From b997b7393b40f300ea1064cc84d304aeb8ae9911 Mon Sep 17 00:00:00 2001
From: Kael <kaelwd@gmail.com>
Date: Fri, 11 Oct 2024 02:44:52 +1100
Subject: [PATCH 01/54] feat: allow disabling default redirect, set status to
 503

---
 app/Listeners/ProxyStartedNotification.php    |   2 +-
 app/Livewire/Server/Proxy.php                 |  16 +-
 app/Models/Server.php                         | 139 +++++++++---------
 .../views/livewire/server/proxy.blade.php     |   9 +-
 .../proxy/dynamic-configurations.blade.php    |   2 +-
 5 files changed, 91 insertions(+), 77 deletions(-)

diff --git a/app/Listeners/ProxyStartedNotification.php b/app/Listeners/ProxyStartedNotification.php
index d0541b162..9045b1e5c 100644
--- a/app/Listeners/ProxyStartedNotification.php
+++ b/app/Listeners/ProxyStartedNotification.php
@@ -14,7 +14,7 @@ class ProxyStartedNotification
     public function handle(ProxyStarted $event): void
     {
         $this->server = data_get($event, 'data');
-        $this->server->setupDefault404Redirect();
+        $this->server->setupDefaultRedirect();
         $this->server->setupDynamicProxyConfiguration();
         $this->server->proxy->force_stop = false;
         $this->server->save();
diff --git a/app/Livewire/Server/Proxy.php b/app/Livewire/Server/Proxy.php
index 55d0c4966..fbdba53c1 100644
--- a/app/Livewire/Server/Proxy.php
+++ b/app/Livewire/Server/Proxy.php
@@ -16,6 +16,7 @@ class Proxy extends Component
 
     public $proxy_settings = null;
 
+    public bool $redirect_enabled = true;
     public ?string $redirect_url = null;
 
     protected $listeners = ['proxyStatusUpdated', 'saveConfiguration' => 'submit'];
@@ -27,6 +28,7 @@ class Proxy extends Component
     public function mount()
     {
         $this->selectedProxy = $this->server->proxyType();
+        $this->redirect_enabled = data_get($this->server, 'proxy.redirect_enabled', true);
         $this->redirect_url = data_get($this->server, 'proxy.redirect_url');
     }
 
@@ -65,13 +67,25 @@ class Proxy extends Component
         }
     }
 
+    public function instantSaveRedirect()
+    {
+        try {
+            $this->server->proxy->redirect_enabled = $this->redirect_enabled;
+            $this->server->save();
+            $this->server->setupDefaultRedirect();
+            $this->dispatch('success', 'Proxy configuration saved.');
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
     public function submit()
     {
         try {
             SaveConfiguration::run($this->server, $this->proxy_settings);
             $this->server->proxy->redirect_url = $this->redirect_url;
             $this->server->save();
-            $this->server->setupDefault404Redirect();
+            $this->server->setupDefaultRedirect();
             $this->dispatch('success', 'Proxy configuration saved.');
         } catch (\Throwable $e) {
             return handleError($e, $this);
diff --git a/app/Models/Server.php b/app/Models/Server.php
index 8864deef1..0a92caa60 100644
--- a/app/Models/Server.php
+++ b/app/Models/Server.php
@@ -94,6 +94,14 @@ class Server extends BaseModel
                     ]);
                 }
             }
+            if (!isset($server->proxy->redirect_enabled)) {
+                $server->proxy->redirect_enabled = true;
+            }
+        });
+        static::retrieved(function ($server) {
+            if (!isset($server->proxy->redirect_enabled)) {
+                $server->proxy->redirect_enabled = true;
+            }
         });
         static::deleting(function ($server) {
             $server->destinations()->each(function ($destination) {
@@ -164,70 +172,72 @@ class Server extends BaseModel
         return $this->proxyType() && $this->proxyType() !== 'NONE' && $this->isFunctional() && ! $this->isSwarmWorker() && ! $this->settings->is_build_server;
     }
 
-    public function setupDefault404Redirect()
+    public function setupDefaultRedirect()
     {
+        $banner =
+            "# This file is generated by Coolify, do not edit it manually.\n" .
+            "# Disable the default redirect to customize (only if you know what are you doing).\n\n";
         $dynamic_conf_path = $this->proxyPath().'/dynamic';
         $proxy_type = $this->proxyType();
+        $redirect_enabled = $this->proxy->redirect_enabled ?? true;
         $redirect_url = $this->proxy->redirect_url;
+
         if ($proxy_type === ProxyTypes::TRAEFIK->value) {
-            $default_redirect_file = "$dynamic_conf_path/default_redirect_404.yaml";
+            $default_redirect_file = "$dynamic_conf_path/default_redirect_503.yaml";
         } elseif ($proxy_type === ProxyTypes::CADDY->value) {
-            $default_redirect_file = "$dynamic_conf_path/default_redirect_404.caddy";
+            $default_redirect_file = "$dynamic_conf_path/default_redirect_503.caddy";
         }
-        if (empty($redirect_url)) {
+
+        instant_remote_process([
+            "mkdir -p $dynamic_conf_path",
+            "rm -f $dynamic_conf_path/default_redirect_404.yaml",
+            "rm -f $dynamic_conf_path/default_redirect_404.caddy",
+        ], $this);
+
+        if (!$redirect_enabled) {
+            instant_remote_process(["rm -f $default_redirect_file"], $this);
+        } else {
             if ($proxy_type === ProxyTypes::CADDY->value) {
-                $conf = ':80, :443 {
-respond 404
+                if (empty($redirect_url)) {
+                    $conf = ':80, :443 {
+    respond 503
 }';
-                $conf =
-                    "# This file is automatically generated by Coolify.\n".
-                    "# Do not edit it manually (only if you know what are you doing).\n\n".
-                    $conf;
-                $base64 = base64_encode($conf);
-                instant_remote_process([
-                    "mkdir -p $dynamic_conf_path",
-                    "echo '$base64' | base64 -d | tee $default_redirect_file > /dev/null",
-                ], $this);
-                $this->reloadCaddy();
-
-                return;
-            }
-            instant_remote_process([
-                "mkdir -p $dynamic_conf_path",
-                "rm -f $default_redirect_file",
-            ], $this);
-
-            return;
-        }
-        if ($proxy_type === ProxyTypes::TRAEFIK->value) {
-            $dynamic_conf = [
-                'http' => [
-                    'routers' => [
-                        'catchall' => [
-                            'entryPoints' => [
-                                0 => 'http',
-                                1 => 'https',
-                            ],
-                            'service' => 'noop',
-                            'rule' => 'HostRegexp(`{catchall:.*}`)',
-                            'priority' => 1,
-                            'middlewares' => [
-                                0 => 'redirect-regexp@file',
+                } else {
+                    $conf = ":80, :443 {
+    redir $redirect_url
+}";
+                }
+            } elseif ($proxy_type === ProxyTypes::TRAEFIK->value) {
+                $dynamic_conf = [
+                    'http' => [
+                        'routers' => [
+                            'catchall' => [
+                                'entryPoints' => [
+                                    0 => 'http',
+                                    1 => 'https',
+                                ],
+                                'service' => 'noop',
+                                'rule' => 'HostRegexp(`{catchall:.*}`)',
+                                'priority' => 1,
                             ],
                         ],
-                    ],
-                    'services' => [
-                        'noop' => [
-                            'loadBalancer' => [
-                                'servers' => [
-                                    0 => [
-                                        'url' => '',
-                                    ],
+                        'services' => [
+                            'noop' => [
+                                'loadBalancer' => [
+                                    'servers' => [],
                                 ],
                             ],
                         ],
                     ],
-                    'middlewares' => [
+                ];
+                if (!empty($redirect_url)) {
+                    $dynamic_conf['http']['routers']['catchall']['middlewares'] = [
+                        0 => 'redirect-regexp@file',
+                    ];
+                    $dynamic_conf['http']['services']['noop']['loadBalancer']['servers'][0] = [
+                        'url' => '',
+                    ];
+                    $dynamic_conf['http']['middlewares'] = [
                         'redirect-regexp' => [
                             'redirectRegex' => [
                                 'regex' => '(.*)',
@@ -235,32 +245,17 @@ respond 404
                                 'permanent' => false,
                             ],
                         ],
-                    ],
-                ],
-            ];
-            $conf = Yaml::dump($dynamic_conf, 12, 2);
-            $conf =
-                "# This file is automatically generated by Coolify.\n".
-                "# Do not edit it manually (only if you know what are you doing).\n\n".
-                $conf;
-
-            $base64 = base64_encode($conf);
-        } elseif ($proxy_type === ProxyTypes::CADDY->value) {
-            $conf = ":80, :443 {
-    redir $redirect_url
-}";
-            $conf =
-                "# This file is automatically generated by Coolify.\n".
-                "# Do not edit it manually (only if you know what are you doing).\n\n".
-                $conf;
+                    ];
+                }
+                $conf = Yaml::dump($dynamic_conf, 12, 2);
+            }
+            $conf = $banner . $conf;
             $base64 = base64_encode($conf);
+            instant_remote_process([
+                "echo '$base64' | base64 -d | tee $default_redirect_file > /dev/null",
+            ], $this);
         }
 
-        instant_remote_process([
-            "mkdir -p $dynamic_conf_path",
-            "echo '$base64' | base64 -d | tee $default_redirect_file > /dev/null",
-        ], $this);
-
         if ($proxy_type === 'CADDY') {
             $this->reloadCaddy();
         }
diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index 25c3f7acd..5748a5876 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -28,6 +28,13 @@
                             id="server.settings.generate_exact_labels"
                             label="Generate labels only for {{ str($server->proxyType())->title() }}" instantSave />
                     </div>
+                    <h5>Default request handler</h5>
+                    <div class="pb-4 w-96">
+                        <x-forms.checkbox instantSave="instantSaveRedirect" id="redirect_enabled" label="Enabled" helper="Requests to unknown hosts or stopped services will recieve a 503 response." />
+                        @if ($redirect_enabled)
+                            <x-forms.input placeholder="https://app.coolify.io" id="redirect_url" label="Or redirect to (optional)" />
+                        @endif
+                    </div>
                     @if ($server->proxyType() === ProxyTypes::TRAEFIK->value)
                         <h4>Traefik</h4>
                     @elseif ($server->proxyType() === 'CADDY')
@@ -40,8 +47,6 @@
                             configurations.
                         </div>
                     @endif
-                    <x-forms.input placeholder="https://app.coolify.io" id="redirect_url" label="Default Redirect 404"
-                        helper="All urls that has no service available will be redirected to this domain." />
                     <div wire:loading wire:target="loadProxyConfiguration" class="pt-4">
                         <x-loading text="Loading proxy configuration..." />
                     </div>
diff --git a/resources/views/livewire/server/proxy/dynamic-configurations.blade.php b/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
index a8192cdb1..dd1fa59f0 100644
--- a/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
+++ b/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
@@ -29,7 +29,7 @@
                                 @if (str_replace('|', '.', $fileName) === 'coolify.yaml' ||
                                         str_replace('|', '.', $fileName) === 'Caddyfile' ||
                                         str_replace('|', '.', $fileName) === 'coolify.caddy' ||
-                                        str_replace('|', '.', $fileName) === 'default_redirect_404.caddy')
+                                        str_replace('|', '.', $fileName) === 'default_redirect_503.caddy')
                                     <div>
                                         <h3 class="dark:text-white">File: {{ str_replace('|', '.', $fileName) }}</h3>
                                     </div>

From 2f3503d8b8509ddc9904a2fc3ffc12c3cd98e7b4 Mon Sep 17 00:00:00 2001
From: Kael <kaelwd@gmail.com>
Date: Fri, 11 Oct 2024 03:24:46 +1100
Subject: [PATCH 02/54] fix: don't allow editing traefik config

---
 .../views/livewire/server/proxy/dynamic-configurations.blade.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/resources/views/livewire/server/proxy/dynamic-configurations.blade.php b/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
index dd1fa59f0..5499ea95b 100644
--- a/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
+++ b/resources/views/livewire/server/proxy/dynamic-configurations.blade.php
@@ -29,6 +29,7 @@
                                 @if (str_replace('|', '.', $fileName) === 'coolify.yaml' ||
                                         str_replace('|', '.', $fileName) === 'Caddyfile' ||
                                         str_replace('|', '.', $fileName) === 'coolify.caddy' ||
+                                        str_replace('|', '.', $fileName) === 'default_redirect_503.yaml' ||
                                         str_replace('|', '.', $fileName) === 'default_redirect_503.caddy')
                                     <div>
                                         <h3 class="dark:text-white">File: {{ str_replace('|', '.', $fileName) }}</h3>

From d4d63ff273ce776644bd8cd47afa2b9c643aae8e Mon Sep 17 00:00:00 2001
From: Kael <kaelwd@gmail.com>
Date: Wed, 30 Oct 2024 17:00:55 +1100
Subject: [PATCH 03/54] feat: add deploy-only token permission

---
 app/Livewire/Security/ApiTokens.php              | 16 ++++++++++++++--
 .../views/livewire/security/api-tokens.blade.php |  1 +
 routes/api.php                                   |  3 ++-
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/app/Livewire/Security/ApiTokens.php b/app/Livewire/Security/ApiTokens.php
index fe68a8ba5..9add0b0ca 100644
--- a/app/Livewire/Security/ApiTokens.php
+++ b/app/Livewire/Security/ApiTokens.php
@@ -12,10 +12,9 @@ class ApiTokens extends Component
     public $tokens = [];
 
     public bool $viewSensitiveData = false;
-
     public bool $readOnly = true;
-
     public bool $rootAccess = false;
+    public bool $triggerDeploy = false;
 
     public array $permissions = ['read-only'];
 
@@ -62,12 +61,25 @@ class ApiTokens extends Component
             $this->permissions = ['*'];
             $this->readOnly = false;
             $this->viewSensitiveData = false;
+            $this->triggerDeploy = false;
         } else {
             $this->readOnly = true;
             $this->permissions = ['read-only'];
         }
     }
 
+    public function updatedTriggerDeploy()
+    {
+        if ($this->triggerDeploy) {
+            $this->permissions[] = 'trigger-deploy';
+            $this->permissions = array_diff($this->permissions, ['*']);
+            $this->rootAccess = false;
+        } else {
+            $this->permissions = array_diff($this->permissions, ['trigger-deploy']);
+        }
+        $this->makeSureOneIsSelected();
+    }
+
     public function makeSureOneIsSelected()
     {
         if (count($this->permissions) == 0) {
diff --git a/resources/views/livewire/security/api-tokens.blade.php b/resources/views/livewire/security/api-tokens.blade.php
index 1bcd64710..a360d4a3b 100644
--- a/resources/views/livewire/security/api-tokens.blade.php
+++ b/resources/views/livewire/security/api-tokens.blade.php
@@ -39,6 +39,7 @@
             <x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
             <x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
             <x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
+            <x-forms.checkbox label="Trigger Deploy Webhooks" wire:model.live="triggerDeploy"></x-forms.checkbox>
         </div>
     </form>
     @if (session()->has('token'))
diff --git a/routes/api.php b/routes/api.php
index b63fde871..05fe4f5e8 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -54,7 +54,8 @@ Route::group([
     Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]);
     Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]);
 
-    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])
+        ->middleware([IgnoreReadOnlyApiToken::class, 'auth:sanctum', 'ability:trigger-deploy']);
     Route::get('/deployments', [DeployController::class, 'deployments']);
     Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']);
 

From 652023566707ac65942c5b8f3181f2ac354e7584 Mon Sep 17 00:00:00 2001
From: Kael <kaelwd@gmail.com>
Date: Wed, 30 Oct 2024 19:06:50 +1100
Subject: [PATCH 04/54] middleware should allow, not deny

---
 .../Api/ApplicationsController.php            |   2 +-
 .../Controllers/Api/DatabasesController.php   |   2 +-
 app/Http/Controllers/Api/DeployController.php |   2 +-
 .../Controllers/Api/SecurityController.php    |   2 +-
 .../Controllers/Api/ServersController.php     |   4 +-
 .../Controllers/Api/ServicesController.php    |   2 +-
 app/Http/Controllers/Api/TeamController.php   |   2 +-
 .../Middleware/IgnoreReadOnlyApiToken.php     |  28 ----
 app/Http/Middleware/OnlyRootApiToken.php      |  25 ---
 app/Livewire/Security/ApiTokens.php           |  66 +-------
 app/View/Components/Forms/Checkbox.php        |   1 +
 ..._10_30_074601_rename_token_permissions.php |  44 +++++
 .../views/components/forms/checkbox.blade.php |   5 +-
 .../livewire/security/api-tokens.blade.php    |  17 +-
 routes/api.php                                | 158 +++++++++---------
 15 files changed, 149 insertions(+), 211 deletions(-)
 delete mode 100644 app/Http/Middleware/IgnoreReadOnlyApiToken.php
 delete mode 100644 app/Http/Middleware/OnlyRootApiToken.php
 create mode 100644 database/migrations/2024_10_30_074601_rename_token_permissions.php

diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php
index 46dd8120e..0a088d1c3 100644
--- a/app/Http/Controllers/Api/ApplicationsController.php
+++ b/app/Http/Controllers/Api/ApplicationsController.php
@@ -29,7 +29,7 @@ class ApplicationsController extends Controller
         $application->makeHidden([
             'id',
         ]);
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($application);
         }
         $application->makeHidden([
diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 65873f818..e30388ec8 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -24,7 +24,7 @@ class DatabasesController extends Controller
             'id',
             'laravel_through_key',
         ]);
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($database);
         }
 
diff --git a/app/Http/Controllers/Api/DeployController.php b/app/Http/Controllers/Api/DeployController.php
index 666dc55a5..1d162c7ee 100644
--- a/app/Http/Controllers/Api/DeployController.php
+++ b/app/Http/Controllers/Api/DeployController.php
@@ -17,7 +17,7 @@ class DeployController extends Controller
     private function removeSensitiveData($deployment)
     {
         $token = auth()->user()->currentAccessToken();
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($deployment);
         }
 
diff --git a/app/Http/Controllers/Api/SecurityController.php b/app/Http/Controllers/Api/SecurityController.php
index bb474aed3..aa636983f 100644
--- a/app/Http/Controllers/Api/SecurityController.php
+++ b/app/Http/Controllers/Api/SecurityController.php
@@ -12,7 +12,7 @@ class SecurityController extends Controller
     private function removeSensitiveData($team)
     {
         $token = auth()->user()->currentAccessToken();
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($team);
         }
         $team->makeHidden([
diff --git a/app/Http/Controllers/Api/ServersController.php b/app/Http/Controllers/Api/ServersController.php
index af4e008ef..34498bbb6 100644
--- a/app/Http/Controllers/Api/ServersController.php
+++ b/app/Http/Controllers/Api/ServersController.php
@@ -20,7 +20,7 @@ class ServersController extends Controller
     private function removeSensitiveDataFromSettings($settings)
     {
         $token = auth()->user()->currentAccessToken();
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($settings);
         }
         $settings = $settings->makeHidden([
@@ -36,7 +36,7 @@ class ServersController extends Controller
         $server->makeHidden([
             'id',
         ]);
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($server);
         }
 
diff --git a/app/Http/Controllers/Api/ServicesController.php b/app/Http/Controllers/Api/ServicesController.php
index 89418517b..8ba2a938c 100644
--- a/app/Http/Controllers/Api/ServicesController.php
+++ b/app/Http/Controllers/Api/ServicesController.php
@@ -22,7 +22,7 @@ class ServicesController extends Controller
         $service->makeHidden([
             'id',
         ]);
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($service);
         }
 
diff --git a/app/Http/Controllers/Api/TeamController.php b/app/Http/Controllers/Api/TeamController.php
index 3f951c6f7..239c950c0 100644
--- a/app/Http/Controllers/Api/TeamController.php
+++ b/app/Http/Controllers/Api/TeamController.php
@@ -15,7 +15,7 @@ class TeamController extends Controller
             'custom_server_limit',
             'pivot',
         ]);
-        if ($token->can('view:sensitive')) {
+        if ($token->can('read:sensitive')) {
             return serializeApiResponse($team);
         }
         $team->makeHidden([
diff --git a/app/Http/Middleware/IgnoreReadOnlyApiToken.php b/app/Http/Middleware/IgnoreReadOnlyApiToken.php
deleted file mode 100644
index bd6cd1f8a..000000000
--- a/app/Http/Middleware/IgnoreReadOnlyApiToken.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-use Illuminate\Http\Request;
-use Symfony\Component\HttpFoundation\Response;
-
-class IgnoreReadOnlyApiToken
-{
-    /**
-     * Handle an incoming request.
-     *
-     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
-     */
-    public function handle(Request $request, Closure $next): Response
-    {
-        $token = auth()->user()->currentAccessToken();
-        if ($token->can('*')) {
-            return $next($request);
-        }
-        if ($token->can('read-only')) {
-            return response()->json(['message' => 'You are not allowed to perform this action.'], 403);
-        }
-
-        return $next($request);
-    }
-}
diff --git a/app/Http/Middleware/OnlyRootApiToken.php b/app/Http/Middleware/OnlyRootApiToken.php
deleted file mode 100644
index 8ff1fa0e5..000000000
--- a/app/Http/Middleware/OnlyRootApiToken.php
+++ /dev/null
@@ -1,25 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-use Illuminate\Http\Request;
-use Symfony\Component\HttpFoundation\Response;
-
-class OnlyRootApiToken
-{
-    /**
-     * Handle an incoming request.
-     *
-     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
-     */
-    public function handle(Request $request, Closure $next): Response
-    {
-        $token = auth()->user()->currentAccessToken();
-        if ($token->can('*')) {
-            return $next($request);
-        }
-
-        return response()->json(['message' => 'You are not allowed to perform this action.'], 403);
-    }
-}
diff --git a/app/Livewire/Security/ApiTokens.php b/app/Livewire/Security/ApiTokens.php
index 9add0b0ca..6e58df0f0 100644
--- a/app/Livewire/Security/ApiTokens.php
+++ b/app/Livewire/Security/ApiTokens.php
@@ -11,12 +11,7 @@ class ApiTokens extends Component
 
     public $tokens = [];
 
-    public bool $viewSensitiveData = false;
-    public bool $readOnly = true;
-    public bool $rootAccess = false;
-    public bool $triggerDeploy = false;
-
-    public array $permissions = ['read-only'];
+    public array $permissions = ['read'];
 
     public $isApiEnabled;
 
@@ -31,60 +26,13 @@ class ApiTokens extends Component
         $this->tokens = auth()->user()->tokens->sortByDesc('created_at');
     }
 
-    public function updatedViewSensitiveData()
-    {
-        if ($this->viewSensitiveData) {
-            $this->permissions[] = 'view:sensitive';
-            $this->permissions = array_diff($this->permissions, ['*']);
-            $this->rootAccess = false;
-        } else {
-            $this->permissions = array_diff($this->permissions, ['view:sensitive']);
-        }
-        $this->makeSureOneIsSelected();
-    }
-
-    public function updatedReadOnly()
-    {
-        if ($this->readOnly) {
-            $this->permissions[] = 'read-only';
-            $this->permissions = array_diff($this->permissions, ['*']);
-            $this->rootAccess = false;
-        } else {
-            $this->permissions = array_diff($this->permissions, ['read-only']);
-        }
-        $this->makeSureOneIsSelected();
-    }
-
-    public function updatedRootAccess()
-    {
-        if ($this->rootAccess) {
-            $this->permissions = ['*'];
-            $this->readOnly = false;
-            $this->viewSensitiveData = false;
-            $this->triggerDeploy = false;
-        } else {
-            $this->readOnly = true;
-            $this->permissions = ['read-only'];
-        }
-    }
-
-    public function updatedTriggerDeploy()
-    {
-        if ($this->triggerDeploy) {
-            $this->permissions[] = 'trigger-deploy';
-            $this->permissions = array_diff($this->permissions, ['*']);
-            $this->rootAccess = false;
-        } else {
-            $this->permissions = array_diff($this->permissions, ['trigger-deploy']);
-        }
-        $this->makeSureOneIsSelected();
-    }
-
-    public function makeSureOneIsSelected()
+    public function updated()
     {
         if (count($this->permissions) == 0) {
-            $this->permissions = ['read-only'];
-            $this->readOnly = true;
+            $this->permissions = ['read'];
+        }
+        if (in_array('read:sensitive', $this->permissions) && !in_array('read', $this->permissions)) {
+            $this->permissions[] = 'read';
         }
     }
 
@@ -94,7 +42,7 @@ class ApiTokens extends Component
             $this->validate([
                 'description' => 'required|min:3|max:255',
             ]);
-            $token = auth()->user()->createToken($this->description, $this->permissions);
+            $token = auth()->user()->createToken($this->description, array_values($this->permissions));
             $this->tokens = auth()->user()->tokens;
             session()->flash('token', $token->plainTextToken);
         } catch (\Exception $e) {
diff --git a/app/View/Components/Forms/Checkbox.php b/app/View/Components/Forms/Checkbox.php
index 414dbf2ae..8abe96c1b 100644
--- a/app/View/Components/Forms/Checkbox.php
+++ b/app/View/Components/Forms/Checkbox.php
@@ -15,6 +15,7 @@ class Checkbox extends Component
         public ?string $id = null,
         public ?string $name = null,
         public ?string $value = null,
+        public ?string $domValue = null,
         public ?string $label = null,
         public ?string $helper = null,
         public string|bool $instantSave = false,
diff --git a/database/migrations/2024_10_30_074601_rename_token_permissions.php b/database/migrations/2024_10_30_074601_rename_token_permissions.php
new file mode 100644
index 000000000..d35d75481
--- /dev/null
+++ b/database/migrations/2024_10_30_074601_rename_token_permissions.php
@@ -0,0 +1,44 @@
+<?php
+
+use App\Models\PersonalAccessToken;
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        $tokens = PersonalAccessToken::all();
+        foreach ($tokens as $token) {
+            $abilities = collect();
+            if (in_array('*', $token->abilities)) $abilities->push('write', 'read', 'read:sensitive');
+            if (in_array('read-only', $token->abilities)) $abilities->push('read');
+            if (in_array('view:sensitive', $token->abilities)) $abilities->push('read', 'read:sensitive');
+            $token->abilities = $abilities->unique()->values()->all();
+            $token->save();
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        $tokens = PersonalAccessToken::all();
+        foreach ($tokens as $token) {
+            $abilities = collect();
+            if (in_array('write', $token->abilities)) {
+                $abilities->push('*');
+            } else {
+                if (in_array('read', $token->abilities)) $abilities->push('read-only');
+                if (in_array('read:sensitive', $token->abilities)) $abilities->push('view:sensitive');
+            }
+            $token->abilities = $abilities->unique()->values()->all();
+            $token->save();
+        }
+    }
+};
diff --git a/resources/views/components/forms/checkbox.blade.php b/resources/views/components/forms/checkbox.blade.php
index fed6ad77f..3f01a70c5 100644
--- a/resources/views/components/forms/checkbox.blade.php
+++ b/resources/views/components/forms/checkbox.blade.php
@@ -5,6 +5,7 @@
     'disabled' => false,
     'instantSave' => false,
     'value' => null,
+    'domValue' => null,
     'hideLabel' => false,
     'fullWidth' => false,
 ])
@@ -33,5 +34,7 @@
     <span class="flex-grow"></span>
     <input @disabled($disabled) type="checkbox" {{ $attributes->merge(['class' => $defaultClass]) }}
         @if ($instantSave) wire:loading.attr="disabled" wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
-       wire:model={{ $id }} @else wire:model={{ $value ?? $id }} @endif />
+       wire:model="{{ $id }}" @else wire:model="{{ $value ?? $id }}" @endif
+       @if ($domValue) value="{{ $domValue }}" @endif
+    />
 </div>
diff --git a/resources/views/livewire/security/api-tokens.blade.php b/resources/views/livewire/security/api-tokens.blade.php
index a360d4a3b..3ff52417f 100644
--- a/resources/views/livewire/security/api-tokens.blade.php
+++ b/resources/views/livewire/security/api-tokens.blade.php
@@ -25,21 +25,20 @@
             <div class="flex gap-1 font-bold dark:text-white">
                 @if ($permissions)
                     @foreach ($permissions as $permission)
-                        @if ($permission === '*')
-                            <div>Root access, be careful!</div>
-                        @else
-                            <div>{{ $permission }}</div>
-                        @endif
+                        <div>{{ $permission }}</div>
                     @endforeach
                 @endif
             </div>
         </div>
+        @if (in_array('write', $permissions))
+            <div class="font-bold text-warning">Root access, be careful!</div>
+        @endif
         <h4>Token Permissions</h4>
         <div class="w-64">
-            <x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
-            <x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
-            <x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
-            <x-forms.checkbox label="Trigger Deploy Webhooks" wire:model.live="triggerDeploy"></x-forms.checkbox>
+            <x-forms.checkbox label="read" wire:model.live="permissions" domValue="read" :checked="in_array('read', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive" helper="Responses will include secrets, logs, passwords, and compose file contents" :checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="write" wire:model.live="permissions" domValue="write" helper="Root access, be careful!" :checked="in_array('write', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy" helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
         </div>
     </form>
     @if (session()->has('token'))
diff --git a/routes/api.php b/routes/api.php
index 05fe4f5e8..230290d57 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -11,8 +11,6 @@ use App\Http\Controllers\Api\ServersController;
 use App\Http\Controllers\Api\ServicesController;
 use App\Http\Controllers\Api\TeamController;
 use App\Http\Middleware\ApiAllowed;
-use App\Http\Middleware\IgnoreReadOnlyApiToken;
-use App\Http\Middleware\OnlyRootApiToken;
 use App\Jobs\PushServerUpdateJob;
 use App\Models\Server;
 use Illuminate\Support\Facades\Route;
@@ -21,7 +19,7 @@ Route::get('/health', [OtherController::class, 'healthcheck']);
 Route::post('/feedback', [OtherController::class, 'feedback']);
 
 Route::group([
-    'middleware' => ['auth:sanctum', OnlyRootApiToken::class],
+    'middleware' => ['auth:sanctum', 'ability:write'],
     'prefix' => 'v1',
 ], function () {
     Route::get('/enable', [OtherController::class, 'enable_api']);
@@ -31,105 +29,103 @@ Route::group([
     'middleware' => ['auth:sanctum', ApiAllowed::class],
     'prefix' => 'v1',
 ], function () {
-    Route::get('/version', [OtherController::class, 'version']);
+    Route::get('/version', [OtherController::class, 'version'])->middleware(['ability:read']);
 
-    Route::get('/teams', [TeamController::class, 'teams']);
-    Route::get('/teams/current', [TeamController::class, 'current_team']);
-    Route::get('/teams/current/members', [TeamController::class, 'current_team_members']);
-    Route::get('/teams/{id}', [TeamController::class, 'team_by_id']);
-    Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id']);
+    Route::get('/teams', [TeamController::class, 'teams'])->middleware(['ability:read']);
+    Route::get('/teams/current', [TeamController::class, 'current_team'])->middleware(['ability:read']);
+    Route::get('/teams/current/members', [TeamController::class, 'current_team_members'])->middleware(['ability:read']);
+    Route::get('/teams/{id}', [TeamController::class, 'team_by_id'])->middleware(['ability:read']);
+    Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id'])->middleware(['ability:read']);
 
-    Route::get('/projects', [ProjectController::class, 'projects']);
-    Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid']);
-    Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details']);
+    Route::get('/projects', [ProjectController::class, 'projects'])->middleware(['ability:read']);
+    Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid'])->middleware(['ability:read']);
+    Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details'])->middleware(['ability:read']);
 
-    Route::post('/projects', [ProjectController::class, 'create_project']);
-    Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project']);
-    Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project']);
+    Route::post('/projects', [ProjectController::class, 'create_project'])->middleware(['ability:read']);
+    Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project'])->middleware(['ability:write']);
+    Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project'])->middleware(['ability:write']);
 
-    Route::get('/security/keys', [SecurityController::class, 'keys']);
-    Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/security/keys', [SecurityController::class, 'keys'])->middleware(['ability:read']);
+    Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware(['ability:write']);
 
-    Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid']);
-    Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid'])->middleware(['ability:read']);
+    Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware(['ability:write']);
+    Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware(['ability:write']);
 
-    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])
-        ->middleware([IgnoreReadOnlyApiToken::class, 'auth:sanctum', 'ability:trigger-deploy']);
-    Route::get('/deployments', [DeployController::class, 'deployments']);
-    Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']);
+    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware(['ability:write,deploy']);
+    Route::get('/deployments', [DeployController::class, 'deployments'])->middleware(['ability:read']);
+    Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid'])->middleware(['ability:read']);
 
-    Route::get('/servers', [ServersController::class, 'servers']);
-    Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid']);
-    Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server']);
-    Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server']);
+    Route::get('/servers', [ServersController::class, 'servers'])->middleware(['ability:read']);
+    Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid'])->middleware(['ability:read']);
+    Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server'])->middleware(['ability:read']);
+    Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server'])->middleware(['ability:read']);
 
-    Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server']);
+    Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server'])->middleware(['ability:read']);
 
-    Route::post('/servers', [ServersController::class, 'create_server']);
-    Route::patch('/servers/{uuid}', [ServersController::class, 'update_server']);
-    Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server']);
+    Route::post('/servers', [ServersController::class, 'create_server'])->middleware(['ability:read']);
+    Route::patch('/servers/{uuid}', [ServersController::class, 'update_server'])->middleware(['ability:write']);
+    Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server'])->middleware(['ability:write']);
 
-    Route::get('/resources', [ResourcesController::class, 'resources']);
+    Route::get('/resources', [ResourcesController::class, 'resources'])->middleware(['ability:read']);
 
-    Route::get('/applications', [ApplicationsController::class, 'applications']);
-    Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/applications', [ApplicationsController::class, 'applications'])->middleware(['ability:read']);
+    Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware(['ability:write']);
+    Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware(['ability:write']);
+    Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware(['ability:write']);
+    Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware(['ability:write']);
+    Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware(['ability:write']);
+    Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware(['ability:write']);
 
-    Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid']);
-    Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid'])->middleware(['ability:read']);
+    Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware(['ability:write']);
 
-    Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs']);
-    Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    // Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware([OnlyRootApiToken::class]);
+    Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs'])->middleware(['ability:read']);
+    Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware(['ability:write']);
+    Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware(['ability:write']);
+    Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware(['ability:write']);
+    // Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware(['ability:write']);
 
-    Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['ability:write']);
 
-    Route::get('/databases', [DatabasesController::class, 'databases']);
-    Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['ability:read']);
+    Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['ability:write']);
+    Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['ability:write']);
+    Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware(['ability:write']);
+    Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware(['ability:write']);
+    Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware(['ability:write']);
+    Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware(['ability:write']);
+    Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware(['ability:write']);
+    Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['ability:write']);
 
-    Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid']);
-    Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['ability:read']);
+    Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['ability:write']);
 
-    Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware(['ability:write']);
 
-    Route::get('/services', [ServicesController::class, 'services']);
-    Route::post('/services', [ServicesController::class, 'create_service'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/services', [ServicesController::class, 'services'])->middleware(['ability:read']);
+    Route::post('/services', [ServicesController::class, 'create_service'])->middleware(['ability:write']);
 
-    Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid']);
-    // Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid'])->middleware(['ability:read']);
+    // Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware(['ability:write']);
 
-    Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs']);
-    Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
-
-    Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
-    Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
+    Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs'])->middleware(['ability:read']);
+    Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware(['ability:write']);
+    Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware(['ability:write']);
+    Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware(['ability:write']);
 
+    Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware(['ability:write']);
 });
 
 Route::group([

From eb0686fe2035ce4624e04037c66620f6cb348376 Mon Sep 17 00:00:00 2001
From: Marvin von Rappard <marvin@von-rappard.ch>
Date: Tue, 12 Nov 2024 22:37:55 +0100
Subject: [PATCH 05/54] feat: slack notifications

---
 app/Jobs/SendMessageToSlackJob.php            |  58 ++++
 app/Livewire/Notifications/Slack.php          | 130 +++++++++
 app/Models/Team.php                           |  10 +-
 .../Application/DeploymentFailed.php          |  46 ++-
 .../Application/DeploymentSuccess.php         |  46 ++-
 .../Application/StatusChanged.php             |  24 +-
 app/Notifications/Channels/SendsSlack.php     |   8 +
 app/Notifications/Channels/SlackChannel.php   |  22 ++
 .../Container/ContainerRestarted.php          |  24 +-
 .../Container/ContainerStopped.php            |  24 +-
 app/Notifications/Database/BackupFailed.php   |  17 +-
 app/Notifications/Database/BackupSuccess.php  |  16 +-
 app/Notifications/Dto/SlackMessage.php        |  28 ++
 .../Internal/GeneralNotification.php          |  19 +-
 .../ScheduledTask/TaskFailed.php              |  24 +-
 app/Notifications/Server/DockerCleanup.php    |  19 +-
 app/Notifications/Server/ForceDisabled.php    |  26 +-
 app/Notifications/Server/ForceEnabled.php     |  22 +-
 app/Notifications/Server/HighDiskUsage.php    |  25 +-
 app/Notifications/Server/Reachable.php        |  21 +-
 app/Notifications/Server/Unreachable.php      |  22 +-
 app/Notifications/Test.php                    |  15 +-
 bootstrap/helpers/shared.php                  | 270 +++++++++---------
 ...add_slack_notifications_to_teams_table.php |  37 +++
 .../components/notification/navbar.blade.php  |   6 +-
 .../livewire/notifications/slack.blade.php    |  43 +++
 routes/web.php                                |   1 +
 27 files changed, 822 insertions(+), 181 deletions(-)
 create mode 100644 app/Jobs/SendMessageToSlackJob.php
 create mode 100644 app/Livewire/Notifications/Slack.php
 create mode 100644 app/Notifications/Channels/SendsSlack.php
 create mode 100644 app/Notifications/Channels/SlackChannel.php
 create mode 100644 app/Notifications/Dto/SlackMessage.php
 create mode 100644 database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
 create mode 100644 resources/views/livewire/notifications/slack.blade.php

diff --git a/app/Jobs/SendMessageToSlackJob.php b/app/Jobs/SendMessageToSlackJob.php
new file mode 100644
index 000000000..b78088f50
--- /dev/null
+++ b/app/Jobs/SendMessageToSlackJob.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Notifications\Dto\SlackMessage;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\Http;
+
+class SendMessageToSlackJob implements ShouldQueue
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    public function __construct(
+        private SlackMessage $message,
+        private string $webhookUrl
+    ) {
+    }
+
+    public function handle(): void
+    {
+        Http::post($this->webhookUrl, [
+            'blocks' => [
+                [
+                    'type' => 'section',
+                    'text' => [
+                        'type' => 'plain_text',
+                        'text' => "Coolify Notification",
+                    ],
+                ],
+            ],
+            'attachments' => [
+                [
+                    'color' => $this->message->color,
+                    'blocks' => [
+                        [
+                            'type' => 'header',
+                            'text' => [
+                                'type' => 'plain_text',
+                                'text' => $this->message->title,
+                            ],
+                        ],
+                        [
+                            'type' => 'section',
+                            'text' => [
+                                'type' => 'mrkdwn',
+                                'text' => $this->message->description
+                            ]
+                        ]
+                    ]
+                ]
+            ]
+        ]);
+    }
+}
\ No newline at end of file
diff --git a/app/Livewire/Notifications/Slack.php b/app/Livewire/Notifications/Slack.php
new file mode 100644
index 000000000..edd32a071
--- /dev/null
+++ b/app/Livewire/Notifications/Slack.php
@@ -0,0 +1,130 @@
+<?php
+
+namespace App\Livewire\Notifications;
+
+use App\Models\Team;
+use App\Notifications\Test;
+use Livewire\Attributes\Validate;
+use Livewire\Component;
+
+class Slack extends Component
+{
+    public Team $team;
+
+    #[Validate(['boolean'])]
+    public bool $slackEnabled = false;
+
+    #[Validate(['url', 'nullable'])]
+    public ?string $slackWebhookUrl = null;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsTest = false;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsDeployments = false;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsStatusChanges = false;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsDatabaseBackups = false;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsScheduledTasks = false;
+
+    #[Validate(['boolean'])]
+    public bool $slackNotificationsServerDiskUsage = false;
+
+    public function mount()
+    {
+        try {
+            $this->team = auth()->user()->currentTeam();
+            $this->syncData();
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
+    public function syncData(bool $toModel = false)
+    {
+        if ($toModel) {
+            $this->validate();
+            $this->team->slack_enabled = $this->slackEnabled;
+            $this->team->slack_webhook_url = $this->slackWebhookUrl;
+            $this->team->slack_notifications_test = $this->slackNotificationsTest;
+            $this->team->slack_notifications_deployments = $this->slackNotificationsDeployments;
+            $this->team->slack_notifications_status_changes = $this->slackNotificationsStatusChanges;
+            $this->team->slack_notifications_database_backups = $this->slackNotificationsDatabaseBackups;
+            $this->team->slack_notifications_scheduled_tasks = $this->slackNotificationsScheduledTasks;
+            $this->team->slack_notifications_server_disk_usage = $this->slackNotificationsServerDiskUsage;
+            $this->team->save();
+            refreshSession();
+        } else {
+            $this->slackEnabled = $this->team->slack_enabled;
+            $this->slackWebhookUrl = $this->team->slack_webhook_url;
+            $this->slackNotificationsTest = $this->team->slack_notifications_test;
+            $this->slackNotificationsDeployments = $this->team->slack_notifications_deployments;
+            $this->slackNotificationsStatusChanges = $this->team->slack_notifications_status_changes;
+            $this->slackNotificationsDatabaseBackups = $this->team->slack_notifications_database_backups;
+            $this->slackNotificationsScheduledTasks = $this->team->slack_notifications_scheduled_tasks;
+            $this->slackNotificationsServerDiskUsage = $this->team->slack_notifications_server_disk_usage;
+        }
+    }
+
+    public function instantSaveSlackEnabled()
+    {
+        try {
+            $this->validate([
+                'slackWebhookUrl' => 'required',
+            ], [
+                'slackWebhookUrl.required' => 'Slack Webhook URL is required.',
+            ]);
+            $this->saveModel();
+        } catch (\Throwable $e) {
+            $this->slackEnabled = false;
+            return handleError($e, $this);
+        }
+    }
+
+    public function instantSave()
+    {
+        try {
+            $this->syncData(true);
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
+    public function submit()
+    {
+        try {
+            $this->resetErrorBag();
+            $this->syncData(true);
+            $this->saveModel();
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
+    public function saveModel()
+    {
+        $this->syncData(true);
+        refreshSession();
+        $this->dispatch('success', 'Settings saved.');
+    }
+
+    public function sendTestNotification()
+    {
+        try {
+            $this->team->notify(new Test);
+            $this->dispatch('success', 'Test notification sent.');
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
+    }
+
+    public function render()
+    {
+        return view('livewire.notifications.slack');
+    }
+}
\ No newline at end of file
diff --git a/app/Models/Team.php b/app/Models/Team.php
index db485054b..2035abdee 100644
--- a/app/Models/Team.php
+++ b/app/Models/Team.php
@@ -4,6 +4,7 @@ namespace App\Models;
 
 use App\Notifications\Channels\SendsDiscord;
 use App\Notifications\Channels\SendsEmail;
+use App\Notifications\Channels\SendsSlack;
 use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Notifications\Notifiable;
@@ -70,7 +71,7 @@ use OpenApi\Attributes as OA;
         ),
     ]
 )]
-class Team extends Model implements SendsDiscord, SendsEmail
+class Team extends Model implements SendsDiscord, SendsEmail, SendsSlack
 {
     use Notifiable;
 
@@ -127,6 +128,11 @@ class Team extends Model implements SendsDiscord, SendsEmail
         ];
     }
 
+    public function routeNotificationForSlack()
+    {
+        return data_get($this, 'slack_webhook_url', null);
+    }
+
     public function getRecepients($notification)
     {
         $recipients = data_get($notification, 'emails', null);
@@ -161,7 +167,7 @@ class Team extends Model implements SendsDiscord, SendsEmail
             return 9999999;
         }
         $team = Team::find(currentTeam()->id);
-        if (! $team) {
+        if (!$team) {
             return 0;
         }
 
diff --git a/app/Notifications/Application/DeploymentFailed.php b/app/Notifications/Application/DeploymentFailed.php
index 242980e00..dc6b93aad 100644
--- a/app/Notifications/Application/DeploymentFailed.php
+++ b/app/Notifications/Application/DeploymentFailed.php
@@ -5,6 +5,7 @@ namespace App\Notifications\Application;
 use App\Models\Application;
 use App\Models\ApplicationPreview;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -44,7 +45,7 @@ class DeploymentFailed extends Notification implements ShouldQueue
         if (str($this->fqdn)->explode(',')->count() > 1) {
             $this->fqdn = str($this->fqdn)->explode(',')->first();
         }
-        $this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
+        $this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
     }
 
     public function via(object $notifiable): array
@@ -58,10 +59,10 @@ class DeploymentFailed extends Notification implements ShouldQueue
         $pull_request_id = data_get($this->preview, 'pull_request_id', 0);
         $fqdn = $this->fqdn;
         if ($pull_request_id === 0) {
-            $mail->subject('Coolify: Deployment failed of '.$this->application_name.'.');
+            $mail->subject('Coolify: Deployment failed of ' . $this->application_name . '.');
         } else {
             $fqdn = $this->preview->fqdn;
-            $mail->subject('Coolify: Deployment failed of pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.'.');
+            $mail->subject('Coolify: Deployment failed of pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . '.');
         }
         $mail->view('emails.application-deployment-failed', [
             'name' => $this->application_name,
@@ -78,7 +79,7 @@ class DeploymentFailed extends Notification implements ShouldQueue
         if ($this->preview) {
             $message = new DiscordMessage(
                 title: ':cross_mark: Deployment failed',
-                description: 'Pull request: '.$this->preview->pull_request_id,
+                description: 'Pull request: ' . $this->preview->pull_request_id,
                 color: DiscordMessage::errorColor(),
                 isCritical: true,
             );
@@ -87,13 +88,13 @@ class DeploymentFailed extends Notification implements ShouldQueue
             $message->addField('Environment', $this->environment_name, true);
             $message->addField('Name', $this->application_name, true);
 
-            $message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')');
+            $message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')');
             if ($this->fqdn) {
                 $message->addField('Domain', $this->fqdn, true);
             }
         } else {
             if ($this->fqdn) {
-                $description = '[Open application]('.$this->fqdn.')';
+                $description = '[Open application](' . $this->fqdn . ')';
             } else {
                 $description = '';
             }
@@ -108,7 +109,7 @@ class DeploymentFailed extends Notification implements ShouldQueue
             $message->addField('Environment', $this->environment_name, true);
             $message->addField('Name', $this->application_name, true);
 
-            $message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')');
+            $message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')');
         }
 
         return $message;
@@ -117,9 +118,9 @@ class DeploymentFailed extends Notification implements ShouldQueue
     public function toTelegram(): array
     {
         if ($this->preview) {
-            $message = 'Coolify: Pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.' ('.$this->preview->fqdn.') deployment failed: ';
+            $message = 'Coolify: Pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . ' (' . $this->preview->fqdn . ') deployment failed: ';
         } else {
-            $message = 'Coolify: Deployment failed of '.$this->application_name.' ('.$this->fqdn.'): ';
+            $message = 'Coolify: Deployment failed of ' . $this->application_name . ' (' . $this->fqdn . '): ';
         }
         $buttons[] = [
             'text' => 'Deployment logs',
@@ -133,4 +134,31 @@ class DeploymentFailed extends Notification implements ShouldQueue
             ],
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        if ($this->preview) {
+            $title = "Pull request #{$this->preview->pull_request_id} deployment failed";
+            $description = "Pull request deployment failed for {$this->application_name}";
+            if ($this->preview->fqdn) {
+                $description .= "\nPreview URL: {$this->preview->fqdn}";
+            }
+        } else {
+            $title = "Deployment failed";
+            $description = "Deployment failed for {$this->application_name}";
+            if ($this->fqdn) {
+                $description .= "\nApplication URL: {$this->fqdn}";
+            }
+        }
+
+        $description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name');
+        $description .= "\n**Environment:** {$this->environment_name}";
+        $description .= "\n**Deployment Logs:** {$this->deployment_url}";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Application/DeploymentSuccess.php b/app/Notifications/Application/DeploymentSuccess.php
index 946a622ca..e11d6db1c 100644
--- a/app/Notifications/Application/DeploymentSuccess.php
+++ b/app/Notifications/Application/DeploymentSuccess.php
@@ -9,7 +9,7 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class DeploymentSuccess extends Notification implements ShouldQueue
 {
     use Queueable;
@@ -44,7 +44,7 @@ class DeploymentSuccess extends Notification implements ShouldQueue
         if (str($this->fqdn)->explode(',')->count() > 1) {
             $this->fqdn = str($this->fqdn)->explode(',')->first();
         }
-        $this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
+        $this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
     }
 
     public function via(object $notifiable): array
@@ -84,21 +84,21 @@ class DeploymentSuccess extends Notification implements ShouldQueue
         if ($this->preview) {
             $message = new DiscordMessage(
                 title: ':white_check_mark: Preview deployment successful',
-                description: 'Pull request: '.$this->preview->pull_request_id,
+                description: 'Pull request: ' . $this->preview->pull_request_id,
                 color: DiscordMessage::successColor(),
             );
 
             if ($this->preview->fqdn) {
-                $message->addField('Application', '[Link]('.$this->preview->fqdn.')');
+                $message->addField('Application', '[Link](' . $this->preview->fqdn . ')');
             }
 
             $message->addField('Project', data_get($this->application, 'environment.project.name'), true);
             $message->addField('Environment', $this->environment_name, true);
             $message->addField('Name', $this->application_name, true);
-            $message->addField('Deployment logs', '[Link]('.$this->deployment_url.')');
+            $message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')');
         } else {
             if ($this->fqdn) {
-                $description = '[Open application]('.$this->fqdn.')';
+                $description = '[Open application](' . $this->fqdn . ')';
             } else {
                 $description = '';
             }
@@ -111,7 +111,7 @@ class DeploymentSuccess extends Notification implements ShouldQueue
             $message->addField('Environment', $this->environment_name, true);
             $message->addField('Name', $this->application_name, true);
 
-            $message->addField('Deployment logs', '[Link]('.$this->deployment_url.')');
+            $message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')');
         }
 
         return $message;
@@ -120,7 +120,7 @@ class DeploymentSuccess extends Notification implements ShouldQueue
     public function toTelegram(): array
     {
         if ($this->preview) {
-            $message = 'Coolify: New PR'.$this->preview->pull_request_id.' version successfully deployed of '.$this->application_name.'';
+            $message = 'Coolify: New PR' . $this->preview->pull_request_id . ' version successfully deployed of ' . $this->application_name . '';
             if ($this->preview->fqdn) {
                 $buttons[] = [
                     'text' => 'Open Application',
@@ -128,7 +128,7 @@ class DeploymentSuccess extends Notification implements ShouldQueue
                 ];
             }
         } else {
-            $message = '✅ New version successfully deployed of '.$this->application_name.'';
+            $message = '✅ New version successfully deployed of ' . $this->application_name . '';
             if ($this->fqdn) {
                 $buttons[] = [
                     'text' => 'Open Application',
@@ -148,4 +148,32 @@ class DeploymentSuccess extends Notification implements ShouldQueue
             ],
         ];
     }
+
+
+    public function toSlack(): SlackMessage
+    {
+        if ($this->preview) {
+            $title = "Pull request #{$this->preview->pull_request_id} successfully deployed";
+            $description = "New version successfully deployed for {$this->application_name}";
+            if ($this->preview->fqdn) {
+                $description .= "\nPreview URL: {$this->preview->fqdn}";
+            }
+        } else {
+            $title = "New version successfully deployed";
+            $description = "New version successfully deployed for {$this->application_name}";
+            if ($this->fqdn) {
+                $description .= "\nApplication URL: {$this->fqdn}";
+            }
+        }
+
+        $description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name');
+        $description .= "\n**Environment:** {$this->environment_name}";
+        $description .= "\n**Deployment Logs:** {$this->deployment_url}";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::successColor()
+        );
+    }
 }
diff --git a/app/Notifications/Application/StatusChanged.php b/app/Notifications/Application/StatusChanged.php
index 852c6b526..c7445cb70 100644
--- a/app/Notifications/Application/StatusChanged.php
+++ b/app/Notifications/Application/StatusChanged.php
@@ -8,7 +8,7 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class StatusChanged extends Notification implements ShouldQueue
 {
     use Queueable;
@@ -34,7 +34,7 @@ class StatusChanged extends Notification implements ShouldQueue
         if (str($this->fqdn)->explode(',')->count() > 1) {
             $this->fqdn = str($this->fqdn)->explode(',')->first();
         }
-        $this->resource_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->resource->uuid}";
+        $this->resource_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->resource->uuid}";
     }
 
     public function via(object $notifiable): array
@@ -60,7 +60,7 @@ class StatusChanged extends Notification implements ShouldQueue
     {
         return new DiscordMessage(
             title: ':cross_mark: Application stopped',
-            description: '[Open Application in Coolify]('.$this->resource_url.')',
+            description: '[Open Application in Coolify](' . $this->resource_url . ')',
             color: DiscordMessage::errorColor(),
             isCritical: true,
         );
@@ -68,7 +68,7 @@ class StatusChanged extends Notification implements ShouldQueue
 
     public function toTelegram(): array
     {
-        $message = 'Coolify: '.$this->resource_name.' has been stopped.';
+        $message = 'Coolify: ' . $this->resource_name . ' has been stopped.';
 
         return [
             'message' => $message,
@@ -80,4 +80,20 @@ class StatusChanged extends Notification implements ShouldQueue
             ],
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Application stopped";
+        $description = "{$this->resource_name} has been stopped";
+
+        $description .= "\n\n**Project:** " . data_get($this->resource, 'environment.project.name');
+        $description .= "\n**Environment:** {$this->environment_name}";
+        $description .= "\n**Application URL:** {$this->resource_url}";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Channels/SendsSlack.php b/app/Notifications/Channels/SendsSlack.php
new file mode 100644
index 000000000..417d4adda
--- /dev/null
+++ b/app/Notifications/Channels/SendsSlack.php
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Notifications\Channels;
+
+interface SendsSlack
+{
+    public function routeNotificationForSlack();
+}
\ No newline at end of file
diff --git a/app/Notifications/Channels/SlackChannel.php b/app/Notifications/Channels/SlackChannel.php
new file mode 100644
index 000000000..0d359ef5f
--- /dev/null
+++ b/app/Notifications/Channels/SlackChannel.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Notifications\Channels;
+
+use App\Jobs\SendMessageToSlackJob;
+use Illuminate\Notifications\Notification;
+
+class SlackChannel
+{
+    /**
+     * Send the given notification.
+     */
+    public function send(SendsSlack $notifiable, Notification $notification): void
+    {
+        $message = $notification->toSlack();
+        $webhookUrl = $notifiable->routeNotificationForSlack();
+        if (!$webhookUrl) {
+            return;
+        }
+        dispatch(new SendMessageToSlackJob($message, $webhookUrl))->onQueue('high');
+    }
+}
\ No newline at end of file
diff --git a/app/Notifications/Container/ContainerRestarted.php b/app/Notifications/Container/ContainerRestarted.php
index 182a1f5fc..40bd9b7ee 100644
--- a/app/Notifications/Container/ContainerRestarted.php
+++ b/app/Notifications/Container/ContainerRestarted.php
@@ -8,14 +8,16 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class ContainerRestarted extends Notification implements ShouldQueue
 {
     use Queueable;
 
     public $tries = 1;
 
-    public function __construct(public string $name, public Server $server, public ?string $url = null) {}
+    public function __construct(public string $name, public Server $server, public ?string $url = null)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -44,7 +46,7 @@ class ContainerRestarted extends Notification implements ShouldQueue
         );
 
         if ($this->url) {
-            $message->addField('Resource', '[Link]('.$this->url.')');
+            $message->addField('Resource', '[Link](' . $this->url . ')');
         }
 
         return $message;
@@ -69,4 +71,20 @@ class ContainerRestarted extends Notification implements ShouldQueue
 
         return $payload;
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Resource restarted";
+        $description = "A resource ({$this->name}) has been restarted automatically on {$this->server->name}";
+
+        if ($this->url) {
+            $description .= "\n**Resource URL:** {$this->url}";
+        }
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::warningColor()
+        );
+    }
 }
diff --git a/app/Notifications/Container/ContainerStopped.php b/app/Notifications/Container/ContainerStopped.php
index 33a55c65a..9b3824624 100644
--- a/app/Notifications/Container/ContainerStopped.php
+++ b/app/Notifications/Container/ContainerStopped.php
@@ -8,14 +8,16 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class ContainerStopped extends Notification implements ShouldQueue
 {
     use Queueable;
 
     public $tries = 1;
 
-    public function __construct(public string $name, public Server $server, public ?string $url = null) {}
+    public function __construct(public string $name, public Server $server, public ?string $url = null)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -44,7 +46,7 @@ class ContainerStopped extends Notification implements ShouldQueue
         );
 
         if ($this->url) {
-            $message->addField('Resource', '[Link]('.$this->url.')');
+            $message->addField('Resource', '[Link](' . $this->url . ')');
         }
 
         return $message;
@@ -69,4 +71,20 @@ class ContainerStopped extends Notification implements ShouldQueue
 
         return $payload;
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Resource stopped";
+        $description = "A resource ({$this->name}) has been stopped unexpectedly on {$this->server->name}";
+
+        if ($this->url) {
+            $description .= "\n**Resource URL:** {$this->url}";
+        }
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Database/BackupFailed.php b/app/Notifications/Database/BackupFailed.php
index 8e2733339..137a6d730 100644
--- a/app/Notifications/Database/BackupFailed.php
+++ b/app/Notifications/Database/BackupFailed.php
@@ -8,7 +8,7 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class BackupFailed extends Notification implements ShouldQueue
 {
     use Queueable;
@@ -69,4 +69,19 @@ class BackupFailed extends Notification implements ShouldQueue
             'message' => $message,
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Database backup failed";
+        $description = "Database backup for {$this->name} (db:{$this->database_name}) has FAILED.";
+
+        $description .= "\n\n**Frequency:** {$this->frequency}";
+        $description .= "\n\n**Error Output:**\n{$this->output}";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Database/BackupSuccess.php b/app/Notifications/Database/BackupSuccess.php
index 5128c8ed6..76ddc9221 100644
--- a/app/Notifications/Database/BackupSuccess.php
+++ b/app/Notifications/Database/BackupSuccess.php
@@ -8,7 +8,7 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class BackupSuccess extends Notification implements ShouldQueue
 {
     use Queueable;
@@ -66,4 +66,18 @@ class BackupSuccess extends Notification implements ShouldQueue
             'message' => $message,
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Database backup successful";
+        $description = "Database backup for {$this->name} (db:{$this->database_name}) was successful.";
+
+        $description .= "\n\n**Frequency:** {$this->frequency}";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::successColor()
+        );
+    }
 }
diff --git a/app/Notifications/Dto/SlackMessage.php b/app/Notifications/Dto/SlackMessage.php
new file mode 100644
index 000000000..efd0cf5e6
--- /dev/null
+++ b/app/Notifications/Dto/SlackMessage.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Notifications\Dto;
+
+class SlackMessage
+{
+    public function __construct(
+        public string $title,
+        public string $description,
+        public string $color = '#0099ff'
+    ) {
+    }
+
+    public static function infoColor(): string
+    {
+        return '#0099ff';
+    }
+
+    public static function errorColor(): string
+    {
+        return '#ff0000';
+    }
+
+    public static function successColor(): string
+    {
+        return '#00ff00';
+    }
+}
\ No newline at end of file
diff --git a/app/Notifications/Internal/GeneralNotification.php b/app/Notifications/Internal/GeneralNotification.php
index 48e7d8340..4dd925159 100644
--- a/app/Notifications/Internal/GeneralNotification.php
+++ b/app/Notifications/Internal/GeneralNotification.php
@@ -4,7 +4,9 @@ namespace App\Notifications\Internal;
 
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\TelegramChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Notification;
@@ -15,13 +17,16 @@ class GeneralNotification extends Notification implements ShouldQueue
 
     public $tries = 1;
 
-    public function __construct(public string $message) {}
+    public function __construct(public string $message)
+    {
+    }
 
     public function via(object $notifiable): array
     {
         $channels = [];
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
 
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
@@ -29,6 +34,9 @@ class GeneralNotification extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -48,4 +56,13 @@ class GeneralNotification extends Notification implements ShouldQueue
             'message' => $this->message,
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        return new SlackMessage(
+            title: 'Coolify: General Notification',
+            description: $this->message,
+            color: SlackMessage::infoColor(),
+        );
+    }
 }
diff --git a/app/Notifications/ScheduledTask/TaskFailed.php b/app/Notifications/ScheduledTask/TaskFailed.php
index c3501a8eb..99d83fdf6 100644
--- a/app/Notifications/ScheduledTask/TaskFailed.php
+++ b/app/Notifications/ScheduledTask/TaskFailed.php
@@ -8,7 +8,7 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
-
+use App\Notifications\Dto\SlackMessage;
 class TaskFailed extends Notification implements ShouldQueue
 {
     use Queueable;
@@ -55,7 +55,7 @@ class TaskFailed extends Notification implements ShouldQueue
         );
 
         if ($this->url) {
-            $message->addField('Scheduled task', '[Link]('.$this->url.')');
+            $message->addField('Scheduled task', '[Link](' . $this->url . ')');
         }
 
         return $message;
@@ -75,4 +75,24 @@ class TaskFailed extends Notification implements ShouldQueue
             'message' => $message,
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Scheduled task failed";
+        $description = "Scheduled task ({$this->task->name}) failed.";
+
+        if ($this->output) {
+            $description .= "\n\n**Error Output:**\n{$this->output}";
+        }
+
+        if ($this->url) {
+            $description .= "\n\n**Task URL:** {$this->url}";
+        }
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Server/DockerCleanup.php b/app/Notifications/Server/DockerCleanup.php
index 7ea1b84c2..eb4498835 100644
--- a/app/Notifications/Server/DockerCleanup.php
+++ b/app/Notifications/Server/DockerCleanup.php
@@ -6,6 +6,7 @@ use App\Models\Server;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\TelegramChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Notification;
@@ -16,7 +17,9 @@ class DockerCleanup extends Notification implements ShouldQueue
 
     public $tries = 1;
 
-    public function __construct(public Server $server, public string $message) {}
+    public function __construct(public Server $server, public string $message)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -24,7 +27,7 @@ class DockerCleanup extends Notification implements ShouldQueue
         // $isEmailEnabled = isEmailEnabled($notifiable);
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
-
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
         }
@@ -34,6 +37,9 @@ class DockerCleanup extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -65,4 +71,13 @@ class DockerCleanup extends Notification implements ShouldQueue
             'message' => "Coolify: Server '{$this->server->name}' cleanup job done!\n\n{$this->message}",
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        return new SlackMessage(
+            title: 'Server cleanup job done',
+            description: "Server '{$this->server->name}' cleanup job done!\n\n{$this->message}",
+            color: SlackMessage::successColor()
+        );
+    }
 }
diff --git a/app/Notifications/Server/ForceDisabled.php b/app/Notifications/Server/ForceDisabled.php
index a26c803ee..969f60d79 100644
--- a/app/Notifications/Server/ForceDisabled.php
+++ b/app/Notifications/Server/ForceDisabled.php
@@ -6,7 +6,9 @@ use App\Models\Server;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\EmailChannel;
 use App\Notifications\Channels\TelegramChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -18,7 +20,9 @@ class ForceDisabled extends Notification implements ShouldQueue
 
     public $tries = 1;
 
-    public function __construct(public Server $server) {}
+    public function __construct(public Server $server)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -26,7 +30,7 @@ class ForceDisabled extends Notification implements ShouldQueue
         $isEmailEnabled = isEmailEnabled($notifiable);
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
-
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
         }
@@ -36,6 +40,9 @@ class ForceDisabled extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -70,4 +77,19 @@ class ForceDisabled extends Notification implements ShouldQueue
             'message' => "Coolify: Server ({$this->server->name}) disabled because it is not paid!\n All automations and integrations are stopped.\nPlease update your subscription to enable the server again [here](https://app.coolify.io/subscriptions).",
         ];
     }
+
+
+    public function toSlack(): SlackMessage
+    {
+        $title = "Server disabled";
+        $description = "Server ({$this->server->name}) disabled because it is not paid!\n";
+        $description .= "All automations and integrations are stopped.\n\n";
+        $description .= "Please update your subscription to enable the server again: https://app.coolify.io/subscriptions";
+
+        return new SlackMessage(
+            title: $title,
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Server/ForceEnabled.php b/app/Notifications/Server/ForceEnabled.php
index 65b65a10c..e24136c81 100644
--- a/app/Notifications/Server/ForceEnabled.php
+++ b/app/Notifications/Server/ForceEnabled.php
@@ -6,7 +6,9 @@ use App\Models\Server;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\EmailChannel;
 use App\Notifications\Channels\TelegramChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -18,7 +20,9 @@ class ForceEnabled extends Notification implements ShouldQueue
 
     public $tries = 1;
 
-    public function __construct(public Server $server) {}
+    public function __construct(public Server $server)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -26,7 +30,7 @@ class ForceEnabled extends Notification implements ShouldQueue
         $isEmailEnabled = isEmailEnabled($notifiable);
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
-
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
         }
@@ -36,6 +40,9 @@ class ForceEnabled extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -66,4 +73,15 @@ class ForceEnabled extends Notification implements ShouldQueue
             'message' => "Coolify: Server ({$this->server->name}) enabled again!",
         ];
     }
+
+
+    public function toSlack(): SlackMessage
+    {
+        return new SlackMessage(
+            title: 'Server enabled',
+            description: "Server '{$this->server->name}' enabled again!",
+            color: SlackMessage::successColor()
+        );
+    }
+
 }
diff --git a/app/Notifications/Server/HighDiskUsage.php b/app/Notifications/Server/HighDiskUsage.php
index e373abc03..a780d9d15 100644
--- a/app/Notifications/Server/HighDiskUsage.php
+++ b/app/Notifications/Server/HighDiskUsage.php
@@ -4,6 +4,7 @@ namespace App\Notifications\Server;
 
 use App\Models\Server;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -15,7 +16,9 @@ class HighDiskUsage extends Notification implements ShouldQueue
 
     public $tries = 1;
 
-    public function __construct(public Server $server, public int $disk_usage, public int $server_disk_usage_notification_threshold) {}
+    public function __construct(public Server $server, public int $disk_usage, public int $server_disk_usage_notification_threshold)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -47,7 +50,7 @@ class HighDiskUsage extends Notification implements ShouldQueue
         $message->addField('Disk usage', "{$this->disk_usage}%", true);
         $message->addField('Threshold', "{$this->server_disk_usage_notification_threshold}%", true);
         $message->addField('What to do?', '[Link](https://coolify.io/docs/knowledge-base/server/automated-cleanup)', true);
-        $message->addField('Change Settings', '[Threshold]('.base_url().'/server/'.$this->server->uuid.'#advanced) | [Notification]('.base_url().'/notifications/discord)');
+        $message->addField('Change Settings', '[Threshold](' . base_url() . '/server/' . $this->server->uuid . '#advanced) | [Notification](' . base_url() . '/notifications/discord)');
 
         return $message;
     }
@@ -58,4 +61,22 @@ class HighDiskUsage extends Notification implements ShouldQueue
             'message' => "Coolify: Server '{$this->server->name}' high disk usage detected!\nDisk usage: {$this->disk_usage}%. Threshold: {$this->server_disk_usage_notification_threshold}%.\nPlease cleanup your disk to prevent data-loss.\nHere are some tips: https://coolify.io/docs/knowledge-base/server/automated-cleanup.",
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        $description = "Server '{$this->server->name}' high disk usage detected!\n";
+        $description .= "Disk usage: {$this->disk_usage}%\n";
+        $description .= "Threshold: {$this->server_disk_usage_notification_threshold}%\n\n";
+        $description .= "Please cleanup your disk to prevent data-loss.\n";
+        $description .= "Tips for cleanup: https://coolify.io/docs/knowledge-base/server/automated-cleanup\n";
+        $description .= "Change settings:\n";
+        $description .= "- Threshold: " . base_url() . "/server/" . $this->server->uuid . "#advanced\n";
+        $description .= "- Notifications: " . base_url() . "/notifications/discord";
+
+        return new SlackMessage(
+            title: 'High disk usage detected',
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Server/Reachable.php b/app/Notifications/Server/Reachable.php
index 9b54501d9..6ca4170f5 100644
--- a/app/Notifications/Server/Reachable.php
+++ b/app/Notifications/Server/Reachable.php
@@ -6,7 +6,9 @@ use App\Models\Server;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\EmailChannel;
 use App\Notifications\Channels\TelegramChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -23,7 +25,7 @@ class Reachable extends Notification implements ShouldQueue
     public function __construct(public Server $server)
     {
         $this->isRateLimited = isEmailRateLimited(
-            limiterKey: 'server-reachable:'.$this->server->id,
+            limiterKey: 'server-reachable:' . $this->server->id,
         );
     }
 
@@ -37,7 +39,7 @@ class Reachable extends Notification implements ShouldQueue
         $isEmailEnabled = isEmailEnabled($notifiable);
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
-
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
         }
@@ -47,6 +49,9 @@ class Reachable extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -77,4 +82,16 @@ class Reachable extends Notification implements ShouldQueue
             'message' => "Coolify: Server '{$this->server->name}' revived. All automations & integrations are turned on again!",
         ];
     }
+
+
+
+
+    public function toSlack(): SlackMessage
+    {
+        return new SlackMessage(
+            title: "Server revived",
+            description: "Server '{$this->server->name}' revived.\nAll automations & integrations are turned on again!",
+            color: SlackMessage::successColor()
+        );
+    }
 }
diff --git a/app/Notifications/Server/Unreachable.php b/app/Notifications/Server/Unreachable.php
index 5bc568e82..cdb18b1bd 100644
--- a/app/Notifications/Server/Unreachable.php
+++ b/app/Notifications/Server/Unreachable.php
@@ -6,7 +6,9 @@ use App\Models\Server;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\EmailChannel;
 use App\Notifications\Channels\TelegramChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -23,7 +25,7 @@ class Unreachable extends Notification implements ShouldQueue
     public function __construct(public Server $server)
     {
         $this->isRateLimited = isEmailRateLimited(
-            limiterKey: 'server-unreachable:'.$this->server->id,
+            limiterKey: 'server-unreachable:' . $this->server->id,
         );
     }
 
@@ -37,6 +39,7 @@ class Unreachable extends Notification implements ShouldQueue
         $isEmailEnabled = isEmailEnabled($notifiable);
         $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
         $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
+        $isSlackEnabled = data_get($notifiable, 'slack_enabled');
 
         if ($isDiscordEnabled) {
             $channels[] = DiscordChannel::class;
@@ -47,6 +50,9 @@ class Unreachable extends Notification implements ShouldQueue
         if ($isTelegramEnabled) {
             $channels[] = TelegramChannel::class;
         }
+        if ($isSlackEnabled) {
+            $channels[] = SlackChannel::class;
+        }
 
         return $channels;
     }
@@ -81,4 +87,18 @@ class Unreachable extends Notification implements ShouldQueue
             'message' => "Coolify: Your server '{$this->server->name}' is unreachable. All automations & integrations are turned off! Please check your server! IMPORTANT: We automatically try to revive your server and turn on all automations & integrations.",
         ];
     }
+
+
+    public function toSlack(): SlackMessage
+    {
+        $description = "Your server '{$this->server->name}' is unreachable.\n";
+        $description .= "All automations & integrations are turned off!\n\n";
+        $description .= "*IMPORTANT:* We automatically try to revive your server and turn on all automations & integrations.";
+
+        return new SlackMessage(
+            title: 'Server unreachable',
+            description: $description,
+            color: SlackMessage::errorColor()
+        );
+    }
 }
diff --git a/app/Notifications/Test.php b/app/Notifications/Test.php
index a43b1e153..6aae641c4 100644
--- a/app/Notifications/Test.php
+++ b/app/Notifications/Test.php
@@ -3,6 +3,7 @@
 namespace App\Notifications;
 
 use App\Notifications\Dto\DiscordMessage;
+use App\Notifications\Dto\SlackMessage;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Notifications\Messages\MailMessage;
@@ -15,7 +16,9 @@ class Test extends Notification implements ShouldQueue
 
     public $tries = 5;
 
-    public function __construct(public ?string $emails = null) {}
+    public function __construct(public ?string $emails = null)
+    {
+    }
 
     public function via(object $notifiable): array
     {
@@ -47,7 +50,7 @@ class Test extends Notification implements ShouldQueue
             color: DiscordMessage::successColor(),
         );
 
-        $message->addField(name: 'Dashboard', value: '[Link]('.base_url().')', inline: true);
+        $message->addField(name: 'Dashboard', value: '[Link](' . base_url() . ')', inline: true);
 
         return $message;
     }
@@ -64,4 +67,12 @@ class Test extends Notification implements ShouldQueue
             ],
         ];
     }
+
+    public function toSlack(): SlackMessage
+    {
+        return new SlackMessage(
+            title: 'Test Slack Notification',
+            description: 'This is a test Slack notification from Coolify.'
+        );
+    }
 }
diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php
index 2f0a3ac2a..e8bfbbd64 100644
--- a/bootstrap/helpers/shared.php
+++ b/bootstrap/helpers/shared.php
@@ -26,6 +26,7 @@ use App\Models\Team;
 use App\Models\User;
 use App\Notifications\Channels\DiscordChannel;
 use App\Notifications\Channels\EmailChannel;
+use App\Notifications\Channels\SlackChannel;
 use App\Notifications\Channels\TelegramChannel;
 use App\Notifications\Internal\GeneralNotification;
 use Carbon\CarbonImmutable;
@@ -66,27 +67,27 @@ function base_configuration_dir(): string
 }
 function application_configuration_dir(): string
 {
-    return base_configuration_dir().'/applications';
+    return base_configuration_dir() . '/applications';
 }
 function service_configuration_dir(): string
 {
-    return base_configuration_dir().'/services';
+    return base_configuration_dir() . '/services';
 }
 function database_configuration_dir(): string
 {
-    return base_configuration_dir().'/databases';
+    return base_configuration_dir() . '/databases';
 }
 function database_proxy_dir($uuid): string
 {
-    return base_configuration_dir()."/databases/$uuid/proxy";
+    return base_configuration_dir() . "/databases/$uuid/proxy";
 }
 function backup_dir(): string
 {
-    return base_configuration_dir().'/backups';
+    return base_configuration_dir() . '/backups';
 }
 function metrics_dir(): string
 {
-    return base_configuration_dir().'/metrics';
+    return base_configuration_dir() . '/metrics';
 }
 
 function generate_readme_file(string $name, string $updated_at): string
@@ -114,15 +115,15 @@ function showBoarding(): bool
 }
 function refreshSession(?Team $team = null): void
 {
-    if (! $team) {
+    if (!$team) {
         if (Auth::user()->currentTeam()) {
             $team = Team::find(Auth::user()->currentTeam()->id);
         } else {
             $team = User::find(Auth::id())->teams->first();
         }
     }
-    Cache::forget('team:'.Auth::id());
-    Cache::remember('team:'.Auth::id(), 3600, function () use ($team) {
+    Cache::forget('team:' . Auth::id());
+    Cache::remember('team:' . Auth::id(), 3600, function () use ($team) {
         return $team;
     });
     session(['currentTeam' => $team]);
@@ -154,7 +155,7 @@ function handleError(?Throwable $error = null, ?Livewire\Component $livewire = n
         $message = null;
     }
     if ($customErrorMessage) {
-        $message = $customErrorMessage.' '.$message;
+        $message = $customErrorMessage . ' ' . $message;
     }
 
     if (isset($livewire)) {
@@ -227,7 +228,7 @@ function generateSSHKey(string $type = 'rsa')
 function formatPrivateKey(string $privateKey)
 {
     $privateKey = trim($privateKey);
-    if (! str_ends_with($privateKey, "\n")) {
+    if (!str_ends_with($privateKey, "\n")) {
         $privateKey .= "\n";
     }
 
@@ -249,7 +250,7 @@ function is_transactional_emails_active(): bool
 
 function set_transanctional_email_settings(?InstanceSettings $settings = null): ?string
 {
-    if (! $settings) {
+    if (!$settings) {
         $settings = instanceSettings();
     }
     config()->set('mail.from.address', data_get($settings, 'smtp_from_address'));
@@ -349,7 +350,7 @@ function isSubscribed()
 
 function isProduction(): bool
 {
-    return ! isDev();
+    return !isDev();
 }
 function isDev(): bool
 {
@@ -358,7 +359,7 @@ function isDev(): bool
 
 function isCloud(): bool
 {
-    return ! config('coolify.self_hosted');
+    return !config('coolify.self_hosted');
 }
 
 function translate_cron_expression($expression_to_validate): string
@@ -397,14 +398,14 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null
 {
     $settings = instanceSettings();
     $type = set_transanctional_email_settings($settings);
-    if (! $type) {
+    if (!$type) {
         throw new Exception('No email settings found.');
     }
     if ($cc) {
         Mail::send(
             [],
             [],
-            fn (Message $message) => $message
+            fn(Message $message) => $message
                 ->to($email)
                 ->replyTo($email)
                 ->cc($cc)
@@ -415,7 +416,7 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null
         Mail::send(
             [],
             [],
-            fn (Message $message) => $message
+            fn(Message $message) => $message
                 ->to($email)
                 ->subject($mail->subject)
                 ->html((string) $mail->render())
@@ -440,11 +441,13 @@ function setNotificationChannels($notifiable, $event)
 {
     $channels = [];
     $isEmailEnabled = isEmailEnabled($notifiable);
+    $isSlackEnabled = data_get($notifiable, 'slack_enabled');
     $isDiscordEnabled = data_get($notifiable, 'discord_enabled');
     $isTelegramEnabled = data_get($notifiable, 'telegram_enabled');
     $isSubscribedToEmailEvent = data_get($notifiable, "smtp_notifications_$event");
     $isSubscribedToDiscordEvent = data_get($notifiable, "discord_notifications_$event");
     $isSubscribedToTelegramEvent = data_get($notifiable, "telegram_notifications_$event");
+    $isSubscribedToSlackEvent = data_get($notifiable, "slack_notifications_$event");
 
     if ($isDiscordEnabled && $isSubscribedToDiscordEvent) {
         $channels[] = DiscordChannel::class;
@@ -455,6 +458,9 @@ function setNotificationChannels($notifiable, $event)
     if ($isTelegramEnabled && $isSubscribedToTelegramEvent) {
         $channels[] = TelegramChannel::class;
     }
+    if ($isSlackEnabled && $isSubscribedToSlackEvent) {
+        $channels[] = SlackChannel::class;
+    }
 
     return $channels;
 }
@@ -559,7 +565,7 @@ function getResourceByUuid(string $uuid, ?int $teamId = null)
         return null;
     }
     $resource = queryResourcesByUuid($uuid);
-    if (! is_null($resource) && $resource->environment->project->team_id === $teamId) {
+    if (!is_null($resource) && $resource->environment->project->team_id === $teamId) {
         return $resource;
     }
 
@@ -651,29 +657,29 @@ function queryResourcesByUuid(string $uuid)
 function generateTagDeployWebhook($tag_name)
 {
     $baseUrl = base_url();
-    $api = Url::fromString($baseUrl).'/api/v1';
+    $api = Url::fromString($baseUrl) . '/api/v1';
     $endpoint = "/deploy?tag=$tag_name";
 
-    return $api.$endpoint;
+    return $api . $endpoint;
 }
 function generateDeployWebhook($resource)
 {
     $baseUrl = base_url();
-    $api = Url::fromString($baseUrl).'/api/v1';
+    $api = Url::fromString($baseUrl) . '/api/v1';
     $endpoint = '/deploy';
     $uuid = data_get($resource, 'uuid');
 
-    return $api.$endpoint."?uuid=$uuid&force=false";
+    return $api . $endpoint . "?uuid=$uuid&force=false";
 }
 function generateGitManualWebhook($resource, $type)
 {
-    if ($resource->source_id !== 0 && ! is_null($resource->source_id)) {
+    if ($resource->source_id !== 0 && !is_null($resource->source_id)) {
         return null;
     }
     if ($resource->getMorphClass() === \App\Models\Application::class) {
         $baseUrl = base_url();
 
-        return Url::fromString($baseUrl)."/webhooks/source/$type/events/manual";
+        return Url::fromString($baseUrl) . "/webhooks/source/$type/events/manual";
     }
 
     return null;
@@ -700,7 +706,7 @@ function getTopLevelNetworks(Service|Application $resource)
                 $hasHostNetworkMode = data_get($service, 'network_mode') === 'host' ? true : false;
 
                 // Only add 'networks' key if 'network_mode' is not 'host'
-                if (! $hasHostNetworkMode) {
+                if (!$hasHostNetworkMode) {
                     // Collect/create/update networks
                     if ($serviceNetworks->count() > 0) {
                         foreach ($serviceNetworks as $networkName => $networkDetails) {
@@ -714,7 +720,7 @@ function getTopLevelNetworks(Service|Application $resource)
                             $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
                                 return $value == $networkName || $key == $networkName;
                             });
-                            if (! $networkExists) {
+                            if (!$networkExists) {
                                 if (is_string($networkDetails) || is_int($networkDetails)) {
                                     $topLevelNetworks->put($networkDetails, null);
                                 }
@@ -725,7 +731,7 @@ function getTopLevelNetworks(Service|Application $resource)
                     $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
                         return $value == $definedNetwork;
                     });
-                    if (! $definedNetworkExists) {
+                    if (!$definedNetworkExists) {
                         foreach ($definedNetwork as $network) {
                             $topLevelNetworks->put($network, [
                                 'name' => $network,
@@ -766,7 +772,7 @@ function getTopLevelNetworks(Service|Application $resource)
                     $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
                         return $value == $networkName || $key == $networkName;
                     });
-                    if (! $networkExists) {
+                    if (!$networkExists) {
                         if (is_string($networkDetails) || is_int($networkDetails)) {
                             $topLevelNetworks->put($networkDetails, null);
                         }
@@ -776,7 +782,7 @@ function getTopLevelNetworks(Service|Application $resource)
             $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
                 return $value == $definedNetwork;
             });
-            if (! $definedNetworkExists) {
+            if (!$definedNetworkExists) {
                 foreach ($definedNetwork as $network) {
                     $topLevelNetworks->put($network, [
                         'name' => $network,
@@ -912,7 +918,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n
         case 'PASSWORD_64':
             $generatedValue = Str::password(length: 64, symbols: false);
             break;
-            // This is not base64, it's just a random string
+        // This is not base64, it's just a random string
         case 'BASE64_64':
             $generatedValue = Str::random(64);
             break;
@@ -923,7 +929,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n
         case 'BASE64_32':
             $generatedValue = Str::random(32);
             break;
-            // This is base64,
+        // This is base64,
         case 'REALBASE64_64':
             $generatedValue = base64_encode(Str::random(64));
             break;
@@ -1014,7 +1020,7 @@ function validate_dns_entry(string $fqdn, Server $server)
     }
     $settings = instanceSettings();
     $is_dns_validation_enabled = data_get($settings, 'is_dns_validation_enabled');
-    if (! $is_dns_validation_enabled) {
+    if (!$is_dns_validation_enabled) {
         return true;
     }
     $dns_servers = data_get($settings, 'custom_dns_servers');
@@ -1032,7 +1038,7 @@ function validate_dns_entry(string $fqdn, Server $server)
             $query = new DNSQuery($dns_server);
             $results = $query->query($host, $type);
             if ($results === false || $query->hasError()) {
-                ray('Error: '.$query->getLasterror());
+                ray('Error: ' . $query->getLasterror());
             } else {
                 foreach ($results as $result) {
                     if ($result->getType() == $type) {
@@ -1042,7 +1048,7 @@ function validate_dns_entry(string $fqdn, Server $server)
                             break;
                         }
                         if ($result->getData() === $ip) {
-                            ray($host.' has IP address '.$result->getData());
+                            ray($host . ' has IP address ' . $result->getData());
                             ray($result->getString());
                             $found_matching_ip = true;
                             break;
@@ -1090,15 +1096,15 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId =
     $applications = Application::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']);
     $serviceApplications = ServiceApplication::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']);
     if ($uuid) {
-        $applications = $applications->filter(fn ($app) => $app->uuid !== $uuid);
-        $serviceApplications = $serviceApplications->filter(fn ($app) => $app->uuid !== $uuid);
+        $applications = $applications->filter(fn($app) => $app->uuid !== $uuid);
+        $serviceApplications = $serviceApplications->filter(fn($app) => $app->uuid !== $uuid);
     }
     $domainFound = false;
     foreach ($applications as $app) {
         if (is_null($app->fqdn)) {
             continue;
         }
-        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
+        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
         foreach ($list_of_domains as $domain) {
             if (str($domain)->endsWith('/')) {
                 $domain = str($domain)->beforeLast('/');
@@ -1117,7 +1123,7 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId =
         if (str($app->fqdn)->isEmpty()) {
             continue;
         }
-        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
+        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
         foreach ($list_of_domains as $domain) {
             if (str($domain)->endsWith('/')) {
                 $domain = str($domain)->beforeLast('/');
@@ -1167,7 +1173,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null
     });
     $apps = Application::all();
     foreach ($apps as $app) {
-        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
+        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
         foreach ($list_of_domains as $domain) {
             if (str($domain)->endsWith('/')) {
                 $domain = str($domain)->beforeLast('/');
@@ -1186,7 +1192,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null
     }
     $apps = ServiceApplication::all();
     foreach ($apps as $app) {
-        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
+        $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
         foreach ($list_of_domains as $domain) {
             if (str($domain)->endsWith('/')) {
                 $domain = str($domain)->beforeLast('/');
@@ -1222,7 +1228,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
 {
     $commands = $commands->map(function ($line) {
         if (
-            ! str(trim($line))->startsWith([
+            !str(trim($line))->startsWith([
                 'cd',
                 'command',
                 'echo',
@@ -1243,7 +1249,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
 
