From 97b66828ca419a991f5e9ac2fcef0f50c4003c87 Mon Sep 17 00:00:00 2001
From: Kabbone <tobias@opel-online.de>
Date: Thu, 9 Oct 2025 22:14:51 +0200
Subject: [PATCH] server: add mealie

---
 modules/services/server/default.nix         |   1 +
 modules/services/server/mealie.nix          |  36 ++++++++++++++++++++
 modules/services/server/postgresql.nix      |   1 +
 secrets/secrets.nix                         |   1 +
 secrets/services/mealie/credentialsFile.age | Bin 0 -> 1420 bytes
 secrets/services/postgresql/initScript.age  | Bin 2859 -> 3069 bytes
 6 files changed, 39 insertions(+)
 create mode 100644 modules/services/server/mealie.nix
 create mode 100644 secrets/services/mealie/credentialsFile.age

diff --git a/modules/services/server/default.nix b/modules/services/server/default.nix
index e1e7d1a..17b2130 100644
--- a/modules/services/server/default.nix
+++ b/modules/services/server/default.nix
@@ -18,6 +18,7 @@
   ./matrix.nix
   ./coturn.nix
   ./hydra.nix
+  ./mealie.nix
 #  ./ollama.nix
 ]
 
diff --git a/modules/services/server/mealie.nix b/modules/services/server/mealie.nix
new file mode 100644
index 0000000..702accc
--- /dev/null
+++ b/modules/services/server/mealie.nix
@@ -0,0 +1,36 @@
+
+{ config, pkgs, ... }:
+{
+
+    services.mealie = {
+        enable = true;
+        listenAddress = "127.0.0.1";
+	credentialsFile = config.age.secrets."services/mealie/credentialsFile".path;
+        settings = {
+            ALLOW_SIGNUP = "false";
+	    DB_ENGINE = "postgres";
+	    TZ = "Europe/Berlin";
+        };
+    };
+
+    services.nginx = {
+      enable = true;
+      virtualHosts = {
+        "mealie.kabtop.de" = {
+          enableACME = true;
+          forceSSL = true;
+          locations."/".proxyPass = "http://localhost:9000";
+        };
+      };
+    };
+
+    age.secrets."services/mealie/credentialsFile" = {
+        file = ../../../secrets/services/mealie/credentialsFile.age;
+        owner = "mealie";
+    };
+
+    security.acme.defaults.email = "webmaster@kabtop.de";
+    security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";
