From 10ef2b3dc4c58ecb4784a31e7002ec65fcb31abc Mon Sep 17 00:00:00 2001 From: David van der Spek <28541758+DavidSpek@users.noreply.github.com> Date: Thu, 31 Aug 2023 16:35:42 +0200 Subject: [PATCH] feat(n8n): add n8n helm chart (#17) * add n8n helm chart Signed-off-by: David van der Spek * add bitnami charts to ci Signed-off-by: David van der Spek * fix lint Signed-off-by: David van der Spek --------- Signed-off-by: David van der Spek --- .github/configs/ct-install.yaml | 3 +- .github/configs/ct-lint.yaml | 3 +- charts/n8n/CHANGELOG.md | 5 + charts/n8n/Chart.lock | 6 + charts/n8n/Chart.yaml | 41 +++ charts/n8n/LICENSE | 201 +++++++++++ charts/n8n/README.md | 323 +++++++++++++++++ charts/n8n/charts/redis-17.2.0.tgz | Bin 0 -> 90128 bytes charts/n8n/helmfile.yaml | 30 ++ charts/n8n/templates/NOTES.txt | 22 ++ charts/n8n/templates/_helpers.tpl | 141 ++++++++ charts/n8n/templates/configmap.yaml | 12 + charts/n8n/templates/deployment.webhooks.yaml | 99 ++++++ charts/n8n/templates/deployment.worker.yaml | 99 ++++++ charts/n8n/templates/deployment.yaml | 109 ++++++ charts/n8n/templates/hpa.yaml | 51 +++ charts/n8n/templates/ingress.yaml | 66 ++++ charts/n8n/templates/pvc.yaml | 29 ++ charts/n8n/templates/secret.yaml | 14 + charts/n8n/templates/service.webhooks.yaml | 22 ++ charts/n8n/templates/service.yaml | 20 ++ charts/n8n/templates/serviceaccount.yaml | 12 + .../n8n/templates/tests/test-connection.yaml | 15 + charts/n8n/values.yaml | 326 ++++++++++++++++++ 24 files changed, 1647 insertions(+), 2 deletions(-) create mode 100644 charts/n8n/CHANGELOG.md create mode 100644 charts/n8n/Chart.lock create mode 100644 charts/n8n/Chart.yaml create mode 100644 charts/n8n/LICENSE create mode 100644 charts/n8n/README.md create mode 100644 charts/n8n/charts/redis-17.2.0.tgz create mode 100644 charts/n8n/helmfile.yaml create mode 100644 charts/n8n/templates/NOTES.txt create mode 100644 charts/n8n/templates/_helpers.tpl create mode 100644 charts/n8n/templates/configmap.yaml create mode 100644 charts/n8n/templates/deployment.webhooks.yaml create mode 100644 charts/n8n/templates/deployment.worker.yaml create mode 100644 charts/n8n/templates/deployment.yaml create mode 100644 charts/n8n/templates/hpa.yaml create mode 100644 charts/n8n/templates/ingress.yaml create mode 100644 charts/n8n/templates/pvc.yaml create mode 100644 charts/n8n/templates/secret.yaml create mode 100644 charts/n8n/templates/service.webhooks.yaml create mode 100644 charts/n8n/templates/service.yaml create mode 100644 charts/n8n/templates/serviceaccount.yaml create mode 100644 charts/n8n/templates/tests/test-connection.yaml create mode 100644 charts/n8n/values.yaml diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index ed27887..f4d7946 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -6,7 +6,8 @@ chart-dirs: - charts chart-repos: - plural=https://pluralsh.github.io/plural-helm-charts -helm-extra-args: "--timeout 600s" + - bitnami=https://charts.bitnami.com/bitnami +helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 3f9d6d7..162a3d7 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -6,7 +6,8 @@ chart-dirs: - charts chart-repos: - plural=https://pluralsh.github.io/plural-helm-charts -helm-extra-args: "--timeout 600s" + - bitnami=https://charts.bitnami.com/bitnami +helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true diff --git a/charts/n8n/CHANGELOG.md b/charts/n8n/CHANGELOG.md new file mode 100644 index 0000000..0498d16 --- /dev/null +++ b/charts/n8n/CHANGELOG.md @@ -0,0 +1,5 @@ +# Changelog + +This file documents all notable changes to the [n8n-helm-chart](https://github.com/8gears/n8n-helm-chart/). The release numbering uses [semantic versioning](http://semver.org). + +The actual changelog is located in (./Chart.yaml)[Chart.yaml]. diff --git a/charts/n8n/Chart.lock b/charts/n8n/Chart.lock new file mode 100644 index 0000000..09104cb --- /dev/null +++ b/charts/n8n/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: redis + repository: https://charts.bitnami.com/bitnami + version: 17.2.0 +digest: sha256:989a8e3f05d54b04db15e782bd24ca5a5872a36f5dc02b7882b25491a5a5ddde +generated: "2022-09-30T08:49:11.0457529+02:00" diff --git a/charts/n8n/Chart.yaml b/charts/n8n/Chart.yaml new file mode 100644 index 0000000..bc7600e --- /dev/null +++ b/charts/n8n/Chart.yaml @@ -0,0 +1,41 @@ +apiVersion: v2 +name: n8n +version: 0.12.0 +appVersion: 1.5.1 +type: application + +description: "A Kubernetes Helm chart for n8n a free and open fair-code licensed node based Workflow Automation Tool. Easily automate tasks across different services." +home: https://github.com/8gears/n8n-helm-chart +icon: https://avatars1.githubusercontent.com/u/45487711?s=200&v=4 +keywords: + - Workflow Automation + - Workflow + - iPaaS + - integration-framework + - low-code-plattform + - low-code +sources: + - https://github.com/n8n-io/n8n + - https://n8n.io/ +maintainers: + - name: Vadim Bauer + +dependencies: + - name: redis + version: 17.2.0 + repository: https://charts.bitnami.com/bitnami + condition: redis.enabled + +annotations: + artifacthub.io/changes: | + - kind: changed + description: "Updated App Version to 1.5.1" + - kind: added + description: "Added support for specifying initContainers and probes" + - kind: changed + description: "Updated App Version to 0.236.3" + - kind: added + description: "Support Kubernetes 1.25" + links: + - name: GitHub PR + url: https://github.com/8gears/n8n-helm-chart/pull/46 diff --git a/charts/n8n/LICENSE b/charts/n8n/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/charts/n8n/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/charts/n8n/README.md b/charts/n8n/README.md new file mode 100644 index 0000000..dfaf9c1 --- /dev/null +++ b/charts/n8n/README.md @@ -0,0 +1,323 @@ +# n8n Helm Chart for Kubernetes + +[n8n](https://github.com/n8n-io/n8n) is an extendable workflow automation tool. + +[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/open-8gears)](https://artifacthub.io/packages/search?repo=open-8gears) + +The Helm chart source code location is [github.com/8gears/n8n-helm-chart](https://github.com/8gears/n8n-helm-chart) + + +## Requirements + +Before you start make sure you have the following dependencies ready and working: + +- Helm > 3 +- Postgres DB | MySQL | Embedded SQLite +- Helmfile (Optional) + +## Configuration + +The `values.yaml` file is divided into a n8n specific configuration section, and a Kubernetes deployment specific section. +The shown values represent Helm defaults not application defaults. The comments behind the values provide a description and display the application default. +Every possible n8n config can be set that are also described in the: [n8n configuration options](https://github.com/n8n-io/n8n/blob/master/packages/cli/src/config/schema.ts). + +These n8n config options should be attached to Secret or Config. +You decide what should be a secret and what should be a config the options are the same. + +# N8N Specific Config Section +This is only an excerpt. All options are supported, see https://github.com/n8n-io/n8n/blob/master/packages/cli/src/config/schema.ts + +```yaml +database: + type: # Type of database to use - Other possible types ['sqlite', 'mariadb', 'mysqldb', 'postgresdb'] - default: sqlite + tablePrefix: # Prefix for table names - default: '' + postgresdb: + database: # PostgresDB Database - default: n8n + host: # PostgresDB Host - default: localhost + password: # PostgresDB Password - default: '' + port: # PostgresDB Port - default: 5432 + user: # PostgresDB User - default: root + schema: # PostgresDB Schema - default: public + ssl: + ca: # SSL certificate authority - default: '' + cert: # SSL certificate - default: '' + key: # SSL key - default: '' + rejectUnauthorized: # If unauthorized SSL connections should be rejected - default: true + mysqldb: + database: # MySQL Database - default: n8n + host: # MySQL Host - default: localhost + password: # MySQL Password - default: '' + port: # MySQL Port - default: 3306 + user: # MySQL User - default: root +credentials: + overwrite: + data: # Overwrites for credentials - default: "{}" + endpoint: # Fetch credentials from API - default: '' + +executions: + process: # In what process workflows should be executed - possible values [main, own] - default: own + timeout: # Max run time (seconds) before stopping the workflow execution - default: -1 + maxTimeout: # Max execution time (seconds) that can be set for a workflow individually - default: 3600 + saveDataOnError: # What workflow execution data to save on error - possible values [all , none] - default: all + saveDataOnSuccess: # What workflow execution data to save on success - possible values [all , none] - default: all + saveDataManualExecutions: # Save data of executions when started manually via editor - default: false + pruneData: # Delete data of past executions on a rolling basis - default: false + pruneDataMaxAge: # How old (hours) the execution data has to be to get deleted - default: 336 + pruneDataTimeout: # Timeout (seconds) after execution data has been pruned - default: 3600 +generic: + timezone: # The timezone to use - default: America/New_York +path: # Path n8n is deployed to - default: "/" +host: # Host name n8n can be reached - default: localhost +port: # HTTP port n8n can be reached - default: 5678 +listen_address: # IP address n8n should listen on - default: 0.0.0.0 +protocol: # HTTP Protocol via which n8n can be reached - possible values [http , https] - default: http +ssl_key: # SSL Key for HTTPS Protocol - default: '' +ssl_cert: # SSL Cert for HTTPS Protocol - default: '' +security: + excludeEndpoints: # Additional endpoints to exclude auth checks. Multiple endpoints can be separated by colon - default: '' + basicAuth: + active: # If basic auth should be activated for editor and REST-API - default: false + user: # The name of the basic auth user - default: '' + password: # The password of the basic auth user - default: '' + hash: # If password for basic auth is hashed - default: false + jwtAuth: + active: # If JWT auth should be activated for editor and REST-API - default: false + jwtHeader: # The request header containing a signed JWT - default: '' + jwtHeaderValuePrefix: # The request header value prefix to strip (optional) default: '' + jwksUri: # The URI to fetch JWK Set for JWT authentication - default: '' + jwtIssuer: # JWT issuer to expect (optional) - default: '' + jwtNamespace: # JWT namespace to expect (optional) - default: '' + jwtAllowedTenantKey: # JWT tenant key name to inspect within JWT namespace (optional) - default: '' + jwtAllowedTenant: # JWT tenant to allow (optional) - default: '' +endpoints: + rest: # Path for rest endpoint default: rest + webhook: # Path for webhook endpoint default: webhook + webhookTest: # Path for test-webhook endpoint default: webhook-test +externalHookFiles: # Files containing external hooks. Multiple files can be separated by colon - default: '' +nodes: + exclude: # Nodes not to load - default: "[]" + errorTriggerType: # Node Type to use as Error Trigger - default: n8n-nodes-base.errorTrigger +# the list goes on... +``` + + +### Values +The values file consits of n8n specific sections `config` and `secret` where you paste the n8n config like shown above + +```yaml +# The n8n related part of the config +config: # Dict with all n8n config options +# database: +# type: postgresdb +# postgresdb: +# database: n8n +# host: localhost +# +# existingSecret and secret are exclusive, with existingSecret taking priority. +# existingSecret: "" # Use an existing Kubernetes secret, e.g created by hand or Vault operator. +secret: # Dict with all n8n config options, unlike config the values here will end up in a secret. +# database: +# postgresdb: +# password: here_db_root_password + +## +## +## Common Kubernetes Config Settings +persistence: + ## If true, use a Persistent Volume Claim, If false, use emptyDir + ## + enabled: false + type: emptyDir # what type volume, possible options are [existing, emptyDir, dynamic] dynamic for Dynamic Volume Provisioning, existing for using an existing Claim + ## Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + ## PVC annotations + # + # If you need this annotation include it under values.yml file and pvc.yml template will add it. + # This is not maintained at Helm v3 anymore. + # https://github.com/8gears/n8n-helm-chart/issues/8 + # + # annotations: + # helm.sh/resource-policy: keep + ## Persistent Volume Access Mode + ## + accessModes: + - ReadWriteOnce + ## Persistent Volume size + ## + size: 1Gi + ## Use an existing PVC + ## + # existingClaim: + +# Set additional environment variables on the Deployment +extraEnv: {} +# Set this if running behind a reverse proxy and the external port is different from the port n8n runs on +# WEBHOOK_TUNNEL_URL: "https://n8n.myhost.com/ + +replicaCount: 1 + +image: + repository: n8nio/n8n + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [ ] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: { } + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: { } + +podSecurityContext: { } +# fsGroup: 2000 + +securityContext: { } + # capabilities: + # drop: + # - ALL +# readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + annotations: {} + +ingress: + enabled: false + annotations: { } + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [ ] + tls: [ ] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: { } + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi +# requests: +# cpu: 100m +# memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: { } + +tolerations: [ ] + +affinity: { } + +scaling: + enabled: false + + worker: + count: 2 + concurrency: 2 + + webhook: + enabled: false + count: 1 + + redis: + host: + password: + +redis: + enabled: false + # Other default redis values: https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml +``` + +# Typical Values Example +A typical example of a config in combination with a secret. + + +```yaml +# values.yaml + +config: + database: + type: postgresdb + postgresdb: + host: 192.168.0.52 +secret: + database: + postgresdb: + password: 'big secret' + +``` +## Setup + +```shell +helm install -f values.yaml -n n8n deploymentname n8n +``` + +## Scaling + +n8n provides a **queue-mode**, where the workload is shared between multiple instances of same n8n installation. +This provide a shared load over multiple instances and a limited high availability, because the controller instance remain as Single-Point-Of-Failure. + +With the help of an internal/external redis server and by using the excelent BullMQ, the tasks can be shared over different instances, which also can run on different hosts. + +[See docs about this Queue-Mode](https://docs.n8n.io/hosting/scaling/queue-mode/) + +To enable this mode within this helm chart, you simple should set scaling.enable to true. This chart is configured to spawn by default 2 worker instances. + +```yaml +scaling: + enabled: true +``` + +You can define to spawn more worker, by set scaling.worker.count to a higher number. Also it is possible to define your own external redis server. + +```yaml +scaling: + enabled: true + redis: + host: "redis-hostname" + password: "redis-password-if-set" +``` + +If you want to use the internal redis server, set **redis.enable** to "**true**". By default no redis server is spawned. + +At last scaling option is it possible to create dedicated webhook instances, which only process the webhooks. If you set **scaling.webhook.enabled** to "true", then webhook processing on main instance is disabled and by default a single webhook instance is started. + +## Chart Deployment + + +```shell script + +helm repo add --username='robot$helmcli' --password="$PASSWD" open-8gears https://8gears.container-registry.com/chartrepo/library +helm push --username='robot$helmcli' --password="$PASSWD" . open-8gears + +``` + diff --git a/charts/n8n/charts/redis-17.2.0.tgz b/charts/n8n/charts/redis-17.2.