From b38437da7c6341a82c70aa08176c5379bdf44cdc Mon Sep 17 00:00:00 2001
From: Chris Grindstaff <chris@gstaff.org>
Date: Fri, 23 Jun 2023 10:42:45 -0400
Subject: [PATCH 1/2] feat: Harvest Prometheus exporter should support TLS

Fixes: #2070
---
 cmd/admin/admin.go                       |   5 +-
 cmd/exporters/prometheus/httpd.go        |  29 +++++-
 docs/assets/prometheus/PrometheusTLS.png | Bin 0 -> 44123 bytes
 docs/prometheus-exporter.md              | 125 ++++++++++++++++++++---
 harvest.cue                              |  60 +++++++----
 pkg/conf/conf.go                         |   1 +
 6 files changed, 180 insertions(+), 40 deletions(-)
 create mode 100644 docs/assets/prometheus/PrometheusTLS.png

diff --git a/cmd/admin/admin.go b/cmd/admin/admin.go
index b5482dfee..41daf6845 100644
--- a/cmd/admin/admin.go
+++ b/cmd/admin/admin.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/tls"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"github.com/netapp/harvest/v2/pkg/conf"
 	"github.com/netapp/harvest/v2/pkg/logging"
@@ -68,7 +69,7 @@ func (a *Admin) startServer() {
 		Msg("Admin node started")
 
 	if a.httpSD.TLS.KeyFile != "" {
-		if err := server.ListenAndServeTLS(a.httpSD.TLS.CertFile, a.httpSD.TLS.KeyFile); err != nil && err != http.ErrServerClosed {
+		if err := server.ListenAndServeTLS(a.httpSD.TLS.CertFile, a.httpSD.TLS.KeyFile); err != nil && !errors.Is(err, http.ErrServerClosed) {
 			a.logger.Fatal().Err(err).
 				Str("listen", a.listen).
 				Str("ssl_cert", a.httpSD.TLS.CertFile).
@@ -76,7 +77,7 @@ func (a *Admin) startServer() {
 				Msg("Admin node could not listen")
 		}
 	} else {
-		if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+		if err := server.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
 			a.logger.Fatal().Err(err).
 				Str("listen", a.listen).
 				Msg("Admin node could not listen")
diff --git a/cmd/exporters/prometheus/httpd.go b/cmd/exporters/prometheus/httpd.go
index f09174f29..7ffba1aac 100644
--- a/cmd/exporters/prometheus/httpd.go
+++ b/cmd/exporters/prometheus/httpd.go
@@ -8,9 +8,12 @@ package prometheus
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"github.com/netapp/harvest/v2/pkg/set"
+	"net"
 	"net/http"
+	"strconv"
 	"strings"
 	"time"
 )
@@ -26,10 +29,30 @@ func (p *Prometheus) startHTTPD(addr string, port int) {
 		Handler:           mux,
 		ReadHeaderTimeout: 60 * time.Second,
 	}
-	p.Logger.Info().Str("addr", addr).Int("port", port).Msg("http server listen")
 
-	if err := server.ListenAndServe(); err != nil {
-		p.Logger.Fatal().Err(err).Msg("Failed to start server")
+	var url string
+	if p.Params.TLS.KeyFile != "" {
+		url = fmt.Sprintf("https://%s/metrics", net.JoinHostPort(addr, strconv.Itoa(port)))
+	} else {
+		url = fmt.Sprintf("%s://%s/metrics", "http", net.JoinHostPort(addr, strconv.Itoa(port)))
+	}
+
+	p.Logger.Info().Str("url", url).Msg("server listen")
+
+	if p.Params.TLS.KeyFile != "" {
+		if err := server.ListenAndServeTLS(p.Params.TLS.CertFile, p.Params.TLS.KeyFile); err != nil && !errors.Is(err, http.ErrServerClosed) {
+			p.Logger.Fatal().Err(err).
+				Str("url", url).
+				Str("cert_file", p.Params.TLS.CertFile).
+				Str("key_file", p.Params.TLS.KeyFile).
+				Msg("Failed to start server")
+		}
+	} else {
+		if err := server.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
+			p.Logger.Fatal().Err(err).
+				Str("url", url).
+				Msg("Failed to start server")
+		}
 	}
 }
 