+    security.acme.acceptTerms = true;
+
+}
diff --git a/modules/services/server/postgresql.nix b/modules/services/server/postgresql.nix
index 00ab5d7..090bfd8 100644
--- a/modules/services/server/postgresql.nix
+++ b/modules/services/server/postgresql.nix
@@ -28,6 +28,7 @@
         host   whatsappdb    mautrixwa      localhost scram-sha-256
         host   telegramdb    mautrixtele    localhost scram-sha-256
         host   signaldb      mautrixsignal  localhost scram-sha-256
+        host   mealie        mealie         localhost scram-sha-256
         host   onlyoffice    onlyoffice     localhost scram-sha-256
         local  onlyoffice    onlyoffice     peer
         local  hydra         all            ident map=hydra-users
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index eff9d93..7f42c73 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -78,6 +78,7 @@ in
         "services/gitea/mailerPassword.age".publicKeys = servers ++ users;
         "services/gitea/homerunner-token.age".publicKeys = homerunners ++ users;
         "services/gitea/serverrunner-token.age".publicKeys = serverrunners ++ users;
+        "services/mealie/credentialsFile.age".publicKeys = serverrunners ++ users;
         "services/vaultwarden/environment.age".publicKeys = homeServices ++ users;
         "services/acme/opel-online.age".publicKeys = homeServices ++ users;
         "keys/nixremote.age".publicKeys = buildClients ++ users;
diff --git a/secrets/services/mealie/credentialsFile.age b/secrets/services/mealie/credentialsFile.age
new file mode 100644
index 0000000000000000000000000000000000000000..39e55ca870293d416c53e1ae5461f71635060cb2
GIT binary patch
literal 1420
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSPC`|K@a#W}aaLPyu
zjEqV&EH}uoEU7AXGAs@7w+s!n@GuW{%`^zj&kQ#SuXM}H&E_(T49IYG@<?+}%u6rw
z3No?u472bqDRHZC^iD|*Dm5%fb56`F&d7CfDTdirRGg>~R+8mj5XhCA>K7X6>}8PV
zoEQ;O5@eL;VOWskksDg-8eC%H8dP9pY+M%Xm|R|vsGshaR#0Y{;%Q!H>gJm0n~~-e
zn3%!kmS<5E9GF=aRNxnppJ`lF5}Z+#>F5(+lI>Fz?vv(LQtA>KlonKxU+JYC=ACO)
z>~EMGm10(Coa%1m77&rl<(OocS5_906=0C+QRW}vlw4%)?QW9h7inJV<YlSt>ROPI
