From dc21d202c762dd38999aed3214a24f3f8477bb29 Mon Sep 17 00:00:00 2001
From: Sudo-JHare <josh.hare@csiro.au>
Date: Thu, 17 Apr 2025 17:31:43 +1000
Subject: [PATCH] Add files via upload

---
 .../charts/hapi-fhir-jpaserver/Chart.lock     |   9 +
 .../charts/hapi-fhir-jpaserver/Chart.yaml     |  34 ++
 .../charts/hapi-fhir-jpaserver/README.md      | 150 +++++++++
 .../hapi-fhir-jpaserver/README.md.gotmpl      |  79 +++++
 .../ci/custom-postgres-user-values.yaml       |   7 +
 .../ci/enabled-ingress-values.yaml            |   6 +
 .../ci/extra-config-values.yaml               |  17 +
 .../ci/extra-volumes-values.yaml              |  11 +
 .../hapi-fhir-jpaserver/templates/NOTES.txt   |  22 ++
 .../templates/_helpers.tpl                    | 152 +++++++++
 .../templates/application-config.yaml         |  11 +
 .../templates/deployment.yaml                 | 160 ++++++++++
 .../templates/externaldb-secret.yaml          |  11 +
 .../templates/ingress.yaml                    |  53 +++
 .../templates/poddisruptionbudget.yaml        |  18 ++
 .../templates/service.yaml                    |  19 ++
 .../templates/serviceaccount.yaml             |  13 +
 .../templates/servicemonitor.yaml             |  30 ++
 .../templates/tests/test-endpoints.yaml       |  73 +++++
 .../charts/hapi-fhir-jpaserver/values.yaml    | 302 ++++++++++++++++++
 hapi-fhir-jpaserver/configs/app/index.html    |   3 +
 hapi-fhir-jpaserver/custom/about.html         |  14 +
 hapi-fhir-jpaserver/custom/logo.jpg           | Bin 0 -> 48378 bytes
 hapi-fhir-jpaserver/custom/welcome.html       |  14 +
 24 files changed, 1208 insertions(+)
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.lock
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md.gotmpl
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/custom-postgres-user-values.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/enabled-ingress-values.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-config-values.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-volumes-values.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/NOTES.txt
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/_helpers.tpl
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/application-config.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/deployment.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/externaldb-secret.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/ingress.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/poddisruptionbudget.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/service.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/serviceaccount.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/servicemonitor.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
 create mode 100644 hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/values.yaml
 create mode 100644 hapi-fhir-jpaserver/configs/app/index.html
 create mode 100644 hapi-fhir-jpaserver/custom/about.html
 create mode 100644 hapi-fhir-jpaserver/custom/logo.jpg
 create mode 100644 hapi-fhir-jpaserver/custom/welcome.html

diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.lock b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.lock
new file mode 100644
index 0000000..8450e96
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.lock
@@ -0,0 +1,9 @@
+dependencies:
+- name: postgresql
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 16.5.5
+- name: common
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 2.30.0
+digest: sha256:c114b296b53007a7973260de8bad61917fe741c0ad9de15fdbeea5743c8f4910
+generated: "2025-03-21T21:44:22.334197366+01:00"
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.yaml
new file mode 100644
index 0000000..43d89c4
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/Chart.yaml
@@ -0,0 +1,34 @@
+apiVersion: v2
+name: hapi-fhir-jpaserver
+description: A Helm chart for deploying the HAPI FHIR JPA server starter on Kubernetes.
+type: application
+home: https://github.com/hapifhir/hapi-fhir-jpaserver-starter
+sources:
+  - https://github.com/hapifhir/hapi-fhir-jpaserver-starter
+dependencies:
+  - name: postgresql
+    version: 16.5.5
+    repository: oci://registry-1.docker.io/bitnamicharts
+    condition: postgresql.enabled
+  - name: common
+    repository: oci://registry-1.docker.io/bitnamicharts
+    version: 2.30.0
+appVersion: 8.0.0
+version: 0.19.0
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/containsSecurityUpdates: "false"
+  artifacthub.io/operator: "false"
+  artifacthub.io/prerelease: "false"
+  artifacthub.io/recommendations: |
+    - url: https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack
+    - url: https://artifacthub.io/packages/helm/bitnami/postgresql
+  artifacthub.io/changes: |
+    # When using the list of objects option the valid supported kinds are
+    # added, changed, deprecated, removed, fixed, and security.
+    - kind: changed
+      description: "updated postgresql sub-chart to 16.5.5"
+    - kind: changed
+      description: "updated curlimages/curl to 8.12.1"
+    - kind: changed
+      description: "updated hapiproject/hapi to v8.0.0-1"
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md
new file mode 100644
index 0000000..45e692b
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md
@@ -0,0 +1,150 @@
+# HAPI FHIR JPA Server Starter Helm Chart
+
+![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.0.0](https://img.shields.io/badge/AppVersion-8.0.0-informational?style=flat-square)
+
+This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.
+
+## Sample usage
+
+```sh
+helm repo add hapifhir https://hapifhir.github.io/hapi-fhir-jpaserver-starter/
+helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
+```
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| oci://registry-1.docker.io/bitnamicharts | common | 2.30.0 |
+| oci://registry-1.docker.io/bitnamicharts | postgresql | 16.5.5 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | pod affinity |
+| deploymentAnnotations | object | `{}` | annotations applied to the server deployment |
+| externalDatabase.database | string | `"fhir"` | database name |
+| externalDatabase.existingSecret | string | `""` | name of an existing secret resource containing the DB password in the `existingSecretKey` key |
+| externalDatabase.existingSecretKey | string | `"postgresql-password"` | name of the key inside the `existingSecret` |
+| externalDatabase.host | string | `"localhost"` | external database host used with `postgresql.enabled=false` |
+| externalDatabase.password | string | `""` | database password |
+| externalDatabase.port | int | `5432` | database port number |
+| externalDatabase.user | string | `"fhir"` | username for the external database |
+| extraConfig | string | `""` | additional Spring Boot application config. Mounted as a file and automatically loaded by the application. |
+| extraEnv | list | `[]` | extra environment variables to set on the server container |
+| extraVolumeMounts | list | `[]` | Optionally specify extra list of additional volumeMounts |
+| extraVolumes | list | `[]` | Optionally specify extra list of additional volumes |
+| fullnameOverride | string | `""` | override the chart fullname |
+| image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy to use |
+| image.registry | string | `"docker.io"` | registry where the HAPI FHIR server image is hosted |
+| image.repository | string | `"hapiproject/hapi"` | the path inside the repository |
+| image.tag | string | `"v8.0.0-1@sha256:9fbac7b012b4be91ba481e7008f1353ede4598bc99a36f3902b8abf873e70ed8"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. |
+| imagePullSecrets | list | `[]` | image pull secrets to use when pulling the image |
+| ingress.annotations | object | `{}` | provide any additional annotations which may be required. Evaluated as a template. |
+| ingress.enabled | bool | `false` | whether to create an Ingress to expose the FHIR server HTTP endpoint |
+| ingress.hosts[0].host | string | `"fhir-server.127.0.0.1.nip.io"` |  |
+| ingress.hosts[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.hosts[0].paths[0] | string | `"/"` |  |
+| ingress.tls | list | `[]` | ingress TLS config |
+| initContainers.resources | object | `{}` | configure the init containers pods resource requests and limits |
+| initContainers.resourcesPreset | string | `"nano"` | set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if `resources` is set (`resources` is recommended for production). More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15> |
+| metrics.service.port | int | `8081` |  |
+| metrics.serviceMonitor.additionalLabels | object | `{}` | additional labels to apply to the ServiceMonitor object, e.g. `release: prometheus` |
+| metrics.serviceMonitor.enabled | bool | `false` | if enabled, creates a ServiceMonitor instance for Prometheus Operator-based monitoring |
+| nameOverride | string | `""` | override the chart name |
+| nodeSelector | object | `{}` | node selector for the pod |
+| podAnnotations | object | `{}` | annotations applied to the server pod |
+| podDisruptionBudget.enabled | bool | `false` | Enable PodDisruptionBudget for the server pods. uses policy/v1/PodDisruptionBudget thus requiring k8s 1.21+ |
+| podDisruptionBudget.maxUnavailable | string | `""` | maximum unavailable instances |
+| podDisruptionBudget.minAvailable | int | `1` | minimum available instances |
+| podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}` | pod security context |
+| postgresql.auth.database | string | `"fhir"` | name for a custom database to create |
+| postgresql.auth.existingSecret | string | `""` | Name of existing secret to use for PostgreSQL credentials `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret The secret must contain the keys `postgres-password` (which is the password for "postgres" admin user), `password` (which is the password for the custom user to create when `auth.username` is set), and `replication-password` (which is the password for replication user). The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. The value is evaluated as a template. |
+| postgresql.enabled | bool | `true` | enable an included PostgreSQL DB. see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details if set to `false`, the values under `externalDatabase` are used |
+| replicaCount | int | `1` | number of replicas to deploy |
+| resources | object | `{}` | configure the FHIR server's resource requests and limits |
+| resourcesPreset | string | `"medium"` | set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if `resources` is set (`resources` is recommended for production). More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15> |
+| securityContext.allowPrivilegeEscalation | bool | `false` |  |
+| securityContext.capabilities.drop[0] | string | `"ALL"` |  |
+| securityContext.privileged | bool | `false` |  |
+| securityContext.readOnlyRootFilesystem | bool | `true` |  |
+| securityContext.runAsGroup | int | `65532` |  |
+| securityContext.runAsNonRoot | bool | `true` |  |
+| securityContext.runAsUser | int | `65532` |  |
+| securityContext.seccompProfile.type | string | `"RuntimeDefault"` |  |
+| service.port | int | `8080` | port where the server will be exposed at |
+| service.type | string | `"ClusterIP"` | service type |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? |
+| serviceAccount.create | bool | `false` | Specifies whether a service account should be created. |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tests.automountServiceAccountToken | bool | `false` | whether the service account token should be auto-mounted for the test pods |
+| tests.resources | object | `{}` | configure the test pods resource requests and limits |
+| tests.resourcesPreset | string | `"nano"` | set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if `resources` is set (`resources` is recommended for production). More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15> |
+| tolerations | list | `[]` | pod tolerations |
+| topologySpreadConstraints | list | `[]` | pod topology spread configuration see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api |
+
+## Development
+
+To update the Helm chart when a new version of the `hapiproject/hapi` image is released, [values.yaml](values.yaml) `image.tag` and the [Chart.yaml](Chart.yaml)'s
+`version` and optionally the `appVersion` field need to be updated. Afterwards, re-generate the [README.md](README.md)
+by running:
+
+```sh
+$ helm-docs
+INFO[2021-11-20T12:38:04Z] Found Chart directories [charts/hapi-fhir-jpaserver]
+INFO[2021-11-20T12:38:04Z] Generating README Documentation for chart /usr/src/app/charts/hapi-fhir-jpaserver
+```
+
+## Enable Distributed Tracing based on the OpenTelemtry Java Agent
+
+The container image includes the [OpenTelemetry Java agent JAR](https://github.com/open-telemetry/opentelemetry-java-instrumentation)
+which can be used to enable distributed tracing. It can be configured entirely using environment variables,
+see <https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/> for details.
+
+Here's an example setup deploying [Jaeger](https://www.jaegertracing.io/) as a tracing backend:
+
+```sh
+# required by the Jaeger Operator
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml
+kubectl create namespace observability
+kubectl create -f https://github.com/jaegertracing/jaeger-operator/releases/download/v1.37.0/jaeger-operator.yaml -n observability
+
+cat <<EOF | kubectl apply -n observability -f -
+# simple, all-in-one Jaeger installation. Not suitable for production use.
+apiVersion: jaegertracing.io/v1
+kind: Jaeger
+metadata:
+  name: simplest
+EOF
+```
+
+Use this chart's `extraEnv` value to set the required environment variables:
+
+```yaml
+extraEnv:
+  - name: JAVA_TOOL_OPTIONS
+    value: "-javaagent:/app/opentelemetry-javaagent.jar"
+  - name: OTEL_METRICS_EXPORTER
+    value: "none"
+  - name: OTEL_LOGS_EXPORTER
+    value: "none"
+  - name: OTEL_TRACES_EXPORTER
+    value: "jaeger"
+  - name: OTEL_SERVICE_NAME
+    value: "hapi-fhir-jpaserver"
+  - name: OTEL_EXPORTER_JAEGER_ENDPOINT
+    value: "http://simplest-collector.observability.svc:14250"
+```
+
+Finally, you can open the Jaeger query UI by running:
+
+```sh
+kubectl port-forward -n observability service/simplest-query 16686:16686
+```
+
+and opening <http://localhost:16686/> in your browser.
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md.gotmpl b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md.gotmpl
new file mode 100644
index 0000000..5588a2c
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/README.md.gotmpl
@@ -0,0 +1,79 @@
+# HAPI FHIR JPA Server Starter Helm Chart
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.
+
+## Sample usage
+
+```sh
+helm repo add hapifhir https://hapifhir.github.io/hapi-fhir-jpaserver-starter/
+helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
+```
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}
+
+## Development
+
+To update the Helm chart when a new version of the `hapiproject/hapi` image is released, [values.yaml](values.yaml) `image.tag` and the [Chart.yaml](Chart.yaml)'s
+`version` and optionally the `appVersion` field need to be updated. Afterwards, re-generate the [README.md](README.md)
+by running:
+
+```sh
+$ helm-docs
+INFO[2021-11-20T12:38:04Z] Found Chart directories [charts/hapi-fhir-jpaserver]
+INFO[2021-11-20T12:38:04Z] Generating README Documentation for chart /usr/src/app/charts/hapi-fhir-jpaserver
+```
+
+## Enable Distributed Tracing based on the OpenTelemtry Java Agent
+
+The container image includes the [OpenTelemetry Java agent JAR](https://github.com/open-telemetry/opentelemetry-java-instrumentation)
+which can be used to enable distributed tracing. It can be configured entirely using environment variables,
+see <https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/> for details.
+
+Here's an example setup deploying [Jaeger](https://www.jaegertracing.io/) as a tracing backend:
+
+```sh
+# required by the Jaeger Operator
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml
+kubectl create namespace observability
+kubectl create -f https://github.com/jaegertracing/jaeger-operator/releases/download/v1.37.0/jaeger-operator.yaml -n observability
+
+cat <<EOF | kubectl apply -n observability -f -
+# simple, all-in-one Jaeger installation. Not suitable for production use.
+apiVersion: jaegertracing.io/v1
+kind: Jaeger
+metadata:
+  name: simplest
+EOF
+```
+
+Use this chart's `extraEnv` value to set the required environment variables:
+
+```yaml
+extraEnv:
+  - name: JAVA_TOOL_OPTIONS
+    value: "-javaagent:/app/opentelemetry-javaagent.jar"
+  - name: OTEL_METRICS_EXPORTER
+    value: "none"
+  - name: OTEL_LOGS_EXPORTER
+    value: "none"
+  - name: OTEL_TRACES_EXPORTER
+    value: "jaeger"
+  - name: OTEL_SERVICE_NAME
+    value: "hapi-fhir-jpaserver"
+  - name: OTEL_EXPORTER_JAEGER_ENDPOINT
+    value: "http://simplest-collector.observability.svc:14250"
+```
+
+Finally, you can open the Jaeger query UI by running:
+
+```sh
+kubectl port-forward -n observability service/simplest-query 16686:16686
+```
+
+and opening <http://localhost:16686/> in your browser.
+
+{{ template "helm-docs.versionFooter" . }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/custom-postgres-user-values.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/custom-postgres-user-values.yaml
new file mode 100644
index 0000000..895f891
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/custom-postgres-user-values.yaml
@@ -0,0 +1,7 @@
+postgresql:
+  enabled: true
+  auth:
+    username: hapi_fhir_jpaserver_starter_user
+    database: hapi_fhir_jpaserver_starter
+    password: secret_user_password
+    postgresPassword: secret_postgres_password
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/enabled-ingress-values.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/enabled-ingress-values.yaml
new file mode 100644
index 0000000..e1b053b
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/enabled-ingress-values.yaml
@@ -0,0 +1,6 @@
+ingress:
+  enabled: true
+
+postgresql:
+  auth:
+    postgresPassword: secretpassword
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-config-values.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-config-values.yaml
new file mode 100644
index 0000000..a602b3c
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-config-values.yaml
@@ -0,0 +1,17 @@
+extraConfig: |
+  hapi:
+    fhir:
+      cr_enabled: true
+      tester:
+        home:
+          name: Hello HAPI FHIR
+          server_address: "http://fhir-server.127.0.0.1.nip.io/fhir"
+          refuse_to_fetch_third_party_urls: true
+          fhir_version: R4
+
+ingress:
+  enabled: true
+  hosts:
+    - host: fhir-server.127.0.0.1.nip.io
+      pathType: ImplementationSpecific
+      paths: ["/"]
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-volumes-values.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-volumes-values.yaml
new file mode 100644
index 0000000..748f4e6
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/ci/extra-volumes-values.yaml
@@ -0,0 +1,11 @@
+extraVolumes:
+  - name: config-kube-root-ca
+    configMap:
+      name: kube-root-ca.crt
+      items:
+        - key: ca.crt
+          path: ca.crt
+
+extraVolumeMounts:
+  - name: config-kube-root-ca
+    mountPath: /etc/test
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/NOTES.txt b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/NOTES.txt
new file mode 100644
index 0000000..2375278
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "hapi-fhir-jpaserver.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "hapi-fhir-jpaserver.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "hapi-fhir-jpaserver.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "hapi-fhir-jpaserver.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/_helpers.tpl b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/_helpers.tpl
new file mode 100644
index 0000000..f8ce389
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/_helpers.tpl
@@ -0,0 +1,152 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "hapi-fhir-jpaserver.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "hapi-fhir-jpaserver.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "hapi-fhir-jpaserver.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "hapi-fhir-jpaserver.labels" -}}
+helm.sh/chart: {{ include "hapi-fhir-jpaserver.chart" . }}
+{{ include "hapi-fhir-jpaserver.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "hapi-fhir-jpaserver.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "hapi-fhir-jpaserver.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "hapi-fhir-jpaserver.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "hapi-fhir-jpaserver.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create a default fully qualified postgresql name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "hapi-fhir-jpaserver.postgresql.fullname" -}}
+{{- $name := default "postgresql" .Values.postgresql.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Get the Postgresql credentials secret name.
+*/}}
+{{- define "hapi-fhir-jpaserver.postgresql.secretName" -}}
+{{- if .Values.postgresql.enabled -}}
+    {{- if .Values.postgresql.auth.existingSecret -}}
+        {{- printf "%s" .Values.postgresql.auth.existingSecret -}}
+    {{- else -}}
+        {{- printf "%s" (include "hapi-fhir-jpaserver.postgresql.fullname" .) -}}
+    {{- end -}}
+{{- else }}
+    {{- if .Values.externalDatabase.existingSecret -}}
+        {{- printf "%s" .Values.externalDatabase.existingSecret -}}
+    {{- else -}}
+        {{ printf "%s-%s" (include "hapi-fhir-jpaserver.fullname" .) "external-db" }}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get the Postgresql credentials secret key.
+*/}}
+{{- define "hapi-fhir-jpaserver.postgresql.secretKey" -}}
+{{- if .Values.postgresql.enabled -}}
+    {{- if .Values.postgresql.auth.username -}}
+        {{- printf "%s" .Values.postgresql.auth.secretKeys.userPasswordKey -}}
+    {{- else -}}
+        {{- printf "%s" .Values.postgresql.auth.secretKeys.adminPasswordKey -}}
+    {{- end -}}
+{{- else }}
+    {{- if .Values.externalDatabase.existingSecret -}}
+        {{- printf "%s" .Values.externalDatabase.existingSecretKey -}}
+    {{- else -}}
+        {{- printf "postgres-password" -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Add environment variables to configure database values
+*/}}
+{{- define "hapi-fhir-jpaserver.database.host" -}}
+{{- ternary (include "hapi-fhir-jpaserver.postgresql.fullname" .) .Values.externalDatabase.host .Values.postgresql.enabled -}}
+{{- end -}}
+
+{{/*
+Add environment variables to configure database values
+*/}}
+{{- define "hapi-fhir-jpaserver.database.user" -}}
+{{- if .Values.postgresql.enabled -}}
+    {{- printf "%s" .Values.postgresql.auth.username | default "postgres" -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalDatabase.user -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Add environment variables to configure database values
+*/}}
+{{- define "hapi-fhir-jpaserver.database.name" -}}
+{{- ternary .Values.postgresql.auth.database .Values.externalDatabase.database .Values.postgresql.enabled -}}
+{{- end -}}
+
+{{/*
+Add environment variables to configure database values
+*/}}
+{{- define "hapi-fhir-jpaserver.database.port" -}}
+{{- ternary "5432" .Values.externalDatabase.port .Values.postgresql.enabled -}}
+{{- end -}}
+
+{{/*
+Create the JDBC URL from the host, port and database name.
