdWg}13TQ|N#F0;K?-2q=@h_NeeS8RA zcqOt@luuz1KC%=ff$Be^0?T|b-F%t8#W{>&!GHc~;Hbj;>*`ihnOIYA^p;5sFYYHf zQd&w_q89Lh$P^2#jNy-Z8^sCIbtgDkpghu+VTGG>Mi3-u!%>6f0=LiXuOa+q^(S%S z&uv4alpPU8;kG_;#r7b254cAAWw$HIW7`8-p(xbXnSH2bwB)(3_@Be1_9=E5fm>Xj z(8C_p@wyr2J68>B{O{f-$ABX9fv?_&N%9B5nFXrxS*^6ckXY-$Hjk-SLJxy0zJCGn zw|t>rC$bC1ai=x5^sE^S-sLyNi z*6V94MxYZ*BCD4d?f}?pe|z(1lP&Q4y3aca_+8@R*N)?Kl}~_bKZD?5zP|D^G3ST11A0jAf~j}@|*)jpq)5? zDOD?N@*R9k!>rgf!#*9fJE-+s#{*}6>zk4#!7c#~?jVD$c!3}sG(A@)LQ(4E_j=8z z>2p{bZETS$BH)G}dlot*sj#P%^3)NVqN~8~X5H+$}m=|$=Q?ma=MIfe5&eEvtuGH*iGFQFPS!Lv^3 zV~2XFLj-Rj0P?^(GK{4Daz289$7q1p2x2MA|ClI7FeG68x2!USLtOL$LE#vD%Kb(! z8iN&`(#oZ-+@@I<8#`$czJCjuM@Dt$o3hm#gNW#*i}tl+ttj(j`;UI(q{v}Re)(Ac z=62OU8LsoAKGyV2VfAxor;2geMZU2S2>pC!+t}V%@CVk< z7K6F}V6Xz$Y5?wR|4YB@-|*Q`JORev{TBmR^#wDzs%JR#(>*_rSp?n!5isNSs@-hVbQNaqs7If0bVWfsvDkh*N|V9r8=~)H&;=Iu)d0kw>#-aUX+7$@i@~ z=4VUMi8{QsW|W*PDc&mszoSy>m$-1pmyP|>KdHB37^fOju`z&)I(&h&O7xeM-u5fz#;#4W4M9 z1r7SVyMXspvn$%b%Z0psg0^KB1zrA{KJ$y%*k2>!RKYTsm!sim2 zk3qFCj5Kj_QpOW%8qA^M$Vj4?3ydaZR4Y!LsE`!rjv=89BK@mX_+Li)o*rDb23+mp z5P``ubxsrUSYa3iTa_Z!uRe^Dh?hD#XCHftM!{Ncp9Z72j)QMN>vJ=+&wxi);ImVn zgWV_NJHnf6sv@S2ZG~D%Q8U@Mre>mMobb!;6zb;^<Cf9cPG2U7~ zH7ITBv z%Q_G_ak+4P(paYC*!{zC$OvzI|C@ONhQkj;&RlkeSW}ZjeTBP_M3q9#H5w%w`U5mW#B$gDg;k8Uy7pY$9u#9X_X`I2v$IS@kGpM z-V1K>aSQ%Gpd`2=D;>TJv>_BvCu6ENFd--s{B%7X#EDY_szV{rEMfuj#CAjyH}3%y z=sBsxALKuBB4mDY!GH-U&c(;5=Ez|RDp_9x z{!wjl%@)Ax-g3rvn`RGMZ|GP1L$AR--8`_Zt&Qd>zx*XW{+_P|7|&>znk-k#@tlIc z>~kt>r@n*=%%u}bOR`J8vDx|1BS?36TCV3g<|a;j+W#~)<4lsC{>Wvpw$u8%^&-iR zQIjk^7!>Q&NAv6(+!bRl4*n--_>Qd_jzB%gAWD^e6gDjRZQ2O|cx6+_=lD~OGp5kh zQ#HgK^z5Y|P{dnuEu1%Lbj_; zBrlsxzP&~UwyXftO1LTcAC@^(H3T zVE1Lb1<5MTA*ATNoIDL`LD5a&dc3#=No_Tw8HU%Hws8i0iaiK>fq%PZV#>exq7;lA z&PK`yYyy@oG9L{j=!1=};WHJ`L*Fj-8hCXfa0K+sIVrpZy0sU}G@>Z7X)cAqE$RMFmgXcwN2Rv$ zPE8dJ>D-YofZe&$=D~cRsMIzo@r=9vwor7x$w2Fj-9JVk_^O9sh0h(C)EIvBO*h zCfU;fxhXp3f3c1MceUq-9$3`F3X#>I=Ecg%Q%E-hQdON2=hE zwd!1@Fmj)vdBD@i^-k&5X9PfORpPcN8ix><3^|mkg}o(=o2T-+n_`b6&(ljG z#O4n1bzM_dcAO;t+V^iIB~$*1cl7=8Mp^$cO)QOrZ@|LY##W9>R<@pq{);M`9JgZr z(vgMZJxfGU8bccsbqJ!)f(pJXr-HAIK>N{@`KTP5&{9w=B5zIO>+xmluf`gWF@%2~ zp3!1u?Y(5INDoVw;rtwr6RcGs&1#bf$YihwER3pKU%sDvCbaPeUiYsF;98{IYHbQZ ziNEgRk_N%LMYey{yD zQI?~V(Ju>t^->KduyY;l_^r!BkNC#?k1Gb;$?GpFD92Vomp>YO=4l&P@!Fhh)mjl1 zhLtGJYA*!T6-Aru^FJ@yv$}Ueh#c(k8=p9AgmALanTR`SLgs%K4}4rK^?=KNsb>S^%zhygrlyb6pufdtMtr{G(YaJ2{c4X;3j zCWLf&2z`yrAVe1O)0Hygc~P+H$Lw-f@s5?^XL5g*g7;njE4+L116?2~w!Q^5_5pUI zh0Tt~njOs-&Y;aLa(-n0m!R?&e@TWZ0v;hjz+2Eqh` z46q@lJUzn~&MDo1!vyz7@^87^=l~>{oIzq>>7yb^#PO#=@<|+JE%AB{4JELlsim8- zRhXhCOi2zSl_rnSvK0i*}{G0PHW)94>9MQFhjWa1NXFl7Rv|PqvXQRF_oD@ zVb6wYkcXvp!N7@#sEV{=rZGb>VHuQSgOftA#*JzBz>aE@sGbgBZx*2r>&moQ*!1UZ z5qXEq(GwjM1psyPo%6osM&G_k5(@eBzZ2mlGcJy=PXYLO(L0)&n#9uBk#o)Ljn-h9 zlvHtpwggJ0OyFqy!u67K5UdI(gBqM9d+bFbw+lv8L)0ZX7=u(~x}ab5#4EwRIpf>f zVv0gC(kT=ApAL@FC%c-hk zA`LR2P)0QUN9+AIxh!?y;}VHj$sH%VzGV-BNBzznHe!KlN3*Q?KF`&5MYuJh)WIDu~}IB{XH#uV+a z$SIRi8Y}!!Q>g6`k47uX7@$EOD+ZlDgdj0_Z8W6RimB3VmgS!mJ=rW(gc^t1RUH?G z`N1R-TuVB*O*0}JcjbUnq@}155)O8$mLe01=a^Aex`*k|h1&JcPRd$q1Qov}6a@#I z`DIsVa4gaY*__KqDzPLV9dBO`1damy*Vbh&5bc^QCHD$>tM9|*gIV(Wzi6A&N zGp;S=oJqD_{Yv$Z;){(%CJUzyuF#ELOQ9>5@YC1V$?Gc~x%{0{viH7tZw+vJl=<3C zv-$<404oW8gParuL5*p+7U49_8b@Yrg&@k7N`nrrsQ|9&3{x-jN4L^mSZEGg8AmAa z2NNZZI%#p2{b2)yu(AyHap+9B|TJlL! z^1;9@bwEt$!cp9deP%kVSgg>LIWN)pr}ja!tw_qmzfDN6vwBgfJp|aiuamcXHlPVO zQ|d1T0w*eA4PQ43Yl0U#Fl7mh4H89I#EOf(xxf<%I_V#5j%=O#!P&+xedTXIP4+tapK(OvfoZht@zM7<&~a>7=0k}a z^n2-8Ejn7Q1)6k1Zt11ylU<9_{*syBvqD*PY5oEsq9djiRLn_=v%`G(L2N(&365Ao zR`VGGycK6z;ziBabu_JK{{mRKgimyo4Co2m_|=h1`JkKJ8zcDmpYMF3G;`x{qR%W5 zo4GW~v1+^qCW}+!lbc|wNfE!HTd;vCL*<~lN3RHV{-5O@Ev`A`A=pijq>vYLT@6*z z^z9L!P--{rZf&=_TW`q%k1nzm90?|wfkxZp)H18+@m^RGOh;H$(-n6^2dAX{VEKc6 zo{W#U$Np?OrhUyV?$kMf-$3H54TKC#lM=QH)&+|HA4uGy0%e(Y(d>aRC;xbFA=9L0 zt!r}b5!128E)|`$IP;2bM3chfOuML2OGrrA#DI-9N=9%t?Eqpp3af>MyT?6HhJ^i$ zRnRZhE&-sIVer)}cB?g_Z^7#ypMnE&V-p0R`<>?myT7T^XY7_4TaqN3=XS$Jq zF*e_$l>UT97l4{H@e%guEgnip(Q_08lYoxlCuTGv_sG1C#@eF8Vv&hZs&dmDs@Zz6 zGv(Q;#TSEH3n2(4h=lV2y}OmnP(-Jd2sQ)10#vS|f%RM?(rdk(*ZVGT+o?)iQaVqR z1nO;)!NIA){REl^CQ?+ebK?#b8Hor`?f{7jl-bcQs~GUI zz&t2a84hRHQ6}?c)2E{1Js4LcHYtTDX>uiM+pREWN(15aLWSP|m{NTC5@3FBz_tCR z1ls7{=f=q)@2Fc}$f8B93HrN;i(Re#7( z*sgq$?V26spDk9aXd)#l^eVWpF16s0|$$t#*;rU8Xty+*Cu2)i?3pRe!I>}u4N}JwS|hq7cmb%RSUD#Uqg=k z{N*MHZ7d`i3Qr3WMO3w7KCF8{y>HUf*xMZ6c;ZFCvxJrzgqVC6bGTC4HW8_%={ssK zz7{`F4Ckf&8^DDqim|I6DgOGi@~6$z*#5)~{SRk0w8$@8luO}0D6xZ^Zd(-iq++Cz zK!o|kVtBwvxhNOf0Ir|Dknglghe>!7lq^^ykvtp`rq@ZL%}IYP^=sd%H95TAfVH>5 zbW4+gJc#@G)Iyn>9c}s$`Gy*&F4E{*Q#TERwhYS}43jCE;5L2(3p9&&L3VnReSnoQ zM5$6M=Mz`0&A0)}>Sw6XG$_&uQxHy|b_~8E6XH22tzpdgvivQ}52m%PfPd#=m7q`2 zfqt?-kQl1e2U0)waaRMh+WCKeO zG7h0;xgUVQb4^fp;#tJ<-BqpdOQ=fD<58{?=~Qk$n6)ty5k)W*V7JP$&cMtkbLAk` zIESYl$Pa{ADKRuE5;M?`+l$BGq8F&gF_970*VR|@*w$eYjL}0ISNVW3>4a`GeS`$K zfl08oafZW6b=YOnqq;O+TSBNHfz_WD9D~jt*PS#XyDIAl4V}JplozsgiCxngMAC5J z_0Sl)%8&~*NOg{f$smZZm{uZHwdaUj{iP{*ff58%10;Vwoz&1k3=y^PR>hghtj94p zqZ$#=r%L~USxxFG`_=m;bD@H|}F?Gg;h>=fXsXjJ}&&_UA-nQ0@66Dmlp- z5)vgN9mpiU?f+?cZ?2bL{s;yebOC$=U6u^cmsGzGGrmC#<; zXg)9lQqv@(32VW5Diw>x%COE>Gz6dW_pqyOF8wn~;HQ>Kw++azvaTJ7hRid6)CRN4_gIjHN~~irb7wX> z@G^=({8|14HWMrm--D2Gyn$V?J5RLee>IT3!oQnxIrwdG={%c%j6f>XY^)KD%$4e0 zb{1?E^hwQI&oDx>JqtR>?hm>fic_o9VB1%rag>46!~kTBnF?SN=V5EkjK5KOONA

==Pd6EY@{KBY?sF7!U{sn{+=8$0bBdH-I= zj@*vX$f8Cc@0vcbf-|xIea8Cz_jN9t=dvj7rB+Ct)`GkgibL80j8|48Ya^bUwOO+% z4!3$6{Fua?{m3*UoJLLlHQAbL&{gw@M8)cPVI&{@pOw*oDOP)sHHV?&09Rby_JJu> zpoDVhk%|Rcxg2BH5Ujf79G#!k63#In*TmHQ9$?yWXXZQeMPVfWD==Iy*ENAM&OpK5Z&b+0je1HC|E$%Bmc!U1DG9zXi z4K`?CkTfmr%I`e!gCiF~Dha+*yo+>2^^}^Avtp;ZWw6{S5Rw}U7Soh1%-84s#znPP zw)0BVsjvKQv)~ISq@a!v^oO61%<~wTlxWhT{*l^)8@9;LU&0BWAKMm=ii%-v6)2=q zEQP34$UEe#l;vcFbX=4I(ZM<l83AnC>f+A@dxmJwDN6eYEx49|ZX)wqZ-QCvc?T!Zz{nE^jCMdWgnp!8pek9*eKCuf9E&Kzch z%P1iryISX9Not@M_%LoCjSnIc27HSqdm$}_!s&=jye#|2%F~R^)vv005&cNBGe#bz z0)ipb-iuICrd7RYF2vS-0UcZj)W;=3|Arq@Pe>f~0@VqhA%VU8t-oO7K4}&!sLk#F zc55A>!Ey;D#vp-l^yME5!BG@)8|u&!(Qv2nX%Y<2%x^zxOj~Ye=8Sl<>!85 z3*7&OJ?w)=!7u9bT9Zs6_59UV*jT7^+{B#c_USvTSQ`wDPI^i*J{J)QVJGN!v58HT zldl#-3@=4M>mrZLc}fp2m1x?+eOqZ%mS#+Y;v#Kc9`H8;bUT`1LM@C1K7bFG{+S=J z!5>W|L4Q)S&>Dh`k9=$Dq)J=Ix{7r=rLj@jz|7ZJu0bOm#SDp^z2Qp_P+K?1n^%p- z9u!HUD;Tj9P5nGo49qyIH9aWIwr1WHl+e|TrYrgRE+7krUob=RBh~(JnT7$TG(y}I zU!2SMJVMbCyRH}(){;kCl2}2)6yI+VxTOTtTF@-I1G4I;ffi`5Szo1xN-;^HpW?-8 zyU(!KPrkMVW{Af@h>v`vp)qt!1`AWF5f+2NOv-m~wT@HhWxZG~G{C;nF+%-F*T8l_AAPUP%IrE+KC|TfO#~-_^nz?->=r z9Wa@Z7_qj#PDdJkI*tgTjp>`x-m=Asj+4fS7UU+yI|mt~2Y_~Y z>1b3zq87K$<3&x}rl0go8_31gk9}?y_}6b-{y|y!qwP5A%L@LIY}#Xqd0#7zKv{2< z;;)v}nE)%JGX2WjBPquo=(@F(Hy!_$C>bnb_=Y#K%IAp@m)A)ujM2IpPw1M|?uEG{ z!_?kR$73R=#%%Czgc0B*=zr76@Icp>x*w`Pmk={)TLx;}6i?`x2QS#Vjr52v>UhHd zSMEI5-&)kUlVD6E_>}`w;e#oOu&SW&XOhr`@HY=Z2dMFxz*i1cg+HcbOuPw#mkRZs zenNv>eW!Bg)f!5tU5j9fEso$9zA54On)}O}+qnT``X|o*`tur@fPBWH)7DfO6ne3s zMC02VtAg+L_jj|fB0CN3QBgLepdc#IBqPbmr?3?|Ca7^U;CU9h`ZZESGdyG>NV+If z%J=;{LIU<^(e|xsWzP|Ll>aCZZQ#smG;|(1Jwgyvj@i1>qWAC_@4xEz@#Lj6?OK_L z2^Q?CKdb8gqQN5MkC&76a3WXAYX9Xosl9{E3XCuzMz$%ST}E8tkG&Ek0cp zox-2FP!W67BQ&$3)1B5&l)`du50Q(?|BQ_%WJ*8U6; zv^n`bJyBVtR#l3OA`rxdY=GZtH_Wx7v5z4}8g&J*Y9+~z3&1zNoS4mQ)LsMxgU%z#~<2y#2yT%+~9qL?3 z;f6DN6lOM83{dMuCYZjZD-WK=Soz5e2{@8AHb*j^$<8Ld`eqWZ%z2tbhK8OLjc*efJTqu*Mo!IdwAW2OP06%YO`dRBZ8 z&wQY=n!}LicY;c}k*Um5ZUmPrnZs-WWhv2B)dI>IT&v5dyY<#+>iS*PD+thxP7$Pn z*9J-Xdb;N^dhEQ8Lth_Aqq{PC%@pj-v`uwgYqH>-E^PdM#HpbQQ<6@`^KKE7!Vi`zTX+oL-Rk4pn6|Oy}A?n7hi{ zLWi_)>0$QAlvBu?cYMmTs=a#$hk-;~^{Lom2Zv^OCQ$TG9gb!YcH|@qLox~^M4n;9 z_=4J=$gc3oVKB#U7Av;k(C&LZV4^*oa;dc88OyfxpE~%4ufZ6bWW1378Fcuod81Pfma)Yv7KWF2z zS@tpXPP;iWO1dMN`t#5BWAg#aS9FL|nMTfc3aMt^V<^7y=A4NX(s}~Q?k|w;mZ{Q03J9A|{tOH=x=h@+lm8}O0&yq?s>N`htKA7>x znMPriBIT8lU@D#h66ds4G9PeIxOgnIJV`)mLHH<=KFcDlWbI{h^cm9D5x6@n5~06n z_lif_2|VYQ1?;^m73tiv|ME|*0u|I94^zl~z!6|JGaSnFZoG513xu(NX8xQtmP6@| zlbTna0ClS^U3i9(K`YEquAmKlM^y-KhHFxtdXQl;eSG7Dbgitp10U3@Hjd3 zl^a6&#Q&tSlme(>$V(ib`{Zm`c$O5oer!#=0@h}M{ys0q9U{tAk`~ik>Sl5_KKVfk z_m3gd_dx_gC;z(dlcPO;7UGX?=o%LYLg#|wCq^Z8zHZyhRrX1+1?T$3mPf?jjy}x@ zjOLwqowAW-{6J?GP9dMsAE+Va5zC2ibMvwG1r`zpNh1I5o`juEy>L5?SzxM>O3%9P z#mv1sFHhrh`}*#WDTmwTgl6uI-4Ba;?6z3fXpIA((0$|rr-4=cyx&U$pwa{<$poG>hfc|Fd) zM$T^^`Ip~~eijV&v-K7JX2s5>ioMl}^&ARHVaosXC5#`H;G{1|V6=aQALP{J}uL4$?-deDLi>z+WDh+ICMp{1< z1|#rw63l-uzwuJanjGCpYQv4o{7NDnTp`10oC?=^Ip!cjxJMG+wH6@5lU(bm6jfRc z^veb#B4YH9>!pye(4t^tk?NTck3d}FI2|m-DE~o-E5-HyNFJd~O!!HLTSXFOxUy@K z77i){<5`>Wb{+&DhE(HGFhCd(;|R`W{}=b85f=RipE!6h1s4(3pDy>papm$7)~kaA ziQ?BM{BDw+=Fl$&fKY_OPOpdplc5H+Y+5*lkR=8AJ|3Q8;)cSR;H<)9tV#Zk5SHLg8w4ZV6X0zmzk% z&$ifQbFgFQn5?=(X9f+H+wbIA&2ZQ`W7DbmFAC0bALMF`Z&T`i&iUCZ0mbXvd2vCx z5g1xEhUKOO5W8~zmDsFL59}J$SBTywT5K8-EKpUp8?<0y>>>0Txc$J=0xyiUw#qqmw{Q#$9D!%yhDV zM;SuENgVbEd>RC`fX87-z~DOZ_qFHC2EF4_x7s;Sz_TT(s9Cu&>xD9~kbtcwa=^(q z$?SZYlUg9!q`_%3l6RamT8R1&U^G{)uhXw(!WMz!ng2}{I(O3;Yb8u{dR7pROS0|c zsOeMjUVC$Bol9U0|4vP&{!&tSIQnsb1wh$MS#+W5jp3qt66<1eGw;rkVDzu{GpmH%T|IOK zavVQd(V=o(6sfF*P$*hKe<88WH*FFqVGmyR7T0M%JP}Xfepsk;0e>O2&AaamKfD7_ z#L9wDAK{@UG8)cP_9GPYgq6|(I=G<|^Xq{XrAP<*+r05oNOytDcX&PoV*ljk86{WQ+&Eh0 zj6$~Zb$14tmj81_-mlH2BW4)b6B9mGpQ5PA5DftK9vX{gYglyl!?lGNKx~zPK$~M0 zP)rPmU6M#NfsyCM)FVvUg)s!C7hfqjvswtpM1Ue5N~TpJFlpj>6(h{<;D^Pz@>^Y< zSA#25%IoE)a$L&eC9HtQs9^+jNn1n|{zxL(8F+3dvSeEXss$j|ZW0eNB^&)cq;d+I z5a41VJx``=p^#mOip6yY%VO{|M_}$`23rn>C{UtUTL9joDzyq6P6TYsi7OSj>xuR| zG<)b+gG?~h;x?lU3~FiCg7wz3xV87#vt%yfhSG(h4;N~T&UoT{ZTbeP^2}ZJu*Kb4 zOj->ph*n1my`rWx9@yC|@Is3VB4K_%Xsm!=AfDVMag;h<)l*IOS4%JOYZB^A_9u7Z zZM@Wx6;-r4W^}ulZu6mvIKZ5(B~%wPpFbO*$D*`F@i@dUP|Bx~*lpX+U|!^-JU9JN zcqWGKa&dUlWOy8P)+x7_VlhKmy~d&UG*`Q(dx84sTNdXY!iJp86Y^PBktbZst`O5? z-tz0$AS+Q~LX+@amF@m)Gt#-1Iy0rlqpmULbe=ds*ZAhP=aCLCm)%^LRD;)t;U4}K zlc&0zSvBX5&4}>Y3i?kOGi&-N+p!3r9#ZB}m+y>4f=;uWm7K|Ir%+R)nY@WWC3_Zp zO5i=zYCjq3W*UBQJsE!J;nBlJsCckg63A3)@j^nzv{m~0vy4ZG1|?S^7j_LXW|*p8 zwuC!1a$B$?>ip@Q*ZtOf!sw!I3hZ+!SgCWSeS*JFI)KT=PT=>in&_b%-86?E9F_af z_bcMX-7VR@S3XpqX-X2lg%siuR^c4 z|2ja9yr8&EeK~TXxrYdGR8USH|G_vxxFoTcdtzFP# zkE$N8>++^Ez5w{V!K=>!b^btRdaBoTA>owO7*P&!?A}DeUT;`)aI>&IEv336oH*j! zvaWlCX&#Eh_7n;wr+x{Kny2*1kjNhaa*(&;S&QVM?SDJ%_)`~GocOO?f{HcBi_iM$Aez&R>JMdb0dfqQOJY_K1X-J>i9Qm3|x z59-FzE`6^z*t>hsv@5|*w@muEGsYuY11-Q547Al z<51<2)5#iUiKNg(n(bVc)*)3)s#Q+j{TlcTg`nw(@Hy40QdHUkaS2T%O6D2~W*a*W zmGixbmuAvDaD9}&Ph1ndYat6r6#69;AS>MzVbt{YRSQEQ^@!7;W0VO>EtrUXpT57} z1Cqh&T7rw!XDCA28kF|T_UplmM+Ik^+-4L$(5fwLZZ9{M%)=XyH(}_(fvA&Pve`vJ zTBATDG_)3Ri9nfd+O>=#w=&h9#c|JT@h`7OiOZ;XrMgIdI3e!vgP|-|%j+pj zJI@IHafF5u?uYC*g(fBtOgPzvSG9BfPPb1-W>DK9KWDnG&=PXWXi!U3BGD3jD*4A3 zX|b=?+Sq+QXlqfSdcFBRXx;eL0mWEg>)O>BXPp;dd*E)Gk(RS1`1cpZxWHRxDHX{i z_T&O6*7ram^LQWS-E?{=kgO*Kj6hPDy3)(w(mw_bY_4lE(Rgwm!jBR4G~S7%Dd(jr zny%N!A5^Z(*}ymxaZZ-}YQ@X}Q=e)iKjeJCb^FQ-^qx_AUs(h3B50WiglhYlOr=C1 z5c)y}U}MrTgK|bfQC$u;MFR~wYh446q;03{Z4Qya2uv+A6R zh!_>Eap8i9!L?O9PD63$p51Jgkg7X7tGcMJ?F>e_k-;b#T{Ul=sI<^hHZz5uzBlRA zkXX_+!uDI-cx42$saU(kGjw_~%vp~bI$v=nJ5XHFH>m2)aUN1PPJ7?QoLA#CRA(s! z=E`5@_zclA>d2lkf2pPBQz3j)=85LNhdH&62^8A#brC*r=u_58oU*K#BAb5MCHgX` zHX%0d+xZt$fn5$hYmppx)l%$z84;Q=1F$@n(<>0Z+S-l@^uc{SQHqk*G)0Ie4ytMx{g0(DL>=WLfG;=}1T@ z&i*bQiJ?GLv}tPTqi2T6dI~97hDGNB#CP(@#TEm4b?fs^a*~x zxIiT22kAxGtB8ZD9| zGs;-9F$^xa^~kdd`hK@jFn=eo`Ml^*@nXj;+0P;`(m%1WyAj89#F2HDLnO^%#I9lG zuzS}0O^9(|5-IwHM}B#Wm3MtdDw=4XWQ8&ZAac|?1g2zlGzlG>uvgcymcvveE8h3Q zglN%8q@6jI71?^yOTrirDF>ovVjK4OPCQX${CndAe}qkLe!wLZSF^=PB>~8WD_0rz zkx{$j&_&g-{O}G6bI` z#1jejJu7)UmW(=r`j

w!6D8cGqm~p-CJnEe8wq(<$;TR~3RpL5@XB#6zuGTa8fZ zIWw@cuIM3+;)Dd$SEMP`9oc6j*^cJT_=?d0pilx|isA{5QXn^jicUbxKdaFzN&Jc= zQ;VkTO!?C(I(mJgR1OnD1GSOlXjy)_Sx3R?ZdA(!eLS0dLr>gTk0J6_pCMWw3p(Dx*PT@UcWfvB|S3*R1q zA^oeB%In61$<+KV|Ey>wkNXFcsr*mHTXX(Dm`u$-D_R-!989L>pH+RaL>z2xc6Th5 zpD6Kd*8_(M!ND|BzU3S1iJ6cq%2Mu7xr^L&$c+ccwcG9dlEx?6CYTSfQdjj__GNE| z46@NF#%@$iNmZ9LE?ABV3;R1x0#B82zowk57y1BI2Y5Zvwi-Dv!pHf3hIl*qpAcLNN-u`0P_h zrWnsS1b?krRNMZNX}N8|+Bj+(sM`kWOwYDg0Ls#5jbhsJ!VRkg=#}u#ZVd#}w(im` zo5VjG{7QTQ8jjd7_5`f)+9XkNW$4(E zG77b-r#pg*HHXjEt8Nl)$h5W(N-_YZ`okVKJl#==j6Uw%^jNDKaL1oE(FGGYL@o#=OSu={QfhtpI_0aT{H1w>E{Z68RQ{c5GucTq%Tw`Y!gf=}{7 zD!aZqfIFm|dZfcWnlJzp8Il<}(1}v`L2Uvm7#Y1u$dflooU;Ina`cdy%0EOS8hvc* zkK5VDw=)pd^|mIN`v>_qOK;h={&>xvUsNe|BV|gHm$WP?w4{r98P79VmAdRGafEQc z6rh#oXBYBd#NhfE^g!;D2q%3Bk3df)chGbz{Qn~iW6U`ZYY=o{IU4E_{ z2jWDYM8!0hX#%FGGzL2m*fX;pM95veq42c{(!O|oj&io5Ogokx!;~{qS~a_ZIfIl1 zretOhtY?UQ8d8CU%Y8B&e-sJ+o^g=_b=AG-STm4wbElu1G`E)=$^j-qI7#rdfD0Js z;`RBQQDA0`kp!IrBs_Q51@{5iA1fd;@U%KJd-C=+jQE6eoJ`G9W0>wbl4rJc5I#7X z=8{?2L- z3#;7l+0nFP_yuqeW9yZCN|`gIV&5L6G$5M4@{DvI!W%z z(P|c^Q^~S{`)_S+Dmuo#NO1_Tn9{`o1H&e4J(ZNujHquPjZkqd;X~-c)xTVFNr=yq zK*1yXhOm<~5;U}!(5^M0+bUFjcujB;sof8RRfW`MCTo4(=4~DFLZeZqEKgj6wS$m? zB+b~4J`g2D+u?^fG!FGutYs_}duJ7gV$9OfSYcIPRZnmfV8N0p7$JcwmU@yB z4(9TPgA&q4-x;d#Ng}|=D~N?fDoG%(wK8DUB~N~8LYuU95l)>2cY0He-+(P6f3xkh zL01&#)H>sev~} zm7LgaQnk7#>iv)=Tp)4H6c*)q!NnYKL3Bx`fcuD$fCL_be6a8f`4|&l8=w1LOeTG# zPJv3Sl~hIWzRZmO=%1Iz z-<`ZgN5^LuC*PhN9bO#6uV1aaIXQW?b8&QZD83sVUZ1=?9G(34;R!yvrdOBb<@WKL z!|r!S=f8b-elpm6_0Qv%N7p|dzWMg&k4L{B{`bq#+xK6sc%Jvw%CF~sa&<{xzT4UU zc5CMc%8p*Y7;lSLS8Nje*u%fYC!M30zmKo}H|qJ_|GgOQ?TYXIdA9fVhuy1P4dLhv@X|7=WO!FY;^MS@bHJD!+#zhUcLU=pQd}m zO@5i4O@AB_@-`-~u6}-b^vWOo_V?HPCmiqmKKP&Q;U0VaTfC(wf1Uigas6s=^y=u_ z$?&)6{J;Mm{BW{)_3i8M`1h?Xe)xXx*Z=8U23tSx{O`p-$KmV2&;Efk>1x>Y#M@FE z&)iESGgkXS5x7hEc7ubLg5BQh$Y=3XUz=(t4H{{6vG4StPv4hh+IO8fFdES-5~2P# zHi(^@GWjGD$<)(O0$dVMmjiMlArVBo`xI3VUu|aWvVUNfpxX9N-hOv>e187#@86wY zyght#+y<>vi^<|kwHX}u3@y150>1@$^$rG*8o$(j9Jjh`mX3~Wkhx~&>YjPf7+j-o z$=24S8rYVr#>@qxxgN2Xx8U-?c?wr0TEw_ZzphkC=0cxKV+yBepCt+5F;h2IEFzBJ zbRn{$Gv#3dDNX1kx~h_;qZtCa_BLK3z*9SxWmyOV(B2C8(4FC3mj zhsCp#l-Yf6ER+XVAGj+>ZmBXm#wny6-gLHLZML_^4>V#dKyiY7p)({|GYmS6!9bCj z3LwbvovtE--a>$2KojNgCQo2o5FE%g)BXTO@Yb_F!w`iG2idK$?T8~Ral-@>R3F56 z{&hl7$b54X+V8MfRQT3p=0pR9C+DWH_i}3dd5Q*FxSd8c^20PB;4zc){wd8#f{+=5 zR|Ojpuqj!znJ=|fY^~l}X#Bh~X>L1F&NF@Nu7F&CgDKHoj#e|}Y(mUnAYAoaa-cit zgrkmCR0jms1zgr7AIzzup9IGy=K&wO7pG@+%0QD7A7L@*)>t$7ieBdR%t3}G= zF(0$*NZt14B{4z>l^04`#N<0Q{`VIugUHdFg91QS9G<%?8Ixo}1tI~phW#Qfs(A>b zQRQTh_OXP0A0d`#iE&9tjKr960zLEGdh%>^wXpVL#f*EJ1>7B%tk<_dk~R;@m-Rzv zR9Xula+(;c(g$P8wp()vHx+A|IdH)eQgk4OTNc-jZOi}~Wv076SRIVRiXGUi2v9r< zF`X!WXRIiCz4WCH_7ldrV+K>_NNv(25jZiE1d$|R30FH>p9U3mmpyOSmEi#@T%`&6 zAQF}iLc+(40o{QCLAm3VzMbLO*W%x8Cy=wPJ9mz%PWD*Ge+gaTgh~S8 z`p^S@qY@G3YFz3K%FtB#8Cp#_8K%nF5C>OMdIqjz4;<(;PoohPNTpxkYneBQv0e0G zoa5-~Jx+LLcQj{}DV~Im@qAyBy!*wz+5>H1S^MbqyYK$}`uP3vYxOfy;$UB`tKA6& z4`vr6?C?g=a?c&@6Yd485CY5~V2HEz>WLk_>1!{g{O=}~NV~V1bvvg4@v%yEaWa(4 zVbjTHu3g#b(-`?cJ%}0DBppd>Z0}AtCQ%$qP{>B0o}1doa*@QCSj%rfhE%F)jxx+O zcn%B8ua{}CFO@#EGEy~e16OFvALRPLU+x?G<7pa(Duc;BIt;Jzl*?C8!~hoDbSi%_ zy`c;@rz{cssJF4XRk%0j1R2oud^MRv*Xzz7YT8thv&IAtf&w0N+!cH#2hAIli)Op^ zjL+LkW_4)Iv3-p~)pthlr={83pVjnZHS6AHucv-cNj*>9pEG}UZC9Y&^)@%&1Xiij z*mB9vc=A`2&E|H_$^@kRm6cj*aAP+LUq()?L9X~Du< zxVt7oANh5W5B-t5+UB?1I+yU{4r!gTFPG?xjk!E+w__HxBNmX(*JiXfj^xQ*(6;$S zA>vS7Yh{vBNj4VQ1j4$QXF-btg~yrAy86o8!6PVXRzY z1A;@PbZDc#)=U!;VjZ!e75C>Z2RD%ql%q<0bcW)o4Etec%&yylW zr-Yl$g5EOin5=xp%@*oydK+F>{&hws?1}_A=K}B(2cPFuu(oo4hkI<-8#5trVUTxE zJ4^-p5!$~dS0v0lFfN#Oqc8Naj;=}O?GGE*DrgWgmd2w5%LBU!c@(y%qGLZTnr$G$ z#01ajkA`XFE15yH77O_3d0mB%dp~nsV@V}L>YDt!w0Wwj^cC>Qm#B+ z(05dPpAPJGal)7w%G0tknHCRWPH4hOWaZ?#y@`s*wXxQ4bzL|hBm$Rtuw9Zs-%Y(q zLqWk!Y@(r(z-E`Hk_7q_)5!bAthl;yI@O16Eo?LY6S$+Xss?lKb({q))0ghh(v=+K z5Y)bVrr#VEbKPdx)80y;I%!*3W5Sox>KezDCOi`wBB!<_ns*I%Bu5Q(fwuvZF9uV+ zApyHiN|L+-3&2!)bD-_H)>l-0XSmgmrf++f%g{zQ+nSW43H}xQLRCb;Af3eKZa>Jf zc7ZNn&?XrA(A)7odLNqzsW=V8&cx(hNkXCNaX+LuiWZF>vs=1c%d8U!3o zCIWl{cUg0`v}1!;L;Q^L?fR~ zVl1eQD9w?z3Xd#o4;#;-$K~se(qnZU4w=;DM`>Jg##Krn%!hH9VRdEo$9ea0fvzK+`y z^O@^|#{SGliX(?IrbbyDr8vQnAi(p8acssDNI%1dh(=c|yi$=EDtvjYE_x-k4HANZ zB=pN1vE{I8wZRYXBJ`GBk;#B0sJFR}Ho6<#b#>Oh+OX#Vi5ob>%MClE5zM|4_wu-@ zwZN~rz#`>sHf)PAX~zlsmG}Y-@0LrOy+yg@+j6^r#3Twxag+Z<@zU-85uGiv_k3Fc!I5>vBzx!%Wq56-*r% zzX~=BXrk`t)LoGZiR8_q-*t$ z;pz%UMHox|FGy?vzBUOE;IickhcwVx0`ekwm3Sjh<+IZE8)i-DQjo04S(r^|++JMO z7-scu02+(-v(EBoX>WJ8)Lrw{^3w#Ep~h(`ic4P_{`Btb)hT!xo*tf`%fAltG4a}G zvE9z94H@sI>Uj9p9}p6p<(;sZAV0Ox4LEV`Y@v3rW?^`9cy@C5>gB)B-o3lH3mE29 zQVEVZu}In77^3?IrZF7vj|w2fSAKP-0+ZGv%T};nlg>Z`QSn+*EQ?4a4s@37;v{O) zM6}lIz1feNQ3EZSeZ2~~4=|04Jk{)bO&bIuQrFZvhyuiY48OUmu}(T780wa2+BJha z)VWZmwAu`h&&pdxx79!$N&W4hTS)$xi-JV$wvkvbyd7`rOIo&BNgThWI*nqQ5tF4Q z!QfEX^}2nOkj$cM?X0KokCd#26)+;%(ARy^&dj<58a(jxI(X)6@VQAtpH=e7s?Xxm zCxzCHsQU|X&LU1H0GktqgpfwWXb?0jE|HxJLpI_i!h41cUze{NXQcVud>#TrjEw7T z?DsbJH@3VNd+6ltx9<=-IQR$p5jLfvew7)f^v$-{?K$6^X+3Q+<-djh*85S9=EQ$r zF!bUO4ZCt}x#Me8c6AU|AnzeyUIEU%J#c6)u#=DbYg*;1%u)qsrg z6=ew;Op%*b#PNpioA`nw776lEcu5)^LdxX+y0LZU8w~k(2}@%Y)Xk%C zFIjLI6&!)>9IfIw=4f0Y^ z6o9MEckh4j(9sx2BeSQzd;fzvB|`EMuu2w|987*BQAUm|_Tf2Fb>Z0%T~TtqjyN+8 zz>-2*njl)**WaYJ(RMYt_%L+T2I1|YW1NJPSmP6y9Ruz*Q9uKA&8_dGLE0%a>OhHb zs_pM%$-1bN=WuHi){-M3lVybc4H-}>9 zlHVrz02XS}Q9|-Y~$3~C&8+r zZl0o1?jFltV>RC3#!4sGR;7GW_*ZN*bz&j`Y0rzn0Y7R>&oxUfal+Cl$nq5$rU9g7 z7v5TWB;o+zzOs?r&4yE(z%T~daF#JUMZ3DSn8xHlswb!&A3Xo?M~lU+ebh?8FRQhV zT2gJ1zjP#tbxeKH4v^k!K$oJc)~A0x&qmi-$+^IS4AU^DA7`idwvV}w0~@cBg`&Ks zK8ZL{q9&dubTk&||M)DP{$I4w-Pl4e6NUqyO%x6VNhYXeerqWO7*K6~Lno2%Nj}qI z32+jrY}0_^gldtdhjcIZw4m2-){)*MXv6C&`&&!DYOVd>uU4iygP^1|WeKEQ#S`i3 zotp4N3h{(?ujoF!EC(SQ=prBxgsXR?ZiXP}*KfrdN=-u8745p47HVW}I#50T%Vg#BIxsnAA#WhaIS1W5#RF-1f z0J5*4*5NriId7qthvz5f>tC(>baL_iyB{ymPlsn`hi@-Vj?dA%Gj#Os?W>cElXq{= z(YtTa;oG0l4<~P5ts_Dq29SKz2ggLGRh0tzT%Qok@J9C7+{Yn~Myb>_N9>A#g)^r< z;3)WN#mPxqo{{$-U!EuNxEb$aO4_QhG!EMlldP@dr%8C%F}mGucV}x0{@d+#i~ogx z_qKMryIY&x?#|ACbbC9SJDdN3y33j3>?f56oB!zEd932(p2#zA{b>}Ck5C=p_G8Rm z|K7&t&Te7-cei`JFYEshPo}@_qpRLmD?(-BLi`{*PZ zCRkmxrHPGYF(P$es{?ItU5B_^ci0W{TWo*Z@Om#yTb;RJAGM_V((Z1xd)pV?z5U+q z{$|hH==OGAZ2i5vvES{s)CWOUlzJZ>qSthg;AHAv-AjQ7hbr(~P;meu8&Mw(h`5#q zg+b1n$}=;%$kn`&>WWemK@}KG^)H9ZQIa&t=(_lDF!fYC~clfHc>cs_AAGho{4Lg#m{5}d5p{SqIBy@10 zj(=*TwjxeXjDA<|ugX-b_4G!2=ao%Utlof?kMEV9y_|>qOM0%5~1E?v4ss-eVge)cjI{)YEVlH$G4|xA@bWH;iLNFb~b*m%1 zKGBEPhfE$6NhC-TCsZCWtaIxyBp7af6>K*UUzS2 zcXxZ^#T_}Ta=`6Ck|Az3T!&6Z=HG32)!x|Xe%#pHn!#*y8@sKxqxmDq@rO2YUd1+4 z_+eOW4$OslZN1}FJ%kQofKK?Is4CqOjt5C zR{=W1xEYI2xge8ul`oR|k`G5Zd($8V_e^!SVsc^92=SPZK>KY6QTU$SzexsLFE+aydt}(#*uuM8Tf-OK-N9Zkz%O3x zZuedc2D<^l+k1Pv-A%mdZx5HteGP^c|Fs*VF$d0X@3zW~{y=OsKlV}>Yre}$)@pII z<3VgsnYpSL^2dCln0d_g=*@Wpj;f5Wi*dZdH~T%W>+L+K&YAV=l(THmafZPiZ!52m zZ*=d@NukqQADAl`sm~(iNbb<5aUV0_)=0*?@LPxWEGx|ellNpRfRaBTEd`KX4wAKq@5_2;qtqkVGnGBBkKWj8j2}X}InLIh)ERMK!;-IT&mQo5PJ> zj|3YV-QKpp-QC7J!OnJfkKjQt+!^i;{6UXwZ4bA0Ha2%Q23>#K-`njDhh(r^L6fC- zl!7L+pEeaVj?lH{l8}uorBAra_pPQsw*R~)_MA}QK=&=D3d1c!P8GV$$*Byt8(mMH z*DEY8@Zzf#n>@RQ>Gk$@w>Epbmg{|Pv+JXI=HCCfmah(2PZz!om~;Qr>uzl3?f)Aa z8{LgB_Wy@?Ts>~3{(QVrt(vUlwUU*x34i4tjPWat?eHtLJb&f(_VN|W(pQX?e8m{Z zS2El9N@f;cv2uOIWzj2D+R~oS4m7KYIrC`4P!W;ie&tm-FDHgxL z81wG`H+FW4{C{h^`-T5M#Pc=EoWyc$=xcO-`s#n$+MlO=0&##tN|JqaczSsBJ@`kh ztbF}-p%lFQMb*J`9j1;>I!CXxU#>iS=wkPTd$Rq1K}}2T!}ng&*vi*mueg63KBsb} zePK~cdluXOPLcjB^`9r=+1y~B|Ht-r!T)Dtd*h4$&%-=_{L%SlrG^DGVF2HBK7CqQ zk-eZRI@yP$k3$*~aE_fwkFsVfXGEk)gfKWqA~)5elNxyCk3VeDfR-XY&!IT^ z758KZEwma?U!c|{nYK{t+js9;sHMbI3$2Ef3)Fgfc-E5t`@gNVHPrs}Ndf)GA8nmP zcHRi`lNkJB6B4|Fv_R+nm;`A^qtVGIV)o}_sFy31sTFlSXQIjW^_d%de~*<F1J6_t77JAn%e)(Wg(2O;IHPXNlCxouAb-_nlu5lCw&1G$P2;S%-2x$#LWm=m!0k zGC_)O<>w>{%+J?EQpG;%t(X_>@;Z)j65MGWWe4}Wj%oz?i4jW8mr?d`u6?&JNHWm~ zZ$G8AoUwX$SU9_8aSwXdUYEE>B$ZyD#gPJk*%;9Y_uHiWyl8}>puZmt4 z=~aD^>s8}>2JQumS;$7yAIJizcRtD%!2J!d+!(#NPZhk#{Sn>RWCE>xxTdMs)S5R< zVDwHB;7%d;Z}YjwEGV#j8#8K2PUX8$@f9uPy;nz;m<8%5)Pm&XZ?YhatWohz6=L=G zr`dFXDHJ*>zLtPO*kKDjYrHhhYz>B=+4-XVgKS}1$je@2Z5>Rw%>i|5$jiOAUzLzh z@nxw^{_E20-7X|2FkO@y-d@z^doqj^qLK{v&bX@+g0l~sb+t%zDxArixMZ@5G|lBG zERW`Fojv_8w6=zBP(&lCK%rhY&!#m)iXo>S_O=f*6VrJyQY>gq{AbQXG{Ac6Jtgd>4-Awpc6cF1Z<2 z(;a;C7^&#lpMi|Z{Nm}6kra#S-;PA=Ehg_lQ(m4R%<0X4dO?`!@P8FSxcFJ6UCpXK zpSas|w{K%6b$1q3!Juv_h$ z8fgh0W2w0L-!fZ|`)siuV8Q-JLJ?|A%-! zoBdymiLRsP*3Z?x2(_#sM|DyRXm^uLF{DGQfNFO{cP|%Tx_!6}XS8ZN&47J4e;eJ- zJ96RtA^X}hy_f-Ndv^|JW0W=XOIRXBD`j6 z7DHh?FY7P2a-2-ANCH{P6M|a*+4DAf?QW~ApVZTVw`My8l>xQXke#dEfC$`c<WIxyWtuJzJt~VHZ@l-i_Ki{0+j?-4(wVWAh^DNwAN-{d<)oZy zh$;7rheVa0`sY9rRXHIWBFMC^L5`8py4j3ZP7k(KgC^#D^LYridf*p#9=J;CEJav- z!P-NM__LRXM_HQ0hPx^mV1EIAb9c2!4Va2COX%;a8pt9job~zgPB+gSKh_L)IHu-<<|yng1BE)MaB=#p{dRe1{9ckaiv$j# ze!RTp zcux{R{o5|a)tALsWHC4rNeXiNlm+KH&A2+dBg(Uy%MC3gJofA-^Kid?JHDc9OaS%b zlROM`BG98;TJ*(diYq&6Hu--X+=lXQJ^Q&*qu$hD4H&^E;oGTQsR3*Qi?Mi$&gJ>7=8Ln&ZR z0$sZ=Dw~oXge}G)Bg8_Z|ga*XN zDJQCDC?=~DNna8b;cME`2>s`#x2ZGPL&;){S~LKd~*SX zF;zD809}uXDXSxJ$VSgOn$U<&(x_@RzWJu1{Yr@%?!cPce-36^f2>}8=(b<{Ywep4 z|L@bkzWMa&SqrV^(1UJ}VCMqLMmx9ia|O-ky#KrX{jXakVD<&@ocPbp&5h#y?@qV( zCI0_Go(I4GMOM-}Ts0s^Pfs+L;NJI`qm~sk%zRyxE{(NJ$e@qi>YRmwMLJ89WG=eCMwX}Nr7hNj zD8$~{Gy{Pu|AHv@&`E?C6a_FJaum`_k|7#h8-{DUOF2n8s{V|QL4q`(0Rx_W&5}#R zQd>QFz&_^7)F)IfYx}B)&X10ouVVt}IL{-%dK_`$+ne5Uva4q5Svg@`njd+ ziM3G6mL45;#8ilEz4E5&55mMfgDnaDBvu&wRS-G;p z<|?U*g3;(}R3P{VSG9!A`JGEt-E#JM(2H|5%&z=*9b1(Dt{zF}eQSZX^)sG?k4m3< zYR|3pKhV?X$Nv9E1O0Dft5E-8V{2>YOZ|rjc^*>#gRw5g2}?&~bG-i3eR;MFZZch?f|P zu_u_VW!vqxKoLoZu>W`q!LY3%C1C)csHW|1x0M+@N)Yz$3&P$45cVvDB~bK6*QMEP z_q+^=J1y(>U9lo%6s+adG)YotCVPw-P*wZnD$J!g8fqhb@NOgXrH5Wi0NBu#avWMg zwo0%r$fL-*l*LN4D$=7;ONgEeB*qE5HYN$3hg2ze$f|nIc&8X@+#4mSR@Iz`(o8fK zQ3Vl1zcLy@s8bmWt{y3sw(|E@g*#J~@w^jmile&{`We8eak_tiTE9f55c4@YK0AAN zrV22_evA`#MNM^eQ|Uk3zlBZil;!hU^@AR0i(c->)-Mq%K5rRReZ~TjD-t0*6eK|j z(S=1}?(2w!0rC?9Obmw{YQ+r*)MK_qZKvkfOI>o#R>~IWiiPQfAV0)(!j}T}w`l^0 zF&aSJRg5ym1 z0JZ+BAZy$?A5?TyG3&zM`I(eOQtNNL^EWR4uT^MUTssHS99*R<$nprP`^9@~az(AT z&MU|*k4}Kx?FyZPu8-ts9Ia-Rr1v2Ud!Ejfo%1veL-iFmSAc6XHe;MMFKkJx_Sf#p z-g^DJjkUTx+hoh;pmJ1b=Xbe<06dA);?8jCM5oL$&9%Peg32{cbCj*$#7`R!^UaVMVXV55=}yOM zK#oPK*e_rz2g(gfBl??(%2%nIA$eN?oE$XE;{xOghpDRQqpd0O$YZp*8C$)?AC|u1 z3kUx>o4f*^`CDDT^_|Na^Y7exKdZdnDD#Etb`QcPO1CB=4z+sd z1MFXN<@ALU;Z$Urr9WL6SEI#_GcZI8d8%we6K;7`^l5qqFD~$?$zh`NjdFmB)tzER zU4b{4D-|~29px9;8H8-m+1MOz_X4uHhr4?_JN`Bqb_YX$Yh$oE+}+&vcQ;LcmvkmVL+y9H(zyH$y*WdNK z?1!~)*5ns|Z`AHt-@#SxbYkda|3JG!)-<#Sfxv_RZ`n`1H~3en{o6ljioQ*-y~ugq#Sed&{6eJOn?1s<6ru6s3~^N!E<3 zivG+)Cjwp5Fhm1_M1mtOH)tS5Qb320eq5j_o`jD7n7!`8`aTS?M1n~pK}Mu>)%8ju z&b{Zl7!&*2xcnN{V2>KJoZ?H1llfI;{`UI^b9~CHf~zZoi?mOa+j&(O?pnE3eax&H zz*%{vkGQ0ey_XA_dk-sHw41_BBb6@`9c=tA+*(s(9gYvgCk1O5knkuGCS-+A?J264SH%vA?6&o z&7JUhQs`|#yp}(o84q&{^xivmEpmO5h_bVz-v zVj($2DNd<6tZ2lzpRb&eVOA;39ZhnofcdDMzDFz4^ z+2O_Mspj}%__Qca(W9a1`JqP+4j# z&Cr_6Ov^0Yb!BpE^-(z&?QGBg(io1!0nc}{{|m#e<=*JQ98W(JL$QBgIAtk!t&(sh z@g;xeo|c|gqiu~zIPv(nqYXhdpBXbz_FZ{gaE^+6r+e!U2AXEYCyFx$?ZLF-Bb^b$ z&RxYXnpQ`3wu)!}R%R5DA**6!YsK;^cxiUd z6!q$Ltjy}0TS?hbZVhLAVpb7Vj%U_Sso1%tt8AYwUj7TSZn9pZ*wOt~0oKJSM)!buMc+H?>p+_?4e;FoT=q(^}7B zC{DKgA~#w2iJ$dXkt!V?jc72@4mg@Yj;p8;(38LaTq(7ZP zOjc+NBIazL5Pa!mvg7OK{Lj}B5x%$bJ-a4XBw1G-(TP;^G+Yv->x6=rBq=goC$KqL zQ7x4}C7H-InGk^kEU-qMUYYuneHDh6!A=qEWwaVo|MC{M8*`G@ub~^TasP}bVI{v* z8+aBYT{A=8mB}y8tk<$om}PRRMY+zS)p5T(_0O&Ke?=}$)c?8q|8BQe)c-fOw!Y~9 z5Ai&>|L5_?SPB6taw2UYhqMl$bJU6zmpQewCOQ>1d<$&I$Zgs3-4#g^8W71HlQiCjQ z%1=c7+h|}nC?Ro(eS%tlZ=u$|TeqJSwul?1VK_yg#`NmIY0;s2$;(^|Ywp*D z0W4Bst~WLABE&XZ<)2H0>XwQ`{`5)GV!bI_&Fh^*O>pBXfmD~1)MLDXPt z=iQbWCDS$Hw1rx|ZgA8KzF8)yLePQJU|#>QS_GS7|!`f9;)OjYjD zo)@Bkd@Q~!Czz_z^>s3gQ}`4zpFaN^e~xGbnGQSz>NyE)+*LxLOsN`TRps(nZ=uyo zGUXNmsF`Z>BGl;r%aH%K*8fyOnI-st_jWh8iu&Ky&PMl({`U~igWG?t`?n$>Z8n)< zH!*~kGnE*J>T{jnsLJgu-v+hxsZ^dt)p<&Cm8t#bEC=sGS8a5h`=MiV52^fjI8;8; z5*l;e>$rfMIBWP_-&=x*wo-JpeF`pQ5flz~)K{CHS*1-?=WG@c&1aNHAvHQLQ{KTQ zH`3~_DHr(Bn>HBN%e0biwI1PK04qaoX`3INgxX$+eX2_c;crcw3+7V&E{ zdo?cLw6q*<4yO!{C*Y{AT?E3ZWaZZcjq#P7#Fga!MT~NJ@^_2A-M2S;oX=3*Y!cs{-6zAF@IvOBB$a;YYnwR5{<;Tg?e3BLnhY{VhHj#IJtk%3?9>4zeKU9 zog>-jY9*g%hO_H2(N-jjW6F^{3`tbZ*b9Z8D>j4tIFBgQhJ1?usXF^dzPBP%GFjeC zzKIH^w2p{3+LtOA|1Go_Zh7b@8iok`yoNO4LgjrVf+RX1Q14HDqEeu$H9>8NFUq*3 zgjv1OGaYH#3{ZljfK4poR5xllQ5(HvEF?I}clFblK*m175Do≀`B-xta2uuCv># z3N@#&9_kVg7&GKf(JRNA?iFx@cQM;6&Qhp*&neU>vR00sv|(%(>05iJo7Q>C9n-sq>=P25bn*izJls zJF^H1l_XeOL1@E6r#5MS|>Y zrDLo=khE2pH_;5xB2_o6ob;xL&VcWPQ->85(4}X52-{P$sWL|O@@byRW8$l8RXv60 z>c#UMV^#oV1IxK(;LX*o$}-(*9nUOe`v<7iLN;ffW_*R8Gd}D14zyaX`+&VX(H(0M z;k55{k*BAh-LxngFqHL!(*KG|N-Ai`y%7;Vkmy34ILL;KU8XT=T}j=@9D^F%Xxo1Edarqb?9$2C z=M3cP%f@KyyawIX&BtNM!)U&x);DOdvlS5ENe-iXTHW=(yL)p&r ziS`P4vvetkd}c_qtq4wDrfmZfFDXgLs7Y!zqW zN}xb~<69+nFVCu7UW)e>nZZ@Y^=d$zgXpp{yw}50$yM^np**c@7Z(3qBz7jNA-g6C zT9uOOFpS3-_14zZpKsF%NvMx{YiKo%<8rGTohJR?t-3t}?YU2BNfOk3Kt|-_nexLu z48zw{fcdfY%P&7UxPW}7H&QR>B0<|tJ9qPjwk#&H7S8^jsmZkUqWA=!kbybKwJK(Xbu{pj6P1g^Iqr3>+>pQJI-C`r4@GY>H4E}u z<@2*hUa+p}WL;AZ5%?TYp{r0Rea@%}`T*L%W}zhKqLvCh&U+oiq`Br~syOZwwJNxi zs_Er(TN4&MMbFi4&FWj@;g!+iTF#I6t85j5@Z8Z>Yt$^aTCxVYR>vx86kdLr%l+gV zMB>Z%Mwq>znY%~GFp3j$MOn(rXD93)!g-U;u3FC9?4ND-E=b+; zh}+DzK*!6a;qqDGiPTqp?9c7}Ka|VO67v7`Hg-2k{vX}#Fa947@qDiO4{rX|b45xB zaz0fuR!wWZY>*`$vgLVvQhgiiG{_Rm&yI*G43$}-^b3FyF8-X(z1&Mz-PIYSi#K{Y zVRY%UT$bP5+k@F3&AcQBrdj?!hE9SByF9^yf2C0x5rPDRi>gRoR--0Q%&@&vzvlHW$2P_{c zOYS9C=7dF(2q#nX!)o?|sk|o@v6HPo{%E09!Ty`GNPoDNv(S5LIdTkN#35Ssv5;SD zU$AH1840nVSL7Vpw?BQd$F){werm0uRh{TX;W77BOOLjePt82?IlH7hsOyWbtI;^Hx`rdYrtJwZaer_qn%-rWTDC|S#<>5tACX*>d};- zH5itj1D+*LGe7ET4jR|Fre!PpLKP1ziP*hpNG(eYgl=>aA{elI;8eetQt>=)b>-Ib zU)?t@Bmc{Gw_N{k^UL|~VV(z<|07?A+hKAY<$&D_#_(AIruoZi zTDbfNl!%tcUp-;x3%FK1!km0t`V?eiyI6pzIEH&Tuk9_X-&5CO6{!nO53N<4kKxbk zuCun68dqJBY2t7hrlq=C!MQ6p)7`{+&#J!`+G3@SGwZUPjds3qR?utZ?;)zMSU`4( zcY|N$i)RIQgo2upjZ|{scKT^oIEut73r9k(C{c+yBIl4<$6}* z5t4JxwihU?<|-xwCQl*Gi-TELBlZU6O0Hk#G4)KV`|VGk(2P42b**M_==iGTF4hoB zbW4460b2+>z(W+VsI6N!A-Q_js)8%`C7Jf}bO;XIi&A24ykY==o<6t@+II=LA_*ry z$RGC)kp5G*%2S!!w7AH(bMvZJZ1cx9ha3vg173}%P!+*AaR5~max^CXB~K>^J0~H% zJS}rdf^-e&8|47=O?Hp9dc>k39lgQvx`~SzvIHua(g?->AA9fq-nfkHD|e4^ILl_|U^{cg8wr zGi?$q6bgkxRiUattUCJJ0Npb>sbVjxYAM*H2!V~A@AqCGY&B~XzC`#^Vyo#YFz)t! zj?)ar{LFb#p;iX38HNavq|n+_mpn-Ur2u+Bg}=V&y@eE=F)6~$t}Sza*Jg^eM#v1O z0&v&7Af#o3d}idU^h>`dixmyMqZ^yKPLs2K(>e)$5Y~ zm%V%FNqQ!t8Bl%{Go*E)eL4aIN{L$hpMJFZc6nM_ZCytc+r9F@k%R7JJBirxL> z9?s&B_fig`U8EbI;xiGFoTy}gL|#9~|8YygY=+KIGQ*ULFS`!K^-`5#klY!UKXcndgc`YU$;Y5Cs4G1z;aGT||JA$zbBfvK8#S+LE?Q|XxQ_H5 zQ8x2j6Nh=MD0l(KW4@9uB=Ie?-EbzW$+4|G^iQTncMS!({~cgfwGm&X(FPI*PyP`U zPnhu8BoP8Lh$Dkl)m-s?bxX)aBQk&s6KU5;5_EI&*r~zgA?Ch>(yMNP$a$c!NyRsL zFjYlruzee8nJ6$pqP`?!#1e%l*qjmG5=LM_>b$s-))cqPg~e~9@(ThyB%6!Ggk%$u z$CO`#7@}K#-$az+5WpnCw_L;!TgpgWdqAys0DGgJpR;KJFE#taH+s&z@|EG*Kr|yf z z^|w`Pv!`>0;E()3qmmZL{V~(&B0LB5Bj5;a28MJD9iIgjlXGmEXA&pmPJLSq3N@w2;HB;5u@w-S@&7b60Z% zLw1it43oK0$3(=maKn;IR(Zxwl0wb5TH)5XR8*nd8gca%#6~09o*hD}Q8YNFSSuih zDb`l8&YGD8?DSQXLAD08u8Ef`Hy_GkbFZYEd(zuahHY@y&Vm^mP(34RU^TS2f(&>@ zxw{sGE5v10x~pVlG2aW(+}sM32BCEYc`f{tUw!5v8s@yX%3RZFzj?Z*&GWCtZ!PxU z3?>)`qpG9e2K(>z>%HRr@2>|3&-UM={Jx(3_ntA$@!Pdqe~KBOjP0ieT50+5niZ>A zeX5U#vH2V%UC827-%D^XOQ%a4eFa!^PX@a=UV4|IcImzM}t!G0pMY|DB-8f34pMBsucwIDyR3R(pa3+AI2k%&s2DAyg*s zVh$ns{aPGCHmnMVP`w++22tV0X>=+T2374;dTI`#W0=Abq{Z(8`S`IMN*72ac9&gA z;$0)8!z`Vi$SM} zOh`*cd|AjW9q(mAd5-paj`k{B_7{EyTpM$aokQ0b<26Fb+sg7m>Cub$iqNYKF?B zy?RP>M@K^+hOJZ+UF7b~=~(I6o6T4Brj(mGDO+vkmz!7HwT`v1rV=w{ENu6Rq>wR@ z3vr=2i`_zHPvu8&bWxm-8e%W%P^e|jRx|Lh?uGi1JtarOa_Vz{d>kNs`8;BXu^mxf z7A*0s+w;oImQmDGHym4+@Z6xeN5-CdSGTY6t2|tr8ox@2VLn0{+kjv5f+LBw+QJG# zymC{iAAzk-7mS#SJC&WSjD8IE6r2*E`xalxJ9$iJgFWkC&DYetgD&QYXohEObb?Ug zF4I=hu#!QGoiqo`x-Df@_I9&4rv@%=AJUdRoEm$&vX4apuh~^)3~@n@SySb3Bq;d^3tr~TVSrSxTG@X zyMkS8x~^q)Vg1rBBnw#mkF4 zr)~QUvrFZe8d#=+CE~&|H~FEi-J<^EwfKJ%6yTbRz?$y=+8-PgFzLU7A)k!zm!nhd_T{fv^Z1G$9>&>QB4#_ctoW>*N47HH&H{3S=Cl{{ zwgo`^>M@w$-%%hhx@-hyeA2sBmt*o9A*y}YDbp~Mxp|)lzXP=}j;ySV3oVQQm<|k2Uc_zyQ9F$L4pCMrt@(jQfU`rGm*@ut;u6y`H7;#ES)YspZZdx zrsf$%XA7bEB)s`~yDX>BDv^X1wW~d-dh85;)wR_7Y?qx8e^%hOn%FtBWwmeH7QvMr zFB~Ul_WtcVuAAIYLcrGT)$UDUG3S#T#)_7i0Qw|dPGZLsm&YqZOpLxYrMX8&Zk!Kj zW35dKsowUhr&)Ys&RIR_#qH$!6h>SD$nfV7Us6R;D)c!ez@fa-OX>{ZFK@uk{#NUm zaH<_E@V^tD;p{SZ9wpT6?Q3%Zooh?%h209>i*+Dx>0EN}C}LZ$e&BIc_vVTxVOlnwAW72XSt+$Ypl4c{xl^&*Ejn&s6llpIB}T!2qI#;L8vp2$ zoJ6-j!^8}dtUx2TVZdc>F8iX1VC~`GqrXQg8u8!h-y?^mBRUtDvze0==xtR5df6TT z0siH`)0btjrY|vuK>%KQ9#e~$x%K7+Yc8b#!vaP@k6B?kYvi+UJW~WLQDRlQW-oMH-S7RMw>DWFpnhCEsY%wXzIaWvTm2?}9~Z{>!UKZjA!*#Hrmi1_AB z;Z%@uq~L#T^}xp{oC6Z^FBwW8MhOUUgnFIc@x|2z+nzcb;E3}g`1$Ap1UR9c-UO$8 z{$GK9r#JdN>GS`p2h&NP{YU*tZ=-$=XaxP6Eap}V?R?jxcX8*t-U!}wzU!s4xbxlr z*VzC+!vvFzg45#@+Udm!`3LgTP7enN_C>pd{G-#mr9KG|gNmgM{nzn%r*nOM&2-{UfMOH{DDp9qdNZ+AL3I0}Y$#+N+DB!8Ri0Sht0!Y(B3!;LlMl#kEGRC zv$@c1K=&sUh6MaVk}&8BB;FBn!)TilkWmCkmH-&*Kq1Q1@Hins#!ngkFStzR;8)@9 z0hciPJp+e%Yj6Zp7?Mdo(ULelpUnCwN>LIgn4+z1uE^vM017Y%K*oAL9dO0uo<^xg zsMFzFi%@*xgxul)Q2-UED90n1qA*4Y1$R^IPk|33rgHJ)2A)`Pi$W5E2;E680vS`} z1rL|Fc1vw-URh+v)D!U8YA_*7 zhU`ZZ9Nl+1DV#Kc6>w5GF~RKgb`E+wUVugzM&8cAOAhuroj41_GZJFI5m!#^@f<(_ z{!D+U&$_r`_3|*hgLC?lnM)cEMzfdPou0nj7N=IsPGHSX#~(;~mLQ6v^rgT@ocGfl zA($j^-T?roNO&RYF;zx%I0sZA9SIeGEAF!Ec`ar4|Al>S9IsqDG2DwM#NU%g2 zF&2LOg2!M^GH^$-FaROGLF^4h2%!5kfdEHilFWpN5c>i(CrKO@GTuIn0FG!1BOgg% zBQ)%6Xtp#tZo?A%Hot5z`d7^U1~8@{m^0DY0AlD8BQAH@x;kT0pQb4CQNFU|L2x6T z)aj{c&y-#Tt7j5{(XrE^DM{c29fgq6Cf@vUN~mzSdlH}~bPst;Fe5=8 za9oME)zLYE!7m9;(MLW36#w4X*#-U`EzraFKjKb@88l6B&!m@cluu+}K~g(uEjugL z5tF`QO^2ZC1~3R)AixIT6yQj2a5K#4R`cwM6-Sh_E!RvMMrnHCR6LS&@L7YM%_a03 zG=C3cruz+xu;g>C1`3!l@|onhL31wo`9{FrL`Ki-C620)5crc3x76y0EmSd$>IN{8 z-2g!Q5?Lb^TJu*l*Q8{$@_HRMvW zBStJ8#ic3;?hM1?*@WHY4Vu^Xcw=~`+jc1Pt@6OeFJCzQIveJ(1t)7^McIqLX*GeL z%>zuiz&?DuJh|wl_o-!*t#Cj*7(DI~@nC0(L*lkIZ<_)GS3WN0b8|Xo5@}2lpY5E4 z>LYxa7|zcin9Raq$aOm|%3z3?IbAZPxhM`pz_ed5o69pF?kF!z)SGU1yFkk~-7e?& zmxZP+J@Lg3UZ{nB#XuCi^VKH|9lh$%eN2)R7+~JK*kpF0pN9Nnbz0IKR z7l22=KPZV9dT+X)`Ta{hgA2cOnRtT~9qa=y*y^}Qu(K2ic1#lNtcL_U4?u#QA_=6> z0H5MX0t2S0a1nAzz)o+_8+1CqevH5ea*Jjolz^SRZLmAo9c&8|`gT{jvcVmsfSVx9 zJR0K&(HH!8A)4s31W6 z>{SePPiRma3R{O#<>fvN-IW{xz$r!Hm>E?t38Y@3Np|w_T~A8oU#2kCxZj}!0W4iQ zNFMtZ>F|F$9S@u(=$3oa>xJ~1i?HAuQuuS+=H?)5CR#_*s04cXe`$a#{@8?a#=UfSHm z@Sq?T=C4w=zvG1E+x>U^*aS==1tX@slO#Zlp3dgwdQ$WR6BY3T`J97MnRVv1l0Dv<`2Z7;-O3&=@63Q2k2AW6Yh7 zyjei}j9E5(&gvJ>?e5j>-qj3G#02*@^gq3fBF~2u(Ji@5HkrEvp##K6FbdPl3*Cpeu5|oZ;{8)+vWe=^I}3%FGoepbpJ0V#5SXG zelQBjq%YbakBx-)>D}&nDUtu&>;HvsYclwxvoT6RV!_uueATeUdOC4`?=`IKVK$yx@@RE&y2+$dLHM82VGB5ZMMQdug{f z0Gq5qSH9|Q{a1%^-we(3lN{o;t&fXTx~uQM6dHV34n}J$Yll_ ztlBMQD*)3@hZA+!@88|s^&m&FN0LcD6isOV-RaTEhYKE}`j<}UQxqaf^X+ytS4SgE z=7;bOFi|u~kk}${1nv@?@>6R{#_1hQP$$4NP4Fm7E%GRwFa>4fRE?k=;Mdu)63J3A1=VhAHd;ku@6ERO)@w^U_x$D67fTPl*}*{yDf}@PKakX zl`^$7oZgc?u73Wl`PcINUxruq^PPWzJ{sbGb_YA9_@BMO^ZEay{9qIjDF=of0DPFD z2|q7USA=$eI2xiu@JGjVj!Bk~1|V-^oW3Z3v*MiL&Q5Q)x2KO%*0JXae<*vvRAZ&A@1LIi# zDTZ7KS}27qEESyqKnf=^1VX;?G{iy(M8VshV0iqNZCEe@Bt{XSBujj>%`wU%oX$OY zj*bFw@!#)&x&|6hl-%--0;Y^BD7eD`652i6?O{SP>7~CTNf>}26UJ&v%?JTyp>Bh5 zi0-8eTZD%J;1gzu5urW_1tCOI)kppmjBzrfz0Q;{5;|fNI@o8UbVV&dN>NJtG==_6 zF3|97qW+zZXZ7&JCLL;Ab{%ir+oKsvS=grsDzeAWp~(rBjsA&J5y+ z=`biU=G@Az0U%4l996@`pmKh ze?s(n??3n9KJw9McYi#3J=p!v!Os5od;Y;|_-eF29*++Ouf{w78N5Qful8S|J$Uf? z_4jCJ_xnLd=d27tms!HzV9y)8y4=|x?!6km+VAauzq_+HIN06&kHOAxFz7yux2oTQ z>)$x(Yu`uh`rmoI^LnsbT>q~Qp5y-?<+lMUl7BZqoAlq##s>I*C=!(`eiVh7<2)R3 zV?#ZZ;e#Uf&2DkV9g5o^BK$Oir*d)SG7JH^MM;7KGte;qcv~KhGVRcmV@#Ee#(0t? z!k;5tQFeW8*0D^a0q_=L;r^f0A}d1(&!q(1F2~HlD6nF6IvX2;L>!2!>uEtL5Qs-; z>TtG-Z_O_4&vkgFJZQ{zn;;W#^XTawVc|@xt*o%!$02wMP@m$B@@e|sO z4RF%qL17ykC29@DV`jq4=IX=0A{jOCLBxA*Y$(v?m*CgmI-nR8B|AJKvlyl-GzJDR zR(>uv4kMg44q-Yb$&9LQeDg~Y#nA}wV~ip?#p6^q=l?_0Llp{ABD&R8Pq*)J@E6F> z5}eMD#34L5WDivirS(RxJgQuzMo>{ozzp7S#-Hhth0^J&u?7jEX@dO}1>Ws0xHvi* zf&|UTEdogv9nwz}CEMbkKPDuLIfsvpe~0o|SP@e#Hq6g<$Q=swDevhq?SV5MwiK$^ zfgyldO28(JV`fOIQKTaJE6F16yp$o*%;eOVZ*9v^gv}Twyl3`lK0N^Ph}*4g6|fk9 z&46&%wE7@#yrt(!{=+p7Lk-E2dNOaql4<6mzsW{OdCh+i!4oiqc|;5RmQZ6xngk5uM2=xGY4?? zssV8E>jH2&!N-Kzsw!~WB#`2OfVW@}txtxk0W(ctXhP<*bC`R%)O;C^FE$1k@T~%d zp>~lZNZQ(9lV&4NW(26Zl)gNdL;;_XQa?lR`AZ3pcRUhKp&;Vo*4Mj$Ug((mQxs$& zN_cpMl|HTBfK4JxAi+qj)-9e-foTj=e+ps}@U1#QJK!Gbm_lip0*bw%_R*Xcgc$8Fk}?jF42(MktrCDoR%d z4(SF`HUx-ES}tXEh_eW#uR%xwJCgsKl3dm>Wbzqvj6L7l*|$UK6Q&_Tab2G}%B(j>b5`si}BTl-yz;y~PnzUGu7QM+t(dE|kDHS+)ct(G+Z++{Y-v{A@jB zd;!i)zLw2pYsTC1i6=9v60y|m{)gq+F!wjLlKiTDPQ`9$*D}-AN^5SKjg-T{C$oN1 z^howoIN^&-QHg`;X@&OJK$VU=Kl$(ZPRAe~fXf;#(naeDbt z0#mq@fvRr>Wo~dRp{8(BXv>~#;@K=qMX(l}2&tVQMnGnxaFJ~zC;TG?Nb;fNvO73e z?h^=myORkRDWJe!fSA8=ex!^Ll?5dx*jvO3 zkpw`aY@)&7vBCnl%KR?z zdVM)w9NaRylsKL1Z^Q}m*qori6OWWMs?28MT`rs!CS%A&nCXb;PGeC`Atr&RhuLR?5aaUV1mD6GX)fzaLsKT5h`-`x?98}iVloa`HH~d!1DvKH z&60?Mw}%%$sQ{c0hwo1XpHG-W$)UuA7&yQ%D^j2r@e%bRM))K|4=b1*X;E*&tvI< zQ(liD;KhIKloejKN9f(R33Y6P?WM>c)TvdL>C|Oc*JHxQ!mLPMSgQA zxkxYvtItNcMk+FU{EVh#mLHp@L@tem$1w`Y$T^O@5W@xs&4vU$)uVGP>g5p3=2t;} zxL+7hCU4Pk42Zq@3WH(YI!B~XbJo}yX`T)$F z#U8Y-WRzByW@8(*p?*M;+Hq*gRgFcHWFb<1wZYdfU$kk0=(uc=GBN*gak|?^x35jMRjU~Z6o!O8o7UW74gjBS#U`!*W zrREcX1dm(4cH({w_}p?W`%*SvNBj!<6nTg<80JNXnbie7I67*e9D*vjEkCzhPfmJhBT^%YYQx9&^u7H z9be4q4n`L|^ofFF%&l3N2(6aC10pVpb__i~u-eH6GH)iyA^=msHzF`%Lp3S4v0-<~ zp8&Sovd32fRF6)F;1BTz0I>1D`XeUWAf4)G$e$9>JtjPTE}b$%zRN8h3wX^~b-|gu z^i1w-vPTX!Kadm+fpW`IaBYDSnxY%J_I(u{1!oDKG5VD~1@FalRsCh?dS}ueF2}faqfNR6 zHZzftAo5nY_>lra7-?HY50$n%3OI3(R1HG>{o1hM9;_-i%@z; zk{cXN`Y;GQ6r~A9)Jq9BkWuP;tOM$?70&y3cj3g=T@d!sIJ|uJT zgd;Z3BJ@$Stoe~}c=85Au(vljsOrd=`(H(QiQinjV>A=u7f1gP$AXX=MYYNrrKp(8 z6v~@XA4TGC?O0$sqo_N}DK?w?(YU`MD^_@9>{(rVZ1* zgJYiH>dCC4j?9e>v5(U$xoqjxm?T%c$U_QeF>k|USb&o^eG;doXie6D2|C`OXg;wQ z;wr%~o8aiG3QAwRm$wck=^L|tLLDE-@&c6jHz;+3PG_;CJ8LCs5zXRCOj0@M8N9!e z$HZ4L-V1u*DDYqqB#6>C-wC8~z~`d@g`gK>am{K-CLT%>Qh`NCCRBYAk_rFB zpTY$CDM~zwQcpxYzxj0egNP>Q;mMpYLz6brhyROAD=N4r$Cv7Lgi* zNI98Es)@7ZSlF*-&eN|6~CBNCadrcP=lW{WeJ zq@t!^{x5-MP9?TA6_rb4!0or)7PN~M7BqJgy3noUg_s0pJi=ihN+!aPDI!)}f*zK^ zCHz2pF@_+wOqoD;eW^%@oll-f_l*v<%3z~dsdU98kP!_h-2W{D8Xg60(U*y_5&lp` z_OUpNHG{~DEAer( zB)n@Nat_p=0C+%*W2gLR*Bq6ayegN3;tw^pO34odAL|&I_KU*O#>&f~VI>3M-YQAI zZTAA_S%|LXRC3YZnR=sk9>{Mhw;%@i0)@y=Ndi9Tsjl8Jm#14BVPc98g;pi*DG7BE zmP_N`4?X3~98LN3<``(q4Wuf$v^oIt=6l)@1i47$!s1bnauDUn$BKRVy)GjygLPcb zxV&J`0QDi8e?VeMBR1|e=w)qmWD<& zQOdYbyaD1BFyFQ2$|Xk4;IRLA3N?>%1Ux@SpkGXWs2qkFodWMKZqVHj?5JlzfA?3m z!KgoaHln|i2<2Ze(ex>zFvWDtkG6*3n0z4Vg=DjQ?Nnh@wUXil6CMw*<8aU96C+XN zA!Pw0x6NF~5B@RjmR&rG-qPQGIT)k2j!M-AvSXqv)c;Z~YGAgmN+AML4gmTGZ@`gYH8hf**y0P*6_F z5dg|#)vqL|A=nuVcHEqwA8|bi{@0(@pQBW*h33&6nS*N!o}za+%I-xlCk4L>FUfY4 ziMocrapt->;f(-^^^G7)jz;H(0sbF@(JIHcLh)cPS8Z48Tg zDm%YhtZy@at`{UE2JbNCrB|)YI&rqh-p7klnIhjOv-m6_OqvQuO5@PvM<5nomCjOI z%3yoJ4*^^0;<6*PG__0xM*ijy4Du(EjSZ+dzvYMBppqBNHtrcSTbNW=d9jS_L-1?& z@ZGzv+$$`as&>*tB$YH7bYGz?{KQF9>8*#K-Fl5T3zj1jDIdjy&a0ra6TO-pbq#C@w>asE7*BIF}Vc?1t5fy_jfWv9bA z7$uOChX;zh)O`(K_S{;&Y9PHh*5WkD?fWEA^<+tebgq;5Y!eoonGuQ5Hi%$EwgH{N zFx&<+6yR*O4MLbq&^EZ2|GO*xu_fmvKSBg}Tt-vH=xsXR7#Tz&5>;QGwIzrDzEIG& zMRh4hSa#{I|0|6~FO9>EcRR20;985oL(pZUsW7?pSc=n7TAHHbfUZKEf5}rWj?O*- zl7JbSkz@`w5v3yJvp^J}E%q%}jAPC`c^slZWSHC1ew+=#ZvMCEa|mAT?7qk9vB0_b z)n56lox$$D{LG|X?s7X)N~%g4jjMfZxo!Cpg!mRkh|+B?hS|zer6_nPl}y)Mhq|0U zSABZAOHXvu-!MMrPqy5CIf2|6Yf>^5jd#r-;|R0)KSm*(Um%}E0R^Yx83@=zwyW@` zJg0IY*fB~lH;nlAXZ)`fz_IO%WT}F8DgImm;27dCOVH&sL3B#O0Q?{xfK)$O94O8B z-9kCg3-O={D6h$pKP%`ixhmk8up!vl6{?9v@gd;C1^}CILm-|ON6*%nG&$`NXrEf$ z5>qTK*2`C0E)_AC;(Os4S>a1a&h>LOu0D77HqjV(3Xt3IN+A7=>XgT zg{KQK=icM#h>C`)LJG90Ej(lc`haSHq?@^4z|!J_BuLWJqHUCoW(RKj}l zjIKm4GsNsYFT z_KeR_Ag$T|0X(q3$8*TiDUyl9;)GQ`5Ff8GADXAt_jmUPmW2d1xi>&fjHLdSv~bFE zX;@Hv3~bR4)H61XOf)JxD%TNB2vv;3m9!s1I4Ot9z&vhJCF6uRLSW2VOJ&c#9$NV* z%FTH#F@0@i@$5E7VhFmPH-q;~#fy-iis*9sW@j)M0RHAmzG0(!v-9dzR}I<%;n>l z&ldGj%7Tb}-9hTf1Hb%;Jny?IM$o)~xS-dWm^)ZcrfI74Q3$T{fr)YPVO?_vA~y%O zdA&e>OWiR}%-FNCdeMNXip6I==-Gu)KEV~pIOkQ3M0H%1Es!8_q+k*z&uZj_fAXAx zd~7DJHF1OH_-HobcMD%+qW~v7R!iTEBPN-L{_xB;XjP+>U$*VXEC*UTozMAH_DRia zq!swnvCK&hTsKMoAM?>)jBlDQpx$nC1GND!izF7}rXpS0ju+PAT}4?KZi9%Fy5oBV zz%&n# z`ZrtFgq7=>HqDxhBYc;K6Y{&Qe?BtdhGu|#6GSr)p_vVQzUqu`%zj}hm7uY6eYbU+ z&P8j$n_K#d^TMmyets>j3|5rMl!daJT3}g@o$ZP#wH%%CFKUp+Kwe zjR;@<^*iID;J^>&+A^0l3Rpr9J1UzLTG=DBA^*1(YnwLLx4iHfvb zbh+4NY$Ug~=vik!%eKX0!FJAbtFD=$93io4A#`pc6m zK;$sXtE9l`nK(L6ZdJ^X8d{4mdcJ9U@_t6MqElZK9`h6;_SkpQj#T^Dr^;dBNJX@s5Ac`F@1tue?&Q~IoK2h>Rk_Ec@ zt2f38x`ScZ-%xemJqcz^5>8J=PEVre$|tHKfR$miGw6x`Kj`o7S23RTwTcO?Wx)h; z=^))BT$(c70^P@iBCr{$JG{BiM_0YMmiySXaBgfBctHYffq|(Np9!k+tALHY)@&l| zl^LA#@YXBfgQrfnx)6Wc`B!Cex6QA79wE^EKqAy-_D}bSua48Ru3<0b z5BUum6!}?-Z}sBVff{+)=R_3bkjfq9DFGx{uPD34Nt(gX!!hM)Kt@U9du%KG1^NuZ z2ay@E08NE!%1p}ELErkCRr`xv3wHoAmV_^fYw6>~0}$ajts0Posg-nBlE5*hNyZgo z@HPu3!lRW(t}Sw^on(EU>DH!#H(3bl|Uz+X!R^iGEK$55~Hz41w zIcPJmz>UHTM~C`~m-jfrvup;UY&JqkKSqgdw9PLmU5kEQELRPZmZK}knnK)glS5W`8zzrX#q!um}(}m zQF21xg{W%-U&v&!i#&PK)dfE%bd?wr>!rTPSXCRUp4)}S^y6}=G5yLeHl`nM0~*3x z5v#cfmuy_udgI}(YSx&k2mNLunTC|wisu(%T zndRs-6f~>o{h>;l8D#o8Ma^;qzSXj3<_dV=!e&-ib*0TLE_yC*ws3K?LdCL%DgOF3 z%LYCE{{-^SmCKf`TqfD@>z5tQA?8Lv z-#Q<%G+92v<%*N#-0~F4lUbu_Dp2--sJAXrW|QAtdCS7HzD${+K>i5}l@)lkvQ$}t zV2#DfR;SuGP_8VOK~KD3nPHAMlq{pQLvj=?TXCX6L)o%g%+11O1;iUlm(^hH^3kte zysUN{h4N+2q0|;ITW~n*E@4*g-d)7Z-W~qM%b3|5(OAfAU9?+UDYG2^HpR>yX6lzN zXJ#V5YDKJup*`2cYOaZ8Xd#PK#d;W~TD>loVdAu}jO9|DAEP!_3FmLT#Gj?nuCvJB zO18}dm-#E>_+(3*S@W|>ku%qPwCQ6Fh0bc>uc6dgJ^ba1owcFMpQ79uEgv#Hjn&{T zujO#RH*~fVfaZX?PzkgaeHMzKwd}E? z3|fo+Y73#Y?7dYfv^Mm9xMFB6dSAI5TC3&wToCQ)6hw2g_j5_Kf60<)X2{W#E{f(r zRF_4oc=wGKMstnkxis1erO_O5THji6G{dK{OnJ15&(~BStpfV;CDJMYu2Lke0_3V? z(kj3{7fO3Fh0@Gu&ZSDFRRLI6v9v1qE0jyC0=ZJbv?`!0mrSby{O2#4X72P$mQAY! zv9`i#l|8IdI;|4uYQ@tk!LD9DtrGOVKmj$w#9yg|n#1y3q=;G(jpfUzH6v1ANUey; zDy7t#acL-~R? zCC9#g$ualLtyXl*4bxS2td1F0C_GkyfTQ$S9Rh1BK31_h%<^NktDbtrmS?>Q|xG0%{ zv8yauj>~!rla;%5l_sn0eU;*5mE9N0leI%&i2`M11gc7u)uQlZi0hFzSUzA2Odn?vQGvC=vFTxQOV>3IqfVf@GPvyRJa`u*f$;$3Z zHQB_6L6Ja8+(#tk4mTJDvMJL@STEZEa?d>bTa>@yCrsMKCJ%CY<17q$I~DGyP>$Rw zTo$_KPI*{SGow(sOMx%%o7KJ4l?OXiFSSYrtrB6myiaar7@>^l$(t!krZ6090ndH;c4Ea;sliKA0l}n z0x(ISE{eh-4Q29(_+}`9^e~an6=w{Aiab#KC47%?G6XxjUVugzM&8b@m+T0?pO^ye z7s+Wd1gGNfqjwk+#@Hb0l2{uRwd1EzDBTBiAF(d}JkjwhaL zQG>9~xoBwfjpkm|jp{iEqnv|b6=9aA0}j)LS55?H37IkdETi0im82*sG*)K<)||+P zS_k1Vf&lUZAJ2!JctyA^bOr^st)_6IP_9u3iZENK0ivp;rx17aF0}-ise+FILQ9TH>-i zz;7j!oY6uvomn{Bu*F4>S^_bOP(Oh@4L40PSy9byz#tAm_dj&2Y3*VLMFnPf9d=iGp7e0k6o+dj(QQGs_J}JwI zTJ1(S3d!V3Mx7L1qG*C6bcLgc1fwgO!ZdS$kgZa3lhw4Egk%K6rq?=%v)qEI9#_<# zq8aQ7FExYJ&`_eDA89wYR9z>g-x=x{0>*h(zC`u}t#V8r8X6Tmj054?36TKH}Ew{|86y2v+ zT(?^A`(?giRB!#=9mGw88siXMiPkL|;)td^TfV+6jskR#NsI3Jgtl)P691;5oeYX) zqWX%vqON9WHbTi&1wZf$J1T{Wc*`#!D8HN{n4}{F9dn^yY0j=|lgbl}Jf@571Ztz< z7q8?sh1BUq?78;qI__&=?{&~{)Yx5frKJ_e)27POI=V0`ES2CbR9~sFze07T zR=ri!R%-04wz5*Io?F#bYNqkSRaI*2d*zx+Ef(FHDk>G+OZD}Yq+_UrhF7?!B>^c2g^sHt7D=#2aGb(NfPLtmlbj2qxe zqEjU-IJ+Cq6CopFEo3g!S;RB7)#~dM0ste!>FR#E!9~$y_T=6fF4Pp=va}}GH zdBE0%)B0;ihE_#~{~#ltMhq_Hk);YV6xR%qNS-by6O;$Lri6!sLJ_C<4>FQLzma)F zXCkJ0X^$7rNxOw1I930EsmhCyb0DMXM@USM9Y?ReXPiyjbt#}I`Jj%u`S9g4VHXH2 zcyuWLg3Sllnq4`B7Eluzv4rfmZHbd0K07?M`>et0^>O3w^&fFk5YAGvSMQA zadfNYrj&V}F?LM+jMw28cLv3{Hw!i-W@2wLM{1z#$e5}ar+9pBjP||xq{WzVG(ohG zRQPy7NA|II5_$N*vS=}W5ahawTbiB=|7h&(p2a76G9O#*|egp#?F*it8_V;)>PO z%4RIwQ)x(cwT&3h&a)6XvamYlpjex#P0wznH$6NC*Gwb0-j;DI6u>r^Y;xC+%t@r+ zM7?u#Cr!Au9oxyowrzW2+jb_lZQHhO+qUgYIB|Yoo^#H-zQ4Ox^;+H4wQBdh_jPw7 zsk_pBHGr^lbkxx>N;V=bT-AiQO@m;r#a2|6thZm$`6%y{)}SEGB|vq)D@1Qt_SB%) zPa=LDcd|8tkQIfy`xWhCkckC9dP`m=X(#6cMW2e3(2zCH8^dFCkq>5j?Q$@*1kF@3 z0J#H&Qc8whLXGi|yNMIw`rjUzK<$SYQtnJ2&H)IEICL`}m%c!DyMcMM#UGipt?SH2 zlj?OAz!aRLP;!$!AW@r$sZB+r z0aVx}99jw{Y-HilTlG+9#+Wf@#x(rnN)i4o&1K<=xDDz_ymZ|`Pfau{;V;}XB%Swy zCRTZfnufOJFIq5dv3#+`FNtzoMh&fb-sCNI?-<(Xr)net1CoIAtH7Ni=4@_5G&vI-BeXVu56FY7P}OL{ zlSYe_R8$0lQ%Vty7VhJiUoJj{OYPc!4{yrTp$9^cN?gPqyF>e!ql;Uw5uf&0H9vyb zktuwbX@J5ycQ47bjDu`0Y0Jt{esj7ey9W{DuM_tPk^F<5?r`+PFCq(3A2gz;VV8I< zw?f-a9+H5jF%}ey7Rv}d55<~?@Zw071s=Z-JDRUs2^4$wJ8u-@;{-5ydoU3OVn9Br z(rO&F9SwOiMbWKB6uJ)_M9{#%H$Px+z(C=3FK4G`t?t{_9AI$g>1W5t$@$tgaQkgw zcedAW&{ELyVaggZ(Fd<~TgBOKcl^=;D)~#7SOg8w;~ldc*QdN$2FcHg zkz~G#oY574MS4b^j^oAje_*@qrZ$rxCZ%`cI25Z3>3K5MCeA5Q#%LThur>K#r;2dX z&Aw+b9_!H@s_-I<1eJEyYL?Yz$Hf@X{U+0qi*3H5@NFdVXFZ zSU+R#AZ1no*oUCO2(6o@e?gU@-$d6%<@tIF1cg;8D16l)OtllJ51tEng$yR4)N&~# z9$xTB0@3jYF!7W`DJyQsY{k;F*;Qr(2)uHG58qovixQKrmlN7@yiMNb zoJKMMSIz76=(Esjc&e)sUa;qRzA9_#`49L;HJ=G`XANmUPIo&JQ67XyZCF3vqu+`+ z4GSpxruEz~hX=f~YOhU4%xby64%-yC3d}iX%cj_IN{n6?S9yPIU(#&FA}r_-G7(Xr zqM>KyM^l(WEw?^|%Kmgn)U_L(zdnq&=>1=@%b-vfH73~3Em#OgB2Q9EnD+GRMI^|O z5~}&*xjkd?z?{mqyWXjyaGG7eNc+k6SLCz<^=i@idOjd0Ds1IN^=xH}uM*{F^(D`h z3?A5;^{9s)@SD}@AbeHl`6CW68;4JQd|k|BI~#X&$hpIQZ-8u6kP>(byHSDFO~+ej zY8lO%d_tPXL|M0nPtD?U1Tj#N(gw?5oTEyL_J4sklr-ewYJAl(*-*E;MsppuC2+P; z&cIbB@wR}~2bE^{5Z%IMg}f)=%18wm1sDej0<%cxF=pSHg}zDUiX8N}4n>&JOk7RU z4mcmCqovqv4HHCn$^=~z0lZHGNC#FaYuQO*dl@OgOhI4EEFN!#m-cj0-7wrF${NK` zmvunRB{x9%6a5KrhQ&m{ua~RywD{575$6d2>_6{b{lv%t>hE}8&hEa@{J6aWSb=kS zLVv?&+~T|(dc7~g+XV8m^|O6H4cK2ZD$q%dY!T*Wb?6X|)-9IbZh2JMBGZ~BJ^F`s z(5emxu5tXSFp0=rLD0fXVnOb9+;V2m=J5NC=RY*F`N03z@z+NogirVHMEXn#^e|0{ z812O09_#_pV_X~&H?*MpOLtg1oI&*KR*;lXE}?f_VTiPivP0TFvoJi&5srt~Bc;s< z?G7mRlMxo_Jd(Fj4?FB(Uxqr>fTiEJlGI>jUS&=-0Nnyy@NrHW}qKSkyLtNy? z1Gqbpzr%J@QJ6~lV%DKKZjMNbFQJjdDd`ed#!og26_yQ^KM_?Q z8a7unaHAXu7F@$jn2{BE1;R$P5njJUa}yC?n+;&WkNL3ukTnFRHgBjtz#{`_aUgm5- z*oJ;MYz_y5K)!ZzH&`y^EabMz!Cy2Xtr{Eo8wD*Skoql9cG+ZQ9n(`AawrI&)__7f zK8pdl-6y71jyq;w#@ms83-BiA$|-gSS6$}~SDn&`cDdDeNaK!L)R(PdRqf{g6C$mv zwDsiS(`{9;glr{)LaS;H_?HQC zh@(Vk`;xtxLe-h>niR9L#bv-=w|=Ajm(7NiSFFyxw8N06yrb@}IpWNr^Pf%VRfSH2 zq^i#pV;4e$@Pt8uDs#1v^DNT+VI?SwI1Ars8+?V1?j`W$US2Q1S366<+zMIAJh#(e6X9bUisb-S(q zMi$$p+AABwBoncBcXfYSifG%y`N~{Y zJ|U*Bq%tA-^Rv!Lc(E{W;a5uDUReP#ttr z-TI7C!zH&;IZG)65zr%A4Ak!vnqN`FwEll5{hYOdD@b!2^u#=e;YK~st2c#I?8|f|^AnS; zh}njvtSVE_@t4qkCy~U6@E>FARex`f#LC%U9SVz$lZx2*&l8q~OEXf>mJ9lQ%u03u z+6ZX?I&mw+w9$bmF4dZ#S*6c9lKpfBNYRLs9i0Rj4US|L87&X3(#-03{wEt#7cAby zaAxss0VC|%6#)91)=(^Ks9rhOGIpgGcGy^7HODUB)0;$Y1_ zH~jk*VMk|HW!`?NI|j0zyGOdS$*9c+FLnfb!SQI5w@WT*6|r#qSapzSbrUdcgiEZ~ zE7;Ki6zgsUIkG@1T6q{&{(jXIY8*a<{akh4rNY-2AK!kIP*pU`!5E7b`_|Nm*5Fm2 znolN2+a7%+nTn0rWxA~~(I{k4D z0T5j!p8$2QI@i3fzPNki=oWm$dWxxMO6U=+i^t0Uk z0{0fL^izK$zc{W&`G-COF87~>48I7jfATYaKlz#2XS;OD+d~`uUgtmdXmGHqsRq%e z<#+Q49r4VAon~bUiZXuGeAz6?!mVEjJcX2nIE6IfmBy-y)zRIHw(IJC{(fepVu#kc ztV<50q_EG>s*$#@S%TqQh6dq|{2ghs-el5nSRhE8hkmfh7esUpzF3moVKcn~v(;U~w@x2rC^X*+cQ;<+a#)dN}_y zHcEp$UK_XzRAr8ih6Jo08H=W1?Fv0A2_WB@xnttyY3*ib#))aR;K~FvE!WY7Vco0_ zn(%z|-;7kytD3j!yQVM;tG>+F8`ZFBzk>co=MjKLr&MTlPw@7kaCwo_;2xf3=TSX!Ao8Un?QYpwFwv-Y5qeJ2CySvO(R`iDH0lv!5YjXq>24Q#w7m9J#)>-IOe$3;}*paWDNJYH>@bbmX{UAt-6gU^OY9@`o}nRm7O!5kX&6m?v z&gj)?7DV0Z0=P4#rUPz(D_-VH5Dv9C{bPvOv-?|4ug=!vTmWjj081EU)>+|5YS4kp z7l3-#M_uGSLEVdM?hD}eTa7h9-^7|jv((71FJ6{D_vP8nPhb7HZsg_)y7OcW@csWv z#kZiw>O*Jn&MojNd*bhg_aQ0;bf!Ni2ImBFMzN$03o8LsXNifu{pxI0_1Es$Jb(Uw zsm1JIp!PeZR=D?c-i!skFJ1sm0N9yxT2wvGT)_l2(H^XFaR$XNq!@SRAf##{6_ z{37M{k4t~ErcIG4E3p)?k`g=b`eK$65Kl3&@xRuJ`aztw4KTF0TD71+$?nt(RoqP7 z>J3kg$#>j)7;3K9WF0~Y%FQc23RtU!{JAKZ_@S6eCNdrO_AN&FwR)Llz0~}p<1LFT z$X`@2jYwqO&M64b4Y^i~tHyGZGnb3eGyZLpMBrr8Q&gKnmBI!mI=6a9*8@y_&7Obk z;p^!bsH0RHrLq;Oarb zAxh!)3u#8KMz?|9;(x$7f;EcfF_6m

rKF;g4%Y1WwU8c7Y0n3{TDWbW^?Wl%D2WrF#BxY*u@a(7 zV26|~lo|^rx=+=E20qI%s51ZM<%A_FWXl(6+OitJ`g`h_4*tCKIrr7PTQmJ5jZ)$j zK|qVN+ZH#xe^dk2Z(K^vX~}Rv(IFH#Vnx$YiIppL1?Avr`hqA;|4=$jEP;)msf>76 zWD&kvd077wuipvEu1h9j6|SUo@FWDCbLD_&-T$8OMPHdG1ZLp3B-^vwpP zjnIbA9T|;P(6OE9*o8w)6Z3q1u4fw^ai?jWqt?Hl(kbfXM%hr?i5Q&+`A&lS?7?UK z(Gm7Jm?Qw>Fu~6tex0*+Du7l-K2a$09#JT|YGB8dW&Ca|+=%J@2I740C#e8hR4CXG zztV#+kk8%QEu*QMy+U5%d+q#hIe^J|SogPJTk^4@?g%TqjO7V3gPKB^fdl;2T2J~= z`FuIf$F3E&{0}c&(0fisLd!(7p%El~5G2oGZvacCY^d|iZMw`_ami-bN412~>usIUmMLYaldTi7ZeDMo}-vfE*3a}a@u#3hdfw4~K1<|Y>>$JpyhI$HEFHTBcf&7`@U zUm{RZ@46ZG6aXg=U-##st|0;jYRo;u4Xynyntdt;?@#c4Ow~On` zw4tS`s>h_M$E752B!-tYX@yLKTVuuQUJlIUP}Qi>k*=hqrmCr>7uCihJaSf1%HCn` zDV6r?S_uQi1=7whEON5NT9Mza`)$kdSHFD2ingzh&wXyJHS=4`z0=ZsU_J4A7+8wx z8n3exi7UAiD2k$fU*;N5&{-~~sg==3)$B{7 zoOO;A_qvzDw2Mu_(J(wnY`fJHT#C02@Z`M_<{>oItSHPwC*|^1M5VPEkbaaLt~-vu zUp&w>`A=e zRB?(!tqxC35XCH+!+p9>f)1EvI&m;-i-zS))T#7y;Z)ZdPI+aRJgmvzit) zTAw_5#h-(jO1`}6Mg7exm!I*C=6=pkE*Y74mUMn-my&dD$6|9~DSF3iqjTG+w%|!y zs9IByNcQw?hXMGyeZ4&Po8`~d&&|G?+e4Ef6k=*Pty|87%%#YE`roV&(Y+xj8LNvJ zfjVcI6D2kJVNCr{HxKJ&hz{UI1#)QhWR*)~{RQg6C*HO-Y(lh%Jo7Q6oBXejB@cMZ z_lH`_(ZJ^ROJx_^>qmAz`m%AzW-o;2C*od9S|jns_dC@!H{`1E^ObsfBzR z8SRwKFKFIyP;_ELye!=Un&6LDiie*Q9m` z0b?ElxERHh00NVAeIiSAZ*?0FuCtX91!$_3`( zNVBS7`_$j-XsTzJ7LOD(&^#i`wYvM7^%&@$v8oDb<62wdlJ!W38P;5Aaz7}5ivC|>rQYq+WTla&rxl}- z2fh9f?x81eiYrjGAeMMUj2ajUU%E^E7Ai1vg!%`V8li!@rB(#B8Ey_Lpq-S_RduWS ziX~T2256?HX^i-_P?oH%O^wMvkQD51W9&722jS&UVHm|$f50_M7X(;Dqe7u%B@1=l zTOey*-OPmpiqOlzHXcPJ9w&t$>Nlx?cO)gm8K-d~`r5Q?aL@-!2KmLwMp|r0XLq%J z8NAzUV;jrvuhp)0e(zmA``LZ{x&jd3UMJuB`LzJN0aHbv`~res`aZT%)qh@f2G+Li zrB$V>=xj6%=QqJ^w{cGdI>b$U8^mKQn1ZRF3QLlMF@9wVKHjv*W#zlK>v`WQxT-DM z>eyp+JStK#UGUbHcafWiu02~f2CEo*lssNwt+UFgQjFgwSZ$@CRtVINQ2Z@yPiq}S znt*lwKZ7ZrO=2LS8MCTofn=vB~9ziK*-#vZyP0`0IHt=df2EiW~B2I)7IcjGQ( zwG8qch_FoyxPC?1K4c}K*|6Wmyn=lK+b91C2q;bE5zl{U^x|0lM{E9ch;Kdvku1nB z3wuddliC67LxgwzxYS*5sM@CEWcof59aLuks4)N}VM&!y7D=KLYn_2wbOP+m>)d}T zQ&lmzKDL>A=N(t9a>b z9<$$tOB4@<{C%lF%YXUQDob&3eXUsOlxbKbO|XMIEg9c89IS|FP?; z26qQ>;eaqkX<`eF=sC~dv%@L0ph={BlKd1DMzWxTSg?#z>y}W(*jlJ>h zf7|WF71aW-*8O;((zt8XK-qZSi5 z0oi4HFgwTSWF$u?U?p>1GuXZ~69D8`kkYg|*YB<-fM=ca_lMPA&2NFxzY8aRA+K{G zFWLht*6T>QZUGd{u=6%gh{t7)B=v`&q+#|OdU*H>9y|C+qRbd7Hw+?#oW#;)qyv3U zCSDwSEL&}${sok@!l;41 z0D_~o)2}|4(MRH}t_g!*Jf9&pj`!V704`V835I5)w&c1v3G@lUC9oZ%QFH;r%tVuK zggJYyH;0ak$M4Sf@5#Fp{!PTG>dthqzlLBG7NLd9308)Rjq8m6v>Cu?e(t>R|_?dGR z^f@D`Xlj=p4of8ROGDQMni7cUCgPx}O5}FROC8hs@sqLg!7&w^eE}UESaEUP`etGX zNA#z>iqP;xEX|MGYC)cMhNW6)mx!=2d%7?cC`1)}inhmtXervwrZS`CS2~uhS*NLE zp~H9G91FWZgV4_^b^Bh!=Ogk2hJ%%}y;nQ1e3MHAbjx6O3O%OY*v<2Vvp6_vL8W5TYm{Ws=3@8cvT$RDFPg%~-Bk!4ZCYYy*H zWLG&_sc~1i7C8rk)tM2AO8({Qda9O~rU|yUoj!>1PCak8_Ng7oH&Tvt*Q+2$9A;7D zG(hFA?5AC~nwsC3<$}fh`bSXG>5C^tbJwYCY5MRkp=wx4%;!e5SUy^azkwxXmQKN% z)|3Wke?n{#DrQ!s()ffuR__X00pv#oI+0=akq*YLsCdByQjBrN7z3llhGCSfsQGCX z4TBkzW>VcV*dsvZhI}`>vsnG`5JMV;a6#d)@=-szq4a4X;}MVd`cQHkSy33@fVBGc zqtz5>W;Ae3FX>f}IuWJ^S8A>O`P_G|MtceJLH=>qVLCC~gwSJYBLzFnBdYCgb(m`+ zdXL2_l-F*_xzo{Crgrv}g+RS|zPzxKv@OE(=k-lo>F8KhNKyjZd}*Y8xSMPW#CX|k z`?5e-&Wxky*CniT9smD|Dg^o5?Fw7Gps8iIr$qF6Yia5~jznFo{I2hN1L4YJRg*h( zoe4sx<)Fe%tf7Qr+S*4$h^4>yMsa{79=?Fw+-&`?r~AW3$LO0X2KIkW|L#8@E{Doq?Br)@y0rB-N>i7U+wZqh_;pnb zS7o6jZH;{OhS+S)&S-X4)!N4%thX0Wv7@Xp_cl#!pJD4WP2pl9m$sm64qR2h{c3}1 zWWWf5YjE2jnh)sTGIXb~XdO}WjSb|J#xieJUjZ9lYya5)m^0X882pHz$uM@O5{3H`WBBrB+F13PGvVDRxRtJYB^33BGjh zqtQOXkoCCnc5v}FN0H~t#mf(Het-XbdVLm7Vu(GrM{$7h>>9Y~@$IW`-i*lZ@%VZ_ zUV6LVqDJ3xrXQprm~1(7H=$jp+2`DhGbj zsDN}7NzseE9lMLJ$RatQEJYr8S>^v8Yxmgv>GIaj4Z zMI*myMT5*{sjaAcxypMzNh{Z=C=VV~9wKv^_0o zA63zean%WfS2a3hxSq17&Tlb;eUjeRAeR^O$eD$u?90H(oJ{su>pDn%+EnMD$M{8e zI~;G>QO*)%>5Zt1bt-GyvQ|LT5#4@&q9#`OR_8GBy#J?db;<3-x7~ibw#Y2ykV*cC za)}*XoyAHu8lqE7sLuVPt_kpXx>B|V@Ok(~%LaCSOydd>7Lv(%lRup<`lJ4JXfSsq z8lJ}Q)F5C;OzkFKQ%_X(H5_Q~aj8e$Q|cua8jI-Yyawl>FevBvC07X5tqq_x0hi+} zKubb+<8)9`SUI4q8=uxQC@)`~*Xv78(cYM`r>XBqacwC_7OH*xjdD^^FBP>%18Jr) z-lEc^`s+$Rf~=&w$qPF0)LwH?v1{Gk@a0+;lboEmC)wFnWx zR3mn1tmNQvO62`4zD%tZE{{92PJ`4J zJ++b(p)1JbuQ$I=AkXI@&gKe%+Uy}%dKkPBq)7)t2=-3k&bjtYT&P`6+?5aXBVnMEszY zACAd!y2O zdq|S>^u+gjO6Oy4Rt~V?%MSoV?ZkYY$xTw<2*gpyh++xzP_##rFW_QV9D{}Cu8xE; z(Qz3kbYRgH{e=*liOD0a18#-xsU!l>H_>ah<>BEOcj_MGY$9-V731IYn`r*l9)W5g z-<-9F6l)`qD+}w5+w5!II>(03`|C9<3v5EiltzRk2fdROk<^g=Dc>Y#<$KQfzfQxiBbu#g zVJesjL#BW%=xy{4pb#4fRqrfWtKs8#?XmY7Xybms8q6iE##H1Al6H|Yt*nGAxO!Qw z6=oeSkoi_OC1->++t-|E6m5j)8UUMLDo#i#y=4KvgB(s<)Y`Us@E{g`rQOCu;Lpdv zx3$y#DQI&oZ&kazpR}>~CzA*DN3pHdb4;RUdD^}_LQuZxoAA7JW&m|LKfU1#R;W2ptF3!rNDqC){paWt3)yb1E{ z)ppd=Hf$qh$8SepOt(K`eqRNS(ruQ;O)+&PVidtq0#HVu55Lcv2Yl^(?SOpk?d;71 ze&#I&M7>U0!Fg6OjWern$Ox09FPH0#LW5Q=O*J9xOu*Q2%gkq@+%lOH32|isW8c(G zW0e@)g%H%%5TA7b_E|lTIKFsr2C1b*Y>x%)F3s9W0y8y%11CM_1?{_O(YqQJRCefRZ zeQkR`3t}P%kaIT2{@v%M^nE4JxkE2Hzlf~(46o7l5vO*A{I0hnkB#jw9-T#9lUgAS zJ_u|?1RW1!-vDpOa^x@GRQsDgVovz5;OE>!-tihVr8KC>I*?%FC&qU;hXk)c3pJQM z5)f7hEuRl(14@MmZw}#!z@3LQ9HBxTz$`BL+d>M2OYCr>WeU7$A>4i=?K({tyt0gP z3pf}Dp7T7cZd66odv(Ww_f!w*R>7=r!1N;I zx@pC8XdPTIcR&WU8CqdH1Eb5)2!NXNi1l7xEq{&+35Z=VO!rjBJAnGI$-a%jN30g2 zl5=haRzXihimMEXLouPhPzOHb3{Qk^(W)P*$7eO6ML`}b5XAJM-JeJoPjZJ+W)iwz z6y56yM_tS^!ahE7bc;VhG}99$i3{e>n%EJdjUW0-=G~Y4J6*R%ZSS_Jg-9oW22Gnvjxy4&=JbJX3sh3>Yeq_pgC7reuhu z62dQu-*Sqrien(v6Udz^|M(4aM1p+=P+X43j#x0i{PKGI(z3nFR+zIYkq|pL1x1MO zWnj^P_;EwI_9ygl<8=OUGqS**J0gMOwLp@P3Pr@K09ZFD3+zvWQSIS=7DwUAWubG| zd~8$KOWRLyy8g`j?CC_Gf&eZ3*b|y#F_{a{u-x#8rI2JW+z{>#_nm_+av+nb8!FkN zbw_kFe0HPlw;RaPgzn}?Uz$Khul z`ynvTgPs8T#DHGpk0hV#g^VaBTEt1rSTa9GpW&ZPI#0Ot0>o|*k7JmhN^<{4loO03 z5;LKsCgk_<S`*stPM)`x>*i6Ol>qaCq=Am`S z0T_TXp;gTC*M`I%=eIV|0b`>L453OS*T1?u8Ryo7-ysOMhfItO=@6DDvD>uDcK)>~ z$>s1fvL(Y?Nnk9C@_}+Qn0Ge~u2Fr`D>_}@aE>ehV0KBdnuZWhTP{IuDGbF+LIkF4 z7^z@r2Y42S}=0Z3G-cjl-Y{kjrt3k!!2Ai!@Py-FXrJFm8W=yhkDKPx5=}^ zPb%p#e5jh1Y)$1E5&Zmh>u5{U-xATP=1rn8&-w3xEcIrE9}a{Z^MZ4vf47q2e><() z#4UsqT?gnfqzD(emuZT(it=7tfufv(&5Kp$ER$rr=a`WD`BDW$xUl67q4J^L;I$-5 zF3*UzqaKd%A0#%KxItRPkl#qMHIEcVG!8(9wz?jF@=^=qcA%m$%TI6RF!LTbAT3m& z5HlxD%pR+#iu{h4HxMzq-Ip~387R^NW|>+_5<$Y>fD*zR4(&tb2((q2uCox_B2HZM zp8>MTAH`}-%9EtlDq*3TYhaCk)*tFq)B=^w_&uK*EIz&w59KW8LjW&18Cc&-z@&z# zETjw+N2$g-*jsO3U_;&+7BHZ3o>5XPI!oMQRwiB{DrnKlL$LMpQ^v-6K6wW0v4LOM z(QVY|WQmcbAOMCODoN42?DM7>Ei-m`3%tfxf_5b(!S^DpRnHFry37%Mo#BM(7Yo%j zf&}a-P_L zHVkwhO8>>>H)@)<%acy~MV^!e&dKr2J+PN!5i(nf8jB08fnLCVx1jBMSqMCOGVMPj?MmJm`=4nLnT2Yddqc&4W$h@NlK3Abr|w0cvHQSg8e9wj`wpYr+!91T2L zaxy=otRH$Y5TVCv5~DPJ1miRKCN(lx>*KI-*Pp#;#k9+sfq*dKOFbmS5h82{cGb!9 zOtIf@V3$;~jO+3(6KIqR;2F@Ylrc}#XNnlW$~@esLHP*Sfy}6BG(DAy>YgZwhPA@d z*OH>Oq}As)`2&13k77@a*$bd6Xp2!KG#^dNC2SDDk&d;YzJ`)Yw)I?WZC5<7~# zw87RY=%6PFlJWxcX%p{rPkPLdb95)JcH3a0zSj7OQhIZ)%xe}D)JelqKluE8#Mi=_ z&s7^s`HMFU32XgHj54`qNn@q?jx3wt8=3+hDOp@?6C2-cab?OqS2B!COY;8OpSPVdX$@@WptQO%%N5U$D%PJ|ovD{lz7~_3Tk~;OmaY z?hqywpd%nXtNt?o+FI|dAei%F!+D&19^^;qGlBndGu{gPgNkN6YdjEW{CA%>kFUsGpVptCXVZ!;+B ze6CC@arEdBgTOcU&n|HPhh*zWbJaeyxNksiJ~0W-4e3fqYP|?9Z*{_@N;S0Fr&Bbr zs|WDNIG6*`lrqgc*l@vuZ<0_Q?*B&nto=N1sDFz0(w|HTh8vG2lCQCbtq}^p4V8Y3N>1FM2jQ1eh{c`f; zds3-KybcmH6acOVStFHbPY-)rqk}(gBxSI7`n8YU199f|C2F`6kW4otXofNs)TOo@ z{Fx>QC44Oy`i0avv0Yjc*i>sW-HyP$%&;|$(;8qL!>BLuqAO|X$w<-(wN5RF zF52AnZQsQnWbQYE>6iYy@h)?UEs8KH=Xe2*^Yne78aOq@|2lBF@2L(5E1un1$n28H z`dAKo@JcV`M6k5A6WgkVP&o#*oK39BOF46WDsh8hzAC_ht!-F%-l4v~sQ5z(+g>Ju zklf5sq+Ykk4O(qw9P%?8%fEs+(mr|SvU~ayX1OuaX{c04 zHyHb;i8M*E7E#qkC&4lVB+GHK(02Ub(ru=myfX<6_cXQ$l`^)0=85rZr(Tr&(b~!O z4Bd={CcS6OvtDnd`d8$xXsZzSPQM7yZi_3`)E76T33uo00vM#R(jao}0#-z_`Id~R zN#rO}^jOII)py`uYMd=ByS2)e z!r#(@=wSu&D%YU>90`7WsYA@a{(#!s=FA#cY9g4t8>|{+z(l!xQs1-sf4CkNNS}@= z6X&i2>DD>MK=6Eh&t`kcxI}GbL!;4QRbWW-uWoFnKpgj>m;`ng2z|c!Xv_<&4Dfov z?;$JyBJ6bm>3F7Fvp|{;>=R^(C%eClgv6Q1yK&Ntaj{na)_#YBlB2+ss4Q)n;)obh1IWaZ!tFjaPENSs`U;{{dl^tAF9YGk=izikHv~0-L%-G_gFY zg9rnklod1!+j8ce6{gt-K87dc;1vi?&>-AXrt{IK!QKEO!WrvsN zOiJwbA=n0*ayCY*T-CS!l1{c}oiC-sV^rbOpI)Dm5uGl@#{!Sn6k=<*V!pk=te_>7 zRN!;*>kV;AI|POuXNR%xZ%s%y+S?OXK3s6`jPafxGr{p$1?>E!=YO}U5WWE}zAOys zP7ij~E->Vdnnvl0TZ;uriUcYMXXd3i|aVY``+yTr#T@gGdYB->47e~CHm6j1&u-3k2Ehi{Cx zhZ)U>G04!9&)*#iOrb|HnM3DHPmn_3hcsIoCq?%2XY3LWA|AF9WFK6PHM`TtFNGLS9u?L=rj$Slou zx;Z43_W!PC8}lQj)5%R`{um---w6Fz{f$orSA$K}9HzrS8a*^hLB_H*v7dFKTqS{U zQ02iLDN^43v?79UT`Ud8)d;+Sj??zZ~A~5k7a84rZe@^ zJ_9XP4yDu6;1pz#5DSBU(2grw>VQOIS;@G_sw zc@SVRCVe#eD>bR&3mU|+`ae}YMmrc*)Pa27(wYYrB+|yB^c~~o$rOm&5%%%eUH0fC zMbv(AQ1C%8oPH_)+NlX0q$%cxo-0o}f0-5?FLyTYc#-yeV&Z_Ur$*iu6AjxbxdH@Z z8$Cq>R!%1PLd5+W-(zELJkE3X;QdHX93_z?OUxO)g}Niw&10chcxF^n7&WD(ssU!) z;&3(KIHgZ1e-FT9pa%Kj0dy?+?|I7l*4=UnR)%IUP-`9RtPhQ*TgwC zR~7|Xv()`1(O41$Gmtas{MGZrH7W~&%x@Mi=^DLBgBM5yJNa;QYfHH6(j-ih1v1<$ zDpwOMb0s0mMCn?SvM9*Fr1O?}^$vPXK&HAv(AVv*am59EWu?mf3#SozAGoCb+n|P) z(SJ94DBXaT(SNU}#q1glzWb5Z-j-)T)+{Q^H8SB_(tt>|xRFX5NQoP_xx`hMrfRub zS#upz**viC&yplHO4|3ece|yh>nEBLx@9q`9!-1*MS0w5!wBfROg9hWMKsK)3B_NuY1>`bNc!2&lFfpooOklE7cO;)fCJ5RJ7@vX` z6$=SIllyO=McsjVx_X}l*@ZyX(7dR6JyA)C5e_mp<+erfYC_!!n&KH6k~FdG{Vz>? zGBn5p5rVSdut6~6Yjmb6XQLPw+2%HKaUem~e#ZjRMvSBO5zxQmllJYdeCcwH2JhxP zl&%1oy8f;r|5jFsB;=dXDsvs(%|cgKni#UZq2qFrBsOW(tKyhFj|$+N7@aT=y`qB0 zDre^Ru{S1=u2?b8HHy*L;Gwhx*^~x{mzer;{ml&7G@#RXih_7LB)k_A?vfzFV^SG( z7kKM577-GWP85#KkUF!RL{W07lJMRhNainYuHz?w41fMPz>R?>McL2GfJ{@iIJlqC z(uc^+?|seSQu2id2-;St89AUD+TKsltvhL zn|Ya2guJJ=--^;mj$3VZ=5+;CwloFY@;RC_aH`MJY>C|WICrjDVAG?zY^LTM;O6FP zUK8lmWNWtUaW~1=oC2<4#^&{aTqBITQP$=h;O69Qu7ldWD$4?{dG6*?z}04NUJKwg zv&XG0gL96fu3;`pQyOvAmF97NAh2r$xRqveemH=ee^hTZ+wPhIvJv1`opX0hVU;P3 zxax{C?>-2fs}bNf>DP;;smgVyN!Zr`C7S~7b}~M%1B5C{O^}&dzt8Vg87fT}=x5-9bEKAV1O-^d0 z09Tb|vkGvV%+#nU#%=Ob7fU0qy2(;qEH#;`D*^Y-=c-0cx#}ikb+If%l6SFD7$szNH=$p;rgDVSgtg3p8h&{uJ1P>7sj|d%65Ifq1O0G(&}?wmjoJ}llA)c zV6aqa_9SVO#<@@y#<+!(Ia?3i9!@&vB>=Zc>8wh#*h)7^>|BR&Yn$468Ne-?-nkBN zYn$L1)uni@pmB>Pd9I~#>zd{n)g^ka0Nf_kGnD4K>Q_kkoOyYE&r;1cSGm4g+UF7_ z;vN985#a73`SX3ouCmeyaCejfdaYpB3~)C|1f7E80i}XQb;+QMfLkgZbS>c4H6b)= z7VG>*NuiqoZq3p{qq@YzW+8X;7-0B#5pB+`6WSUJ!6grHM`f_ka>b zF9^6zvgowbB#f@dxD}<0PVsTAl148m$88cvr)43)ZPG`lrI`!FCW&;R)FhIg3%GAK zl{9K>I=}0L(rXX`ve66a+e<5*gAj0FF=4UqAx@^421zj2`$qd3d1T&Ra_KU_X=X9S zUN*<{{VL4@C~s0s7fNlK>C^8Ik8YG%`o@{0(@f0^XJ@`~Hs-VggGhG9$~iICB)9mR!UhH49wHkc2Khm=|^U4obPe zYd)644N_e@oQ$c6bW(Wrs?q|OYSj&`^AF9CX?Eu;U2VBWgVWbP9-p0`{_E4b!?&+9 z@S6j-kO?ZqxWQs@GtIufrMx-ZWU~j5gWwtsjz{lU1aSw0eBj=Ba8us)0s^jTCmN5r7ld~cGA5Kmz7%T( z!UEv{Vb1Yd1Fh27Yd)64tt80fy$j-4GwURn$(_D=Ts`= zv4AT?9^K!&)H$VAxiEEX0G4PL^T&8?fb^gg3@Ei)hN)8qKug7#KSlw74?@#`Qlf5v zmzUQyM{7_9z>Kaje~cUeABf7K7gwWqm^wuOW|WTkW8?t%Ky(i%wF-!-Qx3pH`2DMu95s2B`EB{&IC1%7Ncx#=r7xf4Mp~03Sl;zrtFQtK!lx%U=-J0&o#) z%mcnXUf7th$yt;w3(J9<+(p?^p0_Ahry78p97g3&H*$5V0l3L!RQ}p3SEm|)o18}F znHO?(ssXskZL}~3ZgL!D%feiElj|s3%JUrM>eK-6o6mW)Fc;qBKFXGx(!g&%2hze^ zc#{h$TNcJZ{b=+p3uwf6LoR%z9)zA{+M-i!GEiBNU5-NY#FO}n!mH5YDojjvD#TR7?v+L1t1L~!Y}b003PdF z2uCKAl0K+9yvUHKGrWGbeUJm^MZBy5pjx&TQ!3>^<6sF0r$rh(iU`->gopXilRVPO z_PZwKrWnWx97h_|I1FB+Q&mfaWrFJ@9ESc({zKqt=o5j4WW+d0dC9tzg*{Yr08~Gp z)`Ia`zkX^CMjDKXxZn4|rrZ>O6BaQ3ras@uHL_|Ucfy#^Px)1+PlVzsLb4T?`M!>n zqvG``7NaZNzj9MCrb!-y>%0JH8r@&8G%pKZD&+v!B-xGek@mCsZgNmv)3PuCQ(^2h z_M6%R=}246wsn*mfv_!2CtAiyrgyZ3eZfrFNKx`&PkA?JiyRKT%6anGCt`35*PRO= z;oQU))kKnXOIb)ITHTh;s+pwII3?=YQqsjei&(m_7?T5F>Rw;XNiu;W^*L6dVN`rg zi0~>{9;hbJnn#7pE(s?d8qRFIy%*)CM_3(=d1F|s2H1E6!fdWrYO3cmp9T20?eh6Tr= z*E+m-)~Wwo5=k|{lzGHYW$vaxZaD1gF()R+;59mwpHxgK2Ct}eLNXl85XXTEe+ds= zB)h`Ck31>v2kH%*Q#&lYD>@FW@shb7dY*oEMAdf$$J#J~EWpcGtIj~xu&;}w-tw@z z$9HFMapX=c;+~`)Op^20ulN3VQJPl#kyInydbU|h>!E5m2cJj~P1_<*pbO(XkCd8j28i)w{{y;63 zdNKy;Ki%L;dGARPblk z=An;WGGV?aQ79jH0EFV)2m_@ZW3{)CWH(}H#$t~CDPiDFFptuJ46=(fxIh+w=C!;l zm&iuwd$qmWvbSWuu^_p5y)>P7cO3Qh*`cg_vM)8pz@)^$v5$^PdM-#LGS6lP9NvhS z7@KB)03EVhHgGK2(4Qe1St?4hdGaJn?|A{c{!sWzMzMEnjiP)VW$aO3k&QwM7Gz$>h z`c%lRbI`fnx5)HvcdCt`YMSz-Y$K2OBvQfr3*it2+B*3lI!aI;Ds!q@t3r;h>Il(j zTh2{xcyVcv=f6t>guN*ZiS_KXT8BPxS6RWIZ6l2Sb@=uT0?nsa9%<$CT9PXPR?th@C zPtR%i^r-@h+&zO#TCqhREs)pqALz82_w=leI#RyZ>Fr~#j*FbI-gNbYM`pstqjfb66$X zawo*Suvlp%4_e1TXUU}WT&O_v9miqDio&EfQP{&_q_6_;O`lO0wooFGB;HbRx-bD$ zI0I@&u%Lu*TPxJ77rE7##|UcYw)G_rL} zCABd9BM4oxzf`V)#|tpgCI~q6*)WTMs)t@grlBucP481ORVNDlM{jnXbsY3hc112B zxJ*#K2a4_|%QV1|?1u`M#T<``Cm9D-QS~Jg8pRSuuv5i-l4n{t=m#2jMR||~C2u>> z6bE=rK-SXK;v9XUf zBl+=^DVqM_3>{CWairp*vGjmSGKiA>a<$N zz|KX)SuplznKvVv7}Cth5-QlaoCviS>Cr|WBT8`43_XkHR9&eH zJXJA2J_4;*hl$65foD)p>lzUrr}!YxtY%UY8+d_9$W82ZY|TSKGs5FRN=|c(Gp+OTznyEz$HpB{%H1C z!)aw28n7@xQiJG#uWl?NHbu&y1$r^9o}z<}vek924eZ*ge4Hn|AYnect+JDH-QY-To^r&*n(!EjR6bV+f^1d}$InZ8r8!f>R}vltz$ zdX-ww(J$lV0t0okDOvr%5tG5T{Ldf0maODIo$AmIeMS(*X#$oK7*HsZP>od_&@5 z5G^w^5OD~$GnWO4JwF1eMIs(3H^$jx7J|$QNj;+pnZXQ<&lU@|wI%?%mFhxPkmObm zqR5I~6yw&Kq!uC%$pN|sL&u~4=nZMm6BGE0j?l-C=<(Ks z2}xW?2fciWp6acCihld;KjpANOWDbYJ7K7OVj)Ibe}RxxsC$C;_WI9JHV_N# z9-AgwewU!O&W4d{@Z>7d-P`{O-4S1q%!uz;1{>9&BdT;YNqx_Ber>>Uh{&C$DQ~ro zGqIj5?g@xRh?gen0j?b~5Y7xk+cIjt)rs-;VjTHwJeHfDaD>jb!fTBm#zbgQ&@>&m zO;*fany&|~F4#8?fS`AQ+IQs-Eu=`l{lWZpk^~AoK!^Sno{1JxDHJ7Em=5I+x+jD( z!J!V&&hFm6g6#3gXc7jzYK_{m483k!e`M~S%<1sF+}cYrL8i*j*42b?k{TR3&5wZY zSS~Z|+g^0?E37(Hi{07V*@3^6OUjA$tFZ)tDG5%zrKe+`6YR|p4O~C=h^R}?eo_oT zE0UEaaz@9fj0s(d=p`_Rl(1+6tGd+bY9xHA?j=$nVp|af?>gwZ6z`0dCpo)XzrdW=?)({?rn6wgulNvbPq%eROHZ!F+bkA zP%9$FN!D~MnFOpbqkjqnG8{pJd{+`-qDhka$_%dMH+71qD&ikTA5T)tstPpN3~q9s zcuab!VYaIcv%QWs(IO*c`b=3|)nU{hsYoPYh5FtM>~7{e*hi)0M}zUUqy*a9=Agqs zDQWO7AQ@gw{>aC43P%f+ne=?A^D2cP5`YPwa6~v~T&Qfs5)WjDAe9%b&D-g%lhiRj zMx4b%pNI)#FpqI8724LQ`YD8aBm74%*K7XoZkVEB3T>^29eTgVB0_fl4K^yy z#>yeoY8@&>)6tsaK(d^G1ziwgQjjNC2E-*oNMR&m2&?gu6h>k~tCJTY!Hm*jVI=I+ z6{lJ%LNt&vvsAvnx5iHO94e9{kQz5ElTINzikxP~L}6WW6eg`^Y8klzcSi(AQff_1 z9}-c(gyLt-NmN9f4r6s`4xj}jO!UHS+a90=dSfud0m{(s+NRE>Ww?5Hx47*;c) z0nXgxJBjg{n4El4tH}&HoF(?)x*S&#(+&ZOG@fU1wACuN)hUWUVOL=0B-mFcOl0h{FosVmQ0e)rIcQ@N5RU!cgk5zbmN{763Gt_07@$jqh>6fd|L1Vb zu?K59j-KSuUl2`w3pcQ~i~*!2HvMFui}lR&ZAt2e%0&T?E95LB+@DF6mjpnw%uSDl zLPo|KQ7)9MvyB9ss%YTC_7n?!JR_dIa7r$iteZDb4dr2$=Lu|%Q02*CdMgGNv!uln zW4+FXAorxOs&2cq-UD|zvA(m>SEC@l!s!LL7^{t3)Isr%%T%)NxE8q7s=Outc>4bR z`KOb^v$J2`pT7ESbNN+qvwf{WGHV19^eG3|PidBVb?L)~+5E7X+bqCb&Cbpl+IjBu zoxYS>AV`uiRxAG#+mVM7VR0*E@sqNJutLyk%4yyII_NmkCQlECQRdoK&o1kTlit}F z>s!phm~CW1u+(Gj2_@)oGG&*EtfLtLF@z|AI&4Ts51?wsP9SD^=Zo_yQic&*&#L&);vm>!I@iF@tha%zx ztJ`U=t{5y4NFPik{S12~=q2Q_J0#H+AwhRa1ID|06wzft*QY`Jxz~YJSmczmX)>vu z9jBkp=pECmP!wGo3Pa+8%`xVN3~KUX0b*}yK=fAz2)VGXuF&1-cXxKW5lesA>GtQq zqVMeNq_bKc7&~)-VUC;`c*t>}T+nv<&hsohl1sQ7!{b>78vW-I7;^b3G&Cm3Sv-S- z1Jh}>mWM>Y5)zy!4;Ue(M(k%uNW!hbwbJth0(naAmy#<5P<6&VCG-s?Mf7PvQo6~B z4%#lv)vx?Dcbjjqj8^M#G*S!F!RuPBE*fYvqIquONbz%kt}r+TapFq3Ya3mW^#0IX z=9aY-4%j^hu$KgTPT3Fv^T^54!Md zoLo{C3qQl{pXkf+pP`>89r@e);qSzapxL&%vy#2U0yrW|^+ol+n3 z^fpwTIk|#U&Eb`7ldLB*ofFI>*uKFw3fPsc!R9bO4~9e;E3c3p#tD;gavSqdpqs8} zLHJgKB7tyKm3kQ0KVw!8aJP{K)mUHMrtrzV*(*HY-9{5E&`|O+PC(N3@*;Kf$H3db zhQMi}wq@oWw*4SU>%F;2Th-I8O*rS@732K)K0xo-C7BKhM>~7lXt%%H-&Q)%P{bek&3Q1 zlO=l!we$)QjRf&WQai*v(cBHlUcY~n$|v6`D0k7BmO?Ct(<{PBLXja@tH5DMFjw;$ z;Y-HhVwzkb77(HC!Sj$)*9lUui3pzx^l6GkMEECI&nMyIOY#X#@FmG%tM<*+jWj7U zt<16e1R9gNhuOC09&$3GpAFIv)R^k>8-^U{JMyc1O+ApVYQ`CC%bl0<9(Zavu%>~? zMPzAi@i=hVG{g}&-y5P+t<1st ztiSh{Qk(X&YSVu25w)h#)ze6{aM=I{o~+q%mYVi{Zrab5n)ZHn+Rx@rdtXocSx4fM zBHQ|r6p%v8DR^Y*r?#EhSaNhb%Q=tuQ%6knWtgn|X-Gu$DdgCVs7pjowdg%EU3AqC z9fj9aB!~>ACmKZHh)Dz*WPNcZAwVB}I^>wo@~*v^X+$ifuITBipR|wfBUz^d-W%Gn ziUjV=L2nt)J#Nyrc_8_c2gDKeRn{hb7)C4(JoHiG|8nl_YDJIqpI!B5S5H`(-aE#W zysf;kQ&*uGi`4-$r#|C#uGU4 zTEC1L$C%?FBE*9SEXE2QF*E>HJJ?Qa^2!Z0F;0&%79yCZBI#2)PUQp~VRc-<5^O|7 z(~G*Tfkp4ycSs;ydkhH%O1%!JhS3na7jbesWSok&wKW;8lo5@Lf15pB?R5a}U5vNS zN0nwTo`!YjHL29=C}G{aia7ajlt_yZBu}~J3V7Wk*Uf^eRiEqCZ6{AGQf`}GeLCj$ z7cP4bTY1fWWPKay4eW#LJIDBG|uB zg1u4;l*^{1=ssie#2c$VQ~J0(^)Nvi2{eWbURyW}MQ1zVI$M`J9W~Pn8hB{yRpKwz zanPY;Nf!aT3e+17q0)eTP;Gyrfd{_xKYsYhQNHm;C;9QiPx^LVP!GaV;2d2Ya)K`i zS41zpH-Cb_6+r^|l9H=!B$#oQmt?rD32z%k6DG_$lh@pmlEKhH7dF&EuQB&2Nt71w zfdJU;A&+|M(W7>Jh46n0j4tDxxRF28!kg5&1(j$Ix{T5*(g)TPmGX=olz0LfG)>|ku+q`sGHBAM@K$$Zb2p97W%kA^xZ{|-=h zZzRL-+=&d|T3i<1$;raIb-YzeM%6NL_CBb;+nXyC?`WZTx3k3LcXN~9yV2x#vyJ`=W+Cgx+D-p zipJrL)A1xi|HEbB>_5?Ne|H~!&l&byHgyuC4{Dp=+DbBj)tTSWao{?Vv-B7T-XU2o z^(f{PZuRwWwk_f?#O{QciEJZH7tyZMM_aN&TYqYI{rRYdR2@zLvd zXRo`vPX8aR*3SyF5*y-hX1}5G@s(tmc+9mRLY2!Kcr^+(imosxt;BmQ10FLcYPpx` zcP;^HAD*G(vo`wv@a*_(yY$J4q{t1Mg2mHmoe`25+=v*-lT056;~0+#8na8n;qi*? zbch451rLX{mug`-&R;g=Hj9)lVOzT{3n}R`PRBIBem7vh3l`~Cj&{eAdvzu(XQcc;I*_m`dh=lvJ^d;R|N=YQ$%KI=b!_7~K@3jo9-!u&7& z8;_M=+?o`SoYmnwXdxs8!ZG8s19TjWI8JuS zoEhP;HDOb7fQ>t0$n< z0NLmKmeDLE2S|%vt;^hweQlK7lshapqW@L^lDaYG(EtAK^XGZ`zqhxyq5pSL9-&m8 z&yb-<=xT03JV5&6Xm@%c%seJ0S-s zt=2jvQOu=6E%jM=sD7w$XJ$Q&ZvFYEc{7aK3fmkD#Z<5b*+Cm^dDM+i`-05csQttH z_ifZxe5sALd@3T;{{HZ^E&uobwmTiv{qjXk`p-YR`nlh{5oD7POcWqVazTlN%B94i;>}uazQgWN!09_JYg~(4T)I=Yq`8moKd}-Y3)X z#idkk{cJpT?TDmuRVq%aqg{(LJ;`z85a=5H5wnQozslw$@XXIwL}JAO+G&{&-Qqq@ zF!ye>kFtZ?-A6ToY+{&F^KFzpoM}JUbHb+@;N5lF%bMN0!Nw(fCJ%cXwbg04l^s-@ zr`AMAi2Q*d^}QKWuN=NMqZ*FYA@K#t_Nwq@kzQ4cOs^W=HL#CZ$b2@Q{X`Z3z11k) z0Q)z9a%1pjnyUFC`$u%0I9Ii^PrOYql=i%30-+C?XV9!C{~bhhakLAWmm~Wwn}#eP zL6o4Jis+=A-`mLfpmdawc{=KH8-g@gp^?){`7dRF)$LExx}G5PqDj7ahDzH>Qo8^g~+Lf`nZiK-WP|=6lkr0ECj3g*w^Rh1J_#NJ?P3C{$dY z)nolGE0UXw?JkqJV9%pK!$rjQ$m%*?snA3fB^uJK2gRW6P11UhE zoqm=~Yl0TA2yKyR7|pCL?&PbYkkcRg%z)@9g8-m`L56M3oSz zCAnN<;*=ZmmI+f+j`r2?p@MO(1wz#Ft9y(P4Or01xX;}v|7xTa=>C>2wK~<`;!E>1 z|F3Q5ttzXs|GPL$qGIQ70Or{LpFQvI=k5Rd&v!QV|GOw(&Hf*yDb%gNXeMZS6=}$z znPdan-6RzZ=_nCE$37ckKXaDzAMHNuiZ!*mRy80W*55|9bB^qJ{*<Vr+P-_z=4b z(3_i!MQXq}nlP@D?kohty5_3`<_eLA!#HBX#XjK;p*jii0)qSAqTtlF z=uU>iO33XNV5MhHgK_V27plwwZlOUHSm!og-FAE+TqUeqYBMf3o3Y4d2o&)c`1VN} zp-U%?ry|YA)zCsBLMLf55BATNqbthB1hZazk%yjszL`xoyZB0RX-CZ#|Bsi;VBXTJ zpUXwcmvSRG+~Nr=<1T{mOUNQA=a8}p?1z(PBI>fp*k~HfxLif!)zQ_HObEV(cRH+U zewTY4GOufb7^b-QbvM4@oElkh8}+mdb%$8rf_OTpW*Q@O&)NH%(>g>~c&3uEn85nQ z+E-XTS4~2>c_
L(TUoIR(n;t^zR{IVMj!R;jEh|V&N13S4``_C_5+Q<&vub<1x zX+a{FWNZld#>tp`hTCov<{7aOTv3mz=YYO^Ns?Sb&n9JwT=xZ0FMLg18leB$bM|zg z8J$$PO@oN=5q4GDN{AcRR>@tQ*3+lw5cSlgMS$EWDl}AteKvj~(3A#r8V6;&@$_j! z`<2eDW6d>l{w&C}|J=I#*zf-Rx6ad#|L@ChPrrP5+(ug&@StlHF&!h>x|N^HXujtC z-^%WP?T9M53*b5LKX+g3KF{C(zUc36?tky1-1+@4N;s`WRXq}^Bm@$jAl?=g=zT~6 zF`=WV^|QcZa-a@np2=kJj*6s_amlEp1Jw;}wIoCS4o{9Xl@QK9u|VyF(J<3G&s`cz znGpCSjf3W=*=S6DvV6kh1XvDAGob0@Ye|>^lRuvd2OS4GYPxBtlXNFbSE&Ic!A-i0 z1>rpv98SMMg3v=AOVgXNI0=nCWS_ISC^(hd+P&OCXGcfP_mKlQav_Wpk0U|cX(gdw);e-vpE%HE!f4=|dhrnA zXyQc7F|+FT+rWr8iIRW3gU68V5hcC{O;puxzu!(3-ogxbZfk}+3(RmQnPFin`ed8f z*vYmOXJRiaar-UVks=5>SvDeNIJNn+qaCZOJ#4+@w&CN-hyRiBL4*?8>O5a$Mun-c7Q`+T)#I$mU^~WTmJv52Pt$ z$b$-Ako?YQ08d?tP_X3)$+U~@6Bd4|g9jgrpLI-1n?F5!X z*vTTd5%axF7Skz)?Cm<|IuQtn*-v+h|`>S~=(KEP8_CVptdg8!s%(BRKg#w-hfk$<8I zQMFN9si*Dyg8&dPs(5pDyhLg<83v>T1=@Zx11HIBU{yBh4N9wTcd$L1kAnT)dkZ5)*4fKBik+8FPuIyYVvG1!^!dwA$Y7S$VR?i*DMC`9T zl{?$j-*!7yXST_a&CJRYp{?KL5rXMSnC4H0jVC(nl6?Sd7y&r#MXC z0$MgCdk!xV4nw)KnO_}<;GXR`gItUBmG38gg<5TU$~-F8FwJ1L{t~V?9OfJ0QpDJ@ zUnW}}cK{vpSaFbpRAwsIC=Tc!=2f-|-3!6Ha?{DoW_476Tw*`Qkm5sIQ>4mc#J8HG zUZ4*vKkzxlf6gH8H{blAKpG7&A_U{+W|YDu3^VoS0-QG#D}T zKhOyK{t&wtDvPzs+@A!%ualoHjjPFG>I@9gMve-b--KFT=6zZo!-sP`ZlX-|o+<~J zP-Uwri7WpW67@}K;EA5{3+oMiHtg;0jh^jzWbZrN|L*y7_Zb=Wha-1?cepotvG>e< zvA5HIF?`YQ_w)pvF?;l8f2aFqe;*}F%KG07{@)h3-~6q!^{b=*^*`-@cH#SB_y6MV zzklui_BZ`4{h{-;BU}8fQN70l3sxEJ#Nf%nOYI6*Q87^jJO}>2oiugcLK3a?Pa4>N zp1^wR6%6D6GB}3`zSZjwmHPk6>_7SqTA2Z8j{Rr<*^7ex=h@CC{==P=yO00yBiOAY z0(nR!f|5Xrt6;#V!ghdBX(fH%4iIs8a-5{ivakM%q*f!O9>sDVfww#QCQN_Tf9Y>0 zOp;miP5+g@pE|K_qpUuYizo*qZ^T9j2goGmG&RlI?bdRfq;>B&h#UkzfvB*>I11wF zknm2D22ejjLdOxhqP~xY1VtPN!Z$ep)BN%?JoPRAq2#&?>-#WBIu#%qL}W|~S6#0p z;Ou*@^9e~l8<$T*3ldeM&MCUEIjLVw>TiAUa*j`N+2h*M$0gb)#_qiA8D^(gtNP8P z8o=6lC6CyskbajNnfVSoo2T&l8w8!M>JXt&_GKIPYpp8kEeuycIDJ03Fe)w{hb;4J6Uu9tS?Vx!x9pYq5Fldx#~#d+X3mfa?-StQg=i+(>JO1}o(jP|x!>XOKgccrDq0j;JeT zDwTMYL?-L028`XjbxKBQrYL(fNvR;+do1^@r-9silx%3%?q>ex%D&&Kt|c2FB1)AP ztEUR}#n5SM;q}@}&8WspMUkor7C(_0%5>e%1H$!Vsivr_a4yMwqh@oeXM+$%zUX3i zO4=QpyxnWpe<-Vx|8>B~W$u6XclPu7|6c4q-`xM+Nx6IZ-xB6UgaZ$APiNLGBS0Fj zOwBahacOX4)u_a9=nq~RN?C|qsyJMMeaWAN zqq%1y(Y7bVpE_dF(}tjmX2wjEwkwVc&QXDDb)Wcyfuvc|L{UbsJDim?(h(7owX64Q zrq)rFt>W<~Wk!ioV3mxVSh1WETAC^zMN{XLaBv#1ES>3nMJ8^o8NO2z(YR9()XVp= zG^%T6CuK*OJ*;VBb`h11XZBBt*qN;>t)FgQwuRZZ%(fM_tF+4`ZDc+NO`T&vR$O|M zO{h($(>Q_*o*;lq@zb3kY_e-RkVaqVSjKj2VkruUOE+7ghMHu<8rKmND_VMmBw$cB^HX@Phw34j#&=H+VF;CA+PU(u%NTq7d5nbzHD{rZq%Ab-<<(^DQggqQ# z4LZFu)tY@7gjYdM5u9bT6;k(NiQA1iLCZVn8f@JE!c)JLUaA9JM@Tzn$eR-R#ffz% zeF(BjO0_7}xwkUzrc{?z$^Qy_O2z-V^8btePG0`s*?qB*|L>yQx&PiZJrd4z(WM~Uy$nb4h^Zg~^oO(o3M;-?*dcFt$q|>u_G@_qTyIYmI z?1&R7QK~y#n5LYwx%tCdWEsxVsVi6GeAh-g9u+R~tU_3lj8g`1F&xE-f;JTh-VR3}MD3k&u%z2E@2L(mF2c|F^Dn9GU< zL!!YG^D)5{Q>U^*Be>fp#K(d50d9=1);tq%s9v%>H<@eZ*M%pT$HGi+YTQMTtzP7x zi-hWyiUjU#Epf5hl&Y{XU7m%QMg@_>=&Q)Io_?33B~bX|gVtmX_T(!!cB-qHlYLmM zL2FJ-ZLJj?n*==Bp_(3@Qqeh`eA(9SAC=oeV<*~uj&95MJTz2dgjO!cs!zl zSWRO;qTRHTrB)&uAeT*t@cK*%drg=!^i#r_?RBfMY=Q^B+?-3}N=61jk@Sm0`#Inf zk%Fix`zTvyZo4Zqy!1>tB~cFwKy*3_f#Qbp->T&QG=y(a2blN%|M`nT{+IqH|NGsP zubBVcpbXrM5)t))QzJI~owyMiVr><~XiP6jfFzcZ$Z4HVh#>ke#o;AQ8)89S6cOcS zBc=6#MQBR23Cyr-D*Itx>{eyDO7U2YkWX_J;DF6Zu3YRQai=_=Xn90UT+wV;yrjG? zCs^wh&-#BwTjaA#!U&OYLZ*aczbhif@tAayksli{m@9@B(o@va*3P?aGfFCJgmD|S zcl!Nl8?~oo%J@wFz5Cr;+D7fdkZsg{)_+Ue9n+y&MZUXdx$geHTiM-Ce|O(>DF3HD zr7mwe@7>%$yU(8AWZru(o@Kh*`)gvHUS#6C*@^G> z|9&$Z&vy5GXMX`4-(6_t``Mwst0MyqX8t_e-Oldrca70JRR{FdLP9ZBy1ztU2t4vR z|FIZesZ7?_!7xssDMY?}@>lT$(EuVHI0(dZ;wA5{IDs^kYKScr%VWEZwl2s_Br|}V znMquP3i*E({C`#QpNcQDjQ{rz1bfQ+fA{w`^50#QJGcKP?%xVywArM_ZelPiV=6HY z)n_`sQJLFWwhn4*tyJowN}rNcWtRN2&cQp^RTsU^{Lo8c54{gn3|{3UEoWn{do34m z^UfN6*Y}p-p{)d6ZJ&Y*SpIu}+3=4EJ(N{4(wAoN3fLs;&Dut*WCG#uPJ>%LJ|GV}tP&OhF;mkEx_ z4h~)-2S&4xZON(0W;!pNn{10t=Cxn3M>*nK9ERqdru8mZ&gG?+WoueJP9|ObkazB3 zGhNI-Ye@h<#t|nGr{t1I%mRNPpA+oOkPD_Ttq7FBZ&yt4+8c1)EbqVs@fCOh4)1%wUl#KU-U}H z8aF+}ap19O0yx!;+D_C(-!tYD9AvxtWkMigU&IjhJS1k*A@hY<@|>>I+p7{WC$}H! z5)TM7#7-2L>f0E(ze=<*caI_-YTt=@@hMTa5TH^vky_^a;2pWDTJ|f=4CFd_OdNDP z0x>^g3hlR%xS*kmk}1rUOF*s=XtWV4a3~Gy3mSg^e4hkvgMncndt^D2Z4@w@>A=OT zjtx7+f;`_xByjmGjLdP6WBwoTQ@zQM;OQ!odtmHA2uaRj?bl+?kUSKOdl2JMXY7C* z=usSi{aJ?}gG7nN3ij zBwnY5(5{0{lAy6>sh1SzDNqVL$&FH4D9oe{c(R1BcK-0F7N}oB53x;OZK+Ixbb@sQ ziCejK6HNdUpz4aHi{5k4DbO8%W|5*Cxb%t-;dp8?RfMSCK21|aNL+QTs+aIYeRz@~ z%xXgEz;bQr^ybP|MV_8W9gmZl9lS*CHcDdVX~LKLIi<6f??Ah4yALFnC%R+JBCPs5 zedOrnr#CGM2MlKYq~yQ6kP=7K7tWYOKatrFoJ}RmOav5(TW#dz_^Krx6rLOuhJ`k@ z149it^iP)V0y0qP8fr&Z+w%%X7!+Bbv5PoF?Mo>e88xWEjds$n-tUg%$u6yUebzv> zyljlN)@P7i?RXpsdKk&KQ2QDUpYMCbwSvRw*UlDf9WY z{a5j88+nYV1W%eMCi0c~{%g=SKrnO5N59omtJwL9l~>fZLb{ZP*KIJ^QbQ%3X9Ml! z;%4bY2HD7v=2*Y9&vI3ep~vP`?TJMs@}beo@!n_)W;;w&bl8@*nMT{1QOQxUHm)!g zh;O`9aQEV>y2Y*dP!btjMO-hRh^2_GD#Cm9TuP}*HaL`{h3(wtpG7=b$(GNq2uE9z zQyu!@1f!i!NB#LOo)S)7w9`RbaTpeBUF$IEpW0Pt2I>o!(gG)_YCy*1^QrQ~J@oxI zGy?Nu``2H8v0wr5Os}O}E+USeHSOGv8`@4Fk=C%z*EJH8cr@}!j-b`8Q^Mt4JT0G1 zh0<>sEgVZ)&$CaU3F$P4nOga%u$BZ~aH6t-ILE!Nof-0vOow&P^J77TC1ycft89E0 zNei}Bo}?=(;03-wG}2iplssp|1g(HJuvsY1xu~T=kMlu4V$xJ|I#U#PO|1&{qAGg% z+SY^xwdlFht=av=cz9`~xVH7&`(9S&|Dil^mWltjv-@H<@Bgv?qQCL~xQp_&@;}(|SI-pgAc*-? zN?0{=xw1kUcqmEFfFhEw8dQ=K{|h<0G>c$ zzo!F67n)_F{ARwstZ!6%Ne)D_*h+ueB7cA*K&DDQ@~`2tb{!S;?$`FO?RMUN(Xg%3 zbjoK|xta}CUu9Vp{ZAt>Ed2gs_t~?Z;`@(H{>M8hUxEGy9^uKQhq_ZrZjchctB~*s z4uw+Egv-JtTA}_!s3#ynRQKkxBrXWb1_mkN8U^hdY4P*6x^Kgh+UPM3!}`E@#Q}>d zWx>7V(r8$O2bj;y4_oO6rsAHIyq#?S`DYt#MeKhI7U+hZjD_A&+mRvoQRt&B7e}(S z_62+FoDv^L^pc!G{qC19iMrNK%}?zP+R}ku6dW_H+IqB3HZ)VY1x!vt4`3&IC>p!+ zma|J^`mT0`={;?|g;`={r&K8>lN_Z*Y&JOw<(`>1K#uMsB$*Mx&o$627q#jKX zT2CXvXHTSo)69=Ln}ddRrfSj3zEH-41VxgwXizN;41}(A5F!|`sBo&^3!!-Kx45z@ z{;#edmx}-LtY6Ikx3kgz?xx&1|5w4BX&@r5USWcZ(3nK27mT*VRueCUY}%+iCXqhT z_4YQC^jQB2ZMx>ihVc?A2DX?mH(uZ6bB6KG+3Vo)1Lh{6A^99K9wA9VOb1`SynMWM z5f6zQ`2ZYa5wxD|*T(S5S<a-2c(FW>aSj~)dH>+kFX#=6q*8W?B){?<;Sp<^UB`R{5@4Qwvf8ubWo>6KZZZk zyUxm9DqMA=R1$~FFwND~4$j@VT6dGgdsh9m&=D(ioLZOVYP9o>wS!JOdk;~5#RAMK zdO!SKet4X7N63j8=|}|^ZmXYeiK9rUqHu6>Nr?)~AxS6KcUo+u9tbMCIidkFBG=;z zkC2RWc5;ETWv*h<$z(Ca`tY*uY9zTqxs>~tdQ3gm;(qtb7gTeHqOR2p3@u-^%*7gF zT-Ve$7jT5Y1KdXe3%a^?6O^lVt;)G_Uy#{O77xLJdr?fxjF*1^pqCGBgUL5eE(sUp zC;8*SOQiqQwX#@dSIuwoa&BJbf^Al9v(O>;dcdjh6e>d)>m5KDh8#_Zdm-W}!j>ka zx2J8iBna1lo+<~Jr|CV`))5Ovbo>^F+vZ)wh;hhZN&^(KOdS1fL_SM6nP4v_YAM27HO4N$oCkVq7Nix&gGD)5^fif+e z@39~!l8S)Z)v@_|qNZqVgiUFrI&RwuQrZ_Z0KTe0)J`>)Ya}Lk_t|r~W$U56Y|2f` zs`S4r%;ixoRRQPdf6t%2D8&DK{(STP`%cQ8>wmu}L_v7S;t0i(?jz28A4oSI*AeLi z$8`O3Jg&)?c*k(Y9b1^#BH-P~^goVgv#uyFP zNLUoHdn@@f=pM?|$cIbOhde=D6{2T@*s)h z!dDc1fyZN*NmrWqj@oV+lg;3`S|0hA6r;PAfIRpLNv+!QugcLz8U|ecQ55HL@!4iE zK{HHai&f27!A82H)lKl&ygvtBi2c&;GY9v-@;?Ntdc z`ZYt~B|@2sA&Utvy+Gh_=II~`ps|`g$$Z83mr|1e&=}D z`5X#FG-wBnyh<5sQ`jl1(Ka{&S6Z#FGzGQ`z13cF`a6}D8>WSCT-?h$ezMpE?(U!x zJjK8`T4Joip_=w+OJCSJa=@KQM% zchIm(7RU!(6h(hQ!_Q_=Dzr8?eFH4WF5Kr49CECU0Zr$>d;8`1zxxNn=kwo3 zc^+N=*H;CJ6dV3u(bL$fcFi?ZU+9W{9-O3T$%IYAqNvNbBx~R7 zen+amwJKU$;#!AJrSM0dBa8xq23ZNL<-pT-gj)eJqND>M9K9EWUvM&}A6kLACG)aQrD zRxfjHy3*a+JJTNK?KUA+$V=64{tM8B0@S<)7#*~9huOgO+_CoOg|o(PK?a8G1C1!= zb1ROC@@WCZ5>{4y#?E*t=G(%>t#PWDK)DN+t52|OG@{*eT}X2jEsiP23MgQzxmAv{ zX5Rw#+A69bTLaqE!0VY?bY;1*H>;a}(Ay7&t8gzI1=}~Eend>i7SP^tGJqT9{#Xz` z7ngPEZZ0FM@m`AN_Eumdh+J0CY2lyz?6W)3Fy`f1<{M7;%hOeDo}U)aL+F3HaDEir zp#Qykbx_Lxez5oI#k2nRD9@+U|IQ_sy#99M+MnURC!_nBj@D{^5VK-Etbg@cQHAV2*HYg0V!FvT`jsfd| zw~8UBC72DHaZD$c821%TICW6gG~gJpPuzTCFQ?1QF-NF-K;z8=PB*6u>&!EIM_OiL z)zsUtVNTB9B}TRovp>sGEzoZmQG1p2jhOv@RWsa!*ne0&VXf^yd&3up<@hgquU@`* zw*NfF^9k)gl1pBH`(K<){%7+>AkBhL#|UKiw%!t?&|cFPWHmoo_I`WrC_ zxv**sLW|8fE{Ga4PNPw&)Tw%-(o-`Cy~ZgXVNtFh>er8DP`V=KVt3V)q`oymI?mGR zX~8QNoSZLe%uw+9w4TkDv6t9bH0YuaVEs}y2pfebX%^E<-M@iZOjWQa**dM}aGH&A z5a`+MatW7*x5<@uv?pbg6C`b6k}H;_CS#l~*@Ed+`JNzYFHbADK?|Hl6VPBkZ`+&h#1iAas_m@?%DT2U4fcuK-dbB|>Llogw9sr=&#CQ0 zlbObvP%D^e9@HedNG17vhh}}ds2Q?{w~Kyi15d;AAof4V!BPYQY4ZPid06rPda?KN z+5Yz!&nLA1&9DC7H=8&7Ir)D+z1a^s`JkR((82?m`O3sx&d3L~H)7(mA+6}~(khp8uz@-S(-Mr@i*hV ziiQP1KW`fobfNWVuWDcN!dTb31VEp-ZK<^pqh54-NE61xOs};q7iwO8=KfrMG5WI` z&Gsh3d^LP1Kdx1uhp_)7Or#S|awAZK|JUBDiv4H*#q<5Y$9X=T{pUh)$wL@{ECzfs zmY@QsdUH@wW<8sb)z-rphWrFx$~t6$SThWa2a?xBlxvrHd0YKzhALNk^Hvmwj)pcY zU1@=Lk-s&sVWsbGHlNU%QZ44CY`vOaEnctJdgjK4Ld;aLaLp^4Le@Yo#fA1Lc1w{x zjUB<$M0q?G5PMmJ!b0Y3H3AQ7URd0-r(|eYO?(bXKtqxzpC=MAxg+Xi!5Ys+dtQ~< zGC}$#!?BZu=a$TSY}_;77VT@0%EPy*K`J4M`H1A$hLGlk#u{t0g_RcZ+D&C~4_tA& zq{P(ZRQ8s#+OgPEaY{%&w5X+X^4P`(choz2r()hS~sX!|R>hTC)0*=hbaLV|J%WQvpN#Dn(5W~3!sqoYzN&?XG4@u7+0HDhs8IXid4A?v6)DA(bnW~uzWAbah6V(AJ06gQB(0ukc*|zd=l3D zqFh!`XdO>NhuZZP)V%K!f77&<`&^Tq<$qSDmouzZdy`zlnV)28H>zcP`td&FUlekzt>E|Kze|zsr zlc-7mKYVpi*8lfkzI?v__bAV&^Z(N7uq*?L{)kj{eI>g?d6?KIEFKSsa&g%%i+o*^ z032R*>va9xnL&$4z2Q)c$u+I*ZML<&ytOtWU!A0<@<@AWTSD*=rA^mSSXn)NThN!uH zRZRCyBNO5j` z`HfLI9rRY_6q%6pB;%aKg;BBFEgNod9Of&BUNK7c6Vp;1)u7TfJB{yt#N2k0tU;sD zVbFDVc6mm{Ys(BG+X^l~i#3jCMOYk3l5 z9ERx2UQdceQr-II3t3#R0ul=xhkdDq6|7N=zV*%!utJG-^_sQh|NfLjGdhVGCyUx> zkpG7-UJPCNfB(h)t7rNDQJyVyfm6B02*@=LV<|U`7>zO-L6YqR2e)`aM8C6zuBTKW zktGS^sX$^%q6oZI&#JX`Q6jCla{RvG6@UKF@(;xlH2k@_X zF`W$LKjx>niw6au5e{y%1hf{>`KmAOlg?ND5x(tw)lX+h=d1tQ*+M^JPFW_<+3Qo$ z=_j21lLTp}PeXzSsvKwk?DX$Mz(OKn)7b=#Srii9p|i>0$yylJn*W!l$FI*%`?GLy z8x8lrUJmzPmFEB9;lbYX{C|vR3w=w|7|*Dg4R7d(OL^l&j&!GUjDG%sL^JpGKekPh ze7OPi#Z;xoPgz0(F^E*rUo@|5$uc`&xt?&AC2~no{DUGkp#d6^^q!D7M?}@@cRE{J z==#n7yuR#oZfDSh6g*eHi90Z{r-pk2jefp1Wg&AA0Zad zqrrfa2^A@y_xAcB3vLPTQ#Kf>_Eqz;NoY4GwkboIAc$og;Usqy5>gCLI14j4W%yro&FAQ6W$r=OIQ}(5$3Ru^ zNiooxIQ@Xl1|&`iPdF81XBPyS;sqih1psWEkEaK&8r-uu%@OK!U~5r=Pr}(94T(V5 zaEh@sqA7_I!UejY(qM`L97~Z4jvL@&#T|)Qf?{&7xd>%akXJlh;o2RuwV@e~@r3Yx zr{glA(*W#KKmRow5u7BVfOf0j^h0ttP>dduBx3WK6h@_RtiZ!hHbyX?P856^qaeye zO1NhD3r;}Y7c?cJ)9E4E9*;>%1lsHGAN;A)QveS7U-yT9Qgx&rN+b;Ud6kfW;t0_= z$xM8hgHrS9gLk{8zjX!icDV{WeRd7-~ zvBB*1_g?n*dLbE69QXEyJ^u2b(@C-@x?m9v8gT_;kLL(0@E3W-{HzNEt1pkEdps9k zN_8p6L(=R^u%D-2?y6HOsVB(dXXCdlz2HQUIQ>%Lqt5$9fe_{#&pQawlqf62VoZ$^ z9nFz2NXH6@k$}Dn^)RAC?G^#If{6fcQ&N6h*vM59m zy(RLCAOw*QDaVM$W5#D{iBS83um?#U7E0bejuDMTisOK2U?XzW*~;0{=D00q;dl9E zOVYn)^tX^T{Ky`O&K6Q#*BHUNE9cdPT=hjt;(!!0OCJO`(#f2js`66kHL&_N5hNWu z9g#AQC*&l;LNxK__fsa6!KFYjML)7An-O%S03m?1i_XS|_qx6AF0z|>3tLsUtJmC+ z3W=vc;T*P0wOY$fkH!-R<8H6p>EIwBLY%XZG@*M8CDDw9g~M?z-cCc81cyIynv!=g z0D}J7*w_{Ql`PT1*Wc4lM=CT;a4)o#Z&VCq=s+?%=|XlktfK~f%NY(u*DYibwnTs} z1QY5zFLC^^;Vf@3o&N5+oKBRAQKm5c|d!5onCCMtm0uHX|sdGa@8_dmO{0oXFZr zvg67jAz?z$5shd%SIvU#HzkydGBu=VVMceWSjh*PR`9;p>-oi3O_kMUSA-%wB9Y#q zaFVpIs)q1gg8!9~Tm~*i?e`IXJzfA2V*4wIgZ%^91stOk9$Ns+*{$0xNXeaCda_FkBeb!&c<>@8Z#cqos)_D2wz_ehcgJdX3;1D z*$$R691*EbS5#?OilYcg=@-rB`pgFm<)wl8rrX^u(ej&a7dZaQQqh){_;LeZn2G+2 z1W~fi*Pk$S@>xedB#fuX0`tum+fpwK(g-S>6T2R)a|sSeewVo51=M5cpMu2_y>Gg| zLH?z_#f86j;ZDa#g1wbUuxFECZ!;v=djJybl}Vr%4fH;la2!fW1(uL& zhW7fy{;<>e`CW|OvO6*x5svl_cG3QDf4Hku=(~Mm%0~BCAW%W1dNign6;l!xD*l9~ z(`*FB56QgR47w#!oMxiO#=Ue(dfF-sHW4b&4F8jHV~&!lp7Jmhvcp<{$q)8}DUK&Z zD1(i%WytS^r9jUyP!Lik7X`)>#&N2I*pQCL1cqfyaGG%mDhvsny{fJrC7ffw z?!cO^UkXJJD(nttf}k5$BDq1^des0rjOJ*>(y6Mn5B)nZ#J2#+p;g8@=)VhdzY0@X zR}hP%`A#4G`~%@+vAxsSIVBI^gz8T9U|HV*wKu@AWU3I&7|^ItcJYX1YF=4*-Kc}} zey4}tODZTaNSjq}DmdL8^c}Ru_+Nu9UAhOz^)#C|U?Us6cDYI7AyA^!Un6XP1%!p| z{wp{(K~pTyNDA+aheR?oj*=-Jk(357qd>x)vKgC@n8=a8$8#kI%N<}!a$BKg8`C^? zBAGQLTw5{WXeu+aT}>34bCTq)Gi_?nlCvsH$|cd5vl+s&Yl;_HOw68SY<+s>>;gP7 zl`2F0Ws1gf>B8|GQ6VxS+Bd0WbUlwWql$pUm{TSf2)SnKk5aF-C}NX=Dnoj*C(vf^ zZoii@{pZ2pFR-m?=gW@eq4{3{OXmM0x3NR?EoV3k*i1PXrG(E=*Szbh5rTm=@4&57 zj`@IbxyU1tjRXxT<`e=B>E=R|#i4eIKTdEkB?ggQWNt6*_lIa(7U=3v-JSpGNbZ~A zIWV$Zzk!Qjfgm3OlE4BIuvrpOrG%T!M}z2h{-y!2QHo*BkexNVr7neV+UWpMj|PML z`};ly6#I-%29YWv25-(zPTyXEi|SuGo%eA>gebP#(cB!3$TdI0_ed^96He3?L1T2! zX$q&-f{oLA%t5pd-du?>HL5H<-xQ6&!apzj+tHujyebhI3*J}FFA|H9E+4^ zDn2(-2SnlseeBpKvYaurA_%3dQy61+E;#6Dum7^Yf0!S-?DzQ453;9pO2S*i&TAYE z`+JA|eY=r8w-qLO;J(xZ+mt)nbD_QLAY`_iBfU++jR;r2=-?#Df2y9BycjAz3@f=S zAe7>X_KDD6dO5_BPlRiJH?)&`7>?1DPNuztaL@|kfb2RO+lVhLSs-wchM-5`+h2W9Ku#5B?B7E-HLz=pC$QG(mfeDP756bdvz3%JE|l< zlam@n42S*Blu6QgoD@1VkiGM{FJK`^Dh49O!L7Zr(b>e}B>3Fh-yeS1KRE0s@uYK0 z=HLk}hpb@x9#DaFW|+oOXd&DhQ|CGjLK%+=lq{Qq;Wa&$<(VZ|#skGFjg=<@dU;iT(+_qk0n*2Wx4$J;u`!ApKzdg?LFl&*u;Ou?fA9g}IAtF6O zVv6@)ygV8oe*NE=ygK;rLwraAGTJ{Jk6sP;|9iN1`1L{X@)dqDIvkJ3FNZJ2d;cB2 zAp0*4UyuX*^3|)a$=?3g!%lu@;Rto5Ce#}q^oB34_YRK^UmP7C_78?%fBjc|K9M$;a(~J|Ng=7`TpnQJX@&d^5+(6bN#ckwT1p4 zK~&^|?^R&lq;N;u+A=S-`b@Ll!i_nc)3aQE2yJJLsjhL~oeQLyW?dlKd+d}pskA6qSP2gU(1VNo)EW=j zOc_?GDLvw^nMBqm*okHZ^+iH*iXNGoQaizs1reM~U&H)Br{Hj^6j-60#^Jr|?uv7S zfiM;TSbr>Jp|@|q!wDUSp>}qXfX&&KY5>9`X-y7Lw<;c?-+r&aJT5FV0NAqBw1sYg zFiog54=AK~5;Kv~K>1s0jwsd;sUD|foJE495@1omxN;Wwy5I63N;OSwOUx6_Mnv!N zBT`IL>SkP2%~X-zT*td_Y4gpFbmLY#~X>%=r08T~F` zvjMMK69y@sh=Ikn0I;76AwP#E*3;$b_h(nvmw)@^?eY2PKPo7A829`Az7~0n#H+5TtI^t(8=)ZSu1Ee&@uY%4;i_IiLViLCeDhW_LZrFEpoY7* zj1;MfKt|al2SdloN#1yese^MliS<&VOs!yCs5p=EIb*`6idWTbzv)Vwx zC;f@uSdvvVg`}b+KwsCqgaV+QTOS4cJLxow>1V(0qhl=!8=+SPEQ?r75aY_+t`$&F z2;>a00oWD5i#ReUY86lsIxZu16cH%AI0~$}jt*tPL<8Vg7ErSD+nYs;O zk;4j;YIc8%Dh}c;c5wh_(%jpCBpToeZ-AIW#mu)s-TFlT;g9NzP>J`->X9Ut}`&zb39-%#F%4oK|U_2H5d>Yy_IOpty@l?$VyAs^X&JVZI-roKm zv~XhfK}{Z(6qX|obnzvM=pBiP5W9#I98&qGwkTqrW{FmsD(n2xJ8|*ewAjlV?CHjO zs7bwl&v6)tg((2EX2<$fNammP%42)pw#=SMGZ zxnEl_R|(v5+~roThuX+rZ2`65u(qID@>pANExD`$uH(LG&1WyFZ1%##Wd|#AnO^I> zJZ67u!C?-l<@n34S_iR_x7q+{!B=g-wB)Hapjz@%2~@}aedJRj)?2jpyzI31qLH7J zi2KIb`A(GB>u!f|%4uvnLL2^+Ag$EAjt5lPN(?0~-K9{sR$3t2Hs=EKws&Pu3*DMC zRob>?11hx?(J=|;K}3FF>{jIN&7K*!Ep|Xa&r&wSDap@$m2NyDW5z+t#^aRaY^1h5 zy9v{N(Sk9igU>h-`e+xNrdtVMwymeYXrKbY^a3_ZGO&MWlf5OJIg79U3^tz>Y#D_# zntw$&2pBilVOVUAVAQpp6b$Z;1tMlK*+nsq*)9?@97VfmMnam+c2R`+gzTaZ`v3dt zkDa~>{3ic{5NaW!V+#Q)z%I7!ys_-2FoZ?$p`AVuyL9`gg=gGg6tR(Ow5UWP|0PGF zpC-}Po4prm|8Yopgu0RlT_3S4WUerP3h|R)k}7I~P3h#~y<|Di z+lb*%>B2gKz>#9E+~W^4M}xwVQ6z&TJ3{;Bmul$o*H=NzVRlbnG#+dTl7hLZ{G~T$yoY6VYp@bn!tDdv()MjD za0v^=m)<_qL(|9HCvdk>+t;sjXmjQ5s)Cv6+mBT@Le3uB_`h$^SZeQ-g<3X1bN}YAbBbR94UdSvCX=g zZCVX*qK-f)5&e*}1ihgGuFBhA^c8mbJ!wZjK>{gnU2rB>#eO>zX9%Pf|PlRiYXMJW)+Sr(^Pgx}GC90!5?bObb?o=pZnkLQww3{}klTsfEY)~7d!{sNVL#3Zba2;DB^_GRCJm{N8R{rZ?C0~?Kat?~C z-_?HOLl@T3wFgL_59>9#+l0+6nJZ*qIe-Xy;4GX5)5VyS9l9aHSl6X6*(W{xE5!Hd z8pKq&M!dAIkcCBy=ALQ4gj&j?JV4B~_4h_cOA3D}j7-rSAZE2*;-8cyEMk-SRU&1z6Bdh< zODGac^#!R<$o^Kv8VOYj2b>9k<}Bm6Up$_%cw)@ey%0R1MIW8|y_uKle{P`~$PHiq z(=$ElDU76|Yw#XyRo{U+tfhrcEj6mr(Rm&)+t^;TH-Hh`Ig28~i%b-pMEC=QG=T_2 zG@hVIhB=N?LLgXpMAWj&@8maGFpKHGGLj#%Q*hHs=Tu>yL7 z<%h!B{7wZwx+FN9-vH2?3(Rp8k*JkKQG}#1uD?C&GW1}C1r2)nCqdG|mK>7;nO<&& z>UfBFgbX$|u{mX+%$P{O{@AXj7z*H4kW#`RD*9+%5)60Cg=0cOQ^j}~D%1QFa)PWp zBW34JTfKx6GE4GFS?O0vj?$|R;m}?CW)KUDkB)D0qxlHD%BY-`Jv}=ui;@Y_*vo+{ zVb?*Vgk(zijKP?0g>wpc7Mr8HT{yy0ciiY5iA`9hnLRMYI2f=5O(ayfzp<3W zTU{6iTNbW8HZCUpqArxWtD>}Br5vYZGFOsQ!CRI)JQBJL$UXHC2OS|Ld>K`yzZ~9jIzUDbGZ@siquY9jBWf zw?6d=>>#U*kgmA+RCJ?*rCMw?V$i~cia0LY5d-(Tv00hO=52=* zLlS@&Xc*cg*6;0$IeIPiO$S3O1FhuxDdjZn@ebK5G!N-eGsRcu!-eJWua8Ic=R|oM z>R&}O^1TfoPW)^a#Ur%0e{cw!jX~66&x?mxCO$EcGhxf5nUb9UWH^As5;Ru41 z0s78RG(e{x5+*Y41f$TU`imFIn1!V57N57|o(LFB^C}f=OC~_mh9D4=GPkdtD0x|DmkJ`P9Bi}; z&V=on-A72ZO=>laBhIoo>~S`t>RJ){Q5*A4p#Iqf0*h5lmb|CuI|tJ52BycQ4z%s4 z@>`HQZ7z8jSCBlKr&~io^@7RGoPq9d{=(xbI~>-au3<@S!q^9OzXI2) zOBE!&sT<}B{}T5tRURPQQsl8d1QE-^p3bYsdt=JUJ&vNmmWct<(_qGoJ00(7Jj*vU z>w0LJ-1mlk_1|!?f9NBiQ!l@K2KNjt-{-T>;{1_i-o>Rhigx0?NRF>yI}1E z2bBpHZ+$9V+EC1`;4102W0N_d$dd>m?X|jbqfS?>%Z#QaBWAx!*E^3_)D!%^1)_-ULP_Pw4GLxvd( zNd*4QNfK#JhRjm>5<18~yO5~>EUyLS1I9T7=u{i1I#GjzpDDg0rhT14%xtM@y#Gq( zLB#MaqIwmIAoP=zlUdwX?aL1B79|0&gq47v7@NRED#U&~*Q*-ZuHY9Ek!tH8G{4i& zIo2l1awI&RK*Ve~I@KM6`hQc%ANfV4=6g3uXtETDn!Z4OQ)t76WQp&(9Q$#{3RImlF-^{U2*5K34=$ffxJh zdtVpt_3qx&4XX1q$3f7mw(D=k?BUtTT`$9`w_C2ZXv;%o{V%ly5i71s=_*T&82SL1 zv$4wlLey@gF{MIpwO9e70_Bl!tt$f!5!Z}v?hBAn!h50TCTyre1?^KO2^Gqzf-Kew ztkYk8^s56ks=V5^AcN>wNin8l;M(JW&@udCQpENA>(>GuU!3K;bql}IMg3n&+^!C4 zoxE*NB`a5OIk3TLB?GV~Mm0(8NrdTaxl>6UGINlFPkZ{zPo0<-t-7h+OASK;v%3DN$v0HW`m0tXK;wCUIOL4Vt_~x_L&Wku_4~h`?#hqozaX~eRf>b#TubvuSoMrdk%(9gjFrbZ z--4_%CVripv$%HH>952Y?n`A1Y#4Bff1U%m7V!nn&X5}V$CEY+v<*^k)NcyUxDueq z-hFGjY@FvJB{#Dk0tPY~I63QkWe}K73|j)V;W{G8H-g7qCR0l@23|5^(&dSik~tgw%~Q z=r+5D07Y@AFYoD%xmXZ&{cW+McDRJmIMtVozbtNV=xb0E z<@MA(YE^fsO@75?I?!Tmt>V%)exo}C8c@$pFjb1{*sj?Yu^vq>mSu3rLqIAlAP8g~ z5-FavhTJM#WSgGrSdnepeYnt)ZIHFXO}0hY4nx_t2@|1ksWxs;$GVJ7PWP5MJk zI(dOqtjTKPpHisFg<%@eih&x@%Ap#UI6PP}SfknujI)RST?*QWn!`3C6Li}fy0J9) z3qvw2clNV{f`@{n^EI>F9-Ox~GVK4_E&f|r1&|Fg&(xK&0eS$C#Bz5PV=MFkT`E3+1KTO$uoM$1BGUu2@ zp$gd_N-j@Xi+kh>s=BkH(h7`7#O^&q*cMhT4?N(_`4t;3Zqvg*XRmYB!IcPeJJf=^ z$hEhRo%_e&eRRRujHFYN32=qsDdA{<&PmE?02231{pm`v`eiP=LL?uA!3(k%VBmfO z*2>^lE09)0ll$;e?ts;GzBy2No)l0=Ecf+g`Pk*eLCi1gmZ2{b&OFC@VWU3j)@{`d zbzTCnv=HmUu0%gCfqxuX)y2t{P#4Od)oLpTL|;$htjTu?vS)1?%V+u19G^Xi>{;TG zN|;!9-LPVn0>_q@ZpTkfEwkvq_g)OOIOPLPs-T~YRBTA~#AV?Mnz;n*{qmX0z16-v zOS?7FZV^FB%RP%CNo`#405I10L@@m$`W8suFIJMd<%#-@HWV<{?Ob0i~+vz+XreId*W~V1>aTk z2du!no6IiI0{*gj23mkzKI1?OpsVE`XaRV&ECjgx zr7viNy<8%LMsUlfG-w34N^*lnpsS=g$i1-KR0kdtdflo!T!LNqYS>jT-EH}GQwb1^ z_*#<$p}y%&q(g8T_oPIqZ++e52u{nD1PQ)&OCdXRr}4#$LBc}I;SJPzVmG<}FO*&BRukKzi%iYrQ zd*9yqT)MffKwHE$uSyrV3o~9#ewDNUka73S3)5 ze7hU5#@n<9u{qd%+@nbkhao3I*xf8&>|NBe2e|wV%`Le8y*Y~5ovvI0w_B^}JoZgn zuNP`9kJ%{T@~mnxuiDQnKlkSo%R=#;zPe*3+c}G={JCh(=`sydPnXKYpc8dRqSVf% zIS+viRrVPolW2^!Q+gF$o0Ognwh^iP{0qY8slQ5B1S%MAhgSY!S@2Tl8j3H=9n)>%ftIALN?uujih*D~iCaAo>63o^*y zpaOa(v_A{CNF0Jot=%t!WczL@OpUB({;zWUsNTUM0i_TX2##+ayIT&D?fa%3$gRsK z=I$5x0;_8?aLrnbpA1W<;+8<*;DW%m>Ly=zDk4X0SbWRx=NiruyaNgpG( zXkNX(w2(Nr-?Tu5#uFmSbf|!BkI|IHjO*(Q#t*`NmwRaBiE)dm=9>mq-K7@Pf3gwO zs@$SeciHt7Gab3f$XxnP7*>+?KiNoMn~Uv@&c@EP0`v1f{vDrt#zVNR+Y4AiNsnx8Hh*jzQJjj#-*Zn0C(i9ki`g zIFWyMB5!rySkYs;I}&hjvrh;8bbR^t?Ctj*SRcO4-KC`5*wx5f&lB>EgG%nVYL~XV z_Dvym&snB!UCo$C!Mh@w>kunpO@I{>I3`m0%0b$R=SuE(vg)H538pxvV%Aq3_zrFt z>cc`#uwb#+MfU`Wl(Tpe&5_6^;G_rgg~UzVQ+>s}n+GxLA}u0!-|7fo-99=N2uFZe zO7F-nRF(n?js(lS%v8*5I}3h(Z&?9!vivJTcAd2SUF(ilzq9cHmyAi`5Sa9}+EeMeJTS^ZMZ9L(?@KharqM5y zmEV8wi@Tt2;i#d%hKTa^947xNX0H{u(igT8s%er6LVUttv9lC^-P2n-Fz2r{o+w2g zw)Z$B9B#6frizM{1JjUbUo9PmX@rGxe=%3&rdUjAJn47-#xgXclWD40_8zM?plC=q znn?i*hj((0hlsN*rSW8-0}?9BS(0!j5zw)BW`Qh4xL52Qo9i#4lik`-(i?