From 30d55d579222aac8db9841575e70436dc9a9f31c Mon Sep 17 00:00:00 2001
From: Christoph Heiss <christoph@c8h4.io>
Date: Sat, 24 Aug 2024 13:23:40 +0200
Subject: [PATCH] services: forgejo: move to other host with dedicated data
 directory

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
---
 .sops.yaml                |   4 ++--
 machines/fort.nix         |   1 +
 machines/tank.nix         |   1 -
 secrets/machines/fort.nix | Bin 12345 -> 11834 bytes
 secrets/sops/forgejo.yaml |  48 +++++++++++++++++++-------------------
 services/forgejo.nix      |  18 +++++++++++++-
 6 files changed, 44 insertions(+), 28 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index fa5e0f2..3ff5dc4 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -18,14 +18,14 @@ creation_rules:
           - *christoph_maui
           - *machine_tank
           - *machine_fort
-  - path_regex: secrets/sops/(forgejo|grafana|home-assistant|navidrome|tank)\.yaml
+  - path_regex: secrets/sops/(grafana|home-assistant|navidrome|tank)\.yaml
     key_groups:
       - age:
           - *christoph_trek
           - *christoph_zero
           - *christoph_maui
           - *machine_tank
-  - path_regex: secrets/sops/(alertmanager|fort|matrix-hookshot|vaultwarden|vikunja|wireguard|yarr)\.yaml
+  - path_regex: secrets/sops/(alertmanager|forgejo|fort|matrix-hookshot|vaultwarden|vikunja|wireguard|yarr)\.yaml
     key_groups:
       - age:
           - *christoph_trek
diff --git a/machines/fort.nix b/machines/fort.nix
index 759885d..51e0d10 100644
--- a/machines/fort.nix
+++ b/machines/fort.nix
@@ -20,6 +20,7 @@ in {
     ../services/alertmanager.nix
     ../services/conduit.nix
     ../services/fail2ban.nix
+    ../services/forgejo.nix
     ../services/matrix-hookshot.nix
     ../services/nginx.nix
     ../services/node-exporter.nix
diff --git a/machines/tank.nix b/machines/tank.nix
index 32e29a9..6efd293 100644
--- a/machines/tank.nix
+++ b/machines/tank.nix
@@ -3,7 +3,6 @@
 {
   imports = [
     ../secrets/machines/tank.nix
-    ../services/forgejo.nix
     ../services/grafana.nix
     ../services/home-assistant.nix
     ../services/navidrome.nix
diff --git a/secrets/machines/fort.nix b/secrets/machines/fort.nix
index e30df5b4a6a4f4e4b31ea61585779924d091bbf2..88d4d8cf535f798ac0f2eb5c5420003e22b0a8ba 100644
GIT binary patch
literal 11834
zcmV-AF2&IRM@dveQdv+`0H@46EmljU{X$o2jGpUlWV#~;12GdLn>EE%ftANnd(!+>
zL!Z3THS^HxbTNL0O5;lzuY5`kMbK?EoU$z0U1b*S`PSDC(Bej^-0QpqtwU2G{>g#l
zy_~+T00y!^l;^O0*Tq-5t6WvE!8GWV9qR6d%X;3d)oT`i(<4%%e#S!HP{c9p!d#gQ
ze2>@RfYg?*XL7Lecdaf!EXUt-la|#sKBh?$lPF3x5S|$kf!bD37lrJJhA$1#a5Z$D
zqDE!hohISsuubPN;Can+JKYav<@(uVG8t%yb#5nB3?mhBEbuJU1MwoEmWdcD-nef^
ztvym!9u3p<tRoks65kCW|E6%f<BiI}36_5%;wjA6g$)Ow@S0~tkFt5q=#GzT#=~>n
zQlJ-Y^@LX@(?<i3CS>lrrOzQ&HAN5_-37B3#TzjR&@i+U4Uux-R`?#ZI`6gPWLSY0
z!PR0zOkt8aq5SzgTAT>N4;~Zdajw8B(-!I~epG|R`cQ$)CY3;xUW(c<&Ee>F)+%gG
zzTdpU-=-P2{pLN*jG6c(&Yy>_<<$4dq6){dWzLEbVS=m5|D!lA?DRS^<iI5s4VT@k
zGFd%J@%5Tmj!bF)+Ca-bMF#=Sd{cVCdl1Acfuyy%z%cmqNU%(^!myo1W_ol<lm38l
zLZZ7Qs5fMu6n6!Nl8=3E`H?QbDm6GQy36@DL5W7Mt|TsI<mH7VmD+QG=<WVORQr?_
z-a5;<G(K;C5x!EzU+|O+@M0+%ytVwjY{qS{jmr0fOzVfN5zU1jg_35;C9!lb4Sp}b
zbUc3JXYaEsp2=~BRmHkRu^Y;Jh@SkzmRYUBTUiK(vbU{MT<g!2k23Nmcgc)I)`57}
zAQzXt8hUAF-b!xQ3Au^8+Ry?@w35lA)I|O1Qcf0I{0LZ$Yhoh#sJTBfr=oBj(S_Ts
z6{Znrw90y$$%JLd2_44o4)B)eCpkGBzkpQvgxCD6&o_#(flXogSy8)!v@jS&JOBC=
z^n&JYO2qK3<-V8>eeEs-glG~B90Pt`FtfLw5Z2(`uY8b-tUnbW9?COvA9K(uLp-MQ
zslrR+S;V`O8rz|Zg>NzCWn9!ALE#%m{aqu-utbyXph<wyDY2i@sh$F<)d*VPdDNW{
zeCezQbPbE-1H%l9E!An64+EsiT|66)h?0{PYo*j>5{Q!gLDagNBFWeD1c+;HRx617
z(%!JEu`ENy_TAx;2As$^E)z?-AYY~Z+%cV;7LED|{WO*|(kkZBnCl$5l6QI_<XSLH
zbe3?l!(3UQg*7_Ni@LhZD-NK5Ul%W41bXE|QSCLR>6smBK#?T$VHu3L&|#YgXZbiB
znk4)>V~qBfiJn~Aip4_JtR0wWa&t;=KBcg!<ox#1ZI04>A-Y{T5?}1b|5$l5USrqQ
z`Zo#NG-3A2R9vC~HRL;Xt=jEs|1tlvu~I`xEW<6~{Kf4xcZ0-@Gt&`hgW&G_gr1Y~
zf;Av5+F`1a`!b?d3UL9;1zJma*gGz_7#0%ExDuju?NaU&tb_WR&as5Q%hf(KqGmsQ
z6gs4g#N?F-@}Ska3d|#~KCX|gdAP>14t1TqokblYKAS1>v#7+8Y@7Lc4-@*Vt=wOO
zF+s=3URxEYRcG+?B#Rs4FPN9(JAk){Pv_oZm_a5d8Y!>HqZRbJNAZihzI={4Qk(f*
zF}ZPF_e!*@K=r4{F6Tpez16qpj>13h#X(`>I;RDMkwR0$fnn+;Z?<L|W)5^7lWo;)
z!IXO+VHsJS!FC5Q*uq__Sy!P=KZG=d->9s+;?-{$2!=&7md$~v;G7<Q9Isb-Nv0u2
zgci|lMVh1LrV!bM`xI}?S29_i>JmMa?%+ISC9<plmXc|G6!G89wu2&Ra;pi6v_r^!
z8^4jsXCl+ToowDZERYe}%l<aLJ4#PW^T8sx(<hgKIa}9w|4E3f57s8NI(<tleF4^0
z>H25tQX;@0fL~?RVy74i{3^46KqF31RRJ<$5<G{PE%8~0T-3Ib-dANsDrEJX70(nf
z1r+6feOSb=mtM^YtzrxH<s%4SBa1sbA#iX07%$p#Gcfj}2zbtofYz->O)%im{i(%x
z_jNrw-J^XZZIcv-A?9*EzGn<j_E#VR&RPnyzs@FBtxwh*k-gKLqd`&kbwSyP!7V7S
zn$oi>I&uAR!o{noKX=(Ux488gPPm5v7~V1A19y6hmJ0>gP|5Wt|2}oh>*wBqZYl>C
zg+Qi<#=W)p??_j;bdAC{yRh;1F$v^NDy)krYu%>A7QlNU^2%mXBFH6ncobIgm4Zfc
zC=X#t|DD7%qe?34uMF;@#@nkSD-End8c>oVzwELs@~nJg+vY=0I}-ME#thhF-(B)a
zULTs@1wZd!W;oOZk;h9n9*`US&CVCxSgJN~jk~#!9Tv0CCcfD^5wv#EpC+hB&=?fo
zn4O3+wBQL_24}am`^l$&?kV=Vre0r&O&kq+Xg_2$!NI%v6i_Lje#8||e3^N;;A=8^
z)43uat+!)a9HjR{3y}1A=KrtW4vowR`rp)EQQ?2yO{{A94p>MlH^iII=<>MN&;dGy
zyDl0rT*q5v%z2nviovGHy3=@-BR>H+fgO#rrY-th`y&jUx|?!GEU)kd0XC%-6Ajp!