diff --git a/docs/assets/prometheus/PrometheusTLS.png b/docs/assets/prometheus/PrometheusTLS.png
new file mode 100644
index 0000000000000000000000000000000000000000..bf2f7aad9fd167858e85eb91b66210006e59edfb
GIT binary patch
literal 44123
zcmdSBWmFu^7A}mt6M}nyBsd8WV1Pk_1c%`65Zqz#;1=9H5Zv7f0fM``y9{oF+{wA`
zd%{`Y@9)Q5tA}a2yQ+6p?OnC^^X!@sd0BBxG!irz7#K`R2~kBD7`P}H7}!7*B<PjF
z@k%M^7p#M#xG+rFFxejTA5mj9NfQ|vn77b#6d2eba~Om_k3c^p&<_j@d=@MWJoFp(
z&$TSLfA7LYWx@Y@4jcIAK?=gra2OaMjHIa0XII$6bYzbgQ&&B5T>QE6aM}J?<A{4G
ziZ8m*z8Ac{T6PBuT=Khn@1NU%5#5Dey!jgZT>?DrZnnpNo4K+yXyja-YBZs?>T+Xg
zvc1gba_nI``!LkFvy8eoUF%XgD&d3h_sEJt(28g3F?a=p`+Ml2`1A0*c==LN*1GJ)
z_KsxbV@@;-YSe!ZA8uGppfJG1Bv<JJ2!EaH`7LDFW^~dFaS%EGtgYX(7yU$rmifMr
zBKGV(KsW;23dC2fkp$TW0?#UeL79b%`S4drsK8kq2(PIaMM8|9U$umL5ygd8_E#_%
z)X#yyS_C5xj}|TOPNyo{F^}^O-iT*ntgh1I7_|1YaXRS&O?e+LCN`T6%Hr=X@i%p!
zKx*q7>sx`O<*}X+#jV?&j6}&;0qg<+?*L>hGO9?y)1(^9<iqOT{7f%;Y{84*+#f$~
z2Tf_72@V{>Ls0`#xF5cTc6W1xt;fbC_f`b=a#c4eAcj!e(O1jyG@#0EgP!(qd-$PM
zgE@oKJumCq2)(CDUIw-xXeF0fyGeRj;DD@|+!&3+_nF{Xzflk-10K3!BL|*zJk|4L
z)8C39VaJ+gdM=C9bf5><;LCncPhi!h#&JENQ0a+@)g(Ga!QFeP+&`KwE%rEBbBBW^
zEvU6xP~k7QMo*}<O4RlW(JEOd;o6^#wqJR;p1h)FRQ7HKu@fYOg@(SZmv(fF^Y{0U
z)68q(O?hulBNB+g;^J)*^RE^lAj3kG0|_{hX{_#Vl(tGx@gt%b%kQ^kQn#ixt>68^
zra8Oa(Z$J~%FFh=UUrG(v8L+TTh2*Mb6;*eJ1B4OYjQe(o8w%q+USW){QA|yO`E@-
zRtzJtdN_sZ33RgNb5Lj&G&>8jU$Cn0#TLAO?XZ2nU4OG@8lI?9sv%`&R`7y=pl^Sw
zc&nJT{p_`Oe}hu4C&XEUUfSNi%J}z1a+TQ_P4l20fhRl?MpQ)w+Zz^^1b%nt0c5Z@
z)!ZD9bFz>hlH?QY104s4;z&C%fkpeRl2?+!j-hea80~xM>>q;}55;6-5ERc+le`j*
z+Ws7AZEMHf(GJ(Sr~C8rCID09$A6R=8Nt^F5cMHvNVD$qT~`9LrgcC4=Z<%3$$n~=
zn#R<&<}{@XHSFJAeL}gsxsE68_MNO4nw^hgbWI*<pavQzo6g&J+CymrhSPVQ)ekCs
zy~ud}cq5`!CV!ds4R643u6k#U!}Ub3Z(u+P_OTe(1Cx|1#$lMhr;L`JT_KQ+Q?%PS
z`u-6Dj!90Y=6An}8`kDsFs>MHurutFkmEL|6$_8b?hFKN&Rin-pN_6|?%!1aDE?7g
zG8}}rN4}zI)J%;Z!#=s=Lj^Oqs=VSP<-FMuJ$hS@;b&EnB*9o(G;m<kpmKM4z<|59
z#sMA?+}cXiiN?4LR(C#fQY9@XZ8Az^(qWPlxUEU|t^th?r`ZP9n2l-GS<V&tg$TrE
zdZm3i(lBv5r6cTP?+KU3)@c~Lb^3-1TY<KgCd+s9nYM1aOq+4Vn_E3k`gW{8p}4F`
zxO+}7<lDCd0!EcyB{>1wq15^)WQvxVIAU(=lDX@%fwK1tEQtfIB$Z=%G8VMk%U%ao
zvD_}lT8(E#j6XE5tvTGzjAETPSA}AV!4lr*5!^#pf=?y!sQaA!YhC!86LR#DBRZ|p
zp5>2V@3%DPGRc+s;he%X%EbxvSXZLV=<e6)*GAywR*r*2b^8q&?p>b9I0BMw7?I{d
zo)TSFh78B=b7iXK8CfjBnukG0`fqnh-kW88b&k}JPf7W5CEjQ}kU%W=27w8XRdLMU
zBvo&{^hy`;c(PD%;ABmtb`edz+9aYcsG-~Gn_O^We7{Y{*8qBQ?L8v0mqlNRoyxT;
z$4|N|Bgs5+`xYACeaw3R$e^L44+-3h{G)n7c)p*|C4j!jsNeId;0@(pLdYbpwl&L(
zM~Ue9oDZY!@8Jl{Rr^P?MYc9$f2T~iK14j>2Y1EAy`aswyV$c5?XJxE#%-zN{-Au+
zHl%V|qcDJ}n(bJVCh#bI3jrevurE4{XrGM;KAEZ7OA);DjNk^-5tQg%PcPV*%~VP?
zPtTwuv8Ly)?<b_%#Im;CC>}R#a5dhC4j}x(TWZCpmyV*~2lc{VKMe%4lQ9W5hi|MK
z4B3tFLYO3FWfP!=JqmyURtO{TFarRC!S%DVY6M-xVv`yM=v%h3IB`%-f8X5Q-TfxV
zLlZ!QYk)o7=IKsLwJ{07D9?%iR(5u@;383NG9=A&?`!t)elvzn>T_C#*>tCJi^%39
zzu+)i<9a`%^up?qWi~du_Ql$!H|vw!!SMU9wT3<4OawPOSM@(?2<iJ$ah%5tutc*R
z1<vR=(^4(eS<!CD2`)J{=g5?5)+dy`<)RkQJh1ERq?PtG6KMj8t!20Fu7}movuoet
z>}xkUvcJPh5`CnG#iN2Az9PXup!RGkmlf_nu^O@1>o8BO7kul%I%0swqKu!u@JIs+
zB7uFc(&-DD(b6gndr;1(DX2ps*Q7@M9);|FRtt5UG_PrBg!vsZ`-x4{=z1t!Vip}I
zO6l8d)p(XFBL%Pg!vQ8WSO5}3wvJB3=DU>Q!M2@DmuO&GhR4|(u_PVOh=tS-W}`q_
zy`FEx42BoytMJ%;ndgr$x(=7@2afW-MGD@DisxrqOtb$)Jxx?sS2y8fU=WXqi3vBw
zM%_*L78=UsW>tgU;&yH#20U7BUC34UuE<ozT3QLVI2^6?i??cOsf?ceFqTU#_-?{e
zx>!C1gtg`r9vsdlna=0Ju>+TVze4zA(E@^89mVcA0$++Uijvg{-mJpQxXZRdt~6<p
z+$~CSjc;$=Qm#w-BIP95)^Wds%`dS8e`Fpl)M<VkvJcmh3trjD^w!Dn+BYY^s9i)k
ztg~9^g@8TvC~&9*#*kb|AlSR6^Y_0=ZF<94?`OJfg<ICu-v4J5VDUaoq97dlwy5Tx
z6qaCqj)sq%^EF7I5^^avCOY}b!-@@_6T!nLP2S{Qv2}qMZ2Ts*=Atb2F#4Pef*%>J
z3VF-4kYp4te`T8K#oK38s^0qB(JklT1rm6=Kc4YOh^_bOsJ_wU1oJGBSvSv$SIgv)
zV+jM0%ww1b$f6m~^t?WDIZLNKpV2i<wKj6STD9_@!Ck5(l8=o|HEfA|t)sTO^ik8&
z|HYZtwDsCK>j$~t5v2J}xy4E09De3ercUOa)oNO~)`CF<agLC{gP*A_ivaWS+``jW
zyrHfoGzbQ*&Nh@~m9ecg3yUN}>GJJu+E_~m)9lSI;4kC(a;f?|-jJdCuMPo1E#FH|
z@+i3P)M8(LH?Qb?kM%-$dZEsGjy{NTd7{guY{GCTQ&3mO`^X7wut@)}5`P5(DS9dM
z?~Pg%aXu3yE9X@$EfGwq65d`qUT`o~cS)H}PYoc1Dftp8aV%jr6?o1~sp`HdZ@UY{
zjoLNoF4zpUoGDYp&fFsJ5@2T^n^#UbsN_4NKA|!Kw`@?jed0IOthZJIZ=Ie^PRRAw
zueg27x|*G{FnrYY9^lsX&RObP7~)*2(D!4~*rm{JwLap#B(vdge{Z>YTvq2C<XSyU
zNzv=F>@^dv(^Gh?V6&At--=ZY@Y+?ZYfyKhO2AqAeIhNax2^@9cfS}Xsyl<1wac3B
zzVPf9<RIkaq;gtl<Y54!5&{AOQm5|k6}<xXWonqRyDU(^W~Ag2{@6_wcCDi<x`EL<
z)utngtk&7T<DH{JcG3(H-jpH#>sVrO!oj*xjbVoNb*=^Yvt4j=%2l;-A{onH0YM^z
zG2K!_my|{DN+u&IR@35S{EJM91%#Fxfe|L2o4q+(iMl4qm$5x*MoqPpZZ|6&O<k#+
zW~(^lOD&q>?<pBrTkpTWA>7TJDps*@u@$F%$s9c=)jT@J9CqaO0NI0yotsa;i+OW?
zckpBih#5XMvRT`<>?}~o`TW|{%%#+w!+Enq1UcIn6Qd)Jk6E*}%Ed1!JUF<<kO69y
zj50APX58%yVWD3cBJHp(g)QkZP9rf%-oMuoarEwFTb~bAKFnR3!HFJ_5<5(VyX)B!
z-u%9>+85a1E|l*lOm5agm#Ad`?b+{TzVOKV636;yV?mV3_lDw;bpzBC_`-JQ+e6L*
z9BXfel_Lv`sp&!E^LV#b!&>Am=c%}-!Ie<`NWYjSnsxIYWMuB*{MT#|P!L{Gb-?2X
zV3WNE>bPyuW!iXm7%lgTNE7!{NL&TUD#J&TAxTZn9FP6_E*#-WR_ynh17Ruqq+j3Y
zvde*<L?|wMxepb8_`SjAviouD5${P}&|~v?8DF^g(Rz#!p|U=k+ZncfGgh42lb?%n
z!+joYsJjGXI>TuzUdMG8eq>4#zhjO8oAkQ~b^iuoRqkzH{~NyB%~+#y*$zJ;o*r^R
z4dhfumB=+d6QGpR<vOR;{AAa=GWAvsByzXh<Y3R`7De_N$347s`}{=W5Df6<DFd0Q
ztnt3wvBDN^^co4}y!Pr?D!XUk-Zpr#u{wmZi;9+L9hqGX(ZTAMAOCKzFTFKhPO<)O
zQP2m+;oIO_`i+aJq*e%7cFtlVQ6*}0$nk;aUB68DD$9tir7KXg@TOIEWd!R@s1UoX
zh$X{zI+@d9<-U+M;{)WH8{nPB(H;K#w;#5FDEpbaFP0C9=c1W;PGxqmw{{6Fn0aIa
ziyTLk_Fv170RDu-^I>Ve`1H;gYx&V0V&$^iHG2HUi!J%uFjDXf;L~d*{6O4_{Qb{d
zyEM!r@+RloKamfqkgx+`36hF-79CjS*C25`^yBP}H-6XxmM(ibwjCeOYMco>;Sq5w
zWdiz_T$T*4Jnsrkm2=7I^LHm%gR3DM*Mfrx^KKg47=CJJQhCiClN>m1vLbEqSN)9T
zpJ<PY1e7BkmTz~G@7V9|paaX@yl4l}?!ObXpW8|#hD92443k~P>U8tCKV`7rPBz_*
z<Cz)Y1Gg|nkZ^MR!lcb#^M%}3kJK(ZAnJ&EP_3^<rwUj#6~cSx-Jj$nzeI5mGWaIp
zdPG&lY=>f_Wp6J<TSA4S9~|KE^q^S2%^ShcwfjXn-)}F%mJB1jqeh6$QJhZ%DJl^6
zAW7GLvsZz4mq9b{@gnw^uOovLPe%>oPDuOlaLHwbAUw~eSmzhqmY|5CC_7?wEwcXw
zU7}9O_nLfSvVbNwf*8*Dk#gQ_9wc#n7U>Fz5aI*Rj_msd2@$uhf^{vkf1-2S0$h|E
z?b(-9t|XZrXY9mT6GH&V;JFD)YZyxt&}*j5Djcq?u*^c*)KB&GdVJs(aTo2fmr^2o
zV&(px!!WjaE%qLpuA53SFyZl=A1@rw%e>#d^3EhJL3&}Ta(7`*A~V(l38jD*|6yJn
z!jM@}*RvLJEzPY}A%B$axR1kJi=c(llsXl}BU2THYEic?G2R1_!&gmh?01a-zl!$N
zU+9yXE$RU)FO(cNd!zH3=g!zPAR@cm)@f!f4Q&W-{NIX}#1rD;mM!lg(Z~HP@{{`4
z<R?)+s{=K%SekZ)8`pjx4AT2=lG4S>YTjza_z1$`q@R!(YETS>9hF;V?Gf&KhNwve
zD+epId|_u~RLVyM^}Y1-o$fpPFN$FeH}x_KK@v`xZnVjX6n`f;dLbdGyvXTx9@}QT
zgPo1YWMG<kyOgWej!d`5gyi2~Xb_4sU~d->IQ(M?e|$L&s@0+ZUUj->k^WC1X&<;V
zs<sBezf%^}>np&7tMj?Yc;Co{^_y4n8O(y^0lk57nPPVPQ;;(Q_E|kZE1U{MqqsK0
zB%R)Q;NY`TtE)76=)I%ziIZUwu@$yxeSQac=azrrk1P{Z*Ova#U<pr15Q@OR{>~rY
z6Bh5a)Xytm!jJ*lvp2z@#?b*`)e}&a{?_4x&`%A$hDB!b9N&qf!@(mZRn_83e)Hen
z{ByFJ3RF8#As^U$Z$7Rzer`XI`|deH;e#+6Fy#KM)e=-xP=E$@%|QR3A^wkWXcEit
z&#Q&S&GNxOAw-Y;7g&J8Ir6|WivQb^|N9pu7zWV@*r1m53=r{wi@APQBnk+GjvV~2
z?qAO<e-YJ!{JgnvG(cEl9F~{=I5_|5tSp~R{^#fy4h}3@ua9jd+w;ytd<Fi`!~aO-
z>w_W>MDh;{cs|Onsob!iV^IjAK5!gVT1?W<Aum|<uxsD~SLqMsflUnnT=8E?e47|>
zR8oTgM{(@-J*C_!B7+Zx8J-0-HIC{HW+C@?3tDqkPO0f$Y^4`G-xFKT*57T%1xD~H
zR8>`B<xOlf{`b{nzYxAC1Frxr%@NLePhMBND&NT6YP1sF8yB5t9ym;o!4z)D<6^P&
z5nHF?k95%B%KrSwr7xouB7Lr176rfeepco0h!wo|)gXu(R%yA~<}<05-1yC5bOJP=
z&GHo$6YJl2@{%8J-L+S*_wuX0fvwKS-I*x0Fr8TT_eanKQm`@n4E!%(6b1A_*cSz|
z=rl<`UeBje$W%AgQ_}>IbI#`bh+^n_c%<zeJ0D||>sIGU8jq(NryZR5AJ5k=<TL~5
z>BZ*jt!RmplLaD=7TX>2zs)12Gm~;#In$>)O&Y3Owt}XMMvQx~j->DQIW0W5HA9$F
zxbcI>j0aTJB&T$~s)v~j8Ex%z3N55BXL)&ca3b$$H@m1p()_Z&=7BOzj7=mpK%jK)
ze2c_kynTDr$ET?PPRm&!&96>l$hUMSy9SX*qTq5_%gJ7?mHYeqhhI4vUOV00)8}qO
z2X{{nP^^r~(X40qg?j6D=EE;PWIA7w5MVlrgf37Ja%Ms7y|1=6+LnF+XbF0A*0E47
z2^H0NyF~Yg`wYu?fr3b^*LuS{qkOM7i;hcEVwPO0zK8<@1F^=8D$r%GjoSO6^=EDb
z0Mu~5lMSI$3RtU2uHI}==#gl6Ea*@v(PDO4bZFPIT^1#FSU+7Kr&J~KT6{Xcnc#4m
z$Ec1F#0k7!@oc_0a`5l!=}va6fwgkK-`g3ya<^%Fn~rs0HhsDiq55PoP3du?@PNno
zfZKZU>wGhgok6n1YwQ;X2gg>9oFF4@kxk3-TVjEW*XGM5h1$npMD(o;WXj5ql*5=i
zHxJl?{SVj=J#p2KYDaD#yYCL@D0ERS8Cjdv5Y1bZrR%;d?sY~AP@g~EEyxxZ$H&I=
zbv@w`a5`*1uG!6QZf*zGn}NNZ5MPz4D=Om8WgFy`b!(coGVnU_N|P{fRe{+Tiw9Io
zVpet@_Uwjh8^`KhSW(f@i=AM39DDU1yccAJMMQ@7sM6qR?DuQ-V$#zM$BRJxMNPU^
z_NAYeZm@X4Y1OYdIhE->AC;5ef-VoKAMP$*c7?L)DDrfysDmrHN;UhYtrk4c8aR*(
zJN$Eyuwyn~4$+luHsj8CTxalec>ZRZYaSv0trYu|$vAN#OU{Qzk#d5gp$r@1dHT>~
zdHV@J2kg06$&gMJLCVk{l<8sOW%xUSU!7#nZ(;%L`5GeC<z64X@Je14VG*sU?Ax|e
z+TtQ07LT03H~|+I*90{(myQA*9sLI|vy7c+r{rBv7#)QI&X#-OjmP>}&>(hFd>~y$
zxSYV+2PhVTnbE~6_yCmUxfO*3k?-9^gLWUA5i<k_bUdz5c|bSv&}YbXS|;T9K3X^L
zfs_WnwAW%MxXr70q&W}Ina;1{?%~8F78Lk5R3C01lt)*O0G3`xsx;;VlD%Q&zm8Lu
zrja62FFC}}uJq?<0anCb+;?EE<C2y70`zXytL3I|QS7v0^WN_39WB&y4$R+82q6vy
z>x-i%IGNwTl7c4nB*)zm>)shBZf<X<xD#ZYjNJhp*ybv-MFyW30pUU=Hgi=|ix#dD
zL^*<W3CfqC&rX5|4IMT9+#i@Guiv>Rg@U7^a5Vjqm6}@@?APsjJ|zyPhr13A_bHq<
ziJ+mOg>zp(l{DqYwSZG)t92)m!xM9<*a#*?gDv^5UyIlx%STvKj*ABk32bqlb?s-%
z5QkI*EP6PI3~*ht+_2{=a4W`mV1O+k=&S~Hr~hX*E$8owV&=L87R_w-*hEw@F2TF5
zcZ#1s=W4&MJUfBEPAD|&{4JA*73YLC=_|fpRa}<n<tN_jt?M>)7{vOmtu>PEU`E@s
z@nUy+s>B<x=ipGHBrB--sMFA!D<t~8cypbxEIN#(c|Lb-gczSSs-rV9o-$vydZGd@
za-)`e$z<Q{u+TIj3&@M`_ORC%-sl%`e)8q5H*3wpeV?gr()%to9k0Fs6aFZ{9C321
z&`wfblY8~;o0%1lpj+RbL<$5GZ4!XPjeX!padA>?F>Q+Wx=2LW6*>Ot3abSdqVldp
zU2ls7?*v!(v7_A!q#5VbFU?-A*?R56$&9+5kXDcUjMMV=bW4Pf!XEct`1rM+%Ryfr
zN;PZaUee8wwF-dSo}wF<Gd)jhbMt;A2hCC}Ev=+G4ZY^%99s0g!TJI9A|?f3S0Xz(
zJ+xd?SCf6S-LH~xJ3qg_<UUoDfM_>crPZ08D$-(=)-1PTaTo6q6WdQ%xy-{WQ*n&R
zxUIS2%cy>PM}f-+INObNUR)n2Z?pC%8DAMYMv}s4yF7;2A9uZr$gec+ON(d)HAP<c
