From b6e8a1614b41cb4baaf540385a26dbe4844a2792 Mon Sep 17 00:00:00 2001 From: m3tam3re Date: Fri, 18 Apr 2025 15:59:06 +0200 Subject: [PATCH] traefik domain redirects --- .../m3-atlas/services/containers/baserow.nix | 11 +++++- hosts/m3-atlas/services/containers/ghost.nix | 25 +++++++++---- .../services/containers/restreamer.nix | 2 +- hosts/m3-atlas/services/gitea.nix | 13 +++++-- hosts/m3-atlas/services/n8n.nix | 8 +++-- hosts/m3-atlas/services/searx.nix | 11 +++++- hosts/m3-atlas/services/traefik.nix | 33 +++++++++++++++++- hosts/m3-atlas/services/wastebin.nix | 13 +++++-- secrets/baserow-env.age | Bin 1631 -> 1627 bytes secrets/ghost-env.age | Bin 1596 -> 1588 bytes secrets/n8n-env.age | Bin 1549 -> 1545 bytes 11 files changed, 98 insertions(+), 18 deletions(-) diff --git a/hosts/m3-atlas/services/containers/baserow.nix b/hosts/m3-atlas/services/containers/baserow.nix index 02bf0af..2868160 100644 --- a/hosts/m3-atlas/services/containers/baserow.nix +++ b/hosts/m3-atlas/services/containers/baserow.nix @@ -15,12 +15,21 @@ ]; routers.baserow = { - rule = "Host(`br.m3tam3re.com`)"; + rule = "Host(`br.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "baserow"; entrypoints = "websecure"; }; + routers.baserow-old = { + rule = "Host(`br.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "baserow"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/containers/ghost.nix b/hosts/m3-atlas/services/containers/ghost.nix index 3d64cb3..166a21a 100644 --- a/hosts/m3-atlas/services/containers/ghost.nix +++ b/hosts/m3-atlas/services/containers/ghost.nix @@ -13,14 +13,25 @@ url = "http://localhost:3002/"; } ]; - - routers.ghost = { - rule = "Host(`www.m3tam3re.com`)"; - tls = { - certResolver = "godaddy"; + routers = { + ghost = { + rule = "Host(`m3ta.dev`)"; + tls = { + certResolver = "godaddy"; + }; + service = "ghost"; + entrypoints = "websecure"; + middlewares = ["strip-www"]; + }; + ghost-old = { + rule = "Host(`www.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "ghost"; + entrypoints = "websecure"; + middlewares = ["domain-redirect"]; }; - service = "ghost"; - entrypoints = "websecure"; }; }; } diff --git a/hosts/m3-atlas/services/containers/restreamer.nix b/hosts/m3-atlas/services/containers/restreamer.nix index 640462b..960c098 100644 --- a/hosts/m3-atlas/services/containers/restreamer.nix +++ b/hosts/m3-atlas/services/containers/restreamer.nix @@ -25,7 +25,7 @@ ]; routers.restreamer = { - rule = "Host(`stream.m3tam3re.com`)"; + rule = "Host(`stream.