From 00ab80d1b82e59554e8a1d6e2d4d926a3858a1fd Mon Sep 17 00:00:00 2001
From: Jimbo <jimbo@jimbosfiles.com>
Date: Tue, 15 Oct 2024 22:41:19 -0400
Subject: [PATCH] Move the public keys out of secrets

---
 flake.nix                                     |   3 +-
 hosts/cyberspark/id_ed25519.pub               |   1 +
 hosts/cyberspark/system/default.nix           |   3 ++
 hosts/firefly/home/default.nix                |   4 +-
 hosts/firefly/id_ed25519.pub                  |   1 +
 hosts/firefly/system/default.nix              |   7 +++-
 hosts/firefly/system/hardware/default.nix     |   2 +-
 hosts/shuttleworth/id_ed25519.pub             |   1 +
 .../system/accounts/users/jimbo/default.nix   |   8 +++-
 .../system/desktop/sway/greetd/default.nix    |  36 +++++++++---------
 .../system/devices/video/nvidia/default.nix   |   2 +-
 .../services/server/minecraft/default.nix     |   2 -
 overlays/default.nix                          |   3 +-
 variables/secrets/default.nix                 | Bin 2829 -> 2395 bytes
 14 files changed, 45 insertions(+), 28 deletions(-)
 create mode 100644 hosts/cyberspark/id_ed25519.pub
 create mode 100644 hosts/firefly/id_ed25519.pub
 create mode 100644 hosts/shuttleworth/id_ed25519.pub

diff --git a/flake.nix b/flake.nix
index 90376794..7664feea 100644
--- a/flake.nix
+++ b/flake.nix
@@ -31,7 +31,7 @@
   let
     mkNixos = modules: nixpkgs.lib.nixosSystem {
       inherit modules;
-      specialArgs = { inherit nixpkgs unstable hardware lanzaboote mailserver minecraft; };
+      specialArgs = { inherit nixpkgs unstable hardware lanzaboote agenix mailserver minecraft; };
     };
     
     mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration {
@@ -51,7 +51,6 @@
       "jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux;
-      "jimbo@guest" = mkHome [ ./hosts/guest/home ] nixpkgs.legacyPackages.x86_64-linux;
     };
   };
 }
diff --git a/hosts/cyberspark/id_ed25519.pub b/hosts/cyberspark/id_ed25519.pub
new file mode 100644
index 00000000..1c06662a
--- /dev/null
+++ b/hosts/cyberspark/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKC8Uqxb09V3msBgDv6lD/nETMYr/X0OgtpDo8ldcMK
diff --git a/hosts/cyberspark/system/default.nix b/hosts/cyberspark/system/default.nix
index d3e57780..30ce1f63 100644
--- a/hosts/cyberspark/system/default.nix
+++ b/hosts/cyberspark/system/default.nix
@@ -3,6 +3,7 @@
   imports = [
     ./hardware
 
+    # Apps and programs
     ../../../modules/system
     ../../../modules/system/accounts
     ../../../modules/system/devices/filesystems
@@ -15,9 +16,11 @@
     ../../../modules/system/services/common
     ../../../modules/system/services/server
 
+    # Misc
     ../../../overlays
     ../../../variables
 
+    # Imports
     mailserver.nixosModule
   ];
 
diff --git a/hosts/firefly/home/default.nix b/hosts/firefly/home/default.nix
index e0982e3d..ae119d85 100644
--- a/hosts/firefly/home/default.nix
+++ b/hosts/firefly/home/default.nix
@@ -12,8 +12,10 @@
     ../../../modules/home/utils
 
     # Misc
-    nur.nixosModules.nur
     ../../../overlays
     ../../../variables
+
+    # Imports
+    nur.nixosModules.nur
   ];
 }
diff --git a/hosts/firefly/id_ed25519.pub b/hosts/firefly/id_ed25519.pub
new file mode 100644
index 00000000..e36a85de
--- /dev/null
+++ b/hosts/firefly/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl
diff --git a/hosts/firefly/system/default.nix b/hosts/firefly/system/default.nix
index 5e601b6e..aefb3768 100644
--- a/hosts/firefly/system/default.nix
+++ b/hosts/firefly/system/default.nix
@@ -1,4 +1,4 @@
-{ lanzaboote, ... }:
+{ agenix, lanzaboote, ... }:
 {
   imports = [
     ./hardware
@@ -13,11 +13,14 @@
     ../../../variables
 
