From d63653877a833514a3ed908ffe2dc7e8bbd75b28 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Tue, 22 Nov 2022 01:58:17 +0530 Subject: [PATCH 01/12] add helm chart --- helm_chart/roman/.helmignore | 23 +++++++ helm_chart/roman/Chart.yaml | 29 ++++++++ helm_chart/roman/templates/NOTES.txt | 0 helm_chart/roman/templates/_helpers.tpl | 62 +++++++++++++++++ helm_chart/roman/templates/deployment.yaml | 70 ++++++++++++++++++++ helm_chart/roman/templates/secret-token.yaml | 9 +++ helm_chart/roman/templates/service.yaml | 15 +++++ helm_chart/roman/values.yaml | 34 ++++++++++ 8 files changed, 242 insertions(+) create mode 100644 helm_chart/roman/.helmignore create mode 100644 helm_chart/roman/Chart.yaml create mode 100644 helm_chart/roman/templates/NOTES.txt create mode 100644 helm_chart/roman/templates/_helpers.tpl create mode 100644 helm_chart/roman/templates/deployment.yaml create mode 100644 helm_chart/roman/templates/secret-token.yaml create mode 100644 helm_chart/roman/templates/service.yaml create mode 100644 helm_chart/roman/values.yaml diff --git a/helm_chart/roman/.helmignore b/helm_chart/roman/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm_chart/roman/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm_chart/roman/Chart.yaml b/helm_chart/roman/Chart.yaml new file mode 100644 index 00000000..0dbd1808 --- /dev/null +++ b/helm_chart/roman/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: roman +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" + +dependencies: +- name: postgresql + version: 11.9.8 + repository: https://charts.bitnami.com/bitnami diff --git a/helm_chart/roman/templates/NOTES.txt b/helm_chart/roman/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/helm_chart/roman/templates/_helpers.tpl b/helm_chart/roman/templates/_helpers.tpl new file mode 100644 index 00000000..5146dc3c --- /dev/null +++ b/helm_chart/roman/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "roman.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "roman.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "roman.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "roman.labels" -}} +helm.sh/chart: {{ include "roman.chart" . }} +{{ include "roman.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "roman.selectorLabels" -}} +app.kubernetes.io/name: {{ include "roman.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "roman.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "roman.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml new file mode 100644 index 00000000..8fc5999f --- /dev/null +++ b/helm_chart/roman/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: roman + labels: + name: roman +spec: + replicas: {{ .Values.roman.replicaCount }} + selector: + matchLabels: + name: roman + template: + metadata: + labels: + name: roman + spec: + containers: + - name: roman + image: "{{ .Values.roman.image.repository }}:{{ .Values.roman.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: IfNotPresent + + ports: + - containerPort: 8080 + protocol: TCP + - containerPort: 8081 + protocol: TCP + - containerPort: 8082 + protocol: TCP + + env: + - name: APP_KEY + valueFrom: + secretKeyRef: + name: "roman-secrets" + key: appKey + + - name: ROMAN_PUB_KEY_BASE64 + valueFrom: + secretKeyRef: + name: "roman-secrets" + key: pubKeyBase64 + + - name: DB_URL + value: "{{ required "Must specify publicURL" .Values.roman.dbURL }}" + + - name: DB_USER + value: "{{ required "Must specify dbUser" .Values.roman.dbUser }}" + + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: "roman-secrets" + key: dbPassword + + livenessProbe: + httpGet: + path: /status + port: 8080 + + readinessProbe: + httpGet: + path: /status + port: 8080 + + resources: + requests: + memory: "1500Mi" + cpu: 50m + limits: + memory: "1500Mi" diff --git a/helm_chart/roman/templates/secret-token.yaml b/helm_chart/roman/templates/secret-token.yaml new file mode 100644 index 00000000..5a74c6c3 --- /dev/null +++ b/helm_chart/roman/templates/secret-token.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: "roman-secrets" +type: Opaque +data: + appKey: "{{ required "Must specify serviceToken" .Values.roman.appKey | b64enc }}" + dbPassword: "{{ required "Must specify dbPassword" .Values.roman.dbPassword | b64enc }}" + pubKeyBase64: "{{ required "Must specify dbPassword" .Values.roman.pubKeyBase64 | b64enc }}" diff --git a/helm_chart/roman/templates/service.yaml b/helm_chart/roman/templates/service.yaml new file mode 100644 index 00000000..25d060e8 --- /dev/null +++ b/helm_chart/roman/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: roman + labels: + name: roman +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + protocol: TCP + name: http + selector: + name: roman diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml new file mode 100644 index 00000000..c5226934 --- /dev/null +++ b/helm_chart/roman/values.yaml @@ -0,0 +1,34 @@ +# Default values for roman. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + + +roman: + replicaCount: 1 + image: + repository: nginx + # Overrides the image tag whose default is the chart appVersion. + tag: "" + serviceToken: # Provide the service recording bot service token. + # randomly generated for local testing + appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd + # random base 64 string used as certificate, replace with real one + pubKeyBase64: bm90aGluZyBhbmQgdGhhdAo= + publicURL: # Link to the subdomain pointing to recordingbot. + dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. + dbUser: recording # Provide your Postgres DB username. + dbPassword: recording # Provide your Postgres DB password. + +postgresql: + enabled: false + fullnameOverride: data-postgres + auth: + postgresPassword: recording + username: recording + password: recording + database: recording + primary: + persistence: + existingClaim: postgresql-pv-claim + volumePermissions: + enabled: true From 385555dde87874b6e65a91e957d017f67805cd9d Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 5 Dec 2022 17:03:24 +0530 Subject: [PATCH 02/12] updade helm chart template --- helm_chart/roman/templates/deployment.yaml | 14 +++++++------- helm_chart/roman/templates/service.yaml | 6 +++--- helm_chart/roman/values.yaml | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml index 8fc5999f..470b6b48 100644 --- a/helm_chart/roman/templates/deployment.yaml +++ b/helm_chart/roman/templates/deployment.yaml @@ -1,21 +1,21 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: roman + app: roman labels: - name: roman + app: roman spec: replicas: {{ .Values.roman.replicaCount }} selector: matchLabels: - name: roman + app: roman template: metadata: labels: - name: roman + app: roman spec: containers: - - name: roman + - app: roman image: "{{ .Values.roman.image.repository }}:{{ .Values.roman.image.tag | default .Chart.AppVersion }}" imagePullPolicy: IfNotPresent @@ -54,12 +54,12 @@ spec: livenessProbe: httpGet: - path: /status + path: /api/status port: 8080 readinessProbe: httpGet: - path: /status + path: /api/status port: 8080 resources: diff --git a/helm_chart/roman/templates/service.yaml b/helm_chart/roman/templates/service.yaml index 25d060e8..d071f5aa 100644 --- a/helm_chart/roman/templates/service.yaml +++ b/helm_chart/roman/templates/service.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Service metadata: - name: roman + app: roman labels: - name: roman + app: roman spec: type: ClusterIP ports: @@ -12,4 +12,4 @@ spec: protocol: TCP name: http selector: - name: roman + app: roman diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index c5226934..9b825123 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -4,11 +4,11 @@ roman: - replicaCount: 1 + replicaCount: 2 image: - repository: nginx + repository: quay.io/wire/roman # Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: staging serviceToken: # Provide the service recording bot service token. # randomly generated for local testing appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd From a09384d2ab11b041390e4528a3b8bb7a7ba43107 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Tue, 6 Dec 2022 15:19:03 +0530 Subject: [PATCH 03/12] add ingress to helm chart --- helm_chart/roman/templates/deployment.yaml | 2 +- helm_chart/roman/templates/ingress.yaml | 25 ++++++++++++++++++++++ helm_chart/roman/templates/service.yaml | 2 +- helm_chart/roman/values.yaml | 21 +++++++++--------- 4 files changed, 38 insertions(+), 12 deletions(-) create mode 100644 helm_chart/roman/templates/ingress.yaml diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml index 470b6b48..ab7a2e66 100644 --- a/helm_chart/roman/templates/deployment.yaml +++ b/helm_chart/roman/templates/deployment.