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; diff --git a/hosts/m3-atlas/services/gitea.nix b/hosts/m3-atlas/services/gitea.nix index 7a2f218..0736079 100644 --- a/hosts/m3-atlas/services/gitea.nix +++ b/hosts/m3-atlas/services/gitea.nix @@ -2,7 +2,7 @@ services.gitea = { enable = true; settings = { - server.ROOT_URL = "https://code.m3tam3re.com"; + server.ROOT_URL = "https://code.m3ta.dev"; service.DISABLE_REGISTRATION = true; }; lfs.enable = true; @@ -22,12 +22,21 @@ ]; routers.gitea = { - rule = "Host(`code.m3tam3re.com`)"; + rule = "Host(`code.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "gitea"; entrypoints = "websecure"; }; + routers.gitea-old = { + rule = "Host(`code.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "gitea"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/n8n.nix b/hosts/m3-atlas/services/n8n.nix index 6d49c69..af10765 100644 --- a/hosts/m3-atlas/services/n8n.nix +++ b/hosts/m3-atlas/services/n8n.nix @@ -1,9 +1,11 @@ -{ +{config, ...}: { services.n8n = { enable = true; webhookUrl = "https://wf.m3tam3re.com"; }; - + systemd.services.n8n.serviceConfig = { + EnvironmentFile = ["${config.age.secrets.n8n-env.path}"]; + }; # Traefik configuration specific to n8n services.traefik.dynamicConfigOptions.http = { services.n8n.loadBalancer.servers = [ @@ -13,7 +15,7 @@ ]; routers.n8n = { - rule = "Host(`wf.m3tam3re.com`)"; + rule = "Host(`wf.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; diff --git a/hosts/m3-atlas/services/searx.nix b/hosts/m3-atlas/services/searx.nix index 6600c50..8998eb9 100644 --- a/hosts/m3-atlas/services/searx.nix +++ b/hosts/m3-atlas/services/searx.nix @@ -17,12 +17,21 @@ ]; routers.searx = { - rule = "Host(`search.m3tam3re.com`)"; + rule = "Host(`search.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "searx"; entrypoints = "websecure"; }; + routers.searx-old = { + rule = "Host(`search.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "searx"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/traefik.nix b/hosts/m3-atlas/services/traefik.nix index d25de91..acb312d 100644 --- a/hosts/m3-atlas/services/traefik.nix +++ b/hosts/m3-atlas/services/traefik.nix @@ -12,7 +12,10 @@ dnsChallenge = { provider = "godaddy"; resolvers = ["1.1.1.1:53" "8.8.8.8:53"]; - propagation.delayBeforeChecks = 120; + propagation = { + delayBeforeChecks = 60; + disableChecks = true; + }; }; }; }; @@ -39,7 +42,35 @@ }; dynamicConfigOptions = { http = { + services = { + dummy = { + loadBalancer.servers = [ + {url = "http://192.168.0.1";} # Diese URL wird nie verwendet + ]; + }; + }; middlewares = { + domain-redirect = { + redirectRegex = { + regex = "^https://www\\.m3tam3re\\.com(.*)"; + replacement = "https://m3ta.dev$1"; + permanent = true; + }; + }; + strip-www = { + redirectRegex = { + regex = "^https://www\\.(.+)"; + replacement = "https://$1"; + permanent = true; + }; + }; + subdomain-redirect = { + redirectRegex = { + regex = "^https://([a-zA-Z0-9-]+)\\.m3tam3re\\.com(.*)"; + replacement = "https://$1.m3ta.dev$2"; + permanent = true; + }; + }; auth = { basicAuth = { users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."]; diff --git a/hosts/m3-atlas/services/wastebin.nix b/hosts/m3-atlas/services/wastebin.nix index c67f619..aa69217 100644 --- a/hosts/m3-atlas/services/wastebin.nix +++ b/hosts/m3-atlas/services/wastebin.nix @@ -3,7 +3,7 @@ enable = true; settings = { WASTEBIN_TITLE = "m3tam3re's wastebin"; - WASTEBIN_BASE_URL = "https://bin.m3tam3re.com"; + WASTEBIN_BASE_URL = "https://bin.m3ta.dev"; WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003"; WASTEBIN_MAX_BODY_SIZE = 1048576; }; @@ -17,12 +17,21 @@ ]; routers.wastebin = { - rule = "Host(`bin.m3tam3re.com`)"; + rule = "Host(`bin.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "wastebin"; entrypoints = "websecure"; }; + routers.wastebin-old = { + rule = "Host(`bin.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "wastebin"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/secrets/baserow-env.age b/secrets/baserow-env.age index 5a3103117bf7608464a09ab0e657cdacbb0d2b92..4286dec29185844d44cd5ad005f42884f1327084 100644 GIT binary patch delta 1563 zcmcc5bDL*^PJK~CNkvYOdy#iWVYp#NPIgjhwpmGGNThzGb8up*d9tCUp?0`OdA>na zAXiv%dbpcMrbn)ealS`zSVTm5xu1K6Uy+5UU#L@VSxA*dX^B&QX^>M+HkYoQLUD11 zZfc5=si~o*f@yYnaNI`Nzd9b&SQBb9k zesD#8pqFDHS7Je+zHxA&dqsAIg{x_SPf~$%ScpfynWM3VwzhFnL4H)8Q;CaNS+cX| z#E;_P#!)3^9;U%=uDOYprmoIDMd@Xxg-QAOx#0m-1wO$^sXm#x`I*j6#<`JP9#sYT z9)T|DnV#9fp8266CF#CSCH~I(UWu+|2BBGDLBVE8z9#wE0g0iL;~B;4lapP%3X3h= zN*wh)Q!U(G!yHYsvUBxQ%0tXOgNi&-!i}p;vdXo!^PF6{+=KI7vK>o3UCaEP1KcCC z!veh=lRW%V^xgb(%nc1qe8W;xEc6SavPz3#p;T0ysNfQq<7!