+*/}}
+{{- define "hapi-fhir-jpaserver.database.jdbcUrl" -}}
+{{- $host := (include "hapi-fhir-jpaserver.database.host" .) -}}
+{{- $port := (include "hapi-fhir-jpaserver.database.port" .) -}}
+{{- $name := (include "hapi-fhir-jpaserver.database.name" .) -}}
+{{- $appName := .Release.Name -}}
+{{ printf "jdbc:postgresql://%s:%d/%s?ApplicationName=%s" $host (int $port) $name $appName }}
+{{- end -}}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/application-config.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/application-config.yaml
new file mode 100644
index 0000000..59bae19
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/application-config.yaml
@@ -0,0 +1,11 @@
+{{- if .Values.extraConfig -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}-application-config
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+data:
+  application-extra.yaml: |-
+    {{ .Values.extraConfig | nindent 4 }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/deployment.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/deployment.yaml
new file mode 100644
index 0000000..7adfec7
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/deployment.yaml
@@ -0,0 +1,160 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+  {{- with .Values.deploymentAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 8 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "hapi-fhir-jpaserver.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: wait-for-db-to-be-ready
+          image: docker.io/bitnami/postgresql:17.4.0-debian-12-r10@sha256:7b9af9dd759055265998bbf12368e6d7d6326e6fd23f8157be841fad0915c1a1
+          imagePullPolicy: IfNotPresent
+          {{- with .Values.restrictedContainerSecurityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- if .Values.initContainers.resources }}
+          resources: {{- toYaml .Values.initContainers.resources | nindent 12 }}
+          {{- else if ne .Values.initContainers.resourcesPreset "none" }}
+          resources: {{- include "common.resources.preset" (dict "type" .Values.initContainers.resourcesPreset) | nindent 12 }}
+          {{- end }}
+          env:
+            - name: PGHOST
+              value: "{{ include "hapi-fhir-jpaserver.database.host" . }}"
+            - name: PGPORT
+              value: "{{ include "hapi-fhir-jpaserver.database.port" . }}"
+            - name: PGUSER
+              value: "{{ include "hapi-fhir-jpaserver.database.user" . }}"
+          command: ["/bin/sh", "-c"]
+          args:
+            - |
+              until pg_isready; do
+                echo "Waiting for DB ${PGUSER}@${PGHOST}:${PGPORT} to be up";
+                sleep 15;
+              done;
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+            - name: http-metrics
+              containerPort: 8081
+              protocol: TCP
+          {{- with .Values.startupProbe }}
+          startupProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.livenessProbe }}
+          livenessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.readinessProbe }}
+          readinessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- if .Values.resources }}
+          resources: {{- toYaml .Values.resources | nindent 12 }}
+          {{- else if ne .Values.resourcesPreset "none" }}
+          resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
+          {{- end }}
+          env:
+            - name: SPRING_DATASOURCE_URL
+              value: {{ include "hapi-fhir-jpaserver.database.jdbcUrl" $ }}
+            - name: SPRING_DATASOURCE_USERNAME
+              value: {{ include "hapi-fhir-jpaserver.database.user" $ }}
+            - name: SPRING_DATASOURCE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "hapi-fhir-jpaserver.postgresql.secretName" . }}
+                  key: {{ include "hapi-fhir-jpaserver.postgresql.secretKey" . }}
+            - name: SPRING_DATASOURCE_DRIVERCLASSNAME
+              value: org.postgresql.Driver
+            - name: spring.jpa.properties.hibernate.dialect
+              value: ca.uhn.fhir.jpa.model.dialect.HapiFhirPostgres94Dialect
+            - name: HAPI_FHIR_USE_APACHE_ADDRESS_STRATEGY
+              value: "true"
+            - name: MANAGEMENT_ENDPOINT_HEALTH_PROBES_ADD_ADDITIONAL_PATHS
+              value: "true"
+            - name: MANAGEMENT_SERVER_PORT
+              value: "8081"
+            - name: MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE
+              value: "health,prometheus"
+            {{- if .Values.extraConfig }}
+            - name: SPRING_CONFIG_IMPORT
+              value: "/app/config/application-extra.yaml"
+            {{- end }}
+            {{- if .Values.extraEnv }}
+            {{ toYaml .Values.extraEnv | nindent 12 }}
+            {{- end }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-volume
+            - mountPath: /app/target
+              name: lucenefiles-volume
+          {{- if .Values.extraConfig }}
+            - name: application-extra-config
+              mountPath: /app/config/application-extra.yaml
+              readOnly: true
+              subPath: application-extra.yaml
+          {{- end }}
+          {{- if .Values.extraVolumeMounts }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
+          {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: tmp-volume
+          emptyDir: {}
+        - name: lucenefiles-volume
+          emptyDir: {}
+      {{- if .Values.extraConfig }}
+        - name: application-extra-config
+          configMap:
+            name: {{ include "hapi-fhir-jpaserver.fullname" . }}-application-config
+      {{- end }}
+      {{- if .Values.extraVolumes }}
+      {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
+      {{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/externaldb-secret.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/externaldb-secret.yaml
new file mode 100644
index 0000000..f6411e6
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/externaldb-secret.yaml
@@ -0,0 +1,11 @@
+{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) (not .Values.postgresql.auth.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}-external-db
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+type: Opaque
+data:
+  postgres-password: {{ .Values.externalDatabase.password | b64enc | quote }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/ingress.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/ingress.yaml
new file mode 100644
index 0000000..7206a88
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/ingress.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "hapi-fhir-jpaserver.fullname" . -}}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }}
+apiVersion: networking.k8s.io/v1beta1
+{{ else }}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . | quote }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+    {{- $pathType := .pathType }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+        {{- range .paths }}
+          - path: {{ . }}
+            {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+            pathType: {{ $pathType | default "ImplementationSpecific" }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  name: http
+              {{ else }}
+              serviceName: {{ $fullName }}
+              servicePort: http
+              {{- end }}
+        {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/poddisruptionbudget.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/poddisruptionbudget.yaml
new file mode 100644
index 0000000..1b1b533
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/poddisruptionbudget.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.podDisruptionBudget.enabled }}
+kind: PodDisruptionBudget
+apiVersion: policy/v1
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+spec:
+  {{- if .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/service.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/service.yaml
new file mode 100644
index 0000000..bf4723c
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+    - port: {{ .Values.metrics.service.port }}
+      targetPort: http-metrics
+      protocol: TCP
+      name: http-metrics
+  selector:
+    {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 4 }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/serviceaccount.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/serviceaccount.yaml
new file mode 100644
index 0000000..3ce5e59
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/serviceaccount.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create  -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.serviceAccountName" . }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/servicemonitor.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/servicemonitor.yaml
new file mode 100644
index 0000000..d945cd6
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/servicemonitor.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "hapi-fhir-jpaserver.fullname" . }}
+  {{- if .Values.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+    {{- if .Values.metrics.serviceMonitor.additionalLabels }}
+    {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: http-metrics
+      path: /actuator/prometheus
+      {{- if .Values.metrics.serviceMonitor.interval }}
+      interval: {{ .Values.metrics.serviceMonitor.interval }}
+      {{- end }}
+      {{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+    {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
new file mode 100644
index 0000000..703a0e0
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
@@ -0,0 +1,73 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "hapi-fhir-jpaserver.fullname" . }}-test-endpoints"
+  labels:
+    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
+    {{ include "hapi-fhir-jpaserver.fullname" . }}-client: "true"
+    app.kubernetes.io/component: tests
+  annotations:
+    "helm.sh/hook": test
+spec:
+  restartPolicy: Never
+  automountServiceAccountToken: {{ .Values.tests.automountServiceAccountToken }}
+  securityContext:
+    {{- toYaml .Values.tests.podSecurityContext | nindent 4 }}
+  containers:
+    - name: test-metadata-endpoint
+      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
+      command: ["curl", "--fail-with-body"]
+      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.service.port }}/fhir/metadata?_summary=true"]
+      {{- with .Values.restrictedContainerSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tests.resources }}
+      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
+      {{- else if ne .Values.tests.resourcesPreset "none" }}
+      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
+      {{- end }}
+      livenessProbe:
+        exec:
+          command: ["true"]
+      readinessProbe:
+        exec:
+          command: ["true"]
+    - name: test-patient-endpoint
+      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
+      command: ["curl", "--fail-with-body"]
+      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.service.port }}/fhir/Patient?_count=1&_summary=true"]
+      {{- with .Values.restrictedContainerSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tests.resources }}
+      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
+      {{- else if ne .Values.tests.resourcesPreset "none" }}
+      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
+      {{- end }}
+      livenessProbe:
+        exec:
+          command: ["true"]
+      readinessProbe:
+        exec:
+          command: ["true"]
+    - name: test-metrics-endpoint
+      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
+      command: ["curl", "--fail-with-body"]
+      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.metrics.service.port }}/actuator/prometheus"]
+      {{- with .Values.restrictedContainerSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tests.resources }}
+      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
+      {{- else if ne .Values.tests.resourcesPreset "none" }}
+      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
+      {{- end }}
+      livenessProbe:
+        exec:
+          command: ["true"]
+      readinessProbe:
+        exec:
+          command: ["true"]
diff --git a/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/values.yaml b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/values.yaml
new file mode 100644
index 0000000..aac23b0
--- /dev/null
+++ b/hapi-fhir-jpaserver/charts/hapi-fhir-jpaserver/values.yaml
@@ -0,0 +1,302 @@
+# -- number of replicas to deploy
+replicaCount: 1
+
+image:
+  # -- registry where the HAPI FHIR server image is hosted
+  registry: docker.io
+  # -- the path inside the repository
+  repository: hapiproject/hapi
+  # -- the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image.
+  tag: "v8.0.0-1@sha256:9fbac7b012b4be91ba481e7008f1353ede4598bc99a36f3902b8abf873e70ed8"
+  # -- image pullPolicy to use
+  pullPolicy: IfNotPresent
+
+# -- image pull secrets to use when pulling the image
+imagePullSecrets: []
+
+# -- override the chart name
+nameOverride: ""
+
+# -- override the chart fullname
+fullnameOverride: ""
+
+# -- annotations applied to the server deployment
+deploymentAnnotations: {}
+
+# -- annotations applied to the server pod
+podAnnotations: {}
+
+# -- pod security context
+podSecurityContext:
+  fsGroupChangePolicy: OnRootMismatch
+  runAsNonRoot: true
+  runAsGroup: 65532
+  runAsUser: 65532
+  fsGroup: 65532
+  seccompProfile:
+    type: RuntimeDefault
+
+securityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+      - ALL
+  readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 65532
+  runAsGroup: 65532
+  privileged: false
+  seccompProfile:
+    type: RuntimeDefault
+
+# service to expose the server
+service:
+  # -- service type
+  type: ClusterIP
+  # -- port where the server will be exposed at
+  port: 8080
+
+ingress:
+  # -- whether to create an Ingress to expose the FHIR server HTTP endpoint
+  enabled: false
+  # -- provide any additional annotations which may be required. Evaluated as a template.
+  annotations:
+    {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: fhir-server.127.0.0.1.nip.io
+      pathType: ImplementationSpecific
+      paths: ["/"]
+  # -- ingress TLS config
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+# -- set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge).
+# This is ignored if `resources` is set (`resources` is recommended for production).
+# More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15>
+resourcesPreset: "medium"
+
+# -- configure the FHIR server's resource requests and limits
+resources:
+  {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+# -- node selector for the pod
+nodeSelector: {}
+
+# -- pod tolerations
+tolerations: []
+
+# -- pod affinity
+affinity: {}
+
+# -- pod topology spread configuration
+# see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api
+topologySpreadConstraints:
+  []
+  # - maxSkew: 1
+  #   topologyKey: topology.kubernetes.io/zone
+  #   whenUnsatisfiable: ScheduleAnyway
+  #   labelSelector:
+  #     matchLabels:
+  #       app.kubernetes.io/instance: hapi-fhir-jpaserver
+  #       app.kubernetes.io/name: hapi-fhir-jpaserver
+
+postgresql:
+  # -- enable an included PostgreSQL DB.
+  # see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details
+  # if set to `false`, the values under `externalDatabase` are used
+  enabled: true
+  auth:
+    # -- name for a custom database to create
+    database: "fhir"
+    # -- Name of existing secret to use for PostgreSQL credentials
+    # `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret
+    # The secret must contain the keys `postgres-password` (which is the password for "postgres" admin user),
+    # `password` (which is the password for the custom user to create when `auth.username` is set),
+    # and `replication-password` (which is the password for replication user).
+    # The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and
+    # picked from this secret in this case.
+    # The value is evaluated as a template.
+    existingSecret: ""
+
+# -- readiness probe
+# @ignored
+readinessProbe:
+  httpGet:
+    path: /readyz
+    port: http
+  failureThreshold: 5
+  initialDelaySeconds: 30
+  periodSeconds: 20
+  successThreshold: 1
+  timeoutSeconds: 20
+
+# -- liveness probe
+# @ignored
+livenessProbe:
+  httpGet:
+    path: /livez
+    port: http
+  failureThreshold: 5
+  initialDelaySeconds: 30
+  periodSeconds: 20
+  successThreshold: 1
+  timeoutSeconds: 30
+
+# -- startup probe
+# @ignored
+startupProbe:
+  httpGet:
+    path: /readyz
+    port: http
+  failureThreshold: 10
+  initialDelaySeconds: 30
+  periodSeconds: 30
+  successThreshold: 1
+  timeoutSeconds: 30
+
+externalDatabase:
+  # -- external database host used with `postgresql.enabled=false`
+  host: localhost
+  # -- database port number
+  port: 5432
+  # -- username for the external database
+  user: fhir
+  # -- database password
+  password: ""
+  # -- name of an existing secret resource containing the DB password in the `existingSecretKey` key
+  existingSecret: ""
+  # -- name of the key inside the `existingSecret`
+  existingSecretKey: "postgresql-password"
+  # -- database name
+  database: fhir
+
+# -- extra environment variables to set on the server container
+extraEnv:
+  []
+  # - name: SPRING_FLYWAY_BASELINE_ON_MIGRATE
+  #   value: "true"
+
+podDisruptionBudget:
+  # -- Enable PodDisruptionBudget for the server pods.
+  # uses policy/v1/PodDisruptionBudget thus requiring k8s 1.21+
+  enabled: false
+  # -- minimum available instances
+  minAvailable: 1
+  # -- maximum unavailable instances
+  maxUnavailable: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created.
+  create: false
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+  # -- Automatically mount a ServiceAccount's API credentials?
+  automount: true
+
+metrics:
+  serviceMonitor:
+    # -- if enabled, creates a ServiceMonitor instance for Prometheus Operator-based monitoring
+    enabled: false
+    # -- additional labels to apply to the ServiceMonitor object, e.g. `release: prometheus`
+    additionalLabels: {}
+    # namespace: monitoring
+    # interval: 30s
+    # scrapeTimeout: 10s
+  service:
+    port: 8081
+
+# @ignore
+restrictedContainerSecurityContext:
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: true
+  privileged: false
+  capabilities:
+    drop:
+      - ALL
+  runAsNonRoot: true
+  runAsUser: 65534
+  runAsGroup: 65534
+  seccompProfile:
+    type: RuntimeDefault
+
+# @ignored
+curl:
+  image:
+    registry: docker.io
+    repository: curlimages/curl
+    tag: 8.12.1@sha256:94e9e444bcba979c2ea12e27ae39bee4cd10bc7041a472c4727a558e213744e6
+
+tests:
+  # -- whether the service account token should be auto-mounted for the test pods
+  automountServiceAccountToken: false
+  # -- set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge).
+  # This is ignored if `resources` is set (`resources` is recommended for production).
+  # More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15>
+  resourcesPreset: "nano"
+  # -- configure the test pods resource requests and limits
+  resources: {}
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # @ignored
+  podSecurityContext:
+    fsGroupChangePolicy: OnRootMismatch
+    runAsNonRoot: true
+    runAsGroup: 65532
+    runAsUser: 65532
+    fsGroup: 65532
+    seccompProfile:
+      type: RuntimeDefault
+
+initContainers:
+  # -- set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge).
+  # This is ignored if `resources` is set (`resources` is recommended for production).
+  # More information: <https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15>
+  resourcesPreset: "nano"
+  # -- configure the init containers pods resource requests and limits
+  resources: {}
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+# -- additional Spring Boot application config. Mounted as a file and automatically loaded by the application.
+extraConfig:
+  ""
+  # # For example:
+  # |
+  # hapi:
+  #   fhir:
+  #     implementationguides:
+  #       gh_0_1_0:
+  #         url: https://build.fhir.org/ig/hl7-eu/gravitate-health/package.tgz
+  #         name: hl7.eu.fhir.gh
+  #         version: 0.1.0
+
+# -- Optionally specify extra list of additional volumes
+extraVolumes: []
+
+# -- Optionally specify extra list of additional volumeMounts
+extraVolumeMounts: []
diff --git a/hapi-fhir-jpaserver/configs/app/index.html b/hapi-fhir-jpaserver/configs/app/index.html
new file mode 100644
index 0000000..638e346
--- /dev/null
+++ b/hapi-fhir-jpaserver/configs/app/index.html
@@ -0,0 +1,3 @@
+<p>
+    Greetings from the custom web app page!
+</p>
\ No newline at end of file
diff --git a/hapi-fhir-jpaserver/custom/about.html b/hapi-fhir-jpaserver/custom/about.html
new file mode 100644
index 0000000..6409c77
--- /dev/null
+++ b/hapi-fhir-jpaserver/custom/about.html
@@ -0,0 +1,14 @@
+<p>
+    <b>This is a custom about page! It means you have configured 'custom_content_path: ./custom' in the application.yaml</b>
+</p>
+<p>
+    This server provides a complete implementation of the FHIR Specification
+    using a 100% open source software stack.
+</p>
+<p>
+    This server is built
+    from a number of modules of the
+    <a href="https://github.com/hapifhir/hapi-fhir/">HAPI FHIR</a>
+    project, which is a 100% open-source (Apache 2.0 Licensed) Java based
+    implementation of the FHIR specification.
+</p>
\ No newline at end of file
diff --git a/hapi-fhir-jpaserver/custom/logo.jpg b/hapi-fhir-jpaserver/custom/logo.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..3a5aad0b6d2ce87c6a585c4a3057c92d1e6881d7
GIT binary patch
literal 48378
zcmeFYX;>3kw>BI^M4V7YWr~V|iV%@W5lPz!2#AO%QKqy5^AJ&yAR*N_FiTn#P*9=*
zA|gcQnFwJJ5s@*>AqgO1Ody0nlFC>8JkL4r`SV`g=l%8l=na(=brn^6uiAUv_qx|A
zale=@3tD1*y<jkVd)Ofu47L%rK|&5D3GGQhKQIXunAE@aVK8S2)&Ji2kT~$4bJoFN
z>*W8>`O&_x_5V2^y5_&yng9I#?{DcpU@&Ru$oeBkkLo{>`1iiVI!V~;|2nRJ<j8A@
z|8vFH>;CJC>n^{R{I7k9hO7<$Ip<$D`RC&w3;bh&e=P8i1^%(XKNk4M0{>Xx9}E0r
zfqyLUj|Kj*z&{rFzgs{&1bYaR_*Yve0fph~)~%CVFA25vQtSV0QX8cH)i(U6N&l;D
z{IkjYcl-0-p?_Qt{mN{R+VJ1U|Mre}1d8jm#Ghe1HcB+CyDTZO7q)JPgyaqhaihdr
zNQ993cMtz-7*Ic<j!AEn*|d2(Y@LLp<hu2eQc!=PGb8?#64vjKlG~$yYJ<GvRq4IK
z3P&TKyxFMvYhk_Og--T9gKM|$%WP6o-nmO<zn1oagNF=_j7^RmH?=rzX=Q!J#@6ZL
zC1=#-D=yb>czSvJ`1;+x6LL2c8+Px(!$(okF|lz;PoE{Hq&|O<_BJys`(4ia+z&;?
