diff --git a/.gitmodules b/.gitmodules index 603ca7b..5db18a4 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,6 @@ [submodule "src/website"] path = src/website - url = https://codeberg.org/distrust/website + url = https://git.distrust.co/public/website [submodule "src/toolchain"] path = src/toolchain url = https://git.distrust.co/public/toolchain diff --git a/infra/main/dns.tf b/infra/main/dns.tf index 068f87e..572efba 100644 --- a/infra/main/dns.tf +++ b/infra/main/dns.tf @@ -16,13 +16,6 @@ resource "digitalocean_record" "billing" { value = "45.16.98.153" } -resource "digitalocean_record" "chat" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "chat" - value = "distrust.element.io." -} - resource "digitalocean_record" "www" { domain = digitalocean_domain.default.id type = "CNAME" diff --git a/infra/main/main.tf b/infra/main/main.tf index 80be87e..6208bd9 100644 --- a/infra/main/main.tf +++ b/infra/main/main.tf @@ -63,12 +63,35 @@ module "digitalocean_database_cluster" { }, { name = "forgejo", create_default_superuser = true, + }, { + # We're creating this database, but then need to delete and recreate manually with LOCALE=C. Otherwise synapse won't work + # CREATE DATABASE synapse WITH template=template0 owner=doadmin locale="C" encoding=UTF8; + # GRANT ALL ON DATABASE synapse TO synapse; + name = "synapse", + create_default_superuser = true, + }, { + name = "telegram", + create_default_superuser = true, + }, { + name = "mautrix_slack", + create_default_superuser = true, + }, { + name = "matrix_slack_appservice", + create_default_superuser = true, + }, { + name = "media_repo", + create_default_superuser = true, }] vpc_id = digitalocean_vpc.main.id digitalocean_region = data.digitalocean_region.provided.slug } +resource "digitalocean_spaces_bucket" "matrix_media_repo" { + name = "${var.namespace}-${var.environment}-distrust-media-repo" + region = var.region +} + locals { database_host = module.digitalocean_database_cluster.database_cluster.private_host database_port = module.digitalocean_database_cluster.database_cluster.port diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/config-secrets.enc.yaml b/kustomizations/matrix/bridges/matrix-appservice-slack/config-secrets.enc.yaml new file mode 100644 index 0000000..260913a --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/config-secrets.enc.yaml @@ -0,0 +1,119 @@ +apiVersion: v1 +kind: Secret +metadata: + name: matrix-appservice-slack +type: Opaque +stringData: + config.yaml: ENC[AES256_GCM,data:r4qTOla/LsGtMojbqC0px9vVeDN/308lx19WR1FcHOh/FenPOmhiVN6yqEHiL6NppHm+SfrSdAa58ghF6GVdbv51/Z6K435MPpoAXbcmw2JceZbHZJ2k0u4aY01nWYMKUU+oKcowdzL4bmkA4jkX4XcDVEsA9VlZPAYmSN4O0s4uLl2pJ1K5i0qng2KaCYKAwk5OTK4w//+lK7UhmVC2TBlGZ8MUyuHsvk0zUkWfdXeFtmtVN48LwS3gdjY2ynHDTYl4cmXtErfbqLkdjWLGcTS1LCaIhOSFYTQm04tAWc9TCKB3xYvpx9hSUKN/KrreK7zh6zr2NTYaRMiXPlUT8PC7VdwEkpZPq9fYkeMBBSlRiYUUO2q19Y2rtidWZ3UeKr2MPJA2a9A7l/JGpYeLk7Bg/623xfp2rvqysFbjVQHsR2FUrnhdV/DK6vafRrjPbdKOWjaorc3UdZ6LeS191zwTKUsZHQuW35LXrg+Xhiovle5FetgqVSeMtdAigLQ7rtUzmilZk8clDstibLzmGkKeBsFZKFDkNlMxQmHarA2bH5RcBazugokztEUgRBGVL4XAjStlyYez0EqAXdC7FmxRctx/8fS6n7gLv2eLOxFswNbjpZRDG8ctPGQIF2xPIkV3Ahf9UH1A2Q5pVRCvd49yLflCBE+MFyVjz2FvpkFg915TN3K0j4OKuIW8E5D3whO8e+ofJiZGSgw7+NYZfJi/d1SPMkCyJG5M9wtTJLtLWMDxmvhJlkGO5Hxu/f06EygMKvF1P8DjkpvbFDjClKS/WjmN4IrccYUgrL+kL7XsQZ1EfvFPu/ioKGV9OuHQfOJNqMNPQdGwjg830GSjn2GeyArYSsQ1mJ1QOCPPdlzNpwYf8WRCELAt8LnTWEuKuNpfesvp5pN8DaAa2qagiHMwRKXcwuutgfL3j9gD1wmu3hzbWEilWXXykh75JjM8bPTYkQQWQVJSwjfv9fnlxwxg8bueaVydOyI6TOLfowsDEJR1zy7L5d6uUMwJlrtjHms6N3SYJ4mrgogCrOkH4qX+MMAnkUfVAbxmPvX3u9bxIqbOSoUuzjQto/LJnpPwY6MblEEpkLVo42n2Vaaq2ihMtzXLeq4qd+g7PIQf47RNWtP78+T8csxzlPG7s+c8UPZCoKoVw9EFBXS7SBE=,iv:xNXCfyNWCbWgeDL0oEkPFSxtPxH9SNcUb6nfGo2bRaU=,tag:uy9IUhzGgKgrAI0Fu+hR1g==,type:str] + slack.yaml: ENC[AES256_GCM,data:68WCMYcGwY70UwSNdEPeWPWZCJ1+BFO+KJni+oW+1VAnkGgwM7DAw06bWUIlYmwbPMotJqghU8pZicQu2CWaDKxSyvNvTYIyUBSgaUgyhgkAt5iP1fJzM7AA64OLZiJkP3WvfMvQqZpj5q6VMVtci+kETP/C2n2D9SR6g0GqOvSVDOQ14BcEdQZhX/GIqYVy6O1WwER/MMcrzF0gS8Xljhgh1QEwbHN3V6SaDRRt9H3PtxINovs6+N7WBTN6X19npNCvo+vBWc04BqRQOnTbvKDodeI8CSNoZVCCXnGmRdDYmQTX3l8B1ax7pVcq8qgQbT/g10CzIQ4D5/xooXWyPBJO8G3DvWSBS1q6eq/h6Ff5/dof0dpM90r1Snte+rBygioNXNDxZxHiftGHDdHutI2xFsy2d6jpAgSWI9SE+FPrOZO+VVg3oGf1CJ9szcAir9Y3SafwzyNBwvCL9XbRWOb5YR3v9JRbLlyFdPSuBFQciYnxxhPK7xdLr+ggC4YBg5NH51TvPFFrlRBhkHc21GgMpQWW/ambmIPoN8N1ibaIAAywALHVvKcVhVRjSgStRubqkPOw902V1S9YhVl5vb6QtxaI3jZLLtq1uCJwEJ350kY7xIPDvS17J0/HzZBivm8=,iv:BsODzIfvxPxLpZSomElorgtvdn8ejcYIMHE8Ze4VC1k=,tag:xpSnNsE06QEoNAtnCN2vNg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-03-12T00:01:19Z" + mac: ENC[AES256_GCM,data:VSdnKuVIv4VBy4MpIuruPVgDqMFLM33VwfWHrQ2V9rWJkqEvWlgrZDZG92qGdBthmcmfhpClCZeAmEI//U5/ejb+rilj1OOkfFqYIHG+JGzEXyKVnWZeHEcWzEGuYDG78n8XgFuCMiexScHOhLcRSiGRN++jzXTAGMp8U2z7feE=,iv:aw7cTJfRq9Z2tJlPFQhE0HYoLweds8b4ybCTofEcMFo=,tag:lgWspTjb1IX8jR1Hq95WCg==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/files/digital-ocean-ca.crt b/kustomizations/matrix/bridges/matrix-appservice-slack/files/digital-ocean-ca.crt new file mode 100644 index 0000000..76994e9 --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/files/digital-ocean-ca.crt @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEQTCCAqmgAwIBAgIUJnvJP3vy1FrGBmP3zN/Q6le9D5owDQYJKoZIhvcNAQEM +BQAwOjE4MDYGA1UEAwwvZWI2ZjdjZmItNjBkNy00ZTg2LTlmN2UtYTliMmU5MDdk +YWUyIFByb2plY3QgQ0EwHhcNMjMwNTEyMDMzMTA3WhcNMzMwNTA5MDMzMTA3WjA6 +MTgwNgYDVQQDDC9lYjZmN2NmYi02MGQ3LTRlODYtOWY3ZS1hOWIyZTkwN2RhZTIg +UHJvamVjdCBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAO41H/hV +eJYfE+b0aMPj1vLhefmGkdjD5N3HD1StaL95bjiB7U73exQenoEZYTW3Ns7+BzHq +ffFJwXC3sL8qVxqnNdJy3IkrwJxdmJrj5+KoVUrD8yNbujjQ5q+r0fMRwBwtJYkf +78b/mCBP7GOllJim3nG4MMzL1sA/5JaOQEwZgmERmIVJi1RK1k8nGuFKbcr7YW6u +vE8VQR77uQIUffokC6tDzhjxDz8eDzZ3lwsnGavCG31nW5Kc6+rg6Kpo097/ZkYf +DThwFmGwmP4oT6h2+/LPqsb3OCvFWh5DLHXTa5xvczFwY134o55CW25JNebrTYxc +ZnvlE1afgiuKsqGsGmvmnjgxKTNKOhMWKd1gXLmQ6Tt0WrLpIBlAVlh4pn0YtWDm +Nz+YcOnQ20O4pZyOntc2TGFmbHqAp5HnmRmtDWWbUQoRRAIsvvUpIGRxWid124gV +2h9UxbymVoieFpAjNv6d9Qu9+kKeJ/FOwSq6qatOuI4ILSjG6E1SMeimxQIDAQAB +oz8wPTAdBgNVHQ4EFgQUpoMewYjVdrnCuCjW/57GlzlMtdQwDwYDVR0TBAgwBgEB +/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEMBQADggGBAKRENCIP7KTg2ULy +DCuZAvPDzqRwAstmXP54DZOpeMT81c+m9Kq4urM1PMFvPOfiSSlE3wAA1+oX5wyv +r4kKgSYqG4QRk4aUfk7NJUQ2yAEtNcwrTc4MSsoFJOJVWdW/E+KNWYKjepg1t2kV +4hzZNqnIO05sxVp/Sx0tu5dhn8xPwNTVuDD5VjoC7VweSlq+E2vTNz10VBSHJ9Pm +bBJ32kd0lXdYsmy9vGDLa2NrjeTESSBfk8umm2dIbIFxOShHSs/6jHwCGv5WvPpo +HoPH69XBnXQuXf+gPltEaAtRwKVqdgMTFQe1gfeK2ddvlzPtGJ1mj+1rPGZApEuV +Ax+5Klk+711dhJrRQsI0w1Zl/2CgpKToIVbBe5nLyH2Q7SstcdpfnNcs5+k3iXb/ +KMUIMP84ScQ+ojUefMntny2SqUFT/CD1IVpOsHFTbKc2ZHUllrDf1p4qopMdiwWj +TlnDOh78B94f1O9by4ftQ/g8G5TaKgRsMxrDNy77tCpKy9vR4g== +-----END CERTIFICATE----- diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/kustomization.yaml b/kustomizations/matrix/bridges/matrix-appservice-slack/kustomization.yaml new file mode 100644 index 0000000..04b91a3 --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/kustomization.yaml @@ -0,0 +1,20 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: matrix-appservice-slack + app.kubernetes.io/part-of: matrix + app.kubernetes.io/component: bridge +resources: +- statefulset.yaml +- service.yaml +generators: + - secret-generator.yaml +configMapGenerator: +- name: digital-ocean-ca + files: + - files/digital-ocean-ca.crt +images: +- name: matrixdotorg/matrix-appservice-slack + newTag: release-2.1.2 diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/secret-generator.yaml b/kustomizations/matrix/bridges/matrix-appservice-slack/secret-generator.yaml new file mode 100644 index 0000000..d21ac1e --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: slack-ksops-secrets +files: + - config-secrets.enc.yaml diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/service.yaml b/kustomizations/matrix/bridges/matrix-appservice-slack/service.yaml new file mode 100644 index 0000000..6d51606 --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/service.yaml @@ -0,0 +1,17 @@ +kind: Service +apiVersion: v1 +metadata: + name: appservice-slack +spec: + publishNotReadyAddresses: true + ports: + - name: appservice + protocol: TCP + port: 5858 + targetPort: 5858 + - name: rtm + protocol: TCP + port: 9898 + targetPort: 9898 + selector: {} + type: ClusterIP diff --git a/kustomizations/matrix/bridges/matrix-appservice-slack/statefulset.yaml b/kustomizations/matrix/bridges/matrix-appservice-slack/statefulset.yaml new file mode 100644 index 0000000..a248eb5 --- /dev/null +++ b/kustomizations/matrix/bridges/matrix-appservice-slack/statefulset.yaml @@ -0,0 +1,38 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: appservice-slack +spec: + serviceName: matrix-appservice-slack + template: + spec: + containers: + - name: appservice-slack + image: matrixdotorg/matrix-appservice-slack + env: + - name: NODE_EXTRA_CA_CERTS + value: /config/digital-ocean-ca.crt + ports: + - name: appservice + containerPort: 5858 + protocol: TCP + - name: rtm + containerPort: 9898 + protocol: TCP + volumeMounts: + - name: config-secrets + mountPath: /config/config.yaml + subPath: config.yaml + - name: config-secrets + mountPath: /config/slack-registration.yaml + subPath: slack.yaml + - name: digital-ocean-ca + mountPath: /config/digital-ocean-ca.crt + subPath: digital-ocean-ca.crt + volumes: + - name: config-secrets + secret: + secretName: matrix-appservice-slack + - name: digital-ocean-ca + configMap: + name: digital-ocean-ca diff --git a/kustomizations/matrix/bridges/mautrix-slack/config-secrets.enc.yaml b/kustomizations/matrix/bridges/mautrix-slack/config-secrets.enc.yaml new file mode 100644 index 0000000..7820d0c --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-slack/config-secrets.enc.yaml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mautrix-slack-config +type: Opaque +stringData: + config.yaml: ENC[AES256_GCM,data:ZwhS4wGbYBpxALSdCB2aKe+CHb+/OTKYrvKKoLSU+LosIR4wHLXOt4uEZ4KO3gU+s+dVoUMZwYwOFTpEtYqezumez5hUkSmBuMx5jnsjN6KKI4cs596Bg3vcAfUS9CFnCeFgyJ0PKawJvXYH6hEsxWce763Hy8ICLZDGcAQ7KuKwBovS+JHpeHWxeqHpy8tH88mMQriMevVPViGp4K6ak7HN26RiFvImDSLWa34mMMKQiAm6YlQ376iP9c6eKrnzSiag64YvcEvZHYsPDGebVAIrS3nZ4TBr3EWvUNpDi7D3vn3/DplVyYW0Dj5A08sNHThCkd3esJmQ5cph0AZ5gDuzOUU6sd5hyRkvpdbMZ78JE2vuhI1srRbtstxJZAiIRJUc3Lw9Hnwjg4tmgsKdyvqN3SXnBPyVRtzBFjVdwyJFpMRW0gHqRhgDkhE330ntyIPCJhYNIbNtYA7SZYRQ/gNko/6CDywWm1i9bOXOnOVemP2t/JCbVfdomDnEJSEpn5jmsxO3vSMm6ff4V2A/jPrYEM4X8InS/AFaypNp2tcq5TAxxJFh+bX2OIC3CJnX09qH9HrZBDS9gFVT8vHRFSVGFr0/ffpdhZxkXaS/kiQ/3qWHrltGTssvHRRs9f7oRONqlJ5HOqoQbPvWpu8GFW9hzD7UBhhH+z6IOHKgWWtXFBSQHLfBFOJ6I8yIUniZI3cxKGVuZXJ3QmyuVdnjzxbFX57ejKcm8MAyNd0l/T8qiszdgER1wHq9izs3hwzDCfEkUSlns7ih9uCjVvKh0Qv0Cy9WZvTeByGvI0sLLLmsP6eXYMbSM21OcGW9mUQ6ZLdG8KELLXCXhUfsCniXUJZV5KfUPyUq9QwfmOmu2g7R6f8S0FLtJr0wv2h9qzGkxCkw5eOwT9uckvZwEt9ERny2jer6BKJkyUapt4ZtAnB82yGMlL7+1D9i16kzk2Whuk3dx3DBnZaG+n/TRLAfk+2MmHTv7qcLJwfWwI1a51t0evBhb0lvThJJGK1F6GjnjA2vn+88ZRAQWmdebstgzdPqvAAj3+4oexWI+iIxT0C55frtKlGcJXYA5Cp90k4AndkH4qCp9szl2qjX5DWLdhJbdZipygTgjIUhPsbBj9xqL5ruAyJIgc25it0lrC3oAmnAIa3SJoh+u+aVnLhioihh3CyYlrj/76BOeJ6GdyKICu7j+74SUKSGGFc8ylMW9mVPe5OS+PQSpRNbR1z2hVI4nkaTZ9OA139TzAnSK2P+fKcQkvmrgsGPqAW0rK4ZRZ9+f5tJiQe3cbzZC3sD7xsK3z+jMNVoxOcuRRuFIOj6MwMcie99MZhC6JHtpYbggH3P029F1MZHy0tPYVY3m8jUCU6pHKb/lzhKYj+lqfkflVYY3kR7oXLH3Q0kNA5Xcb+zUB0Hb1Nn7tVwBOwXavKmpYwtgDxVufohBGsKnqMNou+N8g6dU9NExRcHT9zWmJLekQiQ7yqyFhsgMIWLzwKywfDyoNJOi99wyEKKsH6PKZPVUSpc31rQbvrxUGHWKntvCKZ7Lug6MxLvIrHZ6yfy7psiRdgR220/kWddDmIi67moEV0ASV8rw5ofmbNCGH+yAxVKEjVj0g04fW8yoVYZSa5yTCQW6E9W6a7UaGBxtf96yGqvMeXDC4MToQ/eEtM8QQvTlfuxGD9IUjKszdqLVqXoYPoyheQXYkSeFtVuRGOXWACJyQDDbPJseXlU1Yx3xkgqmPMNDJNuI1Mf8qvzPYHlvFr+iPrVQyMg54oy61UXAeIZWgb+nbklPZGtWmESxYFMDvRjOpNHlkn5ldkDpEfgn8Nl4WvDcO5Ms86sUpYKMsV5difyrNTMnAdNYdp+jbwpVAlrKbwdCIa09uKwQSrA9+xBh92QVnHGlsYFR0njBQWJWgWnqj/M2mdhcCqO8hNoA3GXiq3dX6FDCSi8W4Gwhf2pO5GOQ03ECIC4gqsSAcUnzM8d9DI+RWq2ogwQUGnVfd3IchSiNw+Qvklq0baKZu/weFvNdf9MVMoEZ3nfCOwvA3yutzxlodsc7rQP5GFu6Qu3BcR/mU5Mjpbs8wT1XxZRt/sXyo9Vu6zQvqGnvOgF/vub8bxi1XqtN+nW38/K/Fsjp0COf5E4juOPx8OtkAcwZ0d2yUIfw/y7X2W4JDycgViKskomOFaWkPI/bhRdm9YUlP8z5+zQkjoQQWEvmv7dxwqnqQ10RaJPsdyQgdtRmnyk+sXp5sOw1qFu3U483B2XV/2HButM1pAbaNyhxmFqo0m+H2e+sJzBdBqLsgkiFkQNYonbbpuUZjfGoauWveio3vetqrrNi9XLCB5ntEf9gDx3effaxI+hD1VFZW3OE894usHfK6JacUPsboOjJYbl2X/FsFEWP5ERZAs5F6S8erD02+WJVUkX+v8A9hv4Xl89AD02f8VvGKPOVcbn38Y8je7C5UiRnNIFhBuHOcGYcodGumAvdutIlVhnrHijqe8yPpSjnTNcG0+U70m4mu4k32rXeVIMiTr9Vm4f6Z4bxZQiRqjfk1prlz1Z0SWJ/ZAtGahNG1/IrdZp+6AkTaZuE8lipSg3LMby5RulcgT/lUWb1CHEe6qcbVmkableme6HIydw3u3JqUeMLCDbptz4zizzIS97f86f9ZmRZofiQJn+IZDvcjfmnGa98t8tt7rp1S5D6YMsgO+tbyPdTNwK9uPKscSynrXcEsoafzSq0xnUIK38V0ihxUAcYe4YtaYAmbunLKPG+n00YSdTZT/IeD6qh5b7Xu1ufGwFb3M61OmlvSjVsnQ/Q6YwpvjoV4H6U/YbrnAue7JYDiNnxvV0tY/vaAWq9C9ysJrRjJSgOiHEXAlrDK+6IpcD2ebiB1VI/MAaZE+MOhlBE9fsgrX29rW1OuRdiSXckgF1fZiz0trfgyjsAMjOSu/hR8mYIXwAYqugVfbUaPp0ZL0u/FBMNqCECg6r/0qNXvPncIdffUS4m/8I8+phcwQGyH+a19G7Kj8NdxMICD1weaW/a927wHnPSTQ/8PPgM1ldv4SzuR6LQ5IMJXC7ffKVMbwSPtKNayEFR1RHOS0OOi7CDQ9zT/Pfe0jHHuxUYWSMCpYJlUama8qm9H3mITVth3eBwLwCwVsoCHyYLd+BMTF5pWbnWd58MHIAClQJ4ifN3OU2afkZZlHXqHm2G8Sxi8BjE9S4Zg7ABn4d0gyvnwPHK2qRgpz8ahKXrjECJl37sKVUZ3UbbzIoPMPMZ0gd5TDTsMaV+5vPMXjLGPI6DcPWIw8no+lhF4cjrgu8pMwFqhsiCB0Nwxnu0pfKFsZ0FSA/zt138r1K8sxo1lMtCMfw2jP13aRyKYSOVSkFBHYAz/aUt/iksahjZ70Ly4jI46lvfPhX6Ed6/O2+dDgT8t5spPGTvpxlVYXmq0saQ/OsVLPIICZPzI1xhg4LhJNDl+ujyVZrjVxcehlfkH9OrieoJPCWM1LdsUpUwAL19ANaySUfC++6+zU5QwaT4EKAjBCJOP6s6Lgmc+wiqw2AnPhik6esFA+3dTi6ei2TQcCZzdhyNYvy4yLSDoVtbecjpZGFqM/TRpVucg40qgjNIxs1FP0np2y0SPBNsPRZqVKlegD1erjtrjRPXtBs/1hMqwUPp4DzI83zBsjcj1o6jagw0/Seg521kwARGATU3MfqPEsDOguKRju1DOP0/sEF3lkNbDOO1b35pfH48HD0d/Lu8++wSiRRhbrf+2fyIh4w5O+rTeyuULIjTrt5Ltoc4G8br10E8CQXiFJzU+6iQpmxVaUi6SW6ZnZEtlrwjfjoqNFw0jla+khdO1/Crjkv4apxhi1YQHn9djmMH3y2usIjgJVVCw7tmY0rryDGRgS0BOg5UueFc8CM5sQ9K3d+/WkuyCT/+jqXdfO9B1GLhd5Id4Iw7JK1lVIOSVh+B2udPtmjy4y1HbfcCBNSlh1gS18+01sz2k+wqbF1jHI64nmwiovMruXe1wTuylFwdw5TFAC0KKNFmJu/9vjGzvPuAzSLWnWid1mGT2r/KOGfxbU3Xyk5olqRePP1zr0F3RGmrJafLtCkuc2ZQogKtwxQQqOSNRhA3mqroEk92Ef5kKPqLiPAGZ81oxjFpcdyM/8BlkniXbweF7FPvdvyA2IdOqDEiVmEBBz33IRre84hzYLz8pCnAjuHMN+/R2P2rracVvAl9Jw904n+LorOxx4FBzPoa2gdS8v7OwYFzZSSWVt+p/1mfscqstpyZMR870nRzOsEcTwjKQl+zUteIoI0mVF84fTDtL7VflhnsijrNJqI27caspAiN3ASaIzHtwi+TfxRuV1RfABbtyBRmjAMMaa8wS3Z1TPvfSUDDBgJgY8dZBRmrBb3ag9/AjGZ80utcgL2hPTg/ooeA+RSJJNvtJ1xYlCNH1DQAZo7qkBvCgu0n3ejDEL+/wAcMVxlJiSF/EvGSdD6Jenps9XSPu2GygLVD1xbiGj5Ri74XQj742fey908TFnlpSMjf3qZSiTefQ2tGkDQ5y59qpw88CEvSKzg4lWwI+UEpf7Q+GGOWGOx/274prOfZsK9bSu8UPKNXtJOpTDXY9nOWb5K81Qyx9iPfdj1E0m8z8V4b0Fb7iJGYfB2qlt6EvOG8siDEXgmLp9/vEcQJa9yX01xr+6kpI/UfV8aTsanUZRy1InAGXolLpN8wNYXUxMicCWK7TAcCKnXed/MBs1c+SiG0DMXxykM2bBmRXWkhSyQ0B24B3mK5AXWBfq49DOYNtiHUjaZyZlVJGdYBMPoeXUGUj10KlWcE8d0Dx/WRB3qa7/FyRJ9mXCpIPWhnCRpLPVIjuTxB8hhT6RE51+q5vP0CGYx3JPaY9qgiVuoB0TrkoAmwgh2NbC6VocMn7kVj+qiY234jaG9ffE2/TmvmRXYSRb+MOT4wmELEMAsWc84bt4odXLGASRppupcFMCG12J0E2EVRh+S9+yT8wODlKpzwrx6RpS5gHRMHNVbVVjNm9Zi/08IpHOwmJGxSo8xlxcSmssnXWhGFWZiJzaqgID7YXITpbOOXlZOWTjGEIFoQSMTwFk1fNOhOcGsPAt8y9v8BlxuECeaI3Y2IAvqPz8oRsXaoCn0U7pdQp116DrDe5Q1kkAW9ahR3ywzvmrBIVDUKn3SvUO+wzhboVTHmLXwRIglNbEfmPEZMsc/8iV0rs/egWi8/REdcYcer+e7UNhMLl/zrcTcopPMCbKaaSA21EXsmt3+aaPQaV8MRABNhoMYC0Iu58fnlShhBuSzsdEzW/1vTfPPvDc+IuusyFFu+ENgvosMVCffQrd+JcTuCYO9jjF1GKpybOdHtbdMf1ZL83snJirzS2Mw0eJb5BaLAyGJvERPLCJQU5/PbVkJpeZbt3nEOJaxe6D546//B6io3rgQQ0zsG4mUbWi+kVFP92n2YBzBSlBNCXdXk1Uoiqaxi5/w87R/raRyycKvJJ9ql6yHJuEht45ZmeTG5Q0uke0yXzqMvBWzkxUuSCME9FN0QFUICvCHRBINy8Hcn01m+BL1zkvMeT28jELw9AWBym5lAEOFJMk3usmBO+5N7QmojjXU8pof7bHgUtuE68Wus5mVHPWw7yfHah2l8YnH0kKiz8wv1qOjsfgRW8v7EKEOuhhxeGwmWcd9f1Dh01i5f4/7qmMwQi62vSlCTiHUfuGA4oemv4ikdfSdf9ZoJrEc1//E/Yu5ViG6HVOWuFGkzWuuw8cBrEvs0WJCsuA0SR9PYQQQIYOwi6RZkUbfGkrNFr/40cK84mz2afTk+UVpQlXSLNabMQBUmsZ/MgoNHDM4kID6QI5kiCR3eFAjUMdLz0FvUf748PkQ70Zl6sWhEj3nRR/eZZschSIF6GxntEz0cp9vgByLhIBKDpOeFZk5svsxKsxQvSiPHPBCepbJqz4RcF7j0vmxZUiGlesFgIzG6X6XVxj8+CtHHAo/qHQy+M6phMLcWnjPq3XrCl9c9HsgZhhU5LhyI6+9PJjfrLZc2V9s9H+Y/v3LLIVekyG2k4fh8Hv+uXYxF93VRMSUMb/JuY2RKcmf0wQEEOuyGxEmgemcZcb1pB/kwMs5ldB/YSE1tnzo2jvApHGYmKc7I8252BZ9ZndnLD2lifj9KGUCRMTHuxqkqebLfKtRomnBZBSvFaLDpn6MRdjSws5kxmIyRMiLFec1yy7a63XPqwLMZL5VjvXtexG+JV5gMa+h4IQl2Gm2kOtkFUetO+0z4qH1/AV0ZzerhYFYPUHOoP96yvdoP2wWXOla0fGTee0mR+QE3q+gUv1zULtnSCY3gNuSGbfgInhVHXpDFV2PMKQetjfcjFxm7Tx+SyMf3TGnjgZ8aKiiPdCFYwVkpYAO0ZX9trmOBCAhdlQEQF2CxpF2Yy24AdSkgjaH7KpGBtudEJDjyxl4x5w8OGjJVrAQXOGgpWlKo8GbmdaNOzfyIZXYdEMe/1Rf+cBfy3g5fLiGECwEKYWM5I9i/Fvm7gwBWV7TRYPzisXJrY4GG37eMYZE4s2O6ZpcIR5lEfJX+OiiqN7fSeSt2thnDeu6KJtRi0Nv+1+BCwfnL1uXEuwgF18U5cZ0cs+LNCeoHjj0ufY90ODoOvWSCRFnKOOib4MFOsatTa5pU9cRf98jM/0aAMkA965RyYi4zZNFnrPO8S1zF54xmmwmQcpWeVzOIWrFaTw8XK8ItowCIXTkreyDBgymW0z6SMg1o0dOHcjEkCOdU4H88rwbML3rd4aw5mQfEAS4qFH5qFdsHaLxXxEzNu4G+Ilym52W/1HE1weN3pv4paEwAsoBVMEuKwjTuxrjR9gYQAf9CboLFdCAC6DoSU4ldlkGPDfCZk8ZBmaOhXpn6lTq/aF+9TT/DFAP5asZwsTChYHjYgTn1ooWmhi9E+0xQf6eZKw9d8sAuR03qXDGCZCiHdoXmfaEp+ApiprBQsc6kwGcPkfY5AKPhBAdOLxR1R8GE31FyEaQ12p5CZXrT9icuuttseg5a6w5iQsg/OD+5AWoLjv5oCJGzI/bLZ2XzWmIIeWmqMekjHz8sFdtYvuGXtQOp5HMb5FCWlmCreSBc+PPgibVZgiXJHjG7pRp+F42eBUOoqsR1M1x0OvccHXH8Pp88LLKzRCRPASMioDdsB19HEBlGLp/eWWGjNHkcXjyT/NANhyHkvY9zykq8PNUJ67L829wTDf976O15g6vH4QO7H3WXakL0NNuLMGhqbktH+osoGXuNsoC3cwQfyTr+7KYou/r0XkFSsOmeG9+pHNjf/v+IEnAKByUuTc9lY1A6HHe+H2gsAkD1rI2ih82p0BHJLhJIBaUVLEoRz/I5cQgZLONcZ87WnT6/gQV7Tms8oiI82k4MYK+NoBulFTEzUd00LyHbwBE5PTj7aSYO2ATT2QpM2VTY2pyu8VzIf2N0S/czSuFJBWXdfzApijIQkLlgq8Cs95TJDdtnSdJmHBl1vHw0X3ixYFKc0OKqr8bTg6T7T8ZUNpGph9l7KzChPNyXH9jBA0EXCS29FBTZLjGzGrv7eNSJ58MEK73miXY7Uhp2cHyqTnbBVyvpUkUWUxJoPqqe9peUfykL0ZBAuv6XJNPv4yCCmz62w/c0ttjlpRgKLg8KDh3+vqPMLqgBp/BnrGt3vOAW7iauTUDSaBjWI0rnixmj5FN9aJnwvxa9qNj7E2fgTlG6FJBs0QCZAkHAe2kGgi0IDjOQTJT8VMSyPApgeeRNuNbvv44H00X34ZTLOW29NWB0NFvQ6lvL6bs3NA1fW8Q6Xxzvex3sbFlstVontbvd62D2+R6LhCEi1DsTwgf/66yAT0lFuy2T0KY48CIZu2b5d/PUc4+INk5HywWlrIs33fnxtCNMMUISdFXeSXCJt6tc6NVGUYBhkP/OW3L+4dwov9Nvx3BN0NTJtHTwiWB25CQcqERDTewgEsPKYaZaRxCVYE7PgKLZwQfUrYyFAY8aQ1YAWhkWUtnAK2yYF0+xw9Z7Np8IsOP7NzHFKaViCIxKuz5RfBeJf1kiYZvqydVr/r7slQ2QhRG+iZfN0NdJmioF2/f+fV0fWxvjQ8f7rF6pP4ui1MaQCsVWFh7e828uma+xGXn157K9ZgaOBpz+QZbI8ML+NRu+nWgF4n3YkIJ9utfJ2hIEuz/7VeiSwUiYHr2+6csCGzKAAzZy2SaHOKcrCg6keYdPytslamji5sylCPEBbBNwN8/DMm/1GfRM9a3iQil1M/PtMxhy/EGtaptXavItHFZsRn4MTn8taA/Rs1uqq6kQAmwUdoloFJOqWRhLM9QDepYKqY7rmT7CofYZSPR+Jyt+1T2ExQdEjnF6+pkzj0rRLtcS2XEzquBwzr0fQQjfH55fFEea/7tNM6jMDBMlrz7RFWcYAyjaW0TD6eXsCpGaF3CUkftQO019EyRQTK+IGbN/IN9Cj1pUynZ+UPyHSORq0NRwCeXZciLjT/9pazs/O1ljEwNXH0c7W3PEzawWBJzIUEhenz3mELgwAqc0mRWvZjIZdWz1dJ6p/fsXU42EQ9hUQVbz5XtiRnW2m8m1ISHnEQbB+67vMgf+30tThc6DUFKQKZ2oM2R8kWnA1zi8MLIM+IGfzgdLLLcvwMLzDVx37C9WA3YxvC15+ulyQuifv9xExl1zwOgxiQwUQEo3nlEbKevME3AatQuwfFz/0oIC8pt3SPYs5z1FnVo2zx76Q5QGPrvGcqG9SfhiKJzbkccGFQpXsNDbAnv2nGr93z1yvnq2Wv7GnDtEsoADRylbXIEqkUHwz2mF+VpgfpwAVPoMgTWu44F6yRl/u7G3Fw1WLbeIRboS81ysihvvsIpKHIKZ0RVgXmKR8f7yYHOaftbcjtORUJFBLJNXPn9Mmgm91YrH5eFa1UiYl+QJW/dU4pcTtIc4NfRshH41zCx+KgMGTDEFmlWZqtOfB/00M4BzllO8LsALYRgBMVgdzSRXY3h27MdLwWxFBGJK7aHKBR97Qh6Cj77lkKn+107nJjjWan234ZZ9lwXCfBKzWtYKn1OkBDpMH/+31Rbm4JRbkvs4IxBvxqcWflIJ/v2JbT8rlxU8eM32QadgPa2s+dlMzALObdAW9be1NIAbwpVjs7oEShB2thUw/rlLhTBrfKRME1pgq+rEpoCKTZeXCJlOH9W5safGUmT7TJLB3r2Yf9G9OTNZmGI/sG0mpNidSoyer0Y/HLEgap4fbGnMd5Ze22hMdwFVC6ILjhDL2pXf1utmVpGmmGo8ULreJPOTijGdqNAOcI/bLLJpn8OLr3gWCeqmeO/hxk6RqF115Qr0Wnn6YTQ/AFJk4I15D3I3/TXwNLxmTNQXqYlCUZsvk+7gTy+XL884ZNQ6DWJO1F3o+1A8BgcUEhiBXaToZ0p2ee46053GBjoIIQSSL0DnCffuDoTwQG9Evo7G0cl0lVTEJnMKHHurowQlbmIY8X2st1wrXF8J6u/od9EBkKzOGByyBBZg1LSbHw93bcFF/bYKo4v2TA48zfkbH3RRHRItp8aEGI1FqpWjFDXV0HdeCTlM9t2I4+QFa9RRywMfsFNJ5sAXR4GgGB4BBmEO5lpFWG//U7iGIz31w2LIiJlfS14cRX1GMzKtnH1WEvc7u4UE37B8lhQ+5ad5qHSswxLzyzQ5RaREM9Q/w8SxjLqGB4CxDgINj6RxyayTeaqF3Sb0UpsnXJk7+zmhy2zk0db5sU+i2RPJHspY93hIs0+o8cXwqLN1qCuELhFh4zZX7MJj8/JuoPQbHxHzYC0y2v7NcjP1+KeDo9frZVyHW9cuJXGiVnZPOVtTLkXKI1n/AUP0C8vn0tKd+SC0DTs0O7uTw0zLDHevjN7bUlklu5o+nXqwBgcN8x552vMMnqBWv/ZY0mWtJ34G85ZQLaJF6zl85XEUkeGIv0sAKWiUAW1h1sgmZSGmLDiECJU8/9ckrpaDYP0x2buZSN4UxORuZcQzkCZE8J/CYxscqfX9iLPVtnFs/s0M3faH3T/72PIhzXrThhZ4ehfcSjhsUR3vMagIJavhxJaDY4y0bBvniLinwSHOO2nyuEjrb3F3854e5SFBRWpXRo+yDC9JUsLW4rE4EUrcV5hrJ+fVl97KaQV4EODA26TvyTXDZ0WCxcOPQDakqPpxeFlPGVPl6s7WxXDCEcnVSqL4xG9A1jCPS1JPch8F/Xq1N06f6Pycgx2CzlNvD3bc61TPa5ZkTOboPjDYnxXHgh0KyfPiMcfS+qcTtjUeLIZddykHNByXmmLp/t/94ufwQt8vvKn/QpWtVMqp1prxuRlvEd8X01OYnE+gz4RKETbFlSkLg4dICwTaRNl/AtnEJ2qGYTvNWysg+tc3s+gbMxdAqlpdCErrO3GD8BHHxPr7v/zPeHqIhhTBUn5c0pt3DK9n6xQrH4D0YEzLI67+C7unzF++tO34jr9+AYUQJvxdgqKAjvlGCn6MjEaYD7zx8Q5sSp2eeF/KYLgkVHHCoKAxRqTqX8rk78RxEDjnMNXxHsYguR5EAT7QvGulxR4+t1QbCWCNmZ7aPqnF6M78HxDPxncYize8JPgAAwk5OwEDvc4HntZOJLqJo8mJFacQxzzmdfmVywhyKfKNhnIBr+sNapVODUjlbckSEiOXFsOZsdmMB2ZpsuCiPwt3X93SHSc9DcqD8K8p7urSst15+D8LTPlgGm8qjb3HEAnvTUwZoTqACYvqLlE2tkE7tVybYJsoSTSq3h1jVRNh8hzU5osVgEe3ZQR/Xaz7bt9N5e9yAOoN8um5ru2HowsjKCgrQlVRkLKFwSwhunavNIth9DiiY9CWwcvg3kDxzh6JAjviKUXsa/CvQi0xWicYX11990N/5FlRXaurfuyLitEs1OQl7PRENpQiY1jdiFyX7+DSVP6jP8HsD8r+UWk9POSD9eDZB6t7aGAcJNMRd34NVb1mbq659PB1q/jWx7hk2UlRSPKuM/EzNZV4MkZHpCmT6K0XHvrSj3E9yIVwiiDh9SVZaimPILHuzrpL/zkyIGl72IVQaYmCv4vroebyYPxuAaSi8yVuaexFTyTq0ChhI1ZA7XJKFqsPZnyHWcyjv943BjU4SV/6Rc4dCaFEgVhvIrkTsjFDH5ImA9doLHhTvZWJiBwGmv9c6ctXuQl/3Fy4YQuQ6HDuVNUAxE9ec1GQ4Sda8KavQc+gHa5iL1aDJj1efiifAe+LSAPkBAsFMricWVE60D6SUEDW7LwnfRhF1yiA3VrL+CaEMTIQcV/M8uzzW9kgBer3VVIzrRVA/oVI8dzDiQsdqTVshLJAxyrBfHXFW+TrNgGC/pRJ3XSfG+j9h4lJfbxbDyzgLn3QUNKBTpki5xkfiqcCPdIcm1gOuoiGh7xyW/N12HNn2YVfWy6Np7uuOopMKLqyRNSrPfUUfA36W8wuuV7HOfGGHZwDi3RWVEDJS3TuBToGgCNJKEAF0qduw0N20TuMAyOs7Ko4+R8tQUSZCT8huBzZfjB4vEzKglEnF0b6kjmpGfq98B+rB3sp4qLtIqmUs3ThTCIDa300RJqg8eZ/gMwLQetayApa8Qa9unWlKgb9Ta4yrA6Z7+ze02D2LUk/dc7Zl8vcgDl2Y7lTlzY4cb0Q9x5C0egcnIQSvgxjz8T5b6C8lT5iR6JYCVxX1st3uaw4HmaSwprOFXqPZE1OXALxQcYqNh/EJh+qh45bKlJWiicN2mTe1IR3HzDDxV4zKne1xAflnZRhIlAZEfzRMoASDf+/9+WOXAk0bAujNqxvB2miU1B27dPlIHL4P7ba3K/plWEJxtXvpFdf4LE/8+/eBxOKcZe35w3+yr+dhKAIlc1bzFxJ0sl/rCPVZy70abpZvtxMVW1BUhKZZswzhpEnUbrq/k3311KFTfH4bTjamqlstsK5T+v3DcoykP6H5m6PT5Hw+fGDszlSFLj3+koh3eYaX5u4Hn6K1r5RrhT5Q89LqaNma38vLRoW2jUKfkl6G49OXohVgavxWfw+18lM4VAeYXYaWKuOgv6Pbmiv1W9rhPbppj0w2VanJEU5WzzZ11yztwYdLSUF4Gylx6WsugMUqJ/twuEBS7HWJhIAV8RwUvbiA4pCvbeH/MRVOFa2gfrVWINX994fsaPKP9ZT4I2auVS8iOgg/0uJnaRzBvWDb6HepxlPrcerlMaenGwbyPsM0K6uMC9bAoYl2B+7MnGRQJOMRrMromFmLStNXNE6iitz9a9pAqIkonJEuh+MXjnV6eGKHQeX7v3xZZGvx6DqHDy9BUFHT+iwgpFzhTFRrKOleyBFnx9naiX3rF1K5CyL9wwhj6YXf9/H7IK1emnoaoQozzihdhlIAcS1LFKFtdYW2CX3dNM2tK8koF4InSviRd9KeWtHiUrreJxnbD+4fgr7dE1zn4blBoCTkZgeAK87zK/xow9wx876O++8s4krWSvaQsXnsVzB1TlXjj4LX5eJxIm90FooNjQnEQ8ILPWFjaLuQC0G0AHco6Oae+S3JTyqk/ZJxCZBNBsCeBiATfPGvBu/2FMqms/sVe62i+NOMHl1Vj1EI4Pie/0+PACtQ+eHfulGIPi2IGh8aCrhxet9SaV0IO3tvvVUSYHZcRzP4XovrSQn6IRBiT80kZm9JDelw3OoeM0VCwK4SuyF5ENccTvPZyj0fe60Q2f6QZN5rEsfX4LoPcu3edxxZDvnLnxIJ6AbYsPQXpEByCUXDQbT5n1xgaS8p6gDM9gloZ49p/KbRArK7aGdAiIv0F3NjczFTONmavMd8QD+jLSlr/dpiVT3BDj5tcMiZ54jwJmxEWXVr3fX2MhgOvM0dXSrr0A3/VLym19AinoKKP74d17kPYQ4VeI4OVGui4W0aLM/MIh/YsoXFPxK/KHiwaQVwtm1Nsj51EKe/TDLu7Ks4+Q1t87KM3AbVZ5tu5o0RTaP8sK2wvxitNePTPhHPdaUc18YKoKW/EGhRG7gA7NcoEy6rZN/b/E5Pzet/swyYJGwG10HFm/jX50kOpM4SdxWJH347WzmjNn5+q7UE6JHN2mTv6Q4ohpT2ZpmzKjjG7XyWZBNJJ4m+e1rd4rA/ehiTmaBgUMPexgt0WZ5bG6qqK9soIPI4w1JT26Xc4kGRzVGnle1yijq9/SXzLL2aK8JL1qcxRwIveMdn8TwxJiA+P/gJjEC1MkL3Kikm1In8byXR2ZbCN2fVb5lYVmLTMqtW7/cwjyCbEOdvirRRW4a8ILLLw/1K9hvwFKYythQeeCWO6O8IHCJ9+Qbo9kamcb+9yblZAw/mEuqMlL3QO4V7zuvZOLZr4y4AkZYBQ39w39m/JfGUApnUNSzrbv2GHDf1rdlVnvBRQ1xhFMpJAwUpopxxbZG1QHRsz9ddY3nrOBlrH+7f0p3pqnKTbFWoCC2lJsWBq85YYh3vBsg0YnYkVU4aAPZeTTsI41QHjxtgnLNm1amDSq6CoOIdNdhcScEj7YZKDiMWW2dxfSavCBN55YfolDNWDpJ4FH2hMl9nIg2wITwi1zGjCc/+Gq0ujQ/P5Q1bjiNxZuFqKrMtgMd7iwUBj3mGi1sJVgv/iD6rXTgYaLoj0jF+3sA3WGVIEDB95KTtSZXmcFXOdEFki6+r/OWvUe+zXxhsyxVxumQls+kADgl5fkEapCHbbBWJHilCMKHYDHBRuEoLleCdpX3OjexejtHPzfRv+5kicPqQYyyH8Oyhz3CK9GExnK05A22tqYya3aSF2PDboI8FPqk9+NmqSbYLUwa954ujXz7oJOq1dBPO5A1HiUfNafzHEW6JXIe0yk4qxAI5uAxUDcPlGS62WkkID2A4LmFUZVDCw7FhrVfk8OJlqwtxPHZLlppWaLebRYGqmpiEIxYdxRE7MqkF60c4hGi9CSnkljZCh8vTxRdCNAVau9enkyqNkDEMFsFoxNOMP9w/qicpOVsmRDv3EPuA3237BowOrLKrn3NwZNAGSGYFSvid1rC0bDoNL7Alpbin/SQt4N+cvOuQAgzIKfYa+49nMgB1tVtAiVbh8PsMHbzrHo9KIoq7pBYNZQN9mQKm9PlD8w4qATgpqLQQOG4E9XXZ9CngZBjicCdY8ZHaKbWxKlm2FYDrsQbZvL4XIg8FfwBBLklKP9ACtwPW7oy2AoMkTiZNFdRhp+WOead4VOZG+lcm17H8++mD+My1s0BtbO9fMbjua7mzXjC9yXSTo562cgN+oW/eQkEf9MGTRSHyP74SLW5hHMigOfve+e0h17efykXOfrYfNK3RbQQfpFubP0ItPbAI7QS4TiQlsvqbs7KCDHjbCatjPAwo+9/nVEUq5PdbJXqbpelt1EZQ/u4vr3W2MPnnfYGHf9bJ6Zvl28HyQ7YkpPgN67jWjT/Fk7RMHvEcE+A3KRjPC3YlHCT0hdy3Nznoiqb7jDCzoGuaGm2/3slxz16/H9Fvx1CybdoV6bqMafiFpx/9dCFQthGMOxR4xUtXYweM5x+bbfSiCCgnn8k/6+/08mtWx9+vgdvLUlLz0GIaejN16AHz6FmuNpQvGpQRYBBeaoCxWVLO4mGdqLzTd5oCWli2rEnXFjr6W1PdrZkjPvApoDGpnzlzJe/WPOAcreSX0qtG/uIjxEtuw4DkKoypZJuXwYg6KXBz83fGsJT8TlL2o+t9JnTcoOJH4Vjx7g9VYsinnMyHirV7dYTqLIrMy4HmSEWBQbDvTSQxheD7rxRC9e+pby1gjYqX/gVcSLiqi40Ag2p+7kJzcVdecZEUzLCBgtTSRrxBvkjteTc2fx1TTeSNw9vWFqbAfqsw6E5j/d/M5FKChbB71OZseRCZY8qNcvUzF1z7iHVHvpndgdcHBCx6h164nHjE/Sh8nAZALiJY5MjBBCoiIQsLtnt2T3D7H26qbYssAMiKdPDeUNdZ2CKncaEgIJRzN9OkCvnpRGmEX+bzq5mHjWWbk8Jnnf8p1fW9A5I6Su0EAi+PtcKhIjDVw2/AXiarajJmzLEfOgwFsrZTZ/b4pduAnRlADHfO8xZ/4tLLpxz+2LTTdFzRKyU0XrSI+HEpSugKsKPD8wdPCz3c0Z1hogrreHRy1aP6Spr28Vjk0Tc2hqjssULIuP3QUaVddYDjvOYC8d5hluUVZMBdNawYuJ7ACWjDrI4wq+MAg0mUqSfkxQ1bkh+ReexxrXI1N9rWlw+dQvN/vOmbIr+CyZNuELsKJepd4Mzh9Efl0fg7/BHYsP/tcluAP50OAuQYRqMi+frYlGlJGuc/yqSTSMxZzZ0MtBO20+sqAfPW2I1U8jTWseoBVOeiLvV9l8dOg3Er12fdMBEQTRfKPfHK2vYaEV6Pzm7sUpfnQQ6/ae65DPMQYPH4SErVfWmSOMqspt4MTNI6U9BvyCNSxaGh6RwC9exRdsd7lnJSTj/lYBbGwgsVLyu5ktgu31Bv9bzpfTCXh/10U7i0V6E1qPaxPt0avjGIqLra7TOtg9dSkijXuSn0By7gtByOLU/e8A0Lvj4AaO3IpjjXAa2yEZtX/8Y97FsvrGy9twF74uuKyoojZzOzwHHb2o+C6+DTPGnxsY9tep3/N7VNRGOOWVLGaduDhqxGZwz7lYzOmgfftGfWo2aBCBkozhGOZzbRztIg30qYEzdXwLYGBvXct8S1W+ae8/2lhuAWusEFub0G2txb8iwA0V7w09QET8i+jCaqqwNAUy6HxUxmR5+JbWu0ZBuYe1F5sytELdUidpqdNEgi+tzCRoIJ4V0hnj9NYRE5fW1c3QX8rzeavYDcoa6SBoKTidjAQo74B/dvmoobL2aZE02mE+iBTjqdTcRZTDGozXgvyOObjyTnXwcjC6D+91NP0IX9Wmu4xgTgLffKXBI27aOdN3p/rHHj7hVL8mbT1zJokjiHPLz6md5CJbyTdPVnRt+4LKVZBYaGKIiRsVB8VCpgL/xBsru8BtsVe0Pq9VqwyXU/xEivsepnKhGHq15r39TNT7Ui93jQ8u5ZWcj8nXZyWIQT8MTNtLnf/kkEEWNO9CQJb/D+/9yE1mhUAZvMXSe/8eUS13XrxltYhrDioP+xHsb8NfiN9VMLQ3nDsfHbJq+nIgvMPaQhTqNt3XJx/8NZlD+iT6fQEkYlhkdi9K1tUFtcB+TdEwzU53I6MmxogrGljcRRsQfQqQfrFfwULo2s/yrh6nd6ujN66r9loIiY/dGcPyoNpTqDnwFRM0n49MXMnjTpzNiFcYYIAvYtmsVG7bo0Ie3Vxkn4ydg66B1SgjA7u+aRKR+vJvDrlv/WNzZhyIg46K4ok4Jg8Z2QK6qeLhyKhNEeQ4+um9QUYxQruxwMIO2MAiJgLmdjmWoVtXFag0ZR3VZnIR0XZJzrKgaBGM1mbfj74/SP1xCfGg2uTu4NgwH1oVAQP42Q1ABTHn8Cb084YcAH/zUgo9gfaAWmau77kxmI1EYx/kiw65+fZfHfpBwT+0pS2HHs8XqLUlQg5d+UYpC1ibwivpQyw0WFMzyywn4sxXRzFFZkK9cJJNlsuMopR546Kojci7+abROTB7EcVe1bXBYcdFREF93J/PwNYTJ2nd3+huBatmhbzOhqn89q2psEp60/fO6hmkCtrXKv2I5TzJoJHBO9FIC/OCMeqcp4ERBt3iKcPFMfs+STnjIbLqMnYQeeSYnqb/vx8woNContkwNFC4lUgO1UGXZw4T2PTDJYENLap1SJz8raql0ZLxoCFR43lrshe+KDmYAx9S2pn7m/F57CxKGozuX2WOnGQKrV1IuBW9kiWXblXwfBTU63Gpg7YqPBAMkkKnFeqYX6uW+Fgo9k0bABqGHmtykkZI1uWiTPsblEzPj/vz1KbWHKida/KkJD+soyV2Oj43PT4iRcvwMtgeTUXFUpmdbS3oRjACXQOFFor1OKfO3wtJzx/vYj1KrfAIzLv58ZaawtH29gzfu57b2vdH1VrMpy6eCuFqLVWJCaLnGpNTB3MvW++kYeeLkWQLHI4vHx73HvhmCctTVRAlfuxxoAbRP9+jgsG/Di59CHUboqMvd64DkpUpHDacU8sFTL/7Ga2lH1w/0M6jFty0epgLLGdEJbUParTWe7XoilVfsO3Z6RjEF3hCmbo6Q1qnsoaibQxKk/8cu6Yyl4K5iW/bacGeN89bP/d1M66G08aWPWsaJsj8NcXPc+FJsFgA3QwCg+gGV4u06q5/ZVA11YNXbF2EWfeR5pe2OkOlulE3/Vs597us2N4aNaw22iAo4XWNEOY+zSphkz/cv8hvxIRC3qY6Qaptbe2b4nQ9FT+mBOnRl+JD5ELXNzZQQcThqTrCs644xLl6acj7yos0knBaUZmGNIHJD3zR36YOr+w0B1kJqp/cmbGhhmqf0+gZ+5LaFOz53t1mjpHiWPE20X2oJ3VDy/kFy1MsJbyTDFafPrORt4RW/DFIXMbBG3P76FkH18Hy7jSQ0q82e50cDBOFPZVsw2kMp7sHhSlOEUDvVH8/WEiGCfy8gm8MTRt23UoRofJ0MitzVhlfHs93pTlr2ce5EbPvbYQU3SEG2UfxiuT67j7ta5tI0vWa9aESuiW3xOGLdYm86XDDp8SXp1BWGwKjx8Fj7yu+PoT87LpqpJQnTOrZUwIpGyOWEU6xGwGYTTP+rTwbNzWrdys1oSDyOWSccZDKui2Ph/m0YOsvtBtchwaXOGjvPATwSbyEEUITL98nVitvhm3cEunnQxIrz3AsNIlKZ6dhcuRlemX5TjVr0go2iSntk697qH50u0tt2E3H8ytTEVdSju6CVY0T8lKQG2CG00PdAA4ZaotGvhNvTZxcUDZ0FQkD/01x8dKD2OiYaC/vr+UMSbbqrBYc6xIM3YTbP/Ym0wttEx60ZIi6Xp0TxD2uqWvsXd143pGA25gKoeme6vFQ2bS7NpTUr8zQV5J1JCDyZe5+KWKy6/fT0ReEyJeIBfyEQLLMA4zkxVbm57x1sxwje2domDBYlKqM55LvCRHL0pV/VbeGOvx90LzWyOFILhYOtV4w7Xlda2Q0iY1YD3a1OcSZ6OmA4SvnLZFGMFX0nASqU8eG5NlmY7OBvNKLQwEe43zdIFK9udAGXIqGsDY40pUaE3/EyRvUNYq+chqBlMlurI5XEXOBdRRYD0j8a9OP9ED7sjCRmCXKClbTZK1jtK6JE2IsDiYg9hb9/s7aArh7G0tCX5GT8/EuUmmiCfqtIyoWWc72h2nJUMGWutJmi5/Sos4502Ff2p1fRnnBfZxLJ2KAN+3yo53GxNxcBC5YW62rIMudDEv7sWr9nwEPRvYOTkHKWlRoRn2XOYR6g8EOm2iwayDUrz68UKDhlZT/CV2fGYHqqrElibS26TO/HgEWeOIEhO97fR9NHxU8r4rnUs+9ErR/2BFKyFATrNEOS1IcWaDxrTrQnwFTG70GZvbtA01PcS4P/l307pO+MXcip2a4+3pKXw1gI4dsLlaitizrPRfcuVuxxIAPI9m6tv0H31avF54+2gnqZhJL1iKmFkRkhOqqxA/WIaIL5sC1Oek1UAOCgebHWwN1YiwxYpRqQdNr7+q+8v1yz9+jFxM0xKG+HF2JKfz1cuh4qPce8EXBeOBIlWEQt5HXSwhbSr2hhWenkFZyT4R3bjRUCXWidIHEV1Q4CZkFOcgA3psl4xsDeeR1P+caWDo51c8fnLiRsnGJOlhVnejaWTK2qN75hErruuyB05v3kD8WpkkjXRtW0vihAGK6W4mzD1h2LwP2lQwlkLsuMMSIiS2MTSdQF8J/Bz1BP9IwWuVHINWqVOvLjmX0yifv8GFa9UUwQJnSYYyKmoJttflR6oOJWAzSd7IwxrLRFwe4jd6Xmvz6mBwMtTWTdsSFmZ8fncvDheEgTTZAAcMAYlaINsQx/XhGX8a2U0xTSZCB+wbAovr7uSO2ZCNUyTO4hdYq0YyuCQo+v7abv4LZsRO9Yi1xUxGkjKuzvz+aKX2IMmYHsbh7j2Pk0xYo0gRjG58JTtARZWQa3izNn0RU4gp7YX6tVRYILdIwi8silRZW8cMe8XX+sk40Bo7IgboODuWyfSA1xfisf7UlQzWZ6i+wlr+MnHcdcyaH1q3Ek0kJromyaMdmx6IsKycGSJQHYzSOwBxRNPDL2Iep6lH5Fz8tjgqjVCJEsaXkAvqEi6pfskJ4OmT93N/5cpfuYD2QUaK08aK3QybhC6MlKhb1A0Otdaoxon8ijOr2VjF+r2Y+PW4UTtz2+fHdR75mcPPvsmeXYE9tHJRM4gTvylgnuZ26iCicFR+cLuwn/p452kgkR4dJ70bB+kvMBeYLgULWld6A3jcIT1WONEQY5LOzMTegIu7Bzwib/QYAGtSUUd7h9Wd4iCDVwEFkP+T9EIChFiwKo8UZjHWmqUiMq9Mv3v1t1jVZK8gv61P03/vJCSoz86fIEQFJx8aW9Mj/ih2Vqg+les0peaa522gXcZF0GKqVgsInT2TDDi/kQDnSXDkqpbYbrRMicXfNntucFvrqh/S3d1j4ThZmUr5RTQC4boQOep7wSLTIl6ykIYbe+9LII2G7D884iNzHWb4W1Yes6oll0K/RlYVZdq4AmvIL0qtxMYNgzHTStgudEje0repUHyBsBbJA/yLDlvapWQt25kJgAgIK4tHEP48PldnnIjofD2yPBWxjzok3b8/EbHR6MSrm+QzLt2pGAo7vOPtjAidrAiQ8XBZLulyFF0DIpu90ucBUXR8Vv8PUvkjBUIyQE7Gmq+SXsgIC9QTXPW6PfK8AwSheE9Rmq2+mr2kghB0vGFB78y3UsVcVncU+N4F2Y3QUcrjMAcFnRZI+f1Vzo0LIOcbc0zLx9lHVzskp7Onx4UtE7dG7CIJXpArLvft4r2B8YVhLCBsM5rAm,iv:FuXPWuugdzXyfwI+c5MsAaCGT/IK7/YwTbBuq/Q+UE0=,tag:QkGuH1yMQ2d8+LUdKdxZsQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-03-31T21:36:11Z" + mac: ENC[AES256_GCM,data:3hbGSFYXJgwEP+BkfWdU1ynpTs1n6zt8Yj6g9nI7f5sULWa88HGzkZX9i7xIRrWaRksjgT5UplYikRHTXKXTkNJLDlmvE00GV65IIVSkzxAVHb3WuKRYHOO9vpDfxI9/t7eijGlQT/gwqBIpdcFsfpw4fG7pCHX68CEYqSb2/mM=,iv:nUrOzVRMbuQ7SarujTJqZvjFK4jbJQto4Rc6WMd6Ay0=,tag:Fm1svF0D7dOsZ6XywHmttA==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/bridges/mautrix-slack/kustomization.yaml b/kustomizations/matrix/bridges/mautrix-slack/kustomization.yaml new file mode 100644 index 0000000..4074873 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-slack/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: slack + app.kubernetes.io/part-of: matrix + app.kubernetes.io/component: bridge +resources: +- statefulset.yaml +- service.yaml +generators: + - secret-generator.yaml diff --git a/kustomizations/matrix/bridges/mautrix-slack/secret-generator.yaml b/kustomizations/matrix/bridges/mautrix-slack/secret-generator.yaml new file mode 100644 index 0000000..d21ac1e --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-slack/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: slack-ksops-secrets +files: + - config-secrets.enc.yaml diff --git a/kustomizations/matrix/bridges/mautrix-slack/service.yaml b/kustomizations/matrix/bridges/mautrix-slack/service.yaml new file mode 100644 index 0000000..a8e33c2 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-slack/service.yaml @@ -0,0 +1,13 @@ +kind: Service +apiVersion: v1 +metadata: + name: mautrix-slack +spec: + publishNotReadyAddresses: true + ports: + - name: http + protocol: TCP + port: 29335 + targetPort: 29335 + selector: {} + type: ClusterIP diff --git a/kustomizations/matrix/bridges/mautrix-slack/statefulset.yaml b/kustomizations/matrix/bridges/mautrix-slack/statefulset.yaml new file mode 100644 index 0000000..aff1afe --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-slack/statefulset.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mautrix-slack-bridge +spec: + serviceName: mautrix-slack + template: + spec: + containers: + - name: slack-mautrix + image: dock.mau.dev/mautrix/slack + command: + - /usr/bin/mautrix-slack + args: + - -n + - -c + - /data/config.yaml + ports: + - name: http + containerPort: 29335 + protocol: TCP + volumeMounts: + - name: config-secrets + mountPath: /data/config.yaml + subPath: config.yaml + livenessProbe: + httpGet: + path: /_matrix/mau/live + port: http + scheme: HTTP + initialDelaySeconds: 120 + readinessProbe: + httpGet: + path: /_matrix/mau/ready + port: http + scheme: HTTP + initialDelaySeconds: 10 + volumes: + - name: config-secrets + secret: + secretName: mautrix-slack-config diff --git a/kustomizations/matrix/bridges/mautrix-telegram/config-secrets.enc.yaml b/kustomizations/matrix/bridges/mautrix-telegram/config-secrets.enc.yaml new file mode 100644 index 0000000..d0a8b5d --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-telegram/config-secrets.enc.yaml @@ -0,0 +1,119 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mautrix-telegram +type: Opaque +stringData: + config.yaml: ENC[AES256_GCM,data:3ELwsZF0/eUCfi7fB0JCpHYRd2FJbTr4JS31ibBNitX+ltNdJe4ETorCALdgjU1ghQmAZKu33CTDUwZwqRnrDfHlojMUsSqJxVdCcFEoGbUweE2lnINNhIkwLuHToowepDoBrHsRYIEtY0ke66B5CRC4rsOiLxMRb9IzI3RXOG3VID1Jv70EC3B3sgYay5medT8320Xafu65r5cLuaN3vIAjgePXjrHglCl9TzD48aoYP9jOXL4AQd96369B2k6NZs5UdK2Tf+CzF+AFVVUCmifLiwEAyfMUyvfwphamUgD1tnbHMwcEF4wZ++wp/m7CirgMGjFJTp9b2+hPN7O2iLHp79SR7d51LBOf3cS8BQ3r17aJeNbshhgbt7yvoa7+CkpZOPdy5r71XVopf9q6uWj/Umn7yuKxIP8vfFOvXwBpg/iIVCQH1ofcq5FMys7rjSnOQIcqjo3+bQ4/xfeWZRfXX09yRPT9hPWbiGtvFbremxaEmorBql0Etep5MN9W6UbUxSJR64O2ZzmIC5QaCZD9Ig4V5ZIfCoVpODUh4csPXAdA1Xuw8OGVO1UkbuA1NzqDYRky/sEVlT+vCvtARIc8hkdkFybwyXiOixm/KMfQ+zbifc4U2XThRYWosjj0x5OxIfrpUxW1tZM1YZqzKSHrr9kezg1+IzZVyMzj0xDU0X5bUZsF1A1Z/ONIWFolxhVaeA4o6RHTeInw0UoqukK2UHAK3HG4zQuQSVD+UJUQJlwjRL3brYpQmsY43/9UXe15mSQ2TKiV+BcjzPEf/0IqlDJ4xySKB01jclrhkTduvuUiU91BGybBsyCPtADbZa3ZUccyTYNoX2tjaN/QJ2f4uTfMBN6V8LOrjjoBSYN/ox3ickInXssr5JYdGcXwB719Oi3qUNQBqtt2OSW3a+1Q6T5Pz5KjPgHkahaoiXMQPr25hgzkBAmlm5DqdXQvc9lL2NMQ5pNpUs1tCURcAULS5sfl4ikOYn7o2d8O/bUgT+TJXHLwjIEdtFUaSZCDu1ESNbSo0ccmM9RCuS+wsnp7a9gqjPzsE7VD8WXT6mXZIj2VbhrFUAO8PHm75F/tNJwfyFhLEnqYLDaH1vbxqro6gd6vF6L2BZ8OXY2sLSvI0Jfwg4MPZIu/acSGDA9aN21PXZFIXW7ZleFekbEEAR652482qzeaKnrR9CkH53PpwSURQoR4Tgk5/gECNO5IzLZdzxFOIwG4+Vqt1GPa5inovtS9l2OEN11FsasBh9SFGbuMyQ5XnN+l7ANWjgYO2hoKhO+yqy01H+8enmRks/pS4kPqwiGdg0tQw/+u7CA5KRbTu36JX1zmvnOM7kTKzJBHFwR2pu7P04btZHc1pVafNFEM4iwYUu6qjO0MdGRR880TDZ8djnH4JjBS9moEjhpedu6FNTQkoa9G8SvhuhBMBDi3nM7oPgTNWiHpp4EaEHBRQpEEpeU/3K14mDvRUDuOWIpw2ae5Eq4gHSf1+mEaLebxO4UnWNVyofyZq2aWgXuGZxfQOuMDj29izHG1Cop+POcmQlVLcuey9Fi4evjxNP0getcFF4PusVE6cgqq1+FmpILkn2BOSB3UOQm5EDtX5nrW7oScgPCuCeCJbcwZ1uYWxSi9WAn5wyqj4Jef9GwT2l46yO0xpOW5jVpdUdj88Qt38PBh3as8aNVn8vhU3AU0jeANoui19G+rRpEXLK58P3K7/yLh+wmujpquguC6vwlKqlPlLsqvQNXh3yMERpOJRN8mvGI07Svd9iyS6iDNxBKsJoiv9wp6Uq7VytgU/D4lhR5L+huHCu1zd+llsqABQpkUttOu91oYHohCDQzEcwe4hj8jFT83SE46VaB6KpAfIWgHwTsJun86CYq016YaJuPhZyJR6PVpjmRJMykWTHAdwAkZzgVHzhX1cENt9M4EaT6HiJyvf3HZ96fTkR1jQY7L2ybTFNHklYatAWmEi/+gYyCuzt5mqfMo5ONIGjblKmBvHHik95EBCcwqSBUzCBzNN1jIJcbfdrK2X5F1jSw7SUJ1pjVCdZrrS7wvdlNxsSO0WkJMymkwiSc7itNm0e9bITmSmp9gqL2QULGTLpoL49Cqvd9MnfG89ExERFNCv24l99FTMImgHM5Bu1kbBnVJ8woN8mS3UR8p0Q5BkgCS5LHBZp7ZVgnoEj3fYWY42nlHipS4U1wwlAHLJQzZ4htcpxX4j3uzHTy+6aMVVl1n/O2EXeUnDNkbdFtrF1wh0IkMlnACyPV1N8lv+s3U98aLSdxmLEMxZ2thxAr0MaexiQXiRwIzs1KWK5dA5Igfpt9e/ppZfNY54+VMwlaBsFfttYzqp7uaKvCEWadj5iFINqWYwd39UJAu05tQLM4O3mJM4XNN1FbFbvKAettMprjvlqNr4q+QvA6moWOgrXoZzV5Fr+40S21Xtcr9N03zjsT7eEoSmRxFc4zirmyCba3texbVVXpjadMvHhqnGLKUr6DXvQ98HARMLfoc++g4WfAfIy6mJ6I5MzH9vPsQxsHPUwk3mmCUxbSOxmZWap92tJZu8vu/3bTUxT5c1ogBzV1FeJU/u0P2eu8ymvlj+eEtHSc7+JCMH4H7l7NjzEThjWGl4wBIFfVFuYQgEK8jAlgnJ+QJ1rVJB5dmqvPK9S3laWMnEZFsmq8tZpHx8PKiF3kNzAU6rqQUdf3KOwVcrJgGRBhepGWwNpSzHTnpGBeFbe/JdqIphnXlKdd3mTQH1TUlHyDCGKdwjno4gmxrcqbZ2qvDF8EST9OojGP6+xwmhC8r75HFSwfBrL6cv71rztD037xnZ9q4JTcRGH2L+XtRQRAcY5QQeDmoitRk52D9xP6ybiUCETaRnm/KwDwofLMMidjWcV2OqX7FBIidml7pMK82sYdbxj1tTJEKuigQmHps/Ukziq9wlKwkwu+llgWNBctjkKCzRct+012iS29d8nMnjs1xh/nPCkq0dR+cxaTOSxiPins6BZ9O/p5HnT+Gmw0I0PnkJgqOx2YIOhbQ7kYWx9pIttPp8sUsfP9Kv2Rp1OKK6eIdnn+rAwWIf91e127CN+H4B/3tCmrJoPmaNDHuWyBZgLnrO2uDKYUg7KSVKoD25zeLzmKRKkvpo5MMx9P1Zfhk097/Z55iTXxDRrSLCmEf4ratqnCwHyK8jPK2iPXO66GN6cqDNmCWz89lxpFHhJGnIpK38Jp9KweWyfFTHLwJTE4pgoAWDXJPJBUWBED6ivF+z0whaz/tQHvE9q7Fw1OrWOHllsLBYxhM8vWXTA/CFyZW3qeXmDdOEVce+VF5q+2v/osCxEaDig4FWokarO9jKcZYXf1dVUlDyfuSfj2HNBy31DIW3JPK8PmeZ010P7hPCuQy1JSt+OX5Fr6UNMr8gzJ1t3uDWARv3DihjafAJbFah80QIpBzRQS8cr+NtHtjOWqwPYAcYZlNIKW8TvOoDYuup1uiGVO4MNFfkpfoxcY2evVEzOqqL2/Xl32M+aSgkhc/QIaMKcJsqSPmjWWkWUBP3PEZ3T5naega6UWor5JkWG267QZ0arExTW3rYphYhkI+wvDIPjqNB0/OlaQa8JuQOAwb4B5bIpJN5xkBbC7jgqYCvIz/PEZGdYrEsQzHBPIhziP+CWpmvJEHqaA/kmm2Jje9xxwTqOJCC+24TbediFjR+hACowc9DxjK6VCzbEbmoYU+RVHTTSncidKdz2wa9yp4aZR2yLW430VD4WCMBqpnbG5ocvSnUwZXOMILZqmY0huYdrkxvcOc3cglrq1h3/Bygm0dnVkMrs37ZDsNTgw5wCXUVvKC7psmo/xZy0fqc2LDwAgMRHT0NHTES2/M1tNzgQYD/YHbNIX9cHFYUcnqrg+ET+8zf9PUMlTeAUY5P2TfvIIY/Yebl03TjRo12sGYlg3Rw9QYOXHn6S4qw9y/v9douYyBrVnomitQmp6iVav6lWIPNvpnLMfgVx5Fb8AMldJqJNBDAx29zUSa1IcaprfcPYfttR0oXiAx/U9/z6uge7WbJCbVQKYr+/46RbprXu+eIy13lPk78d/9cVRww1nTtL7pccR2/gvCRURCdnXrs91GDmdMxFiZYKJnK9sPG7d2EorMc6kG0ETL4KJiYsyHWaK4h23qA1dsn7wSF+zaIJHMu0uHdaX1J9Mrl1TP3/aZtLUk6jkASy1GRqlT/kkkoJxouVfdljgTMnnWxVBuMN8bDrEuYySNSLnwzr4P1BEGERAMGSzydyugNWk1odBVL+bz0nTgapIr0Y/H9rzv0ymfmhohlIJe3WN/3lNjgcpWuy+6Gz5Ld9ps/mIjNioIfn66O8yjd7Y394jxOiwcE+TYw6aCgeiqRUBlClyUL9Ka+bbw2QD+6uiMqVSsl1gVBtUJ0lz3utKFARFt4sgWsxdrdzxJwS4YtaSgo16uyqW+ET4lOMFtB14lTKkpWubc86jkL1SoHFaYzvEu78NDS52ds9V+qvOitLHNIwBQKQe+NQK3WcpH/Gvzp0bQMUINqsGMyJEXdxCrGlV9u+Dd6qGwB/RptADdFxYU/wbWC/wAuqnNMXz9OUWyLh6PnKVxEgswnE6n10nz53WaagsL6OqM3xfhLhe9HA6QCkUgm2uKmV2N+ZTq/g8FwjiQIm9Xq2YTZDtyOuI6aOH3WXaYHaXk556uDvh6OoclR+kI2z0n/sM1GGWVQpxcq3eoNFU9WQ3lNcRsE/6p+BdyrktgxmUFWE9ndIzwwFfdztNVebEi8SJvv/vcfLssTKkQ97EFMXj4eWTHOSaGmwPBi4PXJBsLZWfpAPG2Ml/yn75mgSmbEwwnlD+v1q/FrQYH/m8vbi5lwd1Rj+n/6SkD+DTCFOZIhc7awRymsqSPnqFHYICXbUZdu8ieQKPi8ldkZxVqg+sVu555i6JbYoFFF26BhPjjMDstG7fs0YOOTozX0od3DBDH+KeUzKGSkla8u6z5voQcll/JQ8oC+SjZbHDQ+fOAKMToJDbRNo0cOwr7J/4cAKJagOkWdySb4gYa1e0O6dha2mKrdCkfXfiY/zR7ud7RqGxbUFTP595bMcO14lStNs4cLuQgfdGQJBNrOI+h/QIlUZzEZD3odisAitJ2Xcx+R6nIfkMbIeqpSs13BUvgh/2T2X7bnMJnzFa9E7FVNOwgQRRuz72cdg/9VnuDPfYTnaxmcwQ/oGlDFPdyD49l3wMXVHLtzzEYQ+6VOZzdAxtXUK4gV4wSWWS6Jk21r2tOmzunFF0iN7wpPWcfCHjz7MTz+vaUrfa+8dij6xsKxZsR46ReDwvsA2UO8RtBIXXOzPnp3RSrw75odB87VeWZNCWFXHUqU2LAaqNdu9A7NFFYoBbYPeWoAZvWlS+0a6aKYEx3t5cEpfhzmAJGl3raxRSCaAroe+aqenVynAGbACpf/grWlw0UZCp1g3JpyC7pML0etNH7DocorcsJCJqpp/p+dNGovnSn1CaakpZtOtFeXfHNd4no61uqTfdpFcGAOZGHzp4wo7ccvkYLM0APnOz477eIhse7QsXqKlpB+fWWcxcR8uEjqCl7nkSLOFgKEDuNgclbYnBhBsRhfhZ2CqQEo++F3/ZGSKV/2G1BAY0I4PUrSIKtdS3ks2hMWjOuKotcPn/RSCWx8xLh9ZC/tOqFkBdfviH6H7PtKtVdfXGGkPU+TvG0Y/ocIFnbU2uPlZXgyOptizkdcZWgxEoReNXY7treS4psFR0wI5ZdqSm5DTesGdJKn7JhoV23RU3Rd+wL2j5CEjeUhUlI7JLRxQdsh2kt5NV1L1caJKK+FoCpzrQWYLwMma71y9qttAtPyOnZJQi7w42Sq0ZWvVCfDb5+w/fYpIwDQeY91tDwUY1O0U21irm02xvU3VYclAkiNyz0pVdFkT5W2IFhj1Cmto8P3nIveQn09sE6gDTjZMYtMSxgRAmLf8tg/rUnn1wKTJj/nJjXNUBu6jOIsBxUHzyYR9dkCLCxH4blSQeODDHjM2klpJa9kCwoR4FAvqvTU28V/p00RpCEBQUj8RGCsRvGdRW27iiVMqi59/L1Xo7/ddXfk1oCeUfUBTgrsV9abp8W0VDcr1yCD+SkuFXYQ6gcFPo4fi8cQzgMKvnSjMn6U1r9PEh4kdYTm75assbitpI/D31YnlDT2XkmTrv34I6uWKLTXDLocP8jUEpnuM1nbR3oPa3AUVmG6vBsGB4w3v0hTiRvTu/7jtJLgvFIHrRHpJuH3o0/hv+S9pHwOlW8OV3+rsVj7O2UA7QOIpvJaSE5RQksOdInZkZGhFlmO6JkenaJ12tdX29kN/48SjvWVys1f5lgrauUGcqYxjSRhNV9316V2XjG4qojsmIY4v/CWMxYJvqzeRvGg8W6+83psC6ki1O32NxzozgQkxvDPuht0LxoB/qhGPpE+ID1JARDVT06