summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2014-07-06 18:23:54 -0400
committerJoey Hess2014-07-06 18:23:54 -0400
commit40d559fbbeb35f76927366948625bb58f1c72209 (patch)
tree35017feaeefe61548f3496cfd0016fe7ab55d68f
parente5dcc8e17668b3994fc8de1d53c7e48659c08aee (diff)
parent32bb2d50a176ebb9070288a75bf86fd1c92ef0be (diff)
Merge branch 'joeyconfig'
-rw-r--r--Makefile4
-rw-r--r--config-joey.hs104
-rw-r--r--debian/changelog22
-rw-r--r--doc/security.mdwn15
-rw-r--r--doc/todo/better_privdata.mdwn12
-rw-r--r--privdata/clam.kitenet.net.gpg82
-rw-r--r--privdata/darkstar.kitenet.net.gpg22
-rw-r--r--privdata/diatom.kitenet.net.gpg372
-rw-r--r--privdata/elephant.kitenet.net.gpg111
-rw-r--r--privdata/orca.kitenet.net.gpg57
-rw-r--r--privdata/privdata.gpg434
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/CmdLine.hs38
-rw-r--r--src/Propellor/PrivData.hs151
-rw-r--r--src/Propellor/Property/Docker.hs24
-rw-r--r--src/Propellor/Property/File.hs13
-rw-r--r--src/Propellor/Property/Gpg.hs17
-rw-r--r--src/Propellor/Property/Hostname.hs26
-rw-r--r--src/Propellor/Property/OpenId.hs5
-rw-r--r--src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs38
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs59
-rw-r--r--src/Propellor/Property/Ssh.hs52
-rw-r--r--src/Propellor/Property/User.hs23
-rw-r--r--src/Propellor/Types.hs29
-rw-r--r--src/Propellor/Types/Info.hs5
-rw-r--r--src/Propellor/Types/PrivData.hs34
-rw-r--r--src/Utility/Table.hs28
27 files changed, 882 insertions, 897 deletions
diff --git a/Makefile b/Makefile
index 79852688..d6e8fe6f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,7 @@
CABAL?=cabal
+DEBDEPS=gnupg ghc cabal-install libghc-missingh-dev libghc-ansi-terminal-dev libghc-ifelse-dev libghc-unix-compat-dev libghc-hslogger-dev libghc-network-dev libghc-quickcheck2-dev libghc-mtl-dev libghc-monadcatchio-transformers-dev
+
run: deps build
./propellor
@@ -10,7 +12,7 @@ build: dist/setup-config
ln -sf dist/build/propellor-config/propellor-config propellor
deps:
- @if [ $$(whoami) = root ]; then apt-get --no-upgrade --no-install-recommends -y install gnupg ghc cabal-install libghc-missingh-dev libghc-ansi-terminal-dev libghc-ifelse-dev libghc-unix-compat-dev libghc-hslogger-dev libghc-network-dev libghc-quickcheck2-dev libghc-mtl-dev libghc-monadcatchio-transformers-dev; fi || true
+ @if [ $$(whoami) = root ]; then apt-get --no-upgrade --no-install-recommends -y install $(DEBDEPS) || (apt-get update && apt-get --no-upgrade --no-install-recommends -y install $(DEBDEPS)); fi || true
@if [ $$(whoami) = root ]; then apt-get --no-upgrade --no-install-recommends -y install libghc-async-dev || (cabal update; cabal install async); fi || true
dist/setup-config: propellor.cabal
diff --git a/config-joey.hs b/config-joey.hs
index 2c73b3e5..783c548f 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -42,49 +42,18 @@ hosts = -- (o) `
& Docker.configured
& Docker.docked hosts "android-git-annex"
- -- Nothing super-important lives here and mostly it's docker containers.
+ -- Unreliable server.
, standardSystem "clam.kitenet.net" Unstable "amd64"
- & ipv4 "162.248.143.249"
- & ipv6 "2002:5044:5531::1"
+ & ipv4 "162.248.9.29"
& CloudAtCost.decruft
& Apt.unattendedUpgrades
& Network.ipv6to4
& Tor.isBridge
& Postfix.satellite
- & Docker.configured
-
- & Docker.docked hosts "oldusenet-shellbox"
- & Docker.docked hosts "openid-provider"
- `requires` Apt.serviceInstalledRunning "ntp"
- & Docker.docked hosts "ancient-kitenet"
-
- -- I'd rather this were on diatom, but it needs unstable.
- & alias "kgb.kitenet.net"
- & JoeySites.kgbServer
-
- & alias "mumble.kitenet.net"
- & JoeySites.mumbleServer hosts
-
- & alias "ns9.kitenet.net"
- & myDnsSecondary
-
- & alias "znc.kitenet.net"
- & JoeySites.ircBouncer
-
- -- For https port 443, shellinabox with ssh login to
- -- kitenet.net
- & alias "shell.kitenet.net"
- & JoeySites.kiteShellBox
-
- -- Nothing is using http port 80 on clam, so listen on
- -- that port for ssh, for traveling on bad networks that
- -- block 22.
- & "/etc/ssh/sshd_config" `File.containsLine` "Port 80"
- `onChange` Service.restarted "ssh"
+ & Docker.configured
& Docker.garbageCollected `period` Daily
- & Apt.installed ["git-annex", "mtr", "screen"]
-- Orca is the main git-annex build box.
, standardSystem "orca.kitenet.net" Unstable "amd64"
@@ -103,14 +72,15 @@ hosts = -- (o) `
& Apt.buildDep ["git-annex"] `period` Daily
-- Important stuff that needs not too much memory or CPU.
- , standardSystem "diatom.kitenet.net" Stable "amd64"
+ , let ctx = Context "diatom.kitenet.net"
+ in standardSystem "diatom.kitenet.net" Stable "amd64"
& ipv4 "107.170.31.195"
& DigitalOcean.distroKernel
& Hostname.sane
- & Ssh.hostKey SshDsa
- & Ssh.hostKey SshRsa
- & Ssh.hostKey SshEcdsa
+ & Ssh.hostKey SshDsa ctx
+ & Ssh.hostKey SshRsa ctx
+ & Ssh.hostKey SshEcdsa ctx
& Apt.unattendedUpgrades
& Apt.serviceInstalledRunning "ntp"
& Postfix.satellite
@@ -120,9 +90,9 @@ hosts = -- (o) `
& Apt.serviceInstalledRunning "swapspace"
& Apt.serviceInstalledRunning "apache2"
- & File.hasPrivContent "/etc/ssl/certs/web.pem"
- & File.hasPrivContent "/etc/ssl/private/web.pem"
- & File.hasPrivContent "/etc/ssl/certs/startssl.pem"
+ & File.hasPrivContent "/etc/ssl/certs/web.pem" (Context "kitenet.net")
+ & File.hasPrivContent "/etc/ssl/private/web.pem" (Context "kitenet.net")
+ & File.hasPrivContent "/etc/ssl/certs/startssl.pem" (Context "kitenet.net")
& Apache.modEnabled "ssl"
& Apache.multiSSL
& File.ownerGroup "/srv/web" "joey" "joey"
@@ -164,16 +134,17 @@ hosts = -- (o) `
& Dns.secondaryFor ["animx"] hosts "animx.eu.org"
-- storage and backup server
- , standardSystem "elephant.kitenet.net" Unstable "amd64"
+ , let ctx = Context "elephant.kitenet.net"
+ in standardSystem "elephant.kitenet.net" Unstable "amd64"
& ipv4 "193.234.225.114"
& Hostname.sane
& Postfix.satellite
& Apt.unattendedUpgrades
- & Ssh.hostKey SshDsa
- & Ssh.hostKey SshRsa
- & Ssh.hostKey SshEcdsa
- & Ssh.keyImported SshRsa "joey"
+ & Ssh.hostKey SshDsa ctx
+ & Ssh.hostKey SshRsa ctx
+ & Ssh.hostKey SshEcdsa ctx
+ & Ssh.keyImported SshRsa "joey" ctx
-- PV-grub chaining
-- http://notes.pault.ag/linode-pv-grub-chainning/
@@ -191,6 +162,7 @@ hosts = -- (o) `
[ "configfile (xen/xvda1)/boot/grub/grub.cfg" ]
& Apt.installed ["grub-xen"]
& flagFile (scriptProperty ["update-grub; grub-mkimage --prefix '(xen/xvda1)/boot/grub' -c /boot/load.cf -O x86_64-xen /usr/lib/grub/x86_64-xen/*.mod > /boot/xen-shim"]) "/boot/xen-shim"
+ `describe` "/boot-xen-shim"
& alias "eubackup.kitenet.net"
& Apt.installed ["obnam", "sshfs", "rsync"]
@@ -201,8 +173,38 @@ hosts = -- (o) `
& alias "podcatcher.kitenet.net"
& Apt.installed ["git-annex"]
+ & alias "znc.kitenet.net"
+ & JoeySites.ircBouncer
+
+ -- I'd rather this were on diatom, but it needs unstable.
+ & alias "kgb.kitenet.net"
+ & JoeySites.kgbServer
+
+ & alias "mumble.kitenet.net"
+ & JoeySites.mumbleServer hosts
+
+ & alias "ns3.kitenet.net"
+ & myDnsSecondary
+
& Docker.configured
+
+ & Docker.docked hosts "oldusenet-shellbox"
+ & Docker.docked hosts "openid-provider"
+ `requires` Apt.serviceInstalledRunning "ntp"
+ & Docker.docked hosts "ancient-kitenet"
+
& Docker.garbageCollected `period` (Weekly (Just 1))
+
+ -- For https port 443, shellinabox with ssh login to
+ -- kitenet.net
+ & alias "shell.kitenet.net"
+ & JoeySites.kiteShellBox
+ -- Nothing is using http port 80, so listen on
+ -- that port for ssh, for traveling on bad networks that
+ -- block 22.
+ & "/etc/ssh/sshd_config" `File.containsLine` "Port 80"
+ `onChange` Service.restarted "ssh"
+
--' __|II| ,.
---- __|II|II|__ ( \_,/\
@@ -264,13 +266,13 @@ standardSystem hn suite arch = host hn
& Apt.installed ["etckeeper"]
& Apt.installed ["ssh"]
& GitHome.installedFor "root"
- & User.hasSomePassword "root"
+ & User.hasSomePassword "root" (Context hn)
-- Harden the system, but only once root's authorized_keys
-- is safely in place.
& check (Ssh.hasAuthorizedKeys "root")
(Ssh.passwordAuthentication False)
& User.accountFor "joey"
- & User.hasSomePassword "joey"
+ & User.hasSomePassword "joey" (Context hn)
& Sudo.enabledFor "joey"
& GitHome.installedFor "joey"
& Apt.installed ["vim", "screen", "less"]
@@ -309,14 +311,14 @@ branchableSecondary :: RevertableProperty
branchableSecondary = Dns.secondaryFor ["branchable.com"] hosts "branchable.com"
-- Currently using diatom (ns2) as primary with secondaries
--- clam (ns9) and gandi.
+-- elephant (ns3) and gandi.
-- kite handles all mail.
myDnsPrimary :: Domain -> [(BindDomain, Record)] -> RevertableProperty
myDnsPrimary domain extras = Dns.primary hosts domain
(Dns.mkSOA "ns2.kitenet.net" 100) $
[ (RootDomain, NS $ AbsDomain "ns2.kitenet.net")
+ , (RootDomain, NS $ AbsDomain "ns3.kitenet.net")
, (RootDomain, NS $ AbsDomain "ns6.gandi.net")
- , (RootDomain, NS $ AbsDomain "ns9.kitenet.net")
, (RootDomain, MX 0 $ AbsDomain "kitenet.net")
, (RootDomain, TXT "v=spf1 a ?all")
] ++ extras
@@ -377,7 +379,7 @@ monsters = -- but do want to track their public keys etc.
- some static websites
- bitlbee
- prosody
- - (used by anna and daddy's git-annex)
+ - (used by daddy's git-annex)
- named
- (branchable is still pushing to here
- (thinking it's ns2.branchable.com), but it's no
diff --git a/debian/changelog b/debian/changelog
index b3f4572f..16ecb5f4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,25 @@
+propellor (0.8.0) UNRELEASED; urgency=medium
+
+ * Completely reworked privdata storage. There is now a single file,
+ and each host is sent only the privdata that its Properties actually use.
+
+ To transition existing privdata, run propellor against a host and
+ watch out for the red failure messages, and run the suggested commands
+ to store the privdata using the new storage scheme. You may find
+ it useful to run the old version of propellor to extract data from the old
+ privdata files during this migration.
+
+ * Add --edit to edit a privdata value in $EDITOR.
+ * Add --list-fields to list all currently set privdata fields, along with
+ the hosts that use them.
+ * Fix randomHostKeys property to run openssh-server's postinst in a
+ non-failing way.
+ * Hostname.sane now cleans up the 127.0.0.1 localhost line in /etc/hosts,
+ to avoid eg, apache complaining "Could not reliably determine the
+ server's fully qualified domain name".
+
+ -- Joey Hess <joeyh@debian.org> Thu, 19 Jun 2014 14:27:21 -0400
+
propellor (0.7.0) unstable; urgency=medium
* combineProperties no longer stops when a property fails; now it continues
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 5576bf06..075d68ec 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -27,10 +27,11 @@ Since the propoellor git repository is public, you can't store
in cleartext private data such as passwords, ssh private keys, etc.
Instead, `propellor --spin $host` looks for a
-`~/.propellor/privdata/$host.gpg` file and if found decrypts it and sends
-it to the remote host using ssh. This lets a remote host know its own
-private data, without seeing all the rest.
-
-To securely store private data, use: `propellor --set $host $field`
-The field name will be something like 'Password "root"'; see PrivData.hs
-for available fields.
+`~/.propellor/privdata/privdata.gpg` file and if found decrypts it,
+extracts the private that that the $host needs, and sends it to to the
+$host using ssh. This lets a host know its own private data, without
+seeing all the rest.
+
+To securely store private data, use: `propellor --set $field $context`
+Propellor will tell you the details when you use a Property that needs
+PrivData.
diff --git a/doc/todo/better_privdata.mdwn b/doc/todo/better_privdata.mdwn
new file mode 100644
index 00000000..1ee9e14f
--- /dev/null
+++ b/doc/todo/better_privdata.mdwn
@@ -0,0 +1,12 @@
+It can be annoying to need to move privdata values around when moving
+services between hosts, which is otherwise often just a cut-n-paste
+of a line in config.hs.
+
+It would be better if privdata were all stored in one Map, and the set of
+privdata that a host's current properties need were sent to it
+automatically, rather than the current 1-file-per-host separation.
+
+For this to work though, each property that uses privdata would need to add
+to the host's Info the privdata field it uses.
+
+> [[done]]! --[[Joey]]
diff --git a/privdata/clam.kitenet.net.gpg b/privdata/clam.kitenet.net.gpg
deleted file mode 100644
index 4b85bfa7..00000000
--- a/privdata/clam.kitenet.net.gpg
+++ /dev/null
@@ -1,82 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1
-
-hQIMA7ODiaEXBlRZAQ//VS4kuJXtrqIviZeyEsadpGB3Ku3MfeVm8ssJ1mNVWo4d
-rEou78aJ490GZbkWhWVx3zKA/KfVV1vubzJD0PIdt6uLwczzxZZEp8gWHlfTF4fO
-2CQKOEqQTeG5fOFKViA5iWUsrSNLkRINq3QIsyrE3/z+nJSBAyLMHEexOf+KNZLK
-QNwSuYmTtSEWXMuw9hRUzSUVarQbK0zORtZ9Kc6Hvr6cSoVZrwuJJyLLCoZVFPay
-JHCpMrQM5y3j6O1jU15JxhACOqo5tfbsSqzLBepT+3TferfHP7uireNe+tfrCVSv
-lFLwLxbrEK76TI1hzx9OILm1R3ofpmcC7cIv2MntXjCQhTAhgeq6F2CAhnJ9vrCI
-u3CeTjkwVuFpU9ThlQTjeH8Di/gg9OC9iN8Ka3X9O9MpiDmFr701+Vk4LCOQqF2z
-OaDJzyPq7ffpyq06gFFICCMcdGTwPPzPzX3LxLpIB7JFLbUNGSy+LfR/19YthxFA
-AUngN28LJEz712UwahC24/R0VQPJwU/NRnEaIxhGL85tcBtlgEUnTWdojBEvlhR3
-AotsPrUL+9OYzoCBF5YKwvWqViM7gETa5pUJ8VWw0JFsRCSsHIrz6Jq5nFt0YzV5
-Rp4orQUy48Qu88FRJn0a7eHL7l1XJaykaxr219kW9yM8aUcfYlc25gaVHqNeLOTS
-6wEKJCIcujR3+xXRQioOMa7RAMybAhETg9qQfpU1NvzYxBLZe3hcg/gvTwqnHCkX
-9bg6pRUQ4XQxgPc3DjQv8c22bxiNu5RBrkmXmC5bzLRAm5SANvd/jPflqcBAJZCj
-ZVqyoDl2I4AJc+W3FjiTOMHFDUSQEsTyAD0Vj7mHSpujF4VTKjh+3WulfJDcnQds
-BeuTX62OKch0atJrE+UrR4FJ0keLVZfHL8F5A19ZoBBGLNgGnpH5qTQM8y+hr5dL
-Fim8XTDi9qI/StRYqL7ZWLVLuenhYVpEwBNeDvgQ8NQNcqOoassjmzvZyqVCh4SD
-a1uOwn1sXAP25l8l6VMCqGknbNhTeF1xAF7R/+xV4AKAZ8nRQ42vuehMPwmnSge0