z8tI$pTkcoopKolUo#s)PYVK=ZR^pZ6>0%jC%w>=okXKY5<>zaWmF;U{=4KvN<nHX1
zpBtX)nH`jDnrQ5sW#MF=5>gl(YL=PgR8{7o9~7SFR}vLj9G2+r=FR2jRqkyR=uuWx
zm7M1u?i*_8pHi5u?;l)lY?2mkX^~u1S(Rj*91)nD;vbNln-T0*VCt3ZmKRtQk`w6Y
zo}bGVW}Io5YvSx=;$Ix%YLOBa;#A-r5#|+E=HzE=R$%7s6Om}{9c-MPS(0IFUg}$3
zXqM!i<!_=Nk>~0ZW|Er072@g<T51`p@9$G&X;|ju?iOB@8KIq<mR%NH6kg)w=$_~p
z<({1ytY4n!>}=rf<DOfT9HF0BQCjSj8<A9O!IkZw6Y3fqno|)JR8Zg&T9#LwR^npe
zXW-}TuOAQ?=xrVlS?C^ARZ?K!=<8zQmRI7D5ol>zSdwUvZR#47Wy%$3ks2K7V_p#8
zYv`SnYgQ3vm}O9u>603n<5B2T8C2{TRZ`)d6I$e#ou%(>U=WlSnqlB?8ekCR@04h2
zl9b35np^0hubrG3;a%Y3ZQxcIXy_VZp&yc3;_d5_?P!vjYw4S2lAUN4lo91!nCR&2
z7@iXp5#euaX_T5`k>VN76=-5=oS0EiS(f4(Y+)ManQI(rR%Ymy5manho*P=6;gp(d
zkQSNi8D*9aO2-A6Wx54Mre+H1MM37K<qD44IT7Xhp{a?P6>i?i=DEq?rcPc(q1vJ5
zVJ?AHUQuO+1u32d{#lil0s35(<{tTZrIkU&Wr=B3&c&X2?#}u}j+uVxe&&%O`TE9r
zLC(Qph8DT5=HNU7w<{<xy)-aT!LcYQ)5Fp)(K0*RD=VeIvoJWx*WJmeFtozlC)8NK
zEXgC?z%$FKJlDCvlq(>;OuH!5$jrbi$Gp@l!pq+|&(S+FDcC&Mr8GR<Q`^nR)2A@3
zusqq*mrGYyS0O69!o1u!GR(}sz#`Z^-_z7QFCeNYBc(JgBP^=G!aKPn%{wh8C^IBD
zlIx{feEQ3p|Br3wZgQ?oI<rW`O1e-~^x6mQe`2wRBXx7nG5>E5n_1Sm=JUmsE{nI@
zxBGq*<<NQiVV=qRzkfEEl*?KKYO$)n;$)1Q)}~&Vaz*sTDJ^&2%iUimpB7%?akV+P
zrDOSyIhpIWXUI-td%xzi$kp#>>>M-_?i?4|yHa+)SFXzLPpKU4XWVC9e5acDGym(c
zXCKAZMhEKfeEPRB)ccEzS9y0gvlD+(Le8owXIrK%eX;$Hf7dnj+RPHG+n;pao%-c}
zT5i3O)wUl;CijQmF8eyO<Exe84TfC1pZfp0d5^Z2oO-={XO{g+mapwcjJtJ8L^r<V
zneZ(m;#%%^mT$&&`6pJk&6!o+B6fP}<2@<*_Id@84^J)JvaQqJ#k%0`l-M&%<D-j~
X*mc&-IB}$VnNvo)X>0LfV|_UQcr^(Y

literal 0
HcmV?d00001

diff --git a/secrets/services/postgresql/initScript.age b/secrets/services/postgresql/initScript.age
index ee68f9524ec294a8595f51e44e000749f460029a..2ffced9022b05e962bc40b0f43c999a892de2fef 100644
GIT binary patch
delta 3055
zcmZ22_E&s@PJLlkXpq0Bfk%LLacQKbfw{JGX<~p|WT{JNK|p0dMRH_Sp<}5<eo3fH
zF_&*iW@f3UTXA{0c}QegezupNn|Xnsu~B)cWr>%8r9pW{My0t&ewcfnE0?aFLUD11
zZc%ZfLRd+bdqE(VYqoJoWQb?3QHZI5V`6@UufD!_Sbd~vVVRF%iiu}ISb$4lq-9>E
zp^0fqslIQROQcU$V5w_yNS?Q8aF%{~BA1b&hmV=NTe5d(qOos!gkhkYd!UC~aB8M|
zrMGcXWr%;arHPM|sY_P4VNPLWhPjVvRz_w?L_lt&OR8&PYC2a~Qi`j2Ua(1GMWm-?
zUa4EIN4;@HS*lNdaZprNR%UvHL6%{GVPUGVu}@KWX0diya7l7*S(v_Am}gOig@L&R