zw6t&bnd<yx`R(q~$?VeaqU&J*2;Q}?Y8sO9wSR26IV<M4cDd&H4nd<(3I8O1&0k`Z
zsbkV;3f5^nt!uWFTf>(VWDRmU)N3hOYIb5bhP%ZlJU9liGBI)JXdR+cd+x>05aTMv
zvM0owt2R4ZNmt6Ga!U<t8sV2!sPn6A5jX8NnSX!>B%at?F4bv2-kh@@p-I1MPG|Q@
zLpuXZq$Ah`BBM!T8V|L*`Rfd@%ujJ^cM?~yQeZSW?!Cg{-nAE2Jt)!jeg{dM`PRR=
zwk#%X^9^J?>UnTDp3<(D{feQUZD*{~)BV=rapkuNnjE=-z(SpQ&UfBV0#9e8eS`gR
z)Z$niPpa~i6hOA#!}^sa?Z?$Isn+CTm8TphE^Zo3?afp!8+PLoYs2CpKcoxpYYnJI
zA5N*m*&be!a%s#d>j<;WOvqys2}?4G+`tak+ZlX!QzLd7L}{Oa$0pzhIlh~LpRvBq
zXx*leQ5Y$0e@Nl9`qGjy%~|`6Z|!2@b60Nv<{Kp$MJpYPgQVKVlHKKN0j@{Z)#Zgo
zhs3~XM>ZWBEp*48GOgPAX4m*S&3%51&Zo-u?dHzFiijZldqLj4o3ZgGWyV*x?>)e^
z77M>Uf_}Y=L}u0!KX^g|i6dPc(PHAZ<u0weUw8p$ksrao`UiUa=0ZUCP;_{1X+%QA
z4CoN?^esG`ZRtQyVU7*fLH-XAdm@=7i(nKEN?rCkGS0;OxoZhlYY7M=bdNh)yk)Cy
z6*lZGF}E*)n=l!C4~Iul+j$w(%i%buL4#`!^(`u^q?vMCvl(|mBHVRb<kc;a50J~~
zolMZ6`s8t_^KSvri<3%raQQ7oq4!{_4T6!hbd4m~BMEZP#_=!~bbS3fj0KcL_miK4
zaTZ40m6h7E?deMlFli&mvtLed2BekdGJ$g#nRO>kE`K&~xKh*X<<Thkes%>k3$!F}
zT3MqD+~HO5)}k-$ffwY(`FeaXJ?rXB9d**_&-T@9341`A97Z|o8oq3f%G1_YUI<{3
zhBf+iR5USd>*&(jg=zsux}x@AdZE&L_<=$0R+4QL4ZdE_&aM(9*qvg5Zr5U?TNHB8
z9Z7YJ7%Y6x*4c?wjx`@askF$Ag8V_4vINH+$ydExCmc5<SQ4_I3O?-oN_>Urav15$
z;_3srsAerDCq;W~U~#n-nE@O-+^=@NWMX;{JOqP)5?RfZJ3c|31--8)E+a={T?B7t
z!A>>9f^YlD?+maCyxCT<c2LkSG;+kVBY%hAaiIL@7ht-ZZ+~kZ-+0}6(ESu}$9q#|
zt{9`AnDc~fD~Cls-fKD2B?5m;Ijcz7Di&P&D9nF6eO=%J!Ql=m0}Ho`ov5t01xg4A
zJw2^ubi16O=7=Y==%eT^HV1QyK0+uxY1Z`Dwzg?spgpypc*6!FbKL6+YqUK+^$!no
zJ(ZsT1DZ~>C7?lH0k1DFZj@QZrGJRiy&98xlNNIBAlDM5ghPspC3PDV3}86t%4d_d
zUe>C*kb(<jed8TSY2iIxA><j!go33zU6AeW6Il)b*Jw9iyT0m>TCXvo^D~Ls2D{$a
zV@_tcJ<@HY3#;<9g;RexX}tOB5J9-Vy#TIkP4}H9H*=G+EuZ;7hhh7xRy2(YN#+*a
zHK-nL-Oe`<>;5!f)1Nk&TxX}V+2#C3A+vnR+?y9b(|SpSBKZ?Led@<lb&$J`A`0BW
z8k`ObqsjYGhclMUq}kqAJmuUij!@#x^~J}Qxbr9YmI|U5h$3!_Pbc)U>0F(0@U&eH
zb!OS@O<1P<6fteLkI1xvcHZHn?lJmk`bfAIbKmKtB9O_PXdml+mp5=;<K$0q-lJes
zyqBj$(n!Jfe=AHseP2C&W&g<G{_UoTLUM_e6#GQbVrK3u!Wy;fC=gK9{=n;WD6e15
zjO}P#UQ375`q4-xOgvc2^;7E*D5+)~zVW)$vxLt7JAv3c*HM^_jv&G^dW2VHm`oo{
zYfp?%$RO_$A9VwJDB%N6V1k0Os)s+wq!dVWwT4(AiTj*Cb^3UD4n4U5%=G(f&dypR
z7n)V&Xerp?dv<g^4XfBs%yy$_5oJ-)By6DYw(n0A{~vkBjMd0ZO~MySN`dC0X_a4n
zr^6UDyEN$N8j<NgT=(FY7?W~YPclqb8JFDmGp((4Me?<cjxIq?^N&A>TCAL$uwB}}
zI7rkg6rboX-nU=4I@-Qpm284M1_6pX{5SRI6Fy(c@(huT9YyEq_AUqBQH6?QkiKn=
z+%<0ltTp;JG+h-9Y*sR4UM~MosavSEvf9_K{mtL{d*10Fd=?rnl<LBoqjK2p6=k5S
z<$+rCR4ArTfvYbfCC-hLLQ$thx*3|Pxeh!pCq^bb2}%`7j){qyaG4K^mbPwi9Z8yU
z(tDg9qt=!o+s%F3Jp@Yu3iAP0Zu6^^cJm|zIycmTLKrjxL^BO`2DI3)sJI9sOS>#V
zKH<t>QyHQr@oV!Bu)h#+5@5jC2uuP*@_tDY-htMl9;?Q}1xQH29brh-!*eTb1V2=_
zG~B~_Q=qP6DlN_8bx3UloqzO138eYE`$}VEt-!$y&vcRV)}wVxB`1MP7_tIU%ZBg#
zpsq<OSlQo-%8^?530q?)LdbXe$qKNjXFE;bs(R|(37W0SlRQtf!5pog575C*I%hUx
zR4L=g={`OA_{U5se0k4-D*4HbDy1(S8AL?&Ue#RYgz&Bjea${V(_Y&>E+{M2suja=
zAR@*!7tO71TiZwdGG5>-2a5_8R<`^h%Zh+41m*ph)M{os8H0}<?;A`KgDJy7{_0DI
z)2FMIm0pe|HPPbO+=5+6Xeg)OZ?c+CC$N{f<Q}wn8$Tv1x78(_FzJnASk|=pq6E$g
z5Q!rDCtlL(<6TCcBijT!d%C5@*4FpTH<#4%dw0N1JXise_9FmVg1b81k)LI{M1{K6
zdT_NT5~zO<ki42!^B%RewCMyy%XT{X!JKo2CC6uEZ0`w))>ARHiTdl4ug~{Q?+b|Q
z$PiPUocOLiG32cZL)d5Gu8)hRETl88GmQv(#Si>2Dby_Hi$JB!xFJ^`W-N+4T_YIt
zPR_Wb8z(iJ$Mk&{A<LHy&0nM_^`fx#k@UZTN@w-K4{w`WSvi&SOU=zF6iXVq`j5jJ
z>;MfK-^bhq0cz9&xD+m~$)~=fe%z!J`O0x%?aWJZeHliht;8L=+Ws4hoOVYGK^DnX
zc^X?Fii9iNaO#JS;7rrZn@GJ^?=oZ~Df#=m#@D{y9w3$WcWc!cg+S?{;U@6$!d9uv
z@{Akmb#E7H{=g5ybQ=SY<;j}F$Lo~M%>*y?9Cw0Pf6a-l&sVeOgiLtSmwq>N(sSpN
z)vQTGA5lX1Y?}MJkc8A|9x*RBIHPtSJ0=CeUN@D*y(g=!E(x~=ZQ!y688VzUSDThg
zS^OKU$kHuX-<@g}44Pk6X=z&3p+5-Z5WxgZ>gn6}*^s*haJu?7fY~NMTnv$vNb76#
zuN&%s0;`$2($lXr^k}}<Q%B?7WZrCp;-;vIfI~HGKrpPIk2E7Ls4d094NPUZrm$GH
z)IlWegG}p)&BvVgYI@*PHQ+r8ZUMSTII%E3j!P&pw%&&s^Scfa*rwW3`3*TB*5S%b
zu(;z)4k_t9ZrE;`Y;nuEE$GeZQ-}Ff<8&=GS-MrRSu5|gm#dmuGBQV37VYq)y3I$c
zlf-uSYaLoD_T2$Z;Cf1qI}!Fd5z)r`%{6M`(`cfWAnPywq|}c@ZV5uK4Wh^>m`W>9
z77cefdc3x_z+-N&(-X@030-XiT(2n9wwZRc#M534ricwE2RV6&`~A420;i8y;eCih
zalJ}K*h|h~ylur6WH0TU*t1}5r&4Nr5Vmf(dP_@x((O9q`BYRnP3t@gaz}={6NKz)
zC*MxE*w1wnCb0rNl07f_UO50zc#8+{VvTah{B@}USr{yEkda#TgwNdCWx4Uc)7D|?
z<jyR+_IwU$P&jZ+x<k(SCFu6VjGuPwIrv7&n@f_&_3JIG=>uR6!{k>YRoiBJDxljv
zQDd%deT<E6JeRetN-)^YuXe`TQa4bDjtxboOLh%@%;%;@<qlq{jG)<}G~`?5RJn}}
zzSJ(-SbeqG%p16C=CR$2yEsi7p5&8^p9?`(SR|t(Ij_om>2mET9tT4^mXc!()<1I>
zH+)saR?#{no>^$KB0abD1>B>!ydk#S4(|}vu_E?Lf?OZv#I9ghF8CT|Gf(dxdcI|e
zxNV?Nap5$1?bGWI!|FipacKJB$`_F5qGe>IYjG_(wY;*w2!X%5tRxL=6u09qfh-Oe
ztoJ9BY7S+f4E^l<HgV$PPt2W0VarJQ6=NM2TdaC#kn=Q&WvQ;IO95-;=;m1Z%Xrr!
zHp=-=KSU;-);of&)UV$Jrw33@<PC_0vsV#-C8ex>6#+B&l^ID#Kh2ZaC@CZc6V@*F
z`37v$5wPgsYWIC>GVbgr&y|R){i82m>@My!66$i<ao<$_imY@)o6P@+(yFTKK9Et?
zLn3N8wN(NyjG?PGjU5#qG#1LXBQUdQTfFEA8RFf|&ELBc75El%dz=9}{unv7`s8(Q
z-tqGVfZcGC)r+V!-@#+d)%{iJ4bwqG0jbiJ4`IgY8eLcAi7}$W*)OT`c^fug?$Zop
ziiFfjNU$0eijW8UMhGQjO=@ZVn|b(&h~xenhEz(|F5+y!`l>C~^rY|yFDqh$^q*ul
zg(p`&t39wnk3?@Y#6Fn$y=2y*Ns=J<d(Q@XC&;?udScr~>hw123?r7blef;sRLosC
zSLDOSvZVExaQO%qtv%J~*by?TniJ+CyPl~JXd1_K?h_c<bqA+B)LL-D+StbJz=PbT
z83fj2b_5bp=m=j>oP0Z~x)Mp`Dr0W?i0h7GgWgnW7daUqgkm_!iSTauEn=jzkWe;m
z3r<wSHGAW`!I?{+(QaT7{x?$NJaC66OnKgf$5D_vzFtFuX&TpXc$pKHsE7_!Gstqd
zN_npZOe}wX7H6}7nNcLKQNs_+pjeE&c|xfS0uwq~7@8npICfm43!Ai9H3!-Qlh!iG
z1+7a?1-?_<XI5a?_1!%Fx_<3Xw*QOQGUxHBt5ezSHZN;q#NcS^r^rj;H^YF3&kq#C
zT-x9d^y>}}#Otr9DcGmTbOfR^GW6F2Pg}o%jWJ;U1oOM1ceSW%f^q=no6pn3jVD$1
zVFoPX9ymROKXkd4mG1O*h~MV22{qIUbzzcl_4CbHLP%Eq&Zd1{df4exg-sFcX`|+u
zcJ!nKjpK#4&HH-h%cklJEMMxiNq8`^e*X6DckRA?!bff_0TmuyvXZkW&#foNs*9)M
z&*~PLDOwtWhZZwstV+xXNM5f`Xkish5$iOiy4r*<44`qcg&(VzE8EMWimp{mqJE97
zbYvf&Ao)(<i{KY14Ra1&?{b>f0)ArSVw@^en~bm@aGoMtbuz&d$wX3;4GaWwtz#0)
zj_DK_pbJV26T`3CX*Hlsu<k7;%EU^?Qq_#<NPpa{i2!*K`M`m(_B;4|Oz#zW^C`BU
zFi=ky^X0oaN+iy|{KCPr4gYo~r!u_j?4QkyGc0)ULUXz^y!_xaY`K#*lGwV1|EAq9
zNHDI`FWO1Q^C$>+TW?aCc&!7T2Gt=f#l4`{v(3q_6n+a?=(F0m0NAtC!Xn+p80<L-
zKW0rVEJD@9ycQ5-4Di>mYfx$2XJTKWMZ#Mr(z6Nq3}{((M>W7TNe`>-5@Ffq?xtb^
zIO;h%CSiT*dWxpmf`fYQXm+7G==a`1?_jB=Rnn~7Zl|+|4_saK(m9+`k~uKpX7-2F
z+YEmEu6tS|ghis*+UtBP_GQBzo{|XZy?)VK(}ow{0w7CnnD;7!7<eCgQT$)ko2iaV
zeg>IH@><EteEY>xnr!h(o)d02u=9dDfvQl0`G<SQgtC%T{Pccfpy4WVIaT{lFTo1a
zkhA&<L9ZmLn)JY9b?GRqXas6ZE;g|Ju;;!3xj~&;0HVJrl~tiE<bmBj!$w=nV(0V=
zsI}@^pvh#-_?-j&^cX)ZY$Oi>eB*XJPiE+GNa$H>xlq<t=>s({ty7e0pumgitLp$K
zX{Z+hq?RwH=!HjwTOhtippt;Yr6WjJ(7q>HC7R-qHNGyDWFfF)WEG?{R&|^6Ixm`d
z>}M;ICT@>F{~BJj2$|9+>3!oK^y9P1N`IQ%$D{JsE6wD-3H4Xpl{tGE)#Pe!S}{Mf
zWuf$+d^^1BBQhDRtH|ibL;klAA3j{J1~F8<(cpLAn#CARjsL@%ee}_u)d4n0K4XF8
z1z=Tg=LYGXQ%bOMP_iro(C}|g>7TOluuv)r4Te4S8SnKo76vhw0o(dHWA_>816KtH
z9Q;crLBWq#K-j%LKh5WK7y(X}PYDc8^>fw=0A<@iXR9xtv0XsKKgrfGU6y}YAgcc-
z#q(wJzSZP{dP?1n&zj;Zk_5va6?D?QQ}~y31S&%rJ(U2G>wgmXphNTLImAtBk5jk(
zznv&g039af?BAY$X~k6>dLXPDimpcn@83@R8~~*(l?&`B|GxNxKeVeUei3Ho%l_2`
zW$IPM;(o8ipl3t8ibJ;=3QY&??Ue`#4doTZJ*jy<VsO+r2?;6m+1c5?hn-b_MFYYG
zvH4bf|4!2p^uJm5@zkrK5fSkxC$=HM!3EN834hxN&5-Lt_21gwMnf8hW_y#ZzjnQQ
zUL&+<|Hw$WG|&H(p@J3hakx1V`~Qif#R(iw>i_?=K@Y*m7!65-UO<3lRJ%V;PD+Y3
z_BX=c?xpg5kjhd)*qk#>e?yqYS2=I$yu*JzpnLvQ=FDI6oR`kpMwtxt!I<J+nDk%6
z<O%xzhw6*btf`Rm+^gDBR8upvaR~T39#;&$8n{uAbAPNrLtVGq9~_4T)K`V0_!c><
z|0URgI5-6ausmBmg)vnYi6axF+|J=ORul8X5X0q64)<Z3t2zhczVRQ!GG%{t4h9tg
z_D|J(N{X97Zv<}vtx!%0gwm_tK8%YZ`)^9ZA71yTuMo6pMpo&dfrP&CTsy<L8uMyk
zu1fd*j9k=osRrsgBd%srVxnpuNf#BD#r$U|8D{(th^d%9w)#P5BKK8DNQg@Lq4iv)
zVg86AFX<W@s-5*GHMN4Cx^~Q(dhLa}ZMB2x@^Y2t2Xeo?zY2hJ0e9BoFr1Jrj+v0q
z*N3-`qjGzDTjhMjd%Ic9YBYVQJD}Ca$kHq-%WoW>?zI$A-&?rxyZ<Cxe9qiu3F32q
zJLBOF*^HHqsvZVt<B@V!O;l8wj!?Mm&k-6eXL|Q>>w3J6j*h1H?io(EKSoS+jq678
zU%XM08{3GCN5b4s?Ca@0<6Z`-s+6m5L|-qdW=gucHi(mOQGiwj_>MY)o@m=aPPfou
zq2sve6%x~0Ky;#`eW#>Sre!?eHXtYATMd}`Ydp|xBwtm4V&dX`v`-*llgq*WIe@C>
z565`idf<G!8!P#?clq=+A;H#5H<fk7opf3#T4QXLpuX&Koem|wvpDu7%w{XH>$bdZ
zPc{@!gD(p3s6(6v_NT(4^C`SP^ZQzr<Z=uMK$#%uVmmdn31u)U&pkuL`KpcR=y~U5
zzq*`{iBp`pm&}4L5qdxm-mHD_*!(o!tZHW90fN8ET=3R6E1hBI)LZaS6#&XS^ndqT
z^#j<*4NC8#k6bfSr1yMvsiJYeDrC4v<K1aH$<z6fQ;K{6-jOb|ZEa|nWpMy&yTtLl
zJWDs0Co;GngYx`1Y0r{G3RrxzE`ap(^d#W#=bQ9$w+hhIRVioi93#B4Be^#;Gwct?
zYn0|p*bb##uIkDOTB=TW_TCwdt<&M{qj5@+9b8QOc6-74`Ze2@S1KgPKPaG2K?Et)
z+A&gCfNMCzHt@G<-9_*1Bb4xl=1~u@M0g)Aw-%?l42woOuh>sqa_Fz$nq>5xvouXQ
z>aRFYU{dTn4ZBnJ4ysqnv_i8&-wgx@qhR|+a0y<oOPK)innv9zpvjw!XK0eL&La${
z9lU3|xEy=uto-vmn14GCB@QT$);pH-?eqh7aK34V`<U!Pg?^3)<iY56x3&JrRn&Ek
z?Z!9~O<FfFq`{{BKu5jKBS8ELwTIjSY4QU;rTe<MW(75QkD$wjI+SjzPV4S3i6nKe
z5}${XXN;_^XGQ5;R(I0LPuFm68&ipNTwK$+3|&0~KVctav^K7e_@w8ZBT7ZDTcEiI
zCGX*bO01Y7cc&(3=`X+mVTWUfA7-G0-sEi0&Q>x5Wwi^bfaPn%Tp2&c{~Db#9ZnqF
zS$^S!(aiDE6^~5jX;`ausga4v9#xz-pvBhC&dv+*Raa`gtEjd(roed7I8%Ejpj!l>
zkqqVMvM+X*Wk8pJ#ZPBy&b%c#uU^GD<Jv6MEkW-GTpvlr6Y4%@F4`Rosl<@+dzdBr
zvODKx5`eiUYQ}}cPCoI9#~a4oibMjwgdIY6v)mL$^!-<`SMqLfLT{+pKSo|JMxC%t
z7ZVm|5)~5S(?U4~iuKCxN;*v*jUzP78t<<qp4P-y&Q-tT_?HU8&SiVLM}kt`%f5$K
z1K>$<rEptpM=$<5ofnP_x91wg1lQ!|(w}wk+4N6l=A&*;Yh~w@Q*%_xKFh#Lc?Ip0
zao&zLPtZWGp_l|%r?rS5#^`*zYMHwWEzmqXXJWcc6TEn#rd#<XzNgM1$L{;iq+r3d
zAhzHx)4EHmLQbI9`MvSa36zmTluI3rmz0#Id2fF?ek78p)@i=O<qkc5+#fVHpBj0V
z<>lj(4??4%=hpTvCF2HtF0F$m<S*uU1+$nER*2_W>j^*+(c|-?l=3~Fw@NeK6yAz#
zt|pVcIRh_xvWQza@G{Rw(qFI0JPKuapKft%B|XbB^2I~>1nbu6qzZWv8BDoY<5rz(
zY9wJImM6FN0>$U>kSuZ?NBd;`_I#StW_xbwXpuP9*?l1{^S=E%E^Xga(skks0zyd;
zDDb*0e%Wh%&vff)*;Pqa;1q#JOkAB$JWn%zwMCY9&9zz**IZ#O=HJyUs|ew%A`pw>
z{pf}VRhK~Wg<EoT?@%gtthIKtYaFH{JPqDyd_t}H(!4a-(26gS==H`(nxB{aHnL~?