     # Devices and hardware
-    lanzaboote.nixosModules.lanzaboote
     ../../../modules/system/devices
     ../../../modules/system/devices/boot/lanzaboote
     ../../../modules/system/devices/video/nvidia
     ../../../modules/system/devices/networking/firewall/pc
+
+    # Imports
+    agenix.nixosModules.default
+    lanzaboote.nixosModules.lanzaboote
   ];
 
   networking.hostName = "firefly";
diff --git a/hosts/firefly/system/hardware/default.nix b/hosts/firefly/system/hardware/default.nix
index 434c77dd..9c3b8238 100644
--- a/hosts/firefly/system/hardware/default.nix
+++ b/hosts/firefly/system/hardware/default.nix
@@ -24,7 +24,7 @@ in {
   ];
 
   boot = {
-    kernelPackages = pkgs.unstable.linuxPackages_latest;
+    kernelPackages = pkgs.unstable.linuxPackages_zen;
     blacklistedKernelModules = [
       "pcspkr"
     ];               
diff --git a/hosts/shuttleworth/id_ed25519.pub b/hosts/shuttleworth/id_ed25519.pub
new file mode 100644
index 00000000..3d0e0ec3
--- /dev/null
+++ b/hosts/shuttleworth/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+L723mCLy9/9UAXwkY3+06Oq22dOj+lDnA0lMLbrsR
diff --git a/modules/system/accounts/users/jimbo/default.nix b/modules/system/accounts/users/jimbo/default.nix
index 68e448ab..c1f5ae9e 100644
--- a/modules/system/accounts/users/jimbo/default.nix
+++ b/modules/system/accounts/users/jimbo/default.nix
@@ -5,7 +5,13 @@
       description = "Jimbo";
       hashedPassword = config.secrets.jimboAccPass;
       isNormalUser = true;
-      openssh.authorizedKeys.keys = config.secrets.jimKeys;
+      openssh.authorizedKeys.keys = [
+	(builtins.readFile ../../../../../hosts/firefly/id_ed25519.pub)
+	(builtins.readFile ../../../../../hosts/cyberspark/id_ed25519.pub)
+	(builtins.readFile ../../../../../hosts/shuttleworth/id_ed25519.pub)
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 pixel9"
+      ];
+
       extraGroups = [
         "wheel"
         "audio"
diff --git a/modules/system/desktop/sway/greetd/default.nix b/modules/system/desktop/sway/greetd/default.nix
index a1a56e1e..85a18a40 100644
--- a/modules/system/desktop/sway/greetd/default.nix
+++ b/modules/system/desktop/sway/greetd/default.nix
@@ -2,7 +2,24 @@
 {
   services = {
     # Configure greetd for "auto" login (single user only)
-    greetd = {
+    greetd = let
+      startSway = pkgs.writeScript "startsway" ''
+        if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
+          export LIBVA_DRIVER_NAME=nvidia
+          export GBM_BACKEND=nvidia-drm
+          export __GLX_VENDOR_LIBRARY_NAME=nvidia
+          export WLR_NO_HARDWARE_CURSORS=1
+        else
+          :
+        fi
+
+	export WLR_RENDERER=vulkan
+        export XDG_CURRENT_DESKTOP=sway
+        export QT_QPA_PLATFORM="wayland;xcb"
+
+        sway --unsupported-gpu
+      '';
+    in {
       enable = true;
       restart = true;
       settings = {
@@ -11,22 +28,7 @@
           switch = true;
         };
         default_session = {
-          command = ''
-            if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
-              export LIBVA_DRIVER_NAME=nvidia
-              export GBM_BACKEND=nvidia-drm
-              export __GLX_VENDOR_LIBRARY_NAME=nvidia
-              export WLR_NO_HARDWARE_CURSORS=1
-            else
-              :
-            fi
-
-	    export WLR_RENDERER=vulkan
-            export XDG_CURRENT_DESKTOP=sway
-            export QT_QPA_PLATFORM="wayland;xcb"
-
-            sway --unsupported-gpu
-	  '';
+          command = "${startSway}";
           user = "jimbo";
         };
       };
diff --git a/modules/system/devices/video/nvidia/default.nix b/modules/system/devices/video/nvidia/default.nix
index b50af2d6..03ceb165 100644
--- a/modules/system/devices/video/nvidia/default.nix
+++ b/modules/system/devices/video/nvidia/default.nix
@@ -4,7 +4,7 @@
   hardware.nvidia = {
     modesetting.enable = true;
     nvidiaSettings = false;
-    package = config.boot.kernelPackages.nvidiaPackages.beta;
+    package = config.boot.kernelPackages.nvidiaPackages.latest;
     open = false;
   };
 }
diff --git a/modules/system/services/server/minecraft/default.nix b/modules/system/services/server/minecraft/default.nix
index fb7912d3..6bb2b931 100644
--- a/modules/system/services/server/minecraft/default.nix
+++ b/modules/system/services/server/minecraft/default.nix
@@ -10,8 +10,6 @@
     ./servers/uberbeta
   ];
 