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..20075b9e0e428b3ae645b69e38977fb1c60eb298 GIT binary patch literal 90128 zcmV)tK$pKCiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvHcN@8}D2nHAeF|*a*_QHCQFP~8<*R;Z{!D)gfPf3N$7A3fDke?CD~#Kjv#|qkfJS^;$KllF-eBt=3on^Y4PXF z{-FPSD?%wsB9w#}(cxAA5;#Xg5R&!3SMmmf)7F(<`9d{qRbfUAB(Zev$#W#wgQ0W5XVCh zqA0`R|BVpkaOW^%IO$KaEubJ6)$AyfM=`v?8O)|Z}< z_xm&Te@w#byTH++{|8T>KCS5g7f&Db|9$*6t-K8lJ?KB(itrRsHUxAA51zjmzKov1 zKmP##Jb_o?(<}7i06zWU&p(9W^QVJo@aLC*zIp)%@L6>5=kSM@C_0Gt4}SRJV1IJ3 zAO7&?EBI`%HAM-^AVbj*^bQ6G2f^Ua!Tz(${inm{PlwN6^aoF${%|nZ|KZvH+xrij z$SeNj{1jI7X17U62rl0GmMu*bGx}i{luO8hcTqQds`gS{}n(K_`U_j%b-kstZ8eaw43XOfQrvT9aCY7 zCIDs`^guM})zB`?vI)t+n5$*VIJbT!aXv@ebf*eRD1&|qDdo1H1||&a|IX0#e?akR zTMsM+A7IXAMWYWK?3RSbjd+V!L(uDO0r2P%IPOpT@?S1PhO(HO|MP`z_zPOd&u4Is zLsuaM5fv1fM=v0FKICC@}xs6|~XD zfiLG#JA7G>L#(uLDUNf#6FVY&FJTIR`T!#NMRU}uKh(9ju?=GbEc(bYcqDoVMtr6N zGLeP4yPQnP0&t7jOsK>R3FXW27y!gf;INMqp%x^jq1Q}^TA3pa)s0?aK-CT*@mlFj+_r1|F^E7L^DFkj-KEO%@9mr zOi>d-8rY%wFC(R>b7IPEpr`K&n}Q+LL;z@vP}+nOW>X4A{C`%###?JtIGNxCvxTjX z47GbwU3EoWweL2o3Z=-uWoS~G?0j1si4{he>y8^?kHIP3Gh|T!=@)B}3*NW9=_Y!+ z;A^D6Rhlt4t=8v-+ju_DnGiBgBY+u)!$*o63(-ymlH6}pfvIve9Jg?xcO($@`~AMM zVYCT@Y02zefG2<=w(Buy7@SrpNb@)zlNg5{7VvK%6(7Crv`ye|C>0Z}_8DE}Q#}_| zcSRAOj9gSi*-)&5dL356fQhrmvt1*?7pL5OL4>X_OoILWARBA}pm%n9MZZW~O_E|xaFlEip81g zJ}P63t7z8>QD%)E%6U#1S8sEepwKsa zyeG1AL7L$k$WWlid{4qh{i#yz=_)o?S~0hbRi+d=Ra=y3^PcjX^YcU04Udfalq>RP_)98B8KF2m6B{ zoWTr++S4y|q2Ndw_u%~KM_{zx6=;kC0OJh7Xra{v zU-KxuLG~U~kF)H+9HzDNr(lkpLJN{-Aj~NvbBDDPl9>}MArYc-&*Y%0x&@48@(8YJ zrP|t(b!l)!RlNQ1x z1nrdjnLJ@buz{ z;vuhqqj#1enWr&gC|;Di(5nT=5ML;hDL^osiRB;xXr8i#Qu;oF%nJkljBa z36~8Mr^3^!v=)nW39$~T@S6M-!>J{Au!0`MI6+_{Dtc##YhIUtwRIhUUJ%UT$2ppl zY!S$PAh;nhWH?3vV{y-{$*soV3WnD)nFbX98-e}7!L#{QuUroc3{9OoPHujMnbke% zR`M-yrc10*2{;{9NQ{kyJV^ZM?OR<0r1?Aqy(^g6ozSg2bmQ<8oT-(-vkWM)6ti0Q zk@u};%#02>q#T~sX)CjqGVdw`sq&3cQ)8)>%3RLHG07N}PJGT2H9=F7iEXq9i199H z7G4{gR8i7@4qiNc`Dd+T)&5g^C{yWAb^2BAP@aGo-=KsWeS9);D*%hXq?>RPd*8BL zqY4T%fkdrI!Nb|5If4}l2AKJXcg)funQd-RbG&y=Ua z>ykq1fL=~Y?ZzFzx60|#5Iacf(l9&9>e6sKN~;I1I8881?@V6zHzBWbk8)wI>4$RL zVy*KcrlkyckOz8lA4HO(<5ghd;J6m;8%t#?ytW=+2C)UM8S}Y45fy4@dM<<823R7m z&hHG#xLx7LKvad?#CVQbMDVopM|DH4jk%aruEVw|rfOs}@z3CnNff3QqZktqBn* z8dr9;9S5-hU=E{A`87@=@QxyYFq@$a92GGhfMno;L53!I%!%JtigTyi7>6VYQOfAv zEy=E90wYnxG7`rq6IVI}WQy3H?jEOQXyWwlnZg;0@)%{pUonaq$`Z&BD9UTx5`6A0 zBb_js;{@}jfeLmq1a_Xs45u*)3aqr~g+*YUwG??mawN9>Wr7AT@{>3Ffpkb?Q>5zqyfl6a|4U;?g+_=t0pU@m)a zlOq%(rmIW)X_2C#T~!LYSyE><2$w6LG%=)9NKc)HuGB1DvCfCO@tqOMMlpsI(Hbm( zR{>Dgks!K^4Mo`v4iOC!#P~SjWV#2VC_o9zFron?LYpEM1{?tmZZVsQe+CLyA*cq8 zwa#o3sqn~S;USCVAM4JrqBqP<@Yk&23#R_i%=p0_Q*tqB${!1>np2)ZsgxfDig`N7ebDj@o^p zE@Z-Fkjo5a(T61mU8!_F+~@|26V*LPDV`>RCw#lV_XsC^t>AxadIFe40ZbS!N=%us z`dX()gzzxzV~h#+`{Pcf(?h_iRACq-Lcr;sV!>U|&i}VUBrkL*)C-$Egw=|2xfh*q zs22;|=0?$3H-(6GqwpFnB!NN)>nNEyWZ|q6c_#AfBDSR)ZrLFdy((FS0)0nA{9Ca~ z{|P_<&;bhIzxS&}2WA&Ek82K>^&skwG%PnjN>>p?-Cb0zD1@qzwoEG(y7Zw=*?!oy zzE!5*hh5?0_)t4+ABso?9UgUSMtT)T=c-ZNI>-TEpcsXWWQGVdt>8;^2GzH2XR^GL$CEpAHh957k(QOepB$S|PCt~dq z9pEcIaZ!DjP{=TyhzNoqI3j0+U8ucW$=o{BHLQ*js>0}x&MtuZXDv&YUA#PdfheIu zDX4E1<`o1D!J*vN{)98iN6`3E6XBFl=>igc=@M>rZ(Wka6yvWB@+)y1Nkp`R){NwM z)^jULdpl4b${<4|MTz8*LRF&_Vmv|NB8<^%LasYGOSkEch*rrNne&~m9n^M(CL|Nv zVK`A9fsB>@JR4mdQ6joQUYMl5ivTkEA;y%6(8Mxo=ti}v??y_Z?J_RPMAR4tBkPDz z)>SA{4ZCsIL!4}1M)14~cd+2oaT+ zUX1U~r?GMAL*7RzE2KK~Mg3i(<6mq%{Ab0?48i`v(`UtAP7_|kGQOlAmTYkt$G~ z?y5t(k(@b-a6Sj)jNFJjj6fA|HSs~j#2(@7gH~#N6O*i2ze_REQ2cN72G21QE`4#$ zjuAzxaMk=9$&;=whznrdaHo*X#L1la2cJX|XkmNLxn@HVfXqJx))}3#FL+mpe2wsA zf<$5h_a2`$Mx2l#*oz>89axuNjdc%beih+NSlA2gx>B9t`#ce4zDgHx0wQ!{hJ{-6 zDiS&lwV8mRDzWM_2t|?w1?^-4A~eAXigv9_{L)+e7qjTEMjPb??*%xf65&0ToJxBqc3Xog$`7d=o6Q}JRJ-MgW&1G%NH;IYIeQogwy>x zb*MX!K8mC4_%ef&2@b2b?;V!w`hdv>`bvIBrl?bHp-K6a)^~f$({3?40*xl%Hg<3Y zW0-^}6Bp41CF)*o7-Mcw$~he1)Sd^Po)rSv%9RWXcB&&tAz8xW`k3-T*-l6{7qd5~ zC@OP`d{BFq4|1Eo;}E2PD&x9=0C8}!#IWf4&ai;(LWP*wcJ})R2YgMQ3T9{O_GB*B z_?=D4cc92o7k2hcc6htkaeP9pMH*P50D(f)i2oEV+ouK>y&sk2HDY>0U<7o{65ob2 zgyxey70f=_gf7=HxzL@%Wa^C>@OM$g*J&(k&G+J*H;hRh1*zOeWx)hz=oZHD-lGgr zmf?^E3e1FLf)|<<+C^s=8pYX5U01EsnEgRt{@-Bl;8`7Gt=6sccR8!9mhVg3X&OI8 zlpD&$(a?qb+deBYRDx=^D{}H)A<#P`3F>hj(K{46_GH{M?EJD&3>9xJGuVycemWR5^rzWf%uqJRi4diqGZ><=6|sMkFfx{w_nvdfK`GNS_KkU^5@m=(PenSW z!ouGLP=dk~6p37w(?q8Pt0biZ49(LR+R(F4RJug|7DYYNv=@>ep9?u2MNl3 zA|+og8?fldk@DJL5a5@Uj(iQVj_%uxuI!P(K0N2e*;RSj(X(^ho zQ15%MP^;2)@BAMecsspvVu}tDdN;W#{Lt4(PT>c*R(1+M$hFf`_`!bf`6&BiXC}NLbQi$r zpE(sZ<{U+WxRQX`Vpr`-=Hx~`G!W)lyZ~1j6dV%q>`zL5KauWtCrOAnhDq}wICwso z7bVhX!V6!VVzryHl8JO}_>CkTDI8-{bi#GF2}p|F=CTPrEU{i@)bA*zhweyAPLG1@PFX!_fIg)4@SPSk!L_M6P)(VXYR673ZeoqXH;Y0q@>^`)%U%6n48^L0pkqUx?< zquy8Q6Qes_bD!LQufBZtlkz;aE&Yk+&b{P6v7)m!oB+jC30+g5c<8x<94J-a-cngm zirv~eX;6IJ`K}Y8Xs)fB3B}8}hg>L)xlqRUoeQO~9al+)VuxUCC>@HAqPxh4;=^zpXXxQ?{`R`koIN^$$&nk%Kk`0q4Zip!YRY$X-OeDC>6Jfd^Y31wUgyeU&E z#HFx2;s*PA^f;J!m|Ak?03P)U^YeUaQu$%Z$p$YI2D() zc?lyz1#rbJeLgi<3m6USR2Ao`h&*@Ds>0k$980S5oNjpy^6$zg?43SfrHi)ARCdDC9G}louTlzS2OS+$=und6`PfS#~ z9{VBi%c@$Qr$g|vKj=RTB6Nje6725>*?|nOlS5-J9T)1LAG+tJy26oE#KJl8L>{F+ z;lor46Q_vI|g5i)$B8P9|rBiBPqKJ?Xl17zd;BP)j(j0?uxnOasqBmvPo> zV$=vdVGS?=P-Gq=ld|7x$cx2Xi-2}T7cOY+lU5R5#AEk2vpVwrs3Y$*!#7aebd@r( z=Q|)U#MRo2&ll&a*)M1zE2zsR7VC6VV<)bJ)e_UvtEWmoktT z_gsn!Loi-R;qxl@7|Bp(d9&J|AfgC$K+NY zDNGT2uN%LYRK3T^glzAK`V^3y_08B$aYq(YwI3IEb7N@k%Z+>CRGn*ZOoCJd=t@|X$3eue-^kn%z6c2|p{Co+ha_Z)JfxDw)&pt9e>xtkDi zlvb6m34$!oP$hd4FjV?Hcf-1`%4g6Dz3ZF5LrsY z22w;`IJ|925n1l=HkCusCkpqHL($un4JA?ZbgDgxqL-jeWl?OWs3wb|N!4c3DAqw- zHIHH)yssdUqNy9rOp3a^TQWue*!hwv7H%1E@VzHgELgi@Mn#|AX#~BYl!|`ftLIeo z!&@h*q95YASrz?IzxT9?MXy)RtJpZI^on%|*2%9}2Xnmyi*-=f&#+hr`TI|?SlV0noMX{Je6L9s9o+YpW$}x? z!(8rwSGjydEe+Lj`3P(uf8?^uce60w=^R_)CGp|P$VRV>czJwJcSii`x7YetIrlGJ)Itdga+ z4ox*nt&=m=$%XnY<0ww)0?l@GwHY)!A-mfQn#NA8E$srWP_ zh7&KiUi-$33qDHjAmu_;7`mlg@PSzRs$1z`s=4b{0lnN^w+j54%Wmc!H^;}?4Pqgr z-GG{s06JZ$^ZAJz>FRpVt~;Efk2WZ$D__q&Jyre3g~(;DY*&hOsXY*E~i zC@}2K!ya{~y=~I4S6F9X@VU zbQv2)0E5@!ZX79taA!#072|uz;#olzk#sx5F_IbE=K{`D*1LkVdhN62;-e|2^_G9< z%aE1%|D9fj^l|2%@A_3p@Lu+-49N1A{VIs+Z~IlSef78f8ar2a-LIva57+(Lg>~io zelG7<*nvM>_}kotzc!|Ri#Ps?KHb@szeHMO%Ut)f?vlI}w|U0)eGzU!$pP0%5bgU} z>xz*2XOYo;k7HGZYPGc3Xnk`1#$w%8`RUKhilxJ$=}w3jg^2Slf?JM6Y^e&U)RRso zzvY7wk|aT9wBv6xVb=*KtH87iND?n(X3=7~4oSvmsSQue;2Ad}6+zkos%CO|#l=eI zM8*COiO3?7^d$xI4w+F+0O#;hW)dyqU172)ooB&TDi3=%cjRrmpF z$B)}0C&@J9{TfA)+QDK~lI1G;jN`Tj)EjQ502$$CzRY>4ofJ=$@@`kEMHhw_)JU%< z^ORcNQ0uF#k&ze;IpBmLeY8G{VK$Q+gX2ex4Wt}4C z(W9-@MP;vkmCyQ)vvC)Ku zJb^b5$MRZQB0fJaJ{O*1=h}2rFPwF}LfsPz&VL*oO3hKTg!6Tf*Kx;YE4zZB%|>2Q ze>+@aDo!?hcf(scDBw#irw+49>P0ZOegvV^bmE(#<6w%#D`Kvm>-EaNty2_R6`6UG zQFi6lm}&xa0k;{7!x=#eR|ajD^B+Chs$R@DP2LS&$G2EsF)P-(e}CtY=RijuXL(|JV@#e$ zS5o;$SB|=mu9{}em_#LYintZD6~{8i$*552r#JygaX(3HRfH>8+-9Xrc^1kgKpwGi zChG@UG*T0+d;LhDg&*G;Yso46=tZntBj&QxfYX90X56Dk;PTByRe7<((o;0Cn7V5b zZ>a2x4tqxq0Oo8ay)+b@TRTOn=I#t7jEey>CWCI`k$nY}{9NcBMH??H6;g;Yh9?3p zHD_7Ttd3xPH$`1darI_#bw%D-S3@Fogp5EF%=KWm0auhC$89!K_>Ydq=f{Vm%j2WI zx};)}hZD*WjEWs+6+$hdpKy#s&koBrV4@05c)DUOq+ig&3+xxP@B%dI*TOs;l^{p0 zB$lVxI{q+JwF1;MMLj7$ zjx|gp5BxHzJ~U09R3Ex$^_f0wmf8+bL%hXen9 z(tOxN`LldDgw#sY-9O3Jlne%ok^#Qz7x8o&iqTXL(q#!2xAVi=U4I{Sq4YhRG((UY?{lr-<{() zE$O@B1NsQ(X^e)&mbq_w2RXcAcN@-7cpY4$1s#GpAJyIYLL6)Sf)H6 zaYfpgv3Gts`kM)nET_%#5t4-s&^bb~6!~XZ4hj}J^eQc z=pRiFQr{i*9Ui2Xrbw|B;uvU{LGfHHS0p`81$iLW`}6+6e)Zx)(VL}%bu|m?Vs$H! zmy6YP!Hd0UBjKJ0DTaXex&?A;)L{kHcN%r*Vaz=T9l8|MhXPi{12m$1GTmc%yQ zk@-LPG9}{Ul~Jc|>=xv|Eqe_*UCyl`tMD-t?rZrMPSj;t;|xd>>x95t0qz<=`;^uc z2xV~tV?jXi2W0wHDs9yk2Q+dCx6tZlL-2G!yP=g(iWGM1S+F;3H1`Xj_fp6c6KS~#rhmL|;hnXW03#R~O`#x66E!0V$&_WRljWLah0#@b56V$8=4wHT(RQi1QSQAIV$a23^O%jV>XbB1 zZB;YEROEn^S7pjcZD~yhxhICYhU}C?(z|5G8i^nu&M6~6B_)wcqscOu&Sd@G zJG&Y<*W2Q|)y@uaowTz<>6+Tvp`gPYC?4#vTCOO|4tgsX$gml7KvTtMUBm+wb`p#c z-`WUcO>* zbgi-Z6WAXN96WnXc<1or`e+>le+7TGY4AvhUqqT@q(Mm5k`kZ7B{SMg~Ri zuhD|O7pcM55s1G%pZ{YA{1te_V4r@SVlaagC?){TggYO86QNH61Qq&#RAdu>4(2$? znUj5_492u#EKU;4jDw!)rJX0z%RWZg9LtdNC(i5r_RBEfa3=i_A}jfAqMmA*W+YE_ zAW)g`Nx$hWLlA|bsxlUM?#*+})?fzI=#4x%&u|6H9|Vq4#>)Srx_Q&OL4Q+ZlA{BToG{WE7F5GBfVXB-4!~NsplhS$rr{$VKo`!o0*ggFC2)B`;bOb$M143aA0 z4prpJ6D=J9^)^Mx#SBlh1D9KLGz{f=m(IADi+)EGZ1edx&@a`9YiW9^Y7Gi8LO|q| zY|f~FE@;T&T6;}+=@`)unE+K?dYQP1C~k;ET$TR9h0(Ypznvfy2_N4a$>)hUhi?du zz%9%YUS~(#?GYfIJ3XST&7!J9{RJ%~Mfj>_k<)w?TgU>jF$2hg`o*mti<%WpoeGQx z`{qB*zOf~tHo(@eCpY&nkVG#wey<5-7Yhnbi%WOnfs+q=bU{BD3)P1`Ue1Xswu5GS zOXGb}D^7K8W2RdL-u>BYmS-fVNT;7TI=gT@BPF?ZHFrI`ff*(_1$2=x_)#TH6X&+F zVi92zM2T2EZ%KCD2jHyGp2nMNDy&4hj^en;Q1Zb9@V{F_vWsxJHZ4D7c|nzB|aLikJ!??5Bc_E;JBD z^T`B%6x8rRR)2P;M2{06RRq!ur6^ISuM$!b(=_4Bi+LF?Lt>rev~Af$4SjZvgs0XC ziZaY2-wo{NdsE{rrTNeos0}`!t-PIqd(Fl4O%O27|%i#j|JP zzk|WR`S1SV#o*~5_Mbi7fBN+K)BS^Ie;DjP8w?Kq00x^RqVAVd2D3j5*2d*_?i=}i z+5({WSPpz|2zq>lAMWjO5eSqxkZigq|M{r5%d4|Rig;ZaM=Z&S2h z+Bet*h)$$B18zR|4M7Hzh|IzMAP8qLgQ0k!lrM5gK1Uf2fh33TEmh_X8|e&35lWoC z0MHZS)Ke?$uKg{ALKK8Z?CC)LAu7tYQy&% z$*yApBk&7{u*&FFrt1+(W3rf|gvsf8!64)NsSCtD*cgf_TQ=cS)@Y!nEN~^Ze4(MP z*AC(LnVe^qM8@>9%NuwVBTe(Z@`bT!}KC75v>KjSL= z8g&C&R1PrJj*7iDM#iUvfTf7szuHuklI^8*l+^7@swfXb3PxCK^HzlqmdT)d(W?8* z%;R z6kZ1o`_y_lMam##9sM04260U9W{3*JDnQ+XUthjz9F`)!o#F@uAE7Af%j1ha`^YwkquKv=@ciJ}e%1f??7{zcAHT!bqw`B}Haa~Xf={17 z|8NE~))xx{-@UyV_k8kM&G^e27Je}zB_nMgM; zU;Ys{rFa{FDY!y>!bf5|k0S7=KW%M&`V;^>0sUX4lRCn1nh?rxcuJ!3_R;6hTbBi( z8RU>qQUbyWC>x5GJo{i2#~{tf6{0fRy=)S0`F$Md|0y zAcz4>Q|CNN$GE?8n+bA8`blc>2nAS>9Na<~D;=S$d}@(qQpO8AQpGU%3!f$6?N8wH z^)VQ~J^CvM0&oTCY-{Vp$YZGe#Y(UX6G1%$2;@RY6-DaMR*TQp)=zrlCU^+I9!Xgd zYNXoAv}}7QVc9~2h4<;KsbZEVeNLt`lgcOl$~jcxFP^4pB_z;*I#X1(FiAs+AVK^y zrgCf*$wksnO}q4X*vUY8Z;X5UJq=2^d38gWvzgi9PoH=V5w&4f^S<`61GfF&t+yw3 z1mVGEe_J|(x*Uuji*O#UE_)tsyt0`g^oZH_SHj-uiP^%np8z{2lz|vuqj;h0*{J#+ zrk#@{mMO}_weMu%92ZESD4f9r(|KRg{*!q9Sw(qf2vU;JU2uy4Wf@7P@dD6%DniD@ zIXNeg-eQ$@zgOgM=>c_tr+22_gzNReh?@E4c17b*B%!0kgko{RN@R0`BhFF?ZeWa~ z@*IRD#yLkBqSoL1NV`*^@=q<+=wGE&8;&pg$jX=ojq~0ZVs*z_rrkghxWO_Ni%^d) z4Byk1pFiuZ=!Ec@A+o-nUC3|-af_OZ3{Lp)Wcsl-rDnQb3hUSD>OQ>*`v#>7{1KT$ z%xw|j8p{xjDv+9)H zaS>yikIQ;=I|?<`Lg&C=Ba&X12yF5Ztv7Z<<1JwJN&c-ypARl4y`mZ8N1 z!O}i0!cArOK|sJiDM?buX0Ljm#EbKi`++9#a}WG3t|`8F27<^Qc-|xRQWjskM8}*3 zS&YbjADrh2faXV$o?W-qe=mup^ zK;sC3AVA4YWdQ8IISAQ(5Xf*~AEU(w&Er6Cmx2J$7@-v4L_NXhE`VmTea>J2z#&N& zlC^G1`SR7X$mUj!#y@n&99rla*Y=CNUlXv+SPF!j_P`$ zzSsf`fJmorD;Ygpi~z_Ol!lp?(Q2E<*a8IDmc74k2{jZHHhi1?UT@=9Z1^CMH>{Vq zs4l6J1||5r!2$p}?lbj{@}Lh6)toPF0ApewzBw5#ZwQvmYO)2TX0M;YVyYg#Ie9;N zclr8N&zZWta_$yG1%g@U#R3HB5{9Nts6DZ{%*2#y1}>}aBm+Uf=ZG^ccx_nLSK?f1 zqetM}XF7fhEHmuN`{!C=BTG9)OQJSt?u>sG!?l~acke8^7Y-Dm0ADi?yaw-=onK0H z?wcK+E&rz1xUH=-!q5<0;3RZj#5C?LRGyBN@5HXQEb8o9@|K}x+Dfa=+0uHfUv5Bi zV_7}Bm@}$x1*)Bc;av5Y9CT>&v(xgq)3{{1ZpzXpRj-wW&r+F3dRub#_UQQi$=KPC zBqTyz-RJgJ12Z(Ie;fRxPZ?x6?ZYU__%>0LsXspVb}A%{-=1GOM680IrYMxF5671% zo_y|UFCy(ML&aWx(>ma>VmV(!9~XUh&7`}Z?4{6Ka%6jPyU3EfAb-NZ94-KZ*9br` zLAN@`PjUIpgbYr`>e^P}u<945*1yRoPiF{7A(Dq);EAxpI9^F;`sd6 zlS9ws=#09%H5HWgR0gFCCR4;$%?N!2dNP@5g7x#UV4xPxzWk3IU2c5$?oNbD-YjQ4 ze>GBWIQ6@!ODzDrKf#1#w=j#kNddhH_c}{LcUBIU;QD{xl_2aNyzCG9gZ}=vAqG`5 zufsCxJNSE8L|5PEJS?o{!dfp~56f!(vbwVHeMd`e^AXF}BK4kywn?F`z09sI8C_XB z>^uhdzU+RLBH?!}_~Q+Vk&+v8@y6Xb5gGC?;gm{!vgHds)7hN*Sy8=|xSEWDE5R~T z_SBFq0y!W-l7E$fjubKJKT(-dO*`z-e_8(zoSgEtdvtaQoG)Ad`}Q3;J3c-F zmv6!N`2450=cizF2HuT-J|7(&gP-1>i*PxmHZQ>F>e>|LMSu|99b#VCuv&IvKLeiBb_8j~v+m&Nk$9aC=vtuzUOD&Sq!kgE_urcPTVr;t-SawgW+fh|oN_V=Wt~78HqZLv zXc|!K4%?APbqG!bFr9!;bV!Ru@9!4ff*K;;!>bNmmDAp{)CYk7;Gih9=^dHwTDy`JfAlg{9|7=wr$x&zXAecVnu=GHmqLwq-t+@THFHjWzKp4yM;06SuEDo8HOpYm$j>N2nMeq_ zUAaRc+I_^7;bbaN>{Kh5p?0d$jymxdTV&DGrKCi0L#-4znW`n<4eYC93)2jd5u6&| z<1(xh3}1nez!*^@47l3cmVTP-Hh~95?@Rwl4{WnEwkkf}sR~xLVGw4lo7ZJ2E~k(c z5qrYvz->p*v@3Xeh%#Hmwq5svD~^4ze8uhF6tuYW;{`(pPs^69u{cK@Qfu^P*N zL5q9i`r)XffRFA=#6!4}gddL9;P~O_-WY!LTHddstt>x!Ewb!Vi|Hoi(M(n-Xtx&M zwjOkXRNp<7x!OU;P7A^YRxdH^m8&}S zBGordFAHPq05|sl7_prz&m1F>*fJxpnspp{=T6pgW3Q8>EjRczD8HrAZ|TBv!*8q$ zR*qEl*Bqve4!fdO?HFr2{jh-7Xmr;%>uQ2qnO-++j2BzMk~^#I1dDE2JVW!8EgD#` z{9a9`k0@^E$vsW&LQg%rvC0{)z4LOHd2=;ys$bopYdP4+kX3rljd>X%k|CC1bb}&! zC}&;p>%g6{g6LZP=04un@rG{($YuHIYwBgKeG9V1W;DfKUcxS~SIhUFCL|NKI>hpY z0Gt4r08N|r3~b{Gz)Tj?o!u?MW+=PG6!Frja%j*pldyp8;r|pd!GfPMGS>#ZF&iGo zC;`J)U|Va={THDB1|?HA+X24=oG?pWJSJEF6xCxwuJaW1ZuWbiS8NoFd&m5rJK`3p zyCMh}mdXx*45SfX`g}Zo2UjniMJTk|dX#-2x<88389dA9vNu74DtGmgc?(sIZ=DEN z$6qDw*tV6A^r!aiMwYjzv8FAGeiTBOOVEJ_wpFEG{TB+uCnm~aT?