From 22ae1aec0dcb20b35882c899e6a12a9961967643 Mon Sep 17 00:00:00 2001
From: janabhumi <dmitriy@ideascup.me>
Date: Mon, 10 Oct 2022 11:59:05 +0300
Subject: [PATCH] store password encrypted via agenix

---
 .envrc                         |   2 ++
 .gitattributes                 |   3 +++
 flake.lock                     |  21 +++++++++++++++++++++
 flake.nix                      |  20 ++++++++++++++------
 secrets.config.nix             | Bin 0 -> 1502 bytes
 secrets.example.nix            |  21 ---------------------
 secrets/users-jan-passfile.age | Bin 0 -> 1680 bytes
 users/jan/default.nix          |   5 +++--
 users/jan/secrets.nix          | Bin 1764 -> 1627 bytes
 9 files changed, 43 insertions(+), 29 deletions(-)
 create mode 100644 secrets.config.nix
 delete mode 100644 secrets.example.nix
 create mode 100644 secrets/users-jan-passfile.age

diff --git a/.envrc b/.envrc
index 3550a30..f025931 100644
--- a/.envrc
+++ b/.envrc
@@ -1 +1,3 @@
 use flake
+
+export RULES=./secrets.config.nix
diff --git a/.gitattributes b/.gitattributes
index 1b4ca31..2563acd 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1 +1,4 @@
 **/secrets.nix filter=git-crypt diff=git-crypt
+
+secrets.config.nix filter=git-crypt diff=git-crypt
+**/*.age filter=git-crypt diff=git-crypt
diff --git a/flake.lock b/flake.lock
index 542d911..7891cfa 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,25 @@
 {
   "nodes": {
+    "agenix": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1664140963,
+        "narHash": "sha256-pFxDtOLduRFlol0Y4ShE+soRQX4kbhaCNBtDOvx7ykw=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "6acb1fe5f8597d5ce63fc82bc7fcac7774b1cdf0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
     "alejandra": {
       "inputs": {
         "flakeCompat": "flakeCompat",
@@ -447,6 +467,7 @@
     },
     "root": {
       "inputs": {
+        "agenix": "agenix",
         "dedsec-grub-theme": "dedsec-grub-theme",
         "flake-utils": "flake-utils",
         "hardware": "hardware",
diff --git a/flake.nix b/flake.nix
index b7b950d..1dfe362 100644
--- a/flake.nix
+++ b/flake.nix
@@ -6,6 +6,11 @@
 
     hardware.url = "github:NixOS/nixos-hardware/master";
 
+    agenix = {
+      url = "github:ryantm/agenix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     home-manager = {
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -68,11 +73,11 @@
 
           devShells = {
             default = pkgs.mkShell {
-              packages = with pkgs;
-                [
-                  stylua # lua formatter
-                  ormolu # haskell formatter
-                ];
+              packages = with pkgs; [
+                stylua # lua formatter
+                ormolu # haskell formatter
+                inputs.agenix.packages.${system}.agenix
+              ];
             };
           };
         })
@@ -90,7 +95,10 @@
               specialArgs = { inherit inputs; } // specialArgs;
 