$nCSFZMG3Dd;U z5@peUDce=XBN(`&!C-IyRe#tY_V<>7Gthr}2G4XaXYxL*j5s9!{QnrwZ@&$`>YT7-&S4|` z@%$chvWw2*px?Q=c>VwN-q3)=g7nTnfE!b}xgB2|pZsvz+wTuMUk%g}H~0$O(b*BW zQjcjwq`dykOcFPkk|R_U>s*pF<4VX$I7^7_O{K1lK*VmSAs09mHN##Fp;Q<3pg?5- zgs;LB(n}xwx@0Wv=8L&%t2>F<2uHk%ICoIi z?vVqneb1KZ8f|wWdts+*E`G1w{TjGy5Akcb!J}^znd>C_W{k4cH!`brwZ?R_x^wG( zCU#l7xB0&9a*_O3{{ANdFk@YlNl2A z#Y?l$^%2;4vcU<`ysOtCqzByQMh%y~zqDFmUIE6P^q18n+9?0Nyp9}j-YC}0#*Wxc z>k}E|c6oU{zPt*GgTebirj$=!!FLo8xwy%L%W^ayX6Cd@l^xiVRZf}2;1;tlq~MHe zizFu}FQ!?j5!Z$d6?HV^rBT7bH5x%Zwb1s~dtiC-6e%1@t!g$h2lr9vk}r>wYuRx3 z(0m6&^HJNle%j4^y3V}*gG?mg?6!jX)Y&G= zBP}a`sV*`7`CY6h2Te`L!2+L!be~Zb-7$$IXK0)&MZqEJ`8%6S<1y|}WW*e9iy!=0D+LlfG3!rR~xEG%OFA_>oOKuS6H;J&-NK(8AF8153% z6-S_zdsLHT|1LQPD%gsDGxN`!(&wEz^d$9<=rhN z(L+1#7Y2eW6o2g}*~>_xDw|olKnC?OHpA>4jBxY)0dxK(E2heNDQoZGFp?iuKf|Xz7CYh+Txa@!~k66`{PE(?7lyzNj#TKp&_GUa{u|7xM z>96yf4oL|4h~pOsFz^YS?lB`*cz5E{F$CAO2JzxtBN`-M`PCr3w|5e*LpxsMNe*2;Ptwwse}Iaxs@4;YR7B2gtHVzu$Y!NJWTd?HBUxKiTyh<=0~W zh;k*so@f`P;|;Emyi(u!OSx=|Z9`_-H>Zia>$I{i_>2BZ+mx_5kMI$7h%E&}@=y8N zd_hV1I?{mBIHKA`ACr6mZ^O@Fl0B%1+xDo;Eg=NRr}R`QDf=P=pZHp(7ZkBA9%r-Q zAfK6GiR$FhIuFd=PPWF_%D=xQNz6vdT_Bbi@I)(gx0tl`Dhj7$L%?TPA+$%rO_h6C zhHV85w{Q~)ao~ZMcJ5e9>RN1K)VY`*-!r`TxsVDfoIDWjy`%4K<`4Sx8xpaB+a)-w zgJK-`u;`;B+G@>47vctwH7`;9l2@LI(LdX5nRqjiZm-HPdoeVok(W{_G~$ z$C9Ic$v7tCVx9!bbYbEW7p503>$1xDo~*dEoys|e#|#R>ng3KKv^%7cS}9^wf~)uA zSc498L&DBz)a3K`$tkj_ir0$!PVLpJQkd}Xy7H%rdRKmKVc24oPVHhh#5GDNU{w!H zLl-G6Fl2n$vDPlqr({& z5^XswOm>jh8l-%v5Ig@zMVCSf7p)5OkU@I!Tv&bd-W29sq@XB3v{#6Ex+{l^U_a=V2qm!A)WT)jC))pC?N+!C1J`4HL7pQl+uJU zO}zhnoBmL|^~_(z?MqLJ$pkrJq4}9N?c8`;t6NG9=$6y+aHdt=95}vk1YXdL+W1eW zDK2Mq6l;+8x=??A;*8p#=Sqf?-R~f~Ft2O$_HzCBTIXG+t^jwsLEAs`7sSpfLPyeO zo}SzmL!81BIOPP%3$6DJI3k{>6=xJ<6n(jTJ|>1bCN2!Ny9GhdkM+%4<3$YSi!~Ni z#d`y>tM3&H6D=brz-TS*Kkl;5|6b3}fo`caKDRv!ZDw1N>3~m}iMlQICwiBVQsfqdJd#q_Bsk-Lsp0f`nyyo+be%Z%lTT$ z2b%qVP@Sm%P)@C%ao8u^^Y-QxZccm{9}0dNUXes!qZ)EY-XYogoX@`Rb_SnH%V|~7 zD&w49U$kAizsvWjYMAQQOc~^>E6loA{)x26!`lU{V&{zOiRduj=9Z=bu* z&K9?l!6VnCYo)MA?@%YeL2hV_ckgs)&4TYFP_eoSplfO#mRcT+-sJkc)=Jq=h|#KWmmXrVQ$DH4%A(77Eaf)PRd0a$8fvjs z^o^Oh=G%ME9$^u+5;Rn)h3(H&DB`2lFtf-}5`f_D>1GQ66&S&6isW$tqie|u5UtFm zuZ|z4=az#jZQn=B@WiGmc!t#w)ap=k!+cXch4t^IwxspddF_)TckfJX^e?$PB?OA= z`_cRma5od`iRj3!NRbwSq}Q&}DR$S7A%_bh4T6{Et^{Hx`GrHTSe(3NX+cqni+kmT z>JFyy>mcbD1f8vKh2D4;J3D`gk~M#bdT7n=L$@B@CBqp^(B6$4yZo^$03ouq|VoYT3*GXRq5K z)UCz>wS94cKQagZq5#5a%vRga_uT6H%uK`#-ix2Vizh1P#TE$ni(1u1y#w-ibG&)` zoH60+vAO+39;w6hfLs;bniQr{0y4JB9`LAhV|wYkaJ*GAgMe_hX|I1R(m*hO{`^^b z?P1J40h#b+W`UM;uH+!O3hoBmH@5}csVARJ8Q^6?8|`3^TN14ES$o)CAr2lj%kCwx z>G+mg(LQ@QVF`K9ALRR&IpK`#t4TJ!u4C)I+l68L530@GHeSXs;%BvU9c@9sG2PTR zRy>2h*MHX%`)CSj_mHQOBUsuKrb!m>e#5(pW0HY%O|O@;ug)fcl-S`Z*U=F=rF3mO zum=zI+N7hGF}GhB$FKB3?#thIn6CU2*A7;cuf;dUqT4@RjFJ(z-~%|1-1)H2@`kSE z*})a|!!F@p{u>c3qybAYPl$G~;UYwj|8%(wzqXt-395+4a?X_i*?+|j4hMR9r9hO% z$9VU-`u?8#3|e$B9HV|;7}RIk`<;osPp5x>Bt1CjK=fRT&2ASR{Pe+RUX8x_R!c&A zM9Sk0TtbY2&S04obd(O3xzw6le%ME8R&med zwTzed_+d-6cs$!ENEZl&3MZD|v!C{X>p}P4IE0GRJx~t&6X8fcD(*h(lGHXw>bkQ^ zWeE)(0DXAho8a}JzIOW;La&kTSxI>gH-Y?FqDZqlGg2P{-xQSry!Rf3h;;v;SyH$> zBaolNYdHbv>?m@t;^YIwoCC8CVz;9{Vb+0H+W6FYcUl`(Rc<0I9t_b{KH~h{btjAG zfr}}BxR%in!47jBP=l6aQ3&a6!67jwv+@vpxN!jB8$-u`nJs&(iyI^1IWL=DEH0;h zh5Y2m^P7-PpzU@Ipm+YRtTCYFA4p`{HoQU0i}(DP^0D9RDsf0>3ijoJ`@Vv06RDr8 z%T)zK7o%Q}lf*JO|8uNCeyk2X@(yqgt~{>$jbfN-2D;Fdeu&KL4?9-oJUmQGTcxnU zLWl@jMR$kxN_w8o+Et)4#Na{5%t7MvamE01a`ze!dbJ$FbMbEW(3~%nz_RFq_e5C;^ zx?Z*?$eKaZPzYAc+R+CZMH8fAKLXk01#}{(c5^5c?S}9H>e&7UX3`&*Nu5wLcz+Gh zVmKT>dwSfI_(3~<0wBMn6R;T&h2Lo9k23=NM263NF z0#LwZ^P#w zKkW#yCT?a(K63}3s}#g`C|(V4&(iivCAN7SS=b#3{){NI4B0i{uH#>~{)+?py@g3I zB1;pj{yll(s%n1^nNP11U(pocHcfn3i&d%L8&j-ZxClXDG1Z(4qa~p zt(&WTH7>ct)17ubx~H}cqXxh^MW8}zWtls89ZJ_#x#ESMo57}~mB>lg&yy5q*sZDT zoc3h4@vE$)buKDQ^s*oEoZtWK?8AX2!+qcEeBKPqKMnGr+1C7!4AlRD43Kg^ zKtx9##2`V=o)B(m%T}m7SvPIq0Zr3q`LZ-EBWKM4=x%&;^c191^FNERQ{(Z!(BpUXWdfNr&Wf(*GE*}Sm>`~+IH6QG`YB>>gd$Y^Esc+mp9cLiZUD}m5Y(*lxy+od;GDqJIQn`)lEinQ zV~k66m5m*nR?ao)%Mj`UqoNiTke;9j;2vYbN5YB*{0pm=+odkhYCE43@njCvPPr?R z*5~7tT{V*qQ*}&s%t{ECSoAqbE|por%1y*yWZTiAjr8Wo7vg+~#SCsMBJnDoX%Eit zOM+}6&BVRYGvC?@4dXqH{A{|m2kFp_LMZ@CFIwMS-FELg()K^F8O1q7BdfjNa4PF{ zt7?){@~ScFH@I(YtVTTlPmqCFZKx*G>=XY*6RyLgX%3Lg|Lw!J;EZ)(8ub(X%t5S< zI3_f`M|Z|%IJDb$+2fK64$OvbrGUM8gTP*vAp6yW8;P4$>Jt!_R$XAL5>h~k5C}E= zOZRs}Ft=vZAC5$D1E8~ND}$Y4@r9*-N)io}Z_CnEo@wVCkNuhQ~MUrG>Ryo}U^ z-(uec?zY_cN8?WQ*o*?i#Y{(%cyMZ}_QjE>RWRZf8nNauyAf*UWDS~vy?eiLyrW#U zGk%l!@|C3C#KjBEUXt*6BP;^RP)otDqeNPwWld{K)lnOoNLaTD?i#(7Z+>6#MO`hk z#a1DCWd&({c$?@Knx}Vr$B7^gq5o&&!2ayj~Hn?XN`!mv$mD?r3IpSH#E>!T)PqwO)N)pE9opksMj@x+A z8IvXjVlx8}xXwvF3cI2{alw~d3P^Ox+U;iD2lh9-YIS0Z*|tbl|J7yS!P;?3p}0m# zS|I}VaNmZ`*@o!(tR~X*CZh$?gEu%^)yv1Sr?ls7ZM;|M`w6Pcg?$x8K%ll z@$y)-`5=!FFv>ei-u-aHw3DOP!!IECe)M$Ka?`_T11W^jb$EyK(1zsrr`?1A&MP3a ziS8?KQo&Z7Y;^PW^mX*UA2_=(VA$5v2i-q^ytM#Ro31pl((jW~GnTcr$3McldU(3L zy}W(b!!Z4)f{UgqIpQ*a2P2xAf?XZnS3#g`^!8c4aR!hk%gn=mt6~taqtY6jNv)Cg z{Y%e^Yz7MSzr!bZQ{0^otuJ{vj`)fBUYl$(x4CumvSg0iM5h}oQ@)zXs`Fas8$XJ98IHs#-%LoEpe)(_4R zb@5MXAnoC+-{j^e{`48>r{h~q?tma-0xj02Crblkc3cNbRBW=h--7gupnUxYBKex% zXrFh~S!hpi|+@?gG)gEc}m}7q zG2KtqL~rVU-y=q>m^5N{taZKV@gt|+>&LYCgXHY}Q#a?SMY_83SJYJbNJ+_s8UGlM zG3$@bw}t9G+*PI_n>WxAHLyEuuWL->NxR@4P|42sg_SVpC{KU@@CPm&%30+6Z(ZQ- z4IG*;R)yrBh3qu6+c_R~x#csEx;t81+&;4s@&} z5tVt{ZzE~%KMi+M5Twbz%QPEH_ zhAKjXMxm&joHrpGSrE~2UsmxfKtJE`4eO$z;Wvnutf107JjtOD?i~f~QS&DMF%VZj znq(ehp!R8s-hj3uI?2yvaq$!e6>Eqcu>!!zQ2O7@w&c@BgU09cngp!Q-%me3nF8GG z!KlP$8@53ZUN;x@iJt(@kFV96XOcOB-Yy#j9~QN#R5WdSZo+>QLPEaao&TRih~c{M ze-uK-0Qn563-0v@b#f}6l0qBx+Xq~i*7<32hCd}X;HXUg1_Ynxl&C)Xx&A%qI|qA|^KZk~mcvwS=l!-W5do&80ahIrM?-#Lr*J%V^$=}c3A zz9)K6-5d%6pM`~K0R#@Skrq6t8*EZ#*Zd{(-gqm|olcn6{8DZW@g2;nm&Z!+nMbB+adbV zU3myv+wpoL06i(^2!e9;YhYlo*U{-;M9-c+=g+M3?Uvxe08q1OcLhp7)g&PJ9**#@ zz~Ecv16Bfyp3ov65jsd7n@d;}T8F6X$c*J;xI6z#gj^9be zD1o#{(y;R8Dg)8QViJZ9<7gPu6oFvvRAg)MVbI#E_*1Acq>hpfG?6lhCc#hvT!$YD zCns)h!8^*1v8%18^McJliwpup_>>z~fweQ|YHp;l?+-c-MXACZ3OCGD#NZRqrA%t@ zrW+ZKKF<6UDz36p-!6b8xqa0BPJ9W%o z-JeVRUsaQEf;kVn8lw8$lv@GQl!Sj2HyfQT>UR}|QNvIRU4G?FVG?Ol zj#RQhExJAsdu*^~uUo;v)#2JID_BxC+T#N3h90bUoj=sTCROw|PEN8Bc&t0ASfmMlZoQM@2|J_W<6SRb&iPlKA&z@D@Ti{`hC z7;r&U+;2|b545Y8oda$^3u+hqm-qw6P;vqAZR25%|A@MXvh36iG>Z}2j=N8wjOGzv-cP6y8>iHFwAQ2EftieMoB)- zE37iSpO#QPMa5~{Fb1?lX1eiriPshpZ_nS;mL06j1Q12gP^Zv1th5)#2a4NOl=bVf zi$dD&`o^NRPy;5jYT>LzEa8Jg48exV((i{Z9eZC9eiO=~MxWgnh(-W$>spn6)%D*im8_qj0&!&l_!YF8SPRKJyf>CLObPv_y=Viw_!O zMYD=1B%ARcQ3)qrh!>N*FQQth8-LhbaQqZy^_ETg;)+Ctp=EBTa};~#IN}wNUv6C$ zRwO2p(T8KA;<_&7(i8+?Gz>5Aph`!3#>L>~2H@loQ12Dh%oN)Mch-gJ`d;8eJ)NU|DG2=tI~z?ed1#qk_)$MS94cu_mwNDGWF zDyY3#G%_JhX0ES`H(fWWN3wZL@|^l5X?wZ9{O!!z^NaH1tJ}GHn(~f{VDDU53-%JT zQtO`ldaUL<7plp1J{R%I5sv^%9jH<|8eYF>dt?nfN1PpYtgwGO=K9{m8X`7SS`JUq zrhoLQKs$fjvU5>emjz~PZEbBA5?!Dc6umFluKN_zsBGC^5y_wY|wP@$hQ}j|k)? zbde%$z(y_UjeYI)2%6S);T!Dx3ccFcn5O<;YGjx`{Km|}QH3&>|6E(Kgv!&tRcqkj zB3FBAwkS={{|r}kf^TaBBI;eOvK=`h=?&mU7t@S$hUG~jjT9rHGq)^)<2 z*;&z@X^h!PN=imZ-$;*3NWRBXr7{|y1JIAzAnMaESL%Z6;%SC0HIayI>{-I(-c>@3 z)bfORX;@U-@*SF?mX&%zW*{$K=#z;_6qQvLd zdZ)XI7BK39@|w9?c2_Kwax+6(&wB;&B^sfs^H@3=*y3nqApoGfM`Rbdb7dV3zQli` z*;1Z7g~$HcBfvLjk;GS{7I~~iVLH4!>VKra9V_DPJWzq#Z0dlf&8v_&I)a>4N322A!=HU z8Drd0B{&G@#Sz;<`U#hhXl|-+)?~u|EMc|p-$m;&nF=#V&@S*)a=Os0y@)3F+PL3a zjPmN5$e-!!RD_-Oi+R&1izEj}{v$Ctz@fo!fr1+~=A;bATt?HcX)krk85MW))2d)1 zndTWLKhiDtc_dk@mE`DM`6tbwc^k>nl_W)b<60cnSE<7P0krk`IafRtdbkxUz#Di9 zq|jTpmiqiSWu=HpGSHs=YEf$;@<~Z5+lZBMwrKdz<+-$ao$v9Cf$~B6**B63-!o<$ zIq!d9s-4Zt@N2gcaTon1$l>`I&6lNp8tozSafO^y%=SH;El&1SYasF|3ASkJZd8f2 zd?}nsU`b$L%y|7zO9zopv-90LbARU@;y}W?DJXMw zA>S}}BO9+e_rwa62P3KX5iTDo^!5`VVr5fP{#fd_mon*|v%qA}sY$bu5DrvbEsF3J zv_NL-cBax5k{Mg0lO)|p!dW@byxI)fzs9}%Ie#q{z`qCgcu|uCZ|pP!P`BIW=8d2<9mwztCLBsup~!`53C~2zfhe&~=&%bZJRp z2<*&vc;3@9Hn^P2Bk$48?spqh1A~=LwA;#^Av?mxd#mPPr+9eIBI3S}jMa>g+g1Dk zc>ch|cBuF*IOFEe|379u$J^$ig;)`x{5VQ3*wlJFVaN=L)~<0+jO(0_!!9w3jAlQ69g2QT;Os z<5p01fuc9O-B~pJ^iLM%#Em4TUSxE<9(3{d>o&&}az($thsc}c{Jsw*IUyVk9VNJy_=WlRRpyX@kSbZFWiAzmS)zLfI7kO!LI=QJ) zxg&NOUi2~g&ApI*ZYdJT`K7XhKgiXdzJGo-B7*8{FPJC#nkzk$>Vw6tS$br+`u5-=#mAYWv4_x-ot2a0%0ntG z1$h2Tam??J%(M@1AKr(X|Fr5t2}}zY;CYfn@)Bz&r{kL$nD#=_>&lz-u`bkf!V(Y0 zmbT#vzl9M~4ZuNGX9@i;j}fvxR|XT`)y)@XuU|EwKJAkh;)a&%6NoZQlCASZtj|pq zw@lJy?l=S_Hr#M{*uzK*guPYZknfib9B7Ma^bO#SAw}a}*`~F_)Z;QW)DNpgvEyeJ z@OEbAJSFi8Y!kO5CXvc6o??#sX~@QC0pD@d&rFhEhGq|*Rp4z}QZI`9x_Gr9LYgTa z+)@}0ZaQ?Ac#u5s`kjn=WsZWvTf#(3wC9A27<;OEif9gCt?TBdEMrd7x)8h_uNBkw zkGbKk&=6(;PZ)hIEn?|aI+v&Y*Z;{mk98`;DCI=}j7DD&F6n$>?_9i0^za&kNR1_EOkK!RR=J3GzMZ14l`oPtn4 zc)W(jwUd7FIxya}uQ+5oUjRMs>aq{F6R*oi&=QnXArayn8|ANOd_hd#q;BO4tk)b= zoL*A3$@QUw`V7sO(wK4oXfDJC_Wo$M9q4u`TD##Vi^%}OF{*%g$A=e|V*rDZ)&~`0 zHW`DPOPtW~8CCJJ%bBk5HumRL1qKj~oGc_wb;6AlvFP?-Lav zIFbCfheDdfElPDI3Cuie#Fa2&#!975}lBv&wF>Hj$iafJV6zqKrXyQzL_zWwCYUf;?im?LsBC2elh~f zZUceBvY;_F;qYzRY8P&X6Gd#(v|D5BGVtgNuDRAZ$#J1Av=T}@mE6w%iJ=ePE`3C`1+&m>Q=^PA8!P<_=PdOp=k$5OMjRz*!M(*VDn=l~HZ7XCW zS8Tbg4_byzoSPNCtz<+MJ1FT1hyAOy?XcjYWmvw_cp(B5TYqOL{QWqh*=d%?#<Y^~vTpn(R`3Ivqdhd~=Cz&D3-!O) zP(-teqp!io8$2o%u(>Kqt3!DA35R5$(EG$j4=kYm zWTYNr&6sh_UqnHAn9AiOV<{}*7JkAOj_iUS|A?@Xf`?M~-Jrx{ZrT8|aK*t>_iJSHw6Bq^E=E&d7`BfB>wcj!r6vK`DUV%l*Y~%l zTF@CArc`SJ)gzY}a|HnLtWtZJRpGJMEaHXE@=*hJ%xI_PiouZ>t$9=Q+EB z9*R323OL{=ymrbKVsM274#7%?KSe3leBud0uFC3BlzD=Yry zc@r{IYK;k)&!W4D4L)|}FssO>{)=4lPmfG<%=ccE&QIxmV2g*Parg?BRqTqL z;HPJ%`G@<*^Fd3C$MU!Vi2QD6gKwqI{A2B4nkxlUmYx>l?Nt%dhs2Da^ct!*kFz!;Kl=S9b<#(1kJ-r5 zPl=oif|;hFjJtK3cu$)jPj+bef6K<2^mQt6YpT%dR!)pSp{Vb0dX2;@;_f!dqg_8^ z-#H`KGH}%Xdl9O)>W^1D+#1g z<2B{3y`GO4Z8DKfzmG3&0>X96P7|*+C%e{vMdLUiYg6EnPR2B zwo(6Sg!b6Qm$;06v!ZbaCw;LNT=)RaVY{n z#6YCCm*0K`R7Bnf@HBs0>92WhOWDECJ8dNPWJqpc)0YLm;EY_oICz@W?w|PR_^ywD z0LmOXf4cRo^6rbo^iPA*z#+PgSW@x7%d z1IO;*PAobttVA*<=t`;3i-1B83{sLoXg{k-k!v{Nd5O}NC}MDR(wQr}IeUQ9>(qbp z6`lwi7_zkt%42^Bt@&sJ^Ya-Z&0yNT_r8E7mB=uRX=mVBYGF-E*mWWh4aJZCMQF=3 z@|l@tPj|8Pexm(cNvhw_T8D7J*Tqphe#b&fy}ekkfi?G%R9cY*K!0H+)ZF{(lij^o zS>*LQV`tGV9N~ouEY+!{$cJ?IBNZJY1RHsTp|m}+YGBR3O0XJu{B`}N#T}^FqRw(A zgbj>E2{mGui%WcuW&ai9w8;|NO09NEF80CM0p%1{ty&g4f3J1XKyVuGvedG{eyoA6 zmKnTf`Z-c4Z(+u~cq#is^k0^Ea(<#Sc(>zlc_9)9;wMnR@+27t(tAEIxI{E70<`=F z^%LX1m4CV?0&Z|M=TB!Mm%bu3mn!tNvW3j322US>nfosNq{9XbX7wKbz$%=7yn&+- zKt4-I6cC#=a_GOU+*S(vencaJDMr3oapMWhR)zD_sAA)p%7zR}YNaFjnTV<1`m{ zvu{kQDy{LUTkmOz%ohDkX}`ZAHF2gy6(AWWmUPd#XDCAkI~Okj z$I<}7|7(FnnmB~_Y_`tBFMtb``3{|jY;QA&+uiBYn5YX(PQG*&r@%3Om?SgN5JCBs zunuxa4wmOTSQ*VNdoN{+%{c_FAQq)l{ET#7zeX56xr!etpddhlc$oF~P)dmdxA+g9 zmJO_sf}iQ<2uzU!lA6GQZ=3$N(|%pfeiLauu#Wr7lCzbY#s)QqJt3on)3Ld_lB~M^=QrhgPW@t6r);T>#9sWfDL{3e&nV`uk!n|~?_rby+no(9w*(7qx?q1pUJ-#1ui zsnWG3M9wx9vd}6Onm9QAHW)E+2+c~c%cblLh5=kDLr$a~lVY(9EqR?EOgZ?@^`kEk zt=lwODONv8!bF6vEPZ1hnsPKW82wySp*!ksLkdL{@1txR zlECP*V;PhP4_Ka!ls!(pQ9PtNLRYZd0ScAaqwkc^Qv%nfJGcA#-K^qe#3b>xzM3FR z#Eba=+i1KF3Z{T8_m2rZ#ZjN%5ht~%(JJ9&X=UepW9syLk7Ut-<((r18DW~gBgptD ziTQE!lcFUSQwL3oN9d)jx#t-g(0-V9`M-&b2MdIwzmge5@h>TI4ydjq5c1||ClD#5 z?_aP6!~hpCqzEY7>F$4+66NH;q*ap3S=wq>Gb+R$*IrzAp^#i}3cgRsb?Gpj;6g;?^}wh>LOMi?;n&G9GEd#{|;Pzae7_#uXsCto$M~I81Ao^v?+OW2v79vM#~omO3nO1oF=gR-q2Zvk6mI zC8uoCsPH^hWk_O}8D$>X$>lWTa=DKPa5n2Tur(>qkwVMXkIY9S51P8 zG>esCHaSZLE-gz9g|*_iplXwxj(g-!aDy`r8ne-Nu?Yv7CN(XtU_G!5SfnNYre`2(zjRpBc!l&!9la6GQ9Qg_WGK`D zA^K11KV5Jg=aiL9-Pggv3k=S)#Ue#wr}16UBLpx^lw+qexSq#PUEOB4s{imex7b|0 zOcgLxMv@ZRSPH>dr`>|6;~WEo;tt603Q_wU;SiK$aFG}JkSUHu@Z$Nf1*m8Yv9Ton zq}a)tp-wy=a+zDh6C}J!V-W+Y^L<9n3L>r9dzM0#Y*fa#bAP3*!{rF;Lr>3Z!IPm1 z!Re@H$T7@fjO19)r+tJ}lFr7(NtuYJ2QU*wB2bsjmrFK;1|C1~{!A8z+K>d?t3Tjp zC6W@zIEWzkq7_#uGC^-CPYJ;b%)W(9DsNHz(Ay6zbOyW6fX=j9W&>?J9yH-Gt~6w5 zlwSb)9Yls75E_4?DHPTvgfcYpd}6_88|Els+9^7&uK$>r66Q3M=X-LkXE%BT;8Eli zpa(ESY@7{Y^`DAL{ULbpSUV-dE}){6!I0LH^O;)^_gmU{45eEDgHmJhMuQ^1Kl$NF z@g^@kJx2hOlDpWn0NE^Yi2uGGR;*G(3|9tY2 z;fAXxD9+n0TVm*eaF=9q9{Q*iSkI52ai1h#E87xa?ZX)^bFsiXW4@-ArD@!67`^<1 zOBABw2^mHi7)&O8pJrZO)VCDL$>{WWP4oEa|1m*32|?0Qg+rw#t#hnqnPnVP7~H!L zrs%^xriwK?$0t~gEfX>K=h=UMM0{_^qax(jPdr0=QOykg)xpKZLR53rAXk#1GhEZ3 zTs7ZnWjY9%%lxQ=qUuo$Np?}-e=EtyC@6zZgMpj!_WJH^N{l1;qGc4)%cf3S<=L)` z^pAjXe{+L%SvC1K9m!8{U3n0tk$4h!nzy;jSzj>11_)0QWJk>qPiipsiY>@d6H84&a`Si6T@}fH>pHzeEho^v3#<& z&P!dSiYJb78r+&Y;K7&EIfpF z+J|%;TQJJNm^Cp}8IcEk$w!G_@8R+YIL#sdF&{D4nSMWb$ldPbm%Kq%R75t&CFor&G)6cDxZ75h^I3h@>2{qROW&5$daeq%mHbLBQtUG?jdJ7Lc@m)#;T z3gN;7s%#K7;O@oiLb@(%5I`XjG+MsPn{sU%EWb+mKn~A70pz4p9e7GmkvdQlFNR<( z-@?BLJToxD{r(4MP(F|EAD<0ddargpJB%Q=*)R2x3BwnFpPd_U$M5-)@#6}}>(${W z{NaMscqUDO@F@!#_DP0$N#`mvnr$G(99*6>bG}Yr@Pa9O{pjQsV{A$>9s@cC_y>|}1~%)JUfD|}(3aIBBJi}G z5IgJJne7Mz+qi+Nv_6k!U z86g1*?+;7c@xJ*S({1SLtJ?l~m!eglu4FSY$RH=m;q|s11<`|wjs;R~L7&eJ=BA$@ zYq$3R(9Tdpfa6|MZz#v?mnj|ySYaA-&D?4hL%sKYdV6?#N)@*)^qnEY_7MLlz!KN#j*3Jfc98osIay{oTluvxhPf*?OWisK3F!Uq)x+2Bt1(P{&W0@oIIk&@peb zRnrHM54#c%)cCDi9%}rfG-j%ng37;8sef)1QRip z?9|7pdVOKEY@@eD)S(#b4GI+3hM-$cH`$E9b>}us2OuTvxE~&61o*DLyb$vSpM5x@ z0b&K@WZZM!>P>k%le2W|`>JiHJ9~$z&60nk!IP5zYBLd-^Zb z>7Y+2qLCD!(4b#r)0&}0EJ2%O8YgpWiaX_^DCRUuM##l+>=hSdR%svo6@bdfq0*hT zznAx!N0(&2g&wK<@IfZ1-bc~-w1OV{?D=zuCA+e>si&8+wQ)z zmv3t(b#oR~!=SFY%e7`sr7mxoF}2;%z8F0;Y+PRjK`h*_?lD2M*n-x!``nH4uXr?%$eQBBI|E2A`P0#x5|ApMxg%f}!_W!5P`nzTO|K48z!Tx_2&lj`*ThXr-xP>g$|FySasT*3`v3qZV|0bWvfQb>*6XR z$ra<5df@G_r0bllh^)OEos!Y-Kp(ns($|BKv?d9cLqiC>u=Ol&WSgaRKc_^Zmc*-mMsSpMCibrYKo}%m; zcZn)J^e=%V8jYp6+!8^ibOUnC9<7Tl_++(^m1=6VCy^n?;Ceqx9hBBvwFbV zU2pNHKO7#RJhWK5RmF$cUxDA;Tr5%@rpbhH`X3e2brlpYs=hu{9-TgKi$I?TE8y?u zq=#dgll@AlYpA(CtR0>l>zo8Faff4SDzryoe;p{)Hyc-{zs9=jL*q}9v{{tk5F+Os zrU?^14he6G)k%z35ZrfGMW?n!cM3bK#N2iTR~m8}jeE0gD6#~(l?qL0U0Qj4)A5dQ z70vEilQDakj8!H>poFKeZ=XP->Xg%Du5@>}ysIJvkf5c7M8sZJWf|_DUXQOR8xugi z`XCPjeOIvrmdcN56CzsUOOX@NkPOux@t|gwF`~R1~Isi@;$# zX(ysyml#`t(QcP(sJuSDYAx{V%yisT{VwM^WADrdAf*RxMqJyGz=D z5D6-tNgkeM$J_av=NzIdJXg{4b%f@c(pOkrSIwgN1SpLX8fFD{ydAHvF5eez{IVI1 zK@(Lv3qg$|J2s~K$LG&3LfPeA&qPm@U{PWB4KaT>8IzB2+6}?P2@Vh&!4dVS83y$E zGa3>fL*Q)LGQ{4}cik_Ey5ajSi(Q2NvE%LN7&bcMunVE4M%X7R>@!QFz*SMpJm<-i za|k%2LNo*_teXl4lHiby9}9>xH%+6u*?97#rTt26HNt|mu>LH}xPNTUKJ>f){qN3` z5C8Y`zn^^m{K!R{1@xd#C}C$16$)9W@=G_GFM0mA#`9l0@<`zTc**_G?Y-^N{m-4j z_F(XE{(BeCouB`rY^SxjYCsYdQ%@4pi1Ddh$8Ta1i3uGg&Rc=UWM3`H@+MQDIx4bC z#wDYX4>VV_)sh1HJ3KkoTtaw1VS(IiqhY3Yd3R|oWkQq>oW<`62@<)a0De>|gqdV6 zIz*2_mWO_rX9vS7p-UEKzy#N)!b8UqVi2~(R1_$rmn26tx-twmYc3Up_aHihiFXJA zdIAPK8v=l`G>b|$WFL$16*-mD+MNy1+0jw^dE|hOvmydAk0U|+?3J;BXCaeHmD>B8 zwt~RS-Xonz!t}C#fV>>60tM;*OCANqI89yK!KqD+oZxibtTy9lll;D7BOVN=g1Qmo zK5;u}6Gy@NT9sa?h0}s&X=G7-iGYDXau>exR39KV zrAg(rI}-ntUAoBSX>=&w3c}6b`a`$IzoXe>O#WTplaBA}g1qrBJPmIkQLJzOSK(&M zcfbF#eE;9s-rXz3f7pBWbmw9Jzl-NC_kZZ?e8O2eo+vqAiS?<839LhLD_7twgIHk^ z%O+tN4~Z)0Irg^lXof=?fKL5FcF^xj)?DT^c_E>1)_Stzka*B!w$Z>hb>kt%$;3-o zmL0F(cVQ#qB+34G4VNL^5hY;&RaDV#zwhP>Zw11^Z9zC#0m4BBVFeVuu1$ExX!as?hSR3R=m2%)b!9xsvhAhyIc4+B>TtFrZ5TI5!6N6&5U^gvs53NPJXs%e5>vqZ=LB{LG~)PbDX zdC|5I3xh&}!6}C1BRXY>O6WQ_Z!dK;#7gvcn1G?)ZB`Uz8geyVo ziN4<3$Oqq5i7pSz^xOEMYPvHL4LmG+Dua@;hko^OP~m0$}8yWI|MF zO;l%PP{&mi!!Xx3I?6Vkf2xcQh@5JU<$3FENU?pysP zgimRtc86j+2_D-9XWQgZfAK*p>#79K6UPJPf&49$5_&6cKzRGf1pmSyCI!VJ&)e`0isIy=(#(DA5lFY>Z z##K4kYW}v}XN3y>KOQq%9Izq++pP zsaN>J+82CD@n5pYYv5VF)b&^2GS-{F3-kS`*1TQi3-#shgiTbe=1ClC1Cc^a(KO`h z^<-hW-jsg*MYcLbt)N+DseWmm^)M-4HUCuFg7F~Pq|q3%Fsj#_%&2_di#ahVNoX`; z=)ceihv5+WmqI!HKsLH80RAHRX=YqaR#RtG1`_0{u=#Dc<*e+}@(4bh<8d2hqW45O zz{D!2OHEw)S6Cu$8SU*n_4jrL z{k`E{zu(gUdSkZna(B>uxx0(9Ar<{^F8=Q(xZnJ(v-yjs|N0;M&n|pF?EW9z{m(Dm zfB#K?%U^V!bYzXcwJP`M!opQSJ27;!f1q9A8VY8LK;Xgu-K?tj3i5m9KWSwDJc02p zRxpsK(xx6}^tM=kXw?7LX#df-(5eQYCH9})r+a(l_z(Tom%0Gdqa#K=OwCq7fn=sQ}?ymo#IyYs-GJ+P&i_@esTMQDKvD6s6N4 z;T_|uVA52g;{;vNFhoOw5{@I0rF+d&`_1t*wETy%<1Vbv!yv;Fq?jaQQaS2+E)i#+ zbDirPW%9Fe`81p$Q#BSjMOP*#_p8bMt@jU>_!QS&uC2XXqJ3iQ#_O(OcB-YC?@X!= zteIExh)oLlca@vn`VKQ&=J5I(1f6bbP^E?6w+(x8sY&@&O{H7uLl&*HXMeQ4yCtej zgEUHtt#$Hmqmbd`*>3r}=?+M>+TkZjVl^V$V!PLg^6XBy6jZgxpyUHmL^_|x1i^WB z@dCcXM zl&Bzeu-r~{9!!lGySj5qMtPp^0p@|uKU>Fu zG*y|BdAQ@+;Kr&_H5Tb&&+kef){X<7&u0CXy6qIc=*}!pKjTBce_%LeC3dOW;VRpg zd@Ve^du9@?YjU}3Lr_CCV|!sK~dP&-}qa(yXbXIAhQq&TA^^hzQx()%`V7 z>Zr+9@#t4&MoDsH)%2WMvAh~ynkybvQ|FX$a2l{Io%wl1A#SbdzEcy?xKk0->*ujH zs%v2;WkZEITu{Z#BC74r%%2jm3sYBHKA*f|4Kr_rX{$_EZIfBr$Z`&vMUDYQap`3- z?KGWE(*!bjf&ePTPk(~2$wBRjnE0N_&1}aemZE@|`NaYYxJfar@gjy|MN2Pp6X!ia z0eFdC;Rv$qhm6ID%?L-TF_TtX8R)g^^OB?%62 zf;H;&%rtBEbr@a;J4LXT(Pm8j%WIr&ED2iPL7%|J{VzNXYx$*Gz>64Z$8>p9Cciqf z?&KFi*2$?>bZSNC9QeAgH(pA$t*(1X9fl#hvTxM^DT-L`7V4TKQ|JkZ z3Su=)!-RJ8LY7*IXoP$=9m4H1CF-@=l%buPo!K6@>dR($@aE>bG;Z9;ASjZ)acEx$ zd@OPlwcS4I##x%~1`RJ?Q(jHfg9;M8&Pu4bq5QW#`9BZhTh;-V-T!~KSIPgf^N|1j zZk{ig|J@J_oQx8Y^kAn(Z1@}T6EwuyDu~gT&PaqLm6F7B&L>0={Y&lelBW%^pgu~7 zawT4gM&1P8f@*n>zZD2StCwe zJ89^=J-YcPD?^*NoRq;&% znoh3?xNdE2kPn{jG|ylK^blL;I?G7h>lY}czk4$h_nsCgrN6fViGN%L@a-btyZ!&Z z8I2d4dp6izfyTF2f_%5w)pv{7Knuv96`LDuZ-3XC%yV@>A1!1YQ>FXM^o1xOAIl%B z;g#xSeH{$r1gb*h%g28ej}eU^(t(FSJSRbR?}`&hQ>nVxRIxm^T(o&f<|2ata%N_6 z5gO$Gb?pD^lmAqNnbrNj2YWla75T3}*nW`z?&7&~`)}s{t>{IYO%~Wq3|$pWCB~up zOvg8>b2}@RL9W(Hr7o)UDalpl*`JFXyh}}W(Tl>1UKV@kO{`+@Dj#VHjXCbMT)@pe zYk05EEx|)u3A)-o1qZSS631HNYZjhYh0RoYHj9YnGs>fo8kv_V?_d)fY4f*KB>M0< zLw-lg&;I2V=0Wa&ufp&F1b?H^i0#*10MY?z3|B}vA-yT4QT_oYal?#W^$R$yOotuA zDaYe6II3$Gfp9Ka`4vGEJd=Z%N$y|9sF0e!o%HLrz1fQtS}|ZPHwzSe)-$VH4T1_y zAC&D6+R#<4x1wpq_<@wEKHp5?USGxUyi;=jiEIm-fw|6yr`Gh>SkwkI$AB4ry{V|o zbuP)g71O!2GB96<=cshZmjpsTxDSlwE*Ogx!D_?7y|&I9Wg){apz8AF4Re{%sBB>W z0C~`xy=-e%O)=AXW!)5ObPBiqsx8VMU*R}5_cX10!4j4OEz2&b^(X_n`6BPq#b%mV zzSgn;evBhd5>CmCNXi0#ppX+B%#jbK+@RH(%){j=uQod_upR8s9GMi?AaZrIy5L@}vQU^IFKIeIy{Zv&O7o!(@qjTy z>_ma7K8=y{t3(@f_9)V!_MKQ3pAvN|0V-t`sb#*2UX!b)VL#WKfgC4KiHD9yAm%4b zk^L4Dmo!#UGKD#EiO3ZKjW%JG9ZKW+lEyzg+a;0TqGRaD?pZ>zg(7BeI&d(nW5W)y zAkTIYiF`hf6SEv-pZ^>DRBzHHc)E)092f@>LXxvo`?Z)gBo_ta0mOLJ89U$vdXz?B zf7angVHS(5QgViY+<6su%n(>%0gC%?9*+>N;SaJefGUOP@|n+#S=fej9}8VGUux#G zJcCs^?ck)Qn>-B(aFQ$lyy^=Jkww@3mR*NI-|JEfpX-@-6-dU!T@d1Q)Gk-;fG7L!2L3Qh;9CAOJx$J6Rayp+A58k zXa<-eRTr!s^p1y4f$xNKixrj7rAK@S%Tu$dDn|A6X`U)#;;Um-J%q>V!{Y*DRsiK4 z%dzF)EtRdRdwM2yJjx*3KR~XFvY2_A@s(cZeAe|CNQ5G@+sJ#w7Wf%zxx;D!0r`K#{cNBCoWsTGBz~%0Z=DsI#zRC?UK4 z+0tD=2C5yy!rs;NJjV$JMK)yYGL4Ztld_RfgIb(uXYK0w?s$Q0(u&t-b!5xS#%ODO z2HDk)$B~hTk$fwqKcV5X-GKO3a2S2tS;eRM9eMdC2yDMo7c;OX0`hsj`TXMkRs7wLXs;AEOD8fY zMus%Y`oLbxO+khpnOn6d7LzE4Mz5!Pqb-=}Fj3KAT3iE$Ye7`ARIG`sfCBN2uNBjAM8(RD?5Z-%9os}zGnd0N;mP5xQJvyp6u?22%-DR-*FFrHvE z=ycT2*XfjS>Z3siZKiQtE%ix@+5f~E>&Og^3}KitDGd`S~9Kf1sC z^4`J)#54UQ<#Lg5^t5f`cHB@m!$e-fT3?@#n53goNJM~Xd0A$%V^cx}Kj3A}lcr;#w8svq)aBrSc?Q zQ2{sb1)_=0LZRe2BPM7Cw1v$=?VPJxDs(^Z^d%8D9e?#qQ4WHbPqmCyla?^gKSPKaI5t#@Al8YYUI9?nWui9Z%rL4G@%#4Obc!c@f zyx7b?FctTt=I*5X#~&`*OxXWlut-ZIe9&HI)gOSm5Ao9Rz=B3W& zpmAL&TD7vTl<^=Vk!&p*Qp*Dap-(yp5p-BpIMw?~D4zQ*uB>nWR|k;Si2w4mU(Nrw z`=I~b&2#7bzY69|Bav`*3lm&~#w5wTV6-K+nRzKv(?;bnN%V?dY;QA3kM&!q(={(! z#!G1E*xH1-@%pZZ8TvbCFQVBy%uPT;@-b#SL6U=*20nj2c(i$$4vC+HfE;5Hw65(h zjNw(Xq*?L#bWm<>LqlDLrKT*qGkgJ`_&B7nwFvnKq==U4uO6^f z1CAAsupmEHs>0sbEhiu<_hBpNjjiSRdzwmYB6Yy&p-zo{3_tU;&c;?6Ty>LN5{JVu zy{oGkTsm_L-Ayv@S@mnBC01!Tw=T=kXy+Si20gcU4pD!^0$Ww`X84=@@TlaDP!cop zo+>WfRy*AqN0C@X;oxLOi3-diStr+LT5O~)2r9cdq7gD8*P{lHkb-k|c7U>Jj$(3P ziWFjfI9PNvlAWN;?_KlMn;ez}uU+y0u{Zp4JQkh+} zJjvH{^QsqYi)x!i4yD@zUW2Dl9l==l0O}~@XhQr;kxmh|G$B1buF;YpTmyQd9AKX0 z=UAIZEE>`AD;#f`dl4hXA%iK6P|ON(^tTZCDDh;1y_l$_Xj2e^HU{7A>^fYW?fC%H6vuGpyed~9A?d9RQ>9aol?+SCdm}^wPCHmj9 zr+XFq?_lrY{`Z|ccdq}vS7d_lkfjMqCErJ!g(0wRJYK}4GYZq?&+&LczQj|;l0`hZ zwl(|A3}RL1mQZu?&_z}X_m0kSSx%t%NjVGtNTUF`UH;22!QUQzQrvalRp~F^AD+HG ze*MpVbefMI1tcMULISiYbucSc{O8a6@{KI>`EzFrX&Ez8vAR{HaPafsEES(QWvM;dS-SzGhn{(G#22FW|Ah1QyhvO+%JK^;$7W( zSGL~O*dtslwx$+|LSj^qBr&^rCKKq;P!i@aw8Pf5qZ$*J$+i^ev^AFCXe34{Dw^F@ z?d~r=;%OX0FI6YnRl4y7Jy9;n+*}6WI{h5{F=JsmB`1VWsSv8BTO+uhXJT}uZvq2+ z2n&%;jWHUok+3jiS61?8&^?r^Q5`J#7_tO)m6sJ5OW*Tf%NJmdv7-7W>{QKVE$tD= zNUw;HGY^tD&V5DEBRm?xN;=cXFR1O7G1*K`QOhI0OEKED1mxZmB(-YGzbXS8={Df< zkHR>Y%x9BD1WhrGEK)Ud1>0yx@kPrs0GNr^>of}796iOW!POz=wuH(jw}j-}QP{@f zLGDb|a5cD?jkJms%!!IGDG9NHA%Qlh3`*h%t%#jRms*K;>`1~DWv$TtxsG(?zlIs+ENid;s+>LIh<5%z|jpOa|`E;IZ42icr;t0}`X1=05K z&^2wZN_gQlOhGN3m`b&TqET~faz?766D*Lvd~u+b4cyI+L+axrmPW}ze+vZ+x-pE7 zCi%ECIP825IUu^}0vK79GSsGUp{xemzz9@n^?t1-u$k+vHp}rkm7bR@i@JF!Uf!uk zi;ZBngG%iw0*(j?5Jo;${^$vV8_g!xvC6B6`jXSgxk=QudAJE2sgm=|JH3D}l~*GZ9@hdBZ8g-|Aw537JS+0ZLVyjGY`E5X)>>HqN81E+O#Fm5#yGS>7gGB zzYDQ>MJC(Awd*?R1^YhZfnFYSmU48(_+`j&0Lw@0+xE4}Wat#~CV9Limlnm{V(Jq} zrs%WCCoyQh(TI*y4iM|)O5F?*me||7?@q~U)BmkYZM|Q8ECh}Mj=>nP?EH7IU5@{@ z{jC3R{(C3So$LSlsvwbqqoR>KGirA85Ll69B5(t7;SH;r%al3wWeqkR4x7Z^*=oP9U>Y3edUyZj>MQe*(>(Hqb{;1{%BX2=BSqZFFXiwh}Zq<+xB?~PC!?%L)6HZ3- zW2pm~RW2+tQ_C0_84XS6_f_ECst;bRo?^v?!(= zD3>ReoIig$AvS5BlGoJYP=#dnIY)`44N?{tWHi8{N+gv{Cbe zm=!nE`b;0Uqx03EbR~_?)Yr}7G?`pm=_|EWukvB;PiR8?B;~bUbY+07;^mgoWYVlU zmfDdUt*p?XHl8w;G^mc;`s5aRt!YPYzsAknY9rOJm)2jdzAmnRsty4pi8KwTTB6$O zJynUzv(%^-7Ya73#+pXDa*Efi9Ty-djs}3V3FSKR0xJYpryYZ!A(vo-Bq$B@&qnKhen%pg{n_iLJPnp(M`0mn3Z&&@YBJ6&as6@-%texe?I0*Dy9C8Vk+qcP;cC>qClM^IqVUo+)(lTS5F4=hb9pY08Vui;wM#ujj2$0neg{km;$dJrqj`*m$^4XxbN_NJS? z=eD=j7Mdmr`Zg^zYu0lb$FR&yV=bs_m}zd+B)Ui?`Ff}3=5|ptWw&n^{n7@WCC@F{ z{~!yC2?Vmt|LfUq#s90n{q({9cNfnWwExY|{`brE8~zIUf4;og4+eRwo?pdMx zX~MXj<#l7rg<4l%xj$FE82#1FW_uH1#tm=FkL$Y6?bv@}CXz8H+6c77|7);UvH$G! zAMXF%&GY5#KPQStZo>#9s2;&9S%<79ZWsoprlndF zQKnsH&XcqA_H>>Ot!f-3s@}i@wbcM3-|A zkd>=Ta{=8VdyT~vkul#DiovEAm23{IU)hD~d%OisVhgL+VV0B|L@su z|5?fYJJ@^nkpJsWp7q#&uVnx}l|*to*MAlL-5c94fYWUDh0iy$_^KXm$JkpzW;?U2 zs@BdT+vsptXylU2g%?BFQbUk>40HM)66i#iOB=JQcr%k66EZ?H+prTUVe+}1&jWIx zmd4@MIZEJx^_#+K#;5u=Zm5~5M(?G`N$q$l zdAw1?)aYAd8Z0t;e()!t|-nY-8XEYbgW_jbzq|IT3W>?_y*Z^N*%o)H(G zFX#WI)nQo%6#XHo>iSA{hw`wnk61M7_a$@LEQ@@uNdOM7+$LQ=b7s&YQn%mNVsb-o zgZ1_{$a-rd@-<0%Dvxw6Zt8|mO&wjD1{7PHy%}Y_k>h+qlqjNeWg4hWdPb8hQjcJc zr(xl?W3KEq*i&+`qS2mG->*Pp5<&Xkpx6GIB}~!s{#7wOHVsUG6I|a#v)@Atxjx^j zbc*WCI#y7amQ#7Pp+DVCj;a z&bxNmTpG6id{{JhyJ$+PMx}MsEe_8V%@W-k-j^Gay`~SI0`b(p*cp$eqwrR!WvXMXD_1JJIrk-$p$cT9R{7}>awqjDAL~lCHf^Y-iUt{ zzeF{fj_O=NE@w_-!0R+PdKE1Is`_`psG$8w(f_aGp*K-DM=XMx5+oE8jzSs{&+(q0{dy+1 zCuaj40qLQ4M`tLYTsYpCCO!C9f$w<3|L`9CYhFyoJ^7FMDP~bGZ)k}9%QOb9ML179 zaTPmHydl1Ho_NVLcAosd&IWpiIc2Fp$Io8~$BQ}pjrfV<(SYEdD#zJxjyDrN3y5r+ zPRD4(!hmpxPRG4_Yhk$I`agYf`25uiZyGG>W6AxmXZ`KH()!=s+wDKB|GRiL&<`|; z@RXX>@RAO>lsAs#JUh-I`tTD8r^VO*-ZV+_CHwcpM5V`1SWJD<3suoyHKlCGG99p7 zk2y+1NnmFaQ4h)Nw8@E~HHC1SBR=Kq8+KEqBXZ zabLFwJG3@}?xSt*qxaGH%P>I`#^?Kp`ElaF4RyQ1!36mt8`? zK8pkki6cjWvi|2NjisQO6$9{aOy8OAX9MSwM!`OkDmWd#!m%?Y36|oogj~U0qw~lQ z!W*SwsGJ$$NZQnz&XsI~+@DAoGW4GDFmM$RFB!X(xJ?*J1wkz32*;VDkdR_{%vq4a zDZ~Gub3R8Ol(`3;Bb?xnjq{1t$nktO?U5)UJmyr8&K3wV`3pn>3JtJP zHlH=^s>wZ$k_;fnfvrUeJ~3xA8W4f7p%h~dLlY9lgbQ>vq5cHbP8Z4kctjE+(7@Z?`J2;K z4eWT|dHuhsI#LfMvJLoo789T15YZ@36D0fznPT{|fsUtmOimd~a+)N~^U5;a|!X;guW+ef8 zs(rZ{?3Oh__M$P3J~~c<$IF^k?Id_?H#6`C&%8l5AVZ3y?x5f0&vqOqPQ&noh16dP zDCHgxp*wqr3?;uBn;4zYD7|H2EOhGZRR(9u*epm=y;A3kYQ?} zd#H{CE2vRpf#VlCLUWd)E0%@<3h5=0Uj!kDd`vh-G#W8JRV+g73&Nfxbyz5A`!GT@ z5($ocq8l5MeP<&hOPk_03XH!uR1GP$A(ID44@`skpV=^k_6LKOS-U6N$~Vj>GAOiU zcG899Y)D5<`bJ?o6ka!wh1e1THV|L{fZhN#%<49y*%t*rqMU3&GFdW8+X`p=k+gxY zFxcr_w|+_HuW&47zx{Gs`h6w_sy1WdOU`pi=D_)3BamMrt7rL-N-q4 zPvZ*Sce~ws@l|8x`m!rRAs&)Y?@&07+gDXn_$J1`rzDes^V#_050qW3Fy`J*X!vZG zM1FQ<^Ydq?Fz6r-^AUTVr_GEcn(b$omyKF+a(H(3{>|z0>;qD^#UDAF?prUBMl?8_ zjf!6upv%mT8nHGMSE3-)-!LqnO%%JlB=dzmURsvvwjJvGR=H#2=g)vYXTv_W0JN4? zRB`byTTSSleSoPK*y}gvFV4K=V^Yw`Zg4={@89haaer`)L*lkEZZNS;N*5M(=GWjG{Kovx_Tz>32VN$D3&=laYC4CSSXI&j^s z5-ty17byO5sc1_}e7S>1W}*Kon=Y}JvEG2;ocnmKs1DfL1>38At%vFie# zi?L6#yTmyype{qd2^LB44%|N=|B`1>;b&K}H!R4rUDORaP8|vc*FwR-M!{e`C>Y!V z3I=5qXr_VQ#$%2HDX9PpIcI3#^}W91e0UR~*K9_nL&DKuXA5ojxBFX4g`RC2Q#QK7 z0)Yx5)uR!OsF;u-SMkR*nWRH7en{fgM$iqB;3O4YHtHr5($!XBu!&HCrua9;jX6rH zddkC4$N_5sCOg>oCpa1tp$s<4mLb3AmIA%TKtV{DWD1POjN?QJu>l>82u#a};3Va; zsURS5_Ns=uqa-M3MXp0F@`6nx>q?IR(L|7NB$X=611(o%D0}hdrKh>_`w31m*slmD zh-#A#(Z{}JJp7O2bkPYXGq9%XmqOu#3VXn*An2kfkzAln%{2fI!#NtVWTGlE8Eti)}_z zTVWWoaZi;YT{#lyvpd`FCQSdi)B7H_HSK)qSRR`H<+FJHce#!2q8~WJfzPJO!6+eo zid^%~RWk$=Yu3;lfj`uP?jR2c<7 z!s)C8kWN83@SHP33Y{BcnKJ8AAB8v?r+7@zn9T@};1HkiDHUqB#ZlmdbV?J=Q!B&q g?(K2)!}IVwJP*&qv!>_&3jhHB|GMX3Cjb@?0AmVNt^fc4 literal 0 HcmV?d00001 diff --git a/charts/wordpress copie original/wordpress/.helmignore b/charts/wordpress copie original/wordpress/.helmignore new file mode 100644 index 0000000..fb56657 --- /dev/null +++ b/charts/wordpress copie original/wordpress/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# img folder +img/ diff --git a/charts/wordpress copie original/wordpress/Chart.lock b/charts/wordpress copie original/wordpress/Chart.lock new file mode 100644 index 0000000..1c327cd --- /dev/null +++ b/charts/wordpress copie original/wordpress/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.14.0 +- name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.5.0 +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.19.0 +digest: sha256:f14e7183217316a026257bb89543ec1055b763c37dd4bfba26c2c725ac0e7571 +generated: "2024-03-08T16:54:42.092136196Z" diff --git a/charts/wordpress copie original/wordpress/Chart.yaml b/charts/wordpress copie original/wordpress/Chart.yaml new file mode 100644 index 0000000..1685758 --- /dev/null +++ b/charts/wordpress copie original/wordpress/Chart.yaml @@ -0,0 +1,47 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +annotations: + category: CMS + licenses: Apache-2.0 + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 +apiVersion: v2 +appVersion: 6.4.3 +dependencies: +- condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x +- condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x +description: WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. +home: https://bitnami.com +icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png +keywords: +- application +- blog +- cms +- http +- php +- web +- wordpress +maintainers: +- name: VMware, Inc. + url: https://github.com/bitnami/charts +name: wordpress-copie-original +sources: +- https://github.com/bitnami/charts/tree/main/bitnami/wordpress +version: 20.1.2 diff --git a/charts/wordpress copie original/wordpress/README.md b/charts/wordpress copie original/wordpress/README.md new file mode 100644 index 0000000..006c3d0 --- /dev/null +++ b/charts/wordpress copie original/wordpress/README.md @@ -0,0 +1,772 @@ + + +# Bitnami package for WordPress + +WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. + +[Overview of WordPress](http://www.wordpress.org) + +## TL;DR + +```console +helm install my-release oci://registry-1.docker.io/bitnamicharts/wordpress +``` + +Looking to use WordPress in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + +## Introduction + +This chart bootstraps a [WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +It also packages the [Bitnami MariaDB chart](https://github.com/bitnami/charts/tree/main/bitnami/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the WordPress application, and the [Bitnami Memcached chart](https://github.com/bitnami/charts/tree/main/bitnami/memcached) that can be used to cache database queries. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. + +## Prerequisites + +- Kubernetes 1.23+ +- Helm 3.8.0+ +- PV provisioner support in the underlying infrastructure +- ReadWriteMany volumes for deployment scaling + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The command deploys WordPress on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | +| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` | + +### Common parameters + +| Name | Description | Value | +| ------------------------ | -------------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | +| `fullnameOverride` | String to fully override common.names.fullname template | `""` | +| `commonLabels` | Labels to add to all deployed resources | `{}` | +| `commonAnnotations` | Annotations to add to all deployed resources | `{}` | +| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | + +### WordPress Image parameters + +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | WordPress image registry | `REGISTRY_NAME` | +| `image.repository` | WordPress image repository | `REPOSITORY_NAME/wordpress` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | + +### WordPress Configuration parameters + +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------- | ------------------ | +| `wordpressUsername` | WordPress username | `user` | +| `wordpressPassword` | WordPress user password | `""` | +| `existingSecret` | Name of existing secret containing WordPress credentials | `""` | +| `wordpressEmail` | WordPress user email | `user@example.com` | +| `wordpressFirstName` | WordPress user first name | `FirstName` | +| `wordpressLastName` | WordPress user last name | `LastName` | +| `wordpressBlogName` | Blog name | `User's Blog!` | +| `wordpressTablePrefix` | Prefix to use for WordPress database tables | `wp_` | +| `wordpressScheme` | Scheme to use to generate WordPress URLs | `http` | +| `wordpressSkipInstall` | Skip wizard installation | `false` | +| `wordpressExtraConfigContent` | Add extra content to the default wp-config.php file | `""` | +| `wordpressConfiguration` | The content for your custom wp-config.php file (advanced feature) | `""` | +| `existingWordPressConfigurationSecret` | The name of an existing secret with your custom wp-config.php file (advanced feature) | `""` | +| `wordpressConfigureCache` | Enable W3 Total Cache plugin and configure cache settings | `false` | +| `wordpressPlugins` | Array of plugins to install and activate. Can be specified as `all` or `none`. | `none` | +| `apacheConfiguration` | The content for your custom httpd.conf file (advanced feature) | `""` | +| `existingApacheConfigurationConfigMap` | The name of an existing secret with your custom httpd.conf file (advanced feature) | `""` | +| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | +| `smtpHost` | SMTP server host | `""` | +| `smtpPort` | SMTP server port | `""` | +| `smtpUser` | SMTP username | `""` | +| `smtpPassword` | SMTP user password | `""` | +| `smtpProtocol` | SMTP protocol | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `allowEmptyPassword` | Allow the container to be started with blank passwords | `true` | +| `allowOverrideNone` | Configure Apache to prohibit overriding directives with htaccess files | `false` | +| `overrideDatabaseSettings` | Allow overriding the database settings persisted in wp-config.php | `false` | +| `htaccessPersistenceEnabled` | Persist custom changes on htaccess files | `false` | +| `customHTAccessCM` | The name of an existing ConfigMap with custom htaccess rules | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to the WordPress container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | + +### WordPress Multisite Configuration parameters + +| Name | Description | Value | +| ------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `multisite.enable` | Whether to enable WordPress Multisite configuration. | `false` | +| `multisite.host` | WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. | `""` | +| `multisite.networkType` | WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. | `subdomain` | +| `multisite.enableNipIoRedirect` | Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. | `false` | + +### WordPress deployment parameters + +| Name | Description | Value | +| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | +| `replicaCount` | Number of WordPress replicas to deploy | `1` | +| `updateStrategy.type` | WordPress deployment strategy type | `RollingUpdate` | +| `schedulerName` | Alternate scheduler | `""` | +| `terminationGracePeriodSeconds` | In seconds, time given to the WordPress pod to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `priorityClassName` | Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand | `""` | +| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `hostAliases` | WordPress pod host aliases | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for WordPress pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for WordPress container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the WordPress pod | `[]` | +| `initContainers` | Add additional init containers to the WordPress pods | `[]` | +| `podLabels` | Extra labels for WordPress pods | `{}` | +| `podAnnotations` | Annotations for WordPress pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none` | +| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `containerPorts.http` | WordPress HTTP container port | `8080` | +| `containerPorts.https` | WordPress HTTPS container port | `8443` | +| `extraContainerPorts` | Optionally specify extra list of additional ports for WordPress container(s) | `[]` | +| `podSecurityContext.enabled` | Enabled WordPress pods' Security Context | `true` | +| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `podSecurityContext.fsGroup` | Set WordPress pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `livenessProbe.enabled` | Enable livenessProbe on WordPress containers | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on WordPress containers | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on WordPress containers | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `lifecycleHooks` | for the WordPress container(s) to automate configuration before or after startup | `{}` | + +### Traffic Exposure Parameters + +| Name | Description | Value | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `service.type` | WordPress service type | `LoadBalancer` | +| `service.ports.http` | WordPress service HTTP port | `80` | +| `service.ports.https` | WordPress service HTTPS port | `443` | +| `service.httpsTargetPort` | Target port for HTTPS | `https` | +| `service.nodePorts.http` | Node port for HTTP | `""` | +| `service.nodePorts.https` | Node port for HTTPS | `""` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.clusterIP` | WordPress service Cluster IP | `""` | +| `service.loadBalancerIP` | WordPress service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | WordPress service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | WordPress service external traffic policy | `Cluster` | +| `service.annotations` | Additional custom annotations for WordPress service | `{}` | +| `service.extraPorts` | Extra port to expose on WordPress service | `[]` | +| `ingress.enabled` | Enable ingress record generation for WordPress | `false` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `ingress.hostname` | Default host for the ingress record. The hostname is templated and thus can contain other variable references. | `wordpress.local` | +| `ingress.path` | Default path for the ingress record | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `ingress.tlsWwwPrefix` | Adds www subdomain to default cert | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. | `[]` | +| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | + +### Persistence Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.accessMode` | Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) | `ReadWriteOnce` | +| `persistence.size` | Persistent Volume size | `10Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` | +| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | + +### Other Parameters + +| Name | Description | Value | +| --------------------------------------------- | ---------------------------------------------------------------------- | ------- | +| `serviceAccount.create` | Enable creation of ServiceAccount for WordPress pod | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `pdb.create` | Enable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `autoscaling.enabled` | Enable Horizontal POD autoscaling for WordPress | `false` | +| `autoscaling.minReplicas` | Minimum number of WordPress replicas | `1` | +| `autoscaling.maxReplicas` | Maximum number of WordPress replicas | `11` | +| `autoscaling.targetCPU` | Target CPU utilization percentage | `50` | +| `autoscaling.targetMemory` | Target Memory utilization percentage | `50` | + +### Metrics Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | +| `metrics.containerPorts.metrics` | Prometheus exporter container port | `9117` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `none` | +| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | + +### NetworkPolicy parameters + +| Name | Description | Value | +| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------- | +| `networkPolicy.enabled` | Enable network policies | `false` | +| `networkPolicy.metrics.enabled` | Enable network policy for metrics (prometheus) | `false` | +| `networkPolicy.metrics.namespaceSelector` | Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. | `{}` | +| `networkPolicy.metrics.podSelector` | Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. | `{}` | +| `networkPolicy.ingress.enabled` | Enable network policy for Ingress Proxies | `false` | +| `networkPolicy.ingress.namespaceSelector` | Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. | `{}` | +| `networkPolicy.ingress.podSelector` | Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. | `{}` | +| `networkPolicy.ingressRules.backendOnlyAccessibleByFrontend` | Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. | `false` | +| `networkPolicy.ingressRules.customBackendSelector` | Backend selector labels. These labels will be used to identify the backend pods. | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.enabled` | Enable ingress rule that makes testlink only accessible from a particular origin | `false` | +| `networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector` | Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.podSelector` | Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). | `{}` | +| `networkPolicy.ingressRules.customRules` | Custom network policy ingress rule | `{}` | +| `networkPolicy.egressRules.denyConnectionsToExternal` | Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). | `false` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | + +### Database Parameters + +| Name | Description | Value | +| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------- | +| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | MariaDB root password | `""` | +| `mariadb.auth.database` | MariaDB custom database | `bitnami_wordpress` | +| `mariadb.auth.username` | MariaDB custom user name | `bn_wordpress` | +| `mariadb.auth.password` | MariaDB custom user password | `""` | +| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` | +| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` | +| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` | +| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` | +| `externalDatabase.host` | External Database server host | `localhost` | +| `externalDatabase.port` | External Database server port | `3306` | +| `externalDatabase.user` | External Database username | `bn_wordpress` | +| `externalDatabase.password` | External Database user password | `""` | +| `externalDatabase.database` | External Database database name | `bitnami_wordpress` | +| `externalDatabase.existingSecret` | The name of an existing secret with database credentials. Evaluated as a template | `""` | +| `memcached.enabled` | Deploy a Memcached server for caching database queries | `false` | +| `memcached.auth.enabled` | Enable Memcached authentication | `false` | +| `memcached.auth.username` | Memcached admin user | `""` | +| `memcached.auth.password` | Memcached admin password | `""` | +| `memcached.auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `memcached.service.port` | Memcached service port | `11211` | +| `externalCache.host` | External cache server host | `localhost` | +| `externalCache.port` | External cache server port | `11211` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm install my-release \ + --set wordpressUsername=admin \ + --set wordpressPassword=password \ + --set mariadb.auth.rootPassword=secretpassword \ + oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The above command sets the WordPress administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. + +> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. +> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/wordpress/values.yaml) + +## Configuration and installation details + +### Resource requests and limits + +Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. + +To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). + +### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Known limitations + +When performing admin operations that require activating the maintenance mode (such as updating a plugin or theme), it's activated in only one replica (see: [bug report](https://core.trac.wordpress.org/ticket/50797)). This implies that WP could be attending requests on other replicas while performing admin operations, with unpredictable consequences. + +To avoid that, you can manually activate/deactivate the maintenance mode on every replica using the WP CLI. For instance, if you installed WP with three replicas, you can run the commands below to activate the maintenance mode in all of them (assuming that the release name is `wordpress`): + +```console +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[1].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[2].metadata.name}') -c wordpress -- wp maintenance-mode activate +``` + +### External database support + +You may want to have WordPress connect to an external database rather than installing one inside your cluster. Typical reasons for this are to use a managed database service, or to share a common database server for all your applications. To achieve this, the chart allows you to specify credentials for an external database with the [`externalDatabase` parameter](#database-parameters). You should also disable the MariaDB installation with the `mariadb.enabled` option. Here is an example: + +```console +mariadb.enabled=false +externalDatabase.host=myexternalhost +externalDatabase.user=myuser +externalDatabase.password=mypassword +externalDatabase.database=mydatabase +externalDatabase.port=3306 +``` + +If the database already contains data from a previous WordPress installation, set the `wordpressSkipInstall` parameter to `true`. This parameter forces the container to skip the WordPress installation wizard. Otherwise, the container will assume it is a fresh installation and execute the installation wizard, potentially modifying or resetting the data in the existing database. + +[Refer to the container documentation for more information](https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-container-to-an-existing-database). + +### Memcached + +This chart provides support for using Memcached to cache database queries and objects improving the website performance. To enable this feature, set `wordpressConfigureCache` and `memcached.enabled` parameters to `true`. + +When this feature is enabled, a Memcached server will be deployed in your K8s cluster using the Bitnami Memcached chart and the [W3 Total Cache](https://wordpress.org/plugins/w3-total-cache/) plugin will be activated and configured to use the Memcached server for database caching. + +It is also possible to use an external cache server rather than installing one inside your cluster. To achieve this, the chart allows you to specify credentials for an external cache server with the [`externalCache` parameter](#database-parameters). You should also disable the Memcached installation with the `memcached.enabled` option. Here is an example: + +```console +wordpressConfigureCache=true +memcached.enabled=false +externalCache.host=myexternalcachehost +externalCache.port=11211 +``` + +### Ingress + +This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application.To enable Ingress integration, set `ingress.enabled` to `true`. + +The most common scenario is to have one host name mapped to the deployment. In this case, the `ingress.hostname` property can be used to set the host name. The `ingress.tls` parameter can be used to add the TLS configuration for this host. + +However, it is also possible to have more than one host. To facilitate this, the `ingress.extraHosts` parameter (if available) can be set with the host names specified as an array. The `ingress.extraTLS` parameter (if available) can also be used to add the TLS configuration for extra hosts. + +> NOTE: For each host specified in the `ingress.extraHosts` parameter, it is necessary to set a name, path, and any annotations that the Ingress controller should know about. Not all annotations are supported by all Ingress controllers, but [this annotation reference document](https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md) lists the annotations supported by many popular Ingress controllers. + +Adding the TLS parameter (where available) will cause the chart to generate HTTPS URLs, and the application will be available on port 443. The actual TLS secrets do not have to be generated by this chart. However, if TLS is enabled, the Ingress record will not work until the TLS secret exists. + +[Learn more about Ingress controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/). + +### TLS secrets + +This chart facilitates the creation of TLS secrets for use with the Ingress controller (although this is not mandatory). There are several common use cases: + +- Generate certificate secrets based on chart parameters. +- Enable externally generated certificates. +- Manage application certificates via an external service (like [cert-manager](https://github.com/jetstack/cert-manager/)). +- Create self-signed certificates within the chart (if supported). + +In the first two cases, a certificate and a key are needed. Files are expected in `.pem` format. + +Here is an example of a certificate file: + +> NOTE: There may be more than one certificate if there is a certificate chain. + +```text +-----BEGIN CERTIFICATE----- +MIID6TCCAtGgAwIBAgIJAIaCwivkeB5EMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +... +jScrvkiBO65F46KioCL9h5tDvomdU1aqpI/CBzhvZn1c0ZTf87tGQR8NK7v7 +-----END CERTIFICATE----- +``` + +Here is an example of a certificate key: + +```text +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAvLYcyu8f3skuRyUgeeNpeDvYBCDcgq+LsWap6zbX5f8oLqp4 +... +wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= +-----END RSA PRIVATE KEY----- +``` + +- If using Helm to manage the certificates based on the parameters, copy these values into the `certificate` and `key` values for a given `*.ingress.secrets` entry. +- If managing TLS secrets separately, it is necessary to create a TLS secret with name `INGRESS_HOSTNAME-tls` (where INGRESS_HOSTNAME is a placeholder to be replaced with the hostname you set using the `*.ingress.hostname` parameter). +- If your cluster has a [cert-manager](https://github.com/jetstack/cert-manager) add-on to automate the management and issuance of TLS certificates, add to `*.ingress.annotations` the [corresponding ones](https://cert-manager.io/docs/usage/ingress/#supported-annotations) for cert-manager. +- If using self-signed certificates created by Helm, set both `*.ingress.tls` and `*.ingress.selfSigned` to `true`. + +### `.htaccess` files + +For performance and security reasons, it is a good practice to configure Apache with the `AllowOverride None` directive. Instead of using `.htaccess` files, Apache will load the same directives at boot time. These directives are located in `/opt/bitnami/wordpress/wordpress-htaccess.conf`. + +By default, the container image includes all the default `.htaccess` files in WordPress (together with the default plugins). To enable this feature, install the chart with the value `allowOverrideNone=yes`. + +However, some plugins may include `.htaccess` directives that will not be loaded when `AllowOverride` is set to `None`. To make them work, create a custom `wordpress-htaccess.conf` file with all the required directives. After creating it, create a Kubernetes ConfigMap with it (for example, named `custom-htaccess`) and install the chart with the correct parameters as shown below: + +```text + allowOverrideNone=true + customHTAccessCM=custom-htaccess +``` + +Some plugins permit editing the `.htaccess` file and it may be necessary to persist it in order to keep those edits. To make these plugins work, set the `htaccessPersistenceEnabled` parameter as shown below: + +```text + allowOverrideNone=false + htaccessPersistenceEnabled=true +``` + +## Persistence + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image stores the WordPress data and configurations at the `/bitnami` path of the container. Persistent Volume Claims are used to keep the data across deployments. + +If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). + +### Additional environment variables + +In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property. + +```yaml +wordpress: + extraEnvVars: + - name: LOG_LEVEL + value: error +``` + +Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values. + +### Sidecars + +If additional containers are needed in the same pod as WordPress (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter. + +```yaml +sidecars: +- name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +If these sidecars export extra ports, extra port definitions can be added using the `service.extraPorts` parameter (where available), as shown in the example below: + +```yaml +service: + extraPorts: + - name: extraPort + port: 11311 + targetPort: 11311 +``` + +> NOTE: This Helm chart already includes sidecar containers for the Prometheus exporters (where applicable). These can be activated by adding the `--enable-metrics=true` parameter at deployment time. The `sidecars` parameter should therefore only be used for any extra sidecar containers. + +If additional init containers are needed in the same pod, they can be defined using the `initContainers` parameter. Here is an example: + +```yaml +initContainers: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +Learn more about [sidecar containers](https://kubernetes.io/docs/concepts/workloads/pods/) and [init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). + +### Pod affinity + +This chart allows you to set your custom affinity using the `affinity` parameter. Learn more about Pod affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, use one of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Notable changes + +### 13.2.0 + +Removed support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. To update WordPress core, we recommend you use the `helm upgrade` command to update your deployment instead of using the built-in update functionality. + +### 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +In addition, several new features have been implemented: + +- Multisite mode is now supported via `multisite.*` options. +- Plugins can be installed and activated on the first deployment via the `wordpressPlugins` option. +- Added support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. + +To enable the new features, it is not possible to do it by upgrading an existing deployment. Instead, it is necessary to perform a fresh deploy. + +## Upgrading + +### To 20.0.0 + +This major release bumps the and MariaDB chart version to [16.x.x](https://github.com/bitnami/charts/pull/23054); no major issues are expected during the upgrade. + +### To 19.0.0 + +This major release bumps the MariaDB version to 11.2. No major issues are expected during the upgrade. + +### To 18.0.0 + +This major release bumps the MariaDB version to 11.1. No major issues are expected during the upgrade. + +### To 17.0.0 + +This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. + +### To 16.0.0 + +This major release bumps the MariaDB version to 10.11. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for upgrading from MariaDB 10.6 to 10.11. No major issues are expected during the upgrade. + +### To 14.0.0 + +This major release bumps the MariaDB version to 10.6. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) for upgrading from MariaDB 10.5 to 10.6. No major issues are expected during the upgrade. + +### To 13.0.0 + +This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. + +- `service.port` and `service.httpsPort` have been regrouped under the `service.ports` map. +- `metrics.service.port` has been regrouped under the `metrics.service.ports` map. +- `serviceAccountName` has been deprecated in favor of `serviceAccount` map. + +Additionally updates the MariaDB & Memcached subcharts to their newest major `10.x.x` and `6.x.x`, respectively, which contain similar changes. + +### To 12.0.0 + +WordPress version was bumped to its latest major, `5.8.x`. Though no incompatibilities are expected while upgrading from previous versions, WordPress recommends backing up your application first. + +Site backups can be easily performed using tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +Compatibility is not guaranteed due to the amount of involved changes, however no breaking changes are expected. + +### To 10.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +#### Additional upgrade notes + +- MariaDB dependency version was bumped to a new major version that introduces several incompatibilities. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. +- If you want to upgrade to this version from a previous one installed with Helm v3, there are two alternatives: + - Install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + - Reuse the PVC used to hold the MariaDB data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is `wordpress`). + +> Warning: please create a backup of your database before running any of these actions. The steps below would be only valid if your application (e.g. any plugins or custom code) is compatible with MariaDB 10.5. + +Obtain the credentials and the name of the PVC used to hold the MariaDB data on your current release: + +```console +export WORDPRESS_PASSWORD=$(kubectl get secret --namespace default wordpress -o jsonpath="{.data.wordpress-password}" | base64 -d) +export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) +export MARIADB_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) +export MARIADB_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +``` + +Upgrade your release (maintaining the version) disabling MariaDB and scaling WordPress replicas to 0: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set wordpressPassword=$WORDPRESS_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 9.6.4 +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +Finally, upgrade you release to `10.0.0` reusing the existing PVC, and enabling back MariaDB: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set wordpressPassword=$WORDPRESS_PASSWORD +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +You should see the lines below in MariaDB container logs: + +```console +$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +... +mariadb 12:13:24.98 INFO ==> Using persisted data +mariadb 12:13:25.01 INFO ==> Running mysql_upgrade +... +``` + +### To 9.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by setting the parameters `securityContext.runAsUser`, and `securityContext.fsGroup` to `0`. +Chart labels and Ingress configuration were also adapted to follow the Helm charts best practices. + +Consequences: + +- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. +- No writing permissions will be granted on `wp-config.php` by default. +- Backwards compatibility is not guaranteed. + +To upgrade to `9.0.0`, it's recommended to install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 8.0.0 + +Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec. + +In the `apiVersion` of the deployment resources was updated to `apps/v1` in tune with the API's deprecated, resulting in compatibility breakage. + +This major version signifies this change. + +### To 3.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to `3.0.0`. The following example assumes that the release name is `wordpress`: + +```console +kubectl patch deployment wordpress-wordpress --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' +kubectl delete statefulset wordpress-mariadb --cascade=false +``` + +## License + +Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/charts/wordpress copie original/wordpress/charts/common-2.19.0.tgz b/charts/wordpress copie original/wordpress/charts/common-2.19.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..999417ccf52d78fe88422401836ff2a483a4817c GIT binary patch literal 15554 zcmV;zJUzo7iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{f7>>)IJ!UUub4}_Cst}vk{@x`yWaD4lXUCbCh>{W^zLc) zv=9kNs7ZnaK-tr&Gj)KSy!& zr_Dcu!C>&@;6VL%Fc?(-I~?ro|7mz|c(iwTxW9jN@Tb9W@8Ia*PcXOxTxw6o1!8|1 z+`6r5=f02!B?%Qs5SsAg4nTkeo=`SFhO=bM5Em>9M8zg z(EJDyosa-VSX^P8z=((h#RLLbp8FkuH&ep(Paqr;Dj>vZMCWJ}VHnMU2#%w%-&1v&`e`!hT;ll^Wg$QA^bEe8 z9!znRV%F(_z;PNOfjd1IXGtJC-s#ycbYesjfk=Xxs-7T;-`f{gh~Zs0O9I)sj70@z z6C$SBNFiom^fehex~@Th(~JdJ!CYQb%u{>}ksgZ9tTJMsnk65edwh)ipP?wj{EilY zCGvl;_vA@c{vRFeJ;?w2c(&jvP3MeErlKr{w&3FY+5gx3QA_>aS%?!s#ssrtI6Xgo z`u%ey|2tb-kP8kj{Donxt@|>4agZrhw*$}vT?r=vmcQi_BN0rWU#ARnZgp<`^xzWDkKz4$@GtQk zK7P!<0MHaOBq)Dh88Bd7;Y_lb-F{{g;i)V67QuD-4&HGBskjyNtu)%>y!R9&M4)zEtZ?FCI~ zL?`nf@EW9dDis6ZzEf0QnY^W{8eecE| ze(8H&t44%|nzb_J+O^)hAfzO)AZi6~zSNc>SwR{}^sMwQq-$KDeyk?zPL=6YMefHg zo9uw$xe|w!$y|)HZ~lUA7d}8j5~)DJa8MT0MxZ5Bzz&X6F?WWzTP+GHBZ(M;htkw9 zPsY5`F?^+v%GsgToU^`H*O~20Jl}V~V_%EGDAi0ETiSr_@7PkCGyR=)X_@8!sr|fdPu>3?pcIWrw80&KCI0`zCxe5E z|NqJ0Xz<|wzmMmW`TxZfgFtM81^keUb1<<8t)ijCoN^g3;UnH7e z;CFL?N@V~~H`$*JM_8btS0-y)*}7BnrnE}1xT5URbbK``nL6id66@&Jw8GZ{Cu%oi zHF_CDNiy*-zfs!QCP^1Cn*2^jD-z9?zE9p7NgZ)DQrV)LBTtBMOcTEH+$+kjOrqhz zy|WZbQ@&X;smQ<>Co9vbsPJz^C@zq|<1AX8qud(zNh;IzPeCM-Oc>^TMFQE3Jhx|W)oquS~D*#%}Z z65thShf-oItWLtgCP>KegmA&u=fBpvnsoWgM(n1 zTDQ+>c!7hA5i!@cI}i>$OH;}O4p;P$@YK(%ETjG5&E$&qF)6Iq@8oG16BY6JlqO>` z$+S?pK~GU5pw&A6x09Q2-i>>|bQNjt%B|>dhcmEgb>W!JFq4yWOdM4YMd@@k74@df zxDpzxt#U1uHz!w}34W82PTQ*A=UAsS>~Vud!F!)};8(Eo&-5sZdefJ4XQf${0Ji)pp0V;nIsc6MP$D(u|DBz%aR2Cy6^8xLobVj!~hU@BoUa6 zQGgXi#xzSp4=`g?>M4)kP#9rgIHofk!qpV($r&JlB071*Atnilv!rP>9zR~uf2Efi z?%-OQe-355_dBy+2E9N3v-|j$|M~dO#~(j#d$3a?4}1VYF9eg6aCYUFE;OHV|F2>H zSI%rfRHx<}*#KU0{&RnSueSfYKX^F*e=pCy@Bc!+(mGN#!~zEbhaj17Oj#`F@v9Uk zd`iZm^AkrCe5@yBb&)A?E8%%18ot~c=DZ%~k5eF|{XsE4SU0qhz zGLsN9Kw!~|Fz`ZCP;pctPH_@S;X<`2w8Zk^+j+h*Ow`%iJk5X-@#>uqX9-X-#VoJL zAtIN!AT(TAft!QNIA(p7oxvPY0x?AbLaJo;6=jz|Ga=UtiP4B&>!nNnV3-R=jO7SVXe~Y@un+bU`KBog(wv`w5=SUfM1|h;vmz0 zC8D6znq!r$SfgM#Q#Y?o8SLOc)&%0K?$k&(rYyi-7j{q*ZVsw6vn9}Vrm}Szbo1`Y z4)-6!Yt61CaVE|RJWCRX>njYb7^Dc{s}A)E(3ptYYj4c|E}QhgV_9;_f8v%qZ zBLdVPT+)Yx)_&)bR5$E>8TD#kt+1>AZWD|0@8*_pf<_SzJ*92^1I5v2rB8inPhJ00 z3i!s({{LwO{crE!sG|QJ93AdI=zsU|+^7Dh+Ill(G@DGdou|#ZES)f<6q}68f3lxP;Cu*U<~gb*qT24C=sAzca`I+ z6bE6v3(^$Xm20tHS~cqtsU;+j1c)i4SJovV+qElc4{}w{Y402{oCsT}-6yz=q{Y%$ zC6zis^gAVqI_gxXf~!YLrLA5+SK(gc2qTXDGyaptqqIVAD;y0?k59mRmzSj% z^|K3j{`&Q+*T?V=n(6tNGCCt6hB?g`1Q}CQDCTcvl55>WH}17JdSX0!rI+5j1gg(V zDzFv~c!m=|V}ThkOcE|o6sf-N0*yil7*;|IMbbc;O9n_V4z-OWrg(1OUgA_p6)}~@ z9v8AVGa6+vh9E*D<{Lr#yNoGgj3m+&)7%-LM7B>y)^-zlHn)%l+;`K|O>lx4iuzM} z)f2QY7|liz=2J>VZ;GQ>r%LK+wXVNabiSwAuXi;i5$@&VV#=G5;Wy~wSCvZU$WEzP zogqKK7?Eg+I{2xV$^W%aUH>C7nrtrj)1Q{>e@90R`rq&&|I@uZ_pbjr`)nzrsT6>c z;Z!EfCiTOxqxw&A22uTdO{wDnvigshVqF?M?Vj+e2SSvB(Y7|1+sm~!6F)PT8kF+( zQIIw(8S$va9vK#2Vab{MnkYT zTQj}h$&;2EO?G_sZ`oXdX-FoR3l|-y!zbYVpUPU}_W7g%P(!aPjhA~;Uy{79c>gOd z|L0Z8R>#i4w1ih}3$osV2ERVURkoGZbY=IfIQiMVdTT>02<>Yw}^^6TV{jFPY>G_$;65=4;?=*4V#Gd_fktR*qHRPH35$2 zHiBq}BooRoH?J9<5&6EKGHiS!%4Gxp0b>+JBNSY69rT5mfZ_s#Mf%gsh8nGB&Zs6l z@b$F`t4PaPHKu7>eRzW=s~8jg$2tHi)q9E!_X@l~T&u7l@9Vh0{wSiO{@(uha2VqK zZ_wbICr^SyJRXe3!NJ~We|)rm7#!^n2S=l$!Juyt^e1%d$Ae+-$AbgNyHt+9`t5&q zRQT1`-JN&7`RhO3KYQx?Y45*L?_ckF|NPo~D_(RTcV&&QS1Pytn?tLTbz=GC_{4-l zwiL__fzVg~_wuU#3-r6x{_~$Caetnx{w_8!z*o%RpXU6w*nViW{~P>2<}~5v96(F_ zKL>|LRsYZ7aPJ}i$GtrFpa0|U%5N<&NYN=76em($RStZ@-2f;RNra-vO%QT=er6># zcenoPqSmmnX~hX1QfIf!PMG;>ewlCQREk;q&HSqFPn|ovQ4Y*}Bg$8rH_)*P*SIEJ zDc`1~?YmoBwv*THpC!Tv^-8GIR&V*ZPRd3dMIhkfrZxWUCV1d{ars z+W-Qj5|-=OlT%IVuX-rGS{t%x4W9e)y%XIpNo4_&M3kX*i*MtIBJt#)`rS6CShe2Z z2gza$D%)be*SU`D7fdRuCSp{|0jVOrnWq@kes=i)(sIFIW53T06i+LY%UHHv&0(~i zhNGX~tbI75b~<8=B90dyd(gzW*_j5@wWkr{TuGZ-(etbVZB4q?t1mnca|80;Idya5 z2AGLnj1n|aJJKeg!MSoxNzXSwUH~VP1cx12fs9EYH8GG~l*=j6#)=_~TfOrdkBgha z+}5O|3TeRmnH;yiA##5!AJCo)X8GVs*e^6_xeQ<~3gg9r)MCC^Iqh_OvGuZ`RU4(E zMb#AXAMhMXpuH*~f+&+_irxxmQp~SZZAtNR5=s&A9tvXYbzSlHSs(pSPhI~vsXy;; z|My^cP`&^0;K|X${_nj!_pkpu$~+e+2@wl*mfA))wBbfuvPgH`nA}=ds^_9z9Qj{s z!&z}uGB ztedE)S8rDZMoCWW>n(uFo&pQcv4_72CgRH;O2T)zEV8 z#qt|uX<>NOU7ayzDrms*bQb#+rM$(q`EEl->uya^Zyv|StiGj@lz>WOxS)z1MQCi# zj-OVsOGDRKz8Ji64Lfe7VXF;SBgp*P(CQsTivk16>XIS8IweaJAaR@tb%U!?K&AQ_ zOaXC|!OiC>4t#EMS-ZKZr7FN@LAk&JX;MyWy-1)q+48H>r1LX|P(_Jep+rb~JEAlN zI>QV!FeBECgWiNb#535*C5fv-*E!hCI=ZBer^K-wlNbvWB7qF)%*eD`_DvMt zgg6B?mtiL*!Q~BhH-d}th>cgm`zHmb*0W{ ztK&XA?N43**L<)+^?#}Ue>50Y_5Z{DClC7neLVLb|M~nnm5YE}auVYpS7{xT&e6K8 zxWcJd6fvo=Rb3^9?7A&WzM5giNQk9$WLXlxlYR9ki7&G8m|TO`YrDGcDZ^5u)O)%L zO^LJJ`9nr!8O;mS^=i7T14gMUd6!hIVDBsLl{=#Uwi?(6U^tCXfWiCP1MgSw=AA-0 z;l^1M&Eby>MRHt2si&yU`ckz~&{cUM+mM*^`~WGZF?M%l3a_DdTSX)$W)nh835Oj+ zs%I}RWLdQnlH#E2ch1K4EQkh@r!;YBPl^o=MR%37L?UmnT}*RXu;xg#d}2T5ykg6= z7Fdbyt_yKHF)_d^^Q(hrP7V#FyyoV(mfo(7V3i9?&~&@&Fxz64e<>5{T`HUe^DmMY z+g+)e8;kBajA=~}*^JqWEXtX4IYt9jKi(Qk)^bm^@XA4T3vhBLi__?W8MCm|2Bu9; zo^n&GPMt>8xj??@>#e6!Bh*b#snaN;SMI4g#fm(YtA#%1NHuvvtdp38LuFM37O#pQij#V1aGF8WAjU|@KUCY5GMf$tix=iww_P{F*YtR zyId0qhlW|ucFS48{knzfHD?J*=#tB|>mc%Q$~RM^k7&fT%vPP3k~d%&8N1?e@D=Rf z>j0+$a5}{?W+>`$K^dChZr<{?C4=2!=zu}dplyP8J=;p5YowV6-f%F8J@8^2Q#O~s z_r7^SJn(8wdf*)nUJ$Qq0qR~{duny+;FgWU;)a1yqE-RRlN5q4ecF1xeea? zM~5YF``;X_jyI1{6s?H&VTIm@!*&9#fcH^_3`bAehp$d=9Fi=)A>szw#xNfq?zfL% z4fO~)`#Q^5+#i%UWpHpi7WWTJoH96CgT=4cL42=__`%@Mx8w0LxF^GdHF$h)EzA$f zO?|US46K0plQOvB-rhGWvw2|-n5~6eV(RN2b9*5P@pbiMJ;79yu5XfIoU5uT^Xa3n z_#+^R%5>m^QqOUipSxmMT~n%?*wMK>c0Jg+#B-iwpzch~^CGn9|C?C<>-wM06mx&^ z-@~K*gPQ&~9PT~nfA{g+yZ<*2|JHnF+$IbBCYB#dt`ZwiePQw&HHDp(%YbLBQfZ57 zdrC@`dH(030PhN@9y~9-=;yhIbpAUO=@@B=jot2bLcr}gYxUmjTdD|ct>_y6l-iI5 zb#btxzUJwfb=p*IXVU~5Iin*AiPd?jjt;iDk#>I1xGx zQsw$$F;(aKYH{b?O88IWde|(^O))%;uD{lzE}{hmZ1xejp^WCI{S^Xkd+sz>hkHW#xmzo3E=nyeASveZ5w7y`KJ5Y zyeZe{mQMTCA<7nCpft7TG@Wz75||Tkay{1vmlnwwLF0zWx%jt1kbSK zEENwFF^s}F1j>~gt~4i$ba^_e&CLt#COfoSCgnK@p2=1hzAax*U(KI5Y{;p&=XJr0 za55274~7FZhE$HBIzv$2!72T{@bH+K`ZbP)UWsKN>5+U?IL@x7*m#k08WRrE7?Px1 zFc&J28zzISTqYFsR6fPOYG8jWL#qlUo8`^sn`jV9yMX=4u~fnMA5l(W&xfB$6oHEK z8WYBa&ijZ3X68VknV-g@(x~b&fu1^FR7gvSv;JawIx)N%0z*kiOKL%S%8PyH^crPGvmwCY}<^Dt97B#O%h%@ztu0-FxKO z$iz-8%TEctT7pVhMOvA!l9%|Zt=rGcVj%m;GVH_ISgHAfYPR16eo0cDC6n7Nmjqvd zvSWo`;`qq{;3Q!4RM_bt+x#yT zr+S+vRirD=_kmHUQb;nInYb1^hvcN7EL1rj&5bQ;2YQ?(%KvQAkE&5Di%KaOhH~ZA z(lIAsO$2D^zjHPQ)F2;ZTMDa8-7b*F+}Me2S@#h)HH)cccgu5Jb;d6%EV273eM1t?Fxfu61nZ zm>r*h=Ruw`&j`NC>q5>tu>+pxh7aVMCkC)tBAoKW0r;l-#ZHUn0n1rGX#KCMq-26b z+@E0a1D=1!Xe^h^TtSh%<$+&WR~_x3cI2Setg5rHVO2sl{exq>C>^M=4+~q@!}AOY zqzu`J(#tFbZzgpkYX+^bqn*Pw&=Kb zhUlg;ytm`hC{@bIp?srkR|fw=u)HTb5xv3;cH~NR8l_VN!){mqe3`|VkpPBW*vZng zUh0EMlm4sMHfL0M9uQJn3EC>)3BG=<<8V)-=tm-y`_X&%?q`Ph)(-8lmV`=U$ z|KD)$Xs;UoF*rJUi2t~c=TqJP;O1Yw&>ROU=ToC#H7ps(0!8AX{Cb`MH}A$e1&YM- zi%-N&fCu3pdG?(5%-opLXyc zDiEMlq?-BHuCi_!o%HUV_s;XG{)-jsYD=dXv)0}`NcBxVb@^Z9Qn;t{AA5&~)$`wn z2M_l@-p}(1!b-$Y3f+UF@FlfI-B_opI`wiNAp za@wiCR+v?v_T{1=a3hP)9g!gn}eZssc7BHzSfNgIg8|T z(Xv{R7zjR?Bt)vgy1}X6*HZC(-s(zy{ns0b_n80Xa8SSh@9@F?yPxOY*MFVNnIv2= zeF{^B2u-jkqF{_Cwq1B>7Bx=g2^MBXFZQ?DOOMT4Ri|fPu9z>OrD10gW;W`(8E4hr z8~Qw%y+zC>G{n~_WdfuGu>d}PJlWp4%tkm6ks^-u2s+317v}J)c+#Bwd?qQk@u5MF z!tb0WQi`8=@0G9EmnC!#=#O%p{$Qi2dg@lV>QeY^MxqdKGJ_dnI_O8o8zY^DW9dLv zh@wZ)j!Zo7<=*_|LsJ3e_?^`k6%(IEL@g~`{-LgjmgcYNuv0^AD?UXWe^;xj*2Z4- z0-|agu5sQ9t+>CZt;7!K4Nf1r4fe76S?qPTLTL%r6@@0QHp9%Su19d`$Sn*v$)jiW zueGLF4RGOImc22-H_iz9UU?s)d5c9YapKkJcllwv5{^(&Gm4gKA>0m}UPGWrsa)Q3NDRL**|*HU9M3C2H`gb+nlZ%W3L}5oMM!! zJ?C|WS{;1OFjR{qi`I_4ONGAZ|g(I`@)8%-7o>6|l7`8Q~?;J(Dyl!`?%xe=PXXQpyh7oJdi@X!P2 z3iqzL4WtKr>3hI<=MhiJX*3 z(u^aFCi>vCI-Z%I&J1b5eM1FxMpI;hGJ+!BSLaJqV)34V-jmRKhI*Ls#op91Q%H(( zEQDRnbDhAXhLSi(k(;(|HLkIFnOskSxwghp9IeJERYkkH>ec=EHHyH{A0W=N*gB)tF%lX@^vb#X zS=k;s)TjxUq7V56b+wl@94p_8U&|+8L9w#=#@(x$t5({!(ve5t* ztC@6Rh+i_>9cQu~oU)aN|B!05=P1bi#~`h0C%!628w?C}_(xNmN#V0Y6AUpTiNmUP ztW-pKSIb2wGC&CvW7ioHcm;XNM}zBKEPM&IPhN${MWC=t#gihKs^w^K`8LuzQ4qsA zzocZu8ihFQ#8j0;39Lz-?Mq`#DZ5--{AE;r#-Kv7l}KbXo9J^)#Wjc#o~ipL5~*06Pcv|WaR>+k zq~p;ARVSKlu48?#A`GOYkz*tDv3Ye8IMF5Nd31V-UN+cg(#SUsUiyy4E)42qQTIU? zMd5ES_+kd7Mr(W0H$WWks`K1BxrGv92FpTh)o6JKom`=dP12zG685IR=@M*pgN;=| z-zfR5?o@Q}%X{xiWviX}@RQOeiwfr^+oj=6R|6eW<|vsyd{_Ei%FWAj-BumDZqi;* z5KtDH=`p7ngDc7|BZ@*befY8KU#ksvwUY>im|IJZB zEEPx1TgA<&`N=~iilh)xClD8&uxdC=S#WI*ux)eLUi_V(_Oyvy%9hq@XEVwfhHO#_ zC0dKlI%y#Fp$vO+DaShB@8ms$t!~#ILv2c3;pfRoik58JG{lR#lu5GscJ({f{cSbT zRwb^p=~PL7)Ubt7KrkR{iM2}b%o*X809jSC1R)&##4$T(cucNW0&|JyzOGb(WRDcP zhmD=3z1XKNw^=^-s&qrjwBu;In)^xJKwixvredtS_M;()zLdCP5>}7?^6GB&I>)AK z-EBQH-N3xwGQAIHsB_pn$38RyEI>dkVPG zS5XJKGN4TjyqUR0SJoSQE8Ut0ef7a88{7*=!Ho@Q9}(NJ1+*^(8K@KG&AA|&LR@Z3 zcY7FFkM~+Mcb5XILFBrExfcGjpM7p8mW+9ImNgA$`OD{P+B`ffJd5qW7%_sv(Ji-v zm)L(tNBhh+AwnmMrK|wt-suSU0naQ-UN^=($<}Ni8|EJ)FiHsQma{9D%frs z8y@M&A>OccT*9E-8-=9HC^yL$SYx;*3%OxqQpxQK4h?%9n|4B2O4o_JQ8z?&ki1&gwtY*{ku4FR#^cz=F8cjGO!BXH*n@y zunq8T;>cMM%!b`Kwi9cN`wd+da0{tZ;>PpF`5p&<))D5@9|3i}ry<`8+aBz4~jsHKA z|9SBL+{5z;{Xdeoo_+ft3{U>Dc_)xz+|S1eW&;jb@Hy~5Hj^Q z;t(psYHcF&9E%lPa)nr0=8Q8XS73TwzQ?iX<<|;s&;w@>dGNih zs%&h|_okGu(MHV174W`^Pr!ivvVCu+6Kjn7O?_`IP;TpcGhjb+-`mO_nl=skE0$sZQQ$tI=QFXs+%e%%$O7#c|#AS?vEwDHjulZ|MYD68|+ks``KS2E&K*fA{lzI{(kP z=B>MM0y%8^*?58qoZ8(%MVZ_Agq*hS#xc}P;I+I%4v1T(foXu$=pxFk%e=g6el3S8 zrM-R23rEM2HXK`NL3B}bYmJT-zr5IdLT^gFSR-ZI&HQ@tcDuG=Zfq#UOdX4|d&N-5 z8OXJ`&>cmulG)Sx5gMAPj>iIGuj^1)$eb&Uz}>nR7WeFPax~mbeGYLzLY!Ydk0oMq zMKqTM8$1`Sd39#XIQH!g$E8bnF7doa$36RP(YmIt@@QJr)Kx+f^AXOm4b?R-Br#aq zC9ERETNjnZJt(Ww6(gqQPUXf@PCE{JYEB99^$NAjojk6yp*-rJ%-6Jh1zpb*u^gVW z&}l;HyG&P-hOG=*ZDe`CY_p|o)86h>$JD{4*@x6EcV~e;-P*>wfH&-_a=N%C$K1?m zwE)m9Jy-5vectXX>+Gnhgli5#i&}Yy&XCQT2P^mJPNYXs^rw77bh!jkx^jJLF5p{m z=U7@(8H-h+oNRhg$@awhwNOkK zcW!Ix%|%|LZTkhYOKYE&uuKa}q?Kvz^24HX>-vuu`+pe@$?Y!!TXz4~!Qe?X{%`Q) z;r_3Cc{bz!y^#a>wPdclIsU8p_OtQ*Ds$qdKnDqK~@_ZLYUjZobR}dd@OHr=%IV-@Cxzfw% z4Dh!T7#?(29*IV^;}-ni2+whLxhszq>gDBYXAPaJtJgxWMfZ{om|Hq;xOP;rU95hP zaa;55jCJl%`y?S&pY^lY{&!cQn|lG4*#8Gd`%kLzUwcOn=l|~I`E>DL#vGPql%YSu zbz5KS?y9_+*iUIP9t@;#*{Q00p1lBEz4F>@{XCe#s7SrRz^KVBtqnKZ+Awcz6_u|| z)6@4zH`1o53-zm`E5iV(v)J2SHaj`qOtDr)%w3rlYkNJTy)4r7V2`Y}s2M9bUP#Z2D}G9ePExrz3;hZXetVyQA$ROjBYlEJi` zdpJoZHFKfhVLu<}R=dd8-FCQVJu@QbGIQ_U;@Q5uPpy6Ns#g>&os#jq=awzBVdu|> zNpruGrebQ;phK_RJzF%t=-$e{!jUX{m?{fo?5{H^%X6pdv%H~t>&&>e!Ab1$cF$`2+}kshpBRj0W{lyaa4LFU)p3K8Fqa%g zVpRMmwxu?zsY-9?^JMlGF*iuE1&zXnfj5P@9OxpNwU6H=?-Co0_!WPbG*~*iagDhg zIYR-z+Y;zi_5f(`kG|rM>S8Uw#2AGkJnHqNS|rV_lWketNCAljN+VFhaxqwl=4 z1gufwwswut|NSYBVlqi6!<*MJm+1e4!^1&k|8MVT@Sy+S%d-XNNJtsO)m`(71LT5{ zz$hb;x@0>=!6lkt?svA}&6IH9S(;KNIPfWsA{DIyF%rR)B$HiWI6{KV%z{_EM@iV( zf&@==eDjWWDwsG@_xEpNI$Q8mu`IlOdI2F} zyyH)Z=&OG<`W=7tFV$X^0F6*^nWf5V;ho1mze+og{SmtCJoZJL zb{_x#oh^8a7@--5vuDqF$4?pk9S5T0lMti6F30Ha9e>6H8e$2X#1k0PD8#Ho;z|Fr z^)Q(E|N8mqvlq|(IJ}ECmYn~3GT1w+&i}!|;9>sX$Fl|B5|N;o*xB$S88NAEJe5mO zr*jIwe2=5J{Q93e_L6+LZ1{Ytug4cOB?0e8y6CTJ5##+WS*EKz*AqswREiYMbr8`B z31Ec96~;-9h_2^%I$K-t=EuK0d)?{$_Ste#Yu>hfMBC{%T@8%z*8%R9n)v zRy^0b4S3(riBusIXV#eWWN`ff_D3L0c+HOz>D`q&NDJ1yHa1mruk=Hz2 zzEWrYE82WqrUw3*Mz`p;DKlobLk#;DS zFx1bB6bA%FK$0{Qz=J7{k@~U)XEB=K*OZEaXYEvw>?P(YJ_fGLt`0zmdBBLWy^i6T znkQh3J4PjuK&71((LmZ>9RPfd;xxj?kk778$C-sontGj=RMgY(v8;0yB6Ovqa zIs#3Wfz@yXnz&$w{_u%E?1gwlP|_O?dhE%5r;}z;bWS4@EX7q3dprlE!Jp?9^Sv&m zSUoz8uF#x6lIBv5hospf<#iX2cJ;26v=e0Uv++wR&Kc%75sx%JdcU6+2qDJMyaPZ4 z)?SFkm|7z`ngh2;CmM+4${c;u4(t>seGtzlAn*E}PKZaDL++8@60DI%_eE{LkTJ|@ z23ItTLWsyEmR~r=fUgBZK$0CHmP+ouVTgbS1e*Z>>h~p8U$!LuTSk8ioZ$y|BsyE5yKXR2a#zl)b1C(?z)66MnPoPDm(t1Zp6c>a>9w$Y zmk5%Moeme2p$UE(A`%N)nyh;tJTG-LuDkOQ|&`Q1U^?J?ftD(xxbyt80 zjc{aED3qqFSJgxKDn)-}IM;!T(RlwJ@`DxD-TMJXPY!Srn_(wMS9uAG$TTlnT+xY~n| zGK)l!((RNeLlKtdbj_4jqBx2`YQGTA&7O~Plvf7o#PfD5v^?=V#qp0SMOXC1R~y*2 z6a7~SqT-!z-(l$FvkqUUlnHRaoNVt%yD$)us%&@cdP>fvD8Tty;(`~TN8xu)6N%o5 z_g>w<M044jTm~-`EePD4Afc z9X8sRA-@-%0yD>yfgq?93Y4XkA)%Gnkc`Jz4a*oKkueD>46)jK)m`1!8kB+}=b=$~ zl}{sY%Jcw;;5ZsfqYAOm=oLB1p1=ChH&XfMDH1vESD0ZS#-)SJwr`aV|JmvE;GE%^ z@}`@YT+@Sax5F97@LO3U`3-iA)KGL7&0$2vR9D(l{oA+1cL2$u)y_KA|1!+II!x_d z0h&bft`EO_j~QO<@3ekS$pa`Qrc*s7*1O8=4NxMPDukFS8WqMa8qrM8D+jON^v1d0 z>A_Eu3R(>^Zq?svIL-F`5?W*QM}Nzd?kVJYhRv5?BO82E<|c^;hg6%tR@r{62&{_Sl!iN{F`eK9%aOlAbFBx<6<~^UU!mh0Gd%WG zGHZyL@nWj2sm#uHJyA%`Ns_zHjH|(D&blnFmV_~*F(BDB&5Ja_c1^OrJ~MN66+Awb zCPVT_z*vedl+1x}o?*UvlUheN^T;qN4{(AQp;ACdnQcbOI9=S@A;nxaZ$*}!k0_bT zfh^D{dZFxu%4Bo9rYDU=n=ithpJ7g;8SY8+_SC=oy_9m%D^SrR-T#{lah2XQRv1Ne(${5hPxeH$*_-Y4 z1T}x|_y4ArH4}WfNvQ^VL)RYU?eb$!L#o?Jwj?=?K>6LDaX7| znH2KCvk@mDL5!$`L#DY9vLrMi@uw*Yrr08~3--&yzXB*lKWybSBxy> zx8fotAn^OFfz(Si98l3!oe*dC3^zi=>?o!c<}A%#o5Jf=jXFG-@p3l4g7ri`t|9{ zH)qc;;MHq*`s(Ggvo~k2US7bf@8I<1Kj4S6m(O+q6YUhdmco}y1WBxv1HW^Daj9|Z zEYogX5pL}DV0Os#dt|7^FbAD)Nj;dyu-o((Dc zVQyr3R8em|NM&qo0PMYgf7>>eH#&doRbZ9Qt=-3zWXDN5dNz9>$97xai4(8wv@^Hc zj}4KKgqk8a0BA>(rI5+?f4h{~!m_dqRH0mEtA?3X} zoW+0H_%j#`2G95R<-dc$p#1ONV0ZAB-Th}TcAxLR*xh^jm%;AdvlmbQ0tTCBrTS!y zL;9D&+GUk1_mw;_NeG7=lY|XB0ECdE38C{LID#CGAVVDh@C;568-kA=000O;0%vFl zbkC9RbebWENO*&250m}~^90UtUnd*x?)LV2PlE`JFie8oy@2k!6yub20N`*UTPy(jOOR8%H4NjBE&+9Q!Zbfism?a1uz3J0VG8UU?ig< z+L0V(3Fh-4LboU;DT=_wf4>Hi?g@Y)dW$IFQ^-ZHVBii%D4qkHfQ%skDan!u@F@a! zgvJqwG6XmQm@|M9j%Z3TLtu;`&nRL$U>u|Oc!Xoj=Q{u&zfdIK&B}R-6BP zdIu@m0Vhe=>j03^xL|dH`7|3zPEB9bZS4*>)moD1!mNEx5$X$8%EPgf_mSP_y=T2a z=X2|!$LI4r?))E<@MiO6ESUcXPxoI`=l}i3`TrrF`Z8(B8BC zXXq(>{^G^=Xm{`XL1%&zL?K7f5Ontjd;7uQX)t(pxw}7n`fT`YzqkMW-tN=E^S!-q>7rQS8d!_OJbntBOIQ}2vc>)eeI;VIt<*s@1 z1YDdQ{Udm-Y~J7`LJ7xXjOY*?oE;qgbS$mk&XXtL|1cCvbM42Nj9?5>NZ|}|M49-i zUmi(aq3rHbinAC&hIT+gIFiOC;8ST_#xWqbh*BIOX;qdp?*N>HaVD)pTaO7-HW}kd zMo}aTP+^>k{1e5B?CPT6!;DgtZ~$*1j^QZIQ`9g!RBz6;2Ha6U&$2kaKp{n3nA8zq zoKQGHhcRTLdP+o+h$i22sFVbBBFi*NwkEG#q?_Gj1WbOG>YM>6jeSTd^iZ_UR6p^7>C7N0dLAToh;K>tk+?({&UuD*Z>a|$H%;qNJ z-_cxsegkJnCNQM!oZ#2rI>3>1QQ#q&rI71&1%MGu_4-!UAg)+!lro4b#nO+F)xRDxmgjqQ&cZc-;?AoP?%B7=Z7TW=sgDq;-&1t ztn@{XJO;>EeveQZlle?^YEHlm-pGzW%WD=RwWi9s1{5()amY~=-0p#k!^0tE&_EBYA-GGC0D1}gZ?HPA?*?XKS+)_q!YyLuBh!L zu$3`U-=9!C10hVI>>n60AsN9rLwsA1w`j_aUz8>W{9B_mFF2JeXCk=c7{>9u(5QOm z?~SuK7P$mnJ9mk&N#-FgJ}n?z&Rrs|8~BKbwJJE$9mW!n=>d^UAt*Xoh9-en!NAz2 zEL-QG@N${M~I?Gwn(L%A^7mA z!pCbkLUGPQtbT2*bVa>XFbk(B%3?%?LIv_aT3O^@z!u?C<=9EgXx$e4M3|+Jhf|P} zNKVxhjSG*(P2N0W2@sKx^*LlWtPi6ZPOxZ>KsQT2pOAxD7IU1&D9DRveNhF6&rhQzUL-mt5z;fS=Gy(%Ly6LsHRQL1bW=)3NSkOQRA^YJ{ePlAioZ<) zts5dFHLcXLx|kst!E#|3vF|~`lL+ul0F+yomnUGExI1v9? zr8JS-6or#9PB6C(FNWwX4$&)|2-B725xvn@hY4K=s?VYM~v`OS=^ux_4vr568%Ygt%pl`%KXM#fQD+@SqcE2behKmPIL;`02TS8onZkAHKE^;yn_knvRM{?b%0E(~q+jY@b_eIi zeF9;x*X!wZlUX)lRy56yuooEOJDx=phm%V2X%@$4B*x*q#De$$Qu)Q3$t*%HQWWCx zT<@m@%dA4Q0MIC#U5TmU|~= zcc#1{Wjs}8HDOqS#UeyWN`2O*ic}Nd9!QJxTfu(O7cc|g3N6m~w>tpEavMcj=ii=; z-w=LA5km?8R*_p}mQuTO{U<3!foKyH1?rX2Mn&rmfnBC5@~zw$lBOXub=9pTX0OV6 zbBpOeW*Ot6QD!j7WcE<1ugG**+2|<@(RRDKDchki6jBlec{Tf@5~^N7O7Sh^DDP!` zz0iCQXK8Hawse(sW?ETdiXNbvi_;8=mYtIf+{q3Z;~TlZ#SqeyJWj;ALM=apeMcs$ z5x@xtJfjH%uMRGL60>BVQ1Is9^hEXZiO}s@Y)X4-hU8aUDXTF9X*k7Vjg(Q8k67pB z)-~fWiC|0;bPWgv*A%5O4kd5b(xR}_4?&S!lw)WfWPFMeuJe_2Kg{^lwIsxw9wmgI zLB{R~jX?f~n9W4>uEpnTu}Y*pa56~<6+K2+NtkgV2CXuLI#Y92)bsQo->YZtSu)%wG`N zSdUzCb#=)_vXm%4TjiUFvSC|I0N@=%m70hil=rI$afo9EwyrB`?|KJZJDo6p;o;^w zUnOBJL$Sz7ad?9wkfmTu$xPXIii__0!=kRHh}>FnvinwtMopPCKj0WK za7wa-3)Lj|DPSzk&9VH16UGsYgf*kwYbd$JlqAwkdMm0riVJJ0Ou3c?r4?N+M5oc( zGVdpfiMuIEbRQ^}a1CVJN-N`9m>JhSVOQb=ffVwo>~*S5)!ZqYNJ#X02f&yS5UIr1 z#jw5>Ld8(EhQG$md=-&#nx36u%zTMeO!c3}~nuLWW1eP|cr|T*# zv7q;`=sLc{syiB8$j~PSj<8(KLaMA<`3OHXVYG>I(qi$$#`mLbpLS&EKJLN;l%?pWp8LMaj)F6aXF`5ePr<2b&YBdd zdh42$`eiREyZ!Ws!pz!26Z3Kh%pjBN;26P3{M+mGa?g{p8FW%_VaDT>`?}2*Mm{s; z9xhM4^F&*08*F6^jk8#df2Dr3f>4XJ?Xrg|Uw4#vk{+oBhUE8+aU(rgb*#jAjKX;s zqn`-5VYyw^STZMar)LH^%6Dg#Au&Q@LXlXbz%fTutVAf!Qp1T`nC$mn@d)B#4!BUx zt%EQWzb?rQO7!HQzX1ISaQO`lTp%MJ2BH8Kh!HOT40Kt2QzwhJ+9u80>Wom% zdNRUMs1Mz_QbLvWqe36^E^B8}4o{h22%bJ2Jg+OrYWrWA+(i1#*LSRBO8w&GceO1D zS)tiH7NulC8k9GqK1$T@+_4~RM)^ibY&H**asLTYT09`*z$rQqv$s{>;>!?x3}lUe zRiVhg$sg}pKt6~{BgIGm+2jnH8crZ4*><&|hn zkw7RqnV`IU5+7uWG|nbCxvHbmSKn1qLix)NA3*PC75CHF4?cZTbtB;o;(pS6mTI|+ zR5CfArL~-JUFjKof2FsHuTm(;|O^1w+Hz$l`Kv6tT|rg0?OV*v|MFU66}5R*xO zC?z#q#AL!umY7UrmT(Fw3^}3!Lp)Fs&oAFy{-C1CWq7je7y3)a$KPM6Xtek$#7a&v zxx4yThUok%CX<%~%}O%SFGah*+#U1=9o2ur7^8&$RBFKu1lQ_o72=^p14jDlj)0To!AMu9QSN zqTyKjzjZ*vgRrg2vN^WGAL_(DR(r8>1BCl{1W+ddsZ8TIwytwyQztTu>K-`Iu}&tc z>6(!-SC027G!B&ZRoB4~qSEMAtw{TjF+546)t8V6^`GEGsCe<)@Do5WXC@ryZ|nwj zD&O2YIc_5=yP$iK*ZF6aS49d#Ah=Ylm9>p1qTG4zqY~o36>i1L6003I>@Z(OS5o@t zB42f+`rcpzm!<{TA6xQ#gXVsgrB(pqvy6Y_;j|sUrf40lD*wJg^C9TEEr#|`0RJs5 z{H|REm3E05D7iFMLZ>kGXeoGKMRXgOp8y0v)nm8%YR|5fX}mg@gy|oqZnc^psD7Ns z$h036jx|;t4hu#yQ0}dY_S^9faCr*RH=HUi`a9ch%$)~1Pwf;W2w$KWg`80ECU5Hc z8FO{HwNWOv`Y>$O^3F+&sJ2Tkt-tTP$;EP%%jPXO$T_!|s_muq0gyM}vjstr%S0|L zAN8m!QH^}8nU_!HnoLMk2kZFWNqr&S0Tx2h{(z)fMxx#uu*=%m$RrA8IcI^4AhK2& z9=>bq%}GjPGMQhb6v60_B*N&&2^YOkeF5qdu)nqLl`GU*&=LO$3~K?C3 z*s0^FZX~4?6B!Sm$KjsoH`YOs`_u(O=!S_Pr3lSZM;%lctnF2mh~jD#as5bHhWnaW zVzYAe#S<6yrB(VFiSpAQ((#Jkx9q{qaaD$9plSA>FvMkeO!-SNCNzM7ah7}ZQ|Y`! zIg+@{{sJj4rmxST98O^}L0bJ?Ag*>?=ZvEnn8<@Fp-f={8Cz0ka~ATLNs2c@s4>tn z2TX6B$RK)|3dps^7>0g-hL3udrZG~1ys{Ro%(@CGlNDH2B0&B3K`v=6#g9v9P#yhj!)Kl4s~OPO|qZn3I8Dm6v2E$zpl1@i*DIE{q?y?PEDNWCfm57dA)+2QQE~7Q0e3LrZeU-YElX5=)xO%8 zh+c$~i6S54M5KYy?-}FjkTPT-K_OyHM(_v`=#$9uL|I1TIT%qW#UlenzRk-Te%td~ z`6hw(;y8oT7IzpD8tK!lBtiLECzWjrmYkUhNze{RU_y2Po548V0W%cgY_bfKV_) zGeYNJ3o)ibK1)IY`HFqp7vorTo+1uWF)}RH(qWnn!CvuOl{o~@cK1%Pd98RZ=XzSr zwL93`*V$~@6)v|!W2BlxqiMa5tyo)r3u1hW62#b!RKsFq87K-FN~Mo$Zo*tH-kUOm zyvRTm(|=-RmT$KGemTY5nMhJuDq7zbXT}K@?SF(~IKMz4Ng@VL)H@J~mtt0tZ{?ZF zrD&&!V!1Gq`OoC9HOPtSi)7r;yHr2dAUK9N&M3N^QpBbtj=&G<1>pIc<%zN^6neNI zdZAt{A}TRCigzX3r7#6N4K@V3d&)F%Bt8UE*#O`QZV1%da_z+!(@Rdb2DwkIX^5FF zt;Wk|8!k05mny$^xHunMWM6K;EK7aikXe>si$Sw2$(F-rS+Xq$PL-?-bhTdAnf*(R zoPl@b?ADB&r_BSWGMnpe?Cp^5*ER%}>ypdUU)U*^C)uJ~E>E;&$6TIp%dY7m+ySMx zOLfkt58pRcNc)8~6IBD}9n)xmft9b(D|BmjOI6a>_K>df;LbNoG2u{Nz{R=KcvUtE zn{jzQT-vpaXleffF*h#C3LB#g#~del%iKZCK{!R>O-nmim3&=_Fuius+@_GJk^-wJ zRmu#BbuwnN9YyJGio>byxHwct+(kl(#$?zq2pxj1B&QDTX&|_i0j%AGc&y+<6osi+ z*o%ISBE6dZ2atjNJ$Z(VPmw-2tae!S3zd0;=b`1X`u^Vjz*!-IE$Iy~4Wp&MtyehJ zwzO7IvJPU<56nB!j6yY;ho?>9+L~E;D$`V0RJ7GtFR^oY+Dfwed~by*{eF`im5<44>nKH( zVa8D+PsWOp&deJQewI6Q;4p@Gwycj*10weG0(hV|{E98|qU^dDK`TkwuCqD!bUl4c z)9jBza9vbP)k{|ES~?Kra&SlD1)^EX=SP^@v1e8DVgaWn7GIQ*w=PVI2CiYo+peZ2 zrr^5M0u-q&1zRx1sYVI>Q=Azn>SpuW5I1Pok7c7X$fw{U8%3DPSgpAUWKxYRLx1GS zHt3*H>YQ!MvEe`~yYodq)nyu_Pz86Y$)Ak%ndE540qImB4*zMt`Y$VwK1$FHy1s1P z?v9?4HQX5UgOV2XvP5$MwiHg6Mz)i{TC%7li{l-TkV$UG4!4VDNfcR>I2-fl7O2(yGAM1)E z6vAqu`u+0d8iGZM<@DxMwRM)?ZK4 z2NDDihID&l)N_Jezw18{jVFW9EztybYy@TxPEOVx!$aNWjta6<3O+xjC3K6G2rmmqQ2<8B6&&Sc#K0G zZ>bjs>I}2KN(!8usjYK*Yhs2>)mntn%Sl^IP-R4?z5*T#3?pvcBmko1Rl~a}mIB36 zfK%51_tYg-jnK7YKo<^L3X3uw?s7?UR38URXPyPR(zqeo4@toWyCbY2& zQYf{9c8^GHDr^h%J|zr+t%T5-Gz6s2Cr7=x*7Ml4a&Byw`hq6ff&<$sK2uT!Fmaqw zb`rH-nZdb)57L-d%bUigbcUE%XXMANF4S-L{8d%m?SN1@!n$urg1Tb;(>;`<(QA@>P=5Mye*G=q%QrD5j13pAF$u0oCFpIor9{PhlC zF}y`Sl(9TbOXhifV#3b9&JuxY^R+W+lY31x@_< zG0O%$`G1P}N93|qk;`;9{QPiaMTc7*kgP@rJSZetQI952vcmFsge9}gwRM2WE_@wuj3+M`Vw8vr_Mq`v{Evu66MgPpaJ%O3*nj8!+8zKqe}hu8AB z-xooiHPz4ude)+d&BC6wC~z_GnWvU36|w;QY*WS90B9bXOF^KuD6<5D*0RJJ7_=7U zH3FfvEWH&JS{r%a9~fGT($|JVYc(7n0nxr3Ks0~%euPB(Q$nKIAxB>{D4K`S92TwS z+gA#V=Bv#kG};=_Xr4H&uMHf{@@cFBk5-d?LjY+t)K`Z{t0A}!NLmfabz#zK$UXw4 zeKA03b~NWoP-%4pHU*YeM}G~tv^tV&0jAXvT^lm3j_@BJG|isrSAx*m91E!p+q(`rfo2>{frCH`6vYMzznG9YSYHdcpGTg*r^kXo6Ob)eK1^RfU; ztzv_05>Bm_yGKB^KLntf9lczER4W?)j{~Y!s_@FNYV`x-0fE*0mDvQeT9Z~<0Iud| zY9sJ!ZMpio0M@L%%%vgLswV*#fvh=a+#A5u{9N4!+*nOXKEN?+r~DCe?DIp8`CD#1 z&@n$vAM99DXIKMxtcC#(^jH%E8v`G!867tKSmUT@2|!j;%$Ey6R+?ru2twwBFa=#)fQiZCu_&R3IJtQ2I?Tn8d>;aLCUK2tHP8u*31J`22ihnm9YTJEUX(9 zUeJJLR^_V(&8%SVtH(2|*7;A1Xx7~PD`1)x-Q*F~Y$2+dw1bKteKB3t!QR2a?s5jwwj^L?0vm21I+CF)xlvMe%aA0Re2Y&sk6a23!`eF zBHdTeXm)93d^G!;+v!y}qUqRTom*nuh4V9KUphti)_%#_;wqSIDq~a@kWu#u;nLv- zlSn5O7Ktcj2SDkW7rzz!joe|%U2J+Ir#H^xSf(@Keum}5e}v0n*Pba4YA`cO$X$kf zb>6Hmr3oJFz0y6%Cy+qy|+H6-lV*3gzCG^PP`Hy(w^p z=nOM8>Z>F3q~t9rQVhjs<7!b@A6FfDQrs!QDu}p(ioFdwK7xFT;Z&tGQq|IIU%Z!%1t(BJCEQ%`&dkHk_zCYODzA?N&99 z@B}g5x?G)HPndUb4%ig#J$pWcu-EJLz*&qSLt?1v*#3NI?I=$J-%%4VF<}mZ4u_Lg z%%)i!>&1OrhD8?NG0LVQ)Mg|D7v>Cu43h}*zRA=MsF*+0;e`Z1N?{I)A}I~^;SrT* zsEPD2(eF*q7y=V{VEUKxJ;KQl?Cu2-8ey0OyL$oMRenF!1i4?NkjW67jNcG01J#q< zgXVE%8-B$om%N@?mEL0d4+)ej?W9DV@h~&BZhTq&6o&a?bxn&#R3wn>1S!S0P#!%| z((C8T{2~TH{4a(=Q``((Oe}EHivCx+F8qP?`r4x!p~YXFr1&cSdiu`J$unq ztH(1K)iW3l2(#WD@GM;_)iP4vs$29Ys>0Ll%YAcRtQ zWx6eF21B;3rEqLmZZHVSG+USf3RN;NjC;!QP5N#@V)`y+TY5%!De8&2MD$^%YnKyi zk}h#mHy2m)f2J9@)U?G!Jm~E{>+RZ;@%N8&@x#o;rgPXUaSadfTV+WuWRZ6|8#voq zi>nfI4J0JOLJH+ETuw8MsOBaR6o;Vux81>h*RSf{a|#dW#NthD07w9I6_1!grb8`N zKf7{tUv1QC!AZZAuY$uAfFKA-9HUVA6t3hk*%?ZBFBJ2nh7)ztjc^i^$(4>eDSbrA z1SjYUCkcs0SByiRc}VC~oZMs$sU|TQ!FbW?tp`ptT^OX1&596Vq1g!0tD62G zFYKsQD(b7efS~$uiXi191U+q$f69AyQyQ*!Fp8KiF%y`HMqa#9U<#Sti`t2<8jY4u zDH{t*GjT!fg3?y3ND0ngOl`gk8^rtEuj{$5L440+j;w8!N*yYQB+G0e-ZRQlMJDT@ zk5y{ETv40FT3T4#Vx*-t>(d5hX%j`*2ul@uOW`XmEU$#F)T*=^Y^8-|H6kmuD!CP| z(qb9kAF9&Ave(8`YBA_Ggs4<jJ#!&GF^c`N1#U--?fQ zXh=Eb_J~hKB!nNFsRqeuU3{p8a87MNq3#XxsowGSi1+lT#CtNDd-*8?@qFtx5dMmQaF!lLmIZC%Gfzo^ zIa#pV5)z6Cvo>7<1;|hG9cmq5si~DC%8jVqRQX^yR6&jx&R1}5OnZqj7gCrC`^~Jq zHSj^s(c6L{P{9T8g_qaxly4f!cwF_DIt^k84@(nU!aQK-!s$G>=Y&>GfxnZHJVp#I z^_HaxGgQ|Mkwot<(+MhqT{)5Apispr{!T_Z=r^&q=xoMJDed`^XVPwA3{K1+kehQc zx(#$R{RpY%apUMse$lg8yCM}8qaVyRx2(Q?r`83E3mF|MbBOkkR@m9FsLzUotw5URl+?7t;q zg$@u_S-)lGekhX2n`rgH3U!W64P2GLX3e6xl!CIb3>o%XfB?W4Q9d+VIKdIQvw&~_ zdY{rEfFp(yzLljPekY@sU47=K`w6^!33j)wncpHMj{zliX>Pcv^QpXS zv=5`X9Opi#O6X|i44PYl^nf1gWA@S()f8tWLUBIBYoGTNB?j?HYKk2|l31T;%#Uw} zgi;i8a|l`4vvNd9I73~&ff&+?K%EW$JDP_vfj0^;N_vwSN7CRXNl%rpj=SY4C1F7; zmA*#41F__MRVgTm(NGXhI7*_WX&=8& zDRNGZl?