Commit 62ab06ce authored by Benguria Elguezabal, Gorka's avatar Benguria Elguezabal, Gorka
Browse files

adds updates

parent 4597e794
Pipeline #37251 failed with stages
# Reference documentation
# https://docs.docker.com/compose/environment-variables/
DOCKER_REGISTRY_PREFIX=optima-urbanite-docker.artifact.tecnalia.com/
# https://docs.docker.com/compose/reference/envvars/#compose_file#compose_project_name
COMPOSE_PROJECT_NAME=urbanite-develop
# variables for urbanite.dc
URBANITE_VERSION=latest
SERVER_HOST=urbanite.tri.dev
CERTIFICATE_SIGNING_KEY_PASSPHRASE=
ACME_CONFIG=
ADD_DEFAULT_CA=true
HTTPS_PORT=8443
\ No newline at end of file
stages:
- build
- deploy
- tests
- stop
- debug
variables:
GIT_SUBMODULE_STRATEGY: normal
before_script:
- whoami
# Example on how to run a command for debug purposes
# debug_docker_info:
# stage: debug
# tags:
# - urbanite-vagrant
# script:
# - docker info
# only:
# - develop
# when: manual
.common_variables:
variables:
SMTP_USER_EMAIL: urbanite@esilab.org
.any_branch:
extends:
- .common_variables
variables:
# these variables take precedence over .env
# CERTIFICATE_SIGNING_KEY_PASSPHRASE defined in variables at settings/ci_cd
# SERVER_HOST defined in variables at settings/ci_cd
# HTTPS_PORT: 8443 default in .env
COMPOSE_FILE: "docker-compose.yaml"
COMPOSE_PROJECT_NAME: urbanite-any-branch
URBANITE_VERSION: test
except:
- master
- develop
tags:
- urbanite
- docker
- docker-compose
- any-branch
.develop:
extends:
- .common_variables
variables:
# these variables take precedence over .env
# CERTIFICATE_SIGNING_KEY_PASSPHRASE defined in variables at settings/ci_cd
# SERVER_HOST defined in variables at settings/ci_cd
# HTTPS_PORT: 8443 default in .env
COMPOSE_FILE: "docker-compose.yaml:docker-compose-expose.yaml:docker-compose-dev.yaml"
# COMPOSE_PROJECT_NAME: urbanite-develop default in .env
URBANITE_VERSION: develop
only:
- develop
tags:
- urbanite
- docker
- docker-compose
- develop
.master:
extends:
- .common_variables
variables:
# these variables take precedence over .env
# CERTIFICATE_SIGNING_KEY_PASSPHRASE defined in variables at settings/ci_cd
# SERVER_HOST defined in variables at settings/ci_cd
HTTPS_PORT: 443
COMPOSE_FILE: docker-compose.yaml:docker-compose-expose.yaml:docker-compose-redirect-http.yaml
COMPOSE_PROJECT_NAME: urbanite-master
URBANITE_VERSION: master
only:
- master
tags:
- urbanite
- docker
- docker-compose
- master
.build:
script:
- docker-compose build --parallel
.deploy:
script:
- echo "Deploy to the environment"
- docker-compose up -d
.stop:
variables:
GIT_STRATEGY: none
script:
- echo "Stops the environment"
- docker-compose down --remove-orphans
.tests:
script:
- echo "Validating environment"
- export COMPOSE_FILE=$COMPOSE_FILE:docker-compose-tests.yaml
- docker-compose build
- docker-compose run newman.test
build_any_branch:
stage: build
extends:
- .any_branch
- .build
deploy_any_branch:
stage: deploy
extends:
- .any_branch
- .deploy
tests_any_branch:
stage: tests
extends:
- .any_branch
- .tests
stop_any_branch:
variables:
COMPOSE_FILE: "docker-compose.yaml:docker-compose-tests.yaml"
stage: stop
extends:
- .any_branch
- .stop
build_develop:
stage: build
extends:
- .develop
- .build
deploy_develop:
