From 2ea961303113b0680068f520ffbdc2a432fd0b78 Mon Sep 17 00:00:00 2001
From: Larbi Gharib <larbi.gharib@savoirfairelinux.com>
Date: Fri, 11 Dec 2020 10:52:39 -0500
Subject: [PATCH] Images markdown path
Change-Id: I5c3d64f4c3cea5d356dd4d6eb2fdaeb01c5d24d6
---
userguide/docs/admin.md | 14 +++--
userguide/docs/clients.md | 74 +++++++++++++-----------
userguide/docs/img/device_enroll.png | Bin 10164 -> 13881 bytes
userguide/docs/index.md | 59 ++++++++++---------
userguide/site/admin/index.html | 11 ++--
userguide/site/clients/index.html | 47 +++++----------
userguide/site/img/device_enroll.png | Bin 10164 -> 13881 bytes
userguide/site/index.html | 41 +++++--------
userguide/site/pdf/combined.pdf | Bin 2574169 -> 2584988 bytes
userguide/site/search/search_index.json | 2 +-
userguide/site/sitemap.xml | 6 +-
userguide/site/sitemap.xml.gz | Bin 193 -> 193 bytes
12 files changed, 126 insertions(+), 128 deletions(-)
diff --git a/userguide/docs/admin.md b/userguide/docs/admin.md
index 875fb345..7eeaab76 100644
--- a/userguide/docs/admin.md
+++ b/userguide/docs/admin.md
@@ -1,3 +1,9 @@
+<style type='text/css'>
+img{
+height:400px;
+}
+</style>
+
# Admin Guide
By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment.
@@ -10,9 +16,10 @@ recommend users to place it behind Nginx or a similar web server which proxies r
The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution):
-<p align="center">
- <img src="../img/map.png" alt="Create an admin account" style="height:400px;"/>
-</p>
+
+![alt text][map]
+
+[map]: https://static.savoirfairelinux.com/img/jams/map.png "Create an admin account"
The IP 10.10.0.1 is random, and should be seen as an example.
@@ -259,5 +266,4 @@ ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.j
[Install]
WantedBy=multi-user.target
</b>
-
The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)
\ No newline at end of file
diff --git a/userguide/docs/clients.md b/userguide/docs/clients.md
index 90d38381..905e3b49 100644
--- a/userguide/docs/clients.md
+++ b/userguide/docs/clients.md
@@ -1,3 +1,9 @@
+<style type='text/css'>
+img{
+height:400px;
+}
+</style>
+
# Client Guide
Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients.
@@ -14,15 +20,15 @@ For the purposes of this tutorial, we assume that
Open Jami, go to the login page. Click on "Advanced":
-<p align="center">
- <img src="../img/client/linux/linux-step1.png" alt="Step 1" style="height:400px;"/>
-</p>
+![alt text][linuxstep1]
+
+[linuxstep1]: https://static.savoirfairelinux.com/img/jams/client/linux/linux-step1.png "Step1"
Select the option **"Connect to a JAMS server"** which will lead you to the following screen:
-
-<p align="center">
- <img src="../img/client/linux/linux-step2.png" alt="Step 2" style="height:400px;"/>
-</p>
+
+![alt text][linuxstep2]
+
+[linuxstep2]: https://static.savoirfairelinux.com/img/jams/client/linux/linux-step2.png "Step2"
The **Jami Account Management Server URL** in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.
@@ -30,15 +36,15 @@ The **Jami Account Management Server URL** in this case would be the DNS address
Open Jami, go to the login page. Click on "Advanced":
-<p align="center">
- <img src="../img/client/windows/windows-step1.png" alt="Step 1" style="height:400px;"/>
-</p>
+![alt text][windowsstep1]
+
+[windowsstep1]: https://static.savoirfairelinux.com/img/jams/client/windows/windows-step1.png "Windows step 1"
Select the option **"Connect to a JAMS server"** which will lead you to the following screen:
-
-<p align="center">
- <img src="../img/client/windows/windows-step2.png" alt="Step 2" style="height:400px;"/>
-</p>
+
+![alt text][windowsstep2]
+
+[windowsstep2]: https://static.savoirfairelinux.com/img/jams/client/windows/windows-step2.png "Windows step 2"
The **Jami Account Management Server URL** in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.
@@ -46,15 +52,16 @@ The **Jami Account Management Server URL** in this case would be the DNS address
Open Jami, go to the login page. Click on "Advanced":
-<p align="center">
- <img src="../img/client/macos/macos-step1.png" alt="Step 1" style="height:400px;"/>
-</p>
+![alt text][macosstep1]
+
+[macosstep1]: https://static.savoirfairelinux.com/img/jams/client/macos/macos-step1.png "MacOS step 1"
+
Select the option **"Connect to account manager"** which will lead you to the following screen:
-
-<p align="center">
- <img src="../img/client/macos/macos-step2.png" alt="Step 2" style="height:400px;"/>
-</p>
+
+![alt text][macosstep2]
+
+[macosstep2]: https://static.savoirfairelinux.com/img/jams/client/macos/macos-step2.png "MacOS step 2"
The **Jami Account Management Server URL** in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.
@@ -62,28 +69,29 @@ The **Jami Account Management Server URL** in this case would be the DNS address
Open Jami, go to the login page.
-<p align="center">
- <img src="../img/client/android/android-step1.png" alt="Step 1" style="height:400px;"/>
-</p>
+![alt text][androidstep1]
+
+[androidstep1]: https://static.savoirfairelinux.com/img/jams/client/android/android-step1.png "Android step 1"
Select the option **"Connect to management server"** which will lead you to the following screen:
-<p align="center">
- <img src="../img/client/android/android-step2.png" alt="Step 2" style="height:400px;"/>
-</p>
+![alt text][androidstep2]
+
+[androidstep2]: https://static.savoirfairelinux.com/img/jams/client/android/android-step2.png "Android step 2"
The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.
## Connect from an iOS device
Open Jami, go to the login page.
-<p align="center">
- <img src="../img/client/ios/ios-step1.png" alt="Step 1" style="height:400px;"/>
-</p>
+
+![alt text][iosstep1]
+
+[iosstep1]: https://static.savoirfairelinux.com/img/jams/client/ios/ios-step1.png "iOS step 1"
Select the option **"Connect to account manager"** which will lead you to the following screen:
-<p align="center">
- <img src="../img/client/ios/ios-step2.png" alt="Step 2" style="height:400px;"/>
-</p>
+![alt text][iosstep2]
+
+[iosstep2]: https://static.savoirfairelinux.com/img/jams/client/ios/ios-step2.png "iOS step 2"
The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.
\ No newline at end of file
diff --git a/userguide/docs/img/device_enroll.png b/userguide/docs/img/device_enroll.png
index 469c6e2a2ce13fadc1ce6f8f525ef6c5a698914a..4e6895b575c2648b47692859b226447e7e69de87 100644
GIT binary patch
literal 13881
zcmeHuc|6qX-}iUydm>p9btH+X>}08P(uzuD-zp@=HrWk>mQ#_oLw2P|7-ZjvPN_5_
z#9)RY%h<+XFxK&0U+SFmJHPwBpZmU_*Zthj^LpL>$k(-guFvOlU7z>+b6wpzV|q-G
zPl^wMAi)#Ie>n$1>^KNw`@+KoN*n?tiy=r8I`PZl^MT#89<yK1qbp^nF7^695O<RH
zR#CAn_wH}F$uF*A%j2`tR=lBH7|Y+!xA~`P_{-@A&%<8=Z}Jc^!s176`0V`s=FUhC
z(6s!)ixUDoKIJCw^|bGZSO0FicP_6?hCUtmy0VgH=)AayJ6u&&NyvW9NDix=TTU^r
zkpZ&&H~xIicvs(AX4w(k^~SmB)DR~Ws$^UfYw+cbOw)5d8$Gn;ri@FR&=-rSTI*-e
z&mf@L_VoOVulAgWAhgCvj@Vv4G04avrdI0a-6L?bjC|wo&EU$7W=q#@@_lb+{VWo0
z20j1hF$6)g%3g!eg)iZAV;9zFq%w!=hKs9Yv&l_2`Jj;;E3{cmZLlZb+|u0mYEM-F
zGtB_qy~wBvpbLeEEll-0)8(258e<!KRSa`TCB*o&?K-|M>Iw?Z=(SDxi>umC)P*oT
z$EHH(#@bn_`XL6r$0q4tp8dQU!ko-Lw?2cG$x_Q~*|whe+OXB&@?K#1)7yjFqNo9{
zvwAE2+}An_FRxOY)67ComtY5@=48}E7N(v7wP49ZP4Tx?d&~P0r^?aG^Zm%wLqP|p
z4c;W{pj;*@XNoHAQ0T58(enWloh^m|ljJGZn=3sPv<P<YB|4?fVZJa~*KcfqrfOHI
zULCt-iIAdqn^NabON4TP!qIb?@Sp|aO?BH8<;tz-qitF7HMDQvE`<}Zc5g|t`oY(=
z%dazr@lLX7!pTGRQQVhh&GVGd3&EfI$S)AO=#nFL7a&u_peyg=t}e6GLpsw2=ahL1
z?b_~(Ix>ooq*8Qg?dmdf)6es*t*x$g0j!n9ewr7#{J^x&V9zTu)_og8<znxhPnQE3
z!!eKml%CIWVVf#$&9`V?8EMHNgz43UF3s!O`4q{t`Kq0tYv=R3fY3IVohgb}br6ag
zDu=9?XPruN949GtYd$y1YidLFJ-G=>GmIkF=CBrod`6vOCl(npKhZVCd^1?+U$gl^
zWb@&j<_&7^<jR^Zj|3a|8hvQ)jxdlLv1&}w3(#$T`9b&1l}`blj{}GuOVTdu=5tko
zvM4zQ2Tr*hD|I!@l+82eai|VFP;Ix=I_!sPr4BFCWDYWa>s4nSII%S3LHSL|Vz<lf
z&*aaQRWjyzIXT2U8lkmhAHMPFTEHCMZ!Mue;cziF)dsrwDu)lJnAlzT)6FL&XQ|)I
zmyZ|jzT$5ZMVK8t?KWxcK<F|lHx;(alUDbw(}@l2=D+&VQlvU0gCRAxGT;%;NPjr`
zQ-xh-M6~~`(~jo4pvUR^<c1fm#QZxRyLBzvr>5m9oLUYjx_{`HA4%CAeg9XmM`qiL
zL@}ZZiNySDc{QaZDhVuz5tvkVsxH;hN*}pzR52$l#h-5$nEQ5F(w04HXWFU_n$^wI
zQOn7Ow)z2a-KqY~c0}l!LEJ1}V_WfLU4=)-ua&jI1U7HZUfqZqHXr{_Czub@liW7r
z1M+6pIO@n2#HE9}w*5s%e8UXzL3JhyrpXHu2h}d6FvND(wEgDy5@HBllyR{8C1<;b
zd2~fjZ%xSU2z6%CLkdT`baG|pl|krSGpQE6e2es?(W?2Fm_MU>P`Z5P&|m;#h3cw=
z7TU5G!Vx!P+7vS5KR*(-q2!RZ8-}es4pXO`GPI5|F7xbJ>RcW!t$;2xxY&tj1vk5~
zdoT51?Zf3`vy~u)mCQzyO?LVLtTeiYYmm$GOwFP9i6seIJTog-NC!V$NRxO>f9XnC
z%c^n2g3Y7A)wkuWKW=yng%3$n!fMbnGIcHLkFvQ;D$#ex*f<z_t2K02^Ii9!^=K?t
zI$!p3hsYZe{rO9y8BeQ_yT`q*hoNjb68tO<v?H?6n+vK%+ryMKL{gsL=NKL)(x6l=
zu|z~UQ9|e9D+pq2!-)1Cy!zO!7Aa|T!i*$@qZw3V3)`gCv)u>I^Q34(%-zXx<=v1i
z>5;iSY46m<UJ0gzJLYv4N{`#}8P*LlJ%cB7h7z-b&gNF%Q=2q67b=M$=$YY-60$!w
zrJ!u7&ASg}9pC%G#U?Q#SgNbz20{A#Sc6TFRyLn9Rdd!@j@%VD{7C7n7Q2_&<>gQ^
z*&@;x^(nw^XMTf!kA;v2ZSHFoN-WU)cb#7q&qJ8SO*mx5`_l~$Yz`sA&T|>G@n&^b
znK*wQyAu#Wps_>%H(C;s(YA+F<1L82kY+e}phK6#@n)qbqTCcCTej<g%iVWiC-CG3
zJU@6h(den7R2xTM>1j>^UF+CMi@l_?;*{6fczo;?sj{yhS1&}{i4?eh3b?s8{M)PX
z0EK;Xwl99Q(53zIj13B{L1?!nsGT`aeK&6$r8&UnP0S9U?Etz;wt773oK<n3P>d*F
z^vNEGTk7$NJqvHhxXms8Q@Q+_8g*%k;*xiAbBZ<MrCK~pw|n01PP9)BKpmXvlHQD@
zXtw=o?lE9+x%`MrSl0M8U;OA>zk00C&T`_@j<e#zPhBdfUqHzLqho~~*Qvw5WsV1A
zRqT%khunTygm#o6O)^^J!+G;mwQos>GiJjVt(N+wR!{TvjzG3Wq6%|EIvRz<r>)ht
z5Y{Tb&357<5N&+srxHWcSN^k03u)cijp&IpF(bov*@+@#p_0Wgw(G`LYO57GzXjV`
zPFDI}&qhTlr1aI=)(@w=wjV%6<~*n*;PD^4*ur9b&G>MB(~-G`u|?>!xw>Ec?C?6=
z?{l*n3crh2;~w0ZnK)y!dhO=h&w(Dyc*#3GBTzD{T5IY2Z$m1&HvM50(4o=CS7wS1
zDQJ9<hm^i*#Cyj%TI*S1HRJP>s3{$d%cp~>S^fk*KfAU>(W|IB-X^^0a#e$`v8U2?
zt*ndG?FCZL?6HobWK??g!}0l>(Ab;FlHMBxvgYAh9lqo>>T(cvZy%6U<8EpIea4a`
z-hOh5(Clk~ViY<j`7RH?D%p^>+yMCkJDF^-A8n6vxnf7oMw@yYTQF8*gmCzT_{FlW
zDwm}3Ee$S4_9{@8LcYMc=A-(ubF1?=U9$vnO8O2~4y%G&uSH(<x-R79pV)G5etLzx
zRQ`NejG7q~@Jb0He(;>k*YVYxd~PEa8IsYgcIxm~qT-mFidU+Uy?FKO#-{<zW8+K5
zvmQNgs4p>o%~%V~U*y91BD6E8C3zZ;dV8^zlw3JF*YNn3PzIxi!x3x|9^B~7@ivoI
zO8c7H7)c;vG=xzUotsJh{FSOa%HO8ikxnq??3*QPd`gn9*pYRtV?JxmVU!AG<(rz>
zXMC$z8>>&speXU;D$+hl(PSKed!*g0jV{hS<7?ohHX>i`?20sdJM!oo9%=rhOOmlR
ztWznek7str`_U_rJ+)Yt?al)vEqrP5F<X?qPw%sn5t+C*wOB{%vgT%nibYT9YCok5
z>#{lEqwY9+W#i4kXd&0_Ru-vs^TFrH<90XzyS`X>MGIVik!E6+*jv0hZ6GG0CaAsY
z#pcMB+3Mixf4Rt2h8UX};1RpSwOF$ZNeKN+R9Za$+m#z07Qw_5=pdQPlT}=P-Q%9~
zWXWl4svg>>%1{=ZT-)(04-%e(=v9QJUH}VAhq20^kPwD*8<6l%<T#RZ_B(Q1y0+z?
zk>kb~v+e(c9RCr0_HH?qq44#RRhx5D+`jOfY6#=??iI6z+q&bj)j1~^N^cu1OJ#$g
zFUO)9I3Z}Z<p;c0d-qlFUnnm6f3<k(XsJinjPI0LI9J@!e3-P1XB+Yx@00*vz(1ir
zwM?TZu)QF*{W~Cb2-*Sh<3JS;j%_~#eco!Gei#Cs5E8-|1Oy3VI6)WC4*|Nn+*AAl
zcfmjcJb!k9*b3m$ir#Ix3U@JrxZqj7cYzR=U^GnEB|i1gcZdb8DChimpj{5fr%Y%?
zJj&UvU}B~fwBFy0&<>MOz8B@370(Spm>?nCbkbR#-hO#D2vc}E;+75%ZhF8m=%8h3
zPyz%dxdmDr0Rlsm(~!M{a^1Fl{NN0LpkWP&zaEU2s`zEUE28{}cjl3`l6W8=n34)f
zlZ<yR98=u}8Zx9YN*vUIhpbPhz=XI%+<l!oeD#Kbix9N%K7maTB?Ic~WR$~4<vHL*
z4eLOSy=Qq?CGnd#<P(de2*epO&jFu-r56&6d)ZP4K~wt<a7xt{LdqQMK(*{Zy!*-g
z$*4$XuociJkO8iMrtlnn3$9T^&h)I<lVFKKE<iy88#;iO#kPMx9ih#7=NM!FuXv-U
zw4qR(!up~aGME91VBDIz<<@F4u$m-nHP$bYbh`09VFB1cY*S>eKEC=jr-GFbRUIHP
zbO;FPE8|VzX0<d4!DeqpL0I9H>jf+Bs`?Ow!ol`a_~gn?Rf`Otnt`Q{f)16`gfK5+
zdWwgrhHHy!!jV7{OCm&0ia0yiJ7)ZVDG>Lve#X5D6mQHhFBC_FMRZVvMY4a$9yLUB
z)VUG>+l&hln9A<$wIwY6h9j^5BCwa;d*yMjnOyzy#8yziHU+Hkp#rC)5SVWV+$<jh
z`&;<Kx{+1&?ZNRqKyL^Mjy_=dht1psDhIvz9_Yn`1Ew6%$`G!8>j`YJzOMVS+)a<`
z-{7%q5KiDArxb@H?EbJ%TU-Mg@hn#EbOv3)Sc2<bgn?FoLHOzu_*RMjz&l)Sz%%D3
zAv1(mGVFkVe4ke=k}-We+?ffMD~zE6k01b#s8`|mQ=P#DD=&L^AdCs{cpls~7y2HK
zwQelOhDpHk`0Bm5n$k!q8?y`He6AKK$FRVbFoIG^>%LJSc{;+SP5FN0(|2z&n@W)+
zR@Mv~sCJ2)b-I7798AsO$l<u5PYDP!2PR_M&$jL}Jh=6Jx$!3kiU#`<=K<UiApvh+
zu!i-H-~;~C2r>p+)3Nj^Tg-Y(*lE_s+2{!EA3!VsKD}y@Z$B3w7gu}tOg!!Ld@bO^
zDza(t$Xxq56TOrmN=-;vUHBS{@5EbYz%5ss;#HXxQ1B56SYwyr^^q@`w`Kt?o&_9s
z@#DNpk_-Uv?_%lS8F{STeQBM8)pc(Ap$p#SNSiWG8ojeHBYgOC0xL<&3tlM@yD!Fn
zyd%#^ySvEMZ0*~-d#j`}FJ``djjjN4k=6h9_OdL<0R%3GrtBz}+$t`9yIzCjH_=(h
zirJ=hixe_Ru3*j6NXz{E{4jGzw+x)xLtvVv8R)Ns?*rtVo~G?{N#Y8FL8hzsYmu%`
z_0_ZRNm{qZo9PPCT0})~<`r1itqiHIWfCPux}t|%4VSyZ87HSMaP&o=+%4^IB4^6;
zSu^j-@2Hw9FEmLBMvE}T^-gYl1BkL&rgr}9^aV&pD=~TQ>(xo$H@(XEv%|Sc%(N*L
zF!Yp$3s22%hao}|!zm=Ag`lEpUoF8^bE9EqWs$*Z%Q7>pLe|EQzLgyPyz27W_sA7i
zUUt)*AKSH<-*<mDRg+4@Jw+ltPuX;&c?VMoDHjZDhuFNO0l^PUBClx&8Tcl-6S3&|
zqUdz5S#@7-c?gm`lK)YwhOs-)Wz73XAK=rOODXePM##qq{De~1Sq)~qaH88s{Emch
zCET!o&HE>J$gaz_WbB-ZxGqW-zifpcNZJk2K|V!W#I8T=oFiQ-&me4NVM@pM4D71!
z301sQh-obT=p^*HB4+@bOBTY#tJp0`c!+8jUD;JSS+pG^Dy?=hIX%%2q%p3&MqLxV
zg6hxt?NjB&nT6e)ebExc;?Wx{x5(=jj`_=ht4k$OBJio`-y8F!Al|KpH%n}*+L45N
z2J*8p{5Xw<ZjF?(NTeP_-TT2r)uC28Y;B^esA+5aHPzbR&UV_?1SK|F)cdtQqS#Dk
z#Loo2=j^i;$SM1Lwe-iZeym@gEi>tx@&l9aY0VkSmEzs1@lY}&BIGimDes<s3A?xP
zl`1|La!{o_Y5Ju_nhbLxF{8%LA_A+}yO`qdD5D_TuC6lJG3&jt*YxPoAKtwX5oQ$X
z+krTQRJq!&@tQ1#sq)k_fqKilDBd=4dKQ85&)$qr$0V_(#9Dk}qFD47sBjYV@#aY%
z^Yp9=S=d+{juX}HJE(M*z1|kb-5o+-D?!wTbBk7!S$S*&)<9L=!~Qzq0m;#XVa<dv
zecC`yGkfZ=be~i^-c?vN%NSQxs@3e2d0%f20vwK)sXcxCjzh^`PgorCv=6=3jl#G;
zLFKV|o0J&@PW5%hntZCLsCiFa!VXWH@ZluU1X_rBsHQKP!#t#?BG#5u&mz+QhmjA9
zyccmP>WwbY%-Td<6T6f|T`0|GLl1rWtsgn#HL2RKUSFi5U2+jo9yIBp(pgeozA(M)
z)mtrTZ=0jFbo`}iP-qic;2gTv%fQ;LLh-XkE9sC|xy;)r?oHB9;3Kw>;rW8&qg4Au
zj6qY`qE1bMDOuVlWmX55;AvZzwwX{OgtM~X>`|7i$ipPbTLha*upTvP;i-_tuXdhE
zYIC}zr&Rf78|1Nu@*jpac>q1lk)uizZ&WHLR3^0$N|W0X86hNJ1Mdc;igHPD@z*+^
zf%gT%V+J!dE7jwn<j}Q`j}^?lyo}GQeX}Jc8g*5ln=5aOC+%Y{9BkJmJ*K5x*BB-5
zZt@i$I=Lesi9aUithXV)(|atNeoS=w?upX&<1}OYQHk%n?@mfU&tNF|^fdmJx3M)i
zLA6$LDaq`~_s;DE2f_~Mtu062X*UD!K3pT}n)}CNobm#4e^d<X;B?lsWH+ggq5^!@
zO>rw<7uu+gf}%GT%7fGXZg0*XPSlqUhoR^caag!3;K=c}hfi1dYvbTQc*9<FBQ}5o
z;?9qtU~VHtJG8YaQH2t|wwm@t9E_n1z1=OI{CvBvdNBLo13Qo^UyqObtoy|`J}XrJ
zD?Yc7$=r?`Q~cL|T0+M4cr>&%46zP^|D5pOUt!DDr{ACojx7L?0b&cd&qfzo7vFLn
zzOG#>SfSL<q}_CYH#tHAAk4M27Gk)eC95JHj@NKA0h|JNlVNl%3r)}3+{dY^_I<dm
z7;)|<fO3-RXD-vT7!fe=-imR;vUxX5Qg~}O@cicxs8?x$4LB4(ZfYNFY+=k?>js3+
zjW@36#lgTODpC})j@vmEfRDj2px`+GBrse!$`3)oZo(L`eGs(dQv(pq-L01FbqnuQ
z!whx(Eo*z7TT%r^8rR1R<rL(;zxuuT4rrir(?ZB#ARjy!hokf|B0N^w3{Z=8M)CLW
zv)*j``xb6P0^g-+Gz7vTB(@|&0#~)YC%A<%hoOtbm|N_PVc+Ef{yopGof-+{UPT}z
z8pCiDxkhtX(7(*QANExC4JrQoz6&q6v2Ij9WIh*M8nm-OYJ3^Q&2dU~P*GiRadCEI
zgMwM=tQV!W<{Kru(Fe|K)8Tu737SJqaC;rd^TW|)Rn3(!n{QXu5kCFxooiVWda(BW
zzD=?Q$>lQZ;%sQEb8vuidz0)^mTAiC0fItPN1n~HmM6Kh__EWHiQ-syAD_Z-05@Vu
zwJ0iq)zHw;xTcU^DnHSI>^{}totorwX0p<5dC}U<F<^pwMZfh_6j*VDpf1a<HZ&;k
z^GBYmsNb1j1*-t33x#)x$+#*)b)k#C624_flBPh3hDZ_=Lhr5VXNsDp8HTf_0|5Lw
zR89Z+wh;Q@x1?oVIBdHHd3GZfe!nC7c1<gOg^*`cc5D1ZI)Qk96;pQ%wm&iRYFSW1
zM2Rj-esB^ba6Jlgzi2ff7Ct<b6O9V4O-lp!39|!Ckp)H#G2bEFA4F0LGl15uA<#~P
zl95shZSPS@r|UZk5G)y99KiHeEiw|yYyJh*jDzg%ek&w^LH3VmWG$Cw@xs{gF}()8
zTpA8;(pYd}xL?OSR+N=^usaxB+4NVu(`hXAOrnD+M~dbKLwMg*;Ne@50D5oAUdZBj
zGu_k|n8d8~fO#?_Btf@Fe%#A+Ep<0!@r8iOaAIH47Xj{MAJpPf%uExCThp~<F&!86
zI0bWurd6Htv=aG})2qlglSRVRt|e#JN**;aBJlW3%27qivLwLOOSnV<>hNn@TleL8
z+FJ_#-RqMbNu=Sh^@|u}rYMye7h=nsU14%${^VC(2A5H$YF!Y+<r^)F7YF=Gx_5WK
z)myHGkX?XYRlj+@I=5$v^|Mz3f4-&i)~0K*cD&VMjzznYU4GG$%hcIazOP@s%suv7
zN5$_Nf)#AuM?4thZ!7k-Y5Q%dqr;lK&+$_!lzjg4CXaAro1vgj7FgTG!JjN8Uz)yx
z{mNDDn;1rPgkhO<Dm5q6(6E_@S>7_M7`wXl-n$tS*19I{_e2dj2*m+%SvM+);OZD%
zh|m6n-(hhobE_8n#Qp7hx6GeZMPB#1J~!wBnL1ADzHdK%?TEkE=b$1#Px>yg4@I@@
zA9Qe50g>)1PcFpjMO1?n*^3+_g<o7b^fSKX2-Znyg6#>1i16Ys%Wl6c81B95ShMZ^
zX%wOTF{<Si*~|Eb+~IO9sdf`b4^`gC#WG1ulEt}6KHOqwdT7d7qEB0q!ihi{y1sZ|
z{$2i?9=}PShOpFo03$I%zw*o$UTzE(0vjBVUfnG;PgS*ot&MfIMtc$0TN~$hb<P=!
z-%C^%ERS1~CjZ9OhvmQAUOaYUtifEeCUuuM?h_A^4H<c@gQW4UN=ILp83N7%=Vk<!
z=3(z_{lidT&q?aC+Ha<d%*W|9YC0Wg3sL)|r!u0Ux=RBIVIflWH{Xv(OMvAiOYk>K
z4(?4^i>)#VOI0NB)^!nv*xXZcY{iL*TQH33D^IG+?%wm!nP+FojJ|}=H5`}pnh2Mu
zj9NSM-97OX!{(dMe3SU%d1H9%X|bDL<7~vs5;Y;B<}M@6<}^IB$gb@WRw@F&*l0)X
zb4d!$i&gk^p4NLKyUp(?HF=vp{sK_TE=THEdqv)5!#?^$d%%B>@_+7}&d=PT@YUsa
z4Y|Ta`-V$sfwKm?UtQUyU52O5?LM@7Vu(U6m1JcK;vUAH`@|H{Wh~Y&{`!LBTjid1
zUy)$c=GVPfgZ(E}savRpUq5(+^&UE=HU4pa-dKF;6MfLfRlQn;qhrM~%gul*J2Egc
zM(-~x6p&dv*i*)K1@)0SGknPs$y+8V>DjCKtkC$Bg%n7%xb7;SRF%WG*>dDaMiybE
zG_dkJwU}*w5wD}WVZQh{#}Lqox|715_jj9#Vo=M6Tx;G}y#3>V65F>w3fO$dYh%YG
zS+u&T=i|-&Zk~Fy3r~w!sx@_?#b?<9*(TLxPd%9%E?rDHA<lvNSEC9`M(3a6O3jmh
zBbNLbth8AGzwzMG`#2np-bP$D{2olzr9rUb0q35Q^<Rts5*9&lgQC}sHJ}JMJd7BC
z;nu%R)^V3{qfisEO1bMXVznH$=l>>@BP?4$R_Sk{91~`%D!3lpjSR8zT<dLiK;ys%
z;e?+hr~_F99$c^+9Cu;1wMQG~G8~Q@0AOPQ@WimwLeNIsSF#4l(t#f!fvw>GE8!-b
zjs6aT{!cUq+kIU>KL&--2>@mrs{Ub)Kb4;@O9b&8R`p-h_Cx7s049RX@yDR+N{5qj
z>w~HaZoBH_)Q`V<d+qtr4P)QE2!0!7fxGUoX~(beDik!cN48o7#(TKj<-9ClNeC7X
zv7S5v`L)~sn9qe9!cOzg$=pBtz?ob)$pqTM;sN=<KkGBViKdO^13(4}|CkI;F@1Nf
z^}&H-L6FB2!{s8w5VbL9Eu@vD<pSNFcRhQoD!2zY)R$9H&o2NMOONL|nggp)Rd9WA
z>G2)kYertqwWeQ%acQtyjrv9(;K{He?4{0Zbln1KM?l%$e__Ngr{LCb&1`G1+eQa?
zYyf;~itVK~x*|64uhGV+Tk_Ux!DJi7XNvEFtmS%ZxW-5|4@kQXnEyKj!q{8?D@uaZ
z_fMj+!?MqQSK;54^mpZgRc#Ev-skV?QcwSjg@E?|K~MjAu^28s#a>p*Tkj2RvxRRo
zTGNiqwql;Ys};nN+Z=#rY}q%D1YWk`E1hKsa4xND;1Y!kY&qBlNAIDx0lu($3%wl(
zbrj+<3XceTTPp;7=_iOiz0Ro4$$|SQKk&yT{@HEwerJk-C;z1w1Lf8M*V|(~L4r5p
zx-%Afv4cIhzDghpaA;T^cegHU0=HfgT-JqWg+810)}l!c*48t>ggOJftcA+ADW!tv
zGWOE5;v+9<<LOrqL#cUF*I|T<wX1sFyG$xYj>{T`Rj+}hp9u*I(v))m(DsBc&5nvw
zEMy!e-Q#ND7e+AvV5cqN@7@zv6$;N<tW44Nd0tmuUamq~m>Ftf<yhn!gry+yOGUJy
z>4C;o_%I-6g7;3?5uZHcNdJy|e@ZMG^_I1|eA_Q<cBF*`zeZ|;sSuojRaI7=1(3d2
zk>n3RZohxt(SnZy33F(b`hy^&60XBrK6mSAjVDO=j;9?8@?A)j=P?YLxnfeLx_o&4
z&hYrdIhSpT&jJDOcsu7%;p;3Bj9PY+C0>(vq-uby^LN`M6?*nmYG@``2Tos-2o$+m
zI}fdBJk^9;2etaOb{37}?{HA6JuC3mriWAK=RP1se%D%}KLMQXhx+lq0IasHBQUen
z|HOk6UxLANCI!mcRR7!kJn~zdU;8doAG#IJt)9M2Kmy!unC#mlUseZrmiH$Qf-L-E
zfj-Qf(F2@qMR~zlFEQf@jnWj%U>w4(*pNC`bk~~EuG@K27b{Pd)|5K8?(ry9Y_{`^
z_dC4}1E-#=?TkYkE3S{WdhgO^8jkv%dOFGX%}*sz|CWb)2XUK;8&<Ko!cO07ZjHRV
ztzbNC#`^0T2|Oaxv^~Z!AieSGU?i+&Rphs$wTN9|G<QnQDj(u$Md<}q!6T8t&GD9i
zCrWfIEHbE#T$QD#>+r9pMmqP~9{dJgRN>7$<K41(<&WK$UK}jd^PiC5O2gth+*6_s
znLq?}(lFiSqs}Y*RF?*4<!Z=cc<SvH!-#C1y-758!(s3+483(ljaF8(k6TE3K{-%9
zdPv6|t4CD?(8~Q&FfmC;KB8vT_~%pxAjzR`kU^<x{ORb=&D-SgsD@43b!R`)+ZVs$
z6~D}_4L_p$nM4p6K7eePc_vYJG@}@Tk*DdN6xY<UYNyS96#UEicn<0zCe3e9;|S#9
zxlb@o*7|T~t<c6Q4NbH19OH2)@Q&+_oU_KNCZZ_PIPxUt=iy&3A34W%?8xa%bJr`t
z@hGR#_e!>p#~4rfI`DquZ4=w2z}a_WnhY)q)MSsbL}o?aB$=0y5DVaO)7yN}Hw?=n
zLU$<^N~TjQJ|Y>?=g$z1zB*Z2QTnpM%}#i)Q$?@ihnw%lbY7huJ;cqM0p6kTQIsCi
z2&mTTSC*xP<0iNG5*qJs-)3MIl;KF`@m7Okw;=#0;mx!<Hko4_%h0Q^>#)kVO3kX?
zI!AUUF|<p)C<Z<p+NbQ-$k<6$FP=e-&q&fU*;P(Pn~gx++CfW}g&Yrwc=)*Gg%(!n
zs!G+nnV0-UqLHE_BFc&RX2w!#N66BWrV`g~JsJMmeIqA&OoQF~h-t`}d!$1xWkq+~
z)6CA~fvpN;5s2Mf?}9Vgk%#o+?z46cd7>`&zz(6^d~|twcYzGJ3K?K_A1?cPeli%9
zE@KhW9i(6On9Un$hN@|M)!1&}s@)uvdONyRD|Ru+gGS77KN(CsS`eJa@F5|z<ro^T
zdwVxAR-Eq!=$lE3dF5!yCYooG#&eN0zDlcO#tjJxkVj!IaR%I^*{@@pOO#CW6xl?@
z=e(90Qi%^s9-Xb{J6C~3WoHw_l0`6Tt;7zY3@bC^pGeo9_@9FaA6y!&+589=rc<N3
z@x>K{LxkL-#qyKJu2mp?WoaYhz}XV*O+>Ya*&qDWwar8=AL{UPDwM*fZo!ClhGZyy
zRC-9<9a~X@w3^90$`HKc!>j{2W`dKaSyb9Cxi1xHHl&GrYB3@B@y=%S@^r`XB1S|E
zq*f+}Q{`?-<7%ptRMrDIt6lKHep(+{N?84T+<n*7J|;GV^RbJOw79X7qrY8!S!A0p
z6>_!qSe9<T@nU$-T=95r8n_6s*n>2v#iGuVPUU%#8IK%$lP>XHH})t}X1W-o25T0r
z>YMN%Mq(=NGC+DBOOY&FlmFl%g+g9tIhfBY<e?H*ud5jjNUd^?57W7uVl(=3;<<Jn
zZn;DmW(X5CDy<HVbqJ{PZk6=O%h?*RPlGcs5lU|P<`dx#-hmyQNqXQv_BA^;&B=CW
zRs})oD9ze6W)Q0mDcoQhXH*ZQ#_OtT*AY|C*_mTN#z7-eM-kVqKA?L{XS`_(?L<DQ
ze1C;KuyXHXwov0w45{G*gZSu5v`GZ4ulon_q2vL(rr2MPgx7!W%>FKyOKviM!r2m^
zw!@4<!<zTUCcifB_A_z7>*V5<CQL;!a&p0T)GHl2g}}+e;*7o;G;32ir~%`jzS8`5
z3lCqir!oA-k6cs|#94(mSTk(99|^~ytj2wICHtjpOK}?ldoNL{SL0^Y*Y?Lr;!nn6
z7Rz%^pYRNO(HhL%mnhO};8iu>c)BPba%g*>bWMu&!mq>M4{hpeKQNI6s8aMFF+Ke9
z-YMteyzN_O{Mb$yhbrwL>b%kMDh@(q-$<_f#yH9D&Dm4AaMmO|&#el`dNbSq>S^3Z
zrf6SPhZRC6qBio3ol~F&qFiUJQ^23MQ>=5$=R5{4c1H<At;j{$#Pj3u!cSW!hm*v4
z+x=MXYS9)v`0=*T9$zP{y}Np71w>A^t_9YbBVMRXk{vpqe`5Z&)LAdDWA@FuS~WF<
z;caZZOBHs#BUiC<^}1dL*He=2v)KN?CoHZjcir-*D++l1{d%2iv5at1gogPw(PWX=
zBAN%EcMHh3arNE6@x}6XR5a%rJ_8dbQ}P)4qSt&WbAD>VerO?Y^rWZEW%MwTv#Fh<
zkE5k~IQen1-^E|O9Ps6t)5G(;g+VIg<PJBGNxFh`PhBRPHQ1v|y&Jri`G{f{i?F#x
zD%Npxnm^B$L$=S<$8$C>gJFV2cQl7YdfU^x;|`?-nG}5u>glTU4X?nLH{ZrKYY{Hz
zU{d*AoNbC!owo<o&iHw%xh-k@fK+$4A_56RWFp6t8}DyCSV`L4<zt?qCXy^1@BN76
z!iNkw=@seA`7x7Y%>TowzK=YPlS&8$xi-mnO|-Zw%X48`P72RdNT~(q(^U1`QpCpI
z(1LP<PK$M1t71Hz39;K*JwENMu0uNaOa*v9TWF+psZO&~M;hvBW1f3*bSrWEL1XG%
ziQ)6ttAT1`cKJ3kKU<vftQ&2SK0x3>#U#7hpq7W-DXi7%FuPc#e6QZnY@}OQuh-3$
zL#kb}Zw3wC7`nJo943{Tf3{y9o?V$B1~GQ_YcU@tAn===0GiX90BBBZAKQME>fu*9
zLzRQ5*di~N*UEpvkq$MLPc2Yi4?NRqyR4Q{iuO_d0YtZQIM$v_;7Ve|gyc2f!Y>vO
zHgT?UZs15^OoE<{f@TKJ%GWgep~Dx4bV@-!%!>f$8d3e?)k!?u5(x=lzB|yqjp9=P
z*{_4qk(Y??_;&;5{~KW0cpV4lT-}U8{FsFkaJV0WSjN0;sdX;2RF3oVUYx9=v--?-
z2D|-7SP{(OHW(Mo&tRgm&Lr%){u4~?57M>H?qC+U&JQ;z;D3nLz&!H@XZ%AZ%m&H(
zk8qlQ;Eew_1=`?se=7IiM`t&9>)*NG1`Ym0x&KZ^`w#3K=NdMb<FHzHR<+8lDF9?2
zxbr#w$Pa)d0YAtU6dVW}R|K34&JO^V2J!@dBnzG@{^P^6Ka&OUt28IM)fMmtX<!e=
zvm5-UleoIMlN*T#Fa-E1@HyQBexcR(*n;eatl)Yfc$sDMKgEC7$#>QK&#(Wa24;iT
ZWTpCp5$5h8ui+t195wv~d&DvFe*xL4kD>qo
literal 10164
zcmch7bySpH)bB8kGJr@562dUFbUD%^odVJ&T>?W45~8$pmvo3CQi61Yq*4lk#84uj
zNTY;=-@(^6?zh%m_rJ?p!*k|5C->QB@8ACIiO{^INK8me2!TL|m6hafLm+tfL3tMr
z1^@90Rjj}R4|`it22wsm{}p_Rw=qz*Rab{x17$em0^SA4xw9q^&>oNcPZ<xCX(8u-
z*FzwBcy#}i@8EI#+dj+z0{hd(7Cg`Xl)wk{{_{MShxhM@dC<RG<K53Y_jehxd)DpN
zJkkj~2was6u@DFm#n}fBl96=<0)Y}a=ookysH=%txj6G$Si4x-@OnGDp7nxAc#DCe
zvyF!Z!rR#igBA0ZME-6e2FhpEd`QIaCLWHGNCS0Egsh9Z4MK!hn3o?ZMTkHkB;2iS
z#cs<f{OJz9Nh0k%JY2>2_`JNlc)f&pUEJ;X1Vlwe`S=C-1O<6O3m&Ww#>2v!2ZLq)
zYmmRkk+Z>CxjVReIJjUCXX9E}y4>@SL?X{7`seSjb$U41{yP%}`)6BVgM4Ri_yl<Q
z`TiLjbd@-(71MBcumLlljV~o2@w?^!QTOjWf3?@NckyrmQgC;$QpR}LxVyRoiTv&@
z_^0>(y~Y0?>$VNn#p&KzXI+eght%H#{IBZ&-AmTR8BB`Bo~>Bq&z%3Q`_o>6?@V0(
z5#L{D^Sc%tjufE;-#-T}MK~NA83}=~6e`Qz)bYk!&&IFT=|1U|rzD0ex!jh2s;W*}
zkrzQm%B>|D<a$x*#su0Z9@)ZxMk6jj!y^L%0yTw6E8Zj3WvS&kk%YIQH{}I>kqk*E
z4Q{kPblD%A*$+M05aq7I+WGBf4!7*@`|UPi?c9%#=6<z)PE_?f{wj-{_TxSIn&do|
zWQmM_1RKhgcENn+{=lR#D(e2ZFI|ZJJntf7<KFr-budMNOe*8+sf%>i2RO2q-YVgd
z^+~~650^7fPmZv`){H5yg*$L2ZrzuI@kv@?1qZ|ar@ImCIS8^JyQfE+(%;|7(i=6n
z+k72))^_lTXylnn3azx?aVn3oN-B2)W~Nb*@!|JSI*k3~t7nz3Kv}CZl(<Cy<>{v=
zK82KYG#l*`JLqLyc^I!HRQh<UvzO5y_d@%5^!G~D$Gobk+{z^^b-PI#QVy}0iHbnu
zgK=XQ(@M+kQ4Q&nA@NPzy^p57ag1@LzTdxS9S8IsS7hC3xu3s!ev@raX|-vy^=P%^
zCC7Eg@zQ3W-JxvpI>(RYxI>qgA5`fE<4NoqBVmt-s5ho+q7u8KsLfjLi|pCs>fJuC
zO;$ZujAM{KnjB`+$icNf^kp#*4I^QUjU<uSY7ZfxkRfULxmsf3`TjJz>?u!S2>dA}
z-o`3+Wyp=)?&(J}{}U0^T2}<cuj3WzI_K%V`Ho=YI?U3L<vYz%gG#W)tm)A{8c}!a
z;T%b@Hc{s(;nIP+IX~k(bl~W74XcVvj8baL0eI(bWsBYWF{c0VrCF|ci(!>*&E2uc
z{Bvb_ce(M`jyBuoDy_oE-1gQCom6^bui6dgs9(AsM1P!NcKnI@DX0;*f0t*M`*6?f
z*H3E2?NEMHoWxGw&QgD+;A2zINpSp+c};(AG;QvE`$$6VFq9>_*|I-tcDnPpLRR3z
z7!w(3U<iRZbM$CH$it&OQ{VNPD_5KGqAv|;ZO*ndux>N;38*{GHa7r~U%sX@Usx*|
zMa|daJHL|5seK*n$-0j;3o)R+^ftw6nwB|m(_lH2On<ac-A$M9@-;ctk0w}RJ*!`*
zC($WIhR;+kQx4`zOYiL*uH<fxm(e|(sCA|bqvA30SRP2%Dp0V{CZy&yskYaOp8N69
zOykMjv0~?`Y8nAcxe~pyNJ>s}&%WYkA@J}3S*V;$y=;TU?oz*Ec!B5oR6SiEpFxFr
zj)V_9Vk=C#x<P!i8T;j3{uN3Sd~koFk4B#=Cn?0xCK%Q_8LoaZSoq=EHf<?DE{cDN
zzR%TRtXOw26Gg(+TeMPKQZCaCMzpZumz1-6ck#VJ<OO2dWG?+nd>2p`cWa#{1>Fz$
zQ#&`2UBM^5t1q5!^;U!@ztnj_z895GRfagMoyIV;e<x*qFQtZmM4|X~Z`!48=Pj3W
zEIASZH6Xqq{_W$-mD%W<=jsA{i5X$C!QB=*-GfoR0qh-LLW~b~`uX_GS|#S_yGe?*
z3VK#@{rx_55kL{R+Ma6y$sKj`d%q5c{fBteczP5sbLm;<1q%fVMCL>GHXgSf+g!TF
zf8pEcbCQCbz7eps@PUgQ_{aw%<U{R=;Tq9U2VI?3xJehxm3MDrMpbxG!~dstG{!w{
zH$n@M6!tcmlfoF9fanpXmf*N}`90ew!L*!-dxGASA43yaRg(M64?UtR%s7K{zNYHn
zktuOPakLHYOO^qzM=ipxu5juCO*SF0e%f<`K$p)OCDGFJ5UDALOd_72VhXccskgpZ
zD#$sg$L=1BhDv65S*3F@K|>+u=#d=;^z3MU=)p}P+ktsJ4+Av2#i3dw6TGu%J*eR(
zp>2@H>rXOVg7M4`WTQi`%j^oJ_tYeKB`Jp%`&E+j@6Kd>zoZ2VCY5jQ88h?3(K4_8
z8jPWkk0D*7)_4~o`aV>)lAINajHid%CNI7n4_T#G68^kiH)l(0X)mM_6#(~^3wS<X
z9x9&S;^~69A}g5ox`V)3!GVkvj}JaSwRM~suXMrgTJIR=elX{<I7PjsRP6MGx=G7z
z3vhk9;8(E0j<Rb#x<wOrKh5GeJgpY4F+rusx41n!r!$)wmYD6oazl|2yxF`<NCtA9
zHMa1;-12jvYaT&b2PIPi0%HLN?#2YQB3R5|LCkp*>aI?#hA=rq7KADcUb=fjV6dK1
zjVW1#YrNEuVwT{93Xg0n1k&%=aGwiV-McXuvpf^BqiX~^Mg}-`{>+M;Ik-3ev<&X8
z+@40)Dze$rzsvqizMT)+(TzE^>u&eXuZVr&lP^(<tco;*Y^54w2>L&2{N8RfgJcHr
z6$8Q7WwjBRbP8V01_HJNX-bbOL`rX6Nq<QXR_%1F{bHekEPJ>QDk3a0-6KtJEkpmK
zA)92TRmy#!;|Z{VMgga9%eb2SvaS}oP%SOR+i;t!+&rEXKFAbi=wvPg#n+_h=IAT5
zc|l_>m_(}Y)cRRIJRGe9Ev>=qMMvEiUKr@Y*A~dIKA`Su=TnFhV}T;)Lm;Xe{F`jk
z-5AU7F*A7+f)WaNSIL1dtA&M!cx>QAdkS3$9CN(a*c6hYe;SnB`13jk7CuvvnW<4p
z#}My-un;zxR9FqVDLrn-4omjxHGidwszW0x>Bg_wdbz5%MC@A^HN&k%@hnkmLYLne
zbq8K7oRFwDs=4cbyvR5i9{cdoWaN$Tu)BtSmQMrVCZ#a3d#lMPmpdyhL|wRwC=TP~
zsuj_uec;P1-anByVBCYS_WIznXu{;$nF7&PsK7M3S(h8YN5`OM!vncZ8-=B%kJf~u
zFHs}_(=cq?D$(c;S9&6chT+K5_$_3@E?rIAT+wqvEQk7_?BA5nN~m^r@n2$zY3tlu
z5ck?Jsl&{uqh>zTyIBoNc>40Ps>1{|+S?|GU5q~zX`OSF=?f*HyS1>KCGK^pAh@OL
zC#lkGjpN5nzx}3x(F7Pc_BvQSR@`$Es-^1f<8(|W_xhyXZCI@<Ny3~UD>@y6pr
z7O=X;&|&Fc$J>j&GjHWG24b*J$vL156bMh*=#+h-VDEK-la3EPF?7$>GkYjIH)fh#
zW}DOTcN{9Sr2S9drf`YAwWQ&GWaUWqViI`U4P3*^rj5quIrk%>U2*BP;ltwviX<%?
z@l+a1QRp3lG))1Gq$o;Gnfb9Y=-13lCfQJ(mv>HL#W&hF)+Q<o<fEtx6k=ZQ{8*bz
znqh*Ut8<xa1yE!nR<F#6$DjhzS?#%QL^y4<ws5r7Num#YvcqVhOY0%q)ifcyOC)^+
z47<(E_r8r|nphlw(xx-Tr&Q7%CjcjCLCH^CYT0SB0ML<;=>hQZ&ApGheGZo%f2Ct?
zNn}+`oM)nZ85}l_#2#!dw4JQGtcw?VE2|xMG6)dx3z_KXgPRM70_Y*-xt4}~^Hp4x
zSs~hfv~choi3GpL7tIX2P==Rs76D4s9GZ~Lp6G4Y7T0#q&Dj`bG4Cw|pW37mFt%TS
z6=!~N1^_%DVKL`L4tP!KD|UI6^T0iM4THwae5SwQYVI_67hnq@XddI*3PEuSJ6e&u
z)lQSIG^7qc&-!k5<0{w$s&WKa;TGkCTrZo0W;zmHm^OLZmjQ$zL=%>ynPW~&pf-{(
z8<uv|n?FJLr3ef^0_V48+IrhE5HnD=UOV&M3T3el{4hc0?H9M7^)mQ!uW6b{o8AA)
zYD-b$Jbk^~=o&C@q{4X3cv3@)T}4;x8VDLo68V6|t$|gDXcwyaY<1uhyl))qs;v5~
zC#p;VE}tNt6Y(wvz>!X;%PZ>rO>VI|Q2BN%Xb*17lDU#@1^a2lUoeGAR1Gnl$)=uR
zO?Z)3*uFggFX7ST#AEwvVAaFi7JDlBy9ZHoYt8Hl>RgII>Wi=oBn)a<X*&k=t<G6#
zSGc^~dX~C4((4-{n1sKRR-L9LcAj&|dAzF>^-)a#^-3f^Jeewxo4tLMqi`nU4X?%9
z`d1?1#1fvJ{nP`a9d|b-tHLH9?&Gj=<Ku+l**`g<hN=+R-R)k+sump`ku;=YU{Tno
z!HYQDeA>cCQlI<lH6JrX9D4+N#+9S=^;4+v$lyT`FOFUJ^g=q_8v<5BDX7)=^@8V6
zDEr`YfTVbJi*;J={}7Ij{Pw-50?rZ!!2}ZEU{fZ71B0_IzJ^UNZTeHyxGz-;k@Et1
zW)r|Ln5{0oQiGd)g_`*?A@x;4L|@r}^f?0C2Z??8b&50tAGe7_6MmOdsfSzpLpw6)
zYB!ef=#F^5IOy!PQ9jLw!_*N)J}3ZIP3v8m^g_$l${Sa&5f=nWC4e)V%tdR?5<6mI
zXoNy-WPM%=hwH0WNgFzFfH@Qpq}WbbaOAbyCNYXy88#FOCerc<8v>XmruBG7)fOqW
zJ0Ns$Ba-y_TFtZADD;&;v?Z!^2S8hCJ?-8atq*L`^?s4)x8(3H94S-l?vS{4>I*Tj
zG13$?BKSoS52rRb#BPE<+|z^ec^kkC!2574aWzKdft2i|N^5N0>9%znRbGgrJ)Lrs
zGo;lYj!9mbc_?li$#WlE{O+s^yNNu*^geC5HT07dDP@|IdTZ^0=fYVBG14>%F9kVO
z5w4q|W9(@b1LX^A)8FonMJG!d6L@4b%s4d-RLNWywDCEKRx-b8;1tOj@zp|BKq#Tu
zqBAtB;|O5r-C=2Vw|<_wiua#DfS~vCPK*DqQ(zChfb(JA(PaaYSekJaeYMdAuGb{x
zF#xf41X`!&?)P3br!vH_@80b^GROD2zHR={{sFz7*6M7F_#6ODNdHe=5!}UH>6X)c
zcM5IN`?5r_mg1$MrDoy}e|mUYu!RxBU({n)ZgCSGk?q_kjM7LNzEtAm*~f{&)mN4k
zg}~*=;cs!xV2x@mhHZW=&WWsYVZ?MjM%^awdOmGAQ&19}IP99TjwHIUN%mr<JeaE0
ztjnrD8=o+jOvonetTP#NnI0zSM#p>^d8P`GzjBrT3&X-30kZMH{C6N!I`pjo*9}1Q
zmhB$8Qg@9@ewqL?udApUAer&ci+Ox$->-HUop?{$v|D0!QmmZB_Sy9b5fyhh&FWYQ
zwe(;Z&u6VScjaxrXk_MYclpD<`Nt8!Y%p8Zb^~dZ)^8Hu7bpr1*_Dmr8nD>>s!Z5T
zymDLLn{?jSdzTf})6`lU)DD-eO2U>ymZz(E9Ne9x2$HVPQ4$@|q+|16Yp7?sXd?u}
z1j3z#g~^Qi$79O;?Nj<fkyuj40hk4~XPbH55-|0ZcAR9Xe60tTz%7H-ThTb|*$$>~
z>Ay*26}?%1jr+2UydIIj)XreW-VJeZ?|{;5gRsC(-q`vR1?WE*J;ZNEOe>6_aP0OQ
zEacUTfJGY4sJ*sUV0dz5dsDQNsT3l8=-T%{k!|E{9Cx}wY>LLc-Ad70<OwpTqqj0l
z3(-L6?jvte{=){f7W*4BH=VfUoAPt>28ektRw_#!Z+|ud@g9CzDu>n+wRAyx!m;){
zkFE>dz2qvpD?3_f*(j<-1Y;TBV-0T9;x4|Q?>@pqstbSo9@v~l&-J&NtWJ@A-uS27
zw1d2o-Wkh@B4y^<71X8M;HA+t??M^~7k5y>#54NkCK10z8t;9R@Y!*-)yNjpZT8+?