^c6%n3T<{#vh6KbyS z7ZUE}nONc!;#cqKm9B57?G+f2=VX~=8DLQ2lpbyzm6T;sXcQD!WRhl)>FpO8>R%Y? z6U3G56=59g9-e7tR^;Vb6;fzsQJHV-80D0a=@)Kf=9-`F?QWW%pI_ir~r zmK+)Bk&|p(8f92inOMb@Wme&w=$e`w=2w~-n3ZGXpImS37L@2}QRr`Af;evm|K-qW*m@i9^hN#TaZ-X8e(Y@UQrO5lIvLD zZj_qG61*t4#O0A=XzFEB?qgZ#Vo_h7R9;e)oRyVq7;cdn;9V9OP~;S> zpY0eKmgnwVS?m&$Y;KZiW}2L5UXdE$XOV1}7m&ymY+7RI79Lz;Ql1i#YvAjl@8YXp zQs5cvW>n}{>RDhKn&^`hT(0kuRHScdSmA1%Qs`S%7M`D&>yhi^7+{>q#igsOtKeH! zno{rTROVV@kR4fAP>>c{RN-Ukof{ld>Rst-5bS1_8t7_X5L&LESk9HhlD_Wf1r|4s zsGh5$$qc{x7WA>^M;$MD&GzC%>q_wij_i(Kk2jp^`&7!+&BeIt{=zQ1pU<{#XOZK$ zws)HBqBjwdrjvRtjD7iRo@eg4c7aF#;cfLDQ{w9PuGx^bp~?AT5_{^^wV%f` zDNe|J(#M=;GQm@t`Sm%&g}RqgzukHB+__sTXN%A4IhDWmshqO-$;`6mY3H?!n^GL_ z?=6+j)t#7rJzY**+-8lI$ktD3=38E5SD&kIirph};=;9kA}*U3P2t#isb$NbV<%H= z|4*|&`@ZzX;kx>nPd0kpn|UNYf0EDpz3o38wB=T`@E)A%ed+I$WZM;|dlvpJ57f?E z$n?CCarW|KnVc_~wr%a+=Q{Jx_eg%_gwj_i++G4)8D*{^P+>9j_1h1}8m zKToaU{(1H8!7XO@YW^rcJ(K+figR@&#ArdFRy6N;uUjY^}NW zM!0oXafsDni{HB@Kku9VO4nL`?*+-K{}l;sj`!l?`a{dpKjnv>Y@f#-+x0l|CEva8 zWm{G#g(V#2eSi0S-f!;Jyk2K*4gB68+|cqoT| zEWMx7^{2*ZEI-G~Iwkw@W$!m0Q}QPAe`$GJs+wpL5xcPb&+Z!OiOGhcw>~af6xgQl zBSppE~x?O zndU*MPTEE(CKcuel}X-VMn=hnW`#cC?yjksrlDEBhIzgw-bwkB;~B;4%Tt`)vWvq) zLc;uA-M!OYOH%Wrw398(v;6Y(ll)TjjV*Hx15%uw0zxdfJhMVeE&amHqp~B4qB4v; zjY5okgHy9CP5gaaq7uCesyqThOuRyig1pLMp;T0ysNfQq<7!^c6EfOkp6HWnk)PsP5@ePXYLsr_u-nV6mwndxHUo#^cBRT}K)R~GJ{l<8Ik(p>(Y-CZE@95(g zsqJQx8f2F0Smdjn6zE>;l9Oua;h$LP<5Lpmlk1u5=Ux=5?Uondn9t=L5tUrxn;z=v z?2{Z;=~3@#5Mt^aX_Q&!=aUocZIK@p1mb}kzVB$m}pp5^9v^lTlyfZj@gT>FDPdk)2bO?qXD_pIMX= zVC3PKXjqi*R$AcY8J!41WRMZ%<)4yoQtn()R#qJ46;`Nk z9IhXbnVlTwmKjo>ZDLkX?Clm&VwvY=5nfPO8DwVWni*x7V^(Ao=~n8^#igsOs}SsM z5mE1=UFIAR>FVm{V&;(@C2^HrKZ^=b}zB| z>P)H9>;5zTE@aM_r={Pu(lBSzH0NN&O1%{?guiA^sq&q+F8T89CDYo^ZHQXT$;JHq zTUh;Gn+=*W8QK2TPuAc1`G~*Hq3rog$&(WQqHF8-3t9(Cy^-&G;`7ia{^!kVh0Xt! zrsh3O&5F&cT5?k$q~?~MDA(-`-YfsV50F=ET;(>!cS_Bf(vp8Wn98MOlTcPkD}B z*!nc1{>aL=8uhIac75IqYs~Mii#QjwVTOu>?9!CiMH&CY@0hsCCjU}0{WVuqG${Z7 zk#mywcgAn(xp$MJ;k)cU_8sTB40PS{0+UM>aO_{?#}GVIv5#oOmAmj)%WkO>!+4J*yr5WEqrz1 zANQw45$hhDW!!ARWo$9wIm@K8^UnOe^1V)8)A;G?-0aTy;;&y$vNi7WG@tUPOR>a9 zM8M4n0Y!{zercm5aMVom*_;jui~F5|`H ztw|hy1z#tG{tzg*)&E6Zv3R>d(S_!~gN1&74s1;_d;QqzjM41CmHn0QSGoWk;8r3L%T_T&#rcT qxUH~_ecPhmqPw$Rx5y+s3P{?&g;jNyf|m2vBOfQNaeQJh*BJn6uxYda diff --git a/secrets/ghost-env.age b/secrets/ghost-env.age index 0edf7f0c947ea2645cca452876ce85ba133312f6..fc5d45ff351641f172650b38acc0c1ac5ea97836 100644 GIT binary patch delta 1523 zcmdnPvxR4ZPQ9P2SCp|?u6eSjccrmKVR}%IQ+ASDg_(J(Yf!pDl$m*XV2(#ph=*ym z1y`z5m}zKGiepr;yH9ATV~$_GYidK*A{UTA7rp6ZoYUYb;F8l3BA>Y8kl zospNF>u-|pWK@}!Zph^ooaP+i?