}f^7e>>QDzA&` z=}Ecjf&BsK2_4{0tsT&=pTOY^h1Z-jd`2Mo{F4m2kncgM)Pd5^4(b+@N|;EUE59+a zV~v;)+r_^M2>Up|Z=;fViem&|92bw5@kvcYhQMShURI_QPSLK=!Xd9XfjF+!R9oL|0Fm8y}u_tqiSHp9u;+UV^FM%e@}iLy?J+h0e&65 zIXN0#p1eI9{ypKVZqev>Axs@6^{=XLD$u9MMl5x60H{6wlu_`@4;0*}BaKeN+9XVl zHL~rTu>57ezyG4^0ZVnyREt>P6|@dPZ6%?t$0P!mss@l%fC-3`DK5a3<_1XwkHBAF z0ZzWmYlM>s%t?k^ol|rsVYhCRj&0kvopfy5wr$(CZQJhHNym1_=C|{oz0Vl?oVqAn z)-vcw3jOF(4=SX6u_hYtWQtHIc#z$ME7K99eAAiP+5sSFgsAE@GXLshs=DoV zk89_tr_xZ)CV?9^?%Yxi-_c6VKrgZXo@TFTjgoCU!Cned4br2)P{XFyP12eZ4`;#y zr&^duHFIMRfEIIVCEujm(?2E(t%VZT(L?nGpG*ohx^DdAlF&OYS;qtiaSwgCIPaa} zz`)m|VWYeHrAo&tNJ;VMRXh>Kk5 zgh#SG{!Kijrx)$%6N}!xcLx{K8K@b)^r28p`rs(e?YUxo#~@TW@XGV5E{9nqFY|g% zWb>i@@$;$=Md<7gcz_cP;28Hu$P>Wfbw23NCxCq>IOxAQT*Is|z=e#E*3>rj*hk#@ zXRmumiv3IT617a*dBgw|3)c=-6Qt0 zl_I75aoFCA;Nv-xhqxm8?U#5=XCcY_-*VsK_eRbZIWP_mQueK5u`u@w&d83)f0r}p z3WhN3B*ZzMb+Fj>Cy$~gGJ%6;+0Y>t=GlQ>%{~vm^wJ#tj8w_Lg;QI`YiMH&?VebW z>Xc2wRbE1$KHl)9d`K>gTM}%}L#(isbjvR@s^0OyS4R5Q6`zFloHf|yXAd_P4M;#P zkKI(~-j_(xOH=P|t{Oe7oTAoDed+6(VzwWBigfQ@bok;9gA0SR{xU<^1%-%EVm|V$ zNSZ*g%e5)vw}HG>7_U%;`~XpcfCkG zRAVl!V;P=8ibW^RPN?(NS}o8&V=mUfrBF6A!ig}bOq0|zyDSQODlnvG=^ZbfXQ50^ zhQI+CFlH08qlcuHxEaN7%j=F`SxL)p(N%^MQ5JJc;!8#YF~Y2(dZsUj^Z=U#DDHc^w3BtV0RF95E68P{}pdw)B5%(S;phh z1K`guux^>_sKYoD4@RwdIkUO2AekOjUK~Aj_)y&5pIgfs+kGYaCd2Tez~=m!e7aH9 zJ^a4m8bD&IuY#w8o3ERfgV#^>IP}r%UM_&2@2-fzM-VfdxTj&yH?s%f>*J>hT!$9i zKFTl-xGXJ8mZK!}#ki!Lrlc;zxEkKPGzz-fcloL3onLh~7r#&(s(&>3d+Ve{JKezs zeh#}<%+yW0)zUA(K1CsBm$3FldQT4$9#eCM{ zC)Fj}V04@iA2K6=f7GvHGpJcGQmS^M)bw%aR;S#A&63-N76MX0;w0emDk%A`uD}+9 z7yk@jsz#1NVDsSE2B~GZx_Y1F$+i31`GSjj9->qXg^`3jeYDbb2>PVS_s?TOtsU8O*@B@>pob&)YvPteqQBePhp1oieL?^&<535 zB5}d9xS`p1iM59u`I0*{9V9idHdP`Q@k}A8hP%5$SI8}Fn#mdh+-nr&SN~;e8&2m+ z%(8GkK{bE8cYo_87J1MzrjnOgNg291#WO{|s)nuo6=)hJ=zl9m8XYQUmvZJQ17k@?X$QE6zDY z+8+!`v+1A#R}xfW$}4n08b4+wSf6?{zP2S2IWw-%#X+c6KCk#CzcYubt6jBp7{F%1(D#ZmPjBeKmiff#Hm@q%KGdKIAq zp_4IwF490@_*B=$yW9y;l zbZC^y{W+dI)x2;%@lkw8u={1R0>licT|CwN)eLqPIWk(n5y&LU*C5L*ZYX|6o!=(0 z5T~D>&N@+%`fzxcoh+OP{{3~nS!^ue7)SCKl*Q}e)+VnEw0gY0fBG2apcpq#$EbE1 zih;O{>x5*o7u-Y?Sq0Y{FJ^$*X0Yae7oQp?Sed^;N}K%1y+Xz7^%KC)jhACcBd_sE zcd67|t+Tn7NWh7x+CU{1ns;=1pqZwg^aODW1?wyJU9kCsMbiv1zHhmt{v?xSEvUlg z%~KCAUmc8dk-fUpN?7TL!78ll$>{5QEHXK2YzqBlU=2~DWN~y&X?cIs71$|F(5*?I zMII(^H;q_MpB<28Yb}SBsqcWpCO?kV>10O0)@Ngepeow&EjCorWH#LECeY@)>1_2R zY(L@NWetvAhC$jRHl4b&JW;(!obF2UAr_kH6~@jkVC!IGn{tUzCtB|Ba#g31gBp&( z$p4#3hm~{PhBQy?dZ5(Sjt9r+!hK_6m*kdRNRa#qlu5GeCvOXmaz#UFhf_hJ{F6C% zAg?OtWRwKT4De5WLlYxRwKEd=Xe*FJBp+mqdd{x=Sv5?Sc#ksZ&9RDDkiCZqZ9VK@ zFb+TuIOpb(5x3FlMIIY@&DR9#A;ABPnw(I%xP3J#geEVC1hp@2kF1wcymi9ozD(aw zzqbuqUK8s2=WV9EQ*Ycf1p6<+=)y~Y zXvl}U_Sm)+*BHCo=x;LXkwwx6!LAlxeB1nfD}GZ=AFI;Bb9Gv4Lq!=;M+J-Mgtu!R zw#kc%7%LSdLBIAiZ1UUy`t#M*6D+$u!n#AL9c8yOZ#%d$wn?gos)=j+p0>IAZ8g1s zhKClrkgiJV>KK*#iDoCC11VEnh7Y7V3Z#S2!?Pc^8ayVQ%dbtB&L654%i-s?`Rir> z)@=nv@rG#YW|nmn<)@oYaz=6zYE^udEWsl0>`Vv77uuM)$~F|+4o)X7A&)d(_hd#c1By;Bn01f84N3w&b<+{WkDL4NS&7^EOVCO$@)Z7d~f@qL@>DtSFttI$iY z{zSK|TG^l0>V#`^^~NE`$U|F{Y296|y#NNMc^n9Qj==v2D*7S5Db%&j5#tFeg!OB@D{^h#h#4>otG`@rWSopkE+(S15x8QKSIEi!cM%M`J=r10&pc z&z4d2lIMuckk8rgxBsj}9(VjZow(mj-y=VG#kTVj9?lusS(mpXweV@F1(*^0kyw?H z&P0**ujaetnEE-aT|2{NI!)91*C?bvR=O%}zy9jV({O;EJ?Rv6om;9q(4CZG^$jv* z75yP|xB@ZNniFoeo(GX^IBZb@Q5mL<{=caCxh8 zZse{GP0EyaY3<C+brq+r==GX4NBNRCr&0GD#IVj|i*B@2^MH;FQw|YAP+Dv=rK4 z%F$Pwt(TfM@>~BMDBT^&DC`6+QhVGOQjof&u?zw~u!fJp7KfKZF;4FO;QYerq0w;m zj+kk?tx9)?rJCKPd(wtqg$!xQ#a?iC}c3<1|u73e% znvR15Rm|T)w;cv@N+kEAwj&5-PdPg5nZQrr7SQ*)I|Epqcv%%9;f@L#rQYZfqtLqe z+R9uwmDqSq5W%p;$-D;XUng>lojGVbcOS2)~a-5qp+HDKh_OxK$7gol3YX7 zwPds^E`udk7S1&CFiT5A$jFsZ)XE3=t#>3zyAHBRTN|>rl59ejzAUfpB9G>oo=a5- zR&5gBI{sWXQtLd0b~E4ANi5{+&RvpNGs9_hO0prrENQG!C;+2Fwo)zd-2|_M_k~phVBu{7-P%r=W8vZ9lKfg8`2T$G!N2_nJF~xXGK1Zs`O|h-1H2 z5hF(Ew1Fx}I68UFJ!8W5CM@OFJ@aDDP&6lJ!i|6t25>2MLc7m->orhMZV#zr%|n`! z?+hh57&wLhrJ1a`?Y|yX&@#$HyJW)4b5Vpqi5~|svvTwUXvVRk;+T{0u~~F*>WVq+ z+op}fp19V|L0e;kbpsV1!71LvqiuxlDK#CcEc42k4mRO1qk#){wGik8{DJaNzgH=` zMBWvn1fEu#DQ~ay@>n&I5&G@#)Xf3gAunbCJYH|TRsj4n!N2~GSF97wuT6nPqe#gh zFCM&J*3GLt-czJP_Vh%?@syQQWx2FQkLFz)$hz~x^$uB$%O1`9!~(QWHk^lL*1raA z+GeWZF>`3f>*aADqpm$Q|C}^e*Y8KSXkFu1XiqiYiuhAE=(pN&jtfSe?|nb5R{fvQ zhs|sP(w+cs(dKixPk_-M^=ZTR?)aSZ^GV;yDYubb%Y$g|;N4ZXPG3I6YgOU57kRez zGcr7`em@SOeGm-XUizV=diaW%m@O1T>W#!2d&Xblr+$sLIR^Re#5 zegi1*(X*eiHJJLg2OK|`Uw_=p1|x~>Uv9DU%t8`DH9+lFzr@8270dP;3H#i-x) z!(1R-f*}HI@AT*NJKh0r4}-zq{ptGKu7R?h-=sbEt1srH*KcL49r)wjx8H05I}!9Y z0f78VfOCeDBT$w%tG=!`!}@yRX~4brV;4{Q2GwR|?Y{>Lwzpw!)_(P@YWiw&3JqKM zdbN4!ZgI1i(!kuJnhPSwhG^2fQ8R%VND`vR@V$G7e|PDu6^ij8woYsM2w#2eU;5{g zP1XQ1<^mOPZTmmJY|%f+-4#QfT8m%|}D0=(Q+V zJv)`3p{XC`{=BxZ2_)s}CiX-QOdy4VK0agm1({taLtt??SU7W*CO>=$S;^2*0xYSx zEmS7}&oXQ@}mW<6DqnwP<`%jdr4;XrD>5G0` zTF@Qwi@zl=WT4W3^?f<3iGrp1PuEQ=YArc8&3$QPLbt(8lH}9|Udn)i>`xm>#EgO* zFdRz;F*G@8GkZa+R+Yp+ZwtD5*qCmmBb*-=-;Qhd`88ni%*q+Vf4TnZ^JR1iWA^)I z{l|T5_>+$l5bt=q{gC&bF_G>&>uxb?R^M9UA7Y(Swxj#Z5LX_-ZwmwrZVJZ#opDqm zhd{iVMxN?>P`5XVvH%w7lP(AzqOK;sW4+@6=jcf9RhKsu1z^Bfq>aBg0}c%U27B*- zyla6iKu>x;gVHKfkygP2z4vNJ zS{~_3i^p<7xMD~rf9RdmrPLv?1Wr|{oG`xHFkF3@GRcI<-bB#mcLuil>g98Zm>THW zNll#o`TFW`{nu$7V3I-h#f)leS*(HX`|`NY8}RTJ{Z)=|`J)2nz3fK@Mv9OY#(W^t zVYuIv#SnE*+h%dXV&RCj`htUi5W9aicNK(u!WEpYVt;9Kol+%R_afmo0Rx<}A3*`{Y1y z=X2;atc9)%ggbbapnVX6>@C3f2DU@SQX2c9b~lA>WY^%Wg@``Kp42`<`Z+67xT|qD z*=yLg!{s8u3`oBNg2o)-9J-~`-*x`;P52Y{EJLsaU-a^>Y}4f&l{gouMraU^0_i;L zE3P@BL&SzUR-!sf*A4!9c~y@(Sz>K0|FcqL;{^KF;3h|Uq`AcAR!b4&v7SCVf?eFY zEzDuNc=m9wgQMj>NjxNPkKSf$g zeF}c!cQVIYFsLgbt=c)?hzM2st@n_6Q92aIv6D;vgZz{mU1IU=co)Qa86#P7`0^<^8UcUMiQ8#DMF(Q&JR`bDM( zK8t8_uCH5MxdqPnLl~xkCuy6RKeLdg#hAiY{3y1lc4M)&MwO0~-v-GS-GkRiI4|o1 zldfJ?>IvIK&N^(FRr7-KftP{1PfokB23n4bHD`;K7rtSUgzRA{_hP2elN9}l3cw1T zA6u@Z1+F#3X^4jkX1;G!d+wv`g47qyurxBZ!f1 zt7EeD8rT1=AlVCa(W!tBXP3Uqvy?>%ZnMMbkgK2c3>UI(q@G>&oBBa)3fx=eS<`r3Fe;v4-LGGRsA<^&!*#<8;NXX z7yedHd4KT4s_`q`^H05l?Y%?)NJG#FW6F#p@yW^@7VHA1sfGq4Y2@cl?if1R9`R^G zs-j32`3#8PH_B@HS__gsElXL&T&?O{LZtmy%j?!XyKwF0FF6}8-hiu!E*=-iDMN^Nr zi~&+D`x0Cc=o2N9(xBf}(@6#F^3BnPnnt~-SfV}`H@f>KH_(ggc(AzBW!CiL@aXUk zD8l4>HW?}~&srp87LH+5klT(VRGZ!Zk<{1d%KmuXW5AyEOB3hWhbTK87bZjZ|9?6t z=paOg{6hyrrS8GKP%xF3QSJ<%sS$qy#v8;EJg${ptg@%$;uIJ+bMfQ$a`58m6!vpF z`F(uc&nTx}1=S96;uz^aDjEI$-i{V4uG82}PD6&g)HuRiJVyDy@PBuKHzkh~E#{05 z<>GDd-6YE?gdl?bPSM|iN^b<1KR-L=?T7jr^{OpqNtnYq9jTt9uP*r3303Q4)?goB zuilRTr>L{`T);e;hnqn6oBMw;$qzr?u8!BMt2f1uPe}=cNAwdtj1wERioe)7aei%C zE)`kItYIlTNwn`!;}uDob7sZY(;xYAJIgX%d8LIWdtr~t%5Ulk)IPoNhpz6g7a{Ar zh6LC7H7Z%}6pnx(^ifmY4|N=9avU|>(32Z%I_#_q$4}7?^{$!ln=)@Ut%78y|II3! zRb&*H)Sq~bm~@?zvgov^4!NsUHC1U}$y!nat^XfR*%VZrDxCQ0iZvZRewq%~yhVaW zTNX}f3|C|q062d2R}b3ZO_%w<&@wU2f;|i?N4c&TWlC0AdST)6<#6Hc?9s?_C{9n> zL|U%d&D2XhX-hEG9D^`fj)J3qsHSPl)`-Gj@TP;rV#mj`P9RGHULHqaN_Zq{Mt|i7 z@72{q3(v@N-WOW=CMjXr6Cr!Bj=!Yu+KKs?x`{j1uVdSnOO9WEelHNDY`pGSOj_IR zUiM>UD2JK3f3JIr7tj1?GBbSnwTTEq0__mI2Z%hE4Zpe7yXoqwUa^{Dqr7cNSF(Yz zmvFx|_b)K&T8|Ew)?_)Q#~1i+0jS~y*3RG0mWjJoM>~T6I;k%b8}~7zGR}jLJEW-n zqKOAPSIjqcoIYBQ-|!_p(8Jg=FF)4zs#j(W@np>5YlDTK_WpOtDKkSei#m9 zLLuZ7%2AeBHFb(KhjpC4Kb!YqI1FYu#{1inCJ%z_;g+vrpE%+`bLbGLM zEw=JR^f(Tw4F}oO`7zAIF*nmP6iSMO){Z&vH#^TGBon80`qI*TP4NIVzT{@-=|tQW z!M_9Qr0vjz!LT}9fu(;^-)B;*!c?Ovg`9iVswvf%diYJ;j#Pf4`;d)Jh!aN-cH2sT=_&v4WnhnSN@`TC{9VJ(Z0+BGFo|*1*KBI=GiT*-L8LwpOw^5?-T9} zmp$g;1o`JqRvSdIHw?j;6<}{QB()o$@An2{z=E1?RTO{lWyq88c~j9+;p6tlL-GrA1{raHHFVa>%bGdtJjj+khR%biQnV6iH?yPHnJV|tGfBn@TrQNAX z@w5|V8GOz`B50}o4SwES&+e3cjtb{^_Im?GCNO#p&N24R`c`q1~80HV@kO4gK8kTt;{)QcSv7}MW{CR z!9>%TSZY@R24Z%`j9v)zj*w#O$AzyqFMIHySRloSu!D#(#8Q6Rs3meE)< zcDO{+5CYfS#<*^|-eI4f?;&=q=G+C62w`1y*hBoYkzl@glqyui3X~kYVt3hSICED& z;)J83xx*IC&ZvbGQOkvuxw(ZK`d7^Rmmsh9Epj=#Y?H}lUnTZq_n*BjkGuYP>*<+x zC-CU+Lf@O&?6aiXtG46&L7;rCmX>_+KT|kIjnvXZlf&SAb!`@2* z8|f>rQ5yPicIDp-J!+&|iALK;6P0KsNu@m(lMwmudLLgkEoF~_);;`2lMcLmafEr^ z@mf2-l2NFwHme!;^tl?u!VRLyR%~j#vSbDpjA-qm{MZcizXipyf>D;64}j-1qX(>t zxt~B6En$N}6mWqcqU>b-v~`tTVO5qxB6A^tP_g24=+bzjnCW-^dMmErHzsOO)S2$h zYmRmfa?5;X5oxh+Q;}5iQ?%LoyY{x*_Mz=nwY~6kam(fQdIHD1-Kdxm_~`x#PneDx zZU1sMee6KiCreuX7at6{_=|hytRs<{F-PnOT1=Gat=%~NeR-`q`{h)55I~{GVDFce zpZ1~;4-Y^23Xp%!_xA<(lH@n#bp#2`STooPeivE61p&N~S9m|qv;RFjHKy&7KKo^f zIswp;wnNCpIS|FSj3B}ps2SM5UHyG-T_PcH#7{Z~IBB0su$YK>7ZP_4} z6@D#-mCUWxWzZa+mi`puj9r7AZo9YT{jCYszWqZF5yzKyrUTkucJqD^;|3s~-}m$L z^1DBB?&KL@U#jBE2J($J1B6VJ+Ev3bEldbTZp@N&;2%jozUE(MECUXNX=ZFrRk*$) zph&0-O0wruh{$>>v$i({z<;S|`gZScY}6u{c?Ya7m3zxe{T!Q5<@+xHvOYOCp7@sz z2A9s(+riWNY_Il8!O}#pkChMBfu4jNj|v6 z%>2Yp`#d^AgRp>y!}DFX0bjdw80Hi={$8#=#DOdXlkWJ}K%zvLi`xs=qt`ASwyjSG z`{e=`>;f3udr+@HVt`-6;h*C~4%-v^M2vQ@5xp_ z(XMh%tqkLLXXMaTy_kLkv_2gJzTJ5$R2YK4hr8SN^H1@u z0g+s>XX`t9|D?fp<;T~D6}&I(OLp;j^tD;MM$YNvIyl+HwIb^ZfyPCz`fTb6Cbz?*bdi6u`mggbwU(kW~a4)AxY} zdoC(rcUV}7rWsYPoT4{vm@{~0^vhAiPGMtiW4?A9K(#eLG!N1=x%heodqHh;NjGS1 znG#;oLqFM{9?L8n{i_NYrXn9Lp}ogaw#=XQo1BhWA- zo-Uo(FDuVb)kmKE4E*rAB`FtpYfmn2m`v+MCK$ZB(@1xrvXw@!q-NE5laHHD|aw ze5qq8yiP5oFG>GsABs$Qtn5NmU>RVQu>{J5>J=D1-hENQ1E`x)Crb7?lPD5ZeGdkm z*yUbQX4OqQhUAo&a33yS>y^B;WHu%&wyu=e!k63Sm{_ZDa32$_VsZIGmB zt0?fP!U2?z@UXkJ><7+yEv77#Z5m3lIQ^4H40*PhAoCMaqIyQn+@=IEoAVF73 zL~2b~SZ$C}%%GlHpy}w=aGMc+FdC!4m#qu96+ggO0_m>+s6A8w@GwWk-+&I}aYv@& zXU1(}hbcDjUD0KocrkwvCo1h+iMxcvP?;^y6W3Qp;ELlBKk>0e`(yV?J=iH#YVshX zO9QYrqam3#R3yCDMFcQ+!)eX(`>NIGFg8{FC51YM4RpP?6l=I!kXt;XL0CmZ6U!(g zKDk|meMq!J>rSQC9Tz&t)AIA@IAL(EE{5aB^ zY-4O!otJ-$wU_n_nks0%o*T0W2!cq$r)ez5V(jm2!YWZ$KH4nuS(W8SCtD_VZx33i zxnOs63I}2mxlGP9y5x3?0|-np3}}8Iymec}CTxv~ql7JTa7HnvN=$C<8Q9y`I}x#q z((39&$b@2itTME-;1)K`EmI>UNzIGEW5yy%Iq+@+w(QZlNVSR2c}cUh&vW&bFq6>-{U+P${?Jn@fIbH}9sPcGvm`b;O3=0*U;@+pW#n|} zVKdW5T)5m?CY;$&YY3^GuHtIwO+|^i(Tt%zydV+wC)}I5V5A=)Z~%d>_*Hy9nY4ILja!fsOV0Vb6g%{A zTJs8P;o zD9v?^P1)rh32gjfp17h?!+B9t*_`Z%=n)CbE`UupCK~eeZ5Z$+YP)ZmiD+x_A~AVI z>7JUy8S0%(QCUMnQIm4LqLXo1%}e!f>LfLQA?c8)>njTmVqndtqki4tg#;%q-C8D$ zCbH508CS!eINd_v<@Jv4Er?jVG9tWufD-Iyu9AG*M>v2i0PT^5&T?!62SEXKK1`|rY{C; z$WirqiSbEGZtPaIGk4LR9}eE@6C4WMHE;*E>!>p(qr40P3wRkU&Oa{>&wnKhydyCj ziu9*p7C;yTy>R_rXF_6xt&L3J-pkHEv=2i7)N`h|mQ0*QN`HX4walS`c7TuyF_j_} zuyi0?2S6&EH!KHsX?$?0^U|3395sEhJryUt8^+4o!bhl95n+wkU0JLB;hTbgVzNlQGb+Y|4~+ z-lMJWISO~m!Fqzdyx}c*Dbk^gu7q}CfEgb$1Eta zVYAV~$LQPrecWFwn9}PiH-$n683gJNp;N(~G2sm(B8TedcAP2j{$s&pmS4&>rYxw& z_2+Wf18dgR_AB4G7(_QQGoTF&uPA_B1>Ei|j#r;s7?M#e={wSn<_Q&}Q3pY3@b}`` zE7@ACiMLQ&FMGrR75p zSH0n&j=SOmtBt8Be5sQn9otCkA1hpg>kt>1f`sUR8U}PyVb((qCW60eG-4;|1xJ{A zbg@Ma{Y`Qz``%A3qUE%O?bji?P;Y?1yS3rO|BwFLoA%!2Cx&!oZ*LD6mBFSqo8ti; z^8S%M1N5`(_{nwFCF`Obu>@$l#lkz?AuEzc_+LL`nQT^4ZQ@zdiNp>02CtilMa8i* zWhc;VanfsSj#?^9Ah*fDU_?GFc|=o0IIJzZQt*p>7x*~(e2OG4+j`4Vkf!#JBlg?N z6P7vme4Hh>@;d1y$>j2N%R!OqaZ#&r)S0CKmgH*b-*4p4`Emq_G!nZyHE>vCXk0fZ zZWbvHG|={suwtIcAa-ITlM+ovtbNKQx%1wr=Jl@z@;l!ygHN+CFd&in)B|d1q?AuW zLS0La_>8!4gSSQ7E@u;f(YbLEF(Ijl2pa(iVF&Kyn9ro!Yzzw2+cIQxj zI0SC&AXadtgTN_?ey`G9z>A)hD};d*3upm6(l0US2uNfIiN}cvlo#=l#ANlksoVRY zSmN6wEp5-Y=TQ@C6`EyLERJ)7qIK0)(Xd6XxX{{rUuY1QC?#5;eo0)VH`Y^S? zxSt%8?chIh5K3@Xl(_;KW>-zHP(fz|p$G~T(jZtUsPSVOi3}_T(Jtj?7xy>933^<* zt8_L4Dw!mAa=%rz{Gs35B@^SJf-akm)&H7=uL*bwZem}?KAb=rmA|Z?N5*O!Od(p> z``|xvMaxtF_8pa#v3-5G*URhunVH76PDp|bgQZ)nr+n=}rIS zvHDj>{oWso#1sly_UJ*$~yC?7Fh#_bsC$A9e2Oh z>31!KV5EO*>aC;-2mUQ-!SGW{(5vZnd1k9My&k40cvx3g``YQi+J{N+HpR!)4yv<4 zf1tOT{(F$>d6Y_c*BG_?Trc&Wb8l7KnNxf9MWm(MCO32|kL@;I>sEDD%EgD4s$4pT zQG2K8rG&vS{@0UQLW_If4)ptl-S>Ta(5L-d&E~)kX$0QuwlI9q2SW5h>_~kDroJMR zA5MA3E)O;M89~*-E_#vC8%heu&H=uV3TwiWPt*mx!ovIt#(4QFAHRl{CjbtN%IK>P zXy^I+^kMSDUOo>W*T)xNi;~~wjjzpQSgQZuJOd?(m_XmHkC+0+$M>drckMvJDo6PZ zDEp?<)kDf|kJn2*dpf>?=1$kPJ=GJUt#CKklTUV$dIa0QK{N<{up9I{t1wUx!f9%s zeU462_`_D$QtWKEBu9_WJLq5l)opv&V)U!L3ZN==P8;ZZ^^5KuaMygA`jVf|w+^TR zaNJqmW)H+5VGlr#FHN@gZ;6`yebU8`K3O#FL#tIUYMs45E%qm*`o@UFijkA_DEaf- z^769eAaCN!Hw%?~;+4Dmw`B}wk+F;$2(!FIjFDRf!|h`ajq65=pFTszA}E-SLdd_I zVV9^3uOuyAsVllJA}Qh@l~IPOKF_Hw)nWM0d@xOyFsXW328KLm+-vB5Sf^399D|+-w0EXe{yg6ib$nF@YEz$^20kJ6ylb3 zROrPa|I>i}m@$o#LCp9=B3}3IEasTPR%7ni)TWcc3hAi$x`e25iU_dcmZgtsjgO2P zXImMj@Ua6?xqjk$WA+W^MqPPl)o=v)-yKJ^;F4~;VvNNn(AqdHr(M*^*v}vPPt?T9?b&Fb7DP#6NtPn zn8Dg(a^Dn_vT1FxIog!M3%e4(7^V%Gw|4NIQP|7HALxu^!WjngG;S{v2|uKnoWVe< z3RVVS2CfR@#VTu)fSDJM+Lij@+Az6{53pjxJ-R!Zc(%aNh}Sk6&%|D|&a8zQRyj*T zNa@ZKy)t(7Pjigc5(ml1r}DAz-S}CKAZ4}KyvyC$4FI^Qz}<@D;f3DWtsB%38JUjwHnkdv8}U}ie>{xQjiPR>1)u~NNL zG+wtEV7ghK5P^SmqGdiV%dNY$ShPGjb(){nqiK)~NeC7RJNWrZm8Q^fU^PXenGY>UJg}l_tC+%53()Zar=k{37NlZ~K#ntO*NQmhh$==-*Kvhe zr)HC#*%9RUg=ZB(g2j|LITuVa2_wG^h*!|x5 zPUidgbZ=+}*xX#c*`wq$czm;vO!<}b$^E-7{*}Qxq#}r}Pm%(ZHnfMG5Xs6tK=*4f z1~JMbFoyWnLLE;j2&<4Xt#qU?zFjGY+?^os1}WJ#87e?=q&oa}`-GII^ryEv&q-lQ zevsSiH~ni>9`j0}31rx(|EBTud=5H#nuXakTutM@%A=m8LlX#MxJkVLx(res1T6iN zm9|Y8o(JYG++1Mw2ud^51}u~NGN6u88*uyxo|DCE)QF%1CyEJ;Bqj$Q;l_?|`UV$w zAhLscpfSSVDbP?Q5mUK+4EzM2pvqO*ioHSFxT1TLXJIDOR8p+UkxOsqyAvUZWw1B*ZFakv*l?-?M1 zQD-J%eGoWyf8PTi@`^!L?Rq+o+Q$T7MIm$Xf)E*L;m*B&-ednB!d-kB`aFbJNNOsk z%!Dc*3O>N-PFfg5I6|K`>|r$F6{4DF#zDR#q>mXjO0KqtD2NA^ikkZRwJWsNk-Kj| zo`)1~w;%M&O&YrE(8e!Ri5Y3?1GQ9#A_r~iaG)fnJ#NG~GmBMr5m2c2n&-wK^bgKEgX9wr$%el+uAzW3#zo{i4XUxdjyIFo4Fb&csRY(ph+Y zf8d4sz<@jcOSVbSic%`;V@RoFh*FeM2WWj3-r)S#Kt=#`o|*ttGO5!Vnn7*+6gwPsMFk>YwaRQ3}wPh{HR66!XRlI zMu;`aOuE!1D?N|bvF*lA6PiMqT2d1fKe1V|&Pvpb`J{ToUZv%Yhrudcwrak>!|a>q zpYw;dAteShBOFy=o1Y6ma2Pnn_e~~- zWvozBa+45(Iz=b>pLt%0NTjatY-S`i7&}2(HjG+Ft?i_%{M{$Ns$DU4Vbp0DBaILp32b3}YI*KjRggk3GJg z#YXm5qc;_w&@X?S{(6vy+Y^sMbK&ghwwRmOknkPC=we=^#5=~zL$9_Lg_(qrIWw*1 zMK#XK#5|E2)$kzrg~R-tNacf(8F;R-Z80ptHM51 z6k9q;YTpMvIiueOwUYx?E7z8`E5`sUY^@%crckX|)^h~;*UYs28fn*M%WtE~X2CyH zr75KE)^bwSd-Zx++98!0N9_$mY$T=c3pcHSu6bLf{l|%=7cxl$i&8=w`efPjKBXVK zo)xx<;->JL42eAv#o1K)L2$gj=U+c!Igb&H0b)Nt-`fY>C$W<+{JA(h-{(I&L#5(B zKj?5kE`kmWqMg8d3L*BdyoFJpY`jaoP+9R!P3R zzU5KzbCAz03v^R!-BemB!HEv=OV?iUqbFW;_TXA?8jS0mQqw^ea`is(4yt@*Gc@M~{ur+8ud`qY3r ze9{)3qBdY+T(7%#y!Jp}17-IImCjnQ*{8>K9bo=J%6xmFnvDJAp7mCW9e#5!rlMI+ z?W4S$Q~i~?&K7r_d?G@BY5(?SV|bw%bYW0c@@9&$*y$2N*8ce)v}K7ViagZh=Ukn> zhM9j!F%U--OPpzg)Zqq9$lEREEd-cixTFJHfPoBe z8xA3>qi1#b%9qz~E^<=7t?ysd$MdO%;P)USFJ$q&6~#*1mmkY1i^TVZsE|bmSfNXt z+f5872BR4=4*H^)v$PWhc9pTab~#{sngu1WxhnLE!PGA7+bUDa=pC8PbHV$9@u8)j z972sf`{lBBpmsv{EX(^-CB{P*A5G7^HsJ41>%AB85+bG3%_N}q-=+;E6(f#L?H83u z==&@y&f%xJfGfKI+D1rjRpFa1a7SL4m!{ZTj%DT;gbvUMm3J>{=y!g!Qqgq}1~an8 z_I@V%A6>30<_qha$wi!3#_A+lAxKNe9ALLz6R12iws}r^_KkAfs4BW2ifd%aIg5Q7 zX)<_v+U0W{%Y3rQ-Q!mp8BL`?4I&zGL_?W!cnAv}dU;m6B@pun_7jE8Aq4BB;$=?y zUzoQ@>n__iL8x|2j^&V9j->AYeq2#^NrSek*<`PR>Z3%>v%@M=P^#eG}Qu8bg!w0o9b>kYdt2m*D4HR3+QU z?L3P=c0!