     $commands = $commands->map(function ($line) use ($server) {
         if (Str::startsWith($line, 'sudo mkdir -p')) {
-            return "$line && sudo chown -R $server->user:$server->user ".Str::after($line, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($line, 'sudo mkdir -p');
+            return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p');
         }
 
         return $line;
@@ -1271,11 +1277,11 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
 }
 function parseLineForSudo(string $command, Server $server): string
 {
-    if (! str($command)->startSwith('cd') && ! str($command)->startSwith('command')) {
+    if (!str($command)->startSwith('cd') && !str($command)->startSwith('command')) {
         $command = "sudo $command";
     }
     if (Str::startsWith($command, 'sudo mkdir -p')) {
-        $command = "$command && sudo chown -R $server->user:$server->user ".Str::after($command, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($command, 'sudo mkdir -p');
+        $command = "$command && sudo chown -R $server->user:$server->user " . Str::after($command, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($command, 'sudo mkdir -p');
     }
     if (str($command)->contains('$(') || str($command)->contains('`')) {
         $command = str($command)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value();
@@ -1397,7 +1403,7 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
                 $isDirectory = data_get($foundConfig, 'is_directory');
             } else {
                 $isDirectory = (bool) data_get($volume, 'isDirectory', null) || (bool) data_get($volume, 'is_directory', null);
-                if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) {
+                if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) {
                     // if isDirectory is not set (or false) & content is also not set, we assume it is a directory
                     ray('setting isDirectory to true');
                     $isDirectory = true;
@@ -1412,9 +1418,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
                 return $volume;
             }
             if (get_class($resource) === \App\Models\Application::class) {
-                $dir = base_configuration_dir().'/applications/'.$resource->uuid;
+                $dir = base_configuration_dir() . '/applications/' . $resource->uuid;
             } else {
-                $dir = base_configuration_dir().'/services/'.$resource->service->uuid;
+                $dir = base_configuration_dir() . '/services/' . $resource->service->uuid;
             }
 
             if ($source->startsWith('.')) {
@@ -1424,9 +1430,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
                 $source = $source->replaceFirst('~', $dir);
             }
             if ($pull_request_id !== 0) {
-                $source = $source."-pr-$pull_request_id";
+                $source = $source . "-pr-$pull_request_id";
             }
-            if (! $resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) {
+            if (!$resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) {
                 LocalFileVolume::updateOrCreate(
                     [
                         'mount_path' => $target,
@@ -1555,7 +1561,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 if ($serviceLabels->count() > 0) {
                     $removedLabels = collect([]);
                     $serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) {
-                        if (! str($serviceLabel)->contains('=')) {
+                        if (!str($serviceLabel)->contains('=')) {
                             $removedLabels->put($serviceLabelName, $serviceLabel);
 
                             return false;
@@ -1637,7 +1643,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                         $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
                             return $value == $networkName || $key == $networkName;
                         });
-                        if (! $networkExists) {
+                        if (!$networkExists) {
                             if (is_string($networkDetails) || is_int($networkDetails)) {
                                 $topLevelNetworks->put($networkDetails, null);
                             }
@@ -1663,12 +1669,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 $savedService->ports = $collectedPorts->implode(',');
                 $savedService->save();
 
-                if (! $hasHostNetworkMode) {
+                if (!$hasHostNetworkMode) {
                     // Add Coolify specific networks
                     $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
                         return $value == $definedNetwork;
                     });
-                    if (! $definedNetworkExists) {
+                    if (!$definedNetworkExists) {
                         foreach ($definedNetwork as $network) {
                             $topLevelNetworks->put($network, [
                                 'name' => $network,
@@ -1880,9 +1886,9 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                 $fqdn = "$fqdn$path";
                             }
 
-                            if (! $isDatabase) {
+                            if (!$isDatabase) {
                                 if ($savedService->fqdn) {
-                                    data_set($savedService, 'fqdn', $savedService->fqdn.','.$fqdn);
+                                    data_set($savedService, 'fqdn', $savedService->fqdn . ',' . $fqdn);
                                 } else {
                                     data_set($savedService, 'fqdn', $fqdn);
                                 }
@@ -1897,7 +1903,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                             ]);
                         }
                         // Caddy needs exact port in some cases.
-                        if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}")) {
+                        if ($predefinedPort && !$key->endsWith("_{$predefinedPort}")) {
                             $fqdns_exploded = str($savedService->fqdn)->explode(',');
                             if ($fqdns_exploded->count() > 1) {
                                 continue;
@@ -1937,12 +1943,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                 'service_id' => $resource->id,
                             ])->first();
                             ['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value);
-                            if (! is_null($command)) {
+                            if (!is_null($command)) {
                                 if ($command?->value() === 'FQDN' || $command?->value() === 'URL') {
                                     if (Str::lower($forService) === $serviceName) {
                                         $fqdn = generateFqdn($resource->server, $containerName);
                                     } else {
-                                        $fqdn = generateFqdn($resource->server, Str::lower($forService).'-'.$resource->uuid);
+                                        $fqdn = generateFqdn($resource->server, Str::lower($forService) . '-' . $resource->uuid);
                                     }
                                     if ($port) {
                                         $fqdn = "$fqdn:$port";
@@ -1972,13 +1978,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                             'is_preview' => false,
                                         ]);
                                     }
-                                    if (! $isDatabase) {
-                                        if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && ! $foundEnv) {
+                                    if (!$isDatabase) {
+                                        if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && !$foundEnv) {
                                             $savedService->fqdn = $fqdn;
                                             $savedService->save();
                                         }
                                         // Caddy needs exact port in some cases.
-                                        if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') {
+                                        if ($predefinedPort && !$key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') {
                                             $fqdns_exploded = str($savedService->fqdn)->explode(',');
                                             if ($fqdns_exploded->count() > 1) {
                                                 continue;
@@ -2000,7 +2006,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                     }
                                 } else {
                                     $generatedValue = generateEnvValue($command, $resource);
-                                    if (! $foundEnv) {
+                                    if (!$foundEnv) {
                                         EnvironmentVariable::create([
                                             'key' => $key,
                                             'value' => $generatedValue,
@@ -2055,7 +2061,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 }
                 $defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id);
                 $serviceLabels = $serviceLabels->merge($defaultLabels);
-                if (! $isDatabase && $fqdns->count() > 0) {
+                if (!$isDatabase && $fqdns->count() > 0) {
                     if ($fqdns) {
                         $shouldGenerateLabelsExactly = $resource->server->settings->generate_exact_labels;
                         if ($shouldGenerateLabelsExactly) {
@@ -2123,7 +2129,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 }
                 data_set($service, 'labels', $serviceLabels->toArray());
                 data_forget($service, 'is_database');
-                if (! data_get($service, 'restart')) {
+                if (!data_get($service, 'restart')) {
                     data_set($service, 'restart', RESTART_MODE);
                 }
                 if (data_get($service, 'restart') === 'no' || data_get($service, 'exclude_from_hc')) {
@@ -2162,21 +2168,21 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                 $parsedServiceVariables->put('COOLIFY_CONTAINER_NAME', "$serviceName-{$resource->uuid}");
 
                 // TODO: move this in a shared function
-                if (! $parsedServiceVariables->has('COOLIFY_APP_NAME')) {
+                if (!$parsedServiceVariables->has('COOLIFY_APP_NAME')) {
                     $parsedServiceVariables->put('COOLIFY_APP_NAME', "\"{$resource->name}\"");
                 }
-                if (! $parsedServiceVariables->has('COOLIFY_SERVER_IP')) {
+                if (!$parsedServiceVariables->has('COOLIFY_SERVER_IP')) {
                     $parsedServiceVariables->put('COOLIFY_SERVER_IP', "\"{$resource->destination->server->ip}\"");
                 }
-                if (! $parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) {
+                if (!$parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) {
                     $parsedServiceVariables->put('COOLIFY_ENVIRONMENT_NAME', "\"{$resource->environment->name}\"");
                 }
-                if (! $parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) {
+                if (!$parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) {
                     $parsedServiceVariables->put('COOLIFY_PROJECT_NAME', "\"{$resource->project()->name}\"");
                 }
 
                 $parsedServiceVariables = $parsedServiceVariables->map(function ($value, $key) use ($envs_from_coolify) {
-                    if (! str($value)->startsWith('$')) {
+                    if (!str($value)->startsWith('$')) {
                         $found_env = $envs_from_coolify->where('key', $key)->first();
                         if ($found_env) {
                             return $found_env->value;
@@ -2260,7 +2266,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
             if ($serviceLabels->count() > 0) {
                 $removedLabels = collect([]);
                 $serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) {
-                    if (! str($serviceLabel)->contains('=')) {
+                    if (!str($serviceLabel)->contains('=')) {
                         $removedLabels->put($serviceLabelName, $serviceLabel);
 
                         return false;
@@ -2280,11 +2286,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                     $serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) {
                         if (is_string($volume)) {
                             $volume = str($volume);
-                            if ($volume->contains(':') && ! $volume->startsWith('/')) {
+                            if ($volume->contains(':') && !$volume->startsWith('/')) {
                                 $name = $volume->before(':');
                                 $mount = $volume->after(':');
                                 if ($name->startsWith('.') || $name->startsWith('~')) {
-                                    $dir = base_configuration_dir().'/applications/'.$resource->uuid;
+                                    $dir = base_configuration_dir() . '/applications/' . $resource->uuid;
                                     if ($name->startsWith('.')) {
                                         $name = $name->replaceFirst('.', $dir);
                                     }
@@ -2292,12 +2298,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                         $name = $name->replaceFirst('~', $dir);
                                     }
                                     if ($pull_request_id !== 0) {
-                                        $name = $name."-pr-$pull_request_id";
+                                        $name = $name . "-pr-$pull_request_id";
                                     }
                                     $volume = str("$name:$mount");
                                 } else {
                                     if ($pull_request_id !== 0) {
-                                        $name = $name."-pr-$pull_request_id";
+                                        $name = $name . "-pr-$pull_request_id";
                                         $volume = str("$name:$mount");
                                         if ($topLevelVolumes->has($name)) {
                                             $v = $topLevelVolumes->get($name);
@@ -2336,7 +2342,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                     $name = $volume->before(':');
                                     $mount = $volume->after(':');
                                     if ($pull_request_id !== 0) {
-                                        $name = $name."-pr-$pull_request_id";
+                                        $name = $name . "-pr-$pull_request_id";
                                     }
                                     $volume = str("$name:$mount");
                                 }
@@ -2347,7 +2353,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                             $read_only = data_get($volume, 'read_only');
                             if ($source && $target) {
                                 if ((str($source)->startsWith('.') || str($source)->startsWith('~'))) {
-                                    $dir = base_configuration_dir().'/applications/'.$resource->uuid;
+                                    $dir = base_configuration_dir() . '/applications/' . $resource->uuid;
                                     if (str($source, '.')) {
                                         $source = str($source)->replaceFirst('.', $dir);
                                     }
@@ -2355,23 +2361,23 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                         $source = str($source)->replaceFirst('~', $dir);
                                     }
                                     if ($pull_request_id !== 0) {
-                                        $source = $source."-pr-$pull_request_id";
+                                        $source = $source . "-pr-$pull_request_id";
                                     }
                                     if ($read_only) {
-                                        data_set($volume, 'source', $source.':'.$target.':ro');
+                                        data_set($volume, 'source', $source . ':' . $target . ':ro');
                                     } else {
-                                        data_set($volume, 'source', $source.':'.$target);
+                                        data_set($volume, 'source', $source . ':' . $target);
                                     }
                                 } else {
                                     if ($pull_request_id !== 0) {
-                                        $source = $source."-pr-$pull_request_id";
+                                        $source = $source . "-pr-$pull_request_id";
                                     }
                                     if ($read_only) {
-                                        data_set($volume, 'source', $source.':'.$target.':ro');
+                                        data_set($volume, 'source', $source . ':' . $target . ':ro');
                                     } else {
-                                        data_set($volume, 'source', $source.':'.$target);
+                                        data_set($volume, 'source', $source . ':' . $target);
                                     }
-                                    if (! str($source)->startsWith('/')) {
+                                    if (!str($source)->startsWith('/')) {
                                         if ($topLevelVolumes->has($source)) {
                                             $v = $topLevelVolumes->get($source);
                                             if (data_get($v, 'driver_opts.type') === 'cifs') {
@@ -2404,11 +2410,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                     $serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) {
                         if (is_string($volume)) {
                             $volume = str($volume);
-                            if ($volume->contains(':') && ! $volume->startsWith('/')) {
+                            if ($volume->contains(':') && !$volume->startsWith('/')) {
                                 $name = $volume->before(':');
                                 $mount = $volume->after(':');
                                 if ($name->startsWith('.') || $name->startsWith('~')) {
-                                    $dir = base_configuration_dir().'/applications/'.$resource->uuid;
+                                    $dir = base_configuration_dir() . '/applications/' . $resource->uuid;
                                     if ($name->startsWith('.')) {
                                         $name = $name->replaceFirst('.', $dir);
                                     }
@@ -2416,13 +2422,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                         $name = $name->replaceFirst('~', $dir);
                                     }
                                     if ($pull_request_id !== 0) {
-                                        $name = $name."-pr-$pull_request_id";
+                                        $name = $name . "-pr-$pull_request_id";
                                     }
                                     $volume = str("$name:$mount");
                                 } else {
                                     if ($pull_request_id !== 0) {
                                         $uuid = $resource->uuid;
-                                        $name = $uuid."-$name-pr-$pull_request_id";
+                                        $name = $uuid . "-$name-pr-$pull_request_id";
                                         $volume = str("$name:$mount");
                                         if ($topLevelVolumes->has($name)) {
                                             $v = $topLevelVolumes->get($name);
@@ -2441,7 +2447,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                         }
                                     } else {
                                         $uuid = $resource->uuid;
-                                        $name = str($uuid."-$name");
+                                        $name = str($uuid . "-$name");
                                         $volume = str("$name:$mount");
                                         if ($topLevelVolumes->has($name->value())) {
                                             $v = $topLevelVolumes->get($name->value());
@@ -2464,7 +2470,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                     $name = $volume->before(':');
                                     $mount = $volume->after(':');
                                     if ($pull_request_id !== 0) {
-                                        $name = $name."-pr-$pull_request_id";
+                                        $name = $name . "-pr-$pull_request_id";
                                     }
                                     $volume = str("$name:$mount");
                                 }
@@ -2476,7 +2482,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                             if ($source && $target) {
                                 $uuid = $resource->uuid;
                                 if ((str($source)->startsWith('.') || str($source)->startsWith('~') || str($source)->startsWith('/'))) {
-                                    $dir = base_configuration_dir().'/applications/'.$resource->uuid;
+                                    $dir = base_configuration_dir() . '/applications/' . $resource->uuid;
                                     if (str($source, '.')) {
                                         $source = str($source)->replaceFirst('.', $dir);
                                     }
@@ -2484,22 +2490,22 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                         $source = str($source)->replaceFirst('~', $dir);
                                     }
                                     if ($read_only) {
-                                        data_set($volume, 'source', $source.':'.$target.':ro');
+                                        data_set($volume, 'source', $source . ':' . $target . ':ro');
                                     } else {
-                                        data_set($volume, 'source', $source.':'.$target);
+                                        data_set($volume, 'source', $source . ':' . $target);
                                     }
                                 } else {
                                     if ($pull_request_id === 0) {
-                                        $source = $uuid."-$source";
+                                        $source = $uuid . "-$source";
                                     } else {
-                                        $source = $uuid."-$source-pr-$pull_request_id";
+                                        $source = $uuid . "-$source-pr-$pull_request_id";
                                     }
                                     if ($read_only) {
-                                        data_set($volume, 'source', $source.':'.$target.':ro');
+                                        data_set($volume, 'source', $source . ':' . $target . ':ro');
                                     } else {
-                                        data_set($volume, 'source', $source.':'.$target);
+                                        data_set($volume, 'source', $source . ':' . $target);
                                     }
-                                    if (! str($source)->startsWith('/')) {
+                                    if (!str($source)->startsWith('/')) {
                                         if ($topLevelVolumes->has($source)) {
                                             $v = $topLevelVolumes->get($source);
                                             if (data_get($v, 'driver_opts.type') === 'cifs') {
@@ -2532,7 +2538,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
 
             if ($pull_request_id !== 0 && count($serviceDependencies) > 0) {
                 $serviceDependencies = $serviceDependencies->map(function ($dependency) use ($pull_request_id) {
-                    return $dependency."-pr-$pull_request_id";
+                    return $dependency . "-pr-$pull_request_id";
                 });
                 data_set($service, 'depends_on', $serviceDependencies->toArray());
             }
@@ -2554,7 +2560,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                     $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
                         return $value == $networkName || $key == $networkName;
                     });
-                    if (! $networkExists) {
+                    if (!$networkExists) {
                         if (is_string($networkDetails) || is_int($networkDetails)) {
                             $topLevelNetworks->put($networkDetails, null);
                         }
@@ -2582,7 +2588,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
             $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
                 return $value == $definedNetwork;
             });
-            if (! $definedNetworkExists) {
+            if (!$definedNetworkExists) {
                 foreach ($definedNetwork as $network) {
                     if ($pull_request_id !== 0) {
                         $topLevelNetworks->put($network, [
@@ -2700,12 +2706,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                             'application_id' => $resource->id,
                         ])->first();
                         ['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value);
-                        if (! is_null($command)) {
+                        if (!is_null($command)) {
                             if ($command?->value() === 'FQDN' || $command?->value() === 'URL') {
                                 if (Str::lower($forService) === $serviceName) {
                                     $fqdn = generateFqdn($server, $containerName);
                                 } else {
-                                    $fqdn = generateFqdn($server, Str::lower($forService).'-'.$resource->uuid);
+                                    $fqdn = generateFqdn($server, Str::lower($forService) . '-' . $resource->uuid);
                                 }
                                 if ($port) {
                                     $fqdn = "$fqdn:$port";
@@ -2726,7 +2732,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
                                 }
                             } else {
                                 $generatedValue = generateEnvValue($command);
-                                if (! $foundEnv) {
+                                if (!$foundEnv) {
                                     EnvironmentVariable::create([
                                         'key' => $key,
                                         'value' => $generatedValue,
@@ -2898,7 +2904,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
             }
             data_set($service, 'labels', $serviceLabels->toArray());
             data_forget($service, 'is_database');
-            if (! data_get($service, 'restart')) {
+            if (!data_get($service, 'restart')) {
                 data_set($service, 'restart', RESTART_MODE);
             }
             data_set($service, 'container_name', $containerName);
@@ -2909,7 +2915,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
         });
         if ($pull_request_id !== 0) {
             $services->each(function ($service, $serviceName) use ($pull_request_id, $services) {
-                $services[$serviceName."-pr-$pull_request_id"] = $service;
+                $services[$serviceName . "-pr-$pull_request_id"] = $service;
                 data_forget($services, $serviceName);
             });
         }
@@ -2937,7 +2943,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
 
     $uuid = data_get($resource, 'uuid');
     $compose = data_get($resource, 'docker_compose_raw');
-    if (! $compose) {
+    if (!$compose) {
         return collect([]);
     }
 
@@ -3330,29 +3336,29 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
                         $isDirectory = data_get($foundConfig, 'is_directory');
                     } else {
                         // if isDirectory is not set (or false) & content is also not set, we assume it is a directory
-                        if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) {
+                        if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) {
                             $isDirectory = true;
                         }
                     }
                 }
                 if ($type->value() === 'bind') {
                     if ($source->value() === '/var/run/docker.sock') {
-                        $volume = $source->value().':'.$target->value();
+                        $volume = $source->value() . ':' . $target->value();
                     } elseif ($source->value() === '/tmp' || $source->value() === '/tmp/') {
-                        $volume = $source->value().':'.$target->value();
+                        $volume = $source->value() . ':' . $target->value();
                     } else {
                         if ((int) $resource->compose_parsing_version >= 4) {
                             if ($isApplication) {
-                                $mainDirectory = str(base_configuration_dir().'/applications/'.$uuid);
+                                $mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid);
                             } elseif ($isService) {
-                                $mainDirectory = str(base_configuration_dir().'/services/'.$uuid);
+                                $mainDirectory = str(base_configuration_dir() . '/services/' . $uuid);
                             }
                         } else {
-                            $mainDirectory = str(base_configuration_dir().'/applications/'.$uuid);
+                            $mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid);
                         }
                         $source = replaceLocalSource($source, $mainDirectory);
                         if ($isApplication && $isPullRequest) {
-                            $source = $source."-pr-$pullRequestId";
+                            $source = $source . "-pr-$pullRequestId";
                         }
                         LocalFileVolume::updateOrCreate(
                             [
@@ -3372,12 +3378,12 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
                         if (isDev()) {
                             if ((int) $resource->compose_parsing_version >= 4) {
                                 if ($isApplication) {
-                                    $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid);
+                                    $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid);
                                 } elseif ($isService) {
-                                    $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/'.$uuid);
+                                    $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/' . $uuid);
                                 }
                             } else {
-                                $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid);
+                                $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid);
                             }
                         }
                         $volume = "$source:$target";
@@ -3444,7 +3450,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
                 $depends_on = $newDependsOn;
             }
         }
-        if (! $use_network_mode) {
+        if (!$use_network_mode) {
             if ($topLevel->get('networks')?->count() > 0) {
                 foreach ($topLevel->get('networks') as $networkName => $network) {
                     if ($networkName === 'default') {
@@ -3457,7 +3463,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
                     $networkExists = $networks->contains(function ($value, $key) use ($networkName) {
                         return $value == $networkName || $key == $networkName;
                     });
-                    if (! $networkExists) {
+                    if (!$networkExists) {
                         $networks->put($networkName, null);
                     }
                 }
@@ -3465,7 +3471,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
             $baseNetworkExists = $networks->contains(function ($value, $_) use ($baseNetwork) {
                 return $value == $baseNetwork;
             });
-            if (! $baseNetworkExists) {
+            if (!$baseNetworkExists) {
                 foreach ($baseNetwork as $network) {
                     $topLevel->get('networks')->put($network, [
                         'name' => $network,
@@ -3497,7 +3503,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
 
         $networks_temp = collect();
 
-        if (! $use_network_mode) {
+        if (!$use_network_mode) {
             foreach ($networks as $key => $network) {
                 if (gettype($network) === 'string') {
                     // networks:
@@ -3528,7 +3534,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
 
         $normalEnvironments = $environment->diffKeys($allMagicEnvironments);
         $normalEnvironments = $normalEnvironments->filter(function ($value, $key) {
-            return ! str($value)->startsWith('SERVICE_');
+            return !str($value)->startsWith('SERVICE_');
         });
 
         foreach ($normalEnvironments as $key => $value) {
@@ -3548,7 +3554,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
 
                 continue;
             }
-            if (! $value->startsWith('$')) {
+            if (!$value->startsWith('$')) {
                 continue;
             }
             if ($key->value() === $parsedValue->value()) {
@@ -3679,7 +3685,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
             $defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id);
         }
         // Add COOLIFY_FQDN & COOLIFY_URL to environment
-        if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
+        if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
             $coolifyEnvironments->put('COOLIFY_URL', $fqdns->implode(','));
 
             $urls = $fqdns->map(function ($fqdn) {
@@ -3691,7 +3697,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
 
         if ($environment->count() > 0) {
             $environment = $environment->filter(function ($value, $key) {
-                return ! str($key)->startsWith('SERVICE_FQDN_');
+                return !str($key)->startsWith('SERVICE_FQDN_');
             })->map(function ($value, $key) use ($resource) {
                 // if value is empty, set it to null so if you set the environment variable in the .env file (Coolify's UI), it will used
                 if (str($value)->isEmpty()) {
@@ -3718,7 +3724,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
                 });
             }
         }
-        if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
+        if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
             if ($isApplication) {
                 $shouldGenerateLabelsExactly = $resource->destination->server->settings->generate_exact_labels;
                 $uuid = $resource->uuid;
@@ -3811,7 +3817,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
             'restart' => $restart->value(),
             'labels' => $serviceLabels,
         ]);
-        if (! $use_network_mode) {
+        if (!$use_network_mode) {
             $payload['networks'] = $networks_temp;
         }
         if ($ports->count() > 0) {
@@ -3871,7 +3877,7 @@ function isAssociativeArray($array)
         $array = $array->toArray();
     }
 
-    if (! is_array($array)) {
+    if (!is_array($array)) {
         throw new \InvalidArgumentException('Input must be an array or a Collection.');
     }
 
@@ -3984,7 +3990,7 @@ function instanceSettings()
 function loadConfigFromGit(string $repository, string $branch, string $base_directory, int $server_id, int $team_id)
 {
     $server = Server::find($server_id)->where('team_id', $team_id)->first();
-    if (! $server) {
+    if (!$server) {
         return;
     }
     $uuid = new Cuid2;
@@ -4011,7 +4017,7 @@ function loadConfigFromGit(string $repository, string $branch, string $base_dire
 
 function loggy($message = null, array $context = [])
 {
-    if (! isDev()) {
+    if (!isDev()) {
         return;
     }
     if (function_exists('ray') && config('app.debug')) {
@@ -4046,7 +4052,7 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla
         $limiterKey,
         $maxAttempts = 0,
         function () use (&$rateLimited, &$limiterKey, $callbackOnSuccess) {
-            isDev() && loggy('Rate limit not reached for '.$limiterKey);
+            isDev() && loggy('Rate limit not reached for ' . $limiterKey);
             $rateLimited = false;
 
             if ($callbackOnSuccess) {
@@ -4055,8 +4061,8 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla
         },
         $decaySeconds,
     );
-    if (! $executed) {
-        isDev() && loggy('Rate limit reached for '.$limiterKey.'. Rate limiter will be disabled for '.$decaySeconds.' seconds.');
+    if (!$executed) {
+        isDev() && loggy('Rate limit reached for ' . $limiterKey . '. Rate limiter will be disabled for ' . $decaySeconds . ' seconds.');
         $rateLimited = true;
     }
 
diff --git a/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php b/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
new file mode 100644
index 000000000..c3896a053
--- /dev/null
+++ b/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
@@ -0,0 +1,37 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration {
+    public function up(): void
+    {
+        Schema::table('teams', function (Blueprint $table) {
+            $table->boolean('slack_enabled')->default(false);
+            $table->string('slack_webhook_url')->nullable();
+            $table->boolean('slack_notifications_test')->default(false);
+            $table->boolean('slack_notifications_deployments')->default(false);
+            $table->boolean('slack_notifications_status_changes')->default(false);
+            $table->boolean('slack_notifications_database_backups')->default(false);
+            $table->boolean('slack_notifications_scheduled_tasks')->default(false);
+            $table->boolean('slack_notifications_server_disk_usage')->default(false);
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::table('teams', function (Blueprint $table) {
+            $table->dropColumn([
+                'slack_enabled',
+                'slack_webhook_url',
+                'slack_notifications_test',
+                'slack_notifications_deployments',
+                'slack_notifications_status_changes',
+                'slack_notifications_database_backups',
+                'slack_notifications_scheduled_tasks',
+                'slack_notifications_server_disk_usage',
+            ]);
+        });
+    }
+};
\ No newline at end of file
diff --git a/resources/views/components/notification/navbar.blade.php b/resources/views/components/notification/navbar.blade.php
index 0fbbc69a2..c4dbd25af 100644
--- a/resources/views/components/notification/navbar.blade.php
+++ b/resources/views/components/notification/navbar.blade.php
@@ -15,6 +15,10 @@
                 href="{{ route('notifications.discord') }}">
                 <button>Discord</button>
             </a>
+            <a class="{{ request()->routeIs('notifications.slack') ? 'dark:text-white' : '' }}"
+                href="{{ route('notifications.slack') }}">
+                <button>Slack</button>
+            </a>
         </nav>
     </div>
-</div>
+</div>
\ No newline at end of file
diff --git a/resources/views/livewire/notifications/slack.blade.php b/resources/views/livewire/notifications/slack.blade.php
new file mode 100644
index 000000000..b3685173c
--- /dev/null
+++ b/resources/views/livewire/notifications/slack.blade.php
@@ -0,0 +1,43 @@
+<div>
+    <x-slot:title>
+        Notifications | Coolify
+        </x-slot>
+        <x-notification.navbar />
+        <form wire:submit='submit' class="flex flex-col gap-4">
+            <div class="flex items-center gap-2">
+                <h2>Slack</h2>
+                <x-forms.button type="submit">
+                    Save
+                </x-forms.button>
+                @if ($slackEnabled)
+                    <x-forms.button class="normal-case dark:text-white btn btn-xs no-animation btn-primary"
+                        wire:click="sendTestNotification">
+                        Send Test Notifications
+                    </x-forms.button>
+                @endif
+            </div>
+            <div class="w-32">
+                <x-forms.checkbox instantSave="instantSaveSlackEnabled" id="slackEnabled" label="Enabled" />
+            </div>
+            <x-forms.input type="password"
+                helper="Generate a webhook in Slack.<br>Example: https://hooks.slack.com/services/...." required
+                id="slackWebhookUrl" label="Webhook" />
+        </form>
+        @if ($slackEnabled)
+            <h2 class="mt-4">Subscribe to events</h2>
+            <div class="w-64">
+                @if (isDev())
+                    <x-forms.checkbox instantSave="saveModel" id="slackNotificationsTest" label="Test" />
+                @endif
+                <x-forms.checkbox instantSave="saveModel" id="slackNotificationsStatusChanges"
+                    label="Container Status Changes" />
+                <x-forms.checkbox instantSave="saveModel" id="slackNotificationsDeployments"
+                    label="Application Deployments" />
+                <x-forms.checkbox instantSave="saveModel" id="slackNotificationsDatabaseBackups" label="Backup Status" />
+                <x-forms.checkbox instantSave="saveModel" id="slackNotificationsScheduledTasks"
+                    label="Scheduled Tasks Status" />
+                <x-forms.checkbox instantSave="saveModel" id="slackNotificationsServerDiskUsage"
+                    label="Server Disk Usage" />
+            </div>
+        @endif
+</div>
\ No newline at end of file
diff --git a/routes/web.php b/routes/web.php
index afe392052..7aa23ac95 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -133,6 +133,7 @@ Route::middleware(['auth', 'verified'])->group(function () {
         Route::get('/email', NotificationEmail::class)->name('notifications.email');
         Route::get('/telegram', NotificationTelegram::class)->name('notifications.telegram');
         Route::get('/discord', NotificationDiscord::class)->name('notifications.discord');
+        Route::get('/slack', App\Livewire\Notifications\Slack::class)->name('notifications.slack');
     });
 
     Route::prefix('storages')->group(function () {

From 80ed561374438076f50684453d65531bd63d09b2 Mon Sep 17 00:00:00 2001
From: Marvin von Rappard <marvin@von-rappard.ch>
Date: Tue, 12 Nov 2024 22:45:07 +0100
Subject: [PATCH 06/54] fix: add warning color

---
 app/Notifications/Dto/SlackMessage.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/Notifications/Dto/SlackMessage.php b/app/Notifications/Dto/SlackMessage.php
index efd0cf5e6..86532c65b 100644
--- a/app/Notifications/Dto/SlackMessage.php
+++ b/app/Notifications/Dto/SlackMessage.php
@@ -25,4 +25,9 @@ class SlackMessage
     {
         return '#00ff00';
     }
+
+    public static function warningColor(): string
+    {
+        return '#ffa500';
+    }
 }
\ No newline at end of file

From 40fb73ee8e06300b304dc7736111d8fd8fc64fc5 Mon Sep 17 00:00:00 2001
From: Marvin von Rappard <marvin@von-rappard.ch>
Date: Wed, 20 Nov 2024 13:01:56 +0100
Subject: [PATCH 07/54] fix: import NotificationSlack correctly

---
 routes/web.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/routes/web.php b/routes/web.php
index 2fc5046e5..d8ba925f2 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -13,6 +13,7 @@ use App\Livewire\ForcePasswordReset;
 use App\Livewire\Notifications\Discord as NotificationDiscord;
 use App\Livewire\Notifications\Email as NotificationEmail;
 use App\Livewire\Notifications\Telegram as NotificationTelegram;
+use App\Livewire\Notifications\Slack as NotificationSlack;
 use App\Livewire\Profile\Index as ProfileIndex;
 use App\Livewire\Project\Application\Configuration as ApplicationConfiguration;
 use App\Livewire\Project\Application\Deployment\Index as DeploymentIndex;
@@ -132,7 +133,7 @@ Route::middleware(['auth', 'verified'])->group(function () {
         Route::get('/email', NotificationEmail::class)->name('notifications.email');
         Route::get('/telegram', NotificationTelegram::class)->name('notifications.telegram');
         Route::get('/discord', NotificationDiscord::class)->name('notifications.discord');
-        Route::get('/slack', App\Livewire\Notifications\Slack::class)->name('notifications.slack');
+        Route::get('/slack', NotificationSlack::class)->name('notifications.slack');
     });
 
     Route::prefix('storages')->group(function () {
@@ -286,7 +287,7 @@ Route::middleware(['auth'])->group(function () {
                 'privateKey' => $privateKeyLocation,
                 'root' => '/',
             ]);
-            if (! $disk->exists($filename)) {
+            if (!$disk->exists($filename)) {
                 return response()->json(['message' => 'Backup not found.'], 404);
             }
 
@@ -298,7 +299,7 @@ Route::middleware(['auth'])->group(function () {
                 if ($stream === false || is_null($stream)) {
                     abort(500, 'Failed to open stream for the requested file.');
                 }
-                while (! feof($stream)) {
+                while (!feof($stream)) {
                     echo fread($stream, 2048);
                     flush();
                 }
@@ -306,7 +307,7 @@ Route::middleware(['auth'])->group(function () {
                 fclose($stream);
             }, 200, [
                 'Content-Type' => 'application/octet-stream',
-                'Content-Disposition' => 'attachment; filename="'.basename($filename).'"',
+                'Content-Disposition' => 'attachment; filename="' . basename($filename) . '"',
             ]);
         } catch (\Throwable $e) {
             return response()->json(['message' => $e->getMessage()], 500);

From 1f499c148867295b1db3f329330c01d7e4d3fe8a Mon Sep 17 00:00:00 2001
From: Vishwanath Martur <64204611+vishwamartur@users.noreply.github.com>
Date: Sat, 23 Nov 2024 13:04:54 +0530
Subject: [PATCH 08/54] Add no encryption option for SMTP settings

Related to #4311

Add option to configure SMTP settings without encryption.

* Update `app/Livewire/Notifications/Email.php` and `app/Livewire/SettingsEmail.php` to include "No Encryption" option in the `smtpEncryption` field and update validation rules.
* Modify `app/Notifications/Channels/EmailChannel.php` to handle the "No Encryption" option in the `bootConfigs` method.
* Add `set_transanctional_email_settings` function in `app/Livewire/Help.php` to support the "No Encryption" option.
* Update `config/mail.php` to handle the "No Encryption" option in the mail configuration.
---
 app/Livewire/Help.php                       | 32 +++++++++++++++++++++
 app/Livewire/Notifications/Email.php        |  2 +-
 app/Livewire/SettingsEmail.php              |  2 +-
 app/Notifications/Channels/EmailChannel.php |  2 +-
 config/mail.php                             |  2 +-
 5 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/app/Livewire/Help.php b/app/Livewire/Help.php
index f51527fbe..aa354e94e 100644
--- a/app/Livewire/Help.php
+++ b/app/Livewire/Help.php
@@ -56,3 +56,35 @@ class Help extends Component
         return view('livewire.help')->layout('layouts.app');
     }
 }
+
+function set_transanctional_email_settings($settings = null)
+{
+    if (is_null($settings)) {
+        $settings = instanceSettings();
+    }
+
+    if ($settings->resend_enabled) {
+        config()->set('mail.default', 'resend');
+        config()->set('resend.api_key', $settings->resend_api_key);
+
+        return 'resend';
+    }
+
+    if ($settings->smtp_enabled) {
+        config()->set('mail.default', 'smtp');
+        config()->set('mail.mailers.smtp', [
+            'transport' => 'smtp',
+            'host' => $settings->smtp_host,
+            'port' => $settings->smtp_port,
+            'encryption' => $settings->smtp_encryption === 'none' ? null : $settings->smtp_encryption,
+            'username' => $settings->smtp_username,
+            'password' => $settings->smtp_password,
+            'timeout' => $settings->smtp_timeout,
+            'local_domain' => null,
+        ]);
+
+        return 'smtp';
+    }
+
+    return false;
+}
diff --git a/app/Livewire/Notifications/Email.php b/app/Livewire/Notifications/Email.php
index fcedf1305..682180aa8 100644
--- a/app/Livewire/Notifications/Email.php
+++ b/app/Livewire/Notifications/Email.php
@@ -37,7 +37,7 @@ class Email extends Component
     #[Validate(['nullable', 'numeric'])]
     public ?int $smtpPort = null;
 
-    #[Validate(['nullable', 'string'])]
+    #[Validate(['nullable', 'string', 'in:tls,ssl,none'])]
     public ?string $smtpEncryption = null;
 
     #[Validate(['nullable', 'string'])]
diff --git a/app/Livewire/SettingsEmail.php b/app/Livewire/SettingsEmail.php
index 61f720b3a..abf3a12f9 100644
--- a/app/Livewire/SettingsEmail.php
+++ b/app/Livewire/SettingsEmail.php
@@ -19,7 +19,7 @@ class SettingsEmail extends Component
     #[Validate(['nullable', 'numeric', 'min:1', 'max:65535'])]
     public ?int $smtpPort = null;
 
-    #[Validate(['nullable', 'string'])]
+    #[Validate(['nullable', 'string', 'in:tls,ssl,none'])]
     public ?string $smtpEncryption = null;
 
     #[Validate(['nullable', 'string'])]
diff --git a/app/Notifications/Channels/EmailChannel.php b/app/Notifications/Channels/EmailChannel.php
index af9af978d..e745990e4 100644
--- a/app/Notifications/Channels/EmailChannel.php
+++ b/app/Notifications/Channels/EmailChannel.php
@@ -66,7 +66,7 @@ class EmailChannel
                 'transport' => 'smtp',
                 'host' => data_get($notifiable, 'smtp_host'),
                 'port' => data_get($notifiable, 'smtp_port'),
-                'encryption' => data_get($notifiable, 'smtp_encryption'),
+                'encryption' => data_get($notifiable, 'smtp_encryption') === 'none' ? null : data_get($notifiable, 'smtp_encryption'),
                 'username' => data_get($notifiable, 'smtp_username'),
                 'password' => data_get($notifiable, 'smtp_password'),
                 'timeout' => data_get($notifiable, 'smtp_timeout'),
diff --git a/config/mail.php b/config/mail.php
index 26af507d9..b36bd363c 100644
--- a/config/mail.php
+++ b/config/mail.php
@@ -38,7 +38,7 @@ return [
             'transport' => 'smtp',
             'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
             'port' => env('MAIL_PORT', 587),
-            'encryption' => env('MAIL_ENCRYPTION', 'tls'),
+            'encryption' => env('MAIL_ENCRYPTION', 'tls') === 'none' ? null : env('MAIL_ENCRYPTION', 'tls'),
             'username' => env('MAIL_USERNAME'),
             'password' => env('MAIL_PASSWORD'),
             'timeout' => null,

From f45411f3d6f869ea52ccc0022a28856e31830cc5 Mon Sep 17 00:00:00 2001
From: Vishwanath Martur <64204611+vishwamartur@users.noreply.github.com>
Date: Sat, 23 Nov 2024 13:08:53 +0530
Subject: [PATCH 09/54] Fix metrics error when data is less than selected date

Related to #4309

Fix the 'sql: Scan error on column index 5, name "usedPercent": converting NULL to float64 is unsupported' error on the metrics page.

* Update the `getMemoryMetrics` method in `app/Models/Server.php` to handle NULL values for the "usedPercent" field by setting them to 0.0.
* Add a check for NULL values in the `getMemoryMetrics` method before converting to float64.
---
 app/Models/Server.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Models/Server.php b/app/Models/Server.php
index 5bbd13ac7..1e872227a 100644
--- a/app/Models/Server.php
+++ b/app/Models/Server.php
@@ -611,7 +611,8 @@ $schema://$host {
             }
             $memory = json_decode($memory, true);
             $parsedCollection = collect($memory)->map(function ($metric) {
-                return [(int) $metric['time'], (float) $metric['usedPercent']];
+                $usedPercent = $metric['usedPercent'] ?? 0.0;
+                return [(int) $metric['time'], (float) $usedPercent];
             });
 
             return $parsedCollection->toArray();

From a836d78f0bb7716134f2424d917636046b41e91a Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Mon, 25 Nov 2024 14:07:50 +0100
Subject: [PATCH 10/54] remove unnecessary function

---
 app/Livewire/Help.php | 32 --------------------------------
 1 file changed, 32 deletions(-)

diff --git a/app/Livewire/Help.php b/app/Livewire/Help.php
index aa354e94e..f51527fbe 100644
--- a/app/Livewire/Help.php
+++ b/app/Livewire/Help.php
@@ -56,35 +56,3 @@ class Help extends Component
         return view('livewire.help')->layout('layouts.app');
     }
 }
-
-function set_transanctional_email_settings($settings = null)
-{
-    if (is_null($settings)) {
-        $settings = instanceSettings();
-    }
-
-    if ($settings->resend_enabled) {
-        config()->set('mail.default', 'resend');
-        config()->set('resend.api_key', $settings->resend_api_key);
-
-        return 'resend';
-    }
-
-    if ($settings->smtp_enabled) {
-        config()->set('mail.default', 'smtp');
-        config()->set('mail.mailers.smtp', [
-            'transport' => 'smtp',
-            'host' => $settings->smtp_host,
-            'port' => $settings->smtp_port,
-            'encryption' => $settings->smtp_encryption === 'none' ? null : $settings->smtp_encryption,
-            'username' => $settings->smtp_username,
-            'password' => $settings->smtp_password,
-            'timeout' => $settings->smtp_timeout,
-            'local_domain' => null,
-        ]);
-
-        return 'smtp';
-    }
-
-    return false;
-}

From b3f968db76193f62dc51f4bb2bf996358441cc17 Mon Sep 17 00:00:00 2001
From: SierraJC <7351311+SierraJC@users.noreply.github.com>
Date: Sun, 1 Dec 2024 10:15:45 +1100
Subject: [PATCH 11/54] fix: missing `mysql_password` API property

---
 app/Http/Controllers/Api/DatabasesController.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index ce658d2a2..21816557f 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -213,6 +213,7 @@ class DatabasesController extends Controller
                         'mongo_initdb_root_password' => ['type' => 'string', 'description' => 'Mongo initdb root password'],
                         'mongo_initdb_init_database' => ['type' => 'string', 'description' => 'Mongo initdb init database'],
                         'mysql_root_password' => ['type' => 'string', 'description' => 'MySQL root password'],
+                        'mysql_password' => ['type' => 'string', 'description' => 'MySQL password'],
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
@@ -443,9 +444,10 @@ class DatabasesController extends Controller
 
                 break;
             case 'standalone-mysql':
-                $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mysql_root_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
+                $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
                 $validator = customApiValidator($request->all(), [
                     'mysql_root_password' => 'string',
+                    'mysql_password' => 'string',
                     'mysql_user' => 'string',
                     'mysql_database' => 'string',
                     'mysql_conf' => 'string',
@@ -909,6 +911,7 @@ class DatabasesController extends Controller
                         'environment_name' => ['type' => 'string', 'description' => 'Name of the environment'],
                         'destination_uuid' => ['type' => 'string', 'description' => 'UUID of the destination if the server has multiple destinations'],
                         'mysql_root_password' => ['type' => 'string', 'description' => 'MySQL root password'],
+                        'mysql_password' => ['type' => 'string', 'description' => 'MySQL password'],
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
                         'mysql_database' => ['type' => 'string', 'description' => 'MySQL database'],
                         'mysql_conf' => ['type' => 'string', 'description' => 'MySQL conf'],
@@ -1013,7 +1016,7 @@ class DatabasesController extends Controller
 
     public function create_database(Request $request, NewDatabaseTypes $type)
     {
-        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database', 'mysql_root_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
+        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
 
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
@@ -1220,9 +1223,10 @@ class DatabasesController extends Controller
 
             return response()->json(serializeApiResponse($payload))->setStatusCode(201);
         } elseif ($type === NewDatabaseTypes::MYSQL) {
-            $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mysql_user', 'mysql_database', 'mysql_conf'];
+            $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
             $validator = customApiValidator($request->all(), [
                 'mysql_root_password' => 'string',
+                'mysql_password' => 'string',
                 'mysql_user' => 'string',
                 'mysql_database' => 'string',
                 'mysql_conf' => 'string',

From f279729f088629ecdf4de3b058540c40c34f19bb Mon Sep 17 00:00:00 2001
From: SierraJC <7351311+SierraJC@users.noreply.github.com>
Date: Sun, 1 Dec 2024 10:16:41 +1100
Subject: [PATCH 12/54] fix: incorrect MongoDB init API property

---
 app/Http/Controllers/Api/DatabasesController.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index 21816557f..58c4467e9 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -211,7 +211,7 @@ class DatabasesController extends Controller
                         'mongo_conf' => ['type' => 'string', 'description' => 'Mongo conf'],
                         'mongo_initdb_root_username' => ['type' => 'string', 'description' => 'Mongo initdb root username'],
                         'mongo_initdb_root_password' => ['type' => 'string', 'description' => 'Mongo initdb root password'],
-                        'mongo_initdb_init_database' => ['type' => 'string', 'description' => 'Mongo initdb init database'],
+                        'mongo_initdb_database' => ['type' => 'string', 'description' => 'Mongo initdb init database'],
                         'mysql_root_password' => ['type' => 'string', 'description' => 'MySQL root password'],
                         'mysql_password' => ['type' => 'string', 'description' => 'MySQL password'],
                         'mysql_user' => ['type' => 'string', 'description' => 'MySQL user'],
@@ -242,7 +242,7 @@ class DatabasesController extends Controller
     )]
     public function update_by_uuid(Request $request)
     {
-        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database', 'mysql_root_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
+        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
             return invalidTokenResponse();
@@ -414,12 +414,12 @@ class DatabasesController extends Controller
                 }
                 break;
             case 'standalone-mongodb':
-                $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database'];
+                $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database'];
                 $validator = customApiValidator($request->all(), [
                     'mongo_conf' => 'string',
                     'mongo_initdb_root_username' => 'string',
                     'mongo_initdb_root_password' => 'string',
-                    'mongo_initdb_init_database' => 'string',
+                    'mongo_initdb_database' => 'string',
                 ]);
                 if ($request->has('mongo_conf')) {
                     if (! isBase64Encoded($request->mongo_conf)) {
@@ -1016,7 +1016,7 @@ class DatabasesController extends Controller
 
     public function create_database(Request $request, NewDatabaseTypes $type)
     {
-        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
+        $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf', 'clickhouse_admin_user', 'clickhouse_admin_password', 'dragonfly_password', 'redis_password', 'redis_conf', 'keydb_password', 'keydb_conf', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database', 'mysql_root_password', 'mysql_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
 
         $teamId = getTeamIdFromToken();
         if (is_null($teamId)) {
@@ -1460,12 +1460,12 @@ class DatabasesController extends Controller
 
             return response()->json(serializeApiResponse($payload))->setStatusCode(201);
         } elseif ($type === NewDatabaseTypes::MONGODB) {
-            $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database'];
+            $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'project_uuid', 'environment_name', 'server_uuid', 'destination_uuid', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_database'];
             $validator = customApiValidator($request->all(), [
                 'mongo_conf' => 'string',
                 'mongo_initdb_root_username' => 'string',
                 'mongo_initdb_root_password' => 'string',
-                'mongo_initdb_init_database' => 'string',
+                'mongo_initdb_database' => 'string',
             ]);
             $extraFields = array_diff(array_keys($request->all()), $allowedFields);
             if ($validator->fails() || ! empty($extraFields)) {

From ce6602eb6398a2f99edb4180b300d89d19e186d5 Mon Sep 17 00:00:00 2001
From: SierraJC <7351311+SierraJC@users.noreply.github.com>
Date: Sun, 1 Dec 2024 10:17:49 +1100
Subject: [PATCH 13/54] chore: regenerate openapi spec

---
 openapi.json | 10 +++++++++-
 openapi.yaml |  8 +++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/openapi.json b/openapi.json
index 2ec218438..5d35331ec 100644
--- a/openapi.json
+++ b/openapi.json
@@ -3011,7 +3011,7 @@
                                         "type": "string",
                                         "description": "Mongo initdb root password"
                                     },
-                                    "mongo_initdb_init_database": {
+                                    "mongo_initdb_database": {
                                         "type": "string",
                                         "description": "Mongo initdb init database"
                                     },
@@ -3019,6 +3019,10 @@
                                         "type": "string",
                                         "description": "MySQL root password"
                                     },
+                                    "mysql_password": {
+                                        "type": "string",
+                                        "description": "MySQL password"
+                                    },
                                     "mysql_user": {
                                         "type": "string",
                                         "description": "MySQL user"
@@ -3842,6 +3846,10 @@
                                         "type": "string",
                                         "description": "MySQL root password"
                                     },
+                                    "mysql_password": {
+                                        "type": "string",
+                                        "description": "MySQL password"
+                                    },
                                     "mysql_user": {
                                         "type": "string",
                                         "description": "MySQL user"
diff --git a/openapi.yaml b/openapi.yaml
index 2a22c730c..20bf34873 100644
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -2089,12 +2089,15 @@ paths:
                 mongo_initdb_root_password:
                   type: string
                   description: 'Mongo initdb root password'
-                mongo_initdb_init_database:
+                mongo_initdb_database:
                   type: string
                   description: 'Mongo initdb init database'
                 mysql_root_password:
                   type: string
                   description: 'MySQL root password'
+                mysql_password:
+                  type: string
+                  description: 'MySQL password'
                 mysql_user:
                   type: string
                   description: 'MySQL user'
@@ -2684,6 +2687,9 @@ paths:
                 mysql_root_password:
                   type: string
                   description: 'MySQL root password'
+                mysql_password:
+                  type: string
+                  description: 'MySQL password'
                 mysql_user:
                   type: string
                   description: 'MySQL user'

From c74728162ede3aa137affd457bdc606d0d69be77 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 12:41:56 +0100
Subject: [PATCH 14/54] wip: test rename GitHub app

---
 app/Livewire/Source/Github/Change.php                  |  5 +++++
 .../views/livewire/source/github/change.blade.php      | 10 +++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 07cef54f9..79cc02219 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -142,6 +142,11 @@ class Change extends Component
         }
     }
 
+    public function getUpdatePath()
+    {
+        return "{$this->github_app->html_url}/settings/apps/{$this->github_app->app_id}";
+    }
+
     public function submit()
     {
         try {
diff --git a/resources/views/livewire/source/github/change.blade.php b/resources/views/livewire/source/github/change.blade.php
index 5e576fa85..215c54411 100644
--- a/resources/views/livewire/source/github/change.blade.php
+++ b/resources/views/livewire/source/github/change.blade.php
@@ -58,7 +58,15 @@
             @else
                 <div class="flex flex-col gap-2">
                     <div class="flex gap-2">
-                        <x-forms.input id="github_app.name" label="App Name" disabled />
+                        <div class="flex items-end gap-2 w-full">
+                            <x-forms.input id="github_app.name" label="App Name" disabled />
+                            <a href="{{ $this->getUpdatePath() }}">
+                                <x-forms.button>
+                                    Update
+                                    <x-external-link />
+                                </x-forms.button>
+                            </a>
+                        </div>
                         <x-forms.input id="github_app.organization" label="Organization" disabled
                             placeholder="If empty, personal user will be used" />
                     </div>

From f38196c4213e1358d89c35c66f4c3b4f8ba6e258 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 12:54:20 +0100
Subject: [PATCH 15/54] fix: URL and sync new app name

---
 app/Livewire/Source/Github/Change.php | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 79cc02219..5d57ecf1e 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -4,6 +4,7 @@ namespace App\Livewire\Source\Github;
 
 use App\Jobs\GithubAppPermissionJob;
 use App\Models\GithubApp;
+use Illuminate\Support\Facades\Http;
 use Livewire\Component;
 
 class Change extends Component
@@ -144,7 +145,29 @@ class Change extends Component
 
     public function getUpdatePath()
     {
-        return "{$this->github_app->html_url}/settings/apps/{$this->github_app->app_id}";
+        return "{$this->github_app->html_url}/settings/apps/{$this->github_app->name}";
+    }
+
+    public function syncGithubAppName()
+    {
+        try {
+            $github_access_token = generate_github_installation_token($this->github_app);
+
+            $response = Http::withToken($github_access_token)
+                ->get("{$this->github_app->api_url}/app");
+
+            if ($response->successful()) {
+                $app_data = $response->json();
+                if ($app_data['name'] !== $this->github_app->name) {
+                    $this->github_app->name = $app_data['name'];
+                    $this->github_app->save();
+                    $this->name = str($this->github_app->name)->kebab();
+                    $this->dispatch('success', 'Github App name synchronized.');
+                }
+            }
+        } catch (\Throwable $e) {
+            return handleError($e, $this);
+        }
     }
 
     public function submit()

From 737e81aa38f854b860047e3782912e33cab244a3 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 13:12:58 +0100
Subject: [PATCH 16/54] wip button to sync new app name

---
 app/Livewire/Source/Github/Change.php         | 20 ++++++++++++++-----
 .../livewire/source/github/change.blade.php   |  1 +
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 5d57ecf1e..55ced1e3e 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -154,16 +154,26 @@ class Change extends Component
             $github_access_token = generate_github_installation_token($this->github_app);
 
             $response = Http::withToken($github_access_token)
-                ->get("{$this->github_app->api_url}/app");
+                ->withHeaders([
+                    'Accept' => 'application/vnd.github+json',
+                    'X-GitHub-Api-Version' => '2022-11-28',
+                ])
+                ->get("{$this->github_app->api_url}/installation/repositories");
 
             if ($response->successful()) {
                 $app_data = $response->json();
-                if ($app_data['name'] !== $this->github_app->name) {
-                    $this->github_app->name = $app_data['name'];
+                $app_name = data_get($app_data, 'installation.app_slug');
+
+                if ($app_name && $app_name !== $this->github_app->name) {
+                    $this->github_app->name = $app_name;
+                    $this->name = str($app_name)->kebab();
                     $this->github_app->save();
-                    $this->name = str($this->github_app->name)->kebab();
-                    $this->dispatch('success', 'Github App name synchronized.');
+                    $this->dispatch('success', 'Github App name synchronized successfully.');
+                } else {
+                    $this->dispatch('info', 'Github App name is already up to date.');
                 }
+            } else {
+                $this->dispatch('error', 'Failed to fetch Github App information. Status: '.$response->status());
             }
         } catch (\Throwable $e) {
             return handleError($e, $this);
diff --git a/resources/views/livewire/source/github/change.blade.php b/resources/views/livewire/source/github/change.blade.php
index 215c54411..2d873b465 100644
--- a/resources/views/livewire/source/github/change.blade.php
+++ b/resources/views/livewire/source/github/change.blade.php
@@ -60,6 +60,7 @@
                     <div class="flex gap-2">
                         <div class="flex items-end gap-2 w-full">
                             <x-forms.input id="github_app.name" label="App Name" disabled />
+                            <x-forms.button wire:click.prevent="syncGithubAppName">Sync Name</x-forms.button>
                             <a href="{{ $this->getUpdatePath() }}">
                                 <x-forms.button>
                                     Update

From a2860971a6dc8b17072b18962552ff604c28d552 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 14:36:30 +0100
Subject: [PATCH 17/54] try jwt

---
 app/Livewire/Source/Github/Change.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 55ced1e3e..4c41cb9e4 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -151,18 +151,18 @@ class Change extends Component
     public function syncGithubAppName()
     {
         try {
-            $github_access_token = generate_github_installation_token($this->github_app);
+            $jwt = $this->github_app->generateJWT();
 
-            $response = Http::withToken($github_access_token)
+            $response = Http::withToken($jwt)
                 ->withHeaders([
                     'Accept' => 'application/vnd.github+json',
                     'X-GitHub-Api-Version' => '2022-11-28',
                 ])
-                ->get("{$this->github_app->api_url}/installation/repositories");
+                ->get('https://api.github.com/app');
 
             if ($response->successful()) {
                 $app_data = $response->json();
-                $app_name = data_get($app_data, 'installation.app_slug');
+                $app_name = $app_data['name'] ?? null;
 
                 if ($app_name && $app_name !== $this->github_app->name) {
                     $this->github_app->name = $app_name;
@@ -170,7 +170,7 @@ class Change extends Component
                     $this->github_app->save();
                     $this->dispatch('success', 'Github App name synchronized successfully.');
                 } else {
-                    $this->dispatch('info', 'Github App name is already up to date.');
+                    $this->dispatch('info', 'If you changed the name in GitHub, please wait a few moments and try syncing again.');
                 }
             } else {
                 $this->dispatch('error', 'Failed to fetch Github App information. Status: '.$response->status());

From 6d43bbc6b95c552bf3398517a4b79c9b06a48642 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 14:43:11 +0100
Subject: [PATCH 18/54] fix naming

---
 app/Livewire/Source/Github/Change.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 4c41cb9e4..4f76d7299 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -151,14 +151,14 @@ class Change extends Component
     public function syncGithubAppName()
     {
         try {
-            $jwt = $this->github_app->generateJWT();
+            $github_access_token = generate_github_installation_token($this->github_app);
 
-            $response = Http::withToken($jwt)
+            $response = Http::withToken($github_access_token)
                 ->withHeaders([
                     'Accept' => 'application/vnd.github+json',
                     'X-GitHub-Api-Version' => '2022-11-28',
                 ])
-                ->get('https://api.github.com/app');
+                ->get("{$this->github_app->api_url}/app");
 
             if ($response->successful()) {
                 $app_data = $response->json();

From 56f6bdf7a776b951cdad2920c4e3b07a196ada00 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 15:11:35 +0100
Subject: [PATCH 19/54] use private key to make a jwt

---
 app/Livewire/Source/Github/Change.php | 58 +++++++++++++++++++++------
 1 file changed, 45 insertions(+), 13 deletions(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 4f76d7299..4968a549d 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -4,7 +4,11 @@ namespace App\Livewire\Source\Github;
 
 use App\Jobs\GithubAppPermissionJob;
 use App\Models\GithubApp;
+use App\Models\PrivateKey;
 use Illuminate\Support\Facades\Http;
+use Lcobucci\JWT\Configuration;
+use Lcobucci\JWT\Signer\Key\InMemory;
+use Lcobucci\JWT\Signer\Rsa\Sha256;
 use Livewire\Component;
 
 class Change extends Component
@@ -148,32 +152,60 @@ class Change extends Component
         return "{$this->github_app->html_url}/settings/apps/{$this->github_app->name}";
     }
 
+    private function generateGithubJwt($private_key, $app_id): string
+    {
+        $configuration = Configuration::forAsymmetricSigner(
+            new Sha256,
+            InMemory::plainText($private_key),
+            InMemory::plainText($private_key)
+        );
+
+        $now = time();
+
+        return $configuration->builder()
+            ->issuedBy((string) $app_id)
+            ->permittedFor('https://api.github.com')
+            ->identifiedBy((string) $now)
+            ->issuedAt(new \DateTimeImmutable("@{$now}"))
+            ->expiresAt(new \DateTimeImmutable('@'.($now + 600)))
+            ->getToken($configuration->signer(), $configuration->signingKey())
+            ->toString();
+    }
+
     public function syncGithubAppName()
     {
         try {
-            $github_access_token = generate_github_installation_token($this->github_app);
+            $privateKey = PrivateKey::find($this->github_app->private_key_id);
 
-            $response = Http::withToken($github_access_token)
-                ->withHeaders([
-                    'Accept' => 'application/vnd.github+json',
-                    'X-GitHub-Api-Version' => '2022-11-28',
-                ])
-                ->get("{$this->github_app->api_url}/app");
+            if (! $privateKey) {
+                $this->dispatch('error', 'Private key not found for this GitHub App.');
+
+                return;
+            }
+
+            $jwt = $this->generateGithubJwt($privateKey->private_key, $this->github_app->app_id);
+
+            $response = Http::withHeaders([
+                'Accept' => 'application/vnd.github+json',
+                'X-GitHub-Api-Version' => '2022-11-28',
+                'Authorization' => "Bearer {$jwt}",
+            ])->get("{$this->github_app->api_url}/app");
 
             if ($response->successful()) {
                 $app_data = $response->json();
-                $app_name = $app_data['name'] ?? null;
+                $app_slug = $app_data['slug'] ?? null;
 
-                if ($app_name && $app_name !== $this->github_app->name) {
-                    $this->github_app->name = $app_name;
-                    $this->name = str($app_name)->kebab();
+                if ($app_slug) {
+                    $this->github_app->name = $app_slug;
+                    $this->name = str($app_slug)->kebab();
                     $this->github_app->save();
                     $this->dispatch('success', 'Github App name synchronized successfully.');
                 } else {
-                    $this->dispatch('info', 'If you changed the name in GitHub, please wait a few moments and try syncing again.');
+                    $this->dispatch('info', 'Could not find app slug in GitHub response.');
                 }
             } else {
-                $this->dispatch('error', 'Failed to fetch Github App information. Status: '.$response->status());
+                $error_message = $response->json()['message'] ?? 'Unknown error';
+                $this->dispatch('error', "Failed to fetch Github App information: {$error_message}");
             }
         } catch (\Throwable $e) {
             return handleError($e, $this);

From 5f985426abc7d11f8d16fb675f6c3430fc4e6ae1 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 15:27:20 +0100
Subject: [PATCH 20/54] feat: update private key nam with new slug as well

---
 app/Http/Controllers/Webhook/Github.php | 2 +-
 app/Livewire/Source/Github/Change.php   | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Webhook/Github.php b/app/Http/Controllers/Webhook/Github.php
index 3683adaa8..ac1d4ded2 100644
--- a/app/Http/Controllers/Webhook/Github.php
+++ b/app/Http/Controllers/Webhook/Github.php
@@ -463,7 +463,7 @@ class Github extends Controller
             $private_key = data_get($data, 'pem');
             $webhook_secret = data_get($data, 'webhook_secret');
             $private_key = PrivateKey::create([
-                'name' => $slug,
+                'name' => "github-app-{$slug}",
                 'private_key' => $private_key,
                 'team_id' => $github_app->team_id,
                 'is_git_related' => true,
diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 4968a549d..7f9200891 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -198,8 +198,10 @@ class Change extends Component
                 if ($app_slug) {
                     $this->github_app->name = $app_slug;
                     $this->name = str($app_slug)->kebab();
+                    $privateKey->name = "github-app-{$app_slug}";
+                    $privateKey->save();
                     $this->github_app->save();
-                    $this->dispatch('success', 'Github App name synchronized successfully.');
+                    $this->dispatch('success', 'Github App name and SSH key name synchronized successfully.');
                 } else {
                     $this->dispatch('info', 'Could not find app slug in GitHub response.');
                 }

From fef8d0c62c103df93d840d3e86eab488940915fb Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 15:50:45 +0100
Subject: [PATCH 21/54] fix: typos and naming

---
 app/Livewire/Source/Github/Change.php              | 14 ++++++++------
 .../views/livewire/source/github/change.blade.php  |  8 +++++---
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 7f9200891..b1f0605bb 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -62,6 +62,7 @@ class Change extends Component
         $this->github_app->refresh()->makeVisible('client_secret')->makeVisible('webhook_secret');
         $this->dispatch('success', 'Github App permissions updated.');
     }
+
     // public function check()
     // {
 
@@ -95,6 +96,7 @@ class Change extends Component
 
     //     ray($runners_by_repository);
     // }
+
     public function mount()
     {
         try {
@@ -147,7 +149,7 @@ class Change extends Component
         }
     }
 
-    public function getUpdatePath()
+    public function getGithubAppNameUpdatePath()
     {
         return "{$this->github_app->html_url}/settings/apps/{$this->github_app->name}";
     }
@@ -172,13 +174,13 @@ class Change extends Component
             ->toString();
     }
 
-    public function syncGithubAppName()
+    public function updateGithubAppName()
     {
         try {
             $privateKey = PrivateKey::find($this->github_app->private_key_id);
 
             if (! $privateKey) {
-                $this->dispatch('error', 'Private key not found for this GitHub App.');
+                $this->dispatch('error', 'No private key found for this GitHub App.');
 
                 return;
             }
@@ -201,13 +203,13 @@ class Change extends Component
                     $privateKey->name = "github-app-{$app_slug}";
                     $privateKey->save();
                     $this->github_app->save();
-                    $this->dispatch('success', 'Github App name and SSH key name synchronized successfully.');
+                    $this->dispatch('success', 'GitHub App name and SSH key name synchronized successfully.');
                 } else {
-                    $this->dispatch('info', 'Could not find app slug in GitHub response.');
+                    $this->dispatch('info', 'Could not find App Name (slug) in GitHub response.');
                 }
             } else {
                 $error_message = $response->json()['message'] ?? 'Unknown error';
-                $this->dispatch('error', "Failed to fetch Github App information: {$error_message}");
+                $this->dispatch('error', "Failed to fetch GitHub App information: {$error_message}");
             }
         } catch (\Throwable $e) {
             return handleError($e, $this);
diff --git a/resources/views/livewire/source/github/change.blade.php b/resources/views/livewire/source/github/change.blade.php
index 2d873b465..3c11646c2 100644
--- a/resources/views/livewire/source/github/change.blade.php
+++ b/resources/views/livewire/source/github/change.blade.php
@@ -60,10 +60,12 @@
                     <div class="flex gap-2">
                         <div class="flex items-end gap-2 w-full">
                             <x-forms.input id="github_app.name" label="App Name" disabled />
-                            <x-forms.button wire:click.prevent="syncGithubAppName">Sync Name</x-forms.button>
-                            <a href="{{ $this->getUpdatePath() }}">
+                            <x-forms.button wire:click.prevent="updateGithubAppName" class="bg-coollabs">
+                                Sync Name
+                            </x-forms.button>
+                            <a href="{{ $this->getGithubAppNameUpdatePath() }}">
                                 <x-forms.button>
-                                    Update
+                                    Rename
                                     <x-external-link />
                                 </x-forms.button>
                             </a>

From f51300a19213df0d29fbf0161fc91495bd296c52 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Tue, 3 Dec 2024 16:17:35 +0100
Subject: [PATCH 22/54] fix: client and webhook secret disappear after sync

---
 app/Livewire/Source/Github/Change.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index b1f0605bb..51c5ae3e9 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -56,6 +56,13 @@ class Change extends Component
         'github_app.administration' => 'nullable|string',
     ];
 
+    public function boot()
+    {
+        if ($this->github_app) {
+            $this->github_app->makeVisible(['client_secret', 'webhook_secret']);
+        }
+    }
+
     public function checkPermissions()
     {
         GithubAppPermissionJob::dispatchSync($this->github_app);
@@ -102,10 +109,10 @@ class Change extends Component
         try {
             $github_app_uuid = request()->github_app_uuid;
             $this->github_app = GithubApp::ownedByCurrentTeam()->whereUuid($github_app_uuid)->firstOrFail();
+            $this->github_app->makeVisible(['client_secret', 'webhook_secret']);
 
             $this->applications = $this->github_app->applications;
             $settings = instanceSettings();
-            $this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
 
             $this->name = str($this->github_app->name)->kebab();
             $this->fqdn = $settings->fqdn;

From a9e7eff5d06e415300ee4c0d324ba338775a0742 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Wed, 4 Dec 2024 22:30:55 +0100
Subject: [PATCH 23/54] Update postiz.yaml with Email Provider Fix
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Small Bug Fix:

“EMAIL_PRROVIDER” was missing. This made the Email Invitations unusable.
---
 templates/compose/postiz.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/postiz.yaml b/templates/compose/postiz.yaml
index 503d0f67e..6060fb8a6 100644
--- a/templates/compose/postiz.yaml
+++ b/templates/compose/postiz.yaml
@@ -35,6 +35,7 @@ services:
       - RESEND_API_KEY=${RESEND_API_KEY}
       - EMAIL_FROM_ADDRESS=${EMAIL_FROM_ADDRESS}
       - EMAIL_FROM_NAME=${EMAIL_FROM_NAME}
+      - EMAIL_PROVIDER=${EMAIL_PROVIDER}
       
       # Social Media API Settings
       - X_API_KEY=${SERVICE_X_API}

From c4d326da3ef00026d3041ac80d5614e77ba0d812 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 10:14:00 +0100
Subject: [PATCH 24/54] version++

---
 config/constants.php | 2 +-
 versions.json        | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/constants.php b/config/constants.php
index 4923cfc15..f7d5a7831 100644
--- a/config/constants.php
+++ b/config/constants.php
@@ -2,7 +2,7 @@
 
 return [
     'coolify' => [
-        'version' => '4.0.0-beta.375',
+        'version' => '4.0.0-beta.376',
         'self_hosted' => env('SELF_HOSTED', true),
         'autoupdate' => env('AUTOUPDATE'),
         'base_config_path' => env('BASE_CONFIG_PATH', '/data/coolify'),
diff --git a/versions.json b/versions.json
index 1c4e813ea..2d1633ed6 100644
--- a/versions.json
+++ b/versions.json
@@ -1,10 +1,10 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.375"
+            "version": "4.0.0-beta.376"
         },
         "nightly": {
-            "version": "4.0.0-beta.376"
+            "version": "4.0.0-beta.377"
         },
         "helper": {
             "version": "1.0.4"
@@ -16,4 +16,4 @@
             "version": "0.0.15"
         }
     }
-}
+}
\ No newline at end of file

From 7519dff04d27e66bbcdf000b0f2ca388b39dfc57 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 10:30:04 +0100
Subject: [PATCH 25/54] ui update on logs

---
 .../application/deployment/show.blade.php     | 21 ++++++++++++-------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/resources/views/livewire/project/application/deployment/show.blade.php b/resources/views/livewire/project/application/deployment/show.blade.php
index 9d9301d5c..92ed72981 100644
--- a/resources/views/livewire/project/application/deployment/show.blade.php
+++ b/resources/views/livewire/project/application/deployment/show.blade.php
@@ -19,7 +19,7 @@
         },
         toggleScroll() {
             this.alwaysScroll = !this.alwaysScroll;
-
+    
             if (this.alwaysScroll) {
                 this.intervalId = setInterval(() => {
                     const screen = document.getElementById('screen');
@@ -58,30 +58,34 @@
             <div @if ($isKeepAliveOn) wire:poll.2000ms="polling" @endif
                 class="flex flex-col-reverse w-full p-2 px-4 mt-4 overflow-y-auto bg-white dark:text-white dark:bg-coolgray-100 scrollbar dark:border-coolgray-300"
                 :class="fullscreen ? '' : 'min-h-14 max-h-[40rem] border border-dotted rounded'">
-                <div :class="fullscreen ? 'fixed' : 'absolute'" class="top-4 right-6">
+                <div :class="fullscreen ? 'fixed' : 'absolute'" class="top-2 right-3">
                     <div class="flex justify-end gap-4 fixed -translate-x-full">
                         <button title="Toggle timestamps" x-on:click="showTimestamps = !showTimestamps">
-                            <svg class="icon" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" fill="none"
-                                stroke="currentColor" stroke-width="2">
+                            <svg class="w-5 h-5 opacity-30 hover:opacity-100" viewBox="0 0 24 24"
+                                xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor"
+                                stroke-width="2">
                                 <path stroke-linecap="round" stroke-linejoin="round"
                                     d="M12 6v6h4.5m4.5 0a9 9 0 1 1-18 0 9 9 0 0 1 18 0Z" />
                             </svg>
                         </button>
                         <button title="Go Top" x-show="fullscreen" x-on:click="goTop">
-                            <svg class="icon" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
+                            <svg class="w-5 h-5 opacity-30 hover:opacity-100" viewBox="0 0 24 24"
+                                xmlns="http://www.w3.org/2000/svg">
                                 <path fill="none" stroke="currentColor" stroke-linecap="round"
                                     stroke-linejoin="round" stroke-width="2" d="M12 5v14m4-10l-4-4M8 9l4-4" />
                             </svg>
                         </button>
                         <button title="Follow Logs" x-show="fullscreen" :class="alwaysScroll ? 'dark:text-warning' : ''"
                             x-on:click="toggleScroll">
-                            <svg class="icon" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
+                            <svg class="w-5 h-5 opacity-30 hover:opacity-100" viewBox="0 0 24 24"
+                                xmlns="http://www.w3.org/2000/svg">
                                 <path fill="none" stroke="currentColor" stroke-linecap="round"
                                     stroke-linejoin="round" stroke-width="2" d="M12 5v14m4-4l-4 4m-4-4l4 4" />
                             </svg>
                         </button>
                         <button title="Fullscreen" x-show="!fullscreen" x-on:click="makeFullscreen">
-                            <svg class="icon" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
+                            <svg class="w-5 h-5 opacity-30 hover:opacity-100" viewBox="0 0 24 24"
+                                xmlns="http://www.w3.org/2000/svg">
                                 <g fill="none">
                                     <path
                                         d="M24 0v24H0V0h24ZM12.593 23.258l-.011.002l-.071.035l-.02.004l-.014-.004l-.071-.035c-.01-.004-.019-.001-.024.005l-.004.01l-.017.428l.005.02l.01.013l.104.074l.015.004l.012-.004l.104-.074l.012-.016l.004-.017l-.017-.427c-.002-.01-.009-.017-.017-.018Zm.265-.113l-.013.002l-.185.093l-.01.01l-.003.011l.018.43l.005.012l.008.007l.201.093c.012.004.023 0 .029-.008l.004-.014l-.034-.614c-.003-.012-.01-.02-.02-.022Zm-.715.002a.023.023 0 0 0-.027.006l-.006.014l-.034.614c0 .012.007.02.017.024l.015-.002l.201-.093l.01-.008l.004-.011l.017-.43l-.003-.012l-.01-.01l-.184-.092Z" />
@@ -91,7 +95,8 @@
                             </svg>
                         </button>
                         <button title="Minimize" x-show="fullscreen" x-on:click="makeFullscreen">
-                            <svg class="icon" viewBox="0 0 24 24"xmlns="http://www.w3.org/2000/svg">
+                            <svg class="w-5 h-5 opacity-30 hover:opacity-100"
+                                viewBox="0 0 24 24"xmlns="http://www.w3.org/2000/svg">
                                 <path fill="none" stroke="currentColor" stroke-linecap="round"
                                     stroke-linejoin="round" stroke-width="2"
                                     d="M6 14h4m0 0v4m0-4l-6 6m14-10h-4m0 0V6m0 4l6-6" />

From e67a93e6a52fa246fde5e3cf3b7d1dd773c47f13 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 10:46:27 +0100
Subject: [PATCH 26/54] feat: able to deploy without cache on every commit

---
 app/Jobs/ApplicationDeploymentJob.php         |  9 ++++++++
 app/Livewire/Project/Application/Advanced.php |  5 +++++
 bootstrap/helpers/docker.php                  |  7 +++---
 ...dd_disable_build_cache_advanced_option.php | 22 +++++++++++++++++++
 .../project/application/advanced.blade.php    |  2 ++
 5 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100644 database/migrations/2024_12_05_091823_add_disable_build_cache_advanced_option.php

diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php
index 41909fa30..04e71c4e3 100644
--- a/app/Jobs/ApplicationDeploymentJob.php
+++ b/app/Jobs/ApplicationDeploymentJob.php
@@ -140,6 +140,8 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
 
     private ?string $buildTarget = null;
 
+    private bool $disableBuildCache = false;
+
     private Collection $saved_outputs;
 
     private ?string $full_healthcheck_url = null;
@@ -178,7 +180,11 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
         $this->pull_request_id = $this->application_deployment_queue->pull_request_id;
         $this->commit = $this->application_deployment_queue->commit;
         $this->rollback = $this->application_deployment_queue->rollback;
+        $this->disableBuildCache = $this->application->settings->disable_build_cache;
         $this->force_rebuild = $this->application_deployment_queue->force_rebuild;
+        if ($this->disableBuildCache) {
+            $this->force_rebuild = true;
+        }
         $this->restart_only = $this->application_deployment_queue->restart_only;
         $this->restart_only = $this->restart_only && $this->application->build_pack !== 'dockerimage' && $this->application->build_pack !== 'dockerfile';
         $this->only_this_server = $this->application_deployment_queue->only_this_server;
@@ -1976,6 +1982,9 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
         $this->build_args = $this->build_args->implode(' ');
 
         $this->application_deployment_queue->addLogEntry('----------------------------------------');
+        if ($this->disableBuildCache) {
+            $this->application_deployment_queue->addLogEntry('Docker build cache is disabled. It will not be used during the build process.');
+        }
         if ($this->application->build_pack === 'static') {
             $this->application_deployment_queue->addLogEntry('Static deployment. Copying static assets to the image.');
         } else {
diff --git a/app/Livewire/Project/Application/Advanced.php b/app/Livewire/Project/Application/Advanced.php
index 05ac25429..cb63f0e1a 100644
--- a/app/Livewire/Project/Application/Advanced.php
+++ b/app/Livewire/Project/Application/Advanced.php
@@ -25,6 +25,9 @@ class Advanced extends Component
     #[Validate(['boolean'])]
     public bool $isAutoDeployEnabled = true;
 
+    #[Validate(['boolean'])]
+    public bool $disableBuildCache = false;
+
     #[Validate(['boolean'])]
     public bool $isLogDrainEnabled = false;
 
@@ -95,6 +98,7 @@ class Advanced extends Component
             $this->application->settings->is_stripprefix_enabled = $this->isStripprefixEnabled;
             $this->application->settings->is_raw_compose_deployment_enabled = $this->isRawComposeDeploymentEnabled;
             $this->application->settings->connect_to_docker_network = $this->isConnectToDockerNetworkEnabled;
+            $this->application->settings->disable_build_cache = $this->disableBuildCache;
             $this->application->settings->save();
         } else {
             $this->isForceHttpsEnabled = $this->application->isForceHttpsEnabled();
@@ -116,6 +120,7 @@ class Advanced extends Component
             $this->customInternalName = $this->application->settings->custom_internal_name;
             $this->isRawComposeDeploymentEnabled = $this->application->settings->is_raw_compose_deployment_enabled;
             $this->isConnectToDockerNetworkEnabled = $this->application->settings->connect_to_docker_network;
+            $this->disableBuildCache = $this->application->settings->disable_build_cache;
         }
     }
 
diff --git a/bootstrap/helpers/docker.php b/bootstrap/helpers/docker.php
index 8dd01a162..eda2133a7 100644
--- a/bootstrap/helpers/docker.php
+++ b/bootstrap/helpers/docker.php
@@ -288,9 +288,9 @@ function fqdnLabelsForCaddy(string $network, string $uuid, Collection $domains,
         $host_without_www = str($host)->replace('www.', '');
         $schema = $url->getScheme();
         $port = $url->getPort();
-        $handle = "handle_path";
-        if ( ! $is_stripprefix_enabled){
-            $handle = "handle";
+        $handle = 'handle_path';
+        if (! $is_stripprefix_enabled) {
+            $handle = 'handle';
         }
         if (is_null($port) && ! is_null($onlyPort)) {
             $port = $onlyPort;
@@ -302,7 +302,6 @@ function fqdnLabelsForCaddy(string $network, string $uuid, Collection $domains,
         $labels->push("caddy_{$loop}.header=-Server");
         $labels->push("caddy_{$loop}.try_files={path} /index.html /index.php");
 
-
         if ($port) {
             $labels->push("caddy_{$loop}.{$handle}.{$loop}_reverse_proxy={{upstreams $port}}");
         } else {
diff --git a/database/migrations/2024_12_05_091823_add_disable_build_cache_advanced_option.php b/database/migrations/2024_12_05_091823_add_disable_build_cache_advanced_option.php
new file mode 100644
index 000000000..751342302
--- /dev/null
+++ b/database/migrations/2024_12_05_091823_add_disable_build_cache_advanced_option.php
@@ -0,0 +1,22 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::table('application_settings', function (Blueprint $table) {
+            $table->boolean('disable_build_cache')->default(false);
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::table('application_settings', function (Blueprint $table) {
+            $table->dropColumn('disable_build_cache');
+        });
+    }
+};
diff --git a/resources/views/livewire/project/application/advanced.blade.php b/resources/views/livewire/project/application/advanced.blade.php
index 6658c0ed2..f3fb0485f 100644
--- a/resources/views/livewire/project/application/advanced.blade.php
+++ b/resources/views/livewire/project/application/advanced.blade.php
@@ -13,6 +13,8 @@
                     helper="Allow to automatically deploy Preview Deployments for all opened PR's.<br><br>Closing a PR will delete Preview Deployments."
                     instantSave id="isPreviewDeploymentsEnabled" label="Preview Deployments" />
             @endif
+            <x-forms.checkbox helper="Disable Docker build cache on every deployment." instantSave id="disableBuildCache"
+                label="Disable Build Cache" />
             <x-forms.checkbox
                 helper="Your application will be available only on https if your domain starts with https://..."
                 instantSave id="isForceHttpsEnabled" label="Force Https" />

From c25be01af6881f13928a1ab64bc900eaa173464b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 11:00:57 +0100
Subject: [PATCH 27/54] fix

---
 app/Livewire/Source/Github/Change.php | 6 +++++-
 database/seeders/GithubAppSeeder.php  | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Source/Github/Change.php b/app/Livewire/Source/Github/Change.php
index 51c5ae3e9..467927484 100644
--- a/app/Livewire/Source/Github/Change.php
+++ b/app/Livewire/Source/Github/Change.php
@@ -158,6 +158,10 @@ class Change extends Component
 
     public function getGithubAppNameUpdatePath()
     {
+        if (str($this->github_app->organization)->isNotEmpty()) {
+            return "{$this->github_app->html_url}/organizations/{$this->github_app->organization}/settings/apps/{$this->github_app->name}";
+        }
+
         return "{$this->github_app->html_url}/settings/apps/{$this->github_app->name}";
     }
 
@@ -184,7 +188,7 @@ class Change extends Component
     public function updateGithubAppName()
     {
         try {
-            $privateKey = PrivateKey::find($this->github_app->private_key_id);
+            $privateKey = PrivateKey::ownedByCurrentTeam()->find($this->github_app->private_key_id);
 
             if (! $privateKey) {
                 $this->dispatch('error', 'No private key found for this GitHub App.');
diff --git a/database/seeders/GithubAppSeeder.php b/database/seeders/GithubAppSeeder.php
index 2ece7a05b..3cfb82e64 100644
--- a/database/seeders/GithubAppSeeder.php
+++ b/database/seeders/GithubAppSeeder.php
@@ -23,6 +23,7 @@ class GithubAppSeeder extends Seeder
         GithubApp::create([
             'name' => 'coolify-laravel-development-public',
             'uuid' => '69420',
+            'organization' => 'coollabsio',
             'api_url' => 'https://api.github.com',
             'html_url' => 'https://github.com',
             'is_public' => false,

From a500daac9855009d07454cf21b810b4953fdff36 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 12:42:31 +0100
Subject: [PATCH 28/54] fixes

---
 config/mail.php                                        |  2 +-
 resources/views/livewire/notifications/email.blade.php | 10 +++++++---
 resources/views/livewire/settings-email.blade.php      |  7 +++++--
 3 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/config/mail.php b/config/mail.php
index b36bd363c..26af507d9 100644
--- a/config/mail.php
+++ b/config/mail.php
@@ -38,7 +38,7 @@ return [
             'transport' => 'smtp',
             'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
             'port' => env('MAIL_PORT', 587),
-            'encryption' => env('MAIL_ENCRYPTION', 'tls') === 'none' ? null : env('MAIL_ENCRYPTION', 'tls'),
+            'encryption' => env('MAIL_ENCRYPTION', 'tls'),
             'username' => env('MAIL_USERNAME'),
             'password' => env('MAIL_PASSWORD'),
             'timeout' => null,
diff --git a/resources/views/livewire/notifications/email.blade.php b/resources/views/livewire/notifications/email.blade.php
index 182c73d6a..fba21d0b2 100644
--- a/resources/views/livewire/notifications/email.blade.php
+++ b/resources/views/livewire/notifications/email.blade.php
@@ -17,7 +17,8 @@
             @if (isEmailEnabled($team) && auth()->user()->isAdminFromSession() && isTestEmailEnabled($team))
                 <x-modal-input buttonTitle="Send Test Email" title="Send Test Email">
                     <form wire:submit.prevent="sendTestEmail" class="flex flex-col w-full gap-2">
-                        <x-forms.input wire:model="testEmailAddress" placeholder="test@example.com" id="testEmailAddress" label="Recipients" required />
+                        <x-forms.input wire:model="testEmailAddress" placeholder="test@example.com" id="testEmailAddress"
+                            label="Recipients" required />
                         <x-forms.button type="submit" @click="modalOpen=false">
                             Send Email
                         </x-forms.button>
@@ -62,8 +63,11 @@
                         <div class="flex flex-col w-full gap-2 xl:flex-row">
                             <x-forms.input required id="smtpHost" placeholder="smtp.mailgun.org" label="Host" />
                             <x-forms.input required id="smtpPort" placeholder="587" label="Port" />
-                            <x-forms.input id="smtpEncryption" helper="If SMTP uses SSL, set it to 'tls'."
-                                placeholder="tls" label="Encryption" />
+                            <x-forms.select id="smtpEncryption" label="Encryption">
+                                <option value="tls">TLS</option>
+                                <option value="ssl">SSL</option>
+                                <option value="none">None</option>
+                            </x-forms.select>
                         </div>
                         <div class="flex flex-col w-full gap-2 xl:flex-row">
                             <x-forms.input id="smtpUsername" label="SMTP Username" />
diff --git a/resources/views/livewire/settings-email.blade.php b/resources/views/livewire/settings-email.blade.php
index ff3e4bfb8..141922584 100644
--- a/resources/views/livewire/settings-email.blade.php
+++ b/resources/views/livewire/settings-email.blade.php
@@ -33,8 +33,11 @@
                     <div class="flex flex-col w-full gap-2 xl:flex-row">
                         <x-forms.input required id="smtpHost" placeholder="smtp.mailgun.org" label="Host" />
                         <x-forms.input required id="smtpPort" placeholder="587" label="Port" />
-                        <x-forms.input id="smtpEncryption" helper="If SMTP uses SSL, set it to 'tls'." placeholder="tls"
-                            label="Encryption" />
+                        <x-forms.select id="smtpEncryption" label="Encryption">
+                            <option value="tls">TLS</option>
+                            <option value="ssl">SSL</option>
+                            <option value="none">None</option>
+                        </x-forms.select>
                     </div>
                     <div class="flex flex-col w-full gap-2 xl:flex-row">
                         <x-forms.input id="smtpUsername" label="SMTP Username" />

From 80f649b96a880819e72b16a5e0b7bca46ec04436 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 5 Dec 2024 13:09:06 +0100
Subject: [PATCH 29/54] finally found the right option

---
 app/Notifications/Channels/EmailChannel.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/Notifications/Channels/EmailChannel.php b/app/Notifications/Channels/EmailChannel.php
index e745990e4..5394f6106 100644
--- a/app/Notifications/Channels/EmailChannel.php
+++ b/app/Notifications/Channels/EmailChannel.php
@@ -71,6 +71,7 @@ class EmailChannel
                 'password' => data_get($notifiable, 'smtp_password'),
                 'timeout' => data_get($notifiable, 'smtp_timeout'),
                 'local_domain' => null,
+                'auto_tls' => data_get($notifiable, 'smtp_encryption') === 'none' ? '0' : '',
             ]);
         }
     }

From ba808b14a465bd05b409643e9b0fba15f6f7b9e7 Mon Sep 17 00:00:00 2001
From: mohanlokesh <120879877+mohanlokesh@users.noreply.github.com>
Date: Fri, 6 Dec 2024 13:25:41 +0530
Subject: [PATCH 30/54] fix: display actual values for disk space checks in
 installer script

---
 scripts/install.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 1a039f64f..3f289438f 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -30,7 +30,7 @@ WARNING_SPACE=false
 
 if [ "$TOTAL_SPACE" -lt "$REQUIRED_TOTAL_SPACE" ]; then
     WARNING_SPACE=true
-    cat << 'EOF'
+    cat << EOF
 WARNING: Insufficient total disk space!
 
