From 40e121be551f388190bb5dbf3b39328b57c98883 Mon Sep 17 00:00:00 2001 From: okxlin Date: Sun, 13 Oct 2024 17:10:36 +0800 Subject: [PATCH] =?UTF-8?q?feat:=E6=B7=BB=E5=8A=A0easytier=E5=88=B0?= =?UTF-8?q?=E5=88=97=E8=A1=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/easytier/2.0.2-config/.env.sample | 8 +++ apps/easytier/2.0.2-config/data.yml | 51 +++++++++++++ .../2.0.2-config/data/config-example.toml | 68 ++++++++++++++++++ apps/easytier/2.0.2-config/data/config.toml | 17 +++++ apps/easytier/2.0.2-config/docker-compose.yml | 20 ++++++ apps/easytier/2.0.2/.env.sample | 6 ++ apps/easytier/2.0.2/data.yml | 37 ++++++++++ apps/easytier/2.0.2/docker-compose.yml | 15 ++++ apps/easytier/README.md | 27 +++++++ apps/easytier/config-latest/.env.sample | 8 +++ apps/easytier/config-latest/data.yml | 51 +++++++++++++ .../config-latest/data/config-example.toml | 68 ++++++++++++++++++ apps/easytier/config-latest/data/config.toml | 17 +++++ .../easytier/config-latest/docker-compose.yml | 20 ++++++ apps/easytier/data.yml | 19 +++++ apps/easytier/latest/.env.sample | 6 ++ apps/easytier/latest/data.yml | 37 ++++++++++ apps/easytier/latest/docker-compose.yml | 15 ++++ apps/easytier/logo.png | Bin 0 -> 4768 bytes 19 files changed, 490 insertions(+) create mode 100644 apps/easytier/2.0.2-config/.env.sample create mode 100644 apps/easytier/2.0.2-config/data.yml create mode 100644 apps/easytier/2.0.2-config/data/config-example.toml create mode 100644 apps/easytier/2.0.2-config/data/config.toml create mode 100644 apps/easytier/2.0.2-config/docker-compose.yml create mode 100644 apps/easytier/2.0.2/.env.sample create mode 100644 apps/easytier/2.0.2/data.yml create mode 100644 apps/easytier/2.0.2/docker-compose.yml create mode 100644 apps/easytier/README.md create mode 100644 apps/easytier/config-latest/.env.sample create mode 100644 apps/easytier/config-latest/data.yml create mode 100644 apps/easytier/config-latest/data/config-example.toml create mode 100644 apps/easytier/config-latest/data/config.toml create mode 100644 apps/easytier/config-latest/docker-compose.yml create mode 100644 apps/easytier/data.yml create mode 100644 apps/easytier/latest/.env.sample create mode 100644 apps/easytier/latest/data.yml create mode 100644 apps/easytier/latest/docker-compose.yml create mode 100644 apps/easytier/logo.png diff --git a/apps/easytier/2.0.2-config/.env.sample b/apps/easytier/2.0.2-config/.env.sample new file mode 100644 index 00000000..fbe0f91d --- /dev/null +++ b/apps/easytier/2.0.2-config/.env.sample @@ -0,0 +1,8 @@ +COMMAND="-c /root/config.toml" +CONFIG_FILE_PATH="./data/config.toml" +CONFIG_FILE_PATH_INTERNAL="/root/config.toml" +CONTAINER_NAME="easytier" +DATA_PATH="./data/data" +HOSTNAME="easytier" +PRIVILEGED_MODE="true" +TIME_ZONE="Asia/Shanghai" diff --git a/apps/easytier/2.0.2-config/data.yml b/apps/easytier/2.0.2-config/data.yml new file mode 100644 index 00000000..f644b3e8 --- /dev/null +++ b/apps/easytier/2.0.2-config/data.yml @@ -0,0 +1,51 @@ +additionalProperties: + formFields: + - default: "./data/data" + edit: true + envKey: DATA_PATH + labelEn: Data Path + labelZh: 数据路径 + required: true + type: text + - default: "./data/config.toml" + disabled: true + envKey: CONFIG_FILE_PATH + labelEn: Configuration file path + labelZh: 配置文件路径 + required: true + type: text + - default: "/root/config.toml" + disabled: true + envKey: CONFIG_FILE_PATH_INTERNAL + labelEn: Configuration file path(inside container) + labelZh: 配置文件路径 (容器内部) + required: true + type: text + - default: "Asia/Shanghai" + edit: true + envKey: TIME_ZONE + labelEn: Time Zone + labelZh: 时区 + required: true + type: text + - default: "true" + disabled: true + envKey: PRIVILEGED_MODE + labelEn: Privilege mode switch + labelZh: 特权模式开关 + required: true + type: text + - default: "easytier" + edit: true + envKey: HOSTNAME + labelEn: Hostname + labelZh: 主机名 + required: true + type: text + - default: "-c /root/config.toml" + disabled: true + envKey: COMMAND + labelEn: Command + labelZh: 命令 + required: true + type: text \ No newline at end of file diff --git a/apps/easytier/2.0.2-config/data/config-example.toml b/apps/easytier/2.0.2-config/data/config-example.toml new file mode 100644 index 00000000..389dbfeb --- /dev/null +++ b/apps/easytier/2.0.2-config/data/config-example.toml @@ -0,0 +1,68 @@ +# 实例名称,用于在同一台机器上标识此 VPN 节点 +instance_name = "" +# 主机名,用于标识此设备的主机名 +hostname = "" +# 实例 ID,一般为 UUID,在同一个 VPN 网络中唯一 +instance_id = "" +# 此 VPN 节点的 IPv4 地址,如果为空,则此节点将仅转发数据包,不会创建 TUN 设备 +ipv4 = "" +# 由 Easytier 自动确定并设置IP地址,默认从10.0.0.1开始。警告:在使用 DHCP 时,如果网络中出现 IP 冲突,IP 将自动更改 +dhcp = false + +# 监听器列表,用于接受连接 +listeners = [ +"tcp://0.0.0.0:11010", +"udp://0.0.0.0:11010", +"wg://0.0.0.0:11011", +"ws://0.0.0.0:11011/", +"wss://0.0.0.0:11012/", +] + +# 退出节点列表 +exit_nodes = [ +] + +# 用于管理的 RPC 门户地址 +rpc_portal = "127.0.0.1:15888" + +[network_identity] +# 网络名称,用于标识 VPN 网络 +network_name = "" +# 网络密钥,用于验证此节点属于 VPN 网络 +network_secret = "" + +# 这里是对等连接节点配置,可以多段配置 +[[peer]] +uri = "" + +[[peer]] +uri = "" + +# 这里是子网代理节点配置,可以有多段配置 +[[proxy_network]] +cidr = "10.0.1.0/24" + +[[proxy_network]] +cidr = "10.0.2.0/24" + +[flags] +# 连接到对等节点使用的默认协议 +default_protocol = "tcp" +# TUN 设备名称,如果为空,则使用默认名称 +dev_name = "" +# 是否启用加密 +enable_encryption = true +# 是否启用 IPv6 支持 +enable_ipv6 = true +# TUN 设备的 MTU +mtu = 1380 +# 延迟优先模式,将尝试使用最低延迟路径转发流量,默认使用最短路径 +latency_first = false +# 将本节点配置为退出节点 +enable_exit_node = false +# 禁用 TUN 设备 +no_tun = false +# 为子网代理启用 smoltcp 堆栈 +use_smoltcp = false +# 仅转发白名单网络的流量,支持通配符字符串。