-ll+OdhOYNBXn83Ks0s57ATMtLYNuWZR+76kv8VPDlAoCUmeP2hwu4gUimZW1x5dH
-1s1v/YJQU8lUhP5NP3OwxoTfBZaf1H+HThpOf4/fxM3KBWWU555dwntSfbR9nOvO
-UuOKQtwgmWoMKS29gQaB2vCdHTVW9cwNsJrn+Pit2LZWmr6rrjd9TcETDdTBgmHu
-d5Ctk0X8yoEecLG/sMKAUW9b6rA3i6EjJHxRPwLP85t0YnO5FSd/+BULzpvy3LCl
-vpqQZwTpOCkGvWTT25vgb+1E26wAiQfMYv9R4XIybty4F8/Q9V4izAvCWxjbbD2L
-qPlpWVryyonohy8oS+fOiyH/RstERN3iCSf4thfSxzeRDlYtLL9ess7Q9CYpROcc
-JHNR/0k9PlwpTbeuIatlx6RSimJX8UK6XiJ6aFeg7rtZGEM9ji+3cihADbQQwxLa
-P1FD6W8AmntxghT61klSeCamMuBIa5XqTjDzz87Llx1T9n9t3UKHgh0rzx7i8muL
-3uVSqgfytgoU4DSlUTS7AorIXhLWTfr9Z8Pzp5DTvkoWMef73xe5LZbWk69YCyiP
-boSVEYsvMXF6uPQEz7rt2dViDgU0usFpL+5ed9k9+dCaY4Tz2nbDADmmsh+V5npj
-lzG3M0dpo5OP9cXP4DLgUqiWTIed4NJtFU028yKK4tXLSWcr8m+/l1J6DgUz7rmM
-/tiFf+Xse0VrJqEMTWJy6cqxyPuBKl26owbQoTluaIQVmRlyN9q498gj+M7mL0kk
-UBaCTyS4qyC/37X6cA1A43tvL7/yf+rTRz8gxbdPsJJurgReoTxlUrBk+AyLE7eq
-NN15waM44rHerGZZJ9kClWcSvQ9ZTvRNWUpvuM0e70ETGcXC2gtFjNqZRMHeLHPo
-HK4gcYnu9Rt9rIIqEU3UcmhpISsI3hUCoR2bXIrs9UL+eKOWjuLMLpa2YV5b9Wh3
-vZVCsivu5FePfUiH7EEkEFnHQuuP5KYqHQWPPoMlQBBGj3YiooG15lqM2F35D5ZC
-qbYXEyGoCQbS2s9GztcicSzb5WpW//0c2u3T/PhbkUJQzySGdP7NJAVdOttDUhoW
-Bb0GM1FCKmLV/yL+tQQR/NUUXO9njSS5iXfvsSasD1EVw5ylbN02k9/Tasr5Fr4E
-JLLiZxp9v4YgAR0ZxeR5t9xfqtEr7A0BBhwsD9FGuzEnYUXZPDifhU3dC0UrU2eZ
-GuvYYo/8T+iaizieE+dmEu5oiMELnZCkPHY5AMsU7BJvhhjnsSJmHCStE1fJwa/v
-np0GFdtfUX3zL5JGum/CN9Q3vkHP5QztlvSLnYWMyp1ZTE+R8IOEsVGKX1B5YCSk
-akwAuVnPPVwiVa88ditEwtNUJJEwV5rlVUcQ2GKwaHHquuXtq4cr5mbliJD00TEd
-cfagYMXrTzRlvV7JJTmXyqzN50/GqoePWZ7wpsMcWURKkgoptSNbtfJGasq+7CTL
-k0Bds63oNWIyaii8f/xAUqcGIQv8ImbV2NAgkJE7hyUcvkXit7WRpICv10BjboI7
-CdyFpYzEdbSVlMQ/dbOitIm1/Bf7SUaZUdPWfPNfog7tQTazXHOhHl/PryK8ha0S
-gI8JfUixV+9g+56HNYVIe/8E7CRFprpJxhG/HSEatcvNakCNxYX1yEZse+B9H5Hs
-6wsN6wbTzF+ozS6Vnhahl+/cw8jBqnTElwnDWntcJeH7GPS3brBchDzzxtqUcfHP
-WghbF9ws+lW9K8DXfO4ZufAujQnk/fkYE8FlXhdlaSqFFhvjlT6MVhsyFVffBJ+c
-j/RiWMjR0tvhpKaKlz0BxZqvlYDOYmRn8Rb+28Nq+0ebytBKk0fsnCT3tIkyX8WF
-UCRNSJkxVWwNK3nmqo2wxqh0gi5+ivaAHxl25AMassHT6jPkfeUl8hGYCJzjby0v
-0w1+5dWIbS5wK3e2GzOr/WrDipDFMm9MpCQ3oq6jXT/ZskJLQ+tmoiKe2SPbI6TG
-J34h/PqVFKmnyI+eW4OGUmfWz0wTDc+IRQPpXQbl7p2uQ7yOtlHeDiWu7QsNMjpK
-XKcjGOG97T/HuSAaJlkZOvU20DctF0T9q1jOp/tB9SMD+XwFx7wdEY/OPPFhyTs/
-D6x/A2z2J+XWsoVvxH8q08nY2vmAeGHToZo14vdzv522xv7jbaWUUUWWlezhfLH5
-x3dTTtrRzD4IdP8hCZ6QWKtX70LnIHTENmkGCXrHjSvqgEz7ebEbWIJk2l/ztVAr
-6V+rx/oKnU9+v8T2N3d97M8GhC68uUHIOFQit6ZzsAmXAHb5zF0c0rZr+piS5OGK
-F/yGoqHbzLuJlcaTE4SsOgie188JllwnWLjdbTXvLGM/6luhu+6dWGNNaxl0ymEA
-9IFeMJZVnpAVdhqk34poqQsIEj8Dz80xYy65ewxBnv+ioEOoE208tCSI71VBre5f
-9VwD2RYgOV0Vnx11hdubWksix7WX5+hWos1GCOACEesxyy6JucEN6MrgU3TJr4Fo
-rvVq5shYoMNbTMA993LBIFNmvGDkGlVfTvdPvdC1fubn3/Wd889Csw+JT9m3nIOU
-ftQ8xW+seen8l71CEoCc/i+kvFIRDxJJNIfa8mnAOdVo1nktjvsa/n39kev3MeZu
-grCbVMPaxC0S/ajlW8A296JtJkqPViPjL1pFv4SCPlhggurwyDbH5GxpNOT4QYCc
-uR+4Y6SuyslXjnrCUaz/KQBcJUC7krmfkbJOy2gCXrKd/0H4id57e5tTltXL3oeG
-6i0uBRggcjCSDzw1URqkdT9sb3HKoru/+TLC2oNRTjoX1fQBzGQf15vE4mbLLlsY
-wec8GSLIP4PL+GMXVdmhr5Odn/Rgk6Etw+Dyli2CNkcxY1g2GOorAQgA1uP2iZXY
-40zmh7FwqivFR0XX7/ysE0CM/gxsQyJ9q1kFWMY8uwuJKlZ+vRdKwmmOI9Bofer3
-u8zcUO5MYBJjcwJF/TZ1Dxzyhbpe5CCZkTdUkOFzi7YIjWitd1r7FoegCe3BslWt
-QMc2d7lnsBIAKqskujgeGGAVstFdqzzYvJPMRPYvDIyYtNDJ3aSg3kgh5xEo3y1E
-HyBWzMv72TGhi80PELqPVZleC8KFKl6gX2vMOT2ZCYKZOAJXuaT1lZ66bxrjovR/
-NM/aVy2dVV3yxJ1Cz9iMYKdEoWFFyYvv5KuiFT1xsrQ/HFtYNQve931o+wRoRFPa
-i4f4NEFFrxny2eHH+Yz0KtAvQYvWeY4M4n0Difugl1c5jEXkaP59A+CXvE/hF2iK
-R2jNA1WItdTKIvcwPAK4LhG2coB80khEWqwrIsSonf4lTzRKCTBjOv+hTfrcQMcV
-KD6dB0RipGz1so39ztAOmU4jN7j0wCDKZFVxwPXSSp27qsH2VxUN1VtNafnDNP/Y
-UXmUCDVBdnHIIAAw4/5wUZiqFKVVRHquqKxzv4yW9ssWIlHdnhZ5e48fsep8ivUQ
-wfrq9ojOIZQYUucZUIdqm49tkDJtDdXzSwrM7n8eFJqE7uNEeOnbfKoj9jfznOqK
-KCiV8zsy6n+LA0fWwKC1l4XvcpYv3JpVPObIE0suNm7Gfrqd9TSiCHW3SeWwpd5H
-KOiYEVOxGOW11l/tPLsqe9oTi72TFiCwMV5M/lyj5HWqH8w3LtD+FIoH6eUyth8H
-wX5vNY4ld9tyOhSOcMb8L53hsH0EmiaUdBeo6cviyh5dRTckRecbvnjD8wC93vJ+
-HcBQ9xKBYW6u4IZJbO4A8FCHThOCdgP1tNYL1ILZlG0aW3OFSFx99KER3uq3nbpQ
-QCURRoo79LXFutUv/arWDW/Dx6YZQgpKPiFHZ/Ne/MR+/zE=
-=5rkr
------END PGP MESSAGE-----
diff --git a/privdata/darkstar.kitenet.net.gpg b/privdata/darkstar.kitenet.net.gpg
deleted file mode 100644
index 9a6de1cf..00000000
--- a/privdata/darkstar.kitenet.net.gpg
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1
-
-hQIMA7ODiaEXBlRZAQ/9HdpfvTbfOnyqLlEK1WC9QO3HrF9w9yrEH8hCrVFJ/86r
-xHK62+7I6wrV2W1UAHRx1b4H9qEkbD8+MAmjB2JYVmJUqvdzNv1jhsWwPpAcTQN1
-RVWR95Auc2rjXXSiZRudLaWdxZdDBg5PWApH5+NW5grtNRKsTbYB1/No2iYJvDuv
-WcbBkuFyEa0WbRiqUaUIyO9XAGyj4hqVDQSXH2Gzei8oB3PZh9+Lwv7i05lvSup+
-dtbtEsEdDiJbCTzIakV6vEQT1BDVMpe6jRQbv7c+LXLeM65Tpl+2hnTPSTy1zcr0
-bjfkFa6A75sHmIf0WGKAZj+jmNchp4AMdjmoMiXkHacDsBw623NgiMgzUnfWVkFm
-BIrdk5AGBi50nqPxwtY7nWd0cbApvNvT1zlx8MlRBSZQ2zcijo5AjiCwb+eLLVhv
-6oiKqpYGC1XpdNFFsaKHnHBCgsPIIetwx4ng0+lvRgBO+DEQ4RvvdKMhy/3nXrpz
-NVdr/gG+HMBW1BjyCd9ArmTtSITQWDT8vnLmyFbc0aJ88c2rEjv2BpXmhKjxEoEn
-IMxc3/9cLrVVRocnlq7YvKDZpfuwjgDs86D3e03Up7hQZhLU4+r8Wq7azxk3wE06
-lAQIS0OwCe75EZvVWYHwhZ3vEoBE/TeqeaRyhKpofFS5GvtIJsZBjenmRcdOJTPS
-wDQB/c3XkjuIrJErMBx/KrNQc2mAjcUpvW4+Ukj5vtpusi3qmSfsyaVJ4ZS9SwVv
-7RPqLsH5Iz3Ga6u4of/mg+iG/wqJPJy2A9A/XOnsNVCVR3a+NxjPqevEjW1Pr6RL
-SOMQSK6OuwuT1H13M1Z7R6dbg+pCcbc+hek9/6KzeZS9q4Di7aqq7+XeDr4c51+Q
-2ojS4DG0/vAJmOO+E8ZatGiwdI8kmELrzAF8zzGz+ZujXSuiPXVd2kw/JdfUaTRq
-KrtNhiGWWM44YWS43TYuYCoVgokrdVXzsZyKyhHzgXKCits3R5+QcUgUx2vESuOs
-+FdM8fAd
-=a0dr
------END PGP MESSAGE-----
diff --git a/privdata/diatom.kitenet.net.gpg b/privdata/diatom.kitenet.net.gpg
deleted file mode 100644
index 9643cf94..00000000
--- a/privdata/diatom.kitenet.net.gpg
+++ /dev/null
@@ -1,372 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1
-
-hQIMA7ODiaEXBlRZAQ//VJHt/YNaoXCnJjxdYtgReuhFaavM10eZrRKQIjwr8H+x
-eoPYN5pWqF66ruvjwmveNbgAHWhYUv9rh0GRqd/uDjVYN1Yy4bAVeGoEeI4jaGKz
-utHGoOJGk2GUEVPK7+7/KV0phgu0VK2jpOMkH0vq37o3cJrWH2MOn63joXHwhL/q
-Z5FtxWRR9SAwKvS0e4dv5dVvXaao2DvnLIZixkcbrxn8TtiqEZYsDvAj9qzu0LID
-Q6Hk/JV4XR9FZv/dm7treRIr0zaFbrXocatVITBlu2lkQdAFmkYv+vI4LwLPAsDL
-6J6KDVEo/xHOR7UJPmpMmZmaExME/F5+itGT7Yl6eOahLTohG9RzOBO+o3DXSlap
-8sFgSwC/PrnfN0jAnHhMwoJAx/k3qelA1A3nET7iGCiUQ6w+Q/UKl0nlc4yrmN3U
-F9hoMaOWFwYS2v2HUU0PmZH14cxZcwkUFdN2cD3WcHeWro2IM+nSkFe6IgozbEQy
-Vj2SsYCJOz5pP2rAkWe7f0NCOK86bDtZUNi/wXSMzUuWsNNnBGQl38y4PcJqmiyi
-Mmoo1hEcpXNFT6dN/hiZrVETpRSuanzpALWb5k+/nkJ5slnWXjHtPEydhP85QqWB
-v6ThvuDu2UUdCUJ08BDXCjxsTC+e54IhKggHLrkmO6j5HxbebLiPrg8vbEnvhVrS
-7QF7gBp1LrFGtD/N87NRvQlHc6w25/r5aLPhsqk+AXPyXl/L3gXxZ63FqIk7i6Qy
-ZMa248zAKr5U8YpmllriQUyscR79bXEODC9j5eAyqgtmCRoZjTCLaxM7EYDODQvT
-d2rM+kXOUv17K2ZAi8PLRz4LLSACmM4tQUN2UPZ3hhYiwddpbrU9YlQkZvDmUOai
-a7/awsEbeEcPn4jSlUG0mSN6OZIYYynT3+HhIHKz/TaSd+kKz4AGM0aNLu3AmC19
-ib4hVjyHfaatwIJy+jhhEZm/OrDw2m50YUSShq1EWUNIlMVJzJboGHVoGi6JEVCt
-BDw/5zLyea5qajWyVREg11fKq9J/7LPzgvs9TDXfd0aLq00Z7PFoxdPQAYCojEbh
-IYxqLx7kqp5f8klmW9CR+G8/2WhtZyV0giaiaArciGmzX98TUDL1QGD7HPGAtpB+
-vCqKJwwxvWWysp0KOSAYEK0fxEeYduN7hxN09iBQcqorycxp815BTs7uu7t5PdxW
-YTDFab+MshR9KMmioot6dI8ubNp9C/nlmaUxbUys8Zit5Nbrs/ZDHYHk5qZCtCRK
-vUr9BCiIXNYUMnzms8IcuxDnzZHpOgZeoNc9OoVZb6vIBy/nCpIcZDbOV+8mnBw4
-TW5hsjk5cOqdd6i+kEX8qHrAYzyjjNmbQ9nnu9HY+d4z0YbbWyb3MSpgxJCMlXcq
-Tue0nhnWDomtlGpWxuysW160yohjLDl3u/IO4Wdof6/RUS7aTfD38nUwLOZrmXWP
-RVvIiGsFszCrzfokrXFTe47PkglZr0/NAG+aSD0KFJTEuL8EaApNp7HLDuaHkz41
-+pUOTzJYnevivW8E5adQScueqsiL0evOUK617PFTsNiN7/piWWdYuhOi+61ORcDB
-vXTNVt+uKOPAuVksAjA5tf35kqjvbN13XIo/t3gRv0PR/oCB6Z777GO2oSqcKZsa
-0LqNTS+UJJSk/vrkAuGKsAgaAF6oZqbMnuOcyGe+UzvmV0lMHL6GgJmO7QQh+sS6
-gChYV3fDf/ZNP3xXoX2ae0Uu0UFl6anfdqfkAFsy0yeIE9SYThX7uZcq8/C965wI
-j8GM6UDSXsMyCGk+I9CFJNv5XtkUOcfIHZLw94aY7urEkTGFG5q+Mu+QOcN/nmmZ
-0TgZuscU5Y91mBckTUneoskFUy62yiC79rrdXfq+akb154ZJU+RfdMwDSS6pG8Fu
-B8oN5mOwoDV6LaerO8PGPRe2KWv8u6XGxXO75xYMpHS3UCiSOY7om6L1tC0bbW8V
-wpZ1n8ufWrgZ8IlaLVM9LsXvEZQy2SQR+UjSfzdFd3HeqcfalvvKV/ZD0/wukg1N
-fqq18zyWd5OxaShBBXtjfvyW3HqemPSx9lebTKg+B25aYzq2x2GTOydpVkxgMmQC
-8g6KeRz7CtCoL/WmJhB0+u2rRCDZGJfyvyI3RTCMYQlGepAx1Jy1v8gaJ0BDwYLN
-bw8lgl8pre7lHmdEWdQNnQQhbVwdUftljac2FIPIi+Kf/veZKpnhmp/nTi4EVAev
-9W/M92Ky1in/eYBFjC3FtHeqKyipGgK7KdriLqoWWFwa7BmoNE5pFLk+verPugDA
-g9Agn+OLYUllI1Zfde4YVEaeNhc4epV0EqjxcxoaYLD6XZKK+nQ3vWGFSMw67ScR
-l+2vuonN1jU3CEgreMVH/sSSB5S5M+GRx6XO+YaHtg/Pcs9WOEUG3dFFr5e0DJig
-vsxmwNAEYM8xX6j63jNw5MZIzDC4m/6Mud2jQ0IfIq5vWcO5cvQyRRwebqBfz5Yn
-UHBiji8no9eyjdZ9ADf2iPHVfCbE+0nOvWoKwyyrIrIoRz5Um4qLhfBd9hJ/saQw
-9Bi9RziVA2LQ0WtsA8fEqeRqn9WZUwyv5wgBU0FMKD9HXPE//Af6alPNBQU5Z6xB
-xoXC40EMEF9K4weNktE8OBnkU2UUWxug8C6v0vTHWN6/YiTlZ3IlAoL+D23KMZFx
-GEZbVItcrYpElmbgKfpkEm0AzZ7ERgQ+TMzpcSEyfMAgNUs9xUmtROZIdZyc2KTb
-I2jnFV3Us6UH/N06vuaQAjdKCc0xwwGzmp8WoH7M7cmylZPzuq2EBc21aiiMHQuf
-gYVcDsaz2EgL4OaRWNK7/3mokmNMH1RGIhknpWQ2WXsSZne9k9/XNS3vLefw/guW
-m8U6o3WHsPE4IpOoC1YgsHLVg72rg7nhieSrY0Pqehsn9HobWQsnz7WbDJx6oxbg
-8/8a+m9M0zJkoeWf1Cxk8Tvfb7vRP73Ip82beKp1TC9olHVvbEfGDMrUnaJXsRwh
-4gmCgPZ1oesKDV5k9MefOZYL554gFoHXX8I9MILIBvDiu03E6+OCfiLq3nZle747
-yf+K/DwIYZqA/7M29rG8+wUiTRjU6qKmG3Ql8XdUFqwaC7cKsVDT1zsHn+kWhD5e
-XEYQ/xrJXLeagXEl+CUd8xFfwMlRm/iR0cZfI6virG9n7jVXxmOwyCA7BSRVruFA
-ANWZr+rg9E+Y/JnzNU2KtWBLOvnrXk43Q4nSBwiV+pugmnK5yzKCFI64a//0EvPe
-WkFBUZ9/guWBfGgW7htkoBrZg2SKKYdrKCHWt5wRAjB+rk0zEgJ1XkjB0++/3y3g
-gPYvmmQl6uYBKxHs2534LA2GCQH4xkGTu7E67KWEzP657BxLxAAMvBtnEa74eswF
-wxXuFZXgj3zEJEsx7yGhl287FoR+yKW1tzvg4cOwjevbncgyYHSR3l3fW/nZQB7d
-HbIbR4mfxJnoeL3Ju2fEikrtn5EjKjH2Y77yV1j6+S4Mp+4pDyqzywe1Efe8j/ui
-LcSXgb1bJa13Fr+BSosdFc357xM0o8e0t19FMb+3z/MC6b0aTHXoT7h49ArQf64V
-tL0IxgzA0CVBFvejwhpdVKA96X1z866gJLeaQC4YgakjEwbxanU0riH94v1CM83e
-5Tp2sV+IIfpaPB9AxqWK2uvCGND0OWvDjbHZvIDohE4yC3j2GJAWWcAzJL9ZvRNl
-ZH2Zfu8nZTMWchpXheAqjQguBchiZR3ejPPY4Holks95KhdBz3MOYLM1cQwLfhLo
-H9qJWZ6UqHiTKYy8xqmhxMFjkbGvXaq8Gv8gHYtWFtaWGqeOcQpUdKRG800WoNLD
-KNDGDHNlk0gJ9sOgnm4qoZgejK/BvKrRc/QMpvkdYuPH9W3RcHz/p1pF63ZQoabq
-3OmmD6of8mAF90ykip1hvFziZm/eYcng6MMvfO6HsNxZD78EySBXaZqkhsU9PMAF
-zvf9Z9O5qGc/aHxpfbxeIw/TWE3rtIuZkaLBVK5+5gcNSczVWu4VLCWlBwH82G0/
-6rtNDSJCRGtnMnhnD2eswlKVLlVD+l+Ee+qiP8MJ4IChLQMCPuefVknlDEQWRso0
-vwZxdhQ8BL4EeYmnheBDVVZ7thWAvu6V983MrzjP+Cor++WCGG3EpDdazwOHRmoH
-9VHD7z/lCuQw8m46ucBD/6Z39J8Ens2wN7Zp36F4/rkbFCwgkq98qIIPRxkFJj7q
-q69nHfWPKV0ZIQtXhDSLdE3TldMUOej+H9W2aFl+Cd7QqxjuY7SRYECm59a0XKDh
-8aJ5FzpYyzb0SqTAhoAYCUWiesLMTMqcMLVQ4zpHd6sQZMXNuAxOqZb0WK7owDrR
-pKOTO15ZonOAnLnAuk9wx0Xv8WWO7NlNDdnXXyyhnKm6jFLL8lNnNDOJZk+nSF3t
-FK80KIuhwQw6TAQntxz1WBRDlPDi/XuC4YsSB816rgblxdp1SMUqgELl7lfbvBRO
-oUHPEGRRjTvZ/rQ539eeAdMLImL+KEoUyKYFIBVqESgkHS8DZ/oPRWekJOyqzmed
-PjTOVJ7wHPppGz6V9kexloxmH4HFTK3Qlt3hsVzotl55xL0csppdJ5V8m3/DVTGQ
-7KA78ZSw9WT4mQQ4ddDmcXuMh2RPwz/Rp/gPfJL33izk/gbKdqTIHgNCwIkKpC9S
-jPXf8EY+c5mRl+RHdtnJRez8ND5/MAmsU04FcXFW6GBHly9ygkoZT+VYPM/SaODT
-faznEYhnbcd/mxQiL42++zuS41eTLQaXyUkQt8hRrgVN1VRpKCxIc/4uDULwN9bu
-yOznGddt5nUbWBflpUXRdUgZfyfrHr5va6JsWvjggipydG8h9fLtBONz4Vl2cRBx
-xl7D2cWvOiXUUQJvvAomOwelbOmd4IYIzyPwd/vYy0cw+BD6UwOlc40vAKb76Yri
-Fwdlo+R17sONtjFokZ6txZsZF8lpjwVfTCU25HHWCluOAedVhrSK/9fHilOc0fYG
-kF9REUaNNnb7MZqAdwq74UrBDfCJgnAIiKlHFiarzBFzommgJekB8S/OVozXR3Jh
-0Uy4/VIiNT12TIBsH0fqiCM8l8pBIoweF3B1fm6YrZmNUPwJnkQOk7ZJ270XvARm
-iGXYMQNIkhGN3IkHfsWBQ6eQ4/frShp0miAM3t9PUpLY13P0oMlN0kczTWzAte+P
-4mVFJHiGdh2GX2Ca481sJGKqtPyG6ahpMp8vXTWE3Kq5ElOLI3Y4Kh1pRdCuKiXg
-KkwbFB6WpTbDY92Lj9ib70WSFZRaYp5rORV3SzOfPIb/cgnJJgoXPHW3OaqxHrI1
-0NOzFySWb894juLghmfxiD6ieR/agyXfN6flwM/U/RbfzYS8vwdAL8PsJfDTh+RL
-gz5mGc8Pr/DROki/OKAUlGuVSrIresW1RyCpw/YHB9w4teFDGv0ldVmh5cU2q17p
-bRHxjEdmB4dA+NluvFGDVl5SNPEmYUWpozqNIvQNsVJQAEsDFzC58SRQP195l5CG
-LDECzYOhVQmTfzLBbUJwSwVZ/RXJgAXuAJrY6VncBUoW7A3UGCipfaB0twOPRmnX
-nk0iRycOyyStZ8givPEUioHaVgikxfPPibSXUoe0jtoZPmSA1GPdwr1IJIiN+Yy3
-Dgno/naR/2ZA45sksoBKdLZLLwdB9HQ0LP6j2pHOEkBrmMHzJYBlQqFjwH28Tg+1
-4WFkwvZFO67/k3OK5T4QcvolpJLNzBobm3awqrUAEk04xvBLhCwlw6f7euuu4c6r
-hDAW4xcnl2flZk3D7WGJhFHvw5IeVYVNY9kqIIV/IW5Ghf3Yzhzv5LOgUGsEJWsC
-6kR0XhgfUwcvhNfyqJn+44SEdRp7gYq6RsG9n4+3BD9NeJXvVF0dwefoE1/W2ygJ
-lTzLlsyBU1Gmd83TJ1SgPXWR0TVpP2A5e0KfHmGZuQkOENsQ/pOXbJW8OJqAn6Xz
-w/PRWtYias3jnbXZEn1ieLi7Dn5TifeBelnC6kbwY7YJSsp8eexeH9ReIMrbH6yL
-PcIPSP96NU4H7ENEcYv9DnE1/ifdWt+WRpj4lIFcHMkzhMFxZ7Hm9HarfZMbxqn6
-cDd7AGFKzGd08vt11+/EXNi3PFPajTcyCqr3IZSxyhiuDAvuZ8jQbd6MtL+XlNSp
-PcbYMzdQhS6uMr0QLsp+S586W2OVd2uU/jz+p5Zcm5xFFuRF3RUv4DKlC0JH2R9Z
-Yr3Su6+rBbjiBBurAe1e6+nE63V5YGbVJNWP4aLrCUhCPATf8mec+7u0cPQhulNN
-ktnTdWvFi1J4fGVp+TD+hrxv/p2Ffmy7KHiixPGVKb+MKXgt31j3mfXcyix8GOU4
-Y/yTv+C6ctyRCIep8IWg9Psbj5gW1gFCmv8HNcZifTsmmpy1QfAYUXUwsCzGLUeF
-jvzrpXeT5RI0Py1WyPBmDgJZhnRw7jnWwCq/Ue/Tkzpw16QS+6diomxTgCVf0yKv
-62/+wKCntPWmoDHl1bAjyrFJ6UJKmROprk4q9KpWqRvagX9mvJ49ohReI0g6x8eO
-GDV/EK6hZtT2YVbTP4EbjWi732QXU0aA+0PeWEU3VS4H7mdLQak2zSfcCbbbLUET
-9ir8UpmIOqr4UAZvpXBE3kZ/55BBiCbVzhTTDApcCVHo89zjDiwwJ71hQhRtg3lW
-WZByooCDEtIHiIofzj5fkWfIbxeu6vAgG0dT+OQlOAJfpFQq7cxgpZYhLeG7XXg7
-dwDJ5qe4JgjzqpTCKsZwSgmORLF+GX2Lacq6IKoNpZgZYb0HvHkEatrfI+4dIyd8
-XnE3vPW0hl5YHjbdUpgklDDiYOnJ1dEq7KKGwPa5sU6P6SGNfhbFT8vrLPjmWLOS
-9urZyB+JP4b2eeOZSCtEAAxmDAlYc3kwXtx+XMADFA2k3+4lbT1QPFc/LEB2YlT8
-T5KVeXm4BArE5iLm5HS1k6/qw1ZsIOt6iQHChKtOkYvnRSBBNzvD5BCDxomvEK8E
-0bucAnBs3RU6RpscVT1e1GDNV21DWcak/28x9hNABEiEwv0r5XFMGnoWGPFNwa0T
-2hgBcrxRWrnwerh78tQjR5jjIK9EWqqHaotnwComuQiJC6MRmaXNAUgmwouRqMOQ
-FLnPe6TLlnEAoB8mv661b7vfEkDKb2ZMWZP0MywDatx/BPp4AqXXvvYQir3Mnh33
-uIU+uBf4Ke3jZR/BcGgjM/Axon7FXe4u0YLxfKF7gpJs1vF8hCdb0nGcT535E50s
-uKbKM29qeuOnd8l4I/KpU384xD+hC8Sjqzsy5smIBh9Mow5lBxvIpc/EoLXNSt2y
-YE32E6dt9tdzMPG+pbiiFChHFyV0nGl/DIjwA6CKOOoAfwUps8TJbxhZTcyxG/l9
-zjlUjfnjHMXWtxWoUiM0/D5H8+M3WGFKtnwOlPCZJWpzJAcF4wpckg+p+HUAiuxR
-IWCwgEhRRo86OBLq/bYiF2yNDwJtw545C1KG770X1xY6tzhnSwzEKO2Z+8Xvyk+O
-GSBefKz9COK+2rHAr0XG/UxaJ7JCt9eOevCIULGOEIjQ1mleClQioOEX+vDlzHY3
-vXffEWR+nvlYO+C2UtcGiymtZEtn7lrcp3Y9u3ppKgl/F+PaDXcsIhrj3q7HKKsw
-L+co7/SLtJSAcvSb0ry+A42fXWimxWVSO9dCcCKWDal+Chz2fuBV1hEkga2OHMnI
-jx6RBegZcgIra/9BI4aT16mFGQxsXweE6VyRciFZHTHBe2SMu+M1qhk/KRcmv8DP
-+05VzwCqymOXk0hnVfQa1jrl4StgLbp/OKWVkbAZkvNODRp88CGDSI3Bx3xzoqCc