#w}$BI&Xp8+t2(GZ*@{uIT{uAYyg1c!MOXkvt14kGb1@bQM*_juLj<>aw( zTQ%-+o3_=h_vYfXkW&%zq<`liW>EGSGr!SuUWq1GC zi{0n@FLw8y{$;Sc|8)2HU%+5%IHzG7VfrV01D@|{OGbZfP*+wcXXf0b=k!Qt<>aYz- zK`vpYkOBL^wD!NZYL-QEO4sT2X2>`}uWg04c1LeDx~4daP*SQL09~o4y4tC<<9agY0)5f}cwLh~a;ir4JU2vzk`O zi@gvemy!oXNhH-|m&G_L4Nb+Se1D3C2zKkf!uMSnMO^d!U4pqN<40VjUo#THg6RR+ zL(yuIzUeuo)So(azZQ+x{N&D3BleybyD9P;{G3btJTPYJju7=N zg2bxF;JE4V4hefEO|u+OV~i8%Y-4m6$Xf4;wvn(;m0IRgzJY2Ylp@3-j@kV*QC_f) zU-Oi2&Z#sui_UIA!8nbhL6WP~ms@gxZNv8k0GSz<1wuIv+j+0FOcMXSGEY zVK_+$<2XDeQ4uZn=~L%2CnPVWL?|f;;RF;JWynSk9K^A{{awXds2mEvJ5mP_rzpSJ zFsDgw5xt|BbCk$Xj$ub0UX`hY1OkAQFwPFtX;0|^zh(PAa`P*a(mACWrHXz(LsRLf`%(0d81pG>4kZn6;y zc?>3qs}w;{M8b)VqC?txMO56UPauc^Ow*nlJ!Ha^UY4^-b`H$(0~JFuCs}?bGeVegbNbs zYD~*IUldR&zFHT6_V-!u<{PS-Q<=J>BvRuvn&AX9t_;_ZqDY-uRqgyv?~x7Vwq*x^ z+=o5{-)!04Ps8}N>U|$RLx~y}l$@R@ZAPDFT1OexB5Mc2ONu~4h+c)SI(QiSZ!1;h*D)O5VNUM<@m>DWp zgaGXIfGZQ@6gMYxwkU#8UreBAJFm3rPQmmc#y1EuxiKE3z)A%(KFwj9WOrS5*meMT zTCRNcVkBApfF$v}W$iaU&Rf>s9=VqUWa)&$NKaQ&6wj2YWjguWk(lPx9BjrdWI(Mx zM<_BLl5cC3z_$juUfuPrO^k0PUv@;qw?)vgD1lAMT>?fZCU?0!&)>eiygEC$xcKGm z`O(WSR(U99r7Vqf+p<-jGXV+lu-`Xmo55}`hb=YMfj-BgIRil;@5d-h_vJT^@boAs z=^!2D&U%!@F-|6za8g*4O2wFIZ<(A9pzBH$YT(%`v`kyx!Wc)8Bb8mXry2JN;qKs2 zp#(-y5(EYWa=I2dzA>%*v!aPfaxCvL2g8?@O5EmYSWlbixw6w_SZ=MW4%Y=+3#Wo@ z*K9ACE9X=D(*7i>wBzqYO(1}rsF`m?@eO^CiN0x2xRK<*JO zwvp`(DxY_{#M-Av?~i<{{-3KUic>@-(8*@XSP=iY`}}#?|MP5bu>a`)d5Gu3hyHh+ zLz2!Zo=iFT`ScD_v;$6(u-CabJNifP8iy!hC^(Vx^cW*L1P5mahd&($d%Z#DyS_4& z`rm=&w_0Gnig#K zzw4YMo>6V)$xV;qB$=FO1zFW6e6`Xm3`M#kHu;sAL|XI9U+0AIvVqZ6$j`-V^?Mt% zuX$NNUdG>Is1~I{%E|Ng4C{07=6liNHgSY`ISu8v?~5>=$*v>Mp5SI@Nq+y<7w zWTm{L`++-FVI(c?T1DCwJ698d)w`G1XZVG5FiX4(y4Y4L^WSIPHgv`Yfp4-qYB!_o zi}_iU!r9pa7PdOL2@Oe1UOu0i4LA9SkRv7#YM5h58$cgky-~ z2J@@zyEG+#qbW(pqclgoUtpRF9*cKXE#j8o3_(YoICMpiCmFY1cB{OJgufGY9zA!>#PLCyA#T z3Rnt7JtYq#3|QhpaH~R6?Gp0~;pC2jPfA;Qx50Y%vitu1`}f`L1tUi+R?Gk`c9sg5 zkcGNHDHJux^CMkFht&FJ_!4Zzgxq8)=-%#j<+%l^JUlxv-s!g3658IDTR?UjPa*p| zn&*X?eEG&ucPW*!QU71n|0^LF0(nE!9L_f30$vdRH`uG3|9|%U>5E7I??XJIV{OI* z9B8;6qoHI!I+CG9qI(BH;Pa_0j8Us>+gQ6upIdl;fTueCHSUSJaC0LnV8Qr*_WZ^3 z()fSA|NJrj_d%Xbj(=;3;s@$lW15%S%N9np~6EqxhPtg}d)p1Z1Ya_4nG$PkW@UM(;q;lt=nVu~n4b-PhDKX)10j1{D0z<+1 z6kax!OG6A<3J`eWe@l{AS?wE6Rg|!WG}ty+7>*oRysIw03g@I(XRMG2Eog>ja{ z$682Z>M<~5&z@RmUQ$Xp2}wKz?~cyeCcQj7b4oAZ0p)ct60k~#k;&lSW`3-wGRr$? zU+Sj<-YgG;C#&PlX~?W#)e17Do@Ji4Jr>2&%q>1tZoO zv!x$6ak}#t(FID9Eng(xTu9TslTHb_2&^J)&tel?Xr9ktJTBE=O9$TC&S*L;*twwk ziytKmM~WBt&uQX(ie5poW)<_z4Vv$OZ{(-~!2vKx zQvxY;D6H1wR+LKe7Rr3 z0uFf2$Ax5;l0;74x^iFHO3yUfY~Bl#@eq6r*4Ll@P=iLE?#*xhM|tY?zZ)JFtT7!d z)c-H`T>Zbdx3~N3QU5>0vtj*jM+P}Dd~OhiKfG_{31QvvzsI@a3z#cf7VjNUF7rW*C-xn`-ANBu3JomK!W7KS#M`M+ByJv&N z+2=`XHh9#8a7Lmd%xETYtzKo(1o6kU!q=+*&8|>GADZFh;1=RoBKpbv_8YIi*`KZA z*sd!OzJHg%QjyNP`a(TfE5&}3l1MkX=X`J>_8Fq`M2#(V>2h@rn&idjM7^EMJ_FkW z+U{X1ZN#;309#dDumjh+Uq8lvZ2GC6{~3oIjkB1cbpyeg=l^GW`_IbpA1|H{9_RlD zc{VlwFEh2+@EI*KHtfefCAV(LRLXIYLmDGKw4;jDV9u9Us0KY@JPTZ`IK48V7rskU;BRffKmVMS+34fPsC$nP6j-+(%8F$x?WT8;w%jC!ibtNvhkuV(0FoJgGS3+Hs~ zCAmR~SG6@|s10i|nWu#DgBU}GtR}Z!t_KF{D`j!h*Tu(JXRUH{#BhqDEJjp9SLLBT z&fA=f^ID2>s~(zhG2!iMNI`}3>JjZ>9S~UcEO&2V>%pf(6QoLeOC zllz23s5R>%@gm-Bf{O8;NC>(&Xx=LI4Vo9GQ;YN}Xr#Fouk|f~tJ-yBRA4{PUVn?r!-jm)okm7Imjt!to4wSSWw-FAB@qTUC6; zLR%Krro~Bgfx=A6Q1zl}bTV@j_`9>1Zy?9gmonE~xF`dDD~(_{M2V3%K9#!m31lrG-__`sWaAHQajW0U5JGbLC3P z?{26?8tb{yz4>BHh0i+Uw1$R6>Qc%5p~N}rKCqqu^hY@9OFV1$eSpH!n~$Zqf_6+lFh+c zT~X$*z0RH{GM0_F=LzW6nmlPjOv{NGt2~il1x*Z=$8i3+mr5En7WKliw-?o?9JQ_} zo{A+TD|bXSvLeV~sh>&T!5QS!VN?5i+S50vSvHcss!Ei-{@}Mj+7R$oxTu%}8xA5& z8*0aAX&qO5mO7ai1^a^n645!aq?oCSuR&=oucF#1q?*>MRUICE{J?fZ9c#5K-8N(5 zL)#mFiY%Yu{+%XuRTYyWwRxV)B|Na)AN2O2Wh5@?Y?xJt_67xQ=*D=A!g&~@p9r}r zai4$NOchE+ty3A4-1;Z3S0|Tm4o*+5j*efw`>~|OC0p9DN)t%u`j8^%%G&_D4osI) zp6V{A=FaJH@OmXK!M&^-^%a_b%{+B_aDH-d^yfoZjl^kj3m+Ulmo+YjetLNUo!(n#@8Ar6+npFFd zVlgY1xc8}^Ee7vJOBYpHN?Ge{WaZ)HtJoJgw0sg;W0=)gN%G+I4>2s;cU8e1|Ksxf z;Od9h2R~labbQas)*;_rgHL_o<1Y~Nw`nCp!^iK%T)ktEEKS&MJ+^Jzwr$(CZQFZn z+xG0S?LD?_&wTT|=bTT!I-)BhyQ(@PyI1CQuR7{~JL+nx(ub3ytDA|ZpOueGGw9aR zizkw6cx*_o{dQp}SE>3F8@)O@YObC}Ugp|agiB5%M$t3mG{Mq+Swm?MYLU444PzF8Gsh_fZW7kyy^GI%*6G)#$7_u{=qo1kiOBTFagB)y{W6LQ7?tkIkbaRBE=Q7zi zptdPknBN_rAC6m<5pD#dw6@Vdw`G`+ClF%oW)uo18)TzG6-%%%U}@?<7Prfz+&C7I zJ)?KG;@I%E;F4LoH=W3EHEo^vZDG6@#hF=s-FX))t5Rzm{|I1}l-bF_DfV1)k+N?E zP#3gEFt0SvI_gE2QKjDA^ExNSKwv*Vd^Cxa^$i)9TZ&Jtol&pGhG&@$Mf`INrS-)?X1_*`YCEacr=l#jmK97%UEXJ-fBbx1TtDNR z+D_6&PduN~N=OqD)3F}Z&8C706zshiq9}|mO=W~IF3ja8(p%}TV7mPrP&xfrwzqw(F!Um(!{cwDR|2^@Y7{c@V|`e-dqqWh!3)(_ z-sc_Kw)bIuJ*vyGrWr!zHZ_ejvAl7*MxBly7Ok-xrPnJx@{ZsTBHa8mY{QID~oVb785rhnh9<4FI|(Zh~X7d4-t#vXl+ zS+CIUL>%LRFtv`mN_(fL^yNlqE85YLfZfHV)w_w7$h52ZwrphTLBDIP>+l|na={zW zuQ@e3SvXKp2KudvO~BC=)S_+yE9IBd%Ao;!u$c<*NE~YmXXT(+a7Cr3Xv8*!KDQbc z&DzG?pt1$0XBRb9TMc{^QT`O3)@;=P<&-M+Gl4)&FM>h7)c%Ogu65Vj0}jQbk)3Hm zA45o;5KLnfD+|<_^y^d5AyMjW)0V-88$>n0hn93CMviQ2Rs)d1uhurs2K(H!sLArj zy7jjo4DbK(|MqF~`T2P0-#+-Fhrjn}2mjppTt|zwdyUw&mTyN*UU)}s6~k~b6HH@= z|14{cxWvJ3jz~2wAEDD4mv}85LDKN?u5p)D*w&%%eZkcK!O~dasZJkybCKbF?AtN^m>wsJC$y zul-nuSm;h@25;?98m~#Q>Nw(D*&13IUu(7GdvP`H>X5v^uB77^MuI!-19YeDu`%hB zHh_go249>Ee{aUb?&^3nV~|E$K{5JFM$0(+iXq$h&o1hS z?5ze8TpRj5b^?eGDEroyVXWjR9Q9beXX_~Bh!~tbntBb_e0IkILsa81jg@PDcdfvhRe^+_2T`PKRsA*&**>nkfrrg zS3g3zRllNk@)KlB6d=LF63x=!oB&DroFm&JS;Qp`f{EP6yD6?==*Z zO{^PdRLr&FVZ;fzht#m zTtrKBd5{(Hw@`n>zpt42NglEgj`RPb>HhJ(EoAw*;rH(TxiQT3&i>i@aGYZ8do$+> z+KX}ro~&kN2hUB4)dJK%wHsVzX{ex-oH1t@=09G{(o%C@&WN5!ZJ(lx-=W$#M4SKf zI;MFC&^VLk6v*sfFA+2{+o<$(4P zYyy}R>n%#Si0q4mpW_ude}2CWSig7<8CWnEoc?42sT4Qyk)rr+Gih~y=+XFa1E_}y zE#VTo1=rbAdEyr)MC5JpF+DpsrD^`jOMCi>{zCuwpO1pQ_&I0o@^r84vRK9DOvdlC zz~oj*zIU~{2bJsW_R`N-V23TMHx1i0uK!y$cdjr4SS(h188I`Qye>M*;m+$;1+~d0cd&kQ4(sF}2|2Kg;O`JR-P{oxuhZz~iP?RxL=$9gj zJcNIeQs=41=uJwRyOql_INnb?#E3K8iFnB__iv;yMm9^Tr2F=(3nVqlb(NA<*C&72f}eATnnjrTC}Zw@+ppj zhgFX-PupXwh0!X0Mi#Stu=L)-)1;*!zH+t?`AJ3PJ0)+oVd{G=V^(ji(4!5$iI4w6lK`@d& z$96Rv>NHDz;(h;z_-3`(F-J-6an!Wg1v*l{r7SqH6^>}ZQU`@E3Xbqh+&NtANckrB zHMSgx$sT5>uf-ljV6~a zF)ZiJvn5by+_BFSH}i|d9#~8(BHA*2r7-v-7){vx0-l_Dm^r_l(BMO&0<7P{XU<3{ zg)eLt$v9@EEyi1caWk2d;^_)dusD}Alc6b%SUsF;Q|CcoCv^Grx{ypYNH1F#p`Q>y zlyV%qJ+EmCU$le&W4#ZeJEL#g#3)Z+i&L;^?b2SshXFO~6k*cZD)WziVhMc}0s70f zEG!W@$t;|o|2U7_;o_*2${?*t^IQ2hVf9H=0wESoVwf#-88Em?wx+Xn?(xq=RyitC zgejiT_&QtnO~u?)UE;Ou_*|5yDrK{^TkYwW?ixT+shAbNmDMPzy(+BjVxpTUbAY2{^et#n3BPr)sKY0j#57z#feuW0cI(U(GstBw&AFI9PQZP8ro4!%Y)X2-ke$X25{#sl$;wf=pbL4> z89B9Ju?jnMjr-zdxb_kd&@)aw@+s_HAw7~xvRCui)9>wlLUST|nt>>F+If|{dS7W( zvf-^&o-pg~KWlWn(%FA9sP35)JxkL9S`uNKdtrqMPxC>4fQQ|?Bcrg+&_sHUjp8QA zIbw`5Gl=meGA3IA_SPn=TBPz%>}H#Z>UnwmC@Xj|sjBEe{l<^R@@fB^269jIB!9BP zpoKe(QCK(f<$!7tBDQfnNbda3qKoGU9S}FKhmVt|oyYUz`26uoae7)$7i~~`$+pcUd@_(saM?vmq5Nr;1b zIzF3&Y?kh;R$EKTb;Bo4Tl3rbe$~jTo2K>yK=ln%swnA^EokeQtBUN;rbt^OW_Oz1 zQ3q?j?9IZO4vl&Jlx#q5ly8Qw&3q3Ot8R^3SW18v|4_XRzKW^KXZ++ta238D{-=jx z(PVcONm)Q;sdkw92;q_DJM_?}t=8J`%bky-r-R?y_2qe5aMEPe!@=Z3(m_djUFyH0 z2xXept5SP@To@`wMr@Ong<)d-SEtHK^bTr~*J)^Ta*3HWrTC+8y(ebOimpbuIY=aW&_oV z64%#9>X-n90h%xE3! znn%%>4mA&|oii=z4yP9CTiqKfJWd`1mcd91ja)_qlk=eEX6??SmahAEJ#Y_>w18B! zw-j#?c2<#1C3Yq;HU~y4*oINVdk&eItt=zy4esR&Gj>)5sUtg+Vw*##EiR|{;3Ih^ zjrI6^wvE=O{+AkeYkYTh+rQn>Og|+x&qRfL>uPf@uGX4veDO(ROX>y)t_!z5wzbFT zJ}FM)v#sBq^MAKq@qB^h7%w;>uJ5R>jwDuHNB<)hu>Fq_Xxs84iU+=P%p}Q~=H>vDdyMFx?qCT8J8M-_r2OROA>rZ)B^esh<7)u-~hXulozrmscGyU~_Bw zsc0xtMpje$8I15j0zGH_|6@X6gf!$Kjrj;xwDuVT&50qT65En)sfE0rD@T{+=3)?q z;a!xByiRt;+=UP0@ing6&wNMy9fGX=Yb9J_uZkE z#xi9Bm;L;xmuYCCN?-(%^?DIBOZass_hG*eys|9vc>tpk$YzkJHQ!Lc9VrPhCfelu z#f@5e$gndgxZzZ71r?yc=cq-9?#&=DlpFSKFCLs=J>tg`n-ApsCAxn*Kj^3D#p7o- zm@^fX_m6qqEIYvsPRQ7O*v`^g$Mu zvC-XD!?x*0A$Ke<+M*U%V*E9e`YslC#OxxM@j!>)jvo3eBcIIu+~(rV?$>HUi`~=e zbcVTppQ@saCzIVcxfgxB^T_`qjE&)6!r1@#e-Q@NE}ZGcpl5Ls;XWZt%po4q~_%2rG#5;&{}h{Iy)v$C>V(Z z_~3A-MrTJrWZfhy`$8T6y1UEevzT_WChb=a(_9mu!kz0n^xUl%C6|QjsZ1 zvqMPmf+h!=O4u?tlgBSbfXxHh(*$3vB91X>(Jd`U-oKzn=G`hn@6Sx!W-ez1BcS@aO98UYotUzwx6uHs-cw{WVX2 z*0ykYHt65{bFZ%W-u>|o*NT5mvM3EV6`P^^Oq-)hnUXrQ`%V|hd@z!dkOrn_%H?~r za&6o`L%d}3Yfe?6?lw+z8{PQZSVvsi$hcavl$@f8QNAwaaCJiwjTqNm&A?0AIER~p zIl#7l&fNON8NB}D7t|vpsEV4~bNu8huh=k72DHCZRc<{5@$wpWi1JrEY)r7~s+Nw3 zZCasdm@@mxSftpxW>gR7w{C|BbTQH)d>mP}nk394r&Fxq^;`rdFY3 z2bEX4mq!)HqZd@E=#RjPPoTcAh5k$^_zBi(zR_MgCuXZdkAp3!cXL!KKKmty;Qc86 zW!IPgQ|ND+UI^g=-&Y~w`UsVcJRm5C-^4TTpA7W0aj$p~=OA93W27nh7Lr^`lpos2 z`9JPX*LzFVYTEcl2d$fi>g^hyJtn=Jh6NIZD*MW$YV-uFejV+@iae(*Fah1Io`Zae zO*;;i4DCjA4SzQ(X=h8So&m{U1%R^_HAK)y1_6*8cANu}WX~Ok_U5WhL6%!_rdstu z%EnxC1|H(lf}JjI?ncd-!CPE{93A8eX(~Ar%`_#fum8fPq-kZgQ-pmb+9?msbO*|iDv}>I3#)C(t!I4$ZKb+Vg*G`WG}ruYQyT}$JbXWOD#i-Bw(XGYw?VJHTVLq(6LsqE(CjR}eMS?D@NKG+tvnC3QTWO)Hcp2%z8C}M#|VlY&M9VmF}I- zS)dMQXouY4aiNfv)@esu=(hyfGx`_CM=!hR9gIAZ(EP}xhQSYfE-&qee=eNc3;xwF zgXRV>k8u`4{_Z?21NLp9kQyZKaSV)u6f<-OA`f}xkncK0VH#*s4c-A{6>@<6E-@u9 z433+KSNg`;{|VWx-yS46=K+MwEWf(1NiJmcizjjje?$2kb%XDg-RC5ToTAhKqAVmB zfjoEh5=U1@&sJFa6@`}Q0rBJO1wbgToXIlWO#V$;dM!K?>vd!mOkjl&o0ck|LC7UzG5oLFoDU%#c7tMDcy5Jd6tC} zgM3iolJ>gi0`O!7Fh&xKaC@+w`M*s}#{4`S1Q#tHY}0gxGhvPXEPnNGf7@Ap-dtVt zkNohBJ>>l$f&_}pEku-ifzv>IS1o!1=~aA576JFAD)$(ac4^CJ23&@?d2iUi)Tpq(1v7()^AU?k>s3?N@m1Z1e8`VZId(#$sJOneGeqMGI|{<<4=PG3oxRfOqlnc zCe|#V%rU_4a@>d%N(fX}ltP%uc#qu4ui*6U-5)>4oojVr>x(ZXR5WdUeNeeTjl57~*BRGy^FvrSS!N-{Y# zsNn}&XMyuo)ibY;ROUM;Ft|CQmMa8j#6+n%mQLO)IEt^Khgj6q6$!;q_0DlSgV!a6 zKn^LFdFgD7EcFSHScu~Qr4&Zs*19B5h9S?4csvSln40eW+Br(WAIwo{eDVUa`=*+?;zhi;?n#5~%k(WMA`-9*af1Y}-R%_5P#9EavdA zM(7mYtf)A84=fa6xn?d21KkMAG1-V9)o=A$$)X_*nv9S$1p#h<;aE{vs0){~L)EA6 z6jnIENX+5nAAET_le3@M;SKh;u^U&eQbpC#Uz2GcM5JFSEHouwdMW8%Bzq6U)^i)F zdFq@fp%hmo?1(@F5)Rcnhdo8<`xK@q6GMPuoJJXPKw(Fpo&C+(&pAj`-{SU5PvEQT za}!chIepLzHPmjt7U4L>97iH; z2_wvs;)Vpg3U_6_2C!O!RIBPL(u++@)gQqD=$xoXs-tRJluiN}r8F>vq`}w~n>mxU zXaxBxpP;h;;R3VRAxy;n)Am9#^XDHJj3h0YIa#SmuD@ziEgoeU6;cz8>XzIyplXc8 z%+24fp)>a#*naCN4umb?7uZtNnU+iL!gA|1=^fJc+B~ykWqu*Xg{}VUI=H9VOsl1L_;>22qJ zix~HeKWgrMKvsLdkF9B95j`=4Tk{J7wluh~6Xp^p3Uj5A%NbllX>VVv@0a3eURDSj z42+d|j(IWqlhf=FI>GS!13l|XkY_x2RDjRMTZ0lh~NwiNxpB_va&n5}KTaEa|w!F*&+Wioetq8Lz9aXOHn zE7(Hh<22y25l2Yyt(>hO3`QXT1zG-17i=xN5)LF2DPQz$)&IGG;SvlF45&p_QfV5c z5GzADV{Ue{ZEpe~m|?Gx5YLPlF{6ey3L9iPt#1`IBiH9QSERc6rRN&_?yr~Zfd2MY zY-R2YFX)7S>!fk~2(l##)ilIGH>F-PP) zBl4=n%FZ&eC61>Z_U(%-o{e_}*0Pcx{ma$i&FnW5k8uJrAX$AfQnWzZ9;PMMrojeX z4+No1+!CeXb_}72YIT<5^SK`zTF<0^LY|I{i(7|4md&pJUojC2v^Lk`+WAUed9YT9 zJSu!2BbSTTUHSouM@~-l@jgR4mVb$w8XnkkBpyqD zvZp5A4+XH|O<+v01pZspo-|WR(q9g24IR=U_61u2w=yzoo6JTjRqc=bi7T=G^R4j> z8--#ZMg-Ct!lEQ477@seGineLMG0~Kg?RA90ND%{k&qcR!eFMRf9qICsgs3AO_?N= z0zn65@3xmb0UP30^I)Ae3{j#>i-k{~AoqxXRKskDZ9eD_gbYeXk)dcj>hGq7Asc>v z8KmbIp;w6v?7IMOgWD_rn;3`2@IFb$lB232t^s8R7&xj969-p1tH9!3X%m~BE%F}q z%{(j^iSLY0@#0~^kN)~A-WHAZT=E5Xkwq)jQO2NtN^P1X6D21e;R*<-Mh!?3sI--7fLn_KNWZQQ-~0MB5=h3=I?Z3zMS0p zR}&cLcfHP)vkH+E4>$wh*USizl}Hm8QercM{l%GE*<$I7T-aPteC|>L%--T!GXpwI zBDfl$;9x7-q|?S0-1}FY2E977Yp0lEa?E@MU>1;cNJ!|~H#%e$$*c%m&LqH!MDg!q zPMFzgG^hB1-V>j2$<2u-#}$VGC+SO+4wPgaph6j0lmv-f0H4!$nI~V+#oFftHI;NS z7^+DDh3Ei(5r*J}UPdZ7`z`z}$QCVYCw_S%{6jNx39DnbaRe5=!X7bgA&F`4r!pUY zG-T@ByJcAvgU1$$)ME6HN>7t+9gC8J+I!3R`%lx$&6VxpNDxPM?;B-(a}yeFgXFo9 zeDcAim5F?zyU)B9-t4hQBicXML=0AJUIAq$=KGH|e|V@gG5xh-3e6>m6CTXySnC1> zc9cp#q+$R9&lTJBk^qwQFd*9$2%rtm{RZ7O`;l_#ri6!V-J&@O6NXR0$rbU>wUE>qxwyw(sCGCH-7m14SQk~|?DP_zvj z5jt$ur_=fUxYW_2kB!;$=9QGi=;CtE<`tv^No2PtBpd=Z#apbBE`prVeO7*i?k*Hn zTV)F{$)p`EvyXtQzxI+vsKi^kS}W{boS?2D%>nbnDPj8Y2(fqE>|%uTPfAbxxTK-a zCflPEyz&W5EO~Lyo+-?sGY zhu8_Hd>*E=v)M<}#&71Hw5fh)>5eUIcECS7nIFZ8t4%pmtm}~zBn@czw#=`*e=Vqc zS+&=cz3xC4M$+zwE0Ap$(otNl$*}j{rB36NkVnxlv+&#IQJ~wSARyrm{ds4*Hp+NG zW%s@(18AP4H44>*KR3mhCrtair0UBBe#?Go=LNNy1;v^aem9I5EG+@5r}wo1TQ@Os z0X5GB8bs`vTI=BNPni`><~cjg9|Z{?c9~D;VGjs{db&3?b6z{ z;jd=)>MW3|lws!KrYbgwqm;r>&oA0b#qULf!+SWB=0r*e%w#;KT$M>>YOPo&M%Sd) zmu;s8z0l?Bxe8#?#L)-IDa#=@<^h-Cf(}SK%tSmA1wyW5g+L-G0u39^{ z<_#vF;}0~(@m&LEviao~BF6?H&Ctwo4D>jY2Bv}5lt0wvFIX2I z2=yE&j6ktT4j{LS6&*6^neM-_AVAmT8JJZCpni(V(R)D-l?7L9V+qETq=C2Dl1O&g z3nGMI1kQ9hIwyO~MvI#5N@_gvG*{raX0~0Q1IZ?p%sdV9P~x)Fl3WVTTre3>17xBo z)RhI_M$PQ;yc%;C4oU)D7pl_)!L%lcHyvPXhc|^~pb0rPBl#u$1C;=1DSTp5i`Pi@ zT};@0t)dBQVpUaDpa#vf{767sKDPEAxe1Emigw|@6x31H7j>hAhYmyXm z$7O7+R+@j2;l7#_Qp~n?NQ|Mx z5@N)|Ke2y-?x1pUhqUt!zqqp!AUp4ovx2dJHaZUwBT2cE2W}EuF6l0BM|yQhmO#GI z1Fq4;2^SjS1N@ErylB8lt#H5&u+DM;lb*C9SOjkZn^e)LK1f?x1i0Ri44~8C$U?ds z0zEZLp>|w;CkxGEP&lGE-zu6D^u7Eo}qkfG` zuLQWOp*>`4(GyE44fLNqQ6q!4Ie14E&?`250XI`Wt=1a%0zjBtl z`f89&5ILSksh?7>9824R(gD?#N%mlWLXWrz4nV+f3LWTXm*CYVxSBN7{0XG7{h2vv z6l;N**f&ej9niP|;R(zEuuX-XsM?q`nYXi@H7F3IuWz3&o_npc|4|l( zcfIt(*2}PqHCTPstn>H`6JWafNNZ8wD+W};0PhRAEA#7dj|BTTaKwX=QJZ z(x!zS^9M6wDRgSnPehoNkDM*chk2`=Yp4td(o{sE(^M9n-*lmn3biaF_)!n0Aii23h+?0%ukn??>;ugvucKwaNYWB|r~26wwa3%XUFZ>cBH_BAHxB}70pfJ`>yFfTrXr8#Dm1dPtOOVz3#^3v-@TRsjb?LUJqbm-NdjOa%Y!TuW$LGW##k!tOR3FU z1DXtC!Xjg>0eeMS27N-_&DQ*^g$XnOj`htxg(J`-CRUveM=VBwk@;y#5C@4h?zGgM zi%Az*&_IsX6-LLWvx88Lyq$U?{-d%%2=T)p?Nu(rXe<5o{xz{L|4yGnrO;NfR+{fG{I4 zUwErJ3CC7R1=0LRqql(Sl>rg1DSlp49vLTIX) z5GZ*93w@6Jm>D4B8k%31rF)PG{W>9)@?kEAd{1{T`LScp+8py;wkCWA_WNqiO#3@3 zFT4Eb);I29#xg}sJA}x5q_GgjQQ4I&fhipi$kN)c7gT7~sjX{`sj|S~20LVxii*D! zyxX|FI{gYM3$)RQxy<@k+F~Me=w)4HK$##8HUaFa0%V@HXxg9IX<-G#h%^5g3`vL7 zxfBq6IIxaT^=-1oP*KYoea{8FPQ&t-!!VW~82#6uceSwy_a3-A5*}D~7 zQ2$<1UGTRaa)Kxg0qnslI}m1wIY_&$nq__}cEZ~*u+Ek>aKhU6+}*e=?G4!k5&<+O z+}}~cxX(}r>L8j8jCsXWXobKTJ#N+1-I+GMQ~=DkLBTeB}e5DH1 z3UvphtX)LH-u46g0&D3BM(Vu!RKqpOzFpq9krFACF;kt6hFuUtxdcxONX?*o4hx1j zsKfnrTcAQuO(8nqQ1DZKVC16CQ4lg}SMhsNv!MK%h&xIPMP|Z&bElsiOT`x%UfrI_ zpi3nJYYRPVKVnr)PU~p5$79jLz>`q8~XmNbLJ* zi3mY~6 zZ?~WsWGz`N96deE>1!HhjiqpL4Mnu+Ea6s9rd_@eBwo^VPItFvF+(Cj!llr`CTuC= zh$JczIwj=gSfJ6v5gL~t(BySe9?=elg>u4A6VxQLak{VzlD4OP*wJ(xG^P0@PlY6A zR)3LF_i!u`JR>COObmFmI6Kd%QpN&sVeLTPHLPHfJJYay;)Xv7M&s?Zjvbewa|bdI zk>(aG5oqV3xo-=!A}~~N_<|g~Ro8S8cq6av55yhlT0nPSYdgS1hLduirF$7MTQt@% zq*6dr@hn0pijVt0|4PdW!&b^&JHj?6DNA+|ZHL&zOrYyhW*U2(rA#0@TF+GK{HBbI zRO=Rc@B_R?T6C#cxKyBP!V{+k7OqP8jI`*I<4hLd_T>k9bBhh%@jjiZvC@F9d73HI zfF9wDb17-!K3!^bXR7DzBAcmlI{c<0&P^S$<3*)~PSG)LtB)Fr*u(ZG zGxKc~1ygC|zM9-3PT;b4n(4SP-*D%XOi(u7$|^If89+P3+GE&2J=s>XQ9Sn?pJ~cn zEHj&Jm@(FYc574H-{XSY$6V!G6^&H8nJ0F1pgOkC$FTr<%-);pOdKa1=U~T$EG3BQ zy4H9n-auVq0ovAVCm+D=!{Se3O;>gl1lWLfTb%CfC~6rC5mmLE57#|&9awM0)`Xb%3Tm$T&!9QO&poeFB8 zoA_MFEKG7)N0R2!bj9l9;IvVE#94WWorKOFV^F#@tQiH^0Cp*xbEX*Wfk$5At|c(@ zFThT$nuS?FwPf-xkTKWdrKcAQ?V@Xi*g$p<_oD2N@!Fi`F2a4bdMl?FK-ch@oLIWp z4*qkW^Agr@sGP;v7{kLa7lxIR=$n8X;5kbRmJTy&0XBt8Eh$*nN~r-}66~?0WLG+%`gl!p z!WK?@&V{efj4VxXJ;wxeX=2;Yh4IdfEJc1tha&nU6w5UsIjd4Y)kLEvXnXk7QaR-a z?_n8Ts+i6bp|oqml1XJP$R<9YI;+)$Dn64M`Xm+0HGEzh7VA+Z{909XiKa~n_Kcyf z)0fwY?++ZW(Zf(j27ib^vgxwa$!nCbP z``-hKRO;C5vR>KTi!Ru)62|M)M%^9Ta#p{@=I`uP(m*kElb*kv7}YA7ypmoL2Rane z#+wV{**W2MFXTB7PyyZ&XVp?o|D;wWFLlBlv9s1aQTu4KwmaY)u(NhCmrFcq^BpJ2 zJZnoFvoen{mr1?;yHAzo6w|KD_6fI~5BHyOC7HIhPQFdev!qf(xBy1PeOqGpCtWeR zrX`5Gc9fuxV*Rz4yR}IWT%e=8QlPQtiGt{WZAx6HT79-wLKaIjD{n1{LhQhsVI`qr zu8{@N0os(TF0{LBteh^3`6{cD2)fYiva*OhB)e)-$T>jQc%)H!NDlDhg^Nl_44rrf zE6Ge;!=tfMSUtr!F9{r6w9>zW*VjcWvqOM~+WEg?cp2)=Y8eDVY5Jk2J)38=< z6y7IUO6+dFQ71O9mQ0HT{5HJHV~!M9J^GYiW{wKccmv5@4z_O9=JK!w`n7di{MC+y zGQSTky@%`#_?NLJMR^g_|Az1pyY_+l?kS{V<4{@vH*aJXR9=)U7Ga1ZIy~ljz3Tw* z#Cr_6r%Z)1t$D<;{Sk8grj)z8=wB9i{3J{tpTFhy|S)iX1a%ZLS17x)5$hh!Wjndeo_1u+lm{i4iqY z4ysO1l?y<*rnABMy8x4E+RnG+g7){P`K!twC(qC0r*76Bey4k)&mM5oh^!ptU?w#< z%kudOttSk~f!ovF>vJzBOea3FHa&rXrz%`qU{r*Jtx`|9y~0eazGujpgv`VIXAN*9 z_r&v*ghT^je6e^)7?-W3M&@F?6)8Ex(~jsv^7eIQPpyzFJ>JzJ+T75B_Go&KENd$m z2jurWJRVa?5!@Ljz^`>d*pF=K33e;p3L(?|+Mioa5NBEK)}F z9vX1$NCok3bPz@}H8%|6pwFujmKq2*ac&|$@CF(6CumcTixw!iE%-w&PM_WsZyLN5 ztEAGoCfCVQ5xUrWSTwV_7S;tz&n}8D$@+m^L;Ce=FN`^Ilq+IpL39Z353jdN=qOqy zLMsk{>P4C~ct)s!i@i$>1S*!9WOA4QxTr?<8KD5W(KEr4kz9ehyMt;uwaiTcrcSY< zN5=qfbIWnO99g}>E0jSD#LhH$#NYy6L|y`vsshrvjsTk1NB0@88{CwtBGb9(0MZFV(UC%O)g}P36K1>p`2Ywt6GEzs4}_UP^fm6_FVa^lXDE9!xp@AEL_jytzRqW z46tHyPu+L!cX&q~kD2se>u9ETR-oPEqX%t#WXE3ETL7m@VN;Tul>$8WY@qqA5p^c^% zoX?nUGVPIPw3BNk;A_HQ`RAEftsE-=z7u9jZ|lTz1=y~zT+#g$bO+ZmfX|q1GYc5s zA;&~&Nyn{lZPD+wI44&r1NZU!%oP3i)^(9h2OaF^;E8}%CN%${&~HOV1%52wL845C z?F4B23h;umjMmd0Hq3IGF}_j8*pU^dnt`)C4fPdw#yt(TE^SlGU@N$QT@6&@-dfDd(Z6*(01C9)(Ud7p`HuAhVV7+7`_5m@j*~8XherJKHB|z!GzYooSOL!9E>sGBbMN1GN zx|Zu!nB*DT^Js9O%!b6Gu0@(cEYaE|!dB;C)Lye>0OzfW*(8tAz&3Uo#Q*RO@*ZWb<1Bpz?GP zhWAG{RkpSvi2o| zlE|1|mkQW%TvjoXla218awX@f$WVgSmAeQr;Y=fr{(W*rN7t4`F1or2SCKxrt5Ous7`#A(O<4+xdnVm;$L5`s|67OAtE<$)zK4l#2 zsf&?DP608hFokI$6@%+{0S4`FXLVj~66)G5avf z`4QKt$0_*8yb5I=@krTu_K1|-u1WDe^n_-Ozr(|G=35hGn36rpWy z7{ldOEdeAK`2+ec>#OC)_pgrw;(^fxJaB`IB%25;5+r;tLyP7ONb1F{%GJ&7xJjZu zp?TBGg6qbKmh)>tNFp}Oe0=C2hLl_*LV6?^{k*`g`e!o?3Q+DA0s0}ihovXDUjejZ6+rZKvOT_8<>%+>q9Iz-q7H_Oj^>7W?1_U8ju^3bIG&o3@maM1cE(S8PACZB8 zLe$ELlZ0?im5F>0c$E(^MCT(9y#I|^OH6%22I-6@?#ZaK$TtBr)X0Z!a>4sLe4u4) zZ^^YFs>mwmCflMUB#=<0`xD|63TTt#i;6=|2%E~OTC0xDtKt%7+Dvwg!_w2i-haAV zhBz>k{Mq!&o`Z&jLxZXyUe}n_t8&Eva!)}Wcw-wl)epDVBfjla+iM9FP_TtoiW^kp zbdsn{y){m$BoIhLhB74DOU5<=lGY4lauN43v5za;8{GT*z4y)S_5KJPo5!ar@Tbc> zL6W-lGzs|L>l-*n?IAaJQBi#2g{$W)rs{x*yqaD23n2kyQQ=f!S?qxBZo#gFr5vR> z6b;d30*Lxnjmtxt#rghbULxIs$m(Um_(GCX9naZdyLCO|z!$DcMEg7B^#qPu_E7M` z<8(<*YBm(A`JW?>Sv7@>7jh^t4mlJxz|JG)lOZ%IlH@)uXqhvzKqzy*8wj-2YipBG zkJlgVSkIVzH#=?peSr|OYz6(E0rsgr&>#XUz>GAA3j7|g2m&4#5CtXZMgE{U(hun) zERSvgWZR&C!35YQh;pw}QWLE3#N|i6jS4SG96m4Je>Wbdd6$Vg0uCAFKJX}8ZIdj0 ze=ftJ@}@cPk_4FGDhto0$yhQaG5Y0DUnFxa_X_YWP*9Ep(Nemv1e9_17y&hD z<;)|a!sAAXa24bB&U^!=rOY4?5=o!U{*W|6#s$%-}pn)T} z>oNzR^r+foCQ}6(PBJjY5II%E<30k&!A6cLBV`0k&j8sG*%MdgNnt_e;gg!Uh;txw(f!)H-P`@cx2PR^kj`AO z@Eh3*!i1ER4wbSEX?+)shx|*#64Pu<@fE+>hDdHysG)L*Op4*p{<&?JOzr$AkG3AR#s^Sw&c0SAVfBpeY|V$VAILg z0kM<;A$+Mxrj6J=WEw^C6L22EY-)<7rDr;71uUgHJP4P%0241CCvf}(W$53_BA6dY_#(O}3aSy2rB!2+^J`$Cy_ow_xrgyl;#^%gl_>gkfXO z7hTQE4_F~egh#OdLx$1#6m*I%@d$A zAvsYS(}vfAkR``Iwbxhez{|)fptf)B?$rM=jO9EM@>5j&bdmhg!+IcugswPPuUkO= zX@y_(=lf;nuwGGmZ9IbCu-tc_Kup^|FhQlSm9DJPj&hDZwgV24Q<>$2cFloIHF>x+3JQmW~x>&6?g^NWd`IKttIULquus$VM|c}UXI?wq9`h|8!`hULz6;Z2U*(^byiePP~h*^cR7qdXh!jk%Z%I&~PUCBO*iX1vI=EoZsYDL00 z$(oKOlYkXw^iP36h9l@K-<3p|WMWfanZdRErcUuxMf}6)(@APsRe=VZ!A;H+k4Y~z z%yzY5w%5@nT4aRGkSU9+I*j@w6;={fs2|M1?qf3LS-YCcpy6jsk~@y-cE0wq>k|^;cPYx ziI^}3^BB*h{0z3KLfaZuKZS5_gn#Shdd>gcjZ-vCp{@0>!{FDMNRXRfq9WmRI8&GA09rsos~2v&_5dx=8-p2+P=9Rd_-{E)@bR;%1rrzrk}U4ogD;82}3ZMoDZk&_T> zbFHSYPh8o<7(S^$rRT5app8jHI1YOgcG*o>=3sRvB%F3(fG!ncMuaB%KgDB?16b2> z@+61;f@tbnxPf(L3?MBt(@*xfSkFA)mZWZ|ToeGgV$Nd1!?{#>Ndz>@-1ImoWMr%n z58UO<^qq~q8U^tcPA|a4SZ(B@4vKeNrjm2VwZx@XnbaQRhnvwfvOGH(PD^f?FD&uNx=b?L)~+5E7X+bqCb&CWhBG)VWj zG26(3V5!GE5K7SDWXdi`U|MNAS=P75ctAcq+pci?c|Qw@{H``E=LeOk;oKFWlk~n> zS^f>Vh{z=p37`3rt2waVb6`EizXG9B$89*9#-h~FoiH>Qcms*0*2nDAEEWkTSlv!@ zb;aO_K>A=R>1Ws@QO}ac?vNyxghbsbjTrChQAC$T-H=AJFTD<|!Xc-eP3@!x1FxUX z=q=N$P!wGo3S;7f&2h#J8Pw#(0mSagfatFc5OQH%U7}27y2zPs#mKa-{&O&Um1NzM-UuA&p2%H#yNk+l9IM zmA~e0^BtDaY8{S7YC$@9U8~haXWEQto||}5{5(UK7#xE*@ul3gjV?)ge`qdq%UTK# z?4D<^mjnl1*$@#6$jQpXnAW93r3uZKUr%}4hQlnkrt0>k!&N*9D!wOZGWNm;T4h@o z2g6j*SBMQ3;Y=Yb#t!*Uel!ln6x1s9H z$rZfU9A3#bc0HNtoM4{7_ML5`h+VoGY!37DV6e(qd4=pSUTnw7ZOnavZn~l+;ad#~ z3*o9N^)Rk~#;hLTZX*Y(GktZN!YB7;uke6(8%?l4L&?iH0ZBW^i`2~@18)Nx0;h@E zmYH|h?t>()_vR+;R8P0oa?Zah#`)=8gx<0XG940*2D{s6r@zzRRyxqdj=e^elnsmq zVK_%4seMjJP-(vpfPuu9&oOkD!syc+4cSD33tv;9~f@z6YX_Uh1y8(}!N9qN~khc2A*} zUIC(sAmK=AhnQQ<-GJ=XyVt3F@|}Wm7oBP;#Bn&iB%D}^48d9jj$?wkn%4+lFb)^f z!W}uX^LWue0Hk3M?`C1k3S=MnlVp$)c=%sZkds4GMatt}nO&DxB<6|7r|4343 ztvX<^%G|#K4CHb&5V6M?RazI05H-Lv*T@Iar_b_ufis z({5I6+Uq@{&NRAu8deLJ4R935njLSYY47Exy}#15_p;O8UpVbOJ?;ID#3e6V!18G*T;&}-vSE!rwk_!m?$VT5N+`#RFuD5WhFFw8czsIK^ zj^F;{^U24fhf9mKU0P(o>fBklk>V^`SD~*uZZ$U`aI0>w#*CME`BAWf{c|PQE44tm zY)XnAGA2*FvFbCWkIPdJ6QqeiW60pOh2vOswk_A$x)^lSOwVZ)psknIU#jDwL&=iP zBX$|7HyT2v0sE-h{z#($eCPl1@kdYj#v7gFA0L0zxATGq5S9Yx=<1LYd``F`dg;CS z69ldZ637>nTy7)5jI+EX!);A?+bEeZVb*D1b4yAFLq}cMP!GMrJfy@bE#LzIu-ioe z4b-DY?f44e{}dQ~#yRnmaIS?nsdEb|(H?XerB|d6tS8Dp+-tRtBlKVOx@j+-g<)^- ze7FDI-?jW5Qw`8FgIiL6C8Jp=sX!Wgz?F0*bryBM6ok(#+SVjR;aS&N|3Z*?%p zlATbmFFq9Yz6+Uf7?q3=1vfzPI%HTs~o`K_%a16ZB;4IM|mCpk-xao`=2<!d|l5$(( zsJrl5|I!^O9|Yh~v2_g4wGd8PEgJrH5gP9^>O)sH%wG>*J$WZ%V}i!)f^c}e;yNATC}_dM zVeO?_SdRCnhjNp}JQLLNhkn@$W)OH-zK${a{eJ)1-X8q7-|y%DJLvE1{%Nqc|9tRl z@A+V7_fP%7{_g(HpHP1tgD)yGkzoF({;N62*V;toT#`td0qTb&4%)>t zWMk@E$Bbddf5B@Z{j$vX`AQzUc1@yna^Xyrk{y*F4KhXc%D34Go&u7TcBXoN5^8a?V7}h;jkCQ3k2k7wR@aUf) z(1K==wcE>IRFDZ*#yvXj9lg|+V;lu0a*7o7A3Z|^8<>%jt?1D$?v8oE~veFp!=YO!Xzu(WE|DFEc?(W0+zm4+y@4ct33KGzS06gt| z{n~2DUeE=d9)QP>RI{as@nR~0>rco5N~^WrlVrxFLM`=Kc&L7;P;BlzjBfq@yLmH= z+6pN>2NPAW1=&FxZ3Wa%Q2U(B+o=7+yLWBWR_v>dwn8cr)c*ePeOvzTf44gw)cyKZ zP5SrWyZX7`q7h`17)%(P1TVqw_tc+|U>4G7e5~>{tDj$~>qO)K65AUQ^9~kl!mpGf zZDelqLiU`@576(wBk!Ed(buo7G~OrE@x`T7?)+>#cHM}ia#bo$tEXLyGd;<1$$yp2Nfel$FNws812kxv58dKEPB0IywU4rco83n>f^1@#QuA$;J)CMk*bjtH zHNd-@w3juzca4p+dnONi8@1JGxse@Io2S-9M~M7}AoaZ&Q?DGpHlrGz(;*23$@Z%7 zWtm=8i%hQ?-ZijKSj<8;p8rUe0KL;F-2nGDfO2E-W}2$`BKJphWu2?q*(cs67)pE5 zGJ(*?EHG%+lmCtqx;)y&EXa|4pG{*Hktne!ry@Ej=l3@9J}OlvW`T~n+=d_xPH5z` zQvORBV0HVGbU8p2a-HNq%ZY*?UK>4byfw~h4TK-t^`e6p>Bh8?mwrg=I*@Ry1L!)) z%Y3)33P31nS*Vk3U0A)_g`@+z;8 znrtDBa~TZFf;ru1PyY*bI_L^TG?D@o8uYVdS`)O0C1{IG<7Dn^aVK9D#hgaT2(@t> zd)dQi8y%oO!=x-a6ozy7d!ElcJ}2{S^jJB3AG|0*hWv~kD+UM5PPZ#%M}>i%lLd{h zL-E`ioucfLSz$TeL7TgXMUU?T8Wriq=An^fi|XGFM;t82??F;tA0y1j&G()WrZW5= zg%K{Vt8~jr)wg4J-?_)PF_F4Hi7FvbD{{HU#3?uA4HKrO9POLoLj~j72!yERS9cg8 z8nB?Xai7~!{?$lp(ES}cpTU8d?|9u?WaMvr|04%Wo??3DBDmB zooYZnoWG51=N-B8{4s6qnO@8Ql|8#OM31tb5gIWH9sP*2m{WK)Wc_?p*g_TrRPY(N z^$cghm?U1aJ&Sb)I@@1n=LDHv5Prm_G3Erd|7+mw47&YxQ9h~01FvH{1d#!?)sVf5 z!H^_)(9VLjs&3J!xhkx55GK9wW>Ctd>uU^0FL3&Ci`ghC#MHnt3ef`-+UW{Eg$%=*B-cx z>#T)YJwWZYS^WF&50BDUj15l}A7XzAdUJiTNDVkkCXDN(J4=DEuKD^vdG!8eQvmur zSOR|6M?DiO33XLV5MhHqjB$I2dXRpZlOUHSQj>4 z-*$W?TqUeqX)`V!He;F15Gdg@;M*r@gf5*lo{BUdS3?Vlh&|h65$yL@qbthB1hZa# zk%xhPzL`xoyZlOVX-CZ#|MwTGVBX5BU&uwumvSvQ+~5f;<1T{m3&Hh*k~HfxLif!_0iRnObEWEcRH?Wew%w8v!H8&7^b-QZ8yH*oElkh8}+mbb%$8r zf&@CKW*Q@O*W3Mz*E&R(c&?JMn85nQ+Lu^8SGA$s0yK*f8rllG-mceI@d&aue%XzN z;I<7pqO(ln$W1QR{{8FMHgW^^>*um^T9C-ajtv3dI2n^KaNBLdJR>%OE9z189MIRV zHpwOQY*LoUb)OUU!q?QL5&ExPZ&wGJ(Mg5dG)f2`VPB=Kgt&2SmE6T^J$?ECqMn+x z2#^~^g@#IS$i`0un$n0)XHnU1Jbl{Gex)<(ICIUMKL;}H-?uJ4^}B!lcjxJ+|M&IZ zPrrVB+(ug&@SrP{FdZY=xs_kYXujqB-{SjUH&n`M7r+bNf9^cr$-V#F84R91f4Kj> zjdJVvzsPc0hpGl7QAr3S)HNPn7sASc-!LutVvZVH(Meol- z{$D#+H@|nzOf&N;TtO8_P~9)zW0NaNeRN(zvI}$!=x%rD6l8t$781>FrGfqrAQE;K z&y}6)WEO_1l`vO8otncKr`2;u(u)0+r*g1e{cWdHb!M9!+03jQ5!(4(9wC^XglYa{ zxOk$&F1ZK5g;6(SA)+Hlk8vzedy3=qEudpVa_8^@;W(B%oB7p)2=3XAGsv|}U-^F0 zSE$vtr_7^b4bu!}>o4(U!(p)zE=7zj_hquvaR<;bj}-?wNM)vSg=P``&AiH1p?e{C zS8h6)*{qKWkP95nFr@g<))cAo7%8vjs2AwN+7EnA@n3MrOXjoqsOzu3W2`s-&g}Q& zQuB6^E|k~16*5t(<)-x2583iFYBZZ=j_S9jSr41C(ezVk z3pVE!jmC@f}mPMv`v z+Q?I3^P5o1i@Z=K{K9&}kPUk~yQBR< zKz6^w{qLSV^Y_W9KOFgcJHy@4^WA;_`R<_qeE7WI@97D8WA^Cv-k|$>Zx7ieW&Ll? z{@)h3-~6Ss^^2$f^}pPIcH#SB_rG!XKfiSU{TKZ${h{-;BU}8XQN71!4y-cTiNTYD z7uprBqM}s<0uTPbZJT;;AcsAUfww#QCQN_Tf9Y>0Op;miP5+g@pE_}FqntkNMU)4UH)11%BV-bD znwn&~bt;X&9m*K?%o^2u%*aG{5{D zPeaFl$X<70eIEu%ry@k7gp5hys_Uf$oO{ppVM6R@36x2neVW(c?z$;LD1={4iSoF zU#?+K9yKYys;z7n#*kGD{kb1q?`{by(;dA67TZiWL?Ee?1kQLIE{ ztG9cdD9`SMOF>n83`#m6MWhe&m>{^%&OSg{Oc;#s?}_fEt%S)%C|hjiAlg>R)4%VQ zc8)K2$3rH*dbf84oYj2V_0o<)ECf)SYr*q4*V~eCEjF)x53vGxZydT7xITfziV+^e zjkI=Xa8hmo_5ASq6mqDNpd}m75%s0$r4o;l#AH3yfN`6*-jh+9Dasv9QYuLIK9l>_ z(?IS$vK!iUyIH)svhO#lYsm(PNK)m+>8V0}F?8Blc)j*gGpg}YQKV{u#gAl;GF`Xx zfbheaR8!PdIG1F;QL_crvq1=xP;{|BCGCz&-tM&PKa_>?zm5cXgZICCgS~wIzvuh= z5BI;fQf^=VcZ7M7;3&X6(3y412#`iUQ!@>BTpHY1H7dp;t@r#cjNxz`@O(DsKR0YA z^FO`TK1 z!D+y;bf)(enYguP_)bYg<4!?PFW<+~sIHlvlpSUEu%?OGMN~ST**_&>XSS}ie!6+t z7G~cv+g8}F(k^Y<$b1f(I>&&lxb!-kP@7Jtvjj4Df&ePTPk(~2$*%1|8hxQ-8N0EG zr6?dS{A`69YLX3WTt`rxXz6)s()yX80K7ymag<1XJ7g?I?1FHlIx`8wm4RNnK2A-V zdOJ@+BcC9eJc00+b9j>z8iR<@?K#2cZkF+FqyLL-L=xX?*{t=@5uHjgPtQwE>5|h# zrE1O*UFTsdZ>gHfpOQ@Fo=i!C1Ds$DI=wU1ntd6B*FjDZoMp5XQ~!L0+l>W5%RA@_ zY~26C)3B6Yssmg{NIPc8>k|3piFGG^2(nH}wJg=Svoh{OsV)oUe}xv;5&sv;|Ihn_ zy!^j6*n5!wZ=>A0|L3bOv19_0@NHT1-38&C z21HUvK8t+xY#07Xr>C>gh<-usZdK~CBTl45sqS=PnsUzO<_~L;WjIf#uDI!<1!$oz zV_gDY!S0_$JG&6|ZzF+SAx`2D`vkTB(njsi?bR2BE#OA8Fr1^`W;m4l8b~<>7VAmT z26~73i5x@DT-bmQf=!8gE0bCcmDwt!Q>rf^k_i=POM~j=+f!K=ZbD+>cf8i|$h-wn zo!F2T4(w@q!2xiGpcQiRdbag2mlX?!M1v>hqs0|dr?NsLxVt9A$C35{Zj7(aJS{j> zFIk>z=bHI-=?UhsFw>hFcNt`>7x@<=p}M6akw4!^T&y;wDr`)b=OCt0LF6#{Dl)C7 z-{oit6#n?AHCcl_`O1x*>T2fX9u{ZNniEr7YYoT7f+ssv)1y-=I;WE_`+Du8RNCvh zkJMopvP<_>9iXC!CAUz|9GL=7KvWQ`=`2iWH?8ETm54^jXVW3PK2tJb6Q&IPlyGKu z-D)hC;K47~=hC>6kwH)-{o>Gl4){c*AZp4!%GR0N?g|YrJyTvu)Pn*Lz0OjgxTgHK zQ2tM2^RBD|EPDU{?0F&o%kD$|_uDDoF#o&3EVvmZBIyCAMr`;i@e?$}+A4_Am|l_r#n3`}ihA1GdADswNo9?A)<*3?zdvoG_LNK+pUb~@zI#L4s9hMcjoSPDH?-X` z9jaC2yW7uo_t%}u?gssxJ=3B5pZ1jcyy?7mas%z`KfBJncc1TPy4(G3ulc;i6o+BM zdGF`oy+5c1P=k3t&w=6jv+C_D!kYwiHeGSzy0^8>e6YV;y@Q3RhuFE-S%l(VKZ7a# zz3ZX4x1Yh3{_`bJ{L3;E-^osVum9KU;dr*YXM?>ZaC~Q}neSzX`mT-)G?@9bYd8!WRs|8CjRk}Z`FGKtGls&=ewHKKZkFf@lPh4mdAfm@$A&(EL#V)wN@&1QKe5wsxr6#taI?rb=5_$ zGC%Ze?4ftDiovUVq~&bPb+6+BZr)kL@A}>nJhYXdtL;;8A&Ve!tRueK@VqK)rqZ)n zL^PdI9);A%yi9oqo7hNOzs^LWFP|;&J6eAB&o40#QU`n$h7V@&7aEP&LD>T!9gxP5 zkAxG_n_?QJA7B$7nboUt0j7oRaAP>7a6AS_b?qV$&Lt_oBxr&!{$#g7_b(b1u{PC*6LOQpiI{<^7aR9=qk2b(zIgyK=N3hGE;chSMWRUP|F;fLVUIsVGl%&dIzH(K&ZAFt0*$R668y0-+z;4}|452#XZK zO2fgub?zHwB||Tu>Eh!Jduef0c5v_lc`%xLY)ei}Hq&|G++@}vQU^MFX%eGy($rNa{Hk!@qjQx>_ma7zKxOlt3(@f_b6sV?K`n3J|*fF0#wQ- zQprKAi4$$1rZv;ZuS07d<`jzO^Rm`NM(WC>yI z{NYh8P(Mo#u}fcFsZ4@&f^`FlTe)=;O#m%Wb;Z&}?|SGx(4BDZkfI#8^okGRcxp0L zgs9#=O;bfoe08m=m+(Y=c#BQ@E26E+PW3+WXgY4?YQtz7ZBeG4x?W?tN1j( zAunZuK=wOjF#}5?Ab&`i&oAvii(lF(U_>Q&(nQh9SL*vOQQH8)%q<`NR!^;B=POoT zQQHaWQXXEn!C)&5WjoIX+RMew(uoYRks-~oe&L?wsvtv;&8ylIhe+f@qnG2o(H6{h zn5gKmEp0Q6wlkxWqvC8_VJZ;cc%|U(#Z`5STk)|ZGPsJkUOo{=5nWe=_v*QnQk86Q zC{GL9xy?UKxLwIs$Sw&-Tar^9hVcZWL8qhsd^?*GPJJ}!psiUP7i(SVFzKJ$Rc8k3 z3!l;gC#Y&b#^lR;<%fG1hOcP?=EwFgzx?dL0^*roNx57k9PKyl+>IOBwvb3`IOppM ziOFm<3Q3Nj)vZ&)z?P&1QCvy1#zvi@mVA-*j9OxE~$VQ_yW;HXQ5E?oDmbW0@}c4p*ZKVmI^)2 zNBxLNQ_bmIQQQr+D!7ZP=;d2m6PDDX7fQEg_pR~p!bov#=f|5BwsMc~+|jlw#4I;k zuAXwGjFp!tyzDj?`^i?wP&Z9M%FeTtRW59o1)7lkv^WaNrMBo`6mxPx*-R95C+sTW zqRC-bH5VQBZ+3c@#O_7NZC0DZc8ZtDHV&i?+O`2OP||KqKcZ$ST}fN*>1 zq3)FI4U+Y{iV2_KSSTe;_$;>33iTgCJpqZ5x;K|4aY0ZvFh~j4C}`J6i=Q{ueH)h4 zMvrkE*9XQc4p>wv3+^QsM#CaJ!hCLi*h)Vz75Aj%?PUA+-`i*_VgEnDBHgf)vCw;J zJ2C`6i9@vI<3zUBzF?2N_awv#y&$Jhzx(y8RoB|7`KjGOTRPB-f@7vtTaVVshGr_a zfXPYd0o-H{MPpaqa&}=%-_@=#y{D}=FiWiLlq$uf%~4v!W|Nap?wN@L7d-&hK9Nf{VG@_srZZb?_ewT zWDOMq`m5yASH_#F3t8dvtnm984Fg1?3v_|Ga{5vJ##n{nSh$fnpr~CmJ2Rbktu=q~ z*5tZ!?9T87eB$Gf0&5ZSACMwis=s={P7AnJJi>zfP-qIgv71jolpn)Y&MSLM^Y>KM z*h1=p(?gvS{TTjC?>Z}csc_XzQb`;x!!%b{JGgM?YTZq&_pJJBsUueCIJGXz)oAA% zX9vA@_8y}AiUoLD@^1L6{O~yEj*t^G(vb=-+)h8;5=W6(Md9G&f)W*&Ly}Ie@3h!R zJrGoOb3`L#M6Smb9w8a$Y3phgH0Un}=MO|IH3CdNwR^?o|&&hm{#Y1r5UKSHGu7HD1SV7f%KocRu;?Ls`*V`&CRP^u+6G%4m#vs4|o-xLS+c!yaOo1 zkfRCl&&6ztu%ij-?P(h=3Bom?r^*55X?l;fb;P0(9lycxws{vZVjMD<(g?*Y6Gwj= zkuMTXCfJLKT8g#=A?VTIyWQu{I*TO=Ur+dho~?zensK}5!cB-*lAu+)_ z`_JT-ZHD&pP_A1R>VKD*%QJc%6>x$6_iX=p!Tvkge|Z0WE9KVpzn>L8Av|QW1kEJf zN1TNrkZwG#BhnTXb^Q-`T$3;HJ!457O)l-ty)%PY)u|=aJUnb8Cxv@Q=eW!#P`pyk zfoAe|!A)9|!1tx_T6lg!l;w(3aG}oK*2&zaGe6 zWSy^HJKIRhn30Orts;ekp9g2rIGiI+LHxu{NF=GoQO+Xua2lRx z+Si!@^M$9O0BMo0Q3Fw75OA!bu!jD}|P}S@e@Y{}}i;iai z5EHG}X%Mti@MNC`7nhjY5(=N%IUuKw!Y&kFq|Q_oPlL1BNQ*$hoT&Jc5)lg!5@>76 zpeByclF)g4uC*!9%az8ToyyMyflD@!M9yYo^^Pe`gBX$v$TtxsG(?zldI2PcWvPsw ztB1^aN7x&Beu}2Kd70fmcwzUfTTB^l6-3v=L$`FjD&YsOVhc*~#55{J6b+hVlQU9P zonV3VtjK-;XStsZUID0&oU)j1z6s|A{#8Rj2e_DVJ~x>&h!l#Y>Wu{0q8g6RCMNN zSMO3~Bb|BZCy*x71}8e&rN&KH0v$2#2$>%GA@g@8Hm|U|-Ht6mYzpF<{aC?_eh%|95Bq*~9(st(05W|MgQrA_YfqvKm2aj?khi^P zVyV1T{8s(|I#qxc(*UD`=H4)yeoNk1m*<6Z_O2!a!|V$UDdux0j*0SV0mTw1tG;7r zJQwq=mbfiEDke~F4Y~RTWMkp9yIB`fJ4FX$^05NaKGoUE$60e<0hih;id{DDXk8nx zPj0%D<@VlCxAIMIz8P7CyLJ~`-+<~JF$=4Kea6WEUX+)|f+%xwxh~wzV`R18OTpY_ z1xA9fvVu+vf9Fr1yNCsQosByr~kc?$n^62wQGL{N$-sAXBJwi`9aKz>uG&vjGNK1O3ph9hY&sb8SI&$YzJ2PrYKa%|# zH*=?tnf`fU`^D;Oef#(75Dp02BBweSu%N*;)>Ic#fu6v z6#V?E8qJomm$x^pqS!|4hK+oAF=jL+r zHn|)}yHhqfL6Qb0xs)s|GREne4Uk^d?+TK1ZCb%KTHy3V9&B$-g^l&u-az;ou0?HZ zFz;1t0=nDHw!P^^EV1va+TJR9xvuR^cYDWeZ;dT9RTA_~T4>g+=Txp?k(tIhP%D^e zZqy`Nr;=>$)?D8%YPRg=?V{h>z_Xw%Xa9rbDoY0fS>*rqY_H(|)$i{<*#B;$d_()+ z{Ph34UcccllmF-2oBd#sH|qHXBixXgFAvP+jC{~~Ehav z+pDPI!-@U_7`48&uUCe0-YKinH}>>W2>9UV^=)iT3whr9EKTcT{EO$jiiQQ9ZnljH zme6>&SG6yd_HkY75_EdUZA*=f7}cWNO`0%n=6GG(a-q)EhWm4si_sgmo6SvxmKxra zAJ?j7Df>^%L^9@NStHN_|F6OGg8gT=|M33rcFMQ2|C}gfx(OqYgQs`K5|qxV+8mVD zxt>kP8S7>YL*)Qo$~xq9am_F=B|Vjzh^%&L>$~dL;$9`SH@}M1(6L|)M^~!xE-D|b z)Ue`Znaww}rWC7{Lbh7XFIKPCYfH|?nnKJJXOT6pXb3qQxfB+YpQ?8H=HeFYS#fuRvAA?S>!WTipqHd{`Cb=vwPt$fjux*@@=A5v4MvyBH7!7y3Y3U* z$K1t-x_ZmnkC(FlauU!L5`its|FzeDmb3p3p6@;6|GJg39{cY~2H^J+n{MX$uR_#2 zWBY~aRGWR_^YtvgYJ{6H_7;HI%q**#HM7W8I^1PCIVW@B#ZWib5u_f&oc@OdI??6A z&YULRg-MPH86m1|*ol-d`P|Lt0Xa}}>u8rbQFIozDmEa$l`hSg2CK~Nm2!0xKd`*9 zxZDe@=p-0W;Tj*80+lr(E(VfYwJ~@yv;0Yr!&x#}em`weqeazcf}AWh%{yVuPwUN6 z2wlgMFazys3#whaoWB`b%Y9jso#TI&!?qgVIk#rDZ97YXD+gZMPtF~E^9|RF%utHJ z*753crm&pxsl1PCYG$g_J85!K98V>WH;R~AePc+2MMg8u8`QDZCWTb9{pxL2ZQMPp z2ffNpZf{{!3P3r3=<$g#5EV+EGXxy#lwMk9K!1OM278^xJ5efjTm%10`*Vz4F6S{s zJ*P@TCN5TYx-6ytyG&^bE5HK% zfA9HjUjN@6>_5E!yOr|o{J*q1EbD-xKO{w6U&-!J9}e~ri$?vvBraQdk*{qMfWuGi zDqY_?GiVX1+wW^Jxni`zdPf`B(VB>SRg#{{BV7ucvLzH#N9VQy#SXJKt1LHie3%d= zis)RKX4WP>qe&L2S1`xZF!S0mRrV_EDXCadX-_F1SD-P8ApLL9YyQj())BVdtL@hvs$L4sUcaeFa`}| z<4Pq`n}si)@}#giggvq_9`5TGaB zt`v);y7l6*tgfkmoCS^oPikQ)YNWgG{AK`HfW&q6nsWKyn~-oy#}VUX4Kn5e`MGutk5EL$%D;I_85Oi2Df%BB550@RIbspC zlv6@6;V7gL@mk)?)6b`pJ+&U8BfwGg@#qunjvqq^$vQ7sq*JI9Ru_P%9%}~h3)JH>-ToMx5iKup7tM%v+`tbU1 zFW&I(~!W)|4bziobH^YThL}kNhCK(JTy=Gb3C{n^x1gl5J4?pCk+!`kC=CXsb!Q zX6#(THeqNc2x2piaBLlggcQSL&Vm`-GW;*}fzQz=W$r;AaP*%UI!tS$Bb?xnjnj?R z!0~)G?U5)UJmyr8&Nc`#=?{nm6gprdyPqZfs?9x)5<8(*3s{R1d}7WnXg~zQ22+ed z5=}@L6E4u@g!&WY<4B5JaNPh8D=tXLVib`}jYViC1$l+T1+48D)`q4y!ehd{Rx68y znE`-Lefn`WBsh*m+S|GQ#S6$qPa%3h;*ia!QW%xOvFaZFWFrLU=}7fYBjkrOkr1vC z{)7`y_XSOeXtlaXj>jXC5P=5X&hB4YUDd&^_np`Oi)thFP$K()KTl)gQyd~1#j^wn ze?q1hzC1$5Q#>Z`8B0=}HAg|BS2B;u0TQ5gwGax3@HqwD>j1rkbAn8DN2#Q;Q>kZ# z%$K@X3nB6aPvejrAbYx6E$0+280x*P3D8sh%hTZYtP!#ojcN3y)k^SqQMam}1drWr z2HxPAH|PdrNO9C1^t=4oZmSi~!tjKJ)L%GP0QP8(u zori?k6EL$UPqx*qmDCet_2bc7mYi@RNR&KL^HKNxBApQC9M4+_(S#@~MEy*S5*^Nw zFq4i{ClV{|^z}GsD}CvMg*||xiFOMYr zD|Y`8a<(72JJEWC)YA2gfbPn3bt0+0NJ!+9^knIa;DvB9x2LMU6nafxo(lvC$5u-u zjN>sm3b7E2aPuD%CX~S?odNs?1NmTrKC*B&CFoRjgrKKwbUZS+*Y38rkvq&=U{&q5 zrnvzXa-ISOb6}T>T1%!!qj6@&?QXl(!oE+0c*6p+Xu5|`6HQr=IviKdJ2TLGf`gwq zO~^ag073t=aIjPQAF{*<-~EHOT2i4|)bEM5@(t6C3^F|#PFjo326fb?Kgw)}g6kvX z05%7JM+hJQlYRthm@}-!*;g4qq7-dGGFh-n*9vF+k+gv?v)Jie_kK?1Z*VMSzk_^V z`gbb^sy<`lOUiRj=0N#@5y&r*GqU_hqpC@$`LiKtYIVR?qL`iPBjir@5kl6MC@UG) znjgvBf>Oc~7Az+=la%UbsX$+9KTjk`Bq*rFa26r(byN^;z-qWyx-@Dyzx%jG~vbyYw zP>6>l)Eo-Oar35X3*W`~w;8cAaJn16|Bmd#3S;iQLc?c!B=YT(&97funMDV2n6B9K zJZ)wq(Zzv%ylm8plf%=~pWnTIX+I!kTl|5u>4Ebj(trksvr+a-4Ydy-`I2OGvTIxr_xrbdMcf~(a7o-W=ItWKz-wO@!`>W^Bt;rA?n}U2Ss22vb`NJ_tGI@fnTU?|UR)Qfg|I|s`b?KWWilU&t?miYVt zkIg~Ah(G4*8cn2MfQpC3(YwJljLvpwlV?!C)m23|tTl)&qjU4S-;f2Z1IU=%;whaUdlX zAR!+Z8hCxL-)en&7ooT8f=q{mqrvVr+Uf7~x0MQgv13fx=n@MADu`5%Ml_;gLV{Gq zAJb$q8~%UnTwib7HV}W;r#Lvk))bL6*n3)s3~rjC#tM6g9Rx)m8cI4z+$2#WDZBpm z!yQRmPKGQGd)R~dP#6+L-v2xPjtzq!WV{|Ny)ahT!NjVJZH=)H3gg7lCM z`nK;=Is6huG5oG^%V@fPXq-Hx88bW>gvZm06+8$YdUlVRM+e;6ZrBGHNK2@2Aq>@K=jfx6?0g>lx$iu3S&uH4tk`uB@@mG4`XU9xj?9KdNsG$uvr`AMt80g*c zHx%1%S+Jb$-*VdoYGELw;$7(i$)H8k*CInJbM`2%aBJ173Ogjt@5J8K!IS}NJYa<* zY|Pu(4H;{J+M}47>sja&|G>q@vpkdDKGF~6>MkTTJ8;&Lj#TM{$%v@=dd^JnT$bf zJ6NTqXiTcnsAh{XkvHXkXK}BLjgO=_O{dr66<@>6KYoxks!H7)jENK8Gu}>PtNhPd zdd+FgU%re+H#EP?Rlk2nY3xUMuazir)w&Bt7Ih1g@ND8V#EK2i_*y6FJXM;4JeVOf zvXDYc{)0n)y8?!;@K@sJy~t|}gj_-R-%Hcv2Y5phCjQmr@?AvM*NQzGGR1GUA`TGv zEytb%NUqwxk?s&4l8;{^i9Y)URAvRo3}QB9OFs*QjUpE6PieZ_?GnKxCQ4Un<#Hje@Ts0%gm^K@zPIPc{!=nS*s@4vpxlK~xBp+M@2biI2LK t#${X46;UHwX?;w6#!m9TZC9Vid7Q_2oX3AO{tf^D|Nq7iH6#GY1ppko8;k$| literal 0 HcmV?d00001 diff --git a/charts/wordpress copie original/wordpress/charts/memcached-6.14.0.tgz b/charts/wordpress copie original/wordpress/charts/memcached-6.14.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..af49218f961439a6cb8b1dc7001ee18d9bcc8ed9 GIT binary patch literal 40339 zcmaHyLwF`kl!as4w)w^Ej&0kvZQD-AwrzK;j-7ODJNc&n+0ABZQ}xuYsuuUWbb%=Pz_gS)%I^>yzj)MX8R(tL^w=sFjlhkf-% zC-uFca77@P%8ARzC70~m3Fg97KZ zv>ae8adjy8hP(tOLWa>1VuK6UdryWA{lvvA;U)dus}_7liGGhf#j+$Txb8|OEo^Js z#Fw3Mm+!TTJ11fQNI4oA(x`dPNV84P9C(bW z#zI@9(^mr;G(q(dQ@Gb0_*DBBkW8{*oOlqbK*0&_O~V}cz^KF@@q?kPi7piV4+w>t zE3<4Ub7~p`hGS475bD*+lu5pElVJ0+tIL;7gaDRmy#3|3rg-w0gTPScv z*{}8`pP6pWV0a{gkvjtyFqyq9BL7qlOP#v}I5?a<>`Z+LiI?@#v-cM=sEepK`57pI zJ}E~=1!j^Q$DWm^;L}(+$`%PB2j);xN~nBis>;iF%xR`-G$S+EvV?G}#cfWFb1#T{{1AwgFUr>E`HwsiKt9C}7(5%?pOcVYJL~lX{U(kl>(mL!N8=5L z9VZE)MT>NLTki3#UV&pYSCh`6f^lv^gu#S~#KjPt20(LhOM&!?$L?$PNwiLGf~3$) zq@nEBnQW32nFg2hh_Ilj!V)xns}>jG=yCdHvV}*2+~OTT#HSRAf;W+W9Z%N;ZoZ#b zab% zBbl18Hab7#;cUyDIZlL=&(Y=XG3@SZcVe)AAexxEfp1p+yTDV>+XF~$JXz@Xdb(rs zFKy}Svn};c{OpUl8>47dQ232nSpPQ*WKUHleEt$EC`h8e5HUP~EYq>}#qW3RzOgt$ zU`~mYijuGyo91Ng$C9*=@cVw_DEn;usAV1R5gQrg#ac_2*Bl%)lgJpaE*M7$F>j=l zV18J8f_=E-AZ@$mv((@rYrvWe6S;Fwy11Q%R9k*eV%jQam_^EwOG2%DoR#D4@MzqtK)chYXZyE7YbJ z!Hgwpd#T}D3wOt<-8O)LcZ@6K-X+ec8mVQol7FX5o9YD<;;GLYP*BvLj<2LjBghg& zo;Dla)@Bp$Nq*a5XfiFVK0w)$O{6K8snVMVHIT)E3)TuCHC46W?BP%n5R9-$KIR8c z^6bgVPAraFI>Wh@AHaM*`yd_*S!F2&63WPFoFc(&j-V>x>&5P;Dl$1jDC5!lZ5fD^ zcr(mXC~%{p8EWl^j*T$X`rOsi zNl&zG&XffV8ecO?mU5IgQGHc#u&-_vhsHUhf+5IBUyLvi>wGa4oh2^U!is>F`<^z` zf^pM?CK^m{2!L5g2oUBQ2q+$!Q^d9kGkb@$~qNo>3yI{QWOt8=^vKW5yfiPRt&RN&1D_-wygV5kf1_>P`zqL zV!U{?H=W53C2gS(4M58|Ae#84y%1sFU`@|;8nQ9T=GZXyC$`ppeoRRwg~M3p zD8K_e!5-mzr@(&}d!bE9*`}k}S*wjf(gU#4L!&1O?T3`z|5>bSWi=dUQPO9}0`slg_# z%uq8qD~{6+o`0-6?j%Jzff*Y~+6s!-r$(MX2!q(=rYPuN>Rs+u?=Sw>e_^%oGU{4a zz~mJVPPJh}aabaxa$U1YjXkWUjH05i>JE)T!rAhK9hxhe7@Yyq6pmY1`)49NomnLo z2`wmWE>>{?&c-!6<%bB?Ohc-MOL)%NNgq)lI60h7VFtXUai(H0h}p)LJ%(Z_$~f); zm?Qmo8L~4=N>xW&qK2xKL#Qz4LGpw4B%|uAFSaNY&%gRs7t}xu2gTYyY&dT*O{pX= zM>}J^H{R1WRl3+XnNAj-dIUj5U|R)iF$N+ygDRcU!w_Yg)B&MksSn3DI946poa6w9 zyKQYS+JG&_>B1xi@5m;SoGQIA*;!yNwff$h=HeTrA;rchS8=1ack%Xp5SC;;O+nn0 zgYY{2eObQOuk!jPn#tP|I2Kd< zFm)pv4ij%rutQdAY}YBMJw?VQYCv;n26K$Pw4M>^OR>?d_U7?dE?(Vj zJ*L5K`r?fj?HA|iDnez*kVrN<=+4O*4oj3pfm!<@%%!)=Si=>qSuk?6)#>bBa5LLv zXdbpbWhYd6#HOK#hl56|qveZ`2vK%gdNGLWH>2b&2U+BU-2h5#*CF@HLV@2MdN zS_??*xgiJA4Sn}8yt0hze6J!+tAVx?c)X?kDr7pWuM6aL)YMQU^s1rnh}TsIUwznh zJ#N-;N1uBaHZ%aR7EEG1ZG zA5DH6$v($B9y9hGH~-V)W>Yk!3kURpN}^h}@+LHm5&)7v%bZ4|U_vxPn}LGD?Vt)q z$+jUFqudJZLSX9{b|G`eyFb2uuYlxtll>E;W%%7Q7Sb z>0LY;y-gv+})Eps)tn%*~>KwKcRGx+U#uQ*DnG@4+F&&obORz7yFZ zQ8uZuUZyW|55mep1E6-Ymqe$;)eLQT&yyfp^mZYgOrO*&UbVE9DY?YbPglxsz78R7 z2|CR`g+_sCo=Fqyg(+9-OK0j;{*xYr=&7&PCGZJ6aZ3dnGx-J#gAmltHRGeIEY9t^ z;%U+sAV_g@t(tl{Y&`Z8%$~6-Toy5gdzAyW#nFzOKYqt3IpEvy60!fZ`Pwd-dUE0{ z-#TzELA7v*E(lf=?rcb8#DEE$CS#T&cR$^?1E;}k*gkPr#aZ0Sj2`i>U8f8FF?Qc3 zr+_vZdzfj;eF%T>6grnZTS3N^h6!k&O zeQ;?`FXj9FNlrcRK~l%O@E14v%Tm&t6g!vbfSYbSrCb%R+EvHWg^QQNp*{A;s$vr- z8?OQ2$LG;g#fuXd$xjO98>`r=kUoFYBjAsk!x%W}9U-T$?i~l= z(<-;eS#ZQNZT5gKf&;ShAj}C4+9@zWf#K5 zWHWRkGwv{*71zKZSnjInfTho>gWG{vp~GETV; zh*ftw7pWjOm4e0Z@9l*8=xu3(Me^rErHk6mOQ=7vcAYQs%{FTodeD}5q!lS>T%e+N z)2Q^!i*kM1zTm8bsUov-&xhW8YKtku1PaB=Y~@LhTlDvdh1jy^&p!E6nl?x&bpfzq z#+CgbU$7m!=bGSkGJ}yyvx7OuHMcPlw3I3~b=SWq(X){Ul-7QEReob*RTXaC9s%Fm zB>du%R9zW&hOwVKqzO3}h3k{>+|Eu#*QLx>Yp+H_`Bb0F|Y zG%-o{viZk}LS!fhd*2t?wG{qLg4 zS$s)d!Nmt_;#vc`!MY6$T)yLv<07kWxXK(NX7@3JBt-OMH<0RL`gOI)p}NeD<$+ zs7H6)BBeUf=V~lSSPWn)uxi`8n$icg%m~BSNOgX^wA6k&*mT=7%{XwbOgI>pysOD7 z6FTvH{Cj1w$v)Yn<7!|jXA)0spsBPbRqFDI+CB8$3+1}i9T#%~zJeQMwG%5pcm!xX3!B|6uReN?3utbJpqpq1ImNo6I@+BtC2X?dIe3?2?2$|Cp*XXH zNlQVa8iOeu3YUs;+988t-^|+RJ410i4ZV+lMJ&>XvW~oKSk6M4N#?6rW=tO74Cjzn z!P6MteB505=y!l|1yylTXwHsyW#0!r_1Hsgy+2Z$L2H?X%8ov(EVLq}+c*A+ti+Np z%#0gQY#WaF_ONMY4X>3KQHjuER0`RsHn~BD_{|cXifu{IO~HAy9m8YJh$sgwLl0kj z@J@Tg{`Zc_K$D2I(0sCfCqm`-{w_g6=3Le@Cwu>-`JoSXAMc%u9)^UW$IVgShAl(U zPmYp~0L|wPVf43Fa-l61S>n@TYB@+fk%Fca=*|NEVCU`HOx~HzDsUydE&Cie!<2v3 zJd+g3Hv$;9Q5qOm8_uaBJKN$ye=}czp|HpgS>l+^k=NJ*%m3Mf;Q8vsa|_l)i}tU0 z@`0?HEuVRZYlcPwE*D@lK4O`nwe#b2;9F=>Tv?oH>Ivrww5@iVi#*70t;=8ij1?|C ze7|{1Sv+HSrk2A&{HOoYp1ZoPQ>2YT0&ddvu@a!Q;kb5IKqfsnOH>?R>Qxn3cxZ&F za&YqKLTEbl*<1HDp7u`?Mra+@sHou$ADcXDf>UW9dkbl9S;naPVJ}L}wx^kKa%3GL z;(uDCo=n3_8pQ(p^yYe&$SR8&)=Us6!@bM6T{PZa*5ACuogSV5uUP=hI&G4FWfDfQ9kJg_XZXwZj~-O4`QZe&dOy)D4ZFo zEeqG!r&hAt37iKcwXeS_1q|vCj9v=Nu1Kakh;|9|gr^%ySM4Mo8^ZSubtLXk>eiMO zLV&O=Hr6jjeF$AM4|hC8u7(m$)N?^oT;742XXCyjclJyq1SGLmB_1$mxQu#y7%Gh> zVk0oArTJ4nI1@t|47qwUM}u*mtqh!4MBkY91U2fzxip()Tnd#DZ1-XPeS?EON>!rD zx>6cLzeu#~-(Rr{HU#7=`G(>4hRFy9Yd9o+;O4?vt9N~a&E6u-l@ak1ejXMDz)jri zs|c9WWqNyCb;+oo@FOs?)7g667q(}XQ=mpzFVmf8Q}c)Rp{jiHyKRLuOYIcO?H+Mv zN<5HfR%@#!>%X752h%1?upC_I^wt$G zYxj81xM0mHm5tKG6!j`oD4FBBoGKMGa;9S2DCy1nS6xst7oK7PQ@Nv1=B;nd4veku z>_YwQCVRvRo%vPDy?uBxQK|O3-H^Gj_{-I`V-dxbkVoZCrt2@p;S9LSc*UY`Tozi! z+;2B*qL-Aelt5c>>EzC)p7hiN8WTFf@*TmasBGTXtU(*oP3U><%?n1ggqPiUercK> zu(cZDD7Y_*BU5RpF2D7{tELh#1|u_R1qx2ULMSa!?k_b&+m+iGRO~U{itJrH41xEy0Ky|1W}4()Fi6o)7i)Prr88qXBQzP z)T`ypU!RuqTex>OM?S=BrHn?7;+OBwl9Cj+qAzMsjZlw8d30X16kW^MwL+{Pbmoz1 zcWj;+$MRMLws)yrLZ#{UYTMyeFXNG*h_%=jaOx)C1%mnSFAcTN@Nww*%)zGvF(KVP z1{pUq*E?K@=MQXiLV$|4Uk)pmsB05`%)?#nI)!aGQzCX>^(`f2>bjXIbkBg+#mLeG zFc*HMg|k$%=#etQz|M8+La0z48nRtp4Ja&8-R3SY8bNW$8}&K4){0uMZf^;r}Rq}|0qOo%F@#OO;vAL$fZBlh^5Lb z@Z5watWvoD-t>FQC<@=7jr$g_SR5PU?8w@;G%sGgBa7`_Y(Dyqm}m)1M-KsAb7c~< z2c5JPp-@P+6SS;labwqnITZX2ts?%T8)A(Dg z{m*WE+mXa=fU50`3utk*unfF}CSq)CdbNUO?Bf7|B@dt40@r0I&D7efn+42RfQ4oO zGKDp+`zP@s;!74M6cdhPl)yJKUeHaz&`e}IH=j&Vo^rM+21HP!Tf1>>nDMLv%wA1v{&dX<5SL8!|mJy;jtI0Bf8?Pw9%uuq-EJHbO-9 z<2~4!X3EouK$>Dotr6Z}bP(R)WFcM#H@_x}X7LU}O>@MX9_$7TR)ie{=czlu)x_*p zM}(EZq#h8 zBhost3=?+C@DFE1wOy?RE66dLLardvOStMJ=o6wO#k)XAVL(wrC=Vvtv{rE@c- zVbw0Q!ALHN+gZ+-yo9IT#y65|t(SF;p=M1xevy`p&DpM8QhB7K`SW<`-mV7A&$`lG zJyxVu*I)%d$-1)bhLm$z`KlhH)OzBqHQZAz_i>~u#F%SlA+!>1tj;=8A2Z%ynP9N0 zqK!LLjV4mF(J}Fv30NUls-6<40^rt{`37*Fi{u8dJiG6(Gy95V>!jxSal-Se*KdLW6J& zJ#~+e@J7rT zf(-{YB50wss7#?aWZPafA_ElnK^zwUmtE zGNDfp&veb$8-Grrute6u5^z+7J9T5Yz#tzHBja}c!NL9JJQ@b1KR#|a2`lb2Ug|S2 z?X5<8Z}xoawzgIZ2oE+i(%`pBvpU&dRuKE_7}K#G<|x;T?yqZlS8A{laD$!5Rxx}a z>#9lnHsdre>^3wSc}@|}{?;J>%_N=OwpV9Uz1g?T}2*``CkYtU{m2MwqNtZi}ag}LLm;JoI6RvZ$DO70#c@%$hA#XDxPh9)4 zAsx;hq5HhZyn$WVu$^afl&j4;H=Rj1+pH|$%Gi4>Jbcb~&u_gK@ufhcGm%6o?l0OE zFp;?(vDf59aRXqOb3B$?N3&|l=BRRLLK`lTX>wjQzOsfy-x%$fo)FM9ihN)%&^<=U2b+-@1# zia@d7Rq9t*xqVaib(vY?a_Yyd9zzA`HUIXHHwc`#c(M65qqFmOKT-3C-bQ$Q{DJ!i zr@kaVV>ntH|F1zH;AHv2!TrUccYV|A!Q2CQ#KqVBQUBuJ2g+w--TyRE8vHyno4Z-% zejUXhAwZm?7x-TzhnxhmU!;=?d8xE{H{j;1K0khTHbJ1r1Kw9yR=THYdhpDuVnisN zC(OJ5YX#b~NOeX|Sd7%Di|23qK$+6M=iPQpPwU-m6j5^{CFslQ$K${*^6UI8g3A5Gpv9p!$WjDh5c5Oh;|cth3B@d#ulcohGPLv$xgI zt=q+C2X2oZsNPoO4pUiCz?c`oHBseQ{7oanQHASgOYf;N64AC$}T5upzA~ zo0L|9h5{iSU-4}fv2RGk=R0~rmHyt^hnmIsoXWQs}*8jtL6wb>9Lj&${!`8j$E z;U1UjkI)SxVTHugsUYOn)Q@cItv{tpwVMd zGF_N~=2_k_bSzaL(T;Xo0i9jBpd()?`}U^<*_=0#3Erf}vU4@u6dATyAbvgo^dSfd zD+%8IhqWCO=p(LJrywR&>NJGZG-AHqkqJhW=$&hT@H(O?%jt^@Vn@^4*3ZtA5x0AZ%;z5e8}tvKYnLhp74#;~dCevi~S8O{<^l%1`_RULa6rZP|&X*A&OOzXf=lJpI~^ z{sf*cUtepy0ZH?A{qg-*`AXJvD&ubdOdy(C;uEA;&hrWQeFS{mIEKPVe3?)V$Te(j zA;}{n1^hg}LHuXOKzu^u`b5(G>sq2)NzE;!tPdnj8;LWwgqSq$WutH|3(JXJK%}&!Zr>ieNr!LS@$O@G+ab{Bgw(&< z{x)+{^qDuR6Svsz2|jDNQ`@9lYqwKQfUUh|bJKYDnTMPI9X_&YSvJi-k>R;ROm*6+ z2Mt{I*PeGl7@7Zc>5Fs^y(Meqxn$a&UQ@w>`{jfe_Ie{I4U0R{@@^>fphKnrCod?A zXf^t+VzgsZK+!m@naW&+jmI%r8qpbNc-2&}9D-VOu-Mu8eY><={(^eYJiE$pXt5O) zhhrwifG}hxOjTV@a;0?Z08b8C?mbg7BsB_k$ck76nV$~c_r$<~;bX|`AlfHbv#haJ z-=;3jzRzTn@nowIC*4`0>F+1u@XpLy{ME!c4;TEEJ+;2AiiC8ASLSHgwO8V%eT*x< zNf)IRb*M0^cY(t{gWU-dCwu>a& zkHV!eTowK!VH1=DH$NY%A;p7TOzhrXGsttIeGG$(jm;)VlQf&#QD|&$U|d%f*1{?w z5S2i0YOIhg9vkV;2afz=r)@k8#Tn z1xR89#d2TE7`cXaJM0f+_7)%|yc;EY%anw#15&Lak zy=GnNBsGy_&CyxphVoS*64g`v(o$5nj{JR{vO<8or5b00%FObcv0A>$& zj~&&^fclr`9p6^qj}dY$>mOJH&&@&_^B-R?MAHp-NH}3gOkX-}lzi#S)3D>1RCnVP ztSWE4DinqYkOY{h^#LEXFk#!?fQ<)ThF?gHTPSs)tr`LNYnt8ohUk{?@tu9FX-&;!3j~= zE%f=yC z4WGK!Mse12z}1W+oDxv0i+ye2e7pt9S=hQ8s%g##46s{O&2x$tWMYaTWE&rNA{AA; zctPL$B1hY??hWoVq-2!uv}HC$-SHDTKxI@x9%NS;pBv2R_p}XCdS%Tbg|kmM-;q&`*-~T@e8wG zrz{Is`gP`~n4dKkRYhqN$Y!GRK#s9T7t2ztOF)6+e3-c4weFRRq`VZ?ml?~kQy~xV z!7eY6bE-U&@0J4XAdgoLt^2D82szAGACbkZDOdDLCOg(LbH@cx>8h1ePK)_^{5De_ zT?MO$=Yn4Hz9nZD&rM1R`_K5QYHn5`IreMt$9qQdrTkpoUax zU3tb(jih_We6-qJbcMwOMMiF;FCQm%z7pHG;BcbNm?(`8tY%+LV6DzF|H@)7WQ<7t z{sDWmis#~nwVlqc2EdS%a=ClW#fchlZW`T|AoaW}Nc#7h#nFRV5sI#LP(IhFdNiOH z5;$8a_%k#cuXkYSLd`!>YB5y#FH*n8jgi=Qy&K<{qcjaRH*X;eoX5)R*G^n59U^X~ zjN9lTl*^N!=GBh2qaI`@$2@M+8R3b2DJJYK6NdWJYV5%xw;F8B_|y2C789cYkwK3D zH_!Le)j|Ssz`b-Pdy;vS5kymG=Qk4PQm5!BzBx*<(@#WZd@~*;ZL zeYE~YAn()Db!E-oPFaKPoU3JJ;TBc=^6%Ti`bS7gahRr8gr|(_=icY%4e{(w_#SZi zF#Czv&ioBOJHJrs%Vu76(|?Jr!nl$+O|u1|!VWprx}>&IBkq9Lh^F%!0v8!e&xy>_ zkxxGIxi!3r?G=1MI<*k!Q=NIy5^AFCBMx|Fm+i_wgVvnacyLQ}c7m?q6nd_f18 zQkBfZ+cV3?v|52MDAB5QmdyM(d<+na`eA!fFXF&Edri>+Y`bOkNDF+{c7ko&c31CI zZwp1NWyw&+*3mx6!9aFU(FxtiRj*Kw>gIJWP}|eTnRLD~_Ru+9`9SO6+~^su+a+rM z_8+}7+@yyEVJs_UyoP4%*?Yfu;Hi?``GG!#ul*@}@V0$;D7@06;nmrh#y2%{ zRmA?U<3soS-d#fv*^{=#^b`n~vA^g}}S6Hil@Lvit1wt+bxS*H7J7 z_$2^C;SqhB`0#sfc6R5N#`1^2KkVt>0eVHAv~%nLjS{(&Brvege(?xGpCdqeXm!Xh z%a8We@m}}}KLn%?KFRt%Fk}LmUtV4=?g9+_bAiZrH7?()4y`IggAgf|E}gwTw~8E_ z8J#pVZ!5i|np@J&VY3H|dvmG#K*=;Np3=LZLCi*v&_A}dE)1R%KlCiE1YFo-?w4dTM|4xS%zi2apWR+d1$OP==Tk~1ph264$ zfjXcgE>3>W%a0j*+{0tx79)m~zYUOWTZPIF?ScyCiezxqxLcuc+;Hj}iHyL(n1kz3KDhTwew3-Fm|V z?hEB{Oa(ATY+T#>_1c62ToO1LTx;=YKCxiZQ($`hE5Aq1ynbfw%^4Q=FDOZWBrj&A z+B5~_r!y5X2MX83s5{)sw0ZTc1LRaBu11Jn^m?p4wswJQ1lL z4xd6gf47cA)l=~zNbS#95vy5I*Bi@-q)G2wAA8b<_M+n^9hGqD}LHABG~4t@izfpU!Be|~X&7`y-@Jg=>QTnr_-zjbK^ z9X@Wh=hW~OQ{2qYIx3xUg?CgR-^}3-Az(!Tv_H6 z8-Ea`SS77>Aje-Os8eYyC?&|2G3kj7OPo8vzqbcdgdJR9d4eLTrY>hXmhMq|72Z8p z$A|khoArC2@shLBS&F8hzP>)U*et{htJFV5q7|i#f(U_PvZN;dhud8c&_mQ?UF z5YA-HB2KA0{UB-k3o1s=EKH@nGe@Yu7(R?b-31<=14iNY!Qb$}=`XLiBW}QPTJD_n z4kqZ$YWkbz$}dlBLOy5R(WA19^u<-$aXP7XVxD~FL$_h!n>ht(f^+=~>jd4Pre~Zt z1r5tS#P5>huq7h(;ZhuC*xB_uOk})0#MQj+w_%O~7wNy^vFd+2FwYjl$Ndt`ljhXB zarqk#vuZsVtF7T*&C-{s%MV-mNxzt5ej|H*_qTsE`G5C+JbeO%@_hJ#8MdZP&s!Ib z0V@S?)@l!_V-749UR0&)#1Ed)c)<`JQhD!dcE1&ruxs`hI;lnv1)D{KqfMR;;)wki zHG8Ol>iB{A0%)36Lp~Y~6pE!Q)8wq4Or`4eEGu^|8w5ZQ1xuiZ30Zw{9OMV^dgtQ& z`ybEktbXPr-){|n_v6B8w_-|v5KosWZ31(Ljo-d(B7qW(ei!Hq$he;#@!sy-=Sl72 z`eou!Qof0%Y_C5R2Crw+=a9wTGjss{y$Oh0_$Mwzg3guE6wiTWg z#-vc2%lX&t+r7QZv!P7hDl?2{sNThn-WwIAO4r9FOQSrMIg&GxJ;i`;RH{VLNITnB z3||EkSLv)ZKu+v5={#ge3T!->k%R4*q0}y1A3tcdrwmU=^5KHIWKPk^WakG$GVOs* z8MWMQNUjy#=fD^DPeh~L0doJOI(=Jx&yWpNlV!hJe~2rd2Co6#p%&KiVHZ8xHF;rU z5MG>rXLx;fX($isN<+s%*DM?^LFSOUr#N%X`#Vh!g()tR_qU}k0BPx2?8ZswoM@bb zg#p+)4x}mtZZ8LlJ?DRMsl5SbW-sc$f&Z>Q1(=_|J46J|*a2xM{lZ)Rx2mOyhHn*Y zSgHJyKtY9&mgbSBCHbhqOLcOhxmmci21rY(spx)l0sNNt``Z1o1_orF5X}Lx%`(|- z-Hq33_Ny}Yg=Nb^B3VV3(O7Ei38BV$=b&m9cpJu;PhnwqpEc;Mn>e$Y3-3&|cw7mi z^izCzcTNvk<^>}I78-{XL|Xedn7G4iysL(L3G3?*I*1fI@VrNCDp78V0vN4JjJW)^ z4`w#+CdtX1#92`DfX-J$IyCQQT)akPDBbScVOPJHd{yeV4_kX8lTkx(y9Q{BI#bd| ze6}GAp}6UdIf_G@s)#Een&8ESaOe+;4f07jCIC(@>dQY{!;5uc+VPP+hO@(N&8m$i z(}x-d>2(<8tsR=>e}9=TAFogJ2Ru^K0Qnl7uLZt`r&jB&zx(T7Uix-`zKIqy_dqoN zzNxOaHgU%)35WM{%14}@P~D_2)U2)kRF@hLJ3E)!!FyS3Et>dDFE2?KGG1=UKd%sI z++wt3Lj*zD&Fve|yK=mWjc=Dr7~hpbLFQv(Y8V$W5hUq+IarZm+~_*bJZ)+NhwW`uRF8ptDD1M~5Mok^a>eO^ z@Dt3Q#!{yK2iz^6r|c72%kFzjvDFt^gg?VTV84Zf8x*K*Kzxa}qzN5o?3 zrmH{vQY|rztBr_YaAGILSz;C}LSvaqOh{-5JooI=2S?jm=DMdIbG*nus7b}}f480@ zZQA{Z7y6$)U=hK%6u=fT^QzNdsw@uU!Fz#?xY%6`Mmv~)2{WWH4d8p2wg?n21{3CS z+{ERv?1yF{OO)7tVrf|JXrIH)$efjz<}fWTrHJ`5faa}Ehg@&+-8ZieY@g&7z#1=? zu6TL1a}0%D!z9xG&0YwVKRLk_0sJfpg@L*ZWvly5IImW06%mZ-H=T8f|Yf zy-Hyw=G4$#qRQA*%_BM1c+mf-1Ko#%{}BHhCUrqXVWdZxqAZKy0~|37l}8<} zB9u1Hpx%u3QoV+02-nyiG{!VQD36Gr5(&rotxJMdm_1IFF(ZO+722)t|KcZC@odl0 z9=M8YAWx~3YGH4qETPwtpH`Zy2xsR1JFrFF!Te1$0TF;z=9_wnD5WcB$WCCwN+9yn zWk-awmXi0pxZ?h}4NZ%zH<|_f3jsmR;bZbrg_hisXr>2Dgs|v+6;{3~j5>2fUu$0B zXlY^u;WF4CP5?VVrnZM!0@@aVI|w&lsd2woo(3DpQOFa;HNg1F&<*pBAj;+~A_!!_ z;V$ngXviVBO(2-KazCt|TP{NXMlbd{Miz4Wx_j3FF#v4jHrOEfC_{HB3pa2AWXhpz zK;3VohOpZFkk5vUX$;-&xwD3{%jSNV;p@~qb20XL{7Io#)KLDgVJ;fbS9Ie_2$^!T zgxB$R)2IEqCYSB@VLo%G-@Zv1C2Q{-HXzY&N;W~EN4E-Bj$w>9Sjmbe}C@qjmm~DOjaqJP|EQC2cF>dEQ#$hfcV+iUQVADLFL^ww%~xJ7W$V?;RmI? z;DERmj^`>R-H0ZN)qJ{2-a%exE$xn6m&3MNzj*C4FadtpzLl|ujjbwV9rzze3g`T2 zl`*;00Qh*vzhUQUq4UIo{k3Z(bbnqa&jnBid&TpM{*M zS`y8d5eT`5#fyDH=fux2s2(%^=(A>BnFE~24o=lMCI^0B%g?K-{Nxv+0k8LXO*ZLC zE`309pNVKT-pQY7@}6#se7LqfvQ1RYVDVp+Mfk0Wl6hcsM#UI*NA-(lx~cC|AG}BZ zS2fVBkm7p+Hw|;S_IARb(A&iIjY(T$_$w-%oE;dAtZ5n9N|M1f?#+?GF}>nUz)u8z zMYeQpDrl>gQAG}|-C9~_MK-YET2?d)y_CE0kBWXe4En?B(XBm8D{sk0UX}+UV0T@e zIPc}YS|%~2^kSo$+E)&7ygG`U>C~r3tC4!^o8B z3t3fY=xcjb1a){&78QYQM){NjKoEB;msB+V$MPl{Ny*7X_&3JHyG;+^*s$9*5#h_V zGtVcZ-gW< z76iWCEx6XE4aqPK36VIVR6%|HKaSam2Vk6Ku!O@UpA`YnE0eoFU~z|Z@mfAY-$`Mw9FToGmj209q*$LBwTC=AXCcN9xjFoL*-WAtmm z3)p{7c>cLmE9hHXX*3dxe?9ZK30Iv_R@7HKTDvJPWT`D5P?+qhQXE@z1i4!aj1YVV z^SuB&!~y8!X;8|lGErF5$RG%G_EW^2JfJrdjYu!{o}!%f?b$8CNao#+Vf3itmqGC^ zek^b}{2cf^YRj7nY!-Oqz)cSv19VNY0R~|YdT*dUsV@AuaE7aQJiwF8dvCsXci?Yf zS!G?2;&+Mec1TPf|D{lSLE}*g&Yfewt6#wOT;ZtLqfjsQU3q;!WdwPEbMZ(!c?5`y zo>z7)v%ucmuhrI10iTchzOewm#FKuYM*pq`H1-&J?XAe!3vltG7ewG39io$`w&=Y;J?RJukIQ%ee!H!Z{%!EiEr8?#EE2BmOuqvRg+UMQ8Fq)K(dEHawE_!kXj+W7+R2wLxNl8rDXVuE?fC3$cF1Io90^m#}Zwg3Allu@6iUXnYPp`KN^KF#} zLS$qpQ#i+#HabbwzMzV+ZYR``Y|wkw#sug}Buf{SM(TcGCeo1D2<8NWw=!Wm6rBH? z=p{8lMx4@t_%Fy?hLZ9gb$}JAls?}{fGQXT0cAxV=1m9DchSh5qOs zItu{(XF?~xMa~8fR%Fo1J27Eu7>87rG=q(umyLoU(Dj~Y#w2B?x6?gG5*nC?U@6Un zfjefm$d>H-v#woH3E@DuwkI6jmCaeQ|Kl3WV%Lug>;{1CEYTP{I&;~r zNc8?s|bm2S$WEv2P_>nD!%8OOoE?7!p$X9*Q_ zq6?l8&1EXHMM7xdul;KZRDxMn$f=41fDUoe}bIwY;69>Ht69 zAMJu!tkVfQjHmVYftVM5e(7HPbk&1hOHeddVb11QM^mFF_WuLmKp(%R>07mSYd@EA z!}$8F<+%ly8yj{kYJ=s(R%#!w>R=Vaq%Tb9$bzmDH3&n>w8<)5L!GL~W$ zp=9C2DhKP_siuVEQ)@;RK%cg4@~wOC)iZq>XO{2$Ml(eC3{S)W#xN5VN486F3l8La zCDc@W>#VrQjUMglHiCi_ULmbs+ZGd~#ikFoO{ty>h9iOE{`DR>KRg^6Nvw>>u&w{p z5gnwMHF5qS))H&Q+|g7EQMJ^-hbbA^XKVHv5&Y+w^+QtijK z7XnF)WV=MlqJ?D5OU$>nCBsGtY#OVLs;Wq+^<$Xaz&YPih8z=@GN#JLU@Me`x8z{i za+ly%ONqwL+EGfpXF<@DfC`rCv0O^?@ib^ z&H$G#Hmw5|93y}&U}iv! z$X0=kx}Ja8ij4syu{ksl1udtO#H6%smUbGuXSxC87t!XI4RsA?!>~^X8_1@5tZu;p zoAUcX#bSerj;*K=GW%C)tXjs<@sI|M`ljZ6U8Ltfq(0x?mSzBb%Yua!+*|hm;ht65 z+nR;8O4kBcYjM3?gsUxhFSs^Xr!QSxV?0G%)U=yAuDYO|R5x&L0zQu*91I2naB6mI zs_dBR^vg_-Z7G6sB)0WRR7_V1N5E-dGi{)2dDCVAU1dR#={q@Vr|a?LJr&B0l~n0g z!8M@c--7cDMR+m?+IHT*N0q+55jWtf!m-o~mbl^x&>>s2egXK5=1DB~lnyItS6nMw zQ4Lo&=zS}{x&;T|z$i>sHPX@76G{-E4Af%hcf+*=QpZH$>V%OA;A(bt2jyJM5E1qi za(z!1y1KDxs^vVo#wjLJ6=iEg(8qPrI-qd1!DbfYYD<1OT+wIk4q$`o=p{i(cIJzn z_{xM(b|7L%Wmtg;2b*cmg_Udo)U2#5OPBQ!JeS}K&9|1swUF_`eJ%7%=lD%aS%r|f znR6*wX>T!o5~dxU^^)Ax;MHNxDkQ+AaaFOp)`Vy`T;1R^fpy?OE%0jORY`!zHD;73 zThldUSS}M<1&Ni^UGj$tGTs^0WpO<`smWPNzNHgjIT{?=Ktz_p@@3Hti9YxJgSz6} zfnV!EeJ)#ZHGzNDjA#d3mCEq8)IiQ14dm_zrO)b^G@!PucqaL*P9y`J(R0AfE|3ods<@^@1#tri-&l0&&&WR$H(xP911(q(sV*QJf3OYp+? zqVq>1srnbTDGAZ*v9r)ExD+h+ZPs{OWv z_31K!ILR5hm@&j>Gzl*>x8Se37!bDH)1}NUxO}~sE<9Ja{}$2ZTo-#LbP4X$;kXj5 z8&a_!RiZ*X$qlJ#KdR8B%ZAjpA5}>8_@Acrr9zi38&YsTdU6CYPe;0R*^t8f(Gw+% zlwUf~rOSrYv>!c5$~5gq6}oiUkec?Rr%IRLeiVvevp}yd_9HI_&6C`Xf=2~)x^z;H zTK6N5R8Qe)(vLj4bW)GP`_Yplh9xb8jzH%;I{5XdT_i00y zioo(D3DZs&H?CiY%Rq)M-o$y5RB5J*A0oZeNy)8RO=QOdg4`zGQYW&xpeYo{zlsXR zXhNBCErAn(iY4j3I^C%=VY*a8@^vB1EjUN+fqLl&3!{j#*f?BEE{TkrzYZ|C2`gSW zgc7t32qbhH@DwJ=Hb_y7^K=^|kWJAx_-y{&(|>FYbeskGp9C*8~El3v~hD%@Oz$q45qKWZD-P#ro;t9S&;PCXLWEm3? zV-s<%eLpH#gB!}O5(?w{yg$^$FU{GITjbp%6A94qnx!%S7FbBYUb=bwPm{f_IaBN5 z43a4ddMrwQQ89*8v=cB@SAQZ^{(c-6@9((sekx1I~BT1Jl#0W~{ zbQYLQxf9hw*H3OVGv4 zqXqoptu5d3`r2Zz);;b=>C-#Awe@9DqJW_N#jd-h`RPfnxu9j;ZKMlF?=Z&TTlvAey417u`jRnxjT1DjFTEY;QdWN8ZZ7>aod-1Y z3xe?nlFa3h|Fw`+E<5r|u=1Def77!xU6k&7YRCPEM^ML;y6i%irpjNE0^w(AxH#CH{e! zXQ;THypUf^WsvFGU$Ebco?CEvmJ@+f^j2FJFN=FKRHZ;WN9-C$=pc&ZuM2vGNTZ*J zN;w8h4PdGOA?v8XlJrUOOK={|C>I9_hP=CFO5bL8;+IGm0BRujh5vm$EqY@;s=y*p zIs$@;I^bXa$Y}heXwzb^tH(E31j|5`s*LCp979EBr?Js@2&8lMzl=L3hXK~VNSw$-Z{O%lY)q&5sC z@H4=I1Il8ZjA5EX28lq3gPWODvDNO*u2r~j!9h;&zjNh%rH=ox3gaN=PCXT`oFSFg zLEKQe;$tOXyK(c?DKJ(dzz5khiq8;?=O)tnDP%B7P~u&Cuf5fDVVElOLIOE|ABgc0 zqKmyjud*lDTl5wZP^q(wIYwm)7|$!3!gjSVK`6FWB8C*FXkVF`?9e?vP5U&L$mR)R z-DsjgIdS~tcoi_7UtUF_O?3yz6(-Q5NPr#iUP6kj7E$6WqM zUH&N9!M29LR5qq#HGa{ji7t5-LxIi(g91(G3v~bus+<*W>^W|LD2?D=JF~{;7F?cD zmB!$sqQqsGF04`}3@S_)Qx|BE70)^+XTzg7rpTa^(C1PZM2i#^L4kqd0cEZeX~# zj?D7=$e1JWG|@%se}_eXy4o>)x=0vLk|=HZbS@~5pjL;0M8@ajvDX7dUS!G z*G3ok`N_~FcpuiKi-2s3#Np}3MRxDSbkU%cXLp8JgouFCM=9&wg3DK-dwg}eoGAD7 z7Sb$97vt{!NS`LUWbt^QHQ3HO^{oj32O!AevCViHl-us3C+mHh)?G=L6q5tJH6&fA za|=$)stRo_hZ>J`9cg+R&($Pd;OCD7cBafNI5DegPM$nvg7+I$T*M0oClefjqt6-T zIYTQ(M7+N!h<-@IC881DUj#xQve6v0+sh)8glE07t}<(}K-_{$lhxw*^wP&EYY)Qb zSpp17>xsMPhr#o3A~Z%V!2!+bibBKpfmj1h&Jy9_#1ZG1l7ogrvRmcg#i)u~%MgeX ztgn%oi)K^0ZIv1>r;Xf6C|)w$&(wX8z(w6}Hau2!kMES(&a ziicBF@>#fMou6#NmE+T;kf`I-M5lzp_(zyP5(N1W7ZL;b9L4543a4- z^PDWgY1O1FzPjq+ggy(z2u#enUp=D<;bf}-VfKoZF2|MY(`6MW*zO|b@wkZ-4I6!= zEY=-yYT|Ka*-{Hskjbt0nm(Zt6d<{OBAc3_j?N~bELFC%GOe>pHEYa8m)hrGD>QZl zi5tqU^jJ0984AmSl8jA)?e}ioRg>oU?)d?nl!x?@;S+xyznCFlT2E<=5_NA|B}Kd2 zvm8!GQ-*8;!CUR%qqDnF71JB)NEVRH0aN!s=|t~6ki;sbO^moO2Qs|b-(w+8imQ%^ zgG^ELAdZbW73=SS<74pHv+0I!a#>C)3>f^Ajkdnd4e|3*Hr3s{y~8_y+h#gwF&E` zY`%1q@U=)QkARILY1`%;(hRiLqTbp2qMwC)pyzH1M~?}!b}`9X^Ql((GnW& z8kO2`KCt##vql9r49eI>O43whi$Ic`7zzlS8YVEn>8Ha1IGzAC^4ls^DoQgke~Vc$ zAb}h>wf6mNzqb;uP2~&9T)q`_^jYH~`iF8v)Y{i_zzL0&kgnT5(6T{#rwIM(0@4|R z@!uI1=mUw+#y>9u{m1`tGXZ-2Kht{VY81Eym*4+{YZ`5>|K9YhUqz6UPvW#n|EmY| zq4pE+5=pVy->KNjDeYH55%BP5>SSjp$ z4S7k*oDXaCr}Tp4Fm%_`ac9%<{RMPHG##Bs$3vqx zDxVaIP2?UUJ7wjh?6NU@`KLWSTv;qk*VfFOely2DK{c#?=BzsRoxSrxpY~LtWwCa; z2D6Cz&2*>hePtSb&?k`Al=42Gp(Lr@+iId~L&j6TnXYubzpSVa`n0DpD~q+!wIMsJ z-%MA!-d_gS2YuSp#g@eu(KV1s)^BDhy6TLRPvi7B{IsVtEQ^Kd+Bx#&ql8BOt{v{(JfC=(U7oNCRxcK&Yv)L3&nmuImnRSdEm&+xx>h5l-2xT)?D%bA z4X7vx&+WMdmpfhjwg<6)|ObcC~g@RRi0{T{&aokeiGDO!7T9(^PBVC_~ zf>rBqcYVvJYX>dMZRYqnX;X`zW%R8&T^DFsZZqfR5?V~7E5!Q6s%nz?t3!5m6P^I5 zlDt3dXBmCV(zTX{S-oChcPZC_(^3#PvP;5~&&^zYZo%cBcdNGy0>xaqK8L&wwZ0VE zYw$~}&e}lN&U$RE#qJX9S3S0&Sa2QqgT^oK@&sZK2a9#0>mMZkd6#Dy`@llF{z2lW zcXsDsXBB(aA3c72muIc~`UiMHBTVddazhCT{|UW59eWj#)Q2E zmmS!(jjo*%xi{r;f3}nj#GncmYo=?bMDR^{;GZ*H7a9lZc5OH3c_)FOkOwOH(x0tB zu!=lTp=%d`piLgAkotK%tE{gTx^@u=g7Uz#B&c~-kq0Vt?II9_<$-5R*j4te3SGMh z1Woe5v!(1B=-NdfXp#q>GhLUK2e^Ptpov;U^P3TN7qi~fmV6IBlUB6 zR@t{ax^^-Tgyn%}Nl^3LnXaA80}b-PGbZev*Vj(wfkt`Y*-~~DJE2F{PUe9|dEi;o zbybYw+?lH9N*BQuE|?JYkg5Z*2fmgweSf)EBU=C5}kRX=R!Hl(6u74 zK3l@BPSvZtzlm zEvad0tT{aL<9b%{gYOs-*l*@svSI{^I)F0pUe0zY7R(Tg6Dchi&`*|4i)WR4Mjazk z`_0@}bm~X?+=9#Z%ib^O7;)HdCKv>*d2M*=&mGp+6H2h4tmFCCp^6x3gE^YI;LP04 z&`LtYV5TzM7$Tc+gC+GpWQajo@6kUi*|U7Q7I9-+<2=2$rK<5VYb4$@vQ`n%_YCQ) zoCS!-nU2eQ?y$aEx?&;_yN0co6mG$>DFvVaH!~c~%Ber2c@l#$(hQ5@N0<_P>1Pde z)zmQds)hb8a3bYZOwAw?EUrfug1XS$S5 zal*?y0fI`2HA@gT*{Vyi;3+?=+~=;)Rlh!KrS2^_aZ7ceE+$jNpY;8LyV7+=31#ov z7uhoYfK$4Re4z*&$L>akNSsj|j92~?o;Ap?|Dt0>r}p)=8Vz6Zt&KWwQWsifONYh> zP@4|_MaQ}(CQcBeM=p$YmIr#0FmOz--4OO5g_)J!5xK^Ul2paMg$zq2jDr|WFhQ{m z-}1{C3j$MI29f#a=1ho;kA}l37PEXjh-f;rrAq&Sp5=iAts>R&qVDt17-_lCPc&>+5^;I)L zUjqVIY)jnaz}CAq&T%68lKOHCFPTm1^ z{Y+^+I%7RHXG}VjN?{*ymQ$l0WsF{9sdV1Vu!=>l=B!;BR99A+=M&TNU=Gvd>oi`+ zH2w?t?z;<|efOOviX1=7PWB}67l-KWdy4|vwyz8wP+Ps;ix)r()Hy4U*UZ4{7cmkL zCtN3bC=73bAT_<7A(o~$H`$|1PRAl>O=El;$!dh88H%o4nO07=tpPYMkTSSn4i?AFQ5fr0rZkwr7-mBAh2l6fPa`#ml8xj- zO+gB;Y-~A3)ryB8$B1n^Jv6=NmEPD8O?u?Eje$vJLxKWFDkopD@Vi9dNO!=C&s2sH z(&3r-030eR>5iF~avuC5;gwR03hAT}?ZSfNgpPd{)DVUOrC9<6;=^AHR0kqUUcB3V zwKV`g(;IZH;_i{~80fXX=%yu(+=4KVXwKkN?s{DALn)lAjcAff8mW=0kCU9$d;tE6 zNnDrrC<#Qo0x2YLij?$Zg;F}1;7Br$lOETT*h->Z6(t6k4r3Z|DHBF06Y7t0G7fb+ z{en(?M|RvA=qdTj8P)6hH3!FOnkyCu0#13^qHJSe#z761$OUC`TO8&@F0%rvGc*OL zFY7ujZS{J`YD?#WQ8G>DUL-BE9Ad9!Nfqc0pCj0tP+o}eoFT5qqMX_wrbr79W>fds z98b#gKLMu_t2~QU+AgyNl9D#G4K~t|UDhT^wfkm%( zJdt{MkyNb2PcDCwc}vx(I2YZt5|mTZ+WIL237t-5hpmqV-%`ua+zJm?<8pKfljW0N z0?nf3qB>BLgWOMgw$P~8S8D7?4R2qKL|?w>0X;142m9`{2ue8u2gwbb^B&OYNk=^Z zEI|3fKmx#v4mbk4doTC3lyN+<>$D}U?y5-!si1Blrp|lN089l zl1<=fvyVF?3=4;rVr)10R+AK=spU3b$PMch7a*5gQ9q+`pU@Z$U)a|Aa(jnF;J$q$ z$#S40%a(el)^c10#6<=_%KX9q+bA(~<=h`m;J=3zsMX(nr$2oI+$@0L!Y|tEwXIY$dZWmMV4^#0v_C@-h7xF0 zUc$uF37D8E#FqmB97^)*E^@FS|L#+iU7%S4vl)fKDaDq^G9O{H72Fv z{b^yToxy9Bmx0kdlfnp5SgNfm7qd%{!fYTxTC+cwRX7+UL=08585puDzf>i4T6J>W zP|$w#F^&oRbJlq&Q(Z;E2-BC)EejP@p584|LfhdsKG?Cs)vOl=d(W z0Bo)q0ROM_^Gd+0^&HSzbv+jh3N)Qxf=wUo?KyrEmpy) zX6&4JHF#Of39HXyB9w}bIJoq;)5~oD!7m9OGsxyuqmP`313uHDh@csc_|O#n)ojx* zWSK3cfXW3QkrKEy-TT|Nk%i&?o1X$N?VebvMM=K) zc-MO#*Gad2n~NXYP2PQ)JuO5+5^9QI0aA{d}9lK_nAm)8+`#b#tWBpeNPx6w|2r@yT@=xhgxGzOg%xN;cI zmG@Zf;3b;%$T#F3o{BCTb(0C{#+?05{KP~~S8OnwcwyKT+*29pUw@>OlOW4c3JRWD z?eaT-cM3yS+z;!c9UA$J$4ru)+U+wFjA5Kwm!^>(n3{St;%sWrE~Gd;qbvpI6#!Ogw<9L? z4`q;176L2;96|vNs>#tQO29clplk;?DxBL$dBIOYbF^jY(s>Qk?fO{wI3UO14xtWv z48VD@$HSdh$gZo@WG2~0P){wn~l6g#ye-|u5-T3&) zFCSbMyGO|7WXfj5-A1m|rR1BQh>71b?v*`A!mfO+6ytV3{p*QZJsTV71@%cJh~u2H zc+Tl~lA!!%+#>eS_nhItXHzxegzzbH%{x~u5I~E0ht4A3lQZ699IV@NG17oy zPKi`rb$7NDaT3cB8bG$u8@*-hczv`b3%L4|+xe>lbFR-=l*xb!b!1K6`y@_OR)A?7 zQt&a&_`7bxbN;CtU_(ir2qQUIL$kUR!inSjO>TZiz242ujfVk5kMVIYR7FJZ#o6ie zSC`MbJ6`|qj`Oo3$!td(&Mj*t3h|B91M!&aB~K%C!>Qc1w~=6@a^dwz*tU!c?1ub!P< zoxOf_iC+JJPG0>J{dD%~*)}3HnMj@Ueat27a>Ayt|9Y9uYdX)Cx;erMaWqb)wm)Vw z!Xvo|?5wRg3LH3S)%KgpaJ;{)@yU;xwMeE9{y=nqbLYGF(eL;B2YY+)-+sSe{_mi_ zv-_99-u~fE|L}0IxBHj=VE^D?@E6oy#{ic-sbs-_>EF4p^5DLb$GVz!16_ zR4x!ukmO3xwhOf#4oPw&RkmS4C-)qLt_toB#A7c%3eqkT53P=^}Gv?sU;8jljC) zbj=VPsqADY2F9rW=A~p}+pqyR2&FvCA!}5g9935XpwFCTo6Bp;?eGX`rOKI=X6$p5 z2rsH67EgR?v)2kKpiD>Xe{yPbG5w2{}S}G3SCLDVN%#RNjz%WNZ2LI3GS3 zmlxzJlJqP(l(mE>8*tH9K>Y-{*JSP@_lMW7UF53G%SBru6$x^`Ke=$_zyHVWbWr!x zCk6C}4_)mIvaAPLB?f(+li*p(X*9l+OC}9zG(J-)F4gPj%A(97&tMfR)Jh;<5$_DOt9#s#rirJLfPor$%QX7P> z2%l<%cfY2&Trhign7C}tJY2zpXb8?rci36{8<7D*{WQ$*?MZM(HabIX5&Ri$N9v#$jd+EWi3qD#Q}94 zrin_y+i$hSmJB0>gAK#IbM9){^^ah&Zk35norri- zn@qNlrnv%z715l}v#0+;oeuhlA{t2n3Jv;2Hmw<2#1gbcrg1X2rnplsiegTqWQ1HC z$6j$UW|fZ6Hvm*d4wde#{k^=;Y+jT3HriD8agL5_h@lM8rrO|Ov(xozx1&nO*2;p) zcj0(;iB45^DU7h5?x4<>NJX3f6UeB_FTOr9lG~#C+u9KatL^t7DX(uMEXd9O<2S-w zhW~fj2v^rty7jE;^KEzE*~_;zle#;Ls$o#K+~ry`r&5>q%$VBlXrGN98aA%4f*=;| zS6?tewAg~yw);Gc@~?VYgYIwXQtMOwt$k^k=Ks0vyiHFF`+p(n^=(c7me~LI5Bhs0 z`~P5PfB(_`{}9h-v;SMswX9op+83dbH56!3ZUfrgBo_?nC=)=(Asgbbu$Ido?KbR! z3rcmZV!%GE-$u6cPHi}U%4>V371Kdu%Qg?uy{xB)RvU#5kHcBaDcnHI{Cv!P!hi~% zf?Llp4aOw#+Ra%E_guZay~4~1GMy2A%BC^q1i613csqk`->u3g&2->(vIaq9K(6Yt zHyaE|f(LF9txaXCM$OyeDk8}Z6*)<*#ReI>314%R*b0S1b1ewwe$T54gF1Fy4)k0RPMG>Rl zd>(?W@AyCO+;QEmvzE>35o-^<#b11Xa*FcMV(nHHA7Xz6esg!RNOhPd6UOPEDx~Ww zC|p#1eW*OWc-9tyJ`YyF-`zsP^fP< zu1m7_T6>@2-kYZHw*{c36qIoeHir%9?ji`E5$>rdO!*dp!+6q8M7=FBwgRKwF4s_beSFng;J2CSxT*R>&UMU!uFz2A zwD)-@z9mepEV!*&x(#=iv;iR!R6LVBJj<@P`>p4kpc_0_(erhL=9hTgdejU9`t%76iH{+0wrm+^yw7@oKYbf0u|Oxg#$@&$i`0u#F?9>QQd4jecIA~rM4Pj z!CF{<7G~TJTeDyK-T(Yo=jkv1{pnv%KYiMC(N+OH=p#zlB}9cn)~Wo`jplQn|Ft>) zwL^;B<^Xuf{m-4lorCiE@803TNJSInKQI#W(J}IJunH8U`!9JE6yr2?Z3m||HFAQ} zb+g)xqb>5sij8uXi2*|O19ma;J!bh6>f0r#Gw3q`IpvKCGY znx&CN^(6uZ0?A$Y%2R!e*pw!f*X~ICLw4yRm#5K*_*oEc{?;G5HU1sV9%J(F`kr)r zUl-(!f8uF)2Z^G^{;%T5-tzAEUzYFxyE}V_<@?`*z5e6={}9hZ?*Gu&)r7NjJW+DK z66;eF6Ih4hR<6KV2C>2-mQBJk9uif~bL?$pbB042fKL5fcF^xj)?DT^c_E>1)_Stz zka*B!w$Z>hb>kt%$;3-omL0F(cVQ#qB+34G1(zY+5hY;&RaDV#zwhP>Zw11^eL*-_ z0m4BBVFeVu{7rb&Y+9<2*u%=)ersl=ih@pYo0cSXVWNj*dG8=>xX!as?hSR3R=m2% z)b!8`svhByw zAXT$THi{a{P?~QHWmLfplHVDP;Hpa%3$`2~H|=WuYzx=P_q{XmvyR+o?@yZmqsHmc zF>>EU=O>q!Z(mhvRoVJ2EpjWkqvtkvdaNxvg_rKT zYMS6zEYb0Q$&5rgbs#5pUbJn*!k~~~aEc-Mh)x-z61vXK+iM*Su@e0q`4B#TEnxqU zauCMtfbKd;i3+eN;Y!eYqObQh^1*i%`E?=JU^kl=U0%HHfXApQgmKtvkF0(Z!lyJ+yF;;^1dnZlvu$#yzxbe)b=87_*{HhJK^`~MsMBK0 zf6MN2NCP@1BC)}-27HX%|5e&+>@gqLG*mO{Qs>2yRJSDe8`1kl$p5*evgNt6AT7XE zIfAP8pqgL3#WqKjdg(la0O#lo$UU2(OOW-^D@dNQ6_A({A15R@Qdv$5bgt}N=V=(K zTEZLwbrvkfI4@pWl9|}wxGD$R&EIx9O>4Hzk}W`GiO|-2xr6{biPQ4Ru<1mHU9uN| zjiYYCLPSUCnnuByK<*UB`CUNEhGfHVjBp&wnJv8aAkKNQ;R123(pI^h{1$4n?Wu67 zSmU%n+4@WTb>m^V5iTc;E&FD&)o=&Mu}l?5B}^4S`H0ep{$XxqtI)j=ysHFG0h;x3 z0W!m3s`93qv_&F|R4f)O^$LGj`+_ei{!12l4Lr-2y8h~0#(ML2VZJwO&D&MJP+#sr z*hIx@p2VRx5Gm9YO+&6;PZpNzP3gB^WUE8e3Yt}x>gVQJkCXCM^G~HM7!Q&y8jT?f zqk7HBjLP@Dm=lwdghnHV{sWD07!I+2EtJy_WTVRh;4hM&X2#WIHFZX1AVHoAo8N|8 z&dNS5oABWZkJ~5{y{F0nCRRCJYU0Yj#6pR%f#@l}FqKMvXLqze2*~btxc}Y3fxk~i z{o%;p+ZpbT4tMwc!`(suaCq47_cVasm~Fh+8+2dn?V)T)MgN=M{(B4DZ@%qpz4P>6 z|7HK#h3_Zb|AV`KzU%($Tm3D6(RtdDHNI_CZu2(_R|W0F(8gNhHNpFyK>RJHV(^Vqs_ph&VYv%aTjkM}JjTtEpD^VmXh% z-5q@rroZZ6`rA2^Y}S0!zsl!R=hkVI)n;}O<$>f4`9&i{-ctd>w=QYMZr7ImWVL%| zQQ{$Z1){dv{AznFeW;6kF@$-$o(B$-!RvyXg){wc6oFNn$l3+hV)dx$^8zxD-^i z$Drf`Qbf9%#{|K7cJTtra>ihMf6sL*t`a7fk!-b^MQB?!SO30S**U)A9S@lw7rVVH za;Wc4)9tZUOha zdU1&a9Y-W^WCc2+z7)J5b+Ft{bskKO7`wW2K}LC|D7!bwsUYKTD(9`Ik=)zJCbVle zvwU)8+b>nqavLBb$(0wYr3UrI@M&w{i?x>py&5kS#i}M){6yxc(6n1dgde6-O;JbT zT(bFA)s_@51|dvB(Z&9hxE-6lebKJ}@U)Qsbu7qxJOAC2GJi?_?;kv#|31j`@bbSU z%!>p^0p@|uKU>FuH1U~|dAQ@+;Kr&_H5Tb&&+kef){X<7&u0CXy6qIc=*}!pKjTAx zbZj_fC3dOW;VRpgd@Ve^du9@?YjU}3Lr_CCV|!sK~dP&-}qa(yXbXIAhQq z&TA^^hzQx()%`V7>a@vLvH7bqqa-=9YI@GBSY8b;%@vQTsdGv=I1N~q&iuTh5VzKJ z->Hdc+^Goa_48O8)wM8_vZ2BpE~sK=5!Lo*=1+;(g{iA8pHE(~hMBj*v{k07w#h7Q zWH|@TBFBKDxb&i!cA8G7X#yEMK>(HFr$0g1IMOnlGeX0~G!OHn|~{9=Ix+@u)R zco9RfqNSI)iSw4A0K7zRa0FTQL&jpnW`rZvm`SUx4D{OdacVO3XK)G{`2^AA3536# z!=0Sa7(|S2&k4S^b8&AQ{a4VMJzhEtu>y~K2_i>=&I zC6zxVnaVktk^~1h!5VdXW|}qoIt;Iaog!GvXe*}v^({^}mIN*DppRhV{wJP>wfs^o z;6;qIW4gR6lV6=#ck+uM>*Q3ca-A<$#(jL6pBD1JB8=OM|4Zfn!~UR@|Ml>2XZKP5 ze~9P7{Xd_-kL4yHx12~D$l+Q)$Q+H^ip`w5c@Z578R`NXGW)hH`Fch;rvZ`Nk*AT5 z4tC*BI=xIsBl;e>-KNxKr<_QMQl04nm=b1l@`ts^GMwk2tKD?j0JKn7ur7hGVD}s0 z76+pKHWJuJ#7P`tpCI>J7rDQ>w;vSF5I0K0aE|^+aVY0Cka7wP){~+Qv<~GH*@uK& zWC0%pn-cp}Cbt?YvsFl^R3Abl6DrV_M%A-dm$EFJgv7+}c+T0#+yzmMWFajq+|&Gk z1Mm((Dl2ecY}tPuPLu4>OlpGUS}m#+)@5(A^+#md2gu$ zEW7`Ia9Ga&(m#02|Nbz~XUzX@=n76oiAZ{|QzJI~o%jhFVr><~XiR4$LNO;0nEq-) z1ku0L4ljAy5DV&~geW%~DXm8=K~thlU}n3fvK z`>=$D!-MAOtKypkG@afOaNXM4ARp}SHqT%M^blL;I?G7h>lY}czjrqh_x1~v(mz~* z#NV$1_)Zb`{+qdfE3(pN zlLdAYLw*HQiE*gD)bWk#+|G(+kgK&)sf#LoN^+HX_U9r8?^07;^t|w*m&G1>9jh3; z%12s4V~%?*7jSdW8s6)3OYqQEg08kt!GSD-#Ict6nuX_8VKbGU%_5@tjPfX?M&@P8 zJJ`fV+WI{ei9USJkl)ervwwYqd5}Bct1x^3!M8LTv7@>RKsq3eVIB!5q&LMh%0Iv) zZkW-legUVI>9Aus<#;>;M|JHY5Y8nlzaeOXXL1lT$^FY16;kuJlYZT|H+zvnD+a9P zW`TmwdS-R2K~SOT#O*kcS`O*k!@i!FxUC;)SCVp zi`szZ7%;=HHx-q+&NZ30VmjAW2IkxF9F-3Fnn36W_mQzY1Y?mRSZz4CSJru>EM)iv zR9(KjVJ1J-p5PSzUU+#-FZ~L| zqHcj?pQxF9k{ix$CPZ72G8|KZq%tH?xnM1nTCQ0PvT_kos0;BF|E3!Id$F}LQ!-KB zOuUI2rnHTSH$IXgnD`^iFzkBhEe%5ieqJNWMWW(9l7w)5AyBVRtx+jZ)tsO%+%L+x zrG#01(IXve+6)lKQNX4d;#4zgI#CyW&sa!sRBY<)gh0f;gdrRRNX(~0778=uB~9n2 zS2bczX+G2;9x!HzohUHXr!jJVm1twm9z{CTz7xyhQ=)DqK&7lAwanMiD{|8`>}Ps2 zkmKYj@zB`_#QcOQvfoDHn#L+hrZ7h?5xGI2(I%|2Lup)J)A;*?JremXI);wyo+TvP zC}Q@e0|&D@HtY}!aUHLB~O8$3y2?&{#9n8O3D|lp{~>MmaAO255txA|qS~KU}H>?w9dHZ1Y!J zDw8OkU|m7dR%zTsGr$a~x?t^~cRh3gd?%b+tf+)8J>nBso|;WnF{-Ce^HdQNUmdIJ zAv{qZo)j3f0x0iTjx7goscco<(=(}KGlT5t7`ZOWV&-YaS9+cES<838b#3>7?C?Z4 zthWfO{Gg9KJ^cKnMbUtvte=$pR~AyzgoeT!ljJ8d|ADiq+%hu(MbegwywbjENe7iH z2bFH2&ccqNgzWk!OLqYosCEnsdsox*3?~>A*^sg8G)C@B%0@;FYH^~SwX5g5;{~!w zD_)<~ku5J9qpkHBWLG;LM@Ak-@~xEqh=vDy0r9QiF#5K$icj+g^72g(*nX!jW?)SO z{eZ6 zjTZy$mEvaULQ<-XO-*EQ6>+^D5K9qVSA_RwSZcXSF*uZ`h3(ShUnV>o$yUg2 z2uE9Tr#cDa2}XlXNBw-2P6?+z8g$TB8pqXAA9a}YU)`oP1LcKJX=Nv9szAo%{e|+w zJqg1XGy(IY`|jOa3l|X2^rMu^MZ(d3+s5s

BqWyo9yBJ|ZzmN28FG7}}z7O1!*E zr}fY@DE*ev!n36H^7aWlAqR6OMYf0c0Cn_6>OWf<+LYIFO8eDWeKNUn+Viv@; zD#mA#ykJ}9NxGo|Zr}?<6P<-Z$#X_b&=ZfQgrB(%d zPz|koZfnAdTJ%!s*35opJe(OR&b40Nudr3RglG4*)gWfs*>W|=jWSkQqVS5-Ty3XV zpupWU2dP`nQdXH|O;&h9@ze4sC^y=ogHg=MjIvZzbth~q;iAoAS0$G%_RqF@SETM` z#BD}fqT}__a8+0MO7d%d=}#N~59M5QZ}I;IJBK?J|Br*cNB@t9cs^JD2Rr`ir6Mo{ zF`sG~tENC-7RUn+W$Af*Qhyq2703h2FTN2|>MFNF=??%S9Q;|0dxej-xT_;bmrwL` z!01Y~LX_Xa*W<;N79NrV)2!CgpSH*!;0RDCQjYvedoGm`$fyTO4F%_ ztZ_7tTz#ES3;v%6SGb@1A3OW|gX;Z{$NY~E@_YvV9|eSGhaT!oDLX;R{H|icCpZ>L zNfSPcvuK6-hfr5QqGZvX%bK_#s2CWeX4j}_*GP+>_tm@$Lvqn3j^o9F@v0qGRmzHc z$;@b2gh!aq&5N!415ZIe9&HI)gOSm5 zAo9Rz=B3W&pmALRA{^c0C|b3$uaxm1Bav(^8dA#x1EG&P2oZExRXElAN+_N$TU=?e z|ErV5`-}gw-!JF?8yp@!>VFUOJox^vf;rPjBwXFX1Q($(Npde3ZHaAWUWy{MQF%-f zy`mS}+f349{TAwU&C8bY5*j+THeqhOzUyIz{;t^bX!Ztk6VQ;nj~P#pH%9d;8^h#3-UvyD(sEjasr}qAGUJd*jk>yr>VpiQU{zK>eT4R z@H0Q_Y;2{$RX52caX1XqySkder8BqC-6Zp#RlinRVwHw->#`h;cD}J@&~uCD5cNka zu%jifhri1Yn$ zLV9{!qa{JO2J}=pz&y>*v9?ZGG@|2|INmn*B1Viu22&cLm=)saZzJ+v;>iSiF;Pp= zmLLRe48GevJm@T!D0~g@m4-IMtAg0=`2f=t$8hGnDpRXApAigGEXjbiWs*E;24!k^ z-(x|}B^Lp;t7Gr)nVO=t5jLfXYS^_Cq`22Kf_+t^$jvpDk4Q}L&i;X%vadsXd3^5r zw9x-wj+*H6c7?X@XM8_Yr4d2&@~A7cuFK z5Ow)0JYJA5@q)2r5l^md%|0`OSk<{D)LcAtk(I)|qjOxA6DWRE&VoPCC_rwPzk3&a zyZKRZ*CSV@zkGXg@#^f=KaS8vK6(_8g!l;w(3aG}tW@!zJ{`$7vdpJXoo%FL%t*!R zR*}NN&x5mQ9L^CZa+oC2w>aR|LsooH9-#uxNlxg>LQ8G!5bbMVKEh3S->6F#Lv zsG4q#;Chvb(UHCh4DcZ=L^?IbXt+kg!jRoq$)7>@P_9OGu;gRN64X^*R$wfB&wnjn zfH}sB>YK1rHJ7!tO^}gZ5+P?EBypVkilR+C8o^4s)W|QW?UpgwOioeDBY#LS+O-7a z-cuyCYRkVW0~_f!;PQ{cIG4<4i$w%YF^w!zHFE{KZAbA%%QFC&iPq~h3fvq$#jC;9 zA?CJ($|tvksYL(k92v;>!# z{iEY-&brl<;hBPHdwA%YwpS&*@EWF|mQGBiT0+sNIWsvURnZ9+NMF7e@Wq z1dde6dFGv7z?X6M8Q0Q{1((Xv*g^d&S|A^EUKITu^}m`)so>h&^!2eI+i;&-1-Aeu zrlHK)Rt1;$Fvu1|tm6jtN!aTgrweUE1{))SUIG7xoQf8F+30PqY@{;}{S4A%Ug2Cv zyVSI4OQ0jhEg{oGKNNl!V)KejwuNigb1*2$H+86qsPxA&zxB`??it=nq7UwteD zjslKXF$OF<{~hd<QV{+y(6F zGq8=NV0Viyq#1}7#gt1FNzkIo>&EwPJSyBI+Voq@|TyxdZnOqx~4Qaf^^l@%J)#tX)h2Gx;UpWH&PHSNgl*SMKmZKV43()!EQ z*TwZO)FFT*k*48POH^C^LRI4OEH$ddg@Vnhv8Iu(oZ>ZW#{~$AqX8goLb*-6zzV_D zX~;DPlfbu2Fw~rNtlJ1-FkMCRTFnsUgBN@FK#m3O<63K>=0G%`%lbvtOno)wTM%Jh z>mJZl2h(DV{ks@)+U$U9v*oN&7-$3cEsQy)*_!rlW5{XQ%$m(OW)LgP`z=j4O|9I~ zfMc5d!p%1}J6&as6@y;amXcD?%yU?+R?r!o17p? z3zJ;VmX;agbjcP(ugZ4?NxE5D!8KaoG$4<*x3?AL93 z(}P%H-fwGrYiQ-Jwm04E7jAoNZJ}wBpzqT{vt~V~aSY4MG}eN;g_-7FO`?lblCO7a z?rs+~Q+EG$(a&w*S@NuE|AX`@D+U5t=KpoDSMmSa9qc^X{~qG`jP}3z<^O)Me#2iO z|Ig<)`@taZ)$13hR}MpZ);zw zZR4)iC1~^uw=K0cVl<0x_i4hopXGID%Y|B3U%5Y5y%_z~&1QQOVa5&b%a7}}&x-b+ zn2BV}$!bQRCH`N7!;1Z9clYuB-@`ng&;E0+Na;R|Ko*sLF_xelrew-f9giUU9Se zjMkKDv0BVFtNGR9&3bLk+E`PFnJN@T^NPlhHIXY(p*@RkDYB=rBh++Jo{t5{Ue%zm zkT_e-!2OyR7LV*pGBn&yd=7|D1Ck}5ClWBZBkE+q8qP&~UX|EVK|GV;xR8YBn#{Xw z)HUB0?Q4+Aqi$1!R6-K+A<3W(Ak7PnG}LAbD>3oLO=a;2isE!hiD}5GTwBWO$0AQf zDFJ!kqL$9dV;dWav;Ns^P0M%C)hrRq+p{)0g(#KFv=ujOB+zmv%N=IxHDwd_cB?$6 z7A*BPq)u@-3-sy6K2~jb&88}Ah$~Xe?Tl6n8oHz9%ATw*+k9n=9Tkyq#VKeIEAP=5 zvR?I|^@#3;d*nrb&JIMEa}bb~t4nhM-6DI9#TAh;-xZ3%rWciL4y<3mf+F4{99qtN^T$8!*Vklc`2vUz>PX8o%G9L zPJ#gyw()T#RAnZ_tOMSFGq zrm&jvslJUnYG$g@FVf_sc083l-Y8;f^sO-s78$*9-lLASHYuce+i#v`RmYyQ#i&== z$+J@!l>$)04=p|s2BSjBbB2LqozhFo4CwF2Xt395JrlKJ#~tXuwmr+(W$!$OsTa4e ztrcXhj@k>|2H8t?ptE$|a_=ZZyIB07qo(fd6>H^C`z$V2U-Yx0{%>zft*rn{^#8rX z-Ln3_yLa$-|L;Mb&*%T8)nQo%6#XHo>iSA{hw`wnPgykT_a$@LDvNxsNdOM7+$LQ= zb7s&YQn%mNVsb-ogZ1_{$a-rd@-<0%Dvxw6Zt8|mO&wjD1{7PHy%}Y_k>hGYlqjNe zWg4hWdPb8hQjcJcr(xl?W3KEq*i&+`qS2mG->*Pp5<&Xkpx6GIB}~!s{#7wOHVsUG z6I|a#v)@Atxjx^jbc*WCI#y7amQ#7Pp+DVCj;a&bxNmTpG6id|WgSyJ$+PMx}MsEe_8V%@W-k-j^Ga6G zD-;=%W*=KQTQuVGSx>vFFk34d%9!WCIwv4uh_8b=g-% z6lov5i{3@X8}S?QE~?RVRObqEIdd8VUZ=s)t7rjG%|H1@JgKs^EQv7=0`#QYm12=p zw~jYuam@uJ6gUbzsfFdFkovcBgV;{Wy~e=e}8|!UzGm` z2mQlG`Ts$l4RnqZ$zufMnuiIO8%BhNDGedXc8vXNJSM_(Hqh0C3MA4vW;_u{Oh_1l zw+fo##GlY;yp1>saYAQ$!^_{}C~!7VM8?X$c}p1;v>z$@e>xs|9ffnmBB&`rLNVbe zq!IBP@7d+AmvVb@Hqa?hD0*{xi2}-n#=@wM~ROQx~&^#6A@&>PGtO9eW6_FOn#%-Qe6PaKa11ou=q z&VF~inebUaWZQH)Mk5vmggbOP?tQTqhNks@@%-f3%je!SSVJF6?tdNhcMePIe}89Z z|8f04#Iu3Er%8mT)U1XVbjYQ=aVp8daZb=LKay}-eEqL2lO$j65}uf-^!N#jsV{n= zD*CG?s0~@B1D5MCXK5^1iXt);vN841kR&&RL>VBep656l8|doAU!Pq#&Tqf{CS_tL zATfyo68V&9xm)gvN4h=Op|uh82<>?9z4yjnh6$Q5K0iXtr$@aWCu1rSKJN~^fce*i zdzAHts(;nJ>=OF*StM9U961V<^*={xECtQ17=VXk`o?rW8#vcA3XYIe!Rh!Vj-4q< zuoQnK8f`K)PIP3~EgWB@r1Y%NOgi8-6mfCz*Qr5JN0nvgIiT%el?^(V;3 zkrcV$xB)I!%t**$6p)ppF*hNd{eW5PYhDH36!1K6j2`6(R|9LFMW z?OMO_0y66wl~2NIjIuHsI%FOniz%M58!OknksDis8!!I-BA#xnL~G zY1S+SNnXi3CPzqs+T|b=5aDwQy4MkU2I~Zw;+9fLWusEh3Yjl;F9#v=9#7+t9HDG= zIgYgomvnWJl?3dm_T_4@Th;{Gi^ep1?>Gq_FKbq{li;!4%)lEQc!O?0h7?ELLBGon zb{!{9!|ykSKYg;8ExOA_oX_j^_?SG$G0gu^3XLM2B-E4A7BkL{eo2zU~KY z$QGdJc#ad0VQQg!sE!0Hs8M5q;}<$YbC#kTmWBZe={1pG1R;pLPdG+28ZkaqEJE!I z!k#2`SSV@xBtkS2366ZC8yk`%XCos^o8mSKjK4@P8xsEwv%i6?=|}cVI2%X}T|)$X zSFWpb$@N7-BA?_dOCJO;#gjQbRpq77YufT`BuG3ujz}2CV{#f|A(qkRKPF5lgG&xz zg5Iz&of34Z8bZ+0HaZ&_+HkA#n8S9dxV7B$Xf!TB>~>wp z!M;y~c*z2?4BQhaiKZ;b9gZ8}E_8H3aPXGXguI3c5cJQbon6vD$qGGu_YdkgQlVMa z?zy(|4fBZ%3N4wPbRjt#(ovJXQJ4;e*9~MLwuFEU1Q-CIH$V-uy3J_zdBKk;CtHwA zmWh(IHRHQ?Jwuqihn z*~JQD?)`{{2YV#)vn!jQJ~@R!2XUB>*z-JXW+c(!|kg_fQ zz}fW3dWkfm!QpIF{IURDW_HwwwV}8Y1)=_iVfk#L*yS~uFYNK!vP`$_P~W%89UDJ= z0{l4}_OS(^wX~v&i+|Z_LT~H?OufKfy}o*W=_T)zf=+ga1LA)FVULLWgIgRDw~cwb z%rWrJ$Hg!=XCujxMvVJ%=VT%~!q*qW;S56ZEEu#5DdF;AC@lQ%cTUz4F9c-F~{;O=FWSwt5VQ{ilN8ZPbC&+5%cymkY zg?BN|aLAwjO^mpi4tN1 zIvNp}mJz{8%4JhQK;Z0E4Ru#ZP|%88hg#$Xn?}}^9s#0>AmK2H;^h zM?;oORHYpl->yNv)sUQ8Wvqko7u(#awyCTuh(+PNocS9(S8}l20VX7~6UA}oidXpu$4>`BJfr&rE4v?nG~Wr&_6Xe3z|j^>C8krL6qOC_W0b)*SZ z_$0!dGRYt$&(<@gjV^ZWfDs|PH!RDnM;y)NMCM@RqX0djwAk#SsYN5f7K`96B17*b zoQw!JjOrIQ8c{GhLa~7Psnl#>&K578+0L)C-Cw74tR}d(k^R|C1?l=&5Yf@gM1P9L zYVyn&5{72Gnp%DqWR!*|q|r54Pyc56mVJ7*5j#l}#wiX(j}yVd8R<&!cHrOLZp=i| z%|TH!-TS-UVw=&_Rv3nC+*4&pSB?bw?9O(&3DbY>_Wlmrns&Z)EDz29@L4?ntK7!+ z(D$6-z-LqCV3ZI(MXq`0su_ZbHSfT!Q_gvhamnP7NQZ(36mtpzhje!VN~1u##Gl02 zpAZAcHZr%DcDz2?k_BA-$?g2rk<>TEb0B2Nzk!N?L6G-8iGhLmY#N7DDdA@G(M@>H zKXn6am|)-;ag@R?dVPUTU%z^Gc6Ijp)g^lU13G#2 zPxRB-t7qGYP-PT+FPX290MaQ42cC0DNTG9MEK_D(>Z1@x;}nkx8nYSU5gg(ZKBYqK twm1r$kWOi$d1_@i-WPjZ{rEgSkI&=t_^j#qzX1RM|Np0Nxe)*i1OO&m!m$7V literal 0 HcmV?d00001 diff --git a/charts/wordpress copie original/wordpress/curl b/charts/wordpress copie original/wordpress/curl new file mode 100644 index 0000000..e69de29 diff --git a/charts/wordpress copie original/wordpress/index.yaml b/charts/wordpress copie original/wordpress/index.yaml new file mode 100644 index 0000000..73be1d0 --- /dev/null +++ b/charts/wordpress copie original/wordpress/index.yaml @@ -0,0 +1,161 @@ +apiVersion: v1 +entries: + common: + - annotations: + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.19.0 + created: "2024-04-15T08:17:31.201694+02:00" + description: A Library Helm Chart for grouping common logic between bitnami charts. + This chart is not deployable by itself. + digest: 89e4008ba84ebc4b1838b7266bd991958f57eedb841e9268726de971dc78cfd1 + home: https://bitnami.com + icon: https://bitnami.com/downloads/logos/bitnami-mark.png + keywords: + - common + - helper + - template + - function + - bitnami + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: common + sources: + - https://github.com/bitnami/charts + type: library + urls: + - charts/common-2.19.0.tgz + version: 2.19.0 + mariadb: + - annotations: + category: Database + images: | + - name: mariadb + image: docker.io/bitnami/mariadb:11.2.3-debian-12-r4 + - name: mysqld-exporter + image: docker.io/bitnami/mysqld-exporter:0.15.1-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 11.2.3 + created: "2024-04-15T08:17:31.2084884+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: MariaDB is an open source, community-developed SQL database server + that is widely in use around the world due to its enterprise features, flexibility, + and collaboration with leading tech firms. + digest: 68baeb5bed0d05469e805fff6745b68ddd77a585033a0d03fcc90ab108677529 + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png + keywords: + - mariadb + - mysql + - database + - sql + - prometheus + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mariadb + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mariadb + urls: + - charts/mariadb-16.5.0.tgz + version: 16.5.0 + memcached: + - annotations: + category: Infrastructure + images: | + - name: memcached + image: docker.io/bitnami/memcached:1.6.24-debian-12-r0 + - name: memcached-exporter + image: docker.io/bitnami/memcached-exporter:0.14.2-debian-12-r10 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 1.6.24 + created: "2024-04-15T08:17:31.213548+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: Memcached is an high-performance, distributed memory object caching + system, generic in nature, but intended for use in speeding up dynamic web applications + by alleviating database load. + digest: 729aa0fc402dcc3eb493028ef124a744f907b8dba997519bb7dea588703a3c5f + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/memcached/img/memcached-stack-220x234.png + keywords: + - memcached + - cache + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: memcached + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/memcached + urls: + - charts/memcached-6.14.0.tgz + version: 6.14.0 + wordpress: + - annotations: + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.4.3 + created: "2024-04-15T08:17:31.201694+02:00" + dependencies: + - condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 13bb5d3f211ed22015c505a6d6508eabdf6f7bcb1e45f462362b0c5c870ffebf + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - wordpress-20.1.2.tgz + version: 20.1.2 +generated: "2024-04-15T08:17:31.1874317+02:00" diff --git a/charts/wordpress copie original/wordpress/templates/NOTES.txt b/charts/wordpress copie original/wordpress/templates/NOTES.txt new file mode 100644 index 0000000..722c965 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/NOTES.txt @@ -0,0 +1,96 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +** Please be patient while the chart is being deployed ** + +{{- if .Values.diagnosticMode.enabled }} +The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: + + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} + +Get the list of pods by executing: + + kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +Access the pod you want to debug by executing + + kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash + +In order to replicate the container startup scripts execute this command: + + /opt/bitnami/scripts/wordpress/entrypoint.sh /opt/bitnami/scripts/apache/run.sh + +{{- else }} + +Your WordPress site can be accessed through the following DNS name from within your cluster: + + {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.service.ports.http }}) + +To access your WordPress site from outside the cluster follow the steps below: + +{{- if .Values.ingress.enabled }} + +1. Get the WordPress URL and associate WordPress hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "WordPress URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/" + echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.service.ports.http | toString }} + +1. Get the WordPress URL by running these commands: + +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "WordPress URL: http://$NODE_IP:$NODE_PORT/" + echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin" + +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "common.names.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "WordPress URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/" + echo "WordPress Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/admin" + +{{- else if contains "ClusterIP" .Values.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "common.names.fullname" . }} {{ .Values.service.ports.http }}:{{ .Values.service.ports.http }} & + echo "WordPress URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//" + echo "WordPress Admin URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//admin" + +{{- end }} +{{- end }} + +2. Open a browser and access WordPress using the obtained URL. + +3. Login with the following credentials below to see your blog: + + echo Username: {{ .Values.wordpressUsername }} + echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath="{.data.wordpress-password}" | base64 -d) + +{{- if .Values.metrics.enabled }} + +You can access Apache Prometheus metrics following the steps below: + +1. Get the Apache Prometheus metrics URL by running: + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ .Values.metrics.service.ports.metrics }}:{{ .Values.metrics.service.ports.metrics }} & + echo "Apache Prometheus metrics URL: http://127.0.0.1:{{ .Values.metrics.service.ports.metrics }}/metrics" + +2. Open a browser and access Apache Prometheus metrics using the obtained URL. + +{{- end }} +{{- end }} + +{{- include "wordpress.validateValues" . }} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.image }} +{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} +{{- include "common.warnings.resources" (dict "sections" (list "metrics" "" "volumePermissions") "context" $) }} diff --git a/charts/wordpress copie original/wordpress/templates/_helpers.tpl b/charts/wordpress copie original/wordpress/templates/_helpers.tpl new file mode 100644 index 0000000..7483623 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/_helpers.tpl @@ -0,0 +1,286 @@ +{{/* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.mariadb.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.memcached.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}} +{{- end -}} + +{{/* +Return the proper WordPress image name +*/}} +{{- define "wordpress.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the metrics image) +*/}} +{{- define "wordpress.metrics.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "wordpress.volumePermissions.image" -}} +{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "wordpress.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}} +{{- end -}} + +{{/* + Create the name of the service account to use + */}} +{{- define "wordpress.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "wordpress.customHTAccessCM" -}} +{{- printf "%s" .Values.customHTAccessCM -}} +{{- end -}} + +{{/* +Return the WordPress configuration secret +*/}} +{{- define "wordpress.configSecretName" -}} +{{- if .Values.existingWordPressConfigurationSecret -}} + {{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}} +{{- else -}} + {{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for WordPress configuration +*/}} +{{- define "wordpress.createConfigSecret" -}} +{{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Apache configuration configmap +*/}} +{{- define "wordpress.apache.configmapName" -}} +{{- if .Values.existingApacheConfigurationConfigMap -}} + {{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}} +{{- else -}} + {{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for Apache configuration +*/}} +{{- define "wordpress.apache.createConfigmap" -}} +{{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Hostname +*/}} +{{- define "wordpress.databaseHost" -}} +{{- if .Values.mariadb.enabled }} + {{- if eq .Values.mariadb.architecture "replication" }} + {{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Port +*/}} +{{- define "wordpress.databasePort" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "3306" -}} +{{- else -}} + {{- printf "%d" (.Values.externalDatabase.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Database Name +*/}} +{{- define "wordpress.databaseName" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.database -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.database -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB User +*/}} +{{- define "wordpress.databaseUser" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.username -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.user -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Secret Name +*/}} +{{- define "wordpress.databaseSecretName" -}} +{{- if .Values.mariadb.enabled }} + {{- if .Values.mariadb.auth.existingSecret -}} + {{- printf "%s" .Values.mariadb.auth.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else if .Values.externalDatabase.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}} +{{- else -}} + {{- printf "%s-externaldb" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Hostname +*/}} +{{- define "wordpress.cacheHost" -}} +{{- if .Values.memcached.enabled }} + {{- $releaseNamespace := .Release.Namespace }} + {{- $clusterDomain := .Values.clusterDomain }} + {{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}} +{{- else -}} + {{- printf "%s" .Values.externalCache.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Port +*/}} +{{- define "wordpress.cachePort" -}} +{{- if .Values.memcached.enabled }} + {{- printf "11211" -}} +{{- else -}} + {{- printf "%d" (.Values.externalCache.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Secret Name +*/}} +{{- define "wordpress.secretName" -}} +{{- if .Values.existingSecret }} + {{- printf "%s" .Values.existingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the SMTP Secret Name +*/}} +{{- define "wordpress.smtpSecretName" -}} +{{- if .Values.smtpExistingSecret }} + {{- printf "%s" .Values.smtpExistingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message. +*/}} +{{- define "wordpress.