-  nixpkgs.overlays = [ minecraft.overlay ];
-
   services.minecraft-servers = {
     enable = true;
     eula = true;
diff --git a/overlays/default.nix b/overlays/default.nix
index 425a1955..0b7a7fac 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -1,8 +1,9 @@
-{ unstable, ... }:
+{ unstable, minecraft, ... }:
 {
   nixpkgs.overlays = [
     (import ./unstable { inherit unstable; })
     (final: _prev: import ./packages { pkgs = final; })
     (import ./mpv)
+    minecraft.overlay
   ];
 }
diff --git a/variables/secrets/default.nix b/variables/secrets/default.nix
index b79ffeba4fc31be796d449f4dcc21e412d0cd58b..38b50a76672facba1208f7fbdf18fa7ebfc8b26d 100644
GIT binary patch
literal 2395
zcmZQ@_Y83kiVO&0C|Gr5LTFiPkof(`nZ8$b_a&c6*`T6gufbcq^~p5muN&GqeCCEJ
z80f!Ry4u!#<_5V1f4$HA-{|<|*1BG)dFdA29<Qs#pS6S*FS7c-#G&@$j2TVIXCCgq
z-s-8wvj2d|l~)Bl(|)T-e%Na8GspJQf1|8fJ|}edN*?IeIU%%Epv+1!VEd!J2cBj=
zTW8pmdU~B^|JOjJBtM@m=fnRz{%gcy7wpgVb&Z0Y)S?3`g617(at)c*$C$R#ZoT~O
z4&BLTbgO)S@Ye~tX<cY!+Sf4GW{%ss9YxZ7D^5?jzoD%2pW6gJo(194Ha{qSD-&t;
z<l(vcQ#~9pT0KlI3qMYn<=nmLU4qaCKaLeXKCL`4`_Ih^FI+c2C$@8sLT|cg%A}C2
zw;G#oJc=+p8YG@+(2&jk#b};p!;AWRr}nO^nzm!g>F=jz-HrQiwDZv|Et|^i<`aeQ
z9TfQ|E}L6o@_y?9+0+fy&o>^k+IP5H<R^o`?GM|o+~VExY0Fv**-HPOw!`by&&oeO
z^1<YK<x9h>87n^Yt?}DFkEiH|#z*`5sf|1PSX}fbD+XSYZcIsuO8i#XD(KxDn&3Of
z(EsJa8PANT*vp-Hve#yMTj4f;#w&hn{n-wM{-5;yMqg6&;i-Sxbbsi+@(4UWd*+86
zGnF%m)oBczOZ1aDwix!zT*p}NdcDpfDJN*3<<v`?z8?5wI{)t5E0Mf8KTdS~|IoFq
zHGSf;C%GvibC<`Z_x?yXpZQkq^r6X)(_YxD2`F+m`X3+^_V4-p%MHwbXY~86bzOYM
z!+P7}EkW-4Z(iEGb!kc9(T+orbN=i+xi0h6gws3UzR?am@=hzx&RhAfPg|L#c)iu(
zf2FT9Sw1?&IP{#|Q4m$@{@N~#M=$vQ;g}GS=)`-yuX!csI?odCcN5@|ny#Jv*0b^I
zM{&m4CpQH3?>>1rJumXZ^$C+x9&c9HW>q=srdS+MJN?Ge^rc_6YTPR@6WBN}Tjka!
zg|z&g@9OUQu!u^q${S5T`1NtTT6uMTfetgX$!*11-{0j4u`gb=JWld%m9~STl+}Sd
z(s#ezI?Y#}YrW{o#g1uwxjkti^Y6AAx;*@#INQ0+?WX4cr<aB74?VSunt1x@>WwzZ
zz2_cC>~_^R^6?Oy?0G(>qbYrI!?e8`3zu42_X}AY&$$rvOL@kdrEl*14w-!GY1V{7
z(Ul)(WkoIf`Ty{S9F=`LCCyvp^`5bd%a?e(SYM&vc8=d5Q!e$De47K4{3mm!9a|WK
