From ef300e1ad17be07da667facf43ee9942270d16c1 Mon Sep 17 00:00:00 2001 From: Alexandre <44178713+alexbelgium@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:44:04 +0100 Subject: [PATCH] update --- brave/CHANGELOG.md | 180 ------------------ browser_brave/CHANGELOG.md | 3 + {brave => browser_brave}/Dockerfile | 0 {brave => browser_brave}/README.md | 0 {brave => browser_brave}/apparmor.txt | 0 {brave => browser_brave}/build.json | 0 {brave => browser_brave}/config.yaml | 0 {brave => browser_brave}/icon.png | Bin {brave => browser_brave}/logo.png | Bin .../rootfs/etc/cont-init.d/20-folders.sh | 0 .../etc/cont-init.d/80-configuration.sh | 0 .../rootfs/etc/cont-init.d/90-ingress.sh | 0 .../rootfs/etc/cont-init.d/90-ssl.sh | 0 .../rootfs/etc/nginx/includes/mime.types | 0 .../etc/nginx/includes/proxy_params.conf | 0 .../rootfs/etc/nginx/includes/resolver.conf | 0 .../etc/nginx/includes/server_params.conf | 0 .../rootfs/etc/nginx/includes/ssl_params.conf | 0 .../rootfs/etc/nginx/includes/upstream.conf | 0 {brave => browser_brave}/stats.png | Bin {brave => browser_brave}/updater.json | 0 browser_chromium/CHANGELOG.md | 0 browser_chromium/Dockerfile | 130 +++++++++++++ browser_chromium/README.md | 79 ++++++++ browser_chromium/apparmor.txt | 71 +++++++ browser_chromium/build.json | 6 + browser_chromium/config.yaml | 73 +++++++ browser_chromium/icon.png | Bin 0 -> 35384 bytes browser_chromium/logo.png | Bin 0 -> 35384 bytes .../rootfs/etc/cont-init.d/20-folders.sh | 23 +++ .../etc/cont-init.d/80-configuration.sh | 49 +++++ .../rootfs/etc/cont-init.d/90-ingress.sh | 29 +++ .../rootfs/etc/cont-init.d/90-ssl.sh | 22 +++ .../rootfs/etc/nginx/includes/mime.types | 96 ++++++++++ .../etc/nginx/includes/proxy_params.conf | 15 ++ .../rootfs/etc/nginx/includes/resolver.conf | 1 + .../etc/nginx/includes/server_params.conf | 6 + .../rootfs/etc/nginx/includes/ssl_params.conf | 9 + .../rootfs/etc/nginx/includes/upstream.conf | 3 + browser_chromium/stats.png | Bin 0 -> 1774 bytes browser_chromium/updater.json | 9 + 41 files changed, 624 insertions(+), 180 deletions(-) delete mode 100644 brave/CHANGELOG.md create mode 100644 browser_brave/CHANGELOG.md rename {brave => browser_brave}/Dockerfile (100%) rename {brave => browser_brave}/README.md (100%) rename {brave => browser_brave}/apparmor.txt (100%) rename {brave => browser_brave}/build.json (100%) rename {brave => browser_brave}/config.yaml (100%) rename {brave => browser_brave}/icon.png (100%) rename {brave => browser_brave}/logo.png (100%) rename {brave => browser_brave}/rootfs/etc/cont-init.d/20-folders.sh (100%) mode change 100755 => 100644 rename {brave => browser_brave}/rootfs/etc/cont-init.d/80-configuration.sh (100%) mode change 100755 => 100644 rename {brave => browser_brave}/rootfs/etc/cont-init.d/90-ingress.sh (100%) mode change 100755 => 100644 rename {brave => browser_brave}/rootfs/etc/cont-init.d/90-ssl.sh (100%) mode change 100755 => 100644 rename {brave => browser_brave}/rootfs/etc/nginx/includes/mime.types (100%) rename {brave => browser_brave}/rootfs/etc/nginx/includes/proxy_params.conf (100%) rename {brave => browser_brave}/rootfs/etc/nginx/includes/resolver.conf (100%) rename {brave => browser_brave}/rootfs/etc/nginx/includes/server_params.conf (100%) rename {brave => browser_brave}/rootfs/etc/nginx/includes/ssl_params.conf (100%) rename {brave => browser_brave}/rootfs/etc/nginx/includes/upstream.conf (100%) rename {brave => browser_brave}/stats.png (100%) rename {brave => browser_brave}/updater.json (100%) create mode 100644 browser_chromium/CHANGELOG.md create mode 100644 browser_chromium/Dockerfile create mode 100644 browser_chromium/README.md create mode 100644 browser_chromium/apparmor.txt create mode 100644 browser_chromium/build.json create mode 100644 browser_chromium/config.yaml create mode 100644 browser_chromium/icon.png create mode 100644 browser_chromium/logo.png create mode 100644 browser_chromium/rootfs/etc/cont-init.d/20-folders.sh create mode 100644 browser_chromium/rootfs/etc/cont-init.d/80-configuration.sh create mode 100644 browser_chromium/rootfs/etc/cont-init.d/90-ingress.sh create mode 100644 browser_chromium/rootfs/etc/cont-init.d/90-ssl.sh create mode 100644 browser_chromium/rootfs/etc/nginx/includes/mime.types create mode 100644 browser_chromium/rootfs/etc/nginx/includes/proxy_params.conf create mode 100644 browser_chromium/rootfs/etc/nginx/includes/resolver.conf create mode 100644 browser_chromium/rootfs/etc/nginx/includes/server_params.conf create mode 100644 browser_chromium/rootfs/etc/nginx/includes/ssl_params.conf create mode 100644 browser_chromium/rootfs/etc/nginx/includes/upstream.conf create mode 100644 browser_chromium/stats.png create mode 100644 browser_chromium/updater.json diff --git a/brave/CHANGELOG.md b/brave/CHANGELOG.md deleted file mode 100644 index 9c921868b..000000000 --- a/brave/CHANGELOG.md +++ /dev/null @@ -1,180 +0,0 @@ -## 1.86.139-ls69-2 (16-01-2026) -- Minor bugs fixed - -## 1.86.139-ls69 (2026-01-16) -- Update to latest version from linuxserver/docker-brave (changelog : https://github.com/linuxserver/docker-brave/releases) -## 1.0.6 (16-01-2026) -- Minor bugs fixed -## 1.0.5 (16-01-2026) -- Minor bugs fixed -## 1.0.4 (16-01-2026) -- Minor bugs fixed -## 1.0.2 (16-01-2026) -- Minor bugs fixed -## 1.0.1 (15-01-2026) -- Minor bugs fixed - -## 1.0.0 (2026-01-14) -- Switch addon base to linuxserver/docker-brave and use /config as the data folder - -## 4.16-r0-ls93 (2026-01-14) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls92 (2026-01-08) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-12-24) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-12-20) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-12-13) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-11-22) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls92 (2025-11-15) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-11-08) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) -- Added support for configuring extra environment variables via the `env_vars` add-on option alongside config.yaml. See https://github.com/alexbelgium/hassio-addons/wiki/Add-Environment-variables-to-your-Addon-2 for details. - -## "4.16-r0-ls94" (2025-10-25) -- Minor bugs fixed - -## 4.16-r0-ls94 (2025-10-25) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-10-18) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-09-06) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-08-23) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-08-16) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-08-09) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-08-01) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-07-25) -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) -## 4.16-r0-ls94 (2025-07-05) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-06-28) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-06-21) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-06-13) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-06-07) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94-6 (2025-06-01) - -- Minor bugs fixed - -## 4.16-r0-ls94-4 (2025-05-28) - -- Minor bugs fixed - -## 4.16-r0-ls94-2 (2025-05-28) - -- Minor bugs fixed - -## 4.16-r0-ls94 (2025-05-24) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93-2 (2025-05-17) - -- Minor bugs fixed - -## 4.16-r0-ls93 (2025-05-17) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-04-26) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-04-19) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-04-05) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-03-29) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-03-22) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94 (2025-03-15) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls93 (2025-03-08) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls95 (2025-03-01) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94-5 (2025-02-21) - -- Option to install microsoft edge - -## 4.16-r0-ls94-3 (2025-02-15) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## 4.16-r0-ls94-9 (2025-01-29) - -- Minor bugs fixed - -## 4.16-r0-ls94-7 (2025-01-29) - -- External port disabled by default to rely on ingress -- Added a message that opening a port without password is a very high risk -- Add microsoft edge - -## 4.16-r0-ls94 (2025-01-25) - -- Update to latest version from linuxserver/docker-webtop (changelog : https://github.com/linuxserver/docker-webtop/releases) - -## fb06d0b4-ls71-5 (2025-01-24) - -- Minor bugs fixed - -## fb06d0b4-ls71-4 (2025-01-24) - -- Minor bugs fixed - -## fb06d0b4-ls71-2 (2025-01-24) - -- First version of Ubuntu KDE -- Use own ssl certificates diff --git a/browser_brave/CHANGELOG.md b/browser_brave/CHANGELOG.md new file mode 100644 index 000000000..9dfccd441 --- /dev/null +++ b/browser_brave/CHANGELOG.md @@ -0,0 +1,3 @@ + +## 1.86.139-ls69 (2026-01-16) +- Update to latest version from linuxserver/docker-brave (changelog : https://github.com/linuxserver/docker-brave/releases) diff --git a/brave/Dockerfile b/browser_brave/Dockerfile similarity index 100% rename from brave/Dockerfile rename to browser_brave/Dockerfile diff --git a/brave/README.md b/browser_brave/README.md similarity index 100% rename from brave/README.md rename to browser_brave/README.md diff --git a/brave/apparmor.txt b/browser_brave/apparmor.txt similarity index 100% rename from brave/apparmor.txt rename to browser_brave/apparmor.txt diff --git a/brave/build.json b/browser_brave/build.json similarity index 100% rename from brave/build.json rename to browser_brave/build.json diff --git a/brave/config.yaml b/browser_brave/config.yaml similarity index 100% rename from brave/config.yaml rename to browser_brave/config.yaml diff --git a/brave/icon.png b/browser_brave/icon.png similarity index 100% rename from brave/icon.png rename to browser_brave/icon.png diff --git a/brave/logo.png b/browser_brave/logo.png similarity index 100% rename from brave/logo.png rename to browser_brave/logo.png diff --git a/brave/rootfs/etc/cont-init.d/20-folders.sh b/browser_brave/rootfs/etc/cont-init.d/20-folders.sh old mode 100755 new mode 100644 similarity index 100% rename from brave/rootfs/etc/cont-init.d/20-folders.sh rename to browser_brave/rootfs/etc/cont-init.d/20-folders.sh diff --git a/brave/rootfs/etc/cont-init.d/80-configuration.sh b/browser_brave/rootfs/etc/cont-init.d/80-configuration.sh old mode 100755 new mode 100644 similarity index 100% rename from brave/rootfs/etc/cont-init.d/80-configuration.sh rename to browser_brave/rootfs/etc/cont-init.d/80-configuration.sh diff --git a/brave/rootfs/etc/cont-init.d/90-ingress.sh b/browser_brave/rootfs/etc/cont-init.d/90-ingress.sh old mode 100755 new mode 100644 similarity index 100% rename from brave/rootfs/etc/cont-init.d/90-ingress.sh rename to browser_brave/rootfs/etc/cont-init.d/90-ingress.sh diff --git a/brave/rootfs/etc/cont-init.d/90-ssl.sh b/browser_brave/rootfs/etc/cont-init.d/90-ssl.sh old mode 100755 new mode 100644 similarity index 100% rename from brave/rootfs/etc/cont-init.d/90-ssl.sh rename to browser_brave/rootfs/etc/cont-init.d/90-ssl.sh diff --git a/brave/rootfs/etc/nginx/includes/mime.types b/browser_brave/rootfs/etc/nginx/includes/mime.types similarity index 100% rename from brave/rootfs/etc/nginx/includes/mime.types