=0B`Ce^9PX(N4?1%Zoh)2}v9F7zM7esDsaSrNVkWhqlvS4e@vy{uLvJnO zU4oCWpYWady4g@av5(#E>hSQqzlz;SP0GUnZbmO*ltDKbQ{tl#cGUKxs5h>jmfO^^ zk1w!&;nM&Ji0d?IJ@qj0XtVLU{l2by>E*Vwa(?8$12jK8hD5sg)kWl{&AqMOKbO9l zw3X+h3Y4Gd#@#uDlF3c49GmdYU7QcS;AJ~h&T78ICguPV*VSBa!DYtF^N-G?sY>ua zmmfD4@x3Aj{y3|-O_7o6Rc$R(v#eSyD$5VA?t5sr+K9c_&siB2&(_`yGy1u@SzWyE z&rji_RKH>vX1pfa7PKl`fUj4XQgNYc)MAdbvv9p;a#3tgS5lzS z=8cmYz!f2u-Nidww!2aUj(iv7uKtsG#-((miepnW=wn?8{hP!$F~?2S>}1kSCGoDl zPZd8AN2k|+yZLmDt;%|97uGCWmd z*N;c+_F2Mp7T803^RM}UtJTE0a8kZJQd6#I^Elfr1U>rN?TeRuB)jjqfSaz$zeqkeEFTU{B@{REN@o3ESL4CGPQHV(W9ASB+6C)`m^c8 zm2A}$X-vRi$f*lKOn_9&nydp)ci1gl1X3|N5|jZ;33KY>nUE6(CIF$TkKpfgV`Z86 zXWe+!@Ur|`E>GF`aVa=;`O9e{eL9Mjmgo;mVJgKR76V! zeD8H$E$ajnAPY3mu!RTBh|?&MeDRF(z`cw4P4nEIhvCF=Smd3x#krQ-_g`XwEN$oeHC`bxm?OCyF;G5Vr@5U3W%X_1~{ zp@E{Z7MuAXass!|jGbiS_!Mq@pUZf~=_@tVb><@bf9NM{0R7~=@E`qDno${l4Apgn zlf7dPM;MeNBl+Us#|vL?5RM{8PTz4AcP(Ugy?DL<8n?w7JBA#CP~%n8WmW0q`Z#WE zS!#&bTi~FQLz8LBCNEOqQCf15Ve(LvpM77urQ4lw_S@hMM`i#j{U=T2K2s^p^f4Zf78jzr0Gu5)wKmn1o*RXu#` z&e`CE4l#f1N^g{Q5;1dWl0*)xA8eDvDo)Zv>+4bUi7$$hVmhe9mw0c(T({K}pZU3I zsh$L6c2gZe@tja9BNm<9lKjkzoMJ-&oVGv#fYaD^R<2j)J{#)o%q^a3n$+$7jFMygNIzBg>^Sn;TG|Jyf>Yufs#7gyRI?rMC#3sR5$S> zND7?IMM&+SIxX6OZD3pQyN_LTznPWao|GsGyR4yn)ZEd}CDg60>y;gvPXJ{ZHrObh zT$rsC?ZmoEyfD(04(`ALCRUY(Qz0h$Y4@+&v6G~A&8t?szT)YOFVsy9+PpbnFdjcy zpJ96HuJTE;x0f>px6x3nLgnSPuu;>^H98! zn(>qM*n#ATGg3?tl~9oMprZ%8S{ot%0^%i$T`m4p^H*rejY=gb)DKKMAf7p8-vhb@ z>$EC)k0mnpG#0hkz#ALZaAd5`>Iu`9%l(hft^wE$`0peyN}^!W~W#=otIox z8gVgEzI^>aX+>9=xqFoMy3oICYrAZt1G?w6hcRK;2es8|PG6fk78C=1Qsm9@qTy7l zFtz9vT-+i;=x={IeU@;YI(=kB8te9UJ-5a%{}GvQyMlhZ9eq()^DRjJrHx=GT^(k= z5F+*rK@1U}n#U20WE4nzH(g(vx#W6LXU-p$WNw~hb)O|IPhlY!$mbk>UoFBqD=Az<&&;QV)JK0{$;>W9+=#9D6>tot-8FPZ_-evPGTG56jbqEzTH@9@dD<;n z$QC9`DieKGn7vnW{u3@xdG{M1(&o1I=?8R|3(}pG^HIFL z^C?H7*74Pg)0>xVYe8>_$Th#fY@?Yb6tI-ujN)L6B5O6I)t=5Az7doB$6EZ`8%L05 z^(KKz*j&Za9AgO~brfZ&Szcy?e(mWFv7Rw!?#svGDEtOXq^hIjysWm0;lWn{C~r*r z=w9dkal$8ZWIM9r*&#YuqMc-Z={XAHOUZpoCN-NT$wqHAXV zPPVll0|=}>2Uln9e~247o2a9%D_R@#eYmxGY|8Og7Ob+ zAg$hz6mhn65`_7kZKp*}{yq&g&kRF9zhkrLzOX|hf7^(o2jooEJxCfOQCG(E%gG_u zaIx&dd1*P`%|=r*)`F6?esb&;deBZGq+rCz@I&9q%B5kYBKQGfNxp3vZ#g4{sjlU^ zrfAAmYc==<530PCI~@0o7@M0(nw@K-N(-ti_WWUIJ;1+%UHgg+5+1uaeKA>Ax_R0? zw|heDr&x7qbry@C_2VaNC@tQF_~R$ByVU#W>*sE}fAz~B1%LEgzb9DzTQ7VJo0KT@ zWMFeJ8FbHs3tl23Y_6j7C|j3xp#_9pzoNcXKihf#U#K=mID3=+stdv(qH{4^VR6g- zh=ZiIIxD%_?9~+>76C1|(C}9ir*?myT4#v@4jJglI3uxRR;sPN3^`ro_^x0E6)F{6a_2IzphVg%6{wv-}r zQK4`V4z~HQ<<`&1kx5$F=-&k|Hl|cZt2Zze5#Ut(u7qvtcHGN;sN^I`>}OM+RK9B= z3r^m$FdP38XPT&09f-1Sjf59+wiT!26`O=All5zN&)C76=ErMYXVlGiZoZXUel$hI znO=8duYUfzedK0-k$(J~9R!iglsSOjJ*IS&!gN1jO-*FXH6>tg`Wq4Up{H_vp1??3M6XZR?iGev)*VS;`xgw;=jz)I&nGuyIuVKksd~ z8V+HGD8yoOHxM_nI*NJQ3Ih^w?J1>TN)YXiaq$Cw#czHul&Bw(zid~_{mrBHoff6J zYE(;Y;3l3GDb}`a{;0O~q{w&V3-@Q=X|4mcEtd)1UirrF#{y$G#vU+qr} z0mg(L?z`t}D5wx`o0XlvXbPsQD}ay8l#lIJE!4F z7}`RWMMi@lc6~xA^E8PJ_<^$XDS#KlbjBMgV@kOPocnL#kXOZ`ZVYkY@d7YpLt+lN zX)<6|{1-;p#?zjKDycfz18k}x_z(y7d4k4EZOG)ea?))pX9s*wU z8V@GV`wuumpFG1bN#XADBnlS>IprHU^gn|rVNiF|_N32;)-uDxcYlAU$NTAV54@V< z*pa87SA&~3LC){SpUb<|r{4Hk{T~jjXdsz{cwpiE`&)d+-3@E@Vu?Sj5 z2-Wx#fGL=q{hC;yG0=$j(4*^nh-rvs7 ze%O+znB`TX_tNj`%KbDZ3{is~jB;YsI)P9Rb&&0c%CusVDPXx*1A=FQd9F61V8xVy z;Mu9a_dZTkfRNy9+N~aTPz2;D+GpXdCXk&<$ zxdQ}JFw28kx4vSsz!*zO_Kez;N)c?r_T#%YGK-B&W02DZIQN|!r$^<6R^Qqr+L=Ok zWllce;V@9U$1fc@v$tW>zG-$C73cTkax9`f^F(6E5s|PBQ;)F+ zh|^*uwyDD1g3?HUo85x{f~>h!LCp_aI{=z-;EDbZ%Mlg`F6~E4-jO6+ ztI6MsE?Fy+>Q|eIsFK}Uw#E9kka}uQsMc?}^{F6Hp4{LFFWtyf5tI(7EI>YU0x|03 zlvRxIn`Rh>o$ogQg+4-f1{eyy`GXU;H{r!1jCg<6F6Ig(Bw))hhPPJ}nFm&C(k*J@ z6tEz7z>OxN9=AlVZw}Fwy}%ZW&r0_2-rFA$jVH%#(}gJCHvHqKN1*;_+##DxEd{5H zzsSt64wn#%a-7S|Hd6F9rjca>?^;7BZRh(iy$CGdq(J8GU|ADk9?84v&`$w3g8{fVrxzSjt{6Vt!XwGIM_vV-?P)#D5)5F*r>{ z=9mH-+t#&DHM_vWHCUO2oIMPfxAVB|oPq`{P6^on;M}S(7MN8mp~5g^NK?#?FWlbf zPk-%=Aw2oJ^7dn;YA01*=-Y{-3v~HdzL6p!#>Gq1lFwelYq1zbH_NDPJQvUy>+`R^ z)O2Mg?ff+G z(!UN9RyWx))JFAtWv zoraO(nN4HINK>V^j*3-v4EGoZ%oB52+Sl^JokPLYiA30y$VNzlQ_uc}feTID#_^-HrM1S8@vI08S{RfBQ-aMTgLeo@Sl2Oz%iU7*YKpT9D-GGG+Ykp`txsjw z4Jmd!V(gW(+sh4E=4s%}Q*pOCs-pQ#8dC$t4ydAsXd(A^s9unCrcN3nMlMhi&~(YY z*~#)!4Z0uZl2Lbh37HtAfp5Q3R|OcAr)l_QQ)#B5zhR7;*mneFsToOT9DUpFgw)7J zc%Id%+GBny{U<7x)5wyCNmbRyllXEe*~!v@FhF$G@acmIZRz$0C4s-zLz85+-X>4SaNC zvvZKvGg#UiM1=HlhSxV0J3{iZJsDYM#OPKi#~{KAqXOeF6MdCot-7tnk0*Y!?AvPA zuTIF!HzQ_(jVlr0$I>C?oG?h_M}QS6C#Ow-6A7bN+7etl{+sg5JEj2QdBM)@Hqy-v z^(*>E!GZiMaCaSP^WcsxQ$K%c27G>zrU1w>U@GVf?L93I^+6T95I1lmL|H`8v2Z0N z#&&u3$PZ4I?aCEqPV&PsQHC0?$fEYXoH2c}iTdTwJ;6<+}aC*mQjuCW9C8THZUMATgGLBd2vd(&k}I$2cUfNE0>zHBrTb6jMf% zQeG%L_65Upo{qa^PttCTw|3-z0yW+nT1y02_HCf1~(?rTN&-TSqJlbv)b9}c1R05xrxuJqMX6T$iz>Szd(LkcSY$j#P0v{2%kvs90!CS0CGrI@ z>%NCuCEcR)ZBH^kL-eBFkp<<8%)ZLKs8_TRC33S>fo}M`i9{Gi`l5*!n4M}j5hKd8 zNf!2MEV5oDLo-rBG2P@29D7{%-?9>@tyo>BllhNLd z|HZY=+nU6uqp33-=W=c}-5~iwzj6ZqgBBtkxx2|rwc;Uc0 z(p{i~E|}Xb(7)%kto0Y|B_zP*vXGIG=>63}o2T!ucYa`rvcwN^UGxRZ$iB5RN453N zduM8~v$Nq`Az7+FW&W5s(j6DQEWYEsxuMV5YQy-_#=fA-le!(^mh0F%((?;@{x}x( zSMVBa@ouqWD?6AuEEC`cp4m)MijyYmfm)A#t_bg1A4Qr{NE4;-g*lPcuCRKbFrtVi z6eg(EI5<19b_ZMc{p{0377CrwfX2+A8?lLJxvo^jD#s#-z{sn>?90?laghA*CaQ7z zq8OttMLoPDlL<}}k6UP|cb}(oH7-v7P4R;F@_)*lwHlhyHn(a(Nz+v#u5z8~S+T*( znP^Y8IbnIB!AROcdFV~v*OklMNKdvI?tmMtgZ}D&s)ERV1!IAm=U?&WT^s=dTlcai z!@!ty;t&CfMfOh{=}&x{UL(A(ZSp29-4bE8Q)g`;r6j1gXk9!KA|Z?(q_=)T0py}> zI?3&zX~2qQ8JQAfGG?SR23p&_-76Jwn4w>%>P@4tu`3gO+28r;&uPJ9WL<)zJAthv zB1eJf>s{*myrWx!AFNtS@57*1Ler-{{DEpmqMp+xTpyY#Zk%M-muf+7nl`kDAIEuz z)!xnJYc@)8aY{VV+?%tG^VfyMZ*A65cCk8PMw{4A9}$P%3o{bIO106FIqH%77sXrR zW-PY@nh8W0c!_Bne>mLm+iwDBz@wa=XlP~w$*&A$9;k`%Yn6FZRTy`Tay@>P9SKw8(*MhB_c?iQn)&b zsxGB(i?)28wuEQ9q)j3;nh+8G?T-r`y+hubGBGxe*)3_`KYfysY&sQRyN$aS88)jRSa)<=V=VaPEP{7LGtJp41sajrt2VGu{M!NM#ABU^pnImMn>2=x< zaA&<$#A>s@K|O+D9vrQQ0u{^1R0kLV-QoESo=vRcYkL0cok#G=NWgYn#26b8ilKkX z{7&`qjlurg{B+>`Ou-BDg*EFqxONbgdBIFmBrKQ60rU+csqZ6SMI-19yf#JbMj&9; zt|2{fKY6*|E{_U4w&`?u6W$Aw+DT|qchzMTt2D37^~7ccle?C$L%2Sx#Phq*-cY&Q|{_&p{mXO7O(%dS9xl# zlS2TjJI}GYWvtV9^G)dL4X`Nq`Q&wz_uXo1^ttXq5m`F3o>Wr)`Vq%xFiqKP_g zP`&ghi5221T>RXR_=+gCmw&z6>E-v;=B;(NSKcS{pQ&WJg{H-AQL{O5q`t@*Wq_@7 z-xaq7mircvK|_ct5CwF4c}Z2frF=fds~EP%hz-dz1v@D}Suj!E??e|mHM3u)G<~Sc z?dM8d^dEfQ7VE>(DV0&3c6mJ4+Hc+RD807+J`O+<&?Q2&#phlwWHpR-?zk^`X1d;s zHS_ZN+3zuS%KX`fya3J=O^g8^3&Wz|i#3pNj<#y7AG&F>`-wNIw9IFAB-Je&rHSQA z_po~z9wetlgV#OV;w3_nYMrtGHSx8KF{y91vLFptm;o){%1&H(6n-ZG1MaN?2TvSh z_;UGdF7mk*IMal3ed}A*dXv&frpv7YZcGV<4@5`4Q~eUC*cm61^M^0w7niM+Sr169 zQD}(}Jm?;>Lb(O7j3>5$naGKZWZ4nC;|;gN+rJaNbexw$0i9>{*xzig9Kk5a#L#x; z5=B6QU*Bz3z;l@61#?Z5-2Of{4{J@M(V7%&OJMj5$Xijj*{-6qO6s`fmgsuU-}ISf z&Q8($(hd;c+R-geb=0w;Np9t`1~Vh9T4*l=i>2x%-HNL3IqK4l^{`h@*3EzT3KZfj zeqM>OK}mE#K*zxuVYC$`mT;n%{bRf5B&-Z1?%(Kk#nte?CP!t%e=wwzzEv}?tGiitNGK0L-aECyX2Nc-Iouz&rt zwH;+9e|rHt0Uz6tz-#cQ&$mk<`RU2q3RvM@k-NWv*^MUn+0DB+-9ewip7WB{N!;PT zl%=m2Re#u&KE$4jklZ8t$qCqbrQh-n_iv33uoYG|4ErL!l!#JlVpc7b7gO5}URt)q`#lgMVfX zG(FA>*G)XDVcnm*3;m{tcYM@u?!?p!`YD5?se|TUQsl@MDPU}o!_E+@%p%Tc-3jCi zfirwG4E2qh_X}0NHc@0t62b)d`>~W=ymng;r`Oxt@A3R<{3Ehe++GgwvDw-^slO*E zuJ#CfRK9VPpFROsch%Y-pB>#+a-3|w@)xonX`wR~hD&VCOKe$k`6mr1xzfnvGkgVe zSG;usR~Lkf{w2+Hznyt~h$=bUJ67lOYfH=f4}lfUWRM%13co&A8`1_p4_xQRkN(xO zWDx!PkDz~NnLhM;XSk-Lheo~}+@5&m`U2b){dzK?@Rnt~##fI+A+?va@U4YV*C_U* znVd zw~9WqgN%b{33_G~`s*ura&bW25HkRF-oduXIU4I_zvcPPF!v13A>w!hWAK_dbcZ-A zkL#68%VBz}+<$cGR$r0xBi}oNUslHalKu0PG=3A~p-kwXn8qG6-^*_xj62gIZTzev z=AT%`YkJ=~_^dLvL*gKh^5!?jOM6(0-dQU1&DG~k1?xt%L(kxaf9EYg{YM_=O&@Kb zRM^AFn1V06;M$gh&(nt5ScLSCi-WRdZG&QGS~MSDkD_bhCuht~C1FM47dywugN30iV;I2*P9;a6x!RZG4Mn%F8__XBtN|x!p>Ab7Moa1V@K8DV>^o!nr11<0S3rP6nPOm?G zf18%u7BtQ(W&~!8;u0~=>ajuFXW1D-g|#!HE?=%127SeG%NEtRt|8rcoiX^P)48B{ zlg~Pf!AypLJXWbi1ZCx#+vS1MOiCG)%XG7|iGnj`!Y)>^v5Zbl6SOr{e%kV7`E=D; z2DZr+bR)*hT}@LfD}Acm3Wm)DrKM4HKjpuH2hWjU+UeaS;54Tc5T@Kh4w1cu*`1Y! zXF%%Tj|qDIcj%pkzkd>y1}M5UVNQY9W+vH+iEMyzJ?`cJSRNpa`nX0Id~oLhD@P1U z3Cw6HF{16P+6{6Wj8Euhva6&Iop?g5VK3EeyGpu}KofEPke;D&z^Z;n?Dn%6IH{i4 z8XO)ai9J{s!wU6%xILh)QP^-kqGA0wl>~;YYx-14%b!ezc^D#k>y(YNB0j#UPhivSv9VB)3`T1Gr!K|@lv`7$7x{8z{JI;m96NS(({NaOYHiTl|k?CK3#CM_@|rGgvVYD$L7(medl)YvaRYXJ_PQm;_K6< zPttYALFS!UQMNnMj+86sb#@8Du*3`B| z!eO^&9dpeLI(ssyMuJ(L)`F|pIwtV(<(sTm3-V~?^w0+cx;xygTF%?Eg?|SeLCnJd zu#bdiW)Rr3$@C4yc@XX;7-kpa@3U$`UxyHO2=dEuE#g~qIBUD#?VM$X@++T9VF-A4 z#|B}mV;S0_cJKur(N*oLhsV2-yqXV-aeNq~esd$4O7YuR3lKjZ&UK?XRd1FO_%?^r zf<)d8$E_7Qs^{u%rZnz8G3Qr<658_{}fY6@4(T%x^2DR*VCTr~UtaW+w zm5hLtjAe=3SE-yT);}2S8kM4q>o^|qA4^>Z4Hir*qG;y-0;?sbESCiYy z#F&JxhBh4Hcw)01@ER!Y91>0WfX_|UTly$pm{cZ+(mmjkY|5iqVQej(38Vp&JDq`m zyeI`EQ@?rj;n7QAUX52IS)kj6Qbt(XD=ZSZ0~Zj2I*3uPouDU8J@EnM7uZ;sqvvhi zV$jyY#z4;Xc(^N~qq7Y4L1%ql+*VeeM=40alIhj`mp(UOsJ_dn4O1>@V}g}@^V0jb zyz*i2eTqD!1U*nnu|P&SH@^%I#m0n%Qn>R7z}5=bO1CjSjv*#xyq5!tM)gt`7GALMErymzI|Bo0QrCe=-rfN)I> zwFaDktWG7A-QL*kUf-wZkHK^MeQ;JOB~-{bMx4}NwlD3;sDgno3B$MG`w~PvL;EMC zZ?mRbsz*hFC?{HNLc8p!T|dvK8nl_yK2ljl>I@eBF3cBd^IIe!Z*&VVEgSb)VevNR zMUb3W2eT5R?q^;fNiM6rqMHwgLz|d4l&?ADpk(UsbJQDVpw5;L=wskqe4l} zA>}hO=FP!Fu${x)&97>SZ5ob1e196ZMQ}aPrK&`fqe%w#BUh$;PDXW}$TD<_yo$=_ z*N0W}_T;BwKGL)OtiGt}BJMI%?=Fy=YGyQ5E}KxJ(00ORMmhmicS^aj7YZ>-{S4Wz zL+1f&8CN*OyrjKw1JguJpBT=03t-na5V5WMnKTe22_DvF3ljs4l5rRsTqd6TIh9gTm%T|9P9W{jr?vg_&u4nnfF3}bWXK1gWwGYN#R!@*f!C& zTRBeyD0TJ?eA5PO|MjcF^W+EV;#7fgwb3F7I@ghG=B*@vvE_O(cJN;c>cbB)@uT0w ze(nxTCfMRaL7jw#OsI!22E;>7GWr-_0Wk|{(vK|Twna$*5ko|!b{G1ZQ1V!Ti!WKK zGh~}N7b#o9RW#>pAo1tLI^>9)I=I4PB|^}^uS6iF*{^SL-s(U|Z!?ZTX|Li2wRD13 zaZNj(-V+3|X@U=`B`wI655OdAR#h9duya9_Kxn#%Jxj>Z4h9qADHt zg*TlI3+C1`q;kB@eg!>$-yLwC*y#+L8@#!EfUi)8Z^Hky*4HF>C?3gv2qKJk7)+e-0>6NCnHYh?39t&+Ij z^-j%0z0b(O@p!wG!Z}+)yA%{-eX+Ljggr@_$~8Pz}(1sE`P{^h-fU zCj_DcK9LSQtcK*Si2L22ntF6`C;KGfMd-pfH|0GaRjWhyd&4mu63zs@YQa`)DSJT9 zs#B`V3p6z2{ZT_Cw3!=Rjxr720G4 zB@-J|Nrh#GVMHlF)nSCER~+i5{NmyixNfIB#}ZRTmFV%Uh$mSI2LxS0+Dy?Gp`dz4g$61UA2Y0Hl4XKqxv8+2j1)C;#RdXA|@N#Q$gEJ)4RdJB^|ZuKDE z8h6-0c>TI&$JroeXm)@_%QU<$9SFsx>!%I7PEG<0X`-< z{JYlsaF7@%S;vGT%MCF9G0$wl>Q?7=3lA@`T@MPUZ!*@FVX9|?$7rT9NTZg>Q!q~3XSpvo){GVVZbe! zD<>8YP7SaPu;I*|;T4*)Z2N7Pa_{!ENeqk2uTaNtZ0 z?B8IPqs9nrjI`8FdiI17(E8?AzH37fu+Lue40s4f72wpIEZ7_>aXv6lY~ZuM)k#07 z9alR5YePwRzE>e3tLrl1?D^*_RGcEK5-CuCSN28%{GImLww?9?;E`EfgmwJBxI;AB zw@vnufSv|yIG%^$PH@^pX320JEBsLQ)*^=3IBZPqL)$b);+8bIJxiv{t+==r$Vqf1 zk!IeY3#H{@L!>}L0q8K55xMpRiWS)=I3s<2iNrtu1893!MJVfSa1dN>5r#BOLE-kV zNYtG9Frtx@vyid9x4Oiihtx@)VeP3ASW)M0H@eZ?PNG(CbB4CAuC6~WY#xwPMgSg# z60L6*1jxjk!MM>8n6jJH@>M89=UrYA7U*Ih*4~E!F~L>TPQh+o!LD2tv2zhS=}#A@ zT-(;*kq5&ow#Ucy=OJQOBuFvYA558ap~mnr;1F)0$X??C0U?Uv{V2htUQHL6M3RBP zxMBM;zYY=!#W15#LlJkN=|7kONjIkDkh;H==EU5Wcs>IP-Y~K)-5OgQxb;0N}E z<9JlxQ#lX`SnblTccR)y|YhOx+POmGpVW1UaxD&vj_ z-*ullCK@~#p@xzm&OEO(PB zccX0V21|>dSeQAnEzLKbY|c+pX$|W4yau7BZOUS*R|^pr zpf1VYuZf%Y3P7CT$(i+-M{qh6Mh=@6 zVj5I`)G1k%k>FAvQL9SIte<(CNQ>8|^|lE;c6vXmS2@;kcpGGo`~BS-8lq@(-^r0v z6xYB4qme??-sfJ;j_r0t5-Va)%v#jBVI|Z{8tmwr8s-8?nanu1@(0}LI5V;RuR|iU z5!~!TbgQCu<|JA){>gwe_mfy)Q+B#$jUR`~g); z6NKae5`-BOzqAP@gV`mfk6G_m_b;Y6G&hcdsI?1U;)o<{;@KGguTkON zyI&kpeHa1+0e@^)pbi6k2xB2^zc4`D9BywG+%UL*NmL7QGcGcQAqEm1yrCayq|DtF zVi|RCX2^FdnBw#sk+x`6$nF<(S{5278)p`CDiG(hWl3tI$}S_+Jig%epg|r_Dno%t zCq1F^7?suA;cO+ON-;Hw9d5ox4MO@u?Kb^CB;H2oWh49fMxrYO(?x(k&~MIB7X3g+ z3T=rK338{iAfq0i2i3ArGjS~Z75LfWoV&!n-|9-vPC-JVEDOtzHN`JDJu`}BDzY^y zdOf_AsuY}4Cc$Gq*U zhvBC+Xr6O#a@MMFbTs(378*cexA!89#do!2vTwVvQh z3J+00_F9|Fuag<^@=bK%0_yX8Op*Rue~Nf{GY)naV_oXw6x?A*ia}tPbrK3*vWu*D zefTY5B7x9Piu2oJv9P=T-C3vP)rn>%rB=?gG;X{caj|4q)ZFQCSWk!& zs_yhKDOf5TI#CFFdH59TqpE^7WuWG5A)0W|>(6UD#1=FaJVcQAu99UN62GsxV}KY( z`{9oM=ph^45rP$}emV3$cBPUg6zxUsp7;@1nu#L;xtGm(4l@b)JxIEYLx7=4c(-X8 zs@o81qo$i`1A!Q-{8^1;fXo;BwdlIA1oByCT%=a-QlEqn5!0{))+a)rv}YIxs8V(8 z_T*hbP{02}@;=wGgsThGqCqGoGWawM>r~gIw4+gS53*-T(8`s}JOYO?pnnEhHlZhQ z(?r=ynWj}0&fqzEwpKb3M$Emvvvvmb#qDRx=?0D{oM$Qp4-TxDS#E;A?k8dvauwoy z1e*KOI%@WINgAPm2zUhp%A+7sv5s*5oSi;`jV?mQ-|WpzL~|mH4Bb9d$!=rcRTC>%4 zRYOdSdZdY+b1;rbJr4;R$or(ST6cvB6}CIWuTuChgrZ7AL(M9JL0rR9k;%n#VJnb$ zxHryaTZ1$hP)#rG^^6JO50(gb3HLD#h@#yjq|O76o;r?U(WJm2h851=0Fj)^ZJ}y; z(l5KeCqYG~(2HD-6Gx{apK`^^W40sryv&3$4W`D1qxn^iaq97YU7vA^ShfAT+)rWN z?bWzfzgP$@jzTjQNqALF!;h67;dUH7UDG0z3+7WE0=ZaOv%dA2lc+{>nj)XZ(2rA| z)AR`Kxb4RAi!6~vFyc@Zct(+AT8qKh07-rCZ$O>FnnBctBon)zK}K91#_%+-*J@F` z&F63(1vp}4QJ6u0jLUzqMw`$$0o)X%ktW%U)IO!L;u$d$f>zIJdQwp^pXY5a?K~KQ z6^}Gp2Ma-(xpNye+0AK4ekTReSrQ)sJk`n{1*j|4fJ$zW2#ymCvU)-rhbW>{Ct5y9 zSak$q6H8`8WUV2-<|VfYB92 zNto%l2LlHce1{1UBtp`3=8lOXIObtP;xJ)S^PBpJT)rkj`MbFxImwupy7;A!(lWgS zS$T5J&|p7g7wJM^QfzIGm@B3P=ece)G;aPoD$}TX);(pUsdRE+*)!d81FB#auoJd= z22NL`=^uFf0E5tZSvzXu33lr*_~;x`Uv;(I{%Y<6dc8y-u~Z@MgtuhBMzJ?uR}=-_ zX<|iK47zRl{lzJAmg5rvfgnt1<{1e-gAu#~41ykowi!xJ|KWcW`nH^}@ zO6TI3tG8Pn7~pjQu3S-P$v401SOp*WUjV&8LceT%eFO0IunyL>RC@(s&!^oOGHLYk zNiZDSY7^>D@a3$JSVVJ)SGR&?R9Uh?3MeEl=TxC~>MM{rOaW)`LvdTKAhY;xjLEi? z>AbeSle;CP^FQ|w_O}hIR*S3NGV)u?YQ^a*?!xThdxREmWd_RiN=5(TU(%WbkgA9! z4N`nn^z%V)^u|R#b$i(IW;mTA1)t_WuOf1_EBAn1OCokvUuNl%k%zIEN84lYYLbr? z-&CZJ$6{MYISjsc$_M15(^p(Gd|c#ri*=5MZBpy$;M<_w*JkjhP;6WvZGC2H54ktV z{ZBZz)$XE0biB3{ruJygl|x~xA#mglndR+17)0#A{?WUXl>hysviypni7P?!w#C;D%E3pjT64wMmH#x z`UI0$jT#@PYn%u=&7VbLgb4LlUBoI!Kt#8lP=%Ut^<n9aoFSm(ch^oMgD}_<>NS?=Ps7CCU|}aqeH_uc+}gncq=VtM6LYRlA4Cd!5VR zmCj(}3zr`N0wxksWH=268DG;l=9;vK(^4{r9|ID{3WY}~RhccNw)B`LP@IEi*_2y3 zQ?#NcS1N)xFQ~sRUFOhn(%vG(QUV#zmDm@ZA(IvpkbO0Y3fENJnz-un|L zAZ7ll7wq&U4EqSNlaKZXs7nenJIba)B|!!-U#JqzwX~<&ZwzuFYg{G_((8g7l#bM1 zy&Iw+f+-p)0!EV52NHB;v>@5&3QcjmEknIr6zX2$-W%_21009yksqDLl8Vh7#@rwy^8_-HA$*l0D3q&ej~@;Mk`9bB z7y%fV(cyCf_Mh|i)ykH1&&&CH*MLr+zsZ@m+-SYFS zxKJT02%98D;;a>uVn9qYRb?JtWg=}o_Y{I)hUBIwmVrUp^YLDuDG?Kf40V~p+p%02 z8AWM8Vs12u$&}hr{{Qpw-tOMs=>5s-lcTefx9`qR&bBowSEeV>7`tbcvD4kBNTyp; zktP%ABZQSyDZLM2NP)PZ9Z$goL9Vf>FuC*hU#__Di(H{RABbM7MVcGYUsQ>zX)MobF~>TO7S#^4Rl+$$4Q)7!xcO>m#a*U`BbxAI z#4(AvZGr_*xPvQ|z_K{2l(r_nxh-9+p|N~zKhJ@Z6x>3p zlkeoQ>k7@_4JIj&SBgHs=oT)-g^Z$>&)%J6QMCK~;Q61o4gK?E{AW$06_Qqw#oR?> zP?f77t+}sI0CnDJmQa==IM*qBqGIv9vQEXB3O|4gLKSme6hv8Qx)c>PG(a&-F_HIC zG8kEmh`}C#Go>$0r@hR?kh4fq;aW%%^#8N>-(gK{-QF-9w-gJChy|1qkuHQ3I!dG@ z5L)O>1Xe1cBq0e^F%|?Vf}#j28c`6%2KJ7C6e|LvU`H&VDCh=6koa9|C4r#s`?>G$ zoa;UB^Ij)^Y}v_NbIm%&Z;bgHV*(t}J7_>W3pzOil?;nX<%(FLziKlP`Oa9B5|he_ zfg5t8fq1GRJObdtNmMEm;yVE3i6|9ODe;mq6e}!H6&Ojkj?JOc7>N?9bvRUMxLB1xEOF2yE}*kx(-=c_x6 zB-ao?%3L~fnQH{6^2i9$x&|l|Dg}I%1B3{~S^3020c!Hp2xJYeB45|zsfV{qOJ@xC zrb_gIr@w;;+4ETN2v#&jnl%XZo5lR6UQbw$lFGvWPoA|&0X~xtWF^N%0GA8J6pmB* z$KgI8@@Htg8b9in z1bO{={w7p2=D*)QM2hS~&`|s@+lLaa1cxdleNDwko!G!