zxx5b9L?7OpHLWS|P>}0PRvzCwzdUAc`nLY)$u~_A0U}?RxSSL-uby;Gy)a|d{jTIM
z;!nP9uY7#Bv6Cxf(UmFRw`NuqFtz^-w%Z_;zhC%fKkvc4mseC<-v4fD`|5*ia(t`>
zhw<%|=dwAfxKu5q*zdO{&tN#P`sGpOdb1r%Kc~oS$~5&!{j_P)<12yp*&`OLGr1Pm
zn4zrNAH2&`>Vu%)PtJ@)-kYZxCg$CXSvbQ=e!?uj9Z3vNXUN_aEY5$<diY(&Gf~y@
z*6VVLA~!2aHFKE$*Trx&JXZ4dbBUO&aPEIl;D)jSvlEs6Zs#)!e=c^=7TO@8crbeV
zHdg(`LNb#Co-aFf|J<^r2NnixQTVp_?sKi$n!e`T^X8j$6;c@*j!aNxIelE}wHcdU
z@19>0LXvl*UkZn}eVw`UK}PP4i2ZA|7To{sZ1elTPG0wJJ4=lehq)QM?sTtMzq3Ny
zHPJ7(QD9s2>~gPJA6~W{lM>w8b*Y<+fA<E3#d@+c`dvkTYR252bhgbm`VrrcM{-yA
zr^<V7sM7m5dGVt51#5S#%!=VGPinJh^$Rx=xZM16Z^>!_<@p~Zt?ykvw5q15Vy4jf
zg^qgqy${}I9{C#RdH(s^Z_AG+@^a0Vd&Q!Wwrb)cqpoSHd&;ErqDucJ9lT?xe~$B(
zlz7N%o&T(CW<oDQ%2NUs{GaKxb?=S~ns?_GJYKiu^jF~$$NBjmc3uDJk+^Zzavj-D
zzB%_^teVo7p&q&5_LPtaGm#uSpX+%kTFn#PyN-V=-RnI;ar^vNYP}yPe?R+C&BpRU
z@fT@zOCAjawxvdS>s@PaJfH8lnE94@PQ&b^{J^pmGW_d36welKPTo}Y?Damm)>FE7
znHQ_7EH6=s`X#Vm@v-XpFMBR#OntLic#^%vDf`|(ynil6eKp#=-?O4c!XhxZTI=bT
z2@-|53r@c=wD?(3{&8Y<FtcfT&~sH5ei_9rD#t2B`t&yyt*p-JE@l3xEWUJoQ21FD
zH&(e_|K!~znf7d7dMs6KLdCA_n{LS*<gVlAx}^7g?k@RVCf=VWsp)%iFLB?-7qaA#
z$=b7f^)qZW@1`|%JM?}l>z<J(I<N7j%b#7VYc<V<XQ*-Q|0*r>ZPqOvmDQ_)i)MxQ
zCthcCGFiwwBa$Qfq~FqR$NE=+v5MQ<VymiSUGB@fp3Jbg(H3}WQIR}PYAMg_<<mB9
z<}KNA?cH_nZ#RFw`#n)g^U;LFqSAnOJ(mS~W=)>_$m`SRiSu0(*?hm<Tvxoo;<G_U
zZcqCAgDDfYr(XI{*IM_BS^j0(>^IXacny+PC;ar-efn-mOq)U8go2A@ZHBW_<!*Fa
zY@Qrt{JQ9)-lwOks=9L%ql>t^AGjFqk!u$!?|#;=;GwA7^r$n@*kS*=t^Y(k;vQGs
zU9!{gdhP}0kJY;^)$2|sZ3(Z`KdtG&oxXi4b2!^!ljjQm-?#1ecmJ^|{VkXL5{bp7
z%*Kn<zWh4Ha?hgsp7`yF^Y|?<e7RS_uaR+4{PFvJDFN?p{;<FCP_pCV-ACKqLoR*T
z9=_@O9xXL{mIY}iBDHdlp5OmD!bGMb^3jU76^o=UF3Vh6aa8tg(#=B_JJ&qlIWvk)
z;rQ7sA$3Vs!C3xBM?1A83tw!Gu5$@oEL6j^|9N}xx=Xnyrxfkjo43%Sa*2n+nTwac
z${87T>FVTf7VvQk=D+9mO;&OBHO<5*HP=|S176SH_P<%q^x*wXJL#KWXD7}{3vB$r
zeLBd@FNsO!w1T^Hx7Hd<w&as+oX1XtGMFfT?5ntwmas~&r{jOOz=3be8B*9EE)Fbh
zzE!6GH@`ghzhBt5-2IDgze(9~<kF&9Q+WbDFH10f+wbc0_^o5@l`WIzt;rYYlKs@U
zJNweznFbqqr)(3C`t{*stDVxt#r)<svsJ!p-z-@i@Ns5^Aoo;$jt^J<vV5%9XDV#1
kWYJO&bTd#aoA_;R{0pH;2M(<*vTV8ZICLdX()>Bw0soz$$N&HU