 Total disk space:     ${TOTAL_SPACE}GB
@@ -41,7 +41,7 @@ EOF
 fi
 
 if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_AVAILABLE_SPACE" ]; then
-    cat << 'EOF'
+    cat << EOF
 WARNING: Insufficient available disk space!
 
 Available disk space:   ${AVAILABLE_SPACE}GB
@@ -49,7 +49,7 @@ Required available space: ${REQUIRED_AVAILABLE_SPACE}GB
 
 ==================
 EOF
-    WARNING_SPACE=true
+WARNING_SPACE=true
 fi
 
 if [ "$WARNING_SPACE" = true ]; then

From eeb8d97cfd185aa783baa1c07237ff178d7e1f7b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 11:22:54 +0100
Subject: [PATCH 31/54] fix: old git versions does not have --cone implemented
 properly

---
 app/Models/Application.php | 46 +++++++++++++++++++++++++++++---------
 1 file changed, 36 insertions(+), 10 deletions(-)

diff --git a/app/Models/Application.php b/app/Models/Application.php
index a68c1d54a..d1efd3f33 100644
--- a/app/Models/Application.php
+++ b/app/Models/Application.php
@@ -1321,17 +1321,43 @@ class Application extends BaseModel
         if (! $gitRemoteStatus['is_accessible']) {
             throw new \RuntimeException("Failed to read Git source:\n\n{$gitRemoteStatus['error']}");
         }
+        $getGitVersion = instant_remote_process(['git --version'], $this->destination->server, false);
+        $gitVersion = str($getGitVersion)->explode(' ')->last();
 
-        $commands = collect([
-            "rm -rf /tmp/{$uuid}",
-            "mkdir -p /tmp/{$uuid}",
-            "cd /tmp/{$uuid}",
-            $cloneCommand,
-            'git sparse-checkout init --cone',
-            "git sparse-checkout set {$fileList->implode(' ')}",
-            'git read-tree -mu HEAD',
-            "cat .$workdir$composeFile",
-        ]);
+        if (version_compare($gitVersion, '2.35.1', '<')) {
+            $fileList = $fileList->map(function ($file) {
+                $parts = explode('/', trim($file, '.'));
+                $paths = collect();
+                $currentPath = '';
+                foreach ($parts as $part) {
+                    $currentPath .= ($currentPath ? '/' : '').$part;
+                    $paths->push($currentPath);
+                }
+
+                return $paths;
+            })->flatten()->unique()->values();
+            $commands = collect([
+                "rm -rf /tmp/{$uuid}",
+                "mkdir -p /tmp/{$uuid}",
+                "cd /tmp/{$uuid}",
+                $cloneCommand,
+                'git sparse-checkout init --cone',
+                "git sparse-checkout set {$fileList->implode(' ')}",
+                'git read-tree -mu HEAD',
+                "cat .$workdir$composeFile",
+            ]);
+        } else {
+            $commands = collect([
+                "rm -rf /tmp/{$uuid}",
+                "mkdir -p /tmp/{$uuid}",
+                "cd /tmp/{$uuid}",
+                $cloneCommand,
+                'git sparse-checkout init --cone',
+                "git sparse-checkout set {$fileList->implode(' ')}",
+                'git read-tree -mu HEAD',
+                "cat .$workdir$composeFile",
+            ]);
+        }
         try {
             $composeFileContent = instant_remote_process($commands, $this->destination->server);
         } catch (\Exception $e) {

From 0c10b1e5b6f1bba02ca04134aa03f5081765cf88 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:20:30 +0100
Subject: [PATCH 32/54] Added Heimdall SVG

---
 public/svgs/heimdall.svg | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 public/svgs/heimdall.svg

diff --git a/public/svgs/heimdall.svg b/public/svgs/heimdall.svg
new file mode 100644
index 000000000..6ecfa8457
--- /dev/null
+++ b/public/svgs/heimdall.svg
@@ -0,0 +1,11 @@
+<svg width="346" height="434" xmlns="http://www.w3.org/2000/svg">
+
+ <g>
+  <title>background</title>
+  <rect fill="none" id="canvas_background" height="436" width="348" y="-1" x="-1"/>
+ </g>
+ <g>
+  <title>Layer 1</title>
+  <path id="svg_1" d="m221.227,397.119l0,-24.919l8.552,-26.577c59.868,-59.323 106.907,-114.847 115.221,-131.932l-10.215,3.56s9.5,-11.864 8.552,-18.51c-7.6,-116.273 -73.17,-176.862 -91.226,-191.732c26.607,31.955 19.326,42.4 19.326,42.4c-11.723,-21.833 -35.797,-43.032 -40.549,-48.409l-5.7,33.853c22.806,13.289 16.79,20.882 16.79,20.882c-5.387,-7.594 -19.957,-14.235 -19.957,-14.235l-1.586,9.491c6.973,3.165 38.327,22.149 38.565,70.872c0,59.323 -33.735,74.985 -39.674,77.357c-19.718,-11.865 -41.1,-11.627 -46.326,-12.1c-5.226,0.474 -26.608,0.236 -46.324,12.1c-5.941,-2.376 -39.676,-18.038 -39.676,-77.361c0.238,-48.723 31.6,-67.707 38.564,-70.872l-1.581,-9.487s-14.574,6.644 -19.955,14.238c0,0 -6.022,-7.593 16.786,-20.882l-5.702,-33.856c-4.752,5.378 -28.824,26.577 -40.543,48.407c0,0 -7.288,-10.443 19.32,-42.4c-18.054,14.87 -83.625,75.459 -91.226,191.732c-0.95,6.646 8.554,18.51 8.554,18.51l-10.217,-3.558c8.316,17.085 55.355,72.612 115.221,131.935l8.554,26.577l0,24.916l-7.6,-26.577l-17.345,-28.475l0,28.95c7.127,20.169 34.921,60.983 34.921,60.983l0,-84.475l-106.431,-116.037s66.52,54.1 85.526,73.56l9.978,-10.2c-12.355,-8.78 -66.045,-62.646 -70.8,-110.1c40.388,85.426 79.111,96.1 107.62,129.325l0,8.127l24.707,0l0,-8.131c28.508,-33.221 67.233,-43.9 107.619,-129.325c-4.75,47.459 -58.442,101.325 -70.8,110.1l9.976,10.2c19.006,-19.458 85.526,-73.56 85.526,-73.56l-106.423,116.041l0,84.475s27.8,-40.815 34.923,-60.984l0,-28.95l-17.343,28.475l-7.602,26.578zm-48.227,-102.036c-17.818,-11.865 -63.668,-39.629 -82.672,-83.053a314.117,314.117 0 0 0 34.447,34.882s-1.189,-30.61 1.186,-37.255c4.276,36.781 13.068,52.442 47.039,71.9c33.973,-19.458 42.763,-35.119 47.039,-71.9c2.375,6.645 1.188,37.255 1.188,37.255a314.117,314.117 0 0 0 34.447,-34.882c-19.006,43.424 -64.856,71.188 -82.674,83.053z" class="cls-1"/>
+ </g>
+</svg>
\ No newline at end of file

From 0886046b304ca77a7a05011df6e92bfe728335c9 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:21:40 +0100
Subject: [PATCH 33/54] Update heimdall.yaml with SVG Logo

---
 templates/compose/heimdall.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/heimdall.yaml b/templates/compose/heimdall.yaml
index 7ae07b296..851f981b5 100644
--- a/templates/compose/heimdall.yaml
+++ b/templates/compose/heimdall.yaml
@@ -1,6 +1,7 @@
 # documentation: https://github.com/linuxserver/Heimdall
 # slogan: Heimdall is a dashboard for managing and organizing your server applications.
 # tags: dashboard, server, applications, interface
+# logo: svgs/heimdall.svg
 
 services:
   heimdall:

From d69ea22c0258af3328b67ea868e9796e2497de3c Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:36:25 +0100
Subject: [PATCH 34/54] Upload Logos for InvoiceNinja, Pairdrop and Kuzzle

---
 public/svgs/invoiceninja.png | Bin 0 -> 36038 bytes
 public/svgs/kuzzle.png       | Bin 0 -> 16439 bytes
 public/svgs/pairdrop.png     | Bin 0 -> 61165 bytes
 3 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 public/svgs/invoiceninja.png
 create mode 100644 public/svgs/kuzzle.png
 create mode 100644 public/svgs/pairdrop.png

diff --git a/public/svgs/invoiceninja.png b/public/svgs/invoiceninja.png
new file mode 100644
index 0000000000000000000000000000000000000000..5141cd4d1e38c783c8c40662618464df3f029219
GIT binary patch
literal 36038
zcmYg&1yohf8|}H5?iNK_2>}7==7J#Ir68r!-3=E+N@?i^>6C5|P)Y;|>F!35t~dPt
z@2&Ng%LU$Z?wpzVYVZBcF;rDq1`nG88-gG_Iaw)n2!exO;SeS|`0>wu^aA`qHIq=1
zfS|9DI9JAK;NP@wW!04+$ddtrknbVr{1*J&gdi7A2--4&AfZGEBDae%{Qd&mi~dGI
zMhd#U`;*y{9}7OgvX_131VQYN?*78ubH!c3hZxRsO41k$7$n4xADKRL3<V=Xa#9kS
z?o&InF5Z+fwHtp8Pk)Bk^x|@Hb1UR^S$8W|qBKq7aSQf#G<ogs1;yfV+q{WNT0$;&
zv2k;A=iGlWa(z?qK-v|zvNVZWVE*!7!~T!jyhh$+A$^xEN<6y2`H*27h=LGZ3i^$Z
zJJl)dZ<R;+`r$?dJ;c#Z8d}`jUxs#&1J}7thR>baN;Yq}poB|S8hf}0f;|f5T|*le
zlIK*1#h$v}ellTwkbCx)kASlZH({*qCFWw@>_r`+B&qc0y>`yjjmBAY)5mQ}TdPQH
z#CJ)<)fvBg7@r|}wb({8u2aROn|2Zr_kbWu+J~|j?Ah=D?)F|u!~B`s0TQ-%)40L?
zCjF24O<wwlN(Q3(okK+Q%u*BIOedZ_a~b`jkImcAjWXs>fzZn2Ql;koCX>VHHoNur
zGQ=O7m`e@TVX+`!k1Bvk36IDM2*jb#tqrvh7?R~ZETwKDlz0w@=xo)iZ83%ve`03h
zTB?_$jk@@a+27W270AsQA19&&l8{lRK1V~x@E6@Hzuvob#jmDp{~42s2uY!bAqk}k
zbEk)fcu2S@j#mtD%r|a|B0U>9f|ECFv?KXt8&v(jJs4&A#%>gRX(evSKu6NcOPDSD
z7$RKaQfmyC<&L+0%KK@a@sbh2o%zhNlH;T968WEg^k3Nl0XFTXMyz|8wEgz0-#1*j
z-sK`f6l5V<$#mf(>d_G|vP_~O3UhzY#`3_vl7#t$cB5=%)>K3(u{G)+*tCBR#k*u=
z32}%j6OB3jid12Xmumm{n5xRju3D_G{^&@{&Nv1+lVzL{0n7cDA9SAx;F>a;6BC9+
zJ%S-IJ=Ky2j+6<Wi!Sn`2xT)~Uld@?`&P{xqJHt#L{#9A;g%rKP-P_gQ8eIiqJLmD
z5{0V622Vy~e3@ur<`I2A6PUc!5=mSdjYujeWhHDLyhg-eOGm{(2-FXijcII(sw#(n
z5f3wkx8&N`ixMLUrQ;%|*k8ifQ2%6GlB}#-F?y(%$fClqAgOkBuXDzNn7SII)Pif~
z)1rw8k=2h&3sPiHbWyJ0Y$!Hu=nd%TlR>B`^qg`KEnL2Oue}S>5-g`4!rKUyUnoXw
zXpWHl;Z!BV9*2ped_>M>u5QrE;7KE*A;eh=^Q`~H%vi^_5}X<Ie-cU;t5K(4D}q8<
z<g4+|h|b7rY@)0>Uo=LW9iIi(GoCMy`u6*X%}1~lPE&0}_RW+do83P6JyT;vDMoq}
zH2c3tv_2-p_G6&Q?kFd<4A!Hr$rs1m2oP#zVsMqFwTH?0GqhV9Jt$KAn#xG%D-DN?
z8~R!P)*zHFd{oW;b(T<P5Z2KWXjv`DXmVB%^^6YneD;PJKf{6oO=d{iB8p1qAKnkp
zU5c#nw3c+2V6psY#CSkb<mOLT4DVnehA=b2hFwNe?Ox<WY~x{EWS^Wfyf+Mlqr}l1
zpm5^3G;?am#A={+<O73=shQigaanr!JuZ@sB;6p&Vx!WsHpf25338o5<yL^h7E!=>
z<xdKOV^zco0z|@*MD41YCSrvx99?#YYBHE+kcPxGzQ8x>cw=2rKB6yR%<t^#RXJ9S
zdGcG^s57Bc%jHJL6M>jezN#R6*`IWXi&v40K?gy~4XpY#^v`a+B8vV<Unb*Kld8=5
zn-c02LKriOOW=Xt0u$$;-1Hl@R4`^8n|z&da;8NW%6l~uKZO;{48rep1QSSXRMVuy
zZXPUDsb^6TVy0R$)Q4A1&c_Xo7Zo5X>HZ#PB6Nx(5l)E+!wJ=+g(2&WKm6Js2L_fy
z*sNSX4&+E|7c(Mexj*r7l!TC9LaahMnk@Nj8|Ie7c(c`WDT~RPSnx(N7HNl=#>+#6
zXZNhU*L$s#m3!0JF53Pwlj87(sDmc4-Pj0zU^wa^IY~h{&Oo!URFv)fFflJEZ%j(`
z?|gXC1k?UQx~s_0BF;0sgK#ViFyAiT9*l;wH1pY@5uUGBx+0d5w+5plZOw*(2Y!r}
zWD5#L&9k=R@%ulS`adHOujR#tq+vCq<uKC+nq#dP{&}+DzI5<tm^DlcJrBMP35qde
zgQUQ2*F8<+j=O>UyiG=be+7lr{}kyVEBt1W5rznHQn|s`{NBpspN{x4woEKZ+GM?8
zwqT?AK_b5dJ&+FzlGOZP0({Y))6Sgv`R*R~Su`WA12M+w-;dQeHRT|}H`y-2jEn_8
zMEs<7k96uhUrS<U2nY5NoM8*(Uf}lBBABCNO6j^<W@xZ*VRO<ZXZ;#&gjrAUH}IX&
z)csNLl?L6ChkXS!d$19hA;Y`onJI}+{mqaPi2ojU7S3kGcfeTmH%gNf7gh-;>;fBU
zoQ%iWkD`+4+aR13a}!9|(djRAI874*xeD@#j$}>RCkKtaB{86fA)*{PPJ?0B$Wyha
zo^MO369_xX<4_y3l+n^)_(D9h4Aby$a<x!^;%D2=E~)3mC?erS(}u%a4p?+>Ws0J<
zc0K$Zue22fqAc1+tdK<4^(aklRya%yx_~cgM=D?vMRoYsB2-Wwp-e0fIfG3@CBT9L
z5MZ>dZAb|@j$B8||92m0AIwMf8sRGJd|mx~BpN|`0CujOp7)`#<x=De-W?B`jeySw
zWRj#D!YpzX1W`CU&gP9HWs|)LkG~-qU<hQ`u+7GAcKa<Q)yZp>EP5BZz=L@80>{N;
z|Fk%Ih16e8tNn8R(A}M(e>xosMh9e5FJ=o`ZhrNE-R|JuDcJon_u#zYLBSZ(d-5Kp
z2r+~j#XK97*LU_uV)r-_rB6?kolZ)Y1@9laC8Vb$K*KJ90Ev(mLAo`?fBy_~<AcaC
z4qb@}hAuSAE0CMD>tfzWrw8|!fJ5TsxzqOMLIrE0ei%1cnpJlmpeBnp`gK{rsH%vb
zxfph%4DMR<-5N(mv<D-Iixl$-CC^gqGf{@nC-A181?R~TE_6SJ4m3UponAk1Com7v
zv?Y~1<Hsuq6=F|BvyR1of1?0~Aju^oJuXCV4q(~Rn7T7k7alX#KWNEc313Mi?kVgR
zlqecCmFwi77di_hMzk>-Oo5n+u9;+(I8Np0!3>xO9K_HW)@h6%D#a;mAC6Z_9Se}i
zdzOObfLHC>lf(x!#L&wU)p$SYh52@z0!uwfOd>XUs4izKzQoPkGw3m<t_mE&X~?*c
zcpB@2`w5YDOfDH>^j0Q~&>YPgZ8y*w>m``zN2yId&aYX|NNeWjDS8jdB~keYpZHHB
zm)mWF^HPXWUjlG}Q=f5_^V^-+oh<GNYan4(Hf~X26qYqGyG8&s9}BeykNURZWfEI1
z`4NYFz1ve`e_74TL-}^y;5@Sl-ZXD4RPPsXh~`Q4{5)#Syf~%c5?HMbUnav4<wWK;
zi(u2(lMXR}L<qoacu4TVsoTv8oW54ha|9A@RaNj=@)|`3xgwM?&w@}PgEim7x*P}c
z1F@}e_CUfV^;NYol)-Fy%!kCN?g`-fO8Qj}(oEIts$W->5jfvl2300h=#QLZrkfnJ
zfc7Em^0S1})nFzZMi)ppeh=UI#WCX5?$AH$Lh=PFVu-ZLyoI*BoTBK<zNl<v2BG8(
z=EEX$)u%>ev;%?72srW$Y3cN{XE2JauuEJ-%r%&TsX5~9D3*UsdlIK0oodNrh?((2
z#JLM3h9UIoZVH%iUNxqCzW1)0%9x}ySWuV*2s_T#=E-w7XQVEF3^D1X{uTrZG1d$J
zGBC^NZ)TQ2fQqniuOZ`#S7{^|Mw6AT1?Kv_7<WjtTfpyrY#P44BiuF)6{>3&J)cH4
z`MasA6%k5e?lWUK%PiwoNK;_VQeZ*0>Jt7m?u71mWNFx7Bg)J(A4Z{DM+HdmtH6;d
z3+Y##NG7CTR<=4Ayp_nm535I-m)KE`(0=(bR4=jDD-L(ZKNDu5Ad|#g)H6oV7v&yU
z2Is9S5Zb>5H^9IR#O}YZ$t;c&0}1H^1yyCrT#VvSVf-)PNO~5{@msrs{9DZ8?#F?I
zaN(kxFqD^1u2I62!9`}C^IIydaq*e0XIONB%tjbfIkjlovV^KU#L(+*li1sl0{%p>
zp4&GlQ*;uDXgSCpPpy$^h+eJ#W{@_v4a6k33Zan<8Z3sy9uIs+I?MW&T+QpIatFA~
z%^(S?c|j_K1uv6?BUzc9f87ddLbO<ZAVdU21Yzu&gtRX3GGNMn(xQV?RLgn8hzl$_
zsfE9(_&qPiu%g2J6QZF^kaQw~OrOV{UX!b@$Y9dJlk%0@rHxwt;n#mgg>2Ot@dieD
zG`RO)jGZJLwt}(GI#eavv4;2rd8qO&UWzid(ZV1?;46wKN+Uric8|h+z&0gHL0Iju
z5uUo>O+GAm6x80bUY=#4%dvp+CAXYV5;ey>Gbhht8Zo^-#3Sh=O#1}|a_gWekcw9E
z*VT@c!=wuw@5)xjC_#%T+C>iG!6o@1u$%noVi?Kbk-(4!I_TzTY#6^l++7iZ>s(Ms
z<+hO}G=@}B#iEzQq?3HkkO`}heXrSse@=HFCGZ`zfWRO_YsJB>@Du^py~`L?(ayA<
z_v3#rMMmL3*u1Cb{PqMzufGsVh764m#!=P_kfvaK(1cVA`sTU!IGV=Z5`&n3fM*U{
z$xa3rYTBc)AW-~X1>pqe&42K`h^+Kf1S7MVp-jQMmvFlo6KsQi_9CM&A(02S_)7a&
z%^06+{=4Psg}@NI40kQER$S8(71al9AbH6lzjWGhxy_xMNuH$<BNU7t*b6D*+*tZc
zP(f1JUg}pYFd7)ue<>2PO^dn!g$?5B2xwMSRmFge8}V5>kF<;e$CinJAD>$0u%O>y
zqaODnGx4Aq-W!*NCkwqst=e}1R)iIWHH96Vhh~Gbn3+l{is#!-83v~R^}o5ngYeAp
zc3?I#6^v-;`Vir@UihtcdpDx_zx5N@)2qq(_xqE4n-E~$fJ4D~opy45HYL=NVB3&d
z=y9ZH+);EO>pNwfMk2^A9+(`vgY}>`>w-dONR^yUqbPwGLWKaOGM9O*{ODF}0qx6A
z;1VHAzexr3{fVuPc+7^Z(NLwKg(oM=Jcmv2eJHo&t}KLP8e{01#?;{pkg}aaFd9f|
zbD``+12691c+Y<khAG5=yeRNSYASI%pt<7`9>9>#tNf=jJkajH``;`|ix60N_cl;{
z#SjP#Fb66gl%YM8^yeqn9|$GgbsjB{=GFem!f^FLBJrSX>|d8wX-GH!;r~2RYN!fj
z;P*>3O01PU3D`rZe(+KU5`&WUM5)21(&ao>B{{?D!5!5?B5|P^m0Q<^{q~n4qPJl6
znDYgTH}g1D$+oC(2np?B?RE;cxUid0ma9j1wvGuZBB;QbAPSK|L1BmNIj+a0pI+-!
z{pY5V+5$t+8JYkG3`yRQaU&{o<N1FdSPn0G(SC(sC8OkoA+mCBoBY?KAA#VfyLyhY
zz*#{TRSSpHLm{IsJaOyer0z7#cK>-6Ccp5|{g<ez_@8NMY2irD0d(`<?GF*;#oc#v
zd7W2%xsB2O1crE~s&GqTG>0QXh57a#2>X~VSU1uo0%9gy8IQHd^100`u=HE~&oGz{
zWPF))6@&u2`&#g8A;_NQ{3F}|rBV04ommnBN=19**||1y9v%9Se$!1K?tAAF5smE<
zMmge4s23)Xs`+6#PBVt){~}0=Xj1JQ5=U9@yyC$;=m**3-#&ChzG3#C6+<3s;*(+i
z#JH-|LE0We>^d8pZ5)>8puPlRO1)KcdbQXvV0Shff?ad&LtcYMd-tqtd(FXQk2B+G
zqc&X_kW%h%p<h4P_@7sV=#65XaR=R&!p{cGv#s&lrADgx3c~!p{x1>LOH-&4gy*(9
z_!Z$Th_galK~iuPm{tjO1Td_cVo~N=tt`pyB>KTeD08T?hpOG^e_Kgf^{qhgmt8IV
ziXO5r4hf6OE};&&`^wL3Rj1d|#TZM*9#AGd9mxU#!s~xuahLO2AV@Ae|IUJ3g(0(f
zVbll)1+Xl_Z?Y)VoV-<`V<@nXC`jg6d~??YqRgN%{^#K8K_x|j;Gpd>3(^FJsJ4}P
zdYz(=jE<i}17GZLdjZ#n=y|u(JD+-)oT`PGFF0skN`Wi%q@Q05`20>bo&8k@P->P*
z<PCzOzsvv(Sn+~mlyYMZ|5TLK3F?DKW{2J0O(N?tF)v2^_v|Hv7y*PWdL4<_y2b%}
zuAiprl*P~uFV%$=z-J<9j_JWF>AZgiCF4AO;<rBnA*2N;3aEPrO6!g8rWDB|GY~3f
zh*n{Q)?R{lMfBw2&hyL*1i#jn8%~(P09t>p;dG;q@G&$j07EV2Z=tv)C5nj>EsT&s
zBvoQ8(A@*N?DmF-wk{8)kf6*n&%QXGu!P)DYP?-tz(pye0<;+_YNFk$*HFezXA?&r
z-GQk3(VdUf$Gk^~8_C2k9$tL(@Ij-MulxNq31@WJ53k%X8VpR72*xq_-sByFvv5oX
zosRhVEMR2jjhD-UFJr#OK(@BC+m*xJUGBc>|H^*PkkJn;YiY_7{#N41lO1^)3-MO*
zaZYWQ->nNZ`1fA2puuVll&Lz_7LCxiGraQxqQ_g=Ys%$iaCZ-|3-C{W_pI*rSi%g~
zV2@}a4&2<ub>Dnt0OxM00jiHiDYt60AiFZ?voyo)t1$=FyUAz@S>iw49w2Ad{y-l$
zhp@84dwut@W2u@`p^i4J`Pi8nZw5=C*;NlrBxGR?F_8Ov?rd!i8zM$Z+07Dx2hvMD
z&R!dRqf-JydWCjGOx1<_y|4ilgf2i2*HXEL{FD#LuMH(bE#CGTcY~-7;qcboD}J-h
zr^?Lr0AKUpfaqTsiK3#WTF&;dMeCpW-@cbY@ys(PSq0-7pZ7IJ{oWcZ-?m2k>3tS&
z8_Upg@a7owW9_?cjJwnz{V?xUci3Y0PjqJ><8t8Uq20_htNvT&+Zm3w_=ndG^L<wS
zL2Ef;bz)jX_ia0V03$mbV=~uHui!&PkT}s}vs+#zCKjPEPMQ087Do5c^E^uVT^0>*
z`o&R2%Kq)!t-Rkh^((YnA>Tgy>JWE(sXK0eUSqiFQj>DF|H1H5{`BZY`H}p%EBD*h
zDW9e*FSO~wYs+%CQmeM9#4ty@@?$%@6(Nq>rt!<k`JaQ=+Ki`G*E1iv-CKs|o8~Ut
zn}5tV4U0C<dEMxWH)UVX@Z$04%Z&4+{_?J@<a&m?jK1fFn1~P}vahZOc={ErerLnb
zhjs50|3>l)Z*LK-G~tm(n}?R8CDOey3`5TPXei%K(MdoV&D<1fEPI>G_+WFBQpi2(
zc>7OurSpR(*FD@HP^Oq=#C3MPHZ05pt(^+$f<~}vul-1N@P$qK<8ysGgPb=eq9a1F
zcr5;W!d~sqnQopg1$e3}7q@d^CyCp7x-pKdU*ly`Oh?4-w4l=k&o2=(PFtA!PmCbg
zgPVJhGlnUQp|pvA4m>}okiM^=hk2=3Gs~kt{_$hR;aVTBt<hoyYiqXTd(HbIAXfxf
zB!9`zukzbB_)}u=yst9X`emK}qhNyQq&T$1jbv)<j5dpc!*-l&kOkeYN7}u~-AA{Y
zmPr`z=lT1GDvgJJWR*^9bg>w36-^^1v6!nw(<;(t5D}T#ipHjsLiF|bFQ0u~ww|kw
zChL!{vRsuv*_rx&eze}p|9Zn5jQ>;RQs<}@Ju<~;&XQ175eC($Dv%iL8}3Ak6r(T_
z65Uh&9u{XlT=Im9gxGxk>mxi0-Y<$tTpNwm(!iZrpW(&gkpHT(8fVuoe<{~jX<|KD
zowVE?86BH~Ldc?WK3+voGuApk4AJV=c{p;>po%q*?US?NJ}<=wRt!yy87<I?{bMr~
zH6$3VZ8N2s^8znByG4Cc4It?kuC9E+1XOQ2FOI*k>HnA-vzlnLqbal~yq}kqez^K=
z(~<Fj^Wd4iLNBt8$G9ouCddB)s@|cY!;@<Lg$iM2om$Gf**?!#c2?Ywip^7cVweSY
z_4*q34kU%P6~_hvr#0N^I@`A<Ve)g+wJxmrDjAG}Nx?xuWfq5@{d|u6vk-Y>Fa$j(
zc}Ueo1Zu#13>I&8c6Nbo4a-yAnrw|X^fuFVIm&55pP65&`@%r_p?f5nc71tL<vL)g
z9{=?1_0%z?m~+&ppNf*q9_97=sC!WSD?lEFE^jFgQpemL(UR#>Rc!Og$FWGydLEmP
zXQ2Qin*Yg0`>Rz%c<-L+vFryRqNge|F-6dr^{)+lVblAyMaDW&<3zsxE923898F)Z
z*Y{l)Bg&a8zV=ddh)gZ+Hu;qgQ-H)`PSBz;k!I2B(7b_^ktcNiCse|!Z4xN*aqLgM
z-hd4-PG%(MFnBjure9*v5cb)mf1=vqQFkQOBVne8Q7fVxlb={{orm*b?Itd_OweJ-
z7Frtv$<}8!wHVzRtKW?_dO|MBU$nOWXqFqK^%O7{2R{kKd?qL;NGa%@7{1LPRcZae
zO1s>2KE35jo<Y~D++1wFw_X2p7pzot{yJ=X4e@mIS$rezXKko^wHNGx@ERebH*bhd
z-BioGJt%l>Uq>lU6gZId=`cqsv5;WXg(WRII-Kmha<!iS)%TgK<YjBBjb5GO){2~C
znumFhMyqt|@1Z^3XZm6|&<rc&f<!~O6z?OLSyC16Q;{jvY>k;u>N1ejT8u|b)mUj{
zzr%WrN-jC`>E|b0d`f}#MqaCzt<Dd&$4i%o{88S$Gc`(N6cTD=&)~QxjQS5cxd42<
z`pS=Hi!$3<R&TfRUB_^4ziPR}HE@a){(Q&PK7q$cssPHJpP#3SI0TfY)J0W#3l?ja
z7_CQ8r3!o9%YVFo&WfTHyv|+!*9Mt_2X*-Ow$m1u8(bMIzUv4%z+~y}9x3r~5@KK+
zE_;r##ap0KsGj?-K{<rbG?}rmuyAL#C1tEwJG#<ZFon;0Vd8hrI}<ZlWeE+fDM}9V
zwILc%=rYvup}>rz$0SocX)#~Fj+W`C@a<0he)23jzEn@GRF{{Y{!uA)9$`nnqmz@M
z=L#km>9NTqmv*`C_c>9odiTF@_UAFD@KL!;ri!s*0BlxoyZzltS}h%xv6)DMggcl)
z5QQi6<h{*D6>{E^&G`}jM6WFMF$p#iDoBwt4Nf~Vt?#v1H4o?h4Co1X9HI((G{iKM
zi=;zyXyI&++Ins`OyNjOBcY+eE!KN=zjzd17xah=2?cHO7L8Q8Sj8z$)Z+14jps>)
z5^ED^V5&(aB_&ac*dvdv#$&+JxBrx_F5IAeG5gXGd-|o-m+*r6KKjZ`4@>(1Dm0+#
z62kh@=X-V{nKEPb<P(iXo?{9g)!slXEFPP=Pkn#?3Q*z~%diC6v&zm*SAGDg96RRp
zSGwT)k+}V`^72On=MuZ5MKpt^<)~0r<CWe07d?BS`pJs-<yO!7c&vU0D2HOPBvrJ6
z^)6cFS;WLA_oa(^y<9G9u5;*o5kVy?sqM<AZg{Jn=hd$<9^gCH*@CC~Zv^6}fC6)h
z@bM}x<XZ-K6qky%vm9a>*$k?qQg<llIZ~3&v=-C^k~sPJ;&olNhVu0Fh(R|0T|_ok
zq{Bo{-?3$kP2_xMGS`315BaTWO*Xmy)W@E(zitlcw?8*LOc(cdO<Lg6*DP0i|06u*
zpnp(2HpB4W^<RjG{Qft*RP_4aP$m(}Wn1N#&Xx^(r}Xw8n?w;Obey%@pMC~@@AaEp
zFG{p>^DLxZyogCikWn@$o4*b)e3DcFrs*uZA=Ry%W<F664c6@t3+#M#XXmf)<5;yT
z-b^~y+D>-#lH8;;uX`Xc-2#cIsU=)p@8wzOa@|WXCVcQf?pAouXvWZB<sj?%jG!Z_
za{kEH^omlqT0X3noEKtNC%FJJ3ihTf#PZ4~uJuha<FjYat`=2Jho3z2ubX#&U)UQf
zH`vp@wmJrl@Bn|K)NgWQ;^2q`KH<2rAkk(~mSsV~ce>s5nmvL>_(yb(OyccwWLH<0
zYUv9+-5OgZ$#p5+Iva%n-I|cl(683bl4ngNC2aUqAn<FpWna~Pa<TejzkuEA<vJ@K
zu+>2TBLcazR67ooCPIyDR0VPl<N3Lk_)op4$-GuSVh6=K7qXs*hDEIPEOx#m{dlI%
zFiP1XDqlxt@i0@CJLGb69{-aJ86~DC*y>{K(xkctGmzxb3QX$v*MF@Z>lm0UUmQaQ
zX@N>3UmU$fPG>G<&~Yic3S*gG)i02%$8(s0y!<6E_f4{I{k#ry(vWeLMxNq>Eq-g+
z%LuBC#3;mw=|I8D!kEV-VNvlJ8H1Y|`4hD!tgPzsRa_=$!nJnm0IjU73SV=1491dw
z$x_Rf!m=DMRRDI}m|J!&(klLOmEpV8uOhyD@a?&nVX5;2_P)<g`qNHl209}}UmR2L
zV&7QL%`|*^AQp3Vm1zKjWYPEFhaZKZ0@xLNwDJPmM*<D9Nvt#Sm4Fr;{`C-vxu1%*
zo^L7qN)rwq_(;@Xk!;?moF9m4a5inY={jxm?%lfzn{DlQj#qud-#<=PdT^U5XPits
zrhSOTdi01sv|Rne+Ed*jkgIB`rZnmdM3<J9u2@5evJ;c?<aBi@E>Ct$1}wEa?7-Gh
ziaG}VEMdFi^%$(Gwi~zk{8TUgg;L5;g915mlXI3_m1)=a?_aqXKIq&W+ugglz&Zcr
zow26yAjp5#IA3AhR^+nd$a!yytm%6A`z|3ibb?Zcf&tccA72qwa_Q@?JS+5Jb$z|c
zeNocDYttm2L%*oV+~Y6#xJf;;RuPZeoD)H$=sD_GQ8BgR<m4pfL|euft4<}j{ZE-e
zfApi^-rinxo{UvC(pOnyu#`NKhvYJ8LN1yn9lt`WttZ1+#){;*vM{kd8X72tU3Z52
zyqesc7CX=mub+7kaL%^nSXzjup0Q||kLB^|H@W0L&yN@_(g@zzFo%@W1-{Ab`?V)z
z`20xX&TqNkbgpsuQ}QY{n8xdq@P0#zdai=u-~Av}XaV&HG!n)Dsm8WpneW3Qb$wh~
z9ZSiO9U$R#l4tn-V50Hu`MccR+)7~tA4uk3pIpyakNEbUJ&9R#-Jie2a4_b>$CqD4
zK8QBC#m4XD>!DrM3K_u{BRE+!OJtWBl{OMHSxES-M?)%2`m+_ldY~X<`<p8d*WHP4
zMP#gUuUb<}Q}~^h&afO09j~}N2-tVob?Ng^Yqm$Tz>1tV=fXjNU6tL)7#L6=`CUbi
z8~T3WE!KH&aq%ztb<oGe#QW$3RCnR_96YV;{DO`Yf|~6pe!NXCGvp`8#DpQKGI0~d
zVWp+5T!syE*a+hw;|kYf3Io4$leOEkM;;y?2KsQP2k5_l|HggzEFeF_D*`>7;%09@
zF|YSK4*5i@jc|VgyYc1{gJto;&j*L1dT72c@qThD;*MI%D>~zjS^a6|Nvbea%4SGX
zJ&XP?XNdG%xPY9oB{w&%qU$LXWO4R)f67kb(xmTmu3GGm$F7@_>t*`pGu2PPCk;zq
z8vW+Q=6trr6_YvBM@Kbj#E(-lEvhZY!t#HJ%7DzsJZxzkf(C6P=h_?IU_#bVXuC+}
zmoc3+R(@j0{Y!4{Gm9(ty8(8l>jsOlMAC6*8eO&zySP=jEq^9j#qSLK>U(p0b6ukQ
zH2|#XtL=bp1ht@|vMs)EgBH}L!pNo<kB;|nxb>}!5TmntZy*_~u^Z_o=SRZt9dRIY
zjO24D0sNZ=!jW8l?r3nH3ABH&L9MK|oK0q*ZTg+1!L&76s#j6%$MEXatDmWSX>|sE
zX}i<4*^ARwAaAf}7WB~E{9~eaKcfR6hWva!=p__|{tqL5RvpN{7xMxOTE*pk3AT*T
z0od_}b}bha-1#a@+^qe@GU#}nv}_`&V%HakGaosI8<kSFZ`9Y;*MZkK@RjHdE=hlU
z+2Aecb-F|MRCK_u4trtvT?b%Q04G%D7Aa1&in?r#J>uj0!_mzSPxv33vIA_Y%wXU!
zw|}DES5yX{=45+Cba28?Zz?iNdv~gOe>A#mw(*WV0&do@XF)l_Gudc@W7m2?;bi*j
zv9R#;x}2}EvGKo+v5#iyG%_IN+SRwp0wY0#DCOU3isAPdAWW1zI7(?Ny<uY<1Zg_X
zr6zHE9F2`nRGQ#W7>ICfl(}o=%4<=3uMpjwt&3~qStn&*YmBUPoF7@w*M^%Y#8*1^
z64%<ybtF~Yv}oDOab=Z}kn4mAxoi*DwpcpNWSb}yX_m^nyVs9BB7-r5YPZ}S@zrBF
zFJPr*w#n6D@yer3Y3_)*V4`rEStAcOoZ{BkqOG891VBZ_vwi;N)01gRfeM-w)1yh=
zl)O-j<k3={jP7*L0JXP2R4Z2oo=OHAL7W&`WSsljC`jG*asZgidlGDUp#uT;1!%wJ
znvbOQJpLm&hr3JLPfjIkzK3Z|&c-u_H<Afu`d=sQc8)76D*-1n{HFcwg4asW^Pg;1
zDg0I_VdoCY(6gmtld%qed8GkNbw?cez9>#s-aPn;+5aHu+XoPQEly?<hjZ~tDFO~x
z^_MOC8NFWZ4BzbQAEoyFjkB0+yvuw!&jWO)+J4i&27wLOtAXF9$-OHP8ng6~{5D}w
zT&;UwzIYtI_BTI0+u-`5?%%Z}CnSJ6gTB)?1{ra3ejpUQSyy`vgODSe@4j7~H{Tqx
zmgqLXM-FU%l=R!H)mjVQ9OR4t9eNu{?1$oIa+ma-t|p%SDc9@1OMZao16V9Kc(4!T
z&D|%m<C@w|;mN!fv$c3>#6W*gvML%c@ff&PCc3JusuJ|xAbj|z^zHeuNr`?{5X$9A
zbaMRKc(0fJ=CCiwCN-Ah**@J7&bxPcZ(2Q9o{ZAinE$v%B|~groyM=jjK-%cG?vLb
zdBrS|v9WBV^*KhmhcBh5*D2!;V|h*mAug2KE^G8h2@U#ia%(8P3I%>%!i7YX(?ojn
zX?%XJXLxrMYB06<z9Yobt+VZ{;%G(8`(9%<eOR?0;Suz^5dn19WRlpW$Y}acX{xBx
zS{;L0+jRwM6>ZXx#H6E%1%P<MNu2(SN-3&YZ@$ly5fFX*zUt_(_Rpf$X7)$lXHxCF
zFBLx1e99R@tMk2Hwh3&z3G7OpKf>iUW|DsCHw{<68qqUY>~j-3KTa@o-_1>U6&({`
zalf^Re9z|R*%`~s>B9RNulWqX#m|I(0SAN*D9i^@-aXK<4RCIOXer{Z=f}2K|MJ?Q
zLYcmyI&3P7H3^1G<7jPB`~UWalYz}DrQ}{j$Sw7nrDrM6Hhw?!sp8_Eth1wG)zGeZ
z2MRDS-S0;-vu0_$*1nD6*a>2y($X)~b9H%jtE~%JNNVk5fMD|ERppm?Wz_7A;gONa
zHa8lp@e)P=s`)_CTYMhe)AO?{BlZ;8AAizWpxMCnRIesm;ndbyQ8v@I#q;|g!)1VE
zn{R&!dtV;=HP|mUt7Kg02T8n>LiNGGUD$LO{9WX-{pMB?_cvtpY>Nl6Hl__LBZqh-
z<8DjMkK@jg>)=o%2&}{1al@l;!uyT~3oz$_wXsL<^DKrljUT0Z?!5{Mr&KHHpI6R5
za??Y*JlSIq6>Z5RaHI9^nR0%ZD<78)W>Rf6pAHxaASN*^T1$2o$5Lkzo*dL>{dr1X
z*bILFsbI3kihO-A?dWnvwBFl7JUO|>@^|Z7j7H~u<&;{RLiHNUuWX@SD=RCUZYS1r
z-mAQPHd7n3?^an~7i00*&LlFWdjw@Y3i7hiW0yif#uikzPunp=A%Cb6?`KlnDngQF
zxG8lgkZK#G$7iz?u48Djw==o&Zr$C5x1AFgu+96N_Jo722O<DpaGV&r0ylKqqr7uN
zP;=SzvTLz_rHO8z>Y=6o^@^Yf3jUx`=xCD6V<iuO<CNQu>~#>{6aB_&L&N9H&y+M6
z_IIbgZ^Z#*QJXsOkl*oY!okt;I>%}4*gec}(m8E7w{NJz;W@ETamjVwK(boxYr*p7
zdDp#(Z+-?|X#gX~L?>+?<L7^9z$MRBNHE^fcl&#=9H~*ItyJD>5P}Y|8?kW;5|E$&
z*uU){^JB%{y=_AiF*(+H`HdWgl+iY29LZN+6)$i57C|-LqG#0EGOpd?iAU|Tgtd3k
zDca@n_W~SQovd@?VAW86*=$b)vcWPS>U-&HAjd-qj3n_uKe@BPoqhs{e$ib5DUi_A
z{5;l)`$P~RNwGWiWW0E#WvuwlsVxc%>#syS2+ppDeRKP&&BtQcXB&S%Q+v8=SX?k(
zDzBnqcGxA?e6*IbGg;N0&*X*M*=}1GJCTcXx9NZ;oyzSgfrUZ0u=F6-ag=&(h!DkF
z26ONBy&Vb^+2VC_@GHgcnaA+s;o)YzHySQOj`q{Lb)aF(G5n0~+cr(Ia(?VvnaE1t
zUEO;eue$)O8`YM0f$rNz)1P}i*tvt>7so0C62RtA;Ug*`hM{^35|+;#kxDUGALII0
zm+myv`Pvp*54*dJBjytJ+AMwk&p1cP!LYBhCJ(RG*cbg^{JV?@bPBZ^-I_Q0Q*BfC
z|CH<ZZ*#PD5X}3j7}%B#!WqWuyQRY^cs&k&%hX>I_+>gLWsk8u!Kb5y*wE3T2Y_IY
z%B0<vTOX6X{1yfZGAxE>-DhySyt$*X#;X0_UV3VN^I8UtJMxmoGYXr`Cw9;HK01hu
zx7+chY<iW6cLmvJTl*K;T=DUGz5x5JYGk%$jV0Leu)r><scJi!T_G1{wd_Dc6~!Bt
zM~~hEoew}Q3iWvQx7Up>ltRuSKR<m6P>#9rHN=TO;Y|ZDd?eHOIkB)?o>N^JkIkP{
z$JLf9fT7lZr7af^imxx9iZ5*ZekAsEV|i1b%e;p$-SgxDaQ(HT41G)ts9WtAa-B7Y
zI7ww0yMEnzy(EL&DaBnsMb7zUl#AU4RGAIBU-x9@Syk^3MXwup`%|}g>eq>wJM{nT
zG1^aWDUp>k?#=!H^yG8^9MFDhODvk`H`(TBZVrzY>qNRz3EfdG)2GQAf?{*qDjxoQ
zo6e4hU0Ai&Q;L0ut9NKpU)Ze(IiwNIg`7h%2B=@FNa`s5>BeyB!!%;zLY+2h2HVP*
z*#XCf*KGRDiQ@*INemy!mmM3Lr)sZarWeJ+X0oMO(<x5bP|)!ob8!vlkM9$8z>p+y
z{rpw3KwG-L^@I7<c>dG=Dg;6Ew}*|m<PHwG_q|T_MNU>?M+-J*yHblCgwpQVo{QCZ
zkp>#j8vvT-g1;+<*p(PRVMb=Eul50HXC_T?!rv2*LbXWqNt@y7!P<3$`(Ju5*Im=&
zqWPFpAk4_SDjPlC_bBT;a*Buu%X=}9T)jP%4&d!bt-dgz!={s1F<_tm{`T5G8Y7?c
z3#m^9wWjqo+TQsHjmN^GOo4h$7{h7%qd*i0>4)O?etsSH`YD8ok(cv}FzB%#IHdrH
zZ})hHA7E!~`^T%ogTGVrlu{0V9xdM&co$-#CR|V&;AA#f>C%5Mp5371kU`;&egGY}
zlZ+PRzirN$Zwl7EF{33wv$L5VE_9+V)ve3ZJ>H6+Gc)Yz?Ooi6e#GKoH_7#<Om|?e
z#Y?Wm{cqihsGnb-j8-wX;_0w&q57!ZL{#9fP(W?N?=0Ku?V&Iq+dB86d1dZCdPD`M
z?e_2YW*Iax-GPA*ZD*G8=%}He&r3Jf$#|gxI2-ELOHs$-GYtqzM@@HWzUgDV;<QU2
zCvkrrB;l+{`aFnWdDCIpe6;@SSRJJ5)#>H7udRm$D2H*&6ibiG8rn}(M-MLJ^FuQ8
z(J#-agj}+L_|9WHoangPfB79_y_6I8eU;g-ino`p+Ib~L((>5TwbqNHy|H^MqPJzu
zI++K<t+Nu}<>SofI$EkT5)m!vc(#plN)DG#quuE(EG)#lwm4?euYNP78~sar8yX&7
zbKy#g`4=+c7@`u;9fdM+4n&KHjbsn&p!P>Vi|>tP{0q|CSFcmsa_YsuSL)+s8o}Ke
zo?*}2B970g*J@T)R|`u6c&%PlniB!FdJXYSTVkQU`Ah-m#adj(>mcxLWJ-l<T0GfG
z1WZid*)O!i;+pHM9{?E=2*vN;y~`^W+TYk{%uqQ?2n`E!JdH6|NU)tXpKhfB(%osX
za%_4|mtD&Zx^Ron=QA#VSbJl>;?fAlFs1v3UEn>`^%3@E>Ow&(X3|uwB>xu^!Ttm#
z)HQKe0EbUByv4ZnxW>y<Nt1jL<o40s{lejNYdRQ&do=Koi`hyq&?ISNf7z~A-U4KC
z(&AvJBX$KwHvK%@<E`<0pKg3-dD$-(M{Al9<vT}@2a0<K2iI3ZNvvm^b3so2f6}zD
zhsx0ievGtn@=&FgLb|UnWy|Hs)7s&t@BCu111Wre*I3KB+<s9yR#y3(G!;^unpfM5
zr{7VdaxtGP7G@T<E)W$mNP@*-5#&4?#K_KLO@l)4QuGb$xfcXksvI{7I=LUk=}gxD
zzBCch5Bk^_x9o8cEmMDbbIGh%TQXLMOiiV{3k$!ts{jTZat9zI#Q9J@zKe38keMXc
zm`mh$p-#DMAX+?+Ls`kzJC9}<3&}Yu-3F<FdM({oxoSOC;SWkxOk5fo>Wjm<@S&lQ
z@Q=9~>%V54_GubQWeD1sZ=5{@9WtnPoybXwUkj#-&-#h``7ZcoP|>u4#>_$JET$Ky
z;b4<1gk*vKp+uP<hm?{6m7yD8!t;eRx3iP&a>4!87t}!(Z$?~*h1^W<*wFaiEZb)G
zy2qi%`aoSGzZpLHh&sxW^;s#)24?<d*N-3SRjxM4b><Qvd72MZ(18wJF6g02b$2b;
z3)o)xCgz2XY(8e?jy+l*bOJ(}>+a0=yzqw;)y9ti?ps~@j#K}sU2d+4EYD(z3r}9E
zd#KpXFx~s)LBDnfHbq#=KjOBVrR$(K32m<K0D)edtZuG%pRZaj#K}VK>Z5#!AIEUy
zQ~_#xk#^*Sygw;~)D6?$uw6|84T>ORP(+N9xJ(+>=fn>W-bSkB7VXcmPriEPeK~LE
zzFjju6aG2CZ>cS&qc@Nbw2N87>eX|Zby`KpShc@Meh>T1Y8WwW(nt94p+YDzLrBP{
zu0?yJy6N9TJ%fWxgGn;B%J`d`n_qJC9QI}ef29fz6vpNYxGX&e&9<eb4><2kOrq`T
z;n|1jr+W=W<~j|IB9Y?Pq<*cpzHht}GZy>fml6!>JTrK$M*$Y~4Kscub201MQv+5;
zq)ETfx{U^jA_Wol8FG#IWKgy7T);Vu2y#yq^hq8RKMzz9zepruituVd5>njhZf1tw
z{=O*a?mh$uKQ~9NwrOtr{n{?VW+?ahRIml|gqhnj4;VwtXy!~ue!J)^&Fx8vjPQ&V
z1sEIE<Km7Wd`4L*GP8<}xc;qO7OQv9QhuUL>$<(UobS>JJ>A+COjGtvy5%l!x#B9;
zE^Fse%wRl^W6?_fBHVqrL878s>}r$IZ0isMA+3#QD>CgNRZd}2d1z<<<|Ewzj}oY_
zT@y|F_ytFkK(Bi2yr<Z$jCHpX6b$@@zQNPJ;178g=H`^bzNzQpS3S|4!G+_QVkXU+
z%a;ISikxq}1rigrPAif9<cdLlVMb`#W`egxa!}qi-((Xmd6_pkd%^`5ZVqi?(^OkR
z@2z@ro^hihpWR$fgw3=CXzu39C!F+IQHj_`CEV=ao~_?ry%+Uzy|h05&WY=s68=lS
z@$ka$rqhQ&Y=hiGod50M-mGE<7g;B#?R5$oBSyu&m%BsGse2-Y0k7t>HWL%g&HbP$
zT~XcQLMYR*9St<!Q|}~=jGOC%ms#{pZo5lY=SO=v65nq<8}p(Q61szqx6fU^!2xY3
z)GIgm8s8%7a`;$9<d7N2GXE@2D>E5R_y07Y<h6L6RybYa3%Tt|TEBk%)#q|&$J$ge
z?Z-%@=#S=x`SUW5Na5ac-I^_t(+-@gqtyh^!G47p&yBi!iOqaUB$F1ZUzz=qC7qoN
zh0+4w?SCIB*75ljw;Y9Vd`J&w`8C`;xu~bkYF#<q`=8og+o=IxnV})ugYyRu9$XC?
z-u`f_GP|6OX<PIyVsyu+KI84=#8#F*!%4AS9!JAD>#uisU2mWDvUUB$X4-w{Td@1t
z&E-V1N7W!UV*~E{gC5KmOyR~`C9gz|XR1D94dwg(6+V78ppb6L@d^g9z*V5RSN+(u
z{>^aJ#5{}7<*NR3J{NcHbFw?x4+J~xo1YKM%~qNwYHe77Zi+R+SvX(uO=<r52+#S(
z^{L0HxZPWdym`@vKgEU_*kmkG>FLVp+$y}<hsH$lMmkX&<`jX!GOGE?R4m#hJq=Z6
zrPNalJW6lJBhmst2+HmZujZkQRaf)eTz*dwxm<~5)2%1eY3*my(@#gVfU^u&+i^PX
zrZY~Oh1$I4bKRA22#J#j|Dx}J1DS^i-O?Bz%a-0_gCT=E7c(u6O#khSJk)9Z2vn=+
zwAj)JJ2HMHlhAyF=AP^iZI#Beo<-Wl@^M94c4zM$#`@wud2Ly!a~QD6zCI!kGFGk9
zekyi##eFgR3<-+HGo@J2v8{A+v`+$WLh)zW@4k;=cxy3L@&L5oR+1bB|8|RCCxLFZ
zK!so1{HzX8_CRO<sa{><qLg4K=gTTj-a+vrT$;99nAu?Jx4cW!;(nm%>(#Omh#g{<
zw;VHq4*YfAkfuX41gRcfTQ4LsLG@RVn-VRjWkgttI+%`u*S3=9zrF8w1Z7LBxc#5<
zi?3zd_u1cPtlxHl#C<+;efqb(lR)FEdM^F-Wyw#rIgcZy2paLV5oJ?;N1wYEX7_&E
zI)~q_aLdI%I$qv5ePP!M?@6wBcHN(A;SU8}wn#nBe?<v!_*ID<<5BVnulDO?%2nk7
zTo>2Ho(5zZB8Oag(DR~cJ*DoCXZzb!N~>B70cLSWP9?T$Z9-Y!h_z30o1Gt4shpp^
zCm8e6uR3430PJwl-rj34{jLE5G7RO=<<(N7eCFDjR{Cw`HwGr?2LCE!EaxAFzc$8#
z>0KvVMeHn!L+tX?NWO~49pA91wwX`A;~NGoUd#2$F$-=^YX`y4-uCwOolJib@8m2{
zt75Eb&5*f9$74UQ0%aYaN~9-QtN4x&TWOar0qI0S@7ewf_xO`<kLg7MipGlW=y0R!
z{)<a|s)AQdC;QrS5tL#-L7R7?)uq@F9op(>r(Rpg85Do}GtJH5s2u3S|9@*HjOBdc
zT6JhS$JK_~W69yijEhe6`#1zcH-vK~zL1d_ZL(rm3D1PNlv1Z1q=m(?{H?pa#;7~q
z`DVq@@)I~=%>GZ1U5m}K^&03uc<nc)Jae1tT~-m71`Wfqvr{K0r=)`c{x4>xMyH+m
zegyjCf<Pc0VN_WxzdgDIiwp_D+~PM!fECL&9x30+alj1#rhN9KKmM!Nx-xrS-o5I0
zyc47Ls_JqJ3I>JGUzA%s?~bM1Va3TJvN#r<R#UBB!79_QPM5B?X;(0wo`C`5CH{FX
z`=QL@dssrCS5MP=Nqu|0#R_=FN2R*+cZY5d*yTSn_f`-+a$icyzZ37q+!W8W^${8j
zrR=lt5O|TEsL-Mw-(Bi%0!l1*>-ixoXw&KA(}=CqG%oSYzVOtgpz%9{DI~Bhg5Y`P
zzM)FbQC!-3*Qa~>Ds14PAolm4T`K^+)!$}eJke>riYuQs%>gaTxaH-|k@9&vJv4=c
zukZf8skNTzDjdnTN1xR8H?x?xt-2#0$vj#Lmst8jBLxm`<r@-C%9)-%4WHyTUE+G}
z+d!q6ST=bVkl@fozCvAD!qqEVTlV?E>j-`Wj}Lec|GW=XDeJC+kGJ|@q*L=ph+SWv
z+bmNrYK^Hm`7pkwfIh>U^?u2pl>#C4@7ajT?;0<D1HV<RwSlzl8hNjDxTId4^<p#z
z^}Cx$@xOqEna_NY`}VHlZ2SX|KKW?Ft|xdNHo5J+>ufy!w>6zFJ5EDRey8={l|lmX
zoBJ39lt#yWT5PYXqj-z8oz8}gE1lqW#qCF*?cmXiM4E-Vcm3g^TrW2vXHA7m{t;QT
z%Ri;y1XQoET=93s5nA43`Zl(+^BBnJv`oMG`bUalTB@R_XVBKd<}OX~rJ`SMSlk@~
zK0kU-pjsFrC_vBrJ!kC#0BAC3|Fb;_Ok#vbx7zZ1zM)U==t?gb;o;6y!-&3I*_n8u
zb)&MfD}F4aqS06wnaIg#?5CD(TlyS&EpZfF=c`K#m05wFpM8%_&JXF)poEVhA(;}L
zK|JOYQD5EWzxT#6O;-D&DBR<C^Zk(YWN)tX`$zJtN_@XXtogj@knr#v*EG;4nTWpY
z|5R#Ov2^RSt_G<ARI{@5{o_r`mEU=yhIUk3+y{$fMJ466UH&<?GoM4#OIw0YPD}!V
ze7_7~_qB5ekSoM8_c9K`xC$C>n1Ri@P=0GiD!=3q5=s`o+B6^*Vmdr|Xvf7MnDp<T
zbGf&<1;qqU8p`GA(G~aLVgDdb{ZV?;WQ!A%CsgX6(hhQCZ-0MNE_Mj;>9aHUCE$d@
znc_es+nH@jz}x;)1r(WDyV<_Q&fo_3MR-F)L;XzmDi1=2qd-}wWZX2_NOF-K25>AJ
z+oy?ofg<fv`5eY@i`l%VphV=^wlt!>y8Ql)6PM3s0_iW8sc0x9ba}eF46?P^TD8T`
zG|_Ie7FLmPFA5&(p0_HZ-$Q=qFfVonNq3Y>1H-x4TR^H*S{yG)F;lU69&Y_9?$+CH
zQ5c+SalZ!Kr^1&iaqbE2mu;c4EAO>|q)yNV@9o7ec_A)D5lleC2<iYhM?}_tI?59c
zCZ}6x@qC-lrv9{5JT^W3SLkxLVEru=j8DDNesjGu-xm2OIMV*)p9N5`LARMsT%0DM
z-$m|i27McQW|r}Y%><QeM`vf~6SV-)o>kAa)Uq5aQyQ46DKN-E=e7LvSWGM(91$|O
z^e{0sbv$VIM_$;BI)}$HDIXsAoW>@55>d@E?VBYm(zBP5=5&8r{LPe+sjT0-eJ{aY
zm3e&7U<1<#uUKZy?@OzdySu>qV7wfq%M%u>^L`GT%J>$EahKtd;VaY7rUD)wc7u9^
z?lW{qr;-2b*ROyP0g<~i;C9bhs8?2H9e}`8QLp$Tv%x#or>?=_xOj!eo+_^5=_v$=
z$h-BGsD0;qq*A|KsG4S#rKC`!)zrX|yO{cV0eR4UcwH#41mtkQs6Ic@i@!UTmHjUC
z&F)`S(xe9uz{xB8r<szFeZ!%gg3__vT!1mfg!5SadeVBg1E_-%IzMGdQz$YcZoRZ2
zYvevf<42?hXw2N~=lYH0=&1bH{eP+-(7&4I)bG!CUM%t4R+$~NLB;$mf;%M&hjX83
zHS&OlcEi>@H#pXaooFhtsiWc>JYagHTh?9L*W1g$#MHfIJVRPOui_SCI94=Pf4dlb
zww!Sz^@;;6liplYdf=R01tP@Kto79FXq()1y;EsSpXwg0nq~a$#h`KAnNTaIdVtH5
zXL06IsHT59z~$_~t>o79#v@k0!{ok{^owD?1w=aaDdkh$+JF6!@>yD6fuMNjk%cNT
zv)|FYN?;6dfy14n!B`O=AruU}AJnF&+o6LxJNUt=r6+Iz)5N4{^&AiM7}`t+QjWgm
zXB_k<7y>PTHR(!PEly_O98In!7b#FI!vGI1+Xhh`!O?ooQGUB_V>w><zMnHJ_u7t@
zODPs~?0aiZ0tyPu<>T2rNH#xx>jvmbzmZ2p<eGHEbdY}Ym#|$?SpcSmLxEr$EyNs5
z2_xmtlIo3_xgC11n8y3DX|Ev#94CBDS5IN|Mm<Xs?af>8qO1H+=o6ynt7m6X={I<t
zh`Py*-&N$x`HE|X<;{{cTk7>%GoQ^zQw<3rO(|XIqaNr2Jes@QcqDeQqmj&Sx3{-Q
zEkrZP2oCI_WWNQkV9O6-;o#&L=e(dxf*B<<vb#-hCK!5!+c7bX?AA`(HdMr5S`Zby
zL4a2U{S&AjU&%|od;BOiCXvgEF;e8_K5*iC@V`HF9%2RC<^%n@l3<$woCRePVXID8
z17ew`GmqP>6M=@=;8HXbHNn)cFCF>Lqp5!2y?v>#ck##3b|Yk{l!%agW9GJBxS)^6
zi5H6<$1<FyAyXVoT&-JU@w|p&>^c3Urq<#6TAS&^O&!C-xo#T$VW#IHZ!+PKl8Y{Q
z>)c$*-a&x!-{yFN+(_Qx()^9`IW}2<D{uP;i8l%C>MjEx0krPh74<}Qqt7gix$2AK
z7(C)=?O93UzAxl0Ktz;Pb4cf%ogI|7$!L0C_0QJtkOj?FNwk~8+nZlqg&Ls3)9|G{
zEl6KdB$4m>Z1iv9nYzcoN5B-iHhzD8qQS_l15SgrQ=6K#Q=!PEi-osc?~4~uatyrs
zF#egBPEm#d^>eK!554;)I0@8++M3SkpJ3n@zQt<^UT2~`qvTg4uRGn57`L6hGl|uB
zE7dgyei!HaCrF-WxbHoWw~y9@_YYRj>^2jlkOTK1eNJgwRy@<di2qa9SH)Gee$g)W
zraPpiOA(|~N<=~_rMp3pRHURE5kZhnMd?x$P-+V(AR!VeB_Jh&QX<X1b9?^x;Xd4l
z^E(f+)?VLQU(7k?7-P!QQoF$DHxd&Q=O1=+xO}L}zJKKkw-C2NkqKJ6^J(xtDGowb
zyWDry-0OC9%q9-ms18aB51k2UB4^~glCkiSN~!0iT>btwno9qLqgG`cpX#O4)YZj;
zD6JjZIl7#ZPe8_0Iykxw^XL+bv}e^pFVVz{8j?3U%MlvvB?k6S#)?UpVZkjVlonp6
zNI<O#&)a43-(Vq0$lrH6YHZmboP>(|$DeiyL)TGfR!9);YW5^z;cM5fO$B~bgt?w}
z$R3cAMazd0)EaVn)8sJ3$sW4)JiMxwqvynXz4bo(1;QxAg1}o~|6O<YHuhvUEL$>!
z<(QCsBhddcm;UWgEjA-s{bB7GK3IgEtm`cUj59}>e!ni*e#dGM0>~EKHF$LR%4E^9
zfdFRxUSZftnsw_TzV^@!CPF)!Ibg)3_DZ;H0PjM-t>vW+O-2H8B@l&Z*)U|l@|b^c
zF-o&QEFXs#XTNYd{u?#z)b!(PIo*2bA1)|mHw4LYRYD|)4a6#Xu8)t@ZsWnpm?P=&
z;V#s%A!gBn)5~#8({$kCV?^cW71BPV8p~|#{<1Q&vRwA$-9Kt0ciMaRjNh4Q2krjq
z6R-)@0+vq|`}Lkmqh@K2kiX0TI1}k?H>dMt&OI?Kzpn7Ni%vUVF%d^{x}n8DfAUrr
zZakPr+-_Sx{$rx`!VJH_b{O_V#;C&Z)lpATDevl~WQ7m#B$rzccB<QSI;sIpZ^8C<
zD@b^r<~x4+=cOIfk2ixJjk~jx3y#)7$5NmsaNVhkKGPq20ZCy&O!%J3R9}Ci?TRbN
z@_)=4OtI_qiIxj)A6=!ChjMbS29U6>*0!t1kY1M@nR#^HDyJR0uDo~DZZq=ul7^&C
z=e>7`-h2T}_>Ec<8@r=Ny;Gm-<0OC6oK(D|)Wlw&%aqh9Hp-O_{<~w+vh%HZwAzLv
zbFP>tia%N-dK-dTvF+y9_n8#$ZESc~dL=ZG#&y08k3eTjyGV<i9DAvCs~t)bdovTl
zi3s7}`I5ncck_CRmsf_j-1&~otCpFHnz*qO2INLSsD!e62yWIXPu&%{_UThoODjv!
z#n4bCpw`U&_*5L4e}n%NlxKa8@Bx|W$j*!t30e-gbqR<B1MqF$5)}q(1L^RoPckt+
zA0I-ER~#Be*s}fhFnDW`@umCNm5{xlO|g%Qx5S{5tWLrF0n+3CYzddDHiGYh5CC8f
zz1llBE=FZ3xY7avbhUOx-13pI$pe?du!ytu&f>ufn%vyap57y7;=9B7{^zwlk%aHZ
zIsj;Ps^7Q$(9f)J^2eYnU2t)%O9W7st^~TH8NjEW^QgbDJqh00-mY$==os*R4J_`n
zyZ4#<Yzo2(I^!tqMp|=6+?fcaoAcX_i9}r|3{RE|u^PeYg2pqXT%LyaDb>srNwItu
z$Vmm1`*6U<p7XHU8{c1qIVD%Bf+A{MZF7XoTH>42-fuKAS}*j>@fgoUruYN#{N%VD
z+nq(jv%k{KA!>QPwxD)b@^`sGExXszvhtCCM*slC8SfRj^)KW6S~8|ROEqe(wX@`7
z+OhK-h83otRx9xsMJ#8h8^76)rf~IV$)``{ov!q{)B`mysJyTj$5AY&hhcMpEOqy|
ze8#CM9)h{M>&?lo^)5cxPO59-##^PART8&eq8Yet)6bba@Cgfis5Mgh3Hu=8>zZFJ
z-!B~e=UQdcUU0a6OsA)Ca0X;BFAo@^??(|)Za|E^(S2dv{_=-gNG<<Vb_ofK@7g0w
z=1gd3*tf9c0}2+?5Z353lr-|3F1c!$kvsVyBG?*hoY|PL@WO%GyALm}w-o4n>HW~Z
zuqx8#xG>8Vyg%*&Oi#El(imzJy>$Gd_8ZhnLD-Pt>jtfdqwAhifQ#^*{8h$Y+Pc3&
z&LpePvKwzpTZ7(uz;LnH(fuC~W8gC22&q0T4fEV9o+!X6NACEoPrL(sZ!jcmk7xBu
z&31F@%Lq>>Dk~gd&<eM(XeengTaC0HjCw((YeO`aob5dva{(u{Vd*G+Zl;(OO&(5~
zXcigQ4x++P+<&SgB|2i->-5yaci3DC(y~WN#oT`ApKKqn<|+Gs`)NVFF+4oH2iOUd
zTmUg$8=Ib=--F$>Bkd^lB-ZWUaU2`tVeKUz&3?m88u;hp9!R2SFA9o_r#^k|kS%_b
zfl6`f4Byp^Kh~*5C8_wy?1~-O!&RHtH~-v#GJ1TUQ;5fbiUSiNE~EMepI~a_Bd)UP
z{^s{shZ2t0WO<rO`LFEAQvcF#<&%e5OmbYpkvUcxEO-f=CO}uP4q4S{JB<})yTFG8
zcuA>@h*3n@FdX&g7prf#1FqDa%+YwjfPY`YWpHESsz{ooyX?$BepFxf`j~)sr|6Jx
zzUQ>pe6Chnz+%#ua<j^evBrzUHgzyjRU-kkn+eC$&QVHQ#vU+!$T+vW!xObUSg;86
z4u?NOcK!KMxh*XUm0nRZA3lC`0b134HnG&OlX(uni&Xjc16Rstd<FK6Dy{Rw+Wyee
zmFPZpS+|xw{enkOHCBhnG3sjc{d@H1w!UEZIrw$+RcpV640%YevoqsEA*Z+S_v<*9
z!hqC}ySwHgWJiMlbMH@*iFo@DGi3-_<Cm<A@hbmgm0ukG`W&~P2^5CJiaUM4P1Ox4
zD~+Gi_oyA}#{tBQ!RqGpwA%#6xQ$g-jv)|2zkK+xV9=#7xIg}46f<@Po0^{PwBu1{
z2}KGZb~r7hJZ?Gs9M%*t7ip6GH;`o)S29Re!sbyaAKr(6TyvhCra}^2eR=?@Kb5Sw
z!)xF?XuH>QEjlJH@Q#$q7hjw@#eqt(|5Dh2M6Qen={QdmEVzXP4fe%|yVx$kx5-F_
z0u!OKT;gt45c*dRcI@7sr=QfWz^x}F<?uLFb4pw#y~b1Z+KwV!(@HlWJFdIkO<Aj>
z`KBf<Gp%o7K??|MsTzd=kr%MuR6agF@BXp?M`Nu@NL*Z8Q%_HTM=`3upB$)pJ$-$*
zzx10NuAa{%%N>aAoa2P*&5s{U_E);}fevnOZy$gEp5W*2G5~68XG<mk(>`sw*}u5?
z=GlNmJ0{tV(|?*;89ypv6#x@`=GRW`={MR@T7`;FVPIn$P~1Iv2+W9Yq1!qo+Bs_G
zK{@^zPo?TyrEzdy;{5yPuq_uH_9gnRjjqIse*>DQuv8LA!+dP9p?`l(_eF#p%H3KZ
zF4fEb4xC8XGE&m=qeikdLfgnjtf=17O$D4_b4ncQCy8&%#>dBV%Jatp&~vRul>nEu
zCz(r?Ta{7*e}ud33O(cqUN^X<bkYC<*gWW~-RNuyTv%EPy7S${<v{1>Xn7}(p2A?(
zg>~KrrYIq<$ndjZXcjYCZjvc86B1X@dUx~ST<wd{X>-w5125|@cgQmn0TnBtSp9N)
zCW^`%{=4@0yHUkpHa`@hfoKy4!h;vUGX_%Jhfg@DVUzoH;A;Xl8Yz|A*yMw-i92C^
z`GF}q4CRalVsZ%+V*bhWNp*Fi_VeG%u0JECV3jG+X>NGwITHJ3XO)hT(SPi&@5z*0
z+sXH<xSjIBX}SA4^?^G#3Spu=QPYY|KHW>Fr>qmDPSN_;Toqr`AaU43_bJoRI>fTo
z=C7Q;MHZelssIiV4TCHwL^xV^m2AQ`30ywr?*v8W{6`V-fw=!yYY@X}t!6+*SU-Es
zej!k<ckjLKw?6d_(4QU|%Nw&h!%dmVBcc@Am=av!@>;326$nvYx4P(=zw$6hxwd}m
zwP}MRNp0&N@kB=9j>QieUs?`F0n+rCcr~BxGyh|{R%C8&_@^4C<@If5iD2ISecj5q
z?|NIW&P-=SN#Y-{ks$ct=adV9D6$RvQoV1lz2$lIbYHI<Fh81B3+^&W`kpzLA>!~Y
z?=^@mlm6V7#5B^K>;#}t;XlflSft%Fp?tLBXW<`uvMJDZv?ei_r#OH7Ua=$*1Qy$+
zhwIB9siyRRLr~Qw)sd`;cwc^P{>ZZrALQc+?cjuV%J27@SsR4)N}*Wv1NIB|bhe!z
zvh47(vawxKcP5OTQ~ly@EgWN^fF{axEds38-X37I4oUJ_ncpM;Z28Z$DI6ckmQRb+
zXo7FZhvA6eN)4{)_HzaeLLU{d3cV5~5;r!e*X$^3VMFWb(bTv!Mze9)%Q1CK?dz+<
z!^1ODNf4rNjtaDi-<8+fKjLEczije73nFTt7FWZg)l^SKxP<L*d!6*LdbR5SSJ8+0
z+p72vk-j4t8Nc-qFF<5KCPc&$8Vz9plsm8qkV90pIdY+r42Yhpyrz~Z0__wKEz#Q9
zQfbZD4I=L1C*FasQYuI9y#=oLtxP1<3h2(h!nRxnN>dek26cp>9?`98_897jGDwMA
z4nM^OAMGzodVNB5N?vMsQE2j-b=R=kJU#4a)kZr{KK)zBA?#ONo;o#@3#N*sTqq*|
zWq8z+?SEEfD;#vub-jNV_^Qvg%!iq9?ja4XM*0ZI(auw{aF*PJ@S2!VPM*_BE4t}2
za3q$WeX(9#C85(?o4WjKrq3QDeDm8A0*=rF5{|G<Ibrix<Ud-#l|efLA5lF;2bjxx
zTL>;KiDM5j6ut&FGX}m^E^E{N5+Q@`>d9<Z4IkwhGCaw0T2YA|E2idV0;WIEL9@i}
z2m;6RT0+DYCdfd0#1Yh#+ByaO1=G!9mM^Ng)x`Sh(5}YGs_`mIw_bz5QedQ1+X*ng
zwQsG7N5PpUxznez6Dn5Lb#*0cU+_MD%|kyXp;F)SJKQzL-LkzvhgD{yH;!Z23xlZN
zXTRL{xjG>}zRu4Z1nh8NL^o-HGP261Ib(r@ZvUitUDj`n2}kj@5Z}KmKbsAeQrR_1
zZXTZa2M_oK<;`FHy%TL$ztYY&Dx+f=8zCW*3<XYL7DAi_>~z-Bk%Wkq?NBs(!4su8
zO16d0-5H+1@3^4#Lz$Svk01+wz{P%T-xX4$)~ZLB{~J|mPR<8lG-t_%DkO$k_3V>@
zb&L_-$1ll)1@{8pl)xsWu>-{BuVq}o)P7=|KVevNT5m=CSwcbr7dJO5clxB+EwIEc
zW&PH}+_X#T>V%Agh09%=^J_DWh51mu0!|O*+RR7bbx%1Zgs_tT$f3+}y9aDG^3a1h
zqMSze-i>R;Orjf<6-Kq^>5-TwpK`z17Tg!2&XWzz<5&vO+lnT^(Wa}aw0(7UJ&SWI
z^`(f&ue?ita%ZyP&)Re@$g)Sv4dR-buK#HGo=yGlL`er4UOhKo41w}-7u1+!@BYp+
zXWp3WssugQfV#CO`#F=Rb<R72O8c{DoWg43A<vD87C9jIE3qb1<Na=7cs9w7`i2h1
zo?YrTlqiz!w-B|-!HW^?6#d%lLM2hE<8tum?Aq7oY^5VBW6mmHSgCT<$103)urrTF
za*0!=vD#&g!-bvt`ugz~u5=?M+H=k0w`Bu1IAiThGuCaHDx`e&Z!P`^J^Xc_MIsie
zcW0SdZ}tX6how5Jw9lj1>(Pw*6cOM6*dYuY|0GsvQTUXA4)+0uElTn6q%AqjXzG_I
z8zm9QF71A7%#kxI-G8(5)2@EsPw3&phd^VC0PZBN;3(m;Bvb;E`m?Y_&p_W!;1|`8
zq+R3nE?T+;T~MVPf-0Lje^QAa_N1%3`|2-*D^!G|sp#@b!#9j1q+B%nbgo3Fa{x~^
zgCvTso$X@>0h#RWzd|`n-{Ss?eLM;E^(FV1eC05jC5FSCppdpd_S6r^;h_b}g$tW>
zK$lmAIDk(p>Ssy0ZLg=leyz14Aq88<&|D|3X6bj9?eq&rf?0p@@VNr|@Y678uC+hq
z2L0Gg4gRD;43JBEd$j%6*AGL#?+V?_1X0)T#u?q=d<QLv=2H2tnup}plv(a?-G9BU
zOGv@qfA0}JuU-}=a(^32ro35g19U3rT<1<na$Fn+6y5!UM3I&8W|`vD)EhJ9JYr&7
z*926pDZSs`CKsLj`H6V$CJ2@`FnG=%v))31#eMosdP|F?d(J>=mr|x((W*S)<c=6j
z#C=T`okRv<Vlt}617mtEUu|;5pq-~TcRg`_0Iq2QxEKHT*JNDZ;^7<O0?a&6+Jd)t
zO!{+_a2b=h_}K*OkRXG{_LnQYvZ;-GOZ3^oeJeG1qHAUIbsIdt^*>s0T<Xtz7l9@s
zr5z7e+{^`ee_~yoH!R2wn6bDs5das;uf-meaZwDy7Q-!<$xe=Dqk?5_N*ko5je~Mq
z?zNoK4EshNdrwc#!t%cIbI_u}Y1yAL*U6;dUdH$Ol&Yx^n?I65V)-&iQZ>NB*_j_m
z%2|@3C}r#)x>DVILD>&WtEC3;nL(HD`(yMW=tPDp^}Ifql-cfh2ukOaTmyMNd&m|^
z>hCvcHjF}?fk*hDjQj9zG?4)x<#rddc<Z_Ah<bzjx30{>&@1bq$4uFhIWRYAn3-L7
zJm@+Y&!e*aMy<m~QPdY#r^f4rvak|q?~?_b#%~P|8wk(L)atjP8h3wcL1gc%txbFo
zvI2p<sQu`fgBc$ps2y_$cBn03H_+XBr*}gNkW)u%$)^=R-~xJh<63J|+1DIWe|#$@
za_YO%XGb$Sh?euS8rdcvk-fQdBl?VPiR-PsA+Dvtf`La`Zu@dyT94evPTB@a44QSV
z2q~GnV28RfQI-9ZiAfc7{y0PlOeX4qXafAZ4^=B8u#{v#->p<zTT~%4p?OtjvHA6F
zQ_(Obom?r0uRRZ^!~&=xA|?G=&BRqRC&Uuy*D0wz`)I6~=85bAl&l>l{cy{(ido`o
zvw!Usm3mv4=G$>`8bcL<x7F{nykm<Zy4I?mlu~H8=669SN9vi+2>;Q_$zhg^|9Jy`
zzWUH<d61b1_0f6D=U184$KHW(cSVB(()|leN^Ym%u;f)xNfnDZ6KRl@<+qFV8HP#j
za}KUCt9PSMd#^WJ$`LxN_V}4o<=<V0tM5Ty`|y+hgT=oEicV(xq<}?T8LLp(*ysc>
z)&5gQ3~zEFCiQZnY}nk9mm))O&vvL>U6}HE>oz5Pw$iJ+zwfiB;Y!%?X>T~WH}a7)
zrx7NV8_F5+;W#lP!|@gwU3anzF#RoC0`ROx$XI&zQUyoI0DO7kGNW{#T_OV_A8L9w
zNWw^ofzg1gKOg*A?FKb|wt_3Sa<EKtu|_h3uh}2IkE{90VFk<pbI-Q~0^D?Ou2^FP
z`v4DAx&yVO;w0D92!9)4JMdH}ISUOt*0W1`Hyyfh?=4M0+pzDw-1z6U^}B)}$Ja)^
zhQcpiiW7HVAO@R(`_rE7JL?>g+}zxnKk_u=blC#;K6Ph_d4NJq#{u|}vfCjuac}Dt
zQ*zV#wif$LU)|yZ@`#c@IeUK{oF&6g&pxOd`mjiiCrq?k(a!KpNt6{$7IDisx!*?f
ztSuJU&|h0`GXCFSV&YX|Fd0Aoo=3K_ICm;TwYiwMt0Z9FPu<2UwhT@CwMQ0k$d>H-
zU4Fg1o{6!_USEIvmp`ppV<XDTM@~2H{CHa?rUh0a*E{qorDEmJ5(FnmsQBCF3Ls_V
zLa3kSisE5lABOE2=(Ph@I&6+TyE7p!<Ef&S6S0lAztr4syDc>B)tm(Ebc>K&RaJ90
zL8$%P4eyZ%9W0s*7F+-YO2!{Igg&oHJBs#`7>?}mP^)-lx={o;3K=RxxR5$QQAK99
z$t6jgLN*B>=|~24-wVf2_WTbxK7O|eTb$az-Od-Yzt=f75-S5$#<t@_2{&!p>dA)m
z4lyNTap{Z`|EY_~)~#Qg?9c`ReB0A`a-e%4?i39v*eG{p@f%P#HkKv}JB|TTKF+g(
zkc#yKAg^UJb&uT%NWyNjNG&riAdcwnYW8$$L_jZZHZE``O~I~%udg-Z)!eHKH-^e+
z06cbp(-J<n%9U<&Aq9mzm}^5o_GS-Qu)}TmFV7l`x7|4xIH*wA$oJQfS&}>o93@_O
zOiDv~Ko+#KGSKss7e_et^?f<ks6!k+kF(S^qehy-d5n{<M4yKc0hAv93lZFB+Sp1Z
zKBm4`C^$Zb`WFy~`{4Qm3JBcaglc}dgR2JDi?m>@!j5>h!}cEb(h0n{^^SB{V)(gP
ziooo6j=ay2tWC%!fkcUJ@g-FOb-tv>8np!%jeeWqKjq;sA;T0nHF+=Noqic)$o&V1
z%g<fs)l0PVx?m%f3*Ms!F5k!XL%;7b+Gx<o8<Yr5zwvhgmh=kH^`Ty6Ji~ttpI*>#
zwnllXGsW%_PC}za$B%OgxP9<vC9;63Z9z^Eh+>0!%14+Eo6u*V{3mBq%7e9{->l1K
zrbTNkOPm7LycW4T#NMb|1(yS?)Pv;vGKC$68|U|(-lBlr8CCLFy!p<I((`iZ78VGT
zO0jJIqHz3y`-IkFBSH^a`qqQLk3nJb{LZ#>3BR5*$b~>XZIkZUaE97@ak<{^I7r%K
z3bR}otU7aY%=}O?=X13M9oK8#4w<~N*X-UL1-ELEmxK(6k8$!4N6%SgT^3w;fCQJI
zHQ!wiFBEhJ!g7N~L$P0I)IpcRENzbuwdwTI7o3hvgh1(V{9R?Hov)BBoGZilC#G(V
z>G9oH<-X;^yneqraM5$<q{pN42Je4P(mz@_r4o^-LS<`}G53ZSDT|aRHJ$uPbASeO
z&SX0#oVO5gS;VE}vV|=gQZh4duIwLY{a}JAgZc5?;m25`2ykRy9!QgL$lhHd2df2b
zh;TudrE6|p@hl>I`Iw1@Mr)fvm`UjtFPf0zQ7FwjZB#hwP+tQ{wr(Tv#*+mn(<fQD
z7{Oz_<IzHIf41CqDxYcL`g-%^Muv#VgUO&jI3hewd`HW7#WW;0nkpS2^-m7n-rcho
zaS{$(zOi3g2u2*yd>#p8In;|w&)pVDKi8NIfcje#8-Zq4a^oGyl@ZWxc%rr`7n`$+
zcb)`!apt8ACuTXh^ddL#lELOd)b$7-mvQSB$eX1^FRmV&ylSsCs5JH<Bxmmd7KH2P
ze?c|OGP}p1QpZ)W&s#OW0I6V!PIku{v&8f?PsmIL)2^7RHg46dx9l*`weM$mHqN|<
z9nJUma12l$D!p=vgX1J$3enLu@ghUoqPwPw@>qLw#qjW3Kpzg>-*@2;xlpj!mq9O7
zd(g&OI59&-MOJ#b-Wf-!kGK>IY(X6}WBSax3#V~z9bkR4y-dVD3lVu%YF__)3f3N<
z-ORe5OmnYqyJU;YWe46~2FWoiE@hj+LjyK*@3aQJ%+2HkGtuYtEs0ZsNO1&-rin@~
z-WhJFjojK31qFxQho@RNuKDRi+A4*^avYn>K^0Zp{Q%ahHSnRo{hZ`Q^?=C|&dVWH
zK-+dDbw*y>TzVylMR)ucD5;YpE)h!jM!U%_diOl8ev)z;QMrS6nvB<l`TXp#FcOYd
zk>?~Td?$r-AizZ*I@$eID-vJpU6Re^$3kqHx<|5}*~i?2oG1}KH582n%3Jt7udEC|
zW0t;!fBc&X11E=8f#}1+Hf)4Lce2??R7b0#Eernz|25m?LAK!SMU$y-m5jyjc|Scj
z5U}UXyliPB@Ag2%I}q_EA3LjwLVPZRtpNeYJ>|i}f_Z@l5N7ZDe)m_VA9we|ZDbg(
zOAv7ICgn;#Eako?1exo~)T?vg5rxZ~VFPnm`m?guP)GJmU{4mvjPvdLBK0o)MNlfg
z&yuDFqJc8~=TF?J;w$B%a^}e_*^xXnB^t1Z@(mHFh}eFrCCi3H^(v$A_sF|uhF^RO
zLx~wq=aMED>Gb*G%3&7>DV{(rZ|ki<ONVFUNRt*FoaOzkyT{q<?S~IwYkdxSwHGhy
zg~tDd#Qpu>GXd-Zni`9=d(Xd+*p~?e5}o`y@m<d-i<kCLnJt&5C{TWQjb@71?G)i#
zhaSn!e9Z5I1!UIf$u|C*N}=-ScK5sY4~L$SX~6=sNM^q-dwK7EiEEchc?WQ!amxUw
zBY`l>wznhZw{Ciy*Hz1*=$=LU?WF<t@fR^7%E$LXr7SLZHUSqE)6+ZcRMVZ<F;;Ba
zM1alm?x%1z<K*G6=q0*meT(+MuEv#wK(+Y%=JH@9pWeB@yPt|~Ee7DKrLa@ofO7f6
zt;hUArx+Q#F>j+*#!9I`Z|Jb~RO?7|_X2>3k#+}d!eaUxIU31q^ND)OP6rETeXnRc
zj%M+Cu8yYx*~lzpGWu1hOd}&c5|e}arE;0%dY*jO1H7fBB_QU?!{l8!Tpx|g7Fg-M
zcN_xjn<&C0CUN&Omo)AdMf@>l4CUwMj(k8uf=faHka?6nQX=8-)6fqXD?<ar%YmpI
z!ki=^61NrZvb77Ds(=d@ZbL@Lk(U_%nz(gZ`j6v0C88jJ%)V$W0c#NoA^Zw+P>sY4
zi(%k05QOx1d3D$S_+kUHQK6iYN-A0oaUHr$S86t99LU0){z$F;0wJ}?a=~RpF7P|P
zGN5`uVR9U(Fai@N)4TUmW=QRgz@iFR|DyJP&H$b6vYJ}-SYw~S0u!f3_-_nOLLi2r
zQh74Q(~wGvOo)2DJu0FAn+=6ty_v9&Pa&;^*g4xQJ0n=18D#V<Q00vU5#~clKOw7T
zf1dN2>&?UzfC~%Rym$mBYMu96kvzG(?^7GPV(4GC_+e|3An&i4ZoXFG>sslRX`+Q-
z#EV2yuE`>MKz)AvTHJS}A&Hs_c{DqT0)Z3&8e+E(d?8Wj0P;9#hG6yh%om*JSP0P{
z7sKnc)e|pCvP)@crhs9iHG_Bjy46GvPRyQBt=?eJo)A&7chwcaSNC>X?ua4l&lAfB
zC_4g@MsZvoMb#1oq2}Y>zbc{=8D34|YndVMZ9++r>6du!4M8tYxB@crx3{*wwz$$6
z@ax*+PG@;vYKY8cvbtN_*S(`Zm1)t%QgRH!A}X_}EqFOcfAK7k=^DUg3O3UJ#a6u#
zTY()78GzzHawu%pDFYtREG;g);C7O$G^zeRPo-pwDY^)Ib|n8mj#m5q*%xLyCz)-Z
zLU$W(d!c>t+K5ye9+}rcj0a@_FcO1oV>xpl0+stxeJKSF!Jlw}>6Zt%1hv%0M$ou|
z_wbN=0VkCx3_D1`E!qE&h{Zq@0h>f$=5hmjBba3{K|!{}u{YItrpAKdy9JUBPL^78
zi(ySch(19&G1Ciz2$Uj%vxQT}?$N=Ix;R}SU145<)S+3~@I$)r)!j)iTucRU1m77Y
z!{{a>pqPQsk_+-uhW^5jAifuNy=s{yz%0WrA1m!KDGuR%$iWT}W`i+=tDv@9yUd5M
zw<;h_6WJ9KWl!+9SP^{gPElFk4NlNF*t^{lw~+QaZ)*Q%=cG+wwFzX3<V=z&U}!V~
zDgTPcc{Q$2Vq$;5mjWhKJ+O3f`D9*p{ntjXLMe}gYm;aQp8bra0i4I#di@-${aEz)
z5|enaECs7n>U>j#6Qi3hHox-t)a{5Qm9R>U^EDq=d~w3p5?(#$!TxN3^QbZ}^!8-Z
zwYy|13kl^d>EwvIk7^Q9Fmo?Ih-sn(05&m0*cBk!UBx|4I1QcMwj8fE-(<iA&<$Rb
z?*Rwd`ycEAjHw?(&(ZM2#xwFhA*|PKAFNw$vMqiiWFqB7bB&wvQ8yq^s4{(JPk`Gs
zfv0QU5d6bTT*&MRFPprd<Dak3alqde{ZoosYME7VojQ6m%gC>jg#q<sQ&!NYEro~<
z;l>NTKf55-4*L6BC*~e~Rh!k9QymtFuC1i#{1$xO15yMdJ^JFJQ)MmmnFtXTvi-id
ziCe9sFAcA<YzO?^J!e>^l5AZ;;nf|j+tp(bLETv8n=MYxA(eXKPi~u3D!fUh?0vK+
z*0+VPP)Y=Kwk+&OvXJ@SIZz}!_r%YUv&%mM<Bkum?ATj`QkgcNUZKJrFznC*fDAAP
zkaV@>D#n2r@wrcD(5+jygk1aQ#Vx<OOM|USABHOmLa<XhInwFUEzs=5(eRYjn>)qe
zF4*k1W_vK|ibIj0ENAgK<0~C;)0UO{RMSJ8Chwg<;c%&qG7ixLfK*NWid3L-U0k0z
z!swTTsPrMX6^Fn{f!GNUi?xa8X|4t(qPHh}|Nb7=X*<V}`+Ksht-~Y0qVa~sP;6t+
z&d=+zYQ!9MlfNWACmyNm<an=#>~0?W&xkptzVb+zYvfnccyM}dBv~0ZM-!~xh(bm;
z?bV(y?$l=<vZ^{BBq@xZ|8V(N4HMGje%}2&D@G7Q(3A5Zd2wN(?sMzfE|lalg$~Wc
zHoM=$8Tz`unZir&!z0|7O@ZbNx}c6@D#aeCg$kK9rNBOlGgBHYRCdwgpxUb@x#s33
zczd~jX}K`;iP`oNIjdai1wyJPus%}B*DTK4(wAsy^Ex^mpNLrQSbf*UcgH_M8NNKY
z5<F1Bivg#F7r^?~KCN89m&o8V*Adt^xL$k_Ocab*zdgqtq^*A#7(1xoQOg>-=mc=%
z#yMJP`wQsxWzC9@xjto)x;gwmlx4u8fpe<6JK~Zg$p)|Yg}UP_B;nr2U|o@=LF|d%
z6GudK(g60@KK9?vQt;tk{ap3jS*uo`^&7bMhy{Grk4<8_h?d(ur>5fl+H!5WzFTC1
zmT^go={$%~;6QQtlO^W+`*S+5TMJu4LAsxKO=Dl8mI1NcHn6(XCn;t^6Nwit(qwra
zN87&dI+CSyM-Zk8W<~esb9=xQ#P1p7aD}r8p^#;#R}9CR#H-lXkC)99;fWmms-4;{
zy}Q41xSp-xLkpWR_ee)WS3!FG_VS=u$j?)ud%rJ$VcNjPr{WbETg0f+DE(v3_eN49
z!o7-`!0zcvBr4);w5cM_OBX7vFMN)JQU!Du4&`pk1uqbr)>)dsY%+9}zdNz<?enzP
zDmyWkXP$Bc-+5Dym*eGDjpxxsRL)=HX<(LhohwaH^(MfO+{bse`nAGwj{zA)g%VU)
zgj{Z0NJ2Ojg_E9L%@AFg+!Q)mWCUp9rdG#;QVK6n)cu%jSH=ae0BE~*o>Qal>+5qE
ziA~bh(seF)2Wigs0;|y(n~2GvzqnWjj25mxQA@DDn*;_blz5GJhqd&`DJO^BGj$2n
zWXQb{uwC0<iQ~Xwp}04~BZ1DX{kRT8m|&B1o66$)E!_gaVrB=MYIHbMaVNk+1SB>A
zvvYA-61Vw52V%GSxq88DG=nMBB0)CfK$7l#SYMu5JxnY`o;3B5=2~C!R;^t9+q+Wq
zd`J&E0}aMOPgLw7AN~8w<@5a&$VX#-Sv00D>%M<(QP<7^hLyQ~znG->6F~G}pcPsk
zO|12%#-P;G3MYiP03|(KE{01j7VptNwfLIxbtL-CIf+D@Ff+_B-_;vKMR<_&I&IY1
z;oy(dhl!qYZok_~R!<&HPa+9rBM8?>=Z<qDk{1~0{;ehZY#P6q|7Z8UjB&%y)mr1?
zi$DAhJ$RGYu7Z!%8D`eiRg1IH8@GWaP-R-63OVfWhOW}8k94z*zdr1JNMC_O7e-k*
z-}C8{%%2cdcQQ_j^yBt5^FFNpOL`=ntt>SXXV4Xvp8fD5I16aA)P_dr7Aje7kS+A}
z+Ps<@!!cq31aov8z5%4VmF?S&s__^aI=V~1oc{r(Uho&ZK9muFJqc;DB$VdZW!~Jt
z=LCk!GJqEj2an1DE4GEm2#3jA2D-}n5!}_k{r3*NFd`}!_nwp&*~<sj`NsCqzBY?;
z0nYO=V<=c|<sZln-p4w*GA?^PG~_Juk0$Q?G-ZEF#)V@<7eQ&~<;F|C0;yb>AN7Ir
z>U|TmonEa(P#@XbJPZ`FtP6jylOyiCuo0OtpW0_=OTe^z?>eSYQ(0?Q8slxt&2{Va
zhPed-CjfX9F7@ZUgAfgzcoQtiQg4t>Y`lL|1ZF_EqL6jSq5k8@u*RiRVCxP?>Q-MQ
z0S<cIa_ZCEiE8NDm~?Y_<u<kgvz{kaeFVH^&J{S5J{Cp<L<zI}TH%O$jua7A2zd)v
z)($b&oI-G5GcGvb({uj(?@TulPBwedPPGW35MaGpZ*B{LgG2n;_YM-^sBUU(%us1k
z!;7msVK;aLbWb-{3H#W^0`rX@Tv8t2{&F7ol%9>#>X2fRo#+x1Acxl$!>GUotLfpR
z55*W3RbB*985s)CTXQ$AF@5`#gf0u)nVhE(_(b1<edhQ2q;EdFTO25HpGoQ-1bs9(
zciVhgRs7dwWoO<@`?122f~z5x=w*KZwBT#~<n-gwC$~D^Tu`0^nQ(uBTpDOzH9<km
z{2yBK6t?~w#-A_#t(H19w^yh^V*(xgNW3{Vw60;TI3>uVVv|@lf28Sc!CwB{chmlA
zMw>$SUPmX-jnAMJ)JU?QO?eA$nVnlb7Q{4f0Cxp<h5p<NnP<~dL8zfP&d|Vj;$d5{
zlrZ32>^v|*&My53$nDlA%k7aN1Q>jFL}_HGM{=w7km}x%f#4|HhD#C7Ta(N$mrZi&
z@bI(t(Q`fr(7>udEo16iy?|3+di_BII7#!Jw`{^Zu?geDRZoPh`(wzKg>OR4So*=%
zQH>WI>p=0jQ@vF(ucBA;>3IE?3^no<uj6eVAvu_bMx`%PSUk7q!=aOq0<H`_@1!Wa
z3$0gd`g(iqrgNmU3uF^GmImg5(3$Z^Zl5iU+O*O6yeO(?M-|ccemd(j%T`${S$0au
zY`ol{lrk!o(rK^fA?$KY&6fmipiNXFWS*c_0++WWW`olDo6BDLx|eLZ8$Qrsnu{J9
zMZ;u!%Mo*d_y%D=(L&X@u;7hORvIk`37H>0>I#P*Gq230`jWrGK&wFyfIA20Ti~p5
zrM+oV%P(<m<Uk=}_BQDc0{8PjN0g^5fk&!MbYK?pF5-j4X6C(fm+ilt$L&0glV0r$
zU+;kdd>VM>K^}<1&TtU5zl@=d(`KT@j-n`e&nC2!d_m!DK>E|XyL$u|3?*qj(P{Pr
z7gKXZN$~bhn3}Sbu9?9+TF~mxmB{Rjqq1WvS@cLiPf>_qJ9XCHH${c>!+uC#-R9Q5
z{B5Rjl5MosrjV;MPRw@?G<{{sI`S4IT&j=knARqnGtEX^L_<CpHh3AZ8C1JnJ&n<Q
z@&eoVtp`RDj8Ic*6B3$*ES`L*@8_VW*8%o36Qrk*qLrWK5V>muE3F51l5B7$#o_W5
z=}_#{%v6YYl1njhhI3cF;ACzIoRls{C=ohNmr!>~is?j&KkFObY4GGtYE6Tbla`gy
zWoHO_0Mt4?Ev*N=C@w$GEDURVT3OM=jSisRBgd?sL-eWfNAVbtvFbMT379ZRS{1vE
zx&2`k4TtI&PHZ@5azmR7EcbtIL81pXoCZ+9gzcY_{i}^Wsg>n->LK*kyT!m0Hb-pH
zZ8&>oO4IlMOa89$#6DnpJ8O5T+@P`MWyvYkc#HpFRog*;RdW?$09JjNyLvcS8M?+g
z^qas^=FJgRBLfodMx%g7T<$3e==lFIQh@#b{GP;Bk<D=5iuei$a_!z86#{S-@d(;~
zUA;=NqY$A0j!YDu!TTJZkNMLs5SI}jMGI1%qSYRG3W$pD`ll%1TWUe&CLxut8mKI)
z(b4_=+Q!wU7q_Alj*dq3^5g>r4NcI}=+=ld8HxQ)VM2t3g@5TL=C<(+iA~+O`=91{
z%7TC;R{-o2JLl?xG;!TJEYCCMN_#FGH_q6-A1#;7zc{_Je#M%|<8+qH&L65q)AaFH
z(v)~NRZt;JZ%FHm;7%}{g3KrFJ!~pz!%kP|7#OZ!;KX&jDIMvJ*=CgW{lR&m!NUQ>
zhLB@%%<~JpMefivp-uhj)09tv{D-1nWsHk5DAvx__Q_+r#_>Anyx36bQsP#oZW!7p
z(e$K^?&x)8hVuOZj`#YbKD3+;!XI9lhOoVpid_vU{2q{Ram>yz<254cEx+CCzvy89
zq&Vig*xP-KKIgVED%?Ww^71!S55DsgK^n8;n?LTnsbM^&B&tJKDxvqxJ|K5SgSO+`
z!ZLf#!gA;xAiGB=<L8vg$!r^!PFav5;z_|D1u?<4%KDQ(FF26c#3)|muueFaT6p(H
zYGHHJi{mo6-PoTeHd;P0`b6OzRjmTJE)qkB7cX7VKTY#pm<aiOOhlJXlmeUnzxD`*
zETWxVl3qIy_BB3$PASif{4f7&zHsi^ZI9<?1`$ql7Aktwj2tFv2a#o&oOE$ho85DO
zsUC10;jeA&|JP+<^8D!OyCX4S=S}*T&%7)yn<s(ajXt9!5mEeZpCVBh(WglusStas
zRrrko?!+CCzrc`lVwof(c-H-0h&tHJM^iVtE4g_J8^2>gnt0NJ4HIYWuNvaoMyMJR
zy6Fyx43>s%3_=EZ%QidH3pONTnzf9_(DPxr8sVg4qKdW*Q-_-XOn>dRYl%$IrBini
z@9~G2JJu~?xOX6G5x4xK(CmoMuVq|!MaXTYW8?e3UKMY9R0bZqwC<p+Nf6R%R6nZW
z?#&I{6)6)BaxNwA{IIe6=2;eeD(lDM7u@4S4ygJ2DAsP8Bl>6Tvr%iCOSl(CebJFh
zlt8;y@i=PN1VR4d^(qCh;YP~Dd$XkB<D|&<F=&RdAdV+H`zsOm=2264wvpw5yDJ>Q
z^(YL-%dmA-V?11IidC%#4PzTxCRPKCBDBvY5f;=8S}J%m2lq(fa>ReoegTJY(MuGP
zV$|_9B99pNP&Ll>RvPcv+JeLis}Pm9g5Z!Ls3L6BT7!E}$lv0E6aW41a8(luDSEt)
zYTH@72~EbR@n$XP95Sg2`$C!sY@0-ljAp&?3VCI5<H56K+^CM#&3L$8&$zQfiiDTA
z9){OqSX+~D4;gNcvT+T-PGJ{=SrA9&^V%c$MvS&;wIarF?S@2dI7vxn<%tzY+mNXT
zs6td*t2x}WBdiH}teD(9u}S)f4p*faG~|4DFA>`Ea2=_Tx}E>CKcZ|3j(io}n};e5
zF%GzaRi#k0P)(Rs6547(ml-ySp(VWS>Nf$nn{jVP1b+Ly=PztrgCNfQ8|S^hP59s*
zUFkNv)UHzw1ABbE5VDbXXLKk7F%W7-!|kHIbS@5rII_k%Mb-HdsL&IMZ%0t+>rmsy
zWa~%0hx7+mW}GMreM5OmysE|sX!>x%4d3?RE4_8B6uEk0owSIjk}-!Gz~5sr{jVn!
zv4|N#a8j(^|NfCnAOee+8B?jjkDYNgE0g>EbPT=uud9wykELzKzs6Qv_r`@rPrHmi
zZ|~c`j37njj~$D-d9Qxp#(flP?^9BZ`$lsYa>vjc-Z_MnIvO%B=S$R24Y7swq~czR
zX8}ozr`v=h1vc=2NEzBl=anQ_eL?)t`QdK=>-Ix%7DLA3crda+70Q4hvXX3^bYtg=
zl&L-cbx(@VO(9eut0LM-S=Bp&UQIbA0>odby3ii~b>;G*Ys3GBCJ(y{cPB@X(>a7U
z2;I&>H{85`&9k^XF@CdJv*bBgnC*qo49OU8uy|1SFWwriCnXF!^7O0-rgqjQAuML!
z2|+UP@tPyvs2KcfE~k3x?WtLM%t~#V@}3WZ5RgRZ+ENXXo%yd}Sp3beL<)qb(G;bw
zR*mheo2$rdqY?5;G9{4|brjSOV^=k1-|(NkyD{@DjH<m*+laadZw>z^9_W>zw-&Jv
z!AN-6-11c{dngACd+1^($r>t%+X4@+JnFNay*Bl1?O1FTdkf5IWY206D<lchj<U+p
zLwBVP<po3}@-N*UcDP+b1t0P5Ef3FExl<JL-<ZQUF_kKzMcOCSDtO2#e7yZK6q!{7
z>3==7G$-$WI8dh7OjE`;MUdGc_aajK{EPI&sn)n3u7a0MAryuAx+@|yi$e4!Z4Eub
zWevZmxUvet?`CQn=3}WgN6fKb=)B?H?gUI_&oV!&==^(M+)stn?i^gD>gwe{Nh0A_
zCkWRs=aZiK*TxSH*<ws5Mt9(2<+0UO3?WirfS2RSesScMz7=}$MiIOauMc=9C9V_N
z#CbenCbV^UNK+JIMf8=h3tj#1jl~!JmAWAk#jLM!Qo~z>Mi3o|PoK6UbX16nD*o$~
z_Q)7XMlYZK+AGC})II7G>LJp+yommTx?&2QJz?Klly#d4lTeABdl{tAC^U;k_Jlc#
zT9`x57~FQ|*+*df_w*<?OiF3w21*u*{<MYJU8F(6Nl{yWg2Ss-0*k8u`<YWp1iy@O
zm&o@*upN>7FwiRmUMf4JWlsMlEdEQI@Y3+ax03spQV0<J6snX6bCM>CGY<d#>r+Jx
z`Zt!%`&nqMzz<ZosueVGO_dHpJ^VKz)l^<13V27P=0j_Tj10bbh$Suln(Eli-?UX<
z1mVc|x`>BGwIThsc}HCF0+;=%ZBeWdS2Q2umj2~!`i(FZ>pI;N>Mn4vWh2UQmXCM^
zy|WwsJ@(v}P<7$sLK)E>su~aMRs1_hN-`Od{0+w<W0ZXH17h5I&YZk=<zSMCWnA4>
zdjD)i5hbkGQw!)kbtBRiw(?VFAOgJJ9TBHuffq5oP+AtLgdloK;Yp`04}bkw*6&7l
zRzrVTXcPjosB+R$LR&&s;-r?B7h1-bx>A>qtK6Z)f5k>E{so#Te!sT`o_HL&C7#hA
z7O1$S@!seWGGXM4B!>uxs{Y;ODifx=j3?~%V|bI`qYNRcY{XdE^|wj?t^BLn=mPYx
zs>fCwKr~2))CGQL={nLIl%p^IHPs9LX);SQ`!qIog#7n?>^YKNg!7}Mf&lvZwMjfS
z{dbYDjpDcOV2&}?MoTg?KQ~RedC^GIQ_BrzTZszGI!Q`e=-<@9+C()bCG98<qi}?O
z<|UTB7i8dzw*POOwX!IMr;mkWhYF6kz|Cw=n0QF?@8fT$rz37ucJsmKGR?<hm(jU>
zK1cfmdNz9ZUcpd~=00Vmw%cif-#?X@h^gma;?*I`S5^K3jaw(ZE`~P{7|~adQ9J+p
zi>XxdS&^cU^2afTj|*3!cO*4E{tbRXIbKFh{L}v?OqWhC>I5$sX>#0ZhwhP?XAOnD
zg>6y!NHeZeF|p63Tj81EjYz5XNxJ|Zh8~s_<Bdu@HX{L*NCX0C^4FM~ziU&@ZCV&Y
zw@b*;dWbye-B^nhZ?(g6pIOB7dQxz58}2QiJyi47l|@!kn8P&T3bA|KlmwifCV^#q
zV8}QwzHgJO?fm6hS>O;UFYc5NTg*Pfk~sD*goTJdq<`ylF`SJaUsE?6dhf+qj=sRQ
zr}Vb>K!21ceUS)7IvwXl_!rZ2MCoh0v@h1eF5$X>w(}9bp!I&NOQe|(Pg<wW0Bv9?
zwDy|qXpyO+zQ}NQ!+fNi^g6j0f{>|esa-T=g6Y|oj(3E9*{G6M94d1WdXa8e<Riw#
zZrc8;K}4|K*IMGAL{@AFTn_b2#Ybey_1|H3FeIFKE8KAHH$TDvhCSM|>vylh?-Tsy
z#NbQg9bP*J&6#lX5x=|`<DeqWnH1vr5E`WRj9eCN4_;vla{enlx)Lt_?`uT%d(OVC
z+ITS|XK6M(+{mPf=#%G_XayLb$0!-nJvLV1`!_Ex+ADf<)S2>Qzw<!bzs)NAqKvW(
zJc@{%e>Xu*)t2>!p*hpS#8QzWCVEoTAd(m^Sf-*<53S9KX>7@DSvH9480lVUXCEb|
z;Un+*U2|l$DI|sI>0hg(g;VYd!)B096ilu_lqV_HD@{?^eahGI`W8x{#6^me)%1Ra
z!88MLBkpE%%fsPe#Xk>9otV#W>5TjoBj6)JT7JAZ!Ryx7iT-cj+%V|A=5nM=`1DO-
zCN#QriXkQRP#+_^LGb8br|UVF1{9UOIGN7i-eDv@qEr-#u$I|hyb8ytFs~eRP1Cl;
z^H#2-)e%1qfv)ZxJ~^?=(HPg!Tt&(okw@gv<?bBS9!mgfC!9B}ovL?X{*rDzr<^GI
zjw&bJ4GJ}Apbiu5Ia!%nI~F|%bcejuwPge7QH)7DUG}&d|1To^aO*8J5PeP*fO;wN
zEWP#)FH#pzijp+AG=sNv%g|bdf>%U^n5ISBmTLpyZ+~L<VZjSDB|;07D3w=q1ypKy
zI(X1(6xx8<XP|>)C)Q_p-i1^N;Dx`dNn!M6xnrpRlK^7rcO<j5m`cn$q0Y-nFJ`=?
zNRXpw+<N)^Se{f`Wrr5RGL;6}0L@FelnZ^S?O15RntaNQ-<Nog`4#C9@i_bee!=Nc
zn)Yt}n4yLE!or6L=HsaeTFuL2WU>kJeEP#bpF^`)8n(;A`|YT_G@j5CEok_>I8HmH
z?ZL)!PCp%8$y16CZD{*cUa5u=XHm#5md}7cz-%|fRF}S}Tpm$=!jI+GG`YwXjnzVb
zBPzi2yP{=-g^?7Vd&!rQaIeb0XbUB1ihHBplPCp(;OOR<TA}?zWfBAxU0PX0azQek
zlPOXDEGJ2%DsklkLKm(fX-YZ#P9#MWp;m#J+*E>h5I8F^E9!Q&=q2u*MdyWJ65-p7
zlnn4r^2LOp67Uf`bq^9ISxLnir#I3+a!$@wB&%3CN~sXfg}lc2&dvo7>}hHAeH6D`
zV12Q`af25j*4G{Bva5ew{vkpcJZxX%LHE&IYVI4qh)y2-{O+&a$!WoVf@=Ye^oeLv
zzm&T(&@k9_L?3_27!AEu&k<#z6rS9iplV9qUF@6U7+TN{q)r(2C}JT^LJEjjaLt<4
zFq07#bISBRsl4s8T(~yoA=fdkmu4L8Pw-{K4>YF{uCAo309@d9>&GRo*GC0<V8o6v
z;({x*3d!>4o0yF*in5z+(x_S%;#DC9gul>3gO0hkYLuCvjrr55*Lde`Wj5FZb83_S
zoPw^N(_*vGVyh0%yVoFWBNgF{m(wZsrhmIwb|sPzj1_-Dk7%R^Rf3m%^M--cOY-t1
z#v?~9+32P;e4YrrvY=^?6i)qk{Uy|Al-Cnu()z^&WnXw8duV>kVq0O23d3htTO@`M
zvyW@mVfNgRZp6h5uJj{Sc>7!*K&1Wn9+4vHebsx!Bs8Swk+f_1hYjcwg`GHlXlS2z
zf!Z4yMx?3ejY>yQb2m8_>k_t72z6TZYeWN&D_VdUi6=ZjC*!fDxJ9bsM+MvRZLo_{
z_25G<rWt5Co(PIhQngh-ZEgL581<qpbPnnbZYoTPqQ6E?EEkgIp;Jmj=YUhXmw#jW
z!AMVc&E)rp3lVp(9TO}Zb4Oz(A{5I6L+7Ool%3sTwU560FQBa~ji8U_r4jP`Ihg6+
zwJbe{>cnA=D540ja4&7y4eVrdBV+S#LCV>}R)I7}XSa!ol281uQcT50E&6<hms>cE
zf^X2%+=~y(HKb8%QHW>Qj4b23@tA>PEXZ|)cj5-9cld8BDsy~h7Vp25$}e$yus>M2
z&Spupll`kp?M`#m&gzS|BA%QgTTSKJp;W#)7an-c-VD$zD2(?R@+O>lFEjQ-IYQY}
zP-LUYsdFGw@msYsy5PDZ{?_Ts?yV(m`|ZW*$6@a{;ZKaLr#4HBxQBLL`j;!B^veHs
z1Qu{h+jPzt&0-l&_~9=uS%3AJENQlrcszJv(<q(1MPq_Y!#$S1r7ZHqe^W2}XYz#<
ze9qsd1H_WPahtqt52zg0%hrYMiA)UzwiS~&+y+;!4>J0nCsA?FS_w`5oN;HmD<r^@
z4^@b<DsF3x_xMrq^Xsl;!6(bnXAyetdA!K;xzBePj<U>I0xa27PSMExWhuC3aNOQ0
z#0;g?t0?MR=dhWToge(J$z{JIZH#qdhMi@<zi~2Z+YK3ewJw<vWT`U?{@nPS4P7}S
zL>yhqV<m69H!`lxSacCvy{&gMn9=jGmj3&WK?_A~;r3>xSeiWNt;QyO@Wne!{n_Z}
ztmKB>ZH2RU_Y|Ek<d0XacQaf;QS;Q7JRj<GOU7h+)A}bLeB+jW>y+0)HOhiLcfFm1
z=Mg@qI+%Q5;x?kq`DMADML%y9{x0Gcgw+VJmfm@nrHP_;aC%cX^ht_cpD$W(HcghB
zBG&${>07fSbAscU*~qG2-C6KF4mZEv3ZVMMwkO$EmO)I}ThBWGtbD80U{5Tx{PTV$
z-5&?bMLre>FCCkRkO}|<+!AK5oqn_|t6n^(9H6VSiB(PC5|$iz_11QDm(k}^pwIgT
z@v+^Y){<W)rL>`>g$BJCu5#Y^0V#c+<K+#BqbvCxGBbA4#m8UOQ<1I)DXCAZ7PYR2
z-rB#I_o@U%6z=t2n{ikpz8YYZzItp~y@ExPot;knB}AgKMyw%FV&zU|827ewFMdL1
zBg<S`v-5F)L`~Vsk;_=n35PdjA3xC&!$jG-$oB_)c=2rISIF+Xyt^4MpEf(cSM*ao
zYdpgArq-RgL!QveppC-!eB-Sg7Yu2`ziyViv7XsAzj@b4ZjNZQAEPyPb2d~i*S68@
zeV9?w$yur4u#4&I!m0AdU%`B=t46}09-Si{6=$gGecgjsp@ufHpL$K`s^Dz<Q|XQT
z4l-YtH+BvMRg2x8Y51Iet#`T^Ij&tLOs=Sj7TEC9?%Q>0zLC}0K1z%Yr2nHg@80d6
zMiZ)LeS>CIdx!49TE35`k6-Oi%>eRs6A6NK0~f}r<nn7XH^Xnb`C>^=s!F!7PyK${
z$gcH#H>)i<uWX;si_kRM4*0y6s1YDoXR{VCyzcG27iiAl^?+W=Dh$tM^v8*$wIuo9
zd`|}9k$oDOOnlDo($!j|f9I8qtl-`A$ksfN4fWm|zrS{_$>^%!kd5JmZ5!j8yCUT(
zVQosQOP`i#*LXay(uT)V_!bqubVn4YN9)KpQ-11f)LkKcP|-DuH&vV(b?m3d*on7f
zloDo@^y6ct^97O0@}t`o^WXTS-YE}>HKyJ<j8B4vVxOqJOJ{!bO-*5u&K&aF=qgd%
zMuXIsw{tGLW&G*}f?8RIe2J}_`zO-$qnTqrLaYgXofE{^Tvy!2wk`#E?A2cli26NI
zWMRERl(sZ6T!t--x3aUe=A^NE6>)8~&V=BIIUSj*rj2~{#Uf5wS+wQ%^)b?s&Y5YM
zqYIT<on0H|I_$>n*nu6+Ht`nYsC{k*L;XTlYm?3Q8*lDo%T?O`zNw-OH+!>RW2Tnt
zkzJF_#E2#8bNV2p^emJaK@dLQ%cj1LcD_#X4!4}(e~7rKn6$8{jIfxTp_r_^gtWYb
z)HzXcc~MbCzGSlh=K>EeM_1>-|NjNr0Wytnfk}{|sqb|=e@^dPUe2!WPMp4h-cFpZ
z-o6e95|B5)MNaHveCEsty}o{}#p?)~hwQuq866MZ)wEM+I!?84$xcT!PrV^$-`CNe
luKupmT||B1nnhR6BR?5we797kpu-M=XkFG-t5LO${6A9TTHOEu