zpRU{O@jpF2G_JP48Q-U8eY1xDQKz56*tlL@geGwrjGWE6Rehl%i-`4fUn9sl;Q@Bm
z884IK+S}whn>D5+E5AbBp5-tR>ql~IBX`4(-^C@+v!y~UMD?V?oTfh1NDnf#3ZNuN
zw<d6DyxW5{O7j8zWQ<|wPYxU|7W0t0y#5qbVhODwFA7p2_@I)f(nGg8UAH-qE>uZf
z&tH0LxX5nx!;7vsH{C6h@FQd-yGj=2McCpC;IU(_itj~omGgT~*ElK)u*~mp0|21i
zy&>t%3mAs((T?w~GKUm07I$JDffqj9T^Y=!z;Q4$EzW6)%Gri4g`7NXC=y-9RKJzu
zv5L!(Gf1z<EzA$->KX46zUq=*^plQBf@WR=t^s*%E%u8h*~{wkk{FwWnsvgw03XVF
zWE_!7;q=H(BEg_6x_`Kqm8S7i&Q>KYxlg4-j#xsu_Vd^`U+3D|B&{jxWge_)WaYh^
z3EyZv!uS>e2I6}5!|`Xa&4Z<h4y<7BMX<Z9&s7>51!8-e-W<22Q)y%});Hv{Hs+5V
zbGxx7sv!c~gb8$%-Jj#Ghj9g9GeYj*OKtY>P@lQgt;YcaF>NciGNJ<PVAdE3af{pf
zuwzyPc5$;IX&E_BgO^S>d@Jq4WjudiWDk5do;JX}70}B)RTOOZ<lD`lf~eCRaR**#
z4q1G|_F9Ot>Ho(e<D+XLPo6Ok$|LT<EA%5L*`kTtCW52Kq6Y6=Sd&{O3>t{xN=#&i
zwvwA`d3X+)w-I}CJtc7xzqdR<QyV5k^;{+8TDhM3<A&`Y<O#FL`AEogWTgm26T>Uk
zbApqxJ!^yLjF{kw-pLK|)HhT%7(oKfG5L01sMBCqYViX#4Stl<w}GCJAFE^7Y1E_0
znVn=|vaK9Q=3NG9KZ$V32TL>F{%%F*kn>sXAb7m<M2=v^(gu^ooPs9X%7j=f-hQS+
zR^v8HOkDU^T~0gj0w@gbOEaAyYA8V^4}PE?FfkZG!A{w<eZ;NeOSbi>y{vAwcp`?6
zUG;usKraYXlDQ2NMg4}3@;Z`#<Lg<9gKvP^*>C$b<AcKC=Vq611Om8vlfs-<po5m}
z;5}(&CbMGf*6R<GRdzlP@ld^E+Sk%E^M(sPN1;901Ik1n9BlO^Fb__rH9t`vs&$?Q
zv|VUJ$9VJ=f!7h;2@P*H9tVA=0HNsoM|uhG_)SjjLb=)>-$ymDeGv^>Yi#5%-Q^H9
zaQ@KOdGjCS)~_ob%1KhX6b`62cj?>#-ufoc8G;~f5fB)91D)zpRa=rr!^l|>*d)Xa
zU7(ZUKqvoSjpGl5r3>j^VU7yoq}~eoRB6ivT`S4}Q1mXT5)Q{d*WkOq0j`Rq|EWaN
z2)Nt`k?<FfffxwL!Rrd@u9}Z`i~+G@WGl;^`b$Og{Mo!p#842y9?Z{gF?A4`u3b%_
z?fRe!RtY2MQ(%GL8UyjwCvY<;_yo>ino>MiWzf8iI@r=3u%&JCe%>XN(?t6!3t%#b
z@??_PyQmD)P9y=tNS)3oZU?M4-~elQI`47<m+}d4j|T7|TLtwk4lMAW^!Hb?y-v5|
z`~ency(?gICmCGFW{EN)YF>IlYq)PW38R$6YNAp?3xKtnI>r@#CqH2Wzae@hf0=pT
zM$7)4<vW$9#(+sJpcPT6#mxMS%9R4#>iaN8zZ)K3-U-<aIZah_-qy{uDxSzyIk<(;
z)+iJl@!{PT#V$AR&-$tn4IGE9n59#b%gT5r<x(w>NFC&X2njsq0ceg64k+lL=V%qb
zw<>oEVx08A2#W0yRlbLNlXk;WM@|5m?{ChzJX6oSz7BBAaJKk95nnT!hr9bzchvJ+
z*>9^uj}LcI&Qp|hA?xNfMk=pV_CCK!ntbVZe6Y>^`U8kCK?LM(H2HB14isza``1yI
z`h^RAseEP(fdG8g=q?ZE4oeUW5Poc@(2&>$%yv$$z3+T`;LFyZktfjywk<cPdLMqt
z4+H1|jTfzzFY{=s#&I8z!&>K`e@(Z`nQXwWT=l}ef2K-3O~gvh)_yzRsjfY@B!rbk
zPrw!1`JKMJ|J%#99LJx}bvt;uiEPPj#a^jT%h}^4(WFy|&qY3YU%fgd2&``Tm23P-
zGDQrw^he*n%CdQxo^hX@=|4k6Xh4kBpUOigayR5znxt>-B-9PW)Gp22J%CT_TX<b;
zRC6s->+vvvgB5ZU=bcDXiFN}+z}_v%dSb5{KfiU=iTJc%avvxA#H`H^{@`f6ZaZ!(
z7?25LPvnUl9pghyg=#~E_n@lOMvvs#4J|U4r)r&5n+%=+^1B*@w1D_5)-9pxfmgO2
z4!Xo29xTS8TxRKg>pZ^RZqx=|8wA|i=hf>`U*t2dJKNXY|FKH_)AbE&^!)4jr$<7}
z{<osHqK=vXZT&8I?__^&_)$Xj&;<<UM#r(klAwr}6m`ftox`PVA#R~+^qPms<tpWc
zcc+CVw~Lkp9nOXL-UD3u;m#5`u&Z@$AOS#A$Zb?z1lB*WRjyTVVK;x`8hj163b^6C
z)D~6c#pwBm^Hdgz2g(x90D!q6eub8~4RFUS6BE(W!QPCL_rK@;0BEJ$q+zFr&ZR48
z%UNXy#32>~sp(s9Xs1v!9@_SoDLd8XIVN{32ud$gB`ux4h<d%*_Uja62z-tY+^`**
zX;2ReRGE24(1f7z!|uq-TE9Z&Wumz753?S3Nzn+{MJQjdF?oZ}?3p_pO(S%m-C<C#
zlz^mia*Y5%Qt`^0q%f{T?ORh1!q@~8Yir0koW4!<qj;EVt&Psh>;`kGapg0X3+;}w
z94roNAZq}7Z(*{#^w<m#)s%dY&Y4ofD!g+S_*W}+IU+8%^O=YFWKnZbZ7w#f<Qz@U
zorX>#lM1})k3V0iwNZOwP-%H38wAbKs!4elFHtg!(9_Qv9{zag@BDV_`75j5*aF2k
zDUUCtdqw&$@8s)p1c&vb>LQ8v(;}CffKiD48Xv0l4RGbx&tqjjgu11^kSRzLY8ExA
za4c`=8DHY7QV!cgEq;BMs8^`$>OR<;CM5VPiR|Q82$A(WlR_@Wnt`ROg}Es%J2CXL
zVqy<}3Oh(0i!P9iR9f}kc+STDZqquA?)23Xz`11@2(nC;O?n1OsamJDOk}Ohm47#^
zkS2N{OEgKGo_ZNr*+nYW9hu`R_;~$(a}W3Po!6&o8cb<O1#+h9To?;ju+!LZOPyYR
zG76vFL6m^S4RMKU#kZdkGIN`-;8-JPKq|-JiN4vx%P!&ccY3?=JA?<a#UDq8IB;}^
zA&6p-r1*qFAqzxhuOY-tl+0*Z+K2X+N;)dSnHV}bj1D^)PthUacE;5*(V^zV%-kDz
z+Rs2j1V>(FJ7`(m4gdE1I^TnZ<a7^?^rEjt>3XrsAx61pr4KO~E<(z#R8Gd%rK>GJ
z47`InJX<WbC$hr0#)zgI=QnONe#;Pc2nv?v$AFZI-f#f9sLZh3YiH79=E8QHtDJ$3
z$>?(%4?i<4Su;X$yU`2VZm!n#r?28H1%wH%8pu=i&p&dGl4px|5E4q<d&a*U+QutE
z^*Ih!$fzHnbqJDO@D-ujNR|kS!E>5DQwe}GP!9E?czNqu?gJ>ufOU+McDTLD)^z_K
zM@B-Z6R255UXwpSjdogo^pq73+ex9uASL+W69M9q;BqKra(OVbz_Zt)a3DrDjUnpw
z=yfuixTARPvGpRBvJ0a;@p|1)mxQ8`TXBw^{8`Wa23!!~Ng?Alm_&%7dN_Iy86e&{
zL8CD)LEAH@9P1~Ddb3cfCx@UTL)>@HrDM@9`_(g$G+8`#Mv|VncTVq-F&nZzT2M6X
zG%brn6OzX_D0d{4^G2b^N#h&d&~Dt-h21{$poBRd_Y7gLLP2rdRlfuo9|Zi~?X9OJ
z{m6I`P<$2IWOO-@@(djWv74Gw1(q^_q6luR82%K2m!3%}@pbhT+?p5^OBc%Z<Pqo3
z$bfle{m1eMM?eNx6MNNMgK{dNm)Xv1G&XWW7hnc~`~*>?cYVrSH-7R!Unm5O)f&vj
ziJVMy_I}U47aQ|qAyfXB3@WMbB7J)1z&mYIvid9VidSYJWi@$!puBKsws@_0;7(y0
zUF?qAh(<ac`xRC>m;_sZx<#OeR3Qn_^Q+V8pFZ4}lQUWFSuBw&jzXhh6Z7%vv{^)t
z8~!4$T%Z@TCp<;Nul9boe!IyfI~9c{h1I&uN%@~XSV{aBB?i*fMzRMjHq+6ni7H+T
zM9xbF0@NyE|E}E!W&JmnL<8%11`#RGAYyoXxoHzP@D&q_?!OxZM9gfh|96bY%Ut6x
z&F20y2Bb0*`015_^idy_aGLvXcFh;+ySJ7u?p3~v>BHUlJv|C<5KMHe3?_;~KO(%m
zI$rk8#O~jTEKz>B(hhu3KeCA?uT4M%WPdB2_>1}Vqo}B)Ynn<eIko3sihTMxyuDjC
z&!oW}xHk7$#&o(BC00$?F`Ky+%C^BWEc?CrTPC##^1!H&cJ|x{J0Q&^z8U?8ME0Z5
zT<h7~WnVwbQGmd^OsgOin|=8YDd+<2!hj9-h--tq#zW+@7P$A#d5|2=7I93)>i*km
z&i~g5AY%+m40bWcQVAn>V9f~4Mvt$+e~Rhr0#5O-1-Swumzu{&r;@I1_(?T2o*BI2
z<^hN@vmHzR*%_SIlNr0XpTe{*513q5)zk+dZ;-93x7H(in}8Cpjex^*asM!B4>?aA
zC>wT3Jy&X`Vd(E8MV)01$WB3wAeQU(pJAM)rprymR}%kSaTmthZWUmzF>!6bTqPjp
zJES)NT>tPwJG-R#PXKTx=1fNa<M+-Q))?GbOaj!GKkfeK1jVd<xqo(LzC1(Pw6Ivq
z9^2iZdus%M+gBm&3CxOjycf;`e)XT@?gpaq2ckJfYCcs;0O?`zkB0vYk~a}Ex1uo>
z6<`L7WsnrJc}uw>#^t$4{{j{nFb6wR$v>I`uoysP^Z(HlNF|+2cZS#EzF{(u3K1Sv
zUYf8&BG&oe&4SE-u;He{rrP13GX#ln=v8q~kMd&6zr&;XSN*)qo}J+PT)Mk02K+>U
zu8@g#^Ba%|03kw-yYZVSUm&L!it_-nR@n`Myne}axwsI@3tZDP!gMZq7|`~>W&13p
z=s)4|3|l|IUE?`p_&dlDo}CN}xIS+Z%vE~S@`cSPQz<QwhQI<J!UGtQ*=C<gLGH5X
z_iu8g{ax)@Kmx8^6mMe^B<Mw{Gdtf{euG=Q3(;b6J3aPk6+kQKhw1<XS}UFHg@%HV
zCyQeK&hpSbDPFf-1a5+|NBxStRB5tB7VU`j+wmK1v>*WlWkny{1Mqk#)71)7YE*xn
zT_eX@;?ce8bd~V4EM$8Z=E}<(xn7I5{5D#&*iNsGpz})~47kBtMHoK{xTgLTu8(8-
zX6x5=)+TW6!rY#VWHv9ZL6PQg>u(e46Uwxr?ksUduLXYqBDI|w`dlNI0fouJI-iS}
zNqep{bPvR;q=77?{FQV<n?26hSbT7&>Ln!;*`ROOLE3RAy+oc&$rLKpjZuic((yC+
zg>U%>EZJ5T1Z&t6O|#fcv0;U3#>uaRYNcRJ!Tpv)5Wv*ddg6RgX>_*u4zudyyhI{Q
z(3_;~xQb?~-DQIx3cHvf1a~?(fM2Zh+H1BTWm0rxHj@IJ%T^>rqXUF>>n1k;TAY}f
z8*%N8xn2c87e8iHYxsbaK*dkkrdoq(@axKk1vQ$eFM9pSZ4ek5mZ;MHd}6S|qBE<>
zLitfy4+vBVwuYEpq{Qq1TO2AX1LAIt6j&tM9i(w#!oEY>=7d~U;C2d>ZtJ-7UaCPt
zF$8H7#6p-fuf;uHPbbWmT1ymWxaDaC$Uq%XHqi)Lhws|pCux}QoYB_pIMTp-vnPPm
zzFC^Q(7XcjUx2y}u&boI?zfQ5Sy#|nWRlDYQk7W&e^fdgodJVJwu>>S(fq(CVTcY+
zveoxM1F`v1Aof&X;|;N~gTxB&H+a`f^nqa^Q-b0NWwVCsme5PXfr=s{XIK_qX;L6b
zVS)1-mc7fNLj_!OkreoDSCtAuwg8Rxs`SMs(bM0R2j?vgjkQ9}{xBm1DQ%V*;DSdq
hOPI)%?m>UyV|AP^V?3THpZ#1-S^kz>xr}+x{{WOuwq*bS
diff --git a/userguide/docs/index.md b/userguide/docs/index.md
index 31b24553..ac0b3eec 100644
--- a/userguide/docs/index.md
+++ b/userguide/docs/index.md
@@ -1,3 +1,9 @@
+<style type='text/css'>
+img{
+height:400px;
+}
+</style>
+
# Getting Started
JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database.
@@ -25,9 +31,9 @@ In order to be completely secure, JAMS does not generate certificates for device
The diagram below shows the entire process of how a device enrolls with JAMS:
-<p align="center">
- <img src="img/device_enroll.png" alt="Device Enrollement" style="height:400px;" />
-</p>
+![alt text][deviceenrollement]
+
+[deviceenrollement]: https://static.savoirfairelinux.com/img/jams/device_enroll.png "Device Enrollement"
​
## Getting Started
@@ -63,10 +69,9 @@ Please note that any port above 1024 can be safely used to run JAMS.
This account will have administrative control and the rights to manage your users and group of Jami users.
-<p align="center">
- <img src="img/step1.png" alt="Create an admin account" style="height:400px;"/>
-</p>
+![alt text][step1]
+[step1]: https://static.savoirfairelinux.com/img/jams/step1.png "Create an admin account"
## Step 2: setup the Certification Authority
@@ -74,10 +79,13 @@ The second step is to define your Certification Authority.
**Important:** a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server.
-<p align="center">
- <img src="img/step2-1.png" alt="Create an admin account" style="height:400px;"/>
- <img src="img/step2-2.png" alt="Create an admin account" style="height:400px;"/>
-</p>
+![alt text][step1-1]
+
+[step1-1]: https://static.savoirfairelinux.com/img/jams/step2-1.png "Certification Authority Create"
+
+![alt text][step1-2]
+
+[step1-2]: https://static.savoirfairelinux.com/img/jams/step2-2.png "Certification Authority Import"
This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following
@@ -100,9 +108,9 @@ JAMS supports 3 different sources for the authentication of users:
If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups.
-<p align="center">
- <img src="img/ldap.png" style="height:400px;"/>
-</p>
+![alt text][ldap]
+
+[ldap]: https://static.savoirfairelinux.com/img/jams/ldap.png "LDAP"
Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help:
@@ -122,10 +130,9 @@ Your admin should provide you most of this information but we do provide a detai
If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups.
+![alt text][ad]
-<p align="center">
- <img src="img/ad.png" style="height:400px;"/>
-</p>
+[ad]: https://static.savoirfairelinux.com/img/jams/ad.png "AD"
Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help:
@@ -144,9 +151,9 @@ Your admin should provide you most of this information but we do provide a detai
The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface.
-<p align="center">
- <img src="img/local.png" style="height:400px;"/>
-</p>
+![alt text][local]
+
+[local]: https://static.savoirfairelinux.com/img/jams/local.png "Local"
**Advanced settings:** by default, the option "Use public nameserver" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization.
@@ -154,9 +161,9 @@ If you want your users to be searchable by external users and allow them to comm
## Step 4: setup the server parameters
-<p align="center">
- <img src="img/step4.png" style="height:400px;"/>
-</p>
+![alt text][step4]
+
+[step4]: https://static.savoirfairelinux.com/img/jams/step4.png "Setup server parameters"
| Parameter | Details |
| ------------- |------------- |
@@ -173,8 +180,8 @@ If you want your users to be searchable by external users and allow them to comm
Click on "Set Server Parameters" to finalize the configuration.
You will be redirected to the JAMS interface.
-<p align="center">
- <img src="img/jams-dashboard.png" style="height:400px;"/>
-</p>
+![alt text][jamsdashboard]
+
+[jamsdashboard]: https://static.savoirfairelinux.com/img/jams/jams-dashboard.png "Jams dashboard"
-If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on "Create User"
+If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on "Create User"
\ No newline at end of file
diff --git a/userguide/site/admin/index.html b/userguide/site/admin/index.html
index e6353f60..5a71efb0 100644
--- a/userguide/site/admin/index.html
+++ b/userguide/site/admin/index.html
@@ -92,15 +92,18 @@
</div>
</div></div>
<div class="col-md-9" role="main"><a class="md-content__icon pdf-download-btn" download href="../pdf/combined.pdf" title="Download"><i class="fa fas fa-download"></i><small> PDF</small></a>
+<style type="text/css">
+img{
+height:400px;
+}
+</style>
<h1 id="admin-guide">Admin Guide</h1>
<p>By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment.</p>
<h2 id="jams-nginx">JAMS & Nginx</h2>
<p>It is generally not recommended to expose JAMS directly to the outside world and while it is required to run JAMS in SSL mode, we usually
recommend users to place it behind Nginx or a similar web server which proxies requests between the outside world and Jams.</p>
<p>The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution):</p>
-<p align="center">
-<img alt="Create an admin account" src="../img/map.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/map.png" title="Create an admin account"/></p>
<p>The IP 10.10.0.1 is random, and should be seen as an example.</p>
<p>Typically you would add a new site called <code>jams-site.conf</code> to your nginx configurations which would contain the following entries if you wanted to place an SSL certificate at the Nginx level: <pre>
<b>server {
@@ -288,7 +291,7 @@ ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.j
<p>[Install]
WantedBy=multi-user.target
</p></div></div></div></body></html>
-<p>The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)</p>
+The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)
<footer class="col-md-12">
diff --git a/userguide/site/clients/index.html b/userguide/site/clients/index.html
index 58ae7e56..2cf0de26 100644
--- a/userguide/site/clients/index.html
+++ b/userguide/site/clients/index.html
@@ -96,6 +96,11 @@
</div>
</div></div>
<div class="col-md-9" role="main"><a class="md-content__icon pdf-download-btn" download href="../pdf/combined.pdf" title="Download"><i class="fa fas fa-download"></i><small> PDF</small></a>
+<style type="text/css">
+img{
+height:400px;
+}
+</style>
<h1 id="client-guide">Client Guide</h1>
<p>Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients.</p>
<p>For the purposes of this tutorial, we assume that</p>
@@ -109,53 +114,33 @@
</ol>
<h2 id="connect-from-a-linux-device">Connect from a Linux device</h2>
<p>Open Jami, go to the login page. Click on "Advanced":</p>
-<p align="center">
-<img alt="Step 1" src="../img/client/linux/linux-step1.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/linux/linux-step1.png" title="Step1"/></p>
<p>Select the option <strong>"Connect to a JAMS server"</strong> which will lead you to the following screen:</p>
-<p align="center">
-<img alt="Step 2" src="../img/client/linux/linux-step2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/linux/linux-step2.png" title="Step2"/></p>
<p>The <strong>Jami Account Management Server URL</strong> in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.</p>
<h2 id="connect-from-a-windows-device">Connect from a Windows device</h2>
<p>Open Jami, go to the login page. Click on "Advanced":</p>
-<p align="center">
-<img alt="Step 1" src="../img/client/windows/windows-step1.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/windows/windows-step1.png" title="Windows step 1"/></p>
<p>Select the option <strong>"Connect to a JAMS server"</strong> which will lead you to the following screen:</p>
-<p align="center">
-<img alt="Step 2" src="../img/client/windows/windows-step2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/windows/windows-step2.png" title="Windows step 2"/></p>
<p>The <strong>Jami Account Management Server URL</strong> in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.</p>
<h2 id="connect-from-a-macos-device">Connect from a MacOS device</h2>
<p>Open Jami, go to the login page. Click on "Advanced":</p>
-<p align="center">
-<img alt="Step 1" src="../img/client/macos/macos-step1.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/macos/macos-step1.png" title="MacOS step 1"/></p>
<p>Select the option <strong>"Connect to account manager"</strong> which will lead you to the following screen:</p>
-<p align="center">
-<img alt="Step 2" src="../img/client/macos/macos-step2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/macos/macos-step2.png" title="MacOS step 2"/></p>
<p>The <strong>Jami Account Management Server URL</strong> in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.</p>
<h2 id="connect-from-an-android-device">Connect from an Android device</h2>
<p>Open Jami, go to the login page.</p>
-<p align="center">
-<img alt="Step 1" src="../img/client/android/android-step1.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/android/android-step1.png" title="Android step 1"/></p>
<p>Select the option <strong>"Connect to management server"</strong> which will lead you to the following screen:</p>
-<p align="center">
-<img alt="Step 2" src="../img/client/android/android-step2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/android/android-step2.png" title="Android step 2"/></p>
<p>The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.</p>
<h2 id="connect-from-an-ios-device">Connect from an iOS device</h2>
-<p>Open Jami, go to the login page.
-<p align="center">
-<img alt="Step 1" src="../img/client/ios/ios-step1.png" style="height:400px;"/>
-</p></p>
+<p>Open Jami, go to the login page.</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/ios/ios-step1.png" title="iOS step 1"/></p>
<p>Select the option <strong>"Connect to account manager"</strong> which will lead you to the following screen:</p>
-<p align="center">
-<img alt="Step 2" src="../img/client/ios/ios-step2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/client/ios/ios-step2.png" title="iOS step 2"/></p>
<p>The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.</p></div>
</div>
</div>
diff --git a/userguide/site/img/device_enroll.png b/userguide/site/img/device_enroll.png
index 469c6e2a2ce13fadc1ce6f8f525ef6c5a698914a..4e6895b575c2648b47692859b226447e7e69de87 100644
GIT binary patch
literal 13881
zcmeHuc|6qX-}iUydm>p9btH+X>}08P(uzuD-zp@=HrWk>mQ#_oLw2P|7-ZjvPN_5_
z#9)RY%h<+XFxK&0U+SFmJHPwBpZmU_*Zthj^LpL>$k(-guFvOlU7z>+b6wpzV|q-G
zPl^wMAi)#Ie>n$1>^KNw`@+KoN*n?tiy=r8I`PZl^MT#89<yK1qbp^nF7^695O<RH
zR#CAn_wH}F$uF*A%j2`tR=lBH7|Y+!xA~`P_{-@A&%<8=Z}Jc^!s176`0V`s=FUhC
z(6s!)ixUDoKIJCw^|bGZSO0FicP_6?hCUtmy0VgH=)AayJ6u&&NyvW9NDix=TTU^r
zkpZ&&H~xIicvs(AX4w(k^~SmB)DR~Ws$^UfYw+cbOw)5d8$Gn;ri@FR&=-rSTI*-e
z&mf@L_VoOVulAgWAhgCvj@Vv4G04avrdI0a-6L?bjC|wo&EU$7W=q#@@_lb+{VWo0
z20j1hF$6)g%3g!eg)iZAV;9zFq%w!=hKs9Yv&l_2`Jj;;E3{cmZLlZb+|u0mYEM-F
zGtB_qy~wBvpbLeEEll-0)8(258e<!KRSa`TCB*o&?K-|M>Iw?Z=(SDxi>umC)P*oT
z$EHH(#@bn_`XL6r$0q4tp8dQU!ko-Lw?2cG$x_Q~*|whe+OXB&@?K#1)7yjFqNo9{
zvwAE2+}An_FRxOY)67ComtY5@=48}E7N(v7wP49ZP4Tx?d&~P0r^?aG^Zm%wLqP|p
z4c;W{pj;*@XNoHAQ0T58(enWloh^m|ljJGZn=3sPv<P<YB|4?fVZJa~*KcfqrfOHI
zULCt-iIAdqn^NabON4TP!qIb?@Sp|aO?BH8<;tz-qitF7HMDQvE`<}Zc5g|t`oY(=
z%dazr@lLX7!pTGRQQVhh&GVGd3&EfI$S)AO=#nFL7a&u_peyg=t}e6GLpsw2=ahL1
z?b_~(Ix>ooq*8Qg?dmdf)6es*t*x$g0j!n9ewr7#{J^x&V9zTu)_og8<znxhPnQE3
z!!eKml%CIWVVf#$&9`V?8EMHNgz43UF3s!O`4q{t`Kq0tYv=R3fY3IVohgb}br6ag
zDu=9?XPruN949GtYd$y1YidLFJ-G=>GmIkF=CBrod`6vOCl(npKhZVCd^1?+U$gl^
zWb@&j<_&7^<jR^Zj|3a|8hvQ)jxdlLv1&}w3(#$T`9b&1l}`blj{}GuOVTdu=5tko
zvM4zQ2Tr*hD|I!@l+82eai|VFP;Ix=I_!sPr4BFCWDYWa>s4nSII%S3LHSL|Vz<lf
z&*aaQRWjyzIXT2U8lkmhAHMPFTEHCMZ!Mue;cziF)dsrwDu)lJnAlzT)6FL&XQ|)I
zmyZ|jzT$5ZMVK8t?KWxcK<F|lHx;(alUDbw(}@l2=D+&VQlvU0gCRAxGT;%;NPjr`
zQ-xh-M6~~`(~jo4pvUR^<c1fm#QZxRyLBzvr>5m9oLUYjx_{`HA4%CAeg9XmM`qiL
zL@}ZZiNySDc{QaZDhVuz5tvkVsxH;hN*}pzR52$l#h-5$nEQ5F(w04HXWFU_n$^wI
zQOn7Ow)z2a-KqY~c0}l!LEJ1}V_WfLU4=)-ua&jI1U7HZUfqZqHXr{_Czub@liW7r
z1M+6pIO@n2#HE9}w*5s%e8UXzL3JhyrpXHu2h}d6FvND(wEgDy5@HBllyR{8C1<;b
zd2~fjZ%xSU2z6%CLkdT`baG|pl|krSGpQE6e2es?(W?2Fm_MU>P`Z5P&|m;#h3cw=
z7TU5G!Vx!P+7vS5KR*(-q2!RZ8-}es4pXO`GPI5|F7xbJ>RcW!t$;2xxY&tj1vk5~
zdoT51?Zf3`vy~u)mCQzyO?LVLtTeiYYmm$GOwFP9i6seIJTog-NC!V$NRxO>f9XnC
z%c^n2g3Y7A)wkuWKW=yng%3$n!fMbnGIcHLkFvQ;D$#ex*f<z_t2K02^Ii9!^=K?t
zI$!p3hsYZe{rO9y8BeQ_yT`q*hoNjb68tO<v?H?6n+vK%+ryMKL{gsL=NKL)(x6l=
zu|z~UQ9|e9D+pq2!-)1Cy!zO!7Aa|T!i*$@qZw3V3)`gCv)u>I^Q34(%-zXx<=v1i
z>5;iSY46m<UJ0gzJLYv4N{`#}8P*LlJ%cB7h7z-b&gNF%Q=2q67b=M$=$YY-60$!w
zrJ!u7&ASg}9pC%G#U?Q#SgNbz20{A#Sc6TFRyLn9Rdd!@j@%VD{7C7n7Q2_&<>gQ^
z*&@;x^(nw^XMTf!kA;v2ZSHFoN-WU)cb#7q&qJ8SO*mx5`_l~$Yz`sA&T|>G@n&^b
znK*wQyAu#Wps_>%H(C;s(YA+F<1L82kY+e}phK6#@n)qbqTCcCTej<g%iVWiC-CG3
zJU@6h(den7R2xTM>1j>^UF+CMi@l_?;*{6fczo;?sj{yhS1&}{i4?eh3b?s8{M)PX
z0EK;Xwl99Q(53zIj13B{L1?!nsGT`aeK&6$r8&UnP0S9U?Etz;wt773oK<n3P>d*F
z^vNEGTk7$NJqvHhxXms8Q@Q+_8g*%k;*xiAbBZ<MrCK~pw|n01PP9)BKpmXvlHQD@
zXtw=o?lE9+x%`MrSl0M8U;OA>zk00C&T`_@j<e#zPhBdfUqHzLqho~~*Qvw5WsV1A
zRqT%khunTygm#o6O)^^J!+G;mwQos>GiJjVt(N+wR!{TvjzG3Wq6%|EIvRz<r>)ht
z5Y{Tb&357<5N&+srxHWcSN^k03u)cijp&IpF(bov*@+@#p_0Wgw(G`LYO57GzXjV`
zPFDI}&qhTlr1aI=)(@w=wjV%6<~*n*;PD^4*ur9b&G>MB(~-G`u|?>!xw>Ec?C?6=
z?{l*n3crh2;~w0ZnK)y!dhO=h&w(Dyc*#3GBTzD{T5IY2Z$m1&HvM50(4o=CS7wS1
zDQJ9<hm^i*#Cyj%TI*S1HRJP>s3{$d%cp~>S^fk*KfAU>(W|IB-X^^0a#e$`v8U2?
zt*ndG?FCZL?6HobWK??g!}0l>(Ab;FlHMBxvgYAh9lqo>>T(cvZy%6U<8EpIea4a`
z-hOh5(Clk~ViY<j`7RH?D%p^>+yMCkJDF^-A8n6vxnf7oMw@yYTQF8*gmCzT_{FlW
zDwm}3Ee$S4_9{@8LcYMc=A-(ubF1?=U9$vnO8O2~4y%G&uSH(<x-R79pV)G5etLzx
zRQ`NejG7q~@Jb0He(;>k*YVYxd~PEa8IsYgcIxm~qT-mFidU+Uy?FKO#-{<zW8+K5
zvmQNgs4p>o%~%V~U*y91BD6E8C3zZ;dV8^zlw3JF*YNn3PzIxi!x3x|9^B~7@ivoI
zO8c7H7)c;vG=xzUotsJh{FSOa%HO8ikxnq??3*QPd`gn9*pYRtV?JxmVU!AG<(rz>
zXMC$z8>>&speXU;D$+hl(PSKed!*g0jV{hS<7?ohHX>i`?20sdJM!oo9%=rhOOmlR
ztWznek7str`_U_rJ+)Yt?al)vEqrP5F<X?qPw%sn5t+C*wOB{%vgT%nibYT9YCok5
z>#{lEqwY9+W#i4kXd&0_Ru-vs^TFrH<90XzyS`X>MGIVik!E6+*jv0hZ6GG0CaAsY
z#pcMB+3Mixf4Rt2h8UX};1RpSwOF$ZNeKN+R9Za$+m#z07Qw_5=pdQPlT}=P-Q%9~
zWXWl4svg>>%1{=ZT-)(04-%e(=v9QJUH}VAhq20^kPwD*8<6l%<T#RZ_B(Q1y0+z?
zk>kb~v+e(c9RCr0_HH?qq44#RRhx5D+`jOfY6#=??iI6z+q&bj)j1~^N^cu1OJ#$g
zFUO)9I3Z}Z<p;c0d-qlFUnnm6f3<k(XsJinjPI0LI9J@!e3-P1XB+Yx@00*vz(1ir
zwM?TZu)QF*{W~Cb2-*Sh<3JS;j%_~#eco!Gei#Cs5E8-|1Oy3VI6)WC4*|Nn+*AAl
zcfmjcJb!k9*b3m$ir#Ix3U@JrxZqj7cYzR=U^GnEB|i1gcZdb8DChimpj{5fr%Y%?
zJj&UvU}B~fwBFy0&<>MOz8B@370(Spm>?nCbkbR#-hO#D2vc}E;+75%ZhF8m=%8h3
zPyz%dxdmDr0Rlsm(~!M{a^1Fl{NN0LpkWP&zaEU2s`zEUE28{}cjl3`l6W8=n34)f
zlZ<yR98=u}8Zx9YN*vUIhpbPhz=XI%+<l!oeD#Kbix9N%K7maTB?Ic~WR$~4<vHL*
z4eLOSy=Qq?CGnd#<P(de2*epO&jFu-r56&6d)ZP4K~wt<a7xt{LdqQMK(*{Zy!*-g
z$*4$XuociJkO8iMrtlnn3$9T^&h)I<lVFKKE<iy88#;iO#kPMx9ih#7=NM!FuXv-U
zw4qR(!up~aGME91VBDIz<<@F4u$m-nHP$bYbh`09VFB1cY*S>eKEC=jr-GFbRUIHP
zbO;FPE8|VzX0<d4!DeqpL0I9H>jf+Bs`?Ow!ol`a_~gn?Rf`Otnt`Q{f)16`gfK5+
zdWwgrhHHy!!jV7{OCm&0ia0yiJ7)ZVDG>Lve#X5D6mQHhFBC_FMRZVvMY4a$9yLUB
z)VUG>+l&hln9A<$wIwY6h9j^5BCwa;d*yMjnOyzy#8yziHU+Hkp#rC)5SVWV+$<jh
z`&;<Kx{+1&?ZNRqKyL^Mjy_=dht1psDhIvz9_Yn`1Ew6%$`G!8>j`YJzOMVS+)a<`
z-{7%q5KiDArxb@H?EbJ%TU-Mg@hn#EbOv3)Sc2<bgn?FoLHOzu_*RMjz&l)Sz%%D3
zAv1(mGVFkVe4ke=k}-We+?ffMD~zE6k01b#s8`|mQ=P#DD=&L^AdCs{cpls~7y2HK
zwQelOhDpHk`0Bm5n$k!q8?y`He6AKK$FRVbFoIG^>%LJSc{;+SP5FN0(|2z&n@W)+
zR@Mv~sCJ2)b-I7798AsO$l<u5PYDP!2PR_M&$jL}Jh=6Jx$!3kiU#`<=K<UiApvh+
zu!i-H-~;~C2r>p+)3Nj^Tg-Y(*lE_s+2{!EA3!VsKD}y@Z$B3w7gu}tOg!!Ld@bO^
zDza(t$Xxq56TOrmN=-;vUHBS{@5EbYz%5ss;#HXxQ1B56SYwyr^^q@`w`Kt?o&_9s
z@#DNpk_-Uv?_%lS8F{STeQBM8)pc(Ap$p#SNSiWG8ojeHBYgOC0xL<&3tlM@yD!Fn
zyd%#^ySvEMZ0*~-d#j`}FJ``djjjN4k=6h9_OdL<0R%3GrtBz}+$t`9yIzCjH_=(h
zirJ=hixe_Ru3*j6NXz{E{4jGzw+x)xLtvVv8R)Ns?*rtVo~G?{N#Y8FL8hzsYmu%`
z_0_ZRNm{qZo9PPCT0})~<`r1itqiHIWfCPux}t|%4VSyZ87HSMaP&o=+%4^IB4^6;
zSu^j-@2Hw9FEmLBMvE}T^-gYl1BkL&rgr}9^aV&pD=~TQ>(xo$H@(XEv%|Sc%(N*L
zF!Yp$3s22%hao}|!zm=Ag`lEpUoF8^bE9EqWs$*Z%Q7>pLe|EQzLgyPyz27W_sA7i
zUUt)*AKSH<-*<mDRg+4@Jw+ltPuX;&c?VMoDHjZDhuFNO0l^PUBClx&8Tcl-6S3&|
zqUdz5S#@7-c?gm`lK)YwhOs-)Wz73XAK=rOODXePM##qq{De~1Sq)~qaH88s{Emch
zCET!o&HE>J$gaz_WbB-ZxGqW-zifpcNZJk2K|V!W#I8T=oFiQ-&me4NVM@pM4D71!
z301sQh-obT=p^*HB4+@bOBTY#tJp0`c!+8jUD;JSS+pG^Dy?=hIX%%2q%p3&MqLxV
zg6hxt?NjB&nT6e)ebExc;?Wx{x5(=jj`_=ht4k$OBJio`-y8F!Al|KpH%n}*+L45N
z2J*8p{5Xw<ZjF?(NTeP_-TT2r)uC28Y;B^esA+5aHPzbR&UV_?1SK|F)cdtQqS#Dk
z#Loo2=j^i;$SM1Lwe-iZeym@gEi>tx@&l9aY0VkSmEzs1@lY}&BIGimDes<s3A?xP
zl`1|La!{o_Y5Ju_nhbLxF{8%LA_A+}yO`qdD5D_TuC6lJG3&jt*YxPoAKtwX5oQ$X
z+krTQRJq!&@tQ1#sq)k_fqKilDBd=4dKQ85&)$qr$0V_(#9Dk}qFD47sBjYV@#aY%
z^Yp9=S=d+{juX}HJE(M*z1|kb-5o+-D?!wTbBk7!S$S*&)<9L=!~Qzq0m;#XVa<dv
zecC`yGkfZ=be~i^-c?vN%NSQxs@3e2d0%f20vwK)sXcxCjzh^`PgorCv=6=3jl#G;
zLFKV|o0J&@PW5%hntZCLsCiFa!VXWH@ZluU1X_rBsHQKP!#t#?BG#5u&mz+QhmjA9
zyccmP>WwbY%-Td<6T6f|T`0|GLl1rWtsgn#HL2RKUSFi5U2+jo9yIBp(pgeozA(M)
z)mtrTZ=0jFbo`}iP-qic;2gTv%fQ;LLh-XkE9sC|xy;)r?oHB9;3Kw>;rW8&qg4Au
zj6qY`qE1bMDOuVlWmX55;AvZzwwX{OgtM~X>`|7i$ipPbTLha*upTvP;i-_tuXdhE
zYIC}zr&Rf78|1Nu@*jpac>q1lk)uizZ&WHLR3^0$N|W0X86hNJ1Mdc;igHPD@z*+^
zf%gT%V+J!dE7jwn<j}Q`j}^?lyo}GQeX}Jc8g*5ln=5aOC+%Y{9BkJmJ*K5x*BB-5
zZt@i$I=Lesi9aUithXV)(|atNeoS=w?upX&<1}OYQHk%n?@mfU&tNF|^fdmJx3M)i
zLA6$LDaq`~_s;DE2f_~Mtu062X*UD!K3pT}n)}CNobm#4e^d<X;B?lsWH+ggq5^!@
zO>rw<7uu+gf}%GT%7fGXZg0*XPSlqUhoR^caag!3;K=c}hfi1dYvbTQc*9<FBQ}5o
z;?9qtU~VHtJG8YaQH2t|wwm@t9E_n1z1=OI{CvBvdNBLo13Qo^UyqObtoy|`J}XrJ
zD?Yc7$=r?`Q~cL|T0+M4cr>&%46zP^|D5pOUt!DDr{ACojx7L?0b&cd&qfzo7vFLn
zzOG#>SfSL<q}_CYH#tHAAk4M27Gk)eC95JHj@NKA0h|JNlVNl%3r)}3+{dY^_I<dm
z7;)|<fO3-RXD-vT7!fe=-imR;vUxX5Qg~}O@cicxs8?x$4LB4(ZfYNFY+=k?>js3+
zjW@36#lgTODpC})j@vmEfRDj2px`+GBrse!$`3)oZo(L`eGs(dQv(pq-L01FbqnuQ
z!whx(Eo*z7TT%r^8rR1R<rL(;zxuuT4rrir(?ZB#ARjy!hokf|B0N^w3{Z=8M)CLW
zv)*j``xb6P0^g-+Gz7vTB(@|&0#~)YC%A<%hoOtbm|N_PVc+Ef{yopGof-+{UPT}z
z8pCiDxkhtX(7(*QANExC4JrQoz6&q6v2Ij9WIh*M8nm-OYJ3^Q&2dU~P*GiRadCEI
zgMwM=tQV!W<{Kru(Fe|K)8Tu737SJqaC;rd^TW|)Rn3(!n{QXu5kCFxooiVWda(BW
zzD=?Q$>lQZ;%sQEb8vuidz0)^mTAiC0fItPN1n~HmM6Kh__EWHiQ-syAD_Z-05@Vu
zwJ0iq)zHw;xTcU^DnHSI>^{}totorwX0p<5dC}U<F<^pwMZfh_6j*VDpf1a<HZ&;k
z^GBYmsNb1j1*-t33x#)x$+#*)b)k#C624_flBPh3hDZ_=Lhr5VXNsDp8HTf_0|5Lw
zR89Z+wh;Q@x1?oVIBdHHd3GZfe!nC7c1<gOg^*`cc5D1ZI)Qk96;pQ%wm&iRYFSW1
zM2Rj-esB^ba6Jlgzi2ff7Ct<b6O9V4O-lp!39|!Ckp)H#G2bEFA4F0LGl15uA<#~P
zl95shZSPS@r|UZk5G)y99KiHeEiw|yYyJh*jDzg%ek&w^LH3VmWG$Cw@xs{gF}()8
zTpA8;(pYd}xL?OSR+N=^usaxB+4NVu(`hXAOrnD+M~dbKLwMg*;Ne@50D5oAUdZBj
zGu_k|n8d8~fO#?_Btf@Fe%#A+Ep<0!@r8iOaAIH47Xj{MAJpPf%uExCThp~<F&!86
zI0bWurd6Htv=aG})2qlglSRVRt|e#JN**;aBJlW3%27qivLwLOOSnV<>hNn@TleL8
z+FJ_#-RqMbNu=Sh^@|u}rYMye7h=nsU14%${^VC(2A5H$YF!Y+<r^)F7YF=Gx_5WK
z)myHGkX?XYRlj+@I=5$v^|Mz3f4-&i)~0K*cD&VMjzznYU4GG$%hcIazOP@s%suv7
zN5$_Nf)#AuM?4thZ!7k-Y5Q%dqr;lK&+$_!lzjg4CXaAro1vgj7FgTG!JjN8Uz)yx
z{mNDDn;1rPgkhO<Dm5q6(6E_@S>7_M7`wXl-n$tS*19I{_e2dj2*m+%SvM+);OZD%
zh|m6n-(hhobE_8n#Qp7hx6GeZMPB#1J~!wBnL1ADzHdK%?TEkE=b$1#Px>yg4@I@@
zA9Qe50g>)1PcFpjMO1?n*^3+_g<o7b^fSKX2-Znyg6#>1i16Ys%Wl6c81B95ShMZ^
zX%wOTF{<Si*~|Eb+~IO9sdf`b4^`gC#WG1ulEt}6KHOqwdT7d7qEB0q!ihi{y1sZ|
z{$2i?9=}PShOpFo03$I%zw*o$UTzE(0vjBVUfnG;PgS*ot&MfIMtc$0TN~$hb<P=!
z-%C^%ERS1~CjZ9OhvmQAUOaYUtifEeCUuuM?h_A^4H<c@gQW4UN=ILp83N7%=Vk<!
z=3(z_{lidT&q?aC+Ha<d%*W|9YC0Wg3sL)|r!u0Ux=RBIVIflWH{Xv(OMvAiOYk>K
z4(?4^i>)#VOI0NB)^!nv*xXZcY{iL*TQH33D^IG+?%wm!nP+FojJ|}=H5`}pnh2Mu
zj9NSM-97OX!{(dMe3SU%d1H9%X|bDL<7~vs5;Y;B<}M@6<}^IB$gb@WRw@F&*l0)X
zb4d!$i&gk^p4NLKyUp(?HF=vp{sK_TE=THEdqv)5!#?^$d%%B>@_+7}&d=PT@YUsa
z4Y|Ta`-V$sfwKm?UtQUyU52O5?LM@7Vu(U6m1JcK;vUAH`@|H{Wh~Y&{`!LBTjid1
zUy)$c=GVPfgZ(E}savRpUq5(+^&UE=HU4pa-dKF;6MfLfRlQn;qhrM~%gul*J2Egc
zM(-~x6p&dv*i*)K1@)0SGknPs$y+8V>DjCKtkC$Bg%n7%xb7;SRF%WG*>dDaMiybE
zG_dkJwU}*w5wD}WVZQh{#}Lqox|715_jj9#Vo=M6Tx;G}y#3>V65F>w3fO$dYh%YG
zS+u&T=i|-&Zk~Fy3r~w!sx@_?#b?<9*(TLxPd%9%E?rDHA<lvNSEC9`M(3a6O3jmh
zBbNLbth8AGzwzMG`#2np-bP$D{2olzr9rUb0q35Q^<Rts5*9&lgQC}sHJ}JMJd7BC
z;nu%R)^V3{qfisEO1bMXVznH$=l>>@BP?4$R_Sk{91~`%D!3lpjSR8zT<dLiK;ys%
z;e?+hr~_F99$c^+9Cu;1wMQG~G8~Q@0AOPQ@WimwLeNIsSF#4l(t#f!fvw>GE8!-b
zjs6aT{!cUq+kIU>KL&--2>@mrs{Ub)Kb4;@O9b&8R`p-h_Cx7s049RX@yDR+N{5qj
z>w~HaZoBH_)Q`V<d+qtr4P)QE2!0!7fxGUoX~(beDik!cN48o7#(TKj<-9ClNeC7X
zv7S5v`L)~sn9qe9!cOzg$=pBtz?ob)$pqTM;sN=<KkGBViKdO^13(4}|CkI;F@1Nf
z^}&H-L6FB2!{s8w5VbL9Eu@vD<pSNFcRhQoD!2zY)R$9H&o2NMOONL|nggp)Rd9WA
z>G2)kYertqwWeQ%acQtyjrv9(;K{He?4{0Zbln1KM?l%$e__Ngr{LCb&1`G1+eQa?
zYyf;~itVK~x*|64uhGV+Tk_Ux!DJi7XNvEFtmS%ZxW-5|4@kQXnEyKj!q{8?D@uaZ
z_fMj+!?MqQSK;54^mpZgRc#Ev-skV?QcwSjg@E?|K~MjAu^28s#a>p*Tkj2RvxRRo
zTGNiqwql;Ys};nN+Z=#rY}q%D1YWk`E1hKsa4xND;1Y!kY&qBlNAIDx0lu($3%wl(
zbrj+<3XceTTPp;7=_iOiz0Ro4$$|SQKk&yT{@HEwerJk-C;z1w1Lf8M*V|(~L4r5p
zx-%Afv4cIhzDghpaA;T^cegHU0=HfgT-JqWg+810)}l!c*48t>ggOJftcA+ADW!tv
zGWOE5;v+9<<LOrqL#cUF*I|T<wX1sFyG$xYj>{T`Rj+}hp9u*I(v))m(DsBc&5nvw
zEMy!e-Q#ND7e+AvV5cqN@7@zv6$;N<tW44Nd0tmuUamq~m>Ftf<yhn!gry+yOGUJy
z>4C;o_%I-6g7;3?5uZHcNdJy|e@ZMG^_I1|eA_Q<cBF*`zeZ|;sSuojRaI7=1(3d2
zk>n3RZohxt(SnZy33F(b`hy^&60XBrK6mSAjVDO=j;9?8@?A)j=P?YLxnfeLx_o&4
z&hYrdIhSpT&jJDOcsu7%;p;3Bj9PY+C0>(vq-uby^LN`M6?*nmYG@``2Tos-2o$+m
zI}fdBJk^9;2etaOb{37}?{HA6JuC3mriWAK=RP1se%D%}KLMQXhx+lq0IasHBQUen
z|HOk6UxLANCI!mcRR7!kJn~zdU;8doAG#IJt)9M2Kmy!unC#mlUseZrmiH$Qf-L-E
zfj-Qf(F2@qMR~zlFEQf@jnWj%U>w4(*pNC`bk~~EuG@K27b{Pd)|5K8?(ry9Y_{`^
z_dC4}1E-#=?TkYkE3S{WdhgO^8jkv%dOFGX%}*sz|CWb)2XUK;8&<Ko!cO07ZjHRV
ztzbNC#`^0T2|Oaxv^~Z!AieSGU?i+&Rphs$wTN9|G<QnQDj(u$Md<}q!6T8t&GD9i
zCrWfIEHbE#T$QD#>+r9pMmqP~9{dJgRN>7$<K41(<&WK$UK}jd^PiC5O2gth+*6_s
znLq?}(lFiSqs}Y*RF?*4<!Z=cc<SvH!-#C1y-758!(s3+483(ljaF8(k6TE3K{-%9
zdPv6|t4CD?(8~Q&FfmC;KB8vT_~%pxAjzR`kU^<x{ORb=&D-SgsD@43b!R`)+ZVs$
z6~D}_4L_p$nM4p6K7eePc_vYJG@}@Tk*DdN6xY<UYNyS96#UEicn<0zCe3e9;|S#9
zxlb@o*7|T~t<c6Q4NbH19OH2)@Q&+_oU_KNCZZ_PIPxUt=iy&3A34W%?8xa%bJr`t
z@hGR#_e!>p#~4rfI`DquZ4=w2z}a_WnhY)q)MSsbL}o?aB$=0y5DVaO)7yN}Hw?=n
zLU$<^N~TjQJ|Y>?=g$z1zB*Z2QTnpM%}#i)Q$?@ihnw%lbY7huJ;cqM0p6kTQIsCi
z2&mTTSC*xP<0iNG5*qJs-)3MIl;KF`@m7Okw;=#0;mx!<Hko4_%h0Q^>#)kVO3kX?
zI!AUUF|<p)C<Z<p+NbQ-$k<6$FP=e-&q&fU*;P(Pn~gx++CfW}g&Yrwc=)*Gg%(!n
zs!G+nnV0-UqLHE_BFc&RX2w!#N66BWrV`g~JsJMmeIqA&OoQF~h-t`}d!$1xWkq+~
z)6CA~fvpN;5s2Mf?}9Vgk%#o+?z46cd7>`&zz(6^d~|twcYzGJ3K?K_A1?cPeli%9
zE@KhW9i(6On9Un$hN@|M)!1&}s@)uvdONyRD|Ru+gGS77KN(CsS`eJa@F5|z<ro^T
zdwVxAR-Eq!=$lE3dF5!yCYooG#&eN0zDlcO#tjJxkVj!IaR%I^*{@@pOO#CW6xl?@
z=e(90Qi%^s9-Xb{J6C~3WoHw_l0`6Tt;7zY3@bC^pGeo9_@9FaA6y!&+589=rc<N3
z@x>K{LxkL-#qyKJu2mp?WoaYhz}XV*O+>Ya*&qDWwar8=AL{UPDwM*fZo!ClhGZyy
zRC-9<9a~X@w3^90$`HKc!>j{2W`dKaSyb9Cxi1xHHl&GrYB3@B@y=%S@^r`XB1S|E
zq*f+}Q{`?-<7%ptRMrDIt6lKHep(+{N?84T+<n*7J|;GV^RbJOw79X7qrY8!S!A0p
z6>_!qSe9<T@nU$-T=95r8n_6s*n>2v#iGuVPUU%#8IK%$lP>XHH})t}X1W-o25T0r
z>YMN%Mq(=NGC+DBOOY&FlmFl%g+g9tIhfBY<e?H*ud5jjNUd^?57W7uVl(=3;<<Jn
zZn;DmW(X5CDy<HVbqJ{PZk6=O%h?*RPlGcs5lU|P<`dx#-hmyQNqXQv_BA^;&B=CW
zRs})oD9ze6W)Q0mDcoQhXH*ZQ#_OtT*AY|C*_mTN#z7-eM-kVqKA?L{XS`_(?L<DQ
ze1C;KuyXHXwov0w45{G*gZSu5v`GZ4ulon_q2vL(rr2MPgx7!W%>FKyOKviM!r2m^
zw!@4<!<zTUCcifB_A_z7>*V5<CQL;!a&p0T)GHl2g}}+e;*7o;G;32ir~%`jzS8`5
z3lCqir!oA-k6cs|#94(mSTk(99|^~ytj2wICHtjpOK}?ldoNL{SL0^Y*Y?Lr;!nn6
z7Rz%^pYRNO(HhL%mnhO};8iu>c)BPba%g*>bWMu&!mq>M4{hpeKQNI6s8aMFF+Ke9
z-YMteyzN_O{Mb$yhbrwL>b%kMDh@(q-$<_f#yH9D&Dm4AaMmO|&#el`dNbSq>S^3Z
zrf6SPhZRC6qBio3ol~F&qFiUJQ^23MQ>=5$=R5{4c1H<At;j{$#Pj3u!cSW!hm*v4
z+x=MXYS9)v`0=*T9$zP{y}Np71w>A^t_9YbBVMRXk{vpqe`5Z&)LAdDWA@FuS~WF<
z;caZZOBHs#BUiC<^}1dL*He=2v)KN?CoHZjcir-*D++l1{d%2iv5at1gogPw(PWX=
zBAN%EcMHh3arNE6@x}6XR5a%rJ_8dbQ}P)4qSt&WbAD>VerO?Y^rWZEW%MwTv#Fh<
zkE5k~IQen1-^E|O9Ps6t)5G(;g+VIg<PJBGNxFh`PhBRPHQ1v|y&Jri`G{f{i?F#x
zD%Npxnm^B$L$=S<$8$C>gJFV2cQl7YdfU^x;|`?-nG}5u>glTU4X?nLH{ZrKYY{Hz
zU{d*AoNbC!owo<o&iHw%xh-k@fK+$4A_56RWFp6t8}DyCSV`L4<zt?qCXy^1@BN76
z!iNkw=@seA`7x7Y%>TowzK=YPlS&8$xi-mnO|-Zw%X48`P72RdNT~(q(^U1`QpCpI
z(1LP<PK$M1t71Hz39;K*JwENMu0uNaOa*v9TWF+psZO&~M;hvBW1f3*bSrWEL1XG%
ziQ)6ttAT1`cKJ3kKU<vftQ&2SK0x3>#U#7hpq7W-DXi7%FuPc#e6QZnY@}OQuh-3$
zL#kb}Zw3wC7`nJo943{Tf3{y9o?V$B1~GQ_YcU@tAn===0GiX90BBBZAKQME>fu*9
zLzRQ5*di~N*UEpvkq$MLPc2Yi4?NRqyR4Q{iuO_d0YtZQIM$v_;7Ve|gyc2f!Y>vO
zHgT?UZs15^OoE<{f@TKJ%GWgep~Dx4bV@-!%!>f$8d3e?)k!?u5(x=lzB|yqjp9=P
z*{_4qk(Y??_;&;5{~KW0cpV4lT-}U8{FsFkaJV0WSjN0;sdX;2RF3oVUYx9=v--?-
z2D|-7SP{(OHW(Mo&tRgm&Lr%){u4~?57M>H?qC+U&JQ;z;D3nLz&!H@XZ%AZ%m&H(
zk8qlQ;Eew_1=`?se=7IiM`t&9>)*NG1`Ym0x&KZ^`w#3K=NdMb<FHzHR<+8lDF9?2
zxbr#w$Pa)d0YAtU6dVW}R|K34&JO^V2J!@dBnzG@{^P^6Ka&OUt28IM)fMmtX<!e=
zvm5-UleoIMlN*T#Fa-E1@HyQBexcR(*n;eatl)Yfc$sDMKgEC7$#>QK&#(Wa24;iT
ZWTpCp5$5h8ui+t195wv~d&DvFe*xL4kD>qo
literal 10164
zcmch7bySpH)bB8kGJr@562dUFbUD%^odVJ&T>?W45~8$pmvo3CQi61Yq*4lk#84uj
zNTY;=-@(^6?zh%m_rJ?p!*k|5C->QB@8ACIiO{^INK8me2!TL|m6hafLm+tfL3tMr
z1^@90Rjj}R4|`it22wsm{}p_Rw=qz*Rab{x17$em0^SA4xw9q^&>oNcPZ<xCX(8u-
z*FzwBcy#}i@8EI#+dj+z0{hd(7Cg`Xl)wk{{_{MShxhM@dC<RG<K53Y_jehxd)DpN
zJkkj~2was6u@DFm#n}fBl96=<0)Y}a=ookysH=%txj6G$Si4x-@OnGDp7nxAc#DCe
zvyF!Z!rR#igBA0ZME-6e2FhpEd`QIaCLWHGNCS0Egsh9Z4MK!hn3o?ZMTkHkB;2iS
z#cs<f{OJz9Nh0k%JY2>2_`JNlc)f&pUEJ;X1Vlwe`S=C-1O<6O3m&Ww#>2v!2ZLq)
zYmmRkk+Z>CxjVReIJjUCXX9E}y4>@SL?X{7`seSjb$U41{yP%}`)6BVgM4Ri_yl<Q
z`TiLjbd@-(71MBcumLlljV~o2@w?^!QTOjWf3?@NckyrmQgC;$QpR}LxVyRoiTv&@
z_^0>(y~Y0?>$VNn#p&KzXI+eght%H#{IBZ&-AmTR8BB`Bo~>Bq&z%3Q`_o>6?@V0(
z5#L{D^Sc%tjufE;-#-T}MK~NA83}=~6e`Qz)bYk!&&IFT=|1U|rzD0ex!jh2s;W*}
zkrzQm%B>|D<a$x*#su0Z9@)ZxMk6jj!y^L%0yTw6E8Zj3WvS&kk%YIQH{}I>kqk*E
z4Q{kPblD%A*$+M05aq7I+WGBf4!7*@`|UPi?c9%#=6<z)PE_?f{wj-{_TxSIn&do|
zWQmM_1RKhgcENn+{=lR#D(e2ZFI|ZJJntf7<KFr-budMNOe*8+sf%>i2RO2q-YVgd
z^+~~650^7fPmZv`){H5yg*$L2ZrzuI@kv@?1qZ|ar@ImCIS8^JyQfE+(%;|7(i=6n
z+k72))^_lTXylnn3azx?aVn3oN-B2)W~Nb*@!|JSI*k3~t7nz3Kv}CZl(<Cy<>{v=
zK82KYG#l*`JLqLyc^I!HRQh<UvzO5y_d@%5^!G~D$Gobk+{z^^b-PI#QVy}0iHbnu
zgK=XQ(@M+kQ4Q&nA@NPzy^p57ag1@LzTdxS9S8IsS7hC3xu3s!ev@raX|-vy^=P%^
zCC7Eg@zQ3W-JxvpI>(RYxI>qgA5`fE<4NoqBVmt-s5ho+q7u8KsLfjLi|pCs>fJuC
zO;$ZujAM{KnjB`+$icNf^kp#*4I^QUjU<uSY7ZfxkRfULxmsf3`TjJz>?u!S2>dA}
z-o`3+Wyp=)?&(J}{}U0^T2}<cuj3WzI_K%V`Ho=YI?U3L<vYz%gG#W)tm)A{8c}!a
z;T%b@Hc{s(;nIP+IX~k(bl~W74XcVvj8baL0eI(bWsBYWF{c0VrCF|ci(!>*&E2uc
z{Bvb_ce(M`jyBuoDy_oE-1gQCom6^bui6dgs9(AsM1P!NcKnI@DX0;*f0t*M`*6?f
z*H3E2?NEMHoWxGw&QgD+;A2zINpSp+c};(AG;QvE`$$6VFq9>_*|I-tcDnPpLRR3z
z7!w(3U<iRZbM$CH$it&OQ{VNPD_5KGqAv|;ZO*ndux>N;38*{GHa7r~U%sX@Usx*|
zMa|daJHL|5seK*n$-0j;3o)R+^ftw6nwB|m(_lH2On<ac-A$M9@-;ctk0w}RJ*!`*
zC($WIhR;+kQx4`zOYiL*uH<fxm(e|(sCA|bqvA30SRP2%Dp0V{CZy&yskYaOp8N69
zOykMjv0~?`Y8nAcxe~pyNJ>s}&%WYkA@J}3S*V;$y=;TU?oz*Ec!B5oR6SiEpFxFr
zj)V_9Vk=C#x<P!i8T;j3{uN3Sd~koFk4B#=Cn?0xCK%Q_8LoaZSoq=EHf<?DE{cDN
zzR%TRtXOw26Gg(+TeMPKQZCaCMzpZumz1-6ck#VJ<OO2dWG?+nd>2p`cWa#{1>Fz$
zQ#&`2UBM^5t1q5!^;U!@ztnj_z895GRfagMoyIV;e<x*qFQtZmM4|X~Z`!48=Pj3W
zEIASZH6Xqq{_W$-mD%W<=jsA{i5X$C!QB=*-GfoR0qh-LLW~b~`uX_GS|#S_yGe?*
z3VK#@{rx_55kL{R+Ma6y$sKj`d%q5c{fBteczP5sbLm;<1q%fVMCL>GHXgSf+g!TF
zf8pEcbCQCbz7eps@PUgQ_{aw%<U{R=;Tq9U2VI?3xJehxm3MDrMpbxG!~dstG{!w{
zH$n@M6!tcmlfoF9fanpXmf*N}`90ew!L*!-dxGASA43yaRg(M64?UtR%s7K{zNYHn
zktuOPakLHYOO^qzM=ipxu5juCO*SF0e%f<`K$p)OCDGFJ5UDALOd_72VhXccskgpZ
zD#$sg$L=1BhDv65S*3F@K|>+u=#d=;^z3MU=)p}P+ktsJ4+Av2#i3dw6TGu%J*eR(
zp>2@H>rXOVg7M4`WTQi`%j^oJ_tYeKB`Jp%`&E+j@6Kd>zoZ2VCY5jQ88h?3(K4_8
z8jPWkk0D*7)_4~o`aV>)lAINajHid%CNI7n4_T#G68^kiH)l(0X)mM_6#(~^3wS<X
z9x9&S;^~69A}g5ox`V)3!GVkvj}JaSwRM~suXMrgTJIR=elX{<I7PjsRP6MGx=G7z
z3vhk9;8(E0j<Rb#x<wOrKh5GeJgpY4F+rusx41n!r!$)wmYD6oazl|2yxF`<NCtA9
zHMa1;-12jvYaT&b2PIPi0%HLN?#2YQB3R5|LCkp*>aI?#hA=rq7KADcUb=fjV6dK1
zjVW1#YrNEuVwT{93Xg0n1k&%=aGwiV-McXuvpf^BqiX~^Mg}-`{>+M;Ik-3ev<&X8
z+@40)Dze$rzsvqizMT)+(TzE^>u&eXuZVr&lP^(<tco;*Y^54w2>L&2{N8RfgJcHr
z6$8Q7WwjBRbP8V01_HJNX-bbOL`rX6Nq<QXR_%1F{bHekEPJ>QDk3a0-6KtJEkpmK
zA)92TRmy#!;|Z{VMgga9%eb2SvaS}oP%SOR+i;t!+&rEXKFAbi=wvPg#n+_h=IAT5
zc|l_>m_(}Y)cRRIJRGe9Ev>=qMMvEiUKr@Y*A~dIKA`Su=TnFhV}T;)Lm;Xe{F`jk
z-5AU7F*A7+f)WaNSIL1dtA&M!cx>QAdkS3$9CN(a*c6hYe;SnB`13jk7CuvvnW<4p
z#}My-un;zxR9FqVDLrn-4omjxHGidwszW0x>Bg_wdbz5%MC@A^HN&k%@hnkmLYLne
zbq8K7oRFwDs=4cbyvR5i9{cdoWaN$Tu)BtSmQMrVCZ#a3d#lMPmpdyhL|wRwC=TP~
zsuj_uec;P1-anByVBCYS_WIznXu{;$nF7&PsK7M3S(h8YN5`OM!vncZ8-=B%kJf~u
zFHs}_(=cq?D$(c;S9&6chT+K5_$_3@E?rIAT+wqvEQk7_?BA5nN~m^r@n2$zY3tlu
z5ck?Jsl&{uqh>zTyIBoNc>40Ps>1{|+S?|GU5q~zX`OSF=?f*HyS1>KCGK^pAh@OL
zC#lkGjpN5nzx}3x(F7Pc_BvQSR@`$Es-^1f<8(|W_xhyXZCI@<Ny3~UD>@y6pr
z7O=X;&|&Fc$J>j&GjHWG24b*J$vL156bMh*=#+h-VDEK-la3EPF?7$>GkYjIH)fh#
zW}DOTcN{9Sr2S9drf`YAwWQ&GWaUWqViI`U4P3*^rj5quIrk%>U2*BP;ltwviX<%?