>D z#le68oC_)fh#MLQ&a#MC1T|N56!ohc!U)cm7<*zLptLb+jzIs{j8St0`Zr@#YF^L? z%=o-WMj1K|WH5P9s3es;kqSxV83{Ln1MpSR3=#+6B#DOaA5;d9#b%JXCgP%DVhp+z z62eeS5~xn8ObV4rPC~%lSr83J+MzA-(2NuLp<_^95}Yg{Q_xs(Ov=AFDE#+5R}$4B z`d?#llSM8V14;fOBX|rDMTK+YIN~s%@grABz^9b^R?;)ZL`rUIB9$B`;*2npBx+>R zWI&r_6_E+|V8v6R%g#|4BRCp~MjDBnPVwk*ZV0GKX_6Z)XbdKU8$qS~aTve>7mop` zsd;f+V;0Sr7eO@^BXk3!KVV%6WsXDT#zpfcLiwQ+LCW}UfI>efQbj|p6u}UY(*Y1i zoHLkY7KhE6(0Jp4n-YJ82*!ZhOVm}2Xjihtv>D0i(YO$TN=a-C29HaPrh#S!z!^V$ zl?)k<=!Tdv!_Y85I@Kx!kH(kzgh?}L5U_@ZpknouNH+1;TuHQ@bbmn=6%Mc&{$g7J z9*+u#>q}0rAh%kQC@2wn2n}@)BN=O}uuC-f)=qP-a)Kx`+y9saZ< zB|8yZ0sxyK?vyc&L5-#uj60!e|H5l3G9$*@6%L1<1@*q~ACjEUNxW7Q!^j0^90Ym{ z$~aM46u%|$!AYpvl35kawU|ng0EiMsNTIz+7VmgKuXts!nB!sn5=%|Ij74t!3B5uC z$Rf=ma_#>6ubjxU0FOtDm(936EXJx6_!(l&NIgwqQMusjCGtbEIRIu7ILQ;unCON0 z{9)44m+qQq34_h%{;PIR9*ker-Q)--sMtT8#QbR~$D_mIF=676S{Bn}>G+?>v7CasUE*3vgYO!brGm0x(3;*c6=f&|@9MIr4;ZV7(=y)n* zTA-o-VvN}=F3)(PA)B%38lcHI46S3J~4E8~EP!Nwc=CQZGjR;m8|4w5X|y^1(|=o z{Ek9Jz#Sr}hnL<4yoWjUI7i)pEwhX z0T`nCDR4GGjuQJc|EW$X3@Sc4B1oN8Fk;voR=n7<5d}yAOwnx#WU*N-T7EQu5go^& z8o?99P7t`1Wi=5SCkbuuNGOs;Fg4}3<^AfB{pR_RM2`x{E9WAs8qH%;SIn8L?bDxRXm*H{WsxM8V@S~ z#$8F{9xMrlmda2gHQY$iaN{RVIK?Ep@Hj5jQ|wX@1;&d_dJz?H!Z9mVE*x6a99A@h z>L4=bO5X^)_-soS5#YXT5Rss~dBFeHQ zoncFo=}ko0h4O<+(nCq54FJaga@|RyL!`3dh-B?VBRLF~D4D1k0*OF{OD&&Y`YPGO zzpT(1#_#}fKq|POL|jqs_(YSa(nf~_C62#-@;gM7V@c%4BuF4R7K1n&f0$lTNP-cZ z$rAGj;1lull!?`133k%*kE>;zJ1d<^AzUm|MOm$Q0DXM8sgtjWhrmSwJUkwSNJJ!t zOVYPY_&Z`i;X9$g$05-LBYDUns|N)`i!nQwD&~Pu0B!_{1#tdsi~pkvmu8+r zE1N+wp>qHlzy!i3DCc3Kr^erbh~%=E24IKAlPpVu!dCsF#YK(y&%wpgaX}`6oXA8F zZK4vTFo!q`*l#+0lCpvh2)S@T!YTP38oB=-X-uJt7)9V-Lu8|=I z9EkSC8ji$DM8N+*wF2!maS`b>9%9cDg~g^7it)zghLClx|hr`3e!@+<4iMjeGclJL!s+W7<0>G+mB{k15hD#;Q0~I$0gFMv?U*b`TQXw6{XLN&PUPFRLh7~2;WJxot#KFUe88duXG2`hW zAy=`)xVU7SS-iUL|N&Dmy88a_X6+2^(aR$Bg^O z1OrA=0ojS{Xa|f*H5}DM5;IJiEC6Ob%=v5 zB=!R!UP{vWCVm@gIEBFxrNfhm03J1l9S!OxumW%hsZ7XSBEmob?-z9>BDzx95qKYi ziEJEy$SWzfSb3AvYk=$hcl!{oFUoT8yLlYL;*RTMDXZ5&VvTSnCrje;M9CGzDV0Rb z{z>cyBk@@ZRjfY5D=1v*Qg4y|`p2u5fn-Z;sO6h%=@tTod=pkvV>iyTAY(5?#?@o^?@YYhh{6v2f&DJ%{GGWo?9 zbIuU$JkX9APkPH`fDj>kQmQOAn`;t}B2jq&IvfEf@Fu*U3?@K{r*e2uLc$r4FU<&o z?2_Y3ZX8L3qIlANej31tM!cQg_Ez%4A$=1|rKkwH#lB!YVJ-+okV^8(UN zStzd>6WZM3zM;Y)JO^$a(zte^fLLSl5RPxK$;tr%1q=Yu(MeEZr2nXmmPiaJ5uw?H zj7ITfh$&eNrnm`Gk!HSP(T$Lhq!7{K+g7>auv!tq5cNZx9#YzOChp*P2JK&PvGfA? zm4zK+tVNf6v<=*scHQ~%h-^QOWJGtTN6ap8yoYI*whuEX$&`Juh3hyMvKMP zvW9DkHkpm*YWgvwsoV*N5xCpL*{4PO zECJLd0G%WDYB88l+8hRx4%$aFUIM_O&Y&E#ya1H;9Ij>O11I=s z!R_sQ2tGzL0tmj&L_c46fStFuorf<0=L08t!ySkojs#x<(ZdH$#KY}8g5a(M4@VMu?{fk5*fB6?}jp zVX(iHVX!Hx)8t?q zK<5B4Tm+NK(?O$k&`5E9SBj_%8i__4BTbD_7+(}p2V-Yyse`e@pb_S1bg-yAK&LXr z6`CQCI%uT6J3wYIc`R;(fv5zP2hc?Y@JIki#!!6BO&x+F0?D3cR#D=&iZPa`7z&NB zLZDEhUqB%(`kF$GXOOAjw-}rb#zEY49W;_5ZfuwxEyfYWNTShEW-Ne8h+tWSi7H_N zG2%)*0Xo$fC91^CKf;4##Z7SZM4~)n%o8|{5s8s8@c@TSp$A|*S=0zGZgNBrJ;2n7 z;o=#rgSOW};{k8Ll1cUUh^CY9$tXO{K8S4@jJL!Q-6H(`gDs=cJ|qs^4{t&D(?Q$2 z`6gOgc=_4K(EXEj(D(qN7dMK)h;(4lqk@tFUoUh*P@oPPZ%^l#;jK)Q9XK2hZwE5Y zAB`c|2N1o?5?x~*aXw5umlV&7)Ir-jQv58)QFJe-1cp}>jYZc%+q=i|ykl@QmIsYa z=K4@DE=g__ntL1p9e{QS#4%!tZeEczsxv)0!r#%~mB9;0utS+evT3dsU}u6kI%s?# z-i7EJ>*8gugT|9195Fg*dv6X!2aWf$^Q3WN+}+taXgrOEbTV~dy3=V+mdQL0#h(p$ z*fE$WVuGJk8MvyMaKZ~zCmaoyFfhGg5u=i zO*Lou*+;RQeAqk`-Psu*L=7g9d67{_o>xp#A`c(nOmHL6xio)Ib1vP(JCGd_5XkZf zO7L_*#rQD2?95n53p_H)(uJKAZ|dliWJXG|a^WV~6I{KcBh1~+TpgkSbAXJ&#Nq?| zoa6nH-N{@}7d!8yxJY!gRZN6yFyI``_K2f0gA=`zbkO!(G>b_JX81CLEbvSUn;zuK z#-M{@<4s8cRE}3Nz#|2EQ@AWnVj{_baY;cmB6B2`tV&D?(nBE-MAU|i4Yb4&soj`Fh#rY(9>7emc^B`0J(nSZ2Pw?|~p!xXV zy>-xdupKT`0?L~m5UYc>M|;JS9g+jVB^T)&XYU$e>O>DV2V$cvz=?A-Bl+T;0U*LP zh82VH_O=4hp6s|lyag?qofv>ICj>Hh97a@}1IFAGLye1bz&IqC#*(PX(L^6BR4g$# z&NVL9IYP9ggB+9m<7mm;csHj+wuJ-Jl1K|A@+h7hlo`u1&?*q==N6abY3df`ichkj z`NTOP(X>QQKPObY4jLbWvG>qH<1OuUFb+Csyku8GTNM0RBzG{lmmlo{U@$n0;ArQY zSoG=n8qfT}C-q+%9P1c1s@fVAYjO7JH)|=aKp9|u#@*c)S+FwVi0hYa`R<>V7aum; zvqx29ByTU4sObx^A>D8{&B2!O7ph$aTf(I&zx*h;P=LN zY;8)o7veCp+0=b1cDPz`UH>M{AFtA9X)fBbWy_XD8_65DY}pcBgR*mUbTscQgllPO z?Pa^oQBvCOZmGLv%a%r6HDyOfM~ZUJbS*8d)6*Mdl$4Y@QvYA{m`tG2f|9Z_^61c~ zEnBzN^>&;=#rFm(s32jwJEjYT!tVCUrBBYsWbHCuRrCD0`i2b~*a-upyO3WdnsZYs!dSpC+;>D}ECH|y(3qeGt>8yiBS}=3{UXz-d8v8eI-*!Gc>SLKappQnQE65GAZ`RcT_lvBMd+({3M$EBy zaA-argc%+gAvJDWQivkU<>lpV+qcj7hmHMxs5M-5HRbqS`}gNi@9YBFD}cmT8|3Gx zsVVHZmHPef_e*tjWUGWD$9(#3-MUr1%Xk%%FI-#brmL{nT;W9UIeRu6Y5Sw!fkL5J z4r*|WhMe-+1s`7*R(RoXvUxjp9J{{!@gXNgw|&<0!`6P075?~}*z;?xOA;MBD0ZOB~ouE55eoeRf@$V4Y#gg0_v&!wIhokE9FuLe;MNt(yu8 z7KSGG=tOs%#*JvFw_i=d)YR0x>gkz&rX&08S<{{!(|U6$mDuuG4UX!^gU-lZOCGE_ zlxv%L@uFo9x5&`ke8Gw}LpRB}E7FFC6MMKJb4SViymrmeV>5Fyf{jA2s+?GLp}xJ6 zynW9e!<3vO4(YR(pwV-|FI!4oOPgY+_x3FqdcPL@@3(K3x{>|D(Y~%1Yx?TWGFsV# zAN+c_ytlXWmnD8W_xQm<+)Sg;tAQhG4kUg;gHSDZ?78~r6`P!l$hmXpJ}4t*H~K03NAXF9AQSJSEQ#Wf`*rE09% ziTy4vE^{D?|!si;Z=_(RpgkVLm4>$n-$uU}t_*}Bg-=(Nnbb?b&dU3ghSY&IKu zuhM&p*)AYoKDgwA$h}x2wnP=+|&@TA9qN<9-zuy%(cIjc^v}x0BoR4{0(!@3} zFfizDK9oM7dijR1D0l36jj*UGe}tQX0xAPvb#`vJd)KYUC&W8B+4}0$tDd2uh?LA} zLwZ?bl~}^b7C~o2Y8`3Al`A%1|Ngs_7|U3Q2wA^(@7_BpA5}+N<%b%C+L!G4X&TD1 zvaJ%3gx)uWb2xmnvy2=w4pLS_>M|!?bZy7mur=0E=26K-Si>6dZTQiZOY{V)%ZH$ z!)l>(Uh@d%VPX5VH5Ma-AN5k?+G;UP%Qy91AN3efxDw9)0PwYMIghE*+yYPdpN(wG zWLbK<1qG=-Im=j@l6J3Mu%}&)^|{A2h_3%xyc>?qjI zr33OR6gLW;e#o@|(L&!gYi&wO{#dm`FEOPzSNrI*Fdc{Nj15!eU*9pQ+G)EfdRt!J z#sdf7J(xwQV@Gqxwrl5)9xM4#*nWYfS)Zf6EJd!P`i@Ce_Eh=V&H^u!-X_a-O@eo2 z)rXy$%DOwI69|MB`ZjfKU0to^%R@%8lL3A`*wf50zp{ZseFFo#zu(;}ZGziGwv}5xr>=(Fh7WDWN`EZ^0Dv=*SYW%USKrKR zzLJts3;p5rQH;irQ=adKK9Acu87(c|rcsaFMie;f>$fiMs^7Y}h5j&eOm*StQi9of3S>g%E+tHzN!M-L;k%@7s37%SMAZa(S3J+UslH%x~t&Jh4|j~ zDekSpuVtEOUj0`OCbCZ0F3=uo z5DwrwP$-~AruW6QRU_F|`9(zv?yax-`f|U1{aRinykkojhUVUu)${RGRoY>OCHocZ z^y$+NPOP#xzUsnkzVN%AseA4I6>GNb+qaeZ{4yZ?@!fLW4@-?Ty{MZvZyq>s0QPgN zk6+AKWX^g43isjRVQ|~{{Y1F8Rz$WLhFneb8culAr*0Fku+Ju87dU0PV+0bvm&n?w zuB@S<(b&{fVB5utd3I4rcgOVf+3Fhw0?pfZ?rhJ`m&IbSKl=DTk0qn_*`_Q?SJae) zgMQPKK`C`@5x|rJF7#@CLV0zr?*e<+`tZebc ziz>FZw!?#u!zv@1wbl+aJAq=iJk+h~r_d%%Q8RRqYU|!QM_GC5v9`>@!ou<@b6)p@ z@`VqwOs)qGzEmi4+s%23UG-h(#?`CKsn@Rt?0X?N^`h_CP2nPZUsFKeH$M`8)}h;f zpYZ5F6}O-j6%d*`KBi@6W|nJyC7%nfjBGO;9v*&Gvw5bzv2k5@^C6{q^HTHj z=DrPeGyGxUAhj)~`@Oh#HSXi1@`bJEq8@|m%xLxHc`)|to6{4Mk~(kaFKfS&&=(W7 zf6dt7<6_35bw9p1WiPh)eBR{cr;ao7H%=rtYA#QlQ(9VjVJwBX{EG}?^=02dxsvQ` zgO+==<= z_VxnN@8_uR@K<_F{HG_IZ|%@?6?iQhN>Co%Q7vSW_#?%=g@qQZ7cqS=bh;8pKVA6p z`AVM)ScDz|%DD$&?mN|$*9`UAy}X`M+60&HetyMb=+jd@a5oBKE3tVc_Ixw1c(;(M zb?WYW>(HslD32=Cd6Rw|PMI9Eo3FCv?u6G1lhTftmvA?CkV=$#tvWwr5YK*C9MX z;HB5wln9Esqg6HrD|G#j2X4qv)^icq#Z%1pDlJ~TECs)>0^0@fwF#xd&m{we6@fAV1Ogg&VT7~Ir!-p9wMz!LB!OQwiq^2|}pY)~fmp0a-1a8o!os-&uF z0P2q;UWeHIuk3m-A2yGv%7Zd_C}7`L@?Wsf#7^1hr{~>A6i!#aySEp`>-L7_1_qdUAkF#Tpb>?FyrQD)&}+#ALGjGqrtj@9jeDEE zhaANgEK-Icff^a%&J}v9W|8xBiTjOG(oR-j-vfMpov^5(ZG?LXH3jzN%a_FdYWeN^ z_8F&SE>T~RJnz$!bG4V_K9&%hb%x#t_MVFGZK@18hb>T3hOviwgLpkHvRMm^^K9!p z7a&5W@%j8Bn*@)Md8^6%oND2Rv@xr+W#8VPCLi?X@l4mQU0XqK(&+KoIdsqB9`$KH6^7N; z(IE)P(|S*RZWoMIR$V6Z`E@9-O^UX|uy4;3G!J|1%dDxf@8R-vuvkr>!*11M-(KcY z@9ZK7$j-fepW6jpl~q^B{DcOSR~GfouHux@A(a)$rn5Dc>!;)#(d7S7Qc_ZiczjZQ zmq{2RCC4?Kf1v{Vp3J{cQB~D|@{-r&|3K|ed_A4l_d-X5D*z4h6arc*#^fI6bc1yXgDM0$=T}0?Mt^86-8fM_-N~5i;CDT ze6|YeuM@%NYHnsIZ{NM!AZ5XZvF%1fPUkucBMvm#jw&o!vLxc+5v4Q*)r~iAI#OSr z^$iT%lA0<5s=C;&dKKHXmgdpzaA}LKVw3Tz^YG=%)mC4L$2~r|8pUYQUMu|m-jXl8 zI>0cyedkVX+N{OM*w>EBzcw!IZayThrKPnkFHb9Fkr`}sDWNwPmNWf|4d=}?5{cCR zI?Lps`(ASuYo5Nny*-kCUk$WK8*)E8NC=ggf8qS>=CPZuo3XWz)2 zzieB6{@aIZ8Y|m12_*i>EOJe?N0H@*H*YA8PEJcLEmii}B&6-#yVy-vdE{GPZeyeK z-92VAkNKadd30h`>~KFoq0zMT^yDvHy42Xzk@^1pd*i)(I1i86Xbc7{ z7XAG4{AB?rZ{FRFQBqaS5RQ$K-!yKIcy#VF)t*oqSs+PWS>&?}! z#6GS@EdjTrQ;u5o{e3n{nwq&uf4>82Qm3mdPej(#)XbSP2No6u$O-l3UZ%%lTB>&~hm-b6sz0;>pv%BhN^$_!U zTfixyyQwM9&|kK!wsHGXFHqvlxCDpH|3#L%^ZH+`=>sjI#Ba|NN{LGrLY@YnsST-r z?Jxxg0~NGHXj+-bqe= zz&iH69T-vRYE&_~E#Ny=_(gHNSg@ro?>M9NaR0zS>V*pyrtS_`;y*no_giKf^Tc<= zlrseypL1-t?uQmH*G?r8iQ2lle_i~300u{)l=ko6KRojBlupyqO=P}y#@Nwxvc1w; zyf);CDC4UsXTHK{5uhr@x(YpI1WE)FSguF2AysQQ+j%ayx`;n5b>~&n9rK`-G17o4 zo@To=59)X;HfK7nUlm-(dF=vWtegJErY+h~Zw7Mz_f`M9&aQ~3 z=Z&r7dqL$~=%%Znf`oO|Z*}1DOi5&NWy)wgg+e)S_N?!SkB&Oj5LM-d)J<6(`L_3yG5z_ z@%``Zd3hVd_+xEHzrA_$Cj8DW<3cRo)=gJAZPwy6{}aJWEG<2wbb!$Iz@Zev!Zr$<=+yAlokUWS0Os)_A#TR}r8%Q#{ocKk{JmyJiKxmTe^D7BX zk58^vTC^zBeXlt|fFFeB`;d#8@~nYddV=uAZA&h`-@gV_WF;lqAy?wvM~=%~N**+P zbSf91Rf*nHcp$ZF_en^?DpwN2Qc*|A;q)pzd9G`Th~_k47RR!W{j z^oy&i004k;wj&xJ9K2_MAT#82x?Qs^jeKzSqvJuFLa!xvHaltJLPClLtUTr~UYxam z#hTZZ4H^z>*Ipg4ngk(?7np=*KRU6B+}mF1?Czd#>-4bLA$^XjY6kdaPfKab`-?I| z2{T8zw%~t9*QhC*CH@@y7Tb628|lee#>M2p@&T*MoVT~oWI z4Z;sOV`K9hWY%{z9>c~R$`x4R;7{o z7cTxNEJTsze*E}R!Fp-i zu&}V}yX)`oG79<&i^cvJddg}k>s~aupMEe;HPZeII*H7!v6wBO??3 z^n6SU{o>A@JLe5_H#>|dtPbbjZxAv8{{8nZAX2XgH0tl~UrD1K9xy-{tXQEQ8XBr^ zVp3p>lNsFsxugPmn)=B#q{4SC1%MnJ~E`-FjbKTRb*0xWjhS zhtA#f{nZICQ}ia;Y8c(){>y^TMb=rU85}--TtQ^+(RzvQpv6>*y|I!^x?6}se4`gH zuKUn-47Kh@Vh<*|M)(kHr_#t&1+?zzGiRDhT^IIX8s)BEzkXZzYKgSPdGp4GsbAg} zgt-Xp%$*4YJ5SGT1FExXgbzW>@AjCV_d2)Urxz5-4LSL?n|fcpEeNaMFjc;!>Bzz% zx*BNjw}-{u&YiyFR%%I!b`Pd;_FQFUB@GQk3jSIJwkw>kO{f!=`y{*V+`02W(%H4{g5{si;7fl$E&(?BaLs*^{|t z%d{TMhtx4uaM}z96ZEJJjtqvu9drLTE=$30nm=zI9E%MbQCR(kABNS~iwDqOMV{DA7uXg}DAWVfSxHGrma(s8u3o+B>FEhiDL=CM zN_>xSE48=jV!MD`QFYl%be!KFDfc}8tUeM zY<_HPtlvyqYwJa&rKN#a;y=Y;NyD$}vOvRT#*7)BAtBlPpQA4yn9gd#{#<_g^l5Ed z_r2fGqWP~o1ttxh zwdr1gfq{cR1Nf+vvBAd=OlQf@R$J-szuqz(qAxV505l~ zK=bzP+x@*~nn%l?X%pxp5^h0Y*1-T)onEU=dG=w5q-Lv&Hxu&+( z;g&^z$kjw85UXFkdbQmD+fD-?&(P3yPqTUkdRi^l4kKZ&KC~SJtxpn(#QyZeY({5k%N^16uj{f{YsUSZIbwh36xiTtoL)$BW zsjye?1^l$b49nz!yH%F zlXKQ%PZlCV*4L3LpI*CvKI$>TZU6G1k?i2gsw+RA^frBIfBBprGooy`n>eB6AN;nRa@obvh7 zdktS-U*}(aqp&#|8aZdrn)YBCbG&_gP>~PyCyTMthMSr5mmy7`4T#@;HPYhE_#ci5aoi!uj4J_d#5wr$(ii-hGQrzPp9aBNF<_DN(7gt4Wx&+3JQV_)Qhq!Afji z35TDrfYQy;#LmWIv7mmjwY9ZO`dTtcfuL^|!q&%j)h|IHJVq2E*XJ(_&@wc18By3< zfsL!g=223Gu&G<8!}9A=tXFA~VX#=Xh zSq~rjmR6NrHt!|=Y}X{9N&GZ5W!S4vpSC`G7Se+`B1gYpWS2f$y`+h)KU5Y5R&fqn zn=>62Avy0m5b5IL^5AL`cM@87Kt6cn$TXo)*h2R-+h>!2kBzMyQ1z%54y2E5*IxRK z-i?|9D=jT$bGfyfXD%!u#xmaD-?!;7o5!pK%Lda}?(bibg;;$# zy!jxmrA*~^&E}b%eSNvy_xA~cgHgRrsP?eu71##$TVY7Nn{Q@LPFilR;!tnL(v-}W z>)+ok=5;@q^7p%YJ0>GjHD%cP9eTurte4lP&6-trF6wbflb4H^my(;V^8PiSt%|I; z_z^XoN-5evXWHuQ()pMI20u-D_dwCXE-wWF&#uBT!jr|ZR(?E zutNa}y?v)FbtC($cRhM5C9!by6 zR&d1Oirx2`g8(yc$BtRwYA(li$(b{sZBbf^Kj3%FztA#P3yr~)HfdF0^Xi00%t3Rj zgDzO2tu3>4ky*{QB@WvP3y<{f-8Ez8%^Nz=jL3efoO z_E1xfub|#pkeZ%;DC+Ua?kDG#>ALSpZNmOkd*37|uswlKN=gFdy{<>m7AK7)nH9+c zD;*tWyuH0kh==6DK@(Kz1`0@U%2Bg(b5jUi`vrHF(JJSVJ{#xkJnh}x-J9I^ns>HW zl0B~J+1M<;b?a6khCbWg-X1iY&&NC^-Q1!SSV@vSefsny6V$RjLs@TIQBihxcZ7_* z{2}i9`)n?E(=CeqPvMx7s%l2i85+=5?$>@fZrN;2+w8k{-QK);1GlhP`2G8LeFK9j zu$?=1!m(J*OP4M+-nwN+qv?XhPOQ2>dV4#+(2A?8wRCB76`!B2W;J)~Vhel$Vl`-_ zc6Uc;>*+1k({mb5NG*b#67Q`ob!B!I6m&IiU)p|&tM|IA3seyti;4b5aUi$P;mVF-M!Av&M7PwYj|Wt3l4_?0HCrw5qa?7!T$R;ec-0E zN%-vO@4tZg?BbHKqj|F-e@J%5|2!wnck6T!zfK-IT%DV??g#cV?&#rqT3Zeb27?iB z9*!sN!#Dm<^QQm5^7)nj|KG{`mwf&Y{C~8Cnb|M=e^Ya``Tz3&|DX8$&i|j{2ZO=B zK>YtTL)s)5Oh)g&o&S&0!PsF;bue~lG{VXp_5TO|-^a{2+7n17_~2>OFe@vLmuVv7 ze~|xg;U7G~|7VgCyv-7$6O#jZsHnIEj&C&5(~A`loDk>5@v{#IilOSD@w8}fybjvl z*8|Us#XGvY`Ivb-C-}J1+!E=5u3jAXcr+IcSOmqon*j9EyxJXtY(}CrkK=ttBxe_qmk?#I@fBWF5pdciQ zg)&9E>!9(`_Q|xk7^dSlc9sgds!9tu?R3!i2um_C){z)!IU>?gEi8eQnjI@jL!^P5lA|o*joU^OBB@Rc| zLF1WRbPNdzBoSN_f;=4D&;$o}dow(S#bkJpaX6F?8t=u6ap!uWIgV6%Fe#Dl=I_N} z5(ByRF_D~LoFCea=!f#A5nN+XBrAriuX#kQc_1zT?1mYUXqUvZjN=8{(GrMw(`2+8 z%RR=@o62)bK+?$3I%vEA8bRg0Pp}T!o~DDgk8n>6WLpreJd^zBrfeNFo=3FA2e6}~ zC_d;UcOS4B4)LCpWR5?^)j!75gBZxwLEFa$QJkVE@%}E6mI>}LKxDEx)gv$#<6;?a z5l8j0OExo)@$sT2*trD;It3>LM#bRF?J*v4v0S7DF)kvA8tW3_%yXy5csn_hNwLhh zC_09Q_j7R2LEA^+xMmSV4#taNk0-}ay)d*mrx-fLk>%uKiX%H(c-Z-xyTvBOn^`b@ zP&5wNg5hC?wqm$jcv(1Fx?pI|I%xZZKO$@QOD z`Pv{r*ZOto-R;{PLR|w2cBFL#?+!i^p0hGy+Mx&A2ZRjq)Z$%U9#CJFn)AZ`9q6wx}gOI1) ze^Z&b{EPNe!e2^CRyn0Ej@nCi87ghh4lH+cM3aurRl2q1zwt}$)Q)I;e7t%5rze|J zQ)TW7u$s-y%^+@8kem9~)Tzy9=tN#mi|nVT7t$|Wu-Le9BWUameR_JxwE)rGaYpa2 zsZ#-@3X=22`R2`=a0FuZ^y$;v&qXcda5$c;RxKMjoVOP^n%A20bL^Wlfl&SI5?4u0 zEj#pDa`n@vi#t0zRaPXMX5*JGK!j|Wwb(rT+vn#X+FZBJ)?=Ub=9U(3UtixF(dJVx zhStxYKVRS2xbCP=**1Y7x2Q<1_rTMRnkq6DyXLDsYHy#m;}&J? zT*{60Qwq(Z7T5}h$v?i{F*(@v{9#?z!tHzZWG)O%oH920%}HRJGH1bpw1*FUo12~A z29{GU+}mqGzFUZjcz)T;-oaseUf#y?a>M4zUe4eLzv$8S_@t-Qze&;mDIs<{_58XH%blPn7%z)4&+&QB4B^N4Hht{-z>wyFC=#JAk zo|^ZxU4~O&GiJ_2Q5xqs;_+WkZHxBx@!7Ox%QP8T*-JmnE|x4e@~e4vi3?iB0|UHf zFW*nEsyB7F9b5RWNnm0ls$6u5Ggl@6i(1tT}Z2xEpWYh4{`I*~H}JuR2kS8ob*se*Makk(0~Jv9p*q zZQ4pIwX|F1jkb~B)~L4f`9=$}x>b0aE?>4zOiIegvGb_$ZmYPz&!+3WfWJU}6Z2q6 ziOloMamwnOiq@BwdnxOA-2BqjfNMB_-M(+%*8YBWGs>A}}FJ>T(0ei{`HX$%bHQnx<-DpDg%wWA0AZ}6ngKz zeA#+HNaJue|yHYTsvIR zt?~x8t6WY+L9V2v1Z-aWY3fWZEiK0exO|1L-^s&=tx*7H9;KDAJNQ}0c0zf1l7Yzm#8m1Bp#-PpL2LMiE1q3G=@ z&un}2=%D*v^MmAV%AieITx`cvI6c+XuWqRCWp0DU8aJK-XJfHL`sb>FZ zSGjrS!t&QE-X-+Cm_^82_w8|LTwGk@*IRnUk3W90jo>nwh}(DWyxnqCpZo4^b)Jr^ zV*}i#!q+eQ$yrAG1(u*&g@22Jw#(C&k&`oDlY6+Y>ZeAYwq03k$Lj1u_^ma~hn(JK zmaDA!_W7;yHp4n^ze;(HMA*xeZ~MAc_(zZW>JaP!pm?xrS-{C?|MCS{vKbi}k4|mP z$~tph&?+1oEpF|B6Xu4d4Ep&71X$ScTNf`nTvq0A>hYn~SK>jjwrJ5J&sD3k3PO{o z|NP#>Kk)eD_U+r3ycrG8s!dny>P**^bac(BDU%DE)&OHu=eB&W} zOwElOE2G;hs)NhJ)_#%ICe(D+rf)AONMAQL0<<1>AAVa91}Ds&t!BA?X72MiC$NKn>yjP@* zn4&S5DX@T3p>=O=?NHLx%xx_rI^;o2vLmNXHGKd3ee6(g5bW{KJx0rx&4h)UE<&+h zEdMyDVabLiU(=XBfBrND1>ZJhYyo2R#@yW8ZWW6BuJTM-S=o%72U<@ru$=cbujs_Fend-<69Eb{#Aetg9LR(siOr=$e;0Je(M4wBTk#!z!$Kd~aaX zcH6)2Vjea4((e~_^j>vWoV9b;uJU(}g^Q2A{aLVwe6+l9k9pgH1Monj1$TF2L=uA+pGdD>pa@l?h$*$xJ~NEi-G@ zta~nP;mB9d6JFv{QdZohVeap&4MWQ!vp#%? z47tp^HDbHU&(H5sQ+|Ga=d(*(yu zzko`5(c;D8Ul3YaH6wf6Thg+#72Nii5_k%ym0kVbJ~|$>si(CJltbu6Tb-Sq=ZNH! z)tL?j7K_!4a>no9zyDs&JKTpF@3!?770Br4mqD>=$Kjw~y5QahmM>y=KUm_3!)4^y zp$knJb92p@YuiHz*^2~OKJHM6bj|+<~C1#Q*TB5r{J6Q^`K-AKN^{xo2w|W@>f06p%4}p zCQ<`itrGj;ip=Ba+~r@V%~rS8wwAkQj6gYqFDz8sUN-92i(u1dP+0Na4)|2xw%dF+B zrn~xe87^CU=-&B-Z`av!-Dyp-mCu8P9#Fm`bkM8fYktgJ_ zKRq#P_G-)sEN33PeqF?#dKVN-Q$okR`G`ZPoThwjhx8!vCyXh*+ z&03^wEq7^}YuhaMz2;k;&T+OAcIbXt?e$#2war~eN2l|?O`oHk-G*-cJv#-0+>@)X zkXjGBA3U@ztJ3#*d&e2N(wsT#sdsi|zh&f>*0!@|PciY%3McM!O;Paiy3|LN%k za!u-V5HuVn3UZ!33u&%&)&U`{BKF6e;^N|nw(|M)*{Yk2SDimHbn8TB<_v8;y``3x zDjFIZD%f?)&&NE~72#P*CHK9Dqod;iqQJJhwM>zAw{SzQ?Z~wEO@f8$pANgYx>m+K zHFp!(s(*X2#zam*Wqo6#b4h7wMh@Pv!CR+89lK8L%a<>S?