literal 2829
zcmZQ@_Y83kiVO&05Xf4rx-4<dZ5{vC4TgUgMcqG}{-93u{Y#$I3B|8B2Cr=q`TDTn
z9rvW*r+Ygd>=#L2c+JW5(u*y;f^sGc1pijq%JG*5*1P!E%B*^_I5cMem%j4CS<Z>F
z4}^4B4K}@LxnT0{@VYWtVg5uN^PDvg6wisVf0`A>`{2Kv#2r<}nd`skY;%}!y&zC3
zEZps?eb%pp4P4?(@BWAxTX3GUFI{#0_^$HAb!JnhIOuvzd%VTv!+YmtFEv#QXYp1C
zb{}_t+@XGBv7GTH6a5qak|(gJ8FtQ?`G9Lhnt8D9ChpTJ9}9YwMIG+hDLh)y<orTm
z-Qox4|AMMotUE7ea%f6?F^So-xkae_m&~f<&peNt9$DP}x@4B$bfwcya~gcNefph~
zTXs?6aa;L{?*%#f1wEEat@-zT^H?&EsqU`qj4eHp98CY@viE)A`=;r8+xS#Y;FR`b
zQd4K!9jxpOU-mSh&PrY|C#a_OaBj0+{Ws4A7R{4(ABhkRin?vAY7~3+V}E+ZO!3XW
zg$ydQR{h8liktX%kMifvl9``{uSGDO^7(%3Ag{ky-qY)elfGY@oBFM+uGNV75u?ha
zwav~G?|F1dZccvjK~v~o7F&|7wnXRGz9+0Z%nbM6?%SEN+4}z0XAhZIw}|hrc&Mv-
zR!K!?q3i*{vWLfIr}BTi%GUO2$+ekbpLagkemw8?myI)he`s>mJh3UgnpWMb?5m?D
z|C`^ucQy07MxnT{tP0cL33pl>p5_!UJo@{_->@T<GqnCFm9Kcc^5y%*dwwl^#F{;W
zMT0Z&;~z=Gz2?8BWwx!#=B$}MEq3cA=>@yqemb1D_lW<>N=^RdwQoKfcS;{Qob9mw
z?~*Q|56O?)Pi8uKEl>?9_#o7B<%6>LQ{{dw2I*OPJl}OQUv<v*)jR#|<;lAOwcO$w
zQAxXZAGBm&_j^-EfsoKC?cIWxIUUZK+1wPps(SzLt=@&gm8<(TV`eTo7hWone}C4+
zEk4VhP6+s`|374FUCEut(tnCX?;bd;srv1d+WWYTcjhHF^yFoHt^85!>LTLKeqb&0
z*3ENo$E(Im-=4j#!tJZ<!Pgl&o87ve-BvzmlhVjgUF*=@)~xeON_+nWk!Oi=S@))v
zlvi(It(#w(DB(V-{Fk~x+`7kJQE$x;O}(t7);@{hzG=*E%lXAKe7KJuD|Rut8e=!B
zv{1ukH<$1SE=JG5b5pE%Q_n;%NVF0={7kXwRpg;n7xx_CKW|zk`K-{QZ1RzXIooas