z@l+a1QRp3lG))1Gq$o;Gnfb9Y=-13lCfQJ(mv>HL#W&hF)+Q<o<fEtx6k=ZQ{8*bz
znqh*Ut8<xa1yE!nR<F#6$DjhzS?#%QL^y4<ws5r7Num#YvcqVhOY0%q)ifcyOC)^+
z47<(E_r8r|nphlw(xx-Tr&Q7%CjcjCLCH^CYT0SB0ML<;=>hQZ&ApGheGZo%f2Ct?
zNn}+`oM)nZ85}l_#2#!dw4JQGtcw?VE2|xMG6)dx3z_KXgPRM70_Y*-xt4}~^Hp4x
zSs~hfv~choi3GpL7tIX2P==Rs76D4s9GZ~Lp6G4Y7T0#q&Dj`bG4Cw|pW37mFt%TS
z6=!~N1^_%DVKL`L4tP!KD|UI6^T0iM4THwae5SwQYVI_67hnq@XddI*3PEuSJ6e&u
z)lQSIG^7qc&-!k5<0{w$s&WKa;TGkCTrZo0W;zmHm^OLZmjQ$zL=%>ynPW~&pf-{(
z8<uv|n?FJLr3ef^0_V48+IrhE5HnD=UOV&M3T3el{4hc0?H9M7^)mQ!uW6b{o8AA)
zYD-b$Jbk^~=o&C@q{4X3cv3@)T}4;x8VDLo68V6|t$|gDXcwyaY<1uhyl))qs;v5~
zC#p;VE}tNt6Y(wvz>!X;%PZ>rO>VI|Q2BN%Xb*17lDU#@1^a2lUoeGAR1Gnl$)=uR
zO?Z)3*uFggFX7ST#AEwvVAaFi7JDlBy9ZHoYt8Hl>RgII>Wi=oBn)a<X*&k=t<G6#
zSGc^~dX~C4((4-{n1sKRR-L9LcAj&|dAzF>^-)a#^-3f^Jeewxo4tLMqi`nU4X?%9
z`d1?1#1fvJ{nP`a9d|b-tHLH9?&Gj=<Ku+l**`g<hN=+R-R)k+sump`ku;=YU{Tno
z!HYQDeA>cCQlI<lH6JrX9D4+N#+9S=^;4+v$lyT`FOFUJ^g=q_8v<5BDX7)=^@8V6
zDEr`YfTVbJi*;J={}7Ij{Pw-50?rZ!!2}ZEU{fZ71B0_IzJ^UNZTeHyxGz-;k@Et1
zW)r|Ln5{0oQiGd)g_`*?A@x;4L|@r}^f?0C2Z??8b&50tAGe7_6MmOdsfSzpLpw6)
zYB!ef=#F^5IOy!PQ9jLw!_*N)J}3ZIP3v8m^g_$l${Sa&5f=nWC4e)V%tdR?5<6mI
zXoNy-WPM%=hwH0WNgFzFfH@Qpq}WbbaOAbyCNYXy88#FOCerc<8v>XmruBG7)fOqW
zJ0Ns$Ba-y_TFtZADD;&;v?Z!^2S8hCJ?-8atq*L`^?s4)x8(3H94S-l?vS{4>I*Tj
zG13$?BKSoS52rRb#BPE<+|z^ec^kkC!2574aWzKdft2i|N^5N0>9%znRbGgrJ)Lrs
zGo;lYj!9mbc_?li$#WlE{O+s^yNNu*^geC5HT07dDP@|IdTZ^0=fYVBG14>%F9kVO
z5w4q|W9(@b1LX^A)8FonMJG!d6L@4b%s4d-RLNWywDCEKRx-b8;1tOj@zp|BKq#Tu
zqBAtB;|O5r-C=2Vw|<_wiua#DfS~vCPK*DqQ(zChfb(JA(PaaYSekJaeYMdAuGb{x
zF#xf41X`!&?)P3br!vH_@80b^GROD2zHR={{sFz7*6M7F_#6ODNdHe=5!}UH>6X)c
zcM5IN`?5r_mg1$MrDoy}e|mUYu!RxBU({n)ZgCSGk?q_kjM7LNzEtAm*~f{&)mN4k
zg}~*=;cs!xV2x@mhHZW=&WWsYVZ?MjM%^awdOmGAQ&19}IP99TjwHIUN%mr<JeaE0
ztjnrD8=o+jOvonetTP#NnI0zSM#p>^d8P`GzjBrT3&X-30kZMH{C6N!I`pjo*9}1Q
zmhB$8Qg@9@ewqL?udApUAer&ci+Ox$->-HUop?{$v|D0!QmmZB_Sy9b5fyhh&FWYQ
zwe(;Z&u6VScjaxrXk_MYclpD<`Nt8!Y%p8Zb^~dZ)^8Hu7bpr1*_Dmr8nD>>s!Z5T
zymDLLn{?jSdzTf})6`lU)DD-eO2U>ymZz(E9Ne9x2$HVPQ4$@|q+|16Yp7?sXd?u}
z1j3z#g~^Qi$79O;?Nj<fkyuj40hk4~XPbH55-|0ZcAR9Xe60tTz%7H-ThTb|*$$>~
z>Ay*26}?%1jr+2UydIIj)XreW-VJeZ?|{;5gRsC(-q`vR1?WE*J;ZNEOe>6_aP0OQ
zEacUTfJGY4sJ*sUV0dz5dsDQNsT3l8=-T%{k!|E{9Cx}wY>LLc-Ad70<OwpTqqj0l
z3(-L6?jvte{=){f7W*4BH=VfUoAPt>28ektRw_#!Z+|ud@g9CzDu>n+wRAyx!m;){
zkFE>dz2qvpD?3_f*(j<-1Y;TBV-0T9;x4|Q?>@pqstbSo9@v~l&-J&NtWJ@A-uS27
zw1d2o-Wkh@B4y^<71X8M;HA+t??M^~7k5y>#54NkCK10z8t;9R@Y!*-)yNjpZT8+?
zpRU{O@jpF2G_JP48Q-U8eY1xDQKz56*tlL@geGwrjGWE6Rehl%i-`4fUn9sl;Q@Bm
z884IK+S}whn>D5+E5AbBp5-tR>ql~IBX`4(-^C@+v!y~UMD?V?oTfh1NDnf#3ZNuN
zw<d6DyxW5{O7j8zWQ<|wPYxU|7W0t0y#5qbVhODwFA7p2_@I)f(nGg8UAH-qE>uZf
z&tH0LxX5nx!;7vsH{C6h@FQd-yGj=2McCpC;IU(_itj~omGgT~*ElK)u*~mp0|21i
zy&>t%3mAs((T?w~GKUm07I$JDffqj9T^Y=!z;Q4$EzW6)%Gri4g`7NXC=y-9RKJzu
zv5L!(Gf1z<EzA$->KX46zUq=*^plQBf@WR=t^s*%E%u8h*~{wkk{FwWnsvgw03XVF
zWE_!7;q=H(BEg_6x_`Kqm8S7i&Q>KYxlg4-j#xsu_Vd^`U+3D|B&{jxWge_)WaYh^
z3EyZv!uS>e2I6}5!|`Xa&4Z<h4y<7BMX<Z9&s7>51!8-e-W<22Q)y%});Hv{Hs+5V
zbGxx7sv!c~gb8$%-Jj#Ghj9g9GeYj*OKtY>P@lQgt;YcaF>NciGNJ<PVAdE3af{pf
zuwzyPc5$;IX&E_BgO^S>d@Jq4WjudiWDk5do;JX}70}B)RTOOZ<lD`lf~eCRaR**#
z4q1G|_F9Ot>Ho(e<D+XLPo6Ok$|LT<EA%5L*`kTtCW52Kq6Y6=Sd&{O3>t{xN=#&i
zwvwA`d3X+)w-I}CJtc7xzqdR<QyV5k^;{+8TDhM3<A&`Y<O#FL`AEogWTgm26T>Uk
zbApqxJ!^yLjF{kw-pLK|)HhT%7(oKfG5L01sMBCqYViX#4Stl<w}GCJAFE^7Y1E_0
znVn=|vaK9Q=3NG9KZ$V32TL>F{%%F*kn>sXAb7m<M2=v^(gu^ooPs9X%7j=f-hQS+
zR^v8HOkDU^T~0gj0w@gbOEaAyYA8V^4}PE?FfkZG!A{w<eZ;NeOSbi>y{vAwcp`?6
zUG;usKraYXlDQ2NMg4}3@;Z`#<Lg<9gKvP^*>C$b<AcKC=Vq611Om8vlfs-<po5m}
z;5}(&CbMGf*6R<GRdzlP@ld^E+Sk%E^M(sPN1;901Ik1n9BlO^Fb__rH9t`vs&$?Q
zv|VUJ$9VJ=f!7h;2@P*H9tVA=0HNsoM|uhG_)SjjLb=)>-$ymDeGv^>Yi#5%-Q^H9
zaQ@KOdGjCS)~_ob%1KhX6b`62cj?>#-ufoc8G;~f5fB)91D)zpRa=rr!^l|>*d)Xa
zU7(ZUKqvoSjpGl5r3>j^VU7yoq}~eoRB6ivT`S4}Q1mXT5)Q{d*WkOq0j`Rq|EWaN
z2)Nt`k?<FfffxwL!Rrd@u9}Z`i~+G@WGl;^`b$Og{Mo!p#842y9?Z{gF?A4`u3b%_
z?fRe!RtY2MQ(%GL8UyjwCvY<;_yo>ino>MiWzf8iI@r=3u%&JCe%>XN(?t6!3t%#b
z@??_PyQmD)P9y=tNS)3oZU?M4-~elQI`47<m+}d4j|T7|TLtwk4lMAW^!Hb?y-v5|
z`~ency(?gICmCGFW{EN)YF>IlYq)PW38R$6YNAp?3xKtnI>r@#CqH2Wzae@hf0=pT
zM$7)4<vW$9#(+sJpcPT6#mxMS%9R4#>iaN8zZ)K3-U-<aIZah_-qy{uDxSzyIk<(;
z)+iJl@!{PT#V$AR&-$tn4IGE9n59#b%gT5r<x(w>NFC&X2njsq0ceg64k+lL=V%qb
zw<>oEVx08A2#W0yRlbLNlXk;WM@|5m?{ChzJX6oSz7BBAaJKk95nnT!hr9bzchvJ+
z*>9^uj}LcI&Qp|hA?xNfMk=pV_CCK!ntbVZe6Y>^`U8kCK?LM(H2HB14isza``1yI
z`h^RAseEP(fdG8g=q?ZE4oeUW5Poc@(2&>$%yv$$z3+T`;LFyZktfjywk<cPdLMqt
z4+H1|jTfzzFY{=s#&I8z!&>K`e@(Z`nQXwWT=l}ef2K-3O~gvh)_yzRsjfY@B!rbk
zPrw!1`JKMJ|J%#99LJx}bvt;uiEPPj#a^jT%h}^4(WFy|&qY3YU%fgd2&``Tm23P-
zGDQrw^he*n%CdQxo^hX@=|4k6Xh4kBpUOigayR5znxt>-B-9PW)Gp22J%CT_TX<b;
zRC6s->+vvvgB5ZU=bcDXiFN}+z}_v%dSb5{KfiU=iTJc%avvxA#H`H^{@`f6ZaZ!(
z7?25LPvnUl9pghyg=#~E_n@lOMvvs#4J|U4r)r&5n+%=+^1B*@w1D_5)-9pxfmgO2
z4!Xo29xTS8TxRKg>pZ^RZqx=|8wA|i=hf>`U*t2dJKNXY|FKH_)AbE&^!)4jr$<7}
z{<osHqK=vXZT&8I?__^&_)$Xj&;<<UM#r(klAwr}6m`ftox`PVA#R~+^qPms<tpWc
zcc+CVw~Lkp9nOXL-UD3u;m#5`u&Z@$AOS#A$Zb?z1lB*WRjyTVVK;x`8hj163b^6C
z)D~6c#pwBm^Hdgz2g(x90D!q6eub8~4RFUS6BE(W!QPCL_rK@;0BEJ$q+zFr&ZR48
z%UNXy#32>~sp(s9Xs1v!9@_SoDLd8XIVN{32ud$gB`ux4h<d%*_Uja62z-tY+^`**
zX;2ReRGE24(1f7z!|uq-TE9Z&Wumz753?S3Nzn+{MJQjdF?oZ}?3p_pO(S%m-C<C#
zlz^mia*Y5%Qt`^0q%f{T?ORh1!q@~8Yir0koW4!<qj;EVt&Psh>;`kGapg0X3+;}w
z94roNAZq}7Z(*{#^w<m#)s%dY&Y4ofD!g+S_*W}+IU+8%^O=YFWKnZbZ7w#f<Qz@U
zorX>#lM1})k3V0iwNZOwP-%H38wAbKs!4elFHtg!(9_Qv9{zag@BDV_`75j5*aF2k
zDUUCtdqw&$@8s)p1c&vb>LQ8v(;}CffKiD48Xv0l4RGbx&tqjjgu11^kSRzLY8ExA
za4c`=8DHY7QV!cgEq;BMs8^`$>OR<;CM5VPiR|Q82$A(WlR_@Wnt`ROg}Es%J2CXL
zVqy<}3Oh(0i!P9iR9f}kc+STDZqquA?)23Xz`11@2(nC;O?n1OsamJDOk}Ohm47#^
zkS2N{OEgKGo_ZNr*+nYW9hu`R_;~$(a}W3Po!6&o8cb<O1#+h9To?;ju+!LZOPyYR
zG76vFL6m^S4RMKU#kZdkGIN`-;8-JPKq|-JiN4vx%P!&ccY3?=JA?<a#UDq8IB;}^
zA&6p-r1*qFAqzxhuOY-tl+0*Z+K2X+N;)dSnHV}bj1D^)PthUacE;5*(V^zV%-kDz
z+Rs2j1V>(FJ7`(m4gdE1I^TnZ<a7^?^rEjt>3XrsAx61pr4KO~E<(z#R8Gd%rK>GJ
z47`InJX<WbC$hr0#)zgI=QnONe#;Pc2nv?v$AFZI-f#f9sLZh3YiH79=E8QHtDJ$3
z$>?(%4?i<4Su;X$yU`2VZm!n#r?28H1%wH%8pu=i&p&dGl4px|5E4q<d&a*U+QutE
z^*Ih!$fzHnbqJDO@D-ujNR|kS!E>5DQwe}GP!9E?czNqu?gJ>ufOU+McDTLD)^z_K
zM@B-Z6R255UXwpSjdogo^pq73+ex9uASL+W69M9q;BqKra(OVbz_Zt)a3DrDjUnpw
z=yfuixTARPvGpRBvJ0a;@p|1)mxQ8`TXBw^{8`Wa23!!~Ng?Alm_&%7dN_Iy86e&{
zL8CD)LEAH@9P1~Ddb3cfCx@UTL)>@HrDM@9`_(g$G+8`#Mv|VncTVq-F&nZzT2M6X
zG%brn6OzX_D0d{4^G2b^N#h&d&~Dt-h21{$poBRd_Y7gLLP2rdRlfuo9|Zi~?X9OJ
z{m6I`P<$2IWOO-@@(djWv74Gw1(q^_q6luR82%K2m!3%}@pbhT+?p5^OBc%Z<Pqo3
z$bfle{m1eMM?eNx6MNNMgK{dNm)Xv1G&XWW7hnc~`~*>?cYVrSH-7R!Unm5O)f&vj
ziJVMy_I}U47aQ|qAyfXB3@WMbB7J)1z&mYIvid9VidSYJWi@$!puBKsws@_0;7(y0
zUF?qAh(<ac`xRC>m;_sZx<#OeR3Qn_^Q+V8pFZ4}lQUWFSuBw&jzXhh6Z7%vv{^)t
z8~!4$T%Z@TCp<;Nul9boe!IyfI~9c{h1I&uN%@~XSV{aBB?i*fMzRMjHq+6ni7H+T
zM9xbF0@NyE|E}E!W&JmnL<8%11`#RGAYyoXxoHzP@D&q_?!OxZM9gfh|96bY%Ut6x
z&F20y2Bb0*`015_^idy_aGLvXcFh;+ySJ7u?p3~v>BHUlJv|C<5KMHe3?_;~KO(%m
zI$rk8#O~jTEKz>B(hhu3KeCA?uT4M%WPdB2_>1}Vqo}B)Ynn<eIko3sihTMxyuDjC
z&!oW}xHk7$#&o(BC00$?F`Ky+%C^BWEc?CrTPC##^1!H&cJ|x{J0Q&^z8U?8ME0Z5
zT<h7~WnVwbQGmd^OsgOin|=8YDd+<2!hj9-h--tq#zW+@7P$A#d5|2=7I93)>i*km
z&i~g5AY%+m40bWcQVAn>V9f~4Mvt$+e~Rhr0#5O-1-Swumzu{&r;@I1_(?T2o*BI2
z<^hN@vmHzR*%_SIlNr0XpTe{*513q5)zk+dZ;-93x7H(in}8Cpjex^*asM!B4>?aA
zC>wT3Jy&X`Vd(E8MV)01$WB3wAeQU(pJAM)rprymR}%kSaTmthZWUmzF>!6bTqPjp
zJES)NT>tPwJG-R#PXKTx=1fNa<M+-Q))?GbOaj!GKkfeK1jVd<xqo(LzC1(Pw6Ivq
z9^2iZdus%M+gBm&3CxOjycf;`e)XT@?gpaq2ckJfYCcs;0O?`zkB0vYk~a}Ex1uo>
z6<`L7WsnrJc}uw>#^t$4{{j{nFb6wR$v>I`uoysP^Z(HlNF|+2cZS#EzF{(u3K1Sv
zUYf8&BG&oe&4SE-u;He{rrP13GX#ln=v8q~kMd&6zr&;XSN*)qo}J+PT)Mk02K+>U
zu8@g#^Ba%|03kw-yYZVSUm&L!it_-nR@n`Myne}axwsI@3tZDP!gMZq7|`~>W&13p
z=s)4|3|l|IUE?`p_&dlDo}CN}xIS+Z%vE~S@`cSPQz<QwhQI<J!UGtQ*=C<gLGH5X
z_iu8g{ax)@Kmx8^6mMe^B<Mw{Gdtf{euG=Q3(;b6J3aPk6+kQKhw1<XS}UFHg@%HV
zCyQeK&hpSbDPFf-1a5+|NBxStRB5tB7VU`j+wmK1v>*WlWkny{1Mqk#)71)7YE*xn
zT_eX@;?ce8bd~V4EM$8Z=E}<(xn7I5{5D#&*iNsGpz})~47kBtMHoK{xTgLTu8(8-
zX6x5=)+TW6!rY#VWHv9ZL6PQg>u(e46Uwxr?ksUduLXYqBDI|w`dlNI0fouJI-iS}
zNqep{bPvR;q=77?{FQV<n?26hSbT7&>Ln!;*`ROOLE3RAy+oc&$rLKpjZuic((yC+
zg>U%>EZJ5T1Z&t6O|#fcv0;U3#>uaRYNcRJ!Tpv)5Wv*ddg6RgX>_*u4zudyyhI{Q
z(3_;~xQb?~-DQIx3cHvf1a~?(fM2Zh+H1BTWm0rxHj@IJ%T^>rqXUF>>n1k;TAY}f
z8*%N8xn2c87e8iHYxsbaK*dkkrdoq(@axKk1vQ$eFM9pSZ4ek5mZ;MHd}6S|qBE<>
zLitfy4+vBVwuYEpq{Qq1TO2AX1LAIt6j&tM9i(w#!oEY>=7d~U;C2d>ZtJ-7UaCPt
zF$8H7#6p-fuf;uHPbbWmT1ymWxaDaC$Uq%XHqi)Lhws|pCux}QoYB_pIMTp-vnPPm
zzFC^Q(7XcjUx2y}u&boI?zfQ5Sy#|nWRlDYQk7W&e^fdgodJVJwu>>S(fq(CVTcY+
zveoxM1F`v1Aof&X;|;N~gTxB&H+a`f^nqa^Q-b0NWwVCsme5PXfr=s{XIK_qX;L6b
zVS)1-mc7fNLj_!OkreoDSCtAuwg8Rxs`SMs(bM0R2j?vgjkQ9}{xBm1DQ%V*;DSdq
hOPI)%?m>UyV|AP^V?3THpZ#1-S^kz>xr}+x{{WOuwq*bS
diff --git a/userguide/site/index.html b/userguide/site/index.html
index 88c17ade..25359187 100644
--- a/userguide/site/index.html
+++ b/userguide/site/index.html
@@ -109,6 +109,11 @@
</div>
</div></div>
<div class="col-md-9" role="main"><a class="md-content__icon pdf-download-btn" download href="pdf/combined.pdf" title="Download"><i class="fa fas fa-download"></i><small> PDF</small></a>
+<style type="text/css">
+img{
+height:400px;
+}
+</style>
<h1 id="getting-started">Getting Started</h1>
<p>JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database.</p>
<h2 id="obtaining-jams">Obtaining JAMS</h2>
@@ -126,9 +131,7 @@
<p>In the JAMS paradigm, a device (Jami client) requests a certificate to the server then presents it to other devices to be recognized as a valid member of the organization. Therefore, JAMS must be provided with a certificate authority in order to work properly.</p>
<p>In order to be completely secure, JAMS does not generate certificates for devices, but instead issues certificates based on a certificate signing request sent to it by the device, therefore removing the need to send a private key over the wire.</p>
<p>The diagram below shows the entire process of how a device enrolls with JAMS:</p>
-<p align="center">
-<img alt="Device Enrollement" src="img/device_enroll.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/device_enroll.png" title="Device Enrollement"/></p>
<p>​ </p>
<h2 id="getting-started_1">Getting Started</h2>
<ol>
@@ -176,16 +179,12 @@ An example of the command would be: </p>
<p>Please note that any port above 1024 can be safely used to run JAMS.</p>
<h2 id="step-1-create-your-admininistrator-account">Step 1: create your admininistrator account</h2>
<p>This account will have administrative control and the rights to manage your users and group of Jami users.</p>
-<p align="center">
-<img alt="Create an admin account" src="img/step1.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/step1.png" title="Create an admin account"/></p>
<h2 id="step-2-setup-the-certification-authority">Step 2: setup the Certification Authority</h2>
<p>The second step is to define your Certification Authority. </p>
<p><strong>Important:</strong> a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server.</p>
-<p align="center">
-<img alt="Create an admin account" src="img/step2-1.png" style="height:400px;"/>
-<img alt="Create an admin account" src="img/step2-2.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/step2-1.png" title="Certification Authority Create"/></p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/step2-2.png" title="Certification Authority Import"/></p>
<p>This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following
articles to get familiar with the processes and practices which surround it:</p>
<p><a href="https://www.securew2.com/blog/public-key-infrastructure-explained/">https://www.securew2.com/blog/public-key-infrastructure-explained/</a>
@@ -200,9 +199,7 @@ articles to get familiar with the processes and practices which surround it:</p>
<p><br/></p>
<h3 id="option-1-ldap-authentication">Option 1: LDAP authentication</h3>
<p>If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups.</p>
-<p align="center">
-<img src="img/ldap.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/ldap.png" title="LDAP"/></p>
<p>Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help:</p>
<table>
<thead>
@@ -241,9 +238,7 @@ articles to get familiar with the processes and practices which surround it:</p>
<p><br/></p>
<h3 id="option-2-microsoft-active-directory">Option 2: Microsoft Active Directory</h3>
<p>If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups.</p>
-<p align="center">
-<img src="img/ad.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/ad.png" title="AD"/></p>
<p>Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help:</p>
<table>
<thead>
@@ -282,15 +277,11 @@ articles to get familiar with the processes and practices which surround it:</p>
<p><br/></p>
<h3 id="option-3-local-embedded-database">Option 3: local embedded database</h3>
<p>The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface.</p>
-<p align="center">
-<img src="img/local.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/local.png" title="Local"/></p>
<p><strong>Advanced settings:</strong> by default, the option "Use public nameserver" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization.</p>
<p>If you want your users to be searchable by external users and allow them to communicate with any Jami users, and not only the one from your organization, enable this option,</p>
<h2 id="step-4-setup-the-server-parameters">Step 4: setup the server parameters</h2>
-<p align="center">
-<img src="img/step4.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/step4.png" title="Setup server parameters"/></p>
<table>
<thead>
<tr>
@@ -321,9 +312,7 @@ articles to get familiar with the processes and practices which surround it:</p>
<p><br/></p>
<p>Click on "Set Server Parameters" to finalize the configuration.
You will be redirected to the JAMS interface.</p>
-<p align="center">
-<img src="img/jams-dashboard.png" style="height:400px;"/>
-</p>
+<p><img alt="alt text" src="https://static.savoirfairelinux.com/img/jams/jams-dashboard.png" title="Jams dashboard"/></p>
<p>If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on "Create User"</p></div>
</div>
</div>
@@ -404,5 +393,5 @@ You will be redirected to the JAMS interface.</p>
</html>
<!--
MkDocs version : 1.1.2
-Build Date UTC : 2020-11-22 01:43:55.216806+00:00
+Build Date UTC : 2020-12-11 17:41:14.704504+00:00
-->
diff --git a/userguide/site/pdf/combined.pdf b/userguide/site/pdf/combined.pdf
index 7a39d8235d850fbdd2c4b3a86c02a25eac0663a3..735036b93bda1413ebc1159118884204b33892fc 100644
GIT binary patch
delta 58905
zcmc$`2UrwK)-X&)K!PBkWJN@B&PhZ-$vH=nEIG#(5fBg&1V)LHa}XqlAqa@%oEd`T
zFu=eJ49xJO_uk!m-`#Kb-}mnBJ5N7TeY#GnQ&p$WsjlwnH))uuD`}X|Ut+$*`iz|x
z4Y<tJQ3kJ<FJ>F)@bhHd!3)Ri_NMOH6YlY+k{{xV+Vt&GdlG9EkQ#FlG#GZh@aAlz
zJq<HWl%(XkgpZcUa$3{1G^Y|!rptr%T)v>u07J*X1@2Xu??xM466dTw__gcqE@i8y
z^9j9)f}v_Wpu^kcM%pFIy{ieH?Q3yq#Q>OW?MW=GY`Ervk%?NR>`n=J$^*|3_sW3^
zAK_<(lGF5-Rs6vpr=fyg-`l%h^GsW`xXcV+J6LsB61RkX9cUkm+c;B^!ct4(cu0LO
z`WPp`wj=4=yLk$2L}*;;M5XustLH8_1B;Am{H8>n(Hw1ds|)%fUsoIt-iU5?8LewL
zy=@FFS?vA5n>TDUTf?$&%B6%c>nDbNGe2Y9u^!BWAfZk<J6(Nt>cx!E?;Zc<fXcx3
zb7eATV2pg15&LDKNLZ*MzACXGCpqXkt3cZj=<qf62-XKdP*)80E9{qLAdu!8Y-K>^
z^>M`W_g9`?e4JGr!p}L>v&Mpk=-#_I-GB9)Tgx&LE8ViVHpV-w$gG!`+Ap7B+=YHj
zjQCo}Sk-&T!9%tr<xg0^MR1GzDSlh;=!O6p<tqmN5Ee*ndeDWE8$r%9lB*<iyOLn@
zTQqvlQTN&VtorG05p_LV;WoQv+e&Ny5U>l8pM`yQ<dlyvVAP7MxFXv+5>z54e3!oa
zu>QqZLcw5a`-{4SNX3Q`v+MU<ljty>=G#SU_w{6C@mR#SzuK>Q?o|YuX5HXy)8)|=
zn${B#T8tkKOQypTvCBEzdGdlyNkZn~lJqU%n+}7%wV7)#IByFw8CeTl(}edO20Q@F
z)Rl1*WrP>kLuIN7uYNr%9f)hP^E)M;iHT1>B6n-v*HKE->0>%Hno*K8Fxjj!Cee)}
zep|`MYN08A<@&BH`Jt;)Rhd6g`n7QaR~Ip9H<%jD;`dnAZ(id8SKu|sVx7W?a;w<L
zZk%^4QhMbEykXeY8)Gw8;6XUW^z-XxSr6sJl%yQGO?b4b+<L6uqMLWQJoRt*WrzBh
zTq$D{m7&OEiJ8n+tcTOK;?iTJVaQCeyM|TQEwQOs<P^N~QFsBdKQDamH)WahGLuGc
z@e@WKr>Z?otsp}@C$g~C=PfoZHn6|#h&}b<rbsQMvi_M#-89f^V@2y!I*cA%lKwEv
zY7SWfeQ2vwh`{vn*~Pej;&Z--np12zF}xvja)MFf>dkiRD+^lc!n9yJMcPviYRwpE
zHE)4mg>t$wFmWz+V`<@QbE9x@J)Ug$<l%e<+JXL&Z!6DY%x(bwp{4`xjQWW)B6^JU
zo8K$u2v(d>Mpfc)=A(?``t~x111u<3`M^r;t5(m?yPOQlO(hXEd~F{l@;p9Gp0`R5
z>GBNoKtJ6cFQR?FyR^Y_V18#h!x`jOb(i9%2oo=p%M%AeCMG6+enCD$Yv-pwKmj4p
z;!A9q+TH|gOk7MskgV4=3M@epP^QNX6>>3Q-XHipkF4!&?L3)8_<2FY+Bno8{bX!u
zlet?JrR%zQi_Ev#Z*!F0*U@>%#If==k*`ljkBRJBBK=*gwyUqMJj4%ssFQW$Iz`CC
zHu@`3p8gSeX;cLp7-`A@vVtJky3E-bT-vexSUUEV13#qku;m^22_yn^u!chcy5EdV
z4A^~N-EKUxKQ`Ui8Qnrl@2wuc(^C|8N9BAkaE4xcykz1P5c`O5y=XSzp_Zur`~q`)
zd;J!iA@2HsZY|<fj%!&%v*MjFkMUip+ia=D|1t^izo7Ydk^nzjQy)B{KOV<`SlMP}
z>5eTvJFC+l_rb(FD?nnp>KeujDD?)?5M#_Gl@r_aIC$zAt&Q4YEY<`%@ha<OSB>yz
zC}3mMt~!PqR??&;CY=h>VAOG$)Aq%WZ<KuQ%OA#Qbvm7~NGegV&9#<}!NYLwoy4np
zDkRRq1+xbPF<gyXgx|9i4;$KlP|wDEK6_Z*#`%lPcQmNYZ2_L*j4O1aY0&M-adjM$
zDIWW~K{B&E_B+&d_;8}2X&(DP898$}(H!<!Sj!Gbuq7jt=L~l*1ogliu1o_N90H-R
z5Us(N7g<zi5HO#G;$RjN^_gJs@m6h720$RW{1`IG*b=CTQd_(T7zt)<fgKi)lZJ6T
zJ_|-C#>)8BB6D5oL(YUO>g3etp%Rb_v_z*m?!w_1iiTJFPO!{{Lu*E0`OziPhqEAG
z#JgAybHb+G7bxkbv%|(P9^3`*o?u3^rt^xuOO#B=Aoy^($_3PXy^PrhObS4Q;IiY&
zA+@G;kO+kIh0XAf^M=cF^Ja6HR^6LL=sG@jUgHi*I&l931lD0{FjbD(k!COr?SKMX
zi1W{sXw>;4>GzKUXF(?&V3>!+z1li+@Op$q#U&S+3r89JJQm0xY4D)BG5pLCdcJBd
zxqT_46gmk#&71+cf*BW3vod~Npmwj5V6@C7o}A@bP_N8I7sRPmWAhLdyaetx2UZd1
z8a5ta^nH?<9&~W<_5~@hk{?W>!T~=^IZtOS+JPdLe1eg)lsx!l6_@h!DItR{rxV2x
ze>A9r<}4@$0+S2d-a#x$@PLtXmq?#~AQ1zQ!B}34<O+!5iIj|FWAX0f^QCE17ceO_
z@UVG3P^{ztbuJ1p;nPn+LwwAG5vOJ(CSKs+LDIpkhD&Q7OxI>?uU2#+V0_^9^@V9D
z$QKH8ksj;~DgM#ErD+oYjMo>`2!pPJh*ARaF0_KEeOCq$#!_R<<31rIMSzcg4w8FF
z_E;@e2ZFn>k7~LE_rp=#g)Ky$8qK4>VEshe4~MR^ToQ@w_&h!~{TRBH#_&5Nkw6)q
zOR&ijtXu@eqSt{QJ^CwB)6$vWCCwu7ndzkh4^aChA1(|~?L5A30Isrv7NX2#T^L;1
zMEkN%sCaD`RF{Y3e(9jsKg;8$dTe@Syd=5Sd^vfmk*vs2$OZgGXx!(PPL;z#aHL}q
z^g)5mcoT|zQU?;I(O=|u#!_~v#{X}Iz`vd2zs3;wt<lA^>TaEbKbiw`)&slFx09)(
zBcWjb3qvy!bt^FSOCj^U*C=VJl2dn=9Yl|1Kd8|PtWNCMGRJrp^uz$RN-_-{ZBOPw
zd=1XHJ`q^23_nY#SnCa{gs}b~O+ckbTo#F_^zh3f36&mpS%6UKz>muJs9?WK4(XS}
z=SOWaD%kK6Y`Fw~)TW{sevqc27=BcyqZodWW}p}@>u4$<-5tq1mxD9=QX#4x#HWfi
zWm5Q=_f&ZbkJA*?*wVZSS#&xQhH9aN$6ml(`as+}h|-D+G?E(7K)L$f2F_4VrXZ-*
zZN?`5eB|oBApESef(JM}?dB<BBvF3~Hs4=fpHOCopW#9cdD5n!Zz~=qo7kUOH}oXd
znCGSZ<5P%~jDhH45@<Z~Oiae%m}rtqumIWPW4#odQbd6eIL#vjKHL5k_&+!YeroY2
z1oz_l*TUx!PyW)1Xk27h21@a`7uwN|64qtivprPRCp_ANqB_8+Cbu<5qdG|5))$mY
z%jSa+Y2f6PhZ@aYXFSefQcDhZ1diS@BB9WW2LHr?!NIV*5YN*4(7=8D7y<Lqzpw)l
z9aWFmLSn+soQl-u2EV7U52gPv&w)Qf{BNKI{&@>BxaeGai!Uvf%2<sI+oqz?K|QVe
z`dw+3XH>Q9Gm3xy&zu5(p2eTy0Q?!{|CHok1OsJ9>+oJz&BQl^$}dJ0E((xg`cJ`E
z5t_%?&OJYZmLD<A(ytK?%l{g(em^R+a-LCS?kf-P<^4rkfs$ev3m~hLo82DIR5YS#
z`It<1v!LS6t0GSw1M-Ku;_RFRS?u(bNjSg5|97JU|5^6`lsoWWZ0x+?PA|;ILpwuH
ze{tw^w)nC$RDq5?M6BvKrRdnnCdiS-8yx(ssH`=!OC4-7T5)!4rR{}FA{2~VO%9(g
zXG|&La4k3(<(U-R2}Vunn1;y3WCYjeSt7Q(^R@`-9L|q=g@_x?WrTJ07d2M$&CBek
zP{>b(4OkI0GAMV|j=jmh5e57gW&KeU11!<}A{SU6rT&Y~eC5*TO0!Dk_P^P|%IpFK
z4n9dtS2y=$fM@Rlqx;X$+xY7jDO<y)nwJK;NT0qmLw6JU$QD3m{ec(w<V60Dyv~t4
zQW-4;e=rL0cdhbAP5+Y}0Q`448$KR<F?E=IIY`8TfMcTad%w+X;6FLJ|LN>2@&x{S
zuIBG*1N@&jKJ;11uuM_#66G|&b7T#^Oi}sg6vs*HSkA0PFLT%UAGvF<>#v#YuTVBP
z18^6HFzSQJYF;n!V7TJ{$Mf(1P|h!i@z)<nvKd=JAm@Zp>F)F4AB#pFp6=F`PQNW5
z3I1+bNl;i&?6>OzqM)i`Yz@$Tb9}OYw2Z_D{8(SoR<-nSWD*p<T%yt<l$Iv^Rfccs
z?%XX6eh9exKmY*-U+`X7uKC;6`CP$!(PqJW<Lb|X?3dzK=r6^<<@L}@EV8RO*dh0)
zDtrdHnFt5jIegPSTA-7CP&Zt-C3yYf6!$Cl$$28k4HxI;kM$;MK;}4h6Z?5TPABUL
z#|JaYseaGk2rI2c36*sp(Yv@U9e)x$JG*<l-LGCNxQ!k}fBSmpZWx`_D+{nq5GT+N
zRr5Ci>S9~Wu1C$&5?1>b>%H15<_b`vgc~)Ro_E~LZOZKhyK8+t@M`BKddwEYwF9q7
z3Bb+eFOE%1Gb8E-rh349Z?|M*jOE9(%9XXZ$~;16UPEVekS(-4wWfufg<;-4AmZu@
z^XdNLY#zMRksspCSxbtF2oMvx^^K>JrGOrZx`@DsZQuNcqI1jqC&TxPF3z8&p{0va
zeg5m=n<k#_a|71LK`?D%)chOq&7FgSEPP?254AjZPrv=bj<X&NoeAqJMI+y*IRt;w
zUMk;#ru!Slo*8ILuqUr7Ic=Tk1U9)i6jv$wG-W?Ks)%qnmIs1@pP8Gqi~(8TY{Sts
zaB=!%w!Gi7G;`8Mv-B@HZ&#vkA6ITcbc;ohM+c|UzC~t&p^G&|*wbZFJ`6rNB;sEC
z+*xTe)%P0I#~qH|x^}PM>)$mBmL^1Gp!Ray0MvP)YbnVJt#jot!BLl%Cq!j!X@$YZ
z;S{x7qM&IlS$&gRp}sC_3`m+8t=%hL|M=-+WqLlCi<|47(2n?1@^=s3e4&xgLN5$%
z;HyV~YF68w>k<L>aDe+XXniocXtYPK7<yh`UBrJ=cVdZqC#=zzb!j*A`{WTMO>hrd
zElwg~vN2b|M~SX*u#L?=E0e6&DXc#8W-Hu5+OM-tYOS>+NWC0;fe+KYqqSl7L5`Mu
z`|FkZvH|Mmcc_~?x3j%@?S5#%vrVfzoRJ<(cwS^gBv53-_(CAjG{DKJptuEXLzv+m
zg>2kPL!t|*(|wbgr)L*~#Yc~}N28A?D)N)<e)OdqFxey$L=r>+aitufGVzT$X=$WX
zFYKEMa-qI3050yQER3(;axjNfCfSEMW<xH-ha2Y#M;H0ec|IqQo)xFd$ZUVV95<0d
z{^iTa`i0b#VbnOmp!F=$G*!tQ&^>^uEzQR|C<4YLjn|;Q1sy06vkT#-{Rr*-61^4L
z8EsliR!{&`Rixb8Cc$UCb`rMfuh-v#i@#MzHA4b48tWm+5nL4M0WLPlZ8hSPh-WY7
zxz>W+F2}um+zSN4!OWTDc-q=<v(~n~s)LE$&K#hY-pzqZ>qUsS2P_pEHd!6J>_Roy
zEf*XEJ8Wv^zoi}{i%o408GW9)gxmI~%(K>AQGD%emf=vFKXI((HTL4ktsBliZ5wqR
z@I;<fq-r_{@0GXkIV^Ug)zrNZc1?)dk)U)3+iq|PIDcsv=M4FN&0W{YID>e5WTB`S
zwlAdPlCILtNQA###Ncv$eWiSNKgSAz8mk+H(0X|lLcrX`3n?Z?)D&?B*#bc=zBvP-
zpl3@PdtC2Tx1b8^AjTJG`>FM_5Nu#PU>#n*<8l-^6z)$zDvo|ukl1skX^)y)n=z{W
zmIhffI51+gbt*V^&Dvl`Jh`ZzH3$5yoWzalH|W=^P<K(CPwz~8H6}PR7Wc6vF8AWj
zk4GA7_Z}#)NgD3KYhfXM$7U$#4%D-ZL2|V{dbD&;J;U9gVI#*+03;TB25b)&m+qG!
zoxmd7&7k5f5e%x1fRy^c6Rh*p6nG<w7+!S~m9EDuL9qva|6%=@nj+pHJGW1J-{{KV
zZPIMVMf$`s$o`JI)N4l%ZA9HH1n#-VcEv2;qm&e7dIRZ+hYToddZA@2D<LsjFMn|(
z3K>vbS-KZs3{zUoPh^J!3qs(&a0xXw^^5QgQ{k$bq@IQ2fs9b<+$_j?UEkA5J^p${
zWHiC!lHt;P!gO@?>&Yg4_Q3%vf!&wr8YQLvK0k;03mBx4%_TQs9IQ1x3873xjg~81
zxC5b$rOVz^O`vaHh@?=ZM!muaTUts~dcfzKC;AeO9J7-_XF`CQFi1HO<l9(jR<uD1
zE^h$y`j4E-_kvI($dHzNWWFCOAKUjwC7Szn%}qB^#-YdsqtlWg#&EHLjZeW+&U)=t
z-AWK!cAtP;wQr0ZvBUG0b)=KZXFScWGF#G3y5D*(UMwM4g{&{f8_DP?{hP-jP~J4i
z();TtKS9O+0skxDz){h8I-tUc@k}8Q#Mg|?3q1dH)_sJD@rdUnY7-l0U-5{#f*OUp
zBM)E(44b!_{ii|TPf0qiFRL=&-G@R%*)bq|`|iEld=|t=qN!*!7Ca05ym^Dig6AKD
zz(1}=5-lnlj^bk&EEVf(2&j}3THueW(qCE;!<%=0Z0XNm0R9=1ldMPm{wuS&j$_7!
zaN71Ck{^`}cLtuk+EkL5Gci|kHt`T)l=d!!`+-*;JUd-ReG*arFt<jF!VP9Gl(%)T
zDfh3-i3%pWP84|@l&)9II=;&WJsb_D)GgCtmjH5Ki*Jul8cWXi_MIJ318EnhTbLKe
zw2B8ok8}I_AF_V2_KG{YS1PqKuOKvFP0NTVE-*6LS1CJN{P1Bv?DRp}kokE~OH{+=
z%GsTzN83eoK|$YiUo0M&xhybdOr%uXkfA3F7#84W57c#77DNY9fw}Toh=u(4N=$%P
z4j8x|ul7~7obZc#J{YaDmx+jx2H=yr-t1NM!j*aK$cwC^slA0+F55<wJ=hGeZMJE0
z%gO?6Rlk;s#u1y_bn&GxPGT1+H3Ja3orqZ7F>~nW`I!yVQMJ`Ggv9P_`6wj6(g-Tl
zPzFvIFBZC_q1$rNFg{55mXN-TMrs4YY*2+UNWbg0ypvZ1@?>vf*WCrIgosp{Ck53k
zqxZbbE4d8rd|lE4LO=Rd3uGS!Xj=k|E75b&1>pQ)&eegAra`D$_u05ORHnT6L;iwk
zqnlgpCJ*|7^Rd1JVl5jzp`!~JM<b0<LlCj@02Y&r&*p*Xz(Sjp`4o;VKptQ#w%J$A
z)5m>MKMFzhDK}~AXabC5!DL=;6<~?2y9>Trw9qrI!i8gKnb9t~n)<*hS{u$u{@pbn
zZ0o?Y@V*~mevuS$gwW*b%3w(x>+D8}qnrle(htiNeQK*5e?{GWF;f^3#Ie0?hC;(a
z#O=;(7v7@7^?@pmLD~J9!l(@Rc5tv~x%)h9b$RUF!qQB-{0q9hBN5+pUG@}RhYn~E
zI;F>EGW>WFqQh>k;c&V;8r(bx)CQ0S_t-{NIdo@T;*%VU?3a7@t~PIolsg~s2;-BE
z!@43HNNL75$ZP!(=&Afrcfa+TMu?gZxZ7c!@wO09JiZrT;)1_g%8^1v;9fTdQ5ViK
zH(XHhU-4DBoL*llIg_(LJFs|c)~YpYA<cq8o4O$eN%9^Edd-|0QhLVbGKcxU;T>-+
zoiDREu_{{n>oO%-51+>fzqy>N_c?pBPHCO!(taU@iOh(Kj}~Kn;*4H%0Y1BV{;<6v
zRX@aTW#d;);Nh;}%gFwfwV@!89g{84%ud!@X@^#zRkZzobAIS?6>WvYU`p&o(ZBCp
zwY(MI8<z)mP5X!cz(213kJkeKP`m$?c$q^;9w~;ohuFvw!nVbz%uPV5JjTRqG{n$^
z!5eD?&dW6loB6sb^wUTHE0YuHDE~je_|GB$KehNb$XFcRlB7$jRi`!QTr#b`Na;9K
ztEP0BjI9-pO+V5rrfIbQbS|^zo`Y}W<~K!fQX!01@HAe#1Nag2LIb3D*b@;tXa&II
zyL_Vy((+v+0OTRv%muV(`d1&3_AMV)Q0!Yeu{&@C?lx!WibN`(EI>ek@B+#c&~%>_
z+1QxY$;{cMzia^K`fsdqZZ}t)%Y6Txu&S`S#G-_{mr#`Ho*+u06sIl8e|&a#vkBO9
z5exoODE{;m`1(6ZHiyAS#~bYD+4U0o29m@g4AG?B9%0L+E$iO(6|TeE&}gH*XS-pf
zb2@{=@Xp8PfXf(n?}Z$<Vlo=t7g0T}tE@jSlA2t#FroR_X#=)=dOiS8@S(=hckl*S
zQ=ofZS#QqZEm{J$fJ@r088A7H`#Wm;#DqgC#NILd%?M9j;yzA&-r<t&LFo+1`MHV#
zG<kB~@nR+HFeHC$Zlap;*r$bjCPiO9WA)+|h*=c?)-F5ZWsJ6i*p8#~Er-uDSI-(L
zxJ<<AVtH&pjRCs_GZD?^q|rBXZT147G68^cH{*8iVg90f&L(v5Dz^sAU7ib%IFZM}
zjBm#!cN9|8Fk##{-%KKtMi((tUHMID1-9PRVzdf_Wc)J1k)XBQnbQ(mT`3>6=NyS!
z5oiUMC%O#*^99WV6Ps>Ty3Mh*q+@;vWNj7%Wb@O^qmYbE^JES$GM62oH~<ozf}lD&
zMkvUGr#}tP7fU6&bkm-yY?scC8+*;|mV-~0=(&?*D1Wvt53o1Vu0H`WuIJ6PMdiy7
z7ZvWdplkA|I(nz|%4+plkk-XaQxh5FloGb1+gq6kG|c0!vF&eSPb-9VSDjLId|+Fg
zSN59Q<pI=f#tCRMxGl~IXfp0Qf**p$&WDeCvWy7JJs7JTP7C~b%Vj*af`WB4i#aby
z>*?%~X9A4W>)wwc!U2V~jvh;E=W-XP9tMkSxq99Z#34uhzUK7&hEvgcwaSU=UMqCF
zT!z++xawSH`KOHo&C=IaOraT!LVNfZEP&S80nDkqdVRt6;qLm3^4qURO~USCBiL1S
zk~=to)g~)8{${lGO?kgu$l0|t%3H6F>va_8jqdGGyFbH_XZ>dofIrXTU*~Xwx(vA&
z9e>Ogpxx_7@qhLY{NIZA0{%O#CsCZCt?OK}y!Ec&Q8Wz|)_1UfD>!)NUNAuPpGbD<
zRxeuoTNf_~8ag+4=$P3@vckh~vTk!Z7(8P7BLMurtNtrB!2eX}zasUoLV>?ylmDg)
zz%SkMx?d)bbaC*Z{LF|YSp1pF`%R2H6(>WAwwo0z1h=#V=%3?IF(NlO>AfXyJ#@&!
ze%rb%$C#Ge@rL!~qkc~ea)ZE)>?+TxgO_B5A4u+FMUw`3CXq;_lid~?#e8IOkQqBL
zV%bgcAjd`=gMd@|XxLDE$M?ajF%^7(DWo$(T3k7TUj0g3@_$5XJC7hO_)w6(6e?+)
zEp@PR!tgtt0E+fIrStZ=m5#AJu??JaK#P6te!s0R7aihq;W%u6T4_*@@kERC#Y(#)
z+1R0y>Cx`7Y$LpXou24-TqxRccKxcg3KIktoR&L^ir}Ythd!ibW$g3)>zn)2Zzh^|
z=HGVD+qAD26!??%*^s_*ga!oZ+yh{MUw8ZO?Z?|@X!0(<@7Z!k_z_}u;cPZ_Ktbm2
z9{;G^KrAFfu9WrMD+=B97Zbj>Fm8TmK3V0mlo4F&UkJu4cWDbcE~1=2_75K3*oJP)
zA1l;COBnzkGsJc&)A=B{Z~-|iM?*b6K(sS!U5y47AaY*UU3LOMX||4AF5CSI$9ubv
zOq=lf8z3dcTFuj!NtBdM2W>SddP~>W&M7EA7<snU>0(lo^80?iE2=3G3{6>|-e(iY
zU((C`Oy|7DfHf}^6g0ODbvr5j2JsrmIQCh1QxwiqdFH<^Hjl<ey~Uj`1EN)Y5zggc
z*cR7<-DbvBQh}w8N?ZSf+78G4-2KKE(m>fp8^`dehZW!45xgS<n*-U^=ch4h?%3A*
zqGiQmxffQu_Mqywp=$YJtt5G2t0`V6A6C6sTGBq*^`iE0tju3o)-_kj1zk9~3$2=Y
zhEG~QT?d|YC|v^dn+w1TdfD~a@E40ZPA$0A=c$a6{>sOT?6ceD$=d;I3T3X0P4Y4~
zbZm~1qQNNQGg>fO0cHBt<fK2of#jRnIO(2;cG@HazBA@EG^1rpVb1u6k#VO#&E!N9
z#=2Cz?`Dv&Us6+X11^$1Xa?e60>pxVnuh6JXregjMU(V#Hky0&h-fo-4C2@9QgZ{R
zp&sb~=bux~NM-anGuH2HVO`Ki8r7v4lTgddl88@&htKqp<oXDN+U_=Us>D@cpJQ%`
zEuoew8WA67oAzkf<nK+x5BAnL(qX%zH}1ssxnxGxQWlcU0c@3SmTo%(w9|e5$JHMB
z(8Qw&t1*abv*A5F^`e}MB%*4HK6#fYDW9`hE#)Bf#+}WGajK4tYX`fbC@CFMXe<yQ
zYP_*fU&wvb!Xk8_Z1IQ2mkTA0>1ymqJDMVRU$Gm-LiS3J%K+%H*H*jNMcQ!z7|?v&
zfpVA!=gyrPpD&zxa8FL}cjzP9&t4y#^@pNjS|VdzJd_Fxr}xsDnNiDD+ZktR7az1g
z{k6l}ZO)Hxl_>KW$DTq_PTliG$3ekIM)O~NW03=Tf$O6Y=!N366Bj=sLS(AA9UN)A
z1>favQcEB7NiRK%1BNQl-oe8i88CQRMh9$tAdTgi94c{OKFa@lpQpkrK$-Dkp&;8r
zLfTYH`pUu?ZJ)yA`|f%4g!fU{LA`j)UTVe!s3D&bIeV0JJkjgSbx&S@xV9N>R;<<Z
zDGL%GB~vdhiSz(?vZ8k_Y>v4lZ;~Dn1g`@FN}juPsSHEr9KZR@yP~=t4TQA<(+a-y
zjZ=itE2T#WgaLhcetDSlB{@GsLCVH}NA*0(o(Ch6wna3&6sF%HRW_c)_?c<}c;}$&
z^iqa9ImN+{+LI-)Mj1uEunRrTN7uMlxga0Efo3bt`3|Qo4L+xKL91Q>G+*1lOm_dl
z1@)wBO}8g}GsA5tK0T&%X;^@mgL9}R^Vb?s$I%X%CS&wb(iii()ArTKPv97_Y8~!-
zs5b|1l4rjTwjgS&i<;_BUmH!h80+f<TN(BXH=vsJ7y7!<c$3p}$Vzr3I^Kwlr#s`p
zV8OYUE3l?oTJC?k1Xh$%`@?M|GMzp5$tJIKbnu)Z8~vuo!b%Yuu0%a3!&92pqO+A2
zab`=~c^C$%7pRjF4=f2oIq5mb`heln$V0s&C)egr?k6-5%Eoy^HfPiBS;Q<y?n*(A
z{xAZRGP`S(dlN8^h5Jt%vjMsttd8_$rMfi4L9@MTVv_y9jH#)FZ^}^o5#R4eK<fKY
zIn;V24Sew0oW<|&VxoMr?164gy@My_GGkhQXafZ-50EkJS3~oU-T1?_AZRGpbKGk|
zqN{=Wp}#ouANRxm{O$0MH(}uCUHI=wWpyxk-49k_Y|V&_`dnanE97V7NdD^I3jqIK
zcK<Rrfa>4fqJK>V;72(A?^2=lBKY_@fa=mbr}}5h`oBFQAgD&8#<9_-G1(x@X3{TL
zEUGW?3vO#)1*Mc=Ghz#h3WExZvFWgcctLG&d`B!nF%S;|-|q*!<azBn$h`(z5>#PL
zN(}nkh<zPPNC0%}1fLzGQhK>fz@A9(7$f>gqk$;=_3l`@XnK$HIW&O#j=X)Iw{gBx
z905<ndN7F$J7aO}vK6I@W7Eb1JE!%q2~#3Kh!B8+md&4-7ETzStM8EP@pQI*AP1$~
zOfk+3NVFAMW`~{$zjw>96%p8CD-X)oH;>y}<=b{DRzcwF@YK%{PTiFTa!<6T<8K#&
z18khp3356zMyt<?`(dVx(+?-R43{KrzYTqv?tkt7%@MLWavZnwp=>b9R)lI<*;+X&
z2fg>9{#2Vpdy?Z!zEZj}vMi>m-S1n1A>(fnl_wP|Z5yOH(&r6c@g#Dw^+|5Sev)Vg
zjnh~)-~6%%Sd8thW{ouHD&1Uv`QoD6up(>QlNN7Rhb($_%VN9$@7|Xux~N9!q!_p3
z=4atZt#IT!!Mv8lt_fwaF-Q9be~uIjJace-%y`Az3L#mlX~#Yun{Xv^aG982IP#N2
z8jX(2!|Yj11!uBoA~GL;WT{{gy4<ryI&NmX+&WtqKw*C~$CzzF(+Hj5I}g8l^@ioy
zKHTx9{N^y8MxPxiPD63IE0&S4(c}Z~k4&7wZ@VVfD=*(wnR2ywURvJ9Id{dv+KP)z
z->n5pmT)a(W9=#!6#hA!8Is9HT)E18XU)vWG=!*4Kb!Zw>W(tcogTttwr}|vE^hv}
zO>^$!X##Tm$47h5xJXDl+YV0QqtpFQPW?DYF5fIvDkNJRbiMQD&6i$%)*VXvW_RDQ
zmvVg}%-;`@jqmD5TY1(u;F`)wJn3w3f<jEWk<gN~gljSOXBI)WV1u&zL+lnq_f1+d
z&20`=)X44au6#2bm-F&+zJV<0!18L&vSWq5Ow|S~``9ix#5(KsS5vp#)e^5V4i>hu
zxhY2q5zh7$mZ5JtB!L))9s}-otlVO94}jO)vv}$Isb(fJb}W9j*kjnLGI3IpwhR^#
z*<4Q^emA}sUA)m7bo_q1p#8z^07^LBl_fIqH%pO6ap>N}B!In#^}|wS3!r;nv|Kdo
ztHU>dc}uCTEvosQ&0@?&W{pYwN893n-KBWXQm>-PPuJh@2~3JnajpuS-<60wqfas~
z*-xMzqt?dNIa7XqF8{KYZJK#j2v>4lbQO=9(uOQ0RUks;Ne@qsDv7y}_lR}Vgu&L+
zi2x?yJ4)HKhXzA+nFo)o_KW%&q4p}<Q-^MqKu`D8f}~nmeY$e{K(!SP8lH8P;+f$u
z!{J;xPKTJP_*XZJSviepAbiYsn{!z-?L=((OzrK@VRdG*A|DXS?#xslU^`t<K2Ld>
zMdREO=c^3)q+#_XQ99F<3jUnQeA<&E;bWs%>r+!VYU2g0;>RdoVa$Gm=Y-_Gkm(xM
z1>ROUs|c*YNT%2ORJfuF^}=MII_X8lySa$Sp)_WrY;yRo#a16Fv=>^PXTsIFN?9_%
zW;#(A^cGSWehP_9E~$J+$NNwCzuk_vO||XX!;loxOJB;`W>dT`qiWOqmWKWbo6sk#
zkJw-BUf_kx3F$n9VMw22Xn!^|zD;FokO)wFzK8A7)J|+<PTMg*jwQ@p8P>#s(M_jW
z(G7@A7|zi6)J%)SzF6tj;FGw@bV_DIO0-jvl}053G}P_fw|;8Ht#SA|sQA@p(viH8
z{%S90622fV?KH1XSwcdwp88V_a!rAzJdQUhmTvE!xX;J-^JkG|i2GaVepdv!eYp!z
zay(`wb_AFo+3JOt*0p|p^_m3MNo)Azgk9_E7t<&2-(%S;+Sb2E-zvhaDTutzVE&+u
zgyM`bt7Z5TLMuN_{cBc<U}YAWAu9PMXo|LL`|XYSo*X-zivYeaw1uN9w-mAo&U(?o
zCSO@3r8DP;YG-IOBQVWAHe=Wp9g&3P1MKDALppq>Zn3fU;(7Qkonm*`rI26RY@uI@
zNym+YS@VSXqzM?IR5Nn58_n>gS|1|j%+`9tXHNw`EQD4NtlE>)w`sE<aP$S=rC=TL
zb_?Vg{Un3csS*<TSzaSYS>vgaM$QxU=%8@<tud#9w2uwlj~>&9+n3$2aaAnxmj>iW
z{7xS9E7DG~mp7Qn%mgaD(y=jgkhsO_*VH78Q+47l&lv$)tso7~H;%kJW|K6C+i4^d
zramd~&O1tSd6eL(2+-pwDv1hV;>F9W;geQTU~1>`SJuyoIHW#<)UiB6CWC7Yis)K4
z3*?3HZr*fA+z{UOMLxM$CvDJtp$KeAf8h((6b)Z^wk+8R47r6s<F9nxhow(+yzEi4
z?S0SQ!m&~K?Xe<t8}1yz^`!+B16~4?;Dyd(n6I2F#9Gy#twO+-^cmH;kEl$7p3^!}
z?g!h}d$X{dp=SPfT;nHSgmAfT`>kf<EPP+drFo~Q?ow12NDZ+_H)I_YR_g@pT+{ZN
z6QZKl%)j-q1PxQv%l4TYBMe?)bv%0eeCEsdVr>cqmlG7^m1we)f9laOM-wrI7pw^b
zc|G-^P%|e%s7Teig--L6rP@Hbd|L+{ept4=Kk;|bcn;YHqQ_4YEe#LE2h3JRHW95c
zZ$!G(0+dT0nY2?+z}mpKSi9GN3KxSuzt2Xwc*7@CjO^zx#cA3|GFUB@bmj%@32umh
z1z0yEuC=n_xdc1#mCSyAv(wn3r2VY3``$22NiC(>5F5)@NQcrslz>8IS<Z!Ci%HgS
zYW%VDrVo-y!&>4I`|dkVc(*DVeefJlr7v<nIhveS`O9)=G~c?y`dykGVD5pnSL-`x
zZ+l*`nNeHf;35Krp<$|MU@hVt9)l|YpBrFhND#AT&E-@j?dLCnUU@8&Ff@w)g|@k-
zl*Zo@IU#;O{Q!C%%QSOUjrP1Ywgvw>c4*s*RtVd*t`kgyr7f)z_9nAqZM%HOwBew2
zc@d1|&&|{FlGX2`5s&9%fn^Kqj|tbD@vrDNq53Zf`QPr#)|u7jZF7EAEDY6S9^fh)
z0G{CT9N0#mxJ1XkcEn-_9icEK{n&R~8*Q&;T~$%+=KeaEcbv6pT8v+u)?-djc_DZm
z4SJOfJj9rOROb-6>-I+LnCP=ifZyM4`xLq%@cY+^#RPua_bCK|yu`kbD<sS$Bn;9_
zC!r$~5@fnOE;n{E@%RdfFbRR~r;##%GSW#XKwOE~*Fk%jS13SlibzR7O10RGm_nf8
z7*a~mV>ujR(Cb=kMG#{+wkL%U-)~z(e|>FPNDLH$bLCDg(?=2!Oprkx_Fd3yJvJIw
zn3qYI7j(@GpZS)6hHK9{;dd+y-nTd@f7=9MKF~hy6*h7qvH!^$Wbq#FF4krJa3nSl
z$fOaQ7=&85f)6s4!;${6p_QrjZWA_91Q-8bO&}mBDEybbua`Rf@~X9@BomK{wX?0K
z9g{E!vz$~4<eEjw1A?mK5Q0Py_--JG=QS$OEj659qf8TRoa>mvAlGPYb|6Mq)rD4s
ztQn@?7l-{)5S*mUKreD7K1CB#ei&{s6(4`w`-x%X3II7>R4Ss!33*NlO7(-S^}E6s
za5A*gwIV>#^Hc+6SkD;ywi6?VBgnMa$ToZei+l13*2GS!90@4(YS*5vWHB=vIQ5x(
zM;FcxzP}p~T0h0%>BhNw0KC+$Dj!m%8nQkku&Q#bjP#D3mL4h^ZFJ+ClHmUer!lRP
z=!-Kktu^Nr;$wO35MuhS$sAUgABNb73Iks=O^(5};pM<G79s9ieC)Ru*54`Cm1RpF
z?-bg=cdodsvm4HfUD_kN%;z2FAq2ej;2B$3;)Gw{e@vcWVa}H;3luRtJ`TG(%<lGB
z8JBFDP8%5|Mt4Wc`z{MnY+qn&AX7&B)ndKnP>Z*H0^5q}QwKFl+>wN(#)1!5y_YCR
zK3y0#i(r}@<s!^%4dyjsa><#~?j`Q1a5MDeertSL)%_spGa2(Wr>9&(6L5>{(02vN
z9s4q>`jt}__UsW1_LjgM{ne5hk%GiM_>0y-HyYnB4cw}Np79S2PHadH9&5Z9WET0v
zI+JbLl9@8D>%hzr(@ZaQJ@n?i7sdBjy`%TDaY=%Bl`27pq@Ay~c~Ue3_((L|jB>8y
z9@_P;4s7I#>#W8lUe_N!qHtBH9DCGTYAX1&z>2bb=)8hUP~@>P0MfeKEHJ{r+QT>^
z%17P#`VgaJ&?xO(-gn$SBCT8k=3B)Na&_slQ)*Ku^Ej+l{3uOWVcfy!YP%P+mq(YZ
zA|$Pye_L%*@Y_?2_G!e-V(sACAx_=P4J!_^faBbz=M(c|%K{tsoV9a8FP0F@Xr1Yb
z&K)_Ix5<OKA+#6Fz=M50ul9U5scHr66sn-*(s%X!artT*O^x9(k*zZPC({ozP;-tc
zj~k><6KL1>pB2p#=wEP)Lpr8ABuCye=VF4u=Z2f)O>*|b`F;b}GqSz4?2&D?-?>JJ
zO<-2B{K^IUjP(+GHD3|0XOKR9rt0Ngs#^}M&f;Kl%E{_w6{~#5xX=1Lu7pTe{wQ-8
z(-{SYh?5gxK(HMTjB);1M8V&g(ZAb^E+QuKn@bY@<qHS6BD_o@ygz*sy|5_L<?)M8
z5*A~+JbpPB;bRiv1Ieb5vV)YJF4MkDziZl;6B5%H-;-Qe=m*k|-RZx&Ady<PBy1B*
z5UV;4MXjqQ4ml={Ad`sTFV06q^Ec=78Rz5QswyJ%)A>+{{BWaxV9E=!e2>QhstCHq
zhb1fulC8(304)>an$-4d<80L5{INy;*RMDTiU^8|{-%sDXvyR9!wn+8e7FImak=fj
zR)z$3qloNxMiCSczD#XfwQwkZIy5X1v7dP_Xz3|w0O-K(1{J0VNK=DU;%Cl_DGI`j
z!lu9y<p;U_a7c#sE@O{q&}QIvM$?h0U2&)Ed*s~?Ld*)-S-EM$m5dKq)A}Afcr$=;
z5ezAQ)AHO@@5)LU`(%I&v@MOs-_f+fqv~=C<}~L(_}ZbYlrg&%((*<Lq8|hJR&EzS
zo9y-(^)!p|NmY|xw3n^8=oshZR>rPYN@4Rzn#XQNLo~1(y7$12c7D3vbko^^$J16N
zpghf9WCoTg^o;ae$#&rLmdeK<(LKde^gH2e>S6FuVP;8jf!+xT;#lMkGr4bT0A(EA
zjK`EK6}Q)}qS0a~sVC8J%NJ$mMXvcMTSKZQadtzSYt9?u<lnPvzKni(&DZR>i|5yz
zDIt7>>5d6V4*N6(<fkbHkJ>LM+hre00&VT)!<6!x`X3AWxJt=5Cf(~}D?16fo6NGw
z{kEx}o?X2X&<SbVUHG<EZ!;ZI4E7Y!OEAPQX-fZMB@9g9<rr@RT!5zB=!b<t7+trG
zAIZRhypMpu{uQ6MxP4@={O{3x3Kz*LcrQJ*`0Wm0e(&0=sR0wk32CuM4V78(O{{mT
zXrMYXbCsVz371}wIOY*E=}0^m8K~G=``k0KlK;KJY$xyyyyR&XL}rN<M#VE*d3Utv
z`>Q?@zj4sk(*jdl7Q&d4mrs2T)xr>Iq2uur-ebUqwBE*qB5i4n&N~?^iaV2xAGDE%
z%L$b3fZr7D`}a&C#ev0yx8H;*#FEzv50Pq+H8P#hI17pg*D8z3b<6Z9xZ`(9OYYUR
z-;Zz^W?~6+$GL+yO)(OsBq{J1{)8}hxADDxW#&Dm{c`tfm?n}`=V>NA-w6))U~*S?