-^EJl9S{US!@uMR_|vTnCF>Z>6e_F=ab}XS?URxUcSW=SaS7MUrQ|#sHte@g)q;HZP>2DIi6&w($UyvK+>FFAg7vW=U5tf^1mgJcn z8Sa)*Xr7blm7bEHALedWl^0~}7MbSl>syhn?HU+b>75ajmS^r1!Q~O2lv^5ZSYG5_ zl53F>P;ZcIW?+=zm75Y}f(`>R1qFwneFLR?&4+STvcKmWa^sZVVaTQ$~8C4^5dibRweuU z&&S_97_l*>p64&~Q}rp^rg?6;CjQ%^+o@kyTkDJR_VDK}>5Gf&%wpr$Ir1J(SK02R zDa{+>+v%OEeXxkJ+jXk8-s&Z5Pgm^aE16sOroQii=Z-|VqT5A+3%!=cuC`KFOp%h_ z)zZoOt#`>vNe?C#<>{OEFFSSf|NoTTvYIRIwN_pDtf#%UOY7n7XZ`)!nGd`+{#IS$ zB3Cr0>$d0A_eWUQJDoOulsKtEI!BaMQ06#`(F*;VQn3@yE;TR6%v-)Y>i|=|xLGYz z(;0>J_Io_)jhsy^uA8J*NSt|kF4yvlNrH#-%MJJ5a96p?uAf@=&G@&oXwNL83r1Ti zV=6m;%AZkYKFdD;pLfkPUSoli=hw{1D_>uj?XIj4H)4QZ8YXs~& zzHIuqNP70mZ(W*89(H^%HqyAXLCUcso5$qdv7K5%Uw=MwdUMl}G4sF!22PWC;wlfW z*1S4U*vl<)IoR1FU~!ysuhgu>!q)LP@j42^P|q1H;cV0_nB{~@ZqvMy3jH( zMsE4pTi0^+_r8m>iwpP2sZ9NF@qfYRwPLK_Z`#)^)n7RM ueFejuv*|axzLfQDX4z$?EY0>L{(YJ8i=)qVPNq3qRJ5A8E$ckD{r~{}xK9`W delta 1531 zcmdnOvxjGbPJKzbhhcz8a=4$Db7o4Rv$nr!dQ`4QQfNSVMp$k|xwd~;q_#n!m%ejw zF_&MVZ(?O(rkiI(l6h1{M!LJHNm{6rPj-H4pl5_dsGqNYzN5cML1{pS374*&LUD11 zZfc5=si~o*f@yYnamc-iBoW4a=3H3rCYw4 zVWpYBXJ|wuS6RNhpJ%3fQh20UaeBBH1OrCFaInmZnBUzM=RDkzp>zf%%i;8O7@@Q++cF%w5g> zf`X$$46A}YEfP(QDl;vk44eZ(GfE0mT_Sz*0xgY`%6+*K)1AT!OiDt11I?&#ziUhkTf?OWg#<(H9YkyMyhU{sk?QC1vTnNpbUT$o>OmX+^ikrV9ZWLlDL z#AT3^9Z(UjU6_+&s$J&p<5BFWZQvSJ=H*;$Vd|CamlEkxY+B`S=9O<+>QwA!RORcP z0g{{R38!Gu3r(AYLJ{CRBB@GV-S!Y z6cFy`<6>-S?v?J59UA87oR%5xRG5>TS#F%fWoG8$nUiLa?pqOPQJ58x>rrK5;$)Gh zpHt}{WbRs#Z{V3)MGE)J{nqzL{WagJzVpwhvkXLCQl$EM&T9#?ypQl|IQj+3bU>TN^n`fSEZm8{L zlIiMel6@759Te)ql^$r3m{M-3Z>((*TJM&aRuNw0T%~Vp=$Ggpk)mB};^b58 zQ&Ht)k*@Dunr>*CW@6xxqMue$S?(B?o|R;j>B?nTo|9p2=g*qCU=W_}loD29pq=UNZEWb1pPJ%dT2UEp!6oj{!||0RaYtMW z_uIZ@3!i^=U)1~T<;;0iA3mKqUio92#?{;%VH0GQKWb_FIl&`p&!Jn!2a6g0r@z>l zHM_jIRG?Rn^VYk!yf1lr8f^V%DdsXe{8H$8@Uebn`JLwIMKg;($5{CnJenB(G5^7J zscToy zJtc(mx$eTq_4POU)u!K!chyeSUjA#kZNQ;LOuz5;&#qP5bt8QL(-ptHf1dgM=&nUt ztkxNAIhDqkRlj=J7`v3qCi&@hvGjIZ-(*R$JhQ^0G@^R%eEy(CC&F}oi(k7Z=OOg# z)t#5}M|UuVM=XvIxm>yIO25g6hCn(0sq^+_YArGCmSw+G_vemi{mqNhPtBR(Gi&kd zxT|Nvij*d?-AdUaF}ZJ>-0#;Mb7!+!U2-sdy!E_EV*gglZoes)l6y_#Cq8$+xF~}w z%KAEQE$h0!${sG&sq$932JCafeT9Fy_6X%RiAwDZ2R?m$D9HKL zqVN<;qr->vA{95GKDW2}{EwR2bbmWZd|dLBL;l2mhmPZ2RhOld8k_4_v(0UseyRZg Df>ExN9Q(u@Kk?y5!?wp#U?-QDuT~Jh9l9z1}Y;2I5tz8gmVPxbPlvF<*r%B5?kP+Xj$ zo0?)