z^#m_k6AQ*K5<icVjz-6WdF8;}RC6&5%56LA9Px-;!YURPlt`g}d>dpQ-z@wnoPgz=
z<V;Xr3699U0hGQk@^m}l?dWuOtUusUVxYUG$oeWxW^<SnduYGR2o3hmCG4m7q7|xq
zd5D=Irbilo5{qip3yn?FxAUD2RGjAu1?9N?OsIlSL1G@ukP}0<r=yvpJ+G5I(v#Zl
zm>QSu|1QbU)fGs!i}1=nWkOiQvz=*YpOKaEop+8ydw<zT63>7L@M^-B4}XMLX<7Aj
zt47nNEqn0Q+OUUovY)kOivUhwnNgRWz{4W?uz?9Vd&q}C;|WLmb8)9*$$`+Y&=Te9
zuCypu@4AWMDHs2o(uCSCbBd4POYTyc>MlsRgS|a}OH>)o3V`2v6X~y87$-u-B$nS5
z5*{Aa>V6%sRB~L!Wi`(<Y`v9BFSDt8y+W(&d7eHDX%HLj20TtG4Q?)QjulbnKQa+!
zcz=^c|ICYm1P7Kl64PxlDg=Q=12iZh5iDEe=L=wZbe&=|VkFqL^hLo!7aS`a=x%_Y
zoo+SG%zT*m-}tPc*-1NjWbT7w9ERJh6d9e+$)ZC9_!Sip*8X^vnk7Z*AgtpyM+dcJ
ziGaPjqXqu`?Pr1`e4;989QI3!&aiIcX<f-CGc)E?egp@gZ$T3k4);&;UV41#WZNf!
zmpX1c=Zf6tb2ekW`GD!cM%A6!dOFQ_*WXD^0k3{?Md)!qm)6*x%0rrdOUi9+Z=GVj
zQ?CQbB)0Pe!($WMY^JSjgIob)We4T0{T^&jIrR*L1hS87;uAwh3Ow9@-EJx%T-im<
z1&mAK!@3;cGTib6PhnZSJ5^_ux&*be80~bv{S3j;%d1UqJ}vaHiPYw0%a=-yI@>V=
zw^iN9xHr63zok80uF5#}k~FLI{g9mRlxLQyR#&asx@cR{TvfULP49=kvPkM@{GQ=m
z^1h13@}v6P9K{@uj?x|#e)*f0_5B0sdaExQDdKK}?$GUty1m_r+Ha<tb4uan)PFd+
z&!oo38xx#2cBR_TXLwhxLX8GZj2qMhGMTZN)f*rF0MR<9u-F+6(5VdV?R)`L)pBT+
zEj>?=!wu$uve0<0cs8vY)|LtEt~fSLN3!aLHnDF;Y#&#BxD1yxVRoRYH8b4Ho-2L=
zy2WZbOM`zWO;~RPVP5B5owO(%2Ix+(8bk?2#TZMOHwSZPs*+auhSp+TUtYd=aYtaR
zY$ft=hdK@k*10;CN?^io`81Z8?s{*R7dG4P_p|xxw`Pe<rc@0-bg$uRhd&#FDHEeb
zQbN8{u}VyO&IIPikEqLW8#YxAt`xDcniARe{k?;1l~M8hSOb59RG=}czkZZ>1!)WD
zk^Z{OdI8r0I{nSePW?Q09XN7H7Gib&Ugmf-uFleaL1P-jq}}$*aA8KwY2n+|YU^}7
zJIX}AbEayZ!1Fjn7eQDIL$HoWySC%d_hRZKMH+IlRNr+g@Wl}knp>p2W1>}V6Z$5h
zODv*aS`DkxdAgBsbU-zh@T=2*1%vK>6yDe%0r-@SV0iLp8CO<T#$+frS^c0a8GtT;
zy`$8AM{aaW<?q9}wR@}_tB&a-NZr$T)s{RKv?(U`U0<v|GZL~c1g+qFMieS~u%6K=
zgz|i|C5#1M8c8Qw$WkX4UX`t!_L)*)eT1X-L&9Q|oroSTEG)dbMP8sHY1VhD7%$V-
zG%wF|wpx&|4>RhJ*pAbFQ)STo_77CE0?Xwz`kvzJzZ1F-!q>0Bqyd7Wi78jvc>EX4
z3vv-^&CcnoBF{7d??i^mvNQ0q%^~U2-_R4funV9xc;vE&{H+YC>-TtBJ{Mtu#DCX)
zAY2<XIKKP->zM;d1=|h<2_C-dKWl!J4=Xe{ZYyAW)<}t;tgvVj?Pf{;t_y#vT@8a`
z7_4ul|3^eAAGmQ=5|jU?u|iL7py|4MVQ3S7jsE`u@oeenIHPxWiJ;ku=bFL)(~Yn6
zaBV+|ihZ)Q4EGNV)G*ijn;Z)b@_cmR^3eHSb*0N9_x$@?0CbIwjb7;N&v(-MATYs+
z0k^le)fWD@Jg^ZV+=q#Ug{2<n-QSQ08u<RC`Kd7b5|!oo#kU``rUP|Mxk=xeTlGjO
zxLW=osnSKSC27;e9`TC>R^Zxh9mm|XQ^f9i3!vBKRr3E|br1qV<Iq=K8*QB|Q8=o(
z5^AD2X(l`}y;7_UvFfjE&G24_O2>JM3+T&c(4397AiGZgDJM?>JChfY`ii;K<l_rK
zBu->^2MfgjZ6^Tgw@V&4@V)tG(1FBowd=m`m!@At8tXxm%dy_WorsSAGx|SMVUWjM
z@z<XJ+yJ!6uc-#QJEi{y093FxP$gUzZIF4U>GCX4AkF@iE%uqFL+eA#<;Jys9*@UC
zm9R<+F!<^jGIs(+clKob7oOY07Su+V2(kaCn_E!HqTs3&q=Ul+0m3l`OGDt87hmc`
zuzRcRbYlX?0yx?Xi(XAJp0tT^w((af2a>Ji-PdC~na5eoZ`c#e+?=ZGtHYrx93QOI
zAeFUW*A@?6vMkW#{nIr*-f%*UjXFexwC6UViBib>keb#K?*q0*3!^v;3$R!8aMv=f
zNwb^BQu^>h4p-meyP05CUney`tz?&JlEy;0P}PA48!WRFI+x3ZH=P<rcdVa9c<QfZ
zqMIS$8Vd^rR$Zj`=YZobS$7$CjjrjotXfjVfcWDOo<L4l$Q>|=9A&y*vThA3`R%V|
z-ozD#lIUC0@|VFMZO+@AmuD850rmgr7nMAmQ+@-SnYy%VFvb`BFIOLqPEKI1N}9iq
z>3_t-)nL*WK%wD(pQ~o@3kw6hH00^rKR{deY2fC*30_S^Jaqg3X8L0&$WWu9$5iA?
z!zN+i<Y@HQ{1n<$(@(A;rZ+WMg&h-Yb^iYu%hf1qc}DQBGM3iZrob@9u7}PQ(dI(F
z_x61$OCP676Cjjb2=t|rQ4Eik9ypo$dxa6;ijifaQi_2fZySTZIM4pqKXIcS$qEX@
zT)8crmq|-@>Zm7wXA&_|gXed_^q#$T`O?{?;3<b%b7(VziIlTYf%GyC!_#Buc~858
zADNq#QPYKG8ttANOLEhjI_YE!&~c0cNly}4BCC|*_s#QK)U)_$t2u>vOfTcerSVFk
zjLkx1>%QaHjo#KVmLp8=je>l3el;?^@0!~j4(aDo$=~LC&CC~l`duR#uiuwEp6!)k
zIgFBctumP?r!qBj=hBCI#IYGINHVZ!b$NKUTSu9_Ws|xjod9Mb_0l6O>5R`0vQ~I`
zdv^a->@1ceC_V2qkI-?6aUu?k%y=;HL|(0KVp+(5NsBH6(cYiBce3Djv)2D^sW_5n
zOz5&gYq;=3(%!P|un#r9alvp?z*zJ13xjo4g%PHua&_qp49gVS?EN=s?e8>>lO{eZ
z)&iJ>`6ucxWTOo=Oe8!+qnYLj=)x{Zlz&%%6_~5&-mTDuIc5rx-1!{vOD+5x-T5}r
ztmeSim0=x0J`fR26jn;r<q`DxDcR>XG^ok$D&D~#yO*!Z%7nhb=_1x~yRkMe7iOa4
z)7lRp>~lTxBFm=vWu9Ln7t4a_U~H;VFsaJ!$HC2K@P?AKN`_^>PBq0Wophq}M{4L8
z1o<$kvWc=pPO%QaZCUI%&P(NSraXHg)gL4I_JwD+h4lzlY#Q9PRfT3`qey+av)y&;
zxcmmn^;RIsm}Agyx$o#so?^K?`KRQIJ+)Un$_uckH67GVB`puNX*GFm<_G*Fh9o(Q
zxP)%!xXrnR9QOt?EnQzo5Y~9ouli7V8(wqH&>{98nYD7+gfALh2`!W##nY%Ba9ZMN
zQ(0Vnlt>E|jPrKudg<^*h2NCCPA>5MNP_lTqR!7inzl=grI9MaARG1>PT9z29$IM-
zy-A;2`nAT~7E9zz5U%6gQw_U{fZ`fD-_Tk#lZ)xUKhy!l#69_p&iUEgsfedGUz5qJ
zo=LarENp9JC}6zYI0?gyfWF-Z;~18lApIJNz{6D5n%NDJ+P(-48lzDS^jRqxH-S2s
zq!eIXQa~{8pxi7h=STq&+4rwUh3zE8I~+Z(6l;=XPo5TA8!??zO1F2tL-xg?(yr9h
zOx{Z6vx!aCZVLh*taBVygyyu7wU`tme@v8RObf4OlV+sRaSvM`uUU!kOa^dNXetAQ
z$uO;==^~%vUteEhvoEuvD7miQaSu&4jL>ZOiY)Ap%UWf=eMmKOBeM^)Z_+nGPtKv}
zD4*#bNUAdzv+OB45josE-`Cd4e5o(mT1(p!vQp;c?(ihncs16+Oz5(}%*td|!d`Ao
z@ifh{!JND%rZ)V+s`SD-W`lazVd}trdQ&COI=tx7>yVd6jQ=-waXm2{CA`U15fvpw
zhSVYb)b?~Qgj6QA#Q8=uBX0*4qS!jzkTCc55xH0`z!dMA;9tiFI-4v#_N%Uk|8{mj
z?`3`2jO^&q*wqT)lt7;NydHN*qx%@E_tfj%ETHp$xclb!I-4%sMorSDVS~oD+1O5+
z#!edBwr$(CZQIzfZ5wCz#rO3)f5ExVZ~J<ld1ltEwPyC*Yt7t4+ncXS;Ba3he*k%^
z?dRw_Hft^#7==P4+j3)^YBnt^@7h@cajutB=p7BhE*M?7Wp&m3o!|lGJUE_rtY*}f
z^T6GoDG<t4;EH`@RfGEET{5WB7$L;~e0zf2l`gRdoz-1iwSmQM`e@p%Qd3>2u|#Bx
zfRp>STO5+^Ra_9qm!<h_>a<0mC2U<~sWZpuy-;xqF=FuHp2NYB_dePL9Kqu>bPo|n
zUe}j_Bld!}n*c2jtbkIr@B~jn>pO949P}`@ER&tZ4s4&JnJE7=8-M5zYhPTYTSuC)
zw<mazOCwGw++L7@0Fu~$vl4cKosPH!`1rFvThXbhuNVe_kC=3ZAMf^j(P~O@PS=De
zcht*G$zZCh7`2|Z(@4_OGeiOsX-TB7AnAPLyHsOUr|nGhw3_;)KQ6n}VK7SjL5?DN
z9{?Ew3eAYe9wApN12>;5?2DL-vkpz_^_%_R!)vHUX0%>|J_$mhj)Vj!a`o<=MmV-c
zD6)_`z<=S$t)Mg_gfn#DJ~@O4(m#Bu!E3uwi-OgHG{HJY*(fk{cvW|EK%X+Ce|fRe
zF!;Jyj6dCMuh4qPRzdytg~)qGDvsDmE$F_=OJjSepp?M~D#A0%<W>AMyx<?4!J`g;
zAqQ?})oUG2x3;M#F=XpvD?>kLGBeBhu+cca>0N&Mt1?y%8G;-Oq2d7$ZWuv)`;!L2
zR8e7!&9T7{_4|npmetE$u*~^40aIS9z(aR;iyI*V?9C)TmOBOHT!7IDc5|W0(gp;7
z0(<jMx}Q+1fQ-@~g@-+}N^VGO@!=ZnLJ$BV*%;0vbM$Q|3*OM4`uu<->Z2AWf5f$R
zKmuc=^0GDrT@FrK<y3Etvz**`|9rH`!itIen7+oqojk;r7L_;|!u5ra&YHAi_NLd`
zF40xl)xQf+9!bPPWk1=m_%H=8D2z*)=G1%M{MV*SihDvp!QI6Ty!^H0+>+ZFb3?$5
z5VFB|7uf^CfWUYq>$12GMu}ZzbQ<cJb%gQRJgqQioR$!+cIN1JWE91NLX%oBAKPCM
zZ;QRXZ)Rhk6web1XvvGlHNJ*CGaDAE&v-2*m~2U~-0Ao<q^Q%S{h(diWi!UK%B*SV
zA3SP{LT^Z<GC0coR-h$wM!>jQee8TnUm|`dBua66#>b&eJLQ2&luWIgzy%NpfIva1
zbc|sCc<YMAsI$rvIK(k$LK{8z(PWWV5Wh9-0P*~lSD5vDAbyX5SBHvf$~`z7_7D3)
zp~LM+pLW~+<O`%+Qz@KDi|vmA={~XZi_QTv4mU(7CNSh|2{{IhuF(1Qv!6BXUQ`ho
zi`&>?%RAN(OIKR=qg*Fa02({Rk1@cTyy&xyK`7-+k(K4>d4Fj_-O_1NDHyHFku4Wm
zrjPlOAi76@G{E9GmctOtS4IbmNiF>~Z)P-9WIWOXr-?t`qMQWoh$nh@so;G!LENPg
zf}z<QQ22cr$3ELW4@Y7Bx{R_h#5{3PE!ha>Fpur^NBoa8TR^J5|3CprX+nxE;a%uh
z9zKo(ijW+EKAjqqoiMT)TJDvXvkTq|d_-{6W#XA(fwKlA(@6C`McE1KdpoBJya{yH
z`|HAOf6F2>o+hGLYuejU*Ma>4i^=K?JnINv{T)nNJQTqLf~x30u+M9Wc;nNTXjBoL
z#r`tAj;krbu*Lx+lNJ0zkCLBQfm<kvtasB`Xi19gKZ>Q}6KBq0Zr^ymYg2Q>6ryGO
zDB$wZ_6<XXpG~#$H3ZNso5Y%yf8q*6MB6j*-HoLj`&cjEsicPsPxI827o3j9;5X`-
zE5U%egL&((aUm;SGm^%(zA?;sMrJQmC&oaRQ!{(~afB)eN6>BlGV-ksHe9)Ibt+K>
ziVr5eDm9v!ePpwY8uvVORUm;39QCB;b;GSTA2%4lOO8f&`tqyRrm;U~t=uXkG4XBa
zF>I_e&aMdIs;l^8zm4-YLS9A6i)zI#IdUib!KvJa)+-xwCVWI?Nq$4*s`F|K^Dr~O
zWj7sadyI0rC?B3LvH$?7uTE2w<<W__(uoMTh&CFcw-646X8NuMDYVJ;z$b`1+N?P0
zzdga@M(XKSRe$m!581g5L2ObDhnQ9{>b~x}eJ$L$>0hufj}LFHG+^Eb0pUlEE(SS8
zNJKO=|J5NuSKfG)`Q%F)Ra0p}F1g*@6PFX4bKTs9G0sPIKvpr1eQaQuv7%DYr{R?5
zz9VeEUqzDq82M?<3bdAny#}WzQGInzqsiqMYn@V33%D62fjz3~<k|tQt=-klGkbEj
zsmWXu#q)rZReSl>xaYs;Ld;z7?&@k=SXL}Q$r5a@S31Wm4iMSpZiL!$#q-rf`?D?v
zv`QUGZaL2AXOHvX1w8JG-W1iec?H|lquDXHe=tTSGc>p)jILQa;c+<@Xq#;<t2Vg7
zvA`-^!f28byKwQUimct*7&5wQvqDR~(SM*DG7?lscz9HIHyaFgX`>{il_z{-CE?lC
z2cz<J{cac6yI2MH>!kmLDmFwr<5F5YNZ{^GVH^GoLU^ZnmJ}9#^ltKgrCj9t1AKa+
z6a3P~y}km?;A!qx=?wn!BUn<<Gw4rng~T;g{}BlI;~BW2W9Kb*Lg&9gv=c-GxV_{<
ztD!0Ve?!M7QlNGCxayDJ5M??WhhLqvoJ<i5p+U=6)S0Be9RHn)2X4^;X0}5$Sww?F
ztjX}<s#E+5Yz`0t-;b;K&vTvn|85r<u`rHhO2Fc|5A%E3sUvc96*99o1W;7(kPpAn
z`P92BirN<)lfQ)r#+S;VL{h&A<Ps73Y)LFa{ZDs+=u3TpX_{Vv?+>^Q9}9%#K3CP1
z(*Nx!eCzLL_e+(3?TYz374rX4xo&M89U>rK6Fmb15eo|oDaMe{e`1V42oDYiq6lO{
z$;-smyt=;jDUdgX{;y>tc_tB|#KomzYHM#Y&2TaPT_^ok9=sa3S~+||CI&ktC1s;Z
z|NKAk0ARcbSSt|-mVhi~>=&J!KON0Gh6nBAxUQ})a7ZkW|7osFf(<bd5!#$epK?7@
z_&+81iD<dIyDQq`|Amm8oSqb8@PEZe^{NDNuZjF--9u$Sp>L%AqWUib8BoeD(N35)
zYD!9&@%bwG|C*c!lvmi(<{o^NNXthgQyX;AY(P|HojsSd*s9MDE)uak^=r`kwRDii
zeILlQHuGP>8CZ4DI$~VeA4$XzRb?=XjeRsCC*Aw7>cjHiuV)Ex;!5qe$I=m6-s6R0
zq$>ERx;n%)u5)znr!12Fo2~CfrVCy<(bE9hjXNxCE4h9<XK{&f=gvDiI_FdGB&=h?
zi8qZ9Qer33iYN4Oi|f>CAryUDQ`Og_9eJdL5^6G}L7LbES>IAhYy|=b-1yUrr`x+)
zk$NlbG`>c4x#le}|5he^5fg~=R}Cov60!hf?N|7km);(toB^i2QuU-|qRohBQ2d`?
zu`RACK9yj0%yQj}NVlri0#xss1x_ATx%BOpbrj`dD4ab`u%24o(ycyc)S1x0hDEv&
z$e}T_5C5=1-hKQU=@jO&Y$tH?G7}4@>+$@dt`Sitl1kcyL{uT5CQpQDCtXJ)p<gqs
zd>UcXi6imLzA%Urt)^Bw25_%P7f<Fq_)gb{0=E4~Kx4%YVFaUmW3V+CN~Aoi{kWEa
zh_q7aB9rTc3>-)k_mb=sYwlf}RB$)aO6b)Lq5d4CK4--t?jrk^JZFL!)PCeovfx5Z
z>q2cWPZ-1ZV02}lN9Yc2T;)>|v?^8jb?NHmh=c<VVhC4XpQ7a@z!1*K{{C@l(qBFd
zi4M{bQVFZ7{_~x7SygUL>oek#iL0WvlOV^noXFSy`WuOoZUtUGVXymQdjD#{s4wKQ
zwf)0id+Sha1LpmZg?kUHw8=TX4ksO}Xo*gMvYtv+A!ReWnpB))-)ijk=A1<VPDEZY
zwD0V8Pv}Q@?pWAoFEX+Zh}+LEvq6IvZX4WcL(dYHj@ACz@#F;-#Ix#%8=_wQ+$cpz
zGj(K48DCjj7yYoR1Wh(r?X=5;L+%2}UDRC_l^+)f`a1PR-a;iOgLp~rKHOE@IvJMk
zS<o!qczB-(Tg$zcz<xBYmH6yCTW>N^+q(Sv`~kKetX88<H)0sS&GDY^`dMtE2bVko
zy^_px2@7R?+1Dn|TqRtg?0I(rXb(=)1~`hq#bx#fvI%CCeep!+cJw#bEZ?ttL*X^I
zXjysq6@$oR%j3#9b10%U_wqc7T{6#WM67A!Gj~mWWfT?_jH%99zULZ*hiw)yq2&oq
zf$=vz6)`v10I{2=3ZjO&s@-~$nh}WT{MGf!pIC$N_xG~V%o`x9160`jH4Y+eyB1<?
zc@^>XYOJSNZ`IZ8!{#xY@d@O&`)fo|81AH0$2wyixS1*Kz1j)ikEomO5Xi1)a~=|O
zZCkp@74(zRIEH_GUal$CU3EK`)Aw*OP_JS=a#nic##SFK^2vy#4CD0W1!sQRw7qPH
zQ(q)o5_HRlI>T$5*E&3&y?*f&Fnyjo3E-wHSxac`cN?|mb%k_LZX5Xb-`Wxvp%4j9