zzfgbSIq*$F65L#KQT|HQHLzgt2;VZ9=~inmohv{9Yp<nv@u^uNo~#V#jIQmJi{{OA
zP~}ipop)xl)#-@Uvj9oHDAw$fBJwx-n-#lWQ!yd9H}1GgGtG{YoDykil>|SSbyx7D
ziKvn5Z0UBjr47tvE!87wUTf02`N=|<)2Jom^-JZ(CZEnA>1_6wY)`_<nZupgS?|np
zeKq+An3<0$kK8^|%XWm+eCeVLnZRRucYOfO_oDiM@ZoUh(sP_N<oOkh?Szmkg><KM
z`{)9(&A1n-EAML5>$^j)B^X#fAhyDZ_miZ->?b~XtP-cU_~j8R?>0sxZ>IP2fq=SJ
z_Po~$u9YO~Cf2x1t5@qS*hCQGxfhg$&Y@izk$^4r_uCDp0-M`<ys!5T`Uvs4=*1P|
z3_sQy71QyXbL6&=^K*9vUsX-*h`UYLSAUKmmCsFiA~Q8?`J90TmX>KKtJ-rdL<%0#
z3`)z`&oK9JPZlNL6QE<x<PpE$U(ueCYh(#}nVgLn=(O+-^5FQ0ZTo0B_KFT!?`LT4
zc`tDKA;e(S%6OAtZ%eCUB5Pz>Ee!O);8Tay!U09bT)9geN#{<=Y*otI_Z&k>QzwQ&
zX-*z#m*jWHo&Hi+`Pw0;pT(q{(wlt;?(#p$dN<0Q`cYH8XFE8k#Yz@Ow(xzu#lmvx
zr<d0g?!0qw=w*t6Y(;Tnnz6TSh=^UWWZtC%WSNUNm_O>`DtJ@BzWqF|*Wx=qCN*9e
z(fzlrw@fpsfpCpap^xRdCPRiTu}Rhln)TkxM!Zy>?u9?+$tFv?o_Z+vEqz%qiAkL-
z;=>dMNH{|yHJ!q@RZ6eb=3Nt^Z&%`oh-g-dh+V%`(Do=+?^iqJ9FdD?^;4+~{%ZAc
zVL-5I=#Jo=iN%(s-q*W1*RQ?8DG<z{>oH`pnU!-gWBSVS+BU}87iH;5kI9*GBi5?`
z*JM+!rH|y;dX-vVWVjEtW9w*B-$!NLyp$U1(0bCw)b`$yu4s>-sMv2vi$-nii^csH
zs8u>ko?{aILYC*>&f-QtB-}UPQu91&;wJ)v)XSl7#hYb2A3@Fw$PJypilOYzafkv6
zLmRsCX_n9Q1Do2`$T-Zp0QYO($X?#Wd3W;~qi2yrn%?>CSDe0;q`-loi>`)MO>2wu
zH*MwC9Hm=<Ji4;><{n{bjUNn*UScH&HYFUzK7P+`TrjsbnJa1Ky65t$Rh4^=CBzjB
zkc|#K$hB!7^LribH5=>wS%bneiK!1iyaL2iDQ{-^Ntax!=hM@;c(zwPK6W4Dr*tYK
z#y-wAujw@K&U_3fm$_de@~H+LMgG)Y)BOV{60JJer~WC0`IZeC7DM^lSBq^7X72_Q
z74BKuKUrM4rCxbW%3gBgu~q}Kc}^QA`!MjaNAUnd>!`(j?2R|4-8vJDN13QcDYFRA
ze!V`<vg-SYxxdJo?2IVowyYexyCh)f*w`u?=6l!mD}JOGV~~ujZUglOI5W~^I9vGM
zVTM*nT<24yjZrqS@Vo5uKmv7qe=K@Q`8xr*iS$pQDn{en^S+73>r6gW4>*oqR`~;(
zl!q6LZ(-bYxb+!AsspzV_5#y0zUYj{BUT0u?uRD7lX(Buc{-Wpt<Pf@!^CpZh=L~+
zoF2;S#kZmthc=$t5)txp`qd{iBgV24_ry<~`ZUu%m{Q}Eewk-1(@U8w<WPG@8Vpux
z3wGrvj5$@`7pMBr|5m4&1!fTACH*!7IG9jv+mzg2&3V~qzp=fF2#}iW=v0qj78-m^
z_-r+<|FcwK8;ZZUXa*sq9vbCc<zG|vKuhnI7BPiioXs-6yGC-*)$wXdPdW=@YaU_U
z5#-uO`vj3Zo_<DdeF9Ncvigyft(S_zy=<XOm9OWmF=|V9IZf4+_%ZtmE1xQv014M}
zUI-lB6yh*-meU?2gl|v;HaYKIXAVhO4^GbSnj-i}Mx!BuVPqzFVdp%S7C+7_;JVBJ
z;F<UL6MhUu!*UD*(*t44+5V~`7aJF~_Zefu3<R5{UTC_M5+|P{KN4N&&t|>3|B!VB
zi8+SpE+HdZ-*yr8phY^FtWAST2bg+UOx<r}DU4ow=(f`=^gg;v>}W#On?FE4FyS`C
zbh9HBsW#cX;!qF_*?25XaZrCiVdt9@LZFq_Z_yqS(gSe|d?=7Z>`x_mm9;2EIYtQw
z;U5YsB_52gTTVTt3-aa`GO=suLD+bA8P|OAAbzhL`-b=I=G_6Aib|+ws?f<y{<PAT
zj6BA+(%;5&qQA=p`2~1+e+$b%na@aNaYcogM1_7vp4UVLnJ$mZnC~(h78Pc?d;)P9
zZSsPK)NnYlL<K;ME;raf_K|qRpl5#A3Rt3iAf|9^4+_yA8RhT8L{ZV-r@x-vxWA^q
zqGC*<Vm~6#+qWtzbbbp#Avk$|tFjm<E{>EPPxNOT40_vz%K&ou@svZ17nJ!8mlt%f
zaG93}MdJNTc^PYEdvQryXvBWx;lIV7qC!Iazcp0!m-tgm;AcdMDF({SBK60*1b;qA
z344e4Yl>U<9`E{P?a~KqhPeAzfl``jEqW2Ssrj(WsMPB0=NvOr65Xk%d3RSu)#?fp
z9QjFoF(pHY*39T&2oEYQ#Vx$lHt(BbBg4}okI^~7+|q>$V|g5SR$G}IT{Sf;8YML6
zb!d%qy=OYwK2#UiVQt6upM2)7=g(g6mCu}Q+1p)Y9f+>F635*!b5&F}34ltSN_<jH
zG1|@CnYzeGwH@Ojd|p6n#S+xxf`w5mu#Y=Eic-U(Dq`HVs(y1XOYMMTtAueAWRe#N
zyDI&}Xey<UE|a0$Wo^cBP<vo10pktSQ<3}l8Bp{LyV%D6b2~jvrmhHcf^CC8oz{(X
zG4rX!Wz+Wf+18L?YzZ987k~{etr(2_TeJW~ghGQWOX=BY$Q@DCqgh`;O=$342TI$|
zJ(iyB{&PRcrn^F=7lbu$lw0*E3<MH(F83k&ade^!v}QMIoRi_hHEwn<7v^6N71iu>
zge`r5g_*J~uyEEp(QSxSsFK~?FsO(V;K^(fg#`&<j^8f&BD@Q{ye&B+%%D2fm=S5z
z`C%+LcrDOUKgx$d*@l)B={x(-vgr-WrG{+R|DvJOsL=7r2^MttN^|4QOx^dx!VztM
zUsT3}Prr&{XVuoGwUYSi4wHR~I5n~-7IspZr6N9$0nE#2=~bk*TAYwif->Q1dj7cg
zJCP4jje*+LL4JlG%9;vGxXX)m^{K|csjRwHkC>jeR66;EC^Hu8nmaFczrv_ttHt0=
zwB@ZK)I55<+%zJ0${?%ar;C~8n3{V$IPUOJ^5sMlV-Y2ptwZhe63lz@cJB#3x?O`~
z35_O5JOFwf1%t3E7`n?Uzr49+M(MmMc{{5?*32#1tuaz4t8L^q-itdizLu1?eWSD9
zK9^{3zjIOI$+(KaJ2J^a&_SVvOZfH$3El)t$hYQJxk=G4X0i>p^4>Nl)n*1K8oN8d
zztP(n3DiG&WqDD8u0qQSbt+Bn3aX+sN+6-w4?B2)8@pWW;OOH+lF7l;xmPyOjV)ho
z$pF0_`li`=x{Pv}z-h`sHR;q;K~+cx*d9Cu;Ynv~u>eK~AnCiLgF_;SYdr{=mak32
z_7oeH)S2OLsi6T+&(fzY2c`%Ncd}@PV(+rh(X>tPyawIEezKq@jv-=4r$J_(Xnw^)
zzq$mtaX0Ga0G5{f=`~`hBy~dx*5WQA-02#|<Eg19)>|auWN&j$03DinawlO-ywK$r
zU}0^)D+NL-u^SF}uP?5J<9s^aP<;py))t`ovf!g_MQnAEm>Ss29|}@g9WEQWKE46x
zAoJD7{6Z6MbxIzg$l%BORRa-PLw_d?(*&;)pv+9qy_&xUiYN%jet6u#&t)H(t>>$E
zq!mUX5a68pj`)Uab_IT0T}5Cj{tIfU@1gm(rXn}{?0K1btoK7d=DgpLbdaAgJ-*Em
zx%lv-P|^14wf3DjS-U!gZdMkwRy9{3`*XsN*oEO^Wcy8B<sf{!c_350*@)z5af>_k
z0w{PO$`svno>R%UD5`l|HtV%YLHq`WBfWt9P9>QoV|M&Ef?G76zC<+1m7<imEMxD&
zL!(D-wZDA2i$$KR(Z=2c;y)4Q<)H|}zcbmm^lDJfVRfG2fx`~#v!{<k6dB9d45am+
zlXOKJN#8FIyN`FVo-wIQlmv-Cnw4O_y6p)}o-MNUr$?5AJ*yhZxiXTquad;2w85VJ
zg!m}oI_S2ZQMh2G4t~WKwh4P3KJFoso>tx028R`C9(S+tI53c2IlvaD^qYuHjZBrW
zz8ZBjY=L~=Y8ma&pxu)D`XS*RXUT1c;kPLp;bw1Q7H7sG-&i<UpMb2n;e8w+RTBzX
zAU6gp?DNBnJF=hoxtcn}@~S!m`NcBsYLgMq&`5oE`q)8tb`-Fdf-@FN$dybgKSSjd
z=g!MrcjEv})$k!MR6x%>Gu%3R!mdo@y_Csw{COW53G=wZy+LeFiU@DdD2@70rn-^c
zcg=R&hoVYiV<>G45^cUrwJi5((?ExPT>z@K3QCaN6pE5C`Q8okDKdIh&puO6&m-1r
zXy}u%_~3`No>9)rTq{P$;8d+Ge65^aJlp!oM0p_#f$f0T<=bpj0t`Jj9n*XqASsPQ
z*;I3p3YoHQ9#qMlbGU1fnY|t{-`=UJuo;HHKJ9E13rCgQ9|1?zRLtot=AC0K#{-4x
z>={E0A_pnF9GW@T&_15{)HfxS<!bJ^C9Y8txrt;+QY7KRBU|y=efbFPmUiN#;aYT<
z<wn!Xjud|{jq>1I6(rMABNY|g7i<_dHOfrAT!be#WI2n06bGD-Of;vzrnl8S&B}sh
z;wC*)4lR|i{tzC0%r}xfs4N~ep9!SobgT_L*U*XxYFlgUJ>{YsYBci^SpWYRd&{_}
zy0(3oZWy||ksP|aLy+zkknR!~1qA65hVE{V5F|uGy1S*NyCmKLugmAYpa1jW{jh(t
z_sm|q&RKgMXB@{GS!DiY>1swrgSJ_g^}@N~!n~Q13#0;7x4A;C5{JuHtpCxSde+To
zGK0aI!2jW{*iRq~Il~`@hW`A@r;$~%Pvf1jG=I~cKI$>8k9Z?j2Z4$=!%%NJS6}3Y
zdRqPD+{T6Qa)LApsAeF%k>FR{0tMfh_9cNJ1!ui!W72Pyv8Zl43^Vap10ROQc~h!b
z;%{BRIIJ(OTTzj=DF><R*@Tr<k6K#_u;B4B)V>4_VCXeU96<Yzu?a54rWxJT4YZEz
zOYho}Hme~?zv(F0qdp1}@-YlA6^bHD+$SnAvvRmbLq{w%02Ph2SU4NK;zBn%*4{zm
z4c-+ZZZ9~Yi}K<QkhI8b!it^2QXgulnY!P)YAbqo;+1P=b{(;5XSk><t?NxKzPY6&
z@p!&03q$<PF<qKQBFuZwj?&1?MXC2*CZdIHQ^c-fOEPZWbu}5O(%SD=K0dWRp})$_
znH^2KCimS&7bvHBnc!wOXO!SooXN(JP!+vcqNvxelB<Fp%#5Qce}95>?%zJY`i8Lv
zX6&f-dOj8NH(qn|wjX>f-VP@Yj!#7UbO%MDN_&z|fR{4GPA4EkitC(jTq}cSVm7mJ
z+G$P26RfoJ@>AQ!e5p#UqI%o!(T276wDe&@xgzQBx2Qma7NRe_dAd8L$O9a~t`tD;
z`;skP%Y=nc8eKZ7yL)|}^GRoa{naz6A4eD&Z=I_XDjjC(@3}$F*T_?#4<bJ>>d(gJ
zK1}pVH?A~upP#+q`Qjufj=dwaFOx${*!i^q?^eqB(tE&~+xQgyH!AXXo5G<lfETW8
zwPn^jZky$xIe}~`!k89MBce_MKUWf<lv1OF)RpM6@U^YQPjIGS*^pt_Y^0Qt?Jp*{
z>*Fehw)*Bu`bKOnfKQG5I}*lFcb+c5i)PSueMrXFDGX6{EpboR&!1p6hOB3r@pf@P
z=8Ur5qB4vG!KnPMq!s%aVn?h0r9jD5HvQ91pG7Ji=%|`L%a3=BnriYuwgrJP?scX&
z#ni6?eYUrZ$9J&>Z$YHW>@jto+U8^Bzi(lW9o902$N+p2-IQzMFC2^XN(V8{pxFxf
zJs#icrg?r`kHtLwAt>5eVrfPSZ$l#FCP`Q6;*UKI4X{@?i96THaKV+HQt;h&IXCRS
zOmV#!1vO>l3Wr?{Cwkk7=N~en-+WE{{Sp6WFr{2dqK}1@m-+5s1%Y)5bxnCU*Z-&x
z>^nDAORyMRoaDt5>wkRnWe*q^NgSOvp_^ROaDa3V`-s85Hm}S|n^Jh#Go}{G;lWRr
znG6*3z<DTAiu(N$cT4YHjhMtvWCv@0#%$M?9~6=HYP+PIwDbZb@--{G^?)0y)%*zc
z_^r3z-Q5)XDh^gwxaVX&5d!LY+-^R}607jr$IrE7#f!NS6F;*Y(K`CmGz4P;RbpNU
zo$S_p)yyP}ZgAOtW4mMc1OK#cs^V)4=#>ZhqwcE>u^+dmg@JDKrMq&nZ!ydB9}o`@
z5ZPG%54YeyBFvluoPQI00^H9!!SDinlmd__F(k7GE5J_)b|xa_{FA-&N`%D$0~%q8
z!S8zDNx(XZ2smI4Q-C;(0MD}%gDddt_xwiy9mv7)A6^WM0DmJSrAGq|#{r}Sf~m+z
z=`grC{`Fya$l!i}F`t|V&Zo%v3uKOeT_SLK5&{WW3;_ubhJzC<p#|W8=6H@=Hzuhd
zMnZ$?b@kj9d$0nsOn^?%>M;C>!?;5)6y43sSOih{3S8#`vKcFPEWw}TUnD*H-zMV_
zDtf+Z7~u9Cy;q?yx#Hex^=4X$=%_0MXVf}a3kl45l1AEV3SFLFs<*|@NY=M@gEnq|
zURDV6>zp1e!C0|-@YN}%Ro5oyNc7Zoei{HB_g7{ot|zHAfat_@J&<xeiII0>zSeS^
zvrFV_^;lW4M5z|E2-&qJ2IV4c`kCt-n7+A*YdYZo9tP0KPJMs0N*nn15co|exiKRu
z?ma*Fc`V-ez1UpR+p8eOl_?hHv%SOiST~FR@->mR)K+(Eq+%aMU%(Ohbqa`t;TGN%
zCmk91a!{8zOA$SyIn0+CQ3mV9Kva#<f|NRW3JCyb{ZPkT6P-}_mtlyGCwv8IV{mP6
z6oJ2=V=k9yPYIFIx(3tHu)fn~HlyTb(^zx;?Maghhr;5LBDPjV(v2JQ*Ff!P14+HD
zp0I%Ti*VMGkvLpQJw@uv8TFv$eu-DX{jPaMC0a36|DK8mj&&r<WDc*+brHLtn$P(B
zq$zCpny~1<o<`!f)lT-5O3ZLnkiy!bc6{-7ApgSuT;O07&OJ;M@^COA!+$s1v`XjR
zdBfqJ6s6TK1PT&e-<_1`!M%$(TEs<tLGZQ%qc12%U*&W|wuM#`QqK04Yv4i(?fXR3
zyK!yBluDZ8>j8(cg$6LmtmVQE!t%h7_MPs%nwOM^Mq1mgnt{>Mw2DbzGtkY$n6J5N
zd9tDG@_HBCOjK%j&6V>`Yl;kMa0*Y@;5{a+)V{5VHpoe>OY_JUs<~Us_p!Y>1vAvt
z!9$O)THxrC<Q-EiHe9FdH}c=vs9%Y+mT*|w^EO#~eItL*#|wnm;}ws;rJTPYc96ka
zuj}KU4{DWxi_ib)Z4D38BCFHe@mBIDE2!cE^BxKqK7%gMiTVZ!?wur>Y&2b1VY8`J
z6=^jfRvToAn>tfN+@teFhiy>w3k|E?GMi&pZTqyCQzj}M$&%-pFd%QS1sbNStD5jv
z|Gb@xA=~kN;u(n<#_)26$v~%+kF%f4<4?cFraNzTKqGjeLcJ5}aY*iTM_yFKr^jz1
z+9_0Soof6PNun*_#J)q8KxG!J7mOuoAbiDm1q({+Oada$Iq1do=IPM}%euT2TCcT)
zvhoOr9u*hJS#2v8jsNDq<YMZrvAFZ%9rh-J^10@HRNiNYPhN@=s#)jx<@RXlwH&Y)
zq}S~;#Bag`(x5xCzp4OU>t|q+u<aq2SW(`zf1^=Y^zp{|Da2FOM|nFs(oZb=Xzfr_
ziG>8RC0_h`RZ6vJA!IX)@pcy}GMUBBaWtij){+q294K><r1VW4(=SE$L1Ai@7$y;m
z*4C3QjPVB#E_uZVNu}gaYz7|bv|5$lhLQ)rr0MWkw*=IKCO(QW;q?*QzKRcCSIv&E
zSkBcbKG%T9rg^k7Q17P=lXLG_97I2c*3<0-om0yByM-5jADfVTU_k3c3nPBhccaHL
z3!Tr+sB-wL$X6zuKEL6;s;<ND0MjL>SgcgE$t-i}Hj6l{#kgXXS3FIAR2;u4@>YrK
zzcoa(Gr9jtS%-<6=444VH;{}Ddo6zg|0W+nO`?{U2W@x^GYl@nUmgQ}MLJ|xp!S&X
z5!52ylWC@oim*HDmZPyaeP$>UcX5{u0!*|g@8HO7ibgpc=c}Q7Lep3MPWcf$XkCl^
zcFwxl96RSdKvYLE2QSv53iwSEt!B35A;67=XkvZ+I|B|nP8^jcXC1OcxAx0p3iGc-
z<6)fu((f;p6Vd^;N}2Hv1aU8gRV)!cPJ&<(yK<7#x4$sZO=?({&yV1(*_-OqURZEr
z-?rxbMEM&3A$T^L{BW_xDfTi$f<X4cN9uD2Y}C({4hDHf-up1Bk+F6Wjh&A0&<>r8
zphF$J_8pr~Z=y2|n@|z2bu$7?q+s~UDpu)IH`bf?8QS>iO-SdY6VlPC$uaca{FnfR
zp{%hl_qqW4LiE&F7NufG_rBU701pJuQ^XnN-jMHoEMnQ1Q*^>nN{C}aiD!Lq#`1M<
z5OyI9*ws|H+Lhc7=k9HsG8;5>+!LW17F#S=x(5O}($OA$;J)bmh!f7DxkpRHa4o)I
zC-(JjbnbUwtVqZtx4xncRgejt>!JnCD&r~>9zHUWKa{8laz<vt@v$1eUX~4tX9rty
zR|{??h?z?-H<tj_No{_$*V`=~-K|Ouh8Ly6x^BxdoAoee-e=te_9Ie>@_e^1FnSrU
z!Tr+=BKCt|-dP+`b5!5Ji)ln64VzxIbHgLDGI}N=B9>!qd=o3bEUQqX&gBRaH{awF
zEjYeQEGtH825|FmCsu=w*A%EzUz{xr_`xuf5f;Mh{C@Lt%SRCD@D5sb#oZ70G<hYb
zrl7%YX!eJ4VWP6Kyw4BIYza|o;t?$7?_VrtJW9Wvs=vOeq)KvtOviBD&=IJKJ;1(j
zfmN0i*B>nr_B%bpUk6R8Xw~gEDA7rwP<-SrZJx!jvmaMW*m}Hw=tn0996t5VMR%_T
zoJ!it>(|qA7m~j}whn3~d}~|;dgpoXvTkKMkDZ8X7U==nM)br2M!&fZH=;V)#u0XD
zw6w1_W)X4|%Ov#Vhu#2&h&LU{5P3UT>52HmBGE-zVVg!&Z;qqn5z(*8Kstw|{U$<P
zbE&p8#6D}j`>~!K?%&08CcMpRVqhgse<=vncSJWdd_X`-r|ZlH`6-zfo%>0StW2Dt
z-o904UKu}o6L%}<#~09=qtp}dP3gNrCn>+`xN^k-{VLR>*kX?@m)HC%-99(bLTBgV
zy1FY?m{-g_n%Wm%rbd{m0FeBuhR!F81tO8CR?_XZ4@`5)zCJq0E4^ut-fk-cK|&Q)
zUIwL!!cB4PpevPM$_pdj2lJ3@xGD6ZkX^xvl8=wvZOr^-EMY_u3HsK#3PA5`fYOS(
z_}9<#!*`d9{-;AMa<+?!DhmTvyZRyqOHFpE);x8Tx3JRi#v&E(sj<Z-IUcz$IDq>u
zy$RQ1pe~F@@H;(3N(?Rz-hYF)Kn|Xyc_eZ0p&p_pI5rCKPd(OuBf7>ieZ)Gr#uq6F
zqIKZdOGGqyZe9*9{>Ge3#1d#wl#YSZ0xvFP1{%s+T9`O$V;Ovz_wFPic!VL@Y$0Z|
zQrJR{Aw6%_@*OVsyx8)k=c4)G)NI1HkA+s6c8$-mAIYar&vU_h72b`Q^AqHEsD)g{
z7*w8)NTP&IU+{`%Dja`S7#c>1rLAbDrLy;b*?Lu<)AY*M=J3<lkZipmh)2D?x}n;0
z$c|@YCF`fx$d5|g^ky{}z!@)vUdKFNBe;LI#d!Ro)_1^8@4#9HZZi<dkeb`rQ46l4
z9sj6X6?M$3N7pHS(FBS>KJf6ijc*u8uwJDcrjjw$abcDf|6#o5CSPBvS0rwgMfb-f
zTy>L5a9>W}^aiZbYop}=kmmRC@jPfI_C`zD3LI&cJwq%nXX;O0B<lV}!6)(`&wL&w
z^yt<2uDsV1YDKOqF4oh;Upmv9e0{~sJ>p%Ke1KytDLx((j{p9|zW2eOrsFbM0{G3&
z*>EJ#jyrJ`GhVX0Z5~GrPdBGG2_)0nLi^KtgYfknR{nc-!%iG~Mvzck9MP+cN~Vz6
z=<?cYHml19fzo-*GrjR9Ef|Y(aK)jaA`_ZxO>niTTd#0SSltr7P>N`e>L<_YI^4y1
zG%a~#dXl5dh86@P^7n=Q4em&rxGQHwT4pRLqGu|<s`H}1&}670*(_SmR&yP{wB#kH
z)b;2QZS0Q9Jvz}2Pyq3+Wc!q~(5ZiX`RcdxNUu?Z75T()hp4*huVOdBHlGN&74b_9
zrypR8O7-JcR-$<b8r<M&jE`NGp$YZg+nM6Hgg-FR>C{G*t2;?01W#NGp}MNBua717
zHGdj>nernr85q>AnM)M(VmpEdmt!K9XzW)<Ha3K&w#T;*M127fw3OA)Xzm@8Md)HS
z1)j=gNMr`g$PQ2(bqTx?F_tKEbghfk&l1eCD^9s{4bcnbS(2~{dSkl!?n5t+P8l7i
z65R{I@VGWT5$c$jSv5!8BvDFV^ww|JeyjC@8*i05c+L$iJ95Uh(MuhaUk@GQsJ~p6
z;}a($F7L(e?!;vQ#c|T+=cUXQ`R(AXJs|1f7GYCJP5*w)5)K#7#vr0&DP~t(c5sj!
z?W?ZyeUtfAw_ui;kzSO!Z>mfM2N_0}ae)RIC)%f#7$uD&v7i|V+Ne@e-Yu4=XTz?!
za;k&0xGY}AO`qgWQ+H8Umo$G#qlAKMFNeDkgC#pv&g0V{=-UH#evO%HdtF~`0rR9T
zVQ=EXNcb{#j%6SEWjz0g7j6-+Wbx%9QnK$=JQaIFlFA;#kMJ>V2y<OmBE&nnQ*t`G
z-E{kPZK<PSY0jR%*}gn%i!^oVPTULSdrZ&<a>vF?34r7mqTeQ>+~`R5jls~Lv(dFA
zbEiwX_vdYVLD(AtmbT}OjPKYp2dasC=7P1h_^UYt%g2gSog|NA!sSAeE2}L((ru>{
zm}p9};B!`aqp~}q(+Uykm;||$UhGp+1@{viP_>_i(7m$VqAvsvR-AB!GcLg^Vg1Z1
zHBHxo{=~vFnYtEpbR0Qhn!t0Q972yCny&G#d5MD;3xs<R$+;iyRBpd)`_{gzcPY=c
zdl~q>s{?Z(j6*edu9u1EI+f-<hDz^eYYttEd@siLH<AT`891+hsS$MnQ%e@jO*v-`
zs}^zN{mL!r&=1U(GZ}TPI`}u&-V3izj6l6H7Pc=438*M?!b1Qm1)bn@L=f+UX})${
z8C++s4Fwf#ET?R9DbOI4*2v2!)Sra=5}!hEM;ANH6fvsomq)|~--(S#`xmLW&VQ3%
zw+PNb!0%hv=2=+fU&kr_zLeO4&+oeXc<V<hXzfnAio<y`JZqD?d>?EduYYH>x;!vZ
z!CQ!CijTnI^UxkzB|XFNEBA1aLs$IW75$POX!Yg9g>~c{o~UW|_Y_&Xhy0atrtjZc
zDXN<$79vRD!$#s}<CA$g#ygzHe_5JIZ{=T0++<R)4j&H*k?uWw8~Lr>frwioLUK?0
z0PjZ-5d?;ZMxuZPLZ$&?fJVyxk0F7<iIA#M8U_h65SW-C0>LDlPwB&d5`tX(yc~ZM
zf<TBb4w*`*k!A`h5*n;{jfes2R@jo7%;P}g_Z%~h{c32A*pagn8r8Z-Xmm8c?BV*$
zWW^_zx<G5(j*MG^cifqOWCbnM7t?7Y$j1J4Yq^KURAo|6eWDYw-fro|sSDG}K-6fW
z*R>qEsPJ-c-iIW<uaGGCo7=WsWiGYp)AeubWrZYX9Ir(_+p&1P?B7)dZS=Y`C+p~0
zJRs^6#vjsFYtA>&a257!8;)gk`Xge5>%Hn=@SNg7kIPC+XJmjERae(FS}$9U@=31E
zoa0FnVt5^&-g|quL2GRu>-OIb*EeQEdPiQqj7@+SRjaLr>2}v3=W6hueQuSS{_U15
zo(sg!1t-8|VSAT65cz`PK*(8bFr1j~hbQZQoX>&J!9VW*$Jr(iyae2G(^-z+$A75L
zY-p3$8`&ow$VlK+d1-o&(MOa{6qud@<PqJrrMG@L@3oqpjE4vE8^?a6A22pVDPyjv
zudvfsbRtb`fc{|Im=Oo|TC>rbS6A{j4r?bMDCKsj(V50m^4<@BdtHI5SJrm@nX@gn
zA5REg_{$<J1DhDrIyHlOIio0jW?z!r6kgV+k>%K*<XUXF^5Q5Wi#7Shz0-3^8Mi++
zl}^9|XqgV^#$TF2uJZ%qZ^$N)^%!i|(=ylI+nLe7XVt-kK}i?BMJL?6(Qf(qMSEJ%
z$!w&flX13ZqvNGhR02;6bR~bkpv(=yrhkpMW*a-c*S;<y`7|N!d6oUw2KHgCUudr=
z3kfp}R`r<|5RT3Uf0a(R9+tB>OkEobF|$`mOb~7D*K;;|gUb5bzQmU9i&sx{<6B;0
zT3A!fzcyHu#OCdnK#1G4&h{}jdVy7!Qam&ZVa@rXDHvS&Z|g1;z;yY+eI^niw&dyN
zL0NjCw1)NqHo@`LT?l_1Vp7^qt-5aO*Qu09{Ap__4&S|$_TN@}ly1@OifU;Si2VdW
zHDT3>zn%Fgh7H#Ejfe$83_-0<Z*b~G@?C^C73|e@E-%#4Cu^F-Jz7;D5PN|&NCyaW
zi3+J=%F|CO4D`NK8Gyderj)a($x+GQMh59RTcP1N#<mNJ%cWo=Tyyl?RE`|iz;)@t
zQFa|9@tG{L^PXPol4lqnWZ~}(Y&yO5Y0<CL*5^aN+f&`>3-bfH1oZeSi(j6E2_amk
z;gk+%4bv~d*SxJ4cT<>Ar>0*q4@k<Y{$S4}uM^yAszU3y1$(ZjCuJz4$m~E31wdt1
zyfv06J?0U=)%%DLmmLz{(S-=tr{Tv(#jdlnL~t!Z+5mlx<(h>R>xSgjB^-LpMJFta
zdfUzHHzNMADxX4l-sT5p^zN?d#JfF%(#Rn-Wv@O*U)t4pH<LDGS{)uJ+7;*Q;v!Rg
zJCw62PAljH-69tEb7J?0WtKa1aONE%DTu=BQ(uk}#}SQW@ZNQM6@0>!<eVvRwuMkx
z8x0C7P~MibW_;m|<Jev77|)Mt+AC72Jy@#@BXj#g(!wp^Ikx{O&{WSEuC}s!9#O^2
zF64IaCSKVA$i?r|)1^=)QeKerb6nli5X}c7YQ^Lex%UIga*|Ei=8>r9N9ec41?$%{
z{3{5QZFxJcRmesf=C&_OJ{viNo#q#t#MwB?9ely;dThlm=5sb@L<yw%bSlvogLHgD
zghPT~Ksl`x@v#f2k{#mx#TTI;&K{Q9KeHAKhhCS|ihr(C@AZMg7+joG49*Z-um?E%
z9+8euefu5^7hXk)&5_ND?rl`@Rq%X?BC+1DcnRm)yIjg9L@Fsnh<N`Jk+Bme1q!A4
z2Lo9X?(81;?jDf>RKOOnl_ENL^?6i|)tx&>Ym!ofZvd*x^ov}%C1%cDM||E-fZc0V
z8tJUo6H=lKX;w|e^guxPEv{$}v|888#7*$Yhw%AtBCNn!$&0WUdnpFa4xc`Mm5ub8
z25*3YG?Jv111ZP)ofp&@!MEvEVVF1ZGr|Zzd+>g}PU}Vf4oAQH01eK3KvV@)ZxOvA
z8x@q^pex+d4BLkplVlvLnkhwZexoxRd&k%D2!Hdvlta@+ePbo)jO$Wo@iw}vz2NO~
z+0EUn0X=kdZ%0YLtkH8S-m#CUR#;|$Z5njK^ng!Fc<yPXoFvx5(Og4)h8?LXj)PPY
z+lULm$SMa$l)cWVO8gWdKknCH`$t4tP-!J4g;BH6&Azch;+<-Utl&xY)y4Z`#Flu>
z@{rt`dZY+~6G!6I#iFjO;@xlOsM^p)Y+qfM$99HzFpGLIlQK%*jw)e^L*u$Bd^76q
z<Q{(eD;q87v>o?-U;W$`)iJDxue`OZQ+BE^dFVqYded5ePDOiZbC`yFzJEx5G^lC-
z&Bri8BX|$Sj63)A{soDMa<aQdekI;-^V8!<->L|-^%yjm+RF=dmE)1|RKA7sE1jEd
zmX+1UlHo6kR~dCio4Xj%{tuvQ**EqkBoSHkUxx(&fL1y6OBa-Oxf^n6Di0>J(ofd}
zgl!jd{W^s_MtiRpe)l&IW2_*54hQkY5@(RyQ^t5YlSQtK5&N_yIt5(uaX)a(3^a2k
zIv5~&W?wGb1Q86DT(-Xm&FUvzc0xYqmXO?Za75yS`iQ#eYitzUkz*}7-=jm2T=RNv
zD)CoFNhrXIqij@FVS5u**eamAq)=1khq)@^kM4G8oldd;Al?xDbvL>Gi#)`|4ZfH|
z$^yR?#>4=>^T9#@`zJyuH%=cQQ!xS|e4(5Vuw-Bw7$oY(s(GY*xTo57K;tz6()|#4
zFaZM%o`;i{Q=oA<0prOH)mnH-0>t#cg6P`KVSl}@U9P8S($spzj2Bm0S}F>q0EHI_
zb1vE5X5HiInU`G}URU#j%bLwv*f@f#3BT3OC|0VjmPA<yEy%tFc<MqWHjt<r!Gcbu
z_vSe7v;BC-#;!4`A)(JbEg)dQF_r<a7WqnLFCD<vx758}KgbJOv!O3{hyqsb5&A9S
z5p*<446j<w%_3~OHsG2}31v*G^R?=z^987}H`mCD*vyns=xU#!w;3CWkC$XMhuP+&
zjV5+7vr?L+;q5_>5_zENdQ=#}#5eB7iE@0_9-33&6`kTOl|sJ<TqAj4tomLmEr@ms
z+o=N4?g_1^V{$;|F*$8weIH?BDX3IshUfEl!XfjF?1#rwxqAjphEz-<DQ$dKxwGPa
zk-SWmjXBlkC}_Z<)WuJH0_7ps0bIuUaVZS^iGocuCA59n)jb$Z5s`hBTWtABS=DTa
z<djn_(e2QMplLeh`~$<P(`OAcON#}zf=PfYubfvkf)G3?rsg<HKo&#deoT+B2YZ@#
zM;ZMd;ov=Ir2P;wWwBDAp&CCEL4Z2Gv9bD*^9z|he0h@NgPxo=B2CoRHaU$vZKZx;
z2M?6R9?5?AY)ntO^wFXZmBvMuPQKv4tnrBR+`hqDnugx`<{(99_+OdvReBa;GsQHb
zO9=WLyb-n_y}j^=IB=8noRyfh@aCBoJs%K$E9OwVwZgtfC(5#(b<e^2@=b(PoEbfz
zS;U<h)Xi|rwVvDhJAHBcO|`G{R?NfabbL-(BAjH4I4$=t?@m3t=}1IghQv+=%})%M
zS}e8VyH*IM_>YT*Eu}U5sQ2Sq2a@^{=Z)P?=QA3C?EMK|Ydj2m<g4%~`HX=h*!7Vp
zN(O~CHPSY9m<l>PAGHZrdmMoBNW7M#GTZ|_qJ&a$Huke`Hf0N6Z|=>gozJl)mWhuR
zwlSX1<qEsv8YQ-fY6S^G41e$2+MbYrncoIcTShi*WQ<gz_$=?6rs@kjV55g$?fCh=
zS`Pkn!8&U{oFmktp|Y=^)^cFzxMC3{_g)Nr=hsvmLa0gI+3XdtliU%T00d1wm8t+<
z%D|w2<>wGc%EVBH=cfd6^FJl_m=U-IAnO8uc`z7Y-5dy850cE20J~;kgh2!UrtSEl
z!SH#I-&Vm8CLiV!(gOkyCnb=F^Qi=pmYPTXp9(}CWw@dLH`NG)2r4|~@?dy?U}$;<
znm<WA$d^w^Jg`X~2L2OiP9;=h1qresLlzXsf(lvC8Z}nXed=I%xWU5-7)0RPEDUt;
zQa?N*43Oukw(t+p4i?D6^Calt3j^UIKGh*Ue<7X#kb|u7gL6D#pGpy*BppC{22P}n
z&+{j10O4wBmP6N3VC;*KY-uH;kQl>h0ktfBFKG3^iDkK<w(TA&Yp?Y}@mGk;&itVp
zUXCjQq+*Ohf?{&p^<)}MqO^pA$VKPtiK2p^Z+8`11+<o<&V*H&>`));i}vNR&T-Fn
za)&sCTealCBwuUhe@!S|fX<HR`5^-p8+xPF`l7Q#;m=|FLJ5#HuZwqx0w4kY^_sI;
zfQWz5gFDJM;p~&o%M?%?;v0)L6&FD4+)LVz>10y!Zj6DwJkn09y~1}m0S@GKbAuSe
z7~Z^VUxQbC_=8s9Rs%^KBhx}yKgwVQSQ|pue`@RmAOr+_&j@Vs19j0=59h{r093!c
z5ee~Xl}fZu$(6#JMM(1J;22^=QVZS9o7?d1nhyT?`6P@WBTXeIil#*keG}(bM;Y=Y
z0k@#2f%o!8cvxYTnWXmUF|3V_+SzyJaHP(fl;fZPev8nzuz}nvq3512zI^6+G5rcc
zYc>YK{Dw2W1;Emq+ki~eGW<UkpE0PhUx#=A_a4v|G9&8>KGyoK_aI56G5FtN1+J1i
zsKm}OS;`83;N6S#wXm6pd=EX0uO;#;tJg)F_DETtQ2R96%Nns7iX>T$wFCM)jktEp
z1}^JxNK=nB<~xy{DLk0MZ`8p&ye-=^QwSX|LKfgvw{_<~0IERmwY*lVUE{JagLSB-
znVe&0ZR|!}tfYiV_&y7leUI+UVDvb2AzKKG4;d1trzsA_Fs4(B%<w#C2?@;b+cG<&
z)k``LNE%EoQ_|r1-C=4vyV0J6;h`i*Na|{^^yW28BRN4EHL<zvX+u%rW!K~<DN+kI
zjZMXs<X;&Iy<iNGPXT6Cc6aA7qEsAN2*rDbs#!`lC^U|vfya-)&**soAj=oQp1aQy
zQi{A=U%ISPUaysM>eLT?7cxHG>tTdaiiG*eHT9uP+5u6R*FfV1Z*ylBaZ(E*DY-Ph
zF6Sg`gE(Inl{vPEP8fkAJPOgG22U!BHr$70GyIm-QPc@qP!(f?zB31k83x{E{d#W_
z<FJIT^8RO1`F;_uw+K-AN%j>2hUp)%U-32+wAd?#YMb`5mFflItG_%OuB%0q_`DNX
zlI1O!&Ytm>eDoGBz=6OuL@lCXI5x78w$PjC9ji>?O3qZ-uaau3d8%Pl*lHH#Y!i9&
zYjRu_y+WrMY0x*ez}kdBq)GjRy>ROsnoy~FTsT+y6lCGl1f-+e3_pqB1|>i#(K~<(
zbF|;5u#!WTn(y@CTm;&}Cddw%O0O+f`&{uIg{GPxa>}UEW8q}OR%3c2KYgAmr-Uv6
z!q4eT+OIP=f9`xgs+F`rhtO*inNl|y^5Twm6p3zlY7(RoYVfJS6|cz>K^tIlwO<8w
zh#E()a4PGE5>6gD-zMpL+aVw4XZ_M|qGXhdOwrsMwCk-Z6~nAokyN)lU^|l%lK(p$
zBhGkwSQ19jYNosHJ4IQH@C_sV<*ONu^Rdr$T>ixqG|;;+uqe@4nyAf-YrOT#a^VuS
z%!LQyisB&VL#7n#_zm=krA~>081ZlXS}kRsE;v9H+~FB3xG2_>)Z5aNMVx}F64$mm
z4s!$EANB6~AHY)|&8n;IwMYa5199l|HHSo3(yF(=uPC=M!nC8AqH}mx;0L^}%JAH7
zxfoDpZ<m;>aK&7S8z^zDq+aq2^Pw!8a@03bvS0xbP5;hSU11AXVCGDy*j7D|4FZr+
zG}@PbVD0U8P^cl}(xNZ<icKBfQfQ3M>ckv`tDA32@f}SPRY#%PoOM1ZH++>EI+jCf
z4dyOFLJXtIHt5n=jPbBOerSEaH9CQ;=*{@I+fgCoo%UU!i)?S+g1J|DAxGXRMXzs3
z=ee3e$$NPO;EIRK&%UZ@pjKFW@J$t8pkwNf9V3BBq{=4g{jjB<CbMsSoK2BY9rkVL
z7sy$@Sfsq~GFsv%a5VN}=UHHaYag>ZTn_F3Q0h27CY5!9ZAvkXH7cjG=~|DaCt4t}
z7etUn(ux;Xan7q0f80Yx#(+q$H9iLXaeOZcf+_n=f7LhXwOW8g(qBrr>_eFsKEKV2
zHo|qAEUDj!Oc^cIEX(Pvi=li@`&!-Mi?2~E^)2bheD|vb0Y#`uWOM4e<ZGc;QJM@V
z<Zn3lj!FHBn(|t>Kc)ovMT=HOLfYPsdSS^c3*@2-6~3>?F-WIL_!K?3D%i%@M6Vqa
z0FoS+>(&INeO+wA8IV<C)fa_#w~IBU5foRzFE@yP%=9uqo%<3ObCir|u3q7Uf!)1?
z7`9b@DN?`%qs1NRP@*av@m7@WZg~b1w_=iwWp3rBL{4kG>0Du8vCXf2ZCbw8_06>7
z{0k=IQro&T+sS2(yvKX<%1RMSidSFm+(97EqL`SAvAwf{v$>&P-2>VbCdP)w`e|Hu
z8LH=fVF70c2GJ}GaUOoPeLs2w7`n#9T9(j--zio|qJ~?6rp@e9bH9?ut5;o0#uvX%
zG+y#zPxXH-Inbbqg`74k@L~F0<M+^YcGNPT)SNP!$VU%;(VK!pxOU!4sA#dZX<-n!