literal 0
HcmV?d00001

diff --git a/public/svgs/kuzzle.png b/public/svgs/kuzzle.png
new file mode 100644
index 0000000000000000000000000000000000000000..a7bf37029fd23e28d0e132928cad6ddc68d89984
GIT binary patch
literal 16439
zcmeIZby$>J_b?0tD4~R;pbmmG2uR0}BGM>Q(%lT*;YcZ|f~e#G(y4SKDIy^t-60K<
zL-XD<H|Ket?{{6_-)~&c`Qx0MJ$tXcdab?II<M7L<*yUc5@KOtT~~Pg@F^A+&N3Dj
zwjur%V1=q!AQKA<m)J&DR^3ikUKVZ-chPV%F|&}jaI|o-F?%X6gM}p=6{TrleM^%<
zBC)!Z<6ckDU{=;U;&XwxGW(~$g2$H6ElM3GIAiV0q~CO|PbS+i^Ua@rwqcW?kS6_>
zGZQ;=q4$mDu5JEC1Xp^QdOB_p>tWxqd|E#>!CEz6X>DwkU47TY(VwKPfTbzd%_*Wc
zRh)Y9Q%n#}+9IySfw|I-Kdr5zZr}X-uKV|KaYVmof6t6fH{aYiwy{OuJ~ez$iMp^_
zD^i!oel-~~QXu?;Va@{UoU-k!!3$jJlkWt>riTQrV)jY&b2nPbv9xJYNdA89{q*+1
zD<e5h*1X8`*6~+YmlzM8<6d?BJ02}AkW<LU&?VO?n4h4^I8YyS5?CQOY1cX)q!v@k
z<4-Y-Q+4ox-6eiDj5JkqVZ!ZI@qL@pHqr}=Y8!%WMl6Hcx)2w_ZHZPhP2aj(%Wk=O
zLcf|gvIjp|kxmDBxqlP?(Z2ccw4B!{iO@aZY0|YnBzLf8=GeJPd{B&cN>psvUv))k
zTMKsVygID<LuCo^-{i8g5gqOm$+QfY=G=^!-yze=mT1+^P5B^mX2exV(ar=5HB7qZ
z_MON5bpO~xJNXm-+&d9!BHBnMZmsfdneTzx<t(2`jVjy%W9BBltBl9~z)o#UrCn5y
zg~o2^OSDpcjOvv77VN!F$zx3Z@C`kQjh~)zMm8bsvUS>Wrghrk@0s=KX11eqtjcG$
z=ik?sfAPp<T`>Ob%WK}U)?}=^7T|52@7_mX>BKn5tH7=BF6i(UL+k?2&AS=&?^rrD
z%p=Wzi7FBcbi^~bn(tQs8uZ3ye3~j0Q5Ui7Dcyc<W&UxdthY@uRfu$?ccj<u$NOPN
zLs5T6?TFe(TB)@|t}AZ$tY~ey+`f+uCcE@rG#f1qml!PxJ->E-H2^1YZCtBTV2%H$
z7NLI)T(4Dr7p7`1k;$cLZ&I3(t}CE*41soG`B!_@;#*zOJ6%9^O1`t}M7@JD2hL9|
zNX+)Qrn;m$PrvwXFmvC<$i>JR>Y6HVJLtW|Z?{>T@rCe@&4(uwsWQ(;xWrk_LtxD<
z&E`sK%aozP1SZ@*9zyx#QPc*tS2{}I=K1~wFQ{`}*BuK=hh`<8J&M1=;+HkQ#fPKn
zI3LWYAbFD^#G%$Fcw;}yBR~l@R*YzO-L@CUGxam_<Cmb2Y<3E|IUUjPWPN+kW#wxZ
z@m!=$a#?x8YIsZM!n`SA@dI|MYl}@t*0q}D+FQS}h|51%FJhJWJ`iq(E1aKEk9%iY
zxTanaK4lR@J+BZUnJK{OJF)H(d|@?TzlBvGk>z#p)QhFnbQ&W3JE-NGwi<13K6Gtg
z&&!c%3Two#-tgk&%*THhXK)&;3VDHZ!Q@5MW;WCXI0$_U9R*7j6)bk(8y^c7`wA8g
z@P&;90seL4@*5lYX8reim<<*#W)BvY1n^%hEC>?v&kD{m66c?9Y(w;qG=zR%fGtEe
z&ve{$RFp-{;12gq%;BaM_q`mP&>OJCy+nae2Mae7dM^iiM^{lV7z1X9DDaJ5=4PPB
zY;m)LG3cnM)62qLEa(OA^W5iQkRYU|rx$lIw-kN)@X_UQ;4c`1wVRuhC^xsKr{{f7
zzWZ<&D{fv95fN^l2iy-HZ~;5GT)iFLOuV=pT^T_j|G;@@;cDh$<K$)occe$dH8F*|
zyTKS3&=>vd9}rJB8_R#+<mh@y7C<03`WJ5A`#jwLf(;xMN3V)LwQz;oyQ9HtI@-8N
zJP^lh{-4YLz70I3=3-+3;EO&c!Fze+KiB@}ep$GKlZ%C`>woV5&$a)#U)>t+1_yWz
zgaidgHwzcw@a1j)Ao%~k;}VuQH=14l!9Gwnm{mYH5`^O1{}QwWVSJ8a9~PE~g~CJW
zXI|JFlSFaJ+6JtD>wA?GDiBn-pQW_*-pVr%1j{^TPUCv?ypPKJ{gsDx)N-8k!};3k
zX>|<w;^ueLtE7A>hu=rgOFt~3piCnaOpY7t=O-b}EUZ`bF1N86GY6v1W^6xoa)$)p
z(l#u>s!)(`=_Jti;-b-i=dic3*Hh*%z0?aVYzQts>3=`|%Y^@G!v9@XAeDh@nvti;
zd1=5%R@09kee7RtE8O*9mLa=yTSojYMO({&YX>v({mR;AF_#XY<IDL?4PE<2{&<Dc
z#)kC!dK#2uAk`?Uks5c-^%_Sr+lF4nD3r}z3N^*B+Ur$U0r;UDNNH%1C!Q5uv2o8+
z=1Z@^$ywsP`(!r0XEbeKl(wjPb0wGUB5g2<+b=o;V@}4c5ZXO5?iVWr7zcxpAS@U?
zZB;MpB@*gxV2wIH%U__~l^~=GN2}fyR^Sf$qO{Asck$h(H3D}2SY_rf7856rW)qt{
z(g49A@V!WmrF5<<g3jxjoU!RV-+;>0R6<3GqzUWpr(ghH7unxCdyC5gbNbqSbYFgk
z-@_m+K)&o~vGub-tiIS!sheGc7|lF>9jTzHnKo@v3@3Avng$1XO#-)j29qvKe@u2D
zH65{;l+kw)5m@(8_d7>|mckm-w3=)6S*-M8E3S`VQ9+RzLo_lFAo^UF_BFVRCb%h{
zOFop2<kXQ>lv`~}$nzpenuabG{j1_#q%?QigU2tytsgavcgo0{g^2ycCvhFmk~&}t
z7z%Cg&D84&JXg*H$$w6uY%j`JMq-#IQv5rQJrsSIinI^O{bHUJLjgSx142MUl1}Di
zz~&$<niXf@23p35G$QN1FjYqx(BT_PBVOkk5hVAdW}*^{b$EKDG3)Al*w=l!sh){|
z#Pmb*g&IUAuWiC|uLuR@@5v~ppzn)kKuQ~hC%A%<1948IZ0}{}(|A;IPGbKMgmWE$
zBQT^855k#(kkc7{swivBoRZ6n#?Z^j3BVZXcyftOA0#$0<#zbtl(d?e9|*z&05Pil
zH~<9E10h!v5h)XcD(j7Rtm<ctVJ?@7esKjRuW${dye|;3Z*_;RdEF@M&*{f=630tq
zU;w23A?0=u(jCZENAEz^@Q&XZG@2k&7XjXUfLr5&$RM>50(6FN5_YNgeG<GtWUK%X
z$=ccuAc#mvEM2scP>8S5O^sM`%;hwhFRu8<9sdE%Lxp0wRZ>~I7uw(2{~Mz{xKuX)
zA$^{wxkS|n@j9wkx%<fVSS;rkNDB;?e|cX={t~Ahq5?^{oZ=2_QSDhM=2~NZK(~HX
zCBDZnkY8=)Am8w9QHo@icS!z6%-RB=qPs~CFO9m3On9x}eXdC0q)VvNeayW%wM|}=
zM9-ig66z2{aUhC`EkZtyo}3M2ML%KHOT)3uw;-N5ubYMn&F)e)8phhjNn`Z!3Nv7-
zG=+#uOKpMF7K?TG_SREjh-jJvaBPcuhyjMS!{uNjot~8*CX4~9ko6&jEHZzCn*Hc*
ziR0=aX?S*wsjVxhq<H`V`4y%+;C9U$AGywb6^9#z^2#h-&})dd1cyYf=6lQ_o3E2D
zQ(P2cYqGz^kiRDfm@@UFpv%iq<ig&z20o7aXDKLLkYb)}KuW4qYM9#q^r)=ETtC1<
zu|WX@0Rp)G+&=TtU<fIa3uTjg%|V&ZLFOrYjgDJLb$rKy!g!-Z&}Wd3ARD6{A*$mC
z2ee$dPti-pe*q4Bqtgxy{S-7^7(mAUpK(R18qeOD8+H60G=fV+acKdAf`6Cc!1x6W
zE@*mwZ~+eD|Jl7fhMRll+6IWBtuU?aw$(q}u4qeJRzTu!U6<Sbo6<uD+714Myi`yC
zlz4hi#kk-jajmE0*0|Rd2DCEl5GpIf1SxKJdwXj?wnU3boeW!Vg5#@tKj`o?DOsDV
zGrLtxK@rLTk|E@Ze}++ADK<RQ?UzsgFtLFa&I?$08<lbmxb+z%tg@0iJC2>D6C)%<
zIH7ePM~zcIsCb#ACH3_bUGxO#vpHceuGHUI%OS)7;-N*1Y@hG``VQKuEfCm>XVcli
zfN)K2W+D63nzcDL^uY%OjHIP-&|0Ts&ID>50>8}400zY`kVa#P%mq-+Dypl&pxoqw
zS9jr8{j!GzV@)W)nx?~AgfJMtkcw}riITh_v%OHDBmK`3;2k3rF5`j|6!FQ}_rzby
zPZndy@!Wt1Zb%~ovDn28H?`Xh*W$$(3QYlECnXJ!z>D_Dh3o2JBU6Tr?={KLzefTw
zQ(_K}2Zq@U#LVRJakIspcpl8(tknQN7KrY_K*ow<kB=)=-n)SjnGe2o-`bbxJkTgw
z$b>Bh6l@sA$HOulsL<Q3KLTe>h>G+vXG=H{vKvd;yAE(8s`OZp2NRHaSIG@s%<ob!
znr=blls)0xe}vV`v*!v|I<A$r^wtP7Y!}j=*D)pVwilfg?pi%7P<$l+GjQT<3Z7||
z$eF$af1`5*PyG2$;jE>kWGQ4Cz~#{Ubzd<zNcBQuvy(~3t_mIa8IG#H+E!~O>XqQO
zA0N8uV=G72l8{>&mVVfs)@u+>FhAT9zO6F5s?;a~7uC?{2tI3*{G8RJ$M#3=hs2w)
z`JtO8sJ*4qUYdt93Aw2x$vs!E@Rsos45~Cyp=t_qd@#IkLgI>s<u%sB+P6Z?=8B^}
zi)<AsDQolU&9($RPv42rJ3V{Z?Opj|Wks)lGgK|EF`nI==E8NM+xvsfPOxPD%lKOa
zane#jhM}5oa6pNKN{vk!?#ny>n!Vx_XF<^>D=%{Pcq#fzvOwUIg*J=pLo-O78yy?t
zg;qgEp^957fZt5~V2$BvpEAN-qa)j4G?CrNFTdP>L4aa5im_K3^P{>VU?prH<ep*_
z3~3JGo1KVzQoc2Hr^R9RJG8;;^H*{Wt86;t*~nv89uYJ$aasUo{|YFqu~OSFA6S%@
z>Ca`iP^OBOl)0Wb4OKW4mJ!W5_|tTfq5-RG0Jo@6Yw3cwz#;CVzy;Qom4SP6sS2LV
zfilxWZBm$>V!+Og_-CNPBYPqHBU1sak&?>;{_&mA&4N;`P}S}DQ}Ty5a^6aLqFw>%
ztS%&=)SQ<9t&P}_>r||wlc-eflPAHHCI>?uQ3bE;8c)LA_D|&>2{yhah<s{%(zX=o
z;^Ru5^RCJ3{k!)Z7zWexm?K#11D**B*Lr_1B{r?05#3N~X$^&?Jx-OIijj|Oq&`p$
zbo!N+l@(2JB35j~uZo3uLQo*KzdhTR_HCW#wTXC{SVv4A|L%>P1VH6&Ihc(w9Oh9*
zd>UQKUa|c;UnKlsQu<6`Me$$<&+OEZ#%Nne7iV(J+dbS@N2`Dyl0nKUD*xFA3VV}#
z@^{>U-uq^plmedZ4z;6#d!`)5#`Es0x30qB(4VyWq#pj;S#n_#-m9}KOW2cFCWA0B
zlan3r0&$Nq-=x+#O|2_2kD){!wzBy~IqQKWEU*QCBD@Lzf=O>P+dl2dvwCh&XCZ*e
z;5pp_*%(E|N<3uk>kHL>5S<LY-*7mS&X{r<2UX!+;-Y22V1n;wBo(xoiQzgf{!cE_
zmZ54A{=-okk5HJHL;_P^N;SO!%;+s8$14mj_pq<me82{o?G%U*tE^1*xWKs{$lN|0
z{Lz{E@U@DXV)qddT~Q_`U0i+ws4(M4Cs2j)0hhDY_>(t)VSV%{<OKS0?bCr+f2ng3
zV+tb%gIyrcSc=^i$H2G#D#bZbe>SxSowwKdGFOfYu$?Mq5lsFB<W~Mu^Tc2P@CMxU
zZj)C620MN&W0w}^+;8IbU-o--y_`*|j#C>SET#EM>QeAhBv($Kuo;nK(r$e~L5t#q
zLA)pss%uHl@&Xwr>Zi8j0WGWCJoiZBW){k#TccDnWNqaIbs+Ucqu;;L%abwz+;+S~
zsAp(C_t_u+l*F~f{iQ;DxjN$_*-L^%AoC*9rWny+Awuz!#P|R5=!uu#{cRa{6OJ!0
zdFsgrkrj4Y?CRIUxswPmS?Uw6=<I=;S_{W<{L^bOBy!s?8ltS|A=iO4Rml3wd+>Qh
zMY&ATtE5-fK^0}ED8<nrqQ9Ms6A@p#c{9KHXE$8YBO;WLUR@M1Db^70vO2BD$E+rH
zw~S;%u@M^0W>9#8LEQxi$Vv@T{UG0EDOq3ER!-wIa44tz4ct8PKona#9viKM&pH!5
z6n=;lfz&p7`5(XemY=9mqDZi(21r#>i4l{~B5aAoxA(#_iJJ8C3?4#Dp+t>j6>vDW
z=-e?EiOLr2Vqb0^7nGG8Agc&05io(EWpw&G1B8%^bK8!;qa`Ohz2=2y2%M$yABjv%
z7-gdZ0x36S0gPVOkuNqjJh|Li{J-l@QEtD^PWo6;anWzUat!9(oIpC#a0|8shU*%9
zz~S^NwjX{2q?zZNqO+VoTKPGHgF4&^d?+ped4p?aD@cJT(L})a$#IfmcpWVA_ECF5
zreUqOLygaQsqUAT7~x5U0wEhm0Ux87IrUQO_J#gYB6t<ys9?ME6-gJF7W<P8ww}h!
zuO+wwsz}z;DeH-Jjw&c5V17^b7Y*nze?TT{--K0V{$Sc;L%~C?R!qGW7-|j8&dOiv
z{TWXA5NQLk6I9NM(e;%X_@Tv(2*8g-nUR`dc!v$4q!M<Tsm>kUgTEx5zLAv;@6_x3
zNPEP<{fq+fmFUuisiBy<X*&AhQSwK8ncN9iY>+P+Bk8J^6~X*SlHS<YH`3_3eCm$;
z-St!K1d)d1k;A${Kl_yVSK0W_G?2@;-rfjwGkV8;I+Mp8eZ{8W1=nVjflml%HTOz<
z=4Jce&p_dIa=&~Gs^*$M$=$B7Uoo7hGX5oujUm&R0B}J}NRbeXMGihfQl`dMWEAD7
zz?3)^Qd=6jBvRa0qpljhD@rNu1gOTiAs>o9BnqE72|S~S)Tl#h?e7^XlbNmw=w>@i
z`8_)}X|MPvgZdv=$RKO$VN`1Qa$HJW4DB%?^#dO)k^@{%J`9XwNB917MLa#=Q6UK$
zpgg&76B_Dap|U3Sr|!CT)dyu)v#W+J+Xz9&sRW?IP1a)r%54XdoW9}-4-BmO(;wLN
zykk_h@za#=ltVuZ^tnxdTH|C0TxMBcq)_2boIR}0p+Tw+fx<qTQ<Ed9B_jS=u7{~X
zs^1Smm?ux}-oeGcrf7WT&C&dgTP=9hd-IL>&=}NX>+tz>cB<Ep*J;+0Zd1-3Ey_Aa
z!S%XOHvTPoN(pre-lRGkhO(9?u3BVfWY6UT1lAiCd|mHsb;O2Aj<KikZ>e)=O;7+)
zWqJuV6^ApK=;9AwCv%M#<Ks)p|0LhO6`X&+)}!ZE-l@6opX#UvKq25H+WI>i1x(_D
z=Y@MyyVVzU-)W`5^z=J<A96|LHA7!*Q;k&tVWok)&9VGsjklVkr_9HZzYQg*9qn$q
zfi=W$y6IctpB#u%1QVkxiW7+SDpP3DZh%IwBgii6zOtUCks#bgZg{EU;+mbBn2129
zP&ZxWAP$RKA<;%pbX?1?U1DC>l9QvsV&W5z2H&ZVHBhg)+?Z=Zz4~O~qw|lRuij20
zA5u;xKTy8df4sYlT99*gYz!;->BXxLy%Vsv6;glmCiL9IaEa;WTNzL?Ux8<xkzg7&
z{!hlfhD949!6naRtzhloP0i*2ac04~2i?_Nb~))E2~W<~S_?*w@seYo^fSsX^|eP<
zP05ZWYYe>aI!fHFeH1w>;^{y7-3Xp~^kq*r@)rQ8x$@~9$tU>&!WLaY{i&2zLwQ*#
z;WqVm^<6q|>t>gU!By6_UOu9Vr$@&QogyG{N52qwilvqiyLW1~5L&`ztFKNZ%7eF<
zg<xV7+x4SX?T2lDPx*?wql-0+pF~=`A0Ws$m-jBch`d9@YnL2KMiJrP^3l@Tb;5Z@
zWF_oj*M+N<H37;wo#vdW?r#B!MO2l~{GY)jNg)m`P<qQjO*t3aqhU9$NxzWNDYapD
z8-uFe@Q$*IG$N8O5@)d=k3SgkC8aMxN?p4k3-J0KV$%Ea$!}4bmg-z-_#ej5>F*b%
z#rv;F#kSTN2ge5grcQQjuZj)oRIyL8EHpPz(#$i)p79NMEgpR{nhsxUkt+N<$**`(
zx0U=fax!3keZeU7_7hak&tY6eHsIB~`1NtP6bVpMf|8GwrYc%-Hdq|@m^4y8H?s=i
zX#87v$C6ADSq&-to3*~tr>Xut@XwdoiZiuhnLPhq-gdPxnApW#-wFQ@{^D&O7i+y4
zzCk|(=mz{Lo5@f3jHBd7{g14kx=&slqjX^V*>~LniUM(ltUq&a9R}tmd>|=E@5~iQ
zGg!Yfa(IPVoe^OPPc8T*!=9N2Q4>EiS^06)mU|p#LD1?%FR;{0`#pKS^akleq$z}V
zlfX{(*tqShq44Cm<BH>`VYQR`?U;6tW1Z@08XJpAwO9DtlJW_%87y0VnZFiez8+2v
zxQ_+#D=N4ONdckqg`AeD3f_?9+Oku}H?>SIvzX3&p0oKffrIptrLQY>UQclG?;(T+
zH)Dxw#>W#6U(Kquq;wg4vzr^s{{*;1N+9@aTYveiIOB*Y)az(=m_Br}?aAH@aQwn;
zy4_`hvPjkE{OJtIBwH?fbVBxmcN5>&^IX$L{P^u-Pha0B{BU32Yn7QQIPlf0X}q9m
z(Btth2Mr1cBBTlQT@6r<8@)Yu8h-o89~bPStU8G9sS_e7FDOjwoXvA7%!=toCxQ|V
zn+hi-g%T=(7m;U3z0qN@^cUI>7>~WD)TA<Z%w%&5(sDzmeztstQ0KUAcS8PDy~ZUV
zz}C%0jZ_|a3o;pM>(XT=<NWta+JH@n)>1T2#m<2RlaTA*bhq<WxsF$}b0wY~lJ{w~
z%U`4q)NO3=1~9f}Oly{BzT-wmUVaULnLpjN-8J!s?7f_qgDV%ap_0_?s(v=MJ&DH%
z#iM5oU2G*M@3t~qi`JD~?6Oi~+jZ+i)GED+3w0XvmoQJk<kaN|i}EYg3=>D9d0InX
zF$Jtggd=lP-z~J=nDCf|B)I(fd#^s-tp3pK8KT*dMD78XeAem1q=HO^=v72!C$qqN
z=^g~!Tc0{wtQ#Se1CoEO9~Iu?<FdkE_4A+IdQ#*UnxsM&L%S1+QXVGENIXg53_a0&
zdq!3e)NMD(r*+)}l0lvm^MYe}Usvh<psw-8pK=q+iWA+sPZuQ-Lcxr4qqE_?o5g$)
zWBBGoe!ETFpRf3v{yL-~4*9a}Go@Vc%Es3hM`(b;L`etcZutC!gUaAS`f6Eojk;UK
zHJ=2R7$b4Xf>9^u<+5{!9PjqIsy;SD!9kHO-ci|>)hPJ&`Pt&;^;aGPQRVGG!pO~i
zHH;HK4tNO|o(sG)8NeG-xeX;QmrSOK?*2Ri)rw5MT{Pt^Ygxww*{AwAvGbx&q=YN~
zI}P`>VSUkw_PZQkEUqN`tm3qIS_Zg$%6PW7XUchIJQt(*)-RhvH&XcZ9AZV~Uf?f(
zmQHo(_0!QoSVP;9iC~iCS7={(SltkcVv_^%o}#3!{#_UIN;|%r<c$?|7J;R<ZCwFq
z!!dO)L9NI7k8tXTNCL<PPO++XZ;W2q;HJED`5azEyC(097@y?(^IL4AT3hTgKhPEf
zgjV2vE1_eQL9SENv@pcj>`>`eSzg?I>+|C+)j%7ct@Wh`^C4t8jZF)o^Zi>9!wZyS
zKAu&U$L)0^;c{&y<)$~4K;7nl3Md^~Ggk1z8A1=-p^vreQif!Umcn2k0&~K=(r{O~
z`(DEVq@Zt}ELXPhrlmmJeosyr2A4j#7JQk!F;ev*W4y4H)r?gUohmCCgW=S@-u68#
zdX3NngY#$+67P3X8hENxgY|6se^k=u##{FGxXM3&t*?*o%40=GkQ|^yTA#9(m&cAS
z>su_l873OZoT`ubju!vvh`85Bitt!+SXn)q6OxVEu5p_9wUu9}$k{(R4kjsB2zH>v
zlV76fVjtbKkYyFd&>++}b6CyeF{dPZ>z91?0t@@QCMUqI#9@H<>rN=sv?uzY?;@{d
z|NCW)X9;)u#)hVz&=ESlmNEl;2RbSIplaNmmD^_%DD2>%1|^8wAEDH`?W#Ibf2OWg
zMh{UTTb^o3!{7SJF4PV)=~jUL3@<cQUy8QMlGKRKGhKE0rzo%Ew`N4HIjC$r0;!xl
z{<!z4Bvo<XPO^}D-Q8Pcy~Nsn9)X5+tiT)SW0I(l0c<)>(>Zb}Y-4;}_lxE=_OZ<=
z!#4L=K8%OZYNFh0zhB?n#iZ`Xu((_DGwC3V(#$F>KO6o%lKK(wl3DB31FG}ciJX?=
zrW0g9GU5KnTtIdRW~O=kN@RRIzuM<38ZSgBP;sB?3(@u%#SNb?eGopYZr$eETy(qk
z>l_}LbwbmIcEbaKWgB_L_6!<dgGbNYWi8<nV!Gy=KXM&EJpe0o?l+w9>Q(b|<7<d0
zR%}O<S~inY^L^7+8B6XVa&ygOSnBSsP0(-?o_L&^Y1wNAg#+oi=CJA%I!El&0iLL4
z9}H*TlfT+-FWLFtn6E!|gPDgDp+^!ZZqlPCCz?iSC|OYU=t1wXRVK$$+bH9w@z0p_
z@<r1-KtxJet_+B~L=<h#v(Z6;H<>H%@Gg8(kw>0F*0Q42#;XIFxPKkKEhAs-^8P{@
zRdd#E#T=ta*=;z6fr0!2<nd@$a<HjWWQQG;2kLZAFsT^7frN>|JAE46Q4+-R=8i#7
z^M;^1K%rflh%ObhyoZ40k!l6qSbl;$(fxT8lS*PISSKo}e-DvBR4`d5sCoFVfZeQ)
zN56h|4Uph<K+E$uSm0<ar++gQvLyYYX&GGvCY=*1C0}WsCMKs#{dAlAjZ`w8<=B?;
zBG)-eH*#7j^`(<^G8^%*M~6@^0OBCOKni0hxlMBy$XuJ*9}Md3h>Ym^yXDkNS+!-*
zA6@x0L~`3{PD}4w>NFmb<zzG^T(|n1n098aW%I=gWBdgp>{s1I0fk!Jj}^lx)N{c4
zmlw7Da&ZsVPi1~AY5RU(8Q~c}_wt%s5%DbCG|@@JWoIaH(Bm**+cbprdi#lqm+Xs)
zAl^rh)*a=P(RFMlC~~JSV9Lgw085#R8^*d=fV>$MMsp!7_9fj*x#}!Brl!=l;$xF2
zf!|&_b>@{b1zo1L!wMdlzmk^y`yfa5{)2-#Y|Z=9o1kp|1&FOrbXzl5VfvS>i=NEV
zvE=eyL+i*=Mmg5zFS@(bZPvR#6<r=m>s8#k8GblaFlttJKWXm`%A!pR#_G{i=tHmr
zDyj<LpM<>ke;cYICdUU(`m`k^9W?6iihWDpjW99I`>?S+Dm%<qQpJ^DL<3Es9QN&#
zeV|q?z*ppLGF`W!xuUrJS~sLJ++lVug2b{-OJw;k30Je4W;Jd#_;AbuI(dobgzAAJ
zcn1NqjWYSaTU6$s-jv%e;;Fv7WvRPZ;NzuBxvl3NOBw6!413h}M#wR8dc%3aGFZ*=
zJPmln@9Va;SBVvftONlnLsGLXb$n(dUb1TO9aK7gT|iC?zqNg<@ecF_Z=0@B9w}sr
z)mFC1H+Lp7@ATSOn{zhAYkFr3!#IjQAb~o~<JrVgRkpcCt2P0yoJkSMGpW^Yx)zns
z|8XoN>_ACG+yDBa8v2DAMGY|MoCym#2=UFj;CFBjgp-Kep&Lt93;j*!TB(lWaZ8rb
zGwLq*(`ho<4(*KWCKCI*n4L|R2xH}_`aSxAa`-b+Lok^_W+~A8{Y3qTmd!4SPn3H5
z$jyTT(iF}82Md^ca1-tWJ*Q(1sk23D9rqvk8t*=svy9c3`r>b{H_+?w*3ZoP61Vec
zoc@4KAI#>bFBe%&W$3(3w3_mAe^ry=D$Q<Yp~c2~YN@4v`=vd+xP?6rfw4;5>owHa
zK%qe2c~)6?^*ePiO;N8}x!3b$eU$If_Voz++h;Mkb9ITKl(Up38-ITLlRd9rN!q(J
zn{5$Y&b?m0SMzhkGPp41dFp8ZbN&e6w0u1R?s8NROUpT-4nzwwXwi8kavSY58ga3n
z$;|xV_Ty;XUdm!Vlk#Yg+YT@L4TEzy9Uuh=Cj2{5{Xn+PT$=FSB<t*3$+@n)ReSI4
zii0xwu#xlFYLcFP`_n`HUcuvPol}oINlO~H{+QHVM}`l)IxDh0qWQHMO$P`4+;O;I
z^WmTFCTmzz%5Ci|G3~~J4)ZB;X2Imqd68~>c)7$IBkS!2rx`jZk!M4%&_!7-Lu$#<
z6O%tPa-&-?HTYLzGqaU*oI9RG%F4;fj@LZfC#Sjh<gNwY@z^@uk-1wg>T#wb`PPH#
zmPUR81=y&e1xmE=<z|lBbjXQEfUw1R(dqg?@?^w8NB{f1j>Xi0H{S~-kAzm(eKx!2
zo?ejm5KasKZ7bOv>_FY)=iT3PvOd^xQ#}_vqLIAmvGu)nz)!978Nb)s(4OdK9V5pH
zknB-ztLT1lCs=g@B-!;m4^tYZ1^PqqQza~^Mckp3y|F=^a|04@XrdsV5ryjLJI|%R
zcdit<Emt@sm+2jM*Z)>8AmIxu0$k`heLc7TM%|L*_z<C;U=o=Y{BR9@*me`j3tvAY
zZuJ;Tsow}t6FPc5Iox>fy<{V*-oX^~(x`yEAtO(q^VU{sXOJ<6c|k}8;krz94bu~6
z_OO-s$nq}j62U~MjFKuoo*w}WlN7ApwvwqmRM$$*kM>uunkzjiHLaDlQ}cED2rJ_|
zYdPf|T?#&|E;(qm;{U^!=4uRNR|0gBskF<`E`r8D<vKwaDsxcXD7F2g0$f^{y|u;e
z!TTXg8>l;V%SrQ8my!ELHSMu7s{W#K^6-6G$m}5}f=2S~dgCX`L~{P2<C7BKV>6L7
z#@D*_+u85BvmZUERKPf4PlW%6wMHLpyTP0DQF&Tla90^h)*^&5IjWX|M-MV{Z+c4^
z>aJ|g4(p?)C{C2Tx39kn|MFOG$mouxWkcMS7yQHA=e<dVmD}^vfuB<?_Rr@FYE@Mm
z+l#|8Vni+s)ed(K=mG_5MYe1y+gwk=hc@dtl^wmFjrbo49g8|PUWr)Q-01S@-sd2j
zzswHLNP*NB8s1LNLx?aC^9V`bf5-2BF4-F~_uj_$fJ6SRqs>wsP|1Eb^?=7GcGEYz
zqdlM|JDDO=ZbQQq^L7n`W}I>E(!dGjCAP)<^Ku$nlpSFVX9t0*fma1+(SeMVo(E_W
z9kcFts~A^9PVS$0y(%Q~p<_M|_&9M`Hr12sy_d3bk(jVo8C~>a^Q33KH=C|y<CXz2
zQ_|5v5M25Ca?Y0O`D>@P5I&|sf;9h0zW$h{3BB~V2u83|Tfz^3@1IDLLyALu@B6yi
z-oIcLOG~Fw(`J&SVirREJ>Osdl}}gYxkM*peb)1rNO&SCb@<R%@RZ&UwSO~0`*dbN
z_M+hx^!9O5HMvJ+B~X{ZGzH3m*YB{c2<5<I#O6s(jKm)+jg6D9Yuw>i!&FbwOU{3q
zmG;`m%rvYFe};OvRX&?OE80QC-=0VH-#(}eg$+Pymc=!1)xl1p-Q2y}9&5yGi<$f;
zmyqng^(S%S;NZwy9Q3^GKwrOjZ$}}e357>IjV<9Z9gz^oa+vO=FI*DnyByG7)&Ya~
zdN%MymiH(}9V6j{6&#T<4(O-$Z&>WfYDrV;VAkH62vZ;H*1<u~z7^2xd#U}30<@M?
zAR+U=B5(^Bl~^A?`aSrpL3om&E;(72EG1=g{oHkQTZLc(c6L;<v;2Cm;jiRlCKSr{
zcsBpfcDc#=XO=Jnu^mqse_Ml|)vwWa=aR=UX>7X(2kB<MzNqp!a0J8_7y&6BeaW7!
z3~5V=Q|Y-q)Oh=ju&<ucgX!Ac^u2~jhx#Z=?E|XmH_Q3=t3`kwOxFstU;Y4zL_gJ@
zSI1ZOnC)7dq{>i6Z3$5Wfs2h2-;*?pDDACS`M}{lnv3$X@$uo*N{0IQ;}d6>{Qy`l
zI4$w)QPUDq+cNjwa}mVk2P4WM<$6xH@WNc1lqJ;jI)TWL$`GadpEmUTeLWfkCNs|t
z_A(HB{U0Oh!h{TOK4&>~#vkxcZ1BL@NIoBaHo*NEwRZ7b*hvYMw^-UAsHT!yc{bB#
z7bWz0t!Wa)6DSVkFA*(m)KLA?TVy7`ouPzR9g`G`XEliJfWpmLfgO!U<wP}3=HpuC
zc5c><$?>hKok;W8?c?3&U~LySkD2F~D_E1<&a@$4Xh9#Zq4=lHm~Fl9QtC8HVVW%G
zwG_(#WLW=Vd5~Y?zQ9aJw&jX+u1QSV?*x^`ski`oR|gunKa)PpUsi=(>(M7%X2Ej>
zpXB;7WwuUC&HDk~fkDy5kI%NYBjVco2|v;t0rNA*x1XN!PYp!<@IgtEKw5y2H@Kve
zCMxs|PzFXTy3}<*K?L-lF`-)$QYv_kCp$6O$#f*SHts(zyLr@3u~q2UirH>~3uMSY
z7T7N*wUFpZs9tkb&}0}%0q`W>CdcKa;EJH}a{>*YFeZmPn7>MH0iC!H8B1V0U!4G3
zyN~0G@;mf&2BMv)b?<G|KUft4Sd|+Zwqda1!mY5ssRk{y^!4SU(jdbiZX5uZ{i$Fy
z##j+9_!C|o@p0c}yWU1}V(7vG3QX30SDEa<yZX2h=?=cWjhs<n5LE=`&A7Mc9!Fu4
zlwhE`^{#pM@ulVO14-9#V3g)#bOxqLHR8V!A9vo8r~h&S6ZWwX;sDVpv6%NUJuu+G
zkRq1wy8E9AL_OdcV(+{Qws`abg8$X;d5#}BoK7eQqAW`21_ZX*S$9qq6;KpSXL$P3
zjg7CZK*5OM+QYd!M8AUrf!7oOu=lJ7z{4rPZ(FaGz|wzC5b#7N&d<4m=5bDHQ_5N@
zZFuv+!Es?hI0jTx9grP)+uXVo62-FHM7@9TX%_en&H%;*V`L_iK(^jRIE?pC_iiVJ
z$lL;(bhxW5Gxs<DnGTiujVG~FnH{EnOZ#8BBmN%q451I)FdfW_X7HXnjE`R}w#Og@
z^aBBIt;9c+L0`~kjQ|qQbgzJn>lC2-`zM`AL`y=E{qHX|0Q<kM-dVD6VRS~y_yvGH
z_8cwPYTe`PBhd4e=pX=jCdCCbLCSR=VVDa10n{<gX3v(&b(AmJJOwCHeWD21-M;n+
zNZ-Cy(SohJXTXEe@NLLDX3T?23Q2ANgEu|k0EfqZvLK~X)!KJKu6%?{ZfpR09j4%T
zAA^;;AVAcp)<X#lQObyo)X^l`J$ZprFHOwL0~=xhbgYNLjx}qLR5qY|H;1H&L2$tU
zMPze{AVs&RSi@-uw<J-vpnO!&DgPNIG5~!MO+DJXm(`yg{$gRkxnxKjaQw+?B8Fr5
zZg{36gqK63K&uHw3qr}D08G&nb?~I<MKwk&QZ~5lO0lmWg36_V*RGw?KiL0U1#HJp
zFe0TJJDRmY{0<?!R5tyIp^{&2UTXYTf{{7H3d*-6U`)pZNT4u!S)=0r|E$IV^CSQJ
z_ZrvP6Lf}Q%$ro_Autt;$7U+`$|R6=uKTXXL73_U^!dt()^RzkLb5>IG_Y#*T_W|(
zP7{#D$cF%nZ*YY^1MMgMvUN}_c}v^vBK6#JxHx&wA^Sw-crN-AsTLeR_qCdekL{T3
z7smDaQ@Ke#am+a^gbPsKHSBSJONn97M?ECp$$%^L<I*UDI4ecl>y_mcZwB#85yYX@
z@m<K9E113C$zRnAEPGxTm1sCC;y$}{E^$C5`rq)X8k@$t?FN4T?L2|%tbg)yA1ODR
zHhmI(seu`kfME|!uVZ9NZ)BWRUzWf0#c5yMNcSG*4w_Fucj#Z!ll6oYN_Kq_hrbN1
zZh)qVe+?+jO8B|*fz9nHphOK<W`Wf#k(<@AqqB*WURMYP5<QO_;Eww`RWL3SH=e#v
zclF=^7%#g~l`MnNut&gnGc=?|1k^=t$aqD0fA_56NEe%D2i23H0HIKDk^~ru<X>Ji
zgpPv#lN9Z2SVH9wl*w8egX;$_#&*3ggAMK@U`!H9P>ac~UjXeL=hx%o5knn5ALUpt
zkun94dPUu|2Wqu60{#3RAMZ8bv1|yMH`|<&NR3(o5h4I?Wzwf$18=Rx+XSNb-oEVC
zxx`6?mmH=6OH2(ChaagAaAk+-&82Puj^o3@=+dvracXsUa9Snqsc~JLu0q~1WJ8#8
z$UZ4I;4XUZv*{I{=&ZNW593pOPq@*Iq*ze9mT~8nvjkl&aJAs9?6LU|(HPMav~q{|
ziwPk?YsSrEGLG;qA5y9SNpVKdOx$vGW&&d&(hbnoey-QSAiS@*;U!-!d{4gOCxaso
zj{xI_M%C(KNCn2r8Yqft*2ko;JA$!M%Ge1w|811^vVv`dq&zo0j7<O?A?Y%Do)P^@
zz!?1^DXYwvIkUyba#R>pUPu)KhYj0W!Gg<I!qzH2^sD`A77O>KyD|Z!&@2%RD$y!F
z1yJTnZhOaukx^CSiz{d6%qe#<z%?mYn@7khDz%*#7eLe-fLAB#DR{Lz>8tIpB_|QX
z!)X)(U>wW>#wikOc2+T!(;9-q_1%BQ=#b6;TJ2obFVRFJLm_fHWCB2*qXXtSr9jl^
zeh&YQDJ#S9?qAndn^y1be+G_8B{1?#B|X)wF-K5x1X_14iDEc$h1;n$h=e%c1|Q~b
zP{l4C;eS^^S%bmkzufpQH~vr41f(kD0vhX8ri&G0@(cZc+bYPZJ}i<ke)+!uW<kgL