zLh&-s_IdRktcS>x0o4Fe*Gd3#Lm{4f(c-YR9FAJ?h3?aj101PNl2t+O6lU+nniGt@
zKrQ;W#oC6eF_lZ+f7W);`R14=U4BMd+&LbEw)EUh8QwR(wkH=>S29M%teB8tzW^4{
zGusG&pFU9#R)HL1(~lC>Gzleg(FIo`xh`lX$FmsXDx#hd*|sgO6yIYDh{HcA&Ry*g
zZb6&#MSu~1f!fAu3H?(egG^|BVxwSP3WrTc>|_Ba#XPT;(r8A4WCes-eA@Zo1_HNg
zpVaW`+3Ais<P!I9dOrkwK_MvOj}Sx9SCv<IZrNT3qqoyerm>oq?;_RTbw;aEPR(HE
zNeXq4kQ!^Sl}3ikOX2~fWjV+}u$1a1)=a?3Rm>SZBF8~+)6m%7bt?}}j8D2dqwVX>
zHej1s=>dK<{g?Yi*uUrrC+j2EiQ4UHzdG#rvqDq61Wz_1jx~<CB{PI|oC|l&4dEs`
zSA}{f@G8rkzhOkXrqQ`~^PWbQXa0_cyO-AqLyrtC>-Nq*L<g0HJeNs#$Av8@1!LWj
z2n<hQNA6g#=6{5CY!85zs7bIl>E*Stn+6?0&TLK#LPz2wG_j_-D7I$>q-qyVHc<gB
z;uV42cq9!bywVb}THo^Ib@ZRBq$6R>ow!Sc#%)wGnx68|pW8o&93xiUhvF(iohQSc
z2MA0*(!NcUyf~Yiq*dVA1$nhxby-@FJvw^70Yt9R&RcM+JO2aN6@g&SnAEmBgZ*Od
zYFsFnpf+GCa9D*#+MF(9-t7(K-1DI|$u_fc6*y8qJH^h+WCit|gehm!Oawess`poq
zjo8oDD5~^#d2}Uvr64CjGY(-S2+SE&3c`t<MrzCHYWr^+zSlvtT$r<dj*^>mSlPq`
zlh|}`9NCCD$*DiraX@%DH0!djK*`7wSs!z!aPJexf)$0y3VBrM#m}d-dJl;6c|+D=
zicm;aDDZg9Iwn!=uGe8`s<o~XzYp24&9#gpb(n<CH$IuHv$0?aqC1tL2V-_bWxXok
zX985;Pxx&Nen_nWNXiLEZpP`R%@2{IU&(KztS?SbMxFo}cE0&#89f$Z2BKmva}~UN
zSY=0kb|m6BfqGVdlv+wo!jt)k(#w<HKhD6>D;GM!XM}g;xs0A`YaKQ5e@eogCF7<b
zRzC9G`t;GTzIF6)3<f#S^jAIpO3Vp+e{r`w;d}HP@Q(-YlQQ^UMwXbXMq8#J!g}Ys
zlYz1IoJSe3ObVl9g+=hq6O=}cT7TYSdZ_xn3xLH*{nR0%cwLD4Rj}O;?`49bFA3kN
za-dm8Wxtgi1z#6QK@d|FUHc{jnLN?q4^oXY!9um)okgAFfeL~$l`k1xCpz}6|FcgV
zDLoY^)W`E>{~y(v!VHCeOn5UVf~PQAs=UMUnda?dD)#}=v>e-c^-=&Y7if9p^zo|%
zUNw0R3b#@E&%aA~0TO$c;`V@^y7UaR>)X=8ve#j@bFdlmPx+?_7ms|-tEOR~bwRk>
z@xNGbE^+C-hP3-jZd9z75IM*F$ex?^1b4E+%an_WA@L38$MSMwL8Dsr`{WL+yHpnr
zsQ;9rM{7z>m+CQ`oAkA5Fhon=NtM<bIt3TPEwV)X#%X<=XqnbejWGt)u@pVGoU%-0
z4p4n0US*3WJ8<O*j0%ZohdKHFF67d%5T;Wm$uIx4kCK~GPq=zG7uQK)7;X+cThs4)
z-=wum=D0mCT4$o<yM^C=iqhZw0wW+2)$5p4ihWqmKaBY6VYZ)-f)9#P$>?$peYM|Y
zoOD6kOn37Aby!<y%>ZK{GX1srh5}+;D_{~d>Sij;)t552ZmPHpjdR6czxgimtT7Ac
zoy1UTMSd7$A-CeEGQXGBO^>w4-Gq9ev}|>+8T|X2+e!;=xU|-!Xrjc=+~eUqpKlYI
z4Ec5t7z0zY<Ql5p+V&~P_-@Qw{633ptUO;w#F^vYLo1D$;4JjG%jzmTv7go%0_bKE
z4z3~+m_9nw=g^a9h%<#XKlGz9cQ4dm39)2U<yI9iT_Gn1#frAM=C>;&`?NI@_6V2H
z_z-2XZ=gP9eM#(DdA1aIx|^_eKe5FWyDtlKbVNC9=#Jt2uOWLS<n$Cd1ej-Zvoq7O
zNe*+tynLrmNiRW<VbnVJ1}8LeI`5%Hlq@$_qs@VFhw1roCy&d4Rk;0p50;hnhy-%V
zU}>F+6MToaZ8_C#lYQeuoq;+B20Wm`Qnnb~korM6>Fq*}4ST&*TJeN?d;N4>5Qhzb
zx!WLIhrI#qOdzd|TplUdTS>!2T-{~);trouR*97y75CrH*-)-KrAz`&rw-6Q7z&2D
z=MCy17i(B=I8^4JfKb(|Xh>*>=+|?R^DOLfY>tzr%zae`)swiAe*(c0wK9V`K)L7z
z-9o^z+Me-_6AZiQ;!<&k_CeB^@_I?Dr^k&Pk%ty=@((geQBNEPkqvvH%lrvbMb8kD
ztzk$3Fmfj|oOq^)?gZWnEqn@Y*t#WmW?ea;jnx;vCokImu%QFNUx@oc)2<Br4W0X$
z0sfiF7~Qkf3A8b+g0$d@<v$_xLwL#*PhrG$q*;<`8?`^?n^1yE&_p!IlN8r0bNnTB
z{Ss`&Dk9MIEXX|W-KP?@h{DFri!UYC4}478>60*yy(<Gm1mZ68b=d%Y!>J<wwIC{z
zm8H2(P_@vUCh)y%1t-Y}4PxVJNIkEbu^;`E^1QSC(CsGw5{X-ZOYmQ)81FE^3aHIA
z&o9&iT6p2H-ebFwy_Ctv!sc$MynMi@4c2bMmVcEnd$3V_p4H3jj$=Pjx?@4*_4T%@
z{H{sBWN}%n&JsU4$_OcPoJ#2f&=R*gwY?B_<~>orUNS3_m<1(D0|OBHn(w~E^|03}
zygPf>-_##B!d#7H4B=Y*WL`dtUxm5M2q~nKp*&SnL3AIXy|ETP{Q{nr@y<SMGeV9+
z67vGG!IaazV;GQGBmm$lZcQPcU;Sg%!Jrr3-#=;kriQ*CFNoJYR1hD=Pp4!tw!nT)
z%nCHI4g$-NUKaO!X2}k9Zu>9xL^S|b&(kww3Z8682fd4$I5MFalC5lK%m61S^mr(?
zX~~u#ddx>WOs4+1`&ywFMJQ%01`?yEK4QM*Ex55H(rfejU_yq^!Bs#?epMYb$SsOM
zHXB)Z)$5GxiJWD7#j<}|o63<!P04+y>$c-3d9;DxC=HauuO-EMO(Jx;yVo=;p3KNu
zW=rY5y>?>k?bCPXg2dhvVWf6WFxxiSz%t4j^P8oloGe{_@j-M<$g@K_nc_u)ZjQB<
zTJ2yTI&)P;sM$SuMff0aH2TB|J^i5mNd9uEq2t>mVKJMS45-1AOWhUhN@>WZ-zK}`
z2>jeOV6c$6>Zt8as(*jCP~dx`p{j;%DQhQ6G<Yjoh%fu-^17imc{GL^CSJwaIOT~#
zfFU1+rY{N-NAY;WF^_VEN-^+c<Y+*tzQNPE?!v>(91Gwk3&W%wGEy~eUsR#<$TQB`
zexp*6O5n1^4D0bY++j#mCDY%UOB{TD9EmDDSEkzU@V=G{8!q|ak7gm@Ukw;;(_5sL
zuj(uZ6S#-VRG@;=kl+U!jAWD|=qt;by1VEMH(J$uU&-NPDF!fCC?3*Ie0AB)h1ClH
zzhuiV!U^^%mEw&%R8Zv?jh<Z|z4nHK!ybE9ZXy>Uv-K|*hS^yA-r!Dsks?X}v#Qi<
z=v_b=$wL>!Hg#6cl(qF9{)$o)31Df5;R3dKGVna(Cqcg#tES7uD|hhOsB$UkdCkKn
z&z4xQed<nI(gM$8b3{?=sk8yuh$nBHS+GFt-=yubC8fZuKuKY`M9a!4`N1xIQVx8i
zB?*U`=x`meqnr&$uz4D9RKdSBxpOr^kWCQm8G%vbDt##I4_bVF{qz27jf!l5Q(rBF
zj^ClABJ}%zpTYsfdVlJ1pT(*|3UoMQ#qV}mor4Ahr`Qf0!$gHrgb*cd0^Q{i7AHi1
z1z-jSf61KpJo~Gb2pjP5)n^$)DzHzA$yweC%iIDDwVSd+L1>V2>$QRAF1su2b?k?5
z|Dm{u1<xA;dTJtkpNzDXfCst~>!=9Mw>E5Pwkcw`AH0}(09%t@hyY*h?972YB`>Rt
zeQV-U(04vjhZ8?gPX3zld$ln~FMa*xd)G?dP_TX&2}-O*Dw=eHE}x?9pP~_Gl`C)k
zrhEj!nzxWzZ!gr~y;8@1WMoV49bKPQpX*wV<a@C;$RAmwpDX=2y*bu<#&3Cr!}-!h
z5-NN^3wr#Ar^JMX2Yn6ou?Zs^j*-)T$orEFCWs)Ir_uIrJl#GN!cQ0r9C?NWjGRT>
zA-wEHM8sh%zz4&_c-`+v9YwBOv~+?73SkJ^N=~SH{Lz)`I>PUw!dfc80eom`)<<*}
zKXLh0ylrw@s;r7xW}cM)I(rnrN_JrT{Z@B_a-x(ye(HP|C|_nAr~fmY{7jH(XPEdw
zZ{CVZj#@qm2tMZk2}V=sNP7_Znc%$)Dm0ORqa_pN%8bnP#U$5hK*#etuwY#5TA?tQ
z7>H&hHLEltwOco6uyoK5b~cc3%Nyi0dNb2dStYn3Z+lZNRX%fg=`WN-Xoo;ExW1@_
z3hJMcoQQb>ypo?%qW9*2kWB!tG%Lm3+}Z{g{@E;IXlm5hrzNGav?FVpGWkESmEn;d
z-<F=v{~6P88fGM$Bl~p8MtEi~OW*iwliB~RW{)9x<B;jJ1cXrx5?_Z-{EmxCVoJQ>
zbH-frfR`YGaTjsQ|2o+8vmp_hHNXP7-d{&GM5JRNii?JDn0M+HCui{&DG@Dc*7)Jc
zU;59{N4AinAAvZ(Pvg@dSOx})8z@cClHj}GGSq%#e9-c<fll@Z4VHV`%FD8<BY{|`
z6NaDA49Kf}j)qN(10x;BgYp>>XGf%iIb(x=zC1$VvaQGJ8D#rqkMIJF2MB`vCr192
zR7dq6cb(A2VD79v?uN3e3vEygEn6HZqt)^`EsrnV%U#{FnNLAr^%_=IaplDQ;CQe}
zqGSn-)h1w0Q}?*1Iu`3_ja!B@tqiRW1wG95;6Fc#DYlLGATo*HpicMLcgpNcZ^|j}
zOxaO;S>J8^AhoEeJQ`0ZvBKB63h~Y~N#7H01{dPqwFX3KjBqbD8IN;!r@y22+gR2O
zq_rU&gEh)-dMqL9*JLn($v)K7Oqgie6}}3hG2gz!A>q{BPOCfP$ZfU?=qrEL_w6U~
zLy}sm_oL5N@sr7oiMnULOe3LXZf|8-LX#U_l>RWzc%->Es9Y=MLNDI48rq2>?eRo6
z;!*}c9mfJ>Z0lM$=489F&BYH1=8DKwlhBe-$gy{(?&Ld587}UF-Y}WA%X@Im_4hth
zA&<d4D1)^0Jg|;-sq|q8t@I<b-$Zgr+MpP4)2OZHlX$rZ^`*X7Q&qK!tFC`6Y2cI~
zJK^u^jI?YiWgur;D0IUEJ5chyXyn@jRx@(KYNQf<;gW5{mb-v8{_LAwZK+KCvLf`C
zzdHD12a0E8^=dwHY0=rV{i~aKdWpp9Y%a*TegK#(zOut~E4L6v@r1ns?PG%@a9T7;
z1T(lQvuxkJDz#dTYE751h$b)CCbxv3xs|pQmv=Zkpwgxh{ke0gnsqwVyGVtA<ICF8
zh1X@tThboYISHc~YhULtg=4k3R*06kmrI2wOE4a|x|+pt-utg$S8J13^6}G@6m~Ar
z8>`h)b$5Aep4nx1L*E$#u8bRA3H{N#Yw`IJ5Ul#n?p3&1)+U*Abr1X&o$><stS}QP
z2he}~IDvR#f0jlHykoadI<ud5WJ)8js#r7^{83d?&^J>?CKzq7l27G&h{wWohnBcZ
z;A+EG@I5ZlA{Wu}S$rW7tC-rkN^mLgRZW2|U>0Hemd#wnZNo!<e2FGtONY+Rd*(e}
zfn%rmV=!O|cvyR#L8t)CSYm1y5nXb7_|pJw&lkV>%?rz)<JjSHB^<&j>NN+o8E^%6
zCO2?KSa;EOo`hUBjNH}Di|(zeKmYL>XY@;vg)FgTpbioOCEa=dvo889(r^`OU^yqb
zPS>FnLv?Q`Z#LmYd%6M#oR0(PR1FDS^{bFJ%}J1?Ld7uW=ll<DhOF;Q5*)XagPQ(3
z^oKC5guhQ-5#<u<OZv0>htMUn`Aer>dn6XJRZ?;W+}I_Yd)!Q8cv{L2du}5T9rIj!