-EsruiKdVQ0VxaxdYWTa9pWNf3E+8Qs6Zwz6HCH2U7Yg+V52O9DhQI0ZHmdDPCiIm
-mkAP0HQoWdjWm9Osk3f3HG9V47qvWlJKUIfUUXAH6QIVeBS6WNWXhqUdUsC6O8tC
-+/yjlvEbwzpeuTDUhJ2v4JgpgZC7E+3Q0kBu72Eq6v8JnrUuko8IjuNAML3EQPnh
-jApJs/ns9CY8nEgwnFzRUea/xsedxGAiZ2w+/kWZBRicG+M2pEtUc014xEMcknaj
-c9FNrb/T/ENCcnekH0UmqS64IjI8O3zUHntglfYM8qahudr3vj/fxXjvd1wP7vjT
-HNbj3UjiB04T+YknEVKUN8fyC5I9MbrY29HVsNv102b1LG9Q6WkksdDBUha40jaW
-IL1kcEXwNwQiwQ0r4vEosr4YP9vqYf1lMpd72fNL8ydlF5NhvD0B6WgDX8Wo56e8
-/j88Vof6Vnx8Jxj/BQaoBRXYEvR8IffJ6A2QXP2d9ejiJ9u3IGOiGarMJWAZdfkS
-Rr5XJzsObQ/yboAs+wkYGKoT46F0k58CGq9UOON8JtvXjPRuC01ajKkuuElZUrMA
-OLNIhoWwI6RnQNsemJZ6Oa+tJkHtr5rH8OxBjEvCpV6lNPnEl8J4zky4rKxjXYkb
-vafEXT2WgbWI7aoFMh6idavni9w/KAE64J9A0Tk7CBiyoQWj1DRMfb7i+/gNlsX/
-EC54vwo7Hg1zfHosFvrRVDuHLvAGXZT4WgLAmGHXtQAWiF5eBcBwu4WZgEg1l7eM
-w7GCrNLPMChnya7KNDy1jXq5Kej3sMEcARk2SF5k4OqDxFAkNJUi47i0L7HPXXKN
-A7nShtYuOmhPYTfm05IKifVaSU/O7yBWpaXZElbk6v8xP/UvMfGnlZEUAkwQyYkk
-NScbIXE+AObr8y6foagKcaclGVeG7fD/Ac465Z2zbWIgsJ6FYWkP00FSXu7lsPse
-0z47RlC6XQMfrFr8HN/0dpdcfPzZWGd+DTqCfQmwmxoYjCXA7kAhpUmok7nPO7kb
-qKIrPKCCs7iQ1++3467EI9AlcP7WBKZ9eHFNl6FqTv4RIlOzw93B/3f8pfWswKg6
-sDrOtHjjY/phFR+Gj3uR4zr3syEoxm5dQUuzasR2ePl2U+dHPCfeKuvJNtir5Biz
-vXBs1ShJ+tX4jrIY0Amu5Xu6BXT/bKUsRsxlGbrZvMg1fjHr4xdy6fgdMq3Ue1nS
-zDCPcY4B+aeTkCtr/jyfemyeaevRjK1LY4bvu3UllF+3OG1sevvUkFRvGpMLkXzy
-7KuzZpWXi0RDZb8Y6/ToHUQ/cZMXvvnW3Se/JVk99UM0EJoKhJ9oN8KfAn4Oj/Y+
-8cKwxGparI/3Q/z5OmHCfwjE4kTOj3LHvPEnM45aLla1dCHH/q+MZfX+Gas9Qv6/
-6LYqWvkxqZCQW5Pe2eNt5bisEHWnnVrwm9JwLzVDPPb+mente33LS2Qt0nlqnsNH
-oYNBNjej3DdAZqVp4l5njnpeTk82UcyGEHIyG2HF+Z8mGa1vVhXrs1w2XpoqWdx4
-95Fkl92gYPug7TsvaF66S7SBtnx7i3xk4HS7aI9rH0x5JggBvJ7yLxuyQMNg+5J2
-3tDQEcJbuFpb6q1gW9vxqJeoWMMy2PB+TGNrKhQo0v2YQlWr5vr6ZJLHTH/0Ifkc
-l6+6GWRw+LYO6W6Nm7QjQqodT0S7Zl8ILt1aQTNLVleoj/mkoDc1ufhUu1eJK4wI
-o5JEvk6ncAvYWovQfwPMm9vYiXF8pCr3xa6v3HnslZUgL5VpuWhfIEvco/dm4VJG
-M1OrK9Qkf8MkeO2CczUt7TmxpAKYULIRU5faKPNx3hzrQsgU/VW45GSOmcK/ktMa
-p2C/AH/cXlZbcIzOuK0n3Lvx01GwoTVT856YBKfwFKVyICUreX7v/IhFmr/p2nzy
-CWQ4XYkCGGKkcS7rLaAy2OQ53l33JKCJwlOmktUCJav700nuwBKuvOYspil2JC7x
-ZhKiISt9NLjWUjnOQ9R1yITX8tP04VeF2k6EK3IAlbXm/vDHK3B0BTtjtVSPV6YQ
-LMJ0JdG8lPybIK8QQC43aoYv+QSYuoGv2Je/13JOwfEULQ17OIMcuZxQYRKwhlY1
-qTaj6d2pYmxWCgHwo7KN/9XJldRiRPAMOtKT/HGpCKmu7k4k+8WTEcLY4T7QoQ2N
-OW+VHiyW+rhMiZDxD2npoWe3aCHKhu3GQW6Zsjv8q0RtDFnVJlODCVYBohe5sY1Y
-O4NHCj9eFk0PP5Zu21dmdBLPNKG4AwOLMACPrs8o4k2HpCgs1SL0Ny6hc29lxNIL
-/TbyE7FaRGPZNuJGwLqeL7KbZbT9lSqZy1BkYNAYy4FjNZmdVQ/rNI6o2XwdbwJ5
-KJ3N82VWsAY7VSWhttMv0lAml9tQhmNv14cDPfEQjAXT8QCm+I7GIOW6Mb+NBOqI
-kfe580BY0CV4WOV355J8meMU9dN9Ac4YNUEHd6mTaJ5aw5Vn0G4gVXLSWeRnZxbA
-3jdgKKc4tlSbT9YNOwvG0+8yjQSLshI/t+s0wsdWKu2eAdSvFSMfPmtG63Fhw0Ph
-6PyRhnUznU1neepxA+RgBuuuifOsCw0JNgrTDZ1S4V+0vo6hcmySZ92wlc69Ouqo
-17BitLTUREC5z78UYnn4acrD7JmUbtsZ6RoN6ylNDWV6wayida5Xm3C7MhbV2B0w
-tkfTZ9miOSlGje9WJqNDU82Y4IJ0oZTDtFg2BUJoyh1XMp0j3G3N4IQ6xQl9WsG4
-yMpc2G5Lio0+Sfh0CvsJB2BNGlAd/wtxZMyZ0zko14xGraeIJcMWsMZ7suvCD8cv
-q5zcfTSKtsBhol57vfXjC6wr0gbcGfDYnmn975fXtvjbFi1r8vFB4cqoh/B+Rzim
-8vH3BhKy/lhQOgpJAXjfH95rhEs2hiyDrI2M3rBs2RYq0EQccnN7KqGMwR10hk89
-/QwtXm51BvMpfBDTIfWcATlw+d0GXDLuSwo7GIBS9dkdkX94pCeV5BzjpTQ0Ufa6
-Tl/tEoDR1VmIki33UYspvbvGcfXfmqq+YGzhcUIOVioqSJDCt/CcBiJ3u3Hw/qqE
-aLKxlCscPgRxmAP0yVcOcXhuGZ92sGeeLby7WkmGhGIGJiXA72bgcaxtO+2HMTme
-kqx17UVHc5N4PH2pf845PsmfYPqxM2ApH00GeX2/MAX4A71fFX3YzPJAwyyDPQ71
-QW8j9tQNzF/85cpYcuNREJ/KiVEn+vQ7gHFTbZCJPWmH3kZ5ryanw5cPanmJSHTC
-35Qlze560LL3CdnA/xNxEQnZWC/+k8dHB/qw12iNCDqmBlXPcmFfjbVfup2MLIJ8
-mc+Cbezus8IeclhRHSBcuI4ddawM5m1bkQTdDACB58u6+lhDXMCBTVf7KRW8vqg7
-x494S+tPwnvs04H7I0WnGd3fN4Iu+X8x1S4bIJ4LkDVmLuVJ9WYVcUy96HdT2gOX
-1Uj5PxzdhtvS8EKumf5eGPoiyBKUU7jQe3mIZofMuDUhd6UdNZ3+T7BdeSTmOYrc
-WU2o0c6PDlzx+XaaU0ask876KFp9loCrA0ViwQuk1MarSbcIDTAGZS9aNUjo3YzX
-o6NkxMyFioB8sZbwc2Lqnjixn3xLT6mx+qyFXq8j1WTJXOIspYXlLOJDfSdvQZCI
-4RUC80u7wdDYRqsxeGiNMo+EL+3mLvgjrlKdj1nLcpVBI7TS3FhArwIdc//JSA86
-R0uXjosEFWLWxXIKHUZE5WrQOy4OBWvcvHwSCtnHdSw5CB+pLpvliKKTcEFuC5Hc
-RWFcgLhpeu7qZD1nUngcNG59QBwCkaHhGHFC9lJP/JDT7Wv/0BERb2kaRJe6ls6g
-wTSSMZvE5ZIwIlDn6QLwJW3KcandEsrPKHcCndGer1xyVY0pYM9PNli/FtJWwayc
-yv03kmRzz/+SbCElbkqiDNF6TeHzEH1tDQIL+o0DCYPRK/O7DhrZXJi5eJaMbjkC
-ky5gm5teXX4Gm8LGN6LkFjFnRpJ7xe7awfoUuu7lQ2o+4eLFi5xGHySSC8cKbDrE
-SUH89U3XJA+lAMbLCyJCZA2h9sivL3hKD2IYfsVvi22idMGa3+idrEhC9QsWCmFI
-SjY3lfmLUYLRcXz1xtGyqmxRhcUYVvQgWv5q5tGmpTxLMMQLZ66NJji6ZjkslCWt
-ekrNiM4GNmM3cZO06eUFJ9uaRCeHndL3K7kQJ/h8mNHz0bmU+VTOgszoKzHfi5pi
-j/bdrT+ny6YviXmO5xIpoPNo6Afc9+C/nQfzjvjt+tUlZNiSR8wzKvX5yJ1Zxp+e
-qlpoCB76D51b48Fma5dpDVfUSc4YTxb4NT78PSStDjNaG545LeSH82rZ8CxuX4xF
-zQWa+rZC+RqKKr5PShnwdA5H/s67AAmAAtKEgcNofE98VMWvuE+1XHI4jvzO2iFP
-P+bEpY0Ms/cn7uCb554oaJ7rYCS96DhLQ+S7GKCO2bv+oEKR6KgoQOoz2pp017ND
-0dkRN1re+RU5A3G3qiCaaySlKiLKgzb98/mr2XqxwG1qpoTXIcCQOBSdA7QOINJt
-CwkhaIaqKhywJi7mDMquAPFrQY5tQoNBemMa4GWN4RvLIsAnrepDKJwE+3KeKP38
-Rd0S2J3xJ4UxxnqUl9PNvgTN2VG64gcHh2THg6ZoSUxnTmEDJzJFgn6Th8aji4gf
-HcQ5woG/aZqUHunyn4blRMJ7L6wa0AuNnKGS4K+T/wo4oavMFUiJz8KgXuI6FTtn
-zbgbB/ii1gavPfguNw70zh0A2q9/dBlT5gByCvif1NOXBMd2Uyx93QcoYcwNg0ML
-8Plo76gisPyZUwUkOIrB4uPzA8gFUE/FTtGWGETLqew5rZjSrudu1CjKPwvmLj/p
-HLZgJzlbqiLgb2/nWQHO+v+vKKfvdC2GM+BtNTwTENfH+DQUtXdmhD62d+DdToMt
-akC/cLxEB76zO390RI4UREI8BKKJCQf4UzAA3hEs9YU1CwzKZ5am0c7CxjASpNHb
-KHR9aKkPMVfReL+PF/6lKdw5UJbX8hAWOl5Du0QsnMvjpgSLYensdX3yxU0OuPaT
-Ix7DfvclTcEERKO/O1pcNMZvMLoVp6G/NuDfRIY2xwV2/wTY5lCRVQ757dlDnS7z
-+RX/6mC2cJCj1vQ3HGGmXxBD6OZFDBzu2kTIpJpbXiBAHFIX7rPktqOH36ljLvcJ
-lNa+nfpYeCqAxXlYBQ9BPMsiQiCrz5AY+nG5bQrD9XNLVAjW4kdzryS7B5zWUnYJ
-1ESoQUo34jycgvuaaGxDdA3LbaJiP7kDjjiVRTDL8T/Z05lLYjXvldB6Cfk13/9N
-e2074pMEIoEtAYydxi30J9Ozc7inGdxPkAUmW3YVnSbK5tIiSm0bRQeFTCH8XdfV
-SFCkSrPBSvUGawt6c22Mp5eiuy9fnwK7z3QACVfrFzwWIH8IouWxRISB4qh0RQjg
-ZAerpqPHa1RxLDwE05cnYt3U00AspjjztH3RP/Jt1TrlEfHG8CTdGHxltsScDaGa
-vbTrjJwTmICKdrYVuyzoBmQoM2AMJY6IcU7tY8isps3x3sXcUg/2JnNL1SNdKTWW
-kjntGhIt5F+Zc+4BjEAMex8QjRjdQaUasJu8gLqz0vJ88rn9qaLAcZ/NqzBJ1Jka
-Zx7KmQCPVUM3Nu+IVvtCgHjx+58jUs2bFnbe1cX7aabjitSdRZkjH1uPJyKrgRAq
-qpIhxwuYl1k6voxN2TWAJCozFCcZGVMKBxVLQaBM/RTJ2CQVQp9fTS6QWRsxnzHE
-vkX3MqjkaqR0a833dfHPCBuXlX2ZRSYsrZj6O9hKWrgyUDPlkzp9rzPvR7SL60SH
-uuPN1wwmbkllhMKFC0IcOWQcUEU2hwuS0ZUl95uxc+41UEoVlu1s45c1LLDVZma1
-uV8zSr8/+GqLQfsGLaiQ/QmRZ3EENWI1D1B3po11KcezRnrE1uJgrlXwDtTHtbeR
-xf7NWd8XgiKlWOPcz4TuljOx12WuTsq/frcYcpY6hm9yuIGzUq3xJI1h1mWvUEYJ
-NpWGCNiu4zGrW8pl6/Xeh7GwjzW/Ax5Qb9pmHP8oB5OHoKBdeBnIchAyAsg55CkS
-TNR4EL6EX1kTWvHlF3v6GRIDDG/KN4qXIM53gQCmVULbxiJCiiPoyCwzE3yPryaJ
-qcgjlXVcU767G+2kYl4nGr0Wh6X7akfm3sMuCfU7ma/y8TLr/v4zwqhRWP/GfTZc
-n3Gnc86694xe/+Uy6s2PYTXByqYG6cl2tEYJ8VbrRRAHVZqp1Pmhw2+c2egcEGwb
-S0WcDg0h9BtZKop/kwWDcBA4CPPqhKcM68zjY9m7DSSiCE6+maLK0eQscjk6timo
-PkGXvMG1Yiht2Huw9BG4AsedYyuRtYsEaCHkuuFIZKz3IPnGcrYWTd6yxzK1xsov
-g87Dy2ndOLyL8qLUxsLo1c8EGxa7xeRx+9Gu6WgtKgIid1ju5NTYE9CmzIhK2DQs
-pXF4/rNNM7MeqQnvIOfJGHEbVw+pro9X+Yj5+ADo3owIxqsIQ6uKDqW/CPXUIVZ9
-3UIpv/jj8xMvbcabXdUtgqqh5Vo07bh10fa3E+XLkbBm6cZuE8ythY5HpVX4BbZe
-wRCXkr+CdVjJunICfJt818KbiRZqirjI7c37QmgTIJN6OWgefnrhXkPPsX2nVSoU
-vK/GavZcd+cpLPARpR1AV1o5657d4jl0aTwiJP8Y2Zp6LOSaG2B+2jLUq92uTkkw
-TJJ0qQPJKH1l8exb1NtCI5PNYlMy927GMO7mQzqCqbf9YVmQ3ptGw92k8b+BLggO
-kHYjI8wwQ4PTDYIrsGAHTiXfRTsq1jIQABU2rfrLkORKe+h5HOoVn0I1habiVoW5
-8d32vku57m9wPb/8Mr/Hpq76KhEjx+n3ywaxoky33sjXzqNK/s2J4M0fv2fJqpwQ
-T6QOPOH0FYLlobq1LIuoVeOBbKUrwPdZJTCEOZ4BhD103221WCCARsTGHtcnlAbN
-sYRNarpFLvv/ZJOwJYPRKQWNqCEMavdTKKup6agkw41BTLIR4uUy4e6ao0Qkq5Lu
-HQyfJvwEtanxBIPi/8qJGAEViD3/+JMV1UjQtjZMiZyJ+O0WFzotXmovf8PwGa0o
-T1z2vMeyOLw3ZLg+5OLv07YKXtU8vpa+HEedEWCq1PNjyU+7vinawQyrkkfnj6ZM
-29fVFvh2qPQ74PD2Q10qw+OwPBkpZe82Iz6ej7uPOBCS/IPulXY8qEy5DJCXrXTu
-gVJZIrz0WEsBAEWQsT1az6j1B6sXSsH1sTf8RxqPz1UDdD5RNy4fAFoo+IXUEslF
-zn5jzYZ6IjUSykAEIhQ6Ys0CVXY/JtOCun03y9Dwi+V7A5/GwwB+FgmMYtn+JJgh
-FyUY4U/lBB2IkvtSOez6IR5HioWTA/SK/0l/VK6NslJQQgts4XiVBVarKXxrCxId
-AzJvP461wCiui440ZiGTdiCSGTd+PqrFi3WQKTIFRmN7kkXBPhzdglFOUEwuTYJq
-3xqD9hl4YtQ1DUygSLWYHckEkwRnSBN5/O7ONV0mpAqfZDvkcj2kq554PGocj3x2
-sv3uWeiy7WRo02Cjga3LkdaEQ9KNKrpyVFMHijPO22WXXA7WCJoJ/X49szduhd8H
-zntq45Guju7Q+g1vd7Coe2rT/fOLIap+xoLdPL+NbO5+hVDozsOi/6KHe/LW3P0F
-fy6IPdfqbtliLrTV0HJgQhIXeFpJ9/URVbBmAK+jVQDUW540sqVfwZI+nLT9awVv
-oyPW7hsas9vnexRz8quDXELps+A/o1gyf7i3ytorVQ8fV1yY4dZShr/d+kmRCvmg
-sUm1EhPUNEd+TpTA4Srq8YLDtL2l98/J+eLCVZz89EvBqip7okfgQRdLg7r3Iu5J
-L+TUmlFe4x+69hQWCD1CQVEqOlyzSGlnuLC90kURd7Zy8RI0sYICunETX/z1PhSQ
-Bt2LoM2lMq2n3KRmMxKI7kEbrXF2LK19LMg09KYzoEsSTw3feJVNjlhqAUAdQAal
-DwMuBa3uySnr1nvbOaatjFSqu6y5zBUt+xVg9S63DlL1C4/KRic4/2IXcPFayKSi
-KVPwGYlcheiH3aqUIYNFzgdfbCx8+H5mzV3YagiSDvVJSblXtznQ6dje76vRZaWB
-NY69mRMEdanznSUxJhrDQ+kLHxhQB379wtfJziOEu3uiQBxuUM2OObTbAvRqgsMA
-RvhIkSa+lpShIkqDoANhm1EpzbrxUERNC51j9Rojb1OowJFFEiitkAjmV+vX7f0T
-bIScyqEdgH1jZgEYw2Acjkaq44cSblIpubp4jTZJCNin7b2y2Bnb7WGSDsAbHN8z
-SdhMuG57s1DWeoiP5cQYb2Gfr34dMr4DOUZCw5FhAEFjhyI9vowHFfCNZPs3q4cU
-THJuGQOEcty49qbhuN7AG9ph5D0VuCIZWBlfsErubNHs20+h+y79uFsqHiFPMjEO
-2OGlJp+E5kNooWstB7dLHp/bqHZUo2qRWruUiUR4Cg2KqE/YLI4nBjrE7LC9Z33j
-b9REH10DDWIHnjcOKBLdTEFHQuuUllKPladxtH4tv20NHdkhjUbZOlkhs1lyOBtI
-mrbEVPhGSKEAB9n1tgotsYfF9O7PL0mQpY2O07GYQD2LxCYbmFyRc4e+PsQYJHqp
-hGOas8/U32ZJUitqO30f3FwOLrP/almgyZpxDG6ulvJW+QlcB0vStMjUv6MNuFf3
-7wFMOH7JkXXCUFzvj/W4dcVTHgHVsK5sgXXy8cN+UUQJa9HUFNvCRn7KcCq+WUgJ
-cAcyiomK+UtD/EqWMIrv7UfC5oAuzFmiwuex0OK4P4j6Yg3OfZuC+57qOFXxOw95
-kBQgX/PSZMYOdiPhw5XhbnkzDVqbHOtrQ+zdGemEwiiHTzEJ5QyuGY5XoiknE6WF
-4ZMWiBcGvXv0FDB5t6TpSLRSQAoMNeD4Ak2J0ioYxRXHiL4gG20vBt4E8ccLcoyX
-bg460Wtr7rB70WUbNvatMPerwOpiH+Dkw2jjyeHX1DYUahEcVJ3aYdI7m7HwLHrZ
-Q2ehknAhclvY+6RrV70GWcg7uy6sDjSHzEDg2NZrzXu1cF+uaexeiypP5m/zA5/L
-1UrZswiDu/HsSc4Vh/vi7eFuzbzkC6MMBt0rLPhmDllQ/JlLFjPo2hJevPH02r+/
-JPWylYnQIIfBhGSErzGaIf6wrR9FJIVGqbz5pUEaQ6L0AbCS3eCF4T3IcND+G57g
-Bo4JBKWH0vK0yiUidIgakghzYxaxbftZGzaF9wQkDkB+GNaYkYq7RBGdhkzdySg4
-pSdh/dCJ9gtPCJIRhGI4Qx76PaiNSV5C7CWAxPc9h9j5gZ+sPp/DOv0CsWIpaaly
-zyjPA7rNQgR0lXHp5WXFCyShcpByiCqWoRadRWvlZ92e18ORRC0BPlJQkJp/4fYu
-L2X5RLEkn99zSUaYsXolQ3XWxvqrav2j29WV+OakpXjladPHgofW4F6HiKD3yywg
-1XtsfvSQ62TbHi6bm52h7BTmRaZHufiPUImg496uMfcY4n3dFKv+4GuY4x5dX8K2
-JTl+5+1eR9yTsItFeGJyATqUKm8j46PY81V2LBKMqVNk5B3+3vdoPQYfrx1b4J4G
-J1nrqc6+RgL9osieP9eczXssE8gy5oDAW60ag7JRg1PipRPTNKVK+SPbXJlceQ+U
-SmzgOKFSvBCeME4P9AAaGsY7/VIVVEziD/VE7c6yZSufe5tv5oBAKpwd9s/716FM
-7HNPznBVcvFVlTWI4OcYukLu1/JkqG/rMzliVRKOqu6CwialjKej+UOTmNge0eAs
-loWDg9rFbn1f9KagOnDS4tIFM2XRLxXEoQUpsdcIcdujoMHXJtfKM05QLOuKRMfJ
-S8dfp4s3cJwymfPgLhH1gdIm18Lk/kcAoMUrSSL2e7q+3SO/rzOcbirZB8DfNswG
-YZdTr0+rz92E0xYPJMNssW2+dOMQIjra4In2Vg7jYo0ErRhymrUKXs4YuAYR8cDs
-xE+XJsdOmBPK/hrdGtcw5AQrqAS+68sQtutK8z52S+1yvGqtTZNP2opnv+zv1D1u
-rRU+7MDfpjAZMCSWOkvI1D48E4EE1WkQavaMnSArasyUYWa144cba7n6EuFc5Ofu
-5ggpLrOwWDeQV0cLJgWcjQ1RlwFP7ax4oS99LssSf48Bm8DsxsRdrjlfxsa4A4n3
-QwwHtq+RS8KmtqY1/RrUiUCqVzwLpR7YhAsc3VMiNJFwz/aA4EJsfqkN3BJBWqU7
-qKKdPjG9OOiDbr//rveMnkRyOaVwQvTCPpvhV9nsw/8zbXF5hKC3oKADN346bpfn
-IeDW1vvAdwnHF7zIAMFjj1LiHHChOgUYLgb6jjhzZVqbCeRkiNljJZZbuYJc+283
-QxBB1ZMvgi3/ZrihHdxAk0YGOicdSPcksjaBycEsL2d7hiA0i/4UaZAdYA6PJx2L
-mrRiFnNcPzWTICrV93H35jEVZJGR6+X68/OYq8FJ+zeEXHR+LE1qcgk15rGdouAV
-6bSt9fPOpq219AZgM2hvUT1e0Z5FpLjbIQ4i53brzE69p9iq9aNOYt8fnw/y2QyP
-0VSRbL/t+ebV6BFlRxQ/I9w9aw/pKCNoYwi5urYkzfDFf7e9qDGzvlKH6BJydkNV
-rhWkwZ3UGuXSm9T9mpPNVjv98TKT2zHIWJLmjhxSQsm1Gk9nGmCq6+7YUed3zp1h
-bCOwjUdslPdjpVEAy7k3WD2u9Y9Z0Cw+ySmXDc7mbPA8BFUSGcPl06Ddcom5WBDs
-12NZZK0TxiIOStGRFtZLhgtrzoRLEbQoiz1UBVuntKZzVJza87O0GmSiUH7v4QWJ
-xgjyfWMQwkKwC23GpzqHfT+/8meUNvnF5aTylhz4zSTj0cmuQ8kkyrsd3jFDShUQ
-f6FvD5sLD8yQyqrQPNMWnjV8t2wAyZq3DlxhfJuSiiy11bbnlPF8rIxlFVKkY8+c
-aXp01Sp7PrRMlD01oDJnoegvac9ah4uh5EDZ+1G23e5r29VhCkMPxZ/0Ql0o8nRU
-3CAFyF+vWUDqA01nDxN2cqXXEguRadzFF2XscBAH4z0lPXilSfnNTR8xp2W0IK7/
-9RCyk6us3Ojc+JaEaauQfqLeDEjHOpldGs5LjHP5ne51agWJnECHx7/YUIcndFUC
-wPFZLzOEYAWtTA16tvd1SScs+A6La5XrIYRAp2Kh7P4lYegS3enQ5058RT7w6rpt
-V6JKPdxgBDkmrcihPrSkQdBrb3LHI40m9u0C0CeOfga/36YLjxy2bUoiRftG5gVm
-J/b4mfn+MoRo+jYs283rmM3OQ/eU4C9S9zpPJQgYJ369IyGpAdEpViIHP3Rzy/9Z
-lZ32OhRgM6W9xjn8xeF1IANIC8VXD4GdovcS4clw1NPW55WOHptXKthlK0LQwuGk
-EU85SoNPvB6xWzE4+50s8lbgSfZgjApNJdENxcdTIOHdbEFp0tYsGBYAE7pa1lk/
-SH7ad+i1MpGL9vdAZK4ZxzjTx+t4X/4/wca0cYH269WwmjUIISEthbsVVgWySxRt
-jM+h6ObK7g6sng2/5OZiZf3m3QyX46x4mv7OknmV6CoODP48PQDJtMajEhYwJO8O
-VQ/pWHDxw54TfKrMTm0ndY4R/I0mMLuPFEh/IfI20GhEiEGMScgGSQaLIJ6nk8E6
-GeuJq9SpwHTovzBNnlha02T9c6iRC6nKXpzredbWCgvWdBJsrSPB9r9Fa5snWWH8
-nYom1X9EA4y80FPbxYCjnL2BbEen9RmRZZ6UIlg5AKinA6TJ9P/cJj0+Cd8EQl1P
-84QKwvz+8+VsKYC58d4xKOXu9Ut3/X/F1bsKGQD3XS12vDv+87qM9mTHrPuswkGv
-DoC28NlFzdBZRUW8SlaKwgcsoSGAdSgRlCD5R767NMJvcrd+JWt9FmR+to5Aw14R
-6QkDndTXSizF49toW/jAK/JUKaGHyPGmXRXhWchBEbOU3Ta5zu856/eXEIbXxgvG
-GRmYSSPGYbNPPDgsE9ccPbzt9yfFQNS6Y1jLJV7TnfUfzPz/gpowSz1tp3N4TK1/
-D83NZ3B76gC5Y9gUFjaHGYAAqVBqCkbsvXTzDgBiSrJ3CmOlCCHpouCw6+MVolHt
-Ai0O5weGA7hB8n5QPXj2aEYFlVz64wwHQRtauliDS5+LXCh3QoNO0LTPI1r9bR44
-ojzRvXtzMmaBzOK7+3Jie60FHBRO/G+8fJZrHNs0TO8EU91jH9Dm8crXeg0N+x10
-f6L3DbHtQc0a+FgbsWoSTeWSna10O2mON2pb5K5fDtaRhHV+sftGrSWOvuCdaEx3
-/wbPi5MWLpPUskj5W/4fcUT2oGSGBQCx9k7ABGsJJMepYjkCr/W2x/17tFkeW7wJ
-enST7m95FpkUZvMQuK+BIlWhA5Jfsk2fp+UyqOpQJOHuvWONv+/StIR7ZgZFj5Lj
-HC5vcEgTSxLHaRR3PrPOpuSSuB43XzSo2jmd5+EH1BtRLe2JqDSggXtbsQS2LLO2
-ipWUFyIO2+jX7nPZ87WMDbKBl0lFoaReqePpD10PjXvGpNW96Ldh29d2Vn19rfnh
-G+Us1VdNElmmZ1gYpZMDgnbVvV4X/uxjA3sn2BqBajm4cJ/D4yIaTxCL8ivQQPQP
-HFWzKE0ihDYcGiI4qZO4x0vNSE8flg73WYRpnVn2kH9yLgTHgkFhAfVa8Kd5A3Yy
-kKvjsxxxqC+qnL/fqtqfeqzPAhik0F7aBDyAHM4A4WvPEXuDlOddIdHuUbPCeb6G
-GuviZtH7umUwCASN/c6DDjXzqGc7SM6U0nULXYE+I5yWWLvk14ORr1J64pzwbWVc
-72TdayaIjKyF0gpc4nFByuu/ocnprGGconHrkF5ARFiGInfiT5eoxZj0UV8Khwcn
-dHM36SPRVJeanwigo37xduqkSPJVJ36l5AJRG4tLJm8RDIDV99U4BiOh4VyrI9cM
-ouE7BsfROnHW9/xuWdFK16fDA11p+aa4QMTZoKj3LqbwFUQ9R1u7d2FpXjoHm3UM
-NhW9wJbxTWlvQxEzxA6uMtjnpK3CsUDua/0JJt9am6SbqetZBYTv+1bWgRZsHokZ
-AvyKE8iwwFHhZVG3XhzhuWbpn9UGof2ZBTdQTvlY1zkyiEYMSaZnuap4ugUUEGES
-12+L9vZ//mjTelcsjQj5/r/Qkrx9AgKJzHq0zOnTq5u6bjTrkqGGhAMrpxrWqZ8u
-bHcE1XS2TrA+yd+jvP/s0zOXwHbWvpUx/xyAx/2JG8PfKizcZTlB1ELSbMRDEwNt