WXmAfMw1naSEn949vvP5rJivNjmUbWZf7axMIo5tVLmyr3JVty8bGSP+Ly1pASOPmKMF5wBwUsr4GztTMYTB38b+EdHm3QmLFh8mET4voJtSZBde99l4UnMQzQ/9n3+bNR8aFS9qg0Rv3DF/3ktDR+ukotelKx4o+OCuYQSR6s3bV1HyUx8xGG5SUcaQPOtPEMZREjwm5D9Z78Te8CrJR910NyWjrx72d87lxE8+lcQzWFVyyVX8mpcG5NFsPwT/eg8413FiK0AVEbFSnv/H0dFtL/0z0lBXqEh4gdBiImOwovG5tjRkO0l/JdBJvVF3UuhIvpFmTmhNpFHGyMdY/wf1Nvn6/XyIoou9P2DerRfUCh1n4mNsnqG39d7E+BNahy409/Pwzn96AWDiLIUmGlsGSq2QoiQAOdpKRORWxrehIkU3g+gxnq4TiKyyhHfoom53KhNY9Z8mR8O5MyTeG9mmzx++E+MpAlMZXGnw4wqM6jnCDSohwmLanoEZ0ttTnVJa9MrfrAkSZ3bSqT+0tarfmKd7ovhjiMhKsNMJGAG3/I9zEyuHY7yyVY+Cw5rHCjCvoBAJQvuQqI/BMd6Mh9XMpS5b7jVDoFw389GHmT2lBaj0/2IFXXHcd/q7uRJU4UFoFg02sMBWtDYyY2LWI/iWdI2DtF86vJvxBhAfsZzKR8GMRZe/e7l8fktgo8+oPranKSjA4TZDmV82i5tBZNqaK/GN0J5UKxn7BrnJFyOp2bw6YZQmHMsB323qhLL8zuhEPGmc0C4io8ybfhbFm+yt+bvH2Nku0FJzKwnezl2OReKWS1B23pj52t87e+/JAUl28yGQ60uq/l2CKVwPcflHlzaUWwisJFjfHrm6IkXsclylcpl3csB+Gn4qLjQJdtNuGB8zfPEqeNA+jSqZ4lAptjWtzpMXJ62+0L3K+GwTn7uZL4EBUzKxiPm63nAVg/73HGH/6kmPCRn8/yGF2oVD2HDne92JCC+ytOg3ztAW0WZMOTMMmDC/vRqAmIyV0JTkJlpkMoAGflpKD36gTWRy/lN/doenkc/0MnIqjMU9KNopa5ObyQnUfarl0KK2hhGXNOvHLtDzbw8EA1DUZbfPd4A8IbK3wdc0fsa/b9Zr/krxWR/qJoME1dQ344ZuXtgIXyd0kUHHyV1dcDfZgPXKivL7/VYdDkSiFwZsu7i6cSz/SzBOdjVgoAbTGklEu9Y1WWsA+Dcd4sAP/z0e8sMz8E07bULPq/VwF3yyocn+nzLIxBb4gSMRfcmEjm3fuD9TA436Dd90GUum3EP5RDGqRKp14SS/gKCUCUvepNyA0VaTStohLdxKXGv02IakNYVfpcSFMK9A6x2iSvfVkB0SW9h11PmuDY3BQ+1oF+nScDKsaXSR1vJiRAIt7nt5lTUScm0JbcTdRA4yQJ99SZXoTcpT6xrmbxDMaJRNWfQr1BfrgJmkoItgqnrevutwtP1c0sCwJ0172o3MZFkq+NQVbjLZVEkO491kvCtfoLDE3aXvRxUdbr5U0OCF6mc5m9TfRmPcJ1G/r0Ixl4Vr2VL1/I9ibqCVJYY8NYw2cUOVEi2545KpI5DXa4xTvggqW3t0srrvwJLlrxWaKzpaULrsBLPgGAvSCoFO6kO16I2Pfzn/BP+jS7EXJb0quWLAXNBx63er9oMnRIuSVwaeq6Em6fwpgmwqdeDp7YcmNIAmkJ1rkAx5XNmRfibNsvpBgU7fz07vU9WdBvD691CpfUOQh5AZ7uCShpOCgUSO2IrHTmwkIx7iYUuG8tS6QrjJpv+Gc9VkGsXInaYPS+83+XXq6oJ0dXzYN5VsbKrDR3fVV42hHf2+1jgdQPe4P916pgFeUpmEIMIlkqHmepK/WCLc5bZhINgHL/MdlPSYMbGlIMrTWIx1S67mE0byI2qpU1L89AWB4Wpv4U+8Pek7O1cEHADj+443S46hLf0S5QYeoyVX9ylzEGR7kcMmYYsLQU77Qw6BMutNk7qAsiqCWbiU9baaia8DnsMSk1WYU6YMIFezgXoI9ulWdFQLWRWNsDyTUjcUR41jTQKfPn9wKqXAYJOrqH3qrVeUMXri8wMyp/yywLuKst6YgEvEI9s3RnFjqi6J9yGgSIx7WFW6wSym7HUE8vkZ5qZtAztZI0Zj5zrJXKwzqKUbjHr+42CK65eWeNYkA/s9e8smEzIRTzai6yQ/U9CEg/73P3IjM9DZyWsm2AmaFiN5r/wAunoIxbNtmvW6o2KeuR3f1g8oM/CjSUTIHC/jgIFwgJ25bDPY3N/1cIVYgFT+E5FBz8+gB+jkpaozX/VZnsl+Gj9VKeuQWntgnh+YfpuCxWflWP4LpPjSz0aDAOa7xMKCHlZz/pbLuKvuLuV1iLuI1K0HBrNbDKRRaCNBIVxdUyYcTsSSljMpuUKNRtwbH3/nnXF2Ltu/0EwLgHdXgJ3EHQv2h5xEAF7Grn4lrWuTVOqEWGBkFqOwhcxfgAg8pbLZzD6pLxcLbDSsFysXBdJpesOop0DD46uo3o0FUhDiyjV5bwLMtpzb6JX0+kh68kFUg6uoylZVlQbMUoyOf7TfYFYCFLGrEiq2eh2JWRHqd5V4sv7LR4VOFIiuCdGkk4ve9mNaX8fg2GC03EqzyglgEHki2w6NC/aS2V1Cs2JarCrSpJhi3g50B5o5kLCed7xsCUCSCvEM08sGvGXet/FsEV9VSmkkjG+WhXP4Nu+jpU4BGgiqWh7ABwnYa0rOIjZfbz19YcIV0MzDwLibzv16YVuRjfY9cY0C3rwkhBXk9OsvVMidu07Jc6JRBN+szdJJsrG1B9O0fpiqhyj7hXFHAPmB3ymBzVGwC5NktllEFsqMUPwlrDcVOy9+l1FIimOOJY35HUgsqGtOZMkZ08QbqTWdP2ceTFBuX084GSkLzk9HGVHIFilAq62lFQgMNVSz9GKMeMNtyr50hQ0FQyfLvs6cfzYHnnDzKp2Q3cHgG1oBo5PT+vLWlxexY9mPH3VkkKyXVtOms4iasFTaxrT1LPEd7lSo41OQjSSYNnrKhnJ46RMYL4uyZmDBU2B0fTpOL/ZMp8yD+/TOe9Cm1GkLNiImylAkystJGjJHzNGmvXE7NR9qDFitfTcES0vED/+f+7unDLek9FKljyAOb2EPghuFTg04VAJfQgBaevn7cABSAIG6GULdkRVcN0EXaC2vBjsQCdVKKvxIcmt5NhU91zUgmYUJiTat7ivmxX9UwZi5qzKgtN0ruZ2bsbZLkD99Pu0ROh7m4/nIehbC1J15JMtJMzgGzSkuVZoV3UNqjDfnnKE9iyepJGVSah2LjweFrEUOLOuc2VHeAJKW9ByP1nkWE/n7Wnqe1wAjLxI36ZETLV5cQWVyf4QEWRStNwPgZTrUVynpj7wHjwhx5YATcKJ3HFxiKaOU2WhyiUjC7LcbRXPLOve+KYnwMqviNiutrZXhmpaWWoaz0q8of0EEaWg664DL3PNbwGKMQN/RKfg3pytTM+jtSh1ONGbhWVLy6UuIX3MbVq4xLtKjAHHsEpTaS0iKKnrlCwIBDd8qahlxrUqlKLXNodoqNED0rNaEXEk7y2rWBtX0E0JrpPhezRuiacMbvtiYqvz3EAhdFOoKCOBsuRVAbE7z1qelwkz8HGDjHyLfRLHd0ITG++PXpc/zmYElaUo4xF09knf8zgRBMJ+g5yedPKBRcxmldoNIbUnGnFKMwyrom4jO4enFTp9aiWcUeq2cCTURgKSEaeTHwEeFeRTv8ZkpCwvyOIZ0DIr3zVbhA34SSA5Mu0FcBWBjq7BEgnijgi0knPSXTs/EzUWfkv3MYyyGg8OMhxjuhQ7QSoDAlgS6zeqppt4emK5Oli+MDWnYQLE6wwmlAiHvcGNYJ2bcjSz8xQ6AIUBby688QbqkexAfq4zPO9bAFrob9vfoMtWk6kvX0JOlkPpCEcjgU5OUICfJe5OS5gl+JQDmK1W8XTShJFllyXtAo0+8Rc2w7r5U0eOXW4q0ibqvowlaMZ33L9wJhU0+sCEVIfU4n2E5G+DQma5yvSl+TkcOzaVClXUJWtP21qro08ThZKESqVbLhrGd8uKaTZDDbMetmjB4aFs9QEtX9XIX77NLO8UStxfRwaGXqMvS+msEH28KCvU6oOdIBfdg7fnT2JPN5PPiL5aeWdZ6lOdcy1xmqTKdg0Uy9xBiIdV8BmcdiJ0QL9W9Xvqe0ANRRTAXiu2ke2KqJAo5DRVU5iROKjrO39sAb3M1gnxxnC4mxdpnyiE73tFk5+3InAuA/nT/xPpG9UeiQaxqs6ElbaQEDBSUYRrnkJ5wyQDJ5QJVR7Ul2f6bCE/dacgLyYXaLdHsLEx7/B5RMnk5hgarRDBHEx9qRKN8mwspTHISn+qRul+8lE+k4ZwIdGB2FIJa9gDugGOSAtfRg6w3KxIZZHJZrYkdHJkbJSpjc9U/hI7Zv3H5YkOhVBL56ldDmlEku+paGkkgl2mQ2421ACUs1F32EamVx3b6M8fO+CPV9W3OfPYh908bLXCIE5627tr2cDqti4WzCeFgI6y1fkLg6gcET0NNmZ5+CYvAIr0hqwr8JswRTd6HA2tVQdcihbTvQ+uEuZz6WRENWhujuWCcFYOKVpEPadUo/TsWukr8bJNfaH9D+YJQOW5Srr9/pyCOc1MZlY3veEKb0q23De1MKYGRMSoeGip6piuEuBoRNG7gZd1ECtXcgH4sCQk3qO4cbdgIO1rphgVzy6sSntJwn86uNizMmKfz00VvtOcccGLE+3R+Lu3HN9Xsiun6ewkcRDysl/+510ycha9UCYKJO6YW3TEk1819hLdlYtiKWDHowVgdGJ1JYEyOdT86YZMcsmz9VVVnz/G0M7Zr9kq/wYNu7TubHC6B+ivWly90jZdBWQowKFzY0O0yZvkaYdOCu1xPpwJZyqZ2LJe8pc3546OANV0edBXHDNphZ2CqoXyVeLiSTa5rlMM04Yo6L5SGInDJjy2mFyu0CB+yrb1498IzkeZAlonCxkNpQH7EpWH10VXGIedxy6BIe9D3CRtt68CzySxPehEdzM6npHMeq1QP5VxBsY72vCXc3t+R1fPSWjif0fCDI55pE1hH/m+RRle7HMTEEw3wjuN5LIti9oS3PjHDnLInaxFqKe4CjPZI7ViBcgfUhx7LurqLwRe1b6wJpL+On3WrDAjvXizFrzPCMhrjDNPJhnbtSVEn2qeRid338xiTYk4PDut5wWOhsMgfqBpdiPpy/6gOA5NQFxU4kjdAsF5XgJxaQPU9bXkwRA+LlLgHY3dOZLmZdyukZn8mX91YSX61UALMYAHP44W2+sR2DjYC/Ww3DnNu7itDAlehPmK9NUuf90m7x3qgk148Gt3lELSUPFDKp3OwZ73HGFR/wp5oTXufYML6ZaiC/xI7g2hXxwnz0uaEy/O/0D3SgzPiSWdnWXfG9mgIDZn4KeNNQyEVocGrk94dBXJLK+ZsZ5i+94Tj0gOgafqW+89b7lM+EM8fN5zF8Sq/6imlDHYnRa9jnzxr072oF4nR9mPrswueH3VkVXdzzX+pUS0gdhvdL9ciJMXgiYP1ah3TuLc4ySbC/vROkapWPbZOTo6YAvcWPpfnUT3azd5Nd46/DP2ZE6K0wJtzVkAV/fRSOF3bFG3BjRyEeI35lIEhOs8w8jolCpsoSuOzgZEzZ2FUOT76grElxnqP7BRo/IQ5U2gk+tdYicIlt7FHg+lu0aInTc8qqUIjPgqgv5DqRKUnD45Rz7JbSThF6n0g5aQJvm269giBBC7C9taU9VMuJVg2v0qRuXlpwbAeoGj+9rMhaLHfppEnN3cJFCAuUDo3l2xmmuUELv6ZVt96JlHitgtzD14lVjhpkermg5VOJB8Ea9WdCSvQU6zM3yvcvcO7IYFP/ofvDx0VLcnxv/quiHvaTdvetCqvfeUQZ5nL4I4P6kZJZfEn18ZIG7PcoOiv+FsutSD/QPs7OcTuDOT26h2xxNOAwvqZSGLk8VlSpgpXnOzVyomY3eurtjmDvPeO4iOB3tllUW61/IEY3u+/S0vx6h2FbzPz7gCey92dVJRHjxECGFS3CoQqYpmpLseRfiievIM0+RHwg/jMAqOY/2lMFAJZ2Ry/LYp7vQGOgw8CFRlg+6Etz/bcJSxntfnyiCsERIDTlgedWtddE3sy2FNXQ+svnI8dNXGlng5q+JzFVgICHsbP/1gV4EALrlDDW6Wdroy7dcIabfzOjCLtxGKEWs+F4NCHb1tZ2Fo4aTua/PwGkmZrTkmhJLlDDm6xQG9c77yMSLbTw8AFhc13FH/+gNSuCPM+55rdx81XnBbTvgqF+mM/PPPCFmNyNlcyIv9J316eqOkUreBZHBt2ZwRLNt72QqXHkl/x5IRWCZ3uZ6a2fI31Vay9GfdHNIWDZwnegjv5eG7J3O3m8TaYcEF76jYGSyqNJ0nqE0RzdQiSn70yC+MUWEoJ7SG0AnUCrRxb71MIsKAQhNCaXXukh7LVh/Q1wDKvBcW0G0Ad04uOlxrQy/Wjcpv/zquhHO0bGkEnXAsMI0r28OCEe9zzcoCikMenSneyLsfTCxeu9YRuHMYBjU/qS+9F1ohpL/GTr46IudZETsLWzmzlgYfaVyq5yT+NRqFLZ38e/EEE5ikqwLkKZyF69FAeuq/6uV0OaMVLfuO/k3BbgdwgpUQGqtMIhhPf9zn1jtwEfSvMdWzYkHyZL9Z49/GjBlN/IxyMNnNuxaYTRByty0z+pACORcsz/6qk/bpftDCbKpy+GSMyN3LgjGE5sq1vqtn2sPAco14fOAD5yk94zRGFsIGT3uM1da8TUp7NqeEfofUWVDCryPlzRlzmZwwc+wB52hFpU+Ue9TAT/P5b2pr0ma7rsV8wWpt0JFPcxbZmQOzQsdQ0qTpUMBbZflYm5D0mELZqaqnKZGPXG1BxZH86PE/69hJMEJLplKKvFIWEm4o9kUnEIFxhR0jRcmxWAMsENUJw9/PSYxB9zmcdAeQWLJLabPA9tzdb0z47FoU4y8uGHC9Bz+kPt3l6Q3eCiPJx6EbQPUUsApMZUALvTSEQ0kdObp3f1JjQ6tO69Ynxh7K6PaSu09wPPqTXePb0b8DfwyQaCjUhtpNqpKsiboNRkJiwJGtyq/tkB1CXOkTqt1vi1RJbNXMANAn9u+oemTWJyndr6WoXO3o9dciFrrKXYsd0h+pAp6lacKU8jdZnY/m5lxzR+hV57ndzz8ycdu+Y8WKUS2EBge0EdTGd/ai9b9TDBWbD1psx3Jo0yisgXsAD9BSon8fS2Wv8VahbLOE7P5O2oHqiOwSH7gm/O3xY5jmks4IByht9yIxrlDToaL6dH+3gFwTgxC3MPqWHusP0HR5W673IPZQN7nyV9vCqGV5sH1QEaWqZC7QTxs/1fuUS+3gBp+vuVidjzWZaJdAmoe1T4nTYUBtkTFBcnSRWI7W5+jHt+4KrqLijebfh1tA/aDd8Ldi8vcDQtmPXXbwIuMf/3u8gb3n11gX9gd2GaL7PRhFGAatDCca2ziV7nxgruJnvz6GuWaWtE4fKCbYetUCxEPAxIxpg4+iP2PUpLawHGxJrRwjagHay9L4nxvbYneoqgq9fAp302vFH9PPdmvVlvGiT+s6gUMliLe03NoonnsBLKviPbe5PcGfNCMaHgd9gbZpfPnJcgtnEhlJ+ULwVMsEQ4KlMpdTSBK9EvwMy02nlLJdzTqU7ZSUm7Un0pzGoAMbhZS3MFSn/FYU0YHZkAcVC/Ew8ab+wwp+WYrk84KxMnpriwpyc/va0/VIAsAFneyD8hAKJAWL7ZWhda9aIXfj0fQFb2myZUrDKlyYvmOP+dZlkTW2RgvLDg1C+9y7R5Kyz+zDlpO0XpeWFhnt2/uY8PfBh13RXiYk2pnJDCmcQF/AP/zbkS0AKUwZIh2F2xWBM2kOvDHEDAQ8zaHZLI2sVSTZuNSy04dXg8LMWqWgsA7CQFdB8XMXFTGZwhs/XtiaFkBW6ESK+aoidYvqAGtSsn6e76FDzyKD2HxUGe12pEq8mddRfkf/JTuC9C6mgQZKvUW2cfRHyPSsL1aeZ1lXD3bGlkB8WTMskdECmROo5faMGbF3bpwpyWQ6J4nBg6b2WPW9qpKoWvEFlbpTZL8RViJHaA9Uvl9MbRkdNRrf56w0FLgBYekGGYjL/Ph3zEplhG7I4GZAOxILHLZd1KJFN/wRGEFyTZpkGWaR6jc3SRivMWkFmVrpou7FUhnGjD8UINUbrbQJcvXV85qOOD4xTkMbu+yhxu4INtFJBaU2u/JzIUPbQEYrMgEi7GsW9sQBrVKfIqGjPvqtJ/9cGZqXl6c5skZdz5GLFRbyXQh+yLn3kqB2VxJI1jhz/VqAfauV6IPP95N2wO8S1MZIbZwmmpcoFdGTl/+pvQLCaco2TaDdg/cI0G/ajOGXXTOW5004CgyMIPoBXUwzwFc5xh3xdwSmgB/Bww8YUSdJViZroU1SJdYOjIo/Dlsq2eRj6DLcXbihUEv80dSrnnvivMxjfg8R9hxxfPcK3CzNuqiim5UU494FB/XsPRnkMgm7m6eaqODuI1ULO+odZDYzEFEiZgmepcJGm1syT+ycoAu3FaMIxitTEOiaRDKCVOC3gX0vIQl1qgjEM1DXL4CG6HQs9vG+JmC9PVVyYMO8gWouYEHOCX204Sr8wMMwQDcNpJzddCKXe5yguxCu8VVG64RD5ixwA9AoPzoLq3v7c/ZgLwICnljCPvEHBWA2PBb/LRDhs3ctW5ksSgVgYOgDB59xHaFDn0DD5nqa0Dkh+5btmJCz47XAag6r5s6OOZpyQa9T+o5lFRmhdJpxWxy0YUVvr+bWHgOmmy5oa/T8CRw+lTGrIkRN2lEk3T1GsCtVBID2cOoelTIjBwf0mqalC2jee+xxYAgqQILT/M6uf2BW2sA5pV2UZtWxzA+rKNvwhGCedAVmta26KboepVom/NcJX+OdccFPQ8uOtpsRA8E+TQ3Wmvcn5QWYaG47TyKSnXQvE/BGaKK/NRoj4j8Ave1XoNr8KTdalJJeeoxX+o99GiB56BteduWhnrqoiPAXyFpeTPtQv0nQ4C20Gdol+s3FaZD4yRyQoH7tabpTXi/QIaI3lphbxfzXgyfWz09xwCeJ2CamhfzSv2FJWg1HQ6wlT5oka4hddbSxdWjbOBZMEv+PNUL11T/gkp2zDsYGShBa4qHZvY2gmlZjIpgvX6WoS4uiqejXLxpTcyKT0IcPD1oikESURAFROKWL/b6nADr91LY59sYq6iIU5sgGy4k/TWF4y2BU44DfaAN/yecdoM6vPiuT6kmp3iFB2mk1EKLO56GLiVamf2uH5iR6DCrGy1zBJ6cajG9OJszwfkelaG5xiQQ6ldAtI6MCjankOJuN01zwR56omo9F8F4ig0p1AFBiYrGT3MYCTAJqW6ATRc/uTAWfTzCwr7j9PDBr8GW3E//aXR9N0pUgfsgXclMEV/e14IsfkL9DbnlhCxFOs+o/TLPhMn1nR9ch9NoYXr34AgToClLMuKSLb7zRWiVykBZkbAYpAzmKLDwzXzTRwHLn6eRnBQboHoTwsuSqCrIivI938IfUgE9H2p1qrMZ1qhGjFjQhVTIr88ANd2WcCVX/ZQi2r+MCaE9xpDV5jdKgatYXPWGu0+01vKd+INGlKWXs9hFe7fgn/UCjKr7xnckGlyOkJwRq75uTk76KhMwdIHbPDxhKIyfIDJLHzAlsu6WuxSQEIYuQpk4EHKXiFFAG2W0QHE0VjgNjLtBSv46KyZf3sJ6UqMt5L558N6dcncn1er3u9/nplsMNKDCoP4whhTDb+m6tzjWs7PnqbZkPuf7djjBI/TabBjZ1eHKG2gRGpyl8II7lTx1rwJwr9Gk3wUsGcPsROVT/DnFpo5zyi8Gp6vcmiqcVWSQO01zToUb1DDtmxaBxLn06IAGZauocApq4xHet6AUPhF2BuagxAvjZo3a4z+DHUyhtVkzo3uT2Qfzro2UqUhJA7euUIm9VWO//uWc5GpDJ8OawURY97lMdjoR43+lG60H6tYvjnd8VVOC2wITXDrGlNDLNlPdNGKhxRQvn0GUtlj16lJnqEr55OK5hvA9Z3ALCZ1c96xMXxzCVdu/DRQlNPx7ontsm+skTqZvXGY3teEu6XhMf9aOS5/TSX4KuKUCElWApXBM/a3dXEgEZxUQWLYJB/1eNduu8YmpJE12vOwuZwrtLZ+73hy23BF2lOGRhKG9jfZvuRoHdUHdSrrr3AcpSGqGZxIceRCfFsSA4VYUI0rxkvPiufmL5JvsnkUad7KU/zk7PQcU6wt8KFXMY4YrPW2xyi6+p6FUXoLM9jxhfHY6gpTVeUHRAaC6EewxnYYLLR2V4WWYRmCWQT2no5o1Vs3Xne1PA3+WZW2VfEnqMDvPLHm+DrdmlHgZQun9WV7pAP0B9+M/ME9Nw5Q7IogpmkW6v2WOwY7iF7SYivhMWXbHTb9j+V8A01PnZ+iilFzglAPFWOUE+QupoIhCU9L/4yLLCHrRcPr1dwQckSKG2afJcN9EJN/8J3QMvBDwGobV96Buv5PHthb4kyi4mR3sQSgwj8K/m0VzxV7hcsd2VrzbezKRzRe50Yp9XDSnv/GNfmVrhddvAm6jIqI9CKNDsi6vf2Bgynn3G8+amu9qEdiSbc9FbvL8E8o43KB9rNl/N8ZLAXlZR/Vj2p7MHmXwU7cOvu0S4vK0cNi/Xx3MHb+FCXk9iT5nYKudgFzh33AxpHIkQIbuwXyfp8TJw3eT/MrRLLiQ0fa1QJNxh64+axXiEXTtdIxMbDecaWjv7H1YRp9SUFGz/eeRQ1LP/uQMz6AC0KxD5fLA6sL3H5pZKU3ERLde9+Vbi3gQoDqbkgQLJ1dszGpJlD7pKw0TAY9dpGnQ3t56Av4qUJlV/6dpOeux/AfLt2PYUYnKzsMuWNhISduksT2IT+upaMcseStp8XBtqcWyLmY46+y8Xp4ykyOY+xPOuh4Q2iU9RowckEecYFYCY35cEXYlXHpfqzI5y1W66J0Uo32ACuQLdbARVUj6Nvs/205G3miR9cnuoHsUIYqHjQ4F5gBaL3SceUt6hHUBjh7vzvTqvlIlYIGSV/ILaANo4NPtarcM+WYgkTApQyzIiiC+gkXfIMbMnlSXbXkpdbIxYsdZd4ESuBlbI8cGeqoMbr0PpSkYIXFDVLHK7pfU5kAnd6NVmstIfflHnLxRwzoFNyaDdhnSYtd1BHp2FqX7tc+LJK/GbPK+wlZABC8NL89HZzskCMkRSFfmvxmHT4cT1zh/rbfq/ADXjznclcNJOITXOjyGjOjsauGNXryiLl5dEJ9a/44+4rIBomrTl4Lx5eCYbe9KHFhD2VpZj327NKebHr1T2p1DhS5AxZ2F+tHjIFZlO9ctCSY8MnGynpLPZCygus1SW0pWCMIApYOWoNtWWXhn3BNC7u2p+SUlLf1+vuYAv5Hqi3PC3x3gCM156pvm4eutbse6BeNIKAF7+FnfxysctbGGuTVn6BDkBrlNIPWNW7tzxciTOCoqkV3njzrlahXX2hdzNJ+/YZo8ZyA72HPe4g4y7tokuLGqxBfP2Hl+jgcWFFK9OXIOlA1US+0tbtbSmnD0EU+pkWFoj6UbYNZeLCwUlVp77LqjNeO05b5tod+L1yLm9p4lHOjkbQYHwLfxFD+LJLzVhF80t+e8Tn18ReGRbpwwNa/7sScg3dXkRnFXo0Z60nUqA/j9vR7EDxllKtuU2NZQfCnUp9mQV0dW76W0QROqI7szc8Tz2gEeinC9xNBlrrKS5O8PIgHRRz9A8h8HMOFtD4LIo2Xc2brv7T4q3qm4/MQMQDwtCs3Uh0UAPFfMjklKkmwghAyjAwJdSpJiGVmbq6T5sAbprjAHYAtMjGncWEvAcgR3m+JyOB+2CQuOiaRCkWeJoxhGDQ9JV4TNecyFkeSfs+rR8J5ucrSVu6TFNVDPYkovyN41QrsssarNqOb0Zau/T+9j5N9pJXoUK0i+FISDbkVwKzHUi6FRoD5RQ5TUEI6qZdJiGqRPmnflDitB4Q7g+azTApaz5oLQ3f/dlwtbShagPtfGOf/175y2swSgVFq4jXc8pKyrv1qac5NJb5i4rNDi39v11RcRY1NM3Xu3H3OQZSzr1btrNEvxNezc0Ud7pFiSeLDajmJjc0xPCmTGURQbI481+N18iU/IHoiTpAWhCTIEIN1pgPAxA8HMVKD8tBn2k+pNHUR5l+ImI0X3z9htEI6bkMjngWBDVhcP+NqHp5Qyd3WnrjpFL3rSxL6dqvLod0zfY4XgcpfAYew7pdn6blSK7PA2CWewMzj0/sV7ppyRponirT4hNmbRc9VxKdghX3OglXre87dWhs2EPnyEwpgaGxKJrxgJx+nFqCUdPM6Jowt2TyQ10doSnwE9gSlzExHjlkizRAsOKUIM503TvdVb+4UUSR2PpA6I8D+gzVyYDvK7otaD84mn7uMQJaSNdiY7ZnwuPFro+lg3INYuwmeIoyt2a8Yi0dZEPHQGmTpNlTgzQG46algUnDsVMftUpGtjDKd8WV4zbsi0AJo4nJhNIvI5ZW/C9p0bOD18q+IBkpawZ0SYfnJcB7IVp+/zmrIomvbwSb+a5FlVPP4Q2lipvnAgGFpk5xKGyFG6UpBw0AG1x4aQ8v2s9r3jRusq4eOfUlGuqQMY4wD2TynTBaJLR3gywqaSC2WxfIw/eZ+lb5uuAIoPbsgRznT6G4jSIM6SxrIM/2/qXmkjZvysQdsphzELKaZMMSKb6wQehEOLIhNy09Z0OvdZwVLjHck04r9kQSDXFs/rsRFQEPiZ7hnhCf4PEdbJkEJ90afBC87o5M5MDgox89yCxpvDuscNj+y2bGMbEtDdPhgbXORr+teqo4xeoKfFLCNc5PrjghJvTr60G1bBM53wfl13wjG2QlvKNvTRdwf9Nsf/fYoQmefrUIxQGcDp0HbM1rpnhNeXYOkhX8074jCEU4MdS1Xo3H6ORmJzBYcjKLcjpsWHNJ2J0GucIsns0EqH6GHlc+d0k70tsPlXETj1mwqyXyiQSmub7UN7LkIwxu3GvSU5sm4Fcbtj7nYgWEMgRzUgSoQTRlpFjTd38a62JBJedSZDhSJbyUqLw1C3R/0LLtsUU5jU7Rc3E6BUIaqitHBD33julZb8Qzj8KXQXAuj7GYgIWPDEB/pFhzmy7fDv8brVsSEvXQ6u0WXU+NlavB+deIk7K98IEIwd8/fyJa246iTm0vjydFAMZGNVlkjWMHm1AvtbTOyw4gIn6Y/f54JiENnB0LASDu3mM4hXg5Q3W+wueFoxLVc4CUmkpsqpgrUlYJSZgZ2Yv9rkHi2VjhCL2pnMaLezRs6AAKXt0Jue0+KaPIejOmnMNrktOfHAy0AhvxvBbVh6neXRYVQUeKPqv7j/UUCmHyAGCx3d0Qmqs4kLCD80tB0uOE/N/FvsbnvPuOq0207dLecDXXhE25aaRc3RaBkxJNBzCsQYiIhcY522jm3K22g0IydmYGXsOa2rdH69WsWYv4NKP1luxW7btvQJaNsvIMV97aXum6vgyVGR/Zkl6rAGPphhJwvLV6pY5Qyt7ZpLp3lF7l5pNotvWWWyamBEYTJGMsKejottijJV3Sa6Tb3sEmha/qc3MiOoA8N2FixjlylPzeAlvUGFXVzV/kxTdv1eJ07yfhU6CXcWAd7EsMRPf/AaxNWl5k3YbEGaYAm8M2aIUFZKwFXSnxJYCrZIbFrO/DT2TgmomMgM3Klnnh5H1gnAmyxoWUBftzKV7hCWffr513scDbhh3b9Ozdhx7Ieq5pL83fc56H+5HU2tYErzqDgFVARKBJf2roLJbH0zaDg6R/MltOA9n6ehinZvW3BM42tOiFkvh8bLUuVJ7NbGBmBDaFNSzw7SU9Pj0itkgXxX1/x/9ED7QpEHuMo/qLblSV5hGw7xfXeZPUUcpfEWe01x7Dzd+w2HXMpnLSdcS88LfLhT1XTAr/N9EiS/ubo3m4ORWSMRtA6bYiZmNZ7Cr6AoKbsJgvF5oLrMy6Z+7J1IJtrJbcBYh0tmU4fEAKsp3gvqugDGlW3JmU3e1QExg9dwc402jbXFPoTDMQ+q1rU9qPFHADwSoG4lU4u6aEaO3GxdzWNS7ke5ju33JTH1s4kMe2/2M4EIsgRnHiCG7PAULv1aGWtmvGovLBeFzOHHsbc9IAJMj25DqfGPn571Ty+UCCkJt10kZ+I94NXkksgGDKtyY+q0wKEalwNGrBEA/3OcDHQ0x2/Hk0axGaFxv5S3r//VRRkiLkLtm0qcwmbUJz3iCqsz7a2LtKFGdtb9hyoZ+loA4QjyY6AwSnKw3PcLXohPnN1SMeBgKRFV4l0ofHnTZroM1izZPHJO0Ay+X43caviXKRGnRamXUzfsF4J2unrA3SpUAEsq+UQ3Z1iTfUzbBZr3MM/n2E36bMly1p65Zjd0OYWMiaCRuaaWyRqbLi8uN0gjVrK386CHVurATTXF20cG0pAhfZvISEojGtTQYh0wQTRJzUAeqWCV5vsvf6mtSA2rNJJe/aUcsQlX9eR+xAGa3KG8phAGm9GZYcBdaoDVhPvhEgR72v5FZSYBoJXb6Cg8amhfu+S+Id8x3H28kqgYCVV5pSibiRNAzK7dq9c6R6IcHc/FQ74pXWzESRQJWZhOkA8+Yk8AR+KpE60Naki0nNx6+RMk72Cy9VoUdStVuh+/loqOzvLjgH+g3w904NwOynS9QTsZ2lUsTd1vftiRSPaiZ0gc8Rxm+lfglt751qG+PXjmSVbz3bXexofrWFJDJWoLMuLQlPLoS4ydDo9PCCYQRgv4HspEzcr8687syHKCA8LuVE7PWYQhBjFatzEgHgOaC3I3gEpk0XnVIi8xRCoaOfXEmRaKC16dTaEB1y8HosrFrW4aq+ag5G+0WRWwSG0vpuVkntGdcAvbGJ+r1oO0GYjUKvo435AJylt6Fsr57IEWCCcmAm75tNzA1UCQltVeumQa+b8Bmp6Ddz5Ihk+f9EYFIvASVCbZX5KnWoy48Q7MPKDwrh0hhmNybQoW2p/jwu3QaWQpDdwZfoXNe2JFKJnAlIhCJ2E2ZmU/2Addm2+beibCFt8kRU2OK/oUrAOidSHpls8KxYUoxvdK/8z6M33+DZpR64KZJqV4KM5Z5nd4mHHlS+2XBGzIFDnkPTUBwNwDwf3Lzy636yBeRHKAdjrK1DGTor0T4TazTA2Z1sBa9zQFXvCbY7QwtClpXEee0khK2dBaGmE0HWDXa0CrHNyEtatPyLN6v+rB5z9ofEBvrDS5bFlfTulZDko5kpPcPQfwi9ONWFpIRdaYHHGBD9QTt/TxCxewuOYHhFPMAHS97AyQVuEGONundDNWnpOyx3Jg8UrEayGP7ncA81ETfDUrBzsd7LVAC4H3zSI/KjSsvyReRDJs6p2klkDWaKDlV7R0EUzthB7avNCzc6RN+NpcACBZGJdwI/qOKB5ITB2ap2eWhG0uO9dV+wGApr+PINjKjUH5R+0rSQFGeMwblkc2Lfojqvgk3jXclSBE5H73HelkhTwyeL1jfZsoV3rXPmeRIXq3NgBtfaz1+8ab3QpOd+VV9HiyqX9/KsJfMrqxJxTEOlYUz35DhvAsPNdEDUCedyx+dEDNVnFbHH/izWg5WLzd9gzy+QMVMXIhCmtW8n1PJ41gT5UrV0q0lE42mWGeIFcVQ4zIdfufg4Q1/HQb4G4DEnzMwAT5BwC+aX1CpRZe/9G9sO58oCynRga2JaLL+KtRI7ELY3/8hMKw9JUVZxvsJncnVxckrBXx7iIpcEDUTfhp2v7ly7/2YJ8a2M7CDpSGkQSOLnV07RcqPUsvjpqDzmTrop0euHn8AlB02J0StplONZMj2eyqAt9K0SXfmhbjrqffdW/W9JZRuEu/yhxxsx342ua8rpUfYQ4GT2sf06C8W44WteLmg8rEhmcqO2Q58z/kyYU3NSjgDVnqK0bAERMYTOx2Qg819kbDfNnS9vLsr9Scw75s88oLnnME+YX0Ald5p7FDJRD6AE9j72uDSjiZ3Sg3jLuHJJNphzL//tHRbBQxsi6vsjXpQ06F/3NUw90erIZmBRch950WSZhD4okl+63ZYe9vmBbgRU6YeWOUFhULCxx/r6+J1Dw/YWEBM2H9GFyFUDEtamsMr90z54ylJeEDDxk0y8tIhRGqyovSDev5LVyq4Il4tktUkMGvbTAQIJH/t1XLy2gAqRP5a+ewSxsBHNtxf62k7+GjjABadhI7/GveqCWHMOXbMVPJW8NRVxYmm3qYsUBON+++1vby+riS9ee5MgCvL5LzqhGx3d2WO1pDZ/coYH0l/jIk/YypHfV/W47musjQXW1mdDxdtWAQKWqUqh0ETSZJNE0NWGNoAUr0geoTA9lMqYPzqgsMGS48siCYXJtMYhYTlvCgRBgxKutkdmv1TpoYNUd/kJI7ftH5SIBuzK++7XN8z5Xly/1X6dOmEzqt9cmFecmRrXRE2Jtsx6WlvL4vEEAftVF8s4NLRl24wcfb+SoS9BTnbKpM3j8rUlBVIUYz3/i2Iw6PP5mGiepVOE+Dzzuv9ed0frzo6mKd6Wx+WedZbMD4Sk+wPObFPP+EYkWAit6xY66sD7buWgMMSmtsIkiZ5dGFsc2dlZ5VrDliiEg6qBwB3oV17TmsdfNuTlEgLg43QCUcA1No7sXAYHJ3cV80nwQeabQpnbA5xyHt0C+5clvuMZyS6nCB17HwFZBbjgH9ZjZ2xRHtUlxgymj3tSycgubxnqPHYuXe2q1P837ww41Dix1HvwJfEyB+AQ35R4S2IoECCM8iZ9t7g2sOG/VgZUe+RROPb7zv6f+60NPXR4VDLlWf19tA4s0VBsR2yeO1U9QJYbAEsitB4mW0OvuhBQjkS4bzXmJLto5/fT/EUihzLk12mOiGhuWLm/CIUQQiTogXj8DW7XZzfarOR7Zhyzhm1RNo88RZH4XooIp4Exx3g5sz+n4x6QNU9Py1roVSrwMmDer4AAL78PXBwBUnSCmwqiJ4aZofYz8Dij4wRaNXvMhTfXT+w+SUfuFn3hbjyAnDcJmBLbklG1XTPCTxNRGPxsckYn1QdUjRblh7Cf1gr3xC0UbNJ8gtEXumQ+70HxJpR5hhl5Q04gHECgfZNUeq5M2YD96Ef/EJjt2fCt5ZpAdZwRA8/DJCvwzTIlOOiZzqc75CqmhHcIDfoFdHxgzbfZwl0LE2oUrSthbZQUQl60sZ98q79Gk2OuQLLee16DH8KSfmQLJ/IOzOkm5Q+v2NvZwDwvOdfXRgQis6jjN6ws6NBDvzTJFBwKZeQjcyfVstojSPY5+/n9ejjRt9n7m3YWT2TeOWjtMN95uBgkgjZclYtZi0yQzXG3Y56Tf5B+NTyZvA9XLb3UBXLq381SGU8o8g004Xaw75iXeIu83j2BWmUfypxsMm/QkSpgnV47+J+u58aQoCpvsKek7nGQP8SFqbt+0GxQw2tnY7G2b7Nvw+b79y5t2R6uULwA4C7rYjEyKznN4JyCDmDF1rpbIxophntA4RZN3gdPeK6XYCARNMpvN9mtDZxuQEtTxE9/x/+r6FVBCHpRpMIn0Ap2dnQMi04P8OYIIlH/NvKKigqsdSnUbI6n73+WgOo+r1Tbk/og8m0nUxDzohqx3VAgt6vY9DqsccgxUWR31guizCTEcFRMsMbm/1lbnlrYeY3zCe6wgRTgCQLceCpXqOg9VI+hxnpRY9JhIrPuEb4Rm97LlqEJFAwrA11+wjnBfCSv+Q1P2+SSaA49S7Zy/ZWJnoug0Wv4rrexMh+/VzKcFhC5e9ZTshZp2f/YVTR8bC4ZbWyEGpdUK2VhSm3xCmVR69COQQolnQdWo/QWMvNn2+gxMklq9Eb9iTIfNlXj2cxVLvLEvhdvBaje1xdDgx+PrNAgv8m4gKD5/YQXYBCvC0nmLkS5LlxjtgwFiM+HeRiM88OZOspJHF11qq1eC2nfFUmQ2uOQ3FtoqqnrU5AQOoMwULZPxX2sIS9PO/aJrLTEa1+2gKrKFS4jfULVMSbocUIcx0eyyUtQLnps5i0N7o0BRynqCkbysEnVPxvCxyL6A7mkiXuddcsCpIeuzDY9R72Cn27UJZoI3awm5cGMs3afDw0HNa3jak+y4Ys8GEVTz4RUau7Dv+sU4EGE12GG/loJHZNnkBFhlyPXGEDDXtjgMaOCVJ3BxUJKjrULaPb84i9S829FCzfGeGziDt1qrPhX9Fmnis8gBXdrXO9NEeenyVMjwlY8QihvrDoS/8a+CCTuNN0z+Lm9TIrQSaselpTs/H7pHxf/pS3K/geTCUaPX8UXFrTqPs/wALVGAmZLchNSH7uGDvg0iUrnGJgWtztZWFHxfAeNHTE2irWq/uvv6nYUY3I7q90MvtZh3z8TYgPOXdKHciFERFbYzT3nZT7PyGdlPdPZsvJp5h6A6Uclysd8EdmiDuIJODIO0fUYYnQOEv27nYcozOlPV1to29gLlyrYWYXOGpuQWd8Sc8XdWhKroTGrL4CKNmlQMwb8uEyHoMcSSnPcjHiv+KcPpfnuOLdBqVf/LIslf4g/ipf1S2D52Wz//xcDPXtAuLR23v83QJi3QwGjPFd1q9ixWbdREz6tqtdpTsqq9JGznEMR3COCsjPOZgy8EBygWXj94Rpaus5vS8RfSFaAXnVZmG1vj3Q7Hk0lBukHhP+A0Abu8tIc4uqhaUtjXGWztjfqUyG66Fpki8Na/pufJ4cOXblvt8xCRb6xOwL6f2eq+xWWcdc0yKXWL/FBxc1oWZZ8UbX2LG3T46BwwXLgSc2WN1Kh7/yZYilFb+bEoypcrF7gnr/X5ajlN3tX+n0vlXiYcg532aRTkN04JibC2NUJKZl2cm0HNn3SL6O1RwbzCGuJixw5rWeaWbUk9gl2ZvGMB/OMFiMwPOGYXJgC+H6AEqSxrOAlyXN782fFpuXAX9itbLBT+WcfUIP2L0T2ih4NjQpEyDkt7K9R1s/AnuxShLG276wC5a4+czQAKB9BptVYpTTd2cbapc77Jm/zu2TN5bMhIqauJzqGCGeimuTWP80gwuTH5U1K1EVdjrvU1xyUxy0tImxi7qRgjgaWFOgDCc4xZiyRRQaDlTl0TZrEHnEs+eSi3PZKeV9vbtd5T3lZv6IBCq/+Ru+WTAwKvPZQc1hspDX2LFNCZZtrRirpjJIutJt9ISW5AxJGsEq42bXvoVLZCGIOBtPCupvu/iP8XgHdpSX0c26uH8JtVPq1AcDIeXWWeN5XWZB+g2ks+hUe/Ar7QnD9vn9R49zdNJ16Mmc2wMpy+wMyZr4X5kpbrLbT02JupUtmfIwqaqBuLOY3SfgJ82SXRUtF2UVJw64FfHBd+kiMj2tAKBzQUWIYjL9qu0+H+r8oAYQG/bC0ADAdmwcvlmtSb8ixQlXa0MOMFWavA6tAyk0b3FLgrnhRaTBxu2Eq/dtBCVkg/dNhtyP4UfbUKLAJ185drvKkSLgy3g8SI/6FFg8KY5S/d0XAPFfedwsJ3f2qN1TQJWLDWQmG+H7XV92vM9CWz8RgKMJ1Wv9Bj9QWzqHweHWhMMKTiCRwgwzyOEpxQp5oKiYVWO5ERi5