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - app: roman + name: roman labels: app: roman spec: diff --git a/helm_chart/roman/templates/ingress.yaml b/helm_chart/roman/templates/ingress.yaml new file mode 100644 index 00000000..d1fcc05e --- /dev/null +++ b/helm_chart/roman/templates/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: roman + labels: + app: roman + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/enable-cors: "true" + # nginx.ingress.kubernetes.io/cors-allow-origin: "{{ required "Must specify allowOrigin" .Values.allowOrigin }}" +spec: + tls: + - hosts: + - "{{ required "Must specify host" .Values.roman.host }}" + # secretName: "{{ include "roman.fullname" . }}" + rules: + - host: "{{ .Values.roman.host }}" + http: + paths: + - path: / + pathType: Prefix + backend: + serviceName: roman + servicePort: 80 + diff --git a/helm_chart/roman/templates/service.yaml b/helm_chart/roman/templates/service.yaml index d071f5aa..b9ffb812 100644 --- a/helm_chart/roman/templates/service.yaml +++ b/helm_chart/roman/templates/service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - app: roman + name: roman labels: app: roman spec: diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index 9b825123..a74d2f04 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -4,29 +4,30 @@ roman: - replicaCount: 2 + replicaCount: 1 image: repository: quay.io/wire/roman # Overrides the image tag whose default is the chart appVersion. tag: staging - serviceToken: # Provide the service recording bot service token. + serviceToken: # Provide the roman service token. # randomly generated for local testing appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd # random base 64 string used as certificate, replace with real one pubKeyBase64: bm90aGluZyBhbmQgdGhhdAo= - publicURL: # Link to the subdomain pointing to recordingbot. - dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. - dbUser: recording # Provide your Postgres DB username. - dbPassword: recording # Provide your Postgres DB password. + publicURL: # Link to the subdomain pointing to roman. + dbURL: jdbc:postgresql://data-postgres:5432/romanservice # Link to your Postgres server. + dbUser: romanservice # Provide your Postgres DB username. + dbPassword: romanservice # Provide your Postgres DB password. + host: postgresql: enabled: false fullnameOverride: data-postgres auth: - postgresPassword: recording - username: recording - password: recording - database: recording + postgresPassword: romanservice + username: romanservice + password: romanservice + database: romanservice primary: persistence: existingClaim: postgresql-pv-claim From cd60951428966a2c38a1443eb3dbef6a44a4e322 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Tue, 6 Dec 2022 20:39:25 +0530 Subject: [PATCH 04/12] add required env vars --- helm_chart/roman/templates/deployment.yaml | 10 ++++++++-- helm_chart/roman/templates/ingress.yaml | 4 ++-- helm_chart/roman/values.yaml | 18 ++++++++++-------- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml index ab7a2e66..6d0c1939 100644 --- a/helm_chart/roman/templates/deployment.yaml +++ b/helm_chart/roman/templates/deployment.yaml @@ -15,7 +15,7 @@ spec: app: roman spec: containers: - - app: roman + - name: roman image: "{{ .Values.roman.image.repository }}:{{ .Values.roman.image.tag | default .Chart.AppVersion }}" imagePullPolicy: IfNotPresent @@ -41,7 +41,13 @@ spec: key: pubKeyBase64 - name: DB_URL - value: "{{ required "Must specify publicURL" .Values.roman.dbURL }}" + value: "{{ required "Must specify dbURL" .Values.roman.dbURL }}" + + - name: WIRE_API_HOST + value: "{{ required "Must specify wireApiHost" .Values.roman.wireApiHost }}" + + - name: PROXY_DOMAIN + value: "{{ .Values.roman.proxyDomain }}" - name: DB_USER value: "{{ required "Must specify dbUser" .Values.roman.dbUser }}" diff --git a/helm_chart/roman/templates/ingress.yaml b/helm_chart/roman/templates/ingress.yaml index d1fcc05e..6ec5a26d 100644 --- a/helm_chart/roman/templates/ingress.yaml +++ b/helm_chart/roman/templates/ingress.yaml @@ -11,10 +11,10 @@ metadata: spec: tls: - hosts: - - "{{ required "Must specify host" .Values.roman.host }}" + - "{{ required "Must specify host" .Values.roman.publicURL }}" # secretName: "{{ include "roman.fullname" . }}" rules: - - host: "{{ .Values.roman.host }}" + - host: "{{ .Values.roman.publicURL }}" http: paths: - path: / diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index a74d2f04..e30e8f0e 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -12,22 +12,24 @@ roman: serviceToken: # Provide the roman service token. # randomly generated for local testing appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd + wireApiHost: wire.com + proxyDomain: # random base 64 string used as certificate, replace with real one pubKeyBase64: bm90aGluZyBhbmQgdGhhdAo= publicURL: # Link to the subdomain pointing to roman. - dbURL: jdbc:postgresql://data-postgres:5432/romanservice # Link to your Postgres server. - dbUser: romanservice # Provide your Postgres DB username. - dbPassword: romanservice # Provide your Postgres DB password. - host: + dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. + dbUser: recording # Provide your Postgres DB username. + dbPassword: recording # Provide your Postgres DB password. + postgresql: enabled: false fullnameOverride: data-postgres auth: - postgresPassword: romanservice - username: romanservice - password: romanservice - database: romanservice + postgresPassword: recording + username: recording + password: recording + database: recording primary: persistence: existingClaim: postgresql-pv-claim From 4f62e21ea4d7cdbe5e87a82c67edc86e1ea14cd6 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Wed, 14 Dec 2022 20:17:20 +0530 Subject: [PATCH 05/12] add support for external/let's encrypt certs --- helm_chart/roman/templates/deployment.yaml | 7 ++++ helm_chart/roman/templates/ingress.yaml | 1 - .../templates/secret-or-certificate.yaml | 34 +++++++++++++++++++ helm_chart/roman/values.yaml | 8 ++--- 4 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 helm_chart/roman/templates/secret-or-certificate.yaml diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml index 6d0c1939..ced15ba3 100644 --- a/helm_chart/roman/templates/deployment.yaml +++ b/helm_chart/roman/templates/deployment.yaml @@ -58,6 +58,13 @@ spec: name: "roman-secrets" key: dbPassword + startupProbe: + httpGet: + path: /api/status + port: 8080 + failureThreshold: 6 + periodSeconds: 5 + livenessProbe: httpGet: path: /api/status diff --git a/helm_chart/roman/templates/ingress.yaml b/helm_chart/roman/templates/ingress.yaml index 6ec5a26d..51c62369 100644 --- a/helm_chart/roman/templates/ingress.yaml +++ b/helm_chart/roman/templates/ingress.yaml @@ -7,7 +7,6 @@ metadata: annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/enable-cors: "true" - # nginx.ingress.kubernetes.io/cors-allow-origin: "{{ required "Must specify allowOrigin" .Values.allowOrigin }}" spec: tls: - hosts: diff --git a/helm_chart/roman/templates/secret-or-certificate.yaml b/helm_chart/roman/templates/secret-or-certificate.yaml new file mode 100644 index 00000000..2aaf48d2 --- /dev/null +++ b/helm_chart/roman/templates/secret-or-certificate.yaml @@ -0,0 +1,34 @@ +{{- if .Values.tls.issuerRef -}} +{{- if or .Values.tls.key .Values.tls.crt }} +{{- fail "ingress.issuer and ingress.{crt,key} are mutually exclusive" -}} +{{- end -}} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: roman + labels: + app: roman +spec: + dnsNames: + - {{ .Values.roman.publicURL }} + secretName: "{{ include "roman.fullname" . }}" + issuerRef: + {{- toYaml .Values.tls.issuerRef | nindent 4 }} + privateKey: + rotationPolicy: Always + algorithm: ECDSA + size: 384 +{{- else if and .Values.tls.key .Values.tls.crt -}} +apiVersion: v1 +kind: Secret +metadata: + name: "{{ include "roman.fullname" . }}" + labels: + app: roman +type: kubernetes.io/tls +data: + tls.key: {{ required "tls.key is required" .Values.tls.key | b64enc }} + tls.crt: {{ required "tls.crt is required" .Values.tls.crt | b64enc }} +{{- else -}} +{{- fail "must specify tls.key and tls.crt , or tls.issuerRef" -}} +{{- end -}} \ No newline at end of file diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index e30e8f0e..cae89fc3 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -12,18 +12,18 @@ roman: serviceToken: # Provide the roman service token. # randomly generated for local testing appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd - wireApiHost: wire.com + wireApiHost: https://nginz-https.kiwee.world proxyDomain: # random base 64 string used as certificate, replace with real one - pubKeyBase64: bm90aGluZyBhbmQgdGhhdAo= - publicURL: # Link to the subdomain pointing to roman. + pubKeyBase64: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEyQnJjU2FWV0FJRmdUNWFNeHRPZApPa0N3ZlU2c21kaXpWTDV4ajBjL0FxaXFsT2R6VHplVUQrTjB3S1ZwdW5iS2hzY2tpcmtVZzE1cWFmeHZJK21QCkNsb0tUZEMwY1AyZjAwK0hPRHpTbTRwdTBoUTNqQUhLUWRUaHhTVEFsb2VrY094cTRUMEhQL01hRU9OcFQvWjcKMlczd1A1TzJvenM0V1h3aFRDcG50ZkFIRyt1VVlOUEMyd0FzamJ6cE50UnFUaGpFL2NsSVhUQnlWZjJnSUJrNApLWnFYRWlEYk9XcXVySmp2N1Q4bDdORXVYRzJjMFhDdDJjUzIvY1VLWUpvU2JxTWdYYi9HR25xQ05JV3VhMzdyCkZ2N2pIY2N6anRIR0JaU2dMQnZveWF2TXVaSklwVXBNMFFSM3JXUWJQSVBXdXFDcmxybjB6UTBES3RGQXovRFoKUVFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg== + publicURL: roman.kiwee.world # Link to the subdomain pointing to roman. dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. dbUser: recording # Provide your Postgres DB username. dbPassword: recording # Provide your Postgres DB password. postgresql: - enabled: false + enabled: true fullnameOverride: data-postgres auth: postgresPassword: recording From c4f71dc0448089d41a3050bb33ea673f403d3d1f Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 13:14:03 +0530 Subject: [PATCH 06/12] add tls vars --- helm_chart/roman/values.yaml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index cae89fc3..f29992b1 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -2,7 +2,6 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. - roman: replicaCount: 1 image: @@ -12,24 +11,27 @@ roman: serviceToken: # Provide the roman service token. # randomly generated for local testing appKey: b53181dd-6400-4960-8988-f775545588ff-0949f503-421e-4588-a2c5-f64fd9c180fd - wireApiHost: https://nginz-https.kiwee.world + wireApiHost: https://nginz-https.example.com proxyDomain: # random base 64 string used as certificate, replace with real one - pubKeyBase64: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEyQnJjU2FWV0FJRmdUNWFNeHRPZApPa0N3ZlU2c21kaXpWTDV4ajBjL0FxaXFsT2R6VHplVUQrTjB3S1ZwdW5iS2hzY2tpcmtVZzE1cWFmeHZJK21QCkNsb0tUZEMwY1AyZjAwK0hPRHpTbTRwdTBoUTNqQUhLUWRUaHhTVEFsb2VrY094cTRUMEhQL01hRU9OcFQvWjcKMlczd1A1TzJvenM0V1h3aFRDcG50ZkFIRyt1VVlOUEMyd0FzamJ6cE50UnFUaGpFL2NsSVhUQnlWZjJnSUJrNApLWnFYRWlEYk9XcXVySmp2N1Q4bDdORXVYRzJjMFhDdDJjUzIvY1VLWUpvU2JxTWdYYi9HR25xQ05JV3VhMzdyCkZ2N2pIY2N6anRIR0JaU2dMQnZveWF2TXVaSklwVXBNMFFSM3JXUWJQSVBXdXFDcmxybjB6UTBES3RGQXovRFoKUVFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg== - publicURL: roman.kiwee.world # Link to the subdomain pointing to roman. + pubKeyBase64: LS0tLS1CRUdJTiBQVcFQvWjcKMlczd1A1TzJveFVCTElDIEtFWS0tLS0tCg== + publicURL: roman.example.com # Link to the subdomain pointing to roman. dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. - dbUser: recording # Provide your Postgres DB username. - dbPassword: recording # Provide your Postgres DB password. + dbUser: romanservice # Provide your Postgres DB username. + dbPassword: romanservice # Provide your Postgres DB password. +tls: + issuerRef: + name: letsencrypt-http01 postgresql: enabled: true fullnameOverride: data-postgres auth: - postgresPassword: recording - username: recording - password: recording - database: recording + postgresPassword: romanservice + username: romanservice + password: romanservice + database: romanservice primary: persistence: existingClaim: postgresql-pv-claim From c8c90a323314dbf1555ee66a01dabc951fb9ef34 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 13:24:17 +0530 Subject: [PATCH 07/12] separate postgres chart from roman chart --- .../postgresql-11.9.8/postgresql-11.9.8.tgz | Bin 0 -> 57391 bytes .../postgresql-11.9.8/values.yaml | 13 +++++++++++++ 2 files changed, 13 insertions(+) create mode 100644 helm_chart/roman/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz create mode 100644 helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml diff --git a/helm_chart/roman/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz b/helm_chart/roman/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz new file mode 100644 index 0000000000000000000000000000000000000000..1ad6223ac9e83458bbd51d97a269f7842ed5064b GIT binary patch literal 57391 zcmV)7K*zryiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POwyb{jYHC<^CqJq12Gvn|b5layr13D+;b?psElP#wQf9 z-@{IS3Mp^T;Vk@Svro6%?H;{)CI9VqyZL|j4)+ef*?V=c-|Ze89v<$0)7?8bczyT{ z=x&&f(kEdY(r>zJB>7RSA+K27#R)As@1t{_{V!bU7L~w?Bz$ddAiM9ZsC?*VZ33bYO%zB-UFJz6i zN0>)&hTA@wb@cBo063gTVmzSVc`2-WgL=RHq5WYiK+LB&=JM4*iSqD&or7)to9zJ1 z0E_^MQ3M!CsE+^{{f2z*Q54E{!w>|zt>7*q4+71YP(V?L;RuJA&jE}ASqR{WqY1@) z-Ui40vlBsB9AX&pU4S`YNgNZ(nW&HOBm#G6&UV3X1V?OFP><0A+XbBB$pld*!7@%L z3P4PWkAj3E*4~;D!9T;Q3FgyeWV1+fufr)qof%{t(ezU`p0}_sxMINAtcHvs&N_@k z|BhKzI(Rm*{`6!4Z-2l0VgKM&JB}t>cWC}VXdt`ULY4io<)z%*@__nAQ5<4lGJDGd zewYY~w`LGW9O4L3OK5&fg&?6}10HOtY8EM~lO@Qy+Qi^CT*Ofs4>KSS4-f6^Lz~b^ zXDgM)y}kDL?eDfe_h4S(Dd_)@_;(w|u|WTK4-O6r`v0i=tpA_l*|hGq6m++Juod75 zV!Q{~6z(4$^Cb@5gZDAB@n^K0NsD`|o`J@Sq!XzkmJx=m>VH z*bnyhzx!@~Z@jwfR;9o%#edfolr-s|?O?_VDs z>>s|`|39s-aWp>tV~ziN7$%54f&o}N{`X!V92~vQkN=~?{pa!j6wiwn;QwOC7jrXs z8 zB23!Z+z|6Knyb&3aE2Um?V8}9|1P6gn2m6P`XOW~wL|-zFkuHm88eO|4t^nFGDF*J z#~`u+Xtrd!K+s!))UtnI!l&uq1IU;#3qkrrU>9B6GDTVd1~VLqKBr*Y2o3}9O98## zX-0s6COQKM7D}WL_zB}=rVw!ge2O4PMU zob9m00Av4j6;sbNyrcvP_j}NBtWjI?S5+` z2{)*Mzb(j(DH$QXC>V({Ox1x=piCq(n~C41fEKm@MX5ci(e%I=h78paWPtVczno;k zD~QSV_R1Qs(PsT@>A-2;cPXSlDz$#WTdqriH%(p@{4kyL( z;^j7;%@Qt!PS6M-6>tP|#ELT5DL_)2O+{e(z3!a{I5*o-5VqUxwqD|z6)t8O=XU`f zi&=fQWWCGbq(DKOgyDdM*e_v$_y%J6v9z99dJbdc>_ zI7jI3(ix|XNhcsa>j?A4nGWe%BiUrgLWrIr2=`cNF~74{#QTW&(&;*|CVrHY=5Z}pVD?>=n z;5Zr+I+Jr5AQ1@3B<%?)&Spk<@d6wtd@5{vWsK%FsvK6We&q9lAueock57?D3E`fx z#XS;vV@w(MXi`+QYhaWzAW%Zj82L|%OOB2l!Y#9Q$#jld^~h=39Iw7(h=OCr@FW5- zU9`xauiE@+gDXBo^Z_%p3n-cir3-x@vCMoJg+eQt4HnE~J=adK3Ft{NE0Vh6?o=C` zO(JL!^A|m!r4wW|je)TQ}yLzubn^a?P%7 zZEY);+SW=HfxGt2fwUH=?;IYIv0ezI-yKmZsn?S)Z_`p$c&cS8k8CNvT9xZ1s)Uqs z-fU`HuU)lMyPMzM+?7`U`znsTPlq|yd=bTCEJu72gE1vDHR=^V&9yN&KRF%kSSO z0~aKTxU(TD_dmw+BaRqHFc7Rum|z%;0E+H0CD9B;9Na^S#i+3+8wa{&mKh?bKgAsR zJfX;Dw)1}bJ>xJ6U`QhL9uVs2y!UcT#xCCjS#g2t+S0DZ>Q#xJ2z-2NUAu4*3npg6mRw}kByhjejHb8Jm zIO>7E+<_80a3ZH&F_Xba5DEi>#f-nc5UTfO%aalhDY-`R6G~CUJ2Z(no*_^5oA&_2 z_LR@U7jNJ7z2QGD`#)V@U0%H#di|@5i?f?_q~*Jy2U=u27Am%!9X-&kWT5B*{afk{ zvmkAZK)4xHpSCIazk6~ z``Oic?r|+Re08v|R!9Nn8F4ROY+}s-1yCH>+a2;%J0z2z2;P* zPfA}0RaC5CQN-N-%>(O04n=LrApKiG(q#&DRU0mFbb%Oy6QRk~4@pIc?olY0&{IfJ zw%sjl))FS2;|L8X8siV(#vCRHv6irKgg~r5ZU<^lMyOAr4H)7(W$jDVf_Gmld=Zuqb+RI=DXVAK#pwsNx9?!I@UfVivepJ3kPN6ERWk zf>>=u3X|ofu7O{gxjK)WA$pG}I2!;M1XQe`36<*0EPNC>vQ#@?Ssu3uT_V(|oIav_ z9k~uuy#P2V08nCMooP|&>tn{5TwY3Qq**m4bY_On$)zYH%78<@3bkGsJ^a4nZmw>31k@)^UCDWm^ zqgnv%PtgpS&0M*7X73F|(OJVXK616tU}_9w1_BgQUl5wHLpGB9Rk9&eq3WT3vVZqF9btq0vnQJO z?~bDXeH)yO(~YFv^q86ODWVE;wxOQi6w&tn^)mLpkS$M=F3fxx(t&fX0$KGF$l(cg z7U?qJCcqSoNf=1mW~)%X2g;5#Ma@zyLt!!n1ByZdgL6EhkYdDudMzYCya!?WVOt&( zdkhIc9End%T18unVD>;Oo=EdYws*)ObxtN@5^S>_X}ytzgAmWKaRCski|Gu^(2UTz zoVS0R17n=213S4^OwIQIY|A|>!WbTfbKRra5<)M$*p5O2-gg3Y-(l049Lw*IUR}Je zJ7Q2MJ;jxI%I6MdEJ3XEYVWA7c1ETBQ`bE>I(#L#$)+>qpz1Eg)7N=B3(aCa7vgd+ zKg$WlG%CN>qc~k~Gbo%HWXKr)4?4$YwJ-PkGED=4_^dgpZ6<-0&*HIK4eCX;{2+>I zV@wtRzF0o9RL`d@dC7E#E6Axsv1Uk0QV;CC#p&8Od#i?(P=k4UbxUiQtfjU#Jtx5S4xlP* zLP;Y!lq$TBG+pSA(Q2Rs)`~XF+icJF@>rF)l%VQb_85RQz9{f zAiE{GJ$6{K8##sC-MKE~L=k3TPuZY;gF_@ugnm{>u5Kgigw`%t3F&7vF9mjo=A{6w z@|7_A#~H}uY7*Uf$r`$H60%GbDW{#`@LYEo1EV>h==TIEF7qjx0ci7YiEXOy+ed23 znjt#(?Ny-2eofR#v3@DyKI?wqB z#p$d25$(Zsym1uCX=7la4~;@@_=ohncraH)!xB6Ac_8R60|&@Clb zApl3eAz%CH_2u^q7_YF?$i!6Y=QbSO{>Le35^wBtsB&>r~1GcFu*e_7gl(&nRymN@|AR$cl)kYFsSXWvQ8+n`||4Mvm-!5zf*j9TVDppF48A4M#&?&l8B46w5_l6;P z@XRK%$B8#Wp0I9F;EgGndGZ9wlV+wT=1}P?qbc(;K!V1MZ6(ZDC>5tpt<|N&U~eEM zrGze&h615k)6OEygV92Lu#U%)@{S}77YR{YlwdY4@=0meHWKqE>j2Kk2U`Qr5`aIypq^NWe z44hyIP{;-un}+I-27;k7aLO78YQ~~T1Rw{}a|(n1hz;4m$qk`~jZ{PD zrWg(5o1*7zXm>kuvhYlf8pfk~wa~kj|Va$|q&U57k ziduu@N=@-(3gA7&q0R=QVgG|93Uq|j6rFnEme@b36D*9lwV5FI7RCrl*9a-e%2q3* z&^R%bPMDe<>9XEh6Khn}yp?;k4maie>hM#ZED>IdTmSu&Fc)v82*@9qQ-X5Y)j0L8 zrGujhaCu;LBV~{-4_t;lOL!Gqt^in#NJoc-yUy67@HD#r1yZJClw^OZ$+OI{M#cIB zQglj8mWTv;N5I+!vawhm+G1tl ze{J%pn1h{sJW^G+NZYIiq5R$$o3h&ss!Rdvn7UYPL|3paGfQ8B5Z|K+F}4dRf&msk zbyh1#c@pcuuua4=WbX}5FGcBTbe=-jd0_#u2*|P2z!``l`3+I$BdA#Tr;KO-U(ARY zh9@Y5^C9v{6fn6oz%T@XcnO$(E1fg!x(%Smh++~LxC8muS^znoA(C(d@kaf*7RWKg zVM5W(lp;1IVF2E!7l5a4RsqWr89k7J9jX@#!EOQfWo}N;+r4V-l3H*gZyFADSV!J%h zhJw31;D(}G0$7Fs*l(8--oq!CU9F%?CD;D8n%p|jmy=q%>SEXnC3ZP*4WxBBfDI*e zIiL-tv;b6D+v&SXlY4#rx>q5idxuL2sj`*MoteL{H>jMK@)$46RH1_Pl|@FP?3Ans zPVdZAp}ux?xW=8+?8_i`0WQEkw8x>w?TpQ3Fx$W?@rHPe{J9^Zp9r~QWt)Em1t1qq z>TDV1_RB|TOehj7RX7$)R!w_0*W1W4no6*lgbU_uQQ5TeV7{R(YXuzpWELkf@>XYY z=u}J%`g2?1k*nPFrAFR}MOAaVfo~es)(!^>k$i^&lP(P=Q5#4oB5J+Oaxbb<9dKTgDp?#y(1AQp}Z#e6PSKpcJGn^>nX4O6~CA9#6h z$5N@uf*N;WRy4HvHf@W+jM-aCk{GD}o}Hv@j)@hIny*%6K4@q{^LF>r)uJAXpO1ZM z`2|eO)J7wAR)VETbgY7%<$o-$rd6zyTtlUMM|Qp;>vz6QmN=ywMY%jf6-wxQaa*L2 z)-@spQ-{bVUt`N>Pg)LTK9N!t-m%KrBU6F!3a$aDOMzGxb3?z=-q3~8n9^d{AR}Y0 zj+3U42Jf5c)oe`rQxqgJu?f0YXO|r)b2P}Y9FYKZUf_r$D*rb0crXe)7;&7wvDxIb zzuI9&FqGql+_G`~30YQPL=OlmE3Hm}B`-pc(GKz70>R>Cj@pWo!D7iapU0@Im&;lN zMBxo~b9%5S;MN>ymXLji=9N@S9VVS0)7XqgBpd9fDi^T)eJ8Uey8VXskq7_dMR10k zBmBG4%!)OQ(8-?a+o21YrZi-KSzB~ZWNrx_P)*q@zS_4NX1cKIe8WhIX-Q6MzOd4{?C6Y$lz5A-N|EIx zCLx*3hcQJk=#z+XDqxD1s4qZ$0`@o2GCBLDtpH4wg39k;PLk}{9nMHJF*{pcAoFCh zHaIQMXsO7&Zpsf~A%_G8tRwg;{^OZ8d5R{n3Nw^7 zGyzJ9ObPf-zFh=e7X}JOZadO)&tH|7K8d)%Aq2z1+j*f7db)Ku^I~vY)3XetYrA1; z=fQqcsiCDyfC`MdP_auT84#7m8ivqQD=nCpF3RLNDytEDU# zK4xL6B!}Su`O*(42yATny`3>uuT<;tf;U3i6m_2mL$1J`^p0dc~pVs%> zr-7CAQYGZf3ZzN3jU#G`PJD6k$gNg8S4j`-?H{~K^_n5Pih07e>1Pbeu~2+no_{*a zrJ>=)3*cfYa4{fW>S9}9;V5DA5&4k4&wO`Y2IS=~c$wCH`EP?Whp<+X2P7EA$gh@U zQ(!r<)wOC*K1?$9qPO~1F4cO8*z0`lQZHL+zlR#8R>8Rin@+)VHdp|)X$pDQKioY-|Lhx9wZSt&1X)0q+<@(dK$Tyt^hB8bEWH02JLnnoqA{c~- zG1Eb;%sW1<+LIM+BCSsgNm_D~Q&)3>846p0b@;>#{UZ!v@Hwm}gwpk;)QXPRI$#%*eYzCa%o$Qu<= ztTSSpGZ_^wr%zbV25Mi3-Wye8n%2O$mdE;@m1Zk5vSl7K&k*9aO(uVqwCXg!iX=~w z~a?pj(SI>H5PDNfLP4 z>z#UIOwj`j!_Ete7^m3ho(3aUd7>$XfnLezdGP{NwKg5<9@y)))&II3nKrys#++TZ$4qXY z=nq1WK49bod*t}zX!wRaRnEy`z@%oh4opnVpInVJ?5YfqwR7of=JxCutGsK`LAP7e zAPuw5qKeHOY*kj3RiMhUvWnzSxJxj~yeT$XcRJaJk#<=M1psF8XmWeD(g{9)C4(cXDbCWA zG7X4k$tWe6B_lN!i3%FDsOLnX0-PA2I@ctQK!EP;SP|uSB&?~yFH+jgj#1vA(r#`e zMSmk6I~NFwuG6;%0_*y~3fWREvGi1c#yCR3u5+oN+PL~J`_+G2b@XixEw5Ept<~BE z4^!+<&0R7K1ar|RzKYTkgHWx_47?=LRDf;EF>OcaR*fo3!f+Qvq<~JYt^j749*~>$ z((E_s<&2|SiXG850Nayz9|(Q_>u^_Rs->dCGDvTKKHU|c!T$hPF^Yy9`giXARmFQ4 z7j>PQl`lwuRL>nNcTDjj-)~M=DJwUtY)pR-Tq79#N-;-Qk>5la$hcA0Sv72Pk@fijzI z*jZr-y(*E3JoOL@8WY85Cm`D<`Lx{mjLv#k7ZXU^X^Zo@ovnn%CHDltAWNa_q()IL z*)ll_3*kK~%ZVbYS7Wo&CtDet>)2sAKW26F&dUyx<|!wN$ey!Lb(Xbkab#yDRhtU$Y(Q2;fTu&+Q$~3@h`)eP&y0m%d$6a&*_9(c%lOe0&87lB zYf!8a{aFKbtq{-}xNFCO*1-PL2ZQEpij^Zmmy_tn3Jk47vQBhp9o+RoMC%~0A17J| z{m&mP>a>2vh|%Tb`Y{4Ws}ZaoJz5QOoeN2a~!sAc#AZ>kb+9W#W6P2JnS*1CJ}i$GAzQLF zxm1j76{#Bwlyyc?(@IDR_>%T|e%&31h$3;9JX%TO<6|-KJ?2gPS2Zt7%>;GB+o2&#}2r7n@tzgHIcvTP;W%kJ7Df@g_rcE3vE>uUpNh zKSR)NW$QK;xvTw_^fJTR!4;*BgTVMn#iD>PNM5|yitIXWEUxn@KcyO%s}z>mh{=0= zSHYVhVO6t5aFqgAWx;k#<^B^&%>Gv`=m^dbi=m$#KmL=9enUS0H@F}X=7b8VNlT@j zrzNy4CMA|0SDIN=Mm&r4Xn-PaZrsfXdzk@jH=t2^S=LY&%Ls&(=^CVT$ur8f=_ZZ7 z(n~+LSyAAmH5McpJupjYb~arK6|I3`W3c$p6t-O@wK2~kVSg}iorK7`TwT7D@A5XJ z+bwoUbEU1C9Im2p{)UoSUSM?%K$B2A$|Ljw}9 z&(=J(IlXqnbTEe~ku^-u5ssoP_0D%1;S8KIWX6;!Q3mc{ty2i@u+=S0zvv&;I-vwn zK`*!