-iEI2rpmaW1ES7JHCLopNOhOyRqA52MaqyjsO24M+aM8GfwwO6R1xBzok7ml+gf3O
-72ZHzkYdLda0+OSIxNzzstbWlkB8IFzuxdVjY37R6PeWS8D04K7dPpsL5SIogw98
-h7GQ9wmjgpB9KZemnooN8K5SmpojP6vvtF6p5WFzP+6s49yqQdw+uJhUKcJI/KGl
-9eCAQe+hVCF3y3zrBE6b9k9cJ5diReaMtMwiYJ0oiKYkCpyVtiOeY8JxQwkKtBn3
-6QLpZNwu2Nc4s2Fkt7VIgYm5RgPgjmTvVxqX1p9n3zlwVl6UfHlupScS1NuJPPwT
-t599mmEGv4QdZpCXvdOH4gcyjYhMhxQnBE6fXTwqnrkwx90ZF+PWBsoeX5ByQDvR
-5ofLDCbujiDtwrZB4iX0BeSdvxA8BUNmIsHaVaCheJdmINFv9XjT6pqpCt7yQV2i
-k3QvdjGaKwqOlljNvrBKzSJlM9ZY58/c8I1cT7vEUFNHtcXcEpEMVIYSxn0fEcej
-O9LyXaKT/wFIr1ATlpZWD/EkvvOAJ0cL6AOX0BpJchY+25j7scWdDL5HoGfEIe9E
-cflhtapuLQqnr0mSkMwX/Go4FnM6QT7U3DHvIZqvvJgD1pTGhgpfihWkcu+x5TBR
-wUn7MudrImwMRX9N5th/q8gw0BHyR0BNbFuMiJu1eZ+7MxnuX8q3DizHIDC0hRle
-pBA7yr/dzLWYETDspNXqRLPB+T8/4KNmFJFAGae8lvl7I6AR3/oYcTrXQchtgVNZ
-9BZe4xXCIXg2GrDrfSpv99k55Pf7adyZwrByiXsE9I1yYVNstt+r9hzaPp9wELhl
-6ocJFl66N+Pjfkp6aREFI8Q0/HnITCjEtAIZ89NKYOsqv0gnwT2U5nxFrPj80r4l
-PsWvn7iw34NHgvoHt1hBppbX08d8T+rkHvL9cpH03IngMXHr/IAphA0i2ISil3nZ
-SsUaDNxbW6E+XgOtTCMQICMGDDYOiEcdaLEkrfUSJWa3W09Q0DQrRXY/GvMWZziQ
-mZAl9Rjiuh2dCOvGPRSF9kw1i71a5YzieT1TNCk0CFbFjoudIGhvijVudCiVinCg
-j8nEUMdB2o34PxxqejAnrJTQPNZor126JU+AXhnzo0N58h07Ep91gWmLpuBw7L2c
-TxVFdYwwkOEacfhLEHr0v6der1zsKD0LSY4PrtZTuK8KFojxHvDT4Q20Ff3c9OJd
-ZPhmqB2LfJ3ZUKGn1hdfOn0r8fw4bmxfANMn3NkYZhzwPtvQLWA62U8Zp/CIPR4g
-JOV/qdLmg9DLVd9HChwlEZuZQZsnQrzzdyRKDqS0IN3ZaJsN+vlgSIzUxJxtHHD0
-+vH+0BtBCE2RbJZdqQf7m1ae3YomADbQgdZbkPN3tLn5VC6yKnKAVBH0jxOK995x
-UrriOjWsOaKOWTdbYTH+8TIBhjCfv/cwS1VG5GZYDz/jbROvcSmj6L9brblC9WhO
-GPJ+Yq7cQ1RlvZ8xUUsUMWzZ6ZxY2rC07Bqr1CXPGpwy9X05JYFLtnHRPzsQrDlZ
-IpMpp3sbzKJ7fyYoJGxn+J3aMIZBn/3F4G4oQBvGeFOx84Z3QZGfhxJPD4D+fU2T
-qp47qrtFhXk8y26fyWIefAxGuOPhWmYkN0QeusefmdOlGjHZQd1WTTfdHNtiuqrQ
-W5H4LmC23npGX40UXXcIYNFVtwoW01W/sXdO5icz44wnC3NRH7p0Ajw/B3oa17Wo
-Mf3n9OtopbvbSYUHzZluPCV50Jc8mbygmwL3nHoKJKBsjk36cWP2e6XdTDRfNdcY
-oMJ1hi+qNE0EIOfEDwHN1jH35dOIZoRKNUuG6LsleEeNadt7ok0lYHbmKfKVeRSa
-UvOxtuYjLociHHPKFkhflSmQggeuD5vM36G+8mDxwPZXsEP/L7cKmNsV/2kl9Wuk
-muoMw2FXdn4uN+0EEHeg2JWnnAUYx6wepCp/dEhPOqqkn8HUlv7//sRKiKWC+nlh
-kRsPZEaT6X9njOpT4tdbOjPE+p8DkEY47Hd6UOmo0J30qgxbRY6NWNGnLk4BXaTM
-o/h4z+I3l4BVo2DHdjXsfm+eQ8b2+T3lreKltp8qM6id1KZm8+6Z9A3fB3SIdQQP
-C2jhX94u4zcjJb1Dw7KKuv7v2occTcDeScmR7G4RzL46ApFPMcJsv2+DGA9ZAbyg
-745eotRFSWkw96I+BhybLNvvm8vEY0OHYr32n4PflI8sPuZ2X+HYO+FOXflq/TOv
-/99ObrcNz/TQqJxBSGLWTokior9cotAuqYGAxKE25d6CnXpKGYMbe9KNo3FGgd52
-eB6MEI2d5yIMlRMbHlDx62EsBfRVPJ0DQxzAUAPhpMMYg9v/y85orKTEXgKf6taB
-7/HW/0mHEZlf846FaPssiNT+Ieyj9Q==
-=lxmO
------END PGP MESSAGE-----
diff --git a/privdata/elephant.kitenet.net.gpg b/privdata/elephant.kitenet.net.gpg
deleted file mode 100644
index 41eda0d5..00000000
--- a/privdata/elephant.kitenet.net.gpg
+++ /dev/null
@@ -1,111 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1
-
-hQIMA7ODiaEXBlRZAQ//U+YSlZGX49KSlN1SvwZQCCWAVeV9QLMY0LpnwswFMAbV
-dFHObubjlUrASkquWJXawStP/I6S3I38GWI+xFkJaMJkZsTLu9dWZnftRR35p77M
-K2r2EZPocaJONMddVVZlmXaFYy+Um9nma97F2qMmMpRIAYl/pNUVm7Q93uUSROoB
-BGTg17Uc89NHkZwbqiOqOHz8/hDjj5bSjvQQ/lj33W7hMtU1cQzZxpxvIDHGb1pG
-t52UQNnS4BZaE9/tJHndE/DhhfeKanhsbsVgfxdK97P+WVq/B3PNiDBy7rKKxTD4
-TkTnzKGAUU08e9TrKw0XzJG+tv6CY1sGk3lOspO/CL3D2tJNRqcMg33VV9VFe40M
-MS8Ba6DEZNrl9qEDrSrdmBYdNXQnmZfSCTukFrDxF4vbZOduzhPJKd9KY55uSc1l
-v72+79ltelU6ykKLGkYVIHkT/aBn+DJSze1V7+JefVGvrssVLfXIHNXVeseQ/Lhr
-wH/ftdq2hvF0yAr9UOnM9X667zAxgiqVOrqztZwRQCEYRrE6+jsuRAjtlfhZW8ZX
-fv4sqFbPzCOAMXmBbrQZlubmZHyZ+3EqzR9y8bsn5E7OzbNTtP0u9yxOgkpmFR+6
-VicZ/8dNZQFUGIdAhXbnm62GNh6n414chfsBbkhX9KYRoFbBkru4CgFkoYDsNkbS
-7AEIGYV4ZjHfRzRBQWKqkQBLvep3se0KV+ZpTGdjK5xr5o0xn3PGoqp5M3vBNEtm
-gCEn0lk/SM5Gty7qGnhpgavcn0e5+8HabsfZoB1uOLVRdAZpnKjFFO1vVrPJrkYM
-PaWIjIhnqjmD9oCKXBD7TSgD8jn9qL7DFnsqiFboyY+2vIE/wM8hQ8L0UUpWdhM2
-HhASFYfnmoddvEZ6oXFmkfJLHPyNPMKnjEdTZqiBbgIuCMAXTzoIllcB/EtXaL0t
-N0p1b5GxDB5zjtFWjFmaeschLbnGGysJQroNO6Bx16nIRhjLbzeYTXBlEJGVxM6c
-WlO1yAGwEuThhqKo+Y22sfcCyE9oQD1W+rGXtHCSjgGcaBlqlIsV+z/ob0qiu5jE
-X6HDTwFPXOTILtj7+dhX+stUu/IiN2EPl9ScsBEKDhAKV6FineyGVcu/HgzvPuIz
-FDPifqi3qq5smEqqNZNO6pnsPpJMgGL//XEoDkLJ3n+H86BVG8dbiq4CfRzoHjWN
-Mbl2T/1yqqHMSFjUMIX59w1P68e0XUch8ZibSpKuPqugbfKyXK2O/11uM2ye1S5K
-4P+mHGAdRh1L5LwhWai9exKEnQsi+u9GnEwH5oqwwdkD9KDMjHWvqWRhhAVL/GGi
-diCW5RTkDor/UAE3TTLU7uR66Hj92Mfs6Dot4onr0XE71STKPAeg4i26kEa5CZse
-eFv6fXyHCya85SQT+IOHSeZXyTuEb8OaVWPaK7u8JdBl3yrOfIT9yrD457vDrBaR
-vIdpIVsNHDsnxFsJLHqJTu98evx/idxgSTyxFT5ZJXrK+yhrbYIviEepISWYXQyL
-wK2mApjihJz3pK5W7eT5fe/CtKcwcNuP4pHZdFs9Fz92bxDa+OeZGhkdUNVK4BWE
-W45izh/QGklxdcqE6XmCy7C0DnfxMVD7jmlsYOwo9Q5l/3uT190sWy2ZMOkUIKQD
-QX36yZVKB8WEzusTv1OB6MqOi+25QnYIPyfe0Bwp+z8bV0TQZxPkNiikBxa2fwUt
-dFk8ghHSmEVEwHQbUxDJtdmDRE2RgEGGLUtEz9Dw54stlvOiAguQtGAfMBdyLGC2
-kkbsKHf3RlYepZVk6Byg3tC9V+YVGVFNkayMUWVwEWcBHd23b2x38YJh9UyC0u7b
-P4bbVuqfDaEfIa9Fwa4yExdrjkXbB6QCyXhN2OgM4b8KwCQAOgIN85R0EQdEJ1wi
-49z7B27qKXM7R0ZF/3mSHbAKLR452ZBupAskJmSvHrl11vJoRr+ppfxqrTYZYzzL
-x72+/sEthkQr28E6LsQvbR6TmTduFbF1QQcQzyWRL8YIXthUm0GpXCQ1NIrrz7gt
-XCkyC659espQpz+kgRgDyj6OW4+3F1Js99Z2XEM+qXNax7W4uiXI7GAhD9UHflLB
-90GqRuxrTDe2nJIj2lYbYnQqKTWpI5nusiOOq8s834zdj0xDZxAuhD7Aj9itH1MU
-BqICcvnKJGc/ZK6tosPaNVmA2437ktCoGA+HaBj2zMX4DT9zQDDw9VHjkyooURNp
-9J4k9RGoJ6vdVCJ2m5g6XLb708hQ7vYwnnauK3m/8x6N4VIh8jFdA03NWeafd3x3
-2mSyxqd/Df5GpV/cRI/bRWjiCxZdIt3zqpmwPh586/emgHz7eXplJopPC0mDvRcd
-Vtv1yqUNSnU9LoxQ4qWyi8caa6BjdaT7HTK31fwUPpqswyNWrdXUNTbq3ezlR3pP
-nd8YZFAbugG0vKpUIujiQHugK01kZykE2HK12/ZPwdl8fDv5zRD2BC4Dpcxwkw2E
-5hm0Letw5RJMrjpGrpgigwmlia9rJFRqaebXH+uC6X9XSLjfTHRWFcfs467fhzw9
-xvQA+7PjtOiTnKm45XPgqIXr+OZzU+GaM4nWCvLU9Dm8KAk3xWsdHgtcHWDi8Re3
-7MhMM/YmTtIYrOdMcPK6MBsYwjfoM7tdFvaUHtK003zfkhB/LxjH5hIoV3IJOP1m
-CzewU0ykXeXOojLNJZa6ezoZqcgBLz4DXMyIZ3/rGVmQmTSoIarUe7zldtCVilGq
-pc6OOimRKZPFBPCdE2KoCE1PU1NNraPDwyWmv651PeEew09EWv6bvRXAOeAAxNBg
-caH2tje55oNGOxhMDdjFSf9BOjgcH5QvJKm8OEepUEDngLL2HrU2LY5FAjNMdeCl
-L/JiEjgEwTlIs3mqacOuxpmCxxRBb8TIuSe7BTC0EHZIOFD46zwxnNafBCnh5byL
-uyncqCfBH5nhmGVRwwDtoCozIsE+CY3lGb5k70jXIEQiwmM1JQbHxyZTZG1rRR62
-gOOayrxhA1s1FGcej9RjSr6j6+HIS7CH4SX655e1PLxcXYzl+FUBss3SH0QK81Uj
-s6nR312UwJHOfXW0NAfUcHjqbQh1JmiPQhF31IgmnoeZk500Qb6mjHisklRicp0w
-1RJMxds51EuTtgP2yuHUTEF1RUjRl+Yt31S+pdo2+MNngZGltzTNX76bgt3LzU9q
-QSjPp7Fe3qNIWrA3gusZnimS8AiRR9+ncQZEEV4QLlL22P5mbfCBIj7kosysZ6Vx
-X/dc2zOHVNeE3JrQ4g5iNP767IIRi9G2VuWLnDfXdyToJBSjr02Yd9I8kNWEQXkX
-cad5+/6RbmvErsNomd5dD3UUyOFu0iCADYAp7EXUVbmxEQ+9ZWgyxCKg0GbU3AAv
-eO3nanaZd94EloGecSOHSTbtR5KVa7Q04sL1D/eZUZGxKjZgvIMLCc+t6LbdSpnM
-C+lDDi21G5f3Rkeoo1egJBb8MblDc5V247/qTSO9OzHju0XjTkuO4bmhxS/WwEQC
-bhx9pYVNJnAOAI6DdGfckTxsaOtRf/IFOLInYLDfoMA6jMy8YNzeEe8xW2B7yys4
-8Ok4QrrHU2RxYmSVsauBVlc/MSSLSUg1U6719uQErKy/d7FGtCvAil2WhzHT8rFK
-XG5WBJzJI80BoNynvn2m6iEKoRoygd8n0+9bd4lEDp3aQlGXBvKA1/E+BzHzWCN9
-DXL83CYOsUQ+7rM2p9SzTUW7n6WIBcj76+DyHOXuhTPHGJo5iArixoROs4Sh/ExB
-qXdqAtfpBXqsBD6QLk15TUUPEl2hBMmU5bGCTXZP1DVQmEV92ointZ9gscCdrGm2
-78zCVhe8USpn7S0bZz/QPY76DF8UvZ0vsfSzt142d3NdbAl4VpBRxPWrTexgGNpS
-VZ3NZkLdy19Xy4fta4vdPkybkFl2dC8C5E7xk3zGpS2Gn4LrDOQjIBE4nFRzbj5+
-aPVocuiRiZXCsVsM6+PsRYl+kmp1D1jeh0RqNmeZsKf3l5LReUtqLwBQ2Pue61wp
-ZmnmZMkDruHIzCO+CB+JQ9cqI4GyLW/AnRirAk3QX9nSqz6NBczpJ4lagvcQ0JnX
-/dSlbUHtUn9Gi+aRtIxPsBxxRGT6Nk7chQ4T64lvLq2oqxVeZi685Ts1YicewUc1
-DIxNmgUDOn578ktSYMrq4D1NKbR8GPNqKlntjpJWIrSrfqD9jWcJfZH18EvznisL
-KEPg8qA60bEcwnNrB1OJCOB6YWA7Z1ZjVBhTjfwIZlbSSxTuATsA9KCVl2FkltKZ
-s9CdCiaOvVIltQpTGogeTUSuyBsA7v+ioPQCBN7bYBW5YcS6vQ/R4Nu49d+BAovJ
-nr4vhxQc+ZYIMYDspn7VEDYtw+qxz+iNkU2A441G7vA73WDsaKQNfKXdHAonLQHX
-MR4Jc5MwHqRaNcxqEbj0ux7nKyyPCF0HwiIfXx403z1nVAeWVeCnA6LE5cF3Rky+
-0bew+nu+RVuEkO97zd8TWQuG1JSCwDeIei5Y7bSK/7+SBR+GgWrCI+TINQ+YEEUw
-doARDN/OadfihKW1YeoTfFZMKduWhDiSAHkplM75kmPKFKO/h/lvLyU2OojgVUHY
-4xIAJxolblUpUWsCdXqGOuf00DOlnOBPTkNQCIpX7rdlbxFKIkePOyw2LyMR+jFY
-y3SvB3l5XxzbAnqH3CsN94pgz+8NxDvbp90aHWN31eki6LOaMuaVobh66K255xqV
-Mslf9z7APH9D1HLdOnLfhyzPpUntoRECzU3+DBjK3Uk6n/0umlfZ8DYZIdWhzMYh
-Tlg245j+386p/p/YokZ+ffUoHVZFUzvQUc5YbRhO6tjUmhAPm7xTXfdfLnkz8/4p
-cXP2wpfOun4Q85vzd32ODYfQF4cCVonz8abBymJ3F2+f6+tW7EpWbCd7YQ9OPzY5
-26KguRp04/ZGrxDYJ4V50/OZrjvqG8XzFB2nQaQH74VVekNSQm51UetTyy3Oo5HA
-WNLpCx9RnmphJMdrLilKRfyqbjchd3ZrbmzfFjJtvJjWds+xaMQF883vRUvE9cQq
-kUz6B0RiVHT9LOyNPdmNlTFd2v+uTbgbIjlnYVkneR4AFdjsE3PidTAGHaNaKUQY
-chqxe8hgV4+iS/V0JaQGoDSWuRyUIsQctU3V4FT+N+aI8cZl57gh0ZFkzXr5F3kD
-NwT6liESyMl0H42M0XS1sNZEFQ9ZgipkHyZhEkS+xeJ9aay6HnU2uIW6QelFAjDT
-v8OPqQjoFYKdVjyNG+dgYoVgTckYUzttPKub0RqpbsL7Ya22xCJ7nG2BMr2WnpNY
-cHF1Mzl9E7xkrvyL6QI5DLX3BBFz1svVbooLkfgIJWB/JuUsY9zoUoZHBL+hu+x3
-YWauARH4seNyOlw5dipUtLf08LP3410Volc1e0TNM8d6eYJ2pVlMaf2tl2VEDaRG
-MdSxIerJY6FLhCRFY03xNG/FEGeaeuFAyWoWI1hfOij9tdpkfDnb460Rx/K2EfWk
-/kFfp2f8KLD13dipWFSN51X4NCWTMRvmOdyxCWZHWJGglIw4cuxj7B49S6HxiOWt
-BcBD47+bWrm+rTxQub0l9PBq15rzQZtoSptOPVnfRvyu/V9yubwlmuDiBWQ4/WUZ
-TeGN5iT1ax9Dydlkk9FX88SvGPNhU4EZRkfpDzMxLDUn0TpVxQ5hegrNUp72sN+P
-3quhqQDMH/qQTSGNB1MlG/LUzXEQ5TKCkqQSCSPiA1bxEUEOZPtiCcZBYeIGp2MQ
-rvkM0ELIgXaHJEvEOcMig4h6gRovh2Z2LvhP2JNrqRWcGhj+cA7s7s2BXczWiSHi
-msnzOA8eYlDQbPJ87ZMEJEHa1CVQ4TMg+8OyYCOV2zft5OFtO8AcePjtCkHiMlkl
-gYqGs8k7OwzQRcZjH7O/X8vChmBCNRhCQ22YDaGMm+buY6rT0MH1SIyCnJFp/O5J
-VbmO/Li5WD1HeyU9xCMIJ2nNQK+FvMf8X5n3qbOKLNv1vPOyvvYPLvj1xvmghl50
-N9EP55y/GK/eRGiStyBlJFam4X3trvwR8Oo/b9IOLjhliCeWeb6j0nn3Pi3F8G1e
-W71ZAX9IKNqyoTKYjBCYU0HNnqt+MkpZDatSz2nlOrADrvXyCRQ6SLmEzcRY2Ga/
-tm+O6oQZblZrFITKCZhWn4/A+hGW523wAw347wNEX/aupS4aEsoxBkuwZP1cVCXH
-q0LWKLl1s31AJRfVZIrPKCzYbNfS6QkNMfy+tuZYqUk9QHzAa5jAWUSDE+taTSOj
-oIRlBj51UuCWBYEbBTKqyg/ARznx/6zUUaA3a0ZAv9lW5+SuWB77+q/NKX/eOA0a
-t6sl7cM9DxMRGYP23fZMYS45GbMEGfqvWqqVK/cuSbdNiCZHtkDUFWWFflKZ8B9n
-mQ0veC6gar8wfXOYarSgyJ0pM9s3dNgzr9RZHOMkz642bxTelKB4yxlJtTSFdKth
-jZCMgvEJf+EdSIG13Ioh7xMAY70v17MXTKE8bAR6d9LRvLjqZHIIwh15gqJCq7rQ
-/fx+xKOrkJnrWniIm/97L4LeJBVOi3RgOi0c1qp0vZwvcaJZZF/igp7WI95XB/Vq
-bpYp0d9YaqO5I3CGtnaAHjMTjn5wBgsXwc1EeQi4gez+W4AUjX9WVhltlQp36qto
-0mQQN8p343mU3c11bwvof1Ls/HfwXDUKnt0+8RUQJcXj53iSlUypE9gbrbyl7NHT
-qQxw6B5ksDEcXeNKy5xa7gfOl5OJ+WxvbNHOy2s=
-=oXYz
------END PGP MESSAGE-----
diff --git a/privdata/orca.kitenet.net.gpg b/privdata/orca.kitenet.net.gpg
deleted file mode 100644
index 51114c72..00000000
--- a/privdata/orca.kitenet.net.gpg
+++ /dev/null
@@ -1,57 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1
-
-hQIMA7ODiaEXBlRZAQ//a0BJymLLz/hCR63vd4041h8UGW38glV1MHkW3cE9Lafv
-L7ThnIEJEOAVeHWrSzeFViBjiDimCds1L0Iu6Syd/nZM3YsujDx19NjwkZcF6F6b
-BElZjuZVaPnnsrN++1uFEm/Vrja/7iO7mDWTkoDfNhpqTRRNf3BLUH9efS1i+ioa
-M/XPsUj7g5Ok/iwt/lB+NnyERAGTz1KcC4la74qtg3I5zAoN8ErPfPwkv468M9rE
-m6JJhhwR4KmZRxNSNn7POX27xWdhRzJ2BFRKNPx+u0zJLkC2y7V21zAl8UYdBeVv
-1yV7U9mMVXTPv//p9zFshSWPFsfoKs2WFWM/P3BoWudXqLuHduPFY4/FZLssN/I9
-wFApYQPUp901EfngL3M//NGDaRrHS3auF896xEOEHeZApapzvH+1WHf43VrV21b2
-XVdfGFYbzYUWsex3gfGx26wcDfSUVyxlwWJ6E7HQHmJjX/xpoa/W+3LcC+GGoEBN
-kFtDfbdgYYrK9+yLm0yYn9brP4RXjgFYBXH3PgLWu1qvjjGeJG1kogdlmI0M3vG3
-LtIl4sw5vdBzJHqOjaqRRoRmTsm2bFto3468hTrcviCSTpkNqUDk1xIJmvHh0Gnk
-IoDIeKDjTNPl/+Rgg5JEnwzNtOjBSNWjhBAfJHVXPKHtNJ1yJO9RFkTFw6h2Xb7S
-6gHj5/yqdHEFfg+15Qlhw3CdeP9Hz9XslV61yM6OU6d2QKD2a2esKwVUwz0tpkP3
-McFc8LAP9mC+Gkr45/erKo5l4fCz5LoRwGQoKSSNE7At5WHBF2m5R7ppnYz8T03r
-gBbJeDZPmrdJ/RmeqKwgRUU+Xo9Lh72Ib4njVONa8U3hzAiAFEqvFkKbJkygbuxX
-rRZsJmaCuY2uQISm1EA2lHZrTIs9NwrrTEaPbo54HavFbXgCIT6AubIDPmaXIaAM
-yKqCUxWE1wRx6Ou6yezdWibZ2ME1URJ3/0WQkl1Jj2pymjI9SxlzJxrdQ7vXb2+4
-xJ4cILs63c7MYhm455gBJCAckoJibMpmskwUWEnx+RlzA1CxYVAj4yUCjetMLBl8
-Lyzud2IxrYH3k1kVX86HKnQTUzLLJkj/22aOS3Fk0PF8F86/xdMHQ6ALc2aZqg7a
-ba+X0TPDLwtnsL0NUvHexP2ueHpCAcmyeb5MxM5cv5Hm6xfY04wrBvxL0/Y1TCWd
-6lsjdL43lOGwGy2GBtnPo7rwvrIeoWI3teWJt+fHEPcSedwISxCq/4R+EbOwZpCS
-QWlZR50Iws7O4nxb9oM1wED/T2gdXpflFu7MpWJBxKWAyhaFOG8+iaKLl5WT+oOG
-Yei8bs0LFvKtwNeY17VuFXcdFjpg0eta641/GfE6AzI+dsWBRzuXaNbwvGlBl6+U
-sV5T/KCXaLT7UbcKzHlf3RgzKDERQ8WDxV9ldvuDM1Dxche0f0i6cEBZfiuKagjE
-MV3vPYdQVznagDsvh5Cz3WBn7frh+X7LnNgkskrEe4CZOUkhPLJMytvMpfkcXTLb
-BNvePNxMUhitYtEhrp5dovgYB/yHLpBKI1T5UJBUU2byUINCDJce0VIq1JE6uTcd
-x20U5+DitLPGJ+aezESNfo1QpuibaQgaA4pJFRnbLhwmq1CJ7MprfWQvLLujpsLw
-hLbwyH76m0fwlO/eUr/EQXIlK1TCZD9ry0gVr2NV1fud4cH6mfYDKkPij3airXp7
-ZV4iPSJFeiHcMSAba+1gLIZSJ7di4wpRDpUphN2NulqBtIcFg2gOrjmhDT5U2H7v
-Vrf1dThJ9eK/ifG5uNnFcrb41nMQ1zYnMPTolluvrR1RegXMWx3sd3HfiboxxCox
-G/PIoi+rb3AGmt2x3z9QPDyyTIAgAGfzDLF+pyNkykw9Wha/JWzMpGf8hmCiurVd
-L0jE2iAQo4zk1OsOfIGpaoIoaDIwIkUhN5JpsAv2YdzbIXe50q03vJf1pgm8asqR
-G7taoCYvltCtMZT5YClCEiY8wd2fygWFEXWOlfkK9GrCv5kx1MXLIsgru5hP8+eJ
-GuKPlQDLrbNCoK2a+bP47WHpqMEe2yLlZ6lzPzx60MFYV2AD22d47fHvklKPqzFN
-vXZfP0AAaB1Z2Zgfs/7R5r7J+PtF6LmGqjBzjMqo2tx628fWvFzz4+SI05/bICjE
-I2QLbuSaRAPRAONjf/UHDeZzGUV9jgBB7o428r2baOAh06ePNqmAu+bOy8Rj4yZt
-TZ0+26NemMu1rRqhQtimTYsvt4XOyMg97xUkw2r5vxp07pt/htJWVZiYWGcNeLcV
-cdt35XqvhNs8Bc6knnBr8AOlNJSmFMpNUpJ5219ZpTvK3HryYmqAc8L3sbLZnWs4
-SOuJ8zwIms5hhUs6JMXKgy6ibj7zbSUOwRSS1GjeGtgZQ8V7N8bqr7iWQhNDnBnl
-kA352hODoJhjqb8GdNwZhmaZUYSPGKxMKI0bMSAJ8BCI09vKi5hFyINjTTcDgyhG
-v1qWIfvWzTF1XZHr0Z/KbPPhlvp7OJLF61qabsWJaZ6o899P5bkSHRZDlUCg6g7k
-lCdNK78s95LL9cOuHHFFg8sigcRvyscwdZY5lLW8OpY71Si4EQPBTPMt+iCveFT5
-infAYhNEORYaJJQke5QJFjDiz4PsrxGw+i8pNo53hqrUSUmCS2nyibeQaenc7I1u
-TTv8XwfxyJtuy62TNk4meem/R6tKnovxEV9FCn5N6d9bAQgHVRj6mWq5qQUFJ1DD
-0P/A3hAh17Tch5yMeWCx8dILUHVR4w6/Tf2m4A69SfUcWlEL+uqMP9UCN2j85xm0
-L/lI42g0roQZdcZH/gSeeJila6f9/mj+lm1jOnND2ve7MBzNt/5izc47fQ05AkTd
-OlgsTqpAcYHMvRP7LxjCnAaQu8k2p1NGbZfrEeT/D2FrMNmgAmZZvLDRtffZ8uPz
-Qz1hDdnB65nFqtIxe/48vXygAFbGzOOlSdls0e+tYyLd1pKHXNq0tyfLpDpucTAa
-K61s0rE+7OQ6GufFbOClSjJ5Rm5Ol8rP8ZD9tMEH/uO0S5zKqsN71ERf1mzCHBjs
-s/FhOiYvoIhSg3A//hNS3aqkJYdH6sPc+in5aMaVxCGhwtXUsoeENg8UKWVohaG+
-gb7trU+X5BMtQQQiBbmY+c4nG59ulLWoKciyBVglmZxN+LjwTNB/fSia8dUoZjFB
-fDx2m+4H7cv+z/0qQXAjCheIlyDJH+1xZRxCuSWVtAGxN3AIafPURK3Gd3056+Cj
-1mkGuAqjIG0PWQeZCTxqUsFCO0jMVFQi3SKrBDUjAJNbkA==
-=ZBoU
------END PGP MESSAGE-----
diff --git a/privdata/privdata.gpg b/privdata/privdata.gpg
new file mode 100644
index 00000000..9cb56a98
--- /dev/null
+++ b/privdata/privdata.gpg
@@ -0,0 +1,434 @@
+-----BEGIN PGP MESSAGE-----