literal 0
HcmV?d00001

diff --git a/public/svgs/pairdrop.png b/public/svgs/pairdrop.png
new file mode 100644
index 0000000000000000000000000000000000000000..b0e9ee5d0dbd04887d489513c35d4d7eaf48ec0f
GIT binary patch
literal 61165
zcmeFZcT`hd(>Ht)0tBS@CIkfOy@ei--n;Z3s`TDNk)}u$lp<Yv7X_pQl%hycKoAik
zND)MOZ(qEwyFKfB*ZS78*7yE*vw)nOJu_#|Z_i9-_8v&q*Ht4XWFQ0pfLKFa*$@E0
z*h??~#lyZFgiM`bU;4w0%>oSVgJC{?-p+3Kkg$MIA0!MJ;^qthA#<MkUy0ucK`&fV
z9-(<j9xjVjPZ3K;`8L(IZ)wO2x!k0K+l=GSGd!URFs~2crqjQ>#*l1Z`b@iulhmhC
zH}C|?#F5O!ZT3#RO#We5Il~t};g)dPm*zfOTU#SsUrS#kTl56q+E(r7)|ae0<>&L-
zJiPHWMwE|K%rJlGs-v;FJ2F|mKLSdC_rR3|wgpuuj)^swWp-}Zt<z*w7<FL1J`w}G
zXC9m5#cx-r0stu9?am#2jXQV#sSQ?#g2)Ux^*0En0b3)LYHEC$B;#TIz~%=j@XtI{
zB}!G)7J)(?2RHJ>*!cw>#d`Ghr47`?J!owpX^4fLfR;9v%GcRAt^~PXB<*6_S+;-6
z{ayemm3<Ja<;8Oio7U!7a=87P=cucc^cEEM(D$kNU;#VFcd4G=-<LP7vt2@q&ixN+
zr5=FfGvI?nt(skmvaROg@NLROGXvA)@nlZzPT20P8S30cI4u)Ri1V;^<!bVsw+<z7
zk4c<WjBY)<{irHW_f%;R`FNkkrQXW1K75ZB&;RVb$c$S;2AVAgrWhZ~pvhI1!c{NL
zO=I|i<#>lwCMwyAutU@ChZzEw!D)!}3cvSt+n!ODm!S|zK=16)5Z6TO4YAFamy!3r
zj#8qpiL8ElMpuA7L}l7|dt}_Qvtw*;_wsnp?9+imBuC%EEt6UFJbfHz+vPyV+-`>k
zTG!FtcI0~olvmgOAolTrKBVRf|F-<CyRiE*{Q2}EX>YCH0IlT+C)Vmh+_2VVrlT$G
z=<O+B@8s=(6bSM3!I~Wa$SQ>R*gJY417HqF7dJ0Cw(ZxwY%n(`IkvmvIzl==caW}b
z>S2CJqcB}#$1o2^DJM1sc|zF`X{-QGWPm*^#Pgn)zjTNk+h1~}vDbfY3$nrfA_?%2
zV>8pyhu!h^L&C%a!~}%+RYKf?MA+mBVX}Ts&eDd;s{asyeJ97}8W7+kEhrcq94rtl
zD&XzsA}A~+B_${%A}AulkEP)E5A_PL58?Onzx7AN-!hbu{*HcbJ^^mtUa&th?H#-W
z1LWA)u;Z|Q&d<|FN9SMSz5M@y0u~R!5PKg%VF4jQPfx-B<nRwr3Bn5b$Atcm9R9{w
zClxeA`g;fZIU-epkX`||{!@gL<G=WQ0{!m&rH+%MAo3p46HDrkeX8*Pc%+(!j{d(m
z{y^a3=IQen7Z&XQK^frY{BN-S$K3vm{H4x+P6W&TFS-AN`k%W0MU17=(UDg6b`1P8
zJq=|!wm;98cJg*~bCUk+QV8jQggXlf^E(QOJM)XdoyGYbM1}16MMT9!grywqCG6o6
z{~=1l%Rj*0%MtlU6jr!^8&-~^y@-gglRcbYOj1;WUrfS5lwV59L6{%zAO(kuNlA!_
zON#x62t7YHtX10I`_EbZ5#@vxB`zT$EGa1_!Y_mrM)HeE!5#VSk#KvgJaK0!xQLUm
zBvSM*QBIE1s@{H{_Sofg^R#zC3i^1t{59|gaA`$-4LLRu0il22(Z6RO;EZLEW7Br?
z3Jm%8fU%n=(kQ_G51PV~Lc${AV&ZU7?2nL?_`iuvk$(PIOZ+2KSV%zhZ*Bf8i!@dl
zEU@-}>=Y~DFAl6O(s%rj_5t30#@^od<k<d93HFEcU&A_BcXF~1uvfMZKw^aoiHJ%I
z3rmYg8DoEoiAoCz^9l(|3;hSZx09Q5=>He>ALoI|{=MYtZvNQkhyHczZ;vuU`u_dy
z@3;5d{&FQ4>@TN~ws-tn1%LY>q|;yX#LD`6$kEl_%LR#z9{(`cf8KZdKbV4;xU;>Z
zh?6M4sIa&sznG|)5Wkd|gCo``gdM~kg+#>d?f=&5U()@(odbgH{g8?-SRAofVa@X|
ztYBP!Efn|voJ+7P^3N(@0pk}I=KnWfqW=I)@E-~b{)rj?)L2&V|AmR{Uj+XVWUzdH
z-@^tkY%CP~S1|ksX4v`u-~9T=TKwO91Pu1yhy1Vb{V!bqh3kKX!2gQ)zt;6%xc*lN
z{I7`rYhC}p!A1D*ati5%&4Pll#ghEJ$#HC<h3BB9ru<jQ1)Sb_9gV#r@KHDS2Y?%t
ze||tfUI88UCVqg1jtc(TjhlqLI6Jd69{>ObXecWhhs^zo3@%_&dwOK_O)k{gU-whP
z5|2eDawNye=Pg}<=-}Wix{&nuqh%6#5;z96+>YM<je)~OPKYEV1_{<sWqh1p2u-cr
zIO<L33OIvjj)xlRh(#x>J1fJV+eGz$3J46myB_xJxcXJia83Sp8SDwtY3_RbQqD5W
zNmEbcQnTgu_|v<C(V2YJ>N%DsdoxC~%5TEQ+Oz9blSek${J;3gzwr$$>1A=*ekXmN
z@Vj%uj77N(?_uPmxvft4X>n`)zAX#UIsQ9g)%6C-twq$!uy;>e`_2q%Ia4pyF9(^n
zl|-*h(hT?|4f#onrJ_ou3_me_(LY@K*wL$nan8yBM=>;phO?-L@O$8OUOY}~zwr2o
zf5pf17C4}+7tBuH(YJO&p|m+FJ6P@ze<m)>S8RxG7V0za&ik?J^=SAd^`jj;zd-sV
z%Z<mgJ3;aG<jFDFZxJ-g;&S1gcZ~ZUuZL2x8fg*=e+lBeUJrTku4N<A#X)^{B9mMg
z0i0kyj0`GHx0xtgnKj0rE+>V%=h2NmIF$RWah+FEM6m7w!(o^P{5_qWq#s1S?u-Yh
zo|2;|aVq_xOQmWQv?i3?za%)`N?qp69>}(0^zJoC_QOp38ieQBo2ln7<#wNX{hpK=
z&A;6x&L4U+bLiOT^F^=J>EiHf#=|Rfl)^hBh3V&bPi}$cOn_SFr|n=g>yzC2klAFU
zBqi<V+U2!tPm_qGdYv-DEA6f*ydR2j48^+Of{8T^W-3(Ip~BMq-PXDVc!*zvfiff&
zerlb(zyFEp!lnOQ(&F}=J*js)Y9r#N%4zo2>n0#=Z5$t56r*G!>(lcbeu`HnzTc&!
z-fB>n-@a@GN0*_ze%QQz?{p_Wqm%;}SU)1aOH~B#kR#Zx9kh7>Z=#v6CrXdVPHVbw
zFo%paKe_>%D;jYSj}xFq&m{zKf-rmhuS&OI5pER~+sb<e(lP)#{$l*YxeM;q>95?k
zW=%Y0D+P6xpz?cC)U<;%9U|!3a-frf8`X)CVd`AI^+Ku9u{~7xWx4VAs4)lebg0UR
zfAtpsJ4fJTZPcS6_Zg#+-pp#w3%{$PrfSO4{fAWF1WS;bwlgn!ExOa0f<+8LbwmLi
z=G1`vhA*;sR`U*FdyNK2EIXeKl!PS3@+o+iR5>e-r61_DNu9adba?8@j8KA{7x<~>
z5&fzDcwYCvxi(mxZKPL2c<)Bg?OvtY+-f}seKf}_-8FUGRwE);>~C^=u`*Bzz?XJK
zUYC4`pE0yQGRYj88Q+h>efz7qmxu&MB(k5?*S6aqj23=0BmAn=6_!s5V#EDN@)l&R
zI2w0bB4>uc#m#J=B=)rok0c3Q*N3AnW?PG&!@+HVU)b)PF76n1&P!50R>(;QWZrwJ
zq;Z7m1B8qM(C8bwp!QwWz||2-P7@~KCj~zsQT$)X-mt^cR$TJ<?W+Nw<w5)(OBJ|Q
z^gc)V>EIgw`Ze#G^XvHU``_lHr9hZv=0@0p_Qmu;4?Xuzf{RES+Et_6`Otb(6=1N5
z`zS+Ux$62*;SSf}crK$P39{=$*N0Oc9L9GAbYn)T5UfDS24E*9hEdY%V*gbQ+1q{>
zR|@hZnnYVp0$}n^`T^3>Ht{<IYhhjzVEVgwgqx#D#H3SFf(nc$$>c(u62`aRg*Pri
zP?q*Y306+u2Ng(dRBlVq@To5UVUnNQw^-ZS?rQl-9Chod6UzLz!pGBe@ZD}W2s4=a
zM`&MkPwdJbZTXs0-VgyG=`}C2!m(zu`n#V@X0zUh=NTp7HQ(;LJXjA+{d39Wl$~2(
zX<$m<wjK1I_n)KAq6L$(a)qn)Q@YP@6#T)=8g8@Mby;{<qDB-{c$xMyx@ASf)0J)Q
zr6?ybPv|(YZ1z4inz<{bs@Y?}V(TxKQB|MPt|h{a(JHKh$s4T&S5ns!BQ#IGDeW)R
zV(0tf*<T<@+CbgEi&o`iOHmjcx)@lmlu8^BoJ&7Mhs#NNF@Zv!hCbcm#X<U!iWgKe
zoJ{@=uy^5IGD%vAtg`$578v4j_Jp*Scb2Uuh!TNKBhSXZ^_y<;v8>qD9PCT(6%zFS
zo}EggbG}}bTWKC6KcWfHSwC05(Qr)|(azQN$#*dyYl99R#(6_~Utmv-0x1yU&e&iw
z74yerkQ%^={;-;k&1!$N-0z<<d)C#36*DYQ*Lw_zE#?}+oec(*&Ca<0m-_YQY(0<<
z-*VuG`gF#mIZFu(vMt2T3F?Pgz|l$tNfn;QLJTD!ufF%kD`d?Y;j&?twneLwf|@$=
zDS3Q2;(9?`fwtX@w}AP;<-yl@-eR2H(kqAc$6rjD;~lvu7T$i2Oh`uaVP4sJDDtjE
zd%p4*sokLlHa@52;KW5%l;B!TzW^9gI;%{pkfh}_IVr2Pi%+bVax$Q<Ns!`)&k7SY
z9Xg_6MPQ8n$e&=5pD|ZX;-<k{$n^fXu3rsMBhooYO=9s1RLr+AP<5<FAJsG!(0b!b
z!-T{66Dg)09^b&brMUXE*^*Vf@=ES~))wl(^c5^p3kZ-ON_q2WfAaHhV*n2K<((tx
zf0f^MQ0OYJ>7oWJ4r2oH-2it7?wh0jizT;5Dos09aq!wq>W|jc2k?m?DwfXpw2QN~
zUyO^prYu(zDZokb2nrw#2#J5!iyr}I0})iPl9TrWjfrSp@(^WkBRiTm<M`_2`PJsJ
z_TF`frlN>WhPn~^B-J~y^h~|0LN;zAb|WfB-;|81hr3T=%?uSaOVqg$njj}!{q=ju
zsfdB*#<PehNYGRw?#jrMijRUhu}-hkz%YwFxi9aaZ@_sRlFlzL+dMd+{6S!JYQBGU
z8Ukok$Iuc)u#u6dS8-+N8?lwV)K-doiqFAHAm1BrhfrqcVx=G>CrnC*>@9?-KTmz&
zB<=s?$XmqYS9$AAJLzDa9XX#$ghdHm8aLg83Ss8Q<f+{1?4RhKru#aWsgA2NM3#x*
z4RI3OQF^Y<mGxGsB(!!3yr<xdbmsB?Osx#kOs8D)?@9T5{B$8BDMqB#P~t@rcq(?x
z>B{t7%yRK^Pl(zk-gdVYYb|3?sQA$nb}|S%>=*Tf*@}usJ?V|jh$_DQQubepCQoUR
z_5{oZz%aWRC73K-3O)K>cU2}|$cY~ZdSL@HsrbairU=s4<Rri;gk1JDi{YtF(%sZ6
ziRQZhXhDqR@cD$?lYZq)HUXn@?vW$^SC!tOHs&pb=lfHFohCrp%t0o~3Z+ihF*)Ug
zcsAx?p3~8ibKL<(_oe5KD&2zYBtz^;6&))`w{)WTJom~<KP1-pv25^k?WlvHAc(`w
z_OI5?A`cMi6pCfz4+eR*!`T&|vO(Wb4J4OPoh4?{F=^QA1yh7Ss+f?=?pG#M=doC|
z(s&kT>7_Sw@Rcq~@s{MAR*SzbuJ&=BP9zl{So#HDPkBxcIA7b18H!q24iz5z>7Nwz
zeq=PN;4XVo2!Tb-CA^*=RiUG3oP9oFwx!0-r3gd8cCNxi9)SS%jN<x*#Ft?#T&Nq5
zH5`N(9{bh_CSR4X9|dqUFRO#Caois24RFqWO*;tY<9)qU-DR$eV^$9SQ9!8A3gQGk
zfsvMxOt+s+XxrVw*<NHP#So$#V;+W|={hsT>qFQ<)2!qpYq-r`icn&4(2FTteTE~S
zCP~9e;BB>ZZIXIbk~$C@vY4kaVCTx0TGp)*aD01bwGXl&m-E(6Taj(l9rdE5)u7de
z|BcApo@X-*#5V=JwCN4qc?F(0R7k7qJe8Mzb>)IbG<s6#bRN)pq5CJPeT^rTn5cct
zZf=;)_bPM#)Y633{Cy7p@qFD3e_%=Dy|KCn)y!HbRAMm?`_hY-WS<2I%R1!aLjyq}
za!P&bCk@4EMn=$Nc9pecNT)9Qj)fYN%p-Oox_qlqg#Quo<DP=D?K^6VGYVrFObRZW
z0~^Q>r%a=ZAq|}$mrB;2@vw$HN#aNWraRQq%y(vfUyfhgXMh1;a#0(c0FgXNX<6AO
z{d#K@oh}S8-z+7AqB0am-5_?K<seXXPLRUG!v~z8=qPJ|Ic?`z<@-_ku*_2Zw^>w)
z;S}&N*_auUx6RA06n7>GKp(*+VMFi-H*cEs*G1lo9}`wQKWWT>kOgKIpVx}0;2mtQ
zR=MTNmdP->XI@u>wiUiI(`Hiw=TKC4v5SuN4_7&SO29Kvm_F(524z#16l&izx3rD>
z;pw4bh!o~^78yI2bU4L2oMFiSwZrU8R)5IG4-w^V2s(){9cSVoLhvO8Aj*y|Ahe6c
zbEW(Gfh9?~%}e9M#Q8Wq0s0{@%a_)1;{f`av?QGXh~p*?-*9j~WsfNq;j(*^36&5K
z94HMXH_knU5n6o`q*FqG%uC?HPx@oZe7j!ABuJ8Q2r*TrSBF=Erh4i3+0nnN0X#7@
zg;KIC>iUDNS={xHw9G@3wH5>8ecpYT+^d}L?CahZrm;G_BTX;bARMg8;itIn@!Aa%
zt~E!c)pHL<D^-NVZaW6M5DETDSvri<c=(o@&eqCq*AFcl)wq#=v>ut8)goi?Z74<>
zh1axyHjTEO;c$L2=zt4I#V#^!9J)8$kPPjf`ypTN>1kq3w@EuUXF&n2i3Ll%%(dHp
zzo#)l>OUbEltq2UOdk^ELgme*?En`R*FnQbP+MZCL2s-5CoYc(i&Y3F%J63OAXU%e
z5<e8!+a(?s3DX;a?S>F~bdh9(Y>tJvVYi*UyW@w2vE|nmL`k2T%J=9Kbj;l3(a}qa
z>;yTcgAODI4o;bolbsrochGI2g7Q{}&H`y-JEsqmznS1M5HlUTs*)r`ZC?=xGz`9?
z>O2NvS|kPI-i#n(igWD({mEDs^zVynjTq2;FCN$VrW{lJTw7_>jr^Vkz3R0qgZEbI
zQif#N>`cC@(sO~!N8(;1`Hnc{AEbWF!PGsZ4)lt&@!cK51l8QTG`|5??oOK64`5iM
zq*mDNO~-G~0Vn(Ou?1SzT*<Otd1X-51ND=MpDXb2Kn@y-`>Yz^Mb6B8DO52+M5lS%
zl}YgT6ZGWkCAx=5nTg>gH{i`;DhV~>6$L^Jeqqt8Wa>-BKEeQ)y2u&HC7VP^FdTYM
zofm0@w~zrjIFa^bfXlQ>!yfgFGlI1d)wUmdvSU6C_tcQmRH9gnNz3PW&V|O9F?>Bz
z-QCGI`1Moc*0bk%Juw&C1jUZB!qU{}6v(=U7bE4=nmHpVTC3}tX|H!5in38H$O7OW
zH>WLWrJ)&Lp@^Kb2_*mm7RwIt`AJU=_b}n05let+fYrFXUfL`2s5Ce7KB5g)-klnQ
z<2ev=aY!Zb<Ur6|1QSil<K*mUMP-EK&Kl!|f9SP;U^*BE=t8<3=1J&syzzce66A<O
ze5O|!3VQ0mNODq0k6DrBGn1IBk76%>=b>>L)qGv`$NcJ=ttWxA<hZjZnSvDQYHW7U
zlPw@RbwOb?YSadd9>=j;I%KGRP$$0JGKyl82dxPR_TfuT*?oyMJdtHvEKkgDH3ktX
zQxXORyxkq%Tn^dtasPaPGBO4@(}A)iFJXEiqBEZ3S>h{(?r3yIB`EI!s!fh$VZxcN
zf$mefO#jT>20QQ`hfToRHs*%pRB;<Ck;adz@zJNMP_n%nvrV!|fm-0%aIu&n8<rve
za7sG8PxEE53zT5~Z@lVnROKy9@v5AWFUSxHaW{!vDu~VYAy+~tkEB!B=mi8>9^4oR
z_BD2-08b@yShZFYZYy--9h!i8;?weLKind(b3H8U9!RVWGYna+_r2IHq)S+?>mBcy
znZlS04%bS-S2a)ux$;?++7G{Z;O?{n(YN-mq#8aJK+yCJts_DiI`qG)30{wbB!LTZ
z0?D36ytRhLJ0?$a$G83c+mhM(V(|nmHhFyBJ>`}?9E3AR@FtYN15t#<w{YID+Yx4)
z_%0BUH-TsCaicCVjmwb%rhV0PD5=BoS2&+{UivI}q0Bu1-T50Rve*O)0?B9ogeL^}
zQC_&NDPSfR_3zb^L%W!KVWP3y;4nv!-$U|M9PsoYosQlop@t2v+FP=B<TT7;dOucO
z&o5kmm;`hvQ4z7swOc6vxMyX@=y5~&N&#GUz@3dkey_*Es;Pv;q(Yu~cBnoi32jH1
z=6Q1{?yCcxj{c=%QG#%P1j0^U1C^D8%IFBr?^77+78~lugQDWP7WjVNa2AE(#SbTI
zfktq^4d2XCwIn2p8{UssM0u&WwSbv^Yb=%A9o%`_04e3p!>2~;QrKlff5Z{#$7xg#
zGS%Zn2X3=a-PZ;7ejd{7*#Lu78R=?h<mQO)z&WFEqrltXU(18UC_bZKo0^yf+QD51
zH3|(CPBI2_8dqV0i8?&G{-BW=5QDa^`056*Q*@?B0#4U!e1($4d2cB1@*6k(wfqZg
zo{aE0>KBp^(h!}q9D(hvM9jC3Haq1l)prYDoarske#;+=T0oIdqdVA9xa30qt;s0G
zn|52WI|?h8IH(^D;*k-TCHWgBF!U0Gg4em-Es46Cghk%Hn$<!62caCX#3ONLA6JL`
zzuxwl(V~P4H#ns~(#X*>^E9wY*z7dL`_S27Pntb1HI{NE*+z#>pa!I4=6+%nQ~*NK
zSEtSh2Aip+nOcJ6_LYk;s{m6u%{Mm8n4#2s)f@Pbh?6?#m=z8BPUFL6QtyF<ui9MK
zWkseGDEb#Ts!0H*xD}wo>1Ew<v88L-SPidc{UW1=-IQzekg<E*C2}>nQGpUjO7=k;
zqKnngE1SGNqqw84bp(5Wg4ewElRDt$5XH%8(cq4u8U?qC=e>7Ph2M-(IkGRh62~sK
zV34Wy{$g=38d@#1ed%Ju^TY+5UVCe|8<^TuvW%Qn#0If~FEss}0)=TuFGYGh1tq<R
z_@9=BIC>K)ggX=6#1X0DQMb5BTAT>^!F2y&7KkPu#n3Z6y!i^}qO!rMoomG~m@g}}
zE~=nsX873BE##()9;Y#$%KTLfUWAY1EhP{>vtVCp{>bPiE8IhcOv@r71XCeAf9y>3
zG5bn5&RP~7&~A`V@g(20=zY;GasTOpJZ+7@dBmYYGV94W2XF+dyTk1EOVvZmRp+<q
z%|><t$Xc74&pERG$s*mVpMs<p4FgEuoNejz1Fhz$WEO=e2P&CxCw=#+T?a+5Nco7=
z&!W={@Ya|tk_$(FFu3{Xj6Np1L0;UE&`#HSuNx4#w0WWhI-FLEOpce4pO5v|Ym8eQ
zDm(A+ZT+fRM#%g{Bw_JhvOS+sdhz?Q%DGCM7qNBExMSvN3#)<|I^QepN#3}Uf|i!w
z|I)Es0P9iK50;~^5=m3v=`%sLAHJz~ts&lBkMf$|bK+10Nfub9wB6vGMtKf7Z{4(8
z)o+zjc>085xEjwXA%c?+Qhd8XWdCe*wSr;_UIENv4n@8aB~{Ff=!1sytiRVmTm_CX
zf&w0WQXZR_LudqKb#Rnbg4t+i_OtK&sUOuXf|}3^ed1Bka>x&cW1<BY9M)n!Lj(Vg
zP24{LaB};Fpo7+{S3iNYg;mFxr(NZ^jcf#Hj@l8QbLt!Vw$wjtuy~TR`XJELYuR>(
zV3w$pb*`6zm3jksu7rdiN+2H))^fg}iS!}{eTq^2nn1HplKbO>lb;Kd6D~f)_J-mj
zXz%>c0*!J5s~c~s!1^~Sc4>3R-rQ&0_`WQ2>btxe!kEhQ#{e#lrs+!E-m4N!$Og5T
zLVoRB>YyYjG2^5sUu%J#3Y0_*=V~h%w8_^1Qq&U$vdCwX?Jr`K%r(={N9)jLJ0NRm
z7q6G;NJw<I7>i3G1+lYMUx__}Rt~wrc`XjuLX1m4?#lv*ezF$T>uwc07Mx#;%|pUg
zsev8Gn467B+E-+|gza1XcvikPH~J&2v3fVO^^nu|Mmj@CJ@pFaRP>Sl!qah)#6!62
z?L*chz(ew6*|=U6Le!gM^xAg(JzfwLRS_5!@w*e(tfL*wrqF=hF1u?PSe+yzz&n(3
zYH+brEqtJ>KRr57MZ*C&PXWZoRf*sq^gCNXlt<qpJE(~cJ>O21-dBRq*4(kVJ?Fol
z1ex)y>epd$zZ3YhD6K$1Qd<1>M76q5jeh|fCoYdj_4qD5>^M)24IZomy}{6R@^1N7
z$f>@&Uq`Vs1yH3&KzFlSYz$<k1Fb?P>x5pK#wrxM5n`rDRXV7Iw9b^IDU11Fn8wB@
zX%8eNlqgR3<T>Lym433f8>NI8_6^5B+;wH3^rcUZe;A;t$Wvj*&f^H@aTI%QhyCWe
z?I`;kVVd4*`v9ysD_G1fbjnFVWk5q^z(9uCB}``rMHMCewM9_M&fd38ewzRX1W|&U
z`!uBvQO}>x(?#uDP-)OhKgTg1WVt;FJ`FgnheSHs^iE?Gv_MUL;X%uWh{`U?I8l(u
zx9+OJ#NO+52R>VUk{GS4P|5q?6eU((syB{qM2{+jB%UdW<*APQP^g_5tuv^X1jFwq
zx5t(%Wf-Dfh-i>xA9qC_ovRi=LJeT)Pz*V=i%oG@u=wSNxIsb!{>RKyIa*LW*`#<5
zV`cX2`zlFb5IHo2cBJwCCD^N{3bOCc5pkU?Of*<kg9TNaz=?|Rq4tg0pL>?XC#tAx
zW3Y}3X&$j^c|a#vs6O*XB)8q8gRu85g=`Lyk<fTd>Enu%2OczKJ<`K!gR(?|DIz~d
z(^MwmpJ|6MJ`{<MhMG2AnG(Y&=+b!AwLx8VPK*?XM;<whYDgAp<rwrWij%h*6K?gp
z4l1pr`|go{b~H-fKkz{m7!yPKk9R)A<pp5Oz}Hua<iCFAii7HX#nC(fCsD5|BNW2h
zXsc!;B?H(=f>6XVm<~4%V9)P1N{_Ama6WAQq)#F$tjPLVw^9igdLo2SE!<)KXFlXi
z&RV#DPS>7IB_mtdpZD(LAj!{qejsUsn83otu!L>wK7k%PG!!!RSi{x(ptSp4;v5f4
zp2sB@aWYxEp<VtVN#$<qkm}BlXY5ot>}XRqjF@{PZQ4H0)fWOpPE6lNON_II_jw6|
zXd{jQG^_-!iDi=y)?plzDFbB=tC{nH6!?t-jyWd+9l$aqI+*%6g8))?;b-8?lt<#D
z2~b3o3BbSj=AfvXO>y?lgyBk`TYVIt2SIViSYjukpmGcXQ^K8N&R2rzSsU_M%i*F(
zktmkXgAgVY>02vo;zxO)v6YVyHkjUkOiAo~(E|7yNV8&4TJD!8d;D7167iw;uQy@P
zVpN^}K^nX7&N}?%O}aOqBe9u4!Jx9{)0HojmvIiJrB&9K%|*bEE9REFpcr*jabj_^
zRsYi)IA&iM(6P^f_qRSd$%3|fv~^6mZ04B<j+q(XARfBsv2myZ-FCw$gNdU2;jS5P
zqKiN>fV%P3x+(Zam}Bkcoolo%v=4Wy;-r=_x40)|{J8aCZ&?Eu|25}?uM<=BoK%Y3
z&=Q@_vxhIoiT%!?C~|7_(@8+JC)5DY>;mUVo;8J<lX>cZUVJ{sJcg3mAk`g?nRPHl
z(F(C+tmcjdR32;?ClLg(wFutD=eTG*u-)5DWE&2%4BAl*@S90&gP@1e@~`BTV=!l}
zHNNN653t)adj?~5mFz}XcWY|&r}F-F^9^tK;DqRHY{eukXWf1I77Fr-B`l6)K=3NE
z0T&dC*2zh&xsWDjMKY~bTzv|P(^V6qx>~{e*AaGf-b^}i?(86`^Av88bUh`6j`diM
z*-UjDO>FNQD8PuG)CLY}00AP%K{)j4V(GS3xIM4J@DTg@F$qW0+633ti%5uf&_hQq
zc@Ld#uWFgaNkCU0^pFhIF`fx2?ia*7REfH0K{J?ns%WeXrx$X(<0uk!Gz-0I=M`>q
zOE+Lc=MkBy5OPgA4a!Ezp}m<ezK{dmI7$Z32<((`g=|=mQRGFv4aBqsU!WQI=Rffy
z?>jij-nYJ4hOI9Y?|oBvlmQuKs_<6lj%|Go5+iqAs{+16(GVy;wM7pOM0I&1>9+Rc
zp!mwn%C2Y!0^DE)nS|FbRXNAWCltZjlra%9*9pKP(T?cRnK(*eR0C)M*lh`lrGK$4
z#-LIwm?I8zILsz(2G-O9pD1xV_|m^7O<h{qdJ_^f1U)MgadM{~rXCSP9r7TaOJfzj
z&A!zCSh3(EbN|vRaA6aJPqxwYLVI`U?$B<T3n!V5!Oe|K3$3TFklMMlmhPu=JFU3U
zs1_JNgY(QruXq>-lsk>T+xB(t<7ead_|iAytkh=UFMrd$UG^p}^MH$Y=+rbsIY54x
z)u_zLg~=_xmjC3<o-@e&_$?>JhuZX=zDXssUcQH`?t*s*#q#Qa#@{JRi!Aho^HTbE
zuUnoFxrWlU)i{4Z_1IusNUtU;fvPGXf&+znSfaNw`+_TWe6fXzIKo9iXHi|2+wr`|
zUiQR~#b)aXLah3Ueu^KCV^k$5<u2}Uw)7HpQ>X?&Tg2Sg@)_2}+(TKCv%T_d4AOIX
zZXb}!gV#e`-~IL{zao7SzVTY>Jyf*Bi3=;RLDXw!3SK|VWMY7-Lw(-Wh+M3sj_42Q
z?TxslC<(*!-qy<C`CN}&Vz)Gu-8GlT$E{v5R)Vyv04XX`84W-v^ikhl7-_>SSzjlI
zeRjNZLtZs%sN^?$&*5wP0HXJKXQ@&m7>E*Lw7-P_^NQx;3kBAgkR^?fVG!iGNru}Y
zD;Z`^w05`JBWDL0CB?^Y#3V&Nu<w2Jy{|rQ{i(Vh?txnp?YkSGCR1UNW8#jx++MFa
z{@DwFJ8Z1S2HMb4whC3HW4x=PfA{-$UZ|hhU2nq0(@UWsCcRp*#Aa!BBEu%Ua7UCk
z&W;CO^yoQ&P3F-!pwX!zV~J82Cdc1>cbAvu*7{obnM;e4W?w_xt&n?KEYH4*r+mx`
zFU-sAJQYKfQ~|Bgf;XV;t}0|}jSuV$vWmQO3kSjyKAkiw5G_9*qpEuDENqiT@(mXa
zo|wsh;%-R*wLS-`NF!c`cZK1<V@twGSC0KU?v3Wp6<G4P5H;gtT~4)*Yd^kE8FH>p
zlq`1t3iT>N4`+RUy?%ib7JcYw%xz!<YMJrYXER&e7<%mT*lwjC)<wYyZuPV?9z4Dh
zieHm4?C?z@CvQrjYf2?Azb)dtby&OhE(w_ZzPl<)Hj(7wV$FnNCyUrC#hbtQuCfyb
zKhb-oY&d8cp5QYxIkbC}L1!pR^E*GilmBtYRvw;RJ-F!^UXvc~gy~(>U8<&%=?9x*
z+;3Vw1F}}+PwcV5qURV*_UvoXCp=r4jF^i&`Uy!N%3C}5(>j2$F))J<X4ti=BZd@M
zb24XO#^ooH(yUsbHl&N+ew0^yB3$?)8UMOS>QOy@nfiNUH3ea?-+c+<;`+L`XtTZq
zc6xSARjMqa!<Ag@w%v~*@qDf3_AlePWV)^2ed)0c`gD3*Iva5!)|Ue%C~r+AJJO3V
zw8Dry5CpQ3#{s1h{W>Lu93(-4t>)ty1<j#pZ~IuD5d986#z23Eb}|b7X2hPR_^e$W
z>yqH{1yCbo+z7*<0v0srm3+;Q7Te2xu|^UitjqYMB;Vi3aXW@o&6vOE#N>k`<0P?$
zQ@=**^bH>+j@d;ZXdnoR+j7_Wg4Pg?ADBiis>DuCpK&AW5ci?sI_vj*DIw#QFJ5cK
zg6J~=2fKM8HE@!qsc55G7bLfl`1_|+WL4wN&Pp7RFo=xUzG9UPh7q{abnOS-YkKM!
zMIYD0VRQW<z+r1+v!}u0qbwQOO9<FmLy({nd?jn>JAP_JctAYlyFF=rlDl|wP)5x$
z>pa_%(C=O)s3rO~9|0<;CF?GBE6~s(9iXdjWD3m5j@h!-=xT~&ve6ea4gG#dsM1}c
zkLI;Q){+iA;`DVgb0(b)G7$(wI2&XC{N=3AHXmI46lgjO(TP66ZDCDUN2PW5GQYBI
zqq<^CJ1R=5*sYWd-+jQ@=^FsA(7J49!4$|6W3bx_?~Fi`IxuvmI{}MKBhlv9H#=b|
zmL%(p8q15nZ}xw_#eGh0wM9Plh(TzV>@)h>h63v%uII&}u;R9wBm^p7VtQ%3!BY)=
zw`=oa(hb*po3VeKWvl;X*~jBY-vb8+C9&p$p`eCw`U>5_VjA>?WrG|l!GG}m`TqN+
zrgyeeyC6=y$&=M@akHUpg)YGh0%fb)m0?BBA2y4=+c_73o8Bx>OW~U-`vUR6Oo73D
zh29`~C6Jy030pSUT8{E$@tkz2mt|`(qhyLHR-38&M`|tb$OvStk!4Yc9Jee%tRWc2
zz0%m|b;>F}KS1@uD{=clpxU+Y=4Cr@oB{vv>Prg;b`Jepl~Dbgjkz-QX0OlY8ZEc~
zxTAg<A*L7(D4|FTO&|514HIU^r}&32y2_@i*~%w)UoI+keWX{BuGBU8H3<yVfMI$@
zppKEOZ0-fAy#Cs4-C`cT;*$54+3pAp^|v)Nf(z1QL+Vz7cGC4dbmKS8a4)twCUZ;~
zLBpR;3#p+`JSJLP?!Y8!pgvyV^jE)gsJR4pslOGMa8aF;q%GP0o=*$6`8i}}C=Bvb
z5h2$9z=J{>ft-gYe;j^?4?Osj@oJQ|Ej&<fIw4`?d5~oG<yYV4IR%|w9<IS%RZt!{
zinr_Pr=-wr01p^PGoRdN!fz@SPHK#Dpmyg0tKeTPH;Y~E%o{|U|JMDrJ<?PS^<5Tj
zx5Ax}N69$yAUxwI?|`WYe{E|muM|>NK`F#c!XJ21mZV^-jX;W*zmjhWeBD)cP-qgx
z`&0YK??{#aO$Q-2BJaSq0!4a1C3;_f;SrlrNg3N*jCLZr_FJ==e-%j9To=}RpK<ZW
z3c$1(2dX#F;4=mVWN}ckqpJvuvmgLEBy(w{TlnCZqq(>*(Wf|M3cDT~egrxd;FrJk
z#;jgiR;i9YyXi{3Gp=2$1ek?&jV0sQDFH3nAGttP1X?FYm8K599-#)f#45{fvL}@S
z7n9zk_R-!;Kdy|4x~&qmab`>Z#85i~IAD9n`97f?h+v|v^72REeeikMWC-#u)wDe*
zb$Wo35dobrURE(H4cXVHAmm3Y8PcrbZ`cqPf88wdGJ>EghCGBp6C+2~WcXx9geOCm
zUz@$m#nm&~akIgRk5a!cZs!$jMtgHAtU7&6a&U?lVmM9sWdNFr`M}SE!j*x{X@dbf
zKE>U=1$aUth1mq=4wpXDc{mheHnoncGd#N>-c~xawR}^2+^G)#>X%y^C5rE6PcayD
zSOX9(0kW~Eahs1RH^#jZ^w}2>JoT8LGmn;8q9cLVkA_-34f-ZV0$T{}oHmkb0WVIF
z2yRf3`to77!3$HZDuH7J7kEz)3emERp!=ow9Z_@-6F$m2*J^o*j|209p7@tn=8yq_
zX?H!s!ok?cy?zhR-`+j9H!Z@|_aoD9QK3w<-t|Nbi`+u$$N19T##yY}L#R=KLd9)?
zZ=XN=kO{=qg7*+u1>vf@{jY^XsBt}0<wMH*IYG?Hb{Y>z!=;zk=_kp^(rFD5{K@oF
zTU(Z(i%Ef}Fo1`-aajT)B2sM0i0`vo;}>z3Kn*>+5uK}W-|*KKQ=epXGwt{<hJotI
zuzD#8^Vf-+@svAe-l3ZaYP7ob$`2{kO7KAzC;!0$5rO(UbbcZwJV^G@fR4O!3Jf8%
zPTN%X<w1S;5}lR^!or$8X08*4CR-oxxG#5tgR<kf<^1Xk3%L@1m!;Oi)*&cjHDM(w
zo-jJM7n^vz84v#67~RCU9Wa34_h7v>6yz@RHQ)K1HfvjCi1k@^;B`5X98qhdR{iN<
z)l=aI4B;-;afkDpDPY;xf-&RQUHIO=o}#SM4g5swvB62u${?XB7xcBnXsh98n%s#}
z<(13uawYwB$+7ceEo@C*+^5yzMjD}`y%^{VRLY{?C0(05Su``;VF|tV0W0)GD@0u!
z5NMZkm380pJM45I{PU>^ySu1A4f>UaFI0{7CfC@dfnY~6B<_Pe!f;I#S@FyHI77jm
zv%dJvyLfa*2lYoM{y*x|0H>cASrSBeA*2g@^}S5X=WH)8_R&ct)%rTafMiq$J{Iu8
zv-T~sJ!kC&{w|IfcYP~5BhaG<_*geGqzc*e0Y^p>@VN>6G6BZ}o`*K<oS$YxWw(^j
zk_2Y}4(_9kcCmf@zWLWiGy``-!N^&|srNR;7M!I3HuJe%(At1?c3W(%8Cr>7blxX$
zPllo`G&WJ%-L*+x;r-H@><lVl&wzJ9$rDpPh!^#3669Z5LPaQh<i%urW<q*&Gqu^w
zbJc8L9m3L4Oq6dSrwZ}^dbVG!Fj*1lE`R6EslE|LK?A5`nn;0@z$nLi?^$y+ybiHf
z^v2E8=5F7vesi)XNP;;rvv91Zf0|n+(bleF*FalL54JN+sY&KCinDWJ^HSol_1^__
zVIcF3$KdeuPbW)_=S|3&5XB)}<yi3V_7_Z}6;2FqMPe)_5qd6{@7ev0PThd0nrF|(
zIDjCN=IJl`38Af_iyVQVh`o&<NW^`{T?J;H@0`cmZ=&TRs3_@=&z+!XspudjA(%%?
zpDyk&OW*U=9&>kU0--zQeC!}2g+mqUh~*xT?8P3`(C>RDDuIVoKG=<3i8+&6O7xl(
z@49N`?GqDMkhdtB)Dx{B_tfn5#$02*<=JW`9L4u@%Z$Wqm3FsYuR+<;->omIEAozS
z#P+Lj-$f4`Bdv=h_ioosUa5^ma!yRMEk)IJ_<IvIDgU@u2auS&sNgQ(epvMx&*FWq
zoQ@`F0ZxaXI^tTiCOC{ifQw)D<0x<~{L=1kGfqqvwaZ~L(s{=&QNdw!?QIfi*cM{@
zZ9D(ec6IN4z%(ye#A=EJpRJjB6DIoLEw%>QlnZI~S86S~gY9)l?inl=yG1ZO$5WFk
z$E%ogU>=^nFqSPG*`PhuNB|+j1t$ZUKnMh!rVfKbGSy)zPJ5l|K7QNPFTlflPQO$w
zo~I)TpBk1w*1%}+BJy-?#%q+uL)wh4pPUcg-WZvhsrlUN_oIGq)~aIEM6&a}2ItqM
z8OuRoS%KvvQj-!stB}5!Qot%K2y*^9D<mSgzoJ;Let1gk%W(Oy##}FN97|Ed*8urj
zE`C|r%ExN?Pe0mpmoTtMyVxjt?Q3ykt9+rJ-P&&WL~hgbRL}0Av0#19G<L0`y(EY{
zIW!DnoEtV_xHS-K!NP!Tqd8MPiC_cEllP&L)b*8S1(nF0Lu=T-t_z*gnu7+HMFvYn
zN`2{@+aD?$s<N?`g$vz}lha`Osa4|5e%~yQjTMKRqm`;C3$os@W`$^2<#8RB;UpN2
z`o=(kl8QGjLC1Y{TxZ!Fu(dV0-<i_?RqgFIwa@tgayGn_B{9J%ktC|FJE9fc_-(W3
zir4(`<D$Wq$YaW5oQa(t|0}nlC;$;2Np`*a<*=$6N;R)mqn{$VxHY73<*pDmIQj7G
z1|18^@tYW8ELzx%f{P4Xq)wI&eSe2-b>^)3#mBT91{O`th$^n#;?55@8r1;Ste;yJ
zW~KTlLqbi?IQjDgBRVD>`vAV=H{BY)wsebIC1bu5q&(5iNEgKoUG?Ar27?KWZ+h1~
zAsJps%bnId**lzetv)Ov^Za^6*K?4ss9nAfr$<Zh%rLEQV%tZv(R85U%x6QOf-{e&
zwr`^^ry1(3j7>r?jrv^&L8Mnd8*u0za^vB-=Un2FD8SU;v=0C1AX6k&^n4o^c;k*)
zE9_wnp@KVaBp0bx79gmtc`<f70WjgB(i9fUQ61N(xWpmonkFBxOmtXh%p%vBtZtXh
zVuVo35C9VvtV^|$#*T_vy_iSjxzw12wS?U=g;bZKFcC{vcj*}3m?B}2z5$3SN&xXW
z?Q=0FCjrE^Jq*;)X{XqyaowV{`{A?K#mF{^?#)$4?VH?Pc8JKxL^2o``PAdErYHlt
zO`7`#wv5XDfk37*;qQVF^Ahz+?ng(rC#EUiynMv9u%1*JtgXl=E*^*u$VDV(0SU^*
z&BkwM8XEgQg~r6n+=1ok?=%J<FMqjAju1v&#Pr-pNAIl}K@gK@*SEE|&ggqaUg7pc
zSW{mudU{}vX-v}}@fpb;T##R^;i!@6@FomrT=JkOgYXJ2`gkd_&vEO#i0zkKpsSMi
zg?k0e(ov1~$;v-bCF;HPt>R6|J=V4x%77<O27ES@yzz=q07jutNwG7%S=;2U*o09>
z+_fc)K5w;QV!3N&Mfe`pk+CoACzw2T3naAkQ7XdH4$xV#xxjeOlywLg>a*BenC_fc
zk}jX8F{!ZW+zcUVz_txAn4qe!Pn2U<{YV8Yj1s7CXf_pd$NL~+VH8xfKh~Jrsh&FU
z-7YKRO}Ke;ImG=O-l>LUM-pl+gNl(W1UD$sYqwiiK_-eI+m4qM9yE#i>JgcSnA2B7
zyQBCC>6za?x0<uNKrZN`#*_dtaLtx4po-^z{u~s+*7wTGGGTwrRe+1;Sq}C5{t4^F
zxZ}`sJg4Q2q}4vD?LO4tyRy6NRf3OwzHb;}J0OT2ShDS$L!j|@dT5Ne$h3xM!{I42
zL22K=SW~XwG)gzjhmP?Q2vy_Jv4Q+2bIu8R0s=Y4%xDC-DAF~JE-*2mi|<=c;*Rm{
zIvfSWPsAegV};oP9v;++OV3&`0}6$CJ{ov3l5g5~ivV~3d&MN-@2DlRtF`6^Znqrd
zi`SNMptU2K7=Ri?zShVyusTg`Can-#Y|A&iQuHztbl-uk!7g|W@+{hgYJB^V1H8m(
zcD@l%2X3+HZ`?Xb^x$po>26X-Z2K@2U7I(?<=`3K@In$@@IV}IgC;iVsqZnNqNwfc
z+gPqIgI!9Wi<s#@yYAKtT*9tbp@g8vjBq;%5#9%%G+Q<^i?yK@7ZZnXEriC8Lmzm_
zFA8K)r#$PUT9}thNwi@Zi0PTqR!PZ1xoM(Mjn;RQ+q9H$%Tx`4#%{)eyT9oRtSmP0
zieFJ3q=sHT%>^+SfaV$S(>b~gz?dxP)nOKIvzxVJ--pfjA_JG>K}!nEva#jb{8szF
z<*8A2pT1sW=0plwpA%}WsbL;NeC{tk|NaD=JXOxKGyl>+7Tf4vMu2NfnPjOA7CYd+
zWJlAHR}n!^&WKISx|@8!IFlj+Y0M1hZts=?!loo`A$Vf~Lx(N?M<F$!rTmo$32c+|
z9+C;A**)LhOjFc-`XV;tiu(T2JN}^^z2g8_PU-XM3?%~)w&f-#%;#`Wv!L}QL*V16
z-&-;WYWU||^!``X9kfT;`qOm9>gf?2^Gv{F8a0=Witg-S(6S(O5p7v0p}JbF?1oD(
zp_34*iBrwESHEZn=1gWH3J+P~<|e>MF1GH*pRoEpuo!(ImaRhQC@FB?u&c9-cCph#
zVKB?M+l#Ld4|QdSSlu9p5rA{1&wYnD4%?UChr%PxaW(HSGf%Anlu$)Cv;OzE_Et^L
zA^Vyt2Sm?>Def94e7(p5WTsHbR6DwAOq(<(1~dW>v()3F$fsFjX^#gpW+*ecTa_6M
zTX3)3AegyE4_q}*oUmPOoDk($!G$KO+FWDW__wOuO^%DOp0fwvjASmpv>ozqQtr%F
z0hx%VPHt3hM+<#XdjRvCr54%21FMbTVsa4ztOLci`&bjum}tR27QNLMqa`1{4nR3m
z*eMayCG%q4>Cq%DE*VJ@?#Ium(>4dkx0@R!w_r^(_$PCQmN*v-1lZ$-Vni;Ev-)+3
z_~Z7|PaNrQ`_r#TgHkbC3Jdp_9o>lAzW=a8TgmBPGHbxhK4OMk8eIoHvB$o#t3pM~
z!Q}7|Iq>QXzRy)2#S0V7_1}69Tsf)GSrxEfrKki)aUt{|l@}hx7BfkU|NXc#x{Cr5
z8`{R))pRSxH6?}!vGw}ny<wJGw*)tAyP;a;v!3)yP>m9E#LCO*Djvay9c_-?lqY*>
z!Ao}0p8~$Mi__`DAX|s>7t_eplOM?aX4eH{AC@7L8H$*f3BZ_4J!GF(nQ2qY0p9Q<
z5dudL!=>3B9oUm6Y4E;h%rDm7QY2T*aM+AdPC%A~W&w4e$U$tpfA#@_p!5)@!!OPq
zkoLKYhykKQ%^An!>p|tfe1A*^q-Vd@8k^8h1$?991dgfzb}jA=E%u1jOuUG*8dJVP
zTj|jE%tIezVPN@2)cw>f<>EO#A4~{a+|0T%1=@yqb}=7M<Goq8(E6Di4-}N=(LMW>
z{!KGE%~#0R?go^Ix{^+JAp!Q}CSQ~c-)`h5ib3vMb#FsH%V1@rEvR?=Qc?V42*b7i
zxR-3Rqq5OAGdW_rSA>5Kx!wG!uZ|LMu{O#PVIx0eTcwQNrk;>jh#wv4hjG&vc5|0g
zeP&109_t4DPzsQL^n>XvIFQp|qr~jfQg9@!R*lWICVOZ8k?W&EwtC6;(iH<(Jc=0p
zI)<tq0i{*}qS2&bxDhL#sj+3&#+jn<W7D15#G~($g2%BU#_F?_YDYXMHFkKkIl<M{
zbBRCgN*t`D_*ZPK;0jiPN<m^r>spq$IPQS7=am}6d?aL_aONIP0XG+mlw!6Lvs~-5
zC#*L8BYPXUGSX9??~Z-U#sL*^tmhkWyAJlIh}Sk;cJ9jU6k<Cbzcrv{yzAbqthII6
z$YY};{xi9UEb<Gu=JrOCUS<^Pz>Dngozq%NpAn9IeaoL~Bc~}7kQi(d{$P|>Yr>e#
z!S*hgQo~)4V7QDS-4Nx8?+C9Sc(CD@_WElknb>ql^U60a)g|3o<|Gka%`cA~J}V5&
z-Gd-RwfM7FP#ZjmJJtBMU4d<zGZ#jLT`yZ{7kkcuCAatGUIn$_g0pXe<W{drC~Vu^
zSWN}^650JQf<f5g>qb6!c8Xa^B(J~ZO3X=f9|5j2#u2GZtB5H~T$*iSN2yPI8^MW_
z2O*;{72UgapqS4(WcoKUjb3hNbI7Fr>A}@En*`WcPkx!)Xo^y)-^95lxrvSWQD*{p
zr6T_K-}?5UfFwjy-B_C7x7iflg~hikQC|K&UF_`NKO8}6OtseGIZx))lc))XvlxnF
zphQF5Vc}WuGC63Gnol631oj`H?5Hy(^2_ig&H3bGkI!)aWMo!tOk`#<3J-hRy>KIJ
zf<;$iGT=Rj`-QWUlr!d%zl}i`6n*^pwYwc@eEp@XP=&%Y%cDMh7&Z}g+)oku^ik~S
zxEyAbn*M<eKEWf7xDREb&tauOzXvqfU8}NpejTmXVRU6cv+6W_F9_UWBW@!=svb_$
zL!9B=0$E+06ZTkahk(cn@!XCulomVkV!JzhXKKuTkT6-)1hpzc+T-WQD-a${sT9*c
zi}yJH@R<`AZ0VqaTr4*^<XD}Fk{i3uLgjdL9N;X4-}29t?kFQH;})kk%v6%&o4->9
z1#xbLbG2>VK9mj66@;F0%OQhqw0%EaYpg@hA=?_5XQ}QleP1J8?y0{#g1lPqP@5^Z
zX(G3!Nd=XE(Mh#<Ub`|IVnJNAx%T|4EJfe_&5>P}BG<Qr68sr^RC7UPCDJ_vhc85p
zu$6}+MM`-c20x9|elg?8rb)qw<l|Bv*N*{sqdP+rseCp{-mjz|um4yK-~v>Qf#YpL
zvkl6finMwqPm|#`7F^t&v1d^c=M9%hg+ynL%v?W-sEglnE;R~z_74eqsHh~TjUW1p
zR^Vl;$-+HCAr%w@V`T*8)Txs0!TV3EK?zhbZts@dQo7Za;2v&dth7b+WF#qMNcu(=
z%^yR;F8LW6-YouHO97NqS!QMgQyVFwEliH9ax?eb(WR%<4a~#32P(UT*IyrG#4i<$
zd2Eb*;6Zp)&@Nt1Iaq~yQC`>_vxN1JvZ5%+e7~JepA2n!=u^^&!7YpvsYY~(h038H
zG+#CfrrOGVOmouo^$aI~v||n^#B!6K${krnKheOc<G{cCb~|e*?H&X@KkGS3qAj6^
zW1Prt737s)J06k7iM+UoiCkaTbD}r?K+f*osii;Zlum}ZID+<^|6DO^E04uL^L6wp
zMfiM9F}yhUOoi8ftgW~Ge`q@Ia5mq!jX#Nmh!sRpN~k?b?Jcy_-h0<p6jil}y=t{)
z?Y-6Bt)ND2YE@~C8nx-LdGmdb<M*$B9(lxdU-x-^&hv8qo^L^>WU2{aSSIhIe4qI9
zwA}oy0YjSmmrYnTEj&YjAoZ#S6toY)Dm`f)<t|QR%L8!%&!t)k)tjHr2SH-xj|Ztq
z*9%(lT}~D&_PH>IEN5qz&v1X5)}jiwq0_@H`%H3hlQ8~KyeXZ>#ybRrx2Ws^MSePL
zdrbeE;57W`ZCRwpisR_4YqPHxgoryHa%;jyNkf1;a^A}W3nNDtQvFw&cr&R!?#HF)
zwg1>oy-3%i66qtWjktfAR)K9>b-FQp=AvYIZ7-OZ<-8B=2galgjMsV`YHJ6}_&B00
zM=Jc@l|fzxKqO{>`;V<SG>)&M@NxDI^KTlfnCQf8$`FnP5wawLNm2YO_Cv}AlAjTR
zBxsoXZzykh4ZNe}ccOan(e>rOryOimO;vAOaDF)yoeIm<@BKLUV`CDj;k>N<&EK%L
z%_XjYjd#ydE@MQrzv~ENiOGio4keeBrOtYjprqk}TsUZwoTtho))UPO1lnMOb>ygC
zQ-xCDi@D#$fa6OnvV#rcoKK_E|0~*(;q#;k#zymsq-{9VEYc-?_VReS+bGg&Uq9eu
zp6PcrBy3!~hWIu>RoZ0uar{+=z{QObMF>x~)=Di7Ry|-k)qp~9ERR?jM8`rzTu=KB
zaSUl>q2wlT`#B48$<=%B3vNy#YAHrGy8)Vib@3r8^5{2vr#<A@s0OSxvUs2u6b?}H
zaQAp07$rc*SOa1hTf4H*m<^)dv++T?`qIx;^^&If_!%tVuX-Ud$o^X?0nDn0w+0je
zl(j}pSvW_*^YM-<rUK$^A5x$F*zNvG@WRHFXmN;L;L7Fuh%3+EwQC2V&R5;HQ!y+b
zgAZk1vmu?izrDF?r~<&CTFFKV%dX~oUa1GH4omO}7{(XJneA^XX16Zj+_A-xo4z$D
zaQhIpHW$g@_xXb^2$YAR6KOO634J2Xfb;SbU9^V;-v!lqdy9$yHnw-s*9`KQtOt&A
zsj44>6$*ULG;@5`C)+%ZX7#W2vfx%PmJozTQ}Oz3>x&8;gvVC0&&Qi~1aJ~rAl?IG
za)3#%ldRU?1Z%>~e@Uvs8FV?!@$Y4aCl@vYZiUjCe980lmGpp?%-!cL9`-CaGGk{>
zYputZZb|aA`@JVjHn@-oUUGrTedgR5@L#KXbnNMT{JH85)ArWoxu<7KY6NS*<_^AD
zy96X;dy>Vg0)!8f%<+qq)3@SLI4*iZz`r@I|KCU475QaMZiS)CFrdI<zm;`7zw^So
z2K){`zg_S?P%GQ|wfTFnQ0@TP;g7`CHW$syg?z9NBvjMfC@Rsi1rfyf<7;A;WHk%N
z+Qj?nL9g9jT^20p8Gxt1l5@bq5a_j#N(Uha{%c3%B8uPVX1u4!&dO}xYxcj)JfPx%
zy0WX|l`rX1y>UOt9IO3vL#1;3Y2-=W26jO$QN9&!HKr(oE6#~Z?t}d#XWOi<M;&L`
zFP`^1F?C04T393|X8XPnmH6-sv-}u+9TWlf{wNmuXxU@F<+HFux>{&%jVY+^<V0}E
zmFvNtU(o+pfRET2B*p`HwI+m3rQ4m-+8;N+O~|Dg)VwKo=wo!K`tNmqCfafDBiQV_
z?{T!Xsqxz%y5y&PuhxPt*QCDi2??gh2^97ieV>*lLHFt;2K4Fefh0EuVbyoSzjNQ9
zGG+$MCrh-Q1>C%4E9c&fkR{RDq4rq)%3Euuo2$az_Iveun^tqToN=oXU<N%83?_Nr
zQ5+v8D>`qAWnZC8pIdFvFL3&%ryEH0mzWZC$JVO$!vgu>$hW~iF-X$-hPv>o31Y!T
z0jbWHSPd;J=tZU*l83;RS`9Bd*o10RG_B(W#@Ex3k0H>15`DeUE?p-=g+^i3vnr44
zRjFTm%`@#W5<{&`Jb2%yupdIpg8tEK_u&heO)rGD?IHCru7v(}h~(#g_o@V5=i~+1
z0Lf{xZiD^VFm9;)38l^~db=DclKg#!ZkCn4tSvc;WdgAxO69Ac1*9y~@Xp10TYsy+
z#4u2;co9Xbd3`j&l?S&NH;MAusQ%xDCai4P?d~_woIP`r0<D+;&-xVaBb<UyZe)7U
z(_aOiq=Q+Rw*f@HKa3<*50@VaI4B6P4!x22wtQic%iqrGtkL+O+BM$lyq9a<%UXpq
z*KdQP#aq3cj7ANQ&a-)H)Y<qpl_~D`H`SwxDrzR=it4pm-~~KFp8awVs|3e^n8(F9
z{ZdY#1f5L90nfR*&kevJ$!G-IZFC`!_yjY--FrxdfJc|}9AgmR5a2QD>XSm4fi|xG
zzpofvd7tofKE@Wm%(1~frUkT;qUxM+L1~lY65F!$dxt}$CN{sO=dkh>0ut&upSBXx
z%Eq5u=zC@IRYF@)O@M51Zl$9+Q}g?MLdblsD5FK<rPTQPwf5Co%>6HEKlxeAkib-O
z-sgYjvq-Gvk2XljQ@%DQZ-`w4bB=*~0Ds8G5V4CW3Nd%7gak@L9M8v}rj=v>7=vup
z6g~2m?ypIEQR`xZUbtt2{gTxVy!Z$qPrES#DtvclF6!#OM-9J_ea017UUk%aAC7?Z
zw%W}(dQn+iUH|nuTjNVCaDF^4mZZClGRFCZU#{@a`P}!2?aaG}-EwopJb7VAV6?D3
zNLwQ#)jCm2MZyEhlT*~aR<!<2F@Skem0o+1T`iV&sr#(v#AZKMVxEK<CnK&j=7>Ff
zH~oEq79Y0WHl_j1uw3mobTc1rJ=K4xP>@6wYZK@}e;Bu_<&FGCs<AQ|Bc`|pw{}A1
z=qIp>5BS0(axYZupEC=epRR_7)+P(JFuc|vy$hB@gH`aDO`HRbzTNqBb%ENcx^^r-
zk;~ShY_n@QCjkX)Tu21`8ehjLtV2>S)I~BrJVwjX`q+EZGj3;KJ6I1)<XB@M>8>38
zssw9F4=pFHSlqwkPv(8s+~feB=i*QLlR;qxZ9CbDhPn5HSC06DPNzL0e`}s=gDS(A
zKfc<fXcBrX#$|habQwu0_VOkD`@?%Zb060KUy0Qn^4tuG@mv3CwIp6~QhhlM?>C~L
zQ7xSkelrkv$%cYM<YMyKn4k8&;h*CrEvn%RAJ*Y}T#FcWs@QOS8gLW)Ea3M?i^q+_
zlX^dzu&+V6G`6P~LumQZw%@<xc(NEDW4CI>DmPr^nhcZ{=H1vbrc~-2pch|%C%NER
zeenEy#}ubG8<z=p98Bivne><^dfAHav8Su7@lc^wn9h1hi0T65#Pf7>=N>y5_pDNC
z?;X(e3my{N9M;n)zJ=Se_F>fiG!@?^9P)|*3yJ0r!THmQY3P&+)>E05u6GbPJaRGX
zO3Y24aPb?nV=W<?LYx+0GwgCP(~p&<Q(5)bB-Lnk``2SBN-jpLWuF0aWXJoKz*=v&
z#W8Mfx>?ym;sZ5nk$HV6BT@~nSA3N|Cb(S%1e1cTzPYD&N}5WMxQ`EW3C(r5t>=0F
z`?s2T@6qebx3Bme3cxT(+y0fGi-qpiqAs<uiAm}9PW;-Kchu3(7AE>_WozaN+j5O~
zlv^Pg4LeBiFonvBqjn_~Put~JH1p42J!=xOIBhnxS#^Z14E|~DxxY55?WHbj!XFm*
z+ZIA~lx;Swjs-8{%bd52=xZ<4J`R$0_ULqk)pY|*CGXyVd*~wZ(H&{EEv^U3dFd83
zUjU2bl{fKYwWb%;n!|0sr^2GksBADbhES~<9UCqzfnn-u2U*h{VL%K1dT@H7KA0x4
zdoGdpa`0iA*7vN-F^j%-LtV!UMPku584CWQYUSA0gim$*j>N2*e{9y@ARb73pyys>
zhF$a*>O%t<K#ZNmcL@ACj>hYY2aac8<W?ncTLS_K{Ar(?8f~+Vie7zJW5d-Ran(?t
z?VK1X@gAPW>AXDL-0j_a2ewx%L_bDYAK5$mzPYd5l90{q&N=9*)G|}{07vewQ5y1w
zJ$a$|M;2OV_s!$#B(v5j`S!8HHOe_jYi>1s+tHLH&{4UD(Xzu!d{{L=f#~Xyjk45-
zzmS{12O3ugsi3_>WmIyhcsHx{O4jfcq28McXkG<K>7bKRp#LV9CD+#h`Tl?=QnMI0
z@$cQ@)L=&Zi7}e~*~cw8_%OM6@txN7$ZU}8Q$ZQ8e=Ns0`cK2J4rmRb@++qZsZJYk
z!v=$FGfMK=j(Th;pvE{2!)RJe$IhxgGh>w<TyqN8GL-ai5vw>}7nTPrB~(ZM1Ieo9
zmBXUXHuv`(ow+zW<SYu1fqlwS7doOJJ-yj+M<Wd$<?zzmS)sQ;;q=lt8wmAwgyNFj
zwyVvbp6`P+IC&WNi!!fp%P?y(9Ou{SeH!s+)9A<BuEcA6jFqCL(bSoN5T=chbyQvt
z->0znE)&_qF|q*|98{~)c2SMV122frc33bpH103F%+eSRejeg*SZ}jV`VH2DuU(;F
zA3Iagg9}~n$Re@j0<aRe=ZBd%SyrsecS~)K1hP-ZN57ZP#-($7{I+oF$Z!*xwq(Iv
z8F&E=jvl!3w8(ueNt3|sV|NS5{UJgur%}|g6on>NCqaOP=Fjp!>H1tcn%P{6B@)yB
zQeW+weF`xz1}ibkNhA-<krw%bjd<?y<6r+u3j>g)@H$^#)>?_+kg7RO+^f9W&FQrF
zy|vc^yh=Vb!TGBg%|F(H8844|3&mHWbn?CV6Mo2kiwHhnetP9}N;A-yo1ex<k-u*t
zsf1OgQ|0jai$+d-5QY>_m%l%uif6_RMv2~m7Xq!ogHP=4JswkG&QB!9fdV^Wko^Zb
zAQ%W71k!v?_ef`)atO!o2(JXcpRnsvYIbntRkij{<Nz2YIzM~$1iS6+_53TMl$g-u
zH+er}6*U@E(>xvb?SUyQuT|{d8DnDU@e$FW`(W^1Z({C_+>gg5w@;tr#^akRYR18q
zdeT%So4LsamfG-an)Ksq_RHh+AF`M-%iTvpOw<ZLIR9%;sDwFAi9C0;P8p8b$><B&
zPHW1_#!*_%8t|n?J7k!ND5qz%@cdcbt6XY>gR}QF?b}Uw8N~J>zu47&jz6&yFw+uQ
zPnacu%qmJ5H8&0D-xEwuIsR5Ak*vcZ$uByMk0VPb@2?!zT1IzNTJ?~9Z%{iP=nOmi
zcKbad_~u%ho=#c4?@7*naUA4lM>%<ZMWYh-vx{WZ^w~h*;PD0{<EKu7K~(3_5$%VT
za`A9n4<3?fo%t2d#=bYSBJtfO8)R_MwyP^}Mt=~h%G{&i%v`5WlS_IwBczb^ujJXp
z6ZiLJ?`1oQ=4T6q_G-6(yLS55?;nZ1&MC~Wq{1LpY_{fB|Jcn!`Bq6^vmCvZeYtWN
z)WPV+7(e!UHs2r^?^$Q^R~&eq#`olh3OBYY=V8D<_MEoe<L9q6iitXKy~Y_f5^mNd
zRV=ZzrAalU0poxkEDOZemv`!AQ4z_P!;H#F1t9_VzXz3OL0uV?O7oV5NmeKcMQSR%
zXP1I;)X;YaviqD_$8{%V;Ob|@Ydb`6{}0_fx?LZgfxPRR2Ulz7GM`>N=c#SH7msTt
zd|RGUpm|wA*q<6<x0ids$FudYg|81chl?DW-%Z?KNsDvVqP`=19yl<WElew>03#(U
zt@BFn)We)ahpVg7<R}Z!?Qsfr*wO#l`a@Z12gf{{Fq)9o+X9Nb?^?~3`058W@wv~}
zcXvwQAMM;|=irqK>S1t(!Fz@+1w1-!>{lf5tjE8jNY{SLeoOoyO&HH0AUyThejT)s
z1pG{fa3Fm;xf3R?n<!7E0_kn0diC+{RtB_Phr-LFc<fMMUp72A^dQie=D2w6-NhYf
zsHcHqKDS1u3BkWnxxDdxz6UXpg73irj*q0lL8mUdoFmA@?xobJqGD1*oKMPmqISSZ
zby=ZJi0nDMKjHe(S?_IET%L^RZ+_}$9XewJct)CFz1HgH49Fy>@Ct$Ezx66v$?)qZ
z>{`**029`?EZxQ?YmRj!C4?&}lbGhSeX!eINy!0o{Vmlk0&O~q<`Ai7Hl?HnAkY@?
zI`bU1NRX>0OD9ekvon+z4@dlg8FhA%hQ_fKcKQt-&$I-Eg*gQ2V|-H?%uYiLl%O2f
z?7HxqBQxro%_siH8iqVYpOn>S?$J?LrF|C9g8&${kQ&@~=pb0~_>c3o(n!Q07#AYa
zYN->Zv&_C<uLT`F&*O|(ORl+J`z*cA65Bo!mKGN9d}jdo<D__pe-L7h7dmDk$-QA^
zk;)inGQ7P0R411DhgjrlM)g}3T73{l<J?g!&gs@gCA<Mbz9WfeI}ZD?-{;M^_f9H4
zS%7%S=7Kka1U@q`kb?$uU_vrpyWQT11)UE)d_4$vYqv6e1hjTdY%BZEFbm|zBf1vJ
z2Mg9c=4YBwh-y=c&_Qcgsm}BXia)czDVFg53=n*Zo1gF5Efn4^T324WwQh}tJ)=&X
z-uj%|+C@w^KSQlIBMWu^c_wzV%6_<Zz#FFI3_G3|p|aAI!Z1<f+XaKNlmLBpkaFf)
zIv?q(<?VY)c6<t`0sskF33Jf5Qf~f)p=n^oYbWga%)_pO<oh7FQ_1;`l~+zL>T&5h
zf$o2R(*+V>6ZnvO^%WoQLLqc^zq$6!?T_!vaYbLeuSYuJ`8C?A0pRED#Z(rWt9$>R
za2`D$<i9zH@;_QED1Sijr6+|kree-xS^032nMJ{!vi1wdxklxAudURVS20iOch@9^
zCt4ao6VX`3H>IB6=3ll5-RC@8Z+ZCobtk)#AU&ea!zoFQ#1`y7T<X`@Tx9X$m)`pv
z{h%=_8J^rjhI3im7-J>QT$e6aYu!uEwfwIW7XWg<-jv{R<mAneGsJ;cew_rCXU7aL
zN!eb$Wp`!4?)U(Tav@w!drTlLRuB?fOG$Xuo#$nJ88Q`0NXi1t@p1PIL<9*x=1=5O
zEBnCdH(=M*>`naK2`-0Pm}D4kzl$*;`S%X}BcPM$f*@N>R#KGa=-T<&%4rAt#Vt1Z
zY1h=lXF4%YtH6$*8|!DnxW{t{v^j|PEz>v|0)Nqbe6=O_M}6qxLeSHC_fIOwL>ZVB
z;>g4Ww7h4)vC1Re5}~}3k#PHNAnytG317M5!lT!-InQrXN#<|`;H;Uv_{)J)R6nm=
z%6Y_VlxEHM2V!Mi69(tx3#5AEI;2wIp2dI9=3Q=zv|?+%X<AtiEE;e9Cs@e@c?dq^
zg5N*l<K;fPZhUg&cFLIPg&`Bxn|E0Q{W14uBg70~l|@*r_)Ax^yczp`f5RuTCtAfl
z$;`v=@%xb>{1~;B$=U-Ji4L3Eimf;K(fYpw>NeB>xV`6v-(@(q1v%bP#>`=Te5Eq~
zvLnV3PUa?F(7AnX07?^uczmaghmxPAr%_!Ue7=A7{r(_gV!NKEN^&<0>}Bx)LXpoT
z<}OsQ^6m81`sbQ!s2mt)bUGQ+FQ0C*<5it3EQQGlDI8yP+SF#gA%7e?w$J1|Af%6V
zShg1*t~g)!e9FJF*uTLM*XD3|n{#<Nm3lm6iIYR#pxs9ZOc12LaPZY(&>DZx(ZWNP
z_~F!2Wz6`U$!0wE*=rJG6|f7OlwMOi;IxO*=c4&0G=sFf>d$INql%o+dIS|iHNHIm
zu18|Gbb`^+y%8ZoOv@%pp5m#gdK&m+LQAgi9So&(pyxR`xGPxw9weRqntKGP+5L*1
z^D9mMmMYX}mi`lM)w9)CTez=4(CsMs)%Nj0g-HHp%ctgQH$e;9Buxq{U3V0JJN^C-
zMzN5sR+5ff2<~cfGzy>5kYz^;CK$0g=<4gZyBH00=1}5Ze%f6=6E5k2I8A+HTsTZ#
zK^|;?;GLRmBPqU6EjauGc+rH*3{UO4?_pPyGj;{7<cT9@vRyAGaK?xtMn}0x1ydde
zNN@x$|0Z#*`_@OTuSeAcmQtT4Kt;A<MX?f21<ud`fBb#<+~w=TpBJp5vvw9{-4!ou
zAJ-7sRDa)i&bD2Gg!1jXPb7~Qa;#+k%a<6^ReunCBPaVvr{}CMrv@x!c=7Q4$4|nH
zf5rm?X(s&w*qU+SL+@*{7<(_M4*uP6LR(x8`%W1S<gF9-G~*8&oqeS+{z@3!j)SPz
zHEAr~@1`LA-Uqt_x#JHFDRH2*=X`3B472TfI`cD|iL_R}y<F^2xMV4gHsHyj4v%sK
z`R?v&oO(Le9$tK~!<<`Ik-1tIJfK?1o)u1F@gBOxT}>(9-;0tTtG*Vk1k-$@AL0g!
znhTME^88;JjoSK4MjcOd?`Kf$PoU*E6)CLFIG#%Xb&+|HFI%}{+PyDt=(aQ)*jhOg
zM<<esgX8t0F-!v3JB+yGkbfPHcdfK_0lOgU`$JhS1eMUUGHzgI6eyz3k7uN;9%Koz
z`um1!p66EbyJ(2$Y2r^qttlt&tVcLA+5Qfwsgp0(?Z%JMuk014;N~734sT^dmfxPI
zy#Yx6+A<Oj<s7V_;kO=#+QjiCW;Nh0H+9-)p@pxI{NXlxu#jqC;-lcsJ12~i)~5#h
zZgovTqltHDS<j%*R15!)DPbp==m=h_+HET&_8<ZDdNex0s|AkJ4CZsbLGt20+}1n7
zZ@o@s_IA}Xsy&-81dnTIKBRZ#K=@x14He+Kh|~1tBzkpTAbVnU_#Vg>eWH<|8F=X#
zzS4aCkT|j3#@Py26`O<{r-aI4{DeRkUvy!SW{f!d$t(eX%~^9fXXuGeH@8Fv54X?G
zU&?{G!OfV~X8m*b0hQD7>#{HKpx@g}Qmx)<dEL*&7_c;Uf(mFeb#PN9NFp@9A?57*
z{FCD$)ep7iv?#<%p!10K+WouiI>JeyFX1R}{6~aPf3i-SyEyo_L<Y$Fx`DA@hw8b_
zrXB7fL(k>KHN_X&3WtSFr~i=-)a_%HA`5YGSTypS66;}Y2Z1Cog5~xD%YwHfyusH2
zZulOLNV1pc$?`WEa#%340&@4Bp(9^9MXW_7p5hJ%?fFVzOjstsO5dnV_x+nUtI8pb
zf^Vo+Hq6&+Gx0Ml5A$O2>InCQTSH_fCsI`ENHSbaD7MK7@3f?Zwb`0>NZ-4r8SfB}
zOwJ&5_BAy(>Md=?tx!3|CTm~KUq`X0UuuUjR8IK-QBbIfDtK>+8$H<i=BbL6kn*wH
zsn`0ae91&|Tu(<dZ;0X_QEd(<=9l1gAGzTeusJXyK^(zp*8m<P!hBA;-}$oAsrmbt
zPZ7k9Z{b=ylv9g)314n)GuI+o{R>uod?Rf?XE(TS44CMpw%hpGwZy+>Kep_a#N6CY
zeD@w4^f2EF@@@ggeJ7H`e26aQsMI!Z=&<|RK;J$T>ng56Kgip!Y(am?ddPaL>Pes8
zCfQ<VnnpG9hP6uDoS8F*xu01CfWW{gKVvIuQ-{ruvOp3?r{wAQQf3a(@x_zOrC$yQ
zOTTjtn=+m~4O&Fc^C=^M=o%`lpR}h7ddu;ytZx@tMbm?gC5w5zXd=_lJ5=DJI~4i9
z2dpI)J8g7^476bn%*}ys9aj&z10JdbA6TdajVd?Bjx7MD+KloFG4$|fFSuf)2M2k%
z?R3AX8Pzi}_H3B$7Jsfag0(O#O+|=~7o%vo*)P{X;~~KFIlDBu`eYKHD=p;29&K_%
zMBTjVQLU=VD$^dwYH#3fA9;2@sz#T7FXN5;TsWZq7Yg%HtMxZ)Sbbz*P!Q64vm8x|
zk0cQ(Z8dNBsB;%OJ13klr8ZZto_blG;L06a-%+8bLge(Lp8RUBqz4+wBCPjZg8<sl
zz17MIL;RvJ0*3T*);cvwimLe7Ht2sel-dUQT1DgIWy6Qj#~%W0;ZDjl=^M>*$aBJO
zpK`P>T<5}5l&CUgJwU~30D}*%cH?{t2DT;oL*|mjn{W4RK#z-|e#lU7OJlM;mj2Yu
zg!<1cH@mBEqsx3#8;HWd?J}b2p}><cyz>Q2az-Sh?0+*|8AG)45bplV^RPx_wEiOd
zuG{$YKuRtR(jo2F6>XDY8~Qg(wZU9Q21|z#VHKZ;fDCOBUlqbpA^9L^v+#?QTYces
z@9FQ7&#O;u+U&%AXtR10|1z$yR9EUGKs3S5-0@^#VNd|Z|J6YB2MQBHVwFHt7eeAw
z?+WMpD9&Zx4MYIxZd?il>F$%G2B!k=x7WB7PJhwZA{q-3E~ezj2Y9;;TQ4Vg0v>qm
z=18Z=Oq9cXr}RvD`Ue*UX%r?LLv0Gi+)P&Xzd380{7feWnqEa5|E4A&zVlnEA1@mZ
z#I{xQ!39&P9dKL0^e1uHkjux;1~i@*Z?yGK{9DPmKwgMW>~hV+Z3?8d4y^8#G2-`U
zyN8*;)e}?Qi*^vkt}1FZK!gf^aX|;(tw|btq33p{cJ2GDsJ!N$;0LB{);1r{_?JDw
zF)5LZ(tZ@lDdSGi6RskuP=K_*3V~W-<@m?VK{R@+yT=am`P>B^w?LpI9$?_t=nFP|
zsgvm>q4u4|zFmFykqB0{PRKjMNA@Kz%ef;f!s&lun)T(>L}i-O2(7XxvEkgkSzeN#
zz4)Il%5FJj{Iizq+goU90mrTd0r|g>?-}onQGhyEGPkb3R9Ba_+I{ac8W>9jRXe9~
zpC#&8&ELrF$&hd4In#QNu=W|VK0f<MH?S}MK45d}{9Bks=rksDa}gyXLS?Ps3iK-k
zh06z}+&M=W0V!{t?omz&m6qy6KmM{!qqJh=M!)<>S&ikdcn*c<nCADxSN5`ffARBC
z0}jQ4?94p#5v$TNSBf<AuH1u>RQ=PV{$Q)VVe6E$sE5fj@edJCp{g$2zAgU4A_J62
z+<&83aQvm+lF`N!Wwad67`{=p+!OdQwQ*PDe71FqWhNb?OtA4EE=asrzYelox$5q}
z=J=Qt(!S7V0JwpRFV^%yZO9Kk!{ys!B?{SqE;_Ds=wNBFD+q)H9+H6r7($2T$wY*s
z+`nE>@VN2x#$F)cp$r_5rM>uC-ECwvt6uhATmkMZULIr?o4(g)WENFPCw(XDO^&ET
zG97F(GyYQ&3F<YY?!oCjb?qycLDbE`dVvDw^H@=BZzAsqo==IiJx}m(WesQ9GY33;
z&iKMk*#zFI<?dIPfpCMFi-(AKBE3J^4*Av-`(qb`3u9n@(-xPa$+G-X71HAG%ZxoM
zk7EO$3f$+GJFCH})_Da|A!Af-wN;LnoCCLMl<lDjn>9N4J@0bH@dtS!AUKGNNV+XZ
zmG;38vxL9gD%yH05rv46xQapq2cRM^ligj4G&M+H%Q4hZ8<=+7kG0w=@Q}KlV;P{l
z`1;bX@kGGZ(g?I*h5(pcu;Y{uyL<z{>8=mb?Qi_0Afhh3J-DA~4LkHV;(-rx8X2xl
z{D}{{LVMRePVW|RK(gM2E-aIK*Y|Eo4sj3vL%NPM@RB-Ehd0Rc-K~l%K0|AsYNB4T
z-KN?mXA5`a1%t+}c29<ZIgxZ_yX(a8w`cvouN{_qd*v_>pSoF$=>DAkj>H&(4D>FJ
zL#mwXudh_}((qjl1LcOAtU3Aq*<5a_m<3os587E{%n6<xuZ-N^CM=uiXi{s3Y|`@#
zv!XC0O3ujcfFK&`YHo!|J^~{CeS8l27)#?7eExzuUJ$rtmws2BIc-MUZ2NhdHWRio
z5<r3nz>3TgzKgFWc>w;Z(Xl!J%=3-MX12llEa1i2?P+VgLk>EPn3FCcv-EbOK$f$_
z=jN}>ANA6tZ-%ZB%Jt$5C?ePq!phtn!5H-9-h*Ych&6f3?~b~O@>+(ppK|7f*X~iz
zTg``%U+t7Uefhe$bgL!04L~QUV(-$q=d*_d4)(UKUBR6`hIPaOB79`l4*svTJrMu?
zhJ4#D6JJ#kD_EVe0%sY7oAJ%Zo&aD5RIQ2O$2n4J%IqEKOU}%MHBTr}ov%WL5ES#T
zHL4NcZ6l?q4-^98>nRmZ)tS2OTV**2emZy2DnRy|9w|luK>#De0d1$HerBFed1K*S
zwa4ic;1udh_iw3x+jc^^q*@(dvVqTGVcKI7Fn+1<Syrn^60xe~X^DP5OPYa}za<>7
zA#$R1ZCLHHUby-GL&|Go*bj$Zha)}-IUT&nClnY6kYCS*k!O@Mn;qljJeMOfo+yKL
zm#=Sxlu;L?#`o)RR3^LA2ig#BSqOTYeEXWxQYp`8z?aT`k*Bk=@!@(qv6$A5skA;Z
z=huH9gn+LK+j{Fl`Mk4%yg$Oi5MPxXj4Me;-*@jG?@zoRyhojaO(#!kWRpFfA<Ey2
zaZY(xS?sg@k|Jtx!--Z6R#(Xx4$k{(g(M;j%C0!ZIT$<FCs~!+dAN@9J3ev$Id}CZ
zi`>fACBVGnV&iK`O8g3CT4CbgB~d<p`j7PS_|MzMSubiW`XO6ajOu(klitc(`zfL)
zx;`uYH_!vBq6QbohyP;%mb?@ZRvorQz6czn+-E4$K#_NiHJLGhlnl8uK^&_&vD62~
z@we9@Y%^58Jk?}GJ5X2!E%rp?&W}eXMQ3B<<i+~FDv;J0s{HRt#+h^5p&Ej}x2z25
zJ01*PS?E*O70}gTTYB+vZI34WlJIe*dp!?&=!ur$#tnd02?;3}ddcVal%lmvK3^U)
zB5L@R!Hi9(<vruw$EQAAeV$)Qz(&J!4c(6-fL2$|eo>ijLc`}ZA@lbwPZi!9_K>8{
ztnB7lL~$EZZNf5|@NaT#@&3IWaIfa(8k0QoC9GYfY3QM$bj$gdSVfaqYR;z{fpBpo
zZqo>oQjvA$13VQqY6XhM>i|0i8NJlbZfIStZr4`^5hm`qRHQn+F1=RWi*~80TihW@
zkb9Wra2*E)wZF1)b#U&QI%GO~o3(qK&S)HUQ3*zzzr2-lu4w;=u>9yva?sudW{~Fz
z1>g*Fjg24|G^#*H>U^<WXcj~jv2vxaaK!b=-VSeM^GNUA+8=kFSaEa1Rf0})mJ~Kb
z;h(KB@`rP_LB^Q03u^?SflAJf*rIR`aYi{>HP5@i%-9qY`AmF?3ve&CA$AS(*!;>4
z4`|@Nx9&`Rfy+6OR&TqUyMx64V8m6_G!&)T)e6n)s9&@;!-7R{(GS?(X|=@k1VtR)
zkfQjn>YY5taWe64)$(w(Ca6?6mR$L#iOJgFT8E<smtWZFkcV%CZ>GQ)c;R^R_icyb
z8vt8SFBZwJYfbDe$chq2&i^CXn4Y|Sr*XWO8$vq|Z{~O9JY8DH2N{dpxugm>#^d#w
zXpYy>xlz2oqI=YnmA)$2I>WrebcbD7Ga$}L1eHBgf9h!TP9wxl!J@kSFC7Pd8Ped@
zhJu_&@sk8Jc1M6Qlwl3rZX6sDd!9Ji1*e?j@|iPng()Y47i8)C^;!mmTJRw!`<vRZ
zxz-ewFINukLJ3=B34$^W`98oGxI=v?=Lz@Obd<qLr0PyF$lN}1zG&sN*6owS4`YIE
zc^)B36EtX{7vB~ioB~e#D3f4ol3;~aU}|&JXKFm&u7*km)9<UJ@efse>#6(Y%AOVR
z8=cQwiJ#|&zR($)*$Ja_`^^PmWsT4Yc)jXQ>=X}A4X4ed<*Z3c%$Ix9GMoY?NQk$R
zD%gN%kK;od!Z7*iD-%CD=?yK7xXoJ?1pC&RaEKIsz{$Wnr@BWZDV^#rK)R__&-lGQ
z&ZgWq_i414u<uIceUSK5{2=h9&>yVP-I$ci5Gp1}eCn$v#WE4jtA1q9-j9^g&cz9E
z9p6CvlgUR~1|};P%0;_KSLx)vy(k0@f!!68d|0V^<yf8Ecl+K+BG=D`15ae5>E~|%
z+!el(_`GtkCS8=rX(ad|CE9(SB>rsWU&AldlaZhYK_Zyzy_e+9Z)Z5ZOUZ!DDP+-)
z)IsnM;lc4%FKDCR%BhuXr=v*GOlZ~k=s(-^FOaz=8Rsu!+uxcvfXefosm_pk>799?
zNzVSMgJ>slA~M)${kQWfmDRt)+BdBZ?(nG2vIeR2<QWLB1sjrv2}{8D{?nzK%d0?2
zq-5levK5<F(e={!e*D<1cmCwBrKiR^pt<5=F^_dfMbS2?jI;d=&cAbr5E)-g2;;4J
zvR{0Vijl8tm~)f!dBu5k&TcJU^2S`wbb2YF9w@*NlqdwvYu;5a+NRAGAjweMp*=W7
z17=MvYVf!eofY>>4rU^!M-LDv43ytTJX6HHv4w{5Lm=xFMRO*VbS%+_vzg0x^&cNt
zp`KWz0~=zauT3$9eAR``rWB$W`MQ!4RM<TZ1VZa=tlPoe3Ot)t<kEN*Lai*9()z?V
z!cX7PpkzWw)WvX9q!E~<g6b3l3E`B{EJ7N-;*5yxQwlvpW%=7(iQI3p4fz|Kd`T2E
z$RVGxND4lg-#7Xkyl={e3(bpa1)}+un(0|V%rw7F8bMNqO3x%n^D<JH9o4mABBInh
zI@CiaaavkfC^3fw{@Z*CSaUu$&go5x?i7))kj=9^-{(J7)L)Php*<%}p=$ARzsUgW
z=(36=L$|xp4|x(IEJ7ue0qnwKiouRD8ip?g`Pl3`dw+rh8E{EEUtgD+h?^KnJ`}0t
z>0w;b66|h^EjX!*BeC)(>Ut>#R)33fBth%@T9u--UR~Ro)-gW$y7cxDCns9pV~B_`
zgoHKZygK07advET){9u^kWAV<GE@m$sK`bst^yEM;sSN4w2b!@yo>>X*ObeYu)O2G
zSmhs$bdaTn5~QI^O=?GP-n~0Jk~rorZ2(wU4(W2i_@E}G-=!7$-2?OtA==oleFMqc
zx6t%$I(0kyKV~9aDgoj<#%<cG6XJX&ME;<m5im~`=gUBHluF2y`)k=}3u+PQxLS<x
zNNfSe!4tg>jbr=Wv(ScWMeJKa4lVb1%rF>wy0m!G^6%22xg7rC?2~Ie%#W}EU&+`S
z&j@{&5s{&?yS<ZopEMuWU{j1QdD);*7TQnNB-l!Y=0_TZem?x_G?l?X&b`{N63lSc
z5_ED^55So?c-(^lR0*;Se;r}`%-F{jli8iyUHCXQ;H7$z&)@B~7+(irL9Ce{iU}({
zKU>glk$W<%kyx`k>@ku?aqzd#LIfDP!%?nl<>s#!`yH?#lT(cswoeoY1OGlzdWKvl
zKNW>Chvy6Ztmlw^Mp-;u^QRF2DD_8wkAi)WD1>`3imC)D-B+LaO_b=}UL}e9D+e+r
z$8thtIn6wVm;zbn;iUXMIM(*rqBWwfYc$cc)-k{od0Agr{QWcmKLwJqcju#)2<8WG
zo%`u^j;>D1dwpbR{77go@97?Vl%8Md7uHrU)%v3W(m#{x!}S$m=k&xlkTLz|+y)c?
zmwQ@pc|Dr~#w#K`-V!FvZXoH7%5P%f=pXd<Lxol}(WJxkc*OY>%ZQ?`Zb<%?^Q7Ky
zVa~I$vw<D9w~d1Hi#EHNDbZFOg@xWmX=}nkNrH<GipC3Nv0}7gzhvKOkSC5{0YIOX
zfi3PkgTrUD2u*d%@OHX<N*=(i42^r1*v}wpOyw_{Jhk!mKo1^_k|7#bKef5!Ozl)W
zx}1A4ekFG{8Hr%|qXKR`$E%gDTi{!x$R|u~PX4^HSF!aGZUl7LD{XZ~N>$xIBm>1s
zt{gut&3^QO&{#O>_Gqg#t^TqlF0^+h#pm8$HcD}o4!~SB09}2DOdQDop!Qf-Y1Ea$
zy40f!uNEWU%^Z<hxr=nmjn2?HQ5=nSM4-{fAGw{i4EAn(chc$$nZmi}sO*v-@X=Yh
z1z;38B`&RXifdDmzN<C|ge%0Tp_k`3?u&mjaWJxQiA)wNlf^1u_*1iGV0i!x>4GRg
z4-!Ec*(yxUjuD96D7>hphWN@8po`)3NjbZ&L<fPfHP>heAfuIfdG-bqI?_6)G*!FE
z+qcWq_IH}=4Ee?mH)q5f4R8)XuPAAn#jXicmE2_V5D9izGok7ZeWTd*=UYwLfY@*^
zNU;cafNh{#teE<t6p<F<kFqwD|E?-ijh$bRcRTo9<wkksf+)o!TZ?<I>QQK0zZF(z
zl}SDBC#@=?@#<Bo_0>xbsHc)&fmgVt&?qJaHneXtbwp6y5799I4#5jsRVESmV|;QU
zwG#Jhta!WPet%d4Nra(tTMU!~{#jc^I9ch@tb%ARInLXlZHQ9PE=jJZq2Ss`dJ=@j
zMBz|vGhS%bT8lQ#pOraRJ7TUSVmj0vSopd`B#Wap?#d`^CsLCM4(VxQF$QGv-b8%$