stage: deploy
extends:
- .develop
- .deploy
environment:
name: develop
url: https://$SERVER_HOST:8443/ui
on_stop: stop_develop
tests_develop:
stage: tests
extends:
- .develop
- .tests
stop_develop:
variables:
COMPOSE_FILE: "docker-compose.yaml:docker-compose-expose.yaml:docker-compose-dev.yaml:docker-compose-tests.yaml"
stage: stop
extends:
- .develop
- .stop
environment:
name: develop
action: stop
when: manual
build_master:
stage: build
extends:
- .master
- .build
deploy_master:
stage: deploy
extends:
- .master
- .deploy
environment:
name: master
url: https://$SERVER_HOST/ui
on_stop: stop_master
stop_master:
stage: stop
extends:
- .master
- .stop
environment:
name: master
action: stop
when: manual
#Master
<pre>
cd /home/vagrant/urbanite-master/urbanite-deploy
export CERTIFICATE_SIGNING_KEY_PASSPHRASE=<%= getSecretApiKey('CA') %>
echo CERTIFICATE_SIGNING_KEY_PASSPHRASE=$CERTIFICATE_SIGNING_KEY_PASSPHRASE
echo COMPOSE_FILE is a docker-compose related environment variable
export COMPOSE_FILE=docker-compose.yaml:docker-compose-expose.yaml
echo COMPOSE_FILE=$COMPOSE_FILE
export COMPOSE_PROJECT_NAME=urbanite-master
echo COMPOSE_PROJECT_NAME=$COMPOSE_PROJECT_NAME
export HTTP_PORT=80
echo HTTP_PORT=$HTTP_PORT
export HTTPS_PORT=443
echo HTTPS_PORT=$HTTPS_PORT
docker-compose up --build -d
</pre>
#Development
<pre>
export CERTIFICATE_SIGNING_KEY_PASSPHRASE=<%= getSecretApiKey('CA') %>
echo CERTIFICATE_SIGNING_KEY_PASSPHRASE=$CERTIFICATE_SIGNING_KEY_PASSPHRASE
echo COMPOSE_FILE is a docker-compose related environment variable
export COMPOSE_FILE=docker-compose.yaml:docker-compose-expose.yaml:docker-compose-dev.yaml
echo COMPOSE_FILE=$COMPOSE_FILE
SERVER_HOST=ktc.tri.lan
# echo SERVER_HOST=$SERVER_HOST
# export COMPOSE_PROJECT_NAME=urbanite-develop default in .env
# echo COMPOSE_PROJECT_NAME=$COMPOSE_PROJECT_NAME
# export HTTP_PORT=8080 default in .env
# echo HTTP_PORT=$HTTP_PORT
# export HTTPS_PORT=8443 default in .env
# echo HTTPS_PORT=$HTTPS_PORT
docker-compose up --build -d
echo "Validating environment"
export COMPOSE_FILE=$COMPOSE_FILE:docker-compose-tests.yaml
docker-compose build
docker-compose run newman.test
</pre>
#test
<pre>
cd /home/vagrant/urbanite-development/urbanite-deploy
export CERTIFICATE_SIGNING_KEY_PASSPHRASE=<%= getSecretApiKey('CA') %>
echo CERTIFICATE_SIGNING_KEY_PASSPHRASE=$CERTIFICATE_SIGNING_KEY_PASSPHRASE
echo COMPOSE_FILE is a docker-compose related environment variable
export COMPOSE_FILE=docker-compose.yaml
echo COMPOSE_FILE=$COMPOSE_FILE
export COMPOSE_PROJECT_NAME=urbanite-branch-test
echo COMPOSE_PROJECT_NAME=$COMPOSE_PROJECT_NAME
# export HTTP_PORT=8080 default in .env
# echo HTTP_PORT=$HTTP_PORT
# export HTTPS_PORT=8443 default in .env
# echo HTTPS_PORT=$HTTPS_PORT
docker-compose up --build -d
echo "Validating environment"
export COMPOSE_FILE=$COMPOSE_FILE:docker-compose-tests.yaml
docker-compose build
docker-compose run newman.test
docker-compose down --remove-orphans
</pre>
\ No newline at end of file
version: "2.4"
services:
## Common structure
traefik:
restart: always
labels:
# Redirects API
- "traefik.http.routers.api-catchall.rule=Host(`${SERVER_HOST:?err}`) && PathPrefix(`/api`)"
- "traefik.http.routers.api-catchall.service=api@internal"