zC8cHM6_r&Dl*Xp!mM^VeySjUN`>6c`gLDRSd}8wF6l<EZxWrxNt?*aZAZ_E{!+}2k
zJ)-|Ho*mG5)~#PJxnBCu@kp!-g*M3@>!tSSZ;(6XD19|pe(%x9jS9a$c~e*~qiJw~
zt$6KL=O(3nhV=cMKZo?M5&gXZ-T!|Y(SHx<zsDmUgl&<OfF79S4j2*!f(PEl!T$fa
ziGTcW`&NuVa7CuQ^Q4J0*JAAq3<5Xh{lZk@S`m=8risaHTD%xG_Lf{odmyyRkVdOs
znQ`HEg>7fulWY5kwlNVdxkjASdKyYcqp{v@!1k%K!IC}`75`zag}t+f+BL$D<{cY3
z*W#h0+j!ol@4;hURbl5JH;)`_ImU7$#hJO%0f{MPb1hC{c3`$|nf_|3GU`^=k>&^d
zS2Vu^q|d-$F}O`u^vYb`KA27#7&@2A*hYf4@m`i@JST`@?ypR2xQ=`(DTzI4qMtj<
zezvfxzN)>I8N4*!;6xrLOhw;xOxarlXOQOf1?ISoB_@D!jb|qIX5g^$`PwL%oj_4y
zeL9;ow!n)L!|pfXM}ZQ<qNY&hE}Zte^37N2wSAJH7^YL(jhfVW^WIOTX=pkvtIMrJ
zCn(8A^|k>}GKVf1uUp5^_Py@+es%v{e0ef<Pt4sE<F|yQ9*~1S1k^`B2FyUqUdgXP
ze)Ow5{KQlYyY9OXDTb}97MS8o*`bNZv7hjbr|J+;7i1PN(d@d++$Mi9EU`(do-{6o
z)q`6&(FCD`_ZWGdZ>URie(sq<*DC`J-3|sO><_wtof!6MMW|ZKASzgUGsUnW+treI
z<DsK`jD3jzJ2A{_o;hy~j;n=JYtz`un{PZ@<t*NcP+S%~p{Cu$$WG`_Hrc)4)sb&$
zvr$523U5{P8s~<S7Z?h6cNv|uuXOdan^}xO##uj}`%D@^4+M39n}QjFYV=Ng-yr#+
z*})sXc(KK>=#So&70B6+@RQ$iRROC0ZW0NU0XxVWklqd(t;aC;GgOP%lc^fWQ16Yu
z&WTv?g)g+Z<L&oKC$n>Wok`*0M^A0Bt9<q4(j`)(!R(T>i${kZ<$(2q_jqNUe^frg
z`~K@pcw>JS=@GaOsJ8*GA|8J1<Wm{M=<8|7+O4GwkF(^<`M3e3E#IyMVBe$)<;e|U
z1j<U)LM(@Nu3KFibU2wER$(spjdO_WV?$yWe|z(UF%4`>7Z65H&Nz@JC{0B6ZF2q0
zaa+DB{choV#C0GX<0*!{?V7B^a!iEkQk=avY3x|szV466YF@sJD@n9&aIh|KD;>W5
z;*c!HRr5#mMlV^=o!DQhD6~aG53e0r`k+o^@ENZZi>yWrWnn~W$xh&29}!6mo3ds{
zi<Y1X(rQE#!?s(*kbiawI<xo|s_-Hps0YQ-eh1XIi(#c^$0M9RYbd3Hl@Ub<(IzjF
z54&8bzKd}J7{*e@CQ3i6YqYuekU1?y_rB-c7h3M5^`kp86LYp*WAYqkWr?;fpjVBQ
z7$$uj{OVFKKsF-Q@rf44==u28a5$J4N#+a+7U&3}5*d`K<pjBgpTNXArzwu-J=jpa
zWzEM4>{)v23NU+@c8X!LOCNPd0t`P^>wwloCq({M2ENqM4Sm0EH&&aW@jyAYW^-Qu
zj0<kq`u5de^>4b|q@$L10ozs6XA|(dXPBQ#94%oA|Bo9W?)-cH?cl~QO<KnJzxk)l
zKc?3niU{?niu>BtWt`;u&NJ~C6J7JIy@8}~`C#(}KYf>UKItjoiym_2`HGTCjC$)#
zv1vorNjF9?o?z7?4(QOquAC9Wes2PhNcMRLKH_2P?QnJ`Z~q}ds6{a2MYkrB%M9x8
z5QX4R=B+;D5FZQC9NESdyaA^#CnRs0`n}6-WaL}7y(Uo7?l5o}e9xv#wGi4h)ja$}
z$tFbt2O(jK$x9W(9>kgN^<Q+LFATU+cKD=V`>WoS3x+bD50`b~o`CzP6r=>W3z}5F
zKt82F4BK&|+w2NM<mAW}WyOoK-_xq~QoX@%&QAg&bHuQ#I`zO<2JI6jksL%zD8w3^
z@jZ+)$$ma>G~$F=dk$18i%e4aC#3)YkOF0Jh9aW5I*YcsPQmvGOGPhrd)!7%_)51y
z#H1If6=ZL_La5_t#vBWc^o3l?jbqpvCzsZ|MIp^;lGfh=%5Vf`U?X1H-Gu(`dAVs%
z;aqJWN%2Nq#TuF20yg}Hii5g+3hH(qQ4)DILd#+6agF_)o=!~ZkNg`Fe;ireR|TwI
zg;$c&fw2OB?QDk}K-i>?nS5@|tm4P!)>mDr@F{t|PYg>bK*rI@6E8!AHvFfJ8M`^r
zF^HNgj5b!OuG57yyY%$*7b-TB8CJuy-)UiKWPkS0hTQ92P0TylouNqeG19ieuw_)*
z&kH!x0x(X<1N@0Y-MnN`soA+fa&zEa>+Tf$zBHqEQ+H+@RszMa$K)YEe}*w#=t%Yh
z-+wI{+-d8VqOnQebsu2!+u}>}ZE@LA_Y+XpOhubT4}q~XbcyU7lX2r|eTo>?Kf0ql
z6}m=DP^w5BS(m~R!w~Y|{ao-nWCQOGDc?RojU1%w;VQdT3?p@$9n8TEPF9MV2Nokz
z+Q~oZ<MH31@nT8u>&$@qK%|d@Jk|^GkXF?E!k7J^-uZ|qt*hI16Ez;jiskK&hI2oo
z+Py0auDUpEerDnRl171_n-xNLH!utFr!Rh)>2vU84TCStWrYe5*4+Z?_u!;{&ZO~@
z-}t3&_nNufx8KGneCfyP8FGz|7<M)=v*nx)od&@y`<C`+gv<*r@Vka$5AN#C*MZg5
znrDlor!Cqbl!^mSnAtD@Ic&FE6~{WkXmdWwu?BNAyt*<iEDN(>&{jKGxwd+kT#qxd
zC0=Rwt11Te;k4ilgGY(w-@K-6gii!UoN{n;rx+$B#m}D{<ommPV%t9>FSb|~JD6Zd
zgL?QM6!to@j`@DvZGJB&P3VVIs&UQZr(NwVwHuh{0hN;{P-#d%k}zZ~(XnAy&^Ddv
z9!+>kPWKP`Hw|U}#iZ38J($6dNWTJ6-n6f!Zi2qd-d75a?iV|b7JB6M#*q;Brru$(
ze|%WJme&^@9W#yku(*<^XfJS{)1)+JM6wqcEltRWDua9?-8yF3VaxPE=uw(p>Pblg
zXu+naIn-=7<Xq*zVdRE=rQPOw>G0Tlrm`<Wq+E4G#MzNwo{M3TH5X80?N0dKrB#}w
zXIO$;@Uy+3i|A)N^PuHCfqO#q2ede<(Vu?KS@A|yIZE&GaBNb5#8pxeMY250q{g*X
z42#gk|8RA49ce6A`lhb>hb8a_lSk@8^cRDh>II&73e~yFfkNJ)e!bz3@^*T=d)j21
z_sVYY1Ukz|xYCTY8nWzbg&adr8`ry?afCx?0N!0v<hKYUq3H#9!iW6q9M(^lYksaf
zp1N5S`{8W09vpmGP<MIWT2LcE&C<Hasl^Ed<y2=ZF3?0qFM+8PcYtKLF7CkV|IH>V
z?)p1U{Ao7qHeQpnEtamnX`vC+s*a;Le0ub=qT*GrW}>0{x9{x@9|&K`Q49P-(L%-0
zCSsX(%shSvZf_OQmhXR6Yt$UoI{-|S(6|et{%Yzll8uJ*4@iy77m8t9?AT?qSxRk+
z9dX(*B8C`dR7+q!UKCs-r^d{Dcy+=L2ob5_<Z@=;WK5o~A=YcORam=gKNKPuvZ{RI
zIkxx1Igh1_eR^+7iti(8_jMchTq?kmZv$fxtt-xgD<l1f2yufw>)cP!=bl%&i8{*N
z7ovv5Fm<`wU{o&8QRLr(v)&TDpY*(A*4pxCk@d2J00y>zyF_th?+7^k+_Syu7ebU>
zYNxlT=CRBLVptV9_~h>eq2Q(y0$(3=q4exfuFxS^y}3FJeDHQqAL7E{+LE9ooCaJ)
zzmDEyo-Eu0)Q6D$P7n$3GD|8&S8Kd1lFdRE?{T2}udI@82si8|Rj~z8K*`ch$JBat
z^jl<`-o~%~!Fu><CfsP~8KDKOifwBGw&UF2^Jki=i_>Y%q!S|$kPT&}`9kCuwa58T
zEpY3qPxJQk_lvAo)O?zsDIT(I^|>FDoixfg5d$t7PamqOopEY^@78N%@8H&>)w>)Y
zOVTTFy;J<XeP5Ev%8S9G=_Vf^4>(6UZaE&1<$E+UFVs~AesXoS>h914LLB{GzOgkO
z&}?Y@s*stVq(5DYZ^U;%KFNYGL}SKAU+ClRtl6Axi)1p<fY#N>!7kku&7otYL5Bx$
zb|CRHdh0K#WDT5m9{=40YVv{o>F)g7T#+yzT1=>VZ;eCa6*^75lM$J@s~MpTE!3kR
zy&QwtQe?u)oJZss@&TZ1e#j$&KnEU$5O%bQMh-QHmx*CtHZFs4G#TXBbK)m-{eeCQ
zNgU#baG4eSzFw4hObom0+HF7@^Pdmjs$<_hC)eRno;bR(x##rx4|(7hb)BUE3QKn9
z=&`fN(OEp^IhL&ciCecM{8<CRz<Ou~-6sftktlI^l$QK<+uE~~K6v(UCyJ`E4dMqO
zz}Rd2z66^BdpaOXn0KF+I{_DND63Eu(WIL6q;MXHmY35x?4Ik3=16&lvw051a}gOo
zCk<{*6uk+$2$vJu{5Tvdpm~*5Rf=Ih>N-5iuZm$Cs?Y(krRc}kk&B&s*gWJyN}ydF
zSQ&G&BCCFxq?D83_6v`MIZgh;`4C)i6;aODTs;i|iw90u46}@zfqLBuEMB@$1$EF3
zhumN2ib<eu-UISt63D4T{%ft1iT*@z@6R2;4?98Xsv2>|*krYX$-Dxc?<%~a;8P{r
z?CP3CUZS1CBDt!o{!Jlb7~l8=?^C1+)~TgVp$39SV%ZQdwcP<dl&m;n*Ic*vK6ny5
zV;8IM-m%2zqzY9bD3a1-*I5y=eLVIaxU6~EFXkmM#BfEmz_%mEo|4&)w5a)3hU`O)
zJrz*Ebn)N^fVFuTwdN%ynXM-kp|_bOpWy`V`weu4uTfARtXH+L<j)?**y=xdXo8{Z
zoZJi;hIVZWpsh5<B)5?L#4tDAP>O~sCn(wY5hHwa#IIk2%g*R&UeOHU-uTU$g(d>Z
z$gwAA_BqnyKcLRZL^tFsb%g;Fbx%}T7bIuWm7~a~TEVA=c(tHiBsO_zkN1w$M#9o@
ze6KnX0H{J}&=3DzLo?2f{Cgd;&kTWd+?Kn=<y9Fzo_E)gt3_6<Ljv_=INQ<TKF9t8
z_PXUK4oD0#n4Chn7C`>MgKB=Z9UNC&qssDoDf}Tz=kbW_`IjNnR<7`9^Xn~pTU7&Y
zkf!26nQ92SByirM7b+CG^_)GAq=DUIOp#g*9BjHTC<a=F(NDNWd{t%#47)@JV)V@5
z9Jpm2o0lIj<XzY^H&OBe7>&AUU7#*N4R{L?$=>}K&)B%MaHFcFv+SAPXAaA0d|AOM
zoQ5d7PVKVrG9ONI;YVBaY>;F0i(1gNYVj+XPr@^Qx1R9mMNfnXl<=d-675-4jxjQZ
zD7oxx7xn^KQW9IPy4A{P=a8XAj$j)yOdWVl6Uvu^n|#^Q;HEw7@fma2OJ9!z-I-1w
zvG?YBMqD(^Ls&n50q$SgY2GU|VPGCq%-#<wIk|Qcj&Y=Of^!SkE?Fv|m^qgnEfrvY
zbCVEv|21^^T=kF=oW%uolD*Ntj~<3XR4Lg&`iQZA6XDp>jnkqYi&5)_O)ImTgd3p+
z5QRT9!bk87x<L)r_Z>Cv1%pH9$fKpDC}@3lb~f3=QJ*Vic^Sb`pYJ?NS`9%a0P0v;
zqZlSvgZUu*m6P1&K3&y2OfA1{!m&39@+$C%OESG27cDS)I#EdJdc4W6RcD_KdLUG&
zN@VkN;XGFks_~$cXLBt>=^=c<!h8K5Bxfaw{8$AXM~+1z7q1#$2Q%+QFBNPuLYx;$
zvqCRqYsfh!cD-~I>|%B(_||P?2a%Xt-Db<W=CrGm$^B6$+t)UUVR~Yi8kU0MK$O{t
zpn;7nr_G?KDv#QLd*LrUoJrhxQ4L1Vu%kbnF(---$bfH{Ny-FDs&M_JrSl{fP2whJ
zf`lrF0k5qYk1^ZgNYv9Ph>m403R`v7EK5>yxQPd|3ck$r)NRFW;!^~tv8`s3Y&%M7
zon|i-p{E!>89z-NO$Nsgf<x3fvQVB0ZbWfTFvp$I5Zm>$2p(J5WSeJZdJUJB58-{8
zD|k|qrv?E&iSRpw*`#{R0I`0%5Xsl3w>ikNZbmM;YPV}jtYrT&F^=KAe2PxsL?=8y
zyFLTH?%5=ntpFf{$qCrA@>ral6A>Q+`T#dN_$J2It{4S;|L9(`t?jR;yd_yiGq(T<
z!aa}xuEV#&i;1)3Ofl>lZX+9?PVXNvZZq5wRgn%>4ck=t0%NyS772sl;HDjd!(eN$
zjV}k;_@nGoZlz&3f}1|cBn;=Q6@on#iu?`^3fwF$2oSoY1RC&=d}LnzwbjeZn;#o5
zT&VmF8M~+4VZU{u7WrUKN-#o>?0@`LH@I{@ngQ&<KH)xiV|DJ>^!Hof87(nvBeA>N
zVT<I^BaUcYp}h#gHc$8il&mKQ-ZH3^etY}sT-u^mC7idg%NJ=2p2F`Fo`CSF0qn}a
zk>yGNb-$Dq<h}1cUWFxM*k^~~dJlVLp&SVs!d{&wHpLO5z4l&YfeZPUFG9)I<m@!B
z9_lkSG=nw;==>zxsI7%wF?Vn*NVG*KS#z08B3}=fRiqyQK9xo|GzQe7&V5RD0PRH?
zbvGdOMa_wQs2|R^5K5BJ_ae&d{2fF}D~fzaq)-m>1Jd3SX%11QQN7@73WV;7hkHLy
zLo~sGFa%iGuMjtz*@<BRhxesJh=n2b6p=TWorvb>#{nxl5MPARCLCJhfP2dZ7U>XX
z85tM^d0*y$oC8<(p=)>V@<{ZeK<d^}puTzZq_z&bsucw`K=RF(UcL?kGeG6tXP*v4
zB-CtX=<3QZ81YhXOM?lvi!!?7<;nR!ovj>_lk*mCdPuQ#&n#UX%OW?^rt!WnM7xE*
zX3cqIK@;L;mq?Zs?Era$M4Yw4{t$<UpX{}QpNHfm0L;Fv?z~vYL#tqa4KfnLqLj-h
z>c915z66+TOZ3-yRM#KOPx(3`wF=vN&5vsLYj(WhzGvE^l{6RPkc9xm8S3kaMb7US
zh#lD5jcXo2Y<^%iVabljLOb%c!OfZwcndjCv*2vVGM;DKs@r-F7tC>%z2d!R&<&o7
zi>uL{*P}n6`@i4h`hq@dFN;}kniPP?8yzMvtwfeIdx@70J)grB@pR(jJN6;`#=9o$
zbF19`ME~JFtS34-at*cmXpT$Du2TW~;icO3ojdurnW9j;IC%BC(N^7ZP|~hWMMyDQ
z({_G55!s|Yu^-a}&w~WT?zDt_wGL?vo7_p9YVH2x;80;7Il<u}k?r9yB>Ne(FK-MF
z)NFR9ER=kTNLm2b$_AvtUrD{h`(%jf4-lH0)lC?q$+`Tatd{nJry{(_>=VJ0V%WHf
z5EEmzjbT<dfARR+surgeP+{%d%_v`=mL0R>Yxb8#4D}<&UTf$yfU;mGdA<2b-yCPY
z1>>=ad#ti9&+g%qZX_)M*UFFdnA&)CF-@2!{~*uG<9msl%TzC6q)6B%8~5%5eKH%a
zeaAHJz{hh-EqDZO10TUzpm^7dVJbM?Y<`Zzp5GrhmBfwf(WCSi&`-#NXH~$6KWPQu
z_$kka{|Cm*LU6<%g_bokzQ7r9Q>yD~(-?9GJ9n<2pp}?r72cgUb!(gcx5divvs=Ao
z^@ul5IxKAy6(Yx;A<Jm9w&kWBO~5AeH}q;RG3*bJP_^PPAX-(&hXaDJL{mO-Y@wM1
z&8y;t###f$O8tmegfzNq|CRiLIcOrN-2jgf`JE7xT?We+Efl|b9fWxr@h=JPK=WxG
za9s=={Ca|<gwrpBZ#BEFb=jSDp49J+1KPsjDM-G8mccTKl_<An)zxS{?Pg(ftoC?P
z_as4cN9yvsj$a`M;t15co2x+A`n5(L{!obCPl~QP;2R7yQmjyop|<43mFwi6SXmaA
zB{)75Cx#t?Zs^2Q6ICL|lF3RXL=9}pccyLNp|#^B7{#fk(FPmpeBe{QD)_tuJt&3=
z<s86G<zqztfl!LckD7D4JMsJY_Y_r{pKrYQ3JVV?QJ)(s&*>r?b1W!k<|^=^D+<YH
z4Xgd35F3V7yOSkKcHf6@b+lCEhs{VSIR5f?Hn_Owuc?8~Y9O@8Q}uS48L^Xoc>B9g
z=eG!S0?|F;YS+kVaQ<<VhNm7lC4L|iV!)T)&4fDZg3BZ2X~Z=LM?*YiOzKQaJll=d
zju9pkzdTa76t~3L`9MUd|E+;sxWG3tXi2FmpKW0*MBjk27M2{D$`;X)nsS0Sh*U@x
z-lQ(Tg{mS>7a|&6I{JqF^ulusUuNy$mYv9!@SKGVgz!F9u|A6A*9w0uI#6LVX|^lo
zPV$J3JuZVBDGI{(W^4iAAS6j`$H}Z)2=u3<WycZL7JMMccM-#mLLA^y+e3NR67M%V
zNlUsS5`NnV*g-2<Nd&ibz?0IHif>DiME4BB${s_xk4PqI8okb7<F6r8cCEw)xV2f=
zkqqsvdbx&JlV~Bb09))<%qBmY^CI_z9Ly{$D~k-ZF<dlmykrS#k!HI=8E6i!_hA!f
zS3KVdLq*viulCm9z81S&wu{x}60Q=G><G?tLqn?I#$4#crcZo0-3~cOWG1HNGj)UD
z24_lM-4-Q#>K*?%KYVW6<;39#WF{eXC$~UWUU)WRZ&r~|vP9`|LCzBfHEyZtQVKe?