vkNainHkfs21ctR9XN5Gsyy4X1skEhc8VH4XDx4uC0ryQkrCBApkaSfQ+NsOni57kvWT/O8l4RCbenGGQUZCO1HTCncdy4tr0o15yySKSBh2wCIA5DD6QlqeNUku8XZ+1hHpvUIAbK/t/fg61egwTPo51EZhPUtwI4rpo9hT4zrmpRO6zS5DYuW2cPPyRoRvH6c7q4pMwtSPjBAjoLgHgoj3xxO8LJ/CtFi0xdB6W/zjTnAMHVvVGJJkL9R4vPeKFwNsBQBbJVOCDETK3a+OmLNZr48WiardACQP5AQxIJjsXeiZxRCaB3jvIhGFn2abSsQ5U67qEAy8bWQO1s0Ftw+EFQ78I6hkD2B222JNVS+Y2KfT2A55U5LBSQuY9wKTM8eGrUtgLCzfuBDXu25lTPjmJMHbv+QI+Ch7/B+0uNUpQHGMDnWcuT/d2sgi6Q/NSmc6DuLfdZG0Iqg96Da1AoO4XvLIqQToftIMtQRCTvkOyzO87QPuA2bfjqJEEF2uLFcj2ULAhQEZyJ2E5tGX4iuTZLqAG5W0ZYtmxyzzkQpKzF91sdjWxsXnpQhBI36gWL/ASF0a/E3qiFRYwisBQArVwu7jo5gu78aaFKZWAJdSFU0d15DdVpKwMi2gJQe7tGolyoEE/lWTuzY3ea/rQcxX2Xe3RfFXsUYrhkcobPx1ywpEqBs43FbvdkqQ6PofsQmIcRGU5h/1ndd7ivvcWg3Wz5oM/GznmpDge6uJkIosE8dRWj2XGfOGQbo/9OkwA1jUQDNbGplUJUN7lfHihY/qkyTCE4i02oEWn2sXwQ2C8WVDcS4J+j+fj/AYNBEhxbXzvYnPUEBlehfxhjHpCVr1FfluBqrUqlB7tVC8YPGkWuzTM7DArAwgqtIlofRGI+8Yk7WWhEE4bpf480jWWiERFbcnz3tqh4CAVEW4l8F0mIvNqczblSAivL2s50g8fGuY30OFoPLf4qbZnMu4YlKd4yeMVWvuyyKPIF91K0o/Yi5LlFPbThfFomMdr1FIcpn+M7RtpOPi89oQ8cmgjr5sfeS1uKFlEy0MBOSugTsZ4HvDD/ka9mrFKQK0R+SnCV3gfCq8TTPCiltAZf1rrFNt06OnPcJuy7Y2vvkrhJM/9JUT96tlWeUyNeo5jIJ4GWr4L2tMB4Hhj+Q/ZRhCajZtqesL8GsFVjVey3jwJmjxWR9rFAIVGn6LIKdI8fNWrlZnkIOia8ap2rNa9J9dZnprPT5e0K68hgWRyJqKKHyFPjP4QFzh02MKBcgQCghqib7jB0GjnOAQkeN7xvfQ9Gpvo6wEscG0mZEp3XVK8xYG5xWpfDiZlMamqvdBUi0l1Y2+JFsZzqyfQpQtfc1iiyM5dl4YEPhd9Pvhws6huQb+5QTg3I3nMVehTD9i1DXCpybnegx6J2vDNyh1/ZbWhVASrKWcqI5BzJ7S2vdTiai3oDEWkySgS450ubGy3jUw7EmTb1ttPkRidxHN6RRS3Ul6b/ljnP1Cxw9a8aKX83iBj01MdDcV5BYnKOyatCdo7hYWBbS9DhHnMRLC6IbHyxYv/Xul1YxlcLlzV8I+XfUOMoqDmXBZG+GTsOgHNY+NL+dVwJ3tuqpcMLDRRRMb5R1+0ruwNpUYrc1VBVN9vAzTPPsm76rNVtrRyh5GPQTv0c+uyXiLVTT+9sEgZgwH5as4P83LMmSRudrOow+UrJ112jzhKOQQzbiYHh+0L0aHvG3VTzLyD6c/wv+s3B3ie6W9+Ihln0io31p5CFMGsVA6y/oSp0N6afUFWR+Vkot65n8axZqjc3BTfRuNs6vR8LXZmpRL+q4pT168kRtP2izVHmVOzNUC3P5tNRWUVbo3y+6tousR3SEzACumfHdrQw8NKyBG0/Bo6obb9eNBOYW3cfceeahKUYUDb82vSf2EkfXEBYuwk8cALnk1EDw/CiESrhJaoSD9b1xHP3uGV+zGcw3feG1ezwFKtIpIs/9uYXN6H8VmXQuKv/rFmMr/vo5ZpCuCOp5Vm7uoSGGfGkhmUX7m17kQQt6AVCtg/wrA3BFPCt9SCxm+RPqi3wLRJ39BxEoeVwZhe4gr+L2vyZck0oS7ru1ETVqi4XHYlQW9LbqshZUIGo+8OIodCNh3XeZghQu4zDNY7R8G12MXXkT+3lGawMX7KRHc1/HXJEltiRWZlLfwblLCE5RGQ/V7XJRcwL5QVkIU79pHn2dms1Plnky5WrAql4oMMCL0+YlfH+/2LWfr41W72DmFkwF2IisyBBs63HvmNIM42TaMN1shUkzTdXffErSCecDnDd9RtxQky1rMxJi24np5nuONg/r85mHYejtu39jJGkaoWviuXFx8BK7Ttk6tRlXSVQYzAzajkC8kEaf30+CcmBDZ22KHPHZh+iHPOwVP3MEaquTEgDvhlpmUbX0bg+3tZcx3xNlwDCbveyGtc50tTeRv3M3kGxSXN89de0I6Don5V5PxnLSqe/hW43uvKO1CKfHE2OFOmG4BXITAiXDdpp3ns5Q6Ddvfw7IEBiMR8EJJaaSBTEGa3Q5nPT5O9c+uSIPVJtGNVa9DgMkOoK3qyzsuiU6eOSycIS397lRlPtlqDxdUB4XMhRBRVsX5bBXN03LRvjfmnYM+DCz75OG5JXHRLcC3u0Hfw8jTq4hNvM8fXqs6+bkzedu6hPO7pTc2Lcm4RGRFIVYSKoMqcwRF75iovdgcGf3PjbokSEG8LxF81/zaEbA5ntd1JO8ESd27TiEeYzN9/lBYe0rlvoCHnM/yM1Z5Dr1gjsi3k9M6hivvW7JJZDE0kpjfoCxjxTh1v7W352mEp/0EDEIDg3YLFFR7xU9CsT1IyEAKhH7OCah6o1cLNRmplHVvKWa2CeoEWwekvE1ON2FYDqDd1TBe1rirqRfCU9txKp3bBN9KsAu/taCPy2QrJELT1vFOdFnMVyYNM0j9EuJIxnsTCtIHFfwCNe8ZM0si4O0AZHALQZdohiuRGfpEfH0D83xTTPf7sxE1d5G5Qe9OakXQ8gLCkK8SQZy6oECmC+HP8K1pVQD1/kOG7rdnQQngNSqohi8ADY2EPcwVwxd94YRNd6haZxOyNiazodL2fDACq/l8VYpjqDj7fC3kF/VZIkDX2FadtPzCv6iCiPjXtBMyTCxmQIOYocvpRMAKTN5AL1eQAC4UoCZfe4qkegYYNJGaawuSo4KsRr9Xyg8KzOrL0PqSdkjek4+0kgFRNdXO8nEP1koveSHaNNbxbg7BO6JCza2G1YBgWZAGg+E790LDiYtu3ukf59jJ6ym8c6L8vMBogfB0aeeIOxrcwZq7clDTSkuI0sz64pystOlJ6OEthaTdA9yte0Mj1Xmm234n2OHrw/0etgESOymE7Eln7Snmgx9AL4erSn9fmA8CSD43xj40eE7VUi83WBadqjVHQu2oVvq5CWHVn8AAp99Z7+/0W57nkqMn5dBrmcNr38AoQ3F2CJT+HrH2md384QbDGOnJ69iBxo49vEt6Xc6MyKcFOkkGtCNbUZsob4H02mARrjQvQqnWrQF1s3HL9yyGB5DNaNeWiAdl3ZmZTSgvh0m0KppeCe8NDORs5QiSveHImQd/Cg2/aOO4rTy7GyKSfKsAIBWJzRPqXvpKbLdpPD0i5FPvnnE5wopyBxD36z6DKpXgjl1yi2CHRdFPyL2UK4pmtlav8Rzn0ywy8wGsP3JTfrHcAQZqjW8lnqEio0nN41Qu+3zTOSWa8lZTSG9cXfWxxyi5TI4tWiIaq8OGX/8OLdNHI8dYScj1B954ad00wQ8XKirGz++f+53z2h3pI/r4hPIqCWtv9YA3KlKK28jN1rhV5z9WKTsX2Akg0+KtE+52WWcVLtzA9vqqDw+8sdWUdfNGAo0hvtGISB9QbBKGzW+CR73lwjMNK399QMDOjOVuSpjNTamqBB3VRVvEVK3JJXkKaXVQ4OlYSwE3DhXe4S/UDytR0fMALzQU8SUamot4+CaXmSaGKKg36+raBYJzoaPIazQ53pAbkXe+gYEZ0TQYZyCds1iUFIsJ7yDe0tjQZuq6dyKCXvrlqiNycnA++UiXbBi1mzGVtNz0hx6OUJrtzaye3AKZUIY5EtbEO24XKnPPfcRr7H4Q4Gydz0HiFYv3PljubfwwOI1zED1Qc+SmQJjgCw97Ladv5CAlDtw2CYaYRq+L31NrReAdgd+1HENvlpK8KCWyAHAldYC4+NYbcTJI+iBci4caSJTdXJ1WnEvDglrFS5aBRiLxdfsZoZCGhPnTPlb8zncY5c2TMcSOZbXLaekS3l6/cVyctpQeWYiIPksFTU+N5Ww0Jkhckm7or7Ot3iwOAqFPpEkLtUtE5wfko3lqYJ5WYm+HFXwj5WwxQvrAlVK/bA7l7CT9DS6G0KMFomd9MHTWST1yQs9vcSGqsXyRKH0RXaHkBxG7pSe8Vo182vquhkQs2tGudLZG0C96wuKNG+ilUN+n3LwigPyEuzcRVnL3l3UOGEKrw6+7MG7eGMlkc6Z7M5/NEOKYpfpY5BhbwLpEyLHPI1zOwA1uN3/mpa4utc1DY2Y91bAFUtWSQn949VgHhFlAKFW+APRC6GHuH9EKx3c7a+LXjCPUzFFT0+Tj6gpuFKS1CaCcbSFQdd5UpxZMCQ2abXnWqzgax53UynSVYYh64s1f+N5Ra/8cAsq2B67aLI+q+QY1lOBoOWjqD0QqAPlqIKsOjrXF1cPtxYPECb78p8szzUiXYsBZXozuYG3Mv4HhWkiEOhLgcAXAdNV8TXpulQsAr9nBzWlDTwxaO2/yRrvpo/jOVMqnSYm0H3Wlr07aUf7JuJq29NCIboltC7BCocCkw6chyuvV2RNzql8xYi8Gy0vLOezucCBGXyobkWmtQU7+WB6B62o0fuGhyGl/eVSQDSPVfZNpDqUqNY61IG7BHdhejbBfj5GBCmsk/9IxszPE5YWGg8OOGSehYX9n9q7/nrB12YegF4aRACm7ftGGd7aug7cEhPW5uxLwn1g4volMaKCXTUvDuoKoQimORuEvmgvp6lZ0wnQ0BoYWRSmz6A+8M4HYuxMhjmxdmmRHzJ76WE+BiRwfUnMyAv3Pn1Dg+liGq2759upIeovtuuATsnkdyg58q687n0uCSA7H7gUKXA/RELyxCIhMGkoIP4Pp18A3iPCecEtl51E+cOZncTTnlPb0hlGmkpOdDCq2V6NipLzgDka/Qn3xLH0grNmYuTAdGeHrudk2uMggsisC0gTwT44iS69/pwtVb9A5xVCOOMfTVdpjhnT85kRtF5G+0bPitLP9ptHi3GTx+t22Kaks5J3iyocgc7U7I+eU4Plr1rbHGCg2RtD6ZXA67quKsrAj/rRqcn50x4EXuR/gXlg9E0RGYXCLBtFk0DVdfhpuwwv1u3VGoqes7tt6HpBh8ruNZy6bdlVF49wMC6MZV4TnAdi/m7ksZI3KuJJ19dhRUJUS5eg8dYwxudfxKBpvfaC0PtZqRqyNloqatTAJekFt3EUbosbXt1uziNCBk5J0YOG1AbwBbBhzD+Q5EYW7hJJBTABz0PCKMB2pDWuMYwleu1riVzxLk4ZUIVJfctJcWswGrQKtxsPqZccdnHQIQHMxWqujgmGm/pOp4WyPr8ov/uGuIK3D1VX5S4kUK+owYULJM97Al0vZk4URCxiwA4V9OPUJcojSd2ZlPNw+VH9/tFChfvjN0r85HTHcsIxE1RFcK/dfQT8AK7/Tld/NNUNJDBuL9S4zSRp4iUjWKBj+6hoyy1pd5ZDwHLwxr+MrxNKFZMXjJbtji/jpBQwe+IrOvK4DbMRCRMqyerTWMlJMEvNhRbPHHYKviq+IvbQEdirHwcUjguaWNYY5gAMG0JsjvFO2foaPnK4pOlHFOVZDzZQL5NQRyVPxjEXG21uHmK0lGqxe5o+WT6+1Cfh1scXl55yByMMWbeSMmS8vJp8rU1Bt18va6EFjfcXuoavnMNVtuvB1nthjVVNUWHF5aLOZJchDsu1+JyFS9vRTrV5KyyNH+g8h4Aic2H1+n2kb1dH3gvGoWdaYQ65QvOPyr/qLaePmb88pY9UZL20eIET1qTs5GWkAtkMhrJ98r3M5UBShIeMvoilP3yXmB7rAKInGIqbeZW/KCBiY9ONe6a8C9EnDhl8wVNrbuC0JEivdIFv0/AL0HF43C562hKh1XZSLZV9ASJfT8h32cGyYZew/PqUXqt+vnomh/3+2I9Ds/IpP73AypOVSurD6u4G7kMSLD3G/2VR7VzItlzh1IRiYMn+Ldvp00Y8voKpvFeVhCNNkKx4A/mzTxaoVpZD8o3Tb+q349CE9gUSIUJmybXE4VTks1MnevQz7XGhzIrO6PoekzMeHXqQUWqkaYmjlcNCTJ/4U4SV5XrY8wlgG18YX9xU6q+u4vN8UoF2qJgod8eSjuaiVYXdwkf9gbMau0ruVkulDhZKzF6q8doge/lvVVc0NT5rqeYCG3ChS0fWSLkOiK0w4bAjOa+5edCm9TNEK+63Cm8nh0boXqaLq2bWKrMzWZkXojDGMRDoJ+E2rEUPJSYuxVHlI1XuVTvK3TYQr88jMk3z/sieBok33gNq0lObdbZuF5CUDIoETW9PrCGyTwgZ3HOrS5sj6IfpEfVjm1lvJLCPTWfgYBZ7bM6D1Ch+lEaiuegdHJkZApOsXgyi99nHuAhrt5lFxs0+hLn4wNeHyv4xh+OIjNijQ/ZmzS0tKnbm7SZ1xuBl9XoJagoVmxYCAbbV2m4jaisZehbCH7I7stLxtQjoXZoj9MV9TZ+fjJCzdpsYn33RHXmhWnCQCT1JoITrzxC1ScMQZXsog38syCeMMReq6pRE/RWWlAGCi8r7ueeprz8pLiidi6f59cScYtbYU08nvr7DFP7+APhFv9o1wpKmMKOAd2+uXxFfjXXsDxHUjhlCIdfLsWCeIk8hgkdrCz/1SwxlUQxxLxjYSxwxNthifQiBezB6BtOj5PhVlklPfG/H0GxwJZYRGGgPeX+D7tzffXljbk/2hSRhxUev6+f8KrdXmi5zWuHc68n61sWWr74Q8aPVhOQjl0sQiRBLVJWgM3NYN+BKDB2+3Z9IjtlvcbRNHQGI3xQFA1ojkwZUZbLY3kS9svSC2ZaIZJeERMgVuPD0RBkop9rbwVkRzrAZWTpvuOCAaO1eD1EYlmiZPBsAly/0vUX43VuvSzBpYgjWzF21Y34+nWVnoA09TeHNuJm7KCtx7pBNFwM6hKb7y27Zo6dB6G7bWa+vTWCUvQV6lIb3N+FywrCSb8J852OJ83EFcXg9ZpltiNrlMgr7N0k9mxGZLNQgOIYM1Q0viBPlrPKENgxrT6SI8dW8R0NAqHxA/T75UzrlyA7NLyPUOSsNY2jxhCP+xvYVwoEFc31G4h4WmHccCtTMQ03E/hyutA1mHUez9jK+y+l6GRWYkKbvdk/LKuGhP7X3D1Xt/csihmvI9UzbUtDocWQ9/nzrolJ7XVe1YYljkEEMWllKSBQENl+nhZ0SfrQUUkkNg+/7oUFRkjzWU1ILl3IK6v6e4waPONsAvFfh/5ZHEo42nWpSayeiY6iEepAPtXEQ195Ls9Iub4ufnlGcn0hM7NcQOaJMcC4st1APioi/TWqT7uu1Q8FrDRpGC/bn4qR3KFEk1mVjHO4KTLD1SCspmLSvApccNhT1YlC+6EfJYlBNzSunWa/laxaWehfYlXzOCaark/A3wfUcoBNqaZbK0cCdUMSGXDJA5Ld+VS4znnBn0qUtpbHFNdULGbVVoQDrGFltFM+Ejq+7Jps8bx6lLspuO0SgKPP29K1SOE6atZHoAFS4wqx2i64AQ6Yk6t8c9bvNSLyeAiunFxzztTKIkh3hBCFC1lxketYU/DcaDRlWs4npGBrvktdPkdSJGR/AdmO91zfvvvxgULxdEPLEzkMoF5OkNWMJgfHvaRs6TMEhRF05z6CAMu2sMHlec8T4kSU6kEreJwhAXr8M0yXT4o4euAHSTYyeHKB5Lva8Hp46gQKgW80gGq/y6r4bvfkE954XOq7404zd90T3moL12TM2Bze/5+MWxS4srewuysMgAXx+EiapYBz9tCv2wvq8tDeufsgCYzE6sPT7Ma1PcFvpQLmzsUlU+ua7lZFFYf2BO6JlzfL26ibt+dpD0v18Kbbw/8EmQ4+/nAyNn8itUQhIXCiRxl+Z/CdMCwUtId2agaCis8e9kLP7/xSwP+AdPpi+yzvCCam5goS7NY1R4y5QlOPMF6R7LfNQ3rBg2Fdh7m3+Bhl1Omj6TTNu1ARyYb1No1AY1lIku83h3rnmTxMFrOacpB2zegtprpXsavWikblS4Ar34liJSLc92XrUJM4PwlyUN4DNDKEB1EGnojZnOVumKmGENFkgsm/cuqp+5INHhTu5imL/RGLvZrl90oprMOz7i+5GK2utFSi+NZzOjIiaTzDATAg3XS9BMK27xUdEVJsoLSi/oc5eNca30qFY8Lk+1Hvwg3Wy1Sw/ykt34r6yQLsy9zAMzFgprW6dkpClnii49iR+a5Dcj/A2wqPrnjpVGVGnEB0zxHyrK8uSpoTUku5vKYabvduwoTBWkO94FP63j5MvbdJ36X/7hPmrGfTnCmemiMabglNH66bI+KP0toUkit6IQB+A0iFUhggrEnRJJqnY46CjZWQLQlUWS2+KGyhQGeeWLQOyhUA2q6kCBDxwsXlNcEiqxkEWf57whkU6AdscO8DA9FkJJGNzLcAoRMLu/c/kLcG27ew84VhjHm/98OBbU7xaruBn/noTyXmv4zrHpRCkUBk8WSx96QAxdDR3PEnHlCnr3A+w4bQ30bGsl+U7Ez3enGJgrzWavVZxbAw71H4ixrcnTkKuTWXjrXVghOzzNUeoRT9Zisi1eJrXzwfNRs9HkiQi14nC//PYB9El4cp1D6pFTl07COTIMao0ShkjN29xQ3qeV23r/dY0ae/dE/ODDdiHwMG2Kb11xIyLlA7XqG2iHHwzW4laIH8HQH2BImyn/VV/aDmMEQOOSlTAxI1yt/tFdeM7UMs0TDmn4fF14PUfAW+aK92XhkD+GVJVzvHWb/+DTY3o8bfpBLd5NxopMY/Tlw3d2yKs/hfkJY+CMQU9jXYcoxgB7tBtGsTzR54yKBAGWhP+AJL9ylGHszxzcCIFuxkoBI19Vmig+v4wpEtSbvbEiXSdH8Y6+cQM+y7t2Q2RVtn7aZLuoD+ipo9mXlgMUGVtFjkNcaaDXGsxdwc+u6i/LfK+Ucg2STE83kB2CiPybzDJgnhWfMmw2yM9Ulds7L7FD0RSPKJ8C/Dz7yAbKUfTZk00t1tNKrvsU7oQ/qOGnTvfbBp2JRqJDVN8/03v8Q51ftyBBjX2JRx/NfBL6fTdGVn0M1vJK3ZfiA9h4nfFMIj8GtNYeXvEEff/8Xs4rBwT4mSFaM6u7tYZdPfzTusgHm2vCsfaVRSQ7Zzm4SjNDNpSkgERF+NGcNt92NahmwetOIf0cPBv4Mds4lA+R6tKK4LZZl+ECsV6eieO9EQryt9ifGEkbcgFjQ87se/1aOPr1SCalkD+NRCYwB1ekjfuNLqqmmCb+owqlckXKXz8SdRFzpt6oV4m4+A+VwPl46g3GPCs8MVvbvD7jSHdRxuui9dcwQKfPbBdxtOS5UtmfxrXxUOCzikOavBB3MVgYsUXJREx60Jo+OGYjP7knN4suazSR7nJEAhMkVULD87GB4vHMw5rsdeT9v9yp0nlLOUDi3gAJRpmfxccQiGYZPHwfIMfhMUW9JHRzBqDsqpQnw6VkLyeDaH3iI0MQ/I3SaD5CFS7PuzNxqR2yfZfcMct9GHQh5jb26c6CH0950YoESuGDngzBTtFpCWf/3zBRJ+zfm9x70drPOIsSlF/o4U/h7EYcnGM5wvSNRIsJD0DRkA8pbk7/duvKXjff+QYoko+A0WaGlk/d1n1MBmcAXvvHUwriYI1364MxnawEJ0pcW9Ygmb+6V5dDShEeBp7Mfgyq1n0ydPQ93CfpXXPLGErRjv149ODZE5/uLTsuQu3YQ2s6SLRUg48uG6isjsbr+RwTC/7s1UC1ls7PTHvVJ3nR3KeO7NwIMu2NJ9PLoD0P8evA26r1N2BGxFI3VUJ/SjohOFEYA6evnMbLTGNL5F5KargkeXOhnNAh9HFg+lw2p6kpkkQLe9LHd6nPqnAUHQ2+SbKvuFbIEWpTbswtAPRabLUg9gGPkTFF0CUsjimqijXc+yxxp1+LfUxVXg+VEYJCN6WeSYLNXpXWskQAyWISR6ABO0wZxXj/UFBuAqL9b2B0yIE6xHLuXJV6IrkqoJ/h7ieMUBClfXyteuGvzA4fYW1Bw1D52QZXN+wpCFkxpdEe3wcTswRPxBcJ1bqKfj43jEyOcKVe0TFGnmyH8pUKl5IFsnlrNJ+A+gmiiOQzblxwXBuFznDCSho2tlAIhabYG4VxqmPOhofnTLFf7AVgyLgfC3+6d+N5EYtyjBgH0Jo8RyBi2KPe6lsc94+7YWd+AHqPoPbaGUmvABdrbNq834AYrOnkiRsBHgehJhroQ0QeusijnJVgPRKKxLtp9+zTLkX1hgnha4WjMfi3UyTJdEmcsXfXV2TvMiiDPI9lKnck7guBe548tqhDBi4KsUPk+6lB0DtzHrYasMOTer518dLOXMEnrXDMFOhzUwab11KnKjg3Hzq8c7N2WZyQlpOwdFt/mT5ICl7GWQ2aylwpry+BtESCxLcPiYVrlKggjgyNgJO026tnEeRaruGhZ+CzTacCzW1qFUNM2PtKYD9bOWQfuykFi5GwiqSplJhmZ8qsMSMK76fsSVmqON7q0npUWs9wDhhHWsFoUT3xtRSU0qXfWZZZ78e57QVyRcRuuVUUMHGLSAbqk8UON/k0iO+7btLISSkXSXTUbASDjF1UkxZMfSyup453vWQz3Nx2aMNT0oJHny0+uuo3hSQyAV86AYnx0NWQcPaGfYiHNfwMYQdhWvRMKBVozKYPcKlZOP2y/Iiuap3AoVlP8vycJHBOOIBTOJY1dqpf4XXdDpA9pKt46Rz7l0q2V/wTLAWvuIxv7ZEJQB317+XtVgIABxrpkD/+VbdmYxGy6WOM9NEQ1yxvVLqYdDXkXXIutDpP5XYhOkRbxwkLcK2UGU47WGqIBrdfIA5xzuyRzIRayjOCjeEfqDShElZKEaFrRKYAl4sh88B01mdOebCYquFORmUhMjHesEK9oZ+MLX/H+tADK7jptlAKXjPjRXfW2i8mhU6FQ/VvuT45dTR1OZjMwVYyF8GT7ywNYj0lRJeZwMwrRWufc5tosqDwYRD30W9aACUbaT9LNX6BTIf3vLCwFCxIouVldf2Ds9LiwR3ocpOJSCla38JjbfD7coIkG1/5w2zu8bzHD4DOJb2qjFCk+MkljdQuS1DesuaTOS6pvu15YSRqa3yx3rIS84j3MeMrLoARv3vLf0C1bH0Ik7jNBukCx+s6AsomK+kjs1bsAmiednp89SElecMLyP/ZCJg6HmcwRcCzhIgxxxkjuvw7nZjoUT5pYkXzC5nqzd7FyvbCljcGnwnNRalJm/TgS+nFjZnXnu/tEnThltAZyiueLrxmvb2/olWc6XK/T//IIAJgYDNCsBet1lC/VGxvR7rnunnKeEg+FanieR6R/JAoFxhxRMbDE6DhH5VxxNjRNiWUmPhau3z1Y87A0oAYYzk5NPZCZ8ZcMk0a1NbsQ1iZVBY9HkVhrd7enKfFmsYswwzpNz+6jI1K6I0tK4fdhIZPHEOoXJoPfCA+i98XdtLg89ol6SkeV7hmLHL3MInVONO+C1xUMzFAvq7vc9p1L7pCV7aqNeJ2GGrD2H1uVqlonlja84IGstdDdd6lrPmp/bsxvV2MHvg2ftuW+qEoaj5mNJk1D+t2Ced2c4lQGLFMqWoei1zygP2Ig5GwDQjI6cOB+K76OBd7F/hpDARiun65zg22qsSyeTvm0FGYR7SnYekugd4xR5lj1VO9xEpSQX/gNdzod6KqcTZJW+u7qenwYCU4c2nR01F0jvjLOntgDGNwF5HrG+R9Lrfxuwm5ZPEk8Sbrq/wT43AcjlMIjUbLgZolIazj1IShYvg7cMZ2rdXjgzikGisLQUJPnwy0oDXkfolt1xQaFyaiPMgOC+Z90usjUhVtI5LHnEFipgovS6Vu3ch6rrdgPM8T0Qt5o6SKgOUOYTu+Wx/RkEL6j1YqAyKnOcEJPRcUhdfbRghDXNKh3tUhuNNDy0c365eqP4etkzXGP5L/Uf78qE2m+A2ujv5ZGIlxd1+m8I84lBC0nuy6GrwaGNQb0CFkYzrypTwHWXC2K+ObDdE9WKsBaQ+KIdArtIU5MqZ5EJp9/2ttYfNiyGNGY4zJNIBTlx3Ar3NPHJKddHfVLgdaGSg9SUmandSSlDsZD49dhrutDMyDuQlBry43JcAyNpUFhVfUo03GacyBBX6ivbc+/WZNECwQ3bwT9UJU3Jv44QXaXst7mssdF87fnXImspLetd8ohQZiN6DXPeFB3QxN+wZO6Kv1RiigNfMLDGqI/AQRKgh9k+fHw1QC8uWZmHFp0CegPMIM6zJaSU5m6feL+foHMy999AT+gvOcTOdoMBpfE9XurcIJnffCPQl74ntKygQjGV19Jxqu40wggZWTq3iYn+AEliLIWk7faQrMozEVmeyc/S4p3mvJoNOnLlFpPH5+P8k5Tjf+moCAvOyIj/8JuAUdcKVc7AFIV8NsKK7Cunx0IWLRzwbscyFIwyaZOKB+DyITSge2a27ieZzIEF0SQOSwEVym9f/Bb7MY6qCVXCj4x8y83sgO7fHjirvqnw/nEOjpi2IROfnileNLgmftF80Vuwr6Ndwo48TwNuhyEVeNagK7r1B/DfzeQ2fUmh/HaJxOP/dgq8PMtpdi8UlT9m37lNiyZE+VqOSK0q5YXuvq3zNFI2AKQP1QSP8iM6IzqN10nIeVCrnb/6wn6HXVX5+LcB78VO5+lNt48i4dMfp4lrKkxKVLvKkIgxhDgs8sDo64GUj1OlQN9+tl6i5YDe4MQq+Zd8sCm7ysXtvFYRlWGrgNnp3i5ZgL9WeXFoMb62ohcyC8V6WoTTY8Ux1A7g/OEE+xO4h17ryh+WJKzpKKGVBzY3R+JV9dTGF5VrtIfejSSKBkypn+URmuRMR6U/dJXILxiQgbY6MiG25Q8+yTf24I/u8h5kvCxnKR8rGJtio7+ki/pJfpgRjgr9T0nyaZ7GKsEPzNv0K5aYs3kRu7N80JQlKHRToNWoe0Rwi405FZ8b9UObRzvbGZeRrmFenrLgRxLQkyu76AoM8F8taVFxQ1eS6mUHkCiDRU8AHqoxjqqbGOoTFyeXPtR5GvNT1mKLBvTUb8lVQcxncap/PkIzeFR9HbLqzmul7jfmz5Y01fU4FN8DHMG26shigArNQ/ColivRxt4z2+itJ9/naeg6rweiTd7uc9L+3/5fI3zqIKybzsoQ8gycK1FATfkSrqWumpOgD8StL1mUOGxwsNtTYRBOsp9bhYJQL841VEsrnnhLSIaHcnVVuLDBpCMKqaLD3bfdPIviaZei1Uj7o4t+IPSo05NO3gGI0GVxsTQQOq+UV3Hxz208/eMT+ghuF9nAS3QM2f0Uu+wbHxl4PaFjckR84nIIN9iTaZimAteeQHv2J7pZQwzHt7C63CwQeaxUKD4PxVjQ4aFi+oUAs5rqS5xyH/2LSuENPqv7ZLBCDqAe/OYzNw5NNu80mvOzRfOWFuiDuONy+XF/RkraWoe5TlooGj/jGjVjbh3py8QD039UZZgnHiA9nBVqbndqAq3SkdbJtFzrOZNaI6cSRl0GzMJ575OMK0RfiZTrlQ8I+0VMqVEf5pdYz0UfqaJG61dMKpv6ycRProyueUCh7k5tay/8qmkUFSjD2SVq04EduJ5chiVYXLTpbejU/MN2MmviOVK0g/DZTWft4Nzi47+5jXvC6yBaSkpKc+59+F0pMm5Ekx9YGtHUYPMCnkEbz8DmIQy3EV3CjwY9JhsXOTjcjv4669Kp3XjXCeYIsa8WGc0+2IMD8B4rAaOwy+5Cccj5HTAhG4jHgzv/Xwt0+S3KPaWa4GiMVYQnE7c7cmXbRkgJ/H/EQKvbhMNnCe+JJSdVCinL5/awoFn+sx5k7ftcu8XPetiaaELwuqIXwonmiAm6Di/Q+BLhXiNLb22ygct8h9xuDGre9MLOLIdT2lXtKztNc3GWzOYR3a1WLMu/zI4JEyC5MOz8RlpY7Nv5a1gDWwt/tVLVjLSQ1jzQFGm1tCNEgNzbYLaT2ge4XVwZuUgiozCyZbFjB15MQ7m5M5MwHO43Ym4BK7FxjnKUJ449vBo2pneMC57fcKd0tdQvsPnNTkOw49OQjfqOQKJNgt8eOdcADY0241vjoUTK9mYf/kOcyJqy3R1Jv/Co2lDhbt7tGJJSQvBY8e6/s5uG9sw3J1MlNQ9l4XJ6wfh+seN1Pm382d3ytJBKm5d7z0hqHkTZLMJIhXOlWcXvyDnBZ6K/gLl772/rzudiMEB6Cx3Dqle7dGMXv+N9bRBcDo62yT17HQlSAJ3jRBIzb4TG5S8SdwR+uQPLHIIEznCbDYlESh+yuXF6Le4oPDkMNSU7wbj23z1Ilh4+pLo8GvE5l7TCTaBiEL8kFdHqSyOXVP8HXQ8Kynpf7iZhBXaJv9sqpqiPkXMYPM4q79CkSTtFGk69tQrbebPRcWQzJAddpebaY7PVAwfsqUo5SnZAS1gicOvhXs50ZdnsM1VUQ2fu/jIa9BWkUEZmtp32WwzJKGoesOWW0XlIRyI7U5SCXR3mmQkPvbCGvLRC5Oup3da/VejaEEvXbnZXkihcZOTXulSe84z0ApKiksSPANhGnepg+tTFuQDj2W1d2DixkcTDDkO/5tZgd/SZ3CD3KYtjHQkRXsflHGjpbi6u8NXccU2E5/TXNshAxjAF/XE1DHoCy7O8D7I6gEeyo9/o3HZxzP2go4SryLAkHK/kpJwyu8oS7oz9bXt469sFFqjO144SqlE8ONpeHicZ2flD3Vz54aFlC5K1eutzFx0Gus/giaVVoAZ5pEdaV/NyaLrXHiW7vq3cNqHNSepqvnK4pe1iL4Fr6ke2r7xfGKS45+Y8XNSFI9AnZNoD7N2Ob3VnWWVZR8hU65a5wi1R9upp/UASUF6tkgLLMx/Xj2zCIoxUiHrIle8Ybb5l3tXgkon/q/5KkJoLQ/fCtliyZZ0ug/JGnQzei0RXJskQAAwvzXdrEQjOvQqRxsm8ZFVCl+PAIwSF4scLCjIma+L+9QkftPnHxuUZ0eD6q3+KK58logQGvqyQpMgrS9Zu/3K9DadtW8oQ0EtPC0oGWN98+yoNRg2TMD3wKP++HWje86Fpn+tpODO8b+8Gjq7+AhvZXuJJwW5/N0eCgHwHEMi0rNS7nHEqO+2iZnB340X1C08T6P2pn1ksXGdPQp11ed2sA6QHiJ4tzff1DCEcrqUiuRMC4wlmbXH0iXYAzhWll7zrVRwnWa9c9YGQ2bByfD18f7/y/VhJYu1kh86gsSfulrI5eVnKVc62uHzphSNQf6v8R0YIq0Rl58WUlamB9Goo/4W08bk8FOx+aLCjKVs8XvxvAorJdJt9NixURjhaD/CxCvrl1KitFIYKKsYTRIfrf2sI0YJ7iZ3Kew2cq9td8wo8SNg0QrvYL0v78Z9lgTzAzjvj3L0hOC1KW/G9CLCyLDGt16n833bGhxR6h35kg+2Gz6IR+yobFqr9sOaAZLzcQHWiqSalfT+qTvS6FC9acQ+EBXbfJP+getBEUKfcXuO6P8LkCSMwAbY7j5DRfNpnQ/N7c3ECZ3Y/GzHwwF1oBWxl0tYeYOwGBcIE1uKQWYrFndpJ/hQd6Kv5HN+3yBu3olTqrHwQD46ml8+MX+mfnwXZcwIpNhYPqKBjbyrwJ9Ai1W22iC9z+fq3VdbS04cYwR3t4QMVp/lBb3WzcRtKEhCLm6Z66Ykfmpv/VWeyrPpSENXhER5yfgPH2fRbjtO/iNKQkjof+B9AcW9O1oJIrmFDOME9fb4eXyKnzo+rPcLPIBFnoBkFrxbEqePMMe82YqvDKOUntzwdv22YwZN9YHSH1r+dDvZ9Es1nI8eHVlWvmhpoi4e0GQCqiTB24XBXGlNvk6vY5yUx6B0EGmGces5nkzPP3yOhC3O1lM7A/iPvSpR8KxaV2v/tK3k+jdV0JTvyjgKTax+bZZi0yZVBjj0Ogi9IwLTgcXQkujBvXDCQ7o1JPjLYe8XDxDSreqGOJAP027NtOBoZ0GrQVcpPZKFv1fTgJg90deabqqMvJf82ZerK3+ukQC6zRur/GpdITGkHFzMKGFqOmNjuZih+lT+BRkxyPAw1kcSfvbSSJOtgGwgbTKjY9Vu9mOmhHIGPqVdenNa8Jp3MbWsn7XDZFAcWhCyzAVVQhSrkowhD3ma0OerVJysZjAqpchOdhx/5SOaB2mZkfY8sGtKv6spNMPEi5uQV05XOaWWUJFMqA3hbmy7B/lLnzPK9s2l+GcX5LyYveCB0EOCTPpXstmjHNuwnnN7ZCWAYhgw3LI0u3SYQ1VUhiS2v+dNgWk7SHUzxbVOAmYFkmBpT9cZ9z/dTip8vDcHL5OVnRfPvluJy+3KkMSHI8PeN45C97oeuvdB77euX6ZhwDdZ/sEDqo9xI3RDV8ufrEl6WozPP6ISZ3fLFH3Czd/xcWSp4Pi/RZLmz5txXHg0XGG8GynMjyQysHQ1a034cEMcNzXj3KMaIHfeQ4+ssSltGrqBhWJ3rHxJO1i1hvKEvnsTri3tRGHwuZIZ9y8bhel57maR1no8mcvXXzK3asUxdvuHRaMf28DylcM6uDdDn4lgwTa3QuX3o1tYZs5+VH5Vo8t/BP+K9s1sJt934KegRtHzXIEfNnp1XIdpAtIzZygqmN52KB9BRlhvNbPcxZvOoWiwjHl3whsijO7r3kJOp32bizPd+HOHAO3Mu1U9VNVDCgq3NTJiqUtF6yrHI45+E4oo1k7tBaihs/gcPFtrk6pFQGlJng9Kk66HIAm9so6H0EqYxX6TdTrF2Aaa4NTRDm6b96KU4q7aGGTm3Qis3ldvJmBu2eMuVLf3tyWx444d0FCzra2+mQgOcL0tdiYmLuA/3bQYXr1KIJRG09XL/AEirDyu97wEZIb3CtZ0QKDO8ffBZv1Zuqi7gqGzL9xQ2mfwYBOpH1RgYH6nsTvcQFdySKLGSltSOJRE93+gdsRMzdA4k8DxdIhJS1lxZCqGmHSDK+m3YTYo4Ju4Cx06kblxvJTNPlnHNS6EL1PuWxXgVVLpLBJxpmAWu9YzsJZ+643aYm5HSPolHm0DFG+Qe/y+IVsCScpyRSvIPuw34cYnfyczzKH+x7m1Y2u2SALFY4m/BtxYi+dIqCZiFBSaK5HX+WmzatRR/64rSm+4MDQvNXiKcttoYzsKDwx3UKfhNX9vfx8PxVFBGhvqfY+vBmJ4CslmFh4uYrF1lJ1moaV1hcG6xIH+OMrptPzPxkIKr/xYPJXzUeRr0UeZk9nftYR65tHklTv0m6Dz6xeEN7VzIDw1szXm9MOOdFLU1p0NvDn0umKC+zepRmfXdF1rFBlHgPpF9rM0koZawa+SDGNVVeDwsRacAspFQ2tbyi0ljjJGqefl9vnZcQD4UI33p8XfcUKjXv76o4wKIazGR3qVX4YOx/+Z6g4bpPUJSlTCGISvJixInLFPqYH41FDwXUGOrHCwtLY/tL+9pBncWwDrblYIbdusOXJT/KTtNd2ItH7/mXAkfg==,iv:bEo9vnvyH7KsTwWgMddCHxBWTSVjq75HiM/RvZQT8LM=,tag:PB2qPKHeaHycEyKbJuLLDA==,type:str] + telegram-registration.yaml: ENC[AES256_GCM,data:o/jbZCNpk1uHZ3fKB3G2MEjyW/4xcjAAH0Z6HDF3NJWxT5kyN/T4LZI6k+RWcQ4dLucI6QsDUbsg/xN6zQlBxqBenCWci6B+fT/UhGeYhoLCa9rZlMq6HEV/hTltgQdp/1CY9LtXIO8dHs0LI9bv/ji36YZPlVYL2ahUjTcmbpkjnnIVVMk1ESO9DXGbbJ5xw7gADW62BgPVUrkOLoPA2Mn/TObpjdHe2o+NuQFQXBIU0T8n9IEdLZ7jIuPVa83xfv5Pty1FrvpRlM2tE9+6Jo4CKG5bS6cspIrI351GT4vxTT6D9jDU0vSd5JM2kY+l4GK1vg/2FwP69KstPo8d0Vv6hXlOR+UOasU3kCtAZ9ux21UgaLChAY8swKnXjHo9P3z9AZQv6zl9FUcsaYSXpG7nSSe5+Ue9nuiQSXJOTlNBn15BS2elQqjqGLF321uom8QRtAJECsMfY0r+j2fHEvIlJKbNYPy3uCDyRv8+C8Kh/BrPTX6z+pE53NfNImJdCQZrgdZl/SCUChDPrAOdecTLeBd3H8j6JC3I743bt1lU2wge49T/3G960yG6zBBU64rHVrBatU+QFnBXko32NcgdsjGXDU9lnhj4H56qMKIOoIXs3VGSP0BzHquo3Dx+A5a5L5VHpU+yh6hfe1prqZ7vzuAWoWyaGysbBPF3sN1cfWMVTu7NBuSq7qRg3dwBx/4F0jYwFnEPuc8C,iv:aHh5NU307aTro9oqPWxSFzXXhkuYroWedKA2uVNHo9U=,tag:yhg1XCbxUPTeBRUPDzi31Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-01-25T17:49:02Z" + mac: ENC[AES256_GCM,data:7ZbfssrfQL6B18yMuFNK4HTMbFpJtIRtYHyPskgYyU4BEOhE+1h2temdwRj7AON0YZw1fH3h7DP2DRT/Ky7u5GuPQx8kTvErhjQ/vNrgTThFdoiXx9x6PZYV9nCGJYVUFclpYcEjgZFrj3TwkWOKswxMtQJLynx8VhYo4RyRKjQ=,iv:YETzZJH8auuoUHBsoLsFSZZIjx5PXYJzaLSwPgohCow=,tag:JqXWQXZtMiOWHqkFdGXYUg==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/bridges/mautrix-telegram/kustomization.yaml b/kustomizations/matrix/bridges/mautrix-telegram/kustomization.yaml new file mode 100644 index 0000000..867b208 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-telegram/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: mautrix-telegram + app.kubernetes.io/part-of: matrix + app.kubernetes.io/component: bridge +resources: +- statefulset.yaml +- service.yaml +generators: + - secret-generator.yaml +images: + - name: dock.mau.dev/mautrix/telegram + newTag: v0.15.1@sha256:e328dcf5893a3ec782212d9bb008e4f81ac3cf4e3c7abc3a49cf6b277749b32d diff --git a/kustomizations/matrix/bridges/mautrix-telegram/secret-generator.yaml b/kustomizations/matrix/bridges/mautrix-telegram/secret-generator.yaml new file mode 100644 index 0000000..0d9eee3 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-telegram/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: telegram-ksops-secrets +files: + - config-secrets.enc.yaml diff --git a/kustomizations/matrix/bridges/mautrix-telegram/service.yaml b/kustomizations/matrix/bridges/mautrix-telegram/service.yaml new file mode 100644 index 0000000..bb7e0b7 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-telegram/service.yaml @@ -0,0 +1,13 @@ +kind: Service +apiVersion: v1 +metadata: + name: mautrix-telegram +spec: + publishNotReadyAddresses: true + ports: + - name: http + protocol: TCP + port: 29335 + targetPort: 29335 + selector: {} + type: ClusterIP diff --git a/kustomizations/matrix/bridges/mautrix-telegram/statefulset.yaml b/kustomizations/matrix/bridges/mautrix-telegram/statefulset.yaml new file mode 100644 index 0000000..cebf8c5 --- /dev/null +++ b/kustomizations/matrix/bridges/mautrix-telegram/statefulset.