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.database" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - Custom wp-config.php +*/}} +{{- define "wordpress.validateValues.configuration" -}} +{{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}} +wordpress: wordpressConfiguration + You are trying to use a wp-config.php file. This setup is only supported + when skipping wizard installation (--set wordpressSkipInstall=true). +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - htaccess configuration +*/}} +{{- define "wordpress.validateValues.htaccess" -}} +{{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}} +wordpress: customHTAccessCM + You are trying to use custom htaccess rules but Apache was configured + to prohibit overriding directives with htaccess files. To use this feature, + allow overriding Apache directives (--set allowOverrideNone=false). +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Database */}} +{{- define "wordpress.validateValues.database" -}} +{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}} +wordpress: database + You disable the MariaDB installation but you did not provide the required parameters + to use an external database. To use an external database, please ensure you provide + (at least) the following values: + + externalDatabase.host=DB_SERVER_HOST + externalDatabase.database=DB_NAME + externalDatabase.port=DB_SERVER_PORT +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Cache */}} +{{- define "wordpress.validateValues.cache" -}} +{{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}} +wordpress: cache + You enabled cache via W3 Total Cache without but you did not enable the Memcached + installation nor you did provided the required parameters to use an external cache server. + Please enable the Memcached installation (--set memcached.enabled=true) or + provide the external cache server values: + + externalCache.host=CACHE_SERVER_HOST + externalCache.port=CACHE_SERVER_PORT +{{- end -}} +{{- end -}} diff --git a/charts/wordpress copie original/wordpress/templates/config-secret.yaml b/charts/wordpress copie original/wordpress/templates/config-secret.yaml new file mode 100644 index 0000000..9dff348 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/config-secret.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.createConfigSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + wp-config.php: {{ .Values.wordpressConfiguration | b64enc }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/deployment.yaml b/charts/wordpress copie original/wordpress/templates/deployment.yaml new file mode 100644 index 0000000..720d8fa --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/deployment.yaml @@ -0,0 +1,389 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + {{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }} + annotations: + {{- if .Values.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if (include "wordpress.createConfigSecret" .) }} + checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }} + {{- end }} + {{- end }} + spec: + {{- include "wordpress.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + {{- if .Values.hostAliases }} + # yamllint disable rule:indentation + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + # yamllint enable rule:indentation + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName | quote }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "wordpress.serviceAccountName" .}} + {{- if .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }} + initContainers: + {{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: "{{ include "wordpress.volumePermissions.image" . }}" + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + args: + - -ec + - | + mkdir -p /bitnami/wordpress + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2) + {{- else }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} + {{- end }} + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }} + securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} + {{- else }} + securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: wordpress + image: {{ include "wordpress.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.command }} + command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.args }} + args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: ALLOW_EMPTY_PASSWORD + value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }} + - name: WORDPRESS_SKIP_BOOTSTRAP + value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }} + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + # Override the default data to persist omiting wp-config.php from the list since + # it is mounted as a read-only file from a Secret + - name: WORDPRESS_DATA_TO_PERSIST + value: "wp-content" + {{- else }} + - name: MARIADB_HOST + value: {{ include "wordpress.databaseHost" . | quote }} + - name: MARIADB_PORT_NUMBER + value: {{ include "wordpress.databasePort" . | quote }} + - name: WORDPRESS_DATABASE_NAME + value: {{ include "wordpress.databaseName" . | quote }} + - name: WORDPRESS_DATABASE_USER + value: {{ include "wordpress.databaseUser" . | quote }} + - name: WORDPRESS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.databaseSecretName" . }} + key: mariadb-password + - name: WORDPRESS_USERNAME + value: {{ .Values.wordpressUsername | quote }} + - name: WORDPRESS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.secretName" . }} + key: wordpress-password + - name: WORDPRESS_EMAIL + value: {{ .Values.wordpressEmail | quote }} + - name: WORDPRESS_FIRST_NAME + value: {{ .Values.wordpressFirstName | quote }} + - name: WORDPRESS_LAST_NAME + value: {{ .Values.wordpressLastName | quote }} + - name: WORDPRESS_HTACCESS_OVERRIDE_NONE + value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }} + - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE + value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }} + - name: WORDPRESS_BLOG_NAME + value: {{ .Values.wordpressBlogName | quote }} + - name: WORDPRESS_TABLE_PREFIX + value: {{ .Values.wordpressTablePrefix | quote }} + - name: WORDPRESS_SCHEME + value: {{ .Values.wordpressScheme | quote }} + - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT + value: {{ .Values.wordpressExtraConfigContent | quote }} + - name: WORDPRESS_PLUGINS + value: {{ join "," .Values.wordpressPlugins | quote }} + - name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS + value: {{ ternary "yes" "no" .Values.overrideDatabaseSettings | quote }} + {{- end }} + {{- if .Values.multisite.enable }} + - name: WORDPRESS_ENABLE_MULTISITE + value: "yes" + - name: WORDPRESS_MULTISITE_HOST + value: {{ .Values.multisite.host | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER + value: {{ .Values.service.ports.http | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER + value: {{ .Values.service.ports.https | quote }} + - name: WORDPRESS_MULTISITE_NETWORK_TYPE + value: {{ .Values.multisite.networkType | quote }} + - name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION + value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }} + {{- end }} + {{- if .Values.smtpHost }} + - name: SMTP_HOST + value: {{ .Values.smtpHost | quote }} + {{- end }} + {{- if .Values.smtpPort }} + - name: SMTP_PORT + value: {{ .Values.smtpPort | quote }} + {{- end }} + {{- if .Values.smtpUser }} + - name: SMTP_USER + value: {{ .Values.smtpUser | quote }} + {{- end }} + {{- if or .Values.smtpPassword .Values.smtpExistingSecret }} + - name: SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.smtpSecretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.smtpProtocol }} + - name: SMTP_PROTOCOL + value: {{ .Values.smtpProtocol | quote }} + {{- end }} + - name: APACHE_HTTP_PORT_NUMBER + value: {{ .Values.containerPorts.http | quote }} + - name: APACHE_HTTPS_PORT_NUMBER + value: {{ .Values.containerPorts.https | quote }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.containerPorts.http }} + - name: https + containerPort: {{ .Values.containerPorts.https }} + {{- if .Values.extraContainerPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- else if ne .Values.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + mountPath: /opt/bitnami/wordpress/wp-config.php + subPath: wp-config.php + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + mountPath: /opt/bitnami/apache/conf/httpd.conf + subPath: httpd.conf + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - mountPath: /opt/bitnami/apache/conf/vhosts/htaccess + name: custom-htaccess + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - mountPath: /docker-entrypoint-init.d + name: custom-postinit + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + image: {{ include "wordpress.metrics.image" . }} + imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else }} + command: + - /bin/apache_exporter + - --scrape_uri + - http://status.localhost:8080/server-status/?auto + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.containerPorts.metrics }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.metrics.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: metrics + {{- end }} + {{- end }} + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- else if ne .Values.metrics.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + secret: + secretName: {{ include "wordpress.configSecretName" . }} + defaultMode: 0644 + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + configMap: + name: {{ include "wordpress.apache.configmapName" . }} + defaultMode: 0644 + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - name: custom-htaccess + configMap: + name: {{ include "wordpress.customHTAccessCM" . }} + items: + - key: wordpress-htaccess.conf + path: wordpress-htaccess.conf + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - name: custom-postinit + configMap: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) }} + defaultMode: 0755 + {{- end }} + - name: wordpress-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/externaldb-secrets.yaml b/charts/wordpress copie original/wordpress/templates/externaldb-secrets.yaml new file mode 100644 index 0000000..ae5edb1 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/externaldb-secrets.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/extra-list.yaml b/charts/wordpress copie original/wordpress/templates/extra-list.yaml new file mode 100644 index 0000000..2d35a58 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/extra-list.yaml @@ -0,0 +1,9 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/hpa.yaml b/charts/wordpress copie original/wordpress/templates/hpa.yaml new file mode 100644 index 0000000..2426dd2 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/hpa.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.autoscaling.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "common.names.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetMemory }} + - type: Resource + resource: + name: memory + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.targetCPU }} + - type: Resource + resource: + name: cpu + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/httpd-configmap.yaml b/charts/wordpress copie original/wordpress/templates/httpd-configmap.yaml new file mode 100644 index 0000000..30a434a --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/httpd-configmap.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.apache.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + httpd.conf: |- + {{- .Values.apacheConfiguration | nindent 4 }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/ingress.yaml b/charts/wordpress copie original/wordpress/templates/ingress.yaml new file mode 100644 index 0000000..3fe25b4 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/ingress.yaml @@ -0,0 +1,62 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ tpl .Values.ingress.hostname $ | quote }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ tpl .name $ | quote }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }} + tls: + {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }} + - hosts: + - {{ tpl .Values.ingress.hostname $ | quote }} + {{- if or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" ) }} + - {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }} + {{- end }} + secretName: {{ printf "%s-tls" (tpl .Values.ingress.hostname $) }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/metrics-svc.yaml b/charts/wordpress copie original/wordpress/templates/metrics-svc.yaml new file mode 100644 index 0000000..1731ac3 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/metrics-svc.yaml @@ -0,0 +1,27 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + ports: + - name: metrics + port: {{ .Values.metrics.service.ports.metrics }} + protocol: TCP + targetPort: metrics + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/networkpolicy-backend-ingress.yaml b/charts/wordpress copie original/wordpress/templates/networkpolicy-backend-ingress.yaml new file mode 100644 index 0000000..7133256 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/networkpolicy-backend-ingress.yaml @@ -0,0 +1,30 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled .Values.networkPolicy.ingressRules.backendOnlyAccessibleByFrontend }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-backend" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- if .Values.networkPolicy.ingressRules.customBackendSelector }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customBackendSelector "context" $) | nindent 6 }} + {{- else }} + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: {{ .Release.Name }} + {{- end }} + ingress: + - from: + - podSelector: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/networkpolicy-egress.yaml b/charts/wordpress copie original/wordpress/templates/networkpolicy-egress.yaml new file mode 100644 index 0000000..9c8a442 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/networkpolicy-egress.yaml @@ -0,0 +1,35 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.egressRules.denyConnectionsToExternal .Values.networkPolicy.egressRules.customRules) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-egress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + policyTypes: + - Egress + egress: + {{- if .Values.networkPolicy.egressRules.denyConnectionsToExternal }} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - to: + - namespaceSelector: {} + {{- end }} + {{- if .Values.networkPolicy.egressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.egressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/networkpolicy-ingress.yaml b/charts/wordpress copie original/wordpress/templates/networkpolicy-ingress.yaml new file mode 100644 index 0000000..c05c1e6 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/networkpolicy-ingress.yaml @@ -0,0 +1,63 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.ingress.enabled .Values.networkPolicy.metrics.enabled .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-ingress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + ingress: + {{- if and .Values.ingress.enabled .Values.networkPolicy.ingress.enabled (or .Values.networkPolicy.ingress.namespaceSelector .Values.networkPolicy.ingress.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingress.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingress.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.metrics.enabled .Values.networkPolicy.metrics.enabled (or .Values.networkPolicy.metrics.namespaceSelector .Values.networkPolicy.metrics.podSelector) }} + - from: + {{- if .Values.networkPolicy.metrics.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.metrics.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled (or .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/pdb.yaml b/charts/wordpress copie original/wordpress/templates/pdb.yaml new file mode 100644 index 0000000..07c3777 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/pdb.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.pdb.minAvailable }} + minAvailable: {{ .Values.pdb.minAvailable }} + {{- end }} + {{- if .Values.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.pdb.maxUnavailable }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/postinit-configmap.yaml b/charts/wordpress copie original/wordpress/templates/postinit-configmap.yaml new file mode 100644 index 0000000..48f8b63 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/postinit-configmap.yaml @@ -0,0 +1,46 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if .Values.wordpressConfigureCache }} + {{- $memcachedFullname := include "wordpress.cacheHost" . }} + {{- $memcachedPort := include "wordpress.cachePort" . | int }} + 00-configure-w3-total-cache.sh: |- + #!/bin/bash + + # Add permissions to edit wp-config.php + chmod +w /bitnami/wordpress/wp-config.php + + # Activate W3 Total Cache pairs + wp plugin activate w3-total-cache + wp total-cache fix_environment + + # Choose 'Memcached' as database and object cache method + wp total-cache option set dbcache.engine memcached --type=string + wp total-cache option set objectcache.engine memcached --type=string + wp total-cache flush all + wp total-cache option set dbcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set dbcache.enabled true --type=boolean + wp total-cache option set objectcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set objectcache.enabled true --type=boolean + wp total-cache flush all + + # Revoke permissions to edit wp-config.php + chmod a-w /bitnami/wordpress/wp-config.php + {{- end }} + {{- if .Values.customPostInitScripts }} + {{- include "common.tplvalues.render" (dict "value" .Values.customPostInitScripts "context" $) | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/pvc.yaml b/charts/wordpress copie original/wordpress/templates/pvc.yaml new file mode 100644 index 0000000..9d4f62f --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/pvc.yaml @@ -0,0 +1,36 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.persistence.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- if not (empty .Values.persistence.accessModes) }} + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + {{- else }} + - {{ .Values.persistence.accessMode | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }} + {{- if .Values.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} + {{- end -}} + {{- if .Values.persistence.dataSource }} + dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/secrets.yaml b/charts/wordpress copie original/wordpress/templates/secrets.yaml new file mode 100644 index 0000000..22e6a04 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/secrets.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if not .Values.existingSecret }} + wordpress-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "wordpress-password" "providedValues" (list "wordpressPassword") "context" $) }} + {{- end }} + {{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }} + {{- if .Values.smtpPassword }} + smtp-password: {{ .Values.smtpPassword | b64enc | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/serviceaccount.yaml b/charts/wordpress copie original/wordpress/templates/serviceaccount.yaml new file mode 100644 index 0000000..0ee982a --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "wordpress.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end -}} diff --git a/charts/wordpress copie original/wordpress/templates/servicemonitor.yaml b/charts/wordpress copie original/wordpress/templates/servicemonitor.yaml new file mode 100644 index 0000000..e0aa8a9 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + {{- end }} + endpoints: + - port: metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- if .Values.metrics.serviceMonitor.relabellings }} + metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 8 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: metrics +{{- end }} diff --git a/charts/wordpress copie original/wordpress/templates/svc.yaml b/charts/wordpress copie original/wordpress/templates/svc.yaml new file mode 100644 index 0000000..b8739e1 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/svc.yaml @@ -0,0 +1,59 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.ports.http }} + protocol: TCP + targetPort: http + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + - name: https + port: {{ .Values.service.ports.https }} + protocol: TCP + targetPort: {{ .Values.service.httpsTargetPort }} + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }} + nodePort: {{ .Values.service.nodePorts.https }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/wordpress copie original/wordpress/templates/tls-secrets.yaml b/charts/wordpress copie original/wordpress/templates/tls-secrets.yaml new file mode 100644 index 0000000..728ab58 --- /dev/null +++ b/charts/wordpress copie original/wordpress/templates/tls-secrets.yaml @@ -0,0 +1,44 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +{{- if .Values.ingress.secrets }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ $.Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.ingress.hostname }} +{{- $ca := genCA "wordpress-ca" 365 }} +{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/charts/wordpress copie original/wordpress/values.schema.json b/charts/wordpress copie original/wordpress/values.schema.json new file mode 100644 index 0000000..7f62faa --- /dev/null +++ b/charts/wordpress copie original/wordpress/values.schema.json @@ -0,0 +1,862 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "wordpressUsername": { + "type": "string", + "title": "Username", + "form": true + }, + "wordpressPassword": { + "type": "string", + "title": "Password", + "form": true, + "description": "Defaults to a random 10-character alphanumeric string if not set" + }, + "wordpressEmail": { + "type": "string", + "title": "Admin email", + "form": true + }, + "wordpressBlogName": { + "type": "string", + "title": "Blog Name", + "form": true + }, + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + }, + "mariadb": { + "type": "object", + "title": "MariaDB Details", + "form": true, + "properties": { + "enabled": { + "type": "boolean", + "title": "Use a new MariaDB database hosted in the cluster", + "form": true, + "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" + }, + "primary": { + "type": "object", + "properties": { + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Volume Size", + "form": true, + "hidden": { + "value": false, + "path": "mariadb/primary/persistence/enabled" + }, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + } + } + } + } + }, + "externalDatabase": { + "type": "object", + "title": "External Database Details", + "description": "If MariaDB is disabled. Use this section to specify the external database details", + "form": true, + "properties": { + "host": { + "type": "string", + "form": true, + "title": "Database Host", + "hidden": "mariadb/enabled" + }, + "user": { + "type": "string", + "form": true, + "title": "Database Username", + "hidden": "mariadb/enabled" + }, + "password": { + "type": "string", + "form": true, + "title": "Database Password", + "hidden": "mariadb/enabled" + }, + "database": { + "type": "string", + "form": true, + "title": "Database Name", + "hidden": "mariadb/enabled" + }, + "port": { + "type": "integer", + "form": true, + "title": "Database Port", + "hidden": "mariadb/enabled" + } + } + }, + "ingress": { + "type": "object", + "form": true, + "title": "Ingress Configuration", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Use a custom hostname", + "description": "Enable the ingress resource that allows you to access the WordPress installation." + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + }, + "tls": { + "type": "boolean", + "form": true, + "title": "Create a TLS secret", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + } + } + }, + "service": { + "type": "object", + "form": true, + "title": "Service Configuration", + "properties": { + "type": { + "type": "string", + "form": true, + "title": "Service Type", + "description": "Allowed values: \"ClusterIP\", \"NodePort\" and \"LoadBalancer\"" + } + } + }, + "resources": { + "type": "object", + "title": "Required Resources", + "description": "Your service will have at least the requested resources and never more than its limits. No limit for a resource and you can consume everything left on the host machine.", + "properties": { + "requests": { + "description": "Guaranteed resources", + "type": "object", + "properties": { + "memory": { + "description": "The amount of memory guaranteed", + "title": "memory", + "type": "string", + "default": "2Gi", + "render": "slider", + "sliderMin": 1, + "sliderMax": 20, + "sliderStep": 1, + "sliderUnit": "Gi", + "sliderExtremity": "down", + "sliderExtremitySemantic": "guaranteed", + "sliderRangeId": "memory", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.memoryRequest", + "useRegionSliderConfig": "memory" + } + }, + "cpu": { + "description": "The amount of cpu guaranteed", + "title": "CPU", + "type": "string", + "default": "100m", + "render": "slider", + "sliderMin": 50, + "sliderMax": 40000, + "sliderStep": 50, + "sliderUnit": "m", + "sliderExtremity": "down", + "sliderExtremitySemantic": "guaranteed", + "sliderRangeId": "cpu", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.cpuRequest", + "useRegionSliderConfig": "cpu" + } + } + } + }, + "limits": { + "description": "max resources", + "type": "object", + "properties": { + "cpu": { + "description": "The maximum amount of cpu", + "title": "CPU", + "type": "string", + "default": "30000m", + "render": "slider", + "sliderMin": 50, + "sliderMax": 40000, + "sliderStep": 50, + "sliderUnit": "m", + "sliderExtremity": "up", + "sliderExtremitySemantic": "Maximum", + "sliderRangeId": "cpu", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.cpuLimit", + "useRegionSliderConfig": "cpu" + } + }, + "memory": { + "description": "The maximum amount of memory", + "title": "Memory", + "type": "string", + "default": "50Gi", + "render": "slider", + "sliderMin": 1, + "sliderMax": 200, + "sliderStep": 1, + "sliderUnit": "Gi", + "sliderExtremity": "up", + "sliderExtremitySemantic": "Maximum", + "sliderRangeId": "memory", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.memoryLimit", + "useRegionSliderConfig": "memory" + } + } + } + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Enable Init Containers", + "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Metrics", + "description": "Prometheus Exporter / Metrics", + "form": true + } + } + }, + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + "security": { + "description": "security specific configuration", + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password", + "default": "changeme", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{project.password}}" + } + }, + "allowlist": { + "type": "object", + "description": "IP protection", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable IP protection", + "description": "Only the configured set of IPs will be able to reach the service", + "default": true, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultIpProtection" + } + }, + "ip": { + "type": "string", + "description": "the white list of IP is whitespace", + "title": "Whitelist of IP", + "x-onyxia": { + "overwriteDefaultWith": "{{user.ip}}" + } + } + } + }, + "networkPolicy": { + "type": "object", + "description": "Define access policy to the service", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable network policy", + "description": "Only pod from the same namespace will be allowed", + "default": true, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultNetworkPolicy" + } + }, + "from": { + "type": "array", + "description": "Array of source allowed to have network access to your service", + "default": [], + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.from" + } + } + } + } + } + }, + "kubernetes": { + "description": "configuration of your kubernetes access", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "allow your service to access your namespace ressources", + "default": true + }, + "role": { + "type": "string", + "description": "bind your service account to this kubernetes default role", + "default": "view", + "hidden": { + "value": false, + "path": "kubernetes/enabled" + }, + "enum": [ + "view", + "edit", + "admin" + ] + } + } + }, + "git": { + "description": "Git user configuration", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add git config inside your environment", + "default": true + }, + "name": { + "type": "string", + "description": "user name for git", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.name}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "email": { + "type": "string", + "description": "user email for git", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.email}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "cache": { + "type": "string", + "description": "duration in seconds of the credentials cache duration", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.credentials_cache_duration}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "token": { + "type": "string", + "description": "personal access token", + "default": "", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{git.token}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "repository": { + "type": "string", + "description": "projet", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.project}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "branch": { + "type": "string", + "description": "Branch automatically checked out", + "default": "", + "hidden": { + "value": "", + "path": "git/repository" + } + } + } + }, + "vault": { + "description": "Configuration of vault client", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add vault temporary identity inside your environment", + "default": true + }, + "token": { + "description": "token vault", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "url": { + "description": "url of vault server", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_ADDR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "mount": { + "description": "mount of the v2 secret engine", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_MOUNT}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "directory": { + "description": "top level directory", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOP_DIR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "secret": { + "description": "the path of the secret to convert into a list of environment variables", + "type": "string", + "default": "", + "hidden": { + "value": false, + "path": "vault/enabled" + } + } + } + }, + "s3": { + "description": "Configuration of temporary identity", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add S3 temporary identity inside your environment", + "default": true + }, + "accessKeyId": { + "description": "AWS Access Key", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "s3.AWS_ACCESS_KEY_ID" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "endpoint": { + "description": "AWS S3 Endpoint", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_S3_ENDPOINT}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "defaultRegion": { + "description": "AWS S3 default region", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_DEFAULT_REGION}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "secretAccessKey": { + "description": "AWS S3 secret access key", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SECRET_ACCESS_KEY}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "sessionToken": { + "description": "AWS S3 session Token", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SESSION_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + } + } + }, + "ingress": { + "type": "object", + "form": true, + "title": "Ingress Details", + "properties": { + "enabled": { + "description": "Enable Ingress", + "type": "boolean", + "default": true, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.ingress" + } + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-0.{{k8s.domain}}" + } + }, + "userHostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-user.{{k8s.domain}}" + } + }, + "ingressClassName": { + "type": "string", + "form": true, + "title": "ingressClassName", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.ingressClassName}}" + } + }, + "useCertManager": { + "type": "boolean", + "description": "Whether CertManager should be used to generate a certificate", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.useCertManager" + } + }, + "certManagerClusterIssuer":{ + "type": "string", + "description": "certManager cluster issuer", + "title": "CertManager Cluster Issuer", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.certManagerClusterIssuer" + } + } + } + }, + "route": { + "type": "object", + "form": true, + "title": "Route details", + "properties": { + "enabled": { + "description": "Enable route", + "type": "boolean", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.route" + } + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-0.{{k8s.domain}}" + } + }, + "userHostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-user.{{k8s.domain}}" + } + } + } + }, + "networking": { + "type": "object", + "form": true, + "title": "Networking detail", + "properties": { + "user": { + "type": "object", + "description": "user defined port", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable a custom service port", + "description": "Enable a custom service port", + "default": false + }, + "port": { + "type": "integer", + "description": "port of the custom service", + "title": "Custom service port", + "hidden": { + "value": false, + "path": "networking/user/enabled" + }, + "default": 5000 + } + } + } + } + }, + "init": { + "description": "Init parameters", + "type": "object", + "properties": { + "regionInit": { + "type": "string", + "description": "region initialization script", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.initScriptUrl}}" + } + }, + "regionInitCheckSum": { + "type": "string", + "description": "region initialization script", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.initScriptCheckSum}}" + } + }, + "personalInit": { + "type": "string", + "description": "user initialization script", + "default": "" + }, + "personalInitArgs": { + "type": "string", + "description": "args for user initialization script", + "default": "" + } + } + }, + "repository": { + "description": "python repositories for pip and conda", + "type": "object", + "properties": { + "pipRepository": { + "type": "string", + "description": "python repository for pip", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{packageRepositoryInjection.pypiProxyUrl}}" + } + }, + "condaRepository": { + "type": "string", + "description": "python repository for pip", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{packageRepositoryInjection.condaProxyUrl}}" + } + } + } + }, + "startupProbe": { + "type": "object", + "description": "Start up probe", + "default": {}, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.startupProbe" + } + }, + "tolerations": { + "type": "array", + "description": "Array of tolerations", + "default": [], + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.tolerations" + } + }, + "nodeSelector": { + "type": "object", + "description": "NodeSelector", + "default": {}, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.nodeSelector" + } + }, + "userPreferences": { + "description": "User Preferences", + "type": "object", + "properties": { + "darkMode": { + "type": "boolean", + "description": "dark mode is or is not enabled", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "user.darkMode" + } + }, + "language": { + "type": "string", + "description": "Preferred language", + "default": "en", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "user.lang" + } + } + } + }, + "global": { + "description": "Suspend", + "type": "object", + "properties": { + "suspend": { + "type": "boolean", + "description": "Suspend this service", + "default": false, + "x-onyxia": { + "hidden": true + } + } + } + } + } +} + + + + + + + + + diff --git a/charts/wordpress copie original/wordpress/values.schema.json.original b/charts/wordpress copie original/wordpress/values.schema.json.original new file mode 100644 index 0000000..0e2466a --- /dev/null +++ b/charts/wordpress copie original/wordpress/values.schema.json.original @@ -0,0 +1,212 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "wordpressUsername": { + "type": "string", + "title": "Username", + "form": true + }, + "wordpressPassword": { + "type": "string", + "title": "Password", + "form": true, + "description": "Defaults to a random 10-character alphanumeric string if not set" + }, + "wordpressEmail": { + "type": "string", + "title": "Admin email", + "form": true + }, + "wordpressBlogName": { + "type": "string", + "title": "Blog Name", + "form": true + }, + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + }, + "mariadb": { + "type": "object", + "title": "MariaDB Details", + "form": true, + "properties": { + "enabled": { + "type": "boolean", + "title": "Use a new MariaDB database hosted in the cluster", + "form": true, + "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" + }, + "primary": { + "type": "object", + "properties": { + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Volume Size", + "form": true, + "hidden": { + "value": false, + "path": "mariadb/enabled" + }, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + } + } + } + } + }, + "externalDatabase": { + "type": "object", + "title": "External Database Details", + "description": "If MariaDB is disabled. Use this section to specify the external database details", + "form": true, + "properties": { + "host": { + "type": "string", + "form": true, + "title": "Database Host", + "hidden": "mariadb/enabled" + }, + "user": { + "type": "string", + "form": true, + "title": "Database Username", + "hidden": "mariadb/enabled" + }, + "password": { + "type": "string", + "form": true, + "title": "Database Password", + "hidden": "mariadb/enabled" + }, + "database": { + "type": "string", + "form": true, + "title": "Database Name", + "hidden": "mariadb/enabled" + }, + "port": { + "type": "integer", + "form": true, + "title": "Database Port", + "hidden": "mariadb/enabled" + } + } + }, + "ingress": { + "type": "object", + "form": true, + "title": "Ingress Configuration", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Use a custom hostname", + "description": "Enable the ingress resource that allows you to access the WordPress installation." + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + }, + "tls": { + "type": "boolean", + "form": true, + "title": "Create a TLS secret", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + } + } + }, + "service": { + "type": "object", + "form": true, + "title": "Service Configuration", + "properties": { + "type": { + "type": "string", + "form": true, + "title": "Service Type", + "description": "Allowed values: \"ClusterIP\", \"NodePort\" and \"LoadBalancer\"" + } + } + }, + "resources": { + "type": "object", + "title": "Required Resources", + "description": "Configure resource requests", + "form": true, + "properties": { + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "form": true, + "render": "slider", + "title": "Memory Request", + "sliderMin": 10, + "sliderMax": 2048, + "sliderUnit": "Mi" + }, + "cpu": { + "type": "string", + "form": true, + "render": "slider", + "title": "CPU Request", + "sliderMin": 10, + "sliderMax": 2000, + "sliderUnit": "m" + } + } + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Enable Init Containers", + "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Metrics", + "description": "Prometheus Exporter / Metrics", + "form": true + } + } + } + } +} diff --git a/charts/wordpress copie original/wordpress/values.yaml b/charts/wordpress copie original/wordpress/values.yaml new file mode 100644 index 0000000..eaf34f9 --- /dev/null +++ b/charts/wordpress copie original/wordpress/values.yaml @@ -0,0 +1,1264 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + ## Compatibility adaptations for Kubernetes platforms + ## + compatibility: + ## Compatibility adaptations for Openshift + ## + openshift: + ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) + ## + adaptSecurityContext: disabled +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "" +## @param commonLabels Labels to add to all deployed resources +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed resources +## +commonAnnotations: {} +## @param clusterDomain Kubernetes Cluster Domain +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] +## Enable diagnostic mode in the deployment +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the deployment + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the deployment + ## + args: + - infinity +## @section WordPress Image parameters +## + +## Bitnami WordPress image +## ref: https://hub.docker.com/r/bitnami/wordpress/tags/ +## @param image.registry [default: REGISTRY_NAME] WordPress image registry +## @param image.repository [default: REPOSITORY_NAME/wordpress] WordPress image repository +## @skip image.tag WordPress image tag (immutable tags are recommended) +## @param image.digest WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag +## @param image.pullPolicy WordPress image pull policy +## @param image.pullSecrets WordPress image pull secrets +## @param image.debug Specify if debug values should be set +## +image: + registry: docker.io + repository: bitnami/wordpress + tag: 6.4.3-debian-12-r20 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Enable debug mode + ## + debug: false +## @section WordPress Configuration parameters +## WordPress settings based on environment variables +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#environment-variables +## + +## @param wordpressUsername WordPress username +## +wordpressUsername: user +## @param wordpressPassword WordPress user password +## Defaults to a random 10-character alphanumeric string if not set +## +wordpressPassword: "" +## @param existingSecret Name of existing secret containing WordPress credentials +## NOTE: Must contain key `wordpress-password` +## NOTE: When it's set, the `wordpressPassword` parameter is ignored +## +existingSecret: "" +## @param wordpressEmail WordPress user email +## +wordpressEmail: user@example.com +## @param wordpressFirstName WordPress user first name +## +wordpressFirstName: FirstName +## @param wordpressLastName WordPress user last name +## +wordpressLastName: LastName +## @param wordpressBlogName Blog name +## +wordpressBlogName: User's Blog! +## @param wordpressTablePrefix Prefix to use for WordPress database tables +## +wordpressTablePrefix: wp_ +## @param wordpressScheme Scheme to use to generate WordPress URLs +## +wordpressScheme: http +## @param wordpressSkipInstall Skip wizard installation +## NOTE: useful if you use an external database that already contains WordPress data +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-docker-container-to-an-existing-database +## +wordpressSkipInstall: false +## @param wordpressExtraConfigContent Add extra content to the default wp-config.php file +## e.g: +## wordpressExtraConfigContent: | +## @ini_set( 'post_max_size', '128M'); +## @ini_set( 'memory_limit', '256M' ); +## +wordpressExtraConfigContent: "" +## @param wordpressConfiguration The content for your custom wp-config.php file (advanced feature) +## NOTE: This will override configuring WordPress based on environment variables (including those set by the chart) +## NOTE: Currently only supported when `wordpressSkipInstall=true` +## +wordpressConfiguration: "" +## @param existingWordPressConfigurationSecret The name of an existing secret with your custom wp-config.php file (advanced feature) +## NOTE: When it's set the `wordpressConfiguration` parameter is ignored +## +existingWordPressConfigurationSecret: "" +## @param wordpressConfigureCache Enable W3 Total Cache plugin and configure cache settings +## NOTE: useful if you deploy Memcached for caching database queries or you use an external cache server +## +wordpressConfigureCache: false +## @param wordpressPlugins Array of plugins to install and activate. Can be specified as `all` or `none`. +## NOTE: If set to all, only plugins that are already installed will be activated, and if set to none, no plugins will be activated +## +wordpressPlugins: none +## @param apacheConfiguration The content for your custom httpd.conf file (advanced feature) +## +apacheConfiguration: "" +## @param existingApacheConfigurationConfigMap The name of an existing secret with your custom httpd.conf file (advanced feature) +## NOTE: When it's set the `apacheConfiguration` parameter is ignored +## +existingApacheConfigurationConfigMap: "" +## @param customPostInitScripts Custom post-init.d user scripts +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress +## NOTE: supported formats are `.sh`, `.sql` or `.php` +## NOTE: scripts are exclusively executed during the 1st boot of the container +## e.g: +## customPostInitScripts: +## enable-multisite.sh: | +## #!/bin/bash +## chmod +w /bitnami/wordpress/wp-config.php +## wp core multisite-install --url=example.com --title="Welcome to the WordPress Multisite" --admin_user="doesntmatternotreallyused" --admin_password="doesntmatternotreallyused" --admin_email="user@example.com" +## cat /docker-entrypoint-init.d/.htaccess > /bitnami/wordpress/.htaccess +## chmod -w bitnami/wordpress/wp-config.php +## .htaccess: | +## RewriteEngine On +## RewriteBase / +## ... +## +customPostInitScripts: {} +## SMTP mail delivery configuration +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress/#smtp-configuration +## @param smtpHost SMTP server host +## @param smtpPort SMTP server port +## @param smtpUser SMTP username +## @param smtpPassword SMTP user password +## @param smtpProtocol SMTP protocol +## +smtpHost: "" +smtpPort: "" +smtpUser: "" +smtpPassword: "" +smtpProtocol: "" +## @param smtpExistingSecret The name of an existing secret with SMTP credentials +## NOTE: Must contain key `smtp-password` +## NOTE: When it's set, the `smtpPassword` parameter is ignored +## +smtpExistingSecret: "" +## @param allowEmptyPassword Allow the container to be started with blank passwords +## +allowEmptyPassword: true +## @param allowOverrideNone Configure Apache to prohibit overriding directives with htaccess files +## +allowOverrideNone: false +## @param overrideDatabaseSettings Allow overriding the database settings persisted in wp-config.php +## +overrideDatabaseSettings: false +## @param htaccessPersistenceEnabled Persist custom changes on htaccess files +## If `allowOverrideNone` is `false`, it will persist `/opt/bitnami/wordpress/wordpress-htaccess.conf` +## If `allowOverrideNone` is `true`, it will persist `/opt/bitnami/wordpress/.htaccess` +## +htaccessPersistenceEnabled: false +## @param customHTAccessCM The name of an existing ConfigMap with custom htaccess rules +## NOTE: Must contain key `wordpress-htaccess.conf` with the file content +## NOTE: Requires setting `allowOverrideNone=false` +## +customHTAccessCM: "" +## @param command Override default container command (useful when using custom images) +## +command: [] +## @param args Override default container args (useful when using custom images) +## +args: [] +## @param extraEnvVars Array with extra environment variables to add to the WordPress container +## e.g: +## extraEnvVars: +## - name: FOO +## value: "bar" +## +extraEnvVars: [] +## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars +## +extraEnvVarsCM: "" +## @param extraEnvVarsSecret Name of existing Secret containing extra env vars +## +extraEnvVarsSecret: "" +## @section WordPress Multisite Configuration parameters +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#multisite-configuration +## + +## @param multisite.enable Whether to enable WordPress Multisite configuration. +## @param multisite.host WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. +## @param multisite.networkType WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. +## @param multisite.enableNipIoRedirect Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. +## +multisite: + enable: false + host: "" + networkType: subdomain + enableNipIoRedirect: false +## @section WordPress deployment parameters +## + +## @param replicaCount Number of WordPress replicas to deploy +## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1 +## +replicaCount: 1 +## @param updateStrategy.type WordPress deployment strategy type +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on multiple pods +## e.g: +## updateStrategy: +## type: RollingUpdate +## rollingUpdate: +## maxSurge: 25% +## maxUnavailable: 25% +## +updateStrategy: + type: RollingUpdate +## @param schedulerName Alternate scheduler +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +schedulerName: "" +## @param terminationGracePeriodSeconds In seconds, time given to the WordPress pod to terminate gracefully +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +## +terminationGracePeriodSeconds: "" +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods +## +topologySpreadConstraints: [] +## @param priorityClassName Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand +## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" +## @param automountServiceAccountToken Mount Service Account token in pod +## +automountServiceAccountToken: false +## @param hostAliases [array] WordPress pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: + ## Required for Apache exporter to work + ## + - ip: "127.0.0.1" + hostnames: + - "status.localhost" +## @param extraVolumes Optionally specify extra list of additional volumes for WordPress pods +## +extraVolumes: [] +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for WordPress container(s) +## +extraVolumeMounts: [] +## @param sidecars Add additional sidecar containers to the WordPress pod +## e.g: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] +## @param initContainers Add additional init containers to the WordPress pods +## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ +## e.g: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## command: ['sh', '-c', 'copy themes and plugins from git and push to /bitnami/wordpress/wp-content. Should work with extraVolumeMounts and extraVolumes'] +## +initContainers: [] +## @param podLabels Extra labels for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param podAnnotations Annotations for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +nodeAffinityPreset: + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set + ## + key: "" + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] +## @param affinity Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} +## @param nodeSelector Node labels for pod assignment +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +## +nodeSelector: {} +## @param tolerations Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] +## WordPress containers' resource requests and limits +## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). +## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 +## +resourcesPreset: "none" +## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) +## Example: +## resources: +## requests: +## cpu: 2 +## memory: 512Mi +## limits: +## cpu: 3 +## memory: 1024Mi +## +resources: {} +## Container ports +## @param containerPorts.http WordPress HTTP container port +## @param containerPorts.https WordPress HTTPS container port +## +containerPorts: + http: 8080 + https: 8443 +## @param extraContainerPorts Optionally specify extra list of additional ports for WordPress container(s) +## e.g: +## extraContainerPorts: +## - name: myservice +## containerPort: 9090 +## +extraContainerPorts: [] +## Configure Pods Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## @param podSecurityContext.enabled Enabled WordPress pods' Security Context +## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy +## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface +## @param podSecurityContext.supplementalGroups Set filesystem extra groups +## @param podSecurityContext.fsGroup Set WordPress pod's Security Context fsGroup +## +podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 +## Configure Container Security Context (only main container) +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## @param containerSecurityContext.enabled Enabled containers' Security Context +## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container +## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser +## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot +## @param containerSecurityContext.privileged Set container's Security Context privileged +## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem +## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation +## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped +## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile +## +containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" +## Configure extra options for WordPress containers' liveness, readiness and startup probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe on WordPress containers +## @skip livenessProbe.httpGet +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe +## +livenessProbe: + enabled: true + httpGet: + path: /wp-admin/install.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param readinessProbe.enabled Enable readinessProbe on WordPress containers +## @skip readinessProbe.httpGet +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## +readinessProbe: + enabled: true + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param startupProbe.enabled Enable startupProbe on WordPress containers +## @skip startupProbe.httpGet +## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe +## @param startupProbe.periodSeconds Period seconds for startupProbe +## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe +## @param startupProbe.failureThreshold Failure threshold for startupProbe +## @param startupProbe.successThreshold Success threshold for startupProbe +## +startupProbe: + enabled: false + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param customLivenessProbe Custom livenessProbe that overrides the default one +## +customLivenessProbe: {} +## @param customReadinessProbe Custom readinessProbe that overrides the default one +## +customReadinessProbe: {} +## @param customStartupProbe Custom startupProbe that overrides the default one +## +customStartupProbe: {} +## @param lifecycleHooks for the WordPress container(s) to automate configuration before or after startup +## +lifecycleHooks: {} +## @section Traffic Exposure Parameters +## + +## WordPress service parameters +## +service: + ## @param service.type WordPress service type + ## + type: LoadBalancer + ## @param service.ports.http WordPress service HTTP port + ## @param service.ports.https WordPress service HTTPS port + ## + ports: + http: 80 + https: 443 + ## @param service.httpsTargetPort Target port for HTTPS + ## + httpsTargetPort: https + ## Node ports to expose + ## @param service.nodePorts.http Node port for HTTP + ## @param service.nodePorts.https Node port for HTTPS + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + https: "" + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## @param service.clusterIP WordPress service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param service.loadBalancerIP WordPress service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges WordPress service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy WordPress service external traffic policy + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Additional custom annotations for WordPress service + ## + annotations: {} + ## @param service.extraPorts Extra port to expose on WordPress service + ## + extraPorts: [] +## Configure the ingress resource that allows you to access the WordPress installation +## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ +## +ingress: + enabled: true + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: mywordpress.lab.groupe-genes.fr + paths: + - path: / + pathType: ImplementationSpecific + ## @param ingress.enabled Enable ingress record generation for WordPress + ## + ## enabled: false + ## @param ingress.pathType Ingress path type + ## + ## pathType: ImplementationSpecific + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references. + ## + ## hostname: wordpress.local + ## @param ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + ## path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + ## annotations: {} + ## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true` + ## + tls: false + ## @param ingress.tlsWwwPrefix Adds www subdomain to default cert + ## Creates tls host with ingress.hostname: {{ print "www.%s" .Values.ingress.hostname }} + ## Is enabled if "nginx.ingress.kubernetes.io/from-to-www-redirect" is "true" + tlsWwwPrefix: false + ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. + ## e.g: + ## extraHosts: + ## - name: wordpress.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - wordpress.local + ## secretName: wordpress.local-tls + ## + extraTls: [] + ## @param ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: wordpress.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: wordpress.local + ## http: + ## path: / + ## backend: + ## service: + ## name: wordpress-svc + ## port: + ## name: http + ## + extraRules: [] +## @section Persistence Parameters +## + +## Persistence Parameters +## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ +## +persistence: + ## @param persistence.enabled Enable persistence using Persistent Volume Claims + ## + enabled: true + ## @param persistence.storageClass Persistent Volume storage class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner + ## + storageClass: "" + ## @param persistence.accessModes [array] Persistent Volume access modes + ## + accessModes: + - ReadWriteOnce + ## @param persistence.accessMode Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) + ## + accessMode: ReadWriteOnce + ## @param persistence.size Persistent Volume size + ## + size: 10Gi + ## @param persistence.dataSource Custom PVC data source + ## + dataSource: {} + ## @param persistence.existingClaim The name of an existing PVC to use for persistence + ## + existingClaim: "" + ## @param persistence.selector Selector to match an existing Persistent Volume for WordPress data PVC + ## If set, the PVC can't have a PV dynamically provisioned for it + ## E.g. + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param persistence.annotations Persistent Volume Claim annotations + ## + annotations: {} +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` + ## + enabled: false + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy + ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets + ## + image: + registry: docker.io + repository: bitnami/os-shell + tag: 12-debian-12-r16 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Init container' Security Context + ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser + ## and not the below volumePermissions.containerSecurityContext.runAsUser + ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## + containerSecurityContext: + seLinuxOptions: null + runAsUser: 0 +## @section Other Parameters +## + +## WordPress Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for WordPress pod + ## + create: true + ## @param serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: false + ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount + ## + annotations: {} +## WordPress Pod Disruption Budget configuration +## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +## @param pdb.create Enable a Pod Disruption Budget creation +## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled +## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable +## +pdb: + create: false + minAvailable: 1 + maxUnavailable: "" +## WordPress Autoscaling configuration +## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +## @param autoscaling.enabled Enable Horizontal POD autoscaling for WordPress +## @param autoscaling.minReplicas Minimum number of WordPress replicas +## @param autoscaling.maxReplicas Maximum number of WordPress replicas +## @param autoscaling.targetCPU Target CPU utilization percentage +## @param autoscaling.targetMemory Target Memory utilization percentage +## +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 11 + targetCPU: 50 + targetMemory: 50 +## @section Metrics Parameters +## + +## Prometheus Exporter / Metrics configuration +## +metrics: + ## @param metrics.enabled Start a sidecar prometheus exporter to expose metrics + ## + enabled: false + ## Bitnami Apache exporter image + ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository + ## @skip metrics.image.tag Apache exporter image tag (immutable tags are recommended) + ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param metrics.image.pullPolicy Apache exporter image pull policy + ## @param metrics.image.pullSecrets Apache exporter image pull secrets + ## + image: + registry: docker.io + repository: bitnami/apache-exporter + tag: 1.0.6-debian-12-r8 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param metrics.containerPorts.metrics Prometheus exporter container port + ## + containerPorts: + metrics: 9117 + ## Configure extra options for Prometheus exporter containers' liveness, readiness and startup probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + ## @param metrics.livenessProbe.enabled Enable livenessProbe on Prometheus exporter containers + ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.readinessProbe.enabled Enable readinessProbe on Prometheus exporter containers + ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.startupProbe.enabled Enable startupProbe on Prometheus exporter containers + ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe + ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + ## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param metrics.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## Prometheus exporter container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context + ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot + ## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged + ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem + ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation + ## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped + ## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + ## Prometheus exporter service parameters + ## + service: + ## @param metrics.service.ports.metrics Prometheus metrics service port + ## + ports: + metrics: 9150 + ## @param metrics.service.annotations [object] Additional custom annotations for Metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.containerPorts.metrics }}" + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator + ## + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + scrapeTimeout: "" + ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus + ## + labels: {} + ## @param metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration + ## + selector: {} + ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping + ## + relabelings: [] + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion + ## + metricRelabelings: [] + ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. + ## + jobLabel: "" +## @section NetworkPolicy parameters +## + +## Add networkpolicies +## +networkPolicy: + ## @param networkPolicy.enabled Enable network policies + ## If ingress.enabled or metrics.enabled are true, configure networkPolicy.ingress and networkPolicy.metrics selectors respectively to allow communication + ## + enabled: false + ## @param networkPolicy.metrics.enabled Enable network policy for metrics (prometheus) + ## @param networkPolicy.metrics.namespaceSelector [object] Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. + ## @param networkPolicy.metrics.podSelector [object] Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. + ## + metrics: + enabled: false + ## e.g: + ## podSelector: + ## label: monitoring + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: monitoring + ## + namespaceSelector: {} + ## @param networkPolicy.ingress.enabled Enable network policy for Ingress Proxies + ## @param networkPolicy.ingress.namespaceSelector [object] Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. + ## @param networkPolicy.ingress.podSelector [object] Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. + ## + ingress: + enabled: false + ## e.g: + ## podSelector: + ## label: ingress + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: ingress + ## + namespaceSelector: {} + ## @param networkPolicy.ingressRules.backendOnlyAccessibleByFrontend Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. + ## @param networkPolicy.ingressRules.customBackendSelector [object] Backend selector labels. These labels will be used to identify the backend pods. + ## @param networkPolicy.ingressRules.accessOnlyFrom.enabled Enable ingress rule that makes testlink only accessible from a particular origin + ## @param networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). + ## @param networkPolicy.ingressRules.accessOnlyFrom.podSelector [object] Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). + ## @param networkPolicy.ingressRules.customRules [object] Custom network policy ingress rule + ## + ingressRules: + ## mariadb backend only can be accessed from testlink + ## + backendOnlyAccessibleByFrontend: false + ## Additional custom backend selector + ## e.g: + ## customBackendSelector: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customBackendSelector: {} + ## Allow only from the indicated: + ## + accessOnlyFrom: + enabled: false + ## e.g: + ## podSelector: + ## label: access + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: access + ## + namespaceSelector: {} + ## custom ingress rules + ## e.g: + ## customRules: + ## - from: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} + ## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). + ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule + ## + egressRules: + # Deny connections to external. This is not compatible with an external database. + denyConnectionsToExternal: false + ## Additional custom egress rules + ## e.g: + ## customRules: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} +## @section Database Parameters +## + +## MariaDB chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml +## +mariadb: + ## @param mariadb.enabled Deploy a MariaDB server to satisfy the applications database requirements + ## To use an external database set this to false and configure the `externalDatabase.*` parameters + ## + enabled: true + ## @param mariadb.architecture MariaDB architecture. Allowed values: `standalone` or `replication` + ## + architecture: standalone + ## MariaDB Authentication parameters + ## @param mariadb.auth.rootPassword MariaDB root password + ## @param mariadb.auth.database MariaDB custom database + ## @param mariadb.auth.username MariaDB custom user name + ## @param mariadb.auth.password MariaDB custom user password + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run + ## + auth: + rootPassword: "" + database: bitnami_wordpress + username: bn_wordpress + password: "" + ## MariaDB Primary configuration + ## + primary: + ## MariaDB Primary Persistence parameters + ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ + ## @param mariadb.primary.persistence.enabled Enable persistence on MariaDB using PVC(s) + ## @param mariadb.primary.persistence.storageClass Persistent Volume storage class + ## @param mariadb.primary.persistence.accessModes [array] Persistent Volume access modes + ## @param mariadb.primary.persistence.size Persistent Volume size + ## + persistence: + enabled: true + storageClass: "" + accessModes: + - ReadWriteOnce + size: 8Gi +## External Database Configuration +## All of these values are only used if `mariadb.enabled=false` +## +externalDatabase: + ## @param externalDatabase.host External Database server host + ## + host: localhost + ## @param externalDatabase.port External Database server port + ## + port: 3306 + ## @param externalDatabase.user External Database username + ## + user: bn_wordpress + ## @param externalDatabase.password External Database user password + ## + password: "" + ## @param externalDatabase.database External Database database name + ## + database: bitnami_wordpress + ## @param externalDatabase.existingSecret The name of an existing secret with database credentials. Evaluated as a template + ## NOTE: Must contain key `mariadb-password` + ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored + ## + existingSecret: "" +## Memcached chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/memcached/values.yaml +## +memcached: + ## @param memcached.enabled Deploy a Memcached server for caching database queries + ## + enabled: false + ## Authentication parameters + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/memcached#creating-the-memcached-admin-user + ## + auth: + ## @param memcached.auth.enabled Enable Memcached authentication + ## + enabled: false + ## @param memcached.auth.username Memcached admin user + ## + username: "" + ## @param memcached.auth.password Memcached admin password + ## + password: "" + ## @param memcached.auth.existingPasswordSecret Existing secret with Memcached credentials (must contain a value for `memcached-password` key) + ## + existingPasswordSecret: "" + ## Service parameters + ## + service: + ## @param memcached.service.port Memcached service port + ## + port: 11211 +## External Memcached Configuration +## All of these values are only used if `memcached.enabled=false` +## +externalCache: + ## @param externalCache.host External cache server host + ## + host: localhost + ## @param externalCache.port External cache server port + ## + port: 11211 diff --git a/charts/wordpress+valuesjson de VScode/.helmignore b/charts/wordpress+valuesjson de VScode/.helmignore new file mode 100644 index 0000000..fb56657 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# img folder +img/ diff --git a/charts/wordpress+valuesjson de VScode/Chart.lock b/charts/wordpress+valuesjson de VScode/Chart.lock new file mode 100644 index 0000000..1c327cd --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.14.0 +- name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.5.0 +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.19.0 +digest: sha256:f14e7183217316a026257bb89543ec1055b763c37dd4bfba26c2c725ac0e7571 +generated: "2024-03-08T16:54:42.092136196Z" diff --git a/charts/wordpress+valuesjson de VScode/Chart.yaml b/charts/wordpress+valuesjson de VScode/Chart.yaml new file mode 100644 index 0000000..e9375da --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/Chart.yaml @@ -0,0 +1,47 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +annotations: + category: CMS + licenses: Apache-2.0 + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 +apiVersion: v2 +appVersion: 6.4.3 +dependencies: +- condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x +- condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x +description: WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. +home: https://bitnami.com +icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png +keywords: +- application +- blog +- cms +- http +- php +- web +- wordpress +maintainers: +- name: VMware, Inc. + url: https://github.com/bitnami/charts +name: wordpress+valuesjson-VScode +sources: +- https://github.com/bitnami/charts/tree/main/bitnami/wordpress +version: 2.1 diff --git a/charts/wordpress+valuesjson de VScode/README.md b/charts/wordpress+valuesjson de VScode/README.md new file mode 100644 index 0000000..006c3d0 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/README.md @@ -0,0 +1,772 @@ + + +# Bitnami package for WordPress + +WordPress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites. + +[Overview of WordPress](http://www.wordpress.org) + +## TL;DR + +```console +helm install my-release oci://registry-1.docker.io/bitnamicharts/wordpress +``` + +Looking to use WordPress in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + +## Introduction + +This chart bootstraps a [WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +It also packages the [Bitnami MariaDB chart](https://github.com/bitnami/charts/tree/main/bitnami/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the WordPress application, and the [Bitnami Memcached chart](https://github.com/bitnami/charts/tree/main/bitnami/memcached) that can be used to cache database queries. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. + +## Prerequisites + +- Kubernetes 1.23+ +- Helm 3.8.0+ +- PV provisioner support in the underlying infrastructure +- ReadWriteMany volumes for deployment scaling + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The command deploys WordPress on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | +| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` | + +### Common parameters + +| Name | Description | Value | +| ------------------------ | -------------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | +| `fullnameOverride` | String to fully override common.names.fullname template | `""` | +| `commonLabels` | Labels to add to all deployed resources | `{}` | +| `commonAnnotations` | Annotations to add to all deployed resources | `{}` | +| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | + +### WordPress Image parameters + +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | WordPress image registry | `REGISTRY_NAME` | +| `image.repository` | WordPress image repository | `REPOSITORY_NAME/wordpress` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | + +### WordPress Configuration parameters + +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------- | ------------------ | +| `wordpressUsername` | WordPress username | `user` | +| `wordpressPassword` | WordPress user password | `""` | +| `existingSecret` | Name of existing secret containing WordPress credentials | `""` | +| `wordpressEmail` | WordPress user email | `user@example.com` | +| `wordpressFirstName` | WordPress user first name | `FirstName` | +| `wordpressLastName` | WordPress user last name | `LastName` | +| `wordpressBlogName` | Blog name | `User's Blog!