               modules =
-                (with inputs; [ home-manager.nixosModule ])
+                (with inputs; [
+                  agenix.nixosModule
+                  home-manager.nixosModule
+                ])
                 ++ [ ./machines/${hostname} ]
                 ++ extraModules;
             })
diff --git a/secrets.config.nix b/secrets.config.nix
new file mode 100644
index 0000000000000000000000000000000000000000..cb038a51434035ebe72f11a30e01e6060235d349
GIT binary patch
literal 1502
zcmV<41tIzXM@dveQdv+`03#KMM*ih&9*9cLZv#hUIyyrf<)C|vuE=kfJ=O-^pEdX4
z_R+0<&~kQJi~>#OT|R3U<N!y95ZJX-i2H9z@H!^R_s#nQY|AnsC<FKDH#KL<U_2YV
zj2C<GLX$x0&$>5C<!6>ZlS?~OxmB)FZf&+ZZ|;k1V+&q8>FU)a-C{CQJC%+4kA8)u
z5FE(Leosvb{!-a`mA33B-P21{U>CSa;=g4abq}KHMjfmnr&j<9;}w|z{*~}>X=`>E
z=ls&gjlG}#&$(qhcV;H{=No;0bBgLG6n@T|KR7%&l17|s{oWVmZXo<YE|m@{=6-E|
zC>aX|>mmpl`1yvnfQCw+tElUNhE2rw|Kk0lXI5~TH8D^n>*X3|9qMd_<?70TnK2Y8
z6oCH1)GxH$?__`!1B*vXen^+Der=HR{mS%)!P{Q0|7yl=JNC*{AzF}-N(ygItlET$
zR&Q;h$+d2TCgtn4cVUWX09knL-iR|pw!vFl%v!0G-gRVAsa1S!S7&tD;6pPsR(A1z
zrlGrzmEPq8r^brEfZx}NZIwH4S>Kj#F{9_`D~||!c6rL`A*|4i_3<zvvD_<`v<<|n
zn$<g(EEwAHtFZdq6)N%gu&Rg~5V{_AE45?-)8Mxd)3{l=%2haqF;#@;(-gm_pUE@=
zun4#722+Ffm@pj9^uD3LiS9~pZMI+1D%1A=Zf_r}GdWP=Xz5FxZC01FYl-`gJ2vN7
z8<4t-y_#1D6z93j1CF);ppgg0HiBL<13C8X$r2sS4j7C_6_MCj!dxyP?$LXh-k>#1
zeV~V#LlgC1ExRA&-tx&0NIwE#(#DDR$f@1B`V-GWy>Va}1bXE0K4AS);I3B=DRKue
zW-7@V7-~TQQfr!u*ca>j!fI52MbMN=H0K74l^iBTy>h?0k|M_C33@>e863*k&O)aK
zEaS<ssUmi#$rI005fcAlbh}nzl`;#X6D?GYi9;3$D2#h!qR0xVslw(i&^rORBvSBz
z(nh(n=?%+;Mn&azPY%Ahn9PyI2RM(xrlDlB(A{h6ZNkCrI;X?OiTUIG<R`3~)sJYY
zk%|Ao)yT$STxd-Ca0T9Db*3}gJxh3^%B8zr?w{#mgR27si!JZTk$r$F6BR71Qa1n0
zliw!wjbzgDAo1|d6nUx*#`B4e-x-nr(=iSq0zw3m_p!X)&FRUC-x(puGNt^>ILmb5
zDL4Z_SL9=|!cS3+)IVQh_kH3#NYNj(b3}-}WnbD5L5}~~e&71KMpCI~`;xC5vl+^x
zgub7S@{7QSd;YD^Gw)HC5NEtK#o*`COlj6B6;$7_791I=RtS7A)7}MTNT>ng!?sro
z^xZ^2ilwurWU{4FB-|1Khv=&t+~^y@`MOz-2t5*MwGjXV!#Whm>8)VtsVa=@PaifD
zSkPj7i4YKvT7Hy}G#}W#kT|2YH{=(vdPY5EGaq4;czPL7YD-vuiR{mR9rkA%hQk+<
zU}ai`wq#yTb6$sZAVowCpophS`=Sa#7Xk2I4HoN$$nHihlAboG9)13<q3I6kP_AbX
z@hkg5Lt7_8?-3`VE<V<Sybe2*HK3L&53CW8G8yfjrb-kr0h6`34=>!t$4d@<*j>`)
zV$(pb6Ca6*!mi{bWOm~UJTgiB%<_HolpTchn!2+=OYIn%*?u8Hi2Kzfh~TO5>vqk(
zfuwt)?;$^(lC-3z;zTnei0{<eBnKa*`pI`BX4q=S*7*?J>4ANfznfg#j7lQ`4S99^
zfULRl?dRd}2?#?l|NV{qy2_j~0c#fJa@WVx5FB_|vVQXxGIKmrD!Jo`?AYO0yP1rg
ze=JlumfzQ>*P@{7U_lnx677^ZYQn`~`nJ)=?Z)!-uHwSS*3_Thv2RG1yW)zs!Scvf
z+c8K{R;*{`6K-L&;#EzP<sT191&^p%3Q$gn6Y`Z{Qk5yp>TQDuIFk~Ub1hMLJM-db
Ej#cjaa{vGU