{RQKgE6g7jcXCknzG0UnjTg-PbdveG+uRwahQq2?d6by>o_q1s!J=zhEO-<3Z zsF5t&>{wfqNf(POa{n=uSq;69s?l;ydqSmF)8fr*whc6MY2{Ya!1Xj-zA?6vt48{) z>2jF+U$~~LT#{Ha7NBU}CsCx9LhOc|>hlVt-B4b+1t=2h3zF~&ksB52U_-oMI6x{~ zM;#OF0`$R0v09g(Tn@puJjOgc*r_w|ZSt0ob3tLcnkv|>-~>g|)5Nq??dq$x>d}lD zhzJKhnZ=Mxy(|;s$fdGoipia%hD;^%a!Uehn_0^j%8OV2lrt|{TCg~AR?{^?RWDMD z1u8F2&Wc%Y6ATcYVYzk9^2_G4oMT4zxhFoWof)fs5A>%nnkexh4>BE06o82gw9|W< zakfvP>Tk0hwY?b=9C7g%C*Wlk>ZJqhUIG#+4@05u#Ol3>-jT<`=i-!aw@!@ayXc(lx`GAKPYWKC^74S zfcSTawlUG~jd=8cIrh;1dTfe9b@IXCqzCr)ya0_bjJ&-)j~;xdbgk@*bhA3PeALdy zmxN0P{3t!4DRGj55r8t?85w7OZo2iURc5#`OBk1DKQKxp6y*^R7-4WWs~Vk!)`#Yb z_Go9lnBsdVL*5l9I|jpP=J%&8pNxKIl9_SOdTycuT(jje|2_gh=3oz(Y9{3RMk#-=I96m79^Z92&zRa{?;lh#@XzO4Ev&JoMiMPyxaWOi+ZVRG&$DxGAP?5~_k$H4L6EDZ>&X+Y{hQQds|h_bNKfF*~P zE}E(sbJ1YgdIl&7)d6p=rgcg;g1!+}RSR5;NmLpTOT;ox zCAb|yzgH`=5|3OqnPuShkH>wrkP@KMXxuCjDK)DoJw3u0%Vj~{jok>DQrMO{x5}i! zE%NVsL`V4&6GMP`5n`6ISdk(o+^CJgHBWvh!qwSDM&Ezq2|fX0hp)U#Cdw zL@`yUH_B&RSJumK@aysQ<=N%iUh$ipY*0**Z%iS}743eny}t+K&YCoUlL+2J9P0Iw z{Ct>x7M&flxY*Z@3ct|jm$nkOPT;ae<_|?>A|(K=<3;JgM|n1_)GWCSwA@0=$r_)+ zJ=JjQR#|y~>DsCx$kK(C3sfwT8bMonE#>0TOQO7o(-SR~Tw1IJQlq9b7<$lCypoB*x2%1^3r7b65KnH+#-ueH{hlBp za;@R%`DyfmjZ$hISk39J%ucVb}M=UhiHPf)9Sn6 zW&i5(^0a^RatGYxDqED?GW;K_+7389AD)6PIK4a(6o{|4qq&$l-dtZ@Q~&|em7U5Z zkEC5#QaA$JFO8wteYp$LKla2QhQBX&tO^>J<-Z1q z`4q=G&$^vu-_YE0abyjx#Ps&~-P_Xzn1=X21x$hy5^|b0-Ib60F+e&^+9}{qm(BY= zsF+j%LuhHyxA1x?-l|Z?(wy=pLT~W)_Vj-buC8xRuWwJzhQ~jipWdFFzBzt(esg@Jh|?lE*-dOHC;W+{R+ZMA1T#+1^jig+*g2H zFTs5U(DifMR{;L=r?oc?UooTo3Nri{Y3)m4ub$Dq6x=$=>`MWzo5#Ks=x0e`zxRYG z?A>+!lV-1XQ9pI!dKdfC<*YAQ-zvF`Vks8T}M&8*9cl5bf){Xk!(BGY?t`78kwvg;%Uh)EzAKuHn> z9wj53hNS+YGl-h>1BOpcIbw}5!;_BP#wKY2@@=&bMpM_)LKc`zp7iAzUVxb|bfavy z5kV9M(g)Ed%05puZpSG&(KO~$7~9)W#UioHn$`OF5wsN#+x0`?(drojNzh?OE`mOmYp8&6}ktHFmA}SKTF}S|_!H zEF~j~qX3m>5qZRBIYc&Zn~oQ?Tq{gYed+eAd_rXG2P1jO$`Yw4rGWx4np@ItlUEtv zUBz<~%3=*395D`~VodHLR;PE_P9f##J+_j)>5*lz8(vuN^4bJ62<@(D7)6q3nT_RI z{Z<>DN(sktC^LLBc{ISx-9<*TxWOzbq>>Cg73kILYm0~r`%ME)m=)Z{zgW!R>4V3#X)HgDh}xc@hlISa(RMk9q}6( zX|J%zp6YDs43^C8%Y^r*<*#Kl3XvmACE!p61zn4>7VH8>c2&}0b-1*v5~j#%Vl)RR zMlul!XdCrUC}{V^(5OG-tyWks)MCll%93cQO;SgK*lAqV#Os#IPrNYCqMQk{^3<9` zTQ{}lD0s}NHAmG_dOAnuM)h=#F6En+L+DC?gmMAz5MXi>NBZ*WEZgb^cjMnCJtq@N zg&}U`h&0w8}~pzG{j`Exk2%|K_N%ZgT8W{1 zM5Tf6Q_QgsL;HKd;7;o~N9k7Eq||==2o_QgK7De0o)`$>WFjor(Odu!eEC+XkWZgl zqV$v`)DHL54M=7)NasB_8Z)D3dBFO7(D)U8^ZckM8yp>Ve}&8jKZEVx7>PE7qucFv zk6yi!|8~3G+`oI>*9QmR?7ceJ?{*Ik4-fah>Fyowbq~G)-3{TdeG~wq@#YmXzhyPd>$iFR_z9;cQF-nILC;!df=lR zZ7oRsDdx!M2}S8!t3KltM-y3Jy~jM1AFNUDz(`Au37xgn2~YaYQeFZ^@tPf(0xTpE zQkU&m`sBTuIzR1dx)VMvqt|M$OYd>Qrzqk^J2^IfJ<%m>lkb(eq4^-)9GveKQ6oY^ z1T!=)W%_vOUoA7v|J4HWE(S5fQ@2u{f%1|LnQnox2SU^AmKDI-DwN~_GqejRnh}mn zk^o~ij6&kyX`goK-C88VVp970Q&u8HJIZJZWFd6kJ^kZLhstJ-wxoEerQQI&602LBFqKcx45-{f9VP8QnuN( z38cGDt5=zfnVV?gxO+7#F0EbBT{)ubV99Ula`D3ZdI6~G*TsG7GV?;+)voi%77IFp z(5?C`rD4DO>br^pMkFq9%PH_FHz55u`HZ~i58iEv5#6c+h7q$IAC^!$mI`h%Y|5nD z8cLZuKS3PgkS$hMdgFAh<%@-QS^FT%(p5zPjyRg+HCjr6Os}1S_|m7CLVkgDCYn`x zu8Jr59+i0=vTL1c4TD0)BR5Tu$>E-5I1(1bbw0b%qS?jl(LOQ5GIf$pKB=>W_RMJ@ z@@|W^#Q#4v+vBwM|IEn`>s(&loDSRk1K-RZ(}MlK{a3H|iu-^2&-;H*@$`Q>zPgzA3*Tb``OS`}?V(gJflsO&@%1Ru^u~lg6?|(P3%_Dh( zgmjU5nBq`p!V`4>W?+PbRUe=@By$vizyEz}>*GgHnEA%DC%|wL5yr89L4xdT@6)HP zn-q{(WRDPvGC(*2Sw%3DiFc2~P{-_mDZEFzhPu-rkPeO}0f+dV!X)>IK2Xd#ie%=y z-qx0Nm7SzEcTU3NP;ahl`vPnS*ym4a?* ztpHeybL*|XP|I8tDKmSF<^X+=H|0bV$&$NdgnS-?3F4}R=Vd3NLQwS4W;;6_{qzZV zA%Jn*cD>t-zs3*wYLcAeEEQ=?0x%~Dcz|je2+$~*IHcK>iI)wj;u!pw7$xB94Y>K~ z6b!CT{u_86=#ZGFz8`AZV%9w+9Tagom$OovO+jabqs|Dj>DJa+1PBe(zKSu@^jJv! zcuioLhN~N)GXofj+mcFuNjeskrb*NmL<*@wAyaI&x2V)9vD)560l3HN5-8`8FoWlK z;pt;Sz3(+9VMrdtm_NBx@zzYG`4uAzN6wAVx~Ua7%yr}Lab&xyOWW+;H!iB}koYjv z*KBm;JsVaI%v1xR-_s#u8)&YPEm>7Vre%_@O=@~CtV1b^q&Aelzg0VUGIF%{Ln%S& z7ONz}v{mSx?TB!&jb<^Q+kkdHb!B5ExtyZ{A*?4sVZ7F3v7*2gk$VuUFS6KYY7wD;kw|qS>IX6jqZ6L5r$Kz;BF1 z!Z`n-^-*4^kzPFM8Tvo9z#m`)89I6eykMuMjUPWcy!-U2uCbrHnN_WGG(%leO+u^KYj!%W#a~FyMnAl~ME8ikY&dPIOeIyFAU_)Zdnmg9p*47$^?5-I zTHs%LrQ>ALD4-Q2xTUP|lR7A6 zy$-y%`BbX9`oHxByJur*09onTGkZcgkqi4{S0>-rZd6mqWgTN)v{p1~TEfasjT(4Q zu(F^LrBb)ct8mr)B@aww+UTwG0?iym;JU1ggdu4o4(O%?egm6^!99!Q)cR_gJ#3Y)lrzE8T)7V-)+Vr zPgon8i%!Km{l}-)PJx8M)%8t|h*i+D82Ku$Lf|v^AAf44fjr9%Mn$JJ{##`Vz#i-0 zYK8*Ola2c}ZQU0;u&s&H5h(lO*+xR82RjEdI0syeWeCRT0nBiea4SsBx%2pJpbxUs zlymKL59wEV-a@-cH-VeZxFZ+^qA}Nd&HLwnEG-Uu`>)&GcDKFv#rExzc8VnwdHE;8@!SMAg?XC2;@2;h^j$(F0tSygc$umZcT5l?7jE)0$lE#{vVz-!y2 zx8zg<3VKCd({Bpt(?t2#H6c82ak%DlIhTRJ*mAlEB&3hd#`SgsxoRIIU`iIbd$r> zm3m2i)A!Gc~er-JFnCdZ0$Oe`W23Yoh$|W;KMzV3f04_4P2#*<)RU zb7poc*;94$b?D1NE}+`%ZnjaXAk1J~xymvn&0y)98qF3s)zzCVbKJax%WT@Npr}%A zRO+g#-EHX+rhV3|G>MJ6KtfLW;&g)4>6VgnyUlcb{%bt>X$1RrksUQNEbNpWP^kjL zrPlc+EJ7c+%nG^zsWqVbOH1!*zUFFDTm;ilnhoWTDb^)@AcH~mf@~8V;pn!S-dL9d zl}8LuH=xV8wZzCS$Vy>^7p2UuVfv?b1Q(F3J(4%TOGoO~VW=Z+O}JV*2bZ&TO*R4R zsL#%r%5oQxt1PKopn*lGFJG?IY2`PFXTvQ$a$M#_xa_L%a($M0bLk(gMnF~(v`oTe zj5G?A6xs1yjb%teaJs&KQMKe>b((Ep^(?={FzP&)tjUDdEu*#th+x##Rdemn)1E7w zqFHLftOC+-x)jwtU3qhpWKrmD&W9>%xr(3_dhGn6*u-diTo7$eau^qmWyTHd?C4aO+=GNz3Ju3ufACVoc zkCqGYI_$`tfgRs)6MK~ND6#K^mrVR8@WyU1v+d71i#zR9-J<~f8~pKyu2NFmExO2A zj?7{lA^^h>7!P8ABbmC4;b;;fFhh*N3EGu9#TNy~5Qp_MOWxx-9n2aS6GK`0DwKYK zu}sOHy(=BZE)uE6oay%h@hJ(M31EFJF^j7q3Uh=c+i*A`tEoU@PR6o>fJ84jh>&^*2%pNUmpGRaB=74CV7!EoRQF%S@<`HVR7GLC z+bNaMaHnQU6?Q73J8D|Z2<)ZJ-vw4VIXC`;B*2#m$fdvWi0~iu+KOXlj>)gENge)Tfa%fepg;{J?HqOGAj-anU z6nZbKvkRG72SV>^I-~B2ub70`pLb#sWEXntcP~UI5sLqV zqltQl5o_*k6hpC~);9(qs(j$%)4-$VT%1H|9x+UdoFww-cCYnPbyQdMSjXiRwm+XB8TURcjoV+jU!spF0}u z`FZN6H2xEP;1qgdo!Oql+1eqX_3@wG?%vU1F8=fA)&9|Q{O40V(#ny^4vf~2oqr

LR_k8X~KR@YHI{x)N%4&h-A(`l64Nb6M{O`Ydog4rA-NS>| z&*T3oo)Q~Q_x?ckezsF&9qi>wNcp%VvY+?vzq#7;|@nb4_w-Xwq}UK0CL#dQr9R-B({fzB(3S4eOu05 zj8&;fwybLrOTxC*x3hzQ?y_xr-<345MA-HnG&%qU+lS)c z;OEzHj2_jzgd`jl`Ajk40<64ugmEdoFAZnOPeD8bl)V&e)NR~X@Yd_OG`;>)tKs)} zp4zozYTX$ru;mV(N;K%(vt#ni`%kds0&3kUzqJ&1 z9u2vhAAM)Wy_5y@`agSJ+gfuq0k^n#JiCBTBH72c-XUeLzb<|6^*FN-{kmg+{=9@K zP}z>I|0B}HTbGkOP~~M@x$s?8^*L78i~sgbo&~h~&Ryg2TmnknCcH)@0^uh>ODRB5 zSmZtc=m_5qohFW> z(h{(6;dxye|84s6%|Xf+IpYie@U8o?{Z)9=`0X1(TFU;=(JRr3;H+`Y8);L!Jv|@& zx7Ml+2Orf zmB0x%ClO05w`z+M$L#7o9E~!^S0lQ7O~T@@l-01((EFsvwMKA!Ge8^`Dh1^#6(g)N z_kSv@e^oZYar3vf>`1^v!d zz7%dv>YuPf|fq-B;{*flfN2uaSZ6 zjw`3ZfKGT5x^9Kis6IyPnIwiVrKy#gIiS+jQJS@zHZ95Mp9d0Kv|j{T+7PrLcIfq+ zZ$aLUWk5{5ES}{QNiBM+53#l8C>zCVkEU^|!jZcCw_cFGdtB*ZAq^Cvcef^`o4y~5 z)l*OO-D{;J`dI4nRmiQbud9nW_WbyaJ#vG;K=gK)&hHGa1v;@@VrBKCe$s>SL8i&stJ07aevO36sN(EN z=S+(gE0fHjPM}qkkP3|@<*Td4a8zC%StjV@ZcQUHKLR|bHIQDn6`^`D9gYWu3w;rM zB1xdSrhDYeWA6m9Q1{m?f#@NTky*8nT=O$P=S8nq^A5ny<~0L&AetRbRv4yrPi zA70;*!@wl$xlitU#N3iF>D<48NX2B2^A$fO84Q%>WKQna9!?jx4QaqzON0Sp&(>kV z47u8|l|_OTaJSl_(Y8x(`2Vf58>i#mr6YzjXl(@^-k)EG)CO2Fo{ZHNAXHBzIm=2} zZYnBTyX%|N(aEZU;Ll7FSDnW)HVZ_ML~C@-!ef>3T5`53lq%!X27IrIN4xb#EA|1E zxc-|dHne-2&(Y{h&#`g&z(zPhy+aYM1fT!i;6_9!WT;{f=7RNF}kSu-t_D=g)vGhqDYKxWs8Ld&ixIv>U!Jv zjD9FABKM91kFy%} z(VaIaO8cUdyE$jf*MWr{8^}xo^s$soOh9P+V&+m|%SPDruW@;f$bW8WzW?0PK=M)n z|D{IOy0ulSl6pe?uwRm^C~L7VD!*rSpUJ8aOZ||A7zT%pFon(Xl65xjLe;NXP-y5+ zEmNNrMAUY-B}@Z-jDs8bcX<>Cx@@yTBPtU>`{ZE>zy%q1l(e`_+{osv0PF1{u)8kvmeY@yArbY-l9+Lb#EP`>nLurGh^7J)wDSeRZc`s(al-P4kL4Ax&vl8 z;7~8SLRtvZ1V@;M;+3fW{0alAN~L~GNuYtU3&`P>*&>xNE%~1mZrUv8RE5c2!VIn3 zN;8*xakiR5v?hA@%qUBw-c(6YYt|}({-ls<{P!p zP@bOm3+3!Aa}x8+x*}*p`AG$6Vd~Df zs@>n}+bT?y0b2|}ZIzi%RXN~E^+rlMs=jJrJ;;2+Yh~`;Q6Vzws!Eg319ejNtc7_Z z=DyT0I}sx+y!0-t+bli?S)jccwE?;fAVVehpCHR>ziu3ge$ z3BMd;XYuB2YvJi;ZRcctzus8OuuB>!jmQc86+6uvF8@=@96}&SZAvR&9t9MgFdp!| zMZQXcDIHk3KfQUmxDVjy#nsZ@-O}mle7*nIk35%bMWu^$cnzhqq7*q z81%Au;aPm#+tb0zu`8{o>5DXO5Jl?JjG`V_$L}ymR({C&%*TE$VxAVEuw|a=#Bp=d z+w_-}=-9odtZC88OhHVWH*3|oEw&jW%V3af^FKHyBoFH5I+cMrAcki?vpa~;x9UCQ zg+~1UEnm0V&dkV8VlP%SxG&*8QF$K^XN0KKpGu&oM}|`ro<=9e_H#uf<<5U%MMvsl zw5>8+eghKF^4)Icx*9lOP1qQ&XmwR+4C7fD6I8FBhr6whc{P`AeGRGWvMIKk9vM%J zK!96R@j^I*{nxbedMMZ>eiu+i$}j&Ib@pQZ2)h5;Q1HqAR3k@;^rx+Ct!?z8G_EFS zvad-AaD)z(r^}$#5GtAO;la(yeTw~W(`rjwBUAB9gyNDa=w)CajejIqyD2OnM6pv) z{QByk3^)?|*2!yyL2+h5W2nRdb_rci`RX3RE*Pf19hnaQ76=!H> zZDf49xO;p$)9Q`yQV)%|``7DU(LxNQ=i**&NwMgzbaUZs zmKqA;>6rPNu|Ar=)e~+wyfr6%18vk{49ZN_NvJhfh}zgv4&O^F_oWX{e&f8~{(u#v z@2ML7<@{~<%!(zdkM`ci@Ac#{a&_IQLS5<6MhyGv)&8X6;PM`cMFtQV75n{Eak)0TM`>&*(P%d$1k z^6ri8&Heiw!rRktauuD6mfXDC&$AG`**djSRdb|cwQneW$= zSf#lM{0jajr;EN-QNZH%a@8cIq0nv#Nie z-@T@_otzm^^?Kw|wYrl{d=i9{m~F`PvaD-@m~#Bi`M|#eHL`f?}{?#e*B%EztCgm&jsbGqW*r z5#Z?D9yC=1$--yL6+hrDLn0khx{KG#$=-=%#9Fih(z^qn9{JVc`}3)RM)MxiSCgKC zu^S#%Y6wgEep^33p1vMlKfWG5w{!b^ZaUAq6O1DC@h^lK`kj?$EOKyHdU&~rLa=wL zI!fAlYRapFuba!vmwi68kE(zQO9l-EJ98f<5K(Dfwgwt+&LUIzq5Fs0>X*&H*P#FI z99+@PVF?lBl*mGF*;kc=Gb)!HB%1k{UR?UEwm+D&j^aV>+Lo5?5vtNnJx14dHlq98oE>;W)wVOMI? zld)iprEnCs9Z=(W)t$3eC-G)+PW+U4`1;(sc@4!}D3!Q82{G|}XdVNIy!ZX*z@+l* z92y@#W*BK}nmkw_``ym^_$i}l2z2cq%s!;3p}g1p0kRe|xp}?j{+H%R*giEf9hH2C z6^Vj7+zeW>%o;ZaxSt<6>eY3x%}+S~S%+q(b{}#^{IRgkhgv4W$5Y6rWV{hTljO*rBH_DEJg_`_g=n(wED%Yacgm{*qHXK%aYtx#>By? zIJ*+RRM_ZP?gznpcpPU+uJTjsbW{jVg|mPhIz(p5mADx%`iUZr;|l902+V}?HBNc{ z^|%&uhndV-7MWoPYt;MAVJ$dBlV_%ia;^HnB>I}(QUu@x4EZJ=|gcx)j zHXZ}SnvCinZ~6{s7KvFfgx9y<*=gHz@Ro)I=WDYD!GFktY1B~$XhUW0`kR|O+LfSZ zv(9h$1m~7--jrP^Wy0%_;hSM|J^i$H;C8RJc16eay2pX!V{B+nU9cBgY?tq0VZBmr z;_G6Vml}`E6W)vS;TBl`lH1a8Z+}w{&h`=tghm{-N^SkM0IKjZ%Y?>zT01k z)J#CtjgW{~f1ufbD_p1lfI24l{e%v^4Co*3-QfR-^;>bGOT2F=^e4te>8-UCl3o{Z zRxcN>{m82^wxO!GH6Nv|w>7gAvZ~Tfh8^B>ADVM-*dG8!^cgWfA4obB>y#uVB9_Hg zNHJe^{)L#~3AhX!mq>`8KXWdp1>^2ULx_*Nz9!`_>y!vGG3u9&VbcG>c3-m6AAC$Dk{V?@~5_n*KI_%&YU*xJkO&ChoB>H?dF7 zp+}E`2Z|ku_NwcnQg*z`!FGS2Z=6xX;x^R_i}_SrNe+$b7QEJv+zYlm^h*e$y+@p1 zNrnK0V7(`=VBKXNoxo#Bec3iIiYa!CqfRqvmpO%BQm#qN9TJS)C$&QlwKpT9+!ksVY5LhCg2#jNxSW~Rw7hP1n6+Y zjR?=ICKQ{Q5gD=%Hf|q0$JxgrD%bgX!~S{{5b)cKsCz~$pcrN%X4W*3u%v?k{!_KI zDfSP_ue~cbrn0uNH1hL(lGTT#6#7LU$or}!