zw8^lB{am(OwZ}_2@rAWh<>xKOJ+IWi@0xyrJ>*l@|I4o*<W>tSf66&p@A>fJB@K%Q
z-V;7o?B`VakftsA`nF#acTr{5p?_ZKR{EXsZ@9ff*kyK^vo3wuz@t^#HesQc(j{@#
z%FNm%A3oj5>!k7>W1>4=mM_$t*Px{tuk-EbUS;<FK<iRtr4_y537<uG-AY&yXR%*5
zQTU47)XK@5yH>kjUcz?Mq?X;*sh8W(t7KDqR(s+VnRkz8*(>GT_w4@F?qDQP|NqQF
z<xv0KTes`i&EE6)Zo0ops{8a;7uI~ySZ?&+pW}ggaOTnZ+!JcHFIqKEbLXNS)=!=R
zJD0`1Qs`C|6V@q}k$2VK*uO{Ntz&88@_h5Jn|b%1YWttBr&;$>rq0!mCE8l%{5;h|
zj*ZOxuht$;H8r~wDrkK@T1;vsYmLzKv(vRceEb;d7It>lgX?j=pTESpDNUOj>%=GX
zyg*HA-5IM56ZCK2l3Ul7e0K4RI~-e$3;koZ-1oM6+atJY!n;MW-8KSO;~OqKv^{MU
zY;om4d%5h!t(RM-GKQVJv3w!R>w-+Pn>Y5JZ=G{E(z@y4Bf$&VipPGe73GgGD_=kB
z&wu`K(a!c+`*>zBURoDue*T+wnXAVAlRA8{+voW-ozQAMar=}Hhu*PBL;cL)=Px`R
zDwgSOELT5wqv*lkf;pl#+@IbW86|6UN<E(O+^A$z*gB<s#Q`jjCraGDyH$RQsr!?&
zHE(wOd;gO)OxQiV#i*g0-@5V6!gDTb1%4l7NDwn%F*kYsF!xmVKdEDDk83Ed6e(HI
z#+9}~<5&UjMWt0W3`tSqc`ivSJc4CP_lDft_u+YJL!1z+b=pzi$C9#>Q!G|3x~uBH
z+0uE3%H*?os$tJeDuX9`uKORxJ|XIt_RZ6(W)@{rKiBPk)_Wo()3MpTp`Fi5NLjCx
zmHFD7&vvt8bgn-6d844bXLoGmC8wj76BTwTF7(W*U0$u>AjFiP#I`o(RNee4vv;%n
zeys?(`#!t*pJ`3}s)8GpPh!@`FVBjxY^zfjaDO~2X9cfrqM54Kq_6*HKl`-tP5<GO
zDzeKTaPeI@Ke;GnGTUMSfoGC!+3z_QtXuR)xb;y7=kBw06N)k~v`v2;a41&&|M!+V
z!S_TK?n+ExI290WKkuwv|DNY(cXX{=wCmOiwJ0|KY^hlnOoRVPeptNLi>F4sBK-BL
zmj(sh!Kpr}qP#-feC8HmeoO~yojnAte`qf@n~}mJ*QyXW*YM>os}^%}m#UM}6Q*4%