- "traefik.http.routers.api-catchall.entrypoints=websecure"
# - "traefik.http.routers.api-catchall.tls=true" now in static configuration as default for websecure
# Redirects Dashboard
- "traefik.enable=true"
- "traefik.http.routers.dashboard-catchall.rule=Host(`${SERVER_HOST:?err}`) && PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard-catchall.service=dashboard@internal"
- "traefik.http.routers.dashboard-catchall.entrypoints=websecure"
# - "traefik.http.routers.dashboard-catchall.tls=true" now in static configuration as default for websecure
- "traefik.http.routers.dashboard-catchall.middlewares=dashboard-redirectregex,dashboard-stripprefix"
- "traefik.http.services.dashboard-catchall.loadbalancer.server.port=8080"
- "traefik.http.middlewares.dashboard-redirectregex.redirectregex.regex=^(.*)/dashboard$$"
- "traefik.http.middlewares.dashboard-redirectregex.redirectregex.replacement=$$1/dashboard/"
- "traefik.http.middlewares.dashboard-stripprefix.stripprefix.prefixes=/dashboard/"
ports:
- 8080:8080
portainer:
depends_on:
- traefik
image: ${DOCKER_REGISTRY_PREFIX}urbanite/portainer:${URBANITE_VERSION:?err}
restart: always
build:
context: services/portainer
dockerfile: Dockerfile
environment:
- ADMIN_PASS=password
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
init: true
ports:
- 9000:9000
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.rule=Host(`${SERVER_HOST:?err}`) && PathPrefix(`/portainer`)"
- "traefik.http.routers.portainer.entrypoints=websecure"
# - "traefik.http.routers.portainer.tls=true" now in static configuration as default for websecure
- "traefik.http.routers.portainer.middlewares=portainer-redirectregex,portainer-stripprefix"
- "traefik.http.middlewares.portainer-redirectregex.redirectregex.regex=^(.*)/portainer$$"
- "traefik.http.middlewares.portainer-redirectregex.redirectregex.replacement=$$1/portainer/"
- "traefik.http.middlewares.portainer-stripprefix.stripprefix.prefixes=/portainer/"
frontend:
restart: always
ports:
- 10080:80
networks:
# https://github.com/docker/compose/issues/4336
default:
driver: bridge
ipam:
driver: default
version: "2.4"
services:
## Common structure
traefik:
ports:
- ${HTTPS_PORT:?err}:${HTTPS_PORT:?err}
version: "2.4"
services:
traefik:
labels:
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.routers.http-catchall.service=api@internal"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.port=${HTTPS_PORT:?err}"
ports:
- 80:80
version: "2.4"
services:
newman.test:
depends_on:
- traefik
- frontend
build: tests/newman
environment:
- ENVIRONMENT=docker
- SERVER_HOST=${SERVER_HOST}
- HTTPS_PORT=${HTTPS_PORT:?err}
version: "2.4"
services:
## Common structure
traefik:
hostname: ${SERVER_HOST}
environment:
- CERTIFICATE_DOMAIN=${SERVER_HOST}
- CERTIFICATE_SIGNING_KEY_PASSPHRASE=${CERTIFICATE_SIGNING_KEY_PASSPHRASE:?err}
- ENABLE_CA=true
- ADD_DEFAULT_CA=${ADD_DEFAULT_CA}
networks:
default:
aliases:
- ${SERVER_HOST}
image: ${DOCKER_REGISTRY_PREFIX}urbanite/traefik:${URBANITE_VERSION:?err}
build:
context: services/traefik
dockerfile: Dockerfile
command:
--configFile=/etc/traefik/${COMPOSE_PROJECT_NAME}${ACME_CONFIG}.yml
volumes:
- traefik_data:/etc/traefik/acme
- /var/run/docker.sock:/var/run/docker.sock