{?E)ef*eJNp8?GHJvwe zfzisyNJEbz%g&bNva+(s-EN?PVDI1n+8v11m&0pPrw5*)&HDQFYsjATvs+7DJOX@u zWp><3y?D_wH8mAnoBaa=sny{(wkR!~Gk^Z(?(PWCF4}9s!qaHF94^-@BqTd8Z|=_g z{NlrhQ3!{0P+cXn~9*}r1Vwt|B6v^2S9i~MH_ zuKDx2-WG)68*#k=j7UvWjhpZ31I z*!AckRYi?;*UdaHcF2uqv^?;aj&juA1gu;>w4({vw;=RYwgy&cP;o55lPPpv21+VToa?se5PC4b2W%-Ana>^;| zfBxzF1@E?h%l^3UYi4@QYbQ;)=EBpFd2!1vo7XfBo4TUx*XNvb&ib~!rQ7b~|F~uC z>|3OFA6>lYr+@zZW$^cF3&&pw9^jVxb$Rov**-($4Pj zo*OJaaLvD`PM<#g(j)G#-njJSD{s1K@vAQ{XdOJ$zk2zrKfFF;=lr+Nd+yj-Yw|Z- zcG+bE!X2yR*1g7e^+mrkL`h@(pVc|mYuKZDd8G3rvC$sq}3t9(1cz45dfdQ8u zvg?hzX1+6HTix5|J$F=57PzYP7caIMtgd3yIX=l;24@~CUB zyz+wUt~+ks*2%N~{MN7^kNwNgbAF5tn}$~G>doTY=N)tO(TKmBRv*2tt}hG(o(PRl zS_k(jYFzj9+Sg8B|H#o(UVlj*7WuV!*Jqb@>^$^_2mbZ_XB)1Vy}Hla=e={pl*T8| z-*8PJ5cu=bkG8CTRg)yIo>J^xHy<8Q?d?$Q(2&Aesvv%4ElowdfbY}vBM)?R(m@@2~&!!Q2u_WEm1 zxO{@xk$;4E*9Z4B%)M-O;e)PqGrhCcFpsUhy6S^(cAi_*IOKyFlP5p9`}MuE)|8$R z{dCs7Ykxnxu<)pLGk377pa1BYwO60mXZ7LhX2$MmIQg-)SKoKxTX&o}YfUt?@3~ED zufFfkZ{6|ZtTmqhzP0x1vz~tLWV!YJlc#)LEDsy}(9*Y>UsykF^$jltxM0x##+`E~ zO`7!B4}13@WB1CuiBB|@fRd8mj%od->RM**E04CfE^KZ6@Usn{U$kUNUvb0kGVPOp z9fH0#HGv}!J$S;>lP-8EgiJ(o#=^Y zo_VJH?K>?`zV+6LyWd*3qwVeAUDdJg$8X=w8$9?Bb;qXhvRtz0>z#*4l62vcCI0_@ zyt(9r%V({ZPc0MP{QWx{TJnYr>AQFD-qDer{U=YEa`xG0A9U~5Bj4M1({aO%H(uU&#|-xE^$R|J^PaqM17Q07|Jhu4ZFMhS}+t05U+rAGJ z6&<;H_3Bl(T=|SV_NltY)#AS&KHmS#Wfi-&tUc<46aIYl)%_b98!uT3uf1dDUA|pg z)*g2F;TPmrA9qHyXzX|I9lZITNl%X+^!)#RR~Ifn?vm-ZJ$diTV=uk&jFvwy{iy#L z(NBN3aN+2-wzj4bCtP{WHG|8KUfpL$Wvu_~H7Aw{kNt1OAK(6}DgW@p4?k|S43M4j zx4-3YUNGr`(Sx49vES3z?EGr`3!5KQgH;nJ=H=y8YA4;i^pr7wzWw$B?X$O!A2##O z{wFW#|NA{(4(r&o#5eit-Rs_cX6?Fv|9R`Z!4G%7e#fd03!cAb*vv2fHKq7wWQRT4 z_Ta~(^ZV@h@QT9l*bA?nZ*_+BTeBg-8KNAtY2pioaO{QG%xBqCFFNx0KRo;Fq;=m7 zJL2@$UwaL>-M^}+s9+Xfe(HmV?s)S2RXZvtt=@Fw83TX%>8D9GH7%cfJ^!W0|JZl) z9W#qxyy>iYTL0xo?WjCu)qkGs=vcJ#wZiZA?k(I|0X?(s@g4HRk3W9-;T327dFi;{ zyw^5*$sIeMgdI05TlV|Ej%i)Be*K%Dys>?$>xd&3yfL?h{qUK~SKYGgpOQ8e7--?CClDxTfcPJf1doLW7|4uUfaG;ZkxWLZQmpJ-8bUM z<4S&~9XbD?O-pv2-a2;Wj5UFKk3YFw`<*D>`RTRO7JJS(Y8}_>|-v7;?z#EJHyLsZ5ug{!!$-%j$<|7z9_~~2sEGrFf{l_6k z9d(rXb;XqXi5KSnktY^jckQ(UckbL-wegkz*|g-FH_Hc=T|2+6?aaW7*ReHab+@ms zzs>jKzOPsLL%-Tl*(%)FZ^e|6XP$Y|)~#E=;qv}uIAm^kZ0{?l%--?jt#xbHt{uOk zEd1$96I}m!|NRS)w&HELe9z5uA9!)ew2p@s|9t+L-@NHx${n-j;fGiDJ@lu8E0_G{ z={M#r_LN_=X2IC|Uii!2yH__1Waixd{I}P={QUEOIPWg$p?hBWMBDPu-JYRC$9?D!XRqef+C;OYe@I_>TuyZWSgpHGwkm?Tep(e)610+m8S8 z%P*JZAKuZ?Q80AqAEw_{8H+vm@$KVwzq8@mn!86|tV6f&v4i`)x8d_g)%+DN96NB} z?9aip6HYwQ8{Rge|GVK;* zk0}^BRLNiQ!t1ZUj!f#%8+V>Ot) zzIx@Zd1ndR?mPV5wmrYr%1_48qV(v-+_@*8()y|QvJ*zS4msqISq})uZ@a&F$(|iA zU;5C4(K8l&@IQ;b{fr=Z^q}8g-m&fG%D#`EqdgXPd@qN?pZ|(Ke%Mb7w<0_wCeWT z4_lu9{-;~-?eqJ6`xgE1;h>*uw|~EW-b32qW5<&(3`W?R8&+f{pjdb z4?T3kwZ-!u_-Vt#51+Jp_3CB$hp%3}`lZiCob}^>k9p>bLDD1sYV2|8^TtgVUN=fQ zg_-*h_apz7cH7?F{F4{`dX;!*4Lx-*GKoy!f>@ z-Wc`$`pu!IzS{o6ig)*JT_ zfBNn}2R-)nO*_kP{LNbrgb(g>(izbsm*<~))>-r3+gnibrOAzWv&H7v)!vUi9CBKA^Dh@I{Y2y0!V6NB90` zMc~>E@Pz?qk9zggwr}2Du(IE#zD@qs&ph+Yn$IE&r`oF{X{5zWc{J{8(Y=>*FsS z!2bK;*itUYnr$G{qg^P^6Ku3CrpMTPPlT}GEjceY4X_nHg4H__k&c3?0#;7Yx^gk z?A!FyNxKv)66A;qv|kr=Nbk)Zre!X-V|W;e(>r?7X>h$#0K67QPyr zbp2`5Zn!XS;?j$k-dwn{-|oAEV?Q0**k|F+)weao?mK?p>q}2Qqa^z2tj*pLm+ZOu z{BJfbd8gytS+fpXym;}7mnS}d^BcPseDzVa^{cB7amC!X>*4$@+wN~Z>ckU=m0xu0 zg0Zi?aOGb4_J)HV+qiMb%O~A&*;e7AyY9N{82%5b}ahhy^6+DR=#oL zn6IAA8?Al3%=*#wMbk<1pZMeX>rdHHIp(A5`kgcR*gj7@`Q(*XUG?D?+n4R(u%G4+ zG7(~H8xH#4+3UoD!on+&3=D2sS#iZFW2!dF%`5wDU#^bjJdJ(6`0A^1bLZYDTsv{; z9jjMYy!AkM{6-*;y?WATNcs*V&Ko3s7k&HL`BSNUL?Zp18F5(TiWWw)lt_Za#GT_U+e=Y#wk?zd=i{zPkVB z18s~o)p*B@n_IvA?7A~!|9I=4r@pi9-SaPf_Ss3=?rq23G4rkg zrV{(XT2>|=3ljPj{Dc!C*OYa%?G`;PTF|k;m06DVd_m| zPk!*h2Uq#8bjf3{p7>?QqFbCCLyv!-%rSJ_j>_X38rO{4_Mke%?RLL%Tg{;Ve)4MH z;ei()n>eWbLL{}8M(aB|I^KLBeB!M&H!W@b{E>kNAA02PI4=KR|N2+e#JpdB(01`H z+v*UF;#*}Mf57r)#QTY6XB8-4m56sfMNXn6LK1!Lz-Ii_RZ z?D6Brms~&f;!7{BoHXgMMc;n*>zbOH_t8}~cSm=h z`|#fXtVr)M+I-jOL7O_Bt9#`7eft)jbk_MNwSMzyMP1#|13c$m$iI5)`=8u)(}aZ! zNALS)_Yr5Eb(Xek%de3J{?-HGqe#@~s>&t5`FP9P6My*Ohga4~^DbPn?N5Q={K z`mV*N78V|k8a(g3Q%*SHgeqj+E*SgKhh-g;t3GlSHM-r$-_vl(#oSYMgWb!InsUv> zlP2WsCFg1UE7BnT`qAk>4%%}3`lo;XWX&giQU^_v_&=K0oZN?9Y~I(Kn;5gy@qZ=W zl2P8c_`i`QBYX4z_Q=DEqC~Svm%9M)vl4szvTXcW z%9Jp}T^v;X3NLH;RRx$zZ;ZEGbRCcsa#gH;7n39cK??GI;DcHVgra_961j&&Wn6$< zlR_?Dq1pRMLU#Q!Y;qAe;|fV(SniazKjTZ`UA!Mbt~X)5{+E+lL_uOXwOEjXlB$36 zgjuDTk;R~^8OB;9g;UF29y&0W2ZW#?L&fDWZfkLQKp-OGOYmGCeXK6yCRGJj7g;nA zJ+nIi5k<&gTrN_L_N_`0#Sd|F>1�T3T9cw;sE+m<-DSy&c~bwa@qdCfwd9Cy&$m zZ@E=DCw-(@|4Y1OW%29(aPRQm^}i>cygU%M4(8>7YR!5}Ct7DKtBWhEfF?--zJvhC zisXl?3RMP`|DD>*%lds&GZ6K-^735PzxB1rgDI_d@i<@}C;rz3mRdZI4Uii-p~`4- zXIFzX{9jf!GLHXCOS~g`^}il@T3d^Uf+!y@#~0-Vcmd+8Y{CdF{tzq&LyOznT`pA2 zRR^_*A_5j)t%5K7t{~(Qv)tV3YHg+0=tAHo1jSgW2;cP2pa$HafaCoda5ux48@MOb z)VP70h#og65O`Gs?r{}$ZuIZD?!rRgX>WI7Xj)r6q{Fm5penKg15i;QR~1osF<9>p zK`tWjVz4?WO2+H)_=Y*8-?#wq08$Bxeprt0tO4ZC?eXMJ7hPK>j|VivSUG5I1xz!H zf%bOe3jmS~6;_iJq)%I3lVO%y-T;6`rQo{*8G5avttHeC>H@TZ1rbSu@n2DOD02Gi z7RU!fS~>8#^belIc?_`%*QI$x4Rr53k{(bMT^waTji`lsdec$^RKgVDo?p^jrkK4h zOq?-ih}qr1O}M37W{^xC8517>Z~C&qQ+-GAF{;7t%rUoEK4F3HDfODC5h9_tHRuXnL%{)_%En7zBSYh z@-v<%3kdqK^9>+C`55CmO1B#@<_Du}0uYuecua*L5zx*r%_i0nQ|pX}uhG-F-Q-5g z1#9Jaatq?;g51Any?HLC3K9h#Ftq=w5^*CR8H>BH;S8RP3%ZNc02{GzIObCBo)~wFiWwPJLa?rx&6bO zrWEWs=FDE+dYqXscPu#CN|_n+U)Q$~zZJm@IZIpyo9J+sGiZwo9NY0=j`B=fmKk*-}ZCDGYDCMyf!z^q0 zTNjB;r4`O8W^G1qMeiVK%T~Unz2v5cjBFD$JFF}#lC1EohJNcCcX$I%mN<@Al?dLb z^F_EI)R@fXOqK-RA7jk+Y%{0Aa1<()Qdnjc2;66SnNqK(#GNSXlhXlHXf%lBHE@$I z^?SbEcC;od>&_XjM5wh$N;4gJW>}(iYO_Svs4n9w@m}=Q_@aRFVvuPbjRk)$QRi1A zalYis5NUepo}?`wQqVF(m0mP==rL~<&k#eF3K=8GJEF&lij`$Gr--s#OrIg9tTlQP zRdne414+CXRG_M6h#xEE_Z zExYQ*Ra626(kPk?xk~Y|{w&s;uFHGUVMGf_3cm;kaAk$URMm5b%F4Q`OcCf;xGeD3 zb<$&H-X#01P?w};?yy!-TU`&8DDQ_E;*OPhy+Y;kI zMdBiU$bpEc@q$rcI5V6n0WG{1inFLuGZf23pe4lnLja+gP%SVcWzkq|(S526Zez1~+MJ zC*f~X@Gg?fY9U6G7#*sT5;t(G(62zv_%WRgLpN{-cqnkV3MuL-DRG&xtu}`lNkl=ReN!9h1a*4cu-+k%S%oFhR~``G8}I-s z3Oqos$$+T{04ZQ8jl?uB234duV0njhjv^#{cpR-vNRQV*izE)wfEH4u7F|f9e)Ww| z52!SLnf=wW3KTWHP;vz^9ZJpZyLeRLjraKyFXD~*L@Zc0Cs~nmsIO~`OdS*;t3sw) zZ6t8m_8;;wj1;HkV}N^(SX)tFKeMK;sveB5tE;Ii2j@r;!jG~dMR^W_m=sZfKcZkP znEV^Z5>M?;sB#i1Z+Tq3Q!5J%2@~q{vm)wW^5L^Q9AGu$Tn#7rRolUuAQYj(3dJF*#iL2Znj%Gf0#rkiqdt|M)N)>{9H1pY;0Qh_aIS`yWP?jvU#m|MkR^h5l#py2y$oqXiIA2cW@13F-%> z9sEBxC;&v;z<<_Bl4i!q>H3crf}}KXlihn=rAQ`??L8QJ8g(qikj{i8AY=5&=%1{G zWl7~VDM@ktqgg?PNS)Cn1q;`5OTQXa!n{c2fxR7#4O)#}tH;MV)PY7XkQQ{9_3*I7 zL5@jMBWYZMxPKQXU94js=R3aG|pX5gtF>(~JGpn?Jp$_n(e8sy3WcH7vfO@Sf@mD-3P zkXowl3@S{)1hQE?jui}bJ1IAKi;{mUEi`$>9{G|9$UO2&eJ%X(bbS z+`&qQRvdYZ*v5n&#sF59(Y)E-GLFP+|I20TnheTTjee1P2oOF13as&{mSzg^e8i)r zJPuM@$G8{$L^wV!5(kG3jNH*bM5ZaLA(o}~J5sWBogf8~CvZm2Nj=WgOheud@T4bl z`c*d<(K@dGwoSBNB6-Lfol?hgIbe{4y#`GdsKbE_-0o^{1ICI!efOd8Kw+~UAI<^9 ztou>_OQ-+SIF2qE0O|Dq5#G{x{eQ&BUjJ{8JlVwmPQ-o-4FVtQZ$`8WMI=111BX|U znk2It?-L-|mSY9M8X#OzTdnUtsaDr-qBNm2M|&~&UL{-H)Dud-(!c1pT1nB&Z}hKt z|75Mj8)<3Na6~d#4gx6vSP{U5yoyC3Evb*)S{wCa)Gn?TH3r~UXfXfF4dHPFHf0`NhgDXgd>rsIGn0geygJl?oF}B@Znk9av_bEZA03Fu$XTw0*}j8^3){zu`m2$r=PeMr~QmJj80%DsYpj zbSLzopZswIz!u3)QKdJ?i<-T)Li1ZdkXWs3MErNXJ4~vH9kwA7bC7ANBLiwlNP(sx zflVU=&^myWyM~wy0p8C*^h|e{A(z3zpzlW4(pKC=+NLAf#A+5oD{zRA8J%^6OhSlE zfE84jI#`1sr*lyjbZC_VtEzal=@LGx<66rSuZh)D2OwpS-fqXPfm}aSG*6fn*&yDL zpc`72WNCQyY?xXPR6Zy|&V?%Q0p5?)CV+;B#3@fqFNzpzbypn>n0dXdy`hzgll*FN z1kGD9MRIYTF`*u7GwCN6wLOhAjl=*{HPb4yw3Ngfr?1nNfv2{-QuM0tQj(=A#Hv$Z z4A`1>$0NcoL{tqbWGh5L%X~)FjN+E{syDjC@kyiq)04T~>i_q86ZQYn5hcC)e@{GF z`2Q`sysEJx$0{5-@U13Y4k-EP#mO3wcnI6jagv{Brm`pmg)pOr2*IYPg1^%`iT&XX zX3Alck08_+s`NH0ajZ_eKwYYZCS$OCmk=!>BU!Gb%kJZ$0ylxBbp!88t}XxR_kV{c?EiXuL9^^#yDGa(q+oJ#(2yk^e8m0i&qm}{X`{eqEJzI4uUqMwuydFHXQ%t!}XCsfL{pQ zoFcHjp)HAD+P;+0*1f9sRbOWFQC2`-HX~1fGn>B#(RA_6B z^qUQ_rM8gM5+U(YLeU@lMbct&Q<_ktIXnwt>RF*sH`EnvmZNcbq$DXbgC?`lsVBa0 z##@{zV6rlcrPCA~ld@C}*v3GQy{k-FCqC}g&O(k~yUa?Ct>&7gDg;4lu}0OJd7fyP zvqaFtL2{%m91%3$V-_;g0^qYkektt3(WiO>{q#ba=81AxV2!UySJ>nwY^b&2kiebA zYLiUV;e%W>CfOP=JVZ5-n5lqq!bBWFB={-gMHEw*tc*1sS7BDv(*ycn8vUOfKIqo{ zU+;*L5u+0Jf6IFFKljL!h5m1B{}Q60Vl#!@)QQI?D)kN3dV0Ra$?a?}gG4G8BxwC0 z+~NlAaLo9bYJ)efDGwNLdr@qhJ*kn&sZg>+yd0z2%w&5agp!)Xj>B z3Kg1V&(Jn32S!m5T{KD}WB?WeWJiJ5^o5`74(exP3g$;tjcy(r$S=fIe5}8@g;h9n z1D+RnEyiF7hVf!R>e|I9dHVQC&lsx-6JkBZV`7rrBY?**i9!rXmlg;@Y!nS63Kdp} z$Ek`|c58N=?%vO~(`bSUlYZH^?OGc$)B!=ZrpLs~7pm$c*2~gb^w1;G@pNy>cO3JS zu=8y0t&#eoRmaj{W}F3gqVkuts1;BX1N!itRe|_*ry0gFT6S;}$u6uqBnf3R#DT}| z-le5ymX>B1b3PI{-QsgXh4d8zS5430cs30xMGcgXAxYkCjO)NR_EfV8oMW$H4?s+8 z5%oBYm1R93-V!5;U>O5=k%J3U)yg-3P9El%mfiFw(sP?}h*MI40yTw)QHW>@pHmbR z$Z|2@$I3dF5m%Z=CdsafCA`aa;8i!9?OX`l^u!`J!=4s4{tT_x;aqL0yAZeqCoaU6l&inskv89+vvKY?O_$40V4$V?6~G7Ev05L6(E&DL?ut3cHxMDD40 zA+BWyW*}EsSP=z0_)P7Yq_MH~*5a2X{iL5B0q(FY6#>Wu%aIzUE)Wb1yBRQ(7X%>l z{$>#16;&f=f1w5y8Wc$RlOv50P|2JC4~{W1*GmL5`9en;q_oKag%vp|Y#@#_L#7jW zz&J?~AS>FNni+!l)TSmO(-Ek#uumfUa~U*kdN3Rmow)fRjvTx+I6H=^lRqmDQVo1otqKydXab_3~b1u1S%y9 zR6%tBunr`Q`jR3d2O=VZ!q^(nX-~)Q5S7+6sX=$@8L*PQ1y*zD#?0S>i5(M?*%zy- z#z9~(q#4FicBAPDQV3<^IpfuMNo=yD?lUB)gj}HufKmq38fV+}p+2Gn8J5MmZ? zi9;71aRm@zi_S@j7^Txk*rSNMTwWA5sepACJ41D zFg8Jv!e~{uUcsZf0TZ|MTLhSCt|aSrhMvbhX~(z(>UxSr!Ny|RaSSPYC(~2KYAm+4 z1W9U+$iN*%;#=3%^BtYB#F0qnw~*mb6Q+@4ZP=>9(eN?rXX`~jc5={_G3U~)4q2pi z9m^r*LW8Mb&v6e{=ePkUL6YN&E^me~C*S9YZhd&9*VM=DX%ujh`LrB+GDnxBtmVjN z8}OBlfTG`eeSme`mJ@+-$DE+Z`UJ??50dH(HO9(C$tUC*7WRzKo#IS!x+{=e+173>+b9dL*0xUWz82gZXVHqiiME}ADVfez+;4_jmWq2iWknyY$1WzjCL$B1V{huc-Y4DupC&165O(YNPp`LZ zMB@3+-u=HGd9u&{V$CK{Psjt{Ge3^&H>DpxDqtQwG17D4O>qZbyrn><$zbBTGR-^s z0mF!$zLv%r+ec4gUY2-oEwigE$*B1Ize-Ab z^MCcolhyh!a!@h6iNslJxMp>tNfk)xkkSL#b9y+40^*d&G%hl+i?|g$VgD{_I!Mfw zPm=}xi#7d=)9qo_Dg{i`aG{*ThJ`}s+6PbukTm>HoPOPW{-dNMA^)>?c<=d-9(l6h ze{z_g7fHT+eDYS4KoHsUx^+$W^pdXtgr4X&We{qV?^B!gdeUS17T59UFEd;hl5}iX z*ilx|V}6`r#{D%&g<8H++Zw8ehhyL5!+ufiI_*fN|jQ}2;jxOFwGcLjl z9DrgJL|KJwpONqqmc-qsow+zHkZIGWA{_G=8^P)4BCaWm8x()RAyBfwW3Pvbe&C$Y zNZ+Lcw$#9G!b(gPbD;LdaclC=r)#R1{t>*cSCuPZaKLvm9YTQ zYJBtYoyu|B3q~5+8~huh4J^DFB8HR)Mz7}Njx!vxQ8a(%-Xp1kTLdY5vt+kd$Dw7{ z*A|ljB!!lw9#PCfINV17q9l4~=}bs2`6gvt+)gu$dF^zFqjj>SL|cFH(Oz`;cmv+} zrobpvR5%5_EFS~tpR|;n%B)4>C%JPQri|mpQ=x6k(n1b#p<+zp-dRcyK4m&^U}&Db z&w=oy(f?amMdZa`*Gz!4{@;=W|8H4o@BQCB@?@d^&m^<}Sf3Qp=!GweBnbEv78^{Z z_8VkG%QvvW6zRX~BuPuP+B>#p^_j9F2MP?&gj)|fb^}X7??RgWGd?$W8`%q6Gk zdz3kIxMBHiYKSczSyt{Qi9u&p)J?CRKCv9snWG0B)SzF394J64xg~LUdwV&0gUYnG z7Zw4ka)`#=7bKw{*)kVmK!IqOP^95=Y*ga8L~PT$!DM_v84e7CVw6`TksO=A!P&`g zprE*cimG2ifdlw(o)!=7#e;hBSW3DqzKdQF^8d+`di}SAvlP$sv#QF9oWf=+4AQLs zBTKwxasJ=Z(%$obJ@aI-{?kYx2r6|#Ff-$sR|c^Pxu!7Timyy!rA!ht8cgOK(i6WL z!CZO}zujWUECj@Ux`dV^VISsT^rg;r>uP6k5`+9%befna&u2>1I#* zp*dDH>q-hjD+8*C)mKi&n^Z<-id>5g8h7-?!J;u+piL$mtFpC6LjW^sh?I?Mf%7%0 zP^nd5fM1wVGtDr@kV^=S`l!)k@35XB)s{@f4FKpTIC4DYcP z>K`dWNK#7sNuh+uJ~iHXl}%J+!f=y@L^=?!I~`!AA1v{kb9|$@0h4|Wz&Q@&g!}UJ zb{#?}tucv?A&Dt6Fhmye0?#Tj%K-u6)5cjD_+UuWU2c*Rcj7PQ;+B?G^voeCmaF}+ zY@`L-=3rw?5G@oF9|~-?Nq8&%jGgZ9j*CP{)nvvEeD_@dOZzqp;SMjb##FP2X3g=c)plc9@u0YcQAMo5~9YmTr zkLNO{>9l|84fE`Mva$cdtirRLFMC&D8vAclS!rDU$5QX8;l1`>k35~R|E3{As2Z1Z z>rW@J1IG5#2b$FK!>6CSX7%ZPbdSyFfYPiiKD|C|j*V!cP8)r3Z8@8Ktl|&x8uV)s z#c@+D9w1Bc_?9ACD7onv*A5c2s6rC6u}+e-B&MTc`Q*0s>d+1nzj~O7rHu%Eowj~@ z^EGw-Iw%XgACpM3;UtzwZ1n&&iQ{J}sab3*nA|j`G~z*1oMY?Q27!Gv7)UFjbmky# z0>L?1$o9ZU>s@Fz7zz^u+;i=O&@r8ex?5O!)9{q#?c3n#k_aY zg_Eq6E;?}ZW)E=pjdeNAhR1A5T{k*!x{=*%L+A>hStU|7jFqHbjvaG|f3uibQ_cQG z&Z-H1ni;jOl1?*beZPO*aM}2OBrz!E-v8q*88Li#g8yek@A;1&c{=6)L4;5>?lc7k z&&a(Kh*H^s;{>vfHn}H=fZau3khQCBatI}&H#>(At)CNzkiD%W4x!X;9D5T<+&F2S zN^yfq?o>L^970vB#`;(_zCK4^_mo4a9_r^j5?x8;TiTW?B3fv?Nh_9i47y0-hQhDM zCnvLP{3TW>(%7Qi;Qb;#2rCE&q+5(Gb^iz4Vx)qV$-2_3(N2129HOkaA;$sV8zAJt z()~WUIEi*Z`Q%inW#E!Cm!)*hI9f6Tq9^4&D%3niO6eSW;3y!yzPC)3jokU(u=3^0 ziP@L|+@0|W&}M(xzBf9EEattlzPBW;bk+Apn?1mNZy9@Nl4;Q0>7mK7os)D7>D)9H zhU$cyrdwU2sZ5ez?$mVMFRD*j_xnZnw`-x#Hil$ zpFQ$)%KsOuKYMEK9e=i)B=*1C4-c|iBfoGD-Q?zrM`m_TK3qE|Et$Ox4=AtFevb4a1lSwrwSRm~X=PsSJWaV0{OMut zjD>|8{bl=@@DMVd?aum_9NXxscL_Iofcus*c48z~-MZ6-(LLBEz~g%3IB^^sS=RUVp2a zj*c{aSZt*f(M8U^IXYGtyRg}h-ju{*j+jku<|h_UZr3{SMvhXZ9>!*FF~{OM5J%eBIpRBl3w$h z1%bwQl0IP8*;3XMnHR**sRb5iA5x)xI4SJuqCJji%N-LiU^MH`I`(ex__)|C@kGX>oOE04(uDx>{Q zC#On@CB>wqogjsrd+dgl#Hy@zZYi;=yT4#6b{tRcRyQl6vs~%oTTRncj@LVDZ*u3C zJV)F17fdcm$CQR-l8}TP$L3agNL6nC_>Z&j|Kg(E5dT*;yrd){{;&7`$DVmyopAuy zAxh|;SYnVM$E#N7V^*j#T!`tBWG$L8dTdZOs<0xWg|eSd zO2X-3jHs|SD=-fTZ@%T`LK8z>i6pdPJGlqd7(0Sr@0#j;c9)$c{w$8#QpC<#OD6Yi z+n3;^9cLXUXYKu$@3>Cqh9V1WDp~C;6tZ(ZIk(Y8%ZxO7K)RfW#3Oe}>V_B@ea4u^ z9vLb)yV1tVnHG{<>?faQQpY-HsZn1Ug8pXJ*oDFP#_;17hp0M6Rie-73pn9PP(XDC zFm?>^jwsA{CLGm{F3`VYdlqMxRr2VIx?Ow~WTA5v5?Sa@qI;nZ=(V7olpXQVrdB`r zK(g+w9E-?14Kwa<`{|edWMThX1zT2LfHe01h_d1F_J3*Fh>~9WzbBr~nE%uqMrE*} z?}Lf9KGEHAdCb_Ak{Bo{L5oX4yvk=>`ioz=liB)4FauSQJS8PmO-|CAH@Cfcjova* z`I2dRo57TxdQ@HvCYTE*4Kv0>C$)>{9r+H|OJ}Cu8dRoVIiHf-(~l|XSlsbf6r^Rz zaLi*ZYih%mpS?`evrH3bY9zD{Joe$~Mezl=mho8}$!LT!wmz4!&z&D-jT57Y9jGX?6$wJEGNLF@ zG@XiWcf8|<6**(&pesh4|3vR88P;&625Gz)oxv*BAju?Pm^KV(FwJE@DMCoQe2zFr z)T0pxt8+vLONVq$AV)JtF~Afi3G}ji07&yg2CG97mo?*pW|rf?5RV6`MabM5laGqi zRRBT3iX4NiFq1UQ*|)sY5tx991H-Oy(*Kzd6vBK^loXhgKGNv_B_m7Y?*H|UEG;YT z)&G0q$pf{lhE^&S(KeZMBz8pLi|_)6R&km2H?u*gGOj$(5aLy!Mr2u1G!>{JCQV*D=w-^KVADaH6-{Y5BPjQ-L8RHI_C z*^rO*H%DY_`>3v=jM^f*hB7|3*)^2W!m?}V`K~-LgH?DbqJrwG@v4iF6=^>7Yc7W8 zAX`kzDbjow6IJ~Z2aA6}UI{1uuNz-cHElc-=5o|WYW^=P8RZ=n$NwWnczg5z^vIJ3 z#_^iShIySErt&@oX)TqABwVfvFnbad!uHp53qqPEtL4STNK!CrsF;)dYOyBCyk9LA zNYQzesPa&mLhSzzDpEv7O9~-0AV@*p4}4H-foQ>@fRK8O%axZ08m696Rp)XwH8mm4 z+QmT`iX0UEJfzw?lC9;mJuK&`E43VWnT5{zjeQ z9(}ADa^(XAJ}^3tfryOsRHGDzi;#1Nd_Wpq4NPENUT-Di>Q51&236o?yr&Oyc}N4pnNp@?7^#EoLWtTx zScD)T34+vu#;vhF0pcxJva6tDkBzdtfWJ{=iBdmBD-Id)OESd96vqbw5G%SW^b?~6 zb(;q&0s&s+H68)lhM+={kLRGM@c|wx!1}a-DyaGu9$Qu*Lr(co8`I3(@rFN4OoUAM>lC1F93u+X_Qb}*26Z4)0 zoTluH2Q^bTEiH5-oT|oZFc1+`7!PQsa9UgFJ~(+1pKIyDyz4Dwhs>pew(BSLry*;^4y+ERNtN<~cF%dbaupBf`E07&LwDwhNpoJF% z07W%|&ty0rISKMnC=%Co3&d|olSrdvi5G$a)dA3C?imsiZ_-ssvKPnG-n5V+wE$KG z7(ncO!0%N}k_j6UhyjaDdB(I=;yZ|s`p`dEVm^#l-a=qEZ74TZhuL6yQ>LeU1D$@- z@kmd(6gvG_DVN7{LjLEdNg}xd3F!nPf&g$y>;X)i0ZKc#NS!2UZo}x&1D3Q9Bz*z5 zexN$PsR*bLg4xx2wYdd(xQrr6TA>kitZGUGrw(L*!vN%nAdoW&YLnvtsw96iR0s`% zIvC_tO^E?|jA1$(hAJrFpsYYYt3j?D2`FIiLV+R&m0GhSz>BH|S*|c{=mxVS9lf_G z`M1(S6F2t6AWcpKPk^fP!`G9mn1{tw!_}(hevnQp1hGxB^LFeHk==8vP0pU|Tr>Ma zxc_1l3iGisBsHvktiKtGT$95TfQdBR39ve2Qj!O>7JwpROtM#l#J)t>xT3b&(3G>A zcAaZgVyx(aXp-bM-qlJt;LOJ=Zn_wwE@$hY>B}POTa+~35AE9>!~@3gQn62vg2kmJ z-qVXqMiqNU7qc?