` | +| `wordpressTablePrefix` | Prefix to use for WordPress database tables | `wp_` | +| `wordpressScheme` | Scheme to use to generate WordPress URLs | `http` | +| `wordpressSkipInstall` | Skip wizard installation | `false` | +| `wordpressExtraConfigContent` | Add extra content to the default wp-config.php file | `""` | +| `wordpressConfiguration` | The content for your custom wp-config.php file (advanced feature) | `""` | +| `existingWordPressConfigurationSecret` | The name of an existing secret with your custom wp-config.php file (advanced feature) | `""` | +| `wordpressConfigureCache` | Enable W3 Total Cache plugin and configure cache settings | `false` | +| `wordpressPlugins` | Array of plugins to install and activate. Can be specified as `all` or `none`. | `none` | +| `apacheConfiguration` | The content for your custom httpd.conf file (advanced feature) | `""` | +| `existingApacheConfigurationConfigMap` | The name of an existing secret with your custom httpd.conf file (advanced feature) | `""` | +| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | +| `smtpHost` | SMTP server host | `""` | +| `smtpPort` | SMTP server port | `""` | +| `smtpUser` | SMTP username | `""` | +| `smtpPassword` | SMTP user password | `""` | +| `smtpProtocol` | SMTP protocol | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `allowEmptyPassword` | Allow the container to be started with blank passwords | `true` | +| `allowOverrideNone` | Configure Apache to prohibit overriding directives with htaccess files | `false` | +| `overrideDatabaseSettings` | Allow overriding the database settings persisted in wp-config.php | `false` | +| `htaccessPersistenceEnabled` | Persist custom changes on htaccess files | `false` | +| `customHTAccessCM` | The name of an existing ConfigMap with custom htaccess rules | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to the WordPress container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | + +### WordPress Multisite Configuration parameters + +| Name | Description | Value | +| ------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `multisite.enable` | Whether to enable WordPress Multisite configuration. | `false` | +| `multisite.host` | WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. | `""` | +| `multisite.networkType` | WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. | `subdomain` | +| `multisite.enableNipIoRedirect` | Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. | `false` | + +### WordPress deployment parameters + +| Name | Description | Value | +| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | +| `replicaCount` | Number of WordPress replicas to deploy | `1` | +| `updateStrategy.type` | WordPress deployment strategy type | `RollingUpdate` | +| `schedulerName` | Alternate scheduler | `""` | +| `terminationGracePeriodSeconds` | In seconds, time given to the WordPress pod to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `priorityClassName` | Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand | `""` | +| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `hostAliases` | WordPress pod host aliases | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for WordPress pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for WordPress container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the WordPress pod | `[]` | +| `initContainers` | Add additional init containers to the WordPress pods | `[]` | +| `podLabels` | Extra labels for WordPress pods | `{}` | +| `podAnnotations` | Annotations for WordPress pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none` | +| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `containerPorts.http` | WordPress HTTP container port | `8080` | +| `containerPorts.https` | WordPress HTTPS container port | `8443` | +| `extraContainerPorts` | Optionally specify extra list of additional ports for WordPress container(s) | `[]` | +| `podSecurityContext.enabled` | Enabled WordPress pods' Security Context | `true` | +| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `podSecurityContext.fsGroup` | Set WordPress pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `livenessProbe.enabled` | Enable livenessProbe on WordPress containers | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on WordPress containers | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on WordPress containers | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `lifecycleHooks` | for the WordPress container(s) to automate configuration before or after startup | `{}` | + +### Traffic Exposure Parameters + +| Name | Description | Value | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `service.type` | WordPress service type | `LoadBalancer` | +| `service.ports.http` | WordPress service HTTP port | `80` | +| `service.ports.https` | WordPress service HTTPS port | `443` | +| `service.httpsTargetPort` | Target port for HTTPS | `https` | +| `service.nodePorts.http` | Node port for HTTP | `""` | +| `service.nodePorts.https` | Node port for HTTPS | `""` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.clusterIP` | WordPress service Cluster IP | `""` | +| `service.loadBalancerIP` | WordPress service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | WordPress service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | WordPress service external traffic policy | `Cluster` | +| `service.annotations` | Additional custom annotations for WordPress service | `{}` | +| `service.extraPorts` | Extra port to expose on WordPress service | `[]` | +| `ingress.enabled` | Enable ingress record generation for WordPress | `false` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `ingress.hostname` | Default host for the ingress record. The hostname is templated and thus can contain other variable references. | `wordpress.local` | +| `ingress.path` | Default path for the ingress record | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `ingress.tlsWwwPrefix` | Adds www subdomain to default cert | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. | `[]` | +| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | + +### Persistence Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.accessMode` | Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) | `ReadWriteOnce` | +| `persistence.size` | Persistent Volume size | `10Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` | +| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | + +### Other Parameters + +| Name | Description | Value | +| --------------------------------------------- | ---------------------------------------------------------------------- | ------- | +| `serviceAccount.create` | Enable creation of ServiceAccount for WordPress pod | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `pdb.create` | Enable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `autoscaling.enabled` | Enable Horizontal POD autoscaling for WordPress | `false` | +| `autoscaling.minReplicas` | Minimum number of WordPress replicas | `1` | +| `autoscaling.maxReplicas` | Maximum number of WordPress replicas | `11` | +| `autoscaling.targetCPU` | Target CPU utilization percentage | `50` | +| `autoscaling.targetMemory` | Target Memory utilization percentage | `50` | + +### Metrics Parameters + +| Name | Description | Value | +| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | +| `metrics.containerPorts.metrics` | Prometheus exporter container port | `9117` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `none` | +| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | + +### NetworkPolicy parameters + +| Name | Description | Value | +| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------- | +| `networkPolicy.enabled` | Enable network policies | `false` | +| `networkPolicy.metrics.enabled` | Enable network policy for metrics (prometheus) | `false` | +| `networkPolicy.metrics.namespaceSelector` | Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. | `{}` | +| `networkPolicy.metrics.podSelector` | Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. | `{}` | +| `networkPolicy.ingress.enabled` | Enable network policy for Ingress Proxies | `false` | +| `networkPolicy.ingress.namespaceSelector` | Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. | `{}` | +| `networkPolicy.ingress.podSelector` | Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. | `{}` | +| `networkPolicy.ingressRules.backendOnlyAccessibleByFrontend` | Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. | `false` | +| `networkPolicy.ingressRules.customBackendSelector` | Backend selector labels. These labels will be used to identify the backend pods. | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.enabled` | Enable ingress rule that makes testlink only accessible from a particular origin | `false` | +| `networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector` | Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). | `{}` | +| `networkPolicy.ingressRules.accessOnlyFrom.podSelector` | Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). | `{}` | +| `networkPolicy.ingressRules.customRules` | Custom network policy ingress rule | `{}` | +| `networkPolicy.egressRules.denyConnectionsToExternal` | Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). | `false` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | + +### Database Parameters + +| Name | Description | Value | +| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------- | +| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | MariaDB root password | `""` | +| `mariadb.auth.database` | MariaDB custom database | `bitnami_wordpress` | +| `mariadb.auth.username` | MariaDB custom user name | `bn_wordpress` | +| `mariadb.auth.password` | MariaDB custom user password | `""` | +| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` | +| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` | +| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` | +| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` | +| `externalDatabase.host` | External Database server host | `localhost` | +| `externalDatabase.port` | External Database server port | `3306` | +| `externalDatabase.user` | External Database username | `bn_wordpress` | +| `externalDatabase.password` | External Database user password | `""` | +| `externalDatabase.database` | External Database database name | `bitnami_wordpress` | +| `externalDatabase.existingSecret` | The name of an existing secret with database credentials. Evaluated as a template | `""` | +| `memcached.enabled` | Deploy a Memcached server for caching database queries | `false` | +| `memcached.auth.enabled` | Enable Memcached authentication | `false` | +| `memcached.auth.username` | Memcached admin user | `""` | +| `memcached.auth.password` | Memcached admin password | `""` | +| `memcached.auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `memcached.service.port` | Memcached service port | `11211` | +| `externalCache.host` | External cache server host | `localhost` | +| `externalCache.port` | External cache server port | `11211` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm install my-release \ + --set wordpressUsername=admin \ + --set wordpressPassword=password \ + --set mariadb.auth.rootPassword=secretpassword \ + oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The above command sets the WordPress administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. + +> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. +> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/wordpress/values.yaml) + +## Configuration and installation details + +### Resource requests and limits + +Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. + +To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). + +### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Known limitations + +When performing admin operations that require activating the maintenance mode (such as updating a plugin or theme), it's activated in only one replica (see: [bug report](https://core.trac.wordpress.org/ticket/50797)). This implies that WP could be attending requests on other replicas while performing admin operations, with unpredictable consequences. + +To avoid that, you can manually activate/deactivate the maintenance mode on every replica using the WP CLI. For instance, if you installed WP with three replicas, you can run the commands below to activate the maintenance mode in all of them (assuming that the release name is `wordpress`): + +```console +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[1].metadata.name}') -c wordpress -- wp maintenance-mode activate +kubectl exec $(kubectl get pods -l app.kubernetes.io/name=wordpress -o jsonpath='{.items[2].metadata.name}') -c wordpress -- wp maintenance-mode activate +``` + +### External database support + +You may want to have WordPress connect to an external database rather than installing one inside your cluster. Typical reasons for this are to use a managed database service, or to share a common database server for all your applications. To achieve this, the chart allows you to specify credentials for an external database with the [`externalDatabase` parameter](#database-parameters). You should also disable the MariaDB installation with the `mariadb.enabled` option. Here is an example: + +```console +mariadb.enabled=false +externalDatabase.host=myexternalhost +externalDatabase.user=myuser +externalDatabase.password=mypassword +externalDatabase.database=mydatabase +externalDatabase.port=3306 +``` + +If the database already contains data from a previous WordPress installation, set the `wordpressSkipInstall` parameter to `true`. This parameter forces the container to skip the WordPress installation wizard. Otherwise, the container will assume it is a fresh installation and execute the installation wizard, potentially modifying or resetting the data in the existing database. + +[Refer to the container documentation for more information](https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-container-to-an-existing-database). + +### Memcached + +This chart provides support for using Memcached to cache database queries and objects improving the website performance. To enable this feature, set `wordpressConfigureCache` and `memcached.enabled` parameters to `true`. + +When this feature is enabled, a Memcached server will be deployed in your K8s cluster using the Bitnami Memcached chart and the [W3 Total Cache](https://wordpress.org/plugins/w3-total-cache/) plugin will be activated and configured to use the Memcached server for database caching. + +It is also possible to use an external cache server rather than installing one inside your cluster. To achieve this, the chart allows you to specify credentials for an external cache server with the [`externalCache` parameter](#database-parameters). You should also disable the Memcached installation with the `memcached.enabled` option. Here is an example: + +```console +wordpressConfigureCache=true +memcached.enabled=false +externalCache.host=myexternalcachehost +externalCache.port=11211 +``` + +### Ingress + +This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application.To enable Ingress integration, set `ingress.enabled` to `true`. + +The most common scenario is to have one host name mapped to the deployment. In this case, the `ingress.hostname` property can be used to set the host name. The `ingress.tls` parameter can be used to add the TLS configuration for this host. + +However, it is also possible to have more than one host. To facilitate this, the `ingress.extraHosts` parameter (if available) can be set with the host names specified as an array. The `ingress.extraTLS` parameter (if available) can also be used to add the TLS configuration for extra hosts. + +> NOTE: For each host specified in the `ingress.extraHosts` parameter, it is necessary to set a name, path, and any annotations that the Ingress controller should know about. Not all annotations are supported by all Ingress controllers, but [this annotation reference document](https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md) lists the annotations supported by many popular Ingress controllers. + +Adding the TLS parameter (where available) will cause the chart to generate HTTPS URLs, and the application will be available on port 443. The actual TLS secrets do not have to be generated by this chart. However, if TLS is enabled, the Ingress record will not work until the TLS secret exists. + +[Learn more about Ingress controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/). + +### TLS secrets + +This chart facilitates the creation of TLS secrets for use with the Ingress controller (although this is not mandatory). There are several common use cases: + +- Generate certificate secrets based on chart parameters. +- Enable externally generated certificates. +- Manage application certificates via an external service (like [cert-manager](https://github.com/jetstack/cert-manager/)). +- Create self-signed certificates within the chart (if supported). + +In the first two cases, a certificate and a key are needed. Files are expected in `.pem` format. + +Here is an example of a certificate file: + +> NOTE: There may be more than one certificate if there is a certificate chain. + +```text +-----BEGIN CERTIFICATE----- +MIID6TCCAtGgAwIBAgIJAIaCwivkeB5EMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +... +jScrvkiBO65F46KioCL9h5tDvomdU1aqpI/CBzhvZn1c0ZTf87tGQR8NK7v7 +-----END CERTIFICATE----- +``` + +Here is an example of a certificate key: + +```text +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAvLYcyu8f3skuRyUgeeNpeDvYBCDcgq+LsWap6zbX5f8oLqp4 +... +wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= +-----END RSA PRIVATE KEY----- +``` + +- If using Helm to manage the certificates based on the parameters, copy these values into the `certificate` and `key` values for a given `*.ingress.secrets` entry. +- If managing TLS secrets separately, it is necessary to create a TLS secret with name `INGRESS_HOSTNAME-tls` (where INGRESS_HOSTNAME is a placeholder to be replaced with the hostname you set using the `*.ingress.hostname` parameter). +- If your cluster has a [cert-manager](https://github.com/jetstack/cert-manager) add-on to automate the management and issuance of TLS certificates, add to `*.ingress.annotations` the [corresponding ones](https://cert-manager.io/docs/usage/ingress/#supported-annotations) for cert-manager. +- If using self-signed certificates created by Helm, set both `*.ingress.tls` and `*.ingress.selfSigned` to `true`. + +### `.htaccess` files + +For performance and security reasons, it is a good practice to configure Apache with the `AllowOverride None` directive. Instead of using `.htaccess` files, Apache will load the same directives at boot time. These directives are located in `/opt/bitnami/wordpress/wordpress-htaccess.conf`. + +By default, the container image includes all the default `.htaccess` files in WordPress (together with the default plugins). To enable this feature, install the chart with the value `allowOverrideNone=yes`. + +However, some plugins may include `.htaccess` directives that will not be loaded when `AllowOverride` is set to `None`. To make them work, create a custom `wordpress-htaccess.conf` file with all the required directives. After creating it, create a Kubernetes ConfigMap with it (for example, named `custom-htaccess`) and install the chart with the correct parameters as shown below: + +```text + allowOverrideNone=true + customHTAccessCM=custom-htaccess +``` + +Some plugins permit editing the `.htaccess` file and it may be necessary to persist it in order to keep those edits. To make these plugins work, set the `htaccessPersistenceEnabled` parameter as shown below: + +```text + allowOverrideNone=false + htaccessPersistenceEnabled=true +``` + +## Persistence + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image stores the WordPress data and configurations at the `/bitnami` path of the container. Persistent Volume Claims are used to keep the data across deployments. + +If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). + +### Additional environment variables + +In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property. + +```yaml +wordpress: + extraEnvVars: + - name: LOG_LEVEL + value: error +``` + +Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values. + +### Sidecars + +If additional containers are needed in the same pod as WordPress (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter. + +```yaml +sidecars: +- name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +If these sidecars export extra ports, extra port definitions can be added using the `service.extraPorts` parameter (where available), as shown in the example below: + +```yaml +service: + extraPorts: + - name: extraPort + port: 11311 + targetPort: 11311 +``` + +> NOTE: This Helm chart already includes sidecar containers for the Prometheus exporters (where applicable). These can be activated by adding the `--enable-metrics=true` parameter at deployment time. The `sidecars` parameter should therefore only be used for any extra sidecar containers. + +If additional init containers are needed in the same pod, they can be defined using the `initContainers` parameter. Here is an example: + +```yaml +initContainers: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +Learn more about [sidecar containers](https://kubernetes.io/docs/concepts/workloads/pods/) and [init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). + +### Pod affinity + +This chart allows you to set your custom affinity using the `affinity` parameter. Learn more about Pod affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, use one of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Notable changes + +### 13.2.0 + +Removed support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. To update WordPress core, we recommend you use the `helm upgrade` command to update your deployment instead of using the built-in update functionality. + +### 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +In addition, several new features have been implemented: + +- Multisite mode is now supported via `multisite.*` options. +- Plugins can be installed and activated on the first deployment via the `wordpressPlugins` option. +- Added support for limiting auto-updates to WordPress core via the `wordpressAutoUpdateLevel` option. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. + +To enable the new features, it is not possible to do it by upgrading an existing deployment. Instead, it is necessary to perform a fresh deploy. + +## Upgrading + +### To 20.0.0 + +This major release bumps the and MariaDB chart version to [16.x.x](https://github.com/bitnami/charts/pull/23054); no major issues are expected during the upgrade. + +### To 19.0.0 + +This major release bumps the MariaDB version to 11.2. No major issues are expected during the upgrade. + +### To 18.0.0 + +This major release bumps the MariaDB version to 11.1. No major issues are expected during the upgrade. + +### To 17.0.0 + +This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. + +### To 16.0.0 + +This major release bumps the MariaDB version to 10.11. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for upgrading from MariaDB 10.6 to 10.11. No major issues are expected during the upgrade. + +### To 14.0.0 + +This major release bumps the MariaDB version to 10.6. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) for upgrading from MariaDB 10.5 to 10.6. No major issues are expected during the upgrade. + +### To 13.0.0 + +This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. + +- `service.port` and `service.httpsPort` have been regrouped under the `service.ports` map. +- `metrics.service.port` has been regrouped under the `metrics.service.ports` map. +- `serviceAccountName` has been deprecated in favor of `serviceAccount` map. + +Additionally updates the MariaDB & Memcached subcharts to their newest major `10.x.x` and `6.x.x`, respectively, which contain similar changes. + +### To 12.0.0 + +WordPress version was bumped to its latest major, `5.8.x`. Though no incompatibilities are expected while upgrading from previous versions, WordPress recommends backing up your application first. + +Site backups can be easily performed using tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 11.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was refactored and now the source code is published in GitHub in the `rootfs` folder of the container image. + +Compatibility is not guaranteed due to the amount of involved changes, however no breaking changes are expected. + +### To 10.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +#### Additional upgrade notes + +- MariaDB dependency version was bumped to a new major version that introduces several incompatibilities. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. +- If you want to upgrade to this version from a previous one installed with Helm v3, there are two alternatives: + - Install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + - Reuse the PVC used to hold the MariaDB data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is `wordpress`). + +> Warning: please create a backup of your database before running any of these actions. The steps below would be only valid if your application (e.g. any plugins or custom code) is compatible with MariaDB 10.5. + +Obtain the credentials and the name of the PVC used to hold the MariaDB data on your current release: + +```console +export WORDPRESS_PASSWORD=$(kubectl get secret --namespace default wordpress -o jsonpath="{.data.wordpress-password}" | base64 -d) +export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) +export MARIADB_PASSWORD=$(kubectl get secret --namespace default wordpress-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) +export MARIADB_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +``` + +Upgrade your release (maintaining the version) disabling MariaDB and scaling WordPress replicas to 0: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set wordpressPassword=$WORDPRESS_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 9.6.4 +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +Finally, upgrade you release to `10.0.0` reusing the existing PVC, and enabling back MariaDB: + +```console +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set wordpressPassword=$WORDPRESS_PASSWORD +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +You should see the lines below in MariaDB container logs: + +```console +$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") +... +mariadb 12:13:24.98 INFO ==> Using persisted data +mariadb 12:13:25.01 INFO ==> Running mysql_upgrade +... +``` + +### To 9.0.0 + +The [Bitnami WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) image was migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by setting the parameters `securityContext.runAsUser`, and `securityContext.fsGroup` to `0`. +Chart labels and Ingress configuration were also adapted to follow the Helm charts best practices. + +Consequences: + +- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. +- No writing permissions will be granted on `wp-config.php` by default. +- Backwards compatibility is not guaranteed. + +To upgrade to `9.0.0`, it's recommended to install a new WordPress chart, and migrate your WordPress site using backup/restore tools such as [VaultPress](https://vaultpress.com/) or [All-in-One WP Migration](https://wordpress.org/plugins/all-in-one-wp-migration/). + +### To 8.0.0 + +Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec. + +In the `apiVersion` of the deployment resources was updated to `apps/v1` in tune with the API's deprecated, resulting in compatibility breakage. + +This major version signifies this change. + +### To 3.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to `3.0.0`. The following example assumes that the release name is `wordpress`: + +```console +kubectl patch deployment wordpress-wordpress --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' +kubectl delete statefulset wordpress-mariadb --cascade=false +``` + +## License + +Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/charts/wordpress+valuesjson de VScode/charts/common-2.19.0.tgz b/charts/wordpress+valuesjson de VScode/charts/common-2.19.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..999417ccf52d78fe88422401836ff2a483a4817c GIT binary patch literal 15554 zcmV;zJUzo7iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMZ{f7>>)IJ!UUub4}_Cst}vk{@x`yWaD4lXUCbCh>{W^zLc) zv=9kNs7ZnaK-tr&Gj)KSy!& zr_Dcu!C>&@;6VL%Fc?(-I~?ro|7mz|c(iwTxW9jN@Tb9W@8Ia*PcXOxTxw6o1!8|1 z+`6r5=f02!B?%Qs5SsAg4nTkeo=`SFhO=bM5Em>9M8zg z(EJDyosa-VSX^P8z=((h#RLLbp8FkuH&ep(Paqr;Dj>vZMCWJ}VHnMU2#%w%-&1v&`e`!hT;ll^Wg$QA^bEe8 z9!znRV%F(_z;PNOfjd1IXGtJC-s#ycbYesjfk=Xxs-7T;-`f{gh~Zs0O9I)sj70@z z6C$SBNFiom^fehex~@Th(~JdJ!CYQb%u{>}ksgZ9tTJMsnk65edwh)ipP?wj{EilY zCGvl;_vA@c{vRFeJ;?w2c(&jvP3MeErlKr{w&3FY+5gx3QA_>aS%?!s#ssrtI6Xgo z`u%ey|2tb-kP8kj{Donxt@|>4agZrhw*$}vT?r=vmcQi_BN0rWU#ARnZgp<`^xzWDkKz4$@GtQk zK7P!<0MHaOBq)Dh88Bd7;Y_lb-F{{g;i)V67QuD-4&HGBskjyNtu)%>y!R9&M4)zEtZ?FCI~ zL?`nf@EW9dDis6ZzEf0QnY^W{8eecE| ze(8H&t44%|nzb_J+O^)hAfzO)AZi6~zSNc>SwR{}^sMwQq-$KDeyk?zPL=6YMefHg zo9uw$xe|w!$y|)HZ~lUA7d}8j5~)DJa8MT0MxZ5Bzz&X6F?WWzTP+GHBZ(M;htkw9 zPsY5`F?^+v%GsgToU^`H*O~20Jl}V~V_%EGDAi0ETiSr_@7PkCGyR=)X_@8!sr|fdPu>3?pcIWrw80&KCI0`zCxe5E z|NqJ0Xz<|wzmMmW`TxZfgFtM81^keUb1<<8t)ijCoN^g3;UnH7e z;CFL?N@V~~H`$*JM_8btS0-y)*}7BnrnE}1xT5URbbK``nL6id66@&Jw8GZ{Cu%oi zHF_CDNiy*-zfs!QCP^1Cn*2^jD-z9?zE9p7NgZ)DQrV)LBTtBMOcTEH+$+kjOrqhz zy|WZbQ@&X;smQ<>Co9vbsPJz^C@zq|<1AX8qud(zNh;IzPeCM-Oc>^TMFQE3Jhx|W)oquS~D*#%}Z z65thShf-oItWLtgCP>KegmA&u=fBpvnsoWgM(n1 zTDQ+>c!7hA5i!@cI}i>$OH;}O4p;P$@YK(%ETjG5&E$&qF)6Iq@8oG16BY6JlqO>` z$+S?pK~GU5pw&A6x09Q2-i>>|bQNjt%B|>dhcmEgb>W!JFq4yWOdM4YMd@@k74@df zxDpzxt#U1uHz!w}34W82PTQ*A=UAsS>~Vud!F!)};8(Eo&-5sZdefJ4XQf${0Ji)pp0V;nIsc6MP$D(u|DBz%aR2Cy6^8xLobVj!~hU@BoUa6 zQGgXi#xzSp4=`g?>M4)kP#9rgIHofk!qpV($r&JlB071*Atnilv!rP>9zR~uf2Efi z?%-OQe-355_dBy+2E9N3v-|j$|M~dO#~(j#d$3a?4}1VYF9eg6aCYUFE;OHV|F2>H zSI%rfRHx<}*#KU0{&RnSueSfYKX^F*e=pCy@Bc!+(mGN#!~zEbhaj17Oj#`F@v9Uk zd`iZm^AkrCe5@yBb&)A?E8%%18ot~c=DZ%~k5eF|{XsE4SU0qhz zGLsN9Kw!~|Fz`ZCP;pctPH_@S;X<`2w8Zk^+j+h*Ow`%iJk5X-@#>uqX9-X-#VoJL zAtIN!AT(TAft!QNIA(p7oxvPY0x?AbLaJo;6=jz|Ga=UtiP4B&>!nNnV3-R=jO7SVXe~Y@un+bU`KBog(wv`w5=SUfM1|h;vmz0 zC8D6znq!r$SfgM#Q#Y?o8SLOc)&%0K?$k&(rYyi-7j{q*ZVsw6vn9}Vrm}Szbo1`Y z4)-6!Yt61CaVE|RJWCRX>njYb7^Dc{s}A)E(3ptYYj4c|E}QhgV_9;_f8v%qZ zBLdVPT+)Yx)_&)bR5$E>8TD#kt+1>AZWD|0@8*_pf<_SzJ*92^1I5v2rB8inPhJ00 z3i!s({{LwO{crE!sG|QJ93AdI=zsU|+^7Dh+Ill(G@DGdou|#ZES)f<6q}68f3lxP;Cu*U<~gb*qT24C=sAzca`I+ z6bE6v3(^$Xm20tHS~cqtsU;+j1c)i4SJovV+qElc4{}w{Y402{oCsT}-6yz=q{Y%$ zC6zis^gAVqI_gxXf~!YLrLA5+SK(gc2qTXDGyaptqqIVAD;y0?k59mRmzSj% z^|K3j{`&Q+*T?V=n(6tNGCCt6hB?g`1Q}CQDCTcvl55>WH}17JdSX0!rI+5j1gg(V zDzFv~c!m=|V}ThkOcE|o6sf-N0*yil7*;|IMbbc;O9n_V4z-OWrg(1OUgA_p6)}~@ z9v8AVGa6+vh9E*D<{Lr#yNoGgj3m+&)7%-LM7B>y)^-zlHn)%l+;`K|O>lx4iuzM} z)f2QY7|liz=2J>VZ;GQ>r%LK+wXVNabiSwAuXi;i5$@&VV#=G5;Wy~wSCvZU$WEzP zogqKK7?Eg+I{2xV$^W%aUH>C7nrtrj)1Q{>e@90R`rq&&|I@uZ_pbjr`)nzrsT6>c z;Z!EfCiTOxqxw&A22uTdO{wDnvigshVqF?M?Vj+e2SSvB(Y7|1+sm~!6F)PT8kF+( zQIIw(8S$va9vK#2Vab{MnkYT zTQj}h$&;2EO?G_sZ`oXdX-FoR3l|-y!zbYVpUPU}_W7g%P(!aPjhA~;Uy{79c>gOd z|L0Z8R>#i4w1ih}3$osV2ERVURkoGZbY=IfIQiMVdTT>02<>Yw}^^6TV{jFPY>G_$;65=4;?=*4V#Gd_fktR*qHRPH35$2 zHiBq}BooRoH?J9<5&6EKGHiS!%4Gxp0b>+JBNSY69rT5mfZ_s#Mf%gsh8nGB&Zs6l z@b$F`t4PaPHKu7>eRzW=s~8jg$2tHi)q9E!_X@l~T&u7l@9Vh0{wSiO{@(uha2VqK zZ_wbICr^SyJRXe3!NJ~We|)rm7#!^n2S=l$!Juyt^e1%d$Ae+-$AbgNyHt+9`t5&q zRQT1`-JN&7`RhO3KYQx?Y45*L?_ckF|NPo~D_(RTcV&&QS1Pytn?tLTbz=GC_{4-l zwiL__fzVg~_wuU#3-r6x{_~$Caetnx{w_8!z*o%RpXU6w*nViW{~P>2<}~5v96(F_ zKL>|LRsYZ7aPJ}i$GtrFpa0|U%5N<&NYN=76em($RStZ@-2f;RNra-vO%QT=er6># zcenoPqSmmnX~hX1QfIf!PMG;>ewlCQREk;q&HSqFPn|ovQ4Y*}Bg$8rH_)*P*SIEJ zDc`1~?YmoBwv*THpC!Tv^-8GIR&V*ZPRd3dMIhkfrZxWUCV1d{ars z+W-Qj5|-=OlT%IVuX-rGS{t%x4W9e)y%XIpNo4_&M3kX*i*MtIBJt#)`rS6CShe2Z z2gza$D%)be*SU`D7fdRuCSp{|0jVOrnWq@kes=i)(sIFIW53T06i+LY%UHHv&0(~i zhNGX~tbI75b~<8=B90dyd(gzW*_j5@wWkr{TuGZ-(etbVZB4q?t1mnca|80;Idya5 z2AGLnj1n|aJJKeg!MSoxNzXSwUH~VP1cx12fs9EYH8GG~l*=j6#)=_~TfOrdkBgha z+}5O|3TeRmnH;yiA##5!AJCo)X8GVs*e^6_xeQ<~3gg9r)MCC^Iqh_OvGuZ`RU4(E zMb#AXAMhMXpuH*~f+&+_irxxmQp~SZZAtNR5=s&A9tvXYbzSlHSs(pSPhI~vsXy;; z|My^cP`&^0;K|X${_nj!_pkpu$~+e+2@wl*mfA))wBbfuvPgH`nA}=ds^_9z9Qj{s z!&z}uGB ztedE)S8rDZMoCWW>n(uFo&pQcv4_72CgRH;O2T)zEV8 z#qt|uX<>NOU7ayzDrms*bQb#+rM$(q`EEl->uya^Zyv|StiGj@lz>WOxS)z1MQCi# zj-OVsOGDRKz8Ji64Lfe7VXF;SBgp*P(CQsTivk16>XIS8IweaJAaR@tb%U!?K&AQ_ zOaXC|!OiC>4t#EMS-ZKZr7FN@LAk&JX;MyWy-1)q+48H>r1LX|P(_Jep+rb~JEAlN zI>QV!FeBECgWiNb#535*C5fv-*E!hCI=ZBer^K-wlNbvWB7qF)%*eD`_DvMt zgg6B?mtiL*!Q~BhH-d}th>cgm`zHmb*0W{ ztK&XA?N43**L<)+^?#}Ue>50Y_5Z{DClC7neLVLb|M~nnm5YE}auVYpS7{xT&e6K8 zxWcJd6fvo=Rb3^9?7A&WzM5giNQk9$WLXlxlYR9ki7&G8m|TO`YrDGcDZ^5u)O)%L zO^LJJ`9nr!8O;mS^=i7T14gMUd6!hIVDBsLl{=#Uwi?(6U^tCXfWiCP1MgSw=AA-0 z;l^1M&Eby>MRHt2si&yU`ckz~&{cUM+mM*^`~WGZF?M%l3a_DdTSX)$W)nh835Oj+ zs%I}RWLdQnlH#E2ch1K4EQkh@r!;YBPl^o=MR%37L?UmnT}*RXu;xg#d}2T5ykg6= z7Fdbyt_yKHF)_d^^Q(hrP7V#FyyoV(mfo(7V3i9?&~&@&Fxz64e<>5{T`HUe^DmMY z+g+)e8;kBajA=~}*^JqWEXtX4IYt9jKi(Qk)^bm^@XA4T3vhBLi__?W8MCm|2Bu9; zo^n&GPMt>8xj??@>#e6!Bh*b#snaN;SMI4g#fm(YtA#%1NHuvvtdp38LuFM37O#pQij#V1aGF8WAjU|@KUCY5GMf$tix=iww_P{F*YtR zyId0qhlW|ucFS48{knzfHD?J*=#tB|>mc%Q$~RM^k7&fT%vPP3k~d%&8N1?e@D=Rf z>j0+$a5}{?W+>`$K^dChZr<{?C4=2!=zu}dplyP8J=;p5YowV6-f%F8J@8^2Q#O~s z_r7^SJn(8wdf*)nUJ$Qq0qR~{duny+;FgWU;)a1yqE-RRlN5q4ecF1xeea? zM~5YF``;X_jyI1{6s?H&VTIm@!*&9#fcH^_3`bAehp$d=9Fi=)A>szw#xNfq?zfL% z4fO~)`#Q^5+#i%UWpHpi7WWTJoH96CgT=4cL42=__`%@Mx8w0LxF^GdHF$h)EzA$f zO?|US46K0plQOvB-rhGWvw2|-n5~6eV(RN2b9*5P@pbiMJ;79yu5XfIoU5uT^Xa3n z_#+^R%5>m^QqOUipSxmMT~n%?*wMK>c0Jg+#B-iwpzch~^CGn9|C?C<>-wM06mx&^ z-@~K*gPQ&~9PT~nfA{g+yZ<*2|JHnF+$IbBCYB#dt`ZwiePQw&HHDp(%YbLBQfZ57 zdrC@`dH(030PhN@9y~9-=;yhIbpAUO=@@B=jot2bLcr}gYxUmjTdD|ct>_y6l-iI5 zb#btxzUJwfb=p*IXVU~5Iin*AiPd?jjt;iDk#>I1xGx zQsw$$F;(aKYH{b?O88IWde|(^O))%;uD{lzE}{hmZ1xejp^WCI{S^Xkd+sz>hkHW#xmzo3E=nyeASveZ5w7y`KJ5Y zyeZe{mQMTCA<7nCpft7TG@Wz75||Tkay{1vmlnwwLF0zWx%jt1kbSK zEENwFF^s}F1j>~gt~4i$ba^_e&CLt#COfoSCgnK@p2=1hzAax*U(KI5Y{;p&=XJr0 za55274~7FZhE$HBIzv$2!72T{@bH+K`ZbP)UWsKN>5+U?IL@x7*m#k08WRrE7?Px1 zFc&J28zzISTqYFsR6fPOYG8jWL#qlUo8`^sn`jV9yMX=4u~fnMA5l(W&xfB$6oHEK z8WYBa&ijZ3X68VknV-g@(x~b&fu1^FR7gvSv;JawIx)N%0z*kiOKL%S%8PyH^crPGvmwCY}<^Dt97B#O%h%@ztu0-FxKO z$iz-8%TEctT7pVhMOvA!l9%|Zt=rGcVj%m;GVH_ISgHAfYPR16eo0cDC6n7Nmjqvd zvSWo`;`qq{;3Q!4RM_bt+x#yT zr+S+vRirD=_kmHUQb;nInYb1^hvcN7EL1rj&5bQ;2YQ?(%KvQAkE&5Di%KaOhH~ZA z(lIAsO$2D^zjHPQ)F2;ZTMDa8-7b*F+}Me2S@#h)HH)cccgu5Jb;d6%EV273eM1t?Fxfu61nZ zm>r*h=Ruw`&j`NC>q5>tu>+pxh7aVMCkC)tBAoKW0r;l-#ZHUn0n1rGX#KCMq-26b z+@E0a1D=1!Xe^h^TtSh%<$+&WR~_x3cI2Setg5rHVO2sl{exq>C>^M=4+~q@!}AOY zqzu`J(#tFbZzgpkYX+^bqn*Pw&=Kb zhUlg;ytm`hC{@bIp?srkR|fw=u)HTb5xv3;cH~NR8l_VN!){mqe3`|VkpPBW*vZng zUh0EMlm4sMHfL0M9uQJn3EC>)3BG=<<8V)-=tm-y`_X&%?q`Ph)(-8lmV`=U$ z|KD)$Xs;UoF*rJUi2t~c=TqJP;O1Yw&>ROU=ToC#H7ps(0!8AX{Cb`MH}A$e1&YM- zi%-N&fCu3pdG?(5%-opLXyc zDiEMlq?-BHuCi_!o%HUV_s;XG{)-jsYD=dXv)0}`NcBxVb@^Z9Qn;t{AA5&~)$`wn z2M_l@-p}(1!b-$Y3f+UF@FlfI-B_opI`wiNAp za@wiCR+v?v_T{1=a3hP)9g!gn}eZssc7BHzSfNgIg8|T z(Xv{R7zjR?Bt)vgy1}X6*HZC(-s(zy{ns0b_n80Xa8SSh@9@F?yPxOY*MFVNnIv2= zeF{^B2u-jkqF{_Cwq1B>7Bx=g2^MBXFZQ?DOOMT4Ri|fPu9z>OrD10gW;W`(8E4hr z8~Qw%y+zC>G{n~_WdfuGu>d}PJlWp4%tkm6ks^-u2s+317v}J)c+#Bwd?qQk@u5MF z!tb0WQi`8=@0G9EmnC!#=#O%p{$Qi2dg@lV>QeY^MxqdKGJ_dnI_O8o8zY^DW9dLv zh@wZ)j!Zo7<=*_|LsJ3e_?^`k6%(IEL@g~`{-LgjmgcYNuv0^AD?UXWe^;xj*2Z4- z0-|agu5sQ9t+>CZt;7!K4Nf1r4fe76S?qPTLTL%r6@@0QHp9%Su19d`$Sn*v$)jiW zueGLF4RGOImc22-H_iz9UU?s)d5c9YapKkJcllwv5{^(&Gm4gKA>0m}UPGWrsa)Q3NDRL**|*HU9M3C2H`gb+nlZ%W3L}5oMM!! zJ?C|WS{;1OFjR{qi`I_4ONGAZ|g(I`@)8%-7o>6|l7`8Q~?;J(Dyl!`?%xe=PXXQpyh7oJdi@X!P2 z3iqzL4WtKr>3hI<=MhiJX*3 z(u^aFCi>vCI-Z%I&J1b5eM1FxMpI;hGJ+!BSLaJqV)34V-jmRKhI*Ls#op91Q%H(( zEQDRnbDhAXhLSi(k(;(|HLkIFnOskSxwghp9IeJERYkkH>ec=EHHyH{A0W=N*gB)tF%lX@^vb#X zS=k;s)TjxUq7V56b+wl@94p_8U&|+8L9w#=#@(x$t5({!(ve5t* ztC@6Rh+i_>9cQu~oU)aN|B!05=P1bi#~`h0C%!628w?C}_(xNmN#V0Y6AUpTiNmUP ztW-pKSIb2wGC&CvW7ioHcm;XNM}zBKEPM&IPhN${MWC=t#gihKs^w^K`8LuzQ4qsA zzocZu8ihFQ#8j0;39Lz-?Mq`#DZ5--{AE;r#-Kv7l}KbXo9J^)#Wjc#o~ipL5~*06Pcv|WaR>+k zq~p;ARVSKlu48?#A`GOYkz*tDv3Ye8IMF5Nd31V-UN+cg(#SUsUiyy4E)42qQTIU? zMd5ES_+kd7Mr(W0H$WWks`K1BxrGv92FpTh)o6JKom`=dP12zG685IR=@M*pgN;=| z-zfR5?o@Q}%X{xiWviX}@RQOeiwfr^+oj=6R|6eW<|vsyd{_Ei%FWAj-BumDZqi;* z5KtDH=`p7ngDc7|BZ@*befY8KU#ksvwUY>im|IJZB zEEPx1TgA<&`N=~iilh)xClD8&uxdC=S#WI*ux)eLUi_V(_Oyvy%9hq@XEVwfhHO#_ zC0dKlI%y#Fp$vO+DaShB@8ms$t!~#ILv2c3;pfRoik58JG{lR#lu5GscJ({f{cSbT zRwb^p=~PL7)Ubt7KrkR{iM2}b%o*X809jSC1R)&##4$T(cucNW0&|JyzOGb(WRDcP zhmD=3z1XKNw^=^-s&qrjwBu;In)^xJKwixvredtS_M;()zLdCP5>}7?^6GB&I>)AK z-EBQH-N3xwGQAIHsB_pn$38RyEI>dkVPG zS5XJKGN4TjyqUR0SJoSQE8Ut0ef7a88{7*=!Ho@Q9}(NJ1+*^(8K@KG&AA|&LR@Z3 zcY7FFkM~+Mcb5XILFBrExfcGjpM7p8mW+9ImNgA$`OD{P+B`ffJd5qW7%_sv(Ji-v zm)L(tNBhh+AwnmMrK|wt-suSU0naQ-UN^=($<}Ni8|EJ)FiHsQma{9D%frs z8y@M&A>OccT*9E-8-=9HC^yL$SYx;*3%OxqQpxQK4h?%9n|4B2O4o_JQ8z?&ki1&gwtY*{ku4FR#^cz=F8cjGO!BXH*n@y zunq8T;>cMM%!b`Kwi9cN`wd+da0{tZ;>PpF`5p&<))D5@9|3i}ry<`8+aBz4~jsHKA z|9SBL+{5z;{Xdeoo_+ft3{U>Dc_)xz+|S1eW&;jb@Hy~5Hj^Q z;t(psYHcF&9E%lPa)nr0=8Q8XS73TwzQ?iX<<|;s&;w@>dGNih zs%&h|_okGu(MHV174W`^Pr!ivvVCu+6Kjn7O?_`IP;TpcGhjb+-`mO_nl=skE0$sZQQ$tI=QFXs+%e%%$O7#c|#AS?vEwDHjulZ|MYD68|+ks``KS2E&K*fA{lzI{(kP z=B>MM0y%8^*?58qoZ8(%MVZ_Agq*hS#xc}P;I+I%4v1T(foXu$=pxFk%e=g6el3S8 zrM-R23rEM2HXK`NL3B}bYmJT-zr5IdLT^gFSR-ZI&HQ@tcDuG=Zfq#UOdX4|d&N-5 z8OXJ`&>cmulG)Sx5gMAPj>iIGuj^1)$eb&Uz}>nR7WeFPax~mbeGYLzLY!Ydk0oMq zMKqTM8$1`Sd39#XIQH!g$E8bnF7doa$36RP(YmIt@@QJr)Kx+f^AXOm4b?R-Br#aq zC9ERETNjnZJt(Ww6(gqQPUXf@PCE{JYEB99^$NAjojk6yp*-rJ%-6Jh1zpb*u^gVW z&}l;HyG&P-hOG=*ZDe`CY_p|o)86h>$JD{4*@x6EcV~e;-P*>wfH&-_a=N%C$K1?m zwE)m9Jy-5vectXX>+Gnhgli5#i&}Yy&XCQT2P^mJPNYXs^rw77bh!jkx^jJLF5p{m z=U7@(8H-h+oNRhg$@awhwNOkK zcW!Ix%|%|LZTkhYOKYE&uuKa}q?Kvz^24HX>-vuu`+pe@$?Y!!TXz4~!Qe?X{%`Q) z;r_3Cc{bz!y^#a>wPdclIsU8p_OtQ*Ds$qdKnDqK~@_ZLYUjZobR}dd@OHr=%IV-@Cxzfw% z4Dh!T7#?(29*IV^;}-ni2+whLxhszq>gDBYXAPaJtJgxWMfZ{om|Hq;xOP;rU95hP zaa;55jCJl%`y?S&pY^lY{&!cQn|lG4*#8Gd`%kLzUwcOn=l|~I`E>DL#vGPql%YSu zbz5KS?y9_+*iUIP9t@;#*{Q00p1lBEz4F>@{XCe#s7SrRz^KVBtqnKZ+Awcz6_u|| z)6@4zH`1o53-zm`E5iV(v)J2SHaj`qOtDr)%w3rlYkNJTy)4r7V2`Y}s2M9bUP#Z2D}G9ePExrz3;hZXetVyQA$ROjBYlEJi` zdpJoZHFKfhVLu<}R=dd8-FCQVJu@QbGIQ_U;@Q5uPpy6Ns#g>&os#jq=awzBVdu|> zNpruGrebQ;phK_RJzF%t=-$e{!jUX{m?{fo?5{H^%X6pdv%H~t>&&>e!Ab1$cF$`2+}kshpBRj0W{lyaa4LFU)p3K8Fqa%g zVpRMmwxu?zsY-9?^JMlGF*iuE1&zXnfj5P@9OxpNwU6H=?-Co0_!WPbG*~*iagDhg zIYR-z+Y;zi_5f(`kG|rM>S8Uw#2AGkJnHqNS|rV_lWketNCAljN+VFhaxqwl=4 z1gufwwswut|NSYBVlqi6!<*MJm+1e4!^1&k|8MVT@Sy+S%d-XNNJtsO)m`(71LT5{ zz$hb;x@0>=!6lkt?svA}&6IH9S(;KNIPfWsA{DIyF%rR)B$HiWI6{KV%z{_EM@iV( zf&@==eDjWWDwsG@_xEpNI$Q8mu`IlOdI2F} zyyH)Z=&OG<`W=7tFV$X^0F6*^nWf5V;ho1mze+og{SmtCJoZJL zb{_x#oh^8a7@--5vuDqF$4?pk9S5T0lMti6F30Ha9e>6H8e$2X#1k0PD8#Ho;z|Fr z^)Q(E|N8mqvlq|(IJ}ECmYn~3GT1w+&i}!|;9>sX$Fl|B5|N;o*xB$S88NAEJe5mO zr*jIwe2=5J{Q93e_L6+LZ1{Ytug4cOB?0e8y6CTJ5##+WS*EKz*AqswREiYMbr8`B z31Ec96~;-9h_2^%I$K-t=EuK0d)?{$_Ste#Yu>hfMBC{%T@8%z*8%R9n)v zRy^0b4S3(riBusIXV#eWWN`ff_D3L0c+HOz>D`q&NDJ1yHa1mruk=Hz2 zzEWrYE82WqrUw3*Mz`p;DKlobLk#;DS zFx1bB6bA%FK$0{Qz=J7{k@~U)XEB=K*OZEaXYEvw>?P(YJ_fGLt`0zmdBBLWy^i6T znkQh3J4PjuK&71((LmZ>9RPfd;xxj?kk778$C-sontGj=RMgY(v8;0yB6Ovqa zIs#3Wfz@yXnz&$w{_u%E?1gwlP|_O?dhE%5r;}z;bWS4@EX7q3dprlE!Jp?9^Sv&m zSUoz8uF#x6lIBv5hospf<#iX2cJ;26v=e0Uv++wR&Kc%75sx%JdcU6+2qDJMyaPZ4 z)?SFkm|7z`ngh2;CmM+4${c;u4(t>seGtzlAn*E}PKZaDL++8@60DI%_eE{LkTJ|@ z23ItTLWsyEmR~r=fUgBZK$0CHmP+ouVTgbS1e*Z>>h~p8U$!LuTSk8ioZ$y|BsyE5yKXR2a#zl)b1C(?z)66MnPoPDm(t1Zp6c>a>9w$Y zmk5%Moeme2p$UE(A`%N)nyh;tJTG-LuDkOQ|&`Q1U^?J?ftD(xxbyt80 zjc{aED3qqFSJgxKDn)-}IM;!T(RlwJ@`DxD-TMJXPY!Srn_(wMS9uAG$TTlnT+xY~n| zGK)l!((RNeLlKtdbj_4jqBx2`YQGTA&7O~Plvf7o#PfD5v^?=V#qp0SMOXC1R~y*2 z6a7~SqT-!z-(l$FvkqUUlnHRaoNVt%yD$)us%&@cdP>fvD8Tty;(`~TN8xu)6N%o5 z_g>w<M044jTm~-`EePD4Afc z9X8sRA-@-%0yD>yfgq?93Y4XkA)%Gnkc`Jz4a*oKkueD>46)jK)m`1!8kB+}=b=$~ zl}{sY%Jcw;;5ZsfqYAOm=oLB1p1=ChH&XfMDH1vESD0ZS#-)SJwr`aV|JmvE;GE%^ z@}`@YT+@Sax5F97@LO3U`3-iA)KGL7&0$2vR9D(l{oA+1cL2$u)y_KA|1!+II!x_d z0h&bft`EO_j~QO<@3ekS$pa`Qrc*s7*1O8=4NxMPDukFS8WqMa8qrM8D+jON^v1d0 z>A_Eu3R(>^Zq?svIL-F`5?W*QM}Nzd?kVJYhRv5?BO82E<|c^;hg6%tR@r{62&{_Sl!iN{F`eK9%aOlAbFBx<6<~^UU!mh0Gd%WG zGHZyL@nWj2sm#uHJyA%`Ns_zHjH|(D&blnFmV_~*F(BDB&5Ja_c1^OrJ~MN66+Awb zCPVT_z*vedl+1x}o?*UvlUheN^T;qN4{(AQp;ACdnQcbOI9=S@A;nxaZ$*}!k0_bT zfh^D{dZFxu%4Bo9rYDU=n=ithpJ7g;8SY8+_SC=oy_9m%D^SrR-T#{lah2XQRv1Ne(${5hPxeH$*_-Y4 z1T}x|_y4ArH4}WfNvQ^VL)RYU?eb$!L#o?Jwj?=?K>6LDaX7| znH2KCvk@mDL5!$`L#DY9vLrMi@uw*Yrr08~3--&yzXB*lKWybSBxy> zx8fotAn^OFfz(Si98l3!oe*dC3^zi=>?o!c<}A%#o5Jf=jXFG-@p3l4g7ri`t|9{ zH)qc;;MHq*`s(Ggvo~k2US7bf@8I<1Kj4S6m(O+q6YUhdmco}y1WBxv1HW^Daj9|Z zEYogX5pL}DV0Os#dt|7^FbAD)Nj;dyu-o((Dc zVQyr3R8em|NM&qo0PMYgf7>>eH#&doRbZ9Qt=-3zWXDN5dNz9>$97xai4(8wv@^Hc zj}4KKgqk8a0BA>(rI5+?f4h{~!m_dqRH0mEtA?3X} zoW+0H_%j#`2G95R<-dc$p#1ONV0ZAB-Th}TcAxLR*xh^jm%;AdvlmbQ0tTCBrTS!y zL;9D&+GUk1_mw;_NeG7=lY|XB0ECdE38C{LID#CGAVVDh@C;568-kA=000O;0%vFl zbkC9RbebWENO*&250m}~^90UtUnd*x?)LV2PlE`JFie8oy@2k!6yub20N`*UTPy(jOOR8%H4NjBE&+9Q!Zbfism?a1uz3J0VG8UU?ig< z+L0V(3Fh-4LboU;DT=_wf4>Hi?g@Y)dW$IFQ^-ZHVBii%D4qkHfQ%skDan!u@F@a! zgvJqwG6XmQm@|M9j%Z3TLtu;`&nRL$U>u|Oc!Xoj=Q{u&zfdIK&B}R-6BP zdIu@m0Vhe=>j03^xL|dH`7|3zPEB9bZS4*>)moD1!mNEx5$X$8%EPgf_mSP_y=T2a z=X2|!$LI4r?))E<@MiO6ESUcXPxoI`=l}i3`TrrF`Z8(B8BC zXXq(>{^G^=Xm{`XL1%&zL?K7f5Ontjd;7uQX)t(pxw}7n`fT`YzqkMW-tN=E^S!-q>7rQS8d!_OJbntBOIQ}2vc>)eeI;VIt<*s@1 z1YDdQ{Udm-Y~J7`LJ7xXjOY*?oE;qgbS$mk&XXtL|1cCvbM42Nj9?5>NZ|}|M49-i zUmi(aq3rHbinAC&hIT+gIFiOC;8ST_#xWqbh*BIOX;qdp?*N>HaVD)pTaO7-HW}kd zMo}aTP+^>k{1e5B?CPT6!;DgtZ~$*1j^QZIQ`9g!RBz6;2Ha6U&$2kaKp{n3nA8zq zoKQGHhcRTLdP+o+h$i22sFVbBBFi*NwkEG#q?_Gj1WbOG>YM>6jeSTd^iZ_UR6p^7>C7N0dLAToh;K>tk+?({&UuD*Z>a|$H%;qNJ z-_cxsegkJnCNQM!oZ#2rI>3>1QQ#q&rI71&1%MGu_4-!UAg)+!lro4b#nO+F)xRDxmgjqQ&cZc-;?AoP?%B7=Z7TW=sgDq;-&1t ztn@{XJO;>EeveQZlle?^YEHlm-pGzW%WD=RwWi9s1{5()amY~=-0p#k!^0tE&_EBYA-GGC0D1}gZ?HPA?*?XKS+)_q!YyLuBh!L zu$3`U-=9!C10hVI>>n60AsN9rLwsA1w`j_aUz8>W{9B_mFF2JeXCk=c7{>9u(5QOm z?~SuK7P$mnJ9mk&N#-FgJ}n?z&Rrs|8~BKbwJJE$9mW!n=>d^UAt*Xoh9-en!NAz2 zEL-QG@N${M~I?Gwn(L%A^7mA z!pCbkLUGPQtbT2*bVa>XFbk(B%3?%?LIv_aT3O^@z!u?C<=9EgXx$e4M3|+Jhf|P} zNKVxhjSG*(P2N0W2@sKx^*LlWtPi6ZPOxZ>KsQT2pOAxD7IU1&D9DRveNhF6&rhQzUL-mt5z;fS=Gy(%Ly6LsHRQL1bW=)3NSkOQRA^YJ{ePlAioZ<) zts5dFHLcXLx|kst!E#|3vF|~`lL+ul0F+yomnUGExI1v9? zr8JS-6or#9PB6C(FNWwX4$&)|2-B725xvn@hY4K=s?VYM~v`OS=^ux_4vr568%Ygt%pl`%KXM#fQD+@SqcE2behKmPIL;`02TS8onZkAHKE^;yn_knvRM{?b%0E(~q+jY@b_eIi zeF9;x*X!wZlUX)lRy56yuooEOJDx=phm%V2X%@$4B*x*q#De$$Qu)Q3$t*%HQWWCx zT<@m@%dA4Q0MIC#U5TmU|~= zcc#1{Wjs}8HDOqS#UeyWN`2O*ic}Nd9!QJxTfu(O7cc|g3N6m~w>tpEavMcj=ii=; z-w=LA5km?8R*_p}mQuTO{U<3!foKyH1?rX2Mn&rmfnBC5@~zw$lBOXub=9pTX0OV6 zbBpOeW*Ot6QD!j7WcE<1ugG**+2|<@(RRDKDchki6jBlec{Tf@5~^N7O7Sh^DDP!` zz0iCQXK8Hawse(sW?ETdiXNbvi_;8=mYtIf+{q3Z;~TlZ#SqeyJWj;ALM=apeMcs$ z5x@xtJfjH%uMRGL60>BVQ1Is9^hEXZiO}s@Y)X4-hU8aUDXTF9X*k7Vjg(Q8k67pB z)-~fWiC|0;bPWgv*A%5O4kd5b(xR}_4?&S!lw)WfWPFMeuJe_2Kg{^lwIsxw9wmgI zLB{R~jX?f~n9W4>uEpnTu}Y*pa56~<6+K2+NtkgV2CXuLI#Y92)bsQo->YZtSu)%wG`N zSdUzCb#=)_vXm%4TjiUFvSC|I0N@=%m70hil=rI$afo9EwyrB`?|KJZJDo6p;o;^w zUnOBJL$Sz7ad?9wkfmTu$xPXIii__0!=kRHh}>FnvinwtMopPCKj0WK za7wa-3)Lj|DPSzk&9VH16UGsYgf*kwYbd$JlqAwkdMm0riVJJ0Ou3c?r4?N+M5oc( zGVdpfiMuIEbRQ^}a1CVJN-N`9m>JhSVOQb=ffVwo>~*S5)!ZqYNJ#X02f&yS5UIr1 z#jw5>Ld8(EhQG$md=-&#nx36u%zTMeO!c3}~nuLWW1eP|cr|T*# zv7q;`=sLc{syiB8$j~PSj<8(KLaMA<`3OHXVYG>I(qi$$#`mLbpLS&EKJLN;l%?pWp8LMaj)F6aXF`5ePr<2b&YBdd zdh42$`eiREyZ!Ws!pz!26Z3Kh%pjBN;26P3{M+mGa?g{p8FW%_VaDT>`?}2*Mm{s; z9xhM4^F&*08*F6^jk8#df2Dr3f>4XJ?Xrg|Uw4#vk{+oBhUE8+aU(rgb*#jAjKX;s zqn`-5VYyw^STZMar)LH^%6Dg#Au&Q@LXlXbz%fTutVAf!Qp1T`nC$mn@d)B#4!BUx zt%EQWzb?rQO7!HQzX1ISaQO`lTp%MJ2BH8Kh!HOT40Kt2QzwhJ+9u80>Wom% zdNRUMs1Mz_QbLvWqe36^E^B8}4o{h22%bJ2Jg+OrYWrWA+(i1#*LSRBO8w&GceO1D zS)tiH7NulC8k9GqK1$T@+_4~RM)^ibY&H**asLTYT09`*z$rQqv$s{>;>!?x3}lUe zRiVhg$sg}pKt6~{BgIGm+2jnH8crZ4*><&|hn zkw7RqnV`IU5+7uWG|nbCxvHbmSKn1qLix)NA3*PC75CHF4?cZTbtB;o;(pS6mTI|+ zR5CfArL~-JUFjKof2FsHuTm(;|O^1w+Hz$l`Kv6tT|rg0?OV*v|MFU66}5R*xO zC?z#q#AL!umY7UrmT(Fw3^}3!Lp)Fs&oAFy{-C1CWq7je7y3)a$KPM6Xtek$#7a&v zxx4yThUok%CX<%~%}O%SFGah*+#U1=9o2ur7^8&$RBFKu1lQ_o72=^p14jDlj)0To!AMu9QSN zqTyKjzjZ*vgRrg2vN^WGAL_(DR(r8>1BCl{1W+ddsZ8TIwytwyQztTu>K-`Iu}&tc z>6(!-SC027G!B&ZRoB4~qSEMAtw{TjF+546)t8V6^`GEGsCe<)@Do5WXC@ryZ|nwj zD&O2YIc_5=yP$iK*ZF6aS49d#Ah=Ylm9>p1qTG4zqY~o36>i1L6003I>@Z(OS5o@t zB42f+`rcpzm!<{TA6xQ#gXVsgrB(pqvy6Y_;j|sUrf40lD*wJg^C9TEEr#|`0RJs5 z{H|REm3E05D7iFMLZ>kGXeoGKMRXgOp8y0v)nm8%YR|5fX}mg@gy|oqZnc^psD7Ns z$h036jx|;t4hu#yQ0}dY_S^9faCr*RH=HUi`a9ch%$)~1Pwf;W2w$KWg`80ECU5Hc z8FO{HwNWOv`Y>$O^3F+&sJ2Tkt-tTP$;EP%%jPXO$T_!|s_muq0gyM}vjstr%S0|L zAN8m!QH^}8nU_!HnoLMk2kZFWNqr&S0Tx2h{(z)fMxx#uu*=%m$RrA8IcI^4AhK2& z9=>bq%}GjPGMQhb6v60_B*N&&2^YOkeF5qdu)nqLl`GU*&=LO$3~K?C3 z*s0^FZX~4?6B!Sm$KjsoH`YOs`_u(O=!S_Pr3lSZM;%lctnF2mh~jD#as5bHhWnaW zVzYAe#S<6yrB(VFiSpAQ((#Jkx9q{qaaD$9plSA>FvMkeO!-SNCNzM7ah7}ZQ|Y`! zIg+@{{sJj4rmxST98O^}L0bJ?Ag*>?=ZvEnn8<@Fp-f={8Cz0ka~ATLNs2c@s4>tn z2TX6B$RK)|3dps^7>0g-hL3udrZG~1ys{Ro%(@CGlNDH2B0&B3K`v=6#g9v9P#yhj!)Kl4s~OPO|qZn3I8Dm6v2E$zpl1@i*DIE{q?y?PEDNWCfm57dA)+2QQE~7Q0e3LrZeU-YElX5=)xO%8 zh+c$~i6S54M5KYy?-}FjkTPT-K_OyHM(_v`=#$9uL|I1TIT%qW#UlenzRk-Te%td~ z`6hw(;y8oT7IzpD8tK!lBtiLECzWjrmYkUhNze{RU_y2Po548V0W%cgY_bfKV_) zGeYNJ3o)ibK1)IY`HFqp7vorTo+1uWF)}RH(qWnn!CvuOl{o~@cK1%Pd98RZ=XzSr zwL93`*V$~@6)v|!W2BlxqiMa5tyo)r3u1hW62#b!RKsFq87K-FN~Mo$Zo*tH-kUOm zyvRTm(|=-RmT$KGemTY5nMhJuDq7zbXT}K@?SF(~IKMz4Ng@VL)H@J~mtt0tZ{?ZF zrD&&!V!1Gq`OoC9HOPtSi)7r;yHr2dAUK9N&M3N^QpBbtj=&G<1>pIc<%zN^6neNI zdZAt{A}TRCigzX3r7#6N4K@V3d&)F%Bt8UE*#O`QZV1%da_z+!(@Rdb2DwkIX^5FF zt;Wk|8!k05mny$^xHunMWM6K;EK7aikXe>si$Sw2$(F-rS+Xq$PL-?-bhTdAnf*(R zoPl@b?ADB&r_BSWGMnpe?Cp^5*ER%}>ypdUU)U*^C)uJ~E>E;&$6TIp%dY7m+ySMx zOLfkt58pRcNc)8~6IBD}9n)xmft9b(D|BmjOI6a>_K>df;LbNoG2u{Nz{R=KcvUtE zn{jzQT-vpaXleffF*h#C3LB#g#~del%iKZCK{!R>O-nmim3&=_Fuius+@_GJk^-wJ zRmu#BbuwnN9YyJGio>byxHwct+(kl(#$?zq2pxj1B&QDTX&|_i0j%AGc&y+<6osi+ z*o%ISBE6dZ2atjNJ$Z(VPmw-2tae!S3zd0;=b`1X`u^Vjz*!-IE$Iy~4Wp&MtyehJ zwzO7IvJPU<56nB!j6yY;ho?>9+L~E;D$`V0RJ7GtFR^oY+Dfwed~by*{eF`im5<44>nKH( zVa8D+PsWOp&deJQewI6Q;4p@Gwycj*10weG0(hV|{E98|qU^dDK`TkwuCqD!bUl4c z)9jBza9vbP)k{|ES~?Kra&SlD1)^EX=SP^@v1e8DVgaWn7GIQ*w=PVI2CiYo+peZ2 zrr^5M0u-q&1zRx1sYVI>Q=Azn>SpuW5I1Pok7c7X$fw{U8%3DPSgpAUWKxYRLx1GS zHt3*H>YQ!MvEe`~yYodq)nyu_Pz86Y$)Ak%ndE540qImB4*zMt`Y$VwK1$FHy1s1P z?v9?4HQX5UgOV2XvP5$MwiHg6Mz)i{TC%7li{l-TkV$UG4!4VDNfcR>I2-fl7O2(yGAM1)E z6vAqu`u+0d8iGZM<@DxMwRM)?ZK4 z2NDDihID&l)N_Jezw18{jVFW9EztybYy@TxPEOVx!$aNWjta6<3O+xjC3K6G2rmmqQ2<8B6&&Sc#K0G zZ>bjs>I}2KN(!8usjYK*Yhs2>)mntn%Sl^IP-R4?z5*T#3?pvcBmko1Rl~a}mIB36 zfK%51_tYg-jnK7YKo<^L3X3uw?s7?UR38URXPyPR(zqeo4@toWyCbY2& zQYf{9c8^GHDr^h%J|zr+t%T5-Gz6s2Cr7=x*7Ml4a&Byw`hq6ff&<$sK2uT!Fmaqw zb`rH-nZdb)57L-d%bUigbcUE%XXMANF4S-L{8d%m?SN1@!n$urg1Tb;(>;`<(QA@>P=5Mye*G=q%QrD5j13pAF$u0oCFpIor9{PhlC zF}y`Sl(9TbOXhifV#3b9&JuxY^R+W+lY31x@_< zG0O%$`G1P}N93|qk;`;9{QPiaMTc7*kgP@rJSZetQI952vcmFsge9}gwRM2WE_@wuj3+M`Vw8vr_Mq`v{Evu66MgPpaJ%O3*nj8!+8zKqe}hu8AB z-xooiHPz4ude)+d&BC6wC~z_GnWvU36|w;QY*WS90B9bXOF^KuD6<5D*0RJJ7_=7U zH3FfvEWH&JS{r%a9~fGT($|JVYc(7n0nxr3Ks0~%euPB(Q$nKIAxB>{D4K`S92TwS z+gA#V=Bv#kG};=_Xr4H&uMHf{@@cFBk5-d?LjY+t)K`Z{t0A}!NLmfabz#zK$UXw4 zeKA03b~NWoP-%4pHU*YeM}G~tv^tV&0jAXvT^lm3j_@BJG|isrSAx*m91E!p+q(`rfo2>{frCH`6vYMzznG9YSYHdcpGTg*r^kXo6Ob)eK1^RfU; ztzv_05>Bm_yGKB^KLntf9lczER4W?)j{~Y!s_@FNYV`x-0fE*0mDvQeT9Z~<0Iud| zY9sJ!ZMpio0M@L%%%vgLswV*#fvh=a+#A5u{9N4!+*nOXKEN?+r~DCe?DIp8`CD#1 z&@n$vAM99DXIKMxtcC#(^jH%E8v`G!867tKSmUT@2|!j;%$Ey6R+?ru2twwBFa=#)fQiZCu_&R3IJtQ2I?Tn8d>;aLCUK2tHP8u*31J`22ihnm9YTJEUX(9 zUeJJLR^_V(&8%SVtH(2|*7;A1Xx7~PD`1)x-Q*F~Y$2+dw1bKteKB3t!QR2a?s5jwwj^L?0vm21I+CF)xlvMe%aA0Re2Y&sk6a23!`eF zBHdTeXm)93d^G!;+v!y}qUqRTom*nuh4V9KUphti)_%#_;wqSIDq~a@kWu#u;nLv- zlSn5O7Ktcj2SDkW7rzz!joe|%U2J+Ir#H^xSf(@Keum}5e}v0n*Pba4YA`cO$X$kf zb>6Hmr3oJFz0y6%Cy+qy|+H6-lV*3gzCG^PP`Hy(w^p z=nOM8>Z>F3q~t9rQVhjs<7!b@A6FfDQrs!QDu}p(ioFdwK7xFT;Z&tGQq|IIU%Z!%1t(BJCEQ%`&dkHk_zCYODzA?N&99 z@B}g5x?G)HPndUb4%ig#J$pWcu-EJLz*&qSLt?1v*#3NI?I=$J-%%4VF<}mZ4u_Lg z%%)i!>&1OrhD8?NG0LVQ)Mg|D7v>Cu43h}*zRA=MsF*+0;e`Z1N?{I)A}I~^;SrT* zsEPD2(eF*q7y=V{VEUKxJ;KQl?Cu2-8ey0OyL$oMRenF!1i4?NkjW67jNcG01J#q< zgXVE%8-B$om%N@?mEL0d4+)ej?W9DV@h~&BZhTq&6o&a?bxn&#R3wn>1S!S0P#!%| z((C8T{2~TH{4a(=Q``((Oe}EHivCx+F8qP?`r4x!p~YXFr1&cSdiu`J$unq ztH(1K)iW3l2(#WD@GM;_)iP4vs$29Ys>0Ll%YAcRtQ zWx6eF21B;3rEqLmZZHVSG+USf3RN;NjC;!QP5N#@V)`y+TY5%!De8&2MD$^%YnKyi zk}h#mHy2m)f2J9@)U?G!Jm~E{>+RZ;@%N8&@x#o;rgPXUaSadfTV+WuWRZ6|8#voq zi>nfI4J0JOLJH+ETuw8MsOBaR6o;Vux81>h*RSf{a|#dW#NthD07w9I6_1!grb8`N zKf7{tUv1QC!AZZAuY$uAfFKA-9HUVA6t3hk*%?ZBFBJ2nh7)ztjc^i^$(4>eDSbrA z1SjYUCkcs0SByiRc}VC~oZMs$sU|TQ!FbW?tp`ptT^OX1&596Vq1g!0tD62G zFYKsQD(b7efS~$uiXi191U+q$f69AyQyQ*!Fp8KiF%y`HMqa#9U<#Sti`t2<8jY4u zDH{t*GjT!fg3?y3ND0ngOl`gk8^rtEuj{$5L440+j;w8!N*yYQB+G0e-ZRQlMJDT@ zk5y{ETv40FT3T4#Vx*-t>(d5hX%j`*2ul@uOW`XmEU$#F)T*=^Y^8-|H6kmuD!CP| z(qb9kAF9&Ave(8`YBA_Ggs4<jJ#!&GF^c`N1#U--?fQ zXh=Eb_J~hKB!nNFsRqeuU3{p8a87MNq3#XxsowGSi1+lT#CtNDd-*8?@qFtx5dMmQaF!lLmIZC%Gfzo^ zIa#pV5)z6Cvo>7<1;|hG9cmq5si~DC%8jVqRQX^yR6&jx&R1}5OnZqj7gCrC`^~Jq zHSj^s(c6L{P{9T8g_qaxly4f!cwF_DIt^k84@(nU!aQK-!s$G>=Y&>GfxnZHJVp#I z^_HaxGgQ|Mkwot<(+MhqT{)5Apispr{!T_Z=r^&q=xoMJDed`^XVPwA3{K1+kehQc zx(#$R{RpY%apUMse$lg8yCM}8qaVyRx2(Q?r`83E3mF|MbBOkkR@m9FsLzUotw5URl+?7t;q zg$@u_S-)lGekhX2n`rgH3U!W64P2GLX3e6xl!CIb3>o%XfB?W4Q9d+VIKdIQvw&~_ zdY{rEfFp(yzLljPekY@sU47=K`w6^!33j)wncpHMj{zliX>Pcv^QpXS zv=5`X9Opi#O6X|i44PYl^nf1gWA@S()f8tWLUBIBYoGTNB?j?HYKk2|l31T;%#Uw} zgi;i8a|l`4vvNd9I73~&ff&+?K%EW$JDP_vfj0^;N_vwSN7CRXNl%rpj=SY4C1F7; zmA*#41F__MRVgTm(NGXhI7*_WX&=8& zDRNGZl?#w}$BI&Xp8+t2(GZ*@{uIT{uAYyg1c!MOXkvt14kGb1@bQM*_juLj<>aw( zTQ%-+o3_=h_vYfXkW&%zq<`liW>EGSGr!SuUWq1GC zi{0n@FLw8y{$;Sc|8)2HU%+5%IHzG7VfrV01D@|{OGbZfP*+wcXXf0b=k!Qt<>aYz- zK`vpYkOBL^wD!NZYL-QEO4sT2X2>`}uWg04c1LeDx~4daP*SQL09~o4y4tC<<9agY0)5f}cwLh~a;ir4JU2vzk`O zi@gvemy!oXNhH-|m&G_L4Nb+Se1D3C2zKkf!uMSnMO^d!U4pqN<40VjUo#THg6RR+ zL(yuIzUeuo)So(azZQ+x{N&D3BleybyD9P;{G3btJTPYJju7=N zg2bxF;JE4V4hefEO|u+OV~i8%Y-4m6$Xf4;wvn(;m0IRgzJY2Ylp@3-j@kV*QC_f) zU-Oi2&Z#sui_UIA!8nbhL6WP~ms@gxZNv8k0GSz<1wuIv+j+0FOcMXSGEY zVK_+$<2XDeQ4uZn=~L%2CnPVWL?|f;;RF;JWynSk9K^A{{awXds2mEvJ5mP_rzpSJ zFsDgw5xt|BbCk$Xj$ub0UX`hY1OkAQFwPFtX;0|^zh(PAa`P*a(mACWrHXz(LsRLf`%(0d81pG>4kZn6;y zc?>3qs}w;{M8b)VqC?txMO56UPauc^Ow*nlJ!Ha^UY4^-b`H$(0~JFuCs}?bGeVegbNbs zYD~*IUldR&zFHT6_V-!u<{PS-Q<=J>BvRuvn&AX9t_;_ZqDY-uRqgyv?~x7Vwq*x^ z+=o5{-)!04Ps8}N>U|$RLx~y}l$@R@ZAPDFT1OexB5Mc2ONu~4h+c)SI(QiSZ!1;h*D)O5VNUM<@m>DWp zgaGXIfGZQ@6gMYxwkU#8UreBAJFm3rPQmmc#y1EuxiKE3z)A%(KFwj9WOrS5*meMT zTCRNcVkBApfF$v}W$iaU&Rf>s9=VqUWa)&$NKaQ&6wj2YWjguWk(lPx9BjrdWI(Mx zM<_BLl5cC3z_$juUfuPrO^k0PUv@;qw?)vgD1lAMT>?fZCU?0!&)>eiygEC$xcKGm z`O(WSR(U99r7Vqf+p<-jGXV+lu-`Xmo55}`hb=YMfj-BgIRil;@5d-h_vJT^@boAs z=^!2D&U%!@F-|6za8g*4O2wFIZ<(A9pzBH$YT(%`v`kyx!Wc)8Bb8mXry2JN;qKs2 zp#(-y5(EYWa=I2dzA>%*v!aPfaxCvL2g8?@O5EmYSWlbixw6w_SZ=MW4%Y=+3#Wo@ z*K9ACE9X=D(*7i>wBzqYO(1}rsF`m?@eO^CiN0x2xRK<*JO zwvp`(DxY_{#M-Av?~i<{{-3KUic>@-(8*@XSP=iY`}}#?|MP5bu>a`)d5Gu3hyHh+ zLz2!Zo=iFT`ScD_v;$6(u-CabJNifP8iy!hC^(Vx^cW*L1P5mahd&($d%Z#DyS_4& z`rm=&w_0Gnig#K zzw4YMo>6V)$xV;qB$=FO1zFW6e6`Xm3`M#kHu;sAL|XI9U+0AIvVqZ6$j`-V^?Mt% zuX$NNUdG>Is1~I{%E|Ng4C{07=6liNHgSY`ISu8v?~5>=$*v>Mp5SI@Nq+y<7w zWTm{L`++-FVI(c?T1DCwJ698d)w`G1XZVG5FiX4(y4Y4L^WSIPHgv`Yfp4-qYB!_o zi}_iU!r9pa7PdOL2@Oe1UOu0i4LA9SkRv7#YM5h58$cgky-~ z2J@@zyEG+#qbW(pqclgoUtpRF9*cKXE#j8o3_(YoICMpiCmFY1cB{OJgufGY9zA!>#PLCyA#T z3Rnt7JtYq#3|QhpaH~R6?Gp0~;pC2jPfA;Qx50Y%vitu1`}f`L1tUi+R?Gk`c9sg5 zkcGNHDHJux^CMkFht&FJ_!4Zzgxq8)=-%#j<+%l^JUlxv-s!g3658IDTR?UjPa*p| zn&*X?eEG&ucPW*!QU71n|0^LF0(nE!9L_f30$vdRH`uG3|9|%U>5E7I??XJIV{OI* z9B8;6qoHI!I+CG9qI(BH;Pa_0j8Us>+gQ6upIdl;fTueCHSUSJaC0LnV8Qr*_WZ^3 z()fSA|NJrj_d%Xbj(=;3;s@$lW15%S%N9np~6EqxhPtg}d)p1Z1Ya_4nG$PkW@UM(;q;lt=nVu~n4b-PhDKX)10j1{D0z<+1 z6kax!OG6A<3J`eWe@l{AS?wE6Rg|!WG}ty+7>*oRysIw03g@I(XRMG2Eog>ja{ z$682Z>M<~5&z@RmUQ$Xp2}wKz?~cyeCcQj7b4oAZ0p)ct60k~#k;&lSW`3-wGRr$? zU+Sj<-YgG;C#&PlX~?W#)e17Do@Ji4Jr>2&%q>1tZoO zv!x$6ak}#t(FID9Eng(xTu9TslTHb_2&^J)&tel?Xr9ktJTBE=O9$TC&S*L;*twwk ziytKmM~WBt&uQX(ie5poW)<_z4Vv$OZ{(-~!2vKx zQvxY;D6H1wR+LKe7Rr3 z0uFf2$Ax5;l0;74x^iFHO3yUfY~Bl#@eq6r*4Ll@P=iLE?#*xhM|tY?zZ)JFtT7!d z)c-H`T>Zbdx3~N3QU5>0vtj*jM+P}Dd~OhiKfG_{31QvvzsI@a3z#cf7VjNUF7rW*C-xn`-ANBu3JomK!W7KS#M`M+ByJv&N z+2=`XHh9#8a7Lmd%xETYtzKo(1o6kU!q=+*&8|>GADZFh;1=RoBKpbv_8YIi*`KZA z*sd!OzJHg%QjyNP`a(TfE5&}3l1MkX=X`J>_8Fq`M2#(V>2h@rn&idjM7^EMJ_FkW z+U{X1ZN#;309#dDumjh+Uq8lvZ2GC6{~3oIjkB1cbpyeg=l^GW`_IbpA1|H{9_RlD zc{VlwFEh2+@EI*KHtfefCAV(LRLXIYLmDGKw4;jDV9u9Us0KY@JPTZ`IK48V7rskU;BRffKmVMS+34fPsC$nP6j-+(%8F$x?WT8;w%jC!ibtNvhkuV(0FoJgGS3+Hs~ zCAmR~SG6@|s10i|nWu#DgBU}GtR}Z!t_KF{D`j!h*Tu(JXRUH{#BhqDEJjp9SLLBT z&fA=f^ID2>s~(zhG2!iMNI`}3>JjZ>9S~UcEO&2V>%pf(6QoLeOC zllz23s5R>%@gm-Bf{O8;NC>(&Xx=LI4Vo9GQ;YN}Xr#Fouk|f~tJ-yBRA4{PUVn?r!-jm)okm7Imjt!to4wSSWw-FAB@qTUC6; zLR%Krro~Bgfx=A6Q1zl}bTV@j_`9>1Zy?9gmonE~xF`dDD~(_{M2V3%K9#!m31lrG-__`sWaAHQajW0U5JGbLC3P z?{26?8tb{yz4>BHh0i+Uw1$R6>Qc%5p~N}rKCqqu^hY@9OFV1$eSpH!n~$Zqf_6+lFh+c zT~X$*z0RH{GM0_F=LzW6nmlPjOv{NGt2~il1x*Z=$8i3+mr5En7WKliw-?o?9JQ_} zo{A+TD|bXSvLeV~sh>&T!5QS!VN?5i+S50vSvHcss!Ei-{@}Mj+7R$oxTu%}8xA5& z8*0aAX&qO5mO7ai1^a^n645!aq?oCSuR&=oucF#1q?*>MRUICE{J?fZ9c#5K-8N(5 zL)#mFiY%Yu{+%XuRTYyWwRxV)B|Na)AN2O2Wh5@?Y?xJt_67xQ=*D=A!g&~@p9r}r zai4$NOchE+ty3A4-1;Z3S0|Tm4o*+5j*efw`>~|OC0p9DN)t%u`j8^%%G&_D4osI) zp6V{A=FaJH@OmXK!M&^-^%a_b%{+B_aDH-d^yfoZjl^kj3m+Ulmo+YjetLNUo!(n#@8Ar6+npFFd zVlgY1xc8}^Ee7vJOBYpHN?Ge{WaZ)HtJoJgw0sg;W0=)gN%G+I4>2s;cU8e1|Ksxf z;Od9h2R~labbQas)*;_rgHL_o<1Y~Nw`nCp!^iK%T)ktEEKS&MJ+^Jzwr$(CZQFZn z+xG0S?LD?_&wTT|=bTT!I-)BhyQ(@PyI1CQuR7{~JL+nx(ub3ytDA|ZpOueGGw9aR zizkw6cx*_o{dQp}SE>3F8@)O@YObC}Ugp|agiB5%M$t3mG{Mq+Swm?MYLU444PzF8Gsh_fZW7kyy^GI%*6G)#$7_u{=qo1kiOBTFagB)y{W6LQ7?tkIkbaRBE=Q7zi zptdPknBN_rAC6m<5pD#dw6@Vdw`G`+ClF%oW)uo18)TzG6-%%%U}@?<7Prfz+&C7I zJ)?KG;@I%E;F4LoH=W3EHEo^vZDG6@#hF=s-FX))t5Rzm{|I1}l-bF_DfV1)k+N?E zP#3gEFt0SvI_gE2QKjDA^ExNSKwv*Vd^Cxa^$i)9TZ&Jtol&pGhG&@$Mf`INrS-)?X1_*`YCEacr=l#jmK97%UEXJ-fBbx1TtDNR z+D_6&PduN~N=OqD)3F}Z&8C706zshiq9}|mO=W~IF3ja8(p%}TV7mPrP&xfrwzqw(F!Um(!{cwDR|2^@Y7{c@V|`e-dqqWh!3)(_ z-sc_Kw)bIuJ*vyGrWr!zHZ_ejvAl7*MxBly7Ok-xrPnJx@{ZsTBHa8mY{QID~oVb785rhnh9<4FI|(Zh~X7d4-t#vXl+ zS+CIUL>%LRFtv`mN_(fL^yNlqE85YLfZfHV)w_w7$h52ZwrphTLBDIP>+l|na={zW zuQ@e3SvXKp2KudvO~BC=)S_+yE9IBd%Ao;!u$c<*NE~YmXXT(+a7Cr3Xv8*!KDQbc z&DzG?pt1$0XBRb9TMc{^QT`O3)@;=P<&-M+Gl4)&FM>h7)c%Ogu65Vj0}jQbk)3Hm zA45o;5KLnfD+|<_^y^d5AyMjW)0V-88$>n0hn93CMviQ2Rs)d1uhurs2K(H!sLArj zy7jjo4DbK(|MqF~`T2P0-#+-Fhrjn}2mjppTt|zwdyUw&mTyN*UU)}s6~k~b6HH@= z|14{cxWvJ3jz~2wAEDD4mv}85LDKN?u5p)D*w&%%eZkcK!O~dasZJkybCKbF?AtN^m>wsJC$y zul-nuSm;h@25;?98m~#Q>Nw(D*&13IUu(7GdvP`H>X5v^uB77^MuI!-19YeDu`%hB zHh_go249>Ee{aUb?&^3nV~|E$K{5JFM$0(+iXq$h&o1hS z?5ze8TpRj5b^?eGDEroyVXWjR9Q9beXX_~Bh!~tbntBb_e0IkILsa81jg@PDcdfvhRe^+_2T`PKRsA*&**>nkfrrg zS3g3zRllNk@)KlB6d=LF63x=!oB&DroFm&JS;Qp`f{EP6yD6?==*Z zO{^PdRLr&FVZ;fzht#m zTtrKBd5{(Hw@`n>zpt42NglEgj`RPb>HhJ(EoAw*;rH(TxiQT3&i>i@aGYZ8do$+> z+KX}ro~&kN2hUB4)dJK%wHsVzX{ex-oH1t@=09G{(o%C@&WN5!ZJ(lx-=W$#M4SKf zI;MFC&^VLk6v*sfFA+2{+o<$(4P zYyy}R>n%#Si0q4mpW_ude}2CWSig7<8CWnEoc?42sT4Qyk)rr+Gih~y=+XFa1E_}y zE#VTo1=rbAdEyr)MC5JpF+DpsrD^`jOMCi>{zCuwpO1pQ_&I0o@^r84vRK9DOvdlC zz~oj*zIU~{2bJsW_R`N-V23TMHx1i0uK!y$cdjr4SS(h188I`Qye>M*;m+$;1+~d0cd&kQ4(sF}2|2Kg;O`JR-P{oxuhZz~iP?RxL=$9gj zJcNIeQs=41=uJwRyOql_INnb?#E3K8iFnB__iv;yMm9^Tr2F=(3nVqlb(NA<*C&72f}eATnnjrTC}Zw@+ppj zhgFX-PupXwh0!X0Mi#Stu=L)-)1;*!zH+t?`AJ3PJ0)+oVd{G=V^(ji(4!5$iI4w6lK`@d& z$96Rv>NHDz;(h;z_-3`(F-J-6an!Wg1v*l{r7SqH6^>}ZQU`@E3Xbqh+&NtANckrB zHMSgx$sT5>uf-ljV6~a zF)ZiJvn5by+_BFSH}i|d9#~8(BHA*2r7-v-7){vx0-l_Dm^r_l(BMO&0<7P{XU<3{ zg)eLt$v9@EEyi1caWk2d;^_)dusD}Alc6b%SUsF;Q|CcoCv^Grx{ypYNH1F#p`Q>y zlyV%qJ+EmCU$le&W4#ZeJEL#g#3)Z+i&L;^?b2SshXFO~6k*cZD)WziVhMc}0s70f zEG!W@$t;|o|2U7_;o_*2${?*t^IQ2hVf9H=0wESoVwf#-88Em?wx+Xn?(xq=RyitC zgejiT_&QtnO~u?)UE;Ou_*|5yDrK{^TkYwW?ixT+shAbNmDMPzy(+BjVxpTUbAY2{^et#n3BPr)sKY0j#57z#feuW0cI(U(GstBw&AFI9PQZP8ro4!%Y)X2-ke$X25{#sl$;wf=pbL4> z89B9Ju?jnMjr-zdxb_kd&@)aw@+s_HAw7~xvRCui)9>wlLUST|nt>>F+If|{dS7W( zvf-^&o-pg~KWlWn(%FA9sP35)JxkL9S`uNKdtrqMPxC>4fQQ|?Bcrg+&_sHUjp8QA zIbw`5Gl=meGA3IA_SPn=TBPz%>}H#Z>UnwmC@Xj|sjBEe{l<^R@@fB^269jIB!9BP zpoKe(QCK(f<$!7tBDQfnNbda3qKoGU9S}FKhmVt|oyYUz`26uoae7)$7i~~`$+pcUd@_(saM?vmq5Nr;1b zIzF3&Y?kh;R$EKTb;Bo4Tl3rbe$~jTo2K>yK=ln%swnA^EokeQtBUN;rbt^OW_Oz1 zQ3q?j?9IZO4vl&Jlx#q5ly8Qw&3q3Ot8R^3SW18v|4_XRzKW^KXZ++ta238D{-=jx z(PVcONm)Q;sdkw92;q_DJM_?}t=8J`%bky-r-R?y_2qe5aMEPe!@=Z3(m_djUFyH0 z2xXept5SP@To@`wMr@Ong<)d-SEtHK^bTr~*J)^Ta*3HWrTC+8y(ebOimpbuIY=aW&_oV z64%#9>X-n90h%xE3! znn%%>4mA&|oii=z4yP9CTiqKfJWd`1mcd91ja)_qlk=eEX6??SmahAEJ#Y_>w18B! zw-j#?c2<#1C3Yq;HU~y4*oINVdk&eItt=zy4esR&Gj>)5sUtg+Vw*##EiR|{;3Ih^ zjrI6^wvE=O{+AkeYkYTh+rQn>Og|+x&qRfL>uPf@uGX4veDO(ROX>y)t_!z5wzbFT zJ}FM)v#sBq^MAKq@qB^h7%w;>uJ5R>jwDuHNB<)hu>Fq_Xxs84iU+=P%p}Q~=H>vDdyMFx?qCT8J8M-_r2OROA>rZ)B^esh<7)u-~hXulozrmscGyU~_Bw zsc0xtMpje$8I15j0zGH_|6@X6gf!$Kjrj;xwDuVT&50qT65En)sfE0rD@T{+=3)?q z;a!xByiRt;+=UP0@ing6&wNMy9fGX=Yb9J_uZkE z#xi9Bm;L;xmuYCCN?-(%^?DIBOZass_hG*eys|9vc>tpk$YzkJHQ!Lc9VrPhCfelu z#f@5e$gndgxZzZ71r?yc=cq-9?#&=DlpFSKFCLs=J>tg`n-ApsCAxn*Kj^3D#p7o- zm@^fX_m6qqEIYvsPRQ7O*v`^g$Mu zvC-XD!?x*0A$Ke<+M*U%V*E9e`YslC#OxxM@j!>)jvo3eBcIIu+~(rV?$>HUi`~=e zbcVTppQ@saCzIVcxfgxB^T_`qjE&)6!r1@#e-Q@NE}ZGcpl5Ls;XWZt%po4q~_%2rG#5;&{}h{Iy)v$C>V(Z z_~3A-MrTJrWZfhy`$8T6y1UEevzT_WChb=a(_9mu!kz0n^xUl%C6|QjsZ1 zvqMPmf+h!=O4u?tlgBSbfXxHh(*$3vB91X>(Jd`U-oKzn=G`hn@6Sx!W-ez1BcS@aO98UYotUzwx6uHs-cw{WVX2 z*0ykYHt65{bFZ%W-u>|o*NT5mvM3EV6`P^^Oq-)hnUXrQ`%V|hd@z!dkOrn_%H?~r za&6o`L%d}3Yfe?6?lw+z8{PQZSVvsi$hcavl$@f8QNAwaaCJiwjTqNm&A?0AIER~p zIl#7l&fNON8NB}D7t|vpsEV4~bNu8huh=k72DHCZRc<{5@$wpWi1JrEY)r7~s+Nw3 zZCasdm@@mxSftpxW>gR7w{C|BbTQH)d>mP}nk394r&Fxq^;`rdFY3 z2bEX4mq!)HqZd@E=#RjPPoTcAh5k$^_zBi(zR_MgCuXZdkAp3!cXL!KKKmty;Qc86 zW!IPgQ|ND+UI^g=-&Y~w`UsVcJRm5C-^4TTpA7W0aj$p~=OA93W27nh7Lr^`lpos2 z`9JPX*LzFVYTEcl2d$fi>g^hyJtn=Jh6NIZD*MW$YV-uFejV+@iae(*Fah1Io`Zae zO*;;i4DCjA4SzQ(X=h8So&m{U1%R^_HAK)y1_6*8cANu}WX~Ok_U5WhL6%!_rdstu z%EnxC1|H(lf}JjI?ncd-!CPE{93A8eX(~Ar%`_#fum8fPq-kZgQ-pmb+9?msbO*|iDv}>I3#)C(t!I4$ZKb+Vg*G`WG}ruYQyT}$JbXWOD#i-Bw(XGYw?VJHTVLq(6LsqE(CjR}eMS?D@NKG+tvnC3QTWO)Hcp2%z8C}M#|VlY&M9VmF}I- zS)dMQXouY4aiNfv)@esu=(hyfGx`_CM=!hR9gIAZ(EP}xhQSYfE-&qee=eNc3;xwF zgXRV>k8u`4{_Z?21NLp9kQyZKaSV)u6f<-OA`f}xkncK0VH#*s4c-A{6>@<6E-@u9 z433+KSNg`;{|VWx-yS46=K+MwEWf(1NiJmcizjjje?$2kb%XDg-RC5ToTAhKqAVmB zfjoEh5=U1@&sJFa6@`}Q0rBJO1wbgToXIlWO#V$;dM!K?>vd!mOkjl&o0ck|LC7UzG5oLFoDU%#c7tMDcy5Jd6tC} zgM3iolJ>gi0`O!7Fh&xKaC@+w`M*s}#{4`S1Q#tHY}0gxGhvPXEPnNGf7@Ap-dtVt zkNohBJ>>l$f&_}pEku-ifzv>IS1o!1=~aA576JFAD)$(ac4^CJ23&@?d2iUi)Tpq(1v7()^AU?k>s3?N@m1Z1e8`VZId(#$sJOneGeqMGI|{<<4=PG3oxRfOqlnc zCe|#V%rU_4a@>d%N(fX}ltP%uc#qu4ui*6U-5)>4oojVr>x(ZXR5WdUeNeeTjl57~*BRGy^FvrSS!N-{Y# zsNn}&XMyuo)ibY;ROUM;Ft|CQmMa8j#6+n%mQLO)IEt^Khgj6q6$!;q_0DlSgV!a6 zKn^LFdFgD7EcFSHScu~Qr4&Zs*19B5h9S?4csvSln40eW+Br(WAIwo{eDVUa`=*+?;zhi;?n#5~%k(WMA`-9*af1Y}-R%_5P#9EavdA zM(7mYtf)A84=fa6xn?d21KkMAG1-V9)o=A$$)X_*nv9S$1p#h<;aE{vs0){~L)EA6 z6jnIENX+5nAAET_le3@M;SKh;u^U&eQbpC#Uz2GcM5JFSEHouwdMW8%Bzq6U)^i)F zdFq@fp%hmo?1(@F5)Rcnhdo8<`xK@q6GMPuoJJXPKw(Fpo&C+(&pAj`-{SU5PvEQT za}!chIepLzHPmjt7U4L>97iH; z2_wvs;)Vpg3U_6_2C!O!RIBPL(u++@)gQqD=$xoXs-tRJluiN}r8F>vq`}w~n>mxU zXaxBxpP;h;;R3VRAxy;n)Am9#^XDHJj3h0YIa#SmuD@ziEgoeU6;cz8>XzIyplXc8 z%+24fp)>a#*naCN4umb?7uZtNnU+iL!gA|1=^fJc+B~ykWqu*Xg{}VUI=H9VOsl1L_;>22qJ zix~HeKWgrMKvsLdkF9B95j`=4Tk{J7wluh~6Xp^p3Uj5A%NbllX>VVv@0a3eURDSj z42+d|j(IWqlhf=FI>GS!13l|XkY_x2RDjRMTZ0lh~NwiNxpB_va&n5}KTaEa|w!F*&+Wioetq8Lz9aXOHn zE7(Hh<22y25l2Yyt(>hO3`QXT1zG-17i=xN5)LF2DPQz$)&IGG;SvlF45&p_QfV5c z5GzADV{Ue{ZEpe~m|?Gx5YLPlF{6ey3L9iPt#1`IBiH9QSERc6rRN&_?yr~Zfd2MY zY-R2YFX)7S>!fk~2(l##)ilIGH>F-PP) zBl4=n%FZ&eC61>Z_U(%-o{e_}*0Pcx{ma$i&FnW5k8uJrAX$AfQnWzZ9;PMMrojeX z4+No1+!CeXb_}72YIT<5^SK`zTF<0^LY|I{i(7|4md&pJUojC2v^Lk`+WAUed9YT9 zJSu!2BbSTTUHSouM@~-l@jgR4mVb$w8XnkkBpyqD zvZp5A4+XH|O<+v01pZspo-|WR(q9g24IR=U_61u2w=yzoo6JTjRqc=bi7T=G^R4j> z8--#ZMg-Ct!lEQ477@seGineLMG0~Kg?RA90ND%{k&qcR!eFMRf9qICsgs3AO_?N= z0zn65@3xmb0UP30^I)Ae3{j#>i-k{~AoqxXRKskDZ9eD_gbYeXk)dcj>hGq7Asc>v z8KmbIp;w6v?7IMOgWD_rn;3`2@IFb$lB232t^s8R7&xj969-p1tH9!3X%m~BE%F}q z%{(j^iSLY0@#0~^kN)~A-WHAZT=E5Xkwq)jQO2NtN^P1X6D21e;R*<-Mh!?3sI--7fLn_KNWZQQ-~0MB5=h3=I?Z3zMS0p zR}&cLcfHP)vkH+E4>$wh*USizl}Hm8QercM{l%GE*<$I7T-aPteC|>L%--T!GXpwI zBDfl$;9x7-q|?S0-1}FY2E977Yp0lEa?E@MU>1;cNJ!|~H#%e$$*c%m&LqH!MDg!q zPMFzgG^hB1-V>j2$<2u-#}$VGC+SO+4wPgaph6j0lmv-f0H4!$nI~V+#oFftHI;NS z7^+DDh3Ei(5r*J}UPdZ7`z`z}$QCVYCw_S%{6jNx39DnbaRe5=!X7bgA&F`4r!pUY zG-T@ByJcAvgU1$$)ME6HN>7t+9gC8J+I!3R`%lx$&6VxpNDxPM?;B-(a}yeFgXFo9 zeDcAim5F?zyU)B9-t4hQBicXML=0AJUIAq$=KGH|e|V@gG5xh-3e6>m6CTXySnC1> zc9cp#q+$R9&lTJBk^qwQFd*9$2%rtm{RZ7O`;l_#ri6!V-J&@O6NXR0$rbU>wUE>qxwyw(sCGCH-7m14SQk~|?DP_zvj z5jt$ur_=fUxYW_2kB!;$=9QGi=;CtE<`tv^No2PtBpd=Z#apbBE`prVeO7*i?k*Hn zTV)F{$)p`EvyXtQzxI+vsKi^kS}W{boS?2D%>nbnDPj8Y2(fqE>|%uTPfAbxxTK-a zCflPEyz&W5EO~Lyo+-?sGY zhu8_Hd>*E=v)M<}#&71Hw5fh)>5eUIcECS7nIFZ8t4%pmtm}~zBn@czw#=`*e=Vqc zS+&=cz3xC4M$+zwE0Ap$(otNl$*}j{rB36NkVnxlv+&#IQJ~wSARyrm{ds4*Hp+NG zW%s@(18AP4H44>*KR3mhCrtair0UBBe#?Go=LNNy1;v^aem9I5EG+@5r}wo1TQ@Os z0X5GB8bs`vTI=BNPni`><~cjg9|Z{?c9~D;VGjs{db&3?b6z{ z;jd=)>MW3|lws!KrYbgwqm;r>&oA0b#qULf!+SWB=0r*e%w#;KT$M>>YOPo&M%Sd) zmu;s8z0l?Bxe8#?#L)-IDa#=@<^h-Cf(}SK%tSmA1wyW5g+L-G0u39^{ z<_#vF;}0~(@m&LEviao~BF6?H&Ctwo4D>jY2Bv}5lt0wvFIX2I z2=yE&j6ktT4j{LS6&*6^neM-_AVAmT8JJZCpni(V(R)D-l?7L9V+qETq=C2Dl1O&g z3nGMI1kQ9hIwyO~MvI#5N@_gvG*{raX0~0Q1IZ?p%sdV9P~x)Fl3WVTTre3>17xBo z)RhI_M$PQ;yc%;C4oU)D7pl_)!L%lcHyvPXhc|^~pb0rPBl#u$1C;=1DSTp5i`Pi@ zT};@0t)dBQVpUaDpa#vf{767sKDPEAxe1Emigw|@6x31H7j>hAhYmyXm z$7O7+R+@j2;l7#_Qp~n?NQ|Mx z5@N)|Ke2y-?x1pUhqUt!zqqp!AUp4ovx2dJHaZUwBT2cE2W}EuF6l0BM|yQhmO#GI z1Fq4;2^SjS1N@ErylB8lt#H5&u+DM;lb*C9SOjkZn^e)LK1f?x1i0Ri44~8C$U?ds z0zEZLp>|w;CkxGEP&lGE-zu6D^u7Eo}qkfG` zuLQWOp*>`4(GyE44fLNqQ6q!4Ie14E&?`250XI`Wt=1a%0zjBtl z`f89&5ILSksh?7>9824R(gD?#N%mlWLXWrz4nV+f3LWTXm*CYVxSBN7{0XG7{h2vv z6l;N**f&ej9niP|;R(zEuuX-XsM?q`nYXi@H7F3IuWz3&o_npc|4|l( zcfIt(*2}PqHCTPstn>H`6JWafNNZ8wD+W};0PhRAEA#7dj|BTTaKwX=QJZ z(x!zS^9M6wDRgSnPehoNkDM*chk2`=Yp4td(o{sE(^M9n-*lmn3biaF_)!n0Aii23h+?0%ukn??>;ugvucKwaNYWB|r~26wwa3%XUFZ>cBH_BAHxB}70pfJ`>yFfTrXr8#Dm1dPtOOVz3#^3v-@TRsjb?LUJqbm-NdjOa%Y!TuW$LGW##k!tOR3FU z1DXtC!Xjg>0eeMS27N-_&DQ*^g$XnOj`htxg(J`-CRUveM=VBwk@;y#5C@4h?zGgM zi%Az*&_IsX6-LLWvx88Lyq$U?{-d%%2=T)p?Nu(rXe<5o{xz{L|4yGnrO;NfR+{fG{I4 zUwErJ3CC7R1=0LRqql(Sl>rg1DSlp49vLTIX) z5GZ*93w@6Jm>D4B8k%31rF)PG{W>9)@?kEAd{1{T`LScp+8py;wkCWA_WNqiO#3@3 zFT4Eb);I29#xg}sJA}x5q_GgjQQ4I&fhipi$kN)c7gT7~sjX{`sj|S~20LVxii*D! zyxX|FI{gYM3$)RQxy<@k+F~Me=w)4HK$##8HUaFa0%V@HXxg9IX<-G#h%^5g3`vL7 zxfBq6IIxaT^=-1oP*KYoea{8FPQ&t-!!VW~82#6uceSwy_a3-A5*}D~7 zQ2$<1UGTRaa)Kxg0qnslI}m1wIY_&$nq__}cEZ~*u+Ek>aKhU6+}*e=?G4!k5&<+O z+}}~cxX(}r>L8j8jCsXWXobKTJ#N+1-I+GMQ~=DkLBTeB}e5DH1 z3UvphtX)LH-u46g0&D3BM(Vu!RKqpOzFpq9krFACF;kt6hFuUtxdcxONX?*o4hx1j zsKfnrTcAQuO(8nqQ1DZKVC16CQ4lg}SMhsNv!MK%h&xIPMP|Z&bElsiOT`x%UfrI_ zpi3nJYYRPVKVnr)PU~p5$79jLz>`q8~XmNbLJ* zi3mY~6 zZ?~WsWGz`N96deE>1!HhjiqpL4Mnu+Ea6s9rd_@eBwo^VPItFvF+(Cj!llr`CTuC= zh$JczIwj=gSfJ6v5gL~t(BySe9?=elg>u4A6VxQLak{VzlD4OP*wJ(xG^P0@PlY6A zR)3LF_i!u`JR>COObmFmI6Kd%QpN&sVeLTPHLPHfJJYay;)Xv7M&s?Zjvbewa|bdI zk>(aG5oqV3xo-=!A}~~N_<|g~Ro8S8cq6av55yhlT0nPSYdgS1hLduirF$7MTQt@% zq*6dr@hn0pijVt0|4PdW!&b^&JHj?6DNA+|ZHL&zOrYyhW*U2(rA#0@TF+GK{HBbI zRO=Rc@B_R?T6C#cxKyBP!V{+k7OqP8jI`*I<4hLd_T>k9bBhh%@jjiZvC@F9d73HI zfF9wDb17-!K3!^bXR7DzBAcmlI{c<0&P^S$<3*)~PSG)LtB)Fr*u(ZG zGxKc~1ygC|zM9-3PT;b4n(4SP-*D%XOi(u7$|^If89+P3+GE&2J=s>XQ9Sn?pJ~cn zEHj&Jm@(FYc574H-{XSY$6V!G6^&H8nJ0F1pgOkC$FTr<%-);pOdKa1=U~T$EG3BQ zy4H9n-auVq0ovAVCm+D=!{Se3O;>gl1lWLfTb%CfC~6rC5mmLE57#|&9awM0)`Xb%3Tm$T&!9QO&poeFB8 zoA_MFEKG7)N0R2!bj9l9;IvVE#94WWorKOFV^F#@tQiH^0Cp*xbEX*Wfk$5At|c(@ zFThT$nuS?FwPf-xkTKWdrKcAQ?V@Xi*g$p<_oD2N@!Fi`F2a4bdMl?FK-ch@oLIWp z4*qkW^Agr@sGP;v7{kLa7lxIR=$n8X;5kbRmJTy&0XBt8Eh$*nN~r-}66~?0WLG+%`gl!p z!WK?@&V{efj4VxXJ;wxeX=2;Yh4IdfEJc1tha&nU6w5UsIjd4Y)kLEvXnXk7QaR-a z?_n8Ts+i6bp|oqml1XJP$R<9YI;+)$Dn64M`Xm+0HGEzh7VA+Z{909XiKa~n_Kcyf z)0fwY?++ZW(Zf(j27ib^vgxwa$!nCbP z``-hKRO;C5vR>KTi!Ru)62|M)M%^9Ta#p{@=I`uP(m*kElb*kv7}YA7ypmoL2Rane z#+wV{**W2MFXTB7PyyZ&XVp?o|D;wWFLlBlv9s1aQTu4KwmaY)u(NhCmrFcq^BpJ2 zJZnoFvoen{mr1?;yHAzo6w|KD_6fI~5BHyOC7HIhPQFdev!qf(xBy1PeOqGpCtWeR zrX`5Gc9fuxV*Rz4yR}IWT%e=8QlPQtiGt{WZAx6HT79-wLKaIjD{n1{LhQhsVI`qr zu8{@N0os(TF0{LBteh^3`6{cD2)fYiva*OhB)e)-$T>jQc%)H!NDlDhg^Nl_44rrf zE6Ge;!=tfMSUtr!F9{r6w9>zW*VjcWvqOM~+WEg?cp2)=Y8eDVY5Jk2J)38=< z6y7IUO6+dFQ71O9mQ0HT{5HJHV~!M9J^GYiW{wKccmv5@4z_O9=JK!w`n7di{MC+y zGQSTky@%`#_?NLJMR^g_|Az1pyY_+l?kS{V<4{@vH*aJXR9=)U7Ga1ZIy~ljz3Tw* z#Cr_6r%Z)1t$D<;{Sk8grj)z8=wB9i{3J{tpTFhy|S)iX1a%ZLS17x)5$hh!Wjndeo_1u+lm{i4iqY z4ysO1l?y<*rnABMy8x4E+RnG+g7){P`K!twC(qC0r*76Bey4k)&mM5oh^!ptU?w#< z%kudOttSk~f!ovF>vJzBOea3FHa&rXrz%`qU{r*Jtx`|9y~0eazGujpgv`VIXAN*9 z_r&v*ghT^je6e^)7?-W3M&@F?6)8Ex(~jsv^7eIQPpyzFJ>JzJ+T75B_Go&KENd$m z2jurWJRVa?5!@Ljz^`>d*pF=K33e;p3L(?|+Mioa5NBEK)}F z9vX1$NCok3bPz@}H8%|6pwFujmKq2*ac&|$@CF(6CumcTixw!iE%-w&PM_WsZyLN5 ztEAGoCfCVQ5xUrWSTwV_7S;tz&n}8D$@+m^L;Ce=FN`^Ilq+IpL39Z353jdN=qOqy zLMsk{>P4C~ct)s!i@i$>1S*!9WOA4QxTr?<8KD5W(KEr4kz9ehyMt;uwaiTcrcSY< zN5=qfbIWnO99g}>E0jSD#LhH$#NYy6L|y`vsshrvjsTk1NB0@88{CwtBGb9(0MZFV(UC%O)g}P36K1>p`2Ywt6GEzs4}_UP^fm6_FVa^lXDE9!xp@AEL_jytzRqW z46tHyPu+L!cX&q~kD2se>u9ETR-oPEqX%t#WXE3ETL7m@VN;Tul>$8WY@qqA5p^c^% zoX?nUGVPIPw3BNk;A_HQ`RAEftsE-=z7u9jZ|lTz1=y~zT+#g$bO+ZmfX|q1GYc5s zA;&~&Nyn{lZPD+wI44&r1NZU!%oP3i)^(9h2OaF^;E8}%CN%${&~HOV1%52wL845C z?F4B23h;umjMmd0Hq3IGF}_j8*pU^dnt`)C4fPdw#yt(TE^SlGU@N$QT@6&@-dfDd(Z6*(01C9)(Ud7p`HuAhVV7+7`_5m@j*~8XherJKHB|z!GzYooSOL!9E>sGBbMN1GN zx|Zu!nB*DT^Js9O%!b6Gu0@(cEYaE|!dB;C)Lye>0OzfW*(8tAz&3Uo#Q*RO@*ZWb<1Bpz?GP zhWAG{RkpSvi2o| zlE|1|mkQW%TvjoXla218awX@f$WVgSmAeQr;Y=fr{(W*rN7t4`F1or2SCKxrt5Ous7`#A(O<4+xdnVm;$L5`s|67OAtE<$)zK4l#2 zsf&?DP608hFokI$6@%+{0S4`FXLVj~66)G5avf z`4QKt$0_*8yb5I=@krTu_K1|-u1WDe^n_-Ozr(|G=35hGn36rpWy z7{ldOEdeAK`2+ec>#OC)_pgrw;(^fxJaB`IB%25;5+r;tLyP7ONb1F{%GJ&7xJjZu zp?TBGg6qbKmh)>tNFp}Oe0=C2hLl_*LV6?^{k*`g`e!o?3Q+DA0s0}ihovXDUjejZ6+rZKvOT_8<>%+>q9Iz-q7H_Oj^>7W?1_U8ju^3bIG&o3@maM1cE(S8PACZB8 zLe$ELlZ0?im5F>0c$E(^MCT(9y#I|^OH6%22I-6@?#ZaK$TtBr)X0Z!a>4sLe4u4) zZ^^YFs>mwmCflMUB#=<0`xD|63TTt#i;6=|2%E~OTC0xDtKt%7+Dvwg!_w2i-haAV zhBz>k{Mq!&o`Z&jLxZXyUe}n_t8&Eva!)}Wcw-wl)epDVBfjla+iM9FP_TtoiW^kp zbdsn{y){m$BoIhLhB74DOU5<=lGY4lauN43v5za;8{GT*z4y)S_5KJPo5!ar@Tbc> zL6W-lGzs|L>l-*n?IAaJQBi#2g{$W)rs{x*yqaD23n2kyQQ=f!S?qxBZo#gFr5vR> z6b;d30*Lxnjmtxt#rghbULxIs$m(Um_(GCX9naZdyLCO|z!$DcMEg7B^#qPu_E7M` z<8(<*YBm(A`JW?>Sv7@>7jh^t4mlJxz|JG)lOZ%IlH@)uXqhvzKqzy*8wj-2YipBG zkJlgVSkIVzH#=?peSr|OYz6(E0rsgr&>#XUz>GAA3j7|g2m&4#5CtXZMgE{U(hun) zERSvgWZR&C!35YQh;pw}QWLE3#N|i6jS4SG96m4Je>Wbdd6$Vg0uCAFKJX}8ZIdj0 ze=ftJ@}@cPk_4FGDhto0$yhQaG5Y0DUnFxa_X_YWP*9Ep(Nemv1e9_17y&hD z<;)|a!sAAXa24bB&U^!=rOY4?5=o!U{*W|6#s$%-}pn)T} z>oNzR^r+foCQ}6(PBJjY5II%E<30k&!A6cLBV`0k&j8sG*%MdgNnt_e;gg!Uh;txw(f!)H-P`@cx2PR^kj`AO z@Eh3*!i1ER4wbSEX?+)shx|*#64Pu<@fE+>hDdHysG)L*Op4*p{<&?JOzr$AkG3AR#s^Sw&c0SAVfBpeY|V$VAILg z0kM<;A$+Mxrj6J=WEw^C6L22EY-)<7rDr;71uUgHJP4P%0241CCvf}(W$53_BA6dY_#(O}3aSy2rB!2+^J`$Cy_ow_xrgyl;#^%gl_>gkfXO z7hTQE4_F~egh#OdLx$1#6m*I%@d$A zAvsYS(}vfAkR``Iwbxhez{|)fptf)B?$rM=jO9EM@>5j&bdmhg!+IcugswPPuUkO= zX@y_(=lf;nuwGGmZ9IbCu-tc_Kup^|FhQlSm9DJPj&hDZwgV24Q<>$2cFloIHF>x+3JQmW~x>&6?g^NWd`IKttIULquus$VM|c}UXI?wq9`h|8!`hULz6;Z2U*(^byiePP~h*^cR7qdXh!jk%Z%I&~PUCBO*iX1vI=EoZsYDL00 z$(oKOlYkXw^iP36h9l@K-<3p|WMWfanZdRErcUuxMf}6)(@APsRe=VZ!A;H+k4Y~z z%yzY5w%5@nT4aRGkSU9+I*j@w6;={fs2|M1?qf3LS-YCcpy6jsk~@y-cE0wq>k|^;cPYx ziI^}3^BB*h{0z3KLfaZuKZS5_gn#Shdd>gcjZ-vCp{@0>!{FDMNRXRfq9WmRI8&GA09rsos~2v&_5dx=8-p2+P=9Rd_-{E)@bR;%1rrzrk}U4ogD;82}3ZMoDZk&_T> zbFHSYPh8o<7(S^$rRT5app8jHI1YOgcG*o>=3sRvB%F3(fG!ncMuaB%KgDB?16b2> z@+61;f@tbnxPf(L3?MBt(@*xfSkFA)mZWZ|ToeGgV$Nd1!?{#>Ndz>@-1ImoWMr%n z58UO<^qq~q8U^tcPA|a4SZ(B@4vKeNrjm2VwZx@XnbaQRhnvwfvOGH(PD^f?FD&uNx=b?L)~+5E7X+bqCb&CWhBG)VWj zG26(3V5!GE5K7SDWXdi`U|MNAS=P75ctAcq+pci?c|Qw@{H``E=LeOk;oKFWlk~n> zS^f>Vh{z=p37`3rt2waVb6`EizXG9B$89*9#-h~FoiH>Qcms*0*2nDAEEWkTSlv!@ zb;aO_K>A=R>1Ws@QO}ac?vNyxghbsbjTrChQAC$T-H=AJFTD<|!Xc-eP3@!x1FxUX z=q=N$P!wGo3S;7f&2h#J8Pw#(0mSagfatFc5OQH%U7}27y2zPs#mKa-{&O&Um1NzM-UuA&p2%H#yNk+l9IM zmA~e0^BtDaY8{S7YC$@9U8~haXWEQto||}5{5(UK7#xE*@ul3gjV?)ge`qdq%UTK# z?4D<^mjnl1*$@#6$jQpXnAW93r3uZKUr%}4hQlnkrt0>k!&N*9D!wOZGWNm;T4h@o z2g6j*SBMQ3;Y=Yb#t!*Uel!ln6x1s9H z$rZfU9A3#bc0HNtoM4{7_ML5`h+VoGY!37DV6e(qd4=pSUTnw7ZOnavZn~l+;ad#~ z3*o9N^)Rk~#;hLTZX*Y(GktZN!YB7;uke6(8%?l4L&?iH0ZBW^i`2~@18)Nx0;h@E zmYH|h?t>()_vR+;R8P0oa?Zah#`)=8gx<0XG940*2D{s6r@zzRRyxqdj=e^elnsmq zVK_%4seMjJP-(vpfPuu9&oOkD!syc+4cSD33tv;9~f@z6YX_Uh1y8(}!N9qN~khc2A*} zUIC(sAmK=AhnQQ<-GJ=XyVt3F@|}Wm7oBP;#Bn&iB%D}^48d9jj$?wkn%4+lFb)^f z!W}uX^LWue0Hk3M?`C1k3S=MnlVp$)c=%sZkds4GMatt}nO&DxB<6|7r|4343 ztvX<^%G|#K4CHb&5V6M?RazI05H-Lv*T@Iar_b_ufis z({5I6+Uq@{&NRAu8deLJ4R935njLSYY47Exy}#15_p;O8UpVbOJ?;ID#3e6V!18G*T;&}-vSE!rwk_!m?$VT5N+`#RFuD5WhFFw8czsIK^ zj^F;{^U24fhf9mKU0P(o>fBklk>V^`SD~*uZZ$U`aI0>w#*CME`BAWf{c|PQE44tm zY)XnAGA2*FvFbCWkIPdJ6QqeiW60pOh2vOswk_A$x)^lSOwVZ)psknIU#jDwL&=iP zBX$|7HyT2v0sE-h{z#($eCPl1@kdYj#v7gFA0L0zxATGq5S9Yx=<1LYd``F`dg;CS z69ldZ637>nTy7)5jI+EX!);A?+bEeZVb*D1b4yAFLq}cMP!GMrJfy@bE#LzIu-ioe z4b-DY?f44e{}dQ~#yRnmaIS?nsdEb|(H?XerB|d6tS8Dp+-tRtBlKVOx@j+-g<)^- ze7FDI-?jW5Qw`8FgIiL6C8Jp=sX!Wgz?F0*bryBM6ok(#+SVjR;aS&N|3Z*?%p zlATbmFFq9Yz6+Uf7?q3=1vfzPI%HTs~o`K_%a16ZB;4IM|mCpk-xao`=2<!d|l5$(( zsJrl5|I!^O9|Yh~v2_g4wGd8PEgJrH5gP9^>O)sH%wG>*J$WZ%V}i!)f^c}e;yNATC}_dM zVeO?_SdRCnhjNp}JQLLNhkn@$W)OH-zK${a{eJ)1-X8q7-|y%DJLvE1{%Nqc|9tRl z@A+V7_fP%7{_g(HpHP1tgD)yGkzoF({;N62*V;toT#`td0qTb&4%)>t zWMk@E$Bbddf5B@Z{j$vX`AQzUc1@yna^Xyrk{y*F4KhXc%D34Go&u7TcBXoN5^8a?V7}h;jkCQ3k2k7wR@aUf) z(1K==wcE>IRFDZ*#yvXj9lg|+V;lu0a*7o7A3Z|^8<>%jt?1D$?v8oE~veFp!=YO!Xzu(WE|DFEc?(W0+zm4+y@4ct33KGzS06gt| z{n~2DUeE=d9)QP>RI{as@nR~0>rco5N~^WrlVrxFLM`=Kc&L7;P;BlzjBfq@yLmH= z+6pN>2NPAW1=&FxZ3Wa%Q2U(B+o=7+yLWBWR_v>dwn8cr)c*ePeOvzTf44gw)cyKZ zP5SrWyZX7`q7h`17)%(P1TVqw_tc+|U>4G7e5~>{tDj$~>qO)K65AUQ^9~kl!mpGf zZDelqLiU`@576(wBk!Ed(buo7G~OrE@x`T7?)+>#cHM}ia#bo$tEXLyGd;<1$$yp2Nfel$FNws812kxv58dKEPB0IywU4rco83n>f^1@#QuA$;J)CMk*bjtH zHNd-@w3juzca4p+dnONi8@1JGxse@Io2S-9M~M7}AoaZ&Q?DGpHlrGz(;*23$@Z%7 zWtm=8i%hQ?-ZijKSj<8;p8rUe0KL;F-2nGDfO2E-W}2$`BKJphWu2?q*(cs67)pE5 zGJ(*?EHG%+lmCtqx;)y&EXa|4pG{*Hktne!ry@Ej=l3@9J}OlvW`T~n+=d_xPH5z` zQvORBV0HVGbU8p2a-HNq%ZY*?UK>4byfw~h4TK-t^`e6p>Bh8?mwrg=I*@Ry1L!)) z%Y3)33P31nS*Vk3U0A)_g`@+z;8 znrtDBa~TZFf;ru1PyY*bI_L^TG?D@o8uYVdS`)O0C1{IG<7Dn^aVK9D#hgaT2(@t> zd)dQi8y%oO!=x-a6ozy7d!ElcJ}2{S^jJB3AG|0*hWv~kD+UM5PPZ#%M}>i%lLd{h zL-E`ioucfLSz$TeL7TgXMUU?T8Wriq=An^fi|XGFM;t82??F;tA0y1j&G()WrZW5= zg%K{Vt8~jr)wg4J-?_)PF_F4Hi7FvbD{{HU#3?uA4HKrO9POLoLj~j72!yERS9cg8 z8nB?Xai7~!{?$lp(ES}cpTU8d?|9u?WaMvr|04%Wo??3DBDmB zooYZnoWG51=N-B8{4s6qnO@8Ql|8#OM31tb5gIWH9sP*2m{WK)Wc_?p*g_TrRPY(N z^$cghm?U1aJ&Sb)I@@1n=LDHv5Prm_G3Erd|7+mw47&YxQ9h~01FvH{1d#!?)sVf5 z!H^_)(9VLjs&3J!xhkx55GK9wW>Ctd>uU^0FL3&Ci`ghC#MHnt3ef`-+UW{Eg$%=*B-cx z>#T)YJwWZYS^WF&50BDUj15l}A7XzAdUJiTNDVkkCXDN(J4=DEuKD^vdG!8eQvmur zSOR|6M?DiO33XLV5MhHqjB$I2dXRpZlOUHSQj>4 z-*$W?TqUeqX)`V!He;F15Gdg@;M*r@gf5*lo{BUdS3?Vlh&|h65$yL@qbthB1hZa# zk%xhPzL`xoyZlOVX-CZ#|MwTGVBX5BU&uwumvSvQ+~5f;<1T{m3&Hh*k~HfxLif!_0iRnObEWEcRH?Wew%w8v!H8&7^b-QZ8yH*oElkh8}+mbb%$8r zf&@CKW*Q@O*W3Mz*E&R(c&?JMn85nQ+Lu^8SGA$s0yK*f8rllG-mceI@d&aue%XzN z;I<7pqO(ln$W1QR{{8FMHgW^^>*um^T9C-ajtv3dI2n^KaNBLdJR>%OE9z189MIRV zHpwOQY*LoUb)OUU!q?QL5&ExPZ&wGJ(Mg5dG)f2`VPB=Kgt&2SmE6T^J$?ECqMn+x z2#^~^g@#IS$i`0un$n0)XHnU1Jbl{Gex)<(ICIUMKL;}H-?uJ4^}B!lcjxJ+|M&IZ zPrrVB+(ug&@SrP{FdZY=xs_kYXujqB-{SjUH&n`M7r+bNf9^cr$-V#F84R91f4Kj> zjdJVvzsPc0hpGl7QAr3S)HNPn7sASc-!LutVvZVH(Meol- z{$D#+H@|nzOf&N;TtO8_P~9)zW0NaNeRN(zvI}$!=x%rD6l8t$781>FrGfqrAQE;K z&y}6)WEO_1l`vO8otncKr`2;u(u)0+r*g1e{cWdHb!M9!+03jQ5!(4(9wC^XglYa{ zxOk$&F1ZK5g;6(SA)+Hlk8vzedy3=qEudpVa_8^@;W(B%oB7p)2=3XAGsv|}U-^F0 zSE$vtr_7^b4bu!}>o4(U!(p)zE=7zj_hquvaR<;bj}-?wNM)vSg=P``&AiH1p?e{C zS8h6)*{qKWkP95nFr@g<))cAo7%8vjs2AwN+7EnA@n3MrOXjoqsOzu3W2`s-&g}Q& zQuB6^E|k~16*5t(<)-x2583iFYBZZ=j_S9jSr41C(ezVk z3pVE!jmC@f}mPMv`v z+Q?I3^P5o1i@Z=K{K9&}kPUk~yQBR< zKz6^w{qLSV^Y_W9KOFgcJHy@4^WA;_`R<_qeE7WI@97D8WA^Cv-k|$>Zx7ieW&Ll? z{@)h3-~6Ss^^2$f^}pPIcH#SB_rG!XKfiSU{TKZ${h{-;BU}8XQN71!4y-cTiNTYD z7uprBqM}s<0uTPbZJT;;AcsAUfww#QCQN_Tf9Y>0Op;miP5+g@pE_}FqntkNMU)4UH)11%BV-bD znwn&~bt;X&9m*K?%o^2u%*aG{5{D zPeaFl$X<70eIEu%ry@k7gp5hys_Uf$oO{ppVM6R@36x2neVW(c?z$;LD1={4iSoF zU#?+K9yKYys;z7n#*kGD{kb1q?`{by(;dA67TZiWL?Ee?1kQLIE{ ztG9cdD9`SMOF>n83`#m6MWhe&m>{^%&OSg{Oc;#s?}_fEt%S)%C|hjiAlg>R)4%VQ zc8)K2$3rH*dbf84oYj2V_0o<)ECf)SYr*q4*V~eCEjF)x53vGxZydT7xITfziV+^e zjkI=Xa8hmo_5ASq6mqDNpd}m75%s0$r4o;l#AH3yfN`6*-jh+9Dasv9QYuLIK9l>_ z(?IS$vK!iUyIH)svhO#lYsm(PNK)m+>8V0}F?8Blc)j*gGpg}YQKV{u#gAl;GF`Xx zfbheaR8!PdIG1F;QL_crvq1=xP;{|BCGCz&-tM&PKa_>?zm5cXgZICCgS~wIzvuh= z5BI;fQf^=VcZ7M7;3&X6(3y412#`iUQ!@>BTpHY1H7dp;t@r#cjNxz`@O(DsKR0YA z^FO`TK1 z!D+y;bf)(enYguP_)bYg<4!?PFW<+~sIHlvlpSUEu%?OGMN~ST**_&>XSS}ie!6+t z7G~cv+g8}F(k^Y<$b1f(I>&&lxb!-kP@7Jtvjj4Df&ePTPk(~2$*%1|8hxQ-8N0EG zr6?dS{A`69YLX3WTt`rxXz6)s()yX80K7ymag<1XJ7g?I?1FHlIx`8wm4RNnK2A-V zdOJ@+BcC9eJc00+b9j>z8iR<@?K#2cZkF+FqyLL-L=xX?*{t=@5uHjgPtQwE>5|h# zrE1O*UFTsdZ>gHfpOQ@Fo=i!C1Ds$DI=wU1ntd6B*FjDZoMp5XQ~!L0+l>W5%RA@_ zY~26C)3B6Yssmg{NIPc8>k|3piFGG^2(nH}wJg=Svoh{OsV)oUe}xv;5&sv;|Ihn_ zy!^j6*n5!wZ=>A0|L3bOv19_0@NHT1-38&C z21HUvK8t+xY#07Xr>C>gh<-usZdK~CBTl45sqS=PnsUzO<_~L;WjIf#uDI!<1!$oz zV_gDY!S0_$JG&6|ZzF+SAx`2D`vkTB(njsi?bR2BE#OA8Fr1^`W;m4l8b~<>7VAmT z26~73i5x@DT-bmQf=!8gE0bCcmDwt!Q>rf^k_i=POM~j=+f!K=ZbD+>cf8i|$h-wn zo!F2T4(w@q!2xiGpcQiRdbag2mlX?!M1v>hqs0|dr?NsLxVt9A$C35{Zj7(aJS{j> zFIk>z=bHI-=?UhsFw>hFcNt`>7x@<=p}M6akw4!^T&y;wDr`)b=OCt0LF6#{Dl)C7 z-{oit6#n?AHCcl_`O1x*>T2fX9u{ZNniEr7YYoT7f+ssv)1y-=I;WE_`+Du8RNCvh zkJMopvP<_>9iXC!CAUz|9GL=7KvWQ`=`2iWH?8ETm54^jXVW3PK2tJb6Q&IPlyGKu z-D)hC;K47~=hC>6kwH)-{o>Gl4){c*AZp4!%GR0N?g|YrJyTvu)Pn*Lz0OjgxTgHK zQ2tM2^RBD|EPDU{?0F&o%kD$|_uDDoF#o&3EVvmZBIyCAMr`;i@e?$}+A4_Am|l_r#n3`}ihA1GdADswNo9?A)<*3?zdvoG_LNK+pUb~@zI#L4s9hMcjoSPDH?-X` z9jaC2yW7uo_t%}u?gssxJ=3B5pZ1jcyy?7mas%z`KfBJncc1TPy4(G3ulc;i6o+BM zdGF`oy+5c1P=k3t&w=6jv+C_D!kYwiHeGSzy0^8>e6YV;y@Q3RhuFE-S%l(VKZ7a# zz3ZX4x1Yh3{_`bJ{L3;E-^osVum9KU;dr*YXM?>ZaC~Q}neSzX`mT-)G?@9bYd8!WRs|8CjRk}Z`FGKtGls&=ewHKKZkFf@lPh4mdAfm@$A&(EL#V)wN@&1QKe5wsxr6#taI?rb=5_$ zGC%Ze?4ftDiovUVq~&bPb+6+BZr)kL@A}>nJhYXdtL;;8A&Ve!tRueK@VqK)rqZ)n zL^PdI9);A%yi9oqo7hNOzs^LWFP|;&J6eAB&o40#QU`n$h7V@&7aEP&LD>T!9gxP5 zkAxG_n_?QJA7B$7nboUt0j7oRaAP>7a6AS_b?qV$&Lt_oBxr&!{$#g7_b(b1u{PC*6LOQpiI{<^7aR9=qk2b(zIgyK=N3hGE;chSMWRUP|F;fLVUIsVGl%&dIzH(K&ZAFt0*$R668y0-+z;4}|452#XZK zO2fgub?zHwB||Tu>Eh!Jduef0c5v_lc`%xLY)ei}Hq&|G++@}vQU^MFX%eGy($rNa{Hk!@qjQx>_ma7zKxOlt3(@f_b6sV?K`n3J|*fF0#wQ- zQprKAi4$$1rZv;ZuS07d<`jzO^Rm`NM(WC>yI z{NYh8P(Mo#u}fcFsZ4@&f^`FlTe)=;O#m%Wb;Z&}?|SGx(4BDZkfI#8^okGRcxp0L zgs9#=O;bfoe08m=m+(Y=c#BQ@E26E+PW3+WXgY4?YQtz7ZBeG4x?W?tN1j( zAunZuK=wOjF#}5?Ab&`i&oAvii(lF(U_>Q&(nQh9SL*vOQQH8)%q<`NR!^;B=POoT zQQHaWQXXEn!C)&5WjoIX+RMew(uoYRks-~oe&L?wsvtv;&8ylIhe+f@qnG2o(H6{h zn5gKmEp0Q6wlkxWqvC8_VJZ;cc%|U(#Z`5STk)|ZGPsJkUOo{=5nWe=_v*QnQk86Q zC{GL9xy?UKxLwIs$Sw&-Tar^9hVcZWL8qhsd^?*GPJJ}!psiUP7i(SVFzKJ$Rc8k3 z3!l;gC#Y&b#^lR;<%fG1hOcP?=EwFgzx?dL0^*roNx57k9PKyl+>IOBwvb3`IOppM ziOFm<3Q3Nj)vZ&)z?P&1QCvy1#zvi@mVA-*j9OxE~$VQ_yW;HXQ5E?oDmbW0@}c4p*ZKVmI^)2 zNBxLNQ_bmIQQQr+D!7ZP=;d2m6PDDX7fQEg_pR~p!bov#=f|5BwsMc~+|jlw#4I;k zuAXwGjFp!tyzDj?`^i?wP&Z9M%FeTtRW59o1)7lkv^WaNrMBo`6mxPx*-R95C+sTW zqRC-bH5VQBZ+3c@#O_7NZC0DZc8ZtDHV&i?+O`2OP||KqKcZ$ST}fN*>1 zq3)FI4U+Y{iV2_KSSTe;_$;>33iTgCJpqZ5x;K|4aY0ZvFh~j4C}`J6i=Q{ueH)h4 zMvrkE*9XQc4p>wv3+^QsM#CaJ!hCLi*h)Vz75Aj%?PUA+-`i*_VgEnDBHgf)vCw;J zJ2C`6i9@vI<3zUBzF?2N_awv#y&$Jhzx(y8RoB|7`KjGOTRPB-f@7vtTaVVshGr_a zfXPYd0o-H{MPpaqa&}=%-_@=#y{D}=FiWiLlq$uf%~4v!W|Nap?wN@L7d-&hK9Nf{VG@_srZZb?_ewT zWDOMq`m5yASH_#F3t8dvtnm984Fg1?3v_|Ga{5vJ##n{nSh$fnpr~CmJ2Rbktu=q~ z*5tZ!?9T87eB$Gf0&5ZSACMwis=s={P7AnJJi>zfP-qIgv71jolpn)Y&MSLM^Y>KM z*h1=p(?gvS{TTjC?>Z}csc_XzQb`;x!!%b{JGgM?YTZq&_pJJBsUueCIJGXz)oAA% zX9vA@_8y}AiUoLD@^1L6{O~yEj*t^G(vb=-+)h8;5=W6(Md9G&f)W*&Ly}Ie@3h!R zJrGoOb3`L#M6Smb9w8a$Y3phgH0Un}=MO|IH3CdNwR^?o|&&hm{#Y1r5UKSHGu7HD1SV7f%KocRu;?Ls`*V`&CRP^u+6G%4m#vs4|o-xLS+c!yaOo1 zkfRCl&&6ztu%ij-?P(h=3Bom?r^*55X?l;fb;P0(9lycxws{vZVjMD<(g?*Y6Gwj= zkuMTXCfJLKT8g#=A?VTIyWQu{I*TO=Ur+dho~?zensK}5!cB-*lAu+)_ z`_JT-ZHD&pP_A1R>VKD*%QJc%6>x$6_iX=p!Tvkge|Z0WE9KVpzn>L8Av|QW1kEJf zN1TNrkZwG#BhnTXb^Q-`T$3;HJ!457O)l-ty)%PY)u|=aJUnb8Cxv@Q=eW!#P`pyk zfoAe|!A)9|!1tx_T6lg!l;w(3aG}oK*2&zaGe6 zWSy^HJKIRhn30Orts;ekp9g2rIGiI+LHxu{NF=GoQO+Xua2lRx z+Si!@^M$9O0BMo0Q3Fw75OA!bu!jD}|P}S@e@Y{}}i;iai z5EHG}X%Mti@MNC`7nhjY5(=N%IUuKw!Y&kFq|Q_oPlL1BNQ*$hoT&Jc5)lg!5@>76 zpeByclF)g4uC*!9%az8ToyyMyflD@!M9yYo^^Pe`gBX$v$TtxsG(?zldI2PcWvPsw ztB1^aN7x&Beu}2Kd70fmcwzUfTTB^l6-3v=L$`FjD&YsOVhc*~#55{J6b+hVlQU9P zonV3VtjK-;XStsZUID0&oU)j1z6s|A{#8Rj2e_DVJ~x>&h!l#Y>Wu{0q8g6RCMNN zSMO3~Bb|BZCy*x71}8e&rN&KH0v$2#2$>%GA@g@8Hm|U|-Ht6mYzpF<{aC?_eh%|95Bq*~9(st(05W|MgQrA_YfqvKm2aj?khi^P zVyV1T{8s(|I#qxc(*UD`=H4)yeoNk1m*<6Z_O2!a!|V$UDdux0j*0SV0mTw1tG;7r zJQwq=mbfiEDke~F4Y~RTWMkp9yIB`fJ4FX$^05NaKGoUE$60e<0hih;id{DDXk8nx zPj0%D<@VlCxAIMIz8P7CyLJ~`-+<~JF$=4Kea6WEUX+)|f+%xwxh~wzV`R18OTpY_ z1xA9fvVu+vf9Fr1yNCsQosByr~kc?$n^62wQGL{N$-sAXBJwi`9aKz>uG&vjGNK1O3ph9hY&sb8SI&$YzJ2PrYKa%|# zH*=?tnf`fU`^D;Oef#(75Dp02BBweSu%N*;)>Ic#fu6v z6#V?E8qJomm$x^pqS!|4hK+oAF=jL+r zHn|)}yHhqfL6Qb0xs)s|GREne4Uk^d?+TK1ZCb%KTHy3V9&B$-g^l&u-az;ou0?HZ zFz;1t0=nDHw!P^^EV1va+TJR9xvuR^cYDWeZ;dT9RTA_~T4>g+=Txp?k(tIhP%D^e zZqy`Nr;=>$)?D8%YPRg=?V{h>z_Xw%Xa9rbDoY0fS>*rqY_H(|)$i{<*#B;$d_()+ z{Ph34UcccllmF-2oBd#sH|qHXBixXgFAvP+jC{~~Ehav z+pDPI!-@U_7`48&uUCe0-YKinH}>>W2>9UV^=)iT3whr9EKTcT{EO$jiiQQ9ZnljH zme6>&SG6yd_HkY75_EdUZA*=f7}cWNO`0%n=6GG(a-q)EhWm4si_sgmo6SvxmKxra zAJ?j7Df>^%L^9@NStHN_|F6OGg8gT=|M33rcFMQ2|C}gfx(OqYgQs`K5|qxV+8mVD zxt>kP8S7>YL*)Qo$~xq9am_F=B|Vjzh^%&L>$~dL;$9`SH@}M1(6L|)M^~!xE-D|b z)Ue`Znaww}rWC7{Lbh7XFIKPCYfH|?nnKJJXOT6pXb3qQxfB+YpQ?8H=HeFYS#fuRvAA?S>!WTipqHd{`Cb=vwPt$fjux*@@=A5v4MvyBH7!7y3Y3U* z$K1t-x_ZmnkC(FlauU!L5`its|FzeDmb3p3p6@;6|GJg39{cY~2H^J+n{MX$uR_#2 zWBY~aRGWR_^YtvgYJ{6H_7;HI%q**#HM7W8I^1PCIVW@B#ZWib5u_f&oc@OdI??6A z&YULRg-MPH86m1|*ol-d`P|Lt0Xa}}>u8rbQFIozDmEa$l`hSg2CK~Nm2!0xKd`*9 zxZDe@=p-0W;Tj*80+lr(E(VfYwJ~@yv;0Yr!&x#}em`weqeazcf}AWh%{yVuPwUN6 z2wlgMFazys3#whaoWB`b%Y9jso#TI&!?qgVIk#rDZ97YXD+gZMPtF~E^9|RF%utHJ z*753crm&pxsl1PCYG$g_J85!K98V>WH;R~AePc+2MMg8u8`QDZCWTb9{pxL2ZQMPp z2ffNpZf{{!3P3r3=<$g#5EV+EGXxy#lwMk9K!1OM278^xJ5efjTm%10`*Vz4F6S{s zJ*P@TCN5TYx-6ytyG&^bE5HK% zfA9HjUjN@6>_5E!yOr|o{J*q1EbD-xKO{w6U&-!J9}e~ri$?vvBraQdk*{qMfWuGi zDqY_?GiVX1+wW^Jxni`zdPf`B(VB>SRg#{{BV7ucvLzH#N9VQy#SXJKt1LHie3%d= zis)RKX4WP>qe&L2S1`xZF!S0mRrV_EDXCadX-_F1SD-P8ApLL9YyQj())BVdtL@hvs$L4sUcaeFa`}| z<4Pq`n}si)@}#giggvq_9`5TGaB zt`v);y7l6*tgfkmoCS^oPikQ)YNWgG{AK`HfW&q6nsWKyn~-oy#}VUX4Kn5e`MGutk5EL$%D;I_85Oi2Df%BB550@RIbspC zlv6@6;V7gL@mk)?)6b`pJ+&U8BfwGg@#qunjvqq^$vQ7sq*JI9Ru_P%9%}~h3)JH>-ToMx5iKup7tM%v+`tbU1 zFW&I(~!W)|4bziobH^YThL}kNhCK(JTy=Gb3C{n^x1gl5J4?pCk+!`kC=CXsb!Q zX6#(THeqNc2x2piaBLlggcQSL&Vm`-GW;*}fzQz=W$r;AaP*%UI!tS$Bb?xnjnj?R z!0~)G?U5)UJmyr8&Nc`#=?{nm6gprdyPqZfs?9x)5<8(*3s{R1d}7WnXg~zQ22+ed z5=}@L6E4u@g!&WY<4B5JaNPh8D=tXLVib`}jYViC1$l+T1+48D)`q4y!ehd{Rx68y znE`-Lefn`WBsh*m+S|GQ#S6$qPa%3h;*ia!QW%xOvFaZFWFrLU=}7fYBjkrOkr1vC z{)7`y_XSOeXtlaXj>jXC5P=5X&hB4YUDd&^_np`Oi)thFP$K()KTl)gQyd~1#j^wn ze?q1hzC1$5Q#>Z`8B0=}HAg|BS2B;u0TQ5gwGax3@HqwD>j1rkbAn8DN2#Q;Q>kZ# z%$K@X3nB6aPvejrAbYx6E$0+280x*P3D8sh%hTZYtP!#ojcN3y)k^SqQMam}1drWr z2HxPAH|PdrNO9C1^t=4oZmSi~!tjKJ)L%GP0QP8(u zori?k6EL$UPqx*qmDCet_2bc7mYi@RNR&KL^HKNxBApQC9M4+_(S#@~MEy*S5*^Nw zFq4i{ClV{|^z}GsD}CvMg*||xiFOMYr zD|Y`8a<(72JJEWC)YA2gfbPn3bt0+0NJ!+9^knIa;DvB9x2LMU6nafxo(lvC$5u-u zjN>sm3b7E2aPuD%CX~S?odNs?1NmTrKC*B&CFoRjgrKKwbUZS+*Y38rkvq&=U{&q5 zrnvzXa-ISOb6}T>T1%!!qj6@&?QXl(!oE+0c*6p+Xu5|`6HQr=IviKdJ2TLGf`gwq zO~^ag073t=aIjPQAF{*<-~EHOT2i4|)bEM5@(t6C3^F|#PFjo326fb?Kgw)}g6kvX z05%7JM+hJQlYRthm@}-!