z_eVj^jc`o`|Awy!udB<VolFsctmO5u`Z=*dtTo&m<U=I9?PCz9-u?sY-J88@-lwkC
z9fUKS9YkrgdY7P<RC826-x5c1WHeT@{zeG=VSitdTIV)e9x$KplX(Xy5#Nmi>vO7f
z?b<|SAmcs_uFR7dVysgy3vvF?n8sanN>(NP>c_Jamkwskc$q1bnq21j_O-7erj$D2
zyKk~}kRh&%Tr8>}ldXelLaK*RpR=nZ#r(re@RBSh`mT9KJWZ%6;d8j_C`v?O1udKC
zwDUUNqS=q?lJz2=Tx%7~?J43^hUS=i7&p;swluSZ+q&q*Ls$02JWvisH=V=!em3IK
zCUwE3q%HE%x*4~!9g?O#w5#m;ae6^`3gyMuG`r+84;u^8hUlLkC^|?v#`Sg2xW_IU
z;p{4<=CzPkz2Vu7I2#A<kJ{wXW>$)YvY93809_-9dEo-(|0ExHCXot}K%gyBDJ(L4
z&(({0#7HP<0!?zfd$7O~rj9>i#8Vg)^p-lx>O8pD%+MARR`k)jEUS2lFs9Soruylb
zMh0?<&$=|u49`c67AzgJp7t*sYdtFz3o|SS(r(jDV=A7R2dTeg3z)qPQ3vqC#aoJ<
z+Xtm#CpRghOLi#HcCWA%;3I1`4GoBlE=kSyG%rzqwve0cA0k)kAd~$3>x+hPVClu`
zXYj2-`dotsEQ+ZkKf%|n3*D|~zuH2(b?|v?0&9LkMwb>}ee-Hqz4+&k+-ANAd=Q_G
ziI$x%*&gyXX#kF?HbVC$r>>e55MS7qhRQ>!fV?QtTqounJ=j6+%%5(tt0{|nkG~DR
z&9~2~H*@wJDNAXZoDr08am1dm*4yqlin#j+Z%I(7;{0-6_+vux^SrB@YtL$7Iz&2E
zm@nUHC3e%jKae{0*()Xu)wr*lRei1cD$r}3gdYST^T0j(#s1@c)e)>Jebu;Dz%)Hv
zJ^)!fr)b~F7HN;^$ehETG!`JhnL(uA+$27KT=q0s+joYj;5EN9l0!sDvl_d=e$o*Q
z%sbYk&)A3BLwHd5p?erAH-7qA+vh6t7T@Z>DxqN5Pb~Uyiam5<9W_3)e}>}!U_x6X
z_Y=9FP?T5a)cRg)lYKvgqDAgQ3jQ$RWr?&oO`3CkeOg=ho$W5s7uwYk1XYhHECVW;
zh)jApFj<o$!rHdhyF@HZ5AAu^U*jO6NvqThYr-*Q+N4r#UHQjz<Q3UW)~_t&*Z|S3
z_`|*LgWXIt6C12`qj7a(Dt0tjd<zUcHlHsG6bd~rwe`)u7<x=B6?e>8KItJgJsQYP
zoo#a|OgM7aX#AXDU}hn7$hgx3FgOX`CM&#mx*I#{><~XXyLr1d<ul54N=<pjw2<r#
zhV(QHUx=Q9t|hSly(GeX_)RY(Wd7I}D7?WZf#H6#n$CZUUABL=R?=|bv>oQFw9K;e
zZH7q|6Wb(2_~h7xM_8%Z84HU}pA@y=`a|{zsz0@SV4Sw1++imSvMyZ-ckC>IIh~#a
z>#c5nYN<vmB1O2dc3E*kVT&@{a*J9^aRlS>LHjDRRh(~80=4!&M;M%|dbbRghOo<d
zHHC88#61SUU~g3IB6Q$KAa8ApW8JBik%{f3n1O6QX>*kD;*rHy@$QvrvH<w|#HnNA
zmJ+rOAm6RVV|%U&q>OYD{hh(KmcJs4N}uj%am4Ad8S=G8e0Zw=euHb(VOvFAS`OUT
z_$Il=b19#JdBg}qNNjwWehDiU(Qn8?EKC~egpF6zwW=+CLlmJuY!iz7I?(g7kUqva
zznDD1<JBoSNH)aX{=G<@rTl&98E>iWL@UtbGe5wl2=61k-K58gm44n3a(NSFMNCdE
zg+aujI~C>Si>}>we&GOtC8BNwk|K?AZ$vFaz3)16rHqsz1gmS+9~mm-t8Q|_Td5Ju
z$YDNhEhS4SJTpk3x^3OFO=d@9Gw#z3tHMork^Lws-msqEv{;odOxHv%!uH=bkszh4
za3?7$@TM{El8s(F)^9-r*V2dq*^61a2Qm77tP-@Mgr9jL6OKF};*el}tk7p|HyNil
z{}M58uTG<$l&&Fn9uVYB+(tNyuCx<)Oj+!OaQh|a^X^pF@=oQGQ#BWp8ZcWSQE$-v
zZW3`GNsel_Od(iIkf9n$%57omQh0ulfZr3tKu853IxjWET`vzy_>FBFUY8{1^MnT9
z!&WF|nR|zF=b)_xBh-b+-z=&;s$5jpzkXY!=eO7Q8)o>7KBCE<-KW_ye%`D&e$ptV
zhR$<6#%*=AF8Fp_c6>az{kP8L!g<nqc@$>9I-<+kZTK@?esAWcYi85mb!j%4;~>4A
zch$#X7KZHDIS|nuIVy8pF7-dPbA}0#d?C=r9Wywj*n7}-d)v<E@Kv2Ad1YKXCr8RS
zT$M~&&rJDc-V;oTujl1^u5xgVRAs^|*a9$apCdZ4iVU2lp0vc`gbPuB(Y&5dOhi6U
zoa(18FjUZL+b=}rD85*O8lnjUvyEuJr<T67ch@$0`86B=4f!0NCuoZnOKGRp@;=bk
zAljylw7-S|eTIs)%+|MYZ3-<?Ry&JT{<>Y|S;xstDvhpFo)YyXk@A=UU)L4#6rZN*
zqqLv(`wF3QHM`i^aYs+C#=KiZsCgVU+^8A8X1Qb}B;;A-9XZ#`wHke{Q$B*bTe9wm
zsM)l{qmHWH@LuRNByEYgiBr|QL+QN3goWe|9CA1f>^eSzRv*`LT;^$0JAnFk`ikR9
z80lM7Dp?hR1{|eA-#-yba4IjhOCAN=JLOYx$Y!2ELbsKHHKKyo#_4hc_PVXO#9a#!
zm5JlJUx8nl4{|$}h;p*)-VSaxlRnWtfUgeG!u;@3>Sg4h?IqK1khREGQJS|WFb^X^
zdiCxLY?*znrFNupNP7vhk7J?LyH2@b7T?F2QID8vBT8=@l;r-zRcGX<;oa{<d4Bi(
zy7TkQVsBjFUTHW|?Q^pnhk$8@iBS1Ii}ir3w_bNEqy+Le&T^TG9jddVjkLKYjvkr!
z%hGn;&)O?j4=C}Dj&3NFBvrKJL*ro!9Ag?4N1r}AEBhY@L1Mr-d+o-x{+JrR*YI}G
zh;b)Q1#v2RJ)@$^2CTyJPR`<|vCPm*q{yi+=V^3Im0jub6}Ztmxs|@Ok6~#BIdiMX
zuRDS{7z7MkmCei@D^h}`=nuO9GlgnYEQ(kKBy~S#YAKVNm=r!Tk3`qD{#34KmuV*2
z6O(BJHHwKOVQ7e*KU`g-a4sC+&Q*FUI`9?rM-d13vu>5B!^g8iP_s77Xgs>}x2kba
zDbvd}{*%{-r3B^0!|kbFNk_=+DV&?-eOEYN!5=!Xc8}{NIO>Ay2tw|?;Xo@=&&Ijb
zFcKf+g-JTo=Oh-887AXCc8S$wzKljgHgB7QxP}%of8m{m<S-mC*SAY1z4YKH9F{$%
zPD()-=)*-z93g{|<2Ym66c3s;(%*V>@7@6n<G^r`C%F?tZlTH|ACj8(27a8z9&Jf1
zn<3yG-Df#CG9+KSp`Yjt*VkGTO$^R)Ort>BS3sK?P4n+)rujJkP!oBgj&D9z<`bjx
zNU_Jl*^yN*UV$;1XHiw<+p&&C9_3|Islgqz#V(a$vY@pQ=~SoNWam40CVg&#)`R%P
z$uRTWi{_RG-+!(Le+3Ug<n!gx(;cbe&=*?}nq>?k0#&_18~%nNIE?Kbul1EJbPYiz
z7574QRo_pot=-Y@@X5)FU-37SnRR42y&PmRB6eb!Zg*jBb=Q{I1zY+EhLN4voMLp5
zeZ`!I=q7L5SP52aC7+D}i599OjrK-QqD*UpbnCTISVZb)_5@9Thj8F$!M(SpxMlYH
zZS1}D?GkZ|z}~6+ppRHf{rgIv3P;zf*cSSjv5?mc`}3NMIuec179yA4wHTb25F^ko
zWIgJg=j2EQ%ielpdvI(O&#_;F5Wd_|+}BE+R4Ym*i7-?Ss8^7!SGMTdc1-Wg&1XQR
z$*s_bQVXl;>+fGn$mA{O?0*1rNzEy1wWE5Q2neGM)qHS0yp^#^&0oDE({Z<+@Ci(t
z%dQ`*^=oGDyS9i8U#KsI!WMBf1gl($&pDZ1yY#mg@}xi@V*|ye%Ovs-nzgabzQTto
zB;VBDb)p%2E%9dVkfwpV41A^SYSq&Ry+zy%sZG3HS5=nR(C`olt_>bZaFJ)^<FF3|
zplw^5zLguYURTN)0ryCR&r+K>qVJ!F#@`wt2q|F~X^1#t7FYzu<uH|Bq6P@hDAwVW
z8{?84ZKh@qyluZPv%@_U7N109NQhSuf+O;gd^Hk7fB^q&-&dWzFtT)9+!)_i-CSRn
zpnhLbZg=XvfGl{J`4u5D9i9*LuuWoU$HU!WPg0+lL6kU5)EYK}_8iD1>UQsbo|3fA
ze!s%*gfL67(odIww^O3gxaW#3_KwfsU;fS-7kYvqxyeX}hYRlO34fph4*EO~TWI!W
zOSFk`Wy0>69=415bCa*dxVDr`k_&Y>gPLIfwAmM<B`0&i;|=OdorgKNdm8sZ-t#OS
z*>Ra*RreAb|55|xr)sR(<B%C>@#{`)z_<b2R*Z4u@^$pB@$`@B>}}R_cRMH~CvCtA
z;KZ6aeYf$P)i>28xc+oXzu|6xswGYW;+SKpw93NB&9+`_SK1c!hD{Z@V&pMig&NAP
zvjUQcI&~ads5jD?9&DR594AZ@RO@UV-=25HWZxfte&WW+{M3fqT!CBbKtwuS_ul7h
z*?rt$Vr!`%tWVJu$J%9eOz8@eM&>PsVhC`e!{0^IdPdxvIZy1E^_k3kE=`wo^^gtq
z*xoq5q(q^EF!!|K&hE4es@YnOuB_!3i=+YX!;R2@F9~}$OKKK|of>ez(uA3W9CkO2
z{&^lr0ah+cL;ut{gx1j&1)KnBgpP7qdb}<>@rq%^*)5ntpuj?nnudE_R6B<aO`D4h
zie5E5l|Jubi3Y2@5cV1Ild(Oq8#_C{x(-2z;(sl}_ml@a->#^}B=zG*{))Fx`Rn*f
zXZMzp#njK{Hg$g@uwwT2^m-yE`j&O$A-UQ`y4KTz52d_@+gW4qHgqALR4=C|nirc5
zC3IH!y(*h3>(f$Ir!k{z9CbYG4Z_cEhWFlW$Fi(XY{lPSsN*1dx`uE<6_@895GeDD
zIk)atMx>WrsbEL|0VGjgB#;pF{Fr!PiG8p>7pJ$Un02es?^omNnem2vYrPc{#;ACE
z?&>e;bz#eXz-7YxuB|>Lo1e!=hAD)KkbpFeb<I-$Il3J)($z6IxO6yy?_W9!eTm$D
z<*($;j*PJvA*x=idx_J#?(w<iqy^;ojH$?0w4cMk*6WM70sRynl&>?4=VvcZ^PI5T
z;n9k}_G*OP1G7t}1f*ia0X@7}KFat@U-rRL_W>1oYgv-gC^ONHiVBVnG>y_)>SbN5
zr#W>-#P&m);R_=nOh-((9oMP{#_9kWIdq57nToKCdWY7*+B&OOK0jl!^%WSWB&Y4K
zGFeUi5Uf4KhzrR6vbJ@_dW8ar97h2i?>ddLk5nX|Kz@&*4;2iQ#Ne<9AV^XwR<CMA
zF7zQ0PFaFXRk@><yC#gheRhNo%wplM4J9&4Zz7+=EQyBwe|Lum3d)O`uankx;U_sY
zb^dg;%-z=q9RE}N(<tM5Z_gk=?yN7SJAVrU)#m<jVXO!9boi#d%LuWoFK%z=Bm1Ei
z2gvbHWu<u*%(D%pJ2F$vnGt$CQ=Wkl-XzC95Uh7K{gdVZIQhEW=HE^I7IjGim(XqD
zz&U41M877<*u+HMD}erE^%zw&s4ou-$p+2GYIY`7ZQK@F3o+H-b3-_|?cCg)oPz(a
zcOe_2W*wJ2NxsYxqzk2)nvsTlE3jslXY>XonZL}V9^pyxaXK7l1Q`jG5BC7Nx73B>
z;CLball}c&onKfg#qZe$3I()WdEwTpGy#>eF2Nbf3tI%2!zRnv?y<MUDavLbIbszA
z?023)<++(ZCHKo;N;(tkB*L|0OJJyOsh3|O0&o5T5=e=lvYOAHhxfM@g?Wnl1EDlL
zB7hf!Nc`Q`zg>n0icy#+AwB)a)ReStUA-xE+}@|y?SJ+0SDDomPdo~W5K5HK@4D3z
z*@tWDRAs;({G&2oo@aR4U$4UdjLE;v27)&!14?g`pO;IR@sA~ctJl{P9~V@{9Q?1J
z|614+DiFwFo1lyG-zq)fEz7_b(@AA!KGqso$;AIz1rI#J0X#_1-L9?ygfv4QIZzH;
z6c7%c;pdJT!-g}qY2mVMVgqQebg@o=fj^Aa{cH>G5*4uNf7??)ga=s^v$RhBqgH2f
z5QIq1y8XP>|8&a}-jE3Rune4}0Qzs)f0xfJ`2Dr4i^l&yRjzJy`H-@)CG+v|Ig^7K
zHT<C#U!D)(wtjwsU(t>6bEeQbjiTlM^c|owXk!x+Vup0J;dG@0aZmrpgiyYoAW2jx
z;<)=F8vkQ(YzZFXshf@Qg#6EcD3%F4*0UF$`K|Xqmip@@j}5qOA_o#O)|?s_D>eB4
zy!;BXn#l_`q+vi(GDj}*Kd*dwYQSND7dhaytge{~4gGe#Kl;VPL$W3Pf4LzK)F9;v
zkD=)Q$O?i8LdN3t$Cti9repyid9gVCAF}fRJvi3o-|_HQLqPUsd?2ARQIg-E?F#S=
zbN-JgK)PfEAjxy|=pSwe5Bzc$``>Z&S8-tdP(W5?QT;#l2*U3mK<l<7H+^hZOXI?=
zr>k4<f`sFK;f_v+pQiBy@Gu0P$34|(|4It({0XE@L(0z1jx(=`vp7vQf-5*w2yAx;
zGZRSU+fZ~0JmAXsR2fwqx=W!j#5qHpY+Vg+hy$8Njw?xw#CbQ!pF8tt@2anNnzOIr
z+9XNU!?d^ltSH}K%w%%d)$yJqx$BgX8a<s5p2{Ijl;N?~1OhGMs@&h-UuY8&BHkJj
z?}j%?02PYGkW8KI!Ug0VjLpU;C~9m3Cajkv-=8K*Y%hMLhwuV(Zhrp$GLn*C-shU9
zRjcvN>*9YJrw+U_IB#2|9Gp6=o1_-`k-@#3V#i%KNOsJq-@lak89a{L4~y0uM2GAZ
z`vCOTm+-<t))nLBfVz4?IFJMRhJqrdBZRY8L47pRd)|f18kyqaX$^;&%Qe(?xSuxy
zT0D2c@FVBA{IP~@zv6zJ#FZxmIDH6g<SLU)o;IvX;Njtw>yr=?PR0_D%pe3r6m+aO
zHH@g<UIMR->iYFld$T#k+-}!m$iEe!!dGO4eLrz<bad4JjZpCSVA&v?ECQWQVdH>1
zv!|t5cVjVZpy@b5$Huqln@m|w$Y0i<td}Jx2470)Oyy472EqWVg?cwg$#h09T>Q;f
zw)@n@n}-;wl96TseUmjx^ZiD%dIy_aj^D1p6G3D-2)<KsJU`=h&%J~6qFghP86%Y{
zD5oiv;qi!^=JaI5=y-ukPDPa?g+iGd!KJ*xcAkqQ_0uV!08W-J;xqU2ik-xA<9T`u
zX_+QBIT=}2T}OEi@Vv24G@=WFzXF%?MN$BX<w0bZFHKX=A_kCdS8&<kBr~oAFg-AC
z!uP%XVP(b`&3*2O$v9A$q9YLEl9>9sltGH5_oP$x@#HhjRQ@{4%xS}##DGLbv3$^3
zx&sL^3i8xg!z$h-2Q_*1R2sBzK!CK03in)ZbhJ$K(^JYUv+p+KyNh@jPv|Z}uzOL_
z4GS!Pm&+GsAQ_(X?k?&<%6WT%An*XRHiL%KRTOGB5?pqN#ai~73EGkQS)2dFr`7=y
zOsnq$2jAwJG~HjRfLvxO>QZke=^vi<iYcgb$YMyOjg3Fe&CXAUW3eA{SG+b%T~rV0
z=2Fmf#Oh;tU<wKdOwt_BPr00Xh$OkxsG%B5W^A}OA3hx)TwLnR?Uyyf)tl}v+$a_T
zp`?7hDbUW7bl|W_o~FgDMlTTFG+!3X8osydR$`%|ihHzQS*z4*=LN@kJGO4ut6GYD
z8*kdC`SLuji_WYIg=Zi2@V%XpF@@2}d#U60&Z$;spBkOX8vOP8(xZ?DnQEdiih$LP
z@XMwR&ig*Yk@y#Ur1+Sa9F4jwt5;E^@SjExaDY^g^VOSz&(t!YXgKM~SyT@_0Va}R
z68MvigC_SxKNSren5fy<g7vR`=Ha-hvx<w2+0MN~)CXWOn5J*v0Em}s-j%+Fj?Wzx
z<Q94MF!<Jcp*n^q3v{+!f(cBI8W@uvP@LBj19Ov&_FP;@7x$RlCvLB&_bSz`%)B4q
zrk3_`s|9@nY9cX&X}I5E)U9squ&YX!3<?!iLJwzV_jh(Z+7(zKgkYpB<TF|?k0_2n
z_$U-tAqON1f?mFbK8q3?80qfFL)pTBtk)>B?Wthr@wK)+&mUuZ7^J!v3uB)EZ&aKv
zsp#mkl6FxW2xqs?Uuu6_Dp5DOFl@i?5|$eSxtCN1k_KI&Zy9~_hvsBaa|l~%->-0J
z?j_*Jcz4}n1;kL62hr5;nKE#LbUco~$0~w5>1by|O97;~pE;;h+o$cGy!}F;tRlUB
zz*-{XV(?{#AXF+*8V{laNyWFrUfNY3E+KEaS}dl=Skwlxts<YM*PjNMoA)i?8dU<K
zAWu4g=XM#Lwgl|TSIrA17BHOd-L8$Kg#3q7;BhK?b!5+(LQyuBZaJDSUqaqxa&Yx_
zcaL6DELzv>Bo{BFK4cid-yDF2mXEePbE#a-OdNqb5?6ilZ^(+E#S=~;^b0r~p|Rp%
ztj(9A#fRvEQti+pP`A9)J96h)$q&~-5vpe30j})4!ig+JI3wF)qB&FmBadDi=?^zH
zG{ta%no79sPv;4<S<(dl6k7fT8VhTslmN>IY>j&16u&Z9=U2$7`V7v1bB_l)x0kLK
z;{_NT{|i&X`?E6Z^R<|)_=7IkbnWwWhX6600c=<Yyb{E=w;oiicG9sr{pPzPiaBZ5
zM7R2b&rdqf_5fODe=A+YFjS7k(>rinX6)v7E+#FZ5G!B!@3*lrv+E`AZnAzMJYP53
zAbDj*vq%;KsMOo}UT+U$B!D+F<`cfb@HPhOKfrYL<W}4#Kf7Q8`h%e!X1Ihcsi0!Q
zm7c^)G#woKE-r=&GIm|R|0q~%<K!Mda$)ra?sckJlxSFUPk2&$xqHR|9$SAef&GHT