z)S03)Jr~~!H&S<d5^MTTo8m++lnbj=GCkQaSJhf20(5id*9&al6siCNeaGjRSQDuN
zLdRh+c$i3Pp{?U8TST;|8rC!CRRXikujZ_>_J+Ye>Bp{moH~FJ;F+{@fZ)-50~qg}
zw1EtTE)yPf<&^sf(Q(#JPn1)4!$2j-UF35IC^f<~Bx&MbC+Z1AX{x%T^NkGwCNw{X
zoH{h8&=d6>thTW*&Z_weQCCp{!>zH=xgAZ=ABok{FRxp?eyx@mt>7$!&=QWVD2G%y
z16;9EEgTd~7tZ)B#nTeg?=C^;$-|JwoUZ<E_Wo?IpF%`QzEe5&z>+1t7`?g!Uxmvn
za*93p5dz%(WA`Faqb#GM5>}7Gm~RNu3oIL)zf<4PY0`hS%K`IopL%Egs8d$f1^adV
zCH%E|=@Mg`B8)5U!|23@7%GF->0b1}vL$Z!n4t?kAkq~Db$M-VkSRF=wq+>5%>N|@
zN{}|m$S~+TOGE5SeT7pzKr8mkeUGpxZ!u~9z9at-I}(Mh7q`5`iSjsSZ=v`PF;66B
z9i8vY!KtugVwXHP^IMz{E|kNZ`!YCPq1%vrTcBBcz%%tG)RS9{pfd%^LF{M7h=<0l
zuPTY3Rm?R9$wcI9fvM3dvkpHwzfV&e-_QT_KELF~Y{asvsI~)fqhOy#i^3M|o>Q-U
zv2o&Lo+k=rkjtO>=;zG^UE@3z1Y{UNvOQaBIp{eP(pW0H2Psf~ZDuj#pHL+XV6E&r
zF1!2-e#8kWkUz!4#8e3BEG{(^+S^(4!OE*(`Q>P^V*f_bN3Q6kbX(&-o(?Dk9D++v
zrPvNWyJA?#dTVXo^9!k^f2u0DGO_`7SDJEYIN`i(MsB|SHU`dExC8fN%{Tfbg^RM;
zx@rS=!Hczwri?DsFi9B;5B$;C#R2&w&zs<pqOOIg6K1!Bc_u6`Rw(m@X8Gp~Hie&l
zRwC|WEun&4aF1gWEtO;gJ9iL*<I_`xJl)mbmWEF+!7u6oaOb6aE*DD9(hH9I2mo4N
zYJR;&ruiCT<blMsAm0HBu4##lBvxV3W1djVEJ?&x<t-siID)4N&cAK*z>DnW46`Kp
z>Fr%TLgx8v89R`xt2b042$PSeGc>)+G!8vq)GEvr5Clr8I>hdvbWN;GJY`iNrPp(#
z*w58<yd7W|K=?=YjWX3;+*2aX$@*DfC`dUcQ8p2P<VS*q^e<^;aW`*E8ibPbi^sK>
zfr`ny#z4s1uOY}u7ApXT3C$;oV~cQ=roEFJgF6N|?_ggGtS?BXr4-q+i0USj83G~5
zJKVy$T5?M9z$?TG6XXUfe%sA~kGp%PUtYU|L7S%&Ajk}~Ugo()+}TIZ9WjncP6dgY
z&-~)#aKGxD`(+K(RY!u&HU@1I_Mc-ZM!=sa@2;Fo(t-0)aRNhm+*S`^TKwi*dZF(h
zL<uc{z*2C;Q63%;I=3L+zN-gA@KZ5b)g?G}Bs?CzHmJ&2^72<*-a%@8c~RHdUkzYG
z7~o&4ugvCGcJRfndledi%`f0}&avy{)^HT^DEcjl;Ddbo=lVOVcMxb!;WLJDk_RPJ
zMj0K7#;;%WU901T5N8R&i&^SS!h)c&*6CkA0mL+XQVg>!9MzB%q)$WEHxX_>18&**
zqtM<PGry4e4F5_Wov{0-ZXU=@bd0!L9vIdBkKga?{F~>s>Ky=WPo18vIm%AGx&J$;
zRQxMUU6KHJOp-T&7m)<L7IM^3bUfbu{INTemq_#%Qb`#LK(66kg2}rtS5Mspg(eaP
z?^yZ@RgNzebW)eBf%}j5$hh?_X=ngnBaH3hH8B7}{Ncn`8F^rcnJPWMoo2OKMkWe;
zV4;yIA`u1?X8?YYAmF7rDO@+QfTMi|L(>X;OWUhPe-GViuQ7Nt`)c%&fT_qAUkQ@Q
zePRH3zt&`n+T<OhuQY-n46NdQ+1Ljgu+}$pSw#A&l6HUva@5N(wIfM>MWg&wGgmJg
zX(3ueOsd9_wT)tWqis;15cIzqc<GnkB^jZ30jVr4eVc^8#|X~Ku2>C&As#n5H>N&L
zH7~rEuc7=XX+7F$;Pa@hh>xO8gq{2=`ihVg>!3Ju>aYqy?a>(+q)v-zO%9{MsrQ#2
z5B03Pa@@!vZ<7SZ;TiHV3xv@Sr*R(sM4@H+(GyJT_aSTFL@BezKW=)==bf)HAT%i9
zaI?B+58@{RSooVZjqx=)z!|5xq$Y18KpE-PEAj~bd;Qh9UzS1@1uEpXP8uc1AV}~T
z3kaCY=j>c;Xn1!f_2MxLUHxSHhBaPF;ebl;cfV)9RD|f%-`*dJou;3%4*<D+*&bQe
z#y~I=MRjrP4l8jnE6swkyx&Dmsm<S<WXZg5XahYN7q>&{ZvN_{rV&GG&@Rul_wc`j
z6DO4USk8g96vafc;Dp&AfWoMn3pyLGaDP~(h?sh)Daw#3Y4wY;^GvMZwBnTKUoig&
zctM*!S{kJl8A%R&wxTtvP;=0f!c^kL6kpcNRi}=YM;u@bRPY_1f;;djvki9JlfPQz
zi;1UX+jM2rr<BKx1u%ucGoO>~{v+4?rL{G#`Yq>bKpL0F&V`rJOWVq6nuurm$>~^u
zOa3{B=3qI+V-rd+lFFwInbthrvWYBE<fNczTH)b6v2!FFVb*n!!+!2*+r8`?0RtK&
zYz-J=x+QSRVcXZ5ATlkJpEqlopHuMFCko2xHK9Y*VsT-y$i2*(kZrxL-U$$3HV(F3
zNK^ZzQ~Vv$m>MzG&Y&G97&QSHcqxGZIM^aQ^t;*JJ}Okcw^%|r&g-x&Q|LhwXj4Hi
z@s*ekt-kl>vP~<*TVi?sFMy6xY*$kqlmqn$ePIWIFvaDu5s?BdTTqVP=Q3o2YOFtD
zO(#B5S`Gaw8EIju7N<h@@sd>9Epx+x)RLh4jSmk|Rst184vst7_^o1o1UAw3+;uiz
zc~PV=z0|W}*qKtPP+k9pPLLM5KX9FaaETK@sP1f*-b-(2#q+S+gIa|^haQ<&@g%3+
zC&F$SYhfM%Va#F-=-H6R%=<WNQE0~rh86P*0*kJaz{fAz5^C$85*3RmRutcC`hvFd
zdt~0O2_Kfo%=Q8;SeL>*qA2Byl`0@5(X2vo0`6}ti~~rX6uW4epcJGE<nbXZf9-7m
zqm<N~iV#oTc@7;;LI42maO3gkbZjAD`4V;SU3+`2{hvEZ^zYWZ6|6@}sVpj^_&*d_
zPyk88lNzSkI`shQ=9M;p6UO<0nBwO;pC!qyo(Ax;I-9kj@1RcQoj+pLxk^-$I}c9%
zU;Dd%Ghj{PWx(j51X5oG<B>*K`FbVoe{~9y!#WT4DwT})gEH>vdQe?1-X~h?_x;o6
ziMBE>`SEwZi4!_dq|tFcsxagaLmc^=$;t}nFsII`%a-XH1l1OZd7G}8gDPc~$tU;k
z>#amh^qs7!mHUL$VtS5?ckj;=VunxTeW-ewbGkw?A)kd7JJ=_jUc4>ZpJ7q7Hi`7!
zcz{~bg>ems)uywTAj2qsNpW-7U{-W7S|PYrji((|GEH@|E~)mp>*d!Tuo1s?BYn{h
z+AMVG?^;qYo7Y%ZLj$X@I|#OYPZ=FK+FThck3552LWU_}O6ADQgoNxW0xN6WFt*Aq
zo~dMt=h;^$RMK@Dm`u(q0#_}!@2NlJcymRX2S!qN$d(8sPp`TN`@KEn9DF+P0WizH
zlQFmb5|uyl#AzrB6E$ls{JAhAo*<)9>>u%9@wN>v>L}V;*1@AhDg?v+gJwW)&&=5B
zJ9$Fs@m>#qn8j9;pBi4s-e4+(YDOPo#-|I9{rDO;ZLs5X#9dWbDFBR-d}A^Qm#RoZ
zrdv(3TFC47{oeH5em$Ozi<q_Feh983V|=ZD3`DPAv;T~)IO24y<oy|ZBZa}_9t)8+
z$LD_8&bGO&*CrM?tJ-QU|4fE3vY-o}U%$z3Zc=$D;w0iZEUu-c=ZFy6fAcU^3+jc3
zM44{(Z5@{Lb0W*8!QxYTCS}q6OA`PFuw$ja18x>%K>2H}=;`#G*-rmm(}VR4Z1iuU
zlloBTS<ax&#zQl2bV9P4laJ5VBr%PhDdh<v1UH&gDyUOr|AJFj(1Fi2S4<U>>4mA*
zJQx6!mcdfl(8nU{S$AqpM4f5dJJRAe2M)L{r9(kZ{#6HfRK2oI<sp4SCnJCxVHu|V
zG<vxV1zR}B<u^O8W!pQ@M@jaIE!@j$e5F0!+%JyG|IdSmKoTObMq)AH14g7@8wB_n
zX)U?cRZ8&pN0*u&QerOk_6RseRp#rP(68FJQ*g0W017g;lp^dU#ek~NQB!MU1OT*6
zAg8>zXG9JdH1JxLr)IU@&~Lwn?&D)cliB0Rxa+vMTdiSYNE;rM7YJeQ4lTW4=CqZh
zRc5OBwL+TT6mdRL%ad-1+a96eIe{Bhw%nyMP+-<t<y+FN&kyGPdQk`lNA(?On(HD%
zOW(<_n#FAU0P1BlM1v(m5ZrQ$g4!9kf}l_i1oq#oRG<~|p7fRuIDQ~GfpE_yo~BFi
z6bOkFV7y!Ta|ocJ*L=W%=OP_HnvjGUh{f!hb4frW+0;7nct0oJV$J-yGViE*IEB<n
zqukxq5@wnUwGg?l%jZ;{<tIm<$)Qa(^<tZZal-_K-C-kWvNr;uyyJ6}`Ji~BA8dOM
zr~Kzh&xVB$zX?7hMY(_Ou=bHUXf^OsnevkuKVAV(kEvz%Rw0l|Ngy<5|77^HDxOh>
zQP1#RSM3fSl)IH$LQ7SF79c|wEDP9N+sqnD2m3p_J%;<@cn6~SG&!ajsmYf#5UD_S
zV*f<qyf1%@Eqb`!NLOb`6K)87@xWhXIUr)e`t``0;7Z-5Q&zPd<}C2MK=yQ*+Pr#l
zs5W64E_2p8Mfy-XR;h1!$;Q+Z`X~NVu@x|^5(@K+{yYGisn5se_Ry5BQP>&)j>Z-;
zx@1@wM5~2w(H@bc#rg4X7AbKe`?%8;w8%{?(oJ>_PhZs8_oPbjOVjBn87nB1Y9zKK
z>F`rZY>)f!n`Xzbn9l7KP(*&$Cw8dyJsQnp*?fh}7+*_IT44D7%Vk}rBx|8;Ol5nX
zK}`h*nj@cICY|=FkwD1Al`HN5GJNyk)yOk>qgI|z{G!Wv;6;4OvyHd+bViNK6q!p_
zyBVcpzQhGocA+tgWRT6hAPZflXRPG_4EXTq;o~m>H`c#*mbwbLNx260KbrIFa4Cqr
zX`!Mqmc;8zZY;r&#C;-c_}kwIpruNly7XS(N&T@U_eeiPnDqcHg_fUvD8crG(f|FE
zo-yj#&}fJ<Ga60ms|$253Wukk{#!STSo!s)TXS!(k1~qwQ;6wXG^Q*8M~eS79a&8-
z002yKJw!)}79i#t>tYzXaWM8m!!r{!itTl{_QO=?#(P`htpD_gQz4Ypx!#AD+PF+#
zS2%|ws*Me-mvx%O8PH|u-3mfZE-(eS+EhQJ*VitjqB$Q;j>4k9E61-nlX(^H{%Nnq
z+`soUVC&c-vgNb=aDmRjn)Pp7&uQ~W2D)pIqLTc+7AFsRsq-Qtr0-PD>f3k)YQ+|+
ztS8SD%217ej$7x!@8sA-xA;H9V-b#3nz<&%$iwFHDl8nJ5Up==Sh|{Z9o*7zqpwDx
zX_ct-*N;PhXCTNQ&C=u9%S4-(Yx{I$lcMx}-B%|NHi~yKLLBTE^uOJjT9W+sS}nM^
zGY;EH;PB2glB5R|9n8!bQ<%#IBvKVs%6fB6+Zr6Y$~^>8ZIURhFB}vPPx%UQ{RdTn
z_@6YIybt$K`Oa2wO5Fp#I*8gSwC(SkyU+7K%^jqgWH+{NT>Cj7fA}7Wm9DvU+soNd
zDhK?fc6Fpv8xOXm06<`zn}Msi{PzE7IuCa?|L_0bi6C}r*G!9|cFmgMUDV!GYsA*t
zdlQt}rPN-n+G^JxQ8j85rAF;trNrL+?$7tSet$r&B(MA2=XJ*8JP!rXy-a=4y|ojg
zkOHlRBczGt{a%7kK~tmf!`8<^r0c+Q)JE5p89+$@(*<P0^>o)NjZ*0D|KW)HSX-7o
zG-&mxbXh--=}6=rjLxa@KR1-n<Ed;IB$h8yd6B96G$e>gFS?Ne4psw~9Znm;_O{4j
z%mzI|kd9NE64~TxRY-j#2ON>B-^-+Y`S`cqK?7Dzn?v46F-JF>L2OpI=hKd(is;aH
z;F$rZSUu^FTKdKlb&M*?SfHF+Nd;vA)0s?3exHv`QFUtxQOHDop&{#Oay5v?$9_lJ
zb?+sI<_@~@<v=^<WM1#d`jU>NGi{|A_JV3Y=GQ%LI}*}Fuj;jD$YEGA7=XU~Z7HHp
z_w=5NYG`FgX~vQ2Wt`5PrF@Z+{13WeWigVY3whNPNTP0oUQXlewA66?B@(zu=f*(`
zRPu6-%S;b(Wa(#mr<gQ{g7_2Q-60A!O=B|{-ZsEh4l=r*k>g_k?b)9&FXF4ezbpc`
zLkr-_Yp(6-ckv3`K>nPmJE1#yG=q-lRjq%f3<_J0m<v>)X=8aj6rxe=yZ(p$$@*4o
zm7~weNX!MY&Fr+*z*BWhCZ(DmvCK|<8%@2v5qx6`DOi3@-Qz&5Q0-@vfe4N;NU)X1
zzR01{HU9Ks(x{-JKWnzknmEi-u(To!$h-@aKI-MVx$fvztJFr|kIu99q;-VA1imQ#
z7*eSmuqk>UPlQZdWu8j&t?|=n7O7>;QeS=&GRIG)7u6N8!RXANavu<6(qNM=lzhn8
zY7dPtHYU+FkS5`O%Y)1;`oroLvfBc}TaMq8B&}Pb;?MH2HBB)Ixz!>hrhaZfqf3=&
zwn6X8fO#ge5IgP?v0u2y@<e&$+q)8~{B7zt&y~TEs>fmB?fY@WndODiR45=L6o9z)
zov2c)XqN|jXYa(LAE`WEV{dAuup&Z706c$5K0SpnF{s_I)ZMVFQ;rJr)Sc`ZNy4C>
z{UHtXb^sj~OM=S2yrDjI*Pf0#7bjylRG6#alj_)v41YYOE_E2Az>CP*{QLLd=@iwc
zIhkKKJN*zNdyo0Nda%B_-JnSBsz8SiQ%(W*fB3@&eRFO|l#b3)mlxfXLK6FhRx$OP
z3Aeqs|DOerV!OHtA*3GpItY`28PK?YGkDFJ{It}YFOK}Xv@lTps*z3L3q(KO(o!Me
zuh$@>st$v`yYJ$1pf);ne<BxBO0De?MC9CFof&QJP7Kqw1*AhdLse+ZJF3WT&kxz?
z6F)8XnDmU#Fm}mZ;RJ8~B{{3Jdv4H^?nXXHfIyZK)OhI2{95cjjZ+J-P!6xmSnZ|~
z$k>;8bvkn6EA=IhmRwrfZ~RvM5iz2U%HPTwXowi5aW#4O*NfwxoS`W7rthm$7=G@b
zw;y~2?+=G<?jz>Bf4PGc;`op|6h=QFLkNHRlDgC1i$3rAcW~R85-TP5@bMm!Qf)P9
zvvohCiuJ3o@`DYdGb{cltFlOK25r~X6G`sCiMoPSPwI9H&Q;$bo`&N=V(q2Vrx542
zC%sPZBii?@Z{%o-R{bjc^mqZ@Rw%jGfKIz6$b8OdTSQn1$r>WyQJ+NW^Oz#kEB}1q
zvuQeMBd+fGEI|f63&-QeBp0Xz?iYVPJMbY#-|mAng-^{R>T%E8AJ^e$hgGcKI<GdU
zBa7>I22vl7%*mjZHb@4>Oz7TiNaa)8OFa&K_I#w^z``Jkny!lb9n@q?vZp4OTVm~s
zt`bMLkSTtt0v|7gpAN69{<?20wkhFktG9=y9`hx(>Dm3kW&rQ{z2WXlon6YV*wkag
zem*zL&Gl5%Pm{GuZ|Pi|a6e)2`KMC<jbpB+?MT`-S6@=Sm)CJjwQAP3vCVWf04y=P
zRb$V>wNm(?uk9L)%Srkk;GSQ;XtFfr-fih1$}%)UCMuUl>!Kfiu-r?skj9y?k{|ab
zPIAq*nOsFZ#?o2L2C<Z|RS;UEI1VWu5^?#S{yN6_uGQQaX!O+)_6kcI7M&(9ZXWo-
zQ>Wg1;;Il~QL*CMN!{VvHoa;aV&z%ZUW+6t%TOLJtpDT5I2)=mg$DrkB|M5r<{2mP
zw(pCQnBu946e|T{Xka@IjD1ffLR(ZH|INk2MjFugjuifC3fWweemp}CwdEVlcDKWa
zWK`WX;?9+!?B)4P)l^*w_c8f}`OH`bCi^}Wv6*Ec)812a+AkPf=YjZ)M^v3mNuuAp
zjlo`R-vN9~4I{uh`@Qi$%rUFJ=Jy*dk<B8J9>1IVl}FiC%p*FMC5nEYSK~DF)@&ib
z>_uNy+fXgg{5IR!iV<IX^+ILhncnN(803SCBGQ!Pb|g047~FZiEfH)<@AZE8CvULX
z+pxt}HyZC9)}H>9zk+Zy#C-gg<AFRNm{VAD`2<$w)9|6Fgvuz#D1oO@-{QK=Jtgu=
zTl&c~r6za&mL!2Pl|-;RlK}W}#(&B5TK0F_SYLa{dx#@S_)b<%92g5<UP@hdBzV2P
zqp@`*$w85y-z<qK)9s|LWxgBh;RErEtsQ{^^c8;LPR_3Qe<T$HP9-W^(pwhN)<6^4
zX?w`@FAFN1<H7*LQs-yR%ZDe>ol>ln#bz!geIo;a!R?s+F~-zoIhKE!I=c7efo@BC
zc!#Yq{aUcR#9*&AL#F1KTt;tr75TDw6-7bqXt-0kn%lXbjeQB9l7S!MJx8!_J2ABa
z3jW>yMT#cjV;$8b^)330r{Gqdgxn6enIv^@(k|D7caol&YMj;Owhkza&%b3tC^1CV
z|38_(99&vbA)0@Dy*s~Cn>lNvndwcMYhW?Tl(!*1>iOhFsbaBBm1&m}bgj^n#<%jt
z)WmZ#8PpL=VaLC4(o-^298OP2U)=e4r`*ypy2Ia-nr#{Oio+d`i?~a}NMv<6=lTzm
zhHX7EI_V?Qgf(0RftKY*FKc_nbd|(#QpBx*Bmmr(D9kJ@(Y)*6w?c&r@rQ<?x3!5r
zNpez!x^c?m5;E_;?JsbH+oBLg+>{SZ(fbG`A>5A{{L8xhaePOBl}*rYkC*UsIoZmE
z+BPamdQwhM<F@k`pCI3F?LEeqWjhBTiL#v;TUhcrUoWP+xCjRS!L8VN2K5xe!#Zyr
z3cT@dhCbr?{9{4o8`VqdH*<?Rul)Xd9CJ<ll_=hn<{1%jJpffI(r1zo!(>&O5M`u(
zEvtoI?K79-8s#20ASL1z|LM|&0l9lg_dh_1-rvt2b@O+ptZLBOc$Q4G`cp$V9Me_{
zN$-PKn+r+tAdV;l4^AF{=-a*VeClZ*YwBbbneHsgtK&!8*E>?FFu0)zt;)UG@7y%)
zY%1vwh5qgEqB}%<xX~TI0b16u!`G{BG^RmRy6Q!dnFtUOa2=wHJ%;dpBK#}aV<i>v
zp^U+r;Wc1nJ{>j7Uo!Mi;FTZwqavc1hYU~rI_jCYRbs_#7ScAS<~))Qf-dv3-w0He
z^w013{E+uCF$q-@Gmz(>Wqn#CDt&S>GckXD7foJVE|fB0s%MTlpv<GLmH8zX(f_rH
zxNiVbN0h<uJE-*Eo$<uJqTfI^e%Q)OX1s9siK<gB;>sD_L82lU21v()5Nc_DEKnwQ
z74<m_VhKDt`BK7nV2lSbbif~iLI?)u)rl;|_j2}M*xtN<o{@Jy6mVe<tqTwkI9}e(
z$|_U|%8^R&(#&U5uJX@x(XK|D1etM5$6T(fbB~JC|L1N&0rc@*?hGsp{o|U8nTv_J
zV}`VM6MldFx!|z;ZL=q6im6_|a00}^7Wyk<$E5uP(2v~ARm^|F`7PdL7F}3gjkP{s
z`u?;>I1KPeo@IwGo%5Rv5oq6W#26z1Jrs8H-q}QJmi7x{<h=BhXAIrxTjck<g}DM?
z^Omy0i96~3t$8tZz-&%M%tNyoJ3=63vnY;_aM>p8F?mRx7p#T-czdc||Kmd|J0Uh2
z^zct{5@>Miw#a>*^NU|Rua`D>GWQb>2Y5?N3=zmOcO)A;zily%UJP9d4V`UB1$*mX
zkWX4(CM3C1j<6uQF}0ykhgT()-(r7hfOPA4Spr+}&L8prnDtIFD$COwtR-kk!TFhN
zp8OErgd3g540!KfUp4vuXQP=BB`7(}-0J&gVV|1(3%Nos*yLT&+Wn2OF+PkpriO{~
zwZ<VakNL6WX&6y4AiFarmI6Tn+hA#^9e5kC*iIRo7dRnTh+XJrqmM2XD<`G(>M3fe
zoO>3N4?DgM-5QD+<JPF2$o9mJ);W+D-t~uQYbrY15Y>;-AXK&_<^@!kFv?w`bQ4;q
z*p13-w2$`Eibn}(wN*zbgLOxp*0v5<$jQwYxNp>lp^`B|J}4~P3Xk`r@iq#5Vjdxj
zAF_Y*zNGwNqPsKaI79H|U!3FS%6V)%-j7!UM2I$G*Rc!Tmzg|dq&>D559#G<lEQp?
zqci1~?dW5gT}Hu9$xK6+op>pO;`aADF9Uy-KYyr0iAzr`)I*|ge2>p0erv|7H9w_<
zns`~@?RJ#O1{iy8RM66eVWjII=WZm={^v7y+dF7y#q`5aKitlq&@0oW-sGI7lR!f2
zwpSJKpD}1xw=_Q?o&jIQ(1h<>_l-%j-yCMXdBk%y2Vi;c(`^t}*XHNWpB#kB+rRq;
z0a2UYR2mNTk@d(Uti5WVo>c26c>Rz_8w);b@YHih2mVLsf+x1{>K52DSr5ZB3|b76
zbZ;$`5DW~%^-RAsz<ta*P0HLmJ>Hc4^*t*LKB4>~a+{C7ys*@#9@MdtALllclihk(
zSz?^h{yj_2J){ftbvv&ZrQ7$dL#Y3=65@W4)>p7JIhdM5CRt0#wv2%L295y!g!dD@
z^iv4-J7rslK+ss-y^e*c|Ds(x%LEFY2A<jA0d^~RwM=R2`sHQNvn#^M{H9UPe}T?2
zG+mWqv5Qs@w9(0z*aBe6`Ez1XtK|rqDadaNcuLnv(N*<indeWEmGTGtu!<%q*8@rh
z&Eq%~p=LPb$BP%SwfQ<44|<0H!dI}kJ`w5L-`s!R)dE1ZyYbzQqp?FU`ZOVcVo9M~
zb!u2=F>Lf1u#d_w8x0o-u_nuW_217QRv;Z@=_6<9?Nu@eBj$yM$K(?-8m6kSt>$+0
zt2?-H(#UwdPSlB`BTQ?7x-%931=YYw)e7<%9Aav0Y%(DED*(i{QMiau7wGh_p~GX-
zOY}lOO+3x`WPLWv>b}s^qc8<sq3RboV;pE6MkEPBBET{9&62=kr@}+Ul$YT6!O9li
zs_PtH4jH{*6BYjp^RO67zdyG@|B|bVRPD(*w3v_DcoPh@r)6E~TA-x5cs?u)uZsrn
z5H9U=HF*WFQ72@gHpcOKFqjWd8Adw%RR_MJ>_)2;aFq^*OICaK5<CF}1U)rPKoUPh
zc^VMLO@Jl-pb8_1te+ZQ<%}VxB2}izz?M(dk;S7@M&2WGicDstZ$Ig^fJ$3L+285p
z@pj8kb1xUn@CK!|-T56Vz46x;=0qhTIzE($O#VqdKIRg@-Dk7;&Y{IKL@Wi*2UvVN
z82>A9|MuLPQMM}VZJQmQtgm1EGX(aCe8-h&Et(8L$%>Xk;6Sm6smY~E#uuOV<?T#Y
zFFyJPF4Fg14rV=&6n>?^lHI7vGFezI7ugkEPx8Js{j{Q5z`?y43YvhV7MYsx*sF4d
zrj@pb&L`cuLx31U5TUY~F>k8d2L;9z!(`8IG<^4Z3=YGEKHI{h2q2Ycyfys)MKOUk
zqO$&%uef8chw5&=yxb1C|1xrY$b98DxV^TZ{%Hb6O*J%OHyZ!^*4f}>W8uTs4(%ui
zyrBvDXy>C|j1l>fN;3H$FjU*Bec&sc@uBG8*FQptWMR|ojB}|K#8%m@|E*Sty|DA_
zb0ImpId@m&`mXh+vly^sw~<W%jrBpo&f3);?(a)YBI$8Y<;<o0*?f=4l0tu+*wqt)
z3%l~nxi$7#!Tf(qTVjNuqkT`&LYEV4N~(uqhE~6Hcc;e`7oL}hSCuPvx9NVF_-L|2
z2*FFD&J8To^QQ%Xff&5AE14Ir*F}$<5oj5HOfnhzhGG6I!J2I6Go)Y$VFcjg$kWHV
z_=WZZwCd<k{}&faa1CA3r(Mh)0Zqu~k|V4C)JjF%S>Ara8K&tuTNA1g4?k}ITJ_P%
z8$bPb?#uu~Owrh+=>6f>JVf}egN0;F`7t&bbP%Y!%f&j0%%8g{jr`a-9b<-Xw=F(A
z3qcm^SCN9waU`x}jL2R-G!fjI$4iw<*43Cp_VUBA?&ie^bDvh^{@M-B5~NLJkCf;*
zfra*VVo0a-&S11&GMw|J*_zFEx#a+~znOo%n+EIJi{Hm#!2D*GpfFnBh&rsC-z4&@
z;?4KKaLk;@Nq<Vr8}EAgUu!#es$Ku*mF!p_v-+6p2+IkFcM<ZD!`70>@@-`m2F{;`
zg`y%g%p#T+931vbTPOMMuIH&coXzOX8(;k-fk1|>t`@II(qM3Y$tu-M{#cM^?A;gC
z&vBP?FpI?#Xz|<)&}rJat84<X)Wgf0o#iw*%sl2PuWoLhey5mAfxwOK1~WarM=@(T
z)O)sHO5xnqzGsgyviS8P`xrVmK!AN9hLuNx;zWUeHwXf+5=24VC+%DIC%{ZjBreBE
zhiZ?VL~SY2xy8|xDD@YuDy-gfN0QPz&E2kxIs3F|&CGkp2Y)(;VOmHqBDuKxr@D0B
zRJc@?)Az(Yb^QJbS%l#GpZlweEXwyw`R^jM!P}c^Pl_Th$Viwt@U@P<pF7d?4}xg`
zCXuiVfpS3bL;UPWc7r!n&w_F}gjqT7b6?@2%|3~$J?=;dhvq4`&Ym#%a;UaC?&UtY
z{S>>>m!2YX8>`nu0g_CJs*(+!QhVL*vB}_m-Kt0gdbUVuf;NCp2zd@bTAz3O+L%+6
zT<v4*l(2hU^NpYT<N_VpUd2cYdiPD^Ll1@s(!EL2iKs;=V5#rVaRMPtEPEYAL}qVm
ztv5bsa_270znScMP3A92#f2awO*J}mUHI!>Y8{mC#Y7~Ur<j69t;RMtRup39{}H2`
zcC))#7w7Q|#y@3X3~cb5oB|4nGM?KQRfJ;dHTUP=%nC~L`?%#t{0|%7eP?qvGUC)7
zc>yIyU^5=3bBbZY3SzTMd-{TrAkkb~3pc+UvNdU{d7h~+Jn2^ELM#{D;PN0h+V&S+
zgF}HM7CG2MgpuMePknfK|NYOJRSm{~@7kL*K@Dm=jyG%4tx(=cLWxP?X#VIqAVvX~
z@NbywfJY3h7#seHMCN<2hbrefr8StkdfP^#uLo4GE;spmr5X*f|2^}fQ7%L0P6O$-
zcyka~8%tPggV8dpZ1Y{d_#UL1+Ub7=UURpebV^pw6AGnUo!!*KZ2&?W2!5K&=hVMB
z^<K)OGO3gmbMYx{Y&fSeLmSyzaR+vH0M@6AH<IvFx7z~zML>0BA*E5S(aU$H-&sNL
z9efi=@mwpxk~`tzFQVftnq)sh%IG6ITG<3}@IZhdAtwe9(CiP)`I|^*et}gDyxEN}
z;UeN~K39UYolFYmN+WCo@Ac+mZ=_@|H*@F=@;^M!U6RYuWpZTBD!MgZxurdk>9@k>
zC)JMB8wgzpMzlhkPHR~xP!Q>R8H`wP8glcv9D$?ULSe0SyBk@h<Lr4O3MGic&E~ug
z83I>5X2GSp_oB4ZuuK^n@nlP9O&T<JEZa_*P^f#@_3{|p@Q73IXCwaPj(V2{p+~vc
zMi$wKPqtr3K92K35C_~Ka+)I&57NT#Cu>%Rb(Cy!JJkW&?cDVR>QpbYI38r@KA_yn
zIp*cBQ1<rr%F9clv-w+?$sr-syHRUtKTR_ANdz{IH9?`;##FT9qBw2ow5n9um0#N`
zu}~rntBb~?55*2SD+c4|wUt6{&q@z#{QXKNn6KT*3<}PEjhp^qQX&2+y2Bd^|Ki=#
zVp(Bq#`}I~R!d`Lq9lNnZuQji-)HXFsXMJE5G9Ay_I)7fQ{=U>zdXkQ9t>(0i0gg7
zL~QF#1Rv$bT`zilEU;rz^V5Hizn{_CxKy6^J4_=UpLF=O#D=5~CSS%8^8$lWz{F<$
zch*}hzHGH;7XB{LMP=l3kg_svX*X$S0dcRFQxu;xj-L^Sm~-=L*UzArEc9LNFIgSC
zb$rwS`8ZZFj5$~*t`-3M`Z0?gfyB`%(#`;M>D^&gb!BDZ-i*^0BbEZHWc9G)82chh
zolnCEyMyzmc9iR6F~5!dcQ)6WsY9zz|3qoNi@;Urnn{X;0J@G3F8XavTQ!#pfHYKm
zPKhxT6DH_eIlHKmx?|+Es<=oi_Pb5>Bhc{Wb+w;Uv;L#Ez53EOk!RB!vYVmt{E?)^
z`o5DCm!=S<tcvyO##60j-@a=7<l2(aw*k(^WUCAeJ4kF`JP?e)sXEY8$c#6v)j}VI
zemQst1mB(<pPiVSy#De<UMXokgAAkLh(RH%iylPXUR==zE^WM5Tlh;@RB*EwP(j5R
znY_c(oJ8(6YIf|0p)gy-V5}9>6TIUJLUd{FN6&rqL8fB1CT9F0O}}Z-vMk8l$?D5t
z=hCa6U{dY)BH{fn`C!^__()VS_HC|YG+rM8&YM0)L0gv^Yi(jm>dn^*+X3HhBG`jf
zu$XYA#@{G64vu&TSDh{|w_7p2vwZfCIr>GG?EYktf=P9U?!#sWhMolR$fU_qjhK0*
zF5!ol>QdZoB=A-ql=`duKfV}Fv+W*h5$<1WynN(K-Qrc5FV)#t;Zf{fSF<A&R%q*2
z-vySyQKNp39C~RzrIbf8@lzaVLPo&35%Yft_(~F;CZ8WI5g-|G|7?S;m^by(22JD$
z#g~m(3ZD{3(kBjHurjHkr)r2a6?5OH0~>?2^I7ja+|z4}OjsyJ=`>fKwwg?G-GdpK
z&xLIa<Tr2nK;ZVwQOn8{?Ge_mwvLGVMSi#T?l18K8MhU_tA;Q+L&i}UylidYw$1_Z
zulPag(HxPo?%8iVC;Hr4HqB@qk7pAuSqvnuW4#Yc*EG3ZtG%d~Uq`lyoeEu(4~5_1
z*jz~j5g-Q;a?+DN(S76j*?~tj{Or%?^3D3<_e3!D@;7fzNtegyQk`F+AAVlu>~!d}
z)@{UT&h--DAP{gg=U>NzWXautHmcJ44))E2vcG3NRLs7s6Di?_9K}WA+Unq+KXrNa
z#6r7rH}<7Lw~G(O*D;&#)T5Lm(p=JcVw<Yikc$8IfmU*g)s!cNp?1cY?S`sniFc4-
z(cFm=0xfzUU8Z+6#r98PPByNP08;eg%gJgF+iIM-Y}4AqTr$@eftdZEc3($mzygDb
zyN7ZywZP85J^>$cJA{WU@sD(E5$YyiML3;HS*qrZvJ|K5n&;eOd@ZNMPA>qxM(pY!
z4T#pe(j~YmbpL2K6^<8OyIZIzAGl+>y<`yOhd`@-kHUk1hZb_ShbJLJZ>$@8W-SuI
zD(esBwzZA!`=1G*38tkGtch$&$U>bfoR4XG9RKI~pQ||*SAA7l_rIrv<c<(~&WJw8
zs=1B~Yrrqo53a#Zrbhsw$L7r}CHYc9Ss3wn*b=C<R51UD^>Uj|)AG@MBSGXn?0Y)?
zzSN@ohX=y*^4d&rd)AoM?M{hmYg+dl-JR)Q5o|$1KcclBf7_%K!|t8|YXnf`%T?cv
zUuIj_fQB(Srf#|G3L3V$;1Fk-#M|0>z;*b-($UoDUe48<UP@o@+a`3-PRGx#nO(JI
z$;qGbQV0sHoBp0J<>lM#ROhde#Mfuj|F)MmHKX0>;J&*!`rUvdL4AYZJm<wx>fo!1
zQheDb1Lry|p=8zKvM3k=bgjwE?SEKPJJ&s}AI7`LOh-0!eL`C;8rx7E@HAa+tmFLF
z|MsD{aTg!%#r2AY7IkJ}O80}f@28Z~gM_6`MK9jaV*X!hicVMPOM~QBKPiDUXVXX?
zasBkf&jBb*rQX$1v)PruGLMLcnS<sySMZ@DA;E+3xzCQwc6g2+BoZVrg8L7H4^7f0
z4j*Lv#H}titj@4moTRalBBI{UGSeAZ2B~Fu?jdva_i>e783#CL!?lxks|bfXh!x^~
zBWdgknM-~Ahkt8Po>bz0PFEIA9iQ}9Jtc$w%uH~Rc87uuE)FMKY|RgyD}Ot=I`zW=
z0>Q<YX#7zNByP0)KZ#)7AF@=LO8atBnkzS^-FKg{CE(A!`$1W71a5el^9!PqW;u@$
zVRmNii~jJ*+Q(_Xolio2*$g{eM35Ozh<MI!e-l;Y2|n9<Hla!J4zF;zgAD4myt@!c
zO-f|Q&5Xs4oEUs&uH`$(hDc9F+N;`)=4A(a&rSo3^H6eVsJ(8V7VF-VM;vtF#oN?c
zySqI;xw2$lMSruklNZHqk5}a3xFnwmD`TgpEysGlJf#m*S#>LIl3+EI1aEjIokuIJ
z@N=@d7y=x91TNmJ$38vvr*6AVB`YEJD<p&z2+`bL61u4N^lB6DEQByrF;Rr)2(5Y%
zO?MIS`nohgAq!qHdy-Z4nk&D;@qPlzpqa`_L{-U($gSiBMbiOr^}$#B(T4hGuH)<R
zx(!y&dkJWt7adbUU2d=kng!_(*Q^3SHYUu{6JIbp0JI^~04>#D4}85v#8XxZ8Y`q<
zF!j?SmY&ogmpmmR1VZ*SJWmI8{_!!XfZHZ=()DWJhvl5RN0K47X$A3yN<X8JpLMSO
zfUjgCGV8VOlJ+du&Hm;;(5Y{D&Cz<8V}9&&!}6M(9zRrt{`{N;y7#%<VD-WsQdEP`
zv(baC4O@tIGHd(4eSmk88V@cQMVL>0ww^$){^Z?H4Qp^t^O||Py18^ZEYP@CKmvvN
zt{D%EiqUs3hWzjJ3Mw1da(~Z6OosYu!n0p6&W;dNtIR_hG5AO{jNmyTmG3K~#`19}
zH|9jo;%ffwTPyY=_wR`=@r@<c64ZlUjB2jO4U$joudG}}e$1SRYh?fmnmHgocbCte
z0oL@G1w#h&jDJvl`k95BC+>Y3Y@gG|Ng-6rjS!BOP_EqHD23l_y$KMK_`A?6-;Sqq
zwYF9FGGs=oa5IZ+$%~{3Bn@hylK8s;8zTOM^HS!LEu3JjT_S9p>g9MthaZi=!dsI&
zM@y@XRZmd0ALZ)GcHfH=3QAH$tqXk~Ik~_iP+F7z{>-1aHQ~$i??2KvCOpAa2hRUJ
z;<hWuj1?0H2VL#!`|ELF#Quqzo^L|k%E*D<{CwGrG`?A2>IG<fXP%6aA0KwB4~sKa
zpIy2t24e3bQO!m%>flIK*~$kyO$9Ftl#$&YtmEvOP2zFpisRI);F-qpdVM&qhLN%Q
zW6iUHFOQfsmP5?EOS0>oroYa8f5iL&XDTu^avnoi9V1#4G8f_w4WKwxeO%fOmis!c
zrFpC1QTPx)VsbEFlod+|x!!B1_r434@VBIX+a?P?`9n1zL-)@b5Bo(Q`$SQa>Ols8
z#Px5pNlXfDlr_88`cRr*E!^=;VArsBa>HO5It6e49A*)_&HmERrao^9Q4P&;A<yS@
zd}RC0O#pLFRmW1u`!10Kfi30FP9W@e`<kNUcDvg5$;s%2k!hUP?Sj%7?Z)bJ2!u3d
zKofzRTNb(+r&w^+P)FS_T~Y3I%Au0B?hjuxOz^Y7+wmk>BZO;fs~3u1o%!TEWk1ZL
zeY#aYa$D7TNUKT8dH&57RLu0%c0KuXU#_co&m{U?qSk<@yZgh4%e?LI%5Fvcn+o&M
zfzJ=`+Eu;We!lCAk>Tv!FM7Qm8oHG|x6SX=B_&XC2dJOJgPKW;B?yFEdV#!23)WvE
z-e~qgy43XJL4xUjw5|e(^!DGoCn`I?7xSj-!D0FWW~;OEy|#!SW9+YCt1|%H_n(>q
zX0fw@JZrMwXfNcXedo7adPaQBUYUYU#50q3<#d2(5(AfY>#viBNfb%}k=yY9SpeN%
zZnsniwE(1(E(F)XS0ZrCcNYNw0a{8p@!Kzirhbmg(qc(i3Kp5rdd+6*zf6qS3s93L
zEB2WuH{$6wwVZDoiB<CX_djFYJz0H``%{Zjak<sU7&!+Fw(M2<?PgmfwC(i5)|dU$
z4Fv4KYrVKl#eNV@3H62Eznq~y<QzH{uKQ=D@OXv<#2uNtyR3o|y?CnxdW!evFmXYT
z*$E&n$4~a@ZqFIOj8D>e8SH#h3HW>r;&RSkw6?+Xor97r6zicd`=eCdMABcz&wu`G
z(X4T}1yxeJ3+SUt;%X5vxFZ4ny}YoI4i}mM4p40~N1>I1bm^Nmbc69KDog9cEMh+{
zvJhj+Oo2AHMXivM<f}ZMA-dPJ9Ah9{3EXj`1Fr<;Zlb_t#sJq6uhFr#z1<s?xznN2
zxt@>KXuO>$3Rhydpe?yJ@!Y8+YYSm^EaR9+OtJUr%3kpAn6Y%*-5I8GXkW269J1To
zK)YG>Ic1V7ruXMrPhIhcnKs)dJSE&PSp-9nMiCLTd>=R;B%Sth)E_YHsw+S)^{~!=
zq0v}}sK}#EnEiW`&%TN;Vm+#I!-{4WRiFLxy!u-z7N=e+4X2Bvp~|+wOD7k<%eq95
zz}!QCJq<9M%h6^|XN~?8V=g_GP$lgOO;*vFs;jYN+WbK$Mz>PQX!LYu$IiQ~t*wgH
zDV*ru!0h=eNVd^xn~>IV@9ZrLvj4*Wd&ceB?|XeC-<G((202bTP*s)>-Fp2nH^{LJ
z<PF<yY{YIJKYhHf786!d1z#$>#?$tCg|wqJuItZI+?ZMaA=zm8l39v^tgF1R+F3E;
z^WGn9jr`T73+>sB@mdepi?7!*`yIjyr)fciUjxW2mlu5V9J-b{38|(V%IJ@Oorsp*
z&3U>sOTp9=BtUjBLZKEe;ofoprMTJa6Gt06CDr$i`m#rdv{lhq35g50OpJAJkVlM^
zEl-F3w$Al1E&{91r}b~GM&uutgRJGm{4YAu)&Hh=v(7u_dtuK!h`x<Wb{tQuT=i+4
zSo+T8K8Mu2j$xJg9SQDDY(z6#;blitxQenRcF7>rw$JwWB=4w2QT!?NY{8B!245ms
zehW*^Yj`I0*c3Z)O`i;*Mg8Gjtetg44q1br3~o|%rEmRNTY3*>coYC1v{eoy;^lc7
zHw#Kz8?9P!_PszE5nKG}8fY^Edn6;Yj;|h4vO6RpfmC^L?32ac2@!IfSM~9;gTDQL
zoT{N|i+{Ru6I47rSeJ+qBCKFUY@PL%0^ONufJBeUph9JGblPgGwCqPqiuAyM03&zZ
zE5GwE=FudsCX0)<irINyH*&V}IloO;-i(lRE_Nh$yY8O-G(jJjU_=aY<{F_EWD!ef
zX$%VCn(si_dg>Lb`?3?FpGLP*CD%f>j&DY8{NnxT)uHzE3m)`sDO~oHwQ9LXX8!96
zROzc*;O*GS-P35rB2@x03>6$V#V%ZzZ)}CHuhB=ry7%?Z6NUclr|hEAIDNv7vjVF>
zFZ8GKXvQTB>=xP{80&2Hu`V<dbYZf0wa}6r9)0EQf3no&<KCFNPDXwn$6P~&g#Zsi
zA=kmoC_;(4@2b+6u5&tP@%6k1hc{ZqDDzu(=e7#`E{u^GLi>(FQl8~$Qqp6;>etK1
zZoT-3)gaRL<?P_CnL8SPeb1K=iK><wY7vD>9AMQ{PK&iK0gsKz9i5WFRs(4}&9(^n
z>O(5z!R);HZjphkPZZQ*;B(-SS8u2+00<(j&L;7c-4@mGo|a0!K3|SLwxjl=0t+g)
zn+wO!rgR_J6nD;yfqbRWu1jO_dX)pI!nXK32tbbl6o!I6DTG0D2qA1qB48!4+QKV-
z3!i;491&)qK|_C+sjp_i-q~1{6sn(Nxfm^|=}Bs3>cI_yzC{bh;01lN)xj1ua(qo?
zXgo~>^$o>jod2apEcq=?=6=5Rq&9M?eDuDratmbs$ye3nd`YUjpU~EXKB@otgAJ(-
z$MrSxc59>wBxhbsiNxf|xj|c>vpr+zmi_j@)%=IMG$wkrG}%2%OJzG{MfokW@@@58
zGB-VLg<`J-aCk-X*e0j=fx-h*FqScsW$7)xbrR2=nUAO+00kh*5-wR?dY-8dyQ(CM
zUU)cfM3bS<J0y0)*Po~t3$8Mx*EJT(ZuVO77A@ZtOE!%|3-(2V&!0$j;O4uH)%t(@
zQ%0+ya>GBrtXg~)BjsYB)bM+8$NnGj>QrkahyKBjMz$aQfFKT_%>W3E0X+TTcP#WO
z_FM<{(+#DNm~U;*bht2H8a=*#=8J*bljIMuB6!_a%(jd4|9je_2umuRikFor3&;z+
z<n}j&xM5{Y>(gs07Qd!wGC?a1%H-neet7z$Ko8bYQTo0~njZTSAx)A`DJyGRDp%V<
zZ}ykU|9hHgFRVT!_tcC&%)kH=xU~w7h0&%wKQI0%*>Qv7NjUCX6f<lS1*(@%I!C^s
zd82&+2y*Gk2&_`Nlf_{D-b*=hXns*G{1=DWPN0LmWRQwKA~A?igOJ=y5x21nsd&Y!
z;H3znxLGm9`y+C}RK-fkac{R)rU8N(DNuO4QoUl{IWk<InVuo@s~6p`uDwAP)^~<p
z(x(?MujWHodzL$z5^ZM11d)H3ji`NbT6xn^qQix{JR!tOU&6!BmJ`NDL2xKpM<IhA
zlkE^iwhvH-VO}dGMfJKKD-PqhV(M9m?!kD{-iJR}o%XSu`=%g346EjkpF{xwsp3!H
z-FVrOXxMWGRUO0;UuH`RbYw?1+Puw^L9$S3RJ;ng#Doy^8No|_Spha_jt_bu&XR?H
z{>FkzrIInMyMKC~D6E=nn?T_bi#}L2oH(mV#J|lcRmN2jsrz~_1J^sO{^UJfo<n;S
z29$|+Z0`vh{H$e$t+8>962p<$(k^<j#*~kxA4ngCJd9DOwlJU}(0u!$Jw%lSf%e_n
zVbuHWiCNkvywHBJq5PlIzO?x!&X@FdQ~6Rzw(nHy*<!83G?2Qdp@c+6(&ST1%rN$V
zXNVN(<DiZ&+@Dr61tp+a`fl{}dM69eiZ7**{qC<K5Le6b@xFV<JfBW4!FOUmt#u!l
zYoXniLl8oi+e3=oA+715L6gG}mH2%bL%@68qipik3$?65O%fQ;IT9XUUhaysmm}cR
zb5s-d*+Nf7%w{wJ0DXL!Z}2T}arxE0j7P!P4Izmie7xo+?P1S8ICC&efP+FTS881-
zkb+6tI)Cwhm>Uu0K$WF>aqn3>BM5ycGS%+Zb-kj^HBMY_SPanNxWNT&^A!%Y*c_2+
zF0+PA#(>%BPbR~%<60;Xj(<M{iDimK6T;~e*mVq0V7)TuD8(3T0}huztiD9CKA_4J
zMq=x){7|S}W)WtIV1MF~_Fx7UQ$-Ngcc5TVHW?nH8D4k9&QieB3Gp~JmBAgyubEr@
zaU&G<1s?3&y|3zD%2bEnYqGYvb8}FT1#)z0W};=8341aVG2)U1@8qIoRAo2ke&ag!
z#{Be#D|oOtJl6neKnf0~yZhk+i<n=-1_!IE#BKYA0v)*FsXJo$P<23%4ufgdYrvKx
zi*zG7`>Ehd>D%8X8aKgVDHxCT630_}PkF<-r}&youKQW7D78XX^Xnl)5pik(qS>?m
zS^QUug!>;_a;}O~#b$+46nzq@UQbU<_tC6}kyUwbOeJyC$lVOfvyYb@u~OW_DrPb4
zM^HE^V9Towf*POmAd9aa4-)D*m{S*y$6HPNyK6VNV18sj)1Sx0dE_*D165UtnOD7^
zC+;jcNvACP_8x6DsS2lv+{y5fDV9%KdcI=En#5lsj}FW!OC$^l*;C>*zds<yq_W)F
z`ERJ;V3X@!c3$w;yL&z-A*vhE4(=+VFWCDHkXZY}qbjX`jM&Qd;!nF&t_1iGVS8=1
zWH)CG2Dpdp;X_Vb^xsMXzj;zyw}}rtpU<rgaWLFI+?-Q?Jo4nRfP=TqBN7<;4%|AO
zt|&H?$n1S-5C%!b)qh0V1NP87PM<rPm_qK~*5aEM`yRY^X8QM5KCnGRUUl9Le}sUh
zP7vTlVtx}sNq<#RAu$@ppG0DA{c*_1zK_p{ySH^*M_R>KDV$%0zOjCV+)+XRN(k(S
zDDGilMr^Eld^2T{X1FFEWWa~_R&rp3xZ2p)8yqM9ryB!h?J{o<p{e|BDBvYj*Sre)
z#hU<S0Z*Bbi$xi$4<GGTBd9&L5yNWD=u=OM?1i7Qh;9K^sc)v16Q9|Z{#PJ!>X|nZ
zw-n>)mj$_^z-lri>bV%EaU9JO3LI`#v=BZCgJeyIM(jenVmQDRK;u%+!QzL8?$lYH
zlqC_(;-!XE?<&KBY`Cq?(FTbQ&qqG5R(YWHQ7tP>TYK&{knV)#uj!-a;s|+G+4B!1
z`wME@KSp1lU;slgY(f*T?+6@xCwS&fB0&cG)<VeJ3OB(gcm#nSZl3zVZ`K;teMh_w
z!0%!PyA$qq6yE$9wsOr)jKWDQ3IKqX;Y!R*3!M>`B!z;(uz6>QoKl~ank{kaYv|dI
zOxn^UN!d9H5Ix*IyhDc_B&ZH<@Uz6D{r7d7)|CN{LLd;|h?^KlhwuvmF(8G1HKqY7
zH}RD(9doJK2L0X1`F5HofgeBcJYj13ozFmbz96^CxO}LgXgiS+W)+E9>ED9iY<_Rd
zf2mdsS5$n7FmF25ovUts#|*Phxu%RF0le-oqU{1PgBZ+e1%?@oy@#qs-37;&<eEBI
zPUjkIRk&|`b$cjSocsQyWR=_wL7)@(#0&PjTtg%lvSHBA7=R}Qj}xAsveLoKEa6+>
zqLQRzupV)?t>xHfusv8O-8uX+jMNR1&;oO`!P@~(kqCCM#p23H?}}l5R$Uzc1ny)?
z2CmI-yNk)bbNZ8F*;mQZ23DIj70+v~M|$={2~axA&t0vdkU3A0OBvhW!kH7eJ-OL8
z%loAq_|R7m70zbmekZ6IzGs*=`G^9{O@Ks-G#~(j3@F0hy6g>w@3j1tx^3TUcUIy1
z{x9|UE2jqD7n9E4X>|ccE$GB+K;`MMpq}0bbU$EFYWzs$VFV{0d#y$~dp9~;-IB=<
z|ILywSPHpE&-;Bk)kZCK;`guT0XmHnvHm(PE{_kD8=uc#@3x-$oOq<E87sDToX&YP
z9$shf?fLvzjxb)R#;71%!Moz!moYNDzc%+*A$iRK_k#C)46SUv#0;Irwl-v?j|x1v
zQl1^WyHcs53EAyGvqTw*e|7Y~cUYa3%kTTQs<sYabM}o#LyKAvTmOb~^>Kqu&G!a;
zOmm$bda#8+MBHaJa8nygrS~N<aU{5G@($7<v>;*aJLK^K;cf;j`qCqq<gYCabu&w@
zw|oVumO)TT@ZXgP8(|jNTZh>Fh>%uVQDKj$aWTR4K66<=xbp0q#6KEt3*90>;v1lO
zE6fxFG;=$=&E4+#YvbWM{?iY)(hXQ4syiTQzXewHFOjS;csL*jgQZpAL9wEQ(u<y7
zx#3L|c+P;lfj95+-eG4QL7nY4wX0Z;NW1@CG`k(?aqn+PABbO!!00zb?V0Z`T`)nq
z>=^k|aG#4$K71(<_ugCo>R0DBLMJCE_GGl&Ggf~SUwf0JnuZdXns(}7m;d3fy*->!
z!p+2>ohwN1Ds5C#c7Xqo>GQ;Y<l;r;bu2gAoG#xsg9E&H4NtN<M05XqEx7#|rfV{>
zI8rtxp~hZ}m;aS$l$sd6b@$~9h4gWvCTV@Fwz-_FZ(n@P02Uu(EL>jgH-A6wh-?XW
z9?CtOB+H2!A`@h#99<(&*OzZ(%>RBT>NQV(_ubKd<Un1y@Y!mJhp_B*m5Y)AznK#m
z;AzIv+n~%a_A|@JWI_==?;nw5T74qk7!mzqDb|S$$~BxQ1DBW)!$dY4SG3z$tfi6V
zb_|#NusFQv>5n5{#cnNdTWh{jAX5PD!t@mYBWFN)ruQpU2oGXpfvO#CF*Xid7cSr5
zr{H^Qs*DFH9dbw?T!Ab1a5kcQO>cn*R#p&l>~A+h6gAY59bXB6s*+0hex%AW8t(gu
z?_qVSYOr2AU2l8G){c03Y9fA14~gR>)RnW$Rhp<}T+)AseuqNIkxmnYMLvE!ciThO
zw0+W3ld<e_VE9m|?V#6B`bbqcM&;+LcuQ7Npe6!{ktrdBMv`zaJ$Adp`n!$V!)_#M
zzC3l%w%X#C!cf(B^kR)>oaUwOcp|_GW2c1a(k~H&F>aUbr*(GTX{<6sl#eMTH?kGC
zxa}qPx!Tmf_8i|tThmosuZiV;aJe6!-H-&igTYjWN)z~B;6i6zPzL<LM3NbCZ$x?i
z)>tm{?#TGx2|s@~jzAGWw3e<0=75CSh;C?+JQm*wB}$r37&e>wYl*S5lc+p(sw=km
zq@ch7VLrPMwUIlfzb5LE%!G+jzzpF~{~=rtzS2w>3Ohdgg;28`v6h~z-|?TTsU^RB
zYw~UVLzoQQ^*0%2gT0F#gL-6vJ;c0q$$oQt9-+}>F*Y|HbBlX==k_#@d=*p@)pZls
zjwrncC|Kr+!EsUR$_OYu9=Vv8)%C%4wWFKU&O2xy0~ZC^vB&-m8HsD#7Nw-Wa?izb
zDPukW6OqS!J9HD5M$-~Ji5aw!4m>gE`wDKTB1<=y5^i|+j8{ndvQE#}T{+<Oo2#0q
z2H#l$YZFXjuMs~hvIQad+*-nQ=l<?o6Wr^IXw4NyhN7fACqhb`PidskOymniYI}e)
z3d81%B8Gwj8Iow!)qtIm9d0pr`$6DI;}rU2sO;?I&E4utwA9Vttz>%cl!^9Y9a`tY
zv@R|n5e>(|s*>@b7m>sgK9y8HPG*tDLO1D~6Z)%oS*iKGJo)=aHfw6M$#~Juz|5%O
zE&)cE7i-+%hFEIJVlWBi!UF%ud0RUePHz?@uP#gntseJ=9C){!Kk8_?Mzj#bJ{31M
z`_Qf45d6=@`LHQKrt&SRD;@NC>l>Y>M^Su@eDUkk^W`tR3}~|^MbN)~&Pe!PQC=v=
z+-p=_*Oq4yM<Lns@nIq@kOwFf;`dP)MxI_94$CDBwEyMRbgGtBZDAASD12SzoRjv(
zZIO-8ZDqyv;f{$U|K4+b07DJ^V=lr91F%VlLFwWo&wL#49+?Ho?W*^7A8>p*TXG_C
z+XbnVfXJRTaTRCGNi`-;_b~&D;4bl>@X))DDe`V{lvk%CbCHV2qPUgM*YqrWD<6s}
zRyRL=4}QnK`}c_~HK0)VQ%M&ccMl`9gpKB}=q#ljr0o&r#{FhH60B+<@R_fH&0N9B
z^R{`irvDRwJsBedd|%vHV=(1{`2=u=jWt|xXDdP8&GGx17sDeiJhXRn&tFop-1gvq
zv#pmK561j_s0pBmA-4C>_5HYoW$&wj3xc7lEauC%L6bud+gz?K=OjW17_>a!YvAq?
zKq#Ft?_ly~h|zxpuDRU|aC&!qlZeo*s(8Y-+l}U?Tky<mg79iH)OTjXDXpgWHAy<o
zcS>uCzInEV*&a{DzgAG?t34in0M*T-Sc1Z|Gw&QCM&(StB~dXqd5ph%_JjJ_Nv+MJ
zXU%~u3!RlL#UtJY?LJQ`C~`%_k^D&XI88MHUf24Me*d$%D!wk(5O20r-fSudao1Ww
zX4#ntxquzP3nf+mg*tk8(*;AFD=-SSkA=oRDPRjbbUeL}maZAoEH>iKW`lD#KXf>Y
z$=3T3)fTWx_;;}47Zkuu-0;*fn5Q4}`4EC|yxhp`J55?@mE~Xaf^9`_=KBmkKIkn7
zD{|R<eu;bkh9dv7z+2Dp2#)&pJ_zRL&T|$PdMmgD7%&%pkZ*JOuT7aiec_d@p~YY%
zN0ZlgUMA<i3X85f5ExG6w<S@S2{NBY&D1U!^%{k_P;4c@Gal*g6PsKf>1ZPIsW7D<
z><N76WOeuU(yhsf%fOSPBRu<s5D~!D&OFP8CxK#9KwtqT$=TTLGS!+K{%M!N|M{SL
za-YQx`u6#2iFqM-Z)<%uhd8F3^Dl-GO$fWcMr<EsIMwhw!}zMJ*l<ZL&+IL}SKSf^
zm<$W1^o8F}M=>k=>$!>hiVy<qjL->wwjn|Y2SJ<9M-uQ`YTW&TD&7!k?hQ@;$cdKP
zdlu6(W#e|F{`MLs&-{N5q6u^mm<Fp}yoHcK6UWQ1N>_g;ZAvN!?yJn=o<e5xWMb^R
z%`4LPS>MyXRm^|#_hs#|gKRTj389UZHD+=K${dLaj9#AaW^S_CcjPtKO^bS+U;e^?
zKUTDHVs%#|R&Y81zgUW(c!-e2NgQ)9`~-mY1C_WIO91b<&f_dxYd-GwY7eabc4t2c
zngRqf1y;V(y<LrFcDj?hx@cjMCh<>{5E%h*BGI4vaX&tgJZo&DRb#AF)3;joWBL2a
zZn<(;9BtFBo-F~&%NOvF9JD}E_P%{$L~tMkw~41Qp=A|s-a2Kzsk$zXZ#q2TNY}}!
zFp~qQV>qss-Y1{^(8|=IHVk>;l)qa4b&VpE0gCg@e6DJhN)1Pv@zlsO4yEBVSMeQN
zyjU1EMijqFlJ?sOH=RfNo%K%^rgt6KzuM~S|5WppW$Mstnk<S8{$!9wn;4JA?0we8
z2v+9SLR9wjg+n#kOk>6W8aw?rSfIn3fTF{b;Qao7Eg80nxNtlGg%9f=xr1<k!?~=`
zpQ761>8fr1fp=?G{3lV?T=9mI(Nwb7{jOsY*XD9oKGSY0+K=xOG5m<p%xD%4gzFuG
zvw<urw(#4tF`KjG5vOlXjr=J7G<nKK-RR|C^PBrqT6y2J@6m*`KM41|x2}RASHN5`
zLB?KV7Ct~vm|u0LejyROy_ku<l6`cSf@E`~x5~NwPC4z=Qh(_#_kRS(obZD%jI%gO
z+Zx|LKM4vUM5DK3YS=p$o3<Ye<(S69ye~Mvh4e}Boy8U>SfJe%Ty%GpU)$0RrO*ud
zY7HrP+x(pB`#OMDKY`KQ{`fk8XfaO-kUg;)?~$K7T;k7`Tzqe@oh!=rrnQl`@3Y#*
zYiU-cmi0hZ>Q&#IqTINM+?PLD;-2$`_F{xqd>$RQS{<osv=j9D@^h6SZ~kK+AX;oa
zVA*?N`o@cAJ89TI`dU+sBQj^NVdZ9zg)eXYE%({TYu^{81vw-mXJTBCc$*S+VtK%W
z1>8ae&!0PVkju4a{U)=x5G_3XJp$;(%oAqr_trQow2nl*&D&fp1DAN9P}LR)C<GUd
zO?fyVX895Ek(_|u;%%`{!-}JWi)H5+c+|&1pPO!5l}Dv?C)iBX4?`v&I@%46;&aa+
z5dMS%xdqSR65h+iyXPnT*-l%U)~i3I1mi+{Z{SL?94qtI+3in=ge;HjhI|)@9z0_m
zMq(?%F@E&<Ok=|O*i&=a(7+EVO?!3vmS^h$PEC8!Y)#TOhFWQ@mk&z1zwb_b3%M&R
zuX+!;L;mMAhRq4DX|pRwV)l1VQ}6ow98R}SUdW@4cM8y-&H$4K9yJDNEK<V&dSj>-
zJiO$${x;^ECoIldbEoGUH)3;_-z<*QvwqJ0+YL@pG}&OekOab>b3Z)bhQZ~r%c+p7
zx33>V`2Gd??(}i?DFM~4U8}@Ie_ZiC!l8n2sH!RCQc&=`<O8&uO#tL~m+U|K--O(p
zSsanlBso_$Q+K^kGQ?&iMhz+`)ZSatR+H<<PRzzA)VwY>myJuf3B-^0=ph?rri~(o
zPkZ81V*$47d#<w~!9Z1q7fW1Ez}bt^Z`BSiJPm~_F2-vau0nT(gjVda)<{f*xw7uP
zrKj6K#}(>InNWmf4}0j+5IM)6<BZ|42ra>2cq%czE@qR=T#uH<So7oqHqjM5w_jw2
zn@*#<$1QKRij<c!T2{iC0Rsd|#r9nUkZKS1xh(+mU^Hju53l<PLGd4!rCEYL)Hu2!
zlP-C72>|B^{ErZ*HUz3}!(_-wnvym%DHXG6?({DGW^(?sgzWc`>&2|>f2@tu%_<gY
zZRV6cHf!IwBEV!z`vXLBAs9d80ISL5^f&7LdOv;jc21q|p|92%<M16y!EFLuB>oCH
zR46PIfkXp0=f`5%5>!<tIpATj?n#GN$*l|jFn@OT5lT*5rL49;WOpB_0tZ6_e<Y|<
z^?O1nO73cd9K=po3e%4yBn8a7x&@fzEe4LYtrSSXK)RG&{^3w505J<n!-sS)L#EIe
z02aiiDE<FRy6(89`RAXcX=zI-VQ)wgWC~@;6hZ|>MW_gZ$|wqokH}u~fQB*^1VmJn
zVI2?P0(=x@sb#3B$Z!BMqzna7hTy=5^{c;c{!d=X-R17y@4L_4%Iol~tf$TDY6|N{
zuAk2yKE5nic&o5dB+*CCA$7)2zDPY#<7fjzEomZdN+lXBV4X&%@T(11rwZc&d%~qN
zyHwM?b&Zy0$Df5yzD6F0ZK(y*&cK#ZM1>B^d&#(?CueK5$NKiXbrl`M);T{pzmo2^
zDvcz1Zu-_KP9K@^wM{<_ZEM%I+Npf?N6Og;!OMNF!Agsdb<b668Zf-WMF^Q9;K^<}
z&-<Sj#J`$6%ajb54dGQPX744tKm3cl4>pxkw;UW03h0rz5IZagdl&CM+i~*Q(XAh@
z`$ZcXJN)gJGJXB+1BIA-W72gmx*6<PzmuB0+S_VsgLSaU!7=sU8+<2Kn+QYwIpZH5
z!Fr_qb&6GaTaEkxulW;4zKf@a8Wl-HEz^b0SADg?zq5T<hk}qVp+~T2k9*yyq4d^;
z#hJ&M4-dw_tERX7+MAGS?}#8uh?75OuG=j4S<`!kTYi>y5icQgzlr9D{lEOjyIzh$
zc>~e(D=ZZo&45x>2Ge$EAvkGt(L#cb`e-^=s^uCQ2d_TYNti#~6MlVh>owoiSn+DX
z=D!WXoF6{^xDfzU*;^d!-FI%A?X-v>+*(UXdqm1R!S#OUUR998i4#o9-O_O2N5yp|
ztQ<K3x-O0B@9A4yGp}+^zWMT*^Rt_Wj*0y3@@ugn`ue!x>W7RWYmeCDZJ?m^z}8Cj
zXs9)Dy{n*Z<FS1}_I;XQ;dzX3e|Apamjjj^)61TlW=~CpjwbZX-urT;dw{FNdm}Ns
zklpo#-1>9HrZsj_rlE09ang&Az6$FYg=$YKgS}InpH3Ox@!A)c7%D0R2I!vn&0_bJ
zc7)4$1-Iu(SeuRZZHR`*8@4KF@kU%}p~YVt)mDBS4zh^>HPh26#!qJ_mCCASoG*1m
z*N%`TE?V<gzxy`PGAtl<gY-*l&>1RIbAM^{k3D+l7n`Q(%2wge4;@l^CHL*?<DwQ%
zHS3gZp47C(C4KeP+A(5lvC$d>2i*gr&J2tW1u>FJGm{sthEBCqY$z*MVRU}5#5em|
zrK#V%_ga1C^~1M&pP2+O$9``~CkEqyRQU~VYJ&V3=NeB6p;KD7AU>}#K_cf-9JFx_
zQR{JIQsa)`<E0X-<F%!N=MSWvVh7g8R$PjE`t4F#8jw&d|2_<OQtG_Pf-~voo=VW}
z;IwfEsw>6r8av+Fvm@t5k@fSWCvFtihjBoqS&XFN*=M@$CT{%IO4%mp+CH1cyYV9)
z)kUVQ-_Az*X7AZscl#i$r*uH@Noi8xX3Ob+0@}<zT#h^N%Tf9b^B5eq@zwMSkjujK
z|6qrz#R<*t-d`Ip?v>@ZY_FE8od5Rb{OqZj>1Sb=9YXmVQW2C0mGH0cL^9UWTK)V^
zfCu;dH`}#t8{6dOi~k;Y>KZBA9HaRCZuk9a`%X=L-DfhOMf9D`4F?t$)|;`eA&|`l
zIc7G(51(S#89fcVR;wmLf8alO@@Rpl=l<xR*R4U|Q2g8x<-ZgJp*0@$pz;R0`4Bu1
z$*9ufNt2|3#*dew$r}pmD||UW`u}LJxwtHR=uCQNyk+IYoquw9j@LECH7x-DQ<;4y
zxckIGIO$&^2y}k1KIt=4^lap)$(@8l#b?_Bp5o>|i=V_Ei)-qMc{@s){n@t@sS=0i
z%|NV@<^AH|&(8*x<o5YaIqMlm)gFiYFCA*xXn5&k_OF{g3*{_AWSxa1(B>!n^P?Ci
zrC>x6x{6>&gx#btY16je>c?X8Do=0gO&Z<p`|2F{aJji=X81wa<yiMece*D@ElO~T
zKUO~ILZ!ieU)UuKJBuvqP(SW1`-KBp!|wBe3CpJw7ry;n+<8%|=pxviQoQFh<xk2x
zD9juF*@X&6+<w^5m0DU#zqQ*)Ji6zV@xE>6w$fH--mQrnzP;=9FaK9!g1BEBhJUG#
zpqy7SY%zkOyPlwaL%&hVDf3rP{&kEzWxD#CMX?)7RQ3CN49Kn)uU&VsqH*Ij$u*zP
z7U#hQEIfGTbu}e9NX(27HvJm$JszvC5jHyVr8*tHX!w2P!_*A#cnut{Wv3H@<zf8o
z@|`1e=lTKGiOUbKs;PablQuDReLpy8owd2-aLZ6b95u1|$-VlLKI%uIvEe>sLH(*^
z$K@v1<z~mPy*+77o#?LHUc4jU@`QnGYPCTwRCPu+sKN4L;O#%4WcvSEiySB4uP;Z_
z>U3}U8o6f93+X9kyEmu)elXMQN^kXA(Lr0fB4$-c<#cF4t}$E@YP}-qL)Om6A8sGC
zh*^R{9)62&tM^^jP9i)r5ER;3WF+kVbZHz{;)_Bh*rAGKtjHVu!Q{PG;m|Aw2hwwb
zcV9{Hnw|{;?fSwMe{JZ>*m*uptaS^OVsN6K38b9NZJXswLvJzQSES%@QDJ@Bx6B6}
z{w`)=^J4S)+m%gCi=O#ys8iDF7m+dTRUIFRF-Rrm0nl?C+>K7C8C+Srv*lB?SgSUE
z<SE{rxg0lpoe=l+-2qxwo#mpCuxHenXnB;7wHpz^2d4dBYYgrLWp}tHA5Ak?wC?=S
zox1mYM{{)K0jF9p3w+$0NX=ROF75C0O}h?MM>)DXm~@l}l1x7%hDcGc0>Ajn_|-=h
zn<g7lS(M6|BTswo&pa!6lbAB2KbZH`7Iua6S=b1J*Mg7UCX7<JCSlDZdjd=pE_+ta
z&&dQYw(p%#ZaqA4XLk%ioe1gB3Zg``L&u#?`}1Ov*ihe--se^q_W^bBX|ogar{ZQ)
z*G7rS?(6G!F=u#kJtBZz#}f+QrkL$W!#jPpv#^PG5$gy3+6X<|DAay`+RC)=z`a}a
z$b+7dwctOJ%_fz~EiY$$k)T}D8gT4jS%;XDJ%4Acf&@3|aCLD!_fxz7EuUS<AGaN@
zb@9>8uNvnl-9Ivve#t!MD%<$?%C$lhbv5+++56!lc%RfeW?&c<)F6|IMg)Yd4T^O9
z+}C40&Rnh29jK}~H?UWj7MxmC{aY?M@S9V+)l;TEj}8YYMhdqi8_IWz!~BB&?$_Ny
zYw+2snAF_6pnI{yY^1-#?DE4<cjDP=VTj4;G7!sWV3QxsC?G>?gbR3daK|rXE%#cx
z^Rp9=1cgpDoeb=`8Z+I7nWKK%BQq=E;y+8KJvupGA_#6st_UbofjMxnon6I*qxu&M
z8|%*gNE&+E8YEFUWtn3)w4!?K=vU*pwcO>B&x=J&{~mNU0YF|OH+-HLq~a4SfE~cU
z(|xRAy{((z>64zTb$!RL@#{~mi<^DFMmuG_+qprY;$Z9U@fsW#j!~yFd9q}A{LJ{`
z?C`5hw)MeHwcFVHEc&}MA1|+fHcKydN1cE2pGvPyVMmj_{R8yt$e%w}0}d;3tx}eo
zg8*^D8pnoXRRj@wHOGF?S^vhR%&*s~u+_5?OHZ0ZN4&?Gcc}3Lz{4%vc#JP~EY#h+
zM#wt0H{mvjx5B#1HwvD0_sec?YkdxU|CuBB?U^&WqNR9e#@p^>)^_XtEskco?{bz}
zsq4cjE5aG3WI=hRXe2SL9=ymvfeLwokc#_u_d#J-_v;gZVv*sAN5pIZ!x@XT<MC4i
z3woP<oHk(zYm{V#=Vp6jh(&3j5gPPYJ@@v_$*S^W^iA`Q4L^MKrjJLd`S!hOtd957
z=c9wyQcF5OCsVi+)^tPo%Qg;*d&E;En}sr6`uggwHcgyS_;Td9upik#T*l(kX(8~9
z^}=A-rcv@L88T?bbsA~M{N^3gD%!z;UZ#k+-J6WZtHV0p6Dl5kznzCs1$DIr`mL3>
zL(DE;HWf5r;h;Gl<|m|SufJFbSf1x%ZG*T|GHxqB>;6ttk|~&x^j=P@@G5w2n3}wh
zk<fXrIqLBJr2%|g*nHxrmv8iOJa>L!`Qg{H>vk#cZp`T@41YWT%(FtoM9)h+B_n*U
zQsIfoT@~gZ+fxQz=k8wj8r%{JD`f`8=Nl7lHd-i+%#N>LzB?CWowGa|-ks|9OQ$|n
zZS=9ou*!{vwtyA`LBrT)&qr6iZYN~tJ+xtN#P}~<o)x6)t<lu8YD=ixkeZ@>!de2b
zfQ?ddsyLenr@TFM<rFOqV3&x*l~6kFeyb#Eo6%)Nh5Z|&_47E;B_4*rOaHtXwRA%6
zXAsXgS}dGw@#pke%TmzUbf|bE5{<Eb`<%39&JM^d?#<S>^`(My!abebUA1cnTqWeS
z^?aPtu}jP35NyF?#~`4}x$ymK#zQupRsch)v7<ain7i0nf<*^lShXGxB1P2_N|Sh!
z(lta<W9*hwrty7~=gGDg7VIo5RD)hK&}-?6bkMzvhhekFHf@B2*e6F@vM2=LY3cKc
zF*`_LVFi}Y;gb*tC7N5~`ZeF-KM^=@;trFHW{5=6AfPc9&ruRkdagA%e+=Qry>}TC
z>4iXkLL92g1j<EagcTJgGs95%n!4*y#DLggDhMArKxN>aoR^=73$}74s_V@(IQ?S0
zI?DkkIR?W1NR6ZJG02f(E%;-#);wi$ur3p%yJ2B1pE^g6j-|wVzHL7g%m7H6$?VXY
z$p*mJoWEw*dkJ%VmPRx}{ZZa?88%FKF$k_Jjz7=im$}GPKa0Hi;<R*3;)nqSkS6nb
zJHk`&EgQC!<q?`S-^Dp$CzOD4HJz{@3fVK2nsx$RavXPE3YiS6X^BC7KEetVUjwP3
z5*g97cSi4Z{_&BESmd^g1I8QlMiIdp=D!H~j(434++dd{0esG%=V7Vl3Wz{Vbizei
znh5rVyPb}@U4gsEmnT$D6YO)V91<iG4?X-YJ=8H4Y<VN276fe<7g$(9%Z{nQ<Tdcx
z6jq=wz%l$I8Nv0LYyT=FuC+J$4aVDJkM#tSw23GY3mmIGuvvw6FZ#)wbz>_56(<T>
zwjXFbF0Mj&QT!FVQ=+}bRVUma`@bq?El*$J`P+u?SzjiTFP#cArjC}cAFZ*HWk2o|
zMFEvji<ED#K0c|i-M@B$Ve(%{){MpKL;0yV*`L84rmq>%{tadOuH8Jab@F9Y5k9}P
z$Msx@3wguPe7p0Jg%L5Z%?d_7HZfu5+`P=8PJ*Hx>qxoT`S@5pF0jn}q)x`@a6#))
zg^$1M=!8-nKfMy*qV0xdl=3s}9?YG<_sP(;SG!Urps_IwT`Qb>y*Sw_2E1KM@l7mg
zX>O4s9-Y(-+W=9L&vu}NdVEh2TjXcc`y6X`Btc}X0!3{(uilqsY`HiWx>9m;Xh{p&
z%HW@pfIRK7_v}W&a?554&^|`WRXqcf!#;}C(4p`9o7aqAsfE(~v4yBo9EGXm<1wyP
zc~sH1-#0!6z-@=fz=)A^Cj{pP^z1h0G(3872ClSy^NlqML4g&xR-CMhCn`;{iN38Y
zLn<OdTot}|x8FO~gyXf6>7k!Rw{S~Q5I&uk3}Ay~(BqAW6ax^DDGsm1W{;*ZeqDOJ
zLxKqA?DV7I*!$_FVUXd8es|aP0qI+0ZP%$G<!6joMf^h+PN{uuw`Yfp<od3<K_I?z
zDA|k!a03406ub~cVhH6X8!tu@fW7{pu3*b=@Fa%6kwE|}9Z$XmZ6Zb_NaRcO+zATo
z59Ou(x8|vpP*_bzf@Bcv^d30|u8yXiAqbI$@4~S$*j_XQxcw9G^TNwMj=Bm@fI~$+
z9!562CK)z`AUg;iLaRU`bn?<Cg4Kb5@@TsV)8TLc!ld-75y2>_#mEp~OGz??luvvU
z)bJx)hpZhz)NRJeSp_j7QDBm?^u!w<@QGa4wHkXuWGNy6WB_p3cdy?luCA_#qO)rR
zt)hT_8XQ~?t^`3|bkW=aRYw$yU!kV#Y?3KY&<gy*fk@5}cu9m4x?)FM14v3eJ?PS-
z@vLX@tvI;9lBT&>)EsYa<%}>d%H^7x0~wf?VDf?Su`Cy)0OE#+5xvtv3d*Ju4Y)}z
z;CJ;sp$}%_+8;~&D*|em<4KVddCzMh3l%EM&^^%!Z3+R>MXze<3yjHGtNRsU4Il6>
zQ`l~l&q}glR*90o$pyqt!&d=ZIIwWy(58e6fX|LVqs!5pnj6kYRKFNGRMv+Cx=6E0
zkgm6oJ;EMXqk!@Ylhqa*JPO0S+3CJ4mxgg23Mh3vd(s=k-!}l0?8cj?9>34U3qt@@
zS{Ajl+KHkQ6k$B1dg701>zJHZDu{dBx@K@p!?t*_LuQrbbEuZ7XPpWN{e`;nA65*A
z&x6aR?7P=}kRY7HI3s&#^$^a^z;tNjT7uO-&Jxnvx35@<W2p|ckc9rzgKen~{I;Y4
zTOaR=jzHhiW#D}iB-m!-ka}D*WZPkO@2@L6dlg}DZw0<Xp8c6l=B91YW<sPG8$8Z&
z`NEm9_OAGnEvdj?k9P^3)$*}CP3)a^l6DPPgg#Y~4U>l3v}jv1t_D2979>gsz`bmg
zLfTZ<b6o^U)%{dzntUP!KV*23N+!!NqK|^zEU3K}wC#{!Tb#)4N6`%toGUj-{wULr
zFCmZG9ei^|^Zitg!&ASDzbjXEG3|g11z1Sh65Wwd{;4tS-BA#08323{UK(-f@Fxv&
zn2NzyiqI0_%H0H7zM7_X_h|rf<nZ+@4&A?WHEW}u#WO<-VTIi|{7S?1^?8KrKe$hF
zabYn=qyT!ct3-{1z!kQ~L$;r7ld2k~YNvp<v3zNy*KPZDpJTpYrZuxFs90O8`%9K0
z%yw*via^Vhcs3e<_5~B{ypli<I51Bbfgwnn*C-Q4AT=dnRoSPx5CP|GM|b8SFmM*Z
zb4yBX;H-xi^RFj+umF!2rWzu78=?FY$rbCTv+F=uZWGzpVvdkvkG)ieB2b=&4LU{D
zmfqufMc-!{pB*+}C6%N9geR4Ey1KXolOMif*I!Tv-qwEhQDI;bBJUWW%3(@Nr<ec+
zbK+GiEa3o*v*Z<$C`l8~uZ7NW_`lfUU7sRFqyc+<9(KO-sL?}%U-yd=a&{771jgR~
z2ihRasX%EL`uA{xH;n>FME$8LK0CVU3>x;sry%N9*DOCkKKDqCM-whQ?M{N%Uq(YV
z%$T}xCRYwD#48TJaw_L%*v6$@Umqao%3|9{9aq>rD}HO==d6FFjt@44+J2;j+h}FS
z8}~hWYdx{5wRRR{X20~eF_Vt_u%s!Xs^<<DE?io;{(fPxS=!8v8))>n`GWg}dsjcU
z5ATJ~Y_O1d6Cj#6yO_K4K}0dA#Tn_)O{YLsc?7*4RGk5S2>}{q=BB0`Q9Hc8?4YqL
z_F4vz9v5x>Ao^n(c*S6kNy16jwf15IMag47#~dFhZ;29aeGEKqTr9_&GBijN7NAaE
zEm0P3qW<C!?m&Rj6jBWbGj_%6$%mxbMTR_i(hDnS6348iwZUX*WW-?B|H;RNl(nhA
zI0N6GkG~ATSAF1xPxLSe*u4gl%>3<C4;i0GKI6~dIdJ7DHIr>}AxB1={6@?*I!Q<0
zOD6jHNaPYrY8_erZ%q$z;c^IBBg@XmB&#&4`o90=WsyU9Bxv-R=%L!f49M|{&mD5~
z-NoI>(Ej2?g``ZXO;vA^mDXC*t|TB&i7y7aoAY=1;+xFz!*l2jCFIypZ8P*pERG5V
zJ`+tB$>-r~<vRs*;fkK^+HC!zU1fkvSd;qQ$k)nGn!4#A+w3rBwrszaW#^C>Q%(}l
zvCp;j4qH-tCw!On`WXDLutWcro`539P*G=+2v#_DdmBGTUN((Xx)a!(5-8sYmTT|v
zcXg3~bIa(Z-~YREMh<9AgDv7m$8v!?pyw3Hxi+f8F`gkSi-2Ix{A=fA;RDe^)ABaC
z*(C7UKoa}xuF&DkAFC=C%&`Y(eD*sn=w2h!5=I*$R8%0A&bi*5(I%E*eeWbvHydd1
zzmVcu=$6qnyhL*V5fhyqu;$i0rNRjujM-bsmz&*!Ms=zn5tO&y=`}4oQ`V^a{Oa8#
zUeJ9t^848@<Tt-b)CDhv%Zc@!KM3v{F)X=4(~vLxc2!CC6bYEzM9r@Shf%(a?CjKa
zM+A0yx2vl^@O1?)D_>Bax%KpG8l1+%d{*sz<a(p`oz~IWET_27)j}E)^pcbCf4x%x
zdbrUfDfg1n=ET%9@F*S1u7U3RbN&_mhe$F7k_c>G+3KZ~ugB-_Cr_J<EyNcpBS6c+
z6adXtwm4$PazZT(fvQ5ZyjcwG_O#H)5;q4px@{nn>mk+9yOKNQGb9nX`n&2;k(<z%
zg5|cp)gCf%lEJU_=L(|?POb%8zJ}fm!KKL=pG0~I;4x23<4>e7Af0h@)JXyTV)-zl
zZJW-NFPPe0w!9kDZ7Qd094<_2SrI&C*gb||GxE>oE-{pgpI*YXxtOvy=)+{HkfXNb
zfTEWI$PW8I@}p|ilVijCLM%y5Y*RTD$ZLknYQVJz=`<YR_7*5<^7_R9zYVQI6tgn-
z8@!L<H@k-`@G{<qZhwqIm#50fr$Gj<a=OU4`#@@J2Qkyxi?9!YXkt<twcw38$YKDv
zOW`Jj;Ex!|4(6PuK}sy)3K43oF0F_D9R|;Huv&9A9qwx)p5x)Vw370?Ydp@|MRw4I
zF>XKO<Y2HOl-t_?SWJ?_Ds=!aaZz@HY>z$eEBbyG*Y(5<Y1+-;P*{@AWfK~4t24O6
z@ua8)Q!8@>!e4B^e3VR1G|Sf%aa-(3LvhsjP8gxJBX?e9H0nT&B(WL?_~uWl^vN}2
z)bez2yM^#Qq<)xca$+_C+7jBXf&R}A5Viw|?(e4z&R0LVGXz3>=)mZ6vvfF5m_l7!
z0_ss@PBr&$ALHSqnkIa`a)G<+r^w%H9W9|P$8HciGrba3v`#DUm=oIw>~LyDu%J#4
zXW=1Uh5s4oE_qW3QYTC*gP>9c-WgaUMtBpBi6b=tQG%Q7&bvKS<lQM(DF^XFnox^8
z<%usO3*^tO$U%uHb$yf!dDs5BLjV;#`2fuUBroy!y2vcm@nY|Jc<%Y{jucrE_(qX@
z`7C^W-@g4R08*U`ycZKliyt+||D&1JgF7qynlnHxd;Ti5O}HLUs0wSL2uivc@wd3$
zbsBY_$+(7>qRcr$X-knxp&s^;4E}M|LM}i<HM<71!Z6((oomU!(ox8u7P{e&m07c=
z#e-Pf7aW0xbh%_z4Qr!tjuQA1tfzpND|1ec@pVG*myD$HI#Bu5b+#9pjSBMg1WZ~`
zxX4m2|Bc@M(-ER0hWX)x5sh`Ds&LlwmrW5o3mCB42>l!Ykc~!=2_>Qy)FHRlKwatJ
z!)ctDgA-^Y1I;ex)wy3E$l~)z*efw+p)%QNoCwf0$&+D(r@zLd2;Y+d*DL6h`~wWT
zt;hGfi6{KAJw3#0Bc!J4G>pm|z1Wp^^+^#C1*+^=SYQN-UXl}hA%*pR-6{o()q=`@
zJc$4T+a2t&un8U&>71aFZ~eoVqFRU$KH+?EN)`(w3ej&yHD3xqdFOQqphHq#B!RY8
z#3h^%oC2#0oyi%v)(G=EhI{-$&#h@9c@SakAJp&F2w9;EAJV0zO>N=*ha_u-;hqHM
zpKsk1fnM&quPT}GSV`b;3_paRc#&~qmKe=Jg<SN6i`Y|lXy+{LUwSgY<81?Q3wXg?
zJbz1&zJ`c8odHhXbrX;P>H!I712T_Ba`Xn@r^Y$#+Ax+5K1u*Rn7n?KDgtcpC6Ja6
z3*zNcH~F_;BZpcV`CoQXvDxnI?L>D!E602y#zrIyYCNo1kYorpal2DVR&ddw)gH->
zA>JFK2zAle+u><F$mCGT&MbRG-T|h&f%oI|cFP0o)KshQZH*F;_faq<ZI7c9)+;6u
z`%`Oo7!W-bf+^dhS1NFM+CoFD3&B2P8|R)@A!^}dp4S>_1=uvPWTej`fa4mNf7;=I
zi3SpD&Iib0hJ(5UX!sc=2@CKBWthB|DpfGteHn*DdUW$y+%E?*toCYX>Fal=QQQWB
z>@lpDN=Y%TI~_xav&YT#`5@$ZKIDgV`!ltgn@>|3J7+eh>LK>>VX9<Z`^I~bdp!L9
zS~VgPds2%DfW_C?vk0HzY>Y5}R-S4A__eUTW(a^O8Ed;8R5ceUk|zr7`0L3)OcNo+
zSh^W_cpu!X^PFf(fo;bFWZJ*v_suE3dY(io+-EQh)R4fU=m;SW3q$SM?P6pSSR4YV
zk;$*r1Wa<dFh$l@zf2=C1*O&;QF2B|(wQ)xq+)=%q1(P-3E(>mw_7}n;|Rm};vcQ#
z(kNaL1a3!wx;`KxMf{PBlk>WKlCJS_9h7;SZ@<6oDpiCu;}I`fx>PV)Oc)##hL--L
zAU+7&3%j5{pJUEyjU8$eXNp1imD2>F9>`ga5+r9ZY5RFJH90EzZIP($OR!Lw{6F4m
z4|wRu%|RR^4fbW{VYpG~-s#EM`$g>Vsk12}_k>+o{s8-oIY)`?&F-&y{~4M*&*dhQ
z(iCH_Hbw9y5ujCEDu1%NyiF7rw*Huz^R8e{8kABL8`wav!2go({7e@zW1g3BZSAb9
z?K=8S8Fg0vas)t#gTn~k+vv2J`~opbem(g1`5uiy{G?sIysVIAKjMj*)5>E+ERrxK
r>6(fwS@RuG&xqsvYab-)!_+Dv*Uq~Cm;zf25MEmxT^uS{9Pa-C_>(L^