+Version: GnuPG v1
+
+hQIMA7ODiaEXBlRZARAAhSm+AGlz5+FL+y/E0U9w3skhPY91V1893jBRlFDaxGbH
+JnldX8j0IkxuhP9UoRcsTqGdMqVJMLsmrdKtGxMNGABdfawCIBjz1weV9phkhZrR
+67U9ZRZIP2JCp6XEaKCy46Ehv+0kr5x/NCfAmU8A7Szp8zKAsCyOeTRkI9nhhzdJ
+HAoDjKMA1HB0HrKa3DBzzDP8NdFgw4cV1lqDY2c3z6ohm8ahDLEKgxpZ9uLm1gsb
+LK7vFyGRZtcibts7AOlUyS3DswxBEjDslkLaU89vJ4YigjENhvoIVQOj4/XCzVts
+QAutGZMOfMFEpFPs73A+0NZ+NW031xCwbuu1mHVrWKjIssF6U8efJX+6brNpZUX4
+WCt0OG8xiL9d4HXmmyTbI0n2z8kJgdFwrnoK+puTmE7gKn/0Hb/7jd/KAz1cAc8B
+vYgT+GXTySmmf2mZr6pTY+NRKG8nMPSuPO0zkNfB87TvpDofIHV7nD0cfsYqwzrt
+kva/GuKGjz1ChBRxIKkedc4N2yCTSn/0HPne0Ejj6a4b9YOeM6R91vs/w60IxXCA
+dWRJsHAu3bHaYMLmSgUM+UV7gL93hc6kQ8nVEwqXjpOM5A96zixI+gtfApZokvQt
+Wz/UhXdecff88BW3tounWnSK0ppZ7mzPrGtvLn0oM0cMcbR9SaLpzxwuH1sTAiPS
+7QGnqZiyoJmkrDeDCGKIkRhqmi+2OL/mPgxR68/981rSNj3+PMA2SVVZIdUbaRXP
+1AKMvkm+ZnWpzS45JEqZHBb8+4JfAaCWiZ5ujUxMahibVm1G3CGXaQ1kbXg3NvW+
+bzTxURprW6/uCdQGnglfU4rv6bgw2ByAjdkZpE9pkMJ0QgaemeyNAq0Sf0Axhc2g
+B0nGfHUNqwk9xC1pYYjQD4LwwoyzowViUIYDoQhwjwgPD3wP0BN8ECYGAkVzr+s0
+kV/9Oc5qpy35nDhZAVQ38yQbhdyUSh7OzN3Wq2/QublFksfAxFV6s+nUWlY9JYyH
+m2bPQfp4RqK+aGJ8XQL+q3QjMP3F8s9cYAz1UYU6XFoHc3FzZV34UBx1oGXg8/62
+/N6ztxNTxmX+poxUNokTjzulys4ClWvQ01Q/K1hYTw9s+WKbbhR1XW0XSbc+34gt
+1RwtSzhc+Dl3bANFeUw07pGlGyQWjUVytMWmO7Dcqzft66WJbabIePznikJWiQ7r
+uHmBGe2eiFcL4Gh6UY1Ge2P7NNN+EV82PLvnN8CxSigkdNBOqp9cyp8xoeHEIgo/
+BKYpUSEfzpOz3xm7MMOZ2yFI73BSZyUfVAMecfIDIyKc8EBLlK8cvJkCtkNROvUU
+Xve49yEjPj7xHAipkTa+dBp4269anoZqkTYakNsIea44nl0ZxMXpvgMNvGApvg2N
+zC2i2W57eEZ7pCfjFCB6X4Ysm7FqA0wcmswiNMXeR2a6VZvllNzR5at80ULqefQJ
+GX8yxdSgDZuhwBMEXAkx2/GBB8nZLvW8NknedGxuGOQm8Qr99IxDXsLLzJY8XpUL
+IojaFKvvmFpDMjThbaNMmYfHxL11phtmjV8AsDP5r9+Jtbrrg6a2jx8H26wvLCmA
+5CbLgk6n7+CIk4AkbVgk69OpIGFDH1Pn3KJesqJblGgPoUYt6FJBOX7xSVGXTgPi
+/9E1Me2EGSPzbW542PoAMh+erYDAyVxBOORtbPY/qOFVe0ggOQwgoPlJ+G+3ka8w
+wsLiX9MCY0s2L+VFZ4fgSGzGBXO4rD7uNIZX93vCHscVcII6YG9Mgc/NgpLcfdJX
+pvTlYUlXAFLUUGLb6GytTomIh5FG8eCFrc+XihN+ip+Xw369u68UAfi6tBzFUY/Y
+U+LUCVy27moWDN99TfQ0EEjlXS1vbvf9ggkWXC3k0eHiEDSdYVy8Kuf3AJdtG18U
+UD12IFXaA76/+9qaqc3v3mOqvCsIGwVVV/Ee1n/tHh7ZGXyUd1zz70T8aEgixrrA
+rwr00vhSglHYjCp7QqF6qrT75Klh24VzsChq/TvRY2bi1mgqynFnbEyYaRCY9ACk
+lDaZ1ZBguIL4MnLFMVxMGnEuQrYmyNQ3wjzlVfuhk2Rtv9ltGwdN2ZrGCJox1u0H
+CBj2TQdnSkbELLVgsJdeh0Zj7E0amRXcKl+rq9sFisfko+Vh/Ifb4gY6NKFkOY/4
+sVQsAQgYKxn3Fn93zdiRx4FY8nyOzTAPAZ0vq6LiMT23fgsxhDSepDv8fS4V5deq
+hBi9WpiIa+VILPOdfhRLllGZlkWHZePWc2SWxVjNqqX9LEZdV8b0Jo7exGLrMwQH
+RrYq3/NC+1vSEnQEZ2sOX01ZEqQkQLR5gDFWcKw1ZkL4+kXE/Za4c9c2rhiBGv1l
+O/ruTwLPnpSOS0FgTV6ln28UV5ElmgFyg70WDqEfrh4Yt/GqMrZmwxfUr8ssKkg4
+9joZNPATzq/CYy+DyM6ghttkW0SZGrbCc6Ou6FeVQdiZR4xdk7sVVXJOJLi+BuKa
+MnY+FlScqUhYBVR9hyZO1Bf9rlKBuLmVb8WDMOdCGPVtk0/JQQDQ294W762BSrKu
+aUC6cY7s+M6ygY+Ye6zfWfup2wCftVeWLQTE7UXoJD+S3iMgVfV3QuvMrI/8GRnS
+sxgq+qWljPKMN4TJDSp7p/uBFsR5BWTaxOAzaZib/kbltocUfinMg+5cfSP9KchV
+wQmn9KR0g+XJZvFursiDgxRS22ug6Tcr3sq+gMFwQ6vqEPVWHsS5FbADwEV6sDIj
+UlVSmiGCT7gfeEZtj8Cd9h4uqZXVMyWTJnD4JW+z7rClgXuXvk7JmD92E57QSjbY
+7Wi/wrUvmvzzUMa6mxIbk8rTX2KBbIM8/6OPrD1gM1rGT2s2X2sqwTisxxg3vTcc
+84O9yB8CDmk3HE08z9tIDde48p71UD32kR83s6ESypy/a+StOAZGsi1osfH9ZI+M
+vWpnVDKw/egT0a9wI/hOlwuwG6e9tapIAyD0OHjC0gqVVMMA2+JYNS1I2P1Nn0pY
+uxxKgiYJzhx27BVYrklMU7JeRPR7vU5+cg9385a8TvRMyu7HGvtmcvB68kxXhziF
+I2sb9cZIefJ3+SfYD+nKNqlg0Eqqs80Q4URdfvWPUNZnAT4k4xRD02goYkuE2fxy
+GnwkoO/UC0DgL7D6bLhB70CzCwZiA2PDoYzUw2nGHqcwtUKlp7IJIl/JvEvz5Q2i
+zFwDUT+ccoMdUiRJNo1bm0evMrPFxjEx5B3WIXyRN8svn1minckfsQ4FLe4wORMZ
+3pdhwz/gltiXKvYK1UjuOiao768biOioZdrVcknVRPQ0EQ+pf32fdyddg0mxVzdj
+8TghbJU+/DGwxtAxxseuVq+U7NksWam6xS1BCQ7bu16xIAgTBG7cPMTSNkT3OIWM
+LasUtusdGd2XiZFRlbnMN8WyeW5OqT8kaDS2xQpuvGggFPSnBpFWrcCf+R4tYzV6
+RPGRr829C5QNBvMT0WdmMaA4En3oE+fScNrG9epT2cvI8UqSOx94rFXwyM9PMlHN
+eGP4shp5IH/sK5uzpKhVDvIwdBpGBMpKVqCFU0xAE7RQo7loP2XTcdLcUjcEFWE9
+lrqjZ5GeV6DdJyQgp4MPjX04ZrKx01Oh52uGBCacqdYITmN/2yFxkeL7i3aSj9nX
+vTVfJja8nXQ+ltjNLsItLlgAzGEER+CYkL5NOo1dEFbMxes9CDdP3+NXiEsv0OIF
+SN3BAtfLijKDyL8xsLfj5p4jIhTXS1yY+xjzHfkaypZrojZ84U0p8AyqiQnHeF5g
+SfX1J66T5/rZZTclHrFYFzO5+Jcx2IQZne57IWhe7clilmA6JvhRsSP7hszUlbTW
+UAENp50TtZ+Iyqm3HMqpKZiIzi8eUx4u1q5McHLjdvSnkPjKkkHH1ETlxuq0wIly
+VcH+A3lXs2/ZUzMx5nUCou0nZhGtrWp8pwomzjBIcJKXpEykwQ23omAGAC69yDul
+jixOQfhZJKS1pICZ6YPJnVVnvKiaBvNT6WsR0PNBgGME2n2veMwCUgbRXCwiLckv
+waCi6NCWXVc67zSAOuy5Kjof4Xe3JmiJTJD1UcxiPnwZAUUYzynRBU054soxj33r
+v/CSh86PPZ4TX8sUk9ITgmt/y1RlAKGQdItMA+vg67eKhMv2gQGMhKOarcknYcFr
+gJ/4z34oOaQKpXJ0U1luHfq/glkRSl4JBk8a6DRfMfsJ4v6I4Y2YGcGqhrRRoWtK
+uUyOzfnO3qVm32gNAYpCWUMDENIOJlheN3uQXrWYn5AINOCQtGlNw7wWHGWrhK/F
+gcQCO9Ico2ywt4RrjamKgw8YWiZTD5J0TYx3/IqMcrOO/6U2Lc+LCvg++3Ms/Yfs
+I9HW9WMrKMl7X1KDycDoAMf5a3H0KF52bx1ZKYCvVRkUsqus+S/cweRsECL1BOZr
+4uKe5uKvwZdHd8tQ9aspyHk+8Kfnlz82WtnNzM2h/BVWr3kByLlRLCSFaOYm85lB
++5w0/HM9HfHX1KHCNYEIT1o5oSkF+PD7tk1Y4zWDTMKZua1o2p+C/46/FjwNJQ/q
+iS5MupP5Ne1WaK9BMI18gAgt4jZYamd5f69YHt3uiF3eM9KpDdaB62ZhavqsuDhR
+luQvd9Hj0ZX7gyKfWI+a1ZAzPTSM5S1cs/KSlUaHhVTEVkzf7qEENCIsmG52LcxO
+DMEai2aYi3jDAAoqEVJOnMKEcH3J3XnvOcfsAzY4qcVRkbVfZS6B+fgR3tyGWZBU
+Q4A9TWz6PQ9OWZPNZ8jOpgZqamV1AM6RuffaVciP/pjegP8hi5CnG37XgZ3O8E5v
+/4VpQVr8KiZGKA8KWQwlIhKaHPR18rLF+yRcLfEBNpPG6QYJiSUAcW9ebgUNC0+h
+Cyv3e2QrKAg+gzQPK3sjstL02biKjI4nWtnLAWPorPiEPxC22MRNH7Edk3f6aelU
+5sO5EbBpI0dE0BFBWyKk09V4LbcBqH6grzFnfWX0seAgtPbmiAE9hQvnye3rC0GQ
+zZRWUPtukiBEKJzOqrW73/PuQHRegpItl3elBT5e6ALNF7eTMK4/j3/JCDIxnLIZ
+Ao7giOHaqM35KD6EQSdizylaY33Qf/l3WyFcrc7r+HUMG3RWTLOfLxm4J7y1kVjq
+BNq3KRkbhsmd+qqlYEBim55G3FWG/ZbpF+LS9HzF9fjOnswsvOAMt43aKkkp0urh
+xoSY7cZrHNYg0KuFPiex3QW7ZuSXfSRexXfGMAsJDu76N+Q0Eb19afqUxSNf5nNy
+qOp8T5PCyPJbl+CHm9oEeKcVwG/rT0HSX05tvjSNBSmLU/55B0YQN8T2bOowWfB2
+QKMQkDdEPdbSSH7ioNis0QyXq7oDWXygXiA1Y6ZcjVPhKDFi819EPN3qplgMVYdb
+/7FxhP28VM+CFCkj5UtLPjd5WZTonyVCFBm4GqrHWewhvjtZse5xtuT+Ju8x0hra
+V37vK9vbZoioB3JDgj7mg48GKyq3n8G1ZCSpi5/nbkk8H5D9puiub2DNSiWzDKeQ
+8z0mGen6DTL2aACuqGNVK5avVEJ3E99MbHgf+Ooq6p82ye8mP+fhDJXI6vjSZ/GM
+sUM2Yl6JuDyPKbQcOK+5bbKt+H6NvitKVZE4wPrcVU8hJMJnVz9pCf/zhag2SAnJ
+/mAyQeqqdM4J/A/rd7QkzHeq2HCxN2mfz1FxsTRBlQly6qV0rpoUZ6NLMdnY3eJo
+lxDNzD2oQX/hPXltVxug2Urzkzb5dkptXOZjHiRVXarIPpffaZhoMogUrpty1bTS
+QZF0y0osBdFnvDf6s1dX0Jx5w1Kx5dVgtA3NwnoLFG+X1TuE7eTdlBY+MSKFPn08
+noKYbR0fWr21/0s7dodJHX4Xt2GqvF6i+4FwqWhYgYsMB1BtLDBRwCVSdjH7RCzW
+55HT8nx3Oh3hd7j/hvtJboyI3FkmwlesxTWvZ76Xw6z86oc3y3KSnHp9tgST+aIq
+IkxzRyQtHy+6IUrnz+lLcl8OErnVtIvPeEgM2Peimas3HZjbNH26SsK+Rlsjc7fC
+GDAf+s2quZboiYILRU7h22QGPR9/N43X9EcGcwRrBWqjPOsfV/b8Np7mjU4wHo3h
+CGBzhFKUEZ8qFfMgDjrZ33ouAb+06PUOayyiQmuovOUbGJ3vvhGYWT0sqmM2jvcU
+76t8bW3S+uYfMknboIouTrEz++SeqQ0FLGjSNqd9XWWlkc2FkFNuE1AV3z2A05ky
+1WWPRlmYfV1omN/bCv3iTuV3HY+yotbbX8aYt0g0urwxCtKwKmwJ2EefpXpMtUY8
+SUm5xrwK+SS3tfd5tYc13ItffasFqLxWDHv0comm7a2Et4Z/tszCAwK82HU13pNi
+SFIYdnzm5xX1Ef9Lk8pG/Qtk93iJwHUItis1uhzMACsuJuOg8OvYX7FoqVv9gV0z
+sErFHB11po9zEPk5FdXqENUfsXcGv+Vs/aSUghNggQivUgTYSCov7A+WPyKvH6uu
+cgMK6cEzF0//9Xy8MrytroJhJM5V+l4D93oscr3prwadH+DK8ZYGcOi/YsFZnXHr
+YP634VEp70vpgffzO+h4oo8J3l3m8we7eezg1lFhuyiQmeoTw1875JC8pKWzqDv7
+5ziHjYz8oTMIejmirgsd10kawdXRiggaMHN0d17yPqVQ1WIYSzHhMAjFD6aDH/JK
+SMTzQGaF4R648DbpNuqJ7nSQnzPGSkMf6wBEwspHycHOhLzXkYVmVin5amfwf7cF
+GdZnIQtE+zAEN9hkS7PLbXhErmIrX+Yax+x0zpzwF1Hw/rIDT4C5IPsMAUzT0yft
+BhRjyBIPXrdZ7x6NL6BuyFug06ooxTnRL2oqnGBTRuA0hkKVEoQGPsJHQAwy1oaL
+b9nt2GZJx5EhytkfQthvwIM+DWnUobJ0m4288jJD9V8PYulZWbMFiepopGAyYsrp
+lDBI1lgh4PQaQDb9HDfGA4uRprOA2dPmWKMFVHszUjjUxcMjDaldP/s5h+huOF+k
+jO3+RqMXx8jYyuG9jXha9ZH5q+1SVVf9E8Ubz+ErrAgtKegroAgTWCtmd04EYtXj
+bSUC2fKq7aVjiALcIg/G/LjcJPVmtybNBaFTWvxElZabCWWOYmAZg5BXMeI8IECv
+j/aQ2LihpJPpgSHRrNeg6twlMIMiuc+EwxIzysSPJgJg09JbyR2Lbtx3mFhYDdl2
+8nxY0p9hMkm1MXgG97sUjFIAAu8xSENH53nbumhHiks2+Gj9yBqS3SgcKvt1xSkq
+IUZp6Jr3q+rTRQFIa06eG4M6FXXvxSebinXswdFoZ05ojcIAmKfAu78Np1NYt97F
+tJeEKxqiQQBWVY8qiKQH6fISKFUJQ9RU7PEBacQjcpINoFSE6JDQMCBvNgezY+qC
+F6GgVPoFra4ulrj3euoZ7jM9vt0/4fTJoRzNScTreT8jB+4Zfdtg+lUXs4XCcsx3
+3py5XBBlOkzGi4eap2A1YO+mTw4v33lsVCVjpGsB3MNs7kzbnvLpO/X4q6iGwXst
+Vn6BOViVLM8HooFjV8QabY0XfCqCijFfD+DYG7k4s6+jWR9X9cc+0EfKeIie25F/
+1ISFCwBJdpIxFX9kmcRgTPdMNKnniniIzHOeERKQPXFNdJY0eEavEDRXJBmwHhfW
+JzlrUMwG9+aq2rrXmjQoyXO9apQuUIZ05s1kJaGFRT69mMNQD5lXdgWCq2U0IsRv
+y/d0Lg8SIwErFDRyCh48MhZel4257AFUgODjFP8QQ/K7j8pBq+3DTc3imVaQvSst
+jYoWfC675jAA0YuQRMexFNMGstHlj6VGGhI8zAScduKleDiHxKlZ18jpdHLu/O/Z
+EiQqIKRGZH+WG4Eg3yHBuBly4YpHYHvnadhwMMShyy1/UHKoRUn9AIB0O0aW0y9t
+5Mtk348i3ytH2NYrVEMmGMCbfDjKjakDT+OJ4c1A3zz6sgL5PLn98ZnlpKN/Qemu
+VP2QRPAhNCc7yf2AsRgTEQOeON1ShIGP7fdlJ0cK6sSdRWAaANvnvMgKN9F5K1/l
+MuC2v4pa4PabGm3AfISi/j/u7+GQ55Cm394aKHRBJ1tLsoNPnH+t+oD7ISlCOjIB
+BXyHf0KvMCi1zHdwdpfwkmcGmx6leoREEDWS4NVNZtFjS/JIO9Fh0L91qPJkGN4l
+KYOf+AXo4lCm377Exjdt92xPMLKWOZcKeVwf8zeY8b8poLFi154W0qvKLzBu97QW
+xedQu0luKzoN2ZlBxz38WXbIgkF7y6bIqVIC2bpVIzQnkM+czwQ6Dq2kEl/TJcD1
+hBMCPa3uSOhUCrDyDFlG6j0OmIMJ+LTfarP30D6qbdt5M4wopU/CvVXE91piMTIl
+MjggkhSDetbp7g9iuWlGzKFb/ETc4+alB6BnZ76X0eI9fMlzYx3zpcXEgaGxRlie
+pE0Fs6KSHpJP+NGfvkC6G6sZTnE/CP2He5mCaqHw+TDbsjGpWREPSX8ENtuix09V
+pBYjYGTjAFdvi3hUYvzlwuYWLhUK6BV8OWzVl1EkNqOGO3KF8/V+SDa8OeFPsncv
+YBSOc4/b5lDdevUES44qa/b74r6p0gI/mdothvnngeUwd2d+FrPopGe5m6PEoPm6
+sTD/OkARkbzjQ0n9IBPdkCAKocSpwbe+kIkgcpsWR54uahsZd9xAFdpo88C65XMr
+EzoyiUGVVFiH/Hkpo25f+4SHgRrsACGvA1khJDnmNX8L/avvwL+FfGqE5mkOz+Dv
+6wsFVIaGlcRw3BCV+ZIZX/zKEsoun35tDi/iuRcAFBz1376DArEvrQL4qVZbx7Y9
+QV6wRWU+9ZR2GAkuXAnAzUmYAqN7cVx3qwep6dIsUJY77/nhjvQOoimVebrWxLkS
+OEwHnjqOPK7ttblmD2NrlgUzEJNEGdwyFowJ8DFExMtK54ZAJ+Xafp7mXpaLr5Mv
+RfinVvKiY3Epg4Om38ZU1n8Xex/8fogHGQm7ng43kh+ouIFGMXlIgfZwNhdxN8aK
+zxcbfjeiBBm8wV6u41ruHsZNkx8bZTmuiLXI2Acl6h8c/6lKLhp4doVxa3HRdfBj
+x/CPnqdaDSGA9o1zKkmO22axy/cy/FHnyKdK/jytJOg1mLkmMDPZ+MGlxJ89dp0V
+j048PQ+E45uv96HZf0+AO/AOaITHG491NI952tIfKL5jIHXUtfQ3vYeexd5fiMyL
+jJ9hhF32vQ1Ne4TPzNQcn+GiyWVevQVP6HN+ljso0jVIKKsGPZLLSrLpNcvCB0o+
+fuwB9/B30EsYcDMvSSCYqtp3AkVrz90OuyvqZqnshB57R4q0+WAD283f2k3zASMg
+q3vf+RH0kpS/ywGGbLJ0xxf1FHOyOy3hkoxG2kAVKqzY61ijIlFllkC5HNTq2mvC
+iEjXmjRgHE2URxB+wJQ/wJ4+U9c+Pk3IscgemqV8BB03FRckqPuPbTPBWIR9SPQg
+ur4pbsCu1BjrXZ8CyUizyNoIFEssQq9qQPU3anz4OCWAfXhLxUVS7/163j+8ZDqd
+6ooh2bwnpfjDf1fThqjZlzy59KjIil9bFEbgjAwX06sSA32ceLARGHO6NQAGGrfS
+E8HUROYEYwWK9ZCMzNEwH10TfhDqeSj4F7/gGRMZVnFlVpeNQqLg2blz85l/ejI0
+G22b7HPvAJJvE7utMX05hPOzPOxk/PBu+ZiOsa7GK3JaZIoljvVNpdI99RkBF7q+
+nXVdtxYi6/S9/dFqYZXBlsqC8SiU/6Yvna20WUW7J5I8h7w8VzM4o4LAXDS/pJc9
+Yd0gNso16ynK8oM+Gz6yk5TQ87lUt0ENCU0lnlUyonQD2jBTZafBw2hefRdhj31V
+wWrahILvwpVZD58KhFlcxSeaYT4VLftDgznEHufOd3EZ8+hZ2mEc0GJK9MEHp8x6
+qa6gq2j0e6xEwQH0OACHre9+Gw10KxnZNhPfxwROLkkLsWiV23R8mEAn94NUrF1S
+GOyJUqVQ2/W9nHAGQVCogBG0KJH1yA5N7I6Z9FmW6R4PcqoMjWKaT+IpwyFRLRUR
+JfcZKkcBoX3QroOXz9lr3C/98NA2kvFv7BELhdtCLLD8gCJR/R1FF/7kYOIazmvA
+g9vK22EdrD40r+tWT9PG9onXl+zxNO9JF4ht7Z38tlVlxJXYDki4Da09gMgL/ddw
+7it4NGZcaPjYsl416n1oWiwKd2xOBZnzrt1OnfgWUNR/fCNmOcqekIVgjSklRogo
+nClKGammjcUxxI7s80HHfijHHnmGk9cWTlpHrSNn1DS4qHyMSpBsWBT0dUJzpTvc
+yXlu7SIwhRwNRJiZcMFmI7RXGnnLWZVKpbxmRZ6UtMNz0rg9QQrQ4JpUIC6KYggr
+z3vqHJJVYX0IzN/COABPZuHfmOGK01FXPnd0uyG84RJAiMRpNNMxA/SaIkyz+tr6
+YyA+Jd71b6qLc0iV/gdoU5FK5Hy4ZfS2YY7PNElLsBczuHcMFSwgu6di070XrGHt
+09/Ht63zvBRKMRle2+eE8BqO1A/PqGxlI++rJE86/APQQEyEcHft7w4HI5/lEpL1
+WzWkUCh8P7QVTwmnuxp2ih3VICUmNvZJHGRJtg1HAAePdAwQnIb9/lA+k82Ho3vg
+8eSTyeCxmu4Y9S4hI7JjIAFqCiPEAUGYYBcjHhlUvZl4HijchNtaB/ZpNwAJH/Mu
+9gJRrwvYPwO0zIjspwDx5K1xxYV/vZsttbd2NYYsO7FguHX1FzPvUQuTw6q0A3tw
+ENfaeNJP91hzaVvX4HtTkYYY1uMlCxvB0JsQNtf75lBBuPJTFoAHfWOL2M9HbiZj
+wMj5/i72TPTUPLPZEDgIBO+0nqfm27sJmtxDKkU0o8fozrid30/o96/gwQOjgKZx
+w06baZQsEq9JWj5GAom4NkC9M2S+lmhOTD/Lxb2ili3+DiVx+xcxO92a0KcUw8A2
+Z6TQ7opnpOObvru5UbAKSOP+gRSY72rc9v+hIz/6fO1sw256VwBrOwKgnb+s5wN2
+UY7SCnXAsUphconKlcqoZ1AiiT2KK7zulOTebS7dkkaBVUQ1LSDftreISquV+pC0
+hzhTXNeLleOIBYbrOpAMc/vvD0PO+jy71igMPn+lZFuEOQMRbd3UTVnZay7spjS/
+iCPlbRWu/VpnMv0hcker6QRW4ycU2O/As2uYrFu9vfwD/KlXCbVmk+m9ViKYvZVK
+js/pZAvEARqB+YoURzXPT53OcwJchzBo3i2y45zJqPbxI3LwOG7eJj4J/nU8L3vt
+QUs7QUCeaCSE2gPPdrwTOUuOupsDivrrPqoG8BpSwenfo40prcisjuFGm0fI4esC
+OHjmkZQg0LYCyp0f6SC0DoN4hGVZE/6Fr7KoCr9QzH0rC+9E94TF6u1ABLsJSxb9
+jBddi3Ur1mG87dcTv6RQ5iyi76v5GIDikuMF74jEu1JHY+CDiyXtJQzxHILgEOmL
+iAvLlggWsDK8eTNFSRZzUfBwqPIhWimO9PB/Kt7Nz2lrQR/zth1d5AD8LoqCk5Ic
+33JfBT/asfsrfkDqa01/cnVk8g83jtztuYQuH4SxEcuWG5CPOLA7c33i1NRy3Eej
+sj7S7G0+05cn2Q6rtzGPrELR76Q3K93MTFbOci1dsp7M/b8MDbUEm47ux5t/HWzM
+8WGua7ZZU1p4FBrX+/ZsEYJxzPKRWwJ8FP1CQ42MaorB7cmPcvuwGRJVGpVEJT4r
+vtVkeDpbqulNQJDd8tCrp7adJQvsLXzSlnzgC1ggMA4Au6mzf8H5VHyNpFbdswAq
+6HPAbnlBNEJgN4w2LFn0mWFmdV+RsO2k/A+YWY3iPr7Wqm4gvPi0ljW0zrvrNuWr
+XXOZMnkdiYeLy2dmfFU10CJbBjoMQNxH3RIaQNV6+Dqr4VfApWGualrxDgJ5nfKI
+L/FBypyLabyQ3bB7ibOLmIhShFPWc4MoxUY5Yka/iRIK3ekzuupD1BoojyLqBoUw
+LOMd01VENUmn97z4ZCIU+18JVIk6R6B0XCHi2RsN+kQ20dA5mC9kzAF9KYPM7g3l
+2Z9mGKt5cra9+n5sZzXo9WrfM7lnoa/lAtmzvtH6GGDoPtzXrRowieXGHsd47t+V
+wo4oAaoctQcsvYSB1BOTF6UaDuJoY3uYBsPdlvnZPsmnN04ElCa5Bj5NbKKbVMEF
+LesTdrmCBH0Id8L6X9OFcK/G8aHRgTCNlx5PwX8tKfb2cAqjIabsJBIsy9thiV8G
+uNJrlobB+YgW2cdjxVABr0RCAyi7fELizppIR3/Smjw1UPPLX75nISZPOETOx6DS
+cOG5q2QSq9U5A/wNvYnIN6AVW9VTgul2bnGpcVwHOce/xLi9VEwmQarPjVcH4keX
+fci/v7jNAn6H0LzqjxJWZZcLSscuGHeP+28mtjWZROcwgjhRKlk0BHXVFes132oq
+lBc0mZwYsYVIErtTQerPdvhykLx3LeC0keR2pGQaHPc0qLaB22yp1HpphtnBEHWm
+GriAAeTIYjNilzqXoWruP3MPep+LP49wm3ovNzKzXzWkp+Y1mQ07FcVSyiLwP98t
++qjJWRf9B6LVTG2Gxmk/3YPhIIYb8P7hFdcIsCQYroZbPLmCexjPMYT4mEuvr4PG
+A1l2F6ve/C6GO+4IRp9KxJy8W8OKN74MuY4W4KLDgVoSjQuDXlefGZUl7nwxcluo
+J2eSIXJYkbRXSeAgZ7owa3So1IQVjkGJcmetsstULR7RpzE3Rd1BUWxUViWtiZwu
+ha1+16DIhHLS8yqaew8h34b/yHTXEhrNh6l3U8UEgWNqfNA3YUVjHZrhX807CfpP
+Qlau/96FA10qFNKcsLL7lHLJ5NvRG7X5C+BMCM9NIzEYWmTzp4ml8kVVc/6254Sv
+fdE2JMQrjqj6NoFtWbIyIMBajzXW9EfmtLbdhE3zH1AJP20mkwa9lJhIIOzQgLZJ
+rUF0zw/Y4MUKKDuMSOLtCkHnwVKkqTHb7d4OAyIkjBygk83JP0A4lSg8vmcZ2+36
+PR/MBK7Zoj00KsuufyR3226N2VqXbKsXn52Ky1WXEU3eWpegPVQouIYtCrNwpndc
+PoIAV7lb6BoFPbAMwZHmQzC0ijP6yHuHq/MKzkc4mBLz/qOUyVn5IOkeW6XMvWoS
+EMojRmQ1RvHWy7YmBELbhUhB+xn7GU0x2cYNOJc+ITdDnILtbj/xPiGrGHzfklWW
+wGTGxyCqbD2catgYxaRHbBmU0C9VNCo8j9Inw9I4gNRaEx6yvyHl/iuLrc6yRViS