>zj3Bjnqn!F%KF9@B0dsFC~;a>lMC6 z=!RBLtekF@xg6}b8}u{p6&y##dX}!Pfv3GZSf9YbwSR=qwPGeJiJ9Ge>2! zLMRwkx7F>S9+|*_f#@B{rr{oSOrW!muzDEeBWo+@LZ}K;OO<8Z?i`#;W9+_4dX=#? zIU3)qh@TBOwpn~=+9*jUX7+Ss?BxOFw=}tp+ya+bzkMe-+FP|@q9MQzRGA_J&z!OmY`@hbDH0|U_IG8ZC{bs92Q(vE z6U~}!2HUwZ&C%JKgQj(F0xQLG1?Db>z`52+1ho&zkKgauRt6}S5Xd{H4{>OmY{<$( z{FOPN|C0@p%s{F(N7s*DL?1|mj0iz5$SX~3Z!F}?Z%|I^oc=cfj&u+K;@{jtAUXj; zI*GQj{k}oiD6)3J1UeBD$SulwQ@^PGS@YU|PSxb6^q0;YC{v~5Vs~YU&e>lmj46Ls z*gtR1%zP!M-zMb2Lheyd-Zgi#W4eeE@;UG#K+d73J>DS#sSP02?h`!ui6@)mj_8AohDxS8r6o_metp#LtE&SYl7y1YC)Nw{b0SA} z02<^xHv;=A4~eDTEkt?{-W9XErj{e8Jm>d6CYQt3$HPtqVq9Eie=%}F4s{A>dmtt2 zt8Tq%8pzbn^TWo8ZbNq2tNX_7Jc5S(f|lAy4UTGfSvhyofr2XQPs5ZvA4PY znd_yN<7Kna!?_T8q)$YnB?w&3OlLX1G#y5jr0sjJ5zK4YqbloZiLdN5YCy37PnMe zS#kJjui?3h0v692eJ1`Xw+I#QT5BWa;@Pd9Mt=3mpyri2YSX}Xbftc=>j4OBscZ4S zhAHyuf+isa2?G@su;ZKpv7?4K`aG)64z!l`sUT{BAkKT55~1%+>C+t^S5F!f=G&)D zcK)7ot=nR^>K0b({Hs<=!dU*er?wwCnYYab$`C}L`uK3v^koxfVF`04#*gBPc#9Iq z_=Yo0d9?J#K3|bJr=;E#E51e{uc*XPBm^3sP;F)a*V|=zo3EGm<(>J*_gnHDG%YrU z^EUJa{p^U%$Z^bYI#N{8#1>gHLWkga@zgZXUtsX6HlSx&~7)(SSRl?@g zIgPm5J!i|7!M)Zo;rl0L)uVMdZ@P;<9qI`(Wa0-|%d1{WV~%%3LYFN?1sFtU9;5ZA zpgXmD??skVizPhMQ`8`v-sE>5%b)HJ_ivJNvfSx*LJN4w(Mn@iCDkY zaj|t9jTlXPL^G$bWzzTxc-a+ z>e%gqyxYZ@R?Iu+m6i3!Q%(3^=cG|k`0%H9t(hAb)08Uey0Y-*EMvU-iq9=o{7X=uxN&tD19GGc)b4M8SK{n)tr@wyn~3>QRs4 z=+?10juupN$MfaVeC!+53gD8{pJoH#`E=p@{dsF=d#nEA{8{7!)K>0Wc8m8aeC-^G z&3<4-0eHh3%`?bstW6i+73;uvN?^omW3I{^LnjSuokA=3#b&%~w@z*Oi-md2iOHJ| zDwv{L7&XMvMK+14e?60T#U9OlQL4c#Kl&E6G%piOX`uH7yaATK<@LW>U0=HZFGRBA zpS7Gi*)`PG;7Nl0@rVrP9D6rSIFnZps`6~Ug5y;`1n48aS$21)cw^=#_S^HGczr&Z+E!BZqK8(m7< zwWwfoX@h)O`YY{eQrosDH~L^~DXMg@s#fT-DcR~1n0dHetqD^g*fe?&C^TUxzd6P-M2l2^pIM5)9%X#1 z|AnAv#h?uH2AlnKfVH$a=B|}o(M)AZ4A~tMa}e^U_g%hTN?xUkh1q)bC{r(tIDc8G zw?ii=uhVr<;w;%`IOLFoX)?}?C-$tGP7C}SbH?2SqBWgK(yddaZKgHI^FSUo5BI|d zQad;Mzd958L-Ru$fh{^VWML%`m(UAKRpu8@&g!5rxp<}N!q9lt^@_+y9yybUmj9bUDRlT(?YF+g8W|KT@6S?S9vr141PBD%n`g zviD_L;32dNWD~+NivzO)Ep3nMMD5H=);VH`?Sa^_9H7}V%u=CVw9lvIoartcpSgAn z%EBM$65B^|I#u+Xg`v=oHfxoAXS@lgmGlIeUzsZE_Pxo98&DGU28mStbfaGb5}Gy| zUF_ogPi5nMM-$X}TBJr**^t|*XAk;YtsO;0K19dnfF8)rmLbZTU5cja$+vj9492ax zc_`D-S$6EDNy0mJ8f!DkEMsI|P+<*^Y)vAIus)$FxwwCTLOp5d=vp8tv=?M#rQ*-i z8Yd~f&h3ha*CeIsiUY6qVFZFR$c*0YJNd@M70@9*t6t+*GxssKc}qYkr~4sivhhqr zJMF|=#iVGS^hy@tOUgqOge3efp5VEo&V#apIC4XXseMaKOURS>zne0)YYBcajK&J& zgS$#o{6)?iA&MA?HfzeK0CCpn;&f;B7^HADt2qv5t}U8SWp*p4C&HjtPT?wBYD)P(s>adVhd(FkjbQouxbicHnM8#rXLP6;JFQr zqo*%bry+imU6!oGB9oLK{3M4?K$OP_dF;r5ZgtsbC_X*{n#YVOis~+&69pBjmjV$i z=t~LiFj!7v3F^_3HDR}Smk^3@9i?yeLsmQGxB~yv=vm*7Z?e201({t$tn5_}-Ol{O zh3U{R4eaqA33A_U<3vkEZ`t+to;+>w#>kyGV?e|uKEzuv;1nM1!n+gaN@aD}NEMZs ztX;^WB8)qB#PGEs8}OkLAJhge#4R13yg{u@Elj>?sPU^?3SN2Fi2pISw0B9vDT3uC z+x#k`vASqM`T@>jTCCMHJq*Y<42YG3=IJ?toZD|~`y1T+_%gA%x%}dFd>#e1SGHN*KG+gV22j_~v*E0;t+2H#rWw;d&S}X* zojcHUc)Ytv+pF<&wlUERRjPm<&0SxvVtz?OukoZ_W_vg=TF2M9!J9K}esmXAyC%~1 zZL9cUI+Yz41lu_TavT51`Fx>%1$~A3 zr30jq2i|r6{b8{=YoWkVG=Y6w)2#ieyocR%y;!P4Y%g3WR*D6h%VS+6?yiqKdqvZS z>UO^X$zedYdgC{-AQSN0UG-yzV*31*2urn9fc#@sV%@iU`u8E38Wzc&i9q0x7xc3q zYasrV?KYXadS3(FqY$-hnQeOnb}LmucC0mef0{IuEqkrtz$*YJktkthsF$a91!xbn z2nB+x;#Zw(w_GTb3Y2jlZ(x8K$Brd0Q}@^x!0>i^ce5>CX#OqT7aTsjsyJ%R<27FW z+T&K9hTS%D$Knq5!;x6?A#qPIFt_tfex+^NbWp` zI6d36?G@exZeO1{b-rcD@@yqXaKdN5Ys`|PMptvC%7`hNZ9GHo%g^zoC8=0-=@RLf z?e%NMhkIJw-`E|LfGI>S0QXb>N2uoOuYjtfwTGir{INRRPDstKVgXtx7P5?+hHwp3 zeqC(R$@IAu>|M&JezJaJ+!#^W8kpx_$eSeT1lNEYedG?eYY}x6Opoqpe@D3#cZ_M{ z?Ro2?+6$Qe%%_-vW&=l!{Yyghv|E>F0;4J2*A2@a>@StuoU+i-Sek>=(R&Q4!!CtU zm&ylB{7mcozK>U5)gC&N0&DB;_aVg|Zc~w5xtpz(gV)9WX6N*|-H8t^h4Y7j{L?My zZR!Y2)EhEwXZD<)SrBTB4s$mD%7nRgT#v)k)BbJn?S2^G{;>XCGAgl^(m1DM6&nZ%}7W)D0ob24`Fcz#xV(NxOlURXO2&}pI ze}!koiD8|7Jg9^iMah&1jZ)$}kR@d0`gl076L{DWlA8FhecqgOEHOFHQ6L?`!q`u` z0r7vG#{W3cVgn;1b$4>`y}t}y=nTw zsIiiA$F8!XCUj5T)-FbfTbWz664k98aiq+RN_*cI)I1@kFsv|&ZoL{f?vqcDUM=TE zvB^QD%Cn{gMBJO|??l$NsEF%$j<9t49cC?$=g7wBZXp?u+S4F820*6()V2&BmGC%>|ZyIQ32!_QRiFI=U z)Y8NIm#!G8qo?@rGc!C{cwObD(&ea6()78zvxzCZE0yNN6QB`PL8X+ ztmnB@u=T6^139L_wHp<4@+Ma?9>LlU7Xxo~@O{Zvs!&Z#h5pI&8hl9zOLTs12s|C| zxxT$046eW3zx-T?CT7-`hX-Ki=J0%Y|2EJ!k`=W?oW6_bBX$V2Ul7<-*~iYs(`&^; zhTSwojUI}5QhEqbcT0NLR{aws+s4HuN5yDSFMI`tLj|$MKMmHTy8gy>1%3H;Iqb*n zyA8LHp~=U0%tfc$`vsgPLkSV89IG=n!plIADKnno55Jp}gNI+ySnTsFd4$7AUdZd3 zWXrm(FflS%gsWg6m)A@jnXX!QF)YiTp#Wbq;O+hB-|w}lao^U^dCcO?>pJ)=Ne*Iw zk^E+RHhLA z0m?J9p7(tlY149ct7-|VfG?pbqc|^~l16%*Wd_G34h0jdXU(b?Hkxl?HIx$x2C`%N zkZBfNB#YbWBttarv3{yCgB?LlecCp5X|%^j#@N1*wMFK2I?P*I_v5sROz%NT zE`-ndC<#J8kR;bo0BWwIDK5pB9M?Br@PJzg#O+pJMEb<^@{n;9{#Hmp{sw8S#gX|h zuV@vZM7B2 zO!w2N?p-O0j%quWj~dw%2Gd3~+T2-e-9>C{QO{WD|wajvChEeFgr<~nhmzAKo+ zL{O$b%TtXc5pp4u`49y7DaJo!^WrsgZ=VrX8)>~@C!x=D`~-Z=PW0iyRWHp09r7qw zeAiNv+_T~7>X^$)<_L6jRhU*)O9SlyyaGbXSFbUc_zEnC)|CBf@UG;Qxd6%Br|9t-OuWYYLnySsrR0spcrT5!&0(3O8gQ;?xF+{|Y6s-E z@IO!L8a5fT@h#>OU>WE0_ENkmh?(GjE5{?*H;a$Sc<#IyScv$w6sUX~9|rtD|0rmF z5o$~AZi=sFb}Svc%5G}m2-}sg)gV5fE?V3?TeUJjzl`NvjFd{ZJCvT2eQQuiy##s+hB&F(V)m11yJBL2p? zJyN_3A`(P*%re!6VaVz`lL^6!J{_gvqPN<;j4=MUKx8qKP5fnv$(~9&C5H{MYgJv6 zTRC~~a<@FCY5ApJa^}=8f~yaqFjgwE2r3*=!v%ws#%Fh%V#Y)j^7R|~SqpF-zo7G$ z86WL=FU~=ljs%7`c2XrkJfeKpHRO0(^U8E<=7O(EPqKw|H+At}d*sP#6PDBC)|#Bj z{;b7`sf^Q5H6wE4Ec;WzkoOJ5McUsc6f!iS1HL{xpB=g$=3@ZQLj1hYqvp3RYvS#6&GcyHbVTIwLG{#8`;Au@xX-7t@rHFGc_XsF z!oz^@PzP~wEA`$#ux=C~QuuK{0VaVT!S+*=fru1LUzdbU$esbVJS~gCUB-@%6B0xw zhz{eL)J#bHcOC)MIyDwDKIt60{YOu+ei{7jZ#byvk&Cg|a9VLcFhe9P5{2fmCsA-L z2N!7|y8aTd?XzZDMC|-rg@mh26%=yA`rdBt5{CrXWgKf$Cr5yIuvpld&wXqv?TZK5 zr1#lAUCtgzy>tXMgBYQm9)28ISo(}Zao}Kay6Z6&$;TO;R1neUQB^68z{&2%S&}d` z_t=#~$1!a;$s!Z*X)xxvNYuH~kEmml8J z6ZI6pIh{VqU2BLd*T!5o-@BVwMOQhxs}W>KP{4{$jS5*9TAPQN@Z0DJ?7_DWVH@R* zJOXmu0oLh`-@R`4pPK`30Eg4z!?)g)hqqb4Y)&MgKljUb80_WTzm0B*T1x!q7?+<& z(ZcqnU@Hqs0Vdc(eg}ur$b3lS^#%5mE+dXts36W;&#$PxPuqMB1>N!`js~4yO(Cr&;!x5h1nR?vC3>`x?u);XF?VmEa=e zhmJfKhm|NfL(y`*b@W>$ie{JvBG@l(tu>zYUp&5F%1=p8hZz+e zH)9lL1w>A#ZHMh}E+RlK#-lBaLZONulWi{E^u_PrqXG>@ox8glXTC4bIT$y-w9h@> zU4ZIh)RzaukDOVkm4@t|o$SWABN`tXLDtQYQF^?EI0*~Sajf4VJ6@bskL2!MC@hn| zb(>0FpcJ%-isFS%oRJU2#h#r(ah0{cfEvKMZX$%e>;laponLhG;rL5fgYX;7quBYs z09#MbI4lr@%Vmy;fa8zpk@|3>pwQ z4h*$Z`v#Z1e&a2Y=PSHt81iF31>8hpbP9jnPIjlpo&q=|HXi|;-8gu|exmewoxk&5 z!`+uI#FDnhZD$X>i&9kxNuw5hFO1+;0dlEzIbtEbD7u!U5M-vgY}TDS)fXGu|73V_4IkN$iS*TF66&F5kSzO!X@x8)h4Ku4^ zpVBcSV~G#$oK17Ops@+7O!82XU2SmF@Ei$&(++~poeW8u05?Je!b|_}{cMj)`}diP z0HM&aBJkv-fPWodYXv(Ny^UAJf_NDVXb5o3;tRD6mcnb^O(gyTzhv%#rez(hT~=xM ztesepEXQ-`94=OmmkeR=3f478sqanTGYmEJ1O8aA+GOtwI_T*xAQ$bcH<$a}x4INH zSMybM9tHdrDb z?*e0tSem^cG65xj>V_E93E}p2eE@bEyA!@$O;6(iwS`l?0No8T$cR9j4d$=p*!gct zCX)Gm|4p;KLmrRk2Vsp_iLnY7N^PK~gN$2KD_?-}vVI&$A-8(W8tNkCg@#SahhAl- zS0!(Ts;J3j4tjpo*qp|_+IU}NApG{UI{-}k08vIH|J|>0AOvpWF8ZZe4p6J%L;XI3 zlX^I4{k@zAlMG{$e4| ze~h5C+TUW^hShrRx;bFI^t=H)Wannn6jLCb9Gs{;bf(sChf=v?A;4@eJ+i*O5!F)~ z0kg3PF*`V(i+byZOg8{iPFh!&A7aAo=IATJCHc<@D-eOe1NK~W?72@KZLhqw^Llr> z-8(2R7=utCOj-H2PQPb#X5V`BuRSv%cb@*DCqkOfiVXG98s@EoM%twX@Aby4S%ZZ@ z$_P~8hMDMj$|)m86Ja`1nBsA;aj|2)T49BviaNl^r`s1I9R|hxb&@tQfccs+BWjt0 zBW^W-5tkV?8~}HsK>Z6PHkOHXR2uh^9sQ6c^~cO0|^1Qww@(e#&zI6eapc}?}riiuF` zsrcQvHU38Ygi}s2;I9POoq7`F2afL#?V{;CROV1_`T}-;J}gA(QGX=4Z@BG`g%K^r zMVXw3?0*|`fW6bsrM9*k&NkjPnyj-Li>e%~ccO$Wa44dGw@-RK`an!ZQqbe}REQ$CkwcVVMs@p!i)`lx znhpXj%hFYZEmtJaVmJ-y88}0P%zWrC1lWH_>^ZdeTnv&Dr@InhKv?# z;ESeXwl1G~OmV*4>Vgfp2?7xR;T;&2xtohXm24Ii0+sQZ(e-C`=ctEyfPg>P2Zabx zV>{x2Ca}f8kX7h*`E6O*4%j%Ch*Wb#2j-L`DL@tqZu3T8C6#qQA3<>(f;qTCQiPv9 zLCDa-HCK7vvUou2S_ zHZce0d-6!7()PPh?M?ym>~8<}Iq3aCp_#Ax5xl&sk5s8`>o{=MjzZ&UjD=xJamB%) zwh;x@gB`2FnD}Cvc1SMI__MZ&Y+r^bP#~NTY6*Te4Ygu2bxljH-3dV8P^*eiW#{@H z-2j1IFGul1+n#mN+VZ)3LD-1_swc`cWagxu##=%S)|c?FCfv92j>J$ zJ=`fY4ut~vECm|CV9%(hZ=^87-XEdffw?%coEI;*3FfS+Rc_{xka$Yzsir~|ZxGG& z=Cp6&;m~Q$c%pd?>+L|_RYxX&F+^r3(xWBJ)@aNWsLP5@^{PxsJNvht8y*X3wQc2B z`T(Gl=XoUu~LXx zs>|86&JG)Sw%aJ!Dgo>)s26KOq^oBVAyJLuQ1?xnvu#)!^1V41>a4^Utyw{@jdI+9 zo;>f*EW7dV<;Z!!Z%vo8O&~w>2SYCd^Bj<2->rhIj3*z711UM}`mcEQ9Dh)X3OErD zS*RnM|9EKM%^x`Sfl(Zh$F-B^dPx|ai`56HnBXj#C*D;!3FIv|4C<|6rZfzi=g#*<~jLXuw&G`@2=eH)?t((3#jC}vxVE&9u9({>x^oj51O2vPDU=e zYEx~$z(985NgzL{fWw%H)6OVczywo|YfGZeH~Q;I@M!N=obP`pBAN$6S(OReh8FOffSn}-t!~#MT3tQ7 zo!`bT%}+!^n`-gALXYw}Lp2L~l$)g220oy#?S%}oszzE+Ab^Tzq`>jO9JGdORyl3YBhD zDxeX;AtD?-+5py5AV=d!8B=xlu+Z|MPX)<0I#*toxi%i9uZvU-tW(8X2f08GuNo{i zQgB|>?pq8k)If0R22pkM700CT^t^=S#gYVumiY^$x5;EqC*_vz(gSM|%~leR0HpDzSeG;n(xc-Ql0j4Fcx z7#BspdQ8%jLSBTmp<$9bhk(A{lUC=(@XB4s!aq8VXdEVzuDYQ?kaWl6(ewH-OC<7J_oms$_ZX$Vx+YuHn zE6SKkbyB_WVfSX4{NTL(b!NxNAeAAD70U1zY&qU1CSWLtI8GbNxijd?GWFqU>#K}R z5#@I&)mT0#!5NzXTjYg)gQ4<94EH}38OYw^04sl#BqEY{vkIx-Are+iDq<8(U-!C2 zTltjZiCBWhBI(2$kK9fmvIro}trXX;8m6w&CTA6>X^>G!=6fl<4(YVORP*zD^-g5e zrNoBDf~+Pk}c)^Ul*M~q^) znqp!J3K(sxN-Revs*1vGs~1_(vfWhW()xH=+)s1ZP=>eFLXBEwufznZ?1CPAoilts ztg$?$m)Y!{IuzJZViYCZjx3Ei@_h7Hos5J2znZ0qfHGgDG@uXv(#xa6Gv)zBFcHi8 zGCm&kAxp{hX10LjZjTK&hA-tw?c?lzpQ?hX3$LHR|6vNJDg(9mf5WZQ|Aw6%h3IIu z87Z*4i*ZWk%(rvcDMAdV<&ZKgh;l$Xb4WO36X&E3Yyw0b`B}nu3J(yD&?;G@1(Gn` z=_p^V&E6y!3~q-KqS(;tLN$no?ZbEMyO>_{$MDA`)pzx&y9zmJ!rwuSVZ;Y<(xpl# zTo*K9LNai7!}-WtgV+_yo2GkZBQ5+om!6i&!Ec)JJV?jL zpqfue+WO-WbYj%0`HMIX@u{t3er7DL|1za=v_^;c>2Yu=ew_a@qT}%uh|Q&?wnw$=?92@pnUdIz#qUJy1+-d~omoeru_6 zS&~nlSQ=CyfNnhY&wor*yx_R&?>kH?3)VE3F?{`yKDhrBdton@hnfag%8l{2w}_&M zV>v66hhR|OA@tW2E<>(fY0yzfki}*g)CrL%>64kTrRL2X+J07YwMm)NOjijKd*Gj3 z=I3Q?qO+PLsLa|YBVQiMQqQD)R>9Uxt%_@x|i(O=3hPl!HFKX!2kH(C7QGY&52IT+jE{^|Hb$#K8VfMHz zbFY?W2K@NG`qHZol9SwpE54C0j9LX_Wz2)-+DGX1fzAK3+j(&-0 zLgl)QkVbW(eM;;GUKY1(qNNoJaU#CXs%bMn@1YRGg#acFFY-yx&mcrC?oWnby5mSu zwk1PL?Ge<;Hxb&ZpTuOi%smFJHMwA+9*uE~OmnhsE_odi(W2aq3! z3qN;iM0R3shHA_wa{~3Lsw$dVON$up#p4-;x>Vh?G((g%oYg zO@0YYrZ3R58;hCRYmM!{B}iKM4|qfcOHRsknsxnoF$o$R;iI=`#PmC7 zJj?jMhGNrqmc5thA5DHfcC30jx27>Fg_}8L;e}Ld=0;WF2`wo)(tb=*g28@Ej-#~2 zsUVlof3B#P&}2=_a}Z$3*pLM&-9*4dpKeVvOc=~hhIIW(?D3QnVdF}_dU74-id29Y zqK~h_9GpO>_gorr<1(%3)6sQ7hNxZ(4$gh~jeWTMq8I|c6T3B!4jTEbD;`G@B1A+?u{r;`;G3VNei(dG=oeiwZZOD_H7zw?CtM$Q~a}jh+xSpg! z0b{Oe(KmyLFuPMQiRTe7WXF$@g4kDSO4Xe>Z3v&9{~g}QVvJMVR6lW^&1_utYdawR zbL8Zx3(I?x#a_J4URZMPiIq??