多个网络名称间可以使用英文空格间隔。如果该参数为空,则禁用转发。默认允许所有网络。例如:'*'(所有网络),'def*'(以def为前缀的网络),'net1 net2'(只允许net1和net2) +foreign_network_whitelist = "*" \ No newline at end of file diff --git a/apps/easytier/2.0.2-config/data/config.toml b/apps/easytier/2.0.2-config/data/config.toml new file mode 100644 index 00000000..ed8de6dd --- /dev/null +++ b/apps/easytier/2.0.2-config/data/config.toml @@ -0,0 +1,17 @@ +instance_name = "default" +instance_id = "3d3db819-ad54-4d86-bf9a-faac864478ab" +dhcp = false +listeners = [ + "tcp://0.0.0.0:11010", + "udp://0.0.0.0:11010", + "wg://0.0.0.0:11011", + "ws://0.0.0.0:11011/", + "wss://0.0.0.0:11012/", +] +exit_nodes = [] +peer = [] +rpc_portal = "0.0.0.0:15889" + +[network_identity] +network_name = "default" +network_secret = "" diff --git a/apps/easytier/2.0.2-config/docker-compose.yml b/apps/easytier/2.0.2-config/docker-compose.yml new file mode 100644 index 00000000..86c23762 --- /dev/null +++ b/apps/easytier/2.0.2-config/docker-compose.yml @@ -0,0 +1,20 @@ +services: + easytier: + image: "easytier/easytier:v2.0.2" + container_name: ${CONTAINER_NAME} + restart: always + network_mode: host + privileged: ${PRIVILEGED_MODE} + hostname: ${HOSTNAME} + environment: + - TZ=${TIME_ZONE} + volumes: + - ${DATA_PATH}:/root + - ${CONFIG_FILE_PATH}:${CONFIG_FILE_PATH_INTERNAL} + command: ${COMMAND} + labels: + createdBy: "Apps" + +networks: + 1panel-network: + external: true diff --git a/apps/easytier/2.0.2/.env.sample b/apps/easytier/2.0.2/.env.sample new file mode 100644 index 00000000..2ad05e7c --- /dev/null +++ b/apps/easytier/2.0.2/.env.sample @@ -0,0 +1,6 @@ +COMMAND="-i 10.144.144.1 --network-name abc --network-secret abc -p tcp://public.easytier.top:11010" +CONTAINER_NAME="easytier" +DATA_PATH="./data/data" +HOSTNAME="easytier" +PRIVILEGED_MODE="true" +TIME_ZONE="Asia/Shanghai" diff --git a/apps/easytier/2.0.2/data.yml b/apps/easytier/2.0.2/data.yml new file mode 100644 index 00000000..5564b2d6 --- /dev/null +++ b/apps/easytier/2.0.2/data.yml @@ -0,0 +1,37 @@ +additionalProperties: + formFields: + - default: "./data" + edit: true + envKey: DATA_PATH + labelEn: Data Path + labelZh: 数据路径 + required: true + type: text + - default: "Asia/Shanghai" + edit: true + envKey: TIME_ZONE + labelEn: Time Zone + labelZh: 时区 + required: true + type: text + - default: "true" + disabled: true + envKey: PRIVILEGED_MODE + labelEn: Privilege mode switch + labelZh: 特权模式开关 + required: true + type: text + - default: "easytier" + edit: true + envKey: HOSTNAME + labelEn: Hostname + labelZh: 主机名 + required: true + type: text + - default: "-i --network-name <用户> --network-secret <密码> -e tcp://<服务器地址>:11010 -l <监听地址>" + edit: true + envKey: COMMAND + labelEn: Command (modified as required) + labelZh: 命令 (按需修改) + required: true + type: text \ No newline at end of file diff --git a/apps/easytier/2.0.2/docker-compose.yml b/apps/easytier/2.0.2/docker-compose.yml new file mode 100644 index 00000000..276872f1 --- /dev/null +++ b/apps/easytier/2.0.2/docker-compose.yml @@ -0,0 +1,15 @@ +services: + easytier: + image: "easytier/easytier:v2.0.2" + container_name: ${CONTAINER_NAME} + restart: always + network_mode: host + privileged: ${PRIVILEGED_MODE} + hostname: ${HOSTNAME} + environment: + - TZ=${TIME_ZONE} + volumes: + - ${DATA_PATH}:/root + command: ${COMMAND} + labels: + createdBy: "Apps" diff --git a/apps/easytier/README.md b/apps/easytier/README.md new file mode 100644 index 00000000..2143b1ca --- /dev/null +++ b/apps/easytier/README.md @@ -0,0 +1,27 @@ +# EasyTier + +## 使用说明 + +相关信息可通过容器日志与配置文件获取,注意参考官方文档来使用。 +*** +[简体中文](https://github.com/EasyTier/EasyTier/blob/main/README_CN.md) | [English](https://github.com/EasyTier/EasyTier/blob/main/README.md) + +**请访问 [EasyTier 官网](https://www.easytier.top/) 以查看完整的文档。** + +一个简单、安全、去中心化的内网穿透 VPN 组网方案,使用 Rust 语言和 Tokio 框架实现。 + + +## 特点 + +- **去中心化**:无需依赖中心化服务,节点平等且独立。 +- **安全**:支持利用 WireGuard 加密通信,也支持 AES-GCM 加密保护中转流量。 +- **高性能**:全链路零拷贝,性能与主流组网软件相当。 +- **跨平台**:支持 MacOS/Linux/Windows/Android,未来将支持 IOS。可执行文件静态链接,部署简单。 +- **无公网 IP 组网**:支持利用共享的公网节点组网,可参考 [配置指南](https://github.com/EasyTier/EasyTier/blob/main/README_CN.md#%E6%97%A0%E5%85%AC%E7%BD%91IP%E7%BB%84%E7%BD%91) +- **NAT 穿透**:支持基于 UDP 的 NAT 穿透,即使在复杂的网络环境下也能建立稳定的连接。 +- **子网代理(点对网)**:节点可以将可访问的网段作为代理暴露给 VPN 子网,允许其他节点通过该节点访问这些子网。 +- **智能路由**:根据流量智能选择链路,减少延迟,提高吞吐量。 +- **TCP 支持**:在 UDP 受限的情况下,通过并发 TCP 链接提供可靠的数据传输,优化性能。 +- **高可用性**:支持多路径和在检测到高丢包率或网络错误时切换到健康路径。 +- **IPV6 支持**:支持利用 IPV6 组网。 +- **多协议类型**: 支持使用 WebSocket、QUIC 等协议进行节点间通信。 diff --git a/apps/easytier/config-latest/.env.sample b/apps/easytier/config-latest/.env.sample new file mode 100644 index 00000000..fbe0f91d --- /dev/null +++ b/apps/easytier/config-latest/.env.sample @@ -0,0 +1,8 @@ +COMMAND="-c /root/config.toml" +CONFIG_FILE_PATH="./data/config.toml" +CONFIG_FILE_PATH_INTERNAL="/root/config.toml" +CONTAINER_NAME="easytier" +DATA_PATH="./data/data" +HOSTNAME="easytier" +PRIVILEGED_MODE="true" +TIME_ZONE="Asia/Shanghai" diff --git a/apps/easytier/config-latest/data.yml b/apps/easytier/config-latest/data.yml new file mode 100644 index 00000000..f644b3e8 --- /dev/null +++ b/apps/easytier/config-latest/data.yml @@ -0,0 +1,51 @@ +additionalProperties: + formFields: + - default: "./data/data" + edit: true + envKey: DATA_PATH + labelEn: Data Path + labelZh: 数据路径 + required: true + type: text + - default: "./data/config.toml" + disabled: true + envKey: CONFIG_FILE_PATH + labelEn: Configuration file path + labelZh: 配置文件路径 + required: true + type: text + - default: "/root/config.toml" + disabled: true + envKey: CONFIG_FILE_PATH_INTERNAL + labelEn: Configuration file path(inside container) + labelZh: 配置文件路径 (容器内部) + required: true + type: text + - default: "Asia/Shanghai" + edit: true + envKey: TIME_ZONE + labelEn: Time Zone + labelZh: 时区 + required: true + type: text + - default: "true" + disabled: true + envKey: PRIVILEGED_MODE + labelEn: Privilege mode switch + labelZh: 特权模式开关 + required: true + type: text + - default: "easytier" + edit: true + envKey: HOSTNAME + labelEn: Hostname + labelZh: 主机名 + required: true + type: text + - default: "-c /root/config.toml" + disabled: true + envKey: COMMAND + labelEn: Command + labelZh: 命令 + required: true + type: text \ No newline at end of file diff --git a/apps/easytier/config-latest/data/config-example.toml b/apps/easytier/config-latest/data/config-example.toml new file mode 100644 index 00000000..389dbfeb --- /dev/null +++ b/apps/easytier/config-latest/data/config-example.toml @@ -0,0 +1,68 @@ +# 实例名称,用于在同一台机器上标识此 VPN 节点 +instance_name = "" +# 主机名,用于标识此设备的主机名 +hostname = "" +# 实例 ID,一般为 UUID,在同一个 VPN 网络中唯一 +instance_id = "" +# 此 VPN 节点的 IPv4 地址,如果为空,则此节点将仅转发数据包,不会创建 TUN 设备 +ipv4 = "" +# 由 Easytier 自动确定并设置IP地址,默认从10.0.0.1开始。警告:在使用 DHCP 时,如果网络中出现 IP 冲突,IP 将自动更改 +dhcp = false + +# 监听器列表,用于接受连接 +listeners = [ +"tcp://0.0.0.0:11010", +"udp://0.0.0.0:11010", +"wg://0.0.0.0:11011", +"ws://0.0.0.0:11011/", +"wss://0.0.0.0:11012/", +] + +# 退出节点列表 +exit_nodes = [ +] + +# 用于管理的 RPC 门户地址 +rpc_portal = "127.0.0.1:15888" + +[network_identity] +# 网络名称,用于标识 VPN 网络 +network_name = "" +# 网络密钥,用于验证此节点属于 VPN 网络 +network_secret = "" + +# 这里是对等连接节点配置,可以多段配置 +[[peer]] +uri = "" + +[[peer]] +uri = "" + +# 这里是子网代理节点配置,可以有多段配置 +[[proxy_network]] +cidr = "10.0.1.0/24" + +[[proxy_network]] +cidr = "10.0.2.0/24" + +[flags] +# 连接到对等节点使用的默认协议 +default_protocol = "tcp" +# TUN 设备名称,如果为空,则使用默认名称 +dev_name = "" +# 是否启用加密 +enable_encryption = true +# 是否启用 IPv6 支持 +enable_ipv6 = true +# TUN 设备的 MTU +mtu = 1380 +# 延迟优先模式,将尝试使用最低延迟路径转发流量,默认使用最短路径 +latency_first = false +# 将本节点配置为退出节点 +enable_exit_node = false +# 禁用 TUN 设备 +no_tun = false +# 为子网代理启用 smoltcp 堆栈 +use_smoltcp = false +# 仅转发白名单网络的流量,支持通配符字符串。多个网络名称间可以使用英文空格间隔。如果该参数为空,则禁用转发。默认允许所有网络。