zS7bqwv0+|reraJ+ikm^YMW%03g?_T5cTskbS4F;)vuR0ok(aZtVOe2GMv$>rNxo5T
zL9&~3SYm`xxp`J(7ME+8b543ikx^BypRad{OTDRYx@mS{Nvcb+OIATrk!w;;prv`D
zlfRo`WP!PUNu{e<X=-Ujl1F4=h((H1lyNy%L`jf#P+EXdN`zBUglB$KQMg~Zw`o>d
zv0qAvM_N|6N4QgvK~=eDP;rDuVrZprd0=5qNI<%_Po{}iT1mbyS4E;pUW7?vafE?;
zP<@4SaC)vqg{N1kX|{24NRYE-Ww}veMox0JSGi}nTa{sGmQzGtYDQ#|wo`6#M6sn)
zswJ1XlZSIuxS^q&x36Q6abi}kx0AbfvVoC7rBPw3lbeO7b7W<Xwo{^aT2xk1xrb>|
ziea*AL{@>9SFT5?xoHuXrCD0JM@oceMZHIMc2bmkainW`RaH(#hKZ?Vp-W|yWq!DC
zNK#c)er}#Yio0cMa%PrkwokfCNO7o1Kvh(sDOaGjmz$%jn|q2=N|>>UTWYwzVO5rC
zcwxA6RZ?EDp_yT6dSGysr9onuzjs8Wqf<$GWO8b<zE`ECV`X}-Pcc_zMOl(%MSYc_
zbBdEuW@e<Dzh%0SzPnqMV`xE9u0ejGN0m#4M_!VjV~7PPH5X)-=@uB7nkl3g1(}<c
zD>$0CCK&|#o9UMrxOsc$<z)prduj)InEJRB2WJMj1sGKrxEMq@mgfcem2zdLxTjS`
z<%Q=L7kGxdhdUN#yA_zYcmx{N8~AG%RTX=d8yA`Q=au+`m`9>m78ICX8W^bHs9#!@
zQ)p;tSrt*~XsGR;@9Q2Gk>?WRos*gGUJ;q%XzuN75tVM~l<gnH<(O9Fo#c~SRpuO(
z9uib$W{_NxW8fQERFPB=m}-y~ky%oh7o3ruo|~A?Rj;e7tKgIGoMYx_>g5uVT47ii
zo@y3Q7#0!flN0JvY*<y8<rWfJ;auq!Y3%G7%B6Yy-u&#O^VJ(eyc{@V^CnE2a^!u6
zbYYm4^-itS!mz`+Po4MMK9$suc9`;Zmh(~GBL+{W?^S;MV@Bhq;z}R8O#<;-*kgSb
zx!RXx?HA8IP`~zpW<dYF(+%F9E29j5F5qKkp0fSIE1z#tF=33iFBHYjEjV|5*Upa$
zUtZZy|C4bclBL{lot~}lSL+$4HVLQ~O+1yxI%x*W_m>Bmc<aBuiwII&w#hr^*yAt9
z<bLTo|NsBM>Z*i0i}5|RSsMF3oN+my*H*n<XJbg~pImvroySd<)SDcdl>e)1?hM-t
zBI0&Ce_Ze1Bwkds`Nii+cQ+&{xULI-zm(nZdiK-0$=ByNU6oOA-MzryaB{<kI@QnN
zM&Uo_FVs0Ir}x=7JOAEmi-+c7B0Kq~KQ{T5GNb<YqEo+Ou4Kx3KbB&xu(o+L<z7Yr
zPn-+CX5I3N9#iS(^Ac9=P4;l8SJ+g+?*CU~*?Y;ep~t(-cgWjxsYN~9W*Q{#@y{xH
z9kWZu^#AOa^UW=VGlb(_PMv9DtF(8j2haP1Ez<w~+CTlyAbEYu^{i|m{k#c}{I*?q
zH!I}u_n$tGDw*GBT7Avh7Spf)_@qv8%MV`DD)G;2cHa2yUEuvB`2EkwwVy()XNA`X
ztYwPxpL4i7#VFO{tj1kG`$O*E9#0BX+G(`&@#k~T<z(bamZ<%`s#Lt=CXewIZQD!s
zmepq?tcqR3>$0z2-u9n$by7=%{JI&j-;E08d<`qj7r)@2wP|mDw}AGaw+ZP60*ZNY
zhn>T&)js=t;$ZyQ+u5c^Ti7-%pTGC+51(!ORO-tX*=D|JuLxp)7$S6iO@%wNX!CI{
zWxL&(Qy4ydU%NKgbH%PY$>pN{>uOVvG3*Iz+qJ88{reU7iq7h-dElGobojEvNtcuS
zmXe#6oXlGg>iA~oZ|_T?i#+l<J_&`*30<L5%6WhJqSt|1zJGrE^HrX^=6s%c?#4||
z%1Z26OjY#6>V-ZFwB6xPEir0m+v<2n+T)Si+{gzBmSH}c*P|Sl7q`Bh`aSKqYb>`g
zL+K*N$-Y@ti~n5PZo2Hl&mV4F61-9u-%XenE_>D}Nv+X@V^P}16%!AN@j6P?o<GOa