z+R4SZim*xHs@0*|Mw#1^F0Cu-wrRzdcqPCr!;%iakCd*F2-&|7S%b)8$=fztC4K$A
zao3AF&fyrHo~GI=QIAV8HO{M7?b5lLiH|SZ>?Ex=kHn$(49WkvFsJdX<l-x{_x5=#
zo5GV)rg4(ViU~^m2?Z(<OQEAE4lznJPYyM@WX=OQk9M^*g}m5lBbJ&jqN^k)Cf9z+
zDfvY!8bRqL=$_H4mF*y?1NDc+u-`B-or+X*6_#_fV9=!%$_26HDQKb?CQlxt5e8Bl
zt$gct@uS_?;~y(8K6zVHjt)$W*9K3be;mr_e-o>&Gg}16EzK&{<;SO$+m+Q#;(-k8
z3Ci(@VZq0a;gTE{oRNu$cr^PL*}?RBFp%0%8*0S~kXg~ZwHDD0e0IgbSLMjM_#^lh
z;7@*V93mW#s>kfnXUfY2RIiboLg-+H2?agXe&6(>yleeYa9M&xy(OCkMnshaKY4tK
z^%crDEFxtX#5bgE*A@=1pRhvT6FMx(WwV+9fUJ%jO9Ki?bL*2vux<59#;J??Ksn2w
zxB0CYHtMSz7e-{8K?$N3GT)@F@$P0llE4^S8T2%0qPujN^0RyH=5OGA@;y2!tIp<e
zshKCsuH&+33cSojzFCp;EYFQB#fJHS%+)eRs?IQ~6B280kOsARes%tc#~$+J&dia*
zptJbEEaLn~Q<V}aBadgM6dKiBf2pD8Li{WjnNs}mfokfdJHaKdj_W-(^qWc>Eu`mP
zP{&Y0pI-KGHJ-{Td-68P7{c8YvJ>D9x&FhLxn#D**KXXYycTA}p*@7+8P^PezjYAg
zmy7N&$l8e~F8v{eqi(;Mapi@@Q&p>@s~R0!u!L7Pk`>*`cN_>qJES3tI|hou&A|d4
z+;2yGi1LFN3BUOxR<Chwdq-pM)*|OV2BT(`9x?2d8>?=ZQlsbTwIvny9DB*U<{7XJ
zu^zShHV4nB`yhG=_|XPcd0xF%Z`ijRQ%yY~c6iiI8FTb2W+i`UoHUtexMudlrtj+q
zD3I3~T0j=n7_9j-G7r$P_X$TqpDEBs4EuFtU{{vp1cNL|_C)e^JASXZ*#|0!vP#H&
zD+F;|B{_o?AS=29pV=+E%}33n9^tOgJ5+tjKuvbCP$h+U=gpgpzSAj6=u3CTs7uD7
z6zp(SPH|KBgpjZhw1X+kJMlKpbNOOT73oQDr==nT?sv=lDBIy--CnHMO8ux=x2{pX
zwqs0vsCW1#hd{%?-WzehIHvZ;flg$98h<a)L>^FO)aJ|;Ltf%_bq4JcTiA{V6}`Lx
zURO65{+T%*e*75MNQCLSOUk5w*KPJp!Z)BEmOMi@P}7d&M<=Y9Z-D?U930NrEUGbI
zU(eA#9WT&nRJjxFz}XhBy*6jyNQm7H<oF3XN^vF(+JHt!gBVs~2$Yg$!D~N+S0W}{
z_!+H0s3&8y6jQX{dflSLlIw7I7$(^);tNbtal#8Dd#K>uE*C@&2C-;(Kf>~DoX*2f
zZ{rTY{$i69_x?2`{i2V42Jz%8g!@Z4Ptor<?+vLkDPkBUUa4AIP-b7p6vOt{42mwF
zJXQcSnkv0u1j;Q@*1qWk`$lZ8H`M)FWjg1nIUMYGl7NZ2ojWn`SS{ov>nmd3do{oj
zZH1=-#iOMHJ+RAMmk-a^0UA?ymc>uV6Q$3HH6>3$sm-X4kVSqR?}r$M#oDP`!y~g3
zUN6Wr8BH}*L*9bCqsEdQ&G2}{acwvn&?7{KW8S+0q2D6Q128<5icN)RBznj7xkKZ3
zIG4k&=IJ!}=7kxE49q2j-fZHW1UsBURu(F1iB5PFMa}EoYOBC?mJ80%bi(6=Riby~
zu@rL^(HrDgCVrzRC*=9=)COMPR^wW~A)sr4+vhO5?Ah|YNE1q;%(_Mnqb99|+YNZ5
z@%7;TDp4YSkNd;I-Vu_S*`mn^6s)JlV+6inq0ZWbCc#gHh~me6)SP2?75hPmxy|gt
z*l<f^1z|_3<)EIBP_u7So{E%uF4yrC|I=S+4-$_)PTfPslnj*Q-|ExJbA5DhpVRI;
zA;^ZWl=a~#X3LxjG<EGoDdtAj!6cl1BnY1g%Gvtvfd2*zZ#I3Cv?y2~H76mhAPn{x
zwP~!FEz2pbzjPCSc6FQ1m|3Rj+bOS$nntV-TyM6u01DXZ4Um4Af%EMj_(V%^gv~vX
zF1T(Zd$KA=WI|Z@3?<j)$ld0b_f|Nmec4F*B0IPMZk!RE06TS%aY7k6zD|?Dy5<>&
zhnszgVEUk_PpFUXs!``A1ohmG0fyR^t=WV);;$*0hf!NEiecsZ*9`cT_xE;`RqL96
zuOo^w$yaFvT9HW%xu{OZci&~R^uSWrz^*H9KsADm6v%qWcw^9IeT)F}qj7nU(w?EO
z^XCccm_@^O6feV<T2)5ZfBimMS1fu3WrGqScDt>liq!Df&($t8u$$ElE`G(Vv6R6M
z_=3))9d_n*aXG2uc7JDM_njF_!!>vzyG%#%_dJz~;}u5zU^)2)fqzIFV(f!k^M!ku
z->?o%Th_&B2lHH`#IT&OD)^fwe2&h#N?S1uc>+7L+|4@<xq@`zS^mzz8byxhI}YN}
z(*VEOAyT07PSKFbS})}4KSgXLP0nkNJ+eLbPJSL)Aw0pU?@hQ_StmG%=mFoABW%y!
z_>JQc$nIdI{th0+S`9Tr7-)1X#NButmt-+eorxH=LNlCUaojg89?7d8$C!G~fGvHd
zAxqIVXy!|Zg5#;bno|EIcS(r*{@OwOS>^-=kjKcx!W(twY^l__&@ojftsFYG>0ME5
zOZvNFPe_0%4-Ehzoh=HrmWX}uOJ|MKn-RW0x-4<N8B{LMkU`zSsKu8)NqyJn(F+1J
zwiCSnx`!y%9O=ft_kEWa8(-BC@@6C>!+|qcE;4*jUWzLKq9#P+cc+1O=wC@YefzS(
z56p=LYnQ-f_v?$u<A<6QP?T%>(rca%DCsI1m3e%$TQLV7HJ?>X{*-ni-Ip0yWVtV}
zau-_AiXL4M%5UcJp_p>6lzl<D&npqGGNqqgSAN6Xt<2o@c{dnl--Ev-ltKM~7fa7+
zbF_IE_~duE>wNU>qWQ+zj16L#Q)mF~-ma61ACA5h(RJK~hlQFfU2bT0bES#E)UoLT
z>YYFg3t2S~>F7r$I92SevlbD^{vD4Xt;wN52N4I~7W9kPCA%Rd&F{q(l0TzPP3z1A
zZSY^7J&EnTpKCt_Jgl6wiEj%IIdW_;NOAXUx3lkC+XHW_WRLuvI<xT_*Rh2y*o9v!
z+2jN+-{_?2vRUq2Q0A34PfqSq+wQ;06cqzwkCj!>gWw)~>+339w>^C|eF${lA4Hr-
zDvI`&o{-!*=K)$Y@@uMcN+`B%<rZ{o2jyF_S>|kEPw$#h6|%#5$)bmQ@<O1jTWQ+&
z#X+k$toGx~q~pr`E2{HGey%O(e)L>2<c(IKNbwTu7XSV}cloAH>mr)dBRpt6?Y0|=
z6dwGbF1B(AW7drw11l{Cd`ZULmjR?}t8anY^-v_yaYmJ&LJs=MXCz*CC=tM$aNc7e
zLNhO9;X=3#J|}g++Fhz9<lM%Y*X89+VOQQAS-d4Y&PC4t6j<ZVi_&mz8Cv|%(C68M
z<<3Xv{r$7S+4z1jEVv19f)^{#IkJa%ui4Q&>Ld8<;H#p@h<9Ho9pxB&da9t{*cxh4
zVtvRAuo>LLr_r_JXNAFIo2lI)s#dEv&<ynaQ9usK$;MyGI27d8c6$XQ%kQdl-*1&U
z`EKnl7g>^~!|WK)<dv{<<_zc(rjH7#v*$Mp<ib2gZvdmQ)hdE*bvMB`_16zl-+k!1
zcLc)j6TkkA%&DxH`uEnT?`KjH5I`C*p#PkE!FF=wTQaA5RW2=kL?~L=d*2~W=fwYb
zu!idEXQnxQ{`kQufx*-zSZKF%j^htym`LkgsehL?)d_k7C84u(90bpmUz&?k=jVC#
zRi$L$ZGeea-?px3MUvx;xg-S=cMs(1B7u6O`7Zo0lu#vF_x0XckY|1E$nu*e*OdK1
zsG^NNB0oMsWruO7W2nZ30Wu>flbz0(e>r%!FvmpD*$!trNCFD>=%>M2m&^>hFV_-Q
z45n(iai2LEGFSC=Eq1N1%oNf_W5*30EpbYk+X27d*gt#3up-3VZO(O`F+Uf>F`&N`
zFair{tRj=Olgnh`($j8HG-(0B`&CqEz8xHZZ~2WM%WhyRpO;%}IHwmdxuB5SPhI^=
zt;K&wmXMmnumLo~GN(!QLDiF@+GxKH<<YY0hY?d=XollZS8b3Q^Z1x{s}tXQ5$Jk4
z75b2g)A_d8n9F=!5}`#-v0igdkg!L3=q$<dBq4)5$El0TaL1L1^6#RVs%IXceU^~l
zk%N)siH{x(^0^1FN<~4LB-~ow{?Z$rcfi9MbbV#UDMD`YWRLryPhIVD5QQDZefbMU
z@GtlM-FyzWBCrJ8X<LxKBuTq5ASNY}_n24i_`9C&jk$e@e!|zfM_=Y_mLd+ZE+rp7
zXgTom`8UPGmL^su7$smQ5_-(l99f<Rhnum3^HR(8;FZTwuVdPzdhqcCCb))*aUG)a
zVmU)&=t!gwCK?57tBH_)5ooS*Tt0Ts3-j^9jBmAhtCsv#!AWd4?<PMvcnq%mZW%r5
z;{IVSaeDY>LERYJIw*O$XKBTmcz6Ywa*RfK;h9`prtXn0lvONGtlEs7uB{3Aam5;~
z_|i)?W1H-@dvFR|9h*mYi2qn~do2B_@B7Pjr_fNsj%Ed}83E_X#fZ5bbmAbKKI?Iy
z>vI|TK>&*9y>QCd6sQ_;8YCxIADdyp2ilkpF?A9`%Q8;l)5?5wKxiM0VpPsSKrVWi
z6a&&O>V%77o00BgHKSM?!ExLc@IC8erD7ZQMAIN55oh4ZAaD6rZfyF{&hY5Agvajg
z5w!=K9WTTR6138)HXV3da^SC=^8cm~Hz;ffEdvfgS;^4)g&~06&A;AqKHlD?b5}{b
z%X%^FOz9tqN3bKizylo{>SooC_H5x5;H*>>e`B?~8}!ph_cl*l{u&mAcI?jG>f~}+
z3^Sn(w(*Yhy9MgFUs6AdVM>NPyHGE%qvy@8(i(!GvmC?gs&gfAi}@S@61QKJh1VDn
z8uRNjoAOwpna_fkG-azgtAt-D5Oy}V%t2OL4?sDW19oA|g(#U|25nugw_I~IDZr_V
zuDk#R+Z`9j@1YoGSL%B|QS&WEqsM_#NPp^hH;QW1&v_brI9bg(*3QR4_=5lQg7xVT
z?X|DM=v{7Nm_6Ij31tQGd^1Z1asxK5qj7Y5Ezz!L_68(G24?w8K2GH)r;u}r{mS6x
zkid^a143O<VV0{arEDY4Lhj-HbI1u6Dkfc&%^;^ln18L_e8RNtAk)nQg&Mp%`U+)*
zmuIeYu0&P*T+d!D-S=Vte2>dHa{?FHRc!%9XN(9fb<8hSar0fQ(@)wqW2~G7*;lYl
znCr(Cg}d=zfbyI<DZyT}rT5rlYk@Uoe9~QsTl@<!lgeov?G-uVTWRbIv;i@U_a<t{
zqO@8Jdl=qWL`b)-^R&jSF=)5Y4dgc!)=dfJ2Binvl5)J)41`)7>eQn~;V$QpXD92F
zv&PEMqwYveZd6>{!E4F4cdZY<Sh|*me0KQnR7mcI-65qQ{b&Ou3c7?$3Bw(HFIC=?
zZ{qN7bO-pBsdfk4FvaYu%UQedo7clz*N@zp>AvHqyG!^RHnqNLC9=joe2k_rq-t+*
zF8NKGyzp?z7fsS|2mfI7?2nASKTynthxwn$-3k`D58*Sq$SBOpn>k3xZ>$c-p}qu5
zg<0HQWg5{de=F2WJ(uyQ?ZiEn?i}ahY-T~ycUmd_<g3Z_j1<{z_-rVqFf~7}u8K+>
zBgX89=0)v@`Kye0lhL$2vosuP_Olvlv7B!2;KXh&_hsnHIUHJS@XU}wR&|z*lUUJo
zOkzOYKAd?ME->eD?t9md*~qGX3P~tcK`LRl#et<VzkNX7Q@sZ-xH-D#E1@_-_B0eA
zFH>0S{sLWP|86nqpKCqHH2lJy)x5T4WUPxuJTo3G=|50X(c|>3FzK9TrOpb|Nenx=
z9XAx*Rg0WxcCPecu)d!=a<AakW54q+<(?%!?N7?H$87Dfm-?!cw`IHKmA6$Ny<U}C
zj}hjeg}>g4Z_k-nFxLb-I+P#aE@`oDl%H;Xh2?|Cs3JR{Tm!1-$;0`JQbA*UyT(z>
zdYsP>?arW3lc$<`GyadzjQf{X_d_DA&Do4sI&Js^I5oaEC$FKKZ^B57_y6dds&=yW
zoBv)>n3{^PJl^amg-LRfop)d(t3d+ML2v)q@)oiolqPM+KMWot&9`xp?Mn_t1r6W7
zlQV(Aba11MQC6ykj_6sbZrhTLC^lCEIdUJW`|wQNOWs_!Td2Y(vi%z!=<v8I#nEUS
zaq;`~$!hXoEXYI%e9>QPt~R_#xjY<vkvrA*9x9x`8LZi}iMt$~z6Kw>SXMGI--;s&
z^*;{`Q60V2VrKRQ7Ix)9f1JW#(0?#E`2qO&7q*JK=|<RM?g|g8SGk{shxCGVb7Sm<
zxOdR1>#!h1Zsk7aRZzhfBX^K7q$y=y7<5_!{yV&6ohvI1|H05bC;-6=dW(Bu2i!f1
zzk(doA}8vE<D5roYa<pmVOL*zD&;r|Z2hyyR!|udnR}dmZtt_gV`oGj#WPZw_+TX2
z$2;z7l@_!@Utf;{P0gji5p)UZb6H{=rHVOi>W91Ea&aVhJ7g5uwMJ4u@d1*JB0U=2
zf98%D7Qc3>CAt8J!y>x^Z!b&U122h88qhY|;NJqz)rb<R?J!V@%dr~kH4V;Pi-Q;6
zILs)dUdAlN3N)W)JbQTkNmCe#LQ0@*#_L=L{DkJzfYQrR$ID+_CJDZp&)s|bY<er6
z_28S&wcQ`CPG;4-5Y{GqcBZs<HJ)m=%XBW>50yH$9Q(hKijHb-fwn8BAocZ(vCF=n
zE2)7c;g`fP1#D7FLzP=qwgC2?9BafLEoSK2dGuvb-(mFZhn|X((bedm)NWT+_I-BW
zPB-#~p284s)s|IX+9;++5F|(6<+aTz<Bu}}s&iM#9AHz?Wppeh+_fTYmnNp_3)BA~
zPcsg5tuq(yA&!xn=Fp$@@_DYlHEmWHM%mNJIP!bsmTB6MihA~1LfDhM>ugdRk$;d(
zxmeZ3g~vG`TA$MO%6L4HV<Y$yJ-HQdzjoW@N`Z}?QA2g}&4koU6ml=qj5v6ztTd9p
z>Wy)?d{yiHujz$Be;+>eVj-73fZtf@jTt0gM~-D=Aiy7NXVRE!%J5)d!|-X@8<0jG
zdx!KzaN?eT%G=&Uv*%Ox6Hk*rJ+T#JYNEbjF-=4i!*)kq(uzYxD{HY8UUbLN5{Mw4
z|0}-@{JrAGf4^PC0TSWTxRV_6=TMKWeFJZ<#|8$yUG*xhB#7KPP1r>l$*T)&0<WEe
zu1Bl23CuyN#q3Ji*}}mY?A~2;Ohwl{fO;-@ZQ#E7f+FYVT)5yMKb)7$J|1@@r3%d0
zeA)e;8juI@RBQ2<7~3qL*8_gzLA`X|J$pn^N4MF@??sgk0v&ULz>JqPnhttSjKDAZ
z-h1~dZ=mHp%jq!Nw$j=ud2dNG?JM~?@)1yioRb!)^1lKSeyy5={cUB;Gd0Hv@X_+%
z6-)deZoQ}kza1C4!?z5D9&l+@>vuP9H3g*Et$fs1ei--nueZ~Pj!opNu`b8#>~Sx+
zpeA1`eO!NS9=^i&^;h|$*Y%s=Xq=BHlyMEg3)8~kQ9I^3j3&|Y=G%pad@`M7ro+*;
zEa?llF|)PDX7A6bhFXKyJF{EVoOdP|nHKUw_NL8Z?l<>QE?&C16r41W<3*^)5Qyy4
z#C87f0x`UZzN{ZX`iuSOpbCh*gxu(ONsJ`5AQFg$%5(eK>ugk8>UO=Fbpp||<SyMS
zKy4MWQVf$M%~7AUTk4j`7ij%L8HP9znhUfp>GZr2<gNy;z^Ue{BI9E%nh8GFelDlk
zWv#5*z&{(+*6H9O)l8mWEs(;0L+%vLkaqB|4Gw}H<tdu8#Xkk#ILu%%EZk_7$T0vn
zwgLWiP(i{%-04jC{(@XMNR5`}k|w?%Su_60x9h1N{D><7ZX-)85G-m#<;#l(`wyE5
zdzmYlY{uwlIRwgRcPvCwwuo}^JA<BHX6LtaWyCPul96&-8XKxX3PT$X`>aI~u!DFK
zW`7B5<?Ry}Ei_*ewPd}6-RJ%L)2O2l-wL~tZx?~>i*9{ttN25T$}2bGRWx#Q`S`_?