+zdEA76IP34wOG/6LrNW5ESep2RNJRVzpaZ9Ek5LgXXJez8piENEGdZniczBj1TpD
+k6I4c4Q2nNnok0RrvCTXWriJnMKQSl7u5e7Eveo4LxwnzW3ueANmdjsZWF8D9ZSQ
+KFyL+k12Kd/XNOIPZWhUX+mSKuWSWpKUd9tDIEQfS2DRvtXnLFsnddLQUEFxyOL5
+MGU3UYIRHvv7622LrmGWtMzvTkV67VnwqBPsbmawXLBNII3nl/pk5SUWIk6PHgW3
+YfJQV6WDWjyGQ0BeEV8wlX00CGCnaVsK3qye9UrZHofHSxELANepYCx8PMcVeZzI
++jOCmAM2D2k5kNdHvg+F7bn9pMLwkCLrf+FOXlHFPY/MzUwoG2/t0OXBjtK//SWC
+kLfh2U7j51rtb2Wi5gpw3pyNXFnSCI+dlqG4eiLziLEbhWYJCbol7wKiVMetlD4n
+8kFd35m9U4csQY7eCO+JjL0YSJsXstdC3LcQls6hlsyH7q4BiNr64jYrDX/ovHhN
+cAebOEwggw7LaU+AO91pSZu1sk4T28aAOTrjeUriZF70v4Oh54PPzs5VX/ebXbRI
+AJNY3LnYoGZJvWbco1ecpwlzyP4EkFwAWALAT/tsWD5EPq5GOBkxP+pudFxCEGr0
+K19ETBxH0SJM3pZB1MROrc4QpJ8auQEMKTH5TU6B+EnUvVvf+RWsI/YHwqRAtuie
+4p6xAQSmei0I6svTMFOEFbXdt39axAbvRxgJRDsLz3Aw5u3lAA10FsxGholif5lR
+PEKhhBDsRdNnhGNB9BH5IirRKrFlahmKY30zCrdtBqN+4BahclNqHz68KEVMJqh6
+eMXK3g+FLlChWx0O+VOQPx/egwMNvj2DUkurnnSa5k3KXgpNZ3SjAgCnmiZvNg6T
+I/j2J7jAPyWqgJUs5ouVdch/LFznAr5zWN/2Kk5DcKOoDTEF5hvnPxkjLC6IPA6G
+rC+FwDg2QqBmjLeq208qbxoOlqtUClNYwuNf/L02MoK62NKSEZA1GLcizodlRlaj
+DsrA76MdTqH1QEalVJY7yO112ZMwx6YJKOspBsqMBc7PELPYFRuqWXjKkltMmiT4
+70AC+qvb/vBVrUglm9ibgtxpl7xJQsvTxJXZE44+SarDPKwYuQeG7rScd3Tlstin
+RN3MntxP0yTzyvy3ZZ9x9D/vj2CxrrhpdrRYC/4lR1EsubRS0pei/rmySg9noV74
+KoqEOR33URCJ4/MstcVnxG+PVtAKDKfoxXSxXLTlr3phCApfFKYU7SIRmBQ5hwbI
+YsvUQjWnQS/rT0W7ECHX6Bftmj8kcZdqqvNP4ERjwwNoZk31G1ysgHCkbtvkvxgi
+Kf2MtHcBk5AOzGpDAtwWtDpQ4YNZyoE+1DCzoLzmQxtyb5GK44AU58ZgY5vYAblA
+pKAMlOWUQvWzYTdJRB19bDCvv0ucO95D7I7RozcJ9z50rN6o+oD77oD2RmALEYMA
++Kk7rVeakJBDWSowzr72On/PSWO2ifbE5ceu1o3FqFGHkwOS8xlpIWNYICh/99pk
+Ru3V6k6124MoqVlt8+rv+dymKW1yzokEbXMFFWm0w4VuukLhxLdk4WJL/KROYD8D
+Bp06yotW8xw1QbX5Mlw5q2JFyx8KuSAj/WwVwFyScetEzcBcqnKdY3OsAqfaQfIH
+dioLsYKXOV6IoShEQNdnPRUhSw0tdS0lgF46Doe0NzGIDjuM9Ol+5BAWK73gWdTO
+5vyTaBFMmf8ntiDGSUsl6awK3LyycEGzrob4ksucH+1+nU7jkB35a/iRhzAmveLa
+ji/o0g7cFMwaaChl5pD7/MkYwCWTsxh02BLzP/TYFJ2itvTPyuY12/cS2+iMr6Oz
+T7uhEPp1VsomOWMSwx+vTaR1aHKU79snJ8nal4gOmkE/ZRgcA7mLGFHykUdEb4FX
+vztrnj0DG9SINRwT/umuDhFiYG6AClEJ0GcDyBf2SeiyUILB6NUt30p76EUGFyZT
+zD4T8k0tt1fI6QQ+t6YOValJfsa4I2WyDHgLwYpty8ge12vb5mZkT1vpyyZQAfIP
+goTY68SFP7hntfXzdFGZBOtjiogdeuLV4iOSEWFzvbSkX3NoQGMBnH3s7LTuqnIg
+8uvYBK2grmbW8kp78O5k7ymw6qiA46lGsZ9enkSTyKt1My6Nkkfb9GgSjINsa9wx
+v0R/UGMbla8kDC7Picy0HbtELoRk1zJ+/nhQwBAQPBuIxfrvIBrFmul8bxA7epxp
+14n9/vq9kVioiyNdMzIWErh16npoer4uul2aKq9FWcDD3MkPjPu2V1DlY2V7vSIs
+CzZAMBSVfO20T4G58biph+tUHl0Sdw2S5DX7QB4/+eCsmkj7u8qMm1yhc8OO9nFc
+r27i/MPKAk7uGOaJZGI5S3whNHhUQa0Lf2xo/4A5haiTsVarh8YA8Yu0lZWhwWgR
+hTx+mUva6CZgDOFZBzx+nri2K4uSf5OaCIsh6wd9HOiD9wSJ984eg3DD9brya0pu
+E7jSkhYGExSabR09Wwvu7dUcJwkdDldB/d4FA9Op/dwiz2xxbHsGb637HUItfNUY
+7QLfExFYoYfXPLl4waGvw4pjL/OglgF6aAao37Ch7ew5/Vpy5hlv1DTDrMCboTjl
+sFwOOyVoPs82DfVXwnSAsec6B97+T6z48FmOH38svCqaSMzvI1oUd7Xgbb814JAE
+7Ni+rr+pZhKJUlcUA8Y8cESmSEdsgzX1c7RX/eUuZmlSjR+55sMsgF2lRAIBTvqE
+4IOHAT/MM/ax9AOa85dwrJCY0CZPVEPFCQtonKJRucPKWWepO511hJFO0YW/4c/W
+Bz0iHTm2kVVqToysC+JkHXbbphq5pSDf8F8OU8UjtKtfj9HNIolpVfFc+LQTTE8B
+0/NMj7Xq2HaBZawYaqecoRVrPQCvcCLxUvVGFJgUKfRFEKwUfJObQEOZ+74eFpTE
+FrmBqke9xGa5Cd5FkPcuxl2fzP84m4ACKGj8or61pwU+lhWJfhCOHf7DTA7eoG+H
+VrZvwJdo+H/RAY7wSmUNZhKZTD9rmADQZJ38lSkp+JHogbj3Mj43RgCRVBf4r91O
+ftqAz6ltN7bVA4WyOlWO3IMhLvfI6VKJCQkHD+z2N/+7TSj0iL/2cZE3VG4tgOhs
+QOzfNiKvReMQHAFMOOiyU1d8ZlI+GcrYh2G1mPhq7hIxSpfgtwp4bkQsfWpXxoeG
+JOMRxx6blbR5NAAc5qf+kqRa8kU2TXHb2eo92YdsoLmAlEFWwL66n/1UkbAwTNoB
+j4xPgGZYNhXIwfgAjwHFRY1wDdui+9tm1quFZ6Q5a/0q4D5Ck8Pcj+aP5opRE+hP
+qxAisXdONf8m0ROHHI//7u2jRajWgMiBZuKOw510jbM/L160sX1rsNVcj33GBbu/
+GSPlWnWO1/RtI0WB7n48tfKQ1OfqoVRvsQOp5ZO1vM9wO0NIfSxD+ZYQS4witWxK
+tmeqqIaTKn8TFTw48YYWAzT5N9n+xCM5KSM8r4WriutSTDsWZAtQxY/b25Eon4K4
+3cHjofcuWFNtMDdNwHw9emdvGrDtwNL3nlwm22o15kyrmJqCwNv77Ht9Ilc0V4jf
+v1Q9sNWsNBrQCW889dsdRSbjYFWDdOdMmdFUq4J/399XWwNpyKFED2+vT8xgwoi5
+EN1zqXo4mntshkP/2g5JOacAwQWYAcgHFq//+11K/Jxp5mSdpMJ63x9QsLuDvCQj
+JPNjZkNmvYf+UoMpNnOJiCsKv9TIoDnwdrpsawWwREdfjcUDTTI53T7ZqrG+4EsD
+MQFd5o/GQYxTVDxHxiPcvJq9DpbvVgXuBO1HHthovk+vpaG7M/TyzyGSRJPoTind
+QIFE0cAfzJB4+jebUfPHmEjhBncGwyTnyqBxzZVgjRWHwBpj4Z4X7vK7Nrp4xCuQ
+W8XU1iEDwAFqL5r3kTzbcPAYXNOYX8M2rjt4oSFKJTNDdN4c/cd4wBTxOlMmP/lt
+yZIfMqeLUxzqNNB0GjXleK5ieIMErM1Zh0A16fGk9fj9abB+8Bp9kYB4wcD1yOKT
+RARFGOOtZHzi/UBJfB+1whhQ1kbbpkWfV7HzcmbPXgvPZspOLz2PTPdnskqfnOtU
+qKjQj/QUPspv/o7KoPxKpHesCYjUv6zuRsm9F8rdV8hQM5URBth9LBawbz2uGYQr
+noztoDfztO3Mg8AY69NsR5ir92yrXV8FCel2rwWmcaOTQQRWHNX7gSgkl5z2ixzF
+WqJLQu06KNI2NQMBTWCqfqv/vezsn1FJgWQYjP8Eo4ntW9ecdxju3/Yse08AfHCd
+Hpv2BSvXBLGWuJFXYzAA3ACvVB9LxVxD4CDwtyrG5bxVA8NdxY7b8hmzWL+LeAKg
+qF05SN18mJi7RCce6DW5cZddteL26RkzYONrqItvqVpqZO2M6t+PTlYFV+ovcVYN
+RJBet1t1KQVBDqYk19bdDYX6b1rTjNryhoH/HkyYM2eKy2R90V2jyod/QdYrtuCM
+ncTZXXAqzNHzrP29e6UT3owAi886mC/eB8ihSzkNCcDPgq92It0gI2icqNDItGnq
+FpUJP5ebLk9/TnntrSbfYPISUDPBP/UNH0dSb6tbfCjr+tF1WLQmJFp3NqkOgJAR
+Qa0ofbyfPArZZrmxZ3Y3a0bNSLJd9vyFM9DQTr5bbVFvHgb6vm5oSa4IStNz52TP
+xkdf7QPtE1GJ9wfPu2QYcWqTUA9ZmPLWgtLAIfmIDWauEwBj2wB+WjoaoFwHGvon
+KSbUVBMuxR9qoeZ6gnfnd3eLsx2Q29QVtU1asTPs6C1l+NJBs4yP0DPJ6OC+kYZ4
+M+QnuJ1ODMttlQb7qbPzgI/80O8K6yq1GeSr6uRsGaFBcczrfzd9SxCVtstUMRDn
+sCIWUEiPpDpVKHYUf1XDOyu25TolBtw2e6aZTmAY9UQjMM2e8ZgOsUv1sUpBEegC
+dVM3if4tukJl2obr6+Y8QKm2+qWRmMWURoSeycBDR+G09vuYmiP3p/y1/zaulawA
+LlipmEGXAUAw54JtqUFPawreWeBGpU+KP5PFYqua6tA26AGWOj0LSDxyQrPbVa38
+xzkii8a7WBrpsF5GTi/vVWVC/90J6if1nPMpd0LCN/Nzi/rDIslNvd5VWxj3YnYZ
+ExvVU8BDRV/M6jmbpeTY/C18lS0nFiJLSMgf6mS2Ay/Ek1ieDkv3eM/Sfh6A68hA
+GZsJzLbkREUcDGwHcHBhLBS4V1ajPRdbwwGsD2YGnQQkSWmjN/59WHmlfN/xvlZq
+l/4q5JxZoC7ZzzD9dI/jq+WpnahgnY8wt9Fq8C8e4Lo27linHrHBYSBBx+Z9bRnz
+EVrzg9yRiO9LjWJNk2bMcrCSMf1M3m08BzifesxnKoPwopJvyEi6wIk0J/r3rYBk
+pzZz/RYr6sKuk6BauA+pMMfpsZUlDZgnMwcLbv7YdeOkmSp7lPmPhjtvbaJRo6oi
+OvHO5r5UL7gg3TYVmiiV2H+q1APGYH5b/qE9ShfeDoGxPlYFIb9Nv3Umeiyl2/i1
+kBt9AMNipGmIPHuzHGa2UxokgHvICJ7Son5Hi1duFX2Hk2gos+mbzgea+VA/USxD
+8xG5aYBkiRBmWgLRoRLOgscpWy0WNYCa14ScGCQNbo9kbnmo6DW8VzGdresa8u/E
+6JeoK4ubFYVeTZXB87t4FJ4JxmwkuiZO+UoFFvugtuZHNGYpB2w0hrRK3fBFM3zQ
+1/lAYGg1ogRNSiqyKEaNBYriymm/gzpvcwaA6nmetxiaz85jDGuZCeYjS1GA3Mio
+8xH4pihCUiuFc8Zx+HVpVk1paXPFqY2SwaWr7j1T8Zmn48oJAV/nnNPP5xHD7WvE
+3LFc2mjQh86v/6OdNDz+or6BfnJN6CgkdQ6z53nl3lFY5Q2TjxBc1SjmA6xYLAIm
+IRxjfImuWafk3K1FnIDWuXkG7FxCMFV8Iz1wNJ7oyX47Y3SC5sOpG27kDQUGw74E
+PqGCy843iIssSeWB/J518CWByytcTjOOKmsd0fxVnNkdBFPxuowORHFFVl1yPozK
+tTizgdeggis4zpPqkW257OryNeMjzKrJifsoZAsVLmVG0atVKt5+WFbF/C/juS32
+3WkBjwwdFpdcwKiEMIm55eH6caUqxxWCSuF/zC9tX63UOcH5nL9CWmY1U/p48Ew9
+fJORmxmu7eIaYP3a7q/TzTTl2cTvjC7UInKdGzfg00KFJoIeBeCS3YeEdd/a8oRV
+18PiWz4qA+tRvT2waMC4WOp1dhYUlhqPqVboa7Tccu1OVdPrLz7HybnY9jtoQPTJ
+vUUnzEE9h34m9YLg5x+S0SkTmh3eb3eSd34qTm/VWLbBCD0Ibt7xmev4U2CEqT+h
+A4YV4z7aHIaM0/8SZ7lstJQTa92V2r+/Kd/hJ6jI3/NY9Ha9h5LN7udpz6iPrhqX
+c/qFI8v5ZyMbd2VOHzufSCCbvxamJQU+l1IP5tO0U73jyezNuIXoDHBoGYQx1mOM
+yMph80KL1CbONK6CT/yXKQEHOK3HPYPL35ZTyLI4O83tBtxnZl5yIuC/THFLbi7F
+uqQCpUGSuSijvhKaFWsZY0pooH4n+ql/QdLbYKmVnz+r7UfiQy5nL9Rrv/uArkBt
+uDQ5dC2DCt6m5N0GpcAqBB0CXuxzD7KPPTAdxzlRJAANhCYErMz7HJaJBOquKnOs
+DaGuQ90qpi0/y/vkhx1OdFHcU+t2Ktv5chy9VUw2F6tfS8tdXYqz+uOi1rupPykG
+8i1CzjftR0OcxEv8G3nYBJG8sP4APR3IBf21hSEVOZoWa2mnKHZbmk8b0nQXOf84
+WRYpvBWZq3wrLorgz7nyagD6xpppgrg5Jdkl4ngWDEIWNFj3WNQMw12rtMJ/mXuM
+Ksh+dTo5Hkc1F0vjtp6XE6sPT5dnwgJbcnXigzGf2WXSMcKxxpP8Xtb+Aw3bcrVY
+/zvAN2DuB/c62lroujyCva/QidskQUSvL6pirJJ6EEuq8Z3D2gpKl6iD83TWIoJL
+8gYH/cFYEXonhYr7DXrRjN0PD0cR78RrINta1cOrOSjcppXdpIEg6zb10bqO9hru
+ycgtmq+Ms03OFhKBBME51Es7ahRnoZaJXwnOvgzLG21rrbJrR5tu+sn1sdlg4BY5
+CuLhHWdiYpJ7zVDsHHPQUR146JOcrrZ58hWzePSUDXz9smqvYmubUtPaYUbkTO6t
+pQwux0xnTrFZZFNiLgrUGWLAf8PhKY6YDsY36MuQpMoelQy+dINgTDD7zVqMHz6h
+YL29MI1UhAEiGdiKmkrpNuDRYxmpoFtd2YQ8LBkHlxYV0tYPVVvn31Y8Bikr4KFN
+s+TN1H/qgi3KACqt2eUh/5YRwEFzGCyMLP8gxJ362bBa/zOBTE0qXk49EmWWzmI+
+G4teTVitHhJdiDRgX/0x38MTXmHMqUzClvGz+uSOPFJGCRJjxM7XRTGaUPu01+wB
+85J7gcnPtonclnEz4ieylVCEDdAGi2lwgSdrfP5B16qCLNiN8wRUZkOnJs5MxzOz
+5kHhJz5t6IP4giRy177lDACZc9sJJJTkZBDh808on0QAL4L65jAe8QOCJ8s/T2+a
+eHolOfUUXuiFHs0FuqviuF8FDbtqhVDJnr2gWvRDxMnrrpn+XggHYKGCzUwaT42A
+9FOMFbArDpQ36zo0Nbf6h08moUoZ1EPWlCBX3TjfsAqpS23hX/RQxh8E/KJE9X6r
+jyWelQrlcwMcR/qXgOQq51vG3WmkcXYlwbiMNU/eb99G4Ph0Po5igThoH2FEUJJM
+szFicTuvQcifkbW7kOwDtu5o9kn4cVokbg6NSKZ1YhfcCKaWhbYU5E1/FYOFgCP8
+0UKv2vwJs/LqnqITnVNrDRbExrDnTrQOAVilkGCvgIIKabsA0TdA3h+1lP6sNqDm
+Or54dYWtirrLao4o3fB3b8E0v6YrdcVH7qsytjbUq1l56zPBr64MJHMGCnn3FCUC
+KhnQgCglF2s91Skyma5SWV5pnFS92uVQ9d9GHdtPhQ4PlBFjD4OASuEPsb1Gn6MV
+jnganNMSovNMmluvTSZXqgsXnp30K03P0CcspTUX55bWqmcQfQ8qN562H5KcA5wd
+v8b2h2qNzwCo7tjNYuVqanIlW5HdmlgAes+jWZk1OoNKwZ7KJseKC/al8HTz6GdT
+trjCsDNFm7POD8vASkMxrbnJN5zLTE+nxJOLh4zWvmNIbcywOrhvl5T7BQRotfht
+5KjcTEXBKA3I9PPqYaWejhyIp97GK02SJR0coEeusbN16P/qyORVeL84O7XUze/w
+1stTGhvv00Q1NzaD03b7oiFZBn6c8KHNWhmePoNx4Pecw6TrXcrbpfbuElmHK1qz
+J2DnNGMUtbzFpmWX42rSYh7l444MsGr7JkHSRf778T7oeGMTxVENL6GJHN3iFANe
+GIk6PFLDogAYkxmqUPYW8JZThadMpIZtNI990rxAoZTH/HZRnnst7EA0W9QVQI4O
+B2oEB4puhP6c2hef2GODSx5PfuYLTtJaK1bKukUQxlH/rw0+8B70L0r+R2vxTOUW
+5lJ3hDtdaZcM61MWGB6MNF4n0fAIM0xBr6TDDOhdYf29nKrjPM/mkyRJmOFu8uDX
+OjuayLkTJSToTTAQhbT2Yc4gi6XsxjcZTrQ9TVkmTyiMlhiQ78r6lEx/xwLi1RwB
+7Yl6/h8CRWOi7My5zquCeKWPUMjVISizSnsBSKk9Np2yzwrNqgzOnWtRn9dSWt3Z
+vSfuH1+a7qn6goy2s3vp0XJIpCPAWAYAI2eJCbrZJaRsMTIs7xHb/ChlBncn9Qvp
+9YGoOE4iM4hqgzb9wI4ygvb/CHwEFBfinhZb1V2ilP436XWzm7HIxh+FXxfdHLsE
+kkSW3JX4nhpmx/Gvl3FybqMavSmNAlfhzi5tHMoE/gyyTmnkAgpa2WUJeonJNRgx
+PM16lmj5bJPrGstw/sjIUifdDMWaY/1C99b9kfQot0sHu5KV8DziBGgo+5HtP98k
+JxCw5UcvCk+yG9e7h1JYCQ81l23eu4pMkBZwIETFEJh9xWa2GWxr3s6jQUzUOXBy
+G+gCsM75MmIw1I6nvA7CGy5Xv3LIFOD1hfuUBgahpqSo6O9P9tR7b854FgXfYq9V
+AkKl0ZmisorCNLT2V+M79iy0nZGDoBV0pKgVStIn518usYX2TC87xCm7EcFyTHM8
+JEoe6m5twAv8zZdLXOOOwXJNBadJ57s4cIUZ4vSrmoESUlXRvEUlhfE9l9ZqjILV
+VLiHNMMvm2qs9ghRGWZEqW7Kd11n763RoeL98YFKDTH+f/gIszxO8gjJbfc25VqF
+zV6+AVkYgebbT3c1TKPLvAd0z1/fEDnc1AAA2ZBvgi+MTXiMAfuiXozo+lV94Ch3
+O60AgqGqCKMaguO/QX7xmIIt66yqnkU96msJdetJFeri4+JvqdtvY9qSwtAoQxRW
+1u3C+oaj6FOJ5dXf5ltTPKqtQIuvsxbdFVyhMlxplqh6oJBnN3Pe/aTn+1ILOCU9
+dA1cdJzAqddhEXa/4xQK6fb58xJJ+QY1cYR33lEeHErPW5hPssZbxFf4k9RIZnVf
+76Ofthj6BA6Nk5vXOlTWhixZcPJPnq30MVq0dvkT5SoPz8ZeY8M4MU/K8r/fqbNG
+pci9+N/0oJsIT+vLttbaZQEwIx+2PUIM0FM19reSi0Z0Wu729xQcFR0vTnZzuWO3
+fEuEmKKZNi4Q2IvBiucP/in1dR64Wo6zz4oJoQDSq49TSHryflJGmpl2bYmkbdtf
+O+BoMkplhE5lM55naAyf4tkwWEmSbhokY7CPxxdAwaWOiyZhESLKfDmDXa4tYNHe
+iULXpa3uQPHB3nLvvGq/X3poh0ccAarNA6h1xJbUPyfqCKL/EDZEDTsPwpypeFBj
+vJ+CKYFDk2KwWDa5k8X5u8EiWAwVdlPnSJ7vzOksBh8+K1gY3gRkGiZOcRHXlbe2
+fgiRGsRRxMUXn2pR5s1SP1TU5Kr6+i5zU8DmDW3sQgXysoVatQCFkwj3Bd4cOWCH
+UrqF/C6nwTzfuWKXx7MW5EkttRFj8dX3UYuQattVZR1xFhsmvV9FU/cvInJZd/dZ
+j+5Wow73PmAOCBXw5dH3/uEI2x3BUPtABmxWsuCCE5TFH3Wli/cnWAJhLeoDLgOo
+1jlVhWt+EMHVjo8jfnhrP9IAT36Mxuz7AbC3GWX5C1RmlHMs1CpI4ImOc1bNQ3b3
+fHAaNCTzG8zVftK8//acfB62/TD2VA2ac2jYNgVO7m8LuLJisqrrjmYtJ3vwTw0B
+OdMEF4tWSsBK15REoovSMeHMa0UxiVsuwwdnEqzCdfK8ULkGDmNcR23aCzZyGrJr
+sx+Wcak9ULugCEqJ4F6efvXi9R7EwMWDrpyfTIRlz7W1DGib1xUbj6zlL2vYL5IR
+tqpK77WO10GA2O7JcwXXZzXW2V1Qa9RZK+1MTLq5uMTse57qAwIjG/IlnlLeSm+k
+nGqs4rYCE+uet3h3py1Kis1b2TwkQlSLJq8ntIdC37VtsjZS78s3p75b9zGOsbv+
+5ptzJvt1ej/H1Nua3iH3a8I8EyHyerwiKz7AywvNXhBk/QH4LkxglAmi4dTcfHWc
+byAc9b17AKqPGpanZD2ekrAX6p7WhfUd9U1zYURI2H9KRv4thI9dePfesaIxsXMd
+Cd6nj3nUmTqhCyLDDMj+UBYWiJjjNCda6VueqRvhUDv79WNCMMDQOZjYL3ZFElIp
+iaiWLIqEQJxYMadZKZq9VmK/4YVLjNnfpyitY2NH3zf+wm1z2lS5w88lFd+/7wQ3
+WCs+LFxcinr+Jdhtx09jPFTTiLUmuDImDJqMfJNOOrVQiEYJh1Udn/gulBpT2XqB
+Ix80NregA2NRmmReg9CNjxTjXmlQDJTqRUi9LKcPaqzkE0pECm99A0A0z838+eWG
+ndZ8X7tFohM97Qmc59EGU80oiYu4niOSu7nWNVPjysvKgKDoQG8AFU3IY248vw/b
+lChAyMLl78R+DIKVIj5kxQ9aIKKgeHlu9+UH+4CE0tye84aYCTJmphloBFHMvnAn
+aGFFXoBRkLwEGjws1gpr7Ci6PYvZdtoRAXvVaFTYMI0iAPYWo+m5H24KER0hWN7F
+RRKpq0W5gVzGxtbnTou+u4TiH4G2Zv4+L2feWvRUh71Taacw+gwvYqrhd3n3Q+N+
++DfG6cG0GwBETgR5IqpCMcCN/nn8OY97/Dl5cJltpyL2qwA8hPVwN6LQdQ2kAtpj
++2wG8nFozyoZTaZHweXvyyUtvbsDOemceYjvKhhECEUzczuhPytemyC/a51xwh7i
+tHQ65gbgww0Nfzliuoxd0FfNMHzGSnbsgzCRzf3h+6cSp0eqsecK1Huhe5x5pHh0
+5fHTQaKrsTUnNvaXMRqZT4Iz4KKpw7FYDapLSIea2ur75tX2+FbDyrKUVRdcH6oJ
+d9+oMUqlvHoxvlkXyxQWol0W7ZSBU2BsUX78rcTe1YxIbsk41OWNXlnLMHWAMLFx
+Pc3iinioHTWg2Hhxwy+EhmKAEh5w9pKITBlacryrYU6zQ11+m0XWxMpZ1Bl2jwzO
+Id2UwlLfbzpB6fqrLixgKXK0sOXdJspMuSqCgNxTlOQP+ip4J0kNkzxoujAvVKbO
+N4OBLQsl1aRNN0GAIs+6ITK+xPPEa5TdCiclfYcH4rw0cP80C66N7H+hInnuwsDz
+LojZgK7g3TIZOguEXMV36i8DdnUithrHNdQ6t+DunaYnMq6BSTEcEUmjPTURpaTU
+X2KUlap4Dmad2EnVoBlxIbc44LTi6jj1fnGONRxGClDYgzMBGNUbZM30JPciC5+M
+URBGhMQoPIE1YnSc6im/Rc3Bo6f/7NXYeUXf8lHCpweWsGKfu5A0Ik6ei/zKCsEJ
+L6hYDURpAgneWQ9E1ailuB2ax4eoIeXTc+2CTA65gk6pNYuM/RI5a5txjfEbf4S5
+yTH2Gu/lSqFUC/1UwxBomazKkH665PNynt/lrgZtIfnPjuKQnjOUQKKKcgyj8I4z
+dlgKNYe+HXWW/UEUSPEnJm2aqG2Y3DEX70AqCrW3u0ZPyqm6QXR2q1couiJgkk0o
+UX8RVv3BKh7wCYDlgy+zr+B0+vpdCiAzQ/rsvWtyUiqLXbbRw5wX2w+WK/T2svsY
+gdq36mq7Shyamd/Eehv8wQZD9/TZnQQiKhAWfEIJYQr0tXdg1hPXOS1uv9emdc/b
+4hqULTbqlWcZv/I4ixIiE6ORyupj0UKe8SP3Q7mZgYbJk1nbaFl287nQnfwvICyD
+unESZhSXjpZqqmpQOkpbq/8QybyTWOo8A729AS1Ndc0aRrVW1hQR9F5tJjqPwRnm
+zH/knWzGt3+gkMedAwuaS2hhamqq8YV+DGFwU1Px5KoVjXXVKIEkVAlDrifv4kzq
+F6RdXF/HRnkKZ74ZlzP+2yZB2EifFxYiB4djf4qaeoXIjxqg8Pz0Xd15BEZgjlV5
+Ndz1E8Ow8RhQgcnXWLvVIq9K2V1NPHVbsKjvgZbAnD1hOC/snhX1G8PTuhY9/xRF
+xPP5cnP1tcjVcHD0RUdytZpwjrV9x+pLHZ0tC3bWMJSIdK0HuHJRddNoTafD/5et
+wxzWP5O04qQw2MSLoMXRr6AYJwxyQ4djnidxTlH+GqwbthBc+RSCBPkoL0EUcU6L
+YHN9qOsOjChbPlhyQl+9Q9PMzOz83/7e3LBNq1t+m+WiYMfIpy6CT8O3ghmWOvuy
+4cGJIVQGOFRU43H4hizYP+rqfvR+qTgv/Gw+Wo/pAe8ZJxwbx0JhwqIvmZobQdZ4
+XAAXfGWBqu0tNxcdAPG/8sMDKtg+RIuGNsY5j6pysSYaF/eda8l8+WrTkK2F8UqQ
+jbMhBdPYkhnUp47afDqj9OAZ/Dvkc0XFb+HizuGtqvAaMVlio9/Mz2cDokSDRqKx
+L9mklAF0AFI6Ssn0q/Jcn0EFKfXOuxxHJjBjEm+Sqk3aXug6PzejqNSf6fTO6pEG
+vds2b95CXfV6V0QWiHc2G6ro1L2i/onvLRAr0/PPlLPlw5lKPVGlWocypbMN5M8q
+4K/7o54EFMA9hvkjBrna/BOVjK8utlA+J/y23VJgiILwZxjfjcCFeR4dJmgZ6gE2
+NL2r4lLHT3b3RY0feju73p75DU0moaOSA3Wk8DuYa7XeglGql1Khsi+YsjHQDr4e
+KW72ijEeTLL4MuQ90rz3Jl7q6kDuOZVGI7YudlEMB8vp1wYBTxIrAIJGAFfAd8Kn
+KNBHkfqupLGshMG6VLEeVsfN3CRyJCFkW8zXHS9cNIncBhmJum75276OKv/H12eH