rename to browser_brave/rootfs/etc/nginx/includes/mime.types diff --git a/brave/rootfs/etc/nginx/includes/proxy_params.conf b/browser_brave/rootfs/etc/nginx/includes/proxy_params.conf similarity index 100% rename from brave/rootfs/etc/nginx/includes/proxy_params.conf rename to browser_brave/rootfs/etc/nginx/includes/proxy_params.conf diff --git a/brave/rootfs/etc/nginx/includes/resolver.conf b/browser_brave/rootfs/etc/nginx/includes/resolver.conf similarity index 100% rename from brave/rootfs/etc/nginx/includes/resolver.conf rename to browser_brave/rootfs/etc/nginx/includes/resolver.conf diff --git a/brave/rootfs/etc/nginx/includes/server_params.conf b/browser_brave/rootfs/etc/nginx/includes/server_params.conf similarity index 100% rename from brave/rootfs/etc/nginx/includes/server_params.conf rename to browser_brave/rootfs/etc/nginx/includes/server_params.conf diff --git a/brave/rootfs/etc/nginx/includes/ssl_params.conf b/browser_brave/rootfs/etc/nginx/includes/ssl_params.conf similarity index 100% rename from brave/rootfs/etc/nginx/includes/ssl_params.conf rename to browser_brave/rootfs/etc/nginx/includes/ssl_params.conf diff --git a/brave/rootfs/etc/nginx/includes/upstream.conf b/browser_brave/rootfs/etc/nginx/includes/upstream.conf similarity index 100% rename from brave/rootfs/etc/nginx/includes/upstream.conf rename to browser_brave/rootfs/etc/nginx/includes/upstream.conf diff --git a/brave/stats.png b/browser_brave/stats.png similarity index 100% rename from brave/stats.png rename to browser_brave/stats.png diff --git a/brave/updater.json b/browser_brave/updater.json similarity index 100% rename from brave/updater.json rename to browser_brave/updater.json diff --git a/browser_chromium/CHANGELOG.md b/browser_chromium/CHANGELOG.md new file mode 100644 index 000000000..e69de29bb diff --git a/browser_chromium/Dockerfile b/browser_chromium/Dockerfile new file mode 100644 index 000000000..8b5a47eb0 --- /dev/null +++ b/browser_chromium/Dockerfile @@ -0,0 +1,130 @@ +#============================# +# ALEXBELGIUM'S DOCKERFILE # +#============================# +# _.------. +# _.-` ('>.-`"""-. +# '.--'` _'` _ .--.) +# -' '-.-';` ` +# ' - _.' ``'--. +# '---` .-'""` +# /` +#=== Home Assistant Addon ===# + +################# +# 1 Build Image # +################# + +ARG BUILD_FROM +ARG BUILD_VERSION +FROM ${BUILD_FROM} + +################## +# 2 Modify Image # +################## + +# Set S6 wait time +ENV S6_CMD_WAIT_FOR_SERVICES=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_SERVICES_GRACETIME=0 + +USER root + +# load volume +VOLUME [ "/sys/fs/cgroup" ] + +# Set shell +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Allow UID and GID setting +# hadolint ignore=SC2015,DL4006,SC2013,SC2086 +RUN \ + # Change home folder location + usermod --home /config abc && \ + \ + # Set +e + if [[ -d /etc/services.d ]] && ls /etc/services.d/*/run 1> /dev/null 2>&1; then sed -i "1a set +e" /etc/services.d/*/run; fi + +# Modify chromium commands +RUN sed -i '/no-first-run/a\ --no-default-browser-check --disable-dev-shm-usage --remote-debugging-address=0.0.0.0 --remote-debugging-port=9221 --disable-background-networking --disable-sync \\' /usr/bin/wrapped-chromium + +# Global LSIO modifications +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_lsio.sh" "/ha_lsio.sh" +ARG CONFIGLOCATION="/config" +RUN chmod 744 /ha_lsio.sh && if grep -qr "lsio" /etc; then /ha_lsio.sh "$CONFIGLOCATION"; fi && rm /ha_lsio.sh + +################## +# 3 Install apps # +################## + +# Add rootfs +COPY rootfs/ / + +# Uses /bin for compatibility purposes +# hadolint ignore=DL4005 +RUN if [ ! -f /bin/sh ] && [ -f /usr/bin/sh ]; then ln -s /usr/bin/sh /bin/sh; fi && \ + if [ ! -f /bin/bash ] && [ -f /usr/bin/bash ]; then ln -s /usr/bin/bash /bin/bash; fi + +# Modules +ARG MODULES="00-banner.sh 01-custom_script.sh 00-local_mounts.sh 00-smb_mounts.sh 90-dns_set.sh" + +# Automatic modules download +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_automodules.sh" "/ha_automodules.sh" +RUN chmod 744 /ha_automodules.sh && /ha_automodules.sh "$MODULES" && rm /ha_automodules.sh + +# Manual apps +ENV PACKAGES="nginx engrampa kwalletmanager" + +# Automatic apps & bashio +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_autoapps.sh" "/ha_autoapps.sh" +RUN chmod 744 /ha_autoapps.sh && /ha_autoapps.sh "$PACKAGES" && rm /ha_autoapps.sh + +################ +# 4 Entrypoint # +################ + +# Add entrypoint +ENV S6_STAGE2_HOOK=/ha_entrypoint.sh +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_entrypoint.sh" "/ha_entrypoint.sh" + +# Standalone bashio command +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/bashio-standalone.sh" "/.bashio-standalone.sh" +RUN chmod 777 /.bashio-standalone.sh + +#WORKDIR / +ENTRYPOINT [ "/usr/bin/env" ] +CMD [ "/ha_entrypoint.sh" ] + +############ +# 5 Labels # +############ + +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_DESCRIPTION +ARG BUILD_NAME +ARG BUILD_REF +ARG BUILD_REPOSITORY +ARG BUILD_VERSION +ENV BUILD_VERSION="${BUILD_VERSION}" +LABEL \ + io.hass.name="${BUILD_NAME}" \ + io.hass.description="${BUILD_DESCRIPTION}" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + maintainer="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.title="${BUILD_NAME}" \ + org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ + org.opencontainers.image.vendor="Home Assistant Add-ons" \ + org.opencontainers.image.authors="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.url="https://github.com/alexbelgium" \ + org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ + org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} + +#################### +# 6 HealthcheckNOT # +#################### diff --git a/browser_chromium/README.md b/browser_chromium/README.md new file mode 100644 index 000000000..d992d8d64 --- /dev/null +++ b/browser_chromium/README.md @@ -0,0 +1,79 @@ +# Home assistant add-on: chromium + +I maintain this and other Home Assistant add-ons in my free time: keeping up with upstream changes, HA changes, and testing on real hardware takes a lot of time (and some money). I use around 5-10 of my >110 addons so regularly I install test machines (and purchase some test services such as vpn) that I don't use myself to troubleshoot and improve the addons + +If this add-on saves you time or makes your setup easier, I would be very grateful for your support! + +[![Buy me a coffee][donation-badge]](https://www.buymeacoffee.com/alexbelgium) +[![Donate via PayPal][paypal-badge]](https://www.paypal.com/donate/?hosted_button_id=DZFULJZTP3UQA) + +## Addon informations + +![Version](https://img.shields.io/badge/dynamic/yaml?label=Version&query=%24.version&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fchromium%2Fconfig.yaml) +![Ingress](https://img.shields.io/badge/dynamic/yaml?label=Ingress&query=%24.ingress&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fchromium%2Fconfig.yaml) +![Arch](https://img.shields.io/badge/dynamic/yaml?color=success&label=Arch&query=%24.arch&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fchromium%2Fconfig.yaml) + +[![Codacy Badge](https://app.codacy.com/project/badge/Grade/9c6cf10bdbba45ecb202d7f579b5be0e)](https://www.codacy.com/gh/alexbelgium/hassio-addons/dashboard?utm_source=github.com&utm_medium=referral&utm_content=alexbelgium/hassio-addons&utm_campaign=Badge_Grade) +[![GitHub Super-Linter](https://img.shields.io/github/actions/workflow/status/alexbelgium/hassio-addons/weekly-supelinter.yaml?label=Lint%20code%20base)](https://github.com/alexbelgium/hassio-addons/actions/workflows/weekly-supelinter.yaml) +[![Builder](https://img.shields.io/github/actions/workflow/status/alexbelgium/hassio-addons/onpush_builder.yaml?label=Builder)](https://github.com/alexbelgium/hassio-addons/actions/workflows/onpush_builder.yaml) + +[donation-badge]: https://img.shields.io/badge/Buy%20me%20a%20coffee-%23d32f2f?logo=buy-me-a-coffee&style=flat&logoColor=white +[paypal-badge]: https://img.shields.io/badge/Donate%20via%20PayPal-0070BA?logo=paypal&style=flat&logoColor=white + +_Thanks to everyone having starred my repo! To star it click on the image below, then it will be on top right. Thanks!_ + +[![Stargazers repo roster for @alexbelgium/hassio-addons](https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.github/stars2.svg)](https://github.com/alexbelgium/hassio-addons/stargazers) + +![downloads evolution](https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/chromium/stats.png) + +## About + +[chromium](https://chromium.com/) is a fast, private and secure web browser for PC, Mac and mobile. +This addon is based on the docker image https://github.com/linuxserver/docker-chromium + +## Configuration + +Use the add-on `env_vars` option to pass extra environment variables (uppercase or lowercase names). See https://github.com/alexbelgium/hassio-addons/wiki/Add-Environment-variables-to-your-Addon-2 for details. + +Webui can be found with ingress or at . The port is by default disabled but can be enabled through the addon options. + +By default the image is based around the abc user and we recommend using this user as all of the init/config is based around it. The default password is also abc . If you want to change this password and require authentication when accessing the interface simply issue passwd inside a GUI terminal in the container. Then when accessing the web interface use the path: + +http://localhost:3000/?login=true + +Apps installations are not remanent, you need to do it via addon options. Their config, however, is. + +If graphics don't work, use the DRINODE feature to select your graphic device. + +See all potential ENV variables here : https://docs.linuxserver.io/images/docker-chromium#optional-environment-variables + +```yaml +TZ: timezone ; Country/City according to https://manpages.ubuntu.com/manpages/trusty/man3/DateTime::TimeZone::Catalog.3pm.html +additional_apps: engrampa,thunderbird # Allows installation of apps, as they are not persistent +DRINODE: specify a custom graphic device, default is /dev/dri/renderD128 +DNS_servers: 8.8.8.8,1.1.1.1 # Keep blank to use router’s DNS, or set custom DNS to avoid spamming in case of local DNS ad-remover +localdisks: sda1 #put the hardware name of your drive to mount separated by commas, or its label. ex. sda1, sdb1, MYNAS... +networkdisks: "//SERVER/SHARE" # optional, list of smb servers to mount, separated by commas +cifsusername: "username" # optional, smb username, same for all smb shares +cifspassword: "password" # optional, smb password +cifsdomain: "domain" # optional, allow setting the domain for the smb share +``` + +## Installation + +The installation of this add-on is pretty straightforward and not different in comparison to installing any other add-on. + +1. Add my add-ons repository to your home assistant instance (in supervisor addons store at top right, or click button below if you have configured my HA) + [![Open your Home Assistant instance and show the add add-on repository dialog with a specific repository URL pre-filled.](https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) +1. Install this add-on. +1. Click the `Save` button to store your configuration. +1. Set the add-on options to your preferences +1. Start the add-on. +1. Check the logs of the add-on to