z*1K)fP{cJgJgs5kG^oZfdNi=pyY8{h2T=21*hT$n7yxuXC@)yT-xKQFD=Q|=b+hn{
zYfw$8+afvKRg3C6mz!D(aO$%*vjAR6S$En7QUTUW0HgVXRc+4_o2yF(@9>0ZR^r<5
z*LvHJi%3SjhhM-A$){^G8+2wzn5@L$&WIqb+!v7$bPltz1V%3lRYzH3pU)e&rbE;(
z``a6F-!6lMak4;OXI!z&>B~Hl_gNFJ>srgW2MmKfZ}PXA;IhI3ZgL`$x12gBuocQC
zxlrk{!FhuwR@`4@it^mH)ET!%5^PA3TGIk`(uVi}4?bN!UxdBvCC_d2G=W{a!~5Me
zFCR#wQ<`Iy)nL#!-04yemE!uv1F#`GPnHYckVbx(pe|>2&T#mcq$C%4^ta=f)Ds(a
z5*9$*nMqFik@^sPiDc4`0*j+cOeE0N@DKi6ba+7gc}l}^(j@oFdHoVnyODEGN=`2J
zg{CJ5Dl02#&1`jHgr=>R2-{;5+R9}9O$^HI8>6LXeA`sXokovAxIR289OqTyQXgS@
zA!(_wGM{R_`CRp22@dFtqnD*5hc^D`7LL1IMqVPv!ANv8I!CXgrKh9s?*6{4_%nD6
zZrkama7HEw*wYLhCH|&gFAmo>g0b!J5J@q#;@bXTJ8<!KD$D~tD55b6Fs`#dLQ*A%
z?47XWqB9=rqTHjx<X=GS323_`48c7;E^iO6Ud(aags@5Gc*XJXh-`m2GC^j<!NDoG
z>K=hU$MYouC-yIv;=cU~Jf@k8QPD9kkFD=q--j#5#D2RIV~C@v=&#C%f3>s<-P_+k
zorkJfm>h(6T#(`Bb+Oh%xdgmPGcFuWUy=jAA9js;bfupVwKUn&5^0R<;X!tIKd)n)
z^;m*x==SKmO+i7Szh}OR+#QY~;Qm6S3pqi37>Nc}(a7QLRwGE<UgqZZ+m{I(|3@a(
zF$!td3DB$g6!Xbw^fv9P2S`>^EvENMFcfeA@QNtTBbx>yx9qf>HhllLYH@0r7Whi2
zu+FU;6?BD3cp#F?)PY8eUR?HvGp4kfNs6CtfLnFA=ZFy3R{w5h1Q!A3ZeIxw$Hn+-
zKb3P?ih5#4i$9=Hk84Gidy58t;n<>eH@VMkL^2)ZR;dD3^Vb8PNg41DS4a}G^Km90
zJMT?DgI&12QsuMU_^}Llb<Mqvp|F2)TgpO7!jnAt`Nv-h_4*G)WTOjx0xU1ybJ;ZQ
zGU8{sa2Una9M`!$K83pu9=G=zE~g#g_us)w?jO;N=Y&XBMvjV>+qrUBOkcthq@QE=
z(mm3<t?@kGwklZJlY5Xa3X;b3b0WCxC<o?~xxDseTi`B&gCZ}ujPI_ecbD>8fsu(x
zUT|9=AB3E;vY;csLv7c{;_PJk;x}%?Dz+^sX`GP0lj8V2`AVfy@>8nx(^gM_TQ8+p
z;ICQ`28OCHHI}7eEn5C-fOYqRBTtURsIYHq;_e#7)ou+BkWAO;d?^0S3UYFVnyF20
zYpdkuh<287=cNG(79}-r-vOL&Ld*UJ5HSwq6cllW0*`0nDH|Mgc#~<+zgB1ZxG9Zp
zoP6&0Fo1`blUqN2To^EhcFg!y2ikgn5!rB;pgHFPf6m{UutJifB?r29-sXSbxc4Z)
z6&uDKIEP`;^hK0&Dfv0H-(b-{EM+zrHF40Ji>IShscETi%+%i1-DI6CkYJ#P1?KVc
zG57-H)TSQj9=8<3m6neO>&xfO!ms3L(~Ld*A6lbSN?YQoD}d;vmfI_GJAylpi-jbC
zJJUoB=jcLg4~4P!GlcWvY%NG^Od9fmk=ZcZL?$t9+h^zNy7xk+Z+MJ#w|mLM5!VQ)
z5Hr0QOHuDY7-ksHBfkC~XxGbDh}PY!66vL4bH2GZ+~cBF0k|DR@QlBcwt)dV^oidw
zlg!9eTM@RTe0YX6EXT4|1I}Xk&<{_e8xT{LGBZeA$<)l>!#_TCO{uvfgm+C<$b_7U
z^Mu%$nte`jfn!lDZyiV>n0>kAdCDYmQk@|oRdf%{dTfuz<jZV>Mhol_GIko{Gi%Ih
zqk)In)k+g_9sI?~`af|DuX+SpTywY)gV^}^Vx`P_WYkmx?uUz<E@ir+xIbWFGcJfa
z>;N~uzkq5=$>)0BV#+@O=VTB#Oya6P_dO9j+vSrr*`FxRi&}`MU=CGWIq;7t!|%Y?
z9#kW^uFbdI#y^??YVQLOFk0jM6|DLf(gFb~IPiiW!kRxz@`!ZIc7=K4EN>?mf|vcz
zn|nfB?7_3eifQsc1hGW};TMieO^aKU78Gv+8XTO?s}{sZWbK`Ig;$N~FlXZorzi~`
ziW#(>i=h|nn`s;2EduC&U@K1~5<JMa9W27RKO;kx2*8J?ocRAwl{~1_%)SJi1?S)p
zY<JCljlXQ_pyZ9yVAzq;6~~mEGQp9%EoKpt-rebtURbLbO0`5gyvh1{xonfBVsPyl
zGc;{MELi5`$#*m=$GZ2#FB8Gc!X_X!A6t}5u_*a;q}I{5C|M<k%AFeO)bTLp17=4D
zR-|D-$bVQ)eErC-WYwFNTS1i_$h~%vkS9B15|GNz^lBizQoSt4?Qqn`exTj#uJx6R
z!b{>XN}xaTt|hoGoszwzP~VDf@g7jG*~D2%Xi`BZ$9jfRo%e&Jg}M|HF_PFp5R}b@
z>YH`E>})>jpi*rU1#{NOT+<AM?rmk0ZZOt#u4icomH?BFzO3UO{&WJ<3!%2;lN!W#
z*Zt?TkImLsZUU5Ij3CPF7mUT&&LD^4_CLoCOdb-8fHl}XLFkGmiAEi#|Lo45Im%-A
zdApD@s8s0{$~uyK>QkLWBYo;QBWggFm3t58u-g!DpC29bE?j?rCx8b_(m1XlYPCLo
z>$ttV<u83$+E7T1FPK(R(hyB{tQxHDTvI}6%Cn=0&6;u2uO!T+iY#dES{wymOB_}(
z9kWKz!sV?!zaqZLzGf3AYZ01zM8^_EW?`3et(LT;)wAAqT5=E^bRW%08AVz2nbdY&
zTT{7N4!u|BB+TfP0+R`pQb;mDkW5SE&bmHOBuw110zM+Iz@4(2j>kOubrK246-#7>
z5_jbzwF208a!tT|TC$r!2j7LSPqOeXwrW7oSS_=jUWf8X)4M%UuT9w+`uP%Y99{P+
z^>bM(Nwaa<dDwpyO%i#9CXNz6h2BL86#31_4>5u~Lzd8Z|7+SM>!P-QRC&E8K68ga
zKG?{RdEgdJxl}FXQQgiCT%03gta(A8nFYe!a*_SUH?dyhZ^!sgGLN+$)sCTfvg3%K
zMxK%(w7<(sID49264aW?jcIp0%=(FO6!*eQohLNCi;}b2zDt$cuxbBR#<7akh`AQs
zv*xF<w<*9Tb;8F9ofc;-H-uk!MdjPaiMdSTAJT;{*_cB_>A~qhRyrCZ`q<KcAKryE
zt4~NYI#SsKftA*>MMAFcz055sAy${vk}a@*)d8`*GB=%4=KiU!%T2UrYhN><Wz(@e
zh`knYBhMOpGZpo<ZIdkc{SA?RmwKC~{O7J@FZA9UNi-)T@9uHkfo|~IE=cgRemHr_
zr*zE%`5(;*4Sb~96QIHGn_|JQj~{~<o^b4HwXa-nRTxfOixVwr?p4c*W3J^Q63`7a
z15PgyR5nBWDi|XWmn*j^mmPm03%)-&5T#<o&9B_1u&)(%hD-hInaA?@HgMrcqE^7J
z0opS!;mj8J;R8jPr~t3rn*H2?w)3s;>sP&M7n~#MXJUTNF>IM1vQG+jN-b>_bX8Jy
z&H9zq5wuGwtu#L^(#qFpXlfe>miCUh?o^>!Cyhb<v-ksKq@@w!;^Sr9+TO#>Z;@S7
zl_shz`U>2I=6kD-3ft*J5Zk#DIA!|ey7@!ncgV=wwgOv<jxN~A{5k1%2U<Hpdvd2g
zQ!k48dxw2}KYf&=HTZHkny0(fIJ~rp8pGK;xOIjrSmqJjeb4AvTP&>6ueX}TA+OsI
zRb`6N=jK3`p_)Bhifso`pm#BOB2yRf&R8Mm=s&YO$lr)2!-!&Py?eQ^L30|NL=!{h
zrxUP{lV1}bW%NGrwdF)1!gNl@BA2{8g0qxGO9`cC(`sG4m%mMq9EZaoZ=hp%twC;H
z2#=ieDWO9aEhIO;^kpz$D3wbXnl7y=QD@&APv`6tfNXBtJiizr;d}W=_Yck1xGndW
znyqp@a`ru^YRgcfUd-N%ARSJfgm*!w*W!NmC9Olwph?K6l=nRU^Rgm_!C@`vi+CfH
zHhV5XQ;&d8)NA=fMT*y%Gjk><#U0MM15{1PC(>lOCF6>RC@7JYg?16eiZ2F~D+2yk
zoF{FVd>60;Z!^ihSypfGD$kx2nm7FgMb5Kxy5eYg(?<l(G41#<i0vF9#!VR}kf}$*
zC1wkanCj|b%??0i^2#HfXAQ1v<`zpUlG89^qie^nk7qNd>-=(RObzIYLKy-8{jga9
z#>V<s6<dtu@)cbA^R=DDfQKE*`nhoNv7eb+n6a>0uK$+K{F-n)mv9MQQm(_a`fkGI
ztDe@{(c9K>ilgE3>znZzmjkjbDYI)Y$B(cS0hU~Kq2m#j83tw8O^coT3yc8Ho;DS!
z1k)zJ@ZdBamirEwIW!~v7C(C9>Vvu0bLsTFOe=9$wE`<*(M!S3gnO&I4eKLRy*vcy
zy4tf}z7;bnvCMc){=~QC*+kDdMh2pWA>*uHlg`porS@US^0?m<g=i*5i7<}$zGc8<
zX;tYvZwzuQX<&+(z*@psKqlTZnWM={Y{wXr77R}k->u0@hSyFl`iL7jD5Jer(hNUW
znt1$hCR=rP#QSDz->jodPBms#>+&nqFFn=X)4yL?Zp|AVY_+|V#*E6kcQk(><q(>S
z3wKG(ejXX)GycI6QIT!~yO29Bre;!8M!)s4?F&{z!>E8m>4A9C%O{_M)QMNie%t|v
zExHVtJmZq^m)kJ5p;K<n`>JKFMN<;cW-v%t(oI8pR<`oAVY6y9lW7FG1lm-I$Bsgp
z)8+$SN>Z$?!Niu-o4DuMM@Obg+F8Z#8g#xv+_`?%TzVW`-6$-n#lmVonuFVPDc8EO
z%XOJb58+V-;J+is;Aqq3?=Ot_>5?vs&Ogw}SsxV?Lz!IZGVLh4s`<cog3Kb}i)q$r
z?lRo7$7{0AA9d2#oxf@h1)WFcy^{&phtF**vF()YDvd{PzfHs;Z{==XI0;Y+gg$m4
zRvFe4hvsM7q;<y$8V`NbB!x?_vZV;gUynPWO1Xo98-jI++iufh5%@WF5fV!}tBCV+
ztz~O_U5@XwQwdy4FnRwvuWs;mb6H+wGAPQ0@Xx6ei^tU?D8I7AC*NWV5y|!~fq3g;
zELUdvN?N}K#vLoSMO(^HxsI=9($5<TbcgQM#8NWPL7(+WFAMEk-)j2cWZlqY(h9Kg
zKkdB<2^!Gklcz)ZIs)KJwh!0P8RXKwCBOOzLw_`|tSti=#%bWphxj?OW+*O3M&Q8T
zaB!Hj2$a-XrhkoT+)zs3u^2p9*?R8Aju&{kS`GJ|RJyH{p?kAO0T8`(R%$@^PwQx8
zU*%vEVYx_2I+<Yd?;<HnSWA$U>Oc5}x9_?j4g_(g!<VSMKQ}knG4;99d@onz{K&`P
z`|L_^DCS_(Bw8Lo9II))wXC*gG+Hq(&E-K`@@z7{{C(xbt(+cW(ZkvO;M1nZ$1||8
zo7S>z+tzNF@n@uEy?X0U+W{%kQHM7dlTN9^0lHPdK+bK%>p?RSnHdUg&6DCJla83-
zCzm<zRb1nf+eU`RYuI-?1`GrP1vjg+p8-7AbFKUOJCmzOp9ga*6!9l?EgduQ&NMif
z6@vz{RlxKV(a6YFglKHgVFofXqDp#o@IH?$v2jWssPji)#_czcZVT^EKdikx4i5b6
z?^Ft5gWTs+bGLU!+3bRN_2ec1@YbBIv8b@Obe905ufgo8?4p1RkhM+Z27q*hltE<!
ziKhA|jpF755My@Z>yAYV#R7j!0{eDh1Xau}3inGrIm;=9ILPI66uzkrPH}{kbj6{%
zlU?$jgx6Y<B0#sY+!%jiWn)H#gXCLbB4Y-L)s5_7pw;XgO10;p-18Cln|5)?0l$Cr
zN4R9C4<Y=_nwJsq4)I*FPRy4eVlNM*ad6&szs6PW@GmVX;g-7@RQ&K1QNBZe4%g92
zF1sR|`0A1}%CW7WnclT!T83^sN9^=#OANwA+r&}9{HA#TQ;+3|+jrUFi%|?!Y(N4@
z*us;9w8mU9v;%wj$cnVE($HnawdvV5E7yfe@WZQKu^*4VSNcPc4%%mpcA0c2{u5C_
z)6A+37V^elIl<6&=U`Cj&569JXTOlOiwx!1sX&ml6Dg6?9<fY_+RqojOm(UZw->~~
zF9zNn<AzmG)3T2~)8w>#8@c;QMZ&X!vG_U6QP}O4_ny*NRWWYh6`<$@!$f0~BQXwc
zb41tLha<!KWlaUsyMT4`xJItL`WpwH;l`nuM7Js|MaC6WNPh^c!o6d6Z~5>L+!a`W
zpR?6_Pf9p6Um%41>qPeSdRy72?f09PUoj7hK}*z49%IGNCFgW%=3H>EH38UgvW*>k
z<{QxRGjl$CHup^>8`RC0F1yUm9M?o*(31Hc`4a`Cz>q#Ph6uX}eY0UmvryeWmNd@=
z>FPsGkanou&BCltZG<5IcaN!vLwRuu>z>1)+o9M2jcTrwMdyb?AI8zcBo!Ch)V+#B
zepFZ*dG8NY?fz}XI!Gpm<GXG~j2&y7cp3hEs<8n^M&^XCZe`nErkh5}pC+GPEZLlR
zi1cE=9X3e@QRBIQBsiT#(xdmLcZF8}e7fJ$xRI^zN%6OS?@nh>BMF&s@leEcYo<^L
zN|_~1k-A`w<LK_it~O5D&dOav;bXGH1JZ|8;96w-<f)l<1pQ@*^{N2>L&{7fn==pA
zV04o**&JI@ASX#$x-6Y*9cj!?LJq*?p!7|hE!$TnhcZ^tEEmq9e`<Mo%WeL15NdwH
zWDaF#w{ovrJOaN|g_MjF-ODqsiy#S+B1Kn=KW8sosU-1d0G9TN7s2&m;w<?mz_JmB
z%MY9_9l9*naM@8w-HMBBhP&xS%`ZQ_EsVvG-Fizc-@s8EFJSup=cG9rq-wsYX&C3m
zS(k*`K4p86e@o|ulH5rfJpB<~DIKINMRI+aMG4FOT@UA83xabHz+%;=e`n*`to~w#
zep<pf9c@D&mw*9>s_ZK1*s6#fm|5hu$_=rIfXK6McpC=@C-`-++QJeS7Z<g7@+i1!
zm7p8Jr<X6zvBh>_z8FK?ETGT{(C5t$5>Ca4e<YHxEEpWOa-`Kc{ILs7o_2{ZXuc~7
z-NLoCP#rKw_X2q?KOKOi{=86mmljNbnF7Eir##W>iL9y6(>7+UheN5_MZPV5)4{`R
zdZpTZWVq)J?^{J=>NOuWs3?}@z}I|nKxIz#c|E65@a{~e4?9|Dkw;B04PPd35?Rim
z0|Q1PL&%=lQIxmiNM~v)dnVh-Eb_!T@TEqN9_1X@E_KgrauFk+#O~CtD%m)^5k|=<
zuWe9l6$wmY;xERWB(d+m52ni?>v!^>T*&d6YA2;<b5qG`qi9GFaHQeERum32ElhzE
zCFG24_zwV<`HrZ_i_#&8#r4j6u%A)(eRv)F@gr_7LL=0l6P;i|f<)PplNK1DL6mW#
zM(@qDuTYLg1;r+foNVQrjPc>))jwU6YmVf!37tG-0OQv3EgkreAmTy7I~&gwhiz8n
ztz)bE<)P}X1b|fGIu3gH@vf^&*Ylr}s1`pX6>&889zwQ&j1aPEOa1O&Jd!X{wKEgf
zCn72@T=bo(;p|cl@4acopek~dUny8MxlSp+$n#Og3i|sADpS4lZnRpf!3tKAE~#s0
z#~Na!u@<J@#bF$-VqM1e_heMIQ;Iz*#|Yih*C-7uX7AeG{aEeW`qGmF{|imb&G`u=
z`E{44T?6VhV8m~s+w!^-jbfFBEJI9r@__H?5E`Yk{Ul1$dB%ISO3us*Y7pJs?^l(z
zQ@be_VAm9-(om{NP)fM^;qe@L(ROLy=PO0+*r3^H3G+|<n#Sa|3PF7Wvpp@1S;%f%
zMNzbneU;|0zB3x9m!!P`+{R7}v*tj*>j=tN4;`)7yHeBLHj3@z9GV~6QOvkYe5mfr
z8RqD!gZ!PlwHXjgYv=@F;>CF$SSkG1j)iD;{&SZ$hH*7*QWADBq8N>j7Up3EsLG`t
zwG8nZ+YbOo6u;!Kt*7o!#kV(jpL@Qxqt;uAbjMH{k0_DCMc7~lBnIFLH-d6R1)bz!
zj`FW-t$b91{XE&W3tJVIWi@LD&RtkK5|QbmaGQ00Cp6>#*`cU)$%E<?gQ}y|o)Uy#
z32h+SuUA@B6k3@woMtt=jj%|I_uj;}Q?*ASLMlihaeRJZ+fS6bKC!Eqv2@084~<29
zn2vJqE&FX_C}=y8`5uk;UL0VJiA!mEt_Wl$B}6B`YrI=!sdfAT!`hP4ZdkI^x03>o
zjp+Z)ah1QrAI}uVkA%G~(Vf8=`y#zm``2c6Xp+j4ghI+1z^=4Ssp9{X_SI2Qc3;~D
zA}BF{(hP%0h;%ndHz+xX3=PsDFf<4ZBPgMCBi)0fbPwGyltW2L*U<2d&+l8``@HM>
z>s{~t=U!)>b?$Tax$hm<wRd9}mJGP^lr8oSUrv9Nw;CaeTE&w!s94;#C|2+$On7+T
z*_eFOAKQGE+Ds~YN~#UmqzKMQE5yl(YzoJm;gEmYrn1h;0lzEB)?7LXVW9v@5t#eX
zG$MVUJ+@+bxJTf4X+>lz4TgQ)aV+$G&xe|{jAV!f0OLK9Qk<(1`4m>fJMxy}8J?D-
zf}ph&vS?A`;IWLKyIh!imz7iV>o<Lmx{oVfGj8S>^V!G@2xAw5bkJ3AO!!zq@+(IJ
zV9vr$E60L3-Ekqe&`u*$eFIi&tx155{wTdd^f;xYvXNO<vThHzTM_x7(N~P<Rfh(1
zFM9H~Csj?XvAZUk&qGLY3L4&>y`yI6-pzO8Wet^p?7O~VZ8J8FLfgG1-53@hedw;V
zo&_ezm$7-}EYaL7ls4?*o9}$1{ZMZNTg6(w%qc5=^9f(M%eCYTnQE7Sck-orz-bZG