z4i;5u->2c#`{WESAOr=;yc`Oee*iUS!KNz>gmlcMpZXl_ggzmL?G-*nHQqtJND8jQ
zBzL4sdYtD5YM|x$;ZM9T&b_#L)iEp^s1bc<OAD2xZSN?N<;`@=q<1crtX_bGNnC4D
z9hHp~Dwyz`InR7m_$j)^bn*j7R9TBq=9%^k`fIPEphH%qTaha5b1lq|WaPb)xmp|x
zJ{;cvIOwvrDb%%@`6r_HSPTOmS##9~VW$6K5Zy>?2|Rix8eCsW&2K=CXtJAt9Vwxy
zX%P)0tR<VkLlJ$kWku8?{%u~W=(XAI+i&@8s92zC<(3^>#L-(5Jw34IP0z*@&{d#_
z!kT`Z_CxbXbZzSOOvFJ;($}9nohSX>=hi^f9S8ma@?7BCKpQjL)EQQ=zclzI)*}^4
zV@h2S<;-a=PL_8D0fT9SXi<tMiCiC{$M?wLDA1vDZDQIa{MQVFOyT}>_#`pR5U@Lr
zu{|20vq~j^n`j&==;Gso6fHqIup$aU9xI^j^e_@gM;lg<X};-eD5z3J-k|}#v<%Im
z!>dr1>6zYfG3>P`RGf1fjH+h)-tMO^J%;d7%189Z4Z*`deQN=74NSmZTP}J%z6%bK
z+{D>v`slNiyYoj7=8d0D5f*gZ7OV?C!n=_Bn%XaXcFMg(o_KJqkY+im`MJLLTaHyi
z`1iMGM4Y8xjvdSK1fs~t@#=V}3bF(pyX78fPMKriSoPb{0K+Th^|FHelU0_QVDbtv
zx@4<%L)vLmy{GV}7}zTQ8ZBLaHI_szI{Z^UF1oDo{GCkE40_(0v1`&Ps^KEf(EkHT
zkUO++*EG@ccE(<g-c$OklgnE#oKiuUQKgy0cvIzvj`@2r<_qw{{zEe?v^qbv$%Pt^
zs2j;MUzpEflLVzgNp6+s&C3&?v3@VSY>Z-B23vKnOOKvi^N?c;<OxZ6S8jC+Mcd+A
zG>-QOeRIRQ@zcG?-WIoyxNUw3Az@ZlI-qCG8IGzk<Kt*S$jjak9s7~uHBIT1u7=LX
zn+|na4*(m21_9|tDC>RrRqCP<1y40sc+i9{E{_XP4>hVy_sHcMKRk!DgsPSze+Br~
z+O+PDK=R6$f)z%@$58Ut<r!aahE;xsmSB%wuI1Xd^tA9DlP{90-zcu=z*~jrXad#0
zn{^jJ@a``6Tp8*;aRT29ee+0^iae8v0AZ?3wBg}70jeJ;Z1h04*dK)Qz^^*MxO=PD
zAhDb!iYeJp!G9C{@l(UV<xfy2&U_(%LDlm^<8$K}AJq?qFOe$!A~Mj?0_&NR3XbUM
z#S?!`t^Y=y<o^tz`RTk$(H}MX0!#kQ>ARcCJhTc4qHPOsEYPtl!ZB~PixYak#+^OX
zSj@L;HYViw-Ho11bP&lP>yky05}!3oarJ^T_%{4{(VH66z>t^}s&izpFQ5W0YEA()
z<XJ9hoCv+>_N;iShI(K{-{#&yNV>|!Nv~P-(ff)%QfUo#lXTX^I9^YvAgVSu79L2{
zHE{ehqI+=Gk)Xvbe@>q7SRw19^T;w}3@MT(r+9cd{V83r1U*#@2vtM>-nN2t5$f>E
z*%l1h&mD5`tyo5fm#{=xe`za}@VjR`=Ya`CHx8R{W0-o|n#{=Xg=Upo4k1$=Gx&pS
z<p=!YEyZeOKW_EfX3&fZMPUQe&L(W#rk8n#j*R85caHjnG!ai<Xhz2&x7@g5wmE;e
zUvF;o*Rm<(m?I>})q)y8{Tboy9J9OR?RR2~_K9H`eeL6|eA2haeAIG|l;~K6zq;R*
zEO(iE9>{yhqzcN^i^gLce*PYuFRKe5?if6msdix-1S<*9o1Y=V4V()fLsz<3^2pOQ
z1Po|a{dAd>BQ#+;Y{V9|VsOWEhtQ|3EG!P4K^l>!w`p(?d)nV-r(UBY_wNJDewyt`
z^X!^vIsfeBwXPGU2j4v7?tO*6la<lZq1gW`evvBAfL<5XkmU3dc|bhZ|KvGIq4M^Y
zL*QARYPUPD*|*&)Y7{qhj_0qZrkPNfha8h$9lTO72;ai524%Vh+SqE*ZvNE(EpYi+
z(J83ZFY}>DXA&U?#hJT7We@$Q4RzW*vxJo(B^m1C#W?bBaZ6pPnrf(@SI7_C^dF<i
z^_21aRrtH{I+I{8H0A?y`pO;53%m&u2H`$mbEQ$$s3S_~e*G@Msx7XEJY`Mkcv`AZ
zE}fTNIKsPfC!DnQ^ELu(-$dn>#`&soNgcstOT1h@9+DQ4yjfwP-O`Cic$1`EYxVdP
zWUBuHUn_LZHz0Uhe4vTIE=(PY6r%$`Dw?YYsgIF=pqBME9Q23o6Z;FDI7u8OWJPy}
zC!hwPxcPVT5;9d4!PknO3%tGOG1tyNWZC2i)fb9+>JI|G)ss#U!I@VOg3zPo;DfDz
z-FmOITgMc;qu2J`%tyw*f?fq~(J)};H78$hv+pKkA=`=fHPoQE$Q=81{BXuW&f`+D
zz?heRKn!bn<<D}EhAyjRE;)5pi{q8~!T+rEu&>fiF>FyTO60$MxnqmP<W-Ld67D=3
z9yRdvQqLRIsTIi}Krj(j@C_a1p?-4$@zG1;yG%$fa>=`Kl6WT3tet$P@D}&JqwvWj
zAd9@wF~Fp|#hTm~>RgA)+a@ZojZoU1HeiCBL0cYn<}oKEq;R<;u)FH?m3WHrEjN>u
zanT_4AwQb2l4y1|q1?o4#55p!<@yq7a$$!U=9BtJ2)Df)KwMc?>dZ<afa`G+8tWKp
zqd8^Yv_xJ*-b47qd=g!DV{@m+u#A?&swW)E#U|q_nTSLUP0kK~cWrP#Z}bDL#*h7;
z6PZ>F-`NBtk<TCo?OW7-%emh+v3%A*aD<=#Q<E!v&@jAVL-+g2iJyg`(ZG@3uQ^I4
zm!R^LWBS++$sbIU-G`<lxJfR1$8p^J^&hA3j!i*6Jo)L+AFNLiEcZ+PXQTI#o-^N%
z-R!LSU}L#|ayD$|bZ3tA@c=?0UiNZr&V$`yc<#ee6J|zHm2&-p{LHqSd%ETeK~Bsg
z(&^4S{f4ziH}ACSeY}qJV-ugu<8r#N;q<*&Tdg5;vMD8!+8Vt=5IzD1a@O6@r)$6(
zCQ6YLO&eQ&wq55_&6)&$y*i<l{AwuTse+W6j^gryB1okHh&8Sm(;dleY)|N@C`go0
zvmI3D1Blq5?i*E&)l{&8vS^LYplvkYg~r)&9+yYwhwdkjRz3kHUg}UxxQYTGlXcfc
z<Hd%jIj<8p-`UZe`SwGC1iB<b4!f-Yag?~7p*er*7KNH;PNWkK=0X+sYkI%^b&&Ko
zYU%zbeEhk;M2La%5JFiFnqq);Xzn{0;fr8@nsDvC9MR1sQ4oVByq%nu`c^Ft;=%eV
zYIGgX5r_yNb9<E+5CR+YkKbG1w!Rlb`YC(KJ2<yLzf6t)B&>LUtJl>&h};hU!1rWs
z!!#_fe!5+2{t4JDhG_wsg?IB~bXJ_0EwgYax5$WoMdBMimb?NyFF9o1p#yZEsZtR}
z@l)B_44^)JvXoQzoMTz-H`21?+6vCxB`u<wXqmuvcB##|e59{M7Nejpg245skTn+1
z?R%FgBQPbm>YC60%sAz~fe3`<4C{^(4O6<bM|{%#QAnu(%R%ys{RyP#WR^`+!S@zc
z|FnX?bxN>3{1^UpUIL#^e`%S`Pg(GT%+k&yh~Ra#f>WYuydi7IDl5gL4eSYkI7wnH
zPG8xtC$X;W07sB;tJ+%n`9+&Mw*n)+|C|VGd4xNWKrV+I=0}L#!ru*=2o>b`M1%`_
zY<I+D+)qgCxS_~WLY9+$AGa@GJ1IoZuUd;?-Y&uyiKV+qb@d`sp#|jHzMb`)QNVk@
zfXbA;LdUb1EG>M)Abya%asK+~BuiRwzHbpvrAeJ>pxKLIc(_o9(_q?jzqUzmhCi7Q
zl4FbJL1L4^gpO#}BBJ;>DGhlwdd`>a*1Ri3#$Y%iBLI4pUZGoXS-5-C+0dk?tnpS*
zaTTua+h~e<ks!*!-RAjp{`(T`#Li+Zg0O}-hR+;<Zn@>{&PcsUsLs_0-u~!zIlRmy
z>g$v1S;K{J+M(oCs<PjY_)@$#5$s0F`FR+6pVRmQop(K(3w+5Hx^=A*{b=}pQz28u
z>**Hc2u;TX{8Cy!jV>WHsh^okoY#RU_B(wsjN_X3)2IGR9_OV5y2A{`9pV@moii%7
zX)=FO0&t%Z{AKALmQnm8thJfdS9Li|w9-s9xhzEWMJL2RssqKaI-R4YZ4VRmUG(pg
zCO!5u&kh;p&KankoklL$6c1;oTxHLsBq*Sg3h|q&)g7aEqnuvzL)|&+X`Y?=8Mlzt
z9vaq^<5B*xm))uoKG@H`O&1bQ9BI1nM%lE;Mu92ly?b~Q*WJ2)4HZd8aRTl$&xeRc
zUg|EA1Q(2M%6ps~p_~&0i+bHZl+JTjqMjG1IZ`H*Z2v#r-aH)2H|!f%5|UKXgfbP9
zgceI*$y7o}l9&)vsU$HimXR^H5<-YVh{-P7M7C^`T_o9eV@wEx8OyktnY-WheShzB
z9Pj%c&wD)2@1Nh{$U5#W*K%Ix`8hx5=LF7CtP56(Kl_juk@(GN7uzdZXnu8i@lfc3
zRZAvnG$(pZw^Zi{N*-{(^+XBB2mT7sk5Da&4f~BsS95+Mvb@vf?6AQRdu3Av%t^?H
zAI+hZFdya>&0Z)fx)N!4OkfT-r_TJoj=KFgE=&(IZlYV{JZq>*yo%s2kamn?_ZXZT
zJGOwOM&34-FMZuI^&pS5mDEL+5^j_TDV0egAL6TDM&Bv?E8vV>_zvJgQZxrW7t1wH
z4=4hK54z%dv!AYIq&`OT3UO=W)VWgjvn{;lFQs$18KX|g`fLw*{#*a(P8hff?R#2c
zNk0z-BvKzNQ#Qj!w(Rg?;h@Sh8<NJK7N6(*6>!bTh4ooRjnv&966$A52OflRTfgdE
z#{%T<0pAlgVA<7@MKqwoX|c(Xas-(%ryjyAOK~VQmAWkbljE<i<^<n(f49PidN{FL
zd9gldEVgDuo~{(oXZ}i*;xyQ23Hdf5Emb)~St-=cYFRq-kd=R+ppe{k0~;AYPIh4Z
zR}5wJe}@Y8e_GUkzrOr*?)tNz0ciw(^Vmzhs;OnA(Vmr04&POoF6tdMJe5{=?<@P1
zt;fgdo{+~(d!4A4?>;g+)+X3ah$xq})Nn#CkHxY4IHG+>b1iQO*}%gDkbH^f_|YUy
zp7zncbxWKr)ZP%g5HztmyS}55w4xj)QX@^7kdV|1+N)Tvonu1&oV8wO0H9Ec5dUCV
z=wXw0Q*+MwQGIMoY!<JX))MJ*RR;;+IkWWXxQLp!4e^S3-MPmnnPTdEPKDhHC6;Hz
z-AL5zPWL8i`g&(X=~+Za3iDT%NX0zmCiE9t@aMuOEh>gZ&(s6R9nun=)Wekfle^N*
z)*eK(h|FHy!cD;P{d6DS^CCdDMPL64<aZRI*Ci5eC@wJZ?3UJd#U*8&5H}2aE}B<U
zPc|^$ek_W(=1zmJLT@qW>Igk`rzrIClqx*>$6Ct2HZ2mUCzyx7A<dgh82=U65ChW2
zAFEDa!0BKpKoxK6Rx$7d$>Kc$)p)F9A{xst`?;R9|4y{t-fL)nWyFc_5_yW*7e2ZA
zq&Y&-CnKAhi#x9)ZIE=nNkPYJ$DVY5u;(ZVz?&p89$xtBeAk1_FKd^VZW=gBI(iMm
zQXq8O=bTsTSvDkdm3X#s(dl;A1(=Hv`*6>nXISP_%IBY-avD(lr?06%U&5gpx2(uM
zc|0m?YyM*ZF91A+@kIi4iWCmN<g2wuFjn(URR#F2q>-9QJBsRN`eIQKGrzxYQEFC4
z=^HuF_Mn@;X`nT-OsfLbra7FSJNeN!e8L{sgqd8EpZ$USA(QV_>rH4ZtPomoFEAP!
zzLK`R<kk-6WI2A_NmkRRG!Wb-&@0<&x%E>_M`StdD|I27@~c^cE4Jsnond53xPZWx
zC5e4RN0!&~YeU0rQzMQOFZ6JWl<9}U%zoCa|7Y^xuy@?jc`+*w5hRcN;kNFrwk2uq
z){-#Fl9MpKePF1@b`#Epy*Gp1H3@930`w-|vI#9+gpsgCi}OweDl8(FCxjOJ_`}#>
zm@z&TLiComYgZazwwvAusM<Z`$kO}SHT6a)LtFg!dvDglOTr#{a#7AAcM&(@Hix!|
zdbC-6d$0PLPe0a;Qnb|6rn=PzC+7`gj9h=TT{UPtA}e+}^n2%Mr&f#+H#_ue&LB^j
zrQIm=bD(&W-C?^5{sMQB8UV}JsA(`>KSf$=y7T_2y6c3;9`cR3n>6-h-7`;9szc6l
z7hXR1ao;bhM70?10asIEmvU(-+H>2~tiu9b;^pXW){DIQ?Q5%Bj!%AHI`iy})le~k
z!g2Xi%sukR#_WMj-@flwpJX)+F&m*#U-R0soCcHVuGHr@a;TPavaU*X@wk`@)wz$j
zRVyo(B}?E=lpGYpJV&++yT#78eFC~boLc~3g3^7>7&O25g@&(s?QF^VRhRS?<Y#Ax
z>n;5HOxt87`LYW1jrK*m#yrU9&Myry&$7#Jhb8pP^QX04c`E$tKTlk$CESg@dql%o
z5r3gvp#-xdf2KRukxivfeKQXMNLGejo}h8k#e1%8-jBIi)X`xYiE2>23#m(zVy(tz
z6OGD{esD~acJN97-t?u|mzj(TkWwY~Z6ip$r5`zJsOn?0Hn+MhP)37uQlm=6yo2f3
z<=%W%<bZuvWLS3UuMM{D7Pw-Iy7TX@DXS>B1Iudv-_omr{<~zl|IEz($M=+vn;Pui
zaO}+CZ_DW^nNer_E=iaiJEMF*`J9>`@S3gsRGzc(uOa&0tDmor(9B9z_7xqa!K=f3
zmr77-r$Vl3rpTVI8F!&in2K2re4kTM!oSr>KGl$^>Cq2|HjotgA1m*PXN0A-0blO!
z9UDMCuk4x9!hPv$PywOXjheke<#8bL9QVRbqhtJw57<-Pv8+C6zQAJmkw#yykR@G1
zMZorsdW{0`9$KA!ddKrj=I33vgr+~S55;oTA51-rFG&GL&inRxDDPQyFjogwy0o?;
zabkr!oq7vWZ15E;9Rg%je;mFBeU>J+sBB0e7M_ekAZSVVLsR`FhE%#qo4V>Y7b8~w
zb2?lZcCho*E>D97_j6Ys38`&Z%@hzeLGr#6d<0`Ht{u~GyexKiPa0K_k=+|@<Xus4
zKP80oy7s?F{r+e8)qk64^&e~X|L4d5FLaXsbzCZK$Pu0`3sr*`Zf8WiDxJP{OITX>
zOTnMWtcmxWja3J!$3Yz3DuO7GMsZv8cEfSRk!?SJ{uQ{+1$cdS%;d1d(da*(%S}~;
zIK)v`4ILk~n(!Ly@;!Z3e%V|MHWmMHFFai9vW9clCu?HK<l}T<?L9Qpmf;*Tb)Wm5
zrT|pl4tw8=oOMuSmA+aI+juqE!!7}JUCJ)?6t}s0Dui2iuFoBk{8LhWfW@!1A8;@%
ztkG~f{HJcezm={T-B++-RHlLz`zkMrak(nsWBhJG=deJLrp{_Xn5;oAtfJIVUs5+M
z+%5f8tS*@!_bBQ+C(y+y`1f)A8G&0(>5t5%Lcfh>s6B9B9<a$6v~zVOS<m?Dp%t6U
zBI`sWuf)hodOIsGbw!`*dN(v#_&9!|IG3TqPe7*@VH?TC<_+pHfS^mO^+nfuLHA18
zN+FWw)Ek16cJJ*=e4YpqhuAoV(`%ju*TMz2S(Ez8i0&DeHdH(4a#WdW;U#@<Nm15Q
z-7KZ($ElQXxvLrDLuN)PJxvLookP5Ew_PmUv9|kH8_uUWUUr|d=6r~MeZ)t5zV^gh
zBCRDcHK)*Mx-YcSj^4fjzPH+_r(O|Wcd0Ao<nXX@t&z-%V|Z<myRV&D-*STMQ=@37
zqRQYyfd*WPtY1rAe+cgrKgGR0VttjV$jCwt!hyX;oj1z~3(E^?*LogGk*wZrlXv9V
zJ(wtss6Ihdhm}|rW0^0CYd#TjnnE|)&Y-Sj+3U478{XbQz#o28T&Jh{D4(HYrXQ&n
zTS5E;s0NB_{p&X{&yQ1L4D)5BMX{Wv3?}VhfX;)|Pi^0e96i_5Gu2Pr=if-79<RJR
zj*cJ~qCzWG^WnZmO9HKS^gy>`mwG2hWIVptxXk$AeU_Ggqxhjz24>K79GdfDV4f#!
zW*@vSvpM>f%M-WC=$QMLKDfTrmUiq;dQtAw@F<k?BwfuXYjN7w(j_nN?lAig;ebP~
zoLcyaw{<@MT;o))hb5otikf&dH5vNOchug}dYG@1LOn>@K8q_sH{$ldePgb)Fh=Lw
zZ`vt6EALg`jf@mE%SqkE9Q30S!i!gom_}@`Ci1T8eX}z7`T<4-pt9%MJD(hGtk^Uw
zcuS$_wvlZmCB%9Bfnj{+;U$N@5_YGlQP+HzKKXT}RKuNqlm5(*bnJkS-u;@E8BMI_
zKeHk^#&#DLWOLGdu#M{BdSWozIn9C4{&OG?*OY0urc7P!<PWb)JmZ+~dI3ro1vOJy
z3rJ(@5x#Q%@U~l5GqkGZ?DS)38tqBrdZ=1D!AteWG;R><@wLJyDkLn{Y>x#l(Y7hH
zS_A3C$q}tsU+7Tq9Tq-FciXL!s_Nok#qzSMIPI6`{|X#Qp%h!gF5Gjx^RO|4vX{3D
zW|PW)BRe}$_JuvWk4p{@lo$?Ndt7;J<}_AjJYE-Bwhb7*R#e<GUrIH~%S&D`t+@g9
zB&6H!tT){L>4-|gprO=1-nhEvk<88GX@h3YRaB!aN~^ixFfu^fiAWlAO{S~WO1dVf
zB{A!Db!`vx9+b331uKw!ejL$bjTdT|4|a{OEHD#UOV_&Mm3cmF$ty@pam+P-_X(75
z=Lw0m$<S{rQtfibKSs}3zO#%t(eWTZsyJzWrd7Z9(=zm9Z=&v@BVopd*{PZ+^^x|N
zC&a#x8=u4eaj+=wG9~9;!%p<o^UXQo{0P-$D5P46T{)`#OHEVEMb)8Ye)QCj^V9XW
z=Hia~<r)bWlRoNecx_K(eMrr^t5^Tnq0uhk$WpZOxmt_ju99}A^gi=%Jm6-R$=Eo^
z1!{#6u*ujs!$*^*@w+EOEnnY>uXN~j&iR+iIZNL1UtwMUx1ayFrSAS$bN}z>D)jcj
z*)dAJ`HtD@-S8^QcqfD+9CEs!r|25&?X0Hz=Vbqftt6|}eNt1C-mbd#sPh@2W~F8i
z;+LJeAK`b8Khdp~4wO37>D*|-es|}?U1`-b0|rH$E*EsXo;*Jb<BSWILjhqO2|Y;{
z8SPgThE}^*R;97iy&JC1V#?nI;m0>J8_Wm%$Ia{TezdJ!-`M8kBTwn`#k;?F@8-1;
zn7Lmbs`<FB8Tw#n+N9`KbeyZS?}MCo@rBRS>@7PKT}IR^3f3Kj8{3&P@2t)IGS9zr
zYCr7ogcA{Sr6^tbpC?%+#)petXxL9{vTU6tjvt^eo+KV+dnS(UGd<7h3s`~Y-NM-B
z7)6m2Ow0O<Cr-`|R;e%yOUGR>!7{5sdS{3ldb+IWzL<5zQL^*i!t)7_Smr<ZLti&N
z4&fh8iCxd0)0)**))?t_O_?ZF&2w>ACiDm$J#*^j0hw$2=^~9*@`p!BU2)eYCoQXE
zZBLctIkLI*QYM3a9zS5p5Pn%SCpV@4h5e!pzzmbmJr1os9A7M9>b|KMdh?NOTORuo
z(R871Lw55Xv-<oOTr2fi-Fb<VL7o;)<;B-ylrJgly~9vhru4R`?0IChr{?_02OXuC
zqbALq)00|VoE?AVEC>HMavQwSKYedWO{yF+iAp|&dA4Yo5%q)w*q>ECUltkTlElmW
zFFdC)0Nfdj@y%;TQNKJ+t=L;HToaRiSF^f5c*8%ZzqVgi8LHkz)Me)fbMNpjusJ!I
zrklgEr#Tk3_Q&LIP^8zQNn{i5y^w|EItwf7gSo?*?h7e{YRWe5#$?U+aFsPd`7S|M
z!}%8fZAQw6#IM=s)6zZXe-9t5IGh&s3l8Eq!X6B~FpmJYjpHPp3kUiM{<cMBT^Vo0
zOLrJO*b#T^*=9!ZNzP#)3IGLthS!MB8LgR+GaNs^*w-fD{rR6Y`$x}YxPc)wvAX3?