frontend:
depends_on:
- traefik
image: ${DOCKER_REGISTRY_PREFIX}urbanite/frontend:${URBANITE_VERSION:?err}
build:
context: git/urbanite-ui
dockerfile: Dockerfile
labels:
- "traefik.enable=true"
- "traefik.http.routers.frontend.rule=Host(`${SERVER_HOST:?err}`) && PathPrefix(`/ui`)"
- "traefik.http.routers.frontend.entrypoints=websecure"
networks:
# https://github.com/docker/compose/issues/4336
default:
driver: bridge
ipam:
driver: default
volumes:
traefik_data:
FROM httpd:2.4
RUN mkdir /usr/local/apache2/htdocs/ui
COPY ./public-html/ /usr/local/apache2/htdocs/ui
# Urbanite test repo
<!-- https://bootsnipp.com/snippets/dldxB -->
<link href="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
<script src="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<!------ Include the above in your HEAD tag ---------->
<div class="wrapper fadeInDown">
<div id="formContent">
<!-- Tabs Titles -->
<!-- Icon -->
<div class="fadeIn first" style="padding-top:10px;padding-bottom:10px">
<img src="https://www.flaticon.com/svg/static/icons/svg/220/220163.svg" id="icon" alt="User Icon" width="100" height="100" />
</div>
<!-- Login Form -->
<form>
<input type="text" id="login" class="fadeIn second" name="login" placeholder="login">
<input type="text" id="password" class="fadeIn third" name="login" placeholder="password">
<input type="submit" class="fadeIn fourth" value="Log In">
</form>
<!-- Remind Passowrd -->
<div id="formFooter">
<a class="underlineHover" href="#">Forgot Password?</a>
</div>
</div>
</div>
\ No newline at end of file
# I take a official mono image https://hub.docker.com/r/grafana/grafana/
FROM alpine:3.10.1
#FROM portainer/portainer:1.21.0
ENV PORTAINER_VERSION=1.21.0 \
PORTAINER_HOME=/var/lib/portainer
RUN mkdir ${PORTAINER_HOME} && \
addgroup -S portainer && \
adduser -S -D -g "" -G portainer -s /bin/sh -h ${PORTAINER_HOME} portainer && \
chown portainer:portainer ${PORTAINER_HOME}
RUN apk --no-cache add curl su-exec tzdata
RUN curl -sSL https://github.com/portainer/portainer/releases/download/${PORTAINER_VERSION}/portainer-${PORTAINER_VERSION}-linux-amd64.tar.gz | tar -xzo -C /usr/local
COPY entrypoint.sh /
RUN chmod 750 /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD []
EXPOSE 9000
VOLUME ["/var/lib/portainer"]
#!/bin/sh
#process variables
# if [[ ! -z "$ADMIN_PASS" ]]
# then
# crypt_admin_pass=$(htpasswd -nb -B admin $ADMIN_PASS | cut -d ":" -f 2)
# echo "encrypt pass $crypt_admin_pass"
# fi
PORTAINER_OPTIONS="-H unix:///var/run/docker.sock"
if [[ ! -z "$ADMIN_PASS" ]]
then
echo -n $ADMIN_PASS > /portainer_password
PORTAINER_OPTIONS="$PORTAINER_OPTIONS --admin-password-file /portainer_password "
echo "PORTAINER_OPTIONS $PORTAINER_OPTIONS"
fi
if [[ ! -z "$crypt_admin_pass" ]]
then
PORTAINER_OPTIONS="$PORTAINER_OPTIONS --admin-password='$crypt_admin_pass'"
echo "PORTAINER_OPTIONS $PORTAINER_OPTIONS"
fi
chmod 777 /var/run/docker.sock
cd /usr/local/portainer || exit 1
su-exec portainer:portainer /usr/local/portainer/portainer -d "${PORTAINER_HOME}" --template-file=./templates.json \
${PORTAINER_OPTIONS}
FROM traefik:v2.3
RUN apk add --no-cache openssl gawk
COPY ca /ca
COPY createCertificate.sh .
COPY templates /templates
COPY entrypoint.sh .