z>{gdQqGWwKY~$KKZT@QyI5Jr#sdUe);YpYD&R-p<z9C2~@1`7&ZUeK1?B<YT3!9|{
zPWN1R#r(SSP-$+xR)q|YQ$^iVHTg*CMSe=j#ubGc(&Fb>xtsjnSfA00yzyC?Ia>Gj
z<sB;+n46E9)i_UB^*SjuDeG9ocCnx}Yu*aG^L!8}l??d%+I8EB5BtJ6Bh`F=RVjpc
z&Q(5BWqfwF#qax5r%BkQrk^;o+4)xc&mh62oR4GmLS=s}XM9|E<GH^?@8^eyFNvtd
z_MSS)s;Mb6Yp?G6N{2HIt!Z1&9=Cl}_**r;r9N58Os&ypUA&~14&%J&hcCokJQn)~
z@HF)Eu9#!H{M;pBX0<I_cbd&;WZTwRYj@%8^2a3{54#&Gx15~%ZTsmPHaj1Q@*H5f
zE-1Hp)w=FiCy!0IyQllcBn8_;tqZ+FysFx|JF{Xv78P)59seQt@!`LXLGn?KQ`z<<
zJej<7c{5AJO68iH`s;%?pLq9V5>IN<f5}6q&xSV`y!bl#*U=c=R~c(g{J*e&r}pe$
z3d_%_>A6(&c<C_oZt0qlEX=!|ZSTqU35O@B=m~ZBv74>260+a?I-qIV+Cw)lIj}U&
zefO)GFS7Wj$BHL?#Y-!4b3$C#$W}j|8G0>D@9I?E=);Z?cX|a^@O{xr{Lx@-9kGe^
zi5hzY$10uGpK=#^@|X+F4~Tj)(Ra()hkrKrOKvGwT>EA>N6oQNR)7Ac*Cu>UIVT$z
z*Ip2i-~1w^m9x3O`dwAenztfaKT6uptf*+|O1XEdXyLPq+Xa%0_QcFTSmC<i&AHEx
z{X19I6r4)Brghx(_KsAg7iY3}A2}SzRcO6Tze=#LnIp<Op@wZv!VIw$u@=_mqDN1@
zoau9sh50M@q8m4V+ZrvclXz^Van`VTne@IKCz;M@Eu*sV`7XE5%1)Y?5h6eHINJ(W
z2mXVznX-DUU)$BbbGNzO!lUrygP!>m-q+>3T2=`(+bJq}=-2#tV0KTt@%hmM+d5uc
z3QLq@*=T!h`;p2A9=4nbjH+DnFU;o_u70=kkGUgHPmuKQZ#N>h7VDRPx7fX&f&av^
z{S~IKIs#Iz3QBAZcIuj8c3@frlQ7Sl4XHB)pEE4Z%#zu@ks<OqhwJ?G?CSTEPG)4S
zDBF8rzm??V8*IF(j9OX6AwrG23T8+DT(B*FPA1o*{28kS-grkY2s2mO9_nAUcdf?y
zTRO5clWs;|J9Ja=U;)qn)8{rXUHO5@rS!r-X7P@XezVk{XdRYV%`f_S*Oy{d>4<sh
STkdW!`FHDT3!jK%%UJ+zOjeix