z{IGH(!X`gOetp#8d=je@{r=(PG5Wwd)kkJshx?(P<OlpCO4EGMAzZWO)u)<w_yn>-
z1P23z=Fl-Gj|FXymF$PQ;0ZK?pZg!$GzqH@#r%ILSgZk*Cemdo!r2|$gDv1MMRpMV
z&o^qT?xo)aNVY#NwRR~}T9GMrXw!qBFogX*rwdv@w|1pM6g5L_uj2!C+b85#S588O
zZtr@QeDAlR_^j?={nf+r(t;u~VK*w?ha?A7&u;ugf8gp|LBo9LvAlbSf9xhXrFBoD
zvLojGe*vB+qVYe`QcfW7uVMfMkMKQZ;1GBr=!uu}35Aj2LSzJh&r$+UToE8I7i0?p
zjWPgaPvQyI&-w&UN(rdy0NiJ61_Qw~Pizr9$ie;>T?7c>K>sV3zz+>!G((unbVacm
z0BAT~$YH_nEdX>>TpItPHD|c-|Ks9$!AI~&%*cOv&|otS0O=ph#>@AF*?^G3D+s8<
z0f%S-o>?Q9jo<Sy`m@2#+5j|gvNS~EVNMgms#fv9LWBiExY!WUEqfT=XVEQR7|8ZB
zS47POqLTm--NJy7k;nSsaUgqgJu#4(8f9ex_Q)W%g3+vV=goPP+1;P5K@;rY+u!UD
zzga|($LwtEvje4&t3JLxVlgc=I%Lq)U?2>1YhcEI?T~$P&Aj}YFS&?dF$++NWFL<3
z_~s%zsH~0MXj4GnIC=hb<lXVO8yvwSXIq!GZm<CzOmuPCEk!_~g~@+C3rfo;`$4Yh
zKP<_^`Im<c<O4s>AxR+caZ>^zT<|ADBJlA*)_I;yhseYFWK|$|6&i^K%$^8~{Zu>$
z@pJij!Dc?N>X3VW(z}2h|6joiaH|D?v@zBfOA#7;Z3<ujL#+0Qzz0F=eEiQS8@=&g
zoeQ22xGAvWYlu;pzQR%?0{Nc*24E~x0L33OLHOQJ&>9BP^2tsRhBs9OEO`<JJjJsx
z1uT%C;}2ej@Q$8sk!}CS7653je_KEh`4e-e5laUUf(UZ3SSTD<(JAm5+o}-p13_iI
z1ds2;`1)BapiJ(bWH{K}+vb6MHqb+^Unt7Sx;NV|)V)cC*%v>^7_#R%zJ!q_%~FXx
zp7HUGwokLHP+6uGTZ09YwZ&GiZb#*fx2l;<5I^$xP9~KcpcriZq%!FNWA%0yeQ!{F
za5#lI+yn6XScGG6`<hHWLJb-+yaB&+0+3=uW|ZUP;QPzL0`hY{_bmtu3;2hIMTP*O
zUIG8*UOj7%{LaKc{oAEdTp)i{2mwnTa@$Wm3I%eAe|i-7#`&)~xE=pB2ZVM7{KLDV
zp|1POyW&ZNoB6N*&Y!=|AL11v@E_)tiUY(vEAIgKklyoLz4(Vp1q&45eC{CNDt`b9
zn86j`1}S}fwhE!&KRpCI_zu#YAlf8I5I@F61MbN%;0K6a9f&qtTe{UwT&(U5ue;rh
zhYKH?0~T$7LJR%NH8A(Ds;sVr!O&dVg|Ng*1K48gFyZATH!tB#_aVa{XLqAYO$viA
zZ<cEYRJZqKvXFm%soaBy_WCS#!F)=}zTvVj@ahE&-`YKD1K;6?R(s5&m^s9~pe3Bl
z?$2e_R`KKtx5R)$P_5Vn$cpU<nL&PnI~<&51)u<hYhByQjC`4pw)0Y!rMpKvL{j(~
ze@RQGnZnCutN(~R8X7-5g*$lLT>I+gT7BHY^jvS8d+Vj~_E(^Hq6;u0&e=7P&42;n
z5lub8H#)y+@^rA-`&~y-KW>*zMu%z#n?|f-NF@HTDbik=>=KqfL1F=Ml%G>wW`~6#
z>tZzMSLb&r=ubpG#$UeH4m0US>7qF#@*Xn{>0{Dhune2+&_M}7CuHH(PEsSL*OzD<
zlYh`_+9zGiQ`#t8ovMS>hmn7nG@!hKv%yQI%R_x<`U*V;n<`Z}_MB)|Mn>xfS26-G
z#=yeHe1{KO33F7*f>y$C15EV};RdGF#fxYJv?v#2kLQ46&W)&%d{{7f5*}y$&Am98
zQ>_TjR?}&az6Pml0foE3XPfdTU05_gaHYzL_5e13EB3ZobIOfVMPr3QYoUx7Hj18O
zw!vmH5W19CQ$3mDkwY>RjyjX!)E5JPmC<pk#4CEx>D@a;iA}4vcX2WfGwCu0EMp0<
zptp9vdW!7Nat>%bWL0Dr-jy(oO)Fvzkyn1|lNTwL=}rWYiDw9};`(`@08jCR@v(WC
z8!U)#nUxP|(c6vKne4E&5<XRJ;91#Bm=E6C^qIgWtLPhb2=}LJ!h`DeqFR@~<??IS
zDGt@y?uf9&FjV_u@^X7>XqO<GC91@rgY-%%ZGNi&<1;f8YJAGnFT8&}(EY?#E*r1<
zR%-e9;r%7<p_t5Fjb;<HK1A_BgQr6*kS^vu;OF(Cw$LypT!Efj{TfYHDL}t~jZo{u
z%+=N@%V>pG^tY+7F$XVgWZHx2GItC%pl+W=X>e%bSA9_BC;S+=^SyfYD&BjcWYBb`
zHKmt!G*K5UOvQ<Owj$bn@))i)KLHL?-vz#RD$ht1c3pW0Vz%bq%M*?>iUvg^j_*?J
zDrGtnRlNvW3Pjo3Me^^7J+w7-@>o<Au9;joeYk%HlI*D0Fpj3bx30&>BqM9P>Igm<
z*SZgw+9(C)ATk$M8usB~WzJPU=736^DfWiz<cdEE279Htw8*`ZJ%C@)PeDb(V|h0p
zbW)SvrXbkHS+DI@lbTz`FPzZu0)6iTx$QM>#zUgfmSxTXsxI$DuTZB{-A+kmgUY#m
z1ePY*YokiT3XRYRTC&MTh3cbYY-P2T%ISeUlGmczmUo-sGJ5V~qb{)Gv*DmATcWAG
z(Z;g4_qT-NuSkr0Y)nmqqFBxa&BNbP(mEp);kAy1i4YcZNYuxV;Q=|{CJkRLqf7qk
zl}h@+QXekz<#o;3)-XNq^+T%AN?WKK+)v3&>wMh8R+t6LmG5<zvg2MK*V>GRMy7_9
zL~|DM2tAV$mp4c0IJz~PWxAF?6TJRv$4X`~pn;O&DJy%oyeVDDj3n(jOgB-)vTs|j
za0$4)QHtma!%EBM9CGG~U#7`TSb4x+Ok>Qn8v|EH(4cJ07mw%H;XZv^N?{4nVvu2P
zD@e(SSp|ARO9_<}GmfYY{6bW?qPzc^zk-t&)No7<rayQ@P^)n`L0we^EuScMBTt0m
z?<YsU55ckE3zKc#G-@3YE}J1aqtN#Mf~6u(bX)zs8d{2GlG}2@zFMkvihz}zS(@%=
z=qm1)AiwuQn*^c)_nHc&Ak><=GAPHMbMmp$b`>p}$93TEy!<SsTOOd`r^bhsxVNL$
zN7p>4d3Rqsq_3mX=oghpL1OZpjk%B3G!G0}oHJO)#7Hq;UnbLLQdmh7Z#Awibltgi
zaSZ8hddc|>!i_xELOYnShP)({Rv<m)M<*LmZIQ+`VMDpt%&mrHmd>fVSvJgn)xfgy
z74OZUiSely2}m+UkxHGMHVo%SO;%rARVIo~a9oq`p@2g4n`DP6YPtS*I5j+*4Fm>a
za{;k$6_xou10`OOATjhmcDI1xqUHUuyf=(~d+v<WRsE#d`@kx>$G&j(dF55SPhpl7
zb5e6H2&&3fZWfFN`ZLHvQ04!WkO^=-53&M~fmHy4W&8l-aD0%}XSJ`tsE5M=zyzuD
z{{wXdz`#s^J04Kre{0|X1^!3e3ld=L@CVR8p`Hf>PDs%|CkI$O2SA6;@fY<_K$rnz
z<p3NQ4j?%89e^4BS<MGL=LZ>ApBT-soRA-$q`U~9+W*1d|Dnvq$?=D?46cp_pn^+t
z0j@BRZy*CL9vCSK@Q1ccz{&BX{_}+V{;TD`JmyA0Hvkh7sG-I|<F$%T;&5YSeVLb)
zHsZ%OIp@Fa?GBY;2doUT(%*cx=9{ZB`BG2vz#}E6=&on8Q2T}$;Jdn;!P7w8RI`w0
zBO;^yvgsE2uz9%7?vw)Pd3e*GT59875FI{W+w(}tP?uAe(b(Z4zQ5Oh49j;!tcyVV
zy9mJ(ui23*63q{hnciRu1kEb)WBU1#kZ}Abn*%~je}W@VcfrZ=Oy>}X=iqyOqC}+R
z@ErV4t1d*Oz(0hJ|A0gUV5WEogn#0sL!Ra{pTixO<A3uxID!B0Ild8-LhRNV{g2%c
zA+8Q3WC2U$0BBLU|57^Gz|J`UJQzr&$deEoWUpsR2Y4asAH%_L0>PtUupCdH&r(EB
zpZ}<+alin%{)qKLzFd8hQJYTx$5>ChLrPC@Az|t#CAG$$KtMDyNU#zqq>cHurp%s8
z7enOC-L|*oclwTMcMq8ZO<i{nfs)6<KuovO%AG+WmUJY%Ompec?~onSeHxiZM;XqQ
z_cau5{+@JW5fS5ob{SdxiDL2>%0WL28`9sYX$U;b5NO8gXqu)@_gLApQlJjW^r4D2
z-ghKo(^b3=bnUeMg!HZKmi;rv0oNb90RKakiIa!_FUy7#62D%B2<RaIA;thg<e!L0
z$q;}7koD(q{IgI1E?D&w0y~&A_YX*weSSO;g(?(C<9|`AU(O$tsss)GlKIyRoSc-L
zoRGR4NdH0m8=4n^8+f`VTrgQ40112rk3@~g$@%PkfJZa_b|Fs4g+sa!45ay!Q}*-;
z0i4fqb|5tOvn60TIU&J!NWX#M<OV~c?DF8fN&p@Nw05M@Kf4UQ2>@dxP(4v3MYB1Q
zk%NKL&F>jo+aKNWBZ&{1_KUjxL?e#jQEwM`yO)2gHMZZ05kV`$_0#){$kz{lMVv@J
zd~fSdQs@4iU_;%Ux#^;G)RXbCTlp<RPLQDL7x!4hnMsjHB9yhU`QT}O=4`5Jp3~yh
zUu1=~VojAf>TzzzN$o@VpAkzRVa`Qu3ZCzo=s&8LI63+LdU24u>$pM`0)KNPL_pw#
zJbq5d<A<06o(u8<;sU?V#327u6a}#aH8>#ypa2djgOtreQY7L}kEUal%pI4L^QrUw
zr)mQyS0l6<97Hm#q!jYJ|IL})BXU9#qLAgef1vYf|LcZBk|y9WUQAr@AP?pr%b;*_
z{dGhZ${~*4pZ6OigZg9~SjaINw|Ou#p+Ob8dQP}<m;py7V{32p&3pWnN8abkLu1o^
zLZYe)R{MmwjtXOJ@pkCsNaI55%KgX}oi?0h&VTx3N@t3vO})V_;4ovRA!1@fD!+r&
zN5Ld(FNmgW#A$Lp@w75++b1%p;atNi=*Vx<Ld?Cg5f)vCV0X2=zGCWS)$nB25DsXf
zXDjGU=vD?%ng$n-U8a4cTU3D6d|MMw#o4R~kZnA!U3+Azin(?uK_Xz<3(=B<Xw%TT
z;=&)0*Uv(<X-^=T-uWrgwY#{eM<u`5qv6KJk38OtDi$k;!LC;}^Y_+bU8XXfl9byU
z;UorC)Nq})HTr2M73U$Iq3v6Dx<^ndfOM>y;Yw-@3-{Bk`vC&AbamuS-N!E+9lU^F
zv#}T;UdPo|swM3q18*u@(G<^eFT3_=6(J2%q>l#pD2;kyd1iaLihR0_AImq7U)*g%
z-vzs2j+A1Zu6|ZA_;TVO_i=NC5WfZtCzG{hx!zTjJ6o>)5e}8Vx}>_dv6CD$k)om9
zSh*M0)LE><ARQDz8cQn{H4>F&*J9^ct*oM%_zjAkuFblfECH$#Fhuk{+~FF<#m^sA
z%i84{4`^FTBTc2pk;@p-ADXJZ1CTPO>w35IAtg;}`Vn&rz4YdTs%G#oue3I%3^y|#
z)s%#BFgiQhoQFJblx`4t?f@eQrt4KrLI&1)bL3~lVSn6o5LfF?2;SArW1JZxfeV_(
zV!v+LCoE%*uH`vSR%){c6~!(yb{#F1Y2!O;%Wb->^jW50OubVQgh2jkL)I6&EelYH
zD^UUGnucDhx-R1fz9v|<p{l%{4S1|t-|GQ`FEXf*hN(j~(N=I6+gx9O5`AfjDCN{Q
z@KH823pIrL_)9*K%?<BG#+x$bd8yxbo450~M9p}na(<mDN#DQH{+3{xIBRN`G08aH
z>4o)Ey>|JC9sN;6)?i<Qr()%}IA4wFn@K{*ARkmK+&~z2VzA@`Nr0B<hEDm0X86<t
zT;~=mjIlcY+KYzcjuCqckb>@x0QAcPf1t0!t&9ZBnuC^l*_!U+hSY4YLh+*RT;~EN
zJ(EdCOQrfjZtVUywK2p+Inu*}mL=rh>QECt`0!Ioq;B<U28$!?-E3C`yX-Pn0G%mO
ze4n1|I;5r>2~`^Z=thq$4Xg2OY1_72Gh(-+&Anx2=>ROUB51R(py6)xeQFPq>xw?b
z(mX@7LialukrdHfRFvQCXLiTK*|+@B5vW51ZJlWhn4Y%16{>|`iyz}xcVexE?losQ
zfQSSw_8(I}Edn6?dB#jG2j+On7RJ+U`vvV-wy1gJl&Vu`<aeui9NMbq_(7Hi1rbKn
zT{t-4d{tpzCq>yUka_<EVu+wh%c8QX7DFg$sV$5;90B?3Sd(35I`0d&eXAo6v3W;Q
zxg`W8OTnqCbA2Nwy(kw?sI;q%)J`6MWz4*@8AKC5rwd4O68n2QS@&uE@quZx*{<(V
zp?`<4Wn`Cxsi$h-0Yb6+Jjt<Yy;MdyF_ObJ!m8Cz)$6<<kS@g+lka6c^~c^8`7zt-
zyAFccbFnlHSb5u;O0bCb8`1W*7&X2$bK)j2b?3-g+?)ZiL&c=VFT{2=rrN)4H=_1c
zN1?}Jt<u^?H}PN>vLvF%_&#tliHx77b7_86?IKbLY!uZFR|GUy$;J92ysa8oNHaD>
z{+74agfn8q2bve1SGYRQMKdEu2#^b)&JE7e0UZTO6MEi8N8US)wI`Sz86SeKPerPJ
zUVX^7jDp?n+>o^1R`^|ldM`bcd#Cd2R?1{2-O7djRf}&avhk4E3R6Xm8_l?LdQ;2G
z09P-raV({+`5k6|=XC|u7l6$Epn#js0<#b-E-l6t8BH;S+MxQ8;b#8Dsh8ao*obdi
zM3miqN2f`A3%NfZ5ve*Aw0hhf1@S)q{syc*nDlbQh_;uGfib(DT8n!-h~?w3^R|Wu
z_H`997oD4@);;V-LB{t#V?nbJCK_bs0xoc$5N6g>Bv|kXt&ui@g)s}^8r7-*Z$n@p
zb-R#~CBnv>G|X&h@CQCjM;NA^#tS}7PFPU4=uD2~9c@X;RgU-FApfuA#<R$y^SM@4
zmpe3tYoc8C$14W;O|;VJsjI&2cM57dyX8uqZ*1%l(4*zuCdOhr-5_p&;MHtb)~^ek
zxHbo0Rh942x(AB;M(Aw5MCoWfVq{ri1nyanGJJ0kr8<5KXzp+6mfjM469M=`&?k7Z
z9DoUq%)!KXO3J6_U@F6NQ*uJ`_)o(t7$p}I0M7&2evX!MfYnyXNWeAukRkACWCai8
zVupi#axt-=;-N~=Fg!eskf=5_G$I5-K^j5e5(HqP*Z=hlKyZ`Ka0^WN6_y#7^ZyBp
zL+}dFjgSEbA}0JS_4}m|lK`CUM)<N(SOQZ?pY*Sg?^8sPQ$XOaxASx^b^)wcPhnGz
zr?BDEv=Ok7I;1E3gAW!<04P9$>`w|xFr1KJ`=7`hs6u<e5k~>j|EP-bgq!t1`BrqP
z1wL?8c0U|5Z_2hi=!8z%G?X71++M^cl8M|fDoUwzsq8gVQmRo@>R-mTs!cc3gyi3_
znsMNII_hg-+878jEptpP4>9%SxXuv)BHPr?7AG{lFB9Uw*-{VuOybc|T<A6|r?Yx&
z<^^vK%F7)3RG$It`S5LZ-M|COpTI2S<#dIE3x$>4g^63q!eqI-ox_>JLMDaE=TQg8
z!+IxihKKuXgQHym{jXzeJX!U58aYkVrJMD$_BWI}UZ33{99mVIi{OqdJCYL)^`N5G
zqN>qy{Hu9<Zu_^v?uFz~D3&jQrxQ)uHqNC+pp`qBVRoO3Xfqw5rL}Pa$*K|65Dt3e
zGd+lAm)1g;k5428ne#A(?X^OK53En0Bu0f!5-uc}&daT&7}(IZ*MP(Yn2*3&i}t~y
zmh$*g`YPWlN<N)6lZXu1OW2VVRawVuFLi?-=2g^MVMCfw0q@<P(w?khN#wU<kHI(u
z8co^2$X6)i^?pp?W=)fMn?3sA#XOlhS+H+`9Lkx2#Y5wDQ~Z56EK-2UCNB;)Kib>r
z6`(x1do4t(quXpVXG1tko|>UnD_3rM5ij${;Veg=!FOp?9ac6FetL|@c12-)TZiw)
z))WwVjm=OaUAO!lx`%3tUI`CAfyIXpAaZ#63*!?$zr;fq1qJGIFx@ZsWsRi7OccGS
z;hoVH+7Tt$U;)Jbej{_$4<)gO{CC8Nz9@|9inwiVzX33fHtVsXf{caQSdmh)94;O6
zF1HB!3m?=`!mS#l5op=tF4Vc4h7S<YXJ*08{gt$Z&=V1Zt)=2=#COY9!&+c%Bf?{m
zp)yYO7Xs8mlh%sk<~zXbA2ihJ19-lw4dkoj8_P?`ROAA)pFhqDQxo0l)^e}!?r{j2
z7vNj6$=B^$op?9Py9STfD8g^48WrnP&3r;`*t&!=WK40E93=p=XJb-=GMZfi<@SP1
zKe3z-m2ssa6}elt6nd+=J5O#E{zMl%ZEH9eUzIZ|{rV!4j^~!*-9Y+J=M@(;nla(T
zy~wKU_3Py`p-BgM%Z~t9UlrEilN-5{g4Sw=az-&UXQojrOW*!L#uC|cA7zbix(ngs
zI}Gz1mS2C>W8$bR+51~7f)Kz$6r6PzjmBt&pDW?^oU?zVyX3D+h1GGV>~jxVNH9X;
zmHK+w0P^dp!5AYnrmJgEN!Rer{&9#v^6%l7G;JRegutiHuy`%+SJyx*q914&F~j$A
z_e2mRDkFG!3#Dd8Jo48N$Hh!;_*WXQQf)&mHt1SKV*{&RL*-e@FkL6<I&dwgb}y_-
z-=X!Gu&ORwb9X-$+|2C;KU#1%to{<!x_~uGWQTZBkcb85b1v<ld?18`#|J)e$CCNu
zbwKoqIiK`@A+JShUS7!hvoit71ak61Tz1IvM?;PiqFoGG{;0@3zb-@lAv4$faYT5Z
zA}k)bkksM-@<SjZ$It1&XGa~9f&2G0$_H@}`JNp_T6Dg@9^z}b(dWyBfh6LdJas(I
zzuBq3@dU`FniXQwKkf4TDi!m<dQua9s^0>~3SeP2vJ_!%$B{zPVt*5$Tzs6|e>0$v
zI|6ga;^RKOEL9pIEqDb<AbGRDJ43iA{M>)f_9rt4mXyU8dwvB&&cp_(^Md7s=pR3M
zppb2d|0WN^3E6bR!i9n4wVpDFPonB}kn+&hJ)MvLUt7lkPxbfB9+}yDKM8qzq(X&=
zlD(r8lD$gwNTg&|9%W?Ik1`vcky)gYl_)!-WHx9?{`dQo`1-%k=Y7g~=YH?G=iYnn
zS@(R?<;S0O?6uab!nrCj>a*gm7zZI^r?21xrcPY@Iv99N{&X65$K4xtdYJ4}o&zq_
zdi|gPWm1Y&d4+(Y30;?^n+)TCsPhitDD?cmYZsFMpCDDlbFOX5pH3@P-!_@f?ip{H
zKVD#$m1(gt)fxAs{Wjf`8|0j?$Me*S0=5ypxQS~$71_o*u+;RG$USP^NorVloawTV
zNEPZ4nBT`TU)7`4c+>MG=F^!i`E(z7F9!b%bK$+^`vm#KD*Qv*(?af2Ph>yq7h56!
z>`Wx~{ATsI@=5zNR|C&R;i3nD$>!a6x;MSBxYDb$yETA8_O**QwsKgQjFT)_%-QQA
z_4Hn+<_Ia6m}WxN_QeWEl^*cV*^pNu6JoX4wpVD{n~Oj1T6M=zrwyl|$h^IDirsP6
z+q|c{Kf3VVesq1uQz0K^(L-DYR|cFfyI)D8ZoVDyOQrj;a?f$SW~{qeM(s}D9LfVl
z#Tq)Zc@Md*#E;Jf#OHtd$b^t%4=8`X5S5pkoXhn5LJ3#Q<M+4gNBfPGSOn9?e_H2+
zxJD(NSFIB_`Dij-MtG?0CLdsUV(U8wJ<Cm#3}%_4d-a_f8?KMAJ7vz~j!r!aI1wfq
ze!P+Qhg-xuR`>Ho=M<^uVsH4O8Q-N}yC*B|@8fUOxTvMs%)@Q`-;P6BrHW*|cz>;}
z<lKWPaq7lPxpTU^zQuT2+Z>i}<Q&m5{E;dRUPQxR&e!x_uxekGV8BnK8%dxJola(T
z+^trvNGC)64+%Px$1gSP*raq?`+R-yW>et^(bMQ=F15x)1*ehSNp`2HeEHr+MjvzE
zCSz_3Yv||PltaCITH*lYPSZ^<a$-8U&!W9-)Tdrjr9HIOtL$3bGcK>@CiDFsG7CGB
zLM=xd$OPNB92Ys57K9R?$d8W?=SR2NQcg-(skjyU8D0+fs8}M2wHvi;<HlBHGY|Fe
zyB%2dSfZq7%)$24*3eY@neb0-pW;T&^-M%F$9>s(<jBI=Z*L@Tf8Y3+%O{Pti@9mV
zB>xB<0v=0QauL>sWDW}x@InB^k|uJ9z+(r#e}oJOf1;N|ppXCp1uVgLIThh=(zXmG
z+*^3r0Rna*2@0F~K~ZY(0Ll(eVX0+}jndx4qzL7S0-pyFh%q7o3SrA}-9=jbb$Y}z
zF1s%2L5a&{w;+hsLQgs4D=b1W^yU_2K!cxXLgt{Wun>rRX8H;noYy|X3%;Acmk)gT
zsoG}*TAql3!0d_$!Jsf8%)TN+C~eP}_$leW!UxVL=m>(Z5H&$ZSVx8u#V5|ei^7nw
zgq6!|fKcj9K5@vgV!qE)oWM~%X~9a;)5LYTVU0aw?f7vW_(Ce{#Vi(Qsg|ra^KR4F
zrRw0ln3pHp=Zu6c<Kz=%HO|QUtDSfsG9HqkrXlGu`t-q7Lfr8DE@HQpTgau3`oa79
z)nBT_nFo(jvJ8Dn_!PxPI9Q)H==>@a>^VBGb)BcvTI_og`Da`M6Z;Rn@m(zc6+RH@
z+|N=}+A}BZY+JPdfmEl@sXH;P6M8InzKR-1+}|jl&>1JX-^gO<;N#XD56zu<^IX$~
z-(2{x!LQ1!HR8*iIfaG-$0wf_6??u?vrf(*z-l<xxe%|~%=s1>`sqs|(dW4o=UJbH
zC+;hDYTqd2{ak>2v2ybdwxY^cJK4BKvjf7d>#U!C6FwU8-?e=G_nYS~<F)M)v`-nv
z7V@0CD#$Y%Uf7Yez4!%pnbK`erY#zeO0p|I9cS4lIka2L+@Jo%Nliw2XB%#Q@LDkc
zk}HYK<(72x;@#<=%RA0p*Y$dIWyEM=t6jrR-1TCuiY(C{v-i5>G`DBlo_%jWV-(m!
zVKa{9ZKK;mXTTn9aDeNr-h5Qk{XLA1X|@8EhjVVcxrg{2#im^xa{j*T%O_`<c1BkG
zx^(O5rrpY6JF0m@3$4sAbh4hHxA_ot^TazAJERS&JHGuy%(R|y*3NiIhPg}PsU!G?
zNAC!XFO%HrDEj3h7O{%tS(g??L5$JJwCYV`MV-{*^r^RJ<Sq@xXjPG(#CqMX8?~AH
zwnsPasE2^Wjiv?b4$fK)|GaLq&-uk|H3`Lryu&fs+<a|P?UH8CT&@({n2PdzZnH7x
z2MbqK!zTKrdW~QE<Vu`#qn=GA-RM6zC(d-tcz)c2{c;R1l_?U{Tt?Qb3%GJ^R<Pcf
zCGs7I-J9N17U|}FS55TnE;LjcSANcaoBkoRiq+<+q-U?3PhV&mS)#0WL$O%S&+rzr
zV3r!mUY;b$56?_aG&(t&k=oBuMK684W$W!3hRg^Hvgx$)(YJP5+7?~C?VRyMWnBY@
zm|A38YlRp0TR-nCq?%ANxx-3Xb{lVrN8?XjQsF6-jW_P@jy}1&2Rn)fUbp$RzOMag
z9h*-)Hg7x-EvjQ+x7n&fCZKSxgK^^r`{#i^YBNl;kvosoZ)mkt4Yj_qk2UpJ>GmJb
zDe|qJ4GM35livk<l|NT_5`Sn{a0H#NDfV^pf@yWZ_P9D7RudU<KgLe-IlV97h%VV+
zUDWhlgxmC`Bop>`_j3jxgTv9=9A4cG-J?71?foK!_XcvOKv2+@*Prr+?$pcm?{1Bt
z%h*^FQnT$V(WPN0msBfOn&(#R-Z4WKM*c+y_1t2%bCF7VR|l`X%C|7Q^y_TAW0wzp
z`}w`cDx#7KEC`XCjvPGS%kzSK=S{A3#_?IR!4{=n#T@N`%zK(v8I>CzW9P{V1=Fc&
z?WY`UGcaCUJN4siFcUJpK@O)I`yceNDt?+(_8$!N@H!RB;_^XV>Tc_d0xBf=bg<e1
z$q*6i3r?GPPyNVvo*mDky~|=cNQ2RfzG!Pp#qXxxZwB9p5wcu|pQ&Q|7l~RUJan}+
zPsaE@`#o3FN>1zJkjOfYzFHBT{vT2#TWWXJJnrriA-G8-4c#gAkZJ!DqlUrFTH&F~
z`X*_$Mg_uR)Q`gA5loSO!jXO=k$$43eq!e{C=+iaIGNEH0tQQ<F20dizE$JFkKzbv
zwHQSuY;)bDczHCTl=Yy@jR}2L8OfmD(yaat^<O(mF)1lW!?N^yy@#KFDmgNEk>Qkb
zkZ14}CG`)Rgrg1yI21foznn3u-v=&7Z`$MfDQ@Prp62DtZY3d3V?V0;e$$mURf&1m
z+82D1%u@6DGBRUpE>?1nr-dxyR=^#WcA$et_Ur|pFs-Dt$&dD1lZK<MT_~?2W;S%D
z%!tb?e98!%un!#goMILzni|w$clb?a-_>d*`-wuK;}N@5rl+(X4PEhgO4*oQcVXu4
zHrbHs%{Z^ZZu4B{=^+2?5YssRZ~B!v`%$u3mM1;${j;rVKiL+~q&IGuCAV8kbZEQm
z+<ZopTB~7XlK;ls=u&x!4C{fSq%WBH%MX6ghxPcI-)ipqz$f<0OkSD!fNSK1#~)Ac
z4{pityZj%zi{U_1xYWrik2eM!uc8ItO&&gE`G&-&uN0CPZ88-x+e3L!-#M5kDb9lW
z+1dTFq%q;PwI!FmX;_NmWq%)DGKcPAiU4lGz_vl`S94~fa@U*rJdP9I8x6H2ZGP8o
z<v8;uf8h8fYK}?%U~3ARxtL*YqVNI!{!FTt4cftD#CMOXsOZDnqj9gDU!AS-)08}_
zf6T@IYriP*yVXtl+`!XwnulB;e@xJHck6WUo^93Mo_?_@FIY}+OGhK_a9;;`?%J^u
zy_2^n`0d+KRol;C7w0BaqJ4KcHW^J|=^Oi4Y7g(4LQfVqFl*eg(k|3H!rnCymD{f_
z{d4e)w*MoiDtp%Fk9glBxC}hsGx#P>)SkOyz#ZaqH2K<@Yu748W&O7>Tl4BEv+H@4
zD@(kPqgP3=Jg&)@$TII16r(Sh8Ai@6{hWA7qwT%SY3VyAUww2`b~+x(WXJ6gx}os7
zwcz9Mw$L`Q%_Pl%J~k=8yuOy+NY=ss=wq2~XCHFcGu2Q$(Z`u%F<6qUCp4A)Gy9(M
z=f}7#T{8(o?_&`Ko`s^Z+BpTnr}gF3k)=)_?uEr4CH#`Y7vfqdL)(q{e81igARAur
z!}g{=-mfx#aewQm@zB?#8HG*ZdN*6ys38{`cYiIbBSg(P#(p>V7z}q48zA+4{5(`c
zJ?+S-9XV_`$Hv1L0k-mM&&YvS?Xu6qbST+xBRMOB+B)r;ro}c%xlY(|_2RhF#-d(r
zWf@^F8=5q5bpG|yn{U=7zu9@3Zj5{9k=|W(LIcJEH5+cKj^Czu-$U?mgK+JNYC}Te
zDe;36224n43<$!$9h6XELV^F%-ep5`qe)Qy8<yC#>_)2@lDJ55ACjQC(Lh?E@u<Y=
zXcPv81x-OnX+%PS<L_&1pc_22ekogyAvh@uOstXuK%s&(vsD%Spw6M!*U)27l#&o$
zBqe`TLI?_y8&alyh563=ONvwdB_#qX=|R%z^cx8g%HFpUf8MUu{Ys8z%&9?*>&lse
zC|poa!RFlTAPw)+Nd^r{d<7Fb0|o@C=_JMZKwuGMFKz)E83=Wec+Pw)D*l?M+Ad-7
zW~TJiMyCi(R`<ty?+6TsH9PHkjEL8(|1_KTD1?JgCf+C~ea1)PP>4T~@UC+pSyJ5~
zpvfV#wLkuZ*h6Zi??O=(o^XqO$6|@?13A~CqULsWPc@I}_U=%Z13Ryoc#o?;jxT=w
zh|(WnCicaNe00OM*&U6WTizFm%0_H`BLK=Lw{?`;xxcvn?tvSKR6W@6Vu_3S)clK{
z2j%6ynI(mk!Ec3}mh+Zh+Z_jkeVVLG%KdH$SRF6aZm*!;5fW#6zt?G=LL^T}C!pJR
z^~ijb!@r+YXNlnG4YSQEVowTtc;wO~P7itg-GJjkv34?FjIyqlw&C_?y-ax~$JKv|
zZ1!Qgzt^tT3w=m@4)<suTf^2L>X)8`OS10%T<jtI13eWfYium0(|{PXwYd^^TFBw>
zK}#EB(Jg~2y@`rX#olXLrLk)6x-rKLY6ZUTOZ0bqc=Jtpo~FR%iJeK!OZKWkn8?>!
zu{G@((t>PUJ!I^!4|t}*z!0vy$B*poP%;?zu;*>`^e;7=m9DBIeqpEyiCXh&i@8l^
zSObn6^s{%?dt*{Mh$8uJO9#ELy0N9szZNTKwspztjg*aSuM=r)N^j?G5Gv;d8HJ%1
zw$0taJi1ci8pnOz%c>N#UzlsLy-VQCR=scctV|~Jt00+fej&d(W%{Kv*LM^79?R5Y
zsd|?*-pTtojwS85nkOmWuA2GKKITm`$A>!M$c64+!3s<L4=j~EMry&syq1DG8NNH@
zTOuuDh-v4ykIR2*6Bd-u6`kC6zp7{Eo<Xks=;5b^Eetn3PgW@Ra~E@F9^Vq)Veb2I
zA>r~wp4`o9QS$b{(Tf*F^aX-#lIhGd5w}{NywiPl;DACO{SWic<(;Z}dS>x2>EArR
zw9)POQE$diM$bn-RMywKdK-$Vh2`m*#3(Oio;p?kC8T-ZqEuthsO-f1r;m1c;lG7C
zeGkj);Amv$ozk5bz3yP3Ue!{N!a^;ab#+-Bz-Qc6QVvPpK<48UC{E$sEhte!beIe}
zSg72U93CTg?EVkstV8aB#<NKqHRd0hV$QWtPM`v1j`em8R(uIzv6Pjbp1gu_KM|yK
zK|8wPMddaDpN0<KO5EIRj6g(2!CYtEhLpm~nK@j$bt*Kuy0+a?7#2J2Cx(m_GRWH4
znEw0om@%VPNr?mSfwMB6-7WMn{^z5%19qQH7n&YPQ%>DTdgyDrZFoV1Jn#i;2MQtY
zjVPhN*K@3be_v=+PwcRPWI^*RUwYP(IP=dL%(S2A+Yu$RFA^H@@)Vkw5uv3Z{IOC=
z|12>`u=s#CQ~`UHi3NiOk_sdn0C^`N3z8c!;Ja+GV$c}y7fn0?ixq>$fxrI66vQd+
zfk3p-(peyJ0_FHp@{b`l{xuFUz;X09Umm<(@UkCbjerD2PcUd;gN{hZbKYHvHh`@8
zWeIs87QseK!R80gflEj<6mmcSDMpJqAb}L4<x_y@KNNVND0a!YoIf=t0lt#pD+RvN
z;44EtH72X}aTCZtSP}XdA_=-_dD{me2?XSyOl~y_&zOYk`M54Q@Rg^=bt#0#K?0Tc
z7(#?n5seU_hw==LAx?lM&?_1kFyL?CGUEsTK|@&^y5NV81FZZI9`MD<Qrdc1*(im9
z2tMk7GvXn;C}x!oi6&rBD?9_w1qENgbAWd)8nJ~s=Yxo%qX&PT@k0pGV~CW{Pl&CQ
z$9{-bdXTVi)gO@vy2?N(qNr8@2zoj;%-?hgipFik4oWQ}D<>87dy9_Yh01>vi&Kbj
zhW1WjO8+Uu4RWDa$&trYxvg;<q61alS)a4av79O)x_x4xUS5cG8?mot4DM%C^Qd)=
zv3%)7_pYF*u%Ip7-PQFi_RVk#VeH|+(}@>PviR;bUbKH~Q+4WsP{H_Hbn=a&x7l4&
zd;6>3FV;VN*t&DcxJjdIDf)0kz~Il#OD{xbNcAVIy1J$K$-#ET{~1{+S3dk^Ifgss
zY&~h9(4DbJH}D>F_b$3KB1Ky}g5_fLU3LuP*OLMFzMsw>HKy{Xe|UKE{v%!@KlKPA
zIg3QxIZm|lH{W|Zi?3Vzma6fMlzx+_v!g=a99?XV9y^id^_e3CL7e(%%M`u)ZN9k=
z6PI35t(7E~>n9%aqk*Tdc3oxud|yy{`kaZ~q?%XA@aB`xeTQSt3Qo(Bk`3IoSrqnv
z2n-kC=w>Nx-R6KzuIM67^R_X@#$T1Lyn=l7hS031sW2)c=>4;DyN?mmEDF5gwXueZ
z6un8mpj~49K1n7le}7(?&HF|*XRo~UU1|wg6l8o>hW3$zie&!huRZUIHCV`xZ*2?E
z%WUGIzUk90<x}5Pr?0R<ECfHGx6?mi$;o-C<C^BtVC?i@0Pd|2)8^Bs9auSh3$(uI
z)4fnWyx;!vpi5EtpdFQzb<oOQ&#fz;^e)%IE&5e))<N-ZX_9o3euHXug-Bn%Z?>IC
zU&pLYAS$i+Y~(#MhotLhn9!4i(8hL^Gfl%uVXQiS`gPa$6z^J!FR^$+%r}vYx>5Jt
z)=;9@N01{7Es=O<8z!$MRpt7N8<&3*E25sbDjpN@_DUylefv5$&G1F7@Dd$&2<``q
zZNtR&*$|f!?wH2ZTFHtuNAJKAYn5lA<=<2#HT*o^Z=O-O)J_g*@_b!E+OatFE?a@6
zh7^2ql8{ILZI0+MW-$@ngqWRTZa*ML8f5Eb3rZPgJCilJ<$c711cy|W4G*fZ{rjr>
zG`jq)P98i}hDJrk7VgOSrP&@>Gk>axEbuIL<5%6`8uvtMC&kXa@R>orNs?*D)w(e4
zef(3^Q$bCIkxZQA#Kw*BgIfjcYR{clJ4$Bu8#1a1mH421HG+4JV0bO$)y4BiQTun@
zh~XI9U+v;FI5z*;+RgR!&G?#I@>Mg7XYVB`EugtepQGwizC~^K9kGA%X6IYB*dxK4
z9&L)cQ$NMbdMCmwX7sR-OUu3nPNT-~s`nf3*C+V4v!;0ugoqiD?cIOR7=)uAoQ>s<
z9=NNIa(899)T>ad{O(>=h6GXi&^%L|DD%LNiCq?P!`l73oEQZaH(3%&k2#A!EgpA!
zUvcAd=%{4YHN8-kMb^kREylfNPrdBOl6Q_*WD@T$T~1x3w<s>U`mW-0spk*d0*7!P
zv4$KDz07e1f!&W~2d<N~PKRu2;ki6M#*yD9)J_mCWvc4DdHf?vUcPr|<LwF}u1|hu
z`{Ho-o{hGrTHLqgYFv2RIsF4WbvbXpYxg1J+FWG^Mqh{O)_tQ9FMirR^nA@`cy@#0
z(Vmw$=dH@=E`r1I_c<+*DSPhWZ0>w%+5EKlWP6KQ=pp=)`=^;-47<o(q@USS(-|i$
za!#mQBE|<2ye%wdvK9)QY#S1vJvLVm+uPG@p<I4ai~Z{8p3NCy{4KjFx_nv#nW|eg
zlygkml~CR(b?lWlE$RdjhpOlA+&W=%JjF<Vi>&O!HsF}dI#Ez|-~O}Iv~ih#SZhyw
zDaPt;&8L%;4QdWKQ+I+y$pQ{fd0L5wgU0286?|P-7xRA3bvGzpJt3#`>J{fGqu1pt
z$FIHx6^>%$oRb3sx3k`OILPwFu`YG+AkW#DLjh%3oIO9wdR~A3&5C#E^`DHW4M;FO
z*2R6+rmdwv(*AJ6tH87({h{L;LD+cx_SCl?hw?pg%L~ga1qmi?Vh^Ipx9(E3Bm(qH
zRc$W2j-%)$r(EA3Z`hOAd^O0oQ5`SeXY!WU;>-b_7>fzRqqC)jK|L>xL*Cv`>`iq(
zKtP^&Qaex}%1XF#AdA@Day1&`m$E%Q(JY@^S?<#I4knS*3%;H)EMIlq&0eyFnUKc}
z-26XqSj67`E%3{)rWdKT;X3(%+OIjahK7l<C_Z}0tEZma9^THc(zmD^tllG2nKsEg
z7|*lgm+8RdxmnEaJ4su%FJ=dKv)Mk<<z7<nOOG~tfa|}QboaFt!`o}mx2ETzejWV%
zP3qQNp)k99SElx(>Gr$I98#9y)7+xNQ&CSjH>DLVN@OBgH-`mpK4O_cw}qTIB|y=8
zE1f#*h!}0#Co+l>)!l`iep<`%i?Qk>V@QfjLn6av)cI<iy;H_tixRt>JG#I9FntiT
z`*=x3&fN9k#O&+QmznSzD0duRhK}v>&NJnZA74Nc%`#$R4{w`ps6}_^Ya7&eawd%6
zr?{x+5_Bgj?}Vac0=RE4IR-u_r{^!KNBFz!w!pX}BL__GFSLQTWkn~(DB2p^aaW3|
z3~8TsdcPsgqmA@wqs2`oCRWA6A4CmbWa1m98<B+b3bz|}$=<_UDReCRFHSuhVQ^>~
z<9c+Q5R<vffWAt<H!WC~?pM`mhYsrKLzDE{s)uG?)jvvpeMr3SlI4UtH$=W-&0Q$U
zCVV-4bDQe>18IFJW(fYYY;JAsSxyULK3lR}vma|n)&X}R6UQqm8Q2S-cly44+|D&N
z$h5=KI2_lHF?#87Cp)B@y-j8$U95)~BK;o&u77bh)n|wN9g`~z$-5s(PaVEUm(j@?
zUM8iA8Y;99UYfPdf8pNF`9e6C%wXw|?2*Hfj{KpDHAkrkgVk5bU`Ed!CHfS{e^J27
zad(qIs@g85D<hZ8Q@4(?d~#rxJA&fY(EhRkD<J;3lH-m7hMG&~f#*ohl|jS`8#GS^
zPM*se6i%LVW_kUnOsW6z<0nDaG8hSD=h~?t`D-^C9ttyfQh&vr5p#O^nXHB9+{=2A
z_l9|69!qWev$D_ql<}y$jg0lT1PQ;-ohtTf$B64U&F$WG>nJmN$JUog78&JP<L;mL
zoW5@}z0J(wWz#s`ElJadC4p%)_$MPdYMe0HmZBw0S0_i+Ngb3WW!+1hIF@K^*KotM
zhWEwem`HPnc~=*eTkXoi!iKlWU-1mL4sTB$ANio}G+W+>FB$Rih-~ogU$BiRjIvbh
z)&0g@r&J-chb~j~l!Uf@h;XvO9{LoGbAAmqwdPAgiwvmZAy2DL)vbu}#bfc>`!~yR
z<~F{l9r8jWZJS;Tvt5_wb4BVp%d`orNWFIC*V$&ML-L7j)nq!zok6EoOzt(hNhdWe
z^~$Rle@m8-t?($T08=iobG&JM=(m>uA!_hT*u=QX{oj3zN4L(52uf|7G}u(u-B9vj
zB8Pa&=)pwhXFA_I2-gRJmK=A9vK4dh{;L-~7VIoctiNL8UejkafVU?_e|km?9<HqS
zjGGb)5Rmx&J?iY~ckH*ii>fNfyoW{tO^1Gu^(<Q14Sc9VJXU^p>r2&p`uD_$$Yvj|
zw!WH>!Uq-(1<|iIz20AuXHJOVK8$31v9IgwOJ(aNo61Xz=S-8-U8(l6o6rt&8l3cJ
zlkJ2xM+BM8FGPn&BX>#dFNzTL)8L+oJ38h0CdSKn<4pz!V+rGNOsH!(eHa-dHpp@<
z>L|s=;^OnC{FO18cZ<%t#2?|h=k5MI_7%Hn^G|`p(jw!P4xRoUZufPFc6!}~T*Rq-
zhoXc>e)!tFI&@KmixH(;WG-TI?u(qeYSAe2#K1SA?gd}Yh(Wd^BI3QZkMcB}kQJ!r
zx<)rueMUi*d)NJvL=q`!UetZ$Eywp3d>=m|jAj2SuX}~bjyccxl2zt`E16@4r;8bS
zrP9ydOkDIbIy@_&5noR_*ci@jdy9e^4}H>37YoiNp(4lo1IfSB=?;`_eExB3NQ5IF
z>+Y{zyKm@xHW8bW-73M>@tu{Nf8?UF{<l|Kf_iovUEFl2Rq1(sO~FC75^q0p{H-G)
zar8Qa3lV*+-y;I!*`oWa6%K}S5LM&|LNVX>%9VGLq=(~pOB+gNTrOVsddW#YYgt^u
zb}Ps9)y(J?j5#anOxI}W7E>mJ>)YQfu_>9DJs&y5^p)?s0RuNS@!kGh`3uhouN`l-
z%E)?kO1$s3=-r=Dv}xc;L)X2w7d7PgOXoYE*KR-0;FEms7jDbdH$UJ0dKg-|6M1}k
zVzH`6;J=V9Cv_ur)Xa+6!h3>xrGZt1yw2e<^Fg}&*^SuyRK;+m9Pt200TCxB9`nol
zG^Jxh_>^2_#LEo>&r`MUkmPgSefk1~3^TH?-W^u&;Z>n*V3-_>4;C4>-+lP^0GSz;
z)}iQR)2ve=q^c$t^VG+-hEYWKzNz_%oQ&{Sc4wdANhhu|+$wdr>7@R<D_+z)Mr$|M
zZH|lk1m7nx_)LhaRiKrA-M>!%gS<J$CPtu#PNeQCbvDOe4{dvA@R>T-W=>g6PV14p
ztjcWzH*m2D+B>}&jx%U{U%2=+j<@Y8xp;QdL|~VGY?%EP>rF+k#TXknx+d&Cc#U74
z?&>%h8)n^pwe}uoZ0(+>X36pqpR)LB@Ja`7Zc8{>`0nx3d$08VlV!vwvN}KFIjLuR
zLiUZ{S3~O=wN$GEgwz71^4#wS#jxDx^XF=9w@Wid?>_n?25ax=AU9R!&#f|6bNW{(
z`BLJG2dA>*YmGKj>ZK|~CGY({{GeB6l5=0|M}@5>lbe`53=jOC?2=zv@-RGvbV<B2
z%v-cQH;Y`5cZbo9Wb>IUL$`NeyKsK}WLpkp)5S)?giNdC#M4T)s?}9{UQ6V>fBWgw
zR?{gY&%-m!k0kv1c1(V8QW)SJ?AW^K@m@QY{5G-nSN1-sZsoVSi#9(MWfKcUA6DH=
zayEI<k)h399r=dg)P2IEcSqfZZZgyFRrc4!xrQ-&qh_nOG@kD}Co~$ut+H3(s^VSD
zepcO<w!sE%A?7V!i44`zR^tPa=174{v)}3&g$dt2JE0fze*~JwIUbJn%DY?e?)I?G
zzRfA*BGcUG*svXYI!}70Y5Q6nRuAq^Z)=#ZKQca2-n-+KnSb|~gVW$~!kfD8o@u|w
zX+(wYNglBwj9qMJh=nkdoYWwrt7mb*u!usSSh#~I`M>$Tg5DRrTL&&2+?ahuZ^7k>
z$tT5X3f~>M`3t{HXMdj8u)xhHZ9Llhp*q)>&6hlesX9A-HQyx6+PP1fwDnoe@ac2s
z=I%O_H4RBFP9~`u<zi&m0{C}Gw;txnuRfMI$g;GDBNa6}_%TdXW>hz(4I962Tt<}O
zZ2Dh|I}_fK8!OVm9(UusW86FYC~QvOaA;ZFK7oCEzdjTxq+eXPS*D|?pu+yaY0IHw
zzpYMxA?r;uO@}tuG>dI?!P{-WCc~?X)su?SJ>`$Im6ID2?GZd*yU$XS+VtAiNlfA9
z@HSVayAR6>57xvwW;gvPbjx%x3Jv!&RkS_-?ZLT#i$lU+1U?iT62S{3iaDN?`=A_e
zFYx5^hM2uN)jcOaMg-4FFPK>0G?G2@bRkoshdE4@-19(GCtT27#Qc}A8Rw9(;<fI2
zm4Z<%ma@`Ex~e>S=UN;e&8bI4qxioKqby^;IJS<I)(`KOxtHEzIa28!Mo)da$15}~
zUN2`+wn<jpGZutoLw*HsXW&!LU?2S)MBJVutr@oaR!alZ=Dy@_Q|2M=fft4r{LO~^
z8>FZiyUDD3vNUyC9A!$$#2R9LTJdOdsZHzieF5%jyk1lldEfqL4d>3wwpnIRdc^lB
z@{WDLZr`?q6G_Fn<WDjmc{ey%m;I{tQ6y8HL*HObqs&lqF{%8;@H9fNyv%Y-qljrL
z&xSyeD$^y5gnUcV7~$pjNM5B+&e!_wr3D4VRX1R=&pxAPKEm$Q`!(8bL91eE?hKzn
zk48@2{gB*~@fL!uXWa1e-6veaQ>-e%)l)`0J~d;=H^oo!%tvhG!XXL&+%{O~ZWXwu
zLj_J7CVJ<gYR0L3H%cAA+vGz(O&tx15T?_yx|3@*lh#vx&q7n}CO!f$W1lb7YFR7t
zrSpTK;tu|kxy{O-^&ip~rIx6CuN|y$3Z5vtymKagrdnm}XL0oN8O}c8kt-TAr9ZZ1
zKRZLF3r|)%N25j<a@YOw@!^PTNcxEoq=fb(M3}A3wJo#`QnXS4@v6y)Dv<Bt8Hdna
z0|#$8MAKt|2MwW!q+;U{8FXyemHG+$?*4HmQCj8@VpOd}gfyclc9jzgg~YDhivy0S
zWhWMheI_I!w$TY=*WA=vNgu&bcoB+1G!iL%$%rm~Ec`Yc22@Z39xnk(aRGvhBAtTB
zp$GNV8dDGtr9pi);HI==2WiD>rk-XVu17qbj!I*&D-N(9J%4GYIo_78A&}fql{D0C
zgb>BGANVezVrL8(P%Dk*YP)b7F$U71F%++S;A#We)HGLHX+ENZ9*3k{EI=edKpK0D
z3lV5KHc+K)IdVg>p8eYuV2>#EQxRexJ(QZg^DguxkiiFqT5x~wa8Y``AwG(NZ0nVI
zL;rh46b9r`(>iXxhv;C#K`e%XLzIMXU^2Jf;$f!5$00UBtPrDoypM>6@~%T3AP|(&
za!>~Y{3b||T0rnXzll@6JwT{zSuTIFj#29pxiNTX5%bf71Z+@KM26D0fMBP_mLhEA
z#Xv=s6<SGX!b%Py1{71FjSV#YQ_^BrFM^w16u&A(5r_J>GC&Cx+Tc?95#3PAx6c5A
zLJxp|t9Yu`AYvyS+e)G(#Yk3h*@L<4IUO599Oa_)$}4hkWAONuYi1abHTj2zwrGSh
zHD?x4PbUg8I#(#hV*U|KKvDq#>~!>aJmu17#5Jg53T;X)zaZr3_&~zwGQU?GvS9K6
zQ$Q}{4QKFhFunKbML~w=%ER&h(l0@@f0+_m$|kLj1Z}2Q=WDK>X;99D#*9rr5PkgX
zvOzJRnhE&%-_jSOX#PaR(Sug)KM@L)li&v7%6!`@6KLyx-7M2etgMMHg6vKjyFhm5
zHH0h`%(4?gl$K<+5-1?zRt+EIegc0qNd5$yM1`6vtEfRQx;py}hyN#YK*<x@h~yL$
z`{+SOEN0wt5RH5k0z%OlDwR@*KvCNeicWO&AioX2S<y_8#&KyHOO2&LJ{#b_G`PE*
zxmi()OuNepO1;p;0w~r(8zZO^vW$fS?@oiT(MXyo0JjU4@zI#&oI5mjId*}@Ew@7x
z{`?M#n9$mhmfK-aw2chH5zBbXOx*41&*$L>Qh8U0W{GHuzLH`X^p@!tN{Z_AAcK#6
zi=rqK0S_esDs53bBm%;>7(g%dk@k>g2mhdPU@mbOYUUQj19Ylb90uBvYktQOh!9KH
zz_8#kc#4FI;$0{Mw_QaMK}Le{tinN}u}C7cHCMsFSTRUw9IIeRGzLe6#tegDVQm2(
zmI&^i!|_m1h#GvrbSw`DbWFlSm${+O3Ji1tLPT&F30i?`@Bq;mFmY>PBye=CgAoZ}
zg8t!=0V}a2A|$x}0U`E6bi-g+5(yH|a6Ay}g26C&=#_e_@W4G90v5Vjyb1<QAs$JF
zvj&Gj5#gf)g>=_91{tAiJ3)f<OEAIfI>AB5*P4!rL=3b!p$~b5)kGp5s!IfYR>Ppv
zVl9jW#1kAwB;eMrH9!mrzi!QtkR&KOV%77&`U7t#z`#2OXwb%6g@{CxkQnfe!?iFX
zi3n{>7#<Qnbr`UUpokv~j{x|;76=go?cCLfP-EnJ7!kY;5spV#ySR|xH9VkSSjXUb
zL`Zzo`XK*V{SYE<?c9NFhXa)y;GN*{(EWZ|<CV4$;yM@-s^72{54;y1MhqErOn_9R
z)reT2zra}y7=wjm9vlx6vM?API(OhO_?p3Dhy)-z!TtlEzY7j@{C|i6+=6$E1&!8q
zOahJJ9g~otkOHg^68hhkCDWuS5(^$kT1PdBgoQ0afCn}=?140?3WuSI@SOwNVxiLm
z`m79?j0O96T_;#tL5wwsSS$)E!>|?x^b|PJSdd(_9)^MM5-bU962L(k|5vDiNL;%=
zkr3j#c_$&k)`1ZNVDN2>C85_zJ@CBMf{P3tW}p)^h6JBa61ax~XBP=*hwEXWXa<}Z
zG#)M;K_5gM3=fAPgI%_6#9$S|Scn5z3RoC{07ir_Ob7-i8ixV$8^$ewN1_Qhi2r}t
z4<SN9eCYEJhR4HCKyYpV)OC0$sHVu;wm5*g4n|l#owWJK5lP?-gd^gy@M9LjgYS0$
zBS1RTnvMYsCd`mHXwAUcPb86v@Ph+Fgl{_>U>1Cr;7F)-+Y`WW@YN5VM}mybH3X7S
zpw=G*1LOb8Y7&sF@D&UmNc?+LuEv9JMbH)l75P}*34nn~hQq-5vYHDJ|DndveTcP<
ziGZ_k7>Tq_r6b@$Ri1TtL=tSlk$_6FJmS>@CKAbTsRt0@0tAIbp=cM|))Ghp=h&K#
zX?QSJLogg<)URqwgFzWV;IpFt0U#EB0z!yjc<{zp^!kp0g0*%Lg0?s$<Re(yF&4Y_
zI3^>Zj`6V54r+{pF7~Z$jKi*(J0#Q=M}(c8G#Hd5wYDv&=DvE~m)nw1<aI10B4Gy%
zcpwSAo<N|lt#6BlZDY`uhyx{SV8oEX;kyj`tN+nDfe94|hKDI2G#E@0qL84#4NMz?
z@CX?A)S<y`!L?i^gT~-GC7d;&8V>CEggU{)3=RlJg4qnv^9V3KfY!&K1^0Km0~iL0
zL$B5UXh2X_W-Ysb=!aP~5FXeP>+xXn1K{D;a}ZodUlGfH^gn<I*4z3Af=PyVf+wu!
z3?#YWcm$wXuZO_|7m5t@Y68qY1H=$eFtrK5fSiY~YG9YHTU>yvFu?_kSFqgSTm>d2
zSRb_W=ii(F<ppLSK#fVOPb@Gu00!O)1m_HZL4F?S^G8$zJk0v-2~w#49mmW19}RIm
zg}}=Mmt4SphOJ=G77IUmAsEf_UrP)Q1>N&l10!RAlv+nMkY@h}20JN1Cj>BL*aI;*
z&=?LQtQYBkG0=HH<NrT)0mE?J91}?E_B-%O!Sn!#7;s9%IwoL%fP}#?K;Qkh7HIk(
zSZqLW{R2WeA%FoL3C;xogB&hvSV+L))@@k=1_Ry1hU3BXM9>Er_z2(>5^w~V$^{TX
zA8=L^fHJfm2F_Vn$0Q)5;4q+s(H1Mj{}uKFM3|O?LXt=rm?leu!L%H(ZNM#c_|!r6
z3rzMyc&iD7`Uj1HmIG@H?pdzeP5_SpGdQ5OKy6(+V$cZzGA>rLAK<}FHb^rdV_=#J
z^gsf9D?-G;MJs5Gfhm;G1A!M8)-iy=6%gojU*;ef|6lfl#sv6E2Z*@8N98{}NJU!P
z2^NyJFc=D07H~ZPz}6Z%pnpI$@N&V~g#%_j42B0Bgzs(eK(O!D69ZrAP+OQs1*ld?
z$o^T|7y`mfYk&xfg2PrYga=bRAw0N23Sgi<%esL8XU;P0pZ*6B*GWC_K(Hm?1fo$e
z6AS1#;Luq&5MZ9cWCer=#Yp}wOrZY(An-t~1}?+aHwFgBn#MFdV5Y*`0(}jp&=7&a
z2j9j3hQgB9A%e3PHWJ_(Lcv!sfB`FTZO1@aTc-_yPJk<I9o~vjv!efzfY%1*cm&!X
zfmZ1LAG;upkho4D0X$j_A2=Rd*#Nc$+$<*pix*7sItocRxLQp!OxBGUnDpymz%#yP
z#E|n3L{`_pz(Bxk!t_5HF|aeA))+<%1Os8jH4mi0VCMk@!@?FTFmiyh_m{vw`X3Fr
z&bGs>bE!ahz~X~-4Av1$iUK^KPOjxD4F(ftXflW+tRD$<zOUU8pfM3{0|FSZtpAQ=
zB`!e%UL-hyKzCfbOQ5!p2NgPhRzxsRw2?^I0RzEse}V;nMKyq7v9SFP!GOL7>llke
z{?qmT1Wo|#pS`iH|AEFhxH$!2_%%l*ppyoJDIgH+pFj667XS=qiUB+Vc=G^^Kr)s9
zdWHdUcoIyeg9U>p{iFKNNN_+?fwLb#U}71x1%eRHemt5M`l9jw&&dW%5D@NyFD^U~
zNN@rHY~38=A@3DzAb8;2gii?`i&=FzVU~kgc%YK66|I06EFLBoAQ*7SPzrPu<y?VA
z20Ju?48nmk1V#hkFHE(B@JQ>H6!1pFlrMk>hK`~v>L`k9f+9CiR)Ddmr=K)XVWD6j
n4WQ?7%o6~>R$IPs>Fej{<9E{M=rMMvIWUab6%@1&=&=6}iL;&a
delta 50007
zcmbTdbyQr-x3-JB1b24{4viDs-QC^YX@UfIX`CRz-CctPx8NS!-QlwLKKp#Xd(JoR
zA9sw|-8E{}oNLw^YgIq<?dq(ZZ1APnZ1BJk@DPXw$m}SfA|VfUz<u?FsduCLgGv>>
zBwPd-pNxe?5|V(9IA6KC<1DiDclar@zU~dz+R-WpBkD|O<(88j*DlxQV~LI=Kz@D9
zE!&O!K?g^XqYtxf%;d_CmoPoVHLoxs7f&Z&ru#jeoDKO_J!$rX8y7m}t1`|3`Yt^M
zX&O7?rPe1PqA}AQ_c^}(^E<dp?;n{y`dT_M99o)VBwx$^)L%(!Xj}|Cuo<rks*+50
zV-JbQd(TBgL}-Rg#f2DLaVLy&L=jz+a}=9qts-t;>$DVWJh|*j`IiJ(-Gy+MJoIPX
zgDbLs!{5YgYCjzQ_-3fL^ZB!#wjMkT(|uQ)FtK5jrsq#Jz;9m1;8h|seZz?m)|lVR
zO`k6(9F-x`rbqFHxnKDWM_>J0JzEx6Cz&lrs|i}Wb*eNpj^7D~gCQTU9;C8f{3!1<
z8cV;XWL1h$&7Tx-r^CyifR3XfXCS0GLESNs;gC=zkRX{@NLe7x;FIVVIjB0|)G5UQ
zq>6Vr+t>RZ`sC;n3z%JQ!^=<%6z6QZK<Tey%6)-!B3xieo>RX>|IEcLnLnoBgkKN~
zK+mOye8Q;<-rTjm!3#$at2VbExv#X`=vL8#pv!~|hLq%+Jl72WhGirak8rKUE;$^;
zy3!J*IgEE9fsY2%F`B;Pf5exaCi@+xM#(7hsm6`OHa13jsMfEFl#}X+y|{*y$$UGZ
zssRTYA&UwYY>94p8`Jfw_y94jkcIq((J1@K{0^R1)@fc=O}=Sf4!On5Esr{^2O0lR
zuszKva%KWmxkWKt{@XJ9x_wD2X%rlCxW<y4Sh7I<OHMp+VHUl2Iu7~aaZ|Ap0`e-L
z+?A49#~>isqo9zwQ%sMUKShNGi#@y}wFw;+Tl488RaD&!ve0e}UP}!PLfkh#gg<Mh
zqI^BbQp_D<RX0{~wId0J`*A12MgNvKsI&5oUcK!0c+qs5wbx8KZk_>KZtKfu-p0Gd
z^ZHjYF49l~+G(X&mAGZrg{V0@y(`>8prbG18kWTR!6p$-kS)T*WQeu&&h3G6)hmpX
zFzgqa9w9rdmOh=;3ruPjmAMf<ir#aMH?=YT6BgM%C1i#REil#8B90hcd{k-d*Yakk
zct`?BAXt_ym@doC-kmNNC<YPm?6_oSS5V2h{LZsV!~XQ=nD2#+9e3e?<@;F`5g6P%
ziO^S}`vj%{>_JpPK`@3aeHl2Hi0(-s&e2m5>e`g=66}T+V6oQ@NDx%d2}F@-0l1u3
z#TZrzPhB?p-4}Q3z@ighAbOcTuYdJR#*gMw>{@vxzYTUF-X7k9@7<JC4c>x#we+v5
zDc9-fY40h&e)vqzLS)YuHH6N5oM$iRRMdE=cfu)DgX%Ufdo$`=A=P*UW8ur~BmIJd
zqnS4f(oTjX1Ltn`O@@?#24@Eu$5CT|bAX(kpybin0o(|rq@>JJ=GK;0Zlr7+?4W5U
zC>)Sd2BaV`+fxhEI-}=x|1Rg*)RXCK;#AP}e${nL+tYz&bz<Cy@BYO5nERNQX@ch)
zYY>#UCagYtIyGE41bK;6a+a`*O`Uu!xi%$dskPO2g0}XI^D^E~$p)o?8(+G+yUWUt
zLz{scn#}6rx4Lkp$#P0$Um$zMNQ9vc+WSImq0SV6FGRu~5fNSG9&qxxv#-%d{j~3$
z#y1$bPb5N|?^9BtyujOY<EMbF*2CuO-mc?MYsH}M2APG=^SP2GSDGu=OsOYmw!fp>
znN}|7zZOj#86=;684B2o>FQqCudWMFd$Yn7;8wz0?%MBJ%;}eWR@g1a!KRp0s9dmI
z(xS};W_|{GGp>93*6gfr0NvY`@bjuwe5wfciO>1Eb_SdaFam(HH4R(lyZPP&^>suu
zo*hEMLaW|Rn#zABy3ZvN5rqVt-pVV<gseKxy434yaN+kjD_Dd$d>Ge%o%D-F=rRD6
z-hgnOfIzdsR-yLi!`M;X%(u#`dUNN|F@_DGD=+SA*V2aj%f-q&ck=D%$-9E^)}Hk_
zZ+4s7C3DFxkz|gKF&ay?ap+@B!HUaz>;1Lpi{jIJ2AiXEMl*<mq_dyO{CI9?mt>65
zzHN*jfnU`NP_(Ns_G59S*;Pb-HAC0tWE}lhw|iyl`iu*mVJA!5KRLc{N9q;;*HWUI
zT?wIZt{od2)Rz2pPm;_jYC0Kfsu~%ZZ48&)S|7VOYYGX*Y_*I7j*y>H2NL#*$H&KS
zYJ8i!Jjceyw-zOkr~T!sDeL2IyIh~pzrq>&9+x$!dBIk{p-8uXirwcNZoB2NVd7gV
zJnwYC!z;Td)R+-K+^=zzIOjP5b|`Vb7f%@9){`1~$&NUxz!kY0lQoBr@*|=4B^aBh
zMUCxnVL%4scGFv8^DMAW+S9|punLx$VZ*!UP>mh?DX<nt;1Y%;1!-^UiGeq#<Kq5&
zK*p<=D!D!h<c&iP%JXW7*Z*Zr4g<S2R%10L!1U*@aG#dO*rGysCsBYRQ0~MSH^&{>
zl`yK@IhN2{GS?+8XNewLUg-NHxac9nse9dV*yla0)_?d3L`A6Z^Ryi(fm2LrT+TT$
z!ouwn%o#$26Yfmkptlr0Jf~lJjV6*<Db>hfGXPeM8A8gV-dx{8Y#@&KsnZr79f@7D
zql|^UX86nWIJ)~qegeI@U_xyAl;xOBreDxV79_{zs@)*UB8-dN*D2d$NQPyPc6q5p
zzlvw0X5*jONZ;QvX6*3N1qWVa6ynray?r?dQlUONuJAw6K>&TWF38x7nT^u&=C4ki
zjCKP&3;p4(9*>ieYo354?0tBz0h0~q!)Q@ukyA6-p9VOJD+BE><;Q~uG%vBS<>xZ^
ziuV1`RJ>YPI}Cq0DMy6bG6FjOEam(9TPnJzXIF~<T(IKJ)G^&?z0eKGA4Mqm4VaW4
z&NzNa1}R6k-qzSR9yVa%^Tox->zF#4bfD(RZckqyXY5*pTxjno?>6oUBDxw}CmhMT
zT(!*Pe;!QIF$Hc!bV(d+PX*3C6}3JpMd*huH0_pT&Tb}YcoyX7kz?c;glR!H7Fj_I
z3@d5apacD{SN$qFC(27}uMFM&x%F6!Vi02YS@W)Rca*7mK9`MT2Di9=%r8llWAf{q
z<``ik^NAXqbT;B9M<kO%Z0y}#Y;3F>3cO}oH%n~tB`{#dUCQ2--LXKwrU0#>uVdgk
z)N%o4v;B@EL1<Rrrdw`@ua;pflT&d8^rbQ{szGeQZy-{lQ_H$baGPune_1L@u2FVu
zd`KI$9|&RH|Md~WVqVGi;G<zU`??PKrFY$Lhk2_ClDdY|&~eAFB<HyS39M<4`Rx%$
zGP6|?I0|NDZE*W|e@6^^E%(uUNbhf;OS6QKy>?xqzasP?x>|m5a;ApfO9$I?2LIb?