see if everything went well. +1. Open the webUI and adapt the software options + +## Support + +Create an issue on github + +## Illustration diff --git a/browser_chromium/apparmor.txt b/browser_chromium/apparmor.txt new file mode 100644 index 000000000..2342b9be5 --- /dev/null +++ b/browser_chromium/apparmor.txt @@ -0,0 +1,71 @@ +#include + +profile chromium_addon flags=(attach_disconnected,mediate_deleted) { + #include + + capability, + file, + signal, + mount, + umount, + remount, + network udp, + network tcp, + network dgram, + network stream, + network inet, + network inet6, + network netlink raw, + network unix dgram, + + capability setgid, + capability setuid, + capability sys_admin, + capability dac_read_search, + capability dac_override, + # capability sys_rawio, + +# S6-Overlay + /init ix, + /run/{s6,s6-rc*,service}/** ix, + /package/** ix, + /command/** ix, + /run/{,**} rwk, + /dev/tty rw, + /bin/** ix, + /usr/bin/** ix, + /usr/lib/bashio/** ix, + /etc/s6/** rix, + /run/s6/** rix, + /etc/services.d/** rwix, + /etc/cont-init.d/** rwix, + /etc/cont-finish.d/** rwix, + /init rix, + /var/run/** mrwkl, + /var/run/ mrwkl, + /dev/i2c-1 mrwkl, + # Files required + /dev/fuse mrwkl, + /dev/sda1 mrwkl, + /dev/sdb1 mrwkl, + /dev/nvme0 mrwkl, + /dev/nvme0n1 mrwkl, + /dev/nvme1 mrwkl, + /dev/mmcblk0p1 mrwkl, + /dev/* mrwkl, + /udev/* mrwkl, + /tmp/** mrkwl, + /dev/fuse/** mrkwl, + /dev/** mrkwl, + /sys/firmware/** mrkwl, + + # Data access + /data/** rw, + + # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container + ptrace (trace,read) peer=docker-default, + + # docker daemon confinement requires explict allow rule for signal + signal (receive) set=(kill,term) peer=/usr/bin/docker, + +} diff --git a/browser_chromium/build.json b/browser_chromium/build.json new file mode 100644 index 000000000..5168e3cc7 --- /dev/null +++ b/browser_chromium/build.json @@ -0,0 +1,6 @@ +{ + "build_from": { + "aarch64": "lscr.io/linuxserver/chromium:arm64v8-latest", + "amd64": "lscr.io/linuxserver/chromium:amd64-latest" + } +} diff --git a/browser_chromium/config.yaml b/browser_chromium/config.yaml new file mode 100644 index 000000000..8fcbc6adc --- /dev/null +++ b/browser_chromium/config.yaml @@ -0,0 +1,73 @@ +arch: + - aarch64 + - amd64 +audio: true +description: chromium browser +devices: + - /dev/dri + - /dev/dri/card0 + - /dev/dri/card1 + - /dev/dri/renderD128 + - /dev/vchiq + - /dev/video10 + - /dev/video11 + - /dev/video12 + - /dev/video13 + - /dev/video14 + - /dev/video15 + - /dev/video16 +environment: + FM_HOME: /config + HOME: /config + START_DOCKER: "false" + TITLE: chromium browser + shm_size: 1gb +image: ghcr.io/alexbelgium/chromium-{arch} +ingress: true +init: false +map: + - addon_config:rw + - media:rw + - share:rw + - ssl +name: chromium +options: + env_vars: [] + DNS_server: 8.8.8.8 + PGID: 0 + PUID: 0 + certfile: fullchain.pem + keyfile: privkey.pem + use_own_certs: false +panel_admin: false +panel_icon: mdi:monitor +ports: + 3001/tcp: 3001 + 9221/tcp: null +ports_description: + 3001/tcp: Web interface https + 9221/tcp: Chrome devtools +privileged: + - SYS_ADMIN + - DAC_READ_SEARCH +schema: + env_vars: + - name: match(^[A-Za-z0-9_]+$) + value: str? + DNS_server: str? + DRINODE: list(/dev/dri/card0|/dev/dri/card1|/dev/dri/card2|/dev/dri/renderD128|/dev/dri/renderD129|)? + KEYBOARD: list(da-dk-qwerty|de-de-qwertz|en-gb-qwerty|en-us-qwerty|es-es-qwerty|fr-ch-qwertz|fr-fr-azerty|it-it-qwerty|ja-jp-qwerty|pt-br-qwerty|sv-se-qwerty|tr-tr-qwerty)? + PASSWORD: str? + PGID: int + PUID: int + TZ: match([A-Z][a-z]*./[A-Z][a-z]*.)? + additional_apps: str? + certfile: str + keyfile: str + use_own_certs: bool? +slug: chromium +tmpfs: true +udev: true +url: https://github.com/alexbelgium/hassio-addons +version: "1.86.139-ls69-4" +video: true diff --git a/browser_chromium/icon.png b/browser_chromium/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..cf9036911d4e71c8f2777a191948186639278905 GIT binary patch literal 35384 zcmag_cT`i~^9BmNf$yFr59-ep;rL`1q(&0N)@D+1Ox;D0qIgz#D)}+E+iB| zLWV##oVtmq1W6@QsZuYJX<-; zZ&d=dR-)?W5x>(IHcd#AEQp%HaQ|Xyu z?aS-I_0Li_eg{sSQ-4LYxc9W6V`Iio_K1KLq~h*kvG{bGgUq8! zzlgt3Xu0N;n0!}K<^h#RzVf)qp;OY^yNnCy)4sTiwq)tXQw^?J%Yr?k<#Kv^{jRKi z_RmioHgQIK)A14hf&!&Sf*m5E43^d;%eku`QG3`pyG`|}vXklV76MY!9c{dYO$*uL zoWgniB=v=|_RsNLh?jUpG}@9A=pr_9h1ifnI_Omvu#ZkjT{@=E`=lf;|49BJnQ0>7 zx<9*b*?v_|T_dku2cqD&VD~~J2iKhN4b)o6gFt`I@3_CJ*|UPP8%Q+mfaTr+bq{}Q zdre01z>>ep!gTz1{L;c{k_P`;jJ(lx{Qk@pQvItbXr2g8jux{;zS)gE#p%u8(bE&z z4cSy{>lz_&PAl$f<0S~J`rNGDS_v>~W0Ct(_e=BysJ&g1Yo@!If@>Z`@%sY~9unIZ zqY8MAnAu~4-dJZx1&O@uug2xnHo^JrRhd7G?}+NpUA~)|r~Baw!hm0H|9G@hCb&9P z+Ax}(?+h}H|9wg{jie}xUX}vH85m z`IK;K?Z@{qF_}qkD<6)S!6fy01^H$mFklKncf(dBf&f#qm#y!ShFR z4G1Tg$pM^sbLMf1PwHxvSWDuUj9Td(sOumAVMmw%P7XYt-k>~a6=kT+Ay zUxXD+#EYWeEZaHB($j7z`ZY(0e!(uxvX#l)j07;iO;Sb}t=}c;FZO#AUIssbc!RPk zMogA0aEpV;{o%v>{6776L#>1bf&`eme560;W*=xnP~dYR70w99EPC(TQa1{L${(Y) zvf$nC&3M<>+&m(fb>{pD0zjRk`7kc9rRgSFV-{fwShbbXKxXH=1?9g?+u2em z1~^mU%M{fYsMySfZ^lt*MD@ot$K3Tzbh&=7D3cg~11QQv3Odio=5a-;GW9%^GNgjU z$2R|zO-!Ye9#AB(^sYv>!CsqjD_{V4RR4sLBEH2$si}(<1}Lh||EO8%G07X&fQn`z zoVmn6wy`&OmYV>ql++6d-4%PI7oa4q?U;uz=?bphgGf+?;%wTOT_Ed}n19RVJ z7py}srDFgHId-}feEgs5Gfx2*i1WG*%$5%V6397!4DOMJv{(MkN+vfbpR4pUgW0k} zfa6xnUUN_pcDEC24MDBi7+$aQfoMnJNY(3+^o|5&)w!8i+>diV73SdnA#w- zYM-3rq=5f($MM1)${b-#x;Lv#(p8TBgTKrGGJmT{=N8W!!E^vdgH*Dzu`fXx^^g{m zhS9dHvcIPz1VsVo+2TEPS>wSm`@fm9O2m{{Oz-|yo++S>0eRdEWNEgGG8zB8gehj- zRBpSEq~Nq~I)!xn?+&~OelC($hXuIzY+|1lMp<{3{O40ah+n4MbAY5kWYKk!v##ts zQD-hXxrqKRnknwi-FBl0eLv$%HtS14Pxw8f!at&XCuh}kZ}sT)KYOg52_-+CG-JMN zfAb;KLjFyCX2BWe83P?8@P98mDQ`n+KF6Rpa|)}y8bYAxj}w5F=1w^H2}HuAOz#bs z`SO;ppF+QTr#<9Yqnd%)eovp3+Lr7nto+(cZ#iCQVmxO>bpLp{Ts$c*Y!gk|xz9s_ z0ZIf?CSdO<%n+rZ@wG+oMhE!$LP*&}w3L4p>W-(0zStpO_heD~#~sJrr9XefK0Lz4 zMMugv4Gex8xoy0(@cGY*c<_#+!{fFD@?=g(P}TI@e_X=?sM0XDzCS!+Kg)bQ?^5~e z6eYVAT|gBJRXuL#JD#W776{AyXfGg9ut$DguuPxPXLja2lEnoBaL9ycz1WxS(ON}j z^S;}Whv_u42lHt^a#{n7nff4OLge(4zQu*TZTMBm+)OL04Rr%5$BvpaO3Ocp#47IZ zlN75cNk{RyjoV*@aH)9e{zC(0MD1>1Znj46xrLVZ4%SJ;TgipO=yc}3x%ne<%df`? zFjx73k#YzOJle{Rwh@pl$-dny8Xm}BX0(vIeQgZMwaiMTjG$)JD48wUp#&C%D3@5P zjVf1#ag4-I|A`;TGWu+{@cHg}hWs+|6`|}3>BnZPGt=9?W20?*&vr~%u&3ZiFc7gM zVV#SY%Jl5r5ZzBVx#Rg~s&?9}$L;a&d^4$0Nx>YAmA5DK#&WfK*gpwmDlt=EI7WdQ z!vYo%lo&rO`Fko^R;cwnWF)KS%fZ6xY;}m9mP+6lg)%d~cE#3zG|VxTtJ8&J07me{ zvp#3|-jqSxFE4z-#McNa{4BCgQGI;jTYwpYIz*jxOhf?2D5!HWr1Ylt1{l3G{{Vdm zr4)&c@rE1sv=Gg0IebTp#`hF5%?i`@?=~WrIHK3--(QQJc@BYs#md7588gwP^44`c z`qhcvvrJQ?SwtO;aBhVW!-+|;gk8qv$H%|4AvhWgBQ91SC%bU&F=O;nzckET=C%If zN&r2gTnIwR-C-gl;?GokdrAIi?l5lQ@o%1Q`2jhCBp8mHmSQ0v*GeH-r zUy0NayeXPJLBj$nju*nW?|0xgj0-b|t%5|QD~V=;fM|$AQI)2_M}Hc@b_Gb~WUzD& zdPSX5H}0Jb2xjk35cuGh8Af&<6xuA^yi7KuRUotu8_$dLo~KaED6ln;i2l*h1I-nI zik}Dm4_i8&az0nlcWN`~dsWmx(lh)(9ED}&JRnvdjqueIQ(A2J)L0nKEourKy0Trl zzNaagean+VB=*$+FM|0+3CLMoGJ`yIQ}=*4a?L`)>#)GZEv*@^3%_xt^<7;{^Nv%TEd@P8 z@uKJm!~G7R{x9>gj9>`NGUGobovHq*uLadIp-BAok8u982Sy>~Gi?r&3JRryI#S9YB_{*^M?U|jodZQX ztBn7%?LW=FesB1P`hNfv#Q$t~_it3ujP?P=rRxe?5M4 z^-s3+PH5>&6*Y<;1JJMY4^)FMv+f(fq6FO5$C}uus77!hUj;Tx?sA_j3Z@MvTedG{ zd%EmyE6!jy-3a}fOl?C<@dt^MGh-pjH#F?=x87n}Jv2sF=+&y?5-~-(&KpW)?7$;{ z8Z!tjrAA(bR=RoIYq0Y|d`3V9Hb*GeF!E>dW}J5?+n#6riV`?SbcxcB0CbIM1L*+38FjW?LuY@d^yNaJ4{nxWEA6^FP@2|tnb;PR*8 z{E43)vt^4q+4Lj#64ff;t;c6i>MjF*}V&w5vE*yBp_hD5}E=SA9$odc!LWApY zXp%guNEw*nlp^MW(T}{w7lP) zst)4i5u*x6I4e5$m(=vQSj~im*hq$7JLg_WjZ|b~amC%pBlyIO0XA3xpDOdWu2X-et;`V*Rd6`^WrhN?th60{YmXRuQs|G{(^XGYbu(dO%M zmPV2-!E*A{6j39KUrP3h3vRHsoGn25GF{#cPRyz8!u;nbY%ESRy-g+9-4{x!wN$ac(?rFF=k3(KbagG@bkf~epxu0pb*RKkUW^oe1Bt8Y;*O3k(O^JM@3~R z2RA`2o5NVu^Xt%caAkYy4Q#g$L5x&wIiuH7=eoO{$wI;_ceSqnJbR(wa)%8Lufb@tpPuY z$o=K&PY$XsLJMC=n@CM{LO*;p^yuCL@*bByH=FKLYGf^&zsGq|N=7GOIWa{ZtWySX z%|MBHl+t6+HG0ZRG-Y&vMqdlf*WTmTz2t7x9`cheG`PqpFGt5jhc)K9%p`SVNGZ&U zhC5%e{IxWAYo2no9epW3mK19px?h|&=+&=Js10FZCMa4jShg{Ak)qW&^a*b*XIf_1 zRQIpNu<8aFyOp-VMdAuRqREdT&G%v0^0HPkoT4%0V!oLR zp%QXkeH(NJVW3?mi=k>*Wcn~hpP000mTr8;WCUMm|-JRyY ziDPfjM~ptklLbAxaY?oBsVQ0YUItrFH`U6^TFac~K%^SWfaadgC}~42y`W`n++rYD z{N^cceS%mr6@w+`yNkgB#UMT`JkIdtJ+|*7`P~x0%RD8Yb%_rzyzAg_nDsP&Q=lnF zoHGCRoh|npC^abWOHIBVzDSE!(J~nI<&{O3b9v)^tnM$Z0hm( zn``dkL{~?ynPW!XD$N9(^kPTIo0B)=On;$?3@pQkDN-U<3|FqO&C+B*#Hd$93#+p8 z+|0j7CB>2--f86IJhxPJzCC2(J6tP3@fn&}xc@Hv$arib?>z&@PBUvHnXyq;i*fk0 zy8NhB3Pkr>cYFO=2DbV8MTU>q?mx6$PO|5oS~P|@*G=0dXmzyZR&TfmO;20LwEvQ> z7O3aDVOK;?4onl?owQ3-_a>jTTHrmtc41%OBsO|AXcZbHt>`hL#Y%o-k42r6?+_JL zQIRr{)DUe-O+%iHjl;EqXrUv;bkn^pXXWiZ*?5oxJ3LoS z@sU?~Y`(AXbM>_fH~!&zB_;j9bHtEfIZoRyv7ujaz|2UL@)2f;I+VXK;t1z^yYp0r zod&)WO{b%+0aFlsCEEcYW7Ae0{uSSh1UC+T&FiTHy%h~-4G+Oaa^I91%H%PP4#E5X zmdO71yRLTsk>|DST)UAv%@K_{n@PJNBB?@ls?TmGvf)TXQAGH1-blGkLPY}4scY9~ zL-wu(>7AjABz#AC+xuNA^?V!fX`|(~x=`VhLF};0HEStBX!^&cs=1uN*%ac6C0!&| z!NvbaWjNB)?6y`UeUPZPh_uA|*>{VAZ-(M_#CA@IZ}bSZC*9kc{#T9Y*_Z{t9QdU_ zI&jR*iST`VDg5iLIIY!ArcuX)^}2Y5F;_*NXVWth{K$(9j*@GBt)gStXy(q$xuXM}lN!za^(2`-gP7%Ff>{xJQW8`M9L^q;eyD)_P$FTkn|;`3!N6Kc%RPQ- zp_*IQ3uf<;#S?XIKeJjig6Ud$yc~M?@j>YV-(eJ;LCkYQSVsFBgs~w99P&B)1N_dW2)Xm$Weo%<0d?3W1k;VD%laFb<}){BW0O?Z_8d zyLO5IoXk!)T{)$=d=}aCT&DsA*Ec{>u*UQ&Osvkj5$IFIAg%EG1BX;rWE0%y0$ICD zcyr}nRH5hJVcuP<9lHm0ri$!3;Vl(^NLG76{NidBVGmG~1~GaT>Z*-AR_8o1gX?6i z0I+HSx#9{3>SmJUuEszaQto!kba|l3c-S%7D2M?dWk%CC{YIU20zw>qDCLc9zfax7q0PePzHhsMF<-!@%1eFdg|e%dp=%4 z;HEZcbA!pp7Qt|NWir}-|Ct5*#!P=mrhguP0PX$dkWvlKAy>{eqqGt051LGjCjTG}s z6Q}?Smv<*6VmAdU+VG9n=E`b11g-5HhQZ2sFU%PE=U~3*(g~HbwhV#n4)fnjLts{Z zeVltXcZaA4)sokRzTqPJw3aGuG?WvbC(Ins;sS2?qf_ap{BLhvDXI#;RC+u~-k7?R zY+icm8W{;BIjPotT^X%jELmc8zHan8l{;@RgJ-z<2B!>cPC;w9SLyLEmVNCyWvu-D z7|sGKEIKa_Y8x?5PP%S&LX|Fj3BQ?aNmP+(G}Xj(c3>}EQ#717c>v0kxR*lNb8w~y zq=IkK?>sly_i3S^T9%Gs4-i9cSbjXU_$HDKAAEq;oYaPuUf{l^{*Kj`mg;iojAak$ zTSTQOCGf_MU$S5%QHv@i$qm~dZ(oBDt|bR?olrrX>HOozZ7_7QC$E>ak7xQ;i4bFX z1b5K*WgRV)Ui=|=be3H5=n6>>{19MJ!d@BvD~Y0xAU`VTXLE^$AO)TAknujJzJ7se z-lfVTbQByn3I~rcw39)wu9cJfBHBj2GLQS{qR~K=H*0OjD4m6y?1;%sBYR$(Q>v)P zHC{V<@le~!p&XnmC_Pq21{>m>;A z7Lz+!2<`fCLg_^#$npTJV1y(D&Y-0gy`B(O=4ExYW0kC8?5Xxc;Q_Ef|#>z`Fl z=>Y)vQ-5eB22^CBXo=(zJee}qnfk)F+vlA1htYGKJErSHD$k6_09c(dL!?}zZp;Ux z1DP-!U2D#0ZlFj8O&WvDtK9x+a8gVOCR zT!CzwIpW?fi&f_E*M$cdB$$BanZL#6BT%;vBbIpgNstrkJs7Selg$`0;dyS0c^Rfa%PpXORUz|Dv0IA~4X7qpH3K$6eVq z=)vyD+D8mR`~tdXXlACPr)G}{HBa+4F1fS0PO*{67AKkvNA{6|?VHbINKVnn4q1IK zwWrTM!=dw&kDi{K%jc8>t3f1<@l;KM^3N~jOw`DWDJHE;Bs?`U#I6!LMg zaZ)y&bF>=xD{WM8QSBLtV45pj3cFrMh3-2vyG1pp>fiQ1n5$g#*FJ`S z6#R%FGdqclPR3OC^~Nel$LVh5L=9YUmr4ft)R@mORU>!k83@vXTu`P>q~EUUyMO$1 zuU9)LmA3{RgJ-E>R;U@G(d++Iu%uRb->c6>l_?LQk$Zucu2lM4OuZ=m?^y<2aR<+# z#ek>37Iu_iPr<%=$NRgxhmp7Hns!ygzY2%1#xgYbmsfFh)buknTG%sg)Yr0x?(oD( zJ0xP0RJPn`&r1IA?3mv3lKMGBEt{dq-nuuCy;L68@@VYvmIRyE%OUUMuGRsq{L0sD zlUmaBYf9V0T6(lj4TFonL-nTI9(FI}6A-XRy)Swiz6m_o=T%hC`KEu6@M&qRk!g77 zyes}optHo?neZc_(CLWN_ot)cojv(FENIo}MOf%Yaa#7$mcob5Dz|H&Uz_vFuo z!k&InXCf5gAz~nlYV*<0T5?LA-Y}V0v11J@+H;hqZQx^#jomD?!my|!)iS}Q5It(>q z(?GwXtp*XM;)G3w^G07&RU+USTZHzL5J{6Y&$u65ZZ3UVZrA~X5a*N`YAsH78_D;x zTiPE^I)^b_VL-q*sn0F7JOBa$@Z3H7X^)S1g?j zm*zj1gpLHJy)Q`raDjOy_^QPiyhiSo!MX>o=&u%I`u-p`ZfBvG$Tf_XneY@$&ti`a zb%ocRlx7Av2xJ}#3I(5jYsMb?IeM2GCB@70LJ9_V-&JdNI$t~y<9%yq>G0R7&aip5 z&??QSS2qS;f1!SkI%=ui>m+g#rXmqc?|;8LmNrnyRLi);m2rzJ!&@c8_kd+4eR=10@ALKj~ z&OePQ&S{D#>l^nZfy>Z=D+Uf2!LoYt*wM>J=$-@<_`wIUUq@-9$201c8A&C%%zq__ zjG24Kbs{3cx^xIkXx4icr2hsa>Z2Qf6IFhk_Yse+jB3mm>JU<8K#clA5Bm1N1KdbS zd(h%}2JcDc)@1SL1)pn@jj;uZkEsEBbV#;|1e&Cpuxq0W;3>9e1_JNAm9JIAB}ER} zs8p?_hHCZ(Lb^IiM@o#?