例如:'*'(所有网络),'def*'(以def为前缀的网络),'net1 net2'(只允许net1和net2) +foreign_network_whitelist = "*" \ No newline at end of file diff --git a/apps/easytier/config-latest/data/config.toml b/apps/easytier/config-latest/data/config.toml new file mode 100644 index 00000000..ed8de6dd --- /dev/null +++ b/apps/easytier/config-latest/data/config.toml @@ -0,0 +1,17 @@ +instance_name = "default" +instance_id = "3d3db819-ad54-4d86-bf9a-faac864478ab" +dhcp = false +listeners = [ + "tcp://0.0.0.0:11010", + "udp://0.0.0.0:11010", + "wg://0.0.0.0:11011", + "ws://0.0.0.0:11011/", + "wss://0.0.0.0:11012/", +] +exit_nodes = [] +peer = [] +rpc_portal = "0.0.0.0:15889" + +[network_identity] +network_name = "default" +network_secret = "" diff --git a/apps/easytier/config-latest/docker-compose.yml b/apps/easytier/config-latest/docker-compose.yml new file mode 100644 index 00000000..acfb4cb5 --- /dev/null +++ b/apps/easytier/config-latest/docker-compose.yml @@ -0,0 +1,20 @@ +services: + easytier: + image: "easytier/easytier:latest" + container_name: ${CONTAINER_NAME} + restart: always + network_mode: host + privileged: ${PRIVILEGED_MODE} + hostname: ${HOSTNAME} + environment: + - TZ=${TIME_ZONE} + volumes: + - ${DATA_PATH}:/root + - ${CONFIG_FILE_PATH}:${CONFIG_FILE_PATH_INTERNAL} + command: ${COMMAND} + labels: + createdBy: "Apps" + +networks: + 1panel-network: + external: true diff --git a/apps/easytier/data.yml b/apps/easytier/data.yml new file mode 100644 index 00000000..0bcb71c0 --- /dev/null +++ b/apps/easytier/data.yml @@ -0,0 +1,19 @@ +name: EasyTier +tags: + - 实用工具 +title: 一个简单、安全、去中心化的内网穿透 VPN 组网方案 +description: 一个简单、安全、去中心化的内网穿透 VPN 组网方案 +additionalProperties: + key: easytier + name: EasyTier + tags: + - Tool + shortDescZh: 一个简单、安全、去中心化的内网穿透 VPN 组网方案 + shortDescEn: A simple, safe and decentralized VPN networking solution + type: tool + crossVersionUpdate: true + limit: 1 + recommend: 0 + website: https://www.easytier.top + github: https://github.com/EasyTier/EasyTier + document: https://www.easytier.top diff --git a/apps/easytier/latest/.env.sample b/apps/easytier/latest/.env.sample new file mode 100644 index 00000000..2ad05e7c --- /dev/null +++ b/apps/easytier/latest/.env.sample @@ -0,0 +1,6 @@ +COMMAND="-i 10.144.144.1 --network-name abc --network-secret abc -p tcp://public.easytier.top:11010" +CONTAINER_NAME="easytier" +DATA_PATH="./data/data" +HOSTNAME="easytier" +PRIVILEGED_MODE="true" +TIME_ZONE="Asia/Shanghai" diff --git a/apps/easytier/latest/data.yml b/apps/easytier/latest/data.yml new file mode 100644 index 00000000..5564b2d6 --- /dev/null +++ b/apps/easytier/latest/data.yml @@ -0,0 +1,37 @@ +additionalProperties: + formFields: + - default: "./data" + edit: true + envKey: DATA_PATH + labelEn: Data Path + labelZh: 数据路径 + required: true + type: text + - default: "Asia/Shanghai" + edit: true + envKey: TIME_ZONE + labelEn: Time Zone + labelZh: 时区 + required: true + type: text + - default: "true" + disabled: true + envKey: PRIVILEGED_MODE + labelEn: Privilege mode switch + labelZh: 特权模式开关 + required: true + type: text + - default: "easytier" + edit: true + envKey: HOSTNAME + labelEn: Hostname + labelZh: 主机名 + required: true + type: text + - default: "-i --network-name <用户> --network-secret <密码> -e tcp://<服务器地址>:11010 -l <监听地址>" + edit: true + envKey: COMMAND + labelEn: Command (modified as required) + labelZh: 命令 (按需修改) + required: true + type: text \ No newline at end of file diff --git a/apps/easytier/latest/docker-compose.yml b/apps/easytier/latest/docker-compose.yml new file mode 100644 index 00000000..92c52d2d --- /dev/null +++ b/apps/easytier/latest/docker-compose.yml @@ -0,0 +1,15 @@ +services: + easytier: + image: "easytier/easytier:latest" + container_name: ${CONTAINER_NAME} + restart: always + network_mode: host + privileged: ${PRIVILEGED_MODE} + hostname: ${HOSTNAME} + environment: + - TZ=${TIME_ZONE} + volumes: + - ${DATA_PATH}:/root + command: ${COMMAND} + labels: + createdBy: "Apps" diff --git a/apps/easytier/logo.png b/apps/easytier/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..9cec3e62d1817bf3fe702d0d21ccdd15beb049a2 GIT binary patch literal 4768 zcmV;R5?}3!P)jbaz0;>2SrtTwn z)H1E<6|nIfMA{#)@DVcPBd_i=ZPq7b*aVQ=DY5Pzci0(h))HveB68OhgW4TK;2AyS zBR=37iQ5q&-xx{y0kHG{i`f8%*aIc!0CLy^Eam`g*8zFh0f5*89p?dM*a14?0yE?Q zUfBUw+5te|0Z!ZiklO)A-Ud4LYx6xd0000XbW%=J06iXX(G4#H{Qi$>R_ar^=A=Y? z`hl*|>X+iP&Xvja=Uoc^!vFvgdPzhopiyCwmZ88QH4lWH^WzlzO}Do-^o zG86ad{=WP0SY^N~LR^j|cbF5!i)YpDKR~n|<@)eG9$JHHC+u z!M(djZt_vB>;D~WjK3;H*7n7F0(&%S-TxJ9>-Z}UIQp6XNJQ%RJ1-r7g6vVfkXn=--}4@RcYp{Upn^i)nATC8hV}rzHarg_a`X!ksrx_IxPlM+F#3gvG&5M>cwqMA;7NGo$09Nxf1&#u zU__37Dk4K8{z@KE^^rdlk@(%p!Q2=I?ERTIBJDYEaNFMRU@fW&ahekhyO0>SIkHl}1BiAzV2ZyQH9xeZ5_zYc% zeandC@mDK~KRA5!n!dKJu;H`6yl0*)dRHEkw~9y{3XAb)Haj83CQZ}n%k_>C-e~v% z&3tkwBJy^9BzIlyT>SaN4K~I-yetyDE`I;`m?HKtXR+J$ku?5ltsHU~cQ&%6>HF}4 zNbK?UD?^?FHDiB|3nTId^GF?kF#gPm(`LwPXcD{AICC_#5#z-s#O~y*eTzPl51B=K zsASC?y{^~$^_oy`rqjZRL>n>IbSfL?evJwv@(cYfpNh(q5oD1oFARCV-V1JNl4+WY zNHlY2I%Ux+vAIj$vk|H1k>&bGI%VZwRwn)!EpL)~t-L*~!QFC)khZIJnTG_ElBxJ~3%Z4!gZFpeF?0S;e`<&XK9Bt7n zVyFC)rW@4yBPC*=k4TF|VszR0lo7@UY$rucxJ4%EFpttN6l35&z((Ya^fgV{@41Nd zL`06R4z@3*49Eh5gKivqZ^+HC3p#VmHbQKG-b}gHDgp9#E+R)FkrZ27r;J)r%82^A z!*0i}5?P6@vCj;fLc`iRiI~nVib!