z@x~BeG(DEkl-{S#QDaibw8#1b=HgTD^!XQddODmRNMg4;yvdwBZ(_0T^G-6TPv6NG
z_b7ImnBRf;fZ8_SK6Fi&Cu3WK$JJw?<i^Go{KV+bCXb(+7zvj-Zd<pAh6;23)(t5f
z@9h#HK@x9yMCNzt$pwd~7e9(ooAwajZ4pO=a_Zfk+}yS=v$FN|^w%8L-R>_gI^0K(
z?@syF*9E(}JYQeV9-m=XyWcl^`+IsMg@t?b@{G5(;wZ?;3-a>|3QSE*chJ#+=t+r*
zNvbNUvpM|Ilf%Pf6B8rj<D-+zw6wH;uA?HOWPknoHOi19h^3~Xp{}_w_xm>|M|{xG
z_&T6W0K{>1d5!v~W7u9`+mi~;I;Sn+ITMw6RIcg#*&6OqgrA3#DnV{?Y)s}yU2Cg%
zt6rWOIz3jAbpLPu>AlD1jg>l1V0GS))`<Mtyu7ZiuBxi4rlzK%wzjgivbs7IB|5LC
zhWz~ej_CY`!orr8mheetMn*>3VVaTA(T_E7WMbkYxv^m>MMYp@YHDgmMn+;{R#sMW
za$0=aClV4I92^1+Q501*Gcz%<pF0;9H8nL;N+BjxB__u>h9p87u9(ok(D?di*O`|l
z5L_$gKwc}m0X2`R^z*Qq0RO7vx|^%JySuaV-eneHHsJ};$?2(`y}g~Co&D*_Y3az$
z&9@N@r`#;QIAUmM*f7Riepc36XXnd5f27qEa~fz45Ao8|wWE@XYvK*n)bvzTbjq^%
z)zyF8$JMhby7btsG+~bb83&>>tT_{{;YX4)q&ZC@;W_i+(MDP_SUC$YDQv#Y!_6a=
z;;FHJnXZ<&wh9MPni21}CB293FB{FdM{~SC59fE2j)$GwNxd6xzeb-?B$zcS`-$x>
zO)E?n?LD$JRO{vn*pgX07-R|kfhwykuPn{mQ%v!J=@bM;K7{%K$6rQt?cWNElxJz^
zc<5MJ$;gBSe1{J)Fo>|Q@a$fZb+2h$8LmUhH+*U?@XIvG40alcA0ijxnT6j<;rVyD
z%Wj(Ov*je*kxhu118r<UkM^5TKGvpqp(@X4ZQ`VqzF4K-mVQVVWV728QC5%PjTfSo
z;^B0%SxRj1Tf%4nC(@g=Oq=$`@%JsbHe%8pbJ(jD@pW7+*v<>@H0@V+9%Du<xRaLC
z0=@PA|Cv<OU1nO=!xI69sw~U9MuPe`C@3$!XP6K;E5BS^;8?vR=VN|-eL-XW^#Emz
zAe~VT1$LtC0d$~uY&?v>4;-*P9+73)Yw-5J4q$SelfhmS*2e3IGlPw}hHx}w8Gxnj
z!<AgOe19c%XPHDpRD`;L=;4Q@HCHL6Wl^LrxNbycnItyfz+))Cww%z_Z;=xfNVANq
zSk-HH1Fr(6b*gVZ@iX=OFH1|$<zi>&<oWIozK7R4_VRL#9?({M2c2dK#eOZtl!B5w
z%@ph{!NL)jDiBIE#tt#I^N*RBW*9ayFi79pDpJ^DklA<t79ZqQc2-^UDQc$XDtuIL
zuTy!L=x8fNHe9F%s<&^~)X)`NUPp#S=@MdB8Ri2KP{v4Fx2g}faWM(e@v+~y$=T?6
zskxX0$&_bXSt-~V_-Fvk-QPcMYCRPl4TDQHC2e(mRo#WD#ktk1id%18Ur9?%&&jBD
zkpC-WuxQ^_!gQ_kbcmM>n*cjQ%E#)0C1av3Ir)(X%o%VQV8JZC=D+6?@vK}QdLl3+
z)*lw|Y}-|3$k4dmHT2c<US0hBVFB}gnxfmg!D%<Df9d>8)nNU!KVqzrjZz{jO-P$%
z>b|b|UR=@BQqniG?cB7!ZO2sK9(kTt?V=&SqoSd(CEQRcJ{Odkl%0~E@J9KWlZr=r
z4V;6EniojVw(abtWhLb_RnQZLdItNj(Z27wurTyIVPCDALwp8U)6>uLR#3yyvc%C8
z(AVCm9xZ1*dX~zlXMdwzUb%^yZn-W_N=f#1@BYnWGcYjg`W(il_sG>LIYCXw7{U~(
zkNg}aa!T#l9G_W%dn@g-s7c_?#PYP*q}(gsNC!MRJUXI2JUsLko{<%~y(oNQySu+v
z&BiayiBY?k$WxNybSu>1QxPB@8XPQXic^D>D#I$&Vl2uKRk0^8{g$A1Je;16SC&pW
zuaRiO!o$b@Ielg}rE%t_K(9cDf}@Fjoj}{7+w&!Df5O-;ruuY2N20PtE7EPxGnO=A
z>Hv6C?EV~9(VQd{@j@#6r=&bg|GlJr?c>{|W7qvTwmI%xU&#O2C(*-lp}87ZYd#tW
z#7XO0_iGeeQ&wG&Q(f^_Ul3DW5msH`S6$#%UExT=C$}jXMx%hO3d8SVN}QOOKtb16
zoi{&KTUohvGk@(EcrKg1n7pno8D9X>!vR~4y$UXKAKL;d=OUxj4~&`yI~of%>nW2g
zNiYe=Cis_qjM83686@@i{>b`^TUwS((&c=LiHnJi&$YC2`kuSGG~(acE?eKMN)$w(
zxwL@T$k*;;s3<F+@5A%H3-ocm!0~8w$nfE{s#>>F7wrDIieAm7Hh-fs|8bS};(#3^
zxZ0(z;nw9~=FuJ-aPf4nRj{|@_T3sb;%B7jULL8pSH+2c1Y`BDCp_qCArzCH8q=Og
zGtd^09~mgtCB`AHh-?sT94fk!?yJpdNFGln1M1f3IKN33Pic<LBI;>&b=2ifa(LX5
zfvmsjE%0kD*rlH-tampg-M?HWHv%QU6u$4Vbx+m5#rSACrnlc^>-|Q<PSlu9s0EMP
z2k<7{3M5^#6I{yK6cl98a2@cR6oLKwr2qFL|Nq?((XlJihq!hGwfbPl%8t&ardm!+
zPDepqpJ>Gcl>y8b{Xdh~sMkVid-z@VT*(h%zj~vjo%^1i?E@h9S_2)rWe`{<p>LgU
zOh4AO;cJpvRETRr(lFjQ#E)gqDl(4*a*yZB1Zpt})W_#K>Icsw;7{UCgYUI|r-}?f
zO4|qXc7}T;Wtjw5+OGw7C&sCCx&=eMnvuLwGy(R0gnTaU<tP3=v6KHf`k&#Cq9t5f
z@u*Tg|8zrE5pN2UwV=+!AVvz8T&H~$7Ex!UPpn2ckeKstO7=Bi?!*L2`_7l-@qhb^
zkL!Q<D<LU-_2#F|n=s8k7ktJ2IDMp#<5Lpxm}{Vk75dl?_z^!74De;6W4t`j8%2p@
z{hLiNbjkJNM|8wIl7Adhbw8qi{}lO8ekMObf5$g3hgBnB{D{0GB0UwCke0*2^>!3e
zdnwE^nZ@e(#G1&#jI(lj=iqR!)2cYEq|~%gXlP#;l-x4)z2#@fO|QGu$QLCP_L6Hv
z72wERNVrek{*zFt<8@!*gz6`z>s4wKr|=HkP&D#m?O1kJmgMXSBn1<?>jEWftvtdU
zBQs(&(j2Pj<Bs~Q6)_}~TABiux`|o4P2>u(rSV|ixW6W0q_^*l;DEu(O?ejG7k){=
zL4pJJarn5WVj@m7+cL~W?4#~NjXnl;V3b%6MH3XTn7r`nv6_a~O~y_ahVf2f@0NsX
zx02y%(0zfu=0!bPB6By!l!!JAX0WJGLRn_1yk^<g&LbrHxD8+j-E)>&nQMl#F#gJ<
zUzv&_x$hY1_ysqaK;ujH5R7VYh(Iu`GWe(xHwyyAU{znCB{b`=F;Z3-cZ?jOXk?LW
zOGI2KuuZ<6cSwa*PtaFLc#KaRT%;_djwUvLNhcia9IT+%j~WVeRRJjoa%_fShTs5z
z@|t11L8lXt$e=7sDEJS#MHz}%3X7BFza07bNtxx$9W33fNI5~md(gxQUywk#Q;@j8
zC2XrB@JN$pT0-AJ4;w|oNi)FPy)P4`xOI`UZo7RvJagE70E$o<NqO_ODVCgV$AO5I
z{eI|geZ+ST1mHPn8@9Ge?fCN>jR)*KXnRvGVst!uymG4ZS3QAq%Dq3qSj%L6Cf;rG
zLf340wbcDp+HI41(KBQjNY4S<4kH(+;#X=XoiMi{zzzWZA}b@QbZMI3JFJSc%eURB
zaLQpfx7t3jkPz5yJa;>MlDZRHupFo-K)n1>M<uQTydPVAp$jWLPVrBz_}7EY{P)n(
zc(l(i+l|AS+k}&ds>w)80QR=5xhw+v<ddI;!&|bbnqlLhmLp6p9}u_Ex3#3fAw^}7
zCvS6-8&Sh8+oAt^HiC(>E>Q*kJXok!MHz5msE)O&3pB1|_)7_xI5^ilv*<$?=JQ!z
z)6pDbZ1Y&Nt`<MlR}Va>-WGSAbU;Ew=<_<MX%cSv?^5Ag363@*qdzdUEnv>Y#T!xu
zN4Y=hZzJZa0zMN|9s$pl-yjz6ZWl^=g`A=!#M~H-gPRRUX=UQL0!<`*NvHJvLouf6
zrrWUVAfb&fgE_hcLGp&Vz26`q?fj7~wj{t92yDN$L|$XTsj#4m0W2S~ISM%mAF<`F
z<3E#-vEI)dA?U$%;fHQ*P-**+No$lSDhs~)1<zs}l0&nF;{y{*i#;uEoxNyLVket(
zCmgUxCv}}$J|t_IP%vN^g|i!_K^L!a^}#_(e*rb22?`+@XkjB~EE^_(N3uCir_S$E
ztTs*x88?yG?6ff2N^S-AnD5!H6+*Z?P#Dtr5$BaHio`QfN>o&7qKvq#+_is7k_fxx
z7)zYbo90gz0?<_9(Qt%rqLY4K4dhy8_OP3UkcHlytW{8xopp3%_}#+$5Ip;aMv@JC
zK@0!A|Deu(6Mph=;5Jwz(Ua?oz|;-KQorjSxCi$#xrA6(XkANW*Q#b*Yb-q@Wu2z+
z<kwFqc{{i{QY44D)eSGE(t;yMpxf7Sh(7NDIx!7ZVxY2SAF{?tHV35R3r^#1B9wsc
znk_1*(6&;wGxmp5bb9MVtr1=B7GOzw^}OcAB(%8WdsiC$_hmzfKg{GE@*~7cRdky?
zLv(<a5|-e_KUq9x=&}K1_AU=)wMk4nje{yQ_3MzeWXkw!@k2p_$T5=m!J6jl{)(nL
zL#c5|@<2h0FO40@ZQEY*JFfVK(_TE5I`gsAv0Qd!_DQH#yhc)n0>;xb53zWxho3)3
zh_v%W9m>e=7!KYdw2gEaCKA*RXITOQ!txlNz&Gg4-AymJ{b|R{)eC=BvCNoGN2j-?
zauw!abAKRHOG*}AQeo8>s6~w?8e~SS7tYwKAYhieX$EVq=dhrqg^jXYBRvwiZM{lz
zv~N4!QP{Eu2SrMRSH%wix&qM-Y9r9b`t#$<ZN3WB0oXD4Fnbx4_fB+Pbr?>PGIj$0
z4nMmG?B<6Uf`p^5$OG|Y&2}6*ckoHJG=d0{=!*mf2Mb|Y9(e}r#TIN@{`fL_Eq8xe
z2k?7;mg7Q8qXg=>1c9`V8ZA*=EP2}g@EPHb(?spW%<q=^@vcX5?l*LLi!g9XlAvSb
zuS6ORv)g-$I3S{uXuC0JnVecjEY`KeE~(=(zx08tz#=0Gg1w29M3?!a2qYPDn{Nwl
z1J3M>4k~h0&$ZeTnA@t7junwF2W+v6g+LRk!$RXzN2tTGUo}`bxOfTE#$8?%vPg#F
zkzZS6kuX$APY)PzW`)E!d$2hZ`gUY#7mZEcMdtv#cLqld*YMiODH0l(<mHC!JLtas
zUPR~xeCe1mn?UAoUKH*={6DQYjDbrVafq!ULo^KpPa3`yH!MAf4LF-}DeHL`YQWuj
zlnnYJhO<jn`JtQ5O71YRACkG;4@l7l{w3>zqkPkWlt0=GGHJ&b*XqEMaL$2-sx!nH
zD(8);-JNuJ@ctpbGZGS$GxZo;d5CFZlC){OBUspYNf8*<?c80U!$lHdzoI~cW%9cj
zsyjBSJC$1ZL61RlcN?3zMx`~=LSUi9ActnOMa!kSKrUGrKfh|+>|o<BQ={(19SKSe
zYS$wNvIUh63P8x-1B&EuxaU<3>TdC99QE9Is^Y-9ju1@n0(+8&k90_H66ourEb-db
z<@u+td0g(rm#^&GL|yPrZWz7?Y$orjZDN*&*Oo-GDg8L~?tO!#6rx0UYd{MkMZ=T#
zUm`e~7gB3s+=Hk%Lr&0X+=`bZZhD&x3?_n89mTgS#&xq_*xjNgaeUBRXQusK!8K9E
zTL2i?auA*sp3blQ1|hTihDpSfCu2)|IneJ!6R1DbR~|*I_wZPL-SN}ARgam;a&{HU
z3rC^C>=r<+|JnJ0pVX}GSO#qI!^!o@(WaT?QW&su%0BCSj*Q$h{53}9&yCqCJVxSv
zuN4l_FEt#z{PWL_28M*=!)tCncZR(W<n1j(2Qt{|b%&Rtk`wy;jRJMa#+X62@@-`3
z2HPj8>a7y9J;|t>gJEY%%^)|N#9{h^?rpT3&cPqE=fa#sj?vk7san8<7AVt-{a~P|
zLhQKlMorqaRig}Y{$;I@+QSbIjvyjI#lGZ{Hp>}wkVAl_!qh(P7wc%W*EtidW^1A)
zPydvn#mG42{QZ<HF5h|>s0o`A`WYAu>a?F>IckMpM8;~$lU8TWZ`SgDdBm$N(`cW>
zWxk~Ef+MG;VJP$CP;miM;U1&HtS4e7<T(~wLw_9wf_6@3j9eOuC-Gm3sd0rRbs68%
zNv<&Xu*Vi%`EtFK_L8%c>o__sM{Bw$dft@C^+-NB-YhrS9E2X~9)oQT0<Yg~r!AZU
zS=Eo9iItF$VB%z<WyEoJV2wh{WoyeWeCFfwva8%B?z3^$z`}vEcNRF8b4-1jYWD@)
zi(WWi8(>L4ufJJ*5{SPLZZT*sI{rjgFehA&wvVm3FH{=@dZ-tFX&z`E;{;EUeHsJL
z;ZO0{T&ssuhAApA#rb17>oa{*H6J`b@h2`b5{QrRE-N-JL>_2Isn_`Pj$5+yN$8m>
z?f}8u!OYdo#oQRr{;%d=Y{kj?e;|vEorN8QIt3{P>Q07)hUVlT<>Uad^uZ9Kak7zq
z7z?QiDYF+RCn+Z<$hZ%N2qZ9!f&r?jgTVwv`JiHe6jC5*Vc0&il5(<x&@4V-fr{24
zF+fUls9zvBSwOWRu&(GFJby(&5ET6H^MhE^QK_1Zpy2`Fprv(cjAkbXC^T?rPHs|8
zZjf*j3<XZ3lGDgO!XF4QmL915|DJ+9C}RbZ0Q99D6&HgO@IRw+fTjmws316bK+_SB
z%pjvFNK6PW7SJU>A%C;d1|&n+r+*po11{M)IJkH~y~~hTAi;r8upsn}e-V?5^&iCa
zv4BDX@eh7NfcWTfCWDg%B@BN0h{y?Yj)J5IYHK?Z0?-5Yt2a$Cr0zN51g+p8%)D!*
z;*CtTdZ@$ig^BgorJ7==2jA{>Z?TsC5H{7rA~pMF447mas!yYqoo8JKNBO+(Ug}g&
z`1-#V8syN~ws)QD!?hI)?JgYf0uHQQ*6fC+;+{?vDywu>&=UmPRk}GB1_$;EoJC!M
z#(q{4^0u=K#JS@vfQ@tys|IU-SKE_SJ@goRu0ep}4fbKPjs1onDa1yFJRcx#P<MHG
zaBsZ@ukfd-9fza)L+9RntU=pEL*BGwjP+U}{y4f^-`7%0p0sqn1XoCF1;uFOx^EQe
zO(6TRH-QljF3q3y#h%N7*J++TZSg`t<IZ5KjZF9(w@pjh@cx__SLu>kIIQ|KN{t%r
z&#Yi$zw4wX2k)aI#CUi03f_%IFfs|2F|_)W`JEw&&GsTrB^6(Xa|iw?VVbPriRZ7H
zdq3@-0JC1d`>ZW9{lp!T&ee~P+lnZR4W*$#w2X3c_*4DU(iB2@1~J^Ip^(!L$hg%j
zHcG8Ee{T(}WNK((GsbouPUMDZiyRa2HU2qU%R{wCV<Gh-b;Js*T!(>a+&^i<lZzyC
z;y;6YL+OE#22A%zth_*8|8sJTDcYnNf%t#`iew@X4DCUO9ibv<5z>}xbQZ#;!nQYw
zlwV4&2~;#rca=!Ax%@?9Cv6uBly~H`4bkMGv$Ss_tEV^M2OJq`g*zz88f;OI;Dt#3
zc*&O#M~R|K5Y2R^nX?u`V)pRiNSMvueHcymsU%SgqF(R}Zd!LYZOGUzS%?EYoj(Qp
zC|%7z2EdeEX4oMtHc-<-f*s8lJI_@MmMs{)bej~#<VE$e>HHGrOOtK`=Df1o8t?r4
zsU64dL3VOTX1HdDBVb0L#`k^f=3R9#i7lY0U~M6p%$tv((^a7vg%uqpB7r@Y4xFkb
zx8AOTbYYJcRW=!M`?qoxo5_RmrWP@DB2_BhV)3572v5=Qlvp$yw^GmrS!938I%3+K
z7MncWY$g&z0GzZ$DRDd|Fx<%&^Rfi}AU3Z}Vg`A~CFRinx@YlH??CL!aB?)nxPy}#
zYflWEhG=t*+2KzeX{J!|nF)YU%{+Acm$#geB@{#hY`JnhGKoVt9zUn?dn7Q;jVid)
ztR7z}?mF7j3dU%@-Gw{X<-A0Ml{)IQpd|LuqhvyGQx6cb!S29kAga#()xF^&+jtM}
zEv8&T*HapfxbwQtgggD*kCqwu?(Ut>&a$cY`t`8$2J$(|N$k5yl0&?BZkQCSDF~Ne
z*S5I7727ouU6X9nz^pBYD3#0A+hO1o_DIMqVcJqHxODR2BD*Ylw2Ek{<B@MwjVDJ&
z5nSwK$e#XCQ!?1(1zuQ+_UXohwyC=`8Lb6N4pxG38*3?D=AR-0-I0B^(dpSn6VL~S
z^X(1Dk9k28Gc4E=s}&J7VXmv1R2SaX=#hn`-^-|&(*35N#H*r1`eTnGDAGvw(gSl0
zwtI4M&%2ined*JEao=^(<55jWC44CpyR`6Rz3SP>dNl*&fb#btZ}km4Wizr}L5uDd
zi^%U-8KOqKtFc%i2)TtnuX<)glE!%MX1={lq%-ZkN7Hm^)JD^)Homiw`yRgb0Idx?
z%pGO__?f6u=8;C$ls|RreH*rC@QNHGi1c=4IN2WoI1+?ALv}3Nd9}1!-VS6jBh?#$
z=@U(eBf&nh0*yp``YxQU`TJtbfLto$Mx^JVGw!W}4;;i5EaM$J{f@}17>n>H4kY5V
zTA{SmN*$KQ3;dUj-20v;UuIDiENC8XUj1{1e<Dh!x~7UWtnyRCQn+|k7+IDuvfm!|
z!DR{c8r;Ko_0WXVCRUTS8KsDmWnijbeXaC2Djq4G113w|>n1p8Iod8Usu7lVRDx;F
z^Zkhkq%BG04fu(jZzpY>kz9IL^+Qr45&jj_(UF25oQy|FhO5b~?mp|DfWe`PxP(23
zQOy<RUun`Fz1ONSCd*dBznSc9-#xVBYV-)W-zT}5PB6%>08H*TTY_@Ao(_(#j>^u5
z65a+)f&P9KhF!c^G)sR93wAuXO*(jCmS5f4jzxW~xPB$dYV>{4uAfWfXA=LmDL<mS
zhGu>+?2i=CKl=r*!jG()RXH~KUR|est%2CpjjU2McSemg5Qaxc%0-QvbcOrSqpsaB
zz6`{_qGSZU*`s4|k-Q~!!3@2S%)Y)KjXE#452Vaya@Aa=A>*R_p-Y=A=BXgMy`!@1
z;G&i=_Ss^CP@Q<63Go5DMH=Zb_<*)0v;gofFBjUGR_87^FWA7E4X?MPS9FYLJ3zxC
zqXLJZmOA<M4?NU>z3&4J37Ekb+1f=2wbrr%Em`nlx(fQuT@a=dP6_12j+trMc2&uh
z1h6J0G&!@@*DU0&Vi9rmgg-q*)rGG2P-I=&4NSaY2+(@`WA94ah%d#*A>1O~Kuw}Q
zprdPN_EJI~?T#^KbOC1Gk&CG+x1DFAck+1+u_zBibm<;LX#L`#Uw%!swe-uWgak-8
z!$o+cG8G_WfNsEqWd?{J+zB2qM~pl!1+sZ|x~LuA606=a^e@ebF(E%|wQWLJix{;1
z-mj1g-L=6}J$7i+b38Mczkr8d|3O83om?qnUS1Y`Q&5$;`sZZ*M^9WecHGODyf__>
zd0(g`LagYp=gD^!54AhVqsFG8(pDt=UEXv63;Ig!-5dUHx!aa3U)sqlpkA-c9N6tm
zizW^4^D-7zXtyS+`cv=lmVL$?T#z`D65v894@*JUSi*?I*y7)*p`Y#y)id=xsLc1<
z*(^J_?_H~ilJ%F1cJr#Qmh<S$cG0DnnN(6F{;@W1GpVr0@88(mR@PqdqHqfBu^|!b
zQ5=rh1b+r^zt_A^yR-obBqZXNo`6+x^&YPK{c>CM??nVH)st$6C^5p;;Xfn04UQNF
z)?fCfINenV_pPT?33<b!nmP%Z^4ggErpk+1e{pWi9cz-@9t-&o;5d8D88>AY7=R}B
zRSQl}oi>F$-hSD0`JBe|4hSOPyyp%y8dIq7c5Lw&Q3y1XYGCr(wM*f$97uYg_z75z
z<X!wM#q;rQkQxB#i3IHan#yp-ZlZ|-&2@vHHMTeXA9DMb{kS;)lReqEK-rd1|F9<%
z7Y`{Hi1~vt3AwmPKkOg$<N}a>*gtIm3n>6()Ca=~`o0Ct2*Je-Vhw?%g8;CCjJ+Y1
zA-FjH22L0*_P@r12<@PVn>QKZWWYgCPEdbCCOSA2J1KzuZ^k48X#C5Vl~B3=J5vA$
zC@%w*4ju3}1pf!Va)G7>VW=TKj{nV>EK{E_!2zHPenJ7z2WFBqk2^sfwBr58JUIXy
z+}!_t0YJhDxELTOCn)`9K?dl<GTi@{<jKX!^6yB{G${=x=z@}l0#sx8Nd^M&kM;=x
z;07gFLj85lzm-q!f2sCAl+O=}{!l(aO5>==AE4^G%7q><RK2;9s7oyl#;+P#X6Eb3
zKu1+uuq4yU_59tI(orI@G6DU0!_kl%&V`asMlV6?la(9r^%ne~z$epRExS}MQ+rmU
zz`ic8^kmA?T>sYI!!zMEajm4y=JOk9oaBtDzB7rp{X@jAVqbGpxAYaN8>!0Y@sZjG
zZVp=*&#Rp!Cf{z1py(`H3C*Ld<#JG|Z}SGzsoS53#i%_VGICjVIaqwx!KC7<Ernt1
z-LiZdjDT-xPY5i-TP~}e<>9Z>*5XWQr=+@!$$awLfHEZ<ti><Ax@5GR@LL=E(nxD_
zM8K{Q%r$uz6CU9NN`O<xEp2y0iM7K9YRK<0NlW`vsJ=sNc$xAKCVcqKYTNzmw@o1M
zo8v`pgPRrH6M(KX-><b4@xJ<R&OZSTN7w!s(ayL-Hif?=>pOU^-Ps}M^Giw{-B4M%
z_*Ver)P4FA<ZAA)34Gc86q%vws;#mrDjUOd-93PH+&JeC*`dsje>9!l5WueVIWptH
zqCqJm=M+ByT?zCRj1Ec8p9V7XF)?Bo8a_hNZ2MY&JH}~Pf}T=GajyoiUK~+rtT3F;
z{o8wx1hb}0GY3rf;!_tvS<$%;T<d(}vM#7Cq<YDw@-69IE!p%fk3~MfFj@btYsx=B
z7dLwY^9M2Tx`K8~8)tcM1GBS(xK}Z=o2g<16>)9P5y9N%(L-dEcvG9wV7dqT#ZKH}
z@t`7bA<0WA^z^;`$>7x#+JR-T$zp5|)rdo<yu7VSezs=%P2R3KO{1;oY_AEZ8U2WV
zN3~|31e9Pjx<|Qbb`J=ve%Y;{g?*XXTL_&G$2kVZP}8k!{rWAP7w5?xBla3AyU~CD
z(ovHdSaN+jQ-xqW>+ldK;@NT5RTFOFxH~$1EP@)yZ}bL(?ZzgzZQV<BP-smvo>2g$
z@@+0MMIYnAOxx@XQUQ`kzEW)KfP!o@n)xf_i(iDr^&eZYI1=Y?1F!0D5X8?$?0%Rf
zG+g&UD-n?6g|#UEj$+408Ro_dEBA+iK<h|i9SAvjg}`=-O0Jrn(q=R0eDY-Hj`CKV
z?R2QovYzmH`;47qsU5KkgOo*9&208}Xy0^TRajVKerX}pF$UMx?Pj9{3|3$GHlC78
z&^@6s{!d=03Vjt_Z|vhu@C>PnHgb6>b{!X>xT=$7!1n8im3Y4y?sbG`evB+U0xb07
z2|Gq;PrN`lo~BXG0ov5v?=3_!VX3Xmg71G&<bw$)-#(jVrh;BIz~BmDpc%!9eM?;q
zDb&ilny`{B+0{g=>t}v9j@~GtdNmO7xNZXs=BD!5hY6GQ>pK;LM+`Q~nzMXK#^sfP
zBI^nHHzf@AZUS6&%8B_s2lMZN*liGNNMrQKXf4+1J?D`U!{ScD@j9ogl1}J&0=mxz
zpUeS>k}R6>#}m%20ldH^E@Y!}XNKL>8pJbJbaSYg=u>>q2q9||zf7M#hcip5Hb)~<
z#_}h5qe(h?h6Irnv|efHZ(yR}Hw48%i$<%|pRC|i3<?(upDb-wQ@E@1fBv~f-QHC?
z3N2}n{50w6Y4$y^Mz%gReWKd#fl@+wZ2dAUDbo%pw8F>V4&+{{U=m!jd_Io4ZL4ZW
zc_Trs3l2WnJ=Pqf{tWH-{(VDok4VYx<$|6rEQs)g!7YC5&tv~m)Lev0NSq=HFaQe;
zy|~^~n`!bUsJZIF&3WWvulyyc0R|beKl2;^z&0&ipeO8s5?r>sHebO-7VAM?6E4qZ
ze*B0mpvj(>;rB_2c%$%Fd)>IH-^s}*H8v)XJl?2r9Hz%VGfBHjhw#}Tq|TRXo4);c
z&$Q|=&txA9ANu$$g0xyTxD?f*0=VfM=z%~Sm+f>O-*x0;Pe!ILpkz_QCt_ff!vS4H
zmduSpVF8^=KQS30<mgAnEzTb-B=YWhEe8V;m9xG1Bkr)|%xgx@M#4&s`j0Y|w`SS1
zx)l+G0Yk{~0q*`ug6M&B=uetYK&A{B1FW$tRo@_q461}{n2lJJ>Gln>VqkzCikqT4
zyk(hQg$iv1bD>nyp6!PH)I>?hFKZH|O7kC5`doe0i1Y3mA_CuX!Sh%nW<!4&*`hFQ
zScr8Zg9mERo?{uv((yLPIOjWIMEIZ*URq0~#NK^U5d~y48H2?!pV4Xs3_-&3Gw1t-
zR|pi>!@hSg;9tC?R&1O_vj8h@?DvB}@tu)%8df!Ma3ZWGMUE%~B6MDnXa|14TnW1q
zJQ1@}6eAwhB-6l_AdR00esE~VzHgKUbNs|kgZEPOCcja$B0>}*f|Q?1SpB2FEF#tI
zGd-uWp@T~;bI;G`Q#e8(XA@0>8!f-yP5k5<(Hk2>O_aAe!{T}i7Y5SG`~KEn>qa;g
zY7M#z=LOgEJ-RoJ(SPbh7>bv!rpog=ik0^f4mSR3Qus{gCIty=S<;1uG^$WJrGL)i
zD;4N_qFY%R!#=;`y-Ck|53Ta>E9P@?28&0Z4ZJ9Ux&KKyw`fWRG=URgte@zl?@b3F
z%1A3R*MHG}93{hp#SB=J=g)C!>Ty~CnVWwhgs6P1uo+tclET=>gAnoemnqGWN@zMA
zaCJmjQEt|KCf*tKi5!TQ^!TQ;FLj#f7;w8U&7d8*z4r?cMF+hXktgpOBa<XAMJN5$
zwf5u)nJW^BbgO#Xm6sE%WtfN+LbnafKN~0p<PY&|g-*}W1p>u+rOYl4M7eWD=f$%$
z8Go(?-bHI+r(qbNLV2;mE9gX_@gl~5>y#nj4U(=-Y@*NRYoP=n6Y0-sTiHHZ<IpFw
zOZ`T(FW(N>S=dH1ST39G-#oxl-?i<+tofd3e_+f|%&6*GE7<#bfR!ef&=fvi*uOUs
zD5etTKYq3%9soofI{)p)enxYW!NFEq8UN|&WhfV6bJ>RVqk8TRd6$1{zIlppfygZ`
zutP7Uk)JzDa&EEg3s<Yk2=O~}2+f#UFCO>6lzyX@9Uuf1aYB+03_0<!`%MS)-A6Ma
zFYPU*%Ig1CF-=On9%34pTUd>pF3UaiN?VQOT(uA%*8;W-h7;nZTn$?u4x}Zf?n$G6
zhVWy$B!x1@Ds|l&x^em3_ATOwE|Dcam@=$zDc-krq*1RWVW&P^M#08&%T0wW)Q@zK
zSZ)@5`+(bvBsUep4V0G`sVi{=!bASxQ2tx(3poN9>&T;8M*-bD))q45jhSmYfsZ!<
zf$r~?Kw|H3i}lcSo2KZ_Gwj^<REV7Jm?x|p;A!h%V~l(VDsz76<@Soz`>5nI+`;>@
zar6`1uYO%kh(nktJ`o3I{5f~Jb8TDBg@{sS-&lA>fgO4p_fNh3ewH*t3%umkbLSWl
z{?7i4SM#cQB;w*eae!742fhwuVvf03=ixCW;F1N{>O=E;a2}Uw0rFe66E0GtHif~;
z(E%4ObKqr$ch7W`UFC(1n9yx;MVC!9abWc8qQ)SK#Z-O!Hp+RV_*&f3I`%JSLoLA4
z@yf|5j-f_e!($p}aFyJK?jngNk$dGzs8IfEd5sh45Xn8Xx{J+w?>hjbrca6=hsbwj
zxPZY!7Rw)(${HsJ%}<yi6Q==iK?kZgaK6))Zumr4zI%rD3JJJDMhV;)sJz3jjnhp0
zZy4wPPstj<#`-TK19(7};iy8;-0Y;>?0@UlsN8I%ANEhdz|BDl%F9P10riZ2`dh2U
z1ZCI3h=AsHq5n&y=Ke>d#sK_Jk(!&U*|->07aW3{qZxb+k{leG8$ikp_^WgvC$C}A
z{I_<PhARBOq|5zx?SR4kcNOy=wZlh}e~Z-I+<zAj;M^eNDM$<m?vH7F$khMT57~Rr
zs9k?`RTaYEf*!V@kwEeZxUirvd(i*23xbE`ABno65C#d9X$ge@@zL{_M2*e!SLySY
z#{VD10MExiQvOS^CThm|P^{C2jJNQd@e=#LV3F!t6F^$qK0t`a-w011?a4Gz@zlQg
zPl~v3NA31BK^u<8TN(-y8+77SXWaK?uD4KoZLDl&I3JwiW+>cVxOht`lPd1AkF
z9*4D;?`^7aYThHV0%C~$&h2R#p7+|OTGlgpkgHDsz?MCi=0d%<&==C*!Z<2?Pt0!S
z)<5MTDLdIbECy#DGU(gu_jGw^xx}e*6Uzth4Ri6(RR*%w%f0XyCNYK(pRpuAI|c*O
zQSzT*Mx^dQ@z}43!M2HidJ`>)f>WZkA)*od8%)`k1--5Z=!Q+W2W2wr*h0}XZ(0g_
zQ(j>ffO==C$@By=&mst|q{@b=am(R!tBrWFJNs%U6B&-X-xo1CM`P|NJ_F4i>eA@W
zyv-xa?(#@Zvc75F5$L(L>Z)M3juaZ^W{#v2?kq?Dxa3s#upDo8QL>B7*q1nVoCavi
zVcj>Vh+}DBKgu#ZBUiPqex@5;rJQk$&)k-a06Lq0%#vrm!;!ixCD=q&?MnJ~P|MP!
zJ|Jz(zYC+MIGL?~iuNIWogd74sx!_<scUI1Ja|;W{mb+T)4=5EMxn+j0p2nq-byD&
zo&YG@mA;9lt{y*i=uX&Uu&LN_GlBMO7wE~X96REoCR9=)5#DgvNfJbyvBo0>Wa8TZ
z=4=mjo_v`eh~TJwwcJ}s7rGI&I>sMMx?X3!S2(Kegkfh)`+5>{b6QOcE@mUiMqzKg
zh;W)s8GMNa4^yK7JH5WiR`*8MNaIbdj0J=JN_uKXU>*>!QA^Isil@gK3AdQcz7+Fv
zsevD+*Vaijs!U4|Nk7b_tQ*NTrC@dgq$Q``Nl38g1Cj3Ib>xQtaOJVrq|g@mRDS6Y
zqZ8rvCoXEGa;A#}rSbMeNlEvOCll+=thlv#>WD@unXE%(gVRjEb!$xC-(>ZNOm<vF
zYfKzI+HIpBh7PPv?YAci1{?HU?-ap_lA~9X+P8I*k9Kdsi_3$(evR2`q0s9CqM_F7
zg)AYH#<mM9u3a!Az4KYKJP~~hzZPjN9Co{~JGkZx$M1fpjWL;FhZply!R^<(M?cQP
zY*(;BiHjBtxkHj16?|wF=b9O>i=)EA+2tg-X_s4ai-6<B!VkSWE9`{|cNmlyoce7V
zF_lzvg_+~@$^Jm{lt!vl?*Tj>_(#PfSopdpR+65d-tnl24{sJlozGqgOLWt9WL?Hs
zz(pr@+nL>E<5T~+*1A$(Y<mIb{dbJlLiNDqG!1wNnO)KPcCu4KQ?(J&RkD%79g{lY
zFNI`<KMmYj-0|5Gj2kYc7Ds}ZOP^;9#uBOZq?<qjvC#d$KGW^*Ga!M@0@q2|1tJm5
zb9V8~&rQGO|2U7mw1`ve5Vc|JG9R1fHILA*KRgA*4_PEU2$g(?BmIV3fExXY>gT4(
z_fM$K&?z|39NW<jLENly#6N!^Oav3AB_n}9v5sLnn@yC8gV9?O>}VyRL@&^VI?S+s
ztzmKrlzxGqI?s~EFH;SxpaOn7HiOU}kksov+C;Z>=dTr^z0Es~6j6Yrx<<S7EqRo}
znICiaM@b>AZ_ZXf%r=`1l47_<zZLv^eyK+Nnw+xX6nM~7zA1WWgFS0`lm1Nsz}qr+
z2tI*BKrmHxmGy0huqqakl+)zX*$+evHaeng`w1|AD;OITL5YQ|4lH1G*T|w7rd+S7
z+V{+c&&DW0wa+9y6^D}N1^FYe`Xn<aS4o6^>e!xea7_w3^3v!<tRa}>3K|fy;FQVh
zu4W6lLthY`xPo<!MAgabFKEGbt-~51kS$)7#swW`TE3N2X36pb@)u8jhNS&q>?OgU
zQ!!28wSi(w6eTTLb;|;_i`Nh=A|R-3a}OAr#@v-~j;o5vC;U1Pzx<_)aN7Zhuv}Io
zUBujqp0tjvAYi*^LpF6w>kjbrSs^6mf*rC%B~iF<kBUPb-`XA6{h_kn|L!$MNW?j*
zXuv2L6o~OPFJkkV#E`KVBKx+;rKaBxm*YC!QGj6QD`{Df*wqTqreT5<1jX(vm~nlf
zwTg2(#9@a*m^RB18)9RyfP^*ozOhRuC9esyD=9!9mA$h$T{yASm4Gxc6C>t767y5s
z99j0gxj}G?_@=N|)Mke*Uzlhe5mN1^Rc=d+(xHml`4w7_Fs*-2^)6gZ&~wOM^l@S{
zjYV9cC8rnMDjg%Rexv~Zyx2NdMY%F1SibP7^bE_*hIE$svr>r9Rf%ko48IJ{Bjpj-
zIS#vR3;*ym5`U6f!mnA8H%TPX5HV;SnE(f_iekuR5$TIrW*2o#eQA5kEqJ2=_H!Y)
zh~Y1<YT{#@4jND-J5Z`~^7G%dsIxIcL%M^i6R-2ekKmnwM+QYJ``C=eF%jlc&cWO^
zkR@d4?a@__PqNg#T6OMtcc-!yeWowp`6g|<iYt)jF!ty>G6og}ZAsH}ug+(8yVDPn
z)P9{^i*gU8Ckh{{<3i2v+6y{(XT2cNYoN&(iWOqhD}9N5jRY^UNXy86I%icMdD0EG
zOG~2<(fO7POb(98%lZjS+Z=R^Ly2@xybiV3E;d_PQd8h38AJNi2wfK0Z{cE)uOMT^
zl)ysroHYdRFxRB%9I{l_+z&@O-aV@6w)|6=;Kjm$5ZRv<lZZ*ZpJ2k4Y1>eT<4PZa
zU-ow2q1v=Mm^j#0#I3Wo0PohO0g-!|%5?((dp}(ad}QnKTk3e4tv9FKt;LgA%lyQ6
zAX%x*aLRQy4g~!cj{lrW9s__%`1G*CKrcVsZ);6)o>PPpDJN;Sk7>y*pXos8Lu7m>
zTfB~VhzWFa+wzSyWO$+6LOLxZ(LQk=Nqi7`_j!)_-!#O-@fVc9|Ff%;jg=iV@dHNu
z@BIc)JY1waAn;{KA~YUO(hvIw+jsz^Jb?e}c7sntsN|p?A5>%zb|cJxAsi3;-?A?T
z&;Jx^d3gRoI8a{`3`X-*2`U;mEGr8O>Bs9YjH5#Ocas4pHq;>KG7J_2l$(LdfWh-W
zS&)b8FKVNPU}617@+B>T!GvUGVfzng%N&9cY(QiAD}{fzuX3@lbAxK?VX#3J9*}U&
ztj#b{;J`|4-MF<Tv=0jVbfr>TW0r_c#U=&8z1HLuzv%86^WEvm$d}o}*JEK_psD`#
zHXE@z@s9E<5ycQD4|^6t7|GE2K>c24nw+B@yP~SlSd+7;kYdrH8Y&6Ea(r?;MX8hM
zqT52CrPYeKOKp7MRAkJ&V5n4cxiDS-ntFOM0LaFPJbA*^V)KDB6Yp{!EXT=Guz;iz
zA%|Zo5u-3tKIY$KVt!mvsdIdw4ciCWAbbe2NhD8`u}Fv`g8SzulOve{Rq$3O&D*rQ
z_7}{3y>7WA(Ir4P>vdqBlQcS`)>VanO`<Zak;cQqzC_>;Oya$WzObZfQ?ZS9PEjhL
z(|9)$_^kg|TrtE%(R!H1325mW<AJ)Z&>zvfa62zcXkcieo?GP?L}S0Fw<6Yp1Z9^u
z^?8X)x&jxZkN<SnT#Jk+k{;;0GFBQ~E=+Jis*%4hp`e-|RDVnF^B%l$sIvC5Xzo=X
zT}!Ns7AAd#aF!aRoW!<aOkpm~=dtYqrhNS%uNruiNIb^)N?7f+bH$L~ohrYgO$#;^
z-!e9-Gu(x|1<Fc!S}{>4`R2jJU0s+A8h}YUjgGskIno<vh3PA*OH0!zrwJ!8(6d!*
zqZ3G{qs=Uok-CrPNhC_K5g+VDUrp%cb0EnwFgZR#Ck3R85&ddm$GmG~RFDVkOzf8m
z)?Mmd_qA5@rI4KMN?sewUFg{|MsHS@FMgi(6@pHmG**V*t0#DHVnko0SrreS5Edf3
z&3u*)mKTMrRq~ig70;GBT?QEKgCT$e5N_=$XkHo~;Q2TiYz-SWt7#N}{3bPS#bV5t
zp*2I5sJmgG!QLm%^RG7Fw@LweyoP&Fgi=RR!1H#bKxjBD;{TCnT$s@^Xi3U;e8)`5
zng(AEYKC=bG9jq?qGV5uKo(F)QjbsS1>sUC!ReLK^dr}n&S(d9cvx&WJfuO#3IRbZ
zn4Rpf58<qE%5`d2IQ~*bq(kWYjPj8|?1*QkwUT4`(pijs0To}mhxjAV?Em5GEu-St
zx~*Ycf^=iSAz1JLjT7A6-6dG?;M%x*fX3Yk1PLBI5Fj`S8VK$L2p$N01v%%r&%N&$
z-;X^;SJ73~U5nal?zQHeeaO%ExtvM6G*a>qVO)@u;)?d17J>Irmc=QUd7IsQzX9dG
zSfjuFMER9CP5;-<KG(j1#Hf@RDa>o$@X=)9(!|lIVEDd2pv{8u)$2(8AM1xSf{c<{
zEgwgQDhB0JRP+)#W2F(+4|-X)9kdx<*(r9h)DP1C4%bTZlv*H%GRXwwSKP~wtNBFe
zg(0Qr9ps3El_Hy*@@oiEpH;ajGg&FUSg)v~I&;Or6JsH4q4V9Y94uY?s75iRa;(Mh
zOro-6$G3`GvnqXOA)hPplr_#|@+xz{mqa9=W89B{!3k2LTj$a%xiw9sP6Q=Y)_m%d
zF@=xR5qHtk8xs5h`f5w7DWIz|--u~2XSYXlUy$?$#INXw;~cd8Lj^zGt}St=l5dHn
zJtV^+{*`w!Bi``G^;g{??SoumW=3?FbY_*Bj9;3SwcnAL>+xvHM(OgTC&nWs;a`e&
zb(+C)D{FdCF8PJ;T&7uz>MQ^7r_nYf<@S&9dMVA8t`6ZlKs&96-zo%D&7U`+(sZRS
zS`>>6ygjvWAF;Rk!9dxX7B)@moXU*il;YF@8RWvL+z>K8x0<ON!@>ywn-*v)mY0ap
z3wuW)*q*~pzzw3yTCl%8hoafp>)2Hio-ww3s+A~*(|~yJ=?na-@7z4O_tSaPQTXAR
zKOg1bQA(T}541j6reHwXl7IyV1y@MS_M=+{JbcY9f_J$@>%m(Jp`1`l_|R;+{`>&J
z=k@el!i6UqB=?eC2{v0Cae4No!YudHwwv$i#c?1g6R|e)5XGid7qhau*<pk?Sm0Lh
zDLy$S0aC}DSxYzg7-^R8Oc`}O==&}Ar-UxgR{}{L(oj*E-Mv1px7l??`EZzKe)6Yf
z{Y(j2=E7(TGOyO_f@96RnAfr5FDU%@$$TKS3gLB^iC>Nx^jeEMU$F9<k?|=p%9S7Y
zW4td)4n``2FV~Qc_Np=2j8!I}85$wZ*c-&3<+CQ<36zi~-NK0dMd5jy_(Z}mg8}V!
zXCl4N`4IYjwWctW-d_%JZMk>Yjs~M;<jJpA+JP7(Hz;CoUx$D)iz?C=L}3NX%NK>s
zg_XzQgvT#4xz=?#Y4#S94Ha$PN)F7mu5^U*&=cB79O7m%B#p}P1?asnhkr6_3zA^E
zbPm|2E|IK^T)=k8s3b93XLj1Pjn+H~D<I!2)J=ibv;2HvIFh!KEPwirXJkZheeI=0
z@f+<$$nzOW=h?z5DtQt=!_mtE28$NR8(TGh(pZZcSljd}U%)AOasXnP=bhsze<kk9
z*P^Io3w;&8ZMJ8BqI=LsEDkjabrHgb$tJjN!g5JPR>x0-S~ZHDI?HX?mYZ5m<YSTC
zUwGC+rLD`03On{$n`%)?%on#iR`jZ?OMN2jMoObby}7yH7fh)slz3lNY1i<#Jst0q
zB^^+#^lV$USJUn>qra~(tM?EJZ1zqEm*qE0x4(Ypm$Cp+ri%Ub8?&dS@b}gL8u*eZ
zRA^ZmegspMcICtlv1fKMFcadcjeagb`h3a`+KvqpYG-g~4_EE8LijqUCR9sK{(gv3
zaAp{_@V)BMHqe&sr2LM*(WyX?no>MEP2-1&JFM=XF;@QquF_a^-dVUSSpHQ=BHE&#
zM{vHjwzzA*dm4@blZWfsmMi}ia`e-R3UDfm`&pCQ?DYj+2a7FY=Cq3o@*fRb5?A^l
zD7C4CNYQbKY}k;LM`fPo+rIV2^=XGPH^ft9d!uw|Le-osrNks(72-VUOXn`k3UkiB
z1he1<>CnpL;>kFv%=aO}RfyUzah@J|dMweFFY{d8y+W*-m9gy!VvtmsO(-+)W4Oas
zA)I?Qv!zGy6D1?!g{6<xQ@M<G$$}_cRcH))GvS{NV;BR80r7`Vs2ADzY^1iAZpM<o
z5Fikq;gyhO=N4x|__LJb<ft5~VM+;=g7Pt~0nz)nKjCWk)^{r~_AGYQU`d9Ru4FEr
z<n%+sZ@Pp!UPB_v@n-~BmI$v~mWag75dSd4C2Z7E$uk%YYK2SU#|_|b8Tv*V6ho8U
z2v2oBPyJ!OZ9_;~8k8dLMZzSbeCE8U^kJi6inB}|6yyp&jKFo5BE@F%5jMX*htipr
z<eXYmC_g0?54qHn-0IFtAawFx`PfZh>zZd>mGbF!xkbwHI__!v;z?W*#a#Lioq{q;
z-O-eJ#Wa%8!q)>SLe<n|FxD@7d>qho@^VeW(gLuAiIl}E(`Eg-t^9jRW_c+}E{L#v
z&7Pne*)Kzyrz)u{#l?u<+}!%>tN-L9`J~-#PVE-xEOQT>_wB5(oc`D~x%zNI^U*-d
zDF-nT1<}c+vimjK_&ZcJKHr&a49V%=&Bg<+A|!`aizCYyR?Y*v1hKAY>%nc%qpXN#
zxK{}IU!TBPo*sCH$f+#)b~m>1o(cw{w7j2{UnKDJo4g};y}*QCB;Q#o+5OZuG*S&0
z^Gd++nb`Z1h@86{8Mjzj+KeSyW_$xbAwn75C0lh>*0(KpBNRLaHQO$Hd(1;ym!O{g
z=^ozMy<GNx;c?hq1S$$_yaxsAfylbtgOdM$3BCU!Z0zQpUX%u;X6z_b4j63S7Znqx
z@C*&R`P3IRA0Bp1g@z54qKjb@deRqYL3oJV`i0H|Ocot5H`gA&cwTd8L=U?=&p~BW
z*Qe{45yN{$gB5XlJL+7HdLk_xIiNY9pu?Nmp!|AKyVLfSo=!C^LE+liQPRje2D-7@
zw;m^`|Miy@Z;~s$`wyKQN0edx05UJXZ*CS8rSGgg;x@<R^!@}v$ub;~Pnn9&?^lL3
zr*e?eDtQhEV=GShb=<a{e*}e?Yik}y88s?NY-~TLAC?PBNWs@$ysB*epOa+J($@=%
z@DF7WZG8V<2Y%(_FQxj`@D^|5RS+nJ<(=r{Qi@E11LfnTGoI7e21IONLdP)0#zxXf
zM7E}ihUIRs$?zKrrH43-6#naa(@F*=#s7Td|G%r%{CQ!mobnb~Shc>k&2~Q~<$R>3
z?mIu@^aj$*QDSya2Gw8&vBtV<jn$j2Vt-WZXg#$aXqo=nk5}_C3TAtiHFoP{tR=kh
z@{57uCe1l%FwZp`t<3tg<Bzyd<`<e3i{|fRS<{Z^2riHJpX_Ry+{)RS$XdqaAW#_o
z3<8!tDNRXujMDg&c;m0W6zxT;3|l)5Iwvp@KB0XUM)6ZuUGtS;lV#amz_t4AH6+A(
zzZ+wp32NZ0x6l^98~P5f@kB}Gq`Q&*ZFd?o8a%Qx#h=Q!v~7cv@O6D+i;f^6R8Wzr
zT@LEY4sLA$FGNF^lzsfoywuD7HMQ$b-S2f4<X$`M3_B+C9u6kiRa37EMHM*&n!6jd
zOR<)>Gpd+%F5RtP*;Wo*Hgf;^MZ%S1HfGFhL<n`#nkOVwPbEida<4<q5c)Jn66rDj
zv^g;}u0B!h)it_Jt`1Bd$wA=tbm^}~C!z3ScmE%HGaeOi9F#rw(kfW>nQJ6rj;T~G
zB&k7i%?tq&*@K8*Mvs{m)*7aiz)0CjE@3>Y?Nk>+a{^kYxbAsO8iXQiAh=eX52C)a
zks?ss{+GIh!(wU3VldlTvJlx&9gJ{{+UzE$K{TK5$fo*(y3Qk$%+>LRucJMWH3>x+
za7O4rQ7&=e?-`34S=^CN4zkh^e~XF5PnauZ$&TaQ)vk;XJ^%g;>K+&mp~E~bXgoK{
zTeU!s<U|vVTx50XY%#IlIH?m9=vWY8oq<8Wm|XtyYBa3gYqMQ3fl{j|Z^WE(&J-cm
zC#W27berU<y5D*6?7oOxszT0GXiLN8xPE%ta2v|{N<plR`T*IE+J%!cUuW26Z9z@n
z77yM_S66N7@`-xbd-$nwajr-t?i9@D!p~%L*V?hYTg8t$yFqKUSltPUH?e`)5-oJf
zTl}GUjH?{_6Kuw-z9`~;bbltKUxqttZU-wN);Lu_cqBNM=-PLa0u{#mub(H{e}hZ(
z>kBH(4c2qR->R}4L3ln{!s2#D;&wN~a!UYHe2zv2J@QN$Do|iQq7e_>zv_CAobye5
z-jpN#BaxdnCLCO_>}#^RsYP4I$=k$9?$5Qfmn;(dh*mj9=JuszrCS_l$-nb0y6aca
zUKzzSf--w&FwbXC=`t3~t(<?wM!hxm)m4z_D=9f>A^Mel$f)s)Xf^?Uu-s^8;*K*m
z0TkraZ2hICt`ketPiAt{7_Y7L)7NZu>-GiQO*yqL>dEi%3ocZV_r7$hPAi{O@sVU0
zHbasraaK+_pYyQDi@k$A#fh@W6vaAmKF3T!pF@%SEoe#eT(OpK#JN7AVR+$fAv$#g
z1$`zunh{Ky9*vH-e(Z(~9p6NZ)-<1oYsJ0hr{PY!2!q9yYCHY$iEhLMW&{hCC)eB|
zNHv@u0*~*Opd#>wv9=vnNsmSe?I#d9QKa0u(c39{Dv&wB^g6L3%M#9<{X2~|BvSRx
zbZF{0qOraVr*M4PD?V1a@F^3Wau2GM{}ak}I0o~w;a^{_#HAcoa?^<H3x0o+X)3_W
zSoyfo`TWh8uExg*R%#@w1|IBmm%EpN*BGXD&J;mhLv|D)&g;=<^-3E^W=MGM_c$;`
z1~e65P0u+cknbKjsGvAofjf^}7^Yfi@?MM7ZMvqG>iT`iJ;tvvEwl2q;=wM|ZR>;g
zE$8G>P=(8nI;Yn~X$>SK$KOM*gbQ{h><e)SN2q%##$-s?`Tj7#n09!yEP2Mf$gDHp
zwg!LWTuPUCIu2^GATn80#UF?u&B4of>BnUWBVk0Ng$`>aCcIe6@$-0JEPqEYL6hS(
zck^5HiriQZ;Gj<u(f6)Neas4fe#v+u#6*}LFu=6()lz5dB}qps${Id#Z@oqhY6m_%
zz9<I_>ARMo;`&Dz_Aoocy#h|UeU<|Sf{1Eagxm8=l*)>2mmQJsiOe-*3%_IDC}oRN
zA9B*V`$3JY2G{kosqG2Tif~eobmn&o`iirt-K*yab0Vz2`Z~NKg1!PLHok|w4u+=9
ze4MxH=o%KWzDDU%a$nGP{~<T6HRJAlaC+azEAQY_h82)`AYdURct#;N|C#ZYV$&BK
z_O&FmLVeA|^lHYss_BiiXEn^>h}i;Yh0~KUbwYQ(ZHg4Of_~YQnX#jrOuQ5PG0fX_
zy-y5H-Y?mAvs{=7MlNrjZ5*iDTq>TvmD0PFwK}m<a4wt2dF|*bVG7S+$gp_2M;(hP
zbUMk?`Jvm5^~;!6Tk`@|-ms~BL0+=*FrioXZSbjLMP__|F19!BJxVl^u>8O10(Kn%
zAcWT;s2GS42q(-d1T`PlU5JAZGyMz{>zu+6Ns%5kLZYdN)G&cmL~Izb6&R~oKNR%?
zQgbmo+MiLF$TKudWNru#guhw!8CnHAG)_y;j+6r&F#8_to&2nQ(qC|kp`;)zyd_2b
z_sS<3aXi$;-K4wUW3jYHBoXSEcD7unqbG6Fb{_q+Ea}T$6mPd)R0<CazO2IkF>-C)
zX>O-oylg#6aC`hNosYfM{}sJPKg=NDmw~}&w%j>_g34v0eWk64n9*cHQV$+8edwh;
z<2qRosC}<@arqRTPtUC_#8p_Y_WfGUh&ffeDKac4ZcWNVKZ@Qq_zM2Z^Ujd>1R9Ba
zCmJ4dBbM7nLLXBxX<s!^3&C;8e@A?$EB_XL=yhEWDBYITYNMFQL_X(J1=1hTvDq3)
z;Nm=6g+!2d+Ea^2Gc?X3nIE+gsz0D6_>w4zlw!G6*&oy<HG3*T8w?atCWo+!pI)j<
zuxO8YoK*Fco9iROU(?20Zo4(U!|9t0L{$Y5k*zu~Hf<-NYk`MsmKmE_2^#p8HN|S*
zRpO_Jt5}XQo#ECE(_Okne&37uJwkolJVdAQak}FRf5ad?=MMJNv$AfB%3DHcJQXV2
z-5~Xu1iAq!-#78Dkc&VFru`_mJBBng+k&qZKS1-T{<7(jDwEbeMWV;bO<agSo)pN3
zN>oFl`f0lN@;<(E789dJU~nzzYNYTBw^M=VzO(H_x9P^RY!$sM{M0e(Rj8^brPM;^
zzgX?&#%aIe2s@&VqGd@|zjKg+_A`7@FEn>GgixGbGret37d(mZ%wN)m6jg=S&!inT
z;oY=^Nobo&^O`02nZWOkfv%)nx8V!|4>u>;^a+`V&q}zQ7$~B!_s|ytWCCp43zM-Z
zWF#WLFvJ&6t{Jw?iaTn_G^k8jd3a67m!~;B=L+}l=E(eTsHOb9c)9HpwEee<%*VaP
zA!X9^31PbQ$=X2*sUo$w>3Qow@!f2;^sOtzFesMGkNt9u&~3V#<+)cYLwxC5B=zd+
z`LnmLs;FXrS0Z_7U44UgF=PY}UJ0H*m&S0(zkHW^u{v>MfIj*X=Jql_^mwuxm%UkE
zo=mWNk{iD*TX{b#F@_>zl!?I&@kkS9_`c!WSjvSE?3iJq4ACc;?``)gp)JdS1XFEU
z`=@!6^QBCFSRE4@B{m;B&%@*RP=Ds&<ai)Ph{7nD(KH{}4_Gi&By{ZN6K1qxqzD9b
zbYMII1_m%Nfq~VGfR63`0ReDa@bADT2D~hj6zK7q$M4W$;h`OR22M)=g&5GfO^YKj
zW#~l7V<F15G4R;LVEF_V+WcPOYg+I1@Z(oDIvYRw&Y-@{XZr*{i@FS-o3^XfpHtH@
zl{`DI=yU;_(V7w$b1PKi_fJDgG6VmB_r~@qo_&Jj8YGQj_j}VjsCj4jpL?WU_By+k
zV2}AM8XTT&DMJ5D3Gt439K|XurS9hJzZm&ylohad)?AvfgsA9~KEi<4u5r4*mHPV<
zCD2=R-MT{r&NOhawMT#7f>!ce4$S{DG;u2tIjJhrxI4+>67_bWZn`v&Je&O3{*xz4
zm#Zgc7kW4HtPu&Xy8$?c`gXVl^EIPW`w`adZRAU2Z*ORXf@zKvUC7Z-m+3c{M?P^(
z;}EF`rdli(Upv!GHE=%4x0llin~~M%OQ`F3YyuqqrExSLRS7nQc6+MOzshh42pf3)
z{2Uxr%4RCAJ#oxx15-O4VXjB(tD{*({o_2~!Ha@qn~80EnBrn>r^!+@=l|_v0O$h!