=^uY_8FRoW|6PTaMeI1GBGIoc$!4{9^i12lJ^8LMX3d|h z7;={el7tZ!?vc_uOde{JhoSVO;*e*aM+E+49pL<<^LD1ZFG5qSbEn?8E- zViPhecp;YiI-2WS#G3S`bwew$aBiUC4X@_Cv+KgwOOmh;R(A!2y9I%|_GC9+hqCuBG1S0}LSU|!t&=>row_wh z%w|c2WI~DH(cw9QFBVpry0aHf{^6~9g_FKzS`|t;@pI{mE(W&_CS^}EkAIXJePhBh zP&c>vY4b)P?}?vPQ|Up&7wU`;`Mu2JKAS_gidGVm2QBqSt~)#|mUKn%=#%CK&cRDI zlDH$zK7^%+fU^l-pbPQMla@=jqsO+*yf5>J!WEuMm%tZmyk=U9zEGF+D* z9^kcBKoPFVsq`tv0K-C+KsjhpM4%?jg)7GB>-exXQ8iUxeiZMcr6#(vIIyt*XV41N z78b}QocGNX(p2BbNtQII&4a zu%=$w-@7A0sMD(lt0~`q_e|)Aoq54U!+0Y?=*ct57_s*r&`1>b(1nIgGHZ7kdzZm) zq{qnyj~X?mnp8W}bkB^g=!E^j6FC>ZLOa~^*pHQ?Q*w`rAXAR7a%s8We(PojDelmd zI%@|OsprQA@$*bpP0s7~qbgtH$$Or#4AWNg?t_!LC8x{O^zqB~pMN*7Y+XH@oWB_~ zTcz+Sz@Ip1;_aJAnEN!&v|~ zbG`J8K1Q7lMo(`KA5dzqn>`R0J8Y5Brf>a;^L%Qkb&j>I?gk zU(#PgYruEZaaT+*BM9jl_JE!Fxc=8(ZoZCqv5a7`NIU*b z?<{#NTSVv;sHdbE_cf5ns#W~gPkgI$e%e67?RZTEIWS!Kc{VrrCW{2$`HKX<=yio0 zNVL!cf-J(&hsG9)vtR--)VLn&N91=SMx>8+g0g;5p)ewp|IHlwh^f)ivF`?d%*HCs(DzN)cWkE8j-6QI{k8^ zN5k=b(f)(e7bl{+?kHV){qlviDQmUdqyprJ{80!U{y*>1McUbke&197PUixTjGCXFh7cEMJ?ne`x!eHyQ z%=0f$N4)r>$hP56xHr~^)VRk&QfFsH+kg5Van#N*PeRV6683&&@fv}FgAa;-DO3?n zpSlqw^(2-QnD$_!vmx(fHiV}v=w~3;J15^i(>Crk-ZD7S-+5@+_$rz0@8^;N5^qm? z(5^zXO-9#|Wry)iBlbvUpZhy`;ZsCQ7i6Y!lT`)m&netC9q^^8_%5_KcN!QUHu)a} zaXkjy=V}2<1!B16<^jUmX&IRJuBr(t&ht4AkM5 z`eEE;GQu^5>F&*2U2sgqd;w9Vv*shq(+%zHjop&C4Bg3CQk)@Of6QDuo$!D+O-7hJ z0uoI9b(;>;KV^0sf^;mXeA}OS9SroZ;3vr+H%g>P=kF}9I66@IjJt1A7EQ}I(QMGz zN;Rh}sM}d882s?>V???|EtzamZK8ZETS3;4J=PRKztP7BiEOUZD_J-4><4A`8up7S zd>cZbFY~lODQB8utor(`v%rOrjjSpdszl_+%N5}dHl-K&iuN@)&GpHYwd~{XUWo+a zms!ETm7pb|p3+cWI9I|4b^iiWRdb*Ob}vcW_|1@Z2vJrR6u`C*rS z_$_92blSD=Z92fOMv(De+X5i`yAj^AjdN!+&F3&BZzaK8D!ElS9}KjRw4?N{lAmi@ zkM5q13~_)gb{ptdH_bEnk6N*+LET}2cMzbS{5Alu9$k{f6*D`{xqNHTl6=bGwIq0B zuKsz}@1-^M^9TcKr7s^2(BwVet}?c1?1A!NQ~%?q@j9OrvY{SjdOS#n&saH+Ras%P zVeG*hSEH6cZ@Yjnx;cBjwqd5}kDKa#kx3Q=-f3e~x)A1kNT8nmp2%7&%Bv`Th69^kr8=vLxS3)SQ8Sq@$YWzL-Dc zM!$A~xP^X&Qm-vdqxk7B;IG0l`iW94+3Q<44T;jpU02_?{bsjEuj;*tJ>pK~5cnzs z#@2cCafkCz{}L3>w8Uj##b3=4g`BOsqfKJ5f9Wo!4S)4TA2}-_|HFbY>U8b4vznXQ zjf3fjR+fv!?+MxTlxG?lj6e8&ZIP2CebfA$JCvoHn{~Eh0O>-sP9gUO90^8-7Th@* zw-JfoB0`I#caNt{p68}k%SvO;YqRgW$N!t*(wci|`(X6WD~{cT2LX*bE*zWPW(Feo zVlI%aeO~ohZ7bL_?1vfC9;54Ri^y-y zc8AbTA!mO^{xY69C>b=KIrQhZrS`cQ%(36>5&-)G|D#iiyuB?rC z31_kGwYO7xP>jIP#j^eb2adjRot!`};wp)q`Tjw+C(Bl2_NS6AO-P0_IBm;$r#PdJ z9rE4{df^oeb23R*`Rqz&jwcmX^DpPzkZ0NWs2?c+n~F#>q)Ur+{l;-?Muh)3vr+49mUs@|6pGpGrfL74jrFU) ziMlP+1Xa@$F1>e;8u#9M^lU9&%QN%Bx6)^<15ck~eZ?t>M6d3aXpGazTA0y$c5H2f0Hl6s|c+Ysdy)Vo9n>W^OMS0&#$j`}&U z7_}}RSH$GLWoE^@+=3UCXGJE1(ED=bO&>SO?A_dqvmI9c6*5FJj1#1pih)pQX$@%i z)3%;NKi;EBz{rt4*+{iLf?;t$kwIyI(J!i-4}zB^A;1 z-_|0W!cFV#9WT=~lCSWnQ0JIDMwIe{p5H&nM%;7uT&bjA^S1#%FL^xVp*JJujXr9i zft?8#^&2v9M_~-X9WRbT)C2KRx?4gKQ`Z#fprt?J1j6;!%e!@t4PGK=_l!e-+c9C1 zC!Un|x_-(*UA=*c5<5qA2I4&35T^*D(>+f7-nH%a)ZK>Q1v!i^8VA@k;22|bxq(o%)8H3XwcZmpUVu7-(lf!LG3#g?S|_X1L;Vs%~>e1tl0j>`^QP)vIX+>&5z78fC(TcE0$ z_>5=FsCn|V{~H}%@T=goC#@=TKC{mytq(^(G7y;Nr*M4FI*Z%cg$>-@WpVp*k8M%h zXKHYrY-0@53{MkAKZj!k+YIRu>PbHUUlvHWhGm^-Lz6KF?n_iGBAB-8GFBoOn&oh& z=slqipQM1P;V4yUE{H8@J@*pHk%4QtLDe_k+QjPbMoIo@J$BfBV46*=Jp$uK16g|! zi|JhAwhvsQ(i@3y* z4g5-f+62UTrKH29Vy~7pcr?|P%?65ZksZ8XCJQkhAd)?@EWad^1aGFW3dt}$$kW0c zDyV^}HBVl1@G2UJ-}O0!2}cU=H9zixVk7`(%KbUK!N>RZ%Zmb(b&lbO&oVATY*${Q z`&|#ZEbU(v%tLX$2Sf!w7^K~-f_dFJfF#P}ppEr1m;6F$BIg2& z!rkDd9|+q7MznifJO|b~GEQ>X&P7&=^aBMo6`b z)W-%#nL0kv#OveDvQk5}O$_Pwz<*9qGuU}f-GD^H0DWH^5^GOixI8~Sc}PP3H85k-zqNZ*95N}$>rA1n2=l*DIg%o*Afj^zzeZzrY$KDmQxnlknoeFr^YDU(vk+t} zkRxk%a4$Z2j}?#g$$7@(A7t`D5IHe7{N6&qa8|I*OK($lCXU}NT~|0YysgU#NumZpNym=p zc4H{Y2l6pO;z{|E8AcRNK78$dzUahr2aYFDIM3BKk^Z^x6~Hgr?+60#$)fPTjI!Z! zbcp?6-Rtu5PpOd01YYMQk@&9V^IXkG%iBMF?YiQ24) z$nQ1P=DnD@=6m)RF~vsf*0XkZwwaSw(M2~FIsE5Jq@d1%VjxA5rY+r5)1Qa`Tym3q zdJj|#t!O)E8580Z>*IJORua@u%h6H}MRCCHq$qW@gd`f{Zz@C7t6HpD|G1~Mudn@R zA$iV!`9KOuPd_({&IWQ<1aUzw{8l-yK`^9{_M748@7Ge7@-=2Q8t;Uv0kenC)xb>U z6+QD#3WtYe0(cA<**I5+>RD` zSjORmEu2@2{z5|!5vQ@t2r*$RZcdgenxX$ zB?tT@`^1suJcv#Rz)Bw(94UygwE$HNZHE{BbqnN`m6)hs98u8HHqjU=IS$Cl?DK9m zAk0SSHq#fu`@sPuO3WWWE-T6kxiiskFmv&ujY2{*(N%-=f`=S2);ObW3KH+)=qL=7 zbU=OKy#w^I)g*b!XL0!(I`vPN7_flcu*cvJx`j2jS||s9;<%~J&j5WMT=0nyTh>R8 z!{fG-I3wb057F%{x#SMv2zwTiN6uJpSvUpp&^+@>=E40~TSFAx^{JVC@ln3Uzg4Pt znSlzB5wP@azo)O{s*FVlv7gNF+4s>$w;<#kVdniY9NKt#hMZ^f#+y-G5k8sF&oFjX3z!!_)l7MwRIZzju~39V*Ioa^i4{ ze#cp2W!lk6!JHN&f}!jRkuSTd0~gWlry9=r=Fn1)JSavdZSBbil?#>=CBjvHr*>U6 zUC*T*Beru--_)&nMLq{f7jVanyU9{@Jp@w%OTSf1_&z_Lkb5zObdac&fTYt$%)wzO zpSvGe<$g}NeXR^(MV$0TgdUGVT=D@AY&{JVC@6bA=Bx+0^u(t(0q|4o6s;r2K z@%T1s_M7<{(YdLZ))pP+Y-sam-{9$1MIIT9Fq#Gv<0UIcci8irJRVP^JW?NtLjSPP zEb!5qr*k$c(XMA+p@N{Ld9{|iwRYQ3 z9B^|mxLs90eY53a6EN}j`%qA&qc~2=7XQF@m)96nSVNJirSIg4{~DyUg$=62PIXO% z(WqevKxPz4p`*sh9eR|;_okne>#Sf5z{7A1p$$b66EHpYBqC*JrRYg-Cg|h>rwmwR zFoEOlU#Lerzvs-gT_5<`7j-sy3%goGeeb&6FtI3&XM|jk$0Irh(U1=;>{`WSD!6`0 z8H)K)_Vw#Txw)jxL&;8a$#e(0^yQ`j70z}I1@5Ql5m^2C;mEPhs-s`?fp>Qn zALbsBBOp$%davWMO3x?B{uB)pLhy$q0}NFL%-C*@MQXhOtlV2Gp?hk(GG+@2vR}0w0V;*uYM(-W zA&%PHgPh0?+27cM-0SP|qph&$?vlppZEmr{;^ub!GMy)}(4655caKWcfd7u)_xtV+ z@{#3(jWo)a9&VqUP#Jn{$N%kT0&#D42xtrLn53`h*;bW->p4k9m(>Dx(i&i;mwu8d zu2SPz%5H3C9MCl25Y)h&8OEvov|cm9ylUiUy42|VFXLgzF*?j^7aW26d~qw zOxz>3u30L3zixXlgS~4EwZ_+u){--kzrrY2x#V!*q0NTex(1pJM#sMkQg1gx1kIF^Yc% z!@L%@FarvwXzJnDt_|VCNmEwmpA0rn^Py>9%NrDuJeh$DY?Er_?elVJL#Wdp?b0WG zToXVQ(ddau$`u6|!~4YDNb6Ilm##O#T3_(YHcuCy65Jyz>Jv)G5{Bb>V^Ya2-h3J>V#7iT~t`k5+qLp$ki$cGzsiPd_HOQV5b=w zdDf;|4!3_96Xc_Hp~SD?9BiO@dZP{VLYXT^ z=ClgA34)5CEC{=k@5r}ZRZhidWkM4Eu%%pCpo8Zr1BSp~x8=J`5$si3Mz4qY`{dj1 zY9uh-GPJzAz57SD?Bs~d8FoOK?B-+eaMp_nr}P^)0_TFY?MEN~y@A9G6CM3wW!ZnL zDzM~lKTI}4cf>4R z{b-ekL9nyU^nT=@{GSJiNi$S2v%#GC$~=6p9C^v!VJVO zI7Oea@OYyhqdpyB^A(yW2ogCkMQ&>cQ|3qwsvQ;5jBVR+hy`UrC{4ZNL$V|!?>BAw zw|UMH$YmKi2!@&F&DVD0J_SNqjnmjF^(++4d z!*BIrh(Bcr5)%9OgkJ<)$W?uf-FxM+RZ`W#_|PKnyppbyP$kv( zQ((Ro(BEvGu`K04kqAPh7Voyd@6+?NGp(!0Vc~Cf0`i03QbO2D5Vz+dRlN*Q-Yni1 z@6Sy{ePXtZ1vjsJM~pK0vDlIS(1KYSl-^l>wCa_}?{7X{6e}iS`%CLxt~@tU|F5nLdqDPzPD!7>{tq`P zAcWV;r!ZcN{8IKWp*0px|E+>flf!@lpg?8Q=7^!L698Xv-MbABj>vq{mq_+#!l2Phfz zWpv()DP_J0vh-r@djAr&*Lte+H-w>y0k1ggTs}sE?>Pxbn~8=n$gVmNGBino_B;Ky z_-ro~K4A#>eTX|r<5~TCB%~pAHR6?U;@^`NT+e!;lBCC<=GAgZ!}L36JrlrQS+kEQ zQ?KZv=_F*(o^2#p!ADV>?shvpq#@U8t?MUn~-slh8 z3XGTu1Q5!gZINBpT^9Fw_J?4zkQdo(igc#}30uDTka}fVwJ7z&8MK9|F03-^$91)j zi{e4s1DG?vdS9VW@yI%0-EUJ^2cHCh=UFX(z6)j{)mr;P)EHmZaPCX0iROBMqy+jD zy%;U#SG$}(>!1FXN=t}3MbQtK6ozJ_-BEjub$>MYNZeZW#fXHumMx2ECs}XSoUq-- zDbU{mevYuC2Ah%r#nOWen^G%Igt;(gkJMKUrI7TW&WEG&7y$o#@cpL@fEH^tas&s` z)Ff`Xym<7Gg){j$RKr*M^mhlN`8cX&b$N-(+lzMQvY-@20^jy^*b0fq7aL|tOh#>d zS&ajM>*(AWm#?@>thl*^xA^XK!b*bwvkIHzX2Prd+PtI-fK>KEK43J}cTD_k(*bJi zX58_^lgHCk2+S+?@26PQ8{0j6L;hj&@Qx0z{jFZ(vmfjS;nB#_F_-F~kuR*Ui1S3z zH|RIbm``_2mlox!l<0@Q%tmZ*U;tQgue(yW#iYy*ae5D0yjHG3=%A!`=yd&X%ceL$a6(ZKSE@!!>zfv9>1yiIq-g7sp zIh;rz*6Q4`&~U25QnupU#PZ@a*DY*eo8S&`H3Kx>3^bB;m|o0!(9~W3ck*av*~%}o zL)d5eaO3G`^RQ-h;c@_j`0{BqRwsJ;j=YsUR)Bo(zLat<-VUx<=(_8 z6c2kTTZMov4)ao!VnUIOh%~=`%sT=gjf5$SRL^<$3Jh!peI^&bi4Qz)#DUTM!%Zed zEqmk;Q|+Ftuz??!))~>U- z%qKw*d@aC}0KIg1%W0@9lwiu^%NxAY5$E03+`1Vbnb34_sU6A6)U- z?s2LJ+9cESbE6Xd49Hat);K{I8HR5I`&ceu0P8S zv=mkbtUrYPu?>uk@E5^o#;Lv~D)b@0`vTP5tp6W;)F0eCpCHvg#*|BU<+By}Zw+l$u(iz~k{)}_WC5V)*X!)?TZo|dTa@j@i8vIUD z2;_G*z;s#8C6j9`aHF~TICUzv{7FK6$IF%tVIX5D2YIw4iPc>Pq5aebn9c$T+N#9m z{@0$=$*L1no}NFpF2{l?N6WWCUH$Z-9rIhu@MJ?&3nrj;S&wn#RF}gjf4X0yWi%?@ zxT4d>`nRW*HkPJJ@zdajyn|k@1wnP7H;EMiOJ|;s=-*Ni-`iYwC0}lIg|QYRr-4N> z&Io;mA^*4&q2jbA;OA5GPT4^zh~|%krS7WXBXl~2l;?mUpCMvhyeLHc zX(!4T2SV%9{D#`UCs+9z8+Lm^+E~=uj8_+`Y@qtUpT?&;b<9vtOlQoVZ!e4A*n^RS z0|XJv>7De#7Rg&KoHLVGfpN3ON?^^rn%qpgo#8qROA>#Xo3q?f&`Y-5J72Q8ntmu$ zPFfC>{shJG!pIH-LLp3eI>ooiU~4>$h)RVff<1ruT#f~Wx|1hiP-fS9i0jnh^8nuw zaw^&Q9{u7WX_5UrZ&Vafl9hveI-0i0l8b2M3 z{&;e`gt~Qfv}AgYh4KMr4hIsZ9-o%)@l1#Ftw|9MG~Y*8tBanLtKm#u1jVhjCW;c# zp?z~`ga|k$_~4zlcqCN)(wZ#;4`SNF4cY-2ip=JfWkZjhxdM())cCnzeEnv&+<*)F z%9wy#(=zm_cWXqlRk+8)2&9KL9wvDy#}Au|z(g^6qCE-9PzRBxf?*MTYGw6=L~X}( zZ8!&Z=pE5buI}bsxPQ#jpqQ9&ir?2%8O{p*EuKJb7OOkG%E0!?*BL@SlI0uKK)a|WB&#+RmA|>=#*QYB#!y69-GIU{#kbGA94R5*;zDCs%s@WHN zzMsV5h{e6X`aC#luIf<+Z(Tdn6<6k%Mz|sjexB}oT`u5w#>1g=dMcHV=Z~&Op|^v> z?T)$+o}|}&Z@v0G8S}xz5$l-HI+keEDZZQtBku}xluIP(2mgkgee8t*>6RlJF(rEZ z@uN-Izn#77-*u#0A|)2$SE8$s-@I`|Sc5Z{wVdvMQ_^ISySbi)qj`1?t^IY5HeuEN zI$Ej=HI&AOo!@nk9f2>=#Z~hJvrYOANw|<;MqKfzdf!@XOwDV(;U|WaofXUX^s-a7 z{{*DoKgUn^>HJQYAeL#p@);_67h9>cl?!j{c-$a1#&O`*RLkmNTHHdx#?i16{vTPi zgf4G{>M0XYy{CY*>NB*_Dm$C8cZB&ne0d_AGv%x^&1>Ouu}r1Fc$#qfdtHjRkH4CA z{O!nd&)Z@PEO?!^>V_{H^qrx+R7FaTSfxi@#UK{VR_82cKT#>XZbK1;lkeQmv;I9| zr;}Iqp`%sqwkj=CsC&YDPA>3FD1bu|EVym$XiDIyJQ418KKH#nPR1b7JyHNBNqj-8 z^VyGQaY(mHWtpw9)eGKOO7We@A$oRpriI0h*chF>_ZJ8}QZ8TjQ;xdhrlMa^OkT?N zH5yC2E31D!wBM!gki}_@_(}u0ydJ&u>nRi!4;7nMmk^DXKl+$bLw&8!x?@GXTAT3R zqR;tt!KX9YZke}6Ufa6(52~>=nhM-MQhrNr-c5Ct47-3wLo9QhKTB?xylhN-Im)FCd1D5=?zGsT+^;R@tWI=dqpK``!c%u`|skTD{hSdHTV z9N>6V^xJ4xS9yYJZ;PgG|IRn2cXXb&G066)2g z^%Yl+{(Evb@?h@%6Q$g-Q-4BRQATGLjIFjoH;cq$Yjdv_Am6nGFjM-)g>A7DrI$u= z*xeBtJ;;j>p5v-ExX0We=vA_fsz{b)c3kC&t~KvR?-GgRiW?wpi;`%u zm!gz=GOp`pe96;Y_z?Z+@U{+W9_%*h&Th22EVg&G0DV8yI1|*;T0njOd+5R%$K-Yf zb@GLC{2Fib?D~+ZAJhLT+l;;3@Lm2VPJ~xgT(8AIN5uHK`t6#gJ?=+1M;cQ#qfN>3 z&!;&(iZOIq&w2@Z9TTgU`WxRwe*4sAaK2+`?N@7kJS~%WV(AG!`{o~X1b{03*-$@r zRJwZyy(fcz#@*~1t#)-@kM2{ydNRLpFkQ+PXUxkDmK6g3KzGTdyJza;M5DR3kaIq( zV2;N6)EJ}7I-`#VIR&U|IxFegA5@+bS}8j`kbfjPkQskX)&3z5n9Cs4YzV7u9M%f9 zi~p1}CXL|+S62Oo!_@btOG@?i(P2nFcj-^oYngWDLQ+Ie*6T#~Z5ON2As^4N!3A+G zMMjlXFDiHYXC&C8$4P1`$M$WaUkup6=qo9xWq-SiqLD!sPq3wm?wkw(8;1w{#*?bA zbKKK-+7*2pXNqBDlOR*>;1@Y5u&BnmIl1oqz_W~n?t6|VC}XlO18JN!T~K?c=rh;o zlgP4KsM(N#KF8H5J^Ipz8^zPE0>S5A4-mH5y6Xed0cM1HaY?E0hf608e<(1=FHsvS zTes`5#IJu`r{X@Njobh-bxaPOgqd}T*0xQBzB2-Isbr2^jF_&>y+;jvM*77Vhtrx6 z37Nf#q<-nXmrGx7?Zrk4&pXki9*tOtL_2nB_nD>I15&1eeJV4@p1)a5c8j z!!-qWf^CZYp;H_#25B6ml%~)aRBt_N?IU!J*XxiFsNe#-+)?uzf6&_i!UtWJ-(c$vvXFBo4+BzjG5%(p zHkVEj@n1u&$uGP?^27BI3H1Z<2x=VdrjyVJN4iNEyQwle=#d0*DUhv2=Up;Y!Rxd2ycMQ2N0=`K(i!pvz?QP8*Q| zZY{lWbNXo%-L-_mZ^Dq_9c(#{@-NRUjC`N#)DyuRPAAl`)YPVIJPJKX-S6eeFJz!{ z;5)KfnJu52(+AfT9_Z(USDNe8P_u z*MCo)P}6wq<(p5~n6Qazsjr#nRY2E_MNHua;=nV(;gcCD`pLl7G(!2|x@9O# z1v@7u)!Vc2l;t^8{opki=RXsq_q<|T`6O8`hj+he`uyw?#Tzsr7ZWdJ^ua`GeBRrN z|FR5zToCXdOZ+_ESf(e`=VjRNt=j8)blhl;BmG^;Mm7YIFB-x`-C(Z>v>THK^t7Xk z7Sw5)DkY;UfUODPIecZ!K8nQf}MU}3s`czfP50E_RQlW_MV|SX$Ov7zObIu&=$ma z9Zb;}n~LMj=LA3I+#g|9lxNy4VjfxjTSJompF5vTe zO;h~GjM)?8Aklvr)vzUPoaZ26brX2jPv{s@Ie;$imH|p;p|JN0^EhIisyrK9q2!No zY8c%8SkU9&ofV9?cI9KLtX7%{S~_eLF1LFkhoI|@c3CX=tF49rzfT@7jfBSf-G!Sc zvmWK(Tt8Nus$X2e?WVD)@}E&Jh}-B5FHEjrnl3VC!hXRES+_FY`Qu%_UYFPZsSCOf z;9xn?Y>ljkL6&i*VJk&5oZ0y7+kem!JllyGtb0X!>8-op7yOo!I{Qui6GQwBK0Bcw z&9?_q65y^vP{F%GZdf>3^J8|1Hw)`K{T%WTTY_ykB24L(;L}H0y~g zaDE^de0080bhuv_sJEo$H$<%qePnGsW&-!f>pyz<_JfN>XqFv(ARfdZ=RVqDJbM{` z?;pXQzxU3_!ruF4lc5e*!Da2-_>2z7;Oif69CYCta&W&Zj|`s+7)s^C_MlSOXLyIr zH@G2=48hWEUn4=;YQko1m%XOTrAb#RJ;zf3#DK-am-#j?)o$#B*ZtMmUxhIWAhji6&!yUN`Q2k#;vqN`qk2OD3*3 z9m)Y8bO`}@lQ;)MAlguM0ykA>Gu*q<%S5>{XhR;ce=C->?kVdoXpWAXUjjs;Ls8tR zQ(LCRA6m3WKYqQXf~WRZ#%Ti3W=tsO(el@+YB<=Sd-4!=ScUHa>m27@=mua7vb)dx z$>u)GBaLnuDjif7#8IB{l98n*+_2oG?mOAV=GB1yw`JJOuH=#k$#@RMmB{|DqOkY7 zdFdq@0^Z<|5Y*Ghw$XzCbg2GA_Qhvk##b84I+kjoL=58KC7-C+rZrP8{3C~DMFt*7 zYithlh!DUJB?!R`d)tTsUF;)g_Mgqj(pU1_i!qu9xxkScr(E<7`JsKM^@kn@49Q+lkzP#uK=WL zQI(Po^1!kQSzaW4Qi^g$YS7~@3SOWlB zdh~2f1J0zM=jtXYuYAZVDSZnd9P&Ag-=PUDcVrZC0n(R#0(m%GTh!`%EaIqjdFYos z0AW8@W*>H$as{6w=x#)Kux{f(PM96JWpwvIQ3U|I7%R5HY(vFctGHbT3$gbNxNFc` z@de!5hI4!IL}|HRN?4R;m`eijOBA3-rdaweS7f*c{N`d46S`r zLmg0=bNN??*?EKdr0*czlQE;(B+$6eu;9+y#d)MAs#1&bvai zcK@|0$VuQLnB53vCynRvHKU@Zh3`+fQE7q@ag;S(D-T)_&y!OHqy!