*;g4qq7-dGGFh-n*9vF+k+gv?v)Jie_kK?1Z*VMSzk_^V z`gbb^sy<`lOUiRj=0N#@5y&r*GqU_hqpC@$`LiKtYIVR?qL`iPBjir@5kl6MC@UG) znjgvBf>Oc~7Az+=la%UbsX$+9KTjk`Bq*rFa26r(byN^;z-qWyx-@Dyzx%jG~vbyYw zP>6>l)Eo-Oar35X3*W`~w;8cAaJn16|Bmd#3S;iQLc?c!B=YT(&97funMDV2n6B9K zJZ)wq(Zzv%ylm8plf%=~pWnTIX+I!kTl|5u>4Ebj(trksvr+a-4Ydy-`I2OGvTIxr_xrbdMcf~(a7o-W=ItWKz-wO@!`>W^Bt;rA?n}U2Ss22vb`NJ_tGI@fnTU?|UR)Qfg|I|s`b?KWWilU&t?miYVt zkIg~Ah(G4*8cn2MfQpC3(YwJljLvpwlV?!C)m23|tTl)&qjU4S-;f2Z1IU=%;whaUdlX zAR!+Z8hCxL-)en&7ooT8f=q{mqrvVr+Uf7~x0MQgv13fx=n@MADu`5%Ml_;gLV{Gq zAJb$q8~%UnTwib7HV}W;r#Lvk))bL6*n3)s3~rjC#tM6g9Rx)m8cI4z+$2#WDZBpm z!yQRmPKGQGd)R~dP#6+L-v2xPjtzq!WV{|Ny)ahT!NjVJZH=)H3gg7lCM z`nK;=Is6huG5oG^%V@fPXq-Hx88bW>gvZm06+8$YdUlVRM+e;6ZrBGHNK2@2Aq>@K=jfx6?0g>lx$iu3S&uH4tk`uB@@mG4`XU9xj?9KdNsG$uvr`AMt80g*c zHx%1%S+Jb$-*VdoYGELw;$7(i$)H8k*CInJbM`2%aBJ173Ogjt@5J8K!IS}NJYa<* zY|Pu(4H;{J+M}47>sja&|G>q@vpkdDKGF~6>MkTTJ8;&Lj#TM{$%v@=dd^JnT$bf zJ6NTqXiTcnsAh{XkvHXkXK}BLjgO=_O{dr66<@>6KYoxks!H7)jENK8Gu}>PtNhPd zdd+FgU%re+H#EP?Rlk2nY3xUMuazir)w&Bt7Ih1g@ND8V#EK2i_*y6FJXM;4JeVOf zvXDYc{)0n)y8?!;@K@sJy~t|}gj_-R-%Hcv2Y5phCjQmr@?AvM*NQzGGR1GUA`TGv zEytb%NUqwxk?s&4l8;{^i9Y)URAvRo3}QB9OFs*QjUpE6PieZ_?GnKxCQ4Un<#Hje@Ts0%gm^K@zPIPc{!=nS*s@4vpxlK~xBp+M@2biI2LK t#${X46;UHwX?;w6#!m9TZC9Vid7Q_2oX3AO{tf^D|Nq7iH6#GY1ppko8;k$| literal 0 HcmV?d00001 diff --git a/charts/wordpress+valuesjson de VScode/charts/memcached-6.14.0.tgz b/charts/wordpress+valuesjson de VScode/charts/memcached-6.14.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..af49218f961439a6cb8b1dc7001ee18d9bcc8ed9 GIT binary patch literal 40339 zcmaHyLwF`kl!as4w)w^Ej&0kvZQD-AwrzK;j-7ODJNc&n+0ABZQ}xuYsuuUWbb%=Pz_gS)%I^>yzj)MX8R(tL^w=sFjlhkf-% zC-uFca77@P%8ARzC70~m3Fg97KZ zv>ae8adjy8hP(tOLWa>1VuK6UdryWA{lvvA;U)dus}_7liGGhf#j+$Txb8|OEo^Js z#Fw3Mm+!TTJ11fQNI4oA(x`dPNV84P9C(bW z#zI@9(^mr;G(q(dQ@Gb0_*DBBkW8{*oOlqbK*0&_O~V}cz^KF@@q?kPi7piV4+w>t zE3<4Ub7~p`hGS475bD*+lu5pElVJ0+tIL;7gaDRmy#3|3rg-w0gTPScv z*{}8`pP6pWV0a{gkvjtyFqyq9BL7qlOP#v}I5?a<>`Z+LiI?@#v-cM=sEepK`57pI zJ}E~=1!j^Q$DWm^;L}(+$`%PB2j);xN~nBis>;iF%xR`-G$S+EvV?G}#cfWFb1#T{{1AwgFUr>E`HwsiKt9C}7(5%?pOcVYJL~lX{U(kl>(mL!N8=5L z9VZE)MT>NLTki3#UV&pYSCh`6f^lv^gu#S~#KjPt20(LhOM&!?$L?$PNwiLGf~3$) zq@nEBnQW32nFg2hh_Ilj!V)xns}>jG=yCdHvV}*2+~OTT#HSRAf;W+W9Z%N;ZoZ#b zab% zBbl18Hab7#;cUyDIZlL=&(Y=XG3@SZcVe)AAexxEfp1p+yTDV>+XF~$JXz@Xdb(rs zFKy}Svn};c{OpUl8>47dQ232nSpPQ*WKUHleEt$EC`h8e5HUP~EYq>}#qW3RzOgt$ zU`~mYijuGyo91Ng$C9*=@cVw_DEn;usAV1R5gQrg#ac_2*Bl%)lgJpaE*M7$F>j=l zV18J8f_=E-AZ@$mv((@rYrvWe6S;Fwy11Q%R9k*eV%jQam_^EwOG2%DoR#D4@MzqtK)chYXZyE7YbJ z!Hgwpd#T}D3wOt<-8O)LcZ@6K-X+ec8mVQol7FX5o9YD<;;GLYP*BvLj<2LjBghg& zo;Dla)@Bp$Nq*a5XfiFVK0w)$O{6K8snVMVHIT)E3)TuCHC46W?BP%n5R9-$KIR8c z^6bgVPAraFI>Wh@AHaM*`yd_*S!F2&63WPFoFc(&j-V>x>&5P;Dl$1jDC5!lZ5fD^ zcr(mXC~%{p8EWl^j*T$X`rOsi zNl&zG&XffV8ecO?mU5IgQGHc#u&-_vhsHUhf+5IBUyLvi>wGa4oh2^U!is>F`<^z` zf^pM?CK^m{2!L5g2oUBQ2q+$!Q^d9kGkb@$~qNo>3yI{QWOt8=^vKW5yfiPRt&RN&1D_-wygV5kf1_>P`zqL zV!U{?H=W53C2gS(4M58|Ae#84y%1sFU`@|;8nQ9T=GZXyC$`ppeoRRwg~M3p zD8K_e!5-mzr@(&}d!bE9*`}k}S*wjf(gU#4L!&1O?T3`z|5>bSWi=dUQPO9}0`slg_# z%uq8qD~{6+o`0-6?j%Jzff*Y~+6s!-r$(MX2!q(=rYPuN>Rs+u?=Sw>e_^%oGU{4a zz~mJVPPJh}aabaxa$U1YjXkWUjH05i>JE)T!rAhK9hxhe7@Yyq6pmY1`)49NomnLo z2`wmWE>>{?&c-!6<%bB?Ohc-MOL)%NNgq)lI60h7VFtXUai(H0h}p)LJ%(Z_$~f); zm?Qmo8L~4=N>xW&qK2xKL#Qz4LGpw4B%|uAFSaNY&%gRs7t}xu2gTYyY&dT*O{pX= zM>}J^H{R1WRl3+XnNAj-dIUj5U|R)iF$N+ygDRcU!w_Yg)B&MksSn3DI946poa6w9 zyKQYS+JG&_>B1xi@5m;SoGQIA*;!yNwff$h=HeTrA;rchS8=1ack%Xp5SC;;O+nn0 zgYY{2eObQOuk!jPn#tP|I2Kd< zFm)pv4ij%rutQdAY}YBMJw?VQYCv;n26K$Pw4M>^OR>?d_U7?dE?(Vj zJ*L5K`r?fj?HA|iDnez*kVrN<=+4O*4oj3pfm!<@%%!)=Si=>qSuk?6)#>bBa5LLv zXdbpbWhYd6#HOK#hl56|qveZ`2vK%gdNGLWH>2b&2U+BU-2h5#*CF@HLV@2MdN zS_??*xgiJA4Sn}8yt0hze6J!+tAVx?c)X?kDr7pWuM6aL)YMQU^s1rnh}TsIUwznh zJ#N-;N1uBaHZ%aR7EEG1ZG zA5DH6$v($B9y9hGH~-V)W>Yk!3kURpN}^h}@+LHm5&)7v%bZ4|U_vxPn}LGD?Vt)q z$+jUFqudJZLSX9{b|G`eyFb2uuYlxtll>E;W%%7Q7Sb z>0LY;y-gv+})Eps)tn%*~>KwKcRGx+U#uQ*DnG@4+F&&obORz7yFZ zQ8uZuUZyW|55mep1E6-Ymqe$;)eLQT&yyfp^mZYgOrO*&UbVE9DY?YbPglxsz78R7 z2|CR`g+_sCo=Fqyg(+9-OK0j;{*xYr=&7&PCGZJ6aZ3dnGx-J#gAmltHRGeIEY9t^ z;%U+sAV_g@t(tl{Y&`Z8%$~6-Toy5gdzAyW#nFzOKYqt3IpEvy60!fZ`Pwd-dUE0{ z-#TzELA7v*E(lf=?rcb8#DEE$CS#T&cR$^?1E;}k*gkPr#aZ0Sj2`i>U8f8FF?Qc3 zr+_vZdzfj;eF%T>6grnZTS3N^h6!k&O zeQ;?`FXj9FNlrcRK~l%O@E14v%Tm&t6g!vbfSYbSrCb%R+EvHWg^QQNp*{A;s$vr- z8?OQ2$LG;g#fuXd$xjO98>`r=kUoFYBjAsk!x%W}9U-T$?i~l= z(<-;eS#ZQNZT5gKf&;ShAj}C4+9@zWf#K5 zWHWRkGwv{*71zKZSnjInfTho>gWG{vp~GETV; zh*ftw7pWjOm4e0Z@9l*8=xu3(Me^rErHk6mOQ=7vcAYQs%{FTodeD}5q!lS>T%e+N z)2Q^!i*kM1zTm8bsUov-&xhW8YKtku1PaB=Y~@LhTlDvdh1jy^&p!E6nl?x&bpfzq z#+CgbU$7m!=bGSkGJ}yyvx7OuHMcPlw3I3~b=SWq(X){Ul-7QEReob*RTXaC9s%Fm zB>du%R9zW&hOwVKqzO3}h3k{>+|Eu#*QLx>Yp+H_`Bb0F|Y zG%-o{viZk}LS!fhd*2t?wG{qLg4 zS$s)d!Nmt_;#vc`!MY6$T)yLv<07kWxXK(NX7@3JBt-OMH<0RL`gOI)p}NeD<$+ zs7H6)BBeUf=V~lSSPWn)uxi`8n$icg%m~BSNOgX^wA6k&*mT=7%{XwbOgI>pysOD7 z6FTvH{Cj1w$v)Yn<7!|jXA)0spsBPbRqFDI+CB8$3+1}i9T#%~zJeQMwG%5pcm!xX3!B|6uReN?3utbJpqpq1ImNo6I@+BtC2X?dIe3?2?2$|Cp*XXH zNlQVa8iOeu3YUs;+988t-^|+RJ410i4ZV+lMJ&>XvW~oKSk6M4N#?6rW=tO74Cjzn z!P6MteB505=y!l|1yylTXwHsyW#0!r_1Hsgy+2Z$L2H?X%8ov(EVLq}+c*A+ti+Np z%#0gQY#WaF_ONMY4X>3KQHjuER0`RsHn~BD_{|cXifu{IO~HAy9m8YJh$sgwLl0kj z@J@Tg{`Zc_K$D2I(0sCfCqm`-{w_g6=3Le@Cwu>-`JoSXAMc%u9)^UW$IVgShAl(U zPmYp~0L|wPVf43Fa-l61S>n@TYB@+fk%Fca=*|NEVCU`HOx~HzDsUydE&Cie!<2v3 zJd+g3Hv$;9Q5qOm8_uaBJKN$ye=}czp|HpgS>l+^k=NJ*%m3Mf;Q8vsa|_l)i}tU0 z@`0?HEuVRZYlcPwE*D@lK4O`nwe#b2;9F=>Tv?oH>Ivrww5@iVi#*70t;=8ij1?|C ze7|{1Sv+HSrk2A&{HOoYp1ZoPQ>2YT0&ddvu@a!Q;kb5IKqfsnOH>?R>Qxn3cxZ&F za&YqKLTEbl*<1HDp7u`?Mra+@sHou$ADcXDf>UW9dkbl9S;naPVJ}L}wx^kKa%3GL z;(uDCo=n3_8pQ(p^yYe&$SR8&)=Us6!@bM6T{PZa*5ACuogSV5uUP=hI&G4FWfDfQ9kJg_XZXwZj~-O4`QZe&dOy)D4ZFo zEeqG!r&hAt37iKcwXeS_1q|vCj9v=Nu1Kakh;|9|gr^%ySM4Mo8^ZSubtLXk>eiMO zLV&O=Hr6jjeF$AM4|hC8u7(m$)N?^oT;742XXCyjclJyq1SGLmB_1$mxQu#y7%Gh> zVk0oArTJ4nI1@t|47qwUM}u*mtqh!4MBkY91U2fzxip()Tnd#DZ1-XPeS?EON>!rD zx>6cLzeu#~-(Rr{HU#7=`G(>4hRFy9Yd9o+;O4?vt9N~a&E6u-l@ak1ejXMDz)jri zs|c9WWqNyCb;+oo@FOs?)7g667q(}XQ=mpzFVmf8Q}c)Rp{jiHyKRLuOYIcO?H+Mv zN<5HfR%@#!>%X752h%1?upC_I^wt$G zYxj81xM0mHm5tKG6!j`oD4FBBoGKMGa;9S2DCy1nS6xst7oK7PQ@Nv1=B;nd4veku z>_YwQCVRvRo%vPDy?uBxQK|O3-H^Gj_{-I`V-dxbkVoZCrt2@p;S9LSc*UY`Tozi! z+;2B*qL-Aelt5c>>EzC)p7hiN8WTFf@*TmasBGTXtU(*oP3U><%?n1ggqPiUercK> zu(cZDD7Y_*BU5RpF2D7{tELh#1|u_R1qx2ULMSa!?k_b&+m+iGRO~U{itJrH41xEy0Ky|1W}4()Fi6o)7i)Prr88qXBQzP z)T`ypU!RuqTex>OM?S=BrHn?7;+OBwl9Cj+qAzMsjZlw8d30X16kW^MwL+{Pbmoz1 zcWj;+$MRMLws)yrLZ#{UYTMyeFXNG*h_%=jaOx)C1%mnSFAcTN@Nww*%)zGvF(KVP z1{pUq*E?K@=MQXiLV$|4Uk)pmsB05`%)?#nI)!aGQzCX>^(`f2>bjXIbkBg+#mLeG zFc*HMg|k$%=#etQz|M8+La0z48nRtp4Ja&8-R3SY8bNW$8}&K4){0uMZf^;r}Rq}|0qOo%F@#OO;vAL$fZBlh^5Lb z@Z5watWvoD-t>FQC<@=7jr$g_SR5PU?8w@;G%sGgBa7`_Y(Dyqm}m)1M-KsAb7c~< z2c5JPp-@P+6SS;labwqnITZX2ts?%T8)A(Dg z{m*WE+mXa=fU50`3utk*unfF}CSq)CdbNUO?Bf7|B@dt40@r0I&D7efn+42RfQ4oO zGKDp+`zP@s;!74M6cdhPl)yJKUeHaz&`e}IH=j&Vo^rM+21HP!Tf1>>nDMLv%wA1v{&dX<5SL8!|mJy;jtI0Bf8?Pw9%uuq-EJHbO-9 z<2~4!X3EouK$>Dotr6Z}bP(R)WFcM#H@_x}X7LU}O>@MX9_$7TR)ie{=czlu)x_*p zM}(EZq#h8 zBhost3=?+C@DFE1wOy?RE66dLLardvOStMJ=o6wO#k)XAVL(wrC=Vvtv{rE@c- zVbw0Q!ALHN+gZ+-yo9IT#y65|t(SF;p=M1xevy`p&DpM8QhB7K`SW<`-mV7A&$`lG zJyxVu*I)%d$-1)bhLm$z`KlhH)OzBqHQZAz_i>~u#F%SlA+!>1tj;=8A2Z%ynP9N0 zqK!LLjV4mF(J}Fv30NUls-6<40^rt{`37*Fi{u8dJiG6(Gy95V>!jxSal-Se*KdLW6J& zJ#~+e@J7rT zf(-{YB50wss7#?aWZPafA_ElnK^zwUmtE zGNDfp&veb$8-Grrute6u5^z+7J9T5Yz#tzHBja}c!NL9JJQ@b1KR#|a2`lb2Ug|S2 z?X5<8Z}xoawzgIZ2oE+i(%`pBvpU&dRuKE_7}K#G<|x;T?yqZlS8A{laD$!5Rxx}a z>#9lnHsdre>^3wSc}@|}{?;J>%_N=OwpV9Uz1g?T}2*``CkYtU{m2MwqNtZi}ag}LLm;JoI6RvZ$DO70#c@%$hA#XDxPh9)4 zAsx;hq5HhZyn$WVu$^afl&j4;H=Rj1+pH|$%Gi4>Jbcb~&u_gK@ufhcGm%6o?l0OE zFp;?(vDf59aRXqOb3B$?N3&|l=BRRLLK`lTX>wjQzOsfy-x%$fo)FM9ihN)%&^<=U2b+-@1# zia@d7Rq9t*xqVaib(vY?a_Yyd9zzA`HUIXHHwc`#c(M65qqFmOKT-3C-bQ$Q{DJ!i zr@kaVV>ntH|F1zH;AHv2!TrUccYV|A!Q2CQ#KqVBQUBuJ2g+w--TyRE8vHyno4Z-% zejUXhAwZm?7x-TzhnxhmU!;=?d8xE{H{j;1K0khTHbJ1r1Kw9yR=THYdhpDuVnisN zC(OJ5YX#b~NOeX|Sd7%Di|23qK$+6M=iPQpPwU-m6j5^{CFslQ$K${*^6UI8g3A5Gpv9p!$WjDh5c5Oh;|cth3B@d#ulcohGPLv$xgI zt=q+C2X2oZsNPoO4pUiCz?c`oHBseQ{7oanQHASgOYf;N64AC$}T5upzA~ zo0L|9h5{iSU-4}fv2RGk=R0~rmHyt^hnmIsoXWQs}*8jtL6wb>9Lj&${!`8j$E z;U1UjkI)SxVTHugsUYOn)Q@cItv{tpwVMd zGF_N~=2_k_bSzaL(T;Xo0i9jBpd()?`}U^<*_=0#3Erf}vU4@u6dATyAbvgo^dSfd zD+%8IhqWCO=p(LJrywR&>NJGZG-AHqkqJhW=$&hT@H(O?%jt^@Vn@^4*3ZtA5x0AZ%;z5e8}tvKYnLhp74#;~dCevi~S8O{<^l%1`_RULa6rZP|&X*A&OOzXf=lJpI~^ z{sf*cUtepy0ZH?A{qg-*`AXJvD&ubdOdy(C;uEA;&hrWQeFS{mIEKPVe3?)V$Te(j zA;}{n1^hg}LHuXOKzu^u`b5(G>sq2)NzE;!tPdnj8;LWwgqSq$WutH|3(JXJK%}&!Zr>ieNr!LS@$O@G+ab{Bgw(&< z{x)+{^qDuR6Svsz2|jDNQ`@9lYqwKQfUUh|bJKYDnTMPI9X_&YSvJi-k>R;ROm*6+ z2Mt{I*PeGl7@7Zc>5Fs^y(Meqxn$a&UQ@w>`{jfe_Ie{I4U0R{@@^>fphKnrCod?A zXf^t+VzgsZK+!m@naW&+jmI%r8qpbNc-2&}9D-VOu-Mu8eY><={(^eYJiE$pXt5O) zhhrwifG}hxOjTV@a;0?Z08b8C?mbg7BsB_k$ck76nV$~c_r$<~;bX|`AlfHbv#haJ z-=;3jzRzTn@nowIC*4`0>F+1u@XpLy{ME!c4;TEEJ+;2AiiC8ASLSHgwO8V%eT*x< zNf)IRb*M0^cY(t{gWU-dCwu>a& zkHV!eTowK!VH1=DH$NY%A;p7TOzhrXGsttIeGG$(jm;)VlQf&#QD|&$U|d%f*1{?w z5S2i0YOIhg9vkV;2afz=r)@k8#Tn z1xR89#d2TE7`cXaJM0f+_7)%|yc;EY%anw#15&Lak zy=GnNBsGy_&CyxphVoS*64g`v(o$5nj{JR{vO<8or5b00%FObcv0A>$& zj~&&^fclr`9p6^qj}dY$>mOJH&&@&_^B-R?MAHp-NH}3gOkX-}lzi#S)3D>1RCnVP ztSWE4DinqYkOY{h^#LEXFk#!?fQ<)ThF?gHTPSs)tr`LNYnt8ohUk{?@tu9FX-&;!3j~= zE%f=yC z4WGK!Mse12z}1W+oDxv0i+ye2e7pt9S=hQ8s%g##46s{O&2x$tWMYaTWE&rNA{AA; zctPL$B1hY??hWoVq-2!uv}HC$-SHDTKxI@x9%NS;pBv2R_p}XCdS%Tbg|kmM-;q&`*-~T@e8wG zrz{Is`gP`~n4dKkRYhqN$Y!GRK#s9T7t2ztOF)6+e3-c4weFRRq`VZ?ml?~kQy~xV z!7eY6bE-U&@0J4XAdgoLt^2D82szAGACbkZDOdDLCOg(LbH@cx>8h1ePK)_^{5De_ zT?MO$=Yn4Hz9nZD&rM1R`_K5QYHn5`IreMt$9qQdrTkpoUax zU3tb(jih_We6-qJbcMwOMMiF;FCQm%z7pHG;BcbNm?(`8tY%+LV6DzF|H@)7WQ<7t z{sDWmis#~nwVlqc2EdS%a=ClW#fchlZW`T|AoaW}Nc#7h#nFRV5sI#LP(IhFdNiOH z5;$8a_%k#cuXkYSLd`!>YB5y#FH*n8jgi=Qy&K<{qcjaRH*X;eoX5)R*G^n59U^X~ zjN9lTl*^N!=GBh2qaI`@$2@M+8R3b2DJJYK6NdWJYV5%xw;F8B_|y2C789cYkwK3D zH_!Le)j|Ssz`b-Pdy;vS5kymG=Qk4PQm5!BzBx*<(@#WZd@~*;ZL zeYE~YAn()Db!E-oPFaKPoU3JJ;TBc=^6%Ti`bS7gahRr8gr|(_=icY%4e{(w_#SZi zF#Czv&ioBOJHJrs%Vu76(|?Jr!nl$+O|u1|!VWprx}>&IBkq9Lh^F%!0v8!e&xy>_ zkxxGIxi!3r?G=1MI<*k!Q=NIy5^AFCBMx|Fm+i_wgVvnacyLQ}c7m?q6nd_f18 zQkBfZ+cV3?v|52MDAB5QmdyM(d<+na`eA!fFXF&Edri>+Y`bOkNDF+{c7ko&c31CI zZwp1NWyw&+*3mx6!9aFU(FxtiRj*Kw>gIJWP}|eTnRLD~_Ru+9`9SO6+~^su+a+rM z_8+}7+@yyEVJs_UyoP4%*?Yfu;Hi?``GG!#ul*@}@V0$;D7@06;nmrh#y2%{ zRmA?U<3soS-d#fv*^{=#^b`n~vA^g}}S6Hil@Lvit1wt+bxS*H7J7 z_$2^C;SqhB`0#sfc6R5N#`1^2KkVt>0eVHAv~%nLjS{(&Brvege(?xGpCdqeXm!Xh z%a8We@m}}}KLn%?KFRt%Fk}LmUtV4=?g9+_bAiZrH7?()4y`IggAgf|E}gwTw~8E_ z8J#pVZ!5i|np@J&VY3H|dvmG#K*=;Np3=LZLCi*v&_A}dE)1R%KlCiE1YFo-?w4dTM|4xS%zi2apWR+d1$OP==Tk~1ph264$ zfjXcgE>3>W%a0j*+{0tx79)m~zYUOWTZPIF?ScyCiezxqxLcuc+;Hj}iHyL(n1kz3KDhTwew3-Fm|V z?hEB{Oa(ATY+T#>_1c62ToO1LTx;=YKCxiZQ($`hE5Aq1ynbfw%^4Q=FDOZWBrj&A z+B5~_r!y5X2MX83s5{)sw0ZTc1LRaBu11Jn^m?p4wswJQ1lL z4xd6gf47cA)l=~zNbS#95vy5I*Bi@-q)G2wAA8b<_M+n^9hGqD}LHABG~4t@izfpU!Be|~X&7`y-@Jg=>QTnr_-zjbK^ z9X@Wh=hW~OQ{2qYIx3xUg?CgR-^}3-Az(!Tv_H6 z8-Ea`SS77>Aje-Os8eYyC?&|2G3kj7OPo8vzqbcdgdJR9d4eLTrY>hXmhMq|72Z8p z$A|khoArC2@shLBS&F8hzP>)U*et{htJFV5q7|i#f(U_PvZN;dhud8c&_mQ?UF z5YA-HB2KA0{UB-k3o1s=EKH@nGe@Yu7(R?b-31<=14iNY!Qb$}=`XLiBW}QPTJD_n z4kqZ$YWkbz$}dlBLOy5R(WA19^u<-$aXP7XVxD~FL$_h!n>ht(f^+=~>jd4Pre~Zt z1r5tS#P5>huq7h(;ZhuC*xB_uOk})0#MQj+w_%O~7wNy^vFd+2FwYjl$Ndt`ljhXB zarqk#vuZsVtF7T*&C-{s%MV-mNxzt5ej|H*_qTsE`G5C+JbeO%@_hJ#8MdZP&s!Ib z0V@S?)@l!_V-749UR0&)#1Ed)c)<`JQhD!dcE1&ruxs`hI;lnv1)D{KqfMR;;)wki zHG8Ol>iB{A0%)36Lp~Y~6pE!Q)8wq4Or`4eEGu^|8w5ZQ1xuiZ30Zw{9OMV^dgtQ& z`ybEktbXPr-){|n_v6B8w_-|v5KosWZ31(Ljo-d(B7qW(ei!Hq$he;#@!sy-=Sl72 z`eou!Qof0%Y_C5R2Crw+=a9wTGjss{y$Oh0_$Mwzg3guE6wiTWg z#-vc2%lX&t+r7QZv!P7hDl?2{sNThn-WwIAO4r9FOQSrMIg&GxJ;i`;RH{VLNITnB z3||EkSLv)ZKu+v5={#ge3T!->k%R4*q0}y1A3tcdrwmU=^5KHIWKPk^WakG$GVOs* z8MWMQNUjy#=fD^DPeh~L0doJOI(=Jx&yWpNlV!hJe~2rd2Co6#p%&KiVHZ8xHF;rU z5MG>rXLx;fX($isN<+s%*DM?^LFSOUr#N%X`#Vh!g()tR_qU}k0BPx2?8ZswoM@bb zg#p+)4x}mtZZ8LlJ?DRMsl5SbW-sc$f&Z>Q1(=_|J46J|*a2xM{lZ)Rx2mOyhHn*Y zSgHJyKtY9&mgbSBCHbhqOLcOhxmmci21rY(spx)l0sNNt``Z1o1_orF5X}Lx%`(|- z-Hq33_Ny}Yg=Nb^B3VV3(O7Ei38BV$=b&m9cpJu;PhnwqpEc;Mn>e$Y3-3&|cw7mi z^izCzcTNvk<^>}I78-{XL|Xedn7G4iysL(L3G3?*I*1fI@VrNCDp78V0vN4JjJW)^ z4`w#+CdtX1#92`DfX-J$IyCQQT)akPDBbScVOPJHd{yeV4_kX8lTkx(y9Q{BI#bd| ze6}GAp}6UdIf_G@s)#Een&8ESaOe+;4f07jCIC(@>dQY{!;5uc+VPP+hO@(N&8m$i z(}x-d>2(<8tsR=>e}9=TAFogJ2Ru^K0Qnl7uLZt`r&jB&zx(T7Uix-`zKIqy_dqoN zzNxOaHgU%)35WM{%14}@P~D_2)U2)kRF@hLJ3E)!!FyS3Et>dDFE2?KGG1=UKd%sI z++wt3Lj*zD&Fve|yK=mWjc=Dr7~hpbLFQv(Y8V$W5hUq+IarZm+~_*bJZ)+NhwW`uRF8ptDD1M~5Mok^a>eO^ z@Dt3Q#!{yK2iz^6r|c72%kFzjvDFt^gg?VTV84Zf8x*K*Kzxa}qzN5o?3 zrmH{vQY|rztBr_YaAGILSz;C}LSvaqOh{-5JooI=2S?jm=DMdIbG*nus7b}}f480@ zZQA{Z7y6$)U=hK%6u=fT^QzNdsw@uU!Fz#?xY%6`Mmv~)2{WWH4d8p2wg?n21{3CS z+{ERv?1yF{OO)7tVrf|JXrIH)$efjz<}fWTrHJ`5faa}Ehg@&+-8ZieY@g&7z#1=? zu6TL1a}0%D!z9xG&0YwVKRLk_0sJfpg@L*ZWvly5IImW06%mZ-H=T8f|Yf zy-Hyw=G4$#qRQA*%_BM1c+mf-1Ko#%{}BHhCUrqXVWdZxqAZKy0~|37l}8<} zB9u1Hpx%u3QoV+02-nyiG{!VQD36Gr5(&rotxJMdm_1IFF(ZO+722)t|KcZC@odl0 z9=M8YAWx~3YGH4qETPwtpH`Zy2xsR1JFrFF!Te1$0TF;z=9_wnD5WcB$WCCwN+9yn zWk-awmXi0pxZ?h}4NZ%zH<|_f3jsmR;bZbrg_hisXr>2Dgs|v+6;{3~j5>2fUu$0B zXlY^u;WF4CP5?VVrnZM!0@@aVI|w&lsd2woo(3DpQOFa;HNg1F&<*pBAj;+~A_!!_ z;V$ngXviVBO(2-KazCt|TP{NXMlbd{Miz4Wx_j3FF#v4jHrOEfC_{HB3pa2AWXhpz zK;3VohOpZFkk5vUX$;-&xwD3{%jSNV;p@~qb20XL{7Io#)KLDgVJ;fbS9Ie_2$^!T zgxB$R)2IEqCYSB@VLo%G-@Zv1C2Q{-HXzY&N;W~EN4E-Bj$w>9Sjmbe}C@qjmm~DOjaqJP|EQC2cF>dEQ#$hfcV+iUQVADLFL^ww%~xJ7W$V?;RmI? z;DERmj^`>R-H0ZN)qJ{2-a%exE$xn6m&3MNzj*C4FadtpzLl|ujjbwV9rzze3g`T2 zl`*;00Qh*vzhUQUq4UIo{k3Z(bbnqa&jnBid&TpM{*M zS`y8d5eT`5#fyDH=fux2s2(%^=(A>BnFE~24o=lMCI^0B%g?K-{Nxv+0k8LXO*ZLC zE`309pNVKT-pQY7@}6#se7LqfvQ1RYVDVp+Mfk0Wl6hcsM#UI*NA-(lx~cC|AG}BZ zS2fVBkm7p+Hw|;S_IARb(A&iIjY(T$_$w-%oE;dAtZ5n9N|M1f?#+?GF}>nUz)u8z zMYeQpDrl>gQAG}|-C9~_MK-YET2?d)y_CE0kBWXe4En?B(XBm8D{sk0UX}+UV0T@e zIPc}YS|%~2^kSo$+E)&7ygG`U>C~r3tC4!^o8B z3t3fY=xcjb1a){&78QYQM){NjKoEB;msB+V$MPl{Ny*7X_&3JHyG;+^*s$9*5#h_V zGtVcZ-gW< z76iWCEx6XE4aqPK36VIVR6%|HKaSam2Vk6Ku!O@UpA`YnE0eoFU~z|Z@mfAY-$`Mw9FToGmj209q*$LBwTC=AXCcN9xjFoL*-WAtmm z3)p{7c>cLmE9hHXX*3dxe?9ZK30Iv_R@7HKTDvJPWT`D5P?+qhQXE@z1i4!aj1YVV z^SuB&!~y8!X;8|lGErF5$RG%G_EW^2JfJrdjYu!{o}!%f?b$8CNao#+Vf3itmqGC^ zek^b}{2cf^YRj7nY!-Oqz)cSv19VNY0R~|YdT*dUsV@AuaE7aQJiwF8dvCsXci?Yf zS!G?2;&+Mec1TPf|D{lSLE}*g&Yfewt6#wOT;ZtLqfjsQU3q;!WdwPEbMZ(!c?5`y zo>z7)v%ucmuhrI10iTchzOewm#FKuYM*pq`H1-&J?XAe!3vltG7ewG39io$`w&=Y;J?RJukIQ%ee!H!Z{%!EiEr8?#EE2BmOuqvRg+UMQ8Fq)K(dEHawE_!kXj+W7+R2wLxNl8rDXVuE?fC3$cF1Io90^m#}Zwg3Allu@6iUXnYPp`KN^KF#} zLS$qpQ#i+#HabbwzMzV+ZYR``Y|wkw#sug}Buf{SM(TcGCeo1D2<8NWw=!Wm6rBH? z=p{8lMx4@t_%Fy?hLZ9gb$}JAls?}{fGQXT0cAxV=1m9DchSh5qOs zItu{(XF?~xMa~8fR%Fo1J27Eu7>87rG=q(umyLoU(Dj~Y#w2B?x6?gG5*nC?U@6Un zfjefm$d>H-v#woH3E@DuwkI6jmCaeQ|Kl3WV%Lug>;{1CEYTP{I&;~r zNc8?s|bm2S$WEv2P_>nD!%8OOoE?7!p$X9*Q_ zq6?l8&1EXHMM7xdul;KZRDxMn$f=41fDUoe}bIwY;69>Ht69 zAMJu!tkVfQjHmVYftVM5e(7HPbk&1hOHeddVb11QM^mFF_WuLmKp(%R>07mSYd@EA z!}$8F<+%ly8yj{kYJ=s(R%#!w>R=Vaq%Tb9$bzmDH3&n>w8<)5L!GL~W$ zp=9C2DhKP_siuVEQ)@;RK%cg4@~wOC)iZq>XO{2$Ml(eC3{S)W#xN5VN486F3l8La zCDc@W>#VrQjUMglHiCi_ULmbs+ZGd~#ikFoO{ty>h9iOE{`DR>KRg^6Nvw>>u&w{p z5gnwMHF5qS))H&Q+|g7EQMJ^-hbbA^XKVHv5&Y+w^+QtijK z7XnF)WV=MlqJ?D5OU$>nCBsGtY#OVLs;Wq+^<$Xaz&YPih8z=@GN#JLU@Me`x8z{i za+ly%ONqwL+EGfpXF<@DfC`rCv0O^?@ib^ z&H$G#Hmw5|93y}&U}iv! z$X0=kx}Ja8ij4syu{ksl1udtO#H6%smUbGuXSxC87t!XI4RsA?!>~^X8_1@5tZu;p zoAUcX#bSerj;*K=GW%C)tXjs<@sI|M`ljZ6U8Ltfq(0x?mSzBb%Yua!+*|hm;ht65 z+nR;8O4kBcYjM3?gsUxhFSs^Xr!QSxV?0G%)U=yAuDYO|R5x&L0zQu*91I2naB6mI zs_dBR^vg_-Z7G6sB)0WRR7_V1N5E-dGi{)2dDCVAU1dR#={q@Vr|a?LJr&B0l~n0g z!8M@c--7cDMR+m?+IHT*N0q+55jWtf!m-o~mbl^x&>>s2egXK5=1DB~lnyItS6nMw zQ4Lo&=zS}{x&;T|z$i>sHPX@76G{-E4Af%hcf+*=QpZH$>V%OA;A(bt2jyJM5E1qi za(z!1y1KDxs^vVo#wjLJ6=iEg(8qPrI-qd1!DbfYYD<1OT+wIk4q$`o=p{i(cIJzn z_{xM(b|7L%Wmtg;2b*cmg_Udo)U2#5OPBQ!JeS}K&9|1swUF_`eJ%7%=lD%aS%r|f znR6*wX>T!o5~dxU^^)Ax;MHNxDkQ+AaaFOp)`Vy`T;1R^fpy?OE%0jORY`!zHD;73 zThldUSS}M<1&Ni^UGj$tGTs^0WpO<`smWPNzNHgjIT{?=Ktz_p@@3Hti9YxJgSz6} zfnV!EeJ)#ZHGzNDjA#d3mCEq8)IiQ14dm_zrO)b^G@!PucqaL*P9y`J(R0AfE|3ods<@^@1#tri-&l0&&&WR$H(xP911(q(sV*QJf3OYp+? zqVq>1srnbTDGAZ*v9r)ExD+h+ZPs{OWv z_31K!ILR5hm@&j>Gzl*>x8Se37!bDH)1}NUxO}~sE<9Ja{}$2ZTo-#LbP4X$;kXj5 z8&a_!RiZ*X$qlJ#KdR8B%ZAjpA5}>8_@Acrr9zi38&YsTdU6CYPe;0R*^t8f(Gw+% zlwUf~rOSrYv>!c5$~5gq6}oiUkec?Rr%IRLeiVvevp}yd_9HI_&6C`Xf=2~)x^z;H zTK6N5R8Qe)(vLj4bW)GP`_Yplh9xb8jzH%;I{5XdT_i00y zioo(D3DZs&H?CiY%Rq)M-o$y5RB5J*A0oZeNy)8RO=QOdg4`zGQYW&xpeYo{zlsXR zXhNBCErAn(iY4j3I^C%=VY*a8@^vB1EjUN+fqLl&3!{j#*f?BEE{TkrzYZ|C2`gSW zgc7t32qbhH@DwJ=Hb_y7^K=^|kWJAx_-y{&(|>FYbeskGp9C*8~El3v~hD%@Oz$q45qKWZD-P#ro;t9S&;PCXLWEm3? zV-s<%eLpH#gB!}O5(?w{yg$^$FU{GITjbp%6A94qnx!%S7FbBYUb=bwPm{f_IaBN5 z43a4ddMrwQQ89*8v=cB@SAQZ^{(c-6@9((sekx1I~BT1Jl#0W~{ zbQYLQxf9hw*H3OVGv4 zqXqoptu5d3`r2Zz);;b=>C-#Awe@9DqJW_N#jd-h`RPfnxu9j;ZKMlF?=Z&TTlvAey417u`jRnxjT1DjFTEY;QdWN8ZZ7>aod-1Y z3xe?nlFa3h|Fw`+E<5r|u=1Def77!xU6k&7YRCPEM^ML;y6i%irpjNE0^w(AxH#CH{e! zXQ;THypUf^WsvFGU$Ebco?CEvmJ@+f^j2FJFN=FKRHZ;WN9-C$=pc&ZuM2vGNTZ*J zN;w8h4PdGOA?v8XlJrUOOK={|C>I9_hP=CFO5bL8;+IGm0BRujh5vm$EqY@;s=y*p zIs$@;I^bXa$Y}heXwzb^tH(E31j|5`s*LCp979EBr?Js@2&8lMzl=L3hXK~VNSw$-Z{O%lY)q&5sC z@H4=I1Il8ZjA5EX28lq3gPWODvDNO*u2r~j!9h;&zjNh%rH=ox3gaN=PCXT`oFSFg zLEKQe;$tOXyK(c?DKJ(dzz5khiq8;?=O)tnDP%B7P~u&Cuf5fDVVElOLIOE|ABgc0 zqKmyjud*lDTl5wZP^q(wIYwm)7|$!3!gjSVK`6FWB8C*FXkVF`?9e?vP5U&L$mR)R z-DsjgIdS~tcoi_7UtUF_O?3yz6(-Q5NPr#iUP6kj7E$6WqM zUH&N9!M29LR5qq#HGa{ji7t5-LxIi(g91(G3v~bus+<*W>^W|LD2?D=JF~{;7F?cD zmB!$sqQqsGF04`}3@S_)Qx|BE70)^+XTzg7rpTa^(C1PZM2i#^L4kqd0cEZeX~# zj?D7=$e1JWG|@%se}_eXy4o>)x=0vLk|=HZbS@~5pjL;0M8@ajvDX7dUS!G z*G3ok`N_~FcpuiKi-2s3#Np}3MRxDSbkU%cXLp8JgouFCM=9&wg3DK-dwg}eoGAD7 z7Sb$97vt{!NS`LUWbt^QHQ3HO^{oj32O!AevCViHl-us3C+mHh)?G=L6q5tJH6&fA za|=$)stRo_hZ>J`9cg+R&($Pd;OCD7cBafNI5DegPM$nvg7+I$T*M0oClefjqt6-T zIYTQ(M7+N!h<-@IC881DUj#xQve6v0+sh)8glE07t}<(}K-_{$lhxw*^wP&EYY)Qb zSpp17>xsMPhr#o3A~Z%V!2!+bibBKpfmj1h&Jy9_#1ZG1l7ogrvRmcg#i)u~%MgeX ztgn%oi)K^0ZIv1>r;Xf6C|)w$&(wX8z(w6}Hau2!kMES(&a ziicBF@>#fMou6#NmE+T;kf`I-M5lzp_(zyP5(N1W7ZL;b9L4543a4- z^PDWgY1O1FzPjq+ggy(z2u#enUp=D<;bf}-VfKoZF2|MY(`6MW*zO|b@wkZ-4I6!= zEY=-yYT|Ka*-{Hskjbt0nm(Zt6d<{OBAc3_j?N~bELFC%GOe>pHEYa8m)hrGD>QZl zi5tqU^jJ0984AmSl8jA)?e}ioRg>oU?)d?nl!x?@;S+xyznCFlT2E<=5_NA|B}Kd2 zvm8!GQ-*8;!CUR%qqDnF71JB)NEVRH0aN!s=|t~6ki;sbO^moO2Qs|b-(w+8imQ%^ zgG^ELAdZbW73=SS<74pHv+0I!a#>C)3>f^Ajkdnd4e|3*Hr3s{y~8_y+h#gwF&E` zY`%1q@U=)QkARILY1`%;(hRiLqTbp2qMwC)pyzH1M~?}!b}`9X^Ql((GnW& z8kO2`KCt##vql9r49eI>O43whi$Ic`7zzlS8YVEn>8Ha1IGzAC^4ls^DoQgke~Vc$ zAb}h>wf6mNzqb;uP2~&9T)q`_^jYH~`iF8v)Y{i_zzL0&kgnT5(6T{#rwIM(0@4|R z@!uI1=mUw+#y>9u{m1`tGXZ-2Kht{VY81Eym*4+{YZ`5>|K9YhUqz6UPvW#n|EmY| zq4pE+5=pVy->KNjDeYH55%BP5>SSjp$ z4S7k*oDXaCr}Tp4Fm%_`ac9%<{RMPHG##Bs$3vqx zDxVaIP2?UUJ7wjh?6NU@`KLWSTv;qk*VfFOely2DK{c#?=BzsRoxSrxpY~LtWwCa; z2D6Cz&2*>hePtSb&?k`Al=42Gp(Lr@+iId~L&j6TnXYubzpSVa`n0DpD~q+!wIMsJ z-%MA!-d_gS2YuSp#g@eu(KV1s)^BDhy6TLRPvi7B{IsVtEQ^Kd+Bx#&ql8BOt{v{(JfC=(U7oNCRxcK&Yv)L3&nmuImnRSdEm&+xx>h5l-2xT)?D%bA z4X7vx&+WMdmpfhjwg<6)|ObcC~g@RRi0{T{&aokeiGDO!7T9(^PBVC_~ zf>rBqcYVvJYX>dMZRYqnX;X`zW%R8&T^DFsZZqfR5?V~7E5!Q6s%nz?t3!5m6P^I5 zlDt3dXBmCV(zTX{S-oChcPZC_(^3#PvP;5~&&^zYZo%cBcdNGy0>xaqK8L&wwZ0VE zYw$~}&e}lN&U$RE#qJX9S3S0&Sa2QqgT^oK@&sZK2a9#0>mMZkd6#Dy`@llF{z2lW zcXsDsXBB(aA3c72muIc~`UiMHBTVddazhCT{|UW59eWj#)Q2E zmmS!(jjo*%xi{r;f3}nj#GncmYo=?bMDR^{;GZ*H7a9lZc5OH3c_)FOkOwOH(x0tB zu!=lTp=%d`piLgAkotK%tE{gTx^@u=g7Uz#B&c~-kq0Vt?II9_<$-5R*j4te3SGMh z1Woe5v!(1B=-NdfXp#q>GhLUK2e^Ptpov;U^P3TN7qi~fmV6IBlUB6 zR@t{ax^^-Tgyn%}Nl^3LnXaA80}b-PGbZev*Vj(wfkt`Y*-~~DJE2F{PUe9|dEi;o zbybYw+?lH9N*BQuE|?JYkg5Z*2fmgweSf)EBU=C5}kRX=R!Hl(6u74 zK3l@BPSvZtzlm zEvad0tT{aL<9b%{gYOs-*l*@svSI{^I)F0pUe0zY7R(Tg6Dchi&`*|4i)WR4Mjazk z`_0@}bm~X?+=9#Z%ib^O7;)HdCKv>*d2M*=&mGp+6H2h4tmFCCp^6x3gE^YI;LP04 z&`LtYV5TzM7$Tc+gC+GpWQajo@6kUi*|U7Q7I9-+<2=2$rK<5VYb4$@vQ`n%_YCQ) zoCS!-nU2eQ?y$aEx?&;_yN0co6mG$>DFvVaH!~c~%Ber2c@l#$(hQ5@N0<_P>1Pde z)zmQds)hb8a3bYZOwAw?EUrfug1XS$S5 zal*?y0fI`2HA@gT*{Vyi;3+?=+~=;)Rlh!KrS2^_aZ7ceE+$jNpY;8LyV7+=31#ov z7uhoYfK$4Re4z*&$L>akNSsj|j92~?o;Ap?|Dt0>r}p)=8Vz6Zt&KWwQWsifONYh> zP@4|_MaQ}(CQcBeM=p$YmIr#0FmOz--4OO5g_)J!5xK^Ul2paMg$zq2jDr|WFhQ{m z-}1{C3j$MI29f#a=1ho;kA}l37PEXjh-f;rrAq&Sp5=iAts>R&qVDt17-_lCPc&>+5^;I)L zUjqVIY)jnaz}CAq&T%68lKOHCFPTm1^ z{Y+^+I%7RHXG}VjN?{*ymQ$l0WsF{9sdV1Vu!=>l=B!;BR99A+=M&TNU=Gvd>oi`+ zH2w?t?z;<|efOOviX1=7PWB}67l-KWdy4|vwyz8wP+Ps;ix)r()Hy4U*UZ4{7cmkL zCtN3bC=73bAT_<7A(o~$H`$|1PRAl>O=El;$!dh88H%o4nO07=tpPYMkTSSn4i?AFQ5fr0rZkwr7-mBAh2l6fPa`#ml8xj- zO+gB;Y-~A3)ryB8$B1n^Jv6=NmEPD8O?u?Eje$vJLxKWFDkopD@Vi9dNO!=C&s2sH z(&3r-030eR>5iF~avuC5;gwR03hAT}?ZSfNgpPd{)DVUOrC9<6;=^AHR0kqUUcB3V zwKV`g(;IZH;_i{~80fXX=%yu(+=4KVXwKkN?s{DALn)lAjcAff8mW=0kCU9$d;tE6 zNnDrrC<#Qo0x2YLij?$Zg;F}1;7Br$lOETT*h->Z6(t6k4r3Z|DHBF06Y7t0G7fb+ z{en(?M|RvA=qdTj8P)6hH3!FOnkyCu0#13^qHJSe#z761$OUC`TO8&@F0%rvGc*OL zFY7ujZS{J`YD?#WQ8G>DUL-BE9Ad9!Nfqc0pCj0tP+o}eoFT5qqMX_wrbr79W>fds z98b#gKLMu_t2~QU+AgyNl9D#G4K~t|UDhT^wfkm%( zJdt{MkyNb2PcDCwc}vx(I2YZt5|mTZ+WIL237t-5hpmqV-%`ua+zJm?<8pKfljW0N z0?nf3qB>BLgWOMgw$P~8S8D7?4R2qKL|?w>0X;142m9`{2ue8u2gwbb^B&OYNk=^Z zEI|3fKmx#v4mbk4doTC3lyN+<>$D}U?y5-!si1Blrp|lN089l zl1<=fvyVF?3=4;rVr)10R+AK=spU3b$PMch7a*5gQ9q+`pU@Z$U)a|Aa(jnF;J$q$ z$#S40%a(el)^c10#6<=_%KX9q+bA(~<=h`m;J=3zsMX(nr$2oI+$@0L!Y|tEwXIY$dZWmMV4^#0v_C@-h7xF0 zUc$uF37D8E#FqmB97^)*E^@FS|L#+iU7%S4vl)fKDaDq^G9O{H72Fv z{b^yToxy9Bmx0kdlfnp5SgNfm7qd%{!fYTxTC+cwRX7+UL=08585puDzf>i4T6J>W zP|$w#F^&oRbJlq&Q(Z;E2-BC)EejP@p584|LfhdsKG?Cs)vOl=d(W z0Bo)q0ROM_^Gd+0^&HSzbv+jh3N)Qxf=wUo?KyrEmpy) zX6&4JHF#Of39HXyB9w}bIJoq;)5~oD!7m9OGsxyuqmP`313uHDh@csc_|O#n)ojx* zWSK3cfXW3QkrKEy-TT|Nk%i&?o1X$N?VebvMM=K) zc-MO#*Gad2n~NXYP2PQ)JuO5+5^9QI0aA{d}9lK_nAm)8+`#b#tWBpeNPx6w|2r@yT@=xhgxGzOg%xN;cI zmG@Zf;3b;%$T#F3o{BCTb(0C{#+?05{KP~~S8OnwcwyKT+*29pUw@>OlOW4c3JRWD z?eaT-cM3yS+z;!c9UA$J$4ru)+U+wFjA5Kwm!^>(n3{St;%sWrE~Gd;qbvpI6#!Ogw<9L? z4`q;176L2;96|vNs>#tQO29clplk;?DxBL$dBIOYbF^jY(s>Qk?fO{wI3UO14xtWv z48VD@$HSdh$gZo@WG2~0P){wn~l6g#ye-|u5-T3&) zFCSbMyGO|7WXfj5-A1m|rR1BQh>71b?v*`A!mfO+6ytV3{p*QZJsTV71@%cJh~u2H zc+Tl~lA!!%+#>eS_nhItXHzxegzzbH%{x~u5I~E0ht4A3lQZ699IV@NG17oy zPKi`rb$7NDaT3cB8bG$u8@*-hczv`b3%L4|+xe>lbFR-=l*xb!b!1K6`y@_OR)A?7 zQt&a&_`7bxbN;CtU_(ir2qQUIL$kUR!inSjO>TZiz242ujfVk5kMVIYR7FJZ#o6ie zSC`MbJ6`|qj`Oo3$!td(&Mj*t3h|B91M!&aB~K%C!>Qc1w~=6@a^dwz*tU!c?1ub!P< zoxOf_iC+JJPG0>J{dD%~*)}3HnMj@Ueat27a>Ayt|9Y9uYdX)Cx;erMaWqb)wm)Vw z!Xvo|?5wRg3LH3S)%KgpaJ;{)@yU;xwMeE9{y=nqbLYGF(eL;B2YY+)-+sSe{_mi_ zv-_99-u~fE|L}0IxBHj=VE^D?@E6oy#{ic-sbs-_>EF4p^5DLb$GVz!16_ zR4x!ukmO3xwhOf#4oPw&RkmS4C-)qLt_toB#A7c%3eqkT53P=^}Gv?sU;8jljC) zbj=VPsqADY2F9rW=A~p}+pqyR2&FvCA!}5g9935XpwFCTo6Bp;?eGX`rOKI=X6$p5 z2rsH67EgR?v)2kKpiD>Xe{yPbG5w2{}S}G3SCLDVN%#RNjz%WNZ2LI3GS3 zmlxzJlJqP(l(mE>8*tH9K>Y-{*JSP@_lMW7UF53G%SBru6$x^`Ke=$_zyHVWbWr!x zCk6C}4_)mIvaAPLB?f(+li*p(X*9l+OC}9zG(J-)F4gPj%A(97&tMfR)Jh;<5$_DOt9#s#rirJLfPor$%QX7P> z2%l<%cfY2&Trhign7C}tJY2zpXb8?rci36{8<7D*{WQ$*?MZM(HabIX5&Ri$N9v#$jd+EWi3qD#Q}94 zrin_y+i$hSmJB0>gAK#IbM9){^^ah&Zk35norri- zn@qNlrnv%z715l}v#0+;oeuhlA{t2n3Jv;2Hmw<2#1gbcrg1X2rnplsiegTqWQ1HC z$6j$UW|fZ6Hvm*d4wde#{k^=;Y+jT3HriD8agL5_h@lM8rrO|Ov(xozx1&nO*2;p) zcj0(;iB45^DU7h5?x4<>NJX3f6UeB_FTOr9lG~#C+u9KatL^t7DX(uMEXd9O<2S-w zhW~fj2v^rty7jE;^KEzE*~_;zle#;Ls$o#K+~ry`r&5>q%$VBlXrGN98aA%4f*=;| zS6?tewAg~yw);Gc@~?VYgYIwXQtMOwt$k^k=Ks0vyiHFF`+p(n^=(c7me~LI5Bhs0 z`~P5PfB(_`{}9h-v;SMswX9op+83dbH56!3ZUfrgBo_?nC=)=(Asgbbu$Ido?KbR! z3rcmZV!%GE-$u6cPHi}U%4>V371Kdu%Qg?uy{xB)RvU#5kHcBaDcnHI{Cv!P!hi~% zf?Llp4aOw#+Ra%E_guZay~4~1GMy2A%BC^q1i613csqk`->u3g&2->(vIaq9K(6Yt zHyaE|f(LF9txaXCM$OyeDk8}Z6*)<*#ReI>314%R*b0S1b1ewwe$T54gF1Fy4)k0RPMG>Rl zd>(?W@AyCO+;QEmvzE>35o-^<#b11Xa*FcMV(nHHA7Xz6esg!RNOhPd6UOPEDx~Ww zC|p#1eW*OWc-9tyJ`YyF-`zsP^fP< zu1m7_T6>@2-kYZHw*{c36qIoeHir%9?ji`E5$>rdO!*dp!+6q8M7=FBwgRKwF4s_beSFng;J2CSxT*R>&UMU!uFz2A zwD)-@z9mepEV!*&x(#=iv;iR!R6LVBJj<@P`>p4kpc_0_(erhL=9hTgdejU9`t%76iH{+0wrm+^yw7@oKYbf0u|Oxg#$@&$i`0u#F?9>QQd4jecIA~rM4Pj z!CF{<7G~TJTeDyK-T(Yo=jkv1{pnv%KYiMC(N+OH=p#zlB}9cn)~Wo`jplQn|Ft>) zwL^;B<^Xuf{m-4lorCiE@803TNJSInKQI#W(J}IJunH8U`!9JE6yr2?Z3m||HFAQ} zb+g)xqb>5sij8uXi2*|O19ma;J!bh6>f0r#Gw3q`IpvKCGY znx&CN^(6uZ0?A$Y%2R!e*pw!f*X~ICLw4yRm#5K*_*oEc{?;G5HU1sV9%J(F`kr)r zUl-(!f8uF)2Z^G^{;%T5-tzAEUzYFxyE}V_<@?`*z5e6={}9hZ?*Gu&)r7NjJW+DK z66;eF6Ih4hR<6KV2C>2-mQBJk9uif~bL?$pbB042fKL5fcF^xj)?DT^c_E>1)_Stz zka*B!w$Z>hb>kt%$;3-omL0F(cVQ#qB+34G1(zY+5hY;&RaDV#zwhP>Zw11^eL*-_ z0m4BBVFeVu{7rb&Y+9<2*u%=)ersl=ih@pYo0cSXVWNj*dG8=>xX!as?hSR3R=m2% z)b!8`svhByw zAXT$THi{a{P?~QHWmLfplHVDP;Hpa%3$`2~H|=WuYzx=P_q{XmvyR+o?@yZmqsHmc zF>>EU=O>q!Z(mhvRoVJ2EpjWkqvtkvdaNxvg_rKT zYMS6zEYb0Q$&5rgbs#5pUbJn*!k~~~aEc-Mh)x-z61vXK+iM*Su@e0q`4B#TEnxqU zauCMtfbKd;i3+eN;Y!eYqObQh^1*i%`E?=JU^kl=U0%HHfXApQgmKtvkF0(Z!lyJ+yF;;^1dnZlvu$#yzxbe)b=87_*{HhJK^`~MsMBK0 zf6MN2NCP@1BC)}-27HX%|5e&+>@gqLG*mO{Qs>2yRJSDe8`1kl$p5*evgNt6AT7XE zIfAP8pqgL3#WqKjdg(la0O#lo$UU2(OOW-^D@dNQ6_A({A15R@Qdv$5bgt}N=V=(K zTEZLwbrvkfI4@pWl9|}wxGD$R&EIx9O>4Hzk}W`GiO|-2xr6{biPQ4Ru<1mHU9uN| zjiYYCLPSUCnnuByK<*UB`CUNEhGfHVjBp&wnJv8aAkKNQ;R123(pI^h{1$4n?Wu67 zSmU%n+4@WTb>m^V5iTc;E&FD&)o=&Mu}l?5B}^4S`H0ep{$XxqtI)j=ysHFG0h;x3 z0W!m3s`93qv_&F|R4f)O^$LGj`+_ei{!12l4Lr-2y8h~0#(ML2VZJwO&D&MJP+#sr z*hIx@p2VRx5Gm9YO+&6;PZpNzP3gB^WUE8e3Yt}x>gVQJkCXCM^G~HM7!Q&y8jT?f zqk7HBjLP@Dm=lwdghnHV{sWD07!I+2EtJy_WTVRh;4hM&X2#WIHFZX1AVHoAo8N|8 z&dNS5oABWZkJ~5{y{F0nCRRCJYU0Yj#6pR%f#@l}FqKMvXLqze2*~btxc}Y3fxk~i z{o%;p+ZpbT4tMwc!`(suaCq47_cVasm~Fh+8+2dn?V)T)MgN=M{(B4DZ@%qpz4P>6 z|7HK#h3_Zb|AV`KzU%($Tm3D6(RtdDHNI_CZu2(_R|W0F(8gNhHNpFyK>RJHV(^Vqs_ph&VYv%aTjkM}JjTtEpD^VmXh% z-5q@rroZZ6`rA2^Y}S0!zsl!R=hkVI)n;}O<$>f4`9&i{-ctd>w=QYMZr7ImWVL%| zQQ{$Z1){dv{AznFeW;6kF@$-$o(B$-!RvyXg){wc6oFNn$l3+hV)dx$^8zxD-^i z$Drf`Qbf9%#{|K7cJTtra>ihMf6sL*t`a7fk!-b^MQB?!SO30S**U)A9S@lw7rVVH za;Wc4)9tZUOha zdU1&a9Y-W^WCc2+z7)J5b+Ft{bskKO7`wW2K}LC|D7!bwsUYKTD(9`Ik=)zJCbVle zvwU)8+b>nqavLBb$(0wYr3UrI@M&w{i?x>py&5kS#i}M){6yxc(6n1dgde6-O;JbT zT(bFA)s_@51|dvB(Z&9hxE-6lebKJ}@U)Qsbu7qxJOAC2GJi?_?;kv#|31j`@bbSU z%!>p^0p@|uKU>FuH1U~|dAQ@+;Kr&_H5Tb&&+kef){X<7&u0CXy6qIc=*}!pKjTAx zbZj_fC3dOW;VRpgd@Ve^du9@?YjU}3Lr_CCV|!sK~dP&-}qa(yXbXIAhQq z&TA^^hzQx()%`V7>a@vLvH7bqqa-=9YI@GBSY8b;%@vQTsdGv=I1N~q&iuTh5VzKJ z->Hdc+^Goa_48O8)wM8_vZ2BpE~sK=5!Lo*=1+;(g{iA8pHE(~hMBj*v{k07w#h7Q zWH|@TBFBKDxb&i!cA8G7X#yEMK>(HFr$0g1IMOnlGeX0~G!OHn|~{9=Ix+@u)R zco9RfqNSI)iSw4A0K7zRa0FTQL&jpnW`rZvm`SUx4D{OdacVO3XK)G{`2^AA3536# z!=0Sa7(|S2&k4S^b8&AQ{a4VMJzhEtu>y~K2_i>=&I zC6zxVnaVktk^~1h!5VdXW|}qoIt;Iaog!GvXe*}v^({^}mIN*DppRhV{wJP>wfs^o z;6;qIW4gR6lV6=#ck+uM>*Q3ca-A<$#(jL6pBD1JB8=OM|4Zfn!~UR@|Ml>2XZKP5 ze~9P7{Xd_-kL4yHx12~D$l+Q)$Q+H^ip`w5c@Z578R`NXGW)hH`Fch;rvZ`Nk*AT5 z4tC*BI=xIsBl;e>-KNxKr<_QMQl04nm=b1l@`ts^GMwk2tKD?j0JKn7ur7hGVD}s0 z76+pKHWJuJ#7P`tpCI>J7rDQ>w;vSF5I0K0aE|^+aVY0Cka7wP){~+Qv<~GH*@uK& zWC0%pn-cp}Cbt?YvsFl^R3Abl6DrV_M%A-dm$EFJgv7+}c+T0#+yzmMWFajq+|&Gk z1Mm((Dl2ecY}tPuPLu4>OlpGUS}m#+)@5(A^+#md2gu$ zEW7`Ia9Ga&(m#02|Nbz~XUzX@=n76oiAZ{|QzJI~o%jhFVr><~XiR4$LNO;0nEq-) z1ku0L4ljAy5DV&~geW%~DXm8=K~thlU}n3fvK z`>=$D!-MAOtKypkG@afOaNXM4ARp}SHqT%M^blL;I?G7h>lY}czjrqh_x1~v(mz~* z#NV$1_)Zb`{+qdfE3(pN zlLdAYLw*HQiE*gD)bWk#+|G(+kgK&)sf#LoN^+HX_U9r8?^07;^t|w*m&G1>9jh3; z%12s4V~%?*7jSdW8s6)3OYqQEg08kt!GSD-#Ict6nuX_8VKbGU%_5@tjPfX?M&@P8 zJJ`fV+WI{ei9USJkl)ervwwYqd5}Bct1x^3!M8LTv7@>RKsq3eVIB!5q&LMh%0Iv) zZkW-legUVI>9Aus<#;>;M|JHY5Y8nlzaeOXXL1lT$^FY16;kuJlYZT|H+zvnD+a9P zW`TmwdS-R2K~SOT#O*kcS`O*k!@i!FxUC;)SCVp zi`szZ7%;=HHx-q+&NZ30VmjAW2IkxF9F-3Fnn36W_mQzY1Y?mRSZz4CSJru>EM)iv zR9(KjVJ1J-p5PSzUU+#-FZ~L| zqHcj?pQxF9k{ix$CPZ72G8|KZq%tH?xnM1nTCQ0PvT_kos0;BF|E3!Id$F}LQ!-KB zOuUI2rnHTSH$IXgnD`^iFzkBhEe%5ieqJNWMWW(9l7w)5AyBVRtx+jZ)tsO%+%L+x zrG#01(IXve+6)lKQNX4d;#4zgI#CyW&sa!sRBY<)gh0f;gdrRRNX(~0778=uB~9n2 zS2bczX+G2;9x!HzohUHXr!jJVm1twm9z{CTz7xyhQ=)DqK&7lAwanMiD{|8`>}Ps2 zkmKYj@zB`_#QcOQvfoDHn#L+hrZ7h?5xGI2(I%|2Lup)J)A;*?JremXI);wyo+TvP zC}Q@e0|&D@HtY}!aUHLB~O8$3y2?&{#9n8O3D|lp{~>MmaAO255txA|qS~KU}H>?w9dHZ1Y!J zDw8OkU|m7dR%zTsGr$a~x?t^~cRh3gd?%b+tf+)8J>nBso|;WnF{-Ce^HdQNUmdIJ zAv{qZo)j3f0x0iTjx7goscco<(=(}KGlT5t7`ZOWV&-YaS9+cES<838b#3>7?C?Z4 zthWfO{Gg9KJ^cKnMbUtvte=$pR~AyzgoeT!ljJ8d|ADiq+%hu(MbegwywbjENe7iH z2bFH2&ccqNgzWk!OLqYosCEnsdsox*3?~>A*^sg8G)C@B%0@;FYH^~SwX5g5;{~!w zD_)<~ku5J9qpkHBWLG;LM@Ak-@~xEqh=vDy0r9QiF#5K$icj+g^72g(*nX!jW?)SO z{eZ6 zjTZy$mEvaULQ<-XO-*EQ6>+^D5K9qVSA_RwSZcXSF*uZ`h3(ShUnV>o$yUg2 z2uE9Tr#cDa2}XlXNBw-2P6?+z8g$TB8pqXAA9a}YU)`oP1LcKJX=Nv9szAo%{e|+w zJqg1XGy(IY`|jOa3l|X2^rMu^MZ(d3+s5s

BqWyo9yBJ|ZzmN28FG7}}z7O1!*E zr}fY@DE*ev!n36H^7aWlAqR6OMYf0c0Cn_6>OWf<+LYIFO8eDWeKNUn+Viv@; zD#mA#ykJ}9NxGo|Zr}?<6P<-Z$#X_b&=ZfQgrB(%d zPz|koZfnAdTJ%!s*35opJe(OR&b40Nudr3RglG4*)gWfs*>W|=jWSkQqVS5-Ty3XV zpupWU2dP`nQdXH|O;&h9@ze4sC^y=ogHg=MjIvZzbth~q;iAoAS0$G%_RqF@SETM` z#BD}fqT}__a8+0MO7d%d=}#N~59M5QZ}I;IJBK?J|Br*cNB@t9cs^JD2Rr`ir6Mo{ zF`sG~tENC-7RUn+W$Af*Qhyq2703h2FTN2|>MFNF=??%S9Q;|0dxej-xT_;bmrwL` z!01Y~LX_Xa*W<;N79NrV)2!CgpSH*!;0RDCQjYvedoGm`$fyTO4F%_ ztZ_7tTz#ES3;v%6SGb@1A3OW|gX;Z{$NY~E@_YvV9|eSGhaT!oDLX;R{H|icCpZ>L zNfSPcvuK6-hfr5QqGZvX%bK_#s2CWeX4j}_*GP+>_tm@$Lvqn3j^o9F@v0qGRmzHc z$;@b2gh!aq&5N!415ZIe9&HI)gOSm5 zAo9Rz=B3W&pmALRA{^c0C|b3$uaxm1Bav(^8dA#x1EG&P2oZExRXElAN+_N$TU=?e z|ErV5`-}gw-!JF?8yp@!>VFUOJox^vf;rPjBwXFX1Q($(Npde3ZHaAWUWy{MQF%-f zy`mS}+f349{TAwU&C8bY5*j+THeqhOzUyIz{;t^bX!Ztk6VQ;nj~P#pH%9d;8^h#3-UvyD(sEjasr}qAGUJd*jk>yr>VpiQU{zK>eT4R z@H0Q_Y;2{$RX52caX1XqySkder8BqC-6Zp#RlinRVwHw->#`h;cD}J@&~uCD5cNka zu%jifhri1Yn$ zLV9{!qa{JO2J}=pz&y>*v9?ZGG@|2|INmn*B1Viu22&cLm=)saZzJ+v;>iSiF;Pp= zmLLRe48GevJm@T!D0~g@m4-IMtAg0=`2f=t$8hGnDpRXApAigGEXjbiWs*E;24!k^ z-(x|}B^Lp;t7Gr)nVO=t5jLfXYS^_Cq`22Kf_+t^$jvpDk4Q}L&i;X%vadsXd3^5r zw9x-wj+*H6c7?X@XM8_Yr4d2&@~A7cuFK z5Ow)0JYJA5@q)2r5l^md%|0`OSk<{D)LcAtk(I)|qjOxA6DWRE&VoPCC_rwPzk3&a zyZKRZ*CSV@zkGXg@#^f=KaS8vK6(_8g!l;w(3aG}tW@!zJ{`$7vdpJXoo%FL%t*!R zR*}NN&x5mQ9L^CZa+oC2w>aR|LsooH9-#uxNlxg>LQ8G!5bbMVKEh3S->6F#Lv zsG4q#;Chvb(UHCh4DcZ=L^?IbXt+kg!jRoq$)7>@P_9OGu;gRN64X^*R$wfB&wnjn zfH}sB>YK1rHJ7!tO^}gZ5+P?EBypVkilR+C8o^4s)W|QW?UpgwOioeDBY#LS+O-7a z-cuyCYRkVW0~_f!;PQ{cIG4<4i$w%YF^w!zHFE{KZAbA%%QFC&iPq~h3fvq$#jC;9 zA?CJ($|tvksYL(k92v;>!# z{iEY-&brl<;hBPHdwA%YwpS&*@EWF|mQGBiT0+sNIWsvURnZ9+NMF7e@Wq z1dde6dFGv7z?X6M8Q0Q{1((Xv*g^d&S|A^EUKITu^}m`)so>h&^!2eI+i;&-1-Aeu zrlHK)Rt1;$Fvu1|tm6jtN!aTgrweUE1{))SUIG7xoQf8F+30PqY@{;}{S4A%Ug2Cv zyVSI4OQ0jhEg{oGKNNl!V)KejwuNigb1*2$H+86qsPxA&zxB`??it=nq7UwteD zjslKXF$OF<{~hd<QV{+y(6F zGq8=NV0Viyq#1}7#gt1FNzkIo>&EwPJSyBI+Voq@|TyxdZnOqx~4Qaf^^l@%J)#tX)h2Gx;UpWH&PHSNgl*SMKmZKV43()!EQ z*TwZO)FFT*k*48POH^C^LRI4OEH$ddg@Vnhv8Iu(oZ>ZW#{~$AqX8goLb*-6zzV_D zX~;DPlfbu2Fw~rNtlJ1-FkMCRTFnsUgBN@FK#m3O<63K>=0G%`%lbvtOno)wTM%Jh z>mJZl2h(DV{ks@)+U$U9v*oN&7-$3cEsQy)*_!rlW5{XQ%$m(OW)LgP`z=j4O|9I~ zfMc5d!p%1}J6&as6@y;amXcD?%yU?+R?r!o17p? z3zJ;VmX;agbjcP(ugZ4?NxE5D!8KaoG$4<*x3?AL93 z(}P%H-fwGrYiQ-Jwm04E7jAoNZJ}wBpzqT{vt~V~aSY4MG}eN;g_-7FO`?lblCO7a z?rs+~Q+EG$(a&w*S@NuE|AX`@D+U5t=KpoDSMmSa9qc^X{~qG`jP}3z<^O)Me#2iO z|Ig<)`@taZ)$13hR}MpZ);zw zZR4)iC1~^uw=K0cVl<0x_i4hopXGID%Y|B3U%5Y5y%_z~&1QQOVa5&b%a7}}&x-b+ zn2BV}$!bQRCH`N7!;1Z9clYuB-@`ng&;E0+Na;R|Ko*sLF_xelrew-f9giUU9Se zjMkKDv0BVFtNGR9&3bLk+E`PFnJN@T^NPlhHIXY(p*@RkDYB=rBh++Jo{t5{Ue%zm zkT_e-!2OyR7LV*pGBn&yd=7|D1Ck}5ClWBZBkE+q8qP&~UX|EVK|GV;xR8YBn#{Xw z)HUB0?Q4+Aqi$1!R6-K+A<3W(Ak7PnG}LAbD>3oLO=a;2isE!hiD}5GTwBWO$0AQf zDFJ!kqL$9dV;dWav;Ns^P0M%C)hrRq+p{)0g(#KFv=ujOB+zmv%N=IxHDwd_cB?$6 z7A*BPq)u@-3-sy6K2~jb&88}Ah$~Xe?Tl6n8oHz9%ATw*+k9n=9Tkyq#VKeIEAP=5 zvR?I|^@#3;d*nrb&JIMEa}bb~t4nhM-6DI9#TAh;-xZ3%rWciL4y<3mf+F4{99qtN^T$8!*Vklc`2vUz>PX8o%G9L zPJ#gyw()T#RAnZ_tOMSFGq zrm&jvslJUnYG$g@FVf_sc083l-Y8;f^sO-s78$*9-lLASHYuce+i#v`RmYyQ#i&== z$+J@!l>$)04=p|s2BSjBbB2LqozhFo4CwF2Xt395JrlKJ#~tXuwmr+(W$!$OsTa4e ztrcXhj@k>|2H8t?ptE$|a_=ZZyIB07qo(fd6>H^C`z$V2U-Yx0{%>zft*rn{^#8rX z-Ln3_yLa$-|L;Mb&*%T8)nQo%6#XHo>iSA{hw`wnPgykT_a$@LDvNxsNdOM7+$LQ= zb7s&YQn%mNVsb-ogZ1_{$a-rd@-<0%Dvxw6Zt8|mO&wjD1{7PHy%}Y_k>hGYlqjNe zWg4hWdPb8hQjcJcr(xl?W3KEq*i&+`qS2mG->*Pp5<&Xkpx6GIB}~!s{#7wOHVsUG z6I|a#v)@Atxjx^jbc*WCI#y7amQ#7Pp+DVCj;a&bxNmTpG6id|WgSyJ$+PMx}MsEe_8V%@W-k-j^Ga6G zD-;=%W*=KQTQuVGSx>vFFk34d%9!WCIwv4uh_8b=g-% z6lov5i{3@X8}S?QE~?RVRObqEIdd8VUZ=s)t7rjG%|H1@JgKs^EQv7=0`#QYm12=p zw~jYuam@uJ6gUbzsfFdFkovcBgV;{Wy~e=e}8|!UzGm` z2mQlG`Ts$l4RnqZ$zufMnuiIO8%BhNDGedXc8vXNJSM_(Hqh0C3MA4vW;_u{Oh_1l zw+fo##GlY;yp1>saYAQ$!^_{}C~!7VM8?X$c}p1;v>z$@e>xs|9ffnmBB&`rLNVbe zq!IBP@7d+AmvVb@Hqa?hD0*{xi2}-n#=@wM~ROQx~&^#6A@&>PGtO9eW6_FOn#%-Qe6PaKa11ou=q z&VF~inebUaWZQH)Mk5vmggbOP?tQTqhNks@@%-f3%je!SSVJF6?tdNhcMePIe}89Z z|8f04#Iu3Er%8mT)U1XVbjYQ=aVp8daZb=LKay}-eEqL2lO$j65}uf-^!N#jsV{n= zD*CG?s0~@B1D5MCXK5^1iXt);vN841kR&&RL>VBep656l8|doAU!Pq#&Tqf{CS_tL zATfyo68V&9xm)gvN4h=Op|uh82<>?9z4yjnh6$Q5K0iXtr$@aWCu1rSKJN~^fce*i zdzAHts(;nJ>=OF*StM9U961V<^*={xECtQ17=VXk`o?rW8#vcA3XYIe!Rh!Vj-4q< zuoQnK8f`K)PIP3~EgWB@r1Y%NOgi8-6mfCz*Qr5JN0nvgIiT%el?^(V;3 zkrcV$xB)I!%t**$6p)ppF*hNd{eW5PYhDH36!1K6j2`6(R|9LFMW z?OMO_0y66wl~2NIjIuHsI%FOniz%M58!OknksDis8!!I-BA#xnL~G zY1S+SNnXi3CPzqs+T|b=5aDwQy4MkU2I~Zw;+9fLWusEh3Yjl;F9#v=9#7+t9HDG= zIgYgomvnWJl?3dm_T_4@Th;{Gi^ep1?>Gq_FKbq{li;!4%)lEQc!O?0h7?ELLBGon zb{!{9!|ykSKYg;8ExOA_oX_j^_?SG$G0gu^3XLM2B-E4A7BkL{eo2zU~KY z$QGdJc#ad0VQQg!sE!0Hs8M5q;}<$YbC#kTmWBZe={1pG1R;pLPdG+28ZkaqEJE!I z!k#2`SSV@xBtkS2366ZC8yk`%XCos^o8mSKjK4@P8xsEwv%i6?=|}cVI2%X}T|)$X zSFWpb$@N7-BA?_dOCJO;#gjQbRpq77YufT`BuG3ujz}2CV{#f|A(qkRKPF5lgG&xz zg5Iz&of34Z8bZ+0HaZ&_+HkA#n8S9dxV7B$Xf!TB>~>wp z!M;y~c*z2?4BQhaiKZ;b9gZ8}E_8H3aPXGXguI3c5cJQbon6vD$qGGu_YdkgQlVMa z?zy(|4fBZ%3N4wPbRjt#(ovJXQJ4;e*9~MLwuFEU1Q-CIH$V-uy3J_zdBKk;CtHwA zmWh(IHRHQ?Jwuqihn z*~JQD?)`{{2YV#)vn!jQJ~@R!2XUB>*z-JXW+c(!|kg_fQ zz}fW3dWkfm!QpIF{IURDW_HwwwV}8Y1)=_iVfk#L*yS~uFYNK!vP`$_P~W%89UDJ= z0{l4}_OS(^wX~v&i+|Z_LT~H?OufKfy}o*W=_T)zf=+ga1LA)FVULLWgIgRDw~cwb z%rWrJ$Hg!=XCujxMvVJ%=VT%~!q*qW;S56ZEEu#5DdF;AC@lQ%cTUz4F9c-F~{;O=FWSwt5VQ{ilN8ZPbC&+5%cymkY zg?BN|aLAwjO^mpi4tN1 zIvNp}mJz{8%4JhQK;Z0E4Ru#ZP|%88hg#$Xn?}}^9s#0>AmK2H;^h zM?;oORHYpl->yNv)sUQ8Wvqko7u(#awyCTuh(+PNocS9(S8}l20VX7~6UA}oidXpu$4>`BJfr&rE4v?nG~Wr&_6Xe3z|j^>C8krL6qOC_W0b)*SZ z_$0!dGRYt$&(<@gjV^ZWfDs|PH!RDnM;y)NMCM@RqX0djwAk#SsYN5f7K`96B17*b zoQw!JjOrIQ8c{GhLa~7Psnl#>&K578+0L)C-Cw74tR}d(k^R|C1?l=&5Yf@gM1P9L zYVyn&5{72Gnp%DqWR!*|q|r54Pyc56mVJ7*5j#l}#wiX(j}yVd8R<&!cHrOLZp=i| z%|TH!-TS-UVw=&_Rv3nC+*4&pSB?bw?9O(&3DbY>_Wlmrns&Z)EDz29@L4?ntK7!+ z(D$6-z-LqCV3ZI(MXq`0su_ZbHSfT!Q_gvhamnP7NQZ(36mtpzhje!VN~1u##Gl02 zpAZAcHZr%DcDz2?k_BA-$?g2rk<>TEb0B2Nzk!N?L6G-8iGhLmY#N7DDdA@G(M@>H zKXn6am|)-;ag@R?dVPUTU%z^Gc6Ijp)g^lU13G#2 zPxRB-t7qGYP-PT+FPX290MaQ42cC0DNTG9MEK_D(>Z1@x;}nkx8nYSU5gg(ZKBYqK twm1r$kWOi$d1_@i-WPjZ{rEgSkI&=t_^j#qzX1RM|Np0Nxe)*i1OO&m!m$7V literal 0 HcmV?d00001 diff --git a/charts/wordpress+valuesjson de VScode/curl b/charts/wordpress+valuesjson de VScode/curl new file mode 100644 index 0000000..e69de29 diff --git a/charts/wordpress+valuesjson de VScode/index.yaml b/charts/wordpress+valuesjson de VScode/index.yaml new file mode 100644 index 0000000..73be1d0 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/index.yaml @@ -0,0 +1,161 @@ +apiVersion: v1 +entries: + common: + - annotations: + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.19.0 + created: "2024-04-15T08:17:31.201694+02:00" + description: A Library Helm Chart for grouping common logic between bitnami charts. + This chart is not deployable by itself. + digest: 89e4008ba84ebc4b1838b7266bd991958f57eedb841e9268726de971dc78cfd1 + home: https://bitnami.com + icon: https://bitnami.com/downloads/logos/bitnami-mark.png + keywords: + - common + - helper + - template + - function + - bitnami + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: common + sources: + - https://github.com/bitnami/charts + type: library + urls: + - charts/common-2.19.0.tgz + version: 2.19.0 + mariadb: + - annotations: + category: Database + images: | + - name: mariadb + image: docker.io/bitnami/mariadb:11.2.3-debian-12-r4 + - name: mysqld-exporter + image: docker.io/bitnami/mysqld-exporter:0.15.1-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 11.2.3 + created: "2024-04-15T08:17:31.2084884+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: MariaDB is an open source, community-developed SQL database server + that is widely in use around the world due to its enterprise features, flexibility, + and collaboration with leading tech firms. + digest: 68baeb5bed0d05469e805fff6745b68ddd77a585033a0d03fcc90ab108677529 + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png + keywords: + - mariadb + - mysql + - database + - sql + - prometheus + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mariadb + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mariadb + urls: + - charts/mariadb-16.5.0.tgz + version: 16.5.0 + memcached: + - annotations: + category: Infrastructure + images: | + - name: memcached + image: docker.io/bitnami/memcached:1.6.24-debian-12-r0 + - name: memcached-exporter + image: docker.io/bitnami/memcached-exporter:0.14.2-debian-12-r10 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 1.6.24 + created: "2024-04-15T08:17:31.213548+02:00" + dependencies: + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: Memcached is an high-performance, distributed memory object caching + system, generic in nature, but intended for use in speeding up dynamic web applications + by alleviating database load. + digest: 729aa0fc402dcc3eb493028ef124a744f907b8dba997519bb7dea588703a3c5f + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/memcached/img/memcached-stack-220x234.png + keywords: + - memcached + - cache + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: memcached + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/memcached + urls: + - charts/memcached-6.14.0.tgz + version: 6.14.0 + wordpress: + - annotations: + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.6-debian-12-r8 + - name: os-shell + image: docker.io/bitnami/os-shell:12-debian-12-r16 + - name: wordpress + image: docker.io/bitnami/wordpress:6.4.3-debian-12-r20 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.4.3 + created: "2024-04-15T08:17:31.201694+02:00" + dependencies: + - condition: memcached.enabled + name: memcached + repository: oci://registry-1.docker.io/bitnamicharts + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.x.x + - name: common + repository: oci://registry-1.docker.io/bitnamicharts + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 13bb5d3f211ed22015c505a6d6508eabdf6f7bcb1e45f462362b0c5c870ffebf + home: https://bitnami.com + icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - wordpress-20.1.2.tgz + version: 20.1.2 +generated: "2024-04-15T08:17:31.1874317+02:00" diff --git a/charts/wordpress+valuesjson de VScode/templates/NOTES.txt b/charts/wordpress+valuesjson de VScode/templates/NOTES.txt new file mode 100644 index 0000000..722c965 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/NOTES.txt @@ -0,0 +1,96 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +** Please be patient while the chart is being deployed ** + +{{- if .Values.diagnosticMode.enabled }} +The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: + + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} + +Get the list of pods by executing: + + kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +Access the pod you want to debug by executing + + kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash + +In order to replicate the container startup scripts execute this command: + + /opt/bitnami/scripts/wordpress/entrypoint.sh /opt/bitnami/scripts/apache/run.sh + +{{- else }} + +Your WordPress site can be accessed through the following DNS name from within your cluster: + + {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.service.ports.http }}) + +To access your WordPress site from outside the cluster follow the steps below: + +{{- if .Values.ingress.enabled }} + +1. Get the WordPress URL and associate WordPress hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "WordPress URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/" + echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} +{{- $port := .Values.service.ports.http | toString }} + +1. Get the WordPress URL by running these commands: + +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "WordPress URL: http://$NODE_IP:$NODE_PORT/" + echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin" + +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "common.names.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + echo "WordPress URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/" + echo "WordPress Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}/admin" + +{{- else if contains "ClusterIP" .Values.service.type }} + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "common.names.fullname" . }} {{ .Values.service.ports.http }}:{{ .Values.service.ports.http }} & + echo "WordPress URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//" + echo "WordPress Admin URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.ports.http }}{{ end }}//admin" + +{{- end }} +{{- end }} + +2. Open a browser and access WordPress using the obtained URL. + +3. Login with the following credentials below to see your blog: + + echo Username: {{ .Values.wordpressUsername }} + echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath="{.data.wordpress-password}" | base64 -d) + +{{- if .Values.metrics.enabled }} + +You can access Apache Prometheus metrics following the steps below: + +1. Get the Apache Prometheus metrics URL by running: + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ .Values.metrics.service.ports.metrics }}:{{ .Values.metrics.service.ports.metrics }} & + echo "Apache Prometheus metrics URL: http://127.0.0.1:{{ .Values.metrics.service.ports.metrics }}/metrics" + +2. Open a browser and access Apache Prometheus metrics using the obtained URL. + +{{- end }} +{{- end }} + +{{- include "wordpress.validateValues" . }} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.image }} +{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} +{{- include "common.warnings.resources" (dict "sections" (list "metrics" "" "volumePermissions") "context" $) }} diff --git a/charts/wordpress+valuesjson de VScode/templates/_helpers.tpl b/charts/wordpress+valuesjson de VScode/templates/_helpers.tpl new file mode 100644 index 0000000..7483623 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/_helpers.tpl @@ -0,0 +1,286 @@ +{{/* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.mariadb.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wordpress.memcached.fullname" -}} +{{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}} +{{- end -}} + +{{/* +Return the proper WordPress image name +*/}} +{{- define "wordpress.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the metrics image) +*/}} +{{- define "wordpress.metrics.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "wordpress.volumePermissions.image" -}} +{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "wordpress.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}} +{{- end -}} + +{{/* + Create the name of the service account to use + */}} +{{- define "wordpress.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "wordpress.customHTAccessCM" -}} +{{- printf "%s" .Values.customHTAccessCM -}} +{{- end -}} + +{{/* +Return the WordPress configuration secret +*/}} +{{- define "wordpress.configSecretName" -}} +{{- if .Values.existingWordPressConfigurationSecret -}} + {{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}} +{{- else -}} + {{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for WordPress configuration +*/}} +{{- define "wordpress.createConfigSecret" -}} +{{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Apache configuration configmap +*/}} +{{- define "wordpress.apache.configmapName" -}} +{{- if .Values.existingApacheConfigurationConfigMap -}} + {{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}} +{{- else -}} + {{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object should be created for Apache configuration +*/}} +{{- define "wordpress.apache.createConfigmap" -}} +{{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Hostname +*/}} +{{- define "wordpress.databaseHost" -}} +{{- if .Values.mariadb.enabled }} + {{- if eq .Values.mariadb.architecture "replication" }} + {{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Port +*/}} +{{- define "wordpress.databasePort" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "3306" -}} +{{- else -}} + {{- printf "%d" (.Values.externalDatabase.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Database Name +*/}} +{{- define "wordpress.databaseName" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.database -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.database -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB User +*/}} +{{- define "wordpress.databaseUser" -}} +{{- if .Values.mariadb.enabled }} + {{- printf "%s" .Values.mariadb.auth.username -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.user -}} +{{- end -}} +{{- end -}} + +{{/* +Return the MariaDB Secret Name +*/}} +{{- define "wordpress.databaseSecretName" -}} +{{- if .Values.mariadb.enabled }} + {{- if .Values.mariadb.auth.existingSecret -}} + {{- printf "%s" .Values.mariadb.auth.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} + {{- end -}} +{{- else if .Values.externalDatabase.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}} +{{- else -}} + {{- printf "%s-externaldb" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Hostname +*/}} +{{- define "wordpress.cacheHost" -}} +{{- if .Values.memcached.enabled }} + {{- $releaseNamespace := .Release.Namespace }} + {{- $clusterDomain := .Values.clusterDomain }} + {{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}} +{{- else -}} + {{- printf "%s" .Values.externalCache.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Memcached Port +*/}} +{{- define "wordpress.cachePort" -}} +{{- if .Values.memcached.enabled }} + {{- printf "11211" -}} +{{- else -}} + {{- printf "%d" (.Values.externalCache.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the WordPress Secret Name +*/}} +{{- define "wordpress.secretName" -}} +{{- if .Values.existingSecret }} + {{- printf "%s" .Values.existingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the SMTP Secret Name +*/}} +{{- define "wordpress.smtpSecretName" -}} +{{- if .Values.smtpExistingSecret }} + {{- printf "%s" .Values.smtpExistingSecret -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message. +*/}} +{{- define "wordpress.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.database" .) -}} +{{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - Custom wp-config.php +*/}} +{{- define "wordpress.validateValues.configuration" -}} +{{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}} +wordpress: wordpressConfiguration + You are trying to use a wp-config.php file. This setup is only supported + when skipping wizard installation (--set wordpressSkipInstall=true). +{{- end -}} +{{- end -}} + +{{/* +Validate values of WordPress - htaccess configuration +*/}} +{{- define "wordpress.validateValues.htaccess" -}} +{{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}} +wordpress: customHTAccessCM + You are trying to use custom htaccess rules but Apache was configured + to prohibit overriding directives with htaccess files. To use this feature, + allow overriding Apache directives (--set allowOverrideNone=false). +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Database */}} +{{- define "wordpress.validateValues.database" -}} +{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}} +wordpress: database + You disable the MariaDB installation but you did not provide the required parameters + to use an external database. To use an external database, please ensure you provide + (at least) the following values: + + externalDatabase.host=DB_SERVER_HOST + externalDatabase.database=DB_NAME + externalDatabase.port=DB_SERVER_PORT +{{- end -}} +{{- end -}} + +{{/* Validate values of WordPress - Cache */}} +{{- define "wordpress.validateValues.cache" -}} +{{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}} +wordpress: cache + You enabled cache via W3 Total Cache without but you did not enable the Memcached + installation nor you did provided the required parameters to use an external cache server. + Please enable the Memcached installation (--set memcached.enabled=true) or + provide the external cache server values: + + externalCache.host=CACHE_SERVER_HOST + externalCache.port=CACHE_SERVER_PORT +{{- end -}} +{{- end -}} diff --git a/charts/wordpress+valuesjson de VScode/templates/config-secret.yaml b/charts/wordpress+valuesjson de VScode/templates/config-secret.yaml new file mode 100644 index 0000000..9dff348 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/config-secret.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.createConfigSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + wp-config.php: {{ .Values.wordpressConfiguration | b64enc }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/deployment.yaml b/charts/wordpress+valuesjson de VScode/templates/deployment.yaml new file mode 100644 index 0000000..720d8fa --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/deployment.yaml @@ -0,0 +1,389 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + {{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }} + annotations: + {{- if .Values.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if (include "wordpress.createConfigSecret" .) }} + checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }} + {{- end }} + {{- end }} + spec: + {{- include "wordpress.imagePullSecrets" . | nindent 6 }} + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + {{- if .Values.hostAliases }} + # yamllint disable rule:indentation + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + # yamllint enable rule:indentation + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName | quote }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "wordpress.serviceAccountName" .}} + {{- if .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }} + initContainers: + {{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: "{{ include "wordpress.volumePermissions.image" . }}" + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + args: + - -ec + - | + mkdir -p /bitnami/wordpress + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2) + {{- else }} + find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} + {{- end }} + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }} + securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} + {{- else }} + securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: wordpress + image: {{ include "wordpress.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.command }} + command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.args }} + args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: ALLOW_EMPTY_PASSWORD + value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }} + - name: WORDPRESS_SKIP_BOOTSTRAP + value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }} + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + # Override the default data to persist omiting wp-config.php from the list since + # it is mounted as a read-only file from a Secret + - name: WORDPRESS_DATA_TO_PERSIST + value: "wp-content" + {{- else }} + - name: MARIADB_HOST + value: {{ include "wordpress.databaseHost" . | quote }} + - name: MARIADB_PORT_NUMBER + value: {{ include "wordpress.databasePort" . | quote }} + - name: WORDPRESS_DATABASE_NAME + value: {{ include "wordpress.databaseName" . | quote }} + - name: WORDPRESS_DATABASE_USER + value: {{ include "wordpress.databaseUser" . | quote }} + - name: WORDPRESS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.databaseSecretName" . }} + key: mariadb-password + - name: WORDPRESS_USERNAME + value: {{ .Values.wordpressUsername | quote }} + - name: WORDPRESS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.secretName" . }} + key: wordpress-password + - name: WORDPRESS_EMAIL + value: {{ .Values.wordpressEmail | quote }} + - name: WORDPRESS_FIRST_NAME + value: {{ .Values.wordpressFirstName | quote }} + - name: WORDPRESS_LAST_NAME + value: {{ .Values.wordpressLastName | quote }} + - name: WORDPRESS_HTACCESS_OVERRIDE_NONE + value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }} + - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE + value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }} + - name: WORDPRESS_BLOG_NAME + value: {{ .Values.wordpressBlogName | quote }} + - name: WORDPRESS_TABLE_PREFIX + value: {{ .Values.wordpressTablePrefix | quote }} + - name: WORDPRESS_SCHEME + value: {{ .Values.wordpressScheme | quote }} + - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT + value: {{ .Values.wordpressExtraConfigContent | quote }} + - name: WORDPRESS_PLUGINS + value: {{ join "," .Values.wordpressPlugins | quote }} + - name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS + value: {{ ternary "yes" "no" .Values.overrideDatabaseSettings | quote }} + {{- end }} + {{- if .Values.multisite.enable }} + - name: WORDPRESS_ENABLE_MULTISITE + value: "yes" + - name: WORDPRESS_MULTISITE_HOST + value: {{ .Values.multisite.host | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER + value: {{ .Values.service.ports.http | quote }} + - name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER + value: {{ .Values.service.ports.https | quote }} + - name: WORDPRESS_MULTISITE_NETWORK_TYPE + value: {{ .Values.multisite.networkType | quote }} + - name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION + value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }} + {{- end }} + {{- if .Values.smtpHost }} + - name: SMTP_HOST + value: {{ .Values.smtpHost | quote }} + {{- end }} + {{- if .Values.smtpPort }} + - name: SMTP_PORT + value: {{ .Values.smtpPort | quote }} + {{- end }} + {{- if .Values.smtpUser }} + - name: SMTP_USER + value: {{ .Values.smtpUser | quote }} + {{- end }} + {{- if or .Values.smtpPassword .Values.smtpExistingSecret }} + - name: SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "wordpress.smtpSecretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.smtpProtocol }} + - name: SMTP_PROTOCOL + value: {{ .Values.smtpProtocol | quote }} + {{- end }} + - name: APACHE_HTTP_PORT_NUMBER + value: {{ .Values.containerPorts.http | quote }} + - name: APACHE_HTTPS_PORT_NUMBER + value: {{ .Values.containerPorts.https | quote }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.containerPorts.http }} + - name: https + containerPort: {{ .Values.containerPorts.https }} + {{- if .Values.extraContainerPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- else if ne .Values.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /bitnami/wordpress + name: wordpress-data + subPath: wordpress + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + mountPath: /opt/bitnami/wordpress/wp-config.php + subPath: wp-config.php + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + mountPath: /opt/bitnami/apache/conf/httpd.conf + subPath: httpd.conf + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - mountPath: /opt/bitnami/apache/conf/vhosts/htaccess + name: custom-htaccess + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - mountPath: /docker-entrypoint-init.d + name: custom-postinit + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + image: {{ include "wordpress.metrics.image" . }} + imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else }} + command: + - /bin/apache_exporter + - --scrape_uri + - http://status.localhost:8080/server-status/?auto + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.containerPorts.metrics }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.metrics.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} + httpGet: + path: /metrics + port: metrics + {{- end }} + {{- if .Values.metrics.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.metrics.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: metrics + {{- end }} + {{- end }} + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- else if ne .Values.metrics.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} + - name: wordpress-config + secret: + secretName: {{ include "wordpress.configSecretName" . }} + defaultMode: 0644 + {{- end }} + {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} + - name: apache-config + configMap: + name: {{ include "wordpress.apache.configmapName" . }} + defaultMode: 0644 + {{- end }} + {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} + - name: custom-htaccess + configMap: + name: {{ include "wordpress.customHTAccessCM" . }} + items: + - key: wordpress-htaccess.conf + path: wordpress-htaccess.conf + {{- end }} + {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} + - name: custom-postinit + configMap: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) }} + defaultMode: 0755 + {{- end }} + - name: wordpress-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/externaldb-secrets.yaml b/charts/wordpress+valuesjson de VScode/templates/externaldb-secrets.yaml new file mode 100644 index 0000000..ae5edb1 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/externaldb-secrets.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/extra-list.yaml b/charts/wordpress+valuesjson de VScode/templates/extra-list.yaml new file mode 100644 index 0000000..2d35a58 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/extra-list.yaml @@ -0,0 +1,9 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/hpa.yaml b/charts/wordpress+valuesjson de VScode/templates/hpa.yaml new file mode 100644 index 0000000..2426dd2 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/hpa.yaml @@ -0,0 +1,48 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.autoscaling.enabled }} +apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} + kind: Deployment + name: {{ include "common.names.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetMemory }} + - type: Resource + resource: + name: memory + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.targetCPU }} + - type: Resource + resource: + name: cpu + {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} + targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/httpd-configmap.yaml b/charts/wordpress+valuesjson de VScode/templates/httpd-configmap.yaml new file mode 100644 index 0000000..30a434a --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/httpd-configmap.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "wordpress.apache.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + httpd.conf: |- + {{- .Values.apacheConfiguration | nindent 4 }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/ingress.yaml b/charts/wordpress+valuesjson de VScode/templates/ingress.yaml new file mode 100644 index 0000000..3fe25b4 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/ingress.yaml @@ -0,0 +1,62 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.ingress.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ tpl .Values.ingress.hostname $ | quote }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ tpl .name $ | quote }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }} + tls: + {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }} + - hosts: + - {{ tpl .Values.ingress.hostname $ | quote }} + {{- if or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" ) }} + - {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }} + {{- end }} + secretName: {{ printf "%s-tls" (tpl .Values.ingress.hostname $) }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/metrics-svc.yaml b/charts/wordpress+valuesjson de VScode/templates/metrics-svc.yaml new file mode 100644 index 0000000..1731ac3 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/metrics-svc.yaml @@ -0,0 +1,27 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + ports: + - name: metrics + port: {{ .Values.metrics.service.ports.metrics }} + protocol: TCP + targetPort: metrics + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/networkpolicy-backend-ingress.yaml b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-backend-ingress.yaml new file mode 100644 index 0000000..7133256 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-backend-ingress.yaml @@ -0,0 +1,30 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled .Values.networkPolicy.ingressRules.backendOnlyAccessibleByFrontend }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-backend" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- if .Values.networkPolicy.ingressRules.customBackendSelector }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customBackendSelector "context" $) | nindent 6 }} + {{- else }} + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: {{ .Release.Name }} + {{- end }} + ingress: + - from: + - podSelector: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/networkpolicy-egress.yaml b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-egress.yaml new file mode 100644 index 0000000..9c8a442 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-egress.yaml @@ -0,0 +1,35 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.egressRules.denyConnectionsToExternal .Values.networkPolicy.egressRules.customRules) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-egress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: {{ .Release.Name }} + policyTypes: + - Egress + egress: + {{- if .Values.networkPolicy.egressRules.denyConnectionsToExternal }} + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - to: + - namespaceSelector: {} + {{- end }} + {{- if .Values.networkPolicy.egressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.egressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/networkpolicy-ingress.yaml b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-ingress.yaml new file mode 100644 index 0000000..c05c1e6 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/networkpolicy-ingress.yaml @@ -0,0 +1,63 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled (or .Values.networkPolicy.ingress.enabled .Values.networkPolicy.metrics.enabled .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled) }} +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + name: {{ printf "%s-ingress" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + ingress: + {{- if and .Values.ingress.enabled .Values.networkPolicy.ingress.enabled (or .Values.networkPolicy.ingress.namespaceSelector .Values.networkPolicy.ingress.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingress.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingress.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingress.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.metrics.enabled .Values.networkPolicy.metrics.enabled (or .Values.networkPolicy.metrics.namespaceSelector .Values.networkPolicy.metrics.podSelector) }} + - from: + {{- if .Values.networkPolicy.metrics.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.metrics.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.metrics.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if and .Values.networkPolicy.ingressRules.accessOnlyFrom.enabled (or .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector) }} + - from: + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector }} + - namespaceSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector }} + - podSelector: + matchLabels: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.accessOnlyFrom.podSelector "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- if .Values.networkPolicy.ingressRules.customRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressRules.customRules "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/pdb.yaml b/charts/wordpress+valuesjson de VScode/templates/pdb.yaml new file mode 100644 index 0000000..07c3777 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/pdb.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.pdb.create }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.pdb.minAvailable }} + minAvailable: {{ .Values.pdb.minAvailable }} + {{- end }} + {{- if .Values.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.pdb.maxUnavailable }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/postinit-configmap.yaml b/charts/wordpress+valuesjson de VScode/templates/postinit-configmap.yaml new file mode 100644 index 0000000..48f8b63 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/postinit-configmap.yaml @@ -0,0 +1,46 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-postinit" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if .Values.wordpressConfigureCache }} + {{- $memcachedFullname := include "wordpress.cacheHost" . }} + {{- $memcachedPort := include "wordpress.cachePort" . | int }} + 00-configure-w3-total-cache.sh: |- + #!/bin/bash + + # Add permissions to edit wp-config.php + chmod +w /bitnami/wordpress/wp-config.php + + # Activate W3 Total Cache pairs + wp plugin activate w3-total-cache + wp total-cache fix_environment + + # Choose 'Memcached' as database and object cache method + wp total-cache option set dbcache.engine memcached --type=string + wp total-cache option set objectcache.engine memcached --type=string + wp total-cache flush all + wp total-cache option set dbcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set dbcache.enabled true --type=boolean + wp total-cache option set objectcache.memcached.servers {{ $memcachedFullname }}:{{ $memcachedPort }} --type=string + wp total-cache option set objectcache.enabled true --type=boolean + wp total-cache flush all + + # Revoke permissions to edit wp-config.php + chmod a-w /bitnami/wordpress/wp-config.php + {{- end }} + {{- if .Values.customPostInitScripts }} + {{- include "common.tplvalues.render" (dict "value" .Values.customPostInitScripts "context" $) | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/pvc.yaml b/charts/wordpress+valuesjson de VScode/templates/pvc.yaml new file mode 100644 index 0000000..9d4f62f --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/pvc.yaml @@ -0,0 +1,36 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.persistence.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- if not (empty .Values.persistence.accessModes) }} + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + {{- else }} + - {{ .Values.persistence.accessMode | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }} + {{- if .Values.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} + {{- end -}} + {{- if .Values.persistence.dataSource }} + dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/secrets.yaml b/charts/wordpress+valuesjson de VScode/templates/secrets.yaml new file mode 100644 index 0000000..22e6a04 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/secrets.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if not .Values.existingSecret }} + wordpress-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "wordpress-password" "providedValues" (list "wordpressPassword") "context" $) }} + {{- end }} + {{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }} + {{- if .Values.smtpPassword }} + smtp-password: {{ .Values.smtpPassword | b64enc | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/serviceaccount.yaml b/charts/wordpress+valuesjson de VScode/templates/serviceaccount.yaml new file mode 100644 index 0000000..0ee982a --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "wordpress.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end -}} diff --git a/charts/wordpress+valuesjson de VScode/templates/servicemonitor.yaml b/charts/wordpress+valuesjson de VScode/templates/servicemonitor.yaml new file mode 100644 index 0000000..e0aa8a9 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + {{- end }} + endpoints: + - port: metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- if .Values.metrics.serviceMonitor.relabellings }} + metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 8 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: metrics +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/templates/svc.yaml b/charts/wordpress+valuesjson de VScode/templates/svc.yaml new file mode 100644 index 0000000..b8739e1 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/svc.yaml @@ -0,0 +1,59 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if or .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.ports.http }} + protocol: TCP + targetPort: http + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + - name: https + port: {{ .Values.service.ports.https }} + protocol: TCP + targetPort: {{ .Values.service.httpsTargetPort }} + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }} + nodePort: {{ .Values.service.nodePorts.https }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/wordpress+valuesjson de VScode/templates/tls-secrets.yaml b/charts/wordpress+valuesjson de VScode/templates/tls-secrets.yaml new file mode 100644 index 0000000..728ab58 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/templates/tls-secrets.yaml @@ -0,0 +1,44 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled }} +{{- if .Values.ingress.secrets }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ $.Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} +{{- $secretName := printf "%s-tls" .Values.ingress.hostname }} +{{- $ca := genCA "wordpress-ca" 365 }} +{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} + tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} + ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} +{{- end }} +{{- end }} diff --git a/charts/wordpress+valuesjson de VScode/values.schema.json b/charts/wordpress+valuesjson de VScode/values.schema.json new file mode 100644 index 0000000..c96fa0e --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/values.schema.json @@ -0,0 +1,839 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "wordpressUsername": { + "type": "string", + "title": "Username", + "form": true + }, + "wordpressPassword": { + "type": "string", + "title": "Password", + "form": true, + "description": "Defaults to a random 10-character alphanumeric string if not set" + }, + "wordpressEmail": { + "type": "string", + "title": "Admin email", + "form": true + }, + "wordpressBlogName": { + "type": "string", + "title": "Blog Name", + "form": true + }, + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + }, + "mariadb": { + "type": "object", + "title": "MariaDB Details", + "form": true, + "properties": { + "enabled": { + "type": "boolean", + "title": "Use a new MariaDB database hosted in the cluster", + "form": true, + "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" + }, + "primary": { + "type": "object", + "properties": { + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Volume Size", + "form": true, + "hidden": { + "value": false, + "path": "mariadb/primary/persistence/enabled" + }, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + } + } + } + } + }, + + + + + + + + + + + "resources": { + "description": "Your service will have at least the requested resources and never more than its limits. No limit for a resource and you can consume everything left on the host machine.", + "type": "object", + "properties": { + "requests": { + "description": "Guaranteed resources", + "type": "object", + "properties": { + "cpu": { + "description": "The amount of cpu guaranteed", + "title": "CPU", + "type": "string", + "default": "100m", + "render": "slider", + "sliderMin": 50, + "sliderMax": 40000, + "sliderStep": 50, + "sliderUnit": "m", + "sliderExtremity": "down", + "sliderExtremitySemantic": "guaranteed", + "sliderRangeId": "cpu", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.cpuRequest", + "useRegionSliderConfig": "cpu" + } + }, + "memory": { + "description": "The amount of memory guaranteed", + "title": "memory", + "type": "string", + "default": "2Gi", + "render": "slider", + "sliderMin": 1, + "sliderMax": 200, + "sliderStep": 1, + "sliderUnit": "Gi", + "sliderExtremity": "down", + "sliderExtremitySemantic": "guaranteed", + "sliderRangeId": "memory", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.memoryRequest", + "useRegionSliderConfig": "memory" + } + } + } + }, + "limits": { + "description": "max resources", + "type": "object", + "properties": { + "cpu": { + "description": "The maximum amount of cpu", + "title": "CPU", + "type": "string", + "default": "30000m", + "render": "slider", + "sliderMin": 50, + "sliderMax": 40000, + "sliderStep": 50, + "sliderUnit": "m", + "sliderExtremity": "up", + "sliderExtremitySemantic": "Maximum", + "sliderRangeId": "cpu", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.cpuLimit", + "useRegionSliderConfig": "cpu" + } + }, + "memory": { + "description": "The maximum amount of memory", + "title": "Memory", + "type": "string", + "default": "50Gi", + "render": "slider", + "sliderMin": 1, + "sliderMax": 200, + "sliderStep": 1, + "sliderUnit": "Gi", + "sliderExtremity": "up", + "sliderExtremitySemantic": "Maximum", + "sliderRangeId": "memory", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.memoryLimit", + "useRegionSliderConfig": "memory" + } + } + } + } + } + }, + "discovery": { + "description": "configure your service to autodetect some ressources.", + "type": "object", + "properties": { + "hive": { + "type": "boolean", + "title": "Enable hive metastore discovery", + "description": "discover your hive metastore service", + "default": true + }, + "mlflow": { + "type": "boolean", + "title": "Enable mlflow discovery", + "description": "discover your mlflow service", + "default": true + }, + "metaflow": { + "type": "boolean", + "title": "Enable metaflow discovery", + "description": "discover your metaflow service", + "default": true + } + } + }, + "service": { + "description": "spark-history specific configuration", + "type": "object", + "properties": { + "image": { + "description": "image docker", + "type": "object", + "properties": { + "pullPolicy": { + "type": "string", + "description": "option when pulling the docker image", + "default": "IfNotPresent", + "enum": [ + "IfNotPresent", + "Always", + "Never" + ] + }, + "version": { + "description": "vscode supported version", + "type": "string", + "default": "inseefrlab/onyxia-vscode-python:py3.11.6", + "listEnum": [ + "inseefrlab/onyxia-vscode-python:py3.11.6", + "inseefrlab/onyxia-vscode-python:py3.10.13" + ], + "render": "list", + "hidden": { + "value": true, + "path": "service/image/custom/enabled" + } + }, + "custom": { + "description": "use a custom vscode docker image", + "type": "object", + "properties": { + "enabled": { + "title": "custom image", + "type": "boolean", + "description": "use a custom vscode docker images", + "default": false + }, + "version": { + "description": "vscode unsupported version", + "type": "string", + "default": "inseefrlab/onyxia-vscode-python:py3.11.6", + "hidden": { + "value": false, + "path": "service/image/custom/enabled" + } + } + } + } + } + } + } + }, + "persistence": { + "description": "Configuration for persistence", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create a persistent volume", + "default": true + }, + "size": { + "type": "string", + "title": "Persistent volume size", + "description": "Size of the persistent volume", + "default": "10Gi", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderStep": 1, + "sliderUnit": "Gi", + "x-onyxia": { + "overwriteDefaultWith": "region.resources.disk", + "useRegionSliderConfig": "disk" + }, + "hidden": { + "value": false, + "path": "persistence/enabled" + } + } + } + }, + "security": { + "description": "security specific configuration", + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password", + "default": "changeme", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{project.password}}" + } + }, + "allowlist": { + "type": "object", + "description": "IP protection", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable IP protection", + "description": "Only the configured set of IPs will be able to reach the service", + "default": true, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultIpProtection" + } + }, + "ip": { + "type": "string", + "description": "the white list of IP is whitespace", + "title": "Whitelist of IP", + "x-onyxia": { + "overwriteDefaultWith": "{{user.ip}}" + } + } + } + }, + "networkPolicy": { + "type": "object", + "description": "Define access policy to the service", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable network policy", + "description": "Only pod from the same namespace will be allowed", + "default": true, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultNetworkPolicy" + } + }, + "from": { + "type": "array", + "description": "Array of source allowed to have network access to your service", + "default": [], + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.from" + } + } + } + } + } + }, + "kubernetes": { + "description": "configuration of your kubernetes access", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "allow your service to access your namespace ressources", + "default": true + }, + "role": { + "type": "string", + "description": "bind your service account to this kubernetes default role", + "default": "view", + "hidden": { + "value": false, + "path": "kubernetes/enabled" + }, + "enum": [ + "view", + "edit", + "admin" + ] + } + } + }, + "git": { + "description": "Git user configuration", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add git config inside your environment", + "default": true + }, + "name": { + "type": "string", + "description": "user name for git", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.name}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "email": { + "type": "string", + "description": "user email for git", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.email}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "cache": { + "type": "string", + "description": "duration in seconds of the credentials cache duration", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.credentials_cache_duration}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "token": { + "type": "string", + "description": "personal access token", + "default": "", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{git.token}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "repository": { + "type": "string", + "description": "projet", + "default": "", + "x-onyxia": { + "overwriteDefaultWith": "{{git.project}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "branch": { + "type": "string", + "description": "Branch automatically checked out", + "default": "", + "hidden": { + "value": "", + "path": "git/repository" + } + } + } + }, + "vault": { + "description": "Configuration of vault client", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add vault temporary identity inside your environment", + "default": true + }, + "token": { + "description": "token vault", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "url": { + "description": "url of vault server", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_ADDR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "mount": { + "description": "mount of the v2 secret engine", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_MOUNT}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "directory": { + "description": "top level directory", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOP_DIR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "secret": { + "description": "the path of the secret to convert into a list of environment variables", + "type": "string", + "default": "", + "hidden": { + "value": false, + "path": "vault/enabled" + } + } + } + }, + "s3": { + "description": "Configuration of temporary identity", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add S3 temporary identity inside your environment", + "default": true + }, + "accessKeyId": { + "description": "AWS Access Key", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "s3.AWS_ACCESS_KEY_ID" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "endpoint": { + "description": "AWS S3 Endpoint", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_S3_ENDPOINT}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "defaultRegion": { + "description": "AWS S3 default region", + "type": "string", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_DEFAULT_REGION}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "secretAccessKey": { + "description": "AWS S3 secret access key", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SECRET_ACCESS_KEY}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "sessionToken": { + "description": "AWS S3 session Token", + "type": "string", + "render": "password", + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SESSION_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + } + } + }, + "ingress": { + "type": "object", + "form": true, + "title": "Ingress Details", + "properties": { + "enabled": { + "description": "Enable Ingress", + "type": "boolean", + "default": true, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.ingress" + } + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-0.