RUN chmod 777 /createCertificate.sh
RUN chmod 777 /entrypoint.sh
# COPY dynamic /dynamic
RUN mkdir /dynamic || true
COPY etc/traefik /etc/traefik
-----BEGIN CERTIFICATE-----
MIIF0jCCA7qgAwIBAgIBADANBgkqhkiG9w0BAQ0FADB6MQswCQYDVQQGEwJFUzEQ
MA4GA1UECAwHQml6a2FpYTEPMA0GA1UEBwwGQmlsYmFvMREwDwYDVQQKDAhUZWNu
YWxpYTEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDEdMBsGA1UEAwwUQ0Egc2VydmVy
IGVzaWxhYi5vcmcwHhcNMjAwNTE5MTM1MzE3WhcNMzAwNTE3MTM1MzE3WjB6MQsw
CQYDVQQGEwJFUzEQMA4GA1UECAwHQml6a2FpYTEPMA0GA1UEBwwGQmlsYmFvMREw
DwYDVQQKDAhUZWNuYWxpYTEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDEdMBsGA1UE
AwwUQ0Egc2VydmVyIGVzaWxhYi5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQCe+RqfKLtMeecByIZCr3Cbc4IdIKNR5aznDr3HuExoU7siTQXTP2/J
Tej+b0Y8Oh5w11UfNZyysZ9qRsnHGt44Tkxnq7BpDIjPe40JfKlVvNszmgtmPxH1
J8OoUaA3w9KHxoGPNiAwUsHP78QP5tP1pOBtmk/RGO2ohmhF/tXmyTPCwOr9c/yc
7EldH7LjACcZ6zanFFlHJ2fzrWYvcFG9VssftABUe/SARiuk96fXjbsArxfAKo+w
Mc/0NwCLZiPUU7U2bGgFjWM4RBv3bqK+N4KogN2NMr1GecRbYRf18VdtdG6cbEiy
IGdIFP8YfcyDug6Kh3XoyRhOdvLRzP0UsrXjuRVMTAi3q/A5WZKv+5OBjq5tCQdn
ZzQNPwOl6a/z95zHeAPrkg2rWdYXsBwNHY9PjvDaYa5r3rIzLykq30HLRNUXvxmD
2z9D3YCkEgEWytCh08lsy5+qAts6TeXmUQGRcWtifk54ZUnGRZfk5lvQXeH9NgCn
bwiycaSFN8RSZIoSzWYo0RDnrFzN2kZ5zrsDSlH8Vx9P8SehgAPQhGySCweT0OtB
H3R/Q3DaizMgzpdfNUe4juwiGS7dSJQeqIo4HaSu+zaVPRhdd0zpZ5NX5pwckjGN
RU2y41oMJ5/iNXehiSwB+sTO0a8R6Ap5ic//BGvZtd6dupvWz99nWwIDAQABo2Mw
YTAdBgNVHQ4EFgQUMHafxdOM8inU8wCPbDdJJqQdjPwwHwYDVR0jBBgwFoAUMHaf
xdOM8inU8wCPbDdJJqQdjPwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwDQYJKoZIhvcNAQENBQADggIBAFo6cw58rLYkGjILJzhtkaTjhszy4iQ5DY2D
ndjVMBaiptUG5snDEkQ0yYS13W52/r+h+MqfQfVbZ+PEUEQAWbJUgJOuVr1Xa59N
hrgoVBDSlU3S4W+jcgbfRnGJtfKCMC6Pm01BqoymBun7b+VkGBGns8vEThbUXgbG
aizLY9/dhFpr3dYVMCc70vW12JwjDJ6cb631vwAuo763nqwawlRJQOXe0v2Haii3
vv5y+VBlRmB157xeHz46jNmRf3OBArgvi4l2AFfUTAzfwV9NTXSVFIocZFhvCJi6