z-p;-5CSPZ^$82{+yV3^l@yzCSRxpxinFKvv9I&CN==!T{MO4P#FNsPWbsO8BWiEHl
z?!S~4eCqfFnYe3GvD$CEK&r`go36B%(HI5eqpzxr?V^VHGq`GA*hkwQEm!hBm4cu8
zv-g-joaVd2t;GkLJIkdmXS2s=teUQU*%oL@HzzZNSapwlqP5CA2!bA42Ak3O5xfdN
z+~>YizLHXj8FzV%Te<IPRGZn&(D_<{p)w>;ZN=x#iPn2|X@QrnYhAMU8#4e=%_X^h
zD_cg&b^-TbewRO#%TeD(ZR~Hy#ERvN=jZ0OO%GIzY&I!fy9@*NpH1dKdJY0s@OVD<
z?g^XiRQb*p|J)l@(J@)Z9hmj`cnD2$6{#5vqY|+iY|judXaL9-Cr=*yCQVGIs1+m^
z?#$)z2=u5MeHl+52%XU1*8Qdf2+$v{jET^6+=mH>7AE0j^XZL}e_M+o>)&zC7G9fR
z_yHm%qZrVUZCT4&*AnnS*}E_n{EpQWezGVW<@UBAyWGMQ4xWw^0m@UdofiAO4Kar!
zTgj5`53*w^CKFrGaVTmr83&p}A>py<BU9p4H^AdC(|7rkZdaK@vuABGV!JotR4cgF
z^QAuCpgF^W`^$#r2@9heI#A|0Glg`U&@;og?MhLX{S5=sdv1G2#FNdVgDamYSpq!3
zeYB`7Pa^hAS9;>8GJ+qYrZ|{=ZpKE{lt)WT>m<b1pJ(UhRyJW3^6XDkC+Rx}JJ|I=
zpe90~5`lxJW+6s+0whM;+mQCX=(D_CiFP8PsV2GF(d;X^Wn$c65W%xUb<D_n!Njoo
zrI^N5>oAkCu_nkUCtT4WcU){e?cp=>bZyGcY;Q|)K=kHzP=x!C0VIPWFS2x1S?DbI
z)%>qspyKZn?%P_4>pzX%Ys=hBpd}{SZnWsMG4OlX#*gXa57A9&`$WWFN^?Dba^)RG
zA3s+!UTzVM+`NjFD0%yc&i$}XaL)v<snGNTM*z=huocUJEY8J2%8XB(Gku1^;KxZ9
zamfLOCow|lUTs7O)axVZZjte5ApM$&S71}FI#~50ukdKq;F45pPZwM8m}9P)0>6$w
zA6Xa~3ad5sK-8KlJ#mRj2G7ieozTeI9_o-<<>~F0%mUtWgzjBLlQt(0qVuGtPb?RE
z*@#|;>R<JJwwgvU4};WSF2tVX#&@j<@UL4}L--C!qmHT5pAvRZhuXRVeCqARw`$N6
z`yruFwN6h%k$6HfZ<EpD-KBc}&W=^uBV<HEZP)RtPaLI!xJ6UeQb%^*PrdlI7b9%U
zzZ6YEDV00rp2d>^C4DR)?&s0o$ZwYKY*H27Th&)KTw0Mtuqo3xN7aJ@zw{k~$DW*t
zboIB2)ey;5)06O9XF|I%VS!JIDg5TF^CcG*%W$tU-^79(Ge(gQSt1?5IJ@@;mYpK9
zG8Vf^A~e_cKZ{SIHk`zeGkQ@C*wFPdYx5_chQh6|-CHnS8PKIrv1WOk+?DpZ6atZ7
z!*u!++4~Bi-Aa51(MEC~`bi0yfDGB-VJrPek#Jh0$Y-4M5F;+1;PCTH^NSDjjA$>5
zmKFTgO1xsb5j@*~*9rvhx`4HpP(0WB5kPp!TsK9L`D_3QOtktFR0ys};AHl7h+_M$
zT^}`&_|uP<>TFwh>&|~Fw(--DWRkcQibMxV+?~(Ud(wZpHPdFo<aj<j-dijZ@$tP$
z<1MfxPGzN$t=1z?<~AaOQB5F9!nJPPCWtGtxqrX9j$CKBE+%@Zw|szVbgtiMxUq%5
zwX|K9YDgaHpyzRHtV{)tKZ)E7fp<W@Ysc=ah*}_eS`zzjxB4Wjq9uyFfz4rvu(L^m
zikRdj-%<|4<Z^w7Jbu`YDZrha<?*)Dx~bRn@e|}Fg-ZqeQ%IIZgK+BI`0j&@PeUI#
zrbuL$%-)3sn)XC9=;-PyhlV;FMORsWljUnMZ4=5!SWW7$2xJal&V9p8A~P)e8Iyy5
z^^%$XFemg>9EQ`Mcfc(`EVgBDl`tJKdsb2upR_{76Vvw9BlY4Wrhen5uM%cy0EoaV
zHyz#XvQ>bNH89fkw;&4eR%iN>!56f-;zn8GZCwd%s<`D0R-P0Y2e}tN71SJCow>=|
z_3j00%B9jYZ#*6b_wm3Y&dxw5#k>I9?)xu$dw2p3x(j@}AKRM2;v_WU{VRRn@n%-R
zCFqYVzW>yL?z#%FM=kjgY!>I*+(6aiLa9&&c|G%<)S){NnQCzn995RWC9|O*sQmBp
z2s(vC9nu5jRv(QX^rl<|abn2dZ|z&)BhM3)V>RI3mjVNKWz9&rw74uFP){wxL}hW?
zG3+@-6+*0B7QMZDM+l5)5f%PHCt2Qn{GIR>CfFmc>DJ1Da?6vM6sbX|l68-l%0Sok
zhqTLFKSw)aTvPDEnK)3%Os@OhP26`8aTgeswQsNNmdjOyign?$XDEp>W4~W>96w<d
z`$ER;HVO4kJZ`}L`&qZx6apPtlR=`OXGZOB(X=#cYeFfI$O;vN_5hEr>i2l`eozth
z*2}Y{)<N!1R;qE<i9y(KoOmY=NLq4zrgER#@7q&#-J$8WVDXSgVm%$zhzNyPmqy^I
zxAE))^4^NLe8M7~jwQCN2e+n)PstP=X&^bwpISR$3@cm)t(+^+`V{0-=K;tU((+CA
zZP?*+Iy@bAFj>1yk%T>=Cg9^8g+?Zr4bL$V*Me>ORgl5x+wO1FUvGyGMEFCtqFdVu
zWt)>Xx-HU+6`nS9>Snsn4w?~U;Uu;mz0edMt4x33(`oea{MKdr87w}apE%or_RXE(
zjZ%|xTOjJbplAgwJtIlB_J=-3po}G+-~w6RG#SDe*M<zp_(9ne!}74pnP$O^n9EAZ
z{LPo7upcBX@aC=@hR!m7|25-BZr=F`ZW*R8fXgJ#&`1`y+v~j?dv_qL_O+8*D#?~8
z&IGUIg9o%+Hg4h!A5<nuu9i$AuL0Jg%TovfqDG~}94!hyt<}gi@RUKZW@(DhuAV;r
znLL>`gQn|Z#$Ykfl{5dSeJr5ykD(BcV;7w*;VZbvm5lNU{H5@2Su91KBqWZ+Y_(31
zAV73w&K5T<YwV!XD|yC?)i9;0B)1Smjv{(p&ZVKv_r6s8xM+&uv$}rzPzaZGgRAMQ
zZA23Up~`DG+3}TEdy?s<xKfvHVh`$y^+4kasrx%-3dK7-kqtvfY4cTChNxm8O$*ea
zsPWRM4w>|{51c6~7HZ*GS4O@-*^-Fr`pthu`@{^yajl`XEaZ5wI<$54@X3_-Z+{t9
z>77M4+RgB{5}FETk<A0eEp7Mt#yI>$nB5QW6CL!(HsU|l*gqRwuiN8v`)%$57Qk3F
z(?9cS+t-|U{$huBUrwQXan-}X_xm2hR}y0CjxDVVqwROa5l55lW>h5zo7(;=@iLsa
zu8Q@e#BT?E4ba1}Q`=8@wwQt`Zu%=Z^Y$p;77-N9iI>wQ8=3x*issoe!6dz4b2%t6
z4*ENc%z;!J8;!}n+jbH_x6pCA?fsd^S<RK8JS`c>LrIvgo4d7fixJ!PNf|$KaEk~f
zEYth2H)}#CN6Bn7Z2)Sk(r0(i#()!B$=r#38bG!HH$0cPHomWWkU7Owa2<=nj_ii|
zig__uOPbr{?6NAzQsqOzk2*CYvOP9D-oZb0zLaI>M8vgbHQYrW{KFHW+}=SfekO2g
z;18?=q-#d#f+cp?d3o@LjJlF1DEbLctS<=BrcB4acOSK~ytM>BDqX%XH=tW4sesjT
z?i5>Pn@?W{3H0_gJj$Z!=gVlZKDfZt2uI#k*HT?Lwj31*-6E=ZAbZ(ZZt7m)S=F>u
z*Ky=Iv&=s``1#Up+e9TtzWVm--nfnzajAwL5@9rC6nS61Wq$BF*#902o+#$+*lRy1
zhr;f+H<c^YtHvD|Lx|l@xAQq6?J0QR1lZvcZ6g+PVCnmA^~>*-T6T5aZ=T$#=>RKT
z^oG~V)NF2}hPUx~Bh2YG50>EKi93E|5eBJyj)p#^L&{RSNQ=u6GQ7<M(dj~dYPN5w
zscJtTJftDLH?N{jBRvC7x|=>JEEXSAhzb)hY$2}n;7Pix+E@@;G|B!)nXP*?Qa<~a
zztmi|4sflqi*R+R>$>a&w|d3a)K)Egk&7P+D8&zZeK;rU)e<S;7+kPlk`ap>@f)?;
znO7*Mjj}dx!&bMf@iE3ThtoO;PhC^~30}c9uECYf-g)o-`ue=y3urdj<V)aY4raQK
zbg$PmaalEu^w9pC4FQ?`Y&yB}SwgGs)*W8X+|g(M6`Zu23_po`y2Wnj^-J+7bKurF
z56vmnpSw=)R7)4X(mnY&t?96t8=pR{CV5Q9tbT5X?LXU)WJVWOeHpPLcYPAoa@i=q
zTFaw78~93c;r2i?R|w1tLv);9qk%48m^^pw4-F-*Gg~D48tk1KGJ`-tUXMR|yqGTr
zl+fV4Ug;Mt2G&Kk)Le+IasAR4OIEcjN>ish;uIPYH5I09M?p$h{R?sLO+aol_XxI0
z^wO30`l?){&P#(F*k5UQvMg@#bu1x0hM&sK0iHL@eZoX=pmn>RP55^)@>Wvv?_1zN
z*8J(ze1ljtE?otW%oY(Ne%tSCKUMU+*AV|s`7~uCUwi@yd3T*Uwrt^$<q^OF(yQvV
z<5L{W&g)ym)E^z`mwAd_6!qS?rU#zL$a*O?iSX^aY6Vf6v5{!gbgLd$)e213){#T2
zVM#^SZm0TWr(Qm_e3^$O>}<(rag;B)Vl1mgtf06$Wu8_>iY2-@A25dgn!+%#x4MBx
z&jZYgI4m#3P#MCnZib2!wNVG21CaU_55YLJ4*2gz@I^NYQ&eQCgWcKze%3DCo`Sj>
znMh~)2zT+jL`oa8<R2fjrd7h{vY8^4nNOZ1PlCv|zK>0G67E6d-$!jJQ-wta3Y_B!
z9RHd>6b&nb{o3k_Pt#2s%N(lL$mh@d#%0z6M)&H+_TvX(SU{&PmwedktmOmp)14Mm
zznpxscRaP*aT$NS%NjMFEdnDAF#8p8CnOt=9NHRB?&`8oS<h8V-j}KQDY)&|>E3Cm
zc!y^?w{U!}>+wuIbq`o3(*bAEuhWlx>Hw#{@!^jZlHR9(p;W~8FxS;O7*|1X&EX+%
zM`B=LHOnYAY71T+85k2_C%L<I1m&eHS7GP~EDdJ0rX#&q2XR?gzUlh^X5zXB@YHqs
z{brrOs#d?$M^EJJ@C(G%eb~0DN)L-h3dDy$<TbHy{rE2=k+&cgizLx-n|t#AU_e;@
zTH;@-N=z^QzhoOTScnp4`zB%PU!)n3$zO(y0yE3MuuPfOWYOU1|C*Bc-kH~EpG$4D
z`c&}o;+VDvf|iJUx!W-O2d#$Y=E+pGws`bEY_GdmBvU=zT{v<~TZ&nAmL06tICtXM
zPaTr+L+*A(vh^Coj3t8r?ruhX&iQ8z-jsKtz`2!Lgb!tn<BZY#!#euTkU%NylCEQ7
zKK#W+NfR>$n%ZF-*M8t>@^1GJ=bdRH7MRVL&QG=?e&O^Qt-vA_W5PR8?3#bP15_RH
ze3H)$sQD9Jewn5FpjY|VSL`-8&XkU^{xjDij;|N}Fr|?OnKx==AL>^50L`732o&ax
zQg~jqyZ(F+o4DOt+s!%fZHjZljEqU`yhhQI+v%;MdCLlBL}~j7P?6ZAxPh~f^`MLB
z-{?8gQl64VuA#hYt!!oQtm1uK_|b{)7i<cvU}r+fE_=IqH%uYvc@~m1TA5#>W-E8;
z?|B5R;Tv6>OHl(H@=m;#2CW^#XzQZ^KTu&>cnP^30q;6Nm@+zTnG>T0RPFPs!l{Hv
z)~qU<m)8iXWRHZ9q94Aw)vM1IOQ>qLp15$x8;43CVGmYtSjqLDGxTN;@=|=FCF(=(
zbTuP4v#LNn)2|jF(iqsyH1)>+OHlJ1jXalw%JJe+ewO9&eylj}=GOazW*hG-)N^-Q
zW6m@*WAW^Z!b$C1dBsUVWTrtiM~LkonI0=AfJhG|g`wiDBxe{iGfK-UDQ4Fo=KG(V
z@yT&I#V2Fzn3Arr$=6neG3nDIZ$F_U6yrx|F&mc7Hw-R%Mb$7Zy-?-q&CmtX%`m^$
z{1VmSYwE0-JM2@thUkQ$r7O3vxUp7)mkyi++17&0W90s!@4O6nvizDDOJa3_D&+`+
zD;}|MNeK>BI>j$iQf^$=?v{{Qz2AU<KY>xVoN8QIicx*p&cSJt{qU@O6wByiKDSt?
z97aEKFiYr0DU<P1M?mGW6!aOG;vJ36I;dQH+0|8@3zyxjaBq6AS@@~-_upIwrQ_Q=
zbXlZCm0%JkKBXX>s<p`8+iG_M5J6!V_v(i1o;o0!VVilehv6TU(qxGyx6JjwqUZwF
zbmGx8d0hD?_s9+~SxGR3%^7ILjX1EQ=XW}9;wB<Ojl>@}i?DZc)6(=`LI%*P5gJZc
zo>Ig<9YtWdcH305AALW|NzYp(V+5Iu+!;>z`G;g~6J53F>dkcU2i3Wl7$57w=d%vT
zy^}&ION3BVCsNGS$rt;AaxXer#x#IhS%;~e<<rB<$7FT80V%QNICGI^WM4FkvTn^s
z!)q8l4w!)oQESi<OOY6UP`8>U0v?Pgtq}B0`;K-e%pU$j-F%ZWQ=a@R>E#V4wQ&(_
zm*M+TS4a|A?(NU!=CSYU?nOi2z7>mfW~zKTVXT7~i#WEBMhSi4$l=3{(|&+@(C%vV
zhT}To!3#CAFRZn*;5|d~9Wxma;NEf&K}h`Xr+;yZ$0qk!5MjjV9}6>=?&r(=$!+LT
zYwO=*h3u{Ab0dqPSLscWp5+@Ivh|_11{BLXEpy(Z;q!PI$AV9VVMxd&WBPx^DsL6M
z><sp48%((AVz7uT)&z-g^0@Wl0m|7vbhAovIy-y4q_AZMsSY4D*}<B`{owSyh4rg=
za`RP#F4E+&T0=U?+4Bo3$R#Iv6hil5`=)x?5#PAmi=eJOHOJy#h1;OMW;Bf|#G;#x
z;a#5@wPm@mQxs`{TZ{Vy9okSm=lej(BSwztrxEIw<xZdS69P1IPBqbr9b^NsKx->U
zzxThXeBuI|+`-}0?Kd{o_SyUnG9+?q?=y(=M9b#%x6ebIHLW?XztcHLX<3?ZS&5&%
zm3WFkQsO%O!GHWvyAZ61JJobMJKxXrTo?CT6R#>TP*wWR2T_0X>cyDC2catDe^n4m
zfA+@#Ih(YIt}vj)LLtw5p7B@|QNcn@r7V!FcV{vlq=ZTs)n26*Sst7}a(Q@w*AZP)
zYgu_mR^)9s?Z@$rMynQ^$HePvui1T8uVyqavtyy1F3=YYYq-v-49xkh!SHKZAQ3QS
z!-laj_-vd2IGiAO@?Gi(AQ-awZJek;mgcZyGnuJ*&K<{xi)#t0FbJBTfAG89m($+O
zC6P25;1*;^PONM<fQe1CA@HHT<cspGMUEfGvL$zRT%Q%M)QxF+BI{wx)o$!p)sSu4
zZldGauPxSO&iG2T(Aji#IYX|$uL-y(i4XDs;5t#+JC}6aH?SIQ=%gAWUeD5j_qecU
znmlA9v{g7*uH^I6m^@22$D=n&D>)QA$ymEPVO-sK>U{OAbLG~flcX_buR?Knu7o{v
zen)l4b7lHjJ!;dXQ_`LV`ATEibSdB#9YOADWcDbc3(X$QfB~>TSBc;Ar-mN);E;zg
z_TzPQBP*>vEFE)17p~bBEab-}$@7xm1En1nc5{|~0e7G{K7>t!VjOW{=!$`uFQFy@
zkuxC-oTL?z6alD=%N{lDi;0mL**+cNwiY24Eh=PcIDSwKsWX004f*r+|NNY#PniSj
zTCjflNL8$@_hqL&kl7tCKF(Nn9In{8@4<^CZ1?Z=BzVW@QNgH2W?~LK&m842lCdF)
zki}C{-#4YljNd3Rfw*X2tMsx1qqg)5#bZxPcV+#&mI=&2#D|D|lu!0M+1ZB%2!?n>
zeAsjc6n@+E4KpeZ42LPYiSRw1ID{5ZRU+u6F78~r$&y}o-kTFE?WU@PpY`rpSr@5F
z%b6zzSifg&>g36U>t1t6eXfZUWxm6ZPTH|&CX*?FWy{(Vhrju!gg|BrDV__NUy>zr
zy|pf+{(4`Adax2f;snoHx<m;#hUr;9ned2Iq>VSp@}7z)K6<wCJ~FCv|M)dMk;79a
zf|m9w@QmQPBo4{;i*%;ziK<}RGjcPc^AjVd9$g3C2uzX2;_ahi!oE2;)mp>!7Tj<8
z;dYmrX*qhP@n%(IyIK~!=Q=BtG}<>VBv=8<%bO_Zm4!?Bu0#o=5c{gz)s4|C9Ry3t
z;)UX$3GQz8^J};dT?kbT$IzgM8=#m=Y0UnzHy|4Q-i}yQPK24yl$XG&uA}1|G+foq
zeJi^?D)0N}3|;+)*d>|xc5JRgd%M{2D>IIv3MdEi$K*t*0JT+EHbf$Y?G%9Zt|Dg~
zI5>JFAhxr2`i5M^Nq*+{*I<?VSB5m!>o~k2K6J#O6ulC5P72P!vi+Nqz~xX%G51l>
zs@FI#XpQ7McVbD?R!Ej9oCh*B!2>y;6C?a)!ySWnP=Go##8xcN?#ipFDgU}aJ&o2)
zIK*P&AsJMh5Dz%cD~~qLIJSTEYc?uyX!ravum0x`S4EFtc0Bf5j-^kZ?^;%!dibDv
zGoW%!DWX&89b09un?LuNOIMfuq^fd&U-Q?oRR%ECZ6+W*rIb?B-r)3LX+yUE+)j{5
z4_G6<3d~7Kaqygg{m(DMyUT1!g0pF@$@gPyl^Hw5Jz|&qu}qg6ybTy3jl$^YXxWlo
z02R}_|FGHXg@OvyxuP3T_^O+5C;?g$X>S{lj;xuYKE1p9kcVM0Dv*<rF*rOtyz_D+
zD*FFgka%~^N3FsyFT{B*xiEmQ5;^B%YRq?*;5SIWz{^)^cxQ|z2t&Gl?z4W-=6{Ug
z5jQ+({!Xr+_3Qiwf7dQujQ7E4U#_@_k>$UE|8c~yhIJcS_KnnkKC}OD!Evat!dFua
zZ|MFl{GW_OX;RheS4sHyjWmhR{5Puph9r)7KuS^CY}~iBNew1to_`tdfO~BU(lA7D
ysbY@gzr=X1SX()`F*wKj-$KE^!vD?4TjExI@&?foIQJdwqb#o>S0-cf@&5p9^S`A4