+JI4GTaLI588f9Il9FAGQgbo5XcwCdSHQRJ59mVTm02O5j8liEf0rXgd9ApqauNhs
+nF3T9xqdk3KkFzcLIF2BEj5sm0RWZx24fUjyrviCd8D2eA3SgzWw20dfGKqozWgc
+EYWwDk/jPM7TNbKIoukT2yLXYVSw6Ci47Mf5SyMcBv+ndvFmHFkrFMeLHCM0Zx24
+PCnKZ99WDbpf623MD2e/M4gqATrp9Gvjbu9IbAFy8tUywrU+9FSbQkJ67Nn20Wmv
+N1d+/b2+v8PoIuSCULujEvfJ8bGbrlKpgteeYmEtSg2Lc1g14Kk7DG9Ukm17n6PY
+o225r0VMJv5yujj05hfs4Lp5Ne5leP8EMKhCg5Sgjw/MvLoXYX4O7rjK/rXDg6SA
+qQI4xyBNG9ah06y2mna3wgEK2uagWx4o4y9v6WjFzKggYlbOMd+DsSTWGao44/ui
+ukiMZ/x/shXcjho+B+XW1W0vtEwT0vlWL6U1fETun4nC6jRAL0HQMa7YrocONLWv
+qF5KWPhZR6j1OQU/d/nm4mGJFXB3NPuqVvjbZ3S6nhj8KgOnQtgTo7Pu98F+lQfP
+ssFrgj9U682PpuL/KeTCqNU8/GNbrvpYkl9xcvg8J6dXKb9JhB2HWp8OAS48M81R
+Q8T0v+SGvX/xR+0MqPVvsJh+m7DzPw8APCqw5rrMggAkRUPENc1PGu+pTxPKoKPd
+qv/rS1yXCm4OidRm2PWxGtDhp3LMMKwtETOS1/BJspoZeLcMLYoRdQs6Rs2llSdY
+L67rQnKcS8vE+Q6VwgGKiH/Y84NGd5JsuZ4fjKSE6QxM+0cK5aZyFNCvBfAsaOWc
+eLgM1+XhIEKR3SkwjVko6s2UOLk6QkiQQvrehJHsMFvU7/MN9IlBXpnATmcQWrXo
+XErP0yJMDc+q8ad0KBilmMq73LQuCj18qy0Zh+RKLSkG1dqxYNpg8h0cPDb6RK/y
+ndqgmWnF+30159YLs2sUkZPLnzKspb/7Xzc5tZUzhk3PZw==
+=KIFU
+-----END PGP MESSAGE-----
diff --git a/propellor.cabal b/propellor.cabal
index 2ac8a44a..c9b8fa9f 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -105,6 +105,7 @@ Library
Propellor.Types
Propellor.Types.OS
Propellor.Types.Dns
+ Propellor.Types.PrivData
Other-Modules:
Propellor.Types.Info
Propellor.CmdLine
@@ -126,6 +127,7 @@ Library
Utility.Process
Utility.SafeCommand
Utility.Scheduled
+ Utility.Table
Utility.ThreadScheduler
Utility.Tmp
Utility.UserInfo
diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index 32e97316..448e70d2 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -26,9 +26,11 @@ usage = do
, " propellor"
, " propellor hostname"
, " propellor --spin hostname"
- , " propellor --set hostname field"
- , " propellor --dump hostname field"
, " propellor --add-key keyid"
+ , " propellor --set field context"
+ , " propellor --dump field context"
+ , " propellor --edit field context"
+ , " propellor --list-fields"
]
exitFailure
@@ -39,8 +41,10 @@ processCmdLine = go =<< getArgs
go ("--spin":h:[]) = return $ Spin h
go ("--boot":h:[]) = return $ Boot h
go ("--add-key":k:[]) = return $ AddKey k
- go ("--set":h:f:[]) = withprivfield f (return . Set h)
- go ("--dump":h:f:[]) = withprivfield f (return . Dump h)
+ go ("--set":f:c:[]) = withprivfield f c Set
+ go ("--dump":f:c:[]) = withprivfield f c Dump
+ go ("--edit":f:c:[]) = withprivfield f c Edit
+ go ("--list-fields":[]) = return ListFields
go ("--continue":s:[]) = case readish s of
Just cmdline -> return $ Continue cmdline
Nothing -> errorMessage "--continue serialization failure"
@@ -56,8 +60,8 @@ processCmdLine = go =<< getArgs
else return $ Run s
go _ = usage
- withprivfield s f = case readish s of
- Just pf -> f pf
+ withprivfield s c f = case readish s of
+ Just pf -> return $ f pf (Context c)
Nothing -> errorMessage $ "Unknown privdata field " ++ s
defaultMain :: [Host] -> IO ()
@@ -69,8 +73,10 @@ defaultMain hostlist = do
go True cmdline
where
go _ (Continue cmdline) = go False cmdline
- go _ (Set hn field) = setPrivData hn field
- go _ (Dump hn field) = dumpPrivData hn field
+ go _ (Set field context) = setPrivData field context
+ go _ (Dump field context) = dumpPrivData field context
+ go _ (Edit field context) = editPrivData field context
+ go _ ListFields = listPrivDataFields hostlist
go _ (AddKey keyid) = addKey keyid
go _ (Chain hn) = withhost hn $ \h -> do
r <- runPropellor h $ ensureProperties $ hostProperties h
@@ -78,7 +84,7 @@ defaultMain hostlist = do
go _ (Docker hn) = Docker.chain hn
go True cmdline@(Spin _) = buildFirst cmdline $ go False cmdline
go True cmdline = updateFirst cmdline $ go False cmdline
- go False (Spin hn) = withhost hn $ const $ spin hn
+ go False (Spin hn) = withhost hn $ spin hn
go False (Run hn) = ifM ((==) 0 <$> getRealUserID)
( onlyProcess $ withhost hn mainProperties
, go True (Spin hn)
@@ -170,17 +176,19 @@ updateFirst cmdline next = do
getCurrentGitSha1 :: String -> IO String
getCurrentGitSha1 branchref = readProcess "git" ["show-ref", "--hash", branchref]
-spin :: HostName -> IO ()
-spin hn = do
+spin :: HostName -> Host -> IO ()
+spin hn hst = do
url <- getUrl
void $ gitCommit [Param "--allow-empty", Param "-a", Param "-m", Param "propellor spin"]
void $ boolSystem "git" [Param "push"]
cacheparams <- toCommand <$> sshCachingParams hn
- go cacheparams url =<< gpgDecrypt (privDataFile hn)
+ go cacheparams url =<< hostprivdata
where
+ hostprivdata = show . filterPrivData hst <$> decryptPrivData
+
go cacheparams url privdata = withBothHandles createProcessSuccess (proc "ssh" $ cacheparams ++ [user, bootstrapcmd]) $ \(toh, fromh) -> do
let finish = do
- senddata toh (privDataFile hn) privDataMarker privdata
+ senddata toh "privdata" privDataMarker privdata
hClose toh
-- Display remaining output.
@@ -222,8 +230,8 @@ spin hn = do
Just status -> return status
showremote s = putStrLn s
- senddata toh f marker s = void $
- actionMessage ("Sending " ++ f ++ " (" ++ show (length s) ++ " bytes) to " ++ hn) $ do
+ senddata toh desc marker s = void $
+ actionMessage ("Sending " ++ desc ++ " (" ++ show (length s) ++ " bytes) to " ++ hn) $ do
sendMarked toh marker s
return True
diff --git a/src/Propellor/PrivData.hs b/src/Propellor/PrivData.hs
index 5ddbdcff..d7d81a21 100644
--- a/src/Propellor/PrivData.hs
+++ b/src/Propellor/PrivData.hs
@@ -2,18 +2,23 @@
module Propellor.PrivData where
-import qualified Data.Map as M
import Control.Applicative
import System.FilePath
import System.IO
import System.Directory
import Data.Maybe
+import Data.Monoid
import Data.List
import Control.Monad
+import Control.Monad.IfElse
import "mtl" Control.Monad.Reader
+import qualified Data.Map as M
+import qualified Data.Set as S
import Propellor.Types
+import Propellor.Types.Info
import Propellor.Message
+import Propellor.Info
import Utility.Monad
import Utility.PartialPrelude
import Utility.Exception
@@ -21,53 +26,119 @@ import Utility.Process
import Utility.Tmp
import Utility.SafeCommand
import Utility.Misc
+import Utility.FileMode
+import Utility.Env
+import Utility.Table
+
+type PrivMap = M.Map (PrivDataField, Context) PrivData
--- | When the specified PrivDataField is available on the host Propellor
--- is provisioning, it provies the data to the action. Otherwise, it prints
--- a message to help the user make the necessary private data available.
-withPrivData :: PrivDataField -> (String -> Propellor Result) -> Propellor Result
-withPrivData field a = maybe missing a =<< liftIO (getPrivData field)
+-- | Allows a Property to access the value of a specific PrivDataField,
+-- for use in a specific Context.
+--
+-- Example use:
+--
+-- > withPrivData (PrivFile pemfile) (Context "joeyh.name") $ \getdata ->
+-- > property "joeyh.name ssl cert" $ getdata $ \privdata ->
+-- > liftIO $ writeFile pemfile privdata
+-- > where pemfile = "/etc/ssl/certs/web.pem"
+--
+-- Note that if the value is not available, the action is not run
+-- and instead it prints a message to help the user make the necessary
+-- private data available.
+--
+-- The resulting Property includes Info about the PrivDataField
+-- being used, which is necessary to ensure that the privdata is sent to
+-- the remote host by propellor.
+withPrivData
+ :: PrivDataField
+ -> Context
+ -> (((PrivData -> Propellor Result) -> Propellor Result) -> Property)
+ -> Property
+withPrivData field context@(Context cname) mkprop = addinfo $ mkprop $ \a ->
+ maybe missing a =<< liftIO (getLocalPrivData field context)
where
- missing = do
- host <- asks hostName
- let host' = if ".docker" `isSuffixOf` host
- then "$parent_host"
- else host
- liftIO $ do
- warningMessage $ "Missing privdata " ++ show field
- putStrLn $ "Fix this by running: propellor --set "++host'++" '" ++ show field ++ "'"
- return FailedChange
-
-getPrivData :: PrivDataField -> IO (Maybe String)
-getPrivData field = do
- m <- catchDefaultIO Nothing $ readish <$> readFile privDataLocal
- return $ maybe Nothing (M.lookup field) m
-
-setPrivData :: HostName -> PrivDataField -> IO ()
-setPrivData host field = do
+ missing = liftIO $ do
+ warningMessage $ "Missing privdata " ++ show field ++ " (for " ++ cname ++ ")"
+ putStrLn $ "Fix this by running: propellor --set '" ++ show field ++ "' '" ++ cname ++ "'"
+ return FailedChange
+ addinfo p = p { propertyInfo = propertyInfo p <> mempty { _privDataFields = S.singleton (field, context) } }
+
+addPrivDataField :: (PrivDataField, Context) -> Property
+addPrivDataField v = pureInfoProperty (show v) $
+ mempty { _privDataFields = S.singleton v }
+
+{- Gets the requested field's value, in the specified context if it's
+ - available, from the host's local privdata cache. -}
+getLocalPrivData :: PrivDataField -> Context -> IO (Maybe PrivData)
+getLocalPrivData field context =
+ getPrivData field context . fromMaybe M.empty <$> localcache
+ where
+ localcache = catchDefaultIO Nothing $ readish <$> readFile privDataLocal
+
+{- Get only the set of PrivData that the Host's Info says it uses. -}
+filterPrivData :: Host -> PrivMap -> PrivMap
+filterPrivData host = M.filterWithKey (\k _v -> S.member k used)
+ where
+ used = _privDataFields $ hostInfo host
+
+getPrivData :: PrivDataField -> Context -> PrivMap -> Maybe PrivData
+getPrivData field context = M.lookup (field, context)
+
+setPrivData :: PrivDataField -> Context -> IO ()
+setPrivData field context = do
putStrLn "Enter private data on stdin; ctrl-D when done:"
- value <- chomp <$> hGetContentsStrict stdin
+ setPrivDataTo field context =<< hGetContentsStrict stdin
+
+dumpPrivData :: PrivDataField -> Context -> IO ()
+dumpPrivData field context =
+ maybe (error "Requested privdata is not set.") putStrLn
+ =<< (getPrivData field context <$> decryptPrivData)
+
+editPrivData :: PrivDataField -> Context -> IO ()
+editPrivData field context = do
+ v <- getPrivData field context <$> decryptPrivData
+ v' <- withTmpFile "propellorXXXX" $ \f h -> do
+ hClose h
+ maybe noop (writeFileProtected f) v
+ editor <- getEnvDefault "EDITOR" "vi"
+ unlessM (boolSystem editor [File f]) $
+ error "Editor failed; aborting."
+ readFile f
+ setPrivDataTo field context v'
+
+listPrivDataFields :: [Host] -> IO ()
+listPrivDataFields hosts = do
+ m <- decryptPrivData
+ putStrLn "\n"
+ let usedby = M.unionsWith (++) $ map mkhostmap hosts
+ let rows = map (mkrow usedby) (M.keys m)
+ let table = tableWithHeader header rows
+ putStr $ unlines $ formatTable table
+ where
+ header = ["Field", "Context", "Used by"]
+ mkrow usedby k@(field, (Context context)) =
+ [ shellEscape $ show field
+ , shellEscape context
+ , intercalate ", " $ sort $ fromMaybe [] $ M.lookup k usedby
+ ]
+ mkhostmap host = M.fromList $ map (\k -> (k, [hostName host])) $
+ S.toList $ _privDataFields $ hostInfo host
+
+setPrivDataTo :: PrivDataField -> Context -> PrivData -> IO ()
+setPrivDataTo field context value = do
makePrivDataDir
- let f = privDataFile host
- m <- decryptPrivData host
- let m' = M.insert field value m
- gpgEncrypt f (show m')
+ m <- decryptPrivData
+ let m' = M.insert (field, context) (chomp value) m
+ gpgEncrypt privDataFile (show m')
putStrLn "Private data set."
- void $ boolSystem "git" [Param "add", File f]
+ void $ boolSystem "git" [Param "add", File privDataFile]
where
chomp s
| end s == "\n" = chomp (beginning s)
| otherwise = s
-dumpPrivData :: HostName -> PrivDataField -> IO ()
-dumpPrivData host field = go . M.lookup field =<< decryptPrivData host
- where
- go Nothing = error "Requested privdata is not set."
- go (Just s) = putStrLn s
-
-decryptPrivData :: HostName -> IO (M.Map PrivDataField String)
-decryptPrivData host = fromMaybe M.empty . readish
- <$> gpgDecrypt (privDataFile host)
+decryptPrivData :: IO PrivMap
+decryptPrivData = fromMaybe M.empty . readish <$> gpgDecrypt privDataFile
makePrivDataDir :: IO ()
makePrivDataDir = createDirectoryIfMissing False privDataDir
@@ -75,8 +146,8 @@ makePrivDataDir = createDirectoryIfMissing False privDataDir
privDataDir :: FilePath
privDataDir = "privdata"
-privDataFile :: HostName -> FilePath
-privDataFile host = privDataDir </> host ++ ".gpg"
+privDataFile :: FilePath
+privDataFile = privDataDir </> "privdata.gpg"
privDataLocal :: FilePath
privDataLocal = privDataDir </> "local"
diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs
index 1521eb65..4307b850 100644
--- a/src/Propellor/Property/Docker.hs
+++ b/src/Propellor/Property/Docker.hs
@@ -55,10 +55,11 @@ installed = Apt.installed ["docker.io"]
-- | Configures docker with an authentication file, so that images can be
-- pushed to index.docker.io. Optional.
configured :: Property
-configured = property "docker configured" go `requires` installed
+configured = prop `requires` installed
where
- go = withPrivData DockerAuthentication $ \cfg -> ensureProperty $
- "/root/.dockercfg" `File.hasContent` (lines cfg)
+ prop = withPrivData DockerAuthentication anyContext $ \getcfg ->
+ property "docker configured" $ getcfg $ \cfg -> ensureProperty $
+ "/root/.dockercfg" `File.hasContent` (lines cfg)
-- | A short descriptive name for a container.
-- Should not contain whitespace or other unusual characters,
@@ -86,8 +87,8 @@ cn2hn cn = cn ++ ".docker"
-- The container has its own Properties which are handled by running
-- propellor inside the container.
--
--- Additionally, the container can have DNS info, such as a CNAME.
--- These become info of the host(s) it's docked in.
+-- When the container's Properties include DNS info, such as a CNAME,
+-- that is propigated to the Info of the host(s) it's docked in.
--
-- Reverting this property ensures that the container is stopped and
-- removed.