literal 0
HcmV?d00001


From 3531544f3ed341643beded804e79a6163001dfa8 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:38:18 +0100
Subject: [PATCH 35/54] Update kuzzle.yaml with Logo

---
 templates/compose/kuzzle.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/kuzzle.yaml b/templates/compose/kuzzle.yaml
index f0ceaee68..a195cc600 100644
--- a/templates/compose/kuzzle.yaml
+++ b/templates/compose/kuzzle.yaml
@@ -1,6 +1,7 @@
 # documentation: https://kuzzle.io
 # slogan: Kuzzle is a generic backend offering the basic building blocks common to every application.
 # tags: backend, api, realtime, websocket, mqtt, rest, sdk, iot, geofencing, low-code
+# logo: svgs/kuzzle.png
 # port: 7512
 
 services:

From a10c1abf560a10c794ec14d4f1a4d4bddd523f07 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:38:57 +0100
Subject: [PATCH 36/54] Update pairdrop.yaml with Logo

---
 templates/compose/pairdrop.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/pairdrop.yaml b/templates/compose/pairdrop.yaml
index 44bac7000..3e71e8b84 100644
--- a/templates/compose/pairdrop.yaml
+++ b/templates/compose/pairdrop.yaml
@@ -1,6 +1,7 @@
 # documentation: https://pairdrop.net/
 # slogan: Pairdrop is a self-hosted file sharing and collaboration platform, offering secure file sharing and collaboration capabilities for efficient teamwork.
 # tags: file, sharing, collaboration, teamwork
+# logo: svgs/pairdrop.png
 # port: 3000
 
 services:

From de7f343ec9db0d4e7edc35ad63ea4fa178613dff Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:39:58 +0100
Subject: [PATCH 37/54] Update invoice-ninja.yaml with Logo

---
 templates/compose/invoice-ninja.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/invoice-ninja.yaml b/templates/compose/invoice-ninja.yaml
index 9a767126b..beb05d983 100644
--- a/templates/compose/invoice-ninja.yaml
+++ b/templates/compose/invoice-ninja.yaml
@@ -1,6 +1,7 @@
 # documentation: https://invoiceninja.github.io/selfhost.html
 # slogan: The leading open-source invoicing platform
 # tags: invoicing, billing, accounting, finance, self-hosted
+# logo: svgs/invoiceninja.png
 # port: 9000
 
 services:

From 951a2fd003d7e34b2e35a4430b116d9f4ee3a36d Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:44:05 +0100
Subject: [PATCH 38/54] Upload penpot.svg and whoogle.png

---
 public/svgs/penpot.svg  |   3 +++
 public/svgs/whoogle.png | Bin 0 -> 24077 bytes
 2 files changed, 3 insertions(+)
 create mode 100644 public/svgs/penpot.svg
 create mode 100644 public/svgs/whoogle.png

diff --git a/public/svgs/penpot.svg b/public/svgs/penpot.svg
new file mode 100644
index 000000000..6439292bd
--- /dev/null
+++ b/public/svgs/penpot.svg
@@ -0,0 +1,3 @@
+<svg title="Penpot logo" alt="Penpot logo" height="500" viewBox="0 0 1512.0058 499.99999" width="1512.0059" xmlns="http://www.w3.org/2000/svg">
+    <path d="M92.418 16.013l-49.21 69.31v39.179L.386 144.87 0 144.69v255.605l166.955 78.877 10.203 4.815 10.202-4.815 166.955-78.877V144.689l-.314.149-42.835-20.376V85.324l-1.498-2.108-47.714-67.203-49.212 69.31v.07l-35.81-50.433-35.53 50.044-1.27-1.788zm8.707 40.26l19.033 26.807h-55.48l18.813-26.492zm169.533 0l19.036 26.807h-55.48l18.808-26.492zm-85.02 18.95l19.034 26.803h-55.474l18.807-26.491zM59.419 96.589H85.73v88.601l-26.313-12.432zm39.822 0h26.181v107.35L99.24 191.57zm129.716 0h26.31v94.89l-26.31 12.43zm39.817 0h26.18v76.14l-26.18 12.367zm-124.839 18.946h26.313v109.579l-26.313-12.432zm39.822 0h26.18v97.36l-26.18 12.37zm1250.79 9.673l-.13 49.326-26.45-.18v20.098h26.528v105.964c0 7.718.601 14.876 1.823 21.473l.012.057.013.06c1.498 6.739 4.03 12.614 7.641 17.517 3.643 4.943 8.518 8.743 14.402 11.31 6.002 2.854 13.305 4.188 21.874 4.188 3.906 0 8.377-.638 13.502-1.858a122.683 122.683 0 0015.265-4.723l2.98-1.137-6.428-19.274-3.37 1.556c-6.548 2.838-12.965 4.96-19.827 4.998-5.528 0-9.873-.794-13.056-2.164-3.037-1.644-5.384-3.704-7.166-6.262-1.86-2.908-3.227-6.253-4.091-10.096-.666-4.251-1.014-8.99-1.014-14.228V194.452h49.163V174.37h-49.163v-49.163zM311.162 144.655l23.167 9.471-23.167 10.944zm-267.954.034v20.413l-23.162-10.943zm1085.59 25.431l.003.003v.002c-11.151 0-21.974 2.746-32.31 8.16l-.014.01-.015.007c-8.35 4.48-15.318 9.158-22.644 14.686l-.132-18.617h-21.77v253.156h22.204v-90.49c7.276 4.963 14.464 9.266 21.502 12.394l.035.015.037.017c8.831 3.68 17.53 5.558 26.036 5.558 10.35 0 20.273-2.106 29.649-6.301l.017-.008.02-.01c9.613-4.436 18.024-10.749 25.151-18.86l-.007.003c7.38-8.365 13.133-18.423 17.264-30.088 4.156-11.735 6.202-24.97 6.202-39.66 0-26.873-5.764-48.61-17.599-64.892l-.005-.008c-11.928-16.645-30.22-25.077-53.623-25.077zm-537.717.003v.002c-11.152 0-21.974 2.746-32.31 8.16l-.014.01-.015.007c-8.35 4.48-15.318 9.16-22.645 14.689l-.13-18.62h-21.77V427.53H536.4v-90.491c7.276 4.963 14.463 9.264 21.502 12.392l.035.017.037.018c8.831 3.68 17.53 5.558 26.036 5.558 10.35 0 20.273-2.107 29.649-6.301l.017-.01.02-.008c9.612-4.437 18.024-10.75 25.151-18.86l-.007.003c7.38-8.365 13.133-18.423 17.264-30.088 4.156-11.735 6.202-24.97 6.202-39.661 0-26.873-5.764-48.61-17.599-64.892l-.005-.007c-11.928-16.645-30.218-25.077-53.621-25.077zm361.519 0v.002c-12.33 0-23.506 3.12-33.236 9.348-7.945 4.891-15.644 11.122-23.19 18.189l.156-23.291h-21.326v176.407h22.208V222.78c9.853-9.975 18.726-19.422 26.387-24.238l.027-.02.028-.017c7.73-5.08 16.216-7.59 25.763-7.59 13.216 0 21.738 3.903 26.954 11.623l.03.042.032.044c5.472 7.577 8.565 20.24 8.565 38.022v110.13h22.206V238.523c0-22.576-4.137-39.704-13.078-51.2-8.959-11.517-23.178-17.2-41.526-17.2zm-182.585.002c-9.918 0-19.62 2.244-28.976 6.67-.005.003-.009.006-.015.008-9.149 4.207-17.416 10.392-24.752 18.461l-.002.003c-7.152 7.891-12.895 17.58-17.262 28.983l-.013.03-.01.03c-4.16 11.5-6.212 24.387-6.212 38.618 0 14.23 2.052 27.12 6.212 38.62l.012.04.018.04c4.374 11.178 10.243 20.86 17.611 28.965l.02.018.015.02c7.376 7.868 16.035 13.931 25.881 18.116l.013.005.015.005c10.073 4.177 20.787 6.264 32.042 6.264 12.795 0 23.485-1.786 32.08-5.57l.017-.01c8.357-3.583 16.02-7.414 22.988-11.499l2.747-1.607-9.665-18.253-3.106 2.301c-6.11 4.526-12.137 7.34-19.392 10.064-6.888 2.44-15.384 3.69-24.255 3.69-9.242 0-17.45-.877-24.747-4.185-7.372-3.58-13.694-8.354-19.05-14.367-5.13-6.257-9.176-13.645-12.12-22.248-.001-.003-.001-.006-.003-.008-2.61-7.84-3.984-16.33-4.463-25.307h122.424c0-3.46.332-6.785.344-9.69v-6.365c0-25.505-5.917-45.711-18.114-60.149-12.172-14.407-29.258-21.69-50.282-21.69zm538.136 0c-10.576 0-20.72 2.103-30.326 6.29-9.609 4.188-18.136 10.248-25.5 18.103l-.017.02-.023.02c-7.163 7.904-12.907 17.72-17.272 29.36l-.007.017-.008.02c-4.162 11.507-6.21 24.512-6.21 38.972 0 14.461 2.048 27.468 6.21 38.975l.015.04.017.04c4.37 11.166 10.113 20.73 17.253 28.609l.02.017.02.022c7.363 7.855 15.888 13.913 25.497 18.102 9.606 4.187 19.754 6.289 30.33 6.289 10.577 0 20.723-2.102 30.328-6.29 9.836-4.184 18.377-10.247 25.518-18.12 7.392-7.89 13.153-17.481 17.292-28.674 4.407-11.517 6.579-24.54 6.579-39.01 0-14.464-2.17-27.48-6.574-38.995-4.133-11.652-9.89-21.487-17.3-29.396-7.14-7.872-15.68-13.938-25.515-18.122-9.604-4.187-19.75-6.289-30.325-6.289zm-1287.748 6.77l146.552 69.231v210.475l-146.552-69.23zm313.507 0V387.37l-146.55 69.231V246.126zm436.454 13.313h.003c14.542 0 25.502 4.934 33.87 15.063l.007.015.01.015c7.776 9.208 12.013 23.687 12.474 43.342H715.896c1.054-8.32 2.805-15.96 5.546-22.623 3.402-7.696 7.557-14.188 12.45-19.53 5.14-5.358 10.76-9.311 16.917-11.95l.044-.022.045-.02c6.177-2.867 12.622-4.29 19.467-4.29zm-181.757.352v.003c9.235 0 16.894 1.793 23.152 5.246l.04.02.039.022c6.338 3.278 11.401 7.906 15.352 14.052l.018.025.014.022c3.972 5.957 6.894 13.206 8.71 21.83l.007.042.013.04c2.056 8.68 3.094 18.089 3.094 28.237 0 11.26-1.494 21.522-4.444 30.825l-.01.025-.008.025c-2.732 9.108-6.57 16.867-11.488 23.35-4.911 6.474-10.757 11.427-17.624 14.971-6.843 3.532-14.175 5.288-22.171 5.288-6.048 0-13.214-1.53-21.43-4.726-7.694-2.992-16.247-10.344-25.469-17.66V218.23c9.78-8.334 18.904-16.242 27.227-20.623l.013-.005.014-.01c8.82-4.75 17.109-7.032 24.95-7.032zm537.717 0l.003.003c9.235 0 16.894 1.793 23.152 5.246l.04.02.04.022c6.337 3.278 11.4 7.906 15.351 14.052l.018.025.015.022c3.97 5.957 6.893 13.206 8.709 21.83l.007.042.013.04c2.056 8.68 3.094 18.089 3.094 28.237 0 11.26-1.494 21.522-4.444 30.825l-.013.025-.007.025c-2.733 9.108-6.57 16.867-11.489 23.35-4.91 6.474-10.756 11.427-17.623 14.971-6.844 3.532-14.176 5.288-22.172 5.288-6.048 0-13.213-1.53-21.43-4.726-7.694-2.992-16.247-10.344-25.468-17.66V218.23c9.78-8.334 18.903-16.242 27.226-20.623l.013-.008.015-.007c8.82-4.75 17.108-7.032 24.95-7.032zm181.83 0v.003c7.995 0 15.327 1.758 22.17 5.29l.06.028.055.027c7.065 3.312 12.979 8.123 17.864 14.562l.037.052.039.047c5.138 6.255 9.195 13.775 12.15 22.64 2.935 8.807 4.426 18.7 4.426 29.718 0 10.776-1.488 20.55-4.427 29.365-2.954 8.864-7.011 16.382-12.15 22.637l-.022.03-.02.03c-4.89 6.221-10.838 11.067-17.953 14.628-6.85 3.312-14.211 4.966-22.231 4.966-8.01 0-15.365-1.652-22.209-4.956-6.88-3.558-12.855-8.422-17.997-14.676-4.909-6.256-8.858-13.787-11.815-22.66-2.939-8.815-4.43-18.588-4.43-29.364 0-11.017 1.494-20.91 4.43-29.718 2.96-8.883 6.914-16.422 11.83-22.682l.005-.005.005-.01c5.142-6.48 11.092-11.315 17.93-14.624l.04-.02.037-.017c6.843-3.533 14.177-5.291 22.173-5.291z"/>
+</svg>
\ No newline at end of file
diff --git a/public/svgs/whoogle.png b/public/svgs/whoogle.png
new file mode 100644
index 0000000000000000000000000000000000000000..0d89d25f24480a0ea6469267f570898e9f244a9c
GIT binary patch
literal 24077
zcmY(q1zgin7dO6*ZbYRdMMPAZ(Ip}h0t(WpG^0^MVoZ@xx*J4NQgZYZ9o;yjQMwV3
zX1o`l=lTEN7e6}LFYdkPo_peZz9;Ol=0hrSW^xDwLZzyrqz!=(5`zEZNr}O~rJSR0
zzz3o2J&k)1$mb}E(`Q8BcMeMxZ4C(I)lCQ_FbD!U244j(Lm)2&A&^xI2t+Cw0%34X
zZ+IdDE)YLgf2agGzxb2gTo4DoA#+hy_5h#0;IA6wv*G&vi!VK0@7Y2iMBoBU2txB#
zjuiqiHBnW%_tblQW6BGC<H3*iKU>7^)Uh!fq1WHdr@wjqPDL;~k&)Mf+FE%;*h0y?
z`)=O#+c0t!cZO&dz1OJpD};od6}eOX=Y=hmcdu<Wi|GE4-93@%m&sn=koqy<Wpn%@
zL+3JW%m?d;G|1gppX7GMJrP8|u9A|{4F<&I4T}%ymO;zxMY38<GI6DDGbGcAKItnM
zch2L72rYw)TaGbsqTpkdP<*k!6wU_oJ!MXoR^sL^<8|-@Z)TOaz68Oc;rI9IMluU2
z6T>jPL|8-0pJn@24}>S`2PBZ6WS?BR_*rQQ!(5pSgIR7o@vXd`vY~Ae-Wb^Jp!F0?
zMM<f_<#{MRVD>e*Z1(T6iA6Xs=doc8&+UtWu1|@7K3Xaw!j6wH*C}q0y`Q&;@TIPB
zKz(@1&++dD|0lwnf|q{Q><2v%=6%8sQ6mk#_)*CUzd@J}J?9h5>>{>$oS;H#!k*Jw
zw6FBwVpJ=^M}&6!r1H%eZ-=|L2-=y&QNm{gYNwI!E}rd(PL`NxO}cf>pq=@kWIT?3
zrD_S<e@ig3i|FEErCb*^9zq3c0%32pc#0mvd|YPX#bcqAk>}imihFfX{VR+*;If_C
z4MIF!PHVycMs<CZK8H*);I1f!J3rqFxl~lX!d{_+`Y<A|@bAUPpOh6XBrU4OFEgyf
zMW7Za!aw4n|5iDq?{Sl`56Z?bSaz|T_*)Fg)ak~)IsYyS8)U}Pk`Bs~ryE+Ba1(;d
zDx~RCr_TQt6S~(s>2RbTPvwY+FmBqPfAH#AL>l3`fyJ!^ihr|KnfakcdiPPvHQtzX
zF=!&MU?d&vKVy1nsgnjRmlHeR7Od?e&Rqkmog^~R``@VEi#2EFVY;x!(aa{5D6rQ2
zpk>=1|C2>#Dj90Ycuud(AEtzDV-{!n`2q9zHUsU2O2ph<OrTAM$;9}qlVO}|v;sRM
zoT%>_TCi{v{*%Lv_w_e{AP)!_t}vSW6Xq6!k^kTA(@5_}-gzRH9TfONH!KLVQp3ah
zZ_aOuJrylpA|^c?vIt{7S77-l9rgeJm5S}ElRn~d@<~k7BU2f5B)gmG6P|(@8NYn>
z->kmCeay}|mE?z+y`;8NdxX}ZEKg39Uc7}nYgtS@3XvC3LK<yIdMbpuqwG14egCJz
z#G~^>rw2NnS+qaLn8hWPvV8U5-1~*n5MlLY&JM!72D(>h@}CW^OhpHtoBdvN<+Ugt
z=gFZcaa)TOV1iVnz@0P3cO69#lh-j~M8VpM|GV8qkwXc2&Gi9FV&tL43u=~Vp$5lm
z7K1&Ok4XAT|9ilg94U-AA=aMPem3uiEt7H+uHJdV@9G(fAN>CohD!{>=;6?Lh^%n2
zDr_m0qn<@!Z`x<8&Hrg0@mD)K*b;=sHquhK!eb+D(49MLlKru7rIS^Jak%gqe?0Af
zc5a<Mnbt0mKg*DVK7p#oyfY}Ui+Isl+TvG_<^Qc4hssrokgj;D!q2lZ26H%A?JbG<
z#NOncr`%mc|Bsrq4BjNv<fZNQC~-rK$T0Eg&4o305oc<i5&Y8xD~s^koU}Qu#ONXg
zncLTr8=1+VU|cM7-3@C!`&*p<u>lXlJ>NnK9ka<1lOia-JCx13BDFUr;!@2QUzmpC
z^ZzG?Ujwy47-t-stVUB={fD1+c_oUc=)XHd++{!q(+T7eZm$yFK7Cd2F~MOv{toB%
zjsL2oRd%@4#YEWA*$R(tU$X;?%I#@6*sXkdx$SWkmXFFY)hGEvmpuNXOTUB?ufiVZ
zJ1RsFWxaqrt_pe%t3YnV4Zx&fal%nTd`d{Ijj;b%n{7KwMT>`E>*1Qp6g3})k=LFV
zYApQc3<|qqQ)!clCle&|zoVSi(j)gPu%%E(Q)z08w3~^~@`D2ZV|mhrE-a4-YMA0%
zUM1>y0mc>F;D}+aW2take3nnJgv%`c&y7i+%V-0ItqC0N{w&Koc6ygroxwP>)oGB<
znuDzVpPfR7FDWlo!`z&3GAXQTIP?#clS8{unp3G;@ek@8y8jxE4h3e9|EVY1v(#OA
z{26lm3BTa;<Zj~ssS8SUI&a|iwT|Kl^}Pv39iW3(Q4zv49t^IA8}<KP{u9M)>(soX
zi64=c{Ix(kjif`rdfq%&i}=6&K$~q78OkFtM7X`S3>=oPOCPDm^}txy+w{e<-Juuf
z_Y#xAoEoVp>tO#~+8MzzI=kJWQ?d5MH~%$f!WFN^G&QUV{Bd_XT`cP{p&MX1Bh)!T
zHktjsGCeOjkJB9f`9~$CV4aD}utuXf_buqm&67A}|A`r;&KRbT2s^L}`8QON&7^o1
z=P@EMO}M>Iroz7SvbG^Z;=C6pHsEpnfA^%?EK9lAF<UE@dv#(o((;NY*g6yGP?$Rp
zp$$w2p{4y#!-GfX*^v0Bv(Y_5o79KG1s^}1*?EE4g=v(`6tk-EUr7J22#v@;jj4av
zp<_6g2+M@tCAmA%MDJ`y5#x#Sq4aJ#TJp!p_O6xDp83}-acn$~FeWufd7%-}M8D99
za1dU3#ay4y_PZ0Y>O3nyo~fr~<yYc%IWQscs!DNx5()iWXa9bf%n{qEgsZ%(%WlIR
zC8Yj_<U9_cXhFWM#2zUkKVdjWPcf(^;AQk_c}V+|fN3@ea+`sXu{Q+s3KN`rGiD81
zELLs{c^@Ztg`U&@5;A$u`t;Z0U&ywAw$DgJue=M)nS8LnP*$Fa9WgnC*;O6=7K|ar
zh@jvqWPxUpvhKa76li92rOz2$3F);_ug-=;cgpz4%GUXmQkAHx5%0xrBPW@??yRIX
zWb%|3wZ2_;DUtPBX<e*BI9YI6m|Cz}@L7CctdZd@swU+v+9TYy+kHiguJW0>cihuJ
zk0wS-DV<wv9EE`x!kGAH@}6(irESNdtzHpTar~U@=0{A2?{*DFw|A|Q_N=sKX^KX6
zsv~51s}5_bFrByg9wH4XNRScYhO2LTm9VxmuG>Wz^D3QZjian`f)pOY&2wsRl-?bu
z{uw+tGs`#Ll*s-)%fEx!>yoS4u9W#5x$$o1I_ipR6?_#}w^?>dJB;4F&_Q!<=ScoW
z)1zr6*por1(6C=0^T)o$d-Kt8K;_k<nZe&F!N#F4JkXvZ)9Y@)!YVbC_1$P@kTp9w
z?f5CG+O?sAY@L7#5GJy<aVlrN;D4aTSRxxGFAjVdx2w=f>XA+;zF~Zqfr$n&NuE2j
z!>ZaUel2FH%Kwt~b7xbF0?Fs-h`o~+az$6XjTqP&|IT&di{{JyXWl?HNe43AQJ3OU
zlkaaR2zO@C{);$b-{g#iS$WMSVANH$=G={6zsLwTxl>i*mIQ5u23*c*{jl%DWYbHx
zVT#g+_{L_I)qFYbU3;mKUKbtvrk$W57{r{c**$4+XRaaJ88ZxhZvWSDJ;Hrwv*_3a
zB(Wx8B*oy2p0q-WG-9#=(~U}sp@T~5Pedk@%9Q)CPJVMESZO@n3KY4BX0xuv_<Y97
zQg~loIhocQX+;`c{aN4xowSWeQ#>}2=Tt(vEF3E5vAf6>Ktik|JqE5(covyh>?f1(
za{?83e=1I68?ww^Dmz++$UJVL@|LZ5wcvUak|rwP64A(b2;bg?nyC)o?p=*G4HS=-
zOHL|f9llj^?^ruPa622m8HMRb#WfxVJ)?!2%hBBAX2~*@&U|9<I=<p3#bG3T({J|H
z?5)!0pZb~WWVRiKmT<V5Ir|cdre>ch=ZF*db{y^5)f$4!sPobe;ascZ#F{z7Kx>t-
zxiggoGaXbGw7pJpMgGGmfvDEfCWm#AM+#AiaHx4nsoNdsc|NNaGxj-gg+nO5ZydE3
z2j8@qEl3GDx`@|nmd1O$JchIj()Xzb&s(B|T*&-F_iQHiXVM-9vJ-@aEW3PS?cs3n
zwDY;Pt-RR$s21VO#Z8O{@r}oZMX*NI*Lhux@rs`0%&83dDH|#0v4{hSh+~PH0O2$d
zi_)s`FcFft<-U>qj#9A44qUt0i<%*5Sw3ZVzQ<B?3l`ZS)04`1Y^>H_N{pDK2=s~z
zaB)wtN^lq0R-ZKnMiW6IQjn<+LQ7ktIZYC?IH5kW+~a=p1Suh+m%s9DoRzzXTg;`S
z<#f&i@oVa%Ae_s`Fr<9sZ(N`!nkHj;9wE)V&3TL*p?07(n9HQ`3*39~Y_j*Yk%R6m
z7lx$NtsQ1gF=%ceU3hO)rdc-V#ayk?hWD}KrJ>s)`bKm7L@iL3(f|S<!?{`lIgQ(<
ztEsGMqc3sjwm|cJpM@cto+nXL4@>>&?oil7OpqVmD7tI$_^$e~+#xk$QWcYQe{Ttl
ztkk-ipvmo`2+<zHaNH!ME@V}R`h15|P|ORO^dr;i*}=h18xCEADvvI!%hZSK3a3<$
zZ2Z8XT_9OhgYqWQh5QbyXd3RnB+ILR1&!iV77R&%FbL#IzbTvp3(w7+H2u(_OKe#T
zdfl}UzPYQ=^M}wo8BVrd9?fR+a_SW(2E$Y8#!fTHt|QIC^azJuiV1Mp-~4O9Cx(h&
z_AY{NYUTF--9?c6C|9QBX2x%rS%l}5xZR0uxZ?GLzn6trQRhyB4TudWe+3N98C{%*
zpUekjv+TKPIrq><X_S79hmCOO^6@V(!r+@JIP}NBJ1WI-#J^rKzL!OTz?BDxUPn6l
z9(eE@^MTM%Voug`iCAcramdr57kO~!^YJf~FvR344$Xy9XAHN(tm8-m5E0TJ4ZHY;
z7(g6Q>Lw52x2=eSdW^G5^fP-s+TAWrZMi|1%3oWb7FA*&F~M=p%loMq#4<NyGKZ+h
z6Da0|7J~xe&WIu3uB8>t<^_Wis?$N{19ikCUCkSN5IsM~q5EU^PyMOdl1P(>)lqj!
z+{|5=`8p*G=FBwJ#9lQF1_~Ga4YVwA(@E22Vd6qee#;LyRny+Bx)+c&&UE-5zFCYz
z-#hh7e4RRNsvq;J_Qg?VA;U==T~&zD9DUIx1^GG$i5i8bH?<QAn^Q#l(EW`=7By`}
zj;JR*gsHkvb4VYQm=7u;P6AyLm%iD-QsUMKLz2j~S=<c9A~<KyFuLIVYF#$A5yrjD
z2P8v@kJoUK1=gNW{u-=*Cv%<MhDAe;;b#xFqLj&s65$jjhfUwNaDIJu2$Ka!w^O-y
z<%#qPS+ywcs;!FeB;|)FJ~34%rF=A|fO1EXsN}H}z-Vk(Y(f5>eR_RKlhi~!C}Xi8
zs@6UM>|(AGrk$zm?w?)M`%*V<I_(Uwd0os0{@O5&&R8E~A_*Mx0RqI(4kW{#IJ9^S
z-6MfwR`vH9FgbD)a29Gk1)XdosxYEM0n2T6vKF6!UgFTtjwch@fP7Vrh@|YS;b#?`
zMd7pWap-`*$Hv(KAZsON>tfmB=ho7+DbGe~ur4j;(w=?n%}nC4X0a6}cq}#$|FI<1
zhq078nFKM(mMfrZJVK3*y&5=N;^tDus^ZkEmz)$^OUE*AU3a#pHoIf<;BC(r=DHI2
zCZl%qX=TmaN+?yJyz!jel%oJ&)n_c9WrQ@_A=}gpb*cVklorI+a89qBHN0BCihS<`
zQ;u42Xdixl8A_6FAJIKEv5q9ze-Mfnn(gWN!%yXy;uEgzE>I(H!*)LXy*@tM9VG)Y
zo(gO;(IJ<hAl2=5d*SW-i1Z>>6+RsLATDuQuGsS~YxQl{2Kc7n6h^ja<)J%Mk+Kff
zhR*(B6fX`vNw(W(C-uRcvZ=}QE?*U^ea%F+pH`AwCAO3}{ejwk_p;-|+jHZR2MTBS
zq3lZ36T8HpOHELJMhTzV^RxEF^KR==oAX8fZs35)9+k>=k}sx#`LL3oMmH5(H(0^8
zFC!+49Z0mbhb6Xe&93DhdoyK)<u<2jIn)kabI=IG7-EcSELYGODD@JzwuaYh$P%{`
z2t%yYX7_NZnh~$y)2wI0NE}*2McM@<7Kzl%hWAq8F+<;jFdU-vlSxhD3OxNS?LNC(
z1y(FB!bfQgi?tq$b6UVp>-ffA?GXXC<AkmV^-ku;jahK8{ShSEui?&A+MQzvhjw8F
zGfESQK<VA^cW~!e_@;3#9qKKjU4%oAD}lDD%#)+WU~Za<g~ZM_`N;T+#HW>Vj{AMg
zbv(R6#k$IKb+p@Oi@qN8{u&oR1k}09PrJ4j`?C2xVv~En_1ePuXr83?@ZED`-d({q
z1AfS^3aO|xnP0W1E1y`(-dl&can!t3!~_VgewKLNC0HKI#VXzZtCT-RykRgaTVu(j
z@E#^#hxKpr<j6CeYa#bb!^^8&dwLnQWjH7IRGPL306@&MO2M`V5tDKb5hu?gD={oC
zj`jLvkBFrjzpGYN%h}EqJXCG<^N{*{<Wj$G6S3y-hW0N_$C5o66fr5SDoxgL%BMVj
z&5z?C)kP{fi=gC*bRx7?rU>s_K8}hXh*wQl9(UK@IeHCbgF~ZSj_o7T>>?;~`Sz{W
zTgLqsyQ4p2o7oN}ZxgK7)j?X<56aj~ACW55brbJ%Zwa&mAcAD^RQ^5yOA2gRyf_<-
z#iFG-1z9EP_HW$rQB%yW7dq10$d<B_owcobvs{;d4Zl*@?Mn8Z09k>hdZE*tFW#Sm
z*$1Ma+kys2bx_?+t7j!+(Uwk(l>W+mFg|`yMG}~T=$1yiJ6$qn8mr<z>JDaDT;?xw
z<*ZPCar(RUjhOVOVuB%yWDhs5@_>lSqpZ)a3P52XrH4NJKok0T+$%cKRID@b@_?Qx
zw+3+}+eofL9Az?$@<o^iMKekc$?NofvGGe(;D?QrfrnhZ?sdhiq4Ty8zC=aHZcMX4
zbvUP!?>K}1dACERQdZW{4ac9~n>Ew8|2A5){C1nA**)57b-_R4Z}h5goF&So&XlA=
z)I&rscED;@-;QSc&+%6d(a<XFMo=uYCj17G*%RsL0EaHZc*?>hDohkfh2N|+<{E-T
zNP(U>lCP$qVdPoF#M?bnEt-HX?=<+P&Y8sHvh|2s_Vh;oPGf#SZYAVa6W(%o0UsVd
zC!ln&zo2^_*rcpS>UZU5zNa8-t>88iNc+Js$De~+Opk}bEHs|y@0Pf|kByyGBOZAv
zxScS5Z%@67byFH-)`5E0|9&47Ya=MMAMlr{P}wjD?paC=pppftaS4GiJ5rPz+8+M9
zzuG7AEK!=%^&)##)q9Zzca|NRULHy_ZERRbf;&6ST3K*hyW!b$9kW&HCQ!(#B9I!a
z_K-k&B=P~|FdDx32FwZg0S!Cp$@E%6>QdIAJ@D9rq1DzrM7wZq05~e2k_hIzhBUaQ
zNK2F5b}~Rd-OcQQm3b4NVjMlE3g@X$++BYbVeA=j=jwP)k?*9?uAq+MUX??CO^$e6
zLx+HoYY$K0THqa&aUe<R=$qVwrtd0RMGPc*BsjuM)p4%6jqb@7n+WM5!;N9GUVbuU
z?loUpbDC3Dv`y_O(r4$`hc;PtT+zOBF{?YK_RzTXXek)u;h<#&O@!j@A||dYA&oaI
zuq)SISUwn+#pGdXWPCKv-t&|fkf0u__)bKb=%_>2qRR?mMsHT1cTVV+x`_ubN0qX6
zcpJ>^LqJ>^DTK~=A#18-6mh_@(!9z!WV;z#)r{jXeYp0xb?v0R#I0ELk4ig8cZnmp
zOpTrPv}R$m<(OWKM($QHO<aIJ+s)FiCXThEmEd=-@|P+TTy-xaDdO~I9O-k;`@N~7
zxdBj=WgQ{S>aBt8EPo#18xV>wXKG(ANQ%RMb(aLW_2_H-<50XNViJG~DZdSps~2>7
zBt`?qf==NZZ6^GX?O2$l3@n{0U2)X}sT&&5(<}^hhae4R9G&@mU3I*+R6`FYr+oX1
zUGvSA{X4VuHI^wM$hg`fX@X?toL1|2c`vVBX16|;U9*%uw#Ga5`src;VFs)cz_jX&
zre+$=O_Mh@da~>avL>rF<o7}NDF*vlzV}bfG%1@1x2H1@)pD0QOe8#g{iC+wj7*^#
zYYNcwCQm_2u=gR=zjI5w$Jnp?_h}H}DNV-q)|uC2c%X<lxh3VYyualA*4MZ5zgnuv
znSV5GY?M(rmh+Zb@i^Oma@xbyi`Wn08(uuU-;4W`7B`JFS3d6hnRxIEuELG-4c`%2
z;&pHNlc6>p1j*&uG*u;?-^9o#vJysenk!mZm6-x46{%2XO6kXN=oE_oWk!QznM+@U
z50Sb(oV|*<SIr~24We`qqkA0$6t1@ruIoyNO3FNXmFjlGo~S=rUV`C<5|U(lZ4rRF
zzS<9G^@qwT!%73$#Xi4O^x$tbmX55K2zjA#W+Nl+KtY#-40<6VarH1B#7>wsRiu~G
ztDy!$`?T&}<=yBUs#L3Ox9TO?fNyUwE-JqDS<;zG2k9U&Rk=f6#>1^}fz+*QIndUt
zZm6nzfe4AHso0YxLOw1Ph3C|dZ9JNOX|yW^>Ke=|oXcyfWE10_L~`FGUNu;CI~dIA
zam)I5uFTV(O{cUkx7QmGAJQD@k@gVkv0KwS&TlR1?VO#-6PH}cX)RykvbKr<j>hNA
zgdxYgbzg?Tm0FBv%D}7h4~9W;FKO>p_Mk(HU<=fnedBP)-ypQ*$ICL{s8uuwCw|Xh
zl2BP7D=&PZNzcvQB@dM;-X}}xHNL+m|B3b6YtfgVl4A74tG`%cv;y1i?~Urq2uu*L
z7npX|#i5d3e6Z?c_PVj5_Rdtv;kxgmQ2d9lOTUi*8sx&2!2IHeD(7)hBHIY_0sm}h
zPg{v(@DE4Hr3SWb2JJ8%zABZl1A(CBbG;)!NAe~TZ}`jZMmB<4mbKfZCEXx!PKv92
z*}cGNaYTD&DY-NlvTLEDMeQ!hqa>e?1)!uyV7l+uRNAwC5w=#I-r<?X&J$&N#XXmD
z*-@hO5Poh#ej+*A9Qi6eNH5*t{lK=4R?~&kNs5w$IaMopQDb#eW$8@xl%i45_Q%@0
z5iZk6Gj%n}YEFBJj6I^9RfbPT_O&(AVV;wFa%$tY6Lr7dACV#^=`psqbUwkE*(nB*
z^`5l5mJz;Gu1_~4n1=)VgO;^Ev4+B(iH72^UW2{g0_k8rOOj#Lw;k5rJxhn7Y0s?T
z{om75uZo*rFTGo;tLaKqVHk=J8^kM=nG!3{PdizVHGEDm+;m6%S!WSUq<bUQSFfKI
zBVSzPj>3Dh912$W^jbj_LIZ3<@xHmbF!^G}uFC2c#w9oH-LL$OgGR;BiLbp~Zk<TH
zxC<Xfdlr*BP0oIUyAEMQc~}E4>(yABekdIa<ss-N8*HuGPuh`uyDZ@B{Mr*%_KB5d
z`{<_Xpjz)H&j(KyOa!Kd^SE~+ni4`fcrLEArE;bf$x*6wmFW-JDmTF<p&4t=OtDiZ
zB#`!ukMnpmrmz2P!dGwTO5^v!1x?a)ZHpn_D~y(tC2s1rk#6*YnUO8^mtnqQ9xla`
zX9PB}4zhXT;*g2A%QXE@)@02%j~nmrx!iy&r<(DGi;v3D>~71giZe=)cs~op4?C$5
z_V6mnb19v_ob|~qn1MT~sAX3Jgk=oFa680}WE-f#^aXyK6?a57c+T`Qxw_f7_iB6`
zifba-&OtBzG^k-Bx0kSm%<)Q&i;mBa^PuG|^1;@Sr|eVXSCzCitE@K)Zc`yCE5K-@
zHT`X`gO&xZ`!nq1`qm7|O^K?rCQJhKx#N8P;}0^Zc2!t9doaV><#RZWoqX^-u1Wnn
z1Lw<G$6|1kz3Dh}SzbOYEoj-;c!)OVoOk8@5W3c9W$+aaoo+2}iJL_Gw>&3}BG@AG
zq#QIiJn;+H3&k%kc5bc}H5$#n!J$*t6|(XT-F8HVZU-9$JT$uM`eI{O$cXb8lyI|%
z%v8qJsuGum`jm!^d4~<W&B|c4RD-Rp>>6$!0QFE=EyOboiH!;er5?<&KMoL&WWt2p
z-y`wNGvqyWfzP(17~=HA;;SWG5ADufaX|_?6G)pyG8dZ&W3gSvX1n1{*xBirSdYI+
zi5o>s9THY(lC9qk^{uN>4)E-atua;6qE+|3zj4(6i)5tHtuY~<^w5)mIi*)46wi>`
zcRu=*{Mq&Gx%~Ef#!Ydr@=zjyQ9;Wzq=PfYCraTD;}|F2RiD}Nv4e!FV!xhoP*ji2
zgJDxnDsrUiBhLM|8`+>dTh2Ml_VsKLaqA)dtsBi*@h@m99)<>th}St?&XJF(Hp+gH
zG8TYCKiLR~_I(SP-{KMstL{}?Gnh-f-t4wG(yejk{fZ|1`};JH0Wss)W3BnzAj~0%
zX@4%}O?!a-dQ+WXyQ0fk?kF{?4`NKdBG39@kwA_6dkiCTG|k|KjOvGn-fCZtpWW9k
zm|q2;$&;;>9afAp=W#ji-yQN-a^yqz4#szJFXsfw4xOtWwNkYxW^BmYLbHhX%WH;J
z<%5<BqW7Plt8W<OrrRVX4Q;j8#n7GEj$|Us757FV($Q+q)Q`vQ@B<t-2(z253F^Cv
z_^Ae?PQE(SsxlAPUa=g(RiY-l2@5W2H&zcbNSo@%?$m=&OCMVP(XsTWu)-hBE)NGf
zWQ}ur0MR;APWhACm<LtDi;&rg1jR$g-77V<M&i!khy^Y8fAWVN^C}?;x7}CwWXBTe
z9XD(vCW5Qm9@<C2PQVddTP4pQ191Ay(rTFxo_Do-mTsK{_;FR-PxESJD$YOeiHtYp
zt*C)Jqo{nU0L~HKp^*|YCVL=*EsAKQn3quQ^$=tO$J^FxWySNoiQ+2DM7<Rzl=h5W
zl|7Yv!R)OlGdq#Pqyq8mOUp5%f;%8!RNULj>$|*@cMHiX|Dfty6P9XzCUE2ao;WTY
z$<KKlr@F;-pv#B{I6`VO2c+e}Q7I;$;3Q}{s$Axvg?vyRwyuTWiqQsz)BCedL?KPA
zKbw7AB_D(8du(kmpCMf%=4Ldv9;pIe7q$kUXs=c#=^{Gz2|u#e9a9+I@P7JNRQ7Q_
z=I0rOw|!{K{yyT&mC@Dk%b!nW(I7E@G;Ww(E%0`EW;%b0$DMQ#$$SV|XuQ%o$Xs{t
zdl52hN8FhKDh&iyEU~q&xMv$jH<y=YQmXvj{R(0-AlE%TmW^=V!6B4HGZgPO`vW83
z(0<*}KlACa&eyZtnUo>*wfAI$=J#G%7_CBois8^xiw7jc+?<e&JJ-CKqN{2Twm6TA
zePvaKU6<LJ=1k)0@7ibf;^xnMp%TseH>7Qdx5sJyBl7+HM@wA2r5BuMaSjb9qdTfQ
z2lL6pb*ZwIA&Q~+Yq|be>ZwY3rT7vz=_dgT-7_d)v$o2FmWDt~5Zm|X&D#)sGTga-
zXxFLXBfF9J&xb1FVg$OcgbNl$wx}>JVA5x!CAjgr0ap<fSuy@%*{#Xc8_zm7uFc4|
zo*Ufe6eQ|s&aHB?CNRClz$o;nk!qfw0sX$opNV*IDUC;u;G@0sLDlQ~da9vDb9$Uk
zGrB{cb9ol;b1QABa?^1G9rQJOyAqJU?R|c83O!}~tn7!VDvF@<{LIm_8@5#@I7NVp
zAdeKMkdRP9YQC+fA1xVqMKDm5aoOsroO=Baqb%w{n&I0M0#F_XW`ql3^40Ef)B`%0
z#+%$-5t=GvW2v7;bBQ-LBvW+cU48=w#9aXH40Zt=MVOT84Y^d5=jM|s8goK5KHHhn
zgZts#BpnkHFEy89^x`OAq+tA--dAcg-HblIf5kFl;&tUoo4msK?>%$wr7?QWW1YbJ
z<TNMFh{@k?+fQA8{gJzxbN=#|P_e@+@+KB^z31H_c7Vx7Gv_9`(#<0J>vI<ae*KLf
zt9=EtpXjK+U84xuNunx&IBL7f?e1#t@T<4pR5~9GV7;q^lyo)4dNXjr2MRyg+f=_?
zd=|`GHCD_MSog9%Z1xo3AY8~wr*HXrO8`R*t`w)Mi)Qwa)qYjxG<aIplv>@?96t)M
zSwq*RsH-d#v+!Qq*#ThGf+`z>N`Ms^0WhK|s+YWPYl-vt_JUXqJP#=VWh-NSzxSQw
zR+ZFjD<&=Y56UPM-x|MGy7LM#spxS+^Cq4)aDVSoN3)V#y9QPeut_NHru$I-rD1G#
z5%VphscfT&s7i!8kA3x!W;AFRFc5(b`?*rr(4Mtn?&Ui5s3kvI4U5TuJ8KMG#%f2B
z4rV=dZ4x^nv_42cdVSH&*xEXy{pczCHo$!R(~-%!%7#R)IKYTiwaV4K&pDh}W%M|Y
zXCB-9ogwe}SZ>@Igb~&Df2sN7G7N|24kX$<`1z5=xM_Y`%w}tGawOiDY4v6AbW^28
zop#F?9XHP7_ko#d$jBiIa;@_D)r&CJ_DZHX0?ztQ-psW_+<4BNM~Bl1q5CQBul#^U
z_qpiQZ*%o}p2jtu?2#f>;SEzeO%aqhWrwq5^Rc}4x!_9Ko6eb_YqKLD`b22e5=~Rc
zm|3KY_iUWsO$6)+)O^6J22+ZCv_G$Xm>)mLKTk5h(+rv`PB)Z`#Z%2|0zQbv9yP^a
z(x$U%cR6`Pm0J-R+;ld}*bc4EI}uiQr{!M#Rn>lu4e`tfxU=v=VvIa7i)haRj|V8Q
zksn%o;Z&DVMN%xZtg*4>$kz=Rl;ZrBkX)|j8wOUB(|};bMENXkww`QohSaYW^VnmG
zx@Ddm+F>qMajU}rmt=3z`vn+xB-Pb!;?y5x^#|;FiWV>MM5ooBv_!1BcInT_phFDJ
zbT-fsz!1A5QKxCw;%Yq9>qJ(6-e*o(Vr0i}&c5FQ-KEQ+nRkK7{<a1?<<8o~t9t9N
z*-Jh(6S)V&g}ZSzbJ3px;sSAeY*7dj3=e1jX?REsG68qJ$C}$WB1mB~_|lIqVgT#E
zkmRiJdfWGvtCoa*_2|~F*yUs+duP+#g=Y<4KuAL|X<$)ko0J>{cYZQ^l^Y8SxSG?7
z9x%uN!hjxXe)#2CgDp+}b4YSEwLOE<kY~;9R*jkk=WJkj`^+VSssR%@xkp(D%WZ#c
zbE1{RQF_L?OI<EP6Al{eZ_TeTuG-K1dUwG#sw2?1VzW7j^+;_~4@?(ts*CoD8r@Yr
z5n8I0_}fM7o<#BJ0`deCa~I#98^8C|)dnS`Cm@=X^dvuJmMgwAZtGK<N~?ao2FxsF
z4x=I5{8Z#iznC#+w+wK>BmrP^)5Eg$8B*IGa2`+kCrcHrXnaVx%=-L-j-_u=$e7db
z(?6)o9eXO^jL$qT*!#C*+ll~>zuiNzW77bQ?5*d1=&^1o($9Gynac2&#x5j_#(rwk
zkO*r~I$%<Xi|t=Db{ML+0OTZ8|5axG(USwSd5!!iH2L8@lpFDv_FFoUm2cqAc>(Oz
zN0r8_&1${8OIvo@0*oucrmFsy?x_z}-*9=@)h5Ub><V@Zx9gR>Nv2I!K=svlI3#{u
z+O#shPLR>)ILn>aO$;LYI3&$;Cvgd>HnbEZTj^ubgHpHd1(t04)BWEt51%WCMqtqI
zG%6<&OSMk<h;?hC=Ol-qU>T-p`O-)ya%T;8UxTB+>q}`TQinhgu4I1w*MwnjTfP7;
z^1gEEH-}PrF^xyon`)C=vU%THloe-LI1Uo;!n=s~iQS!xy-2K`Z{sQFCn>6xvffH=
zC`^}@<j2XUiIeg>3um=06L&c-B{Vu(kXWR^b|s{gkhWkpilG5g+aJNW`TbinICR*V
z+@j2Bk~@_g$@e<)h&V3Jrw+wmw&<A))*?xqi&=xh)xtm+4I;4a1+!8rkCJr$Oj^6t
zvh)<6WabDW53d1vekFO4gBz(rk^M4{R;Di0<R6u0JH25UJq{fiIyEyjwJ4mlCg9d1
zfv`NWOTV{cIz+Eo|M#T(w@tiH>`5CZpFVRP?U`uTx<rL<)p22#+T_S2`RNCYM8;@I
z4{uC$JSeY-L2!ViVv1o$^w;#Jx_3@C3OJ74m`6$7A>=@gVMI#Z9!NP87|hXgA*-5V
zsSxf_e}@*+6LRp-4Oi_A$n6tfl#si8^GrR4rO(A#$%-<SuO(7Ia75EzZn}@?c_!4a
z93$~&c><^s`Oj)|5=57gnE}Tpdm*9qqX31J+`Mq}u&cO-;=MPm@$O<VA$u(+O)=*}
zg=ElM0C8?KnQe`?R}=e9x#L;NuO|lTN{OfDlq2#MU!2JXm!_ZPZj{{-#OBmfJ4P7C
z$_3bGMR8Gt3l#?FS%kw&-PZR0c%Nws_VhA=vMxQNEiEgB%wvo605cNl=vSBLMJZ(e
zuz_MZ-|~s}#KvQb@Q(<sN-njMzVTP{=AUkWvpX7%G~bK`QFIc9-CUSrDm=lL$)u<f
zmC@mwF+*lzX2)-uuY1MyLI!0`V~J1iXAa+;JxFP1v_f7-MzJjqCn+N)2`x@wf2f`6
zwaZh5`{O7mfAn7i2{oJn(OvB(`Pma9Y+jG_+9c*Ll<kZ}S7I0iSdNm6fcVdEqf8ek
zErme!Dra7Rp=0U@>8ut{W#yYHnKroq)A4X7l2qU?VpX7+d}0xv-l}7KCG`9?t$*0J
zP6Y>tdG!*^+Gx$T<4#ijt<I6gIg0SX{)41aU-@saA}`Eg`eSLx1sTF<e(U}Vhfp(X
zu8%s;btiTo;<*ooGmj*%Rxm}iQmzo(^t$OFV9^=g-kKz(rLRS@$u*Ny!>vly1r(D8
zm<keZ!iHAGY^8e4A0jN{i*|w&YqpQ(6X-;AK0k02Mi%M!Jn6O>D_pTcdY`eSxHX*v
zn;)GN6zP|_39+0?=URwK^OOx`C8LkuPX1)z(AvFWjm~tuA2O;=?LWpKi&AKl$z@_B
zgJnCiXgiws&VrbG#TECW4Cgcn&C=YG2|B$AfL5SR*`+>(7+3H-HYCdJYp7o^;jB<a
z9oD2*d-24atAE4d(5n94Lmv^J2mt@nc&?Awvs-2)U!lBvdz5GEK67ANh&RPlfW#$k
z!tp{d5#Q9L>Na;AS{Lw;b?-2NJW~rFOlEkELQH+yJk^Jq+lwJtXH)xak~ROepD9h|
z@5&Li#4$&WsuTXu$G=(b#?NJ6L=XXDv1w^1w{%3r2Nd_b2u6V;a67Jo>xQMhri(}k
zz8BUo6JSDfjUjZm9|+ItIK#1k0Y|Oy$$(*XpEmHcCUQbF<Fkj4ko`ok2^*nixA!TL
z<l82yPl+(I_&<lY8SF@29%!<avMSK1InKTMeC)Q@`+x|$+zyX9X-Fk9F_|@?d{btk
zbL~o~4!3LbU~T2b)8AeX$8B%X!6;(9)IS0>;=%b<GUsGbp8~{Pvj5p8AYKwFKO{rt
zb{F3O+*`FtSIYOenWhWa8rQ`#R|9+iMf&?^(Y{)a%gV82@wCgT!#uxh$K5*OO5EZ)
zTge}f+p`vC(IzVce$ZWO0v!55V3KuYGj<b}XX$O|!GF@lTqj)d42!mf*;>iqIi4tT
ztn84Z{*s4(2vRtYNBgY(O*IG^5#{AE)$s?^r8lQr3uoS0hVmZaT970gHcLjk1ck;D
zjr`dA_Ra8Ycg1W&w$u~eHMW$<v__NcZ^K7}5@AhRVo5i(01D1zNt{fd)5^2U_~v)Z
zIJEj(&p33?A_8VvsH%S+FOgJyaJbu$-@tQl<fmNap36|LpJDQ&Br|^6L{A#x^KP<L
ze8{X=;p{3by47*k2PlLHi#VXsb#fkuh(vu>09CTibFcV0lTSzm->0pSdA7~dr+gic
zX3cAOByXi^SDjn2<&Pq+AHa#S^UKc?PW&_>*falLW^pnDNsn-GYdL(yz?My82^g)&
z#@bFxk;99ts3nn#@(JMTO-i#imC$GrE#?Aq`=Nk$D(R&As}sCdpVhU#)%D=jee>TG
zh0apP#ovzB7aEM-p3We2VWaG7kUI4+!qRFTX*w9^@dWCQFwO8*B}!IReagcp-g6_v
z54LT9ofEh(Rp1YB_lTy5w}8rNErZVnb)gfzE<Zp2&dt`zr9CEDyx%6`(>F;*G44KF
zfzj``3EZiJQGJ$;^Ja!z8#Q;UIXDM8nr}4E0G|aM6kATK{4V21An&MC_4yMYO^<SF
z32CL71!A|nm-U`zvDU)u=34G20tb>Az+mTuWcB-N$P!Niy7V)h-v`x6YtP4Ee^xp@
zk;^i*-IX;2(GH1~SPe$NGX4azp1*Sny+ix{!tH6kVR-L({%77k?A^qGYMiSDNQa#h
z3RibV8)-h$Exj01lb2@pdb^wuzFz*UH6P;4Cy2!$j&)=oOH&_ZStCd|emo*fv{MJJ
zfA&L<<zBI)h1QPT7{EgBFM0?8+}Eitu3LC-3!sw(O2@Xm+EwN0PxXe7+<o=}ASUSE
zRO?0ltUgQaYF;Ir{Q|S3d_OsJV!fw!x~byJH})<FprjXt|F*p~8xf!_BVx|B3_0fl
zN9U2R<mzxh^Ve*`|7gzc^eo-W)u87U4ED@fZlznQPC{@Uyv##<Iv)?v;FIH6vM{)1
zKg#z0!Xy}>uacpZH!D%BrEU~|-2)XDU{2$v*)JT=Ze8nWma=dNl{+Y7yzVqKe6o0J
z<^8ks1hm`A!gz<j=}PKqD-eRhsIL5qN$tb18CLu9&bD}31G=C2?Uw8Jrlr!DFn?0|
z?+Zk7xx7JJuQWq*K}Q16Dh49imuuizpJDh9+g^vh^t?9%n+Wn3mnXE2S)FLO34<pT
zOI80<Lhq4zRBlZ`Vimd7&v`5@5+wv+EoqfAHuu%PEX5zPRgejX>E2EIH%K1$l|Fy?
zX!Vz^hq-=3{!WL#nQwjmO@`!FI@sAqk1@8=diMC+MpfOIP@J>;&-iOiG9G?TlVGLc
zCy{m4ZOnE2+dbi*O&M}V_w9ro-Q_P48kAhTHtf}^nKSjjmmc?k#*5P$Y_o|Dw`amY
z+z5VUv`>4ekuGa@$c%>4SkZz4F<CixIyQw`5XOqdRo`gch$M2y4G55|i}hvwScSyk
z@BGQt6?Zus-3JN9n%d~ob3SD}>%(zBjfixD6`G9h{egF%etEh~0Csn0T3+h6Ll<U`
zEq+(CP<$;=D3EU7aecP<4C`C=1L)_un%|RKZo5*B!Lpp$V0(klQejiy_T&1jeeK?2
zwqMC8oj)$VIIJfq05OOxR-!JpciPlKle>!;t3#12!YO!Jf@`<w!FZukMuGG6arw8T
z4YU1A{r}nCT63K!`cSP=-Sb<V18ff45>1<LgsBX$t4}RL!rR%kEWb<zE{OD>{OoDp
zDwu(W*vjB{ay{f$>F5xXRj41rSkVg_Fm~>JwRR|;6EQhAUz%ZBxi15x>ha2)M&5S|
z((_N@8(J0o8p1Z%!TOgM4xB~%C<m9!zTc6x`#}zrQx3LfJck|k<_9_tk`bg0+ea70
zJ#px;FpUV#qYU(%9L?h^D_(7oQD?)+!`)o+vREUomblelo25zvYp9<ofau)@N3{y8
zaeYf{T3GDBMh@Rq!*gqQ6bo{5jsu+UM>Fn$yQVYZ9x|r48E#$OHTY)%Ze&dsTjD;+
zeu2iHq|05&*~+tN{PwOmy|It-BVB7jvkAiieW*(>IH_-bEIYkdT`Bh!VMiv6UyeUQ
zm;$o7JRohFTk>A}nQ*!Q13ZZNO|A-<Wn<@zq~+aV)UI&9er~UGzn>pB;W02?8#QFk
z|F>P#-3(F9zM<24VYOIOqFU48niG#|4c6#j5g<TsgrBTLDue1vHwY+g**<Q84;T_e
z-GzP40A}3be<&rbWS(OfqhdUjdUU9MP{Cc&W4b9YdA|8)$-`VHJ4m55K_aW!M8DZA
z?&F7RWB38J_ny3e8b4N|=n)9TS<#)%m#x>gzY?8&0BTd8RlOANYu$E7+3<qF9@C`e
zXJ`Oe8zi7KX}#lhf9r3s+33@QlDMP8D5zJ&0YLF-Vp>0EgX0GraAW+>{nIhf_OgrX
zx-es&v+sJ^!t)(17_@gd3iuN#!aFj03}OZoV1?jNn~5_pTJDa=v2Yk)Vf;9XP#k?4
zBC0Vf)+y5?pH?|&HW@34rE0JE`gC!l9$52&TZ2FSK90x5`yi|pvtvLKb@1dg1q2~T
zfMO*0ggYwkAxYfZ<!4&oEWYt62%iHncBW6{btf+klu&JnY$sIvx5@qs4N%;pl1Y}t
z_P*T3iT4vEcE~8pPurGtv&>auUV-SFIPC|uLgw$Avtd1!;6OZYOQ-$$EWnr!KDMoI
z75SmNm_V)f*VW#c?@cmUO~n%V`@h28s*Lh-4)B#~k&2e}vdp<-j*0rd3l6~l-YAt>
zLBXAcEZQzY9K}5?h`0@#G8vG($3O28-fn*7XMo&!vr@f6(g_I=53M)xuE4d&=a86F
zXBb<j3^o|BwO($u<tTMxe)vl$hh25&2JgNVLkj{m-RnL@K?*Kn#MsKx>iC!wucad#
z`mKYO_F`EL846S=F)1k_DduAeKz|VT_v#z>fG26ag67;6+&yW$7^LT-Kcm%}&4#Yx
z{zkoL27L2qe&+T8j`j?l*4mq|B#8t41&qX!>buG&xDd<vfGpV0PZ-8GkH``{yZp5(
z3602p8kK60in=FJ_0)W}s8aHu>9M3ytXC+i@2LUJ9^#jN3eBNM-!7|*w$QD-ZUyDH
z8L;J$diAMn<fvj8V%56W_HDRMRgKFg^)HcSt=G%$7B-6pb+y<9%?7GU2Cx~6t3xo$
z@O)(2(}8`OP8~o!0qinzkE3%hm|mC6K1ck8UeOwa)z2KZMnC0BeXmCnDpT~WcS6nq
zHd^Hma=KEjc3wA)Qc6c1kWtjSpoGdO2er2Ta`fWf)Sr+(g6;FWY7%P>HzG#CKAC{t
zsC7NxSYfYH%?tO$?GpE%tmo`^k14;aPH2m{dEqAj0Fj>F*%kCSk$wWC=-wwFh;^`2
z{e?E1%T&de{(|r?x8GCTJI{M`8GSK+$3CB+vUyn%mYeAJQ~{8mow!2t^YIm_*~}hG
zN2dtmPy0#>D@GZ#c31eW*(K(0CHeH+1C0!Bj*D|!;z`z7l9yp3C=ua))m(Kv`J|~u
z`WZqC<QPcLd*i9AlX7fZB`~3_f&`v9%LwB*Vff5h6LlXy?bdrxFJoY|9cU^6nW9&3
zq|uq5OIF(3KmyQIlBr3CDmb|GGX@wf0H}1B!afUEB~XcmrKMAK<iB0^uvL2?_3^0k
z@$dKh*Ouxo%!)@Ff`amI67AU=e;G5-;nsl3B*HQ&C03^j*OhS-CMp*bVslpnTU|CJ
ztXl9U7L<UCxAOw<BOY<f#&lTo0W`eoYzrLOx}ljoHzzkXSK~z?oAbu8@I6%edk{8c
zIy(UPiqOo|H;1*Frvl(Z$Np6D=zPeusa-k>gqwuk2-Jr%iot`@bwQ<bn%O>>TkA(4
z&-tslA<{!;+;r8_hI7D_Kk@m5<GJY8i);0KNpomEdOWGlALW!;O%-orTsa3^itkup
z?X@esTi+DtmKUAYr*-VoTg(W6-x<!@SfsZS0KSbpTttN$mifdYon`Az!PQV-Kw$L%
zU*4KFlZF^(t9N8QN(<B@tJYk*{LfZ%O<1fe;MW&8Huwb#Ci7^EArs=~nZWyIRR6xG
zWOIQGqCa6Cry0%FZk-9X0lKJMg+A&7UOki0KTK&@Dc+8`SbOPC`^>rO+vlUV0qc^E
zM|w2!{$jZgI_V^nV%8Lg{_fDPpP3t^P>Ilq%LE7q^=x{N<;V+qSN%mHYRA<9_vyPA
zP><-Yj8elY&0Fk|;zpQf#}cp3lE3!u+s`v<raB>_(n1|DgE{Klp2({Qu?5aYPc4*D
zhcva=1cL{IFSm+W1H+BNtj5(a6QG+gb0h&c&mI0}hV*D=Z=FRSmZX*Lr*{BP9@1{h
zw%ChFz|b+ZU)T~K>4pIbX`{LQQrR)kGUY_jR5{>kh~ES?OoCB{P~?-@_e9v0>U>{(
z5;>KZV<`Sl0K2FXQry~;+=%?}DauW%cxCwSA~=DC87fA+X%iteI_)5L#8qJZi=P^5
z^MEQ!um5IRwJo$hshsjR$O)Iwj4NBWdH&MSri9R*<>ls@keS=-5q38DmkvmH#T<AX
z7Ao#abTHRF`0%-5bt*T5N$pS<Ynh~G#`Zko&dZjDWeUvv_`Qy0(Z-H=&;l!E#4RYl
z#r2oCVTf7$2eVfooPT2L2^ctn4$dce#voAz(C9~;e9-kz(x`3(3FnY|>s`^lV@#ui
zR&8mCTRCwpujnKQTO_?sd0%R1Kw739hi`e<CAK1gEb3woc=20-?c_a{&z}Ak)yJWG
zJIo{RoF$1o5pV1_o~z#d#!}+ey*<Ke<_Qg;m~@OdDS<oJ1VoMH1!3$Jk{Wl<<#v;b
z^z0Jx37<%MpRICi!T?iDo_ou)qUz+el#e{9W$4aI6NQ{U>w6QjT%O;9{}cUcps97h
zz;u^Oo5`9?-dT;R3IG!7^;=x!mDmkEyAn-1&$q`nt&h`GkQplYObbXiWTsGdjQ*Iz
zW5&oIJ}Z*@4I>1~GbeBh+yAD74()?)o`Le(;6la~kU?2NQ%iqq-V&XBjuFt6+Rj~E
z*^j}HzYUg=S3(-1+!Q|?LHqzC{`Kp*noRg6twok%TQ7%4Y|)=Lin}S0(`uheo=#Ba
zf*1*dO1tuLIPWhw4lV1@U(c6%^)kBwhCPjPo#xSJtf_s3uU7e%Y=$bSXoHcMD|?%6
zQULR|!UhM{J{g~>^y*LZYfC3`7Cqmud^>X4^9+UB$kFy_B+dGz_mGDGgy0i3D>ekE
zWeX^<0B?MLSFkTD@EUoqy~eEZTdV^d9PdG2&(Q?6{CjHorBA_Y{zzhR5@(XR2N}ko
zH2@F<TxH(e=6sAL)2Ma2C2G8%FiwEZ0`_ReM4B{)A5@Su$8?R^Yq8C_`%MUh=hbac
z1-^RtG7Od4-x+I7+fUG9?AoMPiRF86EN#{_Tk#<EnHYB<_j%-uMZ`q;tas^f$>O_Q
zQ`y{)AkKTd*@AdEtKUn%eIImb@o8<a3eu~K%KL&o3O~f;TB+On@cod+L|O?F??O-7
zxq$`ly*5!>&<Gjcn?w-_zXaGd&LF-j`wk3E(al#Q>^uJ3f4`D#Y(Z$~S++EA=nqq3
zWh+K!#ujt0+cMd6&ON^T2~aUAGVF@Mp<|b-obWV^;|D9y-GtYc8(p;Jx9w{!PC3t3
z>OaGIdA&eeLN^Zml75fif{<yhrnY`(LW^c-DuJq5g2@~0No$!40?5xt@P))V#je0C
ziBy`pd&74NWQYtt&sKQpc#bW1;Qu^mCzJy<*ZaSOCVrD(-jhci<;A{vyUY$qk**!w
zs#`k#TZGeq_fJFMQp6gv2RIkE1xsh6*{iTA<GW?^t`==_>>dw5iw)?N0T_~ieX75l
zMgcgmWm6_uS8|ZKp0s)3bvL<*8lK;rQWpz*`r`%Zxyi3*`ox-S`LEh+R1e7FC$0s2
zOG=Y1Qa=&4)+d9U4lp15Cif`CGJ7#@W52eUUCAl`e0gw`_ayo`)hr>xq*FNj6X2_B
zON?<ni1%}lhaQ4<l)&*g{!Zot^4Te-kYv(zjd9uE;=9KLro%Ns7{Lwxfra{i>~x?f
z)W?$B2VX6nA*W-^bv7HFOMvGBO(u6V^j=01JRC{(2*u0iZgi;`kxI1G7cqI`&;kTm
zC4$w(LNl~ytnsax;zW2sN>!B2NtO9f?+JNI6z$m-ih_b#GHhh~Z(hxknPSyMZ$CM;
z&&VXczwhjK@NzkkGw2Syr9px>kPdyPNeE!SZ?}q&pvN5;au|EL;2tqXQp5C2!6A_)
z>p{k=$^PKw0{wKnK5rGx{yIH0l4+hBG@*py&<aM%M&tIqbn`|nut{_8o~b~cR9!iO
zB11zDI_orTHN&i1GSiB=2fqmrS~5I{N#@*>Z+R3{K2)x!llc2f7dulzC&8^W^ZjP1
z|KP|*hMsif6K&u=+#C`iqu%BLH(hJt&T->Q*)yOK9cmjV^($$gVYVH<1jwFQQepY3
znEn#CtzyY@mek1MRzm6`!PB|i4dG(@V;#Q_Uk5-x<lhD@?`!Zo4gpb~R~YR$k9p%~
zWF0SQbNyoO>|O^<S^^yv>AUeeKNdOrhHr63>oZ7i92hfn5d$3S2eo1@p#G2iG<#`1
zJ9*E69B@)d&_O%01P~kOR{CgC@YevPvAj=QHz6~i-@!h@xMW{-8G!6Yxf!Wuro2He
zK-MMxY$|!TM)erI5JT_sZGXr?&j8<6+CJnRXfn9|pebsnIDiLYUW<Ke^DrI-0O)In
zBHQb)+sw4aeJsivKyNj<%oFKQBJcQWtAL+pnR`~*y?xY!UU}8`auZVB%VLeM^g0U-
z=}c`!S<g(>e#UB4V*O*PbIWnV-`GQz1q%K7XOX@gtpv$WcnJy8Xa1&1ASU0dWPC+9
z5giD0iL+-E+thtJ&}9zbnvE?JFR#Y(fi?m%d*3gpdeyii5ZsdZl@4u(MAJFIW9R*?
zBPKHAm-%IrqWWAYeret$Ow9{g0=>gfO_$#+4gk_sB}*660XvA7pgc7G{%3|bee}C5
zCXEioo12d~`x)Xb;|!I1dScSUuXN6^%AE=kBhELRqb~F3#{xJv8NR8W%lzZ&?cg1p
zTBB}{ZYVw~muCWgmm=LN;^bRX?YTphO<w0%{7i=8_%A_i)>l-<&?LkEQ^c7ELb<ko
zd=^V~rOh(NE@dehl${|IN-Asgv(y-CG|14*tD?nTDnvAtWk}hxOvgDSM>1JDV?9TO
zY@_VL?;1Jp`|lXfJaa$S-1oJ7zn_uw?yCxSAK<1R(;{=3uN59k=4Q{_o_b#|-kv`N
z>JP{L?$&+Bl{pPQk@U$QZ@S#xRH%%r^gnq0VW3Z<Dhc-<d5xP?DD@shrHkE$$|1q~
zzJ$GeIH1X}qX(a^W&X~TsNx+@U)gu1abj&BeyDkdID?ul(OSR{|Db*Lj+d78?9qBk
z)=~M}g_w8Cp~vs(x{p1<N$5DTQzFdu)ntPhM4HQpEq8;N??XrCiD9(BikTZngs4YZ
z4o5vN>j-ec*wrg$3tUzXikOnY^O(m)ON_S#*rZyyb#3^@_jO2|o4B<~b{Zim<JhZm
z^BI?;H1I?3I=b^|Z6}`{`(u*CT>`05KHY7E9!zu@i8k>ab9vqMH_vcPMMrDDmWxY6
z)#be|$ZKWIQ9Tm9tfN1b2*K)Xe~(tytfiamN(d$JjIgKsur;xNl$E(u)vU(UGXKf@
z;$q%G&_cMEKQZe1a-HFBsT1O_RWa^!01A3_W{;D<R$jsBUCHZ51UcCdO`?7%IZb?e
zDD8I&ZrU6auvTBJCA$-NtN(LK-{g6L3T7#2O4ssMMh8j<>?_@A?`PrAfU{IiZ8XY%
zD%`R)<6LD;s3v|xVEEkqCda)?f<f`PX*GY}OxP8{>Eb!8X@44@yd5j=wg;!iPrg0(
z`o|k>MFKQ3T}B24UHQn5F8A@jALp^Cak0B7hHAHQbs;vMQD=wx8z=+XWBgUV*_sLC
znr{m;99a-L4mgHBm<Zn&1`q)a464Nb8?;>keLaRM@w`?#0f}A0UQoFW@gx*sj(JAd
zKdsA1|9)>Y4c@K;3HvMD^eCg7mRFbe;OYCe*o<yd|BF=cXdsKZe~MPKBo>>~+fTvl
zQ0EqfNYTk@rfSCeboUfdwEgG}M}u_PcErrU6<3GOdpzXKxvcN<9*=L2dhcd`1xd=&
z<tDccMWg$3d9Q4IK4fXA`d^j`;+i^csv;|sViLEmP3%8lb*rzkpXP`Ec6UvP*w05(
z3(vp1fDS26*O=Esm7*7T)1F76z8>5ZCtaB`ZXS+jgiyg5N-I+>(ElReQ+<ajPaT2G
z=RMBj)%DdgG|k(-?$M(o&y^xRUWEoCJ-Ad3_m0>ktT=%(LUJq-{7Zyezk^GP0Oo2*
z$`mo1i_j>#2Kial$!qu9<Gig7>;VswUg@ogDw~LtAREI`>aDV8Uw_P6%`63pfz%Xs
z`YLppn0wOCs-pd&HVGuEnBm&n-$ay8#C)w4U2Ct15fyikU3rym;Q%_n5JxWEClLmN
z`V~eo4y-wtL1RXaJO=?Yh-?)Y>a;V6ib(XI9XSHu^!v5pmf;*us`TIA!1P2`UOGPn
zS)v(u2W0%0!#p__g;204ASaSb^4utosrQL?p@!;8bceCKqHBNHEY4uN6TG$CkdR^!
z;#YacSEn6@i=*#d(E4&(L&oj&>y!Ym-9-k3@ifu3PL3DNs<ZMT!mqck!9RZWfXd%t
z+CfNm>1-Om%gAo-9%WolfBIZQ|IL?;M;>#N|4-HE!}w+sjM%@6=1*niPGRPWE0`(k
zZRHi8@m?O+#~K6U`{KH~U&rs3tJm<iD?IkQM3@nwX0n3eM)RJRFLk0dJIj}Tv2qv9
zvRMr{IXYTZ?iILH#^34QS8TW}Kjjpq`Rt-jsag8QS~YH(hk50SfL(pQv@Bg(ye2<Q
zP7N2O{X%K#>ewNpD%2_|=ckvg><ZRpL|gg3XnFh1_K7HlAhG`ojrF<6s`ukOV~v5P
zO^nOh%UxbrEa--p-bQxkcMaUO=ZQsUiGXP#spg?&?Xmuc%8fB60tfGu@~*e0&NPW2
z6H`{Ms+w9S(T!PhLEg-7kJan2Lp*g?i}}WEmANFIF|)2SR2|e08a1LDY$Kx|0VT=4
zIg)zD>iD->4+2w+Vlr@k;>7U0TflRP+zoJz+t6MnR+97o>@a2Uv=c=K&~^JR7T}RH
zN>Ssb-9lt7rR0FGI&_Ssh`OwSlfmN^7rJ#KG_o?drkp}YYF+P^r<97hL??90GmtRC
zYFUZ#F9;bk&seB3C>_DxbOMpIxwGvjp2JqhkC-dG%5NPecFwp;y7JW35%{|aHV>9W
zx)aPE3fHOPHx|LiE{EUXD!4oLl2s=7B9;;Z1LR&|{E9MuL#7~M{U*Fx_J}q_|Iz%T
zDJDr&H<lDybA5rt3{0)O=dh{Hft2q;XFsJuO1F`uYBq_bJ*%b<@COu|&bjk~->F43
za_1+oxd%)cufR+j!QR0t`@xX88X33Fak_2b>cbYe<~+(1!eYl->aFX4Y_|5wM+;J6
z5ZjX$0`on&8#wn$_Y=O8^4@FcPl{nJUnD@5o%eK2^yu^{`wq%!UtXqNyLE?~RlPLr
zS_4>u;KWhL7G0aC4Lv@j;q)L&3Rb@HyzqzR>&8!oywQ7N$2Oew;wquCG1f~PflSeo
zyZz(%9wd4eUnal)j-rIN0Czo_TuG8L`+UKEywzBd^GcxHl|gK8g8X+a<<1h@xfH8c
z@$?kb7jmK1?L|Bvb)C>=zoh;=sw5vhQdqV<c@SqsHK2%rBNH6CB&pAv`rI5Eo#oS$
z;LR8inv~8BYziy&OP9=e{K1-f{xS3v#ueqwfIp;2=xdw+gV?Yk+&S4uSWA?TnlD{I
zsz2wF_FI_A)OAKSZ%$5{<%1hz&(NiaXjgDJlJs9(j9VWBiz8DtgS@Mt@8#T(5fuc!
zW}N~wEB;AJfM4^32IDw1wc!cB^F7NI$m{A1|EPryKNh!sVD0Fzu>zL_?r`@5ohyem
z`P+H@+5>)vLxup&R@hQpEFb^VQhu>SHHmj&=ASG!=(e$DS6>!=J-c>A{e}0Bxxh<W
zU(kK%k8l_r8b!Va<tum!yE?Tb`l<Ia)7HZ&<wb3aD-kDQQt)&^Y(~AXCfAe?nY^2?
z^ICk@U#o)<Ym{*Y(R2=r{i;~Ykr1|11z-_mqPZqn<Tu!(?G1x^Nadb{JbBxTZ_g^X
z_CxK1T0pP7ERTA-CiY1kf9-Okh`uEsRmGSdWphUTAgLl{Ul{5E(6Zw6&zw&DX<Dv!
zL1UfA4<vlGBpH8z3kiMNzI60p5lJ62FB23Lw@z;_u{A5IDf?@WF2_8)809hZm3#}#
zWgs@)`9g#}#F`E5%BHA6JH9=bO@&&$&#8M!ZaMLSi(#)wJGYys21`ZuYSf{fgdEuY
zX_D0%xy?bIyDZykHoyU?4LtyePZ<LDJBH5L$ybetj2mN##TZK$EpJ;akFbK`@y}Lv
zh#9`lKG8L?ikRdDzRqlfpJ3)0a0x#`lKI0=z5mKUr;1+c+9&zp8)ddAcp5ew=KsmA
zD8p|8QOO+|^4dcuHSKFdJ)vt~NT+HUS(;tMDhp+J(lnm9+!!k@z?_i8MeWyCR<z*?
zK#{g}V&T4SO8+c(h+99)th_#>?C-w+2T7nnq-8YZ0b;-G2R+c7HcE`z!m|>F)M=Za
zb)jBYiHw~NS{L<cAO6}^FwjHHo{L+TVZQ9X2Il&__uSfq2Ff>;8M2m8N)=DTZ$YJ(
zR&ea!MAx`If7bAcdlsHCRecJ}DxSNc#75b-R_S-E4o5O>%C5*2sVMbk1!u3_aFAcW
zYdQks%*NaW+Uxyzqjrffu@|Hq*-~Pf!W~Oqt-hFO@X{Y1CNkQHEnPcKQy0G!DoTaQ
zu0VEr4IK1jn17N^s09fS>?WSVCZPz14r-$FNCG+<q2EY4!98HhTA8d4UjLaZ?s?ku
z2|69aB2_g{iI8_WK7)T`iwx6cSAJLvA3b@1E1ktov9m5e`Xo%Tjc0DB4Gp%+-q^84
zZjxtphVXghq-5@pO)F&(YzVPqMgo3_pAQ{2^zTk14f*tswNhq@SqXtWx;%|lj1%@F
z453I%9)xPvAqz#WqYC&9Jr6Vc|16ZSW*xp`?Zy94%1cEa3<sgpeIY4_ORDoCV*@i3
zk=+u<fl-Cootw=MWVt?pB`reD^ueVAprgN=p1T0+@6K>34$cbo{ORnG!wTLNq*L(u
zvm{Ho!6>~O<?ee{3&T@)3mM6_@a0(?6pb<>5#QBlUVI+*`&h2%nmhxHn?vY9v)Uu)
z%Sf)={l{1}pEG1vd|Q7vIk7F%qOkt0QwCQMl<z65R19Jdq6$@XQTn1%ki}H%ZOfT-
zo?vB{kxIoVLOA!q0+MT#wt()9(5C!un@70g=Y}rDuX3@~hebV>S;5{xLTt6+i?Ua7
zbMGK-^w?*K{k>LJ`R6*<7N6arnwiZh&(A)Dp@4{&AvVP-<n&K-V!sZh7d@j$m)@(j
zp)e)96Pn*$!al>BEjxPfxunX9w^l{y6&P2xNrb7gr~fpwAvS4b#?9HiDxTJdLY?uZ
zeZr|?<XfkjF;_IRpJr_W-EcG(oan-zu;GVa9A3t1exBPFB*hjhpAR_Hp4L?gc!;#}
z9pC3ayD4Qi{lz$EI;ZTTyRbuiq`_#UERW*Tn~8NCiQYDecMg7KG_Z<E|L6doW-Of5
zz;4NH!v+B#Z^IK{kbb;U#?CnQpR7ai%qhl<RTLrr>)?6IW?-sm6NZ-8DD<)BuxH0C
zy)U<*S_)O47{Umi#`Q7d(xO-gFXbs!{_^~OfGh~>-wPJT3U^|&W|!<?@J6r?`Fo9O
zFm7S?$%$c3>sa)JiE_8_rGQ#?j*^_5rVnIw)IG@8=)RPyqIpMsVOPuA3wlD;C#@&}
z;FRQ<G_TDkai1;3eDo_(bUXbF{j9h6*!^YVV1_ViArDiOE-ib1ABH>glm6rOBO5}L
zB2D4hO3^iukoP9vd{eAnBO{Xr6SH0P^8e~LcXm6xOV<#8?f4XBH=YmRV4TK|In{=$
zmeJeHSos_%ql2zSR^N4qjocn&6=yj5@sP?Br{tGNyYr_rlCyrQyLl}2Q5%sDl1d5$
zGA{Fu?}c_HwcaXEr4QM*YcENO9hP;%I_th3-@%s5Fy)!|cHm60+lRvz0P086u3=B0
zEeoX;c1_dr^=()4m8e=#=sF~p-1mX{LQc-CRYK>{y`ACO1$7=a9zx91LtiM~RBwv8
z<*k?-mf0DJskM$q7KLZ(pG6E<`KGLB*f%{PQs5-|7H)v&^i(=zrwR-%+t9(eYf)14
zhh^`_-)OdTc1a~gEmp@1j+GR=j`*Hl%Uvy8tqBOEsR-*0oK?OM6_V<<c*+%Oh2@Od
zNH8y9{%r-#;JrrvWqYQ?qJ_QP9oNc}BZ2T}&7F_1RkO$%=P`~{<)Op}3iTq1<mL_;
z`ojpW@bcx+dYZzdKLEXW0~FQ_2l^{AHfm1&A{Nr}((!NJF%Db0l&KxF-XGupR^OyH
zBI4e?leK{1>hv4!*>Cgly`48Od^QnVD$HHzs<usD+S@0WvWye-A4zd#_~<VPG7GnD
z7tgy@f&PUZ%qeqf_8gMRy_UPcWnR1aOo7AJS~6Z%X5B1XQe<!}xn%1e@YZi@jv@d+
zCw_Q~-AB7Vpo!fmWQpw@m-z2X54;T5y+N_S#QjSQJ=;?)WEJ__sHQ-5-GaV(tpz7?
zIG-|=_bBn2S={<MEA@X@P^dZwnulf170kD;a2NO%M|!H~i7lOqJ=JP&8=Dw^Rg9`I
z%~L_h#KBWC;YZNQFl6Xa-Kg8@a!9V2?+YlHe9LGGi}`N7#R9Zzlqys#qNrmbJ0D$i
zlasi30(~tF9l*W2P4`a>tufK5V)OtL=llzQs3}S87p8S1R*?ejUlLV$>bRGjryTW$
z-9Fp!ATo=+C~uc8-Pl}XK?7oc3S+|Z7A4+dRz3_d0mnmcLOo1V4xoC`$1h5MV~DOD
z;#}K&>)Ox_UvwSDP%ilClpIL4=4)_@6jocX`mT(Y=Cv&~IF($&<lkH+@%=Wbj0dS_
z(UZ)koM~hhCbzL@A(O?~RDy6Xg1+Y1g5R=yfoxuDeP9#v>9vpJamMkHCGGro=$>yw
zHXO;<;xOs3Nk-xb@YF8f4*lzQ7IG6?$bopkSc5q1GkkI-RdDaD53#?bV)T>d3}Rv5
z!S_uJtgqc!TAPFB<}w4%wMvwrObJ7EwCVTL83Lf`?9B@Ehetzcqy8Zv80HnXKFkW)
zJ+4XL#9AhsK-Q_ToQh03EA_M7X}?i9r<85XJ)wyh-tg^kqD}nb875Q3a<lo!6~jrZ
z2>0g(GtTK=Z#5|G0zyYXmUC(<;!fz}U$8;V=h3##@7-^|YR0%mGVhbQKf%BOMm-mj
zO#oTS`AUKS!SQ7LeIs@)88>|f`p6JF28>u}B%{IZ8F5Dt^(#`nlGd<6o^NKAkd4p;
zb&UK+(Q(93m|Vnu;l4@J3;W*{i+%1>4(LyM4POHA2(iNmI>P7n4e3CW>Mbi|kN8fr
z0X`1?7k@Jbh8i9d{AO5TvR_ixB`B$RQS24|rbcKD^|3~cy-xlcFEL@Mm2#?6W(-14
z^?l!LO7x3ne=b+k$6gF>Yo55d2V38k4TdtrP_fp}5=I_poRl4V9;hz-u3Y+6zp)Qf
z!nzH4<zg%p(VX9a=FarI>2rvV!oAHRR1rwaOQQ@eVCEtY-Lk&h7sv+qjW?`OQ?CzO
za8EN(k_jBVQ9Bf~Aw=GxtBE&ywQ%GSjECPbMyWcd!n|i~7#5)N^vxDaHhH?WxVwn`
zdsG^KF#25~OVtIWYZ2+7e7YfWhWEUHs{N5naR$`qA;j!G$tJY_{folz36E7)nN|r;
z1CP|136*MG0H24(u)lG}RSX&ISv4$^IKll}&t=SUqz9pn1{PDBpEN3gH=6GRfW6X}
zrHYNMQIjHd+d%Ec_pr&qqr-&t@)XT~D}r($l6UEHJ3fc@%OQ-e<dPU6qY(s0i*pBi
zzfk8XY7{z^PMIg#T{a9rR0?)(RFP!lKm+pYN9GL8proT4VQ<uEJdst9^oS(w;7vrN
zQvVnYr}Gqd*QFI=e(u#r_=)9iL{1swdH#*ZuHxWWG>ch+k>)<XBRAV#Pc-?$$&l4w
zo2&NHHg*QfWZPj%?>=!E`z`*jW*0}W(#t7vyyMytgW#nHT#sB6{?~Jq0}$7CdwY*X
zD3l(xSROzp&@pjuU;KLzfPf(L-p)^XP=)^kRvghal?wEBaf|)pn;%I4V-e2+YW<{M
znk+legI5ua|Mtj1Z<DQ=tX=c@dx(!;!>n)%Vge!An{d(Cjeiovs`;Fc-&%^~Bd(X1
zj~vz+3XdJ3=5hF>hdmOw7NCfB<9xSg(kM=_$^EzxA1TSkKmuA8+Aq&oHJi(Ui==GD
z)=NYWV3CH9ZM_M3PfHNOV3VtdKYv%i?b^xN`JLdtA2HHstT6F<amL?_Gzj|g#IxHr
z_axZu11=2TVeozk8|SW(3J-~kc7`SQnx0dFd<Oy@c5(yD_Sv&^%yEGM0V#emv@!5g
z9(b?8U$L-V9EKU+A&RSV23{kw5Yb%Z{ZP1Y-tlJZ9iV8MUS?EL+<aT?TLl3p_yPI|
z6*1eBJ5O&NxFRqKM;N00pyoD}Mn(%ufwmV2G;*4xtwU)p8Suq0v<s;4Z2j!cNTkj{
zPv*4V-tFQ>TW6sr{HXcs(4Vl5l_Y(Gt6WR+Y_VYgPk;jZmgUUWowUMae;a$p@RP6E
zcX|>C_oPwzh!#W(;1i!?lK#6B$lU-Jwh|88FZ5|w`1z@aK8MlOQn~`VyL1oZH!e**
z!7E_5J`_?&I%-nT52fE2K|kd&_6UFjdF@1rAYi4evqtgwcmGC`In3!%l1L)D2vyX+
z;4JNU*MW5KyEARMvn8Wfo)OhPAq~=uAqE`~EjY%Nt1B9E8zOm(&NosktptFtBdpAA
K@g=4n|M`DDpF0l#

literal 0
HcmV?d00001


From 621a006e5461042952ffbc9ad531612b21c43827 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:44:50 +0100
Subject: [PATCH 39/54] Update penpot.yaml with Logo