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mautrix-telegram-bridge +spec: + template: + spec: + containers: + - name: telegram-mautrix + image: dock.mau.dev/mautrix/telegram + command: + - python3 + args: + - -m + - mautrix_telegram + - -n + - -c + - /data/secrets.yaml + ports: + - name: http + containerPort: 29335 + protocol: TCP + volumeMounts: + - name: config-secrets + mountPath: /data/secrets.yaml + subPath: config.yaml + livenessProbe: + httpGet: + path: /_matrix/mau/live + port: http + scheme: HTTP + initialDelaySeconds: 120 + readinessProbe: + httpGet: + path: /_matrix/mau/ready + port: http + scheme: HTTP + initialDelaySeconds: 10 + volumes: + - name: config-secrets + secret: + secretName: mautrix-telegram diff --git a/kustomizations/matrix/coturn/config-secrets.enc.yaml b/kustomizations/matrix/coturn/config-secrets.enc.yaml new file mode 100644 index 0000000..25750bf --- /dev/null +++ b/kustomizations/matrix/coturn/config-secrets.enc.yaml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: Secret +metadata: + name: coturn +type: Opaque +stringData: + turnserver.conf: ENC[AES256_GCM,data:suQA1LL8JiKemZo1LojR4WYSk5ex5DIv4wyOGjS6gZKGCViqR2uvIBT1DVI/LfIjYjuBDM7NqDOSP/kQxChJDrUksaOCU4Q5uc/eE9zlyP7A/c4Cb8evPQ1JApK2GTzFwz8J5x6S4aa+JpoAB5aTvijfcW131pmQOtz6uanEhuU1As9c9g57nbGGR2lLRx7rYVMqGC2fxg30JJewSjIYWsOJoz6+Y/callulnQKznil7cMYwjiMK/QoVgdsvmW4fjcm8PbBKdBZbh7nDQBcvtrr8lqyMBNl/XOTtU4Ael28YWzDtdbWH1jdJMnMieWxpa2D2XnWNqd0XdYxPwS3HnVHVXSgwOYUQutMyWNBA1wnIaC1sg8Z5lzqE38DzXfA=,iv:8wwzXOMCH4zadAtifiFAbwFEQ7O5CO2ogvCiuEDV8gU=,tag:D04paJjlkzeXmuyLvk4f8w==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-01-16T07:13:58Z" + mac: ENC[AES256_GCM,data:t8y4z+JQ2ua9KcykwoH2rHi1wsHC0Z1TkxkMZvUenQFxvwNTHC4NghwWGN2kcCDO9SjUb1J3BPobZd/EqSitQ7kTxyeBTa+qcylUIDvCmk9S1ZHVyJKhoQABbJX9raClYV3a3zrk5WNi4obXAHgXGpMdq1cVe53GR/X5z5ury7Q=,iv:x+WQ8t86EOrejNyv0grHSyd1bOpWcoZ/lqmFtFHHR0o=,tag:XuiuZUKe32MjNMg4nx9Kvg==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/coturn/daemonset.yaml b/kustomizations/matrix/coturn/daemonset.yaml new file mode 100644 index 0000000..815a22b --- /dev/null +++ b/kustomizations/matrix/coturn/daemonset.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: coturn +spec: + template: + spec: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + containers: + - name: "coturn" + image: coturn/coturn + args: ["-c", "/config/turnserver.conf"] + ports: + - name: turn-3478 + containerPort: 3478 + protocol: UDP + - name: turn-49152 + containerPort: 49152 + hostPort: 49152 + protocol: UDP + - name: turn-49153 + containerPort: 49153 + hostPort: 49153 + protocol: UDP + - name: turn-49154 + containerPort: 49154 + hostPort: 49154 + protocol: UDP + - name: turn-49155 + containerPort: 49155 + hostPort: 49155 + protocol: UDP + - name: turn-49156 + containerPort: 49156 + hostPort: 49156 + protocol: UDP + - name: turn-49157 + containerPort: 49157 + hostPort: 49157 + protocol: UDP + - name: turn-49158 + containerPort: 49158 + hostPort: 49158 + protocol: UDP + volumeMounts: + - name: config + mountPath: /config/turnserver.conf + subPath: turnserver.conf + readOnly: true + - name: var-tmp + mountPath: /var/tmp + securityContext: + capabilities: + # https://github.com/coturn/coturn/issues/994 + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + volumes: + - name: config + secret: + secretName: coturn + - name: var-tmp + emptyDir: {} diff --git a/kustomizations/matrix/coturn/kustomization.yaml b/kustomizations/matrix/coturn/kustomization.yaml new file mode 100644 index 0000000..b743bfc --- /dev/null +++ b/kustomizations/matrix/coturn/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: coturn + app.kubernetes.io/part-of: matrix +resources: +- daemonset.yaml +- service.yaml +generators: +- secret-generator.yaml diff --git a/kustomizations/matrix/coturn/secret-generator.yaml b/kustomizations/matrix/coturn/secret-generator.yaml new file mode 100644 index 0000000..77841c9 --- /dev/null +++ b/kustomizations/matrix/coturn/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: coturn-ksops-secrets +files: + - config-secrets.enc.yaml diff --git a/kustomizations/matrix/coturn/service.yaml b/kustomizations/matrix/coturn/service.yaml new file mode 100644 index 0000000..ef9681f --- /dev/null +++ b/kustomizations/matrix/coturn/service.yaml @@ -0,0 +1,39 @@ +apiVersion: v1 +kind: Service +metadata: + name: coturn +spec: + type: ClusterIP + ports: + - targetPort: turn-3478 + name: turn-3478 + port: 3478 + protocol: UDP + - targetPort: turn-49152 + name: turn-49152 + port: 49152 + protocol: UDP + - targetPort: turn-49153 + name: turn-49153 + port: 49153 + protocol: UDP + - targetPort: turn-49154 + name: turn-49154 + port: 49154 + protocol: UDP + - targetPort: turn-49155 + name: turn-49155 + port: 49155 + protocol: UDP + - targetPort: turn-49156 + name: turn-49156 + port: 49156 + protocol: UDP + - targetPort: turn-49157 + name: turn-49157 + port: 49157 + protocol: UDP + - targetPort: turn-49158 + name: turn-49158 + port: 49158 + protocol: UDP diff --git a/kustomizations/matrix/element/deployment.yaml b/kustomizations/matrix/element/deployment.yaml new file mode 100644 index 0000000..904e82f --- /dev/null +++ b/kustomizations/matrix/element/deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: element-web +spec: + template: + spec: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + containers: + - name: element-web + image: vectorim/element-web + ports: + - name: http + containerPort: 8080 + protocol: TCP + volumeMounts: + - mountPath: /app/config.json + name: config + subPath: config.json + readOnly: true + - mountPath: /etc/nginx/nginx.conf + name: config + subPath: nginx.conf + readOnly: true + - mountPath: /etc/nginx/conf.d/default.conf + name: config + subPath: default.conf + readOnly: true + - mountPath: /var/cache/nginx + name: ephemeral + subPath: cache + - mountPath: /var/run/pid + name: ephemeral + subPath: pid + readinessProbe: + httpGet: + path: / + port: http + startupProbe: + httpGet: + path: / + port: http + livenessProbe: + httpGet: + path: / + port: http + securityContext: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + volumes: + - name: config + configMap: + name: element-web-config + - name: ephemeral + emptyDir: {} diff --git a/kustomizations/matrix/element/files/config.json b/kustomizations/matrix/element/files/config.json new file mode 100644 index 0000000..3373a71 --- /dev/null +++ b/kustomizations/matrix/element/files/config.json @@ -0,0 +1,44 @@ +{ + "default_server_config": { + "m.homeserver": { + "base_url": "https://matrix.distrust.co", + "server_name": "distrust.co" + } + }, + "brand": "Distrust Chat", + "branding": { + "default_theme": "dark" + }, + "showLabsSettings": true, + "features": { + "feature_new_spinner": true, + "feature_pinning": true, + "feature_custom_status": true, + "feature_custom_tags": true, + "feature_state_counters": true, + "feature_many_integration_managers": true, + "feature_mjolnir": true, + "feature_dm_verification": true, + "feature_bridge_state": true, + "feature_presence_in_room_list": true, + "feature_custom_themes": true, + "feature_oidc_native_flow": true + }, + "roomDirectory": { + "servers": [ + "matrix.org", + "distrust.co" + ] + }, + "integrations_ui_url": "https://scalar.vector.im/", + "integrations_rest_url": "https://scalar.vector.im/api", + "integrations_widgets_urls": [ + "https://scalar.vector.im/_matrix/integrations/v1", + "https://scalar.vector.im/api", + "https://scalar-staging.vector.im/_matrix/integrations/v1", + "https://scalar-staging.vector.im/api", + "https://scalar-staging.riot.im/scalar/api" + ], + "defaultCountryCode": "EN", + "default_theme": "dark" +} diff --git a/kustomizations/matrix/element/files/default.conf b/kustomizations/matrix/element/files/default.conf new file mode 100644 index 0000000..d5b4170 --- /dev/null +++ b/kustomizations/matrix/element/files/default.conf @@ -0,0 +1,44 @@ +server { + listen 8080; + server_name localhost; + + #charset koi8-r; + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} diff --git a/kustomizations/matrix/element/files/nginx.conf b/kustomizations/matrix/element/files/nginx.conf new file mode 100644 index 0000000..9630928 --- /dev/null +++ b/kustomizations/matrix/element/files/nginx.conf @@ -0,0 +1,28 @@ +worker_processes auto; + +error_log /var/log/nginx/error.log warn; +pid /var/run/pid/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/kustomizations/matrix/element/kustomization.yaml b/kustomizations/matrix/element/kustomization.yaml new file mode 100644 index 0000000..445d25c --- /dev/null +++ b/kustomizations/matrix/element/kustomization.yaml @@ -0,0 +1,19 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: element-web + app.kubernetes.io/part-of: matrix +resources: +- deployment.yaml +- service.yaml +configMapGenerator: + - name: element-web-config + files: + - files/config.json + - files/nginx.conf + - files/default.conf +images: +- name: vectorim/element-web + newTag: v1.11.67@sha256:5dcccfdebc05852e835de3fbb36d34cd34de2776724f0c8c50167d5da382e8ae diff --git a/kustomizations/matrix/element/service.yaml b/kustomizations/matrix/element/service.yaml new file mode 100644 index 0000000..2b86688 --- /dev/null +++ b/kustomizations/matrix/element/service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: element-web +spec: + ports: + - name: default + protocol: TCP + port: 80 + targetPort: http diff --git a/kustomizations/matrix/ingress.yaml b/kustomizations/matrix/ingress.yaml new file mode 100644 index 0000000..f35caa8 --- /dev/null +++ b/kustomizations/matrix/ingress.yaml @@ -0,0 +1,152 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: matrix + labels: + app.kubernetes.io/name: matrix + app.kubernetes.io/part-of: matrix + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/cors-allow-origin: https://chat.distrust.co,https:app.matrix.org + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-body-size: 110m +spec: + ingressClassName: nginx + tls: + - hosts: + - matrix.distrust.co + secretName: matrix-distrust-co-tls + - hosts: + - matrix-fed.distrust.co + secretName: matrix-fed-distrust-co-tls + rules: + - host: matrix.distrust.co + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: synapse + port: + name: http + - host: matrix-fed.distrust.co + http: + paths: + - path: /_matrix/ + pathType: Prefix + backend: + service: + name: synapse + port: + name: http +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: matrix-media-repo + labels: + app.kubernetes.io/name: matrix + app.kubernetes.io/part-of: matrix + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/cors-allow-origin: https://chat.distrust.co,https:app.matrix.org + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-body-size: 110m + # This combination of configurations allows for the media-repo to function + # properly + nginx.ingress.kubernetes.io/upstream-vhost: distrust.co + nginx.ingress.kubernetes.io/configuration-snippet: | + more_set_input_headers 'Host: distrust.co'; + more_set_input_headers 'X-Forwarded-Host: distrust.co'; +spec: + ingressClassName: nginx + tls: + - hosts: + - matrix.distrust.co + secretName: matrix-distrust-co-tls + rules: + - host: matrix.distrust.co + http: + paths: + - path: /_matrix/media/ + pathType: Prefix + backend: + service: + name: media-repo + port: + name: http + - host: matrix-fed.distrust.co + http: + paths: + - path: /_matrix/ + pathType: Prefix + backend: + service: + name: synapse + port: + name: http +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: element-web + labels: + app.kubernetes.io/name: element-web + app.kubernetes.io/part-of: matrix + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/configuration-snippet: | + add_header X-Frame-Options SAMEORIGIN; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Content-Security-Policy "frame-ancestors 'self'"; +spec: + ingressClassName: nginx + tls: + - hosts: + - chat.distrust.co + secretName: element-distrust-co-tls + rules: + - host: chat.distrust.co + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: element-web + port: + name: http +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: appservice-slack + labels: + app.kubernetes.io/name: appservice-slack + app.kubernetes.io/part-of: matrix + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/configuration-snippet: | + add_header X-Frame-Options SAMEORIGIN; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Content-Security-Policy "frame-ancestors 'self'"; +spec: + ingressClassName: nginx + tls: + - hosts: + - slack-bridge.matrix.distrust.co + secretName: slack-bridge-matrix-distrust-co-tls + rules: + - host: slack-bridge.matrix.distrust.co + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: appservice-slack + port: + name: rtm diff --git a/kustomizations/matrix/kustomization.yaml b/kustomizations/matrix/kustomization.yaml new file mode 100644 index 0000000..9130507 --- /dev/null +++ b/kustomizations/matrix/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: matrix +resources: +- synapse +- coturn +- element +- matrix-media-repo +- bridges/matrix-appservice-slack +- bridges/mautrix-telegram +- ingress.yaml +images: + - name: matrixdotdog/synapse + newTag: v1.98.0@sha256:8d962e48a1d88d2fb646c82b1babf4dd0ed765b21a4cf15600d77e90e46dc413 + - name: coturn/coturn + newTag: 4.6.2@sha256:9a5d44d1aebf28f1a96de4595bbab3eadc1ebd6bda705ca040df907f353f9fb2 + - name: dock.mau.dev/mautrix/slack + newTag: 4530ff397d08d93b673cd71da4c2a75d969ca0df-amd64@sha256:7db11f874c655dd8be77a75fb07bd6071cc0d7e92bc564e1397f5b2e0e1883c7 diff --git a/kustomizations/matrix/matrix-media-repo/config-secrets.enc.yaml b/kustomizations/matrix/matrix-media-repo/config-secrets.enc.yaml new file mode 100644 index 0000000..07639b7 --- /dev/null +++ b/kustomizations/matrix/matrix-media-repo/config-secrets.enc.yaml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mmr-config +type: Opaque +stringData: + config.yaml: ENC[AES256_GCM,data:VaiiYKOuxxxG4mE251OIIuwxN0MlsEYonOuy2Dfg60mfH3/ajZKUpERZxJySB3coLAyFVB41BV+OLsqFu1/D8/9XHZrvaKxKdwWcYyeAD2/0miNmkHJivcZlpOKABw98kknpBKfJBdRmEIruKzypqDqU/pdeXyW+efdjgfdU6b8jYXTgLIWcbgmz3QGUya7pI83ZL47JGJc5uOfUbrXz6Bekf/Li0PpjPUVvXq8LUhSjb2s0X5R9GXW6vqxPKD9un9b19pu7t/pnG2UlQgvw63nrVCW5LHGDyieOaknkXxJ2nGjYqiOfrfPFuiO9Lp3J80KzwZ/WQJNmjO6oQaG+p3NK7haOHucu0jB8j09piWJxvZyOdRcdLhwGM3qJJ+hCIEgu+wjl2BRy3f11Noc3D1TQ94eRCbCxgmO6NscHcV51rblTqHVAx4k76dAhMjPqZ+S1TrYHD60a8o6iagrgUf3IT0SuZYio55/LUNZnpKLGw9O9cp+7aE+IPzzcexkkk6eK/4Qz7HvHNMV6unA6LUt4ADCxSfM/XW5WmzcyCAYyPponLiXbal1C6TQusfo9pQvyTtw4l7diSKDckv185VttLP3CceVzzr7lBLMylIgXdSIqzcSr8kLRaVIu49n6QMymrq9I8DknzINbUxr5YNv0yPZD/tILoOOjpBNltbdfbD69ACDgXDnLHRnQaHmAPYhD31OxOt3EFuKhI5DMygwzG6Jq2m3fdYSvqw7sFG6/y6j5gw3AGB/kRryibrbyLhSSutcEhIfdrQx19YTnD5fMXFbm9DQSz9PtEWj7Pl84mvNpk2mDTrqbqWUF8UqGjrvDWk+ERZJtz9ZWYbyjy/SBi3uVzg9i1wsD3FleciuACVPrwEjNMCFL6vbuGusbGr0wDqkpNse3S4KKMjNRj7YpdkFBl8ksmJKtCJkrwb96d1B1CCv6bdBUD1B1bejZN4Ziae3yKO5n6jZkzLdCPb/sF3q3JhP/yDVDXMBLbh5rYH7GVoI9DjiZS1eMuN+NoPbZPpVFAmBaO/m3YTfwli6XOFfhLcJwMp2yJsn5gdeDXBvuPc5udnBAss/BwiYbo5f3MVvOuVvDLLdglgUkZU+ES+g6qKFiXcG8JXfnaa2XbDRQWKpFvoDv2+FNRwd94yDuJA+cMBpZvBS9+2dFs7O7g9RE87GcqMjEuHlI50YK00EjgdBFADtCfaDCvTHNdqqu03TRlOCTgHWyPrSUuDS5robgxC7zGG3YpOqNbJIyqhvwidHgpzIoBJGfjiG/0H/8ZECXa9ua5baBInBq0fwAed0Adtc6bTshkkO6kjHQFh6cx4rXdPuzEdvHnkIUPPXMsUTarM+ClhAwMAd2XGOvHvz63hjqVHor0anPAw6IG79yLIg8KvINfA+JMWSRuCXNrzTUA4mT9ZpXYIIA42ykPLso+9lhvR8TNE7JByLE7RipTuak19/FTESWgPEG0LcrrbuUyT3WM2VUKLUjsG8/T8tJhOeLgSyWRiNu9u74HkKTpxgwpEVoikQWbTiXYMPcNX7olcwfNBcNSywTK0pBiM/s+jVYSLPiAmGgC8Pk8jkd4dfRWfqpRnjMi/57+V2FenrNfAc7Ds1HnUIt4bfyegVOeGOeEa+gVK4p7+E+mHqs6aWxC/TPA9hDIQyeSHj/fIHS0IPXbVZl33fbObNIXTa0j+uNxeFOd4rDGV4D14TYYoFYTGYE7QMLEybMlSPZqhh8VbgPiTu1y6qQRQmm9bAMvareqTO2AdzOFMQD6jiZQAJZCBEek4wLbQVxDCHVLlQedCMVAOklfqkIPY5hjchADElszzWmrRHmsCrPrBBnap4r8ejAgBkwOD8AYFDSGtjGvtguUtAcyaNndezBPSyC5TqU11Cn1Dn/1I3nydC34veb0w+wGXDCldE+mkK5Ka3gMjlOHmD8SDqnbdBB4eIAJoGUtCH/tuzZ6JN09cCa7ZdoBVWE7CORfwzJiObr7LCQAcFgCKQq3YJddqgtElwul0tXWQtm90FPEgDDvsyrmQvvA9woo+RqPtjzi6kL8Y3VDIAB7/n/TQmtmJES2UvtYwlBfnZRAVvtSsKZFWmHw4QbveaBFIOfS/l+zcoF2/PmA/58YdH7LFidcFu9YvKFMuu4sKcIMao8qY4IBP+5qSKtOvSkXFWBDfwzrwbuxrcVXlbUEfbMGmWrNeuf7O74eVnoTlNuY1zYpGILhZbHHLKQkh8JeMkKPMUrI4o7/apNwfKlvnBzrE4c85drPTnq4XkzOc+VNnvhENe5PG82bwMKKE8xFzOneSzRqFH4pz0lm4dckGUe3gG4N1zpM1/wH0kCEzmplHoKmHCUdmity3lf/wQT2y7lwIUr+IROcEt0g0raF9GQxQb7gfvCfXHZYwSC9Db+zXM38WKzCKc8eW4aPVos0h60AGF8Hmas9lZ63myjhLPntouzyvzlC8gZ9op2Bdes0E6+sCGD5OEmjQx1pxZY/h+u6U7o7vRU7W+yA343MnF7xHqpGf4Jg5WkHXqXlMgqRZVz8TsKLA0DeJ68Ytj7g8/oHsaFgUjgYJdEllLN5/XCOTUZKgNVDMT/cwwyOCeDJN4fZwwpNQdh6Q/xm/doTVOJ7inxWrxkLgga4mIZDoEfH1ilql6IMnLNsWWOcx8Hokgft1LkySCPF2lNSq65G7X20UcxJ3XWyOtoW+hOC0l3imBAt2rvdQip98/Q2jfrldkEtJQEQkzgIZ3AFRP7Ifp3g7NnDiJmSRZ2C1IFeumtvXUKuv41UJdGuDKUdCaoc3zQR2fH641FVkxxQi6ZVtjcRCkwUcsy4lEkuUG5b4WLiqIri/mcwbmldiEuAUz1zpfBZ8JM52jBv/UZNEMM7jRAbwi7ozFB8UbPfL6qaNqMJoR8FPvqVeAhA5fqKQMgKHhZOVc05Z3gPn1Dy1nsjJfYdvg3bbEpU08UepMkE3Gq1D+OpvY2/cXm8l2po+c9jbYPjvWiDe19xPelMyZ3nAmyonnvYNuz+pk4ey0PKvT0dPQwtW+zsCT/4uhVkZ2QjC44rcfPhMs/rt+amPWaCZXI6NuhymekYg0WLaW37OOsaf3DyrGLopQHe9Hw+L7kxZDAWkp37u2QB3NVac8K6Bl/fbPjdxmHeuwE4IE+3/GpsBqiFFiLsWmVigYrUGnWFTTxxFv5FkxDbqG55IVXcY/2raCT4fO0kb6c1hKzVsKXgYXeSDq7jZyyqwIbOnM1qHNAbAW3R18ojGsepSND4CPDp6GHPXz9nIvtHtpzIW/gSkGbzyyW+ZTwf7Tnov/bVKgwqxSQ2Y8kxXbck4qOaxItoIlfIKfr1g8CAUIbzUkFGYLTmdenAiBcKyS26DlhQoPQz8s82h6CppBTjiESx70xApyKvsSWhCwx3RdsXYSuKC3wHR+GW4G4dJZHlNyuqsvTyx/Vs9btAm4esoTZ1hh8ZvGBRe7JV2lW/fFgMh9EJk/NeV8U+1MIHyN+cyxMwniJOL9x5NMzGR3NI2UOA5CEKIUHPgQw6GOkBxgJ0pGSmMgSLIcKW5SIk7o6RE5uEvbO11iTSalBHwbwJ6v1RW7fKTWRBWJ6OgP3KF1eA9x47/0cXK3OHnLwnkm9uF31LwT0ExTEOTEiKs8z08oyS9HqCvtU31GAmYuspsovsZ8jnnik8BEKjGcWwuFzVLegRY3NoBM89zTW6e34/ZDinNncLCF6Wo4ayiiA/dOUsCpk1H4MYYJnxeUgzPcHqtUvpdRWMfgJJa+S0xSl4Bc45IRNp3o1GHFjIqhMSW75wGPByEA4Ws2oMKJD9XFva4G0to1G+fGBRm+xmBkQ++L2869dg8zBzH/oceIEr2WFTsUglYzM4c1vydUsCrL/L/jJg8CN+ugDeEAqYc5zw69hEI3Drs5Bi+VUhtQcTvki+cO/xhymFtzHZ+TPMcTkaBknrMxCiS50kOD7Mxwln92CdlHZ73bDsp8brbrC9KK7Cgtj1uY8nlZF/FA8uW6ll+ZQBdPqb3EyTV5dZUsEKoCX6ii3SygONjnQ0Q6+NLEHvcwXY39nxLNgWPJsvbCKuXXCNOtnarad8a3q5E5n0lNprxpxKf0AVXjUQhrZ1Dz4kE/e3DTI7ezGASQQbHEagKwQrv5BQnBCMEZvFQmlPHLUJQc9ZW/OXPy+pBJdGiGQCSdIn7Qtg3Em8KMYMevYIVH5WojVEezdTc0vm6eDKxiB5pqurrZhiRuBh7psScn8nODXjRlv35gpucxGbWDEcg/EGJxb0mgfhQUF7VYvHUOW04oTjE7+M+8tzNjxYdh5LXNOKogiR7PEI0bDIj6skFlrGF5/fzqyXkIJrzo6E83YFUtoYbNOEUZb5+4OXoxsscy4ttIynqbzjSEQ2dQnHuPi4aKePTZo3Tv34Un/PuAdw4XGtc+AG9eBV8stSX0xHw9ZWQ94WU4CPl3uBo3qKWm8l5s9mGioLcEx5yNHjSXTb7XHNzAWDHCFfy+ULLlhu8Y8pz4iqkfbpSu9NKkkrfXWda7ZHm1gMfMkINZdrOVfl/zrBHpnSMd2PM89CfdI0FqDeCTh+YAn2boYBktzE1RNo/kINqhWOx/8APsGCnYpwm1YRdzZifxc9+L6ChyJT+ZCYyzlb0RuhyVYbDkZWh4yJ7aium7kJl/skrgH7XUOjtHdiWyECqY2/8zlsBiLhcu/o/ARBDP+ULNTHeHlQ6ouTwsnQfNVElKxag9iFfMEARCRhaaU48oHVe3+2Cog4+9WbLxYCvS3vJq1GDVDjZStSTrxiVZNP/bv3kFekezpKbhSnz23T1wD5+2WWRGm74r9AXq8ynJQ76EK1AJYPPTLmWcORf8TqyLRL23n1tmPJawFgh7U2U0JfQNui8Rs9hCqJqS7ocqJKlhBKKE1JUrloO4Y2e0EPNN1zaRQoPu4Z+C4We1Yrzupy/WDRpnSSqqYnwbwRvuTUcJ2lOk9nMJqq/naH/2hQjaZi8SBDO10qAYDJxhs5H0a4CvYihSFxQspuv2pwpdAOTl8FxJ+dTn2ZqbZ1Di2y4/cXUNBbfaw4aKcPskI1DyphT6yw7YLFIb9anjaOA7vGEpm13OxKla/GUnfxNq0G4hNxA/SY1xvufyFGybuXLZcA/jKUZ4sgE5dKW9y5QZQeJ9toCnUPAFLNay9HlxH+IOOlf5gUAtKbqGIGVyHPgaNGhP5pBJKBGhDJJLuGTxCpqI1VZKiSpzVsnooSSJk1TNRhK8TjqXWiRC4QSsT5SXZOhOKVTWxxzCIYcn0zOhA4SOq1KGu0Czi+kr96DBEZs8M4JykqjPbjRFuTzNT3V5ctPJLaZZp/Ii6NL+5nuwjvTC9g2atmmjCFePpZ3uMwWODFYRJ2mjKyc39zw1SPwRvniZTNA0bw9nTqWIoBFphYMJyMpWrd28hFX1fm9w+4kmvhg4Lf/K2CHyGJ26b8YKJZso4t4fgyDuI6Bw3QBwOQ+DQWdZW5DE0VeWW2E2tBJKQZW7TXzGdYBcGhqgdYUGv681d7T3cVrdG+7xsJX73r19KLo+A8BCH5iF+R9ZXhbZDISpsy+cT++u9A4cKIqJ9M+3tjh/fjeDAkfdqctbwAKkoTpLEPTHcWlX6t39OFbA6SnX2x7g1nihOinjU/03IjEYw5sXvE5pZo4YIn9xQJA5bt4Dtz1gZxK/VE8GB1kuZr94FHs9limLFMWqRmMKZifNTv0Fm9HCLn8kWzTc0uAmaG483uzt+I49PiQlBjS1BcH5kbMSqfQzakwDrAGvbBlx+Q5x81pwpYj6Mcgut384H/r8UKEhpRzc5K9GEIMdJs3DZhFacOuqWPMJZKAq7CDI9CsrNp6F9e5Z+dEcgRIHzdwzst4yQfTkNnonHyOv36QdgmldvYJM7BnUz8gVckeMyePa1zPv/6MSKPabpZ9Z7c1QoJ/NL20bV8axreKYyBpsvGfe1ZNWfr1do3BQESnAi9MA2MxXKW9GQb1IRKpOm81FKguw0XwW+VI6/hootVCm+poOARlitF/FYPlRvQowi+82QUTNKcL6Cs+EHM9+gQNgJdc5NKbL7H7079w9uC1cOtE+N5cMxm3k7UsH48F708Cd547QKaJBSj63bZrVeiemj4RuTvpf40uueIeS2uQxu1Uk4c2MByO+hILn3rWtHhV0r99pHXfBt2IbzzbMb7QTEEawyNSZn3TTuLXhqbTUmUsIsRjVBZ9TwRDg9vlBQsFmVk9VaPJhGshIQpFw6ZA7ZKcdGkOeMtH2RKOQGqlsn3uRT+cV4rCzPsNYi6gjyFZeGIjw93hGb+JJ/plAfeND45W3asq29raB5KRBPxi4M96WqRBzg5Pgsk41d2P7/BxsW+a2MkW5usE0d5h46ZL+juZM9pQUF9DkIiiOJ/2tNMv7u0DncVD0iI6kIGgyMFhzX+UBwx+3Ppk4Tmn7zFPXIS3uD7p0DQps6NFQSmrqJnkMZGbSXi6dQ0A8STNK+3KMUlW0ON1NgnJZGGhHkep2lWahvVsL8LBPOWIkmfscBgzUBFyy6zBjRZsYRMnoEvRkoCQA3KSwmDe4hvcAU3UCT7qZuzcUWi0JwkveRXh0WVGwsiqXPBZGb397QyGsog4kUBR8eGB1C6e249fJs7yY3qEvKcEhUwF7qDauEVHVxvr1WszEVYacme9X4RYT2td+o7WhPu+ahXy7o9xjyGSiygX8Hm1SvZjApjsHs9AeJxf4JJ60F/8JUff3cMUqaN2AlxJFWWYZ5rTDd9M7jj6JVPgJ9qhwybJTxT83w2Fahqzgl4Tz0fnV1rIRraKeGPRn/kmGJsSaThIVljYHJUbo4Sca6EVEbdB+39WUgl1u1wlnRVjlGJPBX4ozGmtXtPKJs9ITZVfohAP+zGi3ogHsY+mPxq2Jf2pB+0z3GWEGRG0aOmR+Em3PSExCuBkf6eI4zTwFbqUKPtx7z8HL1MHLNKp3GPX2Zf7u9Dtfzpm9dCYLuIrGLXMU/41LbIYgv+AhtzcZDUjDhg15X1DbGoCCmyDeyLYVV4ImcX58IvCzUa9PSNS3BMqsPVU7o3DbrjoJGU73xnSM720CBXQXiRGYPcVwK09aNnEiBKaQxjNrbxcHZaMA547SXb632nsF/3x+Vjq2XXYH85/DuAWuvnbU68TmBb4MeNe9bQkTXZZ+RJcQcARb5waJkKhoh4kcz0842PPm2HFxHCHCxRnG708v4NY1yvLaB+/3l0tGP5WpvZNNmVeegzpfryUM14P6y2R4Efsut3lEyn4+FwrI3HKBRiVD3rHbcMELXLsXG0SDnw+62ZRHYjL/CW/cxJovtYYafK45GCdGfiztzRTHJB9tcogYUCf9FZj2r+qKXIYoHM9wZXGd4s0hlbIDWGqhsrK9mAi3NyZOcTcHDuEsbNySf0aA6JpNPv5btRaUrDlwv4XTBbbUafnCHcpQEd2tSy4c2BkAI/nQxU2iFjOgSwR9IULFdRxxmaJTuLtE8tJSI3Uzzp5PqoiipschOz6MIf/hW888x8dwS7g1qzntkCvjc8f3IVkIg1Tn1ga3vILTjOe6q5Vol1stmUDBK7cWaPva4+y13BotFfbVgj1Aw/zjQBv6WzyNuOpDtw/G8env4rfEiljs8KyPXNSeKOTr4MamVCYTgw+VJ8NiaK4RlAojBT5E4JmvHVjxwn7f1b530W+6qL91dlRkzPTsfwE6rwSNO8p+TARc9YUWKR9Ytcph+HN75/FNXO0xBTpdBTY1o4gc9S2zcKU9pCxxVVbkHWDjEO2cGcDPatKmqTFZlgR5FBWZCcxIw9NZzLLQ4fJyb9CXVKDekQiyl/FhW6MYLsoBWMzlnaK8sF51iV+C09kA7Y6Kgl0ZoVr+eDjQDRDxLjnipStf9YfohblffKSkcAJjF6dPOA3mWpeJrMwbbOvP7IoIwddDnz//ZLvY3B8j7AMxrthasPqmcnJdiHFzbJkrh5NHbjggd5tB49vZDPwAe/O83f9iEy6QncxgI8Ad9n8In7pSy5QwD/1bXV3eW9Kdq6sX7UetDz57PBy8R2DGnuWRW0UWGIoWp7JaxqR6vPo1FCca1qOx7wAmWwAL7gDTq/zUA31rsO0n2bWLuPxw9GTq0Furk1LMP0zCSnWqYVaJlCoaLCW16Q3O2pLZHUsfl/6BAMErr2JgNHxI+zP5v+Jgrtq/TVrSDVgj1sYo8qNkxcWNnXgY11Y+BX5iDRqUtq/loUGmSmdJbO2yPmr7Oiqe5KWlAlfK2DebISdo/5jDalsbAfCdwhlbDXDYnV+gbQkS7pneEoWRdl0mLZ0sYjt3L3ILGkUfOmdSFEXqsTQBuzCEBXIz3DLPy1g01Rm/jjC9BBNjCAvSw+6k8aqNjSrjt7hX95xkZEb1hvCPNzx4Y+rSwgaFRASo+PCuG43wv+7IMVGIsnBwDWBD9FyPJA/Ir9h51MzbhKVcxJXpo/z5YX7oJ2bVJPm3uAmNJs/J7yHJ7YlBCya5/ITbdsTkm7oSGIXDv1JVSBSeojk8NBQlLENZeDWSHYWJ0WazFQkqnIxIL99Y8/v7NMXKouPTzSAwB3hAsFlk9Js9PKEAid+d7rZ8txX1W89BLJMRgTpHjxr1TDRN6XMSaUGJ3sBDZwSpXASKnaNlNcqiZHKnTuqp7CtpqldVc0URvQ0MwqKzBPfnhFMqcKvzDn8ezSqiw+EWy12FFedD1i+VTtvdx1MFby5VJ0zokauYyKNZBr24DEYLotRSwlajHq838nQPuNXGlYpsXjaHBJ+YOU93TaedgVI7MXByB0HriqzBswp3FlLqirT5cGYyfv6UQG0yn8Cqkdw7IzqCx0GilxRdsj9duuD+6FfFtlXuGL/UOXKlXz6P8wbOTgjopYAjLk9NbBxA4MQLWeu9SQxCLev6F/Xmxg5winVLBSUw+iIvEL6wc3/8i5NwtLNXmJi0eq0l5Fw5EPnmqTpsZjaOOyS4obiegl4KV3BUjsKU6ACgIAXyn7Tx58SKFFtcxBKYz5swsl6LG99hEOMSOEz4wqQP8NP2I+LlYpSM/12ruGWzCAhrCTTzaPqxoJkKMPWWu4SZvVS0Ti4CoyvZESEFW+D5V/y8GTcqCadowk/HBeAr1MUuOFn+GK9kYawy0NoKUFGapoLbmZxKlm6eAqjxxi/sqFs7j9kdMvh0N6kkvb3UchdE6wYOT+bsImlMGVsg5H7RWHp3N7jXKCkwgDJEnXPFQM28Nab3GL72l7XuAeifQml+MgZYIE4imqGblXzomjxGD81vi8pinYrwCLbyHPhIor8ZaHC38knYdfLLKNFBphelBrM72/XKuE7hqpsAosVIR04X4Ace/3yW8yWXHR00EBezpjwBE4czdPkDIj7qRZrFTpIoF3Mm3wXXyt9ti4RnECACmZ4smvzYOd8mUrNjQkyM4inN2onrP+wzpS1A48fK/T0LM0yEsXKelNswIPxWmfOnsaS5gjMRM7IAZluXoA9kvmn1au7jg76e1kMcfxIebbyhCyOgU4To2IAy0cJpWqjVBYmXPGSyF1vlqrNKzZToVr/Jzle0iP2WBBfSubOC4sC7MTEYIwbThNG6t0i/h0bXnlufQ1bfy3ekdGvgbR1TelT3RNoyxEQ4Eh/KOyxKNnxNOV1SN5q2LfvlZQrkACFEWst91/p4pf+cYjiVaOZvpauW+ZrBC7S1GC9HoCiUvXQ0wCTes+2/HZZ/rWAIWAXU5YqjX05ll1/ww+s/ynJN1A3A87KAKqFhgQ7jqCGM4zvhww4zqwLJEt+wsgPTl8hv+91Gl3PZb+8r/ZajoXksCyyHSKWVv1ihQAMZOs2LC748NszXzrBV0wgoJ/J7TtyrlhdEWh9huefW2/s9blj4mwWHLiStk6l0HCY8iLguvxyvsNn0bzTSWfYdK7x7XRo5PyN9PRmdPBQCnQTGcSRqqGiO6JMQ3BoIAZEc4mwPDcUkyS0ElOEiPZAUHLc3a37DQr2Nz/HXIvdNtnxLOsV48+So0bFBUFjEMjTcX0OFh7Al1ctpLp1mJm1XqiCa35Xe95XXaCNJgROhIKUk3+2OV2EqfQials0f0g2FScjeSx+e5U8W2HJEgVFxnVvuk/LtIvOYDgVnRE565fn5MGHx5Qhd5oagxE0qNdbPsmPvaDZrIlBUE1GK+0qRHj8pviZ9WOBS6+J73ZJE8k95tBnB0mtwp9AAXVBR2CzXwhvkEcc05uzAz+M1RiFvC2fd+htDBzC/ExUuyWJIACIOH8YF+c0ulEANbwBROenJdYpKbk6J2O9e+sxaVo6z+11LKzlHqTpgC1OSDMnun1SpNLxdGv6U+ZCHpyp5qG0icwgs6vzV8dJRSodnObJ3/9hsx1dSUzl72VlDn5tBJ5Horzuh6dNhkzfCF6YbWYxeHHPems6Ca+GDTI7DjfC8o+8PyYBo3VPDPPY6R6n9NmGabMG+KkkDYjVsCe1mHORlYDKGF9WCbfp888XJ3worGNXo0TdCVr+yCL/QUxxnQ3Ixtzu2nMI0Pkn0k2EQoFZRR6ae+CMhzw4ilMEaeHCQW6UBFw07iAFAW+F1E7kH+WDUzQIT1eaeso1Ss4eNQIQj2Wwn42aoJFjlhZjD7ikk7nITezJjYjv/6PDTaoE2Z6OY12jiC901JiY61sRt6gtW6O/q5Y6xzx0rttP+xbBP57kaLwEPGJYxkVwlnwYY5zoSj4qyJa8HFmLvSC/aADGjFnwAA8+DgkaAFPKMH1Ojqzkmsd/dNwBLbVWPoCOBomqqXdedra4b/JNtzIWklD4FHc+ecq15g4mh+f3Lbus1fcka5spBCLm5eDIyse5fWO+PFTz1Y3b4V7Zun/QGGqPjKj9xIXUENf3IxzrZbgFe2yG/Y+ZsBowH+GP5DInAhOaOfl/Q66qF3q+xnlK3mR6fp26yzopSmoUXOtFtel0tefErV1s5Mn4Emb6YGII9Ki0jFnoJc5de9trqn0k/cUn1+I4OB5cuSHF4bFq5J9OSbRQUA7cazASvCBInqwK1rYF+ocpeDjUikFN2nOcRDl0MuTdLV6ydT/WgkchWMi6l+ahG3Txnbi2CxmuUWvRIZUICYnPRyScrEThKHw25wg/vzC+KyATolyFW02OS9db1dwsiTnwLTftmujNCrQdWBM+7tpuWhJir/3b8KphpEMIOiY6b6qO91aeqnZWS98LJheZv8rzfrFx4ekgJz0lUyTu7shOPgTiWxjHQj8WYjAoHTnU+IxpuvI7tsNq8XuWFDQkcW82SMpVFMlLe5CAvryZiW9y7fN+WqLMBspF+Vp6ETmi++s7kCe4O+JpWuvCHc8yVyxn9FYs4kpYMAqNt7NludxuCgApA7CRsTJYJhPGWAgelrewCooZdmRx6pZLElVAmV/HW/XZMJrCK38eqEa7oynvxKP3xfJlKWn9yDHA+j0qtHPHt/j+baKD1ij3KRr5gZAtMEcwoXshx3usILdMI74bW9A3jlIyMD6RUNx+7HJsYvgedr8RNh8LZhFFFK4WDNgcNa+tVseSe2IezFxoBKINcYxRxtQv6sIEb3wkDub4284HxVueeGjeV21WYVceMUKuDcT68QiW66bJGoFmd2j2e3S4QGA/XgKCUWKYLKy9JBT1XOz2RIlebkBY2uEuHvV0SfyPD3GX1qBT0N6RybztskHvTIgSVE09B+CCdran2DtN7i6DFNGB3Cunq48hSSp5jugUe2kgp2mSocVjk1wlsW8+UjaMZZ1iockZqhlsbqGzhI8qTLU4uoTZAQumfbO/sPB5uxy7uiEtKCq44dGzndGu9HhLUFKPLiWqa1asI0kfbfF/puhrUkyHAMs0XarDxWgX0KT4ve4qDRqMt1AR0Hizoo+zMoSyf4icnTTsNLK5i4+2iVQ4Pva7PfJq826Lo7m0nSmH5b9Rp401AWoJjrXCdEQ9/mrJSKvxIK3cV190k37Cb8nAJsvdJFduXxqzZrMbi92XadmT239zuNpabx30p+0ZahI0FuZN7acHYOhNr09pYPGq1pqbzsvM5eR2KSssS1lVt37+My610oOH7gg0VlNYl1LZj17ZspCkUomUU4Mds0BA7pCJ00+WPC18DTDwlo25B+8SBSPVfnybKYzwav+qV1uANsn9IyUnDYy1Wj6aunNvWuD9iBpnr2LTZ0KY3w6ku71gkphtSnH/PQDT0utEUzmtWN3zh20kjxMNrkSAzZhlebha0bEivlo9E3hjQ218X2uwz4rV3Lk+RaFLvSvG24sLRCvQYisTOoaWzM9XPq/iB0QvdQmllcZouJbJaPjNBvxl23wvOb43FEGEo4U/ozZVqB3GKj65aHyNTD5BQs2hxuGUGBPxN/bQR+B/ZU/Ug+zuB5ACXP6KEpwtYmLU9j/67jV7YeerI5g07+4vzzQBaHBBRRIiZ5PGQ9nyqs/hLP4kGaAZjE9sDirh32U6CdUGFav3cJEAOFARTCwL6xYuMmCF49esKMyI9sZcs8Els5Qp8jsheiM5yuorCmFBTp5OL2SvRnMatEPxwW9DfbC7Ywc3B3gHxOPasSjspCIZwmRROqvIsPWoqEZxRbyC4ncXFehLNnO2KamhJpTYTAGbmoyIhhnWJtm7sjEzdsYmxXbnxjKsJ+xwZCkKC7GkLT4e9TElMb2dCQLSZh9nxy7QlC3b4TBdLdhIfvtAPKHbt4g4IaknE0ZZHBIuUlhrctBdt+yE6WsYsS1kgUksk5cvpanAurRsenZhj7lqPxuO9Dpf81es6ek/C0SdaNYvkatpHa9a36zZt9O0T+ijJha9eSrytudhWjp96Yp7rQsOiNj9mfnfdW+0H2L/+u5kyvy0xt1hKAooNl1N9LrCQYrj+ZzDvfhrbTJ8uV22ymNFA1kbjUpI9n6f5Z7hE+jNOgtfDFfMOQBHlV6MWGaeX70pP73tbJD9qNFsJwrruQpT1DQDlXeEtHUesp2WPNbv2x/CAJ3tWsD+OvZy2agXGXNEcO8cRrhvAI+xZVxAxQfLTEdOGqnPpd2L7eC+KbHlky3PYbet7D5QWn65owgMgUlYNIk+1/lGSWYcTyE3BekkQUQw6piG3Mn2sgLqB1GVqIVaYhiIHmxdC7nNbasr5a9ney5Un9AnfG+RBJkvYNP1YheHr7ym1zCCfVlZf7Yx028Tzu/Bj3xRknNzJHgERxZX3sNC0K+tqWLcbeH/g0wFnE+iFTpbUtecOf2iDO7RVA5fofAE8ROgUY54DbJqzvTwfQdu5IMunQnhfBC6DUOu2I8lVAqx1+sLCBQXx73WQLNewdwrrcPt5lBa7maAURYzWRmQEl4uWr6P9aJ8wbK1W4iYK0DtNoMUAfKNbyjfSJ6mwGea3LWVUmYliynUlesjUIA0e7y/pqOCkV5EUvvTC0AfSpDior9EdeXnCbxqnC3UTegujUmWbID6jWdFHx47DVRuCvnT2YbC7E2gfelvwNXcVHGyUkJrAtsoXKSnhDhZIX5PrcVhuS7k8/B+CkBE+dYp2MYqxzLcv4Gjja+gKgKY2j/hnkihbuJ0/2fj86S2Nt8M+F+1+V9KOVbcFRqdYn6LgnIlodFxSVi8Ixk0L9zqcMn1FY0Jb15wXwK5TScmur4QikF8ESWZeJmpxrhp3LvbUQoRVpejnp1Ix+fKcnAIWPNNQDlbzRzCxp3njyEG2XulxdimkAwXXvp5RpF9jbdf2/T6zAWY3ukKl7kz0yZ9oVQ84QNh2j4yhZis/YUOkukI5wFGtQmS3kNSW9Gy8QDhOFmZgCP2yoXtLNdfss5plKHNGJznEzyoc54sFXjDt7iL6LCCS+hK6IqEl87o2Ocf78Ai0B/cSCj9qQZutdgOJhv8bd31Ih8+Di0LdJMBTiiULlAij0q37iSn9yEXUNSlZdOScro9Jc1XYtnsdZx/yQCXzekJFnmoQLyxtrO0gv8nfe0mVSQ4+W9pM0lO3XqLYj6QnQzywMZAmhQ2exYYmshXZ6j0Kut8uJ2iwPjc0Upeid2kpRSHLIhtfeXlbOVgfVbVne9S4IFJQmLfMWt4IebMa3aEigw9t8Q32ueViuhpwWQ9vTVAfb5ddxryX/9AlJIyDtbMm7AEOWSp/i0imzbTHmysZB2Ee44Eaa9sgNxKktH3omUwuM2BEwi88TO98bvtkUKK1dhvCcs2q2TVkkotIs22Uki94E5AbLuvT7EgCErldQYAYcNORuf+x1HXdP9h3JBCH6exuff1d8qx90hLPQ95WP16lUeBYZs6rzjIItMfuWGgNHSUPTqUXCOfOBwDMvYL5NQVezk1gLww69wO/aIqg7V+40LujkpYrIGC5TLFfv0nN7+fmZf7E4MIBpkCT0PYFWEiwfK3gAUnCKpMEk0qntvkfU0jUWQKYsjUm2oo/CUU0StQCuZiOQUbWPwRr2leo/78gHHTqCT6tx1pvkXg1MGc8nynuIMSM4tkRg5judTycgcH+n5mbhZ+e0pMGgSD9kfTczqBJ05v4n6avZc7eUyh1KgmOkavfQyn2ttGtz48qBilOC05VEss6ZY6qDuDSR3rotyOrVq7SflzZaxAqmnUFGrpGzW3EzBnTkulH6FwQT+1ePE9rljLTB2UQkildxLg7QMZ3STWl4iy1EaSMTZYIVL0PcLTWG3mbKQVs/XNN+DbT4rzazZgDUktutmQH9GjP6MA0OUWxgdHNWb248NcBc2qO3hzQfkgKAdgcOO0LvqDHHMeF211gfDFEP7zokzjc1KfXNqPqutrptK8oClzJGt4V8z8Mjm+qGEqVcHX2w9Clrr1k+xSOf3wpfgwVjUy6LCL8iuWO3u8En2NssgLUNDPGEO7vCQomvudb8P72JMblqsOgXjNnuqkYFQJcL+hivHJkT9lhWDIMZiXUiFNlQlY4iZy819b+XkQuqfLyR3Bh2L5cXRJpVnTma9+Plgz2qFKjnt9mxUUVqGNBGbT1jvoAXxipnGJTR0ofvbFLOuYLWvoQNYLt0ezxraA3VwUde5e6lurhzehcNowE2WJhy3BtlFileIb1o3YJijFwUw31d5gsD98keu+qHd1gtc7jRAjLH2ZPe7HAPaffLXzYTS9NMe1Ftx5g63fMXFeWzMNJQA4g7zmOarz8nLJ0YJ2V8v/t1jDuSamWm7BJYgC0ebkE8DoSqvgA+8iVKXc0o1Xia9LS4mKsZJOcb4Upx6pGVfyKvBnrASuQCLQUGKLvQnl8QfZLGMEQJki0RaNGB7mwdLg/jA6e7+EmKth2Ahwdkw2CmmllOzqHgMlA4zUO0UUOmnkaMNZNbjpkKldgjS17P9K1yyzm9XZW/hwidM/wX22six+CJQvIBzJ+eSmfLiCAUtvPhu//fPC6U0X18Kkr1eujYOvUpNYv7/9AHbvQyLIiu9xQ3mFgp0E4WlMy80avzQ7okJaS61Rg9zEAmQ/jxeu1Mx4dELLY5QVwDY1WXbheIsUkRanP4KBW+R6K/GP+ypRtR3YsWc1CHHxnQm3E3fKjxIB8D6WJm/5XSO1aLzs9ZHYUqU2mRimQ9SCaZvKT/mNAOChBmYHU0C/sY4tdfwDsVHe2xGThTV7MoRhqFUsfouU72aT2Gl248oommX4y7rWFe+IDI+MJ/XTr8sMaLbcF6D6oKa5tbG9YT0cvCONDZBfbWGp/87I/WsmwX9z04ITkUO7T875Np2TQNXPcM4vv0O/1KJlX6hvKIUInmO/9lMfiQEaHWHDzdEWPTFmOBnw/SEKd8MSX8td4oMOPrYTFp5lT1wOQEKteewtbix2zRbZGDdcKclzBPgIxBlOWJkWWm4rarTIflKqbvKAn174g7jFd4FJVxP8kuxxIkl/4UN3nAx38R+DKLrNeSCdYE5StggjOScsU/rRcIk3gXTpuZ9oYehydp3+lS25PqqP09WQST5vKp479hmJYwElRe5iTcB6KNgn20qiBtYa+pCK3wE+xeVDbVg39k/jU01RRm1oofFPBUvbPX5Zl5HUcSRUN/giPi+VojUyU5H2sFYam3ecJ9A/iuvo9Lhg3DoImqgwdaiWUindTd/hBnZbXd0V7AzWbI1KfCmetskZybzfNe8ltsYCtU42HKAfrcIU2LyUNHfhjEP5crrgz5hmTGr92WKYzFC8E8JdHWsMMnHFEFGk2IJo2wW0RWAGNL4L/BQuHJaPodNiE4pJxlWPFzlqfNRxkkfGmUNVdOfIQE5YPPRmdywZgaOr7HJl8kkajHMaERKGUm8uQ2D5/N5hMBIa3zxs94PmyvE+d/3PdO7lavXNNRSOWZccch8f3HJGF2hZlvQxkWSJVgfEd4a1ywZ7dZ8g9kjjromcq8ILXLvPTDGSriwUJaDB57/KJ4eC/cLKxLPRsyeulh09pnDBezIsDF2Wmsv+s1uTkYMB2KozZaXYf9toihYyX9C25kc2crCD7yg8qqNxBbmYTJGmAigXqWAJbsZygr3ZHB578R2kn7Fag8sV/Ko8qTxDU9jy+TahzdQ2zLkUa8rX2W7tG0Bhvun+xT8GJ7gxDivGgzTUSOhFlVP3auvnXyqGaL50DTIGxVhQRvJfPUq10O3RTsNTfEUWcvb+GxnCnuRz9ewVGf4fLYFyMH8ki5jLZdPb0vemr2siRZWLMXiYj47yGSwr+0F2DJ81NJuWL5l9Y3Ha4n2qy+5ONJVigPshJ4D+5vaXdtMj01P90OYP/amg0zPLGpsoFJeHAd+TyQv/lNtjlV1ZB8joRvdYPTiepHcHggIuB4EiPSMjBrcH0wkquUMYZpLePzNRP1Gx4XwCawMDyv2BbaCH4W6nroeGFpD6gHVWXEFUs83zV3N8vS6RfBfp9DfUu2CbHFoG6jmdA/FeOVVgfld4WbOpzaLdMjxVeu1x7GOvEvAraPTyvWuHiZ3bUOPRQGNHBIw2+XTo1V1SExka5CEEYGf6ZXNqPzZeVVMWme+ayPtblUOt2p258ZSfoxRAjPxqjBgk0VHfFCiRbAPuqzfYtH16igk3T6VN2ctSNYeXOXTqha+3jwgUtW51z48CFO+xdgEJrOla2Uef5ZvOkFBx1+RWnDCH/HylvG8Z69tTwpSKXT9VBhY9Bio8MhLroFVmQ2oFt4NyWMhQNp52Fv1AJdmstPZXyCMk18JwI6y8Txc/CBeZFMbMy7WNLqev68itfiQtTrkNoFwJcNpnoLt/k5TSR45MaH2+KTUR7oajM/NwiwFAEWKNe82ktxClNy85OUlhpHJkd7H+HJ/qM1gtgAm8eHdNGgNssMi68Aj7yhgeNNmiLVbekZNAccalJVc6ZXP8HhpVt8G0K6WOWdJh4kZN5nt/vQpb4oARafShvTy1cUNMlXiOyzRkWxzJ9gw5OLKknhTpajdan6c0I3K/k8YQRpr0z6IXDdplXos8ZNtnfvBdyKAZyb2l0H+KupsotQOwYLdqawypCPXjSla1kUZMPGyg4hSQv5JEfATENT000Mi7WoMPAw3xMFn+IR+82CuxlpaQ0wOzZxKOCw4OmN+U1k/CtUSqD8d7SOdYyqMxzeLa5yVzC94cMAWeVbuRN/xXsmw0vYrz9J2L8/m7vYBICdpnvCML1DuOae3cWbo9gAjVuyfG4OxBiJRHg6A6cZQ0FfemJkjdMqfemFhvEIupDyr67EGrmYuK4K/P4B/x/eo0PILbBPvl1Lo4oqUI5BSOYn+tF43XIBxm1mOg3CFBfqpZbKrzThGCz3a54ja/mIiW0XluTzTm0ALc6+uFYao46g2S+ip9gOa/FdE5dmJlAGddDdZMPFLi4kX6r3MMS3yy2fSTcafsGMuNJahcSvbj4cpC4OdU3B2ixZDZNrOIxTfYVhj6vkhKunW3paR/OpLSLIw2I+Vwk4gJWxc73Bl9xllRbEU4wZKlJw2dsHhXKh0/C+laxtHi3mykbXuP4pZTp8pw72Fj/ZztnTnA83ijQXs19svQrYpFBewdbJxeCG4wb+EhrveEkyKsEOtrQ8hE9Fn00OULCQpD4nKSVneaQYGoE83c21KhPkuJGgJL2iaHxTkxp/iKyzL42PLZzhRPjeCllVNjKp4IUOynsbP1sAidbznT8xvePGnHtTDg+uehP65X8fji7HWL5i0KVlEE6DCM9KHeDoRUx6UGWj/R81rr+4BSPSyfH6P9KaDyUkXi4z6m/F/xDbD8/mThXAsPJofVitOkxDgv4jKVOXZxULDOPeVp/pU0O+/i62jtZNbwwENvCOI5tA2XlxgxNSQ/1gqH5hHnXsgFWPEkl3d8d3FI1iha65AhlmW7MUJgeiI8CiwvE/z/hRTuE9vEAvJSaf2yDrNDw/85EAVyCOjjf58MQwzLTLK69PddwrLDQ4U2uF8Bmqu74MJKLQb63eEyUM9LUyy/ZAYj1/Thn9EjzJR5mJIKJlgxKoyUOkZrEiQtns2x7vOHkfu2zxBG5mkdNZJPIQKEXXjT6obtNLKCctpWYTXdQ+I7vup6iceUaZUkoXj+g/VERUN8nKh2sijPDXx2QAY1nNC0XIOV+KMaDqEQfle64GF19vfg9LEaVIkY0hH3j3bBFf3sm53VknZGjxK7WC4yUQTnZWgOCnFBn+8/EytGufZZ9Yt2goIAni1YF1uTBx8QLoaJ/XQsgko/NDyAjph5AaY8wdFa37sETV8cRJZKmfTaMHRxCZoG7RBKZy1PFEcx3wvmP7w4VVi2FbrYWME2A8sm3vhca+ILdDY2ZhPK8NxwL0dd2PcppI+gMzq5Tm2BBOrW8B+RR6ORKY/vIrilS1fSDgSfI0XT09+6375MbXBnFJCNXW485g7JXE9tx0txopLwLYS3dU4aY643wiNdagG4yoR9HOfQW6/O5C2KZiUQ/P/xm0NiJEyFcoz90MtyorRefAr+JCQzzMeHv/ikaU3COMi0+GjSF4J86pkPcX7Kg71/apUUy0V1jTtzZ4suwDlp0puUD3TrzQ9i8oIUQz9h8fzIJzGwrmFYCDVIRwkDhHCwVaBAm0yXLwuYaO4wXANqMY6JtLgFu7DJNfLYnTwDZr5Izwcy6ac0tGKxoOgdMqufYZ3b59JU2auFISAvKThq26wmOP4AAJjDwWvkymWZAobQdW/tBYuhYbasZZl1YSM5huTFnx1Vd96uVzuYgTRYqT1BQVizj5zUlAjMUvPpEMRjv5FI+FOG01LzznB3Q26xQcoDPXpK1b2HMPVb0EPPLJljv/W/H+/IcG0HBvv1JWoie0YF+U32LCKwndzApfopP1mw1Hpi4wLrTqIlZdGJwpg+vTDh8RcbyBnWNXrUWFkOzU65MCXtLsGUnBz/VtaqTxlKKIvaS6GRNUb7jASzhSqiTloaiJdKlqgsSpygMZK7SDdzW32eOmLflNRZ/lQ+il1448VTG6nC2pSoFDu5oPmPJStykPb0pzzsSDHTx/MIvD++w8xVIN6fKzfEnFnJw0rmzCMOQ8x9Lt7DDQ9KvCYGb4VdxhUp7C4XHFUwbao/vR8sqx3Ym3dJrJ6QwOFmgqZipiiRU5V/lC10WfyTIpYaIJ6HyRCOFSz1BhL5W2DALhiXrGckfGSX83EzJMS4yTCymYJJgna5nbhSEfE9nw+JrP6sTCfMMprsZgQgrxlgc8PTTmeCL5/yvIoZl3eFyO1J8jszSk29LUEsUPlCUrXVNdXDkQOeRu8+Snh01mrtfdEEst6+8SVpt1VaE47Edu6I11S38PWhK4SSE1E6kBze+srKus2gBrsJjOl699Sh3iKPnJnyWOo2X0atpaEG+5l8ubA0mXeZcw4RWHJc22J+nGfrgTVnJzFVHvRp+EOxk3eRdzFXkeKbtUVCWt5ddJWvTCFJMyPrh1J08wZn0k899H4/RaaWCNLVFEn2J9RJ6iYseGt8IbAMGFB2f+GCehxuUOcjs3coFGmGHjkH04dNBMog0tqmdSMPoJmlZDOeSeKgV34xUWrzzq4gFJXVhm8dRn/A/DwAuJWt+YGJLJwR/Nw5SWsfbJndSPNPzUZbBHRpmOj5CiCfWv09erxwyzSLRJRu3b4eF0dcw7whSrJrJLyqpJQcxBYb3hDRnwX/x738hi+PH9OGLYk16TC7OoSa4yWRol2BZLjvnycXM9d1fF2g+aTUiOr+sqbU5Y1/mgXw3FPyKr8jQzvys53jaANdoJ6i4Acpp3F1psFwmfX1yuxEc3aR8pNsMoz+UF1aMgn+pdCMg5x29NWhX99NgK8Q3Lyv6Gy8rFggBoKLv7BWKMa+hShR9m3mhhw576bgf2544JCE84Vud53rqwAziWRtxiXF6xcwuC1/9AOpB8KvFL4DJ66icB0P6wLSv0pa0BRr8oqx2OET6YmVNUjl/XJ053p73lAhbQheI/6EKM4Y+49diqhUsle4XATchkQIVbIEI8KdQM2HQYOOpLmsFfy2aAP3MYYzl1nAgc+T7kJ4Bqg6AiE6jRLUT6ZXN1zz2cLicafSTFl1bpFLUcAegHCAE93vjy2QRdsbyFAqiPMgiwTy3Tbs3gjjipURnEQIxRCrQgQv/naJMldMXDM+6xVt0dWpCqz6PTauIES8MUm1v34yF/vDnkIV+C07fy3rr+417jnzD01tuiOPpwHLBqHlqf7wSVyOOOmr8ub71gRlgQ8E77dCciYzm6ve7o/HpLcKfT0HXvjSIHByMMTG0bbsWxvZycvo5kEjEo42+ryOL6EDvddNU3eW2dKfKEa7YkYkhnUf1O5SPtNhT+03J8y3aPqrszh4ibPnagMz35Sllw+PwOK7MPxWyyuJMhxp9ogg6tQIJsOV2Hwj6HtrmsMqkeoQ31LlsnEsNJZOSewmuKaU9GgdocfTA46Dwkz8Y6vF3F/XKSCGkqM0u9HDV3QNt8umTHVIQ6f4tLZxX/cj23OlkBEiFhzJgip8XhfFdooiQT2bzc+fprQUtpAReUfoNOiigvT6iyI56ZmC/4IVj1LE8wlgYyNs90WJnoO8UL/HfNXqU2kS2mRXKM8UDNcTXW8KJZxa6Riu6QuXSXeDBbp+BfhzrehDc0KUL5ikKq7MFGnuptFz8p5uoGw7z4zF1KsPcT6klyIkccujCB20hB1FvUxWk8b4bfbwtt4Yrvl3/7O73Y8j5O3m7h3ZGw9shDaY1PrlhHNDDfMKg/xQZjnpXPBgd2kVt/b/b1dZa8Q/FU7TDt969LXDZzpsBAKBqkM+Px68/g1oirixBjl0Lvrdv6iLJqWze4BgirmNyeJZRJEOwd+PForxriwSdvZYEvWD4ijHFq7qaxlw1Vdkg7pchIMZhLAcF+rz/dS0+p6h0vYApwIjzUITmyApQbuCqrwRivhbkaaOUafI9qVLs8E1F/hZIj5QvuqhipaaUjd73cGxiwu9sWNbuliL1QJPD2cF7aCgZQVfH+TNRiewV6HHSIWtiYZuedar9loEwVAVZ6XSiWWPcPeYx7YMtdjnjYLputEv7VPjAECay/ySKn87PD1B8Kw9btUAmdIJ8d4q3EJh1MZ97TKTLFb6cvu1ylFHosrg+bC59zpcb+ynEo9LpV5ebTKR4oYkhscRsoHmhdplWnMrE8Vpnp2Y3D/bQr6ko1AMCIy/W9s7rbaU6gCSKAXLAdncba8B7IKMmIVO1g9T5DRMwaFM7HtqimqIibFXf4cuOzAPy16+oRYfPd/9J1A38SzjvDdF4c7l9o+NDcqCRKaVZmvEUHnd0pZox90m2FADJcP6/1+wugvAaYMeh8wo15EzLvAj0+wPATdn6ADpfKL/wAeYYeGWINAptDJzuWG/Ddf+dAeBDJm2zrRlpOGA2HcW5HDM1xjS6ExmRH21nnSKg7D7cH+GasPQW4I0y9mquuIac21isqtK7ojoSu3Ibo8TlPd0KM565HSwkNOvJBA+Z2WrGAEKWmOcDgIMcSddrx6mhP8ExP4sOaO3Nh+sYmyEvpvIb47AiSqnIM6hQSoNbXaNIwmbiqHKq9d7TTgQlophgm111c1oWCfXSFCPgOyLC8ATVQ40Inav2Zlq5DHKjR2uE3T3YESuLa1U7q0FSwc9X18IrlCr7EMR9S86KOsCQH5NsvHu6Y/d0VbjTO+d77xGSqoRS3kj9V5hXNkoDwYUGWIHISJAOViQrRJPwYzfnBt2+G+AEh9OxtyNLtmr6cygfz0X0v92F5xyP5UHveAuyxuTNpbja3du0Hz/Mq0yeKc3SWwuzP3Lr5nmCDPqdeRqqpXSDa1PC2x7GD29zeUERulXhShwPii6sT0YOr9EcWQRDHQZfCzSP3Z3K65L6j2M1drgxxwjAk3HxaIPKHVhmHkomfrfQZDwRkzwwMqFm1ygLx9mGHDc2Q5MgQCq5VvvoP5TTv87vQOnqB+ufAU0avgyHsDx4oqb4qzQs9y6QYc5bHSIlJQA5ZpeIg/JAc4SQqkRgT0+x2KuRU2wlu93CnQwmvOnNQmOoCar04dje7L5+V89Hl91t03H+WPDWug9edl0WYzKWQ+HzZbpPL6JeyYJki+MNkb8LnahzTyax3DwLhNuoNfG8i/cXv9HVG4I/JhRM3aCFmkeUyPO9f34yHdv8lYXnsgk5bLSL0ouqq/Q3P1HwLySXqY9oRhq0Q53c+NpAmus4uluO1f2O97Gozi6yaqx8F9LDRrPTItsh8blJ198lSCQenQHARlxq9KYc7GhEHcJ0ZDaRzj9H7N+5VkH2ZaIld1dUtX9/glfnTIQ2ek/Y6S/HrA2v0SejqL7jc2Q4YrFBBzFHJ+5/SSZHT6a7ldiFeEZS06ZlN+TG5m1702s8XP6f+BGs7Ye6VSCskYQ+V7la1FhyVQnU+9HTDS8JQPvrlxHlrHmjT7SsQ7w8I+nS6xi9/3SXMChhaHcSpeWAP03mYL8CML8DkbSZK4/2u374MEVapNOqIj3XacLnomhVsLoRTwFDaddYLifQt3T1Kc4j0gPMlb9U8Z9RkP2xjkjZXTV/73pxEQc3UXNTKhJ8jagoC4HEED3mMEsyzwhOXJzIBsLudt/wO60Zz+f+CnLzdkmRQ58wQOhwE4M8XWmg80zNWWq3fWGE0D0sYgaeLx7sdE4X9+PXHG1DR7ijQilCVJO5zMmyChNiNOugl8LFXtZVYtBmhUo53aG1u3m7tQAGW3L6gfDmsmO3VDHTfmFLFAW07cgOQpnhJ8Yy/9Qca/ZtjAHrYBh39uVHxnFHMuukQ+DC1vmu0NRBeyhdCxRoW4JsSc51naY+qGUEVEjRHuG65EGo1xIt/YayPy8IykV0LbzOCzzTAJycIYGHk62ZzfNZiGpuISBTCJ+31ys5Gkib2Odh6lrIxI5lnq0roBfEgs/h8GDthm1DsjZ3sIc+dJxvyNy26U4ohlD2UqxFSvLRL+kOMfEeW67Nc5N8/QgJp7JgAAndR/NPb/Iu9+ilrXs/ew+Az5WU7xuHfBf3o2UU/f+8hXVV0wBHT89F+BpAMVkNKQKjOcpgWAabfYzHmhDDOP3q4fRJPnKi12llKxGZ5KnpK85hKQN7HBg1GKauZJIF3OT9DORI9ul+wmVr1dJD/yIzcs6T2RdNmkDywCoErojr+7k0w3gxY+iXM5e1UyNWRPUPVBIWJQ70h3lyrmn+qE0rgwXXWUGXMJz93pCqGJUeHhSancbNXZjFTViHpA+od84hULvaZQry09Rnm5t28phZ6bRK8inn6ugMEM/YyFGLuOlFBCwaI4pLVS1lEb8yxl9enb50zKMF59KZvnvwzZhwFAez4i1g6uvnOwzIEO6AxyH1E2WCVPdNJy4N7ogi4Fe1JLhfJ0CL5sr3l73b8y0eC51Bm7pcYMrgzJNVCkdToSxEmb6HnQcdyLjPEStzBaW80OdiBsJ72ofLM698CD2196O5E6AUtX9L9DEsMxgkyuzO3wN4zYdgrVSXpqxG28bmlU54E9BQT3oh8JGH9+3QDhOKePhE9LaUzYU8W6sTl+3bbgWWi0sWQAbFTgDAQ/G+wbGaSzzLvn+v1Vc+Ms11XDnfBhXES7QOYOlIOgPWfXEmUyru8ZCoFVvYb0K8lmMdAHg1W0MdyWeWHtfddPkbDW+80yRoapEEfMt3CIyleLQCaBELGXeX3yLJzecHvVGr+BVFyaDWBAYGlpduWoUSgD0C21ORpXENnnkTtm+RBHR5koh0QhyfiRQLQrKwxKN/+KMnfaaaBMNFVtEMIFges5ya1K1E8o3V/Qha9/vO8d2CGf6CjCcx+p1N5Uj3KngmQ+AgHLxeSfEWPf57gFNzu1uX2a1t9QOKt7w8j7TO5aOC5DSLoklToq3AJec+2WLVO16Hjt89pYyJ+sC6fFC8j5lGDa3D2VLOo+Akxbbtli2BvMOOitf76WX++Kkz4bIUnfYxacdSN/KOgAFfrtQKo1EdraMrV8OOeTeJGN76yvNntzUiKuUfA0Z0+3GfzHiocIjWxnhTaTUvWVNLzMkfG3izENh8pKb3/xUVaY19L30CPu/gN9qmFMvJQR9rw6zgrse3Ev+S7cp7EUbBP6PZCygKeZ9DKMZXtQQBiG7GMZiJdci0Qj1soekatDgYXIAHgnAIgUjObpOFti/JddPQGsNWwTf1wlW7bpDr+eUe055L2Aiym1m8tcaF9xFhlL35mxvUywdt55y9/RBZOfU4urXj6/Ff9vpxO0dft5L9ZeMxpg8LFdAkWhU312dvUqea1EsPAd9not6Br+V3dao0vNpDCnswKQLpekrisUdNfF5z4LhqvlRppEYfrdluD8jCmCo3oJse9Zun9L54iE5m+D5FYdlmtkrgCGaqSngzxcBXf5Y7tHiDM9tQzww2EMy3GuvTBI+4Dui7cuYTu4xgdjtKm4alifijWHsTvX0mMSIaEChQNxTugqdKsPgBuKxDj9pTQWGiUaIn4JENPFk2+ZUyHF9VEU9G6qZbAUUD2ZSHZUP1BR3sgY6iUvK8Eb80/ZEs4ryh/3t6wXfWcQ9w8AkrDN8awo1kg/p31jk+EhvcJhhnU7V3uLWh6Hm+jmNuYvNK/nE2oSecw2vXNRGszSYa3tKMF9i7NMhfSQgulMq7t6IylxEjcy4mb/VvmZtj21X7IfUCmq7YacFcgOTmKNhM0S2fmHkZkEVvdltojOwD809XIa+hfizwhCeXFWrVIq+X2W7kmgBfdzsv0dBpCZla531/Ju6HSc7yBEIhgYj6RgNIm3weoNJE0LOBtSq/EiHTzmGF2kBjd7RPfTzGneDFW0o9fbDG2iFdR26TttwaDxjZpQxqvT38UkRvXpnAmVfmbwzISz0807WfYszFtbv0u8KIW1Cf0CPlN+OVNMGkNcIS0B7arHvTv3ZRJhbtOvX95pX5+z0ChxoXoM1I6fNyLClLfWGhVJpdXqFMStOi3Ug9lrnHM+5TwUWAXZxz/jejAuIGMK5y3DiYzD34pGQ6TMGY22eS68Q4dAbAfmx/vvNQwg8463xD37sthKD+YY7vE6w+OnIAXEeD6gtIil5Ao4ldux7+9D7/AxOsViiyDrAD1/XQklLaEEg+LrXAKGCLF3qoWqYoCZVOAZLrbf3WNMoBgdTfXJ0OSnBC3xT7C03pwWmYbnOjuRFDY1/wfESCDYioWvw/xfFvp2OwRh2p1DDQgmaRLGxKwL8Cs1AHZ8HC0OMnVdB3cOW/tnwCkIHgCsK8sc6jiX7UX8r3Ld2QoTOEdcs4jbBCF3MquJCjuwq19KZFy1NAjeSEnHqpFrO7zpl/tT7aQ8ZKmAOiSZbr2Ru2cOfTGaaVk5/j3YsVniSIXUfmPimT1F8xwE35xapw2xUF8olq9jtzq2V9ow/6be8PuotiGhcIxWYX0eJcKzvB2r2jB34Zm5bgIO6U5+eU1dsGkKBGT6i6jKDEwE3HTt49iB/uwdbjZRl1iJ9ffn/jurZCzoZ2zOgXOkkoDciuUKhBb8K51ISdgYaiBB8JMjMwZdvzY2y/UK7luPEmaSg9GnCQPXVikMF+S9VaeKKMaNjwKl6nJAXF9mI25ZL8GRBbvpwUfRdNmla30Kj5JMnZ/qzNVVJaLjqrx05UK/A05DgglA/DDOIru+4F01/Qy3+G27JdEgt6zEk9fvRZFW/+qYCGe4xii/bnwca6lW7JxN9gDlSqHRCpIk8XkqYUQrzk9zcJ3rnrL52EISg6hpayHBr7uNWo1ZX9AQb+cew2AcLd07JjENDkwYR8wz0oxgFytWkoJMpai4P3QZEpltVhQhQyP5jSDJqaGNXmMNsVopls/eSepXJKdzjikPH0D1m+neKun7ghkFsZGCzZG/9BwnKY8tXrtqlSft4KBiRfsjgnxsoWAfSJ3Icj5Vg1LdssN8HzJR6zkyJEOtVDS079aneHYqk+YFdBzAk4LuLIN5NHLJVQr7RkhcOuWqgzxO0eGhCE993d2zAL0Be0PwjVuZfE1uuKKkriTJu0vKciepnAKQGb/vnfWhLnygLTBFuTlBsECbZXpqTeJMK2wQ9A+7pfPp6XIl+OCJSur2fF46jfMEjAVfgUgUHCqc+DGoexjVdZpFHm/putWdE+2cn+AATWXTwEE4YH1bMhFKU0GmuRH8axOrK5oini6UA7TF4jMV8GW5pAqDE1M+jCqa5pZ5aRj7NYC80fOKOMEJt0agudIEaUp290g9t7xDmIyhwp9QDpUK7icrU4JIcWJOABstqAdQR58idu+KoVH/ECt5DtuPsQtsb+ebb0oetIwYN+4lhdDMXNmUc5JJLCkVpZnsFm88+OS0MPcMW6H6maWpwwobC3HOBdZwyR4EC3+QA3tVpghcN5S8q/fD7nP/l3NfPZKA7kBkatb2A0XBOnWTT9sB8IblYtTFVrmx0Rs0Isf0QmTTuVzOaktvlRXHIwz9SOvOqDN3cQe4ZjiiVp6fQek42G4JqGdAgXb9Sgvzm4KjsUUJNCitOO1dLHRpBs8CDRa9dVL+LyrhT8/Z2XItAIlS4LDvYtXNr77t5/L7X73/n97rheLOWF1esCPxb5vX7LSQ6purChsE0CKt76/KcRkgGpRTZPddd8mVzm27rCn4y2iN1Hll/zgXAjhrmSaLho5/9w6K56vSTdxBw9WiVuPttS4Rf0qhzLTgETOuFZNT0jnzStf8aosR7aq40gMbezk0p9P7TvtEh6jtgl3OzxZ9VFvIgA6+I8o6Yr8XC3MyL6XQ7exF86epThSnLYUYHfEC0ou+C+EiQGw6YyXg54xuX0seytAz2LUEakn2Ou2ncnidiagr+3XRuHl3JEtwhVJCoGlkZl/AGiwaVjqIQX71KyzwFrWq0snNWeTeTk/Rc7AwZLYfdEtc2smfUl1ThFFWYrHVliVzJEbVGFuCT0j8Fmd7dBkHwQoCwP+Z3F1lSrmLPy2/RzY9LZqQXvmyJaZAd5p7VQbPvnxM0ZateUxf1w9ljjGzl33xK7Ftqe/1EmCQdopIlkxPvSAK0xAjTqB0EnTjEU07j+7FlCmz88N+/WoGow8BI2ndlW5u0s7dM+Viu0f40qyGw75sLSzrfdEBAiflTaKCGiq5CU95rtLxxzffnKBiv2I8hlv9jUGJ6RTOu5WRpuasM5BukmjFG8m6R9JEUZLgoyerNXrcVMnoz6RdE2Io4DkQfXPGSkEEg3kIjcHa9BQbjU6cGvfVuKwn/iA9weE8CSGo+ht5EQCbs1FGQGpI4y8TM74j9fO74diddAH0TeXuQfiKR9hE6Nuo8H+qUDKLjQ9bEdsUGl4St228q3vOVswKpN4EqdZKnaBaXp0SXPLN28CO34cplz7ZHlwQtUxhnF/VktKjfXf37CZGg/f++98V4xHg7+4UqkkM517hDQM8VczoEiTdvGbIy9HVftb3K5cgvUd1hkXhwXCJgw1QZkOawsBd4fL/epbi5yAk37euHRqc8IFcywkc3OPbOZqiWtdfYfn+P4yB9xoZDYKMSCjWv7Iy4Uzot50OmozXQDoDpvd+bdzIxyIk8kpzxqXvEP4Tn2Hj+nKNo7kC2HxD9tcRo1C8dm/n725R05pEcTtjJ0Z0/BYdltGGHFnghgg0pDKgEnf5lbEGwyckLzd/uFcqX3IyCmN9NsKl81NBmEKPwv/Fp1TRHkvLwTlaks42IA97yc0wXbsDS9o4xaGEqKL4CqyUrepqyZQ6kkM5iyCqOIIxI1owervUb5zI9AgXFwo6aCkxaCVCH0qH3lAE4qU9WkFDwAMO+bOkwmdYoNiEdgRq9L3f7pBM+2kxbyTw0q9E2aRWw1i8aFF3p69kRVMy70jGZiZVv+25BO9G7hoAINlY97X1sKYxSC0lIipXDFEquy0JvBCuSohmynmPPXe+xQUfbLBQVe8HJ5Dl8iwkLhmbJW1X2to3ZQcATDbSvqTpC4Dhai46mndeWgNOCzmv5UkrOMGpJ5uHloeu/GmpLVr0dGlVmV7tUGtqC5kU8K2msGr5fhbFhlLu+MPRZlr0qoAzXmJ3ScmS+vT8oGpc4vzJ5+fwUQhMVoQmcGcHVd7GWZ9q+cV8dfnm8NW1BWbAPrOou8lyC0HqQQRjdHolr8SaUhRyJ58L43yeetBsC7F61SntqCCGvkfsCgf2xHTf8Q3ErwnKKjYNGK8DKWOumeqHgubVKYnsB6Sk5rlq/jr4BCmfTlTbDR19+Rg0gxEGGFt4ywM7ZjaSM9NYTW3ymx+O7gi/XEhcL1kgDDOU3HNKT0ic9sRRV9ummLIKHXp9sZUr2E3clcvPiPKoNB7TaEoq2dh2P44KLX7lN/6qQovDad7i0DwLFeiVf4w/yzvy18BVnz7N0o6f5dj+keWlg5YQCFsG9iO9MVi5NBdBfF0bUSbg7Xq2gQmx4YT96pN2KeXQpSm77YhIMRZSUr8BHjDHA6vayCxWyqNd7bMpivGbnUH00c8+/n7Zme5oljxDbkSjhNSLDmR/pW/aId1uLrxl7cYo+Q2jca8ilk0jvBjTHQB/brPl6EJXIKQpIOfGodLLMmUnxCYS+ZIP6kldodLSoVxlnakPJLLSIMMnmOxwft0eNA0D1sJPt1wwNJuXu7chN98YHSKuTxpbOGinozfd7yZtHtXzaFn7XGMIigm9HfTucHRpVnk0UZGvnOMCqbYka3EASw9prKFkBwMzGaSd1mCKJKY0VoLHv5gVOvbLjuH8kIwEs/bo5Od+3cBtPgaX6HGb9jMR1iQhd8ajgF9UEheE4DCeRJvRTTKCsZ/Ch7Deh+h2FqGLK9FusLy0ZrQu5AfsY94GptCK6Vwvr+fnzqK5e+vpqUTH05T8thZ3PnTjaNE0SLSSo75oKRGiCnQ8A+EtiWMLEKsL0I1daUq6ZPBSWB7GLmKQYAThnOCGK8BCK5FqQoCd+j/CzHWGNYp9hjOhAANPwRtMkH0GJDEx042lCKmc+lvXca8AQg2lex8MISN2XWbXHbI3W9ByQqbeRNWwO0pqDO/c2bbfW8m2LFBqEsj8Hbs5tQXoGi94gj1EZgBbIsS7uOhF0xfql2oU16Lne/SNM6coaFyn9o9tXV6jcrxh6URFTXjbsxvXvkkTtxTxvK0PmimYBjaPq5HvVen0gi8Xkkb1vz7DPcsAbMJbHQvR85IVnahvQ5JBiaNcGzVPlYOgjMqvosOgQTa790mJHQ9q9abGVnghSITSlp+2tvL/aJole92Ry+icqLAMVqDL1qglG7hgBYUoXf+x2DC3jUdwJqoA4x/wNoYNLNt0vJG0a1RtkJA/mbUszCBq1sKA/e+9o6tF9dm+ekcwPSzwYsNDR05g2DqiBVeEQGPUfAHqoSumIOgBB4KAXdUz7CGrRs5hn/W+aZ+yIWykP4T/Q2qToy5YBHr7YIQtjCs8do4WgAcKOkE5dLwcgVpgGbWnKOnkMQC57AT0g/EagwRKnfY2ccu7T6XXxvL69wCR9Rfym3LBE6x1QEqPzSj0OtWKXPmkDffN/YeOCPsgkPDVcDASJ9fcHmGJsm0rcQtQkVuIi+aaRq40Tnxak53AVBDxZ04mt+BuoFjczi8QUmCIoxnGxAaXSioXO7VlYK38yJEgySY35HXwzJwskLscdXO2X0mCBRCzqBKA4LU34G/txDYcXN6HKdttln6NiYvzJtez1mklZvT2/hsYTNAwMogrXt79nT+pqpre+WZLZ19DsoRNbGPAleeGG3jk1tDjKAbMvWauuwYQQDi1D6MvSGAZ8ktnLGVuO9+EkHnulqx9zTrNyvToV2N6qkgsnHKotgCya9Sjr17MwILsPAWY9c6f7tl8Wz1RRS4qvAUNtp5wl0uTVxBCb4CvYkTzfUKUSLndqttGhQtSqYTgCltmFVbQVZ9m8X0tPF/rJVo/EFlIYdOsD8e3ABIX/VUk8l56lP3B8rsAdsa0waSZ70QKu+/mSt2llnlLR0RImgK8+HN05KU51z+Ccwq2/4+oiIciV3Vno3oNRv71Zzt7s+5RmRj3Vmsttb+HJqwZaJ82yZx2TuSWxAuEnk+e0OL2Zq/OVxw2iU+yf/t47Q0561ZqQA/6u+LnCFg2o0I8j3OJUjdHxUikk61u9ZEwHQbcj6lH81k5KFFxI6yYnDUutr6Tnx3YnXKX4yAVk4t4xYQpWPZMORzwTtBTZVoabRr8Nl+9PKwQ6oDTmtCTidKmAjvP5nz/xXCzaX4bAS+Cd4tX6Z0gndTjO881sKUs2ID7bkYJBinV2XPiDLkese4RzVRNvrRVxh+88a9M6GXqlgcLr9lFeHlL9KBxjAZB5Ozs/xDH2ixdxoG1scBw0YLDpzAbJqv+RMmHsBtUaR1kPL2tDlAq7so0Cyobew5VaI/Fl9Vqxqnlckm5LbMG/WzoPqGchdzNZhDQZZXat4WUfg0nF0Vt51eX8cwCxHmeOVPWcZ+QQjEGWr3ss4ZBFdoaU9kB87dpIV1K7YyGgZSmnm4a9KT8Cw+ubsFkksqYo0XgpeCEo/b5+ps91NVu+LV3BNRZphQIzMt45KS32WZO1T94j0qubI9Bxs2maFwpjYEs34FcxHkQB2Z6tb4PqYJR30fxPCQn0mcPkV1SCQT+Yy4GZ1WQ4wQB3R3E9kHXSRpRr5TqVJDFoOD28E0hhNL0KSocW0XARgHO5dU5f32wB8KvX7yN4C0NMVgtnPIyWYcIoxwAt4agLTkNRrF8NI2WJQPRuFLoYA4WyiS5xdiuNJRu5BOH5ko7pIoPlq6BW7bBjxgiO1dDSFqWqLxRUkaisFPglPEwQ1n6n3Iuvvm8S9ggCJc/qGY2vCdmVoYjI8Een+K0o6yypWUgaSnc2PxySn4BRUS+xG61VnfUrINk43eFa+SUE22SJ+RPALjQnz46nmj+sfn18NOlkji7ldGs8pJD+qp1fzfrzt/qfHhRXBuV6ZWE2rzVQ06DabQUb8OMvnMhJi24mSlEdIuCC+Oz2bpHJXBrwAPN3N8M0IoxJZjmSeR+biWcqRYNd8NVTd2QXtjPJnKEXxyWydNRpw/UfnFpi+AXkwsOdFNYoSlfiReI4NgkjiY4FB+ntIvUVjCegli4JhiL0MjgUdRL5SYTztPsl+XPkFS75r7TIL21Wzy9YDPaAErQozaQBNQkHiam7Lsfr0Ev8TupqIVCDoO3b0sTG+ADLkki5qubtuLv0paM1YQsl1V0azr9U2DxlH59JtChmhp3puEt4llTlCEre3rFSotnCFivoQLMeocx3j2R+qL5M4U3178mUVENNwQ3q+1IOsc2Ch1K1TB+vr45cWmQfOkrBXLVcjn2wM6MThmMHutASSZR2hv2MDBoTjtzcoHswz/mnacDBynqS/Qc7HS/X9XHjDNAf61FIVl6qgJ9DWMcDgJYXDyuMglGVid8KbvP/4byjh8YrK5UpxPpM34eMtS6VmJkU6fD87xA9MyZ7kEFsf+gnUkUowbkRSU4xrRKmYs3LR87hv6/NOTzPMvpYFGupaKpXJRPe62bVlsdX3WOiyY5nlkysJfFhAskUnphzFTR2s26QUZvWlvCfa3O0mHh0oWOBEYQq1EQOtULqc1NnZh6PQJ9cF5b25If4ndDsxBib+/1aqJecErCVT4hlB9PdRWaJjwryT8dx3cYxVIEQPPH5CYLww7wPe4Eq8/fkprODtCuduZbf6or6ErnNgmtGXgFHiLN2+wrhZc1TEUr7oTnDLk9dfBDOgtrtvt00WmtnomUwJ3m9uFlDXBlSSs0Lidcz36kLPsHnWqaQiEKtIuUq1H9tn+M3Imk0XIUdP+mui2S2u4CL1labur+ro0jt7gbaFS+UvRRsfbnDN+8za5j4FeuhIjPLR2TdYn9vPOGuXsdu5yjPDxzkzm/Y7SWJ3xJfPDOogoU3iP9IjTs8bYzMYWzNGPtI8bkmqUANibuq4ckq3SwV7VYyAO1CxU2eVlnKUGy2RRKty0H9eav0nQHcjzdTmG4qc6uVQXszK8SAMvYJJrMMGjRpMGn4qtlPYvC8NLWs7vylJU+HOh+eLVTW4IkqsVkhJ8odqRyCSwEh3DFoOT78wk58k5yQOD3TzRyZkeppofNMBJ4A6dQQSe2la5ngw1wKA0TU2wEnEOj2fjbJppygFbNl3liO/f9OMpxlzdrE7+K5ix0oKk24GJewx/l51Sx2oc3gPAb1SxnfnsOXtGIa1qVseNFIYto6+8CAd2z8IczjBGQ/G4GtlS51RxYdRr3OYGZV0DbZnA5W5QFawU8ZMKCmVnVHUj5/di+lNc4OoVSLDJLUm6dIyJy8tLkXjcKBJLn6a5VmapWJMIHFLlKOjLekbGCXGiuwuCTymyESt1k4Vz8YiKZoohUERg0bhisVLOrK1dtoVL/Qh68VY6vq9WJIXR/Wf6LbSCDsW12R/kPb9cm8WKL48iD9Bj6+9OgtT5042RNZU+itfCtt61ynxRy7QqfFsGM2lJ5esCXPw+RBAuT5G2avT/bWKwkht6TuJ8WGX5kTUtK88ZArY8zot6dJ26cekPZSr76sP9cPLwyRJmClhrMDGzzkWx5DuNfTE23/BvBK4VLg+IpvXvg5pf8sPELDGVrgwu7BOLFuNWPvuLaFu+X0Y/sW6/IEQ+m/6DwkGrHED+ve+gbFV2Cn7gjEO6g5h2AysP+yuRC+j6pZ+iJOyuPH+XwL1//Iz4Nf/ExMFMnHU/IVD6vHJfIEMOlcLGxvxRhrR/1iDfeWiUposwR4qmRAPFDCTVe43iL2LnLZXRRigriDPJ0DJtJQewFe2hvndaeCib8Iri1XwESpT/4FOOcPnvS7J1MI1dhrC8ZKDfMHnUzQdwPP9J3ZCe0IswZPlkrXOPyOxCHmlVf0DC/Du21WhDNR+wxEvtnFM3eOE81IWU+KSLW5cPdwPAU4dCrW0skZ3VaPjQSjJ7TubRM/gcxfbMAzFjP4izG0bnk5jJnlYpyu6rn7V6WgU08FIO2RYhYwLNIDsgi83afJUD+WQAACz2sFWriBZ5aOZdM5aUCXIG0DwpJ4chxkEveijmPEFR1bU+jF41w96/Ohlrl3BLcV52VgcJmVqfaxSlslbLz+mxe6scHq1H48vogtqperp2+PZoqu/ALMN+u6zemFYupndA0MikSKz/UU82Yw9fc1p/Cy69wqntRo70NM8RkmioNb7hGgVb1cXPn2jPQ7Zxzv3x6IW/vYkQqinf0kZtRiSz4Z2CLfMQD1zVyTLszetsqlIGvzXGHMwmgOUwXKWrpbo45VSi7wRKlpFOXBXwLmQovNBjegiEIT6RGO6Z+DbHABTO2dz65AfiKfpArYaHt7kBjQWLjOOg2wDcxZud0DpVYZrKU99TOQrVvowTT3RumfYOuMOvglB23QXAyJclyD2RylZEkPfdpaySd9QYFW+KYeqHfQmGniOcd14KNI4WwMEt28+4znz6ohsyJg7OSiAu4Bq9vzPWRMLOGqUeCv/OPhy4mNfU/IPCeD7iM8IEoJbfq+Q+if+pgVM8ZgpQvvozUNtGaCTPxvUiC70kN3Uk8Nyc71KJStI7Jci7u6alfn1nl1AvapHjsfUFAoOJnABs2izPDEfdv7jx9fM6S4vI8MnGEHS8H1HDpwsQlPgO1bOwHUR/lW6K6wagYvARN90zil1Q7/nfwQwXH8Uu3cIMycO9GG9SgZiboGb8nea0xg2XUBfVtYBqcNJbHsoP8D2Wy+HFwmNDN5QkBZ5Rn4aAG6TlypIOrdBz8unsRV3OcKMm4aEoZUNKYoDoT1i7MQv9K1L2O3s/cpNPKpfyxZ6KkwC2EU3ALEpzMgUfDA45oCB/kx1TTL7HdT0ui2a47r2/SheuE3RHAMpqXuW2lP5kKzTkCm1J6wt+dVB1DLWkkcVdtS1c8GrY6dxBD60dv6zXfG/95ydOLPTT9/v3a5ATHZt5ovzG+LywFdNUfakUbc4MwctAickocPqKg72e6SLq6qlJBgDHGLeLWz7O1YOWsFHvMWe080NoHbWqrOZL0upAmncZhuSKT+UB7+C5ozvUAScN1s0tuhF3hxVRXOMrV0KDV/lXbWTiTckNGMMmluQxbKdD+6DcFcQELyNnR0XclR70w6Iqo/GTKD52fesDf1A4ISJAY0mdUEuKR0MiLyFR3Dzrf5Tf3gHM4S4obRCEmlWhYLqcxUJlK1Q+qbhpL5SJkk9NVOPOju63+RdEZoA7Zh30/mgElNZKAgOiQJjO1NgegJ91PXrm6ZO28dCokBAdT+O/ryQ/2Cu0ExIVkBmURbHonl5/Q0bzqNjA7iNxPu83PiyvAUBfqjA2EHAt44tu2Y8+24emtb9M1pPIYe2lEQSaA2AKTsqMIp5xdUAb0ylq9EGSBpO8hFGYtAi3fHFhvKxfTX7WliyCD+ZV2gWusPVLCo2LuYPeg507vhB6NcneGmieH1JyBmacXlDLO1hBOM7ot2hKYT24OEmSdych/LkITzuueCrZTyTAVx9IdIZ6QbWPJ0KaK3yvQ+SCnQE5RNxUiI3HMNIzgQRRcponlmwDB9esM/qk/pqobd2rq6Q0wH68Xa7DmrdfMmZ+KLUD/X/ApxuWonhDzelD9XYuGLE1MZbyzQC/5rD8qny+Ak5Zi0sRLCPmgmbNmKnqMqbt8OswjW3j+DTm8i8wgjFSkNjHzAcrz47RVXS1i5YGSCQT5QUM3mtJh8tYNSgeCY4b5PPf1678/dDmryTZSRXl88KcHAWN3NFJvFZ+e1KUivbES22UlyyzD3mcUhPtQ25HiKQM7eIFfrleS1MdeHN9q96co/R+jiXei78zGz2ODy/ubPgJqwFkz19Bvp0g6Tjx+IngKcobSSr9gf1mLsVp7XXheUaQoDIa0x1+Dx2rSDOOGaNG97AzzdvUAANXhWRJcq7mWCuYDYRZgK7/zi/UfAeRWtBb1P7zIy7SIkRNkP/CsHOGXAbzv4WR+2kVPQQ3KwCApVecvuN8Cm61opiGTNjTtGIWe8/zRiDcMpMxVJibV6+mlHAuGCikQ8KVjzIPUofSGlIbKaR4qjXdTRFbayFyzwD1DKLPYRPLM9h63CdheilDmXHwcGskx7K6JOw2ohU0OqYXTiraNUZx1g+U+PVo5xQ466+Drqk06b+CM5oLieu9WpYIu2kWpZwYFFzU1EgJ+TWTesX6cBpHGqxcG+nCR8EP0myOhDeephtpJ8wExNFXDYNRL0JA8SrKodVYT89vjkSoCbDTzYYNbLx9L/ZE4ofdbSz5FANmk2FSQ3tnT/XIjdUflT32keV8gecAz08wV5NKzhkhDx/oBaCgHsOZ/iglwHgEqpTiIC6vq1DrHn0j8Z3RUalsjLoouDrM9hgfCSv2D7DprRn0kyGoN5y0DGl41tkgpUzEQPva2dT7C7qkgwL7EJIFnjHQEGGfLQ0T5qctroLtpevmgIQN/mjHVgOqZasVkPb5jzeX+UijkPJ7ByCGTV6bzuXVJ8nEujEEgUn6SpCvbyO5IjwVAZqkYkj5kdudqzcSzYq1aCyW6pyocS2h0tw/L+27nkZP9KXWfJGi3uvT6U8Ot60vwUWu2bQRVdwS+xtDNAeuyxGS8NC6mYaBCaFEHOUZ7Xp0a+nX12z5I/Icd/QsYMC0N7d9uH0RzH4J/d+IRphldnpYI9OJkBOG/2qnnHXSJrZVSJCtwTh10stK0nDV75qdOgJ60BSu5GgPMqsXMosES3H3JGh1JxZdtU8ig7XjhMXY5VBORTmySs+jC8rlTe/+x/X3IYszlIjpC32vtBr6A4L86t3aHJWBsEj7cA7Es+dP32d+chwlIVK0VxXYS6xp3/P+Dn7ivGAjy7k4qMlFkHVrEDDkQukx6Rxs7e0panmOxtLIp+nlXFyARuIoc5+3f6nAcPISGE+MTSD+jYog0mDPBs7LSMt1rX/HfPNuC1i27iJyC23gCch9f94YeKSdEolOGRe7OMauviBtn1PJMUFX7TTXlftlwBLKAm3uHAte592JZNYys+hFbflMN0FVJYlVm/k7npiyer25MFamUTBSWsh+MpFoFWRW1lvsAzyOShztCtGiOJpACStkgl4m5GEjSpnAQsyCkKbXyfXvK6hveR/3dgR0syU0efd8MB51ctIzDbRlV12J1P7GT4nklevdcD5iLLz+GMrCCQUTBl19x24bkeZHPo0K7oRcAxOJt3D236OMrnPPk8Ba+UYRSGWQGs9oELHBwn6+2uDTQfLDfTca0VKssniKDP2pXrh/gxLWJkJ9GPiTHtZC54wceDVEwLp4xovGneaZauoBf+LMaTNC7FPbqbkFJG/nDCNCWRgFNWP6c4ow3sAUy5sqwl7/dKPPJ6yJyil1Miqrpba2gLNJJsbs+UhW9ommr0zqgYfZ62+uvKdctpTkkyVjsj4pX6jvk8NbcMibIMiWhK7y3WuFKgXs1ttII0pTB4eXlHNRFpVqHq49jTXUS47CS4MUawJoubjHQH0T3ow84QUub2co34zn+F/ATLDsC2xQe4DOOAJ5AsHI1Pr4JGIP4v73Ve8EZqdDhqUdDsYOlk6GVFt3dFryx6VtOPLP2VphraxM+u0kh+qUnvtiQtH1PjTxd3cCQRXAlOwZpzCL34z9VQLL4OexNzd2uuHSLBvQ5pqLG8HrQdJ+RpIDXDkXwe0d0EUUoQxUnAbvBtkVDMEm/Ti3rsd7/1/jJvuKfn2Ju0JU8vVNZdEYWMeujJTenJT00u8zFAjmoyFND9yM6S65R7BbEkFLI4wuNjOFmm4pw9pnofNezNE5Fgb1xxREFqghE0JOexGVMDGIdSXKJ3CZniXuZbm5MOywkZ6F5lFGJsCpn3twzFfE7Lx0bYyCNy7efQdBFAKWQQQcinMeDd6ir4W7P0iVaeatWfMHQASdNpcQIhDf3ktr3Df9Isn0a8ZUT06V6L3+wHKP7Nk5QQ4WZJ0QqT6bhnw6HxjQrF1M0e0uunPtX/H9pp/91QVFPYxtTAP0DMUd4oL/NA3ELMWobU4qEIOOTdnZ1/xAUiHrh8792oc5DEGB6iy2kcJeTGgaBXQ05kfPami+ukeRxmQpDPJFy7S4alsURgY4oJ8jxMYuO4o7C/94VTx30DJuG6GexG029QSBGDohga5OclKvQnkv2lCUMZzJKYXR2ewcHTckQhAC9eXY48IzJpkzs67ZuSsI3yWxy9+uqFbp5gi4jiviC8/KyznUyns3HtnmWP3Tc7KglVkeQNvxbh9ooJtdCX45Ov7xWwddWqyRqDE+3PWcU6drxJh2X7mO7NwfUEVPoqDkiyD+X+lsH0jCosti/MnT9I7CHdkZZGzpCqx4HjrhCAO/y5ZF8mLIGhTpx/licbNxYY4WnRSddzvg6vkZRK1SYI1oOUT0hq7diTrGdXKryogBD0gfObhvT+GGg7G8KsQqJZ4bRQCNQt51f4/SQtB7w3XgcsXJS7K8GKU9W/bxuu30bPK/pWVBTrnW3LDfH0w7Yb/M+ZGvUx2lNGksJrw4Q2FpyUXn+lY6a9McHsXmjQzBW14A1aZWPtS59JYn/zIMBJqykPJ1tn0RQ74PIV5QXusYRknbsNp6xH9DH/Jp3CdIaM6oJeIdieWvE9IrARpmjh6gd94sQePkyZ6h0lGHfqXw95WBp7xW+LTe8fJGUjpPkL2ZCN9Awg/Hamad9qabtdftUNuylbrSwC74WBzCgO1ZkCb9oPeqrFcZeR4GNbMt3Jo/DHrgTJbhWiN3OK69AR9V2fprB5TpQQIvk+xVnVBCuLVaXf1F7aXDTsQpO/AXwphYGu2OF/SzOQH0ntMSRMFhQ/BmPRvi/jIV8cPQ/fgBpy51NmW6/BqxSBE3+HSf3RBPQ946Dq/WVrXtf9xpqBUWi9caaoB4pehYkpDqg5ZqhXzwmGjW8fR4c1I+/qDKelq1QozmZ4IoXcAHJAPGX2WZhmkFY7CXQZUxVuihW3UlosUb2BzwoXBC2pKskRGJVSbHNNm0TO4Bh8PMPKP9ULVAzy5vWghzTeMKUtYDEiITYtKrQGmlpXUseSORtrq7itK5Ih2jYL0=,iv:ji7/9nK7A6mIMD6sgFasT+burD/fsBwtu2DiVRD5LQY=,tag:/r43jY3wun62JM3eykX+gA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-01-16T08:00:33Z" + mac: ENC[AES256_GCM,data:eWWydBDfcm0NZUcHpIBltiBWSDsleNzJdpid5kmDadm/mFkWyld2OOdNUdgyFkr2pqG5K0YQ5hdq3TZSJjgzFf8wsVvqsqIfUYfmfmIKuS5/ovyLT8mtb5pu9f3B2yfcnB7l1sn1ci7P/osxs7JxHHWC6npVSmy0sBOz/SZcuNo=,iv:N84LmFMWBTso8losonyviH8zAJQ9/7u3HpZcC/szxUg=,tag:wA1qG5NndcI0rfoAWyovxw==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/matrix-media-repo/deployment.yaml b/kustomizations/matrix/matrix-media-repo/deployment.yaml new file mode 100644 index 0000000..182108e --- /dev/null +++ b/kustomizations/matrix/matrix-media-repo/deployment.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: matrix-media-repo +spec: + template: + spec: + # This does not currently work as there are some weird expectations on + # run scripts as running as non-root + securityContext: + fsGroup: 1000 + containers: + - name: media-repo + image: drgrove/matrix-media-repo + ports: + - name: http + containerPort: 8000 + protocol: TCP + - name: metrics + containerPort: 9000 + protocol: TCP + volumeMounts: + - mountPath: /home/user/media/ + name: ephemeral + - mountPath: /home/user/config/media-repo.yaml + name: config + subPath: config.yaml + readOnly: true + securityContext: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + # Right now setting this to true is not possible + readOnlyRootFilesystem: false + volumes: + - name: config + secret: + secretName: mmr-config + - name: ephemeral + emptyDir: {} diff --git a/kustomizations/matrix/matrix-media-repo/kustomization.yaml b/kustomizations/matrix/matrix-media-repo/kustomization.yaml new file mode 100644 index 0000000..37949a3 --- /dev/null +++ b/kustomizations/matrix/matrix-media-repo/kustomization.yaml @@ -0,0 +1,15 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: media-repo + app.kubernetes.io/part-of: matrix +resources: +- deployment.yaml +- service.yaml +generators: +- secret-generator.yaml +images: + - name: turt2live/matrix-media-repo + newTag: v1.3.3@sha256:59cf338753598af400919caf332c92dd0e8e6c6e6e5d18270e52552c7c1e3c4b diff --git a/kustomizations/matrix/matrix-media-repo/secret-generator.yaml b/kustomizations/matrix/matrix-media-repo/secret-generator.yaml new file mode 100644 index 0000000..0d9eee3 --- /dev/null +++ b/kustomizations/matrix/matrix-media-repo/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: telegram-ksops-secrets +files: + - config-secrets.enc.yaml diff --git a/kustomizations/matrix/matrix-media-repo/service.yaml b/kustomizations/matrix/matrix-media-repo/service.yaml new file mode 100644 index 0000000..f7f0574 --- /dev/null +++ b/kustomizations/matrix/matrix-media-repo/service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: media-repo +spec: + ports: + - name: http + protocol: TCP + port: 8000 + targetPort: http + - name: metrics + protocol: TCP + port: 9000 + targetPort: metrics diff --git a/kustomizations/matrix/synapse/config-secrets.enc.yaml b/kustomizations/matrix/synapse/config-secrets.enc.yaml new file mode 100644 index 0000000..dea8ac3 --- /dev/null +++ b/kustomizations/matrix/synapse/config-secrets.enc.yaml @@ -0,0 +1,122 @@ +apiVersion: v1 +kind: Secret +metadata: + name: config +type: Opaque +stringData: + homeserver.yaml: ENC[AES256_GCM,data:9O2YODDpJf6FzX6DojwGaIYkRs99K/GP+HCBCb4PO5fNJPmyEaN3DllpZjSn1WlgMIMi46gs7wfZJjoJRVz5wq+owwmZw+4lrAnYN8niNKcYoakuHn57WSzlrrqZDMY5i0VKZ1S+QATGll5Wl19AjHIuVEbJ5nQeeORVq+n7voG4/MX3PcZINjKdr4PnTwCx21TrPb9lRunH+oGhbHjMvx4yxNzqOvrvuFMSqkC/lDWrrSfCcn14qbLhq//OAk+c49IUkHTjJVbaK4mx1dbi7LA3rsZmb5cM9iFLPImWZnlpGM3SZasO91paiV8EaH+EkyA/4TpWODi+0KCiwVrLnOxEvmx6NweGOIaWgk04DgFomD468F1i0VVksk5/FwM8QvS8cIZ6Wqk/mAtbki5pnpvSZMrWXV4WSja+IcpoPYZjYdzttiHhxqoQ9Kkka3AqPEm1Nj6ggYtgjfE78dWVxN0jcKTXLV6C2T59jqpwyT9zmIpTJZ6AbZL6hafBprJenwD4mUO+pGzW1zs2nzDDr49nRSLtnRub5ecdYgZTPoInxxJYqbgZIjCYfwc7Y49JeSxklQXspCYZf+xmS0O4w8FzgwWYKCcajju4cRKHe46oN6QUftcmJILyt4LVSCuKzGsIKRnPazPKWqPUDjAs7j/i+jCha6gIctF5wvihfrCXHqD0gHa92kR/M581C6Ch2LFTupyUZtyZEbE+Y1oPlYyn2psBohVm/izl96QKuX7Ujco5Iahf7A55CTMuoBqXtvhpNwZVcmLf3SWiFTN2LfrkG2rXarvq+2TsgMcFeNia094Yk0gISR8UTu7uhhKuoPoFMN+3cCnXqiqMHoehbT9KyV7QuXG+M/jvGnUKPeTtp/Grmd4arvLpFp9UKAXbVkvFCFyTW+562qRnh0Int88ycr6FBdQl1HTN+mQfz4lNLxNomxu+0iDMaNP0+YTncSRragpjV267IUvWzzu5Dl1StD8YUZ2/J+66helA3IGBVlIqoeoAJyrP+GNuhwInTFVBlVxDyn8N/VqJuFw3B8c2W7BX6+68asZROeaTHDu2rYfxVWhGss7oKTxz4RdiK510tLh5OtI7M5f2b8gnhqwTbsiHM4UaCXGP4JdmIsyLcUEeg9K1jQx/LsYCBi9ZaegzbhIvgi3r12495Fzw5gWfZ5Xsf7gvQYR41A==,iv:QemGZaVH7IHvLdTjhr+R7FMyuJlGk9UsZMn5aILwwNg=,tag:N3dCm2v044ZrOgPjWSrjuw==,type:str] + mautrix-slack-bridge.yaml: ENC[AES256_GCM,data:7prhlEl/Ftf2CJWX67OF36fU386C5aGtrG45ofQCepBlI1Chi9ntswRd4VmiOnEt3vepgy4WFPRrAGu+1ycvILgCztK/2hFhEEmnf6vOlNkddXhkyuB9AgOTeCZ/ieTFXw0kErmaAvFwCkdp/SZIh+rqOTGk/3QoPqv7+1mLTxyuUOGeKlizs+4AfzFqpommfQNC2ZPpbOCtih/OZty+nbleyYnwBCyiIEOSI/to8m2aAIlg69fIT6cOwj4xiglO5dovXtr3Qe0VqkxBPOzD+1T5cFl2Q6zW0pFI320lP9MDwif92l8tTUEh12io6QtI5vQj7sNOoJ1FtnJwToL1V/vjESjl5MN1+LpZVicX4V2fUevJbms+7HUJFz4hETv1x/9tNmGSm5blZBz3qtUBJM/mRyBhnznjok0E9EXbGI6ox9O8scsvmXSYnkZHgFTXerqY/DmWmfFenWJLopNy7x1YNXUyb9z90//shUK5/Knau/YcCAKkDmzg6RObgHjkdCx/lfVePIkdKqrwS52lL5+CCgIKDVQm7Ds58E/0b+84N/6FWCwy5YV1+1R0SEywgVQ1WzjxJnR/Yg80tKQVqAzroFO5RWhffQEAyp3YQSURVQiZw4L89UXrfSvDvXu85olcGq1rXWGrDHgZSo7NKCbEQ29q8LsDgw==,iv:GyV3W2Rl+0T3pwrV1/Qv3OV4gYb8btnHMu340brhEcw=,tag:xRywHK6w5TfUdZTfS9XYhw==,type:str] + mautrix-telegram-bridge.yaml: ENC[AES256_GCM,data:WI3qnnmTi6/k0BdVOLFndk9nQPlBXMwvB+JAg68Q8o6eUjaFGQ3UzitmexxmX5JK70G6ZdCmqsfsut2M2eGGxYH4FrwP8nMIz/vtD1IeXciu7IFmNOptNC5NZI41C7UP+OO21SFPeu+tWblu8qa3+OrJOQaL+GLLnRDDk21w6HTR2vvRieTy4c8NSC2XYhoiplZ7Z1FIRKTO75jjQN/L8bGVM3a0nNCmi8cGt+LPtyJBv7Espr3l1kUhiLMUxVK2zeP5HRgXWxB9UeUdqdJa8Yfz8QPHQmroOTMsmXLnocM8LVPOleSWLrYfKvML22g1oTesR5LxazdIc5BRL3upPwz7AO6nOcOKNZVuyVUUmrg2wNscKs6r5LDBJzsNxte4OEtzygpVAjHyiAqYU61atycVzYgfziY7cy0dUmkhikyBfmO5mVFP2YkEINtPkX7tJW4E5s2vqRP8L0PB3rwqBPQPHr3llsUQf1rKLjEThwEcWc1OBgDaZJiRxUd/P5m2lMvdh+hW6y8gDNURtY5uwSh7k7DNJ8n6MSzX8ZnhBAsuwg9tXU0YwgR+uT14D3xsGfUJDYTKpsr5ejY4adbQjOMzgbhadz8iKbZdr8cWVPotBIR76SaGgRXqITWl5ygf1N0PVkgzrkTxdLmIv+7ttqndblkjyW/2W5NvY3iU+skC+GZpgLNDEmGGkmITpBIfxEEYBLNQZynD+NaA9hiATr+TVzAcp760FSOqbFLeDMx3YOpbcNQ77FdPq6qcCPxfe1nstzlQixjf4cEpdfuQWkFZIrlV4EBYh/WNH0VP,iv:7PhPWul/rDWEJB5ecn0myPMwbC6akihS0xZEvyeEB9s=,tag:TMAusZ7EneDQgLsthzaL8w==,type:str] + doublepuppet.yaml: ENC[AES256_GCM,data:bA8r1TZECeDxIuUxkBcM0MOFdplcB5wus7KEir7LfPWFA06aUCz5o2BU/YKSzf5NlEtwQLlCiaDdONPPfLMvjHxaXBfyd2YCIoqeP7GCCqRnfZE4zaY2QajrUkBZQV9DAvf23Mt9Zw6ByLUHWIGvB95WOGHXxKeyDo0jnUgDWu+Osm+UIkbYKEOBw/rF3NOAUBQxxh9AlxwU/IUMV3++dhbGaTF46RN7FF/XLUJ4d3zt/f9r/UUrPwksiyUFyDRjRuV0ABn0aLneeJhcL2H4MeFnkjuRie9t292ief1UGbbqZnSMSuh//V7UrxKJw3o/asVRQQkxJOVQfAa6TUcBq/kxhuYXDBg1mAFD8/RGmA6pjJGH5+q9Cqaqmj6PgLRU+HS2iZnkkz6FRK6GmSAXu1vcwB0GC6NkLXU75B8j+3b8DV+rM6boKzQgAVNT+McCm0Zg2DdtMvQ//Qqetg8AXOvHXSJZ/zU7HsM42fm8Zk49uF6abKY=,iv:227zkv9T+yoycJNumdo0rV44ngXlM5hYu/1kRBj93r0=,tag:yQq2Aiw2sB4kmp/CeJ0G3g==,type:str] + appservice-matrix-bridge.yaml: ENC[AES256_GCM,data:D7v8HJ1UbN/LI0OQ/VZnMqELIE7C2WiaxNYEGZJg6e0zV7sZ+xV16nQkrfmVEHbIfEsdf/LlmEZmf5JTrqfVi4LPAL9zFYwvJAOKTLmjqKWJSUS+qLqzBgoHwuwvn2qWnZjCDDuqQ8h+L8hDcLoI+GOW805icJxrg3ZX8zrVFldoG23YV9WhPQwnTbpi5LRDGMWWDTxxOFt6/ZgLyRTRAs8D601VEAI7ulyMPsIPZzKOx1aBIWb5VzmP+BKcWj8yYTR6UhFg0ac9a7Kb/U8u/soBRnBLmSEFnL6pVrv2utsyS4SdZNaSZN/PZtgxctdvPFYo/fGH+iFeYWZ11izyaTUngSgOvGTwvdEkn98wd2hwKnM0HvOOm28VX76/2wTiqU0e301AD5ouUKvvTFqJqqowQJp5DD5DX4BZ0jS6n9+QsH8MfeSP89ZgKIhNvHQ8KAnm1yJu5nEvaOt7NVkEL9CVFtrymDqRCCS3/FMVYBtq4bjJsrQ6yXqIzSPH,iv:Kv4eGx1vFgs+sV6iwBZD/nR0h2GzLKqjNJmgsRldNrY=,tag:QGmJZUhn23c1pez9+MCrfg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-03-31T21:34:41Z" + mac: ENC[AES256_GCM,data:RZ0jexcJq46ByhdZsG/Ab1ONc0cie8UAY7e5pw4+3IZmh1Zgg41vz1+sbitIUVC1tFjND7Jo0Ess+agS7/b45JZU0rta9rKp7WhCOtAVhBO+BDXmRKMtWynd/TSxoBdUtHG+AlGAoPRmz/4HjUMDoeO0CFoa/jR5Ajfv/xrSa2o=,iv:W/XuQZ8Ju6pv3E/b+0ugDsg9J/FXw0ixfFwLNlmLgxQ=,tag:W+xjNY+AJdZb+dxUrvLosQ==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/synapse/deployment.yaml b/kustomizations/matrix/synapse/deployment.yaml new file mode 100644 index 0000000..d11b94e --- /dev/null +++ b/kustomizations/matrix/synapse/deployment.