zCLdC0Ws`mU>Um^7C@~SveBE@lq4U#aWo($pX`DgO>szueJq9>d!5RPzg|@LU_0S%I
zd@abLYKT#GjNBhwsp6HyBoOO%-5^(<m5YAT#i@W-9(zeuQaA7{cAh>G>+E{$<A*!+
z^)1}>kj83#%h{9lzw+sAE@>&f32t#iv4q5z;pRc#m-dz?dKk3TUbed3ciN2d<gxi(
zSBW197HkaXI=sX{@3SR<vY`4TDK>X#MqxVH!AGTed`Hof1M(B{$@^xg&q<pJON`90
zYI!0arev7XUsYPAgbA8{E<bWFu;&DE;4IzPv8$76o*kZ<X*;w2aNUYEBL2fw@_AEB
zo$z$SQz-il^=QV3#_&7$;*s@1PS1e*89W>YM+;kr%k5&H2++Bj`}M;I<;5q1s*9g&
zKS+A^7^M%a+0)Ula7BG}5d-XMA#zY3$~OOPW}D--vbP5O7}mkhb}!aO{Hm^PEB^gg
zU`zE5o&g)nG-W~KUUe?FvSyLZRGoUQJ9FBR!3xGZjOVXKRcBNemhxW_Z5%(EvW70h
z33)YR1Ev&?TmPUzz)#x^k4V1n8NJn`ES!Jk85XxT9(qAkaw~~<i`!Cz-?@AZx70>B
zwGCB|jk;cacTZikeUsVkp0C);RyjS>$?MQgxIOxAnYa1DYnj#=@<XOEQjXF_QE7@Y
zA*o%7RxVKq6ECXLvr8w*jpEqx_PI>wWa5D?UCC_N&dA=Rmup+yv(fNXOuoWmsz4(1
zy2L~5jQjQ`*Nt|yT4@iYj6Mo(Oi!uqQf;YvIc1x+mZ{>B((y0~cXDkZ6sF(1{!kAW
zP}dkJ7jg3S!QcGpq4>*JT}#$(S19g!0d((f!247F>l)1etVUDtf8&7Va$8%^9Q<j=
zUArnq*xtNwU@$AE_2ltCLL@a(C&Y3f_dAWLE+aB5tBHkrGY8s{@5u)fG;i@|2SP5?
z@w12>XVE3@*hT4aGW<__lNag&0Zms7DEep3Y(9JGi^Q$H+j|y(z~4{Op^#;Lwh~=6
zx8ygJ+vQ;?sotaXocccJx8V9j3RQ*bC;_XiGQ+qoaP|<L?02YJ1B0?RI@)o6y|~Qi
z-TCz2i<trG&ugEPsmoI9saG}_c*i#2Lup&9H^XXE<LV7_p6zwz`(DYpjxa-a-Q-x1
zE8BQSQuTUZL3R_e?K1xZ4@FqVexq)lNz%LzbM1#)(`_Y@@9s%gF=HG3Flpr~Ya-_G
zDH`WvxBIlNQ8G`aYsgqXLbsLhhq`bv8?{VvhHZcn3P2926@l#xquLQu<Cm;e9ZjB2
zAZG3*d!TgIs`(p|nnihsx!XR3=iK8LYDjxf{p1dp^vd;|D=&Ol=i{0roZ!0OW|t2`
zZe_*yqR=iZJz@?5#-bfo;-X2v92EIUME$W5N4svGHs_pTPuiQK+xoORMqFE;WN5r|
zifHk}Jk6qL!3J#oTAZvN>JJ*FD})(zhjt9;XW4$IwZ;hw)O}GOxz+y~oAzsiffTU7
zMVU<$VFch2f*^@D+ms$2OHa`HN=O|nybN*=hvi2a*Y4agSk>6DunRlx#Iys$DT7aP
zU3gF@<kT)gIF0Qn7QZ?=Gj_w_yWoYuPRWyp<Q1aMvpcB|{|KZ|Q5aVUR>jmx^!spL
zkjKywM0Czfm)(G!eevAO7%rw0dpJSi$Wyql**1u`w}Y!|us^~C#*eGK2Go7yxdX_<
z`-1B?Q>byL07Yn$;+O9CmY!5i<*d5kQZa=n-fnfyF@6Ej%mo}^nXrW*qQx^$yJ?-@
zDx11WS8o!MuBXZW((@G(AbsliS4#^QMq^pvVE`!jf#;DiyOuEl+M~N-8)DZp;s?W;
zU#zH-ngh+%hPD3O9hrRh7Hz_n<pAlDN_DOWseLzEj;Eek5;kRj!^YmZU1zvBuc6{*
zs!8_qU_+xn$M$Ry;Hv$P@SX>_Dlc9@HP`fj+JP<+N2iDpFR=1I<u{Gn8PDG;>l)p@
zedzPn*M(BdbIti*5K%su)_-6r@P1RL=3$=Lu0e@c?tyJTgCT``Q_QIiYLZT)!BuC+
z{V*5*07vRDMFs9->$HwhY9e;??sn%naE5AaH922Yi!P|N?hB|GKB3&SwdK9k+FS0w
zsq@<;6lwIYfUF{{J|?l*MdnOfewZ5NOwVj>$HBUz$KHdLHvi{66d*uqu)ql*G;*mK
zmAQkpWC9nAO9<28RQ;+dE!30gB?DQTi?i>=f-!+tMHuO%t1}qZQ*|b7>#ZV6kb^>*
zQc;v`9dG!T@N$6xfy!KE*VRBpfXgUOd;<F%@I}{`Sd7%lE;O3&1dje({Y(e7ysrox
zR}v1YIgc63q6t&SlAcil-PO_eSE~<n6HN}qxoWHi-zhEj%Z}?ee*Nj`^Ldp&=>8l|
zegx+StS;PSrc}E+it1RAjZ5izdzJ8G^~(7n@y2HOnv>AAJ4uHHnV=@dZ;J{88j9uA
zv8I^XEIIRVM5SY1b4bN!)=pY=ZlC;HzQUV5Zj9INlvkMB3$W?}vx9q+=Y)IS`^-9-
zzRzU+*r4T1yNKPI&$ncW)??_JpFUTF=K$dd$gg1OS^!cK>V=JRNIko0g_j%zd&m0n
zb#GSh)ZWJOO}wK`yM6M*-Z|k9SA^%={{0oHrPw)p?m2=B$BLiCvjU$LY~ob!DRAx_
zB81Lq3yb0(Qi@CBChs$Z_uhGoizR=K;GqQRrE|qxeH*0Rd8~pgG6E<#+FIC?w1y{N
zhV4k~ycb6;=&uj_{`qX{Z9k0r|Lb^Dg&=1NtnT#<RFZ`<nnJ1t3H~)Yy?GGbrQwTD
zsLlTCcW;NZh4GKa3-D)BzM2cdU3HipJX9)ApXJ)=FfB6|U7hUsi0o<S^S-_S2zyk%
z7WZ%mC0;}t*B0pnyY>x9fZ)&ZWAj`eXa2EhG$^{1qxz%kVu8U{yRy;wZ(9V`&xi1w
z_<@+QFJxiJ4IggIQmP?I_7t7&>$=yyX?5|eB_DmC@S@SUxgF;g%{>lg2X^G%gK8dC
zOOqOCMTTFwr(w!Bo$3OQ6vb42$>6w1@*Ddh)#h(*h8vn-Y<n-7^%TWyQY>>dr>}+_
zcw64s`(y*W)_NA*=_|$SwFjI32j+{0*6(SW1kqF_{8gJPYUwG?8yri_SPoSJSb^kf
zEw;o99*Ta(s4kB_w1;vhigQ0rV$yVC&H|ljE5N_?KQB|k|B%=_qV#zC@Ki_)RSo=l
z0a<Rvd|(O@U1Q*P5S~57=gfZE?SJ<mFPD;qiB-mVl<bUL{s<libkV>@v1NPB*)ZnJ
z$CPT!ESS~O_rDZZROOsVbi0o5Ktk{tDEL*|Y<{TP3s?{vs76y4(1?Tt;bbqRS8j(o
zD~0KW)WOvbHH8>!Zb{4(d?WliN03En0r;~K4pu}l`5B}(>SwRI1(AlG4N#sldv-8#
z@9v834yV)9!LY55fUb$q!{xKSk}L_1DgOhwjkYz=DbMw`cU59`ITz>e4=@|9SL^H?
zE}2fdEzCZSyrT^Ya*X&Ns1G1<GkQcgX?s_3S*BUa_(dzX@iXyaX+s*9sLV*5iN*Ej
zycMVh?31y`Q3XCokKid%L=$I}E$hVn6GMcjSK}`Rbl$KxmnNhK3n(%I<S-}q9C6_|
za^CZk_4bikpiL{ZaPlrEpz*y|=m$vZ<Rw|J-F~s7@lJHJ)n9>GY<1rvSTNzEqz;|L
z_HbQs?$K$<U7rh!@H=KKA}SP?z6=7%<*=*Py!(QzR!%p+Oi%mY3Q#E}ID-9PCABat
z&OPtoW_*G3uYc3(^8i(jr>5axc`|Ru6deg*aZUK2Fb~3Z?{mWSri82-bb$24X0jWD
zsJ*k6r&*sW9ND$}uX4yO+zU^r2s;<RnjQQ3Iq7a-X`Y?fZ-k#-;k^pz%Os#faP<_U
zG|Vx~GliF(QuKa@?cmTfXWHpb=q`)H*E<ZQu5H`3h35;FI2@|kU%iRcPukKAP?1@a
zFRaq~S5d~fD=HW42n%<cw$nBVT#R__)@VR#>acl^*y!zKM>GNnvGExfM53~amHAp%
z-A6&8k@z)l{($S-3)6r%p>qcMsLtEj2hzWt5S}_PN3{ENAx2M~wPfT-8OR)wEOZMe
zP^aI`h^c3Y0J=61TbpHtUV_0S3rX~N<Q>rrRF`qq(%~KfmoS#*q=H@@?Mwrs-Ar`v
zCP^Z+a_tve6WrU;*GHTs^Yw6Ar>cA0>N-O8Ba-vt%LTa%%F;FP>R5OXBZtub3ZN?W
zccomAQ=)#ksv}kKmgx-o7P#=0@C$hwt;)qJy`tjf8sW4ND``!{L1!ue*-vyTWv|Xj
zXATtqOvspt9DT4fKm1FpKzGzso4a+oFylSCN0=x3mU}Z|H}Om#<VZ%@$52^6J?zEN
z$nz!Y`UP;o-%u0Xvr3s>r2Y`&oa3kR&T$n<og_(^PygJh_xxF*{n@<Ix!qBunRyAW
zix_s@i699C0pQrNHl=Y1f3+yCaW8X>`Xy11`R2y{s6%KgjSRop*)=7gk`?h+z$N0u
zQXNzf@zU)@?rD!XXkWtoG$7i1OHi5)K|WS%5^Y$}Hz+{v0Q{XX5KtXK&k^+y%Vf--
z|2jyWGp<$tDuq18p->E^IX99LX~f~E)$T|auv<WA)As2LKfYI;qdFG&YX6z1h^Qz7
z1E0f;r9q;_)qxCaUksYFqd2|^6h-x|Yxk{rkXrTB@IgS%sxCrq>V5~&Jav>&qDnas
zMeVl!@D14ojg6Njhay{q+`b)&W#uQf^NY*#^$`)Vu?TT^fdhxPH&|N_hDB!vdC2;^
zdTlY2{@F}oyug@nfb16*G0&-mI0vr-W^Suhz9}LO4$nKk8$d%oGYgPgW^MERNK7D_
z293p01*%m6)AcA^!Ro7B_X;Aqj`8(e?}=5N=soS|B_6f*W$5SU?6u@EtZ35H=eSze
z=!wZhZ*c@rhq{I?0#O9B;^^2(LoC2>P5-6o*SCuSY1UWO%7pfYw`tqa;xk&0HXk6i
z<_vk2mInC#j_ZMB0QqJx{w9=``LB+`Yqt8F1$P?(#gGX5y;S^tF1?`puDqOU&&!1e
ziwq=w?H16u<7QszKI&c}T5NXJ>c!}wR*a2oz_r(I_b|*XskKm0@pcQwjiX-z<(bP8
zK{Dzg2k+xGPx~a^Y-}xks1xubb~g_y7Hp)2d7JZ4r#Y$kfg#Sp9-dP2jl7Zy_HO-;
zw&-!LO2+K!p5@XX*D<3~@6nCgb8TFs5mGO;7z)!n{iBVe>cEdR3;QcDk(7w%hFUcK
zb1a?I3)Ph3is}gZ4D%4^Zk`*1FV<ikWZi{DFY<36KcQYwQU`rAAd06zHCi5gb41iC
z8yRWeN*nBO3DzvK4}ZRU_H?l4Gk!WC{@xg;JcsT9!PBGz`~*aoV9Fo|)cI0s*FT^p
zBoVs?S<<@1>fMMRMtQ(FxT>QP%ff|%Y98U5b@K?K(uomg+nx_7jwQudb>7kDwg>0V
zO_!`(0mKmWgK5*7#O&h9^w>a;RWm9C@SMopMCy5!wIW!G-8UY=9AH~sguk<(tG-G%
zI?`!dKdtVQpoLsRPNj3hqxmPHnqS!6ZJ2Ld-AQ0>UPhUbnP_GWUxiKO(1FcxBcA2I
ztCoZ189)6&et080KP(d$+DX<T`*=NktC{|Dl(qy|Tig2cQa_^yfp|t2vSkCSiG#qJ
zsBq#D$1b8#W<b!54%48hpODo&>wB;EGNTw+THFMetBiD$rKpbWuh;R7<d;~oQ&j<8
zZF2Lt?9h4c?~*v9>+M&JF83h8xPqX$P*A-@gB9<xL+O`>ydt-yW?pP@d#Dz>P;&|$
zuWfW`$De~1f<^p1Aa~Y{9QyY(<U!M0dw6ev$5F&lQJRZp*x#V8lQ)}hrkS6-@)_dC
zQ1ccBX^5HmIG!K!tPgq9hHL5L$*Q_;;D6Lpw2utN)|E74hPC66cZ|>IUeuf@>vRpe
zh+Ko;!IOYPB@)u$@D@|!%Ny>;1<g;I8wG!JU)@Ok(Z}ek!AX;T()JLISf=BffTAru
zp|3Cj{rCm{yCpx^ajlcu-AIj&fKSzNlyypi(~%(u;X-x2_=BC5MibjeKY#4*oTiRA
z{w{URE&BLv5*izp7?R#?zMWKGeY~vZNBmTfzdM-oh@rcTEKK#fB(7&}Vj?NhNtMt0
zBvdJK$Lr19HLHoZ_sbiptxjX+jbJqGxILAc>@VN0uGuyP;^|c{(PiUWYvT|{G2-_#
zqyo4Ic{J8F{3fVQ5QdClX%gBBre%m8TpU_0d3O31{<Xj0<UNVI(`BXUmaotuq*HPr
z8TjG{RAc4TS*d-ruCA|-dN0tO!IYEfqE3`8J7G?tmqssPSHs5eLIgWH#b1LGgls7?
z6-Qqv4s2-|JpM9d&n_bw^^UVrFz_rkZQ}=H=t+RVfr0_O#ZFQ<1d(srS5I;pE$s+u
zyB9ilioeDvqtHy^{45Nl1W3wYS)n2}uy{4v#B;}8$+vr!<Ep9C2X#U38J^_ydcb^~
z_qI>zZHh&l&ZCjWlCDu&xHxHhJ%%DgLbDte)(jzFTV_GYJh+tqxU6aag2oas+p7<P
zC+Y!mha2u?mvN3(LKe<$Hr|kyq+)7qR_Y1F;zTyzi|ESK58E%iJOT#(2+RY;hSWQ{
zCx`>V)1IGsrX6Gaksk?HT&&rzrQbpA?gHM~dd1uk+=Mz^0tJ)5$*FV^y~aX;N|WQo
zav*y%KTy)P>6g~;NIP!pzXCKnA!JK1Jz|JT|HZ-rj`w9a?&DeNpr`+;1?@tmZ($Eq
z4o##$z_W4k%kbleQpSwvNpXk3))!hRD~&*Gc#b_8n2VY|aVp$-3SFM#)pfI*I!51j
zz7t<gmE>8R_$yE))R??KOORWd64KIB?0foLmr`$Wu=QwXr&7E#IUxL0-_w&m0*3|H
zz{TPpMRl&bn@-T@=(BiZXMj1YJ(nwVO7DhG@|TDq^|x!-B|#QyeBl+<30OFX-S7Zi
z9?&l&#2$E-zjNj<D3<D)A@v2k2wXN<geb4X+bxJ}>B<6$UejP*`7E4S_UHlEu-yTf
z4?_k8pD%icPSm<AGB_ddNeVbddx==q=>~-as@MZB8E@YTVs}`zF*F>l=bqR3M|k}i
zNV-l1>M0W>4B^PJ>E2nBzFgN8F=H$|R(4LoX;E_!JBH!O_HZwwLurNLeKlrJ9;@ZB
zMwgg5Gw$5lu0eF`BVNwx_-6sik_5k)caOS*`VbSMrxn3>NFT3qxDE}x8lk?$O+$<Y
zNn2R*TX|pDJnKM5u9`aTjFw$}C;At5jZnj)jSGh&`(|l-qq>Lh4{D`4J7tY{*@c<8
z-3g62$MNE;nB0VJQdw?Ob1$j8^fu1m3QI%Pcx^7<6o#j{$a1_v9gn&?dHV|A05Y;d
z?$JJD=S;Injksc5fZk~v|3hTQ#~fE{p~mT=*@%&0buRs1Ve@p)=afIy${j~}#`K|g
z6`#9rhRh7!55Icx?iF@9P(NvHPS@Bx0?ATYkI8dxL`$}cK0iWNks#ArC*+a$XzNo*
z2TG~$2OJo!pEyJ)yoY}c>B8;fDRGYzh1i%TvP_A_Ujgy!RUHwhFLm;p_v1L}aZ$%t
zC`(~*7##{j@6$yw)Q2(~%aU3x*zV7KC%#P|0xij&5~oqz-9SF;LddKAdiCIlpb1UL
zc2F~+98uStcKT+IVd^a<esR~li3Ar>;fv1lT7eBBS0Bf3K!$N5yepTx{Tt%1Uh+MV
zG<Pr-sLVbC3J_bK3c`}$S^R0*ZSWxq4kylYJ)_fFBj)Fdu0!en`nY?MA7mlu!NTBz
z4NIaaY^N$@*u_)v`IMeUQMliwI`QrZ_alM!{E<s4*w_A;33;7NzMnglzp=^@5zqcB
z@OFmn#D5h_TYu7-#oZ6->rC;$uo2PVykH5QiiL|x1l2WrreF?~eUkb<Lp04fTA>$D
z(w}3?59Zy<1*ziA3EmkaE+vrzBdQI<r91YFyUsp8^yujV?pd!~^f*Rh_NuOq!Afy=
zB!A__wKtS*<?%0qPyQzfMdCk{VO7?;!1!V`Pgmgk`)bNBh;b7rdukNOoF?-s72fRn
zQA!gUR_m)dW6Dqh+V=I@<tM!RNL#Cl*fN=`DaACQ?*LI7x?w^K5P-;YP<Cu>eL)aC
zB9Pwom~*$2S#NjQux87qrV<_OnswhgNI%pZ1KPz<5ss<Cnr*VS6m`p8&e90e-)FsK
zcFtAHw?6}{os{!2JuVPTIJN~5#*B@jOQ5>uVj5;1a&*=+?_v%k#e8-jI}=2NDm?LS
z4f6=O&HUutyqeE_MS&gp3j6YN6}>GVE#G$&L7S9qU;**n?cswh=CE?pbGcc3f>eIt
zFQ|&2@FZ*<yS^E_mJddC969Dp-2ft2TmWsSN1U~oito+q!<T5Dr#uvVq_1-i-oUO~
zSR4bG(npE$P-L4;_nZR%bERau`g*f2dTRv2j9m@ot1O`q(fj4^$Sezqm-1$(@8EU}
zqR`9D5;SZ&RCAkpf1eWPHJ?g!9arD_vsA_~ko8CF>b958trI`$_<`k1$8i8muBjw{
z$;f1%<g~;x61(?wkoNVrs>hS2soe*CuFIn@#@h(F6`h6bsio!-lJr=nBiph`mSda=
zW3BF+^R;|z<byz2>xmHLDQ1iY4NTQgWvO=;B9bK8{DRnv?A&-#z|;9RcEcYi+>3qx
ztUt$P(^&THa=_S%gKK7h9q_@am0Yj=%<Zk@GgL*mCy(J5vPMJ1OMf*caK#C4ZEi}f
zprswOc^g$^Mf%oc0#XFwKm3n~2%(PS3XhEAo>%Kd+{>dU45%vL>Cq_urCFr@(?mIT
zB^tE#m`3^;Ac7Iq#19BIVtrQdo87uKZjRtg5}OkCfSwvYF)A<@8w{qQiB`ZMGbM(w
zwa45Cl3{;7*r{?@G)r)ie;oG{Vuo@}2wyk`{1n~eY%usOi)|lAK7B0_|7>q-%*_dX
zx}b38Na<O~7|nX@H0SMolqAOw)I&Ef-Jlgc%P4;n?m5NZ+?OfmNTiunM^Dp=@J!82
z<U5shc3~&)@YfIx_7S6WILJ0OOXov;KwKHlBM?2TR2agW0H@!axR)Kl+vSLCQO`&E
zXfg-5m*ePF`dre|sbh)fEkP>;?pX<;n^!KM$yrYUuYU_WAv>x4!i;Ti-fzZ;&Uon~