literal 0
HcmV?d00001

diff --git a/secrets.example.nix b/secrets.example.nix
deleted file mode 100644
index ea4a460..0000000
--- a/secrets.example.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-  networking.extraHosts = ''
-    127.0.0.2 other-localhost
-  '';
-
-  realName = "Bob";
-  userName = "bob";
-  userDir = "/home/bob";
-  userEmail = "bob@example.com";
-
-  # gpg --list-secret-keys
-  gpgSigningKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
-
-  emailAccounts = {
-    "personal" = {
-      flavor = "yandex.com";
-      address = "bross@yandex.ru";
-      passwordCommand = "pass show emails/bross@yandex.ru";
-    };
-  };
-}
diff --git a/secrets/users-jan-passfile.age b/secrets/users-jan-passfile.age
new file mode 100644
index 0000000000000000000000000000000000000000..40aa68acf0ad663b048192e4fb35464b1440abf4
GIT binary patch
literal 1680
zcmV;B25<QQM@dveQdv+`0IXcc_<;sMEU|1OZcqe0QAFw|Oa3o(ndKdhw^40HD?TDM
zd7@)(Sk9|(nugEW1HTq;rGfSLaWk9rNAbaqqoLSf^lq0vvoN-)b7LC09I4oWQ!%W9
z4jbr&>i61Yk4fpED1+cwPzyLuU<v_SpwO%cu`cULL|U85d)^Rfb`scg^32@HH;Q#Z
zS9>0b${g>iRgjA!V>|?BP@yI7uRhJii$}zb0eXpK2^VRfOYH)16S0>;{}YTv=Y7%i
z77wjntfgT^o8CmUi<q=X<TYk~&EuCo>g^`q#h;d!e9Pe8W;(?27#pzf<jyU(u3jQ3
zSFU>$b$UZQ@&-><S(v*-30CUxJMD}ae>dpf6l+O}LUME+6y{*;IZMdLHnHno03z6!
z!aDZ!ugv%OgMg=1;)>CSs0uET+)|A!awJ%(XksTBCp$a>4umQoTdXUSB!#tui06j!
zNFFd*q*Y~=Ys%4j{0fF!&ZZ{(a;lpV^z%2(xSxQb?rHiG)Lu(qr!6oxJvz>&!2!WB
ze%$EUt?v9WNviGpbz*dY9(|D~Q=fO|ql_~G17%OACoZpjKDKIGe4p?6{!5HBV!GPx
z9D*3;MI0QwA&wV7;u)}6-nrBeE=n5(B9!9hdmzHZMNXVn3X$6^M|Hp6B2@FoVEQ=|