$LM-SmuYnu8;w4j_^ieucS6cwNhFiQuxj)ymhGAR zoW#y$w!`dtcDHB0Nmbia1dDJ=&*&7YgyxyncX^DHKQj);`0g_X`L32Ri8GNzxRh(p zG3@1%JN5r@^-e*SbY0hW*|u$T*|ybX+jf_2qsz9d%eHOXwzIHW+I}nZq3GY&+$p9`>oVboZ>Xk0Az`F@ zir<_0#>&?GMY!vbF<|Rb{=&=e<0h-s%~F)ycqa~H3&u*^t8ZDK5qB zq#P>jtc)HZjD(cRk_lY}^Wb5VR(G%nQO8AeE{-@YjEznaPp^*ulJO)!GOJE6ee;(( zcJt!)aDLuJ3PV&5-Y=elRx;IPU=tuhTs^0QH_xUArxdUMf#K;xbW0|zQGk3TTtI9* zk&KC%C(`6}gmAXALHsX&n%~t|S>lL9lB}$V;~WZ)iQjf2y?s{^yKT0w?=q}^yd}W7 zkNYm+HDXM=r*ml8Qh@_Js(PpoKHv-6(O;5tK(p|UxKxmBnMhzyXAFnpXhS(+JWzvZ zq1-1O2r}xKnQ>{)QYte>xfHx+u-TP&B@f6e_KH%>H5){Nu`PWxUCNIxVpE{rKY#>q{y*zH`Yr3Y(ZI zp4NoZJmKBz^4vz;H5g`Tx>K21D|$AVDq9Cd{3@t`X3pTpP*Krvmg!Je1pIO(ZguRs zvSVozWzt{yi)#fq4vLU;Lwm^3cb9>$bTDWM*Rv7d_~7TDDDP3e3)v#pXGaLSe3dXY zOa3CVoTfq$U00`YzWS86*a#i?j`1$i8YHlirxF`<2^SLk2)bQmkJq&$hQXF;4o+Nq zqOuwm2X+NFPdAe5h!_3;-MPhtLeZ@vXuVdvbhV8!^Z*@*zh{C6btoK@T9fa{Tkf?6iuZ5xz=Y8pYsHB)wW>^{E(Z_jaG%m1SgU(h&NATRREo%tf=cja zj;ea?uT|1Sr39&43Z5QG%js}0AsmdhohgMWif2(jvt9?;Z%tG;)cy)#SV8yrmN4nK7#b%qL zH^d^|n7|dZifvInVecBJOq894KV6rP=E%v#qr>-E?Fe-jAM9L3<$ekui;PRGyT*k7 z1M-d_$0pAwy5A;J-(v)1g^H52vWIq_of1{5X4ty>(RDTU6Pxv2cobQbfCBZnfVd3q z84yta#=|S9hE7=Kj234taB>@tD3is}9MMK*r&ofLd%)&fShAuqKqpd8R!r!Y-3NwsSZ=N6Xn zz)eCnJLV>94;G_pUPuOKUO7S>0ZKO(a;TAbSLH2Uxc_F*BzfH=ly>YOzXN*=gEy^- zHE;2W0Mum_09tFqhzPj=b2be#u10yiBFs5?QoSo(7BnN6vv!WwXus!?i;!tpQ@jqz zRJ87h2?@NUD*KOUOOw{sKzTFoxjP>x3<9ux&B+?L!@sLUiw6cDzO$QK$-@l=f+@Q& zx>S|XG1~>ChXzRwfnSohxOD)-Stf2Rn75$CZQLg&`w70BXxWw(q8u~u$wv>>lh0pn zR$(b2KrYfxN)jQ6+1_`*W-&FZPO)@4wzkBJw;#Is1LU{DsiLMg(?uAQ#!H6NOFdW^ z-3D?MveE@bpg$!4IRlE-H5S4~kUuGDNo{#5*aqf8_X$Y`|0B~Xsi;ClkbCb|^W^Us zPSNJRI{R_P@Zjx_GN2wHbeVAqiacOvXO(BxJ8*EIpPn}@4DoWjB5*dAg1$i+x&A3X zD9Wyje{WE+YjPv{GSku~MyJV3+~cT(1!Ub7SH5w!y0ije%{ZDc5B6b?L?8_wHVh#VB!yNuLrsiynXJh6rYlu~c_PO=VFgB3oUf&%_i(r+1r{R#G!~;VPtUt|@ zRxP|1yk)B`bVT4^n85h2x(W7#zHm-^y(AF)cu|O zjLrZA)8)SisQ%!yShr5kea(?X^dQ?=@(UXOQW}NhQUevV-xHumj8c8qYRRy2pwSoXL z0gjgOA7{7;mLh`mRCcJ>(&*})%KK}5B9Z9jfd%=b#Aq@~WipesYh z4?0c*haB&L!2Ttz1BX0a+NBc`2pO>U=z))KuD(8oEa`jpdnv-$C{ONLzvUuG$1{hT zue9Z$5&ZV|5kz#yql+^|(vFlPHO`#WLH?7y*(>j|2kcgnT9$=@^)!)fg z`8}NJW}8X<&%_DKD*5o?2XO4a$RQK0ro1~^5w;u@WyL0{hCYJs>{TBSvqmI$DjA+Q zlLJ!%#)8E5Cc7Kmn~HF6iILT2yZbkD6{Wn>9gO6H7NqEqz~R**^BYD-gcstNiEuKY?%>#N18ivgLr$e*x)!S zF%yxMbtuhCIo5oKyEt;;yk$_h|0(1DRO5f@kNdMHx~nl;f!c#isi!D`#%aud`uRUa ziv4d*_CMu}{mlLX9yu)gc?ZPte=2@LwJCuCH>czXQbQyu;U$`aTWWlE@<9?#N2)PG zgH(>V%!HUAM(S22ylEA^njmsW9Cno!HX0PMrKD&iun9zPh2#OG#OoC9f^d{zd*%xE zU{M>RFTopEVQFD$Vc{p@Ju1X^PcrUA>a}Tne}QD_QNP2}DPcH6*VZUuqRGUcA{Qx! zq^Xw|cVxT(pCCWS?<8Y+bjQD*S;`akNkvq@pGO!&EO5UqqE zL(+77jq@U&#{(`xN%%Vibhi8EP|HXZB4Y9uAh_;a?KJ|TN&o8#xy@ZL{x9jglO^9_ z8PS`wiDkZ!8c9*(i54Okzof4vJq{U}Uwl7>W8{IDdkT=*m+=I@x% zAEB;3RST1=kTguo|5imHzA{u!r^q_QP(ooj*U5$1d)7O z5??F@$;IRhw}giTk?CF%SCl~XHKFs~un&uDjYP{5EfE0$6p<52ik<|K9_N2bCdEe* zH9}5plU@uyq5+o>hLKg2LxM;rEX5~AppllSB}$-GmH1x#)C-cbNOBKUn1VGz;d9~O z(hwDbTOPLG5JFtepy{6&BAn^A91*d8AYTUS7p>xV%&)A%uenkocIwOcnzciYeLFPPBQ$hbI`tVgNvaw)@syb z>1C4MRM+DrU5{4Iwmm+Kv@OXj3W_4doncv8=AxHlhVRxOV0Kvrtm$B77i9)s&(uk) zjWyMPCdatNU}s<}nj(HKO*EYp?{DiB`6e5cWMAm;%xAvvhAFoIxi4jrlP`P6Rz5ib z^!YS4JINXuDWR8T2aZVVH8Ie|2DkdE%B z1{<^$xuW4ub_G)9i){=|huQ|$Xh9po^g`_wpW8U#)#i_twL-%Ci`X(RvN9XYC{8)e zNDS>x=OMDTsbyRht=RNVtL}5vxyNoWoYq>iZI3x_eD!MU#A-u`R4bra7siy9{hIIP z66LmPwOK}}+33J+wSjz4O${f39H9m{!Yqs~G8|DlP{z&1hQn14$ZRHYKLuX0s7O3z zlt~#SY_XZ}DJTzkPQmks8vvUS#~;xoeRTQ=V(UNjIMjfWYa3(pmE)RFZQRlHrKXG# z|E)7rT-AMpBi4t#rwo$ms>+Zg-MZR%0K# zo%anUoB9uVjeamR3WPP(Jzm_Izs5uv$C^t@{_tUzcZ=B|GJA1~O@Xv*u0G6@XdB5Qdtv}&cnRBa%dPhf)KOA)|L`Mhc_a)&o#8R+^ z;D{*eV7P5m+Vx1roc$eK1oXDoofDz)%mc3r1_~WiWSUATscY+V%JWscw$^4{09qa) zo35){CRg~76xOjf6NaellkrUdQ3}rw;DXx}MX%;?|8ZJO7LvHyE%GWjZ5E#%zfM{r zOlxpm%rh-6?P?@6K*OzEdALPz5<<3&`Nc(W((R!QS^M&@*ItpH$WJj-wJrxQ;J!Kw zDR%mrSi~2)pb&PdUoC+_NNrMj?$FRX0>L|%JmJw>K1%}rNb_H;dqqY8EUspY;eyB# z>g(S*GIw)YgLynxy$)Yd`N=mBoOMd`CM_mRRA(%8Ly-Ky#h!a2y&q=;wJ%Vu2Dm61 z^EC~5g`n;r$-(E}0hJ_gDV1@Z5*j8;Z;>2lO_si5$B+l1fZwz<;7^c*Mt;-R4jTl* zaxT-tAns&OaW@udvlh|pi;f~~@R*K{B^Vp@2P?GoQRvUm2L0MJjK9Bz-rOO>@|u8N zXNokCUqXlHET76qAb;y zJyqBdOVl+aDmgnnc2NvR%3y0|b$;nHR<0zjt||1{7ZM7UrQP!m?XDXAll_wH`c;JS zNkK1(d7GLK?#N28jO=Pa?V}3r+fY-;_c}4>N(H^WvGwHC9>c0*0scCL6GQTvtKg*s z>f5kg@O8-`VXstMXaUrt$CJ+$2d~&<#3ouuQ2^GBaWJ{IOcqO+fE*M4!MP~uzwBpG zzPq9`A+y^u#t>Y8!hnAdlTGg}=#u`0u?J9mLXDz%txs)NNVr1AcY{OLcquD@eU0TF zdSdvf%zPl^vmuOFrDKvzPHlc&HPT`_^_S7YK{_CaIrY_Cl}UNF4?_tJBu53##hefXC=$+s!4SmsE;~_U(MksuZ#8q zbGuPA>ByyEy!`WbGY287RIVV4E6e<>O_00li~Y>;oO7naDa~b<*EVr~(J2SLujlo0 zr7ow*Y~ZZdW1Xzma+kLfq=){*GU<8vh!;NHK85_=W$vL-%8e!LfsQX%BCL9YVn`1E zL{pU@QLL{P-D5d(!)&fepZ30rqfky4A=6`bC6f1I%6P%>d84St@rvnURBu5@X`aF` z2KJlVY1sv$hfD6iCG(OC@J1DUdIJr`FbbdM%N@*Uk@>nYJYgB=1tWMKbSHA{CYcdy#H*pKC%mPH%2f zeLhL3R&$^%dzFx2NbM?>fuSaHL}1#SydA;TO1H<+dY&cYHy&o&`{^b(QXtr#Gv0zl zR-m0QvT1mC4D?9F7VoY0#D~Z2LaL@%P~w9_)vl;=zsUfet|jBNb3wI>C8l##)Xz@f zx#EepnfDFEuDWyjNGU(Yt1l_;5ltA3G+&g>6=Q41TQ(r^=GsNa^JF_5;MMY35Md|L zJ}2IP7?3^uc992vO`Vf_jgjyHaC&plYC4L~3E5kVWP$_f9oXl+`VJS%5;Bg%|Cu*v z1XgaC2jom0Z@GXaEm(hTyUsje;%~~aOmHF)O9l5XaFX>?z{_IK^7YzVYts4G`tdUm zJDP81tdj~AG9gECG0-D?2a83ko1BkToy*5e$`ChQnt6Ey9E=0|33UT_a6v4Nn)F?q zmJkhM2+Ib&Wlb=ER3!2T-XR`%aL-d%owCw@Cf`C%Cq2361k1gD4J^trtQ1fQHu9)v z%7m>k`0pGo((m4B%5Qu@L^@}o8>BzzqrKul%M{4xZj4Juby130yr6~% z3cCy?%9ShSgo!7rf5ZWdvv&xu{;}QI1}^;cSJ$h3(La6s;b!rBR?1u7!aw}DW)1>y z>#?DmkwSV%DU>EAhB8c$V>)Y8h z1qV}zXXD7SJWuDZv=2SqdDx6{Ae519VZq7BBICpw?msjF*r$ClGCc+0U90e7Dl_Ed zA=*hrk5U5V>Q0%h27*JK1WAK~sAH&#Ci6I~xHYJd@becjv5%iK?S1=r3+7%k?Po(` z;b9XP;G`}IN+^s`qZCE$uC(T%7NFj&*o2bz(~@wD5_Z} zY*MHP|LvzW;Nl35TEJ`{3sO#K0u^zyD~*srkg`;93@rR}`=~5-`9C`iU;xE`Bs4;kXpHT)OiF7TA{klMD^LQm(Re2aw-& zL`{qnMret+D0bxnT$>dO@<_Pf^4^s^KvKPz)h=jF9ig)F(m=(;^oEe&!GpoLJ1XxA z{(Z6GT-0!k5+b#bVF9{W2G&} zTe*d2cS?!PgcKB1)zH-pQE{Z1Wgq{okr$-M2#bIR4RfyD#8}~IW@aJDY4EW&U%luQ z6TWQ}Kk1mL3cSV%N;$z$CQtYTE8e|6ZM7zB(B2psQ)M4+ZqUR9wGeSoMlFRMjUvVr+THs#9|x-mtp4buS+v9Y~bD&kU6ys-{GsS ze;!RTt)$l63@FT+XcB$w2W`Gtr6|SA*Ur(6s3(Iesyo(ZsEmX~>M^pOc=Hy6uZx|e zG0}=gS$0-qva8jmEl$EEo^l{SB=D<4XEE*M>*mz(=6$a3I@X!u{~5<37*OT2f^2z4 z^qbk7aeL!IS!y>jLn}0C6`F)Ms0jSh;Of3*vQLDeQ`<*4IMwc%(Z!$Vm~+;7Ng@^o zp;H>-3*fR9FiYN_=UFgM7HF25ohVlFOShm73xgl%-O2QAQ|C!lRmKzGv1$)lacGa@ zlU&F^0Q6i1RQ}J~dI&uBbBHgQ5f6`&F z4Q)U^i3*^^Q2Y(_*Ia2RpL&9CAJj*{GAPUn#4zZT{iwt~Wuk^@mQ`-T1oN0M0DVFv z1{01?nRJ9O+cjI8BC0wPjj4-n(w`nvoM7A~n4AvLg?YZHEOchvUou`&vDLWUW>c?p z>%!q%n2%Nm)k<+bF8iM6VIF!K(neC^PLcBCFC~S#_PKyxu)2douRzzGK<#AUN*qO2 zo>Rv2PZQX)>nE+40;xSWO7Ym@1kZS3m~lx@9u60hdf@vGQ*uDsTfHv1qeX(v1THYz zrI|DtYRVOY;cql;)IX383<2RHWV!57%jeMiTfTbgLFn- zx6q@XUN35GJsG0Q07);~!B_TVj@@y)$<$p+9Iy-b6SJ@e@>crN*}0`;uC(-$GjqN2 zn(o4+IP)40*{o;ieZmL24cIE5ldPNF^z4D;{#RK^n=2L=0`{%aAIu=Kk#uG%OVVGS zn;8`VH`MD*2$#IdtoYS^->gbMbMjY!wg^VRSaqepAigat-hy^ZMzyjM=XrhAp_WX+ z1>Kzf$d9fzN&O4Q=A%tK+{Y_jxEg?x-%4fg6f!1WxOhwTCf?Z%hJAK)^X#4sN@9y_+4nt?j~3<7zs!4%%Lc- zi+kYxtoIbn|i*HeA=4epv39f%LXFTqV+{lK$?Q$Hz?TDAXn5 z%3{tQ$jAoloX{@HJcKfYvP~Ai)(vrHrD~ZUVsAk+;z1^E$UCqa=jWO4xG$f~&aa!o zpj(U?Fz+DRfo`?q%-AIb%Q&hN^wv1HmmI!Yhz%-r(V4%GJ%YOdu$*6KHW1ml507x(OJp1=LhYF!9|6W-yhck-CK<%klAOyW-DZ7vH!~u z8Q2I&tK4Z~ozFP<6)WMaKfe=_Ouf_;qXHB4^_(V$rfFZ;015Gjru*M-<2lw8Po)(( zuf$0c{LR1qcE+mTdq$&mXm;j!wPi`s_KJ7>WzP=J5!0F?-;warFiRV6tDxKI$s zlK!g-*#7jKKC9`%)WS}l6oOaMNy9Au;R zXUdb;%A)-dR-3eC*jl`^7VGD0aZ78tmD1gT+|3R8!u`v=&R^eiRi!+r1>GTqiu_E! zRrXHFP|%&4fR26zuaZ3@QjAm@8ipOb*t2<=>N%$Z_ORxG{GWJL^%}+U75T7MHvDWx z@nt^YS~W_*&lxSW+4!w_dFZy!~ zYmFhGMMXc>XdV3)UZ*y@I&pt;0;7CG*iiU`tr)BBL6l(uh(hwZqW4EXJa@itvFz5kxI5B?ukyR2s7>_PG>R4fbm?*35fV8;bsdq%+nhBdu*`i z0S8LsZ(+CJ`&bYm;>yBQfCMB@>JTm!6G|#8qOsO6%CYi9g|)82KtvKs{FK4 zbbW{F1|#&RDQRSMef{PgYG6r*PQ76kvRh5fAbe9-4Gk%s7F~X~s)T6`LR{^}!vu26t{ zaH~U;{f5X1Cm`s?+HpT$^URWpU+K=8&GYxSh?W4!JT6K^*Qe-7>FrW(&$HZohW^LL zIbvVq##HUsm;MKWbkDPZ&$%_kXB2n%y|Ur4JFRN9wi+Db<75A~u3V}7-2LZTPP$*~ z>tNQa%Bsg|1qqQ3f$i^fbuDY#*W_j^K?+J$DFr(Py-Via5^!>R0__#PBIQu>i{Dg`F!VsdxVo`@mh1N8nxnEx_W_WjUFkMBT z;8d+55Y`JVda*$}64%F6(R% zle&nJ(jZ=Gx*p|&{wso$5*1fD7gs^MTv6eS6{Gt%Ph5YSN35isZLA+?jE<)wZ0qcL z2UBH~b`*F5p&}_C7Lno$)D3+sv|K*(UqAUg3;K*r$le%5SN2r0B3*5g?8^}Lm)!Zh zIMv_>o0dM2BhIN@02_*c;CY4$Fy3@;gxr1lunw)0S!7^$Tj-Vgs=R16#ra}HSE29b%JuPq&eLm8YFgmshC9@e0iOL4x{Fpy)AY} z`UAk%4&Z9hu zP#QQW`KhfyT_L;!8k_^!S?_oK*^?(E$R*rbF_nF6Gj??HEoBr+8+UHsAH(;JdA~Lh z3t+I{fh8K|EyxX~+vd#sE?R{lbeyQT$SA@2-qukJs-*#U4_%Y2h{q|AXwjMmI~XF1 zN*+yreZtA;eN1%x)L+r~xiOV|Hg%m+s4%z;WvhGiYAtoKQfvHo6>nT(U`euAYX0bl z$IKd}ohSn%yi#@16u$i9G4)kpmA4SY>FjA_MbhFhXn7Nao_YVpKikZ8wI8xQWE>0H zYbi9-j5iPMV(uhY(v3MRmNypF_V*;?;&Z0JmL=^@O{BJ5fnBzzfOPPuK=g`_%kEzxCuQ4_-Cjp8tshPzX8Ck`qvtf5W1( zF=so@e@m7#OdL|0R{qbd{kFGB#vwkifL9QMi;&W%V-il=cb?vl};aeP@8YTzUDp=1XjG{^5AK1jklKCD*!!7dxI-AENkiD&pAT z2o(0=^KY#57sMLXHb|0oLq~F#&K|xLzomWd!Ej;z--ge(jlKEFS`;S3^LKN@httd3L{ENpu>of(nXu7!OSV^>s_1n98fD&y zFCsCa46~VcbDX@>hyvosViv^5sab8<0q2+V%*I{LQy?AT5I?tI?OD7r{{m$@yB1Y9 zI2T!yE@*H-d`x++UiOq!cohg{{={aIpzERqK83^m9-I=jB2Ibvy=zLz8GwQdr2E8q1C1Vr5rdq5HkbsLvRs-!N_)f1Fe znq)Tq83JP^r#%XXyuhl)hwPF#MzMbYN7BPS%hKVMs<| zS0-kXFkD`5J1B30}g;O+ju;Nnm50ml1w47F%SwEg~JZ|r$5 z!NaV|u7}B-A2|?8VF|FapE1150_g<)l*4=0=BK?~bfXtHc@Rb2^s$qpW%MCZ;&W@# z3B-}s0MPIDR$2vkb$HDX9Q8CM3jj91A+~1E_{$O&pLDa|YfG%OKB3nnc5M9K7ca`K zx|~7Snc-SY4r!vZ%5b{`0HUlv)5D3%YF83Z=!h5>Ju8Cv*P+T7lmHo%?`43mjTWE9 zl~Q>^+h7&RMZooLXYKb3;F*JCZg-)SK=9!t7qs#+ntJT2I9>8O-HOOK>cu6XDhKWtdQU zY@SySBEBkQWpN>a5L?}dk{5FY!7o{`e=_~0<)rtZ1*V`+*FvqyW>yU^O8Pe`e-#x` z6%Irt!aoCe{~+59v!)HKxakZybCcy0z3Dx9p3PVO5DJzi-3K;7AzfUqHo%`ey*vl$ zsBT4a<%}^BBug6oA64uZ3zqW7-bX()qfUkxD%i08zMobuyEqB{v+(;167Z~V`VHZ8 zXi7NWPEM3X;lDsZ1KQ4MJ#D6IYt?brn_=(n)r?!Z7XKl*8AC$vGD&Nnk*UWLm3fLF zrs8#Xb$!