+#_bWrI@65>8 z<*HSaEX#SzIogH(rOBfTN$BDG;DQ6w{Tkb=oY`t7R$)RY!WMQW{4GAcDtkl)*Kx6I z=BLqg{y*N}5FK4~%X!wW5>BwIgTW3e@1CTL&TRmSKrm@?hUzyYAp;adE7xf^PeJ3J z3QGy#;d6WN(-mVLdBYJo%C|aaqcm{qd_tuXhvR)MDhD8|LlAW4zu4q{$a=bm;t?upbx_bjuc~$TQbV_<-bstWd z4{}aLFKPAXadgs-K2Zb1&wKGbfO#jb_z|^cH9Wr#k%X7}#-w~KRk*zZo^1lVndp}1 zsHzqQRs^e&YmIb++t_Dfpvi~MOl$C!c&tOe5X`*9;7I%Dm@ci8z9t^D;0!YxNvR7G z$1}MW4o;1frvHwo>vd8$Gl}a`H;PMj_BElW4}c?ZC)?oF#IRl&31G?VivwxmiQ)8! zsFnF@^Tf#7yrq@wjdW{Y?geK(AaO;CNBjMjbG=o@q2ZSpQuyxgXt@8KA!d@@o;;Sn z_qsn^qa+NtvTqB6%es_JjElTaLAYOHaBXR-WTctytXt)psyT)@YE3>$NVK~#@|C6W zojA}tjRtbUXa>?UBun$DIb61A_>S3yGL;$sbYZI;@klO@JCiudx~7t46QoUexok}D z$84^?=7?;kvf9Fn;w$AJN`{;1Qe|_+_?={+b*dF0h@DG1;_byK3D0x8oJ-~H+xPE| zJM+eIxKOIVXLQqj2m+qnMuc_3S3>uB24u&!)2pxp0&W6X)|v;*p5J0H1*E5GJ9)-4 z6?_=StX|owXRgAW+*p0@7grjL4|%&*Ij+=f4#{GjJHl6X?@77a+co>|ipcd)7u4pz z($sY`unC8p)uE`c%a0G0&A(*zFEn#PNT{{LfWvX0ye`#)F~(CAW^21 z1wx}(7U?;E&R^pKI_^|R;XrqJ7@!t;)TirIQvhyqXgn3B-&M%gP0+8YEfVG;wv5L; z3%4I+DW~7p$vEoU-s!#*keWzj_sq>8W^Uh1+R#;pJ;n-@)}^uX>O}o}v`yK?{b<(X ze^d?_s`PPozhc7JSOg*<4)`<90@JMq^)s1?3y#Rujo74#`$-<(K4F5-3Flr^Pq}rU zmRto<=My(RW-`c96tiCrp$Y51^1Tk94V5tq`tB~sk_SdG)|tbD3(~_SS0Q~vb@#@! z3ddmRBO~tSkd&+;o%p#kU9p!BADR6*bd;;WPJ(&`ldatX$R~td(s&}h#)m*{rPa=RB-O5Pb>6K?|7eG$Moi4#)JJ@i?9zy;9vJ zDu{6kmvk%I$?@&ri}Xq*ZC&U%4!;8=3gb2&c&tN|^34~mdrFONj|jnsm7EA0#yGE& zZoef|4>Y)(lInP~CgG)})t7x!4Fr5Xl|69^YQ*039hvqfGXMO|lB9{mw&eb2`>0d% z!w;d-!V1|cYVjOx-NXj3airPf0}0p=RZR{y#`ibdaW(!D50``YP4`bB-~D$AZg3w@ zmU7BC=*xMNX4&3p{u&fJ@}7b*N=rm~yCbF0HX&pvEYUp#GdNR=>2l7ZFElS7Uzd2) zW!ChQSx$d@DvQiRQ8{qsnx#dp5*Kdz9K7?D>+>0$l+T;Fk$GDy+D@T=GpOmC635$i z)Tn#BmYi?qs?dKQVa;)5j%`I@s2jXr5&>j4{^@ry%=EphodgW#dS$!jfsn%fM_2w< zEN9P^9-}>d!IgI4p%&{MhJIRh;{<2$IWb+90*t0dDkk+R%p-WCCVqAZ!0wLph*bd> zm*B51C&g?PttDQ3;75=G3uz&c982d47c9NtnX4l`UYZnr1Ji!j>CKi7chmJ0K?@iW zPQK_R@TWonBW%ltI)sI+23TvOVKIL*iv3T=_}gldNXs{e{>Dr_-3Ln&m;0}|OHk!w zrPQ6T08;4J3IE^_O5K>E@y-I^_TICt%wo#uaa*2*fPJmahOTD_ukI=A%G`Ffq+T z<8AKSB9>sa(zi*K9h)en*tl^jfb_?aF+^CX#MI@Sz+kjbF`_2$4AvB=AvQv^Ci@zk<-A)gwUjU)r(NQ~7`tecRmJEI1p5hD_e&yAv|v)1G=fGm<16agw950$0EPOUGb7{+&tfkT8qjPhwKP z!>I+!H+|Vah7MidLzZ_?R*p!Q!ez`iZ?f>%{ZTinn&X3dc|({Lf9_tNidU7zFTbB; zJUmu7izD;ONi`MC{;GFNz=rl%9WV9LrY87 z;E;E{L(wlDIl!eoDN)$(S*#|4o6gcwQ1Wqm3S>QG)L7^t(=_{%1u~R*rK_ zMLo3`^Y4NrOChy0-Ys$mz_2UkTWE(n2)5(t;Lj*NcZ_$UccoD?Bkz&klVe-H$eQlH zHtd-As;G6_i_b|KHvE~?Sb=zBI~PFqySl;|K%~rS7pF&)+jU(0>tud>94T(-IYdtV zS0T2uxozNRhWfv?*3^b#*2*8FTM)|O!j}D4wi9_Pnr$NRrpwbzTdUZF-oN7IR}{Gx zNj=Ai_ptr(MzSx`=AtB(rP(s{^uJvh^Pl+6xUA)@Trv|9;1;H0>V8ge>6E#rB6i}w zt9;2B|M=%_i5hk>IhnQ67a|z`p#ZTVU@cR3MDM2fHE*$UW^H~{_o$d}lkid$trdq; zy|$>fZVriM<1Zq&VRA7)bC5D`FayAImRk z7C?SXcDxxv*bl~y^aGAt3_s5fZto0sl{NX*G$B1*5Ay)6#^X&LhH;XYF&mkZ=&_8s z1QGBx1e4+H-QaegZ_0u{J>usPp#@dy;;U^!#pMiRdG}?nuiYRrFepGapf*ia4UqI) zToDTa?B~lC#9?QNt}plr=d6D@qCc}jMzz;|b58mOH0Etw^P#OCp0r25r3+uwS@7LY z+Ot=P(QNe^0-2sV9j_sfNnYg8nzM@;yPuTMWmJ<8rgzU?$)7ymTD`C@(fyKu+SG;Q zBY9e0{rH>Io42f0MZ*BGW$2)U3!nFSE8ce(BgEY_%|C2iAnLu`zID@V^#h1Oi?$3b z88KfUDjeR7gt7Op(AbWMcM<;Ro{7P!9<+@rJGY{9qrZB>!#arM$CaJE*HgttVmJIjl$6sX2tdowO^8i z5m>o^?9~Fn;lyGXUcKPM_KA^?J>=uH;gFe-L)tit;={l3&PJ5VLXa$B;)URF*up8> zAGMOpx_z9dH+r5Qa_KvLX%ADUR8SlQganRt#a3!;FBTXmSp#MX8MMV_b|CT9Q6@ttjT0yz-3N`&1TO>0}=uZz}(`jmM(&@L0#y*Da1%%u* zz2y)k-Ju6`*VE(em+!3g2aVm^o(Q@RHzk^z7Yh%(4wO8jSA(ys|M9(DOof`)khC$? zMJicmSnat;ksju<$NbS7!6Dm8-Og#z4+jUowACf`FJ`o@sM|LlAaK^ctS`EkDsWN9 z>i3J!*+qLFtbcw=Jb;GBZO=(iM?Ii89=Ofqu!iE;K=qudySxiV2w|^?_L%hRF*8eU zRm0WQS8q_&`OF!BzJi?{phZWwRw<@eOuU!WTmGoK6dXuhxJ(j~(6AGXAwP^)Jqy$7 zu6ArlX7*{`n4#c6qi4O-I;@Dr!xMo*preRI)%c8lP6yrRkk(xTY>V4pwNs@AkP@?M z*L=uzJfWj`=Cfb03umXd5(6UZWWAK-5R$el=2Sq4`G!Sds}f-Qh+4|lfX&Hqwr zaO;`~G(j#-5`#?I7JkTwPjn9?K#D{{MM)BwUdcS3C|fQUAA27(Z-#!zO7+6Hc@wPf zyuV8?Lul5woqkde-l-8J=MV3Ip>_OQO&V9vb6X#lWWa-PEmL>@ zd(!56m_mMH4cN(fFhbob=a4d@*YtD$iTH5!9W|LS}M4~?e75(8|&4tq8pG4 zc1ZVJKQv(fH$Hsh{zt!mTZzd#A>o>{G5S?>2tD?sqy!H_wwT6&PK?Wbh%_RZ7z#|% z;Q>k=4=^O35y)*39WZ#)z+7IKpNjBidp&;NZPb{;2g$I=;Oe&p>^IE01jB|mOG1@jdUvv1 zaF`;_TlsSFb=A@S7;jQ?vjsAPh0_aib`eqY-M#2Gj6-dDAXNo6rLmFzin&WaITMG% zD2fm4f5`hRrOdVd(LLFZM7Gy<7ZudgN8==(y=%z^(f{GyTf?BwgOE^m^|3^bTRIR| z;~Jakfkx1aTS=~h5LJEhdRx;!%OteOg5oK2(V*^9#S<*^2F?}4wj-zKp}l(EJq@}S z9U)^M8rgoKW<31sJY%}E95-L2e7>5?EalO^`PQ~VOxAb8x9^6Y6(Kv;#hC=$)8D52 z!|ezc7|*`khobXNDHkzLyB2p}|Dk!{P7&vccitjwR28N=IlHW0^iY1Q(O30-8x6}+ z63tIokaZfvHa>Uzy9v24bRAMvNss_2mg&o&hHEyXcOgRUP=Q>tq?>HvAc3oL#F(G3?B5JF@r$YZ(kVVUW4iIY?kel$Iv5@gaLiuT3*A_xbCO#MdPsV+ZHB0 zkv76dd9vj}`nB;|CkH|fpE#)ZH6LAu%d;9o6 zdnyBX8U(>zaN(~2P+-&Tj4T&1S75jXft?}d+0GN6Hs8+Sp= zbrp3KwbZ%ltnt9@E>KH~;D&&p+|O5o}&DLW*t_`*0Rywb;wYBqfF<0~XIyk_%NJh^Io7vJ4nO14_c z3?3F;gFngqLGyn6VW1vgZJ1fR*_g?(OdK)pI5-o6AtqO?G~xxkhh{$xYK zTW^kwSeT;d9xwooPqJWtL+lM|TK-%ry-dIepJ~ZNVfE5pb3Yqg&DlqO?=Tu|-J{5KOG)q*EnHMYE&WO|?OqF@^2mHjq13BEAgetNz?`d&%ogg_C zf1UKoHf{+Cswk&n0FQ*k?n@iZV~o|Ei5CugP)==$|MRBW6ODj9&wk6}=7X*eH~ek6 zZFyHs*0+32AX?s8!gy=#XbyqG%!NZ7#6@C(jjKlPXUX&mrtocWHSe`c#Iuir$WouG z_PZ74Jzqix)k*@+X7SV8SVwg)tmoqqy#>8tr;nUOMYtd$u{bZ;8ut81E~oULkeDp*4Bja+BY-@aZe2FRyi3gZMF|X(+d{F0hO^I>b z0Rs3!ak*U_I`!0Dvr#^7L!$L1;aEnCz|a5-}{ud9$bZ zf++d4ZT)K2ftVqW6v>0Ry$~7JZg;Pm<>S+^YX~?g5FfWD0);i?&fbMo%eK? z=$bv`VJ^O~(Q<7`J8_G*UqmC-C*wXz72)of?ne)daJS(RoD;wc69T4 zs!$Sfki)@Aox+~P6v%VD-RfMwu++M6mZ-3>BDJI?`~9Z;#d2!yf!Nz$v5B94s^Xwo zTFx>7$MV@~+?KWD9MMJ}Be8@K0=(GC46Epa?63i;Ugt3HKVdrO)| z#E|dm$Ij6-@@&~bYV!Capq4L;G(gDkMRIM3R=;Ay+XC4iKW6gJ5OeqS>5hc{)DT& z!*pI6{@D-n3X#0nZ?WS;*Y z(@}h|mz0{c&B$6<^~>eI&VM(Vw;u1ebk7usJS)|yfSb= z@(NIQsj4L!Jof*Yv28N&9IqH(NIu3xDYU8oiR*9o3OxLPvC}+Ku-DA4TU^6# z$>&OmSAq{9aC0}$J&Uz+Y<9x=-w+h}LMZavtU89xh5mE#04d~xKz_J<$7k!}hoAVf zzHB@FEAUN6Yt&el*0BeodJL#(ba!{Hy7cW;F9n>yUl;te`3Ggd1C3x1uR>7<%m?E8tbNj@+JkpGJtc(!qA zx$lM@SdIi0v5wS!uc5(OTI2?~C_%)n~F3*Ob zDO_M1N2tpn;i@xR)p{UeUAX_sSW+u)b6ldJSU;nV$&>e1CsD&5Rwhw4JH~YtAkbxk z;zxk22)b)*&eiPDl6>n`J*@kuncL)T(ONB&Cox1y;(h7vY4|Anufcz*#pNn9?&%Gp z?B`7y4^wqBc1w~zU=XOEueip)>bX?4kF2#%yiR#*e#B?Jy>RV2zvU_8#LtyABlhXg zu$pc^J!gImAdX1FZXPno#scDL^(&v!`A;1-gGjiD?pW-veuhl{al9p@%)Q~L$0N1e zVALu6DtaHrKQQvaBA-VMpm<#e6n&=~8UT!ELMSZw)!>yUM`pzRrz-DLT&jpIVd{od z0T`PFzT7^Jo}(UzK@I*+5Y&vArt=sz%KqeK^-U*@D z^Xp&d@cfXgE73*`pM|G96!ueX>t3jNWa+(OmBfAHmeVuKPL@z^rG&dpz zS-#{vAKBbZYw*Ed^Y!xr`%E9&QBFIyA5 zy!qpI77PZTf>-}LG7MP&^Mcny<0LU)?)O3hDCutfedX_6%k(wn`7oMRq&yacw3WZW z&vG->Zr$MmR?CqW*l1luSvv#Xd91<-asXbTK9Hpy?5?0txR$|JEYl<4WG&nx#k=AM zA^GQbE{TJeNi6tSK!%s)Yp`eF!AWhOn#!uU#$PK8*zY6;R9`9RdiKR$ZSy>fu`^fy zu$H?0_xmt@c-GCxF!R|@+U^R?h?`g+FTF{A_!VtGhMjfc@pqLQFLoHiPQ2Ur0FIlR z-5xg%ajtFJwbDA{@$!_A?XQduMu@}<)nUk`Q`yvl+P+8^PG_ajVC0?q?#zlb=DRU8 zk0Q_@70Wo>CQPwZhu1t!eCBPz}b2&MT5`%9f%#-8^}zamlA&lRo=22C|f3Sk04VA*aS4T03i>*!Zm)_d$K7A?d?RD7^xcq*(Gp5s{-Sy=YO&~Fo}&DLrH zwb5|msb}DP;`Q?wF62eN4#3_MmnW587w3GK>~HLjLt{il!TLf~KkaBft3-l`C37L4 z%$(h*BV{{xQ#&%muDviA*z?(A<8hAFAU|*Gc}~XBAnQ0lGyu^y9ZzF99xk8kqYrco zLQV-{Jsqr_Pc;CwNxm4L{Th-Oq9=~H7vWBTRtXHk`(3u0EIb@g_ z061Xk1!`Eb4)x%>E5`m6>lHLyaO$H&gC&(FT{(O=&FJ{PQ57s6ywxz>ac2v*E=XL6 z3_5iGdv5OX<@<}l>qSObL>&KnDtcowcn^0Mjy*{c4l{fg16o3Mu zm=<6*3TbXs-(EO${2?4M%AO0!+lb1AJzf3bIFZ02gV{Tzg&l3bmiPWQkC+I4m^rrz zHO%^Bv4}q*-T$84|Lv9$!|?qafB2*z9(3W(9uIo|VVx1k;m=6~ut5M%7Z5}{w~8qhHNUhTQjxc1pV+LH_z!8$k)}HM^|IyD#?Ra4=`)K$>GWQSCQ{OpD6wi z{@;N-EMl1N4D%Q=d)>IQVF3_-F4H4HW8Ad_fG zTPkzo|NGg6m1^dTUpz-x-**9|h^J-r?a&-DTwV2+|G$$ZaTl6Dr~ZrldCLini@aSC z&Qr{rtvg~s7Hb=yor>86M|cm9!b&ZM7*#vtb2;0{|8Qcu@2{#yH+x;568X9D@GR5| zEalu)U}dL4y&W9-P!l@HQ_{1dZ8wWTK!*~XoNC)vfZ9C~e^{0>P>|KX76Zs3QAcO> z*3PZYlb}igOhCE&jH`0#)a;TO5w2;r$K*R4;|hO}jPK7%W;R=^M>TQcLFnb~#NmDp zC#NB}8ZP7m?Z?V+nAs#$ff`f4w%NkDSQ;`rP zp-59UE1L}xKB>ahhMeR?2!Y~;@Jm?8v|`OCWjq#~g;%|;f$fDGzgkD25Il2%Gef!D z|CAn1`@X=*1nggUq*yt(QwRkAlYxdSU7>>YSVn1G^4y6(I4pQLJQd^HF4ySHy)sE) zA5p`-^+6>#Q`57{Xtv*1{r|wms4k@ zq*t%y!ZYe_2D9}`s%TU_MIoXV+KBE{XKqcILFY!6(Hg7+D;lGyqnudDy0e ztaR-h=xa9(%u^S5wxt?8x51f<`EFJ-{6b&3BLqGR0R9b~|MquaGA?qXeRVjg30g3R z^Z2s2Y7*N-`}dt0pxOncTv&!sH$|iz=vXV<`x|5)sPlGS92&F9gJ*Gii*m~4HX0`y z&898_ze#6xc}s4 z#J1)fIG?ibnr=yjF=qO46yRsLJh;4HYq9Yhd#ZLel<1*eH0pq;p>b`|)2E zx`my)i_P~$X;fNEZ3cL9z#l_y!^-w$_(@X|=`L3mtr&T{Zb`9sqvq6F=Lq~7e-Yt0$r1k0g*GboCO zV$DK3%ZN_Z|Lg&^nZ(ar|>Em zoPG4!eT5$pGyp}tIK<>yJk|ZBI$1%$PlaVkB;(BQxGdU5=R90otD;P9d`O_S!R3?m zE8U7ls2N7RVw`%%XMMqyZ*U)NPVNq}wwv*XI;>fF`P=gwd4DyUskD;akI%ph=}1?R z;V(%2cfG|S;j_S08hONzlu=@-Z`@Qrl*OLG5E&Un_$6=Cb0)beljYz)#<} zFgoPg!bw#SAS+`45p%n&`P_ZO;{14KwSwUzux%%Bw4M%os76$7rcz6cpj9f~Do?zj z>Nnh#cKD9XF%p2)1l#5aH*~Sd?^g?` zv1($zo`K-si3BPqkXkJ<(se!Zg>KI;jTG<#xwF9R_4?yeoL5=lzx}7W%9}83ZA?V0 zzB)#np=k1NT(UV|Lj)%4!X%ML>wm*i)I^jYtVajopsmS{Hg|0}M>gIL)i|`Rv$g*~ z*2QF_#(;czt48YWcPzY*B16tHeW|5(pr}SH2IluC8p4DW7uxk^;gvB6(@6t zSAZ?8vv6bHV&D!Fc@8kgd(Y&r$f=y~#Z>&X3BD!a#1YxtMczH|@X?D~*EqI=wBR z=I8jB@n1Q$LZdlpP6U8I5}4bBD7Zb$@IMRZ>Iw9IBj6}$zT|%=oUO?JFck6c@U|58 z*U)LZSc)(Z=~H9t$ZEQbf>%B(WQzbf1q-9zEvH=Z(<((!*y~<`0lkkPU8vZJ)^_rV z+9r5TP&p9zmvF8Fg_*tbto$Cpt-?yP1 zCk+3U*7!5zq{nDIz`V_tcI1OUx2QDY;%0$EkKU2iJZgF=YJM-ppa)S_jN~ll0gd_}AUvPF?r)d{dH0dH(aMOT)2?mZTIxk!8+c5^MO7};bKyl{Nc*~U%i*v%Y>G{ zj`%-IsSsFt)o)MVz9EpMP@+BE{=?DiK0TqvW+klyO^4V!ohK-KaJ=Td=WxP@dykk~ zzMecMyJsiQmI-RMuGQ1sZR{dH|9iIoKRZX`M;n%9-^KM9UatseJ@Dtpk5vpejubs) z`d~WGHM33Qz`u`z3FlM4v}>Gg?)mq;UXQ{1%8fS#j5m&0CCAU6@7ufC<@nnlwtr$p z92gj`i!?jtRrmaIWMDA=BvnwgzFWv} ztEMGh2Fyjvnb{?Z&wQlu2cBlHbExun8_)P?uKY6OfYvcYo z8$V+*IHw-%eEEF;yRtw&=?BWd!2$+gWCBZe;HW7BumlAT5P`Nf$yFr59-ep;rL`1q(&0N)@D+1Ox;D0qIgz#D)}+E+iB| zLWV##oVtmq1W6@QsZuYJX<-; zZ&d=dR-)?W5x>(IHcd#AEQp%HaQ|Xyu z?aS-I_0Li_eg{sSQ-4LYxc9W6V`Iio_K1KLq~h*kvG{bGgUq8! zzlgt3Xu0N;n0!}K<^h#RzVf)qp;OY^yNnCy)4sTiwq)tXQw^?J%Yr?k<#Kv^{jRKi z_RmioHgQIK)A14hf&!&Sf*m5E43^d;%eku`QG3`pyG`|}vXklV76MY!9c{dYO$*uL zoWgniB=v=|_RsNLh?jUpG}@9A=pr_9h1ifnI_Omvu#ZkjT{@=E`=lf;|49BJnQ0>7 zx<9*b*?v_|T_dku2cqD&VD~~J2iKhN4b)o6gFt`I@3_CJ*|UPP8%Q+mfaTr+bq{}Q zdre01z>>ep!gTz1{L;c{k_P`;jJ(lx{Qk@pQvItbXr2g8jux{;zS)gE#p%u8(bE&z z4cSy{>lz_&PAl$f<0S~J`rNGDS_v>~W0Ct(_e=BysJ&g1Yo@!If@>Z`@%sY~9unIZ zqY8MAnAu~4-dJZx1&O@uug2xnHo^JrRhd7G?}+NpUA~)|r~Baw!hm0H|9G@hCb&9P z+Ax}(?+h}H|9wg{jie}xUX}vH85m z`IK;K?Z@{qF_}qkD<6)S!6fy01^H$mFklKncf(dBf&f#qm#y!ShFR z4G1Tg$pM^sbLMf1PwHxvSWDuUj9Td(sOumAVMmw%P7XYt-k>~a6=kT+Ay zUxXD+#EYWeEZaHB($j7z`ZY(0e!(uxvX#l)j07;iO;Sb}t=}c;FZO#AUIssbc!RPk zMogA0aEpV;{o%v>{6776L#>1bf&`eme560;W*=xnP~dYR70w99EPC(TQa1{L${(Y) zvf$nC&3M<>+&m(fb>{pD0zjRk`7kc9rRgSFV-{fwShbbXKxXH=1?9g?+u2em z1~^mU%M{fYsMySfZ^lt*MD@ot$K3Tzbh&=7D3cg~11QQv3Odio=5a-;GW9%^GNgjU z$2R|zO-!Ye9#AB(^sYv>!CsqjD_{V4RR4sLBEH2$si}(<1}Lh||EO8%G07X&fQn`z zoVmn6wy`&OmYV>ql++6d-4%PI7oa4q?U;uz=?bphgGf+?;%wTOT_Ed}n19RVJ z7py}srDFgHId-}feEgs5Gfx2*i1WG*%$5%V6397!4DOMJv{(MkN+vfbpR4pUgW0k} zfa6xnUUN_pcDEC24MDBi7+$aQfoMnJNY(3+^o|5&)w!8i+>diV73SdnA#w- zYM-3rq=5f($MM1)${b-#x;Lv#(p8TBgTKrGGJmT{=N8W!!E^vdgH*Dzu`fXx^^g{m zhS9dHvcIPz1VsVo+2TEPS>wSm`@fm9O2m{{Oz-|yo++S>0eRdEWNEgGG8zB8gehj- zRBpSEq~Nq~I)!xn?+&~OelC($hXuIzY+|1lMp<{3{O40ah+n4MbAY5kWYKk!v##ts zQD-hXxrqKRnknwi-FBl0eLv$%HtS14Pxw8f!at&XCuh}kZ}sT)KYOg52_-+CG-JMN zfAb;KLjFyCX2BWe83P?8@P98mDQ`n+KF6Rpa|)}y8bYAxj}w5F=1w^H2}HuAOz#bs z`SO;ppF+QTr#<9Yqnd%)eovp3+Lr7nto+(cZ#iCQVmxO>bpLp{Ts$c*Y!gk|xz9s_ z0ZIf?CSdO<%n+rZ@wG+oMhE!$LP*&}w3L4p>W-(0zStpO_heD~#~sJrr9XefK0Lz4 zMMugv4Gex8xoy0(@cGY*c<_#+!{fFD@?=g(P}TI@e_X=?sM0XDzCS!+Kg)bQ?^5~e z6eYVAT|gBJRXuL#JD#W776{AyXfGg9ut$DguuPxPXLja2lEnoBaL9ycz1WxS(ON}j z^S;}Whv_u42lHt^a#{n7nff4OLge(4zQu*TZTMBm+)OL04Rr%5$BvpaO3Ocp#47IZ zlN75cNk{RyjoV*@aH)9e{zC(0MD1>1Znj46xrLVZ4%SJ;TgipO=yc}3x%ne<%df`? zFjx73k#YzOJle{Rwh@pl$-dny8Xm}BX0(vIeQgZMwaiMTjG$)JD48wUp#&C%D3@5P zjVf1#ag4-I|A`;TGWu+{@cHg}hWs+|6`|}3>BnZPGt=9?W20?*&vr~%u&3ZiFc7gM zVV#SY%Jl5r5ZzBVx#Rg~s&?9}$L;a&d^4$0Nx>YAmA5DK#&WfK*gpwmDlt=EI7WdQ z!vYo%lo&rO`Fko^R;cwnWF)KS%fZ6xY;}m9mP+6lg)%d~cE#3zG|VxTtJ8&J07me{ zvp#3|-jqSxFE4z-#McNa{4BCgQGI;jTYwpYIz*jxOhf?2D5!HWr1Ylt1{l3G{{Vdm zr4)&c@rE1sv=Gg0IebTp#`hF5%?i`@?