zG>L-9WrkC-pm|`+0-2;>z7sRJYpU<!&OX1nB2bXjkbc5TGo*@S?xnvn_+-*vD|;ny
zWps+$Nw9f$;09sUkyw1(H#zY)(!#>scG`7(!k^G!C*9mfvDZ`5^dnrZyYApgepgNF
zrtlis4xtKHTslQ*G4z3gk^!MSl^J^LJ>_|MDnK^+_H)U#U>^ZXf6E5X6hsN|A>FnN
zIz@)+<#>YE(>Z|voC4QFU<7vSy&|nqn&7N_%p9j<*g#$Dugm(2vLKtkXNzRfPX=bj
zF^j7v57tp?6OzWHhLg(xmt|2IvQ)M2rI2|fv)8hGqd}y3R3+ECL@Im)Eo}bj2;L=h
zimi{dp$|LaEA&UdBE#5{;XA{1T>s=*+72Ap{}`5@8*l_l2^&r^e$F6yH{cz}l8oF_
z-;J0&wu-q#OGaA#=i-Q3g-;dX!j3AMzS5T)=*%8l@OqjR`(;2OqCXhVRe%H#+(Mqp
zNLA-OHcJ4}r1w{Eq4XzoS@wv_*dx6+1FK}WC9zWY35OPf#G9#Gpn(Q*%wO}m8tn9<
zmp+iT3lEY^BlN_c#qKQ|yJ!MXrjQx+s5wZpZ7Vtnq|M0mi&CZH-A?EOeNF^Al6jc!
z-L6NhPgDKpNaQ{|t1-L=tYr8B|JCW=l4tXrR?k$pIvP`5Gu%A^69Je9C*e-!WFOk*
z)J5UJ!(m9D)q6Y;{@<}!lmq1e5gPAZD*F=p0ro}Hv>Le}qTHs5e;<;8i?_<@gVWRv
zaissE33l|b-#!*%WU?7o@A`RKMnxIh_&avZqYzp}8?g6#rpo@B6=L)taq8W8-dz`%
zgHM-Dwv5L?pmVw0S$Z9r2rzC#&dt9JUmrX$mgeL;31<q9rdf|t16mrDRrY$aOG6YB
z@_X6QY$Mn=1>!y<Q8bEql^kfe)-dhM8#5lG+P9GOM6j6+M9-jeEeMHFD?U9=$s&5Y
zO9k|7Aq!=y3uw!ZsBv<YkXbmTL%<NTW@hVOP8~_KQ{V$+-Auu7g@Z(2%c`f?L!Q+^
zvEd>v0c?7a(bA8O^ef8TI!bxBMhiKmFTaQLCPmp)XW0X77j7`hQ5CT_;4W#g|Ezi5
z!tlu!o&m|RyKOW2;zk6{*!{lQY#)fyDizetZI#W&iLbzQgYV#1|5tkRT%#Ct<S;ti
zJp$F6mc<_@0q&YpGEXdHRrR2xgY@}qTwvuE^9EI6vP!1z0o@wFPLfSMMjQH=V7lt<
zsyUsGkf-M{;zg|e59HZ*0rtA2bG4;ApB$qg43a|}O)9uW0gA3@K1Z_nH@DVMR;-3s
zi%Uq3(koxxBb)@+-=j3(t&6h%z?|n}Pn#F;<xPsf=CV>fn%Z8Oagz)987$eiRDW$_
zk?mMNumsx~9c;v~<A=q2k^z-Kg8m3(#`V+s=+oGWZmyD_rQc2g>A{@Hwp!26eWb#b
zUjJEEa1LA`^HE^cMl<ZH(~vKzY+)L6f%U#T;Bz&^O-Bs<`BX=5>Aiffzi-v<ra}42
aY?&GRcowX%VAGq9mPK)EVNwx^CsIM-(Maw9