+%dwG>BGiJeq3S>cjAP$k_nRv>)yRx?6)>2O| zL}Ykrfrb70a6V;JlHGPEo2E9beRklX?FH6GJC+{g~0N zwp#<7aI@=S&~Te(sLm!OLy>7-?QBF!H#Fs=@T;jjhD~Fzg0@|)B(pF#;f~$sp`x?N zV}H=3UC>7&X3N(?k7_}NStGBA+NMjAax;FML@;bUVpU>O>~~{C!0z2aFm}ZenWIM! zUTDVOYBgW21UK~vQp1nkOYoIdQ|N5cG&QkJXY+_8FM0w;@D;59(qM%q6F-@+=InBg z8^8zcFU^@nXG2Ufofbsoi@|jVyGZWXozQF6YokZ{w_q@z8_ap^K^%T@;SDwc#Q)`} z4O@dpjDaqAqKnYoI=?5Gqq%H~d&`ZD*l?5FV);sRHp(T1S%d{7^@q?m^d9OYlK}H< zPO(>1Zn)X@f*UOqiq0k#*g6(7)H*ja)GFSi&@8bGW~@nMCH7WYWYv#uwoN1W~qG&9FcG~y7#oZS920}lU`vlTWC z$yZM+U02X`1>Ku1xYRQ<91*>tytW9k#q-K|n zFQMxNN&~c@p7RT~Qf3ZIbvAS|BdmQDdcmQ!*sKkrpW7=Cb*7XWJpK7$1HF*ZIOpV1 zxzqMRDeN}w&v_(TDZL=RW^ECaT9l7gl`@uU(_rM}pSDVC>_sVP&+D&}ve2g1AJ^@% zTo8xwo1oOeS!Yx!5sYnP5P~{?+CodM7iE?1L#JO3IS=c%~v+H0rg(mP^X+2d=_OlUQvO-ewM(~iLXX#>5? za4!Sb1IJ_-?j|)?nre+J@0Rvp%mRDqth6uIO>i8ZxIz=H}r#0^?d zlYDKVv|*5?8?+D_TH^I)&Qf!w*905EuPZ$TKM>5%p%=)>eBuU8x9M!`>@gwO z3rA=obmaM7BB<@9=FoyV-NMIdIyc2JrL%}3!qJc}k5GJB5DN^9W|3#ARQ*-rN>AME;Sc!Ca?wzyN&0d%&;i=qRk_)GT0#@Ct)Yd`jQd%iDr?Kt zSGzZ1FHn0bHTN~>$(S;O-1bU?(AXj+bm+aIJ!Y0tbLhQkkj=&tT4PTpwjwoV0=iF{ zI$37*E(pEX`&ZYt&|{O@-W~%zt(?&YN?S@zl-6p0UWZmvyD5!AFZ1h{l6z()wNQG$ zHdBa&J;sC@nx#GZdSaf@zmS#*^NUflaXk6PsBl6e< z+VlE+mLnE0-3@QG>|_tGuU1QzNgz)m;z_Znr?LB1(43k|Z3Rua$Je1zXx^UVY#AJzcJ-7=u1O8h zC#Ce>4ch2qER^mG}@z};5-Wx;i1?SI)V@x(7Ci@mjpNu*K_~)SX*iPxtYv!z6 ze0u+`N9G5Ypiic+EtEc*=CDvYiG7RBAegz6o|V$Hgl2zL>9L{o*a{lIe5)}PnA^hB zT4|y7Rp_Gz78je&#bI}Z6|~fv*W%ejb5DtMB`6G>vFc!IeUaT=wl{(G=J>B#9@aSp0E_f;68Q2t4aej1^?Il zp^aCt6Y`K_J{3Vf(S3Pn4^wM)x!LC9E7`C?%J4MysSuhdeMF^?V-tHkNq%56Vf1=X zC00hohwZVP@&zp)Dot8qm6s zAvnrr_?kO}S$lcY^oRA1W>FX^z&r6DiGtJB7Ze)40`2OfnXTor!p+hjmW=3Xwp>N5 zD0kFPf1rg7by}SBAgFV;R@}Eqe=s9RRGm_`+>y5(GAluKaSphfmO+IN$0FjuM zJ^hJFSY2L43u5^dosy6Pg|aj*^zImR&DgYaf6OPo%(~OE_vQblE9lF*!Btjk(aW$) z!y_Jmf-_M^6t)<(S=tx89gC9)T?THHPk-o)e7U1pTFQ|7fr0g?swhPfWyLH=Z2Z&M zMM?wpb4ibcyhd|NYuRLFDWx7X%yPsg6kK;@-wl=fRr3j+&zvo>Gjkce;9j=C0ctdh zs|I&E`MffJ^nwOuXT zH%s`s5IC!s)k8}OC?#$@LwAdk>T|y zT%l*ANc0R-u=f@AIg(!QPXTf;&F=4{MIZkT;7u^I7mZkLG`l^Ua;I}UFh#;MUo@HZ z@S4@e1!oOc7NLp`O(SL>FQ6tEp*@+q%tyUH|^d<9*r?r2wNffYi&}1&)zq<}R-se=Kr>in zr06QWT$p6cJoPosQgPlcAv={967SdKRu?ZXlCBNMsb62LIny}z1@+H1JQA|G<49>9 za0*)E7+H)>5(NY`zmA)n#0@^>He^B&T)C<|QS= zfuj2m;&w&%3AC3Jl9P07>(^&gZQ>cE$MK6Vwl3?Gl2M1$*Fj87r;HpVWQ7Fd(XDk$ zKiakbiTQz7QQ%_3KdibDy9_27!|9_A5iOaZAS5!QV{+8VrupDThih$&wQJrb8F?^B zDTBSHB4B6883c7qr;u%L%; zN#vWF(Ln7Psl9v~`l}#qmEvUd9#6kxJot93d70XWJE6prr{2V|p30`EomF1v9}Aay z!qE(&kkn(u%M|gKm)fsO0mfuC>9~>52XC4XM^4$B<@EQeY=eI7TjsXRFZY-;lEcwW z21gM;(oJgi(x2MPD~8axE%Uy*+w2@R*s01L_cKBM%NCN1gWO%?FP_>RM|W5-U3p|3 zJt7?3Re#KVV$%?OaT^U2ly@?TbJuRF=sw+!lfSVR(Men9;7r1scDERsx~X3VM_ zS`i-qNHSSG(PUVY+RgEIX{

!}0k@$uIak@e=yjlY=N3BnWaKW~gk*dW)%cD3KH zwneSf(5a7)G8=QG9&G%o^pIm^L|i@bbY{D?PdIy50b`l(y!p* u)zeQLhv-{v{-Yu3Xm({aFaH6