z<C!Pob8{OgrCN@EO8Kd;D%(}GJIDSV=3;K_hmy$pHcyGrd~*5@Z&Weokf!H@2lx=0
zT=6V!=?<<ByOBZgV^6h&cJl^Zv}xZf$r5S*iubfet%V~^S7q&i??n{V{`e~7sdb;>
z3MX1O#n~PiyoM=GFD~iw>Arc0DM6n@aG49sVQ&Ns+RgORS+{ji1+AAErx3qI%>D!S
z4qpQmMQoN{u9n&7Rpk@`-j?`7Nx43&XK!)7mSG#ysm8{6oUw!l=iCnV?a9@%?EZO{
z!9fTsHNT(_2{L<o|5_l0b=TB+P|Kw(75%%9?p3r+WW~^8TIL>}#x&6y__H8E%~@)O
zaYm@$E;LaGa`Hr9(Cr?AKVNVI@AWGiYYm|r?o{|rB9?!F{R-R{TxB+LPsCOHYMlr+
zH`1V(O}NF>r04ZnA;5?P*)&S+nO|wWb87i{VEb!3`F?rND~;Y{!jQg@K?H^H`u?Xo
zTZod1h1=98vK69KA-<LJZ|9@)Cti*O6O#FuWkNRy`n9pJrKv^=dOJPH=5hNiz)$gR
zSWuJSfJSoR;VS416tJ!73nf!h9T?fFrV5@C)yGuM<cFn9f8?yT7n@*dGks0}Gj9ww
zAk=K*kI>bG!7owX|I}J`zyMd{BWCv&%k=w+z5X*zU6}={F$~077R7uM*}@xae5E2q
zlWJ&Gpb?TKJu(hMqZJD?MQA)3_BVC#V8*NG$2;kgUb9CV7}Ot(d{n=|`9&JIY~&~^
zT3SaD@Tg_C)~;R4+nh==(IBd%H8?Mp&zymjuvSB9+2xU-qE^M(tX9bAvT=-qGq~m*
zY&-FJ*rBEMhO8W-(iS7dB|Ms|^g+@LE;Z2NT%R_n3TB-o1uN6@WA`t2PgaC+ZIfx8
zK9%L~yj5G&mQ@xZVoY`#iE<(#&@Yvc!#ujgI<nnyp{x3qJmaf(NHU%1mNiW^^<_#=
zR&?l~E&b`0#7Po8W&bDP*FMoaK4~7MSnfWwqDrQsJtuD~#dv30lo~IS%o7iyZAlZM
zxD(O7@>?0S-hJl0&Z>?yV0LBXqe`O#n$oD=>#5lMIyz$w18xfa!ZSK8<+P{L_FuMI
z5|x=x>v1_SpQcs61{^t@3ngQi=C=*-nhdXoHe#rcOA+k?dlVXvnSBpGyrge5vGTb_
zvYZ_j^OJc|HryKRwn)2$r&sMU{ac&_YB5whL+J3EM@>;bDZ`#0TFFb|XLHqJrNL+~
z_QFvi`Y^qMU2Z-VthS+bE^p&)Kt$U|t@Rsh1=eqo4<@jiq`=ogB18`iCB`LO;YIl~
zC&Y}kVCP@eGAr*vW_9GAeZa2t7G)-4`9$-+`2Dx)wfPh)nK+Wpb<5neT|Ap{=#F^}
zh{7oQjF<AO-NNlDxoO7;v=T>=3UfvUKHM+m%gxd=BD2%1y&}p|@9gdIhB#fao6q<4
z(9dH*)ht|XAsP1mwJWujDC)lM^hR^OOF!_1^Pl~Z&uaCid}2^pFDLPgm0lLD)9AA-
zDKzX*i>=;IK5QnOS6ByOgxUbj8Jfnm7Dw8vj9v4!m4iy=dQ=>*ij>iF>TAYIBf7y@
zA<=U5v+eo?YZ1&9i{IbH^=HxZ)9l)8AkMnjhVE=(n&*Z;l;v>zgRKwO7_cZy(Dsnv
z@%GMFd42p91x#=PeSaUq78G8|xj+5fFTf{U@B<XynLGi*lQrTmY%O3{vxj0WoswnH
z^17iCUPujbpZlEQr6Fr7HePl#<QO#Af6%Pjv=D1RVdN`BOnKGQW_x`zVwg2Doa^V;
zrv!fc+P^uG!BJRG)A}3Ri#VL}Ei-!s<aNF8r;ZhH4yj_3;&;78hdS_k=BZ~q4pWdD
zHj|bX@8oxe3$0(;<cG7ENDiT;Bt~#MOvg*+HKjqXDAihSy<GjOL7?-V)3=9xC!1Sm
zE>)m$<?*q1<T6(;DR+x#{;Xxe$n=z{_m9gdK}nPek^NoJR#Gpx)XXRnz`N>Q-;Ab|
zrx5LE-~xtRVVaf?x5<FbMFu+eqPiHZz4<o&>lkANns|{H@3w5iU%;U3cc;5o8?ZK<
z+wXITe0L)TzYOc!T0gKACRtI(Ni<CQOJKszZqDz?7umQ@V+Y1<ZtXbZG42T7G@>q{
zyH(uVeiF|m$6w&L%ZmVWdd1$ek#`gNzx_O%V>S20TID>WH_#n=UP7N*C_HL=Om%Z`
z(RE>p?7_NY;O~62#zJl>Q$OLdGi&nQVFby1hQr$4qqe<!+S=NP<WdEy?7mITv!<h{
z4&I+7LBBP)`yfNP(~`$_Z@LnWb1zDty1uftQV5uV+2&i8QnK(^Tq4|4tyv?6{>Z`+
zsYAY9QFYV0M+C7+!+N|y_$2@B{{%1v{s+%+!A^w8UOtirP&fcb0S>MQsTc(w7ccPg
zUws${-~z?L{h$z|cqnUHBXIHkH6`FjM#q0NC4ki-p-00*{_+A4f%n4zZYLc~bqxFm
zm4llTIQmf>MvKAyuQ-fb19lXFN&xfiz($9aXM$+Z|GFXoq)u1@3OX4qFar@F0|2fG
zk7}@7G<3p8Em*VaDE2}=0$`iK;s_#wp`xK<J@5d~0ofKn^|S+y;CUc%`XF%gKFYZs
zcK{qtS$OV8?1jhycozV?O~&R8Cy+fl^g?|{#i!*>9AcA?*Ad+IN5j3NuB)SlGg`^_
z1$9ABu<1Th|LkZ8%<yQ<Q&q|_MH`#1(M@R#8d!ht1zR%BHFkyyms8g=0#+B_La=Lo
zce<r++jyJ3{vv|dt1ymZc>CoFH_r^mF%^xkux1bHQD>q3@6yif!8qcva7@bcuhtB3
zP=Ihl{v&GR0DK!B;3f(W$1@JVE&(u*AV=YW0IwmBG!9g5Rv<D!H2i%)YOsr8z(V5D
zA_53jZ78Zc3gG<kpxCP&#HM^u>?y#*ibk;ip=_XV0GdG#;AYK&XtB9Cwf-UAa@!(J
zK5{k?c!0lUf|wrUe|#!{Snh8?fW40afem3}!&pmEP+>Tu*dh-uV(bV!k4icp7?UID
zAO0+G{s%D~A_p%(t@S{}1ETbgcUbfLKu|a;w5r}QOP<##bxSI%`QrEwyq|!PY>~*`
zNu0wQ)vC{)O^jz%ad(?ZyhLkN4CKU<yY&v!rM6FM5gR>u8oqTeVi39b@o@B-Z13{d
zJ0v&qc)z`k1Q~i<iT4KQ0ae>e@h~O3+u0p8gVH8u`;3SPKVlQ<XM}lA7MZS_hcH^+
zgBCa97zHMF{DFt%3qHNo<2MKM{x>U{9r);KPN2WU8dMHIwg`;Bk>CaXu>sX1;NKw$
z%NxW-{?BvqAprFExp@5IfLn(fI-tS?Lh<n5eeVZiYo720@x#O59gyf?E15)hz<GIq
zbMZXzXK1l_HU15T7t-`!0!^haU<&eJ&_Te#`$*^cFY@!l=XvDO07}M(*dTE5!Z;?t
zc)-OU`OkLn9I);gWZ%c_M~Nc`Ol=lf4uOLY1|N+GypIp^_(;IA698c&OTM;bhwfBh
zfX%f1&P>hznj_Hywd`%Oms0j8Hrpu^ktmrAkd#~#9<xz1it0G7_s90_pI(Byncg)=
zs7ZNmveI*Ybyy_ijm^gh<Mo~kj)NqAT0(#8jC=lx{9Jc*p^oDtwA^LtyYBdP6y@YD
z-G9f=xvlr;_<%`(Q!arP#~<rbgg@`M2xo$47-^~PLJW*I5kv|7%H-Er=(JQ(6!(&+
zC^!JcGqhMp?j{-gi{d`<x9WSO9SOPZ*H31y+v?R$uGFV2OwaVDxVDsyx7#_qGU_t>
zW%>AfQmP3;pePk`LON4AKHf8}UV%Mj3;3UGa(YyHUT7pbhQ~fVHbvWClwQKoCoCy>
z9p~rtA-BiEkaZy*y4%+)ftW(<UGv?@U>pCPG)s8AGU-){6>B68>eFrZGu*(Oz@hOJ
zmefIbYl}Vnk1`h8EH6<nZSYzdy|}BP>P->JJ{TLhaMg$nrf%?Hmf=;kXOeGGlZ6r6
zcgmS^#cepwTR6g>rv>2EBEffjkjDMQ1W<ao1_^iK+P`>RK!trac5Jf1Mf~Z#9&FX|
z@1=9$rwgoxMRO3!)fzeWKT(676ejSuaza93v;x95{#~6(Zg5wlqI>(|T0cg)ltKbE
z9co^)aP4)QE*7exqm=7w$e9J)_B|oTjr7VL+~?N~ENZbVTjqy!!6OJD6J%W@NLMb@
z2*>c~7BZuHKxd~KRpz%OvSc!2_hOsiH4F-?Q>inB3>mYM0#u`-=_%U+1-!c%ulDfG
zH<-OxXzfdzEJ%JcD>~9)bs4cSR^fe1OnJXS;9)au{_eDn28w0MW9yE5%HXO_a64JS
zbK!%C;r`AhC6oBugs(1zis`p!_BID?@6@q+nX)Jh>Y*uO>=&fm$+@|2>%5E9zj<Zc
z(XHZ+luy0yu6%VL7IuOEQ$*^vPO}wW|0u6i<6DnNFkM0rX!Yv*<jXNIQi+~x#~Mvu
zC5WU%J9fA?%h%QAsm&~t%*x)UohG5G(Bz9sEdf**(Yp;s&ECFYqY@FAe2fgj?{obM
zovb@@MLXyiXW~nR&zNiQLE65w6LjI;Bjqui*)dTm8$K9<hX7R_LtnEGQMJ;g%q#sG
zL<(HyctT;iQj49rUQACNrCf`#P_<|*`sZu>O-6JPI%S>&0Yhg*qt{QLj1qfkTfk3F
zt@=_b&aoKHAL%I7Ji+^28~k&azz}CO1M!A3^9l5_?n2QwG<rwEtBUwD6yNg9__#W?
zHBhw&p`4$H^2_di@j9~xDK}viL)+KYj1S*z=UC2E`^t9C-e*(OV_2AU*JnsC>rt3X
zs(3d#6j~d^=I=4=y*YecEnuiJW#*oRbc4;-gY@n2b;HNb$t??}bv7NA=)#!rcssaW
z?RRR>FFVE&twwPyUq8b|FCRms5iv;ZUlq*aXnaSc3gYCePLESQ=n)M=uOx`AiA-8*
zaO=8s1k1}%)N9sjGF_~s^^aw}%$i%dvHR(FLotREis7A`s-AxG#Qv>6#`FTI+z+bg
z8)beG*h{wSP>%%jIlUPlLJ3$mzQ*oT98Z-+=$Tj#+c3p_nuc1@=-ifcRc)v+Yjr)<
zmLIlu(5M6fA*a`qGCHfs*Ol{*1q(#VSu)dB?uh3z*t1>6bw9>2;cUzePZ!paQo5Hi
zSi-gFrPw-4G71t_I6UAb3@XYQ##O)UqRL&;{b?`$fmak#dQ1%itmaWv>l{unR#cWx
zpz@#5IisH*q{jz^<5|3nlJ43x>KGTSnjt-<)b?+|Q4%HoUE5m^FF~Wp^(xE0R-)sa
zkX2ZtF!@-*`N?;&&hDHwjJ)iCN;>YYFkJylI9>~%1RL%jrF%*DC+UCGrpD?1WD=1N
z8{8ia3hgv_-eyX5+_v{fBGtg2e^>ebOc4rcF1)v<xueg6j1vTqJjwHQOrZ?`TS}5_
zHm@vxx^?};Fsi%hDdRVSG=5(XuVlh1T@xvVD<h~(GYi5M!P)yFRnTRKuUtOXD8FOZ
z$xA4g$ol2dQ404L40gLTkf&Oz9+?s$w>IEH_Ug?>Raq~d+PJaMWj5_+uHmNFlV79*
z@m#Ej$whwN0!@maj2ufN1EG~XU`Mul!c#}wHfk)%owuHcFOy_oAH$E_jrpkeZa1&Q
zF4|$Qa*2!Qqr++rDDwwphW;klM<LNad`<v{@WRLf|C3+=$q~n2%@H{gpfdtoqX41N
ze}K+t8i)~A7zZT72cQFFE)Ez@G{_z80YE)w*Mk@!y8;$id=Cnv|3;yJ%!uQ!&WHy4
z!+&%}+!09M{$^NM^nWt!|06GY_&|>t_8)x_tSt(J{iq%SQfrda(?|Uf`-8S9C?4bs
z&;E!!AJVHc6`CA8|6ef@2VkIehxXu`+B};LVnl;#l`obKXVx&~I2qaL9F4rg2JegS
zUe3>a_kd3uZ4%bgJ)2j$*e7&642O<RB;gu8U1+k;90;Lk@v)ApmUcY2V9-}dO4X<d
z2yU<8Jj}e6iOuottS@CEF{&skY<hPhGKlWL;IQrBOa{JbgWPtHwxguM58YJ+8HLpt
zpwVFb=!qWEJ~w&!@$)83Ee?ba`d8%ifI=Y<ei(Yff1(0#jX40p(<1-{_{1FikG5t1
z2ljl={15Emhdhvn-C)po&=VL#2I$2<F#(SIuayBmA8@9>)?}C;KKzF^oCZ^g13iUJ
z!$7!?m<N>uU@kuZS=9s(G3@&Q3Mm5rUpF!Y;HEzOIuHT`pdN1_3&B7mAa;ZY9`Xpt
z=Ye&M4wFqL!hYEEsN;gL|N9;POUMO*0UTn=hq%0Y2Z~3Bwhf<I?X(wCwh!}!Y)){h
zl!cEhZc0L#cz)V1;VhW1$CO~+{<1h(<h@U`MZ&QVORCws>7)`Mx{;miGDsTnG(Gri
zm}ew+wpRFIMSq)Kc@v~AG`+$BW2JxgRWttn9GPH)fFQlJv5wf_%V%*{wO_&G4p8S3
zNjbax{O`xa=yb=GcNk@DhxD+zk03k}_D7ocKP+!<KCXXj(ZE+e2G$0s5O(foz<7ua
z8L+_vZ16l_Qg)bVGe{Ely7KSCB8C7s(oKE_xxw19Ku^&BDQH93n<v+h4dG!qB|xCi
zmJk7Vi!tyW3Ohe=8vX}3N`nch)%+Ka8p9@MK?DdK0GbCpJb<hHU0}py|BVX?0)ztw
z&yL3a5RZpSHzI`Nk<D!fyx{m76qZULDEtFpYy@D>Lr@-$DM%*5M*vnW4}!X8s}7J6
z8kC#veZWpMm0P1j$L5hqRYeZILdH~HbR4Oj&qC8&OS2Wjh49m^Kb!YMXsXnzJiGg1
zmF~+z=>u*c&Hcsv61>i5FkFM7YMrnqiEB2ig_r2$U%h)vLN)-0h3j!uaKg;<4+DDe
zSV7fEGRP`N?5Tf-+_6%lvqPG19iHcC{Xr(Y)VC>ri~yM90dfB`T|poKN}sIy=fOaM
zZ~*rk_|5>;9u>mD3%q_L*t5d`zK<QuuKnM853H*n?ma%o!~fsIMD?F2ay+u>fe6Gl
zfzX@zGeBhUC=hnw0emFW(*SKhRTxG#5jnskgXIJ3F#-t3ze|b#ImaWBo(^~~FdbzR
zu|EY)@c-x)f#ZSs#~yeS<ZmQc+y8w$fIWXB0fAAKq5w}5B$Wf530keIXGbOj4mbk1
zxV9u*MZ(slN@$<nn1eZ_ZF<rZQT06St7}s2|J;0?6k2-O9-RtCQqObuJJ)iLa}4_#
z8@H@m(as(}gG}@(P~q24!=Dtk-T`dOETP;+u`XyGUyn7cIu7j<LylgqyMy}rQ|E;2
z+^b5GVmMD^8p;+X{GeJ6KMX4i__Zt=J`KqePY-%lo{xsSjw@NhvqT`fcCBLzFbZ^d
zidnDbh~3S@KAf&>=g>i4G|WP5>9%bc>8L23VgA*?Qd;#Z$<lX*tO(O|SJTi_Q>?j2
z*Tw9rncxc33cH%rlFiB9;O<oVHo1M!aK;w)R-LfXP*)$K3_J8}rIT48`x%{pQ9C^j
zOZsQ8OesUgvMh4GnX<kgDZ4K3Rhp$-#f)n+WxipbJ08x~y{17z3G@;z*x+H}V7FHS
z@1pEkB{h;6(m`EB1Cm{7DYP^Ob4GcpSHmy$s9B*!W;niBs#jd7q%wj8b5=>>pL7!u
ztDeO8Ejn<J^Ory^?F2w0hp4T5@Fa$tfwb4Qel_;*PHN_ZAats!h!S4t7eW>eiAWnh
zKeE+yZL|F7T)h0Tw2F3*WlX>7%Akou%#hTqQeWb#?{py4k(meYghY>0?fsxS^_jd4
zre_kjCPiREV<AbcPuzR<A{mPkf6g6^2kV2hPv8qg3{x5Cys}$(+&*M1&G{n8<xa_a
zMoC+6`yQ)T*|6AxtHglVE(y{L3IE{9qZA_xxfiB0?@FyId|qYU1vk&P`PS@Z2ACxV
z`Zh?Ctlm(OY44)}4t5jifoVa@*ov;{)M&?hH174cW3|;%3MtMGhz;`AxRPV)m|uuL
zepVGUV@mabej@IcQQvs}WJ5Dtqu~{q)Ns80wvlvH-Nq!H4zy`b8T<WuV{Yl-PfI5H
z#SY73K3zJV4~>eik@kAp@mJOBJMG!9?uDf74)D0EMb^uURT;Zg<RrF8;f0XD)N&<-
zCf|-<Rr-y-*Bz?BuR27R&H~{dC)d-~m}5}fhV!I_Lg|F)Lp5#;V}%(-7-dBbHR&3e
z;`@~ZB}w_w!-$!DowGt+hIQE4sx;e~Xcx6q&(MF;U|#wxkM#-@bh}YVCG9cBx9Uf7
z|J;U|kNt`It&ud}t5p{#^^}8wRopS4ylhqY^IqFHBj-<71TK?K%82j2^KF-J;7ue$
zY~ki!xI$fMJc8N?u33BJ%Zqd|2i$I>eIVXQgh+??@$Y*|3imA7Ukq^nIKg(zO{~>G
zb`)Y7{~X_XbPe@sH5Iqc@qGJMi!I{Y>hrF-QYQQx*~MsDd}F3x+ct~(i8ZO|VI$ht
zqUfSMWxcvWlXjSE4oNROqQJgPigI~gXHu!LBmGePviJCInP+ckgrsuF{K_lQQ>fim
z-BGSZm!AxL`8*+IS3>E=iy2~{g96DJPI$xUi2Obrj1?5;>o+>V?Trc6*k<$WGI%-I
zJi8Vcdhd$=WwzI~2XoAQ0UJB~-EeFc4l?aisF)L0>hlYZG0JfX$t0?0nt5_P-e?MJ
zoz&sb=%)A6dbr{H^Ahl4tG-uy2;Qr;MTMTAs?8I5m$HQZnLRhrLMj;>nz)OC1p&<6
zK%vDsvZ+0xZ45u=?kO7ov*Rl*o}#tOGagmsDgm-z*XD&(4$~-;soioL<Zn(t8D_qw
z6uP-yEOAqt4oOfQrA*>Xlw4j=Wn?niYkCn3Wu}<-)iK^ad+rKnOgN6^>)0lClP?pc
zxMOtSOWUm?N_WW#euaW-IyZzxyl7GdrI&CrzF_OT9r3-kpkmCCNbu$-8O-97f9Wxn
zkce~3OLrF2xypeffuz>r!vt>}B_hJmS-^?7xdX0)OYq>zLY{+D7+BabX!UhEOvjKl
z4Mm^^85;^x6XO(w&%bc46Fr=?!TYUrsA|mZJTbi=Dj7lV)EXS2NPV-sdKN@#8gg%H
zb1FiFiLe;o$vH{v)Y_8B{`=b$=M@UgFS#B<%POBi<4tN>R}ZaQEXmyB&WG%VPyAm#
zSwIDt`#(tqNZkLHhEX99J|H9UJz@+3AO!*&{}zV<pa^UMFzg=}TY(4fTI|1KvJXRl
z0ihTIg!>`?xg$Sd8FiS`XV7Co60i_6`vSs$(2(K6qi{l=K{$cj1Yizq2#@-|m_rI_
z1cn2=3uvA{fDSwe=R<k!f8|gZd?etGdz=YC6HcJT4rD+WUB|-)P~Lvf|Fc&kf}2<8
zK>pzmyG%{ML@=E}fIs6ffr#2X@dXqM4<j-IJ0eW(HAk9(A&AhDWlJ4MK=RkGH>!dG
zR@rVN1=4$hyD$AcjyRNWa8Iu23fb;2b!0bbE91Xi4s8c|tDfz>Q|PmGJ3t+cmo1u}
z%<e0yhr$W`p8K4)dyaR~>5#0V)E^&tD1Tsth3&dAKV*74eNyKort{mxEyIHy|6`#<
ze|UUJB@{l-9`x(+`@;CAL70f_fbXvCG$`+ZY{1qm^c7T!)I9ncEUynUHUVQI19zUE
zr`gE_4DfoYwHF;pdBOhMI+(vcAl0A!YJ2q~y9LdhR?M)9A-WJ0{USa~Hr^7b_8%Fx
zEHu&~`7<ENGAFxQZH;8CE>~i-Xblk)7K}gr*zlYlRDC2cSG@w7t2CgiqH+^*yDAXk
zK)0!%D}U>as^jVWYe@=Z&AS(@_HsQtp{9Ga@8=WfC+UuKMmwch_ZLVgl=oVMlUZn-
zZuO21F*oc6Rb811OQlvN26kEF3m3O@+<;TomhlaW+uDzWw)2|YqDIm~^;4;r0tA_M
z)%wOUz&bDZ&euaZ_xlcdbuP!1f&&eO^y}jfmuCc--`0#5gToyX5^JhZ0}(PbVsG7Q
z2uQM_uV;CkhOX(}FLNBcE;BIvEx&VqJr5qBH50~YbLzCs;$urVDMB2(w!jh@;&FP$
zrZ-q{KAcQVggFv!B_}sA16q1&wk784BL1C&P5f0kwhnjn*LOHk4gH)&G$_P0bM=#{
z9$^j)Kd4WBerP6$v#4)`>vG=e8hc)kDNK}w2$kndf6<C)J5`CbERs}e*<b@SUhYJ~
zerLxv`&tX99cxykUmZ{uSEhp%4(b}R(MwVSGmXvltUoQuItnxOxSHE3<1X6JqPLdx
zeqbO<`)cmeSHHSf$EEf*SA}+xbe;)^CFa+Yaf=)KmL~?ik{CLyFY=hCKDV8=muB9F
zBSXK8W?7K*8?}`3)n&rJ{Fw`BphkHoJn#fVh)ETxZq4cH`Qc`AvZSu60xrH^J`1xD
zK|M*%WPxY#4+ZH^e$?S9WAo{-im9J`w<M@OPs+{Z@dJ+ihy=O|<0O9X<frRPv11eW
zd_uPSyz4ok|H68&Bs&?l6Ht-CyM6IC((VANU}UL-I~}-N0{U1fnniNEY&E6@GbTP3
z!ukMFXX2-R`8860%6x|-|1&48y2{hvdG<oxO2eZac;bR@YOQhVyu%@9b+2sEX1e;E
zqf+$~d#EPsv-;OhXohg2%~GF?*cp}UQ_ZHJH*H<O88Q$DiBITEt)w(_PzITBD$P#8
z8i&C6Q1UM>!7}?HrYS6EqgkApXk~5{AIrQ{+?>B|8TFC6ZAdum26d~nX?ki2D!e}1
z4*Zh6>P+<plV(z|X`fD2?DKW!wrBZb;vkq3<t$epZT&Q1O~KbpMOQ5#{a8JJbnq+%
zSxr4|=SzBNU|kbI$)w7Mp`py(4jeoqxOt!HR4C>PQcB2}(RDSijP*O_9)avD4(sge
zD^+S%C20{Q-|U4%pz3L786@nrV*Q@A=ZtQX!lYcDYs@-AXQJmOX1^5YNAFNhj7v))
zuCbc)N#6UiUL1V1{)`=;1hK?@^OrHIs5K^gvi+c9XaIfpb!W${=1Ve~_d7?3j92<7
z>@4!yp-xfXc-ED4K4K|<8aKWD_G`mmOygE1Gp}0ts<5aIS>>_<m}b-vxo00&H!wL%
zU@Zo80Q4-uipaoH5@@YGEG1zBmS8X*7qI;}X9I5K5N=?t1GLv3*OnrosH89iYw%;A
zLk#9?1&;b>CHdS6{O^p;4WtHO{(6|v5h0D5Fuec}IU)pTz&%XlPauEWQx826T^lgj
z<NOWJ^SFM5S-%DoKCI}KV5k;2;O3$U@OILJVR)=L4iV7Fdsr{Rr2E0bf2VffJv;(1
z_5m;^OfClp``=a{1ZZ77HU%L(K>HD>2t4$%#FB{!5P<E61rLmE0{j%Xq;m`+GgNEH
zk(2|oW1l%Rmo}fq&cw%Vs!%kL8qGYPA({fyX&3jU$8)8dOFG8+^_HJ+7*Hl`s2G2p
zBrULyo-Dq&wkf>+m75cn@l76Bgp?JT5meU)mF=Wp3t0AjZnpohV_(KULU<6u2YV6O
zc%X>SY>SJnHe#03k1x&YL)5V{6$K4D$etVi{>jPgL$Hcy(B!p2azvxdH|iIY%iI~g
z>%`>aC5&rXXKNa%4a7~t@oaPZ9Mi-4g!Zdl%Fp!Crqlb_BeXE4iBpx%1e(}K!CNIP
zYsw4a1;ml{t}E@aYvRGac+n@?0*H?8YJ%I(IwgP1Oi3s2Qw2A^LaidLS388RF6(?i
z`UTIez|Hkt0=6!6p3W_W9DaOdh{BavNzx7LCq#E%CB6<!tK8wVjq_rxMv=_1fU|<>
zBWXo`sPaxc)>`ey-eB%D!(y}0S{buUbzjMu7Omume%7(?TX2*M<)Y9cR}s(%gtdH@
z`Qb2f`z_NbX;sA9d1e0ycb6Ng7?Qx>m=%wU4i_uJ>8w?vp6vOtVHl<^C_DCSbT-l$
zD`z4bZyPPKlggjTJ@lA-tDWAe{>6;q&tDO9Le-@5NF*Y#@F#<|i700}XxDxVG~@iG
zrJpsm;N#;J8TvHl>N28GH;{J|$>iX090+J)xD0~%LYu-&g0r$DP%-JD*6isr?^Z}w
zMN6}U{3$M3XhLmPAcx21jp0dUk`$WPLEjX;1WltbH=Q-HYF6WXF={1U7FP?kDK?&Y
zfk{j%3{|%&J}4ZL8?>sZo>mO!=GVoD^<#dQ>yA!|k2Lg@VAzTrDki`@`&4HC;yz)t
zN9;%AkXc0Uq9MZ_SCN4zl&a8rK2U$?yVa&2O7tugLyp-310VGY_YI1ZsXBrqIbT>n
zC_<^T=NRFL^X=V~R7l}e$e3zy{fosvAuipVcGw!Vt3|$99xHT+D<@S@l$u1;up5L%
z<DlNEn91kaHfs~K+{c4<eu9bbj@_z#qQ)`Ucd%Yi)~@Zig(Fp|FvN&ywjZQ2j(Hgv
zAQKlA6m1`1?q79$z@Fidpm#xTJ9wdafrr+UMD#do5Ivg5{!<g-WB(u22y?MR5<`Um
zma@QjoJeROJOFqE1_0U~W)Ywh`Y`_40(z~G2cy{s^av1}*<d<3I9RZpR77cDq5#So
zK+y#K(cJd2x|=W#Cj09>ivR%%EiIsb+NTg+V4?z?WB=Bxc-8*Jj;=7(5o~;zU=Gfc
z2a*9b0R-sT{vYrNd`zIW3lvXy0fqno9fA4a@dw8t4`#B;5pT<IfPo7PJYe8Azbzve
z`-}^;YyVRc;sjWsKvC$~82BkHM}Zy{W|xB_@-Q*sM65VH1qNaBiW89(6&ddXX8yPA
z&B@Qj3;7S&20G^tC9r=RwvfLKTL`fIFkd~kYhi3<IE3(jJGIaf0PE3mgZ(dcbZ=fM
zxP88C^8WH14TrUsDg-Pp_-Z?ud@kerbG?hBikPJ(dubNjXs%rkozyDj9D$1t_6}F!
zHfj@L!S91_?P#1R`uD?Xn|KFWz{NpbyR5CtQv8@T<2=Z3H_Yjkd2$ZBWnb{D@itEI
zR9&{68dtlcj;llOJ6l9)c!`Z{oW3>wL}{E}uBiS=J?G9-sd0$XXt=yLW_e!Rq2`NK
zfW6>TFT3Z9Wip|&QWlsXw-o5FzE3`2bj0!8t7XrnF(BW0oP?*_nsOhOXSP(H_hF~r
zXZlw*LD6c}ck^7|CFH6Nc;<$5XZ3^?L59{)S(Juac$hu3pe-hu(xu(tFnL8>*yd$9
z!AIt6?5cOiUlYIWlEno~7^&&ts~Kw)G9#IlAb-8duWBs7RQ!VI@#M8c*s#j+{M2$w
zBQhoGaRF7kevld2GlVeLcc@H12FET6Qj$?xb>R^VXLEnIPK9PkIRE)-VY0{M(9hqP
zUMt#Jh_di)11ghew<oaB!qKVYxsZykUV}3MFA1;66eF&Jz6#64NwSSX>-DYwW*U_m
zZ2d~*76&gHe1mN(Rgge{;dgd^ju&1ki&>3y(IO4EV5P^ZPUF1IFR#L~$^K(Ec<D)N
zTCAC!gGw^VdG0MyzV*fmS#t#ib{AE8lORTo=J06C8|X)G8DHVL^dJ&XC)QK}j<wKp
ze9$bZ84?@j-Y7p)Z$)^b6UPrca<ceVwKI67<!?!jaCa37OEt;XVIg;^p_Y|kPcql^
zz`MW`8})&FGGqrCKZ76oRIDPhJFM~GjqUp+6Ot$)2`NphW|YI{#oG+*Z(mD$YGjbb
zwy@U5nn4GYn3~FF{2IXF_(Y$GHRm&0nN*zK4ObL*hOXIHR0`sK=R8!4QI)@FS)@p^
zfH(gmP`dzEOIrLpWbB(CY8SR8noNS<CSx>*l&+RC*LrpMvyTiq?^sp0I8~iugcTg+
zst!!X3)v{d8T$ijsrq_jBz9zsbR}AhzB3$rL2iP&J(rTCr=A(*ySMqw$!6sw7)J)0
zjkN#DmCcLIb;$Wd_ucwnyoC<iW=FYY=+~R%5^`}Tg_IoLiJy(PQa}4UR<tN3o?{-9
zwtG8cyg?6}&R|u!do%y#)WAiq?*54XNH7#MX(01bEVyTT+$CI|5Q<h_H!eJo{c2lQ
zM*I~yv{hWO#aZCSOVFlw5s6YFEmO4N%>;ZPfl(&&Qr!)bS4ZKBwcnP<;j$=i==rZe
zu9R|fR5E*>#B{VJk(yR-1hRoe$>POOVkf*B0l_I@w<4lrX`F@ADvQgAQq=Y9jdVt&
zUfRrJxU-<ZLQ2ipCt0F4>5a75O5;{<c#<wSp<}-@m>jOksk3Zpd>q~^%PJO2Q))8_
zOj(toZ)$Gp`3qUQE6R@B`#S}GdvQt8viR*jb+)v*25BX2*J4am!HWS0W_2JbE=?2}
zTV>aZqrLWnu$bz?qt-j{<?E=9(|OAqb&BjPYd<y>3L|WXXllizkGJD^nhYV-VqP~p
zC@LVim6?7L(geeVakoz)Oe=ay9mqz@lw7%-a97P&ze5F=ep%wg>&z&`lzU`+?MC^G
zDBZJDMsw{ScW_T|<ddUJyalSkD6^<obHZYa4u+i+;NX+|m&*$W1oA(P4!}$hU_ptX
zLV$iCF#f4R0F6QjF#gFSd;oIgdu&Rv!yd8ea1o%A0h)wj2tbeUA&uZYI(q-Fx&dHx
z{-0mWL3}v;Z*Qsu=N=hISwOSzu@+HZ`=8Df3~Bc9qrxU_!OZADOYv_mfjuk1`HNp4
zdVmi}1Oez61~@%6gQdxk;YIM~5CMZ27$nWSIiwMJh!DV8ut$)L2nH*~!G<{`JV$NT
zOd<kA0dZOeDw=>e=ji>8MV42aLz$2RC30*MQBrLb#{eq+)2LdsNEq~J<inEd%(=L1
z8t0*5=e3o9D|7s2HBrZjTIoTtg6T79{=i0{;@+8L=fb>aD+?~^7ip_{4zDC^9MfNs
zN_hF^qz|S>@jcSw;&t35*gvVA(vz@$A+n<c>O7`v=Z|*am#iO&_I#KQMGwod+qcy)
z%JX%Fk#^o0T>jYk$}`5O`;QuzKF4X}@7ktUzVZsurjZXz5Vx<DP)HZdFnpRC?|f~e
zyqo6NTFY@&9`R0DE{{zfD|^3@V6WYysBKcX5;fYl#7Nzm2&XLsw6N_^q}M&#YPy6N
z2Zc8-XcQ=jnebP=4Rj2G=9lU=ROb`9T1$X))vC9w_vr0Tkr5gf-zjD|Ow)T@Rmsj^
z=1yVaMXg?DUuEmH(yLf%fCQ;PohLp^4H-n0ghC@Xn+3IRoS&zt575G_=P*n@uo;9^
zbZH3jVVj@XzAMWjk*R!b#_y$uY!$B51RauMCyO%D{(8XaLf~}F86jUYXEj?kHMjOO
zGg$EKHpqzRwqCDeg2+j#Ot&kK(-PB^^lY!Dndj_hwwM8jspC3^B&z_)$I1<-+VM(c
z=x*T0B*u)Hy@PgM=i>%>WK}lMPLS}o$W`tjeVebQCoAJpx9kK-8rO;}n#DPGpP*Ng
z({`Et&sSe|e7HFNboT3NGIqMEfn^LmEUn<HEh3StQ(%ASoaKyJ40*szL$u-B0sMDe
zIBM<9R6h1yg>7c_xvXKEtC6mFsHM%PLHu&=rsDEep&YGKrKNeLTb<#uInhBgl2e)D
zxQ0LFWlkgE6ll{(z(E_O0ZQ-HhBTmD;BVT-$tO7exwWYE0v2rBpVoNoSu_huw-L@H
z?^+4&+OeO-qR3+>dV2OIy+~d3UIed3Xm%?F?d|BO&{mp&d48fyRUPS$6ssH*{Vr-?
z{`HBwP)3Vf$;B$H+Np+w<mYsnh{FJ%I@5em9i2iRRwzrvMVEt-T{c^fcQHM5>%jIr
z6L;69Nhqp7cY+`%_e*Lw){CY4$k+io7@p%TZd}BHOUzN?u37w*_KTnXa{gbezyAVm
z6KN-VFtx<V^WR8l!QzD0|6g0z9Z&W5#xoK^M)tM2w-9%ailj0s*+~dRX_y)HZCs=j
z6{%dIQd-KYj7kexDWf4-iHfMCq|NX7TqXD1pV!MD-kvi)&w0-CJm;L}JjVkUv0$Lz
z@6cPb?%Kx4@^c>Sr%$}A2R6%U_<iyyl2mnzV66_TF1;pb^li3Fv+}4!TlF@TOP^(z
zZ!_Eap!tT~$D?1JDvW2If4iFN@2YT<X#MfsSVY#i;|5u>Fx^!Ai=#AWa%`3*m}*P4
z@Dk3Qxi|@qfsp#N;+DC%3~Y1Gb>sB;V`php$+}H08kF|iuchr5O1MhPXe707l1SZn
z*!lB7PG(Q@rbJQMl;c^s-IwwX*5%B8RD3b)K>Up*8K-P)6vN)<Jng6aw)V_&bB<9M
zwK8fEC{*NZ2w(l>`|%UMhw1(08^i8N`NOW9QGYw<%XJ0S!g(%}4zLTGcHgb5%9GXp
zf$w99xIVS(zJ4O_38%05iGSGI4Uv7ZQ3pN!3yEPDKOD#_SpWTNTGlOt|8z^}xj6y*
zb#m-Hl$@^`E_ca>ho-;JiF;LP<@Y7}xQ5c+3;PQ)ioOnsK7HQRVP;W&V*#g5VX}?c
zGSTkUQL-GTLXuIuWdG&Lv+UB0>`L|T?{QB_g|v}SrR$SY&(wL%IOZwRlJs(NtTt!p
z{m<@YQYl&xb@*lb%#d9&q%6Ht+J~n&u6wy=&0GmX@<zwSJ6@*w7!2LpT0*juB}hoi
zh~83n+<eUcL&I#j4)>ggb{Wyup`O8S@_G(;NSIO+%jOLc@)yNa`HK&;*~K%Pi`E}b
zV7(jeOBYpM|JiAe3Qk(GI^FI%zKrdlDyF<*v~4)fY0;v4W)E&{%AWizWrpOg($hm4
z3NF{)+_gTKlXQRo?l(7Pkxmb&r9axgN!di-v{t@f{gLqYjMeIo=l6ob(tKEWX86r?
zJvV`hlx_4Q1q~bYGxx+iaua<Lz`jaeTV!*x<)v++)f)R$Z(Y*dx_z%7+*jLre}Rde
zwww8uTkozaD<|zTmH3kPlt$I+X$$}F_PtftPRXPwSe#g6!mLYLE;&anwyjpTv0;Yn
z!Wk;@<bs^$fUEm2Fkku9NY<I0%k#T2wcR#f^0uG&uD0cCZrapa4?f9oaFggz31#oD
z7`iU1j$hjuXD2Jyv*Yue2e!*tZNlH<K3`9qwa;2Uv0U)^{r%#X7W;Zk>&i;DE{}+M
zy{Ce<>89vKoFvWY*U!G+S`WXf&-#)O6Sg+`aDDmtZJnX-1nNG{vDZ@`k~eQQuBFlM
zDuw@d%#9`$;QFGxp(V%P)akIxe~d{McyYEDO?%J1*_$qxH$6S$&N)L8>9<^J{aJBg
zy?=yL;JK;uiVB?MzE!?C<FR48)eWONzCEoX?oypWo>fPJ)^sm9sGDjS(DIa&X^?c{
z?a?xJAl2ZP|Jm4cwf<%OXKF78o3d`2g*V-p>UgjCzwjP`A5$w|PR>j?vE#arMPgWW
z?!H|1XV41k@}*nb8>Zk_X79-G?yPNFv!p{+U+vTHJ*Et*jiPU!rIS{+S$30{am70=
z=6cKU%7oOOh?D1fuLi5%X^okqX1OKM%K5i|tF>+#HvhTL|Bb)?N8!do{M8VQ@#jV;
z5RpOD<UA2oHxVI`G$|1EfNihoP$0wt`yKON;ALv~7dMIt*2okR8UEtNc#nBALa@f<
zKE}dXv;Y^!nIohw!8uVWBJ$@QmO*nIcgsx%4pAUj0WK+Wqq^zT@u+S`;X00lkUDN`
z6-*&<_w*)&Az<C&u7W8LvJFARL=MFgr!W>&KX!h?aUa!LADbto4!;`ks|mka@T*;%
zC#7Tj5equ*9MMtcJh#9}a`r#Qi*js*)W`PcVxcJf>K40?>b*_iu!Pkmq)BuJgGKqP
zMxn=8;DHbYq8{vp)craB;_70YtYVR1F65nvmxo9zh^Dd<gcBkNTAq%DL%`miR<bw&
zS3La?{-(Gzd4m54>wFUD<A{#BAQ@h-Q6lIU>!;)Q3Mi8&1k+F$<M$w-(o-S?W6qD`
z_<AfJrS=3q36|RPMG2(hgp+td0XTK~<Lixg8N!CJAZrS2M2vUjYX<(XfY5=**_;EX
z@w<dbPy9G?nfMHLX+krpt5t?$8Cfw$Ve>3=LkGj*73qcFqFQTqR22prdkNkSh*o5D
z7FcAjzcT4_lgqQ^e)UBK1wpBs1|Ot_tQzq7@@7rrKG!vijJt9=Zr+PuJ`|+9wBgxD
z`;Fme0$zOH>Ak9B-AVS$R~l`ji!Pg&1nxL8`bGj?&nPnN@1G{lzHQX(cp>|!N5{78
zPpNQwF6>-VfBnd$fzQgWuF8F74^E#h6RKF`x?5Rr+uRb@U$^W-vfRY$Ls!jhc`1sE
zYbD7oZN%X;LesNn8|XSW?(5fntT40T!H1a(=YN9Joq`-PrDz#*>mE}%T=<sU=!#Q8
z%MGpz#-4HMG@KS&uw^gXd*IcEQ;UVRuAG_}UY3>nMe&+x@bsInS%Vhy<A)F7mYyp*
zy-W7|P)Vuyo_?X$b!tSFr5^q1!=iqImeq?BJr<|*y;FUon<4v2BA)r%L!EUY`fJL0
zhI97|H>Cp(QNK^G$k|+*Xtw;kQ(MmFZVu&|lkF*vRpSyRtH%1%moLb%<9y#So*(Ek
zkPTJzD>-B5v$u8A2kq8<YNx!;%0?bARUObhd83+r<tlr<O$OOCbvUpj^<%u?ky|E2
z;XT)zGPa(Ld?QaH<kbWgJZl@sZN)WSFw8qc+t`HL?37<vv0+8yjDs5!anei9b|u@l
zO9V7sZ_JelcpH&flCo^Y{Bl>eNCNfK-S}=Rvu;0yc|O6lX2LqN&vx2quQ<i7Zoaez
z*EDn5!UnJHx#y%-u%_-YJ0?}*eEgWxx@E}^*EU$QaUS=&3*@fuXEN(?vD>!&7>@d`
z=u#OOdpq@)Q10rm6JJdWnqw{2Ec2SyUYCEZWW_86-@9!;6%sUV6mOpXRkpI1ZTgC_
zsXhI~&Y;hYNxNR)OmBWkbBfybAFlY5!Iwooha<vw^`1YJJ`nR>_}0=v;dzZ=M?aUf
zSP_>gM6UEq{h;UhL8JeM;mr$k-H$0PuzYsHc4tO!$%`L1pWPAnt(yE(XYd8R#;vb5
zm+s<=Z<@J8|Ly(GyQlTU!#%@Id|b+-McCHeldA*a9Z0XTa?X``LbHP|c-}oYbo73i
z=#Mn~!`mAw%C9I9v>Gh-gb+NbR|Y=)w>77*;Fd$Rr(@EpuRBX!Yme+WHl_8o(#r?i
z7M{2soY%eS<VWEulIcEgv3t(m;X*M_&97O6T%JnpIol;Nqr0@@^W>E;tFQaT)G-Hc
zOU_{D(b*B_<{w)*zbbZ7pzGO`q5`4H_p+VxpPzTsOW_jpeneYJ3Jq)zJ9Wu&@N|F{
zSukEsEL+v>D&?ThilM^I9u3xJA=B(1>Y63*6kgD)DX81#b1ipXf-|k%4%aejUAHsJ
zp!wP2%^q7@i?`=4&!2z&z-os*XY7WO;<Q%F3_N6K+%gqgx7T_oL}Ynye6OlRYxJr<
z2ii9!*(Cpulbt=%RRUxqPV5}qczSZ~+#b5xlau#?`i8fw4A(fFFX%U(>GedO7|kNS
z=+XOBw)VGC2jg7~etzU(^82@`6pp+tb!xC|i-=*$($mjVbDnNpcf@DKO}`%fyT)mw
zMOz|91hm-wxZn1}!?r~R4n=B)a-jp&*De`EH2z*r&RuQoyZTa+q^|#)OGn*rYVKYf
zqJ5;^OuXk*ZRS4Bfd&Q6NqL8hy+=~6J@DGy{^*j|)WgOvemFZ8%_>|vLr-2tW>xPJ
zKVSQz<?btuzbAyxY`bxHoxfG<vFwj8w%lA2sYrAfb~ZV{7SH$DyADS(8Irl3#G=NG
zIPLh+-*tF#(V-)KeIg-(*Q^&8-VfS)`D*1M%7c<Q>cVy%1G~QGd({oh5G}1Vp5xvq
z;=jY)f75ohuxkGM8(+-5O04uL{ZmS3`Sk=WFuvT?S5oJq7gVTWqGEN{uP&(Acsb*V
zyNkPFeA>+311*c#j?Zf|q~_?gCg;>phm-`S4Hs-KT&->WX7Mdnx0<T#hpdl#4ek*3
zRvLUccO}Bj#pM0^tlL2=Yy9i3o>x^WTH`gaTrx(rfncA$vFCn;@{OhHwl(@qu}5Vr
z)Za!+)ZM#YTq*Q3v*_a6n7dhbLe3T52;E~~={zdF^TrGR6wSzo?DL8{e{i~1hq>Pq
z6G*s!bB%Mby12rJ5uMv=?-SeWzU&RO+N-`(e;};v>#<YLOXN?C*x&9K&V88~JE|5?
zUvaS|HDJ*a*LT@bK@WWu>z^o%%ozPS&GC8s-CWnj;e=z8&KD%+9ZeL|l-CjUc)7%U
zIAf7ydNgj<8#B`*r0n`h@@(tjxY{#8(#r;kav{BEB|a$~(9udA_VE(g8NF&t^z8?U
zt81caQWkjX=!Vby>0;eadE5VU`^A;Fv<g>vIQ*~)u4#N&Q6s1tS^G49{oRmL*PQf4
zWQTSrrC+qQv?LuLUhSp4{;W3MyKhf*uxfa$TUoWvmv-m7DbgiVo{r|1__A%AMvj-w
zE;x1R7+q<>z|58%y%}wti)t$6jIwfL+a(n~o;JC%Int8RoBnP0rAN_%F>;qf51e~r
zm(~@&CMB(0_UUS^L(i2LKO?q1t~zcncP?-ESOIw`t<p{lAGPZ2`(?K?CyjKN5Z}6m
zbj-BvT-Bk^eDQ0=NN9}>)&7c-c@TSX&J>pe!uzdlr}rj*KELe41AV!;y2jYkr@!to
zz%>a!kXbuB#<cN#QG6D0ak6dd!mTH-2X*<yej12YH_R$c{h)kdeeu)A+Z!kMCI;6_
z`lp*FK8{NLFcPusx_Z*nnfC=Aobr|qCsjn+_U)P9mXNFz^vq!YXoOMIo1)%5YbBnr
z1q_Kx84e=0DZdm{E-5MO-(1+$9;F{OW#NHWD&iG!+4)+p#OoAK3EmI3Fj%JeY1bCw
zu0xkoVo#plIw@6Ls>@@~)1+f=PbM)`MV3C1ma~+=uN^K4Gj9x(So-6t&^zz8BLS<s
z)|foBjZV8m@d`JQwP{$rYJXI*+lb{I$t&x>vo+I1bcHKK?F_n~2zC1Tx_|$$By^$c
z8bNQzcvW`U+!fb)m8JB2erRbuCJP-?=d7>2RPSy-MBjSaq$MZ(xPJb6pU^bg63y#y
zvp>XiNA$dfLup~X4>b2jb{=xmsS7-WYjm{^qgZF<uC}}QV(;26iv<SxKd4lN$G!3r
z`|-}~ZD|6IB=x03gF|XpzPbmbH3zd8<z3f4?8r5DS(ttJedf>D>#arz0DZZywan
zGnH71*N%FiVSWSh@?08?ABj?0@v+#jPeD;`XeXswn{ecih*S4kuOOzfl9A7*{V_I)
z`=}|ISEc<VlBc~Rit8N5XX02@>oTG*#MVbDHnaUNJc>*hPT0U)q3U=jtue{FvFTWw
zxJIZ?Xb}5aoa()S?`C143M<(G(PYK1!SM;Z!|-Bl{awwWVGikYFRc7x_dW8u^WlP)
zIff#xI2n)sK0A6#Qf^ZuaNhTGiab9U2CC+zS8VacnGSlqEVdk;S`sJ4-oCKZWb@?5
z{m)jlv-jo=&e0DV4S7G3Z8R{nO0G+O^W*Owo1-?Tn=e?)n&S82h3T^vgZ!q74Pu)J
z?M|1{%BGN%qTlFkEPX4VGn(U3xzk*~_IQDtv5c5<{-Kj10`ngjNn`|16}oh<qI8kc
zscGk*nM>X{Ipu2=dARtU1v6{+BLQNT)XX8}y9M*3?y`>^7!b0#ccnJRpyIVpTzjS6
zbC>zlYEta;YxM0^8z$?o{Vh&Plo;|L_RTJ)t<*`+J+ske3NCzk{<CWD*{YpSypFke
zP%qT>OZ+Gc`|<ryQL;;j5`AD>dgi_Bd&&l4E=wHr?|k`0gRIo9^v0{ZP(e>{YVvcN
z*|iciwac!x>apc%XO?dtB1x!B-j<|uKiX)Q)6B~32EzS@Pv=aUqux)mEp@2b$((Wd
zYn+DF%XBc{Q;Z(hDuv$d?wwR6srx?u8F6LcQg(eLp>4PC7S8Rme6bj<ZT(tyI^VM-
z!(})Jh1YM7nb$<BkU#r#gS^Rmtr?5<<@Fr#efgs4LQFGrHrwj)<=d75nFGJg1B8E-
z&8d#52zZe+!%PI1d?+p6V*8mx?tM7v!79<#t`!l~3Y%+hMWP}MSF{T|I$Yck5pq=7
zAVz84#t<|4i-PBDPP`k9Ig)kp^<bXhPqFRiqNb==Zzeb;Eqtx|j`+AoT87zo@N@qq
z|MT@OVguc)`(1nAc(Sc37xejhohTPzJ#ZaSIeLH7@1UKl%-l4T3d6sQta=~!*i`<e
z&Vo#iesj!x|6BfvOZJAO*oZK`h9<iE+F7==9xk2kAXSndCqX8QUaHa4l&-qH??{34
z!M1ZH<*lcm;$)xDSpg;S=jt05yAG<o7foIg8TBQ^>b68^o)(E6$ljH*?5*6DS!;FL
z<CEdNbstu)XY_uZmHGzsNA;zBM)Q5sa77Q{PG7#m6*cxos{_|6Gqk2Si&W^vf36l_
zg&kD%I5vG}i%rz8c}FU9D#hPN?(e+c8u93cu5#|vz}IS1j)=%)h~x}9HF~H8HmFop
zYoEL(P#C50YsaFWRieE<?B)ouFLO5PRhb#f&)VnmPBMD6$i^?Zq0FJ0@Qv%|R+;7W
zF7A9TV(E4ImHyJCvMr7KJkyR`a5!!?*JX3ptLJ@Z9AyMmtz)iwi{8{Vq958c`zL<Z
zSH-&Q^Qv`CN8Fu$U64$TU9kK=FC%qnSbSXhWucNs%$EsoyD=sC(+iWGW^9X^H!U~q
zt-NL&S@Lq4hh%~)`*O?s#4mgFEWgQevcklKiq8>7!!{<3vWw3dD^aZ%5AJnQcWS)T
z^u#&3Fn!kdJBgEY1Jxy#zYOzxv_x#tn)vDl!=*L1rspcWSf%|=>e1(q-{vanhbxJ$
znz!qv)a(x@zHGfBJFqu!J!fa}XYDF>khRxH<JpA%qaQOzX8o3vv38N{=y0gLnzi<A
z{pl&5<?o{AwxoGalR41lwyv@5XtR`OF(EYg)<>luTRw!_hB>!~v6P+{x7dV#EDWEc
z7ED-H^JVruk#9>mI$<y5ElR7a81q|HvyX4FsA;d%OsRaa-Xx+wd~-~E#OfzyGkhPh
zO<M+?e(f80eXq}IhxWXuB_l8Eoo#NtHh&&|!?@4A%>Db)Jg;qfX`GxWj*6(JWV^uA
zGcv08DsKL~sH731;hFf=Bwy3n=|puMQwzshz*bcBP`Yr}TI!q8+Ed$9SC%>vZ@-u-
z=hfC$d$>lT=*<gzlRf)bWoPdfrCy3tops8Gec$nv(PQDJEVCR+Kq5}j*J04a-26XR
zqPtH}!bn)H!i*=!5{2i)sVA-@i7xk~)C}xmYm3ySd=30|H(B~qriGtMwce2Qfi%iR
z$DSg=wEQWl66<$cHk9XEZZ=-1;t&vQ)>d^kPEU7RhlESi$ZrSt%)_z@yF<xGjVYtq
zx4yH_3`d8Xz43f=U@|q$Nc~~rUY*o4)9z*7oUN35=un8HfBb?@J;Mw)pG`(r4kS4Q
zA1|2hy2}081<$H{`&Zka71~i}+?_xBqFiqI&z0tL76tA99yipKCy^#zbAWjB(2%@U
zUfi0kkrui-p8j*cnct2`{5><rVTR0|SHByi{CC||V834}nK?hc2;O<$e^DeTOYY%D
z@8sp5GKAb)UuG)o)iv+Q_x_=FuR<wq+n|zR)%X0KU^nmJ^NFsu>#_&ii_D^0gS44<
zmsRUN+9~5BbC6Lb)|+6u)AU5tzN5C2L$;dW)E%TV?rJ&qbO}xmc(5%TUb8G&`0@7*
z{f{@g5?brE*uvWOnmRqO{WUM$6W6qCMaa_DoSxTuB}E+3Yi<fj*8^U!E?Xeum)#h~
zu=;R#@25}|_2Z+d5_Kxnrm$V4&jSOUjT<_>%cH%B9|kPCrGwTsr?;&g3_pCv-Q7^W
zTS9-CXk^L$RToE(Ny)CO{gk$Td->iY-zX0QjHTnn4=O}1x1aATu!}VLivQ1w+~1n*
z?EmhF;ooaK@@g@4np<rUzwQoAHEAQgp!7j@`=(~L;HgVS@Qf<o4jVV-_|Fa-jR;XA
zE(v&b*rv%>A{Z2t3h}K1J{c#xt_CFt4$qL5iyVCCyJPnjh_iO-Ji6_C(ZD<Th9y}x
zr)>5rcK0YxWv)3f`_|htv4Yc%Ze7Hsp(Ib%`1X^t-&QT+QI*=GcFtLMjqu>-x1v<n
zq<^Yvr+cn*dOl#htC|yBjF;yukyICxftzwP=D)2z3Xzjhj5iXoTI@Q1*$R$bDZW7v
z-eNv?4R1LCljn$D$CDtOc@>U8DfYjPKQ15(@zrBTiR0T#$#Fsuz&y6e#R)PJ72`-f
z$Ey@al;E|5RUuURUnB{UI-v&?PSj(#4+mk+++D9vckt2z%9IJaUJ$`I-UdWeW4m69
zOYu!&<5AU|&NRFN=Tb3Vob&MnUJ7egf}_-dpT^l-j#uIAFT)24QfQptW%!%=6z)T8
z9^$|UW2Zppfc0wveS9@36u!+eh`)p9nX%~XL0y72Y}%<8Gw<Pzrb$z<5C1c!6ef&m
zY6ji}yNh?{G5(E!3ia<rCTM|5A3t`XKteT))13ED@s9*43{GhiJ{ilh=6MoNDvo;w
z?3JUS*Q9_a*sE~B_=XWt9WGCc;p2P-m8n>N{|eTGty?OmG!Z|YLn^^z*8@4Vt@w|e
zlsk9{Dage*&O|DGtSdt8_(#*J*uYFYW2R6U*uUj@d6_B*r3yOmc+SaUVD`rj{07aj
zbSr$kr2gHi<;au*DI67x3R1aw9khx|Uf_Lor6Fz0c<)(Q6x8!_E(<xtLcC~klrUk6
zpbBk5N(&n4pS;lEQW?g_1`)zDEPX}R6aq&OK;R>>I7F1NP+&SFe?dM8lDUA8O&8!s
zS85fB6QZP4xKW~i$B|ASPhkR*g6-^bUN+-3v0-gdB9sdVLKNvq6@mhmq=no3YZXG9
zAXHnfN=OB;*b_%^6p*E%nJy?CQib$%AqvElVq2~griBLNe-)et@uuUPpaYXS+JR%(
zUNppX{mDDR9Yht#r!r1BaV#OP3b#Mj+JrW-f8nV_VFKTb@Y5lj5CnQrU4kCRJxEyc
z&y?xFYjYxW2%4Ndx&*_SV{fMO4JtR`3y+w9S0+7OkV40j+-P%PV8x5o^av~Q(i2~H
zXE7i~;f@%AJ3$(j5X=RqO^m~%L4fQbrLnH+a8@n@o<hJYO;k*WW2Q@x;{@0e)&VD0
zVRK}P9l=Kc%kkoGPjFV?PGe1O-V+B+2&KRdCE#LivpqqB&An{_nPSF5El3b)hy9oI
zhl<1+D@!JhT?iqQ#sdAwl(EAMGIwq{KpgO&|Bt=<4$&2V%8k7W1ZNgw^^dV?L10)w
zD1-^Z3B}a$iAHB}_BjxuIE5<kEozPgeJut_oH+iYNvF{$G|jb|7zSF7jy;Lw=Sc8W
zCKIU;Il?8>4EXbJ2s$K^i#r_&wgR&#R3>&1gZ+&EpUR-X#TH(S%woX(Wp`)76->WM
zFDKyH*pbbIazrx7CKhKh0fT^QG8IeOG6BQrnApQg2nH$+#i%Uo&N4zr!Y+8i5BqP2
ziDW7fhM$j+iCGGs!azrXp+GPuaE=edhJ=@n!aX_qhp~avR3ZyI`uYcA7%-2Q3xHAS
znAlICBhx5!CLQEp0*2AiFd0EGEIAc|0SnpuJ!HZl@)E*16CYcl5jbPxqr;Rf_VY&!