literal 0
HcmV?d00001

diff --git a/users/jan/default.nix b/users/jan/default.nix
index b3ef102..00dd262 100644
--- a/users/jan/default.nix
+++ b/users/jan/default.nix
@@ -1,6 +1,5 @@
 { config, pkgs, lib, inputs, fontSize ? null, ... }:
 
-let secrets = import ./secrets.nix; in
 {
   nixpkgs.overlays = lib.mkMerge [
     (lib.mkBefore (import ../../overlays))
@@ -20,7 +19,7 @@ let secrets = import ./secrets.nix; in
       (lib.mkIf config.virtualisation.docker.enable "docker")
     ];
     shell = pkgs.zsh;
-    inherit (secrets) initialHashedPassword;
+    passwordFile = config.age.secrets.users-jan-passfile.path;
   };
 
   home-manager = {
@@ -39,4 +38,6 @@ let secrets = import ./secrets.nix; in
   };
 
   nix.settings.trusted-users = lib.mkAfter [ "jan" ];
+
+  age.secrets.users-jan-passfile.file = ../../secrets/users-jan-passfile.age;
 }
diff --git a/users/jan/secrets.nix b/users/jan/secrets.nix
index 13372c24cc64676e650bf0d590267dd5c5db2d3d..41eed1ddfa5d7fed5c70d3c28ef67ebafdf26c57 100644
GIT binary patch
literal 1627
zcmV-h2Bi4_M@dveQdv+`0DX<IFa!95{kZE<L}23Ije_JOy=yv>6C!{TA&n_Xg9w?+
zj2jwgoPex~0`sR`Xq<FOd>^mBmr6xkiWHC@Q4+cWD>X47UAq`6*L_Xi!3EQmFnI(<
zOzq*%YtB+<5T`E)sqB1^p0RX>cby%@BoV&XmG2iKaZ?~RLUp#6|HufUM}_O15=pWc
z>(@b0!EHTDVNotU3H~jPrQtnLyatb?=sK5wji0^q1t(eEmSzZ@2SS#LMXV5>uatO6
z_%gFL3S|)t4t~uMt7Po2jGoK^Fr>8>@)M=cV1-dCoK$FjU)hBT*r^?7MP#)zZ|!N*
zk8O<G4JORk9qVJoZpJ46^(pjRQD^Vx)^ETp1zxxymJYN(5U*nmnX<M~K`0QEz=0)G
zrl#;nkF@TXg{&=1k3@9kp@;<ZQ?t?dOe(4`+Mf<7r`dSzN~?Lb5)MdL3Z2}F|D00p
z7MYISEHsx0^jfkEpeCVVe;f;DRY5ZjueaF%9;r$CR+3}_IFLPru+2|BL^1sT*W(s#