z2!GDd>E&dkc&}fM9k4{TbWmzR4;2#*6eOQR&kusOE;EQHK;h`_nd6l{uz$W&=c3FG
zVIe<)ss{tK-mjGPPYo_T`f2vLJx)f~i$k8cl!ZvrjFLmetecn8pewC}CPWB08@J*y
z7;*tQv|h<{FZ$KbC*+6Bb)Gn8V8%$?+!h<GxBb%vi?<VLM%oA2cKD{-!skkmWe>|6
z)MXv?D0c`;mPHwMD+D;t?cLs2Tq4XQpZ?MN7Vi5sJ+lNt8p`^teMdfamJQK56ErQE
zN6rP~m{{k@TniY7_pk1^gz+02#<)HP*35FGBG=qoA<jkffT~TA&hbc#-tV|lCO=&?
z+H<wOXmU2&#%qel6=;fmo-~$x80(;zNW?y=TSrkzj14w+{c(4Y57)y;PsSqj6$|uH
z(3*p0ojP9MO<4ap_goSn426cP%davdJSX1shCQdv`;0V(6*usIKS`B%irQHQMR(42
zGqr<|7O||yr}VVF>5>hwq)73ffxP|<aNtfC4a83=n7XMtHOx6Lpv9*yqrsrKhilAd
z39Jh?L&+SK`;~D95~g4%>py0%BJ1CWMMuL3G%arf_34LroPfLYPvnple7=&Bo4$nO
zD*f<;mJ#@6gVrE9=G_$Wkhq~@73d<A;HLrm35_wFv+g$<C;W_{gz$LCXFYM~klgh@
zGZ$%H&5|p$kD<U?4g^aQnV?}Nf4rYJvvNjG9$Iy7+0B>prQW$>XMNe`3uBt8XP^Xz
z*^t9hg59d~4pE`Y_pYVdpxlI=YZe*V?H8Hg{kx%77bq2iJC;2idAii9vs{e0K1vBJ
zPN73@kQAeVqzI4&4H}_ox$x<n!!6gu*^(e_<nI8yqtw;b7|YwVq??2)6f;RzE)#q^
za`fG(k?gb_JXHBTNO@>Qf)dCm$gs!7mPFWYrT*O>vLi(+R==!&oHUc<BCH|rz3=;K
z=l$Nf-kUrCF3YXPbG3%n^@dBjo}{%#eGP+t_B~6~%xvC%*Z!bJPcnMLdKg49@nM(8
zuTs~aTa|u-7TTv1d!tmc-$Mi#04cWrQRoc4$^~>jcKRE~p)(KHQ}an_ZqIF5;pi{T
zg2u2e%Jh$YQAgI{oV5|JP*Kp6H)`9e#W+NLZhw4|m5&+fFJFl-fOVbd?{L{x`k+V`
z!l3m>3+qcqDHv_JSTue#WeP|8Z-bM_nmBHg(0^I~NQMDVp`yzbMt3W>c?N&Ox?z8;
zFdbXgZPkVd(_a;dOOJKkvf9@*<duTSqaMwI<QEeSdgBRd(Lynwr5(H^cw-tn%bt}J
zf?nsj46c7<b~;8SV?2|IN{Iz{<1Ud!rc^M`>lF!p+(v(jB0MKU9sRtO)&j!kx=KO$
zxp3}|wz*@ov7n5KX`^EWt~~K&Y!MD`x2yVNv+_zc(-AJ@#u#ux!oSKcsu3hf8h_BB
zlUh{=ZR>Bp*0;#frm@tnUH+^rS~drZhU_AndKQw{_ixy!iI?;A`?CXR&iE^EVzo%Z
z8q8#0??d`11kPJz^<5%RYafs45c?K|6G3yD22E}gWkop$u@8qcmIWijj!(C$5M)<G
z1URPRmIM;~Sr{4XmZWjFa()>^mV(u~)Dh|C?g$0XcaMq*_}Y|y@fr+gK8nPFMZ-^6
zw5$5^fZWeb!bO|;X|;1(7XLegIGi-Zkh*WHCnP-?*91eym?cidZ%`b0uh6Fg?Su48
z356c6YOY1FzZ@OUMQ)&9<mdy<1LURG2Mx?oEz?2JGz{Zf&fEO7V8Sv@mE=8an#tI`
z&^hVLtT9Qjcp=94?}4#Kd}^eVAV$(Cudh0ixKLOK2Rs-&Run*=+$AuR-@#MM?0n)R
zBE}eiY;Sl<#cF1?<INWAvN^R>4G^9B)f=|<eU<_f^%4hCkF8oZNc}mSL70#PT+lV?
zzq62Nc3bzqq2oZ8I>i6i660Q+Q9FLeB~V$W-%|6PMjh_!ew(W>ry-`oMhO}A5Kt=z
zlsQ^~A}}kB_^D@nw*$qYvR{||BPI9`h(gPb>ZK*0(TP7#UWfUUyl@#xv&BQEa1{oi
zqOkvG1>59lx}U_*Gqs@lR8ktji*PB!*YKfbDXz@72i0W*g>1EWg@e4(A!D||+zGdx
zb-Qelc|8x8z)94_Ia=VM&swExNrPPq4N~lp$Cr*_iO^LVIy8~!?1XVz`OGN?r-rgn
zen;`u`$YfxVhi9!;QoaU%hcO5-Q%3khw-en8_!Re{;lGp7mm6mkMgb~j5swddZMdh
z6-$qj%UV5~&!;Q3NEJk>MpvY+{I+qjH+{^dwd$b-o8TMEY*Ppg9aAd4uKf@Wo!}=l
zDZ!9`=wrC*Qp}zSZGcw<^d61hdEk&4Zlg}nQXN~VhI&{25}E1t!VbRJO|@@o2w&Uw
zWik?)fHSn-$k<L5X3oA&LN1rGBqG7}HM8o=Yl!bw-uL*ixH4&^aE`yt-DJ8KLee@?
zoS&<4tvW&b@H3+^N(1-{X;K!rrRT%XgA?=Nuds~Mf`|%bPO|5s*UP>z**P3UqW)@$
z<J{YJn_v)9e?>@0ve?A}I5+pIJ?gH_9c(o6osc3}gp;03+aWTM{(|MLmheM=p*JkV
ztMp}rYCZ=?x_GBUp}K?|K4&9>G$G03)s=Y+MEX0-(%w4mknVqX2zFgMK;ehkx7IBu
zWQ<2nV`ZbC!|P41JEKPycXBBDt(x=i>m(&_3`aU*5wk!ThN4C18`kSOJfI{4zm_8<
zstW!?gQf)96XIuX^CD3yZF&HzX`o1*wnEAH{f@B}5;ReTj?=_Nw^}Z*a4?+PRZYBp
zBQQOuG;NO*#&ZPNRN1!VnO?QQMjB1@-nXFiC~g9-3BookQjj{3q%c0kqMBV{chITr
z{;sJaFiP@u6Mj+I9xtIi7w15-8gv#p`Jr=Ejff*-BSeXvA!XbBY_^ksFGxPLoYA#4
zXxq|w#-zgHVi3xmus!<9Aii|yDS;r{d~D>+I3RsPzJdDb<ZzK&Z{=Si8$G`UU8VY*
za}|s8z_?az0d}xQ_vD~rLjqSbERP9{7Gp(=Y?N`ZQ!gQXq@e9f*)$s%lLu&8wxF;_
zT4q+h1$ywBeWwwgpi|kwNQicmxl^%iw{wdAW1&iHJXg)L${I3av%isdUO@h(=Rg$5
z0gQNrde=OcM^1u9>7_|AJ_Nyl;xRu}yCQQNd*HS_)3{T5Sh1ECitx=GD2J-$%`}e9
z(M*=vLi`>wf~@DGwQV&aF~VFc<Da>nB}arfPU5BEg|$|n?mRq2M>veWgmKF0;9ve|
z><H!qnkW43gc%LUFHFxGRM*A+ZN-pgG52bSQ?xD6$q-k0MGRxwqr;Hm1|JP+7v`ia
zj41a(0MjFm^e_hu6)IMgTiSh{yCzq}!VUDQ3L8!t@t1!<P=-fJ3*nINQi?qmZytSY
zcXt7rGf*QE5ilVs#@7><x>EVT4Ym~l&>Tf+T+mV6^#UTu4SO)5k>{qtXgSJLWZv#s
zXe#w3a(9qt&Ju;!TTVqn(sySicXvKGl@(ASI4|i&WUTe`0x;0Nzjgw}yQ+sXPV2pK
zX9LPmTyaVO6@}8(IgcDOA5C!GjW!*^pz$UEnP$ToRjdc3afVq%2|4vla9VkwoA@Mk
zz+`RRpp)$L0)}0w*$VicDnlN~0gVCLIO(Xz;8sK2kMtk6-zvtT=G;erWK5vA)w}g(
zWCa;kTa`te55_8{6uS8e2+UiuixR-aWKaYg81>1&2j>8ZPasHUglSa98r-vh@(II0
zzTqq?Z!!@=f@M4v+VjwT*ZGrK7*Qy8(dE90SvXJqJZ>z@#Ai<eydO)U<x0ReZ{EmO
zMx6obrv*|D&kfP**SQo2P|S!b^!8QM?3c-kt5!)pFqC|pp*phh89a)-SSjr2TjeLq
zRV14+jy&!xJ7Be$ZteLX!%k~){?lQ~-LXYWW}#~<0mm4&2<XSE056;jsub0#@3aC*
zmkTQ@x4n7UgKh%z-9!}i(1I_OoMmpRQjUWUr(sGByQ8N|G}9Xc4LeQA<i|<9XD5?E
z==J<p;|LNe%7m9GRd+pMYMyX)G?{n<A>Q_Vv-}-2{3DSc!aQJEdeBRP9sjfNDWx6>
zjb}|))jJ&ct<B)TSM%wEf`q9+<l{1TyySok;mCO@e96)xh{~;4C(wEH7zoLqkPILk
zT5Y#fl$*AGHH%cW_N0B)i1CZWnfhibiF@3(LVO+(eUt)t0~<@(LN$hz?lr-7QUDlt
zSmZSM+`wy+BV4y8Edtvg{5apaRyN?I_D^7~ND%TB3>IS4Uma~#kUI23o%Ho5q8zol
zwGcg<687^TvWLLrVfKrDKXNX{#OPg+bEM;{8fvJ}77VqZJbj`#f=u0OgeZfXE69wD
z-4O`4=3rhYz!>t>jJ-)xOIPv=Wo0;TlfZig>)LvhH>N!HA%C98r$tkNk#Iv!xs?v!
z9?~4sCqpzz=ht)ZV(JCj!ftFZHPYie6RAkNW~}U$ss1UR@PRc5N1fORre^)2p^MMX
z%eoABlxjl&J#%#Djgv}drL}Hg5i`8rYtj@c!!q>O4Z*Sf83vK()?ypqO+i2N3I`gK
zx<Me5AsQ3pDY(p+HKTp7@VzPp98ozuhTnz~C&5udjYE>eGpduC%NrC|vUol!V#2x`
z7k-(XqyPh&(tWEapCvQ>K8Jv!lJd<BCu%Hp+=l_utbvRiQ-K#Xd%qD;c>waY7p*Ys
znmJRIRc={qgqtgIvjiPCE9w^XVFV?+FSI3}<Hx7(CC#=Y!LgvOv7?)GQxr==Z)b>m
zn$YBn58j^b<}t}~6><sCY8UK)mnP|M(>Mnf=q3td>$$t;md(!pfT#;@9A0wju#quj
zUFY6<_!Egm?>qT>`_2fD@cuOSv-FAsk&i9J>`aFTEz6PoA{$YI7KX7zlJP~PT-TRq
z2%&FZ*J>5s{?(-6^#dU<tC94HZ5b=L7N>@uajcP9i!@2l(Yd}}tY^FRi#HL<oK<MP
zkBeO@8A)XgjdJF<)g)IOUF^E1tava<?zaQ1dE3;wkTn`I`AW(77_&SpQ?hBz56R?!
zYpHftl+CrfHEa*$oU333p3X-!-fro0ES_A}v^BjfFrG`v1kPeIl{u{Jw)kHg*mkT=
zy9SB_sdW$Rf=)-g0k7G$;BxAIic{JA$vNP=UhmFYEm%C*_@@}1`t7C-`hxtRxsr9_
z4y(azqMMK(Qe+F?WJ0p_t43R1W1$I<zWc(+?{XE%x9*8awIYar>h)0@4Jdo~#E*+u
zOz}IqDu0VKH1KHmngznQ&8wE^1;g&*Z$u#~{V+Nk46?OA($q$rI5#{qYChiqkU%h7
zFh=zZ<&K&MFXoph@ro@E)_7s53^YV<d6WUags5E=HnTC^GY+0bAn}rM76SI^eex~)
zLNxM+vME3Tqk{EqN#{xZtK!_d0%ooDcT-fDyJ-&mknXG8ZpZ(8RF88WV1#$_wr;4g
z>S$pnZTV8ur~|6kuRY(q<frQhb|N$QCrGyy4xY<<_+33D-UvODoZ9O_7Py4A`YXZ&
zM<+q>eJm+LChEl@25wq;cP4Wef?tf70fNn|iJ1D8q=Dc-ce~)iO^d_K`RZ0dWslU!
zc!*4vM#^1bVXZt{X;kf9e)#0qYi+i!hoo9r<72}$YEH_p>h?vaj*;0P9<YGe<p(l?
zf#5qvJ9S97>2_37ZeQT(r)Oo{v(v>&r&#ny2!4D3d<59iBjmF_1sC<_st2Mt7sbnX
zEk0P<J`cn`VTe9P{o3DQ!MG9rpv{I7B9J@t+KU`25~48F>)wNUv>w`MNEcLaT~Vm7
zvY~WPg($o#TTTTtW}$R!L_HF{lN9E8mR8lG=%%_*fLI#Na@NbBqVL9;@(PyPDAPMx
zwtbA@>BWRS9Qr%pHJFU`laQg%J6XWUkq>bSW=#P+3Sj+JK)n8bm%5a-3pp|)>gsLw
zeF%%kC(9m)tH`1G41Rn5Iz%eE;el?+ci|NVur^}K1Cx7tb58v=fjTP1Tx9y#fE4ze
z9u9hADxCkv^8l45_2ZW%>O?moOEtt%#E&dEUi}zzw-nayPTF>_`&CFOx}j@iPhxv{
z)iVB`i6Ku`6U^d2D%*75EJG+!77E5Kj#$SEt!0gU;Z;xA2}ms^{axbZh#)Pf^AzX1
zk6%w;Qv9puU~|?9=8@fOM$>eXf~Q4M8}`;tz9z%Mdo(eAqC3x>q+R0t<Z>Avt0g={
z@{H;Z!5e+GEc97Nmf1S<OFs2a%>1Dp%*LkT*N(K7l3hH=vJZ2T35z}m^Q<V-kESq3
zUrAk&@5C{fFHWXNh(_9?J<v+I!yZZM&j1|y?^*7Rv3d0Pq*lv<weZHZZ6Qd}bhHwl
zd)%t!tgIRd2uL?oLcqlU;`p-r-<L=^E_!%CZS91E67)K5bz(*HkG0!*ObL~r0~EH|
zbtfGnpo?&*W8T1le=u+!m74uB7e)Y2K&&oe+?Df+48wzxeHnVWf1Mi>y$NP>QoQJ<
zoiA1t<XcbmI2geehb-B=`u?we%rtMudWK?Q5R<FS_q61jXwJZF+dn7@Y0D>VL0Qhn
z{{R9Eh>v6@(~H@m{x+sZb4#9~`bFm~-G(^$6Ohn|)0}RCdevcdYsYWZ?quz7BZjg<
z`x2U6&`<04nOQXslPI%L=V@F}#!NP7{!3J{L>CAxKqwyCc9}*o*86ss`ZnSb>X7q@
oy$4`X%ABN0{CoWZ-DF~ss30GJjs(<6*<k*BKT%NI8t4ag-?>s2V*mgE

literal 12345
zcmV-9FviaSM@dveQdv+`0CBONXEz%`OW>TL@slZ5z~N^MOdG^Z%?i>gPX#ztuQ-9A
zyR`jGkA9$$M=62}{<Sv&PA<r7Uk)Vm{6Qm8Rp6_Vc)hbs&#+QGfi};n5gNH^eVO?$
z5%8B_p|~Et-@1hZB9lNCiTpN$;yfE$%SgoxKRTiBb(7H7_uMK0$r*k4(<*o+M*}Lr
zrH-maQzHGzk}=6l`xx>c@*L*j@LaPky+O>2IuKa3<$<z3V2D2;mC}lVteAR})T<4N
zZEpi=0|%&K>Y2$RmGyaD8>aUHBYL*wfukusPx}`VrcPnR*9H~MoaK)`0Q6?Bfk%03
z-?hgM`{?(#)4}EhC)W?tl#*>aTXC4v`x?3GRzn*_@u4o>D57ZQ3c&IUI<2flbPk?4
zusMwwM$F=Ka+Oypglghs@0??RUL@LZvp<QYoMpH4CzC|weYzE2E>h84V;$|!7n}wA
z#35Nt-&A_YS*;hU`@s_chT#FS4*gB0>*MF4T~?3h;O!LM7=<H<*Mz>{z3CP#9!dcp
z{V8`^on-vF<GSCh{ONNo`+pBHi#L;VcRvlX_R$<S?g!Gf<gvsQUd)kf0~C5AN+2(E
zK=c&zuv@5+Kek|%M8#$p_6vf~ssXnBlTw(aj!oE+>D2rv__VdAdo+23-=Xd=pn3`1
zY4R$vrPs<~7aajC1cR%#?UoLYMrJka+#XWe1$wMEk|<BSG|#m6BS=3I$|8M+5=+Om
zMcCU}vurH@4K+0~=mkA^00rKFYlA_F&o=f)y7U?T^uhiNm{C6o-YC9f!89!hM2%&M
z`%R7U?5;M3)jXqS!HB?*d7<}<WgIC+&3Gh7<JCWV_`9VIg6h*v_Sl({p}<Y|-b872
zSHg>KgW{&JnrUXdsTve;m=Gi=86l%)h>85h4bhRaCBp5Uo#^fIx5s1L7~>{wtC!jk
z`v;WDiZb^h@KNZX0w1YP(`7U8SsVdyuWhf%ZePkP9+@n?*6QPdNBMGlrn9isDr}hG
zdkb-#i>Jn41@|gjaV&4OO`GOpHjqXj+KWGDY2p~tI_XY5WjiyV{<i^Y^$g<xG`BhF
zTID&2|A+#&`u>AZv9v@TUm2YLaF-B^RwKM#qBk@!Bg$w>GV7=ymu5vd?Y*?#U8Z8*
z{o9k28s=WrD^X_Z?{GNU?JX_FA@E|suOAy6Zyb=k_Je0F`2s23K57c%eN2H!f06A|
z+-s<PY<29Bu8q4n>=J=<^wh_)!hfbU?wZl&c;Rs5@tKkHsVKij!q3mGG;@CPX{kQV
ze0c&ZSP@7Y*>Zz*9|0Jk5WBOWrb-RkV*)uY!8b_9)8<?qACcs~jJy}irWE!!BP700
zDik6aO{y+Aw?L=vv19Kyf__I^eZakDiR6fpR{ZsJGu=-01R!=!?xE6;076TpXyUBn
zKJRm%ofD`^aXma!6OlZRZYNrG+j*U-@Ax6(qA|i2OJk(e7U+T4$|)1CQJda%@Rx~n
z1O=a)WxZrBb1>+G)@g`}Fr~JBZ^e1oa!M1=HtqU0aOa~6gczQLG~mYtFgaFxLO3~?
zPE=;hD>kCbE=@75;JrpS91Z&B`A3?4(i!~p=)mS2XfJIE((RbDJ>R+Ns+?6VwVQcv
zaEk3bTlXrUp3qm-!9C`N#55hg<$raIsi;_RG8sn)Da~lt+%Y+VJjIB7=3;e}?V3U?
zK1TyPd7~1OF@jNQ%9%yQhHo<IV`6YV^uH1_A&f{TzFb$+xKQW~<Rtdepq^`=9m-Xd
zl!+Y0>QmmQ5l-S@J%{7v>BPB^r@=Alq=R6sa^HSe<jH^&UEio%6vjdBM}e6WGP*41
z75#Q?k+@ycn0pH8*Q}P*lPrbgF&^)NJn@o{2fFz7_T<_@tKcq$)78zeqi_eP9=0$n
zytd8m-mfwQ)2|)Df}91RnP)n&#CL+25)R;x41x(rqOlm`o6mE1z<O?a7-QDeAW%h-
z_v!V=?Cvx8N(*+bnS%Mh%iKYa^k`L{dcQ<}`a>7~iC3x)Grbuho6O<hYTGuT(qVmM
z(c%L1Ag6iKshuT#{kp@{0Wjo&H@q!>hz_`kV1Zlxd%{P>UqYEov<Q@<ejA)XrOYvt
zLMl*v<bz1JHwd;hT<TM<j>2@<FWk4jP$1~0{h#4g*N|B0t1lGl;aQItcHz@u^h`SH
z)D#@#F9=#mI1$juF{THc8={9I`X5|&!{&D|VEQCrYDF_?e@{YlHWO_0cqN7Bd#uI>
z$qyZbNSjBVUJp}4U0HwJ;0*g8bNz^ZM@$oqk!J|C18$<8k(G2d0LR3`Qd0>|BFFUy
z?Z%Z=_0qv94sVOID*;8c6{ozS=Agt9TVvI=soF(f%(>(ZefrnUW&Q82ZY67mYaDO5
zlbS$A#puTDJx;*e%|{5>C{U1Dk6h?+*iU_QKovop*@-cAQxa$OC!kURbW#_$p5h)&
zF6H9%?OE^rMG;9AEz-iJR7R|yV63$Qd-zgi$h2EB>q`taU;ph@3GSwR2dqZFC|F<5
z-pRI3T>;i25dRhRjPA^RcD=js!jYly1=t%972XBV+bu_BL$>G3YE{9x$g1vD1A$j9
z$gb<WaLeHzr-!Hgv!?$F@4xs`NWtCF3LFkbEFvbUGe|A7pb=FPx_#FTi;?j7K$dl+
zy`W+%e@`2Vx$4ap1oz4(LEOEgRM9lj#a=m>kFsLy{O8#YoBU`-psl`El+TDNj0Y~;
zWge5yw<B7^)+4_|800UUk<rLP7$ye;a|gF<2{2z3$&DSxu>GJX96~>TOh`jjI{H<T
zCTOWXZ3QY1{O2}e-5GQY9N<VlIft|AbV<yb;C7!xSq0w+fBnDcMzwz<Zt{wKNuZC_
zG;5H@E+CJPNU&5!sgzgVm^#1kT2YaAi$-GXp`irHM^I{DV1ats&pSkPCw4nob7WW4
zRUwj3oyUmC=vacobhbCfh<92PB8*A0*h8x*m7Sx)R25A<c*RpuZJOq_+{b5nzUJ<W
z*JP`=ZA`zvlMk#kX^{f4Xafch4~3ik0=^U=_5!s&_+uN5<Z^LW5m=9Dhk$Ya&5aij
zk;9=Pn@P)sRI^XwVpSQwQCCXI*gO)9my6s`KjIJ3_X5$X9BAQZqX>E)dsjZ+ZL|-G
z#u9pC3fVOC7k6`Pnby%cmP={a2(@=4S{0pr``Os)sf?I6@W<eGk$Vu&smCqWHVt6n
zS{aDE&8s@9^oofhQaZ7)VY^0Rc4jaINwheY`1lEAq<#-*XQDH{vn+}x-lNnAL_DlZ
z%!mQ%U|^52`O}EsI%D7h_!&j8^<!9|Bt1MJFj96Vy<_-wcWOvXO#a37WL!rsvmwGX
z9qYh#Q++|Hzeh2F7R=faAJ6I`;%shz&0ch=yV6Hc?#*fDnhipveL>c~8eq=l;mb<B
zN+<SXVNECSn~xyV3&L`a{oqHGN5=rNN9RK*V;Ee!-l$tQ>BhfbPdd(rbfMsj&>f*{
zWjJwn$aM{uNJe&NX>`qQVjCZ!^S_AX!U%y-KL#%KBEr$_B*|^}_3NcVpWGlXBXX8?
z^fYanbvs1Y$qy5s3CAC0O!<bDw|iT7g%3n8q$>qNj=}@XV-4|5=;JFAVL|lbHy*^A
zH`i$d<#dNDLo5r)w2Qxkx>kQPL2BkF`o->|!s}TXe*{xYXHGG&`9swH{ZTvtJb<v#
zJFW{UK<Im{DPO6XYAa!_evy8GE?;tae&s8@><S&R&YKDT>sK;RcOJNKJ@hwc|Cz{A
z2m47wpWPDMzx-boMATzDv{4!88w98cEhNM7H_H|~>|6m#3w+`#N~QVub!WlF+D#CT
z+h2VR+0Z80{&trv2f-(Z&eLQTRaho`fQ4u2?jmvb0!`n#LmDplYh|rlbLo&Yy7=b2
z=||s$NV<PgB3sW_UBJ%4DJ%yz<LL8!CnKO;ms0h#4~1@gU_)6G5<|UVx*A|3`H}y_
zyhFcP&lpkfReV2-^tw_|YE6{DD}k>c^iT2@%3Cz~sM*J%*nSh?6Ql(w|F;D*rVDJJ
z8rG22m7&(OZB1O<j+7s=9Xb{S8_wknLtm3#%RA&?JcNU4;aoEchd#>V3$2H_A{;|O
zGmR!;Vl%_vp2@(B(#%sxTvr-C_gxnV4ma&Z_`6z(@N#<fjfV*9(vUS<Hr>EnAAX?y
zcMK(iQONlhStqaG2noQ+ASwJ`bJYT^*vz?l!;oc~^G77PL-<8Q`k<Pq;~YQig5qQE
zQz@23gmt8(BbEmsFBpiW*w#BnB01g`*dtO}Hq8jzL=TlgZZkD_142KGYu`bd&!IX8
z_sO5V?-loMvIdLi-`frn(KEE&8VTQ|;4aA|zTdY7=a_JQ&(4n}N|`3p?3oZJC@r1e
z{3<sgYn6Ke+rAvlnLc$BX?t2yo%JmGs(zP=pB8bCkIxye<P9mzbx(3MT5sH)jx<S?
zb`Z`<-f@J1XT@wa1bbGOyn#4|X1uW$$73v(^@!r|IjkQ=x~ZdAI<u#pxwvCTye%ai
z-;7Z_tctOpFquOzl>Wq`fR5y_yXi{bSC|18T@1S=?l5r=!%;p4#`@4k-~N}mavmev
zrTbengEY?kP6>le%V8C9gZ~D^kSg5+J2I7=dWVjFcIja4m!K3gCM`wbo>kp!{-R2)
zNFi!I05<o?jDXDypG+{_=k^f((NBm-SW0bA<khg!(s4l>_LA?mG&UL-)2|{Z)i@Cj
z73QbUPsv5xAe@R<V29JBmdSHLdOe5ej6hg~aEdE?QROlbYdVf|6*E##aO^*|13Ul(
z<VzEW%xl<Eb!z_=mbJQwSYejfc+kXsG)TT7711L5o9HZ6^~5%Gzyr_YY_j|UR-=)w
z25&qif9*GwhYKr1M8;|c6P9{|d1AH(aKMz=uPLDxs=jnIzo5vmgeK!lRr>x|ZtiSn
z4&B+BEhS3>u^%GRkxl&J{nwcuzEJpjWu!}>ul>+y;bs2k+Y~R`^z04jj=Y^=Texg#
zRzA><ZpzJkxF8YvS`h;DL_Z8aYx$|oT*Y1bSs+b!KH?kZpB-~?*32a;1fiOGBgCz(
zFNY1j*U)=G0&m_WQe4RWqXLg;^40h1VmnV;QFV{i{i`Tr<&i$5<*-CYs^zpxs#f*I
z-jltGfnQ}N4Mn!^S@?oIPTaf@UiWFRmSj*V_hbWWA&xP#T?~s!9Gh=L;a)Ve>0OSg
zH{mjgdQ@2<yYzcyzvGxbRYnXz<IXuLEu-7Kh$}b^{dpz{<bTSn4baFeCMPd!Y6=hi
zFGMi|%yb5|7i-r+Er1~2`eJyoZ=!nVn#8Iix3<@5Hneo(#TBQ0ZbKwgN)2RDp4D(q
zL-=rejtFI(Rhq&@mH33;=r1D_T(d<5Zja<}oFx~z#sL{IZllPy>Q;Eg3{esPqao~C
zl38Z}7%&BLCN(EOB>;m0t;D4bR4XToG(Ht)Ye&}O6#0U8MFVvZtiS>ziDjxac80G?
zdS6)vG0JNh$^og4GjYyD?c;WG$d2HhRD-Z7rLyg3u@jA)(nkhkuz#>W=ujJ~^Rygc
zUGpHz%Faj~LYKF09s|1)P<2U$05D9Ej*zv-8D#6_7EH~P5>9_006ustwhrhUwWyIR
zrE*;iRtN~m+~eC+d_LUULglU8*S^;-6K)%Uq{~<L2MpwOq@~Q2fcU)ZyxoM8bbto)
z$@N!hdaqYDR?I8&c0~BWTiZDfJBMOWONmhDU<^v?B*#>)u9_F^ZI!>vC*h6R+0^6#
z|BeA~$B*DrJw&!Fc9t4ryTYTbzyJ$#6f8fW(>E8j;Rhdy&C$67!RuYW9U?7&BS**w
zl=eYB?3@b%lU_iRf}q1d%?67th+y*+6$9*y4h_1ybrX(z1=R~Q5t|aaQ2~?m_6irV
zU!C1R-{oQ*Bz%qr5%0I-;L0O*`}JBhHEAD{YrYwDljb%{>#JcpL<npvyh0dVbl-}$
zB*bmOs<TLse*lbD75Hzl+f>A<s+3K8j37@rLTOF$G2tf{M3p`v!P(zMmCzK(xQ@;8
zKbDTUu2wdXsY%z|!*&_1Ct?0ZM~#WgW3)&xC~hqt3g<uhY441n%(}YV`J|Xsx|-Et
zFmbhYY9cvG$wvig8+kSBB$*b)&nV8_3h2O#lx2jR)wZ0X??pv4o+=6|&u9%}r!+iB
zzE%R}31vcH&fbT>5ZMm>`nKa{KV+DOe;$KVTD3!;nWf<$VSZ19uTPOgow<f@w&o8&
z2>r6abj+Mv1qGFcg1aL=d`m*@9%Th$XQq`XV3<PHZZ_&LdzD<N)d^B--3&}xMc9y<
zGT96^UuW!`knhE7+2%O+hHe+lM_$3x74riLp;rbJtcrivr)nW9O(_E5zlOAn9-0ln
z>Z6+#i1ZJY;?B;r#Wc8f_ju%N^rZ8{*>X9*N(ptSi*A+=fnlmzsinvpq;rW*UQ-8b
zh$Wb8q=M^ai{#cXY5Q#|y-#s>*c;|PGcPWjofhvKsi{A>SzY)L^DFRB*-{3lmxrQB
zOOSJuJ{HO2oh)g)GmJ;WI6DphW(j`a+t9S<RHzpeG*(AGv9@u<h5URVr3WP=?_&hk
z#s<iyeeD{{+;H^!W6|(Lo8#PHbmNY21N4Rpj+_2R<Ke#si0GE;r)#|VZj>uL#OHK~
z1yP%ctEID{+(0Oe1%E)!@p;q8`L=@g8A3#RI+qxGWa%gU1EP77eApSdknfz^<gx+`
zWxjuo5^>!w9Po|xD|()Xgs2^HK2SFxTxjz2d1`)zRoccQt^?BsmR&<)pc6|jO0cBq
z=@tm@(fkv3K%8Iqk{dYCCcsh}TsN4opnPCCyG?0htXT5rk{R5(gg|S>MUpK);$;7_
zf9wBPNC%MhMCaIf{|7xcg|mImY%6!p+VDPbT@Hqn6i}lp*8Vp13YnV8n;&FH5(`MF
zjJ;OayA?69kVA4vKVT&7imIa_SW&Q-+PT`2qgp~9c7br>KyanU5os!YPA4W3OL0yg
zS;n^p7Wh8To`R${2K$a6891lP;N5eaKH{V=R)c*{aIVWxI?SrxQ8Ch6!)lc+;*Yvq
zBceK1IBI3wx^%zQp^q>evv|$CxF1so$^%2Oywc5t1Ip$N?nxY4aSami#X1Tgc}G8&
zy05v6P>{@tA09kW@Urp#fOY3~k^Fi3YKYdSY6*I&nTz!9rKZY1H;dZ0^T$Q+)}0QR
zN`VOJs-~*JE|YsmLYI4-kLc^h$XvOL1mMupd%^<b=|&)Al|A+1_j_+*BEljY2Qde2
zXdP4=sS+?{!zoWTmnpli(ohfs8?w)!iLg?cL%KLzt}V0Vp~9or?oBSif%_@p#CQ%c
z2D!C9t_Nxum^AIo>z>wncc6k>s>nbe3k_1GlbOV}WsbL*W8s#_zdaHB49&cfwIm~*
z#kb9R!GsKuV>Id1Ht+5NU|&jYDs~u<EZA35@xT}o_ety;SHfzAq0&#%WZ(V(_3`+o
z?S)S88C)M!P|qQ}gr8+cZv#h@pqs^dH#WjG4vQU=R0jI9vTpQeCjDz3<FCHo0Wg_s
z)yp!i&}fVOXQB3SZ=JJu)+%H5gB<+bN@SuTFFZhE^;{lSG!_IsX1T65a}CNo7X9p)
zNj6D{!Nxxew(Lqwi*l0;<ps4zSam0Y76(>xO#EorFP71yM;%INI3VJE-c#?qMd%Yd
zL4LUCu8|}(RIrd2qVYP72q+0o2o{+9j`fDA7SvKw{3BHeKcA^J@q%0RCNkf_S{*Xg
zfBhI&jEt>)1BFDYIl?f4s_B1jnOJJ$DuG+;>V@;6Oio^ad0w}^vH<<mZf7_f$E~cL
z1GgGpJgCsy$3nUq>=F=f>)yex=w7s22rkWxLyrWQmCb|pfp(JPnAFce#p#a~G43^z
zg{~D1?$q`~CY7r41R&gg--no-e#WW4N`BdD(FiO~VTUKM+rEtL)^yVuZ3@q~lx66C
zl?Po3fp=&s1ff5EgjHT_7V5bJy+}ONJ3qMo@qT^H;ka80m?px%1mg@(=;c`neD;Xy
zZM5z0&|~9zxOuk%+Z8H?w^<`aSJyM!a=GnKCox>t*V%LrnJ_AJ)P7>Cu8R6&)Do<E
ze5Nx#c?cI+bc_(qA*5eTzUAMJ?-ZE6+QDMe7IP7+l9x+G(T#Y|;H+B1vbF)vy?>-)
zk;a?p$Nx>g;@86uuhx^qM2y_iiL9Bl&+Z@%->I6svhwRsK%aL^FcItV{m@n1EHYfE
zr0@BNMKK;!doX^+`l^2AN`R-GXAg*cW}XYa>FtwJw68uIp+30po*<b$H67tosAa~*
zg%e&ACkJsbNd%Cu7JoI-OJPy!)2s(o<6R*r07E;Z+L}PpOqK=(T50bHITHawrQliL
zLS~0$&?IJ9#DG)lLk_^YLnEM|CN^T`I3PcEV2(o)^TMZ!Q2Q=^rC~I>F`BC6tT|q0
znJn~t%X+^l4YUJgPd?pn(GT`@FTe!F6Ae06_oh1Vi#vYDwuAj;a<|k?RR!%lf1NiH
zL11(5d0=)4hIADL3u<tFp29cNijl2!j5sMdXm^hZ{wufcG89=(m4`%mwEPaj{jtn$
zLbe+6&B6J_2iWQHxM&2T$2?rOpK@+ys@~6zbr*SM5C)~o{6}-^{J|q!j~c`-B9;1S
zO^$Et%%gPEB%YR*$^^Us`3ogZ+msMc!<^xEL&@G`TgE7Y9=zuH0R>a$+kl`s50}Ss
zn}xMde{LsRf^UQ%2%91KhNR6XTq#$0V@?KkZaWNp&*n-HbpC|WLuK3My8Nx_@8Ty>
z)gxKGoyal4Bc=tjnn76_%NUex^mQ&%-(%Kb;0i<yA-ClAe&#b)B^@W8Cg7K7t2ij3
zYA=uaUX}mGQlAXABVdoznbwoNM5BL*|3-5pbDZSRQzS3;;?U$Q8_DVmcGUq?o>2bD
zJ9tMW%EsgKKM%mWl%$UEhs-uafVBrZU)vZTMxY>kg<|grNwVpRW764)ZV|*DgO){X
zN9qz=Utr81{so`Cq%QJeEYR7c+DOl5EazQ3>)=mhAxeDUx*-Fd1}YyC$2VVnQXY~A
z55y5+A#c2;<ldGUU?oo2yyL<|5=ZDXSvh++UYKt}>A46M`~*KrT>ASGbw)g(hG(t_
z`FYmv1Ble23~;VX%DP2ZU@iWmD7gk%Gf>^p(gCFsaY#@n%~&^vF>?gsWCH!}=-rd9
zp6qIVmd5vUptCVAc1bB5gbLxu+p{!vv|Z8$8N;g$Z^S?WsmTp8{L~0^7g)TqU6|`R
zP;NYWo=B`3&Y6>ui^Q@)6oj+dkeE^?VTa04p#)v%r`v9Knfj8>cL1*MAJ4jxE~Qb?
z{lGX`qsmx5`mM9tAZS|_XaQ-0XC&%Bn;EfDCQGA<t;HM|aa0VELui#Y&EqgUiOft0
z7tXgST88N2*!t|~g&8lr#Jj->=Kp`?(nstQsbw?lc;+<=Vx$rUJ+g>dY}@j@EnO2w
zPOw;>MfA4NbwW_O`Uo3vXo%d7rj0UM!TI{2qXKhIL4h9@!m5ur8#%iXvzR=5j*9ce
z9NJ)OqXwhR_I`n4HQ8wgDBnX};o6CFm=3ZHgEpx3W}V{&=}4X>>F)8g$<FeAJyR(Z
z_9R#cdUtTL9}0rPv%IW4;4&)`e(-Py0<hQrA|c#c0S7bqcz1!d$)<fzx?2aH-DD>b
z1W@bZp4Xw@RV@z$xTF;HKhh9piBtI8d;`u67NapF!7+q%a*(t*${R2cTHc`NOwuA_
z9VawKgLl@9M40b0DkN+5cdY4@$diRbg{+wB$W4m7xe8ebWPi{<f~;f(03Hh**$d1?
zflKPq!r7MP8lj%b{p&7SM#D9u@Xkrfjtq>nM$w30vRH3(ki{<|KWl4RV3KWg004cu
z4y8cW8+qX3GhJb#cJ;c@)261<i0!C<oyBb4euaTCN0YInocS0{w;7whr*HDD`tjWh
zjAj7?*%GAK=07~`!DONi|B9;xX)~Ca(%GD``xlk?$$4XJ>-`&Cy9yTvYEJY)>#6;j
zB6Pv4NvaCg{HAGdCO&SSWepRGlv%?73tX0PCX~z6)OnwUPdMbOe<@8J6#mDIU&2It
z>I}nI|32Ye^;2t;8lrK|mJuX7j{=gaB%fCvPZGvS^gdQ_Z^0ZxkBCTwriI1p$z#+@
z3R^LPPS4`?G~ta8))rRa?Ii@^SS-@>c5zVIf}_D2Ymu8yn(t3dqSU(svA3VZA>v&H
zF#Bu^C-%!YWRcao!M4%^ECR65pLHNrk5ZXPM~Ta62GOLkI8|NFayE>_1B@Caz7QMR
z?}B~~mqy}yfGQy^k4Xc-S@CUC#k$(eDQ5;g`Wx})j<9r0tDugIVg5R9DKX#g_#^h!
z&q3W>pNyPVxRlsfx;pRvc)hnysit=HnA=p~f*s2ke!5|vWNOf#T7dIeypqr;Ki6OF
zr<ZS8o%q#pvJpbgV(p_ctkh~?QAu4efvK1z6T*E<{PPN$@h26f5g&oQI-J5TCse1-
z)&Mw)4*bi<jo;|AsPc!(($3dhtG5=9{(erbr5_^5A$_O05m8r3XybU@oe#FVJr{YO
z@}FAJYNFpfmLrpe8)-%Nz7?D6dHE!pnQs|WIj1c%9(C5q_n25AES~9d?-rj;oV!Gr
z%*JU?@3od?33A74O5s3L1=jppw5?+cYZ^^nWOa`SJy8Xslx4cnos<fLbC40Zm@BM<
z>%=sTeKl<M;79thJ!93<K;dkKi6K<}G>*0ZHDePIFnwH)RNQ=`k<FD|`Wrx9mRz3-
zmNCThyT!j4hDv1yusf&TzR#@dPUA!zXTtVk1Cfaw#52l7T9Z;~Cx09G;W*=dI=A@i
z*pRk>mO=KX<IRNtju|C1pawBXF*Z?ko1|{1fV<5bTNABjr4)}~NVnwd!wm3wJj<`y
z@^UW8vxaHEmw2|LNte0;JjwPwG%RL{{CJk9jHBv#kDH*Xyl%>lZtEB5cUk-#ldo1N
zjInWo*sR<<I(4%)`i;bHgIHWjqvB;+wt<j%zXw=rsUO75u@QsZ4+SAkV#^p>1V!hR
zxG1Sf#qy=hY?1HR^yf7mpla=o<N~w*#@pAP6ZqEh4SzYb2650Jj>cKQB#m-;5F)ms
zAWD#A2^1kUyb1!1256?aAJ;fFWIpRAo_-{5N*GW%@9U&?c#G=f(<RPr4!k|?R=qny
zN8Xldw9eQ^P^SY9PjksYjCFlo4}u3vF&0-vE%c76Dtr<|Va=TVGl|ha*#~T1F<2Zm
zXjvncbCVKwH5~>GEgmemWeABvICydde^gvSFRt}!g4Pue7GZc9J^{s$?3p1_1094X
zznJ}7Jm(5rIihzU@H`7Aw!iO-f&KvFNG|u2b~c!x#lN%C+;S!Q>9p0?CCo%{ldGKq
zrlo<m+Q>twuR@2J_ezXt7JC|iha!Rmn+fag9{mHPDYj>lQT5Ked6?7HTN&roTaba3
zI~kt@`eEVi_nlzjxw;7cdKZzNoFvhp6G4=PE=pVkA8gmY7D^I?<<ARG);Lx#L0G5m
zn72yAb=N<+Y9u%DIxG^to{8$Azd0eDVTj`(ie`z4cd?AtEvdEEAB!rB^~4MIiQ-T{
zSFgpZCcz3nb(=M)(fIK3jxqO~N#`y>^eEg^Sf0Al4=6`jV!(dO06<%MM}sJ}g5h!Y
z3Z?j5u5aN{df?1kN!bt7gQ(!1U*CBx6@%lklL;s&Bg{Q5e(aFQxJK*@s6Md#f{L;N
zzF<6KUd(d$(FCaHX?Sr<kjfN(#nu!QO-#astds@I4m3w%Y6p%!Vgf)(f;T8}x&pXs
z)W?Nu*tQ*LUuh!PKspst`~4z;e<_nxal1yNlT`I#fh_SwsOc1OAc?n<>Dm>xsgh0)
zM*1;aO2**#POxsrJY`P~)yUYECd18u;CG{c<YaMOr)0LW=i`3y?Pkl|tt@t&bCCa{
z+N%1#8LYBqw%qwLmVJ4uS{9w4^RaD}J7aq}f1cGnGps8E^NU(EU?}r#<Gi9xg-I$~
zAr1`aA8M=%EEX<OD&Cc+f^Zx&sbZ$?MwU?Na4<niDnq$6xBb_txW>|-+*yzY*AOza
z8@Z!yv%5%>$KN7BK;PjfZ^=~-P4?Qp+qk1~f$sBLoX<ls9e2vS%}XV^_!${<s%D|@
z!~lf-?lyrtO-<JVyUbImB!u05=SST~xq^7YxVDOLVr^-=rXuicKJjgH^cA;Cs%70E
zMI#hz218>HZV7T<f^t3Z7b6Kr<9A-STB_R7%Xxh^4*b%Ow}uA%a9@<R4Xg3MipdrY
z7alzf=jqC~oljpn5f^yfL_WCF{wX!~t%*7{s7LF^!VofHu<(g@a$91<`Jj`o8HL+;
zNJKSIs5c=aIf7EW=sahYFgoSEVnt>_BY&Sye58K9Bv(MJqXd5$&;UT8oKVf7aUwl5
zfTo#HAT*cF?01fBL7WL1Pf9lZsN6XXi}jP7Kk&K2#mVYh{#hy=Ta&tHc~GKp6&NWC
zJc=t2ry7<fAZ-MaM}AS*?R5R)MTF*DXwrK0+ak~?*e>}0t7qL|(pN%32t!%K09^&D
z!C57>t2kt(aWCN<<`52F$|X)Il0~MNgB;qN;6%wtblWXj4R8;myo!>wpN55c6=|u!
z+T3FHJfll(E4OOXrAkqQ51H{SV_*hLD+`in#8^E0IluoS!nkt2y7(j|L6wvkQH&?s
zlCAd_i40y~fudETm(SQw@i<flA|*~-NSZs{T%Y{0$c1`7)ZtB+1cszK0}lqk(<R>i
zB#q)#tIVD1Vm2kr4u+)gC8~E_M+=mjG62p28~59QN@m1$j&McWYbicl*mURC@lxw;
z7e|ZMxo4dc6>!m11-vWs(IW5tn3MmDClKXEE*fk%8LQboC7?V^+o?D({db`BBgrd&
z#(${wWE;<%xSZI$pla0)!3c}B^3Q>Uo@IY;k1ESVd6RxyV<OM<y>Tb8o|@0YuCg80
zw$U*i|CkvU+N@7Cu`9jr01D^;%u$?+>0UkW^w*R94BEI$yyEaM*r?Cj-VHVZIb0Jf
zlVMK4Q~cVNPpxb;`IBU08DE?cdHG;4QSqFtqkC1F;-fmA(0M7qQqYVvLqz6C;0r*U
zsY?UVmJy$Www%>D(-%uf3IeMyv+?a3eYHcGf$b7jW(A#XVD>D_uU-`g@fZz_ZG0{1
zLwyxijA!=LK}i(7P#3tg{{>@AZ`($=!V^Na>spxo9`u)+nTvV7?`6sbUBQ$68ZtYT
zKWf8awJbgI8RDz!z=gXNFCc9P5sJ|k$SjJjKmL$#k+Akz<|3$Xw;Afm=g?aaW<Ofx
z{rSpwogUz-C`!eM!sn9KM<w!fVJzdD58{!?BqMJNGnmqEFV%5pHlBR8;%NjWF2Q8F
zAXuT&FH+ouPi(Gp{n*vHzEsU<K&1pqh(udL5Vg$H_Vf1H71EPv($#@UC8Oj&)QeMd
z?lhC3DSU%->VG-F!hPGfJJ*1$I{&yVHFC%NQ4j6&cey|;#AW)dxgQp6u*`zA{Z`pm
zx!k3U51AO}(Q|4;Ur<@LI;zm^m*mD0#v9Sqf}HBA6hv<^)etm&OpxE7(jhApt7C4%
z_~<O{vNHmZFx0$IO6iyYl<Ipa*%(E(PDT1j9jmCh8AMl^38dv*!(ipkI#oHi{hWH4
z>~Pyl0h&}E<VDm)ts}Ko^$n`scZV{U!?z=V3EQG3*|MAchC%XhWsB7O6}U>#o_M8P
zY6q+Dm-Ay=9zF)+r}dd{AsefNLi2K-p*){?u^LPlpe6R4L>(P&t3Xrnpq*kQ&$cpG
zmgvgMsuaJp#(T9k1pUNDl+9JlZ4xV}>Fm}p3|VCRO$d?{Lj;hi^@F3UQwW*0LEThc
z)JdI%qo&&8^x~*ReRv32Mf%F~!~x6urS@I5FRW~n8xRm$u5wQPMd{9~P;PleE7h7`
z$Eb$g{1;TwC;ln+hkoF7gzF|>9KDk5FOOngCO8Cgv2qk8Kf7H@!rLzE%3dZ3mNoN;
znbIc`Y{b_)Cv1xvb|N~E*{-T(ZIuL`%@k7C4XJLry*D$ya9Dil70fO4EysIHj97~_
z!BTE%%Lq^5{$N@wkq{tM1YV~jd&?eTPkoYRP?We`UE(}oKF5E@gICHzk_W7@kdM{T
zI}n8DD`A;YX<a_Cy&6Lpza1?0GCJw&WI(|z6E)*n-C;-gE*hK$)5LaD0S6_msQ0+-
znq=3J&=(5+fmjm$HYCBO;yzh{MtWy3FF#d5o$dx9t}_#ePeQ!}LofKP#cqt=xx?u?
z7Eus1ZaFUU-GeR`bjl{qnXbQg3=;;{^xcDplpFV%=UK&mid76OpA$+*9DZlh^-$kY
zmNJ3|$Kj2?3C~gws3t(5odEqTIG9IsW%|`L_P#t`qBaP?I}D{eGRr!u=J>&tw0g60
z*4Hx1d2(F-!K}zfK%>K8fs8(gD_n_afWg`w$3DX5!4fa5Th6Ar9~VL)3aRj<CIB0F
z-prMo)2C>lPM=0``+YmhAj2Q1g<v5%319ezGC-UOdfyX7*)SOAo-G%e)@@asYUai{
z+K02LX$E3Y=6USCEKv<bUl~HXbCIhbY13~Q@fK}NIZQ^)y??yA)G!vMnb|l8TbQ2t
zUEn-sg4tm}1m8TnYZPBy7vPHA9TU+EyLdw;g<;HkaA6}Gu*M*|!d%^tkD<C`iKEmf
zAB(&-Y+AA3Za$n!ljH)-qtENNj#x^aPXKOroEBn(oE!Zyp|5I<U&wVz&A(P2pnLM=
zK$Wp=3q|W(=4y{fiJC;N(-bnx6(vy(uwCT*`%Btw2O7X-6tX0hCI}HoM?HmiDd8>7
zO5J}mNs=L{as)Fuf{LJ48y^3e1xDm(1Fy)~DNuzA51IlY64?=H&uIbrUh#p^P~b_;
zDK<+IF2o6?vX!{Cgf%%}BWl!FJJBC>=5(uqLd*bvQVjSCL-m9IkkkVjEU#6#VJM)<
zsvgPnO9*2Wqcc{g?7~+~aF%M$J$l#LJ&4iJ$>Y`BcyM<<@1X@^6)7O(Jsr8DjqzX@
z1m6j<mCl!PGG}t`Lqa*an=6bQ9_X#^EEVB@)FxDN3I_9k%>c@)6o9)Pl5wd+<U*2-
zTn?olH1=%v!*fqYq=HES;3AM@#(*P45l{?bfMR3`n+hUH*D&`2I}&$#e&8}-&)feq
zzKb85axkIl1nT4P0bky6dZs|L7ag;vBtC~^8m*8$jN2t~xVd|?%+Lx?edAB<RvvQ%
zWp5ZkrRouXCDe?^;pq<tkI9x{D1#<IvRaOwTFP}-fNty1M*US>j&CuYasNAej=J$|
zCO{Z~hz1RidHw9D%r__qN~UlaDef2oyI5()52}PG;)brmLsL^3H}R?VHcq#74jowM
zRDD#`ZWb~2&z0mCbBh($^4w*#6jgk~!zr!|hL2+a9L&tzWv*=Vk&zBB71>+gX{d2k
zld3Fpzo%Npddi~MOsv-M)V-XIcB%)$LPgUa05~QgE2cm4ILDkhBGpn@nfKS{CO5xE
zm$Ji`yoyH;=)UoOVIfEe*t!(9;&})qI;+uzE{Ei@BV~7)Ah~gBuAF1-HBbTw1F_Jb
zwG3TL6&7oCDB}b7F-Tu7((Nl1V^$24-Po=q>ZWq^!<)jGb3CX{_^aLhoSTyih*{jl
zEROyj{4vux9WmG_jfzpGVw89UUDLAH1LQIYtsF-SA=i}OrTox$L8}=@vF-%~q#4f5
zojObEvCiP!>h`ffMgK)n8A;on$(%clA9xUXu*Y|2I7bAJqU9`s#fZr)aj&*&m?#Mg
z1%Dl3$PDN|`wBnLz3s<O_a%UbL2n=*ujz*vG-X!Vh|wsvzQwUtM&wp#un$O{(pu9D
z-9LwolWQ$>v;jAijO91qxE&j4Q+CjL14>~tINCY-4kWENtt%UhM&XYE@uJ)ngudCV
z#Zen;>`~%3@;ULS@Alpgr6Oa35f|D2_35nT2T&O~TE`^Fe~^fF3O}KL{mlb*oEkS`
z%@rGjiu*#^i>@NU7T(X9)69lQouEX)Z%ZUU%x6gepOoMV<Dx$@=Kz^%i1vN1x$dmU
zJ$ZcI0Dl5mCq)*|{xE^G%)D6!Jjb)~T{FI9*nBB*u0iO=P=7T4)nz`P0F&ga)^zc$
z3~z9YpVv+H*lvFCYsXBwQl5~v4j8RL5R^atA1U#~5q(^=N#ft>B_3dlgsm}uHg68_
zxSwL3$V(L99fsVd@I&Zf{P{Y`R1+_Z)vWE?mwE6D`$|UJ6aGLjjYjkgz)2GrEG>eV
fafg^8A13-UC@yd0=g}<I8aP*%LP;chN>ZprnDfvH

diff --git a/secrets/sops/forgejo.yaml b/secrets/sops/forgejo.yaml
index b2e4a43..d3fbe35 100644
--- a/secrets/sops/forgejo.yaml
+++ b/secrets/sops/forgejo.yaml
@@ -11,41 +11,41 @@ sops:
         - recipient: age1kdkzjqy88en4m65s7ld28srupzwaq30gu2e63ylayhqedpgfxews9kf6fy
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4b2hoYmJ1VElMbHdCUDh0
-            WE9vWTJrRExYdXZYSXlxSnhZU2RQTVdLbkg4CjRxOXRIZVM4bGNWZWltYlFrREkv
-            aDBiNE1GNmdEUWM0djdjREE4Z1U4YUEKLS0tIHhFUS9VTTQzVnZsYXRmdkNNcGE0
-            R1B3M2RkZUVMOGxLeVBOOEdoY0ZiU0kK6IZfCAYJ+aC2lpuva8SsMQwmuo30q0Ht
-            jXomy+097+ecDYE7jqU6b6MTofskwJxI5tRlz5bdwqrEzyXDdTKsEg==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBibWZidXJUOGlYajhGWjQ2
+            K1JsdVNpTFJ1a0plVzNRMVJuS1NnclBkVUVvCnp2Y2JNWERpWklCY3V6VGd2c3hp
+            QjhXVzd6c1NCM1dmcXk1Mk9ld2xtSm8KLS0tIHh1N3ViK01uSGtoZEZPQlBWM090
+            b21MOXUvVW56VjM4dWZGQzlReG1SVzQKasO8oKBNlQa1vKOBUhZ81JyTYwEWjbrD
+            Nx2ed8f6r7a/vl3vAtyIi3vZrKIfCije/hGgSbqch8suJ2vgswZbog==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1es8273vc2yq89kvs4s84m6qffep86sm924k4my47a5qtau4ueypsgz3kqh
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINEgyUnlVNHVNVWEyYmww
-            TXFiRmdwYVpwY21hUU9JL0NPdXlnaEtIdHhzCmRzTXJCcDYzaEN0NWFIMUtQakEw
-            L2VvUnlNZEhGNzVEUTVSLzRzRE9xNzQKLS0tIFAwbVZQWVgrSXZNMXFiYWNacmNz
-            S0dQU1Uxcm83WDVYRXVxVVZTK1NDTDAKUFMD8+2DT5e0QTqW2oJjlZ4imyfWQpcT
-            EGycdAu6ZZ1IFfalwKChc7Q/w1IL7SoJXgfCTZ0f57GW0V4jFgG2XQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCS3ZqRkh5V3MvSUJqdG9s
+            ZWFtTmx3UkZWbGxLVk5VdHRJeExMaC90MW5BCkdUVnJOR1dyM0NXMG1oQVJ4K3F6
+            WUZJMFRlb1k0c1dBWVptS29jbWR6VW8KLS0tIFBqYUJXZGl5c095eDVWMGlZTm1X
+            STBxTFRHYWJubWk4NkYyWnVoNWg2aXMKiFRrdJylS8X+epTb2Qb0xhORC8LLciA5
+            B3+yUZ058I5vL/qhTreeSoFEGkFPSM1SdYkCjhDM+ksVIBYODm6IFg==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1ul99nmekam6rs9fpjka32aaxmnjq0p3a8x8drzxwtxa4g2u23anq6p2g6s
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMKy92ckozL0FNVWJLSTZS
-            ZnZoOEVwdVphNVlQY0lLMkRuS2J0a2t5OVRvCmJIcUpEZmZxWEhObUtDY3dWNVJQ
-            dGtkOHBMdGtxcHJqSWVmOHh1cEdoQTQKLS0tIGtCRzZuMVRNU0JKdlRucUlqcjRx
-            UlRDaURJSUhFV3NaUUhabFZLZEpyZWMKj79j1LxihAnJqIye+CY7zkLv6xWmbeVN
-            V5XZwW+LxenPElnxdfiL/+4nlU1Mw9pccVhdDMWqYRVulqRqRIEsHA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBob3pkdW80TU1KVUVTOUpw
+            Um8rQ0R1T2Jxb0h4SmxhYVg2WVN5WUpuQ2kwCmQ1c01RRklhUksyRXVaLzlWQ1N4
+            L0hqZXBLM2UyWFgvc0w5dUd2STU0NlkKLS0tIHd4OUQ4UFpJRzg5RTMxbjFRb3Nx
+            S3pCdzVGRFlQUG4zY0g1TTFoZk0rOTgKxD34waFXjR0jlMXSu8pVVAxDYrutoKTE
+            JUBLyrrz9HWv49B4E+RzIW4Wf3YPaaC29SXRWLWvDqKMrM2nnYAwdQ==
             -----END AGE ENCRYPTED FILE-----
-        - recipient: age165nqtky9a5kdhca70uwd0cewqle7egzm4vmcmrpfnqfuchjdg3esn7frvh
+        - recipient: age1h96sm0j0k5kjmuf857xurtq7rwk5fhptenjdlkgmadtrz4lm95rqm6ctm2
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTN0FRK0cyK1h4SFFuT2RI
-            aEgwVjlPUUxzeWFTa0RDRjN4WGlEalFXYmtBCjJGWkNKaFllNGZNR25IN0VsbDVk
-            ei9kNFozbW1pTDFXMUc4YzhZTnh6Z1UKLS0tIEtkdnUyd29wYnZWUy9udVViNmpt
-            RkdUVDRzMm92SEtrZXUvTldvVDBQN3cKCBuF/ayOc3gBveS0HaWYVG9fRHK0EtE0
-            DF6vEy9eLhRzX2FeYHw4WHNv3nbcWLgXU/IXdkVbevenxosFPIjHKA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4S0MvUjFoQ3h0cjUzQkk2
+            alA4R2ZHOTVidU5iYWJWK21zU3dBVWZZNXpBCnBYRUpiL0pJZnFNQzJXZGtWQmYy
+            SXc2YzdLTGx3a1ZrSWxNNUJsYnh2dzQKLS0tIG0rMGZPUEY2YTBWSTBBZGk3bzNj
+            YVMzY2xiY1FBcHZicjBrKzlUZ2FyOEUKlMvpN5grIvL9/Lwf57V96jeZjOf9SJeA
+            hxHUQDqiS5R5nUP5FRWEss8rUKCzuzVP3WqEIiYePZY7tZHvcemvWg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-06-16T22:49:11Z"
-    mac: ENC[AES256_GCM,data:3lg60+FRJrkcB4lNeQ97WtQ6AzTbboP9aq8W//pt9Co09gdNVrfDWs8o5eaj6r7ghoGu726dNvHmIdUMrp3jdtQlzjnQyPQn2VUzcR0Vrw9AqRX8RLhGouHyq1YDZyGVXdiv3S/Ju1Z/1+4+LdpyTZUaMwM05Hy2WZi4Bjup73E=,iv:wvpSqL/GZaI/nqZaY9TLMffkXP0GiNpR5JcEVO6yvM4=,tag:TDIRN0FBUx2ekMsDHNLVcw==,type:str]
+    lastmodified: "2024-08-24T11:23:27Z"
+    mac: ENC[AES256_GCM,data:6WMNrzb6fcCnphhQwLV4lXNqtJp6T57jFqK6pbDYrAc5kVz7UjODNc2r0qmsEsQ4FHzjF1bLJkPqGHKdJdefWj7MHYu3ygxYiBPIoy3SwS1A8uqbywIxLFJzuoIaZ0t5Rtt4hni5eK4DKKzWyqgtgUD1WjPFiPH7unlAyowiQYM=,iv:m7pXlPv0tpoQY1OOy9jZuMXI/IpQHa1WCBWJtGO7zbU=,tag:AD3pBAa2LcI2HZkDFmCBjg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.8.1
+    version: 3.9.0
diff --git a/services/forgejo.nix b/services/forgejo.nix
index 88d8c72..9dd7d5b 100644
--- a/services/forgejo.nix
+++ b/services/forgejo.nix
@@ -3,6 +3,7 @@
 let
   cfg = config.services.forgejo;
   fqdn = "git.${my.domain}";
+  dataDir = "/mnt/data/forgejo";
 in {
   sops.secrets."forgejo/mail/host" = {
     sopsFile = ../secrets/sops/forgejo.yaml;
@@ -18,6 +19,7 @@ in {
     user = "git";
     group = "git";
     lfs.enable = true;
+    repositoryRoot = "${dataDir}/repositories";
     database = {
       type = "sqlite3";
       createDatabase = true;
@@ -37,7 +39,10 @@ in {
         SCHEDULE = "@every 48h";
         TIMEOUT = "1h";
       };
-      git.GC_ARGS = "--prune=1.week.ago";
+      git = {
+        GC_ARGS = "--prune=1.week.ago";
+        HOME_PATH = "${config.services.forgejo.stateDir}/data/home";
+      };
       cors = {
         ENABLED = true;
         ALLOW_DOMAIN = fqdn;
@@ -64,6 +69,7 @@ in {
         HTTP_ADDR = "::1";
         HTTP_PORT = 3110;
         SSH_USER = cfg.user;
+        APP_DATA_PATH = "${dataDir}/data";
       };
       repository = {
         ENABLE_PUSH_CREATE_USER = true;
@@ -76,6 +82,10 @@ in {
         PROVIDER = "db";
         COOKIE_SECURE = true;
       };
+      storage = {
+        STORAGE_TYPE = "local";
+        PATH = "${dataDir}/data";
+      };
       actions = {
         ENABLED = true;
         DEFAULT_ACTIONS_URL = "https://code.forgejo.org";
@@ -106,7 +116,13 @@ in {
     };
   };
 
+  systemd.services.forgejo.serviceConfig.BindPaths = [ dataDir ];
+
   systemd.tmpfiles.settings."75-forgejo" = {
+    ${dataDir}.d = {
+      inherit (cfg) user group;
+      mode = "0750";
+    };
     "/run/forgejo-dispatch/authorized-keys"."f+" = {
       # sshd_config(5): The program must be owned by root, not writable by group or others
       mode = "0755";