zWZquw=&3)iY_AsQg=2Bn{AEn60@6=6oVq2n@}8};<q4yAL2~tv`4>eCE<PbCAXDB^
zYHq3i_fh@3irdO64hQO71C(b)?L5Csa5K}9U@orTbN46mcW&o+^=#VR%*ZcHF^!e-
z=c}5R{b)XGwt0ip`H&Z<<}PqoXq*tF{v_>`wPNq>!Z&xCW}gZ^ko(Z^g2V4~dfqJm
zd)2>|h=gwVS{fgtwOD6Sb-j=5wY(RKDr*+an{u;8*Cry-LFd<`kCS)trgBxhR!<aI
zmbvWSS-s~H|7~^e9NEpH6%z1W)axAgfy?YS4l8_`{3~7W_N4=Bau1ve59<5+z|AUG
zX04XQBR9@vHft8%-TL;FvDB#^U!Bm~cXGa`FMHIm)q1w`)SWGt19~6Jhx+-ite0Ek
z%y-E&FWdZ-s?&_xgK4k3gx4%-?{l5l^`KoQ?W>JY&D)I5nzbALzVvsHzT>&qJ0<`2
zo9XjsuJZYRyyjoWq!Pc0lk0W$pOy#BFWY@!U6*rBNZH4`NzUoLclVzDb}NkYSz3hT
zw3hEpPxEdyJoEf)x!&{8;+71)KaLT0s&P8?UVAU~HSXTXdq+pqY2xWQKXz|E|0|%d
zm~p>_+-2SwpZ7B)++^vBzTfad=nj9~({ly_jfrmi5_b8^{7ipk6Olai>?@AtJK8s1
zXL)^0bRJV$NVxv7lml<)y#2pY?EKWElH*!4j_-1Qc;V(;ldW2TQP#{y<=nq$S#^f$
z)~U_<eD6v97V&M?=g#V0yrMU2`7{Zo^4nK@+JDUYyqjZ#^B48Y=YrFh`W1hEHp@&h
zm*d1i)%<d$^as~dd|N+o?M|_r5^XlcK3nc~!nea8yLp?dtKJ6ISk3NBypm!g_e${S
zvHTOiW*%9x#4uvg#Akp0U)YfwFZ6BsgN1uu8i;F6$o%^zjiaPKaQbWOhvlNH{<Qvh
z{M<W{({qv&v*f(Fq0emJ9dXv!;3O9&ymWcO5qs_|!|56+$K~|T%@Dp{>#O`=>olg-
zY_b+LCdYyrPE~KnzUaE7@6twozl-NOCzj1KXswajYGW{U%07ed$L@MBZkTAcmu1qe
zXRm!ULyTLt$Nb$rr%7Wgvv~cVJKse+)CJyn<eijza?$M?x75Y>J>PyMaRr*Xh?l3b
zi*trLCN>@lReZ-5dwlC%QKPjp7hDWdTzhMp`gxIcFYFwio|-w^wrv)_cTeb(*4$lu
zCT=}Wo2C_B_|p5Ah1K*xVd{JR4LjAtN`;L|ZJ53+Kl32s^`1M7-KUb(PpaRJt9Q11
zb!wMv*1y`zN88(*S=Js3+9>jWmDE$aZ?^9%W%G9mOqz2xX=9zH+SQv{zb~0C-4Lub
z^~J);@3J_>S_+nY?Yp5_{^i!iKdoVNtUg7)SDBaSer!sYx2I8KJYS&Hg>r{A;>=Q~
z(~TcbV&9Net6uuU+UQB;2`7GW$*n$4%k(-k<Uh|+dgaA1cf;c?I_r1;%M%I7dL+x_
z{wF!^(+-XN5Br`i33>94_h9eg?oh)Y2X}s$rd9cPD{rmI!n<$1#2zM;<r>%Y@a}er
me~^<nGv~c{O<dp?&MS?|+Gq2P+Llz!*_PnOcgpGMBP9TYSwETp

delta 2844
zcmew>zFKU8PJLKnhP$C}Mq+9}WOhnrVSc2Mi;t_9Wm#~zc0fvnZ@#vfleuYCVn~&t
zBUee4N3M&Je~PPTaI#r&U{scQUa-D%xOS$2aj;pCUy6}=Qm|v9MX0l<FPE;JLUD11
zZc%ZfLRd+bdqE(Vlc`TwqEAMmad~98Nrr1-SbmjHL48$ju~~7sc~)gwlwq!)qgjQI
zYf5f$Vt!djVWhW5v6)$Bo>yf^x@k~RIah9?b8dx;k5f>JrEjp2r&ng4nX6N<fq_Ss
zQ?_MNl#^qIPikaPKuUh8Q>uGOqEDfxt5;G^q-UW~R!Ww0dI(oWp_g-+yOC*5ghg3I
zewweTTfI@XN2*t9u#dJ;er8amPhml%QBq2#p`~-FQ--f|P<~O7MPgBKk*|MdRjN}8
zSEXBlnP+aHql=kwVYZudZc=J$g?EL!iFs(0SExZ*dYOr_i<?ubx0!yCQF3sxd8D?9