{{k8s.domain}}" + } + }, + "userHostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-user.{{k8s.domain}}" + } + }, + "ingressClassName": { + "type": "string", + "form": true, + "title": "ingressClassName", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.ingressClassName}}" + } + }, + "useCertManager": { + "type": "boolean", + "description": "Whether CertManager should be used to generate a certificate", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.useCertManager" + } + }, + "certManagerClusterIssuer":{ + "type": "string", + "description": "certManager cluster issuer", + "title": "CertManager Cluster Issuer", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.certManagerClusterIssuer" + } + } + } + }, + "route": { + "type": "object", + "form": true, + "title": "Route details", + "properties": { + "enabled": { + "description": "Enable route", + "type": "boolean", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "k8s.route" + } + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-0.{{k8s.domain}}" + } + }, + "userHostname": { + "type": "string", + "form": true, + "title": "Hostname", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}-user.{{k8s.domain}}" + } + } + } + }, + "networking": { + "type": "object", + "form": true, + "title": "Networking detail", + "properties": { + "user": { + "type": "object", + "description": "user defined port", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable a custom service port", + "description": "Enable a custom service port", + "default": false + }, + "port": { + "type": "integer", + "description": "port of the custom service", + "title": "Custom service port", + "hidden": { + "value": false, + "path": "networking/user/enabled" + }, + "default": 5000 + } + } + } + } + }, + "init": { + "description": "Init parameters", + "type": "object", + "properties": { + "regionInit": { + "type": "string", + "description": "region initialization script", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.initScriptUrl}}" + } + }, + "regionInitCheckSum": { + "type": "string", + "description": "region initialization script", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.initScriptCheckSum}}" + } + }, + "personalInit": { + "type": "string", + "description": "user initialization script", + "default": "" + }, + "personalInitArgs": { + "type": "string", + "description": "args for user initialization script", + "default": "" + } + } + }, + "repository": { + "description": "python repositories for pip and conda", + "type": "object", + "properties": { + "pipRepository": { + "type": "string", + "description": "python repository for pip", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{packageRepositoryInjection.pypiProxyUrl}}" + } + }, + "condaRepository": { + "type": "string", + "description": "python repository for pip", + "default": "", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{packageRepositoryInjection.condaProxyUrl}}" + } + } + } + }, + "startupProbe": { + "type": "object", + "description": "Start up probe", + "default": {}, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.startupProbe" + } + }, + "tolerations": { + "type": "array", + "description": "Array of tolerations", + "default": [], + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.tolerations" + } + }, + "nodeSelector": { + "type": "object", + "description": "NodeSelector", + "default": {}, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "region.nodeSelector" + } + }, + "userPreferences": { + "description": "User Preferences", + "type": "object", + "properties": { + "darkMode": { + "type": "boolean", + "description": "dark mode is or is not enabled", + "default": false, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "user.darkMode" + } + }, + "language": { + "type": "string", + "description": "Preferred language", + "default": "en", + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "user.lang" + } + } + } + }, + "global": { + "description": "Suspend", + "type": "object", + "properties": { + "suspend": { + "type": "boolean", + "description": "Suspend this service", + "default": false, + "x-onyxia": { + "hidden": true + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/wordpress+valuesjson de VScode/values.yaml b/charts/wordpress+valuesjson de VScode/values.yaml new file mode 100644 index 0000000..eaf34f9 --- /dev/null +++ b/charts/wordpress+valuesjson de VScode/values.yaml @@ -0,0 +1,1264 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + ## Compatibility adaptations for Kubernetes platforms + ## + compatibility: + ## Compatibility adaptations for Openshift + ## + openshift: + ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) + ## + adaptSecurityContext: disabled +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: "" +## @param commonLabels Labels to add to all deployed resources +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed resources +## +commonAnnotations: {} +## @param clusterDomain Kubernetes Cluster Domain +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] +## Enable diagnostic mode in the deployment +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the deployment + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the deployment + ## + args: + - infinity +## @section WordPress Image parameters +## + +## Bitnami WordPress image +## ref: https://hub.docker.com/r/bitnami/wordpress/tags/ +## @param image.registry [default: REGISTRY_NAME] WordPress image registry +## @param image.repository [default: REPOSITORY_NAME/wordpress] WordPress image repository +## @skip image.tag WordPress image tag (immutable tags are recommended) +## @param image.digest WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag +## @param image.pullPolicy WordPress image pull policy +## @param image.pullSecrets WordPress image pull secrets +## @param image.debug Specify if debug values should be set +## +image: + registry: docker.io + repository: bitnami/wordpress + tag: 6.4.3-debian-12-r20 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Enable debug mode + ## + debug: false +## @section WordPress Configuration parameters +## WordPress settings based on environment variables +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#environment-variables +## + +## @param wordpressUsername WordPress username +## +wordpressUsername: user +## @param wordpressPassword WordPress user password +## Defaults to a random 10-character alphanumeric string if not set +## +wordpressPassword: "" +## @param existingSecret Name of existing secret containing WordPress credentials +## NOTE: Must contain key `wordpress-password` +## NOTE: When it's set, the `wordpressPassword` parameter is ignored +## +existingSecret: "" +## @param wordpressEmail WordPress user email +## +wordpressEmail: user@example.com +## @param wordpressFirstName WordPress user first name +## +wordpressFirstName: FirstName +## @param wordpressLastName WordPress user last name +## +wordpressLastName: LastName +## @param wordpressBlogName Blog name +## +wordpressBlogName: User's Blog! +## @param wordpressTablePrefix Prefix to use for WordPress database tables +## +wordpressTablePrefix: wp_ +## @param wordpressScheme Scheme to use to generate WordPress URLs +## +wordpressScheme: http +## @param wordpressSkipInstall Skip wizard installation +## NOTE: useful if you use an external database that already contains WordPress data +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#connect-wordpress-docker-container-to-an-existing-database +## +wordpressSkipInstall: false +## @param wordpressExtraConfigContent Add extra content to the default wp-config.php file +## e.g: +## wordpressExtraConfigContent: | +## @ini_set( 'post_max_size', '128M'); +## @ini_set( 'memory_limit', '256M' ); +## +wordpressExtraConfigContent: "" +## @param wordpressConfiguration The content for your custom wp-config.php file (advanced feature) +## NOTE: This will override configuring WordPress based on environment variables (including those set by the chart) +## NOTE: Currently only supported when `wordpressSkipInstall=true` +## +wordpressConfiguration: "" +## @param existingWordPressConfigurationSecret The name of an existing secret with your custom wp-config.php file (advanced feature) +## NOTE: When it's set the `wordpressConfiguration` parameter is ignored +## +existingWordPressConfigurationSecret: "" +## @param wordpressConfigureCache Enable W3 Total Cache plugin and configure cache settings +## NOTE: useful if you deploy Memcached for caching database queries or you use an external cache server +## +wordpressConfigureCache: false +## @param wordpressPlugins Array of plugins to install and activate. Can be specified as `all` or `none`. +## NOTE: If set to all, only plugins that are already installed will be activated, and if set to none, no plugins will be activated +## +wordpressPlugins: none +## @param apacheConfiguration The content for your custom httpd.conf file (advanced feature) +## +apacheConfiguration: "" +## @param existingApacheConfigurationConfigMap The name of an existing secret with your custom httpd.conf file (advanced feature) +## NOTE: When it's set the `apacheConfiguration` parameter is ignored +## +existingApacheConfigurationConfigMap: "" +## @param customPostInitScripts Custom post-init.d user scripts +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress +## NOTE: supported formats are `.sh`, `.sql` or `.php` +## NOTE: scripts are exclusively executed during the 1st boot of the container +## e.g: +## customPostInitScripts: +## enable-multisite.sh: | +## #!/bin/bash +## chmod +w /bitnami/wordpress/wp-config.php +## wp core multisite-install --url=example.com --title="Welcome to the WordPress Multisite" --admin_user="doesntmatternotreallyused" --admin_password="doesntmatternotreallyused" --admin_email="user@example.com" +## cat /docker-entrypoint-init.d/.htaccess > /bitnami/wordpress/.htaccess +## chmod -w bitnami/wordpress/wp-config.php +## .htaccess: | +## RewriteEngine On +## RewriteBase / +## ... +## +customPostInitScripts: {} +## SMTP mail delivery configuration +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress/#smtp-configuration +## @param smtpHost SMTP server host +## @param smtpPort SMTP server port +## @param smtpUser SMTP username +## @param smtpPassword SMTP user password +## @param smtpProtocol SMTP protocol +## +smtpHost: "" +smtpPort: "" +smtpUser: "" +smtpPassword: "" +smtpProtocol: "" +## @param smtpExistingSecret The name of an existing secret with SMTP credentials +## NOTE: Must contain key `smtp-password` +## NOTE: When it's set, the `smtpPassword` parameter is ignored +## +smtpExistingSecret: "" +## @param allowEmptyPassword Allow the container to be started with blank passwords +## +allowEmptyPassword: true +## @param allowOverrideNone Configure Apache to prohibit overriding directives with htaccess files +## +allowOverrideNone: false +## @param overrideDatabaseSettings Allow overriding the database settings persisted in wp-config.php +## +overrideDatabaseSettings: false +## @param htaccessPersistenceEnabled Persist custom changes on htaccess files +## If `allowOverrideNone` is `false`, it will persist `/opt/bitnami/wordpress/wordpress-htaccess.conf` +## If `allowOverrideNone` is `true`, it will persist `/opt/bitnami/wordpress/.htaccess` +## +htaccessPersistenceEnabled: false +## @param customHTAccessCM The name of an existing ConfigMap with custom htaccess rules +## NOTE: Must contain key `wordpress-htaccess.conf` with the file content +## NOTE: Requires setting `allowOverrideNone=false` +## +customHTAccessCM: "" +## @param command Override default container command (useful when using custom images) +## +command: [] +## @param args Override default container args (useful when using custom images) +## +args: [] +## @param extraEnvVars Array with extra environment variables to add to the WordPress container +## e.g: +## extraEnvVars: +## - name: FOO +## value: "bar" +## +extraEnvVars: [] +## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars +## +extraEnvVarsCM: "" +## @param extraEnvVarsSecret Name of existing Secret containing extra env vars +## +extraEnvVarsSecret: "" +## @section WordPress Multisite Configuration parameters +## ref: https://github.com/bitnami/containers/tree/main/bitnami/wordpress#multisite-configuration +## + +## @param multisite.enable Whether to enable WordPress Multisite configuration. +## @param multisite.host WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode. +## @param multisite.networkType WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`. +## @param multisite.enableNipIoRedirect Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type. +## +multisite: + enable: false + host: "" + networkType: subdomain + enableNipIoRedirect: false +## @section WordPress deployment parameters +## + +## @param replicaCount Number of WordPress replicas to deploy +## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1 +## +replicaCount: 1 +## @param updateStrategy.type WordPress deployment strategy type +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on multiple pods +## e.g: +## updateStrategy: +## type: RollingUpdate +## rollingUpdate: +## maxSurge: 25% +## maxUnavailable: 25% +## +updateStrategy: + type: RollingUpdate +## @param schedulerName Alternate scheduler +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +schedulerName: "" +## @param terminationGracePeriodSeconds In seconds, time given to the WordPress pod to terminate gracefully +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +## +terminationGracePeriodSeconds: "" +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods +## +topologySpreadConstraints: [] +## @param priorityClassName Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand +## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" +## @param automountServiceAccountToken Mount Service Account token in pod +## +automountServiceAccountToken: false +## @param hostAliases [array] WordPress pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: + ## Required for Apache exporter to work + ## + - ip: "127.0.0.1" + hostnames: + - "status.localhost" +## @param extraVolumes Optionally specify extra list of additional volumes for WordPress pods +## +extraVolumes: [] +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for WordPress container(s) +## +extraVolumeMounts: [] +## @param sidecars Add additional sidecar containers to the WordPress pod +## e.g: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] +## @param initContainers Add additional init containers to the WordPress pods +## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ +## e.g: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## command: ['sh', '-c', 'copy themes and plugins from git and push to /bitnami/wordpress/wp-content. Should work with extraVolumeMounts and extraVolumes'] +## +initContainers: [] +## @param podLabels Extra labels for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param podAnnotations Annotations for WordPress pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +nodeAffinityPreset: + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set + ## + key: "" + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] +## @param affinity Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} +## @param nodeSelector Node labels for pod assignment +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +## +nodeSelector: {} +## @param tolerations Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] +## WordPress containers' resource requests and limits +## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). +## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 +## +resourcesPreset: "none" +## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) +## Example: +## resources: +## requests: +## cpu: 2 +## memory: 512Mi +## limits: +## cpu: 3 +## memory: 1024Mi +## +resources: {} +## Container ports +## @param containerPorts.http WordPress HTTP container port +## @param containerPorts.https WordPress HTTPS container port +## +containerPorts: + http: 8080 + https: 8443 +## @param extraContainerPorts Optionally specify extra list of additional ports for WordPress container(s) +## e.g: +## extraContainerPorts: +## - name: myservice +## containerPort: 9090 +## +extraContainerPorts: [] +## Configure Pods Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## @param podSecurityContext.enabled Enabled WordPress pods' Security Context +## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy +## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface +## @param podSecurityContext.supplementalGroups Set filesystem extra groups +## @param podSecurityContext.fsGroup Set WordPress pod's Security Context fsGroup +## +podSecurityContext: + enabled: true + fsGroupChangePolicy: Always + sysctls: [] + supplementalGroups: [] + fsGroup: 1001 +## Configure Container Security Context (only main container) +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## @param containerSecurityContext.enabled Enabled containers' Security Context +## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container +## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser +## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot +## @param containerSecurityContext.privileged Set container's Security Context privileged +## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem +## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation +## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped +## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile +## +containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" +## Configure extra options for WordPress containers' liveness, readiness and startup probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe on WordPress containers +## @skip livenessProbe.httpGet +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe +## +livenessProbe: + enabled: true + httpGet: + path: /wp-admin/install.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param readinessProbe.enabled Enable readinessProbe on WordPress containers +## @skip readinessProbe.httpGet +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## +readinessProbe: + enabled: true + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param startupProbe.enabled Enable startupProbe on WordPress containers +## @skip startupProbe.httpGet +## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe +## @param startupProbe.periodSeconds Period seconds for startupProbe +## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe +## @param startupProbe.failureThreshold Failure threshold for startupProbe +## @param startupProbe.successThreshold Success threshold for startupProbe +## +startupProbe: + enabled: false + httpGet: + path: /wp-login.php + port: '{{ .Values.wordpressScheme }}' + scheme: '{{ .Values.wordpressScheme | upper }}' + ## If using an HTTPS-terminating load-balancer, the probes may need to behave + ## like the balancer to prevent HTTP 302 responses. According to the Kubernetes + ## docs, 302 should be considered "successful", but this issue on GitHub + ## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't. + ## E.g. + ## httpHeaders: + ## - name: X-Forwarded-Proto + ## value: https + ## + httpHeaders: [] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## @param customLivenessProbe Custom livenessProbe that overrides the default one +## +customLivenessProbe: {} +## @param customReadinessProbe Custom readinessProbe that overrides the default one +## +customReadinessProbe: {} +## @param customStartupProbe Custom startupProbe that overrides the default one +## +customStartupProbe: {} +## @param lifecycleHooks for the WordPress container(s) to automate configuration before or after startup +## +lifecycleHooks: {} +## @section Traffic Exposure Parameters +## + +## WordPress service parameters +## +service: + ## @param service.type WordPress service type + ## + type: LoadBalancer + ## @param service.ports.http WordPress service HTTP port + ## @param service.ports.https WordPress service HTTPS port + ## + ports: + http: 80 + https: 443 + ## @param service.httpsTargetPort Target port for HTTPS + ## + httpsTargetPort: https + ## Node ports to expose + ## @param service.nodePorts.http Node port for HTTP + ## @param service.nodePorts.https Node port for HTTPS + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + http: "" + https: "" + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ + ## + sessionAffinity: None + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## @param service.clusterIP WordPress service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param service.loadBalancerIP WordPress service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges WordPress service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy WordPress service external traffic policy + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Additional custom annotations for WordPress service + ## + annotations: {} + ## @param service.extraPorts Extra port to expose on WordPress service + ## + extraPorts: [] +## Configure the ingress resource that allows you to access the WordPress installation +## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ +## +ingress: + enabled: true + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: mywordpress.lab.groupe-genes.fr + paths: + - path: / + pathType: ImplementationSpecific + ## @param ingress.enabled Enable ingress record generation for WordPress + ## + ## enabled: false + ## @param ingress.pathType Ingress path type + ## + ## pathType: ImplementationSpecific + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references. + ## + ## hostname: wordpress.local + ## @param ingress.path Default path for the ingress record + ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers + ## + ## path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + ## annotations: {} + ## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true` + ## + tls: false + ## @param ingress.tlsWwwPrefix Adds www subdomain to default cert + ## Creates tls host with ingress.hostname: {{ print "www.%s" .Values.ingress.hostname }} + ## Is enabled if "nginx.ingress.kubernetes.io/from-to-www-redirect" is "true" + tlsWwwPrefix: false + ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references. + ## e.g: + ## extraHosts: + ## - name: wordpress.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host + ## e.g: + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - wordpress.local + ## secretName: wordpress.local-tls + ## + extraTls: [] + ## @param ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: wordpress.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: wordpress.local + ## http: + ## path: / + ## backend: + ## service: + ## name: wordpress-svc + ## port: + ## name: http + ## + extraRules: [] +## @section Persistence Parameters +## + +## Persistence Parameters +## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ +## +persistence: + ## @param persistence.enabled Enable persistence using Persistent Volume Claims + ## + enabled: true + ## @param persistence.storageClass Persistent Volume storage class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner + ## + storageClass: "" + ## @param persistence.accessModes [array] Persistent Volume access modes + ## + accessModes: + - ReadWriteOnce + ## @param persistence.accessMode Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) + ## + accessMode: ReadWriteOnce + ## @param persistence.size Persistent Volume size + ## + size: 10Gi + ## @param persistence.dataSource Custom PVC data source + ## + dataSource: {} + ## @param persistence.existingClaim The name of an existing PVC to use for persistence + ## + existingClaim: "" + ## @param persistence.selector Selector to match an existing Persistent Volume for WordPress data PVC + ## If set, the PVC can't have a PV dynamically provisioned for it + ## E.g. + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param persistence.annotations Persistent Volume Claim annotations + ## + annotations: {} +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` + ## + enabled: false + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy + ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets + ## + image: + registry: docker.io + repository: bitnami/os-shell + tag: 12-debian-12-r16 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Init container' Security Context + ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser + ## and not the below volumePermissions.containerSecurityContext.runAsUser + ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## + containerSecurityContext: + seLinuxOptions: null + runAsUser: 0 +## @section Other Parameters +## + +## WordPress Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for WordPress pod + ## + create: true + ## @param serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + ## + name: "" + ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: false + ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount + ## + annotations: {} +## WordPress Pod Disruption Budget configuration +## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +## @param pdb.create Enable a Pod Disruption Budget creation +## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled +## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable +## +pdb: + create: false + minAvailable: 1 + maxUnavailable: "" +## WordPress Autoscaling configuration +## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +## @param autoscaling.enabled Enable Horizontal POD autoscaling for WordPress +## @param autoscaling.minReplicas Minimum number of WordPress replicas +## @param autoscaling.maxReplicas Maximum number of WordPress replicas +## @param autoscaling.targetCPU Target CPU utilization percentage +## @param autoscaling.targetMemory Target Memory utilization percentage +## +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 11 + targetCPU: 50 + targetMemory: 50 +## @section Metrics Parameters +## + +## Prometheus Exporter / Metrics configuration +## +metrics: + ## @param metrics.enabled Start a sidecar prometheus exporter to expose metrics + ## + enabled: false + ## Bitnami Apache exporter image + ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository + ## @skip metrics.image.tag Apache exporter image tag (immutable tags are recommended) + ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param metrics.image.pullPolicy Apache exporter image pull policy + ## @param metrics.image.pullSecrets Apache exporter image pull secrets + ## + image: + registry: docker.io + repository: bitnami/apache-exporter + tag: 1.0.6-debian-12-r8 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param metrics.containerPorts.metrics Prometheus exporter container port + ## + containerPorts: + metrics: 9117 + ## Configure extra options for Prometheus exporter containers' liveness, readiness and startup probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + ## @param metrics.livenessProbe.enabled Enable livenessProbe on Prometheus exporter containers + ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.readinessProbe.enabled Enable readinessProbe on Prometheus exporter containers + ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + ## @param metrics.startupProbe.enabled Enable startupProbe on Prometheus exporter containers + ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe + ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + ## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param metrics.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## Prometheus exporter container's resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "none" + ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Configure Container Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context + ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot + ## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged + ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem + ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation + ## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped + ## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: null + runAsUser: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + ## Prometheus exporter service parameters + ## + service: + ## @param metrics.service.ports.metrics Prometheus metrics service port + ## + ports: + metrics: 9150 + ## @param metrics.service.annotations [object] Additional custom annotations for Metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.containerPorts.metrics }}" + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator + ## + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + scrapeTimeout: "" + ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus + ## + labels: {} + ## @param metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration + ## + selector: {} + ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping + ## + relabelings: [] + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion + ## + metricRelabelings: [] + ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. + ## + jobLabel: "" +## @section NetworkPolicy parameters +## + +## Add networkpolicies +## +networkPolicy: + ## @param networkPolicy.enabled Enable network policies + ## If ingress.enabled or metrics.enabled are true, configure networkPolicy.ingress and networkPolicy.metrics selectors respectively to allow communication + ## + enabled: false + ## @param networkPolicy.metrics.enabled Enable network policy for metrics (prometheus) + ## @param networkPolicy.metrics.namespaceSelector [object] Monitoring namespace selector labels. These labels will be used to identify the prometheus' namespace. + ## @param networkPolicy.metrics.podSelector [object] Monitoring pod selector labels. These labels will be used to identify the Prometheus pods. + ## + metrics: + enabled: false + ## e.g: + ## podSelector: + ## label: monitoring + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: monitoring + ## + namespaceSelector: {} + ## @param networkPolicy.ingress.enabled Enable network policy for Ingress Proxies + ## @param networkPolicy.ingress.namespaceSelector [object] Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace. + ## @param networkPolicy.ingress.podSelector [object] Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods. + ## + ingress: + enabled: false + ## e.g: + ## podSelector: + ## label: ingress + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: ingress + ## + namespaceSelector: {} + ## @param networkPolicy.ingressRules.backendOnlyAccessibleByFrontend Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods. + ## @param networkPolicy.ingressRules.customBackendSelector [object] Backend selector labels. These labels will be used to identify the backend pods. + ## @param networkPolicy.ingressRules.accessOnlyFrom.enabled Enable ingress rule that makes testlink only accessible from a particular origin + ## @param networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access testlink. This label will be used to identified the allowed namespace(s). + ## @param networkPolicy.ingressRules.accessOnlyFrom.podSelector [object] Pods selector label that is allowed to access testlink. This label will be used to identified the allowed pod(s). + ## @param networkPolicy.ingressRules.customRules [object] Custom network policy ingress rule + ## + ingressRules: + ## mariadb backend only can be accessed from testlink + ## + backendOnlyAccessibleByFrontend: false + ## Additional custom backend selector + ## e.g: + ## customBackendSelector: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customBackendSelector: {} + ## Allow only from the indicated: + ## + accessOnlyFrom: + enabled: false + ## e.g: + ## podSelector: + ## label: access + ## + podSelector: {} + ## e.g: + ## namespaceSelector: + ## label: access + ## + namespaceSelector: {} + ## custom ingress rules + ## e.g: + ## customRules: + ## - from: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} + ## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). + ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule + ## + egressRules: + # Deny connections to external. This is not compatible with an external database. + denyConnectionsToExternal: false + ## Additional custom egress rules + ## e.g: + ## customRules: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: {} +## @section Database Parameters +## + +## MariaDB chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml +## +mariadb: + ## @param mariadb.enabled Deploy a MariaDB server to satisfy the applications database requirements + ## To use an external database set this to false and configure the `externalDatabase.*` parameters + ## + enabled: true + ## @param mariadb.architecture MariaDB architecture. Allowed values: `standalone` or `replication` + ## + architecture: standalone + ## MariaDB Authentication parameters + ## @param mariadb.auth.rootPassword MariaDB root password + ## @param mariadb.auth.database MariaDB custom database + ## @param mariadb.auth.username MariaDB custom user name + ## @param mariadb.auth.password MariaDB custom user password + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run + ## https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run + ## + auth: + rootPassword: "" + database: bitnami_wordpress + username: bn_wordpress + password: "" + ## MariaDB Primary configuration + ## + primary: + ## MariaDB Primary Persistence parameters + ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ + ## @param mariadb.primary.persistence.enabled Enable persistence on MariaDB using PVC(s) + ## @param mariadb.primary.persistence.storageClass Persistent Volume storage class + ## @param mariadb.primary.persistence.accessModes [array] Persistent Volume access modes + ## @param mariadb.primary.persistence.size Persistent Volume size + ## + persistence: + enabled: true + storageClass: "" + accessModes: + - ReadWriteOnce + size: 8Gi +## External Database Configuration +## All of these values are only used if `mariadb.enabled=false` +## +externalDatabase: + ## @param externalDatabase.host External Database server host + ## + host: localhost + ## @param externalDatabase.port External Database server port + ## + port: 3306 + ## @param externalDatabase.user External Database username + ## + user: bn_wordpress + ## @param externalDatabase.password External Database user password + ## + password: "" + ## @param externalDatabase.database External Database database name + ## + database: bitnami_wordpress + ## @param externalDatabase.existingSecret The name of an existing secret with database credentials. Evaluated as a template + ## NOTE: Must contain key `mariadb-password` + ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored + ## + existingSecret: "" +## Memcached chart configuration +## ref: https://github.com/bitnami/charts/blob/main/bitnami/memcached/values.yaml +## +memcached: + ## @param memcached.enabled Deploy a Memcached server for caching database queries + ## + enabled: false + ## Authentication parameters + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/memcached#creating-the-memcached-admin-user + ## + auth: + ## @param memcached.auth.enabled Enable Memcached authentication + ## + enabled: false + ## @param memcached.auth.username Memcached admin user + ## + username: "" + ## @param memcached.auth.password Memcached admin password + ## + password: "" + ## @param memcached.auth.existingPasswordSecret Existing secret with Memcached credentials (must contain a value for `memcached-password` key) + ## + existingPasswordSecret: "" + ## Service parameters + ## + service: + ## @param memcached.service.port Memcached service port + ## + port: 11211 +## External Memcached Configuration +## All of these values are only used if `memcached.enabled=false` +## +externalCache: + ## @param externalCache.host External cache server host + ## + host: localhost + ## @param externalCache.port External cache server port + ## + port: 11211 diff --git a/charts/wordpress+valuesjson de VScode/wordpress+valuesjson-VScode-2.1.tgz b/charts/wordpress+valuesjson de VScode/wordpress+valuesjson-VScode-2.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..2b6d48de77f6014ad536cf95780ae2fab0bd5b0f GIT binary patch literal 149897 zcmV)2K+L}%iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PMa0ciT3yIJ&<+pOgOqAEoTYQ*N-kX9L@PQG%8;_%d*L!NH5}v+lkPa<9JyK#W6_ zFhPt1)t|j?e+#DgJ)#VgWB{)BwqTm(KP8l{2&E{AP!eLq23r9LNfKc$3(V0x6o8^G zO5iv~(H77+=Wn(EpeQ8_b2%m?#DiXsqA6yaE`r@|r5B-?vZAZk1sb>ATc=@2F^tC5 zX4UfzG`eeARe(b>pOa*LxExL;cLqSe337;elY6qo2(ggjRQ2;`LZhJ=QGglXGbDH+ zj-D_uCyaxXq*)9p7{_Ef#mN-FBob8ODB)lZ6F5b4l<+M8(irjyq4O>nk{d)PSqv74 z1BT~mjGh8?jp%|T2uvuM1IDumC7c0Hz%(Xf7=w_|lu$LvK*o@mS6sXwXE=_)7{QF= zNfti^lPn2EF&KjzG-jA1*4>&BLBkp6DI4?*ZMq?uZ{bjM)AObW8AF`)7>D5%D_FaS z=hNa>AYTW2d;QzJ{b$`YnQmR7g?KGl6{cy7Ly7iQAju@yXwJ3*+2mFL(wX@8293qP z`8=CLoN$N}L?sx-0`E_6AVp8XNfLIq0LW-uAU?%>mW?IeW-{ubccyT4joM-)qoJBw zOTqOxMW`pxt4{i@oRK^?&;cfa4?+kLse z`vUg&UhF-8IUaxix989HQMlWG{(SuM#eTT|GK!v!Cu6wxBHRmK?mdTLAH973a(8Qr z5=0?Kkq|Ncy=OsxKj?pdx%*=9{Mq2yUbp|Zz1{s6yMKG}|2?GiX`27)$=x>qjq`u^ z`QGlc=g$0p*?+eCZT>&R=P@`W>4M_vjF;BvM_Z4h?``Lt0Fcfl{J+JK1PuUpJ1aZW2Ri712g?3$uWDAhzDN5K3Pq-Chpi`l{o z%y*uOAqWxJP7#$Yi>k#40T|!F1>1QFBFy9t7;HyGNFHD+6oq$+fimBGBQeNfmF3}~ zR7xCSSC$1=*%)b~0XR33&SFWem#B(XVa47B95KQ3`Xf#Sc{mYGa}48nQHW8cDRrep z=uWaY7T*9zb1_s1Y)heQc5#w;6iM+c+t8EUZq7x;!1SOaUbRL=wd6u`TT?LJ!ZC^& z(0@1qFp_c~#<6C8!8S`-+rYzq>nl#G$q2gazFxkA#2_64cM zcT+%fScKFJRlsh72sT=PN-Qo{vs0&o#UP zBOhc_U(@Oery4Ye(@JsiY#Yz#8J8R@ItU;YV8nghBB^$i6=3?Y9@HDSFk4Ot zyWMVAtHwq%#;h2yr(#`Xh(Gn{$sA6r7^GPo4@r!}MFk7-3Z(L#zn)Puy%m*`$vk~V z<7^5>DGKpKF5~KfTH^tmkxW`ZMK2WhDf|2*xsNyMW4>vB*VkY|{i=Rx+2p6P6 z34fyDmFCV>F7UgU^db_nUPzJf<(8m4(xF5f8(QMY9;Ib>I|i)w=w zq$CRR4);W7R1brc;%mrJV0fXY8$jKuSyR$Aw-9M{_h7AZl1s(%Q&f=8^0mV+Q4e*O zl%nbEaf@OMagLKI17pZg1V{os@B$k`#>5W?7)bSVS;?Mi5Kx#zWDa)wK{$gHhC&;HaXN!Z zHb)ePfGM34Po(Ca%a2N%uDXbBF%!gBV-EyVCXXo7En{-bS6V%J~b9YGGo z+y>m5XFezcaFc%UHZ=-oXpVsXV=Pz%7(24n+PjOlZWF4S5*&W;S2#UM7#FIg_zrIH zuaF9nE}uyOX7Oys&?Jk+Y+H~_q5>1KsSr~?wz@lm9Ke_&7%j|{U=Ce2Db+%fBq-!T zG2xW1P^=~aCjm?XGi3sUs!Oke93>I&PARc5QbPVv9~B=&k=|XI!(&dgdakS+H))_& zx^6m4!34(&v|7R*KW+j(0Kds10Q?V5@CSzYHh7W}#y`yA?FWW`MNgiBC%b#!pFY|7 zf2t+tXin(jLyYHGC?`+$p1(MK0#r$R`g_`~5h>;M?NV;MRHp_1FGxl~m@!V~o?e4( z7+u38L=l)E$TO-;37Ww!tL9##ACzTq^O6a+3v)1^5v`4l7iyC@gOuBiYTIwT03;E* zQI<*E@(ilNE_c@&xJOtnHuTQpA1*`;Jj z@l_rT7zy=DhA2i1D0Zz#GSe2lR;r9=kW~koq{LA6f)&=6R6pRv$XD4#7;>rJcEKS` zrYH%$v6%MKDFV7}hPK!Z>2ujh;$0 za1Kp0^b{l{2Ue-!Dp{)BK-RQrp?tpDiwm(7L|rlFP0ajg%LBJ=z8zGHsvoB?U3tE> z!>@j_dGKyC)0+BFv4cuXhlKHy1oM&fgJR%N;V%}A04JDtBc)U+KdDV_F)RWUf^M2;bm*a8Yx*C-G*_-@HL7T0NtW66W}7X8VHi^iajYI+?;Ua zNS0SuFI5J5tyBiVV4lSsGt5z!&59)#fXDx*Hx@mGY?eO@XLAyPzuo|kp{pd6^BOlP z2nj_XZzV7?AP6!V|6pm{AP6|-G5VqNGm1l^^ghwKV);8YP&yz8U^K_c2Qi*MbRvRS z!sn0+Nk%wDVyB)l6cq){W~5bNxl#C`<8BH%1tlN{J*{q`gwsVzaAKIO*PU?~h63aN z_K_-o?GQG&sTy^>bj<v)e@};UpxnDw^tFioOPIC9({D#V>(~^{%vYw_&>?PrN%W@8{bH zc8Ouzy}TTdw%d3c{U-TdMcnP0JR?1xr+kr*!GU;GmUYsL6amJeQd>pu#xYE;@?p{& z!z#D|5SnbINps3}MiP{pvyk?AmIsQI%u%UZ2 zD5LrxX>Dy}>}0CzR*Q0jWpujSoR(_e1ZkP9NR3BZb?`l?m@ee*4k0?$=T!QUQ4PWw zOr}DkOg#M-s@lg&*FOq|_$b@__!MBS^el}%_}C*U_bo5^CfBqh6_St3+L1e!_RZvy zRqt}@Dd8cTqRE@f16k$pw01rgs+i=MT+Px1q?sY$avNKj8pV;ORMfP>X@R;xzhs!A z+zRWV+Yf4J?8TwzlJERksL}apx7qj?v(yyX);kutz08>OU{D=b2K}Al+!!WNe)MYQ zC!MmUR^Wx`2iksHXFVQOtjEjRam9c2P$5_O znvWMYWKt{C)QT2TJ}M}*W~BG>GsI_VO)^hBeJDZg`T+`!##>pu5Zuy(Q6yeEcsueAqJs@xjy~6yONKO+ zl$!W&u&a=;pAOVRgHx79kfRZ&kfZ6M%ggL#b&TmElHAoP-E>+k=o}LmsdHmW;#f@c z0(S4Q0d947gt)$l^zj0zBi)ZB3qKgXSLUQpUK5l@z@mf7{wg^kjS)zR(lQG%U+%IN z^jz}61&PIsd?!n&7u0@aRs}GJx1)?s(E#i{|FiY*U6On1=C2-YRa&fX&+Hw-8H%zP zQ7OX@Vrc;6sCeFL1k_2k+%XH?hz8m%%R1aPbP96F${XgSLNOqd z!0^GNtw!7{9VID=$#gMFDT2`JC{ghIKGiXyue{oMBE^vUeCG zw4+pRytD4O7q822hL*FKa%s!o3&zNsv9HmK7o|3&$<}m2S@U-H_Mhp6%^>Vh1t*vv z7Cm=pBi=3}jAyH}f@~Ho1lB&NOy)9nnhHy3T}$dElrFaTPuT3qQ}84R#lIm*0h=CsRtPc>pz2ZMp@P@j^h&Sn38(X--c6gW0`{)@L0 z<((~EH8~gxWkx>&seIN2C(39nwDOPUr8Mfvx7Cd&nQ*nooIzu(Zrwqxjf$?JYb-Zl zJ*8dAOIDZP;$j@gH8aGD1Zsa`IDmmr5?H~xFitAJ~G(QHc5-ts>(gkqSDm? z5Gbns7>STO`1gRY_}9TqJaW(~-%qF(P&-&3%F0e~=YcZXh}yvAuG;koU7>}-M+ymP z9+sEfcsOgurfBO5Em}3D9oMba^pjN@w68&GGFYC=Xb%PO*WJpKy#iZ9JI6k3M#JFj z*(BXXW3TX2Guvw`Lq!fe_0N3ei&7-$}?D-WAk#km}!qP?EkY37aQ%;Zsf*^~Tcn>2+XrgaDD zS-9dlT1HL<+6h83Pc!M~uP@M9*8$4*J^fzu#t7L5Ao*JW!;sKO-#H|SxoBwQ)HZa4 zkam2633&?GTsl?FQG~PkQxHQsMNh%4{=28X>}bn#aj>gwg9ZUL-NAP0iFG|ljWH!r zCYfhPS%OaqMF1ztX$ITDed>eSjAJq`+wxUkd&Zi<`l4oxuMjvKz7sNDxuk+^#F#pKcL)J;ja@lZ9V^e1f#xw2 z?nkT928&|H5~kSz?BzdIa|7^vckdMIrwUuA%6_HFZh!BYs$&rsz~U2bvLMh3mqQM1p(OeQlsGY_DM4 zt-GdVuH35~*DdcoW{3xTh64AEwC};d?CT5t*SSUR+=Pvs{mK)6FY3YR>-dM#K|$a9 z6Vq6FCoC98b1;?n^_2^Q=lY)qC|j_Q$4VYt35vyq|AjhlmhlK=DIitk2@KIPpjn#6 zGTs`DCCTe_*Wwb%S6Pu?eaV8U#TH;Gdm?w{JU2l$NNbOKCg7MV4?p zNBSCR#}TJG07mLF2HJBv#@8r8j6Ico!s4qA=maUxQXPn51H!g=Zki1876aW{pjzua zwty7vYZf!rhvJPJOr!J?lw2x`UTdd|E1WvOMCV>3Uf-J7bz>MGp%^ZTqiOjJMB<@2 zrIr*g)vX7bmQK3W+3`AX1UHb38$g%p=Q@z|!SUscA~qv&1b$Qx0MDPS0F7nRldym` zQV*6vd$d)0#xMyHRbJFO*2^3&Yvqz=GW%z#o0?n+*FV!+z&7 zOx-PdTiRvnE9d2{r=*s-f5%DzQgrA5bJMB>tP(L(7P%;^e!4+NA#C4b8Jxe#ku8vQ zgC!x|zBwC|+gOYzC|rawdPB&S5_vTjtG3yWynU5%GKcQH8ttPC2nBG$Q7)g%HqvgS zK*3zQxTJ70!67)lO$n1nD84Hfb~rQTXzSk0(9a!@68+S@2w{Mz%MWEAkhcUzue2EP z1515pZ3d*2HtMLXxh|`zJhE!bS(Tr$6{l>)FE#-3kj>YYe18e)6mfY)TYZ%P~PA3L- zQ_cNVMon;Fc@>)jI3q8d8XBw@PT_hK>V6kbs!PRwzhB!04Nr;_UpMq+jFX{fmYIOZ zCx#VKciJ_G%d5Q zAzY~Y=F7U0hoW8~B&WJa9ayQKJQte6m}F6qQgSWSu3&;Gx`A=rdu&3+2O7+T&{F4v z{AAw^;#t>8+b?dn-&Ozhdwb9PbSzaZf_gd>HNl?rGFJ(RYsi@gh2nZWOzp_96ix0% zPkEarFpUHyC0ho2m3Smmc>t^CW}wD2z-iHcZ*K->Lis5GZ6E1EjOdHvu-0q3G=B0} z$MtZop*MxfvqU+J%LO7|vdY`rN)ttGk8g*}2$D?o)lTiArh^d1LP=kcOlnDH&t_{J zl~9Lwn)4csp7EfUzx=kVuzab>OGW@5gE9&lWH(gFEs`ltZv7>B%mNrn@S;iCguFSF zM+R5dbmxnFZ`h6DxGTLYP%sthcXvV`>B~N1V_IDO5!LlpwRofoshhqhbK~tGqr$0> zW?`8%OkW(UM=_LQD`-Mp3YE0PhXr#8Dbf(s-85s611Gux@xakEA3t8R4@C}0@T1H- zVH!CYo|x6N;6 zX>XK@sBl^xXc16)9Fu8pufNyt^`G_ndp$fCE0gS`ygDbOrzTbaQykzVC;$Ya2bNOi zQnjA`=1!amTdc1B8U3rw$Xyu)C9i>5e$&(>Fvu7PVeXg$h`j1=qHKuXBZ`s`naJE4 zB?Hk)k!aFE)Xjn%UHQY0Zb_&A2gyoS9u?6JtAOaezdR8fL1?7RJ1WHs)^P+5-oDBq zTi4PnQ%*|~&&={KQ||g?v$9zPy5KSoln^4y#q<@sWHAj3vGNq8F$@uq`v%2$i1I)= zB~!a0!-zkM9ktA2k~>4DCUK4Ft5r=jfK-Sg?>543crxrNMZD$UD;J@RAsS3G9HE|k zA2?3>7S3}sl<%0EI-nRzE4qP8SeqD6>$+eU%2&#a!70j@#K*b(2&^W`QoPUw?Zq%x z|Jp5uY8&Gqq-9AUZFn?KoT7j0+k6%(jXI5Kna9j5T9lGl zBW00xIHm;j4T|R$Foxnu!0=QMyhKK;39CQxWF*U)puV})DQ1oO1drLzH#a%}_(2pg zaC38G#Z8gHMRa&3l$)InC5}u$SF9n&%^j2h`1DDQAn4rO+;sokJb)VZ2{Ve2Sb;lo zM&!lIlSlB6SQu|^ZUPfHrXv=mLRqx?*GPzhgt~WS##9qQ=n!SaPMtN>4pyEjQw*CJ zVcXH3Umgl-5qBf+;lZ0z|jF3kVt6RoRHa&{&x{}+1uRz+K zhD{5+b!_Bpm=u`G7Pv&8q0sB==>zE)a|-D~Z2*)`Sw8R)#Zeyp%TOyzq&hG|%0*d) zr}TDqnC~p)v54-6IOlgbhY zS&=`;(mbDBp~Vw9tDacJpXlJgsop;&V0e70!wi?Ji{W@;&Ix0jAdu-`gAhC^y7xrt zL6eNinVOmOTqhHCwr93y5|IVTo={}M>Xo!3eb5N9L`)AETASq|7egZ(Ex9OmNfMiD z7~`@4Y=Oer`K1R9fUxMr(|XZr)Cm*IMKvz)*?;jIMEU}QXk4}oV@3)Ew^(NdCaO)f zV%trSj58eRFf^EfnOLIbWi<_Yn5)F#;`rd`^td}$D9oMfZ&j9N)kHsD`B<>1WOI4D z_qV`$0ze=>uZ~}zoPmqc0T^DKyg#@+20tDDL%u1Mm4SlYy2ocn%W7J5X=?xQ_~P>9 z$CJZ@%i|T=_SaI2q?^{rC)X~r7?t)_GUn!&kX~lLql12W<(R~_EXkTyMR}f7qFZ^V zsXm_d#achy$H3*afL(``GSXY4^3>E-`B+M_Q}ryr%WV!}t#GUU^Vj+UD-4Uum)lG8 zq`rZUz+<9V6pc8?xYirjjAy;lLaLH97#zkB+i7+yMpA!Er4+?gsQR_Cuohxe@4=py z@&l{2?Z50t|6Nqk84)@`$5*S5bOQ(q{4s?J#R2*}2mW7@P2m}+t%dx)y6=}Wvi>|Y_ub$ziVkwNZceg?fkc~ac>(w9)5 z$ec&Vd#Hnn>UimSA9^MHhwl}(K%y(7lU8v3=vg;xYry#k zjAkf~!C%2Ut}?Xi;9OO$r8a>rVF43BO#a&DjI&27#%t7hOD8E0k1^>WU(+Kk*S>uhOPqRy_I%(MBH zv?2E_$o+Wz`De>Z!V|V6@Xl(Rur)&OG;{7(9*(C0;XFXkk}}O9dn9!pFldkAp4z}Y zEr;t%1oKhaS{}|vb8ZpPN6#KBq)%Z+(LsIk2ToWY{X7rsQ?9u0sc3@xR0wKmf6i3& zgs4!~M#9lRrbepS(eVVshgd&(^?dIpRJ; zYpmIF5pF~Nb8=*PDcA#23|?aZg!+gFrI-i(vhn3y8iSX(y*u%xHyRT_o1g-yVE0N6 z^}0d7U%h_W)s|YVh|6E1XJi7(!LF-;Q7y_!7(Sbf)0o_Y+M7`^UQRn|KiVxef3{iM z90oJl)>8n1ag`|!1B>WFN?6KPS$C4fu`FDKZ#VcSUKbt*_r^%#2g;35l+oLg3ISC? zl4!^4QlGWbqT4rFK9#{oZdk-Jm6E6korIYSBO;Pg=G0B>>3{lOdY4(d%Qk_`n`p3- zLuhqyoA`Vw)hl`#l zZtXcv4ouz&aEcQ=&*mVJ8Af_3q9IDSP|%4UPPx<7XHOK#b5N7*A*z5bCA9#j@U{)` zIb10HI6@#Rs%x`tG#=O!IOhPn8}cewHK&G-(pwDLLBx1F>kzLYt74?Ig%tKVM8O9C%y6DGl6eaJanVBlIeL zBS?JB#NO{$o$M)RgJuw?N+;7$^sjnADhGlFQFBezqE*2%))V=x!F2jlwoye6h{gB(t4s;_QU zDnr(`B0um4G9;BTvdl+*tZHpXRXE06(g0|4<|1dnZL3kY-+f^lj=uk9H+oRJk;5QP z7}>dzwjPP+29vGqs_bi;M$m%4?e4xbT5Us&wZ;Zlh_<$Yak^u?H6N8%i@erMi#9FX zDcag{@TO z;fvVd>;J0Zwbo(ajYiaJ(ZI^FwOYVjBg$3_sB6aCY5{r8$XkUiv=V)*Juk1u%KMvQ z|Mz(c#$yw02bG}>lf|WpT_^@?pd+TL1SiOlga~rJG z(7IU;R_o1%^Bt_z_ z5xf}^JUJ3-vLw{!NvKtkd~yA9mD{=_<5liU!Sy@_Nb@LfL|Y#%OQ&UcESVmk_m{P5 zpIB>g`mYuT+oxrm%ILUp3Dkg_{)pv@g%qZxs5{j%Dwu1>iqE>lX8ZZGXNb;IM4@uX zmzbWC1dE@}*_bm}y412U)5Y=?Pv7iznz}GLv)q=6o(m<^V6CtHR532o)VE7pidSyJ zm+9`+H^(iZg5CbL~#!x)^HFOchNLOHkRVQUq$ zL^a0{md+aziU{i!Y!nbpOQZkFcw$E+%<_muJ(%L|JbH|hNV?IN`)2T5p=%0TV?8i` zRcuk!L+Sk@O9_Qvs`_7`Yb88a=%3CDYKaK_L|s`>jyp1n5+g2?nLD)+X6D-DcwzB= z8N=90T-}cJ=FW{Zn`G#+Bt-eG6%BSN#hnclrwEldP@b`PY(1+87>o4I1)3IJqe!AH zLswp??`q>9rzuR+SZ4BNa^J&DP+KEx%FSD_%(++#4AkQb3y)L#NegUnGDWOPjSAou zkeZQ%P@Q6Zq)$QZXQlWnFpBKC=bsi_HR(eXm%anq#EjCU#vnv9su>rkQTHn`3%o5otiR|!gw#!nj9#nQ4C{VTC24XdB<~h!; z5*>|vg1H2`GE^%xP_0`r`FfeZ1?QQdZbM3Lv3m&b2im}NHnhcN_^t%<32VuFc|1NJ z@0GEX?w*@M&}Bh8M(HM4P{X??{_{d#m-%GOg{}_&AhzZQ^3Vp4WAtkABP9t(Ni`~I z79-<(d!^4JGzhRghZMtTyaQxzR+xhmsvt*<$2hrqQj!8K5LDaLSE`LFujm(dVGx7= zYIv#c3A+7A$-Fj-t4l9Uh6;&vM7tDHj>9a56cCE1I9V5;1|e`(GwpRY4+hM6i4`O9=EsTs8{|=pY9*lg zxZw<(*SV-f>Y%9He?MZjNS1e96kQb^<(;cYhA)Z+jxnsnqPacHw}?12s#!?N!d`(d z-sHA4-)iD(ppKsHnyFn@tRXHjFKc23hmpl_PYR-a0VdE9hniPPWKHP^C5uCnBx*~> zF3GV8jju&MawUF*60Bl@O^H05)*m`O9f(m3eatcQgspS=xhYGWqkPO`^_>3 zttWEIq6SqZ4LCx{LhRg3Z`GXu)!*VQJRw|c!cxfP5~kwHB}LAF2y!@v%(xlXQgFH4 zLF=>Gmy|RXliAz(BTX0o&5u(dN7M`V>WF%p zYc@wHjmZMQ96^TYwT_|;Ic8d$vTiuBoC8dJWf_rNH*={iBp!w-Mc7t%1my+EQqF^q zrkWvV_b(s4$21LLwM-u&4QH66kPG0ZfA+(!S{W=Sl8=nTB!V$X&__Th_^7WpiH=*b zS!^H!P}I?Qn6?fwJ`(hZkbPdMDxQNPl(e^Q>f&qHb#A-s@$`7{67GEtgLbCwv7Krk{o$` zCiwnvo9(OuebtzMZQ-sL_O3P7%|YZW3yBkA5%^sc`~m$6UEB`A2mE39BoG<4?)%qR zuBW*kmoLkQl{NPujRF+Ta2{E{Jx(Xz|Y%M`o2DLDqw zV$m0RPX0K6(Htjo_4h9LK59rc%~{L}g1}OD9FY&y}GB zwNNh|sJ4`_mYs^SQ%@1i(?&niv-sFIZ7oJG<}KKs+jA1CWkj;p$6~;WDRzYxjysMY z1xw0}*78*|-L$>coGDQ6n>GNuyL-F4<%P7Uy!J}!PEPMydMJw2ETrYND{msg(N~|IgvT#VOP9auZ@1c-+%G!nf%-D z_np7bU+(Wc|I_ZX7yXyd_Mh$T?*FO3*WcgW{}bqMy0gAd#yF&Z>fgC7w{yRf&!;T_ zI^U@w?hHUj#?9~bBpc{~Cv@6VUmtg#isF2cB2iWuTGg|Zk`z&n5$g=VCn+L3Id8qw zi&*~30>U`O$y5SS&oPhXi@Z|)YC`C|qqaoy(dVa5J7#fMshzx%ubuo^gjh(ibPpGm zjx29d2q;V1I;KhKbi%_vi>={<`% z8eZ2Z-)*+X-(ViS$|G9g&?8ZW=F8KiS%VT?QJ|Ou`Cm z&t$B!N8L&UVtxqXkqdS6J=KaRN0(v{|hj^q2~CG}gum|u~cuCigR49<6@cNfyn`+pQE zeQ$jDAOd=IZoGqd_L@b^1=~f#KBL%~FYFx$Co)!cgg6R0U}P?K8_aZYeWibfuWL~7U?%;=4MDe z(|eL1d&(cU&i>e}$f>$5I6>OEjq9;yi{@EzR|~TLP@w>Cq_DYHUw3wJ+QVjD>g@69Q%Z^GcJAZ(`E$)USo2%n-Kr4k~5%7o`u;=U$* z*Qd+f&BUT%pQOX0hbw7)INiWrNv1xUVU9qo<9eP90cPr%yeir-NwLpm-PqMHC4q-1YwqS-&IJI!W_ zf9uf^4%+X}QMern4~(v1r|^AeP$k8qKQsh>}s|q@g44 zve>}?wS-frm^ZNKYs}Rhx((@@8{o);C<0S#?uG%J$VeG-@KJJ&DM{w8QLzmNI-b{H zMGnkww#$9+6xSlqxx1P>#VVDwquy?eTc?;W*~eIPLyj}{T7;889*As?}xfp!yjbBA56nv1<5(NslIygGI_(~`x{neH^cp9HJp=Dg}nM>^`nc@UJ9Mw+G-<@54C1i^*l@a19i(X}> zrXWVwCYQOlp5`SI6gZX zo}b*GEMJ9En(fr_aXWJ5wnSCuA&7Q#{G*iU7sszp&hJghT7_;(Fdvv1*^Y8rn(KY^ z)haXdKD1ZEk;jJ@$CuU={yON(7$(VOi`_s@Tv-ELR?QP%jIg88$@$s+?hKX^)w|N_ z2-R)E2>5~oWEem()S>7911L@SXdN3RFPFq7|R6h*0sA@5KXWafE7$X&)Fo_ zIDivRg$Lq3LB(3CtgwJmlJQm%j2f5E3jrk$3A5S7Q(?Hy()kdatg!pGa(-Jm@3eAy z=cabR5+u0m1U<_^=~=pbk_zPS;7cfd10v~A7|B?fU&eDVzZYW%I$i1-w`%43i!`q5 zo`lfQF`RHT_1*P$Pg)7hP5EUc8)$OarZ;WweAV2E$v1Na=k^32)ZX`MAm#IZzh9>0 zO54IlGb1RJQ`sP+;Iyx!023Ax>6c8YA#xTaeD#NfU@6?yUX3!>NA(Xy6w}8xlrf$scVrYPQdgwNQhW~Rv=SI*1)LzAGU@zvH{|@fsm~>) zA_(POKaiKjNa2&>)Wk82;QBK>#p%UHJYyU*7Y4~M#LOuSuiz9FeLG41t*&Qu(?yD9 zHr1B%UQ+l!jYzW7OR3~#YsMkvSvsU-+-m3LUNjWdL6(A40XbyQg_d!hXd%6lX^Q}6fKZdP&}f@q$SfdteR=nm ziq9A()65f%WR+{2azH4GKn|=(pV=|(GCemB0pIO_-#~(sNRaTE>^1;mx4F@F<@U9)(MMaak&4}IToqFiF)&^Lbc@1_ z<7BGoa+Qry$YU@?T$Kre;(n!InhPX(qg!O?|NI#QF@R~>EvK-=3F9yc(GPAljgt0> zlU|lYMFGEo>c(V*#@V!lUKu;_xFu#BgZ~oq2Auy0F5eu3;rY>jgCGE7$YuiQNdgFs zR5}8a9v7L=1S+i=(0c}L3Sb&5q}EZxNeV*%dL-p}_A_0hm&@-SN;q9e54SFx`3u7o zhBMToS<+QF3SI!yKrFvOF*AgdG1`A7G#W~G4~99aWZ363O0ubnnJ^)7Om4(vJvtld zJA#zV<#fP_a)s2#hj}kPeX4M$q;_|b#j!k@0A29;bGMH0U3MMHmzrfY{3CgSAO=Qd z54TF#xxH9-#(4@pf8G)JT$bONe+@Xm$%K3aBmsoa5M|(}@0oe0lAxk+MnI>8zDngM z#}P7rJ0z5MDy<9M zTQ^n=>Dl?w@rU90#pMs*ZQIhcowy=EsCFsjvmZL2x-3PZ>f=BA|B`!Pfyn2MQQleG zdAd`Hb`(X z6p}zl&a6wvwfN&Zh^GDTopXezhBFi&hz&`1u@-vOUL3l!8JC7e3q{}x)`)h zI;y*SFT4G2zq@;P^0pq-O}6QbX%gjYo%#M~Yp)B=QkXy39q8bdJtv(Bv;4pJaJQs6Fvc*KeIqL)e(|+32k?r>1^mz=5B*~ zc?K*it0%dhca0RO&cIa~>X{BNom2HlG|aL3`CHoJ=j_Ww*8Yvz~>qIAK&`t+* zDh+jZ%C-*C;+Hnh-TSAV{rAHR#VMk!%hP!EHk$3fd;9%L{@>l*m;G<{--q~o`qcZ& zqpd@dE-0SPICy`011Wk6PLiJ7>E(E`K%H}!mH&0swx|X_m#{QP{y+AypDs`kfQ?+zvwO9#cnmeq5+}HO} zg{C*fbhqTM3qrWNSesMg{IUAIS|X$kQRDDtIpS`E$ztwYUxm?5!FxxtVWU}l?vfRg1kUe%s5?uk=jd1g}((O53@K{ zRoL<#r*>g`_;W?A%-nu{SVEnhbr=R{$tlPqnIw-fAWT8;r{BJJR8Qy2Xs+ zWSX~BihH7GpEX3~-fiinp|)bV-;@R+bO-Sj&qvv0f^R`5=y=H8 zNPC(|3nVnQ9Oc4fUD{N$Ba&wEno(LZJQBd6HAv+F5=>gLLY0HkY$t@TMExCL6I*t2 zMY@!DQX3P>tf_v@VcOh%bpqVYOE2e8)mo`n>c=TeSLDz}P^~#sb>a8KsJ;PfH%u0@ z&S6^5sjx~}KbtlU!A98hRBTm_UIBB@u(_WR*y@OS0|51>`4@{S?eju@ikJrE-^XGM1wnn)P&)>4v@=_>|gG;XJ*tigD>0ju4r zD+@O)xw$RQ$8g_Kbr@Kj1rC1jpAcGg%1(NgyOry`=c8cv&rCY~)$*0ccG%tVAnKs8 zrkFUCs@b{=XFgQRmrhx*Vcl#TCewr6-M!u2^_Nc7**mVA#nz>@Xk;z-&l=$Jv8#%T zhD_|C@BIvNp%(W%Gw1XU_jk-XFYucRT{`58j>}9bBHApAG&u z5iFb6`VCAVj@z>5d)-T*GzUN?mLv;+4i|EhYEwivoh>oGG&7L9x8EjonI&p9BUH&C zkV70@;q)Y79LB~pp1&FZf4fRB{DWlj1d!8(bYYP;aRAE%k;lMYaH;ME@+_5iQImL4 zWFlA4WTJLw-(wq&xziAjmU{o+^MU&6)*DH*P`HBU|bH5Av#Ln{fq8 zhBe=@uP}~G!-%q}oD0o85ey=zp3xN3m{ zgi3Jsr1G}fz~RM6{BU@1_~y8g!;3K~7hcA0tVoE_tDlBPNIRf zkUZL&BM!v^JrL3@zbJBl9t+Cuk>7t9)Lel04g8W3Zp@t0bEW3)y?WPW93~N@QQ_*P z^z*m!wdJuQYpJKUxf%Fw{5ysqRrerC2v?DsOkjZGN$dCkz-u3`w$KJeb8{gd$I>3r zfAgoj)BO#MUpzxeSh)=GrRUG@{nJkVtN0mnl&miNm&*U=d(SKKfA{6?H~Ie{pN-0Y zTatTj*o82KV;p0SmHW0~siK;>v!s@Qqr6DnGSKD@-#2l7U*eplC>)rF-=!qd-5mVT zfYBUL+u!+Go9wqi$@8}W<|U+kQ>zP%;}X+h{03?xG>1H#y%Eb zHDT5PLsxq$iq8h7OA7*jZ@F*jPFoi8lteZg*WJ5aQ8iVq+4HUJ@?Z_LgMjNCv93dc z1GXj@)AyD3iqZ38Yv^)MSl58REB0%R9#9FRSvD_kV@nIjw%kyF@4Afi z04EciV7{=at{>g4OF7^c{rO}EFLID5xKB*EM$~j2tb|K(1xLpFEXf@WW=Ii3EhV;% z`)>0F^jW2q~&C^Vvma;iveSC+D~ z9rM^KWk0?fTbCMW%i2vCThXVjLe|r};cJ861iC53gkrwP6Q5Z{EAL7&x~b;UW?48x zQ5GZWR4hF&HCL`t-UYSmDTziX%p}T+ZWVVlp_rFS_{SYBE8cq`9CLcz9uB-+5G_4i2K5-Fk#GmerFS%;=YEJDl= z%`IYPE1=~!)g8n`AX-}J0&PI4UUe?Y0CnqGCVKG3nyI_*+y$RMcPem%B0D584i_a3 zu7M)22&>{AnIt|%Y*b)<0?-@dq^BaV7LR3IT(@L^Lif>c{z2FcD1V*cD~v1@|UhD<8r zUkhkvqmz&Xxg+kN=&r~4>uxH6)NEarHomhu)fLQBp(9nru(U@EA)gIe2wAmk74i2X z$e~+?Wn%@-1Eqywth`wJ_-9Q;#{s;iDXjV=^l27>ODfO8?qAofRlMyY-g3$Q)H;BF zQRfQ;({G%n_F)99F#4+4)}P6&jNdX**NWN?nm?cwoh5)fAnB*@>S!$^Z|zd;C-j5t zhwGQ~JM|nT*A*eIgw3my%d>;ilMhG7uim|O#j+d%DK?~QB3*zEr(#e#(#gA1y6&JP ziptf{%)vV~!luCL;O*PJ^B$ZYk1LLkQeOXNyA+apW ziv(&PD)mlztD}4~gpzrYIfUUPL@snJ)4@m;0Yv~Z00BiX3giWn366D+2ADgGH4nnk z!R5h+%kvMz44_~3M7 zZRu5w-@U9a$EOD;Z&x7K@f_lM*<6MH+jMtd$>l%7{uzEXh;mXat zxjZ;L6kpEYA75OY936i+J3nh^bJ?m}x)RqOjpMU}S8tCCY_!}zK090w7jx-tSlCyO zwSLzgsaJ2$U#~g@uVOM?aR@GD*M}F!Kc4)3g_bTwcZL*A@a-zv&EcEll{z#EXK1DF z9RL0D;^4#2!w-k&XFs027Jn{}&l(ol>YTjg6e^|WP_6E(2(!2EUZ0$e>YGy+m!EpH zwPBo1al%$;ET1&_8Zyj-d}Yg%3_Wg=0+E9 zKOs-wy}djcom|#&jO@fRSUHd-+Ex`^8M>qWa1;$4|NT;|oNqt8xx5^<)4lR@R$p4F zJ7O@pD+;SHWr4%l@#W9w7e9Tt{Kv4xlrPAhAbvyW)#V~xW#U_XSIl#EGW>9I{^8>I z=;Y$~@bcvRY^_=0a_<>VPsjyQx03HVHQ1b|LY1%W-{|ym*phE^SR24esQb-0shfdq za2l$ZFn7jDAGS2$)U5SaV6BOhwN;kgGkg3NL00^fd~p5Oi4@bQ1B=2n>hCK2L?8DQG5UPGU1MTMH{56~%J zqNlzY;me0=dWO2p=hlCdi-WBc9R2;gh%F2`9V)N1;> z0ra;^jvjFtech^??CQ=ZV3Jf92u8SWU})*(CPv0-?k+=9My_UTHqnFf;83Rr_c}Tw zm2KQNHq3gpiIFKab(e9m5vw~*y)*9RF<~X#H#s6p$7wzPqq}$;J)m#VAIXylJlGj) z#g#{&p}N@G-M4f9=k#+b2(~;1HJxs9rFt;B3^{frm+N)a~ zDlqQf`cTv4-EC`?W&JC<1F#IYJK3~a>{u9%Q0N{~-bIMy0N1=fr7TFEOW5~l#c5-~ z(IJV-v%m0Yt=qj-lg(C7{k2!V&>07y|Ki!RRwH;{#+;>wocz4kAx4wygFmb3rbw|d z!%nc=BC}5Kt0|GIJ;xl)-HnVu$Z?1^D0vNJMk85Tyd7KJ-JldKHw-PMr=0>+*KZd? zxS6+JK7Za!kE&2`P0)@gT^7^1(CaA+0V%Pg36wj(bXKdJdM$6jZx0RBQx7z*7 z^Z`eh4#1~YON`%ox49*y1a#$P(Qnq_djfSbkCE-rdoX{db zc>t6~eW8y#jP=4Ce^_=QEZ7o}3KYR>VOX0deAahRUzzeQ4>ZS;!?U|Uf!OeL13 z^8UbyRoN&VrrR#ya$xPc*2@f8-ptS}Mm0tQ18+tcPwWgqfy~jSLMEkgefjS^S9|28 zi(+S$LOv@y8r2DfTTbCnl=irdI4-B2I<;B6>by1s?Y-oouXs^+acqTg7KmLcpVO*) zP^w?nA|T^p`H=A4Y8%7w3e{ciF;I0O%Ry8I08`F!Z4_fuLq&=0h>`A;XO=w-&l=4i zhwBb^TX{4s8Sm4y!DfL8l$<%J~&EIh$lGID1B`V z@Ld}QXg&UQ65v9Jt8&S;6D(A~E?EU!Oh5UPM;X98X40*tmNP;``6*1`6wwRxONJOP z7Ab3Ss-kSKTsu3J*9^sz5uPR}^1PJYy^IYFdF%-PueB%6gfC~WSZ5(Bji0B-Ki}M_ zz@|HL_1+fDaNF2{PBO*GZT{*i8zY(^E=rT$gpzr{NpN#>6HpyDu(M;N$ByIdY1t}n zZf?4N7D`le5B-tttMb5c61OZOJZ{su3PrLoUK8p(2 zb-0ENV9EY}Z@=%_e|KNL_;&vPAfNl(|NG(<)VXs?J)?!0SHoPzNB?)SzXt%Osk6w0 zWS)`)CFLuCRZBpA6H&+b{n8eJ_3-&>Ed%N>@-WUANAyIdZ?Pi-)IjD6jBQaO+ z|ED?x>Hu6G=DA|jLFUlC4k|~l$aKAdu`7Ui+1NiwtTAo0o;GvH!yj-NHSO|}&CW0`sSI9<1q}^mF4pQ83g@Lv~Jm0q$w!*yd?r7M)aBhnT z04J4Puj&oBWc`1+``lgspY49T|NAhX zuWkKzeFpud+>?bC8!8p4=sbxRKT8QJ|>PGqK*B>)AZ*`1h2B*Q*S?b-vB8_g;Rp|2)X&KK(xh*Qg8sD_dF8X7kFBL`Rs> zEEOC4S6MWzj|KY2yaoEZG^aSMF~`ZlHN>&d4RuxfQ8_}jzr6SUPN@#OeV0JDmD0m% zJH9&Amc9bx5c~3$p>K=(@B7no{nw%K*9!r(Wc}ZN`Mh6=|NZRcxAp%aKKHTyZzRdX z-6I06me1i^6re901<1j>IRS`Vfaho)if7S}dLT;+v6Uc26naA#FSNaK{UM>esjj;J z+y%b@oS57`{eB*63I#X&0Vf>Bfh^u-vm%hu_Yf4=x2-K#?wmnCjapHz`QtY>E>AP2qAM z@?zFAFu}JUP;!kaNmLL`)8gTb5Qe~$Q$x`w05TBixa`tuNXGw0AqNW39Pt^6yloJv z(*uS$h{lSXD4F6!RMNmf5b#Bceqfy9WV#HBYIto(lQ?5D0OPnVwmI;wN;%4ewD9oi z=g))E3(16^Kd;ugf<(%~%4voSgfSs8g2^iMc~IQT1G5_b)~FaByg=9F3avJ+V9;h> zE!k)I*Ep-_nzlGU+#1u{-kMjUTk3yn-TO74W%}Rl?rtUi_qX_u5A(Ti{~ur4s!}qw z+T2riSnr`PwN+I|{77Vske*Ra<|FqZt7XS4@KKEq*E2(&HTEFc|MqM`N z>9JGFemB&K-PTVD_{UTNe=kP9n(Tg-M&;)f4XQ|zTgn4i(JZu-GKE-oE@Rl)Dbguw zX%FsPp+(2C1m;cu|LnbccjGpaD87IDoc<2DO7_OeSd`>4(>LI-BjC zJAz0^LQD}10NSm@`F-}^K>;AamqgjJ+wL@HPTC^zC=?1+g+igKg<3IZS2Q5Od#eM3 z3Y?X-Xphh(*}< zSrRRs19E}<@9&i2zi;mBe3AbT^4zEYkD;1FLp8<~s54K5yA>9S^6Zo*-_zSCEYTga zP62(N+Ol&ia2}g+2PcwE75sTpyI_|jpF^rR+Bx-dQn2&H#Nbl=f65{%8DBB~-`eXJ z@BeP@e#!swFwcG4|Lbl?6=EU2F_cvoD%4OOjmDnOIAOqRx+TeBnpy28(1vfX5FHCf z6V=EVV9(*od(XcXqxz-^ypSZNNt+qz?yq1ncm|PEm){A_ z0+^-9b}5*3SL(pI88~!$aMfv~_}`y1^-}u*cf`$D9prPs@CHAOBc3@K1E-UI@ls-l}^tOQ2L`R5zu38^s;6z*M%;N+Z3u z?6}ifl|5%|&av<_KBvdm3dNV{C=cDXP5<&Tup)B29-^SD*=$Wgz_0ai zG@=oevs7=%y{+uCy5?;<)!z8kUF&amb4r=t?GpT=Iz_`o%J^AbeujKr236G2#TF)I zaGN%`)Cb*j7rwKeo6_Zc!i-FVdI0UV8`ju(3iIx z?%dQT&nQpMQYkYkT7ot%(lX`k&!?Y0aqIajZa(jG0&6&j&eo|Q%9p$&XKzIa!bM+sUsVVn6xyT{e_oKNSPG-k;^oRx%Wh+m{T5=UXY}6Rt?g$C6~eN4iy2 z?vfad_L9u<-#eX7-u6}edrtDxGGW=gq-pK1v&5Q8QWW!Q7F)>W)Q0*#R`tdtIy!XS z$b8&FTe~|>IifG0j!C3JI8rZa+mC2y{LSi$w4r^~|83WaJNBn&eEB?=N}ao7$k=5P zmz*5kNi@!krnMGonKRAz#wMd^&;z=w@KwSs;@gUDv=oCvyxV|l|CmUT)NQ8z7 z4FejDQH=ddJSM_>w)Pdem{5Ui3Vb9cBn;6wWJ7&kMx*ft8~{psMIZ^j^BzZmY9S(H zV3lY+hIHH{K-W}G(EnR9z2bM`Co<+C-91_XCaVa|S4W$AQ`Ml1{nf3`-a3W85P z>)A7J{hu8lzIt=)O@ll3F?aoM^)~xkh4?@H-Tvm6``-`p{QLjvbUFyfaYt)^KQkVj zDtbVj&fnFZ?kn_C$49Vy0F4;Wim4)59V(EV5OmFW7#Y5pzTLJ*dngfr-3dV-ejwpAE3f9#6O(qj05s8Z z80(2dI20@ulDYwlp*NUQ{OYA1`TP;;X)lk?Bx!7;>k0KIYK3v~TS7SrU?Ha1jA3b| zJvx|B#S~O&I3Cl$6c!L0!N-i8a5k$TvkN0iL+9LOOtz6Wk`pYEk0UfBimU@g-a5of z3hr+S;nXZr3x;kwR}qv5m~b4&h3QsryntMF+kg!RIck6o6JjHzCLbN?_Gx6vLs-f_ z6wO&zwr~21he=1@SLLaTvnKA%xs9s}C5DrDqrntU{LZB=ugeN5Gr< zX?YZw83q~C8XPRg-Oi4`KRLfR`{kc+58oVj&yG*uou6F1v%kxX?eFLCQM{WerKL z7%rJQ>!F%rO}(s2N`fx7IhnF6B9L7rE|RVHoj_O!=2I*!Op0N-rILj*KA1O-p zi?7i4T7QXiA8rtsES7$5&?_P!RFs;@FVFovHwcVI=7*ZC&TSra%X(j)Wu6?C^=u9F zp24G2JSJy`Q4bc+x>>5PfS)6%oe7aI&q|&fG-$Q#T$E?)Gzmj}dLiadSaG(}dD0eP zeWZb~KsZ8}bNpojZ}Z%s!H0iT&X$SubQEH-V5X2eTjx$S&~mfbZ%7A!TNmwnAJ%93 z)UPe2+F(f`0mIB=F^R;4j--bJ9Lsa!CtQ2sN%Bz+&<#3N??Jy2`HxnMOm~*fE=4jl z#h0MDO_A*}BwB-dXZu8)2+650Nzl34MCV6G2SzDFJc$m)PlE6b{pa_bB{67RBj@js zNV{tQixOz(azZFqN*%jaYOB$YPhJTRoiZT+4s8NGKsb>Mt*edj3{g7@Nfbn?-$<#a zslqKX$lDu=Vtsh89vgHP9wzRrv zEY*$G#e3EWbE;5ASB-@6JXO?|r-9NSb8Bo`c2ra35g z!j609pT~~z1CR{i05;xgm!>(4TAMb6;nMSD!TICQT5z00{(&v;9{jHyrdn_`=Xu4{ zL=W8Z4h0)`PNYlS4j(0OOwV4(d>jr8IN*=@3Wi%)S%;uiu@QnICf+k3N@J&NdRh*g zO!3ff0Gxp0am0kA{u>sgF=v&?I)*<{Rsc;|K+w9Hu9&kS5eU}LkYw!H+CQyvz!ose zARtjY1!sgq;VkA#a7;T2oFmhuWZ9xppk%i0%$So(&}FdG5+NaR%OI%|9L&d>nAK#B z#r?oy!J(1%OnCPJn{pa`P=Y!}Qmo*^;8n>)J)7<-=Q zp;IG~8Q3tX$Vh%eX`6z`4b5lLrKsAGcw8Yb>#!InVW=;7Rbo+nMmopZ>aln-ddsBh zjYM)VAH;McUjw3b_+2%K1<6qdVnBw;*wKYz;?ogq3E+#_FCZ~t37j!QT7wmVSdb8stQQf(`z!X?|p6kH9)2CBI#E?EjP z*$6OX13%s!urdd-dY~JZvTl7DVg#j7m$&vfqid))8SFkMaOVJr3z)zhz*3AIPcaSa z0V`mPsM1aGG8Zt_-2XMliAn<;6ao8=ase)?Rlt=18>!Oh&ZKsO2IYPWfW5}`aFqcI z@had_fR+0#0QNFu<2it-&ntkW44C2u-w0^`e+{YtyHNXvQ*dl7!*+x87kgry^Q6ig z9;9kx8KI{Di2qqBYg53^{RyeT7sxjFYyp!DjY&i}B#}x1{ORoVlA`zq4JJ~?bNSf$ zC5?^4LKVi;XLL<}$2`cLGA{>61z=?XTVxk%*Qy2Uk#<+hZMF}Cz-(--Gn-_&v-eyU zA#f>e2G~MAmJ{}+vPd6hYmgL$f!Bk+Tu}wnIu5RIRl?Z~I@0~cOvnz6sPqCYG=<6Qb-Sl* zBTNAkQyKrjM6D)f8#sS+af)=hH#A{lH5-_D7=v)*j4uTkc*{KmU_X`A?i#>WsqQxc zY_7Ur1Z-96ej~t4=!J!V*%%G0fT;;!#|t+k&DaG1-*_Xk05CX!Jf6mKHg7_2(4i`4 zOwYy!3*PJm35j{?b~X%gbeYcfLeOr|K=P!T^Q#W+`On*uct{&aMJdv(7*47bONiooS=!+d8qW=nhL<`WTmx&y)x?YxskntN{l%W?V^tOQ-P{y zE|ru9Sf0!UcAl)XrymPOmLADEZmebv*n^n$M37Mu>Z@wnpVYt!rn@Q^kxILtA%0$@ zr=CwKjdd z7mhU$6-aSf3}OFTXg7a7RR5Gk$q7i(Ru{CETVcgo4Z_!qX}M z2~t0;_YAqerTlx&KA|SSiR9+6m!RLhgP?B^nVoGZdFgkV9b)>1TGF9v7~hFTaVg3{{uK7xCCDzrt77)kh)MxZ==&#_NV38ySLCq9dUT4V7^goG}!fh3(0G^ST1 zDl7Xj(>nmu2SH=ig?8_JBu_nJSj<8;o}I^>;NXZwYDLg!-d&IzbYUtXT?;wYz<8|? zf`y=Cy^A7ooXkf7Tbo#2M`aF(Ycu~94>5fa!cI^A1V8JLvCNwxgX3%Hvo#<)>a;+tAI;N#+I}>vf~Az&ujs(eSA_w@wjLzG$Qs;1~Ga%=k2Z?#F+aKPZl?|;yQzUiMG;gI~6vDC-&4z zB}Fkd0b_HUZ%Q$h_Lryh)FMW*knkmx7-OhPD}4rtsa{IyedwlI4ET=`*VQ7sQjL9| z@xWYAXOX>?ZspcGE(oQFMPvg-IAR+}OmP@)peYGxGTlHS=3}yfKAL|w^&f3>B&z8E=kY%k{;#!&F%gB1z+E%FOYOF$m@jy4&V(dWG==~~ z+P(9BE?3{*bAtwl5SyrYkRTE>_6^v>}8gc zNa8qzIKnst+9~-c7br&a7oeM`Wu;mYF=i<(pqLzg`9_rai;eO1xSty|==Xa4IpVrG z3(lBtW&nSZj2F#gzO{%Em~UFKiodv(AAGD!Ja&`Ixyu7rNNzfSDUK*r~irkVlO1 zM824CA|@=Xiv{+bE{3En_jFNng9f_|5F-+}tGoy?=epQuf|%;tCrU@9%Za5_D&^}w zO|eufl?sSyB9`V!r2?)V|8s)|Tb0bWfS4v?sZuIEIgFU6Rw@+`(?l#)OQk1@nOdn- zKui;{R40|5Bx-7FLK#b zGMCH|;|Px=N!ikUjk?ibst}_i@LX^_8c`n|e~g(>!sc}O=sS-%*v_1kISoVTJmQEs zb3n7wRfi3jbJ@!E!ZoEIOGK9&G11IcH?_dnB)HQQb zGrA({svF(;ryt%88Wh~2vroCv!MH9k9}`&!#C(JFYdsjnj`i3c!DDg>RBnKCql;KT zs;>%|t4F!9J>(GPJabYz%^RJ_&0TqPk7DMQ7@Z(OP!=7Q@7qD-VaXXp#N!0{A=MXJ z%$1ih+pwVlgp!^y3zRy*SrP>u&W5W=f><}Yx`4@ZN2f!74s;WTPACZLGi}wOLcMz% zNZshlA?B+_XM!Z1oK_s0lzFC2P~SMA7a($lnh0-_@^7=twwhaH^j~$ zO7)<@=DmMAUAoa3JuYV{$=TK$$ceL%`j|uK&ms zgI`eNuJi&DC zj&y*)36^PIWE(0_GDIyBL4~oXSa)(%_r3o9-&Q)>#-p>5ud682cy;RNc2)(;uR;%U zC)h?16=}>zn=(2P$j9k*6vQAFv<<|MIDz}vJ`u~r26q!j*&N)Jqf=|D&hlVK2kWkS zbW4D=!siAJx^>qdzC*_Y zC0urd^t4e? zTz~qmtZJQn?@ka$sM?Bb4?8NOe`nMj1Kc5l^pXKuu~%or+5Z|aLsse5Rf$GiXCeb z1w=1dp!3`2U0ZH+7gem~riPs?GlyjgUdhvVbi$?)uV})YwZS0WMTEuuWEXGzEH`&& zNmz~ylaqHkEz?8J&+SL2kHMV8S+_X>o74BBJsP{8XU>7!?Xy-iIPm&BpSc6JK@Kv~ zZRow|OqNmOoHmTaPZxwlI?OUU3Nf8NdS}M@Pi4}<^kWH~LNboW1U8oqaC%dLHPeI% zO8=QXbN0AZ=+sI3-msuqV6iH6n!JBg)y9ek^XZ>Cf@(fG8@ja2MJHN+b$ohud~|qm z{OSNQuh-8Vjf5mP_|&nb7Cbj-a7J+OGpCZgi~Oqel)1%De{Y!h#k5|r*y-<&#&)>! z2b_Mtr%ichfF;()Hw~%NXve4Tk04d5Im=n~C?3r-#|l%0PMZ@2r0`;l)@M{z_>~M6 zI7C)-B>z)>mJ~%|*+8*2vTPbrIFHm4E65*+06{CvKb2=m>a4ee*0f%uUgj*NpV89* zojT#jDdAHJ9v1Ts~S)tLh^axvv1J5b96o-VTk^Qev&k#a;B3eBU}3($My*x zr6?VLe{z0t_RBxt9=mdM!G2ZA2qj+1Gf6!~}2d>>gn3d7g((LxKfC5tBq);?e_{4Mays z5V@gGPp$7iv?KBO;c!*;j2^&;Br7NMBJ2OFV$M%r@by6T4PVM-+w)jn-m zW!FHZh`j)UwoxtiNz2s3N+{;%+`ZAc!UT9(nT>D>8&DRp$lQO(L1{A!XFJkrDCXKn zn)pUnV5kxohTR(zO)y+Q47tjNE-<8|dqo9L^m=)j1Y;sIdRaUpIb0|xrZhUd!ZcJJ zEZE+>p%I-XQxriu{%%aTPa>%_NH)?*6v3_`CM*d9#0hw<*!=5(3x&B@??8b+{uJQ` zaNM9b_+t|&rg(;i1Wj>3P?9z6LXo3RMQ6gtA&th1?K|m={J=QZ5|tvDsO`<~dPz9+(dfBBgPq=7DBggMS#9C6Q0OwZ2P6lDmbPz*2?#JQ}Si=F_tKuEtP2#kSnn%z3)Y)a&WBm%DMa7nmxb;opd zXYzQEXRbZmmdRnTu`%53k$<#_s%_%>Glzj^|X;!vL!KDWi-UpK!=@mU^&jqjbf zojkG|D5bHa_f9Im-2S%7d<-`CJ^HLKo!nv-*IkEL9Dg`)wrt;&)Am2jXL$>2JiY?)>lEMCcRJISr$D*8(+-{)ZO<$+yYZ@x;n3*jStKeKu8Fwh;|;DeM~1psB3XV^#a% z5OC+`1`W=VNYW`W;qj{!;=FY$mng1@17_X>(_VG32}+){`=#~3+?j8suEyXJVXT_m z*?dz#?2~zx-_@BRzF`rSj5qX~F>&b6b9K>~+5KvBtIu&vqj5^4COU0Kz3*bev8wl| zo?D#Ndsh0fRJ>gkRyg z8^arPVoD(_(e;G-lZ+ke3&umDiI4=#(Pet-md6vJ^ zRKTEqeKr@5H%8lQjz=1eiFh*m;=5sR!Xn0B&u4}=NN2a3A*ZyHBTAt%2wc%ZqCiJ2 zef-az^}%1+5HK>I4;EwU04>_kH9D?DmgQXsfyVj(^j9|2HEHDBjDJKbPeWO(qgcEp z@|y8WeJeJjp%uik_~g+n?h=9OHlY{p@hQcziri_tbutsvioVTEA1Y5oF~&}QEK5eN zs2`H(7&qtg09jt9mRk3+9iaVk|NEc;0#xj?Nmhpb@K`KbFObd<%`$)0j<8dCJ+x zds;#BY0QqLF^#zp&sIZbxhB66b4ab(yfmh<{8%8^*s6xHnA94L1yaCyL+oFY2u{lm z!B>(FL-KO=9cPgwks`oy=IA6OHgejf@x3z5p!F%{6bHjLVo^9VxoK3BYGW&jkRgpO zziGZ&8q$~^i#FlD)Sy&O(+x6T?=l&7tj))8i+RzQQ`7PtXVWTvuy|e!x=T|r;%thr zQmG{MlMr*nI33gF6rm;Nr7)HXe&AX`^E0CdL_0k#}If^pLqs$9y$3fp&T;q z*XWMb{!)1`G504_5?>~~E+Bjgomg~2?b%nH0Rmre69}6A(auH(toP) z$BJzYs=!Qy;=eWFqf20_(%N>lIxr&_LjAT3W?VPn^)8ZZLyipX?pJ|ORFvM4X~L@Zh7yyD{s(Xznm&k zgGr2bWu?A1VKwm|Z;;i*G8Msyq1$GuFM$~{ABTAeYQR*=+OlA-#+B*@4Ysy=yOm3* z1ZGm@y4CL^qOAV9)dkDUxBmt@v% z2&U`hTTPq!m9uhBUPzp<+3#1;re#P+s{eX{p68nY>}myiLz%9@tQF{Uz+4$dYq9xk z&ALGl>`xs32d#;#P4}SF5kxBDc>(nGVI%$X9|MH>I8i%q$mKdA;Z(ash2g+M-!YEJ zNAN@0P+biM1D{2Lh2+_qTNF)a9c~;%|L55nLb}IP5dCDB&kMb7tBTl_^deo%Md`YiJIP)AY$8ffRsLcAcd(8odOM`iB zPc@$>3O$a$qqpxajt|f~n1Trv2K7{+0CWiwKrd9Fh)EPPbATb4Nr_yvUwtF&R?T7P z8%QMnL@7Xa@B*<6IA zeJ|SDoDGwzH)^=$gDTuN&*h8gq6<0}`O?35ByK;5C-3!H{mp zqB%S|5%?$8HdXaY)^zSxOt|<22S({tr)KR6XIXGPL65? zwmo#70%c&K0xb^w01#`|ligmx0gk0649ht=LF3}+d;chMm9p<6zfNEQi0#}W}9Is!cDp_!LzL41HS zbxUD7{s;itgcOG%8|Fz-x6rjaUD5q#3aTgL@T=GTowkR5VAtddGKWOfv!F#nI!uck zC7G!3S;FyHZ>p(IAgAQhC{Z|qxhl_;THeA#-_a;QQ|&uEVti_{H%1lVS*0tL(mWf7Xnkan4t@F?pB%okmsMLvlo{E;omuI{Ik;;ECZ zkZ#+v3-iMn(~SQ8IXan66CiUW@mOSis$M)Z6EIyek&G*O*-awFaV3s|4%ZEJR9&Yp z;1?$#?Sb2}c%g0UCqPDL{^{k}x7XyORvN;&c*!jM#Og8KOS$Qy+ew5J)M>XVC5hm=#*_sFt*6?S9V$j~n2c4Epj%8yTWNKm zt3gvlNd)bs!Xjc50itz5$N~B=OvWHkU54N@PCUu6@1>H*V|?6|)W0OMyVKiyzSmA; z4^87xYdKh=pHGpWa#blw6y#X6LOkTEO|ubdJ!cMfHZ(mXQOrp|eNCE5-BE2uitQNQ zjIS6C017Sel_;L#C;@V_sOSd7{#lJ)MdDY4&r&pHd&-|r(b4M@t#a5aG>{uf^=4!) z2~;tFSWY-eu`M!~cw)2^y|)l(NR*5PkCl0lsg)RphH$579Sf06HEdWy6}up`le$2I z%qrSGC@PAIfB7;* zPEN4MGWAjcnxDO3VPtXO0IcnEziH~*K2#QRWRx&4uw+ZgciBZ zRzIi3r~Q>ZRCK5+5B)$mta^YKHbkX0U#R;64C&9-DvujqOlS7J`dLv*ZTDYHXX>Ad zuXg|cVmh;bR+O^nc`=>YKdaheT)x=a>g}dfexk*9Iv+UX1P8NB`Bq<2PfSj(C`*Jx zxHo^P_D}7XNWMB4W#2^}-X6#ngR8)0I76RvDK(?5i!ZPqqa4QDcOB^MJF35W>QmjI8!o(j%KiQK_@o5DT`IB z5~qh@7S$kbKb)z}y1gf#0h`m6^;L|5EzY16AUQlgcet^%^joF$$w5*ffee-0QT(L% zs}n$F`ddN-)zJ0}MYGS=N^KWKRCapi$S0_h7gE{r)eAU7%Be@@xrtk>?Kas!&e;T?x(oSvhf&R&a+R42(DIi{M0ZB(&r;Qrg&TbhosFB2RBEH-s< zz`(ExOHT(Sv^|>BM=MlZOZW(yaP=>jTsZL=4>UZgZMb%lM3ROnCX8zh=(ZYFA6^s8 zBfa{8u&R*S%w%o$+oEHxywGUeEz1+vVC^8JAW1W}V>U#b7(4tZhsKdPicJ|y#oAfN zp`5T}JkeM+N7Yjt1z0jZ10y6*g<3oc(@Ia$!oeQi2v9;g=zB{QKH(CKypp7_C?yHx zwNVCAb;(mz?bRluU4%1d!kyN1;WuE*$e(OGWzZGHIknEZBCSIx^ADar+B88 zTwdn6_4L_-X+QVHpI{n!MkkfzqkOgow|`z9e}D289UY%toP2k3ba-(LZ=bEbIXQW? zdvSDhD8C;cUZ1=?9H0Eh;R!yvrdOBb<<9Y&!`}Bt=f8b_elpy8^`FNtkFI|@eDmEe zACG=N{EwI8x9^{=d7k%d?bmakUtQ9d?{;^-+ur?=vZL3}Cp+@h6`KY>_3>}ZIc=+Sd;eQ?Obo5(v{vUq}emvQ_`tEgj{QLH{IDEhV z>wk4GgY92-|NG)UC*kYiFa8T>(ABV+fp?TPp1GGOW~|qPCUBSV(*+J*3hDCRKt79S z=GfFYY0${1ivy&399Yjh_mGaPz({@|CX1mpM zL|e=j)qK5+(E!}168`j7mm)M!Q$RY$?SnQk=lc60NfQMw^ErM;}p^k zZzfu>G25rx4>V>hKrzR@G!c?gGYmS6!9bCj3gD9AJCj8Qy@d;c0p;4^P3^#hBsfrW zX8Zw);B91Wh9L?W4zg3@v>}18!VQy1QnL{g`Olo7kooo`bkJq7tnjVL%!w8XPmN7u z@8!(;^AruVa5{}>z+)!o{Zkr~0wFU7uS+&2U{gxbW@{R&Si9a@X#Ko0X`VKs zoo5EvodGogFJ{DeIi{MaU{hi{1L11Mk^|jACv0_6MRiDEUchBd@xk1j4{YWcMT#*0 zFc{-TL#CkSZe)DU+yflcO@(%^(+&b=+~(Xoa3J*1A$SjJy%U@PoIV`a4sC;agJaz! zm1uqB`jaXC7NCKKDg|ZGcD<~skPp1XceO~hJr)yo9qH5Fyd*{lq4Gp&im#o*fK$0;Js*m+u7*wVfK;#s$R;3Ttl$|ck6`WMG4Ra8Z zaZ+?3hEo>Tj&02V24%Ln0azWZ!%Et*S8+k{D8zKC`JJ_*nE5h?I@sq-2*(Vj_mRe= zNg{A!CL9sY85ep*o86$M?y~3YhBiDvhO30550bNF7!omI4CoFF2-+R5RCkVNlVheB z;orK2R*Szo&PC3SY24YWI?-bt|0Q&VIaLHA%%%tYMinCL(YVqZw4tf88d^^T8711; z5C>OEdIqjz4{YcRPooi)NQYk#?aUj*+Aapr&vA719&?e|9qnFahNq!pJU>t*@76fb zYoG%x>j1re_x(R#AHP3-tzRQ84i5CZrYoV~!R&&B9o`69?zy9V!nt4-LVy_r3<WI`-3|*#>Ty*voUK(kO|1Eicenm79?QT2}zQ7U;&saPY#SdH}w_O^(?pg z$+n%I{X2BszgyRPcj&t3 zq3;;n>jVWOiG}0@>s!NIU-NPpvGo}Tqs*{NqHao=oe^i#jw#UT_d5N4N3!fiztijL z6OfFU!6nMeFu!}-WNi4^7ze{LqPrktYYs9vF}`d@Xs4&ZZp;Lbq(LCilnM|44kLHW;~;%Q8abz6oaj`hSlBDM zuIIE-SDh>ES|J$ZgW13-pM3>*KZW<1RODpLSrV%~b_Bqwl(bpW+P#sRI_mC^?$pL-pSCQ zQJ>pWu0*XuyPoJlzo*2K!6JyL!A36hhP{q$qY?=^rJ>rUYjr+HN}HCHGDX8K9;I`t zrDcLjOM&2yw1Hy-4R*YJ?;~6u0hgwTAsYE?8e>V*8>Kn2*4HBo%OkzdV)_*uj?$Cr zIszi8t4c{+a>mt4AdKr=X`QNQ5~ms@!GeY}t3_mX8;FFF`Y^v&s#ig8zf$kCXTM?x z+5!163_CRHyo=xxvS2aSEsTZ$uxGGOp0}3~=hgS=BL?ak|CGORB(`bQT35jJQI&9RD6Viz}`<3_-4DTtI zwrh(D%T1F|TCAmqzv*}siD&-a0OgT&3mp=Kjhd~N9gi8e?j+e|^K`qW&D=CHL)}7V zS3K0$kIhL|%I2Yz8G%~*BpfL|ig{|=wJ1A&_u8U5cQj?>mYQX4LFlC1E+8?90uuSN z8eXF>x92gYW8y~=F7G??t;BMS59J89ONtX*V;-pO(|qzvq7VWhRo#!I5Dh4>Q7Jyy zfuuVRh$ORMan_l$jQ;SIWS#w9uU&c1%yC6ZkMk^ofjDT!wu{#U&21jDhlUw8G_YYD z3*qkSHFNEP)(mZK4VoEoHlu1Z+T^D>nK7(nC1Crn8Lei=U8OpJm*eB%yK0DM#M+Kd z-yfwX%@d|i8Zx5A5~nv{Qsf$~%QZcYGF8)6FwMpIb+B1L5q&(O^v2(kvB^WolPJD^C*Ii8@vMyfhNUKSB}m$86m}6>w-;A6hEcs6g2rO}th4x8#@pRZb=Q2h z{DcEDG&n8Y;xdPZKfgPBbqZdFr-$d~>eq|>op|H3*y&{1hOBo}^?mr(A8;i&i#w4< zg8Z|EZor9icN=wrb_&Cr!?TmaS1FjOVp&8Y`NBlmE)Jq5Ohl`lo}2w-7&XwMUDxXn`vB9( z%2UI>+r}UWH+5~UgD614$MDWojZM%I$xyFE)2OwUhJIbiC#$N(r7DHeji~zzan2)7=K{7M8VMnd zh}9rymRus+7lv#sN`&_{vV2{AZXA*3Q}cPa7-D5yfAgTfb+EbZJ>N$sZ@+to(2Ey; zM?b-$wA8O7!<6dmc)h+;=gjD7)0y}!{HIxurZ?yQ_XR`GAJk}I6n?W)Yeg&qO`@ga zxZ*hG4Eqxgof;)MoE2;W97i?_u^R!_DtX39KEPyZc7{S?Zo<+-CH+ZP^U!x{!xOP< z#G(y-t03Q9b-O%?Y?N2UJ$wCum&Uy0YHum^wrWTw_=+-)hBM@b6>+?w2ljr!5sM`G zC_SD;hY&J(uwiYT`2r*HJ!eU*FE#YkD$?6}lTlFBac&PfmxZrkzZMGSMtO909In&A zkO-OHZ4kx=lSLXcXSIrCez>?e?dsd5Uu(`_;D$U2}b;3f|iStb6Gt)iLb6;T(5x9h>X8UOb5h?op^}=w;JQygj9Kw#EZk z8v_$Vt`H%Re%`y=ls}|Ld)lm{?Vti-6f&lEiq`v2hkVH{mr*GY*v`>9j$_f@NR15Z zSN*m|&?SumwEikR$!&Y+P|@cl1P_FmmjVH`zt?qtq)`B_Hs8Ph(L+ZQ9F6Uo`u_co zdY1^nN5Cpsm~t@r5w49K+1-b4kj@LwM(B!?>kTBBbpTcr(lP|mGQR#cw2iT=smX_~ zqYemf4;^D3Qj!{4=wohkCJoX~qtRTH2xrFrK2fZTDtQj41|#}Wlid_c zUo$BY6W{t<{QG?CBAhXcZhv!kd-Lzc3oWJwrvtkwb`JT|ARoX&Z8%B@-W|uHd(|I+ zwvf1|JBOzy-w5Y;W5ZY|;o3=5H5b;pdr`J=n&^{Y)zBwT(KvUGl^$a?Uf|YBr{-3N zeA4*WY%_80L;}*jDP9iv$yj=>8NbAwB~g&YE3`}lNGqNA)Y7962LKPWjpS}NoZ0|} zG0=uHjoB{R)ve_$CNGqFf;#bwZ$A9dVsYyLwK(`?wKh;osV(YFSCLrP<`?Y(>AePY zX}W6t`Hye1-c3|;A+aQ*B+Ti@*)G20W8vc*nTa5%C{0@esnGX{O!iJg_#uV+gy~u_ZFpG>LN+u> zK;ROtS&^m~!Vs+kvL{^kiT-bKI~| zh_B&3!RF(=Q~0;Sv2VIp%_vViF*#c2VEzJ^+d=ji0TgpPX+z zTl@Ls;)i!XU7(*2&(03tUYs1CqjzWM=-t~_Cl@F0-kzg(-=V{|zn~va-oDyEgu)#_ z^3iM@xe2SP1oXMtA=vJ%>`7xEhd3H1O4l5-D*_hIoce&H;MtlJleRn}?_a(=PvS{g z%ipwVB0&gPf-e~2g3 zUk}h#|JfReq!R0J^r#)=%_*c4gCM=bqV&@-IZ7H%eX6Y9got z!cWqd}n{OvqwlU+~4k# z=bO9xdz-rfdA`>V{JnjD6qrkA6E-CW$Zk-a3kK%uk*`Ku@wpqY>quYE3E7wl`%USR zmtGu=b^S{+gXB8ty-$r6`)fkNm~i{cCTp<2t)H^}ZMx7u?I{Z>T`GP5Mkz-dpkP`I zCp^rCQG153OY2r#K+Se5?WbWwN|irAp(YglD&e7n3%&i*J#{p3dUE``{(e=aTBD~o zT05`OFva={Soy>Oy2-ADS%jHpvk&P_wA5r=^l3N%ujH*xK!y}Yo&IKrZ&x%t6TgK) z$KE$=)&czw5{{c=Z4bi{;&VWS>w;e-CB+iZXL?hHm_r5S_S-`?LZav0-1 zLrIaQU1~(mA;Ez;yQwnscXI}PTUX+-dtJ~j+k6KO?S1qqcJXQ*rs*Rf-uBG#+~S}A<>>alK2xeqI@a}oOO49h{-X7lB-|1~_;aZJbF=qxb8CAJv&}8+j$V%TN08$W9prq9)2qS{!)kM2F3oG}9k1$HZtB^+ z>+MwXT>Sxfu65tNgT^wC_hwa!Ia3zJ4j#DoOKZ#$U57|}Hu=JHzD=5>@ zv|8?KF|7G-x-c4Z;QaFL=-B8F#8&ftuY|GYo2+E5DUNnMxZ6`^uKI&|nGY1Rh`AoU zId8yGwefX1j#sF2(D!=Y?t|)_S-Va;%LWZ+7~J)?^9uQ9@9vxw8ol*~xq^}UEYgnT z4t-kpF$->uWV{Q%b!abTrFmfTo@@nB@*AX;0MgGv@;K#-lM6;4Z!I66u57ama=cN=aXY zaK#EpB7J8fq2SDn6G=x&xZzxKwwX&G8Ex-wZtZRkd;X5Uzt7Umm-6s?{(0$9PLU*f>Q-vmTaw@~^X3tam^$Lp%e0a8&2G6cxdj0*q z?XCV^%Jn|A+4a#pbI*TVt5+8+r?)x{SaAN+?`>}7?f;wot?jKZ_Wy@?Ts>~Bet*1H zt(vUmwUV{634iS#jPYxY?eJ^0Jb&%>_VTrqrLS2l`I367{IsPKmS}?Q>~yYIz51(k0TlqaE_fS zX9 zBuGLUjZelAOJ5&DzFehDt?A=Adz|zY9m=(&`cYk=8}wVkBq@GX)kzfC*VjZ*#R2NC z*$@C#N ztL0v1P*0v76CEM)8}d}Awofy1_}YwXcus>P6eQoOrk7<})irXh8hp>ey<{;9*?9IN zSpxM=rECJ+cYx)_=*?Bt@FMpmx=DixwDQ+AZN8?~qG1A~cY*+S3$cHjk3D8Vf$gVv zMpKg0@hupQS0{sfLAUOG(>=H&+sQ9G{v8MiMHXL9Ig+_{>6`*kKu!X*E zJT=Z}Er!2N$BPbLWE0auUiKj?>tMny4ybD*FZVsIRYF2V%~F|s?b7JoCKM;IO_U1W zUexAWvWygNC0XvBaaZRG&H*ge^&-*f>rCF%C6jezXf8)#c{FG9?3uq%yNzy8L?fj@ zp?)vVrVT@jm_+Mj8q1k8#qDBI6muHM5o*o3JAHuu6@W^~q12rt--~kQ>q|1*Kws-r zPX{k5h@lA4*IK}Vuru{4#ZjqaXJtXCKud~-0i!|w=t8tJBzAdP`8wF zjhR!S%X?-_O(ohVqlX&7^&|*luDp801kpeQtxWnn%;sPBw1U0AvzJ=k*58p!i+28> z+Rj_|+{*s%;~1x*UKgJLEU^FY?Dn>c_W!-Dy)X9vhj>1j{a;Rq$)o4y&o#aXwX7jW zc}ffzcauypq@z>;HSUP+S}uNc+i(lcDb;a`0sC-%Tiwn(a^d_jtL@oVYzMV1yFA47 zvYH+m2?~e+9><);oI*g`)X&G}Aq%MB3AptPlVD7w*KE#WNQ~!Y?d4`pkm(iS5T%?G z)cW_nx7qLXT4nvDo({Zr+90S5sHMB?UiF7W;(jZS*1ED~qvmaK6%l#O_@x(4G@}{544^a`dzbs5jja-OK4;OdY}gQKw)8{N)==q)%}`~Ft`0pq zik@h^_OkMgQPkglaFQ~Su~vwtEW=epJY^OBQiyUwPBp}oTjL>7WrqGKkVJJ%$c6~A zrE8F5Wwa?a=abVyTB<=2yTAD~1Y6zl^E-E3C3RLJtiE9Fp+)@J%fq8AOk%@T#fR8m zg5TU-Ez%t(a>6+MU1tMX28HvguMU+*XRn$f(C5Jt_`5sl;h1J*zZB|fYOW4zho>j! zCjVG7+~Jto3e8d2TLlWurNZUuueR>$(D;KQZ5Bx!LdxyKL^9#ykno0Boy2$v#eHj8 zbQ)W9J11ck<~B>XGLX|~+`Za_A`6gPs!)g4g_Tz~9q$R3)W7XyTz#30WhO%)$rF&< zrz|)(VaD~|9Z`|xTyAI~5wVw6S%mwY+wm1`V*;p`ALL)}vo2MXHB#Cp_Ha3apYYI@ptEV!)>&0*CRWnTmQ_Vr&FPGbvY7d3Ai%S>U&s z>A0@?L(X-~f{smwkkQ_!o%n_@HL~C~YUwuI9Z~@c5}4e5SsKYLZ|iT~+9A5ekSg7W z429LDud%+anr2Z9P!dTRrUkaVEw87;pXF`*su_d9LULJ%D1@`LkF7uc{Ii8ndU@Ad zGuLGmSX8)uV*xpD#^fWMcDs2b{`dpravcol&p*+S_&5}aANQ|kYsR!tKLTp+ci9k-R}I?%@DBo0C>Uu&#kS^;`#4Rf9K2n{|9*<{QMWClGfp>0g*a8 zwGBO^*73WTL}Efma_uL9$K*gS%A%0Tks=joCF_z=%LnQ!y4#W*`#U^6FgZN||$`EAKYJQz+1btA@o(rTl190jXuRc*6XqsuI1Ycgo3!&L+B zev8gDxn>!tL(+t1Y2;9Sfq;QPG8ew$RKGxMN@eMF%j6Slp;nrD%>HdYbaL$)$47^3 zJV9R5DEas<)>$Rp#f>ARy(M*k$PH)NQmLbIWr@voP!$cM)z_#*@Q2X3gzf%a zC{*2Y^m)*WW3|k#{JV}Vs=upyGI8Hppl$tvr{Sa0r=Hq#EBz02^k#Se|D}Qcx4B)& z|FF5WyZI&m!-G5zssBM=7Zc8s@kH~bsQ28noJc9_@-~X#8^%|$>CiJIL1b&}#(%8@Wa-Sc_IodQ@o% z(Kiyw31`>VBw^x^Y6TCas-Dx|DTW;PR!OQ=H5Z{Y6OBbw!40Bc8I9noQyB}c9;uYJ za{W|=JJXr*yc1!Qqq`FNYk<+<^xy?*{ZC{QF`uL3v$J<+Isr4R$C$G#YO|}`O#j*X zEi7^;EuYt_@AQSS=;dCv{wG4k=PiS*&sZXIMIwYpl5oU{Nh}Iu-#{!3kk1J)F&qlW z6*nZ1k2y_hJF{;uP0G16Q?^7`EKH^Z`5~rLu@bPqOE_%CXaqsPfjWI0ss42mI|Y|a zqqzml7oHoYPKUe3=$=_p0>2y}h#jx3l{t{?mgz z53c_?=WH=&v0{Lb)jYyeQl)+vT7!SGJBaY}3^Jal7n_a#BPT?cMlEfgXcaGnfPzsc zoAdppTAK~%tu!dG_M{Ma_LE!K#sjY`Za-!f1X0S3WE@28fzz)fd`crN9rEo+Ja!Kp zT$5Av#TR3&(Jfe*?KZtU$QLy=s`l~4zg2e`q&keZ3yw437pV1r3$n%?^NWgxDn?!C zJU^1MNNWA7=>Drv|7#V>7U#}^GzVAd2(sLRZhrX|n;cP_rSl46%cBz@_jHENLDxsB zH-Xl(OwtDsg*{K_+Rk~JgrTk_>=9sl&SH$S;)Nxds{OUAvcFOPZL?jsW}7V898``9 z?Yvh@2*6V~Ev^igPE6P>cLBIKDp~R_X%w6Y)SBWry9?@A(Oei_ARNbPW^->n$WUD{ zo4LfbOj{M^w}sZX+@*4Z(;Q`+FY(jH!(uaJMi}ev&2*>XHjrbHDh>*m%7Jo&l8F9h zZ{_RI%@Dk;08S2?)o}r$v^$;A$5>O;md9#zbC!CEKdgMg7dHM27I_6ciN|%u z_V3($e_eUJQRWNPsd?6y zNqN%zQ|}h62hlo>#*7nTUUPCq)%$MDiLs4<$p-yzG{Rvx#QvqwPG6WyCnM85{prfO z8ZEb-fi7Ce(`gf$aLcQrPt(`%;R27FY$m$jY6qxTpD9-46?lV%R$&9t)qa89VaSHv z&8^W+KOkHCxVOK%>+g_JZ#eR|H-}rJy{#R8Z>!(i8}9XbT?3#uW?#MD?sr~qZ=-Zb zdH<`y|62$5tG~6^|Hm_b{U7(w4tziC{5S6W{y&|6{LOsJUbMe$s~Uf6RPO76gR9)` z#L~&Z3*!n|Q!w2K1Rngql~(oM;9r&YpZ=tg`|}jWJAZ?LJRk<|Fr~No`-j^7|LyEQ z=E7k^1JDBd&-Tt<$^Nsq`z8LzgFFu(|Kod;stGC9sR)!rN?o2X~*u?R{f;4yC;$K5WE6aVV!XlCDS3{ZR@IHs(I){qH7w4Xh@LcI1*}+ z21+CabOhnYC7R)B==hJN$6eT*hatulm^6}POiD*xuN30kbFPaCNk3bcU&|iSt;Rg3 z_|oKLepQ*j{lSX`KIK)Ht1B-T8J{S(@v3XM?Q*I5JF~h2XXdp&;*vu4T}@=}JIrj6 z!<%mqbiA%Xgksf}YuHmuP3fErUx7Nz zwp`62wDpRspZiN+jws!Z7~xQm`PUvaa&C90!3^yv#6keKxf4E53au@P*K+l__hD{< z-h0Pxid>&?+0pqmd6o{xNx25x^Wyb65_BAqU`8;>lHQztK%AF+haOHZM*~HQN`0dXrdvfs_+g^9Df%d!D>mP#+JfTwAe1r`9qdm@tL?J4M}74Jo?Gev zCOYVf&VRT2+r|8kTRYod&VL`|d3gQbQRaojQGj`%qtsTKp$)0ol3BRx%HYWN9$ z7=mi5Su;^quiP&Rim(5v%_uTM zRz=UL70avOrP;=#Z0ej64o(A(r87IP$i*$T-M1?uTDMDzdi6Y3M)l3jq-rQPhjXgf zSwxln+4<8dc5dn_%V(39uVLpcH*KZqs%$b%8(PdkG|w?0uPzzn!!21BAv&EV5;C}g z0;<$ce}b?u5!^fx6W=!%gyGt>-ZmCt7}yo2>mzPyk+{*EoXA z<{@J-VpoJC-I!r(#z1deAE&CM-oG0-1&w@ysQd=PpU&V;R%i_(c5lxKzH}nli4D8| z7aNF3-&^~EU6U)qH*`aEs?yTqiBYH&v7LBH57IV zG}afU4N!;jnW#f>&P@U-XH#OI$`oEh>9&gKl&V9BY(hEOR-$_S?n0D>laPc2JAUVM zq;o+e5d&#r$(|Mm93Xc9EfLHsZs*Hf6s$NBwVvpgMpty1#saP6Zo3el#VQ84wZ2+> z8gWP}?wV_Ob)GKGU|9yClx@DrzfcL~DHVx>*;lEH&8}3bjYab;#nf96QH?r^ zEXt|89A$yRA3v#`tk#}#;nqQQb9k}`i&g2I5i_^c28N9hk6TsSp;K!*7tGhaU3)0i zQr+~BI*B57YiHGgD)L0E7BbC|N%4e4f|yP7D5G9c$l6vS8l!+shmd_H?Y}mQGSI16 zneBGVy6g!Lo~*x08FZnXzkl>dMHqH_Pw!PEW!5A*wi_y21xf|F6gvmUI}3e*G*vGNLH zG^RHsMnX$T=65b9gcJ3bT;au>HpH9;C?hh=Mp)}H%g~f47nokIsi4EcJZQS*tWa%P zL;0Gs7{_eE<=RyeCYRJk0Bgwm{+uz%pc2RdqrYxO_zxTg=OS`CBsj`c@ zM|*E+cSjSHttgW_Dv|rkej~a5-u|H`DE`x((jaZi_kO9O{iEY`_&#`X@5K@-ezy$c`!3^$dw*F^$6a#A{lg`6e19p<58bN1oi`1%;QZJn z*Wcg&wzZlU+W~d7U}j8t-J{tr#38vWzpMgG)!F(A4C4$w1?1D`f8x&(jREPvM_`_l z(BxgE1gZ&jq{*qu!ki69gbv-wBSY`_gW#~I?o!Ot8+_;(3Xa-@=w8mEP{)JE%VjDGfUW1 zxzA=XQS*$9D5TovWimQgV_8- zq|sAFmJ-sNVj34OpcA)r>t($l(@J;P7*2&8Pa#lUg$P75F_qsEG{HBb5jSG?FH4k* zoxgqQ+kHo~yBbsBKmhxE&`|3Nvrs^2Z?TG4SJWvwq3Q^@P9#GUVy z!hd4h!=`zzi{Ytt{WTV~87(BBn_urLD$hFCWY%iZxwdZLUS-aa*I{21fPUycO)L*F zu?Q2a77p&6b>1in>G=XaT|B&@FO7~00)v;xhuZ96TQh3ho9-*)#{FW)$@Z&K6g9rZ zNuu*Kt-N5t%S&a;&iU$@VY)eyci~{uBo>b~1K`I}l#(o^Q@}}`7Y9^&!MEvnUm|*<($Vj;Bqn~LMA&B!D(UfNr_mN~IRSAJ= ze5xIlWL5SF@*uycm@Ng*@{MZgSm|bnQXGeDY6K_A$nHcQ`i`-P;MgVg^Mn9mU&as) zL&Rs(A&ajRTB__8BcC;C*tWZkU*EIR= z_>jawi;AHlyJo@3E{d7G=)l3O!iF7UPL2-|iGy^OWO_J=I{zEuRM)8zB3-#T2gV^l zNTw`TaV>fbi9x~A5HKFqjV*8jJ<4P7KP&iA=tXy`6f;9#th{n|Gy<$l0dn@=J{=)k zGe3yBfU6vC7cen5dSGkSea_XF#Zc3y<%U-ow1cynYKm)UU?wpa0LZ#9=LTUDJ-;Ti zxz%L)o)OM86@`MEPSXDLQxqR{5nV2O*Ma80R1$zr^tLmC=td3`fv%yQ$?IMGjrzXDA z<6@q*Vh6fiJAA+#o+!dJh4tU*A&EEb<%yMN-pc2UTPyx>bsipIW@?