fgRMgmS7nh+QO4v7A799XW07dcv+JQwEGrA8UfB18D9j/RGMLIZrW7iwA0ilb1TV
Jo8kdKFaPVpM08OuMQHmRfMP5wTsLxrhnc3St7JUwwKrDSu4SBQYtsux8caf7qCu
MAGpVGeyDEYgLRRtzjwNoAeBFBVt45m7r7C1WOH0EdhxTdDN9N6bsI1Mu76sBAsn
o+Insnjl/3bL4kcFwFo7ZdyrVmX/gjggLD4PgH3wWloZXdQZ6tON8P5XFYTVVyhm
NQuQQNKSS9wOz3HHB8h3Byy2fHuSn5d0chjtwP7WLcMe4VTF6Au+cP2ESrlPc2GO
hJ3qcs7RJqIG3r5QJnb2LuIbmwNnS2X/qWslTfs3nDKTlVZUM0YSFr5AyDQtj3Sp
aADl62CF
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,A3F0E37A6354233C0881928887F7F72C
7p4aQwGnbFtw90w9RSp7AtDr+v0NryXPTu4akqj1a5OITQe1V1SniCHi66nOtlhA
dzjbUeebgsNheIYvM0v98wLTojpcVKP+4g8vMU8Rgv4jEW62kbfc0K1P9aNISUBb
Nr0btEE+gpBnL3A2benqsfC8taZvW0fjswU0Rkm4BS0zm7eVLU+yTzKX3iu4+g8D
8rMDaAwLQYwzMHcPXAzbR+/UsF964HbVbq3ELa8neSlaesmNL0mXSGTyvi8XHyBe
mmn0e3gbqNZG0SNp26PLEPhI+KCRIHgoUB12hF+iRblj31q1Ua17yylRItVO2tkr
HIaaSUsVfHucmtx7Ah/eszmHig75H3SZMfLkFm3Dunr5+c9ueAZFuenqdEI6ZL2i
Rj/Wu0MMK8rKGAJzQtVsrbhLNFXQBib4cAYotNX3BsOVq18OoGTzPr44VxprQXmF
VmUpBrNumsoDLFWEcRtf1kOwOJfdNtzy9Ui8Bwk9CAq+2m6hmNR6YL81jMcKoMAX
0KUYA/eGKaZ3WfHS2Ebi1lOE/7kOy/UCToUMLGzrTBSkNLYfqzgkTDKrAee0BWou
vECF2T8RXxFrQfpUW1qExsA/S1IlDQW4QBwqValKksgyBcnmlzJOF0END1SyWJBM
VpJPib/VY+YY+JhyM9GQKQnM6ybQ9ikRwy9Ui0vEHX0U/amr/qYY5Yoc2z9VRFxP
NJrCID5+ykrSzStQ/h34kCj0Xvj4XkM2BKBUAm5CVg/C3d6TIR7fB9ESxy9lAXba
PfUSHbCLqZZDguXjVWBaJNEbZxyAyHCEJgZINgzZ9QPfM6tRgHt7akQLtH6QqTHD
80xy3f2mVxDoLZn9xl36gziVpF4lljM9X1OS2SpAvoTdaPaOTa0GrhGHhxDq7s0c
j+wx6fciItqik76lTigxmKxYdSuRT4BQjRQ3MWqxFSd61WMhhSFjajOwc0UJ8Z2r
ewU4q0Jme7TYV+EBuu6BVBr2SdnkbpuUK1pGGS4XEpTraskAcqOZeQowNjljceO6
0N60LRTccnk9xKGXeAc61Vr0FzoZw3LqMC9302rm+79kfWDiP5lVfzHuSRiXCWhb
r7RLiOJflSYaqiqwm52eviDvs97B4Dbtkuyhu7ja/Pkct/bNghj8hzWxneB+sZXo
jIET1zMzTaXKzIZWrQWoRUD0TKPExjGEKaBf6nq591OGQfMhFfLlJDtGmss7FVmZ
8gdhFYK37LKUKoePkuMc9T8lIq7t0VD5V0ftYFCAAcCOEaWMy5F5xD0jPU8sp59x
WHRKgq4IhoGDQ+5u9iDeJyv8TTvmalwnYPCGhae4mNzwO9uIxkzQxFCjXhl6xFKT
SK2z8EgIjsq58+b3GJ+SfixdjDGBDu7o7xuJ4mRWwxtzZ9ycCxLkmuqiba+qEl2B
M415cSvLZI18czP1RdZJVnUjFWoqPoQKO1z+iCkT4loyYO+/21hsdRhSzpSvHlYC
NhyQyz9SxHPuqEztZRdiaHxnYf9tFgalnUGWJvj3dIdVPF2AkA66sPswwuQ0YZF6
obp17FnlF5n/9/UL/OSxIVh9P2/lMSdv78xP1LgVgDSlVsIjB3A0QjQcF1o0b2hF
+NyW30mvu7YjnygO8M4SCjZdPoJadIcyL8h73/UPgRH9THIJsJe7ZtO08dcaIZC5
xwRgb8xDiJ2Vpd1g+L+N/qKCWEYeBP1HNTC5VTL59Awn7FXLHGXssxhhhzpzw2n3
y08LKH4WdDAjH8jJFsjKeaHRe88ymsEbGj3swIkHzAfvq4spI1vpE68FLpNpDR5K
rl61n5M03mvVLpUHCzi8FxlltyLdjjOdJRk2M7LWH1AWgUcb6K7lCWli86+Sa5No
p4ZUalP9Rp1wsVVW+le+qPQPla4xVofJtEeXtqkYDKbbuhEMStESc0rIMDNj25bc
aqGXQYLnqtMghxEhPoQ6RVN85eStbAxXzyGq1yMeO7hhuUPEAu6kPMILiAkdxz/o
Xmv2aUlFbP7dorYCfE+LmXZu8kpvrlgYCGPC9OpbpNH5LaYd8tn9S8Nnw/EW2/Cm
bexRuhGTUVZiEJTAEDS+gpIMTRAIYR7AFOpBKQlDSrbwEq+t1E2o/s9Sfz/+BTs5
KjIOvh34gNhV5Oo65RF82t0D+ZEgV/z9uqz4882KTAS+2r4Me8YImbouf8da/GJH
mcZtiIS8h2ifVFNjfLhkZSvbC09v6Y1X/LW4AXqxPBFxWFEeecArC+B50GVrnUt3
5htrYpBQcQRH2CXs8oNAcTmAPkC0mEVpB+KKJMUobR+fntDogDfADeGfaBqxF9tg
J8bHp+evKV25UiPMUZZXCZHQ9cm+Xk5jvyXO3nEKyBGXkyFQrR+pzHl1ep10FiZI
Ke5Be2hOIekqk51OiIx5STin8xUW5l8ZbrbPPGJV78gf0tWzH3zV4iCOsihqmW1a
YtRijyiuZ30V+SEwFTRHzvLMdZ+GN9eUE1HEXtQ9F8R38AT2z1cD7lVHxs/aRpvz
qYgwabtVRW4C62FXZyyq5h3Uap1dJopBSfTgNW9X1JwVss9NY6/0Z6JdDXCoVIn/
JH0MjGewk25SESGpo3tv4hQSzZrInw+9GtUTdjqx7XNwGVOQ6YAlYuHOdux2audQ
hG2Hxt0KU9Xv3KPSulDpZrHh4aEpFBGC4INjpDS9+6MR25eETCLgkV3QTOYnXyIr
A10gHFBatndjgwlgicJJ7RnvRZmOLPv6oPyn4afe+vt1+z3rGXWqot35oNgz0xfP
1JSHL+E6in8Gq+3MDSSFfqlE37fMhi98X/ULbQY6urBLRN8dBTvGsqkI8u1uELAt
9lUXrj3VIcJTrwAMgUTFZNeqsXh8XeGjd4L/imX2ENf5dT7B5+wRIa+2S4JwFJnM
2Yg2961AccFbHsuAohFETBW/0y6AdkllO0PoCYXAH0F6pXDsXFomzGRnsfBFkB9A
RLB03CNprpSxhcVIaZkX9+25EII3s9fhnXRAlRns8FGoGLt7gaS+LOJWkeTdqZYW
4XzC53CbpYRxB8/6vKTyvrRVRp8QT7AZgXl//YSLgII6smVA8C52YIc1AHEqsJuA
ZYEr86DFDkUNIf0W3N9LR2+8IrieDDEIC9BngjLmhykakgqDrykyIvAYHIkkkDwJ