zn@2%bqMwJENw#)!5m$J&Wko?{UXqb#cxAA*V|_|Rl#y?wW3W-GyQyzURHSEWNkmkB
zaC&aAX<BNEXMujOMNp7Qj&o9aprdhGno9*&R<Vn(hh>g-azwsofOB3>l%amMkFSq&
zrfGm*zF|N}p0B%wf2oCeiN9HisjFp@sb8`|Ww~c)d8%1RnRbK)mvK>mdumCVwvm36
zcfFx^Rj`Y(lYeBAcUEDbfonugO0ZYByRWHRPIy3+kDs|uWQn1NL7{e{Z;_u*k)KC-
zjt`fSuUl4eWKK??TV!fVVYaJ9rHPScg_&c%fxbmhT2N6?kWYY-TUwEspM{r6hQEbV
zP<T~Ds;PEjP->cXN}>mstCx19n~Sq$QhkZ1S&CC>vYURUws&?^K$c&6Rf>0BXi`w9
zZ=`dfYl&-MmXn9MVM?KAKtXY2S+H|SSg2b>BA0$jhQ4-caa3}!kzZ-Lr&pv)m3MG@
zevyw+s8^J~d0I({XR<-4Yq67iSg=cQL5^#(bFOKmk7<FsyLnhfRTWo3lwYb*N_|>p
zh(VH5ps%5OS$KLycxq5;NtA`7e_o|?fmwcJk*~8~M4~GwH5X)-=@uB7nkl3g1(}<c
zD>!Bt`GtE$`35?M`iAEQ_+)t-6lEk<RVKQZl~;xZmnXUwI(nHTraR~R`f%k0x;RBv
zxm%QI`)a2o8(I208sxeJ8CAK}rzN=rmioA)r@Lu8niLd-1fW_L6qsHb7^vV_VOnZd
zV(D09>{)CW<ztkVuAih`RcacXZsr-5l~Gt>lvEMqW1ed1<r~OlP?c)p8fNMeS>b9_
z801-CTwq+_URdl>k?U2aZ(`={Xb@=ZSmk2s;#<yDudA!8kQ1nHUL06rVj5nSUF_&>
z5ae1B;9nJ4R%IHTn3U^SVP5KPr0-cC?vZ4{)xVOjs>3h2mwBOwU%%VOqhIe_$qG~6
zS{-83YB_t~|9q)w+c|!QPF=JAjNRi_CQ)Htc{ls}Uu0R0Uw`nIKC-e#`t|1Hg}U8;
zGqtx~YR?v`|JXip|Lc|An>sE%%DlG6rgh$_7dgL@18OFDXr#WrHN|sB&3Exd56@-H
zYTu^zD=gG~-COC6dIsf;Yd2>q^E_@9`SSO@KSSG^ybCIG=0;3C>aut9j>VQNkFHHw
zTruVEye~%#SJwLF)Kv(~`q*Zv;CtRGD4%6^)WNss1Yf=@G^w|)|DvQd>0(&}Yk6&&
z`3q&&cb<ypSA_2AofR7vrL|GN_1U3^X(mfQJ&%mm5Ui<Qx>&rxXz@f-?-IYOi&mUB
zex=)fNKfcsT7J<J33e9WC7fNhpM%s3t!~bfGxUD^aDx1+XPx=;LK$8-gf(!+I@UM8
zGy3$><oV&GRY4yd>o;!jZLe3)H2i!`q+(fn=1<wsCf@ERVf8aYk{v^Z_Zai7E!g%j
zar*1enTz*qe=uW9;Xj>edhH%h*M|N3FWn}=5?y+GN}tlwGx4UUg3Y=*JE9gBO!=EX
zzf=Fp$4%zzpD=Qs$lX?E*M6x)DC4iP&7}s#H@`~#zW>&Cn)2}6+Q-$Gswdx+uHRB}
zwYp#)<0}#U5Uab2Rx|XLW~NmhSiDFyhw)mBou256eNJyvma0EFSbAxaNJrr_dt2sx
zhn5+6&*SN<T`d<c7(0Xap-lTcFMZ?fzh#>nzU@BPT=Z<!;TeaMuk5*#cGWER8#7<g
z(plaapB0z%_LyHfzV`L&WqQ}Eo;tJM41IsHK4bqs%ln^}#!u1Sl=6T*^k(slpO?1$
z{46pnw`W47*!yNPlY@?`uYM%HiuJGgAfI#Uu!-ij6H?x?HSwZBAuiQ=CEuUyb+hQ1
zoF@4>PJ(r_dN^0DRgrM2Yv}7gWu2lSZ|5$!)G+;x_@thw>3=jX1+}tX{jK(lVdZ`4
z$9|<VG`;J8hK9T-{<R@6b=e<=!?tG0Ph4IcGn=z&{vD;QsZZlvR=M3x%TG$V)qXuY
z{CD{a^MsQQ&+q;U6^^=g<amW>tJoWZ=ebQc?rI&9zSy3A=F0DRRj+;Db(Q|J%1)lO
z|LdfQd)FrM|FvPWsNtL6^-5Cd9@F$Hmc->n32zhs*QXm@(yV`Cx~H-H`@R1$W(VY?