|+TES_qoAGWxAzt)b@| zTHa9Ff^?~e*KJYRN>v%+F3?^HH%ndR;37lnVg1q`%S|9d&vaJpnKen2q0#I0Uhfuk zcW6{}=$5W#qib`s>e@ECA2+4`G+{EJa6ciQBlLT_cI2gf+hY zKzx#qMiD7ZX!F`BHlQkQd3y#<>eFRgo4eXQ>u&#YgyoxASzpk3&QKV zPL;nq1m~sa!=*QcnFY93EMT&3d{aAr3(gVc>@VXNF2l9f5ZeYF?`|bp3E~(v%lv}s9q{o}p;p$%DE4g3wvHwnVE&Io zlA1#gd8TAekWAcFLedFNxZI@ifF%a4Q2oJW3P_yI%ekz<1wk$_NX@EI*u)3wJgqPgt9TrJroX+%v?cxQKxF{=SMH@AZ53LvVe~oV1#p^vsBUvmvUZAAz3fZfcwkh-j76<#1uzi$LxB)M zh1CtGd|rX#dEDm8O6$KoYupt6%h6u-{=dVg{olj<9(?_mV9qq=St_$IAw+0QvLXsb zd19L?0y1Y zu`fzU4Cv2do&G~dQ+aSJTzM({E~in5NPL5Ca4Lg-WV|t!FdPdzvLqDQi@Il~GtYSQ z7k5pGl;wAZHxLt_L==`5F8%>mM2qdOYOwVM94o%UoP1yT6xK$sd;w9p4tsOnNUgZP zr>Vp?k_VhV+Ns$e!=J@jXCsw{P~EJs#NjYZt?IG|7xvuTa1#?fEB{(*h*by|-eu7m z6?|j$px<@RA?lA}R3{fOgdhSuLNSXyRl1GJHHTJ}LbJ3|W+h(alDSN(1s28N!qBLDu0Q`bM8w#XDpjHC)ZN5&&&X;y6}YR#KSJKu5jN`cU+b) zQ2av%3w}@I5Ouxu*I&awKl?+@u7j?;{_^LO^LMB3{x(48Me9*WG7@AYMB8EyW?dEk z`SUYo|3Dm&x`NsB3F1!%j z+bw6Z?i_cQM}8M(bk{PFd*2|jtG42+4BJT2faD)3@l;Gc+bkw%ifL@As_rXTTX*EV zXhjCVWTN(UN(9|PJZ@@mwTXoH}_f5nZjSx;#dIM7o zb7vXFtB>?}N7x_wL7}E4zI5*oUYb7hs#k`a4Wb?4p}w@ED&c|O&;_-6qCcut6eXHd zeP^UBI>8*NJ=u`D?=(dmx7bg<93R&Ol6e7BGn^E{kcaBFlSdWQ!)&%?92O$I{B5#5HIR$D(`uKS;UWxaPzsn@i^f_o zkTNMlXD%78&3PyH6t}WoorYQmUEv#WlAmYjI*y)|v7g`u@-m7T#8~g>mr5Y=QsUBbp5NFywbMqBxydI3_Zt1vZv2v#K+8 zmXL((3E4VjI(BE0oVE}sw7(z+EmA@ zky|unxxUx4TYaau?+katJ+~L^*ns99(G8m;dnd>MGRo_*AnHO~)|ISmzZWkK%J;t? z@9#hD{~qM`<@SGXh2p&aZsWT@t&opq@24Buxbp+diuHDVx{mwV^VNuSsU4sGUXjCj zHd%SoSE5zF<-=((p&1FXJgtqQD>GyjFH_31N%PjRL`N*N;)8~5<2hql!`3miUUi*X zYv_pOSBIHfG;;NL;rENTuk*h@mxlmCMVgvZEm5WVNVml0UTWMHI|ZA!#!5##(Zw6y z9XlMjtpO%&MOg(eu%d8vJLH;!Ntm}wJk*?ZY}yH-C0!NrM%@tQgBQE`ppMS$)3wGz z&4Fmqm-U0HS^H|rw@||3t9uYr9Z&Nm_V41zX|n=u%$Ku4W1tP+D>!pB*&2GQIC5H& z*{~Z&H)4r?U(torL}g6}jwbua-8c4hy381JjJkVt-rVDGbDFTuII~xzWd>HmcN=!h ziSfHc&lYC(SJ|rt`wM#1o+ayg%znPA8*Y974~xfa9sf^%@93}`|9`xHc<|)^d5GT^ z^#2IOdHvo0PRaN`H}3>eTKRaKKz3`JJwcM~HGM&LRrll&s)~0xhmiVyBMu>#R)a%m zz8l9S(cs2e=u|2-s@bXZ*c?KyafXMOm%k6y-ydl*+=esYwe+FvY_wNL$l$1PGcJuxoNBc zwSt@GUR|Q|wj^I~*R1as)m?V~e$g-O;92ln-~R^}uFM4jSrq?ud{~bEI(qTq@X7!8 z5Wg?z|C?R>_m7)*{5kjke0jGYH1b{}zo3SDa`Tmixtx;^zTSw7&!)6u#FxX&%JE({ zm8WR0r)aP04j)GJzkyThOUHUSGv}l7Dt+NdFR6e}ab91>*R*iW+nlFqQw#rMo>$pn z0nxA9#{^Ai-P^1BmuhLO>s<9>$M+MWwJuDKzP4J&itjEqU(lOUEmkYp=52npc=NutW^8N-Vy4Q4>t0b3vO01pEwp>FTSE5K zeuSDT%Kb4%*vmQ;<|=2a9=Kok!u*y!CP%|+=5t5_8WMB)JQ0kE6;WLltoWR_=2ev~ z=fu}H96OirT$7o{MxK5*Z(W0{Jn9xTxJpQHJ|u?Q5UzQlvEo`UVWmmDaZ#Dy0@s`_ zZDJbkRIV*$)nlor)Rd6iwfIWi$zwYk++P1;zNW=1=yINj#q_L&P6|riW!h>sY*f&4 zC5r=Q>vzf;_IA76rxq{uKBOJDIdk^Yjdd(bc*CwLtBFf$%xX@nIfT~qT-lxVxZPLU z*-6V(OYDXv7}-$7OR2_Ha)Lo zGq8ST6{@fC9%d5TSY2%@an0SYSc_}hv$@&L7W9%cU76|vQX8J{?Ansmr@Y#|?N_WW zjcr<>G7Tz`l!m#j5A(_`>px!G|C^GKF1QG6(fwbCd&iadzk{dyzaHeb8UOD}4&Za4 zIro$PE0yxm_`Yjg>CC>*1MWaAwWC`XM6t8*tLg{j_u8gu*I<*o zz0t0269-my7S~6CRf7aW%5CT4Qlc_0#Kl6gi?$Yz!{rA~PV#KBe1DotjTRNpIXPR3 z%}3$QFUsYGgw}~9bfn$vK{ag`{OhWf-RHXOtoXB%w#|v1vr9Jnw%sYXvErrUsw12JThwGyvIG(#;lO$ zWxu(byX=)mPwMXSwY`MRwIkQUZiDS5Dp0p{uDEuTxt(u*&{0$M_K3CaQ2QbwR*(9( z_Ws{qs2aQg3-JaXBH<6j66&YOeM5jQX-j)q)wGMozY4vDs_zrxa#Iqd%p-UXI2jhU$u=&)}(x^Z9R z%Vt~Jv)neqXqmeAZvJRr+@{91bjw#1EF6;4nP-6Nx?s>v265Fkp&qQ%G3kWW79QtAxR;WhN`_?lpz=|Z+-Pg3Y|NRMx zrgR*$lq_juF0lXij*j+9_J9BA=*j+nklz+M!>Do+k-QGmiL#L=i-*pefFR3600QC?yfj=#5(Nisv{EJ6k9wV;SGPEu9J~ zjuic`9Ur}qqZwi`d?{E$2}w~zW8!!G*B2iz#PZbHLa#s{(NC`~P)JkW@y9gl!G9(D z9e?=GvcaR-^9Iw&=3dLc>=o@-ucGow@K$4e~7O;-}u=y>3sA5cDB$@ zIHfG-==Aj)-tm)^{YHYUx~?Z^N5 zo0HdX-}uvT={gqVe;x1bzbK9Wy%&2gp2q(}{I<|{G>h?+>e28c9j3zGcqKZ&(>X!E z{GCKo_whfr^(FaYP4M|dUXP!#ga*79$)X>X`fQ0ZJK(t#et#+E3|Tg4$!`T=iljg z8OCYG(%As9fDU@Sl#D6Q(wW!yLl#_<)TgXBl=aK%MU_x*z+%oK(h;pdrv4eq6JcnY zV!$3w=uf)(n||k-#^C^oEjS&&#YtyMGAztr!MWtSX3ryDaDS9Xkql;pBWeBBbS7;Z z)cre&B8GluX%u!P6F)L`Eo7T9lyibuo+6x>Kp`&7@FZnn4yO$N2VJH!^ow-&pi3P8 zGe;*yY4i$bIAY_Xqm^*{fK7WO&PbZ1l#`uZFl34ch=ddfu#xG{8oIJ`Pvgum)ak&| zA`PD;Wj8b=9AT{~+WCkkBuYri(d~o=6BOWBm|Sq&0ErbhBw`7Q$*s~NlnX;%>TpGC zcl6SRrZ~o9lKP#FtAtJkuulE*Lp~%pNq9l+T0QYYa?_KF9+D(tv#Bsfg>fv&!=G$~ zU_8B&^l6NODCZeTmBOE;1h)H}W`uV-9uoDXG06x=eSiPp&mB(^IPkyq_x>!u5&KXg zXuzKr2?;2U5RH>OLp+#}DTX&&=yZz5>WA_HVbSEpl*!Ua{Go01?sNneZxo3c{KUOcAp zU8j@b@glO4PKL)enZDmY_WNE)h7`wMf6q&g4?3MBkD@ac(O@C3Anef$VM+eXd}z+P zz_5CL65Zk%e=fF5h7TdL=ipM$p6|+2E3r=y#ZO1?Say~YPU7sj;1#WkeJS-HteG(%Y^9;uUQN)I1(AhF- zX=~h;Gx59nvL)o-(ED4+>V9PRL}v@hrYnwM-WB8OOw9T`BXK~Ak);lT7s^SWp33sV z=+(4*TL?mqoes}fipS(tggIZNn}3@yE*&lfgBkjXMfsGV3rPq8rCoG7(z@66y1U4( z<{d0m-L9H*L&^o89ECGjF6C@37Cjn|9ge$Rx6{EvKsbNPLb8b66DWzMEGz@7}& z?KddXQqPSUC}}1n5Hrs;nZe8t3xRkOTQ!T9G;U%-^3R5_Q=2DjX^I(Ew~)>37DC3C zC<^J&njgr_h*HQB8Y~#g#Z2|H*g)T^I8Ve$%qeV%VJrgnjcp>(7-7ZuF5+xTP)4VO z3j((|hCw+NUrWm_l>rF}p(!s*Lzou2cejd}yr*OZ&ppqpH(!-h zR<~Uditvy`YK6i{(*9G~h3^ymdrpiET=d4LPsk)zXm{@)Xn1@`;=rVAe*WBX8XYE4 z(PH2Cm79^oHv^NrthW_sCl?n#zdwI%ULfgP{61yVf%On6K|{dV$bBuzBCzrEXOLfK%RaUMv6e=ZJNOrkCiIhifT;%9 zyZ4uGF8u5+bM|Cw91!pAJ?s(jUVnu{;HP9OM(@}SnGQ*c`Uksce{X+pS8kzi_O&Y;-C~Yl3nI2hBN|ga zAz`t_AJc4-55f5%lvjC1w|IuLoO^8KWfS5luQ2#TC`VKL8%wo2N^JFHgdrCVRtAhY z*bgQ+9uqDdHqw_N-WQ$%HO63rkTEeSury&Q&ZH3=($R=Ow~PqR@>GxtLjq^7vZ)8s zf&waH94eC+d>W=I)dEB_PNI?6RN*vKc7+kyoA*EZYF7Svf-}SWElCNY%B4fpv2R%p z|EJUO&{;}uz?-ffaw!kW?FQ$ZpexrRxkB4&)&MySXK2W>iTr3E+IOIZZxIq*E1h-F zewXHcm8SHrAQnfn9UuMjcaoC%{!Z=Z6gq$tsv70Nw7vt|-T=o!sX{bmAfsZli-#CDABlQ-np+q%N|U=ru|E z`qaqT1$ulUwhZy}42{Iph2t5boacnMuTt9RY8)v=zn**gSA2=E15sGMh z4c^oL(sheEecOqhKM#6;g=I|zUv{hr&Ho*+WcHt889PMZr3{Awo5}#AjHFZ4)z7-J zhoEEiGYIPxecofKnB)=9hn$8KrxXB(RCOWB<4}dfpCmY#5Y5Og(%DP<{vO&E1-j~0 zcjrGlLi?t828t}^Z_px`Ajn-n5|}^&HccWbH{p8mQ6&7%|0n`%m|>VRL}T@8sY)T7 zbvhu_L9cgvd+TFh(P!zn7s(>L_v7iSH}5VWMD?$o&WAW6oEOXOaHfw&#GD`DTO_8U zaZ2P8L1T2A(hN?mIU8lSI3=Bs@+_spJafdOd7>QI1;orAqwdKCI=$$k?@lgGFLpaW zpI-j`{fA5R^U3-7$-B$bHy7yrIePW}-RslK)A#Q#(EIPv$-DnSKb*dMy^9EyPQg1k zofQnyDHsQS=YkNYa_uaWZe1Fn2*=|bj|m#H8cf<#M&faoCCIlxAv9tu)7f zw8zy?zYYIdod2uP%3iVRFImTe_@Di~ekK0r@bKyU|3Q8@j+vSV1|5U~oRKk{m*^`( zJ4hZ4@d5gyV>`!`TBr>ml(9}4AiO!2@vjfqJxvf{3)AU3R)-o>Kh!JF#Hl7_o%Jh_gHm$S!b{$26OH>KvVf=;FVB zMEV+N#7TMs3kA-ER&aDnLn5tvvD)L5<;qKc%hD)BVJWlQa+_qD*}fOwfp?Q|@;rOo*^1HlafU(aO5013ld9VBj9@w*k`I!UO-VK(Iqys{jfD+EQmfCM z>>7mfG%8rNTnt(lRbRWqP4*TLUHEA)O9|--R?5S%V|1i{>>v4iPYeFP>2K-vKVrf4 zl65SK|2;S?$N%*YkM^F{|A+Y9&*EgQK>ct1y-rBSgl7Z9CwTwpcrZHr_Ai*cIQYvU zJ|qDd?jMeZFZTBTve!TS_8>TZfsclVqtWPi?`YKjOL#=~j}DK>0X}~5;#<<+|8}oq za#jYYD|W)(-hsDwblE=~92^af4*kP#_xlHX$NT$#-s=zc_PS5gThnie@o$~-Emz0f z@!x;Zf3de;9{(@)pW^=?=;e#^v z%`I^T4#iy*GdRtFR4yr7A`g5c!%Ei|f z6{|!Vgl{mF?*H*zW>pB`xtalYt1)vp4xLz?&eoO`5fIV1o(`3gfFMHCgtIk#Ygg%h zZo)IwX&aoiA>S z!r6$WQ?9EC>@Q^$$3lAV6B6?Y9c8LG{14L)btp(h=uTC>DenXM3liih&1SFUAv`(} z4|NWu^G1z4u3e;7P*KLv6kmhlPfg1r<#aV%qm=M0r9nnQ?`9ueym~c2DVeexg3>%b z;U73jcjZ6-ma;qn4If$mj?}TR7N#C-6wY?oEeXvj@9AsqqcaFwigfJ20O34iXd5Sq z*huPDWHS0I&0}z0st{?heR zubJ4Z>cDARKw1MrC?P01pA2*Xu|2_&O&NOUr0{a-{<0ijq768Nr2EkYV05Ab>t%$yj6>xzO9cv;)321s6ID0h9-Ej&=wXXAtbSr;mGR;s#p9Uq zj0Q4vS{>3COM&>jD5N8?3$ERF1_P~u{I-y8lCmLDCfbk`Gpvr%Re?jMfSMaZ0y8bl zvL?h?hSJYrNE3Ud{x@UATqBq%daS1H#nLXm9VnkLj|fTT)rr$FMYAX zL}QxSh8HL44GqY5G!~|7fjajpB{(xc2||-qNi>v2(e|6WgrpSC)+3=8=-k$8Ra})8 zx~-mgDx)fuL(Q#!Q0)zSebXZ;Xj2 z-Zn{`3)wZh!d~Dc+pXC|Wq4evzQ}heu^?Wc1m4tsq&Fct3rcpdx6Cd?34jdqu^~f8 zGS3DQfmGxTL^Hbv9J|UqeAL-esF`EghTskdG#gNM|(;?(e=J0s{)0e?}F=3uN?b;@7hr&=u zSm>E%_CzCOySyZ&H#j3k%X(^~sgh3QU&$)_%%rl#6dJH@8r#+uI?Yg)r!hz0om~7~ z2jILrd3!4Ld@Sa6B{n&GDu$eFvtrCR*ZArY>pa}PlDLQwi^&yYDY~*Q4Y&e}!Y)5R zMR8G&rg@TQ6B1`Sd)J-&aW2!LEWYw=;-`#d2J_bZL&vCGiPu+<$Ks{Vr;~2W8F^4?9;fs$G{+ zW0$podBD=S?J$ySYKsxcQlk7~jh{c1OZiS8cqOY4G|1>xNHR<#j<&BV)85rCx^k4z zJgDL3%IuP;lA+k-Bs91tA<7dO>ndY~B@Dcb_EaoQFxVbSWI8R9qbnWM;LLJ@5A&kt z4$mv7+Y~X6&8E$fQN0|&D`!+kdc0KHA~PmN^}-Kbh4Xpc?odxty3F@9A{@PCd7O!< z3C<~S1m-3{`anE1!C{dlN#YxtvUn=fSW*h<%+{>pP;O*F&WbJ{GdRLKg{%UhN_rai-Diu8LuOCC1^Ey}~<{*tS5O z@l?|^V?+ra2B>!<%wCm2YK{m&*>u4irkaL=#Y~8-*{GSWJ7I|peGQAQ<4f$i!{G&l zK5_J#!fqC)(yE1bNXA9+j%DYEPB~RT<;|pdjBtivAwomZR9kXeTW*!`1c}vFJpL$2 z`Ft`!f5Y9}5p&ysse(FVGW^I$P zez=RKn8Q9eA~+QP>-)a(JV~2D6|JpIdz_4~TOVPVmC1OxYT9iIZSx(poy&{_nYRMd zkD4IlCT*wep)&i95>Mcfn!^yh-xxRG!D?b9q9YQ_f{6T`v1@MZs<}013{HBcI3wnC zRvHpRGGZx#2>ek-Qn3?Bvpmt9xRrt4*NR6F7i++UbZ(slf%xl^U6WWX4(bh3uTTc> zXp9nOY`l47>Q(|>{es6&@RTPSu`Ry{+~ZZwBZO4_f?-3`PD2{K2nj0tv33$|~xp z+}MZ)H2bKAE&n)T=|=#0$nZ3QGGY!3Y5KCqlB^P~DGG>*4hodFPvV8VN-)aDH2&B` zr6=F3TL;tZrH!93PY)El0B6B9$?8dG(?rQ#l#*CP)1;A;Of`Cn?>?$y;*SXi^8Mqt zQXVu8JsgH9;r!({l4%-3e=J}j^b;ztS&i7(BWcPSxQN)8>rWy!hEIYCPH~Wt)Z--c zWW@8!50~G|XmSWo2E9;k@@(|&M;VP4eGI6SQ^amR{+^R`_Az4PmwSqpc&r|Zet+4A z>}1fNAfhDB{!#Rc8azu&Txpl*w4q?WrFtl(mWXH@;A+WUt4(F6eq?GF#EHT zp)+?jQSPL7?=Rl~_EL;!_FUP<6M~*Qg`XETiZGzn4z0W$GMrU*M7j+!0r?_JaYn{7 zKbs}RdZ{fLp5aWa&Vm!JN&b)(=j;Cs&*6zpQ)5O5& z2bYo?85bj=@zkE;oJA3h#~v4Fmt?b$ zl31F`#--KZ_RDSy*(I6_UbqSC*lpB>goSoI!bvD06LBOA5hpIeG|SQwIM7~BA=r&D zCdh4184_~kQzz0rt3qQkxGXjrT?q?SM8g~Kf2)9o2Vq;*WpiwWKQxJbB+p{u03@s9 z5n)wC=DcT)W9!Noo2roBRQu>e#X9MzrYp`ynRL8Quy&xdZ@LPG5RE1`a!1<3oYQd( zR$t6Q(%Yi3nBv9Xnja5~H8akrd17~{)A;$?nb9_)vMah5d7Xbzc~zt^fNWsNT6wk+ zRg{(IJ{lqZTj5qbEV0^g!w$_hx>B-!Evjn{Oy3*q;L@_7Abnc#d`)KcEW@k-z;F=% zm<5w|{OYPzv?}}?K(xAUkCA=i;eUdK-?f_{%P!FZ1)Vgf5e2vsw4l&i^K>vx5 zhh#hY)kphwt90izxg@lH=(aV^{7CAtiIHhPC>(37Ivf^^WF*~NmDz8%et<(3V%>16 zxae)4eRn-10$`1b?TnMd?B789$?Y` zh$Tu!qTL&?%i7q;Ec6P{YY!rbtX)P8-;M3gSi&MUo?Rpapu1P(_k&nq^dG*<=s#IZ ziZ8^}^daUrqkIHMTLbi(y<^#hQnO<0G;!24l9H4%h=(_ExM%8#l_+wbbAb@LX2MHS zLZ*o`9aI=>)T&BEaW#s#d891EeM2m<-Z|FA6BqWSRr?tWP4)*;=!~0)tI{+*MYFfX zNe1CDF+|_Kgnl2BU5?fgo3Ek zfs8Gw^BE7ahy%rIA=C(|m;+v*?IKwU!QNtogL;2P9rZj(A|eBMp%uK$x(q3U1}rNP zB>#K*+MLb6nT9aO0pglJw<@wG<#NJ{bY44H)Z$5v+y_VoKS~Fol$@GJ5URG-yi%kF zsK2+@uh;zIi0e`4zxj0jIZD%5Slqf-cH`QT=j2Bk=XWxglcQgxmt;52C9dH=K)Ej7 zKq15ub0f%#tueV_2>xR!T4VcGsGvcYH(A9y7N0Ygfp{wPo{KT5R8D8y*i+^%C+AuSGS!% z=Z7gv(2tY@^s19tC(jne`(#-ua}oq>nw+If%%;+jvao6DBb3OmDrc!J=U{ih50Dt? z^0Fg6G|ilfto+RZ+AE$YHMXc0`c@ovqefk@%hdOnUBZ^S&WjadAD~~lCqMq!RcnPK zQ(aDZh?J40g6tl{tmc_K?1f}KYh{u2e^XV>% za5^Tt=uZ9bzWm3I>X+gO5z$eVO&z1RUHit$Ad-=&=JKo^)%>?5K;IVVQZ-@OmHYlb z8aDhaiMD?19~Hs1j(`WKD@4<<(v6l{#e1P_gzh#{RbkyH}OZ8*PbNQ=->R0`}{X_Mc zExW?y_DUP6I%za%_OTUv%jYPfHzX#U@4_@JMwW)6fKV!xuDJiu$(xie9uvQ@O+E&iCsRP_IA65-he30NF*bSj^rP&^c?3Ot3J%B5&0B&D!1 zg744ZuQkYt<%{K+rgtg-T!Y{U(D1!lDp;FCU=HJXxM7&*5&Ng6M^Ou!tyN zaum->wo73O)O6SY_4lP|;z)deV6s8T72E*Hr{&g*F{ZYhZVQZ0ZQc;mDlNy$7aJ}O zF_-fD+Tr57Z1MSW17=z33x~|I1X~Q6Wl6RiHp`N2IdH0EA<)%&*ktxEHFEZ9M^3+C z8L6a+LT&4xzk5Ojf@OxjaGa0y3Lxe4h=!iPu-6S1)udQL*MoBh8C z0{eZ)A?77!NYad0mIADpHYb(oV zw*?ae)b+e6z7r;1OoB{Cm-CnXy}dmIZ$7FwqE#>ZM@L=VXopDs4jGEPiEnps(nub2Oi*{|v=#^2;AOGxhwreHCFkUDijb01kP>;MU<;i9ZqrY0;EV_Vtx6KXI7QH-HT*#Y>46+>nYe7|U9!0w-W|it-tw59)0g@0N7)%&5 zNB??#G_{k|M`(MT?2EB+^7F;6LRCpa#NvX|-+p+rD_*1j4QQ4Z84j*@oDQqvnl9=! z6-W4E5l#qqTmSURrW@G-@{1_ic?gTuAb?S4ePh>)E2#tvD>rvrx2ar~Mo`?Tx1gdA zlDyJY*)7Hc{b%*axn>;De>$ly#SPpos?Z^!CN|UrFWd81Ws%UN_4ihUFMR!@b?>rr zMZ@*W)0u~p#Nl>P^e3!pvQ}OP86}s>NFA_RrkPrQ^hI%%9B~$I7g@)4E%S{FSqSoa zSK&u}*d}wihBx_jBZFca{Hj0+JPAXa0rA!b5p3eYm5fWXIo6eiB*4{5)$`@+)dY(g z%jI=ewUx`Szm;#A%nbF~%|FmoE$COh!^(=>Gb?N0l?=5#Ju``lyb8Kpt}?NbTU*p@ zvY%DiGFY&i^W3Uxu~7>6QkAQ3DwWH}1N4{v-r)jK$1Egg%e5U65(E#LbbDj8CWBo) z>urh7gCKN^H2jZYao`HKaTU~U3$!A%X;o2JDUPb$Ja189#Blf>j&K~*)>?WEfQ*GA zBg)a$k5-YZ&B_t|DshYfhrbr>C3lkKWr{~58mM?nwK0%6%<3vBbb2O_ z&eIzmGo+i=B8(muZBO0LXd^oHB=DH08FAYN0Eob=f_IZFd6FfMCawWq(-t$CEYa~7 zK>b|afP5me)#V)q!t~d11CT9JRuHWYlp|XabmeOa%A6<#5z9k^{_2frN^Wr!^|mzb zyQj#ESPJsg;`9`Ib@@b10&p^n`g^|o|9idt!zRUZzSc3Jb5$_KFgqys2+XF!wjg&2 z;{|1=d3YTh}=W%NWoobuYWr*}}{GIZQrL!ODlx8I!1!KCH;zrLC<}O5o z4Sb=J#V(5E$+{}woUjgJOpcfNAY)BsxPI;ejhV+)s4?@(1sgMucM*^94XHyJGi4g; zQhvr);I?~b1X-Le>6$Hvqz!8cAC}KS3-YT0nH7@TERvB{JXI8MY0MM+V z_WOb~v&8geK+OsUzE)T>dj#Awu$fcUJZLjVi=M#EmIgN~A(k!Z;xCU`w&%nDlgvLM zm#vCirquAu!;uvVw>ltM!yNFSkYq(W=7EwGmd6t;nPsl6159>NC(`yy=Y2wx6)jv1 zoUG86#{f^}v}O@N**&t}8lubaMGRuJc7X&IR>1rcXSxI0E!OGT`+E)Nq zR?I<<9I(vVjxT^L<8zx-16sCbN23L>Wpg>Vfy+vaFMuwa!*!jHetqz=x$P*ym(@09 zE`ZsR&Dk`BS+)9l5Hojm_&0|!b2VZiklChWw=pQQg8w#PX7|(eE5n)D%&&`xwV-KF zm{^N3u`DZO8C0zMQL6QEv8*jldt|IS)A=E=u_`=&2Cn)Y(D+f!Oq&q-{?hu5lczb}G3o7ciR z(6bg*Y!>#cMTLuj&uUt^QY8z(&o)(!4S-fdb14Y47Il_D&|22m0E5<|zPUhXEo*ND zh1N#i_Xmd7qV~1n&{_@0CqT5v1Bh0y-cOKd|CW$wcF57A21To3)WD)Oy!%Rl(dt_B z1dX-^G+IrZ*4GA(X8AN$fk$ijd_w?f4b)eMNNXUt4oF%9$#r4U8pu8Yr9B#;G&`De zC8)F}0-FL$YofmfTv`*!wE)wah^`Hp)qQPS!bC`L#$OZ0T+R+IXUigz|`uwx(~RqhMMXC$E=g`C&;lc4>?xfbL)YQ)zhql z9h;{NYXFZmFi-gX*8kEf9xDJ-A;AOMGWYucxpvmUe zz79B9WA!C?vUUut08mzCpb4UEE(?zqq^#P$Dookjmel~2A>tRXG8SN&g>@st3+7;% zRrzW_Gb@<;>ha8~ZT`1KG@IZ3D`1)xYVw3?wh+~wm&FTOZqO zp;W(0bTcAe>ba15g``Gnb9!QO-)qNHE3o3Ckl0Gs84Cc`MGyo)2nP zVrm6gvpTlaL^H*qgKp-qH6O~%KG%C3U}opvoxEzoFMIu+Y`lxu)Y)L1g`R4#B;AwH zXm)L7d^G!=tMoD)Q7g9C=av|E;rw*&OQ%q8<(F)%u7b%XKMczP($js+GH|%zI8;T2 zMIvh1MHoEu;%^Cm11C(z#ikB&{81i7P)>*YX_n*q6fTEdd!;;Sz|1HicWLs~b+fsa zdGKH-`lT_+umcfR%=hUHBw{#)3^y&H!?w22Ig1GT4h!4l1T3#MnhM!;J)CC~mePO9 zDL5VC08~-@!&N}>M62D;6CyMDnC@NC(K#n_P!&;;EETFy);7bp8H?&r;EbeG%H^o9 zj?B}Nx1=aB5U-_2$09L6GG_?n%x(eLE)G?ymeS*@BM-!#Fe-zHi|BQo?4;7_M=6_X zbV55m9;qhzg6k?vjz}x7%ZCxJe@J0WPUOyDnMQ5%ol?85Dh<0b?yYhh+&qTi5ZX`4 znDQ*0pTh|RttqvvHesB?(TH8~+53yr z%lE449^)RLkSJP)2TfLS!LMo3$V7(6ttpGL+jKh3GdXSJvAm*fd51G6WBb=t#fT94Ufl3~c-wYHHpEC7a zYsLWS$OElk()WnR1JvL5LNcT{_WJu?+LwMm*#*WgQpjY0PDk%p27&6a@u1bXvNgYA zlmoA4R-?DM`Ue2zf}Ir091p!xtImh!Cpa*h)io^|(GU;V@sgC@U`RcY((9RRei4HJ ze_Orf?Cz(tbM@&DWF`v;o5Qv;?N7^Y@2YY<@?48K44a&b1!ca{+>3dwddk75=3qD= z%<6QYX6pjTiRdh4Q(>Rw9Q;>lM$%GYeJ0@aiF#;k5Qq^(7!G{A0E6(#bX(XAnrvH3 z;f-c_jzLhS*}@EvsFI#$yr!PIMc=JREZ?QimR`|aifUml5q+5D+U3Mrq)Xg1t;N;v zzt9R?>e^x<-t+rMe&1e|v@JK)>HbYclavL7^N8}SbwPhhV?cDC|Aj<;P6mn*H7%#Rtl%RYi_wdD7!d?TdZ`ny|97d2``Bl1y} zZc&iNJcDfc`DJMwk~_*;R1Y26zGTFL>jmXhP^_4$KY}ajmW+4{%{eJ}p{t=XP7C`+5D!bVuC&|3;$X<>aObfs3cHDD_(tZOc^QmdL<;VLbb@%^DH zEv$QOOr;isZbOJlCHK;Nd?n==Drb#o|4|9INIfpVi{8Dt{CIxybN3&`%O*4=L%BWT zQxOSK56;wpDXLQ%D2s%^$`KBOe>Zz{*I8#q>Ex4I_l52y_)RX;spl0f!I+~z877Uyc zEXCs*IV(frG!WPrAWj4Qb>MIsNUjHl(?E26D4YhuUl9<_(xb?-pmluaTNcxdEjVon zSV|bT4qZG6$j{6PwFmEjrhxJz&fQDNcm_ruW_o_`q=V zzF-JdZ~^MV%NuwyhlUW3EB__4K`h}>FtGvVfjSpXo3Cp!v>Gb>jSV4<7+tC(OC4q? zuNh*oI$ci3qzHD+7=(jj8K?Lg8>*n+*gm4O8Pm12=L>SuZg7N7^*?Z?^I}vVsA&2j zk=^6Q(d+MpX7hGcN-BDO(8t`+eDzH33nUj19SUEF{s61FE{D(|YBM8;ko&f+a8d%j z1F0qF^51fW0(S^bk_c|G;9!q(ePgm#;@acrR>Msj^N=z2ngu!F@XI@c66#OGEybB! zo9vcaEZ1aAHMCPcKDS!?)_&5W%`_epUP>x_xJFm_Z{PF@i&?6`AMAevVucD2mY+W7 z`hF-D!%eg*u|npt$$={i*sNJJmztm~ECXk{G|!!?7Q;TtO=1=Dsiq^gtY_u4B-5^X zxP;+%u^T1IG%b2= zDYNL&5xNo{Kf^o9QOIuN=PoPxRG!9G zsH)=5dMJbr%YhyJ`A(*>>dUF@u+H_8V%0y*EmDvM6x+4A;iAr~^0v`VMsqnfKBr3P zXe9^DtpPlsZ&aE+*rJN!l!YWRE4=b~Pe`m0pJ1lgMJ$d~Mx#mJ4p^F!Ak#_6(w>D8 z1#pI{eho3CCIXoo{sWl>5yRIKFbcfMJR@Lmv)GsQ%XBwW5(o=g3HTm0pq|Vm!tqRF z9c)+l3x$CaOM!~&m9w>@4n4F`mJ{KdF#rp|jjO6*;PF?j6%3`2J;g@y)L+chIErj; zcs(PM^g?#PQF0nfK7N6C%6|Y*jr5>U^+rxUO8Sm6b!=N&;{Ymx)*Xfh{KcG<$!7!9 z-#<7ko{NsC6bmmbTfw|R>T*N}V##?cOQb9!13@^>NE|Lr`^{aF5+`%4Tmjr2D{85G zjgU5s2Iw@dFHzj=TJuuW;4rTPO|+29K_oRD{AR=b`)1Yd&Dc}tw(8tBZTeRA-n)yp zg`A3zC-t`hF%$EOoMk(+af$s8+Q_%0z0Y9p3)O zTEAPChM)$2mVNabXR-IwMZiL$cRm{0Ru=G8#GNSEvW~sIy}jeZL-^mly}i=^_V*87 z9Q{ZC@ObaV;lbg4|KLCN_7D0m_WuLzt=F`6zno_{{g1u1>nb439%}9{tDKSs2 z?|GKecnsgm=QNApg|J>n6(<~GJBF|6B1{Nn!694&vcE<;Caeec7{0@W7B!lEW3L72||!R0F<1v zHT={G^0l=K#ljv7*%bBnJTW!kAR{TlQ8K}CJ|!s)kmO42+!X*r*UI> zVx}WQYhE)P+ z##uuzm})Ns$))6xk~oBEvdbeHmWHNe6P~}NLInM$xA?9LQN#`JKg2W>b^MK1={Jl- zv|xEa_E5CCq^C8fRQhwL>90lO)nx80HDWKS_ZGApvo-Q)l7nf#HNlqK|M|fugX)b9 zPt(EEbYQ>#s;7erf=Zidp=s>Z>-AinZX7>lT?WXf0<3hCA#m+0Ne+cyLB=@ar_i9Ywii}U$&N51{(&H2UY`*(JMpM+__ zVo~Pg?5wWDNs?HFI^TSwQKJCTCWC;7+X>a+!QvZ4IT{i%?Sv$W*o=hen{PUuPoF$Q zN67z4otBM#YB^vf-nXC{nk-%Xka5RNP;XvW0J`do>xS|2}MyMZGI6I_xUsOB7~E~ccX`Nn9|GgXTZ*hPCt+_Br}$q zoXn66^RdI4&6#-ElB6Pd%1oCd^coH`6eQvvdYHx;~%GFPi4DFW3{xK_V`tbx9Mb z=4W|C4Y$gPK>}&25)s9M!!~+d?akYJ>riEzaNv^!6Nb(-jL4@?g_>)qZsm3}klkJ6 zqtBoHCXRf56TnNQ{_1{_*9;)3h6rP?rEA=MzlvwVB~jG()O7; zZi}uQ)6nLN0xG4h)disaeYSi44OR0?>9&(Nl;bp<(wOp08m>V~LYcKH`}u=9BOAc6 zWd|YSLm!}L+qU{C7{6B9_vw=XaCbzf;N+ypkjIcPe1yUIvik|pdwf;c6Wn!p2rBw=(Y*YV0sF0tkYAlivCkWznGlT zJa+nBP3q9*QkScnfsp5=Q{;JBHbWj2e-W5;UOsj)Xs5W&%-K!}4trt&B|E0kQk}fXLyT|aZn?PNc9kv~W z4$6(MUW^3I_gEawTDE@U%St0|Od0Mg6WvU9iVQc_x>UF>+FrO6?6_uo z!Cd)EdBeJ|w63VrC(|UG+4}^iDP6P;CVyjFYZ$PmkAYge zET!W~hJJc`i&L_TPUFDuT%5iBzuu2DATcN2DXh~YO40#3IXijv_cz|Yzt{PuCrzc^ zH|T~=2e59BXhgDELS9aVaDxdMAYIH;x3teQ?z|PYOrm^}(l{HT?w`2#C*E$lEbrVP zNBj?zrFk5n;{*67onGXl5xqlQuiy=K(_X_wRyEP>iLm_dTB+0-ect-*EXcNRX~Aai zo6b4O@>H35aOhEFlEFeN$V#24Yn9qzNYWLt!CS5ishJ=CI%g~^8yH=Q{9HVifA64{ zeCu~3*O=cl**qYw{jKM#BC(tlrfa6Q&|^nXGyf^JKLtTXJBhe6kmF(E%xL%$Cs>KV*Il+K?RoItXuQPbCjaV{ie+Jz$amF0 zx~+&b3eOs^GCg97lOhXNuOK?O(?t?!6s7J+L$Ohsx+J-yJfrdWmEoai@*G`k{=7~d zYsqa&3$-BAoQMWuOPn$;!9twTf&T8DlWP5MAy)X@wAB$Tj>C#{oL)oQ_U^e+fIG+% z7&NMObU(0S6-Lrx)hf!as9f_1tgc?QKEp?%V3v3nsMvNZ^S{ozouiC%1indiRBlGl zMU#tCI6LQx$G8{m4!4vJyiuBaW#j0g3l*;JW8*85-#W@RU*Vcp9fx3heN%F4qioGG zl!Y&p-^_D;dfP0WD~v@xzd2gcY(21PLL&n31=`JpXbhpg&lm-tjk(%M@LKpCY_`kjVO8)=hQUBn{|N9U>p;(*o0DB6q zN6%28B(EW~NT|2xd38ROg)wTCV;k!f=}QamU*NaW_*c*<@=nghQ^11pe{}rfxHSHc z4i2B0jK7a09(>NTIP?m5)RjBa54Y^QrgmcYK2~o^^syv)il3}s@ z4muJPv7TaG5LL%PQEZI7GG)Y9f1uxUmJ#{20nMyA5>h~Y(v%Vl{x*`+oZMhYIG@7H zCcjb;L)HX{YT|!Ol9!*_H=N2SVGC)nZLlz^jTWv}(1JlVVe^CpqGw9zRLB9ldN2VV zOaA0Eb~#J*oje{=@M7w(H~NpcN?r$UCxbZ+V3;8G$%sS+@1T9D zpA2}jJPb9TI^LW)A4^!Zf=o%X^slXkS>-mOWc@=_@5O0`sq8CZ@^o*0^M94!TJygfLFP3r2Mg!_ z7yIt~f6(81(SMr%AL6&+`QMHVa$@-0AdLF(zLgh*b;JLj)`~~4RD_+0$O(Yn}h~sn8r9n$q~>2Ga--{os51Nv*%R{ zyQxBa_aVlmDxGJ|mDYS(srFgILe=Fp`N4(QrzC}p8e8h%a&;0-O!bCnt#a8pus%|D z4`1mZu7v~GYT|+uxYm086#KF1-&*TG&u~UYdBn-wK(P7i|Iz;8Q91tO`0(gy{eO_( zrq=&umUdfh8rJs5Z(mQz4P5{Gcgi!C&VHm*T7O_%SMX^8U2g$3 zw~@YEejqhiOL-FFj9g?X&d7Ksi@MLG95VJlcv{V>D}6pspO88BR-(2h22^*Os&&M- z^udJwKA4c;n&;D=<8^jKw+;R$^vu6h?D^kePR?*PLEVP4vhEHAbS94;x-!Sy@i~-K~g_9k7 z$*xIUJGIUGpfRjPe>`D4JBcXf#OiYE;d)@8b+s(+`lk38E7!`PBL))^<`GE&y2^z5 zI8O~3=P`(KyBV5sG2xwRNI`}3YKr!t2?(s3%k3}hJv@R-t7n$>s3)80H$%T=rdNS*Ik!mO zC-*T6No&?c;YGaL1SR9XD2Te(WY((mHJKHrQ;YJlXj2QDCW|`4I#j7BY(L%1ka6l+ zeXc8$%~(Xz^3rTQ+zj(}Et})L^>p0w!}c;uSj5J&izFpDe8pm(rI^NtDIvR`s=Ldz!}?ost?B%5Um7h2_s% zHGIWNTUOSl$60tmf*fQhwWu1M%-sU@>MYh9oKf(l%#=!(DBGxs=Fwt?Hf!aH)u6a^ z2W{6uhRhL4GdfbagdtX3cBIQ#`#6`K%IB_@X1p$z(k_CfE&7Ta_#g<^G1zPD=1}~| z*)&9d{)yt?{~DmyjIsnJHQ9L71GH1_U!I3-9Go=`%J}C(V^38#mW;Sp;Lxopc~BKG zE$+-nUH78N^2vW&zm6DDEdVI%nMA_6zHQhRA;!E9(KS`6XkbkF&T;;)}x?265 zvm@Lw-0w8|P!otlKP#SUs_zv7+VtzwA#rD}Pkv(TGBf-5+iI4O8EToukl?DAalJaZ zcz5{rCirHH4>Q$&X3PZceJp}+r+lpK(q!pHdPAALO6D>(W@zDRS2+Vy{`{14qqLfm+w*v+HsPd zYUF8t<}><5aY;dwH~qAhg6WE0L1m;q(ta&dPUrz#aed;_UF#4{r{CJTF1~0?jtneS3*{ z>V%KKU>dy-a~>K+^F6;fJiGXC`stU$lZ#Jh#}{WO#|c5=(A zoW}W^3hInb^`Mo#r#Q$ns5_zMi> z_8>=ZD?jT1wOQdif9z|(>*#GB8C~j$WmhuQ-7dbRMaz}bR8(p4ITrU@x^1~1 zGa+w~ZA6-hKm4ps*p4f+P-L9KXft(`^D=W1aH(^3NKZK%WH^wpzO2YNksomdD!x6> z5>r@iC2T_TUY{a0F_UH<-54`=)o~}E6ECu4%M0!mP{rK>D!gAng?9|H80Pv3Pd~qG zKmJmv+#PiP%%;khg$~ijkElCDW$i#_l8w=Czx@}A#v~}{B{z%5TP}`J`*C@f?M^{I zLt5}7oB-@iXkZc&$0;k@kH6T%rdHU*)S^9f=oJZw5Cw<8w?D1&6r{&o!7)h9wD=qp zET-@v`02TAPQo{H63z(rXvtCFsc)-13z<<@a2V2aEj|rJ>nS`AJTtw`d3b2&q3$86 zbL(C9!lCw6_vUK2Ku;>k1XlRDOutsdCKVf`0%|IAa+d@VpM{JDQCAJ(G%-dOXnN_e zMR^S+oBpS4F;Jmm{zbMd*{G*tF_rCP!Pn{~+MY+n2D_~~Ih0Gy^2VxUr_E`$YGc7` zV$)r*Q$o|O%QmlUJRF7)cWLE=R;*Euc^m8W*(kfisWIjET(?z*gr6+}dTR!v)F8`P ziM}+5VyjPxs$z9q;j@xSV%orWCDpR24@)k*?)~v$nK!l7-iqIk8)zv%d0p~3WIQ5# za}%8{%iKh-r`yu~@Zh;!zuZN&qSa_b%W6Y8P3Y~f=l}Q3>rco3Jbiz5aeNjxf0UPyH4)#1wgm~#Q7yDx-q9X6(6618zi}8hcsr0b!H5oWQ$p2k4z(MVB z>wpmHJVG%al+5;!kK(DR>Tr-(WWCR^Q&efcuN65St;~FHhFgKXudu78_6@ntA4!y@ z!J!iHih-%3@8`eOp{HijD>3mDcXls9P#-P}c;@FDH}=QRb#d!n_$4FWg75vxwZZ$Z zJC{g^3nFDsMY5=Ow)KMI$NZrdm*eNFY4IH*^@xjC|5z;UccEuu3d0MYI}{-{{Pvpi z1C^vGwcOR(vr27Qu?s@_IL;6Ilu6a?)Z4@r*ct2D80W1kudAfz^S1VqZiBMaqbiD0 zq!*ZIT#Kk=G$NB+E|P9t9Sy~txK7<}4KLArk0sTXapBCbaGqCP!9wRZS&G!$8=J395S~raob4E9@?d`*Ofmdry{Y$XHDL38Wm2J z8u72{1cI{{Seim>Cu7&C8wac6oZAq<#gWEV7iw_cp!F7>BVu-#FQn6kOPxE#Sn_6v z!r3H^)3EL;Lqw@PJVR9zEhwcL{V^pXtB8n*abwc2ylAEWE__f>5Q|fH>9{@?N#r1_ zv&t<&?UBz0*iR~{zdJS9Mry*jz&=(a#g#CU!qI94VESTZjY)0b*N)b@`m$X7-z#?o z@&BJc-_7NJf3dU4|8ghg%PqwJjnlU1=!TmJzBa?nMJX-UuyusN6ceW415-bLGCJtCnw6S$jbs9MEAZxNGLe$_W&9u*3|M z1+#D->eFgu?CR00>2zv!*0pTWW2!i7cX{+*J(JM7rmm`!$ou&;_y|Rqk4U6$eC>Ip zP`MTrN{C8h-0xHcJJ#(2-Tk~Jn|d8fPcy&O18mcgl5uQnQUg9yG|^z{+gs6$$#0D! zv^58BR1%Vh;&oOqAdX?18pHIh*4RHLK53svnZeVCy zk~#2?ZZ!U6I;?NwP-zwSUitvH;aYUjGw^>11 znEnrF;7OT$`TO79r!V$%_rJSOH}wB5%AM2y67ruA?^g=3R=^N8T;LvY0Wlr?PTWW{ zf|P%N#t@+GGmWw(r-Zxe>p%3Bc{=qar$qVtaJIj)O}kBS%N|%#OOXi4QCU z?LK?4q5pSLZbAOvs`c!tQ*fXqHZ5im3c=B;%qDcoyw_ClDa4|FHT6a$+VGWi<}2o| zBs1qUCQWE?c!jBt2fp3}`<@#pYkUzU+){r&V$(o7nsRbQC0hJMMa1~*4V}=av~j-b zhQBV)U*&wkM*D7&Qx`JtEe`OAOh^zFJhezcGFx+wWHt>w9Fg;g@m-rRg9jwEu;o<*a~|*Em?IIn+K{>4)s88K$xl zpH6*WWw?=yrT9GOUmPZI6z-UKQ=f2oh?DQBUz4}>_RoN8`4IO zJ-SdHf&j=_L{~q1tJB+ELBKpxd-}5S{Q28ms>$m|LziS$v;HNSC9+zr7OHaDI_n=E z+4XrY=!O03st!?Vq*b2(i1~zP8MyW1sup06v)cKG%x9z7dB_R&j#wZfj%g}5d})={ zt*vYht6XWwDT7GnJ{BU)vvZ%yr0iT5#jH7>h-a~p>yB4z{d^ik6aq_SCz1V9rXyxM zsI~Y7hpjnSy`5*?+z9)35?#M)N=x8+q0lPn^^u9fEY$PdMxZg3RXnm&!Y33SH0NJ0 zS>5G>pjjGOdP+G>Z|)jat{`RlUr0eJd}e!>0Jf)Mp2w&zyJ6C&6+x>aAx3^G%~NBP z^f5O{#>ykyyJL18pzc{QH7iZN!KcBY_@Gj~ACwtevWgyV4! z&`u^+nsqqx&|N6TbyYWwqg_{YcI$Dk=Z<{~5wKU8VyyURH%cSvuFDi}4;?7*3{KVL0W(D!LRV^bk*h+J684~;I`4$ER;jjt(zQ-oN|w z_WkRU%wBEb<15mx?CI^{`Ni?sr=Q-RUzDz~e)Pq;-7wGis6vuwY^L6UXM|RVYEVQVt6NwSMq%RzAqX z==h%(XNRADcysvUc?m5m)RIyI4Y4kqK-QpL``TXMW?Bc`er(X_F zErh8;T&u71uW6GAJq1g1te%4H!Z#^q0ZEw~-M&7)?Vf~Sy7 z1m#x&)g3Rhy+wPB|I$ds%gSQ^4U(NVK%?OmW?Xx*{IN_jSB7B zs3Lo7k!V_w#1)k!axIn8=jC(F%_*DHwY2A4YFAX0-c=Sj9@v}EKyGX_6{tH^30A{) zCd+GkVf|h^c%+hmW|aI~9??}Dk@To5IU_4bj9Sv!=9p}b$yqv6Z033=pKf+l2PHG^ zN>0j3Qs|a-w>d1|$YH5}g6dq`mOJ0qzOCKdZrbxIRLY8zw%STWMcP(WmAW+xyCRE| zY}8Z1Aj+Uo@U?oG_c)bu#?H39-e_kxzD3(WYMA8=1h<$UPyH4)#1wgm~#Q7yDx-qGD&%5*u>T&r}dD zPu)wU*L1JR!0|zj?wTPE3fM`e-*FUyck7p2R^XTuN-^n>k76eURUMA4(6L<3nwMWGRyh%Bq=*40^1%$Mra&2~G_39F#@swM>+Rz;ZLx7U;(pf5GfpG5&~ z;S8pFZ+s35B*Dgy?=lAT3~=r8(t(r}#M8H}|(s*1VOw7+6Td20p%V}I7F)bw^74_RB1+I~UqFGobOr+B9 z+j>E9j1N=YHF^3|@%~G?wX*u_?TnkxnN>1OmKoQaC;1G|IsFTchePV>>*6iOYt8!& z!`>_G}n-Ko{&9rMU3<59b#ms&W3Im<4db&6`0fntGWl~?zzisvA_o=JgOBX`-? zIl)xtc3u!(byZ6R3(FR$sWoSIa%wg*{p*|^Ojj=7vhp4Tfgm4;si2FQALmS>u#2T; zp-gOrb5WmGCB9dWUrotVE41#|ik`59<|3^saB0OO<>Fe2IuUXfF_-xV=;G*9{}y3B zB9Xenv*)5W1HxC;rBDgES>QNys^hilmVq8({?bj&j-?Ws-|7On`Dn>l_N7oGu2eML zVCvf&(@Zef8bxSpE+(l)=myas>Y$w%YQ>kpVfo{#;(qHRp*2qNS}R!<$FN}yC7zlD z!0Nw|{PyL(#&TcQIygVVbW;W60opY-rCwRo{=-Qm>g0a@%Ut`>XDdRi49#Yy!@RwUEA(kTWc$ANd~hhzM1I?)#onJWe*ycU2>r2skCa0S4r5LM*{RateD2wl~> z9~q96DeirU|Co|EL9WsK=Hnc6S4f3mgLI0Q6lnzPCxKgFKZ@_>%X{SHk16HEL+wNK zR@Qp`3Y{?)p}2o4;!6LKan!Fnj}mi4`b63_nnJ1wNZ}#?nhTrPIKl%gNEv);4Qs`N=iJ0_&fx zoN5lD(kmKxG#I5`YjwNb+hGu0apewZ-~rv(aEsgG7J6$3YHOt)ugr#K&-97l7IkZD z_uO^~g2gvNx;k`NRvBJoSd;Z4T+?kS=*h zi*df3kI|uZ65v)4l{Dj-N{cx@sc#i+y?$Z}9vi^ThpYCq#zjskq?Ejb1 zMRa~lZMd4}_or*ucK<8Q?zv6^PRfNZ1+)hKd$;4gx4>))Z$6h7(i(X2S^TO&g4gs? z=VW<(NGx#~`afX-jTm2+{y*J&x|gH>&!27R|6P<7)Bh&EvKoutYAmwMRW_5*NG3HZ zmvO>?>h!X#LwB;mn+_ASrht3QSx8XKW`IWfD|1FE8NBhswN>Oi_aB@_Z~UfzX9HMe zVW^D^=uO@9wv)gM84VH_#G;T3C2!R;1JEEM{0du9v&}Dcrk8J>d!klv8p7o`Bo}l- z*wpg9OZ{ADLM8nyIIA%W7}tm%H?@AOGo!*j7Mzdz`HaBXpn;v>A@^xXM6W%A6MsTS0pq0E7<1(RooD-5`_Jz47dspI|1QcSbc&;h@Iau5 zA+@{cdQ1W|m{Q-P!3c%ey~HCToYo_BF{T2EX$bCkNQ{Z^qmj=Bis;c`v<+lGqE`e$ za9F?Nz-v810U4?5@~x1QA^l7|bWNi%`j3u--Ut2+u>e}iDWQ;Xa=p`KuuzNWT(UAH? zw4ONPI&3|02Kch|#EB+h>&gGW^$7ipIb~CUPF^32mJ@RJJ8`3yLp_3fsvc**w;mxn z8KEKbJ;GabGV0xb;?>~%pB*2*etYapyryGRp8x%)J9|%ev*&+jcjNziC*{BYqucF5 z1T7sARo{ShyMJ%B9-&w2e$vnYG-TXVX|+sUDi9733rT=ffQxMin>h_=H0yfgiuf!f z9yT?eYCDBS^s8xE*kx?HV<85_z<6XY=>z}<^Z zLVt#EFhh7aq&`)kU|h;oj0+-1c3Q1RkI==N|9XAaYW4elmj#0Pq$N2$qJfC8@1x1A z%a#0#m`e|OJx)ecM10oWbv))?67EoDqQRwUhU~M|dc)WyK%T)&W3&lS$eA~F<;4Cs zy5KYPQCXkR1rGi_MTcSHU3G*b?6Xm_H+np<1|>Mr*#=NqNJ2cS7CwxTxu9PKh?5|S zC)8@e7Q=ebfU!tK9ESp7^f8AgBN~mT1DJ{likBq%?nRuC-UQPi8<)F-EPpWbA{u!l z^w~`A4q|~E?jP|3o@B(-qn=LOb}9hQV}d^ZMEproUv8))#+~>eD?dH%q)u^iR6>J{BkhZnp7`pIeT zA2c}gXU9LDoL`*%`sv-_+vDEZ@#*{XlZ*G}@6>VsJ9@_=a)5qiQxp*5$#XBJ0};_^ z8WEUM=wp|RK~55=pX$308_>^;&{xZmcsC>*f)Paw&DfMH;Ho7X!USD#5;7rG(3yjN zkYw*Oo`gQxHh^}qqM90kwql_JCc+T6G>X5nuxKSsp(i~ zV@|W4sIf$+q9Cfn^YIjOJRuSrf7^N##(#8>AV9@{GYJLr_^aZ&`lOg%iR7|ep&j6W z8b)sClP4E6eDdS~y`dsP5-gx?9s^PS`3U_80kACC zwpusnojhob%ME%>gv%);7j52rQ)-nP1m-IJN9zW47b$4LcAL_qq@WC&)mH)MRQiuI zO_2NZ_go*-*Fd+?iEN!Pi%nTcxk3GQ+w4VdvrebJuiTkM^?qeHE8Zscl0;eVK?V&F z<{WSKZ;^6?`X7HQ+AJL-^2oJp&Oa5p|_3uqlg_(vy|WIwTb~ zF{Z=F!5$8yOa`GoxD)`ud7Cis#l>w+24CrWI3Z^lHNh=^Q$ zQ*dxbLe!s_7f!MM98nw^-@w(m}DboTj%E*dR(=^`8N<&L1UgP0EoV(j;a6={yTadyL!N zrl<%YnD?@iAE^>#n7m64E5C8j>uj0Q6JGhA(?kv(X<^{k}gD1+Hls;TFVPwS4 zE(2BhNm9=y#rqzFwZ`&<2P?9{pI|+tC!`&_Ko{3N>6wt~^=uy4>Q4Vr-i9a< z6B7~9c*=t)sWfVzWX&aH9QB&Z{jGn&5gR1?h>jEV3%31eRoO%93^Pzj(eXb>vi??6=aE`br(QMp3nG77l&=ZF9amn63dR1JmimcsIy6YO zUvN2yLXWGgfb%W!_@rHJR!#lkGP%Q=9G!;TNEcWIsv1JPCsUj!fhhDL>E5n%Gylu@ zsRBtEgF;3*z9T;wz3&f0;kr7uDIz-+-wtqxt#jwKd4ikLS-_$p?r*T&QHbQf;;8fz z{Zn?0n|nUh4N3w66Bpl0Pay>zffCJl5tCM(TZ)ZYBLRG6-nLFz;g*+XM zP5e?diFhnP{A2@pheOwOlEBoGn}Dj1)Evbi8`p)Y9tAYwwYusM+fxJgm}>~2ulFWf zfoBQZr5=d+NPQrC$b@lD-0TyD%J0h#d^luL?%y{i=eCqmlvr{RnmjXD!)t7|=qP?P z3$W!E{YC%n;L_nYvgg-Pwx{SLVA@oYDY~H{!tPq8nC9~^ou0nGF=>2fY)YB#bd+pf z#bo)9+s+6pPE@VQp5a_7n- ze`C-Sx%pZ(c9u`jfeRn+T-7kg}XCBk{j4L_1=K^OCB^ z6T>@{&@KpSDGC07F^pcM3>FqZ)iZlmz^#9=azQlq1QzmFVd5vgRxorQ1&;n7v8NIL z#@292mQiWCnPD33LA>QgT5>fIZH`)>;!hK9?)JIsY6KzooyqjY5Ldj*nr3w*NX9);h;2Xp z7^DGDLk+Y>TH$-D2f{>PbCNg>5MCL_TMb_Ap^6HSwsGMEPzjdejLBC;nLd{S8q!9Z z?B=Ti95~yCh2|CJcN7+VC|Nm5MUYULJIMap&Uax|Q5i=+25Z8{|CuK54#0)&(Itt& zCm27%n_eudR_R$^B~9Co@<7yCtpFrV{To#{Z?t2X^rST}hU)!*hsG2JqsOpRZVtNN za{J7O7$?GD%8M~QCM5sMZ5RNkw~$9K5XF~XhN@5u~DIC6$ zO*vL;bu~^8NbkKJ3gniVAVQk5m-i)+i^2;$#e$pN;1XlV@oPYKD^mCK2GAj|_9OOU&DT$o70e>W<|3!Y3XH60l38tQpLvI1#nkn6z{IZZJU z?1On-gZh!p0T3IKm*X0$-vlt&zAWv{*0-;g<+GQ?xRwv1{iz zr_sYn-CmAl-rHcvpAtQZlWTVeX_iOT+f#Ff_rOK29yf)-j!p*JAfQU_V{m z;R(b@ab7z4O|JP*v(jbi#zZVwdPP;WFDV9nlnID}Qn|ge-rinhx6|B2#$Q9^lzWaR zp_A?=vZ|oXxP%odr$0H~`Eia54N_tSN&1_3@`iXK!m4(P$Mag*GZ3fXdLvBR#!C== z0U5Xky?KPI_*;ip@E;x+PDfxd_XU@4<^NXZMazgpgf!QmF!whxgz-2%3cS!>_9`dH z3NqpAAp%A&1fGiKG_Aa(rQ4^If|nA-F>X;eMIY1lqFC8Uw}@Xh%m~4Cx-=+}g4axi z(4bA#m}dM9HI1{>s7cclZNvwazm@;xOZ?w+Cb;(n{?_=Z4&xkK;U=TF%v(=vn2v5G z5M$H+)d*A7d+An)e>@nDuR`FeSm;}hI$^$tjumbV#@Nm}!LoPT55ZWJ zM9VLI8DdT2OnRo}^H=~QZ=xkk;|G$|V~By#o{;pM39x1;@f8Vr@z*uNA#{`8ocjB1 zEt9VfYP@s&78Lg@_+ZkDagU@hAVTkG$v?l~!tJoCb6JrZM{4-i;XkgUOMod67TQ>| ziZ4Wd^BpoEh*9H0T>$m8-bp%2O?2 zYBP|W!LU?BDD5uvQ>ap*%dID9XAGl9=-{HCKg#)U*xg%k-qPegkU4P3+6s2UmgY>* zMQc`XF4>~zJmU?5riIc2KN=6L>Y+hk3z9nu;d+b=*LoJ=CWc%bBMa_)sX20x_=h+6 zKBl_gm1-zAiRgoHd#nzzGs&d{RcW1l1UORB`Vfv}IenhK?V=@w;~$>4iMI1uB<=ws z^-Fniwl>giI%mNWjRK+Pe-0~yOlnDtD=2iV6f* z)l@4t`|NQNo&%)T`yQ#yu|M5~ES$`}DXJjD!S8!c(0nvLs>nKzICVMm$m5bq*d|dk@ zJbyWqac3MPa0?fK(k{SiWGBXJ24wH|67Vi?M7Tg_A1nMYECKgj84=OP0ZV`w;rQUX z!pQm0Ude8IRx43~tjYt*gyL{E%ULobP}u@Hnb`gOr@U%_8{7Gv9X++Cx?&cAjQRc-lgWW?;~8I!LB=cX075VS9<5yT z=ic_P0Ajl1B;x7+0v{V9bg9}q90|2vEmNdctlJ@B8z2_)b(z~1QcDdsO64=49c*;+ zAHYTs4Ut3}H_`5B*nu*TjrTBz)(C9mFlUH`G2UPQ=}hfwL68Q?$8lkXd1d^1} zN&Je-Bsj0y{{q%rUJ<{;-0}UU3An5(t9sUmw*hO+Jo>YIULh$NZ6DuB*+v_=YIGL6 z05&)8PZD8r?N_m%R3Jzej+6`@#u|vdo$sW=i8sPA$JUk*1q$8x#ElWpW{BGo=l_+H z-D>A{2%Gi`;KzPk;0!$ucyz;lZEKVqCfxq9kkb=ejLuHQvG_}P+_WT)28kM7^sx&M zWuW8XlVpz*R&?)5N7LR+PhybMNc4N{BCHrzd`YSJ|K$kLujP?T`DLnOJ!WM92S6$s_`gR-~Dmr!`R zCn8u%w!ztyGd~@fiKCXPEidNfS3qXu^AaX^&Lx(@Fh-Fr{RNMky{#mi2L0g z6C77Jj&lGW8wH;qP00?N?dry5xRkG&O#t4W{(xN=?|+T|F1JjJKF#(cKyjcdOL3WL z3|lL&h}ys98hY3gq^Z+iLo(+G?YzRg&sc%DB{}Kv|J0a9SDUDr@#V z8f|CNkzeh<`>$xrDB>*K`Hn`4o!(RF`Ed>#4DuY>_IO>A-_7Ii(bayUCz;a*N$6a9 zR7}FFK$}Dz1yKz4@KcUrE(LH4h@g(>8inT|wM25xz|r`kr6(p9o88t6tiWx)uZ31` zW3<`Kon$*J^i~gz{_mp9Vnrpu&oM`FqMA+=6NEZavF~I};>4FnDv1*7z66b59mTM! zsAfrYudU{Mr-4_Q?$o?H(Tn9*k2_>_&b^9DE&5fGQt((TxuZgGAkAoE&r-)9p#RtXwS#VKwWwPdzD!{fLFz+QJY4E<0%jp z+oU8M%Kj9SH5$-OGG^AwD2J?%|JJK)8*WRdB)ui6F z^F=m6306Qhbx8br=l-fFTLNFjDhkx0Uz`EkW{Au~bKuKUnJcHjaUr&cEDEZD*y^AP z6?rzyrb)u+Alh4{V&JHdhR%Z8769f`{IymO=3RmmX_E*#QS8q%i8={)FeFiPfUbZ^ zBW;ekAMD7 z8PXWbtl4X>f(M*n|LRAfx2Hu(GXgMN_2@OgGZHzfbPz}SxlfT#3lEbWeTOsh4og$I zK7EeSn{SFIa56h(sZ$Bl%)?sMP*Dk!6n%~a*92gbgZqAQEj=`WWd`-6=5~ zX~}_21gnHuuhhKj&jRXpa^XOg6HQr>T2+MSnnTrqZLHG5&a&buJQs~bc#6!924A~r zS4fZ=8B&j6*pXMY!me`fya?Z}8WK0N4yAz(1IKUuHa4$5!M^B-NcdS60HNlzGLlPj zA{1kE5y9_{S$tfC{N6DhQg5Mc)V_z7yuCCkhBklU@mfMF=bh91txUtiO~O_YG0vHg=s^k5PY&nPf$s7lH~C0# z-TMYC+xWBfU1O0y#YuxzYAG1~%2l@JIezA$(oNiYr-DnyQ8ne(|MU&m|dLG zO%`ZdJT%ovyDxKlhN+(20yPCt+tTwfIp#I%fv2?dNcxL!AC4_P9y0QX!sFSX3@dZs z<^PwD^9ck`;E|E!0T?Q6Og7`&Pzz>c9FsNXLB(C++JajKzN&+_*`K{PlyviL8aF}4 z2kk&S%7tF5gE>G3S?~Pwuvhx`1OifPNsbfOkrwP`#6*@X+>2%fJ_xc4WH5WH30edA zYsH5#R6{Vn-vhg+&Uns|zMstn3+7S{%|6AwS1@KjooX0W@>=d3*|v^ofZfB#eFmyZ zPo)B_R90bA81T2}s$_N#kg$TlQ2FHZCCFBJ3|!$bLJP zB|V4KKIxoH#~t>J+d7U7z0z3t{;>F0`nJ@U%J!S7JB4+>_4ZA z>Ij<$bdqU%-G4H;4uLig7^r+Z6DpJt`eo>f_EuH@canu_wmbfRCT)vGvDzmblIdbP zZpc;@I?;|fCjk{eJM4M)<&2pB4)`R~Oe}szpcVg(ge22OvC4nP^qTzO|8)}~ae$!t zdu1)>QW*#;*v2Ub@gN234%OWUIU}`|XTn`|wl2Mr20>O(0sCs02Cd})M};s=u4ow$ z3xRSLW|k+!X`mZ7HvgCFWd~cjQ84en)67!gv~lYBc*L*aBypw05Ob*w zo@KAxzsgft>T#=bRDuj{8)<+nkdS>tj)87OR)sj23X&fLmv{d_h~(@(HeCkca?tOY zfCDWzwxlakLE=D432@LZ?ih%)Ly+@Khvgn5sJ3piQcf8XklW*0$nP?^2hA$eqNhUF zCfQ@XF~1@PkQc~-;lvZ}lkAe7E8=*Sn*x>l@>PND$M}9K|BhzCLU!o84wBKp@HfI> z_$uYv9*1wVBy^ijpO<@8Dcgn~Q3*Dtrn~pSqZAuCSE3PBYxgtJU@Voz56Y?rGRN7{ zs|V1>(5El~RVQ7HzKFk{db4Af*IHP>^^0I}XT7;x1~`}3m~L=M#t8gPEj6OuXIbW6 zAMDj9vo5A^uP^KV)%*tmQumbS6+m9-2fLaR6K8K~D8rh-v89Nk*r3{0(quV$$}$`7 z*^1`oFh`WihGE16B)xe)#VJ8$U(7c~#S$G^2aT)?J_WK2rg>j(zlOd$EF6>()An3Q z;}yKTkj@_3V(A|vMlgNkSyDCXRh~k>-iznJ-~c(nCCsl zOJNOTEuVZJK$72vo=68jIvi1A+>+Ug2?rZ1JjT`SzFzSygd)M(AM7zKXMEKuP|JC7 z8;+V}bOV7mDMwX`7Nn-kMTm`H8on?m#AZ~EtZS+4Eh*4Q-O=|4?PEL#r;+r zkynnNyYP%V(8wlT0B2{UO2sVS`tSZnc^gml)$P`+7H)@8RQp&3$~4Rs)gTX! zBby)`(f$aWYH_FvNt5MYrK1wj-hlLuFBD;|p;i*lJ>V`P40J(MT%7sS;d(A9MtLpt zHEMkA@1HU|mY|^lO0s3kOs>BIw;VtSZE`~yF1Bh3kUL45 z(so#19Js%Z?RFla zdVYO^7c~z2mLj7d02q>H#0w7>T@vqMK=iptWW48%5L)X8B|tM1J)yqDs_F?L=|UD} zW;;9~hX!?v_DBXZj@Ka>0AB=RsXNr^5MdLk13cMI{o8w$1)rEcFFEb*IxlaVLogXh z@~L2iAR~Q?^>LP7bP^;=@MK#$z7ZWB{>$~{F8*r5hT;{;{e-7qSZfUw#zv_X+U zO7>x})J7na6NJa{Sva|mnO)s4`)@p64@bcvayc~lgDY&~#YoyW^MLNmZ-KJI?lLnM zK*C**tR4U1S^GHjxr`dWJINpblS{c}p&honS&J5)3f!jP4_Hnk0fxI2UN>o`#_O{= zfiw$pi`PVhOK~=J94EtdyXN*CUzkcE?N4G!Dk??vF5d;$8DCCvE(C^U+X2_KnnKzU zHG~&e6owjT`vKd<0G1R*VviQQObS&XggM_83|8``wMD4MGeIN9BRb#JR!eVBAlMXF zL9J(yeYzhakiZhSA`L3ycaLW{0j@Kcydvxpf8adnyVL=Wdp8hjO^`om9{eIyx#!6r zW0beV&e@2_e2MIbQL|O zf?ef7C|9aJxjSiC$WH-KdV0jh{2d#}%pIUOsBz6qO>bjGgw$~(6BdaHH|Tk~eH;W6 z-nb4S$rw6l;ukSTEHBG!Tez}XQXN-Z7ZUzl#y?Abd}8ED6D*3i^S9z8#FLD;J&5%h z3oM4(jl=&~;zig716B_!i)yW{VgME`vi>5fDIT@tZh9?=v7g3J#rnMy7tbT=X+ScM=m!iamdRuJ*|ZILob@}vyb*kqv! z0=16~LHPX@gea6SEP&I5)(`qVztOs8~rTr78p$L3n(U4=lzyJ<@@(uRQJ z^x(~5-LVxOG!|l>Gx7tLA&w+2`k!*Kvky5vJ5~hY*C&%}j=XGT@vtgZf4aPS+2J+e)7dBysolVIThGo{9lK4Q`D8+ZJEFPe>s z-_D}nD=>)!6O|l-386yLC?6TcEF?gx<+zR%a-t6N^aSKX92L3aW_z+GYKa+^_7Kxa z$KB>^6|FQkW)%nm{fEwhuhK4wJo~?pFoVo9G6T{>^|_rikT&j#<26b40vwI9c})q& ztK$L8I7!&k{V&!H`dU^X`C1ip#^4gRj|7p`Cw~}iYa}cQ?*zV>$O1;yvop&R<4GZO zm4Mj_duwh&y;A=x{(xNRtkBK;KUxD`QT;~?ef{Pw3KDLGJu(L&UOk}=IYu*(Cq z$721?|Ha_U^A`8dAA*-LwC@DT=OY~7E+!*>IK+8=D(xiV-y8W!+xC|f!msA!oalC= z(DgD5!{$d!D2b5HGIKw_W6m?#lFYbH!m)rcvWC=c((;-n0}>pbj#!uHCqF^AVN4R% zJ?_*&QPz`qDjgZcZKoW)U-q~}j^q}TS~W?^)#OoLAcn|$q!FI}R$*|#%tQ07(V2EG zhTT0_Vtl`14ob&x3z}+fH21?8ku}j+Bp_{*(3{eZ&IPMrpJG4>PIU60bY6vFDHrYh z82WNX13(bx3;bft3PY4({zRac3cm(jK^G|7mxDHUwS6lKJ{g;{K!fVGh}vj`>bBMJ zE4s-YIlJqcUV>*3pdOl?drEUiz#-(ki3zyTq-8wV&~tsEtKwCTTwPsX4Q@}89s=H$ z)j|4`!N~tDE;YGwMW~pfiL8*PDY@bplQ; zNxUnrNKpt3wUEKDxlTHfuA@^az;O?c!9>P4djc1KrH@;@vU060rN~_C`3@iDqO7Sn zMk`&slS6Y+B?kka#217}aQ_0mJ1&1AQOO}aXPHoRFQk%N{uStv-^{_IzXato9n_Lb zgh8F%6YrsjkqWprGKIuAlYB~0JD9Iv^^zhWf^VnGY7#bE2}NBKhnlomI11o*l#U*luWAY!n|83*1K_f#PS zDE`p7_97f++U3^6D2T>k1S!WgGaC~%NdQJZ(QFw=K4ha&ef*+|hs`)WWXNY zCIZ?-!DymHq4hZQvIZoh%{(5+DAN>p7@~uGI!=`(L?WP+%uqyj9lSOWdnU&7Ml+h^F(C5t7m?ET3@p%{Lvc;@Sip#=#Vxd zAcGCtznac%hZP~KxXHeXVL_cMeu7Pwg>R%-jwgK?@&z~S2TT#A?M?V6MvZ<)L>BQ}k+;mD4o%@#d6)K)mU$+;Z?@@APVaLaP-TYpk8%K9l2d3|$LB^`E zBqvG`wRwp&k7tWv@QbeoN^Khc9ho^g49)MGYYwi(01&~%=myQ#yuYzL$xu;Rlu>!f zw87|ss!FowU#o)T32Yvo9MOuat)8wHV%Z0?qw3qGxY28(7+_MoN4fHW2;``)e|VN8 zHzpQ)c}GF-B>cLDFORLyP+xUy)JGAiRE9dKg~}#;ni@ZTIU>hfkr45@kg7H5e*yv@ z!M+iKCGpw@oKYf$gx!YcuWFm98(5wg-#Os_3`487Eotj8suRWYrAxkHKZwsqO&GZe z6j})dUIjx$yFF4AP6gJ=1)U!2LaG`hD9w`H7Q4FTT>coh|R`!?{~=8 zo_BT2KDKZlPP3O9+Sh==;hrO9IJiSKHX~-iY zWNd?2m7GI`I-u;(ldMG(SjK)%o@b9oTPOpTI3XkFGVfwg>$_W>w&@*V(ySTUm8TVl ztg~wAEU%jhKkA4e9+~6o9Nobhj-WoQwQ-h7d>3}g&;lrO=s#Z!>7rb4{t*V7CN6_T zG}6RGNFiad>&@M3Weu}vExmgR8A{=Sp6nwpXMWm*)cm7`=@}$4uNDrEv8xQ81Iq+I*V@3d1-)u83{R>%ggh|FV#Ot`rH6rR8UKOb)k28G8Z=RKx*5K{m62(w1 zdplzbkUN^uy#l^w!!ZhgNKA78No-9+uQ=z2_y@rTCX1Rvt8`s|2`Qm@JtMtdnQLt` z{lo2LoQ=B%eTdabnDDo6?&^zqa(!}bO+j#O!PF~~oP-bs-Oej00Pu|sQ?t}cUdq2S z^P(WfmKIKhZkbDW5}KiKbFc3ewznWJmosRq6t=CvJb3ZZ%TB{v3OUXoH1U9l)}}W* z#N`J}xsQ`HQpEND9T>TB^Fb5={V9%jDMRcL|D%>QvBw*t=?NY#8u%hyfoF(sbp>HO zcD+qiAwLvsLd2?SUX z4U&WSWa=X$e?hO@OT4^9dJ7qO|6%%D>Eq-=EHf!h?R3ExFj{F~DUcwEvAnTvx^T|v);oRRm?GSqBZPf0;qjb!M%248|; z)|(pQmFhwhs}6vq@RZ0|%mrM;(Fn)7ph9TPzCb}fY$u|Ps^T%Imt5%qLpb(D8{#(I z7Wcup>tDrMhzJxkXZiPFcG>Ir7g}MADPB?Yu7&N4)T>+B=T~E0H$ot4h&26wcN;vAr)(D z%DxZhcNkXJ3!RwEgAftP6N=pm?-Y4Zj`~Nu^hfP;Ucp`FPxQFHXQ3ciY`RFk?>eR$ z3dqAk8EEV)&G~v(rs%NHS!8bQo5cGIU!n`wPEP?|mH5sq?nCPB^gfwQ7Gxs5M?Xtp z@8o(h;?NJ$i0G62(wFYlrMW=-X{PqMwv4J;`W(whYDaB%F|1-fT6*T6p_F&WrFLE@ z(TsAaRBWqano8t13?lfIp4bnb@`CP4U&r_i#?)SnQKL5+U7Eg6Kr|c#NizzA#|VH_ z-Pn$`xtoM%Ws^lz!XQd7BRWOpk~{#zHE_}HN3j+WS&Hhc3HWop<|a;{?F9!7A=!ga z7P~=Z*7KNSMBqR-P^^vG6^50@beiP5N~I z4lo2}K{5};Vq6swe3rAD)RHb!jqfw;dk)j|>(SAWZgw0=7zwU$(dtcC}_qcDJHwy46Os zT8x$HP|L1^T%SChLiTiM(XL%E(m!-f@7|?keCc^#KRcYZmz=h*hbdm93-oO$5oCbT zldFX9oW-iZLu<#%UvlbkB|?_o@<$S^M(G(L9XO6hfdryXWu+I0dDlWhP~j_@%^f-M z!~;!o#W%o$LrCly<2obI_6&Co}HuL#ReQzw!}qF!rG3^xJRDBhajrNLu5W&3l%m--MU1G(2c=^yP{j!ameAfmb^iu z*coi|nZ?xpNvA&l`MPO>&&U+vAyNJfi1Qmz1hJbtj%{daYP$b8ReHIeot1s+>*Dr$ z_gnLM^FAI~`YiM6`WdWwb+$c!(3>CA0WqK>ANj3mcvfHRtrYtoR3mH)!V*#<#bV{* zY~tG0O1v~uZx)IB#LJO zpM{YitdA_25uc65Vh1IE2QCS{nPlAFr-hD|B2|_r11ksQxU%D_a`; zJAY_ts3=b$AAE+urY)_noB*{o+RJ&7+p~stjN?Z70FCmD-!u3tuD!Tm!GVCy_Zxti)t$~XG#zOU=~VomnwqwnvwM+4`N5>Bu8DX&FJ zygwJ%j>PpGzZUHpY-eE-=*>%lWh)w^t}KcD79*#CM9T_xM5#6vKrt^Q>?{n%&va$z zWF?LMXokU(I@*bbMQH%T7}BQsP=Q_OQi{o{=n3(9yG=o>!10&OtFlP>=h;m)?f0|a zdJe+b*K1kkLmIu#=ce61s747WGC0}p)tzUrtJnzkM+*inh1bmGxv?{@g_pkI+n8_< zNLaRAqZ09785`a4JtR$_4~MXhbQ5r&uV&N{&lAqx4wNZc{J-LKxQQyXQzDnn%vbl6 zlel*goh#K~QE?cL=Y<+)^rF%(T7G3PPJ}bl!WMP#m`~5OO zJYGk93cQJcaCggjYBYRK{oC$7cVJ*w)XGKM))-`Y56C=0O5jH-?qxSROBq`AR32*J zBIzYK)kW`RIaO&9f2`cq0e%k;`A-LiUmSE^D<%=X-Vc;w6~eBvB9p$+PlUa}Nrn4! zcmqt>Vor+;=`G#^V#f1sTTmpcNN2noZq03t#26U55bID`g#7U1pXltIq#SfcSrJ_u zp?DBF4rfL3ry`j8))$Kg0#b-H`P!Ug;ZE49Xq=T@Op7My?%1v8!oZZV(fYUqABhXC z_}^tr-mw}-0SfbsswCSSt)8urVzAOE?U4};n@)0J@!iQ$`Rm|L*~E(9{RUf; zL^+-34rFYZ)`T%mlyFi(oNH!c->@!RClKH)@gQjHTM|hYGV>r91++h0zl@fV9BUOc zM;sAhz^K7VF{07t3D74x8G4bhEk{(J+3WPa6w`)iT*}b%z!Zq_`0Po8p?&{_bC-~7 z@~^*K8uRYhk!GtW2PSC%n5bKX^-VDv&kv+|3OV`}#26ASob+!tzaJ9rOM)_%P5~45J z2)`Vxw78Q6lKe=QPgZ<^;Ra3B^H2v&f@fYw<}ZDTvV(9_L$3=zuA_adK2YStoHhLw?X38~2Z-Hp$Lcob}JfJ_WW78186;wjU193zdY10F_R5axVA*BoCdb7 z6~tCQX4Bnr{g7^#RBxL%)wW?PnlObzyQRFjTp|%llf{wylNeW38X^)byJ?Jnkw+`4 zmK+0Zy5*e^mh0P_A>w!lY(g_Q0Ap*4su!AF!+l5-Ooug>;z{{nF#|`onP-Ar|P)Ufr1@TCMf*PA;iaQdrjdM zYLU%%Ehcow71vS3EMqhvN4xs-aE^at9AUFAZ)(y)kSNXF8tP?qBHTN4!xr@jyMa(! z0deZs|LcQU))AUFE1A@BD@~;5hSkNw|I2H8Z8gBuS#g&Qo@g-auZjgVp{=$SshfkQ zT&}hNKq(0W*s-X5ULN^r?Swmkj3qzGLcaNzTrQwl?{u1LMO*23E>QY?YGrvW=gRME z#pCYw`}1`piT~SsQ&fxcCjS>2BOdWuXG-3bdGFEZw&a!Hr8yNiX1~)vzpI|VQ{CU2 z+iM=3eI4IDQI5yYeH2H{7%GqA#feDb$${=#%K6WP(8K8nMJtd2Vg~|vlQc;ZyZGo1 z#QTW~l8}?X)-5F>Kk#yM&8Y~p^XdgI(-#<)xTbV0r81CSNFsuc$k)uJeH*O@_p#Iw zB$@J053C&0fs^?2U?6kAxGXy@%9EVOq|_>aNd{uNvS0?is5r8HgTM;Hcv6emjg~lA zp8S1ej|+E{ZLOXyF@Nedm$$_bcE*DlVtHf19QN~~;k#+B9DMwiG?^K?p4G!bSc`DG zMP!+3&>&84neo9-p_Fwt1}bEuz;>NC+FAF_qdpeuQ6W>4K)2!@(we!=VIlvWd8Syl zUNlcAu#pAHc58R+{6oci`n|?DaJEAOPg6Zdz(63rH<-3{mKH8!p8Vdyi-z=7AG7X_ zgByt$Xn$|_S)jGEt#HLi_N~K{7~8%D;jypAbDI`Vp*rxb!q>akw(XZO_x=2w+dKZ^ z$LrU6Z$0#VUARg59o9fMnk^${M0#wdgkK3XG>QIqm=C=|7%l_ykP#nAWzJ&F`tTP0 zsREMgu>n`#Of2z;rbL1Y`m=E*0rY)1fX?VA4+4k^LlQG0H;m0#o|XNDg-ovS5$AS; z)yP{s{G1J!HnfwBQwB356~R+jg{``{RXI`xO|C{qQo&j4PKK175>S*V z1-AW%0>{bKMp==w_SWKhRKw`0vmVap=NNyMsFKO{eF3unprxcQ2;ax8vLeV=mc5e1xUIoFTJ-$k#d{UOuF{kvb z-BG-j0d;cTQZ{6 zTf>SOW2|@-H1qdcxNMH50F||3c8Y3SJ~DW)gh82Mj{0>_tIhD6h}p^9Q}RLLjUDSO z+{oX2<|aCi`bXBvTOUMvsm&CNhE3n8L!``)C*k4axv?!fY2}}OOx>fp_fvtfFseD& zJUxj#QkLH;4_{OV-!058OMulJAnf#IHC;{d7Vg%8u}iTuWZx&HqMiC*0{vjSgECg zTYb~Spi0RNGI_Dta!=}|o`CBO05TfkCrFD%*-(Jo9R?3r^R@U3&TbJ7xWm~}Ul)Qv zug-lmN7hs74Y@m*md&SRPvvTZ%t7lYRDvmSGxB5HKJcW;A+`GWnY5udf zDl6>snLefW&-VH5oHE#v$E#rJgX$xN6D!aJ5Seurz{>GNpko82&#mx^w`hy$(m}be zO=inla!YBRq*l0-?t=a>2lAVlY;E~R52mAGV$Hn%`24q!@Wngmg>EIy3YC)|E>NGO zZzoeN*$e<1t1t!^ovja{rF-(NnI{wx(_L9CQ{HjmPn?XZPdxgz=zxE`@=iA@DU|lXE1c((P@+jgC=x{H}e-Rj{ zYKpHnfQb;~H7KpDf?rKK8OTbi+`ZC5#92|+vLNa(FtVgt@h1l_1*z<{{;d5PfKit8d^ zLFBQ38ySRtlD-c(IqxYyir%ZiH$J#TS@3WOWbA}Zl~pTfj`!SiL+QP_(Zi+rAob;P z$H-Y5**&$S7p>pj+51Y`5ACft4iQfg4czpep=%SXRDR4A5cRIQ6U1y(B-@9grM*M5 zrj*@Z5Q1e>Tp|?7K5L=89)RMH%GSo5U&5+0k7j<&Jzb>b(qSy&i#;xhcEWkPC$CEv zZa+|#rEmYQ2t#lpt(L8GWe-;|ZJ5e+Bl$&ON+O+Up}-wJ?oS{SJ_Cl{zOv4=Rur=1 z0_)z45OXbXx$j=P3*5Z>*f44DW!q~Qj;Pn>^AfyQb*OwcseyZvB`x9hqb#-FFm<5r zHiZ8Jia>S0-59tofy9ad9>I;Yc4)9tZUObYcykUpREgJ;4d{@%Qm#^oM@eL|o@&6@ z&0A+=m}H8wN0XEa(!EdRzV$SadynD`?b_YU-(1=ETh+B>14KlL@?!N=qP`e9Z7sZ7 zd#M=Jc&R8-HOAr}WQI~*x3hq7{i#$_)Kxf_WWH9jIn~oa2qRx~u{$B{j!oX~wd+5W zRmlH3SmdJjzfX6cX7m3&f4aB1|GkrP_wv6b%!>#I9_F6TtXo8YG;W!iNx0*};Kr&^ zJ{D=U=XY)li{pUjvpN5nVLPcWdN9k=&-l ziCm`@XRU{h=tPQndR}r$*PKQwRda^uS`S-!OVw2Vlw>0JWI`hB;RtKc>76Op?2910 z3UZ3zETgTEx|a*wZp;Z<-a$8D*v1}=KO5C5c-^XYI%KcjZHEOprtCsLwRce*f5 zIcIb8hqcHum?cwJ+;rXov{09_E`hIL_phRzUWod)k-%;cC!vpBg4%y;qxPrv;)}vD z;D%G*pP@gd*q8h2NjU`;>qyZCdWZUv97E1r!~q`!n-Kd}Cb1eSvz1RLR9`|wV=B;= z2G#3#=dv!`goMQHIIWYRc?+UCi9=dgu&2od2f!VIR>;Zg*;d0`R?Ha^4W5{fF|L?8 zr4?$y-8LaU4zv$&ZG5%n8G}RhlIFSbTvNX`o?sRWQ@yEin;=`Y$Uhee)h!hX+}T>< zV!0_*VPmp93o(rfB8Smekx4!ME=NnC@W;J%{&#~ma5GB8 z|Ht0jf46NT4Ws+B{tCQu_KDrKD9K;x`q}JzUB_*G8z+8kC%w;U_p}fRNvtV?1xPz; zoA+)cEUC+aVG!V8`@!aVd*N~D{Okk(_Gq8U*pFnwHy0uBu_zplzvLCdm-a+#|b$F!li zaur1GPI)s`@`yxS@@yEq;JiK~Sm_mqgTJC}^1&xbibyggGs1Ax<0)l$LU!_=pXq7P zR}3AbP*i9u=iRRErI0m}tc$wC!C=-!-5HrtHWz>IeR&afQMb}%7j+K@7h!it1C*mE zgF7sN`}CQr*wZ(g{)Y0DI(K>kVzc{qO?SFaD9&bLwQPdLe!_s^o z4(lhV1>P@8)9~V`e)+2NO@c6+t%$gSwlU0yhx_#_SV29)#=TAxiF*T!QU(X>k+^qg zQOe-O5+wd%8N~NެUysIZa7V*~C1`waDa;S-uD)Ev23lZ#WP=;-?S0vr%nNlu zT`lAsQ6KivzDkC137hbBA^*wTGOPN34`1vbl;yu8(fmpNdxYPk+kbQS zZ%H-EY_h;^qN&R=m1u|RYn9)~<#uMbL0zSl3SCs{Q-Z6^^M5XK@GgPsp)>12KhHh% zHjz1arH{10Mql?DF5o)O8lJ0rOYqQ^g08Yp!G$b>!m)<=)*=vK(d(r(zz@!BJhg2t;$i%I^u9;yW>jJHh?SGs=bLZx;P}Xm56# zLMsNWX0w3hvz}Ys91~=Lep$9ZC_`8EyCqF4+7F~m^~GTdaeWoP^PQ6WPi$J)G|ny` z9;fNAwyB9|F#~$|Zc|a2>)eugE2eX6RA63(=g4x%w**o@be|Z@V=xvWf;rQ{y)o_^ zMI+5G;M3;q4QrXxr~q*M5_!;@xosW0#;$Z;**EqVJ65z`6{6_z0w;-%(=_6O1uid@ zEW6;VXF1aKfxL~IO@nCOYk2}c$`B(d3&|Z3lm-4k5hFO5BOgq;L90Dkq|1|DZDw9z zGuffOGO_m{>Z)vY!F#(rc{zXL(2-Mdue*b~5s4@1w2OuVSVJn-5Ml`I8yxH33xmhh z)~`@3>RBZFT(0Ev!f@*F4zkt$d1h*KDH+c^&p?(KP0e!+R(~O zNoRS}`6e7pX%`W1ax6qJ{%e%aaMwfMhf##U&ubhqp31zBBqdA*1gib1G%AUzTocrT z_@aVa3Y_H|HPVTq%>XeR2XvNCoCG766ZOznltu){HmL8X1Tyxe6yYF1d_Eh|i0dIY zfG%#Y9AZvsJ>(@GFlNY|$Z@D{W5oJO(MI1r@@%AhCz|q8qFyCIrT9c>nQ!Aaq0`q4P0_`6-oTzl->7n8+-dTwl4wvRd8t~|d7#sQ>|WHeKLEqV`$ zO+i@zIUZHT4!D6HXEE5HRr*m_MVnO$&M*`wujG#T1Xfsp~s*?^U!6UG*%DwF2rRHR7{>YjS61KHPU)|Y(}^ce+a4t?w9jJ zZ1PuADic#W#p(k=TcvRm#Q^h3RSlhk-uKWI@SSLGu%gm*sS%&R_Ec=DI-_d&6i?*| z@#VFu8p3n=;xc1(e7FPl_q#@|Ar5W8Bq~pm8f_zg4K!tbEPLYg!vAUEJw) zTXeQkS2=Jy(OxNUmMUamXNJ_<`lY#->yivT(^0jT29qeKMt9S_))w?~=&b0lEM1L8 z*TBfJRg8tJpaS`gS4!?)9aXQo6z?6G!DYsEHzI~2x~UBB^|&~>ik%$FQ^Iy>@vl>s zk7PTd_k^KsaZ;T`$rPjE&W`-^O*SJe^wDq!ZD&bRZS{vrlm1h;ZqGn_?uTLJB&hp< zOvr~T>4$p~MX$pY%#Yn4fBfE<3&>~shmgy8%Ftn3;AY;?Zax!53uAx%f%r5Vk0VlI zXp6=v=H*Q`b7NDZ^czMC&yd#3$0zWF0?m=ts+<+pkiaWWROTc$xYu>9E`PNEE(*`j zIN^qv1$nLP{49bO?8-Vx_aTP}e2&6YRiTjboE8(50@}i6Ay3X_EfuPt_bP}gUG8J1xa^jfW2_Y?XrW%-*(Z#4NK~u0pw1#wtq` zp1sUfICcYzyD1Lh+Rs8(xywOTc!K?^ISb0YvglxxFme~tj8}ChY%1Zr&1RP^n>PC= z+r3LtcN1~z(U$0Vvou`Q75*gkH9z;?M*Kgd_sy#L|Au=n_A34#`@<*ykH`3Zs`?LR z{?%(qKL~O@IT@=WFkdt%5)b9&d3@r&jWrq+iRBkZ#FV-!tWfF&;0PCg25`@MX^Oil zgLL^uPbG}5d}d|&wcfs5{L#Woa$uU(uhgq;@+&w3SWU{AfAuMAwvkEie(e6(?UwBq zEx(nTjvKSu(L8bWP5w5)|BLJkE5(289UhkBzhCS<)qi}P-zVVzaX?sp=^^iw@*AYw z?oI`V=bJ28mk)Tn6JNQs{h1-=VI>Y`^jNfsx@ zt9DpbDJ$+JcUr?DEXHiEA8Z#dsLXrfh@I^I{(Bc~r}Y2jG*%z(SQdIuE{DbN(3elTn!9A~Yds;RT~CvGvSL5}YzB zPe`hE^kRFPE_$q`dD;pZ>Q6%=f;Nma4zk{vV6D?#8=#S!@ z{zH3H^`I(T`6&D<3!?y$_zvA+CY^qyzcH3+I2sqSG%0cw^~%iVz1*7Lyfh_HhTR$7 zfKPl9g>bZR@ee2wE!1B%VB-t8Ry@U=d|mkz&cw1*eC0 z9QrZ*S=@EjLaA}pO$$jJF2mHRE?2N|L?R{D1Ii+J&@Tb|7j zHZ&o%JYB6NLAnO?g>-=VqPWM}KBe(EoLt~!SI0$+DT4~8VT=-L<8r=c<~bZlSUKf%p{f9Uh4#`*Ub7 zPrr44o6!I6F%#RkRt0R(|Ben{RP4Wly{Gu^NBKRv{`b8k7KBGMOHn5HK4LVAfOX@^ zA|{>FnQDK7CkyH&UQwDZ;>k{E=A9YjsxB;{I`FWIj1ulUs>WrxfZ`w0S@7#H4p6tp ze*7``+p|9;cRlXP@|WMAT)jDe^UX23Dn^e2k`g~90ooQim{BVJeD=z2~=t*fpZj@Y3tfi zjn2ztS_)Lz8bff@5~C0m_30{4_p=XpmPF7?)roeQZhRhIN|$7&g8`T-KL`J~qfs^^ zmxRqi&gGX~hv0gXi_x))1P1&N<~*BeV>E=3&?ut!M)7CRJ*2CV3zuRHd4amh!wQb2 z_r+h$8?cx$TYckZsphhl_6%gC3&O?9gCvd%Us3c7kH@f+uGQpQYP(@f){A3ndE{3i zMt2PXx&H+cTD9R{m7|Rm3<&;_GtLC_*`_f;GaSYSsp_?Y!*oaTMZ+@yn2FNs)D(1! z>9IqDt3xbo36)pf(j*s-!saZ#ES#xoLWAvUq}55mjL7_wf)Fb+#L@PQLQ5Q@C1>Z^ ztjmq}~flD^9L`JiTjAJUwAV%a4>P^IH7$MA9cn2(o+FVBA>LI<~5%xx& zUyx}DFTMK5FY`6)RZE8F3Zm)Zp}sV|D&c`wvjk2$(H}VpMNQ4Qt{EwtPBBL+_~ND9 zHV~VgM4^vQX%?q12fHYs(2ZtvVOoqk$HT1WP#~f}TWI8;l(E*0t+onnjU!N{(fdkU zV7t&;O_t;BRC;dM7Or)%gLmB1Voq>(2bJJS0*(m@5JoawHr(5%-oqZ-wx-syQH5zx&pgJv354vcI{)q;EnnkJ1wT|@lF(yIHo30GEHfGvEyxk_m3VEse&K&?tJNL-b>B7c@$^~B9|3ZS@_R>_nCue zSo88Ob1kR+=JQo;o_;NUo7VqSW9uroLH~R4Vt>D^{|$#v`ro7cKArw|At>e5R~y&< zGzES(x}P3st>yd1^&U8`3I9C7?=H**6kka{{Bi{ z0tgbR8&0)F73ycI5|>x0RxP#~)~m*fMtWk2H>@377}%o$BuzqDC0}5L;9MHA<6;u{ zb_oZ^UB{-45PGJole|$gMET;y96pev#eKTQUT|E97HjF=RQ1&7Xy1Yei?1GFnp`+7 zp0WQFLr$9$aAUTd4GIHo@Ls`~qrp1htzyV&31-7)96g97)_p}2P92mr4LBO?XKubR z+37NS%o6Gz(0KEJ+szunI{VB#k(Sw5HQ#O6Femo!5-VGX*?-DaEzoaRQIku$R?K|9 zsu^zM_8%Hg=u-Bd;o$IKSh4@?9X;899^>~3?LUH2UVZgnj7VXVG)#+W%Af&$Eh(XAPRbvoZY{s!c)R=J^jY_3K)f<&QH-peCoZ=DY z7vFA1&`0_$!r;WiHSvnF8To0FKL4? zQTQy)Vv5!M2bjg=2j(VQr`H@#voQ`5J=;Sr;qve{xzdUDS=r<`Nn4oY3bxc_j8iRJ z5WQ^Q<0S3nWd%2Afm4V)+1}a;8=JGef$%ljh}zf!?^SF93hbZT_NE50#JaC)d#i!6 zuI){M{mgA|tt~Wl67)k_Xf~|p)Q+LaOk-@Q70fgbY7$+flKgp>W_`P;Ub2U`i+*YY zPs4BH_CKh=qtNzcYH~YaLAJp>; zdUzl+UwJZ@GxEXL8!_>jkXH2gvXEKX-^+yZgc#6cw7Q*ezxD)OG|%7v=R>Fxkr*6c!R^s}*=y^TOhheNKjk z)x_t3_+dcu;`2lxCQd|EELh>W=*+7UTgHi}D;!%zcy7tON5?(=Zqd00r951R8k7lO=V{*qaTAjC8Y%9LyNCeO&-(OV6XZo zvo$rJpvzezn&BA-ot!9H%d{0YtR>KLC(RDCZcSOIz1=Rasey~zhO}c3XMsLl+sCqi zH*BghhPWiftY)-Y0BB9imAP1-xA{sNJ1QdKl1oq{Rz9FHWV7l)>k&N&_b8ga%P&Nm zIS9zg)vdXJZjrgil8VS!oCkRR8Nyew(rXu4Dkd5~T7l;lGj!KO5UGpi^)5h1cs@d}R+0W9+R=W;?U2 z{H&ctw$|a!0&+{{+)JQs2@sSX!z}!b1gg+wBQWC=?@kxTgo+ULHtbYLm~3v=^MD$t zrEzp!P82(hUsXRKzdDDeO@npj_FB2RjUQOqSnT!!t2zk=AvcYWOHEa7LTsKSvuW$; zv9Nr{$w`(@mtW7ks8Lh%jFZcy(EKc{`9-^|n4xt%39Z?#x1i=@7x?S0mE32W>a+fBTK_lCEo}v8(Ekr!?3eZby}{m7{NJPeKAr!UQinww zQ1nNns_RSH9ooajKBe(^Fc8dTyDai`bpddA)UDI?b7ux6BJ~CXB_`MOHr#A)!@RdP zB43@PC+kQ%=f*XJYU$|GGN8mb?DZ(!Mvj{)k)nvIm8r4Tx-jGm8j0GW0u0y zOg%h|Clz&}pkXgx=vuwVlfyQsXE`+@r!rOdZt-q!9#idDy5$lDjazay@0o22Y1sJZ z)24acO;b`eD$r5S9-eNR7rNKHuP`Kw5hkF4jJ;(xrM-8`Hp>;oTVu!71y@RuS`W;y zQFXgk8R2fB{Osr;Oyf!Qw)?Jf&;9HU=Mke~JE)_~YBC||X~r0d3!`GUTQ=O_ILJAN z;ut0SiSDUx*5IQXdKTZk$INt+tU;sDVbD#XF8i{HB<u;u@~gM@q}=%vxRP^AxAt*63SAJ_>@Euc&nfpPW@>ZPj(R_5l+K9b>J1x zaU68EP)sJ$zj<346_g(-`d>R9dK*V`L}U0;po9{_P!z_*>v*rOf4UaOQ)dgE0s*4; zr`IS58Si+LFzv&CCHft2^c(BLfAxduq%Z!X|KxXZzW_AC{%w|k*1|hqc>F%;eBq7o zZRZOwoh6+w{%>asy~ix18As=@&UnX582yF#X~zo#g8Q-^qrY^#I}RJCvxUOh1dVAF z5Y`E2lm2IGVOV+pU!9%2x;XP@L31As@n1(m*|+!q{^5(gr~UsJzb*7tn8tV(>fP`< z95EqpoQl=%bWYF@-;!u%KmOOYE|M<}0gq2*dHj?nq0jq~Z2FU;mo3p|2Q1eUMzch) z6iGuUqLa`^Ba+?|66c7>@4QZDYYW}H{_j^;ozBlc|14zUPCyb82PF1GqU3IIDjq9% za6&61=rP*!K6oFrzYOJJO4mIh~WvNK?b)B z{~O(~Ir>4Gd(aJzf6LHG(HfoN6i0MYEVP;&&!@9KiBrN77ILz)3xZ7X0FfXB0Cb$M zrvt8B-19ii5$bf{Xpw?X!suNX5RR~>6m4xpQxYYFadbZo{VDQsEJQB2Zh*jwI}*_Z z#pGU55z2%hFKM_!wLAJ~Lo*!X31MERV-um(0i07me3y*~P7+=~yH!uTfZX*Zp$8<1 z=zJ!GQ6U^l@bD)cBiK);5`GvXKgxJYm?HQ~MnK)?VM=(X(?g;^7L$~4H1ziN|JLbA z0Q=sT-r#TY8=;310R#TLPKY1k2!(NyrHK1eGQ;p@3!TsKgj`XY7Bs83f*`MSo{(e2 zLG9`w6cFyS5Ol9&^a}O~(#;K}G890Co)uAF=w2O!$Ok-2B65uK-PP$ByRf0FtGp%5 zo`f%Ug9%v?WIvvS@rO<)#gitm5>ARICYYf&Jo1LUfQ&*M_lAQWJKFDbk}QfYX%za6 zxWZ(Q=Lk#im-&bJT^9&e&rhOzJm=4ax|HJ~=IlAx(9`F;^43b|38MM=_zg`j8Q~;O zpG$n?eLpV{!i?d02ca+}(h9K{Q>{ctbHp{$u>>NhGDlzagSLxEAI$R&$alO>Cm^HD znC_9h60A&(91C2(gkv!g6rd=)CE^Vy1d$IZ!zhf$l+7fIkmmw77fD_g3fex2 zQ5f?S$39WOM&!7&m6N4Oaa$JSx9Md|%zw@5Zy{s(k+~9`EhLAoFao|S_SL1}`aC7E zPl}zTE`l59N#CBz_Cn~@usm}T#5{I7Jf#dz$Z3Q*Z=%g_rj$#AOMzgD-qR?X5p*p9 zA%L`t&c~Yey1ni$GP`*LM^(40cy17KfhR}79F9xLt;L}i#uE$UZm-+vVBaU4U(kRw zp?d-?(ToO#!*MO%R!3I^2j89xWQiWW{3h&lghJB<_flE;M#Vw~ z79@R=E+l77I&#sstmTmNx`m91Elt1{f*Am$w?GXuy3J|!%<>~D$QC4%hEbYUIPH(5 z41CsLXLAMpmdr13B4oegGA#8x7Xu~Cg!qE<+>$wPemDrko7m`CybR+yBqaWH1e)5S z$(Ev6j_MXNk=;Tlw5QN>oDnVn+~XKF8^pYOdgUuh(;nuWD9Smt7Hx@Q6g}gu+SE{!_VxZxj4$MsgXrSdHI*M|og{HuwI4 zMn?xE_VbXGBc9+?l=!#)@sG&$@TU3Z?9hEFOak?e$D9Y*m#K4 zM1#ZG*nYEMy7cPE5i3J+B@2Q(!mxZdVRv~;<_mkgH7wI@J5=#jg=6E#k1&6oE%Vv} zrnR)A?9Jb_o6vjn0#j|UH*aswuD$d_YUyNaTo4Zik9$Qt7_M+h+&1TJlVjl8*Tt|l z=VQT<#+3Quc3^YYoY&ea2r(n35 zDHuM$6b#E#pqK`FmrNKAgrov2Fex34|LmA{|j zG{^m(FoHs5(jn^Fw>%I3yVL2ROGfU%nywylIUgZ62b^(&ezql&pV7AB8ZZx|IU3P) zDnHtT@$Ku$HvoyHmBu<4zYTM*3R7BF5RIexj)#8umN2r|-l^@Jf(CFBszLRDt?z)^ z>*H7uRe)v`=BQA1@rY(}Um1A)EHBQzP7l2kvmnJFWmf&Ug45l;XQ4I5zxKCO>mDH2 zQ)J$Njp*>krY3<0M~PH_wXppKOe`GtU%<5qnqrPdLU^YvAcCNAluYr6q@fQx3MAYq zozV%2iCFo2JeP8?I02?4w-p+;F-2pif>;B>lob=MrZT=r^EMa6! zm}XQz(D66~qa!p6sGkYV2G(rx=DFMZ>2Ck0SvZjk+~3Oo*~>WT`Ir;Fqqd296;I^i z=`o}f-R&!CdB@2(i%=BCw_rW}hwfYS>6u3CG)pN9am4$Ka2nl_oYw}lf5Ne*oG&|uhvt9zG@1XmIK~dp zSB&Dor!(nbloB>WUHz;pR|pnXKLfW;vF3fs1d~TR8}Tp*F$*E#km@c#SsW;r_>%sMLK$E&l{j^(V(kdb$9-|BdBkN=RnAUe*+Z(gCHM#k^lqo=`4vtsf6ppM}hD< z|DyoVQHp_Qh{5X9Qnf-j?Q~#LkNf@m`+E-qiXLT?ek7al{_FG8vp3h^qWaHH=Up5T z&Wq!AG}l)ng6Bv09tl=7VMHDgVT|rsn8K|!r{nYV>)p=x=QrQJeRqStKe@U(d2@4qc8%U%q0_f-UY*~ZzkPF!-hPcv z-uw^x?)=TGT|`1@6#M|UvjV|z2Eu{YxhBNwTpP=zSvT}igyTtuCj?FC9bqwC;uAIt zxjb!g9CV^^7N&})R)*t!w%659zYYJ|-2aoAFLqeaFV6j?`e^X~8NPUNSi1iozIgHE z|MMt69LH4gf#VKBK2FI5?n}<&F~dA%nat0P1A4L~-DCrc_Lw!%3kN`eJl0_XW&3NqL{A z*uOQoTR58-lmxGPdwYWqd;14o5>Gm}WDcItV#x}!@4+mP&J2gK5LyT`*3=58K`3KU zfs$cU(6px3vb?i6&6qDqrSao_$_VKTWU9NPlheVG*d2q;YWzQ<{_RpcrpfpX@QqB&n-uP7TU+{}avzhvPj-t-FevS!n1VGM zLU}?iuaSiQ%EG{OG%G&dRhMHR7Z`kO7y00GnK7x)OH+iMUs-gl0x1x_!=W_)P8K4o zT*$5z2i&dtOyM}Nd^P0!00f=X(E{O|9nE2DzBT)^KhJ&h)Kv>yv>?oLKd&l86Il)I z+I%Jiwu+0)Hs9%NZFMA!W33xpgG_W=Ag@iP{t^HX^Ni%!Ht9Y1HiQM-<7^O)gKl2SCo zw?Oo>d}NU_xaC+QMucGRrzGgz?V;<_(__TQjNTE%viO9*5+jeke# zN>ERx-e@7%_31qc@*BSMSKLFF;Ib0wd*fq-vy`H3A@I*ps7H}X&mWe>V7OB5u|hk^ zG2hu$*U;NaQGrj3x=x#9ROodpQ4C1w^J4LK;K3TFE)2(~+idoZbe0scDv;2}aiPRTfnI7tP- z;sfoS8G%abV8bhRxoPZ%8$b;gfKu}!s`pYlA&8z|}u2y9o_s=1G(^u=9(kOp?D z{y(J!wF+c>sx|k9c__{b0q0oRlXyf(vZ#N|CLEoJ|E$}yfTX((<8c^=>D*#Sg*B(d zlk^3vVeSE8qhLaak#S+2m}Vob-}!XbXH{!LKgAQ?H^>$MdbtqtL!fg#U7dY%etmQG zKR>-Wxj6e*1qFw^qe10y04A`@x7X)4Zxy%#9~WT#y_}=lFj0_GJgKx6&$h$aEK8-A z1)j)Uos5X}2J_WU1x2aYR$!^eYEAF)Tx-4JSFG+`VO_NHqy$ludFl;aED!Yws|5aV|EoVkOel3dV)1 z(>`)K?VDC+<+$&%A!{>(76)sCGvw>d1!w>`YyaHl$CejTc}MKi*e3}@Q0iUZmqzve zR>DY6tO*Hv@{!*0wV?>m<&rTSN*LD*4~}9ZhLoPj8SD6EBEnXoLPF+r3`bGuSNK_L)3!~|e|0AB1_Iu)w83aGPHX={aCHsXTv7TAfm zfDXcV0&Z=ENgM~W5Zp2tAeqT%2xB^oG^zUZH)h2`yu~RF;B=XL6OcdyJmEDE-Kg04 zCWzcOybQv~oh}I|_e^$y(f-idXIc40pV_|lQpYNK@)-fk36410h7G6IAWw-SG|8Wf zN!CdGjBd%i5O$oMmj!1f-{dm7*1qy(&zo##(osgbQ-NQSpYfC`mM-;sE$7%0FGw>B zx`6j>;LH8KwWXvQwaNP|i#33b@#GRcS#$OM;!<&yiK#CIX1@l1NRvQS1j2~j%$nXy>ZmZw*6ygimP{ps(cvl;%&`1LGNl0~Wxp<%0%b9qYldc_2gRAwrIoI7a(I+P3EN7=eF< zJvqndu!B%}oX6;>gHRb^dtc`C=%g+CZ42Tmfm@Ec?2qfAHquvHKrJY&EvS|>))rh# zDyx9&*iTy1*UgxAS^IZ!Hvp_9JU*@NE5F2T$4UiUe)doyUnrZ{8 zB|ViubRZ+?|r3iJR)PtK+DGCl;mV2k3F*s-G9-8Hl~BmIN|DQ7o4VB31FtJr@*K$6T$R+ zI!iLJe<+i^A)HyvSG@+CPYSk-LK@BABJBH=>2Met>nj);wv&Rv-LgQ$G$y+!#xdPR ze1@ZF7tKfzX0u%sVKyPV=!5$IJ^7CvPbPj7|AQ220SdHG*hXbvzgDTurMIh0W~QPa zt7diwOg`s+8cF)P71I@oT_aR#UZih8vK4sDvN85a1I#Q*BFHR-BfyxK(Ui(3Aj?~g z830(b_q<90+7CcbPZg9)zH`jzF_K1iajwd_(as%}QK=USh@jm;Ny$FVckE|Ct@)=e zQ$rKwnkIn-R9g#=lh@FqBT8%J}2$=Aic zZXSX2yEZ+7yl|tosQKl*f?t zMp8aQwq;m|Ela5yLg~5-$$ekpEYVV)PJP)&Ume&^zoUc(meY~(?*~QA@NClfIXssP zB*)V8MX5!XG(cEAQaX=^&I>)|XZ`YLrKnWzWPj##oc=7t_MfMi1wSt}I442Bg0Q@*MoFvFYJB=;1gG^Cx=j*6>OfG%z=5=$Zl()CT9_>XXew zWt_(ljxCUSLjzJ?^vxqH{%c_+9+XhBE{dz~<$2>m7x?Jf3#9Ic6;JLqVRK975*c6z zkU!{j+qRCB`d2U6Y9TDP_h&@pb2<%}&&NPxoI!Eu~SOAm+yS_eNJs z2!AQ8Owk=6X7pa7pOhvvqLcY`B4o8w8uOG1C<06Q2FX{*d{@O9aoGy{jB<|VG-J76 zJf6{bqRrL406d|&htAyI%u9_ww@~%PfiM2k(fn?zkk!+XUiFcx57KguP zB)?=2!A&Qf8{a`%6-K}dG`**?x)3alkbsUp;j5IdpWV4WhGNUv7x^uhgX2^%A zAgP2wR`k)lBpB|N8^?qM`V;M8C{6QIs0p(2jueB}ef1JX$Slb>Wo29?IZAOI!eF>& zWDpICmzHmGqxlHD%0jU#dun$Y7A2jev6lmv!mfo#3CWbOSs24$zhT%Xm)0%dd91JQ zcHs(3#<+!dB-Uw}X6C{a>!86BG!alCeq$+#x5^m$TL!K@IxaT-q9K%qE3>p+rwpfL zGMAE5L0g79JmRVi$UXHC1eXZo$vb#j14^|~pO$Wr7I;^-o1cPLanql_za_itsey#j zPsv8VNWy$&jzehv=HI2W5bV7&Opm+#gQYzUCQ}gKg`U0@Bi* zVor_`DCx*2EDgtkQAv?ar82*HeO>XAQ>eiM?IZUarMHA6g!OL8oXavlTX|O9{2D{u zBg&N5dtZL3pBL#P>p)dIN?FF!O?71f>sZ5dxb?|bU&tg`y#qYNmK=y|^?S{?+w}dYwpbL-kkDjd*UthZ{fBMe!I7_x2Cqu+fOx zvmwO&(_+M>IT3GLPKbGnX#@T2r>2CinxJBkCs|6lj|JZ?nL5?evIEh~dE6Kuply|q zjw9RQzgr0k=DS6MJ2t*$QXq_Q9fW<}{G!N`+Rxbn6}SUl4yot&qC>GN3_pX4bM zE)-1_Nfb;kn#%IS_xQuR*l4fFCW{+jbdq2MNy-3yYbkPkl(EU~LVIaxH}e~Y$K%jP zXCD&EGiD{EP{x1TuBRSKk-sY->^flLUDca54;b;!f z!5SkKVR4>|QK?XxH*aswj*&m5l*<-*nT>z!4+eulZ-4K_(TjgNk&J0T%5L#_Pxg&~ z#x(z=f^EqJsQcgqa#H5@wNoiCtLjpI6iNph<$^PzyZZFuLTwXT4P}VYEDm~%jzSq$ zgx)J--YI;4eu=RDfpxHN#a1C@RY;-t+b5A6z)XY;hbkWigqax=&_vyLNf~$ONVQ3Xw6mYAhTiZ1_zZ1n76u>E*&U3D!4lJ+p(^kP}E6; zl=e#9_*ver7{QFXCoN{bk$VuS)wPT;%iYB~cD4FvPg`o`ZGwDQ6!|kQI?PvPsa}T0 z$^w^f%!Wq(jdEzK^5LlK0sJ)1H2L04iJpcT4M+t3%}Ej|N`}f(DhM6qpIxX_0G8Kc z=6%W-B+PWJsWw=mh>c-k0ZwdpKW-3&sJUDls+wPtHpGEV{oTE z*l+D_ZQHi7ZMU{GHsJG6g~lkSlK(<3e8))$~c8jftp zRK_R0fAL?H@d&sZ={{QC5H}FoTf1PC{yi7`{3@de)e0*&9Lgo#s)%hG1u}a6YeL=S z>0^n(NN=stEB1?iM-Lb)gb7-^DGFe~|8Djzsw8x{#f}!|Xs%Jo80+k~2!HS^U)mMb zOrbHtQ1c9~8p6>JckEMNe{q3UFhu>B59OGskx$}z(1!Qz+e57g$q+dIE$w~E)vRNm z?44n>%00^vz`ioSiKU81ql8MF3~RJ#KOI9@5H+o5wnAI2^L)!;NcWP&3c*g>+AC1w zrycPMVrE7O|MlG%1!C>54Ec1?&r%IW$t<^%PGm*VvAIDn@M5psdZ_H~&qg-WR{mM_ zt_s#wfh5cyol~MnfLg_R=Z~)!8yC3+w@@EI#xUV)Q-(bLHGRyNNgA|PcQ{ajRe(KI zq);|`-vfm1uG=0-tJ(XMLkbK!$P|xc#`xC*0XlqN5d5YrpiMvY{KLANM6NY3*uLC9 zG6!Q0hZ^pxZB^^%`K0zAEL_EwR)w~^&T+}JN=0PR@)KGLmLTl5=1`IKx7a^u)ZAI-M3e2flMn+KJuR65m91LF7?xQbk@1_%@aHQFaowHsX!v54$q54MMBJjK2}J zX~Ff@7~H@26unCKm)n*L7NnQS(w$1u8_z+;v=f&41&WjtU>8{P(NNg(la$!#?cHk) z>&4tL&CL*=T&XNbEM+%Bo#w60&WGps8KlQ*H@9Z)C9u#@uFbMb4S@UI&x3>6VH3D| z4|#RDAw}7osqi%Emng&^0w=kO6$q7{A^pdd)`_FFg_D?Q>MMIgMIN{70<8^} z=6gZKrfXL1kz^16Ts}z^znVo-H}cR2iC4r3wC+ZBy`08QBMX({?d^gLs0>PD=*7o{ z2}rNgK1=9^%0t>NVbVMiAs9xpWBlIP)C>IessuGO0s>3-{xXSqi|^~>taS8Y{fop*xiTM#V=>x_Bpf&e({%cByg^5_!&?Q%s4Wcl>_JDU$)f2RY$oJn>op!<_VxtBl;~#* zVcr|!!k?7Aj_d8fr?f#_y5ADUyO!#BB|6yVZQ_I^$M_l-pmc)tdiJ^CvrCo;jX<56 zX#U#ZlxoE0G9weQci&>8ZcQNIG_kkE;~1>{y4A5lB&{Y=*sLJhMXf?4vnu1bhq~%6 zWuPI@UC|f6k_lG~;M=H|w~}=^RDgscYS=^(&pWn7xWFnL|40P>oWyj|`cK+avAgFj ziS;b5*m{$2$k>>_Yzbo|XR65Pf~5+dM7R^zB(KVxK%??b{XXCVR{Wt z5f%>-s~ULAaFa%oc8Ji~`M-D9vG+Gb2Q6(E@DGo3U+fvAJvgB-_cn1&xoTbKM)3(> zaoV*Izq{J7m>_kaK{)8_*fiqJ|3XNdssVmVKXL*IiV9g+P^5NxyI8JR z{3e0--a_1bc-2KWY=p+|XiqGqyM!nn=tU*SG>u za^NcYQ6%jh-sf6c(v27yu2`Ht3hrlEPd}4YxIhg@&0^Yu^lpY|)3mI*To)9+352ex zOe;MnqlZ8yIs40m%_1!!>-6(^YxO4NIwPd!NHY^%!&`%arp~2WOyESKyWynImd1}e z-fQe|kpVjN6|^E&J*E$K!ZNEv^sR{zH3(#k;{^25z`MZPdtT+<<`HvAqjBX||K|Y4 zoFjZ}cY{sCineCIyDLSwCk$@?8fpb6=473q)Urt#&0|F-19i#ep4m8VeagfmEuZ+&0NMWJ%<$JvZctK)ed!6JhnBA{>gbQkE` zhY>Ro0MNH{draBuo7)}g`|jJe126=1eFb1Z`UnMt5Pa)>$3uf(F$6SyP$OK+-Sd1s zAD%<}_m;sUCVb0-W_2wzyEYPo_xAjw(Ejwc!C@Nk5(pip*2vY?>D0t2fn1<)^0M=f z5;vf{4R3)pg>fqVj>lZ9%#PQ`)@1v9#ubn0iQ3K0#lUB09{t%OTcfzb)~j zs{Gwt?2{_`H~+&SPjSB& zPNB%*HBQoA#YG-Uv>jMz(H`DfP)v}oKZ&d(14|mqMx}qw2%VI#YLX9EoKD4GpOw(N zdu|*(JE2t4U%ui!ufiRq(NL0hFfgUk`1E*LOj1FDT*QV@_2Y2Rvlx0#++x_OR0U(9 ze~@!KSpc-8;lJ?H+-O;vEL++zk{`qX_J{4MeoNS6BgxS@>vqJ)Jy z=O*dz82wEk-~j?(WZ@Q6e}7jna^pGEt03e9j&(G}C+$t=QWMuQpVW-ZucR~%Z4VtV zbf)-u!QTo0@&3&gNud}Qa=`ZsDnNXBUNx@GK_3VCsG?||F^Vzent@xyCj5;xl0x_7 z$H~=n&p2H&zH6i&!5kYg*i^W;zb|X`0N9XKYQSw?4H~-Wh*km<4XSjLhefZEc#`Tl zx=v0kar@bshD$bym6=S4A&+&RPj;U6Og*s7w7W9dN=2QuZ46~|73F}DVAL2%W4!54 zRW+F)Kcaw?L>Le_(;nw;__R#}(%k}-c{@k(C4K|YlSdGQ_8`o8;`Y&Mtw2>6)$wkqPSe^C^IiHq@ z_9VNY>u4aDZ(^NCIN1$3x+>l;_Af1kZ-9klz6kE91v1-no%%PyuV`I3se3@*_uO8> z=MNBf$LGdpj;m-avrp*tdmo>rK4RKv=R#Yr`yJp>^E+oS^Kn|p7bj%jj;D>6>+89) zF&%LsLozr@aM=zL)c-n!t53VItLgP6MuI&T68sXW5jgtC zc}>$4G*PU>a^cXat11hJrAbiyL|MtVvcRW)(0{oIBxOBsz_n8kt4xIMG=D(krlYbk zwfjZ&>16zuvLECP#A8p>o33;bwy|b(T?9N|Z}U1Dw*6Hi(rD|1pNA*QmOW|3IU*x| zZ+WO`&TCF&bQLBvE)Lb!I~-f3K4wq}fusJj0hM(75Xl<3&bA1DAIAP~ds0=4efMvg*D1e~<#GX2 zX?>jm{O~k51Kn9XBL=<4=$`6$Nds8P9wqU-G+m886)C(%4n@v|QS@ZsNz&aijbqMkFkN3$UN_K4;M zQcLi|wdkd$A_-35mRWUL-{`cB*e^5DkDShr^f=C^W4C2}5beK!4FWhw2Fd51fgg0s z*!K&jfRJKF9T0st4l8)q50aDQ#EncQe@j$E7z-$m<46!roWO zGt;c|`|E`l?YTcTTHV#zNG5kiKJv?=p3+{hD9YHZDpc<1+ z#wt$&rqJ>$3(G)%hougw6Ip}31|-$-*Axv6!j<^oq;``_{<^4@d1Hl^n31`&qa&$; zzPpLw0e2nkx!Uq-HDo13K?UgVgT!xyY*A+dT211_n{Zx8nQnVp$hoDm&Y?%ouzREV zy*^#Xc#M|qcC6JwH}(t1tkDsD>J7Wce6#H+?AjN!<3r>UrNt$JUaI9SA^i8>N2U8~ za7od(p2wN3Ny7Hy@EJe)`xwc&ni%!d7TSU3R0qjkP~$TMrkrfEYM9BUOlXnlY1>`r z)5@~Su;mb#JT3-afw1++ z7V)4qVFieJ6`Y5Igr{aihUW?LHhKHxWLXqNTSdL4PAXOEsbQ~n`p8tX&e%3E9H5J) zw-FYCnj{q1D+XpD@ugH4Q(DY=tLMp+5d&UAJZptEq%uylK*whf4`Rm)Y-eld`d?lt z^P#oO6>Rv`BP7zN!JduG)zDF=#@<;_S%Ac0VN&RW#s1FXABV8g3->PtGTK7@nb8QF zLpqw8N*05@5Sbst3274~gJ-j4ql%hz1ndzA;9XfM)j12Q-?5H)jYQCY%Pi|8V`Xd` zJ{9tW@fm z*(SZK8)$eItoHERIuU)RDNtzwlhfYkTBpy|&6ujsX1k00` zHvYDloep>#{3MHM0^5sC83wRj7FO^LN96uIXA(v7pzFwR4!G6Z`RDP}*wC9?&2+cN zOVpBZQkXJr@KEZM$}7)#f0xJ@&M@pKWk&0o*xb(0+R)k9S&LbXcf035=ZA$1R}8%@ zouy~3wZ)_Gcebu3R?k+Xf399GPsfM*l}I!f$hKjAIof(Yfamih*zc9{<;t%F)8w1c z&+y0!+pOaCAvHc-EUCAE{(MnkYp*=zv~?JF6;o|=xTqfik>M;EwM{7W&14)yrkcD- z=+DRgH+3D2q!(4^HT21mGtne5WBF%r*-Vdu?5LrPb$dDtymW&s>*=m~(&JG)lcpF+_uOT!Gd!;2Qhy6h6hLm}c`^O;cYGb(qC;9hg%xFvE z_C0fs;?1(wv?2!1Vrh6kSdol|@pH{~1Uf-e0m%SWv-XdakCytXyZd~&;;;Hv(I|itgv4PQ_|7!(6wlp7J=la?&1k{$@hNe69P>%&xfuA zVrsF)ebjHbSkHMG`LTAVMW=K6$@&ld`LBLm4nfKsv31v%?;A;)m^@zEQ+rV5``7Wn zij$;Mqlfn2P4%nDhHg&>MMHP(%#H{Y$t#bqVS^7(hlkqBp7QQ(-6>5+$3yw72%!5Z zmrobBNx0jRHYpB$cqx0;&cS9i{lv~?MsCBNHh)9WC&@xAJ|C1qn0UWbKdUeSpvDUk z!rk7VGy1hJ`?a_Lmeq}a;Q;r@og17;fB`2va|}?}=qN5JigSB>2kU*=_>Tb1%G#mr z(3gOWT|`ukH~fbWV0Sk+9q=-=@a+@1L;m8!R-WZR@W+6c$$w*m0wHLtTRJzFP?ANM zF-DU42a0HZt2N%g6F82eGrudcC%Fpx2T{{yu|&LoIWDl4lOy(;?`1?inB6U0iFuk> z7FVGVB$YJWYUwh4v=LJZrI$9cM!U}Y*pzX-H0CzsI3}F^oJ8e!>A@`OB!WrwC#*)B z7JPFFbKwM}0Ap*Kn5)PyB8MFUU2>=~_}GCcs(R+Fl98LwpM-(X_Xf}APQ{@Qr^h(pma+$a!UvYV zX=>r!rZkWd?au{zyQ&Q8H>9Kn`p2m`!8g`)b;BL!r*C_gjTF_DlBAh%wFGYmZI+xF zbd*G9I>)%m%Z@19F?Jyz@MYSXH)tES>hF=XegiLqMQrV;yawIRL^F9^go1<8w-!P< z&$ih-DVQ3D52&iB_HbBkYA@p~o8T1x4W7Jb!&>?+uMyrlh9#8*iL4xj^BB<%Hd-V_NBIP>S-Won{La!tA8u}3-Yh`O-M`!iy}1x4e3l|0_sbq8y%cL+ zG?fiS$-kp$D&7IhI4y;7Epcli*_B)s>W+lJJd+Bgak6?zycl5=+tVmW1@LDMBy?9> zL#7`IV8d|h3$n{3b?#B1b9#H&PIn%t#?bT{`p~)kXe)#!h5BOZwGXb6@ZkTQkMeJF zWFcY6l*ttsJzg)FY!q{pq^RETM;U3*LKLCSIZ57IDj8nA8hR$f5K5N8=ZavyxAax& zNX?Dj<_;Sw?b{(vnb5wc)1w;JpZ_yoB&6+|c_)dav)mknp+A`EtbfoL>geD5YS$M) z--)Uc97#r1b7-^pSNLcQU9UKIHIq4wW1$l_n{g2V5>mdxof$_nS=lY-?IQJaqsF>~ z&Eu;Kmg?38$+Xu7g{R(SGnl#h+_Ri*D-@y=t5Dbsf2fCw3rS5U+RwS$~c`g14N zdJb|sQM)LR72mSklK-6oRuHuXxPgDEcme#8djZ7U|Lgtm5h5wKoC(nVpkOP{Rc2$b zxTQX%l?r72P(ha#mxU0APkRBJU8*O=9WmKU^GGK3q zOs4cno{_hwKT;gh`8h#g?&KtBxU(pbGo1waRy7GYO1dR~1@uJ>)B|Svz9ULrWB$BZ zhXWXHwjOK?ZL#P%bHaW!)T1V%(mpk#pzkL;rYC}~*&{xkvA>+ooyO7;6>0D5j%{Nk>4jz7jWM+c~) z092F%;4K9czD{;UhX8<~z61c^XZ=S3Gu5_vHGbInK*|@g7Y^D*y6NSPY?#rSDkraw ze1rQn?WU}r3!X{%l(bdyRFLGj(ACf>37Ii!9Y0RX778K>ia>#8z&i%a{HjOJmqQt zQDXUAOu>*h(@o0{P-hs8+9lWU1&vVEe2ZYPJ-s;Pvpl0z1AW_+0NqW5uPsbmgaH^oXRRXY>s zj})k|pG`3V3ACfcZx_iNXYk)&RCl)S>>OneHHA%_2)rs{R?YGueBOa-Hi-LLv>gkYbjMQiw-IMv^ z?W+!H8@+k*jos-M?Gg6K!-@Bgq%cer$-!v?+B4R}f!*Fq?ti(U`!+GFMXhjKxOS5{ zHQyc_a2*U09~%&vp28vvVccZUz(6CbTW5oVG>C>l6U6HiVMK5kC8i*SmYZ4-?kg#v*uJw%&0E+_JpD6#>4>)?VSi` zNHJ9GWpOo7__NlUf?5^zV?plqC!|sJ%JfY*hK&(hiXY~F*j}Dqe~}=_-Y4*F(Jgwd zQ1P_%&*yxCfMgokj}Y;wJcE!IrZvJOe-S&?)MwdJE`yRXfb~~_!w*ItQdMg)BdjW+ zP>EHf3+p=;pk;oz#>ReaM)NEzxr?KlmYOydJSt?`-k1=2WAL+Gi*T=eueo??8 z1rR;?(9Zc>)3>1GS&71^+(`4_Ds?;(4FnipR2{8gK44BV@qFo4E=RG>Pc91HXcxOC z-Zm>uBEMaLJu$N2t+}i^ucu3mS%{#HdPQ7y_d_{>S%FZlVYV*8DAl&L?Rs*a3d2kw z?F=D^J@+{i;v%4@ebg(fi$qs_x1FvC-_(#*E4>4xHhpnuF94Jl@AZ0ueafBd&eY4L@)w>jAM5Z?Qwt@9 z(IIQTkT>J-_nw*jXC{Qvn`1^)M2m@0owqJK)`XtG0o*QGiveohw%so45~=_`QhaU! zu%1JdTD?=X!HOp@&G8SjVq)d5OkzuOQiGVH&hV>5LZbl80_KeH0Hh|=fit^8CMn-t zH;7vUyV{3!0qOU)dJ@_a-OH3WnuoQ^8@r~O%;%s#4J*$eBpbFN+vpK|{c_3#wkZwU zFMa}0>z`{879vKu)KSuJ*ruXp6XMxnr{d0$KZ{xDPi@0oHGSSNI^%0El8T$GG6}Z0 z%$YRnGljiPr==3;wQ84j$_+tXHoo%wQRT^gMg|e3?Ku ziV}=R^&-S`*!v8Rdo9_D{Q@4XI&o7*&y};c6Q;=BH1R9Ie{`O3<&v119lmPXE69sY zU_bcxv?-Cv9O=rc%aKsEu`1N65)RzcP8rA z4peZ7q&r|XM{hbj)vrsowH2hp&%`h?^s`3VWVPmAljf7)qA?up{L+2<$YKAzs(1(3 zP84bQafcR5J}V#stnAwLXan4BUw`7am4eUaSu$Cre#2~Z0JWRE@$9lk9RgeD8jql^q&xzp7FIAtk{aciBTva@;kctrWf-bHgjFYte= zE7;Ha`TVOvg`S09qP? zwvEu|BMTnX%sLOqBEN+{8xMkj`@Gho=k&O>C^KbdQ^kM{vh3K;e7&F_xvMo%C2nzo-De@q)y;DZJ;PB z8f<57(T`XXT#`}gSVZ>XzrjX1m-&Q;RIqk8geh)d4%kmw#X=4p`4Fws6>F7~L-TTfcC&$%q?^W!mzoUMIvY zd&5LR2omv2xY~>g(W@fuVRkAJYK@MF|8|HKGSHM1y)=9+LV=qsGA1aPWGy*L#6} zBb3NQPOgnj$kIuz-UlWYqJ$Kf4qF3OlO1-?Jce@SuAOB3fjYAuQ4K)ik(Xd7DW{jFbRA# z)$>j?G#^|`f6D50TDv-!QZyKa29ge<_5l@crMJ%53LwA$L2r|eCvUloWV&;she_qh zQ!1musCbQzz-nzjPjh5-+vtycEN^@cOT)z%;L);gon_uf$}VZ~sc=Gc8MAKXLtbmh zj+%8y#eUpn^bllc{uo}bynNhj!$t4ldU0~`e(C$9P=49oW>Yv}e2*!GQo^H-O*m1a zBo{)9=I+P7I{6d(2Q~;_n1zluC=!@?2!es(Dfop;^cxH-<;4|3TC0(<6PZtvNwucB z-*#y}ogc5sfM`)Vya%iu za2V@LW(`^yHBjEAujIv}#j=zW6H2I5PI;ksVP*eZ02#lJEVfL`w%t$@D=ltVw%sfV z3Z;118I0`2VJVrz$76EWVAgS)JSK8QnOs|_;bkT+R9?YSxDASP&!9D;8ipc+#Zcwfppa!ljgG0r;sW+sZ>Im(!e3tVXrZkk zdcuLfATGN~c_%KoUwAm`0-;u0vt1ysbYIo5pU>*iSg}EhTYQ*l`LzCwsYu7}RqI9l z#EUd3XFl7r8k`UiphFUNgoMTZn8TePfZQN9y+b5Z=@A>*nwpQ9Elr6c8Gn!>$M#C;L#4r*P-*hZ-S#(9rJTW*x^*pezWl`q zX(uVm+V9`dVNzIjjZCXB?t9tkv|872)s2bfmz8uygIefdu*mXaidE0MTHE_sUbxd7JWNQ?BnF(IHbj;12WcNi z)q2cDwkW}3@!|d3R{q1y%E6;SVo4SVV={I|$%|Ii5Dv%auH>V}3!pldZ|-G5!;hCi zn-qI#!4O+Kx+D+Ob5l4^LzudEr6ZL47s^bC%3w+IaYQC%TjjM`=NzFpBUSn093MjZ znN+Bhswzu_RNhH%JUS>GKAtxI!}buIj(PT7XsR%ZpsY{$W0ol%0Y1XIK*hYdwbg>* z-~@`$tq#GgC!>~-61XJ3bo#1-f(5z|@VYYs8L&|nVnUAkn$m9FnW&^~)+{Xxt9%Pl zzj~lJ1YGa1WmjV5@K{A6pR{%Qx-lm|`8k|abs z%KFP;*F~KrOv!g2=!vpV-0h5AtfF0{dB2z^jDCmZ#*^cuqnJ#nG$q8^PnoX!u6!0x zfpnJpBVO=u(TrT|o$|@eMzK*JRDoGVMf-qLFg>lAL#(@O_lPESw`qN(UR2W-z2skP)neux>=m&ZkSrSyDZxn7J+<9#Ll8T!XtJc$X`{ zk^6!U+KT*ODTZxLBxTtIBQ6kmFX_>aIs;>fkW}LLQ$Y4lahX$k( zuhQl=4V%9<1`gj0UkW6OK6MvqJ)J&OKU~Hfja0CVrvw3xc^iAt#DLFDEv`Yn`-r3# z6&{iuF>a{VBMttyA49~qkhOu0P|Z>W*5XJFMos_1zh+}$pR4?I6;ev#+a9T_3qya*>9WhA~wiB)rYaR z7)%%yNH#am3T|ub+Ya^tZe?A!U8kRO;^jlI8@%NMD_#_NG@Mc*nvEK2cm5K*;;-q! z#-_q6D;8oQ?U-QYnaF#L!(Hp5;iVoxGiaGtf0tL8!`;HR^uJ}49l^Pe0Rv*8?u*=- zktrf43t2I#G_@A4Js^WW$5jM(x7Of9Xe}e!qZ4sy=51~EoOa(!J0@xK=D^S-T4tAa zBu3i)Rgb6}*W6Gya_8dp!jnDOv5okew{kel9U(_y@mFbJ3Omkx=TBMwBVlrvf~>p# zSG?(CF5q{lyXJn;RIqXn0iXOJe?2lkJ%iE<-pc(_8SrHm0v@GqWm_@l#H+Nk z6%Ajdhylk!*J4e7z*RaM6=ROC|9~s=1(rw%Q12EcdHgpLXJG38Ru^mk8@O?wp=z;U z`0G^2P;BpLh}grT2%qix4+1(vlgp&#=7^~2HVxco>|0fp z_i;FU@bvAn5J7aiqk(&;*3(tD)^$Y|t~rTa$RF1zdl z;nzFDK>i^>8%qtvyik_B`cUx4rf=g!;DWY!_?AcMVm14nO>)!C6bFP?qk%tKqOS$= z@9g+nK<2sqSh@-l1v$#1Y9v1&Ba$g_PF6os&Bv40hbKCs<>hCm@NdIVx5cgOicS~i z1U@{H1f@7q6JwVjW!9S0W|gA1^AGzXk?im6bU~f#*kIqq58H?CF^h*LDhVqD={CN= zC{A^?&?M%N-5M^>fp}2eCYRKYYh5n2e|+WgceSbPF+?DPFRts+?o3U|A;h2b<92U^ zVo2=NQ+_=XxiCDZ7Nd4$cJ|%$Is?N=Bv@}DoG9GG!d_If(@7rdIC?9`>YbaD&479D z)sKY?cH5}oQaXGSJ_WwsjoNwQ)o`=iaXsd?J^{C^f{TzD`P86FMk~#Vyp7$9YJeD;E-3ey5Z>HekYOeLLGi~#5YeY1$jWc? zY5c0eWt+HpC3M1H{iVtVA~x*&jK>R@Fab^8zCx3QkhbR}AzMVchWMQm{nIPB?aS;Y zH%3}rnzxLF#B!D-=HmRoQlxfBr^avxiBQO7iIT0ElxR4vuJ(R={V32DgWhs;A22Zh ztYCX_Q(3-9HG0ZoXL0(r{Z}~fzZ^FFKlCJ2VE)o-3p;5EMwYncpQzYCe4xMSWn3!? zqmMHkLzwvJBOQ~#*{zP_l(zoHa7M6l<3O0rc-TS7F^$y$u$a6}zm)J$qUh*v0DY)j40;ErHNp;v2@PxT=nPd%doMn}Gd%aVsXx>>IsDtICYSKJZ>nZZw{rH| z3NDLU=9cd20tq{S6WR#`2YDU0fvr2738C9F^sLxxy$@E?S}SN-7oVa1N;EoCZ`Yzf zVv4gf(;F4+dR7MKx{74L`v%K?kypk|;eAJlJ-gXul2}(62LYMt;qi=hZ=NFDpt-X; zc}Fc{xn8eCRDGmS+J9V_vrFexmH61X2XQ@pT0*;1`bR@&;Bb;GvjQC|tv*y{fl5RJ z3=hTkB-{E=)QbVE8&QsGFvk5^-)_+}e`Q2UU?`K!uV{Yy`hN_=5jHS<9Y)li*ks0@ z3?^MPoc|PDV`{=vTu-z4A=#w%hgv&!7Je4Zp7F5}V#A}Po0(|WR}dG@dU!&!?TTHj ze!V2@hWcj;jWsR7weT+0yIFhXgUb%J_Hu9H3kz=5#ka!zUXkKfliGbe11bxreMZI4 z-Xz1KylBR(hWwpxsE%nc9#f&AEg0Z+nDKUD=7B93ezmLhbGVHg6T}H3eI6z{CaQ*h zt^OJ@mPF$mqT!M*xIrozP52MR&Exm!FF zlanm6pPQq%mL!u>h7ybvsd^7joK*E1B<0xm#`oqF1(gjf`;|r|Zt^)HGXn6C*#s7M_y|C7m)C&MjW7bugNk_R{A+cykv zZs4tADNbiQ&S$xDoUO>{2qjO^&b(-|Y-TY|22YHX@xOYp*}5Q~qG~@`=?%o6w}s0> zeS19%^gr_&2gTm+vX%~aX)xnT-Hrrrf(EN;42YS&9%d@$n2VzoX9e|p5qJ~7;Uk4% zERqp4G5lq0+|V;3oElsHiv%*Y^4J>@(~){%N2rkewiTq2GiGAX0+`PL_l8m$LH^o}Ch>I|)Os$SWmhAaz5Ql?~2mZYzwHvt-rJMNFP=G;Gc26NxDP)P9FMo3*Z zSi2+x;jk}Ic6+CQ-Xj{6WydwoGs-=hgz1N17`V;W9EMut#rnzonSV>*E!{*N_ZPmU z6X$!&D!j}NvL8~2r?|HfTayk7g}*}I_`iawB(s{4CsgeHOsxH14Ik2e3)!TXf*W3| z?wFR;^vThYPxdoKkV^s18S?h3<;$vOAlZGED&_sEY{yr{92OIeBhpE^fF+V8urg!33a_XA$D$Isn`iSOOm{8PK(i-$qqtx(J|ZcF$Kk z8lnYNkv+A%6>3O}`$~*DW}io(@9p0M{bccf8+sI0CLS4J`E%9uy@VgEvqah$RLM%5 z>}|3o`FLQ?i@)Qz(#HQNOJh-AI)J-N+{gKdzDca}J}5C94^^kE81w)63eQOfUAB^B zAq~mh$d2a8ke$;L{3Eh3=kCPI>K*o0nBOaM%~Y?H$uQ22GmzqQToN)7v2@^UV>)ff z5h5CR-uzxS;B3S5?<9-=K`H2X==h+CJ;J;$6^`bmIsJA$ z_O5YNMyqpMS9Ouc>$rqzB4TR5>bJ|XA&2#y$3HCXo5!>qdUl3ps2a937E;CvUut{)}w#&z5VScJweX=&4mdPVs#LBW}@`j8};Y97L3YB`18J1T?k=$|&i+u`~^ z$efI}&!1WQSSQ(HEuuQ!y|W!!mqwB;=vwtmE@|N0u4~3rJ+A8ddo3E_gfHFu30QpI zv&+fA?XMeF-M&+V`D`C+4D;6_*7(G~o>^z7tM4}rtsgvH#Ps}h@agt^zg}5qC*7|I zNPNDq&p2Od_&mSf{j|(qmx`nqx;lOON%B_eePy_*V96L_3=$1Nj*cJdl?3#*`8c+M3l_bhXG7Yo-dm zRfrdP+1i$^BG?X^REVG7c`x;t3~P2P!P}+>tSUsVW!yJ=G$)q_bIa+LBUe5pWt}T;Uz^ zv7a`+-Gz78eDBj`Ab4jpGs0vNBuweIX7zh2k+wv z#OD)UjC#N5#6uNmB&J0GS9-hMUmG)XvOWybVK@$mG4f6Q=r05&G?Ar_mzkzZ4be_h zd!v(KcMn^sqyrOG`A!?-D%$)TrX@A52J&k&?&^L=&~MAT@%+GWSmu}bel*;4MM31& zOh%u0hA(Kj0ia-I6k7Oe1IgQ>9JE~(qk+{5^!JX~xOg=-Q~Qkm^5ktDb9#~s_DHtYOCQLc^HiFh%smO$onCPW&eLff{4uv24Jw;>XB9$;etYi)*M?Aq zRXxfUz>>SM4z0F`Fct+$K%It)vexctdE?iU5-TM`#=Wh)lS&x2@nA-3FiV7F&y;{_ zQNIvilKRj0CDxkDTjZZ?>Mqyu?*60KFJBuAjVK!S3o;`0*c>=`1tvEzhfJkZU z)M3;r6oYlvfaVZlbTNlA**q_)R}`XZlaaN$cr-w%#ahFB%X*R03|m_C1qX39mK@cQ zT*c5vN?qVx;khxMDf6sssLqo3^di`o3Cag&Ce8<&HY}ZfAF`K?z;pUvXUi@l1RIpTy^y(EDc>I8Ihe4P0ii zN7nQ@wz(fS+S^@vn%fs~F0?`3Vi-R2fR;>by6gy{)PYv|r2=`05qe`WQ+E_G+sIms z=sbkx!b1v!j+}(LW!b@TCK`{U|IIF?!B&nuU^B^L$?(G6E*{uK-vAkXWJ)NMEoBVe zl$6ju{|tm`x>AXNLLn~BaPcRPzd4+Yg3EcqLl+17=8l?(HI8)VmQma~e@I8xys=UXenuu30B@r1@l%A|m%10ySE8=m|;}#^g z9BJoS36JqXzP)jy+E=$)At8=Ia*{4yV%;NgNU~mU)k= z56{d4PF9j8T&QhvkVcBlCIrvWu%W)H>-5y?bPjP#mx$xe^)%?M6l* zqL*gbVG9a_iW9jUXk?0ADCt0_R#Uwzs?N)8fMnxHQ4)!={2nM2_<|waaFK=)75No@ z%)eu%@1vw}qBCe}{(?c+4>Bk^ox_pR!?UDfIed!!DdNplqwHLC-AYhSO>67t0zy6> zs{vad3)w?9G_%5k)wmp8!esfBXP`+mXR01b4r)K?*h0IVKB}?1IK6$GiN1Q#0X;45 z2m9_Q3re{Q`{5;-$qwlBq`Mse+n{=3S^_9U2i%3N?VaaZ$~YWZK5bE}hiZ~RVyhd@ z4?SY0k4Oy?ND!1zP?K3T-&)r7sdXmO^)?j#<%C~Gc6yAE0Ye({%UuU;x?wfUylr>T z*;^cStOvWbv$ci4wMF5`d21yt6xMOMIdTvQ1tq}@SmcLkK&8czOIkIj#2Kw*Bh|95 z-ca?1Y%!-a23(ZG8B$=bkm`fgzM;iEeP1p|B5}8QNZ6EO(=Peth0PwEC}_~`$D?qT zoeZEz5zWjbSI6j;S5`3^_q^q`aIvVS@+IuR?7s8z|U2*w%g{i?R*gPKn{Ay`F<|Vz_prEZPaa(Cp5t< zr^I-oDD64ZUy05fsbqYmj?hGJOE!U{%|7nTFv%QRvbkNCy(TF_W6SM6lN(kkE)c1< zqJGSSe#8ShShKzL)%H%Jg!Szkg_eCCSvJ=@wU*;5ASQxmp&QK|VrMWL`j^}O2F|F0 zA|G=cfsctc*&8KVb>=lT^@M=uX&p(l&M1N_jJ2}!aUI2$-G)yR^Gm2w>O;|PpDjMwQ@QwAP{giX<2av*!iHIe@&9L_0? zwH`|n0>l?wN{7G8JgVz?q_)X~qnxkS#@`R#Y{33cCz_6?EMjUIc%9A()s*>joudRx^fIj{;Thf1Ecv3&gcvZ1bm(SI#O*-QKaJ2-Mg>qIxR7wErc?o@CKbiZs<~(* zHwi1w@pB@0It;0taE_woI8|CIE}Tl;IdXcw_6H;K`=Hcn`FGzLPv10d7$BS$i*`Em zIMsw-BAO@(^?;4`XAmN2NQ}yBNcX8LVOZsnNvK7`obisS5|qQigkSa(UKn40Lc?hv zJLoehQ!35KKE`7~0vwZK^rswNdYj&+VenJ(8{XZtc6)73luE}`lDRgcAv4Z*gD6mP zfdtI)5shI)iCV%El~OJOJV=WDx z8Fl<47CIs#VLINP;;^+nmYc(F?3#Gt?PP1h>a#3LP(`N_&WhXV*#;2!Ib=gY#H?)e zQ47(N6D^7)JZ8Qen4-U$ZF)_W>7fFu7(R^x8u>F1-YI@lkaG;j!R4oP?KHuy5qxW3 z8}U@hhDyl4k$_-+_Vv%c0a!DXo=pLT$8$^MHP$eu|t< zsU9hEChATCGNzwDMDU(p(CLs0*xK2E?al4Y4b4F>wn3&b>ZHh(!*Hg($7%G& zruOhu_W7uvOlUtA{5R?+HgdXVgW1GO%dYUA%EevA>?D`SEYG8 z;E_7-f)ef{knG)=)4ks$kDwp#J^lHQE|0sr&=qvb zFKBlIx=NQ)Zw4}^{=m9d4loJ3_O;TCyZiZHPxb0qTZ6aEr;((c&H;~Sf{iB${HM?3 z*JcYYOrdMvb@c*4wAgoW82O%>@c|cT-Byc{1&jzrmGWx3bESy= zSdGvEvH?GuEo0l;gmqP*Yd&>*f9>F$n==+|GGJ04S<_EGjT4;}U>b)EeM~d{Zkq5q z|1=Hop`uP8payGc)|3L0bUOd7Hox7$;PUd)BM73$#dr|vB69Hd@Zin+lQ;csZ}V@R z&PPp>*^V}xIo3)D$)(Z*$yk^r&my=KOl{j6Ao(b{B!YGVwdC0_O$z9-FzMr_tN%-H-5ARRl!}qZN z{-5xV!}qT@fU;zwbk0w)P_U~Bo8tcKWje3zJX`Aa2rDGfI91yIm|sv4sYT#sZ6#6A z!Gl&~zo`tz`;QeqN*}>7e52JFwMhCup7=bVR!GZFqszJ^X2pB z_}|UV&GLV@Hn(^FW9#|L%~#KNo^NmM{Kw|@^A|fW{sT5wInbsjRV?^FHgDWld2kQp zajvHAb^v^(jc_sBg~Mnhh)hI^2C)u+UA?=8>!{V+Au%&NXBRHEJ0y;?pWEKnx87za zpnA{4cl+?xXeo|-sul<;NNOb*+lAf^hcvlVD%-H2lY1S2(}Fvb;%J)lBg+`hj2P;5 zCVWbF!OG%}@uI_g1yIeGLBKB~ZKDqPm`nSuKPBSai=%PpoX*g-X}8li@OJtzp+{(u{p+l6-vb@VNp1cYKrP_pyNgZ*ISQS>pdMHaB-3`Tt!!Ymf`C1vaz> zCr7XUpT3bf`iJP6Ibu}o!v4|z!4D|Cp%`2=-KaO(1H~2S4h{zguZ=4uIkWoI%{hk_qXM9+5+^*qE`0YVEsG3VflHUm&6rrFn|4TZNGT2Sz7p3R{PD-&S*L*ov|#|x2A@B7I;s`8VAEYZyj40SYTQ$WTz^7$AurZBrb#N4 z_NbIMaF1*qzn;z?e^{3n=xTcN93oS-q^BC_!g|2`1iI&R)`jl(A3k)Ut4X;F>mic~ zbidm_?y7(PPq){D{^!pc=s*7G8*h+BJ*X-%>g$3AuT#OI@rhawX~?4Sp-yqBU%$~7 zWgcm7kT|n~SvL+eD7?{Hqm{X>gU30Y?ZO{_fOk%3@cDBmzl_68)Bz=xJFiWK&W?L; zM~zCLFP>-4rwT2pepDB51;3{}q2;ftI*kJR`jRTD*oCc*{m`$@+oCawqX|YvJFUz#5YZO{F_@0CNgvUJOcW%OQ{#-*V)#imUfA8s zC#DNt{vj{xV8ShqsOy1O_@33OAfcvarA)DQW%O6?Z0WnCt)Y?;+o8%9T^)J?LZ>{Et=C>& zzBP)rp5Hl1kvNvCMN=M%s3o5A3V$j@;l1Kf8n&k>x5izf$_)KWAc;j|B`&u_kS*PS z9J@!GVskz@Eo7xy6tVivmm%2tj{ob%9oOwTE7`0bv3A#6{PB1D2atyrYqzSzkoZgR zo12S8y2CV?aKZkqL%J@5!g{}n?&{F^gCcDnB_zbiIs0kCrB6aCT4Hq)lO+WAon_H! zY|*{K4y!P?UBQ)soJHfo#WogMfZR%jCbTZByt?W5kqRBn?pl*^@i-aFOooI+q_}S% zVWR3(uw>iDX& zz^^mYaZ~lXoa>keeQBV`Y46KUd`p;GS#VpmbRF)lXahqe=y)c1c$OV+=NqrH50_-7 zqvx9l%{8SjiN3CyMe_+DjS?1S1$Mk0Z&P2sFWUH3GX{e;s&p2DnnZ4F%8WWBuai&HjJ=tM}~Z|NHr0&pv;C(uMT`df*BY zeu7b3H|GH5}DhI#|?tgB-+J0F+|J`}9{doR+7tfua|3bFYI$SlN ziH@nK2x`Q|RITF=F^%MejgrnsNycozqT$jq+^o4&QZc~j3^v{&2IvVm@@xzM%F`?=*^qxK##a6&R3r-FW+Rvjvbet3ska-+Q>SwR44Ll2(RI1e8-?SA3cJ`i_L=v`_-97MfunH7p z`Y(AD6yr4YT?eN&HFAP8b+g)Bz&ibX$woXJP6c%%E_~YU!8(b8)wQbBY}M#8OWB$X zdf9N*fCtauSd%M@oQ2bZW?AG=eTjgPKynwp@>K5upR%O#x;v78S6z0YE7E9Rew0+$ zzs-k!jeke8$C&!Nz9$pkw~O+|Kgl$_fkd&I{a=Tgt-JgEAB*?@o$cqZ%J;uFx1K-l z|9A1+<^GR-olXQ##}h5*Yq37HF@a4eZtV)3We_VYV$~!r;~~}MypFrAJh>nt3s9$i zqdM5!RIItoY4SqS+^qFf$07Bw$!w#+Z~DeVOp=M0@GLvt=4KZ+B0-bvkN0>PvO8il z46uqW+TYyl<_d2G!mZnaaBB$&w=xJTpqRC7!=q-?Qia4FR_69wGb2?L^orZGBB^5= zJtWI}hhf7_o`rI6&EjMY>V``U(o+gk? z1i!Q@sp{AIwD%#~>Ye_M2nJHMn`EP?u?VI4#!yBT-XQsnvk0%cRI%X75o*(}*3Y(Z zlYHMhlpjsxMt6UDf-oAK?(RYNm*{B!jb2^YB4?mGP@R7_cIV zfAPU6>$(LCvsHDggWPMVQK!Y0|5n}QkOpi_W#WS440sQ^|EsjuxMSX{X{ct@rOt~Z zscuQ#zsSK~r21dCRJJ^K4x|ORDo0S&9(41|x7g;0(kz|V7~mWZk=(NxIzd?<-edBV z^?=5L`Xr&juFi5=pmS~KI!eP(*OK-Ks5fUZ#(DA5lFY>Z##Ons(fn<@*R*EaEZG87 zjtK3%S4#-NQ#dWJ43|z!*d=!XxH#$;EJSPs=PU{iC3L4G&hG*`HY68@Js@$cX14Iw z!#L-~h6}{COk3r4@>{6Qwx`0SVuRBHWt%VY!^Xp6BV0}x>+a2Dr{NxwW0@*;OPDHv zas_F`ez&)>b?9CU-c+Ro#`F>Js-mdb6`f_)|CMs6*Bo2*%NTa4`8tR($Qo$x6ilw zZ=XMhY)D1_o3sDBj_x<#^wxjz%wPZG{@KUx`~Ckz`v3l=|F3V%xBNx#Sx?pYrd7Eo zXAZ6k+KHu;-96(9*HAE11OgBL-_5Fe?=Zht{*y)S&m$b~d<6qMoi=qpqqq6`L!`!{5opd?sB77@bNi z4BY?``$vaaaw+%dugYo-Nt#|9=MlWSV@|@%SM$q!JK~DX+HdAp`F!fgIgN7K%nqVF zl)N#&Xaw{VlPG+fl6LHFZPia!dvF*f9^fk!71p_cD4hR?W@H*V{zKVu7cu8ym|+Q1Owuu}9Cf``h;z@mPEC$7_1U_7T5gc38uOf@ zE0dG^)#U!xyL$_Kit8@d)?O|#J~3|Nb=NR^)l$uOCUpnS%xihXC58OE&du(8$C)j2 zc=HW|PB%5E)57n%hCQ{^l>DlvvRmmx6|J=AessON6{>85EJ}*4_403{kdx%)^YVAw z9g=Fb!z)E%H6q)5yVsHS>`sIdRE@`=;sZ)VI-SK7@I1SC0c9~`u)e=Xrj@Q1CKr)x zwVFd{>or&ZzFpcmzTzE^nIGr7y=&xL&!^oC?I0vlBDc8_J`YQ+Es57^^||*Uu7TcL z$8LsPpNgbEB@r3piL`NOa8hm|_dI=j0+Nj*8gx_zHe$Y#sxWo1+D=U#OoJG=dgqvq z@=Q@~Z;Df4#@|%U+rS`su$E0|-)&~`88~-KxL9EFHTDh>Wk&m&cNquFLQde zUMiYZO^Eylok5}LZW$4Nm?||zAB79W=37-;P`ns~FbQR!_*2^Lx$Ny;yZ+;|8u{OZ zi@e_X@AIwa<@|pyU+p}e|K7=S_wv6Z%*%vC0TF@8KU>Fu3}xApdAQ@+;KsUAH5Tc7 z&+kef&W?kg&vyNny6qLdn9dweKkGxkyJtCNC3dOa;VRpgdM!P(du9@C*XD9JhM-%fA)IpQ2;>oYtjFRNYs_8ki zVtF;ZG*>*Trp_r9=rrJ1I`i|2Lfl&0eXk~>ajzn%*Uw{ZRM)~xs)h=4IH!u8MX2r1 z&Yu>s3sYBHKA*f|4LfgzX{$_EZIfBr$Z`&vd5!@^ap`R_?KGQC(*!ekq5!JIPk#c$ z=AiauOnuMhW_Du}D^WmR_{9QqxJfar@jQm&L`yGolg>{R0`wBSBoSuW4>^y4Ur+(M zF`HIf8|aPe20bgJfLN)r;0gc#JBnQ7MS>oB|ub_%$b zVLfL4`87^A76dKt!4=xL|4F7{Ex*(Ycpf9|*)DI&c`pWlsIP zhzW&^b&(C(eOs0Ma6yG&0ae^lq>&FVckoX(JxNC+_6fTErqpEzf+~qppXnl)3TAuq zM~uiaoaLbF-E`3aj8IpwE}^er|1Yvz9EkqgN?=zYXdDusLid|4bbsw$e^4Yt+$ash z8T_7-P|a(g8v#s|1Hy*hAa=+Lbc_uLHD!rP?*EK^~jHQnzr#5P~#Ur2=dl!`|F>_O6Evnf?m zV?I2GFs%xrx-mzQc{y`0$4H>~<42>(TIwkmZtYYz2PSv1IGxT}F>_0;VA*8oDR$L% z>C}qOIq-E~Z@iRhTV3^%+7Cm1>E5bCQk1dUE%Y@Ur7!=fz|G_q%z%VE%VYG z8u;)x>L)NH#wti)%r0mIib`qXbxtQ#Qu9mi@QSAmiDW(`RJ++IX+7czOsO$}+3lLC zc6gBbOX|bPU)13nfkr` z?K{?mZl%jEbYE<~W8I!@P>-VA+>26k|FzxN+}7sybK9W$r#of7XbbmtsiW-|FK+_( z&Z`%N=61e)-X3l_C1KbS?iVF|zu0ODbYZ@t)Q zp1}&}A#u)i7LmBOS)i27=Qks9??r)9HeW44;-8iQe7gwv^UeRd8I2d4d%5*|2^!yC z3i9X0uD+ee23kP=ve?|#_V%}}$vjsF%+W%|F?G7XOkaos`lX6O{MN)UB~j+=)(FroyiOW%$b?RMQD)!SF!)EM*h>$ zWv=J{z4dD6c}4!)da?5;|J}uN=l0*s{ae$FF`LY>n^@W^m`bce^@)jZROfb9ECXGm zl`36S>r;xW%(6e{Ie3?v>cgADi$NB9=tHby@M<4v1&uxKbzH#hJ!^b#&MnbHTMN3z zK7|LefQe%r@ihz2tHWk$J)1|=@EPq<$gIrEwRfq&UMIf9h zR(?rgLN3%GE)@4KV^k{5-%a{;+urO&3auEh7MleMKI@s)tp-7bruWMB2V>}})?3oF zV*NnMRG)9Ac(1SGcittxcRmuI3Q$5EM^v3V+YNJZ6@Dg<_#!AlavSCZFbpv&#uJR-_EaOoCE| z6e{Peg;L8ki$PT`A`1E#Pw~HXV}C2QR%S{z%A1WhQNxrrfO_LyC4$M{!wkb+4}M}{ z25DytM#!i%knbR0Gzgo1h zXOA)+8sCXU@hPES2~er3C@u3t^qyWe4g0m(4AeM9NERBzHHdb-N&9GCUMqaTbfLQgMbY zwexE3m?5yj0yOtuKO6z6;SZ`Wget}8@|n+#UD%d%pGs3RUuyQWJcCs`?U1CVn>-B( za*`|nyzYxgnMK%yr{{Dwx0}S~`Os_w7X*`K63Y3Vodk_a8uU5<+a4TcL1XPuFBmCv zpd5K>H_CaTv_M<*6dB=M`0-LLa=(lp5|_WaQkg>OgqRA7wo2osh5=?sH3e%2z2m_# z@||$zu%Z&W%!v1Kc^WoV#i*G+!&7BUeSNHIhVWE>cv@i08lb#mHMShQg|bz3PtT-| zCmCeBd(iDd7BkNPQEbD+iTsvCiC%v4raSACB&VGEnUp=Ju|q z=QT+PDzYKx=V=Vx3nd#_HK@gjcGj+$@17T^CY^YFPDif1Y>l?gXOvytcpMpdSjo3i z`U-|Gp9j=;g2R~G&N@EL@8IQ|AhP{lUCh9m2*{`T=JQMUFY=cz1f1#wPlhRG@|FJn zOVqVUu&|Y*-x|;wX1-zM4W*rsF7@GcTXc4^ObHX!Lrzx7vc84jUC6r=@Gb=sFP9EEQ+sDxhF|<7)+Xua2r;or)i8B7^IQ z>-B&*is-5$yf?#A%TIOB%`lOdaMsrq$VoaHg|x)b=8aR~<$XG>ho(X4cZ?REBdwRWPvi+Xn8QM; za#UDH0^v=1grNZ>{qq)RnxaM@GIqn0sD!7AcXyr>=6PDDX7fQEw_A}$*g_YvE z&db{swn~@q+}_q3#4I;kt^v7G#wtq`UU8bM?Gy_XxSQc1b?aHlDi>Lk6`oN1v^WaN zrLpJ`hy}f1Je5`5iMUF*Y_r&P$wiC(i>=-zse2J|+tHTjc(pWK)fFB{e$D&-tjPaE z``=tI{@>R2tL=*a$Melc|Bt(PzEu7PH~#90rXIkUPqmEIke9Ct^gKSTKaF(? z-2YY1Sk|KNB*_DtXoD0z5Av6OSfCLU$m^NHJy6M8b|ZU)mQnfhX3dB7p`&tWBbL6 z^8N2uFCOzh-p%s`_e+@5Y~N?sM^LC?1^_wLz1uydV=NqpFd~nS~oX8 zb$hUG0=;NF7HV}(Z@pq@rg{sQ0>X6QCVQwFyULcc3v2prc7+){>%2oKiMCVf6q8ww z(keCEoP=u5Y#boZv=IyH(*R`@41XNil!J)4Ns`37gTXWpwC))%DaHpf7Hm9Fn3CQk znTBhKyS`d>_*biyVS{8rZIrAg0^Vx=R7~p8mY@w789fIw51eLSnrsdR*M*{0EBjIz z4>A(T)}ke~JTMSknIJ^iVO8PO?<=8r?zgzIn*CoNK3+5a%Ztrw{=b)x`rq9=cfSAY zV9qR(iO{z&(M4!XliUl&SYn%*mnJu3R36jBtmygnHkDUy z;aE74C8X$Cv@04%*cDHxNtk|^lKbN zVjYD;&jyjH`vH`iFMKu*Z^i> zJ9+M0|NBXk3XmaB6G#=`2f@P-SvMKaW6~LwnewM(JSSh`G3UuVo?P3SduE2Qs&h-I zy?EFKCxv^@@=Nf|lPk?#ce^_ML)aSb)|zjsp3C>-c@f@na`hl8(?J2NXP2dk;2i>L-1%E&OlH#Od6S69^`_vpo(o2 zKZz3(NvUy6@JL^r#_O5c?aYAt(lc1VJDN$FaKT6@2Y9~(1B>@f>wVRF-(ZglIp3OE zBnpL5Nt49x=9x@jLPIH-!_W;|*N$pzTqf62VA9q&f}@ofm8fWUSG~Kx`9!91h`m&u zXqV~6m+VNpBnx{PK$!G%_{Rkg(uDxNN9HCl!UsgkbZU*!c#VXI zA-{BzKcnuUU5)Bs$;Xf-sH?oJz*zd8|605NbBq<$H|eHoE^BE|P)2%3rJ8w^#7XWe z3Qx#rge&R9AitotJH})?IYljx{;tI6t|K51o`KS;9sjBfY%p!$h$Pxul$NC;qo(3_b7npA% zN>~U)2zG%ih8MYvfz<=M-hp^S&(F!U1ecxt-Mwti`qh--nS$tgc$k{5S0%pi8m6F@ zPHd%GLNTa0v^gVn(Fu`YE??~FWrKIKl3=TJ+Lk@^( zx&TI2r3|$#TqtY6wlE@9I=x?O39RROtIKk{UZv*+%c5>xikEll(c&Vw+k;Yjnt&rp z10diN?T?;tywPl99qYV`u&FqWnwvylo5!2LkuEvQyweN#vd%u^TDo!I(m5J?uvtY5 z=7Y|Q!rx%?!Awd8*Y>8bPbA&I``kLX1u`)MWzM!LxV(iywisd^H>gj-UgtPnXd5%w zSP}FT`8VcNbl}TI?{Z};oq6yPrOCX)k%@L`Xw#KIM_f2UrU%~_eivf%%1pM!Yu9zs z3-Ns}0<%13JQZ-s#d*j{fXhejy7sloWSA84HhH`wmlnm{V(Jr2rs(s?r!i{4(TI&x zfe@SIO8pEGj@Uc6?@q}p(f^$bZG&HZA|;6eK{8{&qVwOa?Na==ovl|d9?yU8N^sP4l4nNEZXO~lQcMJIAkMvERdbm#r@*Yiro&;I_&dApX#=?wHLZ4cGl~(0 zY)}eht@&V`Fp&CEhP}CzL7km<%D#bC_iL}A)`hO{vfw0nPd02Ck$GJ%6k0vI`|axS zHmYcCk?R~fmBJs@9AV@wm?kTMwF>Q-JHo9RvZ7?6g<$wmQgI~ch<$3+%sHKTx>Bhn zd!^XDZ0v09`8jp5&*HsTlnuGihNCCt*iV>&yc|UgeXM)-qd|yHN?cM2%U6G8`LueO zYtxnCHr|=8A>QsHz;b!1`mO!~bglp`<^fg*E!|gg;?iXE1GY}n$DaQ)P+th2T9B0kF z1zc;Zs5aTUp;b-1S-JU8mYaLa-RdX3{bUps?zywz`UW)5h#lA*+!ve-@J4xkEQmT6 zmz(0>PPXBwS=;ZZxE7$%k{oNbg&knRv^TU`GH`DrTAGf3P z)u41KjnCFM&5<;jTwCcYwNtU8w3Q5&tQ(4aOR zbDlJ)j>7rWE%aK`j@o{$o4M0QYF;m_zgT^pU;kJi0w@w`8cwxDwbgs75|?MGQ7tYM zY*vj8jr7$NuUI=SKu{bF0_hUUb>an92(C^;t~r=QzFmT$=B#7YMhJ`PDw0=fhA1Dr zxWh+sEO4K$vleO&MDw|Tc0^bBoKZFoc_| zGj~T?W??ndTd`qIt=}bPHW#xWWjrzIeV> zvH$G6c(niA#q$O2KZ;IXfA^n)j{mxPBak7&`(p%hN84-((qP}v7UXtyO9r7TdY3Z@ znffa+2o>9EFbK^z;}n}{FykyVDwPJ+Y*e~$2BFs^Awwd|^#k+zt_(^i)L!hanv(Rl zg)Qx;$>dE=D^5EZT{M`X@b#N!GF!%8;zF@N7rh1Rm$pH;Alyr{m|=B)0<)N|;4ZS8 z^qRG^*cgX_o{K{+!E*aHxzdhyuWWLXCM`^IIa^v}j58%$5WOznmo({TX$4nkfir+S z+TPj<8>_Ruq3|_aiQ3o#?(5hDOtTN$_GSjL#JpeE_SVqKO>J+c*?Vq#Yi*%vlAv$X zLbGB$r*RC6%rwq|x`vtNR!ySwRFa1~H8;15+9|tzyXcoT@GN+4!TyICSlmD$i~PS{ zKCk$HZM}T?X#cy5=L_2ZW+(sq?dlDGh5SEX-t32iyj9OH?BSNod}U-VXXL}$D>3o8 zEnU;&s{qWk{k_~)9=*LDy}ha$KCb9Lfl=#A`+5~P=e@EjePK^8O@NPnUSG!6v~bT` zouz428~k>A4&uvSsjTp_M+ijXKZfAMj*m9xQ z)dTnEsu!al+-$Zt5oX-*w*0uR`>fvn6LXo21$B%-3;e&fURCTr+uM)#|L*4ba`vAi zO((Zu1ae65-dKWin3~N&d6}Epgq*%^$1qfn;H9iXP7^l_15?vdt%)epF0=Bk`n9-K z#qI4|nHxG5^x^1AbG(b{d#g39c*V`;3tCgE#cDCztmapXH|w=EYhy(rW~xvW%_{~& z&O|Onh3+hNOOZXT9igU+@_fue_Ob?rxy0FO25#59Fn?tC$x36I;kGf3_Qwb@^hctsWz%(x`GEmzs zti;3{Hk-`w_sENW%nn2sa}bo3t4nhZ-GaNu z;)=+a?+V3W)ALF;2iC9bLiIh~0w-~W)$6g6qPY8jsknALtK)7iqL<`!X+vsptXylyE zq!(k^QbU+}j0pB`8kj_v3mbE)co#M~CT4_awqYkq!W1(%p9khZEsdjF=S0z4SgTrr z{$4vYYZ`1aw>QewZT!H>#^QP}u&R?_z@%$@Tnbg032`x!+@h_~Q-JcLr2Aoliu-k@_4I=>Cv~wG+JcL z#(9f6*2<)i=54=unsps_&gP?DXD822VRQ;W1wXd^8_=ssody^O}1{8QS^c2OBkY@2*%U zhuRl$vAWmK>h*tj=h9Yy1^WNe|u-=@&4bPJYUZL%c#Su3@Z9VTGjQn?2hGe zVIS~lw7IF6%X(Sl>)Hh1_^R8a>u1gkMnvjwZW=MUp|`Eo_O_Mv)<)!OlJs;Q=~~>> z4WXJkx-<^0a^aJeh zgfWdU{ckX6f6Wr7XmS6#m>HV^CLjr^@1oi7p@m$ZZ&fBmb!HtaC`^l~N3v*KQ5SL= z_Ogj?)QdblY=?T5QzJ4eGkNdkulB`bY8*?qoT6ailAO-^ZrNNKcK&=^G#LuGAv69hhUI>UIlhguA)& z)3cW_oj29f?u*Jf_mc~f-56EN!E9xPB4e5yq(aarH!60!Wy1}Lf{b$*j#09o*q)lO zhLukFo9N<4B3viQ1~76R22OKz+1EuhY483L{SsMk#J|X2q8d#{cdj8h@h2=AZ-Ag7N!W$i@bdR03OZ{L(XsY# zUe`ti<3|erzn%vlqHqR0!kP*sh^c^(MbztfuTOqGQQK2z4Gxg};Kzd#2$+x^Z_JVb z{;R?7c*B2-0sd=WOvVHCkNqhxqCwu!kof0mj9QEAJoDsb+Ot6a2T1cOh}%bk=}P$1vhyKt+d5$Af!oVYtEi zKYp|S`rR9E8Z7E#!Tqn7o7=C->wjx=>v8?x#j^(Au_Pi>W>>>oHWW(UI8bxl>FmSL zKhSVmeEqL=nkm)Nh*BgsSBQKNvY{~4sQ5;U`7 z2p);qkGA`ZtsqQqYXxrVz&=TRS|H%h}$J2T>uw5>IrY1sz4 zKhQAb@Dmqd(A7Y^<@{XXHsO#;3Op4+;>=M{)A01X&6z(?79*0if9_b^H_fI1!ATD0I3 z3x2@@DuGx^v9?B-&@iS#!sUed6Yxo-L@qpTz>5_ZG~_Wv^wLlfq)L$2G+d$Dp55AD zN+L3*!s~R3L|Etm_o<)%kq#+|W0|*hZr*qSy%=ah4`>|n*;EOmN;uZd<4-;UTu%qO zeHMWqrZSphnotQ_-uBKnoxW~h$NSdX{6^PNdMH(G;Lnqo z`iz9YqBu=J`V%@O_+Y;|=y&MI8c)p1r5v8UTttHEvA5ab{lv*=T&laTSE zW_3FW8N1DFd0Q{Nt$sj4rYFQhI_aemHv1lOsVTjgqGt9(~>~bAX5tWYz&-3Ds7J z`H)&AI-G&DKu5X}MU@%&rXN_(Z~73KEkN1xI-P(HQwQBceI!^xjUEdgzpxR^cnX(1 z4Fd?-IaOaIr9eL=f&hy~Tue2K(EEaPCrKX`D%#$UfJHJPkxxxyL%Q2p%gEBDxU~Y~ zFVf4J!hgf;uYoiD;Lb#64fN0rM96p5x;j!^UnVs2X}+?|LGVI6+0#>9UJ1RnEzd=Q z!egf+6E4V@9)v{7MYQ?%376X7k^`8)k33AL6i#$QfGusn;mFcnx8L0Wx10C4Rdu_D z=LSqFI3)x#+%7e@R+}D+#s!GG{cfj2e4k4Bjt6uRxcgWVraZ_UjvL`FbaYHf@RMK( z{eTl7*}oTdcEbKmm+0Z!zq3w9DKv}PJu+6lVLp*Tp(VSM&Lw9{I(pLA3e%zSx&{tn zO9)s4!~g=lhH9A8ZAPLZJqfY9*sA!=&#kgY|r4AeDnfn5X0Y>BFnb*=da zon@$0xWoY~z*5Djeo_kbrSbCwNh8TnCC0Ugv2R=vfki+J;2R+MltRL$RH_CpNra1X ztZHk?PH2aOm`llqEM&<{cZ;&$gfbz^*ifQ{o!zyZlMf88@O{7EuNPkpR<19*0)%8p zL$gDXIBs86PvM7{{GQTG2F_>Wk3S&0SYge*S1^3}oJM|jW%KjrPGQhN9OfhTJkOXJ zX>_rhU0$|o#nJxB$xk1SUuPdc+ZMkUe7ftr1cPXFI2#qe%t4o(9X(=WD6T|7sJ~%Y zKAR|Zc}{0@dpvh6(``F6_pNfr#?PM-f1Ne=*aFd7T2aNtzi2hVkM04cSzzx!oW42n zl21uNC%eG`@#f~;9uaSDUE`3rZOq$6j)6BmF2=bz94U@8;=)%uCzsg~zPT8VXAp{K zu`op04p|uqsZysasx-3VFa#z2!gOZNe9%x{ny9^QccX;My>1sN{%NUbOG|vYgC};O z|EiiOS?8Ni7&_Uiqn~0f5^$Q?d$O+dLO%(yvOTfuBcF?jPqVwkIW0h+!*7yD3cS7U zADDm1bExohSFtxD>C5NP4|<(C6l`4!1zRo(wpN3Jty@6BRv86`X~4&LEJ&av6=Wf& z9JahoZ?n_+`9lQn`30R0serAW4cOk?-rUeC^u@L{Wy2+rfGUVmk47wFazcY##UHa| zk`B@Mp@`QQLf2$Ml2rEjsGm$|-&lpwCc-34$!}a(bCgo`w1=To12zIocChbHNHnHW z8*Blx15Nz2Ekk|JEd^$cp@NWb#T2-Rxgd!aVgoiBQJj_$B}pn&Q$axS>{SnSM@vxH zidu(8DGSQW`aeO-#`A$P>YPGQr$6su7 zyV|C+Zy zrVq}&P9HuhENC&vm{rdzFkS3;1+Yfs_raPe-ACa1hRhd0qdGh-Qj>y1LafzaD{MbQ z#Nu}U43AA~8@Xkd*6+x3Qo{%9;n2#$8CEN+0@-dC5n)ypI({ixd0VXuF6*{&t zLt_VuSOY4I6%&u9QoGvqLSY#tDe5{jrUoN9>$0?55=MegfvBNrTI3P6dy=*FnU%AF z?a7H!8KS2Nj1=o4(F~ZBDV6QJ)H1qRM}|j@sLWqYu}+; zr<(Ht7mCS)Oox&Mj0lDShfH??q)}j8;`d|XPpAcC1MKakZEq9SRe`Sg)b0JXqo{96 zW=P12eJM(W18?f|1=HoVM35+sKMIZ(v$*{bUKLC-NE4U z^3o#+qQ}K}5b7dw@b>WF&HEE{QT@ZlH^KD>W@czXEZ{Rw>d9`@h=6aI1d{`Ce>rj3H1@N`xI$fhV9c%2hU z3!PhInKtV(A3_q1Q!=J7<`+~%c!*EMlu5nYk|^keY|0YDQ!B&q?(K2)fr.insee.onyxia.model.catalog.Config.Category["externalDatabase"]->fr.insee.onyxia.model.catalog.Config.Property["properties"]->java.util.LinkedHashMap["host"]->fr.insee.onyxia.model.catalog.Config.Property["hidden"]) + at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:63) ~[jackson-databind-2.15.4.jar:2.15.4] +``` + + + +### Problème 1 Erreur dû au fichier values.schema.json du chart wordpress L'erreur affiché est du côté de l'api dans le catalogcontroller: https://github.com/InseeFrLab/onyxia-api/blob/5bd597127bbeeb22d155494d9632dfcaf1c28d1d/onyxia-api/src/main/java/fr/insee/onyxia/api/controller/pub/CatalogController.java#L147