=~WrIHK3--(QQJc@BYs#md7588gwP^44`c z`qhcvvrJQ?SwtO;aBhVW!-+|;gk8qv$H%|4AvhWgBQ91SC%bU&F=O;nzckET=C%If zN&r2gTnIwR-C-gl;?GokdrAIi?l5lQ@o%1Q`2jhCBp8mHmSQ0v*GeH-r zUy0NayeXPJLBj$nju*nW?|0xgj0-b|t%5|QD~V=;fM|$AQI)2_M}Hc@b_Gb~WUzD& zdPSX5H}0Jb2xjk35cuGh8Af&<6xuA^yi7KuRUotu8_$dLo~KaED6ln;i2l*h1I-nI zik}Dm4_i8&az0nlcWN`~dsWmx(lh)(9ED}&JRnvdjqueIQ(A2J)L0nKEourKy0Trl zzNaagean+VB=*$+FM|0+3CLMoGJ`yIQ}=*4a?L`)>#)GZEv*@^3%_xt^<7;{^Nv%TEd@P8 z@uKJm!~G7R{x9>gj9>`NGUGobovHq*uLadIp-BAok8u982Sy>~Gi?r&3JRryI#S9YB_{*^M?U|jodZQX ztBn7%?LW=FesB1P`hNfv#Q$t~_it3ujP?P=rRxe?5M4 z^-s3+PH5>&6*Y<;1JJMY4^)FMv+f(fq6FO5$C}uus77!hUj;Tx?sA_j3Z@MvTedG{ zd%EmyE6!jy-3a}fOl?C<@dt^MGh-pjH#F?=x87n}Jv2sF=+&y?5-~-(&KpW)?7$;{ z8Z!tjrAA(bR=RoIYq0Y|d`3V9Hb*GeF!E>dW}J5?+n#6riV`?SbcxcB0CbIM1L*+38FjW?LuY@d^yNaJ4{nxWEA6^FP@2|tnb;PR*8 z{E43)vt^4q+4Lj#64ff;t;c6i>MjF*}V&w5vE*yBp_hD5}E=SA9$odc!LWApY zXp%guNEw*nlp^MW(T}{w7lP) zst)4i5u*x6I4e5$m(=vQSj~im*hq$7JLg_WjZ|b~amC%pBlyIO0XA3xpDOdWu2X-et;`V*Rd6`^WrhN?th60{YmXRuQs|G{(^XGYbu(dO%M zmPV2-!E*A{6j39KUrP3h3vRHsoGn25GF{#cPRyz8!u;nbY%ESRy-g+9-4{x!wN$ac(?rFF=k3(KbagG@bkf~epxu0pb*RKkUW^oe1Bt8Y;*O3k(O^JM@3~R z2RA`2o5NVu^Xt%caAkYy4Q#g$L5x&wIiuH7=eoO{$wI;_ceSqnJbR(wa)%8Lufb@tpPuY z$o=K&PY$XsLJMC=n@CM{LO*;p^yuCL@*bByH=FKLYGf^&zsGq|N=7GOIWa{ZtWySX z%|MBHl+t6+HG0ZRG-Y&vMqdlf*WTmTz2t7x9`cheG`PqpFGt5jhc)K9%p`SVNGZ&U zhC5%e{IxWAYo2no9epW3mK19px?h|&=+&=Js10FZCMa4jShg{Ak)qW&^a*b*XIf_1 zRQIpNu<8aFyOp-VMdAuRqREdT&G%v0^0HPkoT4%0V!oLR zp%QXkeH(NJVW3?mi=k>*Wcn~hpP000mTr8;WCUMm|-JRyY ziDPfjM~ptklLbAxaY?oBsVQ0YUItrFH`U6^TFac~K%^SWfaadgC}~42y`W`n++rYD z{N^cceS%mr6@w+`yNkgB#UMT`JkIdtJ+|*7`P~x0%RD8Yb%_rzyzAg_nDsP&Q=lnF zoHGCRoh|npC^abWOHIBVzDSE!(J~nI<&{O3b9v)^tnM$Z0hm( zn``dkL{~?ynPW!XD$N9(^kPTIo0B)=On;$?3@pQkDN-U<3|FqO&C+B*#Hd$93#+p8 z+|0j7CB>2--f86IJhxPJzCC2(J6tP3@fn&}xc@Hv$arib?>z&@PBUvHnXyq;i*fk0 zy8NhB3Pkr>cYFO=2DbV8MTU>q?mx6$PO|5oS~P|@*G=0dXmzyZR&TfmO;20LwEvQ> z7O3aDVOK;?4onl?owQ3-_a>jTTHrmtc41%OBsO|AXcZbHt>`hL#Y%o-k42r6?+_JL zQIRr{)DUe-O+%iHjl;EqXrUv;bkn^pXXWiZ*?5oxJ3LoS z@sU?~Y`(AXbM>_fH~!&zB_;j9bHtEfIZoRyv7ujaz|2UL@)2f;I+VXK;t1z^yYp0r zod&)WO{b%+0aFlsCEEcYW7Ae0{uSSh1UC+T&FiTHy%h~-4G+Oaa^I91%H%PP4#E5X zmdO71yRLTsk>|DST)UAv%@K_{n@PJNBB?@ls?TmGvf)TXQAGH1-blGkLPY}4scY9~ zL-wu(>7AjABz#AC+xuNA^?V!fX`|(~x=`VhLF};0HEStBX!^&cs=1uN*%ac6C0!&| z!NvbaWjNB)?6y`UeUPZPh_uA|*>{VAZ-(M_#CA@IZ}bSZC*9kc{#T9Y*_Z{t9QdU_ zI&jR*iST`VDg5iLIIY!ArcuX)^}2Y5F;_*NXVWth{K$(9j*@GBt)gStXy(q$xuXM}lN!za^(2`-gP7%Ff>{xJQW8`M9L^q;eyD)_P$FTkn|;`3!N6Kc%RPQ- zp_*IQ3uf<;#S?XIKeJjig6Ud$yc~M?@j>YV-(eJ;LCkYQSVsFBgs~w99P&B)1N_dW2)Xm$Weo%<0d?3W1k;VD%laFb<}){BW0O?Z_8d zyLO5IoXk!)T{)$=d=}aCT&DsA*Ec{>u*UQ&Osvkj5$IFIAg%EG1BX;rWE0%y0$ICD zcyr}nRH5hJVcuP<9lHm0ri$!3;Vl(^NLG76{NidBVGmG~1~GaT>Z*-AR_8o1gX?6i z0I+HSx#9{3>SmJUuEszaQto!kba|l3c-S%7D2M?dWk%CC{YIU20zw>qDCLc9zfax7q0PePzHhsMF<-!@%1eFdg|e%dp=%4 z;HEZcbA!pp7Qt|NWir}-|Ct5*#!P=mrhguP0PX$dkWvlKAy>{eqqGt051LGjCjTG}s z6Q}?Smv<*6VmAdU+VG9n=E`b11g-5HhQZ2sFU%PE=U~3*(g~HbwhV#n4)fnjLts{Z zeVltXcZaA4)sokRzTqPJw3aGuG?WvbC(Ins;sS2?qf_ap{BLhvDXI#;RC+u~-k7?R zY+icm8W{;BIjPotT^X%jELmc8zHan8l{;@RgJ-z<2B!>cPC;w9SLyLEmVNCyWvu-D z7|sGKEIKa_Y8x?5PP%S&LX|Fj3BQ?aNmP+(G}Xj(c3>}EQ#717c>v0kxR*lNb8w~y zq=IkK?>sly_i3S^T9%Gs4-i9cSbjXU_$HDKAAEq;oYaPuUf{l^{*Kj`mg;iojAak$ zTSTQOCGf_MU$S5%QHv@i$qm~dZ(oBDt|bR?olrrX>HOozZ7_7QC$E>ak7xQ;i4bFX z1b5K*WgRV)Ui=|=be3H5=n6>>{19MJ!d@BvD~Y0xAU`VTXLE^$AO)TAknujJzJ7se z-lfVTbQByn3I~rcw39)wu9cJfBHBj2GLQS{qR~K=H*0OjD4m6y?1;%sBYR$(Q>v)P zHC{V<@le~!p&XnmC_Pq21{>m>;A z7Lz+!2<`fCLg_^#$npTJV1y(D&Y-0gy`B(O=4ExYW0kC8?5Xxc;Q_Ef|#>z`Fl z=>Y)vQ-5eB22^CBXo=(zJee}qnfk)F+vlA1htYGKJErSHD$k6_09c(dL!?}zZp;Ux z1DP-!U2D#0ZlFj8O&WvDtK9x+a8gVOCR zT!CzwIpW?fi&f_E*M$cdB$$BanZL#6BT%;vBbIpgNstrkJs7Selg$`0;dyS0c^Rfa%PpXORUz|Dv0IA~4X7qpH3K$6eVq z=)vyD+D8mR`~tdXXlACPr)G}{HBa+4F1fS0PO*{67AKkvNA{6|?VHbINKVnn4q1IK zwWrTM!=dw&kDi{K%jc8>t3f1<@l;KM^3N~jOw`DWDJHE;Bs?`U#I6!LMg zaZ)y&bF>=xD{WM8QSBLtV45pj3cFrMh3-2vyG1pp>fiQ1n5$g#*FJ`S z6#R%FGdqclPR3OC^~Nel$LVh5L=9YUmr4ft)R@mORU>!k83@vXTu`P>q~EUUyMO$1 zuU9)LmA3{RgJ-E>R;U@G(d++Iu%uRb->c6>l_?LQk$Zucu2lM4OuZ=m?^y<2aR<+# z#ek>37Iu_iPr<%=$NRgxhmp7Hns!ygzY2%1#xgYbmsfFh)buknTG%sg)Yr0x?(oD( zJ0xP0RJPn`&r1IA?3mv3lKMGBEt{dq-nuuCy;L68@@VYvmIRyE%OUUMuGRsq{L0sD zlUmaBYf9V0T6(lj4TFonL-nTI9(FI}6A-XRy)Swiz6m_o=T%hC`KEu6@M&qRk!g77 zyes}optHo?neZc_(CLWN_ot)cojv(FENIo}MOf%Yaa#7$mcob5Dz|H&Uz_vFuo z!k&InXCf5gAz~nlYV*<0T5?LA-Y}V0v11J@+H;hqZQx^#jomD?!my|!)iS}Q5It(>q z(?GwXtp*XM;)G3w^G07&RU+USTZHzL5J{6Y&$u65ZZ3UVZrA~X5a*N`YAsH78_D;x zTiPE^I)^b_VL-q*sn0F7JOBa$@Z3H7X^)S1g?j zm*zj1gpLHJy)Q`raDjOy_^QPiyhiSo!MX>o=&u%I`u-p`ZfBvG$Tf_XneY@$&ti`a zb%ocRlx7Av2xJ}#3I(5jYsMb?IeM2GCB@70LJ9_V-&JdNI$t~y<9%yq>G0R7&aip5 z&??QSS2qS;f1!SkI%=ui>m+g#rXmqc?|;8LmNrnyRLi);m2rzJ!&@c8_kd+4eR=10@ALKj~ z&OePQ&S{D#>l^nZfy>Z=D+Uf2!LoYt*wM>J=$-@<_`wIUUq@-9$201c8A&C%%zq__ zjG24Kbs{3cx^xIkXx4icr2hsa>Z2Qf6IFhk_Yse+jB3mm>JU<8K#clA5Bm1N1KdbS zd(h%}2JcDc)@1SL1)pn@jj;uZkEsEBbV#;|1e&Cpuxq0W;3>9e1_JNAm9JIAB}ER} zs8p?_hHCZ(Lb^IiM@o#?=^uY_8FRoW|6PTaMeI1GBGIoc$!4{9^i12lJ^8LMX3d|h z7;={el7tZ!?vc_uOde{JhoSVO;*e*aM+E+49pL<<^LD1ZFG5qSbEn?8E- zViPhecp;YiI-2WS#G3S`bwew$aBiUC4X@_Cv+KgwOOmh;R(A!2y9I%|_GC9+hqCuBG1S0}LSU|!t&=>row_wh z%w|c2WI~DH(cw9QFBVpry0aHf{^6~9g_FKzS`|t;@pI{mE(W&_CS^}EkAIXJePhBh zP&c>vY4b)P?}?vPQ|Up&7wU`;`Mu2JKAS_gidGVm2QBqSt~)#|mUKn%=#%CK&cRDI zlDH$zK7^%+fU^l-pbPQMla@=jqsO+*yf5>J!WEuMm%tZmyk=U9zEGF+D* z9^kcBKoPFVsq`tv0K-C+KsjhpM4%?jg)7GB>-exXQ8iUxeiZMcr6#(vIIyt*XV41N z78b}QocGNX(p2BbNtQII&4a zu%=$w-@7A0sMD(lt0~`q_e|)Aoq54U!+0Y?=*ct57_s*r&`1>b(1nIgGHZ7kdzZm) zq{qnyj~X?mnp8W}bkB^g=!E^j6FC>ZLOa~^*pHQ?Q*w`rAXAR7a%s8We(PojDelmd zI%@|OsprQA@$*bpP0s7~qbgtH$$Or#4AWNg?t_!LC8x{O^zqB~pMN*7Y+XH@oWB_~ zTcz+Sz@Ip1;_aJAnEN!&v|~ zbG`J8K1Q7lMo(`KA5dzqn>`R0J8Y5Brf>a;^L%Qkb&j>I?gk zU(#PgYruEZaaT+*BM9jl_JE!Fxc=8(ZoZCqv5a7`NIU*b z?<{#NTSVv;sHdbE_cf5ns#W~gPkgI$e%e67?RZTEIWS!Kc{VrrCW{2$`HKX<=yio0 zNVL!cf-J(&hsG9)vtR--)VLn&N91=SMx>8+g0g;5p)ewp|IHlwh^f)ivF`?d%*HCs(DzN)cWkE8j-6QI{k8^ zN5k=b(f)(e7bl{+?kHV){qlviDQmUdqyprJ{80!U{y*>1McUbke&197PUixTjGCXFh7cEMJ?ne`x!eHyQ z%=0f$N4)r>$hP56xHr~^)VRk&QfFsH+kg5Van#N*PeRV6683&&@fv}FgAa;-DO3?n zpSlqw^(2-QnD$_!vmx(fHiV}v=w~3;J15^i(>Crk-ZD7S-+5@+_$rz0@8^;N5^qm? z(5^zXO-9#|Wry)iBlbvUpZhy`;ZsCQ7i6Y!lT`)m&netC9q^^8_%5_KcN!QUHu)a} zaXkjy=V}2<1!B16<^jUmX&IRJuBr(t&ht4AkM5 z`eEE;GQu^5>F&*2U2sgqd;w9Vv*shq(+%zHjop&C4Bg3CQk)@Of6QDuo$!D+O-7hJ z0uoI9b(;>;KV^0sf^;mXeA}OS9SroZ;3vr+H%g>P=kF}9I66@IjJt1A7EQ}I(QMGz zN;Rh}sM}d882s?>V???|EtzamZK8ZETS3;4J=PRKztP7BiEOUZD_J-4><4A`8up7S zd>cZbFY~lODQB8utor(`v%rOrjjSpdszl_+%N5}dHl-K&iuN@)&GpHYwd~{XUWo+a zms!ETm7pb|p3+cWI9I|4b^iiWRdb*Ob}vcW_|1@Z2vJrR6u`C*rS z_$_92blSD=Z92fOMv(De+X5i`yAj^AjdN!+&F3&BZzaK8D!ElS9}KjRw4?N{lAmi@ zkM5q13~_)gb{ptdH_bEnk6N*+LET}2cMzbS{5Alu9$k{f6*D`{xqNHTl6=bGwIq0B zuKsz}@1-^M^9TcKr7s^2(BwVet}?c1?1A!NQ~%?q@j9OrvY{SjdOS#n&saH+Ras%P zVeG*hSEH6cZ@Yjnx;cBjwqd5}kDKa#kx3Q=-f3e~x)A1kNT8nmp2%7&%Bv`Th69^kr8=vLxS3)SQ8Sq@$YWzL-Dc zM!$A~xP^X&Qm-vdqxk7B;IG0l`iW94+3Q<44T;jpU02_?{bsjEuj;*tJ>pK~5cnzs z#@2cCafkCz{}L3>w8Uj##b3=4g`BOsqfKJ5f9Wo!4S)4TA2}-_|HFbY>U8b4vznXQ zjf3fjR+fv!?+MxTlxG?lj6e8&ZIP2CebfA$JCvoHn{~Eh0O>-sP9gUO90^8-7Th@* zw-JfoB0`I#caNt{p68}k%SvO;YqRgW$N!t*(wci|`(X6WD~{cT2LX*bE*zWPW(Feo zVlI%aeO~ohZ7bL_?1vfC9;54Ri^y-y zc8AbTA!mO^{xY69C>b=KIrQhZrS`cQ%(36>5&-)G|D#iiyuB?rC z31_kGwYO7xP>jIP#j^eb2adjRot!`};wp)q`Tjw+C(Bl2_NS6AO-P0_IBm;$r#PdJ z9rE4{df^oeb23R*`Rqz&jwcmX^DpPzkZ0NWs2?c+n~F#>q)Ur+{l;-?Muh)3vr+49mUs@|6pGpGrfL74jrFU) ziMlP+1Xa@$F1>e;8u#9M^lU9&%QN%Bx6)^<15ck~eZ?t>M6d3aXpGazTA0y$c5H2f0Hl6s|c+Ysdy)Vo9n>W^OMS0&#$j`}&U z7_}}RSH$GLWoE^@+=3UCXGJE1(ED=bO&>SO?A_dqvmI9c6*5FJj1#1pih)pQX$@%i z)3%;NKi;EBz{rt4*+{iLf?;t$kwIyI(J!i-4}zB^A;1 z-_|0W!cFV#9WT=~lCSWnQ0JIDMwIe{p5H&nM%;7uT&bjA^S1#%FL^xVp*JJujXr9i zft?8#^&2v9M_~-X9WRbT)C2KRx?4gKQ`Z#fprt?J1j6;!%e!@t4PGK=_l!e-+c9C1 zC!Un|x_-(*UA=*c5<5qA2I4&35T^*D(>+f7-nH%a)ZK>Q1v!i^8VA@k;22|bxq(o%)8H3XwcZmpUVu7-(lf!LG3#g?S|_X1L;Vs%~>e1tl0j>`^QP)vIX+>&5z78fC(TcE0$ z_>5=FsCn|V{~H}%@T=goC#@=TKC{mytq(^(G7y;Nr*M4FI*Z%cg$>-@WpVp*k8M%h zXKHYrY-0@53{MkAKZj!k+YIRu>PbHUUlvHWhGm^-Lz6KF?n_iGBAB-8GFBoOn&oh& z=slqipQM1P;V4yUE{H8@J@*pHk%4QtLDe_k+QjPbMoIo@J$BfBV46*=Jp$uK16g|! zi|JhAwhvsQ(i@3y* z4g5-f+62UTrKH29Vy~7pcr?|P%?65ZksZ8XCJQkhAd)?@EWad^1aGFW3dt}$$kW0c zDyV^}HBVl1@G2UJ-}O0!2}cU=H9zixVk7`(%KbUK!N>RZ%Zmb(b&lbO&oVATY*${Q z`&|#ZEbU(v%tLX$2Sf!w7^K~-f_dFJfF#P}ppEr1m;6F$BIg2& z!rkDd9|+q7MznifJO|b~GEQ>X&P7&=^aBMo6`b z)W-%#nL0kv#OveDvQk5}O$_Pwz<*9qGuU}f-GD^H0DWH^5^GOixI8~Sc}PP3H85k-zqNZ*95N}$>rA1n2=l*DIg%o*Afj^zzeZzrY$KDmQxnlknoeFr^YDU(vk+t} zkRxk%a4$Z2j}?#g$$7@(A7t`D5IHe7{N6&qa8|I*OK($lCXU}NT~|0YysgU#NumZpNym=p zc4H{Y2l6pO;z{|E8AcRNK78$dzUahr2aYFDIM3BKk^Z^x6~Hgr?+60#$)fPTjI!Z! zbcp?6-Rtu5PpOd01YYMQk@&9V^IXkG%iBMF?YiQ24) z$nQ1P=DnD@=6m)RF~vsf*0XkZwwaSw(M2~FIsE5Jq@d1%VjxA5rY+r5)1Qa`Tym3q zdJj|#t!O)E8580Z>*IJORua@u%h6H}MRCCHq$qW@gd`f{Zz@C7t6HpD|G1~Mudn@R zA$iV!`9KOuPd_({&IWQ<1aUzw{8l-yK`^9{_M748@7Ge7@-=2Q8t;Uv0kenC)xb>U z6+QD#3WtYe0(cA<**I5+>RD` zSjORmEu2@2{z5|!5vQ@t2r*$RZcdgenxX$ zB?tT@`^1suJcv#Rz)Bw(94UygwE$HNZHE{BbqnN`m6)hs98u8HHqjU=IS$Cl?DK9m zAk0SSHq#fu`@sPuO3WWWE-T6kxiiskFmv&ujY2{*(N%-=f`=S2);ObW3KH+)=qL=7 zbU=OKy#w^I)g*b!XL0!(I`vPN7_flcu*cvJx`j2jS||s9;<%~J&j5WMT=0nyTh>R8 z!{fG-I3wb057F%{x#SMv2zwTiN6uJpSvUpp&^+@>=E40~TSFAx^{JVC@ln3Uzg4Pt znSlzB5wP@azo)O{s*FVlv7gNF+4s>$w;<#kVdniY9NKt#hMZ^f#+y-G5k8sF&oFjX3z!!_)l7MwRIZzju~39V*Ioa^i4{ ze#cp2W!lk6!JHN&f}!jRkuSTd0~gWlry9=r=Fn1)JSavdZSBbil?#>=CBjvHr*>U6 zUC*T*Beru--_)&nMLq{f7jVanyU9{@Jp@w%OTSf1_&z_Lkb5zObdac&fTYt$%)wzO zpSvGe<$g}NeXR^(MV$0TgdUGVT=D@AY&{JVC@6bA=Bx+0^u(t(0q|4o6s;r2K z@%T1s_M7<{(YdLZ))pP+Y-sam-{9$1MIIT9Fq#Gv<0UIcci8irJRVP^JW?NtLjSPP zEb!5qr*k$c(XMA+p@N{Ld9{|iwRYQ3 z9B^|mxLs90eY53a6EN}j`%qA&qc~2=7XQF@m)96nSVNJirSIg4{~DyUg$=62PIXO% z(WqevKxPz4p`*sh9eR|;_okne>#Sf5z{7A1p$$b66EHpYBqC*JrRYg-Cg|h>rwmwR zFoEOlU#Lerzvs-gT_5<`7j-sy3%goGeeb&6FtI3&XM|jk$0Irh(U1=;>{`WSD!6`0 z8H)K)_Vw#Txw)jxL&;8a$#e(0^yQ`j70z}I1@5Ql5m^2C;mEPhs-s`?fp>Qn zALbsBBOp$%davWMO3x?B{uB)pLhy$q0}NFL%-C*@MQXhOtlV2Gp?hk(GG+@2vR}0w0V;*uYM(-W zA&%PHgPh0?+27cM-0SP|qph&$?vlppZEmr{;^ub!GMy)}(4655caKWcfd7u)_xtV+ z@{#3(jWo)a9&VqUP#Jn{$N%kT0&#D42xtrLn53`h*;bW->p4k9m(>Dx(i&i;mwu8d zu2SPz%5H3C9MCl25Y)h&8OEvov|cm9ylUiUy42|VFXLgzF*?j^7aW26d~qw zOxz>3u30L3zixXlgS~4EwZ_+u){--kzrrY2x#V!*q0NTex(1pJM#sMkQg1gx1kIF^Yc% z!@L%@FarvwXzJnDt_|VCNmEwmpA0rn^Py>9%NrDuJeh$DY?Er_?elVJL#Wdp?b0WG zToXVQ(ddau$`u6|!~4YDNb6Ilm##O#T3_(YHcuCy65Jyz>Jv)G5{Bb>V^Ya2-h3J>V#7iT~t`k5+qLp$ki$cGzsiPd_HOQV5b=w zdDf;|4!3_96Xc_Hp~SD?9BiO@dZP{VLYXT^ z=ClgA34)5CEC{=k@5r}ZRZhidWkM4Eu%%pCpo8Zr1BSp~x8=J`5$si3Mz4qY`{dj1 zY9uh-GPJzAz57SD?Bs~d8FoOK?B-+eaMp_nr}P^)0_TFY?MEN~y@A9G6CM3wW!ZnL zDzM~lKTI}4cf>4R z{b-ekL9nyU^nT=@{GSJiNi$S2v%#GC$~=6p9C^v!VJVO zI7Oea@OYyhqdpyB^A(yW2ogCkMQ&>cQ|3qwsvQ;5jBVR+hy`UrC{4ZNL$V|!?>BAw zw|UMH$YmKi2!@&F&DVD0J_SNqjnmjF^(++4d z!*BIrh(Bcr5)%9OgkJ<)$W?uf-FxM+RZ`W#_|PKnyppbyP$kv( zQ((Ro(BEvGu`K04kqAPh7Voyd@6+?NGp(!0Vc~Cf0`i03QbO2D5Vz+dRlN*Q-Yni1 z@6Sy{ePXtZ1vjsJM~pK0vDlIS(1KYSl-^l>wCa_}?{7X{6e}iS`%CLxt~@tU|F5nLdqDPzPD!7>{tq`P zAcWV;r!ZcN{8IKWp*0px|E+>flf!@lpg?8Q=7^!L698Xv-MbABj>vq{mq_+#!l2Phfz zWpv()DP_J0vh-r@djAr&*Lte+H-w>y0k1ggTs}sE?>Pxbn~8=n$gVmNGBino_B;Ky z_-ro~K4A#>eTX|r<5~TCB%~pAHR6?U;@^`NT+e!;lBCC<=GAgZ!}L36JrlrQS+kEQ zQ?KZv=_F*(o^2#p!ADV>?shvpq#@U8t?MUn~-slh8 z3XGTu1Q5!gZINBpT^9Fw_J?4zkQdo(igc#}30uDTka}fVwJ7z&8MK9|F03-^$91)j zi{e4s1DG?vdS9VW@yI%0-EUJ^2cHCh=UFX(z6)j{)mr;P)EHmZaPCX0iROBMqy+jD zy%;U#SG$}(>!1FXN=t}3MbQtK6ozJ_-BEjub$>MYNZeZW#fXHumMx2ECs}XSoUq-- zDbU{mevYuC2Ah%r#nOWen^G%Igt;(gkJMKUrI7TW&WEG&7y$o#@cpL@fEH^tas&s` z)Ff`Xym<7Gg){j$RKr*M^mhlN`8cX&b$N-(+lzMQvY-@20^jy^*b0fq7aL|tOh#>d zS&ajM>*(AWm#?