---
 templates/compose/penpot.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/penpot.yaml b/templates/compose/penpot.yaml
index 9bc21b398..05b73cdca 100644
--- a/templates/compose/penpot.yaml
+++ b/templates/compose/penpot.yaml
@@ -1,6 +1,7 @@
 # documentation: https://help.penpot.app/technical-guide/getting-started/#install-with-docker
 # slogan: Penpot is the first Open Source design and prototyping platform for product teams.
 # tags: penpot,design,prototyping,figma,open,source
+# logo: svgs/penpot.svg
 
 services:
   frontend:

From 6de9be9ce7973a1a5953a54caba6d360c6d3af62 Mon Sep 17 00:00:00 2001
From: Drdiffie <61631493+dr-diffie@users.noreply.github.com>
Date: Fri, 6 Dec 2024 12:45:09 +0100
Subject: [PATCH 40/54] Update whoogle.yaml with Logo

---
 templates/compose/whoogle.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/compose/whoogle.yaml b/templates/compose/whoogle.yaml
index c049dac47..0be303f9a 100644
--- a/templates/compose/whoogle.yaml
+++ b/templates/compose/whoogle.yaml
@@ -1,6 +1,7 @@
 # documentation: https://github.com/benbusby/whoogle-search?tab=readme-ov-file
 # slogan: Whoogle is a self-hosted, privacy-focused search engine front-end for accessing Google search results without tracking and data collection.
 # tags: privacy, search engine
+# logo: svgs/whoogle.png
 # port: 5000
 
 services:

From f82d95e908861565bdccb1eaaffb3e79bf878f30 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:07:56 +0100
Subject: [PATCH 41/54] refactor: update Traefik configuration for improved
 security and logging

- Removed unnecessary volume mapping for production environment.
- Added insecure API access and debug logging for development environment.
- Ensured consistent handling of Docker provider exposure settings.
- Updated certificate resolver storage path for clarity.
---
 bootstrap/helpers/proxy.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/bootstrap/helpers/proxy.php b/bootstrap/helpers/proxy.php
index a8ef0fe5a..463e89b6f 100644
--- a/bootstrap/helpers/proxy.php
+++ b/bootstrap/helpers/proxy.php
@@ -173,13 +173,12 @@ function generate_default_proxy_configuration(Server $server)
                     ],
                     'volumes' => [
                         '/var/run/docker.sock:/var/run/docker.sock:ro',
-                        "{$proxy_path}:/traefik",
+
                     ],
                     'command' => [
                         '--ping=true',
                         '--ping.entrypoint=http',
                         '--api.dashboard=true',
-                        '--api.insecure=false',
                         '--entrypoints.http.address=:80',
                         '--entrypoints.https.address=:443',
                         '--entrypoints.http.http.encodequerysemicolons=true',
@@ -187,21 +186,26 @@ function generate_default_proxy_configuration(Server $server)
                         '--entrypoints.https.http.encodequerysemicolons=true',
                         '--entryPoints.https.http2.maxConcurrentStreams=50',
                         '--entrypoints.https.http3',
-                        '--providers.docker.exposedbydefault=false',
                         '--providers.file.directory=/traefik/dynamic/',
+                        '--providers.docker.exposedbydefault=false',
                         '--providers.file.watch=true',
                         '--certificatesresolvers.letsencrypt.acme.httpchallenge=true',
-                        '--certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json',
                         '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http',
+                        '--certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json',
                     ],
                     'labels' => $labels,
                 ],
             ],
         ];
         if (isDev()) {
-            // $config['services']['traefik']['command'][] = "--log.level=debug";
+            $config['services']['traefik']['command'][] = '--api.insecure=true';
+            $config['services']['traefik']['command'][] = '--log.level=debug';
             $config['services']['traefik']['command'][] = '--accesslog.filepath=/traefik/access.log';
             $config['services']['traefik']['command'][] = '--accesslog.bufferingsize=100';
+            $config['services']['traefik']['volumes'][] = '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/proxy/:/traefik';
+        } else {
+            $config['services']['traefik']['command'][] = '--api.insecure=false';
+            $config['services']['traefik']['volumes'][] = "{$proxy_path}:/traefik";
         }
         if ($server->isSwarm()) {
             data_forget($config, 'services.traefik.container_name');

From 659309c5b4e493bd7270925f1512a430e459fa2b Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:08:04 +0100
Subject: [PATCH 42/54] refactor: improve proxy configuration and code
 consistency in Server model

- Standardized spacing in conditional statements for better readability.
- Updated proxy redirect handling to ensure default values are set correctly.
- Modified dynamic configuration path concatenation for clarity.
- Changed router rule to 'PathPrefix' and adjusted priority for better routing behavior.
- Replaced empty check with 'filled' helper for improved code clarity.
---
 app/Models/Server.php | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/app/Models/Server.php b/app/Models/Server.php
index 3ddea4f32..8c7c7b769 100644
--- a/app/Models/Server.php
+++ b/app/Models/Server.php
@@ -105,12 +105,12 @@ class Server extends BaseModel
                     ]);
                 }
             }
-            if (!isset($server->proxy->redirect_enabled)) {
+            if (! isset($server->proxy->redirect_enabled)) {
                 $server->proxy->redirect_enabled = true;
             }
         });
         static::retrieved(function ($server) {
-            if (!isset($server->proxy->redirect_enabled)) {
+            if (! isset($server->proxy->redirect_enabled)) {
                 $server->proxy->redirect_enabled = true;
             }
         });
@@ -197,7 +197,7 @@ class Server extends BaseModel
         $banner =
             "# This file is generated by Coolify, do not edit it manually.\n".
             "# Disable the default redirect to customize (only if you know what are you doing).\n\n";
-        $dynamic_conf_path = $this->proxyPath() . '/dynamic';
+        $dynamic_conf_path = $this->proxyPath().'/dynamic';
         $proxy_type = $this->proxyType();
         $redirect_enabled = $this->proxy->redirect_enabled ?? true;
         $redirect_url = $this->proxy->redirect_url;
@@ -214,7 +214,7 @@ class Server extends BaseModel
             "rm -f $dynamic_conf_path/default_redirect_404.caddy",
         ], $this);
 
-        if (!$redirect_enabled) {
+        if (! $redirect_enabled) {
             instant_remote_process(["rm -f $default_redirect_file"], $this);
         } else {
             if ($proxy_type === ProxyTypes::CADDY->value) {
@@ -237,11 +237,8 @@ class Server extends BaseModel
                                     1 => 'https',
                                 ],
                                 'service' => 'noop',
-                                'rule' => 'HostRegexp(`.+`)',
-                                'tls' => [
-                                    'certResolver' => 'letsencrypt',
-                                ],
-                                'priority' => 1,
+                                'rule' => 'PathPrefix(`/`)',
+                                'priority' => -1000,
                             ],
                         ],
                         'services' => [
@@ -253,10 +250,11 @@ class Server extends BaseModel
                         ],
                     ],
                 ];
-                if (!empty($redirect_url)) {
+                if (filled($redirect_url)) {
                     $dynamic_conf['http']['routers']['catchall']['middlewares'] = [
                         0 => 'redirect-regexp',
                     ];
+
                     $dynamic_conf['http']['services']['noop']['loadBalancer']['servers'][0] = [
                         'url' => '',
                     ];
@@ -607,6 +605,7 @@ $schema://$host {
             $memory = json_decode($memory, true);
             $parsedCollection = collect($memory)->map(function ($metric) {
                 $usedPercent = $metric['usedPercent'] ?? 0.0;
+
                 return [(int) $metric['time'], (float) $usedPercent];
             });
 

From baf6c20997e16c2a979c45542a2f352424965fe0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:31:55 +0100
Subject: [PATCH 43/54] fix: restart proxy

---
 app/Livewire/Server/Proxy/Deploy.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Livewire/Server/Proxy/Deploy.php b/app/Livewire/Server/Proxy/Deploy.php
index 8fcff85d6..4f9d41092 100644
--- a/app/Livewire/Server/Proxy/Deploy.php
+++ b/app/Livewire/Server/Proxy/Deploy.php
@@ -65,7 +65,7 @@ class Deploy extends Component
     public function restart()
     {
         try {
-            $this->stop(forceStop: false);
+            $this->stop();
             $this->dispatch('checkProxy');
         } catch (\Throwable $e) {
             return handleError($e, $this);
@@ -105,6 +105,7 @@ class Deploy extends Component
 
             $startTime = Carbon::now()->getTimestamp();
             while ($process->running()) {
+                ray('running');
                 if (Carbon::now()->getTimestamp() - $startTime >= $timeout) {
                     $this->forceStopContainer($containerName);
                     break;

From e84dba493e7eb1d57b8e696d2fb7e32b835c0718 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:39:00 +0100
Subject: [PATCH 44/54] fix

---
 app/Actions/Proxy/StartProxy.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/Actions/Proxy/StartProxy.php b/app/Actions/Proxy/StartProxy.php
index 7c93720cb..9bc506d9b 100644
--- a/app/Actions/Proxy/StartProxy.php
+++ b/app/Actions/Proxy/StartProxy.php
@@ -2,6 +2,7 @@
 
 namespace App\Actions\Proxy;
 
+use App\Enums\ProxyTypes;
 use App\Events\ProxyStarted;
 use App\Models\Server;
 use Lorisleiva\Actions\Concerns\AsAction;
@@ -37,11 +38,16 @@ class StartProxy
                 "echo 'Successfully started coolify-proxy.'",
             ]);
         } else {
-            $caddfile = 'import /dynamic/*.caddy';
+            if (isDev()) {
+                if ($proxyType === ProxyTypes::CADDY->value) {
+                    $proxy_path = '/data/coolify/proxy/caddy';
+                }
+            }
+            $caddyfile = 'import /dynamic/*.caddy';
             $commands = $commands->merge([
                 "mkdir -p $proxy_path/dynamic",
                 "cd $proxy_path",
-                "echo '$caddfile' > $proxy_path/dynamic/Caddyfile",
+                "echo '$caddyfile' > $proxy_path/dynamic/Caddyfile",
                 "echo 'Creating required Docker Compose file.'",
                 "echo 'Pulling docker image.'",
                 'docker compose pull',

From 5453b9030ef61842824a153fcb8d960e07613002 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:39:20 +0100
Subject: [PATCH 45/54] fix: dev mode

---
 app/Models/Server.php | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/app/Models/Server.php b/app/Models/Server.php
index 8c7c7b769..4c4ca774f 100644
--- a/app/Models/Server.php
+++ b/app/Models/Server.php
@@ -201,7 +201,11 @@ class Server extends BaseModel
         $proxy_type = $this->proxyType();
         $redirect_enabled = $this->proxy->redirect_enabled ?? true;
         $redirect_url = $this->proxy->redirect_url;
-
+        if (isDev()) {
+            if ($proxy_type === ProxyTypes::CADDY->value) {
+                $dynamic_conf_path = '/data/coolify/proxy/caddy/dynamic';
+            }
+        }
         if ($proxy_type === ProxyTypes::TRAEFIK->value) {
             $default_redirect_file = "$dynamic_conf_path/default_redirect_503.yaml";
         } elseif ($proxy_type === ProxyTypes::CADDY->value) {
@@ -214,18 +218,18 @@ class Server extends BaseModel
             "rm -f $dynamic_conf_path/default_redirect_404.caddy",
         ], $this);
 
-        if (! $redirect_enabled) {
+        if ($redirect_enabled === false) {
             instant_remote_process(["rm -f $default_redirect_file"], $this);
         } else {
             if ($proxy_type === ProxyTypes::CADDY->value) {
-                if (empty($redirect_url)) {
+                if (filled($redirect_url)) {
+                    $conf = ":80, :443 {
+   redir $redirect_url
+}";
+                } else {
                     $conf = ':80, :443 {
     respond 503
 }';
-                } else {
-                    $conf = ":80, :443 {
-    redir $redirect_url
-}";
                 }
             } elseif ($proxy_type === ProxyTypes::TRAEFIK->value) {
                 $dynamic_conf = [

From 2b8b85618153f976e77d398c55670b7f313f4045 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 13:39:28 +0100
Subject: [PATCH 46/54] fix: ui

---
 resources/views/livewire/server/proxy.blade.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php
index 5748a5876..00e0b04b2 100644
--- a/resources/views/livewire/server/proxy.blade.php
+++ b/resources/views/livewire/server/proxy.blade.php
@@ -27,12 +27,12 @@
                             helper="If set, all resources will only have docker container labels for {{ str($server->proxyType())->title() }}.<br>For applications, labels needs to be regenerated manually. <br>Resources needs to be restarted."
                             id="server.settings.generate_exact_labels"
                             label="Generate labels only for {{ str($server->proxyType())->title() }}" instantSave />
-                    </div>
-                    <h5>Default request handler</h5>
-                    <div class="pb-4 w-96">
-                        <x-forms.checkbox instantSave="instantSaveRedirect" id="redirect_enabled" label="Enabled" helper="Requests to unknown hosts or stopped services will recieve a 503 response." />
+                        <x-forms.checkbox instantSave="instantSaveRedirect" id="redirect_enabled"
+                            label="Override default request handler"
+                            helper="Requests to unknown hosts or stopped services will recieve a 503 response or be redirected to the URL you set below (need to enable this first)." />
                         @if ($redirect_enabled)
-                            <x-forms.input placeholder="https://app.coolify.io" id="redirect_url" label="Or redirect to (optional)" />
+                            <x-forms.input placeholder="https://app.coolify.io" id="redirect_url"
+                                label="Redirect to (optional)" />
                         @endif
                     </div>
                     @if ($server->proxyType() === ProxyTypes::TRAEFIK->value)

From 1886347b55eebf88072b22f30c26b35aec20db7c Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 14:08:34 +0100
Subject: [PATCH 47/54] fix: proxy change behaviour

---
 app/Livewire/Server/Proxy.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/Livewire/Server/Proxy.php b/app/Livewire/Server/Proxy.php
index 5d2f851db..4e325c1ff 100644
--- a/app/Livewire/Server/Proxy.php
+++ b/app/Livewire/Server/Proxy.php
@@ -16,6 +16,7 @@ class Proxy extends Component
     public $proxy_settings = null;
 
     public bool $redirect_enabled = true;
+
     public ?string $redirect_url = null;
 
     protected $listeners = ['proxyStatusUpdated', 'saveConfiguration' => 'submit'];
@@ -40,7 +41,7 @@ class Proxy extends Component
     {
         $this->server->proxy = null;
         $this->server->save();
-        $this->dispatch('proxyChanged');
+        $this->dispatch('reloadWindow');
     }
 
     public function selectProxy($proxy_type)
@@ -48,7 +49,7 @@ class Proxy extends Component
         try {
             $this->server->changeProxy($proxy_type, async: false);
             $this->selectedProxy = $this->server->proxy->type;
-            $this->dispatch('proxyStatusUpdated');
+            $this->dispatch('reloadWindow');
         } catch (\Throwable $e) {
             return handleError($e, $this);
         }

From 00882eeb313c21b04e60fb880b9aa5782694cce7 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 14:19:09 +0100
Subject: [PATCH 48/54] feat: add TLS configuration for default redirect in
 Server model

---
 app/Models/Server.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/Models/Server.php b/app/Models/Server.php
index 4c4ca774f..6dfb0a4a1 100644
--- a/app/Models/Server.php
+++ b/app/Models/Server.php
@@ -242,6 +242,9 @@ class Server extends BaseModel
                                 ],
                                 'service' => 'noop',
                                 'rule' => 'PathPrefix(`/`)',
+                                'tls' => [
+                                    'certResolver' => 'letsencrypt',
+                                ],
                                 'priority' => -1000,
                             ],
                         ],

From 08d992a1c235856e1b94d1220ff9054a5320b48d Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Fri, 6 Dec 2024 14:33:22 +0100
Subject: [PATCH 49/54] fix

---
 app/Jobs/SendMessageToSlackJob.php              | 17 +++++++++--------
 app/Notifications/Channels/SlackChannel.php     |  6 +++---
 app/Notifications/Test.php                      |  2 +-
 ...0_add_slack_notifications_to_teams_table.php | 17 +++++++++--------
 4 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/app/Jobs/SendMessageToSlackJob.php b/app/Jobs/SendMessageToSlackJob.php
index b78088f50..470002d23 100644
--- a/app/Jobs/SendMessageToSlackJob.php
+++ b/app/Jobs/SendMessageToSlackJob.php
@@ -18,6 +18,7 @@ class SendMessageToSlackJob implements ShouldQueue
         private SlackMessage $message,
         private string $webhookUrl
     ) {
+        $this->onQueue('high');
     }
 
     public function handle(): void
@@ -28,7 +29,7 @@ class SendMessageToSlackJob implements ShouldQueue
                     'type' => 'section',
                     'text' => [
                         'type' => 'plain_text',
-                        'text' => "Coolify Notification",
+                        'text' => 'Coolify Notification',
                     ],
                 ],
             ],
@@ -47,12 +48,12 @@ class SendMessageToSlackJob implements ShouldQueue
                             'type' => 'section',
                             'text' => [
                                 'type' => 'mrkdwn',
-                                'text' => $this->message->description
-                            ]
-                        ]
-                    ]
-                ]
-            ]
+                                'text' => $this->message->description,
+                            ],
+                        ],
+                    ],
+                ],
+            ],
         ]);
     }
-}
\ No newline at end of file
+}
diff --git a/app/Notifications/Channels/SlackChannel.php b/app/Notifications/Channels/SlackChannel.php
index 0d359ef5f..32fdbe9cf 100644
--- a/app/Notifications/Channels/SlackChannel.php
+++ b/app/Notifications/Channels/SlackChannel.php
@@ -14,9 +14,9 @@ class SlackChannel
     {
         $message = $notification->toSlack();
         $webhookUrl = $notifiable->routeNotificationForSlack();
-        if (!$webhookUrl) {
+        if (! $webhookUrl) {
             return;
         }
-        dispatch(new SendMessageToSlackJob($message, $webhookUrl))->onQueue('high');
+        SendMessageToSlackJob::dispatch($message, $webhookUrl);
     }
-}
\ No newline at end of file
+}
diff --git a/app/Notifications/Test.php b/app/Notifications/Test.php
index ce998d9f6..03f6c3296 100644
--- a/app/Notifications/Test.php
+++ b/app/Notifications/Test.php
@@ -51,7 +51,7 @@ class Test extends Notification implements ShouldQueue
             color: DiscordMessage::successColor(),
         );
 
-        $message->addField(name: 'Dashboard', value: '[Link](' . base_url() . ')', inline: true);
+        $message->addField(name: 'Dashboard', value: '[Link]('.base_url().')', inline: true);
 
         return $message;
     }
diff --git a/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php b/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
index c3896a053..a6457269a 100644
--- a/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
+++ b/database/migrations/2024_11_12_213200_add_slack_notifications_to_teams_table.php
@@ -4,18 +4,19 @@ use Illuminate\Database\Migrations\Migration;
 use Illuminate\Database\Schema\Blueprint;
 use Illuminate\Support\Facades\Schema;
 
-return new class extends Migration {
+return new class extends Migration
+{
     public function up(): void
     {
         Schema::table('teams', function (Blueprint $table) {
             $table->boolean('slack_enabled')->default(false);
             $table->string('slack_webhook_url')->nullable();
-            $table->boolean('slack_notifications_test')->default(false);
-            $table->boolean('slack_notifications_deployments')->default(false);
-            $table->boolean('slack_notifications_status_changes')->default(false);
-            $table->boolean('slack_notifications_database_backups')->default(false);
-            $table->boolean('slack_notifications_scheduled_tasks')->default(false);
-            $table->boolean('slack_notifications_server_disk_usage')->default(false);
+            $table->boolean('slack_notifications_test')->default(true);
+            $table->boolean('slack_notifications_deployments')->default(true);
+            $table->boolean('slack_notifications_status_changes')->default(true);
+            $table->boolean('slack_notifications_database_backups')->default(true);
+            $table->boolean('slack_notifications_scheduled_tasks')->default(true);
+            $table->boolean('slack_notifications_server_disk_usage')->default(true);
         });
     }
 
@@ -34,4 +35,4 @@ return new class extends Migration {
             ]);
         });
     }
-};
\ No newline at end of file
+};

From 4927590fc87a0be0ef711bba64ce53d71e1f561f Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Fri, 6 Dec 2024 14:33:45 +0100
Subject: [PATCH 50/54] Update service-templates.json

---
 templates/service-templates.json | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/templates/service-templates.json b/templates/service-templates.json
index 2e1e3bbf9..34da885d5 100644
--- a/templates/service-templates.json
+++ b/templates/service-templates.json
@@ -1125,7 +1125,7 @@
             "applications",
             "interface"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/heimdall.svg",
         "minversion": "0.0.0"
     },
     "heyform": {
@@ -1251,7 +1251,7 @@
             "finance",
             "self-hosted"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/invoiceninja.png",
         "minversion": "0.0.0",
         "port": "9000"
     },
@@ -1417,7 +1417,7 @@
             "geofencing",
             "low-code"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/kuzzle.png",
         "minversion": "0.0.0",
         "port": "7512"
     },
@@ -2112,7 +2112,7 @@
             "collaboration",
             "teamwork"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/pairdrop.png",
         "minversion": "0.0.0",
         "port": "3000"
     },
@@ -2137,7 +2137,7 @@
             "open",
             "source"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/penpot.svg",
         "minversion": "0.0.0"
     },
     "phpmyadmin": {
@@ -2245,7 +2245,7 @@
     "postiz": {
         "documentation": "https://docs.postiz.com?utm_source=coolify.io",
         "slogan": "Open source social media scheduling tool.",
-        "compose": "c2VydmljZXM6CiAgcG9zdGl6OgogICAgaW1hZ2U6ICdnaGNyLmlvL2dpdHJvb21ocS9wb3N0aXotYXBwOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9QT1NUSVpfNTAwMAogICAgICAtICdNQUlOX1VSTD0ke1NFUlZJQ0VfRlFETl9QT1NUSVp9JwogICAgICAtICdGUk9OVEVORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUE9TVElafScKICAgICAgLSAnTkVYVF9QVUJMSUNfQkFDS0VORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUE9TVElafS9hcGknCiAgICAgIC0gJ0pXVF9TRUNSRVQ9JHtTRVJWSUNFX1BBU1NXT1JEX0pXVFNFQ1JFVH0nCiAgICAgIC0gJ0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vcG9zdGdyZXM6JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9QHBvc3RncmVzOjU0MzIvJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1wb3N0aXotZGJ9JwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQkFDS0VORF9JTlRFUk5BTF9VUkw9aHR0cDovL2xvY2FsaG9zdDozMDAwJwogICAgICAtICdDTE9VREZMQVJFX0FDQ09VTlRfSUQ9JHtDTE9VREZMQVJFX0FDQ09VTlRfSUR9JwogICAgICAtICdDTE9VREZMQVJFX0FDQ0VTU19LRVk9JHtDTE9VREZMQVJFX0FDQ0VTU19LRVl9JwogICAgICAtICdDTE9VREZMQVJFX1NFQ1JFVF9BQ0NFU1NfS0VZPSR7Q0xPVURGTEFSRV9TRUNSRVRfQUNDRVNTX0tFWX0nCiAgICAgIC0gJ0NMT1VERkxBUkVfQlVDS0VUTkFNRT0ke0NMT1VERkxBUkVfQlVDS0VUTkFNRX0nCiAgICAgIC0gJ0NMT1VERkxBUkVfQlVDS0VUX1VSTD0ke0NMT1VERkxBUkVfQlVDS0VUX1VSTH0nCiAgICAgIC0gJ0NMT1VERkxBUkVfUkVHSU9OPSR7Q0xPVURGTEFSRV9SRUdJT059JwogICAgICAtICdTVE9SQUdFX1BST1ZJREVSPSR7U1RPUkFHRV9QUk9WSURFUjotbG9jYWx9JwogICAgICAtICdVUExPQURfRElSRUNUT1JZPSR7VVBMT0FEX0RJUkVDVE9SWTotL3VwbG9hZHN9JwogICAgICAtICdORVhUX1BVQkxJQ19VUExPQURfRElSRUNUT1JZPSR7TkVYVF9QVUJMSUNfVVBMT0FEX0RJUkVDVE9SWTotL3VwbG9hZHN9JwogICAgICAtICdORVhUX1BVQkxJQ19VUExPQURfU1RBVElDX0RJUkVDVE9SWT0ke05FWFRfUFVCTElDX1VQTE9BRF9TVEFUSUNfRElSRUNUT1JZfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICAgIC0gJ0VNQUlMX0ZST01fQUREUkVTUz0ke0VNQUlMX0ZST01fQUREUkVTU30nCiAgICAgIC0gJ0VNQUlMX0ZST01fTkFNRT0ke0VNQUlMX0ZST01fTkFNRX0nCiAgICAgIC0gJ1hfQVBJX0tFWT0ke1NFUlZJQ0VfWF9BUEl9JwogICAgICAtICdYX0FQSV9TRUNSRVQ9JHtTRVJWSUNFX1hfU0VDUkVUfScKICAgICAgLSAnTElOS0VESU5fQ0xJRU5UX0lEPSR7U0VSVklDRV9MSU5LRURJTl9JRH0nCiAgICAgIC0gJ0xJTktFRElOX0NMSUVOVF9TRUNSRVQ9JHtTRVJWSUNFX0xJTktFRElOX1NFQ1JFVH0nCiAgICAgIC0gJ1JFRERJVF9DTElFTlRfSUQ9JHtTRVJWSUNFX1JFRERJVF9BUEl9JwogICAgICAtICdSRURESVRfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfUkVERElUX1NFQ1JFVH0nCiAgICAgIC0gJ0dJVEhVQl9DTElFTlRfSUQ9JHtTRVJWSUNFX0dJVEhVQl9JRH0nCiAgICAgIC0gJ0dJVEhVQl9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9HSVRIVUJfU0VDUkVUfScKICAgICAgLSAnVEhSRUFEU19BUFBfSUQ9JHtTRVJWSUNFX1RIUkVBRFNfSUR9JwogICAgICAtICdUSFJFQURTX0FQUF9TRUNSRVQ9JHtTRVJWSUNFX1RIUkVBRFNfU0VDUkVUfScKICAgICAgLSAnRkFDRUJPT0tfQVBQX0lEPSR7U0VSVklDRV9GQUNFQk9PS19JRH0nCiAgICAgIC0gJ0ZBQ0VCT09LX0FQUF9TRUNSRVQ9JHtTRVJWSUNFX0ZBQ0VCT09LX1NFQ1JFVH0nCiAgICAgIC0gJ1lPVVRVQkVfQ0xJRU5UX0lEPSR7U0VSVklDRV9ZT1VUVUJFX0lEfScKICAgICAgLSAnWU9VVFVCRV9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9ZT1VUVUJFX1NFQ1JFVH0nCiAgICAgIC0gJ1RJS1RPS19DTElFTlRfSUQ9JHtTRVJWSUNFX1RJS1RPS19JRH0nCiAgICAgIC0gJ1RJS1RPS19DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9USUtUT0tfU0VDUkVUfScKICAgICAgLSAnUElOVEVSRVNUX0NMSUVOVF9JRD0ke1NFUlZJQ0VfUElOVEVSRVNUX0lEfScKICAgICAgLSAnUElOVEVSRVNUX0NMSUVOVF9TRUNSRVQ9JHtTRVJWSUNFX1BJTlRFUkVTVF9TRUNSRVR9JwogICAgICAtICdEUklCQkJMRV9DTElFTlRfSUQ9JHtTRVJWSUNFX0RSSUJCTEVfSUR9JwogICAgICAtICdEUklCQkJMRV9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9EUklCQkxFX1NFQ1JFVH0nCiAgICAgIC0gJ0RJU0NPUkRfQ0xJRU5UX0lEPSR7U0VSVklDRV9ESVNDT1JEX0lEfScKICAgICAgLSAnRElTQ09SRF9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9ESVNDT1JEX1NFQ1JFVH0nCiAgICAgIC0gJ0RJU0NPUkRfQk9UX1RPS0VOX0lEPSR7U0VSVklDRV9ESVNDT1JEX1RPS0VOfScKICAgICAgLSAnU0xBQ0tfSUQ9JHtTRVJWSUNFX1NMQUNLX0lEfScKICAgICAgLSAnU0xBQ0tfU0VDUkVUPSR7U0VSVklDRV9TTEFDS19TRUNSRVR9JwogICAgICAtICdTTEFDS19TSUdOSU5HX1NFQ1JFVD0ke1NMQUNLX1NJR05JTkdfU0VDUkVUfScKICAgICAgLSAnTUFTVE9ET05fQ0xJRU5UX0lEPSR7U0VSVklDRV9NQVNUT0RPTl9JRH0nCiAgICAgIC0gJ01BU1RPRE9OX0NMSUVOVF9TRUNSRVQ9JHtTRVJWSUNFX01BU1RPRE9OX1NFQ1JFVH0nCiAgICAgIC0gJ0JFRUhJSVZFX0FQSV9LRVk9JHtTRVJWSUNFX0JFRUhJSVZFX0tFWX0nCiAgICAgIC0gJ0JFRUhJSVZFX1BVQkxJQ0FUSU9OX0lEPSR7U0VSVklDRV9CRUVISUlWRV9QVUJJRH0nCiAgICAgIC0gJ09QRU5BSV9BUElfS0VZPSR7U0VSVklDRV9PUEVOQUlfS0VZfScKICAgICAgLSAnTkVYVF9QVUJMSUNfRElTQ09SRF9TVVBQT1JUPSR7TkVYVF9QVUJMSUNfRElTQ09SRF9TVVBQT1JUfScKICAgICAgLSAnTkVYVF9QVUJMSUNfUE9MT1ROTz0ke05FWFRfUFVCTElDX1BPTE9UTk99JwogICAgICAtIElTX0dFTkVSQUw9dHJ1ZQogICAgICAtICdOWF9BRERfUExVR0lOUz0ke05YX0FERF9QTFVHSU5TOi1mYWxzZX0nCiAgICAgIC0gJ0ZFRV9BTU9VTlQ9JHtGRUVfQU1PVU5UOi0wLjA1fScKICAgICAgLSAnU1RSSVBFX1BVQkxJU0hBQkxFX0tFWT0ke1NUUklQRV9QVUJMSVNIQUJMRV9LRVl9JwogICAgICAtICdTVFJJUEVfU0VDUkVUX0tFWT0ke1NUUklQRV9TRUNSRVRfS0VZfScKICAgICAgLSAnU1RSSVBFX1NJR05JTkdfS0VZPSR7U1RSSVBFX1NJR05JTkdfS0VZfScKICAgICAgLSAnU1RSSVBFX1NJR05JTkdfS0VZX0NPTk5FQ1Q9JHtTVFJJUEVfU0lHTklOR19LRVlfQ09OTkVDVH0nCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0aXpfY29uZmlnOi9jb25maWcvJwogICAgICAtICdwb3N0aXpfdXBsb2FkczovdXBsb2Fkcy8nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1MDAwLycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHBvc3RncmVzOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNC41JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGl6X3Bvc3RncmVzcWxfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPXBvc3RncmVzCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU1FMfScKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1wb3N0aXotZGJ9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCOi1wb3N0aXotZGJ9JwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOjcuMicKICAgIGVudmlyb25tZW50OgogICAgICAtICdSRURJU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgY29tbWFuZDogJ3JlZGlzLXNlcnZlciAtLXJlcXVpcmVwYXNzICR7U0VSVklDRV9QQVNTV09SRF9SRURJU30nCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0aXpfcmVkaXNfZGF0YTovZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSByZWRpcy1jbGkKICAgICAgICAtICctYScKICAgICAgICAtICcke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgICAgIC0gcGluZwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDIwCg==",
+        "compose": "c2VydmljZXM6CiAgcG9zdGl6OgogICAgaW1hZ2U6ICdnaGNyLmlvL2dpdHJvb21ocS9wb3N0aXotYXBwOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9QT1NUSVpfNTAwMAogICAgICAtICdNQUlOX1VSTD0ke1NFUlZJQ0VfRlFETl9QT1NUSVp9JwogICAgICAtICdGUk9OVEVORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUE9TVElafScKICAgICAgLSAnTkVYVF9QVUJMSUNfQkFDS0VORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUE9TVElafS9hcGknCiAgICAgIC0gJ0pXVF9TRUNSRVQ9JHtTRVJWSUNFX1BBU1NXT1JEX0pXVFNFQ1JFVH0nCiAgICAgIC0gJ0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vcG9zdGdyZXM6JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9QHBvc3RncmVzOjU0MzIvJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1wb3N0aXotZGJ9JwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQkFDS0VORF9JTlRFUk5BTF9VUkw9aHR0cDovL2xvY2FsaG9zdDozMDAwJwogICAgICAtICdDTE9VREZMQVJFX0FDQ09VTlRfSUQ9JHtDTE9VREZMQVJFX0FDQ09VTlRfSUR9JwogICAgICAtICdDTE9VREZMQVJFX0FDQ0VTU19LRVk9JHtDTE9VREZMQVJFX0FDQ0VTU19LRVl9JwogICAgICAtICdDTE9VREZMQVJFX1NFQ1JFVF9BQ0NFU1NfS0VZPSR7Q0xPVURGTEFSRV9TRUNSRVRfQUNDRVNTX0tFWX0nCiAgICAgIC0gJ0NMT1VERkxBUkVfQlVDS0VUTkFNRT0ke0NMT1VERkxBUkVfQlVDS0VUTkFNRX0nCiAgICAgIC0gJ0NMT1VERkxBUkVfQlVDS0VUX1VSTD0ke0NMT1VERkxBUkVfQlVDS0VUX1VSTH0nCiAgICAgIC0gJ0NMT1VERkxBUkVfUkVHSU9OPSR7Q0xPVURGTEFSRV9SRUdJT059JwogICAgICAtICdTVE9SQUdFX1BST1ZJREVSPSR7U1RPUkFHRV9QUk9WSURFUjotbG9jYWx9JwogICAgICAtICdVUExPQURfRElSRUNUT1JZPSR7VVBMT0FEX0RJUkVDVE9SWTotL3VwbG9hZHN9JwogICAgICAtICdORVhUX1BVQkxJQ19VUExPQURfRElSRUNUT1JZPSR7TkVYVF9QVUJMSUNfVVBMT0FEX0RJUkVDVE9SWTotL3VwbG9hZHN9JwogICAgICAtICdORVhUX1BVQkxJQ19VUExPQURfU1RBVElDX0RJUkVDVE9SWT0ke05FWFRfUFVCTElDX1VQTE9BRF9TVEFUSUNfRElSRUNUT1JZfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICAgIC0gJ0VNQUlMX0ZST01fQUREUkVTUz0ke0VNQUlMX0ZST01fQUREUkVTU30nCiAgICAgIC0gJ0VNQUlMX0ZST01fTkFNRT0ke0VNQUlMX0ZST01fTkFNRX0nCiAgICAgIC0gJ0VNQUlMX1BST1ZJREVSPSR7RU1BSUxfUFJPVklERVJ9JwogICAgICAtICdYX0FQSV9LRVk9JHtTRVJWSUNFX1hfQVBJfScKICAgICAgLSAnWF9BUElfU0VDUkVUPSR7U0VSVklDRV9YX1NFQ1JFVH0nCiAgICAgIC0gJ0xJTktFRElOX0NMSUVOVF9JRD0ke1NFUlZJQ0VfTElOS0VESU5fSUR9JwogICAgICAtICdMSU5LRURJTl9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9MSU5LRURJTl9TRUNSRVR9JwogICAgICAtICdSRURESVRfQ0xJRU5UX0lEPSR7U0VSVklDRV9SRURESVRfQVBJfScKICAgICAgLSAnUkVERElUX0NMSUVOVF9TRUNSRVQ9JHtTRVJWSUNFX1JFRERJVF9TRUNSRVR9JwogICAgICAtICdHSVRIVUJfQ0xJRU5UX0lEPSR7U0VSVklDRV9HSVRIVUJfSUR9JwogICAgICAtICdHSVRIVUJfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfR0lUSFVCX1NFQ1JFVH0nCiAgICAgIC0gJ1RIUkVBRFNfQVBQX0lEPSR7U0VSVklDRV9USFJFQURTX0lEfScKICAgICAgLSAnVEhSRUFEU19BUFBfU0VDUkVUPSR7U0VSVklDRV9USFJFQURTX1NFQ1JFVH0nCiAgICAgIC0gJ0ZBQ0VCT09LX0FQUF9JRD0ke1NFUlZJQ0VfRkFDRUJPT0tfSUR9JwogICAgICAtICdGQUNFQk9PS19BUFBfU0VDUkVUPSR7U0VSVklDRV9GQUNFQk9PS19TRUNSRVR9JwogICAgICAtICdZT1VUVUJFX0NMSUVOVF9JRD0ke1NFUlZJQ0VfWU9VVFVCRV9JRH0nCiAgICAgIC0gJ1lPVVRVQkVfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfWU9VVFVCRV9TRUNSRVR9JwogICAgICAtICdUSUtUT0tfQ0xJRU5UX0lEPSR7U0VSVklDRV9USUtUT0tfSUR9JwogICAgICAtICdUSUtUT0tfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfVElLVE9LX1NFQ1JFVH0nCiAgICAgIC0gJ1BJTlRFUkVTVF9DTElFTlRfSUQ9JHtTRVJWSUNFX1BJTlRFUkVTVF9JRH0nCiAgICAgIC0gJ1BJTlRFUkVTVF9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9QSU5URVJFU1RfU0VDUkVUfScKICAgICAgLSAnRFJJQkJCTEVfQ0xJRU5UX0lEPSR7U0VSVklDRV9EUklCQkxFX0lEfScKICAgICAgLSAnRFJJQkJCTEVfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfRFJJQkJMRV9TRUNSRVR9JwogICAgICAtICdESVNDT1JEX0NMSUVOVF9JRD0ke1NFUlZJQ0VfRElTQ09SRF9JRH0nCiAgICAgIC0gJ0RJU0NPUkRfQ0xJRU5UX1NFQ1JFVD0ke1NFUlZJQ0VfRElTQ09SRF9TRUNSRVR9JwogICAgICAtICdESVNDT1JEX0JPVF9UT0tFTl9JRD0ke1NFUlZJQ0VfRElTQ09SRF9UT0tFTn0nCiAgICAgIC0gJ1NMQUNLX0lEPSR7U0VSVklDRV9TTEFDS19JRH0nCiAgICAgIC0gJ1NMQUNLX1NFQ1JFVD0ke1NFUlZJQ0VfU0xBQ0tfU0VDUkVUfScKICAgICAgLSAnU0xBQ0tfU0lHTklOR19TRUNSRVQ9JHtTTEFDS19TSUdOSU5HX1NFQ1JFVH0nCiAgICAgIC0gJ01BU1RPRE9OX0NMSUVOVF9JRD0ke1NFUlZJQ0VfTUFTVE9ET05fSUR9JwogICAgICAtICdNQVNUT0RPTl9DTElFTlRfU0VDUkVUPSR7U0VSVklDRV9NQVNUT0RPTl9TRUNSRVR9JwogICAgICAtICdCRUVISUlWRV9BUElfS0VZPSR7U0VSVklDRV9CRUVISUlWRV9LRVl9JwogICAgICAtICdCRUVISUlWRV9QVUJMSUNBVElPTl9JRD0ke1NFUlZJQ0VfQkVFSElJVkVfUFVCSUR9JwogICAgICAtICdPUEVOQUlfQVBJX0tFWT0ke1NFUlZJQ0VfT1BFTkFJX0tFWX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RJU0NPUkRfU1VQUE9SVD0ke05FWFRfUFVCTElDX0RJU0NPUkRfU1VQUE9SVH0nCiAgICAgIC0gJ05FWFRfUFVCTElDX1BPTE9UTk89JHtORVhUX1BVQkxJQ19QT0xPVE5PfScKICAgICAgLSBJU19HRU5FUkFMPXRydWUKICAgICAgLSAnTlhfQUREX1BMVUdJTlM9JHtOWF9BRERfUExVR0lOUzotZmFsc2V9JwogICAgICAtICdGRUVfQU1PVU5UPSR7RkVFX0FNT1VOVDotMC4wNX0nCiAgICAgIC0gJ1NUUklQRV9QVUJMSVNIQUJMRV9LRVk9JHtTVFJJUEVfUFVCTElTSEFCTEVfS0VZfScKICAgICAgLSAnU1RSSVBFX1NFQ1JFVF9LRVk9JHtTVFJJUEVfU0VDUkVUX0tFWX0nCiAgICAgIC0gJ1NUUklQRV9TSUdOSU5HX0tFWT0ke1NUUklQRV9TSUdOSU5HX0tFWX0nCiAgICAgIC0gJ1NUUklQRV9TSUdOSU5HX0tFWV9DT05ORUNUPSR7U1RSSVBFX1NJR05JTkdfS0VZX0NPTk5FQ1R9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGl6X2NvbmZpZzovY29uZmlnLycKICAgICAgLSAncG9zdGl6X3VwbG9hZHM6L3VwbG9hZHMvJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTAwMC8nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBwb3N0Z3JlczoKICAgIGltYWdlOiAncG9zdGdyZXM6MTQuNScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3Rpel9wb3N0Z3Jlc3FsX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfVVNFUj1wb3N0Z3JlcwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVNRTH0nCiAgICAgIC0gJ1BPU1RHUkVTX0RCPSR7UE9TVEdSRVNRTF9EQVRBQkFTRTotcG9zdGl6LWRifScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQjotcG9zdGl6LWRifScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHJlZGlzOgogICAgaW1hZ2U6ICdyZWRpczo3LjInCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUkVESVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfScKICAgIGNvbW1hbmQ6ICdyZWRpcy1zZXJ2ZXIgLS1yZXF1aXJlcGFzcyAke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGl6X3JlZGlzX2RhdGE6L2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSAnLWEnCiAgICAgICAgLSAnJHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfScKICAgICAgICAtIHBpbmcKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAyMAo=",
         "tags": [
             "post everywhere",
             "social media",
@@ -2971,7 +2971,7 @@
             "privacy",
             "search engine"
         ],
-        "logo": "svgs/default.webp",
+        "logo": "svgs/whoogle.png",
         "minversion": "0.0.0",
         "port": "5000"
     },

From 1fd1aaabf494872500822079cfb63f8191407bff Mon Sep 17 00:00:00 2001
From: Lukas Eichenauer <luke23489@gmail.com>
Date: Sun, 8 Dec 2024 15:54:42 +0100
Subject: [PATCH 51/54] fix: resolve undefined searchInput reference in
 Alpine.js component

The searchInput reference was not accessible due to nested x-data scopes. Moved sticky logic into searchResources() to ensure proper reference access.
---
 resources/views/livewire/project/new/select.blade.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/resources/views/livewire/project/new/select.blade.php b/resources/views/livewire/project/new/select.blade.php
index 323191bfd..54a2e953e 100644
--- a/resources/views/livewire/project/new/select.blade.php
+++ b/resources/views/livewire/project/new/select.blade.php
@@ -12,7 +12,7 @@
     <div class="pb-4">Deploy resources, like Applications, Databases, Services...</div>
     <div x-data="searchResources()">
         @if ($current_step === 'type')
-            <div x-data="{ isSticky: false }" x-init="window.addEventListener('scroll', () => isSticky = window.pageYOffset > 100)" class="sticky top-0 z-50 py-2">
+            <div x-init="window.addEventListener('scroll', () => isSticky = window.pageYOffset > 100)" class="sticky top-0 z-50 py-2">
                 <input autocomplete="off" x-ref="searchInput" class="input-sticky"
                     :class="{ 'input-sticky-active': isSticky }" x-model="search" placeholder="Type / to search..."
                     @keydown.window.slash.prevent="$refs.searchInput.focus()">
@@ -137,6 +137,7 @@
                     return {
                         search: '',
                         loading: false,
+                        isSticky: false,
                         services: [],
                         gitBasedApplications: [],
                         dockerBasedApplications: [],

From 5bbcd7bf760a5d5561968ba909ead86381a58cc4 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Mon, 9 Dec 2024 10:28:34 +0100
Subject: [PATCH 52/54] fix: add middleware to new abilities, better ux for
 selecting permissions, etc.

---
 app/Http/Kernel.php                           |   1 +
 app/Http/Middleware/ApiAbility.php            |  23 +++
 app/Livewire/Security/ApiTokens.php           |  16 +-
 ..._10_30_074601_rename_token_permissions.php |  56 ++++---
 .../views/components/forms/checkbox.blade.php |  52 +++---
 .../livewire/security/api-tokens.blade.php    |  29 ++--
 routes/api.php                                | 150 +++++++++---------
 7 files changed, 191 insertions(+), 136 deletions(-)
 create mode 100644 app/Http/Middleware/ApiAbility.php

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 5f1731071..8f4d59f54 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -69,5 +69,6 @@ class Kernel extends HttpKernel
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
         'abilities' => \Laravel\Sanctum\Http\Middleware\CheckAbilities::class,
         'ability' => \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility::class,
+        'api.ability' => \App\Http\Middleware\ApiAbility::class,
     ];
 }
diff --git a/app/Http/Middleware/ApiAbility.php b/app/Http/Middleware/ApiAbility.php
new file mode 100644
index 000000000..96bf4f471
--- /dev/null
+++ b/app/Http/Middleware/ApiAbility.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Laravel\Sanctum\Http\Middleware\CheckForAnyAbility;
+
+class ApiAbility extends CheckForAnyAbility
+{
+    public function handle($request, $next, ...$abilities)
+    {
+        try {
+            return parent::handle($request, $next, ...$abilities);
+        } catch (\Illuminate\Auth\AuthenticationException $e) {
+            return response()->json([
+                'message' => 'Unauthenticated.',
+            ], 401);
+        } catch (\Exception $e) {
+            return response()->json([
+                'message' => 'Missing required permissions: '.implode(', ', $abilities),
+            ], 403);
+        }
+    }
+}
diff --git a/app/Livewire/Security/ApiTokens.php b/app/Livewire/Security/ApiTokens.php
index 6e58df0f0..be11e0bda 100644
--- a/app/Livewire/Security/ApiTokens.php
+++ b/app/Livewire/Security/ApiTokens.php
@@ -26,14 +26,20 @@ class ApiTokens extends Component
         $this->tokens = auth()->user()->tokens->sortByDesc('created_at');
     }
 
-    public function updated()
+    public function updatedPermissions($permissionToUpdate)
     {
-        if (count($this->permissions) == 0) {
-            $this->permissions = ['read'];
-        }
-        if (in_array('read:sensitive', $this->permissions) && !in_array('read', $this->permissions)) {
+        if ($permissionToUpdate == 'write') {
+            $this->permissions = ['write', 'deploy', 'read', 'read:sensitive'];
+        } elseif ($permissionToUpdate == 'read:sensitive' && ! in_array('read', $this->permissions)) {
             $this->permissions[] = 'read';
+        } elseif ($permissionToUpdate == 'deploy') {
+            $this->permissions = ['deploy'];
+        } else {
+            if (count($this->permissions) == 0) {
+                $this->permissions = ['read'];
+            }
         }
+        sort($this->permissions);
     }
 
     public function addNewToken()
diff --git a/database/migrations/2024_10_30_074601_rename_token_permissions.php b/database/migrations/2024_10_30_074601_rename_token_permissions.php
index d35d75481..2021ba287 100644
--- a/database/migrations/2024_10_30_074601_rename_token_permissions.php
+++ b/database/migrations/2024_10_30_074601_rename_token_permissions.php
@@ -2,8 +2,6 @@
 
 use App\Models\PersonalAccessToken;
 use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\Schema;
 
 return new class extends Migration
 {
@@ -12,14 +10,24 @@ return new class extends Migration
      */
     public function up(): void
     {
-        $tokens = PersonalAccessToken::all();
-        foreach ($tokens as $token) {
-            $abilities = collect();
-            if (in_array('*', $token->abilities)) $abilities->push('write', 'read', 'read:sensitive');
-            if (in_array('read-only', $token->abilities)) $abilities->push('read');
-            if (in_array('view:sensitive', $token->abilities)) $abilities->push('read', 'read:sensitive');
-            $token->abilities = $abilities->unique()->values()->all();
-            $token->save();
+        try {
+            $tokens = PersonalAccessToken::all();
+            foreach ($tokens as $token) {
+                $abilities = collect();
+                if (in_array('*', $token->abilities)) {
+                    $abilities->push('write', 'deploy', 'read', 'read:sensitive');
+                }
+                if (in_array('read-only', $token->abilities)) {
+                    $abilities->push('read');
+                }
+                if (in_array('view:sensitive', $token->abilities)) {
+                    $abilities->push('read', 'read:sensitive');
+                }
+                $token->abilities = $abilities->unique()->values()->all();
+                $token->save();
+            }
+        } catch (\Exception $e) {
+            \Log::error('Error renaming token permissions: '.$e->getMessage());
         }
     }
 
@@ -28,17 +36,25 @@ return new class extends Migration
      */
     public function down(): void
     {
-        $tokens = PersonalAccessToken::all();
-        foreach ($tokens as $token) {
-            $abilities = collect();
-            if (in_array('write', $token->abilities)) {
-                $abilities->push('*');
-            } else {
-                if (in_array('read', $token->abilities)) $abilities->push('read-only');
-                if (in_array('read:sensitive', $token->abilities)) $abilities->push('view:sensitive');
+        try {
+            $tokens = PersonalAccessToken::all();
+            foreach ($tokens as $token) {
+                $abilities = collect();
+                if (in_array('write', $token->abilities)) {
+                    $abilities->push('*');
+                } else {
+                    if (in_array('read', $token->abilities)) {
+                        $abilities->push('read-only');
+                    }
+                    if (in_array('read:sensitive', $token->abilities)) {
+                        $abilities->push('view:sensitive');
+                    }
+                }
+                $token->abilities = $abilities->unique()->values()->all();
+                $token->save();
             }
-            $token->abilities = $abilities->unique()->values()->all();
-            $token->save();
+        } catch (\Exception $e) {
+            \Log::error('Error renaming token permissions: '.$e->getMessage());
         }
     }
 };
diff --git a/resources/views/components/forms/checkbox.blade.php b/resources/views/components/forms/checkbox.blade.php
index fb244962d..39704a122 100644
--- a/resources/views/components/forms/checkbox.blade.php
+++ b/resources/views/components/forms/checkbox.blade.php
@@ -5,8 +5,8 @@
     'disabled' => false,
     'instantSave' => false,
     'value' => null,
+    'domValue' => null,
     'checked' => false,
-    'hideLabel' => false,
     'fullWidth' => false,
 ])
 
@@ -14,26 +14,32 @@
     'flex flex-row items-center gap-4 pr-2 py-1 form-control min-w-fit dark:hover:bg-coolgray-100',
     'w-full' => $fullWidth,
 ])>
-    @if (!$hideLabel)
-        <label @class([
-            'flex gap-4 items-center px-0 min-w-fit label w-full cursor-pointer',
-        ])>
-            <span class="flex flex-grow gap-2">
-                @if ($label)
-                    {!! $label !!}
-                @else
-                    {{ $id }}
-                @endif
-                @if ($helper)
-                    <x-helper :helper="$helper" />
-                @endif
-            </span>
-    @endif
-    <input @disabled($disabled) type="checkbox" {{ $attributes->merge(['class' => $defaultClass]) }}
-        @if ($instantSave) wire:loading.attr="disabled" wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
-        @if ($checked) checked @endif
-    wire:model={{ $id }} @else wire:model={{ $value ?? $id }} @endif />
-    @if (!$hideLabel)
-        </label>
-    @endif
+    <label @class([
+        'flex gap-4 items-center px-0 min-w-fit label w-full cursor-pointer',
+    ])>
+        <span class="flex flex-grow gap-2">
+            @if ($label)
+                {!! $label !!}
+            @else
+                {{ $id }}
+            @endif
+            @if ($helper)
+                <x-helper :helper="$helper" />
+            @endif
+        </span>
+        @if ($instantSave)
+            <input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
+                wire:loading.attr="disabled"
+                wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
+                wire:model={{ $id }} @if ($checked) checked @endif />
+        @else
+            @if ($domValue)
+                <input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
+                    value={{ $domValue }} @if ($checked) checked @endif />
+            @else
+                <input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
+                    wire:model={{ $value ?? $id }} @if ($checked) checked @endif />
+            @endif
+        @endif
+    </label>
 </div>
diff --git a/resources/views/livewire/security/api-tokens.blade.php b/resources/views/livewire/security/api-tokens.blade.php
index b3ef9241b..b07f1f1cf 100644
--- a/resources/views/livewire/security/api-tokens.blade.php
+++ b/resources/views/livewire/security/api-tokens.blade.php
@@ -30,21 +30,24 @@
                 @endif
             </div>
         </div>
+
+        <h4>Token Permissions</h4>
+        <div class="w-64">
+            <x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
+                helper="Root access, be careful!" :checked="in_array('write', $permissions)"></x-forms.checkbox>
+            @if (!in_array('write', $permissions))
+                <x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy"
+                    helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
+                <x-forms.checkbox label="read" domValue="read" wire:model.live="permissions" domValue="read"
+                    :checked="in_array('read', $permissions)"></x-forms.checkbox>
+                <x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive"
+                    helper="Responses will include secrets, logs, passwords, and compose file contents"
+                    :checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
+            @endif
+        </div>
         @if (in_array('write', $permissions))
             <div class="font-bold text-warning">Root access, be careful!</div>
         @endif
-        <h4>Token Permissions</h4>
-        <div class="w-64">
-            <x-forms.checkbox label="read" wire:model.live="permissions" value="read"
-                :checked="in_array('read', $permissions)"></x-forms.checkbox>
-            <x-forms.checkbox label="read:sensitive" wire:model.live="permissions" value="read:sensitive"
-                helper="Responses will include secrets, logs, passwords, and compose file contents"
-                :checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
-            <x-forms.checkbox label="write" wire:model.live="permissions" value="write"
-                helper="Root access, be careful!" :checked="in_array('write', $permissions)"></x-forms.checkbox>
-            <x-forms.checkbox label="deploy" wire:model.live="permissions" value="deploy"
-                helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
-        </div>
     </form>
     @if (session()->has('token'))
         <div class="py-4 font-bold dark:text-warning">Please copy this token now. For your security, it won't be shown
@@ -60,7 +63,7 @@
                 <div>Last used: {{ $token->last_used_at ? $token->last_used_at->diffForHumans() : 'Never' }}</div>
                 <div class="flex gap-1">
                     @if ($token->abilities)
-                        Abilities:
+                        Permissions:
                         @foreach ($token->abilities as $ability)
                             <div class="font-bold dark:text-white">{{ $ability }}</div>
                         @endforeach
diff --git a/routes/api.php b/routes/api.php
index 6c1a5b65c..90c834823 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -19,7 +19,7 @@ Route::get('/health', [OtherController::class, 'healthcheck']);
 Route::post('/feedback', [OtherController::class, 'feedback']);
 
 Route::group([
-    'middleware' => ['auth:sanctum', 'ability:write'],
+    'middleware' => ['auth:sanctum', 'api.ability:write'],
     'prefix' => 'v1',
 ], function () {
     Route::get('/enable', [OtherController::class, 'enable_api']);
@@ -29,103 +29,103 @@ Route::group([
     'middleware' => ['auth:sanctum', ApiAllowed::class],
     'prefix' => 'v1',
 ], function () {
-    Route::get('/version', [OtherController::class, 'version'])->middleware(['ability:read']);
+    Route::get('/version', [OtherController::class, 'version'])->middleware(['api.ability:read']);
 
-    Route::get('/teams', [TeamController::class, 'teams'])->middleware(['ability:read']);
-    Route::get('/teams/current', [TeamController::class, 'current_team'])->middleware(['ability:read']);
-    Route::get('/teams/current/members', [TeamController::class, 'current_team_members'])->middleware(['ability:read']);
-    Route::get('/teams/{id}', [TeamController::class, 'team_by_id'])->middleware(['ability:read']);
-    Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id'])->middleware(['ability:read']);
+    Route::get('/teams', [TeamController::class, 'teams'])->middleware(['api.ability:read']);
+    Route::get('/teams/current', [TeamController::class, 'current_team'])->middleware(['api.ability:read']);
+    Route::get('/teams/current/members', [TeamController::class, 'current_team_members'])->middleware(['api.ability:read']);
+    Route::get('/teams/{id}', [TeamController::class, 'team_by_id'])->middleware(['api.ability:read']);
+    Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id'])->middleware(['api.ability:read']);
 
-    Route::get('/projects', [ProjectController::class, 'projects'])->middleware(['ability:read']);
-    Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid'])->middleware(['ability:read']);
-    Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details'])->middleware(['ability:read']);
+    Route::get('/projects', [ProjectController::class, 'projects'])->middleware(['api.ability:read']);
+    Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid'])->middleware(['api.ability:read']);
+    Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details'])->middleware(['api.ability:read']);
 
-    Route::post('/projects', [ProjectController::class, 'create_project'])->middleware(['ability:read']);
-    Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project'])->middleware(['ability:write']);
-    Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project'])->middleware(['ability:write']);
+    Route::post('/projects', [ProjectController::class, 'create_project'])->middleware(['api.ability:read']);
+    Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project'])->middleware(['api.ability:write']);
+    Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project'])->middleware(['api.ability:write']);
 
-    Route::get('/security/keys', [SecurityController::class, 'keys'])->middleware(['ability:read']);
-    Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware(['ability:write']);
+    Route::get('/security/keys', [SecurityController::class, 'keys'])->middleware(['api.ability:read']);
+    Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware(['api.ability:write']);
 
-    Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid'])->middleware(['ability:read']);
-    Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware(['ability:write']);
-    Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware(['ability:write']);
+    Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid'])->middleware(['api.ability:read']);
+    Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware(['api.ability:write']);
+    Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware(['api.ability:write']);
 
-    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware(['ability:write,deploy']);
-    Route::get('/deployments', [DeployController::class, 'deployments'])->middleware(['ability:read']);
-    Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid'])->middleware(['ability:read']);
+    Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware(['api.ability:write,deploy']);
+    Route::get('/deployments', [DeployController::class, 'deployments'])->middleware(['api.ability:read']);
+    Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid'])->middleware(['api.ability:read']);
 
-    Route::get('/servers', [ServersController::class, 'servers'])->middleware(['ability:read']);
-    Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid'])->middleware(['ability:read']);
-    Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server'])->middleware(['ability:read']);
-    Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server'])->middleware(['ability:read']);
+    Route::get('/servers', [ServersController::class, 'servers'])->middleware(['api.ability:read']);
+    Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid'])->middleware(['api.ability:read']);
+    Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server'])->middleware(['api.ability:read']);
+    Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server'])->middleware(['api.ability:read']);
 
-    Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server'])->middleware(['ability:read']);
+    Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server'])->middleware(['api.ability:read']);
 
-    Route::post('/servers', [ServersController::class, 'create_server'])->middleware(['ability:read']);
-    Route::patch('/servers/{uuid}', [ServersController::class, 'update_server'])->middleware(['ability:write']);
-    Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server'])->middleware(['ability:write']);
+    Route::post('/servers', [ServersController::class, 'create_server'])->middleware(['api.ability:read']);
+    Route::patch('/servers/{uuid}', [ServersController::class, 'update_server'])->middleware(['api.ability:write']);
+    Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server'])->middleware(['api.ability:write']);
 
-    Route::get('/resources', [ResourcesController::class, 'resources'])->middleware(['ability:read']);
+    Route::get('/resources', [ResourcesController::class, 'resources'])->middleware(['api.ability:read']);
 
-    Route::get('/applications', [ApplicationsController::class, 'applications'])->middleware(['ability:read']);
-    Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware(['ability:write']);
-    Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware(['ability:write']);
-    Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware(['ability:write']);
-    Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware(['ability:write']);
-    Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware(['ability:write']);
-    Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware(['ability:write']);
+    Route::get('/applications', [ApplicationsController::class, 'applications'])->middleware(['api.ability:read']);
+    Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware(['api.ability:write']);
+    Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware(['api.ability:write']);
+    Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware(['api.ability:write']);
+    Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware(['api.ability:write']);
+    Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware(['api.ability:write']);
+    Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware(['api.ability:write']);
 
-    Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid'])->middleware(['ability:read']);
-    Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware(['ability:write']);
-    Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware(['ability:write']);
+    Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid'])->middleware(['api.ability:read']);
+    Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
 
-    Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs'])->middleware(['ability:read']);
-    Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware(['ability:write']);
-    Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware(['ability:write']);
-    Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware(['ability:write']);
-    Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware(['ability:write']);
+    Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs'])->middleware(['api.ability:read']);
+    Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware(['api.ability:write']);
+    Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware(['api.ability:write']);
+    Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']);
     // Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware(['ability:write']);
 
-    Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['api.ability:write']);
 
-    Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['ability:read']);
-    Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['ability:write']);
-    Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['ability:write']);
-    Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware(['ability:write']);
-    Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware(['ability:write']);
-    Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware(['ability:write']);
-    Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware(['ability:write']);
-    Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware(['ability:write']);
-    Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['ability:write']);
+    Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['api.ability:read']);
+    Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['api.ability:write']);
+    Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['api.ability:write']);
+    Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware(['api.ability:write']);
+    Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware(['api.ability:write']);
+    Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware(['api.ability:write']);
+    Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware(['api.ability:write']);
+    Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware(['api.ability:write']);
+    Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['api.ability:write']);
 
-    Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['ability:read']);
-    Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['ability:write']);
-    Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['ability:write']);
+    Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']);
+    Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
 
-    Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware(['api.ability:write']);
 
-    Route::get('/services', [ServicesController::class, 'services'])->middleware(['ability:read']);
-    Route::post('/services', [ServicesController::class, 'create_service'])->middleware(['ability:write']);
+    Route::get('/services', [ServicesController::class, 'services'])->middleware(['api.ability:read']);
+    Route::post('/services', [ServicesController::class, 'create_service'])->middleware(['api.ability:write']);
 
-    Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid'])->middleware(['ability:read']);
+    Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid'])->middleware(['api.ability:read']);
     // Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware(['ability:write']);
-    Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware(['ability:write']);
+    Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
 
-    Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs'])->middleware(['ability:read']);
-    Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware(['ability:write']);
-    Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware(['ability:write']);
-    Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware(['ability:write']);
-    Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware(['ability:write']);
+    Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs'])->middleware(['api.ability:read']);
+    Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware(['api.ability:write']);
+    Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware(['api.ability:write']);
+    Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']);
+    Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']);
 
-    Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware(['ability:write']);
-    Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware(['ability:write']);
+    Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware(['api.ability:write']);
+    Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware(['api.ability:write']);
 });
 
 Route::group([

From ff74fb7385e52e088a75fa2bbe9de74c68b75518 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Mon, 9 Dec 2024 10:52:38 +0100
Subject: [PATCH 53/54] feat: introduce root permission

---
 app/Http/Middleware/ApiAbility.php            |  4 ++++
 app/Livewire/Security/ApiTokens.php           | 21 +++++++++++++------
 ..._10_30_074601_rename_token_permissions.php |  2 +-
 .../livewire/security/api-tokens.blade.php    | 13 +++++++-----
 .../views/livewire/team/admin-view.blade.php  |  3 ++-
 5 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/app/Http/Middleware/ApiAbility.php b/app/Http/Middleware/ApiAbility.php
index 96bf4f471..324eeebaa 100644
--- a/app/Http/Middleware/ApiAbility.php
+++ b/app/Http/Middleware/ApiAbility.php
@@ -9,6 +9,10 @@ class ApiAbility extends CheckForAnyAbility
     public function handle($request, $next, ...$abilities)
     {
         try {
+            if ($request->user()->tokenCan('root')) {
+                return $next($request);
+            }
+
             return parent::handle($request, $next, ...$abilities);
         } catch (\Illuminate\Auth\AuthenticationException $e) {
             return response()->json([
diff --git a/app/Livewire/Security/ApiTokens.php b/app/Livewire/Security/ApiTokens.php
index be11e0bda..72684bdc6 100644
--- a/app/Livewire/Security/ApiTokens.php
+++ b/app/Livewire/Security/ApiTokens.php
@@ -23,13 +23,18 @@ class ApiTokens extends Component
     public function mount()
     {
         $this->isApiEnabled = InstanceSettings::get()->is_api_enabled;
+        $this->getTokens();
+    }
+
+    private function getTokens()
+    {
         $this->tokens = auth()->user()->tokens->sortByDesc('created_at');
     }
 
     public function updatedPermissions($permissionToUpdate)
     {
-        if ($permissionToUpdate == 'write') {
-            $this->permissions = ['write', 'deploy', 'read', 'read:sensitive'];
+        if ($permissionToUpdate == 'root') {
+            $this->permissions = ['root'];
         } elseif ($permissionToUpdate == 'read:sensitive' && ! in_array('read', $this->permissions)) {
             $this->permissions[] = 'read';
         } elseif ($permissionToUpdate == 'deploy') {
@@ -49,7 +54,7 @@ class ApiTokens extends Component
                 'description' => 'required|min:3|max:255',
             ]);
             $token = auth()->user()->createToken($this->description, array_values($this->permissions));
-            $this->tokens = auth()->user()->tokens;
+            $this->getTokens();
             session()->flash('token', $token->plainTextToken);
         } catch (\Exception $e) {
             return handleError($e, $this);
@@ -58,8 +63,12 @@ class ApiTokens extends Component
 
     public function revoke(int $id)
     {
-        $token = auth()->user()->tokens()->where('id', $id)->first();
-        $token->delete();
-        $this->tokens = auth()->user()->tokens;
+        try {
+            $token = auth()->user()->tokens()->where('id', $id)->firstOrFail();
+            $token->delete();
+            $this->getTokens();
+        } catch (\Exception $e) {
+            return handleError($e, $this);
+        }
     }
 }
diff --git a/database/migrations/2024_10_30_074601_rename_token_permissions.php b/database/migrations/2024_10_30_074601_rename_token_permissions.php
index 2021ba287..2ca98d090 100644
--- a/database/migrations/2024_10_30_074601_rename_token_permissions.php
+++ b/database/migrations/2024_10_30_074601_rename_token_permissions.php
@@ -15,7 +15,7 @@ return new class extends Migration
             foreach ($tokens as $token) {
                 $abilities = collect();
                 if (in_array('*', $token->abilities)) {
-                    $abilities->push('write', 'deploy', 'read', 'read:sensitive');
+                    $abilities->push('root');
                 }
                 if (in_array('read-only', $token->abilities)) {
                     $abilities->push('read');
diff --git a/resources/views/livewire/security/api-tokens.blade.php b/resources/views/livewire/security/api-tokens.blade.php
index b07f1f1cf..5c3c4c81c 100644
--- a/resources/views/livewire/security/api-tokens.blade.php
+++ b/resources/views/livewire/security/api-tokens.blade.php
@@ -33,9 +33,11 @@
 
         <h4>Token Permissions</h4>
         <div class="w-64">
-            <x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
-                helper="Root access, be careful!" :checked="in_array('write', $permissions)"></x-forms.checkbox>
-            @if (!in_array('write', $permissions))
+            <x-forms.checkbox label="root" wire:model.live="permissions" domValue="root"
+                helper="Root access, be careful!" :checked="in_array('root', $permissions)"></x-forms.checkbox>
+            @if (!in_array('root', $permissions))
+                <x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
+                    helper="Write access to all resources" :checked="in_array('write', $permissions)"></x-forms.checkbox>
                 <x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy"
                     helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
                 <x-forms.checkbox label="read" domValue="read" wire:model.live="permissions" domValue="read"
@@ -45,7 +47,7 @@
                     :checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
             @endif
         </div>
-        @if (in_array('write', $permissions))
+        @if (in_array('root', $permissions))
             <div class="font-bold text-warning">Root access, be careful!</div>
         @endif
     </form>
@@ -58,7 +60,8 @@
     <h3 class="py-4">Issued Tokens</h3>
     <div class="grid gap-2 lg:grid-cols-1">
         @forelse ($tokens as $token)
-            <div class="flex flex-col gap-1 p-2 border dark:border-coolgray-200 hover:no-underline">
+            <div wire:key="token-{{ $token->id }}"
+                class="flex flex-col gap-1 p-2 border dark:border-coolgray-200 hover:no-underline">
                 <div>Description: {{ $token->name }}</div>
                 <div>Last used: {{ $token->last_used_at ? $token->last_used_at->diffForHumans() : 'Never' }}</div>
                 <div class="flex gap-1">
diff --git a/resources/views/livewire/team/admin-view.blade.php b/resources/views/livewire/team/admin-view.blade.php
index 26da967ab..7aa623122 100644
--- a/resources/views/livewire/team/admin-view.blade.php
+++ b/resources/views/livewire/team/admin-view.blade.php
@@ -10,7 +10,8 @@
     <h3 class="pt-4">Users</h3>
     <div class="flex flex-col gap-2 ">
         @forelse ($users as $user)
-            <div class="flex items-center justify-center gap-2 bg-white box-without-bg dark:bg-coolgray-100">
+            <div wire:key="user-{{ $user->id }}"
+                class="flex items-center justify-center gap-2 bg-white box-without-bg dark:bg-coolgray-100">
                 <div>{{ $user->name }}</div>
                 <div>{{ $user->email }}</div>
                 <div class="flex-1"></div>

From 3fa7d03db729143db26b629dbd8d3acb5a78f25e Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Mon, 9 Dec 2024 11:10:35 +0100
Subject: [PATCH 54/54] fix: root + read:sensive could read senstive data with
 a middlewarew

---
 .../Api/ApplicationsController.php            | 30 +++++++++----------
 .../Controllers/Api/DatabasesController.php   | 25 +++++++---------
 app/Http/Controllers/Api/DeployController.php | 11 +++----
 .../Controllers/Api/SecurityController.php    | 10 +++----
 .../Controllers/Api/ServersController.php     | 15 ++++------
 .../Controllers/Api/ServicesController.php    | 13 ++++----
 app/Http/Controllers/Api/TeamController.php   | 16 +++++-----
 app/Http/Kernel.php                           |  1 +
 app/Http/Middleware/ApiSensitiveData.php      | 21 +++++++++++++
 routes/api.php                                |  2 +-
 10 files changed, 74 insertions(+), 70 deletions(-)
 create mode 100644 app/Http/Middleware/ApiSensitiveData.php

diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php
index 52d81499b..f02c4255d 100644
--- a/app/Http/Controllers/Api/ApplicationsController.php
+++ b/app/Http/Controllers/Api/ApplicationsController.php
@@ -25,26 +25,24 @@ class ApplicationsController extends Controller
 {
     private function removeSensitiveData($application)
     {
-        $token = auth()->user()->currentAccessToken();
         $application->makeHidden([
             'id',
         ]);
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($application);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $application->makeHidden([
+                'custom_labels',
+                'dockerfile',
+                'docker_compose',
+                'docker_compose_raw',
+                'manual_webhook_secret_bitbucket',
+                'manual_webhook_secret_gitea',
+                'manual_webhook_secret_github',
+                'manual_webhook_secret_gitlab',
+                'private_key_id',
+                'value',
+                'real_value',
+            ]);
         }
-        $application->makeHidden([
-            'custom_labels',
-            'dockerfile',
-            'docker_compose',
-            'docker_compose_raw',
-            'manual_webhook_secret_bitbucket',
-            'manual_webhook_secret_gitea',
-            'manual_webhook_secret_github',
-            'manual_webhook_secret_gitlab',
-            'private_key_id',
-            'value',
-            'real_value',
-        ]);
 
         return serializeApiResponse($application);
     }
diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php
index f0c052cdc..917171e5c 100644
--- a/app/Http/Controllers/Api/DatabasesController.php
+++ b/app/Http/Controllers/Api/DatabasesController.php
@@ -19,26 +19,23 @@ class DatabasesController extends Controller
 {
     private function removeSensitiveData($database)
     {
-        $token = auth()->user()->currentAccessToken();
         $database->makeHidden([
             'id',
             'laravel_through_key',
         ]);
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($database);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $database->makeHidden([
+                'internal_db_url',
+                'external_db_url',
+                'postgres_password',
+                'dragonfly_password',
+                'redis_password',
+                'mongo_initdb_root_password',
+                'keydb_password',
+                'clickhouse_admin_password',
+            ]);
         }
 
-        $database->makeHidden([
-            'internal_db_url',
-            'external_db_url',
-            'postgres_password',
-            'dragonfly_password',
-            'redis_password',
-            'mongo_initdb_root_password',
-            'keydb_password',
-            'clickhouse_admin_password',
-        ]);
-
         return serializeApiResponse($database);
     }
 
diff --git a/app/Http/Controllers/Api/DeployController.php b/app/Http/Controllers/Api/DeployController.php
index 1d162c7ee..73b452f86 100644
--- a/app/Http/Controllers/Api/DeployController.php
+++ b/app/Http/Controllers/Api/DeployController.php
@@ -16,15 +16,12 @@ class DeployController extends Controller
 {
     private function removeSensitiveData($deployment)
     {
-        $token = auth()->user()->currentAccessToken();
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($deployment);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $deployment->makeHidden([
+                'logs',
+            ]);
         }
 
-        $deployment->makeHidden([
-            'logs',
-        ]);
-
         return serializeApiResponse($deployment);
     }
 
diff --git a/app/Http/Controllers/Api/SecurityController.php b/app/Http/Controllers/Api/SecurityController.php
index cfa4d0d6c..a14b0da20 100644
--- a/app/Http/Controllers/Api/SecurityController.php
+++ b/app/Http/Controllers/Api/SecurityController.php
@@ -11,13 +11,11 @@ class SecurityController extends Controller
 {
     private function removeSensitiveData($team)
     {
-        $token = auth()->user()->currentAccessToken();
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($team);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $team->makeHidden([
+                'private_key',
+            ]);
         }
-        $team->makeHidden([
-            'private_key',
-        ]);
 
         return serializeApiResponse($team);
     }
diff --git a/app/Http/Controllers/Api/ServersController.php b/app/Http/Controllers/Api/ServersController.php
index 7c512497d..f37040bdd 100644
--- a/app/Http/Controllers/Api/ServersController.php
+++ b/app/Http/Controllers/Api/ServersController.php
@@ -19,25 +19,22 @@ class ServersController extends Controller
 {
     private function removeSensitiveDataFromSettings($settings)
     {
-        $token = auth()->user()->currentAccessToken();
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($settings);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $settings = $settings->makeHidden([
+                'sentinel_token',
+            ]);
         }
-        $settings = $settings->makeHidden([
-            'sentinel_token',
-        ]);
 
         return serializeApiResponse($settings);
     }
 
     private function removeSensitiveData($server)
     {
-        $token = auth()->user()->currentAccessToken();
         $server->makeHidden([
             'id',
         ]);
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($server);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            // Do nothing
         }
 
         return serializeApiResponse($server);
diff --git a/app/Http/Controllers/Api/ServicesController.php b/app/Http/Controllers/Api/ServicesController.php
index 9127fa498..e6b7e9854 100644
--- a/app/Http/Controllers/Api/ServicesController.php
+++ b/app/Http/Controllers/Api/ServicesController.php
@@ -18,19 +18,16 @@ class ServicesController extends Controller
 {
     private function removeSensitiveData($service)
     {
-        $token = auth()->user()->currentAccessToken();
         $service->makeHidden([
             'id',
         ]);
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($service);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $service->makeHidden([
+                'docker_compose_raw',
+                'docker_compose',
+            ]);
         }
 
-        $service->makeHidden([
-            'docker_compose_raw',
-            'docker_compose',
-        ]);
-
         return serializeApiResponse($service);
     }
 
diff --git a/app/Http/Controllers/Api/TeamController.php b/app/Http/Controllers/Api/TeamController.php
index 239c950c0..d4b24d8ab 100644
--- a/app/Http/Controllers/Api/TeamController.php
+++ b/app/Http/Controllers/Api/TeamController.php
@@ -10,20 +10,18 @@ class TeamController extends Controller
 {
     private function removeSensitiveData($team)
     {
-        $token = auth()->user()->currentAccessToken();
         $team->makeHidden([
             'custom_server_limit',
             'pivot',
         ]);
-        if ($token->can('read:sensitive')) {
-            return serializeApiResponse($team);
+        if (request()->attributes->get('can_read_sensitive', false) === false) {
+            $team->makeHidden([
+                'smtp_username',
+                'smtp_password',
+                'resend_api_key',
+                'telegram_token',
+            ]);
         }
-        $team->makeHidden([
-            'smtp_username',
-            'smtp_password',
-            'resend_api_key',
-            'telegram_token',
-        ]);
 
         return serializeApiResponse($team);
     }
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 8f4d59f54..a1ce20295 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -70,5 +70,6 @@ class Kernel extends HttpKernel
         'abilities' => \Laravel\Sanctum\Http\Middleware\CheckAbilities::class,
         'ability' => \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility::class,
         'api.ability' => \App\Http\Middleware\ApiAbility::class,
+        'api.sensitive' => \App\Http\Middleware\ApiSensitiveData::class,
     ];
 }
diff --git a/app/Http/Middleware/ApiSensitiveData.php b/app/Http/Middleware/ApiSensitiveData.php
new file mode 100644
index 000000000..49584ddb3
--- /dev/null
+++ b/app/Http/Middleware/ApiSensitiveData.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class ApiSensitiveData
+{
+    public function handle(Request $request, Closure $next)
+    {
+        $token = $request->user()->currentAccessToken();
+
+        // Allow access to sensitive data if token has root or read:sensitive permission
+        $request->attributes->add([
+            'can_read_sensitive' => $token->can('root') || $token->can('read:sensitive'),
+        ]);
+
+        return $next($request);
+    }
+}
diff --git a/routes/api.php b/routes/api.php
index 90c834823..9ad64c40c 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -26,7 +26,7 @@ Route::group([
     Route::get('/disable', [OtherController::class, 'disable_api']);
 });
 Route::group([
-    'middleware' => ['auth:sanctum', ApiAllowed::class],
+    'middleware' => ['auth:sanctum', ApiAllowed::class, 'api.sensitive'],
     'prefix' => 'v1',
 ], function () {
     Route::get('/version', [OtherController::class, 'version'])->middleware(['api.ability:read']);