|YHDbyV47W?T85Q|oKfoOQyS!97-E{0Sz;FA zT9#pvpOYKNWol$@m}cssZ{cke8C9B7;jCQ}5mXWy5)|lZSYVoB>E#PjZx)c~mOb&K zcz9)CX@GvNqoKBQk)gh^scWWXkws`qVO6-lwt>ErlcTp~YIaFtsz*ksE0<4Hp+RAa znW>v;uB&r!j$4GQOQcz_en6ImL57o?sbPR~mUgDGtB+Yh@#J_$@%n&(q=2Gqf9;4w zpR}OVFq3@!Y}2yjvMg60i?Fl+Z|_2PM;}vX|Kh6bY_5XPY`>_0h(PTCubkotqns$? z3eU*Qa7RxcGe1l7fI>@G{mSC7%+ScdY*;826(=gV1m?J!mva^QMERyUMO2x(W_o$J zYdfWvC;NEU8~B-Il(?mp<)s=HCshW82ZWealsIRm2AYJFhef3176e;$ z6bE~GCYt)@8s$e+rG{pBmlSz~dL@^;7zJ@<`-c^I1{?Z$6N z7L<6J=NcqC1qXYDmU+7Qn`RY8T80Feh31xdN0x=;Sfocfhg1e}MR|LhdO0Qfg}NAp zyQd`9N0pmqnPgO@IT@6i8yWiMW+f$=n5CHog*#dprF)d;dSw^uXSh~W7?s7wUVZM!AGKSw{I*CP#S%7liwIW|U?) z1%;NRCq)(+r~9S)rnz$Y`{kAdnP~^OdYJgv`};@c=cZZum-?4@<(oQ3C54BTIO?01 zg_e3cSA-N6=K547hPikf_$5Y|hZPru6&r+gp=EI(z%o zCzcuKC1pDYhDVv_J8C;;x#U@7RJc0^m#64Q_~n;a=$n^nhx+((E$uyTy5M7DLe1wd z&;Mj?**;@g+1b@|KBxuGiVQBwQ2qa}waMy&g6DN(_e16rxK^0*K3e`YC2GZ_&-$NU zi+Km^KfZM9eh%FiVJSb~{gF5oc0wTOyn5yCQ}uHrw2Y@r-JkO2cspyZa#-TDcj~Ji zFJ=Drr{dACWFv`14_TSN%`Vz4E&c6SIZxe#qseo#E^l!bD6xxMbjG9k7E|$&7uVhe zf8D5|wdCoe1&b|{iV7E5#rz7HWL5rZ?akfKpFY^aY3Hd3hj(maiB$=5Klc67ht>z7^&ig3b6tAk`IqsF zg?=7m;JO10`Et&_KaUskddBPS+54^JE)TAQ}0riomgsI7?u%cR#_EZ81Cfg8DZk?<7ZapQ;-s7Srl1SXy{g!U6dP| z&Se~$k(6v%Vr1%OY+;%hob2l3Q5k4d>04@^YvEntSmBgXkQWr@X_n<@!KG`bP+Xj$ zo0?)|YHDbyV47W?TSj{lR}fJgm62&2k?)gJ;GF1} zWsz?P!!`Qf#d4Qd(+IuAP;d=jRewnVsbAuN|4_k)9Sf z@uPTnP+G8AR$hd5Nq$9%Yn8T_ae#-Xe^o$nxp!WfTV+O(Uv{E*vS)~EWuPlpT8?9` zk9%lvx~XYuQjve8uX}cpb9SPuf1*XGx1U>%XF#x5o@;2BL8QUtct-L1pb*dG!ZcIu zl!z*ya{o+!ugJW-NLK^@oUqg|OV5%_lfxeCHs~}miy*cp`}%}?g?VcimgPrf zTT}-6nkG3`78(a8Mx|*RrdS391UhDz`DkZb7FU$Hdl`p11{su?aRnv2rFr-Ti$HdWUPL7MNssc~q1Z<@<&iTLz}(SQLS{j(UMFb=jd*>xZMR1iE8m4D^XJq?0`}pdY<%MVGmWBuT zd77jbmzsFFL`4QB=cJoi8o1^ZIEN*hxn(-0X-9?^1SF*!niOXF`c`mp>FVk#m>QQ@ z);k7NWCZ1Cmxn|-mPM2pgob*Rds?Ks`DBFWS(fA!7CV+(1O}CRa&f(@*ErvC*!}a) z{x3X?>ksxkv-Vd>`N1=9rp5PV&t7R?Sgx?kI?bYV_SXKeP4{Jto4($Rx_`qxs;}eS8qQg$=P`NhvwS{g~k@oblV#WUP<3yle{%|`8t!=<$R@+SLx5#di|)C^Tin* zg15|swk+LaYWQqM%e9;byY08W`nmqe*0n41ZAy!GoKs0V`QUWLhw!5rHyw0Tp4DAn zH}l&nn>zDDob@v#I&}ix^EdD>nR%)uWV8JyJJ#3#Hmv88Gh^~_uT*+9M=9yx*2IQS zv)djmfB5~KIpeGg74DA9=2*BeI2`(tR($zKq0Ce9h0UEwr3Y9K1WK>GRC{x}xNXSY z(-ob!1X;W5G`LzIUnV$atJ_1USv3O zPVTHsw}rJML&1Uz6*=sVuQyGw6O!|qTe>qxA(3TMk@wn7x&J$kG?dnP|9{q7du-oK zKKA9?=I`t9KOj&yBQi_>^Ka)1o31`-I_hZhw(!}$qk)=R61X04&f0CXI%jReqz?_& zCR_JSxw7GjoN}mW8i(gK9fnqgH`ehw$%pP7468ZbTzz3td!0X*tS$TOA0m!EzG=G{ Gj{^Yo|3Vr7