z*YL>vZAk?Gb<OhJEKmVG$BM%4CrAy5e~Y<ss~1^*!i1OJg=A)wF9Pk?+?MG(BVO4L
zpJBb`FJRN4lJ%KX4fqnO&a#3*CjFhb8I8M8onU9hS!fhNda@vUdzOT<`?SFl924P>
z{g6mta<mKf2J4DGujOgk54q1=Qs_<Ekkj;=h1*hDb`8MPLWm3RWNpV1*FXdVw2RZH
zYf9}P6$dD0={6SMc-@Z#ZHizQf%^*vNF&sW(Q1p<lUA4$Va=oM$LQanR1LSLIGina
z>r(}5o!tSw<vmRn(crBTEjo(C*j0QrZ=CJidd^#TIWgOCBqx_VDZ#m6ras1QA0e6%
z+~+8h$;@Q@$k)m?(UV1YiUz=0*GOI7Z{NHw75-<f&iY%#avrFbQnHRBQ^5Y-FLxo%
z2I?{oL;p9xxAOr?tLQokI_EY>V1b5ibl#{ICx!aZJ%wJ>e^bEYxlJ(v6i9Y^sa%R3
z{&R_8Gk$n?_?|ikpOj`qOgr;Iumw#3%_HR2wmQ%)De`+GjQiVzXUjssmL_spj~^N&
zuZx|*h=wAN<vc?4L~5x5Z~}^eXz0<W!oLIPM}61q!MJP8LOkFtB#ZaiC#OZA+*<I$
zb7l@W|2HdV*A~M|SXjsKF4MhLoz`12d+%P@CV0l*Ne@9CRCHpl0zQAW?nGJ3own4l
zU?y<H?}Z6MgHQ-Yk_c!PMP0Gl-i+G=MJ(yDd0U&5tw*swCh+8)Q|~M?ZYDKj`K<Mk
z3&cU#>t*x|GR7ohjdfeD7nT56=0RlhUfB`8klIqbJIE6e1Lz82(CiIy78EQr`XnaS
z-~PQUd54YP+IOpf(_sBo-cwjAJ{9Z$$?Drrf{D83^+SJMJ22boz?`n2U*tWPg82`K
z?eNtiT()4_nGz=Mrg7`eqTVpr7m)Sh!{7*;i6=FJZ-$;TB$ruX#6JV6RCCi^5SgvX
z5P!FQ*cYa1Z@iKM{PuTKh*))r2J=gq?6Vky*TY}j4Y{c>3AW}v%6(?-bXuMXreIQa
z@ct|A2T#p;Zkb!Jcuyr<dbIbTKr?vGU#Ma<SeA4)49^=KOUP6Zp?c7)AMWL8L4XvB
zc3}yS#RT5KtJEAl5PejVNa%l4_n+W<O2Ie8ixb^Xsvx5!Wn{r#CHWnFe~qV6;d?cu
zsL15!z&5@0_qHp_EuOWZN93;fh|>XEfndiLDvcy^8<gKE$MfYzo&a;ATnuczRN^>b
zfJH<reD=PsNFYwSs%bV1FcQ{GlHXk&V+ey|`^Wv-&~-6F1=G#VsiQYp?6CSnJ>iyB
zhE*1<|7ARjsNG<g<VUcHqQ<l3;AhTp!-Oho6ZN=8j}mbPw<v4teA+qU$b03$;=MhB
zQeaY<s$xJ+R}=)?SZrYYb2s7%QLt6liUjzE{G=sO&6F^Buy?9Pb<b-^2v}aeMrR4v
zyQQjJr({EswJS9X2Z6YNblEdMazkFqb-oP2?TrK|FQpg%M6#B6c=FRVv%!MIeq5IH
z@{Wk$>0X=2{h&praxhq?&M8WPVOSnJt!Wk4d*6EynS#H+<`FRGp^Tc81>`_j8_XgG
Zi=qB>?#Mgbb<&dLeX5jP)xr?XPT$+cBv$|c