@Ut~raGWDz85%;ijB+n|9ylqK#I{QeVuo5ry$^m%ML?O@Tznclk*<9}FU zOSjFhHCU;5V?Zs2np4l{18!isqFGb2++9Q@AK{=?<5HR2FEL%vB9N?43$fw-kaFDl z{FF@_-HvJ$SWao-at_-(S<70ZZtb30`|8A3vF|^!?elA;ZFu_b09;qDdcj_IE`QW8 znt04?*^e}>*~9bLSY}%D1%?w?LOX>!|Nf-_=jiszOKtM@(!>7ZM>t~XUn<55H1z`5 z+UmlbiFyHG&g2OEWK@+fS^+#vrn)m)sM}?BJjWOb`<%nR$@tbT$vIia9)TTxk%U|P zo00HM5b|uR_0v1gl8*?woPOh4Ud@<1g0?f)-E4()=D}+2sHn=34Qa|y6`45KRrbn) z;0nEp9I}B-33@ykL&H)WR}2zd|Gy-<8zj%yy{3K-Lg!SY2xqO5K4P0s0}mO>&GW;8 zmU>H1V;l4K7{r}hgUYRi9gpVDwpUHPB=yxX?Zd-M4FDJtz+5_gLie5xuPvWZ-8J3B zrUIhXQC_c_%E7lLl9j@8$ZEkS)iJZuUFLunRV<$zuaT&P61i+MZd*59&Rq60sDwF= zM@v4wT9<|E`Ic!3ho6hDs7XtuuK)f-^WPFE;G+w&#;8DTD&c`sGP|!_8yiwNPuF?#F`mOAs=`q<@5XkKWuBb1C$fD@of*k)zrfw}moHFp+XFlqt;pbobLT2u(R4 z$7AOE`Uzo{KIaS$VX&vB+$XB3gEEFJSPPQFTWX-OpXDaKrBEOJ(0;K3mt{hm0_6`* z7bBr>72u>)!6*1PrTPqi-fsh?y;yi5AujBsxV+U6^*k`h@EAdOo{BJFpZDOg(t`lVEd5y0=OyN z>3(}WtK?rFl|yV7Nz@e#RyARLsvy+hm#e&Tz8L?GEROkB?^)HFe7UfH`0B~I;%9gT z++6YQ_&k>ZbR{fH0pRR@mWj2!PP5Szbu-74BEN0JWCnmvNFGFrz=wK6MOPj?yWBzI z#=6;6ws+$ph~V%lf!*9@zbg~h$STRA&0`>u9m64YOODB2pHVdujOZwHOe_U6va|Wm zGh2(F2}}P-zn2LVkiq3e)Nrq^otd9FL-%i~3bk$k_iv%~qfnXcWV{4ez7)VkM5$R> zRpv>0z_34v+mfSZY4_~0&LMS@vdxi473KpoOY{M)r4V>l0~wH(Hbalm%Nju=Fps2g zd&{zlYj~=xHwvOo+g%Zt4>yI*0&~j({>HeQ1%{+!t~HhJcT!JHx)1%#d;PeH7B?tk zmbk-|C24tGD!F1Pl3g)v}tZU?|T`Ni1W2E)2|`+h&`P~HW6S^S1s z8`;A%Bi`r!%@5+Om|4MpW(iJwL}g7DASPuBuM zCJw-uJPe+^tX(t7~EMN$#{X4tp;jW~|jR_FhL<*O&lsAxQZ<<~O5%-AOh66R5xB z8~3}Q!ao#{xF}G@NJHWn)+{6QO)~`roE5?s6~n(iWHF_`jcL9~$cNX&ysvxOi$%6C za0&?1l&--E#V;BF(C_D&_&&y}ZA7|M)f7-ki{ZhP_M=Vk5LSH5b);UC#ou{HUr6s( zyB^zda;?-M54!Ta{xNF5{9{h6wbELAC+7sH4VcD5xX1>(^f@B=hP(qh9NJqsdn!)L zK&;&zF4A6_R=>5%02i2ywDThY6dcbwV)>f&6mUz>bPX;!F211IA(*ycWXE8MvsWS} zQJ+=^WH3359}WdbTwao3AragzfgSHPg~^Wj$r zm(I*kPnEJ#zCeoF0u0eUNbqu^&~`@y>N=kk7MD~?o0wkQ$xXB!^9&PG-G=8=J@+cO z%ste5S^N?*YoFW8UR%H1V`rPiyCyP-Els<~ZQ>KFg@*H$I4uSrDnj}1H{TkT!=@Na zGpq5l87vxn#oucGe%fboVRQjaCIND9uF;PGm<$9@J=WB^pMHLfhH7(2A1hW@iIQQ8 zgLwfDYplaRBZW$_Z}A}af*Me*eNbx7Tf8&Uj?BcRUb>`OtyuGqE8ix(d5m?;b|&@3 zz7Eq1V_e>4(G&FK*jcl$mmaU0)eefPTNFsnh+n0cKpXp7p<#N`L#a5LJzYo^ZW|I0 zB#V&m>KCixQ?$bp!&s-)wk(y=NV3sG#1o^Xq?SC2D5jU3^)eV&&KuZ-*Ryj7KItmd z{Zqn|wtev~KE5ltQf_Go8>NFd4=jQ{6D~T(wJjTTDz}>?5qA~!SZv&>O?F(hNKSYZ zn=SY`c6R3+b;G!^=exb8l(nx!^SUWadsst#-jtyQr<1m1|6aw5Gw*DeJ=>x&)9Ldw z__hr6{ia9!Q<|bNl)ik4?NFi%L#7VddFa5p&}1l9a69DHCrxa$Ts)1b(=>6 z=T7cW*> z1r8~gggWWIM4=iwfm$d-soQj`HZ-;m)Dm>b(8%Dv?eNa%{{8lIZ=nMScs=hced|k{ z>qqN)%)MBe^JOtm6-DnOLd(7F*=YoTk6=WZ^Y%M@`B8CtZbz9nZxrm~=M%ssksWZE|E}jX|;*X@~h~vy%5cji1*&*?LKqY}| zo_xmnx>IuUIJ&S{XS`sO0l%BI5xUjt8=}I$TU13ig(C4UQ5OMTgiivGm=Z9hs2tM$ z4x!(Y4w4coy0ZIN@lT#TNLxIMsa9~{ZIZgP;F-tu?xro`KDLfdTtb2X_{{E;N8u%K zIStuQxmtJT`fh{vq{XrAbgvBRR)g)n7(HP7Jlh;+)jF4i#*0B;*_H9UTd+En{H4wg z_0d|A1LRrHE^ddCg?z6u!ffiQHhmsY4V{p-?Z;MK4DAPak82Xy2DBN1L#?VF>5HYb z{1ZA^Ty$x8W0g5gzJt_K>vL{_OapeeCp6j?c1QN!Lpu!f*--oi4QuEPitL}f3}nPUp=ZmZk{`DWV9jKg-i1wYq>Zq7p@q`k_=`qmLz4KV zehm0H&A+-Qce*~!R8r8`Q-s8;+P`s?dt8skmJ?B&n6`lnM^luDiM(S81Dxi^y|pa# z!EOeMQfYPI$o-Z%Yw`nK(Vh&N1X2+BL752Ny5q#GexVfd*1cXN7^=yDIqKh;u#`VQ z0e#2QB*)Iu&#h&Hw-Muo4RN7IHgwE6s@cv=*UlwEvE*KzR4t!jYcUD6)##(oV3M9E zZ@6~SBTOcp?zhiOyWe`yXy&kNWY`h5F{gyARr0q^^y}NIV$Rw?(7i7e2qxV8piXI< zL50X}`dnR*#;rkON4_MM>j{>B8cs_JAPV@|Nfjns5UklfeE}I~G^+TQJ@Z1_Kj%%O zokNkS6gT;9v2EbG%|e_z_*ml$q?=bs8Vx;S9PmS9<;vRMc^6xFCw3egL!VnI{QD+& zjwD><9AL~h^GX@DJCKHa7EQDblu7Fq`>pOr1fA>F&c2uh-5zyVpIL~o+TJ1^+IKZ> zwLKB<#1X?z^Aa6Af+8grP`+Sq+TPbYF$gAR52@W517831xhOa8fKj7Ny!h^Usv`n&}$R#YB zFS87+a7waY)~p3OqjX_ajxekrEVJ2`ifnSTK;F^JzU2nX`fw$hIqtEA{&EWu3tJXW z1;FpIb@97YJ4+0xAhqn|%IXqiW(&j%&utjG<~Y$XLZyO;)uX`6a5v`QB|<3!@~|9g zfS)-XbGb8Kh0zej661WMebbCrm{T9;X#kw8?-t*&i~Bfa`J^qSE{g- z#Uvs3qswT-3?+`r{d}Qqx?XN>xiAaN+VE=Ssr?nUuo`M`NkjGlLpddhOU8!8^I^TG zXKd+g2&A_DXkGQT_YeJ2S+-J@EQ`ugfl~y+UIg4SJI&fE_Ef*@5^e6$1}2*;{|RoK zjomDXzxKVLvRky9)=hxu%n8Yzfn`EKAKuUG$xRZ-Q7)-eiN2?YO&eMVvzWJ_l}s3T z`;$0XyZ`nOhku)F=J2o)N}OBB7vP<`Lx5Lg|JP3sYJYvF&+j%LbXSR1|D|5GBXK4o z(7*vJU|yAn*l%WUkDO87?B0Pe z?N7uE_R>)!ZW+mhzKP4X6l*tiRbKc{XfND6j%{X)E|bsE&Bdg6eAsPZWQ}(M=iG@Z zG>WdZ>qw}OfDH3b8BD7nOxHhkkhw*}Ov)h!+luLE!DRX9{(f))YQ|X-H3D8S6HC)< zf-h4X8uO>agBWuR8avv`0lac0!ODbJb_FqHu@g<#vUqY*= zba2lR`)}F)=4GD)-Y*!Yb$TC8c*q-}$L6A%v&}geTD{WKN39Oov(m^4l_Y6e^w<`t ziEAj%S<_Q`txxOM(*@j3qqo4dZ*qLC2W_H_|b; zT4zwz=$eB*nLK((>%F=8L$|%?sxSQ#9eF7#JppYUAN6Sf(~}|NZ@^RX&nK~I0fOmi zO7!PJd8}t@{!TUIa!(2;2R3>iz5P$A@P+|nNPhiA_8Smm;QY$j=7bMk@i*)cvC&!z!vxW+(GS6Q^rmdOuZ&;MGcmD zDSpZ5;ZK^kM=?BLhJ=aE4Pu4$*^`~#|$nt{APl;&S3YNT5)M;mjr)9p_>1Rm=l`0 zRNa#YMP&Qjv;0|o{WUTzPyPL{-7xY(Xibg(+~Yf`K#I>msJAU0I(*J=Z@)5JqCNxs z_?y{moGHOn8Dk>|i?<*TgucgLxCD zC4BGq$MedV3lm9i?EXWIp`e52kCWUbgyDDVl58d=tVvybc&vBbf09fi>R$pvM_1)I z?{k1sh1~a31o%24hTKBn;6hp&%WfG9EFzSxJlx5qH`$IgYDr zyJ@q;7MQ0fe7mOYRg?3nhL1BpcDSSRf`zCdY(R%XI0**4>=nCA&9E+t1W?0wR^BLJP*FGK51^;nG_#e*rRT;1}|`eZs?_K~6k z`onm0gE)Nmn#<`#JTKuys^a=6pe0R$6^FqaJgpM2MSbSiv*k4j=t`Lv`UZ$GfCh)r zB~a|anj1pZ{=03Jx>Qh)FZYWWf#2(y!A_Ff?5^ifH;*g?vMtJp=yv74CZ)`KDT(;j zjGpo-we8zkpc4E720X3o-so@rpWnWx7BuMlr_tc)^gh7PJ@ZcjIAQQ-))B5WnL9|B z-+N=NuaYaj&-$jY_+j|`CMI`YE_-?y%V30XlIXAx!VV)&viZg#L=>?QHfLzUX{Zy% znK|limTqo9|0MigKSe$eB!Bn|(JZh=I)@gB{!^udE?`w=}FyqpfQh<~mM{ z`^x5eTrdCmhAYB@8UJ~KqO8#2V=}sKaGHg+gLna&E1X>+FxV?tIntzOrkZo6cb=9L zV?sD(n9yXZBUc#~`&ezSf1vFp-khy-f}r*1{kLP`m?xudN{;H$JIgQsYVLVgSU#`; z_rO~gdGSZ%O1qk|$%Pmgz8~1qN-ARquIUXXjPdc-x?q)o4lIH``p%c&PXHa4`Cpyg zdYqZCi{kjFOn#zyE)`8}`ya8C*=pB_Dvi!B4}Vk7fA=j`fZ<6XmRv}|=%ChQhM8yW zJ>j!=GPQOxc2NUK{`q(#erEzGi)?mL)4YR-MjDP`ScY$$^o`AGBhoO|f0Z-6?Ef#^ z9V6oAf}K;ac^Qb#iYdARXMO6uReWP-_1y(egr+WAceE_Ro1L4X(v9|(yHyjtJuz%Q zEvVqC3hOCi5o?(HoX$~kz8Y8WDvkGj=iPe5YkGH@bN48)5=1I1n6SWK{O)s+m_zg8 zE~_GE{>!7A=VR%7|C?e?aWL$p3Y>HQ`}XBtG5+JToxR8V-&)Ed_rEu44IF*9^xL0Z zTVKrG&mvlT^MlvV_q+AkF;;WutC-SGH$L0mbcYi;S@_ad=&Sn5hq*tYlK3*=l}5E9 zKu+~yPl=q=UmXkmsDoBDsJS+tGbU@Uj@n~Bp$Vt$_6e*X2fx&1kb zL+Zm4sY9n+qulEkdL=GWsrFi&t5|q|MorjMuHM4in8P{?}k65E(HREnE^2K!C+8Z)5%nh z-{!jF)syK(1q`KMzpYlYCU}WYMU5}I1N6&a5IzZy5*D*l-M;}WWZu3g zlx8h-d4ZPQV{!{C+M~kc1eR++a{07W2gccwYbd=b-w{}LvXs(WMBpqTU$M7!jg9SL zZ`$}8Y{hL{gYHc*0bA|U#@=iv8pwT9?5(1fyJBy)+DDGPt&PxBSU1~AP|A<_k3TMK_Z&6{{w zy3(hOG3hR>E$vP5rP4a?iZ1C&A33(PHi%Jey6qCe*v;^|Gjd_Z)f12BDmSB_oHW;m z2(#JnamR6O`ZUFV^78A0KsE7Sy_ZY)&+*Hz=l|~K*#!T&Fgmac5Xe)nM}q|AG*!bv zd6~OmLS9?D0fx#M+z1`=s<>ksn39@GA)?H?%*y-jSADH&ws&tu4s_JC;rU7{qKnE~ zD+N}<;$riFXv%W2QqESp`OC$t{o0bTv85C<%TyHM70V${kd3s^mtroxB92hf#G*V_ zFuN(Buu?hKlE7}^h1ETKOhChC=5vfA665TSJFEy(E26zD$kMrL&0AKsslcJT;i!<4 z`v%WDY}j$XtyK+u$=>;dI;!dT~QeHcr zdKyj9H{{oTWm9zfU_(*r4~8|>ub|D4i2C}xh0ZXl@|xcU3cA=xeZXwFr|c4$?=8yI zqoo`}+Anrzg+E={M$?M73{`nuY^X7tfmSOjx+8Ms3+r*iR}So0G6@@spu()&AsDh< z_h9WF?PT`Ii+;#9MC)e|Z7VMi%@ukJ{uoP_Ovd7!PGui0m!y@dy|fCIx446u#5Yzq zn@Wo2?i1GH(*A63cJmqCaHdE=^jsc-v))upmeH7Zk~66wM)_w`{_ zxrf1zo8rG5$E4{+5H<0CFOLrom*W4v-v4+%Pp}C9e5sURH^+aCemxrOSCdl>`|6+X zhWMHmb_4b^gw)_k@eB3l`7SE%F$&qbK(vI`aID<=>qf8h8d=Ar_kD^%uv63)yw zEpr!AHHIyfg~{izmj}P;E0GrZ(JBj~*suL+`2+lWY1bSySOvFN+STjCfh~f?&m_O-+UzM%`9a{5sT?<#r&Zy48m9tZG$Qj+p!wd-g*k`r5=mI# zb~S>U^2 zM79f~`K{^KH9i-Pqr%v8ZUQ%B685ak0RQWI=zX)lwj@f;jyvdoX?-5p<*z($QZFuF zdkt)^eX|y}Dr_&+fV~!U!?k0P+STR<8CEs#k65MNHG}b?{imn?H1+@e)oooApvM3I z=H>CC|9|}5@wZ?7|ND40asRD5tjcIde}I>LePg@p@_JyOGCDjwRFlizqRE$C`m0~H zs(k${n8BJzox?+GCReo9+iq*UthIGazA8)4Tzg!~o3bt}UxB! z%=XO^6C;Vro2ZU^Si`Q*mnw5(beN%I1&66#djz4QC3hj$;V=_)rC((4$S=8GdOh1sHv=*-@s2!4%dB-oCTf^R;UkAI-na{&_&M z>S3xqkYU(lP!`9|B4)YiMeX^Bt2$h1OlsFL52I?eeB3E)<<8H(JA~=IS>ElQE$wqZ zo1yH)s2UD-DJv8iVR<^`9Mc?BY_%4F8${!5=CCuy0)FCJs^Xgd=$gHyvyX`TL6Q|@ z?^-uaw>Y@?3i=S1D81QIQ*JQ`#&7xWI{%iaeUV{ zYV7~RZ;ux4|Lwgz{`R}C_Wyl6ZMZ;E%~V3^wvo45b|?&{B#G55o}%amjj#xVHe8R1 z05MHd#-#u;#z~@MUSNV`G$wR(030Vsl9^pL^Y@6xK^rI@nJDQ!15MayRQMnJA)M1> z4vgwA6-kg{4hf++48k{8zh0?DE@;E4R#5nOdId4zA_zxBcJ;r8{2(0s!Mplj_hLNi zs(;-7iW%+Z6%9~yGflPcBZ3#9xJ`o>;Q-wPFG4vs<#@#1`N>q;j%eN2=;hsjr|Hehxpos2e7TWPJV#9O1SR+h!QCN!R|Z8q+Nf zkQfKgK#>nw!*iIX%1+HnX}VBKKDu^iz2Jt>_!TG*o{WA%X)wVODeGC0YzQuKnbZ#= z98QzO#6s#FZTHn=ZcHO+{eY8%!6(L(xMhfFx8aOR&f=-wh6n;ZNgG2XVfN6?ttp_DvY$S=XpcjMIe8C(1Zf#;U1a|1TSY*345=KcNsMQz0?8 zs&m1ycE1IYSOh@_RC}Cai3Rk+-hcfi=$HzQ!=v!ag`Yq8Q z!FtQp>?%0!p&25H{>?f|R{Jemb;wA>Qmmb+m<)$l8@d8V#%WQ_w&7$rB$P;^2>qg{ zQY#;cF_mOUFbDtn0&lR0IMJRJto?j}x1UoSDG%$6rc+t}LGY!s`lfis{+V8_kQpSkK1yaN%JGlFtlrC(H) zN>U6{mbkJzQuKg2MJXDPWX&N}GFUbmW9vU@RlL zN?*;85^?4Cd(*Mok=-+EOq38cN4g_BWC(7D-fIDf(0;qXaz9jh686nf09G-elFo=T z`WqXB`KsM7qZ6emXDKHd1u+H{^?zS)48 zP3cToLZW#Ysq50IRx%t-IgxW)*)Hg$Sl%*zbFobBx^&tan$g&pPLz@>%x5IRo6buo z7iX@99m;*2qC4v64~&yP7?mi23l_u4R5B5vq|SV3I)7R`O?e|lVjZ2rgu)QBd!l_P z?YhkJweUDR{!24nR@13XsJEOm-pF{`xz)6-r?D@zUabx6x1Aeq+j@3Gs6Q02*0XS$ zjyQ^OepFVy*Of9lVi?q0a4HdYV<+B7m}rB7#fNJX;(hXeU-%q7Nb7g4_?ei_NuoJMc2lT z#e9a|VCgwk-mZVx&uu+}iG)X|0)Cl0R1g!4pBA1NG zR_64$fF(J`rY&f>1J%#^2OuzppU>Q9zwEVj8P1s8&w`GHbm z*H^syt{j!cPQMGyZU2>KDu$ai8R2-Q9yWX@urxJb6wiO~Qpp2=`zqmkhd_7Nb-|OH7 zCsYb|lEgX~sV(Tjz_KlW9B*MPmAD*_{8`0RE9lb%387Z@eic*6Lcy&v_rD2KBh2Mb zW(V;S|31Y+=62N*Q!_t6ebuoWkANs;(jN6uQa(jr%%WnM{whF6 zTdM1shuhMO&9}L>r5SZPVWKX~#9czWVzZhas29APor_e`>bvPcl{lYa&PiOXs!k`0 zaUVsL@|0s^@VLD&RcsEwPf?--7XwODP1{Nsbv+97zbT4vVZY%dN!YDDVrk-HvvM}A zBr~0k@d`z0#si-ej|WwK2NY{-&n&V+q9oB%@N?nOx*i2uv`c%J<}2M)noPxJw&bdj zX}!vI%SV^&xq*s)ru?@+|;k)b~r+mz@$~95|Mo;2GAj<75aZ;TXkpi1f-4 zhrSO6A+&_#jE?dIRcijX z%@qF5mG}V6_Xl9U)wZ4~d*a+i{glfX^Dz{VH?rqOhAxwJkufV*(ox|TE{-~ zeF(MeE04r_N{?HICF5v>w-aV9H zi2>6Y;fzkq0a{M-}{fFa>RdRw`PU9>R}pR~ffutv{%ZWo?Eh zKpE}0(tbCVjp`db?-e_zP3f}k*;(sje)fNZ5dVh{S9`>3`+Ywf9DR6r%i*Ehe?*Tz zvDBpG@Hd~=NHViar7PHFYbA#Y>0MIM^zCYPV7GpiU!SFnDEjkf6e1)v);7v7dSK}(8Xl4C$}U{(Hv}FFDq&d5n(O-E9_C%bV9*7^x7u`T3rp-G-|aM+7B6GzUdA#uFsGlVqx@Jbe+jXIfqb0CJwbi|ds;2;+)-=}FDGBqAVT`V3G2fIp*2n&4Lu>#st>g22nfRMXUDR#Gc+esapM z*=B6&(h;GbgFvEDUA3kjiAH`ky|DK(>~&&1Ac%H)haLX%I0({dl9;2|b(Lyn59feP z^%vQP*{um0(0+cB+@iU74rG|qp?LOO9}<$!56t}s0!v-|Z1|qZ3yuY*^0}eM28!hb zAIS5BIHI)Dx=H$CWT6_7O(S`F&VGzW4F!k6yFqca#vBvbp zonF?