&vD8*Qyy)?Iyk*6fWj!Wp>_TH(!4Fm7gjC(WsAaWKLrjKEmI2l( zyr`-ANfK&c$h4py24-yeLoNrr)?V2R5eqtNYhH+lNAcgQCbBq2+@70-A&sXGsK2#Ba~2GW0Vl6rf*|6niaXQ#7ej zzr9RTDu)i%R5Mc#b43}Q-{#5{Wu&7C5_LfqZU@*An$hwgT7s92bCGDan)KxWm8gkA zMd3MnQ|V~J9`|AQQdTOEC_MUJ7%CP63nHw5CXNHFEMwSGx=}NO0RJnqerVfos1O9H zg&wgaaj`}@npRRGgXUlgLdgyXR!}TBNH%uBa#-6VLRQsSLBLD!5Y+-}W)R@1P1w66 zwQyIm5K%j)OQzyXYJH~W%`WofFVO1B@=3k0ba6rX1=?3xK2~lZf%VpP(PDnZuZJ`W zKlR+`s#HR%a0hKFK2HW+{E+;rj|A{}W_LJd{IvQ)urqADt^VACJiS4cX5(;hi{*m) z642KSW5z~~fj)ZNq8VnfLDwbp8QFxf`MN)Glxl<)^qE@#M5%9bK%a3+NK$|THHC*! zh-1h30AK|LvRn-KvE<+ws~vAUSmvQwC+!#lZW=Yo&9H}G=}6Z5_PP__mAVUoTYzFv z3%P-}1h`dAk;I^xpbD-3v>V%RlZcA|sb2(0U99VovK6}7NbDEMIJ@OUeRxLICfhcm zo-=_3vI3(xq}@10rlVFzAF0oPwCHn=#QG&Yx*XOdg$=^o#bE9qp_{wN&HW?wY{X2a zgz*ckYIVeDvMT;TJi{|c+ZC^N&gcQk8BG%ANIfIu)q61fFA3@k|rgGb@MrcBs1MfbT+*#qvTMG z*p*Z?O;nl{(XC%(*BdD#?Dl-M2>h&yeQhx_y0OS|^pFH22F;j=kkq1!O^YaHKs_>M zW>`~8%`M2&)2-lf7J@YMXU}ugtt2K(z)GDqC2fhFGM)lGsXor!Wq=G!p4# zGk>|suGN$ost(8}-TcL+SW@ZMCq5`_C8uN&ws?l7p;oHK#pQSJ{In)&XB1A4$#p4G zoi>@gV?mdG-(t2hiL(UAWqm_1sym+|9`ZCeEGZj>!Ex zftKrDdSn*U%wOCc3Z3LV%Z(Xbn!m((Bl*ww@03}xFZT@3WiW4kR#jP%Q&`*FWjk+` zdMi0vHxuX2fO9|3p#euv&0{*5Cy7C+>pBZ+rD|LbI1i+nL<;Qw7JUSYo)v!B6*H4n zL|zQ0_rql1bLo;>B&{PM1Eal5cD5?_0PB+?8cnN1O8|`x z;ziy#&(oCs`5sqZ9;lb0pJxTYV+^YP5Dc@b8MpL#n4^6=Fcuffh+4Knj@P>xZ-o%sZoP=b0Fni-W$11>HV! zxkLhL$XN8#%XqoMtDC?#;{ZZL-Eg6%uz(i>k`g8-B}i^C)jCP!+6hG46(R}q6aA1j z=7Z&~JcBH)6qjd9{$;0^JcR!wv!4en(+{jO;mQMK=oBKFf-4VL_KQuNgPZEZUrt0!V+g*U6~Ya zTSs+} z((`Q7LGYRfEQpOmKpwytz(D8WohD1S2F==|z)Z5mN$S#!(wfg%4<6HF0j+}#$7t)# zFgA^qWnRR~hOI67-be*V+N4@QGmOzVUx#39^pO{n0YTs=n{O$RO|tSCpymN9uz3I& zS|uu^U(z%M#tc*p2vJIM( z1#`phzlbWKuEEm>PpUq7>^uF7R9nNfY?x7=mbJqarD)nx(umlWu-M%o%F z$CE{QCcWV=pXMO9KFu(evd3mij`K`A)Hk4wEAragG5%b6)&%$%t#KS>Xa02D1Z+-t z%3#xL8phW%+Cs8U`6W@61lX0UMoLP0_Og)@ZzrxB$?(3Bv{%e^`Qi~gH`M{OA_XMH zk0ht08v8v&+>s0#XwAZzG9V;N87n|VQ*F~m^QzMG8UX3PARMFj2jHaZaZ@$M?JkPL z<`}md)BKRQq8Vm&kMAH~XZ3lgiMUMf$+OkF48DU4Wl7P1rI|7L1X8B-Ed)I@H+W$Y&_cWl!t8uW zvF2$aN2ydaV5-8H=U79m7=$X4j{;Bf@S^W#mRrhY*hJ7Iv@A%9EE$I~%=EGW$Z8P< zHN|lx^(-0caH2!uRuCsrr5A_w7+uj30A5p}5I|-Xs~88Ybd-&+naa3aLx;}9F^?4R z7N|hL(_F-m-X9W=gtLYYb-6sCR*yfYuT_E$UbT)FpRlv5Bu$_|Kjekb;EMsDq=iVO zQarrjI_@nEp_wI#oAL1NZI&jsNfHACNfcs*446F$Dlm1@YdzUDA^}$B>7Yn3Ss}K2 z{j7*+iUVN@W6893i6aPMx5=8Wj706ZJfIO_f#^XryKqwiOwr+t4XgmWpg50~_F&*V zl*-dUgF0-m6B9XbAQSsn*S3dZ#A10r6z9$dAyx%Gq`gZDjZPKh5bJ{)@5c;L{#YUvno^zDVNYsVvtOpJ_bz! z(cy?#8dVsG2teS)W|h!_-ZSdamhWAQXp+LSf?BLVRT84mgMcf={|@)alB#)3K*&57 zTiVNHBo4)Knh#O}de9hff1YTmN0aE!;l)^*P38SiM3!WwB*(~wvZwhaId%q;UZpy> zxLmXx2O=UzuS2bnS$_!XEffJgr(r2m0t!$8H~r);Ji~?PCCtV!=|ynN5w8-Ch70{r z#vJdL!m_{Sz$ z4{GW_WzF=e>W1o?>Ghyy0;rgN4wzCsy{ZU6o;dOr$~d2dqyRpQ#W~}ur^#XT&JFK9 zcE$33Ah2RE!UiD-N>NBQ31p~*d6fuAR^(g)ALjM^6bZv&enA(H^gg{$@3Y^Z{}%uN N|Npg|*C_zr2LQPn+YA5z literal 0 HcmV?d00001 diff --git a/charts/n8n/helmfile.yaml b/charts/n8n/helmfile.yaml new file mode 100644 index 0000000..c8cd4e3 --- /dev/null +++ b/charts/n8n/helmfile.yaml @@ -0,0 +1,30 @@ +environments: + default: + values: + - namespace: n8n-dev + - domain: "n8ndev.app.8gears.com" + - encryption_key: "iam not a secret" + - db_password: "iam not a secret" + +helmDefaults: + wait: true + timeout: 66 + +repositories: + - name: 8gears + url: https://8gears.container-registry.com/chartrepo/library + +releases: + - name: n8n + namespace: {{ .Values.namespace }} + chart: . + values: + - n8n: + encryption_key: {{ .Values.encryption_key }} + - config: + host: {{ .Values.domain }} + - persistence: + enabled: true + type: dynamic + + diff --git a/charts/n8n/templates/NOTES.txt b/charts/n8n/templates/NOTES.txt new file mode 100644 index 0000000..d8818c9 --- /dev/null +++ b/charts/n8n/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "n8n.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "n8n.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "n8n.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "n8n.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/n8n/templates/_helpers.tpl b/charts/n8n/templates/_helpers.tpl new file mode 100644 index 0000000..77b0492 --- /dev/null +++ b/charts/n8n/templates/_helpers.tpl @@ -0,0 +1,141 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "n8n.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "n8n.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "n8n.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "n8n.labels" -}} +helm.sh/chart: {{ include "n8n.chart" . }} +{{ include "n8n.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "n8n.selectorLabels" -}} +app.kubernetes.io/name: {{ include "n8n.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "n8n.deploymentPodEnvironments" -}} +{{- range $key, $value := .Values.extraEnv }} +- name: {{ $key }} + value: {{ $value | quote}} +{{ end }} +{{- range $key, $value := .Values.extraEnvSecrets }} +- name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ $value.name | quote }} + key: {{ $value.key | quote }} +{{ end }} +- name: "N8N_PORT" #! we better set the port once again as ENV Var, see: https://community.n8n.io/t/default-config-is-not-set-or-the-port-to-be-more-precise/3158/3?u=vad1mo + value: {{ get .Values.config "port" | default "5678" | quote }} +{{- if .Values.n8n.encryption_key }} +- name: "N8N_ENCRYPTION_KEY" + valueFrom: + secretKeyRef: + key: N8N_ENCRYPTION_KEY + name: {{ include "n8n.fullname" . }} +{{- end }} +{{- if or .Values.config .Values.secret }} +- name: "N8N_CONFIG_FILES" + value: {{ include "n8n.configFiles" . | quote }} +{{ end }} +{{- if .Values.scaling.enabled }} +- name: "QUEUE_BULL_REDIS_HOST" + {{- if .Values.scaling.redis.host }} + value: "{{ .Values.scaling.redis.host }}" + {{ else }} + value: "{{ .Release.Name }}-redis-master" + {{ end }} +- name: "EXECUTIONS_MODE" + value: "queue" +{{ end }} +{{- if .Values.scaling.redis.password }} +- name: "QUEUE_BULL_REDIS_PASSWORD" + value: "{{ .Values.scaling.redis.password }}" +{{ end }} +{{- if .Values.scaling.webhook.enabled }} +- name: "N8N_DISABLE_PRODUCTION_MAIN_PROCESS" + value: "true" +{{ end }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "n8n.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "n8n.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* Create a list of config files for n8n */}} +{{- define "n8n.configFiles" -}} + {{- $conf_val := "" }} + {{- $sec_val := "" }} + {{- $separator := "" }} + {{- if .Values.config }} + {{- $conf_val = "/n8n-config/config.json" }} + {{- end }} + {{- if .Values.secret }} + {{- $sec_val = "/n8n-secret/secret.json" }} + {{- end }} + {{- if and .Values.config .Values.secret }} + {{- $separator = "," }} + {{- end }} + {{- print $conf_val $separator $sec_val }} +{{- end }} + + +{{/* PVC existing, emptyDir, Dynamic */}} +{{- define "n8n.pvc" -}} +{{- if or (not .Values.persistence.enabled) (eq .Values.persistence.type "emptyDir") -}} + emptyDir: {} +{{- else if and .Values.persistence.enabled .Values.persistence.existingClaim -}} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim }} +{{- else if and .Values.persistence.enabled (eq .Values.persistence.type "dynamic") -}} + persistentVolumeClaim: + claimName: {{ include "n8n.fullname" . }} +{{- end }} +{{- end }} diff --git a/charts/n8n/templates/configmap.yaml b/charts/n8n/templates/configmap.yaml new file mode 100644 index 0000000..98d5102 --- /dev/null +++ b/charts/n8n/templates/configmap.yaml @@ -0,0 +1,12 @@ +{{- if .Values.config }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "n8n.fullname" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} +data: + config.json: | +{{ .Values.config | toPrettyJson | indent 4 }} + +{{- end }} diff --git a/charts/n8n/templates/deployment.webhooks.yaml b/charts/n8n/templates/deployment.webhooks.yaml new file mode 100644 index 0000000..582f53b --- /dev/null +++ b/charts/n8n/templates/deployment.webhooks.yaml @@ -0,0 +1,99 @@ +{{- if .Values.scaling.webhook.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "n8n.fullname" . }}-webhook + labels: + {{- include "n8n.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.scaling.webhook.count }} + {{- end }} + strategy: + type: {{ .Values.deploymentStrategy.type }} + selector: + matchLabels: + {{- include "n8n.selectorLabels" . | nindent 6 }} + app.kubernetes.io/type: webhooks + template: + metadata: + annotations: + checksum/config: {{ print .Values | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "n8n.selectorLabels" . | nindent 8 }} + app.kubernetes.io/type: webhooks + {{- if .Values.podLabels }} + {{ toYaml .Values.podLabels | nindent 8 }} + {{- end }} + + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "n8n.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.initContainers }} + initContainers: + {{ tpl (toYaml .Values.initContainers) . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: ["n8n"] + args: ["webhook"] + env: + {{- include "n8n.deploymentPodEnvironments" . | nindent 12 }} + ports: + - name: http + containerPort: {{ get .Values.config "port" | default 5678 }} + protocol: TCP + resources: + {{- toYaml .Values.webhookResources | nindent 12 }} + volumeMounts: + - name: data + mountPath: {{ if semverCompare ">=1.0" .Values.image.tag | default .Chart.AppVersion }}/home/node/.n8n{{ else }}/root/.n8n{{ end }} + {{- if .Values.config }} + - name: config-volume + mountPath: /n8n-config + {{- end }} + {{- if .Values.secret }} + - name: secret-volume + mountPath: /n8n-secret + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: "data" + {{ include "n8n.pvc" . }} + {{- if .Values.config }} + - name: config-volume + configMap: + name: {{ include "n8n.fullname" . }} + {{- end }} + {{- if or (.Values.secret) (.Values.existingSecret) }} + - name: secret-volume + secret: + secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ include "n8n.fullname" . }}{{ end }} + items: + - key: "secret.json" + path: "secret.json" + {{- end }} +{{- end }} diff --git a/charts/n8n/templates/deployment.worker.yaml b/charts/n8n/templates/deployment.worker.yaml new file mode 100644 index 0000000..f13bc02 --- /dev/null +++ b/charts/n8n/templates/deployment.worker.yaml @@ -0,0 +1,99 @@ +{{- if .Values.scaling.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "n8n.fullname" . }}-worker + labels: + {{- include "n8n.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.scaling.worker.count }} + {{- end }} + strategy: + type: {{ .Values.deploymentStrategy.type }} + selector: + matchLabels: + {{- include "n8n.selectorLabels" . | nindent 6 }} + app.kubernetes.io/type: worker + template: + metadata: + annotations: + checksum/config: {{ print .Values | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "n8n.selectorLabels" . | nindent 8 }} + app.kubernetes.io/type: worker + {{- if .Values.podLabels }} + {{ toYaml .Values.podLabels | nindent 8 }} + {{- end }} + + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "n8n.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.initContainers }} + initContainers: + {{ tpl (toYaml .Values.initContainers) . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: ["n8n"] + args: ["worker", "--concurrency={{ .Values.scaling.worker.concurrency }}"] + env: + {{- include "n8n.deploymentPodEnvironments" . | nindent 12 }} + ports: + - name: http + containerPort: {{ get .Values.config "port" | default 5678 }} + protocol: TCP + resources: + {{- toYaml .Values.workerResources | nindent 12 }} + volumeMounts: + - name: data + mountPath: {{ if semverCompare ">=1.0" .Values.image.tag | default .Chart.AppVersion }}/home/node/.n8n{{ else }}/root/.n8n{{ end }} + {{- if .Values.config }} + - name: config-volume + mountPath: /n8n-config + {{- end }} + {{- if .Values.secret }} + - name: secret-volume + mountPath: /n8n-secret + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: "data" + {{ include "n8n.pvc" . }} + {{- if .Values.config }} + - name: config-volume + configMap: + name: {{ include "n8n.fullname" . }} + {{- end }} + {{- if or (.Values.secret) (.Values.existingSecret) }} + - name: secret-volume + secret: + secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ include "n8n.fullname" . }}{{ end }} + items: + - key: "secret.json" + path: "secret.json" + {{- end }} + {{- end }} diff --git a/charts/n8n/templates/deployment.yaml b/charts/n8n/templates/deployment.yaml new file mode 100644 index 0000000..f955536 --- /dev/null +++ b/charts/n8n/templates/deployment.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "n8n.fullname" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: {{ .Values.deploymentStrategy.type }} + selector: + matchLabels: + {{- include "n8n.selectorLabels" . | nindent 6 }} + app.kubernetes.io/type: master + template: + metadata: + annotations: + checksum/config: {{ print .Values | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "n8n.selectorLabels" . | nindent 8 }} + app.kubernetes.io/type: master + {{- if .Values.podLabels }} + {{ toYaml .Values.podLabels | nindent 8 }} + {{- end }} + + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "n8n.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.initContainers }} + initContainers: + {{ tpl (toYaml .Values.initContainers) . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + {{- with .Values.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- include "n8n.deploymentPodEnvironments" . | nindent 12 }} + lifecycle: + {{- toYaml .Values.lifecycle | nindent 12 }} + ports: + - name: http + containerPort: {{ get .Values.config "port" | default 5678 }} + protocol: TCP + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: data + mountPath: {{ if semverCompare ">=1.0" .Values.image.tag | default .Chart.AppVersion }}/home/node/.n8n{{ else }}/root/.n8n{{ end }} + {{- if .Values.config }} + - name: config-volume + mountPath: /n8n-config + {{- end }} + {{- if .Values.secret }} + - name: secret-volume + mountPath: /n8n-secret + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: "data" + {{ include "n8n.pvc" . }} + {{- if .Values.config }} + - name: config-volume + configMap: + name: {{ include "n8n.fullname" . }} + {{- end }} + {{- if or (.Values.secret) (.Values.existingSecret) }} + - name: secret-volume + secret: + secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ include "n8n.fullname" . }}{{ end }} + items: + - key: "secret.json" + path: "secret.json" + {{- end }} diff --git a/charts/n8n/templates/hpa.yaml b/charts/n8n/templates/hpa.yaml new file mode 100644 index 0000000..df58416 --- /dev/null +++ b/charts/n8n/templates/hpa.yaml @@ -0,0 +1,51 @@ +{{- if .Values.autoscaling.enabled }} +{{- if semverCompare ">=1.25-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: autoscaling/v2 +{{- else -}} +apiVersion: autoscaling/v2beta1 +{{- end }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "n8n.fullname" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "n8n.