literal 1764
zcmV<A1{?VRM@dveQdv+`01l|aB?!{H`)KRGLNqI=BzIQ7=0Wg2oygvpRh|^2gd|hh
z950#wfT`ruU5tqB?|4RdWf~<yn$LoAr7HUWo%cd)^~ORB8S0rUK$)Wve7$w|;n@}!
zo<ob*TP6r33#Jzl#on%OSVpYo+up1R|JL$|wu?VDHGHDDR5OR$Q3hKo7(Fm<EGMn(
z7zWfJBB^$_YU&^g>ErrUMMI9t%~)RCDQNV;pbllznc4rY!?TvDJ3w=_<3cZC3sj4d
z`DM=T_Fn0pQ_9Tl9ag9fNy48o*1qiAHE!@*Ok;l2jVkizwc>B`0tU;M=w^BI$>hom
z(l^b`(}7DY0TMU|z6W)K9sx?8S*y|u5#Q<R7ig;vTDXo_-qGQ3%DyVtcP7~%<e|8D
zB{NpH$<l&t%X^h!D-X~zNK;_o?)WEV4JJ4Tw3v9nwN*jIN)v^<J}+7S<@IP1qSmte
zKL-|esU!Mi2tLr*`5ysT+J*l}s`?9InUUzSAcWxBM&+HLoW;QB{7^n<wENKMDAOu#
zT~bJES|-J}WSHIinh1T?TJp}Tq~v>gjJ8G+xoM{q15&A~4o?=-Meghs)CfPVF(Hpy
z`SsG6Vrmd{Sm%iPLlr39XLWgg#Uzi%@0NVXvaxk*+-D;*8$jp1>14;_@D~Vvcku~&
z-WwH}byr`F%?sVv>>Yar7M*_kEuOfL!I0e{C1Eo8<}4q{IZ}}>Nyv3VYPjd8n&uDj
zT-p@tyqQkcMyG~L^Am7o4dGJeV1<RtXm=>5$1;T~bN;g}6EP!B`KKlcW<}#vx=`y2
zhQmu4@DsIUePXun?@FdM`NwW~ACmjEUXFwxf7t#8^oxQiZ)v2q>Yi9V0Ln2Q8r~@I
zx+X?1sH1Fy#M!z)1QBCSM+VvsKGf?M`AW+EmvbRX6FU~Lo%|<7I=#s30vM^E^9`+a
z`Ef|C3L+sCdqpF0_yEp1spA@Y41{zR<zzHT)B$B3Wi>yA*0?Oo=)4AFad!_3!3=iK
z9}NK~YgX-SJz;sB#;*Cd>uA(Inhw47p2S(-xPL;8p6VG6z@u(Ahd*46Q!f)zGgf80
zdocHqk<UZlRq3S2bJ?xX9L?|QoPK_>9CV`n8FVjFdMdlGX6K7K5XtEs>lnd>%DZN+
zdzkL(5qK^NC5VJlFiz$9%38782tE0g<23my+i@^3*rA5jA0rb$!g7ls`AP0+HcwX-
zDsTxl*AgaXCIDgt$;FfbH!y<PE?-Z-*8*)qg5KLwu_5|dC9zScXZgR2yO@gGybloE
z*WEy~W1!GSQ#0Ps)CG3Q8${OAG4pau5F_VNo)qDlt3*~ncd~*PndUGsoND^rau`qG
zes4@a`PR${Pj4~PgfE&6U6Fua7)_u6iqy>#OmyX)7kg?K&pNa5dt9qRRcds8YKQzd
z(oW*iC^Hvu(|;Z(_X89%vOe4J4C(Z8p<7DYYstv({=to%QoRh!nMQehV<1|;%;X!z
z34;{_)6Z0y&b*R7CV_snM8&(g{h#x2;OnoMtZR_K2CnPA7n9p1+N`QJ<tbmxbKaeb
zAcd{x#$q0C<?#A$kh1v}1{C4tJxKx~qmW8B=w)Pkggf{tw-Ms4e0tI~Ox{1Tx%ntM
z`CPoZeJsdzzj4Ua_aNV{L1HG03?G&Mk4qds1_3+mgC0%O5l`Sf3au*f94i#{S;&a=
zM%Lv5FKeJ#`!~ndi17V)H#x;jG^Ohm7RsxX$u(>CLkpxbwT~21+#UHcG%auUSrGJN
zqo9x`KhK{4;sjcUatblu9L)`#t!W$&qRcPGAEjqNW1BkZ%Xc1UQLOT8)-YbJ-pL>`
zeNgPaodUwsnp!H;4S_44`x7{oU-6#hLND!4K&I$Q9`dOhCUIXx#`X{maUC|xMT9NF
zA#>7+&KyD$U|2y}fs~D1cbU}STip*0`~bg#5G7zFIqt?N`c~>O!0!hUP39%H`ADV|
zLsWt8{?EHbUVC3odQ@?`N!s2DckBT>m27$AS<pC(6lZry&wzpLoFI1eoU|=@p$I&@
zzyQ3>UzB|8&hsm)0-xh!>XEYG%e}nOEUEzfqic-^lHVW_o{rAvg3<mcRB+X*WV=re
zs|2xdv=4IY%&kr~JO)oJ_7PE$EmA3ioJ!=Lcugq5shj;5LZqj#K4y3;7GSE62FJa~
zGDui^W;kdDa;c>KGsECTCaCkT2l{kF0nX1(b@cWct(d^Q8dI<2OYleVjwtQ$PWFn`
z(ucH?xXxTXqylCUOvB~G-n8K2GPsJKd>95>%O}a-I{)d1q2IP;qsLhCC#Wf;7Aw?L
G|2JnWMsTzM