zh!B8D#{?L~$bUG^9w%gyNmP`D3>E{f2lEyNy1#}0l?4Gr8U{v#`0|tmIik|BgS!cx
zVG|()ih@nS2_Rq~sl0_TjEYTBgpQ6Kh)u*O3@{ITWx=8&Z9oS}OeUMJFp+`C0#r!B
z0$-6vD425R#h75bP>e>!%nwR8j<Lt4Gm!%0gpNC4d}9n4k%<Tr1(Ygwx`#Bvz+8`s
z7!_EJy#qTDV?%{hEOFUH5F^CGoe_+VscIBMWrhkz!q}s{2pxZCfDSY&%s=?~D@ZWw
zu#;mH0|SR*kQoXYPb!qeR5ovYBr4{W@L<5Le_UX5wJ8xAhLmLdgnVDjV1kRsN5`b1
z++sq)F#d*t)ks-3lSIdoiSYE0Ng?tL3Csw-4l+UipqycXJ>$c`rXd&&AS@>Zm;dAJ
zhel8##0b$ZrolCR)E;0M+G#KwG}J}_9eIK#WOMBwMu@VS1{ZHIlRJ?!fHD6M9ToGz
zdFiN3RDhu@k%`hV*i2wHS{PPD$T-np+_5wkJdH3|B-C!uu<41G1%>`k;Kt+)=pbhq
z)Q9o^FZ-ccBC6+UOcEGmq+uqBd;fr^GfW~Ao$pW|c8!6z)9@J+4I6j-S>Sh|Rty^E
zdPEZ&!RW9>34+m4qXTr{yP$NKhC?wLn}NAoycL4ELs-ay8B6A!@8BQN=;*WqIx?!~
zSu_|rM2-L>kNFVr{eRgHAQ*0*&cK6^L^@){Ky9(OKIDW>V{|kum=?j9EM6{Pbi9HI
z?E?ry%*$4ckcBzUycJSth=Bn*DiaGE;iaRZdLC;7KADe>$VQw4tU?x|f-#JNj2&P!
z(nLXm4sbDKdIH9vB7%w0!Ob>qXU6?ME+Lkug!fCBsP_VNn5Tl$F;F4I>Vv{49h1SU
zG1*wJnIP;aA&UsHPH1OXhyo!&X;k+^eSA8AOUK84m|zraal-S(BuMXxjwcBm8h#A&
zY@%iPTr+4G>;WoUU?~5}+h6|=2w_I>PBFk>UBNp&F*;aTpbb+Qh=Bn*IzI<VG?;ii
zWnujR$yWIU4onIE7t?{3r!ZEQHNlu*wghV!d>WLFPJz3h2&Y*jDuvho!wOR&+bbU-
zqNHHuMWpaePZA6KbiT5vW`#CD)BL6T<Nsk5QW1xe+X&*xVi+R9@Wp^3%Q(O&VBnF?
zK(-@96OzFHhJZPAnqW&9UR@0pQi+I8#~OiE2-*mRj`#~$SsI@XfF%~pCa(SYtAa5?
zCO@mG;0L3Pz~%@#Oi&haHlRK_74ZWAV@zmc%>Tnc2DXEV{rs^97zVisP>c>BAI2|)
zbeK)Nl8)6!N31M~$Ob|zw=qw{bTXZf{eWS+$GmjFL9{bKg{+83L^_3E6Vhp17mmyS
z@h^sE5$^>GQ^C-p4O794@nPIRQJxMmnN(!`2=&oGY{tuS{XbBmurfgfj>)8B4@4ss
z@(UM}#p3HAc<FrO4s_TSF;9IgHVGUFUXVm)G7!gtL}Y<pM(9AzGmwo4paTtp4ioHu
zpuPcU9tPKg#`r(ZerN=7GD%oxQ2UM*MztQSb6{Hp`4GSm=avL(d{}G#qr=(<kV-;@
z3nN54AE2XCCKkrZf``vQy(XXoBk`}1u{OZSA~OsMvticq5%SGhaF6(m4m85u!h_1k
zIf!)z{bH;vI>P{iT>`9K`2N4_$3RpEU^Wa@%RmPUFWydLbZEn1$APaX9qgM;#Grl5
zP_oc528@E*cfin%B@#IOMC@>6A{U@xGO8CaI#l-q2L1=4r2zatg-KAHw-Kx`ssmuQ
z^Z5`=D%_k#W)5JqKg;)j{vUvRQwJ)95k(t@oS6s)3IJSVlnz$M2xl-l-eCg&4?rl*
zTNuMo&cJGvf$VZ&Wf{oMD_{&hZyDAM;3)F60eT-?M>fKKa1B6Sc?dCg0Tw$b#sIa4
zV&EC`Vq_X*Cq>OR*2Z7&>aYLD?F}O7SYayC84QD#c^c+oi0_DD;A^9FEC#Z&hIi*7
zHzx0xz}`2R2)hnQVKVq16Q>TgM-C|-5yt{BI%rL_EUe=A>VpqK_W!WL=yD1$2D%Fh
z7+5FXVd7%Qv;z!gHm~$^v2pYM$N$4X8b22xH4^$IumDG-8ruW{`9i)JJTpWvvFU*B
z7m?X;;y^*B6A*%qLj{R~sVTG(I&9eSV~FmD`rs^skB$M$US9tXGPTgbvp^~YjCaij
z<4$FOaz*JFuomXSVCo<kNajEFJ?8(x&NR#uUJZwxdSEXMOjNC0jBku#>=0iM=)nC$
zxdj+vqRBKiIL3(Pg2KQARMKfw@T<|zz_JU)z+FS!Z*XwnR0ib&9Yg`R#kn6ukemg7
z@Ch27PUWu%4nW8pvtR<w3{I}FGjoT)z)(#Jw#x*E#u#87ur^SWdt5Pgio7}0J0x^V
Vi0@j+mILlDoZai`EwZ%`{~y~<6;%KL
diff --git a/userguide/site/search/search_index.json b/userguide/site/search/search_index.json
index d01032c8..39cbcf7f 100644
--- a/userguide/site/search/search_index.json
+++ b/userguide/site/search/search_index.json
@@ -1 +1 @@
-{"config":{"lang":["en"],"min_search_length":3,"prebuild_index":false,"separator":"[\\s\\-]+"},"docs":[{"location":"","text":"Getting Started JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database. Obtaining JAMS The latest Beta build of JAMS can be downloaded at: https://git.jami.net/savoirfairelinux/jami-jams System Requirements Windows, Linux or Mac OS operating system Java 11 or higher 4 GB RAM 1 CPU JAMS Concepts JAMS was built with security in mind, therefore it is intimately related to the X509 certificate management workflows. The central concepts which are used in JAMS are the Certification Authority (CA) and the Certificate Signing Requests (CSR). In the JAMS paradigm, a device (Jami client) requests a certificate to the server then presents it to other devices to be recognized as a valid member of the organization. Therefore, JAMS must be provided with a certificate authority in order to work properly. In order to be completely secure, JAMS does not generate certificates for devices, but instead issues certificates based on a certificate signing request sent to it by the device, therefore removing the need to send a private key over the wire. The diagram below shows the entire process of how a device enrolls with JAMS: \u200b Getting Started Download the latest version of JAMS from: https://jami.net/services/ Unpack the .tar file to a directory of your choice. It is mandatory to run JAMS using a secure SSL connection. To request your SSL certificate files using OpenSSL and generate a pair of PEM and KEY, enter the following command: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Current limitation: JAMS does not support reading encrypted private keys which require a password unlock. Navigate to the directory where you have extracted the JAMS package and execute the following command: java -jar jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY Argument Details PORT The TCP port on which you want JAMS to listen for incoming connections SSL_CERTIFICATE The location of the PEM-formatted SSL Certificate file SSL_CERTIFICATE_KEY The location of the PEM-formatted key file which is used with the SSL Certificate file from above An example of the command would be: java -jar jams-launcher 443 server.pem server.key Please note that any port above 1024 can be safely used to run JAMS. Step 1: create your admininistrator account This account will have administrative control and the rights to manage your users and group of Jami users. Step 2: setup the Certification Authority The second step is to define your Certification Authority. Important: a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server. This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following articles to get familiar with the processes and practices which surround it: https://www.securew2.com/blog/public-key-infrastructure-explained/ https://cheapsslsecurity.com/blog/understanding-the-role-of-certificate-authorities-in-pki/ Step 3: setup the user database JAMS supports 3 different sources for the authentication of users: LDAP-compatible directory (such as OpenLDAP) Microsoft Active Directory Local embedded database Option 1: LDAP authentication If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Use StartTLS Your LDAP server can be configured to use either TLS/STARTTLS or PLAIN sockets, if STARTTLS is used you should mark this as true Server Address The address of your server with respect to the JAMS server, your LDAP does not need to be publicly accessible but should be accessible to JAMS. You should have either ldap:// or ldaps:// preceding the address. Port The port on which the LDAP server is listening for requests (usually 389 for PLAIN/STARTTLS and 636 for SSL/TLS) Administrator Username This is NOT the LDAP's administration account credentials, but the credentials of the account which has Read permissions to the LDAP database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=org Password The password used by the account above. BaseDN The base realm where the users accounts are located, in most cases it is ou=users,dc=company,dc=org Option 2: Microsoft Active Directory If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Port The port on which Active Directory is listening (generally it is either 389 or 636) Host The address of your server with respect to the JAMS server, your Active Directory does not need to be publicly accessible but should be accessible to JAMS. Administrator Username This is NOT the Active Directory's administration account credentials, but the credentials of the account which has Read permissions to the Active Directory database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=net Password The password used by the account above. Use SSL Whenever this server uses SSL for data transmission Domain Name This is the legacy-formatted Windows Domain Name (i.e. WINDOMAIN ) Option 3: local embedded database The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface. Advanced settings: by default, the option \"Use public nameserver\" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization. If you want your users to be searchable by external users and allow them to communicate with any Jami users, and not only the one from your organization, enable this option, Step 4: setup the server parameters Parameter Details CORS Domain Name The domain on which the JAMS client and administration UI will be running. Certificate Revocation List Lifetime The frequency at which the CRL is updated in memory Device Lifetime How long a device's certificate is valid before being considered stale and requiring re-enrollement User Account Lifetime How long a user account is valid before being considered stale and requiring re-enrollement Important The CORS Domain Name corresponds to the web address used to access the Web UI. By default, it is set to the same URL as the one where you deploy JAMS. Only set a different URL if the Web UI has a different URL to the one where JAMS is deployed. Click on \"Set Server Parameters\" to finalize the configuration. You will be redirected to the JAMS interface. If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on \"Create User\"","title":"Home"},{"location":"#getting-started","text":"JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database.","title":"Getting Started"},{"location":"#obtaining-jams","text":"The latest Beta build of JAMS can be downloaded at: https://git.jami.net/savoirfairelinux/jami-jams","title":"Obtaining JAMS"},{"location":"#system-requirements","text":"Windows, Linux or Mac OS operating system Java 11 or higher 4 GB RAM 1 CPU","title":"System Requirements"},{"location":"#jams-concepts","text":"JAMS was built with security in mind, therefore it is intimately related to the X509 certificate management workflows. The central concepts which are used in JAMS are the Certification Authority (CA) and the Certificate Signing Requests (CSR). In the JAMS paradigm, a device (Jami client) requests a certificate to the server then presents it to other devices to be recognized as a valid member of the organization. Therefore, JAMS must be provided with a certificate authority in order to work properly. In order to be completely secure, JAMS does not generate certificates for devices, but instead issues certificates based on a certificate signing request sent to it by the device, therefore removing the need to send a private key over the wire. The diagram below shows the entire process of how a device enrolls with JAMS: \u200b","title":"JAMS Concepts"},{"location":"#getting-started_1","text":"Download the latest version of JAMS from: https://jami.net/services/ Unpack the .tar file to a directory of your choice. It is mandatory to run JAMS using a secure SSL connection. To request your SSL certificate files using OpenSSL and generate a pair of PEM and KEY, enter the following command: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Current limitation: JAMS does not support reading encrypted private keys which require a password unlock. Navigate to the directory where you have extracted the JAMS package and execute the following command: java -jar jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY Argument Details PORT The TCP port on which you want JAMS to listen for incoming connections SSL_CERTIFICATE The location of the PEM-formatted SSL Certificate file SSL_CERTIFICATE_KEY The location of the PEM-formatted key file which is used with the SSL Certificate file from above An example of the command would be: java -jar jams-launcher 443 server.pem server.key Please note that any port above 1024 can be safely used to run JAMS.","title":"Getting Started"},{"location":"#step-1-create-your-admininistrator-account","text":"This account will have administrative control and the rights to manage your users and group of Jami users.","title":"Step 1: create your admininistrator account"},{"location":"#step-2-setup-the-certification-authority","text":"The second step is to define your Certification Authority. Important: a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server. This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following articles to get familiar with the processes and practices which surround it: https://www.securew2.com/blog/public-key-infrastructure-explained/ https://cheapsslsecurity.com/blog/understanding-the-role-of-certificate-authorities-in-pki/","title":"Step 2: setup the Certification Authority"},{"location":"#step-3-setup-the-user-database","text":"JAMS supports 3 different sources for the authentication of users: LDAP-compatible directory (such as OpenLDAP) Microsoft Active Directory Local embedded database","title":"Step 3: setup the user database"},{"location":"#option-1-ldap-authentication","text":"If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Use StartTLS Your LDAP server can be configured to use either TLS/STARTTLS or PLAIN sockets, if STARTTLS is used you should mark this as true Server Address The address of your server with respect to the JAMS server, your LDAP does not need to be publicly accessible but should be accessible to JAMS. You should have either ldap:// or ldaps:// preceding the address. Port The port on which the LDAP server is listening for requests (usually 389 for PLAIN/STARTTLS and 636 for SSL/TLS) Administrator Username This is NOT the LDAP's administration account credentials, but the credentials of the account which has Read permissions to the LDAP database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=org Password The password used by the account above. BaseDN The base realm where the users accounts are located, in most cases it is ou=users,dc=company,dc=org","title":"Option 1: LDAP authentication"},{"location":"#option-2-microsoft-active-directory","text":"If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Port The port on which Active Directory is listening (generally it is either 389 or 636) Host The address of your server with respect to the JAMS server, your Active Directory does not need to be publicly accessible but should be accessible to JAMS. Administrator Username This is NOT the Active Directory's administration account credentials, but the credentials of the account which has Read permissions to the Active Directory database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=net Password The password used by the account above. Use SSL Whenever this server uses SSL for data transmission Domain Name This is the legacy-formatted Windows Domain Name (i.e. WINDOMAIN )","title":"Option 2: Microsoft Active Directory"},{"location":"#option-3-local-embedded-database","text":"The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface. Advanced settings: by default, the option \"Use public nameserver\" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization. If you want your users to be searchable by external users and allow them to communicate with any Jami users, and not only the one from your organization, enable this option,","title":"Option 3: local embedded database"},{"location":"#step-4-setup-the-server-parameters","text":"Parameter Details CORS Domain Name The domain on which the JAMS client and administration UI will be running. Certificate Revocation List Lifetime The frequency at which the CRL is updated in memory Device Lifetime How long a device's certificate is valid before being considered stale and requiring re-enrollement User Account Lifetime How long a user account is valid before being considered stale and requiring re-enrollement Important The CORS Domain Name corresponds to the web address used to access the Web UI. By default, it is set to the same URL as the one where you deploy JAMS. Only set a different URL if the Web UI has a different URL to the one where JAMS is deployed. Click on \"Set Server Parameters\" to finalize the configuration. You will be redirected to the JAMS interface. If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on \"Create User\"","title":"Step 4: setup the server parameters"},{"location":"admin/","text":"Admin Guide By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment. JAMS & Nginx It is generally not recommended to expose JAMS directly to the outside world and while it is required to run JAMS in SSL mode, we usually recommend users to place it behind Nginx or a similar web server which proxies requests between the outside world and Jams. The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution): The IP 10.10.0.1 is random, and should be seen as an example. Typically you would add a new site called jams-site.conf to your nginx configurations which would contain the following entries if you wanted to place an SSL certificate at the Nginx level: server { listen 443 ssl; listen [::]:443 ssl; ssl on; ssl_certificate /etc/certificates/mycertificate.pem ssl_certificate_key /etc/certificates/mycertificatekey.pem client_max_body_size 100M; server_name jams.mycompany.com; location / { proxy_pass http://10.10.0.1:8080/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; } } This is the preferred setup method by most admins, as local traffic is usually ran unencrypted since it is usually either inter-VM connection, a VLAN or another dedicated link. Troubleshooting and resetting If you ever need to restart from 0 (i.e. reset everything and drop existing data) you can do so by deleting the following files in the distribution folder ( /jams): The internal jams folder: /jams/jams derby.log oauth.key oauth.pub config.json This will reset the server to its original state and you will be able to run the configuration wizard again. Before performing this operation, please make sure to shutdown the server. Running JAMS as Windows Service Download and install JAMS Visit https://jami.net/services/ and downalod JAMS. Extract JAMS to c:\\jams Download and install JDK 11 Download JDK 11 from https://www.oracle.com/java/technologies/javase-jdk11-downloads.html (choose the conresponding architecture of your VM) Install it using the install wizard. Download openssl to generate a key and a certificate Download OpenSSL from https://kb.firedaemon.com/support/solutions/articles/4000121705 (or choose another source https://wiki.openssl.org/index.php/Binaries) Once downloaded extract it to c:\\openssl then create a folder bin inside c:\\openssl\\bin Create a new file inside bin named openssl.cnf (make sure that the file extension is .cnd and not .cnd.txt) and copy past the following default configuration http://www.flatmtn.com/article/setting-openssl-create-certificates.html # # OpenSSL configuration file. # # Establish working directory. dir = . [ ca ] default_ca = CA_default [ CA_default ] serial = $dir/serial database = $dir/certindex.txt new_certs_dir = $dir/certs certificate = $dir/cacert.pem private_key = $dir/private/cakey.pem default_days = 365 default_md = md5 preserve = no email_in_dn = no nameopt = default_ca certopt = default_ca policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ req ] default_bits = 1024 # Size of keys default_keyfile = key.pem # name of generated keys default_md = md5 # message digest algorithm string_mask = nombstr # permitted characters distinguished_name = req_distinguished_name req_extensions = v3_req [ req_distinguished_name ] # Variable name Prompt string #------------------------- ---------------------------------- 0.organizationName = Organization Name (company) organizationalUnitName = Organizational Unit Name (department, division) emailAddress = Email Address emailAddress_max = 40 localityName = Locality Name (city, district) stateOrProvinceName = State or Province Name (full name) countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 commonName = Common Name (hostname, IP, or your name) commonName_max = 64 # Default values for the above, for consistency and less typing. # Variable name Value ------------------------ ------------------------------ 0.organizationName_default = My Company localityName_default = My Town stateOrProvinceName_default = State or Providence countryName_default = US [ v3_ca ] basicConstraints = CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always [ v3_req ] basicConstraints = CA:FALSE subjectKeyIdentifier = hash Add OpenSSL to Sytem Environment variables Go to Edit the system environment variables -> Environment Variables, then in System variables edit Path and add c:\\openssl\\ Configure OpenSSL Execute the following command to set the path to OpenSSL configuration. set OPENSSL_CONF=c:\\openssl\\bin\\openssl.cnf Open the command prompt and cd c:\\jams ans generate the Key and Certificate: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Follow the wizard. Once the key and certificate are generated execute the dir command you should see an output like this: c:\\jams>dir Volume in drive C has no label. Volume Serial Number is BC94-9EF2 Directory of c:\\jams 2020-11-10 12:38 PM . 2020-11-10 12:38 PM .. 2020-10-22 10:56 AM 5,186,016 jams-launcher.jar 2020-10-22 10:56 AM 33,413,882 jams-server.jar 2020-11-10 11:53 AM libs 2020-11-10 12:34 PM 1,732 server.key 2020-11-10 12:38 PM 1,336 server.pem 2020-10-22 04:05 PM 2,047,932 userguide.pdf 5 File(s) 40,650,898 bytes 3 Dir(s) 93,365,936,128 bytes free Now execute the following command tot start JAMS java -jar jams-launcher.jar PORT_NUMBER (eg. 8443 or 443) server.pem server.key Open a navigator on the server and visite https://localhost:443 or https://localhost:8443 to validate that it's working. Click CTRL + C to close the application Expose your localhost to the internet Click on Windows ans search for Windows Defender Firewall with Advanced Security. Right click on Inbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Inbound and click Finish Now right click on Outbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Outbound and click Finish. You are all set. You can now visit you application trought the server domain name or ip address on port 443 or 8443. Create a JAMS Windows Service (Embed Tomcat Server Windows Service) to start JAMS with the server In order to create a JAMS Windows Service you can use the tool NSSM provided on http://nssm.cc/download https://github.com/kirillkovalenko/nssm Once downloaded open a command prompt and change directory to nssm-2.24\\win64 then execute: nssm.exe install JAMS A GUI interface will open. In the Path field specify the path to the Java executable example: \"C:\\Program Files\\Common Files\\Oracle\\Java\\javapath\\java.exe\". In the Startup directory put the \"C:\\jams\" installation folder path. In the last field Arguments add the following arguments: -classpath \"c:\\jams\" -jar jams-launcher.jar PORT_NUMBER server.pem server.key where PORT_NUMBER is the port number you want to use to serve the application example 443 or 8443 Now your JAMS application will start with the server. Source: https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4 Running JAMS as a Linux Service Running JAMS as a Linux Service is fairly straightforward with systemd - you simply created a service unit file with the following structure: [Unit] Description=JAMS Server [Service] Type=simple WorkingDirectory=[DIRECTORY WHERE JAMS WAS UNZIPPED] ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY [Install] WantedBy=multi-user.target The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)","title":"Admin"},{"location":"admin/#admin-guide","text":"By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment.","title":"Admin Guide"},{"location":"admin/#jams-nginx","text":"It is generally not recommended to expose JAMS directly to the outside world and while it is required to run JAMS in SSL mode, we usually recommend users to place it behind Nginx or a similar web server which proxies requests between the outside world and Jams. The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution): The IP 10.10.0.1 is random, and should be seen as an example. Typically you would add a new site called jams-site.conf to your nginx configurations which would contain the following entries if you wanted to place an SSL certificate at the Nginx level: server { listen 443 ssl; listen [::]:443 ssl; ssl on; ssl_certificate /etc/certificates/mycertificate.pem ssl_certificate_key /etc/certificates/mycertificatekey.pem client_max_body_size 100M; server_name jams.mycompany.com; location / { proxy_pass http://10.10.0.1:8080/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; } } This is the preferred setup method by most admins, as local traffic is usually ran unencrypted since it is usually either inter-VM connection, a VLAN or another dedicated link.","title":"JAMS & Nginx"},{"location":"admin/#troubleshooting-and-resetting","text":"If you ever need to restart from 0 (i.e. reset everything and drop existing data) you can do so by deleting the following files in the distribution folder ( /jams): The internal jams folder: /jams/jams derby.log oauth.key oauth.pub config.json This will reset the server to its original state and you will be able to run the configuration wizard again. Before performing this operation, please make sure to shutdown the server.","title":"Troubleshooting and resetting"},{"location":"admin/#running-jams-as-windows-service","text":"","title":"Running JAMS as Windows Service"},{"location":"admin/#download-and-install-jams","text":"Visit https://jami.net/services/ and downalod JAMS. Extract JAMS to c:\\jams","title":"Download and install JAMS"},{"location":"admin/#download-and-install-jdk-11","text":"Download JDK 11 from https://www.oracle.com/java/technologies/javase-jdk11-downloads.html (choose the conresponding architecture of your VM) Install it using the install wizard.","title":"Download and install JDK 11"},{"location":"admin/#download-openssl-to-generate-a-key-and-a-certificate","text":"Download OpenSSL from https://kb.firedaemon.com/support/solutions/articles/4000121705 (or choose another source https://wiki.openssl.org/index.php/Binaries) Once downloaded extract it to c:\\openssl then create a folder bin inside c:\\openssl\\bin Create a new file inside bin named openssl.cnf (make sure that the file extension is .cnd and not .cnd.txt) and copy past the following default configuration http://www.flatmtn.com/article/setting-openssl-create-certificates.html # # OpenSSL configuration file. # # Establish working directory. dir = . [ ca ] default_ca = CA_default [ CA_default ] serial = $dir/serial database = $dir/certindex.txt new_certs_dir = $dir/certs certificate = $dir/cacert.pem private_key = $dir/private/cakey.pem default_days = 365 default_md = md5 preserve = no email_in_dn = no nameopt = default_ca certopt = default_ca policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ req ] default_bits = 1024 # Size of keys default_keyfile = key.pem # name of generated keys default_md = md5 # message digest algorithm string_mask = nombstr # permitted characters distinguished_name = req_distinguished_name req_extensions = v3_req [ req_distinguished_name ] # Variable name Prompt string #------------------------- ---------------------------------- 0.organizationName = Organization Name (company) organizationalUnitName = Organizational Unit Name (department, division) emailAddress = Email Address emailAddress_max = 40 localityName = Locality Name (city, district) stateOrProvinceName = State or Province Name (full name) countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 commonName = Common Name (hostname, IP, or your name) commonName_max = 64 # Default values for the above, for consistency and less typing. # Variable name Value ------------------------ ------------------------------ 0.organizationName_default = My Company localityName_default = My Town stateOrProvinceName_default = State or Providence countryName_default = US [ v3_ca ] basicConstraints = CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always [ v3_req ] basicConstraints = CA:FALSE subjectKeyIdentifier = hash","title":"Download openssl to generate a key and a certificate"},{"location":"admin/#add-openssl-to-sytem-environment-variables","text":"Go to Edit the system environment variables -> Environment Variables, then in System variables edit Path and add c:\\openssl\\","title":"Add OpenSSL to Sytem Environment variables"},{"location":"admin/#configure-openssl","text":"Execute the following command to set the path to OpenSSL configuration. set OPENSSL_CONF=c:\\openssl\\bin\\openssl.cnf Open the command prompt and cd c:\\jams ans generate the Key and Certificate: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Follow the wizard. Once the key and certificate are generated execute the dir command you should see an output like this: c:\\jams>dir Volume in drive C has no label. Volume Serial Number is BC94-9EF2 Directory of c:\\jams 2020-11-10 12:38 PM . 2020-11-10 12:38 PM .. 2020-10-22 10:56 AM 5,186,016 jams-launcher.jar 2020-10-22 10:56 AM 33,413,882 jams-server.jar 2020-11-10 11:53 AM libs 2020-11-10 12:34 PM 1,732 server.key 2020-11-10 12:38 PM 1,336 server.pem 2020-10-22 04:05 PM 2,047,932 userguide.pdf 5 File(s) 40,650,898 bytes 3 Dir(s) 93,365,936,128 bytes free Now execute the following command tot start JAMS java -jar jams-launcher.jar PORT_NUMBER (eg. 8443 or 443) server.pem server.key Open a navigator on the server and visite https://localhost:443 or https://localhost:8443 to validate that it's working. Click CTRL + C to close the application","title":"Configure OpenSSL"},{"location":"admin/#expose-your-localhost-to-the-internet","text":"Click on Windows ans search for Windows Defender Firewall with Advanced Security. Right click on Inbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Inbound and click Finish Now right click on Outbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Outbound and click Finish. You are all set. You can now visit you application trought the server domain name or ip address on port 443 or 8443.","title":"Expose your localhost to the internet"},{"location":"admin/#create-a-jams-windows-service-embed-tomcat-server-windows-service-to-start-jams-with-the-server","text":"In order to create a JAMS Windows Service you can use the tool NSSM provided on http://nssm.cc/download https://github.com/kirillkovalenko/nssm Once downloaded open a command prompt and change directory to nssm-2.24\\win64 then execute: nssm.exe install JAMS A GUI interface will open. In the Path field specify the path to the Java executable example: \"C:\\Program Files\\Common Files\\Oracle\\Java\\javapath\\java.exe\". In the Startup directory put the \"C:\\jams\" installation folder path. In the last field Arguments add the following arguments: -classpath \"c:\\jams\" -jar jams-launcher.jar PORT_NUMBER server.pem server.key where PORT_NUMBER is the port number you want to use to serve the application example 443 or 8443 Now your JAMS application will start with the server. Source: https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4","title":"Create a JAMS Windows Service (Embed Tomcat Server Windows Service) to start JAMS with the server"},{"location":"admin/#running-jams-as-a-linux-service","text":"Running JAMS as a Linux Service is fairly straightforward with systemd - you simply created a service unit file with the following structure: [Unit] Description=JAMS Server [Service] Type=simple WorkingDirectory=[DIRECTORY WHERE JAMS WAS UNZIPPED] ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY [Install] WantedBy=multi-user.target The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)","title":"Running JAMS as a Linux Service"},{"location":"clients/","text":"Client Guide Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients. For the purposes of this tutorial, we assume that The server and the device trying to connect are either On the same network The server is publicly accessible to the outside world You have a valid username/password pair to connect to the server Connect from a Linux device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from a Windows device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from a MacOS device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to account manager\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from an Android device Open Jami, go to the login page. Select the option \"Connect to management server\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from an iOS device Open Jami, go to the login page. Select the option \"Connect to account manager\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Clients"},{"location":"clients/#client-guide","text":"Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients. For the purposes of this tutorial, we assume that The server and the device trying to connect are either On the same network The server is publicly accessible to the outside world You have a valid username/password pair to connect to the server","title":"Client Guide"},{"location":"clients/#connect-from-a-linux-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a Linux device"},{"location":"clients/#connect-from-a-windows-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a Windows device"},{"location":"clients/#connect-from-a-macos-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to account manager\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a MacOS device"},{"location":"clients/#connect-from-an-android-device","text":"Open Jami, go to the login page. Select the option \"Connect to management server\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from an Android device"},{"location":"clients/#connect-from-an-ios-device","text":"Open Jami, go to the login page. Select the option \"Connect to account manager\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from an iOS device"}]}
\ No newline at end of file
+{"config":{"lang":["en"],"min_search_length":3,"prebuild_index":false,"separator":"[\\s\\-]+"},"docs":[{"location":"","text":"img{ height:400px; } Getting Started JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database. Obtaining JAMS The latest Beta build of JAMS can be downloaded at: https://git.jami.net/savoirfairelinux/jami-jams System Requirements Windows, Linux or Mac OS operating system Java 11 or higher 4 GB RAM 1 CPU JAMS Concepts JAMS was built with security in mind, therefore it is intimately related to the X509 certificate management workflows. The central concepts which are used in JAMS are the Certification Authority (CA) and the Certificate Signing Requests (CSR). In the JAMS paradigm, a device (Jami client) requests a certificate to the server then presents it to other devices to be recognized as a valid member of the organization. Therefore, JAMS must be provided with a certificate authority in order to work properly. In order to be completely secure, JAMS does not generate certificates for devices, but instead issues certificates based on a certificate signing request sent to it by the device, therefore removing the need to send a private key over the wire. The diagram below shows the entire process of how a device enrolls with JAMS: \u200b Getting Started Download the latest version of JAMS from: https://jami.net/services/ Unpack the .tar file to a directory of your choice. It is mandatory to run JAMS using a secure SSL connection. To request your SSL certificate files using OpenSSL and generate a pair of PEM and KEY, enter the following command: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Current limitation: JAMS does not support reading encrypted private keys which require a password unlock. Navigate to the directory where you have extracted the JAMS package and execute the following command: java -jar jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY Argument Details PORT The TCP port on which you want JAMS to listen for incoming connections SSL_CERTIFICATE The location of the PEM-formatted SSL Certificate file SSL_CERTIFICATE_KEY The location of the PEM-formatted key file which is used with the SSL Certificate file from above An example of the command would be: java -jar jams-launcher 443 server.pem server.key Please note that any port above 1024 can be safely used to run JAMS. Step 1: create your admininistrator account This account will have administrative control and the rights to manage your users and group of Jami users. Step 2: setup the Certification Authority The second step is to define your Certification Authority. Important: a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server. This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following articles to get familiar with the processes and practices which surround it: https://www.securew2.com/blog/public-key-infrastructure-explained/ https://cheapsslsecurity.com/blog/understanding-the-role-of-certificate-authorities-in-pki/ Step 3: setup the user database JAMS supports 3 different sources for the authentication of users: LDAP-compatible directory (such as OpenLDAP) Microsoft Active Directory Local embedded database Option 1: LDAP authentication If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Use StartTLS Your LDAP server can be configured to use either TLS/STARTTLS or PLAIN sockets, if STARTTLS is used you should mark this as true Server Address The address of your server with respect to the JAMS server, your LDAP does not need to be publicly accessible but should be accessible to JAMS. You should have either ldap:// or ldaps:// preceding the address. Port The port on which the LDAP server is listening for requests (usually 389 for PLAIN/STARTTLS and 636 for SSL/TLS) Administrator Username This is NOT the LDAP's administration account credentials, but the credentials of the account which has Read permissions to the LDAP database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=org Password The password used by the account above. BaseDN The base realm where the users accounts are located, in most cases it is ou=users,dc=company,dc=org Option 2: Microsoft Active Directory If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Port The port on which Active Directory is listening (generally it is either 389 or 636) Host The address of your server with respect to the JAMS server, your Active Directory does not need to be publicly accessible but should be accessible to JAMS. Administrator Username This is NOT the Active Directory's administration account credentials, but the credentials of the account which has Read permissions to the Active Directory database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=net Password The password used by the account above. Use SSL Whenever this server uses SSL for data transmission Domain Name This is the legacy-formatted Windows Domain Name (i.e. WINDOMAIN ) Option 3: local embedded database The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface. Advanced settings: by default, the option \"Use public nameserver\" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization. If you want your users to be searchable by external users and allow them to communicate with any Jami users, and not only the one from your organization, enable this option, Step 4: setup the server parameters Parameter Details CORS Domain Name The domain on which the JAMS client and administration UI will be running. Certificate Revocation List Lifetime The frequency at which the CRL is updated in memory Device Lifetime How long a device's certificate is valid before being considered stale and requiring re-enrollement User Account Lifetime How long a user account is valid before being considered stale and requiring re-enrollement Important The CORS Domain Name corresponds to the web address used to access the Web UI. By default, it is set to the same URL as the one where you deploy JAMS. Only set a different URL if the Web UI has a different URL to the one where JAMS is deployed. Click on \"Set Server Parameters\" to finalize the configuration. You will be redirected to the JAMS interface. If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on \"Create User\"","title":"Home"},{"location":"#getting-started","text":"JAMS is a server application used to enroll Jami clients into an Enterprise context. Currently, JAMS supports 3 sources for user authentication: LDAP, Active Directory and an embedded database.","title":"Getting Started"},{"location":"#obtaining-jams","text":"The latest Beta build of JAMS can be downloaded at: https://git.jami.net/savoirfairelinux/jami-jams","title":"Obtaining JAMS"},{"location":"#system-requirements","text":"Windows, Linux or Mac OS operating system Java 11 or higher 4 GB RAM 1 CPU","title":"System Requirements"},{"location":"#jams-concepts","text":"JAMS was built with security in mind, therefore it is intimately related to the X509 certificate management workflows. The central concepts which are used in JAMS are the Certification Authority (CA) and the Certificate Signing Requests (CSR). In the JAMS paradigm, a device (Jami client) requests a certificate to the server then presents it to other devices to be recognized as a valid member of the organization. Therefore, JAMS must be provided with a certificate authority in order to work properly. In order to be completely secure, JAMS does not generate certificates for devices, but instead issues certificates based on a certificate signing request sent to it by the device, therefore removing the need to send a private key over the wire. The diagram below shows the entire process of how a device enrolls with JAMS: \u200b","title":"JAMS Concepts"},{"location":"#getting-started_1","text":"Download the latest version of JAMS from: https://jami.net/services/ Unpack the .tar file to a directory of your choice. It is mandatory to run JAMS using a secure SSL connection. To request your SSL certificate files using OpenSSL and generate a pair of PEM and KEY, enter the following command: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Current limitation: JAMS does not support reading encrypted private keys which require a password unlock. Navigate to the directory where you have extracted the JAMS package and execute the following command: java -jar jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY Argument Details PORT The TCP port on which you want JAMS to listen for incoming connections SSL_CERTIFICATE The location of the PEM-formatted SSL Certificate file SSL_CERTIFICATE_KEY The location of the PEM-formatted key file which is used with the SSL Certificate file from above An example of the command would be: java -jar jams-launcher 443 server.pem server.key Please note that any port above 1024 can be safely used to run JAMS.","title":"Getting Started"},{"location":"#step-1-create-your-admininistrator-account","text":"This account will have administrative control and the rights to manage your users and group of Jami users.","title":"Step 1: create your admininistrator account"},{"location":"#step-2-setup-the-certification-authority","text":"The second step is to define your Certification Authority. Important: a CA is not a server-side ssl certificate, it is a certificate which has the power to issue other certificates. Do not use the import option unless your company's security officer has issued you a CA certificate. Most commercially available certificates (i.e. those issued by godaddy, letsencrypt, etc... ) are not CA certificates. If you are an end-user we highly recommend you use to create a self-signed CA option as providing an incorrect certificate type will lead to a non-functional server. This certificate will be used to sign the enrollement requests which come from Jami devices. If you are not familiar with the X509 standard, we highly recommend you read the following articles to get familiar with the processes and practices which surround it: https://www.securew2.com/blog/public-key-infrastructure-explained/ https://cheapsslsecurity.com/blog/understanding-the-role-of-certificate-authorities-in-pki/","title":"Step 2: setup the Certification Authority"},{"location":"#step-3-setup-the-user-database","text":"JAMS supports 3 different sources for the authentication of users: LDAP-compatible directory (such as OpenLDAP) Microsoft Active Directory Local embedded database","title":"Step 3: setup the user database"},{"location":"#option-1-ldap-authentication","text":"If your company provides you with LDAP directory for user management, you will need to know its access information and a automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Use StartTLS Your LDAP server can be configured to use either TLS/STARTTLS or PLAIN sockets, if STARTTLS is used you should mark this as true Server Address The address of your server with respect to the JAMS server, your LDAP does not need to be publicly accessible but should be accessible to JAMS. You should have either ldap:// or ldaps:// preceding the address. Port The port on which the LDAP server is listening for requests (usually 389 for PLAIN/STARTTLS and 636 for SSL/TLS) Administrator Username This is NOT the LDAP's administration account credentials, but the credentials of the account which has Read permissions to the LDAP database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=org Password The password used by the account above. BaseDN The base realm where the users accounts are located, in most cases it is ou=users,dc=company,dc=org","title":"Option 1: LDAP authentication"},{"location":"#option-2-microsoft-active-directory","text":"If your company provides you with Active Directory for user management, you will need to know its access information and an automated account which has read-only rights to do use look-ups. Your admin should provide you most of this information but we do provide a detailed overview over each field in case you need some extra help: Field Details Port The port on which Active Directory is listening (generally it is either 389 or 636) Host The address of your server with respect to the JAMS server, your Active Directory does not need to be publicly accessible but should be accessible to JAMS. Administrator Username This is NOT the Active Directory's administration account credentials, but the credentials of the account which has Read permissions to the Active Directory database in order to lookup users. The format is generally cn=bot,ou=robots,dc=domain,dc=net Password The password used by the account above. Use SSL Whenever this server uses SSL for data transmission Domain Name This is the legacy-formatted Windows Domain Name (i.e. WINDOMAIN )","title":"Option 2: Microsoft Active Directory"},{"location":"#option-3-local-embedded-database","text":"The local database does not require any additional configuration, everything in the process is automated. This option allows you to create Jami users on the fly directly from the JAMS interface. Advanced settings: by default, the option \"Use public nameserver\" is disabled. Usernames of your Jami users will not be stored on the public Jami nameserver and your users will only be able to communicate with users from your organization. If you want your users to be searchable by external users and allow them to communicate with any Jami users, and not only the one from your organization, enable this option,","title":"Option 3: local embedded database"},{"location":"#step-4-setup-the-server-parameters","text":"Parameter Details CORS Domain Name The domain on which the JAMS client and administration UI will be running. Certificate Revocation List Lifetime The frequency at which the CRL is updated in memory Device Lifetime How long a device's certificate is valid before being considered stale and requiring re-enrollement User Account Lifetime How long a user account is valid before being considered stale and requiring re-enrollement Important The CORS Domain Name corresponds to the web address used to access the Web UI. By default, it is set to the same URL as the one where you deploy JAMS. Only set a different URL if the Web UI has a different URL to the one where JAMS is deployed. Click on \"Set Server Parameters\" to finalize the configuration. You will be redirected to the JAMS interface. If you have configured JAMS with your LDAP or Active Directory, the list of users should of your organization shoud be visible in JAMS. If you have selected the local embedded database, you can now start creating new users by clicking on \"Create User\"","title":"Step 4: setup the server parameters"},{"location":"admin/","text":"img{ height:400px; } Admin Guide By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment. JAMS & Nginx It is generally not recommended to expose JAMS directly to the outside world and while it is required to run JAMS in SSL mode, we usually recommend users to place it behind Nginx or a similar web server which proxies requests between the outside world and Jams. The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution): The IP 10.10.0.1 is random, and should be seen as an example. Typically you would add a new site called jams-site.conf to your nginx configurations which would contain the following entries if you wanted to place an SSL certificate at the Nginx level: server { listen 443 ssl; listen [::]:443 ssl; ssl on; ssl_certificate /etc/certificates/mycertificate.pem ssl_certificate_key /etc/certificates/mycertificatekey.pem client_max_body_size 100M; server_name jams.mycompany.com; location / { proxy_pass http://10.10.0.1:8080/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; } } This is the preferred setup method by most admins, as local traffic is usually ran unencrypted since it is usually either inter-VM connection, a VLAN or another dedicated link. Troubleshooting and resetting If you ever need to restart from 0 (i.e. reset everything and drop existing data) you can do so by deleting the following files in the distribution folder ( /jams): The internal jams folder: /jams/jams derby.log oauth.key oauth.pub config.json This will reset the server to its original state and you will be able to run the configuration wizard again. Before performing this operation, please make sure to shutdown the server. Running JAMS as Windows Service Download and install JAMS Visit https://jami.net/services/ and downalod JAMS. Extract JAMS to c:\\jams Download and install JDK 11 Download JDK 11 from https://www.oracle.com/java/technologies/javase-jdk11-downloads.html (choose the conresponding architecture of your VM) Install it using the install wizard. Download openssl to generate a key and a certificate Download OpenSSL from https://kb.firedaemon.com/support/solutions/articles/4000121705 (or choose another source https://wiki.openssl.org/index.php/Binaries) Once downloaded extract it to c:\\openssl then create a folder bin inside c:\\openssl\\bin Create a new file inside bin named openssl.cnf (make sure that the file extension is .cnd and not .cnd.txt) and copy past the following default configuration http://www.flatmtn.com/article/setting-openssl-create-certificates.html # # OpenSSL configuration file. # # Establish working directory. dir = . [ ca ] default_ca = CA_default [ CA_default ] serial = $dir/serial database = $dir/certindex.txt new_certs_dir = $dir/certs certificate = $dir/cacert.pem private_key = $dir/private/cakey.pem default_days = 365 default_md = md5 preserve = no email_in_dn = no nameopt = default_ca certopt = default_ca policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ req ] default_bits = 1024 # Size of keys default_keyfile = key.pem # name of generated keys default_md = md5 # message digest algorithm string_mask = nombstr # permitted characters distinguished_name = req_distinguished_name req_extensions = v3_req [ req_distinguished_name ] # Variable name Prompt string #------------------------- ---------------------------------- 0.organizationName = Organization Name (company) organizationalUnitName = Organizational Unit Name (department, division) emailAddress = Email Address emailAddress_max = 40 localityName = Locality Name (city, district) stateOrProvinceName = State or Province Name (full name) countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 commonName = Common Name (hostname, IP, or your name) commonName_max = 64 # Default values for the above, for consistency and less typing. # Variable name Value ------------------------ ------------------------------ 0.organizationName_default = My Company localityName_default = My Town stateOrProvinceName_default = State or Providence countryName_default = US [ v3_ca ] basicConstraints = CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always [ v3_req ] basicConstraints = CA:FALSE subjectKeyIdentifier = hash Add OpenSSL to Sytem Environment variables Go to Edit the system environment variables -> Environment Variables, then in System variables edit Path and add c:\\openssl\\ Configure OpenSSL Execute the following command to set the path to OpenSSL configuration. set OPENSSL_CONF=c:\\openssl\\bin\\openssl.cnf Open the command prompt and cd c:\\jams ans generate the Key and Certificate: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Follow the wizard. Once the key and certificate are generated execute the dir command you should see an output like this: c:\\jams>dir Volume in drive C has no label. Volume Serial Number is BC94-9EF2 Directory of c:\\jams 2020-11-10 12:38 PM . 2020-11-10 12:38 PM .. 2020-10-22 10:56 AM 5,186,016 jams-launcher.jar 2020-10-22 10:56 AM 33,413,882 jams-server.jar 2020-11-10 11:53 AM libs 2020-11-10 12:34 PM 1,732 server.key 2020-11-10 12:38 PM 1,336 server.pem 2020-10-22 04:05 PM 2,047,932 userguide.pdf 5 File(s) 40,650,898 bytes 3 Dir(s) 93,365,936,128 bytes free Now execute the following command tot start JAMS java -jar jams-launcher.jar PORT_NUMBER (eg. 8443 or 443) server.pem server.key Open a navigator on the server and visite https://localhost:443 or https://localhost:8443 to validate that it's working. Click CTRL + C to close the application Expose your localhost to the internet Click on Windows ans search for Windows Defender Firewall with Advanced Security. Right click on Inbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Inbound and click Finish Now right click on Outbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Outbound and click Finish. You are all set. You can now visit you application trought the server domain name or ip address on port 443 or 8443. Create a JAMS Windows Service (Embed Tomcat Server Windows Service) to start JAMS with the server In order to create a JAMS Windows Service you can use the tool NSSM provided on http://nssm.cc/download https://github.com/kirillkovalenko/nssm Once downloaded open a command prompt and change directory to nssm-2.24\\win64 then execute: nssm.exe install JAMS A GUI interface will open. In the Path field specify the path to the Java executable example: \"C:\\Program Files\\Common Files\\Oracle\\Java\\javapath\\java.exe\". In the Startup directory put the \"C:\\jams\" installation folder path. In the last field Arguments add the following arguments: -classpath \"c:\\jams\" -jar jams-launcher.jar PORT_NUMBER server.pem server.key where PORT_NUMBER is the port number you want to use to serve the application example 443 or 8443 Now your JAMS application will start with the server. Source: https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4 Running JAMS as a Linux Service Running JAMS as a Linux Service is fairly straightforward with systemd - you simply created a service unit file with the following structure: [Unit] Description=JAMS Server [Service] Type=simple WorkingDirectory=[DIRECTORY WHERE JAMS WAS UNZIPPED] ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY [Install] WantedBy=multi-user.target The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)","title":"Admin"},{"location":"admin/#admin-guide","text":"By default JAMS runs an embedded tomcat server visible on port 8080, however this is not practical for many reasons. This guide is designed to help you setup Jams to run in a production environment.","title":"Admin Guide"},{"location":"admin/#jams-nginx","text":"It is generally not recommended to expose JAMS directly to the outside world and while it is required to run JAMS in SSL mode, we usually recommend users to place it behind Nginx or a similar web server which proxies requests between the outside world and Jams. The following is an example map of how you could configure JAMS behind Nginx (the process would be similar if you wanted to use any other type of proxying solution): The IP 10.10.0.1 is random, and should be seen as an example. Typically you would add a new site called jams-site.conf to your nginx configurations which would contain the following entries if you wanted to place an SSL certificate at the Nginx level: server { listen 443 ssl; listen [::]:443 ssl; ssl on; ssl_certificate /etc/certificates/mycertificate.pem ssl_certificate_key /etc/certificates/mycertificatekey.pem client_max_body_size 100M; server_name jams.mycompany.com; location / { proxy_pass http://10.10.0.1:8080/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; } } This is the preferred setup method by most admins, as local traffic is usually ran unencrypted since it is usually either inter-VM connection, a VLAN or another dedicated link.","title":"JAMS & Nginx"},{"location":"admin/#troubleshooting-and-resetting","text":"If you ever need to restart from 0 (i.e. reset everything and drop existing data) you can do so by deleting the following files in the distribution folder ( /jams): The internal jams folder: /jams/jams derby.log oauth.key oauth.pub config.json This will reset the server to its original state and you will be able to run the configuration wizard again. Before performing this operation, please make sure to shutdown the server.","title":"Troubleshooting and resetting"},{"location":"admin/#running-jams-as-windows-service","text":"","title":"Running JAMS as Windows Service"},{"location":"admin/#download-and-install-jams","text":"Visit https://jami.net/services/ and downalod JAMS. Extract JAMS to c:\\jams","title":"Download and install JAMS"},{"location":"admin/#download-and-install-jdk-11","text":"Download JDK 11 from https://www.oracle.com/java/technologies/javase-jdk11-downloads.html (choose the conresponding architecture of your VM) Install it using the install wizard.","title":"Download and install JDK 11"},{"location":"admin/#download-openssl-to-generate-a-key-and-a-certificate","text":"Download OpenSSL from https://kb.firedaemon.com/support/solutions/articles/4000121705 (or choose another source https://wiki.openssl.org/index.php/Binaries) Once downloaded extract it to c:\\openssl then create a folder bin inside c:\\openssl\\bin Create a new file inside bin named openssl.cnf (make sure that the file extension is .cnd and not .cnd.txt) and copy past the following default configuration http://www.flatmtn.com/article/setting-openssl-create-certificates.html # # OpenSSL configuration file. # # Establish working directory. dir = . [ ca ] default_ca = CA_default [ CA_default ] serial = $dir/serial database = $dir/certindex.txt new_certs_dir = $dir/certs certificate = $dir/cacert.pem private_key = $dir/private/cakey.pem default_days = 365 default_md = md5 preserve = no email_in_dn = no nameopt = default_ca certopt = default_ca policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ req ] default_bits = 1024 # Size of keys default_keyfile = key.pem # name of generated keys default_md = md5 # message digest algorithm string_mask = nombstr # permitted characters distinguished_name = req_distinguished_name req_extensions = v3_req [ req_distinguished_name ] # Variable name Prompt string #------------------------- ---------------------------------- 0.organizationName = Organization Name (company) organizationalUnitName = Organizational Unit Name (department, division) emailAddress = Email Address emailAddress_max = 40 localityName = Locality Name (city, district) stateOrProvinceName = State or Province Name (full name) countryName = Country Name (2 letter code) countryName_min = 2 countryName_max = 2 commonName = Common Name (hostname, IP, or your name) commonName_max = 64 # Default values for the above, for consistency and less typing. # Variable name Value ------------------------ ------------------------------ 0.organizationName_default = My Company localityName_default = My Town stateOrProvinceName_default = State or Providence countryName_default = US [ v3_ca ] basicConstraints = CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always [ v3_req ] basicConstraints = CA:FALSE subjectKeyIdentifier = hash","title":"Download openssl to generate a key and a certificate"},{"location":"admin/#add-openssl-to-sytem-environment-variables","text":"Go to Edit the system environment variables -> Environment Variables, then in System variables edit Path and add c:\\openssl\\","title":"Add OpenSSL to Sytem Environment variables"},{"location":"admin/#configure-openssl","text":"Execute the following command to set the path to OpenSSL configuration. set OPENSSL_CONF=c:\\openssl\\bin\\openssl.cnf Open the command prompt and cd c:\\jams ans generate the Key and Certificate: openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout server.key -out server.pem Follow the wizard. Once the key and certificate are generated execute the dir command you should see an output like this: c:\\jams>dir Volume in drive C has no label. Volume Serial Number is BC94-9EF2 Directory of c:\\jams 2020-11-10 12:38 PM . 2020-11-10 12:38 PM .. 2020-10-22 10:56 AM 5,186,016 jams-launcher.jar 2020-10-22 10:56 AM 33,413,882 jams-server.jar 2020-11-10 11:53 AM libs 2020-11-10 12:34 PM 1,732 server.key 2020-11-10 12:38 PM 1,336 server.pem 2020-10-22 04:05 PM 2,047,932 userguide.pdf 5 File(s) 40,650,898 bytes 3 Dir(s) 93,365,936,128 bytes free Now execute the following command tot start JAMS java -jar jams-launcher.jar PORT_NUMBER (eg. 8443 or 443) server.pem server.key Open a navigator on the server and visite https://localhost:443 or https://localhost:8443 to validate that it's working. Click CTRL + C to close the application","title":"Configure OpenSSL"},{"location":"admin/#expose-your-localhost-to-the-internet","text":"Click on Windows ans search for Windows Defender Firewall with Advanced Security. Right click on Inbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Inbound and click Finish Now right click on Outbound Rules and click on New Rule... Select Port click next and specify the port you want to use example 443 or 8443. Click next and select Allow the connection and click next. Leave all of Domain Private and Public select and click next. Name you Rule JAMS Outbound and click Finish. You are all set. You can now visit you application trought the server domain name or ip address on port 443 or 8443.","title":"Expose your localhost to the internet"},{"location":"admin/#create-a-jams-windows-service-embed-tomcat-server-windows-service-to-start-jams-with-the-server","text":"In order to create a JAMS Windows Service you can use the tool NSSM provided on http://nssm.cc/download https://github.com/kirillkovalenko/nssm Once downloaded open a command prompt and change directory to nssm-2.24\\win64 then execute: nssm.exe install JAMS A GUI interface will open. In the Path field specify the path to the Java executable example: \"C:\\Program Files\\Common Files\\Oracle\\Java\\javapath\\java.exe\". In the Startup directory put the \"C:\\jams\" installation folder path. In the last field Arguments add the following arguments: -classpath \"c:\\jams\" -jar jams-launcher.jar PORT_NUMBER server.pem server.key where PORT_NUMBER is the port number you want to use to serve the application example 443 or 8443 Now your JAMS application will start with the server. Source: https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4","title":"Create a JAMS Windows Service (Embed Tomcat Server Windows Service) to start JAMS with the server"},{"location":"admin/#running-jams-as-a-linux-service","text":"Running JAMS as a Linux Service is fairly straightforward with systemd - you simply created a service unit file with the following structure: [Unit] Description=JAMS Server [Service] Type=simple WorkingDirectory=[DIRECTORY WHERE JAMS WAS UNZIPPED] ExecStart=/usr/bin/java -jar [DIRECTORY WHERE JAMS WAS UNZIPPED]/jams-launcher.jar PORT SSL_CERTIFICATE SSL_CERTIFICATE_KEY [Install] WantedBy=multi-user.target The parameters PORT, SSL_CERTIFICATE and SSL_CERTIFICATE_KEY are optional (however, PORT can be used alone whereas the SSL_CERTIFICATE comes in pair with SSL_CERTIFICATE_KEY)","title":"Running JAMS as a Linux Service"},{"location":"clients/","text":"img{ height:400px; } Client Guide Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients. For the purposes of this tutorial, we assume that The server and the device trying to connect are either On the same network The server is publicly accessible to the outside world You have a valid username/password pair to connect to the server Connect from a Linux device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from a Windows device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from a MacOS device Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to account manager\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from an Android device Open Jami, go to the login page. Select the option \"Connect to management server\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password. Connect from an iOS device Open Jami, go to the login page. Select the option \"Connect to account manager\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Clients"},{"location":"clients/#client-guide","text":"Depending on your operating system, we have included the tutorial on how to connect to the management server from the Windows, MacOS, Android and iOS clients. For the purposes of this tutorial, we assume that The server and the device trying to connect are either On the same network The server is publicly accessible to the outside world You have a valid username/password pair to connect to the server","title":"Client Guide"},{"location":"clients/#connect-from-a-linux-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a Linux device"},{"location":"clients/#connect-from-a-windows-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to a JAMS server\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a Windows device"},{"location":"clients/#connect-from-a-macos-device","text":"Open Jami, go to the login page. Click on \"Advanced\": Select the option \"Connect to account manager\" which will lead you to the following screen: The Jami Account Management Server URL in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from a MacOS device"},{"location":"clients/#connect-from-an-android-device","text":"Open Jami, go to the login page. Select the option \"Connect to management server\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from an Android device"},{"location":"clients/#connect-from-an-ios-device","text":"Open Jami, go to the login page. Select the option \"Connect to account manager\" which will lead you to the following screen: The server in this case would be the DNS address of your server and the username and password which correspond to your account. If you have configured the server with an LDAP/AD backend, it would be your LDAP/AD username and password.","title":"Connect from an iOS device"}]}
\ No newline at end of file
diff --git a/userguide/site/sitemap.xml b/userguide/site/sitemap.xml
index 76f44601..10b82c6e 100644
--- a/userguide/site/sitemap.xml
+++ b/userguide/site/sitemap.xml
@@ -1,15 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><url>
<loc>None</loc>
- <lastmod>2020-11-22</lastmod>
+ <lastmod>2020-12-11</lastmod>
<changefreq>daily</changefreq>
</url><url>
<loc>None</loc>
- <lastmod>2020-11-22</lastmod>
+ <lastmod>2020-12-11</lastmod>
<changefreq>daily</changefreq>
</url><url>
<loc>None</loc>
- <lastmod>2020-11-22</lastmod>
+ <lastmod>2020-12-11</lastmod>
<changefreq>daily</changefreq>
</url>
</urlset>
\ No newline at end of file
diff --git a/userguide/site/sitemap.xml.gz b/userguide/site/sitemap.xml.gz
index 4f03892e270c174ea05b276552e2d9d2f9f3173c..dc1542c15234bf092b820dbc68eff5f42fef7e90 100644
GIT binary patch
delta 108
zcmV-y0F(d00l@(WABzYGI<M1_2OR-)ktHWfa@J5{ybgo)V@EINW4)ujti(M!G>K%f
z$Bs@ZEeC*gT^ZVBX0;#-aRk&;UJy124ck*$ys{#tgbP}pf;R%n^o0u390u7oZBz4+
Omm&!8-xpA^0RR9KO)Cii
delta 108
zcmV-y0F(d00l@(WABzYGTf(`K2OR-rktHWfwydGVcpV1o$Btgk$9hM5S&4geXcEa{
zj~$&-S`Gl~x-zuM%xXav;s~gxydZ248n&mhcx6RO2^X|H1#bkD=?fL6ISi6Fys6uf
Omm&zU6F1SZ0RRAFW-FNh
--
GitLab