{m7d)aa-#zXm3HILk|Q8=$oRyZlrXu$gfAp>?S#_p6KcZzXoPKL1Nu_PV7hK8vMIRQ;O!UZBga-5PZ|1$uTGndWv{o?@icSIX zTro5b{Q1HyE4djq@!D##TQPT1AAR-)z3EWVXr5myy~ApV&4)W>u;}?vkb-@jPRt;-&7eB5bN= zs!#SLy3WlF0#iYBT2wt2wT0;?w<9#$>^uO$CKx1{V4*6wMN|*Uk^0&k65wWEKV?D? zokn7Anzdojgo{OPh%lFKJDvCs$XW z&M)5txsf?@8^5mt-}W@D)K`}ci@&U3mmg`Hr5vw{@~ph!@0ra(?mstpzOuy|FUR@1 z4Z02J?25cU|J3{o+I|9j&DMnxRUG_vqX`Niyd7Zg&#&KJh4QnRry@oLOYmK;8aX_? z-^)f0dmCIgvgUmwwO7pD`Qi~Ro3o*sk%o*%YUN}i+wU>Uoynk~<}95l17kClp#*a& z3SzT)Rqc5VQ1&lO=Jx&oopgOcRNuE+2MgT%zSYt?|9qk7npxc!8+hi1`md^rg-q|& z+3JIA+~LnD;}X1TzJIoNGacYaCi-J{`$H!`m*NigaaCo@^h?XL`PVt^)VqP53l+?&vI)= znRXE*Q_}+DDa#IJQF}oLJ}532JIH1i?k~|a zI}QtE4bku2wk_S!#C5Ee*HEJxye=w}IdG5~|JPaDFEnHIdjCS_&WAA)Fi_Sz<2E`q zNylh_C5iNa(kAYhP1p!itR#Pn<^`zLWsLUHIx7`BRf-y8ZcktK9?|56BnX$AVN&BSiebQquWtr z^;ATdB2HMA(lpBlfJE`@m|>xscN3Nyjfl>b9CI@AUYI!f;#l*$X2y&nTdbnH$PBxZ za6H7^O;bO!;gD$1Q5TC@G*zCBmfGsEGducqcKqvvjEso8?d;FaRNzj81Qz>tl-Qr> z$OzB%K{A*fD`oj0@Nk+yLgz7A%?Jjw0?z|9jj?nUI~F z5F_WVSKm54DJibge3%lrqxzuR>&%WilG#6xyLvTyMCwa=!xw%mGe?}~w|5dGC zM{cwPfh`xql*aZt)RPoNW9(`;0GHG7C_IEcRiI^mYVH3uQ2H`KbFF$)9dks48PWK2 zgi}4@BQ{ABV%%o8SlBAU;2*XEHjqdUaz&+E-E1j9(pU+KAFsOI+uPd^X(~g;N8QAf z65V%ar*Ge1z3m*SW%~n7un_qIIhdQZF*3>6(JiRiW5ltU)d_`LPNcqVM6jW}MH~k) z5t5U^R2CTIs3HRV0%|g*&^oz-v#S=oKDj!(ItV_UUH@?Y;Tk@jTwb2Mzdn0=1?QJ= zdj9^++4b4^`ztvA8=SoV2mE;U{>=ekVt~BQsm>?CIFN~6&coo!CWmp2XXw3#Vo3xE zqN6DqVHmL)Hk$+~<`W{!0*PoGBxFKdeu|~;giq+=k+09!=j-#}&;Jhq0RR6aR)y#Q GS_S}moFSnA literal 0 HcmV?d00001 diff --git a/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml b/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml new file mode 100644 index 00000000..7e48f31b --- /dev/null +++ b/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml @@ -0,0 +1,13 @@ +postgresql: + enabled: true + fullnameOverride: data-postgres + auth: + postgresPassword: externalPostgresql + username: externalPostgresql + password: externalPostgresql + database: externalPostgresql + primary: + persistence: + existingClaim: postgresql-pv-claim + volumePermissions: + enabled: true From 298fea278d72e4831be18cf6c4c82c38d96b9933 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 14:57:00 +0530 Subject: [PATCH 08/12] update postgres values and directory --- .../postgresql-11.9.8/postgresql-11.9.8.tgz | Bin .../postgresql-11.9.8/values.yaml | 14 ++++++++++++ .../postgresql-11.9.8/values.yaml | 13 ------------ helm_chart/roman/values.yaml | 20 +++--------------- 4 files changed, 17 insertions(+), 30 deletions(-) rename helm_chart/{roman => }/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz (100%) create mode 100644 helm_chart/external-charts/postgresql-11.9.8/values.yaml delete mode 100644 helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml diff --git a/helm_chart/roman/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz b/helm_chart/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz similarity index 100% rename from helm_chart/roman/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz rename to helm_chart/external-charts/postgresql-11.9.8/postgresql-11.9.8.tgz diff --git a/helm_chart/external-charts/postgresql-11.9.8/values.yaml b/helm_chart/external-charts/postgresql-11.9.8/values.yaml new file mode 100644 index 00000000..30b9e1b1 --- /dev/null +++ b/helm_chart/external-charts/postgresql-11.9.8/values.yaml @@ -0,0 +1,14 @@ +global: + postgresql: + enabled: true + fullnameOverride: data-postgres + auth: + postgresPassword: externalPostgresql + username: externalPostgresql + password: externalPostgresql + database: externalPostgresql +primary: + persistence: + existingClaim: postgresql-pv-claim +volumePermissions: + enabled: true diff --git a/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml b/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml deleted file mode 100644 index 7e48f31b..00000000 --- a/helm_chart/roman/external-charts/postgresql-11.9.8/values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -postgresql: - enabled: true - fullnameOverride: data-postgres - auth: - postgresPassword: externalPostgresql - username: externalPostgresql - password: externalPostgresql - database: externalPostgresql - primary: - persistence: - existingClaim: postgresql-pv-claim - volumePermissions: - enabled: true diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index f29992b1..831d8315 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -16,24 +16,10 @@ roman: # random base 64 string used as certificate, replace with real one pubKeyBase64: LS0tLS1CRUdJTiBQVcFQvWjcKMlczd1A1TzJveFVCTElDIEtFWS0tLS0tCg== publicURL: roman.example.com # Link to the subdomain pointing to roman. - dbURL: jdbc:postgresql://data-postgres:5432/recording # Link to your Postgres server. - dbUser: romanservice # Provide your Postgres DB username. - dbPassword: romanservice # Provide your Postgres DB password. + dbURL: jdbc:postgresql://data-postgres:5432/externalPostgresql # Link to your Postgres server. + dbUser: externalPostgresql # Provide your Postgres DB username. + dbPassword: externalPostgresql # Provide your Postgres DB password. tls: issuerRef: name: letsencrypt-http01 - -postgresql: - enabled: true - fullnameOverride: data-postgres - auth: - postgresPassword: romanservice - username: romanservice - password: romanservice - database: romanservice - primary: - persistence: - existingClaim: postgresql-pv-claim - volumePermissions: - enabled: true From 9d3d9ee84a490d1650c8d1f4a1f0d686cb8f2ad8 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 14:59:49 +0530 Subject: [PATCH 09/12] add pv and pvc for postgres --- .../postgresql-11.9.8/pv_pvc.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 helm_chart/external-charts/postgresql-11.9.8/pv_pvc.yaml diff --git a/helm_chart/external-charts/postgresql-11.9.8/pv_pvc.yaml b/helm_chart/external-charts/postgresql-11.9.8/pv_pvc.yaml new file mode 100644 index 00000000..4be6471c --- /dev/null +++ b/helm_chart/external-charts/postgresql-11.9.8/pv_pvc.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgresql-pv + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/data" + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgresql-pv-claim +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi From 359343baa06f512f88c01c3304a77944ad8120d6 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 15:07:31 +0530 Subject: [PATCH 10/12] remove postgres dependecy from roman helm chart --- helm_chart/roman/Chart.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/helm_chart/roman/Chart.yaml b/helm_chart/roman/Chart.yaml index 0dbd1808..319b39cc 100644 --- a/helm_chart/roman/Chart.yaml +++ b/helm_chart/roman/Chart.yaml @@ -22,8 +22,3 @@ version: 0.1.0 # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. appVersion: "1.16.0" - -dependencies: -- name: postgresql - version: 11.9.8 - repository: https://charts.bitnami.com/bitnami From 9ee94f658e2a6cd4378f72126d36854df2ebf5bf Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 15:12:42 +0530 Subject: [PATCH 11/12] remove proxy_domain var temporarily --- helm_chart/roman/templates/deployment.yaml | 3 --- helm_chart/roman/templates/ingress.yaml | 1 - 2 files changed, 4 deletions(-) diff --git a/helm_chart/roman/templates/deployment.yaml b/helm_chart/roman/templates/deployment.yaml index ced15ba3..e5d34d5f 100644 --- a/helm_chart/roman/templates/deployment.yaml +++ b/helm_chart/roman/templates/deployment.yaml @@ -46,9 +46,6 @@ spec: - name: WIRE_API_HOST value: "{{ required "Must specify wireApiHost" .Values.roman.wireApiHost }}" - - name: PROXY_DOMAIN - value: "{{ .Values.roman.proxyDomain }}" - - name: DB_USER value: "{{ required "Must specify dbUser" .Values.roman.dbUser }}" diff --git a/helm_chart/roman/templates/ingress.yaml b/helm_chart/roman/templates/ingress.yaml index 51c62369..c7291a9a 100644 --- a/helm_chart/roman/templates/ingress.yaml +++ b/helm_chart/roman/templates/ingress.yaml @@ -21,4 +21,3 @@ spec: backend: serviceName: roman servicePort: 80 - From 0bf5bb9cb0b3713ecffb493854a5344350f9acb6 Mon Sep 17 00:00:00 2001 From: Amit Sagtani Date: Mon, 19 Dec 2022 15:36:50 +0530 Subject: [PATCH 12/12] fix the postgres address in helm chart --- helm_chart/external-charts/postgresql-11.9.8/values.yaml | 1 - helm_chart/roman/values.yaml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/helm_chart/external-charts/postgresql-11.9.8/values.yaml b/helm_chart/external-charts/postgresql-11.9.8/values.yaml index 30b9e1b1..490278fe 100644 --- a/helm_chart/external-charts/postgresql-11.9.8/values.yaml +++ b/helm_chart/external-charts/postgresql-11.9.8/values.yaml @@ -1,7 +1,6 @@ global: postgresql: enabled: true - fullnameOverride: data-postgres auth: postgresPassword: externalPostgresql username: externalPostgresql diff --git a/helm_chart/roman/values.yaml b/helm_chart/roman/values.yaml index 831d8315..f757304c 100644 --- a/helm_chart/roman/values.yaml +++ b/helm_chart/roman/values.yaml @@ -16,7 +16,7 @@ roman: # random base 64 string used as certificate, replace with real one pubKeyBase64: LS0tLS1CRUdJTiBQVcFQvWjcKMlczd1A1TzJveFVCTElDIEtFWS0tLS0tCg== publicURL: roman.example.com # Link to the subdomain pointing to roman. - dbURL: jdbc:postgresql://data-postgres:5432/externalPostgresql # Link to your Postgres server. + dbURL: jdbc:postgresql://postgresql:5432/externalPostgresql # Link to your Postgres server. dbUser: externalPostgresql # Provide your Postgres DB username. dbPassword: externalPostgresql # Provide your Postgres DB password.