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: +{{- if semverCompare ">=1.25-0" .Capabilities.KubeVersion.GitVersion -}} + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- else -}} + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/n8n/templates/ingress.yaml b/charts/n8n/templates/ingress.yaml new file mode 100644 index 0000000..883b1ca --- /dev/null +++ b/charts/n8n/templates/ingress.yaml @@ -0,0 +1,66 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "n8n.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} + +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "n8n.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- if $.Values.scaling.webhook.enabled }} + - path: {{ . }}webhook/ + pathType: Prefix + backend: + service: + name: {{ $fullName }}-webhooks + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} diff --git a/charts/n8n/templates/pvc.yaml b/charts/n8n/templates/pvc.yaml new file mode 100644 index 0000000..aec7bbc --- /dev/null +++ b/charts/n8n/templates/pvc.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "n8n.fullname" . }} + {{- with .Values.persistence.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value }} + {{- end }} + {{- end }} + labels: + {{- include "n8n.labels" . | nindent 4 }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} + {{- if .Values.persistence.storageClass }} + {{- if eq "-" .Values.persistence.storageClass }} + storageClassName: "" + {{- else }} + storageClassName: {{ .Values.persistence.storageClass }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/n8n/templates/secret.yaml b/charts/n8n/templates/secret.yaml new file mode 100644 index 0000000..1a5520e --- /dev/null +++ b/charts/n8n/templates/secret.yaml @@ -0,0 +1,14 @@ +{{- if or .Values.secret .Values.n8n.encryption_key }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "n8n.fullname" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} +data: + secret.json: {{ .Values.secret | toPrettyJson | b64enc }} + {{- if .Values.n8n.encryption_key }} + N8N_ENCRYPTION_KEY: {{ .Values.n8n.encryption_key | b64enc }} + {{- end }} + +{{- end }} diff --git a/charts/n8n/templates/service.webhooks.yaml b/charts/n8n/templates/service.webhooks.yaml new file mode 100644 index 0000000..8579651 --- /dev/null +++ b/charts/n8n/templates/service.webhooks.yaml @@ -0,0 +1,22 @@ +{{- if .Values.scaling.webhook.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "n8n.fullname" . }}-webhooks + labels: + {{- include "n8n.labels" . | nindent 4 }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "n8n.selectorLabels" . | nindent 4 }} + app.kubernetes.io/type: webhooks +{{- end }} diff --git a/charts/n8n/templates/service.yaml b/charts/n8n/templates/service.yaml new file mode 100644 index 0000000..239642d --- /dev/null +++ b/charts/n8n/templates/service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "n8n.fullname" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "n8n.selectorLabels" . | nindent 4 }} + app.kubernetes.io/type: master diff --git a/charts/n8n/templates/serviceaccount.yaml b/charts/n8n/templates/serviceaccount.yaml new file mode 100644 index 0000000..5c629a4 --- /dev/null +++ b/charts/n8n/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "n8n.serviceAccountName" . }} + labels: + {{- include "n8n.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/n8n/templates/tests/test-connection.yaml b/charts/n8n/templates/tests/test-connection.yaml new file mode 100644 index 0000000..5dbe7df --- /dev/null +++ b/charts/n8n/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "n8n.fullname" . }}-test-connection" + labels: + {{- include "n8n.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "n8n.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/n8n/values.yaml b/charts/n8n/values.yaml new file mode 100644 index 0000000..e01a5e6 --- /dev/null +++ b/charts/n8n/values.yaml @@ -0,0 +1,326 @@ +# Default helm values for n8n. +# Default values within the n8n application can be found under https://github.com/n8n-io/n8n/blob/master/packages/cli/config/index.ts +n8n: + encryption_key: # n8n creates a random encryption key automatically on the first launch and saves it in the ~/.n8n folder. That key is used to encrypt the credentials before they get saved to the database. +defaults: + +config: + executions: + pruneData: "true" # prune executions by default + pruneDataMaxAge: 3760 # Per defaut we store 1 year of history + +# existingSecret and secret are exclusive, with existingSecret taking priority. +# existingSecret: "" # Use an existing Kubernetes secret, e.g created by hand or Vault operator. +secret: # Dict with all n8n json config options, unlike config the values here will end up in a secret. + +# Typical Example of a config in combination with a secret. +# config: +# database: +# type: postgresdb +# postgresdb: +# host: 192.168.0.52 +# secret: +# database: +# postgresdb: +# password: 'big secret' + +## ALL possible n8n Values + +# +#database: +# type: # Type of database to use - Other possible types ['sqlite', 'mariadb', 'mysqldb', 'postgresdb'] - default: sqlite +# tablePrefix: # Prefix for table names - default: '' +# postgresdb: +# database: # PostgresDB Database - default: n8n +# host: # PostgresDB Host - default: localhost +# password: # PostgresDB Password - default: '' +# port: # PostgresDB Port - default: 5432 +# user: # PostgresDB User - default: root +# schema: # PostgresDB Schema - default: public +# ssl: +# ca: # SSL certificate authority - default: '' +# cert: # SSL certificate - default: '' +# key: # SSL key - default: '' +# rejectUnauthorized: # If unauthorized SSL connections should be rejected - default: true +# mysqldb: +# database: # MySQL Database - default: n8n +# host: # MySQL Host - default: localhost +# password: # MySQL Password - default: '' +# port: # MySQL Port - default: 3306 +# user: # MySQL User - default: root +#credentials: +# overwrite: +# data: # Overwrites for credentials - default: "{}" +# endpoint: # Fetch credentials from API - default: '' +# +#executions: +# process: # In what process workflows should be executed - possible values [main, own] - default: own +# timeout: # Max run time (seconds) before stopping the workflow execution - default: -1 +# maxTimeout: # Max execution time (seconds) that can be set for a workflow individually - default: 3600 +# saveDataOnError: # What workflow execution data to save on error - possible values [all , none] - default: all +# saveDataOnSuccess: # What workflow execution data to save on success - possible values [all , none] - default: all +# saveDataManualExecutions: # Save data of executions when started manually via editor - default: false +# pruneData: # Delete data of past executions on a rolling basis - default: false +# pruneDataMaxAge: # How old (hours) the execution data has to be to get deleted - default: 336 +# pruneDataTimeout: # Timeout (seconds) after execution data has been pruned - default: 3600 +#generic: +# timezone: # The timezone to use - default: America/New_York +#path: # Path n8n is deployed to - default: "/" +#host: # Host name n8n can be reached - default: localhost +#port: # HTTP port n8n can be reached - default: 5678 +#listen_address: # IP address n8n should listen on - default: 0.0.0.0 +#protocol: # HTTP Protocol via which n8n can be reached - possible values [http , https] - default: http +#ssl_key: # SSL Key for HTTPS Protocol - default: '' +#ssl_cert: # SSL Cert for HTTPS Protocol - default: '' +#security: +# excludeEndpoints: # Additional endpoints to exclude auth checks. Multiple endpoints can be separated by colon - default: '' +# basicAuth: +# active: # If basic auth should be activated for editor and REST-API - default: false +# user: # The name of the basic auth user - default: '' +# password: # The password of the basic auth user - default: '' +# hash: # If password for basic auth is hashed - default: false +# jwtAuth: +# active: # If JWT auth should be activated for editor and REST-API - default: false +# jwtHeader: # The request header containing a signed JWT - default: '' +# jwtHeaderValuePrefix: # The request header value prefix to strip (optional) default: '' +# jwksUri: # The URI to fetch JWK Set for JWT authentication - default: '' +# jwtIssuer: # JWT issuer to expect (optional) - default: '' +# jwtNamespace: # JWT namespace to expect (optional) - default: '' +# jwtAllowedTenantKey: # JWT tenant key name to inspect within JWT namespace (optional) - default: '' +# jwtAllowedTenant: # JWT tenant to allow (optional) - default: '' +#endpoints: +# rest: # Path for rest endpoint default: rest +# webhook: # Path for webhook endpoint default: webhook +# webhookTest: # Path for test-webhook endpoint default: webhook-test +#externalHookFiles: # Files containing external hooks. Multiple files can be separated by colon - default: '' +#nodes: +# exclude: # Nodes not to load - default: "[]" +# errorTriggerType: # Node Type to use as Error Trigger - default: n8n-nodes-base.errorTrigger + +# Set additional environment variables on the Deployment +extraEnv: {} +# Set this if running behind a reverse proxy and the external port is different from the port n8n runs on +# WEBHOOK_TUNNEL_URL: "https://n8n.myhost.com/ + +# Set additional environment from existing secrets +extraEnvSecrets: {} +# for example, to reuse existing postgres authentication secrets: +# DB_POSTGRESDB_USER: +# name: postgres-user-auth +# key: username +# DB_POSTGRESDB_PASSWORD: +# name: postgres-user-auth +# key: password + +## +## +## +## +## Common Kubernetes Config Settings +persistence: + ## If true, use a Persistent Volume Claim, If false, use emptyDir + ## + enabled: false + type: emptyDir # what type volume, possible options are [existing, emptyDir, dynamic] dynamic for Dynamic Volume Provisioning, existing for using an existing Claim + ## Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + ## PVC annotations + # + # If you need this annotation include it under values.yml file and pvc.yml template will add it. + # This is not maintained at Helm v3 anymore. + # https://github.com/8gears/n8n-helm-chart/issues/8 + # + # annotations: + # helm.sh/resource-policy: keep + ## Persistent Volume Access Mode + ## + accessModes: + - ReadWriteOnce + ## Persistent Volume size + ## + size: 1Gi + ## Use an existing PVC + ## + # existingClaim: + +replicaCount: 1 + +deploymentStrategy: + type: "Recreate" + +image: + repository: n8nio/n8n + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podLabels: {} + +podSecurityContext: {} +# fsGroup: 2000 + +securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 + +# here you can specify lifecycle hooks - it can be used e.g to easily add packages to the container without building +# your own docker image +# see https://github.com/8gears/n8n-helm-chart/pull/30 +lifecycle: + {} + +# here's the sample configuration to add mysql-client to the container +#lifecycle: +# postStart: +# exec: +# command: ["/bin/sh", "-c", "apk add mysql-client"] + +# here you can override a command for main container +# it may be used to override starting script (e.g. to resolve issues like https://github.com/n8n-io/n8n/issues/6412) or +# run additional preparation steps (e.g. installing additional software) +command: [] + +# sample configuration that overrides starting script and solves above issue (also it runs n8n as root, so be careful): +#command: +# - tini +# - -- +# - /bin/sh +# - -c +# - chmod o+rx /root; chown -R node /root/.n8n || true; chown -R node /root/.n8n; ln -s /root/.n8n /home/node; chown -R node /home/node || true; node /usr/local/bin/n8n + +# here you can override the livenessProbe for the main container +# it may be used to increase the timeout for the livenessProbe (e.g. to resolve issues like + +livenessProbe: + httpGet: + path: /healthz + port: http + # initialDelaySeconds: 30 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + +# here you can override the readinessProbe for the main container +# it may be used to increase the timeout for the readinessProbe (e.g. to resolve issues like + +readinessProbe: + httpGet: + path: /healthz + port: http + # initialDelaySeconds: 30 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + +# here you can add init containers to the various deployments +initContainers: [] + +service: + type: ClusterIP + port: 80 + annotations: {} + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + + # define a custom incressClassName, like "traefik" or "nginx" + className: "" + +workerResources: + {} + +webhookResources: + {} + +resources: + {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: +# cpu: 100m +# memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +scaling: + enabled: false + + worker: + count: 2 + concurrency: 2 + # With .Values.scaling.webhook.enabled=true you disable Webhooks from the main process but you enable the processing on a different Webhook instance. + # See https://github.com/8gears/n8n-helm-chart/issues/39#issuecomment-1579991754 for the full explanation. + webhook: + enabled: false + count: 1 + + redis: + host: + password: + + +## Bitnami Redis configuration +## https://github.com/bitnami/charts/tree/master/bitnami/redis +redis: + enabled: false + architecture: standalone + + master: + persistence: + enabled: true + existingClaim: "" + size: 2Gi