z!*hdEfCt_=bQaTge$-g?w_T{`oja~At*g;Fd~4D^LW=r6qTa7cSCI`KVS2r=V}{y6
z8{s9&VhUxs7(CLA(2hv9_oL|&uTDq<9=lYR>)!RMcPbC2ko8xc@6j!*yuCSp1(bT|
z819av(DFof-xS1?v}E+nNpSxmb)4ks^WPK2wd>J4{tDc=F{l+Ql|C}-8#k)$%*#P1
zQ7-^HIideoK)Rg{T(GPAB9IR&It=j55s9^nLhZnljX=VSQ<={rxRy7d8fTzbsgsu(
zL{cUmW9yOAY%eO7c8vYXUry9i+^6WR{*ULr((etv9$XQywAJYCzuDo5Y!qkI$Nsd@
zXTqeMOi`p;Muo>(iT$v_%Zr!+2cO5d{xiG2eoJ?8!DkMoCq^B$xRC5<u*d4ksVge5
z3z&g=qAdvf+JQHs(uKK)4>ac_;KfJJ(Zx?~yE3DFGG(-FIpoHL(GKj&0QV6I2oEqL
zxhjNK#stW&=&1UOiICIEU;fs2MpaKIo|B8_DI>Myf+i5LSre#Oc#f+wB5RMY!zO3;
zDphfJ&3X{RJ9V#?j=mvXJ1emeYRpfp-s_C{atBkGG8n9@f(~j5j6aB)EaIvU*gcxA
ziUpU~S-69hQ;*q*r~z?vTBv|bY{1ItM6KI8|CB~DM#;=GkcldHD^ydPqWFPmUFn2*
zc3|Awkk+(^(u9W(t21wLT}W-C2fM0|ApKn#IiKJbXGfWjRd#ENQ7xywNtXT!DH2{m
zgHy#Lb)#A3kYgaMnRg@DgA!N@-I5P$GAkcBlR(C;IipHyaFr{F55zLS557l!&`L2u
zdBr(ol{(~9Q&90<R`#kH5-cw_<W{EFNc|O+a$n-NJhILEuR!DyU6}8`Lgq`m;5w$h
zEd=R_z+bsrVM%&vy}iypy9>QU>C_?n!JpbjNAb6|os;4<g9UCwb&v;z=^62|Q#gqm
z-%Dq`Bc^dZ>dZ(`qm&7n?=_r30f+cjrm7zz0gYu+S!U{cN#CfugnmX(&Cn!PzDgH`
zSp*VG<{Y1b`#4a~av1xZR7WnMH9-BQ471XPh(HP_!MMk@*j4R(E8h2kjv-XWKy0d@
zRHY{Lb5LDGy-y2>Z>oVp*Y7;b_s^@FxN){FdOk`X+VraK$+15MP?8gG*GbMsIFu{M
zbADT+cR>9U>|!~h_B?k}f2=hFMswdb07U}J<h|j?t#%8qO64M5kO<X<0xMA>^iJ^h
zP`RXNU%IOEK3Or%qS;$&T<@-Ilepj5F^DI->y_RCqW$Al>X)Jj{yq;}0J^YrE|cxU
zF^_1_lVt_e*%MqE%gsh3bEZ#d9e8JdmZk8=XgG;RnjkU4qqzlON$a5IH8zCQtZO5$
z%Ts#KLJliav|S`w7&8u}aI5g3v>=Z(kO~Jj`syvpB_x-f5Az@ROtS0`S(Z`Rj%i)u
z0Lf8Z3+^GLL+%JHI?gg{d`|4BIju%38q{vX>--hyyKbvZ0pyGqcStP^P8+{~r^t$^
zSNg%?2fLbE8{yZ2Y_#JP%NYns!8fUggXQhj&uqE{j+>aa#YzRMH$epu2B35=0GPO9
zd1P!ThIyeH^hk(_wxgZJl(ed-fE==lm`IcuVTU7d^dF>9wq&P%lu9;`^82?q1pSJ}
zdURt6*qBX>o|k4tT3^#u)}@w$<(I*YgwIDKqTe%B<Yeu8j1axzHn6K2N^612I^WrK
z@}ahaO4seCRq9iB;8Zrbqys0$2b$PB=*16O!SVMLXATH1N+M#$;MozeW1yca_Xer0
z{ITASa!A|0WA0$>bU5wVq{3yP9It%`W=>J2zR<A^Aj`K4_D|zk!njYSX|wSfvyYuU
zL<i3~^dlNj*)(nj^1kboGthbq+G&PAv1jxj)R7s&-MeRUU}rFk-=P}ieCi!&w;A^=
zQS`GD?2`MF2%{!-G`llpw?Pv<)QLBUWK+*siD}T%6x@YEXclUY4>W-v-s;kQnqv4V
zZ+gqX5KrZ)#A@CI#+@@gjccPY@y@Ow6)Y?@yJPea9UW2WIm_&*%Q*q41<Y0OA6fC=
z>m7B*Nh9J9luY|Hf_^wH7#uZQ9ZST7C_`Z?E82*tIa?13gIIPL3F19!(QcHSS})Nm
zw<=p};yGn`#KhAi-);kc4m%#iL*Y4}%m<b@irqxfk2f~;Rm(RIN>%r6i23oF_8GI%
zw2EV49`GrYF)p%Yf$i9cE(M1uLw#V1u8d;eM@16!O<oo%7+vx99BDS^YVWzRzU9?^
z3=T6kOc_Y8mLs*xtj?+D+hx-ToF!(AQnLN&%TBKy2kpX|SW+x)-riuYCRB@NFVuqc
z^v_^7q1e|C8xyli`Fhje_6+U&;<5;UR+nrT%*Q4=nDIq|V4arUCcvoqM;DVa{bo%o
z<_#gZbI%obgNs2Xi{wFdL=;?sLV0i`>nF^6##TsD|FwK}{Zm0jA8BaGw*L2?gZMR<
z>2>S)4U1Ub4sA{x=w^cFR}lZ%oQH`{hDRW}Z1wQ@?5ZK90fngyHLG1*fIFUB2iK~P
zPiW{rjEXOj$uYaFLkwJVbE);kNDRa>Hy<PoajN)lc(Uw#8;h0GIhw^i(K?4xow*6g
z;oq9m{gw}A+yrq&jk)eKnm9BDnsVuy%dTA>-COb52$`MPZ=;5h4pd>~AR^A(qp&*X
zE%;O2fq1k;m?N%$&}XZoZ(4l4Nii|3@|Q^x%lHwvQ9Y{x<nJG-x1Zt<w1cp6vf{;+
zR^#F)&4y+Qq}3yksF1ga_@7@OQp1cT_6~+i@XT}#K8^T#u37&T;2Qqx!ui3)tkMRW
zQ1zi%sz{~JLsd;^n?vg@FW{6Vy(t-)M(X-F08ZPyP8!%wbmk{0@e_2dJgD`!Z33oN
zj!R~#El@|l#6{U-=#;)GDsQg~cb`(AE|h`{ByBAba~fBT*M6l1i8C$81wZ;3Q?GV`
zz+tM21hRdYVsa?xKtvgoH-J~^BBXwIKFeWX_hP`rht`sd=E=gFp6#$I7hGLHw(a5P
zXhyukZ0D(RH}VumyfwUbuMRd;qMw20hOuTvJkly7yk{PC#KrVyUgW=n#sWDsk)mZA
ze5GpEv`lruqr^kq`SUx);z)s}VWD#&z%3JrWeGQ8O7L^karBTE!w~PvJ5KblIfSox
zobPb5=zstsdv~qr;W#yw468H+zHPv<%&4KZcS0)-Qqw0fvp*+g$^1+cPR9nsGif_p
zsL7valMWZQ^WCDo#RmZZA}Ehtr%bPM%G2NJgoO$Rx?>IZ^#mF~ZzrJ4DJGtw00(gu
zfzwpJuPvK^y;%12&w`Wa<2B&IHB9mL0@qGiwg+MgrbB<q;nN&6KZ>M78lXuPqXW@j
zdRCIixzmH!2GcqnhO2V%&bwIO{>UgmjI!|R<^Ln_tOm%ozf+1O_d3iOI}C1iBY_Bg
z--i!kzIh+|3Kn(=Y{?7rTg#&xnu0V{-qN^N&5u*ZuGWO`6Tt?Q2S3#V{wluTvYxi1
zy@`LYWe~m7Zraq*!^vmgPqXB5=PM~sDt}1OalbsI$ftmTzq-L-*A?OasPa=mTX$;E
zwohxzsFiN=^7M+-m8?5BAAa$-eQs`*^mWhWypY3!JRW8&8_hB`e}(xBsA_peO%6g`
zQ{8&IAG{6hT6m*D9YFBt+vUjoaqg$n5iMZYup*hatFNBSGN--rvc<kqz1vINFs@|S
z^YGTBi}$zMk)iP4%kpKs<H(Eh-k?-C;bPe@P3}c}E`CQ!(&)Hml(f8?w9TGd@75iq
z;B@XesD=teFR6{D(;f>O>#}%y-HNB*-!Duqy4Pe~Qf7==Z0an!YJZk54Wqb^kniLo
z&*$5!SfNevhAE0>jXm=_M;FzdRqrXEa2yfHqlBW1Y0MfH$`BcZD;RSU7yKlmovL27
zDP=})`C_WX6EcHzRw0(lO6X-fb9j(_0eWG+O_*<(L2juq-vreZP{oS4(fC)i-Np9S
z!yXZ4opZ~J(AZNmZ{8={{k}uo{a{%@xIwSLJj^qqYcu&NuJB`e;%=7_Q=4u<BM*-!
zooUwNqjFkC-5*wX1*__FrCbGAmea*gEN*}9aI)cRwdiBVXDD@NUx{NsspjQ0=1!F)
zegt$AJwV~0I`GTwema+W`*gBi<7f^)S5a7pEA_Yf=>oV5VFtdGE5d6&NEf=WuMrxM
z7*Cw4#f8~ki1*-EXh-Uu#QTVFzu18*SXJKbrROxRx0JWD3lVc<`Hx4`g(;0?&fTS)
zqmyNvw>LQL&iiyKu+{3?MvbSB`om9$V+i@!zC03x=mt7Di6NbGJKlc7?B)IAIBtJn
zZBhN;_b_VJ*3gpc<ji(ie;i0T?*@^{5a7BtU^{1^EktZSZ2D+?)Li|_b7*Ae!#5D^
zUUB(N(keNWDjFD0JUgn?N%|)FLmT7j|6P<n$K^0+nmpuRql_6V1wD%P63_IIwj#~(
zzx5Q^G3k<nt+~_l3I&~!fsKTGOiw#-pF}Lfk-8}w954oTJo+op>I90Si<dKN7GNzJ
z$A;zkF`nGeE;UO!E`nino{4w;gqag5ZH5*KEa#u|Qb;Y-Li0u-hjDV;x3tdOKmJ<m
z)7{q9)sZ-6%yz1{=8x2Q%1t3CnZh*V?&s-(WY|V$@+Lhrl;%s;mI>fy+2AP(O>w&K
z=b^JIebwT;t*|~<4?eFBf`6e(ZAW^d9Qyq^$1RPyw9&}w<p`wfcVB*o@&;ZVXx|QP
zM`~D3bf{M0jXI~g*gIDW?D;#Q8<El;P7rUqnBl)Ibzb1_qiD-Jdsghoy!XeUIh|Di
zz#*cySlY-IL57(afcq=YjqlSSc($0D+WE@3T$em?QNeldu<h_2c6iT<5;K*n0c&&g
zV4-BB9V4-z?jbH)*T@`f&(gp@G3XgC#ZPJ&??fkA{_JQtqk2;(Vo-7nNEAAozaSj~
zIi-!NgHFLm(+i{hhJSsL7`c=bb%CpB?jeQTMeiX=5?aTw4V3Lf8Fu|fRhPQh#p%^8
ziE<b1+<@7;g#chD89T86<`-6&Vz#kqoT?7$Lp-W@#wGq*%+t2a`dc!-%O#uER6V3$
ze;K>!JKvqUUz0la4qd>*6~r>VKEg^ieg@;N?&41Npf$Z(^hIDj`$RYfpgxvT2;Dy;
z020O^@uc;sa>fDOomUc$xTZypkvy0liP_FE>($Xu)9fWi?CaTjnDW^oBw7G^Cj>!c
z);aUNP%REPF#W9jnBOSYd~)`5zOVV<=pTqty0O{|g!cXqz-_4Lr@9(i`B<T9L|vm>
zn5FX+JA-2W!xiUg^8FCmS+r>N&Ijw&d1(*gQ)k9pcGes%Fgv>a8(l_3wa>+SKYvuk
zu*VNEp^lBmje$_|=;1PTRDk<f-OQ@tR|>4%=}Ki;B&zB1=OnDq?{4-jf92kSYNV<6
z+J~GN9<(NW2y%d}8J_vn$@R{GPPe1<fU86E>@$fqQ&mo+?;wg)ABf<bgcs6?5NtWF
zE;%|=ehGW!m4{uZ@=f>hm*0l%28Q08{bz5-k6dA<*)9v4=R63iX+{@2K1e#rYGQiP
zT|VCI^y~9zI2W-Thjo3ez8w10SDZ8o)$9e?1_Jn}-Y;2WYcQ8p(yMDGMhLo!ESYBA
zzE}!<eR#ke7AFD;gH%LB9dwi-!BrIAQ#clcMbZwlqX)a?)_<!`gxCo*z1n&Fwn_b`
z#SImi6SxwNwbr10nx_oWW!LuXw8tP8sS3D1SnOAY0}d9;78>|X`h^D92<lLxaAG!$
zX=STMNFONT0iSTuDxK21rLEh&Lfpv=s779lak0x9ls@PdCY#@Dxw6;#CiG6VGRm&G
zbT_lPc_=z|K?S>h8Ki5e4=SJ`S&j}1YLrcQ`PObbbZ_=mm8E6j#?!CYy~#&ggjp9=
zmTaK0!G(VBcL`)E0_}&whX$X_kG${?J?kj$7GRQes(}+wqnFB-ivUe;%8^fLaM;Iq
zQ&l%pn;6+w`pPj{B_*YeE8q6Bo4RC-KVst5;eRZxxJGm7ba5#y*J74^ZV<Pn>j7#8
zb5>=2kRMK&E5-~+(yh~Pd+9%=i*LKw&Q;H>ZGn!!{+t$Y@K2F`QcIN@`(PT|r(RE?
zpbGgJbUB1}F{yJ;<N<{#{=r^`0wT43n&m<dk7JpS0kLG#wm-3w4%cC$i(fkC?v)Kq
zeiwf&y6GWzWBy#0&K9h-VE61~#9%we61D`S{@vZxqCDH;rK1#}-u=YSo8xsvBz#<Q
zpi39qxqNK{0=(lA6f=~K<s5|vvWO@+bK7LZN$1rT>Q|t)J<;@7gekg5zF-f9hK99d
z5u<kCKXN2GsLOYIAboPFFcZbn=5XN0t^oTTUw%5&mT_54gMYa>dt{JmB=R#iT>%%}
z@q80Dj#P_dnJ&Bl%MNXa6YSuVc`or$aLQ<}*vnqU;`f;YV($+3a(e#?&~#<G63${k
z_k)lh5@Y&^7@Kkqgcda>M6=9HT4zz-!4B$}XD|lor8t5U?6z_W*rA~=hoYOt0Nmj1
zPa0A$TBAmjRuKTy=r0WTa7tnRxcQ*^cxiAY7N1K9&MU1+AGXoQ@3bAPdk~VN`Ho4t
zXn1+%5A}{ZEU&~I;qD|p2IAPP(0bCL%5K#>x1*yp>!g<Z4yOYKAt0^xS!F1`cjg<Z
z3e@<#`5)o+Pe80KfPRx25wT8zaYo}6lP09hxi51a<P&NtW7(r%{JOVG4VngYjkC{_
zsO1npzPgWJ0gWXAfEI%X2^silEril^#a;T$8X4}3%#Tpm(W+vKjtz7kBR^*r_mk>r
z1^7B@zbXC9LJbsP8<UysjMDi~o>HC5GS<=U(3e%4C8++Q%opn22&tI9sn?wE(tzw_
zQ6nl<vIr`To>yj`UCzTRrjO*#$o%s$&a?d3^3BKgs!|}E0Gj0ZAfj)_G5y-(u{?z&
zaT^LEO9-*#zxAY@v@u%^BtIDiO8{z(8H}v`SHQlN{VULNl?0HbVVA!Gmtt4=)1Z*y
zIE%&!gl%$o`{06%rtJGVzc-80iFcgl%e7gRPFr8=?7+of3Mstps~l&3gq|*p2MIy^
zI9?Jr>mbW@X!elKlN&TBFN*mwaiAzHaHqquk?gf)!MO<dFlz2hCelPM#J<+k{&HkS
z%QJAu1fUtJnzED;TgtDCH4&dRc@(Iog1li~PnFdF3~*mj<2U<u5Vkdp+$F7N<jM)*
zxol1dk_5S#!%DO|^P$zcLG%lN7lt}?YM5;scd2nrZg-U!RI`_okGWS?Qq~?-(IX(Z
zK$3zu()<^Q1Xx2%rD!hi41C)A(*v!+-V_hfsUA5|HRBy=#&UmdJ@@>$msoiv{-Q+r
z{ge<tOq)Kk1;f>8;;JHpNf_85v-Vck{%-Nf7{A|QVzlK1cMz7zdwXzqfQW!j>Inw=
z$;bhIl&*zWVPAtqqMeapQ!8};{nub<HvKaeym*}I0g~8gSOL$R;1Y?Joybw1O;2&#
zA+Q8pn8I%zcZ>boUSI4?j?646n=pNIOn49F14#z>+33QE8uBY!bORJf(qcD+SJ8+1
z@wt;ROP3?1=&m)F9L>*OTh8;2_Jbj0+aoxz;5zRxY$m!Va^;LI-6%z5zduL_sN!<K
zfvOU@k6~TH2R7I3bbua=99w;RtsHruhabWtqVg<3&MN%>G<Tj+P33PMw~m4$D!n@*
zqJ$z+MI-_O(u{}@fq@L7^bk=>q$DF%X&G?>0s<l+ok$5aBvK;+(m_B<66r(|X%|vv
z@BH`dIlJfV?yG&VFLF-KeUaSUocp`K=lguWp9c&?c`%^QNtW(`?|okSgw#!HZ~u9{
z%0jzF-2GZ%Ylvt1)IJOXiRnY^Ctc)dL<qAMKWZHM1`90&0;Vh8W-hvCjC>jr`8C-t
z^fd2}5^~x>k!>O`JK`e8iT{Os5fs?k%6@6_WVISysc(j5&IIoyI5=`O5etC~SUg69
zrO;t(PlG;Rdl2t7xFt|qmZjr56j><{QS<^k7tAjc+l^-6042~7!&skkrfxGv`<B>p
z_|6uN&!>T8-SD29+=j|?xX<bj6coKe?bchR?g@k4w5Ugz?hr&3b`4KMML#Y^di5Bj
z)UKukLx{6R&<Wi0^a-;t1d~czBH41pxGpSiLU}-hTxF@(+b8b2?SL$NRHqx5ZF6+H
z%5o#jWm{(I>m))FrCcvLc{C(-O+8uj-3Qj6O@Hq*1qYK6l3!85;ujXTqpo>AOYBD$
zSbX>nZKJ76ha&=oxiWB$ka^i6x`t}QC~=wAH0J)20XE{R^w#|5U|&7vwy3SBxUjmC
zGVh<h_A8gNUFXugBeu-Eqm4yX?)ozl#%%8iGf@0vJD31)FJF+OSf}Va>EmpJSP!VR
zRQcBpS_7)G@|Y2MC3Zja6kQmwFoYJP9m9{#bJY4~IKz=%D(9#4&tn@>;hW8zyWp*H
z8tMt15@yU$I3^Ky*?I{T!M2Z_l_xgK%Jh+WE>|Da-7dS9O}(9AxJ5VsPLKDaxaaQ4
z7=nuCvq^A|rn0o)_(1{Yi)FdOfb-(HM^k6%vh@X^x@=%nS_C%PCe0yJfA8~{1ullJ
z^>YG&VP_WXBYafdYoOxv_KIJR7E+vwRdcY`yg$LLFT^~>cIeE0=;sOLTm^+JrUnRp
z3*OdS`={+z41k9Y?XkNk3`8vd+?Y-}TPW43Prm58n1iL^=tFN0+_JUx{=IB7QOAF=
z%KlH#4*zZ!|97zS|K<Dtc|HuOo}S(b3X$gqhC47yDIv8!hx`XDC_VvMWnX%qNb6gj
z?zpeiBf0+lk1Z8QD$6TL8zl?4^>l_ETPL<8KS;`Hxb}Rj5=-~$gdU4f9eg*+wHiV;
zWFzS}MS5QrV4gWP&S%ryWAAm_s)XF)sfu6IeWlak$G-|9P$IMqZRtHR!)kRU9#<UB
z)PsA2mNiIMImNq>eSk-3H4+)uu{J7ul(u^Ovc^vS<t7xjtiKoCuF=+ar^J4yuG@8L
zP~;1)$eZwH6FO=7aeQwDfOTlPp+oJncz2}>+$=KqjEL^N@xj9*RMO*XWds$vp}6j4
zwC{_b>(gQH)-27?v+csk@*+SHw$x`v#%Xjj{@$XN#fM)!gWGtz@M<t(mPKRNIz*`c
zl|TO-a#-&GsSTUpCPxI)h1<F#W|=aHusVyMnDx&+m7&;=kYn^Bs>TtnB6--KYm<I_