z=DiYHY8@D!+V+3WwwRC#D`%%XtDMymUk_`nJ+kxa>f_UtM5hFAZ`)OJOh{p}_fa>E
z55JAyK67y^e0e9Jr#Ae*2h-{|cl=Z;E1%Bh>$j9$`|4^r*V24eNe<EYCWm_;!g#J&
zo&C1^xcm1xPm?D9@u|psSO0QKh3=H3Dbo#SJL%p3)GsSw-FD(iUg*7jk7B(JJgfM+
zy^b?1^uzO0W(E_j7_9mnvQ*}0uKiusc5OY|pYNAbp5GVax|MFfsn_ImZOzxVjdmRS
zB^OUmb8-0bY>(VD;~js?bb8ZYZ7tC*e34Rhz^Ll92<s)Ik2?Zxhi)%D*xR<ZzK2^w
z)Vlp<VRzwyq{R&Xd)}?9dtv5sZgW6(UAyz9Jr}0Gvv_00r@3%($hwa&R_j$Xq)(Bu
zp3k1R_sqPV@ipQBjZFtC=bEejwTqsU<9+ATec{)c>dT6KJ(PDI{JlNz*mRD1-^ZOw
z>KBq_zF4L89?T7zq23rS*2%G8zX!(&fgklIle(^ZEZSzX>$Aqu28GWFj~VKWm;I5Q
zTld6m{ddPz@9dY|$-OQ5)-7Pu(v546*!?#3d$D#~&uz{pD)&MUzqrk`^_12s1|8O=
z+N{o1@2&0JrM_`&RDK#!ugEP^RB<e@n;~SS=H}ky&Z&+6AD=r?@tom8@G9?;-<{Hb
zS=fC|c<QxRl=@zu5jJb4goe@mh0-h{S(VSP2*35<O_>?)BKpcKrrc!8|4^NT*E|-d
zLR8~BJoL{0dMq^A+vZh&bMlfKemm!Vj+iEXOghY9t$V(@$-En%mgY#5%P_?pv2Q+D
z>M*CV>Y%mae}#3jQF1I&K`C0-UZ+a_kZ&{AzpUeaK{BUabxi@o_wVLSlaJ)vSVYXy
zQS;U;?Y4T+t3NyH;GWs<wr6#zPO144n038dWxmM2m2cyU#R9{4Jy(CP5{^C?;Szmb
zj<I_})&|>d)`V?4U$!sV92oN=HB{Ttsf5eYG)J~;*~0UW1htR;=Ty;M?rb~3T9~KJ
zl%vyB^mZ99d+3RY_2&9Y@1|NBC(c)tT*|?k-Yp)u`NWL0s?<!OB+;Ioe|>K$=5<F}
zahXX4%-?BoKWQ~Tuh}9u+Ys4ji<SyF$0kVztEnzK9PowTvnbF=l1Kg8%Clc4r-_-1
z8pv{R9KQe3>;30DOWw>X<c^VCth%hL&QtCEHpfYSE}L=2{%5{aDk*xDM`@Q*Q@xZZ
Q+g97i!WrT260Y(Z01j`y;Q#;t