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: synapse +spec: + template: + spec: + containers: + - name: synapse + args: + - run + - --config-path + - /config/homeserver.yaml + - --config-path + - /config/secrets.yaml + env: + - name: SYNAPSE_CACHE_FACTOR + value: "5.00" + ports: + - name: http + containerPort: 8008 + protocol: TCP + - name: metrics + containerPort: 9002 + protocol: TCP + image: matrixdotorg/synapse + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /_matrix/client/versions + port: 8008 + scheme: HTTP + initialDelaySeconds: 120 + readinessProbe: + httpGet: + path: /_matrix/client/versions + port: 8008 + scheme: HTTP + initialDelaySeconds: 10 + resources: + # These are just some arbitrary values, will have to be tuned or removed per-deployment + requests: + memory: 1Gi + cpu: 1000m + limits: + memory: 1Gi + cpu: 1 + volumeMounts: + - name: data + mountPath: /data + - name: keys + mountPath: /config/keys + - name: config + mountPath: /config/homeserver.yaml + subPath: homeserver.yaml + - name: config + mountPath: /usr/local/lib/python3.11/site-packages/shared_secret_authenticator.py + subPath: shared_secret_authenticator.py + - name: log-config + mountPath: /config/log.config + subPath: log.config + - name: config-secrets + mountPath: /config/secrets.yaml + subPath: homeserver.yaml + - name: config-secrets + mountPath: /bridges/mautrix-slack-bridge.yaml + subPath: mautrix-slack-bridge.yaml + - name: config-secrets + mountPath: /bridges/mautrix-telegram-bridge.yaml + subPath: mautrix-telegram-bridge.yaml + - name: config-secrets + mountPath: /bridges/appservice-matrix-bridge.yaml + subPath: appservice-matrix-bridge.yaml + - name: config-secrets + mountPath: /bridges/doublepuppet.yaml + subPath: doublepuppet.yaml + - name: tmp + mountPath: /tmp + restartPolicy: Always + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + volumes: + # Will need to be a persistant volume of some kind to support media uploads, unless using matrix-media-repo + - name: data + emptyDir: {} + - name: tmp + emptyDir: {} + - name: keys + secret: + secretName: signing-key + - name: config-secrets + secret: + secretName: config + - configMap: + name: synapse + name: config + - configMap: + name: synapse-log + name: log-config diff --git a/kustomizations/matrix/synapse/federation-service.yaml b/kustomizations/matrix/synapse/federation-service.yaml new file mode 100644 index 0000000..d46b30b --- /dev/null +++ b/kustomizations/matrix/synapse/federation-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: synapse-federation +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP diff --git a/kustomizations/matrix/synapse/files/homeserver.yaml b/kustomizations/matrix/synapse/files/homeserver.yaml new file mode 100644 index 0000000..3489e5a --- /dev/null +++ b/kustomizations/matrix/synapse/files/homeserver.yaml @@ -0,0 +1,98 @@ +# Configuration file for Synapse. +# +# This is a YAML file: see [1] for a quick introduction. Note in particular +# that *indentation is important*: all the elements of a list or dictionary +# should have the same indentation. +# +# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html +# +# For more information on how to configure Synapse, including a complete accounting of +# each option, go to docs/usage/configuration/config_documentation.md or +# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html +server_name: "distrust.co" +pid_file: /data/homeserver.pid +use_presense: true +enable_search: true +public_baseurl: "https://matrix.distrust.co" + +# Homeserver blocking +# Set to true to globally block access to the homeserver +hs_disabled: false +hs_disalbed_message: "Homeserver is not currently accessible" + +# Federation +allow_public_rooms_over_federation: true +# federation_domain_whitelist: [] +federation_ip_range_blacklist: + - '127.0.0.0/8' + - '10.0.0.0/8' + - '172.16.0.0/12' + - '192.168.0.0/16' + - '100.64.0.0/10' + - '169.254.0.0/16' + - '::1/128' + - 'fe80::/64' + - 'fc00::/7' + +# Listeners +listeners: + - port: 8008 + tls: false + type: http + x_forwarded: true + resources: + - names: [client, federation] + compress: false + - port: 9002 + type: metrics + resources: + - name: [metrics] + compress: true + +# Rate Limit +rc_invites: + per_room: + burst_count: 200 + per_user: + burst_count: 200 +rc_joins: + local: + burst_count: 200 + remote: + burst_count: 200 +rc_joins_per_user: + burst_count: 200 + +# Registration +registration: + enabled: false + allowGuests: false + autoJoinRooms: [] + +# This is handled by Cert Manager +acme: + enabled: false + +# Bridges +app_service_config_files: +- /bridges/appservice-matrix-bridge.yaml +- /bridges/mautrix-telegram-bridge.yaml +- /bridges/mautrix-slack-bridge.yaml +- /bridges/doublepuppet.yaml + +# Turn +turn_user_lifetime: 1h +turn_allow_guests: true + +# Metrics/Telemetry +enable_metrics: true +report_stats: false + +admin_email: "mailto:matrix@distrust.co" + +log_config: "/config/log.config" +media_store_path: /data/media_store +signing_key_path: "/config/keys/signing.key" +trusted_key_servers: + - server_name: "matrix.org" +# vim:ft=yaml diff --git a/kustomizations/matrix/synapse/files/log.config b/kustomizations/matrix/synapse/files/log.config new file mode 100644 index 0000000..a310885 --- /dev/null +++ b/kustomizations/matrix/synapse/files/log.config @@ -0,0 +1,31 @@ +version: 1 + +formatters: + precise: + format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' + +handlers: + console: + class: logging.StreamHandler + formatter: precise + +loggers: + # This is just here so we can leave `loggers` in the config regardless of whether + # we configure other loggers below (avoid empty yaml dict error). + _placeholder: + level: "INFO" + + shared_secret_authenticator: + level: INFO + + synapse.storage.SQL: + # beware: increasing this to DEBUG will make synapse log sensitive + # information such as access tokens. + level: INFO + +root: + level: INFO + handlers: [console] + + +disable_existing_loggers: false diff --git a/kustomizations/matrix/synapse/files/shared_secret_authenticator.py b/kustomizations/matrix/synapse/files/shared_secret_authenticator.py new file mode 100644 index 0000000..c24d8dd --- /dev/null +++ b/kustomizations/matrix/synapse/files/shared_secret_authenticator.py @@ -0,0 +1,123 @@ +# -*- coding: utf-8 -*- +# +# Shared Secret Authenticator module for Matrix Synapse +# Copyright (C) 2018 Slavi Pantaleev +# +# https://devture.com/ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. + +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +# +from typing import Awaitable, Callable, Optional, Tuple + +import hashlib +import hmac +import logging + +import synapse +from synapse import module_api + +logger = logging.getLogger(__name__) + +class SharedSecretAuthProvider: + def __init__(self, config: dict, api: module_api): + for k in ('shared_secret',): + if k not in config: + raise KeyError('Required `{0}` configuration key not found'.format(k)) + + m_login_password_support_enabled = bool(config['m_login_password_support_enabled']) if 'm_login_password_support_enabled' in config else False + com_devture_shared_secret_auth_support_enabled = bool(config['com_devture_shared_secret_auth_support_enabled']) if 'com_devture_shared_secret_auth_support_enabled' in config else True + + self.api = api + self.shared_secret = config['shared_secret'] + + auth_checkers: Optional[Dict[Tuple[str, Tuple], CHECK_AUTH_CALLBACK]] = {} + if com_devture_shared_secret_auth_support_enabled: + auth_checkers[("com.devture.shared_secret_auth", ("token",))] = self.check_com_devture_shared_secret_auth + if m_login_password_support_enabled: + auth_checkers[("m.login.password", ("password",))] = self.check_m_login_password + + enabled_login_types = [k[0] for k in auth_checkers] + + if len(enabled_login_types) == 0: + raise RuntimeError('At least one login type must be enabled') + + logger.info('Enabled login types: %s', enabled_login_types) + + api.register_password_auth_provider_callbacks( + auth_checkers=auth_checkers, + ) + + async def check_com_devture_shared_secret_auth( + self, + username: str, + login_type: str, + login_dict: "synapse.module_api.JsonDict", + ) -> Optional[ + Tuple[ + str, + Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]], + ] + ]: + if login_type != "com.devture.shared_secret_auth": + return None + return await self._log_in_username_with_token("com.devture.shared_secret_auth", username, login_dict.get("token")) + + async def check_m_login_password( + self, + username: str, + login_type: str, + login_dict: "synapse.module_api.JsonDict", + ) -> Optional[ + Tuple[ + str, + Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]], + ] + ]: + if login_type != "m.login.password": + return None + return await self._log_in_username_with_token("m.login.password", username, login_dict.get("password")) + + async def _log_in_username_with_token( + self, + login_type: str, + username: str, + token: str, + ) -> Optional[ + Tuple[ + str, + Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]], + ] + ]: + logger.info('Authenticating user `%s` with login type `%s`', username, login_type) + + full_user_id = self.api.get_qualified_user_id(username) + + # The password (token) is supposed to be an HMAC of the full user id, keyed with the shared secret. + given_hmac = token.encode('utf-8') + + h = hmac.new(self.shared_secret.encode('utf-8'), full_user_id.encode('utf-8'), hashlib.sha512) + computed_hmac = h.hexdigest().encode('utf-8') + + if not hmac.compare_digest(computed_hmac, given_hmac): + logger.info('Bad hmac value for user: %s', full_user_id) + return None + + user_info = await self.api.get_userinfo_by_id(full_user_id) + if user_info is None: + logger.info('Refusing to authenticate missing user: %s', full_user_id) + return None + + logger.info('Authenticated user: %s', full_user_id) + + return full_user_id, None diff --git a/kustomizations/matrix/synapse/kustomization.yaml b/kustomizations/matrix/synapse/kustomization.yaml new file mode 100644 index 0000000..0c7c5f4 --- /dev/null +++ b/kustomizations/matrix/synapse/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/name: synapse + app.kubernetes.io/part-of: matrix +resources: +- deployment.yaml +- federation-service.yaml +- service.yaml +configMapGenerator: +- files: + - files/homeserver.yaml + - files/shared_secret_authenticator.py + name: synapse +- files: + - files/log.config + name: synapse-log +generators: +- secret-generator.yml diff --git a/kustomizations/matrix/synapse/namespace.yaml b/kustomizations/matrix/synapse/namespace.yaml new file mode 100644 index 0000000..b88de94 --- /dev/null +++ b/kustomizations/matrix/synapse/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: matrix diff --git a/kustomizations/matrix/synapse/secret-generator.yml b/kustomizations/matrix/synapse/secret-generator.yml new file mode 100644 index 0000000..0cf1938 --- /dev/null +++ b/kustomizations/matrix/synapse/secret-generator.yml @@ -0,0 +1,7 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: sydent-ksops-secrets +files: + - config-secrets.enc.yaml + - secret-key.enc.yaml diff --git a/kustomizations/matrix/synapse/secret-key.enc.yaml b/kustomizations/matrix/synapse/secret-key.enc.yaml new file mode 100644 index 0000000..5e3364d --- /dev/null +++ b/kustomizations/matrix/synapse/secret-key.enc.yaml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: Secret +metadata: + name: signing-key +type: Opaque +stringData: + signing.key: ENC[AES256_GCM,data:yrRjsuapmgDgBNNXGO9YyuZtkZaFPDg80SuJgdYWS3grCnN/hmkQ5x2icAf5i4f6TjAOreYxJYzRwQ==,iv:0ww6IrM9oY47ex1zYRULQx7TdATJ9odkk5k95yDo0ms=,tag:4/MjSSY2SltTuPtMtCRUtw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-01-22T05:45:47Z" + mac: ENC[AES256_GCM,data:GitHfIeAeu4g0bf1obvjd0TS6j5AZ0qo00i4mwIL3MKtCVa3dLfGkx4dE9SD0NZqBMpHdZTWnns145uCXnJTVdyLAlz54AuG/bn7eO642SghLpUvhyhH+c+xxQF2c3UJiR7TBdjJBh0BUBSO/yOBB0ondzocW9T1hDg/ExBjeo8=,iv:77yhCNc2cJ7/uuXOEma5LEyU0YIJSQiw4IYLLASli04=,tag:41IvCCKLfQZUNHsv6DvMsA==,type:str] + pgp: + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAkFACzQmqyF9BqaD1qEjIO4e6owS/n4h3U6ee0Y7fhO8y + a5RJ4/HvMmfXcYeHm+CZjsFaui4YJkPS93clGTJzV4w15yXJUunIVjAmkvSrVh6P + GqRUtNpi1y+JCS3sjlAfvm3h9b08dNxFv7rTwZtDiP8zmcNuB0zbLBFR7G6ixetx + ZxL7piPYX75Rqoz8A/+V7VAtsoX8t3xv5xgjHzzfhiM3TeoQUgLnF8aN5huiSptf + dMmNMa0GGu5QaUjYJ3iHjv5eMtCJ79KwpuCfv5iX34Q++rTe5VUWoQabNAiE/Frt + Rc3JB8o8rfL6WME9qIIa5k654JlVDKqOvTH3mtHkOIWhD2+CEK89Siq3G35Kkct8 + Ym7UNa6gE8IdSGkCOH81G4ZheU6Z8OKF1Z7dO+o7IdgIURTwLEFeBIC2PtWOKOJP + PnzqZNk1w4n4XK6hQg4bmIj8VaZXXgHEXcO/jaGCoRyr36BHCE1Sj1ae5cMUgDje + p6WKVO6gXfRg7SRJqQNUh03Lz0YKIjsI/429UPyf9mtXbHfvVyrW3+wyByok86FG + cGL1Y/N7thxAxXqHy4OZFCE0NMP2bobMzzGJTtDY9oPsGwTb6xk1g0wE5zg6IoQa + 9hnObBJhdpvYcD6juz+V0wkeI30essnz7ZTtsLdfCox6mnP5BMTtzxmcRrCpNvHS + UQFIZa0XryYoXv3rcw6yUpkqv6aYzD3L4PnqYtGUEtbMoTb8NXa9Cp+1OeypqZ0g + 7uO5zCKJgL6sBaPnJL5/n+afafzYcIOsQc2O+q0s4O1d5Q== + =3E6w + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ//abo3n5r8YdQ6p+/X031/n8MCvWKw+ERGSvDuT2r7g8m8 + DqrBQmX578jHVmZkC2B6fYqEBuQAeyEJyQ56MLMuGMNSET8dgNS4Uj/gwvsuEDQf + NhU10WLkfQ3g2/o654BVzPC2b3UQTL4mmXqp0+ID79uynn0/WZ0TQQ8xj/uUaDS1 + h6/uC7mmDGTHaxF3gFuYkvWMghU0bqX5BfrAPdICAr8FIqxUGIvUD6KkBu9hWTYP + RLtfwpU/DAcT/7pNtic25WzzQt7W0mok3zUZZq5r2UqO35x2XOrgC5DQ69QYf7JZ + a9S236gEpAS0Kl1IWSvY2kDzj/J27T3nonY2kX3a+UqVWX15LEmVmNNUMwjz91/b + 0G+26vustzinHBs30EHGBqhyELjRW0RjcmlVGNXvZwhgGL5/LNIEcfBi19tIang1 + dRYE9TasSeRbyTU/A/CXFDeuGtC8K552SzXjv1zP6gkwZFb0/zd0/XHPSyGyOLbM + 1PC3JhkA8GEYQ7l9y5BdPXxZseuoSHDPHfMRIcnogx6w6rfBdd9+78M1WjnGzhYi + /utORBaiwU9Zk+Xm3B+WbkDl5+jio+UIp9nHoYAGfuJ9A6TZYBIavB6K171wALke + Kl6hoTxef/VGwdfXB9ikUy0bi0Km1vVpZGVzIjSFXiSlLkaamhxUFSgDPGZN21rS + UQHeXKkhgKXTEVvi+kypRbN2/174bElGTWz1C2TWPNJAcvvKmRw66t5g8pahnXbm + SYQoB5JaAl0URu6zHWBYhCjQjiyePhnxHV4tgGtEYAdY3g== + =xXRR + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAAsxa6N9jRT1AUqfWI7gIfJK6i6g0F5oxRYJ5A2mjhc89k + ZAN4/tO9GC+Fg8+lLhPHdiz6v2T1+92AFXET3jm+ax6rYei2woMHNXKzgqxjkQEQ + xQ/3LcQ3+FOTrvy7Gir9HQ/DoWSePBF7tx16unxH75hi6AgOiT0nFoEbXP3CJXie + lVOO5r5jKgBg9LENj/U+9LHjXB6W0PbVdhxdeStk2TTKcmuDnrGeqKZ3SyZ9V33p + DEfydW+T0ac156Eb2tdszzW5e87oPmW78wvLkotboZcPVWBadRtJkzVn3JXoMAda + gN+W2+I4/4iQN8ITBQ+2i5GsdbHtnrmPkzSbtSqhujwZ1k/a7uRmHy46ejDK9QnT + lQzm2OKyjTlCDhnxnKj0eTE4nN0CDyxGBNlNVG2piKd8i+HpqrjKJ9IUcMj7oO3U + 8rtQ2A0LHquNvu6ZatP6fUk3tKgLaEslV4ORXMlILdZXlYqgznmvWJaII3XVeu8l + G/tHPkOhrcQDIecBeYcTLZYXtPtmY1UNJZfbDazG/9J0rdq/r9NmnB7woy7FSYEp + yRNji1i/89nVLsu94ra1D6FHyxgIFTSLkD7s1iCMTsz0UdwfbxqdLIWumYrm04XF + wM2eTB8OAGe8mdfi1q4te0FEDMLTpdYBhYDDjHmBv4fXwKPcWkgixvNJtT6xPgLS + UQEvOn03hQ8MCQ5kh1R1FoTOw1UpgV0eqJSateC2wkBKbZ/4NWPbnZA7XAW6Jb98 + JidKJ8TiYiI33hxUhu4nUeZWjNcd7MgHyl1Do2r7SfyICw== + =TXST + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ/+I9khYJfqjCHhrAaElVWKgn4c+7C+oilVNE0132pQZfLb + u17yv6AYY5zThK6Lg0GZMKaKFn+JuF9wonTyixJQccJ+w2MxsJQRNQZTV/t19HrQ + B+6YFLVPNyOglr7jf+o5BnOdIvpR0Cog5JDzn0j4iwpRWRSGW1sWXiABKWUIW0Ks + nR7Rm/k3Jm8zYO6LtoyYog5HGUEHRMuOY6Yoj/EEbfDLKFU5WZ+hfKnbGGM9KW31 + RkXoCtjm2AstZTia5+Y0E3wNb9bbvpbkewyQd5KqaHmHaX3MzuoYKNHGVEgPMfla + Y26aED5uSLETv+C1U/jYJyxyVJxNYb2JBrS8a7+p+mo00Cvbs/pbM/cr5Y/Ogu7Q + Ed0+Ixst3LzSTOcYAAiEC/LpWztaIp/4h/cAfE7eKnsoFUVcv2lLpLHyI7fS/sJH + Ywp8tlqlfx7DaCqYEVjPMSfI9qBbJomoQ77szHL+Gyi4ibyF0iRz0/NnF5lmu5H5 + sDAYiqnHEIpk1v+gWXoj/CQq7a5jJf044cYylcO+al27cugr+jr5TBQQVv+wDNJV + LqpAxmmz8yUJ6RlTSg5JwNlNCCOONv6f+lX0Cjk7V0kPcOMgbVn19Su7zIvhM7wd + m9mzuVWWx2SBGzORdK9W4tt7lybU7aCvusT1jP1nwXF/JCz9lyEbb1syaNIAiXHS + UQE2Va23CUVgB+cV/ImXBCEuAjZhiSMFVCtWOZrcqPS8EZX9s6WzscpsEmFnDE7t + GVR3u1IyjxTsuTxxYU0ldSjHqYFjQrgRD3ZBzwZcgeajqw== + =bF9b + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:55:07Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+ARAAoMRyGipvXTgUChfL1Lryej14FI9+8dvWQculBjPQzg6x + oxdPzz07ifIX8D64zfToE+qc439l/RYwiMx9XyGscEim0D1GIFPwxOm4DCXT+/5m + wlLkOBP7oMwirqSazS7dNF1hE83717QTi1GqC0UqhoMINtxrhQIv1Y6xxREqD1Wd + eW3M45p1i8iSZkzF7n0EhIK3J59Wl3vxt9FUX3YRWk1JH0oaqIc1VCH3TJc73DAx + 9e1jIVQSo4R8BfQc5Y64xRh0eq/87Ud2E2x9JbZmpnw4FN/OHg9QqRMaZ9r6EQ/l + VerhJFkfSj3UVAfODzViKXyNTKRak1GOcQBE5lfAXynAW1nfTTx0re0rl6/tvOwC + i02a/raksTI8afak1RMclNFqlihsegGU239ZGDRPb4apL32nYY0SMim58vET8rv5 + eTiQE1udg+1ttIRAGq/PxzHKlc6FUEdyJ6i2Da16c0K76FpF3Gnxxhw+Tleixx3h + 6+PbhC2qEgt7LS8TNg9J2WTDy4Hlw5YEmzOAM9NA6UYrH9BHsR87sbdriz6pAC55 + CnFkWptrME4CjUP72qIezRYt/4784ABTw6poQ51jP30641YhgPoYLrWS8hWQYaE3 + jcrum3JQnLTjsE88OclcreKNvNj+b1t0uxuHa/6UdMnyRCd8osJ22s6JJHLGgB/S + UQHvy+Rv0QJ65DjsJ4TfdRBLcKXaF7Ar5SaANqGi8EYwjVbhfImwx5VSEsvQclEU + 7JihoETtCrRwJM1BkJz3nuBAaYDm1Y+lWHSyVZ6xi8G0eg== + =n6cE + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/matrix/synapse/service.yaml b/kustomizations/matrix/synapse/service.yaml new file mode 100644 index 0000000..6b98383 --- /dev/null +++ b/kustomizations/matrix/synapse/service.yaml @@ -0,0 +1,16 @@ +kind: Service +apiVersion: v1 +metadata: + name: synapse +spec: + ports: + - name: http + protocol: TCP + port: 8008 + targetPort: 8008 + - name: https + protocol: TCP + port: 8448 + targetPort: 8448 + selector: {} + type: ClusterIP