@>thl*^xA^XK!b*bwvkIHzX2Prd+PtI-fK>KEK43J}cTD_k(*bJi zX58_^lgHCk2+S+?@26PQ8{0j6L;hj&@Qx0z{jFZ(vmfjS;nB#_F_-F~kuR*Ui1S3z zH|RIbm``_2mlox!l<0@Q%tmZ*U;tQgue(yW#iYy*ae5D0yjHG3=%A!`=yd&X%ceL$a6(ZKSE@!!>zfv9>1yiIq-g7sp zIh;rz*6Q4`&~U25QnupU#PZ@a*DY*eo8S&`H3Kx>3^bB;m|o0!(9~W3ck*av*~%}o zL)d5eaO3G`^RQ-h;c@_j`0{BqRwsJ;j=YsUR)Bo(zLat<-VUx<=(_8 z6c2kTTZMov4)ao!VnUIOh%~=`%sT=gjf5$SRL^<$3Jh!peI^&bi4Qz)#DUTM!%Zed zEqmk;Q|+Ftuz??!))~>U- z%qKw*d@aC}0KIg1%W0@9lwiu^%NxAY5$E03+`1Vbnb34_sU6A6)U- z?s2LJ+9cESbE6Xd49Hat);K{I8HR5I`&ceu0P8S zv=mkbtUrYPu?>uk@E5^o#;Lv~D)b@0`vTP5tp6W;)F0eCpCHvg#*|BU<+By}Zw+l$u(iz~k{)}_WC5V)*X!)?TZo|dTa@j@i8vIUD z2;_G*z;s#8C6j9`aHF~TICUzv{7FK6$IF%tVIX5D2YIw4iPc>Pq5aebn9c$T+N#9m z{@0$=$*L1no}NFpF2{l?N6WWCUH$Z-9rIhu@MJ?&3nrj;S&wn#RF}gjf4X0yWi%?@ zxT4d>`nRW*HkPJJ@zdajyn|k@1wnP7H;EMiOJ|;s=-*Ni-`iYwC0}lIg|QYRr-4N> z&Io;mA^*4&q2jbA;OA5GPT4^zh~|%krS7WXBXl~2l;?mUpCMvhyeLHc zX(!4T2SV%9{D#`UCs+9z8+Lm^+E~=uj8_+`Y@qtUpT?&;b<9vtOlQoVZ!e4A*n^RS z0|XJv>7De#7Rg&KoHLVGfpN3ON?^^rn%qpgo#8qROA>#Xo3q?f&`Y-5J72Q8ntmu$ zPFfC>{shJG!pIH-LLp3eI>ooiU~4>$h)RVff<1ruT#f~Wx|1hiP-fS9i0jnh^8nuw zaw^&Q9{u7WX_5UrZ&Vafl9hveI-0i0l8b2M3 z{&;e`gt~Qfv}AgYh4KMr4hIsZ9-o%)@l1#Ftw|9MG~Y*8tBanLtKm#u1jVhjCW;c# zp?z~`ga|k$_~4zlcqCN)(wZ#;4`SNF4cY-2ip=JfWkZjhxdM())cCnzeEnv&+<*)F z%9wy#(=zm_cWXqlRk+8)2&9KL9wvDy#}Au|z(g^6qCE-9PzRBxf?*MTYGw6=L~X}( zZ8!&Z=pE5buI}bsxPQ#jpqQ9&ir?2%8O{p*EuKJb7OOkG%E0!?*BL@SlI0uKK)a|WB&#+RmA|>=#*QYB#!y69-GIU{#kbGA94R5*;zDCs%s@WHN zzMsV5h{e6X`aC#luIf<+Z(Tdn6<6k%Mz|sjexB}oT`u5w#>1g=dMcHV=Z~&Op|^v> z?T)$+o}|}&Z@v0G8S}xz5$l-HI+keEDZZQtBku}xluIP(2mgkgee8t*>6RlJF(rEZ z@uN-Izn#77-*u#0A|)2$SE8$s-@I`|Sc5Z{wVdvMQ_^ISySbi)qj`1?t^IY5HeuEN zI$Ej=HI&AOo!@nk9f2>=#Z~hJvrYOANw|<;MqKfzdf!@XOwDV(;U|WaofXUX^s-a7 z{{*DoKgUn^>HJQYAeL#p@);_67h9>cl?!j{c-$a1#&O`*RLkmNTHHdx#?i16{vTPi zgf4G{>M0XYy{CY*>NB*_Dm$C8cZB&ne0d_AGv%x^&1>Ouu}r1Fc$#qfdtHjRkH4CA z{O!nd&)Z@PEO?!^>V_{H^qrx+R7FaTSfxi@#UK{VR_82cKT#>XZbK1;lkeQmv;I9| zr;}Iqp`%sqwkj=CsC&YDPA>3FD1bu|EVym$XiDIyJQ418KKH#nPR1b7JyHNBNqj-8 z^VyGQaY(mHWtpw9)eGKOO7We@A$oRpriI0h*chF>_ZJ8}QZ8TjQ;xdhrlMa^OkT?N zH5yC2E31D!wBM!gki}_@_(}u0ydJ&u>nRi!4;7nMmk^DXKl+$bLw&8!x?@GXTAT3R zqR;tt!KX9YZke}6Ufa6(52~>=nhM-MQhrNr-c5Ct47-3wLo9QhKTB?xylhN-Im)FCd1D5=?zGsT+^;R@tWI=dqpK``!c%u`|skTD{hSdHTV z9N>6V^xJ4xS9yYJZ;PgG|IRn2cXXb&G066)2g z^%Yl+{(Evb@?h@%6Q$g-Q-4BRQATGLjIFjoH;cq$Yjdv_Am6nGFjM-)g>A7DrI$u= z*xeBtJ;;j>p5v-ExX0We=vA_fsz{b)c3kC&t~KvR?-GgRiW?wpi;`%u zm!gz=GOp`pe96;Y_z?Z+@U{+W9_%*h&Th22EVg&G0DV8yI1|*;T0njOd+5R%$K-Yf zb@GLC{2Fib?D~+ZAJhLT+l;;3@Lm2VPJ~xgT(8AIN5uHK`t6#gJ?=+1M;cQ#qfN>3 z&!;&(iZOIq&w2@Z9TTgU`WxRwe*4sAaK2+`?N@7kJS~%WV(AG!`{o~X1b{03*-$@r zRJwZyy(fcz#@*~1t#)-@kM2{ydNRLpFkQ+PXUxkDmK6g3KzGTdyJza;M5DR3kaIq( zV2;N6)EJ}7I-`#VIR&U|IxFegA5@+bS}8j`kbfjPkQskX)&3z5n9Cs4YzV7u9M%f9 zi~p1}CXL|+S62Oo!_@btOG@?i(P2nFcj-^oYngWDLQ+Ie*6T#~Z5ON2As^4N!3A+G zMMjlXFDiHYXC&C8$4P1`$M$WaUkup6=qo9xWq-SiqLD!sPq3wm?wkw(8;1w{#*?bA zbKKK-+7*2pXNqBDlOR*>;1@Y5u&BnmIl1oqz_W~n?t6|VC}XlO18JN!T~K?c=rh;o zlgP4KsM(N#KF8H5J^Ipz8^zPE0>S5A4-mH5y6Xed0cM1HaY?E0hf608e<(1=FHsvS zTes`5#IJu`r{X@Njobh-bxaPOgqd}T*0xQBzB2-Isbr2^jF_&>y+;jvM*77Vhtrx6 z37Nf#q<-nXmrGx7?Zrk4&pXki9*tOtL_2nB_nD>I15&1eeJV4@p1)a5c8j z!!-qWf^CZYp;H_#25B6ml%~)aRBt_N?IU!J*XxiFsNe#-+)?uzf6&_i!UtWJ-(c$vvXFBo4+BzjG5%(p zHkVEj@n1u&$uGP?^27BI3H1Z<2x=VdrjyVJN4iNEyQwle=#d0*DUhv2=Up;Y!Rxd2ycMQ2N0=`K(i!pvz?QP8*Q| zZY{lWbNXo%-L-_mZ^Dq_9c(#{@-NRUjC`N#)DyuRPAAl`)YPVIJPJKX-S6eeFJz!{ z;5)KfnJu52(+AfT9_Z(USDNe8P_u z*MCo)P}6wq<(p5~n6Qazsjr#nRY2E_MNHua;=nV(;gcCD`pLl7G(!2|x@9O# z1v@7u)!Vc2l;t^8{opki=RXsq_q<|T`6O8`hj+he`uyw?#Tzsr7ZWdJ^ua`GeBRrN z|FR5zToCXdOZ+_ESf(e`=VjRNt=j8)blhl;BmG^;Mm7YIFB-x`-C(Z>v>THK^t7Xk z7Sw5)DkY;UfUODPIecZ!K8nQf}MU}3s`czfP50E_RQlW_MV|SX$Ov7zObIu&=$ma z9Zb;}n~LMj=LA3I+#g|9lxNy4VjfxjTSJompF5vTe zO;h~GjM)?8Aklvr)vzUPoaZ26brX2jPv{s@Ie;$imH|p;p|JN0^EhIisyrK9q2!No zY8c%8SkU9&ofV9?cI9KLtX7%{S~_eLF1LFkhoI|@c3CX=tF49rzfT@7jfBSf-G!Sc zvmWK(Tt8Nus$X2e?WVD)@}E&Jh}-B5FHEjrnl3VC!hXRES+_FY`Qu%_UYFPZsSCOf z;9xn?Y>ljkL6&i*VJk&5oZ0y7+kem!JllyGtb0X!>8-op7yOo!I{Qui6GQwBK0Bcw z&9?_q65y^vP{F%GZdf>3^J8|1Hw)`K{T%WTTY_ykB24L(;L}H0y~g zaDE^de0080bhuv_sJEo$H$<%qePnGsW&-!f>pyz<_JfN>XqFv(ARfdZ=RVqDJbM{` z?;pXQzxU3_!ruF4lc5e*!Da2-_>2z7;Oif69CYCta&W&Zj|`s+7)s^C_MlSOXLyIr zH@G2=48hWEUn4=;YQko1m%XOTrAb#RJ;zf3#DK-am-#j?)o$#B*ZtMmUxhIWAhji6&!yUN`Q2k#;vqN`qk2OD3*3 z9m)Y8bO`}@lQ;)MAlguM0ykA>Gu*q<%S5>{XhR;ce=C->?kVdoXpWAXUjjs;Ls8tR zQ(LCRA6m3WKYqQXf~WRZ#%Ti3W=tsO(el@+YB<=Sd-4!=ScUHa>m27@=mua7vb)dx z$>u)GBaLnuDjif7#8IB{l98n*+_2oG?mOAV=GB1yw`JJOuH=#k$#@RMmB{|DqOkY7 zdFdq@0^Z<|5Y*Ghw$XzCbg2GA_Qhvk##b84I+kjoL=58KC7-C+rZrP8{3C~DMFt*7 zYithlh!DUJB?!R`d)tTsUF;)g_Mgqj(pU1_i!qu9xxkScr(E<7`JsKM^@kn@49Q+lkzP#uK=WL zQI(Po^1!kQSzaW4Qi^g$YS7~@3SOWlB zdh~2f1J0zM=jtXYuYAZVDSZnd9P&Ag-=PUDcVrZC0n(R#0(m%GTh!`%EaIqjdFYos z0AW8@W*>H$as{6w=x#)Kux{f(PM96JWpwvIQ3U|I7%R5HY(vFctGHbT3$gbNxNFc` z@de!5hI4!IL}|HRN?4R;m`eijOBA3-rdaweS7f*c{N`d46S`r zLmg0=bNN??*?EKdr0*czlQE;(B+$6eu;9+y#d)MAs#1&bvai zcK@|0$VuQLnB53vCynRvHKU@Zh3`+fQE7q@ag;S(D-T)_&y!OHqy!+#_bWrI@65>8 z<*HSaEX#SzIogH(rOBfTN$BDG;DQ6w{Tkb=oY`t7R$)RY!WMQW{4GAcDtkl)*Kx6I z=BLqg{y*N}5FK4~%X!wW5>BwIgTW3e@1CTL&TRmSKrm@?hUzyYAp;adE7xf^PeJ3J z3QGy#;d6WN(-mVLdBYJo%C|aaqcm{qd_tuXhvR)MDhD8|LlAW4zu4q{$a=bm;t?upbx_bjuc~$TQbV_<-bstWd z4{}aLFKPAXadgs-K2Zb1&wKGbfO#jb_z|^cH9Wr#k%X7}#-w~KRk*zZo^1lVndp}1 zsHzqQRs^e&YmIb++t_Dfpvi~MOl$C!c&tOe5X`*9;7I%Dm@ci8z9t^D;0!YxNvR7G z$1}MW4o;1frvHwo>vd8$Gl}a`H;PMj_BElW4}c?ZC)?oF#IRl&31G?VivwxmiQ)8! zsFnF@^Tf#7yrq@wjdW{Y?geK(AaO;CNBjMjbG=o@q2ZSpQuyxgXt@8KA!d@@o;;Sn z_qsn^qa+NtvTqB6%es_JjElTaLAYOHaBXR-WTctytXt)psyT)@YE3>$NVK~#@|C6W zojA}tjRtbUXa>?UBun$DIb61A_>S3yGL;$sbYZI;@klO@JCiudx~7t46QoUexok}D z$84^?=7?;kvf9Fn;w$AJN`{;1Qe|_+_?={+b*dF0h@DG1;_byK3D0x8oJ-~H+xPE| zJM+eIxKOIVXLQqj2m+qnMuc_3S3>uB24u&!)2pxp0&W6X)|v;*p5J0H1*E5GJ9)-4 z6?_=StX|owXRgAW+*p0@7grjL4|%&*Ij+=f4#{GjJHl6X?@77a+co>|ipcd)7u4pz z($sY`unC8p)uE`c%a0G0&A(*zFEn#PNT{{LfWvX0ye`#)F~(CAW^21 z1wx}(7U?;E&R^pKI_^|R;XrqJ7@!t;)TirIQvhyqXgn3B-&M%gP0+8YEfVG;wv5L; z3%4I+DW~7p$vEoU-s!#*keWzj_sq>8W^Uh1+R#;pJ;n-@)}^uX>O}o}v`yK?{b<(X ze^d?_s`PPozhc7JSOg*<4)`<90@JMq^)s1?3y#Rujo74#`$-<(K4F5-3Flr^Pq}rU zmRto<=My(RW-`c96tiCrp$Y51^1Tk94V5tq`tB~sk_SdG)|tbD3(~_SS0Q~vb@#@! z3ddmRBO~tSkd&+;o%p#kU9p!BADR6*bd;;WPJ(&`ldatX$R~td(s&}h#)m*{rPa=RB-O5Pb>6K?|7eG$Moi4#)JJ@i?9zy;9vJ zDu{6kmvk%I$?@&ri}Xq*ZC&U%4!;8=3gb2&c&tN|^34~mdrFONj|jnsm7EA0#yGE& zZoef|4>Y)(lInP~CgG)})t7x!4Fr5Xl|69^YQ*039hvqfGXMO|lB9{mw&eb2`>0d% z!w;d-!V1|cYVjOx-NXj3airPf0}0p=RZR{y#`ibdaW(!D50``YP4`bB-~D$AZg3w@ zmU7BC=*xMNX4&3p{u&fJ@}7b*N=rm~yCbF0HX&pvEYUp#GdNR=>2l7ZFElS7Uzd2) zW!ChQSx$d@DvQiRQ8{qsnx#dp5*Kdz9K7?D>+>0$l+T;Fk$GDy+D@T=GpOmC635$i z)Tn#BmYi?qs?dKQVa;)5j%`I@s2jXr5&>j4{^@ry%=EphodgW#dS$!jfsn%fM_2w< zEN9P^9-}>d!IgI4p%&{MhJIRh;{<2$IWb+90*t0dDkk+R%p-WCCVqAZ!0wLph*bd> zm*B51C&g?PttDQ3;75=G3uz&c982d47c9NtnX4l`UYZnr1Ji!j>CKi7chmJ0K?@iW zPQK_R@TWonBW%ltI)sI+23TvOVKIL*iv3T=_}gldNXs{e{>Dr_-3Ln&m;0}|OHk!w zrPQ6T08;4J3IE^_O5K>E@y-I^_TICt%wo#uaa*2*fPJmahOTD_ukI=A%G`Ffq+T z<8AKSB9>sa(zi*K9h)en*tl^jfb_?aF+^CX#MI@Sz+kjbF`_2$4AvB=AvQv^Ci@zk<-A)gwUjU)r(NQ~7`tecRmJEI1p5hD_e&yAv|v)1G=fGm<16agw950$0EPOUGb7{+&tfkT8qjPhwKP z!>I+!H+|Vah7MidLzZ_?R*p!Q!ez`iZ?f>%{ZTinn&X3dc|({Lf9_tNidU7zFTbB; zJUmu7izD;ONi`MC{;GFNz=rl%9WV9LrY87 z;E;E{L(wlDIl!eoDN)$(S*#|4o6gcwQ1Wqm3S>QG)L7^t(=_{%1u~R*rK_ zMLo3`^Y4NrOChy0-Ys$mz_2UkTWE(n2)5(t;Lj*NcZ_$UccoD?Bkz&klVe-H$eQlH zHtd-As;G6_i_b|KHvE~?Sb=zBI~PFqySl;|K%~rS7pF&)+jU(0>tud>94T(-IYdtV zS0T2uxozNRhWfv?*3^b#*2*8FTM)|O!j}D4wi9_Pnr$NRrpwbzTdUZF-oN7IR}{Gx zNj=Ai_ptr(MzSx`=AtB(rP(s{^uJvh^Pl+6xUA)@Trv|9;1;H0>V8ge>6E#rB6i}w zt9;2B|M=%_i5hk>IhnQ67a|z`p#ZTVU@cR3MDM2fHE*$UW^H~{_o$d}lkid$trdq; zy|$>fZVriM<1Zq&VRA7)bC5D`FayAImRk z7C?SXcDxxv*bl~y^aGAt3_s5fZto0sl{NX*G$B1*5Ay)6#^X&LhH;XYF&mkZ=&_8s z1QGBx1e4+H-QaegZ_0u{J>usPp#@dy;;U^!#pMiRdG}?nuiYRrFepGapf*ia4UqI) zToDTa?B~lC#9?QNt}plr=d6D@qCc}jMzz;|b58mOH0Etw^P#OCp0r25r3+uwS@7LY z+Ot=P(QNe^0-2sV9j_sfNnYg8nzM@;yPuTMWmJ<8rgzU?$)7ymTD`C@(fyKu+SG;Q zBY9e0{rH>Io42f0MZ*BGW$2)U3!nFSE8ce(BgEY_%|C2iAnLu`zID@V^#h1Oi?$3b z88KfUDjeR7gt7Op(AbWMcM<;Ro{7P!9<+@rJGY{9qrZB>!#arM$CaJE*HgttVmJIjl$6sX2tdowO^8i z5m>o^?9~Fn;lyGXUcKPM_KA^?J>=uH;gFe-L)tit;={l3&PJ5VLXa$B;)URF*up8> zAGMOpx_z9dH+r5Qa_KvLX%ADUR8SlQganRt#a3!;FBTXmSp#MX8MMV_b|CT9Q6@ttjT0yz-3N`&1TO>0}=uZz}(`jmM(&@L0#y*Da1%%u* zz2y)k-Ju6`*VE(em+!3g2aVm^o(Q@RHzk^z7Yh%(4wO8jSA(ys|M9(DOof`)khC$? zMJicmSnat;ksju<$NbS7!6Dm8-Og#z4+jUowACf`FJ`o@sM|LlAaK^ctS`EkDsWN9 z>i3J!*+qLFtbcw=Jb;GBZO=(iM?Ii89=Ofqu!iE;K=qudySxiV2w|^?_L%hRF*8eU zRm0WQS8q_&`OF!BzJi?{phZWwRw<@eOuU!WTmGoK6dXuhxJ(j~(6AGXAwP^)Jqy$7 zu6ArlX7*{`n4#c6qi4O-I;@Dr!xMo*preRI)%c8lP6yrRkk(xTY>V4pwNs@AkP@?M z*L=uzJfWj`=Cfb03umXd5(6UZWWAK-5R$el=2Sq4`G!Sds}f-Qh+4|lfX&Hqwr zaO;`~G(j#-5`#?I7JkTwPjn9?K#D{{MM)BwUdcS3C|fQUAA27(Z-#!zO7+6Hc@wPf zyuV8?Lul5woqkde-l-8J=MV3Ip>_OQO&V9vb6X#lWWa-PEmL>@ zd(!56m_mMH4cN(fFhbob=a4d@*YtD$iTH5!9W|LS}M4~?e75(8|&4tq8pG4 zc1ZVJKQv(fH$Hsh{zt!mTZzd#A>o>{G5S?>2tD?sqy!H_wwT6&PK?Wbh%_RZ7z#|% z;Q>k=4=^O35y)*39WZ#)z+7IKpNjBidp&;NZPb{;2g$I=;Oe&p>^IE01jB|mOG1@jdUvv1 zaF`;_TlsSFb=A@S7;jQ?vjsAPh0_aib`eqY-M#2Gj6-dDAXNo6rLmFzin&WaITMG% zD2fm4f5`hRrOdVd(LLFZM7Gy<7ZudgN8==(y=%z^(f{GyTf?BwgOE^m^|3^bTRIR| z;~Jakfkx1aTS=~h5LJEhdRx;!%OteOg5oK2(V*^9#S<*^2F?}4wj-zKp}l(EJq@}S z9U)^M8rgoKW<31sJY%}E95-L2e7>5?EalO^`PQ~VOxAb8x9^6Y6(Kv;#hC=$)8D52 z!|ezc7|*`khobXNDHkzLyB2p}|Dk!{P7&vccitjwR28N=IlHW0^iY1Q(O30-8x6}+ z63tIokaZfvHa>Uzy9v24bRAMvNss_2mg&o&hHEyXcOgRUP=Q>tq?>HvAc3oL#F(G3?B5JF@r$YZ(kVVUW4iIY?kel$Iv5@gaLiuT3*A_xbCO#MdPsV+ZHB0 zkv76dd9vj}`nB;|CkH|fpE#)ZH6LAu%d;9o6 zdnyBX8U(>zaN(~2P+-&Tj4T&1S75jXft?}d+0GN6Hs8+Sp= zbrp3KwbZ%ltnt9@E>KH~;D&&p+|O5o}&DLW*t_`*0Rywb;wYBqfF<0~XIyk_%NJh^Io7vJ4nO14_c z3?3F;gFngqLGyn6VW1vgZJ1fR*_g?(OdK)pI5-o6AtqO?G~xxkhh{$xYK zTW^kwSeT;d9xwooPqJWtL+lM|TK-%ry-dIepJ~ZNVfE5pb3Yqg&DlqO?=Tu|-J{5KOG)q*EnHMYE&WO|?OqF@^2mHjq13BEAgetNz?`d&%ogg_C zf1UKoHf{+Cswk&n0FQ*k?n@iZV~o|Ei5CugP)==$|MRBW6ODj9&wk6}=7X*eH~ek6 zZFyHs*0+32AX?s8!gy=#XbyqG%!NZ7#6@C(jjKlPXUX&mrtocWHSe`c#Iuir$WouG z_PZ74Jzqix)k*@+X7SV8SVwg)tmoqqy#>8tr;nUOMYtd$u{bZ;8ut81E~oULkeDp*4Bja+BY-@aZe2FRyi3gZMF|X(+d{F0hO^I>b z0Rs3!ak*U_I`!0Dvr#^7L!$L1;aEnCz|a5-}{ud9$bZ zf++d4ZT)K2ftVqW6v>0Ry$~7JZg;Pm<>S+^YX~?g5FfWD0);i?&fbMo%eK? z=$bv`VJ^O~(Q<7`J8_G*UqmC-C*wXz72)of?ne)daJS(RoD;wc69T4 zs!$Sfki)@Aox+~P6v%VD-RfMwu++M6mZ-3>BDJI?`~9Z;#d2!yf!Nz$v5B94s^Xwo zTFx>7$MV@~+?KWD9MMJ}Be8@K0=(GC46Epa?63i;Ugt3HKVdrO)| z#E|dm$Ij6-@@&~bYV!Capq4L;G(gDkMRIM3R=;Ay+XC4iKW6gJ5OeqS>5hc{)DT& z!*pI6{@D-n3X#0nZ?WS;*Y z(@}h|mz0{c&B$6<^~>eI&VM(Vw;u1ebk7usJS)|yfSb= z@(NIQsj4L!Jof*Yv28N&9IqH(NIu3xDYU8oiR*9o3OxLPvC}+Ku-DA4TU^6# z$>&OmSAq{9aC0}$J&Uz+Y<9x=-w+h}LMZavtU89xh5mE#04d~xKz_J<$7k!}hoAVf zzHB@FEAUN6Yt&el*0BeodJL#(ba!{Hy7cW;F9n>yUl;te`3Ggd1C3x1uR>7<%m?E8tbNj@+JkpGJtc(!qA zx$lM@SdIi0v5wS!uc5(OTI2?~C_%)n~F3*Ob zDO_M1N2tpn;i@xR)p{UeUAX_sSW+u)b6ldJSU;nV$&>e1CsD&5Rwhw4JH~YtAkbxk z;zxk22)b)*&eiPDl6>n`J*@kuncL)T(ONB&Cox1y;(h7vY4|Anufcz*#pNn9?&%Gp z?B`7y4^wqBc1w~zU=XOEueip)>bX?4kF2#%yiR#*e#B?Jy>RV2zvU_8#LtyABlhXg zu$pc^J!gImAdX1FZXPno#scDL^(&v!`A;1-gGjiD?pW-veuhl{al9p@%)Q~L$0N1e zVALu6DtaHrKQQvaBA-VMpm<#e6n&=~8UT!ELMSZw)!>yUM`pzRrz-DLT&jpIVd{od z0T`PFzT7^Jo}(UzK@I*+5Y&vArt=sz%KqeK^-U*@D z^Xp&d@cfXgE73*`pM|G96!ueX>t3jNWa+(OmBfAHmeVuKPL@z^rG&dpz zS-#{vAKBbZYw*Ed^Y!xr`%E9&QBFIyA5 zy!qpI77PZTf>-}LG7MP&^Mcny<0LU)?)O3hDCutfedX_6%k(wn`7oMRq&yacw3WZW z&vG->Zr$MmR?CqW*l1luSvv#Xd91<-asXbTK9Hpy?5?0txR$|JEYl<4WG&nx#k=AM zA^GQbE{TJeNi6tSK!%s)Yp`eF!AWhOn#!uU#$PK8*zY6;R9`9RdiKR$ZSy>fu`^fy zu$H?0_xmt@c-GCxF!R|@+U^R?h?`g+FTF{A_!VtGhMjfc@pqLQFLoHiPQ2Ur0FIlR z-5xg%ajtFJwbDA{@$!