zvOe>SID0ok)4w0K)A<x2Lwc5Ompm_XxX}8OqWm={DBSzZW<D{ZzZ~@N%d@^)W9h=e
zt92pR&Oo*3az8%%AFFjOphYzj2cq-L=o&}el;#WG9Klt|8E<x)yL2{URO&~IM{k8p
zd7(_!LO{rq16zhpjm1cr`s*yF`jsvItf)|9Yy_Og{&=V1ytSeFCGJFeT}Mya1&h)<
z<2`x`wUz1bR?>7aAiKTlooVr>560Iz1U*z|gIzv{c1D_Cksn?BPO^-qZm6mfdYXt8
zKjq?wPT=Rkv^E6rpxI{QcV4_HMYvMEUvIqvDAR6RD@R*LE^k(@NY%*~KBblPU1=M4
zC47jt`z<}0<lr@zE3jguIwA`4S4ru|%SN7$hbrK`y`_I-)31pSyA8d$*0N@)s<x8S
zoW5Da%ePona9G%3h6mS;9}G!=d<h_*Sps#1Q)))CS_({=EGP9YXq^6pMD7ly&{6AB
ze*FA)wOzAi*t4a^11TiwpBjk@k{~DtYh5==a$4BcyS%I7ZVMnA`S=d7q^tEzf7=nT
zrE$WK?Q-VZj>7LKH8`jD2@lfRiyl^McgPkb-uVj|Jn{797hJ(k_??7}+<1xzNrJ6s
zhQzjpmIWWs9bYL=g2v(-ofpYcTofz5Qw?!<kaS7;vd{67D|lU@-Y*RbJDov8bW#(h
z)1(wLPTQ!zUy1X6mr4#~dodw%xFhJFh<Nx|Q|y<#(`C%M`pc}I1`iZ5$m@-1RF6;B
zd);?YNTn66r9H@kA8OLCE!25FEw0JDN_ISzdOE{@MhBr;7l)h{C#Qd!YD$B3=o<z-
zR8_5fCoXYN8{Q*9AzDP0>xB17uiA{(JKLTUIv0|})-s>MINFYy^lx_oF2&l>x9UeK
zZJ<x@*Mv+VuEIOkQnFzW?N9zySDz<8bgjQ)`AWYP3p4-+v1SttrOJRWlSA8+vu2Jy
z`8jg0kT*%~M5Am-+#u9XVgG7V==S?p@BKvDsPQSC-!MK+O;z$|=0!)LK2GYv!AtSI
zxH4~oB!Fbcn*!PA3+0nN!UMEv@|cPJ@z{)J89i*{U9v1UoCWX5J&6DiH$*y%ee!oc
ze51}^+O4ZsSj%m39ciGbr&kjlIMa%Y0d0#Gjhs8<#~ADK-U>n_$P@bd=}&hiXQd`D
z-(nC=5;ky>+%RxqiK=x~b{VOiwj77UQzhxqL8T&Ivo_q^2*<{F(cd3czk!TccAn?H
z8kD}bcX0Wpz$PIzfZ~sh4MB+&GRZ}UYPeNplLj@|W|ut)=9RhrlK?o<p-wuaG!=34
zLqV$ZYq}$9T}zt9;wyc}mxfF045uZ0N_h~eWv1-Q#wJ2#xN@wJt5--ai~eNwm%A66
z7m^P6t<?OsDD><tTfd~ZHF(L6scml;t#0-x_f$k=9#@Nn?@uCGP}b7oF7cgzxGxxV
z>F<502z(kVEgAZv3}OtKeP`@J+RitmH{>1!*3H@LF~|syydNC3p)}Yfq(4M#8G!$>
z1O)|*_I{Dpb9?gHWxpN$GWN542F4R3ld*DCDK}~DZ0By31onp8jSa<B5aed<rpQ`k
zgvOH<{n8D@aqh*=MAH2`J88@VZ{E0v!mpHo(%*>>?9ui1V%1;>^G-YOfn!>in{Juc
zywT=LAlXUqWQSGh{Hu94RP~7mk&3p5az;0f=MtgqOhw0ND|U8H5pAL2sz;>x=-Xt9
zJQg2$3|lerb!pfyCDd5dR#TCa&`iMxKjb>4-*4o_-rY4)8V$>vmI-<-)fbWRmOnPL
zpRJTZ8PuM>PZveT=2bt1L#KE3;Kkg_Ku=x-tfi%DaBZEL{O6s%r$<s{LT$-JDn4+*
zA^DAaY<XcH@kP=|omUlDl5H!+{wp^2Unh4f{7(=a$SZbHOf60pxWCbs`3-|C+(gPo
ze;s!+d*t!qE?fIyd^tf1;_^xO3u+><BaG0d@jR@4ZJFVO9c_jceZn{d?quA>*5+Od
zOOGqZQ5BM^fxV5L9C_AX$*A`ltiGpUl>+LO!TJJjUYsy=NLRbbppl}_!-_2zztLJt
zI<jKEnv@Hy7Dg7brrMq1F%kRU1L0;c^_j_Ou_JYm-J<BnNq2fnS#?S?abg?Pis7+S
zSlX3k?r*pU5eknetN|>sfG<6c4Sx&VwXB{>E@xFk0`_|L1bG+YCM6Y5y#=#>{t<#s
zhRU4#0M&F18mzS2lm==)CsQ9}W7$-~(6>MI2}LYT^OobD8mB6}9DQbkURArj5Hkzt
z7Xp3L;yx5nvh3{A&$f!t<F-oqp_YFz#O9$@{T(fE>g@6JL&Qd#@l0)s*M`EnwoUUp
zPcCEyEAAKKCc_%#w_v8+YwJ_ND-fdd4Qq@ziuq_DH(eC91%Cf6U25p#m*Cd6@?shY
zh+9oepiH2L1-7nTt1w7-=ZbH1Il{fSCrzn32W4Mow{#hQDXPaIw|2H74s*oaI+~~{
z+P%m$HG5U)jF-X?nMWvQLDG4yMFC)cW$5*X*#kz#O|iM#Lv_$^tVZarb{lDNd!UAc
zNFXchVpmVRV-vUnc?8>P^g6{qJmamQ6WaCn^ofF|8K|+F2gi46(#>z?K<$WB>J0Km
zL6(dkQcVcs(KP^z*OIbu8Rr%rx}^v_Hfm$%w9pX3fXTW&`?o>01e1t<t;1GKPQ!Yx
z)vng|Y1TIJJz5z)7U1C*E@ZVHnF`$z3v43kfnx}e{C!-PVXieJ%aJV{gL1haNzmfq
zr+D0-EiGkRTGz=#L^)}&v2`6i^ZDLro;QCz&7!AXuF4Ip7~xMBB4r)b<-6XC>2r(-
zSxiK^iNTk3YZ<TikPSbELgE@<mOn17kz|OHkvrq`^wMY1>dxk{n!sVd$aP=d`O1S-
ztPt2Zg_!f(*|ABXf2P2(Go~x$SL`<lLnIrTzoXx?WWz%vzHN4IP&M=6T2=#1a>vk$
zbX}a^Q<PF&k#BY9lVe>yX9dpwI*3ol{gv<|p%_t!vE#Y`YIM{@7@B{9dv5f7N~fn;
z&W!nzuwcdDgQPHd{LYaSvbre^7Dc7Q)9b7gFBH^+g0JYX#;4rRWS7_o^Hg-X5i0(!
z-$26Sx>D<Wo6O+)CL->&(G|eOftN>|6%i6Q83Q|=KUGIDYvW8#_c;GRf+E*%2{qwG
zhjCT0F}f0P!UDpFu@-t}YgPiRt3IaxLaL`x+B7DWTW3z&LaoMYze+QLdwbMsEEQpT
zy?hUNT7>8;H$aGEF%zNBj`*-^bl%QD(*A*wAL@bTB7af|<N9g={f1!FzIZQFE2@Ko
zm#J5;WUUT+K;wLE10r2Hj?<P$T7~Wp&GL|oFa2L{Wd^}k-LyCg0Obyg_k+L^>HKkc
zJNj4MM!vpO<J6i^m<97{=r#^8C21wM+p*;mz-Z#I{?wE46wIib)F@dFO)=-aBT2{f
zxt}!-E8B4r{#;0=tV~Ubt+Qv;$r8}?Q#4mb-1np*z9k~-$G6fR{KmG?DjW8ElX3*W
zY;;V1%W<gq%T_gcsT2aX^J!^BdKPZ7=Q<mg^h9>%0x@&t0*?Ek?&W!LHpUJ<z*lE`
zW^+t{SM9SxT<t#fL{-gI>2~4WIf}M!AC4Z%S^f%F<d{)~<FMYdaeHgm&stw1LVvu-
zSK!=f;97rC$~2Iw6UVM?s@N0jULjrg&b8H6zFH~=4I8c36_dD^h613CrCpSr5fS**
zkhRx|%m)p>I@qUT@SwG9?+GjGCfFINh3=j8-K^s1c~A1vC%6{$NUURZ*731%2};95
z{_@cmo#72Ow=M=cdK_00GxD~dE=Wt&LCEaNAK}QkDD`*zy-&f<NRD9=9`%7K`JB(5
zRLkf6MX$qp-1Mje(%I)F<3>{UbpGD=Y20BOG$3#lXtM{GF1|%O52~)wB=6<_wjUwJ
zr+Pp|jm~4gnm|EAk=qH080A#Yr|N=bq{fvNU3g-Mo4M?p>ZmOvFq(B;Y?oPbE)X*l
z65BBC-p>QVc!E$gd;yojRiv%U@u$T3vTWNA&DCig5=m)x_-9{(IwPqmfw@&5!!Nw&
zwOmzuSrL#^%#)MIL}#Blk(Kq9UJFi-#j^U>20?7B(YboISA4BIGSdHv$cx2a(Nk>_
z7x&-;`}Pk}oIbf}Oi(I@lN7w0%OXFugyAcHecm>EVHvTX-%*@Q05(F7@&{l%L0{g!
zT%O$?d=VUEZ5mw(uy+1Ae8QL8obm{iPREkUrV&5ECDT$Xm#w&AL;*fLH<AQmz;*d`
zFgPc|cXxdI%q0t!iDF=FF0r4xx<p8X{<H-zBIk%Jb}1img8zATKSnIV0<g(kOxlcT
zZuXf^?A=g8;KL%v36R9R=f8PH-!lkAO~B08>Rn%{Afz{;=EzF_N_=cS<gh-nB^eWj
z8Jv+EAs^@341+|v^~2|v3`gVbUxdf)Lcv<8k<W)Pq4BfF3?*32R_W#}ouaQy&%eHO
zFIb*`;2t$q;CT%~rFbV}B16We=HlZ|sq0`x9?Cra;SvsZkzB4u8Ys7fyD2|JIDLA`
z7BD?^O#ks_CU7_88)SGPKBIdX4nBTr!BA)URzVM1uf4MRY{N$qSw*<F2tfY5FFP{#
z`*~e3iXY1F1Ic9=L9X=()C(ci{d!`OVUzvG?YZqeJl|mt@^TVH`uc0`2C>n(J8?{h
zYa?lI$cb-@M@Xm<?iR1~PYo(6PLcmk6U_PD5Ze=wwPQ+(?e20MxD<H|X#V(W1?63c
zq8KwcQ4J)$_I3_dcL(zgyBTAkL03TJLhGLjya$}7>fU1iBn<d+w|Om&7lUxeI+dp*
zuM?JCXAC#6r9g@+Z<cpa<OLwLV<>-iP+UnU_$Y%zCr9u~w<6Vd=5#42RG>^_iuys}
z-8KA>DMynlsCf~Li3JP<@`m|3bVP0F$K05lQ=q>Qh;GkRB367q^}hS=?@<qp-B2>)
z{n*i7lagDRxSDXidW}4XH;qnAXw5wsaN9`k=3eA;ct3a>{}rO^Ce0Q-lRUVhgn4%N
zKKU6h3;flB677_&?+^wUmbadxw4+{xou`xl<2KgIw2^{mQqyrGUz59rAatbb{l`aQ
zV;(A5Il|0X7Tp=twJ?SEA>+Cdrwyj6Ym{e>O_C3=u=pcP1|2~=0z>e`{1DC&`hX6L
zK~r=S-v2dAq27Ok60Vv>B1`c6^lV32X~a1f;pbqt!y?g8EBIPxp5Gzwg}RXB{8yid
zli%Qt^zZBs`DqT>k{mOq@RB9oMDT}IUatKV1?lS1j%2-q34R&uDMR$_8=iBRR<x=X
z>MdK#AlwJSY18&*z%h3kMZ}AFY5D#|(JjPu<SZa;1+;I6Ar)w-E(j$KA>r?i4E`=u
zv{IwaIBy|X`7L=Cw0kJC_f6+bgJyU`#I9Yd$`zsw>ZC)h%436oOpaka&|GEexcIY*
z4O=@gX3fgC1FvjBBbZS7&7IK53{X>^-u7~wXh$*;nF`f<A8~QeQ+z2{1<+&dvidUo
zoNwQ`M52Q|4!;V<u;ZaexrbTrhr%@uI7P-?eJ^x&H`Ou?{6t$Riq)3kiKhwOk6z*>
zRU(>;2-Ejjv+XaIN9@cneE<KBQ1-vl$##{uTL2F*VCi=7!+_x_-+H}Mh{E=OmmZU4
zGDVJH{GOb~`WAZIJLC~Uy*o`5jxay=se&tb*#O@CI~pczs$G%UN)Ai7xLq5fnC_CR
z!9@Z`f*IKXJ#>v{gkN6Kk*d*$fX_GcfphYBFH3My&$p~|(U1aE!V{kZ8=F&!p>eRt
zY6F8vp-2t$!%u7G41(BCy5_fBFT&_nW2lzgJLM5@211Y<1Z?bMbrF0NVho{*7aM!K
z149i?w13_`O@7OQMb#?oM|+O9xyi+t`uNFrD)iPjR(=Xh8ChBGZh#2IcJ#>EHIAj$
zYcVH6ZglAyiL#-sx!`mbvf4D)8Gy(d#28flqs!yR)aFy1@KY(orCC-j-(c1`QBI4t
zmbO#i5!tsXZxWt{$e`>;+}WQHATfLho*2iPku<<VYuF-%0?iF&&g-CSTgYTqfQI;m
zEa{tbj6ck_Nc`cr(;>Z9qO<v_AvvUSBt>KUG^uR60Dv(l&u0`_artwchYis;8`7*_
zE}RQDm9+8*<;0PDm2tkeuzRD+o<{O>no{s>!^*s%&FR|R%GoTDguto}G~;8KM2GOv
zZ-8~jOM!~Y{K@t_`>%vNx6uvg+VmU&<i!XOuTtXqD)kaMvZt>)&8U_%L6NywKM<~-
zeEu55rv2Ha;2P;G1v0T#pr9N)={m3*Z1YPXLIqu95Afy)2@*{|q6=^*0pFh&96+4-
zz4y-;h>WQ2)@dffAw|DHu_cUa{IW;pmS&N|aA4>yC?V*ykvf|a!&k-(Ja$5(I-E_>
zsP>azYNlU!S~NBM<gfX@{Be{x%mu|C`m7B1CMymnR%$`JCT<sbH2{(64L|w5-x%R|
zJmekO6C*?OE$KO>cd?I}>FoRNNB+`@3(1d;$dxhrCkb=?37E5{`Dg;|+wZH+H#mQ;
z-}}<v(rWn7)f}?so?tiB!dIcG>IObbLnHvMb%SL{_gjKiy}JsXGXg+50|zDu*h;)8
z7nh|4>k6|QRk`Y(*L4XyagmUveo4UIid`Q|AgNVUuKF!GOUQS4oNdY**WO#`(bqU;
zBDUP!81C`}@!2qc-pG}gfjJ6o#R^Wl_{qDhz-wx3Re~NQF%vf{?YE1;|G59TbWtpk
zvfsI)uPZt5T#@=q<Z%xul|LVuF&=F!MbJA%OLH~Mcn~zMri3JAcW-OXe_x6S=eTfH
z*o02lq2(}*C}!G1xL;?+Xu&;Jlpcb<H$ECBM;e<nBer~;T$YYgh=U+R4?u=LqqUC3
z^!hH`omwoBESenr8qxGE%D?*0Ymkj`ns5{u3WhTfFSf$5f}LgREsv{93}SBM?@fC0
z8IjDbJtf;oi2TL5Os5=W;iO<$Wpi$&?n?QN&Ewd~NZfuFE|IUdl5;+8yff!?wB^vm
zz3$7ih3%CRIJ{l>cr-9h+v!r%*v`Nv&WH|*z^kJUC+PR}-WGWsA}g^&XbE8_grclA
zYH-58;@a)=UJ!I?IyxF5%N0%c>|^^gD-54-On>ur9I&193%}~2QeLB5DBA4N-`grC
zL5#f6__0s@qTkBT-`-V<={VMwhE2g56-`K`HplZTAq><6oQCbth?g!(c*yRozTQ;W
zYj5H(y7QRBU%&N^Jg|JT0Dc15hK}%bkL&fE#LG-h`Ii6iq}8lF!k*U7hTUVS6AQho
z1Oh7ky%Iz{h|U&Cr3t$db14}d;|OV%3EBX9xU)DW(-IV#_3v}Qec75XhyLmSX>I3O
z3FC?2(>K1K#eS6#>p|vl-s{K(po^jm?bxAr67937M$$OjOE)U~WF;)GWRQ_PZ!Wk+
zi&4S!@)LTq5DE_Dv#*>)N8fwpoqS@xo(S6tRNf-IM<3D7PgssWGK_cD2?Qyp55wK2
zc0#Q0$`(;`i5eeySh^Y+PhXFJYe87nIw(@6q6xEQ^2S;T`QU75bmeNB?h}AM>c3?y
zDRHU{QaL||hkP9mxUMMrX3s9|(JdK)Ovk<py4iOd(<ho%1L(KM7D2F#a$Em%j4nW!
zn>`IU4qYkVw2sLP^)iFJ$j2NErd@?k6c?zZ03|03?r5yKe1D@D|ItHJa#C%>(T6+<
z@je-wC2Ju`NQU~MVzH-;lw7<u(I>{P=6gKau#y`xe5C6U9GRZPwh*fqe?&aaIIQ}M
z5>d(psT(R_taJb9FJDK(_CY$Z-V^}<M}-~@#tNd%#nSfHZdB#}S!(h*>Dy-4;c$Z0
zB}k3lr)7^zT0JX10v74F#;P8Vu(8jKB*(dmEZj{N^@ZX+0`qsxPYI!ice7B-hzs0<
zEG$!)rC~-M%x5JT6gTC9B1yie{#BE|_XYAGn=S{7^AC`(O3-qo^V@FWos4OW9`TAA
zOTQqFNO%298u>6A-X(`}O`QcNO2(TFcbKK#AX%qf4sb0EiKT|I!Cev;bcYo3NB5{5
zoYforE^__P{H$KrZx(_Y-GA@fN2qDN(ofVl!-CYvd<?3xYv=iv7cBK>U(<7yOZ&*E
zf4QN+RAwn*Gyn&6?c2YO*KRC0S!a`WlCuWJa@&{q>Ikk%;{Zl+A~Dhz^7Kr~1H6=%
z(xr-@dY?x(;TRtb-ofx%E2*v0!>qxo;OT=ja9U81px_SFkbD4*+KvVkXfC<OilXTw
zY4qjF8@ZF3CZeLrx=b(}Fij{ml0#?FXX=Z;<eoIVa^i(=$?F7HrFJbZ-ZQG$8Yw7W
z_WlPNW*@)12z=0s=-raBn6CeR!K4jT?e;FZgC5p@e60WZb>zRm^8Uec{XcsB2dn7+
M(>eXex%@rxZ}K4ha{vGU

literal 0
HcmV?d00001

diff --git a/hapi-fhir-jpaserver/custom/welcome.html b/hapi-fhir-jpaserver/custom/welcome.html
new file mode 100644
index 0000000..36d2c08
--- /dev/null
+++ b/hapi-fhir-jpaserver/custom/welcome.html
@@ -0,0 +1,14 @@
+<p>
+    <b>This is a custom welcome page! It means you have configured 'custom_content_path: ./custom' in the application.yaml</b>
+</p>
+<p>
+    This server provides a complete implementation of the FHIR Specification
+    using a 100% open source software stack.
+</p>
+<p>
+    This server is built
+    from a number of modules of the
+    <a href="https://github.com/hapifhir/hapi-fhir/">HAPI FHIR</a>
+    project, which is a 100% open-source (Apache 2.0 Licensed) Java based
+    implementation of the FHIR specification.
+</p>
\ No newline at end of file