@@ -96,7 +97,7 @@ docked
-> ContainerName
-> RevertableProperty
docked hosts cn = RevertableProperty
- ((maybe id exposeDnsInfos mhost) (go "docked" setup))
+ ((maybe id propigateInfo mhost) (go "docked" setup))
(go "undocked" teardown)
where
go desc a = property (desc ++ " " ++ cn) $ do
@@ -123,9 +124,12 @@ docked hosts cn = RevertableProperty
]
]
-exposeDnsInfos :: Host -> Property -> Property
-exposeDnsInfos (Host _ _ containerinfo) p = combineProperties (propertyDesc p) $
- p : map addDNS (S.toList $ _dns containerinfo)
+propigateInfo :: Host -> Property -> Property
+propigateInfo (Host _ _ containerinfo) p =
+ combineProperties (propertyDesc p) $ p : dnsprops ++ privprops
+ where
+ dnsprops = map addDNS (S.toList $ _dns containerinfo)
+ privprops = map addPrivDataField (S.toList $ _privDataFields containerinfo)
findContainer
:: Maybe Host
@@ -390,7 +394,7 @@ chain s = case toContainerId s of
-- being run. So, retry connections to the client for up to
-- 1 minute.
provisionContainer :: ContainerId -> Property
-provisionContainer cid = containerDesc cid $ property "provision" $ liftIO $ do
+provisionContainer cid = containerDesc cid $ property "provisioned" $ liftIO $ do
let shim = Shim.file (localdir </> "propellor") (localdir </> shimdir cid)
r <- simpleShClientRetry 60 (namedPipe cid) shim params (go Nothing)
when (r /= FailedChange) $
diff --git a/src/Propellor/Property/File.hs b/src/Propellor/Property/File.hs
index 0b060177..0e738f25 100644
--- a/src/Propellor/Property/File.hs
+++ b/src/Propellor/Property/File.hs
@@ -17,16 +17,17 @@ f `hasContent` newcontent = fileProperty ("replace " ++ f)
--
-- The file's permissions are preserved if the file already existed.
-- Otherwise, they're set to 600.
-hasPrivContent :: FilePath -> Property
-hasPrivContent f = property desc $ withPrivData (PrivFile f) $ \privcontent ->
- ensureProperty $ fileProperty' writeFileProtected desc
- (\_oldcontent -> lines privcontent) f
+hasPrivContent :: FilePath -> Context -> Property
+hasPrivContent f context = withPrivData (PrivFile f) context $ \getcontent ->
+ property desc $ getcontent $ \privcontent ->
+ ensureProperty $ fileProperty' writeFileProtected desc
+ (\_oldcontent -> lines privcontent) f
where
desc = "privcontent " ++ f
-- | Leaves the file world-readable.
-hasPrivContentExposed :: FilePath -> Property
-hasPrivContentExposed f = hasPrivContent f `onChange`
+hasPrivContentExposed :: FilePath -> Context -> Property
+hasPrivContentExposed f context = hasPrivContent f context `onChange`
mode f (combineModes (ownerWriteMode:readModes))
-- | Ensures that a line is present in a file, adding it to the end if not.
diff --git a/src/Propellor/Property/Gpg.hs b/src/Propellor/Property/Gpg.hs
index 64ea9fea..b4698663 100644
--- a/src/Propellor/Property/Gpg.hs
+++ b/src/Propellor/Property/Gpg.hs
@@ -9,6 +9,8 @@ import System.PosixCompat
installed :: Property
installed = Apt.installed ["gnupg"]
+type GpgKeyId = String
+
-- | Sets up a user with a gpg key from the privdata.
--
-- Note that if a secret key is exported using gpg -a --export-secret-key,
@@ -21,19 +23,20 @@ installed = Apt.installed ["gnupg"]
-- The GpgKeyId does not have to be a numeric id; it can just as easily
-- be a description of the key.
keyImported :: GpgKeyId -> UserName -> Property
-keyImported keyid user = flagFile' (property desc go) genflag
+keyImported keyid user = flagFile' prop genflag
`requires` installed
where
desc = user ++ " has gpg key " ++ show keyid
genflag = do
d <- dotDir user
return $ d </> ".propellor-imported-keyid-" ++ keyid
- go = withPrivData (GpgKey keyid) $ \key -> makeChange $
- withHandle StdinHandle createProcessSuccess
- (proc "su" ["-c", "gpg --import", user]) $ \h -> do
- fileEncoding h
- hPutStr h key
- hClose h
+ prop = withPrivData GpgKey (Context keyid) $ \getkey ->
+ property desc $ getkey $ \key -> makeChange $
+ withHandle StdinHandle createProcessSuccess
+ (proc "su" ["-c", "gpg --import", user]) $ \h -> do
+ fileEncoding h
+ hPutStr h key
+ hClose h
dotDir :: UserName -> IO FilePath
dotDir user = do
diff --git a/src/Propellor/Property/Hostname.hs b/src/Propellor/Property/Hostname.hs
index 10fda040..1cce4e60 100644
--- a/src/Propellor/Property/Hostname.hs
+++ b/src/Propellor/Property/Hostname.hs
@@ -3,11 +3,16 @@ module Propellor.Property.Hostname where
import Propellor
import qualified Propellor.Property.File as File
--- | Ensures that the hostname is set to the HostInfo value.
+-- | Ensures that the hostname is set using best practices.
+--
-- Configures /etc/hostname and the current hostname.
--
--- A FQDN also configures /etc/hosts, with an entry for 127.0.1.1, which is
--- standard at least on Debian to set the FDQN (127.0.0.1 is localhost).
+-- /etc/hosts is also configured, with an entry for 127.0.1.1, which is
+-- standard at least on Debian to set the FDQN.
+--
+-- Also, the /etc/hosts 127.0.0.1 line is set to localhost. Putting any
+-- other hostnames there is not best practices and can lead to annoying
+-- messages from eg, apache.
sane :: Property
sane = property ("sane hostname") (ensureProperty . setTo =<< asks hostName)
@@ -21,13 +26,14 @@ setTo hn = combineProperties desc go
[ Just $ "/etc/hostname" `File.hasContent` [basehost]
, if null domain
then Nothing
- else Just $ File.fileProperty desc
- addhostline "/etc/hosts"
+ else Just $ trivial $ hostsline "127.0.1.1" [hn, basehost]
+ , Just $ trivial $ hostsline "127.0.0.1" ["localhost"]
, Just $ trivial $ cmdProperty "hostname" [basehost]
]
- hostip = "127.0.1.1"
- hostline = hostip ++ "\t" ++ hn ++ " " ++ basehost
-
- addhostline ls = hostline : filter (not . hashostip) ls
- hashostip l = headMaybe (words l) == Just hostip
+ hostsline ip names = File.fileProperty desc
+ (addhostsline ip names)
+ "/etc/hosts"
+ addhostsline ip names ls =
+ (ip ++ "\t" ++ (unwords names)) : filter (not . hasip ip) ls
+ hasip ip l = headMaybe (words l) == Just ip
diff --git a/src/Propellor/Property/OpenId.hs b/src/Propellor/Property/OpenId.hs
index 051d6425..39cb6ff0 100644
--- a/src/Propellor/Property/OpenId.hs
+++ b/src/Propellor/Property/OpenId.hs
@@ -25,5 +25,6 @@ providerFor users baseurl = propertyList desc $
-- the identitites directory controls access, so open up
-- file mode
- identfile u = File.hasPrivContentExposed $
- concat $ [ "/var/lib/simpleid/identities/", u, ".identity" ]
+ identfile u = File.hasPrivContentExposed
+ (concat [ "/var/lib/simpleid/identities/", u, ".identity" ])
+ (Context baseurl)
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 85584e43..4cb26a50 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -23,29 +23,25 @@ builddir = gitbuilderdir </> "build"
type TimeOut = String -- eg, 5h
-autobuilder :: CronTimes -> TimeOut -> Bool -> Property
-autobuilder crontimes timeout rsyncupload = combineProperties "gitannexbuilder"
+autobuilder :: Architecture -> CronTimes -> TimeOut -> Property
+autobuilder arch crontimes timeout = combineProperties "gitannexbuilder"
[ Apt.serviceInstalledRunning "cron"
, Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir $
"git pull ; timeout " ++ timeout ++ " ./autobuild"
-- The builduser account does not have a password set,
-- instead use the password privdata to hold the rsync server
-- password used to upload the built image.
- , property "rsync password" $ do
- let f = homedir </> "rsyncpassword"
- if rsyncupload
- then withPrivData (Password builduser) $ \p -> do
- oldp <- liftIO $ catchDefaultIO "" $
- readFileStrict f
- if p /= oldp
- then makeChange $ writeFile f p
- else noChange
- else do
- ifM (liftIO $ doesFileExist f)
- ( noChange
- , makeChange $ writeFile f "no password configured"
- )
+ , withPrivData (Password builduser) context $ \getpw ->
+ property "rsync password" $ getpw $ \pw -> do
+ oldpw <- liftIO $ catchDefaultIO "" $
+ readFileStrict pwfile
+ if pw /= oldpw
+ then makeChange $ writeFile pwfile pw
+ else noChange
]
+ where
+ context = Context ("gitannexbuilder " ++ arch)
+ pwfile = homedir </> "rsyncpassword"
tree :: Architecture -> Property
tree buildarch = combineProperties "gitannexbuilder tree"
@@ -101,13 +97,13 @@ standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.conta
& User.accountFor builduser
& tree arch
& buildDepsApt
- & autobuilder (show buildminute ++ " * * * *") timeout True
+ & autobuilder arch (show buildminute ++ " * * * *") timeout
androidAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host
androidAutoBuilderContainer dockerImage crontimes timeout =
androidContainer dockerImage "android-git-annex-builder" (tree "android") builddir
& Apt.unattendedUpgrades
- & autobuilder crontimes timeout True
+ & autobuilder "android" crontimes timeout
-- Android is cross-built in a Debian i386 container, using the Android NDK.
androidContainer :: (System -> Docker.Image) -> Docker.ContainerName -> Property -> FilePath -> Host
@@ -154,7 +150,7 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-
-- The armel builder can ssh to this companion.
& Docker.expose "22"
& Apt.serviceInstalledRunning "ssh"
- & Ssh.authorizedKeys builduser
+ & Ssh.authorizedKeys builduser (Context "armel-git-annex-builder")
armelAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host
armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "armel-git-annex-builder"
@@ -172,9 +168,9 @@ armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "arme
-- git-annex/standalone/linux/install-haskell-packages
-- which is not fully automated.)
& buildDepsNoHaskellLibs
- & autobuilder crontimes timeout True
+ & autobuilder "armel" crontimes timeout
`requires` tree "armel"
- & Ssh.keyImported SshRsa builduser
+ & Ssh.keyImported SshRsa builduser (Context "armel-git-annex-builder")
& trivial writecompanionaddress
where
writecompanionaddress = scriptProperty
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 120ea611..c770907b 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -16,6 +16,7 @@ import qualified Propellor.Property.Obnam as Obnam
import qualified Propellor.Property.Apache as Apache
import Utility.SafeCommand
import Utility.FileMode
+import Utility.Path
import Data.List
import System.Posix.Files
@@ -28,7 +29,7 @@ oldUseNetServer hosts = propertyList ("olduse.net server")
[ "--repository=sftp://2318@usw-s002.rsync.net/~/olduse.net"
, "--client-name=spool"
] Obnam.OnlyClient
- `requires` Ssh.keyImported SshRsa "root"
+ `requires` Ssh.keyImported SshRsa "root" (Context "olduse.net")
`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
, check (not . isSymbolicLink <$> getSymbolicLinkStatus newsspool) $
property "olduse.net spool in place" $ makeChange $ do
@@ -84,37 +85,44 @@ oldUseNetInstalled pkg = check (not <$> Apt.isInstalled pkg) $
, "dpkg -i ../" ++ pkg ++ "_*.deb || true"
, "apt-get -fy install" -- dependencies
, "rm -rf /root/tmp/oldusenet"
+ -- screen fails unless the directory has this mode.
+ -- not sure what's going on.
+ , "chmod 777 /var/run/screen"
] `describe` "olduse.net built"
]
kgbServer :: Property
-kgbServer = withOS desc $ \o -> case o of
- (Just (System (Debian Unstable) _)) ->
- ensureProperty $ propertyList desc
- [ Apt.serviceInstalledRunning "kgb-bot"
- , File.hasPrivContent "/etc/kgb-bot/kgb.conf"
- `onChange` Service.restarted "kgb-bot"
- , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
- `describe` "kgb bot enabled"
- `onChange` Service.running "kgb-bot"
- ]
- _ -> error "kgb server needs Debian unstable (for kgb-bot 1.31+)"
+kgbServer = propertyList desc
+ [ withOS desc $ \o -> case o of
+ (Just (System (Debian Unstable) _)) ->
+ ensureProperty $ propertyList desc
+ [ Apt.serviceInstalledRunning "kgb-bot"
+ , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
+ `describe` "kgb bot enabled"
+ `onChange` Service.running "kgb-bot"
+ ]
+ _ -> error "kgb server needs Debian unstable (for kgb-bot 1.31+)"
+ , File.hasPrivContent "/etc/kgb-bot/kgb.conf" anyContext
+ `onChange` Service.restarted "kgb-bot"
+ ]
where
desc = "kgb.kitenet.net setup"
mumbleServer :: [Host] -> Property
-mumbleServer hosts = combineProperties "mumble.debian.net"
+mumbleServer hosts = combineProperties hn
[ Apt.serviceInstalledRunning "mumble-server"
, Obnam.latestVersion
, Obnam.backup "/var/lib/mumble-server" "55 5 * * *"
- [ "--repository=sftp://joey@turtle.kitenet.net/~/lib/backup/mumble.debian.net.obnam"
+ [ "--repository=sftp://joey@turtle.kitenet.net/~/lib/backup/" ++ hn ++ ".obnam"
, "--client-name=mumble"
] Obnam.OnlyClient
- `requires` Ssh.keyImported SshRsa "root"
+ `requires` Ssh.keyImported SshRsa "root" (Context hn)
`requires` Ssh.knownHost hosts "turtle.kitenet.net" "root"
, trivial $ cmdProperty "chown" ["-R", "mumble-server:mumble-server", "/var/lib/mumble-server"]
]
+ where
+ hn = "mumble.debian.net"
obnamLowMem :: Property
obnamLowMem = combineProperties "obnam tuned for low memory use"
@@ -137,16 +145,16 @@ gitServer hosts = propertyList "git.kitenet.net setup"
, "--client-name=wren"
] Obnam.OnlyClient
`requires` Gpg.keyImported "1B169BE1" "root"
- `requires` Ssh.keyImported SshRsa "root"
+ `requires` Ssh.keyImported SshRsa "root" (Context "git.kitenet.net")
`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
- `requires` Ssh.authorizedKeys "family"
+ `requires` Ssh.authorizedKeys "family" (Context "git.kitenet.net")
`requires` User.accountFor "family"
, Apt.installed ["git", "rsync", "gitweb"]
-- backport avoids channel flooding on branch merge
, Apt.installedBackport ["kgb-client"]
-- backport supports ssh event notification
, Apt.installedBackport ["git-annex"]
- , File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf"
+ , File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf" anyContext
, toProp $ Git.daemonRunning "/srv/git"
, "/etc/gitweb.conf" `File.containsLines`
[ "$projectroot = '/srv/git';"
@@ -198,7 +206,7 @@ annexWebSite hosts origin hn uuid remotes = propertyList (hn ++" website using g
dir = "/srv/web/" ++ hn
postupdatehook = dir </> ".git/hooks/post-update"
setup = userScriptProperty "joey" setupscript
- `requires` Ssh.keyImported SshRsa "joey"
+ `requires` Ssh.keyImported SshRsa "joey" (Context hn)
`requires` Ssh.knownHost hosts "turtle.kitenet.net" "joey"
setupscript =
[ "cd " ++ shellEscape dir
@@ -266,9 +274,9 @@ mainhttpscert True =
gitAnnexDistributor :: Property
gitAnnexDistributor = combineProperties "git-annex distributor, including rsync server and signer"
[ Apt.installed ["rsync"]
- , File.hasPrivContent "/etc/rsyncd.conf"
+ , File.hasPrivContent "/etc/rsyncd.conf" (Context "git-annex distributor")
`onChange` Service.restarted "rsync"
- , File.hasPrivContent "/etc/rsyncd.secrets"
+ , File.hasPrivContent "/etc/rsyncd.secrets" (Context "git-annex distributor")
`onChange` Service.restarted "rsync"
, "/etc/default/rsync" `File.containsLine` "RSYNC_ENABLE=true"
`onChange` Service.running "rsync"
@@ -310,10 +318,13 @@ ircBouncer :: Property
ircBouncer = propertyList "IRC bouncer"
[ Apt.installed ["znc"]
, User.accountFor "znc"
- , File.hasPrivContent conf
+ , File.dirExists (parentDir conf)
+ , File.hasPrivContent conf anyContext
, File.ownerGroup conf "znc" "znc"
, Cron.job "znconboot" "@reboot" "znc" "~" "znc"
- , Cron.job "zncrunning" "@hourly" "znc" "~" "znc || true"
+ -- ensure running if it was not already
+ , trivial $ userScriptProperty "znc" ["znc || true"]
+ `describe` "znc running"
]
where
conf = "/home/znc/.znc/configs/znc.conf"
@@ -335,7 +346,7 @@ githubBackup :: Property
githubBackup = propertyList "github-backup box"
[ Apt.installed ["github-backup", "moreutils"]
, let f = "/home/joey/.github-keys"
- in File.hasPrivContent f
+ in File.hasPrivContent f anyContext
`onChange` File.ownerGroup f "joey" "joey"
]
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index 061f440c..6785ede6 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -72,46 +72,46 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys"
[ Param "-c"
, Param "rm -f /etc/ssh/ssh_host_*"
]
- ensureProperty $
- cmdProperty "/var/lib/dpkg/info/openssh-server.postinst"
- ["configure"]
-
--- | Sets ssh host keys from the site's PrivData.
---
--- (Uses a null username for host keys.)
-hostKey :: SshKeyType -> Property
-hostKey keytype = combineProperties desc
- [ property desc (install writeFile (SshPubKey keytype "") ".pub")
- , property desc (install writeFileProtected (SshPrivKey keytype "") "")
+ ensureProperty $ scriptProperty
+ [ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ]
+
+-- | Sets ssh host keys.
+hostKey :: SshKeyType -> Context -> Property
+hostKey keytype context = combineProperties desc
+ [ installkey (SshPubKey keytype "") (install writeFile ".pub")
+ , installkey (SshPrivKey keytype "") (install writeFileProtected "")
]
`onChange` restartSshd
where
desc = "known ssh host key (" ++ fromKeyType keytype ++ ")"
- install writer p ext = withPrivData p $ \key -> do
+ installkey p a = withPrivData p context $ \getkey ->
+ property desc $ getkey a
+ install writer ext key = do
let f = "/etc/ssh/ssh_host_" ++ fromKeyType keytype ++ "_key" ++ ext
s <- liftIO $ readFileStrict f
if s == key
then noChange
else makeChange $ writer f key
--- | Sets up a user with a ssh private key and public key pair
--- from the site's PrivData.
-keyImported :: SshKeyType -> UserName -> Property
-keyImported keytype user = combineProperties desc
- [ property desc (install writeFile (SshPubKey keytype user) ".pub")
- , property desc (install writeFileProtected (SshPrivKey keytype user) "")
+-- | Sets up a user with a ssh private key and public key pair from the
+-- PrivData.
+keyImported :: SshKeyType -> UserName -> Context -> Property
+keyImported keytype user context = combineProperties desc
+ [ installkey (SshPubKey keytype user) (install writeFile ".pub")
+ , installkey (SshPrivKey keytype user) (install writeFileProtected "")
]
where
desc = user ++ " has ssh key (" ++ fromKeyType keytype ++ ")"
- install writer p ext = do
+ installkey p a = withPrivData p context $ \getkey ->
+ property desc $ getkey a
+ install writer ext key = do
f <- liftIO $ keyfile ext
ifM (liftIO $ doesFileExist f)
( noChange
, ensureProperties
- [ property desc $
- withPrivData p $ \key -> makeChange $ do
- createDirectoryIfMissing True (takeDirectory f)
- writer f key
+ [ property desc $ makeChange $ do
+ createDirectoryIfMissing True (takeDirectory f)
+ writer f key
, File.ownerGroup f user user
, File.ownerGroup (takeDirectory f) user user
]
@@ -144,9 +144,9 @@ knownHost hosts hn user = property desc $
return FailedChange
-- | Makes a user have authorized_keys from the PrivData
-authorizedKeys :: UserName -> Property
-authorizedKeys user = property (user ++ " has authorized_keys") $
- withPrivData (SshAuthorizedKeys user) $ \v -> do
+authorizedKeys :: UserName -> Context -> Property
+authorizedKeys user context = withPrivData (SshAuthorizedKeys user) context $ \get ->
+ property (user ++ " has authorized_keys") $ get $ \v -> do
f <- liftIO $ dotFile "authorized_keys" user
liftIO $ do
createDirectoryIfMissing True (takeDirectory f)
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index eef2a57e..f9c400a8 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -24,17 +24,18 @@ nuked user _ = check (isJust <$> catchMaybeIO (homedir user)) $ cmdProperty "use
-- | Only ensures that the user has some password set. It may or may
-- not be the password from the PrivData.
-hasSomePassword :: UserName -> Property
-hasSomePassword user = check ((/= HasPassword) <$> getPasswordStatus user) $
- hasPassword user
-
-hasPassword :: UserName -> Property
-hasPassword user = property (user ++ " has password") $
- withPrivData (Password user) $ \password -> makeChange $
- withHandle StdinHandle createProcessSuccess
- (proc "chpasswd" []) $ \h -> do
- hPutStrLn h $ user ++ ":" ++ password
- hClose h
+hasSomePassword :: UserName -> Context -> Property
+hasSomePassword user context = check ((/= HasPassword) <$> getPasswordStatus user) $
+ hasPassword user context
+
+hasPassword :: UserName -> Context -> Property
+hasPassword user context = withPrivData (Password user) context $ \getpassword ->
+ property (user ++ " has password") $
+ getpassword $ \password -> makeChange $
+ withHandle StdinHandle createProcessSuccess
+ (proc "chpasswd" []) $ \h -> do
+ hPutStrLn h $ user ++ ":" ++ password
+ hClose h
lockedPassword :: UserName -> Property
lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd"
diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs
index 383797a9..037cd962 100644
--- a/src/Propellor/Types.hs
+++ b/src/Propellor/Types.hs
@@ -17,7 +17,9 @@ module Propellor.Types
, ActionResult(..)
, CmdLine(..)
, PrivDataField(..)
- , GpgKeyId
+ , PrivData
+ , Context(..)
+ , anyContext
, SshKeyType(..)
, module Propellor.Types.OS
, module Propellor.Types.Dns
@@ -32,6 +34,7 @@ import "MonadCatchIO-transformers" Control.Monad.CatchIO
import Propellor.Types.Info
import Propellor.Types.OS
import Propellor.Types.Dns
+import Propellor.Types.PrivData
-- | Everything Propellor knows about a system: Its hostname,
-- properties and other info.
@@ -135,28 +138,12 @@ data CmdLine
= Run HostName
| Spin HostName
| Boot HostName
- | Set HostName PrivDataField
- | Dump HostName PrivDataField
+ | Set PrivDataField Context
+ | Dump PrivDataField Context
+ | Edit PrivDataField Context
+ | ListFields
| AddKey String
| Continue CmdLine
| Chain HostName
| Docker HostName
deriving (Read, Show, Eq)
-
--- | Note that removing or changing field names will break the
--- serialized privdata files, so don't do that!
--- It's fine to add new fields.
-data PrivDataField
- = DockerAuthentication
- | SshPubKey SshKeyType UserName
- | SshPrivKey SshKeyType UserName
- | SshAuthorizedKeys UserName
- | Password UserName
- | PrivFile FilePath
- | GpgKey GpgKeyId
- deriving (Read, Show, Ord, Eq)
-
-type GpgKeyId = String
-
-data SshKeyType = SshRsa | SshDsa | SshEcdsa | SshEd25519
- deriving (Read, Show, Ord, Eq)
diff --git a/src/Propellor/Types/Info.hs b/src/Propellor/Types/Info.hs
index 5f034492..8856e06f 100644
--- a/src/Propellor/Types/Info.hs
+++ b/src/Propellor/Types/Info.hs
@@ -1,6 +1,7 @@
module Propellor.Types.Info where
import Propellor.Types.OS
+import Propellor.Types.PrivData
import qualified Propellor.Types.Dns as Dns
import qualified Data.Set as S
@@ -9,6 +10,7 @@ import Data.Monoid
-- | Information about a host.
data Info = Info
{ _os :: Val System
+ , _privDataFields :: S.Set (PrivDataField, Context)
, _sshPubKey :: Val String
, _dns :: S.Set Dns.Record
, _namedconf :: Dns.NamedConfMap
@@ -17,9 +19,10 @@ data Info = Info
deriving (Eq, Show)
instance Monoid Info where
- mempty = Info mempty mempty mempty mempty mempty
+ mempty = Info mempty mempty mempty mempty mempty mempty
mappend old new = Info
{ _os = _os old <> _os new
+ , _privDataFields = _privDataFields old <> _privDataFields new
, _sshPubKey = _sshPubKey old <> _sshPubKey new
, _dns = _dns old <> _dns new
, _namedconf = _namedconf old <> _namedconf new
diff --git a/src/Propellor/Types/PrivData.hs b/src/Propellor/Types/PrivData.hs
new file mode 100644
index 00000000..16d6cdb1
--- /dev/null
+++ b/src/Propellor/Types/PrivData.hs
@@ -0,0 +1,34 @@
+module Propellor.Types.PrivData where
+
+import Propellor.Types.OS
+
+-- | Note that removing or changing field names will break the
+-- serialized privdata files, so don't do that!
+-- It's fine to add new fields.
+data PrivDataField
+ = DockerAuthentication
+ | SshPubKey SshKeyType UserName
+ | SshPrivKey SshKeyType UserName
+ | SshAuthorizedKeys UserName
+ | Password UserName
+ | PrivFile FilePath
+ | GpgKey
+ deriving (Read, Show, Ord, Eq)
+
+-- | Context in which a PrivDataField is used.
+--
+-- Often this will be a domain name. For example,
+-- Context "www.example.com" could be used for the SSL cert
+-- for the web server serving that domain. Multiple hosts might
+-- use that privdata.
+newtype Context = Context String
+ deriving (Read, Show, Ord, Eq)
+
+-- | Use when a PrivDataField is not dependent on any paricular context.
+anyContext :: Context
+anyContext = Context "any"
+
+type PrivData = String
+
+data SshKeyType = SshRsa | SshDsa | SshEcdsa | SshEd25519
+ deriving (Read, Show, Ord, Eq)
diff --git a/src/Utility/Table.hs b/src/Utility/Table.hs
new file mode 100644
index 00000000..910038e8
--- /dev/null
+++ b/src/Utility/Table.hs
@@ -0,0 +1,28 @@
+{- text based table generation
+ -
+ - Copyright 2014 Joey Hess <joey@kitenet.net>
+ -
+ - License: BSD-2-clause
+ -}
+
+module Utility.Table where
+
+type Table = [[String]]
+
+-- | A table with a header that is set off with lines under each
+-- header item.
+tableWithHeader :: [String] -> [[String]] -> Table
+tableWithHeader header rows = header : map linesep header : rows
+ where
+ linesep = map (const '-')
+
+-- | Formats a table to lines, automatically padding rows to the same size.
+formatTable :: Table -> [String]
+formatTable table = map (\r -> unwords (map pad (zip r rowsizes))) table
+ where
+ pad (cell, size) = cell ++ take (size - length cell) padding
+ padding = repeat ' '
+ rowsizes = sumrows (map (map length) table)
+ sumrows [] = repeat 0
+ sumrows [r] = r
+ sumrows (r1:r2:rs) = sumrows $ map (uncurry max) (zip r1 r2) : rs