literal 0
HcmV?d00001

diff --git a/docs/prometheus-exporter.md b/docs/prometheus-exporter.md
index c7bd1bfdd..07a232d72 100644
--- a/docs/prometheus-exporter.md
+++ b/docs/prometheus-exporter.md
@@ -11,12 +11,12 @@
 The Prometheus exporter is responsible for:
 
 - formatting metrics into the Prometheus [line protocol](https://prometheus.io/docs/instrumenting/exposition_formats/)
-- creating a web-endpoint on `http://<ADDR>:<PORT>/metrics` for Prometheus to scrape
+- creating a web-endpoint on `http://<ADDR>:<PORT>/metrics` (or `https:` if TLS is enabled) for Prometheus to scrape
 
 A web end-point is required because Prometheus scrapes Harvest by polling that end-point.
 
 In addition to the `/metrics` end-point, the Prometheus exporter also serves an overview of all metrics and collectors
-available on its root address `http://<ADDR>:<PORT>/`.
+available on its root address `scheme://<ADDR>:<PORT>/`.
 
 Because Prometheus polls Harvest, don't forget
 to [update your Prometheus configuration](#configure-prometheus-to-scrape-harvest-pollers) and tell Prometheus how to
@@ -33,17 +33,19 @@ All parameters of the exporter are defined in the `Exporters` section of `harves
 
 An overview of all parameters:
 
-| parameter           | type                                           | description                                                                                                                                                                                                     | default   |
-|---------------------|------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|
-| `port_range`        | int-int (range), overrides `port` if specified | lower port to upper port (inclusive) of the HTTP end-point to create when a poller specifies this exporter. Starting at lower port, each free port will be tried sequentially up to the upper port.             |           |
-| `port`              | int, required if port_range is not specified   | port of the HTTP end-point                                                                                                                                                                                      |           |
-| `local_http_addr`   | string, optional                               | address of the HTTP server Harvest starts for Prometheus to scrape:<br />use `localhost` to serve only on the local machine<br />use `0.0.0.0` (default) if Prometheus is scrapping from another machine        | `0.0.0.0` |
-| `global_prefix`     | string, optional                               | add a prefix to all metrics (e.g. `netapp_`)                                                                                                                                                                    |           |
-| `allow_addrs`       | list of strings, optional                      | allow access only if host matches any of the provided addresses                                                                                                                                                 |           |
-| `allow_addrs_regex` | list of strings, optional                      | allow access only if host address matches at least one of the regular expressions                                                                                                                               |           |
-| `cache_max_keep`    | string (Go duration format), optional          | maximum amount of time metrics are cached (in case Prometheus does not timely collect the metrics)                                                                                                              | `300s`    |
-| `add_meta_tags`     | bool, optional                                 | add `HELP` and `TYPE` [metatags](https://prometheus.io/docs/instrumenting/exposition_formats/#comments-help-text-and-type-information) to metrics (currently no useful information, but required by some tools) | `false`   |
-| `sort_labels`       | bool, optional                                 | sort metric labels before exporting. Some [open-metrics scrapers report](https://github.com/NetApp/harvest/issues/756) stale metrics when labels are not sorted.                                                | `false`   |
+| parameter                   | type                                           | description                                                                                                                                                                                                                   | default                                                                                                                                        |
+|-----------------------------|------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------|
+| `port_range`                | int-int (range), overrides `port` if specified | lower port to upper port (inclusive) of the HTTP end-point to create when a poller specifies this exporter. Starting at lower port, each free port will be tried sequentially up to the upper port.                           |                                                                                                                                                |
+| `port`                      | int, required if port_range is not specified   | port of the HTTP end-point                                                                                                                                                                                                    |                                                                                                                                                |
+| `local_http_addr`           | string, optional                               | address of the HTTP server Harvest starts for Prometheus to scrape:<br />use `localhost` to serve only on the local machine<br />use `0.0.0.0` (default) if Prometheus is scrapping from another machine                      | `0.0.0.0`                                                                                                                                      |
+| `global_prefix`             | string, optional                               | add a prefix to all metrics (e.g. `netapp_`)                                                                                                                                                                                  |                                                                                                                                                |
+| `allow_addrs`               | list of strings, optional                      | allow access only if host matches any of the provided addresses                                                                                                                                                               |                                                                                                                                                |
+| `allow_addrs_regex`         | list of strings, optional                      | allow access only if host address matches at least one of the regular expressions                                                                                                                                             |                                                                                                                                                |
+| `cache_max_keep`            | string (Go duration format), optional          | maximum amount of time metrics are cached (in case Prometheus does not timely collect the metrics)                                                                                                                            | `300s`                                                                                                                                         |
+| `add_meta_tags`             | bool, optional                                 | add `HELP` and `TYPE` [metatags](https://prometheus.io/docs/instrumenting/exposition_formats/#comments-help-text-and-type-information) to metrics (currently no useful information, but required by some tools)               | `false`                                                                                                                                        |
+| `sort_labels`               | bool, optional                                 | sort metric labels before exporting. Some [open-metrics scrapers report](https://github.com/NetApp/harvest/issues/756) stale metrics when labels are not sorted.                                                              | `false`                                                                                                                                        |
+| `tls`                       | `tls`                                          | optional                                                                                                                                                                                                                      | If present, enables TLS transport. If running in a container, see [note](https://github.com/NetApp/harvest/issues/672#issuecomment-1036338589) |         
+| tls `cert_file`, `key_file` | **required** child of `tls`                    | Relative or absolute path to TLS certificate and key file. TLS 1.3 certificates required.<br />FIPS complaint P-256 TLS 1.3 certificates can be created with `bin/harvest admin tls create server`, `openssl`, `mkcert`, etc. |                                                                                                                                                |
 
 A few examples:
 
@@ -297,7 +299,100 @@ Harvest machine. Also note the scrape interval above is set to 60s. That matches
 Harvest collectors. If you change the polling frequency of a Harvest collector to a lower value, you should also change
 the scrape interval.
 
-# Prometheus Alerts
+## Prometheus Exporter and TLS
+
+The Harvest Prometheus exporter can be configured to serve its metrics via `HTTPS` by configuring the `tls` section in
+the `Exporters` section of `harvest.yml`.
+
+Let's walk through an example of how to set up Harvest's Prometheus exporter and how to configure Prometheus to use TLS.
+
+### Generate TLS Certificates
+
+We'll use Harvest's admin command line tool to create a self-signed TLS certificate key/pair for the exporter and Prometheus.
+Note: If running in a container, see [note](https://github.com/NetApp/harvest/issues/672#issuecomment-1036338589).
+
+```bash
+cd $Harvest_Install_Directory
+bin/harvest admin tls create server
+2023/06/23 09:39:48 wrote cert/admin-cert.pem
+2023/06/23 09:39:48 wrote cert/admin-key.pem
+```
+
+Two files are created. Since we want to use these certificates for our Prometheus exporter, let's rename them to make that clearer.
+
+```bash
+mv cert/admin-cert.pem cert/prom-cert.pem
+mv cert/admin-key.pem cert/prom-key.pem
+```
+
+### Configure Harvest Prometheus Exporter to use TLS
+
+Edit your `harvest.yml` and add a TLS section to your exporter block like this:
+
+```yaml
+Exporters:
+    my-exporter:
+        local_http_addr: localhost
+        exporter: Prometheus
+        port: 16001
+        tls:
+            cert_file: cert/prom-cert.pem
+            key_file: cert/prom-key.pem
+```
+
+Update one of your Pollers to use this exporter and start the poller.
+
+```yaml
+Pollers:
+    my-cluster:
+        datacenter: dc-1
+        addr: 10.193.48.11
+        exporters:
+            - my-exporter     # Use TLS exporter we created above
+```
+
+When the poller is started, it will log whether `https` or `http` is being used as part of the `url` like so:
+
+```bash
+bin/harvest start -f my-cluster
+2023-06-23T10:02:03-04:00 INF prometheus/httpd.go:40 > server listen Poller=my-cluster exporter=my-exporter url=https://localhost:16001/metrics
+```
+
+If the `url` schema is `https`, TLS is being used.
+
+You can use curl to scrape the Prometheus exporter and verify that TLS is being used like so:
+
+```bash
+curl --cacert cert/prom-cert.pem https://localhost:16001/metrics
+
+# or use --insecure to tell curl to skip certificate validation
+# curl --insecure cert/prom-cert.pem https://localhost:16001/metrics  
+```
+
+### Configure Prometheus to use TLS
+
+Let's configure Prometheus to use `HTTPs` to communicate with the exporter setup above.
+
+Edit your `prometheus.yml` and add or adapt your `scrape_configs` job. You need to add `scheme: https` and setup a `tls_config`
+block to point to the earlier created `prom-cert.pem` like so:
+
+```yaml
+scrape_configs:
+  - job_name: 'harvest-https'
+    scheme: https
+    tls_config:
+      ca_file: /path/to/prom-cert.pem
+    static_configs:
+    - targets:
+        - 'localhost:16001'
+```
+
+Start Prometheus and visit http://localhost:9090/targets with your browser. 
+You should see https://localhost:16001/metrics in the list of targets. 
+
+![Prometheus Targets](assets/prometheus/PrometheusTLS.png)
+
+## Prometheus Alerts
 
 Prometheus includes out-of-the-box support for simple alerting. Alert rules are configured in your `prometheus.yml`
 file. Setup and details can be found in the Prometheus
@@ -308,7 +403,7 @@ and [sample alerts](https://github.com/NetApp/harvest/blob/main/container/promet
 Refer [EMS Collector](https://github.com/NetApp/harvest/blob/main/cmd/collectors/ems/README.md) for more details about
 EMS events.
 
-## Alertmanager
+### Alertmanager
 
 Prometheus's builtin alerts are good for simple workflows. They do a nice job telling you what's happening at the
 moment.
diff --git a/harvest.cue b/harvest.cue
index da2758d52..d678de2e8 100644
--- a/harvest.cue
+++ b/harvest.cue
@@ -4,35 +4,55 @@ Exporters: [Name=_]: #Prom | #Influx
 
 label: [string]: string
 
+#Auth: {
+	username: string
+	password: string
+}
+
+#HTTPSD: {
+	listen:        string
+	auth_basic?:   #Auth
+	tls?:          #TLS
+	heart_beat?:   string
+	expire_after?: string
+}
+
+#TLS: {
+	cert_file: string
+	key_file:  string
+}
+
 #Admin: {
-	addr?: string
+	addr?:   string
+	httpsd?: #HTTPSD
 }
 
 #Prom: {
 	add_meta_tags?: bool
-	addr?:            string // deprecated
+	addr?:          string // deprecated
 	allow_addrs_regex?: [...string]
 	exporter:         "Prometheus"
 	local_http_addr?: "0.0.0.0" | "localhost" | "127.0.0.1"
 	port?:            int
 	port_range?:      string
-	sort_labels?: bool
+	sort_labels?:     bool
+	tls?:             #TLS
 }
 
 #Influx: {
-	addr?:    string // one of addr|url
+	addr?: string // one of addr|url
 	allow_addrs_regex: [...string]
-	bucket?:   string
+	bucket?:  string
 	exporter: "InfluxDB"
-	org?:      string
+	org?:     string
 	token?:   string
 	url?:     string
 }
 
 #CredentialsScript: {
-    path: string
-    schedule?: string
-    timeout?: string
+	path:      string
+	schedule?: string
+	timeout?:  string
 }
 
 #CollectorDef: {
@@ -46,20 +66,20 @@ Pollers: [Name=_]: #Poller
 	auth_style?:         "basic_auth" | "certificate_auth"
 	client_timeout?:     string
 	collectors?:         [...#CollectorDef] | [...string]
-    credentials_file?:   string
+	credentials_file?:   string
 	credentials_script?: #CredentialsScript
 	datacenter?:         string
 	exporters: [...string]
-	is_kfs?:             bool
+	is_kfs?: bool
 	labels?: [...label]
 	log: [...string]
-	log_max_bytes?:      int
-	log_max_files?:      int
-	password?:           string
-	prefer_zapi?:        bool
-	ssl_cert?:           string
-	ssl_key?:            string
-	tls_min_version?:    string
-	use_insecure_tls?:   bool
-	username?:           string
+	log_max_bytes?:    int
+	log_max_files?:    int
+	password?:         string
+	prefer_zapi?:      bool
+	ssl_cert?:         string
+	ssl_key?:          string
+	tls_min_version?:  string
+	use_insecure_tls?: bool
+	username?:         string
 }
diff --git a/pkg/conf/conf.go b/pkg/conf/conf.go
index 1efb1f078..78d386aa2 100644
--- a/pkg/conf/conf.go
+++ b/pkg/conf/conf.go
@@ -504,6 +504,7 @@ type Exporter struct {
 	// Prometheus specific
 	HeartBeatURL string `yaml:"heart_beat_url,omitempty"`
 	SortLabels   bool   `yaml:"sort_labels,omitempty"`
+	TLS          TLS    `yaml:"tls,omitempty"`
 
 	// InfluxDB specific
 	Bucket        *string `yaml:"bucket,omitempty"`

From 4659365e15af71f05cfb1c61dcd03254d155c433 Mon Sep 17 00:00:00 2001
From: Chris Grindstaff <chris@gstaff.org>
Date: Fri, 23 Jun 2023 15:26:07 -0400
Subject: [PATCH 2/2] feat: Harvest Prometheus exporter should support TLS

Fixes: #2070
---
 docs/prometheus-exporter.md | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/docs/prometheus-exporter.md b/docs/prometheus-exporter.md
index 07a232d72..90cc14d0a 100644
--- a/docs/prometheus-exporter.md
+++ b/docs/prometheus-exporter.md
@@ -331,24 +331,24 @@ Edit your `harvest.yml` and add a TLS section to your exporter block like this:
 
 ```yaml
 Exporters:
-    my-exporter:
-        local_http_addr: localhost
-        exporter: Prometheus
-        port: 16001
-        tls:
-            cert_file: cert/prom-cert.pem
-            key_file: cert/prom-key.pem
+  my-exporter:
+    local_http_addr: localhost
+    exporter: Prometheus
+    port: 16001
+    tls:
+      cert_file: cert/prom-cert.pem
+      key_file: cert/prom-key.pem
 ```
 
 Update one of your Pollers to use this exporter and start the poller.
 
 ```yaml
 Pollers:
-    my-cluster:
-        datacenter: dc-1
-        addr: 10.193.48.11
-        exporters:
-            - my-exporter     # Use TLS exporter we created above
+  my-cluster:
+    datacenter: dc-1
+    addr: 10.193.48.11
+    exporters:
+      - my-exporter     # Use TLS exporter we created above
 ```
 
 When the poller is started, it will log whether `https` or `http` is being used as part of the `url` like so: