From f3cfc8e0df0e67c2f2fb7ba5433dca762eb61cde Mon Sep 17 00:00:00 2001
From: Charlotte Van Petegem <charlotte@vanpetegem.me>
Date: Fri, 3 Dec 2021 14:54:01 +0100
Subject: [PATCH] Add tryhackme vpn

---
 flake.lock                                   |  12 +--
 machines/kholinar/default.nix                |  89 ++++++++++---------
 secrets.nix                                  |   2 +
 secrets/files/services/openvpn/tryhackme.age | Bin 0 -> 8797 bytes
 4 files changed, 57 insertions(+), 46 deletions(-)
 create mode 100644 secrets/files/services/openvpn/tryhackme.age

diff --git a/flake.lock b/flake.lock
index 29d406d6..81a5b886 100644
--- a/flake.lock
+++ b/flake.lock
@@ -42,11 +42,11 @@
     },
     "emacs-overlay": {
       "locked": {
-        "lastModified": 1638466261,
-        "narHash": "sha256-X/+fUmwDQq4NYJW8cPrvluCwhkgOQdbsNJhoY3W8+8c=",
+        "lastModified": 1638497718,
+        "narHash": "sha256-KoVCSZKy1CrWLKHNndkfKYI/Stf5ouun0FPcvVYx26o=",
         "owner": "nix-community",
         "repo": "emacs-overlay",
-        "rev": "931eaf998fd6ebbbd662798b5756f962fb4cda6a",
+        "rev": "225d81933fe74ecd8dacc267a472f92159b832f4",
         "type": "github"
       },
       "original": {
@@ -77,11 +77,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1638415301,
-        "narHash": "sha256-iqszstbHaO5PYeBXQf1ukgYj/aq9wznBbZMrtYMZzgI=",
+        "lastModified": 1638484748,
+        "narHash": "sha256-Xb5X84/PUMXCyZGnixyqjtVyEt5tlCCrSp4lfJdtiHw=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "de54d513c74bf8f4f3a58954b80b5f690639fe72",
+        "rev": "fbb80207f3840785e2918143ebe709f26372f91d",
         "type": "github"
       },
       "original": {
diff --git a/machines/kholinar/default.nix b/machines/kholinar/default.nix
index 0040a186..246c005d 100644
--- a/machines/kholinar/default.nix
+++ b/machines/kholinar/default.nix
@@ -1,52 +1,61 @@
-{ pkgs, lib, ... }:
+{ pkgs, lib, config, ... }:
 
 {
   imports = [ ./hardware.nix ];
 
-  networking.hostId = "3cc1a4b2";
+  config = {
+    networking.hostId = "3cc1a4b2";
 
-  time.timeZone = "Europe/Brussels";
+    time.timeZone = "Europe/Brussels";
 
-  # Machine-specific module settings
-  chvp = {
-    stateVersion = "20.09";
-    base = {
-      bluetooth.enable = true;
-      network.mobile = {
-        enable = true;
-        wireless-interface = "wlp0s20f3";
-        wired-interfaces = {
-          "enp0s31f6" = { };
+    services.openvpn.servers.tryhackme = {
+      autoStart = false;
+      config = "config ${config.age.secrets."files/services/openvpn/tryhackme".path}";
+    };
+
+    age.secrets."files/services/openvpn/tryhackme".file = ../../secrets/files/services/openvpn/tryhackme.age;
+
+    # Machine-specific module settings
+    chvp = {
+      stateVersion = "20.09";
+      base = {
+        bluetooth.enable = true;
+        network.mobile = {
+          enable = true;
+          wireless-interface = "wlp0s20f3";
+          wired-interfaces = {
+            "enp0s31f6" = { };
+          };
+        };
+        zfs = {
+          encrypted = true;
+          backups = [
+            {
+              path = "rpool/safe/data";
+              remotePath = "zdata/recv/kholinar/safe/data";
+              fast = true;
+              location = "lasting-integrity";
+            }
+          ];
+          rootDataset = "rpool/local/root";
         };
       };
-      zfs = {
-        encrypted = true;
-        backups = [
-          {
-            path = "rpool/safe/data";
-            remotePath = "zdata/recv/kholinar/safe/data";
-            fast = true;
-            location = "lasting-integrity";
-          }
-        ];
-        rootDataset = "rpool/local/root";
+      development = {
+        enable = true;
+        android.enable = true;
       };
+      games.enable = true;
+      graphical.enable = true;
+      programs = {
+        calibre.enable = false;
+        deluge.enable = true;
+        eid.enable = true;
+        element.enable = true;
+        hledger.enable = true;
+        obs.enable = true;
+      };
+      # It's a pandemic.
+      work.enable = true;
     };
-    development = {
-      enable = true;
-      android.enable = true;
-    };
-    games.enable = true;
-    graphical.enable = true;
-    programs = {
-      calibre.enable = false;
-      deluge.enable = true;
-      eid.enable = true;
-      element.enable = true;
-      hledger.enable = true;
-      obs.enable = true;
-    };
-    # It's a pandemic.
-    work.enable = true;
   };
 }
diff --git a/secrets.nix b/secrets.nix
index 9f9e960e..c9bcf1d5 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -55,6 +55,8 @@ in
 
   "secrets/files/programs/ssh/host_configuration.age".publicKeys = hosts ++ users;
 
+  "secrets/files/services/openvpn/tryhackme.age".publicKeys = [ kholinar ] ++ users;
+
   "secrets/files/services/matrix-appservice-slack/config.yml.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/files/services/matrix-appservice-slack/registration.yml.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/files/services/matrix-synapse/config.yml.age".publicKeys = [ lasting-integrity ] ++ users;
diff --git a/secrets/files/services/openvpn/tryhackme.age b/secrets/files/services/openvpn/tryhackme.age
new file mode 100644
index 0000000000000000000000000000000000000000..331c4348ec6cd3cded25847255feb1c6ff7470ef
GIT binary patch
literal 8797
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn3{A20OIJt@kEkej
zjmWofib~E;Hueh)sH`&e3-Z<0&QA<9D60y0O7bm8sW8b64&*9y3@`OG3=Ry=vrG)i
zC^h#<FRn=T32_PyuW)lqa&a-#jtHuZa0{z4^F+6;*s>_eB3+@%EVnGOC?qf_&D^3O
zKQ+qI*W5kXIMm4~FULG2)5pNi&^^`2B`q_f+><LmBF)DzDm^r_(#O*~%c;yLEG;uA
zB)_aQGT0<jJHpH_(ZVc0Q{O+!Bp=<j%ET0tus{X(isW3!aE}s;{BrY1QxE?rpAuh_
z9M`0zK;IDej65eNC%2+9(<;}LAPcUr#9)sqzkD}u7pIJJb1&zBAd}pv+|;sEqtYaU
zY;9jB^GHkoBr_)iPq1yqMaF3vy6Hu!iN&c3=BX)MZduu(2FBX?u3nW%VJ;CS&QU?;
z`C;ZES$WB!K85C?sipbJT)Mit3YktR`c65%hOTajp`k^IM!|`mMfp{ckxr?`POj$u
zDNbpjE{-W#MwuBFTr2&g4)aONPR!l(#i`md!*TkwSiL!aYo<u#e_>$B&x@&u5O}ov
zt`66t66;klx;sSTx7`+4zx(U=%Cg?@2m?#$DV^#<zxN)wdZcsjjiTR2rN8BGTGf?u
z=5Cdh_$58pxOEY~t1}8y6leZ7;43zpbYWRGxA8KbMIDPyJ+iP1JDOW`+56@*R;k!$
zmp7{>uKT<3+aAVRzvXXVZ(=TNW%%Y4bg%PX^uES}z2)5dc^0y!alfg#CcLog$Lqze
zP5TdVyistiaND^2{qe>*TMWzh{;rlyIJeJ|q3W^h4)+F?DK&QvMJAPfm4CU~@bLS4
zFL?aUhOM67W9m3vzLKNWF_rbK+_d8wT??ll<J+gmA0TBa{;BY$q3hbeJLVsFtju$A
zTj93-n$e1N>1MZcE_|4BIHagjiQ`tvBiZ=3Q?9?h{4!+UYCg@FQ_=we9G`9%UF`OI
z=I33~*jh9xx;W^5T4UDctA-s0_f&09s=5`3{kau=;bYm^@}o1)-1>Fc@`I6#WQtFs
zf~HkB)0aIQXO?rS8n7yM#yqw9eo%Y!2M@mzuBw|i{x+;RsnMXdMt<G9>L11~U6KK}
z8rXb%-EIHv&8oB6BfM+pU4=c3J!hWTT&UcmZ8ZIE>7!Zaqa!to_H1A`Jdk~CNAt@4
z&zI-sJ$j?K<>k7N)onlTyLV;YNLcX2^TzUoxxBIe)|ac!tdxxNwwpFrIr9O-8O`Ow
zV%s7cyw%mtKl`R2>}gwcHcHvEJ)lHe;PL_c1nq+l{PwSyRC7nTaF!E8QC3y(guGs@
zS*us+R12<5eb{(&@1e?fo+|7DQQg;>m{l0mW^H!<^uheW?=G(|53SZLjgFQ-5_KW(
zn$KyLI{tgdu2%8wY_qt>@+-hz#I5uCY5ORjSyB_GJX&&$Pd?D$+y~<g!4aXe-rsh&
zJ<a6w@!_+prk3}euFbhSeb@O=rf+3uN<-qGT@IeM{M;4Y#~Tlo{(Lt}E-fMQ;6*bI
zbL&jAn$sJeicAQ*w&|6q%#Ih&-g%m>`=BlPSul;~&Hrh<K{sZ;d)f1}bn>H<A;;Hp
z_XSLE&Eqq)Yx=$F;njAVl$Ak(M;q2p^!zzf<Jt$^(Er!}SaUp0DXi*k@?P8Lo~<Fh
zParkxu32JPZPt?&do%Z}_6uX`yZq}-SFq*uQ-6M$F)%m=E)LE*%lG=~ME(iU`sdEn
znIG?&+3ah#==X~cKe?<tH_Dv4$K}9&YhB9fV|<eqbM0BT>|SN1^ipq4jqU3`6$x?m
zzB%C+5<l;`nRTe@ME{i+Jh_j}<vMnCCf6K^fT_%VKTPs<)jf``U7YfMWsUmuOn29|
ziRsfeK4i5ymR9(xuI7-#Le1<|$)e1UTqk@e4d3!`&cSa>Hi*S<Gu%C2*yGF6SyACT
zUus@H{6*>iCjQGiEQN!u%}z;PoBlqb(;@T10;Viqxr;jkS7{!~seHUULA9pD&fk2M
z9`_>cl*Ni$nhqY_Tgl1oxW1J!_gbhE<2U7bJNLgh@@&eoLpw8`I4MY+W;|CEn^2e@
z_DjpG>Uq82{H;e^e+iVBTiU*<EL4?l^OoY|Y)m?&Kb4>5YOvv!8G0;>5A#glXz=Z>
z&z_DrW1qto$!v2U|L^pao&G=a<?MMv^Nv(6T;UzFQ=>p>hvzPidB0x>YfcT6J#@O*
zXO{9NL#e6D72gY-m5@1MQ`%-ZS<T}AUpA-G=BbT3a?|})<aIuGwKvV2@*__vn0e17
zuZDXOoy?~~Z2msCRgrx8^Bv14Zm!aA55M<Ky<t<JXi`4+s>ccmjZ+fq>Na1q(O7Z3
zGf(79m*n3z+02_lFLp=eCM$kxd2Z)^ZHGdRq@?o2`xoxq?lI~=U?OX<SJFvl(ftjT
z(i<0Ku%xb;Z`hnAy?npBVDjCFo}+yt&*KcQ2^lHZr>%Y=aO$yu=ee!bi%Z^5{XDZ?
zc=4L+qQ7q}$+@jQ!IZytMQv&(%bvU9<$d!G`<-a{HCZ?0%RVmIwI34OyH795tNZhO
zS3*uw<1M}OYj3Ab(_ep3x}5XHw8Zc*pLo>|)e2!I@m<aTiWUU!Idq=wmG8T>`)1-S
zIYGt$R<*wU(6#Q6&-?%GUQ=6NSFdv4U0Si@hP}K{iLIHvkD*UYMw0feqi4h(Y-8DD
z)Dx+`;o0S7Yr?N|a|-0V{k37?<1UFF83CPY^E*Nee-w9EUWj_CarJ4-9jBA86%Gfy
z^$W@Ow{Y0}MB7YgA=iRifi-8II|wN6F<Nv=^JKe{AfMaJv-cdTl8;@U_(#jN`tij0
zv;&I&)!NJ-)a5?54J&pr>)zC(y-Bgr`JDObSv+s65B#|;|L0TO<c&>tk9alRdSK5j
zD>TjVYe#MPAKOo+yC=CYevHrZ-NK&PQ#rfncT>z=UGoObZlO3!HNV*O2S*GQdJ}!^
zpWTV5_F=57pR88<$&ULT$C77rpDn&=eR0~7g!Wrg*6;FM>3&S^=<_<oOoOLY>`D{7
zDxb%AWM=nRCK*25^Kj0S*($e;{H_ZBZ)d4wTr|DWSN!`IZc`QUivsg^ty(kTq7@T|
zY3inZ^|f30)stg?_+B$OJiTH14!O5aE+3I9d0pQ8{Ym-9yN^<qwQ6#-81@D+Uwu%b
z>UO=3t81lluF;Jz8_vdhGi_P>aeMaXr#>}45__$8TfUC(zU41tci7pDD>6QYIVoMy
zx!UvN=fh9`P0lF&dt%Mbn<s)2J~r$Z=HGF$bd_XdnZSy-N9WlYPiG1hTGxGTk*~1+
zqJVcz$CU4Hy4SgH-Tw7+JhF?{`Fh@3pqa<=P4d*!b1uHwvkYc;JIg6pa!jA>S!88;
zpo#lh&IyJO0q?h0XYz=jmRf&h!jUD<8rmwCh}w7@aqK#q?m1OTAn1jk$<kxS51BT)
zSb8luqs*(PJUhN<_wm#V|1u6OdCL1tip%vuP_UZQw<F?P-7b0ixk~>{J@D(~$u-L_
zcqd*q3wd<Kcr$a?qr|TBQ@>fVXk0Z9`2Od4$+@n!muyqwZsav>Us0&*Xc2XX&;H{s
zpYnB<+YFlx6Em6KmrKP|bw}P~DtIi<8&d6glkNSDFE^cJ7flUuZz_z`ICV9eOXIQ9
z@&}EPT76ua*{mhby$w5V9d==etjgf^*mSuxdXw6Y-^Y(-Z=HOv$l&?@mtSRHY@St^
z{7i1K+p_*&EZ4618`gDiei6I;-?`Iso1*)k-J8<$Rqxgumsyf367LP~IrAS56+WW+
zd*y=9Ibu`ZY_N&8ufHWM951!z$lU9z`pzi*xFWS{YW8de-{%!fj9JAiYz}m%K36)n
z%qZvfzrU|c?mzu?^=8*JA2&Je@K?$9atrtGTfW443U6Tc#uq}|m-o~)Ssn>mq+0AI
zw46O_{#KQ*4(spV>Iz`|dQmy<Dtqvsw4^%eeQa6{ic_D&=*@fOul6<9%<a+hr^-Ta
zIybN172KJ)qxSEFM}0>;%k=JE6xg`qPiNP>>z3j-88)2$(6}{ZqsxvPRU#{&F4_M0
z>lB71u?n7L7r(vwc2scR$#(g|kf&SYgeSVJPkJ(?HzU(^<AJ@q9aJ0-#++hYm>VIp
zecoTqWj8AJzbMOAt=cg&>ihcZ^%wGg{+e|}G{q*!tw{BFTjIY%Gi$?hnQpY{9a~`i
z!*7N@2ai~*Ny)8^3x390+TAY7{Ix##xZIl4rBm;pT+npzQro)Pi#!pJISqo|?byB~
z_|I>f5ARt6GTVc!w<X+Edr?$fkSy_ibAOw{0+Yi`Q{Sq{|Ng#Cr(GiCZQ{%5ZyifB
zs%vH$S{#r$)bQKbnE&O+B{pBzCPls2yx~Mwu3X@)7Z;XX;A}d?!Ctw}#%Ax<MNP7|
zCS9(Pe7>ukPiEGfrX-nw*5}HRU9%(A`8~Z%jngvjEvP*1k#=#`oLP!GMZ1&_yZv9Q
z@jT%dYi8`K&32`0vkNTGy}GXx!1Jc;UihA-C3<aPKf^c;r%p^Z+^xK8PtGRSl0y@^
zj!#%r&lW#7BXL*8y<8=;WoO?8)N1YDzki0Y*7buqyN}fciCmkwR5NJy#Va<|fmJt7
zw0VBn^!(UY#e3hFwB$AJDOvrWlU{#r{nXPBCm3hFN~_qwTv~WW<LpXzZEarl2}Wtm
zUwbz0@XT@hbWWx_pl<J~z&m}->P0&?9pOJ}aI;87++)I%rp$t+i}YQtY^_~=ditM3
z1zx`j1J*zBK9uCXspw_2+IAIVlP86z*q*4&Ih?j(OV7%pi~nbS@6Bu8u)6NE-aml{
zJ;jw5*Hk~3$-KBUGc!lqU*6HhX4cCSEypK_G{;<AyY!=NHp^}$pHp6imreeBQa`sn
z-1ebef~3aR*2w|cvsqg6vJ6G$UR!&8oo><L>8o9S6rW`0To&f*<uF-wj^vfY$xN$u
z+3?-EVW2hRvz&ayA~TbD0yns8bp<o7JzOdk7kwywb^1oV@SnyW_hznQ`+g{2eW%E`
zyD~|R<}dd~&H2l|Dm%v{M&XL;<3|P=FGbJUrK?^!?$9RE^im*yMW&E}9e2S--V18)
zd9rdo9&z-ms$lPHJFR|Ec1y>?vR7&`yoIZng!3(Xa^C!Q^Kf9Vf934*G5wdc#lpBu
zA=TIAr+yhbYt<Q;^6iS~TN5wF&KaMvzwI|eYtz-AWt`tak3YF9^4MI_a&^w~m7xa$
zPSs51+3$O~_W0{V4_`)x?Nc?|Zy|m)!Y7g^ASvL@NBP*7U#?yjRyx9LR_i?D+Ebeo
z0*9g|gte{8?D-*jtD;6wO6B3B7Ej+7+jw5>yjbusn@=F`8TZ=eH%}jbs#~)nscY-E
zr|ToGpL!ts<5=N?)xx4nY<yoDG<<#^dESzFdV=@^e(SKh-_`-9iN`Y+%*uFTa!`M3
zd&`RJ;k#$4KPk8=u4MC-#kl2$)EYgT!=9xLUkrQaBrQ1Xd+vv=?feyi64NxCmHXUp
z?73zbo_#R%seqAy$Wjf)k7q6^aeV%&8r$~X#nqPW-r4SjHzw=vyt%2$iPs|N!rBs#
z^EXZ`Gj}cN?VXl-ak=$^=`xu~f@1UiHeZ>=DRX|+De0si%bH5%EIu5~tv}SJAm#LA
z8t*x`jw>6k2Tk_0efqxls_eUVvlY9Rol3CGR=HNjStKBRy65JEn-Uu9Q!dG}1gV`B
z&okYh6J00t{(t{h?kksbjWeDFA6$9A^ZuT1)89V7V5P|XZpzcAwbNXFg)Up1f4Z%t
zTySRj>?H<g=0~38{$jkUhvA^Xh0h|>bax%CtMr-Kvxg~X=kq(qqAi}MSA0|K3X*5w
zSh_ztP<jXJ%cXD5@t%yhFDBK#=EBvjZsn?tR!JvQgcmgZ`@CVsf%9kQF&t7|*}cf*
zn&|s2_XF8XYm(jftbN~PzV`P2|4nZro*lB)SnYZ9UA>-J|Atu3?~FH}ONAUZow$~%
zonO)>(Ue)VJ5SGV<G=mCPHMN^iTdHZp!rEcU1sfi*UeYI#BPaa@Q;vU`s|>8?)EW7
zHLeFsPAs!2)IPGK?&iY=L+zQV{EZV?D>@cjGxIg+Iq7Zd^-8xSv_AH!?iY~?>(h&^
zB27ByT(s@Wo%~ns`Ru~a2Id-DzRs{R-%>RBc>L9!nZ^P$941|BO)UCfF|X&uq`R{B
zo<EB_+7r6|M-xK{tHH+=?;AF+{u$NgFxCA5qkTg=V?5h`Cib%rHVR0-iP$XJeKsY^
z>PR}LshQEg>^&uQ3spISSZ6+zb9G@>zx7A#q}{xyRcX3nNd+fwIr8*8?GroZw8*iz
zE&qbW^8-~2wtY*`;Cw%2_Lu4zGu9_DyxVuktYQA%$wn`d!;+L=aCQ7yJbBrzm0brP
zu%|7Umcw6MwzyrzqEdKK<w~iv-dB2$*ykFYa4Qa8tRyXWZr_*4x~8T%zcy(Y{d+7c
z^m@(4BR8*AoX+@SVUawGXP()z6%yLF*44i&syBOLbJ4)<(7y+9;f)=vQt@`rCX`y4
z%e4niy|_N7w{5AVbf8ZD`9C6z97$nnB33ahI)7Ha%2(HZv}kRp`NhNsdyQrGf0O3E
z?46&%w5qM_*s(cV-)||hdz5-f;o7<{J8oPuJS1G|@%!ns?=zE^ur#sB_pKKHYB;I>
z^D>XdqS}emWPDz0eBS%yOgY<QUb`1clkUwp6=fK&y?U}jX6TX+$xmM{-o$r(pYW}w
z1L|q<iLNiaryk+IyOhoN$Bu;F^C#jjBqp6{y&L<^S*NXk@eW5>C-(0P+-KB!bZ@Et
z*|PoqG=)_O7k4ZRo$s30@IUZE*|Oh{o&Kv&*URf&f6Z<u|GYN67Ml|i&+{rn;`*JQ
zUdlXUnWt3r?3^Lj_0EZ^^B+09p74M}`2TT-+a=2+r|q$IzI#bb#h>xY=F6RC{jJ6K
z&L+u;^R`sT{`s^=W#!iNBISI`W$&3?YNT8;_wM4aKDgr9)p*St%@3AetoQ$VcZ%u-
zo==%uSGjnsDqgVIYYlJCy}9dUxvF+Go-LpFaGp@*NA|@>;+MUf_#?Ca$_=Zy%~f@q
z{+G(whp}yUypU^@#J5RaSSw9-snY#0@0*Icii#(;7rPg!KY3@vJ44GS^k>GZkgk*u
zM(v;C1-TCCY|~=;nYCZc=sA<ocPSQ+G{;LOw#tvg7W4&M%El<Q1@5{a{rN?Y^umdk
zOTWL<jOyI3#v#`++jP3?K|Q8C|H+HEx2W!ISnB@u=iGDKwmw_K%a(B>{`MTlUAv^V
zxh;P3VZLtk4xZSSom(!1w}mvx-+6Bnu>9k-g1a4_--_;U?YL3czhipmN?p(1U43!<
zhBw|W+i|Nhu6yS7=9h;oFS85n^pwd9xF6WZG3V{8{2x_KtSJk1tMq?9F2A%jd|pX=
zjb7sMvtM&nydUn}8zq>#Znjp$>ugWU=nv_=Uv`M73BI@z#K`Q`%e6^lx^&X3T}tdO
z@BEB2nNKb}t2AZ1`f2uAdUg+-!p=y%{WI-s<bxa6wrXv;_y5%W<;#7&_RsJCw#&Cn
ztMrlfze~6MlP6v|e^XNC)k4t*3-9%h>(@j#ZqiLN6u)Gw5$Nc&!{<>z;w80{Hv-lD
z5503VNq3&$R~2z)hm_CkZ(ANq$zI-d<(t)Kd;gzTlmGAfWw`BDxyQ|r#bHzHXB|HA
zeVa%FV@b4qb+_PqgX32lRyljr{qLEiGk-^X#-?qpzFJ-OB1gWSzCMY)@x{>v|F@m_
z^0(7}*{U;sKRF&bUrzgeg85dX{H?mX8E=<fa@T$z{blaIwvOO*!8_l%v&*kO<=){h
z@IsUKiMg2Wj8jdaaRs$}1w5t^lWzEF>dk$=e1@oJyB8<3ZC8Pz%e(iw#(x)oKdEwh
z^7(m6MF%%644V|-`f|PCYEQRajCD&tZ)UV)?J9X(r7yF5_LRqLjgR)ty;L(xYnwRp
zUJJ=??M)GDEw1cfnO45~#Hwe>T)P*jZ#KH!dUb{IC&ODhwmDrN8J`6GUi|+Fhv+<^
zbB?Y%H~F=)%YXfl=iKde?X>TNRF)Yz4$3!6mPVb}bJ@0T$CZmO{^#i{DxF^|@nZ51
z?zf?9r!8LDp7;FBFZXM@Y7@7=*>c)$(Xzc(GjDt3InAsHJL+`KW#P6>!Q9;1vS(8h
zH}|W4|8CR4Q$Dx3TlvHVuO;F?Z&-b5wc~xl#c(wFqX3uQ?lnO-laynoPQF^R!mm#)
zZO!9tXEZmvzW=gF>Al&P_T4QnEKPi_9+Rxn%eBmG%QQ8dbkEynVU@Lh_f?;j%k<BF
zjXThH!f1I=<z2B`CPI6XL{Ex4{4p2cF~7lhqs}L>H8WS|ZMLdKcZ#C=a;7+|jcXbj
zlg@rD*V&VIdG{{;sC!GT-}slYKXM6uvE1rsKt+7C=Hu^|a;No}>D>r;=bXRX^b?cd
zv;(CF{Dt&f!#_0K-_VttaAV7@mko1Q?o)g<Cw{U(-+!^?SMSQ_p9*+&RrRS$^Q{o(
z$A53X?>(t=w6Zk4R%?5d??uOk{10z7ygF%lXM$)Wqlts=GhUaI-zpsc91M)MSajdF
zM8qZ`bCv%Q_uM^|tKOyT4qoRTWWsB+<Kz6NTnpWV<vzAQug^Ha(K6-Bjnx4s9wrAT
zFWO^&ft#0s+2UN4(}#WAr}s~P(Rg>xF7XFJE$PnTx%tI*l8eR6Bm#W1XOxN7RHb=t
zIO7@q<7wl;pMMiPiq0QebhqH()7Xi6`O(}}{XO45Zjnx^%yo~9cV#&7t>y3!OXkk3
z<TjbL>wTWhIwEDcwf=*a(f7<fL4Ws#pUizzuJ-Id%h}xt6}i=Nu4NJ5KO{ZaYL?Ke
zBq?9dT*(=IuQ#mCtz4PcZ1Qb^nLmu(I3pJ2<Zqw9_I!};CGMv;pM5GgRDPS!y>ok8
z^pWUb`6DdnV#*dykh^H{%Zk%x-M;;gM2kMndHl9z$E>E1zxz^`Nlcoz_rWDg+xIMQ
z*VU!I-TCm}+Gi}s_rDejYIxATeq+3!{f-`%LzlAlEw~_*mUegBsi`%p)>b<N43GTn
z-^q3-v`B+T{H*OvS(l3^|M}F1zd2!?9G_lm*C&7UU359?6*11JjyLD{*X1f&N~tv%
zhd(SmtNx~C((>D}N46cw-)g;I@{nL$;vSc+6U$uB{9C+<Pop^LM}t6zhoq~WwCCc<
zw_a$pb-EpoX^4sW^Ze7C!{Oy&bNWyA|A|;3Tm9#s)J<NoeK)Uuf5{Tja%-~roLsJ>
zzLnp9ZrAAJE!eYu!IQK#yJy<4xjQq8RGKQ6>~rF-Q;ayUNNc+mW0YgxK7RJa6{5bW
zDhUrnHpHmb94Lz`-%)k$SoH3-X%DA=_wM9=w4CMeLmn30S%=ih;{~}G_Sf&xewKIe
zJh#b&7md%0&qv$N5RUHnQNtm4jj^styU;SGaNq7qfveR&&5N#23GhF$|8il6E!TUE
zSC)*QlO^6TW$I3f(YL;-^|ecc^~6FBl_OnioV>mTX?G-CRKH*FV1uYf@`~+(PbM4|
zaD1d9HOb$1$phcV3#~V84BY-MYirEkNxd4oYzwBw$X<@Lao?uzc>Q{X%oKjl_U#@n
z>s~&!F1uiVyd=8*YuBgQb-918oIQ76_|2D@a`M(${L-9qRXfa|TeOB%nT17)vTeE+
zyF1~nGoQ@9^Jnyue(O$`_;vm_!=3Nn?W2U>TOYo&nRDCf<U==BR(|deo>d%u;9Sh-
z%2-AbsTKXHC7UezI2YY^P!(o;bC~IE%jP{_r}es@EZu45`}i|o?D{~9Gg@krxo;FU
zhu+_I(fIJbfF#B(K5jBgMcr?oTzS)B)&W87;}dKSPT$&gJlav{)%)z5PnMpRGurc{
zPG<6BgDbZ$U$tY|Yq)KZhojfTWZvAirYFVw&iJY?VbQ;NtMta>&-diozHbuP5fPx9
z>%Qk`&aUNKoGp9ARo&#nJZ?#~imndyZMve!W->otD8F)5XzS$Ty$v&*7Pft>n8mpD
zN|T-W&vVlX9d-BZ?|WoeRNcrW*)O^<Y4MND%gfKToSNM6d0C5fkC~&v)2N-71P&Z1
ziM)C#=-^Yn^|A7)K`Ub9Z-wc)ujt+AnVukU&dO6sDEf)#RAmP1Pmx7>$E!I*-}Nu(
zc%CFtC)=<8@{#MBeII?4(p~NHoj-0_W_LHy;DYwfV+*&d^(oJtv9nOw(UeVAZf@3N
zF{5p5i$1N7yWn_u>%v3VN`Lnk>=Ls`>Jh%2A#(fXqwNdsi`CqjaPMegy8ko2Z$2CQ
zui8x$t9fywdc(1U4bP8PSN!`tZ9i9FU|(_dlImv8%PHGGCqI0Bed46KzfW*Y@UbqB
zP1<`*@mkNFZAAvbO^PoM?@17N^Z3roy_}z)pJ=-7(`)u6?ebjiFy#szmJqQ7w`Gn?
zcYm>~z4PtGSyp~whZ*-=IeqW)CRfG3<$GrN>tV0c8?lzhVZ73}0`)by^=|llv*$a@
z|8ARE%EI?4F$!N(a<=G(W*qtYBIw_Pvu4XG{@l1})N${^m#~Mjj!nOrnzznOR=e@|
z({om>`iff%e(=^LSf15Y(+prZvU&mE`a7%TIw$;kJM~I|u+Ez6tWT>0x=)IvO_=y(
z4nx)=pPyBl^K&Ert<J9Z`MUeJbXD4p@<Zh;Z*FgLNzpKTn5dQU)5mU}txcZHu28kK
z34I?~ZnXF;=DMoQ<EZw{<HYG>o9BEy*YW$y&Q^uoD_J=<H)Q9XWI0hC;&n;+>5J|o
z%u{UoEgpOQ$gVl|(TGz|rA+<iS6TkRr;lDPjjEY;WP?t8sL@qEz3a+T!>m?XnyuKi
zT8i!L<ZT5GhBnKyeA;-NtCxMgC>ttpnybWtL#&-M@^p4p%hmJIJ&8MbMeYe4ta{QS
z_jjAocb(KX(LA2Et3*v^{jy=Wpx9m_Qn#YuqO;X;#qVNYPF|ItvL?!{ddI1+?#K7`
z>&L59i~KvAxr6sa_TKWRF9M#VykHB6yZQCOjo`hiMXS5HpWfrsGkcw&Dq5YhrHb)R
zO69%2Wo6fM_V_-VBHh8^eL}|P5&yo*mSc@?@&ck}{%^dQuK(FQ>G;06t)){oNKAXe
z<TCrk*W+>5F00v3|DI;O-aLj&Ny4MU?RWdkX$*zwItv)P;uK5Getvm7v4PJ=ROSDp
zET6}l?`4<zU7x5~x&7bQ4`D)k?kV|Lblm%PgE_pf%y`kNgW*gCOJ(<bJ$7)3fMkDZ
zaB`c})x7_%{iiwHF34-2I(2`Q=f&g#S5^nsz19mv&d0JU9ou+!jgGrz*7k2p{awTM
z%5zmJ-rse6!NRKMlP+gMe%HP&)?KpA!uQbgfCaCd7wxcmy_d&w3m-@NGRw@qDQPS2
z-&>o0bIQN_nHTJf`6eG_`tzdp$?DU`|8{e)cX>KB{Ic0arsG##=Y$@a^l5r$a@T~z
zr?W!J=7!`i7c!6g!6mnT?ZtRT88_D_S}f@nGv1oqU0p0;`^#qmZ(dqcWA%BiqbJKg
zUFV(>Do`l0I%#F;b;HId%eN*>t*wz)d;8{c@cz?cBAd0F!<>&QRkJ8AoMCHf{2^e+
z_j6%kS*q!w0_8vSjt3k*CB93}@`~)e2`{Fa${uXAZ9E>majx@mgBzyd`T>X5sBM0I
z*{kJQZ|T&RZ9bXFlZ-Y!JAC%ogSl6pu3TBOtuV;y^vz{QW<~f0A2rUu{U?^6@6G!N
zb^rZWwygMbB<pCbs`=Da2Tw3hx2n-wTiz{gQScy4aIV#F_b{oZ9d~yx;`CCJR8d_$
zA*M%W`@%gJ^UJcT4@Is?dzlk;*YfRU<+r}m{@h*7y5Q<Wt)KIiW4;{Bt!v*qD{=n0
z^6fm`BL9xKvzr9}Gw__qX#Rii@dLs?CQK7}Sl1Bi5v_CAeVIXLRKo$G+von3`JB!X
zUAN)vnXpf{e|BEE&@CFI$60d0V3Q#S=lL~;OKz;%#Hz?q6FccnW5cQwDi1bJSpW3M
zliorV>Eh{ZAzRn)l|B$Xbxp<^*Y#JKr|G_&DfuY=@PP%wYvwv$=6!u{WuZby`|^pp
eXN8J=t}aSS-+1Tr#{X#s5^k$fAKaQBun7QR(()bv

literal 0
HcmV?d00001