_A?XQduMu@}<)nUk`Q`yvl+P+8^PG_ajVC0?q?#zlb=DRU8 zk0Q_@70Wo>CQPwZhu1t!eCBPz}b2&MT5`%9f%#-8^}zamlA&lRo=22C|f3Sk04VA*aS4T03i>*!Zm)_d$K7A?d?RD7^xcq*(Gp5s{-Sy=YO&~Fo}&DLrH zwb5|msb}DP;`Q?wF62eN4#3_MmnW587w3GK>~HLjLt{il!TLf~KkaBft3-l`C37L4 z%$(h*BV{{xQ#&%muDviA*z?(A<8hAFAU|*Gc}~XBAnQ0lGyu^y9ZzF99xk8kqYrco zLQV-{Jsqr_Pc;CwNxm4L{Th-Oq9=~H7vWBTRtXHk`(3u0EIb@g_ z061Xk1!`Eb4)x%>E5`m6>lHLyaO$H&gC&(FT{(O=&FJ{PQ57s6ywxz>ac2v*E=XL6 z3_5iGdv5OX<@<}l>qSObL>&KnDtcowcn^0Mjy*{c4l{fg16o3Mu zm=<6*3TbXs-(EO${2?4M%AO0!+lb1AJzf3bIFZ02gV{Tzg&l3bmiPWQkC+I4m^rrz zHO%^Bv4}q*-T$84|Lv9$!|?qafB2*z9(3W(9uIo|VVx1k;m=6~ut5M%7Z5}{w~8qhHNUhTQjxc1pV+LH_z!8$k)}HM^|IyD#?Ra4=`)K$>GWQSCQ{OpD6wi z{@;N-EMl1N4D%Q=d)>IQVF3_-F4H4HW8Ad_fG zTPkzo|NGg6m1^dTUpz-x-**9|h^J-r?a&-DTwV2+|G$$ZaTl6Dr~ZrldCLini@aSC z&Qr{rtvg~s7Hb=yor>86M|cm9!b&ZM7*#vtb2;0{|8Qcu@2{#yH+x;568X9D@GR5| zEalu)U}dL4y&W9-P!l@HQ_{1dZ8wWTK!*~XoNC)vfZ9C~e^{0>P>|KX76Zs3QAcO> z*3PZYlb}igOhCE&jH`0#)a;TO5w2;r$K*R4;|hO}jPK7%W;R=^M>TQcLFnb~#NmDp zC#NB}8ZP7m?Z?V+nAs#$ff`f4w%NkDSQ;`rP zp-59UE1L}xKB>ahhMeR?2!Y~;@Jm?8v|`OCWjq#~g;%|;f$fDGzgkD25Il2%Gef!D z|CAn1`@X=*1nggUq*yt(QwRkAlYxdSU7>>YSVn1G^4y6(I4pQLJQd^HF4ySHy)sE) zA5p`-^+6>#Q`57{Xtv*1{r|wms4k@ zq*t%y!ZYe_2D9}`s%TU_MIoXV+KBE{XKqcILFY!6(Hg7+D;lGyqnudDy0e ztaR-h=xa9(%u^S5wxt?8x51f<`EFJ-{6b&3BLqGR0R9b~|MquaGA?qXeRVjg30g3R z^Z2s2Y7*N-`}dt0pxOncTv&!sH$|iz=vXV<`x|5)sPlGS92&F9gJ*Gii*m~4HX0`y z&898_ze#6xc}s4 z#J1)fIG?ibnr=yjF=qO46yRsLJh;4HYq9Yhd#ZLel<1*eH0pq;p>b`|)2E zx`my)i_P~$X;fNEZ3cL9z#l_y!^-w$_(@X|=`L3mtr&T{Zb`9sqvq6F=Lq~7e-Yt0$r1k0g*GboCO zV$DK3%ZN_Z|Lg&^nZ(ar|>Em zoPG4!eT5$pGyp}tIK<>yJk|ZBI$1%$PlaVkB;(BQxGdU5=R90otD;P9d`O_S!R3?m zE8U7ls2N7RVw`%%XMMqyZ*U)NPVNq}wwv*XI;>fF`P=gwd4DyUskD;akI%ph=}1?R z;V(%2cfG|S;j_S08hONzlu=@-Z`@Qrl*OLG5E&Un_$6=Cb0)beljYz)#<} zFgoPg!bw#SAS+`45p%n&`P_ZO;{14KwSwUzux%%Bw4M%os76$7rcz6cpj9f~Do?zj z>Nnh#cKD9XF%p2)1l#5aH*~Sd?^g?` zv1($zo`K-si3BPqkXkJ<(se!Zg>KI;jTG<#xwF9R_4?yeoL5=lzx}7W%9}83ZA?V0 zzB)#np=k1NT(UV|Lj)%4!X%ML>wm*i)I^jYtVajopsmS{Hg|0}M>gIL)i|`Rv$g*~ z*2QF_#(;czt48YWcPzY*B16tHeW|5(pr}SH2IluC8p4DW7uxk^;gvB6(@6t zSAZ?8vv6bHV&D!Fc@8kgd(Y&r$f=y~#Z>&X3BD!a#1YxtMczH|@X?D~*EqI=wBR z=I8jB@n1Q$LZdlpP6U8I5}4bBD7Zb$@IMRZ>Iw9IBj6}$zT|%=oUO?JFck6c@U|58 z*U)LZSc)(Z=~H9t$ZEQbf>%B(WQzbf1q-9zEvH=Z(<((!*y~<`0lkkPU8vZJ)^_rV z+9r5TP&p9zmvF8Fg_*tbto$Cpt-?yP1 zCk+3U*7!5zq{nDIz`V_tcI1OUx2QDY;%0$EkKU2iJZgF=YJM-ppa)S_jN~ll0gd_}AUvPF?r)d{dH0dH(aMOT)2?mZTIxk!8+c5^MO7};bKyl{Nc*~U%i*v%Y>G{ zj`%-IsSsFt)o)MVz9EpMP@+BE{=?DiK0TqvW+klyO^4V!ohK-KaJ=Td=WxP@dykk~ zzMecMyJsiQmI-RMuGQ1sZR{dH|9iIoKRZX`M;n%9-^KM9UatseJ@Dtpk5vpejubs) z`d~WGHM33Qz`u`z3FlM4v}>Gg?)mq;UXQ{1%8fS#j5m&0CCAU6@7ufC<@nnlwtr$p z92gj`i!?jtRrmaIWMDA=BvnwgzFWv} ztEMGh2Fyjvnb{?Z&wQlu2cBlHbExun8_)P?uKY6OfYvcYo z8$V+*IHw-%eEEF;yRtw&=?BWd!2$+gWCBZe;HW7BumlAT5P` /dev/null; then + apk add --no-cache "$packagestoinstall" &> /dev/null || (bashio::log.fatal "Error : $packagestoinstall not found") + elif command -v "apt" &> /dev/null; then + apt-get install -yqq --no-install-recommends "$packagestoinstall" &> /dev/null || (bashio::log.fatal "Error : $packagestoinstall not found") + elif command -v "pacman" &> /dev/null; then + pacman --noconfirm -S "$packagestoinstall" &> /dev/null || (bashio::log.fatal "Error : $packagestoinstall not found") + fi + done +fi + +# Set TZ +if bashio::config.has_value 'TZ'; then + TIMEZONE=$(bashio::config 'TZ') + bashio::log.info "Setting timezone to $TIMEZONE" + ln -snf /usr/share/zoneinfo/"$TIMEZONE" /etc/localtime + echo "$TIMEZONE" > /etc/timezone +fi || (bashio::log.fatal "Error : $TIMEZONE not found. Here is a list of valid timezones : https://manpages.ubuntu.com/manpages/focal/man3/DateTime::TimeZone::Catalog.3pm.html") + +# Set keyboard +if bashio::config.has_value 'KEYBOARD'; then + KEYBOARD=$(bashio::config 'KEYBOARD') + bashio::log.info "Setting keyboard to $KEYBOARD" + if [ -d /var/run/s6/container_environment ]; then printf "%s" "$KEYBOARD" > /var/run/s6/container_environment/KEYBOARD; fi + printf "%s\n" "KEYBOARD=\"$KEYBOARD\"" >> ~/.bashrc +fi || true + +# Set password +if bashio::config.has_value 'PASSWORD'; then + bashio::log.info "Setting password to the value defined in options" + PASSWORD=$(bashio::config 'PASSWORD') + passwd -d abc + echo -e "$PASSWORD\n$PASSWORD" | passwd abc +elif ! bashio::config.has_value 'PASSWORD' && [[ -n "$(bashio::addon.port "3000")" ]] && [[ -n $(bashio::addon.port "3001") ]]; then + bashio::log.warning "SEVERE RISK IDENTIFIED" + bashio::log.warning "You are opening an external port but your password is not defined" + bashio::log.warning "You risk being hacked ! Please disable the external ports, or use a password" +fi diff --git a/browser_chromium/rootfs/etc/cont-init.d/90-ingress.sh b/browser_chromium/rootfs/etc/cont-init.d/90-ingress.sh new file mode 100644 index 000000000..be3fc009e --- /dev/null +++ b/browser_chromium/rootfs/etc/cont-init.d/90-ingress.sh @@ -0,0 +1,29 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +# nginx Path +NGINX_CONFIG=/etc/nginx/sites-available/ingress.conf +SUBFOLDER="$(bashio::addon.ingress_entry)/" + +# Copy template +cp /defaults/default.conf "${NGINX_CONFIG}" +# Remove ssl part +awk -v n=4 '/server/{n--}; n > 0' "${NGINX_CONFIG}" > tmpfile +mv tmpfile "${NGINX_CONFIG}" + +# Remove ipv6 +sed -i '/listen \[::\]/d' "${NGINX_CONFIG}" +# Add ingress parameters +sed -i "s|3000|$(bashio::addon.ingress_port)|g" "${NGINX_CONFIG}" +sed -i "s|CWS|8082|g" "${NGINX_CONFIG}" +sed -i '/proxy_buffering/a proxy_set_header Accept-Encoding "";' "${NGINX_CONFIG}" +sed -i '/proxy_buffering/a sub_filter_once off;' "${NGINX_CONFIG}" +sed -i '/proxy_buffering/a sub_filter_types *;' "${NGINX_CONFIG}" +sed -i '/proxy_buffering/a sub_filter "vnc/index.html?autoconnect" "vnc/index.html?path=%%path%%websockify?autoconnect";' "${NGINX_CONFIG}" +sed -i "s|location SUBFOLDER|location /|g" "${NGINX_CONFIG}" +sed -i "s|%%path%%|${SUBFOLDER}|g" "${NGINX_CONFIG}" +sed -i "s|SUBFOLDER|${SUBFOLDER}|g" "${NGINX_CONFIG}" + +# Enable ingress +cp "${NGINX_CONFIG}" /etc/nginx/sites-enabled diff --git a/browser_chromium/rootfs/etc/cont-init.d/90-ssl.sh b/browser_chromium/rootfs/etc/cont-init.d/90-ssl.sh new file mode 100644 index 000000000..b054edbd3 --- /dev/null +++ b/browser_chromium/rootfs/etc/cont-init.d/90-ssl.sh @@ -0,0 +1,22 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +if bashio::config.true 'use_own_certs'; then + bashio::log.green "Using referenced ssl certificates to connect with https. Please remember to open the ssl port in the addon options" + CERTFILE="$(bashio::config 'certfile')" + KEYFILE="$(bashio::config 'keyfile')" + NGINX_CONFIG="/defaults/default.conf" + + #Check if files exist + echo "... checking if referenced files exist" + if [ -f /ssl/"$CERTFILE" ] && [ -f /ssl/"$KEYFILE" ]; then + # Add ssl file + sed -i "s|/config/ssl/cert.pem|/ssl/$CERTFILE|g" "$NGINX_CONFIG" + sed -i "s|/config/ssl/cert.key|/ssl/$KEYFILE|g" "$NGINX_CONFIG" + echo "... done" + else + bashio::log.warning "... certificate /ssl/$CERTFILE and /ssl/$KEYFILE and not found, using self-generated certificates" + fi + +fi diff --git a/browser_chromium/rootfs/etc/nginx/includes/mime.types b/browser_chromium/rootfs/etc/nginx/includes/mime.types new file mode 100644 index 000000000..7c7cdef2d --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/mime.types @@ -0,0 +1,96 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/browser_chromium/rootfs/etc/nginx/includes/proxy_params.conf b/browser_chromium/rootfs/etc/nginx/includes/proxy_params.conf new file mode 100644 index 000000000..1990d4959 --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/proxy_params.conf @@ -0,0 +1,15 @@ +proxy_http_version 1.1; +proxy_ignore_client_abort off; +proxy_read_timeout 86400s; +proxy_redirect off; +proxy_send_timeout 86400s; +proxy_max_temp_file_size 0; + +proxy_set_header Accept-Encoding ""; +proxy_set_header Connection $connection_upgrade; +proxy_set_header Host $http_host; +proxy_set_header Upgrade $http_upgrade; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; +proxy_set_header X-NginX-Proxy true; +proxy_set_header X-Real-IP $remote_addr; diff --git a/browser_chromium/rootfs/etc/nginx/includes/resolver.conf b/browser_chromium/rootfs/etc/nginx/includes/resolver.conf new file mode 100644 index 000000000..70f4982b9 --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/resolver.conf @@ -0,0 +1 @@ +resolver 127.0.0.11 ipv6=off; diff --git a/browser_chromium/rootfs/etc/nginx/includes/server_params.conf b/browser_chromium/rootfs/etc/nginx/includes/server_params.conf new file mode 100644 index 000000000..09c06543e --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/server_params.conf @@ -0,0 +1,6 @@ +root /dev/null; +server_name $hostname; + +add_header X-Content-Type-Options nosniff; +add_header X-XSS-Protection "1; mode=block"; +add_header X-Robots-Tag none; diff --git a/browser_chromium/rootfs/etc/nginx/includes/ssl_params.conf b/browser_chromium/rootfs/etc/nginx/includes/ssl_params.conf new file mode 100644 index 000000000..6f1500599 --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/ssl_params.conf @@ -0,0 +1,9 @@ +ssl_protocols TLSv1.2; +ssl_prefer_server_ciphers on; +ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA; +ssl_ecdh_curve secp384r1; +ssl_session_timeout 10m; +ssl_session_cache shared:SSL:10m; +ssl_session_tickets off; +ssl_stapling on; +ssl_stapling_verify on; diff --git a/browser_chromium/rootfs/etc/nginx/includes/upstream.conf b/browser_chromium/rootfs/etc/nginx/includes/upstream.conf new file mode 100644 index 000000000..b292326bd --- /dev/null +++ b/browser_chromium/rootfs/etc/nginx/includes/upstream.conf @@ -0,0 +1,3 @@ +upstream backend { + server 127.0.0.1:8080; +} diff --git a/browser_chromium/stats.png b/browser_chromium/stats.png new file mode 100644 index 0000000000000000000000000000000000000000..f710afa33eafad4057763ccb04bd6fc084f4899e GIT binary patch literal 1774 zcmZWqeKgzm8viCKK?&9wN?NVCH80`nc5Nb(Syhe2`$E&Kdg`TCA|+lTG(UIEN@<0z z<~^>pC~kX1OF~0RPo>pjH+><3s+TMakt$Lzsb$?c+qw7t@jTDxobPj<=kt6&&-Z)_ zLWuq*M!Ssw044!P4ut^#ThZY%1GvsNZZCeS3x>2K(P;pn?)`4CE6ykz0QBnu4t*Yx zRlPV7TH5jtGrf=_ai5JvKf7ELhaW;(e91O1`p~RNUhOu_wCcq5`%wvxxWfr>yE1$& z20%)~Ob9xMB@p`1c6QS!GY$=DaDczP*UyytTYjO_OJ?=lF1k4?I?`4$PgQ);^hI9T1}RU&$qUqRVA>hzPA+_w$_d znuDqG%;=-e-PS_mY037N+i~a)8^OUH_T~^&^j|&ykJ1W(-z_qIK^68>cnJCkR`xgp zjO5koxTjPvla%@~ko6`i1&%=MF_sFBAH{DMexo2nh_KsI|nd|z*hKY2xF;{>+~2z+l3o2keywowH> z+op|D>82y4=lpk_kF<^cDsYUx=$7&l!D&zH2-+anB8pDgs07UO2zN72vA%&Lvr4$y zR)@4At|e7CNF1=D{7Xdk$6TzaE@*wH8RsJw4BnOX@Hm*XW18;*Gt$Jtt0vabrtb9% zIjU|v-2I$Q7xCK7%TBV3watD9WYBZECxl6SS>WZ z04qAJo3m1xjnIkG5hV8l{E^UMNv?YHAIT&8dqi6~7BJ=3$xo%$wl3YOkp$4t7BWCcvx7R3j-OrnFHi z6>BiyI&sN)++)B*bItX2zqo7xxCZbKrlweb(ikjjJ@gHN-i{XBe4u)9K*aB`*U(jY zw-QkzLWa~M{X7AdReYJ*1b44b;&;y*#2g#L{@u0R_hBYvzFKt_KvZ7mSX#5Oh|iOl z=BGnv5(mNmymkV?pVYM0ihy>aDgTlR-Ul~$dsTni1FVi_%=%Pdjboz56i5{_0Jj(F zuCWaf=FF;e+lTZ|uE1KgBj_~xfrhnw?yie1*;n>W4s8}joGA2s-Vrk0&RbmCY}mpr z3I^WZgI#zsM_W2sb(*Fe1~PeG2^M6gnMOiTkgdMi$lCsf^d{;fl>3cEvG#Ru*VAhW zxVN+3;x2Y3%Q*Z*U`dsHk`x=rZgk6Lu&3}okxg+7%QycJ5WW$3NadbYBM{PEYHURhXc?$sU(i(Nha6sP3( zJzn;6%Z_AAlJ^ECvR!YZQ`C#M(ca2Ao8^e|zTzZtIHSb%X8N2s_qB{}D){WxJaf)( zr)P7En(3g4jH1ML$$PuS8di~l`zk(aB}-T0sj$Sy!iTrdGV+bEbknI7vs`Mzz{@00 zEriocnall^7e1hdQl{hAH=U}b7jm`-%6|=?exh!Z3GW6w+{W=Lg4&#__eeR7ef!7p z_nmKsXeWh_5=g$u9`*F;nYpDVwVXAUZt+c6tfKFlU)k4u#ubTWZok_`kI{_wtbeQ8 zGf6x~)i$^Q{nT5?(~3I?b=^